diff --git a/samtranslator/__init__.py b/samtranslator/__init__.py index 8e4d66c70f..08b90208a7 100644 --- a/samtranslator/__init__.py +++ b/samtranslator/__init__.py @@ -1 +1 @@ -__version__ = "1.99.0" +__version__ = "1.100.0" diff --git a/samtranslator/internal/data/aws_managed_policies.json b/samtranslator/internal/data/aws_managed_policies.json index c4f2cb9dde..506cf33067 100644 --- a/samtranslator/internal/data/aws_managed_policies.json +++ b/samtranslator/internal/data/aws_managed_policies.json @@ -2408,5 +2408,1208 @@ "WAFV2LoggingServiceRolePolicy": "arn:aws-us-gov:iam::aws:policy/aws-service-role/WAFV2LoggingServiceRolePolicy", "WellArchitectedConsoleFullAccess": "arn:aws-us-gov:iam::aws:policy/WellArchitectedConsoleFullAccess", "WellArchitectedConsoleReadOnlyAccess": "arn:aws-us-gov:iam::aws:policy/WellArchitectedConsoleReadOnlyAccess" + }, + "aws-eusc": { + "AccessAnalyzerServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AccessAnalyzerServiceRolePolicy", + "AdministratorAccess-Amplify": "arn:aws-eusc:iam::aws:policy/AdministratorAccess-Amplify", + "AdministratorAccess": "arn:aws-eusc:iam::aws:policy/AdministratorAccess", + "AdministratorAccess-AWSElasticBeanstalk": "arn:aws-eusc:iam::aws:policy/AdministratorAccess-AWSElasticBeanstalk", + "AlexaForBusinessDeviceSetup": "arn:aws-eusc:iam::aws:policy/AlexaForBusinessDeviceSetup", + "AlexaForBusinessFullAccess": "arn:aws-eusc:iam::aws:policy/AlexaForBusinessFullAccess", + "AlexaForBusinessGatewayExecution": "arn:aws-eusc:iam::aws:policy/AlexaForBusinessGatewayExecution", + "AlexaForBusinessLifesizeDelegatedAccessPolicy": "arn:aws-eusc:iam::aws:policy/AlexaForBusinessLifesizeDelegatedAccessPolicy", + "AlexaForBusinessNetworkProfileServicePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AlexaForBusinessNetworkProfileServicePolicy", + "AlexaForBusinessPolyDelegatedAccessPolicy": "arn:aws-eusc:iam::aws:policy/AlexaForBusinessPolyDelegatedAccessPolicy", + "AlexaForBusinessReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AlexaForBusinessReadOnlyAccess", + "AmazonAPIGatewayAdministrator": "arn:aws-eusc:iam::aws:policy/AmazonAPIGatewayAdministrator", + "AmazonAPIGatewayInvokeFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonAPIGatewayInvokeFullAccess", + "AmazonAPIGatewayPushToCloudWatchLogs": "arn:aws-eusc:iam::aws:policy/service-role/AmazonAPIGatewayPushToCloudWatchLogs", + "AmazonAppFlowFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonAppFlowFullAccess", + "AmazonAppFlowReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonAppFlowReadOnlyAccess", + "AmazonAppStreamFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonAppStreamFullAccess", + "AmazonAppStreamPCAAccess": "arn:aws-eusc:iam::aws:policy/service-role/AmazonAppStreamPCAAccess", + "AmazonAppStreamReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonAppStreamReadOnlyAccess", + "AmazonAppStreamServiceAccess": "arn:aws-eusc:iam::aws:policy/service-role/AmazonAppStreamServiceAccess", + "AmazonAthenaFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonAthenaFullAccess", + "AmazonAugmentedAIFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonAugmentedAIFullAccess", + "AmazonAugmentedAIHumanLoopFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonAugmentedAIHumanLoopFullAccess", + "AmazonAugmentedAIIntegratedAPIAccess": "arn:aws-eusc:iam::aws:policy/AmazonAugmentedAIIntegratedAPIAccess", + "AmazonBedrockFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonBedrockFullAccess", + "AmazonBedrockReadOnly": "arn:aws-eusc:iam::aws:policy/AmazonBedrockReadOnly", + "AmazonBraketFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonBraketFullAccess", + "AmazonBraketJobsExecutionPolicy": "arn:aws-eusc:iam::aws:policy/AmazonBraketJobsExecutionPolicy", + "AmazonBraketServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonBraketServiceRolePolicy", + "AmazonChimeFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonChimeFullAccess", + "AmazonChimeReadOnly": "arn:aws-eusc:iam::aws:policy/AmazonChimeReadOnly", + "AmazonChimeSDK": "arn:aws-eusc:iam::aws:policy/AmazonChimeSDK", + "AmazonChimeSDKMediaPipelinesServiceLinkedRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonChimeSDKMediaPipelinesServiceLinkedRolePolicy", + "AmazonChimeSDKMessagingServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonChimeSDKMessagingServiceRolePolicy", + "AmazonChimeServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonChimeServiceRolePolicy", + "AmazonChimeTranscriptionServiceLinkedRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonChimeTranscriptionServiceLinkedRolePolicy", + "AmazonChimeUserManagement": "arn:aws-eusc:iam::aws:policy/AmazonChimeUserManagement", + "AmazonChimeVoiceConnectorServiceLinkedRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonChimeVoiceConnectorServiceLinkedRolePolicy", + "AmazonCloudDirectoryFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonCloudDirectoryFullAccess", + "AmazonCloudDirectoryReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonCloudDirectoryReadOnlyAccess", + "AmazonCloudWatchEvidentlyFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonCloudWatchEvidentlyFullAccess", + "AmazonCloudWatchEvidentlyReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonCloudWatchEvidentlyReadOnlyAccess", + "AmazonCloudWatchEvidentlyServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonCloudWatchEvidentlyServiceRolePolicy", + "AmazonCloudWatchRUMFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonCloudWatchRUMFullAccess", + "AmazonCloudWatchRUMReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonCloudWatchRUMReadOnlyAccess", + "AmazonCloudWatchRUMServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonCloudWatchRUMServiceRolePolicy", + "AmazonCodeCatalystFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonCodeCatalystFullAccess", + "AmazonCodeCatalystReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonCodeCatalystReadOnlyAccess", + "AmazonCodeCatalystSupportAccess": "arn:aws-eusc:iam::aws:policy/service-role/AmazonCodeCatalystSupportAccess", + "AmazonCodeGuruProfilerAgentAccess": "arn:aws-eusc:iam::aws:policy/AmazonCodeGuruProfilerAgentAccess", + "AmazonCodeGuruProfilerFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonCodeGuruProfilerFullAccess", + "AmazonCodeGuruProfilerReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonCodeGuruProfilerReadOnlyAccess", + "AmazonCodeGuruReviewerFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonCodeGuruReviewerFullAccess", + "AmazonCodeGuruReviewerReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonCodeGuruReviewerReadOnlyAccess", + "AmazonCodeGuruReviewerServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonCodeGuruReviewerServiceRolePolicy", + "AmazonCodeGuruSecurityFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonCodeGuruSecurityFullAccess", + "AmazonCodeGuruSecurityScanAccess": "arn:aws-eusc:iam::aws:policy/AmazonCodeGuruSecurityScanAccess", + "AmazonCognitoDeveloperAuthenticatedIdentities": "arn:aws-eusc:iam::aws:policy/AmazonCognitoDeveloperAuthenticatedIdentities", + "AmazonCognitoIdpEmailServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonCognitoIdpEmailServiceRolePolicy", + "AmazonCognitoIdpServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonCognitoIdpServiceRolePolicy", + "AmazonCognitoPowerUser": "arn:aws-eusc:iam::aws:policy/AmazonCognitoPowerUser", + "AmazonCognitoReadOnly": "arn:aws-eusc:iam::aws:policy/AmazonCognitoReadOnly", + "AmazonCognitoUnAuthedIdentitiesSessionPolicy": "arn:aws-eusc:iam::aws:policy/AmazonCognitoUnAuthedIdentitiesSessionPolicy", + "AmazonCognitoUnauthenticatedIdentities": "arn:aws-eusc:iam::aws:policy/AmazonCognitoUnauthenticatedIdentities", + "AmazonConnectCampaignsServiceLinkedRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonConnectCampaignsServiceLinkedRolePolicy", + "AmazonConnect_FullAccess": "arn:aws-eusc:iam::aws:policy/AmazonConnect_FullAccess", + "AmazonConnectReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonConnectReadOnlyAccess", + "AmazonConnectServiceLinkedRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonConnectServiceLinkedRolePolicy", + "AmazonConnectSynchronizationServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonConnectSynchronizationServiceRolePolicy", + "AmazonConnectVoiceIDFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonConnectVoiceIDFullAccess", + "AmazonDataZoneDomainExecutionRolePolicy": "arn:aws-eusc:iam::aws:policy/service-role/AmazonDataZoneDomainExecutionRolePolicy", + "AmazonDataZoneEnvironmentRolePermissionsBoundary": "arn:aws-eusc:iam::aws:policy/AmazonDataZoneEnvironmentRolePermissionsBoundary", + "AmazonDataZoneFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonDataZoneFullAccess", + "AmazonDataZoneFullUserAccess": "arn:aws-eusc:iam::aws:policy/AmazonDataZoneFullUserAccess", + "AmazonDataZoneGlueManageAccessRolePolicy": "arn:aws-eusc:iam::aws:policy/service-role/AmazonDataZoneGlueManageAccessRolePolicy", + "AmazonDataZoneRedshiftGlueProvisioningPolicy": "arn:aws-eusc:iam::aws:policy/AmazonDataZoneRedshiftGlueProvisioningPolicy", + "AmazonDataZoneRedshiftManageAccessRolePolicy": "arn:aws-eusc:iam::aws:policy/service-role/AmazonDataZoneRedshiftManageAccessRolePolicy", + "AmazonDataZoneSageMakerEnvironmentRolePermissionsBoundary": "arn:aws-eusc:iam::aws:policy/AmazonDataZoneSageMakerEnvironmentRolePermissionsBoundary", + "AmazonDataZoneSageMakerManageAccessRolePolicy": "arn:aws-eusc:iam::aws:policy/AmazonDataZoneSageMakerManageAccessRolePolicy", + "AmazonDataZoneSageMakerProvisioningRolePolicy": "arn:aws-eusc:iam::aws:policy/AmazonDataZoneSageMakerProvisioningRolePolicy", + "AmazonDetectiveFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonDetectiveFullAccess", + "AmazonDetectiveInvestigatorAccess": "arn:aws-eusc:iam::aws:policy/AmazonDetectiveInvestigatorAccess", + "AmazonDetectiveMemberAccess": "arn:aws-eusc:iam::aws:policy/AmazonDetectiveMemberAccess", + "AmazonDetectiveOrganizationsAccess": "arn:aws-eusc:iam::aws:policy/AmazonDetectiveOrganizationsAccess", + "AmazonDetectiveServiceLinkedRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonDetectiveServiceLinkedRolePolicy", + "AmazonDevOpsGuruConsoleFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonDevOpsGuruConsoleFullAccess", + "AmazonDevOpsGuruFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonDevOpsGuruFullAccess", + "AmazonDevOpsGuruOrganizationsAccess": "arn:aws-eusc:iam::aws:policy/AmazonDevOpsGuruOrganizationsAccess", + "AmazonDevOpsGuruReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonDevOpsGuruReadOnlyAccess", + "AmazonDevOpsGuruServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonDevOpsGuruServiceRolePolicy", + "AmazonDMSCloudWatchLogsRole": "arn:aws-eusc:iam::aws:policy/service-role/AmazonDMSCloudWatchLogsRole", + "AmazonDMSRedshiftS3Role": "arn:aws-eusc:iam::aws:policy/service-role/AmazonDMSRedshiftS3Role", + "AmazonDMSVPCManagementRole": "arn:aws-eusc:iam::aws:policy/service-role/AmazonDMSVPCManagementRole", + "AmazonDocDBConsoleFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonDocDBConsoleFullAccess", + "AmazonDocDBElasticFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonDocDBElasticFullAccess", + "AmazonDocDBElasticReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonDocDBElasticReadOnlyAccess", + "AmazonDocDB-ElasticServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonDocDB-ElasticServiceRolePolicy", + "AmazonDocDBFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonDocDBFullAccess", + "AmazonDocDBReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonDocDBReadOnlyAccess", + "AmazonDRSVPCManagement": "arn:aws-eusc:iam::aws:policy/AmazonDRSVPCManagement", + "AmazonDynamoDBFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonDynamoDBFullAccess", + "AmazonDynamoDBFullAccess_v2": "arn:aws-eusc:iam::aws:policy/AmazonDynamoDBFullAccess_v2", + "AmazonDynamoDBFullAccesswithDataPipeline": "arn:aws-eusc:iam::aws:policy/AmazonDynamoDBFullAccesswithDataPipeline", + "AmazonDynamoDBReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonDynamoDBReadOnlyAccess", + "AmazonEBSCSIDriverPolicy": "arn:aws-eusc:iam::aws:policy/service-role/AmazonEBSCSIDriverPolicy", + "AmazonEC2ContainerRegistryFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonEC2ContainerRegistryFullAccess", + "AmazonEC2ContainerRegistryPowerUser": "arn:aws-eusc:iam::aws:policy/AmazonEC2ContainerRegistryPowerUser", + "AmazonEC2ContainerRegistryReadOnly": "arn:aws-eusc:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly", + "AmazonEC2ContainerServiceAutoscaleRole": "arn:aws-eusc:iam::aws:policy/service-role/AmazonEC2ContainerServiceAutoscaleRole", + "AmazonEC2ContainerServiceEventsRole": "arn:aws-eusc:iam::aws:policy/service-role/AmazonEC2ContainerServiceEventsRole", + "AmazonEC2ContainerServiceforEC2Role": "arn:aws-eusc:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role", + "AmazonEC2ContainerServiceRole": "arn:aws-eusc:iam::aws:policy/service-role/AmazonEC2ContainerServiceRole", + "AmazonEC2FullAccess": "arn:aws-eusc:iam::aws:policy/AmazonEC2FullAccess", + "AmazonEC2ReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonEC2ReadOnlyAccess", + "AmazonEC2RoleforAWSCodeDeploy": "arn:aws-eusc:iam::aws:policy/service-role/AmazonEC2RoleforAWSCodeDeploy", + "AmazonEC2RoleforAWSCodeDeployLimited": "arn:aws-eusc:iam::aws:policy/service-role/AmazonEC2RoleforAWSCodeDeployLimited", + "AmazonEC2RoleforDataPipelineRole": "arn:aws-eusc:iam::aws:policy/service-role/AmazonEC2RoleforDataPipelineRole", + "AmazonEC2RoleforSSM": "arn:aws-eusc:iam::aws:policy/service-role/AmazonEC2RoleforSSM", + "AmazonEC2RolePolicyForLaunchWizard": "arn:aws-eusc:iam::aws:policy/AmazonEC2RolePolicyForLaunchWizard", + "AmazonEC2SpotFleetAutoscaleRole": "arn:aws-eusc:iam::aws:policy/service-role/AmazonEC2SpotFleetAutoscaleRole", + "AmazonEC2SpotFleetTaggingRole": "arn:aws-eusc:iam::aws:policy/service-role/AmazonEC2SpotFleetTaggingRole", + "AmazonECS_FullAccess": "arn:aws-eusc:iam::aws:policy/AmazonECS_FullAccess", + "AmazonECSInfrastructureRolePolicyForServiceConnectTransportLayerSecurity": "arn:aws-eusc:iam::aws:policy/service-role/AmazonECSInfrastructureRolePolicyForServiceConnectTransportLayerSecurity", + "AmazonECSInfrastructureRolePolicyForVolumes": "arn:aws-eusc:iam::aws:policy/service-role/AmazonECSInfrastructureRolePolicyForVolumes", + "AmazonECSServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonECSServiceRolePolicy", + "AmazonECSTaskExecutionRolePolicy": "arn:aws-eusc:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy", + "AmazonEFSCSIDriverPolicy": "arn:aws-eusc:iam::aws:policy/service-role/AmazonEFSCSIDriverPolicy", + "AmazonEKSClusterPolicy": "arn:aws-eusc:iam::aws:policy/AmazonEKSClusterPolicy", + "AmazonEKS_CNI_Policy": "arn:aws-eusc:iam::aws:policy/AmazonEKS_CNI_Policy", + "AmazonEKSConnectorServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonEKSConnectorServiceRolePolicy", + "AmazonEKSFargatePodExecutionRolePolicy": "arn:aws-eusc:iam::aws:policy/AmazonEKSFargatePodExecutionRolePolicy", + "AmazonEKSForFargateServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonEKSForFargateServiceRolePolicy", + "AmazonEKSLocalOutpostClusterPolicy": "arn:aws-eusc:iam::aws:policy/AmazonEKSLocalOutpostClusterPolicy", + "AmazonEKSLocalOutpostServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonEKSLocalOutpostServiceRolePolicy", + "AmazonEKSServicePolicy": "arn:aws-eusc:iam::aws:policy/AmazonEKSServicePolicy", + "AmazonEKSServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonEKSServiceRolePolicy", + "AmazonEKSVPCResourceController": "arn:aws-eusc:iam::aws:policy/AmazonEKSVPCResourceController", + "AmazonEKSWorkerNodePolicy": "arn:aws-eusc:iam::aws:policy/AmazonEKSWorkerNodePolicy", + "AmazonElastiCacheFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonElastiCacheFullAccess", + "AmazonElastiCacheReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonElastiCacheReadOnlyAccess", + "AmazonElasticContainerRegistryPublicFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonElasticContainerRegistryPublicFullAccess", + "AmazonElasticContainerRegistryPublicPowerUser": "arn:aws-eusc:iam::aws:policy/AmazonElasticContainerRegistryPublicPowerUser", + "AmazonElasticContainerRegistryPublicReadOnly": "arn:aws-eusc:iam::aws:policy/AmazonElasticContainerRegistryPublicReadOnly", + "AmazonElasticFileSystemClientFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonElasticFileSystemClientFullAccess", + "AmazonElasticFileSystemClientReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonElasticFileSystemClientReadOnlyAccess", + "AmazonElasticFileSystemClientReadWriteAccess": "arn:aws-eusc:iam::aws:policy/AmazonElasticFileSystemClientReadWriteAccess", + "AmazonElasticFileSystemFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonElasticFileSystemFullAccess", + "AmazonElasticFileSystemReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonElasticFileSystemReadOnlyAccess", + "AmazonElasticFileSystemServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonElasticFileSystemServiceRolePolicy", + "AmazonElasticFileSystemsUtils": "arn:aws-eusc:iam::aws:policy/AmazonElasticFileSystemsUtils", + "AmazonElasticMapReduceEditorsRole": "arn:aws-eusc:iam::aws:policy/service-role/AmazonElasticMapReduceEditorsRole", + "AmazonElasticMapReduceforAutoScalingRole": "arn:aws-eusc:iam::aws:policy/service-role/AmazonElasticMapReduceforAutoScalingRole", + "AmazonElasticMapReduceforEC2Role": "arn:aws-eusc:iam::aws:policy/service-role/AmazonElasticMapReduceforEC2Role", + "AmazonElasticMapReduceFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonElasticMapReduceFullAccess", + "AmazonElasticMapReducePlacementGroupPolicy": "arn:aws-eusc:iam::aws:policy/AmazonElasticMapReducePlacementGroupPolicy", + "AmazonElasticMapReduceReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonElasticMapReduceReadOnlyAccess", + "AmazonElasticMapReduceRole": "arn:aws-eusc:iam::aws:policy/service-role/AmazonElasticMapReduceRole", + "AmazonElasticsearchServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonElasticsearchServiceRolePolicy", + "AmazonElasticTranscoder_FullAccess": "arn:aws-eusc:iam::aws:policy/AmazonElasticTranscoder_FullAccess", + "AmazonElasticTranscoder_JobsSubmitter": "arn:aws-eusc:iam::aws:policy/AmazonElasticTranscoder_JobsSubmitter", + "AmazonElasticTranscoder_ReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonElasticTranscoder_ReadOnlyAccess", + "AmazonElasticTranscoderRole": "arn:aws-eusc:iam::aws:policy/service-role/AmazonElasticTranscoderRole", + "AmazonEMRCleanupPolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonEMRCleanupPolicy", + "AmazonEMRContainersServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonEMRContainersServiceRolePolicy", + "AmazonEMRFullAccessPolicy_v2": "arn:aws-eusc:iam::aws:policy/AmazonEMRFullAccessPolicy_v2", + "AmazonEMRReadOnlyAccessPolicy_v2": "arn:aws-eusc:iam::aws:policy/AmazonEMRReadOnlyAccessPolicy_v2", + "AmazonEMRServerlessServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonEMRServerlessServiceRolePolicy", + "AmazonEMRServicePolicy_v2": "arn:aws-eusc:iam::aws:policy/service-role/AmazonEMRServicePolicy_v2", + "AmazonESCognitoAccess": "arn:aws-eusc:iam::aws:policy/AmazonESCognitoAccess", + "AmazonESFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonESFullAccess", + "AmazonESReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonESReadOnlyAccess", + "AmazonEventBridgeApiDestinationsServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonEventBridgeApiDestinationsServiceRolePolicy", + "AmazonEventBridgeFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonEventBridgeFullAccess", + "AmazonEventBridgePipesFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonEventBridgePipesFullAccess", + "AmazonEventBridgePipesOperatorAccess": "arn:aws-eusc:iam::aws:policy/AmazonEventBridgePipesOperatorAccess", + "AmazonEventBridgePipesReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonEventBridgePipesReadOnlyAccess", + "AmazonEventBridgeReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonEventBridgeReadOnlyAccess", + "AmazonEventBridgeSchedulerFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonEventBridgeSchedulerFullAccess", + "AmazonEventBridgeSchedulerReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonEventBridgeSchedulerReadOnlyAccess", + "AmazonEventBridgeSchemasFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonEventBridgeSchemasFullAccess", + "AmazonEventBridgeSchemasReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonEventBridgeSchemasReadOnlyAccess", + "AmazonEventBridgeSchemasServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonEventBridgeSchemasServiceRolePolicy", + "AmazonFISServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonFISServiceRolePolicy", + "AmazonForecastFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonForecastFullAccess", + "AmazonFraudDetectorFullAccessPolicy": "arn:aws-eusc:iam::aws:policy/AmazonFraudDetectorFullAccessPolicy", + "AmazonFreeRTOSFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonFreeRTOSFullAccess", + "AmazonFreeRTOSOTAUpdate": "arn:aws-eusc:iam::aws:policy/service-role/AmazonFreeRTOSOTAUpdate", + "AmazonFSxConsoleFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonFSxConsoleFullAccess", + "AmazonFSxConsoleReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonFSxConsoleReadOnlyAccess", + "AmazonFSxFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonFSxFullAccess", + "AmazonFSxReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonFSxReadOnlyAccess", + "AmazonFSxServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonFSxServiceRolePolicy", + "AmazonGlacierFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonGlacierFullAccess", + "AmazonGlacierReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonGlacierReadOnlyAccess", + "AmazonGrafanaAthenaAccess": "arn:aws-eusc:iam::aws:policy/service-role/AmazonGrafanaAthenaAccess", + "AmazonGrafanaCloudWatchAccess": "arn:aws-eusc:iam::aws:policy/service-role/AmazonGrafanaCloudWatchAccess", + "AmazonGrafanaRedshiftAccess": "arn:aws-eusc:iam::aws:policy/service-role/AmazonGrafanaRedshiftAccess", + "AmazonGrafanaServiceLinkedRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonGrafanaServiceLinkedRolePolicy", + "AmazonGuardDutyFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonGuardDutyFullAccess", + "AmazonGuardDutyMalwareProtectionServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonGuardDutyMalwareProtectionServiceRolePolicy", + "AmazonGuardDutyReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonGuardDutyReadOnlyAccess", + "AmazonGuardDutyServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonGuardDutyServiceRolePolicy", + "AmazonHealthLakeFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonHealthLakeFullAccess", + "AmazonHealthLakeReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonHealthLakeReadOnlyAccess", + "AmazonHoneycodeFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonHoneycodeFullAccess", + "AmazonHoneycodeReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonHoneycodeReadOnlyAccess", + "AmazonHoneycodeServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonHoneycodeServiceRolePolicy", + "AmazonHoneycodeTeamAssociationFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonHoneycodeTeamAssociationFullAccess", + "AmazonHoneycodeTeamAssociationReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonHoneycodeTeamAssociationReadOnlyAccess", + "AmazonHoneycodeWorkbookFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonHoneycodeWorkbookFullAccess", + "AmazonHoneycodeWorkbookReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonHoneycodeWorkbookReadOnlyAccess", + "AmazonInspector2AgentlessServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonInspector2AgentlessServiceRolePolicy", + "AmazonInspector2FullAccess": "arn:aws-eusc:iam::aws:policy/AmazonInspector2FullAccess", + "AmazonInspector2ManagedCisPolicy": "arn:aws-eusc:iam::aws:policy/AmazonInspector2ManagedCisPolicy", + "AmazonInspector2ReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonInspector2ReadOnlyAccess", + "AmazonInspector2ServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonInspector2ServiceRolePolicy", + "AmazonInspectorFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonInspectorFullAccess", + "AmazonInspectorReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonInspectorReadOnlyAccess", + "AmazonInspectorServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonInspectorServiceRolePolicy", + "AmazonKendraFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonKendraFullAccess", + "AmazonKendraReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonKendraReadOnlyAccess", + "AmazonKeyspacesFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonKeyspacesFullAccess", + "AmazonKeyspacesReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonKeyspacesReadOnlyAccess", + "AmazonKeyspacesReadOnlyAccess_v2": "arn:aws-eusc:iam::aws:policy/AmazonKeyspacesReadOnlyAccess_v2", + "AmazonKinesisAnalyticsFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonKinesisAnalyticsFullAccess", + "AmazonKinesisAnalyticsReadOnly": "arn:aws-eusc:iam::aws:policy/AmazonKinesisAnalyticsReadOnly", + "AmazonKinesisFirehoseFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonKinesisFirehoseFullAccess", + "AmazonKinesisFirehoseReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonKinesisFirehoseReadOnlyAccess", + "AmazonKinesisFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonKinesisFullAccess", + "AmazonKinesisReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonKinesisReadOnlyAccess", + "AmazonKinesisVideoStreamsFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonKinesisVideoStreamsFullAccess", + "AmazonKinesisVideoStreamsReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonKinesisVideoStreamsReadOnlyAccess", + "AmazonLaunchWizardFullAccessV2": "arn:aws-eusc:iam::aws:policy/AmazonLaunchWizardFullAccessV2", + "AmazonLexChannelsAccess": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonLexChannelsAccess", + "AmazonLexFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonLexFullAccess", + "AmazonLexReadOnly": "arn:aws-eusc:iam::aws:policy/AmazonLexReadOnly", + "AmazonLexReplicationPolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonLexReplicationPolicy", + "AmazonLexRunBotsOnly": "arn:aws-eusc:iam::aws:policy/AmazonLexRunBotsOnly", + "AmazonLexV2BotPolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonLexV2BotPolicy", + "AmazonLookoutEquipmentFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonLookoutEquipmentFullAccess", + "AmazonLookoutEquipmentReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonLookoutEquipmentReadOnlyAccess", + "AmazonLookoutMetricsFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonLookoutMetricsFullAccess", + "AmazonLookoutMetricsReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonLookoutMetricsReadOnlyAccess", + "AmazonLookoutVisionConsoleFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonLookoutVisionConsoleFullAccess", + "AmazonLookoutVisionConsoleReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonLookoutVisionConsoleReadOnlyAccess", + "AmazonLookoutVisionFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonLookoutVisionFullAccess", + "AmazonLookoutVisionReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonLookoutVisionReadOnlyAccess", + "AmazonMachineLearningBatchPredictionsAccess": "arn:aws-eusc:iam::aws:policy/AmazonMachineLearningBatchPredictionsAccess", + "AmazonMachineLearningCreateOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonMachineLearningCreateOnlyAccess", + "AmazonMachineLearningFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonMachineLearningFullAccess", + "AmazonMachineLearningManageRealTimeEndpointOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonMachineLearningManageRealTimeEndpointOnlyAccess", + "AmazonMachineLearningReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonMachineLearningReadOnlyAccess", + "AmazonMachineLearningRealTimePredictionOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonMachineLearningRealTimePredictionOnlyAccess", + "AmazonMachineLearningRoleforRedshiftDataSourceV3": "arn:aws-eusc:iam::aws:policy/service-role/AmazonMachineLearningRoleforRedshiftDataSourceV3", + "AmazonMacieFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonMacieFullAccess", + "AmazonMacieHandshakeRole": "arn:aws-eusc:iam::aws:policy/service-role/AmazonMacieHandshakeRole", + "AmazonMacieReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonMacieReadOnlyAccess", + "AmazonMacieServiceRole": "arn:aws-eusc:iam::aws:policy/service-role/AmazonMacieServiceRole", + "AmazonMacieServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonMacieServiceRolePolicy", + "AmazonManagedBlockchainConsoleFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonManagedBlockchainConsoleFullAccess", + "AmazonManagedBlockchainFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonManagedBlockchainFullAccess", + "AmazonManagedBlockchainReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonManagedBlockchainReadOnlyAccess", + "AmazonManagedBlockchainServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonManagedBlockchainServiceRolePolicy", + "AmazonMCSFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonMCSFullAccess", + "AmazonMCSReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonMCSReadOnlyAccess", + "AmazonMechanicalTurkFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonMechanicalTurkFullAccess", + "AmazonMechanicalTurkReadOnly": "arn:aws-eusc:iam::aws:policy/AmazonMechanicalTurkReadOnly", + "AmazonMemoryDBFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonMemoryDBFullAccess", + "AmazonMemoryDBReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonMemoryDBReadOnlyAccess", + "AmazonMobileAnalyticsFinancialReportAccess": "arn:aws-eusc:iam::aws:policy/AmazonMobileAnalyticsFinancialReportAccess", + "AmazonMobileAnalyticsFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonMobileAnalyticsFullAccess", + "AmazonMobileAnalyticsNon-financialReportAccess": "arn:aws-eusc:iam::aws:policy/AmazonMobileAnalyticsNon-financialReportAccess", + "AmazonMobileAnalyticsWriteOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonMobileAnalyticsWriteOnlyAccess", + "AmazonMonitronFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonMonitronFullAccess", + "AmazonMQApiFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonMQApiFullAccess", + "AmazonMQApiReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonMQApiReadOnlyAccess", + "AmazonMQFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonMQFullAccess", + "AmazonMQReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonMQReadOnlyAccess", + "AmazonMQServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonMQServiceRolePolicy", + "AmazonMSKConnectReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonMSKConnectReadOnlyAccess", + "AmazonMSKFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonMSKFullAccess", + "AmazonMSKReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonMSKReadOnlyAccess", + "AmazonMWAAServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonMWAAServiceRolePolicy", + "AmazonNimbleStudio-LaunchProfileWorker": "arn:aws-eusc:iam::aws:policy/AmazonNimbleStudio-LaunchProfileWorker", + "AmazonNimbleStudio-StudioAdmin": "arn:aws-eusc:iam::aws:policy/AmazonNimbleStudio-StudioAdmin", + "AmazonNimbleStudio-StudioUser": "arn:aws-eusc:iam::aws:policy/AmazonNimbleStudio-StudioUser", + "AmazonOmicsFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonOmicsFullAccess", + "AmazonOmicsReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonOmicsReadOnlyAccess", + "AmazonOneEnterpriseFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonOneEnterpriseFullAccess", + "AmazonOneEnterpriseInstallerAccess": "arn:aws-eusc:iam::aws:policy/AmazonOneEnterpriseInstallerAccess", + "AmazonOneEnterpriseReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonOneEnterpriseReadOnlyAccess", + "AmazonOpenSearchDashboardsServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonOpenSearchDashboardsServiceRolePolicy", + "AmazonOpenSearchDirectQueryGlueCreateAccess": "arn:aws-eusc:iam::aws:policy/AmazonOpenSearchDirectQueryGlueCreateAccess", + "AmazonOpenSearchIngestionFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonOpenSearchIngestionFullAccess", + "AmazonOpenSearchIngestionReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonOpenSearchIngestionReadOnlyAccess", + "AmazonOpenSearchIngestionServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonOpenSearchIngestionServiceRolePolicy", + "AmazonOpenSearchServerlessServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonOpenSearchServerlessServiceRolePolicy", + "AmazonOpenSearchServiceCognitoAccess": "arn:aws-eusc:iam::aws:policy/AmazonOpenSearchServiceCognitoAccess", + "AmazonOpenSearchServiceFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonOpenSearchServiceFullAccess", + "AmazonOpenSearchServiceReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonOpenSearchServiceReadOnlyAccess", + "AmazonOpenSearchServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonOpenSearchServiceRolePolicy", + "AmazonPersonalizeFullAccess": "arn:aws-eusc:iam::aws:policy/service-role/AmazonPersonalizeFullAccess", + "AmazonPollyFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonPollyFullAccess", + "AmazonPollyReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonPollyReadOnlyAccess", + "AmazonPrometheusConsoleFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonPrometheusConsoleFullAccess", + "AmazonPrometheusFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonPrometheusFullAccess", + "AmazonPrometheusQueryAccess": "arn:aws-eusc:iam::aws:policy/AmazonPrometheusQueryAccess", + "AmazonPrometheusRemoteWriteAccess": "arn:aws-eusc:iam::aws:policy/AmazonPrometheusRemoteWriteAccess", + "AmazonPrometheusScraperServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonPrometheusScraperServiceRolePolicy", + "AmazonQFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonQFullAccess", + "AmazonQLDBConsoleFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonQLDBConsoleFullAccess", + "AmazonQLDBFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonQLDBFullAccess", + "AmazonQLDBReadOnly": "arn:aws-eusc:iam::aws:policy/AmazonQLDBReadOnly", + "AmazonRDSBetaServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonRDSBetaServiceRolePolicy", + "AmazonRDSCustomInstanceProfileRolePolicy": "arn:aws-eusc:iam::aws:policy/AmazonRDSCustomInstanceProfileRolePolicy", + "AmazonRDSCustomPreviewServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonRDSCustomPreviewServiceRolePolicy", + "AmazonRDSCustomServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonRDSCustomServiceRolePolicy", + "AmazonRDSDataFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonRDSDataFullAccess", + "AmazonRDSDirectoryServiceAccess": "arn:aws-eusc:iam::aws:policy/service-role/AmazonRDSDirectoryServiceAccess", + "AmazonRDSEnhancedMonitoringRole": "arn:aws-eusc:iam::aws:policy/service-role/AmazonRDSEnhancedMonitoringRole", + "AmazonRDSFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonRDSFullAccess", + "AmazonRDSPerformanceInsightsFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonRDSPerformanceInsightsFullAccess", + "AmazonRDSPerformanceInsightsReadOnly": "arn:aws-eusc:iam::aws:policy/AmazonRDSPerformanceInsightsReadOnly", + "AmazonRDSPreviewServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonRDSPreviewServiceRolePolicy", + "AmazonRDSReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonRDSReadOnlyAccess", + "AmazonRDSServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonRDSServiceRolePolicy", + "AmazonRedshiftAllCommandsFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonRedshiftAllCommandsFullAccess", + "AmazonRedshiftDataFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonRedshiftDataFullAccess", + "AmazonRedshiftFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonRedshiftFullAccess", + "AmazonRedshiftQueryEditor": "arn:aws-eusc:iam::aws:policy/AmazonRedshiftQueryEditor", + "AmazonRedshiftQueryEditorV2FullAccess": "arn:aws-eusc:iam::aws:policy/AmazonRedshiftQueryEditorV2FullAccess", + "AmazonRedshiftQueryEditorV2NoSharing": "arn:aws-eusc:iam::aws:policy/AmazonRedshiftQueryEditorV2NoSharing", + "AmazonRedshiftQueryEditorV2ReadSharing": "arn:aws-eusc:iam::aws:policy/AmazonRedshiftQueryEditorV2ReadSharing", + "AmazonRedshiftQueryEditorV2ReadWriteSharing": "arn:aws-eusc:iam::aws:policy/AmazonRedshiftQueryEditorV2ReadWriteSharing", + "AmazonRedshiftReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonRedshiftReadOnlyAccess", + "AmazonRedshiftServiceLinkedRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonRedshiftServiceLinkedRolePolicy", + "AmazonRekognitionCustomLabelsFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonRekognitionCustomLabelsFullAccess", + "AmazonRekognitionFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonRekognitionFullAccess", + "AmazonRekognitionReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonRekognitionReadOnlyAccess", + "AmazonRekognitionServiceRole": "arn:aws-eusc:iam::aws:policy/service-role/AmazonRekognitionServiceRole", + "AmazonRoute53AutoNamingFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonRoute53AutoNamingFullAccess", + "AmazonRoute53AutoNamingReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonRoute53AutoNamingReadOnlyAccess", + "AmazonRoute53AutoNamingRegistrantAccess": "arn:aws-eusc:iam::aws:policy/AmazonRoute53AutoNamingRegistrantAccess", + "AmazonRoute53DomainsFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonRoute53DomainsFullAccess", + "AmazonRoute53DomainsReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonRoute53DomainsReadOnlyAccess", + "AmazonRoute53FullAccess": "arn:aws-eusc:iam::aws:policy/AmazonRoute53FullAccess", + "AmazonRoute53ProfilesFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonRoute53ProfilesFullAccess", + "AmazonRoute53ProfilesReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonRoute53ProfilesReadOnlyAccess", + "AmazonRoute53ReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonRoute53ReadOnlyAccess", + "AmazonRoute53RecoveryClusterFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonRoute53RecoveryClusterFullAccess", + "AmazonRoute53RecoveryClusterReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonRoute53RecoveryClusterReadOnlyAccess", + "AmazonRoute53RecoveryControlConfigFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonRoute53RecoveryControlConfigFullAccess", + "AmazonRoute53RecoveryControlConfigReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonRoute53RecoveryControlConfigReadOnlyAccess", + "AmazonRoute53RecoveryReadinessFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonRoute53RecoveryReadinessFullAccess", + "AmazonRoute53RecoveryReadinessReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonRoute53RecoveryReadinessReadOnlyAccess", + "AmazonRoute53ResolverFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonRoute53ResolverFullAccess", + "AmazonRoute53ResolverReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonRoute53ResolverReadOnlyAccess", + "AmazonS3FullAccess": "arn:aws-eusc:iam::aws:policy/AmazonS3FullAccess", + "AmazonS3ObjectLambdaExecutionRolePolicy": "arn:aws-eusc:iam::aws:policy/service-role/AmazonS3ObjectLambdaExecutionRolePolicy", + "AmazonS3OutpostsFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonS3OutpostsFullAccess", + "AmazonS3OutpostsReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonS3OutpostsReadOnlyAccess", + "AmazonS3ReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonS3ReadOnlyAccess", + "AmazonSageMakerAdmin-ServiceCatalogProductsServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/AmazonSageMakerAdmin-ServiceCatalogProductsServiceRolePolicy", + "AmazonSageMakerCanvasAIServicesAccess": "arn:aws-eusc:iam::aws:policy/AmazonSageMakerCanvasAIServicesAccess", + "AmazonSageMakerCanvasBedrockAccess": "arn:aws-eusc:iam::aws:policy/AmazonSageMakerCanvasBedrockAccess", + "AmazonSageMakerCanvasDataPrepFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonSageMakerCanvasDataPrepFullAccess", + "AmazonSageMakerCanvasDirectDeployAccess": "arn:aws-eusc:iam::aws:policy/service-role/AmazonSageMakerCanvasDirectDeployAccess", + "AmazonSageMakerCanvasForecastAccess": "arn:aws-eusc:iam::aws:policy/service-role/AmazonSageMakerCanvasForecastAccess", + "AmazonSageMakerCanvasFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonSageMakerCanvasFullAccess", + "AmazonSageMakerClusterInstanceRolePolicy": "arn:aws-eusc:iam::aws:policy/AmazonSageMakerClusterInstanceRolePolicy", + "AmazonSageMakerCoreServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonSageMakerCoreServiceRolePolicy", + "AmazonSageMakerEdgeDeviceFleetPolicy": "arn:aws-eusc:iam::aws:policy/service-role/AmazonSageMakerEdgeDeviceFleetPolicy", + "AmazonSageMakerFeatureStoreAccess": "arn:aws-eusc:iam::aws:policy/AmazonSageMakerFeatureStoreAccess", + "AmazonSageMakerFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonSageMakerFullAccess", + "AmazonSageMakerGeospatialExecutionRole": "arn:aws-eusc:iam::aws:policy/service-role/AmazonSageMakerGeospatialExecutionRole", + "AmazonSageMakerGeospatialFullAccess": "arn:aws-eusc:iam::aws:policy/service-role/AmazonSageMakerGeospatialFullAccess", + "AmazonSageMakerGroundTruthExecution": "arn:aws-eusc:iam::aws:policy/AmazonSageMakerGroundTruthExecution", + "AmazonSageMakerMechanicalTurkAccess": "arn:aws-eusc:iam::aws:policy/AmazonSageMakerMechanicalTurkAccess", + "AmazonSageMakerModelGovernanceUseAccess": "arn:aws-eusc:iam::aws:policy/AmazonSageMakerModelGovernanceUseAccess", + "AmazonSageMakerModelRegistryFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonSageMakerModelRegistryFullAccess", + "AmazonSageMakerNotebooksServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonSageMakerNotebooksServiceRolePolicy", + "AmazonSageMakerPartnerServiceCatalogProductsApiGatewayServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/service-role/AmazonSageMakerPartnerServiceCatalogProductsApiGatewayServiceRolePolicy", + "AmazonSageMakerPartnerServiceCatalogProductsCloudFormationServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/service-role/AmazonSageMakerPartnerServiceCatalogProductsCloudFormationServiceRolePolicy", + "AmazonSageMakerPartnerServiceCatalogProductsLambdaServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/service-role/AmazonSageMakerPartnerServiceCatalogProductsLambdaServiceRolePolicy", + "AmazonSageMakerPipelinesIntegrations": "arn:aws-eusc:iam::aws:policy/AmazonSageMakerPipelinesIntegrations", + "AmazonSageMakerReadOnly": "arn:aws-eusc:iam::aws:policy/AmazonSageMakerReadOnly", + "AmazonSageMakerServiceCatalogProductsApiGatewayServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/service-role/AmazonSageMakerServiceCatalogProductsApiGatewayServiceRolePolicy", + "AmazonSageMakerServiceCatalogProductsCloudformationServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/service-role/AmazonSageMakerServiceCatalogProductsCloudformationServiceRolePolicy", + "AmazonSageMakerServiceCatalogProductsCodeBuildServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/AmazonSageMakerServiceCatalogProductsCodeBuildServiceRolePolicy", + "AmazonSageMakerServiceCatalogProductsCodePipelineServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/service-role/AmazonSageMakerServiceCatalogProductsCodePipelineServiceRolePolicy", + "AmazonSageMakerServiceCatalogProductsEventsServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/service-role/AmazonSageMakerServiceCatalogProductsEventsServiceRolePolicy", + "AmazonSageMakerServiceCatalogProductsFirehoseServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/service-role/AmazonSageMakerServiceCatalogProductsFirehoseServiceRolePolicy", + "AmazonSageMakerServiceCatalogProductsGlueServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/service-role/AmazonSageMakerServiceCatalogProductsGlueServiceRolePolicy", + "AmazonSageMakerServiceCatalogProductsLambdaServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/service-role/AmazonSageMakerServiceCatalogProductsLambdaServiceRolePolicy", + "AmazonSecurityLakeAdministrator": "arn:aws-eusc:iam::aws:policy/AmazonSecurityLakeAdministrator", + "AmazonSecurityLakeMetastoreManager": "arn:aws-eusc:iam::aws:policy/service-role/AmazonSecurityLakeMetastoreManager", + "AmazonSecurityLakePermissionsBoundary": "arn:aws-eusc:iam::aws:policy/AmazonSecurityLakePermissionsBoundary", + "AmazonSESFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonSESFullAccess", + "AmazonSESReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonSESReadOnlyAccess", + "AmazonSESServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonSESServiceRolePolicy", + "AmazonSNSFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonSNSFullAccess", + "AmazonSNSReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonSNSReadOnlyAccess", + "AmazonSNSRole": "arn:aws-eusc:iam::aws:policy/service-role/AmazonSNSRole", + "AmazonSQSFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonSQSFullAccess", + "AmazonSQSReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonSQSReadOnlyAccess", + "AmazonSSMAutomationApproverAccess": "arn:aws-eusc:iam::aws:policy/AmazonSSMAutomationApproverAccess", + "AmazonSSMAutomationRole": "arn:aws-eusc:iam::aws:policy/service-role/AmazonSSMAutomationRole", + "AmazonSSMDirectoryServiceAccess": "arn:aws-eusc:iam::aws:policy/AmazonSSMDirectoryServiceAccess", + "AmazonSSMFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonSSMFullAccess", + "AmazonSSMMaintenanceWindowRole": "arn:aws-eusc:iam::aws:policy/service-role/AmazonSSMMaintenanceWindowRole", + "AmazonSSMManagedEC2InstanceDefaultPolicy": "arn:aws-eusc:iam::aws:policy/AmazonSSMManagedEC2InstanceDefaultPolicy", + "AmazonSSMManagedInstanceCore": "arn:aws-eusc:iam::aws:policy/AmazonSSMManagedInstanceCore", + "AmazonSSMPatchAssociation": "arn:aws-eusc:iam::aws:policy/AmazonSSMPatchAssociation", + "AmazonSSMReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonSSMReadOnlyAccess", + "AmazonSSMServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonSSMServiceRolePolicy", + "AmazonTextractFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonTextractFullAccess", + "AmazonTextractServiceRole": "arn:aws-eusc:iam::aws:policy/service-role/AmazonTextractServiceRole", + "AmazonTimestreamConsoleFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonTimestreamConsoleFullAccess", + "AmazonTimestreamFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonTimestreamFullAccess", + "AmazonTimestreamInfluxDBFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonTimestreamInfluxDBFullAccess", + "AmazonTimestreamInfluxDBServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonTimestreamInfluxDBServiceRolePolicy", + "AmazonTimestreamReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonTimestreamReadOnlyAccess", + "AmazonTranscribeFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonTranscribeFullAccess", + "AmazonTranscribeReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonTranscribeReadOnlyAccess", + "AmazonVPCCrossAccountNetworkInterfaceOperations": "arn:aws-eusc:iam::aws:policy/AmazonVPCCrossAccountNetworkInterfaceOperations", + "AmazonVPCFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonVPCFullAccess", + "AmazonVPCNetworkAccessAnalyzerFullAccessPolicy": "arn:aws-eusc:iam::aws:policy/AmazonVPCNetworkAccessAnalyzerFullAccessPolicy", + "AmazonVPCReachabilityAnalyzerFullAccessPolicy": "arn:aws-eusc:iam::aws:policy/AmazonVPCReachabilityAnalyzerFullAccessPolicy", + "AmazonVPCReachabilityAnalyzerPathComponentReadPolicy": "arn:aws-eusc:iam::aws:policy/AmazonVPCReachabilityAnalyzerPathComponentReadPolicy", + "AmazonVPCReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonVPCReadOnlyAccess", + "AmazonWorkDocsFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonWorkDocsFullAccess", + "AmazonWorkDocsReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonWorkDocsReadOnlyAccess", + "AmazonWorkMailEventsServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonWorkMailEventsServiceRolePolicy", + "AmazonWorkMailFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonWorkMailFullAccess", + "AmazonWorkMailMessageFlowFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonWorkMailMessageFlowFullAccess", + "AmazonWorkMailMessageFlowReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonWorkMailMessageFlowReadOnlyAccess", + "AmazonWorkMailReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonWorkMailReadOnlyAccess", + "AmazonWorkSpacesAdmin": "arn:aws-eusc:iam::aws:policy/AmazonWorkSpacesAdmin", + "AmazonWorkSpacesApplicationManagerAdminAccess": "arn:aws-eusc:iam::aws:policy/AmazonWorkSpacesApplicationManagerAdminAccess", + "AmazonWorkspacesPCAAccess": "arn:aws-eusc:iam::aws:policy/AmazonWorkspacesPCAAccess", + "AmazonWorkSpacesSelfServiceAccess": "arn:aws-eusc:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess", + "AmazonWorkSpacesServiceAccess": "arn:aws-eusc:iam::aws:policy/AmazonWorkSpacesServiceAccess", + "AmazonWorkSpacesWebReadOnly": "arn:aws-eusc:iam::aws:policy/AmazonWorkSpacesWebReadOnly", + "AmazonWorkSpacesWebServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AmazonWorkSpacesWebServiceRolePolicy", + "AmazonZocaloFullAccess": "arn:aws-eusc:iam::aws:policy/AmazonZocaloFullAccess", + "AmazonZocaloReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AmazonZocaloReadOnlyAccess", + "AmplifyBackendDeployFullAccess": "arn:aws-eusc:iam::aws:policy/service-role/AmplifyBackendDeployFullAccess", + "APIGatewayServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/APIGatewayServiceRolePolicy", + "AppIntegrationsServiceLinkedRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AppIntegrationsServiceLinkedRolePolicy", + "ApplicationAutoScalingForAmazonAppStreamAccess": "arn:aws-eusc:iam::aws:policy/service-role/ApplicationAutoScalingForAmazonAppStreamAccess", + "ApplicationDiscoveryServiceContinuousExportServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/ApplicationDiscoveryServiceContinuousExportServiceRolePolicy", + "AppRunnerNetworkingServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AppRunnerNetworkingServiceRolePolicy", + "AppRunnerServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AppRunnerServiceRolePolicy", + "AutoScalingConsoleFullAccess": "arn:aws-eusc:iam::aws:policy/AutoScalingConsoleFullAccess", + "AutoScalingConsoleReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AutoScalingConsoleReadOnlyAccess", + "AutoScalingFullAccess": "arn:aws-eusc:iam::aws:policy/AutoScalingFullAccess", + "AutoScalingNotificationAccessRole": "arn:aws-eusc:iam::aws:policy/service-role/AutoScalingNotificationAccessRole", + "AutoScalingReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AutoScalingReadOnlyAccess", + "AutoScalingServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AutoScalingServiceRolePolicy", + "AWSAccountActivityAccess": "arn:aws-eusc:iam::aws:policy/AWSAccountActivityAccess", + "AWSAccountManagementFullAccess": "arn:aws-eusc:iam::aws:policy/AWSAccountManagementFullAccess", + "AWSAccountManagementReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSAccountManagementReadOnlyAccess", + "AWSAccountUsageReportAccess": "arn:aws-eusc:iam::aws:policy/AWSAccountUsageReportAccess", + "AWSAgentlessDiscoveryService": "arn:aws-eusc:iam::aws:policy/AWSAgentlessDiscoveryService", + "AWSAppFabricFullAccess": "arn:aws-eusc:iam::aws:policy/AWSAppFabricFullAccess", + "AWSAppFabricReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSAppFabricReadOnlyAccess", + "AWSAppFabricServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSAppFabricServiceRolePolicy", + "AWSApplicationAutoscalingAppStreamFleetPolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingAppStreamFleetPolicy", + "AWSApplicationAutoscalingCassandraTablePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingCassandraTablePolicy", + "AWSApplicationAutoscalingComprehendEndpointPolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingComprehendEndpointPolicy", + "AWSApplicationAutoScalingCustomResourcePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSApplicationAutoScalingCustomResourcePolicy", + "AWSApplicationAutoscalingDynamoDBTablePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingDynamoDBTablePolicy", + "AWSApplicationAutoscalingEC2SpotFleetRequestPolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingEC2SpotFleetRequestPolicy", + "AWSApplicationAutoscalingECSServicePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingECSServicePolicy", + "AWSApplicationAutoscalingElastiCacheRGPolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingElastiCacheRGPolicy", + "AWSApplicationAutoscalingEMRInstanceGroupPolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingEMRInstanceGroupPolicy", + "AWSApplicationAutoscalingKafkaClusterPolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingKafkaClusterPolicy", + "AWSApplicationAutoscalingLambdaConcurrencyPolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingLambdaConcurrencyPolicy", + "AWSApplicationAutoscalingNeptuneClusterPolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingNeptuneClusterPolicy", + "AWSApplicationAutoscalingRDSClusterPolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingRDSClusterPolicy", + "AWSApplicationAutoscalingSageMakerEndpointPolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingSageMakerEndpointPolicy", + "AWSApplicationDiscoveryAgentAccess": "arn:aws-eusc:iam::aws:policy/AWSApplicationDiscoveryAgentAccess", + "AWSApplicationDiscoveryAgentlessCollectorAccess": "arn:aws-eusc:iam::aws:policy/AWSApplicationDiscoveryAgentlessCollectorAccess", + "AWSApplicationDiscoveryServiceFullAccess": "arn:aws-eusc:iam::aws:policy/AWSApplicationDiscoveryServiceFullAccess", + "AWSApplicationMigrationAgentInstallationPolicy": "arn:aws-eusc:iam::aws:policy/AWSApplicationMigrationAgentInstallationPolicy", + "AWSApplicationMigrationAgentPolicy": "arn:aws-eusc:iam::aws:policy/AWSApplicationMigrationAgentPolicy", + "AWSApplicationMigrationAgentPolicy_v2": "arn:aws-eusc:iam::aws:policy/service-role/AWSApplicationMigrationAgentPolicy_v2", + "AWSApplicationMigrationConversionServerPolicy": "arn:aws-eusc:iam::aws:policy/service-role/AWSApplicationMigrationConversionServerPolicy", + "AWSApplicationMigrationEC2Access": "arn:aws-eusc:iam::aws:policy/AWSApplicationMigrationEC2Access", + "AWSApplicationMigrationFullAccess": "arn:aws-eusc:iam::aws:policy/AWSApplicationMigrationFullAccess", + "AWSApplicationMigrationMGHAccess": "arn:aws-eusc:iam::aws:policy/service-role/AWSApplicationMigrationMGHAccess", + "AWSApplicationMigrationReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSApplicationMigrationReadOnlyAccess", + "AWSApplicationMigrationReplicationServerPolicy": "arn:aws-eusc:iam::aws:policy/service-role/AWSApplicationMigrationReplicationServerPolicy", + "AWSApplicationMigrationServiceEc2InstancePolicy": "arn:aws-eusc:iam::aws:policy/AWSApplicationMigrationServiceEc2InstancePolicy", + "AWSApplicationMigrationServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSApplicationMigrationServiceRolePolicy", + "AWSApplicationMigrationSSMAccess": "arn:aws-eusc:iam::aws:policy/AWSApplicationMigrationSSMAccess", + "AWSApplicationMigrationVCenterClientPolicy": "arn:aws-eusc:iam::aws:policy/AWSApplicationMigrationVCenterClientPolicy", + "AWSAppMeshEnvoyAccess": "arn:aws-eusc:iam::aws:policy/AWSAppMeshEnvoyAccess", + "AWSAppMeshFullAccess": "arn:aws-eusc:iam::aws:policy/AWSAppMeshFullAccess", + "AWSAppMeshPreviewEnvoyAccess": "arn:aws-eusc:iam::aws:policy/AWSAppMeshPreviewEnvoyAccess", + "AWSAppMeshPreviewServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSAppMeshPreviewServiceRolePolicy", + "AWSAppMeshReadOnly": "arn:aws-eusc:iam::aws:policy/AWSAppMeshReadOnly", + "AWSAppMeshServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSAppMeshServiceRolePolicy", + "AWSAppRunnerFullAccess": "arn:aws-eusc:iam::aws:policy/AWSAppRunnerFullAccess", + "AWSAppRunnerReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSAppRunnerReadOnlyAccess", + "AWSAppRunnerServicePolicyForECRAccess": "arn:aws-eusc:iam::aws:policy/service-role/AWSAppRunnerServicePolicyForECRAccess", + "AWSAppSyncAdministrator": "arn:aws-eusc:iam::aws:policy/AWSAppSyncAdministrator", + "AWSAppSyncInvokeFullAccess": "arn:aws-eusc:iam::aws:policy/AWSAppSyncInvokeFullAccess", + "AWSAppSyncPushToCloudWatchLogs": "arn:aws-eusc:iam::aws:policy/service-role/AWSAppSyncPushToCloudWatchLogs", + "AWSAppSyncSchemaAuthor": "arn:aws-eusc:iam::aws:policy/AWSAppSyncSchemaAuthor", + "AWSAppSyncServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSAppSyncServiceRolePolicy", + "AWSArtifactAccountSync": "arn:aws-eusc:iam::aws:policy/service-role/AWSArtifactAccountSync", + "AWSArtifactReportsReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSArtifactReportsReadOnlyAccess", + "AWSArtifactServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSArtifactServiceRolePolicy", + "AWSAuditManagerAdministratorAccess": "arn:aws-eusc:iam::aws:policy/AWSAuditManagerAdministratorAccess", + "AWSAuditManagerServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSAuditManagerServiceRolePolicy", + "AWSAutoScalingPlansEC2AutoScalingPolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSAutoScalingPlansEC2AutoScalingPolicy", + "AWSBackupAuditAccess": "arn:aws-eusc:iam::aws:policy/AWSBackupAuditAccess", + "AWSBackupDataTransferAccess": "arn:aws-eusc:iam::aws:policy/AWSBackupDataTransferAccess", + "AWSBackupFullAccess": "arn:aws-eusc:iam::aws:policy/AWSBackupFullAccess", + "AWSBackupGatewayServiceRolePolicyForVirtualMachineMetadataSync": "arn:aws-eusc:iam::aws:policy/service-role/AWSBackupGatewayServiceRolePolicyForVirtualMachineMetadataSync", + "AWSBackupOperatorAccess": "arn:aws-eusc:iam::aws:policy/AWSBackupOperatorAccess", + "AWSBackupOrganizationAdminAccess": "arn:aws-eusc:iam::aws:policy/AWSBackupOrganizationAdminAccess", + "AWSBackupRestoreAccessForSAPHANA": "arn:aws-eusc:iam::aws:policy/AWSBackupRestoreAccessForSAPHANA", + "AWSBackupServiceLinkedRolePolicyForBackup": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSBackupServiceLinkedRolePolicyForBackup", + "AWSBackupServiceLinkedRolePolicyForBackupTest": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSBackupServiceLinkedRolePolicyForBackupTest", + "AWSBackupServiceRolePolicyForBackup": "arn:aws-eusc:iam::aws:policy/service-role/AWSBackupServiceRolePolicyForBackup", + "AWSBackupServiceRolePolicyForRestores": "arn:aws-eusc:iam::aws:policy/service-role/AWSBackupServiceRolePolicyForRestores", + "AWSBackupServiceRolePolicyForS3Backup": "arn:aws-eusc:iam::aws:policy/AWSBackupServiceRolePolicyForS3Backup", + "AWSBackupServiceRolePolicyForS3Restore": "arn:aws-eusc:iam::aws:policy/AWSBackupServiceRolePolicyForS3Restore", + "AWSBatchFullAccess": "arn:aws-eusc:iam::aws:policy/AWSBatchFullAccess", + "AWSBatchServiceEventTargetRole": "arn:aws-eusc:iam::aws:policy/service-role/AWSBatchServiceEventTargetRole", + "AWSBatchServiceRole": "arn:aws-eusc:iam::aws:policy/service-role/AWSBatchServiceRole", + "AWSBillingConductorFullAccess": "arn:aws-eusc:iam::aws:policy/AWSBillingConductorFullAccess", + "AWSBillingConductorReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSBillingConductorReadOnlyAccess", + "AWSBillingReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSBillingReadOnlyAccess", + "AWSBudgetsActions_RolePolicyForResourceAdministrationWithSSM": "arn:aws-eusc:iam::aws:policy/AWSBudgetsActions_RolePolicyForResourceAdministrationWithSSM", + "AWSBudgetsActionsWithAWSResourceControlAccess": "arn:aws-eusc:iam::aws:policy/AWSBudgetsActionsWithAWSResourceControlAccess", + "AWSBudgetsReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSBudgetsReadOnlyAccess", + "AWSBugBustFullAccess": "arn:aws-eusc:iam::aws:policy/AWSBugBustFullAccess", + "AWSBugBustPlayerAccess": "arn:aws-eusc:iam::aws:policy/AWSBugBustPlayerAccess", + "AWSBugBustServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSBugBustServiceRolePolicy", + "AWSCertificateManagerFullAccess": "arn:aws-eusc:iam::aws:policy/AWSCertificateManagerFullAccess", + "AWSCertificateManagerPrivateCAAuditor": "arn:aws-eusc:iam::aws:policy/AWSCertificateManagerPrivateCAAuditor", + "AWSCertificateManagerPrivateCAFullAccess": "arn:aws-eusc:iam::aws:policy/AWSCertificateManagerPrivateCAFullAccess", + "AWSCertificateManagerPrivateCAPrivilegedUser": "arn:aws-eusc:iam::aws:policy/AWSCertificateManagerPrivateCAPrivilegedUser", + "AWSCertificateManagerPrivateCAReadOnly": "arn:aws-eusc:iam::aws:policy/AWSCertificateManagerPrivateCAReadOnly", + "AWSCertificateManagerPrivateCAUser": "arn:aws-eusc:iam::aws:policy/AWSCertificateManagerPrivateCAUser", + "AWSCertificateManagerReadOnly": "arn:aws-eusc:iam::aws:policy/AWSCertificateManagerReadOnly", + "AWSChatbotServiceLinkedRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSChatbotServiceLinkedRolePolicy", + "AWSCleanRoomsFullAccess": "arn:aws-eusc:iam::aws:policy/AWSCleanRoomsFullAccess", + "AWSCleanRoomsFullAccessNoQuerying": "arn:aws-eusc:iam::aws:policy/AWSCleanRoomsFullAccessNoQuerying", + "AWSCleanRoomsMLFullAccess": "arn:aws-eusc:iam::aws:policy/AWSCleanRoomsMLFullAccess", + "AWSCleanRoomsMLReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSCleanRoomsMLReadOnlyAccess", + "AWSCleanRoomsReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSCleanRoomsReadOnlyAccess", + "AWSCloud9Administrator": "arn:aws-eusc:iam::aws:policy/AWSCloud9Administrator", + "AWSCloud9EnvironmentMember": "arn:aws-eusc:iam::aws:policy/AWSCloud9EnvironmentMember", + "AWSCloud9ServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSCloud9ServiceRolePolicy", + "AWSCloud9SSMInstanceProfile": "arn:aws-eusc:iam::aws:policy/AWSCloud9SSMInstanceProfile", + "AWSCloud9User": "arn:aws-eusc:iam::aws:policy/AWSCloud9User", + "AWSCloudFormationFullAccess": "arn:aws-eusc:iam::aws:policy/AWSCloudFormationFullAccess", + "AWSCloudFormationReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSCloudFormationReadOnlyAccess", + "AWSCloudFrontLogger": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSCloudFrontLogger", + "AWSCloudHSMFullAccess": "arn:aws-eusc:iam::aws:policy/AWSCloudHSMFullAccess", + "AWSCloudHSMReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSCloudHSMReadOnlyAccess", + "AWSCloudHSMRole": "arn:aws-eusc:iam::aws:policy/service-role/AWSCloudHSMRole", + "AWSCloudMapDiscoverInstanceAccess": "arn:aws-eusc:iam::aws:policy/AWSCloudMapDiscoverInstanceAccess", + "AWSCloudMapFullAccess": "arn:aws-eusc:iam::aws:policy/AWSCloudMapFullAccess", + "AWSCloudMapReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSCloudMapReadOnlyAccess", + "AWSCloudMapRegisterInstanceAccess": "arn:aws-eusc:iam::aws:policy/AWSCloudMapRegisterInstanceAccess", + "AWSCloudShellFullAccess": "arn:aws-eusc:iam::aws:policy/AWSCloudShellFullAccess", + "AWSCloudTrail_FullAccess": "arn:aws-eusc:iam::aws:policy/AWSCloudTrail_FullAccess", + "AWSCloudTrail_ReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSCloudTrail_ReadOnlyAccess", + "AWSCloudWatchAlarms_ActionSSMIncidentsServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSCloudWatchAlarms_ActionSSMIncidentsServiceRolePolicy", + "AWSCodeArtifactAdminAccess": "arn:aws-eusc:iam::aws:policy/AWSCodeArtifactAdminAccess", + "AWSCodeArtifactReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSCodeArtifactReadOnlyAccess", + "AWSCodeBuildAdminAccess": "arn:aws-eusc:iam::aws:policy/AWSCodeBuildAdminAccess", + "AWSCodeBuildDeveloperAccess": "arn:aws-eusc:iam::aws:policy/AWSCodeBuildDeveloperAccess", + "AWSCodeBuildReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSCodeBuildReadOnlyAccess", + "AWSCodeCommitFullAccess": "arn:aws-eusc:iam::aws:policy/AWSCodeCommitFullAccess", + "AWSCodeCommitPowerUser": "arn:aws-eusc:iam::aws:policy/AWSCodeCommitPowerUser", + "AWSCodeCommitReadOnly": "arn:aws-eusc:iam::aws:policy/AWSCodeCommitReadOnly", + "AWSCodeDeployDeployerAccess": "arn:aws-eusc:iam::aws:policy/AWSCodeDeployDeployerAccess", + "AWSCodeDeployFullAccess": "arn:aws-eusc:iam::aws:policy/AWSCodeDeployFullAccess", + "AWSCodeDeployReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSCodeDeployReadOnlyAccess", + "AWSCodeDeployRole": "arn:aws-eusc:iam::aws:policy/service-role/AWSCodeDeployRole", + "AWSCodeDeployRoleForCloudFormation": "arn:aws-eusc:iam::aws:policy/service-role/AWSCodeDeployRoleForCloudFormation", + "AWSCodeDeployRoleForECS": "arn:aws-eusc:iam::aws:policy/AWSCodeDeployRoleForECS", + "AWSCodeDeployRoleForECSLimited": "arn:aws-eusc:iam::aws:policy/AWSCodeDeployRoleForECSLimited", + "AWSCodeDeployRoleForLambda": "arn:aws-eusc:iam::aws:policy/service-role/AWSCodeDeployRoleForLambda", + "AWSCodeDeployRoleForLambdaLimited": "arn:aws-eusc:iam::aws:policy/service-role/AWSCodeDeployRoleForLambdaLimited", + "AWSCodePipelineApproverAccess": "arn:aws-eusc:iam::aws:policy/AWSCodePipelineApproverAccess", + "AWSCodePipelineCustomActionAccess": "arn:aws-eusc:iam::aws:policy/AWSCodePipelineCustomActionAccess", + "AWSCodePipeline_FullAccess": "arn:aws-eusc:iam::aws:policy/AWSCodePipeline_FullAccess", + "AWSCodePipeline_ReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSCodePipeline_ReadOnlyAccess", + "AWSCodeStarFullAccess": "arn:aws-eusc:iam::aws:policy/AWSCodeStarFullAccess", + "AWSCodeStarNotificationsServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSCodeStarNotificationsServiceRolePolicy", + "AWSCodeStarServiceRole": "arn:aws-eusc:iam::aws:policy/service-role/AWSCodeStarServiceRole", + "AWSCompromisedKeyQuarantine": "arn:aws-eusc:iam::aws:policy/AWSCompromisedKeyQuarantine", + "AWSCompromisedKeyQuarantineV2": "arn:aws-eusc:iam::aws:policy/AWSCompromisedKeyQuarantineV2", + "AWSConfigMultiAccountSetupPolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSConfigMultiAccountSetupPolicy", + "AWSConfigRemediationServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSConfigRemediationServiceRolePolicy", + "AWS_ConfigRole": "arn:aws-eusc:iam::aws:policy/service-role/AWS_ConfigRole", + "AWSConfigRoleForOrganizations": "arn:aws-eusc:iam::aws:policy/service-role/AWSConfigRoleForOrganizations", + "AWSConfigRulesExecutionRole": "arn:aws-eusc:iam::aws:policy/service-role/AWSConfigRulesExecutionRole", + "AWSConfigServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSConfigServiceRolePolicy", + "AWSConfigUserAccess": "arn:aws-eusc:iam::aws:policy/AWSConfigUserAccess", + "AWSConnector": "arn:aws-eusc:iam::aws:policy/AWSConnector", + "AWSControlTowerAccountServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSControlTowerAccountServiceRolePolicy", + "AWSControlTowerServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/service-role/AWSControlTowerServiceRolePolicy", + "AWSCostAndUsageReportAutomationPolicy": "arn:aws-eusc:iam::aws:policy/service-role/AWSCostAndUsageReportAutomationPolicy", + "AWSDataExchangeFullAccess": "arn:aws-eusc:iam::aws:policy/AWSDataExchangeFullAccess", + "AWSDataExchangeProviderFullAccess": "arn:aws-eusc:iam::aws:policy/AWSDataExchangeProviderFullAccess", + "AWSDataExchangeReadOnly": "arn:aws-eusc:iam::aws:policy/AWSDataExchangeReadOnly", + "AWSDataExchangeSubscriberFullAccess": "arn:aws-eusc:iam::aws:policy/AWSDataExchangeSubscriberFullAccess", + "AWSDataLifecycleManagerServiceRole": "arn:aws-eusc:iam::aws:policy/service-role/AWSDataLifecycleManagerServiceRole", + "AWSDataLifecycleManagerServiceRoleForAMIManagement": "arn:aws-eusc:iam::aws:policy/service-role/AWSDataLifecycleManagerServiceRoleForAMIManagement", + "AWSDataLifecycleManagerSSMFullAccess": "arn:aws-eusc:iam::aws:policy/service-role/AWSDataLifecycleManagerSSMFullAccess", + "AWSDataPipeline_FullAccess": "arn:aws-eusc:iam::aws:policy/AWSDataPipeline_FullAccess", + "AWSDataPipeline_PowerUser": "arn:aws-eusc:iam::aws:policy/AWSDataPipeline_PowerUser", + "AWSDataSyncDiscoveryServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSDataSyncDiscoveryServiceRolePolicy", + "AWSDataSyncFullAccess": "arn:aws-eusc:iam::aws:policy/AWSDataSyncFullAccess", + "AWSDataSyncReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSDataSyncReadOnlyAccess", + "AWSDeadlineCloud-FleetWorker": "arn:aws-eusc:iam::aws:policy/AWSDeadlineCloud-FleetWorker", + "AWSDeadlineCloud-UserAccessFarms": "arn:aws-eusc:iam::aws:policy/AWSDeadlineCloud-UserAccessFarms", + "AWSDeadlineCloud-UserAccessFleets": "arn:aws-eusc:iam::aws:policy/AWSDeadlineCloud-UserAccessFleets", + "AWSDeadlineCloud-UserAccessJobs": "arn:aws-eusc:iam::aws:policy/AWSDeadlineCloud-UserAccessJobs", + "AWSDeadlineCloud-UserAccessQueues": "arn:aws-eusc:iam::aws:policy/AWSDeadlineCloud-UserAccessQueues", + "AWSDeadlineCloud-WorkerHost": "arn:aws-eusc:iam::aws:policy/AWSDeadlineCloud-WorkerHost", + "AWSDeepLensLambdaFunctionAccessPolicy": "arn:aws-eusc:iam::aws:policy/AWSDeepLensLambdaFunctionAccessPolicy", + "AWSDeepLensServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/service-role/AWSDeepLensServiceRolePolicy", + "AWSDeepRacerAccountAdminAccess": "arn:aws-eusc:iam::aws:policy/AWSDeepRacerAccountAdminAccess", + "AWSDeepRacerCloudFormationAccessPolicy": "arn:aws-eusc:iam::aws:policy/AWSDeepRacerCloudFormationAccessPolicy", + "AWSDeepRacerDefaultMultiUserAccess": "arn:aws-eusc:iam::aws:policy/AWSDeepRacerDefaultMultiUserAccess", + "AWSDeepRacerFullAccess": "arn:aws-eusc:iam::aws:policy/AWSDeepRacerFullAccess", + "AWSDeepRacerRoboMakerAccessPolicy": "arn:aws-eusc:iam::aws:policy/AWSDeepRacerRoboMakerAccessPolicy", + "AWSDeepRacerServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/service-role/AWSDeepRacerServiceRolePolicy", + "AWSDenyAll": "arn:aws-eusc:iam::aws:policy/AWSDenyAll", + "AWSDeviceFarmFullAccess": "arn:aws-eusc:iam::aws:policy/AWSDeviceFarmFullAccess", + "AWSDeviceFarmServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSDeviceFarmServiceRolePolicy", + "AWSDeviceFarmTestGridServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSDeviceFarmTestGridServiceRolePolicy", + "AWSDirectConnectFullAccess": "arn:aws-eusc:iam::aws:policy/AWSDirectConnectFullAccess", + "AWSDirectConnectReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSDirectConnectReadOnlyAccess", + "AWSDirectConnectServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSDirectConnectServiceRolePolicy", + "AWSDirectoryServiceFullAccess": "arn:aws-eusc:iam::aws:policy/AWSDirectoryServiceFullAccess", + "AWSDirectoryServiceReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSDirectoryServiceReadOnlyAccess", + "AWSDiscoveryContinuousExportFirehosePolicy": "arn:aws-eusc:iam::aws:policy/AWSDiscoveryContinuousExportFirehosePolicy", + "AWSDMSFleetAdvisorServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSDMSFleetAdvisorServiceRolePolicy", + "AWSDMSServerlessServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSDMSServerlessServiceRolePolicy", + "AWSEC2CapacityReservationFleetRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSEC2CapacityReservationFleetRolePolicy", + "AWSEC2FleetServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSEC2FleetServiceRolePolicy", + "AWSEC2SpotFleetServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSEC2SpotFleetServiceRolePolicy", + "AWSEC2SpotServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSEC2SpotServiceRolePolicy", + "AWSEC2VssSnapshotPolicy": "arn:aws-eusc:iam::aws:policy/AWSEC2VssSnapshotPolicy", + "AWSECRPullThroughCache_ServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSECRPullThroughCache_ServiceRolePolicy", + "AWSElasticBeanstalkCustomPlatformforEC2Role": "arn:aws-eusc:iam::aws:policy/AWSElasticBeanstalkCustomPlatformforEC2Role", + "AWSElasticBeanstalkEnhancedHealth": "arn:aws-eusc:iam::aws:policy/service-role/AWSElasticBeanstalkEnhancedHealth", + "AWSElasticBeanstalkMaintenance": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSElasticBeanstalkMaintenance", + "AWSElasticBeanstalkManagedUpdatesCustomerRolePolicy": "arn:aws-eusc:iam::aws:policy/AWSElasticBeanstalkManagedUpdatesCustomerRolePolicy", + "AWSElasticBeanstalkManagedUpdatesServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSElasticBeanstalkManagedUpdatesServiceRolePolicy", + "AWSElasticBeanstalkMulticontainerDocker": "arn:aws-eusc:iam::aws:policy/AWSElasticBeanstalkMulticontainerDocker", + "AWSElasticBeanstalkReadOnly": "arn:aws-eusc:iam::aws:policy/AWSElasticBeanstalkReadOnly", + "AWSElasticBeanstalkRoleCore": "arn:aws-eusc:iam::aws:policy/service-role/AWSElasticBeanstalkRoleCore", + "AWSElasticBeanstalkRoleCWL": "arn:aws-eusc:iam::aws:policy/service-role/AWSElasticBeanstalkRoleCWL", + "AWSElasticBeanstalkRoleECS": "arn:aws-eusc:iam::aws:policy/service-role/AWSElasticBeanstalkRoleECS", + "AWSElasticBeanstalkRoleRDS": "arn:aws-eusc:iam::aws:policy/service-role/AWSElasticBeanstalkRoleRDS", + "AWSElasticBeanstalkRoleSNS": "arn:aws-eusc:iam::aws:policy/service-role/AWSElasticBeanstalkRoleSNS", + "AWSElasticBeanstalkRoleWorkerTier": "arn:aws-eusc:iam::aws:policy/service-role/AWSElasticBeanstalkRoleWorkerTier", + "AWSElasticBeanstalkService": "arn:aws-eusc:iam::aws:policy/service-role/AWSElasticBeanstalkService", + "AWSElasticBeanstalkServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSElasticBeanstalkServiceRolePolicy", + "AWSElasticBeanstalkWebTier": "arn:aws-eusc:iam::aws:policy/AWSElasticBeanstalkWebTier", + "AWSElasticBeanstalkWorkerTier": "arn:aws-eusc:iam::aws:policy/AWSElasticBeanstalkWorkerTier", + "AWSElasticDisasterRecoveryAgentInstallationPolicy": "arn:aws-eusc:iam::aws:policy/AWSElasticDisasterRecoveryAgentInstallationPolicy", + "AWSElasticDisasterRecoveryAgentPolicy": "arn:aws-eusc:iam::aws:policy/service-role/AWSElasticDisasterRecoveryAgentPolicy", + "AWSElasticDisasterRecoveryConsoleFullAccess": "arn:aws-eusc:iam::aws:policy/AWSElasticDisasterRecoveryConsoleFullAccess", + "AWSElasticDisasterRecoveryConsoleFullAccess_v2": "arn:aws-eusc:iam::aws:policy/AWSElasticDisasterRecoveryConsoleFullAccess_v2", + "AWSElasticDisasterRecoveryConversionServerPolicy": "arn:aws-eusc:iam::aws:policy/service-role/AWSElasticDisasterRecoveryConversionServerPolicy", + "AWSElasticDisasterRecoveryCrossAccountReplicationPolicy": "arn:aws-eusc:iam::aws:policy/service-role/AWSElasticDisasterRecoveryCrossAccountReplicationPolicy", + "AWSElasticDisasterRecoveryEc2InstancePolicy": "arn:aws-eusc:iam::aws:policy/service-role/AWSElasticDisasterRecoveryEc2InstancePolicy", + "AWSElasticDisasterRecoveryFailbackInstallationPolicy": "arn:aws-eusc:iam::aws:policy/AWSElasticDisasterRecoveryFailbackInstallationPolicy", + "AWSElasticDisasterRecoveryFailbackPolicy": "arn:aws-eusc:iam::aws:policy/service-role/AWSElasticDisasterRecoveryFailbackPolicy", + "AWSElasticDisasterRecoveryLaunchActionsPolicy": "arn:aws-eusc:iam::aws:policy/AWSElasticDisasterRecoveryLaunchActionsPolicy", + "AWSElasticDisasterRecoveryNetworkReplicationPolicy": "arn:aws-eusc:iam::aws:policy/service-role/AWSElasticDisasterRecoveryNetworkReplicationPolicy", + "AWSElasticDisasterRecoveryReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSElasticDisasterRecoveryReadOnlyAccess", + "AWSElasticDisasterRecoveryRecoveryInstancePolicy": "arn:aws-eusc:iam::aws:policy/service-role/AWSElasticDisasterRecoveryRecoveryInstancePolicy", + "AWSElasticDisasterRecoveryReplicationServerPolicy": "arn:aws-eusc:iam::aws:policy/service-role/AWSElasticDisasterRecoveryReplicationServerPolicy", + "AWSElasticDisasterRecoveryServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSElasticDisasterRecoveryServiceRolePolicy", + "AWSElasticDisasterRecoveryStagingAccountPolicy": "arn:aws-eusc:iam::aws:policy/service-role/AWSElasticDisasterRecoveryStagingAccountPolicy", + "AWSElasticDisasterRecoveryStagingAccountPolicy_v2": "arn:aws-eusc:iam::aws:policy/service-role/AWSElasticDisasterRecoveryStagingAccountPolicy_v2", + "AWSElasticLoadBalancingClassicServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSElasticLoadBalancingClassicServiceRolePolicy", + "AWSElasticLoadBalancingServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSElasticLoadBalancingServiceRolePolicy", + "AWSElementalMediaConvertFullAccess": "arn:aws-eusc:iam::aws:policy/AWSElementalMediaConvertFullAccess", + "AWSElementalMediaConvertReadOnly": "arn:aws-eusc:iam::aws:policy/AWSElementalMediaConvertReadOnly", + "AWSElementalMediaLiveFullAccess": "arn:aws-eusc:iam::aws:policy/AWSElementalMediaLiveFullAccess", + "AWSElementalMediaLiveReadOnly": "arn:aws-eusc:iam::aws:policy/AWSElementalMediaLiveReadOnly", + "AWSElementalMediaPackageFullAccess": "arn:aws-eusc:iam::aws:policy/AWSElementalMediaPackageFullAccess", + "AWSElementalMediaPackageReadOnly": "arn:aws-eusc:iam::aws:policy/AWSElementalMediaPackageReadOnly", + "AWSElementalMediaPackageV2FullAccess": "arn:aws-eusc:iam::aws:policy/AWSElementalMediaPackageV2FullAccess", + "AWSElementalMediaPackageV2ReadOnly": "arn:aws-eusc:iam::aws:policy/AWSElementalMediaPackageV2ReadOnly", + "AWSElementalMediaStoreFullAccess": "arn:aws-eusc:iam::aws:policy/AWSElementalMediaStoreFullAccess", + "AWSElementalMediaStoreReadOnly": "arn:aws-eusc:iam::aws:policy/AWSElementalMediaStoreReadOnly", + "AWSElementalMediaTailorFullAccess": "arn:aws-eusc:iam::aws:policy/AWSElementalMediaTailorFullAccess", + "AWSElementalMediaTailorReadOnly": "arn:aws-eusc:iam::aws:policy/AWSElementalMediaTailorReadOnly", + "AWSEnhancedClassicNetworkingMangementPolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSEnhancedClassicNetworkingMangementPolicy", + "AWSEntityResolutionConsoleFullAccess": "arn:aws-eusc:iam::aws:policy/AWSEntityResolutionConsoleFullAccess", + "AWSEntityResolutionConsoleReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSEntityResolutionConsoleReadOnlyAccess", + "AWSFaultInjectionSimulatorEC2Access": "arn:aws-eusc:iam::aws:policy/service-role/AWSFaultInjectionSimulatorEC2Access", + "AWSFaultInjectionSimulatorECSAccess": "arn:aws-eusc:iam::aws:policy/service-role/AWSFaultInjectionSimulatorECSAccess", + "AWSFaultInjectionSimulatorEKSAccess": "arn:aws-eusc:iam::aws:policy/service-role/AWSFaultInjectionSimulatorEKSAccess", + "AWSFaultInjectionSimulatorNetworkAccess": "arn:aws-eusc:iam::aws:policy/service-role/AWSFaultInjectionSimulatorNetworkAccess", + "AWSFaultInjectionSimulatorRDSAccess": "arn:aws-eusc:iam::aws:policy/service-role/AWSFaultInjectionSimulatorRDSAccess", + "AWSFaultInjectionSimulatorSSMAccess": "arn:aws-eusc:iam::aws:policy/service-role/AWSFaultInjectionSimulatorSSMAccess", + "AWSFinSpaceServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSFinSpaceServiceRolePolicy", + "AWSFMAdminFullAccess": "arn:aws-eusc:iam::aws:policy/AWSFMAdminFullAccess", + "AWSFMAdminReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSFMAdminReadOnlyAccess", + "AWSFMMemberReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSFMMemberReadOnlyAccess", + "AWSForWordPressPluginPolicy": "arn:aws-eusc:iam::aws:policy/AWSForWordPressPluginPolicy", + "AWSGitSyncServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSGitSyncServiceRolePolicy", + "AWSGlobalAcceleratorSLRPolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSGlobalAcceleratorSLRPolicy", + "AWSGlueConsoleFullAccess": "arn:aws-eusc:iam::aws:policy/AWSGlueConsoleFullAccess", + "AWSGlueConsoleSageMakerNotebookFullAccess": "arn:aws-eusc:iam::aws:policy/AWSGlueConsoleSageMakerNotebookFullAccess", + "AwsGlueDataBrewFullAccessPolicy": "arn:aws-eusc:iam::aws:policy/AwsGlueDataBrewFullAccessPolicy", + "AWSGlueDataBrewServiceRole": "arn:aws-eusc:iam::aws:policy/service-role/AWSGlueDataBrewServiceRole", + "AWSGlueSchemaRegistryFullAccess": "arn:aws-eusc:iam::aws:policy/AWSGlueSchemaRegistryFullAccess", + "AWSGlueSchemaRegistryReadonlyAccess": "arn:aws-eusc:iam::aws:policy/AWSGlueSchemaRegistryReadonlyAccess", + "AWSGlueServiceNotebookRole": "arn:aws-eusc:iam::aws:policy/service-role/AWSGlueServiceNotebookRole", + "AWSGlueServiceRole": "arn:aws-eusc:iam::aws:policy/service-role/AWSGlueServiceRole", + "AwsGlueSessionUserRestrictedNotebookPolicy": "arn:aws-eusc:iam::aws:policy/AwsGlueSessionUserRestrictedNotebookPolicy", + "AwsGlueSessionUserRestrictedNotebookServiceRole": "arn:aws-eusc:iam::aws:policy/service-role/AwsGlueSessionUserRestrictedNotebookServiceRole", + "AwsGlueSessionUserRestrictedPolicy": "arn:aws-eusc:iam::aws:policy/AwsGlueSessionUserRestrictedPolicy", + "AwsGlueSessionUserRestrictedServiceRole": "arn:aws-eusc:iam::aws:policy/service-role/AwsGlueSessionUserRestrictedServiceRole", + "AWSGrafanaAccountAdministrator": "arn:aws-eusc:iam::aws:policy/AWSGrafanaAccountAdministrator", + "AWSGrafanaConsoleReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSGrafanaConsoleReadOnlyAccess", + "AWSGrafanaWorkspacePermissionManagement": "arn:aws-eusc:iam::aws:policy/AWSGrafanaWorkspacePermissionManagement", + "AWSGrafanaWorkspacePermissionManagementV2": "arn:aws-eusc:iam::aws:policy/AWSGrafanaWorkspacePermissionManagementV2", + "AWSGreengrassFullAccess": "arn:aws-eusc:iam::aws:policy/AWSGreengrassFullAccess", + "AWSGreengrassReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSGreengrassReadOnlyAccess", + "AWSGreengrassResourceAccessRolePolicy": "arn:aws-eusc:iam::aws:policy/service-role/AWSGreengrassResourceAccessRolePolicy", + "AWSGroundStationAgentInstancePolicy": "arn:aws-eusc:iam::aws:policy/AWSGroundStationAgentInstancePolicy", + "AWSHealth_EventProcessorServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSHealth_EventProcessorServiceRolePolicy", + "AWSHealthFullAccess": "arn:aws-eusc:iam::aws:policy/AWSHealthFullAccess", + "AWSHealthImagingFullAccess": "arn:aws-eusc:iam::aws:policy/AWSHealthImagingFullAccess", + "AWSHealthImagingReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSHealthImagingReadOnlyAccess", + "AWSIAMIdentityCenterAllowListForIdentityContext": "arn:aws-eusc:iam::aws:policy/AWSIAMIdentityCenterAllowListForIdentityContext", + "AWSIdentitySyncFullAccess": "arn:aws-eusc:iam::aws:policy/AWSIdentitySyncFullAccess", + "AWSIdentitySyncReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSIdentitySyncReadOnlyAccess", + "AWSImageBuilderFullAccess": "arn:aws-eusc:iam::aws:policy/AWSImageBuilderFullAccess", + "AWSImageBuilderReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSImageBuilderReadOnlyAccess", + "AWSImportExportFullAccess": "arn:aws-eusc:iam::aws:policy/AWSImportExportFullAccess", + "AWSImportExportReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSImportExportReadOnlyAccess", + "AWSIncidentManagerIncidentAccessServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/AWSIncidentManagerIncidentAccessServiceRolePolicy", + "AWSIncidentManagerResolverAccess": "arn:aws-eusc:iam::aws:policy/AWSIncidentManagerResolverAccess", + "AWSIncidentManagerServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSIncidentManagerServiceRolePolicy", + "AWSIoT1ClickFullAccess": "arn:aws-eusc:iam::aws:policy/AWSIoT1ClickFullAccess", + "AWSIoT1ClickReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSIoT1ClickReadOnlyAccess", + "AWSIoTAnalyticsFullAccess": "arn:aws-eusc:iam::aws:policy/AWSIoTAnalyticsFullAccess", + "AWSIoTAnalyticsReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSIoTAnalyticsReadOnlyAccess", + "AWSIoTConfigAccess": "arn:aws-eusc:iam::aws:policy/AWSIoTConfigAccess", + "AWSIoTConfigReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSIoTConfigReadOnlyAccess", + "AWSIoTDataAccess": "arn:aws-eusc:iam::aws:policy/AWSIoTDataAccess", + "AWSIoTDeviceDefenderAddThingsToThingGroupMitigationAction": "arn:aws-eusc:iam::aws:policy/service-role/AWSIoTDeviceDefenderAddThingsToThingGroupMitigationAction", + "AWSIoTDeviceDefenderAudit": "arn:aws-eusc:iam::aws:policy/service-role/AWSIoTDeviceDefenderAudit", + "AWSIoTDeviceDefenderEnableIoTLoggingMitigationAction": "arn:aws-eusc:iam::aws:policy/service-role/AWSIoTDeviceDefenderEnableIoTLoggingMitigationAction", + "AWSIoTDeviceDefenderPublishFindingsToSNSMitigationAction": "arn:aws-eusc:iam::aws:policy/service-role/AWSIoTDeviceDefenderPublishFindingsToSNSMitigationAction", + "AWSIoTDeviceDefenderReplaceDefaultPolicyMitigationAction": "arn:aws-eusc:iam::aws:policy/service-role/AWSIoTDeviceDefenderReplaceDefaultPolicyMitigationAction", + "AWSIoTDeviceDefenderUpdateCACertMitigationAction": "arn:aws-eusc:iam::aws:policy/service-role/AWSIoTDeviceDefenderUpdateCACertMitigationAction", + "AWSIoTDeviceDefenderUpdateDeviceCertMitigationAction": "arn:aws-eusc:iam::aws:policy/service-role/AWSIoTDeviceDefenderUpdateDeviceCertMitigationAction", + "AWSIoTDeviceTesterForFreeRTOSFullAccess": "arn:aws-eusc:iam::aws:policy/AWSIoTDeviceTesterForFreeRTOSFullAccess", + "AWSIoTDeviceTesterForGreengrassFullAccess": "arn:aws-eusc:iam::aws:policy/AWSIoTDeviceTesterForGreengrassFullAccess", + "AWSIoTEventsFullAccess": "arn:aws-eusc:iam::aws:policy/AWSIoTEventsFullAccess", + "AWSIoTEventsReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSIoTEventsReadOnlyAccess", + "AWSIoTFleetHubFederationAccess": "arn:aws-eusc:iam::aws:policy/service-role/AWSIoTFleetHubFederationAccess", + "AWSIoTFleetwiseServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSIoTFleetwiseServiceRolePolicy", + "AWSIoTFullAccess": "arn:aws-eusc:iam::aws:policy/AWSIoTFullAccess", + "AWSIoTLogging": "arn:aws-eusc:iam::aws:policy/service-role/AWSIoTLogging", + "AWSIoTOTAUpdate": "arn:aws-eusc:iam::aws:policy/service-role/AWSIoTOTAUpdate", + "AWSIoTRuleActions": "arn:aws-eusc:iam::aws:policy/service-role/AWSIoTRuleActions", + "AWSIoTSiteWiseConsoleFullAccess": "arn:aws-eusc:iam::aws:policy/AWSIoTSiteWiseConsoleFullAccess", + "AWSIoTSiteWiseFullAccess": "arn:aws-eusc:iam::aws:policy/AWSIoTSiteWiseFullAccess", + "AWSIoTSiteWiseMonitorPortalAccess": "arn:aws-eusc:iam::aws:policy/service-role/AWSIoTSiteWiseMonitorPortalAccess", + "AWSIoTSiteWiseMonitorServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSIoTSiteWiseMonitorServiceRolePolicy", + "AWSIoTSiteWiseReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSIoTSiteWiseReadOnlyAccess", + "AWSIoTThingsRegistration": "arn:aws-eusc:iam::aws:policy/service-role/AWSIoTThingsRegistration", + "AWSIoTTwinMakerServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSIoTTwinMakerServiceRolePolicy", + "AWSIoTWirelessDataAccess": "arn:aws-eusc:iam::aws:policy/AWSIoTWirelessDataAccess", + "AWSIoTWirelessFullAccess": "arn:aws-eusc:iam::aws:policy/AWSIoTWirelessFullAccess", + "AWSIoTWirelessFullPublishAccess": "arn:aws-eusc:iam::aws:policy/AWSIoTWirelessFullPublishAccess", + "AWSIoTWirelessGatewayCertManager": "arn:aws-eusc:iam::aws:policy/AWSIoTWirelessGatewayCertManager", + "AWSIoTWirelessLogging": "arn:aws-eusc:iam::aws:policy/AWSIoTWirelessLogging", + "AWSIoTWirelessReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSIoTWirelessReadOnlyAccess", + "AWSIPAMServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSIPAMServiceRolePolicy", + "AWSIQContractServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSIQContractServiceRolePolicy", + "AWSIQFullAccess": "arn:aws-eusc:iam::aws:policy/AWSIQFullAccess", + "AWSIQPermissionServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSIQPermissionServiceRolePolicy", + "AWSKeyManagementServiceCustomKeyStoresServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSKeyManagementServiceCustomKeyStoresServiceRolePolicy", + "AWSKeyManagementServiceMultiRegionKeysServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSKeyManagementServiceMultiRegionKeysServiceRolePolicy", + "AWSKeyManagementServicePowerUser": "arn:aws-eusc:iam::aws:policy/AWSKeyManagementServicePowerUser", + "AWSLakeFormationCrossAccountManager": "arn:aws-eusc:iam::aws:policy/AWSLakeFormationCrossAccountManager", + "AWSLakeFormationDataAdmin": "arn:aws-eusc:iam::aws:policy/AWSLakeFormationDataAdmin", + "AWSLambdaBasicExecutionRole": "arn:aws-eusc:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", + "AWSLambdaDynamoDBExecutionRole": "arn:aws-eusc:iam::aws:policy/service-role/AWSLambdaDynamoDBExecutionRole", + "AWSLambdaENIManagementAccess": "arn:aws-eusc:iam::aws:policy/service-role/AWSLambdaENIManagementAccess", + "AWSLambdaExecute": "arn:aws-eusc:iam::aws:policy/AWSLambdaExecute", + "AWSLambda_FullAccess": "arn:aws-eusc:iam::aws:policy/AWSLambda_FullAccess", + "AWSLambdaInvocation-DynamoDB": "arn:aws-eusc:iam::aws:policy/AWSLambdaInvocation-DynamoDB", + "AWSLambdaKinesisExecutionRole": "arn:aws-eusc:iam::aws:policy/service-role/AWSLambdaKinesisExecutionRole", + "AWSLambdaMSKExecutionRole": "arn:aws-eusc:iam::aws:policy/service-role/AWSLambdaMSKExecutionRole", + "AWSLambda_ReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSLambda_ReadOnlyAccess", + "AWSLambdaReplicator": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSLambdaReplicator", + "AWSLambdaRole": "arn:aws-eusc:iam::aws:policy/service-role/AWSLambdaRole", + "AWSLambdaSQSQueueExecutionRole": "arn:aws-eusc:iam::aws:policy/service-role/AWSLambdaSQSQueueExecutionRole", + "AWSLambdaVPCAccessExecutionRole": "arn:aws-eusc:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole", + "AWSLicenseManagerConsumptionPolicy": "arn:aws-eusc:iam::aws:policy/service-role/AWSLicenseManagerConsumptionPolicy", + "AWSLicenseManagerLinuxSubscriptionsServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSLicenseManagerLinuxSubscriptionsServiceRolePolicy", + "AWSLicenseManagerMasterAccountRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSLicenseManagerMasterAccountRolePolicy", + "AWSLicenseManagerMemberAccountRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSLicenseManagerMemberAccountRolePolicy", + "AWSLicenseManagerServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSLicenseManagerServiceRolePolicy", + "AWSLicenseManagerUserSubscriptionsServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSLicenseManagerUserSubscriptionsServiceRolePolicy", + "AWSM2ServicePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSM2ServicePolicy", + "AWSManagedServices_ContactsServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSManagedServices_ContactsServiceRolePolicy", + "AWSManagedServicesDeploymentToolkitPolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSManagedServicesDeploymentToolkitPolicy", + "AWSManagedServices_DetectiveControlsConfig_ServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSManagedServices_DetectiveControlsConfig_ServiceRolePolicy", + "AWSManagedServices_EventsServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSManagedServices_EventsServiceRolePolicy", + "AWSMarketplaceAmiIngestion": "arn:aws-eusc:iam::aws:policy/AWSMarketplaceAmiIngestion", + "AWSMarketplaceDeploymentServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSMarketplaceDeploymentServiceRolePolicy", + "AWSMarketplaceFullAccess": "arn:aws-eusc:iam::aws:policy/AWSMarketplaceFullAccess", + "AWSMarketplaceGetEntitlements": "arn:aws-eusc:iam::aws:policy/AWSMarketplaceGetEntitlements", + "AWSMarketplaceLicenseManagementServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSMarketplaceLicenseManagementServiceRolePolicy", + "AWSMarketplaceManageSubscriptions": "arn:aws-eusc:iam::aws:policy/AWSMarketplaceManageSubscriptions", + "AWSMarketplaceMeteringFullAccess": "arn:aws-eusc:iam::aws:policy/AWSMarketplaceMeteringFullAccess", + "AWSMarketplaceMeteringRegisterUsage": "arn:aws-eusc:iam::aws:policy/AWSMarketplaceMeteringRegisterUsage", + "AWSMarketplaceProcurementSystemAdminFullAccess": "arn:aws-eusc:iam::aws:policy/AWSMarketplaceProcurementSystemAdminFullAccess", + "AWSMarketplacePurchaseOrdersServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSMarketplacePurchaseOrdersServiceRolePolicy", + "AWSMarketplaceRead-only": "arn:aws-eusc:iam::aws:policy/AWSMarketplaceRead-only", + "AWSMarketplaceResaleAuthorizationServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSMarketplaceResaleAuthorizationServiceRolePolicy", + "AWSMarketplaceSellerFullAccess": "arn:aws-eusc:iam::aws:policy/AWSMarketplaceSellerFullAccess", + "AWSMarketplaceSellerProductsFullAccess": "arn:aws-eusc:iam::aws:policy/AWSMarketplaceSellerProductsFullAccess", + "AWSMarketplaceSellerProductsReadOnly": "arn:aws-eusc:iam::aws:policy/AWSMarketplaceSellerProductsReadOnly", + "AWSMediaConnectServicePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSMediaConnectServicePolicy", + "AWSMediaTailorServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSMediaTailorServiceRolePolicy", + "AWSMigrationHubDiscoveryAccess": "arn:aws-eusc:iam::aws:policy/service-role/AWSMigrationHubDiscoveryAccess", + "AWSMigrationHubDMSAccess": "arn:aws-eusc:iam::aws:policy/service-role/AWSMigrationHubDMSAccess", + "AWSMigrationHubFullAccess": "arn:aws-eusc:iam::aws:policy/AWSMigrationHubFullAccess", + "AWSMigrationHubOrchestratorConsoleFullAccess": "arn:aws-eusc:iam::aws:policy/AWSMigrationHubOrchestratorConsoleFullAccess", + "AWSMigrationHubOrchestratorInstanceRolePolicy": "arn:aws-eusc:iam::aws:policy/AWSMigrationHubOrchestratorInstanceRolePolicy", + "AWSMigrationHubOrchestratorPlugin": "arn:aws-eusc:iam::aws:policy/AWSMigrationHubOrchestratorPlugin", + "AWSMigrationHubOrchestratorServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSMigrationHubOrchestratorServiceRolePolicy", + "AWSMigrationHubRefactorSpaces-EnvironmentsWithoutBridgesFullAccess": "arn:aws-eusc:iam::aws:policy/AWSMigrationHubRefactorSpaces-EnvironmentsWithoutBridgesFullAccess", + "AWSMigrationHubRefactorSpacesFullAccess": "arn:aws-eusc:iam::aws:policy/AWSMigrationHubRefactorSpacesFullAccess", + "AWSMigrationHubRefactorSpacesServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSMigrationHubRefactorSpacesServiceRolePolicy", + "AWSMigrationHubRefactorSpaces-SSMAutomationPolicy": "arn:aws-eusc:iam::aws:policy/service-role/AWSMigrationHubRefactorSpaces-SSMAutomationPolicy", + "AWSMigrationHubSMSAccess": "arn:aws-eusc:iam::aws:policy/service-role/AWSMigrationHubSMSAccess", + "AWSMigrationHubStrategyCollector": "arn:aws-eusc:iam::aws:policy/AWSMigrationHubStrategyCollector", + "AWSMigrationHubStrategyConsoleFullAccess": "arn:aws-eusc:iam::aws:policy/AWSMigrationHubStrategyConsoleFullAccess", + "AWSMigrationHubStrategyServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSMigrationHubStrategyServiceRolePolicy", + "AWSMSKReplicatorExecutionRole": "arn:aws-eusc:iam::aws:policy/service-role/AWSMSKReplicatorExecutionRole", + "AWSNetworkFirewallServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSNetworkFirewallServiceRolePolicy", + "AWSNetworkManagerCloudWANServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSNetworkManagerCloudWANServiceRolePolicy", + "AWSNetworkManagerFullAccess": "arn:aws-eusc:iam::aws:policy/AWSNetworkManagerFullAccess", + "AWSNetworkManagerReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSNetworkManagerReadOnlyAccess", + "AWSNetworkManagerServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSNetworkManagerServiceRolePolicy", + "AWSOpsWorksCloudWatchLogs": "arn:aws-eusc:iam::aws:policy/AWSOpsWorksCloudWatchLogs", + "AWSOpsWorksCMInstanceProfileRole": "arn:aws-eusc:iam::aws:policy/AWSOpsWorksCMInstanceProfileRole", + "AWSOpsWorksCMServiceRole": "arn:aws-eusc:iam::aws:policy/service-role/AWSOpsWorksCMServiceRole", + "AWSOpsWorks_FullAccess": "arn:aws-eusc:iam::aws:policy/AWSOpsWorks_FullAccess", + "AWSOpsWorksInstanceRegistration": "arn:aws-eusc:iam::aws:policy/AWSOpsWorksInstanceRegistration", + "AWSOpsWorksRegisterCLI_EC2": "arn:aws-eusc:iam::aws:policy/AWSOpsWorksRegisterCLI_EC2", + "AWSOpsWorksRegisterCLI_OnPremises": "arn:aws-eusc:iam::aws:policy/AWSOpsWorksRegisterCLI_OnPremises", + "AWSOrganizationsFullAccess": "arn:aws-eusc:iam::aws:policy/AWSOrganizationsFullAccess", + "AWSOrganizationsReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSOrganizationsReadOnlyAccess", + "AWSOrganizationsServiceTrustPolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSOrganizationsServiceTrustPolicy", + "AWSOutpostsAuthorizeServerPolicy": "arn:aws-eusc:iam::aws:policy/AWSOutpostsAuthorizeServerPolicy", + "AWSOutpostsServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSOutpostsServiceRolePolicy", + "AWSPanoramaApplianceRolePolicy": "arn:aws-eusc:iam::aws:policy/service-role/AWSPanoramaApplianceRolePolicy", + "AWSPanoramaApplianceServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/service-role/AWSPanoramaApplianceServiceRolePolicy", + "AWSPanoramaFullAccess": "arn:aws-eusc:iam::aws:policy/AWSPanoramaFullAccess", + "AWSPanoramaGreengrassGroupRolePolicy": "arn:aws-eusc:iam::aws:policy/service-role/AWSPanoramaGreengrassGroupRolePolicy", + "AWSPanoramaSageMakerRolePolicy": "arn:aws-eusc:iam::aws:policy/service-role/AWSPanoramaSageMakerRolePolicy", + "AWSPanoramaServiceLinkedRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSPanoramaServiceLinkedRolePolicy", + "AWSPanoramaServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/service-role/AWSPanoramaServiceRolePolicy", + "AWSPriceListServiceFullAccess": "arn:aws-eusc:iam::aws:policy/AWSPriceListServiceFullAccess", + "AWSPrivateCAAuditor": "arn:aws-eusc:iam::aws:policy/AWSPrivateCAAuditor", + "AWSPrivateCAConnectorForKubernetesPolicy": "arn:aws-eusc:iam::aws:policy/AWSPrivateCAConnectorForKubernetesPolicy", + "AWSPrivateCAFullAccess": "arn:aws-eusc:iam::aws:policy/AWSPrivateCAFullAccess", + "AWSPrivateCAPrivilegedUser": "arn:aws-eusc:iam::aws:policy/AWSPrivateCAPrivilegedUser", + "AWSPrivateCAReadOnly": "arn:aws-eusc:iam::aws:policy/AWSPrivateCAReadOnly", + "AWSPrivateCAUser": "arn:aws-eusc:iam::aws:policy/AWSPrivateCAUser", + "AWSPrivateMarketplaceAdminFullAccess": "arn:aws-eusc:iam::aws:policy/AWSPrivateMarketplaceAdminFullAccess", + "AWSPrivateMarketplaceRequests": "arn:aws-eusc:iam::aws:policy/AWSPrivateMarketplaceRequests", + "AWSPrivateNetworksServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSPrivateNetworksServiceRolePolicy", + "AWSProtonCodeBuildProvisioningBasicAccess": "arn:aws-eusc:iam::aws:policy/AWSProtonCodeBuildProvisioningBasicAccess", + "AWSProtonCodeBuildProvisioningServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSProtonCodeBuildProvisioningServiceRolePolicy", + "AWSProtonDeveloperAccess": "arn:aws-eusc:iam::aws:policy/AWSProtonDeveloperAccess", + "AWSProtonFullAccess": "arn:aws-eusc:iam::aws:policy/AWSProtonFullAccess", + "AWSProtonReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSProtonReadOnlyAccess", + "AWSProtonServiceGitSyncServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSProtonServiceGitSyncServiceRolePolicy", + "AWSProtonSyncServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSProtonSyncServiceRolePolicy", + "AWSPurchaseOrdersServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/AWSPurchaseOrdersServiceRolePolicy", + "AWSQuickSightAssetBundleExportPolicy": "arn:aws-eusc:iam::aws:policy/AWSQuickSightAssetBundleExportPolicy", + "AWSQuickSightAssetBundleImportPolicy": "arn:aws-eusc:iam::aws:policy/AWSQuickSightAssetBundleImportPolicy", + "AWSQuicksightAthenaAccess": "arn:aws-eusc:iam::aws:policy/service-role/AWSQuicksightAthenaAccess", + "AWSQuickSightDescribeRDS": "arn:aws-eusc:iam::aws:policy/service-role/AWSQuickSightDescribeRDS", + "AWSQuickSightDescribeRedshift": "arn:aws-eusc:iam::aws:policy/service-role/AWSQuickSightDescribeRedshift", + "AWSQuickSightElasticsearchPolicy": "arn:aws-eusc:iam::aws:policy/service-role/AWSQuickSightElasticsearchPolicy", + "AWSQuickSightIoTAnalyticsAccess": "arn:aws-eusc:iam::aws:policy/AWSQuickSightIoTAnalyticsAccess", + "AWSQuickSightListIAM": "arn:aws-eusc:iam::aws:policy/service-role/AWSQuickSightListIAM", + "AWSQuicksightOpenSearchPolicy": "arn:aws-eusc:iam::aws:policy/service-role/AWSQuicksightOpenSearchPolicy", + "AWSQuickSightSageMakerPolicy": "arn:aws-eusc:iam::aws:policy/service-role/AWSQuickSightSageMakerPolicy", + "AWSQuickSightTimestreamPolicy": "arn:aws-eusc:iam::aws:policy/service-role/AWSQuickSightTimestreamPolicy", + "AWSReachabilityAnalyzerServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSReachabilityAnalyzerServiceRolePolicy", + "AWSRefactoringToolkitFullAccess": "arn:aws-eusc:iam::aws:policy/AWSRefactoringToolkitFullAccess", + "AWSRefactoringToolkitSidecarPolicy": "arn:aws-eusc:iam::aws:policy/AWSRefactoringToolkitSidecarPolicy", + "AWSrePostPrivateCloudWatchAccess": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSrePostPrivateCloudWatchAccess", + "AWSRepostSpaceSupportOperationsPolicy": "arn:aws-eusc:iam::aws:policy/AWSRepostSpaceSupportOperationsPolicy", + "AWSResilienceHubAsssessmentExecutionPolicy": "arn:aws-eusc:iam::aws:policy/AWSResilienceHubAsssessmentExecutionPolicy", + "AWSResourceAccessManagerFullAccess": "arn:aws-eusc:iam::aws:policy/AWSResourceAccessManagerFullAccess", + "AWSResourceAccessManagerReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSResourceAccessManagerReadOnlyAccess", + "AWSResourceAccessManagerResourceShareParticipantAccess": "arn:aws-eusc:iam::aws:policy/AWSResourceAccessManagerResourceShareParticipantAccess", + "AWSResourceAccessManagerServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSResourceAccessManagerServiceRolePolicy", + "AWSResourceExplorerFullAccess": "arn:aws-eusc:iam::aws:policy/AWSResourceExplorerFullAccess", + "AWSResourceExplorerOrganizationsAccess": "arn:aws-eusc:iam::aws:policy/AWSResourceExplorerOrganizationsAccess", + "AWSResourceExplorerReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSResourceExplorerReadOnlyAccess", + "AWSResourceExplorerServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSResourceExplorerServiceRolePolicy", + "AWSResourceGroupsReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSResourceGroupsReadOnlyAccess", + "AWSRoboMaker_FullAccess": "arn:aws-eusc:iam::aws:policy/AWSRoboMaker_FullAccess", + "AWSRoboMakerReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSRoboMakerReadOnlyAccess", + "AWSRoboMakerServicePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSRoboMakerServicePolicy", + "AWSRoboMakerServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/AWSRoboMakerServiceRolePolicy", + "AWSRolesAnywhereServicePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSRolesAnywhereServicePolicy", + "AWSS3OnOutpostsServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSS3OnOutpostsServiceRolePolicy", + "AWSSavingsPlansFullAccess": "arn:aws-eusc:iam::aws:policy/AWSSavingsPlansFullAccess", + "AWSSavingsPlansReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSSavingsPlansReadOnlyAccess", + "AWSSecurityHubFullAccess": "arn:aws-eusc:iam::aws:policy/AWSSecurityHubFullAccess", + "AWSSecurityHubOrganizationsAccess": "arn:aws-eusc:iam::aws:policy/AWSSecurityHubOrganizationsAccess", + "AWSSecurityHubReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSSecurityHubReadOnlyAccess", + "AWSSecurityHubServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSSecurityHubServiceRolePolicy", + "AWSServiceCatalogAdminFullAccess": "arn:aws-eusc:iam::aws:policy/AWSServiceCatalogAdminFullAccess", + "AWSServiceCatalogAdminReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSServiceCatalogAdminReadOnlyAccess", + "AWSServiceCatalogAppRegistryFullAccess": "arn:aws-eusc:iam::aws:policy/AWSServiceCatalogAppRegistryFullAccess", + "AWSServiceCatalogAppRegistryReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSServiceCatalogAppRegistryReadOnlyAccess", + "AWSServiceCatalogAppRegistryServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSServiceCatalogAppRegistryServiceRolePolicy", + "AWSServiceCatalogEndUserFullAccess": "arn:aws-eusc:iam::aws:policy/AWSServiceCatalogEndUserFullAccess", + "AWSServiceCatalogEndUserReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSServiceCatalogEndUserReadOnlyAccess", + "AWSServiceCatalogOrgsDataSyncServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSServiceCatalogOrgsDataSyncServiceRolePolicy", + "AWSServiceCatalogSyncServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSServiceCatalogSyncServiceRolePolicy", + "AWSServiceRoleForAmazonEKSNodegroup": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSServiceRoleForAmazonEKSNodegroup", + "AWSServiceRoleForAmazonQDeveloper": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSServiceRoleForAmazonQDeveloper", + "AWSServiceRoleForCloudWatchAlarmsActionSSMServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSServiceRoleForCloudWatchAlarmsActionSSMServiceRolePolicy", + "AWSServiceRoleForCloudWatchMetrics_DbPerfInsightsServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSServiceRoleForCloudWatchMetrics_DbPerfInsightsServiceRolePolicy", + "AWSServiceRoleForCodeGuru-Profiler": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSServiceRoleForCodeGuru-Profiler", + "AWSServiceRoleForCodeWhispererPolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSServiceRoleForCodeWhispererPolicy", + "AWSServiceRoleForEC2ScheduledInstances": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSServiceRoleForEC2ScheduledInstances", + "AWSServiceRoleForGroundStationDataflowEndpointGroupPolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSServiceRoleForGroundStationDataflowEndpointGroupPolicy", + "AWSServiceRoleForImageBuilder": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSServiceRoleForImageBuilder", + "AWSServiceRoleForIoTSiteWise": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSServiceRoleForIoTSiteWise", + "AWSServiceRoleForLogDeliveryPolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSServiceRoleForLogDeliveryPolicy", + "AWSServiceRoleForMonitronPolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSServiceRoleForMonitronPolicy", + "AWSServiceRoleForNeptuneGraphPolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSServiceRoleForNeptuneGraphPolicy", + "AWSServiceRoleForPrivateMarketplaceAdminPolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSServiceRoleForPrivateMarketplaceAdminPolicy", + "AWSServiceRoleForSMS": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSServiceRoleForSMS", + "AWSServiceRoleForUserSubscriptions": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSServiceRoleForUserSubscriptions", + "AWSServiceRolePolicyForBackupReports": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSServiceRolePolicyForBackupReports", + "AWSServiceRolePolicyForBackupRestoreTesting": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSServiceRolePolicyForBackupRestoreTesting", + "AWSShieldDRTAccessPolicy": "arn:aws-eusc:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy", + "AWSShieldServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSShieldServiceRolePolicy", + "AWSSSMForSAPServiceLinkedRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSSSMForSAPServiceLinkedRolePolicy", + "AWSSSMOpsInsightsServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSSSMOpsInsightsServiceRolePolicy", + "AWSSSODirectoryAdministrator": "arn:aws-eusc:iam::aws:policy/AWSSSODirectoryAdministrator", + "AWSSSODirectoryReadOnly": "arn:aws-eusc:iam::aws:policy/AWSSSODirectoryReadOnly", + "AWSSSOMasterAccountAdministrator": "arn:aws-eusc:iam::aws:policy/AWSSSOMasterAccountAdministrator", + "AWSSSOMemberAccountAdministrator": "arn:aws-eusc:iam::aws:policy/AWSSSOMemberAccountAdministrator", + "AWSSSOReadOnly": "arn:aws-eusc:iam::aws:policy/AWSSSOReadOnly", + "AWSSSOServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSSSOServiceRolePolicy", + "AWSStepFunctionsConsoleFullAccess": "arn:aws-eusc:iam::aws:policy/AWSStepFunctionsConsoleFullAccess", + "AWSStepFunctionsFullAccess": "arn:aws-eusc:iam::aws:policy/AWSStepFunctionsFullAccess", + "AWSStepFunctionsReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSStepFunctionsReadOnlyAccess", + "AWSStorageGatewayFullAccess": "arn:aws-eusc:iam::aws:policy/AWSStorageGatewayFullAccess", + "AWSStorageGatewayReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSStorageGatewayReadOnlyAccess", + "AWSStorageGatewayServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSStorageGatewayServiceRolePolicy", + "AWSSupplyChainFederationAdminAccess": "arn:aws-eusc:iam::aws:policy/service-role/AWSSupplyChainFederationAdminAccess", + "AWSSupportAccess": "arn:aws-eusc:iam::aws:policy/AWSSupportAccess", + "AWSSupportAppFullAccess": "arn:aws-eusc:iam::aws:policy/AWSSupportAppFullAccess", + "AWSSupportAppReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSSupportAppReadOnlyAccess", + "AWSSupportPlansFullAccess": "arn:aws-eusc:iam::aws:policy/AWSSupportPlansFullAccess", + "AWSSupportPlansReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSSupportPlansReadOnlyAccess", + "AWSSupportServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSSupportServiceRolePolicy", + "AWSSystemsManagerAccountDiscoveryServicePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSSystemsManagerAccountDiscoveryServicePolicy", + "AWSSystemsManagerChangeManagementServicePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSSystemsManagerChangeManagementServicePolicy", + "AWSSystemsManagerForSAPFullAccess": "arn:aws-eusc:iam::aws:policy/AWSSystemsManagerForSAPFullAccess", + "AWSSystemsManagerForSAPReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSSystemsManagerForSAPReadOnlyAccess", + "AWSSystemsManagerOpsDataSyncServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSSystemsManagerOpsDataSyncServiceRolePolicy", + "AWSThinkboxAssetServerPolicy": "arn:aws-eusc:iam::aws:policy/AWSThinkboxAssetServerPolicy", + "AWSThinkboxAWSPortalAdminPolicy": "arn:aws-eusc:iam::aws:policy/AWSThinkboxAWSPortalAdminPolicy", + "AWSThinkboxAWSPortalGatewayPolicy": "arn:aws-eusc:iam::aws:policy/AWSThinkboxAWSPortalGatewayPolicy", + "AWSThinkboxAWSPortalWorkerPolicy": "arn:aws-eusc:iam::aws:policy/AWSThinkboxAWSPortalWorkerPolicy", + "AWSThinkboxDeadlineResourceTrackerAccessPolicy": "arn:aws-eusc:iam::aws:policy/AWSThinkboxDeadlineResourceTrackerAccessPolicy", + "AWSThinkboxDeadlineResourceTrackerAdminPolicy": "arn:aws-eusc:iam::aws:policy/AWSThinkboxDeadlineResourceTrackerAdminPolicy", + "AWSThinkboxDeadlineSpotEventPluginAdminPolicy": "arn:aws-eusc:iam::aws:policy/AWSThinkboxDeadlineSpotEventPluginAdminPolicy", + "AWSThinkboxDeadlineSpotEventPluginWorkerPolicy": "arn:aws-eusc:iam::aws:policy/AWSThinkboxDeadlineSpotEventPluginWorkerPolicy", + "AWSTransferConsoleFullAccess": "arn:aws-eusc:iam::aws:policy/AWSTransferConsoleFullAccess", + "AWSTransferFullAccess": "arn:aws-eusc:iam::aws:policy/AWSTransferFullAccess", + "AWSTransferLoggingAccess": "arn:aws-eusc:iam::aws:policy/service-role/AWSTransferLoggingAccess", + "AWSTransferReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSTransferReadOnlyAccess", + "AWSTrustedAdvisorPriorityFullAccess": "arn:aws-eusc:iam::aws:policy/AWSTrustedAdvisorPriorityFullAccess", + "AWSTrustedAdvisorPriorityReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSTrustedAdvisorPriorityReadOnlyAccess", + "AWSTrustedAdvisorReportingServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSTrustedAdvisorReportingServiceRolePolicy", + "AWSTrustedAdvisorServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSTrustedAdvisorServiceRolePolicy", + "AWSUserNotificationsServiceLinkedRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSUserNotificationsServiceLinkedRolePolicy", + "AWSVendorInsightsAssessorFullAccess": "arn:aws-eusc:iam::aws:policy/AWSVendorInsightsAssessorFullAccess", + "AWSVendorInsightsAssessorReadOnly": "arn:aws-eusc:iam::aws:policy/AWSVendorInsightsAssessorReadOnly", + "AWSVendorInsightsVendorFullAccess": "arn:aws-eusc:iam::aws:policy/AWSVendorInsightsVendorFullAccess", + "AWSVendorInsightsVendorReadOnly": "arn:aws-eusc:iam::aws:policy/AWSVendorInsightsVendorReadOnly", + "AWSVpcLatticeServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSVpcLatticeServiceRolePolicy", + "AWSVPCS2SVpnServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSVPCS2SVpnServiceRolePolicy", + "AWSVPCTransitGatewayServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSVPCTransitGatewayServiceRolePolicy", + "AWSVPCVerifiedAccessServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSVPCVerifiedAccessServiceRolePolicy", + "AWSWAFConsoleFullAccess": "arn:aws-eusc:iam::aws:policy/AWSWAFConsoleFullAccess", + "AWSWAFConsoleReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSWAFConsoleReadOnlyAccess", + "AWSWAFFullAccess": "arn:aws-eusc:iam::aws:policy/AWSWAFFullAccess", + "AWSWAFReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSWAFReadOnlyAccess", + "AWSWellArchitectedDiscoveryServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSWellArchitectedDiscoveryServiceRolePolicy", + "AWSWellArchitectedOrganizationsServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSWellArchitectedOrganizationsServiceRolePolicy", + "AWSWickrFullAccess": "arn:aws-eusc:iam::aws:policy/AWSWickrFullAccess", + "AWSXrayCrossAccountSharingConfiguration": "arn:aws-eusc:iam::aws:policy/AWSXrayCrossAccountSharingConfiguration", + "AWSXRayDaemonWriteAccess": "arn:aws-eusc:iam::aws:policy/AWSXRayDaemonWriteAccess", + "AWSXrayFullAccess": "arn:aws-eusc:iam::aws:policy/AWSXrayFullAccess", + "AWSXrayReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSXrayReadOnlyAccess", + "AWSXrayWriteOnlyAccess": "arn:aws-eusc:iam::aws:policy/AWSXrayWriteOnlyAccess", + "AWSZonalAutoshiftPracticeRunSLRPolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/AWSZonalAutoshiftPracticeRunSLRPolicy", + "BatchServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/BatchServiceRolePolicy", + "Billing": "arn:aws-eusc:iam::aws:policy/job-function/Billing", + "CertificateManagerServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/CertificateManagerServiceRolePolicy", + "ClientVPNServiceConnectionsRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/ClientVPNServiceConnectionsRolePolicy", + "ClientVPNServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/ClientVPNServiceRolePolicy", + "CloudFormationStackSetsOrgAdminServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/CloudFormationStackSetsOrgAdminServiceRolePolicy", + "CloudFormationStackSetsOrgMemberServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/CloudFormationStackSetsOrgMemberServiceRolePolicy", + "CloudFrontFullAccess": "arn:aws-eusc:iam::aws:policy/CloudFrontFullAccess", + "CloudFrontReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/CloudFrontReadOnlyAccess", + "CloudHSMServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/CloudHSMServiceRolePolicy", + "CloudSearchFullAccess": "arn:aws-eusc:iam::aws:policy/CloudSearchFullAccess", + "CloudSearchReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/CloudSearchReadOnlyAccess", + "CloudTrailServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/CloudTrailServiceRolePolicy", + "CloudWatchActionsEC2Access": "arn:aws-eusc:iam::aws:policy/CloudWatchActionsEC2Access", + "CloudWatchAgentAdminPolicy": "arn:aws-eusc:iam::aws:policy/CloudWatchAgentAdminPolicy", + "CloudWatchAgentServerPolicy": "arn:aws-eusc:iam::aws:policy/CloudWatchAgentServerPolicy", + "CloudWatchApplicationInsightsFullAccess": "arn:aws-eusc:iam::aws:policy/CloudWatchApplicationInsightsFullAccess", + "CloudWatchApplicationInsightsReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/CloudWatchApplicationInsightsReadOnlyAccess", + "CloudwatchApplicationInsightsServiceLinkedRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/CloudwatchApplicationInsightsServiceLinkedRolePolicy", + "CloudWatchApplicationSignalsServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/CloudWatchApplicationSignalsServiceRolePolicy", + "CloudWatchAutomaticDashboardsAccess": "arn:aws-eusc:iam::aws:policy/CloudWatchAutomaticDashboardsAccess", + "CloudWatch-CrossAccountAccess": "arn:aws-eusc:iam::aws:policy/aws-service-role/CloudWatch-CrossAccountAccess", + "CloudWatchCrossAccountSharingConfiguration": "arn:aws-eusc:iam::aws:policy/CloudWatchCrossAccountSharingConfiguration", + "CloudWatchEventsBuiltInTargetExecutionAccess": "arn:aws-eusc:iam::aws:policy/service-role/CloudWatchEventsBuiltInTargetExecutionAccess", + "CloudWatchEventsFullAccess": "arn:aws-eusc:iam::aws:policy/CloudWatchEventsFullAccess", + "CloudWatchEventsInvocationAccess": "arn:aws-eusc:iam::aws:policy/service-role/CloudWatchEventsInvocationAccess", + "CloudWatchEventsReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/CloudWatchEventsReadOnlyAccess", + "CloudWatchEventsServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/CloudWatchEventsServiceRolePolicy", + "CloudWatchFullAccess": "arn:aws-eusc:iam::aws:policy/CloudWatchFullAccess", + "CloudWatchFullAccessV2": "arn:aws-eusc:iam::aws:policy/CloudWatchFullAccessV2", + "CloudWatchInternetMonitorServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/CloudWatchInternetMonitorServiceRolePolicy", + "CloudWatchLambdaInsightsExecutionRolePolicy": "arn:aws-eusc:iam::aws:policy/CloudWatchLambdaInsightsExecutionRolePolicy", + "CloudWatchLogsCrossAccountSharingConfiguration": "arn:aws-eusc:iam::aws:policy/CloudWatchLogsCrossAccountSharingConfiguration", + "CloudWatchLogsFullAccess": "arn:aws-eusc:iam::aws:policy/CloudWatchLogsFullAccess", + "CloudWatchLogsReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/CloudWatchLogsReadOnlyAccess", + "CloudWatchNetworkMonitorServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/CloudWatchNetworkMonitorServiceRolePolicy", + "CloudWatchReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/CloudWatchReadOnlyAccess", + "CloudWatchSyntheticsFullAccess": "arn:aws-eusc:iam::aws:policy/CloudWatchSyntheticsFullAccess", + "CloudWatchSyntheticsReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/CloudWatchSyntheticsReadOnlyAccess", + "ComprehendDataAccessRolePolicy": "arn:aws-eusc:iam::aws:policy/service-role/ComprehendDataAccessRolePolicy", + "ComprehendFullAccess": "arn:aws-eusc:iam::aws:policy/ComprehendFullAccess", + "ComprehendMedicalFullAccess": "arn:aws-eusc:iam::aws:policy/ComprehendMedicalFullAccess", + "ComprehendReadOnly": "arn:aws-eusc:iam::aws:policy/ComprehendReadOnly", + "ComputeOptimizerReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/ComputeOptimizerReadOnlyAccess", + "ComputeOptimizerServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/ComputeOptimizerServiceRolePolicy", + "ConfigConformsServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/ConfigConformsServiceRolePolicy", + "CostOptimizationHubAdminAccess": "arn:aws-eusc:iam::aws:policy/CostOptimizationHubAdminAccess", + "CostOptimizationHubReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/CostOptimizationHubReadOnlyAccess", + "CostOptimizationHubServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/CostOptimizationHubServiceRolePolicy", + "CustomerProfilesServiceLinkedRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/CustomerProfilesServiceLinkedRolePolicy", + "DatabaseAdministrator": "arn:aws-eusc:iam::aws:policy/job-function/DatabaseAdministrator", + "DataScientist": "arn:aws-eusc:iam::aws:policy/job-function/DataScientist", + "DAXServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/DAXServiceRolePolicy", + "DynamoDBCloudWatchContributorInsightsServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/DynamoDBCloudWatchContributorInsightsServiceRolePolicy", + "DynamoDBKinesisReplicationServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/DynamoDBKinesisReplicationServiceRolePolicy", + "DynamoDBReplicationServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/DynamoDBReplicationServiceRolePolicy", + "EC2FastLaunchFullAccess": "arn:aws-eusc:iam::aws:policy/EC2FastLaunchFullAccess", + "EC2FastLaunchServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/EC2FastLaunchServiceRolePolicy", + "EC2FleetTimeShiftableServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/EC2FleetTimeShiftableServiceRolePolicy", + "Ec2ImageBuilderCrossAccountDistributionAccess": "arn:aws-eusc:iam::aws:policy/Ec2ImageBuilderCrossAccountDistributionAccess", + "EC2ImageBuilderLifecycleExecutionPolicy": "arn:aws-eusc:iam::aws:policy/service-role/EC2ImageBuilderLifecycleExecutionPolicy", + "EC2InstanceConnect": "arn:aws-eusc:iam::aws:policy/EC2InstanceConnect", + "Ec2InstanceConnectEndpoint": "arn:aws-eusc:iam::aws:policy/aws-service-role/Ec2InstanceConnectEndpoint", + "EC2InstanceProfileForImageBuilder": "arn:aws-eusc:iam::aws:policy/EC2InstanceProfileForImageBuilder", + "EC2InstanceProfileForImageBuilderECRContainerBuilds": "arn:aws-eusc:iam::aws:policy/EC2InstanceProfileForImageBuilderECRContainerBuilds", + "ECRReplicationServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/ECRReplicationServiceRolePolicy", + "ElastiCacheServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/ElastiCacheServiceRolePolicy", + "ElasticLoadBalancingFullAccess": "arn:aws-eusc:iam::aws:policy/ElasticLoadBalancingFullAccess", + "ElasticLoadBalancingReadOnly": "arn:aws-eusc:iam::aws:policy/ElasticLoadBalancingReadOnly", + "ElementalActivationsDownloadSoftwareAccess": "arn:aws-eusc:iam::aws:policy/ElementalActivationsDownloadSoftwareAccess", + "ElementalActivationsFullAccess": "arn:aws-eusc:iam::aws:policy/ElementalActivationsFullAccess", + "ElementalActivationsGenerateLicenses": "arn:aws-eusc:iam::aws:policy/ElementalActivationsGenerateLicenses", + "ElementalActivationsReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/ElementalActivationsReadOnlyAccess", + "ElementalAppliancesSoftwareFullAccess": "arn:aws-eusc:iam::aws:policy/ElementalAppliancesSoftwareFullAccess", + "ElementalAppliancesSoftwareReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/ElementalAppliancesSoftwareReadOnlyAccess", + "ElementalSupportCenterFullAccess": "arn:aws-eusc:iam::aws:policy/ElementalSupportCenterFullAccess", + "EMRDescribeClusterPolicyForEMRWAL": "arn:aws-eusc:iam::aws:policy/aws-service-role/EMRDescribeClusterPolicyForEMRWAL", + "FMSServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/FMSServiceRolePolicy", + "FSxDeleteServiceLinkedRoleAccess": "arn:aws-eusc:iam::aws:policy/aws-service-role/FSxDeleteServiceLinkedRoleAccess", + "GameLiftGameServerGroupPolicy": "arn:aws-eusc:iam::aws:policy/GameLiftGameServerGroupPolicy", + "GlobalAcceleratorFullAccess": "arn:aws-eusc:iam::aws:policy/GlobalAcceleratorFullAccess", + "GlobalAcceleratorReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/GlobalAcceleratorReadOnlyAccess", + "GreengrassOTAUpdateArtifactAccess": "arn:aws-eusc:iam::aws:policy/service-role/GreengrassOTAUpdateArtifactAccess", + "GroundTruthSyntheticConsoleFullAccess": "arn:aws-eusc:iam::aws:policy/GroundTruthSyntheticConsoleFullAccess", + "GroundTruthSyntheticConsoleReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/GroundTruthSyntheticConsoleReadOnlyAccess", + "Health_OrganizationsServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/Health_OrganizationsServiceRolePolicy", + "HydraTestPlatformInternalServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/HydraTestPlatformInternalServiceRolePolicy", + "IAMAccessAdvisorReadOnly": "arn:aws-eusc:iam::aws:policy/IAMAccessAdvisorReadOnly", + "IAMAccessAnalyzerFullAccess": "arn:aws-eusc:iam::aws:policy/IAMAccessAnalyzerFullAccess", + "IAMAccessAnalyzerReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/IAMAccessAnalyzerReadOnlyAccess", + "IAMFullAccess": "arn:aws-eusc:iam::aws:policy/IAMFullAccess", + "IAMReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/IAMReadOnlyAccess", + "IAMSelfManageServiceSpecificCredentials": "arn:aws-eusc:iam::aws:policy/IAMSelfManageServiceSpecificCredentials", + "IAMUserChangePassword": "arn:aws-eusc:iam::aws:policy/IAMUserChangePassword", + "IAMUserSSHKeys": "arn:aws-eusc:iam::aws:policy/IAMUserSSHKeys", + "IsengardControllerPolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/IsengardControllerPolicy", + "IVSFullAccess": "arn:aws-eusc:iam::aws:policy/IVSFullAccess", + "IVSReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/IVSReadOnlyAccess", + "IVSRecordToS3": "arn:aws-eusc:iam::aws:policy/aws-service-role/IVSRecordToS3", + "KafkaConnectServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/KafkaConnectServiceRolePolicy", + "KafkaServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/KafkaServiceRolePolicy", + "KeyspacesReplicationServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/KeyspacesReplicationServiceRolePolicy", + "LakeFormationDataAccessServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/LakeFormationDataAccessServiceRolePolicy", + "LexBotPolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/LexBotPolicy", + "LexChannelPolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/LexChannelPolicy", + "LightsailExportAccess": "arn:aws-eusc:iam::aws:policy/aws-service-role/LightsailExportAccess", + "MediaConnectGatewayInstanceRolePolicy": "arn:aws-eusc:iam::aws:policy/MediaConnectGatewayInstanceRolePolicy", + "MediaPackageServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/MediaPackageServiceRolePolicy", + "MemoryDBServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/MemoryDBServiceRolePolicy", + "MigrationHubDMSAccessServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/MigrationHubDMSAccessServiceRolePolicy", + "MigrationHubServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/MigrationHubServiceRolePolicy", + "MigrationHubSMSAccessServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/MigrationHubSMSAccessServiceRolePolicy", + "MonitronServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/MonitronServiceRolePolicy", + "NeptuneConsoleFullAccess": "arn:aws-eusc:iam::aws:policy/NeptuneConsoleFullAccess", + "NeptuneFullAccess": "arn:aws-eusc:iam::aws:policy/NeptuneFullAccess", + "NeptuneGraphReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/NeptuneGraphReadOnlyAccess", + "NeptuneReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/NeptuneReadOnlyAccess", + "NetworkAdministrator": "arn:aws-eusc:iam::aws:policy/job-function/NetworkAdministrator", + "OAMFullAccess": "arn:aws-eusc:iam::aws:policy/OAMFullAccess", + "OAMReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/OAMReadOnlyAccess", + "PartnerCentralAccountManagementUserRoleAssociation": "arn:aws-eusc:iam::aws:policy/PartnerCentralAccountManagementUserRoleAssociation", + "PowerUserAccess": "arn:aws-eusc:iam::aws:policy/PowerUserAccess", + "QBusinessServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/QBusinessServiceRolePolicy", + "QuickSightAccessForS3StorageManagementAnalyticsReadOnly": "arn:aws-eusc:iam::aws:policy/service-role/QuickSightAccessForS3StorageManagementAnalyticsReadOnly", + "RDSCloudHsmAuthorizationRole": "arn:aws-eusc:iam::aws:policy/service-role/RDSCloudHsmAuthorizationRole", + "ReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/ReadOnlyAccess", + "ResourceGroupsandTagEditorFullAccess": "arn:aws-eusc:iam::aws:policy/ResourceGroupsandTagEditorFullAccess", + "ResourceGroupsandTagEditorReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/ResourceGroupsandTagEditorReadOnlyAccess", + "ResourceGroupsServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/ResourceGroupsServiceRolePolicy", + "ROSAAmazonEBSCSIDriverOperatorPolicy": "arn:aws-eusc:iam::aws:policy/service-role/ROSAAmazonEBSCSIDriverOperatorPolicy", + "ROSACloudNetworkConfigOperatorPolicy": "arn:aws-eusc:iam::aws:policy/service-role/ROSACloudNetworkConfigOperatorPolicy", + "ROSAControlPlaneOperatorPolicy": "arn:aws-eusc:iam::aws:policy/service-role/ROSAControlPlaneOperatorPolicy", + "ROSAImageRegistryOperatorPolicy": "arn:aws-eusc:iam::aws:policy/service-role/ROSAImageRegistryOperatorPolicy", + "ROSAIngressOperatorPolicy": "arn:aws-eusc:iam::aws:policy/service-role/ROSAIngressOperatorPolicy", + "ROSAInstallerPolicy": "arn:aws-eusc:iam::aws:policy/service-role/ROSAInstallerPolicy", + "ROSAKMSProviderPolicy": "arn:aws-eusc:iam::aws:policy/service-role/ROSAKMSProviderPolicy", + "ROSAKubeControllerPolicy": "arn:aws-eusc:iam::aws:policy/service-role/ROSAKubeControllerPolicy", + "ROSAManageSubscription": "arn:aws-eusc:iam::aws:policy/ROSAManageSubscription", + "ROSANodePoolManagementPolicy": "arn:aws-eusc:iam::aws:policy/service-role/ROSANodePoolManagementPolicy", + "ROSASRESupportPolicy": "arn:aws-eusc:iam::aws:policy/service-role/ROSASRESupportPolicy", + "ROSAWorkerInstancePolicy": "arn:aws-eusc:iam::aws:policy/service-role/ROSAWorkerInstancePolicy", + "Route53RecoveryReadinessServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/Route53RecoveryReadinessServiceRolePolicy", + "Route53ResolverServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/Route53ResolverServiceRolePolicy", + "S3StorageLensServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/S3StorageLensServiceRolePolicy", + "SecretsManagerReadWrite": "arn:aws-eusc:iam::aws:policy/SecretsManagerReadWrite", + "SecurityAudit": "arn:aws-eusc:iam::aws:policy/SecurityAudit", + "SecurityLakeServiceLinkedRole": "arn:aws-eusc:iam::aws:policy/aws-service-role/SecurityLakeServiceLinkedRole", + "ServerMigrationConnector": "arn:aws-eusc:iam::aws:policy/ServerMigrationConnector", + "ServerMigrationServiceConsoleFullAccess": "arn:aws-eusc:iam::aws:policy/ServerMigrationServiceConsoleFullAccess", + "ServerMigrationServiceLaunchRole": "arn:aws-eusc:iam::aws:policy/service-role/ServerMigrationServiceLaunchRole", + "ServerMigration_ServiceRole": "arn:aws-eusc:iam::aws:policy/service-role/ServerMigration_ServiceRole", + "ServerMigrationServiceRoleForInstanceValidation": "arn:aws-eusc:iam::aws:policy/service-role/ServerMigrationServiceRoleForInstanceValidation", + "ServiceQuotasFullAccess": "arn:aws-eusc:iam::aws:policy/ServiceQuotasFullAccess", + "ServiceQuotasReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/ServiceQuotasReadOnlyAccess", + "ServiceQuotasServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/ServiceQuotasServiceRolePolicy", + "SimpleWorkflowFullAccess": "arn:aws-eusc:iam::aws:policy/SimpleWorkflowFullAccess", + "SplitCostAllocationDataServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/SplitCostAllocationDataServiceRolePolicy", + "SupportUser": "arn:aws-eusc:iam::aws:policy/job-function/SupportUser", + "SystemAdministrator": "arn:aws-eusc:iam::aws:policy/job-function/SystemAdministrator", + "TranslateFullAccess": "arn:aws-eusc:iam::aws:policy/TranslateFullAccess", + "TranslateReadOnly": "arn:aws-eusc:iam::aws:policy/TranslateReadOnly", + "ViewOnlyAccess": "arn:aws-eusc:iam::aws:policy/job-function/ViewOnlyAccess", + "VMImportExportRoleForAWSConnector": "arn:aws-eusc:iam::aws:policy/service-role/VMImportExportRoleForAWSConnector", + "VPCLatticeFullAccess": "arn:aws-eusc:iam::aws:policy/VPCLatticeFullAccess", + "VPCLatticeReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/VPCLatticeReadOnlyAccess", + "VPCLatticeServicesInvokeAccess": "arn:aws-eusc:iam::aws:policy/VPCLatticeServicesInvokeAccess", + "WAFLoggingServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/WAFLoggingServiceRolePolicy", + "WAFRegionalLoggingServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/WAFRegionalLoggingServiceRolePolicy", + "WAFV2LoggingServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/aws-service-role/WAFV2LoggingServiceRolePolicy", + "WellArchitectedConsoleFullAccess": "arn:aws-eusc:iam::aws:policy/WellArchitectedConsoleFullAccess", + "WellArchitectedConsoleReadOnlyAccess": "arn:aws-eusc:iam::aws:policy/WellArchitectedConsoleReadOnlyAccess", + "WorkLinkServiceRolePolicy": "arn:aws-eusc:iam::aws:policy/WorkLinkServiceRolePolicy" } } diff --git a/samtranslator/schema/schema.json b/samtranslator/schema/schema.json index 91b2e7f0f2..fbb92f69be 100644 --- a/samtranslator/schema/schema.json +++ b/samtranslator/schema/schema.json @@ -676,11 +676,21 @@ "markdownDescription": "Configures the default behavior of the CRL Distribution Point extension for certificates issued by your CA. If this field is not provided, then the CRL Distribution Point extension will be present and contain the default CRL URL.", "title": "CrlDistributionPointExtensionConfiguration" }, + "CrlType": { + "markdownDescription": "Specifies the type of CRL. This setting determines the maximum number of certificates that the certificate authority can issue and revoke. For more information, see [AWS Private CA quotas](https://docs.aws.amazon.com/general/latest/gr/pca.html#limits_pca) .\n\n- `COMPLETE` - The default setting. AWS Private CA maintains a single CRL file for all unexpired certificates issued by a CA that have been revoked for any reason. Each certificate that AWS Private CA issues is bound to a specific CRL through the CRL distribution point (CDP) defined in [RFC 5280](https://docs.aws.amazon.com/https://datatracker.ietf.org/doc/html/rfc5280) .\n- `PARTITIONED` - Compared to complete CRLs, partitioned CRLs dramatically increase the number of certificates your private CA can issue.\n\n> When using partitioned CRLs, you must validate that the CRL's associated issuing distribution point (IDP) URI matches the certi\ufb01cate's CDP URI to ensure the right CRL has been fetched. AWS Private CA marks the IDP extension as critical, which your client must be able to process.", + "title": "CrlType", + "type": "string" + }, "CustomCname": { "markdownDescription": "Name inserted into the certificate *CRL Distribution Points* extension that enables the use of an alias for the CRL distribution point. Use this value if you don't want the name of your S3 bucket to be public.\n\n> The content of a Canonical Name (CNAME) record must conform to [RFC2396](https://docs.aws.amazon.com/https://www.ietf.org/rfc/rfc2396.txt) restrictions on the use of special characters in URIs. Additionally, the value of the CNAME must not include a protocol prefix such as \"http://\" or \"https://\".", "title": "CustomCname", "type": "string" }, + "CustomPath": { + "markdownDescription": "Designates a custom file path in S3 for CRL(s). For example, `http:////.crl` .", + "title": "CustomPath", + "type": "string" + }, "Enabled": { "markdownDescription": "Boolean value that specifies whether certificate revocation lists (CRLs) are enabled. You can use this value to enable certificate revocation for a new CA when you call the `CreateCertificateAuthority` operation or for an existing CA when you call the `UpdateCertificateAuthority` operation.", "title": "Enabled", @@ -702,6 +712,9 @@ "type": "string" } }, + "required": [ + "Enabled" + ], "type": "object" }, "AWS::ACMPCA::CertificateAuthority.CrlDistributionPointExtensionConfiguration": { @@ -772,7 +785,6 @@ } }, "required": [ - "NameAssigner", "PartyName" ], "type": "object" @@ -888,6 +900,9 @@ "type": "string" } }, + "required": [ + "Enabled" + ], "type": "object" }, "AWS::ACMPCA::CertificateAuthority.OtherName": { @@ -1180,7 +1195,7 @@ ], "type": "object" }, - "AWS::APS::RuleGroupsNamespace": { + "AWS::AIOps::InvestigationGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -1215,132 +1230,77 @@ "Properties": { "additionalProperties": false, "properties": { - "Data": { - "markdownDescription": "The rules file used in the namespace.\n\nFor more details about the rules file, see [Creating a rules file](https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-ruler-rulesfile.html) in the *Amazon Managed Service for Prometheus User Guide* .", - "title": "Data", + "ChatbotNotificationChannels": { + "items": { + "$ref": "#/definitions/AWS::AIOps::InvestigationGroup.ChatbotNotificationChannel" + }, + "markdownDescription": "Use this property to integrate CloudWatch investigations with chat applications. This property is an array. For the first string, specify the ARN of an Amazon SNS topic. For the array of strings, specify the ARNs of one or more chat applications configurations that you want to associate with that topic. For more information about these configuration ARNs, see [Getting started with Amazon Q in chat applications](https://docs.aws.amazon.com/chatbot/latest/adminguide/getting-started.html) and [Resource type defined by AWS Chatbot](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awschatbot.html#awschatbot-resources-for-iam-policies) .", + "title": "ChatbotNotificationChannels", + "type": "array" + }, + "CrossAccountConfigurations": { + "items": { + "$ref": "#/definitions/AWS::AIOps::InvestigationGroup.CrossAccountConfiguration" + }, + "markdownDescription": "List of `sourceRoleArn` values that have been configured for cross-account access.", + "title": "CrossAccountConfigurations", + "type": "array" + }, + "EncryptionConfig": { + "$ref": "#/definitions/AWS::AIOps::InvestigationGroup.EncryptionConfigMap", + "markdownDescription": "Specifies the customer managed AWS KMS key that the investigation group uses to encrypt data, if there is one. If not, the investigation group uses an AWS key to encrypt the data.", + "title": "EncryptionConfig" + }, + "InvestigationGroupPolicy": { + "markdownDescription": "Returns the JSON of the IAM resource policy associated with the specified investigation group in a string. For example, `{\\\"Version\\\":\\\"2012-10-17\\\",\\\"Statement\\\":[{\\\"Effect\\\":\\\"Allow\\\",\\\"Principal\\\":{\\\"Service\\\":\\\"aiops.alarms.cloudwatch.amazonaws.com\\\"},\\\"Action\\\":[\\\"aiops:CreateInvestigation\\\",\\\"aiops:CreateInvestigationEvent\\\"],\\\"Resource\\\":\\\"*\\\",\\\"Condition\\\":{\\\"StringEquals\\\":{\\\"aws:SourceAccount\\\":\\\"111122223333\\\"},\\\"ArnLike\\\":{\\\"aws:SourceArn\\\":\\\"arn:aws:cloudwatch:us-east-1:111122223333:alarm:*\\\"}}}]}` .", + "title": "InvestigationGroupPolicy", "type": "string" }, + "IsCloudTrailEventHistoryEnabled": { + "markdownDescription": "Specify `true` to enable CloudWatch investigations to have access to change events that are recorded by CloudTrail. The default is `true` .", + "title": "IsCloudTrailEventHistoryEnabled", + "type": "boolean" + }, "Name": { - "markdownDescription": "The name of the rule groups namespace.", + "markdownDescription": "Specify either the name or the ARN of the investigation group that you want to view. This is used to set the name of the investigation group.", "title": "Name", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The list of tag keys and values that are associated with the rule groups namespace.", - "title": "Tags", - "type": "array" + "RetentionInDays": { + "markdownDescription": "Specifies how long that investigation data is kept.", + "title": "RetentionInDays", + "type": "number" }, - "Workspace": { - "markdownDescription": "The ID of the workspace to add the rule groups namespace.", - "title": "Workspace", - "type": "string" - } - }, - "required": [ - "Data", - "Name", - "Workspace" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::APS::RuleGroupsNamespace" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::APS::Scraper": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that the investigation group uses for permissions to gather data.", + "title": "RoleArn", "type": "string" }, - { + "TagKeyBoundaries": { "items": { - "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, + "markdownDescription": "Displays the custom tag keys for custom applications in your system that you have specified in the investigation group. Resource tags help CloudWatch investigations narrow the search space when it is unable to discover definite relationships between resources.", + "title": "TagKeyBoundaries", "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Alias": { - "markdownDescription": "An optional user-assigned scraper alias.", - "title": "Alias", - "type": "string" - }, - "Destination": { - "$ref": "#/definitions/AWS::APS::Scraper.Destination", - "markdownDescription": "The Amazon Managed Service for Prometheus workspace the scraper sends metrics to.", - "title": "Destination" - }, - "ScrapeConfiguration": { - "$ref": "#/definitions/AWS::APS::Scraper.ScrapeConfiguration", - "markdownDescription": "The configuration in use by the scraper.", - "title": "ScrapeConfiguration" - }, - "Source": { - "$ref": "#/definitions/AWS::APS::Scraper.Source", - "markdownDescription": "The Amazon EKS cluster from which the scraper collects metrics.", - "title": "Source" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "(Optional) The list of tag keys and values associated with the scraper.", + "markdownDescription": "The list of key-value pairs to associate with the resource.", "title": "Tags", "type": "array" } }, "required": [ - "Destination", - "ScrapeConfiguration", - "Source" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::APS::Scraper" + "AWS::AIOps::InvestigationGroup" ], "type": "string" }, @@ -1359,191 +1319,652 @@ ], "type": "object" }, - "AWS::APS::Scraper.AmpConfiguration": { - "additionalProperties": false, - "properties": { - "WorkspaceArn": { - "markdownDescription": "ARN of the Amazon Managed Service for Prometheus workspace.", - "title": "WorkspaceArn", - "type": "string" - } - }, - "required": [ - "WorkspaceArn" - ], - "type": "object" - }, - "AWS::APS::Scraper.Destination": { + "AWS::AIOps::InvestigationGroup.ChatbotNotificationChannel": { "additionalProperties": false, "properties": { - "AmpConfiguration": { - "$ref": "#/definitions/AWS::APS::Scraper.AmpConfiguration", - "markdownDescription": "The Amazon Managed Service for Prometheus workspace to send metrics to.", - "title": "AmpConfiguration" - } - }, - "required": [ - "AmpConfiguration" - ], - "type": "object" - }, - "AWS::APS::Scraper.EksConfiguration": { - "additionalProperties": false, - "properties": { - "ClusterArn": { - "markdownDescription": "ARN of the Amazon EKS cluster.", - "title": "ClusterArn", - "type": "string" - }, - "SecurityGroupIds": { + "ChatConfigurationArns": { "items": { "type": "string" }, - "markdownDescription": "A list of the security group IDs for the Amazon EKS cluster VPC configuration.", - "title": "SecurityGroupIds", + "markdownDescription": "Returns the Amazon Resource Name (ARN) of any third-party chat integrations configured for the account.", + "title": "ChatConfigurationArns", "type": "array" }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of subnet IDs for the Amazon EKS cluster VPC configuration.", - "title": "SubnetIds", - "type": "array" - } - }, - "required": [ - "ClusterArn", - "SubnetIds" - ], - "type": "object" - }, - "AWS::APS::Scraper.ScrapeConfiguration": { - "additionalProperties": false, - "properties": { - "ConfigurationBlob": { - "markdownDescription": "The base 64 encoded scrape configuration file.", - "title": "ConfigurationBlob", + "SNSTopicArn": { + "markdownDescription": "Returns the ARN of an Amazon SNS topic used for third-party chat integrations.", + "title": "SNSTopicArn", "type": "string" } }, - "required": [ - "ConfigurationBlob" - ], "type": "object" }, - "AWS::APS::Scraper.Source": { + "AWS::AIOps::InvestigationGroup.CrossAccountConfiguration": { "additionalProperties": false, "properties": { - "EksConfiguration": { - "$ref": "#/definitions/AWS::APS::Scraper.EksConfiguration", - "markdownDescription": "The Amazon EKS cluster from which a scraper collects metrics.", - "title": "EksConfiguration" + "SourceRoleArn": { + "markdownDescription": "The ARN of an existing role which will be used to do investigations on your behalf.", + "title": "SourceRoleArn", + "type": "string" } }, - "required": [ - "EksConfiguration" - ], "type": "object" }, - "AWS::APS::Workspace": { + "AWS::AIOps::InvestigationGroup.EncryptionConfigMap": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AlertManagerDefinition": { - "markdownDescription": "The alert manager definition, a YAML configuration for the alert manager in your Amazon Managed Service for Prometheus workspace.\n\nFor details about the alert manager definition, see [Creating an alert manager configuration files](https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-alertmanager-config.html) in the *Amazon Managed Service for Prometheus User Guide* .\n\nThe following example shows part of a CloudFormation YAML file with an embedded alert manager definition (following the `- |-` ).\n\n`Workspace: Type: AWS::APS::Workspace .... Properties: .... AlertManagerDefinition: Fn::Sub: - |- alertmanager_config: | templates: - 'default_template' route: receiver: example-sns receivers: - name: example-sns sns_configs: - topic_arn: 'arn:aws:sns:${AWS::Region}:${AWS::AccountId}:${TopicName}' -`", - "title": "AlertManagerDefinition", - "type": "string" - }, - "Alias": { - "markdownDescription": "The alias that is assigned to this workspace to help identify it. It does not need to be unique.", - "title": "Alias", - "type": "string" - }, - "KmsKeyArn": { - "markdownDescription": "(optional) The ARN for a customer managed AWS KMS key to use for encrypting data within your workspace. For more information about using your own key in your workspace, see [Encryption at rest](https://docs.aws.amazon.com/prometheus/latest/userguide/encryption-at-rest-Amazon-Service-Prometheus.html) in the *Amazon Managed Service for Prometheus User Guide* .", - "title": "KmsKeyArn", - "type": "string" - }, - "LoggingConfiguration": { - "$ref": "#/definitions/AWS::APS::Workspace.LoggingConfiguration", - "markdownDescription": "Contains information about the current rules and alerting logging configuration for the workspace.\n\n> These logging configurations are only for rules and alerting logs.", - "title": "LoggingConfiguration" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The list of tag keys and values that are associated with the workspace.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::APS::Workspace" - ], + "EncryptionConfigurationType": { + "markdownDescription": "Displays whether investigation data is encrypted by a customer managed key or an AWS owned key.", + "title": "EncryptionConfigurationType", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::APS::Workspace.LoggingConfiguration": { - "additionalProperties": false, - "properties": { - "LogGroupArn": { - "markdownDescription": "The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist prior to calling this operation.", - "title": "LogGroupArn", + "KmsKeyId": { + "markdownDescription": "If the investigation group uses a customer managed key for encryption, this field displays the ID of that key.", + "title": "KmsKeyId", "type": "string" } }, "type": "object" }, - "AWS::ARCZonalShift::ZonalAutoshiftConfiguration": { + "AWS::APS::RuleGroupsNamespace": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Data": { + "markdownDescription": "The rules file used in the namespace.\n\nFor more details about the rules file, see [Creating a rules file](https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-ruler-rulesfile.html) in the *Amazon Managed Service for Prometheus User Guide* .", + "title": "Data", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the rule groups namespace.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of tag keys and values that are associated with the rule groups namespace.", + "title": "Tags", + "type": "array" + }, + "Workspace": { + "markdownDescription": "The ID of the workspace to add the rule groups namespace.", + "title": "Workspace", + "type": "string" + } + }, + "required": [ + "Data", + "Name", + "Workspace" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::APS::RuleGroupsNamespace" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::APS::Scraper": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Alias": { + "markdownDescription": "An optional user-assigned scraper alias.", + "title": "Alias", + "type": "string" + }, + "Destination": { + "$ref": "#/definitions/AWS::APS::Scraper.Destination", + "markdownDescription": "The Amazon Managed Service for Prometheus workspace the scraper sends metrics to.", + "title": "Destination" + }, + "RoleConfiguration": { + "$ref": "#/definitions/AWS::APS::Scraper.RoleConfiguration", + "markdownDescription": "The role configuration in an Amazon Managed Service for Prometheus scraper.", + "title": "RoleConfiguration" + }, + "ScrapeConfiguration": { + "$ref": "#/definitions/AWS::APS::Scraper.ScrapeConfiguration", + "markdownDescription": "The configuration in use by the scraper.", + "title": "ScrapeConfiguration" + }, + "Source": { + "$ref": "#/definitions/AWS::APS::Scraper.Source", + "markdownDescription": "The Amazon EKS cluster from which the scraper collects metrics.", + "title": "Source" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "(Optional) The list of tag keys and values associated with the scraper.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Destination", + "ScrapeConfiguration", + "Source" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::APS::Scraper" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::APS::Scraper.AmpConfiguration": { + "additionalProperties": false, + "properties": { + "WorkspaceArn": { + "markdownDescription": "ARN of the Amazon Managed Service for Prometheus workspace.", + "title": "WorkspaceArn", + "type": "string" + } + }, + "required": [ + "WorkspaceArn" + ], + "type": "object" + }, + "AWS::APS::Scraper.Destination": { + "additionalProperties": false, + "properties": { + "AmpConfiguration": { + "$ref": "#/definitions/AWS::APS::Scraper.AmpConfiguration", + "markdownDescription": "The Amazon Managed Service for Prometheus workspace to send metrics to.", + "title": "AmpConfiguration" + } + }, + "required": [ + "AmpConfiguration" + ], + "type": "object" + }, + "AWS::APS::Scraper.EksConfiguration": { + "additionalProperties": false, + "properties": { + "ClusterArn": { + "markdownDescription": "ARN of the Amazon EKS cluster.", + "title": "ClusterArn", + "type": "string" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the security group IDs for the Amazon EKS cluster VPC configuration.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of subnet IDs for the Amazon EKS cluster VPC configuration.", + "title": "SubnetIds", + "type": "array" + } + }, + "required": [ + "ClusterArn", + "SubnetIds" + ], + "type": "object" + }, + "AWS::APS::Scraper.RoleConfiguration": { + "additionalProperties": false, + "properties": { + "SourceRoleArn": { + "markdownDescription": "The ARN of the source role.", + "title": "SourceRoleArn", + "type": "string" + }, + "TargetRoleArn": { + "markdownDescription": "The ARN of the target role.", + "title": "TargetRoleArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::APS::Scraper.ScrapeConfiguration": { + "additionalProperties": false, + "properties": { + "ConfigurationBlob": { + "markdownDescription": "The base 64 encoded scrape configuration file.", + "title": "ConfigurationBlob", + "type": "string" + } + }, + "required": [ + "ConfigurationBlob" + ], + "type": "object" + }, + "AWS::APS::Scraper.Source": { + "additionalProperties": false, + "properties": { + "EksConfiguration": { + "$ref": "#/definitions/AWS::APS::Scraper.EksConfiguration", + "markdownDescription": "The Amazon EKS cluster from which a scraper collects metrics.", + "title": "EksConfiguration" + } + }, + "required": [ + "EksConfiguration" + ], + "type": "object" + }, + "AWS::APS::Workspace": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AlertManagerDefinition": { + "markdownDescription": "The alert manager definition, a YAML configuration for the alert manager in your Amazon Managed Service for Prometheus workspace.\n\nFor details about the alert manager definition, see [Creating an alert manager configuration files](https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-alertmanager-config.html) in the *Amazon Managed Service for Prometheus User Guide* .\n\nThe following example shows part of a CloudFormation YAML file with an embedded alert manager definition (following the `- |-` ).\n\n`Workspace: Type: AWS::APS::Workspace .... Properties: .... AlertManagerDefinition: Fn::Sub: - |- alertmanager_config: | templates: - 'default_template' route: receiver: example-sns receivers: - name: example-sns sns_configs: - topic_arn: 'arn:aws:sns:${AWS::Region}:${AWS::AccountId}:${TopicName}' -`", + "title": "AlertManagerDefinition", + "type": "string" + }, + "Alias": { + "markdownDescription": "The alias that is assigned to this workspace to help identify it. It does not need to be unique.", + "title": "Alias", + "type": "string" + }, + "KmsKeyArn": { + "markdownDescription": "(optional) The ARN for a customer managed AWS KMS key to use for encrypting data within your workspace. For more information about using your own key in your workspace, see [Encryption at rest](https://docs.aws.amazon.com/prometheus/latest/userguide/encryption-at-rest-Amazon-Service-Prometheus.html) in the *Amazon Managed Service for Prometheus User Guide* .", + "title": "KmsKeyArn", + "type": "string" + }, + "LoggingConfiguration": { + "$ref": "#/definitions/AWS::APS::Workspace.LoggingConfiguration", + "markdownDescription": "Contains information about the current rules and alerting logging configuration for the workspace.\n\n> These logging configurations are only for rules and alerting logs.", + "title": "LoggingConfiguration" + }, + "QueryLoggingConfiguration": { + "$ref": "#/definitions/AWS::APS::Workspace.QueryLoggingConfiguration", + "markdownDescription": "The definition of logging configuration in an Amazon Managed Service for Prometheus workspace.", + "title": "QueryLoggingConfiguration" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of tag keys and values that are associated with the workspace.", + "title": "Tags", + "type": "array" + }, + "WorkspaceConfiguration": { + "$ref": "#/definitions/AWS::APS::Workspace.WorkspaceConfiguration", + "markdownDescription": "Use this structure to define label sets and the ingestion limits for time series that match label sets, and to specify the retention period of the workspace.", + "title": "WorkspaceConfiguration" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::APS::Workspace" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::APS::Workspace.CloudWatchLogDestination": { + "additionalProperties": false, + "properties": { + "LogGroupArn": { + "markdownDescription": "The ARN of the CloudWatch log group.", + "title": "LogGroupArn", + "type": "string" + } + }, + "required": [ + "LogGroupArn" + ], + "type": "object" + }, + "AWS::APS::Workspace.Label": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name for this label.", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The value for this label.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Name", + "Value" + ], + "type": "object" + }, + "AWS::APS::Workspace.LimitsPerLabelSet": { + "additionalProperties": false, + "properties": { + "LabelSet": { + "items": { + "$ref": "#/definitions/AWS::APS::Workspace.Label" + }, + "markdownDescription": "This defines one label set that will have an enforced ingestion limit. You can set ingestion limits on time series that match defined label sets, to help prevent a workspace from being overwhelmed with unexpected spikes in time series ingestion.\n\nLabel values accept all UTF-8 characters with one exception. If the label name is metric name label `__ *name* __` , then the *metric* part of the name must conform to the following pattern: `[a-zA-Z_:][a-zA-Z0-9_:]*`", + "title": "LabelSet", + "type": "array" + }, + "Limits": { + "$ref": "#/definitions/AWS::APS::Workspace.LimitsPerLabelSetEntry", + "markdownDescription": "This structure contains the information about the limits that apply to time series that match this label set.", + "title": "Limits" + } + }, + "required": [ + "LabelSet", + "Limits" + ], + "type": "object" + }, + "AWS::APS::Workspace.LimitsPerLabelSetEntry": { + "additionalProperties": false, + "properties": { + "MaxSeries": { + "markdownDescription": "The maximum number of active series that can be ingested that match this label set.\n\nSetting this to 0 causes no label set limit to be enforced, but it does cause Amazon Managed Service for Prometheus to vend label set metrics to CloudWatch", + "title": "MaxSeries", + "type": "number" + } + }, + "type": "object" + }, + "AWS::APS::Workspace.LoggingConfiguration": { + "additionalProperties": false, + "properties": { + "LogGroupArn": { + "markdownDescription": "The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist prior to calling this operation.", + "title": "LogGroupArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::APS::Workspace.LoggingDestination": { + "additionalProperties": false, + "properties": { + "CloudWatchLogs": { + "$ref": "#/definitions/AWS::APS::Workspace.CloudWatchLogDestination", + "markdownDescription": "Configuration details for logging to CloudWatch Logs.", + "title": "CloudWatchLogs" + }, + "Filters": { + "$ref": "#/definitions/AWS::APS::Workspace.LoggingFilter", + "markdownDescription": "Filtering criteria that determine which queries are logged.", + "title": "Filters" + } + }, + "required": [ + "CloudWatchLogs", + "Filters" + ], + "type": "object" + }, + "AWS::APS::Workspace.LoggingFilter": { + "additionalProperties": false, + "properties": { + "QspThreshold": { + "markdownDescription": "", + "title": "QspThreshold", + "type": "number" + } + }, + "required": [ + "QspThreshold" + ], + "type": "object" + }, + "AWS::APS::Workspace.QueryLoggingConfiguration": { + "additionalProperties": false, + "properties": { + "Destinations": { + "items": { + "$ref": "#/definitions/AWS::APS::Workspace.LoggingDestination" + }, + "markdownDescription": "Defines a destination and its associated filtering criteria for query logging.", + "title": "Destinations", + "type": "array" + } + }, + "required": [ + "Destinations" + ], + "type": "object" + }, + "AWS::APS::Workspace.WorkspaceConfiguration": { + "additionalProperties": false, + "properties": { + "LimitsPerLabelSets": { + "items": { + "$ref": "#/definitions/AWS::APS::Workspace.LimitsPerLabelSet" + }, + "markdownDescription": "This is an array of structures, where each structure defines a label set for the workspace, and defines the ingestion limit for active time series for each of those label sets. Each label name in a label set must be unique.", + "title": "LimitsPerLabelSets", + "type": "array" + }, + "RetentionPeriodInDays": { + "markdownDescription": "Specifies how many days that metrics will be retained in the workspace.", + "title": "RetentionPeriodInDays", + "type": "number" + } + }, + "type": "object" + }, + "AWS::ARCZonalShift::AutoshiftObserverNotificationStatus": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Status": { + "markdownDescription": "", + "title": "Status", + "type": "string" + } + }, + "required": [ + "Status" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ARCZonalShift::AutoshiftObserverNotificationStatus" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::ARCZonalShift::ZonalAutoshiftConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -1584,7 +2005,7 @@ "title": "PracticeRunConfiguration" }, "ResourceIdentifier": { - "markdownDescription": "The identifier for the resource that AWS shifts traffic for. The identifier is the Amazon Resource Name (ARN) for the resource.\n\nAt this time, supported resources are Network Load Balancers and Application Load Balancers with cross-zone load balancing turned off.", + "markdownDescription": "The identifier for the resource that AWS shifts traffic for. The identifier is the Amazon Resource Name (ARN) for the resource.\n\nAt this time, supported resources are Network Load Balancers and Application Load Balancers.", "title": "ResourceIdentifier", "type": "string" }, @@ -1655,7 +2076,7 @@ "items": { "type": "string" }, - "markdownDescription": "An array of one or more days and times that you can specify when Route 53 ARC does not start practice runs for a resource. Days and times are in UTC.\n\nSpecify blocked windows in the format `DAY:HH:MM-DAY:HH:MM` , separated by spaces. For example, `MON:18:30-MON:19:30 TUE:18:30-TUE:19:30` .", + "markdownDescription": "An array of one or more days and times that you can specify when ARC does not start practice runs for a resource. Days and times are in UTC.\n\nSpecify blocked windows in the format `DAY:HH:MM-DAY:HH:MM` , separated by spaces. For example, `MON:18:30-MON:19:30 TUE:18:30-TUE:19:30` .\n\n> Blocked windows have to start and end on the same day. Windows that span multiple days aren't supported.", "title": "BlockedWindows", "type": "array" }, @@ -1743,7 +2164,7 @@ "type": "array" }, "Type": { - "markdownDescription": "The type represents the zone of trust for the analyzer.\n\n*Allowed Values* : ACCOUNT | ORGANIZATION | ACCOUNT_UNUSED_ACCESS | ORGANIZATION_UNUSED_ACCESS", + "markdownDescription": "The type represents the zone of trust for the analyzer.\n\n*Allowed Values* : ACCOUNT | ORGANIZATION | ACCOUNT_UNUSED_ACCESS | ACCOUNT_INTERNAL_ACCESS | ORGANIZATION_INTERNAL_ACCESS | ORGANIZATION_UNUSED_ACCESS", "title": "Type", "type": "string" } @@ -1774,9 +2195,47 @@ ], "type": "object" }, + "AWS::AccessAnalyzer::Analyzer.AnalysisRule": { + "additionalProperties": false, + "properties": { + "Exclusions": { + "items": { + "$ref": "#/definitions/AWS::AccessAnalyzer::Analyzer.AnalysisRuleCriteria" + }, + "markdownDescription": "A list of rules for the analyzer containing criteria to exclude from analysis. Entities that meet the rule criteria will not generate findings.", + "title": "Exclusions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::AccessAnalyzer::Analyzer.AnalysisRuleCriteria": { + "additionalProperties": false, + "properties": { + "AccountIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of AWS account IDs to apply to the analysis rule criteria. The accounts cannot include the organization analyzer owner account. Account IDs can only be applied to the analysis rule criteria for organization-level analyzers. The list cannot include more than 2,000 account IDs.", + "title": "AccountIds", + "type": "array" + }, + "ResourceTags": { + "markdownDescription": "An array of key-value pairs to match for your resources. You can use the set of Unicode letters, digits, whitespace, `_` , `.` , `/` , `=` , `+` , and `-` .\n\nFor the tag key, you can specify a value that is 1 to 128 characters in length and cannot be prefixed with `aws:` .\n\nFor the tag value, you can specify a value that is 0 to 256 characters in length. If the specified tag value is 0 characters, the rule is applied to all principals with the specified tag key.", + "title": "ResourceTags", + "type": "object" + } + }, + "type": "object" + }, "AWS::AccessAnalyzer::Analyzer.AnalyzerConfiguration": { "additionalProperties": false, "properties": { + "InternalAccessConfiguration": { + "$ref": "#/definitions/AWS::AccessAnalyzer::Analyzer.InternalAccessConfiguration", + "markdownDescription": "Specifies the configuration of an internal access analyzer for an AWS organization or account. This configuration determines how the analyzer evaluates access within your AWS environment.", + "title": "InternalAccessConfiguration" + }, "UnusedAccessConfiguration": { "$ref": "#/definitions/AWS::AccessAnalyzer::Analyzer.UnusedAccessConfiguration", "markdownDescription": "Specifies the configuration of an unused access analyzer for an AWS organization or account.", @@ -1851,9 +2310,69 @@ ], "type": "object" }, + "AWS::AccessAnalyzer::Analyzer.InternalAccessAnalysisRule": { + "additionalProperties": false, + "properties": { + "Inclusions": { + "items": { + "$ref": "#/definitions/AWS::AccessAnalyzer::Analyzer.InternalAccessAnalysisRuleCriteria" + }, + "markdownDescription": "A list of rules for the internal access analyzer containing criteria to include in analysis. Only resources that meet the rule criteria will generate findings.", + "title": "Inclusions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::AccessAnalyzer::Analyzer.InternalAccessAnalysisRuleCriteria": { + "additionalProperties": false, + "properties": { + "AccountIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of AWS account IDs to apply to the internal access analysis rule criteria. Account IDs can only be applied to the analysis rule criteria for organization-level analyzers.", + "title": "AccountIds", + "type": "array" + }, + "ResourceArns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of resource ARNs to apply to the internal access analysis rule criteria. The analyzer will only generate findings for resources that match these ARNs.", + "title": "ResourceArns", + "type": "array" + }, + "ResourceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of resource types to apply to the internal access analysis rule criteria. The analyzer will only generate findings for resources of these types. These resource types are currently supported for internal access analyzers:\n\n- `AWS::S3::Bucket`\n- `AWS::RDS::DBSnapshot`\n- `AWS::RDS::DBClusterSnapshot`\n- `AWS::S3Express::DirectoryBucket`\n- `AWS::DynamoDB::Table`\n- `AWS::DynamoDB::Stream`", + "title": "ResourceTypes", + "type": "array" + } + }, + "type": "object" + }, + "AWS::AccessAnalyzer::Analyzer.InternalAccessConfiguration": { + "additionalProperties": false, + "properties": { + "InternalAccessAnalysisRule": { + "$ref": "#/definitions/AWS::AccessAnalyzer::Analyzer.InternalAccessAnalysisRule", + "markdownDescription": "Contains information about analysis rules for the internal access analyzer. These rules determine which resources and access patterns will be analyzed.", + "title": "InternalAccessAnalysisRule" + } + }, + "type": "object" + }, "AWS::AccessAnalyzer::Analyzer.UnusedAccessConfiguration": { "additionalProperties": false, "properties": { + "AnalysisRule": { + "$ref": "#/definitions/AWS::AccessAnalyzer::Analyzer.AnalysisRule", + "markdownDescription": "Contains information about analysis rules for the analyzer. Analysis rules determine which entities will generate findings based on the criteria you define when you create the rule.", + "title": "AnalysisRule" + }, "UnusedAccessAge": { "markdownDescription": "The specified access age in days for which to generate findings for unused access. For example, if you specify 90 days, the analyzer will generate findings for IAM entities within the accounts of the selected organization for any access that hasn't been used in 90 or more days since the analyzer's last scan. You can choose a value between 1 and 365 days.", "title": "UnusedAccessAge", @@ -2011,11 +2530,9 @@ } }, "required": [ - "AutoMinorVersionUpgrade", "BrokerName", "DeploymentMode", "EngineType", - "EngineVersion", "HostInstanceType", "PubliclyAccessible", "Users" @@ -2330,9 +2847,7 @@ } }, "required": [ - "Data", "EngineType", - "EngineVersion", "Name" ], "type": "object" @@ -2526,6 +3041,16 @@ "title": "BuildSpec", "type": "string" }, + "CacheConfig": { + "$ref": "#/definitions/AWS::Amplify::App.CacheConfig", + "markdownDescription": "The cache configuration for the Amplify app. If you don't specify the cache configuration `type` , Amplify uses the default `AMPLIFY_MANAGED` setting.", + "title": "CacheConfig" + }, + "ComputeRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role for an SSR app. The Compute role allows the Amplify Hosting compute service to securely access specific AWS resources based on the role's permissions. For more information about the SSR Compute role, see [Adding an SSR Compute role](https://docs.aws.amazon.com/amplify/latest/userguide/amplify-SSR-compute-role.html) in the *Amplify User Guide* .", + "title": "ComputeRoleArn", + "type": "string" + }, "CustomHeaders": { "markdownDescription": "The custom HTTP headers for an Amplify app.", "title": "CustomHeaders", @@ -2562,6 +3087,11 @@ "title": "IAMServiceRole", "type": "string" }, + "JobConfig": { + "$ref": "#/definitions/AWS::Amplify::App.JobConfig", + "markdownDescription": "The configuration details that apply to the jobs for an Amplify app.", + "title": "JobConfig" + }, "Name": { "markdownDescription": "The name of the Amplify app.", "title": "Name", @@ -2705,6 +3235,17 @@ }, "type": "object" }, + "AWS::Amplify::App.CacheConfig": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "The type of cache configuration to use for an Amplify app.\n\nThe `AMPLIFY_MANAGED` cache configuration automatically applies an optimized cache configuration for your app based on its platform, routing rules, and rewrite rules.\n\nThe `AMPLIFY_MANAGED_NO_COOKIES` cache configuration type is the same as `AMPLIFY_MANAGED` , except that it excludes all cookies from the cache key. This is the default setting.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, "AWS::Amplify::App.CustomRule": { "additionalProperties": false, "properties": { @@ -2755,6 +3296,20 @@ ], "type": "object" }, + "AWS::Amplify::App.JobConfig": { + "additionalProperties": false, + "properties": { + "BuildComputeType": { + "markdownDescription": "Specifies the size of the build instance. Amplify supports three instance sizes: `STANDARD_8GB` , `LARGE_16GB` , and `XLARGE_72GB` . If you don't specify a value, Amplify uses the `STANDARD_8GB` default.\n\nThe following list describes the CPU, memory, and storage capacity for each build instance type:\n\n- **STANDARD_8GB** - - vCPUs: 4\n- Memory: 8 GiB\n- Disk space: 128 GB\n- **LARGE_16GB** - - vCPUs: 8\n- Memory: 16 GiB\n- Disk space: 128 GB\n- **XLARGE_72GB** - - vCPUs: 36\n- Memory: 72 GiB\n- Disk space: 256 GB", + "title": "BuildComputeType", + "type": "string" + } + }, + "required": [ + "BuildComputeType" + ], + "type": "object" + }, "AWS::Amplify::Branch": { "additionalProperties": false, "properties": { @@ -2815,6 +3370,11 @@ "title": "BuildSpec", "type": "string" }, + "ComputeRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to assign to a branch of an SSR app. The SSR Compute role allows the Amplify Hosting compute service to securely access specific AWS resources based on the role's permissions. For more information about the SSR Compute role, see [Adding an SSR Compute role](https://docs.aws.amazon.com/amplify/latest/userguide/amplify-SSR-compute-role.html) in the *Amplify User Guide* .", + "title": "ComputeRoleArn", + "type": "string" + }, "Description": { "markdownDescription": "The description for the branch that is part of an Amplify app.", "title": "Description", @@ -2835,6 +3395,11 @@ "title": "EnablePullRequestPreview", "type": "boolean" }, + "EnableSkewProtection": { + "markdownDescription": "Specifies whether the skew protection feature is enabled for the branch.\n\nDeployment skew protection is available to Amplify applications to eliminate version skew issues between client and servers in web applications. When you apply skew protection to a branch, you can ensure that your clients always interact with the correct version of server-side assets, regardless of when a deployment occurs. For more information about skew protection, see [Skew protection for Amplify deployments](https://docs.aws.amazon.com/amplify/latest/userguide/skew-protection.html) in the *Amplify User Guide* .", + "title": "EnableSkewProtection", + "type": "boolean" + }, "EnvironmentVariables": { "items": { "$ref": "#/definitions/AWS::Amplify::Branch.EnvironmentVariable" @@ -4933,6 +5498,89 @@ ], "type": "object" }, + "AWS::ApiGateway::BasePathMappingV2": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "BasePath": { + "markdownDescription": "The base path name that callers of the private API must provide as part of the URL after the domain name.", + "title": "BasePath", + "type": "string" + }, + "DomainNameArn": { + "markdownDescription": "The ARN of the domain name for the BasePathMappingV2 resource to be described.", + "title": "DomainNameArn", + "type": "string" + }, + "RestApiId": { + "markdownDescription": "The private API's identifier. This identifier is unique across all of your APIs in API Gateway.", + "title": "RestApiId", + "type": "string" + }, + "Stage": { + "markdownDescription": "Represents a unique identifier for a version of a deployed private RestApi that is callable by users. The Stage must depend on the `RestApi` 's stage. To create a dependency, add a DependsOn attribute to the BasePathMappingV2 resource.", + "title": "Stage", + "type": "string" + } + }, + "required": [ + "DomainNameArn", + "RestApiId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ApiGateway::BasePathMappingV2" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, "AWS::ApiGateway::ClientCertificate": { "additionalProperties": false, "properties": { @@ -5583,6 +6231,11 @@ "title": "RegionalCertificateArn", "type": "string" }, + "RoutingMode": { + "markdownDescription": "The routing mode for this domain name. The routing mode determines how API Gateway sends traffic from your custom domain name to your public APIs.", + "title": "RoutingMode", + "type": "string" + }, "SecurityPolicy": { "markdownDescription": "The Transport Layer Security (TLS) version + cipher suite for this DomainName. The valid values are `TLS_1_0` and `TLS_1_2` .", "title": "SecurityPolicy", @@ -5622,6 +6275,11 @@ "AWS::ApiGateway::DomainName.EndpointConfiguration": { "additionalProperties": false, "properties": { + "IpAddressType": { + "markdownDescription": "The IP address types that can invoke this DomainName. Use `ipv4` to allow only IPv4 addresses to invoke this DomainName, or use `dualstack` to allow both IPv4 and IPv6 addresses to invoke this DomainName. For the `PRIVATE` endpoint type, only `dualstack` is supported.", + "title": "IpAddressType", + "type": "string" + }, "Types": { "items": { "type": "string" @@ -5649,6 +6307,208 @@ }, "type": "object" }, + "AWS::ApiGateway::DomainNameAccessAssociation": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AccessAssociationSource": { + "markdownDescription": "The identifier of the domain name access association source. For a `VPCE` , the value is the VPC endpoint ID.", + "title": "AccessAssociationSource", + "type": "string" + }, + "AccessAssociationSourceType": { + "markdownDescription": "The type of the domain name access association source. Only `VPCE` is currently supported.", + "title": "AccessAssociationSourceType", + "type": "string" + }, + "DomainNameArn": { + "markdownDescription": "The ARN of the domain name.", + "title": "DomainNameArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The collection of tags. Each tag element is associated with a given resource.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "AccessAssociationSource", + "AccessAssociationSourceType", + "DomainNameArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ApiGateway::DomainNameAccessAssociation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::ApiGateway::DomainNameV2": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CertificateArn": { + "markdownDescription": "The reference to an AWS -managed certificate that will be used by the private endpoint for this domain name. AWS Certificate Manager is the only supported source.", + "title": "CertificateArn", + "type": "string" + }, + "DomainName": { + "markdownDescription": "Represents a custom domain name as a user-friendly host name of an API (RestApi).", + "title": "DomainName", + "type": "string" + }, + "EndpointConfiguration": { + "$ref": "#/definitions/AWS::ApiGateway::DomainNameV2.EndpointConfiguration", + "markdownDescription": "The endpoint configuration to indicate the types of endpoints an API (RestApi) or its custom domain name (DomainName) has and the IP address types that can invoke it.", + "title": "EndpointConfiguration" + }, + "Policy": { + "markdownDescription": "A stringified JSON policy document that applies to the `execute-api` service for this DomainName regardless of the caller and Method configuration. You can use `Fn::ToJsonString` to enter your `policy` . For more information, see [Fn::ToJsonString](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ToJsonString.html) .", + "title": "Policy", + "type": "object" + }, + "RoutingMode": { + "markdownDescription": "The routing mode for this domain name. The routing mode determines how API Gateway sends traffic from your custom domain name to your private APIs.", + "title": "RoutingMode", + "type": "string" + }, + "SecurityPolicy": { + "markdownDescription": "The Transport Layer Security (TLS) version + cipher suite for this DomainName. Only `TLS_1_2` is supported.", + "title": "SecurityPolicy", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The collection of tags. Each tag element is associated with a given resource.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ApiGateway::DomainNameV2" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::ApiGateway::DomainNameV2.EndpointConfiguration": { + "additionalProperties": false, + "properties": { + "IpAddressType": { + "markdownDescription": "The IP address types that can invoke an API (RestApi) or a DomainName. Use `ipv4` to allow only IPv4 addresses to invoke an API or DomainName, or use `dualstack` to allow both IPv4 and IPv6 addresses to invoke an API or a DomainName. For the `PRIVATE` endpoint type, only `dualstack` is supported.", + "title": "IpAddressType", + "type": "string" + }, + "Types": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of endpoint types of an API (RestApi) or its custom domain name (DomainName). For an edge-optimized API and its custom domain name, the endpoint type is `\"EDGE\"` . For a regional API and its custom domain name, the endpoint type is `REGIONAL` . For a private API, the endpoint type is `PRIVATE` .", + "title": "Types", + "type": "array" + } + }, + "type": "object" + }, "AWS::ApiGateway::GatewayResponse": { "additionalProperties": false, "properties": { @@ -6478,6 +7338,11 @@ "AWS::ApiGateway::RestApi.EndpointConfiguration": { "additionalProperties": false, "properties": { + "IpAddressType": { + "markdownDescription": "The IP address types that can invoke an API (RestApi). Use `ipv4` to allow only IPv4 addresses to invoke an API, or use `dualstack` to allow both IPv4 and IPv6 addresses to invoke an API. For the `PRIVATE` endpoint type, only `dualstack` is supported.", + "title": "IpAddressType", + "type": "string" + }, "Types": { "items": { "type": "string" @@ -7189,6 +8054,11 @@ "title": "FailOnWarnings", "type": "boolean" }, + "IpAddressType": { + "markdownDescription": "The IP address types that can invoke the API. Use `ipv4` to allow only IPv4 addresses to invoke your API, or use `dualstack` to allow both IPv4 and IPv6 addresses to invoke your API.\n\nDon\u2019t use IP address type for an HTTP API based on an OpenAPI specification. Instead, specify the IP address type in the OpenAPI specification.", + "title": "IpAddressType", + "type": "string" + }, "Name": { "markdownDescription": "The name of the API. Required unless you specify an OpenAPI definition for `Body` or `S3BodyLocation` .", "title": "Name", @@ -7907,6 +8777,11 @@ "markdownDescription": "The mutual TLS authentication configuration for a custom domain name.", "title": "MutualTlsAuthentication" }, + "RoutingMode": { + "markdownDescription": "The routing mode API Gateway uses to route traffic to your APIs.", + "title": "RoutingMode", + "type": "string" + }, "Tags": { "additionalProperties": true, "markdownDescription": "The collection of tags associated with a domain name.", @@ -7963,6 +8838,11 @@ "title": "EndpointType", "type": "string" }, + "IpAddressType": { + "markdownDescription": "The IP address types that can invoke the domain name. Use `ipv4` to allow only IPv4 addresses to invoke your domain name, or use `dualstack` to allow both IPv4 and IPv6 addresses to invoke your domain name.", + "title": "IpAddressType", + "type": "string" + }, "OwnershipVerificationCertificateArn": { "markdownDescription": "The Amazon resource name (ARN) for the public certificate issued by AWS Certificate Manager . This ARN is used to validate custom domain ownership. It's required only if you configure mutual TLS and use either an ACM-imported or a private CA certificate ARN as the regionalCertificateArn.", "title": "OwnershipVerificationCertificateArn", @@ -8088,17 +8968,35 @@ "type": "string" }, "RequestParameters": { + "additionalProperties": true, "markdownDescription": "For WebSocket APIs, a key-value map specifying request parameters that are passed from the method request to the backend. The key is an integration request parameter name and the associated value is a method request parameter value or static value that must be enclosed within single quotes and pre-encoded as required by the backend. The method request parameter value must match the pattern of `method.request. {location} . {name}` , where `{location}` is `querystring` , `path` , or `header` ; and `{name}` must be a valid and unique method request parameter name.\n\nFor HTTP API integrations with a specified `integrationSubtype` , request parameters are a key-value map specifying parameters that are passed to `AWS_PROXY` integrations. You can provide static values, or map request data, stage variables, or context variables that are evaluated at runtime. To learn more, see [Working with AWS service integrations for HTTP APIs](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-develop-integrations-aws-services.html) .\n\nFor HTTP API integrations without a specified `integrationSubtype` request parameters are a key-value map specifying how to transform HTTP requests before sending them to the backend. The key should follow the pattern :. where action can be `append` , `overwrite` or `remove` . For values, you can provide static values, or map request data, stage variables, or context variables that are evaluated at runtime. To learn more, see [Transforming API requests and responses](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-parameter-mapping.html) .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, "title": "RequestParameters", "type": "object" }, "RequestTemplates": { + "additionalProperties": true, "markdownDescription": "Represents a map of Velocity templates that are applied on the request payload based on the value of the Content-Type header sent by the client. The content type value is the key in this map, and the template (as a String) is the value. Supported only for WebSocket APIs.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, "title": "RequestTemplates", "type": "object" }, "ResponseParameters": { + "additionalProperties": false, "markdownDescription": "Supported only for HTTP APIs. You use response parameters to transform the HTTP response from a backend integration before returning the response to clients. Specify a key-value map from a selection key to response parameters. The selection key must be a valid HTTP status code within the range of 200-599. The value is of type [`ResponseParameterList`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigatewayv2-integration-responseparameterlist.html) . To learn more, see [Transforming API requests and responses](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-parameter-mapping.html) .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::ApiGatewayV2::Integration.ResponseParameterMap" + } + }, "title": "ResponseParameters", "type": "object" }, @@ -8159,19 +9057,17 @@ "type": "string" } }, - "required": [ - "Destination", - "Source" - ], "type": "object" }, - "AWS::ApiGatewayV2::Integration.ResponseParameterList": { + "AWS::ApiGatewayV2::Integration.ResponseParameterMap": { "additionalProperties": false, "properties": { "ResponseParameters": { "items": { "$ref": "#/definitions/AWS::ApiGatewayV2::Integration.ResponseParameter" }, + "markdownDescription": "", + "title": "ResponseParameters", "type": "array" } }, @@ -8616,7 +9512,7 @@ ], "type": "object" }, - "AWS::ApiGatewayV2::Stage": { + "AWS::ApiGatewayV2::RoutingRule": { "additionalProperties": false, "properties": { "Condition": { @@ -8651,76 +9547,44 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessLogSettings": { - "$ref": "#/definitions/AWS::ApiGatewayV2::Stage.AccessLogSettings", - "markdownDescription": "Settings for logging access in this stage.", - "title": "AccessLogSettings" - }, - "AccessPolicyId": { - "markdownDescription": "This parameter is not currently supported.", - "title": "AccessPolicyId", - "type": "string" - }, - "ApiId": { - "markdownDescription": "The API identifier.", - "title": "ApiId", - "type": "string" - }, - "AutoDeploy": { - "markdownDescription": "Specifies whether updates to an API automatically trigger a new deployment. The default value is `false` .", - "title": "AutoDeploy", - "type": "boolean" - }, - "ClientCertificateId": { - "markdownDescription": "The identifier of a client certificate for a `Stage` . Supported only for WebSocket APIs.", - "title": "ClientCertificateId", - "type": "string" - }, - "DefaultRouteSettings": { - "$ref": "#/definitions/AWS::ApiGatewayV2::Stage.RouteSettings", - "markdownDescription": "The default route settings for the stage.", - "title": "DefaultRouteSettings" - }, - "DeploymentId": { - "markdownDescription": "The deployment identifier for the API stage. Can't be updated if `autoDeploy` is enabled.", - "title": "DeploymentId", - "type": "string" - }, - "Description": { - "markdownDescription": "The description for the API stage.", - "title": "Description", - "type": "string" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::ApiGatewayV2::RoutingRule.Action" + }, + "markdownDescription": "The resulting action based on matching a routing rules condition. Only InvokeApi is supported.", + "title": "Actions", + "type": "array" }, - "RouteSettings": { - "markdownDescription": "Route settings for the stage.", - "title": "RouteSettings", - "type": "object" + "Conditions": { + "items": { + "$ref": "#/definitions/AWS::ApiGatewayV2::RoutingRule.Condition" + }, + "markdownDescription": "The conditions of the routing rule.", + "title": "Conditions", + "type": "array" }, - "StageName": { - "markdownDescription": "The stage name. Stage names can contain only alphanumeric characters, hyphens, and underscores, or be `$default` . Maximum length is 128 characters.", - "title": "StageName", + "DomainNameArn": { + "markdownDescription": "The ARN of the domain name.", + "title": "DomainNameArn", "type": "string" }, - "StageVariables": { - "markdownDescription": "A map that defines the stage variables for a `Stage` . Variable names can have alphanumeric and underscore characters, and the values must match [A-Za-z0-9-._~:/?#&=,]+.", - "title": "StageVariables", - "type": "object" - }, - "Tags": { - "markdownDescription": "The collection of tags. Each tag element is associated with a given resource.", - "title": "Tags", - "type": "object" + "Priority": { + "markdownDescription": "The order in which API Gateway evaluates a rule. Priority is evaluated from the lowest value to the highest value. Rules can't have the same priority. Priority values 1-1,000,000 are supported.", + "title": "Priority", + "type": "number" } }, "required": [ - "ApiId", - "StageName" + "Actions", + "Conditions", + "DomainNameArn", + "Priority" ], "type": "object" }, "Type": { "enum": [ - "AWS::ApiGatewayV2::Stage" + "AWS::ApiGatewayV2::RoutingRule" ], "type": "string" }, @@ -8739,149 +9603,381 @@ ], "type": "object" }, - "AWS::ApiGatewayV2::Stage.AccessLogSettings": { + "AWS::ApiGatewayV2::RoutingRule.Action": { "additionalProperties": false, "properties": { - "DestinationArn": { - "markdownDescription": "The ARN of the CloudWatch Logs log group to receive access logs. This parameter is required to enable access logging.", - "title": "DestinationArn", - "type": "string" - }, - "Format": { - "markdownDescription": "A single line format of the access logs of data, as specified by selected $context variables. The format must include at least $context.requestId. This parameter is required to enable access logging.", - "title": "Format", - "type": "string" + "InvokeApi": { + "$ref": "#/definitions/AWS::ApiGatewayV2::RoutingRule.ActionInvokeApi", + "markdownDescription": "Represents an InvokeApi action.", + "title": "InvokeApi" } }, + "required": [ + "InvokeApi" + ], "type": "object" }, - "AWS::ApiGatewayV2::Stage.RouteSettings": { + "AWS::ApiGatewayV2::RoutingRule.ActionInvokeApi": { "additionalProperties": false, "properties": { - "DataTraceEnabled": { - "markdownDescription": "Specifies whether ( `true` ) or not ( `false` ) data trace logging is enabled for this route. This property affects the log entries pushed to Amazon CloudWatch Logs. Supported only for WebSocket APIs.", - "title": "DataTraceEnabled", - "type": "boolean" - }, - "DetailedMetricsEnabled": { - "markdownDescription": "Specifies whether detailed metrics are enabled.", - "title": "DetailedMetricsEnabled", - "type": "boolean" - }, - "LoggingLevel": { - "markdownDescription": "Specifies the logging level for this route: `INFO` , `ERROR` , or `OFF` . This property affects the log entries pushed to Amazon CloudWatch Logs. Supported only for WebSocket APIs.", - "title": "LoggingLevel", + "ApiId": { + "markdownDescription": "The API identifier of the target API.", + "title": "ApiId", "type": "string" }, - "ThrottlingBurstLimit": { - "markdownDescription": "Specifies the throttling burst limit.", - "title": "ThrottlingBurstLimit", - "type": "number" + "Stage": { + "markdownDescription": "The name of the target stage.", + "title": "Stage", + "type": "string" }, - "ThrottlingRateLimit": { - "markdownDescription": "Specifies the throttling rate limit.", - "title": "ThrottlingRateLimit", - "type": "number" + "StripBasePath": { + "markdownDescription": "The strip base path setting. When true, API Gateway strips the incoming matched base path when forwarding the request to the target API.", + "title": "StripBasePath", + "type": "boolean" } }, + "required": [ + "ApiId", + "Stage" + ], "type": "object" }, - "AWS::ApiGatewayV2::VpcLink": { + "AWS::ApiGatewayV2::RoutingRule.Condition": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "MatchBasePaths": { + "$ref": "#/definitions/AWS::ApiGatewayV2::RoutingRule.MatchBasePaths", + "markdownDescription": "The base path to be matched.", + "title": "MatchBasePaths" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the VPC link.", - "title": "Name", - "type": "string" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of security group IDs for the VPC link.", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of subnet IDs to include in the VPC link.", - "title": "SubnetIds", - "type": "array" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "The collection of tags. Each tag element is associated with a given resource.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - } + "MatchHeaders": { + "$ref": "#/definitions/AWS::ApiGatewayV2::RoutingRule.MatchHeaders", + "markdownDescription": "The headers to be matched.", + "title": "MatchHeaders" + } + }, + "type": "object" + }, + "AWS::ApiGatewayV2::RoutingRule.MatchBasePaths": { + "additionalProperties": false, + "properties": { + "AnyOf": { + "items": { + "type": "string" }, - "required": [ - "Name", - "SubnetIds" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::ApiGatewayV2::VpcLink" - ], + "markdownDescription": "The string of the case sensitive base path to be matched.", + "title": "AnyOf", + "type": "array" + } + }, + "required": [ + "AnyOf" + ], + "type": "object" + }, + "AWS::ApiGatewayV2::RoutingRule.MatchHeaderValue": { + "additionalProperties": false, + "properties": { + "Header": { + "markdownDescription": "The case insensitive header name to be matched. The header name must be less than 40 characters and the only allowed characters are `a-z` , `A-Z` , `0-9` , and the following special characters: `*?-!#$%&'.^_`|~.` .", + "title": "Header", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ValueGlob": { + "markdownDescription": "The case sensitive header glob value to be matched against entire header value. The header glob value must be less than 128 characters and the only allowed characters are `a-z` , `A-Z` , `0-9` , and the following special characters: `*?-!#$%&'.^_`|~` . Wildcard matching is supported for header glob values but must be for `*prefix-match` , `suffix-match*` , or `*infix*-match` .", + "title": "ValueGlob", "type": "string" } }, "required": [ - "Type", - "Properties" + "Header", + "ValueGlob" ], "type": "object" }, - "AWS::AppConfig::Application": { + "AWS::ApiGatewayV2::RoutingRule.MatchHeaders": { + "additionalProperties": false, + "properties": { + "AnyOf": { + "items": { + "$ref": "#/definitions/AWS::ApiGatewayV2::RoutingRule.MatchHeaderValue" + }, + "markdownDescription": "The header name and header value glob to be matched. The matchHeaders condition is matched if any of the header name and header value globs are matched.", + "title": "AnyOf", + "type": "array" + } + }, + "required": [ + "AnyOf" + ], + "type": "object" + }, + "AWS::ApiGatewayV2::Stage": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AccessLogSettings": { + "$ref": "#/definitions/AWS::ApiGatewayV2::Stage.AccessLogSettings", + "markdownDescription": "Settings for logging access in this stage.", + "title": "AccessLogSettings" + }, + "AccessPolicyId": { + "markdownDescription": "This parameter is not currently supported.", + "title": "AccessPolicyId", + "type": "string" + }, + "ApiId": { + "markdownDescription": "The API identifier.", + "title": "ApiId", + "type": "string" + }, + "AutoDeploy": { + "markdownDescription": "Specifies whether updates to an API automatically trigger a new deployment. The default value is `false` .", + "title": "AutoDeploy", + "type": "boolean" + }, + "ClientCertificateId": { + "markdownDescription": "The identifier of a client certificate for a `Stage` . Supported only for WebSocket APIs.", + "title": "ClientCertificateId", + "type": "string" + }, + "DefaultRouteSettings": { + "$ref": "#/definitions/AWS::ApiGatewayV2::Stage.RouteSettings", + "markdownDescription": "The default route settings for the stage.", + "title": "DefaultRouteSettings" + }, + "DeploymentId": { + "markdownDescription": "The deployment identifier for the API stage. Can't be updated if `autoDeploy` is enabled.", + "title": "DeploymentId", + "type": "string" + }, + "Description": { + "markdownDescription": "The description for the API stage.", + "title": "Description", + "type": "string" + }, + "RouteSettings": { + "markdownDescription": "Route settings for the stage.", + "title": "RouteSettings", + "type": "object" + }, + "StageName": { + "markdownDescription": "The stage name. Stage names can contain only alphanumeric characters, hyphens, and underscores, or be `$default` . Maximum length is 128 characters.", + "title": "StageName", + "type": "string" + }, + "StageVariables": { + "markdownDescription": "A map that defines the stage variables for a `Stage` . Variable names can have alphanumeric and underscore characters, and the values must match [A-Za-z0-9-._~:/?#&=,]+.", + "title": "StageVariables", + "type": "object" + }, + "Tags": { + "markdownDescription": "The collection of tags. Each tag element is associated with a given resource.", + "title": "Tags", + "type": "object" + } + }, + "required": [ + "ApiId", + "StageName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ApiGatewayV2::Stage" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::ApiGatewayV2::Stage.AccessLogSettings": { + "additionalProperties": false, + "properties": { + "DestinationArn": { + "markdownDescription": "The ARN of the CloudWatch Logs log group to receive access logs. This parameter is required to enable access logging.", + "title": "DestinationArn", + "type": "string" + }, + "Format": { + "markdownDescription": "A single line format of the access logs of data, as specified by selected $context variables. The format must include at least $context.requestId. This parameter is required to enable access logging.", + "title": "Format", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ApiGatewayV2::Stage.RouteSettings": { + "additionalProperties": false, + "properties": { + "DataTraceEnabled": { + "markdownDescription": "Specifies whether ( `true` ) or not ( `false` ) data trace logging is enabled for this route. This property affects the log entries pushed to Amazon CloudWatch Logs. Supported only for WebSocket APIs.", + "title": "DataTraceEnabled", + "type": "boolean" + }, + "DetailedMetricsEnabled": { + "markdownDescription": "Specifies whether detailed metrics are enabled.", + "title": "DetailedMetricsEnabled", + "type": "boolean" + }, + "LoggingLevel": { + "markdownDescription": "Specifies the logging level for this route: `INFO` , `ERROR` , or `OFF` . This property affects the log entries pushed to Amazon CloudWatch Logs. Supported only for WebSocket APIs.", + "title": "LoggingLevel", + "type": "string" + }, + "ThrottlingBurstLimit": { + "markdownDescription": "Specifies the throttling burst limit.", + "title": "ThrottlingBurstLimit", + "type": "number" + }, + "ThrottlingRateLimit": { + "markdownDescription": "Specifies the throttling rate limit.", + "title": "ThrottlingRateLimit", + "type": "number" + } + }, + "type": "object" + }, + "AWS::ApiGatewayV2::VpcLink": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the VPC link.", + "title": "Name", + "type": "string" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of security group IDs for the VPC link.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of subnet IDs to include in the VPC link.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The collection of tags. Each tag element is associated with a given resource.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "Name", + "SubnetIds" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ApiGatewayV2::VpcLink" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::AppConfig::Application": { "additionalProperties": false, "properties": { "Condition": { @@ -9021,6 +10117,11 @@ "title": "ApplicationId", "type": "string" }, + "DeletionProtectionCheck": { + "markdownDescription": "A parameter to configure deletion protection. Deletion protection prevents a user from deleting a configuration profile if your application has called either [GetLatestConfiguration](https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_appconfigdata_GetLatestConfiguration.html) or [GetConfiguration](https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_GetConfiguration.html) for the configuration profile during the specified interval.\n\nThis parameter supports the following values:\n\n- `BYPASS` : Instructs AWS AppConfig to bypass the deletion protection check and delete a configuration profile even if deletion protection would have otherwise prevented it.\n- `APPLY` : Instructs the deletion protection check to run, even if deletion protection is disabled at the account level. `APPLY` also forces the deletion protection check to run against resources created in the past hour, which are normally excluded from deletion protection checks.\n- `ACCOUNT_DEFAULT` : The default setting, which instructs AWS AppConfig to implement the deletion protection value specified in the `UpdateAccountSettings` API.", + "title": "DeletionProtectionCheck", + "type": "string" + }, "Description": { "markdownDescription": "A description of the configuration profile.", "title": "Description", @@ -9208,7 +10309,7 @@ }, "Tags": { "items": { - "$ref": "#/definitions/AWS::AppConfig::Deployment.Tags" + "$ref": "#/definitions/Tag" }, "markdownDescription": "Metadata to assign to the deployment. Tags help organize and categorize your AWS AppConfig resources. Each tag consists of a key and an optional value, both of which you define.", "title": "Tags", @@ -9266,18 +10367,6 @@ }, "type": "object" }, - "AWS::AppConfig::Deployment.Tags": { - "additionalProperties": false, - "properties": { - "Key": { - "type": "string" - }, - "Value": { - "type": "string" - } - }, - "type": "object" - }, "AWS::AppConfig::DeploymentStrategy": { "additionalProperties": false, "properties": { @@ -9350,7 +10439,7 @@ }, "Tags": { "items": { - "$ref": "#/definitions/AWS::AppConfig::DeploymentStrategy.Tags" + "$ref": "#/definitions/Tag" }, "markdownDescription": "Assigns metadata to an AWS AppConfig resource. Tags help organize and categorize your AWS AppConfig resources. Each tag consists of a key and an optional value, both of which you define. You can specify a maximum of 50 tags for a resource.", "title": "Tags", @@ -9386,18 +10475,6 @@ ], "type": "object" }, - "AWS::AppConfig::DeploymentStrategy.Tags": { - "additionalProperties": false, - "properties": { - "Key": { - "type": "string" - }, - "Value": { - "type": "string" - } - }, - "type": "object" - }, "AWS::AppConfig::Environment": { "additionalProperties": false, "properties": { @@ -9438,6 +10515,11 @@ "title": "ApplicationId", "type": "string" }, + "DeletionProtectionCheck": { + "markdownDescription": "A parameter to configure deletion protection. Deletion protection prevents a user from deleting an environment if your application called either [GetLatestConfiguration](https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_appconfigdata_GetLatestConfiguration.html) or [GetConfiguration](https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_GetConfiguration.html) in the environment during the specified interval.\n\nThis parameter supports the following values:\n\n- `BYPASS` : Instructs AWS AppConfig to bypass the deletion protection check and delete a configuration profile even if deletion protection would have otherwise prevented it.\n- `APPLY` : Instructs the deletion protection check to run, even if deletion protection is disabled at the account level. `APPLY` also forces the deletion protection check to run against resources created in the past hour, which are normally excluded from deletion protection checks.\n- `ACCOUNT_DEFAULT` : The default setting, which instructs AWS AppConfig to implement the deletion protection value specified in the `UpdateAccountSettings` API.", + "title": "DeletionProtectionCheck", + "type": "string" + }, "Description": { "markdownDescription": "A description of the environment.", "title": "Description", @@ -12654,7 +13736,8 @@ "required": [ "ApplicationSourceConfig", "Description", - "Name" + "Name", + "Namespace" ], "type": "object" }, @@ -18100,7 +19183,7 @@ "type": "string" }, "InstanceType": { - "markdownDescription": "The instance type to use when launching fleet instances. The following instance types are available for non-Elastic fleets:\n\n- stream.standard.small\n- stream.standard.medium\n- stream.standard.large\n- stream.compute.large\n- stream.compute.xlarge\n- stream.compute.2xlarge\n- stream.compute.4xlarge\n- stream.compute.8xlarge\n- stream.memory.large\n- stream.memory.xlarge\n- stream.memory.2xlarge\n- stream.memory.4xlarge\n- stream.memory.8xlarge\n- stream.memory.z1d.large\n- stream.memory.z1d.xlarge\n- stream.memory.z1d.2xlarge\n- stream.memory.z1d.3xlarge\n- stream.memory.z1d.6xlarge\n- stream.memory.z1d.12xlarge\n- stream.graphics-design.large\n- stream.graphics-design.xlarge\n- stream.graphics-design.2xlarge\n- stream.graphics-design.4xlarge\n- stream.graphics-desktop.2xlarge\n- stream.graphics.g4dn.xlarge\n- stream.graphics.g4dn.2xlarge\n- stream.graphics.g4dn.4xlarge\n- stream.graphics.g4dn.8xlarge\n- stream.graphics.g4dn.12xlarge\n- stream.graphics.g4dn.16xlarge\n- stream.graphics-pro.4xlarge\n- stream.graphics-pro.8xlarge\n- stream.graphics-pro.16xlarge\n\nThe following instance types are available for Elastic fleets:\n\n- stream.standard.small\n- stream.standard.medium", + "markdownDescription": "The instance type to use when launching fleet instances. The following instance types are available for non-Elastic fleets:\n\n- stream.standard.small\n- stream.standard.medium\n- stream.standard.large\n- stream.compute.large\n- stream.compute.xlarge\n- stream.compute.2xlarge\n- stream.compute.4xlarge\n- stream.compute.8xlarge\n- stream.memory.large\n- stream.memory.xlarge\n- stream.memory.2xlarge\n- stream.memory.4xlarge\n- stream.memory.8xlarge\n- stream.memory.z1d.large\n- stream.memory.z1d.xlarge\n- stream.memory.z1d.2xlarge\n- stream.memory.z1d.3xlarge\n- stream.memory.z1d.6xlarge\n- stream.memory.z1d.12xlarge\n- stream.graphics-design.large\n- stream.graphics-design.xlarge\n- stream.graphics-design.2xlarge\n- stream.graphics-design.4xlarge\n- stream.graphics-desktop.2xlarge\n- stream.graphics.g4dn.xlarge\n- stream.graphics.g4dn.2xlarge\n- stream.graphics.g4dn.4xlarge\n- stream.graphics.g4dn.8xlarge\n- stream.graphics.g4dn.12xlarge\n- stream.graphics.g4dn.16xlarge\n- stream.graphics-pro.4xlarge\n- stream.graphics-pro.8xlarge\n- stream.graphics-pro.16xlarge\n- stream.graphics.g5.xlarge\n- stream.graphics.g5.2xlarge\n- stream.graphics.g5.4xlarge\n- stream.graphics.g5.8xlarge\n- stream.graphics.g5.16xlarge\n- stream.graphics.g5.12xlarge\n- stream.graphics.g5.24xlarge\n- stream.graphics.g6.xlarge\n- stream.graphics.g6.2xlarge\n- stream.graphics.g6.4xlarge\n- stream.graphics.g6.8xlarge\n- stream.graphics.g6.16xlarge\n- stream.graphics.g6.12xlarge\n- stream.graphics.g6.24xlarge\n- stream.graphics.gr6.4xlarge\n- stream.graphics.gr6.8xlarge\n\nThe following instance types are available for Elastic fleets:\n\n- stream.standard.small\n- stream.standard.medium", "title": "InstanceType", "type": "string" }, @@ -18346,7 +19429,7 @@ "type": "string" }, "InstanceType": { - "markdownDescription": "The instance type to use when launching the image builder. The following instance types are available:\n\n- stream.standard.small\n- stream.standard.medium\n- stream.standard.large\n- stream.compute.large\n- stream.compute.xlarge\n- stream.compute.2xlarge\n- stream.compute.4xlarge\n- stream.compute.8xlarge\n- stream.memory.large\n- stream.memory.xlarge\n- stream.memory.2xlarge\n- stream.memory.4xlarge\n- stream.memory.8xlarge\n- stream.memory.z1d.large\n- stream.memory.z1d.xlarge\n- stream.memory.z1d.2xlarge\n- stream.memory.z1d.3xlarge\n- stream.memory.z1d.6xlarge\n- stream.memory.z1d.12xlarge\n- stream.graphics-design.large\n- stream.graphics-design.xlarge\n- stream.graphics-design.2xlarge\n- stream.graphics-design.4xlarge\n- stream.graphics-desktop.2xlarge\n- stream.graphics.g4dn.xlarge\n- stream.graphics.g4dn.2xlarge\n- stream.graphics.g4dn.4xlarge\n- stream.graphics.g4dn.8xlarge\n- stream.graphics.g4dn.12xlarge\n- stream.graphics.g4dn.16xlarge\n- stream.graphics-pro.4xlarge\n- stream.graphics-pro.8xlarge\n- stream.graphics-pro.16xlarge", + "markdownDescription": "The instance type to use when launching the image builder. The following instance types are available:\n\n- stream.standard.small\n- stream.standard.medium\n- stream.standard.large\n- stream.compute.large\n- stream.compute.xlarge\n- stream.compute.2xlarge\n- stream.compute.4xlarge\n- stream.compute.8xlarge\n- stream.memory.large\n- stream.memory.xlarge\n- stream.memory.2xlarge\n- stream.memory.4xlarge\n- stream.memory.8xlarge\n- stream.memory.z1d.large\n- stream.memory.z1d.xlarge\n- stream.memory.z1d.2xlarge\n- stream.memory.z1d.3xlarge\n- stream.memory.z1d.6xlarge\n- stream.memory.z1d.12xlarge\n- stream.graphics-design.large\n- stream.graphics-design.xlarge\n- stream.graphics-design.2xlarge\n- stream.graphics-design.4xlarge\n- stream.graphics-desktop.2xlarge\n- stream.graphics.g4dn.xlarge\n- stream.graphics.g4dn.2xlarge\n- stream.graphics.g4dn.4xlarge\n- stream.graphics.g4dn.8xlarge\n- stream.graphics.g4dn.12xlarge\n- stream.graphics.g4dn.16xlarge\n- stream.graphics-pro.4xlarge\n- stream.graphics-pro.8xlarge\n- stream.graphics-pro.16xlarge\n- stream.graphics.g5.xlarge\n- stream.graphics.g5.2xlarge\n- stream.graphics.g5.4xlarge\n- stream.graphics.g5.8xlarge\n- stream.graphics.g5.16xlarge\n- stream.graphics.g5.12xlarge\n- stream.graphics.g5.24xlarge\n- stream.graphics.g6.xlarge\n- stream.graphics.g6.2xlarge\n- stream.graphics.g6.4xlarge\n- stream.graphics.g6.8xlarge\n- stream.graphics.g6.16xlarge\n- stream.graphics.g6.12xlarge\n- stream.graphics.g6.24xlarge\n- stream.graphics.gr6.4xlarge\n- stream.graphics.gr6.8xlarge", "title": "InstanceType", "type": "string" }, @@ -18947,6 +20030,294 @@ ], "type": "object" }, + "AWS::AppSync::Api": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "EventConfig": { + "$ref": "#/definitions/AWS::AppSync::Api.EventConfig", + "markdownDescription": "Describes the authorization configuration for connections, message publishing, message subscriptions, and logging for an Event API.", + "title": "EventConfig" + }, + "Name": { + "markdownDescription": "The name of the `Api` .", + "title": "Name", + "type": "string" + }, + "OwnerContact": { + "markdownDescription": "The owner contact information for an API resource.\n\nThis field accepts any string input with a length of 0 - 256 characters.", + "title": "OwnerContact", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A set of tags (key-value pairs) for this API.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::AppSync::Api" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::AppSync::Api.AuthMode": { + "additionalProperties": false, + "properties": { + "AuthType": { + "markdownDescription": "The authorization type.", + "title": "AuthType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::AppSync::Api.AuthProvider": { + "additionalProperties": false, + "properties": { + "AuthType": { + "markdownDescription": "The authorization type.", + "title": "AuthType", + "type": "string" + }, + "CognitoConfig": { + "$ref": "#/definitions/AWS::AppSync::Api.CognitoConfig", + "markdownDescription": "Describes an Amazon Cognito user pool configuration.", + "title": "CognitoConfig" + }, + "LambdaAuthorizerConfig": { + "$ref": "#/definitions/AWS::AppSync::Api.LambdaAuthorizerConfig", + "markdownDescription": "A `LambdaAuthorizerConfig` specifies how to authorize AWS AppSync API access when using the `AWS_LAMBDA` authorizer mode. Be aware that an AWS AppSync API can have only one AWS Lambda authorizer configured at a time.", + "title": "LambdaAuthorizerConfig" + }, + "OpenIDConnectConfig": { + "$ref": "#/definitions/AWS::AppSync::Api.OpenIDConnectConfig", + "markdownDescription": "Describes an OpenID Connect (OIDC) configuration.", + "title": "OpenIDConnectConfig" + } + }, + "required": [ + "AuthType" + ], + "type": "object" + }, + "AWS::AppSync::Api.CognitoConfig": { + "additionalProperties": false, + "properties": { + "AppIdClientRegex": { + "markdownDescription": "A regular expression for validating the incoming Amazon Cognito user pool app client ID. If this value isn't set, no filtering is applied.", + "title": "AppIdClientRegex", + "type": "string" + }, + "AwsRegion": { + "markdownDescription": "The AWS Region in which the user pool was created.", + "title": "AwsRegion", + "type": "string" + }, + "UserPoolId": { + "markdownDescription": "The user pool ID.", + "title": "UserPoolId", + "type": "string" + } + }, + "required": [ + "AwsRegion", + "UserPoolId" + ], + "type": "object" + }, + "AWS::AppSync::Api.DnsMap": { + "additionalProperties": false, + "properties": { + "Http": { + "markdownDescription": "The domain name of the Api's HTTP endpoint.", + "title": "Http", + "type": "string" + }, + "Realtime": { + "markdownDescription": "The domain name of the Api's real-time endpoint.", + "title": "Realtime", + "type": "string" + } + }, + "type": "object" + }, + "AWS::AppSync::Api.EventConfig": { + "additionalProperties": false, + "properties": { + "AuthProviders": { + "items": { + "$ref": "#/definitions/AWS::AppSync::Api.AuthProvider" + }, + "markdownDescription": "A list of authorization providers.", + "title": "AuthProviders", + "type": "array" + }, + "ConnectionAuthModes": { + "items": { + "$ref": "#/definitions/AWS::AppSync::Api.AuthMode" + }, + "markdownDescription": "A list of valid authorization modes for the Event API connections.", + "title": "ConnectionAuthModes", + "type": "array" + }, + "DefaultPublishAuthModes": { + "items": { + "$ref": "#/definitions/AWS::AppSync::Api.AuthMode" + }, + "markdownDescription": "A list of valid authorization modes for the Event API publishing.", + "title": "DefaultPublishAuthModes", + "type": "array" + }, + "DefaultSubscribeAuthModes": { + "items": { + "$ref": "#/definitions/AWS::AppSync::Api.AuthMode" + }, + "markdownDescription": "A list of valid authorization modes for the Event API subscriptions.", + "title": "DefaultSubscribeAuthModes", + "type": "array" + }, + "LogConfig": { + "$ref": "#/definitions/AWS::AppSync::Api.EventLogConfig", + "markdownDescription": "The CloudWatch Logs configuration for the Event API.", + "title": "LogConfig" + } + }, + "required": [ + "AuthProviders", + "ConnectionAuthModes", + "DefaultPublishAuthModes", + "DefaultSubscribeAuthModes" + ], + "type": "object" + }, + "AWS::AppSync::Api.EventLogConfig": { + "additionalProperties": false, + "properties": { + "CloudWatchLogsRoleArn": { + "markdownDescription": "The IAM service role that AWS AppSync assumes to publish CloudWatch Logs in your account.", + "title": "CloudWatchLogsRoleArn", + "type": "string" + }, + "LogLevel": { + "markdownDescription": "The type of information to log for the Event API.", + "title": "LogLevel", + "type": "string" + } + }, + "required": [ + "CloudWatchLogsRoleArn", + "LogLevel" + ], + "type": "object" + }, + "AWS::AppSync::Api.LambdaAuthorizerConfig": { + "additionalProperties": false, + "properties": { + "AuthorizerResultTtlInSeconds": { + "markdownDescription": "The number of seconds a response should be cached for. The default is 0 seconds, which disables caching. If you don't specify a value for `authorizerResultTtlInSeconds` , the default value is used. The maximum value is one hour (3600 seconds). The Lambda function can override this by returning a `ttlOverride` key in its response.", + "title": "AuthorizerResultTtlInSeconds", + "type": "number" + }, + "AuthorizerUri": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function to be called for authorization. This can be a standard Lambda ARN, a version ARN ( `.../v3` ), or an alias ARN.\n\n*Note* : This Lambda function must have the following resource-based policy assigned to it. When configuring Lambda authorizers in the console, this is done for you. To use the AWS Command Line Interface ( AWS CLI ), run the following:\n\n`aws lambda add-permission --function-name \"arn:aws:lambda:us-east-2:111122223333:function:my-function\" --statement-id \"appsync\" --principal appsync.amazonaws.com --action lambda:InvokeFunction`", + "title": "AuthorizerUri", + "type": "string" + }, + "IdentityValidationExpression": { + "markdownDescription": "A regular expression for validation of tokens before the Lambda function is called.", + "title": "IdentityValidationExpression", + "type": "string" + } + }, + "required": [ + "AuthorizerUri" + ], + "type": "object" + }, + "AWS::AppSync::Api.OpenIDConnectConfig": { + "additionalProperties": false, + "properties": { + "AuthTTL": { + "markdownDescription": "The number of milliseconds that a token is valid after being authenticated.", + "title": "AuthTTL", + "type": "number" + }, + "ClientId": { + "markdownDescription": "The client identifier of the relying party at the OpenID identity provider. This identifier is typically obtained when the relying party is registered with the OpenID identity provider. You can specify a regular expression so that AWS AppSync can validate against multiple client identifiers at a time.", + "title": "ClientId", + "type": "string" + }, + "IatTTL": { + "markdownDescription": "The number of milliseconds that a token is valid after it's issued to a user.", + "title": "IatTTL", + "type": "number" + }, + "Issuer": { + "markdownDescription": "The issuer for the OIDC configuration. The issuer returned by discovery must exactly match the value of `iss` in the ID token.", + "title": "Issuer", + "type": "string" + } + }, + "required": [ + "Issuer" + ], + "type": "object" + }, "AWS::AppSync::ApiCache": { "additionalProperties": false, "properties": { @@ -18993,7 +20364,7 @@ "type": "string" }, "AtRestEncryptionEnabled": { - "markdownDescription": "At-rest encryption flag for cache. You cannot update this setting after creation.", + "markdownDescription": "*This parameter has been deprecated* .\n\nAt-rest encryption flag for cache. You cannot update this setting after creation.", "title": "AtRestEncryptionEnabled", "type": "boolean" }, @@ -19003,7 +20374,7 @@ "type": "string" }, "TransitEncryptionEnabled": { - "markdownDescription": "Transit encryption flag when connecting to cache. You cannot update this setting after creation.", + "markdownDescription": "*This parameter has been deprecated* .\n\nTransit encryption flag when connecting to cache. You cannot update this setting after creation.", "title": "TransitEncryptionEnabled", "type": "boolean" }, @@ -19127,6 +20498,198 @@ ], "type": "object" }, + "AWS::AppSync::ChannelNamespace": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApiId": { + "markdownDescription": "The `Api` ID.", + "title": "ApiId", + "type": "string" + }, + "CodeHandlers": { + "markdownDescription": "The event handler functions that run custom business logic to process published events and subscribe requests.", + "title": "CodeHandlers", + "type": "string" + }, + "CodeS3Location": { + "markdownDescription": "The Amazon S3 endpoint where the code is located.", + "title": "CodeS3Location", + "type": "string" + }, + "HandlerConfigs": { + "$ref": "#/definitions/AWS::AppSync::ChannelNamespace.HandlerConfigs", + "markdownDescription": "The configuration for the `OnPublish` and `OnSubscribe` handlers.", + "title": "HandlerConfigs" + }, + "Name": { + "markdownDescription": "The name of the channel namespace. This name must be unique within the `Api` .", + "title": "Name", + "type": "string" + }, + "PublishAuthModes": { + "items": { + "$ref": "#/definitions/AWS::AppSync::ChannelNamespace.AuthMode" + }, + "markdownDescription": "The authorization mode to use for publishing messages on the channel namespace. This configuration overrides the default `Api` authorization configuration.", + "title": "PublishAuthModes", + "type": "array" + }, + "SubscribeAuthModes": { + "items": { + "$ref": "#/definitions/AWS::AppSync::ChannelNamespace.AuthMode" + }, + "markdownDescription": "The authorization mode to use for subscribing to messages on the channel namespace. This configuration overrides the default `Api` authorization configuration.", + "title": "SubscribeAuthModes", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A set of tags (key-value pairs) for this channel namespace.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "ApiId", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::AppSync::ChannelNamespace" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::AppSync::ChannelNamespace.AuthMode": { + "additionalProperties": false, + "properties": { + "AuthType": { + "markdownDescription": "The authorization type.", + "title": "AuthType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::AppSync::ChannelNamespace.HandlerConfig": { + "additionalProperties": false, + "properties": { + "Behavior": { + "markdownDescription": "The behavior for the handler.", + "title": "Behavior", + "type": "string" + }, + "Integration": { + "$ref": "#/definitions/AWS::AppSync::ChannelNamespace.Integration", + "markdownDescription": "The integration data source configuration for the handler.", + "title": "Integration" + } + }, + "required": [ + "Behavior", + "Integration" + ], + "type": "object" + }, + "AWS::AppSync::ChannelNamespace.HandlerConfigs": { + "additionalProperties": false, + "properties": { + "OnPublish": { + "$ref": "#/definitions/AWS::AppSync::ChannelNamespace.HandlerConfig", + "markdownDescription": "The configuration for the `OnPublish` handler.", + "title": "OnPublish" + }, + "OnSubscribe": { + "$ref": "#/definitions/AWS::AppSync::ChannelNamespace.HandlerConfig", + "markdownDescription": "The configuration for the `OnSubscribe` handler.", + "title": "OnSubscribe" + } + }, + "type": "object" + }, + "AWS::AppSync::ChannelNamespace.Integration": { + "additionalProperties": false, + "properties": { + "DataSourceName": { + "markdownDescription": "The unique name of the data source that has been configured on the API.", + "title": "DataSourceName", + "type": "string" + }, + "LambdaConfig": { + "$ref": "#/definitions/AWS::AppSync::ChannelNamespace.LambdaConfig", + "markdownDescription": "The configuration for a Lambda data source.", + "title": "LambdaConfig" + } + }, + "required": [ + "DataSourceName" + ], + "type": "object" + }, + "AWS::AppSync::ChannelNamespace.LambdaConfig": { + "additionalProperties": false, + "properties": { + "InvokeType": { + "markdownDescription": "The invocation type for a Lambda data source.", + "title": "InvokeType", + "type": "string" + } + }, + "required": [ + "InvokeType" + ], + "type": "object" + }, "AWS::AppSync::DataSource": { "additionalProperties": false, "properties": { @@ -19544,6 +21107,14 @@ "markdownDescription": "The domain name.", "title": "DomainName", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A set of tags (key-value pairs) for this domain name.", + "title": "Tags", + "type": "array" } }, "required": [ @@ -20577,7 +22148,7 @@ }, "type": "object" }, - "AWS::ApplicationAutoScaling::ScalableTarget": { + "AWS::AppTest::TestCase": { "additionalProperties": false, "properties": { "Condition": { @@ -20612,62 +22183,45 @@ "Properties": { "additionalProperties": false, "properties": { - "MaxCapacity": { - "markdownDescription": "The maximum value that you plan to scale out to. When a scaling policy is in effect, Application Auto Scaling can scale out (expand) as needed to the maximum capacity limit in response to changing demand.", - "title": "MaxCapacity", - "type": "number" - }, - "MinCapacity": { - "markdownDescription": "The minimum value that you plan to scale in to. When a scaling policy is in effect, Application Auto Scaling can scale in (contract) as needed to the minimum capacity limit in response to changing demand.", - "title": "MinCapacity", - "type": "number" - }, - "ResourceId": { - "markdownDescription": "The identifier of the resource associated with the scalable target. This string consists of the resource type and unique identifier.\n\n- ECS service - The resource type is `service` and the unique identifier is the cluster name and service name. Example: `service/my-cluster/my-service` .\n- Spot Fleet - The resource type is `spot-fleet-request` and the unique identifier is the Spot Fleet request ID. Example: `spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE` .\n- EMR cluster - The resource type is `instancegroup` and the unique identifier is the cluster ID and instance group ID. Example: `instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0` .\n- AppStream 2.0 fleet - The resource type is `fleet` and the unique identifier is the fleet name. Example: `fleet/sample-fleet` .\n- DynamoDB table - The resource type is `table` and the unique identifier is the table name. Example: `table/my-table` .\n- DynamoDB global secondary index - The resource type is `index` and the unique identifier is the index name. Example: `table/my-table/index/my-table-index` .\n- Aurora DB cluster - The resource type is `cluster` and the unique identifier is the cluster name. Example: `cluster:my-db-cluster` .\n- SageMaker endpoint variant - The resource type is `variant` and the unique identifier is the resource ID. Example: `endpoint/my-end-point/variant/KMeansClustering` .\n- Custom resources are not supported with a resource type. This parameter must specify the `OutputValue` from the CloudFormation template stack used to access the resources. The unique identifier is defined by the service provider. More information is available in our [GitHub repository](https://docs.aws.amazon.com/https://github.com/aws/aws-auto-scaling-custom-resource) .\n- Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: `arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE` .\n- Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: `arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE` .\n- Lambda provisioned concurrency - The resource type is `function` and the unique identifier is the function name with a function version or alias name suffix that is not `$LATEST` . Example: `function:my-function:prod` or `function:my-function:1` .\n- Amazon Keyspaces table - The resource type is `table` and the unique identifier is the table name. Example: `keyspace/mykeyspace/table/mytable` .\n- Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. Example: `arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5` .\n- Amazon ElastiCache replication group - The resource type is `replication-group` and the unique identifier is the replication group name. Example: `replication-group/mycluster` .\n- Amazon ElastiCache cache cluster - The resource type is `cache-cluster` and the unique identifier is the cache cluster name. Example: `cache-cluster/mycluster` .\n- Neptune cluster - The resource type is `cluster` and the unique identifier is the cluster name. Example: `cluster:mycluster` .\n- SageMaker serverless endpoint - The resource type is `variant` and the unique identifier is the resource ID. Example: `endpoint/my-end-point/variant/KMeansClustering` .\n- SageMaker inference component - The resource type is `inference-component` and the unique identifier is the resource ID. Example: `inference-component/my-inference-component` .\n- Pool of WorkSpaces - The resource type is `workspacespool` and the unique identifier is the pool ID. Example: `workspacespool/wspool-123456` .", - "title": "ResourceId", - "type": "string" - }, - "RoleARN": { - "markdownDescription": "Specify the Amazon Resource Name (ARN) of an Identity and Access Management (IAM) role that allows Application Auto Scaling to modify the scalable target on your behalf. This can be either an IAM service role that Application Auto Scaling can assume to make calls to other AWS resources on your behalf, or a service-linked role for the specified service. For more information, see [How Application Auto Scaling works with IAM](https://docs.aws.amazon.com/autoscaling/application/userguide/security_iam_service-with-iam.html) in the *Application Auto Scaling User Guide* .\n\nTo automatically create a service-linked role (recommended), specify the full ARN of the service-linked role in your stack template. To find the exact ARN of the service-linked role for your AWS or custom resource, see the [Service-linked roles](https://docs.aws.amazon.com/autoscaling/application/userguide/application-auto-scaling-service-linked-roles.html) topic in the *Application Auto Scaling User Guide* . Look for the ARN in the table at the bottom of the page.", - "title": "RoleARN", + "Description": { + "markdownDescription": "The description of the test case.", + "title": "Description", "type": "string" }, - "ScalableDimension": { - "markdownDescription": "The scalable dimension associated with the scalable target. This string consists of the service namespace, resource type, and scaling property.\n\n- `ecs:service:DesiredCount` - The task count of an ECS service.\n- `elasticmapreduce:instancegroup:InstanceCount` - The instance count of an EMR Instance Group.\n- `ec2:spot-fleet-request:TargetCapacity` - The target capacity of a Spot Fleet.\n- `appstream:fleet:DesiredCapacity` - The capacity of an AppStream 2.0 fleet.\n- `dynamodb:table:ReadCapacityUnits` - The provisioned read capacity for a DynamoDB table.\n- `dynamodb:table:WriteCapacityUnits` - The provisioned write capacity for a DynamoDB table.\n- `dynamodb:index:ReadCapacityUnits` - The provisioned read capacity for a DynamoDB global secondary index.\n- `dynamodb:index:WriteCapacityUnits` - The provisioned write capacity for a DynamoDB global secondary index.\n- `rds:cluster:ReadReplicaCount` - The count of Aurora Replicas in an Aurora DB cluster. Available for Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.\n- `sagemaker:variant:DesiredInstanceCount` - The number of EC2 instances for a SageMaker model endpoint variant.\n- `custom-resource:ResourceType:Property` - The scalable dimension for a custom resource provided by your own application or service.\n- `comprehend:document-classifier-endpoint:DesiredInferenceUnits` - The number of inference units for an Amazon Comprehend document classification endpoint.\n- `comprehend:entity-recognizer-endpoint:DesiredInferenceUnits` - The number of inference units for an Amazon Comprehend entity recognizer endpoint.\n- `lambda:function:ProvisionedConcurrency` - The provisioned concurrency for a Lambda function.\n- `cassandra:table:ReadCapacityUnits` - The provisioned read capacity for an Amazon Keyspaces table.\n- `cassandra:table:WriteCapacityUnits` - The provisioned write capacity for an Amazon Keyspaces table.\n- `kafka:broker-storage:VolumeSize` - The provisioned volume size (in GiB) for brokers in an Amazon MSK cluster.\n- `elasticache:cache-cluster:Nodes` - The number of nodes for an Amazon ElastiCache cache cluster.\n- `elasticache:replication-group:NodeGroups` - The number of node groups for an Amazon ElastiCache replication group.\n- `elasticache:replication-group:Replicas` - The number of replicas per node group for an Amazon ElastiCache replication group.\n- `neptune:cluster:ReadReplicaCount` - The count of read replicas in an Amazon Neptune DB cluster.\n- `sagemaker:variant:DesiredProvisionedConcurrency` - The provisioned concurrency for a SageMaker serverless endpoint.\n- `sagemaker:inference-component:DesiredCopyCount` - The number of copies across an endpoint for a SageMaker inference component.\n- `workspaces:workspacespool:DesiredUserSessions` - The number of user sessions for the WorkSpaces in the pool.", - "title": "ScalableDimension", + "Name": { + "markdownDescription": "The name of the test case.", + "title": "Name", "type": "string" }, - "ScheduledActions": { + "Steps": { "items": { - "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalableTarget.ScheduledAction" + "$ref": "#/definitions/AWS::AppTest::TestCase.Step" }, - "markdownDescription": "The scheduled actions for the scalable target. Duplicates aren't allowed.", - "title": "ScheduledActions", + "markdownDescription": "The steps in the test case.", + "title": "Steps", "type": "array" }, - "ServiceNamespace": { - "markdownDescription": "The namespace of the AWS service that provides the resource, or a `custom-resource` .", - "title": "ServiceNamespace", - "type": "string" - }, - "SuspendedState": { - "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalableTarget.SuspendedState", - "markdownDescription": "An embedded object that contains attributes and attribute values that are used to suspend and resume automatic scaling. Setting the value of an attribute to `true` suspends the specified scaling activities. Setting it to `false` (default) resumes the specified scaling activities.\n\n*Suspension Outcomes*\n\n- For `DynamicScalingInSuspended` , while a suspension is in effect, all scale-in activities that are triggered by a scaling policy are suspended.\n- For `DynamicScalingOutSuspended` , while a suspension is in effect, all scale-out activities that are triggered by a scaling policy are suspended.\n- For `ScheduledScalingSuspended` , while a suspension is in effect, all scaling activities that involve scheduled actions are suspended.", - "title": "SuspendedState" + "Tags": { + "additionalProperties": true, + "markdownDescription": "The specified tags of the test case.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" } }, "required": [ - "MaxCapacity", - "MinCapacity", - "ResourceId", - "ScalableDimension", - "ServiceNamespace" + "Name", + "Steps" ], "type": "object" }, "Type": { "enum": [ - "AWS::ApplicationAutoScaling::ScalableTarget" + "AWS::AppTest::TestCase" ], "type": "string" }, @@ -20686,84 +22240,688 @@ ], "type": "object" }, - "AWS::ApplicationAutoScaling::ScalableTarget.ScalableTargetAction": { + "AWS::AppTest::TestCase.Batch": { "additionalProperties": false, "properties": { - "MaxCapacity": { - "markdownDescription": "The maximum capacity.", - "title": "MaxCapacity", - "type": "number" + "BatchJobName": { + "markdownDescription": "The job name of the batch.", + "title": "BatchJobName", + "type": "string" }, - "MinCapacity": { - "markdownDescription": "The minimum capacity.", - "title": "MinCapacity", - "type": "number" + "BatchJobParameters": { + "additionalProperties": true, + "markdownDescription": "The batch job parameters of the batch.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "BatchJobParameters", + "type": "object" + }, + "ExportDataSetNames": { + "items": { + "type": "string" + }, + "markdownDescription": "The export data set names of the batch.", + "title": "ExportDataSetNames", + "type": "array" } }, + "required": [ + "BatchJobName" + ], "type": "object" }, - "AWS::ApplicationAutoScaling::ScalableTarget.ScheduledAction": { + "AWS::AppTest::TestCase.CloudFormationAction": { "additionalProperties": false, "properties": { - "EndTime": { - "markdownDescription": "The date and time that the action is scheduled to end, in UTC.", - "title": "EndTime", + "ActionType": { + "markdownDescription": "The action type of the CloudFormation action.", + "title": "ActionType", "type": "string" }, - "ScalableTargetAction": { - "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalableTarget.ScalableTargetAction", - "markdownDescription": "The new minimum and maximum capacity. You can set both values or just one. At the scheduled time, if the current capacity is below the minimum capacity, Application Auto Scaling scales out to the minimum capacity. If the current capacity is above the maximum capacity, Application Auto Scaling scales in to the maximum capacity.", - "title": "ScalableTargetAction" + "Resource": { + "markdownDescription": "The resource of the CloudFormation action.", + "title": "Resource", + "type": "string" + } + }, + "required": [ + "Resource" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.CompareAction": { + "additionalProperties": false, + "properties": { + "Input": { + "$ref": "#/definitions/AWS::AppTest::TestCase.Input", + "markdownDescription": "The input of the compare action.", + "title": "Input" }, - "Schedule": { - "markdownDescription": "The schedule for this action. The following formats are supported:\n\n- At expressions - \" `at( *yyyy* - *mm* - *dd* T *hh* : *mm* : *ss* )` \"\n- Rate expressions - \" `rate( *value* *unit* )` \"\n- Cron expressions - \" `cron( *fields* )` \"\n\nAt expressions are useful for one-time schedules. Cron expressions are useful for scheduled actions that run periodically at a specified date and time, and rate expressions are useful for scheduled actions that run at a regular interval.\n\nAt and cron expressions use Universal Coordinated Time (UTC) by default.\n\nThe cron format consists of six fields separated by white spaces: [Minutes] [Hours] [Day_of_Month] [Month] [Day_of_Week] [Year].\n\nFor rate expressions, *value* is a positive integer and *unit* is `minute` | `minutes` | `hour` | `hours` | `day` | `days` .", - "title": "Schedule", + "Output": { + "$ref": "#/definitions/AWS::AppTest::TestCase.Output", + "markdownDescription": "The output of the compare action.", + "title": "Output" + } + }, + "required": [ + "Input" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.DataSet": { + "additionalProperties": false, + "properties": { + "Ccsid": { + "markdownDescription": "The CCSID of the data set.", + "title": "Ccsid", "type": "string" }, - "ScheduledActionName": { - "markdownDescription": "The name of the scheduled action. This name must be unique among all other scheduled actions on the specified scalable target.", - "title": "ScheduledActionName", + "Format": { + "markdownDescription": "The format of the data set.", + "title": "Format", "type": "string" }, - "StartTime": { - "markdownDescription": "The date and time that the action is scheduled to begin, in UTC.", - "title": "StartTime", + "Length": { + "markdownDescription": "The length of the data set.", + "title": "Length", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of the data set.", + "title": "Name", "type": "string" }, - "Timezone": { - "markdownDescription": "The time zone used when referring to the date and time of a scheduled action, when the scheduled action uses an at or cron expression.", - "title": "Timezone", + "Type": { + "markdownDescription": "The type of the data set.", + "title": "Type", "type": "string" } }, "required": [ - "Schedule", - "ScheduledActionName" + "Ccsid", + "Format", + "Length", + "Name", + "Type" ], "type": "object" }, - "AWS::ApplicationAutoScaling::ScalableTarget.SuspendedState": { + "AWS::AppTest::TestCase.DatabaseCDC": { "additionalProperties": false, "properties": { - "DynamicScalingInSuspended": { - "markdownDescription": "Whether scale in by a target tracking scaling policy or a step scaling policy is suspended. Set the value to `true` if you don't want Application Auto Scaling to remove capacity when a scaling policy is triggered. The default is `false` .", - "title": "DynamicScalingInSuspended", - "type": "boolean" + "SourceMetadata": { + "$ref": "#/definitions/AWS::AppTest::TestCase.SourceDatabaseMetadata", + "markdownDescription": "The source metadata of the database CDC.", + "title": "SourceMetadata" }, - "DynamicScalingOutSuspended": { - "markdownDescription": "Whether scale out by a target tracking scaling policy or a step scaling policy is suspended. Set the value to `true` if you don't want Application Auto Scaling to add capacity when a scaling policy is triggered. The default is `false` .", - "title": "DynamicScalingOutSuspended", - "type": "boolean" + "TargetMetadata": { + "$ref": "#/definitions/AWS::AppTest::TestCase.TargetDatabaseMetadata", + "markdownDescription": "The target metadata of the database CDC.", + "title": "TargetMetadata" + } + }, + "required": [ + "SourceMetadata", + "TargetMetadata" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.FileMetadata": { + "additionalProperties": false, + "properties": { + "DataSets": { + "items": { + "$ref": "#/definitions/AWS::AppTest::TestCase.DataSet" + }, + "markdownDescription": "The data sets of the file metadata.", + "title": "DataSets", + "type": "array" }, - "ScheduledScalingSuspended": { - "markdownDescription": "Whether scheduled scaling is suspended. Set the value to `true` if you don't want Application Auto Scaling to add or remove capacity by initiating scheduled actions. The default is `false` .", - "title": "ScheduledScalingSuspended", + "DatabaseCDC": { + "$ref": "#/definitions/AWS::AppTest::TestCase.DatabaseCDC", + "markdownDescription": "The database CDC of the file metadata.", + "title": "DatabaseCDC" + } + }, + "type": "object" + }, + "AWS::AppTest::TestCase.Input": { + "additionalProperties": false, + "properties": { + "File": { + "$ref": "#/definitions/AWS::AppTest::TestCase.InputFile", + "markdownDescription": "The file in the input.", + "title": "File" + } + }, + "required": [ + "File" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.InputFile": { + "additionalProperties": false, + "properties": { + "FileMetadata": { + "$ref": "#/definitions/AWS::AppTest::TestCase.FileMetadata", + "markdownDescription": "The file metadata of the input file.", + "title": "FileMetadata" + }, + "SourceLocation": { + "markdownDescription": "The source location of the input file.", + "title": "SourceLocation", + "type": "string" + }, + "TargetLocation": { + "markdownDescription": "The target location of the input file.", + "title": "TargetLocation", + "type": "string" + } + }, + "required": [ + "FileMetadata", + "SourceLocation", + "TargetLocation" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.M2ManagedActionProperties": { + "additionalProperties": false, + "properties": { + "ForceStop": { + "markdownDescription": "Force stops the Mainframe Modernization managed action properties.", + "title": "ForceStop", "type": "boolean" + }, + "ImportDataSetLocation": { + "markdownDescription": "The import data set location of the Mainframe Modernization managed action properties.", + "title": "ImportDataSetLocation", + "type": "string" } }, "type": "object" }, - "AWS::ApplicationAutoScaling::ScalingPolicy": { + "AWS::AppTest::TestCase.M2ManagedApplicationAction": { + "additionalProperties": false, + "properties": { + "ActionType": { + "markdownDescription": "The action type of the Mainframe Modernization managed application action.", + "title": "ActionType", + "type": "string" + }, + "Properties": { + "$ref": "#/definitions/AWS::AppTest::TestCase.M2ManagedActionProperties", + "markdownDescription": "The properties of the Mainframe Modernization managed application action.", + "title": "Properties" + }, + "Resource": { + "markdownDescription": "The resource of the Mainframe Modernization managed application action.", + "title": "Resource", + "type": "string" + } + }, + "required": [ + "ActionType", + "Resource" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.M2NonManagedApplicationAction": { + "additionalProperties": false, + "properties": { + "ActionType": { + "markdownDescription": "The action type of the Mainframe Modernization non-managed application action.", + "title": "ActionType", + "type": "string" + }, + "Resource": { + "markdownDescription": "The resource of the Mainframe Modernization non-managed application action.", + "title": "Resource", + "type": "string" + } + }, + "required": [ + "ActionType", + "Resource" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.MainframeAction": { + "additionalProperties": false, + "properties": { + "ActionType": { + "$ref": "#/definitions/AWS::AppTest::TestCase.MainframeActionType", + "markdownDescription": "The action type of the mainframe action.", + "title": "ActionType" + }, + "Properties": { + "$ref": "#/definitions/AWS::AppTest::TestCase.MainframeActionProperties", + "markdownDescription": "The properties of the mainframe action.", + "title": "Properties" + }, + "Resource": { + "markdownDescription": "The resource of the mainframe action.", + "title": "Resource", + "type": "string" + } + }, + "required": [ + "ActionType", + "Resource" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.MainframeActionProperties": { + "additionalProperties": false, + "properties": { + "DmsTaskArn": { + "markdownDescription": "The DMS task ARN of the mainframe action properties.", + "title": "DmsTaskArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::AppTest::TestCase.MainframeActionType": { + "additionalProperties": false, + "properties": { + "Batch": { + "$ref": "#/definitions/AWS::AppTest::TestCase.Batch", + "markdownDescription": "The batch of the mainframe action type.", + "title": "Batch" + }, + "Tn3270": { + "$ref": "#/definitions/AWS::AppTest::TestCase.TN3270", + "markdownDescription": "The tn3270 port of the mainframe action type.", + "title": "Tn3270" + } + }, + "type": "object" + }, + "AWS::AppTest::TestCase.Output": { + "additionalProperties": false, + "properties": { + "File": { + "$ref": "#/definitions/AWS::AppTest::TestCase.OutputFile", + "markdownDescription": "The file of the output.", + "title": "File" + } + }, + "required": [ + "File" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.OutputFile": { + "additionalProperties": false, + "properties": { + "FileLocation": { + "markdownDescription": "The file location of the output file.", + "title": "FileLocation", + "type": "string" + } + }, + "type": "object" + }, + "AWS::AppTest::TestCase.ResourceAction": { + "additionalProperties": false, + "properties": { + "CloudFormationAction": { + "$ref": "#/definitions/AWS::AppTest::TestCase.CloudFormationAction", + "markdownDescription": "The CloudFormation action of the resource action.", + "title": "CloudFormationAction" + }, + "M2ManagedApplicationAction": { + "$ref": "#/definitions/AWS::AppTest::TestCase.M2ManagedApplicationAction", + "markdownDescription": "The Mainframe Modernization managed application action of the resource action.", + "title": "M2ManagedApplicationAction" + }, + "M2NonManagedApplicationAction": { + "$ref": "#/definitions/AWS::AppTest::TestCase.M2NonManagedApplicationAction", + "markdownDescription": "The Mainframe Modernization non-managed application action of the resource action.", + "title": "M2NonManagedApplicationAction" + } + }, + "type": "object" + }, + "AWS::AppTest::TestCase.Script": { + "additionalProperties": false, + "properties": { + "ScriptLocation": { + "markdownDescription": "The script location of the scripts.", + "title": "ScriptLocation", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the scripts.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "ScriptLocation", + "Type" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.SourceDatabaseMetadata": { + "additionalProperties": false, + "properties": { + "CaptureTool": { + "markdownDescription": "The capture tool of the source database metadata.", + "title": "CaptureTool", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the source database metadata.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "CaptureTool", + "Type" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.Step": { + "additionalProperties": false, + "properties": { + "Action": { + "$ref": "#/definitions/AWS::AppTest::TestCase.StepAction", + "markdownDescription": "The action of the step.", + "title": "Action" + }, + "Description": { + "markdownDescription": "The description of the step.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the step.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Action", + "Name" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.StepAction": { + "additionalProperties": false, + "properties": { + "CompareAction": { + "$ref": "#/definitions/AWS::AppTest::TestCase.CompareAction", + "markdownDescription": "The compare action of the step action.", + "title": "CompareAction" + }, + "MainframeAction": { + "$ref": "#/definitions/AWS::AppTest::TestCase.MainframeAction", + "markdownDescription": "The mainframe action of the step action.", + "title": "MainframeAction" + }, + "ResourceAction": { + "$ref": "#/definitions/AWS::AppTest::TestCase.ResourceAction", + "markdownDescription": "The resource action of the step action.", + "title": "ResourceAction" + } + }, + "type": "object" + }, + "AWS::AppTest::TestCase.TN3270": { + "additionalProperties": false, + "properties": { + "ExportDataSetNames": { + "items": { + "type": "string" + }, + "markdownDescription": "The data set names of the TN3270 protocol.", + "title": "ExportDataSetNames", + "type": "array" + }, + "Script": { + "$ref": "#/definitions/AWS::AppTest::TestCase.Script", + "markdownDescription": "The script of the TN3270 protocol.", + "title": "Script" + } + }, + "required": [ + "Script" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.TargetDatabaseMetadata": { + "additionalProperties": false, + "properties": { + "CaptureTool": { + "markdownDescription": "The capture tool of the target database metadata.", + "title": "CaptureTool", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the target database metadata.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "CaptureTool", + "Type" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.TestCaseLatestVersion": { + "additionalProperties": false, + "properties": { + "Status": { + "markdownDescription": "The status of the test case latest version.", + "title": "Status", + "type": "string" + }, + "Version": { + "markdownDescription": "The version of the test case latest version.", + "title": "Version", + "type": "number" + } + }, + "required": [ + "Status", + "Version" + ], + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalableTarget": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "MaxCapacity": { + "markdownDescription": "The maximum value that you plan to scale out to. When a scaling policy is in effect, Application Auto Scaling can scale out (expand) as needed to the maximum capacity limit in response to changing demand.", + "title": "MaxCapacity", + "type": "number" + }, + "MinCapacity": { + "markdownDescription": "The minimum value that you plan to scale in to. When a scaling policy is in effect, Application Auto Scaling can scale in (contract) as needed to the minimum capacity limit in response to changing demand.", + "title": "MinCapacity", + "type": "number" + }, + "ResourceId": { + "markdownDescription": "The identifier of the resource associated with the scalable target. This string consists of the resource type and unique identifier.\n\n- ECS service - The resource type is `service` and the unique identifier is the cluster name and service name. Example: `service/my-cluster/my-service` .\n- Spot Fleet - The resource type is `spot-fleet-request` and the unique identifier is the Spot Fleet request ID. Example: `spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE` .\n- EMR cluster - The resource type is `instancegroup` and the unique identifier is the cluster ID and instance group ID. Example: `instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0` .\n- AppStream 2.0 fleet - The resource type is `fleet` and the unique identifier is the fleet name. Example: `fleet/sample-fleet` .\n- DynamoDB table - The resource type is `table` and the unique identifier is the table name. Example: `table/my-table` .\n- DynamoDB global secondary index - The resource type is `index` and the unique identifier is the index name. Example: `table/my-table/index/my-table-index` .\n- Aurora DB cluster - The resource type is `cluster` and the unique identifier is the cluster name. Example: `cluster:my-db-cluster` .\n- SageMaker endpoint variant - The resource type is `variant` and the unique identifier is the resource ID. Example: `endpoint/my-end-point/variant/KMeansClustering` .\n- Custom resources are not supported with a resource type. This parameter must specify the `OutputValue` from the CloudFormation template stack used to access the resources. The unique identifier is defined by the service provider. More information is available in our [GitHub repository](https://docs.aws.amazon.com/https://github.com/aws/aws-auto-scaling-custom-resource) .\n- Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: `arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE` .\n- Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: `arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE` .\n- Lambda provisioned concurrency - The resource type is `function` and the unique identifier is the function name with a function version or alias name suffix that is not `$LATEST` . Example: `function:my-function:prod` or `function:my-function:1` .\n- Amazon Keyspaces table - The resource type is `table` and the unique identifier is the table name. Example: `keyspace/mykeyspace/table/mytable` .\n- Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. Example: `arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5` .\n- Amazon ElastiCache replication group - The resource type is `replication-group` and the unique identifier is the replication group name. Example: `replication-group/mycluster` .\n- Amazon ElastiCache cache cluster - The resource type is `cache-cluster` and the unique identifier is the cache cluster name. Example: `cache-cluster/mycluster` .\n- Neptune cluster - The resource type is `cluster` and the unique identifier is the cluster name. Example: `cluster:mycluster` .\n- SageMaker serverless endpoint - The resource type is `variant` and the unique identifier is the resource ID. Example: `endpoint/my-end-point/variant/KMeansClustering` .\n- SageMaker inference component - The resource type is `inference-component` and the unique identifier is the resource ID. Example: `inference-component/my-inference-component` .\n- Pool of WorkSpaces - The resource type is `workspacespool` and the unique identifier is the pool ID. Example: `workspacespool/wspool-123456` .", + "title": "ResourceId", + "type": "string" + }, + "RoleARN": { + "markdownDescription": "Specify the Amazon Resource Name (ARN) of an Identity and Access Management (IAM) role that allows Application Auto Scaling to modify the scalable target on your behalf. This can be either an IAM service role that Application Auto Scaling can assume to make calls to other AWS resources on your behalf, or a service-linked role for the specified service. For more information, see [How Application Auto Scaling works with IAM](https://docs.aws.amazon.com/autoscaling/application/userguide/security_iam_service-with-iam.html) in the *Application Auto Scaling User Guide* .\n\nTo automatically create a service-linked role (recommended), specify the full ARN of the service-linked role in your stack template. To find the exact ARN of the service-linked role for your AWS or custom resource, see the [Service-linked roles](https://docs.aws.amazon.com/autoscaling/application/userguide/application-auto-scaling-service-linked-roles.html) topic in the *Application Auto Scaling User Guide* . Look for the ARN in the table at the bottom of the page.", + "title": "RoleARN", + "type": "string" + }, + "ScalableDimension": { + "markdownDescription": "The scalable dimension associated with the scalable target. This string consists of the service namespace, resource type, and scaling property.\n\n- `ecs:service:DesiredCount` - The task count of an ECS service.\n- `elasticmapreduce:instancegroup:InstanceCount` - The instance count of an EMR Instance Group.\n- `ec2:spot-fleet-request:TargetCapacity` - The target capacity of a Spot Fleet.\n- `appstream:fleet:DesiredCapacity` - The capacity of an AppStream 2.0 fleet.\n- `dynamodb:table:ReadCapacityUnits` - The provisioned read capacity for a DynamoDB table.\n- `dynamodb:table:WriteCapacityUnits` - The provisioned write capacity for a DynamoDB table.\n- `dynamodb:index:ReadCapacityUnits` - The provisioned read capacity for a DynamoDB global secondary index.\n- `dynamodb:index:WriteCapacityUnits` - The provisioned write capacity for a DynamoDB global secondary index.\n- `rds:cluster:ReadReplicaCount` - The count of Aurora Replicas in an Aurora DB cluster. Available for Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.\n- `sagemaker:variant:DesiredInstanceCount` - The number of EC2 instances for a SageMaker model endpoint variant.\n- `custom-resource:ResourceType:Property` - The scalable dimension for a custom resource provided by your own application or service.\n- `comprehend:document-classifier-endpoint:DesiredInferenceUnits` - The number of inference units for an Amazon Comprehend document classification endpoint.\n- `comprehend:entity-recognizer-endpoint:DesiredInferenceUnits` - The number of inference units for an Amazon Comprehend entity recognizer endpoint.\n- `lambda:function:ProvisionedConcurrency` - The provisioned concurrency for a Lambda function.\n- `cassandra:table:ReadCapacityUnits` - The provisioned read capacity for an Amazon Keyspaces table.\n- `cassandra:table:WriteCapacityUnits` - The provisioned write capacity for an Amazon Keyspaces table.\n- `kafka:broker-storage:VolumeSize` - The provisioned volume size (in GiB) for brokers in an Amazon MSK cluster.\n- `elasticache:cache-cluster:Nodes` - The number of nodes for an Amazon ElastiCache cache cluster.\n- `elasticache:replication-group:NodeGroups` - The number of node groups for an Amazon ElastiCache replication group.\n- `elasticache:replication-group:Replicas` - The number of replicas per node group for an Amazon ElastiCache replication group.\n- `neptune:cluster:ReadReplicaCount` - The count of read replicas in an Amazon Neptune DB cluster.\n- `sagemaker:variant:DesiredProvisionedConcurrency` - The provisioned concurrency for a SageMaker serverless endpoint.\n- `sagemaker:inference-component:DesiredCopyCount` - The number of copies across an endpoint for a SageMaker inference component.\n- `workspaces:workspacespool:DesiredUserSessions` - The number of user sessions for the WorkSpaces in the pool.", + "title": "ScalableDimension", + "type": "string" + }, + "ScheduledActions": { + "items": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalableTarget.ScheduledAction" + }, + "markdownDescription": "The scheduled actions for the scalable target. Duplicates aren't allowed.", + "title": "ScheduledActions", + "type": "array" + }, + "ServiceNamespace": { + "markdownDescription": "The namespace of the AWS service that provides the resource, or a `custom-resource` .", + "title": "ServiceNamespace", + "type": "string" + }, + "SuspendedState": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalableTarget.SuspendedState", + "markdownDescription": "An embedded object that contains attributes and attribute values that are used to suspend and resume automatic scaling. Setting the value of an attribute to `true` suspends the specified scaling activities. Setting it to `false` (default) resumes the specified scaling activities.\n\n*Suspension Outcomes*\n\n- For `DynamicScalingInSuspended` , while a suspension is in effect, all scale-in activities that are triggered by a scaling policy are suspended.\n- For `DynamicScalingOutSuspended` , while a suspension is in effect, all scale-out activities that are triggered by a scaling policy are suspended.\n- For `ScheduledScalingSuspended` , while a suspension is in effect, all scaling activities that involve scheduled actions are suspended.", + "title": "SuspendedState" + } + }, + "required": [ + "MaxCapacity", + "MinCapacity", + "ResourceId", + "ScalableDimension", + "ServiceNamespace" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ApplicationAutoScaling::ScalableTarget" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalableTarget.ScalableTargetAction": { + "additionalProperties": false, + "properties": { + "MaxCapacity": { + "markdownDescription": "The maximum capacity.", + "title": "MaxCapacity", + "type": "number" + }, + "MinCapacity": { + "markdownDescription": "The minimum capacity.", + "title": "MinCapacity", + "type": "number" + } + }, + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalableTarget.ScheduledAction": { + "additionalProperties": false, + "properties": { + "EndTime": { + "markdownDescription": "The date and time that the action is scheduled to end, in UTC.", + "title": "EndTime", + "type": "string" + }, + "ScalableTargetAction": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalableTarget.ScalableTargetAction", + "markdownDescription": "The new minimum and maximum capacity. You can set both values or just one. At the scheduled time, if the current capacity is below the minimum capacity, Application Auto Scaling scales out to the minimum capacity. If the current capacity is above the maximum capacity, Application Auto Scaling scales in to the maximum capacity.", + "title": "ScalableTargetAction" + }, + "Schedule": { + "markdownDescription": "The schedule for this action. The following formats are supported:\n\n- At expressions - \" `at( *yyyy* - *mm* - *dd* T *hh* : *mm* : *ss* )` \"\n- Rate expressions - \" `rate( *value* *unit* )` \"\n- Cron expressions - \" `cron( *fields* )` \"\n\nAt expressions are useful for one-time schedules. Cron expressions are useful for scheduled actions that run periodically at a specified date and time, and rate expressions are useful for scheduled actions that run at a regular interval.\n\nAt and cron expressions use Universal Coordinated Time (UTC) by default.\n\nThe cron format consists of six fields separated by white spaces: [Minutes] [Hours] [Day_of_Month] [Month] [Day_of_Week] [Year].\n\nFor rate expressions, *value* is a positive integer and *unit* is `minute` | `minutes` | `hour` | `hours` | `day` | `days` .", + "title": "Schedule", + "type": "string" + }, + "ScheduledActionName": { + "markdownDescription": "The name of the scheduled action. This name must be unique among all other scheduled actions on the specified scalable target.", + "title": "ScheduledActionName", + "type": "string" + }, + "StartTime": { + "markdownDescription": "The date and time that the action is scheduled to begin, in UTC.", + "title": "StartTime", + "type": "string" + }, + "Timezone": { + "markdownDescription": "The time zone used when referring to the date and time of a scheduled action, when the scheduled action uses an at or cron expression.", + "title": "Timezone", + "type": "string" + } + }, + "required": [ + "Schedule", + "ScheduledActionName" + ], + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalableTarget.SuspendedState": { + "additionalProperties": false, + "properties": { + "DynamicScalingInSuspended": { + "markdownDescription": "Whether scale in by a target tracking scaling policy or a step scaling policy is suspended. Set the value to `true` if you don't want Application Auto Scaling to remove capacity when a scaling policy is triggered. The default is `false` .", + "title": "DynamicScalingInSuspended", + "type": "boolean" + }, + "DynamicScalingOutSuspended": { + "markdownDescription": "Whether scale out by a target tracking scaling policy or a step scaling policy is suspended. Set the value to `true` if you don't want Application Auto Scaling to add capacity when a scaling policy is triggered. The default is `false` .", + "title": "DynamicScalingOutSuspended", + "type": "boolean" + }, + "ScheduledScalingSuspended": { + "markdownDescription": "Whether scheduled scaling is suspended. Set the value to `true` if you don't want Application Auto Scaling to add or remove capacity by initiating scheduled actions. The default is `false` .", + "title": "ScheduledScalingSuspended", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalingPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -20808,6 +22966,11 @@ "title": "PolicyType", "type": "string" }, + "PredictiveScalingPolicyConfiguration": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingPolicyConfiguration", + "markdownDescription": "The predictive scaling policy configuration.", + "title": "PredictiveScalingPolicyConfiguration" + }, "ResourceId": { "markdownDescription": "The identifier of the resource associated with the scaling policy. This string consists of the resource type and unique identifier.\n\n- ECS service - The resource type is `service` and the unique identifier is the cluster name and service name. Example: `service/my-cluster/my-service` .\n- Spot Fleet - The resource type is `spot-fleet-request` and the unique identifier is the Spot Fleet request ID. Example: `spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE` .\n- EMR cluster - The resource type is `instancegroup` and the unique identifier is the cluster ID and instance group ID. Example: `instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0` .\n- AppStream 2.0 fleet - The resource type is `fleet` and the unique identifier is the fleet name. Example: `fleet/sample-fleet` .\n- DynamoDB table - The resource type is `table` and the unique identifier is the table name. Example: `table/my-table` .\n- DynamoDB global secondary index - The resource type is `index` and the unique identifier is the index name. Example: `table/my-table/index/my-table-index` .\n- Aurora DB cluster - The resource type is `cluster` and the unique identifier is the cluster name. Example: `cluster:my-db-cluster` .\n- SageMaker endpoint variant - The resource type is `variant` and the unique identifier is the resource ID. Example: `endpoint/my-end-point/variant/KMeansClustering` .\n- Custom resources are not supported with a resource type. This parameter must specify the `OutputValue` from the CloudFormation template stack used to access the resources. The unique identifier is defined by the service provider. More information is available in our [GitHub repository](https://docs.aws.amazon.com/https://github.com/aws/aws-auto-scaling-custom-resource) .\n- Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: `arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE` .\n- Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: `arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE` .\n- Lambda provisioned concurrency - The resource type is `function` and the unique identifier is the function name with a function version or alias name suffix that is not `$LATEST` . Example: `function:my-function:prod` or `function:my-function:1` .\n- Amazon Keyspaces table - The resource type is `table` and the unique identifier is the table name. Example: `keyspace/mykeyspace/table/mytable` .\n- Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. Example: `arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5` .\n- Amazon ElastiCache replication group - The resource type is `replication-group` and the unique identifier is the replication group name. Example: `replication-group/mycluster` .\n- Amazon ElastiCache cache cluster - The resource type is `cache-cluster` and the unique identifier is the cache cluster name. Example: `cache-cluster/mycluster` .\n- Neptune cluster - The resource type is `cluster` and the unique identifier is the cluster name. Example: `cluster:mycluster` .\n- SageMaker serverless endpoint - The resource type is `variant` and the unique identifier is the resource ID. Example: `endpoint/my-end-point/variant/KMeansClustering` .\n- SageMaker inference component - The resource type is `inference-component` and the unique identifier is the resource ID. Example: `inference-component/my-inference-component` .\n- Pool of WorkSpaces - The resource type is `workspacespool` and the unique identifier is the pool ID. Example: `workspacespool/wspool-123456` .", "title": "ResourceId", @@ -20947,6 +23110,287 @@ ], "type": "object" }, + "AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingCustomizedCapacityMetric": { + "additionalProperties": false, + "properties": { + "MetricDataQueries": { + "items": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingMetricDataQuery" + }, + "markdownDescription": "One or more metric data queries to provide data points for a metric specification.", + "title": "MetricDataQueries", + "type": "array" + } + }, + "required": [ + "MetricDataQueries" + ], + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingCustomizedLoadMetric": { + "additionalProperties": false, + "properties": { + "MetricDataQueries": { + "items": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingMetricDataQuery" + }, + "markdownDescription": "", + "title": "MetricDataQueries", + "type": "array" + } + }, + "required": [ + "MetricDataQueries" + ], + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingCustomizedScalingMetric": { + "additionalProperties": false, + "properties": { + "MetricDataQueries": { + "items": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingMetricDataQuery" + }, + "markdownDescription": "One or more metric data queries to provide data points for a metric specification.", + "title": "MetricDataQueries", + "type": "array" + } + }, + "required": [ + "MetricDataQueries" + ], + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingMetric": { + "additionalProperties": false, + "properties": { + "Dimensions": { + "items": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingMetricDimension" + }, + "markdownDescription": "Describes the dimensions of the metric.", + "title": "Dimensions", + "type": "array" + }, + "MetricName": { + "markdownDescription": "The name of the metric.", + "title": "MetricName", + "type": "string" + }, + "Namespace": { + "markdownDescription": "The namespace of the metric.", + "title": "Namespace", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingMetricDataQuery": { + "additionalProperties": false, + "properties": { + "Expression": { + "markdownDescription": "The math expression to perform on the returned data, if this object is performing a math expression. This expression can use the `Id` of the other metrics to refer to those metrics, and can also use the `Id` of other expressions to use the result of those expressions.\n\nConditional: Within each `MetricDataQuery` object, you must specify either `Expression` or `MetricStat` , but not both.", + "title": "Expression", + "type": "string" + }, + "Id": { + "markdownDescription": "A short name that identifies the object's results in the response. This name must be unique among all `MetricDataQuery` objects specified for a single scaling policy. If you are performing math expressions on this set of data, this name represents that data and can serve as a variable in the mathematical expression. The valid characters are letters, numbers, and underscores. The first character must be a lowercase letter.", + "title": "Id", + "type": "string" + }, + "Label": { + "markdownDescription": "A human-readable label for this metric or expression. This is especially useful if this is a math expression, so that you know what the value represents.", + "title": "Label", + "type": "string" + }, + "MetricStat": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingMetricStat", + "markdownDescription": "Information about the metric data to return.\n\nConditional: Within each `MetricDataQuery` object, you must specify either `Expression` or `MetricStat` , but not both.", + "title": "MetricStat" + }, + "ReturnData": { + "markdownDescription": "Indicates whether to return the timestamps and raw data values of this metric.\n\nIf you use any math expressions, specify `true` for this value for only the final math expression that the metric specification is based on. You must specify `false` for `ReturnData` for all the other metrics and expressions used in the metric specification.\n\nIf you are only retrieving metrics and not performing any math expressions, do not specify anything for `ReturnData` . This sets it to its default ( `true` ).", + "title": "ReturnData", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingMetricDimension": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the dimension.", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the dimension.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingMetricSpecification": { + "additionalProperties": false, + "properties": { + "CustomizedCapacityMetricSpecification": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingCustomizedCapacityMetric", + "markdownDescription": "The customized capacity metric specification.", + "title": "CustomizedCapacityMetricSpecification" + }, + "CustomizedLoadMetricSpecification": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingCustomizedLoadMetric", + "markdownDescription": "The customized load metric specification.", + "title": "CustomizedLoadMetricSpecification" + }, + "CustomizedScalingMetricSpecification": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingCustomizedScalingMetric", + "markdownDescription": "The customized scaling metric specification.", + "title": "CustomizedScalingMetricSpecification" + }, + "PredefinedLoadMetricSpecification": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingPredefinedLoadMetric", + "markdownDescription": "The predefined load metric specification.", + "title": "PredefinedLoadMetricSpecification" + }, + "PredefinedMetricPairSpecification": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingPredefinedMetricPair", + "markdownDescription": "The predefined metric pair specification that determines the appropriate scaling metric and load metric to use.", + "title": "PredefinedMetricPairSpecification" + }, + "PredefinedScalingMetricSpecification": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingPredefinedScalingMetric", + "markdownDescription": "The predefined scaling metric specification.", + "title": "PredefinedScalingMetricSpecification" + }, + "TargetValue": { + "markdownDescription": "Specifies the target utilization.", + "title": "TargetValue", + "type": "number" + } + }, + "required": [ + "TargetValue" + ], + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingMetricStat": { + "additionalProperties": false, + "properties": { + "Metric": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingMetric", + "markdownDescription": "The CloudWatch metric to return, including the metric name, namespace, and dimensions. To get the exact metric name, namespace, and dimensions, inspect the [Metric](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_Metric.html) object that is returned by a call to [ListMetrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_ListMetrics.html) .", + "title": "Metric" + }, + "Stat": { + "markdownDescription": "The statistic to return. It can include any CloudWatch statistic or extended statistic. For a list of valid values, see the table in [Statistics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html#Statistic) in the *Amazon CloudWatch User Guide* .\n\nThe most commonly used metrics for predictive scaling are `Average` and `Sum` .", + "title": "Stat", + "type": "string" + }, + "Unit": { + "markdownDescription": "The unit to use for the returned data points. For a complete list of the units that CloudWatch supports, see the [MetricDatum](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_MetricDatum.html) data type in the *Amazon CloudWatch API Reference* .", + "title": "Unit", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingPolicyConfiguration": { + "additionalProperties": false, + "properties": { + "MaxCapacityBreachBehavior": { + "markdownDescription": "Defines the behavior that should be applied if the forecast capacity approaches or exceeds the maximum capacity. Defaults to `HonorMaxCapacity` if not specified.", + "title": "MaxCapacityBreachBehavior", + "type": "string" + }, + "MaxCapacityBuffer": { + "markdownDescription": "The size of the capacity buffer to use when the forecast capacity is close to or exceeds the maximum capacity. The value is specified as a percentage relative to the forecast capacity. For example, if the buffer is 10, this means a 10 percent buffer, such that if the forecast capacity is 50, and the maximum capacity is 40, then the effective maximum capacity is 55.\n\nRequired if the `MaxCapacityBreachBehavior` property is set to `IncreaseMaxCapacity` , and cannot be used otherwise.", + "title": "MaxCapacityBuffer", + "type": "number" + }, + "MetricSpecifications": { + "items": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingMetricSpecification" + }, + "markdownDescription": "This structure includes the metrics and target utilization to use for predictive scaling.\n\nThis is an array, but we currently only support a single metric specification. That is, you can specify a target value and a single metric pair, or a target value and one scaling metric and one load metric.", + "title": "MetricSpecifications", + "type": "array" + }, + "Mode": { + "markdownDescription": "The predictive scaling mode. Defaults to `ForecastOnly` if not specified.", + "title": "Mode", + "type": "string" + }, + "SchedulingBufferTime": { + "markdownDescription": "The amount of time, in seconds, that the start time can be advanced.\n\nThe value must be less than the forecast interval duration of 3600 seconds (60 minutes). Defaults to 300 seconds if not specified.", + "title": "SchedulingBufferTime", + "type": "number" + } + }, + "required": [ + "MetricSpecifications" + ], + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingPredefinedLoadMetric": { + "additionalProperties": false, + "properties": { + "PredefinedMetricType": { + "markdownDescription": "The metric type.", + "title": "PredefinedMetricType", + "type": "string" + }, + "ResourceLabel": { + "markdownDescription": "A label that uniquely identifies a target group.", + "title": "ResourceLabel", + "type": "string" + } + }, + "required": [ + "PredefinedMetricType" + ], + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingPredefinedMetricPair": { + "additionalProperties": false, + "properties": { + "PredefinedMetricType": { + "markdownDescription": "Indicates which metrics to use. There are two different types of metrics for each metric type: one is a load metric and one is a scaling metric.", + "title": "PredefinedMetricType", + "type": "string" + }, + "ResourceLabel": { + "markdownDescription": "A label that uniquely identifies a specific target group from which to determine the total and average request count.", + "title": "ResourceLabel", + "type": "string" + } + }, + "required": [ + "PredefinedMetricType" + ], + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingPredefinedScalingMetric": { + "additionalProperties": false, + "properties": { + "PredefinedMetricType": { + "markdownDescription": "The metric type.", + "title": "PredefinedMetricType", + "type": "string" + }, + "ResourceLabel": { + "markdownDescription": "A label that uniquely identifies a specific target group from which to determine the average request count.", + "title": "ResourceLabel", + "type": "string" + } + }, + "required": [ + "PredefinedMetricType" + ], + "type": "object" + }, "AWS::ApplicationAutoScaling::ScalingPolicy.StepAdjustment": { "additionalProperties": false, "properties": { @@ -21230,6 +23674,11 @@ "title": "ResourceGroupName", "type": "string" }, + "SNSNotificationArn": { + "markdownDescription": "The SNS topic ARN that is associated with SNS notifications for updates or issues.", + "title": "SNSNotificationArn", + "type": "string" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" @@ -21766,6 +24215,636 @@ ], "type": "object" }, + "AWS::ApplicationSignals::Discovery": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ApplicationSignals::Discovery" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "BurnRateConfigurations": { + "items": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.BurnRateConfiguration" + }, + "markdownDescription": "Each object in this array defines the length of the look-back window used to calculate one burn rate metric for this SLO. The burn rate measures how fast the service is consuming the error budget, relative to the attainment goal of the SLO.", + "title": "BurnRateConfigurations", + "type": "array" + }, + "Description": { + "markdownDescription": "An optional description for this SLO.", + "title": "Description", + "type": "string" + }, + "ExclusionWindows": { + "items": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.ExclusionWindow" + }, + "markdownDescription": "The time window to be excluded from the SLO performance metrics.", + "title": "ExclusionWindows", + "type": "array" + }, + "Goal": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.Goal", + "markdownDescription": "This structure contains the attributes that determine the goal of an SLO. This includes the time period for evaluation and the attainment threshold.", + "title": "Goal" + }, + "Name": { + "markdownDescription": "A name for this SLO.", + "title": "Name", + "type": "string" + }, + "RequestBasedSli": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.RequestBasedSli", + "markdownDescription": "A structure containing information about the performance metric that this SLO monitors, if this is a request-based SLO.", + "title": "RequestBasedSli" + }, + "Sli": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.Sli", + "markdownDescription": "A structure containing information about the performance metric that this SLO monitors, if this is a period-based SLO.", + "title": "Sli" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs to associate with the SLO. You can associate as many as 50 tags with an SLO. To be able to associate tags with the SLO when you create the SLO, you must have the cloudwatch:TagResource permission.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ApplicationSignals::ServiceLevelObjective" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.BurnRateConfiguration": { + "additionalProperties": false, + "properties": { + "LookBackWindowMinutes": { + "markdownDescription": "The number of minutes to use as the look-back window.", + "title": "LookBackWindowMinutes", + "type": "number" + } + }, + "required": [ + "LookBackWindowMinutes" + ], + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.CalendarInterval": { + "additionalProperties": false, + "properties": { + "Duration": { + "markdownDescription": "Specifies the duration of each calendar interval. For example, if `Duration` is `1` and `DurationUnit` is `MONTH` , each interval is one month, aligned with the calendar.", + "title": "Duration", + "type": "number" + }, + "DurationUnit": { + "markdownDescription": "Specifies the calendar interval unit.", + "title": "DurationUnit", + "type": "string" + }, + "StartTime": { + "markdownDescription": "The date and time when you want the first interval to start. Be sure to choose a time that configures the intervals the way that you want. For example, if you want weekly intervals starting on Mondays at 6 a.m., be sure to specify a start time that is a Monday at 6 a.m.\n\nWhen used in a raw HTTP Query API, it is formatted as be epoch time in seconds. For example: `1698778057`\n\nAs soon as one calendar interval ends, another automatically begins.", + "title": "StartTime", + "type": "number" + } + }, + "required": [ + "Duration", + "DurationUnit", + "StartTime" + ], + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.DependencyConfig": { + "additionalProperties": false, + "properties": { + "DependencyKeyAttributes": { + "additionalProperties": true, + "markdownDescription": "If this SLO is related to a metric collected by Application Signals, you must use this field to specify which dependency the SLO metric is related to.\n\n- `Type` designates the type of object this is.\n- `ResourceType` specifies the type of the resource. This field is used only when the value of the `Type` field is `Resource` or `AWS::Resource` .\n- `Name` specifies the name of the object. This is used only if the value of the `Type` field is `Service` , `RemoteService` , or `AWS::Service` .\n- `Identifier` identifies the resource objects of this resource. This is used only if the value of the `Type` field is `Resource` or `AWS::Resource` .\n- `Environment` specifies the location where this object is hosted, or what it belongs to.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "DependencyKeyAttributes", + "type": "object" + }, + "DependencyOperationName": { + "markdownDescription": "When the SLO monitors a specific operation of the dependency, this field specifies the name of that operation in the dependency.", + "title": "DependencyOperationName", + "type": "string" + } + }, + "required": [ + "DependencyKeyAttributes", + "DependencyOperationName" + ], + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.Dimension": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the dimension. Dimension names must contain only ASCII characters, must include at least one non-whitespace character, and cannot start with a colon ( `:` ). ASCII control characters are not supported as part of dimension names.", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the dimension. Dimension values must contain only ASCII characters and must include at least one non-whitespace character. ASCII control characters are not supported as part of dimension values.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Name", + "Value" + ], + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.ExclusionWindow": { + "additionalProperties": false, + "properties": { + "Reason": { + "markdownDescription": "The reason for the time exclusion windows. For example, maintenance.", + "title": "Reason", + "type": "string" + }, + "RecurrenceRule": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.RecurrenceRule", + "markdownDescription": "The recurrence rule for the time exclusion window.", + "title": "RecurrenceRule" + }, + "StartTime": { + "markdownDescription": "The start time of the time exclusion window.", + "title": "StartTime", + "type": "string" + }, + "Window": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.Window", + "markdownDescription": "The time exclusion window.", + "title": "Window" + } + }, + "required": [ + "Window" + ], + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.Goal": { + "additionalProperties": false, + "properties": { + "AttainmentGoal": { + "markdownDescription": "The threshold that determines if the goal is being met.\n\nIf this is a period-based SLO, the attainment goal is the percentage of good periods that meet the threshold requirements to the total periods within the interval. For example, an attainment goal of 99.9% means that within your interval, you are targeting 99.9% of the periods to be in healthy state.\n\nIf this is a request-based SLO, the attainment goal is the percentage of requests that must be successful to meet the attainment goal.\n\nIf you omit this parameter, 99 is used to represent 99% as the attainment goal.", + "title": "AttainmentGoal", + "type": "number" + }, + "Interval": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.Interval", + "markdownDescription": "The time period used to evaluate the SLO. It can be either a calendar interval or rolling interval.\n\nIf you omit this parameter, a rolling interval of 7 days is used.", + "title": "Interval" + }, + "WarningThreshold": { + "markdownDescription": "The percentage of remaining budget over total budget that you want to get warnings for. If you omit this parameter, the default of 50.0 is used.", + "title": "WarningThreshold", + "type": "number" + } + }, + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.Interval": { + "additionalProperties": false, + "properties": { + "CalendarInterval": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.CalendarInterval", + "markdownDescription": "If the interval is a calendar interval, this structure contains the interval specifications.", + "title": "CalendarInterval" + }, + "RollingInterval": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.RollingInterval", + "markdownDescription": "If the interval is a rolling interval, this structure contains the interval specifications.", + "title": "RollingInterval" + } + }, + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.Metric": { + "additionalProperties": false, + "properties": { + "Dimensions": { + "items": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.Dimension" + }, + "markdownDescription": "An array of one or more dimensions to use to define the metric that you want to use. For more information, see [Dimensions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html#Dimension) .", + "title": "Dimensions", + "type": "array" + }, + "MetricName": { + "markdownDescription": "The name of the metric to use.", + "title": "MetricName", + "type": "string" + }, + "Namespace": { + "markdownDescription": "The namespace of the metric. For more information, see [Namespaces](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html#Namespace) .", + "title": "Namespace", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.MetricDataQuery": { + "additionalProperties": false, + "properties": { + "AccountId": { + "markdownDescription": "The ID of the account where this metric is located. If you are performing this operation in a monitoring account, use this to specify which source account to retrieve this metric from.", + "title": "AccountId", + "type": "string" + }, + "Expression": { + "markdownDescription": "This field can contain a metric math expression to be performed on the other metrics that you are retrieving within this `MetricDataQueries` structure.\n\nA math expression can use the `Id` of the other metrics or queries to refer to those metrics, and can also use the `Id` of other expressions to use the result of those expressions. For more information about metric math expressions, see [Metric Math Syntax and Functions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/using-metric-math.html#metric-math-syntax) in the *Amazon CloudWatch User Guide* .\n\nWithin each `MetricDataQuery` object, you must specify either `Expression` or `MetricStat` but not both.", + "title": "Expression", + "type": "string" + }, + "Id": { + "markdownDescription": "A short name used to tie this object to the results in the response. This `Id` must be unique within a `MetricDataQueries` array. If you are performing math expressions on this set of data, this name represents that data and can serve as a variable in the metric math expression. The valid characters are letters, numbers, and underscore. The first character must be a lowercase letter.", + "title": "Id", + "type": "string" + }, + "MetricStat": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.MetricStat", + "markdownDescription": "A metric to be used directly for the SLO, or to be used in the math expression that will be used for the SLO.\n\nWithin one `MetricDataQuery` object, you must specify either `Expression` or `MetricStat` but not both.", + "title": "MetricStat" + }, + "ReturnData": { + "markdownDescription": "Use this only if you are using a metric math expression for the SLO. Specify `true` for `ReturnData` for only the one expression result to use as the alarm. For all other metrics and expressions in the same `CreateServiceLevelObjective` operation, specify `ReturnData` as `false` .", + "title": "ReturnData", + "type": "boolean" + } + }, + "required": [ + "Id" + ], + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.MetricStat": { + "additionalProperties": false, + "properties": { + "Metric": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.Metric", + "markdownDescription": "The metric to use as the service level indicator, including the metric name, namespace, and dimensions.", + "title": "Metric" + }, + "Period": { + "markdownDescription": "The granularity, in seconds, to be used for the metric. For metrics with regular resolution, a period can be as short as one minute (60 seconds) and must be a multiple of 60. For high-resolution metrics that are collected at intervals of less than one minute, the period can be 1, 5, 10, 30, 60, or any multiple of 60. High-resolution metrics are those metrics stored by a `PutMetricData` call that includes a `StorageResolution` of 1 second.", + "title": "Period", + "type": "number" + }, + "Stat": { + "markdownDescription": "The statistic to use for comparison to the threshold. It can be any CloudWatch statistic or extended statistic. For more information about statistics, see [CloudWatch statistics definitions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Statistics-definitions.html) .", + "title": "Stat", + "type": "string" + }, + "Unit": { + "markdownDescription": "If you omit `Unit` then all data that was collected with any unit is returned, along with the corresponding units that were specified when the data was reported to CloudWatch. If you specify a unit, the operation returns only data that was collected with that unit specified. If you specify a unit that does not match the data collected, the results of the operation are null. CloudWatch does not perform unit conversions.", + "title": "Unit", + "type": "string" + } + }, + "required": [ + "Metric", + "Period", + "Stat" + ], + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.MonitoredRequestCountMetric": { + "additionalProperties": false, + "properties": { + "BadCountMetric": { + "items": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.MetricDataQuery" + }, + "markdownDescription": "If you want to count \"bad requests\" to determine the percentage of successful requests for this request-based SLO, specify the metric to use as \"bad requests\" in this structure.", + "title": "BadCountMetric", + "type": "array" + }, + "GoodCountMetric": { + "items": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.MetricDataQuery" + }, + "markdownDescription": "If you want to count \"good requests\" to determine the percentage of successful requests for this request-based SLO, specify the metric to use as \"good requests\" in this structure.", + "title": "GoodCountMetric", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.RecurrenceRule": { + "additionalProperties": false, + "properties": { + "Expression": { + "markdownDescription": "The following two rules are supported:\n\n- rate(value unit) - The value must be a positive integer and the unit can be hour|day|month.\n- cron - An expression which consists of six fields separated by white spaces: (minutes hours day_of_month month day_of_week year).", + "title": "Expression", + "type": "string" + } + }, + "required": [ + "Expression" + ], + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.RequestBasedSli": { + "additionalProperties": false, + "properties": { + "ComparisonOperator": { + "markdownDescription": "The arithmetic operation used when comparing the specified metric to the threshold.", + "title": "ComparisonOperator", + "type": "string" + }, + "MetricThreshold": { + "markdownDescription": "This value is the threshold that the observed metric values of the SLI metric are compared to.", + "title": "MetricThreshold", + "type": "number" + }, + "RequestBasedSliMetric": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.RequestBasedSliMetric", + "markdownDescription": "A structure that contains information about the metric that the SLO monitors.", + "title": "RequestBasedSliMetric" + } + }, + "required": [ + "RequestBasedSliMetric" + ], + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.RequestBasedSliMetric": { + "additionalProperties": false, + "properties": { + "DependencyConfig": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.DependencyConfig", + "markdownDescription": "Identifies the dependency using the `DependencyKeyAttributes` and `DependencyOperationName` .", + "title": "DependencyConfig" + }, + "KeyAttributes": { + "additionalProperties": true, + "markdownDescription": "This is a string-to-string map that contains information about the type of object that this SLO is related to. It can include the following fields.\n\n- `Type` designates the type of object that this SLO is related to.\n- `ResourceType` specifies the type of the resource. This field is used only when the value of the `Type` field is `Resource` or `AWS::Resource` .\n- `Name` specifies the name of the object. This is used only if the value of the `Type` field is `Service` , `RemoteService` , or `AWS::Service` .\n- `Identifier` identifies the resource objects of this resource. This is used only if the value of the `Type` field is `Resource` or `AWS::Resource` .\n- `Environment` specifies the location where this object is hosted, or what it belongs to.\n- `AwsAccountId` allows you to create an SLO for an object that exists in another account.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "KeyAttributes", + "type": "object" + }, + "MetricType": { + "markdownDescription": "If the SLO monitors either the `LATENCY` or `AVAILABILITY` metric that Application Signals collects, this field displays which of those metrics is used.", + "title": "MetricType", + "type": "string" + }, + "MonitoredRequestCountMetric": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.MonitoredRequestCountMetric", + "markdownDescription": "Use this structure to define the metric that you want to use as the \"good request\" or \"bad request\" value for a request-based SLO. This value observed for the metric defined in `TotalRequestCountMetric` will be divided by the number found for `MonitoredRequestCountMetric` to determine the percentage of successful requests that this SLO tracks.", + "title": "MonitoredRequestCountMetric" + }, + "OperationName": { + "markdownDescription": "If the SLO monitors a specific operation of the service, this field displays that operation name.", + "title": "OperationName", + "type": "string" + }, + "TotalRequestCountMetric": { + "items": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.MetricDataQuery" + }, + "markdownDescription": "This structure defines the metric that is used as the \"total requests\" number for a request-based SLO. The number observed for this metric is divided by the number of \"good requests\" or \"bad requests\" that is observed for the metric defined in `MonitoredRequestCountMetric` .", + "title": "TotalRequestCountMetric", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.RollingInterval": { + "additionalProperties": false, + "properties": { + "Duration": { + "markdownDescription": "Specifies the duration of each rolling interval. For example, if `Duration` is `7` and `DurationUnit` is `DAY` , each rolling interval is seven days.", + "title": "Duration", + "type": "number" + }, + "DurationUnit": { + "markdownDescription": "Specifies the rolling interval unit.", + "title": "DurationUnit", + "type": "string" + } + }, + "required": [ + "Duration", + "DurationUnit" + ], + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.Sli": { + "additionalProperties": false, + "properties": { + "ComparisonOperator": { + "markdownDescription": "The arithmetic operation to use when comparing the specified metric to the threshold.", + "title": "ComparisonOperator", + "type": "string" + }, + "MetricThreshold": { + "markdownDescription": "The value that the SLI metric is compared to.", + "title": "MetricThreshold", + "type": "number" + }, + "SliMetric": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.SliMetric", + "markdownDescription": "Use this structure to specify the metric to be used for the SLO.", + "title": "SliMetric" + } + }, + "required": [ + "ComparisonOperator", + "MetricThreshold", + "SliMetric" + ], + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.SliMetric": { + "additionalProperties": false, + "properties": { + "DependencyConfig": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.DependencyConfig", + "markdownDescription": "Identifies the dependency using the `DependencyKeyAttributes` and `DependencyOperationName` .", + "title": "DependencyConfig" + }, + "KeyAttributes": { + "additionalProperties": true, + "markdownDescription": "If this SLO is related to a metric collected by Application Signals, you must use this field to specify which service the SLO metric is related to. To do so, you must specify at least the `Type` , `Name` , and `Environment` attributes.\n\nThis is a string-to-string map. It can include the following fields.\n\n- `Type` designates the type of object this is.\n- `ResourceType` specifies the type of the resource. This field is used only when the value of the `Type` field is `Resource` or `AWS::Resource` .\n- `Name` specifies the name of the object. This is used only if the value of the `Type` field is `Service` , `RemoteService` , or `AWS::Service` .\n- `Identifier` identifies the resource objects of this resource. This is used only if the value of the `Type` field is `Resource` or `AWS::Resource` .\n- `Environment` specifies the location where this object is hosted, or what it belongs to.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "KeyAttributes", + "type": "object" + }, + "MetricDataQueries": { + "items": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.MetricDataQuery" + }, + "markdownDescription": "If this SLO monitors a CloudWatch metric or the result of a CloudWatch metric math expression, use this structure to specify that metric or expression.", + "title": "MetricDataQueries", + "type": "array" + }, + "MetricType": { + "markdownDescription": "If the SLO is to monitor either the `LATENCY` or `AVAILABILITY` metric that Application Signals collects, use this field to specify which of those metrics is used.", + "title": "MetricType", + "type": "string" + }, + "OperationName": { + "markdownDescription": "If the SLO is to monitor a specific operation of the service, use this field to specify the name of that operation.", + "title": "OperationName", + "type": "string" + }, + "PeriodSeconds": { + "markdownDescription": "The number of seconds to use as the period for SLO evaluation. Your application's performance is compared to the SLI during each period. For each period, the application is determined to have either achieved or not achieved the necessary performance.", + "title": "PeriodSeconds", + "type": "number" + }, + "Statistic": { + "markdownDescription": "The statistic to use for comparison to the threshold. It can be any CloudWatch statistic or extended statistic. For more information about statistics, see [CloudWatch statistics definitions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Statistics-definitions.html) .", + "title": "Statistic", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.Window": { + "additionalProperties": false, + "properties": { + "Duration": { + "markdownDescription": "The start and end time of the time exclusion window.", + "title": "Duration", + "type": "number" + }, + "DurationUnit": { + "markdownDescription": "The unit of measurement to use during the time window exclusion.", + "title": "DurationUnit", + "type": "string" + } + }, + "required": [ + "Duration", + "DurationUnit" + ], + "type": "object" + }, "AWS::Athena::CapacityReservation": { "additionalProperties": false, "properties": { @@ -21921,11 +25000,21 @@ "Properties": { "additionalProperties": false, "properties": { + "ConnectionType": { + "markdownDescription": "The type of connection for a `FEDERATED` data catalog (for example, `REDSHIFT` , `MYSQL` , or `SQLSERVER` ). For information about individual connectors, see [Available data source connectors](https://docs.aws.amazon.com/athena/latest/ug/connectors-available.html) .", + "title": "ConnectionType", + "type": "string" + }, "Description": { "markdownDescription": "A description of the data catalog.", "title": "Description", "type": "string" }, + "Error": { + "markdownDescription": "Text of the error that occurred during data catalog creation or deletion.", + "title": "Error", + "type": "string" + }, "Name": { "markdownDescription": "The name of the data catalog. The catalog name must be unique for the AWS account and can use a maximum of 128 alphanumeric, underscore, at sign, or hyphen characters.", "title": "Name", @@ -21942,6 +25031,11 @@ "title": "Parameters", "type": "object" }, + "Status": { + "markdownDescription": "The status of the creation or deletion of the data catalog.\n\n- The `LAMBDA` , `GLUE` , and `HIVE` data catalog types are created synchronously. Their status is either `CREATE_COMPLETE` or `CREATE_FAILED` .\n- The `FEDERATED` data catalog type is created asynchronously.\n\nData catalog creation status:\n\n- `CREATE_IN_PROGRESS` : Federated data catalog creation in progress.\n- `CREATE_COMPLETE` : Data catalog creation complete.\n- `CREATE_FAILED` : Data catalog could not be created.\n- `CREATE_FAILED_CLEANUP_IN_PROGRESS` : Federated data catalog creation failed and is being removed.\n- `CREATE_FAILED_CLEANUP_COMPLETE` : Federated data catalog creation failed and was removed.\n- `CREATE_FAILED_CLEANUP_FAILED` : Federated data catalog creation failed but could not be removed.\n\nData catalog deletion status:\n\n- `DELETE_IN_PROGRESS` : Federated data catalog deletion in progress.\n- `DELETE_COMPLETE` : Federated data catalog deleted.\n- `DELETE_FAILED` : Federated data catalog could not be deleted.", + "title": "Status", + "type": "string" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" @@ -22313,6 +25407,33 @@ }, "type": "object" }, + "AWS::Athena::WorkGroup.ManagedQueryResultsConfiguration": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "If set to true, allows you to store query results in Athena owned storage. If set to false, workgroup member stores query results in location specified under `ResultConfiguration$OutputLocation` . The default is false. A workgroup cannot have the `ResultConfiguration$OutputLocation` parameter when you set this field to true.", + "title": "Enabled", + "type": "boolean" + }, + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::Athena::WorkGroup.ManagedStorageEncryptionConfiguration", + "markdownDescription": "If you encrypt query and calculation results in Athena owned storage, this field indicates the encryption option (for example, SSE_KMS or CSE_KMS) and key information.", + "title": "EncryptionConfiguration" + } + }, + "type": "object" + }, + "AWS::Athena::WorkGroup.ManagedStorageEncryptionConfiguration": { + "additionalProperties": false, + "properties": { + "KmsKey": { + "markdownDescription": "", + "title": "KmsKey", + "type": "string" + } + }, + "type": "object" + }, "AWS::Athena::WorkGroup.ResultConfiguration": { "additionalProperties": false, "properties": { @@ -22372,6 +25493,11 @@ "title": "ExecutionRole", "type": "string" }, + "ManagedQueryResultsConfiguration": { + "$ref": "#/definitions/AWS::Athena::WorkGroup.ManagedQueryResultsConfiguration", + "markdownDescription": "The configuration for storing results in Athena owned storage, which includes whether this feature is enabled; whether encryption configuration, if any, is used for encrypting query results.", + "title": "ManagedQueryResultsConfiguration" + }, "PublishCloudWatchMetricsEnabled": { "markdownDescription": "Indicates that the Amazon CloudWatch metrics are enabled for the workgroup.", "title": "PublishCloudWatchMetricsEnabled", @@ -22697,6 +25823,16 @@ "title": "AutoScalingGroupName", "type": "string" }, + "AvailabilityZoneDistribution": { + "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.AvailabilityZoneDistribution", + "markdownDescription": "The instance capacity distribution across Availability Zones.", + "title": "AvailabilityZoneDistribution" + }, + "AvailabilityZoneImpairmentPolicy": { + "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.AvailabilityZoneImpairmentPolicy", + "markdownDescription": "The Availability Zone impairment policy.", + "title": "AvailabilityZoneImpairmentPolicy" + }, "AvailabilityZones": { "items": { "type": "string" @@ -22710,6 +25846,11 @@ "title": "CapacityRebalance", "type": "boolean" }, + "CapacityReservationSpecification": { + "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.CapacityReservationSpecification", + "markdownDescription": "The capacity reservation specification.", + "title": "CapacityReservationSpecification" + }, "Context": { "markdownDescription": "Reserved.", "title": "Context", @@ -22832,6 +25973,11 @@ "title": "ServiceLinkedRoleARN", "type": "string" }, + "SkipZonalShiftValidation": { + "markdownDescription": "", + "title": "SkipZonalShiftValidation", + "type": "boolean" + }, "Tags": { "items": { "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.TagProperty" @@ -22856,6 +26002,14 @@ "title": "TerminationPolicies", "type": "array" }, + "TrafficSources": { + "items": { + "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.TrafficSourceIdentifier" + }, + "markdownDescription": "The traffic sources associated with this Auto Scaling group.", + "title": "TrafficSources", + "type": "array" + }, "VPCZoneIdentifier": { "items": { "type": "string" @@ -22927,6 +26081,37 @@ }, "type": "object" }, + "AWS::AutoScaling::AutoScalingGroup.AvailabilityZoneDistribution": { + "additionalProperties": false, + "properties": { + "CapacityDistributionStrategy": { + "markdownDescription": "If launches fail in an Availability Zone, the following strategies are available. The default is `balanced-best-effort` .\n\n- `balanced-only` - If launches fail in an Availability Zone, Auto Scaling will continue to attempt to launch in the unhealthy zone to preserve a balanced distribution.\n- `balanced-best-effort` - If launches fail in an Availability Zone, Auto Scaling will attempt to launch in another healthy Availability Zone instead.", + "title": "CapacityDistributionStrategy", + "type": "string" + } + }, + "type": "object" + }, + "AWS::AutoScaling::AutoScalingGroup.AvailabilityZoneImpairmentPolicy": { + "additionalProperties": false, + "properties": { + "ImpairedZoneHealthCheckBehavior": { + "markdownDescription": "Specifies the health check behavior for the impaired Availability Zone in an active zonal shift. If you select `Replace unhealthy` , instances that appear unhealthy will be replaced in all Availability Zones. If you select `Ignore unhealthy` , instances will not be replaced in the Availability Zone with the active zonal shift. For more information, see [Auto Scaling group zonal shift](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-zonal-shift.html) in the *Amazon EC2 Auto Scaling User Guide* .", + "title": "ImpairedZoneHealthCheckBehavior", + "type": "string" + }, + "ZonalShiftEnabled": { + "markdownDescription": "If `true` , enable zonal shift for your Auto Scaling group.", + "title": "ZonalShiftEnabled", + "type": "boolean" + } + }, + "required": [ + "ImpairedZoneHealthCheckBehavior", + "ZonalShiftEnabled" + ], + "type": "object" + }, "AWS::AutoScaling::AutoScalingGroup.BaselineEbsBandwidthMbpsRequest": { "additionalProperties": false, "properties": { @@ -22943,6 +26128,72 @@ }, "type": "object" }, + "AWS::AutoScaling::AutoScalingGroup.BaselinePerformanceFactorsRequest": { + "additionalProperties": false, + "properties": { + "Cpu": { + "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.CpuPerformanceFactorRequest", + "markdownDescription": "The CPU performance to consider, using an instance family as the baseline reference.", + "title": "Cpu" + } + }, + "type": "object" + }, + "AWS::AutoScaling::AutoScalingGroup.CapacityReservationSpecification": { + "additionalProperties": false, + "properties": { + "CapacityReservationPreference": { + "markdownDescription": "The capacity reservation preference. The following options are available:\n\n- `capacity-reservations-only` - Auto Scaling will only launch instances into a Capacity Reservation or Capacity Reservation resource group. If capacity isn't available, instances will fail to launch.\n- `capacity-reservations-first` - Auto Scaling will try to launch instances into a Capacity Reservation or Capacity Reservation resource group first. If capacity isn't available, instances will run in On-Demand capacity.\n- `none` - Auto Scaling will not launch instances into a Capacity Reservation. Instances will run in On-Demand capacity.\n- `default` - Auto Scaling uses the Capacity Reservation preference from your launch template or an open Capacity Reservation.", + "title": "CapacityReservationPreference", + "type": "string" + }, + "CapacityReservationTarget": { + "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.CapacityReservationTarget", + "markdownDescription": "Describes a target Capacity Reservation or Capacity Reservation resource group.", + "title": "CapacityReservationTarget" + } + }, + "required": [ + "CapacityReservationPreference" + ], + "type": "object" + }, + "AWS::AutoScaling::AutoScalingGroup.CapacityReservationTarget": { + "additionalProperties": false, + "properties": { + "CapacityReservationIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The Capacity Reservation IDs to launch instances into.", + "title": "CapacityReservationIds", + "type": "array" + }, + "CapacityReservationResourceGroupArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The resource group ARNs of the Capacity Reservation to launch instances into.", + "title": "CapacityReservationResourceGroupArns", + "type": "array" + } + }, + "type": "object" + }, + "AWS::AutoScaling::AutoScalingGroup.CpuPerformanceFactorRequest": { + "additionalProperties": false, + "properties": { + "References": { + "items": { + "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.PerformanceFactorReferenceRequest" + }, + "markdownDescription": "Specify an instance family to use as the baseline reference for CPU performance. All instance types that match your specified attributes will be compared against the CPU performance of the referenced instance family, regardless of CPU manufacturer or architecture differences.\n\n> Currently only one instance family can be specified in the list.", + "title": "References", + "type": "array" + } + }, + "type": "object" + }, "AWS::AutoScaling::AutoScalingGroup.InstanceMaintenancePolicy": { "additionalProperties": false, "properties": { @@ -23014,6 +26265,11 @@ "markdownDescription": "The minimum and maximum baseline bandwidth performance for an instance type, in Mbps. For more information, see [Amazon EBS\u2013optimized instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-optimized.html) in the *Amazon EC2 User Guide* .\n\nDefault: No minimum or maximum limits", "title": "BaselineEbsBandwidthMbps" }, + "BaselinePerformanceFactors": { + "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.BaselinePerformanceFactorsRequest", + "markdownDescription": "The baseline performance factors for the instance requirements.", + "title": "BaselinePerformanceFactors" + }, "BurstablePerformance": { "markdownDescription": "Indicates whether burstable performance instance types are included, excluded, or required. For more information, see [Burstable performance instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) in the *Amazon EC2 User Guide* .\n\nDefault: `excluded`", "title": "BurstablePerformance", @@ -23396,6 +26652,17 @@ ], "type": "object" }, + "AWS::AutoScaling::AutoScalingGroup.PerformanceFactorReferenceRequest": { + "additionalProperties": false, + "properties": { + "InstanceFamily": { + "markdownDescription": "The instance family to use as a baseline reference.\n\n> Make sure that you specify the correct value for the instance family. The instance family is everything before the period (.) in the instance type name. For example, in the instance `c6i.large` , the instance family is `c6i` , not `c6` . For more information, see [Amazon EC2 instance type naming conventions](https://docs.aws.amazon.com/ec2/latest/instancetypes/instance-type-names.html) in *Amazon EC2 Instance Types* . \n\nThe following instance types are *not supported* for performance protection.\n\n- `c1`\n- `g3| g3s`\n- `hpc7g`\n- `m1| m2`\n- `mac1 | mac2 | mac2-m1ultra | mac2-m2 | mac2-m2pro`\n- `p3dn | p4d | p5`\n- `t1`\n- `u-12tb1 | u-18tb1 | u-24tb1 | u-3tb1 | u-6tb1 | u-9tb1 | u7i-12tb | u7in-16tb | u7in-24tb | u7in-32tb`\n\nIf you performance protection by specifying a supported instance family, the returned instance types will exclude the preceding unsupported instance families.\n\nIf you specify an unsupported instance family as a value for baseline performance, the API returns an empty response.", + "title": "InstanceFamily", + "type": "string" + } + }, + "type": "object" + }, "AWS::AutoScaling::AutoScalingGroup.TagProperty": { "additionalProperties": false, "properties": { @@ -23438,6 +26705,26 @@ }, "type": "object" }, + "AWS::AutoScaling::AutoScalingGroup.TrafficSourceIdentifier": { + "additionalProperties": false, + "properties": { + "Identifier": { + "markdownDescription": "Identifies the traffic source.\n\nFor Application Load Balancers, Gateway Load Balancers, Network Load Balancers, and VPC Lattice, this will be the Amazon Resource Name (ARN) for a target group in this account and Region. For Classic Load Balancers, this will be the name of the Classic Load Balancer in this account and Region.\n\nFor example:\n\n- Application Load Balancer ARN: `arn:aws:elasticloadbalancing:us-west-2:123456789012:targetgroup/my-targets/1234567890123456`\n- Classic Load Balancer name: `my-classic-load-balancer`\n- VPC Lattice ARN: `arn:aws:vpc-lattice:us-west-2:123456789012:targetgroup/tg-1234567890123456`\n\nTo get the ARN of a target group for a Application Load Balancer, Gateway Load Balancer, or Network Load Balancer, or the name of a Classic Load Balancer, use the Elastic Load Balancing [DescribeTargetGroups](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeTargetGroups.html) and [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html) API operations.\n\nTo get the ARN of a target group for VPC Lattice, use the VPC Lattice [GetTargetGroup](https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_GetTargetGroup.html) API operation.", + "title": "Identifier", + "type": "string" + }, + "Type": { + "markdownDescription": "Provides additional context for the value of `Identifier` .\n\nThe following lists the valid values:\n\n- `elb` if `Identifier` is the name of a Classic Load Balancer.\n- `elbv2` if `Identifier` is the ARN of an Application Load Balancer, Gateway Load Balancer, or Network Load Balancer target group.\n- `vpc-lattice` if `Identifier` is the ARN of a VPC Lattice target group.\n\nRequired if the identifier is the name of a Classic Load Balancer.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Identifier", + "Type" + ], + "type": "object" + }, "AWS::AutoScaling::AutoScalingGroup.VCpuCountRequest": { "additionalProperties": false, "properties": { @@ -23951,11 +27238,24 @@ "title": "MetricName", "type": "string" }, + "Metrics": { + "items": { + "$ref": "#/definitions/AWS::AutoScaling::ScalingPolicy.TargetTrackingMetricDataQuery" + }, + "markdownDescription": "The metrics to include in the target tracking scaling policy, as a metric data query. This can include both raw metric and metric math expressions.", + "title": "Metrics", + "type": "array" + }, "Namespace": { "markdownDescription": "The namespace of the metric.", "title": "Namespace", "type": "string" }, + "Period": { + "markdownDescription": "The period of the metric in seconds. The default value is 60. Accepted values are 10, 30, and 60. For high resolution metric, set the value to less than 60. For more information, see [Create a target tracking policy using high-resolution metrics for faster response](https://docs.aws.amazon.com/autoscaling/ec2/userguide/policy-creating-high-resolution-metrics.html) .", + "title": "Period", + "type": "number" + }, "Statistic": { "markdownDescription": "The statistic of the metric.", "title": "Statistic", @@ -23967,11 +27267,6 @@ "type": "string" } }, - "required": [ - "MetricName", - "Namespace", - "Statistic" - ], "type": "object" }, "AWS::AutoScaling::ScalingPolicy.Metric": { @@ -24342,207 +27637,276 @@ ], "type": "object" }, - "AWS::AutoScaling::ScheduledAction": { + "AWS::AutoScaling::ScalingPolicy.TargetTrackingMetricDataQuery": { "additionalProperties": false, "properties": { - "Condition": { + "Expression": { + "markdownDescription": "The math expression to perform on the returned data, if this object is performing a math expression. This expression can use the `Id` of the other metrics to refer to those metrics, and can also use the `Id` of other expressions to use the result of those expressions.\n\nConditional: Within each `TargetTrackingMetricDataQuery` object, you must specify either `Expression` or `MetricStat` , but not both.", + "title": "Expression", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Id": { + "markdownDescription": "A short name that identifies the object's results in the response. This name must be unique among all `TargetTrackingMetricDataQuery` objects specified for a single scaling policy. If you are performing math expressions on this set of data, this name represents that data and can serve as a variable in the mathematical expression. The valid characters are letters, numbers, and underscores. The first character must be a lowercase letter.", + "title": "Id", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "Label": { + "markdownDescription": "A human-readable label for this metric or expression. This is especially useful if this is a math expression, so that you know what the value represents.", + "title": "Label", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AutoScalingGroupName": { - "markdownDescription": "The name of the Auto Scaling group.", - "title": "AutoScalingGroupName", - "type": "string" - }, - "DesiredCapacity": { - "markdownDescription": "The desired capacity is the initial capacity of the Auto Scaling group after the scheduled action runs and the capacity it attempts to maintain. It can scale beyond this capacity if you add more scaling conditions.\n\n> You must specify at least one of the following properties: `MaxSize` , `MinSize` , or `DesiredCapacity` .", - "title": "DesiredCapacity", - "type": "number" - }, - "EndTime": { - "markdownDescription": "The date and time for the recurring schedule to end, in UTC. For example, `\"2021-06-01T00:00:00Z\"` .", - "title": "EndTime", - "type": "string" - }, - "MaxSize": { - "markdownDescription": "The maximum size of the Auto Scaling group.", - "title": "MaxSize", - "type": "number" - }, - "MinSize": { - "markdownDescription": "The minimum size of the Auto Scaling group.", - "title": "MinSize", - "type": "number" - }, - "Recurrence": { - "markdownDescription": "The recurring schedule for this action. This format consists of five fields separated by white spaces: [Minute] [Hour] [Day_of_Month] [Month_of_Year] [Day_of_Week]. The value must be in quotes (for example, `\"30 0 1 1,6,12 *\"` ). For more information about this format, see [Crontab](https://docs.aws.amazon.com/http://crontab.org) .\n\nWhen `StartTime` and `EndTime` are specified with `Recurrence` , they form the boundaries of when the recurring action starts and stops.\n\nCron expressions use Universal Coordinated Time (UTC) by default.", - "title": "Recurrence", - "type": "string" - }, - "StartTime": { - "markdownDescription": "The date and time for this action to start, in YYYY-MM-DDThh:mm:ssZ format in UTC/GMT only and in quotes (for example, `\"2021-06-01T00:00:00Z\"` ).\n\nIf you specify `Recurrence` and `StartTime` , Amazon EC2 Auto Scaling performs the action at this time, and then performs the action based on the specified recurrence.", - "title": "StartTime", - "type": "string" - }, - "TimeZone": { - "markdownDescription": "Specifies the time zone for a cron expression. If a time zone is not provided, UTC is used by default.\n\nValid values are the canonical names of the IANA time zones, derived from the IANA Time Zone Database (such as `Etc/GMT+9` or `Pacific/Tahiti` ). For more information, see [https://en.wikipedia.org/wiki/List_of_tz_database_time_zones](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/List_of_tz_database_time_zones) .", - "title": "TimeZone", - "type": "string" - } - }, - "required": [ - "AutoScalingGroupName" - ], - "type": "object" + "MetricStat": { + "$ref": "#/definitions/AWS::AutoScaling::ScalingPolicy.TargetTrackingMetricStat", + "markdownDescription": "Information about the metric data to return.\n\nConditional: Within each `TargetTrackingMetricDataQuery` object, you must specify either `Expression` or `MetricStat` , but not both.", + "title": "MetricStat" }, - "Type": { - "enum": [ - "AWS::AutoScaling::ScheduledAction" - ], - "type": "string" + "Period": { + "markdownDescription": "The period of the metric in seconds. The default value is 60. Accepted values are 10, 30, and 60. For high resolution metric, set the value to less than 60. For more information, see [Create a target tracking policy using high-resolution metrics for faster response](https://docs.aws.amazon.com/autoscaling/ec2/userguide/policy-creating-high-resolution-metrics.html) .", + "title": "Period", + "type": "number" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "ReturnData": { + "markdownDescription": "Indicates whether to return the timestamps and raw data values of this metric.\n\nIf you use any math expressions, specify `true` for this value for only the final math expression that the metric specification is based on. You must specify `false` for `ReturnData` for all the other metrics and expressions used in the metric specification.\n\nIf you are only retrieving metrics and not performing any math expressions, do not specify anything for `ReturnData` . This sets it to its default ( `true` ).", + "title": "ReturnData", + "type": "boolean" } }, "required": [ - "Type", - "Properties" + "Id" ], "type": "object" }, - "AWS::AutoScaling::WarmPool": { + "AWS::AutoScaling::ScalingPolicy.TargetTrackingMetricStat": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "Metric": { + "$ref": "#/definitions/AWS::AutoScaling::ScalingPolicy.Metric", + "markdownDescription": "The metric to use.", + "title": "Metric" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AutoScalingGroupName": { - "markdownDescription": "The name of the Auto Scaling group.", - "title": "AutoScalingGroupName", - "type": "string" - }, - "InstanceReusePolicy": { - "$ref": "#/definitions/AWS::AutoScaling::WarmPool.InstanceReusePolicy", - "markdownDescription": "Indicates whether instances in the Auto Scaling group can be returned to the warm pool on scale in. The default is to terminate instances in the Auto Scaling group when the group scales in.", - "title": "InstanceReusePolicy" - }, - "MaxGroupPreparedCapacity": { - "markdownDescription": "Specifies the maximum number of instances that are allowed to be in the warm pool or in any state except `Terminated` for the Auto Scaling group. This is an optional property. Specify it only if you do not want the warm pool size to be determined by the difference between the group's maximum capacity and its desired capacity.\n\n> If a value for `MaxGroupPreparedCapacity` is not specified, Amazon EC2 Auto Scaling launches and maintains the difference between the group's maximum capacity and its desired capacity. If you specify a value for `MaxGroupPreparedCapacity` , Amazon EC2 Auto Scaling uses the difference between the `MaxGroupPreparedCapacity` and the desired capacity instead.\n> \n> The size of the warm pool is dynamic. Only when `MaxGroupPreparedCapacity` and `MinSize` are set to the same value does the warm pool have an absolute size. \n\nIf the desired capacity of the Auto Scaling group is higher than the `MaxGroupPreparedCapacity` , the capacity of the warm pool is 0, unless you specify a value for `MinSize` . To remove a value that you previously set, include the property but specify -1 for the value.", - "title": "MaxGroupPreparedCapacity", - "type": "number" - }, - "MinSize": { - "markdownDescription": "Specifies the minimum number of instances to maintain in the warm pool. This helps you to ensure that there is always a certain number of warmed instances available to handle traffic spikes. Defaults to 0 if not specified.", - "title": "MinSize", - "type": "number" - }, - "PoolState": { - "markdownDescription": "Sets the instance state to transition to after the lifecycle actions are complete. Default is `Stopped` .", - "title": "PoolState", - "type": "string" - } - }, - "required": [ - "AutoScalingGroupName" - ], - "type": "object" + "Period": { + "markdownDescription": "The period of the metric in seconds. The default value is 60. Accepted values are 10, 30, and 60. For high resolution metric, set the value to less than 60. For more information, see [Create a target tracking policy using high-resolution metrics for faster response](https://docs.aws.amazon.com/autoscaling/ec2/userguide/policy-creating-high-resolution-metrics.html) .", + "title": "Period", + "type": "number" }, - "Type": { - "enum": [ - "AWS::AutoScaling::WarmPool" - ], + "Stat": { + "markdownDescription": "The statistic to return. It can include any CloudWatch statistic or extended statistic. For a list of valid values, see the table in [Statistics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html#Statistic) in the *Amazon CloudWatch User Guide* .\n\nThe most commonly used metric for scaling is `Average` .", + "title": "Stat", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Unit": { + "markdownDescription": "The unit to use for the returned data points. For a complete list of the units that CloudWatch supports, see the [MetricDatum](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_MetricDatum.html) data type in the *Amazon CloudWatch API Reference* .", + "title": "Unit", "type": "string" } }, "required": [ - "Type", - "Properties" + "Metric", + "Stat" ], "type": "object" }, - "AWS::AutoScaling::WarmPool.InstanceReusePolicy": { - "additionalProperties": false, - "properties": { - "ReuseOnScaleIn": { - "markdownDescription": "Specifies whether instances in the Auto Scaling group can be returned to the warm pool on scale in.", - "title": "ReuseOnScaleIn", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::AutoScalingPlans::ScalingPlan": { + "AWS::AutoScaling::ScheduledAction": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AutoScalingGroupName": { + "markdownDescription": "The name of the Auto Scaling group.", + "title": "AutoScalingGroupName", + "type": "string" + }, + "DesiredCapacity": { + "markdownDescription": "The desired capacity is the initial capacity of the Auto Scaling group after the scheduled action runs and the capacity it attempts to maintain. It can scale beyond this capacity if you add more scaling conditions.\n\n> You must specify at least one of the following properties: `MaxSize` , `MinSize` , or `DesiredCapacity` .", + "title": "DesiredCapacity", + "type": "number" + }, + "EndTime": { + "markdownDescription": "The date and time for the recurring schedule to end, in UTC. For example, `\"2021-06-01T00:00:00Z\"` .", + "title": "EndTime", + "type": "string" + }, + "MaxSize": { + "markdownDescription": "The maximum size of the Auto Scaling group.", + "title": "MaxSize", + "type": "number" + }, + "MinSize": { + "markdownDescription": "The minimum size of the Auto Scaling group.", + "title": "MinSize", + "type": "number" + }, + "Recurrence": { + "markdownDescription": "The recurring schedule for this action. This format consists of five fields separated by white spaces: [Minute] [Hour] [Day_of_Month] [Month_of_Year] [Day_of_Week]. The value must be in quotes (for example, `\"30 0 1 1,6,12 *\"` ). For more information about this format, see [Crontab](https://docs.aws.amazon.com/http://crontab.org) .\n\nWhen `StartTime` and `EndTime` are specified with `Recurrence` , they form the boundaries of when the recurring action starts and stops.\n\nCron expressions use Universal Coordinated Time (UTC) by default.", + "title": "Recurrence", + "type": "string" + }, + "StartTime": { + "markdownDescription": "The date and time for this action to start, in YYYY-MM-DDThh:mm:ssZ format in UTC/GMT only and in quotes (for example, `\"2021-06-01T00:00:00Z\"` ).\n\nIf you specify `Recurrence` and `StartTime` , Amazon EC2 Auto Scaling performs the action at this time, and then performs the action based on the specified recurrence.", + "title": "StartTime", + "type": "string" + }, + "TimeZone": { + "markdownDescription": "Specifies the time zone for a cron expression. If a time zone is not provided, UTC is used by default.\n\nValid values are the canonical names of the IANA time zones, derived from the IANA Time Zone Database (such as `Etc/GMT+9` or `Pacific/Tahiti` ). For more information, see [https://en.wikipedia.org/wiki/List_of_tz_database_time_zones](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/List_of_tz_database_time_zones) .", + "title": "TimeZone", + "type": "string" + } + }, + "required": [ + "AutoScalingGroupName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::AutoScaling::ScheduledAction" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::AutoScaling::WarmPool": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AutoScalingGroupName": { + "markdownDescription": "The name of the Auto Scaling group.", + "title": "AutoScalingGroupName", + "type": "string" + }, + "InstanceReusePolicy": { + "$ref": "#/definitions/AWS::AutoScaling::WarmPool.InstanceReusePolicy", + "markdownDescription": "Indicates whether instances in the Auto Scaling group can be returned to the warm pool on scale in. The default is to terminate instances in the Auto Scaling group when the group scales in.", + "title": "InstanceReusePolicy" + }, + "MaxGroupPreparedCapacity": { + "markdownDescription": "Specifies the maximum number of instances that are allowed to be in the warm pool or in any state except `Terminated` for the Auto Scaling group. This is an optional property. Specify it only if you do not want the warm pool size to be determined by the difference between the group's maximum capacity and its desired capacity.\n\n> If a value for `MaxGroupPreparedCapacity` is not specified, Amazon EC2 Auto Scaling launches and maintains the difference between the group's maximum capacity and its desired capacity. If you specify a value for `MaxGroupPreparedCapacity` , Amazon EC2 Auto Scaling uses the difference between the `MaxGroupPreparedCapacity` and the desired capacity instead.\n> \n> The size of the warm pool is dynamic. Only when `MaxGroupPreparedCapacity` and `MinSize` are set to the same value does the warm pool have an absolute size. \n\nIf the desired capacity of the Auto Scaling group is higher than the `MaxGroupPreparedCapacity` , the capacity of the warm pool is 0, unless you specify a value for `MinSize` . To remove a value that you previously set, include the property but specify -1 for the value.", + "title": "MaxGroupPreparedCapacity", + "type": "number" + }, + "MinSize": { + "markdownDescription": "Specifies the minimum number of instances to maintain in the warm pool. This helps you to ensure that there is always a certain number of warmed instances available to handle traffic spikes. Defaults to 0 if not specified.", + "title": "MinSize", + "type": "number" + }, + "PoolState": { + "markdownDescription": "Sets the instance state to transition to after the lifecycle actions are complete. Default is `Stopped` .", + "title": "PoolState", + "type": "string" + } + }, + "required": [ + "AutoScalingGroupName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::AutoScaling::WarmPool" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::AutoScaling::WarmPool.InstanceReusePolicy": { + "additionalProperties": false, + "properties": { + "ReuseOnScaleIn": { + "markdownDescription": "Specifies whether instances in the Auto Scaling group can be returned to the warm pool on scale in.", + "title": "ReuseOnScaleIn", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::AutoScalingPlans::ScalingPlan": { "additionalProperties": false, "properties": { "Condition": { @@ -25038,6 +28402,11 @@ "AWS::B2BI::Capability.EdiConfiguration": { "additionalProperties": false, "properties": { + "CapabilityDirection": { + "markdownDescription": "Specifies whether this is capability is for inbound or outbound transformations.", + "title": "CapabilityDirection", + "type": "string" + }, "InputLocation": { "$ref": "#/definitions/AWS::B2BI::Capability.S3Location", "markdownDescription": "Contains the Amazon S3 bucket and prefix for the location of the input file, which is contained in an `S3Location` object.", @@ -25156,8 +28525,13 @@ "title": "Capabilities", "type": "array" }, + "CapabilityOptions": { + "$ref": "#/definitions/AWS::B2BI::Partnership.CapabilityOptions", + "markdownDescription": "Contains the details for an Outbound EDI capability.", + "title": "CapabilityOptions" + }, "Email": { - "markdownDescription": "", + "markdownDescription": "Specifies the email address associated with this trading partner.", "title": "Email", "type": "string" }, @@ -25167,7 +28541,7 @@ "type": "string" }, "Phone": { - "markdownDescription": "", + "markdownDescription": "Specifies the phone number associated with the partnership.", "title": "Phone", "type": "string" }, @@ -25186,6 +28560,7 @@ } }, "required": [ + "Capabilities", "Email", "Name", "ProfileId" @@ -25213,6 +28588,255 @@ ], "type": "object" }, + "AWS::B2BI::Partnership.CapabilityOptions": { + "additionalProperties": false, + "properties": { + "InboundEdi": { + "$ref": "#/definitions/AWS::B2BI::Partnership.InboundEdiOptions", + "markdownDescription": "A structure that contains the inbound EDI options for the capability.", + "title": "InboundEdi" + }, + "OutboundEdi": { + "$ref": "#/definitions/AWS::B2BI::Partnership.OutboundEdiOptions", + "markdownDescription": "A structure that contains the outbound EDI options.", + "title": "OutboundEdi" + } + }, + "type": "object" + }, + "AWS::B2BI::Partnership.InboundEdiOptions": { + "additionalProperties": false, + "properties": { + "X12": { + "$ref": "#/definitions/AWS::B2BI::Partnership.X12InboundEdiOptions", + "markdownDescription": "A structure that contains X12-specific options for processing inbound X12 EDI files.", + "title": "X12" + } + }, + "type": "object" + }, + "AWS::B2BI::Partnership.OutboundEdiOptions": { + "additionalProperties": false, + "properties": { + "X12": { + "$ref": "#/definitions/AWS::B2BI::Partnership.X12Envelope", + "markdownDescription": "A structure that contains an X12 envelope structure.", + "title": "X12" + } + }, + "required": [ + "X12" + ], + "type": "object" + }, + "AWS::B2BI::Partnership.WrapOptions": { + "additionalProperties": false, + "properties": { + "LineLength": { + "markdownDescription": "", + "title": "LineLength", + "type": "number" + }, + "LineTerminator": { + "markdownDescription": "", + "title": "LineTerminator", + "type": "string" + }, + "WrapBy": { + "markdownDescription": "", + "title": "WrapBy", + "type": "string" + } + }, + "type": "object" + }, + "AWS::B2BI::Partnership.X12AcknowledgmentOptions": { + "additionalProperties": false, + "properties": { + "FunctionalAcknowledgment": { + "markdownDescription": "", + "title": "FunctionalAcknowledgment", + "type": "string" + }, + "TechnicalAcknowledgment": { + "markdownDescription": "", + "title": "TechnicalAcknowledgment", + "type": "string" + } + }, + "required": [ + "FunctionalAcknowledgment", + "TechnicalAcknowledgment" + ], + "type": "object" + }, + "AWS::B2BI::Partnership.X12ControlNumbers": { + "additionalProperties": false, + "properties": { + "StartingFunctionalGroupControlNumber": { + "markdownDescription": "", + "title": "StartingFunctionalGroupControlNumber", + "type": "number" + }, + "StartingInterchangeControlNumber": { + "markdownDescription": "", + "title": "StartingInterchangeControlNumber", + "type": "number" + }, + "StartingTransactionSetControlNumber": { + "markdownDescription": "", + "title": "StartingTransactionSetControlNumber", + "type": "number" + } + }, + "type": "object" + }, + "AWS::B2BI::Partnership.X12Delimiters": { + "additionalProperties": false, + "properties": { + "ComponentSeparator": { + "markdownDescription": "", + "title": "ComponentSeparator", + "type": "string" + }, + "DataElementSeparator": { + "markdownDescription": "", + "title": "DataElementSeparator", + "type": "string" + }, + "SegmentTerminator": { + "markdownDescription": "", + "title": "SegmentTerminator", + "type": "string" + } + }, + "type": "object" + }, + "AWS::B2BI::Partnership.X12Envelope": { + "additionalProperties": false, + "properties": { + "Common": { + "$ref": "#/definitions/AWS::B2BI::Partnership.X12OutboundEdiHeaders", + "markdownDescription": "A container for the X12 outbound EDI headers.", + "title": "Common" + }, + "WrapOptions": { + "$ref": "#/definitions/AWS::B2BI::Partnership.WrapOptions", + "markdownDescription": "", + "title": "WrapOptions" + } + }, + "type": "object" + }, + "AWS::B2BI::Partnership.X12FunctionalGroupHeaders": { + "additionalProperties": false, + "properties": { + "ApplicationReceiverCode": { + "markdownDescription": "", + "title": "ApplicationReceiverCode", + "type": "string" + }, + "ApplicationSenderCode": { + "markdownDescription": "", + "title": "ApplicationSenderCode", + "type": "string" + }, + "ResponsibleAgencyCode": { + "markdownDescription": "", + "title": "ResponsibleAgencyCode", + "type": "string" + } + }, + "type": "object" + }, + "AWS::B2BI::Partnership.X12InboundEdiOptions": { + "additionalProperties": false, + "properties": { + "AcknowledgmentOptions": { + "$ref": "#/definitions/AWS::B2BI::Partnership.X12AcknowledgmentOptions", + "markdownDescription": "Specifies acknowledgment options for inbound X12 EDI files. These options control how functional and technical acknowledgments are handled.", + "title": "AcknowledgmentOptions" + } + }, + "type": "object" + }, + "AWS::B2BI::Partnership.X12InterchangeControlHeaders": { + "additionalProperties": false, + "properties": { + "AcknowledgmentRequestedCode": { + "markdownDescription": "", + "title": "AcknowledgmentRequestedCode", + "type": "string" + }, + "ReceiverId": { + "markdownDescription": "", + "title": "ReceiverId", + "type": "string" + }, + "ReceiverIdQualifier": { + "markdownDescription": "", + "title": "ReceiverIdQualifier", + "type": "string" + }, + "RepetitionSeparator": { + "markdownDescription": "", + "title": "RepetitionSeparator", + "type": "string" + }, + "SenderId": { + "markdownDescription": "", + "title": "SenderId", + "type": "string" + }, + "SenderIdQualifier": { + "markdownDescription": "", + "title": "SenderIdQualifier", + "type": "string" + }, + "UsageIndicatorCode": { + "markdownDescription": "", + "title": "UsageIndicatorCode", + "type": "string" + } + }, + "type": "object" + }, + "AWS::B2BI::Partnership.X12OutboundEdiHeaders": { + "additionalProperties": false, + "properties": { + "ControlNumbers": { + "$ref": "#/definitions/AWS::B2BI::Partnership.X12ControlNumbers", + "markdownDescription": "Specifies control number configuration for outbound X12 EDI headers. These settings determine the starting values for interchange, functional group, and transaction set control numbers.", + "title": "ControlNumbers" + }, + "Delimiters": { + "$ref": "#/definitions/AWS::B2BI::Partnership.X12Delimiters", + "markdownDescription": "The delimiters, for example semicolon ( `;` ), that separates sections of the headers for the X12 object.", + "title": "Delimiters" + }, + "FunctionalGroupHeaders": { + "$ref": "#/definitions/AWS::B2BI::Partnership.X12FunctionalGroupHeaders", + "markdownDescription": "The functional group headers for the X12 object.", + "title": "FunctionalGroupHeaders" + }, + "Gs05TimeFormat": { + "markdownDescription": "", + "title": "Gs05TimeFormat", + "type": "string" + }, + "InterchangeControlHeaders": { + "$ref": "#/definitions/AWS::B2BI::Partnership.X12InterchangeControlHeaders", + "markdownDescription": "In X12 EDI messages, delimiters are used to mark the end of segments or elements, and are defined in the interchange control header.", + "title": "InterchangeControlHeaders" + }, + "ValidateEdi": { + "markdownDescription": "Specifies whether or not to validate the EDI for this X12 object: `TRUE` or `FALSE` .", + "title": "ValidateEdi", + "type": "boolean" + } + }, + "type": "object" + }, "AWS::B2BI::Profile": { "additionalProperties": false, "properties": { @@ -25346,22 +28970,30 @@ "Properties": { "additionalProperties": false, "properties": { - "EdiType": { - "$ref": "#/definitions/AWS::B2BI::Transformer.EdiType" + "InputConversion": { + "$ref": "#/definitions/AWS::B2BI::Transformer.InputConversion", + "markdownDescription": "Returns a structure that contains the format options for the transformation.", + "title": "InputConversion" }, - "FileFormat": { - "type": "string" - }, - "MappingTemplate": { - "type": "string" + "Mapping": { + "$ref": "#/definitions/AWS::B2BI::Transformer.Mapping", + "markdownDescription": "Returns the structure that contains the mapping template and its language (either XSLT or JSONATA).", + "title": "Mapping" }, "Name": { "markdownDescription": "Returns the descriptive name for the transformer.", "title": "Name", "type": "string" }, - "SampleDocument": { - "type": "string" + "OutputConversion": { + "$ref": "#/definitions/AWS::B2BI::Transformer.OutputConversion", + "markdownDescription": "Returns the `OutputConversion` object, which contains the format options for the outbound transformation.", + "title": "OutputConversion" + }, + "SampleDocuments": { + "$ref": "#/definitions/AWS::B2BI::Transformer.SampleDocuments", + "markdownDescription": "Returns a structure that contains the Amazon S3 bucket and an array of the corresponding keys used to identify the location for your sample documents.", + "title": "SampleDocuments" }, "Status": { "markdownDescription": "Returns the state of the newly created transformer. The transformer can be either `active` or `inactive` . For the transformer to be used in a capability, its status must `active` .", @@ -25378,9 +29010,6 @@ } }, "required": [ - "EdiType", - "FileFormat", - "MappingTemplate", "Name", "Status" ], @@ -25407,18 +29036,143 @@ ], "type": "object" }, - "AWS::B2BI::Transformer.EdiType": { + "AWS::B2BI::Transformer.AdvancedOptions": { "additionalProperties": false, "properties": { - "X12Details": { - "$ref": "#/definitions/AWS::B2BI::Transformer.X12Details" + "X12": { + "$ref": "#/definitions/AWS::B2BI::Transformer.X12AdvancedOptions", + "markdownDescription": "", + "title": "X12" + } + }, + "type": "object" + }, + "AWS::B2BI::Transformer.FormatOptions": { + "additionalProperties": false, + "properties": { + "X12": { + "$ref": "#/definitions/AWS::B2BI::Transformer.X12Details", + "markdownDescription": "", + "title": "X12" } }, "required": [ - "X12Details" + "X12" + ], + "type": "object" + }, + "AWS::B2BI::Transformer.InputConversion": { + "additionalProperties": false, + "properties": { + "AdvancedOptions": { + "$ref": "#/definitions/AWS::B2BI::Transformer.AdvancedOptions", + "markdownDescription": "", + "title": "AdvancedOptions" + }, + "FormatOptions": { + "$ref": "#/definitions/AWS::B2BI::Transformer.FormatOptions", + "markdownDescription": "", + "title": "FormatOptions" + }, + "FromFormat": { + "markdownDescription": "", + "title": "FromFormat", + "type": "string" + } + }, + "required": [ + "FromFormat" ], "type": "object" }, + "AWS::B2BI::Transformer.Mapping": { + "additionalProperties": false, + "properties": { + "Template": { + "markdownDescription": "", + "title": "Template", + "type": "string" + }, + "TemplateLanguage": { + "markdownDescription": "", + "title": "TemplateLanguage", + "type": "string" + } + }, + "required": [ + "TemplateLanguage" + ], + "type": "object" + }, + "AWS::B2BI::Transformer.OutputConversion": { + "additionalProperties": false, + "properties": { + "FormatOptions": { + "$ref": "#/definitions/AWS::B2BI::Transformer.FormatOptions", + "markdownDescription": "", + "title": "FormatOptions" + }, + "ToFormat": { + "markdownDescription": "", + "title": "ToFormat", + "type": "string" + } + }, + "required": [ + "ToFormat" + ], + "type": "object" + }, + "AWS::B2BI::Transformer.SampleDocumentKeys": { + "additionalProperties": false, + "properties": { + "Input": { + "markdownDescription": "", + "title": "Input", + "type": "string" + }, + "Output": { + "markdownDescription": "", + "title": "Output", + "type": "string" + } + }, + "type": "object" + }, + "AWS::B2BI::Transformer.SampleDocuments": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "", + "title": "BucketName", + "type": "string" + }, + "Keys": { + "items": { + "$ref": "#/definitions/AWS::B2BI::Transformer.SampleDocumentKeys" + }, + "markdownDescription": "", + "title": "Keys", + "type": "array" + } + }, + "required": [ + "BucketName", + "Keys" + ], + "type": "object" + }, + "AWS::B2BI::Transformer.X12AdvancedOptions": { + "additionalProperties": false, + "properties": { + "SplitOptions": { + "$ref": "#/definitions/AWS::B2BI::Transformer.X12SplitOptions", + "markdownDescription": "", + "title": "SplitOptions" + } + }, + "type": "object" + }, "AWS::B2BI::Transformer.X12Details": { "additionalProperties": false, "properties": { @@ -25435,6 +29189,17 @@ }, "type": "object" }, + "AWS::B2BI::Transformer.X12SplitOptions": { + "additionalProperties": false, + "properties": { + "SplitBy": { + "markdownDescription": "", + "title": "SplitBy", + "type": "string" + } + }, + "type": "object" + }, "AWS::BCMDataExports::Export": { "additionalProperties": false, "properties": { @@ -25833,6 +29598,14 @@ "title": "EnableContinuousBackup", "type": "boolean" }, + "IndexActions": { + "items": { + "$ref": "#/definitions/AWS::Backup::BackupPlan.IndexActionsResourceType" + }, + "markdownDescription": "There can up to one IndexAction in each BackupRule, as each backup can have 0 or 1 backup index associated with it.\n\nWithin the array is ResourceTypes. Only 1 resource type will be accepted for each BackupRule. Valid values:\n\n- `EBS` for Amazon Elastic Block Store\n- `S3` for Amazon Simple Storage Service (Amazon S3)", + "title": "IndexActions", + "type": "array" + }, "Lifecycle": { "$ref": "#/definitions/AWS::Backup::BackupPlan.LifecycleResourceType", "markdownDescription": "The lifecycle defines when a protected resource is transitioned to cold storage and when it expires. AWS Backup transitions and expires backups automatically according to the lifecycle that you define.", @@ -25900,6 +29673,20 @@ ], "type": "object" }, + "AWS::Backup::BackupPlan.IndexActionsResourceType": { + "additionalProperties": false, + "properties": { + "ResourceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "0 or 1 index action will be accepted for each BackupRule.\n\nValid values:\n\n- `EBS` for Amazon Elastic Block Store\n- `S3` for Amazon Simple Storage Service (Amazon S3)", + "title": "ResourceTypes", + "type": "array" + } + }, + "type": "object" + }, "AWS::Backup::BackupPlan.LifecycleResourceType": { "additionalProperties": false, "properties": { @@ -26433,6 +30220,129 @@ ], "type": "object" }, + "AWS::Backup::LogicallyAirGappedBackupVault": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AccessPolicy": { + "markdownDescription": "The backup vault access policy document in JSON format.", + "title": "AccessPolicy", + "type": "object" + }, + "BackupVaultName": { + "markdownDescription": "The name of a logical container where backups are stored. Logically air-gapped backup vaults are identified by names that are unique to the account used to create them and the Region where they are created.", + "title": "BackupVaultName", + "type": "string" + }, + "BackupVaultTags": { + "additionalProperties": true, + "markdownDescription": "The tags to assign to the vault.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "BackupVaultTags", + "type": "object" + }, + "MaxRetentionDays": { + "markdownDescription": "The maximum retention period that the vault retains its recovery points.", + "title": "MaxRetentionDays", + "type": "number" + }, + "MinRetentionDays": { + "markdownDescription": "This setting specifies the minimum retention period that the vault retains its recovery points.\n\nThe minimum value accepted is 7 days.", + "title": "MinRetentionDays", + "type": "number" + }, + "Notifications": { + "$ref": "#/definitions/AWS::Backup::LogicallyAirGappedBackupVault.NotificationObjectType", + "markdownDescription": "Returns event notifications for the specified backup vault.", + "title": "Notifications" + } + }, + "required": [ + "BackupVaultName", + "MaxRetentionDays", + "MinRetentionDays" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Backup::LogicallyAirGappedBackupVault" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Backup::LogicallyAirGappedBackupVault.NotificationObjectType": { + "additionalProperties": false, + "properties": { + "BackupVaultEvents": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of events that indicate the status of jobs to back up resources to the backup vault.", + "title": "BackupVaultEvents", + "type": "array" + }, + "SNSTopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that specifies the topic for a backup vault\u2019s events; for example, `arn:aws:sns:us-west-2:111122223333:MyVaultTopic` .", + "title": "SNSTopicArn", + "type": "string" + } + }, + "required": [ + "BackupVaultEvents", + "SNSTopicArn" + ], + "type": "object" + }, "AWS::Backup::ReportPlan": { "additionalProperties": false, "properties": { @@ -27036,6 +30946,11 @@ "markdownDescription": "The ComputeResources property type specifies details of the compute resources managed by the compute environment. This parameter is required for managed compute environments. For more information, see [Compute Environments](https://docs.aws.amazon.com/batch/latest/userguide/compute_environments.html) in the ** .", "title": "ComputeResources" }, + "Context": { + "markdownDescription": "Reserved.", + "title": "Context", + "type": "string" + }, "EksConfiguration": { "$ref": "#/definitions/AWS::Batch::ComputeEnvironment.EksConfiguration", "markdownDescription": "The details for the Amazon EKS cluster that supports the compute environment.", @@ -27242,7 +31157,7 @@ "type": "string" }, "ImageType": { - "markdownDescription": "The image type to match with the instance type to select an AMI. The supported values are different for `ECS` and `EKS` resources.\n\n- **ECS** - If the `imageIdOverride` parameter isn't specified, then a recent [Amazon ECS-optimized Amazon Linux 2 AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html#al2ami) ( `ECS_AL2` ) is used. If a new image type is specified in an update, but neither an `imageId` nor a `imageIdOverride` parameter is specified, then the latest Amazon ECS optimized AMI for that image type that's supported by AWS Batch is used.\n\n- **ECS_AL2** - [Amazon Linux 2](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html#al2ami) : Default for all non-GPU instance families.\n- **ECS_AL2_NVIDIA** - [Amazon Linux 2 (GPU)](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html#gpuami) : Default for all GPU instance families (for example `P4` and `G4` ) and can be used for all non AWS Graviton-based instance types.\n- **ECS_AL2023** - [Amazon Linux 2023](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) : AWS Batch supports Amazon Linux 2023.\n\n> Amazon Linux 2023 does not support `A1` instances.\n- **ECS_AL1** - [Amazon Linux](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html#alami) . Amazon Linux has reached the end-of-life of standard support. For more information, see [Amazon Linux AMI](https://docs.aws.amazon.com/amazon-linux-ami/) .\n- **EKS** - If the `imageIdOverride` parameter isn't specified, then a recent [Amazon EKS-optimized Amazon Linux AMI](https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html) ( `EKS_AL2` ) is used. If a new image type is specified in an update, but neither an `imageId` nor a `imageIdOverride` parameter is specified, then the latest Amazon EKS optimized AMI for that image type that AWS Batch supports is used.\n\n- **EKS_AL2** - [Amazon Linux 2](https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html) : Default for all non-GPU instance families.\n- **EKS_AL2_NVIDIA** - [Amazon Linux 2 (accelerated)](https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html) : Default for all GPU instance families (for example, `P4` and `G4` ) and can be used for all non AWS Graviton-based instance types.", + "markdownDescription": "The image type to match with the instance type to select an AMI. The supported values are different for `ECS` and `EKS` resources.\n\n- **ECS** - If the `imageIdOverride` parameter isn't specified, then a recent [Amazon ECS-optimized Amazon Linux 2 AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html#al2ami) ( `ECS_AL2` ) is used. If a new image type is specified in an update, but neither an `imageId` nor a `imageIdOverride` parameter is specified, then the latest Amazon ECS optimized AMI for that image type that's supported by AWS Batch is used.\n\n- **ECS_AL2** - [Amazon Linux 2](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html#al2ami) : Default for all non-GPU instance families.\n- **ECS_AL2_NVIDIA** - [Amazon Linux 2 (GPU)](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html#gpuami) : Default for all GPU instance families (for example `P4` and `G4` ) and can be used for all non AWS Graviton-based instance types.\n- **ECS_AL2023** - [Amazon Linux 2023](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) : AWS Batch supports Amazon Linux 2023.\n\n> Amazon Linux 2023 does not support `A1` instances.\n- **ECS_AL1** - [Amazon Linux](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html#alami) . Amazon Linux has reached the end-of-life of standard support. For more information, see [Amazon Linux AMI](https://docs.aws.amazon.com/amazon-linux-ami/) .\n- **EKS** - If the `imageIdOverride` parameter isn't specified, then a recent [Amazon EKS-optimized Amazon Linux AMI](https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html) ( `EKS_AL2` ) is used. If a new image type is specified in an update, but neither an `imageId` nor a `imageIdOverride` parameter is specified, then the latest Amazon EKS optimized AMI for that image type that AWS Batch supports is used.\n\n- **EKS_AL2** - [Amazon Linux 2](https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html) : Default for all non-GPU instance families.\n- **EKS_AL2_NVIDIA** - [Amazon Linux 2 (accelerated)](https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html) : Default for all GPU instance families (for example, `P4` and `G4` ) and can be used for all non AWS Graviton-based instance types.\n- **EKS_AL2023** - [Amazon Linux 2023](https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html) : AWS Batch supports Amazon Linux 2023.\n\n> Amazon Linux 2023 does not support `A1` instances.\n- **EKS_AL2023_NVIDIA** - [Amazon Linux 2023 (accelerated)](https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html) : GPU instance families and can be used for all non AWS Graviton-based instance types.", "title": "ImageType", "type": "string" } @@ -27285,6 +31200,53 @@ "title": "LaunchTemplateName", "type": "string" }, + "Overrides": { + "items": { + "$ref": "#/definitions/AWS::Batch::ComputeEnvironment.LaunchTemplateSpecificationOverride" + }, + "markdownDescription": "A launch template to use in place of the default launch template. You must specify either the launch template ID or launch template name in the request, but not both.\n\nYou can specify up to ten (10) launch template overrides that are associated to unique instance types or families for each compute environment.\n\n> To unset all override templates for a compute environment, you can pass an empty array to the [UpdateComputeEnvironment.overrides](https://docs.aws.amazon.com/batch/latest/APIReference/API_UpdateComputeEnvironment.html) parameter, or not include the `overrides` parameter when submitting the `UpdateComputeEnvironment` API operation.", + "title": "Overrides", + "type": "array" + }, + "UserdataType": { + "markdownDescription": "The EKS node initialization process to use. You only need to specify this value if you are using a custom AMI. The default value is `EKS_BOOTSTRAP_SH` . If *imageType* is a custom AMI based on EKS_AL2023 or EKS_AL2023_NVIDIA then you must choose `EKS_NODEADM` .", + "title": "UserdataType", + "type": "string" + }, + "Version": { + "markdownDescription": "The version number of the launch template, `$Default` , or `$Latest` .\n\nIf the value is `$Default` , the default version of the launch template is used. If the value is `$Latest` , the latest version of the launch template is used.\n\n> If the AMI ID that's used in a compute environment is from the launch template, the AMI isn't changed when the compute environment is updated. It's only changed if the `updateToLatestImageVersion` parameter for the compute environment is set to `true` . During an infrastructure update, if either `$Default` or `$Latest` is specified, AWS Batch re-evaluates the launch template version, and it might use a different version of the launch template. This is the case even if the launch template isn't specified in the update. When updating a compute environment, changing the launch template requires an infrastructure update of the compute environment. For more information, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the *AWS Batch User Guide* . \n\nDefault: `$Default`\n\nLatest: `$Latest`", + "title": "Version", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Batch::ComputeEnvironment.LaunchTemplateSpecificationOverride": { + "additionalProperties": false, + "properties": { + "LaunchTemplateId": { + "markdownDescription": "The ID of the launch template.\n\n*Note:* If you specify the `launchTemplateId` you can't specify the `launchTemplateName` as well.", + "title": "LaunchTemplateId", + "type": "string" + }, + "LaunchTemplateName": { + "markdownDescription": "The name of the launch template.\n\n*Note:* If you specify the `launchTemplateName` you can't specify the `launchTemplateId` as well.", + "title": "LaunchTemplateName", + "type": "string" + }, + "TargetInstanceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The instance type or family that this override launch template should be applied to.\n\nThis parameter is required when defining a launch template override.\n\nInformation included in this parameter must meet the following requirements:\n\n- Must be a valid Amazon EC2 instance type or family.\n- `optimal` isn't allowed.\n- `targetInstanceTypes` can target only instance types and families that are included within the [`ComputeResource.instanceTypes`](https://docs.aws.amazon.com/batch/latest/APIReference/API_ComputeResource.html#Batch-Type-ComputeResource-instanceTypes) set. `targetInstanceTypes` doesn't need to include all of the instances from the `instanceType` set, but at least a subset. For example, if `ComputeResource.instanceTypes` includes `[m5, g5]` , `targetInstanceTypes` can include `[m5.2xlarge]` and `[m5.large]` but not `[c5.large]` .\n- `targetInstanceTypes` included within the same launch template override or across launch template overrides can't overlap for the same compute environment. For example, you can't define one launch template override to target an instance family and another define an instance type within this same family.", + "title": "TargetInstanceTypes", + "type": "array" + }, + "UserdataType": { + "markdownDescription": "The EKS node initialization process to use. You only need to specify this value if you are using a custom AMI. The default value is `EKS_BOOTSTRAP_SH` . If *imageType* is a custom AMI based on EKS_AL2023 or EKS_AL2023_NVIDIA then you must choose `EKS_NODEADM` .", + "title": "UserdataType", + "type": "string" + }, "Version": { "markdownDescription": "The version number of the launch template, `$Default` , or `$Latest` .\n\nIf the value is `$Default` , the default version of the launch template is used. If the value is `$Latest` , the latest version of the launch template is used.\n\n> If the AMI ID that's used in a compute environment is from the launch template, the AMI isn't changed when the compute environment is updated. It's only changed if the `updateToLatestImageVersion` parameter for the compute environment is set to `true` . During an infrastructure update, if either `$Default` or `$Latest` is specified, AWS Batch re-evaluates the launch template version, and it might use a different version of the launch template. This is the case even if the launch template isn't specified in the update. When updating a compute environment, changing the launch template requires an infrastructure update of the compute environment. For more information, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the *AWS Batch User Guide* . \n\nDefault: `$Default`\n\nLatest: `$Latest`", "title": "Version", @@ -27309,7 +31271,7 @@ }, "type": "object" }, - "AWS::Batch::JobDefinition": { + "AWS::Batch::ConsumableResource": { "additionalProperties": false, "properties": { "Condition": { @@ -27344,6 +31306,100 @@ "Properties": { "additionalProperties": false, "properties": { + "ConsumableResourceName": { + "markdownDescription": "The name of the consumable resource.", + "title": "ConsumableResourceName", + "type": "string" + }, + "ResourceType": { + "markdownDescription": "Indicates whether the resource is available to be re-used after a job completes. Can be one of:\n\n- `REPLENISHABLE`\n- `NON_REPLENISHABLE`", + "title": "ResourceType", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The tags that you apply to the consumable resource to help you categorize and organize your resources. Each tag consists of a key and an optional value. For more information, see [Tagging your AWS Batch resources](https://docs.aws.amazon.com/batch/latest/userguide/using-tags.html) .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "TotalQuantity": { + "markdownDescription": "The total amount of the consumable resource that is available.", + "title": "TotalQuantity", + "type": "number" + } + }, + "required": [ + "ResourceType", + "TotalQuantity" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Batch::ConsumableResource" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Batch::JobDefinition": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ConsumableResourceProperties": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.ConsumableResourceProperties", + "markdownDescription": "Contains a list of consumable resources required by the job.", + "title": "ConsumableResourceProperties" + }, "ContainerProperties": { "$ref": "#/definitions/AWS::Batch::JobDefinition.ContainerProperties", "markdownDescription": "An object with properties specific to Amazon ECS-based jobs. When `containerProperties` is used in the job definition, it can't be used in addition to `eksProperties` , `ecsProperties` , or `nodeProperties` .", @@ -27370,7 +31426,13 @@ "title": "NodeProperties" }, "Parameters": { + "additionalProperties": true, "markdownDescription": "Default parameters or parameter substitution placeholders that are set in the job definition. Parameters are specified as a key-value pair mapping. Parameters in a `SubmitJob` request override any corresponding parameter defaults from the job definition. For more information about specifying parameters, see [Job definition parameters](https://docs.aws.amazon.com/batch/latest/userguide/job_definition_parameters.html) in the *AWS Batch User Guide* .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, "title": "Parameters", "type": "object" }, @@ -27398,12 +31460,18 @@ "type": "number" }, "Tags": { + "additionalProperties": true, "markdownDescription": "The tags that are applied to the job definition.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, "title": "Tags", "type": "object" }, "Timeout": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.Timeout", + "$ref": "#/definitions/AWS::Batch::JobDefinition.JobTimeout", "markdownDescription": "The timeout time for jobs that are submitted with this job definition. After the amount of time you specify passes, AWS Batch terminates your jobs if they aren't finished.", "title": "Timeout" }, @@ -27439,16 +31507,41 @@ ], "type": "object" }, - "AWS::Batch::JobDefinition.AuthorizationConfig": { + "AWS::Batch::JobDefinition.ConsumableResourceProperties": { "additionalProperties": false, "properties": { - "AccessPointId": { + "ConsumableResourceList": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.ConsumableResourceRequirement" + }, + "markdownDescription": "The list of consumable resources required by a job.", + "title": "ConsumableResourceList", + "type": "array" + } + }, + "required": [ + "ConsumableResourceList" + ], + "type": "object" + }, + "AWS::Batch::JobDefinition.ConsumableResourceRequirement": { + "additionalProperties": false, + "properties": { + "ConsumableResource": { + "markdownDescription": "The name or ARN of the consumable resource.", + "title": "ConsumableResource", "type": "string" }, - "Iam": { - "type": "string" + "Quantity": { + "markdownDescription": "The quantity of the consumable resource that is needed.", + "title": "Quantity", + "type": "number" } }, + "required": [ + "ConsumableResource", + "Quantity" + ], "type": "object" }, "AWS::Batch::JobDefinition.ContainerProperties": { @@ -27462,6 +31555,11 @@ "title": "Command", "type": "array" }, + "EnableExecuteCommand": { + "markdownDescription": "Determines whether execute command functionality is turned on for this task. If `true` , execute command functionality is turned on all the containers in the task.", + "title": "EnableExecuteCommand", + "type": "boolean" + }, "Environment": { "items": { "$ref": "#/definitions/AWS::Batch::JobDefinition.Environment" @@ -27490,9 +31588,6 @@ "title": "Image", "type": "string" }, - "InstanceType": { - "type": "string" - }, "JobRoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that the container can assume for AWS permissions. For more information, see [IAM roles for tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-iam-roles.html) in the *Amazon Elastic Container Service Developer Guide* .", "title": "JobRoleArn", @@ -27515,7 +31610,7 @@ }, "MountPoints": { "items": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.MountPoints" + "$ref": "#/definitions/AWS::Batch::JobDefinition.MountPoint" }, "markdownDescription": "The mount points for data volumes in your container. This parameter maps to `Volumes` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--volume` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) .", "title": "MountPoints", @@ -27582,7 +31677,7 @@ }, "Volumes": { "items": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.Volumes" + "$ref": "#/definitions/AWS::Batch::JobDefinition.Volume" }, "markdownDescription": "A list of data volumes used in a job.", "title": "Volumes", @@ -27618,6 +31713,56 @@ }, "type": "object" }, + "AWS::Batch::JobDefinition.EFSAuthorizationConfig": { + "additionalProperties": false, + "properties": { + "AccessPointId": { + "markdownDescription": "The Amazon EFS access point ID to use. If an access point is specified, the root directory value specified in the `EFSVolumeConfiguration` must either be omitted or set to `/` which enforces the path set on the EFS access point. If an access point is used, transit encryption must be enabled in the `EFSVolumeConfiguration` . For more information, see [Working with Amazon EFS access points](https://docs.aws.amazon.com/efs/latest/ug/efs-access-points.html) in the *Amazon Elastic File System User Guide* .", + "title": "AccessPointId", + "type": "string" + }, + "Iam": { + "markdownDescription": "Whether or not to use the AWS Batch job IAM role defined in a job definition when mounting the Amazon EFS file system. If enabled, transit encryption must be enabled in the `EFSVolumeConfiguration` . If this parameter is omitted, the default value of `DISABLED` is used. For more information, see [Using Amazon EFS access points](https://docs.aws.amazon.com/batch/latest/userguide/efs-volumes.html#efs-volume-accesspoints) in the *AWS Batch User Guide* . EFS IAM authorization requires that `TransitEncryption` be `ENABLED` and that a `JobRoleArn` is specified.", + "title": "Iam", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Batch::JobDefinition.EFSVolumeConfiguration": { + "additionalProperties": false, + "properties": { + "AuthorizationConfig": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.EFSAuthorizationConfig", + "markdownDescription": "The authorization configuration details for the Amazon EFS file system.", + "title": "AuthorizationConfig" + }, + "FileSystemId": { + "markdownDescription": "The Amazon EFS file system ID to use.", + "title": "FileSystemId", + "type": "string" + }, + "RootDirectory": { + "markdownDescription": "The directory within the Amazon EFS file system to mount as the root directory inside the host. If this parameter is omitted, the root of the Amazon EFS volume is used instead. Specifying `/` has the same effect as omitting this parameter. The maximum length is 4,096 characters.\n\n> If an EFS access point is specified in the `authorizationConfig` , the root directory parameter must either be omitted or set to `/` , which enforces the path set on the Amazon EFS access point.", + "title": "RootDirectory", + "type": "string" + }, + "TransitEncryption": { + "markdownDescription": "Determines whether to enable encryption for Amazon EFS data in transit between the Amazon ECS host and the Amazon EFS server. Transit encryption must be enabled if Amazon EFS IAM authorization is used. If this parameter is omitted, the default value of `DISABLED` is used. For more information, see [Encrypting data in transit](https://docs.aws.amazon.com/efs/latest/ug/encryption-in-transit.html) in the *Amazon Elastic File System User Guide* .", + "title": "TransitEncryption", + "type": "string" + }, + "TransitEncryptionPort": { + "markdownDescription": "The port to use when sending encrypted data between the Amazon ECS host and the Amazon EFS server. If you don't specify a transit encryption port, it uses the port selection strategy that the Amazon EFS mount helper uses. The value must be between 0 and 65,535. For more information, see [EFS mount helper](https://docs.aws.amazon.com/efs/latest/ug/efs-mount-helper.html) in the *Amazon Elastic File System User Guide* .", + "title": "TransitEncryptionPort", + "type": "number" + } + }, + "required": [ + "FileSystemId" + ], + "type": "object" + }, "AWS::Batch::JobDefinition.EcsProperties": { "additionalProperties": false, "properties": { @@ -27646,6 +31791,11 @@ "title": "Containers", "type": "array" }, + "EnableExecuteCommand": { + "markdownDescription": "Determines whether execute command functionality is turned on for this task. If `true` , execute command functionality is turned on all the containers in the task.", + "title": "EnableExecuteCommand", + "type": "boolean" + }, "EphemeralStorage": { "$ref": "#/definitions/AWS::Batch::JobDefinition.EphemeralStorage", "markdownDescription": "The amount of ephemeral storage to allocate for the task. This parameter is used to expand the total amount of ephemeral storage available, beyond the default amount, for tasks hosted on AWS Fargate .", @@ -27688,7 +31838,7 @@ }, "Volumes": { "items": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.Volumes" + "$ref": "#/definitions/AWS::Batch::JobDefinition.Volume" }, "markdownDescription": "A list of volumes that are associated with the job.", "title": "Volumes", @@ -27697,30 +31847,6 @@ }, "type": "object" }, - "AWS::Batch::JobDefinition.EfsVolumeConfiguration": { - "additionalProperties": false, - "properties": { - "AuthorizationConfig": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.AuthorizationConfig" - }, - "FileSystemId": { - "type": "string" - }, - "RootDirectory": { - "type": "string" - }, - "TransitEncryption": { - "type": "string" - }, - "TransitEncryptionPort": { - "type": "number" - } - }, - "required": [ - "FileSystemId" - ], - "type": "object" - }, "AWS::Batch::JobDefinition.EksContainer": { "additionalProperties": false, "properties": { @@ -27810,12 +31936,24 @@ "additionalProperties": false, "properties": { "Limits": { + "additionalProperties": true, "markdownDescription": "The type and quantity of the resources to reserve for the container. The values vary based on the `name` that's specified. Resources can be requested using either the `limits` or the `requests` objects.\n\n- **memory** - The memory hard limit (in MiB) for the container, using whole integers, with a \"Mi\" suffix. If your container attempts to exceed the memory specified, the container is terminated. You must specify at least 4 MiB of memory for a job. `memory` can be specified in `limits` , `requests` , or both. If `memory` is specified in both places, then the value that's specified in `limits` must be equal to the value that's specified in `requests` .\n\n> To maximize your resource utilization, provide your jobs with as much memory as possible for the specific instance type that you are using. To learn how, see [Memory management](https://docs.aws.amazon.com/batch/latest/userguide/memory-management.html) in the *AWS Batch User Guide* .\n- **cpu** - The number of CPUs that's reserved for the container. Values must be an even multiple of `0.25` . `cpu` can be specified in `limits` , `requests` , or both. If `cpu` is specified in both places, then the value that's specified in `limits` must be at least as large as the value that's specified in `requests` .\n- **nvidia.com/gpu** - The number of GPUs that's reserved for the container. Values must be a whole integer. `memory` can be specified in `limits` , `requests` , or both. If `memory` is specified in both places, then the value that's specified in `limits` must be equal to the value that's specified in `requests` .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, "title": "Limits", "type": "object" }, "Requests": { + "additionalProperties": true, "markdownDescription": "The type and quantity of the resources to request for the container. The values vary based on the `name` that's specified. Resources can be requested by using either the `limits` or the `requests` objects.\n\n- **memory** - The memory hard limit (in MiB) for the container, using whole integers, with a \"Mi\" suffix. If your container attempts to exceed the memory specified, the container is terminated. You must specify at least 4 MiB of memory for a job. `memory` can be specified in `limits` , `requests` , or both. If `memory` is specified in both, then the value that's specified in `limits` must be equal to the value that's specified in `requests` .\n\n> If you're trying to maximize your resource utilization by providing your jobs as much memory as possible for a particular instance type, see [Memory management](https://docs.aws.amazon.com/batch/latest/userguide/memory-management.html) in the *AWS Batch User Guide* .\n- **cpu** - The number of CPUs that are reserved for the container. Values must be an even multiple of `0.25` . `cpu` can be specified in `limits` , `requests` , or both. If `cpu` is specified in both, then the value that's specified in `limits` must be at least as large as the value that's specified in `requests` .\n- **nvidia.com/gpu** - The number of GPUs that are reserved for the container. Values must be a whole integer. `nvidia.com/gpu` can be specified in `limits` , `requests` , or both. If `nvidia.com/gpu` is specified in both, then the value that's specified in `limits` must be equal to the value that's specified in `requests` .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, "title": "Requests", "type": "object" } @@ -27875,6 +32013,11 @@ "markdownDescription": "If this value is `true` , the container has read-only access to the volume. Otherwise, the container can write to the volume. The default value is `false` .", "title": "ReadOnly", "type": "boolean" + }, + "SubPath": { + "markdownDescription": "A sub-path inside the referenced volume instead of its root.", + "title": "SubPath", + "type": "string" } }, "type": "object" @@ -27906,11 +32049,126 @@ }, "type": "object" }, + "AWS::Batch::JobDefinition.EksMetadata": { + "additionalProperties": false, + "properties": { + "Annotations": { + "additionalProperties": true, + "markdownDescription": "Key-value pairs used to attach arbitrary, non-identifying metadata to Kubernetes objects. Valid annotation keys have two segments: an optional prefix and a name, separated by a slash (/).\n\n- The prefix is optional and must be 253 characters or less. If specified, the prefix must be a DNS subdomain\u2212 a series of DNS labels separated by dots (.), and it must end with a slash (/).\n- The name segment is required and must be 63 characters or less. It can include alphanumeric characters ([a-z0-9A-Z]), dashes (-), underscores (_), and dots (.), but must begin and end with an alphanumeric character.\n\n> Annotation values must be 255 characters or less. \n\nAnnotations can be added or modified at any time. Each resource can have multiple annotations.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Annotations", + "type": "object" + }, + "Labels": { + "additionalProperties": true, + "markdownDescription": "Key-value pairs used to identify, sort, and organize cube resources. Can contain up to 63 uppercase letters, lowercase letters, numbers, hyphens (-), and underscores (_). Labels can be added or modified at any time. Each resource can have multiple labels, but each key must be unique for a given object.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Labels", + "type": "object" + }, + "Namespace": { + "markdownDescription": "The namespace of the Amazon EKS cluster. In Kubernetes, namespaces provide a mechanism for isolating groups of resources within a single cluster. Names of resources need to be unique within a namespace, but not across namespaces. AWS Batch places Batch Job pods in this namespace. If this field is provided, the value can't be empty or null. It must meet the following requirements:\n\n- 1-63 characters long\n- Can't be set to default\n- Can't start with `kube`\n- Must match the following regular expression: `^[a-z0-9]([-a-z0-9]*[a-z0-9])?$`\n\nFor more information, see [Namespaces](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/) in the *Kubernetes documentation* . This namespace can be different from the `kubernetesNamespace` set in the compute environment's `EksConfiguration` , but must have identical role-based access control (RBAC) roles as the compute environment's `kubernetesNamespace` . For multi-node parallel jobs, the same value must be provided across all the node ranges.", + "title": "Namespace", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Batch::JobDefinition.EksPersistentVolumeClaim": { + "additionalProperties": false, + "properties": { + "ClaimName": { + "markdownDescription": "The name of the `persistentVolumeClaim` bounded to a `persistentVolume` . For more information, see [Persistent Volume Claims](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/storage/persistent-volumes/#persistentvolumeclaims) in the *Kubernetes documentation* .", + "title": "ClaimName", + "type": "string" + }, + "ReadOnly": { + "markdownDescription": "An optional boolean value indicating if the mount is read only. Default is false. For more information, see [Read Only Mounts](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/storage/volumes/#read-only-mounts) in the *Kubernetes documentation* .", + "title": "ReadOnly", + "type": "boolean" + } + }, + "required": [ + "ClaimName" + ], + "type": "object" + }, + "AWS::Batch::JobDefinition.EksPodProperties": { + "additionalProperties": false, + "properties": { + "Containers": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.EksContainer" + }, + "markdownDescription": "The properties of the container that's used on the Amazon EKS pod.\n\n> This object is limited to 10 elements.", + "title": "Containers", + "type": "array" + }, + "DnsPolicy": { + "markdownDescription": "The DNS policy for the pod. The default value is `ClusterFirst` . If the `hostNetwork` parameter is not specified, the default is `ClusterFirstWithHostNet` . `ClusterFirst` indicates that any DNS query that does not match the configured cluster domain suffix is forwarded to the upstream nameserver inherited from the node. For more information, see [Pod's DNS policy](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-s-dns-policy) in the *Kubernetes documentation* .\n\nValid values: `Default` | `ClusterFirst` | `ClusterFirstWithHostNet`", + "title": "DnsPolicy", + "type": "string" + }, + "HostNetwork": { + "markdownDescription": "Indicates if the pod uses the hosts' network IP address. The default value is `true` . Setting this to `false` enables the Kubernetes pod networking model. Most AWS Batch workloads are egress-only and don't require the overhead of IP allocation for each pod for incoming connections. For more information, see [Host namespaces](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/security/pod-security-policy/#host-namespaces) and [Pod networking](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/workloads/pods/#pod-networking) in the *Kubernetes documentation* .", + "title": "HostNetwork", + "type": "boolean" + }, + "ImagePullSecrets": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.ImagePullSecret" + }, + "markdownDescription": "References a Kubernetes secret resource. It holds a list of secrets. These secrets help to gain access to pull an images from a private registry.\n\n`ImagePullSecret$name` is required when this object is used.", + "title": "ImagePullSecrets", + "type": "array" + }, + "InitContainers": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.EksContainer" + }, + "markdownDescription": "These containers run before application containers, always runs to completion, and must complete successfully before the next container starts. These containers are registered with the Amazon EKS Connector agent and persists the registration information in the Kubernetes backend data store. For more information, see [Init Containers](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/workloads/pods/init-containers/) in the *Kubernetes documentation* .\n\n> This object is limited to 10 elements.", + "title": "InitContainers", + "type": "array" + }, + "Metadata": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.EksMetadata", + "markdownDescription": "Metadata about the Kubernetes pod. For more information, see [Understanding Kubernetes Objects](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/overview/working-with-objects/kubernetes-objects/) in the *Kubernetes documentation* .", + "title": "Metadata" + }, + "ServiceAccountName": { + "markdownDescription": "The name of the service account that's used to run the pod. For more information, see [Kubernetes service accounts](https://docs.aws.amazon.com/eks/latest/userguide/service-accounts.html) and [Configure a Kubernetes service account to assume an IAM role](https://docs.aws.amazon.com/eks/latest/userguide/associate-service-account-role.html) in the *Amazon EKS User Guide* and [Configure service accounts for pods](https://docs.aws.amazon.com/https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/) in the *Kubernetes documentation* .", + "title": "ServiceAccountName", + "type": "string" + }, + "ShareProcessNamespace": { + "markdownDescription": "Indicates if the processes in a container are shared, or visible, to other containers in the same pod. For more information, see [Share Process Namespace between Containers in a Pod](https://docs.aws.amazon.com/https://kubernetes.io/docs/tasks/configure-pod-container/share-process-namespace/) .", + "title": "ShareProcessNamespace", + "type": "boolean" + }, + "Volumes": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.EksVolume" + }, + "markdownDescription": "Specifies the volumes for a job definition that uses Amazon EKS resources.", + "title": "Volumes", + "type": "array" + } + }, + "type": "object" + }, "AWS::Batch::JobDefinition.EksProperties": { "additionalProperties": false, "properties": { "PodProperties": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.PodProperties", + "$ref": "#/definitions/AWS::Batch::JobDefinition.EksPodProperties", "markdownDescription": "The properties for the Kubernetes pod resources of a job.", "title": "PodProperties" } @@ -27954,6 +32212,11 @@ "title": "Name", "type": "string" }, + "PersistentVolumeClaim": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.EksPersistentVolumeClaim", + "markdownDescription": "Specifies the configuration of a Kubernetes `persistentVolumeClaim` bounded to a `persistentVolume` . For more information, see [Persistent Volume Claims](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/storage/persistent-volumes/#persistentvolumeclaims) in the *Kubernetes documentation* .", + "title": "PersistentVolumeClaim" + }, "Secret": { "$ref": "#/definitions/AWS::Batch::JobDefinition.EksSecret", "markdownDescription": "Specifies the configuration of a Kubernetes `secret` volume. For more information, see [secret](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/storage/volumes/#secret) in the *Kubernetes documentation* .", @@ -28035,6 +32298,42 @@ }, "type": "object" }, + "AWS::Batch::JobDefinition.FirelensConfiguration": { + "additionalProperties": false, + "properties": { + "Options": { + "additionalProperties": true, + "markdownDescription": "The options to use when configuring the log router. This field is optional and can be used to specify a custom configuration file or to add additional metadata, such as the task, task definition, cluster, and container instance details to the log event. If specified, the syntax to use is `\"options\":{\"enable-ecs-log-metadata\":\"true|false\",\"config-file-type:\"s3|file\",\"config-file-value\":\"arn:aws:s3:::mybucket/fluent.conf|filepath\"}` . For more information, see [Creating a task definition that uses a FireLens configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html#firelens-taskdef) in the *Amazon Elastic Container Service Developer Guide* .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Options", + "type": "object" + }, + "Type": { + "markdownDescription": "The log router to use. The valid values are `fluentd` or `fluentbit` .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Batch::JobDefinition.Host": { + "additionalProperties": false, + "properties": { + "SourcePath": { + "markdownDescription": "The path on the host container instance that's presented to the container. If this parameter is empty, then the Docker daemon has assigned a host path for you. If this parameter contains a file location, then the data volume persists at the specified location on the host container instance until you delete it manually. If the source path location doesn't exist on the host container instance, the Docker daemon creates it. If the location does exist, the contents of the source path folder are exported.\n\n> This parameter isn't applicable to jobs that run on Fargate resources. Don't provide this for these jobs.", + "title": "SourcePath", + "type": "string" + } + }, + "type": "object" + }, "AWS::Batch::JobDefinition.ImagePullSecret": { "additionalProperties": false, "properties": { @@ -28044,9 +32343,17 @@ "type": "string" } }, - "required": [ - "Name" - ], + "type": "object" + }, + "AWS::Batch::JobDefinition.JobTimeout": { + "additionalProperties": false, + "properties": { + "AttemptDurationSeconds": { + "markdownDescription": "The job timeout time (in seconds) that's measured from the job attempt's `startedAt` timestamp. After this time passes, AWS Batch terminates your jobs if they aren't finished. The minimum value for the timeout is 60 seconds.\n\nFor array jobs, the timeout applies to the child jobs, not to the parent array job.\n\nFor multi-node parallel (MNP) jobs, the timeout applies to the whole job, not to the individual nodes.", + "title": "AttemptDurationSeconds", + "type": "number" + } + }, "type": "object" }, "AWS::Batch::JobDefinition.LinuxParameters": { @@ -28100,7 +32407,13 @@ "type": "string" }, "Options": { + "additionalProperties": true, "markdownDescription": "The configuration options to send to the log driver. This parameter requires version 1.19 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version | grep \"Server API version\"`", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, "title": "Options", "type": "object" }, @@ -28118,26 +32431,227 @@ ], "type": "object" }, - "AWS::Batch::JobDefinition.Metadata": { + "AWS::Batch::JobDefinition.MountPoint": { "additionalProperties": false, "properties": { - "Labels": { - "type": "object" + "ContainerPath": { + "markdownDescription": "The path on the container where the host volume is mounted.", + "title": "ContainerPath", + "type": "string" + }, + "ReadOnly": { + "markdownDescription": "If this value is `true` , the container has read-only access to the volume. Otherwise, the container can write to the volume. The default value is `false` .", + "title": "ReadOnly", + "type": "boolean" + }, + "SourceVolume": { + "markdownDescription": "The name of the volume to mount.", + "title": "SourceVolume", + "type": "string" } }, "type": "object" }, - "AWS::Batch::JobDefinition.MountPoints": { + "AWS::Batch::JobDefinition.MultiNodeContainerProperties": { "additionalProperties": false, "properties": { - "ContainerPath": { + "Command": { + "items": { + "type": "string" + }, + "markdownDescription": "The command that's passed to the container. This parameter maps to `Cmd` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `COMMAND` parameter to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . For more information, see [https://docs.docker.com/engine/reference/builder/#cmd](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/builder/#cmd) .", + "title": "Command", + "type": "array" + }, + "EnableExecuteCommand": { + "markdownDescription": "Determines whether execute command functionality is turned on for this task. If `true` , execute command functionality is turned on all the containers in the task.", + "title": "EnableExecuteCommand", + "type": "boolean" + }, + "Environment": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.Environment" + }, + "markdownDescription": "The environment variables to pass to a container. This parameter maps to `Env` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--env` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) .\n\n> We don't recommend using plaintext environment variables for sensitive information, such as credential data. > Environment variables cannot start with \" `AWS_BATCH` \". This naming convention is reserved for variables that AWS Batch sets.", + "title": "Environment", + "type": "array" + }, + "EphemeralStorage": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.EphemeralStorage", + "markdownDescription": "The amount of ephemeral storage to allocate for the task. This parameter is used to expand the total amount of ephemeral storage available, beyond the default amount, for tasks hosted on AWS Fargate .", + "title": "EphemeralStorage" + }, + "ExecutionRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the execution role that AWS Batch can assume. For jobs that run on Fargate resources, you must provide an execution role. For more information, see [AWS Batch execution IAM role](https://docs.aws.amazon.com/batch/latest/userguide/execution-IAM-role.html) in the *AWS Batch User Guide* .", + "title": "ExecutionRoleArn", "type": "string" }, - "ReadOnly": { + "Image": { + "markdownDescription": "Required. The image used to start a container. This string is passed directly to the Docker daemon. Images in the Docker Hub registry are available by default. Other repositories are specified with `*repository-url* / *image* : *tag*` . It can be 255 characters long. It can contain uppercase and lowercase letters, numbers, hyphens (-), underscores (_), colons (:), periods (.), forward slashes (/), and number signs (#). This parameter maps to `Image` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `IMAGE` parameter of [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) .\n\n> Docker image architecture must match the processor architecture of the compute resources that they're scheduled on. For example, ARM-based Docker images can only run on ARM-based compute resources. \n\n- Images in Amazon ECR Public repositories use the full `registry/repository[:tag]` or `registry/repository[@digest]` naming conventions. For example, `public.ecr.aws/ *registry_alias* / *my-web-app* : *latest*` .\n- Images in Amazon ECR repositories use the full registry and repository URI (for example, `123456789012.dkr.ecr..amazonaws.com/` ).\n- Images in official repositories on Docker Hub use a single name (for example, `ubuntu` or `mongo` ).\n- Images in other repositories on Docker Hub are qualified with an organization name (for example, `amazon/amazon-ecs-agent` ).\n- Images in other online repositories are qualified further by a domain name (for example, `quay.io/assemblyline/ubuntu` ).", + "title": "Image", + "type": "string" + }, + "InstanceType": { + "markdownDescription": "The instance type to use for a multi-node parallel job. All node groups in a multi-node parallel job must use the same instance type.\n\n> This parameter isn't applicable to single-node container jobs or jobs that run on Fargate resources, and shouldn't be provided.", + "title": "InstanceType", + "type": "string" + }, + "JobRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that the container can assume for AWS permissions. For more information, see [IAM roles for tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-iam-roles.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "JobRoleArn", + "type": "string" + }, + "LinuxParameters": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.LinuxParameters", + "markdownDescription": "Linux-specific modifications that are applied to the container, such as details for device mappings.", + "title": "LinuxParameters" + }, + "LogConfiguration": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.LogConfiguration", + "markdownDescription": "The log configuration specification for the container.\n\nThis parameter maps to `LogConfig` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--log-driver` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . By default, containers use the same logging driver that the Docker daemon uses. However the container might use a different logging driver than the Docker daemon by specifying a log driver with this parameter in the container definition. To use a different logging driver for a container, the log system must be configured properly on the container instance (or on a different log server for remote logging options). For more information on the options for different supported log drivers, see [Configure logging drivers](https://docs.aws.amazon.com/https://docs.docker.com/engine/admin/logging/overview/) in the Docker documentation.\n\n> AWS Batch currently supports a subset of the logging drivers available to the Docker daemon (shown in the [LogConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-jobdefinition-containerproperties-logconfiguration.html) data type). \n\nThis parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version | grep \"Server API version\"`\n\n> The Amazon ECS container agent running on a container instance must register the logging drivers available on that instance with the `ECS_AVAILABLE_LOGGING_DRIVERS` environment variable before containers placed on that instance can use these log configuration options. For more information, see [Amazon ECS container agent configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "LogConfiguration" + }, + "Memory": { + "markdownDescription": "This parameter is deprecated, use `resourceRequirements` to specify the memory requirements for the job definition. It's not supported for jobs running on Fargate resources. For jobs that run on Amazon EC2 resources, it specifies the memory hard limit (in MiB) for a container. If your container attempts to exceed the specified number, it's terminated. You must specify at least 4 MiB of memory for a job using this parameter. The memory hard limit can be specified in several places. It must be specified for each node at least once.", + "title": "Memory", + "type": "number" + }, + "MountPoints": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.MountPoint" + }, + "markdownDescription": "The mount points for data volumes in your container.\n\nThis parameter maps to `Volumes` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the [--volume](https://docs.aws.amazon.com/) option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .\n\nWindows containers can mount whole directories on the same drive as `$env:ProgramData` . Windows containers can't mount directories on a different drive, and mount point can't be across drives.", + "title": "MountPoints", + "type": "array" + }, + "Privileged": { + "markdownDescription": "When this parameter is true, the container is given elevated permissions on the host container instance (similar to the `root` user). This parameter maps to `Privileged` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--privileged` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . The default value is false.\n\n> This parameter isn't applicable to jobs that are running on Fargate resources and shouldn't be provided, or specified as false.", + "title": "Privileged", "type": "boolean" }, - "SourceVolume": { + "ReadonlyRootFilesystem": { + "markdownDescription": "When this parameter is true, the container is given read-only access to its root file system. This parameter maps to `ReadonlyRootfs` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--read-only` option to `docker run` .", + "title": "ReadonlyRootFilesystem", + "type": "boolean" + }, + "RepositoryCredentials": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.RepositoryCredentials", + "markdownDescription": "The private repository authentication credentials to use.", + "title": "RepositoryCredentials" + }, + "ResourceRequirements": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.ResourceRequirement" + }, + "markdownDescription": "The type and amount of resources to assign to a container. The supported resources include `GPU` , `MEMORY` , and `VCPU` .", + "title": "ResourceRequirements", + "type": "array" + }, + "RuntimePlatform": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.RuntimePlatform", + "markdownDescription": "An object that represents the compute environment architecture for AWS Batch jobs on Fargate.", + "title": "RuntimePlatform" + }, + "Secrets": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.Secret" + }, + "markdownDescription": "The secrets for the container. For more information, see [Specifying sensitive data](https://docs.aws.amazon.com/batch/latest/userguide/specifying-sensitive-data.html) in the *AWS Batch User Guide* .", + "title": "Secrets", + "type": "array" + }, + "Ulimits": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.Ulimit" + }, + "markdownDescription": "A list of `ulimits` to set in the container. This parameter maps to `Ulimits` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--ulimit` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) .\n\n> This parameter isn't applicable to jobs that are running on Fargate resources and shouldn't be provided.", + "title": "Ulimits", + "type": "array" + }, + "User": { + "markdownDescription": "The user name to use inside the container. This parameter maps to `User` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--user` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) .", + "title": "User", + "type": "string" + }, + "Vcpus": { + "markdownDescription": "This parameter is deprecated, use `resourceRequirements` to specify the vCPU requirements for the job definition. It's not supported for jobs running on Fargate resources. For jobs running on Amazon EC2 resources, it specifies the number of vCPUs reserved for the job.\n\nEach vCPU is equivalent to 1,024 CPU shares. This parameter maps to `CpuShares` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--cpu-shares` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . The number of vCPUs must be specified but can be specified in several places. You must specify it at least once for each node.", + "title": "Vcpus", + "type": "number" + }, + "Volumes": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.Volume" + }, + "markdownDescription": "A list of data volumes used in a job.", + "title": "Volumes", + "type": "array" + } + }, + "required": [ + "Image" + ], + "type": "object" + }, + "AWS::Batch::JobDefinition.MultiNodeEcsProperties": { + "additionalProperties": false, + "properties": { + "TaskProperties": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.MultiNodeEcsTaskProperties" + }, + "markdownDescription": "An object that contains the properties for the Amazon ECS task definition of a job.\n\n> This object is currently limited to one task element. However, the task element can run up to 10 containers.", + "title": "TaskProperties", + "type": "array" + } + }, + "required": [ + "TaskProperties" + ], + "type": "object" + }, + "AWS::Batch::JobDefinition.MultiNodeEcsTaskProperties": { + "additionalProperties": false, + "properties": { + "Containers": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.TaskContainerProperties" + }, + "markdownDescription": "This object is a list of containers.", + "title": "Containers", + "type": "array" + }, + "EnableExecuteCommand": { + "markdownDescription": "Determines whether execute command functionality is turned on for this task. If `true` , execute command functionality is turned on all the containers in the task.", + "title": "EnableExecuteCommand", + "type": "boolean" + }, + "ExecutionRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the execution role that AWS Batch can assume. For jobs that run on Fargate resources, you must provide an execution role. For more information, see [AWS Batch execution IAM role](https://docs.aws.amazon.com/batch/latest/userguide/execution-IAM-role.html) in the *AWS Batch User Guide* .", + "title": "ExecutionRoleArn", + "type": "string" + }, + "IpcMode": { + "markdownDescription": "The IPC resource namespace to use for the containers in the task. The valid values are `host` , `task` , or `none` .\n\nIf `host` is specified, all containers within the tasks that specified the `host` IPC mode on the same container instance share the same IPC resources with the host Amazon EC2 instance.\n\nIf `task` is specified, all containers within the specified `task` share the same IPC resources.\n\nIf `none` is specified, the IPC resources within the containers of a task are private, and are not shared with other containers in a task or on the container instance.\n\nIf no value is specified, then the IPC resource namespace sharing depends on the Docker daemon setting on the container instance. For more information, see [IPC settings](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#ipc-settings---ipc) in the Docker run reference.", + "title": "IpcMode", + "type": "string" + }, + "PidMode": { + "markdownDescription": "The process namespace to use for the containers in the task. The valid values are `host` or `task` . For example, monitoring sidecars might need `pidMode` to access information about other containers running in the same task.\n\nIf `host` is specified, all containers within the tasks that specified the `host` PID mode on the same container instance share the process namespace with the host Amazon EC2 instance.\n\nIf `task` is specified, all containers within the specified task share the same process namespace.\n\nIf no value is specified, the default is a private namespace for each container. For more information, see [PID settings](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#pid-settings---pid) in the Docker run reference.", + "title": "PidMode", "type": "string" + }, + "TaskRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that's associated with the Amazon ECS task.\n\n> This is object is comparable to [ContainerProperties:jobRoleArn](https://docs.aws.amazon.com/batch/latest/APIReference/API_ContainerProperties.html) .", + "title": "TaskRoleArn", + "type": "string" + }, + "Volumes": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.Volume" + }, + "markdownDescription": "A list of volumes that are associated with the job.", + "title": "Volumes", + "type": "array" } }, "type": "object" @@ -28185,16 +32699,26 @@ "AWS::Batch::JobDefinition.NodeRangeProperty": { "additionalProperties": false, "properties": { + "ConsumableResourceProperties": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.ConsumableResourceProperties", + "markdownDescription": "Contains a list of consumable resources required by a job.", + "title": "ConsumableResourceProperties" + }, "Container": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.ContainerProperties", + "$ref": "#/definitions/AWS::Batch::JobDefinition.MultiNodeContainerProperties", "markdownDescription": "The container details for the node range.", "title": "Container" }, "EcsProperties": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.EcsProperties", + "$ref": "#/definitions/AWS::Batch::JobDefinition.MultiNodeEcsProperties", "markdownDescription": "This is an object that represents the properties of the node range for a multi-node parallel job.", "title": "EcsProperties" }, + "EksProperties": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.EksProperties", + "markdownDescription": "This is an object that represents the properties of the node range for a multi-node parallel job.", + "title": "EksProperties" + }, "InstanceTypes": { "items": { "type": "string" @@ -28214,51 +32738,6 @@ ], "type": "object" }, - "AWS::Batch::JobDefinition.PodProperties": { - "additionalProperties": false, - "properties": { - "Containers": { - "items": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.EksContainer" - }, - "type": "array" - }, - "DnsPolicy": { - "type": "string" - }, - "HostNetwork": { - "type": "boolean" - }, - "ImagePullSecrets": { - "items": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.ImagePullSecret" - }, - "type": "array" - }, - "InitContainers": { - "items": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.EksContainer" - }, - "type": "array" - }, - "Metadata": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.Metadata" - }, - "ServiceAccountName": { - "type": "string" - }, - "ShareProcessNamespace": { - "type": "boolean" - }, - "Volumes": { - "items": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.EksVolume" - }, - "type": "array" - } - }, - "type": "object" - }, "AWS::Batch::JobDefinition.RepositoryCredentials": { "additionalProperties": false, "properties": { @@ -28396,6 +32875,11 @@ "title": "Essential", "type": "boolean" }, + "FirelensConfiguration": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.FirelensConfiguration", + "markdownDescription": "The FireLens configuration for the container. This is used to specify and configure a log router for container logs. For more information, see [Custom log](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html) routing in the *Amazon Elastic Container Service Developer Guide* .", + "title": "FirelensConfiguration" + }, "Image": { "markdownDescription": "The image used to start a container. This string is passed directly to the Docker daemon. By default, images in the Docker Hub registry are available. Other repositories are specified with either `repository-url/image:tag` or `repository-url/image@digest` . Up to 255 letters (uppercase and lowercase), numbers, hyphens, underscores, colons, periods, forward slashes, and number signs are allowed. This parameter maps to `Image` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `IMAGE` parameter of the [*docker run*](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .", "title": "Image", @@ -28413,7 +32897,7 @@ }, "MountPoints": { "items": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.MountPoints" + "$ref": "#/definitions/AWS::Batch::JobDefinition.MountPoint" }, "markdownDescription": "The mount points for data volumes in your container.\n\nThis parameter maps to `Volumes` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the [--volume](https://docs.aws.amazon.com/) option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .\n\nWindows containers can mount whole directories on the same drive as `$env:ProgramData` . Windows containers can't mount directories on a different drive, and mount point can't be across drives.", "title": "MountPoints", @@ -28474,15 +32958,6 @@ ], "type": "object" }, - "AWS::Batch::JobDefinition.Timeout": { - "additionalProperties": false, - "properties": { - "AttemptDurationSeconds": { - "type": "number" - } - }, - "type": "object" - }, "AWS::Batch::JobDefinition.Tmpfs": { "additionalProperties": false, "properties": { @@ -28537,25 +33012,22 @@ ], "type": "object" }, - "AWS::Batch::JobDefinition.Volumes": { + "AWS::Batch::JobDefinition.Volume": { "additionalProperties": false, "properties": { "EfsVolumeConfiguration": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.EfsVolumeConfiguration" + "$ref": "#/definitions/AWS::Batch::JobDefinition.EFSVolumeConfiguration", + "markdownDescription": "This parameter is specified when you're using an Amazon Elastic File System file system for job storage. Jobs that are running on Fargate resources must specify a `platformVersion` of at least `1.4.0` .", + "title": "EfsVolumeConfiguration" }, "Host": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.VolumesHost" + "$ref": "#/definitions/AWS::Batch::JobDefinition.Host", + "markdownDescription": "The contents of the `host` parameter determine whether your data volume persists on the host container instance and where it's stored. If the host parameter is empty, then the Docker daemon assigns a host path for your data volume. However, the data isn't guaranteed to persist after the containers that are associated with it stop running.\n\n> This parameter isn't applicable to jobs that are running on Fargate resources and shouldn't be provided.", + "title": "Host" }, "Name": { - "type": "string" - } - }, - "type": "object" - }, - "AWS::Batch::JobDefinition.VolumesHost": { - "additionalProperties": false, - "properties": { - "SourcePath": { + "markdownDescription": "The name of the volume. It can be up to 255 characters long. It can contain uppercase and lowercase letters, numbers, hyphens (-), and underscores (_). This name is referenced in the `sourceVolume` parameter of container definition `mountPoints` .", + "title": "Name", "type": "string" } }, @@ -28885,6 +33357,19 @@ "title": "ActionGroups", "type": "array" }, + "AgentCollaboration": { + "markdownDescription": "The agent's collaboration settings.", + "title": "AgentCollaboration", + "type": "string" + }, + "AgentCollaborators": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Agent.AgentCollaborator" + }, + "markdownDescription": "", + "title": "AgentCollaborators", + "type": "array" + }, "AgentName": { "markdownDescription": "The name of the agent.", "title": "AgentName", @@ -28900,6 +33385,11 @@ "title": "AutoPrepare", "type": "boolean" }, + "CustomOrchestration": { + "$ref": "#/definitions/AWS::Bedrock::Agent.CustomOrchestration", + "markdownDescription": "Contains custom orchestration configurations for the agent.", + "title": "CustomOrchestration" + }, "CustomerEncryptionKeyArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key that encrypts the agent.", "title": "CustomerEncryptionKeyArn", @@ -28915,6 +33405,11 @@ "title": "FoundationModel", "type": "string" }, + "GuardrailConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Agent.GuardrailConfiguration", + "markdownDescription": "Details about the guardrail associated with the agent.", + "title": "GuardrailConfiguration" + }, "IdleSessionTTLInSeconds": { "markdownDescription": "The number of seconds for which Amazon Bedrock keeps information about a user's conversation with the agent.\n\nA user interaction remains active for the amount of time specified. If no conversation occurs during this time, the session expires and Amazon Bedrock deletes any data provided before the timeout.", "title": "IdleSessionTTLInSeconds", @@ -28933,6 +33428,16 @@ "title": "KnowledgeBases", "type": "array" }, + "MemoryConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Agent.MemoryConfiguration", + "markdownDescription": "Contains memory configuration for the agent.", + "title": "MemoryConfiguration" + }, + "OrchestrationType": { + "markdownDescription": "Specifies the orchestration strategy for the agent.", + "title": "OrchestrationType", + "type": "string" + }, "PromptOverrideConfiguration": { "$ref": "#/definitions/AWS::Bedrock::Agent.PromptOverrideConfiguration", "markdownDescription": "Contains configurations to override prompt templates in different parts of an agent sequence. For more information, see [Advanced prompts](https://docs.aws.amazon.com/bedrock/latest/userguide/advanced-prompts.html) .", @@ -29011,15 +33516,17 @@ "AWS::Bedrock::Agent.ActionGroupExecutor": { "additionalProperties": false, "properties": { + "CustomControl": { + "markdownDescription": "To return the action group invocation results directly in the `InvokeInlineAgent` response, specify `RETURN_CONTROL` .", + "title": "CustomControl", + "type": "string" + }, "Lambda": { "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function containing the business logic that is carried out upon invoking the action.", "title": "Lambda", "type": "string" } }, - "required": [ - "Lambda" - ], "type": "object" }, "AWS::Bedrock::Agent.AgentActionGroup": { @@ -29050,6 +33557,11 @@ "title": "Description", "type": "string" }, + "FunctionSchema": { + "$ref": "#/definitions/AWS::Bedrock::Agent.FunctionSchema", + "markdownDescription": "Contains details about the function schema for the action group or the JSON or YAML-formatted payload defining the schema.", + "title": "FunctionSchema" + }, "ParentActionGroupSignature": { "markdownDescription": "If this field is set as `AMAZON.UserInput` , the agent can request the user for additional information when trying to complete a task. The `description` , `apiSchema` , and `actionGroupExecutor` fields must be blank for this action group.\n\nDuring orchestration, if the agent determines that it needs to invoke an API in an action group, but doesn't have enough information to complete the API request, it will invoke this action group instead and return an [Observation](https://docs.aws.amazon.com/bedrock/latest/APIReference/API_agent-runtime_Observation.html) reprompting the user for more information.", "title": "ParentActionGroupSignature", @@ -29066,6 +33578,48 @@ ], "type": "object" }, + "AWS::Bedrock::Agent.AgentCollaborator": { + "additionalProperties": false, + "properties": { + "AgentDescriptor": { + "$ref": "#/definitions/AWS::Bedrock::Agent.AgentDescriptor", + "markdownDescription": "The collaborator's agent descriptor.", + "title": "AgentDescriptor" + }, + "CollaborationInstruction": { + "markdownDescription": "The collaborator's instructions.", + "title": "CollaborationInstruction", + "type": "string" + }, + "CollaboratorName": { + "markdownDescription": "The collaborator's collaborator name.", + "title": "CollaboratorName", + "type": "string" + }, + "RelayConversationHistory": { + "markdownDescription": "The collaborator's relay conversation history.", + "title": "RelayConversationHistory", + "type": "string" + } + }, + "required": [ + "AgentDescriptor", + "CollaborationInstruction", + "CollaboratorName" + ], + "type": "object" + }, + "AWS::Bedrock::Agent.AgentDescriptor": { + "additionalProperties": false, + "properties": { + "AliasArn": { + "markdownDescription": "The agent's alias ARN.", + "title": "AliasArn", + "type": "string" + } + }, + "type": "object" + }, "AWS::Bedrock::Agent.AgentKnowledgeBase": { "additionalProperties": false, "properties": { @@ -29091,6 +33645,85 @@ ], "type": "object" }, + "AWS::Bedrock::Agent.CustomOrchestration": { + "additionalProperties": false, + "properties": { + "Executor": { + "$ref": "#/definitions/AWS::Bedrock::Agent.OrchestrationExecutor", + "markdownDescription": "The structure of the executor invoking the actions in custom orchestration.", + "title": "Executor" + } + }, + "type": "object" + }, + "AWS::Bedrock::Agent.Function": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the function and its purpose.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "A name for the function.", + "title": "Name", + "type": "string" + }, + "Parameters": { + "additionalProperties": false, + "markdownDescription": "The parameters that the agent elicits from the user to fulfill the function.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::Bedrock::Agent.ParameterDetail" + } + }, + "title": "Parameters", + "type": "object" + }, + "RequireConfirmation": { + "markdownDescription": "Contains information if user confirmation is required to invoke the function.", + "title": "RequireConfirmation", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::Bedrock::Agent.FunctionSchema": { + "additionalProperties": false, + "properties": { + "Functions": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Agent.Function" + }, + "markdownDescription": "A list of functions that each define an action in the action group.", + "title": "Functions", + "type": "array" + } + }, + "required": [ + "Functions" + ], + "type": "object" + }, + "AWS::Bedrock::Agent.GuardrailConfiguration": { + "additionalProperties": false, + "properties": { + "GuardrailIdentifier": { + "markdownDescription": "The identifier for the guardrail.", + "title": "GuardrailIdentifier", + "type": "string" + }, + "GuardrailVersion": { + "markdownDescription": "The version of the guardrail.", + "title": "GuardrailVersion", + "type": "string" + } + }, + "type": "object" + }, "AWS::Bedrock::Agent.InferenceConfiguration": { "additionalProperties": false, "properties": { @@ -29125,14 +33758,86 @@ }, "type": "object" }, + "AWS::Bedrock::Agent.MemoryConfiguration": { + "additionalProperties": false, + "properties": { + "EnabledMemoryTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The type of memory that is stored.", + "title": "EnabledMemoryTypes", + "type": "array" + }, + "SessionSummaryConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Agent.SessionSummaryConfiguration", + "markdownDescription": "Contains the configuration for SESSION_SUMMARY memory type enabled for the agent.", + "title": "SessionSummaryConfiguration" + }, + "StorageDays": { + "markdownDescription": "The number of days the agent is configured to retain the conversational context.", + "title": "StorageDays", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Bedrock::Agent.OrchestrationExecutor": { + "additionalProperties": false, + "properties": { + "Lambda": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function containing the business logic that is carried out upon invoking the action.", + "title": "Lambda", + "type": "string" + } + }, + "required": [ + "Lambda" + ], + "type": "object" + }, + "AWS::Bedrock::Agent.ParameterDetail": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the parameter. Helps the foundation model determine how to elicit the parameters from the user.", + "title": "Description", + "type": "string" + }, + "Required": { + "markdownDescription": "Whether the parameter is required for the agent to complete the function for action group invocation.", + "title": "Required", + "type": "boolean" + }, + "Type": { + "markdownDescription": "The data type of the parameter.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, "AWS::Bedrock::Agent.PromptConfiguration": { "additionalProperties": false, "properties": { + "AdditionalModelRequestFields": { + "markdownDescription": "If the Converse or ConverseStream operations support the model, `additionalModelRequestFields` contains additional inference parameters, beyond the base set of inference parameters in the `inferenceConfiguration` field.\n\nFor more information, see [Inference request parameters and response fields for foundation models](https://docs.aws.amazon.com/bedrock/latest/userguide/model-parameters.html) .", + "title": "AdditionalModelRequestFields", + "type": "object" + }, "BasePromptTemplate": { "markdownDescription": "Defines the prompt template with which to replace the default prompt template. You can use placeholder variables in the base prompt template to customize the prompt. For more information, see [Prompt template placeholder variables](https://docs.aws.amazon.com/bedrock/latest/userguide/prompt-placeholders.html) . For more information, see [Configure the prompt templates](https://docs.aws.amazon.com/bedrock/latest/userguide/advanced-prompts-configure.html) .", "title": "BasePromptTemplate", "type": "string" }, + "FoundationModel": { + "markdownDescription": "The agent's foundation model.", + "title": "FoundationModel", + "type": "string" + }, "InferenceConfiguration": { "$ref": "#/definitions/AWS::Bedrock::Agent.InferenceConfiguration", "markdownDescription": "Contains inference parameters to use when the agent invokes a foundation model in the part of the agent sequence defined by the `promptType` . For more information, see [Inference parameters for foundation models](https://docs.aws.amazon.com/bedrock/latest/userguide/model-parameters.html) .", @@ -29199,6 +33904,17 @@ }, "type": "object" }, + "AWS::Bedrock::Agent.SessionSummaryConfiguration": { + "additionalProperties": false, + "properties": { + "MaxRecentSessions": { + "markdownDescription": "Maximum number of recent session summaries to include in the agent's prompt context.", + "title": "MaxRecentSessions", + "type": "number" + } + }, + "type": "object" + }, "AWS::Bedrock::AgentAlias": { "additionalProperties": false, "properties": { @@ -29334,7 +34050,7 @@ ], "type": "object" }, - "AWS::Bedrock::DataSource": { + "AWS::Bedrock::ApplicationInferenceProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -29369,47 +34085,38 @@ "Properties": { "additionalProperties": false, "properties": { - "DataSourceConfiguration": { - "$ref": "#/definitions/AWS::Bedrock::DataSource.DataSourceConfiguration", - "markdownDescription": "The connection configuration for the data source.", - "title": "DataSourceConfiguration" - }, "Description": { - "markdownDescription": "The description of the data source.", + "markdownDescription": "The description of the inference profile.", "title": "Description", "type": "string" }, - "KnowledgeBaseId": { - "markdownDescription": "The unique identifier of the knowledge base to which the data source belongs.", - "title": "KnowledgeBaseId", + "InferenceProfileName": { + "markdownDescription": "The name of the inference profile.", + "title": "InferenceProfileName", "type": "string" }, - "Name": { - "markdownDescription": "The name of the data source.", - "title": "Name", - "type": "string" - }, - "ServerSideEncryptionConfiguration": { - "$ref": "#/definitions/AWS::Bedrock::DataSource.ServerSideEncryptionConfiguration", - "markdownDescription": "Contains details about the configuration of the server-side encryption.", - "title": "ServerSideEncryptionConfiguration" + "ModelSource": { + "$ref": "#/definitions/AWS::Bedrock::ApplicationInferenceProfile.InferenceProfileModelSource", + "markdownDescription": "Contains configurations for the inference profile to copy as the resource.", + "title": "ModelSource" }, - "VectorIngestionConfiguration": { - "$ref": "#/definitions/AWS::Bedrock::DataSource.VectorIngestionConfiguration", - "markdownDescription": "Contains details about how to ingest the documents in the data source.", - "title": "VectorIngestionConfiguration" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags associated with the inference profile.", + "title": "Tags", + "type": "array" } }, "required": [ - "DataSourceConfiguration", - "KnowledgeBaseId", - "Name" + "InferenceProfileName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Bedrock::DataSource" + "AWS::Bedrock::ApplicationInferenceProfile" ], "type": "string" }, @@ -29428,110 +34135,32 @@ ], "type": "object" }, - "AWS::Bedrock::DataSource.ChunkingConfiguration": { - "additionalProperties": false, - "properties": { - "ChunkingStrategy": { - "markdownDescription": "Knowledge base can split your source data into chunks. A *chunk* refers to an excerpt from a data source that is returned when the knowledge base that it belongs to is queried. You have the following options for chunking your data. If you opt for `NONE` , then you may want to pre-process your files by splitting them up such that each file corresponds to a chunk.\n\n- `FIXED_SIZE` \u2013 Amazon Bedrock splits your source data into chunks of the approximate size that you set in the `fixedSizeChunkingConfiguration` .\n- `HIERARCHICAL` \u2013 Split documents into layers of chunks where the first layer contains large chunks, and the second layer contains smaller chunks derived from the first layer.\n- `SEMANTIC` \u2013 Split documents into chunks based on groups of similar content derived with natural language processing.\n- `NONE` \u2013 Amazon Bedrock treats each file as one chunk. If you choose this option, you may want to pre-process your documents by splitting them into separate files.", - "title": "ChunkingStrategy", - "type": "string" - }, - "FixedSizeChunkingConfiguration": { - "$ref": "#/definitions/AWS::Bedrock::DataSource.FixedSizeChunkingConfiguration", - "markdownDescription": "Configurations for when you choose fixed-size chunking. If you set the `chunkingStrategy` as `NONE` , exclude this field.", - "title": "FixedSizeChunkingConfiguration" - } - }, - "required": [ - "ChunkingStrategy" - ], - "type": "object" - }, - "AWS::Bedrock::DataSource.DataSourceConfiguration": { + "AWS::Bedrock::ApplicationInferenceProfile.InferenceProfileModel": { "additionalProperties": false, "properties": { - "S3Configuration": { - "$ref": "#/definitions/AWS::Bedrock::DataSource.S3DataSourceConfiguration", - "markdownDescription": "The configuration information to connect to Amazon S3 as your data source.", - "title": "S3Configuration" - }, - "Type": { - "markdownDescription": "The type of data source.", - "title": "Type", + "ModelArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the model.", + "title": "ModelArn", "type": "string" } }, - "required": [ - "S3Configuration", - "Type" - ], - "type": "object" - }, - "AWS::Bedrock::DataSource.FixedSizeChunkingConfiguration": { - "additionalProperties": false, - "properties": { - "MaxTokens": { - "markdownDescription": "The maximum number of tokens to include in a chunk.", - "title": "MaxTokens", - "type": "number" - }, - "OverlapPercentage": { - "markdownDescription": "The percentage of overlap between adjacent chunks of a data source.", - "title": "OverlapPercentage", - "type": "number" - } - }, - "required": [ - "MaxTokens", - "OverlapPercentage" - ], "type": "object" }, - "AWS::Bedrock::DataSource.S3DataSourceConfiguration": { + "AWS::Bedrock::ApplicationInferenceProfile.InferenceProfileModelSource": { "additionalProperties": false, "properties": { - "BucketArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the S3 bucket that contains your data.", - "title": "BucketArn", + "CopyFrom": { + "markdownDescription": "The ARN of the model or system-defined inference profile that is the source for the inference profile.", + "title": "CopyFrom", "type": "string" - }, - "InclusionPrefixes": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of S3 prefixes to include certain files or content. For more information, see [Organizing objects using prefixes](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-prefixes.html) .", - "title": "InclusionPrefixes", - "type": "array" } }, "required": [ - "BucketArn" + "CopyFrom" ], "type": "object" }, - "AWS::Bedrock::DataSource.ServerSideEncryptionConfiguration": { - "additionalProperties": false, - "properties": { - "KmsKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key used to encrypt the resource.", - "title": "KmsKeyArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Bedrock::DataSource.VectorIngestionConfiguration": { - "additionalProperties": false, - "properties": { - "ChunkingConfiguration": { - "$ref": "#/definitions/AWS::Bedrock::DataSource.ChunkingConfiguration", - "markdownDescription": "Details about how to chunk the documents in the data source. A *chunk* refers to an excerpt from a data source that is returned when the knowledge base that it belongs to is queried.", - "title": "ChunkingConfiguration" - } - }, - "type": "object" - }, - "AWS::Bedrock::Guardrail": { + "AWS::Bedrock::Blueprint": { "additionalProperties": false, "properties": { "Condition": { @@ -29566,70 +34195,56 @@ "Properties": { "additionalProperties": false, "properties": { - "BlockedInputMessaging": { - "markdownDescription": "The message to return when the guardrail blocks a prompt.", - "title": "BlockedInputMessaging", - "type": "string" - }, - "BlockedOutputsMessaging": { - "markdownDescription": "The message to return when the guardrail blocks a model response.", - "title": "BlockedOutputsMessaging", - "type": "string" - }, - "ContentPolicyConfig": { - "$ref": "#/definitions/AWS::Bedrock::Guardrail.ContentPolicyConfig", - "markdownDescription": "The content filter policies to configure for the guardrail.", - "title": "ContentPolicyConfig" - }, - "Description": { - "markdownDescription": "A description of the guardrail.", - "title": "Description", + "BlueprintName": { + "markdownDescription": "The blueprint's name.", + "title": "BlueprintName", "type": "string" }, - "KmsKeyArn": { - "markdownDescription": "The ARN of the AWS KMS key that you use to encrypt the guardrail.", - "title": "KmsKeyArn", - "type": "string" + "KmsEncryptionContext": { + "additionalProperties": true, + "markdownDescription": "Name-value pairs to include as an encryption context.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "KmsEncryptionContext", + "type": "object" }, - "Name": { - "markdownDescription": "The name of the guardrail.", - "title": "Name", + "KmsKeyId": { + "markdownDescription": "The AWS KMS key to use for encryption.", + "title": "KmsKeyId", "type": "string" }, - "SensitiveInformationPolicyConfig": { - "$ref": "#/definitions/AWS::Bedrock::Guardrail.SensitiveInformationPolicyConfig", - "markdownDescription": "The sensitive information policy to configure for the guardrail.", - "title": "SensitiveInformationPolicyConfig" + "Schema": { + "markdownDescription": "The blueprint's schema.", + "title": "Schema", + "type": "object" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags that you want to attach to the guardrail.", + "markdownDescription": "", "title": "Tags", "type": "array" }, - "TopicPolicyConfig": { - "$ref": "#/definitions/AWS::Bedrock::Guardrail.TopicPolicyConfig", - "markdownDescription": "The topic policies to configure for the guardrail.", - "title": "TopicPolicyConfig" - }, - "WordPolicyConfig": { - "$ref": "#/definitions/AWS::Bedrock::Guardrail.WordPolicyConfig", - "markdownDescription": "The word policy you configure for the guardrail.", - "title": "WordPolicyConfig" + "Type": { + "markdownDescription": "The blueprint's type.", + "title": "Type", + "type": "string" } }, "required": [ - "BlockedInputMessaging", - "BlockedOutputsMessaging", - "Name" + "BlueprintName", + "Schema", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::Bedrock::Guardrail" + "AWS::Bedrock::Blueprint" ], "type": "string" }, @@ -29648,561 +34263,703 @@ ], "type": "object" }, - "AWS::Bedrock::Guardrail.ContentFilterConfig": { + "AWS::Bedrock::DataAutomationProject": { "additionalProperties": false, "properties": { - "InputStrength": { - "markdownDescription": "The strength of the content filter to apply to prompts. As you increase the filter strength, the likelihood of filtering harmful content increases and the probability of seeing harmful content in your application reduces.", - "title": "InputStrength", + "Condition": { "type": "string" }, - "OutputStrength": { - "markdownDescription": "The strength of the content filter to apply to model responses. As you increase the filter strength, the likelihood of filtering harmful content increases and the probability of seeing harmful content in your application reduces.", - "title": "OutputStrength", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CustomOutputConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.CustomOutputConfiguration", + "markdownDescription": "Blueprints to apply to objects processed by the project.", + "title": "CustomOutputConfiguration" + }, + "KmsEncryptionContext": { + "additionalProperties": true, + "markdownDescription": "The AWS KMS encryption context to use for encryption.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "KmsEncryptionContext", + "type": "object" + }, + "KmsKeyId": { + "markdownDescription": "The AWS KMS key to use for encryption.", + "title": "KmsKeyId", + "type": "string" + }, + "OverrideConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.OverrideConfiguration", + "markdownDescription": "Additional settings for the project.", + "title": "OverrideConfiguration" + }, + "ProjectDescription": { + "markdownDescription": "The project's description.", + "title": "ProjectDescription", + "type": "string" + }, + "ProjectName": { + "markdownDescription": "The project's name.", + "title": "ProjectName", + "type": "string" + }, + "StandardOutputConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.StandardOutputConfiguration", + "markdownDescription": "The project's standard output configuration.", + "title": "StandardOutputConfiguration" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "ProjectName" + ], + "type": "object" + }, "Type": { - "markdownDescription": "The harmful category that the content filter is applied to.", - "title": "Type", + "enum": [ + "AWS::Bedrock::DataAutomationProject" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "InputStrength", - "OutputStrength", - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Bedrock::Guardrail.ContentPolicyConfig": { + "AWS::Bedrock::DataAutomationProject.AudioExtractionCategory": { "additionalProperties": false, "properties": { - "FiltersConfig": { + "State": { + "markdownDescription": "Whether generating categorical data from audio is enabled.", + "title": "State", + "type": "string" + }, + "Types": { "items": { - "$ref": "#/definitions/AWS::Bedrock::Guardrail.ContentFilterConfig" + "type": "string" }, - "markdownDescription": "Contains the type of the content filter and how strongly it should apply to prompts and model responses.", - "title": "FiltersConfig", + "markdownDescription": "The types of data to generate.", + "title": "Types", "type": "array" } }, "required": [ - "FiltersConfig" + "State" ], "type": "object" }, - "AWS::Bedrock::Guardrail.ManagedWordsConfig": { + "AWS::Bedrock::DataAutomationProject.AudioOverrideConfiguration": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The managed word type to configure for the guardrail.", - "title": "Type", - "type": "string" + "ModalityProcessing": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.ModalityProcessingConfiguration", + "markdownDescription": "Sets modality processing for audio files. All modalities are enabled by default.", + "title": "ModalityProcessing" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataAutomationProject.AudioStandardExtraction": { + "additionalProperties": false, + "properties": { + "Category": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.AudioExtractionCategory", + "markdownDescription": "Settings for generating data from audio.", + "title": "Category" } }, "required": [ - "Type" + "Category" ], "type": "object" }, - "AWS::Bedrock::Guardrail.PiiEntityConfig": { + "AWS::Bedrock::DataAutomationProject.AudioStandardGenerativeField": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "Configure guardrail action when the PII entity is detected.", - "title": "Action", + "State": { + "markdownDescription": "Whether generating descriptions is enabled for audio.", + "title": "State", "type": "string" }, - "Type": { - "markdownDescription": "Configure guardrail type when the PII entity is detected.\n\nThe following PIIs are used to block or mask sensitive information:\n\n- *General*\n\n- *ADDRESS*\n\nA physical address, such as \"100 Main Street, Anytown, USA\" or \"Suite #12, Building 123\". An address can include information such as the street, building, location, city, state, country, county, zip code, precinct, and neighborhood.\n- *AGE*\n\nAn individual's age, including the quantity and unit of time. For example, in the phrase \"I am 40 years old,\" Guardrails recognizes \"40 years\" as an age.\n- *NAME*\n\nAn individual's name. This entity type does not include titles, such as Dr., Mr., Mrs., or Miss. guardrails doesn't apply this entity type to names that are part of organizations or addresses. For example, guardrails recognizes the \"John Doe Organization\" as an organization, and it recognizes \"Jane Doe Street\" as an address.\n- *EMAIL*\n\nAn email address, such as *marymajor@email.com* .\n- *PHONE*\n\nA phone number. This entity type also includes fax and pager numbers.\n- *USERNAME*\n\nA user name that identifies an account, such as a login name, screen name, nick name, or handle.\n- *PASSWORD*\n\nAn alphanumeric string that is used as a password, such as \"* *very20special#pass** \".\n- *DRIVER_ID*\n\nThe number assigned to a driver's license, which is an official document permitting an individual to operate one or more motorized vehicles on a public road. A driver's license number consists of alphanumeric characters.\n- *LICENSE_PLATE*\n\nA license plate for a vehicle is issued by the state or country where the vehicle is registered. The format for passenger vehicles is typically five to eight digits, consisting of upper-case letters and numbers. The format varies depending on the location of the issuing state or country.\n- *VEHICLE_IDENTIFICATION_NUMBER*\n\nA Vehicle Identification Number (VIN) uniquely identifies a vehicle. VIN content and format are defined in the *ISO 3779* specification. Each country has specific codes and formats for VINs.\n- *Finance*\n\n- *CREDIT_DEBIT_CARD_CVV*\n\nA three-digit card verification code (CVV) that is present on VISA, MasterCard, and Discover credit and debit cards. For American Express credit or debit cards, the CVV is a four-digit numeric code.\n- *CREDIT_DEBIT_CARD_EXPIRY*\n\nThe expiration date for a credit or debit card. This number is usually four digits long and is often formatted as *month/year* or *MM/YY* . Guardrails recognizes expiration dates such as *01/21* , *01/2021* , and *Jan 2021* .\n- *CREDIT_DEBIT_CARD_NUMBER*\n\nThe number for a credit or debit card. These numbers can vary from 13 to 16 digits in length. However, Amazon Comprehend also recognizes credit or debit card numbers when only the last four digits are present.\n- *PIN*\n\nA four-digit personal identification number (PIN) with which you can access your bank account.\n- *INTERNATIONAL_BANK_ACCOUNT_NUMBER*\n\nAn International Bank Account Number has specific formats in each country. For more information, see [www.iban.com/structure](https://docs.aws.amazon.com/https://www.iban.com/structure) .\n- *SWIFT_CODE*\n\nA SWIFT code is a standard format of Bank Identifier Code (BIC) used to specify a particular bank or branch. Banks use these codes for money transfers such as international wire transfers.\n\nSWIFT codes consist of eight or 11 characters. The 11-digit codes refer to specific branches, while eight-digit codes (or 11-digit codes ending in 'XXX') refer to the head or primary office.\n- *IT*\n\n- *IP_ADDRESS*\n\nAn IPv4 address, such as *198.51.100.0* .\n- *MAC_ADDRESS*\n\nA *media access control* (MAC) address is a unique identifier assigned to a network interface controller (NIC).\n- *URL*\n\nA web address, such as *www.example.com* .\n- *AWS_ACCESS_KEY*\n\nA unique identifier that's associated with a secret access key; you use the access key ID and secret access key to sign programmatic AWS requests cryptographically.\n- *AWS_SECRET_KEY*\n\nA unique identifier that's associated with an access key. You use the access key ID and secret access key to sign programmatic AWS requests cryptographically.\n- *USA specific*\n\n- *US_BANK_ACCOUNT_NUMBER*\n\nA US bank account number, which is typically 10 to 12 digits long.\n- *US_BANK_ROUTING_NUMBER*\n\nA US bank account routing number. These are typically nine digits long,\n- *US_INDIVIDUAL_TAX_IDENTIFICATION_NUMBER*\n\nA US Individual Taxpayer Identification Number (ITIN) is a nine-digit number that starts with a \"9\" and contain a \"7\" or \"8\" as the fourth digit. An ITIN can be formatted with a space or a dash after the third and forth digits.\n- *US_PASSPORT_NUMBER*\n\nA US passport number. Passport numbers range from six to nine alphanumeric characters.\n- *US_SOCIAL_SECURITY_NUMBER*\n\nA US Social Security Number (SSN) is a nine-digit number that is issued to US citizens, permanent residents, and temporary working residents.\n- *Canada specific*\n\n- *CA_HEALTH_NUMBER*\n\nA Canadian Health Service Number is a 10-digit unique identifier, required for individuals to access healthcare benefits.\n- *CA_SOCIAL_INSURANCE_NUMBER*\n\nA Canadian Social Insurance Number (SIN) is a nine-digit unique identifier, required for individuals to access government programs and benefits.\n\nThe SIN is formatted as three groups of three digits, such as *123-456-789* . A SIN can be validated through a simple check-digit process called the [Luhn algorithm](https://docs.aws.amazon.com/https://www.wikipedia.org/wiki/Luhn_algorithm) .\n- *UK Specific*\n\n- *UK_NATIONAL_HEALTH_SERVICE_NUMBER*\n\nA UK National Health Service Number is a 10-17 digit number, such as *485 777 3456* . The current system formats the 10-digit number with spaces after the third and sixth digits. The final digit is an error-detecting checksum.\n- *UK_NATIONAL_INSURANCE_NUMBER*\n\nA UK National Insurance Number (NINO) provides individuals with access to National Insurance (social security) benefits. It is also used for some purposes in the UK tax system.\n\nThe number is nine digits long and starts with two letters, followed by six numbers and one letter. A NINO can be formatted with a space or a dash after the two letters and after the second, forth, and sixth digits.\n- *UK_UNIQUE_TAXPAYER_REFERENCE_NUMBER*\n\nA UK Unique Taxpayer Reference (UTR) is a 10-digit number that identifies a taxpayer or a business.\n- *Custom*\n\n- *Regex filter* - You can use a regular expressions to define patterns for a guardrail to recognize and act upon such as serial number, booking ID etc..", - "title": "Type", - "type": "string" + "Types": { + "items": { + "type": "string" + }, + "markdownDescription": "The types of description to generate.", + "title": "Types", + "type": "array" } }, "required": [ - "Action", - "Type" + "State" ], "type": "object" }, - "AWS::Bedrock::Guardrail.RegexConfig": { + "AWS::Bedrock::DataAutomationProject.AudioStandardOutputConfiguration": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The guardrail action to configure when matching regular expression is detected.", - "title": "Action", - "type": "string" + "Extraction": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.AudioStandardExtraction", + "markdownDescription": "Settings for populating data fields that describe the audio.", + "title": "Extraction" }, - "Description": { - "markdownDescription": "The description of the regular expression to configure for the guardrail.", - "title": "Description", + "GenerativeField": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.AudioStandardGenerativeField", + "markdownDescription": "Whether to generate descriptions of the data.", + "title": "GenerativeField" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataAutomationProject.BlueprintItem": { + "additionalProperties": false, + "properties": { + "BlueprintArn": { + "markdownDescription": "The blueprint's ARN.", + "title": "BlueprintArn", "type": "string" }, - "Name": { - "markdownDescription": "The name of the regular expression to configure for the guardrail.", - "title": "Name", + "BlueprintStage": { + "markdownDescription": "The blueprint's stage.", + "title": "BlueprintStage", "type": "string" }, - "Pattern": { - "markdownDescription": "The regular expression pattern to configure for the guardrail.", - "title": "Pattern", + "BlueprintVersion": { + "markdownDescription": "The blueprint's version.", + "title": "BlueprintVersion", "type": "string" } }, "required": [ - "Action", - "Name", - "Pattern" + "BlueprintArn" ], "type": "object" }, - "AWS::Bedrock::Guardrail.SensitiveInformationPolicyConfig": { + "AWS::Bedrock::DataAutomationProject.CustomOutputConfiguration": { "additionalProperties": false, "properties": { - "PiiEntitiesConfig": { - "items": { - "$ref": "#/definitions/AWS::Bedrock::Guardrail.PiiEntityConfig" - }, - "markdownDescription": "A list of PII entities to configure to the guardrail.", - "title": "PiiEntitiesConfig", - "type": "array" - }, - "RegexesConfig": { + "Blueprints": { "items": { - "$ref": "#/definitions/AWS::Bedrock::Guardrail.RegexConfig" + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.BlueprintItem" }, - "markdownDescription": "A list of regular expressions to configure to the guardrail.", - "title": "RegexesConfig", + "markdownDescription": "A list of blueprints.", + "title": "Blueprints", "type": "array" } }, "type": "object" }, - "AWS::Bedrock::Guardrail.TopicConfig": { + "AWS::Bedrock::DataAutomationProject.DocumentBoundingBox": { "additionalProperties": false, "properties": { - "Definition": { - "markdownDescription": "A definition of the topic to deny.", - "title": "Definition", - "type": "string" - }, - "Examples": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of prompts, each of which is an example of a prompt that can be categorized as belonging to the topic.", - "title": "Examples", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the topic to deny.", - "title": "Name", - "type": "string" - }, - "Type": { - "markdownDescription": "Specifies to deny the topic.", - "title": "Type", + "State": { + "markdownDescription": "Whether bounding boxes are enabled for documents.", + "title": "State", "type": "string" } }, "required": [ - "Definition", - "Name", - "Type" + "State" ], "type": "object" }, - "AWS::Bedrock::Guardrail.TopicPolicyConfig": { + "AWS::Bedrock::DataAutomationProject.DocumentExtractionGranularity": { "additionalProperties": false, "properties": { - "TopicsConfig": { + "Types": { "items": { - "$ref": "#/definitions/AWS::Bedrock::Guardrail.TopicConfig" + "type": "string" }, - "markdownDescription": "A list of policies related to topics that the guardrail should deny.", - "title": "TopicsConfig", + "markdownDescription": "Granularity settings for documents.", + "title": "Types", "type": "array" } }, - "required": [ - "TopicsConfig" - ], "type": "object" }, - "AWS::Bedrock::Guardrail.WordConfig": { + "AWS::Bedrock::DataAutomationProject.DocumentOutputAdditionalFileFormat": { "additionalProperties": false, "properties": { - "Text": { - "markdownDescription": "Text of the word configured for the guardrail to block.", - "title": "Text", + "State": { + "markdownDescription": "Whether additional file formats are enabled for a project.", + "title": "State", "type": "string" } }, "required": [ - "Text" + "State" ], "type": "object" }, - "AWS::Bedrock::Guardrail.WordPolicyConfig": { + "AWS::Bedrock::DataAutomationProject.DocumentOutputFormat": { "additionalProperties": false, "properties": { - "ManagedWordListsConfig": { - "items": { - "$ref": "#/definitions/AWS::Bedrock::Guardrail.ManagedWordsConfig" - }, - "markdownDescription": "A list of managed words to configure for the guardrail.", - "title": "ManagedWordListsConfig", - "type": "array" + "AdditionalFileFormat": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.DocumentOutputAdditionalFileFormat", + "markdownDescription": "Output settings for additional file formats.", + "title": "AdditionalFileFormat" }, - "WordsConfig": { + "TextFormat": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.DocumentOutputTextFormat", + "markdownDescription": "An output text format.", + "title": "TextFormat" + } + }, + "required": [ + "AdditionalFileFormat", + "TextFormat" + ], + "type": "object" + }, + "AWS::Bedrock::DataAutomationProject.DocumentOutputTextFormat": { + "additionalProperties": false, + "properties": { + "Types": { "items": { - "$ref": "#/definitions/AWS::Bedrock::Guardrail.WordConfig" + "type": "string" }, - "markdownDescription": "A list of words to configure for the guardrail.", - "title": "WordsConfig", + "markdownDescription": "The types of output text to generate.", + "title": "Types", "type": "array" } }, "type": "object" }, - "AWS::Bedrock::KnowledgeBase": { + "AWS::Bedrock::DataAutomationProject.DocumentOverrideConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The description of the knowledge base associated with the inline agent.", - "title": "Description", - "type": "string" - }, - "KnowledgeBaseConfiguration": { - "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.KnowledgeBaseConfiguration", - "markdownDescription": "Contains details about the embeddings configuration of the knowledge base.", - "title": "KnowledgeBaseConfiguration" - }, - "Name": { - "markdownDescription": "The name of the knowledge base.", - "title": "Name", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role with permissions to invoke API operations on the knowledge base.", - "title": "RoleArn", - "type": "string" - }, - "StorageConfiguration": { - "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.StorageConfiguration", - "markdownDescription": "Contains details about the storage configuration of the knowledge base.", - "title": "StorageConfiguration" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Metadata that you can assign to a resource as key-value pairs. For more information, see the following resources:\n\n- [Tag naming limits and requirements](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-conventions)\n- [Tagging best practices](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-best-practices)", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - } - }, - "required": [ - "KnowledgeBaseConfiguration", - "Name", - "RoleArn", - "StorageConfiguration" - ], - "type": "object" + "ModalityProcessing": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.ModalityProcessingConfiguration", + "markdownDescription": "Sets modality processing for document files. All modalities are enabled by default.", + "title": "ModalityProcessing" }, - "Type": { - "enum": [ - "AWS::Bedrock::KnowledgeBase" - ], - "type": "string" + "Splitter": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.SplitterConfiguration", + "markdownDescription": "Whether document splitter is enabled for a project.", + "title": "Splitter" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataAutomationProject.DocumentStandardExtraction": { + "additionalProperties": false, + "properties": { + "BoundingBox": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.DocumentBoundingBox", + "markdownDescription": "Whether to generate bounding boxes.", + "title": "BoundingBox" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Granularity": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.DocumentExtractionGranularity", + "markdownDescription": "Which granularities to generate data for.", + "title": "Granularity" } }, "required": [ - "Type", - "Properties" + "BoundingBox", + "Granularity" ], "type": "object" }, - "AWS::Bedrock::KnowledgeBase.KnowledgeBaseConfiguration": { + "AWS::Bedrock::DataAutomationProject.DocumentStandardGenerativeField": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The type of data that the data source is converted into for the knowledge base.", - "title": "Type", + "State": { + "markdownDescription": "Whether generating descriptions is enabled for documents.", + "title": "State", "type": "string" - }, - "VectorKnowledgeBaseConfiguration": { - "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.VectorKnowledgeBaseConfiguration", - "markdownDescription": "Contains details about the model that's used to convert the data source into vector embeddings.", - "title": "VectorKnowledgeBaseConfiguration" } }, "required": [ - "Type", - "VectorKnowledgeBaseConfiguration" + "State" ], "type": "object" }, - "AWS::Bedrock::KnowledgeBase.OpenSearchServerlessConfiguration": { + "AWS::Bedrock::DataAutomationProject.DocumentStandardOutputConfiguration": { "additionalProperties": false, "properties": { - "CollectionArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the OpenSearch Service vector store.", - "title": "CollectionArn", - "type": "string" + "Extraction": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.DocumentStandardExtraction", + "markdownDescription": "Settings for populating data fields that describe the document.", + "title": "Extraction" }, - "FieldMapping": { - "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.OpenSearchServerlessFieldMapping", - "markdownDescription": "Contains the names of the fields to which to map information about the vector store.", - "title": "FieldMapping" + "GenerativeField": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.DocumentStandardGenerativeField", + "markdownDescription": "Whether to generate descriptions.", + "title": "GenerativeField" }, - "VectorIndexName": { - "markdownDescription": "The name of the vector store.", - "title": "VectorIndexName", + "OutputFormat": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.DocumentOutputFormat", + "markdownDescription": "The output format to generate.", + "title": "OutputFormat" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataAutomationProject.ImageBoundingBox": { + "additionalProperties": false, + "properties": { + "State": { + "markdownDescription": "Bounding box settings for a project.", + "title": "State", "type": "string" } }, "required": [ - "CollectionArn", - "FieldMapping", - "VectorIndexName" + "State" ], "type": "object" }, - "AWS::Bedrock::KnowledgeBase.OpenSearchServerlessFieldMapping": { + "AWS::Bedrock::DataAutomationProject.ImageExtractionCategory": { "additionalProperties": false, "properties": { - "MetadataField": { - "markdownDescription": "The name of the field in which Amazon Bedrock stores metadata about the vector store.", - "title": "MetadataField", - "type": "string" - }, - "TextField": { - "markdownDescription": "The name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose.", - "title": "TextField", + "State": { + "markdownDescription": "Whether generating categorical data from images is enabled.", + "title": "State", "type": "string" }, - "VectorField": { - "markdownDescription": "The name of the field in which Amazon Bedrock stores the vector embeddings for your data sources.", - "title": "VectorField", - "type": "string" + "Types": { + "items": { + "type": "string" + }, + "markdownDescription": "The types of data to generate.", + "title": "Types", + "type": "array" } }, "required": [ - "MetadataField", - "TextField", - "VectorField" + "State" ], "type": "object" }, - "AWS::Bedrock::KnowledgeBase.PineconeConfiguration": { + "AWS::Bedrock::DataAutomationProject.ImageOverrideConfiguration": { "additionalProperties": false, "properties": { - "ConnectionString": { - "markdownDescription": "The endpoint URL for your index management page.", - "title": "ConnectionString", - "type": "string" - }, - "CredentialsSecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the secret that you created in AWS Secrets Manager that is linked to your Pinecone API key.", - "title": "CredentialsSecretArn", - "type": "string" - }, - "FieldMapping": { - "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.PineconeFieldMapping", - "markdownDescription": "Contains the names of the fields to which to map information about the vector store.", - "title": "FieldMapping" + "ModalityProcessing": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.ModalityProcessingConfiguration", + "markdownDescription": "Sets modality processing for image files. All modalities are enabled by default.", + "title": "ModalityProcessing" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataAutomationProject.ImageStandardExtraction": { + "additionalProperties": false, + "properties": { + "BoundingBox": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.ImageBoundingBox", + "markdownDescription": "Settings for generating bounding boxes.", + "title": "BoundingBox" }, - "Namespace": { - "markdownDescription": "The namespace to be used to write new data to your database.", - "title": "Namespace", - "type": "string" + "Category": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.ImageExtractionCategory", + "markdownDescription": "Settings for generating categorical data.", + "title": "Category" } }, "required": [ - "ConnectionString", - "CredentialsSecretArn", - "FieldMapping" + "BoundingBox", + "Category" ], "type": "object" }, - "AWS::Bedrock::KnowledgeBase.PineconeFieldMapping": { + "AWS::Bedrock::DataAutomationProject.ImageStandardGenerativeField": { "additionalProperties": false, "properties": { - "MetadataField": { - "markdownDescription": "The name of the field in which Amazon Bedrock stores metadata about the vector store.", - "title": "MetadataField", + "State": { + "markdownDescription": "Whether generating descriptions is enabled for images.", + "title": "State", "type": "string" }, - "TextField": { - "markdownDescription": "The name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose.", - "title": "TextField", - "type": "string" + "Types": { + "items": { + "type": "string" + }, + "markdownDescription": "Settings for generating descriptions of images.", + "title": "Types", + "type": "array" } }, "required": [ - "MetadataField", - "TextField" + "State" ], "type": "object" }, - "AWS::Bedrock::KnowledgeBase.RdsConfiguration": { + "AWS::Bedrock::DataAutomationProject.ImageStandardOutputConfiguration": { "additionalProperties": false, "properties": { - "CredentialsSecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the secret that you created in AWS Secrets Manager that is linked to your Amazon RDS database.", - "title": "CredentialsSecretArn", - "type": "string" + "Extraction": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.ImageStandardExtraction", + "markdownDescription": "Settings for populating data fields that describe the image.", + "title": "Extraction" }, - "DatabaseName": { - "markdownDescription": "The name of your Amazon RDS database.", - "title": "DatabaseName", + "GenerativeField": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.ImageStandardGenerativeField", + "markdownDescription": "Whether to generate descriptions of the data.", + "title": "GenerativeField" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataAutomationProject.ModalityProcessingConfiguration": { + "additionalProperties": false, + "properties": { + "State": { + "markdownDescription": "Stores the state of the modality for your project, set to either enabled or disabled", + "title": "State", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataAutomationProject.ModalityRoutingConfiguration": { + "additionalProperties": false, + "properties": { + "jpeg": { + "markdownDescription": "Sets whether JPEG files are routed to document or image processing.", + "title": "jpeg", "type": "string" }, - "FieldMapping": { - "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.RdsFieldMapping", - "markdownDescription": "Contains the names of the fields to which to map information about the vector store.", - "title": "FieldMapping" + "mov": { + "markdownDescription": "Sets whether MOV files are routed to audio or video processing.", + "title": "mov", + "type": "string" }, - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the vector store.", - "title": "ResourceArn", + "mp4": { + "markdownDescription": "Sets whether MP4 files are routed to audio or video processing.", + "title": "mp4", "type": "string" }, - "TableName": { - "markdownDescription": "The name of the table in the database.", - "title": "TableName", + "png": { + "markdownDescription": "Sets whether PNG files are routed to document or image processing.", + "title": "png", "type": "string" } }, - "required": [ - "CredentialsSecretArn", - "DatabaseName", - "FieldMapping", - "ResourceArn", - "TableName" - ], "type": "object" }, - "AWS::Bedrock::KnowledgeBase.RdsFieldMapping": { + "AWS::Bedrock::DataAutomationProject.OverrideConfiguration": { "additionalProperties": false, "properties": { - "MetadataField": { - "markdownDescription": "The name of the field in which Amazon Bedrock stores metadata about the vector store.", - "title": "MetadataField", - "type": "string" + "Audio": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.AudioOverrideConfiguration", + "markdownDescription": "This element declares whether your project will process audio files.", + "title": "Audio" }, - "PrimaryKeyField": { - "markdownDescription": "The name of the field in which Amazon Bedrock stores the ID for each entry.", - "title": "PrimaryKeyField", - "type": "string" + "Document": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.DocumentOverrideConfiguration", + "markdownDescription": "Additional settings for a project.", + "title": "Document" }, - "TextField": { - "markdownDescription": "The name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose.", - "title": "TextField", + "Image": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.ImageOverrideConfiguration", + "markdownDescription": "This element declares whether your project will process image files.", + "title": "Image" + }, + "ModalityRouting": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.ModalityRoutingConfiguration", + "markdownDescription": "Lets you set which modalities certain file types are processed as.", + "title": "ModalityRouting" + }, + "Video": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.VideoOverrideConfiguration", + "markdownDescription": "This element declares whether your project will process video files.", + "title": "Video" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataAutomationProject.SplitterConfiguration": { + "additionalProperties": false, + "properties": { + "State": { + "markdownDescription": "Whether document splitter is enabled for a project.", + "title": "State", "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataAutomationProject.StandardOutputConfiguration": { + "additionalProperties": false, + "properties": { + "Audio": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.AudioStandardOutputConfiguration", + "markdownDescription": "Settings for processing audio.", + "title": "Audio" }, - "VectorField": { - "markdownDescription": "The name of the field in which Amazon Bedrock stores the vector embeddings for your data sources.", - "title": "VectorField", + "Document": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.DocumentStandardOutputConfiguration", + "markdownDescription": "Settings for processing documents.", + "title": "Document" + }, + "Image": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.ImageStandardOutputConfiguration", + "markdownDescription": "Settings for processing images.", + "title": "Image" + }, + "Video": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.VideoStandardOutputConfiguration", + "markdownDescription": "Settings for processing video.", + "title": "Video" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataAutomationProject.VideoBoundingBox": { + "additionalProperties": false, + "properties": { + "State": { + "markdownDescription": "Whether bounding boxes are enabled for video.", + "title": "State", "type": "string" } }, "required": [ - "MetadataField", - "PrimaryKeyField", - "TextField", - "VectorField" + "State" ], "type": "object" }, - "AWS::Bedrock::KnowledgeBase.StorageConfiguration": { + "AWS::Bedrock::DataAutomationProject.VideoExtractionCategory": { "additionalProperties": false, "properties": { - "OpensearchServerlessConfiguration": { - "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.OpenSearchServerlessConfiguration", - "markdownDescription": "Contains the storage configuration of the knowledge base in Amazon OpenSearch Service.", - "title": "OpensearchServerlessConfiguration" - }, - "PineconeConfiguration": { - "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.PineconeConfiguration", - "markdownDescription": "Contains the storage configuration of the knowledge base in Pinecone.", - "title": "PineconeConfiguration" + "State": { + "markdownDescription": "Whether generating categorical data from video is enabled.", + "title": "State", + "type": "string" }, - "RdsConfiguration": { - "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.RdsConfiguration", - "markdownDescription": "Contains details about the storage configuration of the knowledge base in Amazon RDS. For more information, see [Create a vector index in Amazon RDS](https://docs.aws.amazon.com/bedrock/latest/userguide/knowledge-base-setup-rds.html) .", - "title": "RdsConfiguration" + "Types": { + "items": { + "type": "string" + }, + "markdownDescription": "The types of data to generate.", + "title": "Types", + "type": "array" + } + }, + "required": [ + "State" + ], + "type": "object" + }, + "AWS::Bedrock::DataAutomationProject.VideoOverrideConfiguration": { + "additionalProperties": false, + "properties": { + "ModalityProcessing": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.ModalityProcessingConfiguration", + "markdownDescription": "Sets modality processing for video files. All modalities are enabled by default.", + "title": "ModalityProcessing" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataAutomationProject.VideoStandardExtraction": { + "additionalProperties": false, + "properties": { + "BoundingBox": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.VideoBoundingBox", + "markdownDescription": "Settings for generating bounding boxes.", + "title": "BoundingBox" }, - "Type": { - "markdownDescription": "The vector store service in which the knowledge base is stored.", - "title": "Type", - "type": "string" + "Category": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.VideoExtractionCategory", + "markdownDescription": "Settings for generating categorical data.", + "title": "Category" } }, "required": [ - "Type" + "BoundingBox", + "Category" ], "type": "object" }, - "AWS::Bedrock::KnowledgeBase.VectorKnowledgeBaseConfiguration": { + "AWS::Bedrock::DataAutomationProject.VideoStandardGenerativeField": { "additionalProperties": false, "properties": { - "EmbeddingModelArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the model used to create vector embeddings for the knowledge base.", - "title": "EmbeddingModelArn", + "State": { + "markdownDescription": "Whether generating descriptions is enabled for video.", + "title": "State", "type": "string" + }, + "Types": { + "items": { + "type": "string" + }, + "markdownDescription": "The types of description to generate.", + "title": "Types", + "type": "array" } }, "required": [ - "EmbeddingModelArn" + "State" ], "type": "object" }, - "AWS::BillingConductor::BillingGroup": { + "AWS::Bedrock::DataAutomationProject.VideoStandardOutputConfiguration": { + "additionalProperties": false, + "properties": { + "Extraction": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.VideoStandardExtraction", + "markdownDescription": "Settings for populating data fields that describe the video.", + "title": "Extraction" + }, + "GenerativeField": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.VideoStandardGenerativeField", + "markdownDescription": "Whether to generate descriptions of the video.", + "title": "GenerativeField" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataSource": { "additionalProperties": false, "properties": { "Condition": { @@ -30237,51 +34994,52 @@ "Properties": { "additionalProperties": false, "properties": { - "AccountGrouping": { - "$ref": "#/definitions/AWS::BillingConductor::BillingGroup.AccountGrouping", - "markdownDescription": "The set of accounts that will be under the billing group. The set of accounts resemble the linked accounts in a consolidated billing family.", - "title": "AccountGrouping" + "DataDeletionPolicy": { + "markdownDescription": "The data deletion policy for the data source.", + "title": "DataDeletionPolicy", + "type": "string" }, - "ComputationPreference": { - "$ref": "#/definitions/AWS::BillingConductor::BillingGroup.ComputationPreference", - "markdownDescription": "The preferences and settings that will be used to compute the AWS charges for a billing group.", - "title": "ComputationPreference" + "DataSourceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.DataSourceConfiguration", + "markdownDescription": "The connection configuration for the data source.", + "title": "DataSourceConfiguration" }, "Description": { - "markdownDescription": "The description of the billing group.", + "markdownDescription": "The description of the data source.", "title": "Description", "type": "string" }, + "KnowledgeBaseId": { + "markdownDescription": "The unique identifier of the knowledge base to which the data source belongs.", + "title": "KnowledgeBaseId", + "type": "string" + }, "Name": { - "markdownDescription": "The billing group's name.", + "markdownDescription": "The name of the data source.", "title": "Name", "type": "string" }, - "PrimaryAccountId": { - "markdownDescription": "The account ID that serves as the main account in a billing group.", - "title": "PrimaryAccountId", - "type": "string" + "ServerSideEncryptionConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.ServerSideEncryptionConfiguration", + "markdownDescription": "Contains details about the configuration of the server-side encryption.", + "title": "ServerSideEncryptionConfiguration" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A map that contains tag keys and tag values that are attached to a billing group.", - "title": "Tags", - "type": "array" + "VectorIngestionConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.VectorIngestionConfiguration", + "markdownDescription": "Contains details about how to ingest the documents in the data source.", + "title": "VectorIngestionConfiguration" } }, "required": [ - "AccountGrouping", - "ComputationPreference", - "Name", - "PrimaryAccountId" + "DataSourceConfiguration", + "KnowledgeBaseId", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::BillingConductor::BillingGroup" + "AWS::Bedrock::DataSource" ], "type": "string" }, @@ -30300,184 +35058,245 @@ ], "type": "object" }, - "AWS::BillingConductor::BillingGroup.AccountGrouping": { + "AWS::Bedrock::DataSource.BedrockDataAutomationConfiguration": { "additionalProperties": false, "properties": { - "AutoAssociate": { - "markdownDescription": "Specifies if this billing group will automatically associate newly added AWS accounts that join your consolidated billing family.", - "title": "AutoAssociate", - "type": "boolean" + "ParsingModality": { + "markdownDescription": "Specifies whether to enable parsing of multimodal data, including both text and/or images.", + "title": "ParsingModality", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataSource.BedrockFoundationModelConfiguration": { + "additionalProperties": false, + "properties": { + "ModelArn": { + "markdownDescription": "The ARN of the foundation model to use for parsing.", + "title": "ModelArn", + "type": "string" }, - "LinkedAccountIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The account IDs that make up the billing group. Account IDs must be a part of the consolidated billing family, and not associated with another billing group.", - "title": "LinkedAccountIds", - "type": "array" + "ParsingModality": { + "markdownDescription": "Specifies whether to enable parsing of multimodal data, including both text and/or images.", + "title": "ParsingModality", + "type": "string" + }, + "ParsingPrompt": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.ParsingPrompt", + "markdownDescription": "Instructions for interpreting the contents of a document.", + "title": "ParsingPrompt" } }, "required": [ - "LinkedAccountIds" + "ModelArn" ], "type": "object" }, - "AWS::BillingConductor::BillingGroup.ComputationPreference": { + "AWS::Bedrock::DataSource.BedrockFoundationModelContextEnrichmentConfiguration": { "additionalProperties": false, "properties": { - "PricingPlanArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the pricing plan used to compute the AWS charges for a billing group.", - "title": "PricingPlanArn", + "EnrichmentStrategyConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.EnrichmentStrategyConfiguration", + "markdownDescription": "The enrichment stategy used to provide additional context. For example, Neptune GraphRAG uses Amazon Bedrock foundation models to perform chunk entity extraction.", + "title": "EnrichmentStrategyConfiguration" + }, + "ModelArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the model used to create vector embeddings for the knowledge base.", + "title": "ModelArn", "type": "string" } }, "required": [ - "PricingPlanArn" + "EnrichmentStrategyConfiguration", + "ModelArn" ], "type": "object" }, - "AWS::BillingConductor::CustomLineItem": { + "AWS::Bedrock::DataSource.ChunkingConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "ChunkingStrategy": { + "markdownDescription": "Knowledge base can split your source data into chunks. A *chunk* refers to an excerpt from a data source that is returned when the knowledge base that it belongs to is queried. You have the following options for chunking your data. If you opt for `NONE` , then you may want to pre-process your files by splitting them up such that each file corresponds to a chunk.\n\n- `FIXED_SIZE` \u2013 Amazon Bedrock splits your source data into chunks of the approximate size that you set in the `fixedSizeChunkingConfiguration` .\n- `HIERARCHICAL` \u2013 Split documents into layers of chunks where the first layer contains large chunks, and the second layer contains smaller chunks derived from the first layer.\n- `SEMANTIC` \u2013 Split documents into chunks based on groups of similar content derived with natural language processing.\n- `NONE` \u2013 Amazon Bedrock treats each file as one chunk. If you choose this option, you may want to pre-process your documents by splitting them into separate files.", + "title": "ChunkingStrategy", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "FixedSizeChunkingConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.FixedSizeChunkingConfiguration", + "markdownDescription": "Configurations for when you choose fixed-size chunking. If you set the `chunkingStrategy` as `NONE` , exclude this field.", + "title": "FixedSizeChunkingConfiguration" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "HierarchicalChunkingConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.HierarchicalChunkingConfiguration", + "markdownDescription": "Settings for hierarchical document chunking for a data source. Hierarchical chunking splits documents into layers of chunks where the first layer contains large chunks, and the second layer contains smaller chunks derived from the first layer.", + "title": "HierarchicalChunkingConfiguration" }, - "Metadata": { - "type": "object" + "SemanticChunkingConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.SemanticChunkingConfiguration", + "markdownDescription": "Settings for semantic document chunking for a data source. Semantic chunking splits a document into into smaller documents based on groups of similar content derived from the text with natural language processing.", + "title": "SemanticChunkingConfiguration" + } + }, + "required": [ + "ChunkingStrategy" + ], + "type": "object" + }, + "AWS::Bedrock::DataSource.ConfluenceCrawlerConfiguration": { + "additionalProperties": false, + "properties": { + "FilterConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.CrawlFilterConfiguration", + "markdownDescription": "The configuration of filtering the Confluence content. For example, configuring regular expression patterns to include or exclude certain content.", + "title": "FilterConfiguration" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataSource.ConfluenceDataSourceConfiguration": { + "additionalProperties": false, + "properties": { + "CrawlerConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.ConfluenceCrawlerConfiguration", + "markdownDescription": "The configuration of the Confluence content. For example, configuring specific types of Confluence content.", + "title": "CrawlerConfiguration" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AccountId": { - "markdownDescription": "The AWS account in which this custom line item will be applied to.", - "title": "AccountId", - "type": "string" - }, - "BillingGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) that references the billing group where the custom line item applies to.", - "title": "BillingGroupArn", - "type": "string" - }, - "BillingPeriodRange": { - "$ref": "#/definitions/AWS::BillingConductor::CustomLineItem.BillingPeriodRange", - "markdownDescription": "A time range for which the custom line item is effective.", - "title": "BillingPeriodRange" - }, - "CustomLineItemChargeDetails": { - "$ref": "#/definitions/AWS::BillingConductor::CustomLineItem.CustomLineItemChargeDetails", - "markdownDescription": "The charge details of a custom line item. It should contain only one of `Flat` or `Percentage` .", - "title": "CustomLineItemChargeDetails" - }, - "Description": { - "markdownDescription": "The custom line item's description. This is shown on the Bills page in association with the charge value.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The custom line item's name.", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A map that contains tag keys and tag values that are attached to a custom line item.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "BillingGroupArn", - "Name" - ], - "type": "object" + "SourceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.ConfluenceSourceConfiguration", + "markdownDescription": "The endpoint information to connect to your Confluence data source.", + "title": "SourceConfiguration" + } + }, + "required": [ + "SourceConfiguration" + ], + "type": "object" + }, + "AWS::Bedrock::DataSource.ConfluenceSourceConfiguration": { + "additionalProperties": false, + "properties": { + "AuthType": { + "markdownDescription": "The supported authentication type to authenticate and connect to your Confluence instance.", + "title": "AuthType", + "type": "string" }, - "Type": { - "enum": [ - "AWS::BillingConductor::CustomLineItem" - ], + "CredentialsSecretArn": { + "markdownDescription": "The Amazon Resource Name of an AWS Secrets Manager secret that stores your authentication credentials for your Confluence instance URL. For more information on the key-value pairs that must be included in your secret, depending on your authentication type, see [Confluence connection configuration](https://docs.aws.amazon.com/bedrock/latest/userguide/confluence-data-source-connector.html#configuration-confluence-connector) .", + "title": "CredentialsSecretArn", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "HostType": { + "markdownDescription": "The supported host type, whether online/cloud or server/on-premises.", + "title": "HostType", + "type": "string" + }, + "HostUrl": { + "markdownDescription": "The Confluence host URL or instance URL.", + "title": "HostUrl", "type": "string" } }, "required": [ - "Type", - "Properties" + "AuthType", + "CredentialsSecretArn", + "HostType", + "HostUrl" ], "type": "object" }, - "AWS::BillingConductor::CustomLineItem.BillingPeriodRange": { + "AWS::Bedrock::DataSource.ContextEnrichmentConfiguration": { "additionalProperties": false, "properties": { - "ExclusiveEndBillingPeriod": { - "markdownDescription": "The exclusive end billing period that defines a billing period range where a custom line is applied.", - "title": "ExclusiveEndBillingPeriod", + "BedrockFoundationModelConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.BedrockFoundationModelContextEnrichmentConfiguration", + "markdownDescription": "The configuration of the Amazon Bedrock foundation model used for context enrichment.", + "title": "BedrockFoundationModelConfiguration" + }, + "Type": { + "markdownDescription": "The method used for context enrichment. It must be Amazon Bedrock foundation models.", + "title": "Type", "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Bedrock::DataSource.CrawlFilterConfiguration": { + "additionalProperties": false, + "properties": { + "PatternObjectFilter": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.PatternObjectFilterConfiguration", + "markdownDescription": "The configuration of filtering certain objects or content types of the data source.", + "title": "PatternObjectFilter" }, - "InclusiveStartBillingPeriod": { - "markdownDescription": "The inclusive start billing period that defines a billing period range where a custom line is applied.", - "title": "InclusiveStartBillingPeriod", + "Type": { + "markdownDescription": "The type of filtering that you want to apply to certain objects or content of the data source. For example, the `PATTERN` type is regular expression patterns you can apply to filter your content.", + "title": "Type", "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::BillingConductor::CustomLineItem.CustomLineItemChargeDetails": { + "AWS::Bedrock::DataSource.CustomTransformationConfiguration": { "additionalProperties": false, "properties": { - "Flat": { - "$ref": "#/definitions/AWS::BillingConductor::CustomLineItem.CustomLineItemFlatChargeDetails", - "markdownDescription": "A `CustomLineItemFlatChargeDetails` that describes the charge details of a flat custom line item.", - "title": "Flat" + "IntermediateStorage": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.IntermediateStorage", + "markdownDescription": "An S3 bucket path for input and output objects.", + "title": "IntermediateStorage" }, - "LineItemFilters": { + "Transformations": { "items": { - "$ref": "#/definitions/AWS::BillingConductor::CustomLineItem.LineItemFilter" + "$ref": "#/definitions/AWS::Bedrock::DataSource.Transformation" }, - "markdownDescription": "A representation of the line item filter.", - "title": "LineItemFilters", + "markdownDescription": "A Lambda function that processes documents.", + "title": "Transformations", "type": "array" + } + }, + "required": [ + "IntermediateStorage", + "Transformations" + ], + "type": "object" + }, + "AWS::Bedrock::DataSource.DataSourceConfiguration": { + "additionalProperties": false, + "properties": { + "ConfluenceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.ConfluenceDataSourceConfiguration", + "markdownDescription": "The configuration information to connect to Confluence as your data source.\n\n> Confluence data source connector is in preview release and is subject to change.", + "title": "ConfluenceConfiguration" }, - "Percentage": { - "$ref": "#/definitions/AWS::BillingConductor::CustomLineItem.CustomLineItemPercentageChargeDetails", - "markdownDescription": "A `CustomLineItemPercentageChargeDetails` that describes the charge details of a percentage custom line item.", - "title": "Percentage" + "S3Configuration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.S3DataSourceConfiguration", + "markdownDescription": "The configuration information to connect to Amazon S3 as your data source.", + "title": "S3Configuration" + }, + "SalesforceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.SalesforceDataSourceConfiguration", + "markdownDescription": "The configuration information to connect to Salesforce as your data source.\n\n> Salesforce data source connector is in preview release and is subject to change.", + "title": "SalesforceConfiguration" + }, + "SharePointConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.SharePointDataSourceConfiguration", + "markdownDescription": "The configuration information to connect to SharePoint as your data source.\n\n> SharePoint data source connector is in preview release and is subject to change.", + "title": "SharePointConfiguration" }, "Type": { - "markdownDescription": "The type of the custom line item that indicates whether the charge is a fee or credit.", + "markdownDescription": "The type of data source.", "title": "Type", "type": "string" + }, + "WebConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.WebDataSourceConfiguration", + "markdownDescription": "The configuration of web URLs to crawl for your data source. You should be authorized to crawl the URLs.\n\n> Crawling web URLs as your data source is in preview release and is subject to change.", + "title": "WebConfiguration" } }, "required": [ @@ -30485,641 +35304,583 @@ ], "type": "object" }, - "AWS::BillingConductor::CustomLineItem.CustomLineItemFlatChargeDetails": { + "AWS::Bedrock::DataSource.EnrichmentStrategyConfiguration": { "additionalProperties": false, "properties": { - "ChargeValue": { - "markdownDescription": "The custom line item's fixed charge value in USD.", - "title": "ChargeValue", + "Method": { + "markdownDescription": "The method used for the context enrichment strategy.", + "title": "Method", + "type": "string" + } + }, + "required": [ + "Method" + ], + "type": "object" + }, + "AWS::Bedrock::DataSource.FixedSizeChunkingConfiguration": { + "additionalProperties": false, + "properties": { + "MaxTokens": { + "markdownDescription": "The maximum number of tokens to include in a chunk.", + "title": "MaxTokens", + "type": "number" + }, + "OverlapPercentage": { + "markdownDescription": "The percentage of overlap between adjacent chunks of a data source.", + "title": "OverlapPercentage", "type": "number" } }, "required": [ - "ChargeValue" + "MaxTokens", + "OverlapPercentage" ], "type": "object" }, - "AWS::BillingConductor::CustomLineItem.CustomLineItemPercentageChargeDetails": { + "AWS::Bedrock::DataSource.HierarchicalChunkingConfiguration": { "additionalProperties": false, "properties": { - "ChildAssociatedResources": { + "LevelConfigurations": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Bedrock::DataSource.HierarchicalChunkingLevelConfiguration" }, - "markdownDescription": "A list of resource ARNs to associate to the percentage custom line item.", - "title": "ChildAssociatedResources", + "markdownDescription": "Token settings for each layer.", + "title": "LevelConfigurations", "type": "array" }, - "PercentageValue": { - "markdownDescription": "The custom line item's percentage value. This will be multiplied against the combined value of its associated resources to determine its charge value.", - "title": "PercentageValue", + "OverlapTokens": { + "markdownDescription": "The number of tokens to repeat across chunks in the same layer.", + "title": "OverlapTokens", "type": "number" } }, "required": [ - "PercentageValue" + "LevelConfigurations", + "OverlapTokens" ], "type": "object" }, - "AWS::BillingConductor::CustomLineItem.LineItemFilter": { + "AWS::Bedrock::DataSource.HierarchicalChunkingLevelConfiguration": { "additionalProperties": false, "properties": { - "Attribute": { - "markdownDescription": "The attribute of the line item filter. This specifies what attribute that you can filter on.", - "title": "Attribute", - "type": "string" + "MaxTokens": { + "markdownDescription": "The maximum number of tokens that a chunk can contain in this layer.", + "title": "MaxTokens", + "type": "number" + } + }, + "required": [ + "MaxTokens" + ], + "type": "object" + }, + "AWS::Bedrock::DataSource.IntermediateStorage": { + "additionalProperties": false, + "properties": { + "S3Location": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.S3Location", + "markdownDescription": "An S3 bucket path.", + "title": "S3Location" + } + }, + "required": [ + "S3Location" + ], + "type": "object" + }, + "AWS::Bedrock::DataSource.ParsingConfiguration": { + "additionalProperties": false, + "properties": { + "BedrockDataAutomationConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.BedrockDataAutomationConfiguration", + "markdownDescription": "If you specify `BEDROCK_DATA_AUTOMATION` as the parsing strategy for ingesting your data source, use this object to modify configurations for using the Amazon Bedrock Data Automation parser.", + "title": "BedrockDataAutomationConfiguration" }, - "MatchOption": { - "markdownDescription": "The match criteria of the line item filter. This parameter specifies whether not to include the resource value from the billing group total cost.", - "title": "MatchOption", - "type": "string" + "BedrockFoundationModelConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.BedrockFoundationModelConfiguration", + "markdownDescription": "If you specify `BEDROCK_FOUNDATION_MODEL` as the parsing strategy for ingesting your data source, use this object to modify configurations for using a foundation model to parse documents.", + "title": "BedrockFoundationModelConfiguration" }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The values of the line item filter. This specifies the values to filter on. Currently, you can only exclude Savings Plan discounts.", - "title": "Values", - "type": "array" + "ParsingStrategy": { + "markdownDescription": "The parsing strategy for the data source.", + "title": "ParsingStrategy", + "type": "string" } }, "required": [ - "Attribute", - "MatchOption", - "Values" + "ParsingStrategy" ], "type": "object" }, - "AWS::BillingConductor::PricingPlan": { + "AWS::Bedrock::DataSource.ParsingPrompt": { "additionalProperties": false, "properties": { - "Condition": { + "ParsingPromptText": { + "markdownDescription": "Instructions for interpreting the contents of a document.", + "title": "ParsingPromptText", "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The pricing plan description.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of a pricing plan.", - "title": "Name", - "type": "string" - }, - "PricingRuleArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The `PricingRuleArns` that are associated with the Pricing Plan.", - "title": "PricingRuleArns", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A map that contains tag keys and tag values that are attached to a pricing plan.", - "title": "Tags", - "type": "array" - } + } + }, + "required": [ + "ParsingPromptText" + ], + "type": "object" + }, + "AWS::Bedrock::DataSource.PatternObjectFilter": { + "additionalProperties": false, + "properties": { + "ExclusionFilters": { + "items": { + "type": "string" }, - "required": [ - "Name" - ], - "type": "object" + "markdownDescription": "A list of one or more exclusion regular expression patterns to exclude certain object types that adhere to the pattern. If you specify an inclusion and exclusion filter/pattern and both match a document, the exclusion filter takes precedence and the document isn\u2019t crawled.", + "title": "ExclusionFilters", + "type": "array" }, - "Type": { - "enum": [ - "AWS::BillingConductor::PricingPlan" - ], - "type": "string" + "InclusionFilters": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of one or more inclusion regular expression patterns to include certain object types that adhere to the pattern. If you specify an inclusion and exclusion filter/pattern and both match a document, the exclusion filter takes precedence and the document isn\u2019t crawled.", + "title": "InclusionFilters", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ObjectType": { + "markdownDescription": "The supported object type or content type of the data source.", + "title": "ObjectType", "type": "string" } }, "required": [ - "Type", - "Properties" + "ObjectType" ], "type": "object" }, - "AWS::BillingConductor::PricingRule": { + "AWS::Bedrock::DataSource.PatternObjectFilterConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "Filters": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.PatternObjectFilter" + }, + "markdownDescription": "The configuration of specific filters applied to your data source content. You can filter out or include certain content.", + "title": "Filters", + "type": "array" + } + }, + "required": [ + "Filters" + ], + "type": "object" + }, + "AWS::Bedrock::DataSource.S3DataSourceConfiguration": { + "additionalProperties": false, + "properties": { + "BucketArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the S3 bucket that contains your data.", + "title": "BucketArn", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "BucketOwnerAccountId": { + "markdownDescription": "The account ID for the owner of the S3 bucket.", + "title": "BucketOwnerAccountId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "BillingEntity": { - "markdownDescription": "The seller of services provided by AWS , their affiliates, or third-party providers selling services via AWS Marketplace .", - "title": "BillingEntity", - "type": "string" - }, - "Description": { - "markdownDescription": "The pricing rule description.", - "title": "Description", - "type": "string" - }, - "ModifierPercentage": { - "markdownDescription": "A percentage modifier applied on the public pricing rates.", - "title": "ModifierPercentage", - "type": "number" - }, - "Name": { - "markdownDescription": "The name of a pricing rule.", - "title": "Name", - "type": "string" - }, - "Operation": { - "markdownDescription": "Operation is the specific AWS action covered by this line item. This describes the specific usage of the line item.\n\nIf the `Scope` attribute is set to `SKU` , this attribute indicates which operation the `PricingRule` is modifying. For example, a value of `RunInstances:0202` indicates the operation of running an Amazon EC2 instance.", - "title": "Operation", - "type": "string" - }, - "Scope": { - "markdownDescription": "The scope of pricing rule that indicates if it's globally applicable or service-specific.", - "title": "Scope", - "type": "string" - }, - "Service": { - "markdownDescription": "If the `Scope` attribute is `SERVICE` , this attribute indicates which service the `PricingRule` is applicable for.", - "title": "Service", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A map that contains tag keys and tag values that are attached to a pricing rule.", - "title": "Tags", - "type": "array" - }, - "Tiering": { - "$ref": "#/definitions/AWS::BillingConductor::PricingRule.Tiering", - "markdownDescription": "The set of tiering configurations for the pricing rule.", - "title": "Tiering" - }, - "Type": { - "markdownDescription": "The type of pricing rule.", - "title": "Type", - "type": "string" - }, - "UsageType": { - "markdownDescription": "Usage Type is the unit that each service uses to measure the usage of a specific type of resource.", - "title": "UsageType", - "type": "string" - } + "InclusionPrefixes": { + "items": { + "type": "string" }, - "required": [ - "Name", - "Scope", - "Type" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::BillingConductor::PricingRule" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "markdownDescription": "A list of S3 prefixes to include certain files or content. This field is an array with a maximum of one item, which can contain a string that has a maximum length of 300 characters. For more information, see [Organizing objects using prefixes](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-prefixes.html) .", + "title": "InclusionPrefixes", + "type": "array" } }, "required": [ - "Type", - "Properties" + "BucketArn" ], "type": "object" }, - "AWS::BillingConductor::PricingRule.FreeTier": { + "AWS::Bedrock::DataSource.S3Location": { "additionalProperties": false, "properties": { - "Activated": { - "markdownDescription": "Activate or deactivate AWS Free Tier.", - "title": "Activated", - "type": "boolean" + "URI": { + "markdownDescription": "An object URI starting with `s3://` .", + "title": "URI", + "type": "string" } }, "required": [ - "Activated" + "URI" ], "type": "object" }, - "AWS::BillingConductor::PricingRule.Tiering": { + "AWS::Bedrock::DataSource.SalesforceCrawlerConfiguration": { "additionalProperties": false, "properties": { - "FreeTier": { - "$ref": "#/definitions/AWS::BillingConductor::PricingRule.FreeTier", - "markdownDescription": "The possible AWS Free Tier configurations.", - "title": "FreeTier" + "FilterConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.CrawlFilterConfiguration", + "markdownDescription": "The configuration of filtering the Salesforce content. For example, configuring regular expression patterns to include or exclude certain content.", + "title": "FilterConfiguration" } }, "type": "object" }, - "AWS::Budgets::Budget": { + "AWS::Bedrock::DataSource.SalesforceDataSourceConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "CrawlerConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.SalesforceCrawlerConfiguration", + "markdownDescription": "The configuration of the Salesforce content. For example, configuring specific types of Salesforce content.", + "title": "CrawlerConfiguration" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SourceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.SalesforceSourceConfiguration", + "markdownDescription": "The endpoint information to connect to your Salesforce data source.", + "title": "SourceConfiguration" + } + }, + "required": [ + "SourceConfiguration" + ], + "type": "object" + }, + "AWS::Bedrock::DataSource.SalesforceSourceConfiguration": { + "additionalProperties": false, + "properties": { + "AuthType": { + "markdownDescription": "The supported authentication type to authenticate and connect to your Salesforce instance.", + "title": "AuthType", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Budget": { - "$ref": "#/definitions/AWS::Budgets::Budget.BudgetData", - "markdownDescription": "The budget object that you want to create.", - "title": "Budget" - }, - "NotificationsWithSubscribers": { - "items": { - "$ref": "#/definitions/AWS::Budgets::Budget.NotificationWithSubscribers" - }, - "markdownDescription": "A notification that you want to associate with a budget. A budget can have up to five notifications, and each notification can have one SNS subscriber and up to 10 email subscribers. If you include notifications and subscribers in your `CreateBudget` call, AWS creates the notifications and subscribers for you.", - "title": "NotificationsWithSubscribers", - "type": "array" - } - }, - "required": [ - "Budget" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Budgets::Budget" - ], + "CredentialsSecretArn": { + "markdownDescription": "The Amazon Resource Name of an AWS Secrets Manager secret that stores your authentication credentials for your Salesforce instance URL. For more information on the key-value pairs that must be included in your secret, depending on your authentication type, see [Salesforce connection configuration](https://docs.aws.amazon.com/bedrock/latest/userguide/salesforce-data-source-connector.html#configuration-salesforce-connector) .", + "title": "CredentialsSecretArn", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "HostUrl": { + "markdownDescription": "The Salesforce host URL or instance URL.", + "title": "HostUrl", "type": "string" } }, "required": [ - "Type", - "Properties" + "AuthType", + "CredentialsSecretArn", + "HostUrl" ], "type": "object" }, - "AWS::Budgets::Budget.AutoAdjustData": { + "AWS::Bedrock::DataSource.SeedUrl": { "additionalProperties": false, "properties": { - "AutoAdjustType": { - "markdownDescription": "The string that defines whether your budget auto-adjusts based on historical or forecasted data.", - "title": "AutoAdjustType", + "Url": { + "markdownDescription": "A seed or starting point URL.", + "title": "Url", "type": "string" - }, - "HistoricalOptions": { - "$ref": "#/definitions/AWS::Budgets::Budget.HistoricalOptions", - "markdownDescription": "The parameters that define or describe the historical data that your auto-adjusting budget is based on.", - "title": "HistoricalOptions" } }, "required": [ - "AutoAdjustType" + "Url" ], "type": "object" }, - "AWS::Budgets::Budget.BudgetData": { + "AWS::Bedrock::DataSource.SemanticChunkingConfiguration": { "additionalProperties": false, "properties": { - "AutoAdjustData": { - "$ref": "#/definitions/AWS::Budgets::Budget.AutoAdjustData", - "markdownDescription": "Determine the budget amount for an auto-adjusting budget.", - "title": "AutoAdjustData" + "BreakpointPercentileThreshold": { + "markdownDescription": "The dissimilarity threshold for splitting chunks.", + "title": "BreakpointPercentileThreshold", + "type": "number" }, - "BudgetLimit": { - "$ref": "#/definitions/AWS::Budgets::Budget.Spend", - "markdownDescription": "The total amount of cost, usage, RI utilization, RI coverage, Savings Plans utilization, or Savings Plans coverage that you want to track with your budget.\n\n`BudgetLimit` is required for cost or usage budgets, but optional for RI or Savings Plans utilization or coverage budgets. RI and Savings Plans utilization or coverage budgets default to `100` . This is the only valid value for RI or Savings Plans utilization or coverage budgets. You can't use `BudgetLimit` with `PlannedBudgetLimits` for `CreateBudget` and `UpdateBudget` actions.", - "title": "BudgetLimit" + "BufferSize": { + "markdownDescription": "The buffer size.", + "title": "BufferSize", + "type": "number" }, - "BudgetName": { - "markdownDescription": "The name of a budget. The value must be unique within an account. `BudgetName` can't include `:` and `\\` characters. If you don't include value for `BudgetName` in the template, Billing and Cost Management assigns your budget a randomly generated name.", - "title": "BudgetName", + "MaxTokens": { + "markdownDescription": "The maximum number of tokens that a chunk can contain.", + "title": "MaxTokens", + "type": "number" + } + }, + "required": [ + "BreakpointPercentileThreshold", + "BufferSize", + "MaxTokens" + ], + "type": "object" + }, + "AWS::Bedrock::DataSource.ServerSideEncryptionConfiguration": { + "additionalProperties": false, + "properties": { + "KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key used to encrypt the resource.", + "title": "KmsKeyArn", "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataSource.SharePointCrawlerConfiguration": { + "additionalProperties": false, + "properties": { + "FilterConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.CrawlFilterConfiguration", + "markdownDescription": "The configuration of filtering the SharePoint content. For example, configuring regular expression patterns to include or exclude certain content.", + "title": "FilterConfiguration" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataSource.SharePointDataSourceConfiguration": { + "additionalProperties": false, + "properties": { + "CrawlerConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.SharePointCrawlerConfiguration", + "markdownDescription": "The configuration of the SharePoint content. For example, configuring specific types of SharePoint content.", + "title": "CrawlerConfiguration" }, - "BudgetType": { - "markdownDescription": "Specifies whether this budget tracks costs, usage, RI utilization, RI coverage, Savings Plans utilization, or Savings Plans coverage.", - "title": "BudgetType", + "SourceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.SharePointSourceConfiguration", + "markdownDescription": "The endpoint information to connect to your SharePoint data source.", + "title": "SourceConfiguration" + } + }, + "required": [ + "SourceConfiguration" + ], + "type": "object" + }, + "AWS::Bedrock::DataSource.SharePointSourceConfiguration": { + "additionalProperties": false, + "properties": { + "AuthType": { + "markdownDescription": "The supported authentication type to authenticate and connect to your SharePoint site/sites.", + "title": "AuthType", "type": "string" }, - "CostFilters": { - "markdownDescription": "The cost filters, such as `Region` , `Service` , `LinkedAccount` , `Tag` , or `CostCategory` , that are applied to a budget.\n\nAWS Budgets supports the following services as a `Service` filter for RI budgets:\n\n- Amazon EC2\n- Amazon Redshift\n- Amazon Relational Database Service\n- Amazon ElastiCache\n- Amazon OpenSearch Service", - "title": "CostFilters", - "type": "object" + "CredentialsSecretArn": { + "markdownDescription": "The Amazon Resource Name of an AWS Secrets Manager secret that stores your authentication credentials for your SharePoint site/sites. For more information on the key-value pairs that must be included in your secret, depending on your authentication type, see [SharePoint connection configuration](https://docs.aws.amazon.com/bedrock/latest/userguide/sharepoint-data-source-connector.html#configuration-sharepoint-connector) .", + "title": "CredentialsSecretArn", + "type": "string" }, - "CostTypes": { - "$ref": "#/definitions/AWS::Budgets::Budget.CostTypes", - "markdownDescription": "The types of costs that are included in this `COST` budget.\n\n`USAGE` , `RI_UTILIZATION` , `RI_COVERAGE` , `SAVINGS_PLANS_UTILIZATION` , and `SAVINGS_PLANS_COVERAGE` budgets do not have `CostTypes` .", - "title": "CostTypes" + "Domain": { + "markdownDescription": "The domain of your SharePoint instance or site URL/URLs.", + "title": "Domain", + "type": "string" }, - "PlannedBudgetLimits": { - "markdownDescription": "A map containing multiple `BudgetLimit` , including current or future limits.\n\n`PlannedBudgetLimits` is available for cost or usage budget and supports both monthly and quarterly `TimeUnit` .\n\nFor monthly budgets, provide 12 months of `PlannedBudgetLimits` values. This must start from the current month and include the next 11 months. The `key` is the start of the month, `UTC` in epoch seconds.\n\nFor quarterly budgets, provide four quarters of `PlannedBudgetLimits` value entries in standard calendar quarter increments. This must start from the current quarter and include the next three quarters. The `key` is the start of the quarter, `UTC` in epoch seconds.\n\nIf the planned budget expires before 12 months for monthly or four quarters for quarterly, provide the `PlannedBudgetLimits` values only for the remaining periods.\n\nIf the budget begins at a date in the future, provide `PlannedBudgetLimits` values from the start date of the budget.\n\nAfter all of the `BudgetLimit` values in `PlannedBudgetLimits` are used, the budget continues to use the last limit as the `BudgetLimit` . At that point, the planned budget provides the same experience as a fixed budget.\n\n`DescribeBudget` and `DescribeBudgets` response along with `PlannedBudgetLimits` also contain `BudgetLimit` representing the current month or quarter limit present in `PlannedBudgetLimits` . This only applies to budgets that are created with `PlannedBudgetLimits` . Budgets that are created without `PlannedBudgetLimits` only contain `BudgetLimit` . They don't contain `PlannedBudgetLimits` .", - "title": "PlannedBudgetLimits", - "type": "object" + "HostType": { + "markdownDescription": "The supported host type, whether online/cloud or server/on-premises.", + "title": "HostType", + "type": "string" }, - "TimePeriod": { - "$ref": "#/definitions/AWS::Budgets::Budget.TimePeriod", - "markdownDescription": "The period of time that is covered by a budget. The period has a start date and an end date. The start date must come before the end date. There are no restrictions on the end date.\n\nThe start date for a budget. If you created your budget and didn't specify a start date, the start date defaults to the start of the chosen time period (MONTHLY, QUARTERLY, or ANNUALLY). For example, if you create your budget on January 24, 2019, choose `MONTHLY` , and don't set a start date, the start date defaults to `01/01/19 00:00 UTC` . The defaults are the same for the Billing and Cost Management console and the API.\n\nYou can change your start date with the `UpdateBudget` operation.\n\nAfter the end date, AWS deletes the budget and all associated notifications and subscribers.", - "title": "TimePeriod" + "SiteUrls": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of one or more SharePoint site URLs.", + "title": "SiteUrls", + "type": "array" }, - "TimeUnit": { - "markdownDescription": "The length of time until a budget resets the actual and forecasted spend. `DAILY` is available only for `RI_UTILIZATION` and `RI_COVERAGE` budgets.", - "title": "TimeUnit", + "TenantId": { + "markdownDescription": "The identifier of your Microsoft 365 tenant.", + "title": "TenantId", "type": "string" } }, "required": [ - "BudgetType", - "TimeUnit" + "AuthType", + "CredentialsSecretArn", + "Domain", + "HostType", + "SiteUrls" ], "type": "object" }, - "AWS::Budgets::Budget.CostTypes": { + "AWS::Bedrock::DataSource.Transformation": { "additionalProperties": false, "properties": { - "IncludeCredit": { - "markdownDescription": "Specifies whether a budget includes credits.\n\nThe default value is `true` .", - "title": "IncludeCredit", - "type": "boolean" - }, - "IncludeDiscount": { - "markdownDescription": "Specifies whether a budget includes discounts.\n\nThe default value is `true` .", - "title": "IncludeDiscount", - "type": "boolean" - }, - "IncludeOtherSubscription": { - "markdownDescription": "Specifies whether a budget includes non-RI subscription costs.\n\nThe default value is `true` .", - "title": "IncludeOtherSubscription", - "type": "boolean" - }, - "IncludeRecurring": { - "markdownDescription": "Specifies whether a budget includes recurring fees such as monthly RI fees.\n\nThe default value is `true` .", - "title": "IncludeRecurring", - "type": "boolean" - }, - "IncludeRefund": { - "markdownDescription": "Specifies whether a budget includes refunds.\n\nThe default value is `true` .", - "title": "IncludeRefund", - "type": "boolean" - }, - "IncludeSubscription": { - "markdownDescription": "Specifies whether a budget includes subscriptions.\n\nThe default value is `true` .", - "title": "IncludeSubscription", - "type": "boolean" - }, - "IncludeSupport": { - "markdownDescription": "Specifies whether a budget includes support subscription fees.\n\nThe default value is `true` .", - "title": "IncludeSupport", - "type": "boolean" - }, - "IncludeTax": { - "markdownDescription": "Specifies whether a budget includes taxes.\n\nThe default value is `true` .", - "title": "IncludeTax", - "type": "boolean" - }, - "IncludeUpfront": { - "markdownDescription": "Specifies whether a budget includes upfront RI costs.\n\nThe default value is `true` .", - "title": "IncludeUpfront", - "type": "boolean" - }, - "UseAmortized": { - "markdownDescription": "Specifies whether a budget uses the amortized rate.\n\nThe default value is `false` .", - "title": "UseAmortized", - "type": "boolean" + "StepToApply": { + "markdownDescription": "When the service applies the transformation.", + "title": "StepToApply", + "type": "string" }, - "UseBlended": { - "markdownDescription": "Specifies whether a budget uses a blended rate.\n\nThe default value is `false` .", - "title": "UseBlended", - "type": "boolean" + "TransformationFunction": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.TransformationFunction", + "markdownDescription": "A Lambda function that processes documents.", + "title": "TransformationFunction" } }, + "required": [ + "StepToApply", + "TransformationFunction" + ], "type": "object" }, - "AWS::Budgets::Budget.HistoricalOptions": { + "AWS::Bedrock::DataSource.TransformationFunction": { "additionalProperties": false, "properties": { - "BudgetAdjustmentPeriod": { - "markdownDescription": "The number of budget periods included in the moving-average calculation that determines your auto-adjusted budget amount. The maximum value depends on the `TimeUnit` granularity of the budget:\n\n- For the `DAILY` granularity, the maximum value is `60` .\n- For the `MONTHLY` granularity, the maximum value is `12` .\n- For the `QUARTERLY` granularity, the maximum value is `4` .\n- For the `ANNUALLY` granularity, the maximum value is `1` .", - "title": "BudgetAdjustmentPeriod", - "type": "number" + "TransformationLambdaConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.TransformationLambdaConfiguration", + "markdownDescription": "The Lambda function.", + "title": "TransformationLambdaConfiguration" } }, "required": [ - "BudgetAdjustmentPeriod" + "TransformationLambdaConfiguration" ], "type": "object" }, - "AWS::Budgets::Budget.Notification": { + "AWS::Bedrock::DataSource.TransformationLambdaConfiguration": { "additionalProperties": false, "properties": { - "ComparisonOperator": { - "markdownDescription": "The comparison that's used for this notification.", - "title": "ComparisonOperator", - "type": "string" - }, - "NotificationType": { - "markdownDescription": "Specifies whether the notification is for how much you have spent ( `ACTUAL` ) or for how much that you're forecasted to spend ( `FORECASTED` ).", - "title": "NotificationType", - "type": "string" - }, - "Threshold": { - "markdownDescription": "The threshold that's associated with a notification. Thresholds are always a percentage, and many customers find value being alerted between 50% - 200% of the budgeted amount. The maximum limit for your threshold is 1,000,000% above the budgeted amount.", - "title": "Threshold", - "type": "number" - }, - "ThresholdType": { - "markdownDescription": "The type of threshold for a notification. For `ABSOLUTE_VALUE` thresholds, AWS notifies you when you go over or are forecasted to go over your total cost threshold. For `PERCENTAGE` thresholds, AWS notifies you when you go over or are forecasted to go over a certain percentage of your forecasted spend. For example, if you have a budget for 200 dollars and you have a `PERCENTAGE` threshold of 80%, AWS notifies you when you go over 160 dollars.", - "title": "ThresholdType", + "LambdaArn": { + "markdownDescription": "The function's ARN identifier.", + "title": "LambdaArn", "type": "string" } }, "required": [ - "ComparisonOperator", - "NotificationType", - "Threshold" + "LambdaArn" ], "type": "object" }, - "AWS::Budgets::Budget.NotificationWithSubscribers": { + "AWS::Bedrock::DataSource.UrlConfiguration": { "additionalProperties": false, "properties": { - "Notification": { - "$ref": "#/definitions/AWS::Budgets::Budget.Notification", - "markdownDescription": "The notification that's associated with a budget.", - "title": "Notification" - }, - "Subscribers": { + "SeedUrls": { "items": { - "$ref": "#/definitions/AWS::Budgets::Budget.Subscriber" + "$ref": "#/definitions/AWS::Bedrock::DataSource.SeedUrl" }, - "markdownDescription": "A list of subscribers who are subscribed to this notification.", - "title": "Subscribers", + "markdownDescription": "One or more seed or starting point URLs.", + "title": "SeedUrls", "type": "array" } }, "required": [ - "Notification", - "Subscribers" + "SeedUrls" ], "type": "object" }, - "AWS::Budgets::Budget.Spend": { + "AWS::Bedrock::DataSource.VectorIngestionConfiguration": { "additionalProperties": false, "properties": { - "Amount": { - "markdownDescription": "The cost or usage amount that's associated with a budget forecast, actual spend, or budget threshold.", - "title": "Amount", - "type": "number" + "ChunkingConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.ChunkingConfiguration", + "markdownDescription": "Details about how to chunk the documents in the data source. A *chunk* refers to an excerpt from a data source that is returned when the knowledge base that it belongs to is queried.", + "title": "ChunkingConfiguration" }, - "Unit": { - "markdownDescription": "The unit of measurement that's used for the budget forecast, actual spend, or budget threshold.", - "title": "Unit", - "type": "string" + "ContextEnrichmentConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.ContextEnrichmentConfiguration", + "markdownDescription": "The context enrichment configuration used for ingestion of the data into the vector store.", + "title": "ContextEnrichmentConfiguration" + }, + "CustomTransformationConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.CustomTransformationConfiguration", + "markdownDescription": "A custom document transformer for parsed data source documents.", + "title": "CustomTransformationConfiguration" + }, + "ParsingConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.ParsingConfiguration", + "markdownDescription": "Configurations for a parser to use for parsing documents in your data source. If you exclude this field, the default parser will be used.", + "title": "ParsingConfiguration" } }, - "required": [ - "Amount", - "Unit" - ], "type": "object" }, - "AWS::Budgets::Budget.Subscriber": { + "AWS::Bedrock::DataSource.WebCrawlerConfiguration": { "additionalProperties": false, "properties": { - "Address": { - "markdownDescription": "The address that AWS sends budget notifications to, either an SNS topic or an email.\n\nWhen you create a subscriber, the value of `Address` can't contain line breaks.", - "title": "Address", + "CrawlerLimits": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.WebCrawlerLimits", + "markdownDescription": "The configuration of crawl limits for the web URLs.", + "title": "CrawlerLimits" + }, + "ExclusionFilters": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of one or more exclusion regular expression patterns to exclude certain URLs. If you specify an inclusion and exclusion filter/pattern and both match a URL, the exclusion filter takes precedence and the web content of the URL isn\u2019t crawled.", + "title": "ExclusionFilters", + "type": "array" + }, + "InclusionFilters": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of one or more inclusion regular expression patterns to include certain URLs. If you specify an inclusion and exclusion filter/pattern and both match a URL, the exclusion filter takes precedence and the web content of the URL isn\u2019t crawled.", + "title": "InclusionFilters", + "type": "array" + }, + "Scope": { + "markdownDescription": "The scope of what is crawled for your URLs.\n\nYou can choose to crawl only web pages that belong to the same host or primary domain. For example, only web pages that contain the seed URL \"https://docs.aws.amazon.com/bedrock/latest/userguide/\" and no other domains. You can choose to include sub domains in addition to the host or primary domain. For example, web pages that contain \"aws.amazon.com\" can also include sub domain \"docs.aws.amazon.com\".", + "title": "Scope", "type": "string" }, - "SubscriptionType": { - "markdownDescription": "The type of notification that AWS sends to a subscriber.", - "title": "SubscriptionType", + "UserAgent": { + "markdownDescription": "Returns the user agent suffix for your web crawler.", + "title": "UserAgent", + "type": "string" + }, + "UserAgentHeader": { + "markdownDescription": "A string used for identifying the crawler or bot when it accesses a web server. The user agent header value consists of the `bedrockbot` , UUID, and a user agent suffix for your crawler (if one is provided). By default, it is set to `bedrockbot_UUID` . You can optionally append a custom suffix to `bedrockbot_UUID` to allowlist a specific user agent permitted to access your source URLs.", + "title": "UserAgentHeader", "type": "string" } }, + "type": "object" + }, + "AWS::Bedrock::DataSource.WebCrawlerLimits": { + "additionalProperties": false, + "properties": { + "MaxPages": { + "markdownDescription": "The max number of web pages crawled from your source URLs, up to 25,000 pages. If the web pages exceed this limit, the data source sync will fail and no web pages will be ingested.", + "title": "MaxPages", + "type": "number" + }, + "RateLimit": { + "markdownDescription": "The max rate at which pages are crawled, up to 300 per minute per host.", + "title": "RateLimit", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataSource.WebDataSourceConfiguration": { + "additionalProperties": false, + "properties": { + "CrawlerConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.WebCrawlerConfiguration", + "markdownDescription": "The Web Crawler configuration details for the web data source.", + "title": "CrawlerConfiguration" + }, + "SourceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.WebSourceConfiguration", + "markdownDescription": "The source configuration details for the web data source.", + "title": "SourceConfiguration" + } + }, "required": [ - "Address", - "SubscriptionType" + "SourceConfiguration" ], "type": "object" }, - "AWS::Budgets::Budget.TimePeriod": { + "AWS::Bedrock::DataSource.WebSourceConfiguration": { "additionalProperties": false, "properties": { - "End": { - "markdownDescription": "The end date for a budget. If you didn't specify an end date, AWS set your end date to `06/15/87 00:00 UTC` . The defaults are the same for the Billing and Cost Management console and the API.\n\nAfter the end date, AWS deletes the budget and all the associated notifications and subscribers. You can change your end date with the `UpdateBudget` operation.", - "title": "End", - "type": "string" - }, - "Start": { - "markdownDescription": "The start date for a budget. If you created your budget and didn't specify a start date, the start date defaults to the start of the chosen time period (MONTHLY, QUARTERLY, or ANNUALLY). For example, if you create your budget on January 24, 2019, choose `MONTHLY` , and don't set a start date, the start date defaults to `01/01/19 00:00 UTC` . The defaults are the same for the Billing and Cost Management console and the API.\n\nYou can change your start date with the `UpdateBudget` operation.\n\nValid values depend on the value of `BudgetType` :\n\n- If `BudgetType` is `COST` or `USAGE` : Valid values are `MONTHLY` , `QUARTERLY` , and `ANNUALLY` .\n- If `BudgetType` is `RI_UTILIZATION` or `RI_COVERAGE` : Valid values are `DAILY` , `MONTHLY` , `QUARTERLY` , and `ANNUALLY` .", - "title": "Start", - "type": "string" + "UrlConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.UrlConfiguration", + "markdownDescription": "The configuration of the URL/URLs.", + "title": "UrlConfiguration" } }, + "required": [ + "UrlConfiguration" + ], "type": "object" }, - "AWS::Budgets::BudgetsAction": { + "AWS::Bedrock::Flow": { "additionalProperties": false, "properties": { "Condition": { @@ -31154,64 +35915,84 @@ "Properties": { "additionalProperties": false, "properties": { - "ActionThreshold": { - "$ref": "#/definitions/AWS::Budgets::BudgetsAction.ActionThreshold", - "markdownDescription": "The trigger threshold of the action.", - "title": "ActionThreshold" - }, - "ActionType": { - "markdownDescription": "The type of action. This defines the type of tasks that can be carried out by this action. This field also determines the format for definition.", - "title": "ActionType", + "CustomerEncryptionKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key that the flow is encrypted with.", + "title": "CustomerEncryptionKeyArn", "type": "string" }, - "ApprovalModel": { - "markdownDescription": "This specifies if the action needs manual or automatic approval.", - "title": "ApprovalModel", - "type": "string" + "Definition": { + "$ref": "#/definitions/AWS::Bedrock::Flow.FlowDefinition", + "markdownDescription": "The definition of the nodes and connections between the nodes in the flow.", + "title": "Definition" }, - "BudgetName": { - "markdownDescription": "A string that represents the budget name. \":\" and \"\\\" characters aren't allowed.", - "title": "BudgetName", + "DefinitionS3Location": { + "$ref": "#/definitions/AWS::Bedrock::Flow.S3Location", + "markdownDescription": "The Amazon S3 location of the flow definition.", + "title": "DefinitionS3Location" + }, + "DefinitionString": { + "markdownDescription": "The definition of the flow as a JSON-formatted string. The string must match the format in [FlowDefinition](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-bedrock-flow-flowdefinition.html) .", + "title": "DefinitionString", "type": "string" }, - "Definition": { - "$ref": "#/definitions/AWS::Budgets::BudgetsAction.Definition", - "markdownDescription": "Specifies all of the type-specific parameters.", - "title": "Definition" + "DefinitionSubstitutions": { + "additionalProperties": true, + "markdownDescription": "A map that specifies the mappings for placeholder variables in the prompt flow definition. This enables the customer to inject values obtained at runtime. Variables can be template parameter names, resource logical IDs, resource attributes, or a variable in a key-value map. Only supported with the `DefinitionString` and `DefinitionS3Location` fields.\n\nSubstitutions must follow the syntax: `${key_name}` or `${variable_1,variable_2,...}` .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "object" + } + }, + "title": "DefinitionSubstitutions", + "type": "object" + }, + "Description": { + "markdownDescription": "A description of the flow.", + "title": "Description", + "type": "string" }, "ExecutionRoleArn": { - "markdownDescription": "The role passed for action execution and reversion. Roles and actions must be in the same account.", + "markdownDescription": "The Amazon Resource Name (ARN) of the service role with permissions to create a flow. For more information, see [Create a service row for flows](https://docs.aws.amazon.com/bedrock/latest/userguide/flows-permissions.html) in the Amazon Bedrock User Guide.", "title": "ExecutionRoleArn", "type": "string" }, - "NotificationType": { - "markdownDescription": "The type of a notification.", - "title": "NotificationType", + "Name": { + "markdownDescription": "The name of the flow.", + "title": "Name", "type": "string" }, - "Subscribers": { - "items": { - "$ref": "#/definitions/AWS::Budgets::BudgetsAction.Subscriber" + "Tags": { + "additionalProperties": true, + "markdownDescription": "Metadata that you can assign to a resource as key-value pairs. For more information, see the following resources:\n\n- [Tag naming limits and requirements](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-conventions)\n- [Tagging best practices](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-best-practices)", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "A list of subscribers.", - "title": "Subscribers", - "type": "array" + "title": "Tags", + "type": "object" + }, + "TestAliasTags": { + "additionalProperties": true, + "markdownDescription": "", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "TestAliasTags", + "type": "object" } }, "required": [ - "ActionThreshold", - "ActionType", - "BudgetName", - "Definition", "ExecutionRoleArn", - "NotificationType", - "Subscribers" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Budgets::BudgetsAction" + "AWS::Bedrock::Flow" ], "type": "string" }, @@ -31230,1167 +36011,951 @@ ], "type": "object" }, - "AWS::Budgets::BudgetsAction.ActionThreshold": { + "AWS::Bedrock::Flow.AgentFlowNodeConfiguration": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The type of threshold for a notification.", - "title": "Type", + "AgentAliasArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the alias of the agent to invoke.", + "title": "AgentAliasArn", "type": "string" - }, - "Value": { - "markdownDescription": "The threshold of a notification.", - "title": "Value", - "type": "number" } }, "required": [ - "Type", - "Value" + "AgentAliasArn" ], "type": "object" }, - "AWS::Budgets::BudgetsAction.Definition": { + "AWS::Bedrock::Flow.ConditionFlowNodeConfiguration": { "additionalProperties": false, "properties": { - "IamActionDefinition": { - "$ref": "#/definitions/AWS::Budgets::BudgetsAction.IamActionDefinition", - "markdownDescription": "The AWS Identity and Access Management ( IAM ) action definition details.", - "title": "IamActionDefinition" - }, - "ScpActionDefinition": { - "$ref": "#/definitions/AWS::Budgets::BudgetsAction.ScpActionDefinition", - "markdownDescription": "The service control policies (SCP) action definition details.", - "title": "ScpActionDefinition" + "Conditions": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Flow.FlowCondition" + }, + "markdownDescription": "An array of conditions. Each member contains the name of a condition and an expression that defines the condition.", + "title": "Conditions", + "type": "array" + } + }, + "required": [ + "Conditions" + ], + "type": "object" + }, + "AWS::Bedrock::Flow.FieldForReranking": { + "additionalProperties": false, + "properties": { + "FieldName": { + "markdownDescription": "The name of the metadata field to be used during the reranking process.", + "title": "FieldName", + "type": "string" + } + }, + "required": [ + "FieldName" + ], + "type": "object" + }, + "AWS::Bedrock::Flow.FlowCondition": { + "additionalProperties": false, + "properties": { + "Expression": { + "markdownDescription": "Defines the condition. You must refer to at least one of the inputs in the condition. For more information, expand the Condition node section in [Node types in prompt flows](https://docs.aws.amazon.com/bedrock/latest/userguide/flows-how-it-works.html#flows-nodes) .", + "title": "Expression", + "type": "string" }, - "SsmActionDefinition": { - "$ref": "#/definitions/AWS::Budgets::BudgetsAction.SsmActionDefinition", - "markdownDescription": "The Amazon EC2 Systems Manager ( SSM ) action definition details.", - "title": "SsmActionDefinition" + "Name": { + "markdownDescription": "A name for the condition that you can reference.", + "title": "Name", + "type": "string" } }, + "required": [ + "Name" + ], "type": "object" }, - "AWS::Budgets::BudgetsAction.IamActionDefinition": { + "AWS::Bedrock::Flow.FlowConditionalConnectionConfiguration": { "additionalProperties": false, "properties": { - "Groups": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of groups to be attached. There must be at least one group.", - "title": "Groups", - "type": "array" + "Condition": { + "markdownDescription": "The condition that triggers this connection. For more information about how to write conditions, see the *Condition* node type in the [Node types](https://docs.aws.amazon.com/bedrock/latest/userguide/node-types.html) topic in the Amazon Bedrock User Guide.", + "title": "Condition", + "type": "string" + } + }, + "required": [ + "Condition" + ], + "type": "object" + }, + "AWS::Bedrock::Flow.FlowConnection": { + "additionalProperties": false, + "properties": { + "Configuration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.FlowConnectionConfiguration", + "markdownDescription": "The configuration of the connection.", + "title": "Configuration" }, - "PolicyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the policy to be attached.", - "title": "PolicyArn", + "Name": { + "markdownDescription": "A name for the connection that you can reference.", + "title": "Name", "type": "string" }, - "Roles": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of roles to be attached. There must be at least one role.", - "title": "Roles", - "type": "array" + "Source": { + "markdownDescription": "The node that the connection starts at.", + "title": "Source", + "type": "string" }, - "Users": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of users to be attached. There must be at least one user.", - "title": "Users", - "type": "array" + "Target": { + "markdownDescription": "The node that the connection ends at.", + "title": "Target", + "type": "string" + }, + "Type": { + "markdownDescription": "Whether the source node that the connection begins from is a condition node ( `Conditional` ) or not ( `Data` ).", + "title": "Type", + "type": "string" } }, "required": [ - "PolicyArn" + "Name", + "Source", + "Target", + "Type" ], "type": "object" }, - "AWS::Budgets::BudgetsAction.ScpActionDefinition": { + "AWS::Bedrock::Flow.FlowConnectionConfiguration": { "additionalProperties": false, "properties": { - "PolicyId": { - "markdownDescription": "The policy ID attached.", - "title": "PolicyId", + "Conditional": { + "$ref": "#/definitions/AWS::Bedrock::Flow.FlowConditionalConnectionConfiguration", + "markdownDescription": "The configuration of a connection originating from a Condition node.", + "title": "Conditional" + }, + "Data": { + "$ref": "#/definitions/AWS::Bedrock::Flow.FlowDataConnectionConfiguration", + "markdownDescription": "The configuration of a connection originating from a node that isn't a Condition node.", + "title": "Data" + } + }, + "type": "object" + }, + "AWS::Bedrock::Flow.FlowDataConnectionConfiguration": { + "additionalProperties": false, + "properties": { + "SourceOutput": { + "markdownDescription": "The name of the output in the source node that the connection begins from.", + "title": "SourceOutput", "type": "string" }, - "TargetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of target IDs.", - "title": "TargetIds", - "type": "array" + "TargetInput": { + "markdownDescription": "The name of the input in the target node that the connection ends at.", + "title": "TargetInput", + "type": "string" } }, "required": [ - "PolicyId", - "TargetIds" + "SourceOutput", + "TargetInput" ], "type": "object" }, - "AWS::Budgets::BudgetsAction.SsmActionDefinition": { + "AWS::Bedrock::Flow.FlowDefinition": { "additionalProperties": false, "properties": { - "InstanceIds": { + "Connections": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Bedrock::Flow.FlowConnection" }, - "markdownDescription": "The EC2 and RDS instance IDs.", - "title": "InstanceIds", + "markdownDescription": "An array of connection definitions in the flow.", + "title": "Connections", "type": "array" }, - "Region": { - "markdownDescription": "The Region to run the ( SSM ) document.", - "title": "Region", - "type": "string" - }, - "Subtype": { - "markdownDescription": "The action subType.", - "title": "Subtype", - "type": "string" + "Nodes": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Flow.FlowNode" + }, + "markdownDescription": "An array of node definitions in the flow.", + "title": "Nodes", + "type": "array" } }, - "required": [ - "InstanceIds", - "Region", - "Subtype" - ], "type": "object" }, - "AWS::Budgets::BudgetsAction.Subscriber": { + "AWS::Bedrock::Flow.FlowNode": { "additionalProperties": false, "properties": { - "Address": { - "markdownDescription": "The address that AWS sends budget notifications to, either an SNS topic or an email.\n\nWhen you create a subscriber, the value of `Address` can't contain line breaks.", - "title": "Address", + "Configuration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.FlowNodeConfiguration", + "markdownDescription": "Contains configurations for the node.", + "title": "Configuration" + }, + "Inputs": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Flow.FlowNodeInput" + }, + "markdownDescription": "An array of objects, each of which contains information about an input into the node.", + "title": "Inputs", + "type": "array" + }, + "Name": { + "markdownDescription": "A name for the node.", + "title": "Name", "type": "string" }, + "Outputs": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Flow.FlowNodeOutput" + }, + "markdownDescription": "A list of objects, each of which contains information about an output from the node.", + "title": "Outputs", + "type": "array" + }, "Type": { - "markdownDescription": "The type of notification that AWS sends to a subscriber.", + "markdownDescription": "The type of node. This value must match the name of the key that you provide in the configuration you provide in the `FlowNodeConfiguration` field.", "title": "Type", "type": "string" } }, "required": [ - "Address", + "Name", "Type" ], "type": "object" }, - "AWS::CE::AnomalyMonitor": { + "AWS::Bedrock::Flow.FlowNodeConfiguration": { "additionalProperties": false, "properties": { + "Agent": { + "$ref": "#/definitions/AWS::Bedrock::Flow.AgentFlowNodeConfiguration", + "markdownDescription": "Contains configurations for an agent node in your flow. Invokes an alias of an agent and returns the response.", + "title": "Agent" + }, + "Collector": { + "markdownDescription": "Contains configurations for a collector node in your flow. Collects an iteration of inputs and consolidates them into an array of outputs.", + "title": "Collector", + "type": "object" + }, "Condition": { - "type": "string" + "$ref": "#/definitions/AWS::Bedrock::Flow.ConditionFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a condition node in your flow. Defines conditions that lead to different branches of the flow.", + "title": "Condition" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "InlineCode": { + "$ref": "#/definitions/AWS::Bedrock::Flow.InlineCodeFlowNodeConfiguration", + "markdownDescription": "Contains configurations for an inline code node in your flow. Inline code nodes let you write and execute code directly within your flow, enabling data transformations, custom logic, and integrations without needing an external Lambda function.", + "title": "InlineCode" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Input": { + "markdownDescription": "Contains configurations for an input flow node in your flow. The first node in the flow. `inputs` can't be specified for this node.", + "title": "Input", + "type": "object" }, - "Metadata": { + "Iterator": { + "markdownDescription": "Contains configurations for an iterator node in your flow. Takes an input that is an array and iteratively sends each item of the array as an output to the following node. The size of the array is also returned in the output.\n\nThe output flow node at the end of the flow iteration will return a response for each member of the array. To return only one response, you can include a collector node downstream from the iterator node.", + "title": "Iterator", "type": "object" }, - "Properties": { - "additionalProperties": false, - "properties": { - "MonitorDimension": { - "markdownDescription": "The dimensions to evaluate.", - "title": "MonitorDimension", - "type": "string" - }, - "MonitorName": { - "markdownDescription": "The name of the monitor.", - "title": "MonitorName", - "type": "string" - }, - "MonitorSpecification": { - "markdownDescription": "The array of `MonitorSpecification` in JSON array format. For instance, you can use `MonitorSpecification` to specify a tag, Cost Category, or linked account for your custom anomaly monitor. For further information, see the [Examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ce-anomalymonitor.html#aws-resource-ce-anomalymonitor--examples) section of this page.", - "title": "MonitorSpecification", - "type": "string" - }, - "MonitorType": { - "markdownDescription": "The possible type values.", - "title": "MonitorType", - "type": "string" - }, - "ResourceTags": { - "items": { - "$ref": "#/definitions/AWS::CE::AnomalyMonitor.ResourceTag" - }, - "markdownDescription": "", - "title": "ResourceTags", - "type": "array" - } - }, - "required": [ - "MonitorName", - "MonitorType" - ], + "KnowledgeBase": { + "$ref": "#/definitions/AWS::Bedrock::Flow.KnowledgeBaseFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a knowledge base node in your flow. Queries a knowledge base and returns the retrieved results or generated response.", + "title": "KnowledgeBase" + }, + "LambdaFunction": { + "$ref": "#/definitions/AWS::Bedrock::Flow.LambdaFunctionFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a Lambda function node in your flow. Invokes an AWS Lambda function.", + "title": "LambdaFunction" + }, + "Lex": { + "$ref": "#/definitions/AWS::Bedrock::Flow.LexFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a Lex node in your flow. Invokes an Amazon Lex bot to identify the intent of the input and return the intent as the output.", + "title": "Lex" + }, + "Loop": { + "$ref": "#/definitions/AWS::Bedrock::Flow.LoopFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a DoWhile loop in your flow.", + "title": "Loop" + }, + "LoopController": { + "$ref": "#/definitions/AWS::Bedrock::Flow.LoopControllerFlowNodeConfiguration", + "markdownDescription": "Contains controller node configurations for a DoWhile loop in your flow.", + "title": "LoopController" + }, + "LoopInput": { + "markdownDescription": "Contains input node configurations for a DoWhile loop in your flow.", + "title": "LoopInput", "type": "object" }, - "Type": { - "enum": [ - "AWS::CE::AnomalyMonitor" - ], + "Output": { + "markdownDescription": "Contains configurations for an output flow node in your flow. The last node in the flow. `outputs` can't be specified for this node.", + "title": "Output", + "type": "object" + }, + "Prompt": { + "$ref": "#/definitions/AWS::Bedrock::Flow.PromptFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a prompt node in your flow. Runs a prompt and generates the model response as the output. You can use a prompt from Prompt management or you can configure one in this node.", + "title": "Prompt" + }, + "Retrieval": { + "$ref": "#/definitions/AWS::Bedrock::Flow.RetrievalFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a retrieval node in your flow. Retrieves data from an Amazon S3 location and returns it as the output.", + "title": "Retrieval" + }, + "Storage": { + "$ref": "#/definitions/AWS::Bedrock::Flow.StorageFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a storage node in your flow. Stores an input in an Amazon S3 location.", + "title": "Storage" + } + }, + "type": "object" + }, + "AWS::Bedrock::Flow.FlowNodeInput": { + "additionalProperties": false, + "properties": { + "Category": { + "markdownDescription": "Specifies how input data flows between iterations in a DoWhile loop.\n\n- `LoopCondition` - Controls whether the loop continues by evaluating condition expressions against the input data. Use this category to define the condition that determines if the loop should continue.\n- `ReturnValueToLoopStart` - Defines data to pass back to the start of the loop's next iteration. Use this category for variables that you want to update for each loop iteration.\n- `ExitLoop` - Defines the value that's available once the loop ends. Use this category to expose loop results to nodes outside the loop.", + "title": "Category", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Expression": { + "markdownDescription": "An expression that formats the input for the node. For an explanation of how to create expressions, see [Expressions in Prompt flows in Amazon Bedrock](https://docs.aws.amazon.com/bedrock/latest/userguide/flows-expressions.html) .", + "title": "Expression", + "type": "string" + }, + "Name": { + "markdownDescription": "Specifies a name for the input that you can reference.", + "title": "Name", + "type": "string" + }, + "Type": { + "markdownDescription": "Specifies the data type of the input. If the input doesn't match this type at runtime, a validation error will be thrown.", + "title": "Type", "type": "string" } }, "required": [ - "Type", - "Properties" + "Expression", + "Name", + "Type" ], "type": "object" }, - "AWS::CE::AnomalyMonitor.ResourceTag": { + "AWS::Bedrock::Flow.FlowNodeOutput": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The key that's associated with the tag.", - "title": "Key", + "Name": { + "markdownDescription": "A name for the output that you can reference.", + "title": "Name", "type": "string" }, - "Value": { - "markdownDescription": "The value that's associated with the tag.", - "title": "Value", + "Type": { + "markdownDescription": "The data type of the output. If the output doesn't match this type at runtime, a validation error will be thrown.", + "title": "Type", "type": "string" } }, "required": [ - "Key", - "Value" + "Name", + "Type" ], "type": "object" }, - "AWS::CE::AnomalySubscription": { + "AWS::Bedrock::Flow.FlowValidation": { "additionalProperties": false, "properties": { - "Condition": { + "Message": { + "markdownDescription": "A message describing the validation error.", + "title": "Message", + "type": "string" + } + }, + "required": [ + "Message" + ], + "type": "object" + }, + "AWS::Bedrock::Flow.GuardrailConfiguration": { + "additionalProperties": false, + "properties": { + "GuardrailIdentifier": { + "markdownDescription": "The identifier for the guardrail.", + "title": "GuardrailIdentifier", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "GuardrailVersion": { + "markdownDescription": "The version of the guardrail.", + "title": "GuardrailVersion", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::Flow.InlineCodeFlowNodeConfiguration": { + "additionalProperties": false, + "properties": { + "Code": { + "markdownDescription": "The code that's executed in your inline code node. The code can access input data from previous nodes in the flow, perform operations on that data, and produce output that can be used by other nodes in your flow.\n\nThe code must be valid in the programming `language` that you specify.", + "title": "Code", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Frequency": { - "markdownDescription": "The frequency that anomaly notifications are sent. Notifications are sent either over email (for DAILY and WEEKLY frequencies) or SNS (for IMMEDIATE frequency). For more information, see [Creating an Amazon SNS topic for anomaly notifications](https://docs.aws.amazon.com/cost-management/latest/userguide/ad-SNS.html) .", - "title": "Frequency", - "type": "string" - }, - "MonitorArnList": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of cost anomaly monitors.", - "title": "MonitorArnList", - "type": "array" - }, - "ResourceTags": { - "items": { - "$ref": "#/definitions/AWS::CE::AnomalySubscription.ResourceTag" - }, - "markdownDescription": "", - "title": "ResourceTags", - "type": "array" - }, - "Subscribers": { - "items": { - "$ref": "#/definitions/AWS::CE::AnomalySubscription.Subscriber" - }, - "markdownDescription": "A list of subscribers to notify.", - "title": "Subscribers", - "type": "array" - }, - "SubscriptionName": { - "markdownDescription": "The name for the subscription.", - "title": "SubscriptionName", - "type": "string" - }, - "Threshold": { - "markdownDescription": "(deprecated)\n\nAn absolute dollar value that must be exceeded by the anomaly's total impact (see [Impact](https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_Impact.html) for more details) for an anomaly notification to be generated.\n\nThis field has been deprecated. To specify a threshold, use ThresholdExpression. Continued use of Threshold will be treated as shorthand syntax for a ThresholdExpression.\n\nOne of Threshold or ThresholdExpression is required for `AWS::CE::AnomalySubscription` . You cannot specify both.", - "title": "Threshold", - "type": "number" - }, - "ThresholdExpression": { - "markdownDescription": "An [Expression](https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_Expression.html) object in JSON string format used to specify the anomalies that you want to generate alerts for. This supports dimensions and nested expressions. The supported dimensions are `ANOMALY_TOTAL_IMPACT_ABSOLUTE` and `ANOMALY_TOTAL_IMPACT_PERCENTAGE` , corresponding to an anomaly\u2019s TotalImpact and TotalImpactPercentage, respectively (see [Impact](https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_Impact.html) for more details). The supported nested expression types are `AND` and `OR` . The match option `GREATER_THAN_OR_EQUAL` is required. Values must be numbers between 0 and 10,000,000,000 in string format.\n\nOne of Threshold or ThresholdExpression is required for `AWS::CE::AnomalySubscription` . You cannot specify both.\n\nFor further information, see the [Examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ce-anomalysubscription.html#aws-resource-ce-anomalysubscription--examples) section of this page.", - "title": "ThresholdExpression", - "type": "string" - } - }, - "required": [ - "Frequency", - "MonitorArnList", - "Subscribers", - "SubscriptionName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::CE::AnomalySubscription" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Language": { + "markdownDescription": "The programming language used by your inline code node.\n\nThe code must be valid in the programming `language` that you specify. Currently, only Python 3 ( `Python_3` ) is supported.", + "title": "Language", "type": "string" } }, "required": [ - "Type", - "Properties" + "Code", + "Language" ], "type": "object" }, - "AWS::CE::AnomalySubscription.ResourceTag": { + "AWS::Bedrock::Flow.KnowledgeBaseFlowNodeConfiguration": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The key that's associated with the tag.", - "title": "Key", + "GuardrailConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.GuardrailConfiguration", + "markdownDescription": "Contains configurations for a guardrail to apply during query and response generation for the knowledge base in this configuration.", + "title": "GuardrailConfiguration" + }, + "InferenceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.PromptInferenceConfiguration", + "markdownDescription": "Contains inference configurations for the prompt.", + "title": "InferenceConfiguration" + }, + "KnowledgeBaseId": { + "markdownDescription": "The unique identifier of the knowledge base to query.", + "title": "KnowledgeBaseId", "type": "string" }, - "Value": { - "markdownDescription": "The value that's associated with the tag.", - "title": "Value", + "ModelId": { + "markdownDescription": "The unique identifier of the model or [inference profile](https://docs.aws.amazon.com/bedrock/latest/userguide/cross-region-inference.html) to use to generate a response from the query results. Omit this field if you want to return the retrieved results as an array.", + "title": "ModelId", "type": "string" + }, + "NumberOfResults": { + "markdownDescription": "The number of results to retrieve from the knowledge base.", + "title": "NumberOfResults", + "type": "number" + }, + "OrchestrationConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.KnowledgeBaseOrchestrationConfiguration", + "markdownDescription": "The configuration for orchestrating the retrieval and generation process in the knowledge base node.", + "title": "OrchestrationConfiguration" + }, + "PromptTemplate": { + "$ref": "#/definitions/AWS::Bedrock::Flow.KnowledgeBasePromptTemplate", + "markdownDescription": "A custom prompt template to use with the knowledge base for generating responses.", + "title": "PromptTemplate" + }, + "RerankingConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.VectorSearchRerankingConfiguration", + "markdownDescription": "The configuration for reranking the retrieved results from the knowledge base to improve relevance.", + "title": "RerankingConfiguration" } }, "required": [ - "Key", - "Value" + "KnowledgeBaseId" ], "type": "object" }, - "AWS::CE::AnomalySubscription.Subscriber": { + "AWS::Bedrock::Flow.KnowledgeBaseOrchestrationConfiguration": { "additionalProperties": false, "properties": { - "Address": { - "markdownDescription": "The email address or SNS Topic Amazon Resource Name (ARN), depending on the `Type` .", - "title": "Address", - "type": "string" + "AdditionalModelRequestFields": { + "markdownDescription": "The additional model-specific request parameters as key-value pairs to be included in the request to the foundation model.", + "title": "AdditionalModelRequestFields", + "type": "object" }, - "Status": { - "markdownDescription": "Indicates if the subscriber accepts the notifications.", - "title": "Status", - "type": "string" + "InferenceConfig": { + "$ref": "#/definitions/AWS::Bedrock::Flow.PromptInferenceConfiguration", + "markdownDescription": "Contains inference configurations for the prompt.", + "title": "InferenceConfig" }, - "Type": { - "markdownDescription": "The notification delivery channel.", - "title": "Type", + "PerformanceConfig": { + "$ref": "#/definitions/AWS::Bedrock::Flow.PerformanceConfiguration", + "markdownDescription": "The performance configuration options for the knowledge base retrieval and generation process.", + "title": "PerformanceConfig" + }, + "PromptTemplate": { + "$ref": "#/definitions/AWS::Bedrock::Flow.KnowledgeBasePromptTemplate", + "markdownDescription": "A custom prompt template for orchestrating the retrieval and generation process.", + "title": "PromptTemplate" + } + }, + "type": "object" + }, + "AWS::Bedrock::Flow.KnowledgeBasePromptTemplate": { + "additionalProperties": false, + "properties": { + "TextPromptTemplate": { + "markdownDescription": "The text of the prompt template.", + "title": "TextPromptTemplate", "type": "string" } }, "required": [ - "Address", - "Type" + "TextPromptTemplate" ], "type": "object" }, - "AWS::CE::CostCategory": { + "AWS::Bedrock::Flow.LambdaFunctionFlowNodeConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "LambdaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function to invoke.", + "title": "LambdaArn", "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DefaultValue": { - "markdownDescription": "The default value for the cost category.", - "title": "DefaultValue", - "type": "string" - }, - "Name": { - "markdownDescription": "The unique name of the Cost Category.", - "title": "Name", - "type": "string" - }, - "RuleVersion": { - "markdownDescription": "The rule schema version in this particular Cost Category.", - "title": "RuleVersion", - "type": "string" - }, - "Rules": { - "markdownDescription": "The array of CostCategoryRule in JSON array format.\n\n> Rules are processed in order. If there are multiple rules that match the line item, then the first rule to match is used to determine that Cost Category value.", - "title": "Rules", - "type": "string" - }, - "SplitChargeRules": { - "markdownDescription": "The split charge rules that are used to allocate your charges between your Cost Category values.", - "title": "SplitChargeRules", - "type": "string" - } - }, - "required": [ - "Name", - "RuleVersion", - "Rules" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::CE::CostCategory" - ], + } + }, + "required": [ + "LambdaArn" + ], + "type": "object" + }, + "AWS::Bedrock::Flow.LexFlowNodeConfiguration": { + "additionalProperties": false, + "properties": { + "BotAliasArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Lex bot alias to invoke.", + "title": "BotAliasArn", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "LocaleId": { + "markdownDescription": "The Region to invoke the Amazon Lex bot in.", + "title": "LocaleId", "type": "string" } }, "required": [ - "Type", - "Properties" + "BotAliasArn", + "LocaleId" ], "type": "object" }, - "AWS::CUR::ReportDefinition": { + "AWS::Bedrock::Flow.LoopControllerFlowNodeConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "ContinueCondition": { + "$ref": "#/definitions/AWS::Bedrock::Flow.FlowCondition", + "markdownDescription": "Specifies the condition that determines when the flow exits the DoWhile loop. The loop executes until this condition evaluates to true.", + "title": "ContinueCondition" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "MaxIterations": { + "markdownDescription": "Specifies the maximum number of times the DoWhile loop can iterate before the flow exits the loop.", + "title": "MaxIterations", + "type": "number" + } + }, + "required": [ + "ContinueCondition" + ], + "type": "object" + }, + "AWS::Bedrock::Flow.LoopFlowNodeConfiguration": { + "additionalProperties": false, + "properties": { + "Definition": { + "$ref": "#/definitions/AWS::Bedrock::Flow.FlowDefinition", + "markdownDescription": "The definition of the DoWhile loop nodes and connections between nodes in the flow.", + "title": "Definition" + } + }, + "required": [ + "Definition" + ], + "type": "object" + }, + "AWS::Bedrock::Flow.MetadataConfigurationForReranking": { + "additionalProperties": false, + "properties": { + "SelectionMode": { + "markdownDescription": "The mode for selecting which metadata fields to include in the reranking process. Valid values are ALL (use all available metadata fields) or SELECTIVE (use only specified fields).", + "title": "SelectionMode", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AdditionalArtifacts": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of manifests that you want AWS to create for this report.", - "title": "AdditionalArtifacts", - "type": "array" - }, - "AdditionalSchemaElements": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of strings that indicate additional content that AWS includes in the report, such as individual resource IDs.", - "title": "AdditionalSchemaElements", - "type": "array" - }, - "BillingViewArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the billing view. You can get this value by using the billing view service public APIs.", - "title": "BillingViewArn", - "type": "string" - }, - "Compression": { - "markdownDescription": "The compression format that Amazon Web Services uses for the report.", - "title": "Compression", - "type": "string" - }, - "Format": { - "markdownDescription": "The format that Amazon Web Services saves the report in.", - "title": "Format", - "type": "string" - }, - "RefreshClosedReports": { - "markdownDescription": "Whether you want AWS to update your reports after they have been finalized if AWS detects charges related to previous months. These charges can include refunds, credits, or support fees.", - "title": "RefreshClosedReports", - "type": "boolean" - }, - "ReportName": { - "markdownDescription": "The name of the report that you want to create. The name must be unique, is case sensitive, and can't include spaces.", - "title": "ReportName", - "type": "string" - }, - "ReportVersioning": { - "markdownDescription": "Whether you want AWS to overwrite the previous version of each report or to deliver the report in addition to the previous versions.", - "title": "ReportVersioning", - "type": "string" - }, - "S3Bucket": { - "markdownDescription": "The S3 bucket where Amazon Web Services delivers the report.", - "title": "S3Bucket", - "type": "string" - }, - "S3Prefix": { - "markdownDescription": "The prefix that Amazon Web Services adds to the report name when Amazon Web Services delivers the report. Your prefix can't include spaces.", - "title": "S3Prefix", - "type": "string" - }, - "S3Region": { - "markdownDescription": "The Region of the S3 bucket that Amazon Web Services delivers the report into.", - "title": "S3Region", - "type": "string" - }, - "TimeUnit": { - "markdownDescription": "The granularity of the line items in the report.", - "title": "TimeUnit", - "type": "string" - } - }, - "required": [ - "Compression", - "Format", - "RefreshClosedReports", - "ReportName", - "ReportVersioning", - "S3Bucket", - "S3Prefix", - "S3Region", - "TimeUnit" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::CUR::ReportDefinition" - ], + "SelectiveModeConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.RerankingMetadataSelectiveModeConfiguration", + "markdownDescription": "Configuration for selective mode, which allows you to explicitly include or exclude specific metadata fields during reranking. This is only used when selectionMode is set to SELECTIVE.", + "title": "SelectiveModeConfiguration" + } + }, + "required": [ + "SelectionMode" + ], + "type": "object" + }, + "AWS::Bedrock::Flow.PerformanceConfiguration": { + "additionalProperties": false, + "properties": { + "Latency": { + "markdownDescription": "To use a latency-optimized version of the model, set to `optimized` .", + "title": "Latency", "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::Flow.PromptFlowNodeConfiguration": { + "additionalProperties": false, + "properties": { + "GuardrailConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.GuardrailConfiguration", + "markdownDescription": "Contains configurations for a guardrail to apply to the prompt in this node and the response generated from it.", + "title": "GuardrailConfiguration" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "SourceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.PromptFlowNodeSourceConfiguration", + "markdownDescription": "Specifies whether the prompt is from Prompt management or defined inline.", + "title": "SourceConfiguration" } }, "required": [ - "Type", - "Properties" + "SourceConfiguration" ], "type": "object" }, - "AWS::Cassandra::Keyspace": { + "AWS::Bedrock::Flow.PromptFlowNodeInlineConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "InferenceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.PromptInferenceConfiguration", + "markdownDescription": "Contains inference configurations for the prompt.", + "title": "InferenceConfiguration" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ModelId": { + "markdownDescription": "The unique identifier of the model or [inference profile](https://docs.aws.amazon.com/bedrock/latest/userguide/cross-region-inference.html) to run inference with.", + "title": "ModelId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "KeyspaceName": { - "markdownDescription": "The name of the keyspace to be created. The keyspace name is case sensitive. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the keyspace name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n*Length constraints:* Minimum length of 1. Maximum length of 48.", - "title": "KeyspaceName", - "type": "string" - }, - "ReplicationSpecification": { - "$ref": "#/definitions/AWS::Cassandra::Keyspace.ReplicationSpecification", - "markdownDescription": "Specifies the `ReplicationStrategy` of a keyspace. The options are:\n\n- `SINGLE_REGION` for a single Region keyspace (optional) or\n- `MULTI_REGION` for a multi-Region keyspace\n\nIf no `ReplicationStrategy` is provided, the default is `SINGLE_REGION` . If you choose `MULTI_REGION` , you must also provide a `RegionList` with the AWS Regions that the keyspace is replicated in.", - "title": "ReplicationSpecification" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Cassandra::Keyspace" - ], - "type": "string" + "TemplateConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.PromptTemplateConfiguration", + "markdownDescription": "Contains a prompt and variables in the prompt that can be replaced with values at runtime.", + "title": "TemplateConfiguration" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TemplateType": { + "markdownDescription": "The type of prompt template.", + "title": "TemplateType", "type": "string" } }, "required": [ - "Type" + "ModelId", + "TemplateConfiguration", + "TemplateType" ], "type": "object" }, - "AWS::Cassandra::Keyspace.ReplicationSpecification": { + "AWS::Bedrock::Flow.PromptFlowNodeResourceConfiguration": { "additionalProperties": false, "properties": { - "RegionList": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the AWS Regions that the keyspace is replicated in. You must specify at least two Regions, including the Region that the keyspace is being created in.\n\nTo specify a Region [that's disabled by default](https://docs.aws.amazon.com/accounts/latest/reference/manage-acct-regions.html#rande-manage-enable) , you must first enable the Region. For more information, see [Multi-Region replication in AWS Regions disabled by default](https://docs.aws.amazon.com/keyspaces/latest/devguide/multiRegion-replication_how-it-works.html#howitworks_mrr_opt_in) in the *Amazon Keyspaces Developer Guide* .", - "title": "RegionList", - "type": "array" - }, - "ReplicationStrategy": { - "markdownDescription": "The options are:\n\n- `SINGLE_REGION` (optional)\n- `MULTI_REGION`\n\nIf no value is specified, the default is `SINGLE_REGION` . If `MULTI_REGION` is specified, `RegionList` is required.", - "title": "ReplicationStrategy", + "PromptArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the prompt from Prompt management.", + "title": "PromptArn", "type": "string" } }, + "required": [ + "PromptArn" + ], "type": "object" }, - "AWS::Cassandra::Table": { + "AWS::Bedrock::Flow.PromptFlowNodeSourceConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AutoScalingSpecifications": { - "$ref": "#/definitions/AWS::Cassandra::Table.AutoScalingSpecification", - "markdownDescription": "The optional auto scaling capacity settings for a table in provisioned capacity mode.", - "title": "AutoScalingSpecifications" - }, - "BillingMode": { - "$ref": "#/definitions/AWS::Cassandra::Table.BillingMode", - "markdownDescription": "The billing mode for the table, which determines how you'll be charged for reads and writes:\n\n- *On-demand mode* (default) - You pay based on the actual reads and writes your application performs.\n- *Provisioned mode* - Lets you specify the number of reads and writes per second that you need for your application.\n\nIf you don't specify a value for this property, then the table will use on-demand mode.", - "title": "BillingMode" - }, - "ClientSideTimestampsEnabled": { - "markdownDescription": "Enables client-side timestamps for the table. By default, the setting is disabled. You can enable client-side timestamps with the following option:\n\n- `status: \"enabled\"`\n\nAfter client-side timestamps are enabled for a table, you can't disable this setting.", - "title": "ClientSideTimestampsEnabled", - "type": "boolean" - }, - "ClusteringKeyColumns": { - "items": { - "$ref": "#/definitions/AWS::Cassandra::Table.ClusteringKeyColumn" - }, - "markdownDescription": "One or more columns that determine how the table data is sorted.", - "title": "ClusteringKeyColumns", - "type": "array" - }, - "DefaultTimeToLive": { - "markdownDescription": "The default Time To Live (TTL) value for all rows in a table in seconds. The maximum configurable value is 630,720,000 seconds, which is the equivalent of 20 years. By default, the TTL value for a table is 0, which means data does not expire.\n\nFor more information, see [Setting the default TTL value for a table](https://docs.aws.amazon.com/keyspaces/latest/devguide/TTL-how-it-works.html#ttl-howitworks_default_ttl) in the *Amazon Keyspaces Developer Guide* .", - "title": "DefaultTimeToLive", - "type": "number" - }, - "EncryptionSpecification": { - "$ref": "#/definitions/AWS::Cassandra::Table.EncryptionSpecification", - "markdownDescription": "The encryption at rest options for the table.\n\n- *AWS owned key* (default) - The key is owned by Amazon Keyspaces .\n- *Customer managed key* - The key is stored in your account and is created, owned, and managed by you.\n\n> If you choose encryption with a customer managed key, you must specify a valid customer managed KMS key with permissions granted to Amazon Keyspaces.\n\nFor more information, see [Encryption at rest in Amazon Keyspaces](https://docs.aws.amazon.com/keyspaces/latest/devguide/EncryptionAtRest.html) in the *Amazon Keyspaces Developer Guide* .", - "title": "EncryptionSpecification" - }, - "KeyspaceName": { - "markdownDescription": "The name of the keyspace to create the table in. The keyspace must already exist.", - "title": "KeyspaceName", - "type": "string" - }, - "PartitionKeyColumns": { - "items": { - "$ref": "#/definitions/AWS::Cassandra::Table.Column" - }, - "markdownDescription": "One or more columns that uniquely identify every row in the table. Every table must have a partition key.", - "title": "PartitionKeyColumns", - "type": "array" - }, - "PointInTimeRecoveryEnabled": { - "markdownDescription": "Specifies if point-in-time recovery is enabled or disabled for the table. The options are `PointInTimeRecoveryEnabled=true` and `PointInTimeRecoveryEnabled=false` . If not specified, the default is `PointInTimeRecoveryEnabled=false` .", - "title": "PointInTimeRecoveryEnabled", - "type": "boolean" - }, - "RegularColumns": { - "items": { - "$ref": "#/definitions/AWS::Cassandra::Table.Column" - }, - "markdownDescription": "One or more columns that are not part of the primary key - that is, columns that are *not* defined as partition key columns or clustering key columns.\n\nYou can add regular columns to existing tables by adding them to the template.", - "title": "RegularColumns", - "type": "array" - }, - "ReplicaSpecifications": { - "items": { - "$ref": "#/definitions/AWS::Cassandra::Table.ReplicaSpecification" - }, - "markdownDescription": "The AWS Region specific settings of a multi-Region table.\n\nFor a multi-Region table, you can configure the table's read capacity differently per AWS Region. You can do this by configuring the following parameters.\n\n- `region` : The Region where these settings are applied. (Required)\n- `readCapacityUnits` : The provisioned read capacity units. (Optional)\n- `readCapacityAutoScaling` : The read capacity auto scaling settings for the table. (Optional)", - "title": "ReplicaSpecifications", - "type": "array" - }, - "TableName": { - "markdownDescription": "The name of the table to be created. The table name is case sensitive. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the table name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you can't perform updates that require replacing this resource. You can perform updates that require no interruption or some interruption. If you must replace the resource, specify a new name. \n\n*Length constraints:* Minimum length of 3. Maximum length of 255.\n\n*Pattern:* `^[a-zA-Z0-9][a-zA-Z0-9_]{1,47}$`", - "title": "TableName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "KeyspaceName", - "PartitionKeyColumns" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Cassandra::Table" - ], - "type": "string" + "Inline": { + "$ref": "#/definitions/AWS::Bedrock::Flow.PromptFlowNodeInlineConfiguration", + "markdownDescription": "Contains configurations for a prompt that is defined inline", + "title": "Inline" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Resource": { + "$ref": "#/definitions/AWS::Bedrock::Flow.PromptFlowNodeResourceConfiguration", + "markdownDescription": "Contains configurations for a prompt from Prompt management.", + "title": "Resource" + } + }, + "type": "object" + }, + "AWS::Bedrock::Flow.PromptInferenceConfiguration": { + "additionalProperties": false, + "properties": { + "Text": { + "$ref": "#/definitions/AWS::Bedrock::Flow.PromptModelInferenceConfiguration", + "markdownDescription": "Contains inference configurations for a text prompt.", + "title": "Text" } }, "required": [ - "Type", - "Properties" + "Text" ], "type": "object" }, - "AWS::Cassandra::Table.AutoScalingSetting": { + "AWS::Bedrock::Flow.PromptInputVariable": { "additionalProperties": false, "properties": { - "AutoScalingDisabled": { - "markdownDescription": "This optional parameter enables auto scaling for the table if set to `false` .", - "title": "AutoScalingDisabled", - "type": "boolean" - }, - "MaximumUnits": { - "markdownDescription": "Manage costs by specifying the maximum amount of throughput to provision. The value must be between 1 and the max throughput per second quota for your account (40,000 by default).", - "title": "MaximumUnits", + "Name": { + "markdownDescription": "The name of the variable.", + "title": "Name", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::Flow.PromptModelInferenceConfiguration": { + "additionalProperties": false, + "properties": { + "MaxTokens": { + "markdownDescription": "The maximum number of tokens to return in the response.", + "title": "MaxTokens", "type": "number" }, - "MinimumUnits": { - "markdownDescription": "The minimum level of throughput the table should always be ready to support. The value must be between 1 and the max throughput per second quota for your account (40,000 by default).", - "title": "MinimumUnits", + "StopSequences": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of strings that define sequences after which the model will stop generating.", + "title": "StopSequences", + "type": "array" + }, + "Temperature": { + "markdownDescription": "Controls the randomness of the response. Choose a lower value for more predictable outputs and a higher value for more surprising outputs.", + "title": "Temperature", "type": "number" }, - "ScalingPolicy": { - "$ref": "#/definitions/AWS::Cassandra::Table.ScalingPolicy", - "markdownDescription": "Amazon Keyspaces supports the `target tracking` auto scaling policy. With this policy, Amazon Keyspaces auto scaling ensures that the table's ratio of consumed to provisioned capacity stays at or near the target value that you specify. You define the target value as a percentage between 20 and 90.", - "title": "ScalingPolicy" + "TopP": { + "markdownDescription": "The percentage of most-likely candidates that the model considers for the next token.", + "title": "TopP", + "type": "number" } }, "type": "object" }, - "AWS::Cassandra::Table.AutoScalingSpecification": { + "AWS::Bedrock::Flow.PromptTemplateConfiguration": { "additionalProperties": false, "properties": { - "ReadCapacityAutoScaling": { - "$ref": "#/definitions/AWS::Cassandra::Table.AutoScalingSetting", - "markdownDescription": "The auto scaling settings for the table's read capacity.", - "title": "ReadCapacityAutoScaling" - }, - "WriteCapacityAutoScaling": { - "$ref": "#/definitions/AWS::Cassandra::Table.AutoScalingSetting", - "markdownDescription": "The auto scaling settings for the table's write capacity.", - "title": "WriteCapacityAutoScaling" + "Text": { + "$ref": "#/definitions/AWS::Bedrock::Flow.TextPromptTemplateConfiguration", + "markdownDescription": "Contains configurations for the text in a message for a prompt.", + "title": "Text" } }, + "required": [ + "Text" + ], "type": "object" }, - "AWS::Cassandra::Table.BillingMode": { + "AWS::Bedrock::Flow.RerankingMetadataSelectiveModeConfiguration": { "additionalProperties": false, "properties": { - "Mode": { - "markdownDescription": "The billing mode for the table:\n\n- On-demand mode - `ON_DEMAND`\n- Provisioned mode - `PROVISIONED`\n\n> If you choose `PROVISIONED` mode, then you also need to specify provisioned throughput (read and write capacity) for the table.\n\nValid values: `ON_DEMAND` | `PROVISIONED`", - "title": "Mode", - "type": "string" + "FieldsToExclude": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Flow.FieldForReranking" + }, + "markdownDescription": "A list of metadata field names to explicitly exclude from the reranking process. All metadata fields except these will be considered when reordering search results. This parameter cannot be used together with fieldsToInclude.", + "title": "FieldsToExclude", + "type": "array" }, - "ProvisionedThroughput": { - "$ref": "#/definitions/AWS::Cassandra::Table.ProvisionedThroughput", - "markdownDescription": "The provisioned read capacity and write capacity for the table. For more information, see [Provisioned throughput capacity mode](https://docs.aws.amazon.com/keyspaces/latest/devguide/ReadWriteCapacityMode.html#ReadWriteCapacityMode.Provisioned) in the *Amazon Keyspaces Developer Guide* .", - "title": "ProvisionedThroughput" + "FieldsToInclude": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Flow.FieldForReranking" + }, + "markdownDescription": "A list of metadata field names to explicitly include in the reranking process. Only these fields will be considered when reordering search results. This parameter cannot be used together with fieldsToExclude.", + "title": "FieldsToInclude", + "type": "array" } }, - "required": [ - "Mode" - ], "type": "object" }, - "AWS::Cassandra::Table.ClusteringKeyColumn": { + "AWS::Bedrock::Flow.RetrievalFlowNodeConfiguration": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::Cassandra::Table.Column", - "markdownDescription": "The name and data type of this clustering key column.", - "title": "Column" - }, - "OrderBy": { - "markdownDescription": "The order in which this column's data is stored:\n\n- `ASC` (default) - The column's data is stored in ascending order.\n- `DESC` - The column's data is stored in descending order.", - "title": "OrderBy", - "type": "string" + "ServiceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.RetrievalFlowNodeServiceConfiguration", + "markdownDescription": "Contains configurations for the service to use for retrieving data to return as the output from the node.", + "title": "ServiceConfiguration" } }, "required": [ - "Column" + "ServiceConfiguration" ], "type": "object" }, - "AWS::Cassandra::Table.Column": { + "AWS::Bedrock::Flow.RetrievalFlowNodeS3Configuration": { "additionalProperties": false, "properties": { - "ColumnName": { - "markdownDescription": "The name of the column. For more information, see [Identifiers](https://docs.aws.amazon.com/keyspaces/latest/devguide/cql.elements.html#cql.elements.identifier) in the *Amazon Keyspaces Developer Guide* .", - "title": "ColumnName", - "type": "string" - }, - "ColumnType": { - "markdownDescription": "The data type of the column. For more information, see [Data types](https://docs.aws.amazon.com/keyspaces/latest/devguide/cql.elements.html#cql.data-types) in the *Amazon Keyspaces Developer Guide* .", - "title": "ColumnType", + "BucketName": { + "markdownDescription": "The name of the Amazon S3 bucket from which to retrieve data.", + "title": "BucketName", "type": "string" } }, "required": [ - "ColumnName", - "ColumnType" + "BucketName" ], "type": "object" }, - "AWS::Cassandra::Table.EncryptionSpecification": { + "AWS::Bedrock::Flow.RetrievalFlowNodeServiceConfiguration": { "additionalProperties": false, "properties": { - "EncryptionType": { - "markdownDescription": "The encryption at rest options for the table.\n\n- *AWS owned key* (default) - `AWS_OWNED_KMS_KEY`\n- *Customer managed key* - `CUSTOMER_MANAGED_KMS_KEY`\n\n> If you choose `CUSTOMER_MANAGED_KMS_KEY` , a `kms_key_identifier` in the format of a key ARN is required.\n\nValid values: `CUSTOMER_MANAGED_KMS_KEY` | `AWS_OWNED_KMS_KEY` .", - "title": "EncryptionType", + "S3": { + "$ref": "#/definitions/AWS::Bedrock::Flow.RetrievalFlowNodeS3Configuration", + "markdownDescription": "Contains configurations for the Amazon S3 location from which to retrieve data to return as the output from the node.", + "title": "S3" + } + }, + "type": "object" + }, + "AWS::Bedrock::Flow.S3Location": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The S3 bucket containing the flow definition.", + "title": "Bucket", "type": "string" }, - "KmsKeyIdentifier": { - "markdownDescription": "Requires a `kms_key_identifier` in the format of a key ARN.", - "title": "KmsKeyIdentifier", + "Key": { + "markdownDescription": "The object key for the S3 location containing the definition.", + "title": "Key", + "type": "string" + }, + "Version": { + "markdownDescription": "The Amazon S3 location from which to retrieve data for an S3 retrieve node or to which to store data for an S3 storage node.", + "title": "Version", "type": "string" } }, "required": [ - "EncryptionType" + "Bucket", + "Key" ], "type": "object" }, - "AWS::Cassandra::Table.ProvisionedThroughput": { + "AWS::Bedrock::Flow.StorageFlowNodeConfiguration": { "additionalProperties": false, "properties": { - "ReadCapacityUnits": { - "markdownDescription": "The amount of read capacity that's provisioned for the table. For more information, see [Read/write capacity mode](https://docs.aws.amazon.com/keyspaces/latest/devguide/ReadWriteCapacityMode.html) in the *Amazon Keyspaces Developer Guide* .", - "title": "ReadCapacityUnits", - "type": "number" - }, - "WriteCapacityUnits": { - "markdownDescription": "The amount of write capacity that's provisioned for the table. For more information, see [Read/write capacity mode](https://docs.aws.amazon.com/keyspaces/latest/devguide/ReadWriteCapacityMode.html) in the *Amazon Keyspaces Developer Guide* .", - "title": "WriteCapacityUnits", - "type": "number" + "ServiceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.StorageFlowNodeServiceConfiguration", + "markdownDescription": "Contains configurations for the service to use for storing the input into the node.", + "title": "ServiceConfiguration" } }, "required": [ - "ReadCapacityUnits", - "WriteCapacityUnits" + "ServiceConfiguration" ], "type": "object" }, - "AWS::Cassandra::Table.ReplicaSpecification": { + "AWS::Bedrock::Flow.StorageFlowNodeS3Configuration": { "additionalProperties": false, "properties": { - "ReadCapacityAutoScaling": { - "$ref": "#/definitions/AWS::Cassandra::Table.AutoScalingSetting", - "markdownDescription": "The read capacity auto scaling settings for the multi-Region table in the specified AWS Region.", - "title": "ReadCapacityAutoScaling" - }, - "ReadCapacityUnits": { - "markdownDescription": "The provisioned read capacity units for the multi-Region table in the specified AWS Region.", - "title": "ReadCapacityUnits", - "type": "number" - }, - "Region": { - "markdownDescription": "The AWS Region.", - "title": "Region", + "BucketName": { + "markdownDescription": "The name of the Amazon S3 bucket in which to store the input into the node.", + "title": "BucketName", "type": "string" } }, "required": [ - "Region" + "BucketName" ], "type": "object" }, - "AWS::Cassandra::Table.ScalingPolicy": { + "AWS::Bedrock::Flow.StorageFlowNodeServiceConfiguration": { "additionalProperties": false, "properties": { - "TargetTrackingScalingPolicyConfiguration": { - "$ref": "#/definitions/AWS::Cassandra::Table.TargetTrackingScalingPolicyConfiguration", - "markdownDescription": "The auto scaling policy that scales a table based on the ratio of consumed to provisioned capacity.", - "title": "TargetTrackingScalingPolicyConfiguration" + "S3": { + "$ref": "#/definitions/AWS::Bedrock::Flow.StorageFlowNodeS3Configuration", + "markdownDescription": "Contains configurations for the Amazon S3 location in which to store the input into the node.", + "title": "S3" } }, "type": "object" }, - "AWS::Cassandra::Table.TargetTrackingScalingPolicyConfiguration": { + "AWS::Bedrock::Flow.TextPromptTemplateConfiguration": { "additionalProperties": false, "properties": { - "DisableScaleIn": { - "markdownDescription": "Specifies if `scale-in` is enabled.\n\nWhen auto scaling automatically decreases capacity for a table, the table *scales in* . When scaling policies are set, they can't scale in the table lower than its minimum capacity.", - "title": "DisableScaleIn", - "type": "boolean" + "InputVariables": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Flow.PromptInputVariable" + }, + "markdownDescription": "An array of the variables in the prompt template.", + "title": "InputVariables", + "type": "array" }, - "ScaleInCooldown": { - "markdownDescription": "Specifies a `scale-in` cool down period.\n\nA cooldown period in seconds between scaling activities that lets the table stabilize before another scaling activity starts.", - "title": "ScaleInCooldown", - "type": "number" + "Text": { + "markdownDescription": "The message for the prompt.", + "title": "Text", + "type": "string" + } + }, + "required": [ + "Text" + ], + "type": "object" + }, + "AWS::Bedrock::Flow.VectorSearchBedrockRerankingConfiguration": { + "additionalProperties": false, + "properties": { + "MetadataConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.MetadataConfigurationForReranking", + "markdownDescription": "Configuration for how document metadata should be used during the reranking process. This determines which metadata fields are included when reordering search results.", + "title": "MetadataConfiguration" }, - "ScaleOutCooldown": { - "markdownDescription": "Specifies a scale out cool down period.\n\nA cooldown period in seconds between scaling activities that lets the table stabilize before another scaling activity starts.", - "title": "ScaleOutCooldown", - "type": "number" + "ModelConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.VectorSearchBedrockRerankingModelConfiguration", + "markdownDescription": "Configuration for the Amazon Bedrock foundation model used for reranking. This includes the model ARN and any additional request fields required by the model.", + "title": "ModelConfiguration" }, - "TargetValue": { - "markdownDescription": "Specifies the target value for the target tracking auto scaling policy.\n\nAmazon Keyspaces auto scaling scales up capacity automatically when traffic exceeds this target utilization rate, and then back down when it falls below the target. This ensures that the ratio of consumed capacity to provisioned capacity stays at or near this value. You define `targetValue` as a percentage. An `integer` between 20 and 90.", - "title": "TargetValue", + "NumberOfRerankedResults": { + "markdownDescription": "The maximum number of results to rerank. This limits how many of the initial vector search results will be processed by the reranking model. A smaller number improves performance but may exclude potentially relevant results.", + "title": "NumberOfRerankedResults", "type": "number" } }, "required": [ - "TargetValue" + "ModelConfiguration" ], "type": "object" }, - "AWS::CertificateManager::Account": { + "AWS::Bedrock::Flow.VectorSearchBedrockRerankingModelConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ExpiryEventsConfiguration": { - "$ref": "#/definitions/AWS::CertificateManager::Account.ExpiryEventsConfiguration", - "markdownDescription": "Object containing expiration events options associated with an AWS account . For more information, see [ExpiryEventsConfiguration](https://docs.aws.amazon.com/acm/latest/APIReference/API_ExpiryEventsConfiguration.html) in the API reference.", - "title": "ExpiryEventsConfiguration" - } - }, - "required": [ - "ExpiryEventsConfiguration" - ], + "AdditionalModelRequestFields": { + "markdownDescription": "A list of additional fields to include in the model request during reranking. These fields provide extra context or configuration options specific to the selected foundation model.", + "title": "AdditionalModelRequestFields", "type": "object" }, - "Type": { - "enum": [ - "AWS::CertificateManager::Account" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ModelArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the foundation model to use for reranking. This model processes the query and search results to determine a more relevant ordering.", + "title": "ModelArn", "type": "string" } }, "required": [ - "Type", - "Properties" + "ModelArn" ], "type": "object" }, - "AWS::CertificateManager::Account.ExpiryEventsConfiguration": { + "AWS::Bedrock::Flow.VectorSearchRerankingConfiguration": { "additionalProperties": false, "properties": { - "DaysBeforeExpiry": { - "markdownDescription": "This option specifies the number of days prior to certificate expiration when ACM starts generating `EventBridge` events. ACM sends one event per day per certificate until the certificate expires. By default, accounts receive events starting 45 days before certificate expiration.", - "title": "DaysBeforeExpiry", - "type": "number" + "BedrockRerankingConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.VectorSearchBedrockRerankingConfiguration", + "markdownDescription": "Configuration for using Amazon Bedrock foundation models to rerank search results. This is required when the reranking type is set to BEDROCK.", + "title": "BedrockRerankingConfiguration" + }, + "Type": { + "markdownDescription": "The type of reranking to apply to vector search results. Currently, the only supported value is BEDROCK, which uses Amazon Bedrock foundation models for reranking.", + "title": "Type", + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::CertificateManager::Certificate": { + "AWS::Bedrock::FlowAlias": { "additionalProperties": false, "properties": { "Condition": { @@ -32425,64 +36990,56 @@ "Properties": { "additionalProperties": false, "properties": { - "CertificateAuthorityArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the private certificate authority (CA) that will be used to issue the certificate. If you do not provide an ARN and you are trying to request a private certificate, ACM will attempt to issue a public certificate. For more information about private CAs, see the [AWS Private Certificate Authority](https://docs.aws.amazon.com/privateca/latest/userguide/PcaWelcome.html) user guide. The ARN must have the following form:\n\n`arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012`", - "title": "CertificateAuthorityArn", - "type": "string" + "ConcurrencyConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowAlias.FlowAliasConcurrencyConfiguration", + "markdownDescription": "The configuration that specifies how nodes in the flow are executed concurrently.", + "title": "ConcurrencyConfiguration" }, - "CertificateTransparencyLoggingPreference": { - "markdownDescription": "You can opt out of certificate transparency logging by specifying the `DISABLED` option. Opt in by specifying `ENABLED` .\n\nIf you do not specify a certificate transparency logging preference on a new CloudFormation template, or if you remove the logging preference from an existing template, this is the same as explicitly enabling the preference.\n\nChanging the certificate transparency logging preference will update the existing resource by calling `UpdateCertificateOptions` on the certificate. This action will not create a new resource.", - "title": "CertificateTransparencyLoggingPreference", + "Description": { + "markdownDescription": "A description of the alias.", + "title": "Description", "type": "string" }, - "DomainName": { - "markdownDescription": "The fully qualified domain name (FQDN), such as www.example.com, with which you want to secure an ACM certificate. Use an asterisk (*) to create a wildcard certificate that protects several sites in the same domain. For example, `*.example.com` protects `www.example.com` , `site.example.com` , and `images.example.com.`", - "title": "DomainName", + "FlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the alias.", + "title": "FlowArn", "type": "string" }, - "DomainValidationOptions": { - "items": { - "$ref": "#/definitions/AWS::CertificateManager::Certificate.DomainValidationOption" - }, - "markdownDescription": "Domain information that domain name registrars use to verify your identity.\n\n> In order for a AWS::CertificateManager::Certificate to be provisioned and validated in CloudFormation automatically, the `DomainName` property needs to be identical to one of the `DomainName` property supplied in DomainValidationOptions, if the ValidationMethod is **DNS**. Failing to keep them like-for-like will result in failure to create the domain validation records in Route53.", - "title": "DomainValidationOptions", - "type": "array" - }, - "KeyAlgorithm": { - "markdownDescription": "Specifies the algorithm of the public and private key pair that your certificate uses to encrypt data. RSA is the default key algorithm for ACM certificates. Elliptic Curve Digital Signature Algorithm (ECDSA) keys are smaller, offering security comparable to RSA keys but with greater computing efficiency. However, ECDSA is not supported by all network clients. Some AWS services may require RSA keys, or only support ECDSA keys of a particular size, while others allow the use of either RSA and ECDSA keys to ensure that compatibility is not broken. Check the requirements for the AWS service where you plan to deploy your certificate. For more information about selecting an algorithm, see [Key algorithms](https://docs.aws.amazon.com/acm/latest/userguide/acm-certificate.html#algorithms) .\n\n> Algorithms supported for an ACM certificate request include:\n> \n> - `RSA_2048`\n> - `EC_prime256v1`\n> - `EC_secp384r1`\n> \n> Other listed algorithms are for imported certificates only. > When you request a private PKI certificate signed by a CA from AWS Private CA, the specified signing algorithm family (RSA or ECDSA) must match the algorithm family of the CA's secret key. \n\nDefault: RSA_2048", - "title": "KeyAlgorithm", + "Name": { + "markdownDescription": "The name of the alias.", + "title": "Name", "type": "string" }, - "SubjectAlternativeNames": { + "RoutingConfiguration": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Bedrock::FlowAlias.FlowAliasRoutingConfigurationListItem" }, - "markdownDescription": "Additional FQDNs to be included in the Subject Alternative Name extension of the ACM certificate. For example, you can add www.example.net to a certificate for which the `DomainName` field is www.example.com if users can reach your site by using either name.", - "title": "SubjectAlternativeNames", + "markdownDescription": "A list of configurations about the versions that the alias maps to. Currently, you can only specify one.", + "title": "RoutingConfiguration", "type": "array" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "Metadata that you can assign to a resource as key-value pairs. For more information, see the following resources:\n\n- [Tag naming limits and requirements](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-conventions)\n- [Tagging best practices](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-best-practices)", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "Key-value pairs that can identify the certificate.", "title": "Tags", - "type": "array" - }, - "ValidationMethod": { - "markdownDescription": "The method you want to use to validate that you own or control the domain associated with a public certificate. You can [validate with DNS](https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-dns.html) or [validate with email](https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-email.html) . We recommend that you use DNS validation.\n\nIf not specified, this property defaults to email validation.", - "title": "ValidationMethod", - "type": "string" + "type": "object" } }, "required": [ - "DomainName" + "FlowArn", + "Name", + "RoutingConfiguration" ], "type": "object" }, "Type": { "enum": [ - "AWS::CertificateManager::Certificate" + "AWS::Bedrock::FlowAlias" ], "type": "string" }, @@ -32501,31 +37058,37 @@ ], "type": "object" }, - "AWS::CertificateManager::Certificate.DomainValidationOption": { + "AWS::Bedrock::FlowAlias.FlowAliasConcurrencyConfiguration": { "additionalProperties": false, "properties": { - "DomainName": { - "markdownDescription": "A fully qualified domain name (FQDN) in the certificate request.", - "title": "DomainName", - "type": "string" - }, - "HostedZoneId": { - "markdownDescription": "The `HostedZoneId` option, which is available if you are using Route 53 as your domain registrar, causes ACM to add your CNAME to the domain record. Your list of `DomainValidationOptions` must contain one and only one of the domain-validation options, and the `HostedZoneId` can be used only when `DNS` is specified as your validation method.\n\nUse the Route 53 `ListHostedZones` API to discover IDs for available hosted zones.\n\nThis option is required for publicly trusted certificates.\n\n> The `ListHostedZones` API returns IDs in the format \"/hostedzone/Z111111QQQQQQQ\", but CloudFormation requires the IDs to be in the format \"Z111111QQQQQQQ\". \n\nWhen you change your `DomainValidationOptions` , a new resource is created.", - "title": "HostedZoneId", - "type": "string" + "MaxConcurrency": { + "markdownDescription": "The maximum number of nodes that can be executed concurrently in the flow.", + "title": "MaxConcurrency", + "type": "number" }, - "ValidationDomain": { - "markdownDescription": "The domain name to which you want ACM to send validation emails. This domain name is the suffix of the email addresses that you want ACM to use. This must be the same as the `DomainName` value or a superdomain of the `DomainName` value. For example, if you request a certificate for `testing.example.com` , you can specify `example.com` as this value. In that case, ACM sends domain validation emails to the following five addresses:\n\n- admin@example.com\n- administrator@example.com\n- hostmaster@example.com\n- postmaster@example.com\n- webmaster@example.com", - "title": "ValidationDomain", + "Type": { + "markdownDescription": "The type of concurrency to use for parallel node execution. Specify one of the following options:\n\n- `Automatic` - Amazon Bedrock determines which nodes can be executed in parallel based on the flow definition and its dependencies.\n- `Manual` - You specify which nodes can be executed in parallel.", + "title": "Type", "type": "string" } }, "required": [ - "DomainName" + "Type" ], "type": "object" }, - "AWS::Chatbot::MicrosoftTeamsChannelConfiguration": { + "AWS::Bedrock::FlowAlias.FlowAliasRoutingConfigurationListItem": { + "additionalProperties": false, + "properties": { + "FlowVersion": { + "markdownDescription": "The version that the alias maps to.", + "title": "FlowVersion", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::FlowVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -32560,70 +37123,25 @@ "Properties": { "additionalProperties": false, "properties": { - "ConfigurationName": { - "markdownDescription": "The name of the configuration.", - "title": "ConfigurationName", - "type": "string" - }, - "GuardrailPolicies": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of IAM policy ARNs that are applied as channel guardrails. The AWS managed 'AdministratorAccess' policy is applied as a default if this is not set.", - "title": "GuardrailPolicies", - "type": "array" - }, - "IamRoleArn": { - "markdownDescription": "The ARN of the IAM role that defines the permissions for .\n\nThis is a user-defined role that will assume. This is not the service-linked role. For more information, see [IAM Policies for in chat applications](https://docs.aws.amazon.com/chatbot/latest/adminguide/chatbot-iam-policies.html) .", - "title": "IamRoleArn", - "type": "string" - }, - "LoggingLevel": { - "markdownDescription": "Specifies the logging level for this configuration. This property affects the log entries pushed to Amazon CloudWatch Logs.\n\nLogging levels include `ERROR` , `INFO` , or `NONE` .", - "title": "LoggingLevel", - "type": "string" - }, - "SnsTopicArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The ARNs of the SNS topics that deliver notifications to .", - "title": "SnsTopicArns", - "type": "array" - }, - "TeamId": { - "markdownDescription": "The ID of the Microsoft Team authorized with .\n\nTo get the team ID, you must perform the initial authorization flow with Microsoft Teams in the in chat applications console. Then you can copy and paste the team ID from the console. For more details, see steps 1-3 in [Tutorial: Get started with Microsoft Teams](https://docs.aws.amazon.com/chatbot/latest/adminguide/teams-setup.html) in the *in chat applications Administrator Guide* .", - "title": "TeamId", - "type": "string" - }, - "TeamsChannelId": { - "markdownDescription": "The ID of the Microsoft Teams channel.\n\nTo get the channel ID, open Microsoft Teams, right click on the channel name in the left pane, then choose *Copy* . An example of the channel ID syntax is: `19%3ab6ef35dc342d56ba5654e6fc6d25a071%40thread.tacv2` .", - "title": "TeamsChannelId", + "Description": { + "markdownDescription": "The description of the flow version.", + "title": "Description", "type": "string" }, - "TeamsTenantId": { - "markdownDescription": "The ID of the Microsoft Teams tenant.\n\nTo get the tenant ID, you must perform the initial authorization flow with Microsoft Teams in the in chat applications console. Then you can copy and paste the tenant ID from the console. For more details, see steps 1-3 in [Tutorial: Get started with Microsoft Teams](https://docs.aws.amazon.com/chatbot/latest/adminguide/teams-setup.html) in the *in chat applications Administrator Guide* .", - "title": "TeamsTenantId", + "FlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the flow that the version belongs to.", + "title": "FlowArn", "type": "string" - }, - "UserRoleRequired": { - "markdownDescription": "Enables use of a user role requirement in your chat configuration.", - "title": "UserRoleRequired", - "type": "boolean" } }, "required": [ - "ConfigurationName", - "IamRoleArn", - "TeamId", - "TeamsChannelId", - "TeamsTenantId" + "FlowArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Chatbot::MicrosoftTeamsChannelConfiguration" + "AWS::Bedrock::FlowVersion" ], "type": "string" }, @@ -32642,903 +37160,907 @@ ], "type": "object" }, - "AWS::Chatbot::SlackChannelConfiguration": { + "AWS::Bedrock::FlowVersion.AgentFlowNodeConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "AgentAliasArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the alias of the agent to invoke.", + "title": "AgentAliasArn", "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ConfigurationName": { - "markdownDescription": "The name of the configuration.", - "title": "ConfigurationName", - "type": "string" - }, - "GuardrailPolicies": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of IAM policy ARNs that are applied as channel guardrails. The AWS managed 'AdministratorAccess' policy is applied as a default if this is not set.", - "title": "GuardrailPolicies", - "type": "array" - }, - "IamRoleArn": { - "markdownDescription": "The ARN of the IAM role that defines the permissions for .\n\nThis is a user-defined role that will assume. This is not the service-linked role. For more information, see [IAM Policies for in chat applications](https://docs.aws.amazon.com/chatbot/latest/adminguide/chatbot-iam-policies.html) .", - "title": "IamRoleArn", - "type": "string" - }, - "LoggingLevel": { - "markdownDescription": "Specifies the logging level for this configuration. This property affects the log entries pushed to Amazon CloudWatch Logs.\n\nLogging levels include `ERROR` , `INFO` , or `NONE` .", - "title": "LoggingLevel", - "type": "string" - }, - "SlackChannelId": { - "markdownDescription": "The ID of the Slack channel.\n\nTo get the ID, open Slack, right click on the channel name in the left pane, then choose Copy Link. The channel ID is the character string at the end of the URL. For example, `ABCBBLZZZ` .", - "title": "SlackChannelId", - "type": "string" - }, - "SlackWorkspaceId": { - "markdownDescription": "The ID of the Slack workspace authorized with .\n\nTo get the workspace ID, you must perform the initial authorization flow with Slack in the in chat applications console. Then you can copy and paste the workspace ID from the console. For more details, see steps 1-3 in [Tutorial: Get started with Slack](https://docs.aws.amazon.com/chatbot/latest/adminguide/slack-setup.html#slack-client-setup) in the *in chat applications User Guide* .", - "title": "SlackWorkspaceId", - "type": "string" - }, - "SnsTopicArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The ARNs of the SNS topics that deliver notifications to .", - "title": "SnsTopicArns", - "type": "array" - }, - "UserRoleRequired": { - "markdownDescription": "Enables use of a user role requirement in your chat configuration.", - "title": "UserRoleRequired", - "type": "boolean" - } + } + }, + "required": [ + "AgentAliasArn" + ], + "type": "object" + }, + "AWS::Bedrock::FlowVersion.ConditionFlowNodeConfiguration": { + "additionalProperties": false, + "properties": { + "Conditions": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.FlowCondition" }, - "required": [ - "ConfigurationName", - "IamRoleArn", - "SlackChannelId", - "SlackWorkspaceId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Chatbot::SlackChannelConfiguration" - ], + "markdownDescription": "An array of conditions. Each member contains the name of a condition and an expression that defines the condition.", + "title": "Conditions", + "type": "array" + } + }, + "required": [ + "Conditions" + ], + "type": "object" + }, + "AWS::Bedrock::FlowVersion.FieldForReranking": { + "additionalProperties": false, + "properties": { + "FieldName": { + "markdownDescription": "The name of the metadata field to be used during the reranking process.", + "title": "FieldName", + "type": "string" + } + }, + "required": [ + "FieldName" + ], + "type": "object" + }, + "AWS::Bedrock::FlowVersion.FlowCondition": { + "additionalProperties": false, + "properties": { + "Expression": { + "markdownDescription": "Defines the condition. You must refer to at least one of the inputs in the condition. For more information, expand the Condition node section in [Node types in prompt flows](https://docs.aws.amazon.com/bedrock/latest/userguide/flows-how-it-works.html#flows-nodes) .", + "title": "Expression", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "A name for the condition that you can reference.", + "title": "Name", "type": "string" } }, "required": [ - "Type", - "Properties" + "Name" ], "type": "object" }, - "AWS::CleanRooms::AnalysisTemplate": { + "AWS::Bedrock::FlowVersion.FlowConditionalConnectionConfiguration": { "additionalProperties": false, "properties": { "Condition": { + "markdownDescription": "The condition that triggers this connection. For more information about how to write conditions, see the *Condition* node type in the [Node types](https://docs.aws.amazon.com/bedrock/latest/userguide/node-types.html) topic in the Amazon Bedrock User Guide.", + "title": "Condition", "type": "string" + } + }, + "required": [ + "Condition" + ], + "type": "object" + }, + "AWS::Bedrock::FlowVersion.FlowConnection": { + "additionalProperties": false, + "properties": { + "Configuration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.FlowConnectionConfiguration", + "markdownDescription": "The configuration of the connection.", + "title": "Configuration" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "A name for the connection that you can reference.", + "title": "Name", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AnalysisParameters": { - "items": { - "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate.AnalysisParameter" - }, - "markdownDescription": "The parameters of the analysis template.", - "title": "AnalysisParameters", - "type": "array" - }, - "Description": { - "markdownDescription": "The description of the analysis template.", - "title": "Description", - "type": "string" - }, - "Format": { - "markdownDescription": "The format of the analysis template.", - "title": "Format", - "type": "string" - }, - "MembershipIdentifier": { - "markdownDescription": "The identifier for a membership resource.", - "title": "MembershipIdentifier", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the analysis template.", - "title": "Name", - "type": "string" - }, - "Source": { - "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate.AnalysisSource", - "markdownDescription": "The source of the analysis template.", - "title": "Source" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Format", - "MembershipIdentifier", - "Name", - "Source" - ], - "type": "object" + "Source": { + "markdownDescription": "The node that the connection starts at.", + "title": "Source", + "type": "string" }, - "Type": { - "enum": [ - "AWS::CleanRooms::AnalysisTemplate" - ], + "Target": { + "markdownDescription": "The node that the connection ends at.", + "title": "Target", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Type": { + "markdownDescription": "Whether the source node that the connection begins from is a condition node ( `Conditional` ) or not ( `Data` ).", + "title": "Type", "type": "string" } }, "required": [ - "Type", - "Properties" + "Name", + "Source", + "Target", + "Type" ], "type": "object" }, - "AWS::CleanRooms::AnalysisTemplate.AnalysisParameter": { + "AWS::Bedrock::FlowVersion.FlowConnectionConfiguration": { "additionalProperties": false, "properties": { - "DefaultValue": { - "markdownDescription": "Optional. The default value that is applied in the analysis template. The member who can query can override this value in the query editor.", - "title": "DefaultValue", - "type": "string" + "Conditional": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.FlowConditionalConnectionConfiguration", + "markdownDescription": "The configuration of a connection originating from a Condition node.", + "title": "Conditional" }, - "Name": { - "markdownDescription": "The name of the parameter. The name must use only alphanumeric, underscore (_), or hyphen (-) characters but cannot start or end with a hyphen.", - "title": "Name", + "Data": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.FlowDataConnectionConfiguration", + "markdownDescription": "The configuration of a connection originating from a node that isn't a Condition node.", + "title": "Data" + } + }, + "type": "object" + }, + "AWS::Bedrock::FlowVersion.FlowDataConnectionConfiguration": { + "additionalProperties": false, + "properties": { + "SourceOutput": { + "markdownDescription": "The name of the output in the source node that the connection begins from.", + "title": "SourceOutput", "type": "string" }, - "Type": { - "markdownDescription": "The type of parameter.", - "title": "Type", + "TargetInput": { + "markdownDescription": "The name of the input in the target node that the connection ends at.", + "title": "TargetInput", "type": "string" } }, "required": [ - "Name", - "Type" + "SourceOutput", + "TargetInput" ], "type": "object" }, - "AWS::CleanRooms::AnalysisTemplate.AnalysisSchema": { + "AWS::Bedrock::FlowVersion.FlowDefinition": { "additionalProperties": false, "properties": { - "ReferencedTables": { + "Connections": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.FlowConnection" }, - "markdownDescription": "The tables referenced in the analysis schema.", - "title": "ReferencedTables", + "markdownDescription": "An array of connection definitions in the flow.", + "title": "Connections", + "type": "array" + }, + "Nodes": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.FlowNode" + }, + "markdownDescription": "An array of node definitions in the flow.", + "title": "Nodes", "type": "array" } }, - "required": [ - "ReferencedTables" - ], "type": "object" }, - "AWS::CleanRooms::AnalysisTemplate.AnalysisSource": { + "AWS::Bedrock::FlowVersion.FlowNode": { "additionalProperties": false, "properties": { - "Text": { - "markdownDescription": "The query text.", - "title": "Text", + "Configuration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.FlowNodeConfiguration", + "markdownDescription": "Contains configurations for the node.", + "title": "Configuration" + }, + "Inputs": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.FlowNodeInput" + }, + "markdownDescription": "An array of objects, each of which contains information about an input into the node.", + "title": "Inputs", + "type": "array" + }, + "Name": { + "markdownDescription": "A name for the node.", + "title": "Name", + "type": "string" + }, + "Outputs": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.FlowNodeOutput" + }, + "markdownDescription": "A list of objects, each of which contains information about an output from the node.", + "title": "Outputs", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of node. This value must match the name of the key that you provide in the configuration you provide in the `FlowNodeConfiguration` field.", + "title": "Type", "type": "string" } }, "required": [ - "Text" + "Name", + "Type" ], "type": "object" }, - "AWS::CleanRooms::Collaboration": { + "AWS::Bedrock::FlowVersion.FlowNodeConfiguration": { "additionalProperties": false, "properties": { + "Agent": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.AgentFlowNodeConfiguration", + "markdownDescription": "Contains configurations for an agent node in your flow. Invokes an alias of an agent and returns the response.", + "title": "Agent" + }, + "Collector": { + "markdownDescription": "Contains configurations for a collector node in your flow. Collects an iteration of inputs and consolidates them into an array of outputs.", + "title": "Collector", + "type": "object" + }, "Condition": { - "type": "string" + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.ConditionFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a condition node in your flow. Defines conditions that lead to different branches of the flow.", + "title": "Condition" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "InlineCode": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.InlineCodeFlowNodeConfiguration", + "markdownDescription": "Contains configurations for an inline code node in your flow. Inline code nodes let you write and execute code directly within your flow, enabling data transformations, custom logic, and integrations without needing an external Lambda function.", + "title": "InlineCode" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Input": { + "markdownDescription": "Contains configurations for an input flow node in your flow. The first node in the flow. `inputs` can't be specified for this node.", + "title": "Input", + "type": "object" }, - "Metadata": { + "Iterator": { + "markdownDescription": "Contains configurations for an iterator node in your flow. Takes an input that is an array and iteratively sends each item of the array as an output to the following node. The size of the array is also returned in the output.\n\nThe output flow node at the end of the flow iteration will return a response for each member of the array. To return only one response, you can include a collector node downstream from the iterator node.", + "title": "Iterator", "type": "object" }, - "Properties": { - "additionalProperties": false, - "properties": { - "CreatorDisplayName": { - "markdownDescription": "A display name of the collaboration creator.", - "title": "CreatorDisplayName", - "type": "string" - }, - "CreatorMemberAbilities": { - "items": { - "type": "string" - }, - "markdownDescription": "The abilities granted to the collaboration creator.\n\n*Allowed values* `CAN_QUERY` | `CAN_RECEIVE_RESULTS` | `CAN_RUN_JOB`", - "title": "CreatorMemberAbilities", - "type": "array" - }, - "CreatorPaymentConfiguration": { - "$ref": "#/definitions/AWS::CleanRooms::Collaboration.PaymentConfiguration", - "markdownDescription": "An object representing the collaboration member's payment responsibilities set by the collaboration creator.", - "title": "CreatorPaymentConfiguration" - }, - "DataEncryptionMetadata": { - "$ref": "#/definitions/AWS::CleanRooms::Collaboration.DataEncryptionMetadata", - "markdownDescription": "The settings for client-side encryption for cryptographic computing.", - "title": "DataEncryptionMetadata" - }, - "Description": { - "markdownDescription": "A description of the collaboration provided by the collaboration owner.", - "title": "Description", - "type": "string" - }, - "Members": { - "items": { - "$ref": "#/definitions/AWS::CleanRooms::Collaboration.MemberSpecification" - }, - "markdownDescription": "A list of initial members, not including the creator. This list is immutable.", - "title": "Members", - "type": "array" - }, - "Name": { - "markdownDescription": "A human-readable identifier provided by the collaboration owner. Display names are not unique.", - "title": "Name", - "type": "string" - }, - "QueryLogStatus": { - "markdownDescription": "An indicator as to whether query logging has been enabled or disabled for the collaboration.\n\nWhen `ENABLED` , AWS Clean Rooms logs details about queries run within this collaboration and those logs can be viewed in Amazon CloudWatch Logs. The default value is `DISABLED` .", - "title": "QueryLogStatus", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "CreatorDisplayName", - "CreatorMemberAbilities", - "Description", - "Members", - "Name", - "QueryLogStatus" - ], + "KnowledgeBase": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.KnowledgeBaseFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a knowledge base node in your flow. Queries a knowledge base and returns the retrieved results or generated response.", + "title": "KnowledgeBase" + }, + "LambdaFunction": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.LambdaFunctionFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a Lambda function node in your flow. Invokes an AWS Lambda function.", + "title": "LambdaFunction" + }, + "Lex": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.LexFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a Lex node in your flow. Invokes an Amazon Lex bot to identify the intent of the input and return the intent as the output.", + "title": "Lex" + }, + "Loop": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.LoopFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a DoWhile loop in your flow.", + "title": "Loop" + }, + "LoopController": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.LoopControllerFlowNodeConfiguration", + "markdownDescription": "Contains controller node configurations for a DoWhile loop in your flow.", + "title": "LoopController" + }, + "LoopInput": { + "markdownDescription": "Contains input node configurations for a DoWhile loop in your flow.", + "title": "LoopInput", "type": "object" }, - "Type": { - "enum": [ - "AWS::CleanRooms::Collaboration" - ], + "Output": { + "markdownDescription": "Contains configurations for an output flow node in your flow. The last node in the flow. `outputs` can't be specified for this node.", + "title": "Output", + "type": "object" + }, + "Prompt": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.PromptFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a prompt node in your flow. Runs a prompt and generates the model response as the output. You can use a prompt from Prompt management or you can configure one in this node.", + "title": "Prompt" + }, + "Retrieval": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.RetrievalFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a retrieval node in your flow. Retrieves data from an Amazon S3 location and returns it as the output.", + "title": "Retrieval" + }, + "Storage": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.StorageFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a storage node in your flow. Stores an input in an Amazon S3 location.", + "title": "Storage" + } + }, + "type": "object" + }, + "AWS::Bedrock::FlowVersion.FlowNodeInput": { + "additionalProperties": false, + "properties": { + "Expression": { + "markdownDescription": "An expression that formats the input for the node. For an explanation of how to create expressions, see [Expressions in Prompt flows in Amazon Bedrock](https://docs.aws.amazon.com/bedrock/latest/userguide/flows-expressions.html) .", + "title": "Expression", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "Specifies a name for the input that you can reference.", + "title": "Name", + "type": "string" + }, + "Type": { + "markdownDescription": "Specifies the data type of the input. If the input doesn't match this type at runtime, a validation error will be thrown.", + "title": "Type", "type": "string" } }, "required": [ - "Type", - "Properties" + "Expression", + "Name", + "Type" ], "type": "object" }, - "AWS::CleanRooms::Collaboration.DataEncryptionMetadata": { + "AWS::Bedrock::FlowVersion.FlowNodeOutput": { "additionalProperties": false, "properties": { - "AllowCleartext": { - "markdownDescription": "Indicates whether encrypted tables can contain cleartext data ( `TRUE` ) or are to cryptographically process every column ( `FALSE` ).", - "title": "AllowCleartext", - "type": "boolean" + "Name": { + "markdownDescription": "A name for the output that you can reference.", + "title": "Name", + "type": "string" }, - "AllowDuplicates": { - "markdownDescription": "Indicates whether Fingerprint columns can contain duplicate entries ( `TRUE` ) or are to contain only non-repeated values ( `FALSE` ).", - "title": "AllowDuplicates", - "type": "boolean" + "Type": { + "markdownDescription": "The data type of the output. If the output doesn't match this type at runtime, a validation error will be thrown.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Name", + "Type" + ], + "type": "object" + }, + "AWS::Bedrock::FlowVersion.GuardrailConfiguration": { + "additionalProperties": false, + "properties": { + "GuardrailIdentifier": { + "markdownDescription": "The identifier for the guardrail.", + "title": "GuardrailIdentifier", + "type": "string" }, - "AllowJoinsOnColumnsWithDifferentNames": { - "markdownDescription": "Indicates whether Fingerprint columns can be joined on any other Fingerprint column with a different name ( `TRUE` ) or can only be joined on Fingerprint columns of the same name ( `FALSE` ).", - "title": "AllowJoinsOnColumnsWithDifferentNames", - "type": "boolean" + "GuardrailVersion": { + "markdownDescription": "The version of the guardrail.", + "title": "GuardrailVersion", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::FlowVersion.InlineCodeFlowNodeConfiguration": { + "additionalProperties": false, + "properties": { + "Code": { + "markdownDescription": "The code that's executed in your inline code node. The code can access input data from previous nodes in the flow, perform operations on that data, and produce output that can be used by other nodes in your flow.\n\nThe code must be valid in the programming `language` that you specify.", + "title": "Code", + "type": "string" }, - "PreserveNulls": { - "markdownDescription": "Indicates whether NULL values are to be copied as NULL to encrypted tables ( `TRUE` ) or cryptographically processed ( `FALSE` ).", - "title": "PreserveNulls", - "type": "boolean" + "Language": { + "markdownDescription": "The programming language used by your inline code node.\n\nThe code must be valid in the programming `language` that you specify. Currently, only Python 3 ( `Python_3` ) is supported.", + "title": "Language", + "type": "string" } }, "required": [ - "AllowCleartext", - "AllowDuplicates", - "AllowJoinsOnColumnsWithDifferentNames", - "PreserveNulls" + "Code", + "Language" ], "type": "object" }, - "AWS::CleanRooms::Collaboration.MemberSpecification": { + "AWS::Bedrock::FlowVersion.KnowledgeBaseFlowNodeConfiguration": { "additionalProperties": false, "properties": { - "AccountId": { - "markdownDescription": "The identifier used to reference members of the collaboration. Currently only supports AWS account ID.", - "title": "AccountId", + "GuardrailConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.GuardrailConfiguration", + "markdownDescription": "Contains configurations for a guardrail to apply during query and response generation for the knowledge base in this configuration.", + "title": "GuardrailConfiguration" + }, + "InferenceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.PromptInferenceConfiguration", + "markdownDescription": "Contains inference configurations for the prompt.", + "title": "InferenceConfiguration" + }, + "KnowledgeBaseId": { + "markdownDescription": "The unique identifier of the knowledge base to query.", + "title": "KnowledgeBaseId", "type": "string" }, - "DisplayName": { - "markdownDescription": "The member's display name.", - "title": "DisplayName", + "ModelId": { + "markdownDescription": "The unique identifier of the model or [inference profile](https://docs.aws.amazon.com/bedrock/latest/userguide/cross-region-inference.html) to use to generate a response from the query results. Omit this field if you want to return the retrieved results as an array.", + "title": "ModelId", "type": "string" }, - "MemberAbilities": { - "items": { - "type": "string" - }, - "markdownDescription": "The abilities granted to the collaboration member.\n\n*Allowed Values* : `CAN_QUERY` | `CAN_RECEIVE_RESULTS`", - "title": "MemberAbilities", - "type": "array" + "NumberOfResults": { + "markdownDescription": "The number of results to retrieve from the knowledge base.", + "title": "NumberOfResults", + "type": "number" }, - "PaymentConfiguration": { - "$ref": "#/definitions/AWS::CleanRooms::Collaboration.PaymentConfiguration", - "markdownDescription": "The collaboration member's payment responsibilities set by the collaboration creator.\n\nIf the collaboration creator hasn't speci\ufb01ed anyone as the member paying for query compute costs, then the member who can query is the default payer.", - "title": "PaymentConfiguration" + "OrchestrationConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.KnowledgeBaseOrchestrationConfiguration", + "markdownDescription": "The configuration for orchestrating the retrieval and generation process in the knowledge base node.", + "title": "OrchestrationConfiguration" + }, + "PromptTemplate": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.KnowledgeBasePromptTemplate", + "markdownDescription": "A custom prompt template to use with the knowledge base for generating responses.", + "title": "PromptTemplate" + }, + "RerankingConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.VectorSearchRerankingConfiguration", + "markdownDescription": "The configuration for reranking the retrieved results from the knowledge base to improve relevance.", + "title": "RerankingConfiguration" } }, "required": [ - "AccountId", - "DisplayName", - "MemberAbilities" + "KnowledgeBaseId" ], "type": "object" }, - "AWS::CleanRooms::Collaboration.PaymentConfiguration": { + "AWS::Bedrock::FlowVersion.KnowledgeBaseOrchestrationConfiguration": { "additionalProperties": false, "properties": { - "QueryCompute": { - "$ref": "#/definitions/AWS::CleanRooms::Collaboration.QueryComputePaymentConfig", - "markdownDescription": "The collaboration member's payment responsibilities set by the collaboration creator for query compute costs.", - "title": "QueryCompute" + "AdditionalModelRequestFields": { + "markdownDescription": "The additional model-specific request parameters as key-value pairs to be included in the request to the foundation model.", + "title": "AdditionalModelRequestFields", + "type": "object" + }, + "InferenceConfig": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.PromptInferenceConfiguration", + "markdownDescription": "Contains inference configurations for the prompt.", + "title": "InferenceConfig" + }, + "PerformanceConfig": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.PerformanceConfiguration", + "markdownDescription": "The performance configuration options for the knowledge base retrieval and generation process.", + "title": "PerformanceConfig" + }, + "PromptTemplate": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.KnowledgeBasePromptTemplate", + "markdownDescription": "A custom prompt template for orchestrating the retrieval and generation process.", + "title": "PromptTemplate" + } + }, + "type": "object" + }, + "AWS::Bedrock::FlowVersion.KnowledgeBasePromptTemplate": { + "additionalProperties": false, + "properties": { + "TextPromptTemplate": { + "markdownDescription": "The text of the prompt template.", + "title": "TextPromptTemplate", + "type": "string" } }, "required": [ - "QueryCompute" + "TextPromptTemplate" ], "type": "object" }, - "AWS::CleanRooms::Collaboration.QueryComputePaymentConfig": { + "AWS::Bedrock::FlowVersion.LambdaFunctionFlowNodeConfiguration": { "additionalProperties": false, "properties": { - "IsResponsible": { - "markdownDescription": "Indicates whether the collaboration creator has configured the collaboration member to pay for query compute costs ( `TRUE` ) or has not configured the collaboration member to pay for query compute costs ( `FALSE` ).\n\nExactly one member can be configured to pay for query compute costs. An error is returned if the collaboration creator sets a `TRUE` value for more than one member in the collaboration.\n\nIf the collaboration creator hasn't specified anyone as the member paying for query compute costs, then the member who can query is the default payer. An error is returned if the collaboration creator sets a `FALSE` value for the member who can query.", - "title": "IsResponsible", - "type": "boolean" + "LambdaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function to invoke.", + "title": "LambdaArn", + "type": "string" } }, "required": [ - "IsResponsible" + "LambdaArn" ], "type": "object" }, - "AWS::CleanRooms::ConfiguredTable": { + "AWS::Bedrock::FlowVersion.LexFlowNodeConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "BotAliasArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Lex bot alias to invoke.", + "title": "BotAliasArn", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "LocaleId": { + "markdownDescription": "The Region to invoke the Amazon Lex bot in.", + "title": "LocaleId", "type": "string" + } + }, + "required": [ + "BotAliasArn", + "LocaleId" + ], + "type": "object" + }, + "AWS::Bedrock::FlowVersion.LoopControllerFlowNodeConfiguration": { + "additionalProperties": false, + "properties": { + "ContinueCondition": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.FlowCondition", + "markdownDescription": "Specifies the condition that determines when the flow exits the DoWhile loop. The loop executes until this condition evaluates to true.", + "title": "ContinueCondition" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AllowedColumns": { - "items": { - "type": "string" - }, - "markdownDescription": "The columns within the underlying AWS Glue table that can be utilized within collaborations.", - "title": "AllowedColumns", - "type": "array" - }, - "AnalysisMethod": { - "markdownDescription": "The analysis method for the configured table.\n\n`DIRECT_QUERY` allows SQL queries to be run directly on this table.\n\n`DIRECT_JOB` allows PySpark jobs to be run directly on this table.\n\n`MULTIPLE` allows both SQL queries and PySpark jobs to be run directly on this table.", - "title": "AnalysisMethod", - "type": "string" - }, - "AnalysisRules": { - "items": { - "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AnalysisRule" - }, - "markdownDescription": "The analysis rule that was created for the configured table.", - "title": "AnalysisRules", - "type": "array" - }, - "Description": { - "markdownDescription": "A description for the configured table.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "A name for the configured table.", - "title": "Name", - "type": "string" - }, - "TableReference": { - "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.TableReference", - "markdownDescription": "The table that this configured table represents.", - "title": "TableReference" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "AllowedColumns", - "AnalysisMethod", - "Name", - "TableReference" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::CleanRooms::ConfiguredTable" - ], + "MaxIterations": { + "markdownDescription": "Specifies the maximum number of times the DoWhile loop can iterate before the flow exits the loop.", + "title": "MaxIterations", + "type": "number" + } + }, + "required": [ + "ContinueCondition" + ], + "type": "object" + }, + "AWS::Bedrock::FlowVersion.LoopFlowNodeConfiguration": { + "additionalProperties": false, + "properties": { + "Definition": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.FlowDefinition", + "markdownDescription": "The definition of the DoWhile loop nodes and connections between nodes in the flow.", + "title": "Definition" + } + }, + "required": [ + "Definition" + ], + "type": "object" + }, + "AWS::Bedrock::FlowVersion.MetadataConfigurationForReranking": { + "additionalProperties": false, + "properties": { + "SelectionMode": { + "markdownDescription": "The mode for selecting which metadata fields to include in the reranking process. Valid values are ALL (use all available metadata fields) or SELECTIVE (use only specified fields).", + "title": "SelectionMode", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "SelectiveModeConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.RerankingMetadataSelectiveModeConfiguration", + "markdownDescription": "Configuration for selective mode, which allows you to explicitly include or exclude specific metadata fields during reranking. This is only used when selectionMode is set to SELECTIVE.", + "title": "SelectiveModeConfiguration" } }, "required": [ - "Type", - "Properties" + "SelectionMode" ], "type": "object" }, - "AWS::CleanRooms::ConfiguredTable.AggregateColumn": { + "AWS::Bedrock::FlowVersion.PerformanceConfiguration": { "additionalProperties": false, "properties": { - "ColumnNames": { - "items": { - "type": "string" - }, - "markdownDescription": "Column names in configured table of aggregate columns.", - "title": "ColumnNames", - "type": "array" - }, - "Function": { - "markdownDescription": "Aggregation function that can be applied to aggregate column in query.", - "title": "Function", + "Latency": { + "markdownDescription": "To use a latency-optimized version of the model, set to `optimized` .", + "title": "Latency", "type": "string" } }, + "type": "object" + }, + "AWS::Bedrock::FlowVersion.PromptFlowNodeConfiguration": { + "additionalProperties": false, + "properties": { + "GuardrailConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.GuardrailConfiguration", + "markdownDescription": "Contains configurations for a guardrail to apply to the prompt in this node and the response generated from it.", + "title": "GuardrailConfiguration" + }, + "SourceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.PromptFlowNodeSourceConfiguration", + "markdownDescription": "Specifies whether the prompt is from Prompt management or defined inline.", + "title": "SourceConfiguration" + } + }, "required": [ - "ColumnNames", - "Function" + "SourceConfiguration" ], "type": "object" }, - "AWS::CleanRooms::ConfiguredTable.AggregationConstraint": { + "AWS::Bedrock::FlowVersion.PromptFlowNodeInlineConfiguration": { "additionalProperties": false, "properties": { - "ColumnName": { - "markdownDescription": "Column in aggregation constraint for which there must be a minimum number of distinct values in an output row for it to be in the query output.", - "title": "ColumnName", + "InferenceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.PromptInferenceConfiguration", + "markdownDescription": "Contains inference configurations for the prompt.", + "title": "InferenceConfiguration" + }, + "ModelId": { + "markdownDescription": "The unique identifier of the model or [inference profile](https://docs.aws.amazon.com/bedrock/latest/userguide/cross-region-inference.html) to run inference with.", + "title": "ModelId", "type": "string" }, - "Minimum": { - "markdownDescription": "The minimum number of distinct values that an output row must be an aggregation of. Minimum threshold of distinct values for a specified column that must exist in an output row for it to be in the query output.", - "title": "Minimum", - "type": "number" + "TemplateConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.PromptTemplateConfiguration", + "markdownDescription": "Contains a prompt and variables in the prompt that can be replaced with values at runtime.", + "title": "TemplateConfiguration" }, - "Type": { - "markdownDescription": "The type of aggregation the constraint allows. The only valid value is currently `COUNT_DISTINCT`.", - "title": "Type", + "TemplateType": { + "markdownDescription": "The type of prompt template.", + "title": "TemplateType", "type": "string" } }, "required": [ - "ColumnName", - "Minimum", - "Type" + "ModelId", + "TemplateConfiguration", + "TemplateType" ], "type": "object" }, - "AWS::CleanRooms::ConfiguredTable.AnalysisRule": { + "AWS::Bedrock::FlowVersion.PromptFlowNodeResourceConfiguration": { "additionalProperties": false, "properties": { - "Policy": { - "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.ConfiguredTableAnalysisRulePolicy", - "markdownDescription": "A policy that describes the associated data usage limitations.", - "title": "Policy" - }, - "Type": { - "markdownDescription": "The type of analysis rule.", - "title": "Type", + "PromptArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the prompt from Prompt management.", + "title": "PromptArn", "type": "string" } }, "required": [ - "Policy", - "Type" + "PromptArn" ], "type": "object" }, - "AWS::CleanRooms::ConfiguredTable.AnalysisRuleAggregation": { + "AWS::Bedrock::FlowVersion.PromptFlowNodeSourceConfiguration": { "additionalProperties": false, "properties": { - "AggregateColumns": { - "items": { - "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AggregateColumn" - }, - "markdownDescription": "The columns that query runners are allowed to use in aggregation queries.", - "title": "AggregateColumns", - "type": "array" - }, - "AllowedJoinOperators": { - "items": { - "type": "string" - }, - "markdownDescription": "Which logical operators (if any) are to be used in an INNER JOIN match condition. Default is `AND` .", - "title": "AllowedJoinOperators", - "type": "array" + "Inline": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.PromptFlowNodeInlineConfiguration", + "markdownDescription": "Contains configurations for a prompt that is defined inline", + "title": "Inline" }, - "DimensionColumns": { - "items": { - "type": "string" - }, - "markdownDescription": "The columns that query runners are allowed to select, group by, or filter by.", - "title": "DimensionColumns", - "type": "array" + "Resource": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.PromptFlowNodeResourceConfiguration", + "markdownDescription": "Contains configurations for a prompt from Prompt management.", + "title": "Resource" + } + }, + "type": "object" + }, + "AWS::Bedrock::FlowVersion.PromptInferenceConfiguration": { + "additionalProperties": false, + "properties": { + "Text": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.PromptModelInferenceConfiguration", + "markdownDescription": "Contains inference configurations for a text prompt.", + "title": "Text" + } + }, + "required": [ + "Text" + ], + "type": "object" + }, + "AWS::Bedrock::FlowVersion.PromptInputVariable": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the variable.", + "title": "Name", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::FlowVersion.PromptModelInferenceConfiguration": { + "additionalProperties": false, + "properties": { + "MaxTokens": { + "markdownDescription": "The maximum number of tokens to return in the response.", + "title": "MaxTokens", + "type": "number" }, - "JoinColumns": { + "StopSequences": { "items": { "type": "string" }, - "markdownDescription": "Columns in configured table that can be used in join statements and/or as aggregate columns. They can never be outputted directly.", - "title": "JoinColumns", + "markdownDescription": "A list of strings that define sequences after which the model will stop generating.", + "title": "StopSequences", "type": "array" }, - "JoinRequired": { - "markdownDescription": "Control that requires member who runs query to do a join with their configured table and/or other configured table in query.", - "title": "JoinRequired", - "type": "string" - }, - "OutputConstraints": { - "items": { - "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AggregationConstraint" - }, - "markdownDescription": "Columns that must meet a specific threshold value (after an aggregation function is applied to it) for each output row to be returned.", - "title": "OutputConstraints", - "type": "array" + "Temperature": { + "markdownDescription": "Controls the randomness of the response. Choose a lower value for more predictable outputs and a higher value for more surprising outputs.", + "title": "Temperature", + "type": "number" }, - "ScalarFunctions": { - "items": { - "type": "string" - }, - "markdownDescription": "Set of scalar functions that are allowed to be used on dimension columns and the output of aggregation of metrics.", - "title": "ScalarFunctions", - "type": "array" + "TopP": { + "markdownDescription": "The percentage of most-likely candidates that the model considers for the next token.", + "title": "TopP", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Bedrock::FlowVersion.PromptTemplateConfiguration": { + "additionalProperties": false, + "properties": { + "Text": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.TextPromptTemplateConfiguration", + "markdownDescription": "Contains configurations for the text in a message for a prompt.", + "title": "Text" } }, "required": [ - "AggregateColumns", - "DimensionColumns", - "JoinColumns", - "OutputConstraints", - "ScalarFunctions" + "Text" ], "type": "object" }, - "AWS::CleanRooms::ConfiguredTable.AnalysisRuleCustom": { + "AWS::Bedrock::FlowVersion.RerankingMetadataSelectiveModeConfiguration": { "additionalProperties": false, "properties": { - "AllowedAnalyses": { + "FieldsToExclude": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.FieldForReranking" }, - "markdownDescription": "The ARN of the analysis templates that are allowed by the custom analysis rule.", - "title": "AllowedAnalyses", + "markdownDescription": "A list of metadata field names to explicitly exclude from the reranking process. All metadata fields except these will be considered when reordering search results. This parameter cannot be used together with fieldsToInclude.", + "title": "FieldsToExclude", "type": "array" }, - "AllowedAnalysisProviders": { + "FieldsToInclude": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.FieldForReranking" }, - "markdownDescription": "The IDs of the AWS accounts that are allowed to query by the custom analysis rule. Required when `allowedAnalyses` is `ANY_QUERY` .", - "title": "AllowedAnalysisProviders", + "markdownDescription": "A list of metadata field names to explicitly include in the reranking process. Only these fields will be considered when reordering search results. This parameter cannot be used together with fieldsToExclude.", + "title": "FieldsToInclude", "type": "array" - }, - "DifferentialPrivacy": { - "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.DifferentialPrivacy", - "markdownDescription": "The differential privacy configuration.", - "title": "DifferentialPrivacy" + } + }, + "type": "object" + }, + "AWS::Bedrock::FlowVersion.RetrievalFlowNodeConfiguration": { + "additionalProperties": false, + "properties": { + "ServiceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.RetrievalFlowNodeServiceConfiguration", + "markdownDescription": "Contains configurations for the service to use for retrieving data to return as the output from the node.", + "title": "ServiceConfiguration" } }, "required": [ - "AllowedAnalyses" + "ServiceConfiguration" ], "type": "object" }, - "AWS::CleanRooms::ConfiguredTable.AnalysisRuleList": { + "AWS::Bedrock::FlowVersion.RetrievalFlowNodeS3Configuration": { "additionalProperties": false, "properties": { - "AllowedJoinOperators": { - "items": { - "type": "string" - }, - "markdownDescription": "The logical operators (if any) that are to be used in an INNER JOIN match condition. Default is `AND` .", - "title": "AllowedJoinOperators", - "type": "array" - }, - "JoinColumns": { - "items": { - "type": "string" - }, - "markdownDescription": "Columns that can be used to join a configured table with the table of the member who can query and other members' configured tables.", - "title": "JoinColumns", - "type": "array" - }, - "ListColumns": { - "items": { - "type": "string" - }, - "markdownDescription": "Columns that can be listed in the output.", - "title": "ListColumns", - "type": "array" + "BucketName": { + "markdownDescription": "The name of the Amazon S3 bucket from which to retrieve data.", + "title": "BucketName", + "type": "string" } }, "required": [ - "JoinColumns", - "ListColumns" + "BucketName" ], "type": "object" }, - "AWS::CleanRooms::ConfiguredTable.ConfiguredTableAnalysisRulePolicy": { + "AWS::Bedrock::FlowVersion.RetrievalFlowNodeServiceConfiguration": { "additionalProperties": false, "properties": { - "V1": { - "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.ConfiguredTableAnalysisRulePolicyV1", - "markdownDescription": "Controls on the query specifications that can be run on a configured table.", - "title": "V1" + "S3": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.RetrievalFlowNodeS3Configuration", + "markdownDescription": "Contains configurations for the Amazon S3 location from which to retrieve data to return as the output from the node.", + "title": "S3" + } + }, + "type": "object" + }, + "AWS::Bedrock::FlowVersion.StorageFlowNodeConfiguration": { + "additionalProperties": false, + "properties": { + "ServiceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.StorageFlowNodeServiceConfiguration", + "markdownDescription": "Contains configurations for the service to use for storing the input into the node.", + "title": "ServiceConfiguration" } }, "required": [ - "V1" + "ServiceConfiguration" ], "type": "object" }, - "AWS::CleanRooms::ConfiguredTable.ConfiguredTableAnalysisRulePolicyV1": { + "AWS::Bedrock::FlowVersion.StorageFlowNodeS3Configuration": { "additionalProperties": false, "properties": { - "Aggregation": { - "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AnalysisRuleAggregation", - "markdownDescription": "Analysis rule type that enables only aggregation queries on a configured table.", - "title": "Aggregation" - }, - "Custom": { - "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AnalysisRuleCustom", - "markdownDescription": "Analysis rule type that enables custom SQL queries on a configured table.", - "title": "Custom" - }, - "List": { - "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AnalysisRuleList", - "markdownDescription": "Analysis rule type that enables only list queries on a configured table.", - "title": "List" + "BucketName": { + "markdownDescription": "The name of the Amazon S3 bucket in which to store the input into the node.", + "title": "BucketName", + "type": "string" + } + }, + "required": [ + "BucketName" + ], + "type": "object" + }, + "AWS::Bedrock::FlowVersion.StorageFlowNodeServiceConfiguration": { + "additionalProperties": false, + "properties": { + "S3": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.StorageFlowNodeS3Configuration", + "markdownDescription": "Contains configurations for the Amazon S3 location in which to store the input into the node.", + "title": "S3" } }, "type": "object" }, - "AWS::CleanRooms::ConfiguredTable.DifferentialPrivacy": { + "AWS::Bedrock::FlowVersion.TextPromptTemplateConfiguration": { "additionalProperties": false, "properties": { - "Columns": { + "InputVariables": { "items": { - "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.DifferentialPrivacyColumn" + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.PromptInputVariable" }, - "markdownDescription": "The name of the column, such as user_id, that contains the unique identifier of your users, whose privacy you want to protect. If you want to turn on differential privacy for two or more tables in a collaboration, you must configure the same column as the user identifier column in both analysis rules.", - "title": "Columns", + "markdownDescription": "An array of the variables in the prompt template.", + "title": "InputVariables", "type": "array" + }, + "Text": { + "markdownDescription": "The message for the prompt.", + "title": "Text", + "type": "string" } }, "required": [ - "Columns" + "Text" ], "type": "object" }, - "AWS::CleanRooms::ConfiguredTable.DifferentialPrivacyColumn": { + "AWS::Bedrock::FlowVersion.VectorSearchBedrockRerankingConfiguration": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the column, such as user_id, that contains the unique identifier of your users, whose privacy you want to protect. If you want to turn on differential privacy for two or more tables in a collaboration, you must configure the same column as the user identifier column in both analysis rules.", - "title": "Name", - "type": "string" + "MetadataConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.MetadataConfigurationForReranking", + "markdownDescription": "Configuration for how document metadata should be used during the reranking process. This determines which metadata fields are included when reordering search results.", + "title": "MetadataConfiguration" + }, + "ModelConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.VectorSearchBedrockRerankingModelConfiguration", + "markdownDescription": "Configuration for the Amazon Bedrock foundation model used for reranking. This includes the model ARN and any additional request fields required by the model.", + "title": "ModelConfiguration" + }, + "NumberOfRerankedResults": { + "markdownDescription": "The maximum number of results to rerank. This limits how many of the initial vector search results will be processed by the reranking model. A smaller number improves performance but may exclude potentially relevant results.", + "title": "NumberOfRerankedResults", + "type": "number" } }, "required": [ - "Name" + "ModelConfiguration" ], "type": "object" }, - "AWS::CleanRooms::ConfiguredTable.GlueTableReference": { + "AWS::Bedrock::FlowVersion.VectorSearchBedrockRerankingModelConfiguration": { "additionalProperties": false, "properties": { - "DatabaseName": { - "markdownDescription": "The name of the database the AWS Glue table belongs to.", - "title": "DatabaseName", - "type": "string" + "AdditionalModelRequestFields": { + "markdownDescription": "A list of additional fields to include in the model request during reranking. These fields provide extra context or configuration options specific to the selected foundation model.", + "title": "AdditionalModelRequestFields", + "type": "object" }, - "TableName": { - "markdownDescription": "The name of the AWS Glue table.", - "title": "TableName", + "ModelArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the foundation model to use for reranking. This model processes the query and search results to determine a more relevant ordering.", + "title": "ModelArn", "type": "string" } }, "required": [ - "DatabaseName", - "TableName" + "ModelArn" ], "type": "object" }, - "AWS::CleanRooms::ConfiguredTable.TableReference": { + "AWS::Bedrock::FlowVersion.VectorSearchRerankingConfiguration": { "additionalProperties": false, "properties": { - "Glue": { - "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.GlueTableReference", - "markdownDescription": "If present, a reference to the AWS Glue table referred to by this table reference.", - "title": "Glue" + "BedrockRerankingConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.VectorSearchBedrockRerankingConfiguration", + "markdownDescription": "Configuration for using Amazon Bedrock foundation models to rerank search results. This is required when the reranking type is set to BEDROCK.", + "title": "BedrockRerankingConfiguration" + }, + "Type": { + "markdownDescription": "The type of reranking to apply to vector search results. Currently, the only supported value is BEDROCK, which uses Amazon Bedrock foundation models for reranking.", + "title": "Type", + "type": "string" } }, "required": [ - "Glue" + "Type" ], "type": "object" }, - "AWS::CleanRooms::ConfiguredTableAssociation": { + "AWS::Bedrock::Guardrail": { "additionalProperties": false, "properties": { "Condition": { @@ -33573,51 +38095,80 @@ "Properties": { "additionalProperties": false, "properties": { - "ConfiguredTableIdentifier": { - "markdownDescription": "A unique identifier for the configured table to be associated to. Currently accepts a configured table ID.", - "title": "ConfiguredTableIdentifier", + "BlockedInputMessaging": { + "markdownDescription": "The message to return when the guardrail blocks a prompt.", + "title": "BlockedInputMessaging", + "type": "string" + }, + "BlockedOutputsMessaging": { + "markdownDescription": "The message to return when the guardrail blocks a model response.", + "title": "BlockedOutputsMessaging", "type": "string" }, + "ContentPolicyConfig": { + "$ref": "#/definitions/AWS::Bedrock::Guardrail.ContentPolicyConfig", + "markdownDescription": "The content filter policies to configure for the guardrail.", + "title": "ContentPolicyConfig" + }, + "ContextualGroundingPolicyConfig": { + "$ref": "#/definitions/AWS::Bedrock::Guardrail.ContextualGroundingPolicyConfig", + "markdownDescription": "", + "title": "ContextualGroundingPolicyConfig" + }, + "CrossRegionConfig": { + "$ref": "#/definitions/AWS::Bedrock::Guardrail.GuardrailCrossRegionConfig", + "markdownDescription": "The system-defined guardrail profile that you're using with your guardrail. Guardrail profiles define the destination AWS Regions where guardrail inference requests can be automatically routed. Using guardrail profiles helps maintain guardrail performance and reliability when demand increases.\n\nFor more information, see the [Amazon Bedrock User Guide](https://docs.aws.amazon.com/bedrock/latest/userguide/guardrails-cross-region.html) .", + "title": "CrossRegionConfig" + }, "Description": { - "markdownDescription": "A description of the configured table association.", + "markdownDescription": "A description of the guardrail.", "title": "Description", "type": "string" }, - "MembershipIdentifier": { - "markdownDescription": "The unique ID for the membership this configured table association belongs to.", - "title": "MembershipIdentifier", + "KmsKeyArn": { + "markdownDescription": "The ARN of the AWS KMS key that you use to encrypt the guardrail.", + "title": "KmsKeyArn", "type": "string" }, "Name": { - "markdownDescription": "The name of the configured table association, in lowercase. The table is identified by this name when running protected queries against the underlying data.", + "markdownDescription": "The name of the guardrail.", "title": "Name", "type": "string" }, - "RoleArn": { - "markdownDescription": "The service will assume this role to access catalog metadata and query the table.", - "title": "RoleArn", - "type": "string" + "SensitiveInformationPolicyConfig": { + "$ref": "#/definitions/AWS::Bedrock::Guardrail.SensitiveInformationPolicyConfig", + "markdownDescription": "The sensitive information policy to configure for the guardrail.", + "title": "SensitiveInformationPolicyConfig" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", + "markdownDescription": "The tags that you want to attach to the guardrail.", "title": "Tags", "type": "array" + }, + "TopicPolicyConfig": { + "$ref": "#/definitions/AWS::Bedrock::Guardrail.TopicPolicyConfig", + "markdownDescription": "The topic policies to configure for the guardrail.", + "title": "TopicPolicyConfig" + }, + "WordPolicyConfig": { + "$ref": "#/definitions/AWS::Bedrock::Guardrail.WordPolicyConfig", + "markdownDescription": "The word policy you configure for the guardrail.", + "title": "WordPolicyConfig" } }, "required": [ - "ConfiguredTableIdentifier", - "MembershipIdentifier", - "Name", - "RoleArn" + "BlockedInputMessaging", + "BlockedOutputsMessaging", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::CleanRooms::ConfiguredTableAssociation" + "AWS::Bedrock::Guardrail" ], "type": "string" }, @@ -33636,636 +38187,459 @@ ], "type": "object" }, - "AWS::CleanRooms::Membership": { + "AWS::Bedrock::Guardrail.ContentFilterConfig": { "additionalProperties": false, "properties": { - "Condition": { + "InputAction": { + "markdownDescription": "Specifies the action to take when harmful content is detected. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "title": "InputAction", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "InputEnabled": { + "markdownDescription": "Specifies whether to enable guardrail evaluation on the input. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "title": "InputEnabled", + "type": "boolean" + }, + "InputModalities": { + "items": { + "type": "string" + }, + "markdownDescription": "The input modalities selected for the guardrail content filter configuration.", + "title": "InputModalities", + "type": "array" + }, + "InputStrength": { + "markdownDescription": "The strength of the content filter to apply to prompts. As you increase the filter strength, the likelihood of filtering harmful content increases and the probability of seeing harmful content in your application reduces.", + "title": "InputStrength", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "OutputAction": { + "markdownDescription": "Specifies the action to take when harmful content is detected in the output. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "title": "OutputAction", + "type": "string" }, - "Metadata": { - "type": "object" + "OutputEnabled": { + "markdownDescription": "Specifies whether to enable guardrail evaluation on the output. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "title": "OutputEnabled", + "type": "boolean" }, - "Properties": { - "additionalProperties": false, - "properties": { - "CollaborationIdentifier": { - "markdownDescription": "The unique ID for the associated collaboration.", - "title": "CollaborationIdentifier", - "type": "string" - }, - "DefaultResultConfiguration": { - "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipProtectedQueryResultConfiguration", - "markdownDescription": "The default protected query result configuration as specified by the member who can receive results.", - "title": "DefaultResultConfiguration" - }, - "PaymentConfiguration": { - "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipPaymentConfiguration", - "markdownDescription": "The payment responsibilities accepted by the collaboration member.", - "title": "PaymentConfiguration" - }, - "QueryLogStatus": { - "markdownDescription": "An indicator as to whether query logging has been enabled or disabled for the membership.\n\nWhen `ENABLED` , AWS Clean Rooms logs details about queries run within this collaboration and those logs can be viewed in Amazon CloudWatch Logs. The default value is `DISABLED` .", - "title": "QueryLogStatus", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", - "title": "Tags", - "type": "array" - } + "OutputModalities": { + "items": { + "type": "string" }, - "required": [ - "CollaborationIdentifier", - "QueryLogStatus" - ], - "type": "object" + "markdownDescription": "The output modalities selected for the guardrail content filter configuration.", + "title": "OutputModalities", + "type": "array" }, - "Type": { - "enum": [ - "AWS::CleanRooms::Membership" - ], + "OutputStrength": { + "markdownDescription": "The strength of the content filter to apply to model responses. As you increase the filter strength, the likelihood of filtering harmful content increases and the probability of seeing harmful content in your application reduces.", + "title": "OutputStrength", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Type": { + "markdownDescription": "The harmful category that the content filter is applied to.", + "title": "Type", "type": "string" } }, "required": [ - "Type", - "Properties" + "InputStrength", + "OutputStrength", + "Type" ], "type": "object" }, - "AWS::CleanRooms::Membership.MembershipPaymentConfiguration": { + "AWS::Bedrock::Guardrail.ContentFiltersTierConfig": { "additionalProperties": false, "properties": { - "QueryCompute": { - "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipQueryComputePaymentConfig", - "markdownDescription": "The payment responsibilities accepted by the collaboration member for query compute costs.", - "title": "QueryCompute" + "TierName": { + "markdownDescription": "The tier that your guardrail uses for content filters. Valid values include:\n\n- `CLASSIC` tier \u2013 Provides established guardrails functionality supporting English, French, and Spanish languages.\n- `STANDARD` tier \u2013 Provides a more robust solution than the `CLASSIC` tier and has more comprehensive language support. This tier requires that your guardrail use [cross-Region inference](https://docs.aws.amazon.com/bedrock/latest/userguide/guardrails-cross-region.html) .", + "title": "TierName", + "type": "string" } }, "required": [ - "QueryCompute" + "TierName" ], "type": "object" }, - "AWS::CleanRooms::Membership.MembershipProtectedQueryOutputConfiguration": { + "AWS::Bedrock::Guardrail.ContentPolicyConfig": { "additionalProperties": false, "properties": { - "S3": { - "$ref": "#/definitions/AWS::CleanRooms::Membership.ProtectedQueryS3OutputConfiguration", - "markdownDescription": "Required configuration for a protected query with an `s3` output type.", - "title": "S3" + "ContentFiltersTierConfig": { + "$ref": "#/definitions/AWS::Bedrock::Guardrail.ContentFiltersTierConfig", + "markdownDescription": "The tier that your guardrail uses for content filters. Consider using a tier that balances performance, accuracy, and compatibility with your existing generative AI workflows.", + "title": "ContentFiltersTierConfig" + }, + "FiltersConfig": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Guardrail.ContentFilterConfig" + }, + "markdownDescription": "Contains the type of the content filter and how strongly it should apply to prompts and model responses.", + "title": "FiltersConfig", + "type": "array" } }, "required": [ - "S3" + "FiltersConfig" ], "type": "object" }, - "AWS::CleanRooms::Membership.MembershipProtectedQueryResultConfiguration": { + "AWS::Bedrock::Guardrail.ContextualGroundingFilterConfig": { "additionalProperties": false, "properties": { - "OutputConfiguration": { - "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipProtectedQueryOutputConfiguration", - "markdownDescription": "Configuration for protected query results.", - "title": "OutputConfiguration" + "Action": { + "markdownDescription": "Specifies the action to take when content fails the contextual grounding evaluation. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "title": "Action", + "type": "string" }, - "RoleArn": { - "markdownDescription": "The unique ARN for an IAM role that is used by AWS Clean Rooms to write protected query results to the result location, given by the member who can receive results.", - "title": "RoleArn", + "Enabled": { + "markdownDescription": "Specifies whether to enable contextual grounding evaluation. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "title": "Enabled", + "type": "boolean" + }, + "Threshold": { + "markdownDescription": "The threshold details for the guardrails contextual grounding filter.", + "title": "Threshold", + "type": "number" + }, + "Type": { + "markdownDescription": "The filter details for the guardrails contextual grounding filter.", + "title": "Type", "type": "string" } }, "required": [ - "OutputConfiguration" + "Threshold", + "Type" ], "type": "object" }, - "AWS::CleanRooms::Membership.MembershipQueryComputePaymentConfig": { + "AWS::Bedrock::Guardrail.ContextualGroundingPolicyConfig": { "additionalProperties": false, "properties": { - "IsResponsible": { - "markdownDescription": "Indicates whether the collaboration member has accepted to pay for query compute costs ( `TRUE` ) or has not accepted to pay for query compute costs ( `FALSE` ).\n\nIf the collaboration creator has not specified anyone to pay for query compute costs, then the member who can query is the default payer.\n\nAn error message is returned for the following reasons:\n\n- If you set the value to `FALSE` but you are responsible to pay for query compute costs.\n- If you set the value to `TRUE` but you are not responsible to pay for query compute costs.", - "title": "IsResponsible", - "type": "boolean" + "FiltersConfig": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Guardrail.ContextualGroundingFilterConfig" + }, + "markdownDescription": "", + "title": "FiltersConfig", + "type": "array" } }, "required": [ - "IsResponsible" + "FiltersConfig" ], "type": "object" }, - "AWS::CleanRooms::Membership.ProtectedQueryS3OutputConfiguration": { + "AWS::Bedrock::Guardrail.GuardrailCrossRegionConfig": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The S3 bucket to unload the protected query results.", - "title": "Bucket", - "type": "string" - }, - "KeyPrefix": { - "markdownDescription": "The S3 prefix to unload the protected query results.", - "title": "KeyPrefix", - "type": "string" - }, - "ResultFormat": { - "markdownDescription": "Intended file format of the result.", - "title": "ResultFormat", + "GuardrailProfileArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the guardrail profile that your guardrail is using. Guardrail profile availability depends on your current AWS Region . For more information, see the [Amazon Bedrock User Guide](https://docs.aws.amazon.com/bedrock/latest/userguide/guardrails-cross-region-support.html) .", + "title": "GuardrailProfileArn", "type": "string" } }, "required": [ - "Bucket", - "ResultFormat" + "GuardrailProfileArn" ], "type": "object" }, - "AWS::CleanRooms::PrivacyBudgetTemplate": { + "AWS::Bedrock::Guardrail.ManagedWordsConfig": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "InputAction": { + "markdownDescription": "Specifies the action to take when harmful content is detected in the input. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "title": "InputAction", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "InputEnabled": { + "markdownDescription": "Specifies whether to enable guardrail evaluation on the input. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "title": "InputEnabled", + "type": "boolean" }, - "Metadata": { - "type": "object" + "OutputAction": { + "markdownDescription": "Specifies the action to take when harmful content is detected in the output. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "title": "OutputAction", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AutoRefresh": { - "markdownDescription": "How often the privacy budget refreshes.\n\n> If you plan to regularly bring new data into the collaboration, use `CALENDAR_MONTH` to automatically get a new privacy budget for the collaboration every calendar month. Choosing this option allows arbitrary amounts of information to be revealed about rows of the data when repeatedly queried across refreshes. Avoid choosing this if the same rows will be repeatedly queried between privacy budget refreshes.", - "title": "AutoRefresh", - "type": "string" - }, - "MembershipIdentifier": { - "markdownDescription": "The identifier for a membership resource.", - "title": "MembershipIdentifier", - "type": "string" - }, - "Parameters": { - "$ref": "#/definitions/AWS::CleanRooms::PrivacyBudgetTemplate.Parameters", - "markdownDescription": "Specifies the epsilon and noise parameters for the privacy budget template.", - "title": "Parameters" - }, - "PrivacyBudgetType": { - "markdownDescription": "Specifies the type of the privacy budget template.", - "title": "PrivacyBudgetType", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "AutoRefresh", - "MembershipIdentifier", - "Parameters", - "PrivacyBudgetType" - ], - "type": "object" + "OutputEnabled": { + "markdownDescription": "Specifies whether to enable guardrail evaluation on the output. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "title": "OutputEnabled", + "type": "boolean" }, "Type": { - "enum": [ - "AWS::CleanRooms::PrivacyBudgetTemplate" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "markdownDescription": "The managed word type to configure for the guardrail.", + "title": "Type", "type": "string" } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::CleanRooms::PrivacyBudgetTemplate.Parameters": { + "AWS::Bedrock::Guardrail.PiiEntityConfig": { "additionalProperties": false, "properties": { - "Epsilon": { - "markdownDescription": "The epsilon value that you want to use.", - "title": "Epsilon", - "type": "number" + "Action": { + "markdownDescription": "Configure guardrail action when the PII entity is detected.", + "title": "Action", + "type": "string" }, - "UsersNoisePerQuery": { - "markdownDescription": "Noise added per query is measured in terms of the number of users whose contributions you want to obscure. This value governs the rate at which the privacy budget is depleted.", - "title": "UsersNoisePerQuery", - "type": "number" + "InputAction": { + "markdownDescription": "Specifies the action to take when harmful content is detected in the input. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `ANONYMIZE` \u2013 Mask the content and replace it with identifier tags.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "title": "InputAction", + "type": "string" + }, + "InputEnabled": { + "markdownDescription": "Specifies whether to enable guardrail evaluation on the input. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "title": "InputEnabled", + "type": "boolean" + }, + "OutputAction": { + "markdownDescription": "Specifies the action to take when harmful content is detected in the output. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `ANONYMIZE` \u2013 Mask the content and replace it with identifier tags.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "title": "OutputAction", + "type": "string" + }, + "OutputEnabled": { + "markdownDescription": "Indicates whether guardrail evaluation is enabled on the output. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "title": "OutputEnabled", + "type": "boolean" + }, + "Type": { + "markdownDescription": "Configure guardrail type when the PII entity is detected.\n\nThe following PIIs are used to block or mask sensitive information:\n\n- *General*\n\n- *ADDRESS*\n\nA physical address, such as \"100 Main Street, Anytown, USA\" or \"Suite #12, Building 123\". An address can include information such as the street, building, location, city, state, country, county, zip code, precinct, and neighborhood.\n- *AGE*\n\nAn individual's age, including the quantity and unit of time. For example, in the phrase \"I am 40 years old,\" Guardrails recognizes \"40 years\" as an age.\n- *NAME*\n\nAn individual's name. This entity type does not include titles, such as Dr., Mr., Mrs., or Miss. guardrails doesn't apply this entity type to names that are part of organizations or addresses. For example, guardrails recognizes the \"John Doe Organization\" as an organization, and it recognizes \"Jane Doe Street\" as an address.\n- *EMAIL*\n\nAn email address, such as *marymajor@email.com* .\n- *PHONE*\n\nA phone number. This entity type also includes fax and pager numbers.\n- *USERNAME*\n\nA user name that identifies an account, such as a login name, screen name, nick name, or handle.\n- *PASSWORD*\n\nAn alphanumeric string that is used as a password, such as \"* *very20special#pass** \".\n- *DRIVER_ID*\n\nThe number assigned to a driver's license, which is an official document permitting an individual to operate one or more motorized vehicles on a public road. A driver's license number consists of alphanumeric characters.\n- *LICENSE_PLATE*\n\nA license plate for a vehicle is issued by the state or country where the vehicle is registered. The format for passenger vehicles is typically five to eight digits, consisting of upper-case letters and numbers. The format varies depending on the location of the issuing state or country.\n- *VEHICLE_IDENTIFICATION_NUMBER*\n\nA Vehicle Identification Number (VIN) uniquely identifies a vehicle. VIN content and format are defined in the *ISO 3779* specification. Each country has specific codes and formats for VINs.\n- *Finance*\n\n- *CREDIT_DEBIT_CARD_CVV*\n\nA three-digit card verification code (CVV) that is present on VISA, MasterCard, and Discover credit and debit cards. For American Express credit or debit cards, the CVV is a four-digit numeric code.\n- *CREDIT_DEBIT_CARD_EXPIRY*\n\nThe expiration date for a credit or debit card. This number is usually four digits long and is often formatted as *month/year* or *MM/YY* . Guardrails recognizes expiration dates such as *01/21* , *01/2021* , and *Jan 2021* .\n- *CREDIT_DEBIT_CARD_NUMBER*\n\nThe number for a credit or debit card. These numbers can vary from 13 to 16 digits in length. However, Amazon Comprehend also recognizes credit or debit card numbers when only the last four digits are present.\n- *PIN*\n\nA four-digit personal identification number (PIN) with which you can access your bank account.\n- *INTERNATIONAL_BANK_ACCOUNT_NUMBER*\n\nAn International Bank Account Number has specific formats in each country. For more information, see [www.iban.com/structure](https://docs.aws.amazon.com/https://www.iban.com/structure) .\n- *SWIFT_CODE*\n\nA SWIFT code is a standard format of Bank Identifier Code (BIC) used to specify a particular bank or branch. Banks use these codes for money transfers such as international wire transfers.\n\nSWIFT codes consist of eight or 11 characters. The 11-digit codes refer to specific branches, while eight-digit codes (or 11-digit codes ending in 'XXX') refer to the head or primary office.\n- *IT*\n\n- *IP_ADDRESS*\n\nAn IPv4 address, such as *198.51.100.0* .\n- *MAC_ADDRESS*\n\nA *media access control* (MAC) address is a unique identifier assigned to a network interface controller (NIC).\n- *URL*\n\nA web address, such as *www.example.com* .\n- *AWS_ACCESS_KEY*\n\nA unique identifier that's associated with a secret access key; you use the access key ID and secret access key to sign programmatic AWS requests cryptographically.\n- *AWS_SECRET_KEY*\n\nA unique identifier that's associated with an access key. You use the access key ID and secret access key to sign programmatic AWS requests cryptographically.\n- *USA specific*\n\n- *US_BANK_ACCOUNT_NUMBER*\n\nA US bank account number, which is typically 10 to 12 digits long.\n- *US_BANK_ROUTING_NUMBER*\n\nA US bank account routing number. These are typically nine digits long,\n- *US_INDIVIDUAL_TAX_IDENTIFICATION_NUMBER*\n\nA US Individual Taxpayer Identification Number (ITIN) is a nine-digit number that starts with a \"9\" and contain a \"7\" or \"8\" as the fourth digit. An ITIN can be formatted with a space or a dash after the third and forth digits.\n- *US_PASSPORT_NUMBER*\n\nA US passport number. Passport numbers range from six to nine alphanumeric characters.\n- *US_SOCIAL_SECURITY_NUMBER*\n\nA US Social Security Number (SSN) is a nine-digit number that is issued to US citizens, permanent residents, and temporary working residents.\n- *Canada specific*\n\n- *CA_HEALTH_NUMBER*\n\nA Canadian Health Service Number is a 10-digit unique identifier, required for individuals to access healthcare benefits.\n- *CA_SOCIAL_INSURANCE_NUMBER*\n\nA Canadian Social Insurance Number (SIN) is a nine-digit unique identifier, required for individuals to access government programs and benefits.\n\nThe SIN is formatted as three groups of three digits, such as *123-456-789* . A SIN can be validated through a simple check-digit process called the [Luhn algorithm](https://docs.aws.amazon.com/https://www.wikipedia.org/wiki/Luhn_algorithm) .\n- *UK Specific*\n\n- *UK_NATIONAL_HEALTH_SERVICE_NUMBER*\n\nA UK National Health Service Number is a 10-17 digit number, such as *485 777 3456* . The current system formats the 10-digit number with spaces after the third and sixth digits. The final digit is an error-detecting checksum.\n- *UK_NATIONAL_INSURANCE_NUMBER*\n\nA UK National Insurance Number (NINO) provides individuals with access to National Insurance (social security) benefits. It is also used for some purposes in the UK tax system.\n\nThe number is nine digits long and starts with two letters, followed by six numbers and one letter. A NINO can be formatted with a space or a dash after the two letters and after the second, forth, and sixth digits.\n- *UK_UNIQUE_TAXPAYER_REFERENCE_NUMBER*\n\nA UK Unique Taxpayer Reference (UTR) is a 10-digit number that identifies a taxpayer or a business.\n- *Custom*\n\n- *Regex filter* - You can use a regular expressions to define patterns for a guardrail to recognize and act upon such as serial number, booking ID etc..", + "title": "Type", + "type": "string" } }, "required": [ - "Epsilon", - "UsersNoisePerQuery" + "Action", + "Type" ], "type": "object" }, - "AWS::CleanRoomsML::TrainingDataset": { + "AWS::Bedrock::Guardrail.RegexConfig": { "additionalProperties": false, "properties": { - "Condition": { + "Action": { + "markdownDescription": "The guardrail action to configure when matching regular expression is detected.", + "title": "Action", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Description": { + "markdownDescription": "The description of the regular expression to configure for the guardrail.", + "title": "Description", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "InputAction": { + "markdownDescription": "Specifies the action to take when harmful content is detected in the input. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "title": "InputAction", + "type": "string" }, - "Metadata": { - "type": "object" + "InputEnabled": { + "markdownDescription": "Specifies whether to enable guardrail evaluation on the input. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "title": "InputEnabled", + "type": "boolean" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The description of the training dataset.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the training dataset.", - "title": "Name", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role that Clean Rooms ML can assume to read the data referred to in the `dataSource` field of each dataset.\n\nPassing a role across accounts is not allowed. If you pass a role that isn't in your account, you get an `AccessDeniedException` error.", - "title": "RoleArn", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The optional metadata that you apply to the resource to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50.\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8.\n- Maximum value length - 256 Unicode characters in UTF-8.\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for keys as it is reserved. You cannot edit or delete tag keys with this prefix. Values can have this prefix. If a tag value has `aws` as its prefix but the key does not, then Clean Rooms ML considers it to be a user tag and will count against the limit of 50 tags. Tags with only the key prefix of `aws` do not count against your tags per resource limit.", - "title": "Tags", - "type": "array" - }, - "TrainingData": { - "items": { - "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.Dataset" - }, - "markdownDescription": "An array of information that lists the Dataset objects, which specifies the dataset type and details on its location and schema. You must provide a role that has read access to these tables.", - "title": "TrainingData", - "type": "array" - } - }, - "required": [ - "Name", - "RoleArn", - "TrainingData" - ], - "type": "object" + "Name": { + "markdownDescription": "The name of the regular expression to configure for the guardrail.", + "title": "Name", + "type": "string" }, - "Type": { - "enum": [ - "AWS::CleanRoomsML::TrainingDataset" - ], + "OutputAction": { + "markdownDescription": "Specifies the action to take when harmful content is detected in the output. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "title": "OutputAction", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "OutputEnabled": { + "markdownDescription": "Specifies whether to enable guardrail evaluation on the output. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "title": "OutputEnabled", + "type": "boolean" + }, + "Pattern": { + "markdownDescription": "The regular expression pattern to configure for the guardrail.", + "title": "Pattern", "type": "string" } }, "required": [ - "Type", - "Properties" + "Action", + "Name", + "Pattern" ], "type": "object" }, - "AWS::CleanRoomsML::TrainingDataset.ColumnSchema": { + "AWS::Bedrock::Guardrail.SensitiveInformationPolicyConfig": { "additionalProperties": false, "properties": { - "ColumnName": { - "markdownDescription": "The name of a column.", - "title": "ColumnName", - "type": "string" + "PiiEntitiesConfig": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Guardrail.PiiEntityConfig" + }, + "markdownDescription": "A list of PII entities to configure to the guardrail.", + "title": "PiiEntitiesConfig", + "type": "array" }, - "ColumnTypes": { + "RegexesConfig": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Bedrock::Guardrail.RegexConfig" }, - "markdownDescription": "The data type of column.", - "title": "ColumnTypes", + "markdownDescription": "A list of regular expressions to configure to the guardrail.", + "title": "RegexesConfig", "type": "array" } }, - "required": [ - "ColumnName", - "ColumnTypes" - ], - "type": "object" - }, - "AWS::CleanRoomsML::TrainingDataset.DataSource": { - "additionalProperties": false, - "properties": { - "GlueDataSource": { - "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.GlueDataSource", - "markdownDescription": "A GlueDataSource object that defines the catalog ID, database name, and table name for the training data.", - "title": "GlueDataSource" - } - }, - "required": [ - "GlueDataSource" - ], "type": "object" }, - "AWS::CleanRoomsML::TrainingDataset.Dataset": { + "AWS::Bedrock::Guardrail.TopicConfig": { "additionalProperties": false, "properties": { - "InputConfig": { - "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.DatasetInputConfig", - "markdownDescription": "A DatasetInputConfig object that defines the data source and schema mapping.", - "title": "InputConfig" + "Definition": { + "markdownDescription": "A definition of the topic to deny.", + "title": "Definition", + "type": "string" + }, + "Examples": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of prompts, each of which is an example of a prompt that can be categorized as belonging to the topic.", + "title": "Examples", + "type": "array" + }, + "InputAction": { + "markdownDescription": "Specifies the action to take when harmful content is detected in the input. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "title": "InputAction", + "type": "string" + }, + "InputEnabled": { + "markdownDescription": "Specifies whether to enable guardrail evaluation on the input. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "title": "InputEnabled", + "type": "boolean" + }, + "Name": { + "markdownDescription": "The name of the topic to deny.", + "title": "Name", + "type": "string" + }, + "OutputAction": { + "markdownDescription": "Specifies the action to take when harmful content is detected in the output. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "title": "OutputAction", + "type": "string" + }, + "OutputEnabled": { + "markdownDescription": "Specifies whether to enable guardrail evaluation on the output. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "title": "OutputEnabled", + "type": "boolean" }, "Type": { - "markdownDescription": "What type of information is found in the dataset.", + "markdownDescription": "Specifies to deny the topic.", "title": "Type", "type": "string" } }, "required": [ - "InputConfig", + "Definition", + "Name", "Type" ], "type": "object" }, - "AWS::CleanRoomsML::TrainingDataset.DatasetInputConfig": { + "AWS::Bedrock::Guardrail.TopicPolicyConfig": { "additionalProperties": false, "properties": { - "DataSource": { - "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.DataSource", - "markdownDescription": "A DataSource object that specifies the Glue data source for the training data.", - "title": "DataSource" - }, - "Schema": { + "TopicsConfig": { "items": { - "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.ColumnSchema" + "$ref": "#/definitions/AWS::Bedrock::Guardrail.TopicConfig" }, - "markdownDescription": "The schema information for the training data.", - "title": "Schema", + "markdownDescription": "A list of policies related to topics that the guardrail should deny.", + "title": "TopicsConfig", "type": "array" + }, + "TopicsTierConfig": { + "$ref": "#/definitions/AWS::Bedrock::Guardrail.TopicsTierConfig", + "markdownDescription": "The tier that your guardrail uses for denied topic filters.", + "title": "TopicsTierConfig" } }, "required": [ - "DataSource", - "Schema" + "TopicsConfig" ], "type": "object" }, - "AWS::CleanRoomsML::TrainingDataset.GlueDataSource": { + "AWS::Bedrock::Guardrail.TopicsTierConfig": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The Glue catalog that contains the training data.", - "title": "CatalogId", - "type": "string" - }, - "DatabaseName": { - "markdownDescription": "The Glue database that contains the training data.", - "title": "DatabaseName", - "type": "string" - }, - "TableName": { - "markdownDescription": "The Glue table that contains the training data.", - "title": "TableName", + "TierName": { + "markdownDescription": "The tier that your guardrail uses for denied topic filters. Valid values include:\n\n- `CLASSIC` tier \u2013 Provides established guardrails functionality supporting English, French, and Spanish languages.\n- `STANDARD` tier \u2013 Provides a more robust solution than the `CLASSIC` tier and has more comprehensive language support. This tier requires that your guardrail use [cross-Region inference](https://docs.aws.amazon.com/bedrock/latest/userguide/guardrails-cross-region.html) .", + "title": "TierName", "type": "string" } }, "required": [ - "DatabaseName", - "TableName" + "TierName" ], "type": "object" }, - "AWS::Cloud9::EnvironmentEC2": { + "AWS::Bedrock::Guardrail.WordConfig": { "additionalProperties": false, "properties": { - "Condition": { + "InputAction": { + "markdownDescription": "Specifies the action to take when harmful content is detected in the input. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "title": "InputAction", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AutomaticStopTimeMinutes": { - "markdownDescription": "The number of minutes until the running instance is shut down after the environment was last used.", - "title": "AutomaticStopTimeMinutes", - "type": "number" - }, - "ConnectionType": { - "markdownDescription": "The connection type used for connecting to an Amazon EC2 environment. Valid values are `CONNECT_SSH` (default) and `CONNECT_SSM` (connected through AWS Systems Manager ).", - "title": "ConnectionType", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the environment to create.", - "title": "Description", - "type": "string" - }, - "ImageId": { - "markdownDescription": "The identifier for the Amazon Machine Image (AMI) that's used to create the EC2 instance. To choose an AMI for the instance, you must specify a valid AMI alias or a valid AWS Systems Manager path.\n\nFrom December 04, 2023, you will be required to include the `ImageId` parameter for the `CreateEnvironmentEC2` action. This change will be reflected across all direct methods of communicating with the API, such as AWS SDK, AWS CLI and AWS CloudFormation. This change will only affect direct API consumers, and not AWS Cloud9 console users.\n\nSince Ubuntu 18.04 has ended standard support as of May 31, 2023, we recommend you choose Ubuntu 22.04.\n\n*AMI aliases*\n\n- Amazon Linux 2: `amazonlinux-2-x86_64`\n- Amazon Linux 2023 (recommended): `amazonlinux-2023-x86_64`\n- Ubuntu 18.04: `ubuntu-18.04-x86_64`\n- Ubuntu 22.04: `ubuntu-22.04-x86_64`\n\n*SSM paths*\n\n- Amazon Linux 2: `resolve:ssm:/aws/service/cloud9/amis/amazonlinux-2-x86_64`\n- Amazon Linux 2023 (recommended): `resolve:ssm:/aws/service/cloud9/amis/amazonlinux-2023-x86_64`\n- Ubuntu 18.04: `resolve:ssm:/aws/service/cloud9/amis/ubuntu-18.04-x86_64`\n- Ubuntu 22.04: `resolve:ssm:/aws/service/cloud9/amis/ubuntu-22.04-x86_64`", - "title": "ImageId", - "type": "string" - }, - "InstanceType": { - "markdownDescription": "The type of instance to connect to the environment (for example, `t2.micro` ).", - "title": "InstanceType", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the environment.", - "title": "Name", - "type": "string" - }, - "OwnerArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the environment owner. This ARN can be the ARN of any AWS Identity and Access Management principal. If this value is not specified, the ARN defaults to this environment's creator.", - "title": "OwnerArn", - "type": "string" - }, - "Repositories": { - "items": { - "$ref": "#/definitions/AWS::Cloud9::EnvironmentEC2.Repository" - }, - "markdownDescription": "Any AWS CodeCommit source code repositories to be cloned into the development environment.", - "title": "Repositories", - "type": "array" - }, - "SubnetId": { - "markdownDescription": "The ID of the subnet in Amazon Virtual Private Cloud (Amazon VPC) that AWS Cloud9 will use to communicate with the Amazon Elastic Compute Cloud (Amazon EC2) instance.", - "title": "SubnetId", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs that will be associated with the new AWS Cloud9 development environment.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "ImageId", - "InstanceType" - ], - "type": "object" + "InputEnabled": { + "markdownDescription": "Specifies whether to enable guardrail evaluation on the intput. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "title": "InputEnabled", + "type": "boolean" }, - "Type": { - "enum": [ - "AWS::Cloud9::EnvironmentEC2" - ], + "OutputAction": { + "markdownDescription": "Specifies the action to take when harmful content is detected in the output. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "title": "OutputAction", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "OutputEnabled": { + "markdownDescription": "Specifies whether to enable guardrail evaluation on the output. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "title": "OutputEnabled", + "type": "boolean" + }, + "Text": { + "markdownDescription": "Text of the word configured for the guardrail to block.", + "title": "Text", "type": "string" } }, "required": [ - "Type", - "Properties" + "Text" ], "type": "object" }, - "AWS::Cloud9::EnvironmentEC2.Repository": { + "AWS::Bedrock::Guardrail.WordPolicyConfig": { "additionalProperties": false, "properties": { - "PathComponent": { - "markdownDescription": "The path within the development environment's default file system location to clone the AWS CodeCommit repository into. For example, `/REPOSITORY_NAME` would clone the repository into the `/home/USER_NAME/environment/REPOSITORY_NAME` directory in the environment.", - "title": "PathComponent", - "type": "string" + "ManagedWordListsConfig": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Guardrail.ManagedWordsConfig" + }, + "markdownDescription": "A list of managed words to configure for the guardrail.", + "title": "ManagedWordListsConfig", + "type": "array" }, - "RepositoryUrl": { - "markdownDescription": "The clone URL of the AWS CodeCommit repository to be cloned. For example, for an AWS CodeCommit repository this might be `https://git-codecommit.us-east-2.amazonaws.com/v1/repos/REPOSITORY_NAME` .", - "title": "RepositoryUrl", - "type": "string" + "WordsConfig": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Guardrail.WordConfig" + }, + "markdownDescription": "A list of words to configure for the guardrail.", + "title": "WordsConfig", + "type": "array" } }, - "required": [ - "PathComponent", - "RepositoryUrl" - ], "type": "object" }, - "AWS::CloudFormation::CustomResource": { + "AWS::Bedrock::GuardrailVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -34300,20 +38674,25 @@ "Properties": { "additionalProperties": false, "properties": { - "ServiceToken": { - "markdownDescription": "The service token, such as an Amazon SNS topic ARN or Lambda function ARN. The service token must be from the same Region as the stack.\n\nUpdates aren't supported.", - "title": "ServiceToken", + "Description": { + "markdownDescription": "A description of the guardrail version.", + "title": "Description", + "type": "string" + }, + "GuardrailIdentifier": { + "markdownDescription": "The unique identifier of the guardrail. This can be an ID or the ARN.", + "title": "GuardrailIdentifier", "type": "string" } }, "required": [ - "ServiceToken" + "GuardrailIdentifier" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFormation::CustomResource" + "AWS::Bedrock::GuardrailVersion" ], "type": "string" }, @@ -34332,7 +38711,7 @@ ], "type": "object" }, - "AWS::CloudFormation::HookDefaultVersion": { + "AWS::Bedrock::IntelligentPromptRouter": { "additionalProperties": false, "properties": { "Condition": { @@ -34367,108 +38746,54 @@ "Properties": { "additionalProperties": false, "properties": { - "TypeName": { - "markdownDescription": "The name of the Hook.\n\nYou must specify either `TypeVersionArn` , or `TypeName` and `VersionId` .", - "title": "TypeName", - "type": "string" - }, - "TypeVersionArn": { - "markdownDescription": "The version ID of the type configuration.\n\nYou must specify either `TypeVersionArn` , or `TypeName` and `VersionId` .", - "title": "TypeVersionArn", + "Description": { + "markdownDescription": "An optional description of the prompt router to help identify its purpose.", + "title": "Description", "type": "string" }, - "VersionId": { - "markdownDescription": "The version ID of the type specified.\n\nYou must specify either `TypeVersionArn` , or `TypeName` and `VersionId` .", - "title": "VersionId", - "type": "string" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::CloudFormation::HookDefaultVersion" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::CloudFormation::HookTypeConfig": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" + "FallbackModel": { + "$ref": "#/definitions/AWS::Bedrock::IntelligentPromptRouter.PromptRouterTargetModel", + "markdownDescription": "The default model to use when the routing criteria is not met.", + "title": "FallbackModel" }, - { + "Models": { "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" + "$ref": "#/definitions/AWS::Bedrock::IntelligentPromptRouter.PromptRouterTargetModel" }, + "markdownDescription": "A list of foundation models that the prompt router can route requests to. At least one model must be specified.", + "title": "Models", "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Configuration": { - "markdownDescription": "Specifies the activated Hook type configuration, in this AWS account and AWS Region .\n\nYou must specify either `TypeName` and `Configuration` or `TypeArn` and `Configuration` .", - "title": "Configuration", - "type": "string" }, - "ConfigurationAlias": { - "markdownDescription": "An alias by which to refer to this configuration data.\n\nDefaults to `default` alias. Hook types currently support default configuration alias.", - "title": "ConfigurationAlias", + "PromptRouterName": { + "markdownDescription": "The name of the prompt router. The name must be unique within your AWS account in the current region.", + "title": "PromptRouterName", "type": "string" }, - "TypeArn": { - "markdownDescription": "The Amazon Resource Number (ARN) for the Hook to set `Configuration` for.\n\nYou must specify either `TypeName` and `Configuration` or `TypeArn` and `Configuration` .", - "title": "TypeArn", - "type": "string" + "RoutingCriteria": { + "$ref": "#/definitions/AWS::Bedrock::IntelligentPromptRouter.RoutingCriteria", + "markdownDescription": "Routing criteria for a prompt router.", + "title": "RoutingCriteria" }, - "TypeName": { - "markdownDescription": "The unique name for your Hook. Specifies a three-part namespace for your Hook, with a recommended pattern of `Organization::Service::Hook` .\n\nYou must specify either `TypeName` and `Configuration` or `TypeArn` and `Configuration` .", - "title": "TypeName", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource as tags. You can use tags to categorize and manage your AWS resources.", + "title": "Tags", + "type": "array" } }, "required": [ - "Configuration" + "FallbackModel", + "Models", + "PromptRouterName", + "RoutingCriteria" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFormation::HookTypeConfig" + "AWS::Bedrock::IntelligentPromptRouter" ], "type": "string" }, @@ -34487,7 +38812,35 @@ ], "type": "object" }, - "AWS::CloudFormation::HookVersion": { + "AWS::Bedrock::IntelligentPromptRouter.PromptRouterTargetModel": { + "additionalProperties": false, + "properties": { + "ModelArn": { + "markdownDescription": "The target model's ARN.", + "title": "ModelArn", + "type": "string" + } + }, + "required": [ + "ModelArn" + ], + "type": "object" + }, + "AWS::Bedrock::IntelligentPromptRouter.RoutingCriteria": { + "additionalProperties": false, + "properties": { + "ResponseQualityDifference": { + "markdownDescription": "The criteria's response quality difference.", + "title": "ResponseQualityDifference", + "type": "number" + } + }, + "required": [ + "ResponseQualityDifference" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase": { "additionalProperties": false, "properties": { "Condition": { @@ -34522,36 +38875,53 @@ "Properties": { "additionalProperties": false, "properties": { - "ExecutionRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the task execution role that grants the Hook permission.", - "title": "ExecutionRoleArn", + "Description": { + "markdownDescription": "The description of the knowledge base associated with the inline agent.", + "title": "Description", "type": "string" }, - "LoggingConfig": { - "$ref": "#/definitions/AWS::CloudFormation::HookVersion.LoggingConfig", - "markdownDescription": "Contains logging configuration information for an extension.", - "title": "LoggingConfig" + "KnowledgeBaseConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.KnowledgeBaseConfiguration", + "markdownDescription": "Contains details about the embeddings configuration of the knowledge base.", + "title": "KnowledgeBaseConfiguration" }, - "SchemaHandlerPackage": { - "markdownDescription": "A URL to the Amazon S3 bucket containing the Hook project package that contains the necessary files for the Hook you want to register.\n\nFor information on generating a schema handler package, see [Modeling custom CloudFormation Hooks](https://docs.aws.amazon.com/cloudformation-cli/latest/hooks-userguide/hooks-model.html) in the *AWS CloudFormation Hooks User Guide* .\n\n> To register the Hook, you must have `s3:GetObject` permissions to access the S3 objects.", - "title": "SchemaHandlerPackage", + "Name": { + "markdownDescription": "The name of the knowledge base.", + "title": "Name", "type": "string" }, - "TypeName": { - "markdownDescription": "The unique name for your hook. Specifies a three-part namespace for your hook, with a recommended pattern of `Organization::Service::Hook` .\n\n> The following organization namespaces are reserved and can't be used in your hook type names:\n> \n> - `Alexa`\n> - `AMZN`\n> - `Amazon`\n> - `ASK`\n> - `AWS`\n> - `Custom`\n> - `Dev`", - "title": "TypeName", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role with permissions to invoke API operations on the knowledge base.", + "title": "RoleArn", "type": "string" + }, + "StorageConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.StorageConfiguration", + "markdownDescription": "Contains details about the storage configuration of the knowledge base.", + "title": "StorageConfiguration" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Metadata that you can assign to a resource as key-value pairs. For more information, see the following resources:\n\n- [Tag naming limits and requirements](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-conventions)\n- [Tagging best practices](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-best-practices)", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" } }, "required": [ - "SchemaHandlerPackage", - "TypeName" + "KnowledgeBaseConfiguration", + "Name", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFormation::HookVersion" + "AWS::Bedrock::KnowledgeBase" ], "type": "string" }, @@ -34570,982 +38940,871 @@ ], "type": "object" }, - "AWS::CloudFormation::HookVersion.LoggingConfig": { + "AWS::Bedrock::KnowledgeBase.BedrockEmbeddingModelConfiguration": { "additionalProperties": false, "properties": { - "LogGroupName": { - "markdownDescription": "The Amazon CloudWatch Logs group to which CloudFormation sends error logging information when invoking the extension's handlers.", - "title": "LogGroupName", - "type": "string" + "Dimensions": { + "markdownDescription": "The dimensions details for the vector configuration used on the Bedrock embeddings model.", + "title": "Dimensions", + "type": "number" }, - "LogRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role that CloudFormation should assume when sending log entries to CloudWatch Logs.", - "title": "LogRoleArn", + "EmbeddingDataType": { + "markdownDescription": "The data type for the vectors when using a model to convert text into vector embeddings. The model must support the specified data type for vector embeddings. Floating-point (float32) is the default data type, and is supported by most models for vector embeddings. See [Supported embeddings models](https://docs.aws.amazon.com/bedrock/latest/userguide/knowledge-base-supported.html) for information on the available models and their vector data types.", + "title": "EmbeddingDataType", "type": "string" } }, "type": "object" }, - "AWS::CloudFormation::Macro": { + "AWS::Bedrock::KnowledgeBase.CuratedQuery": { "additionalProperties": false, "properties": { - "Condition": { + "NaturalLanguage": { + "markdownDescription": "An example natural language query.", + "title": "NaturalLanguage", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Sql": { + "markdownDescription": "The SQL equivalent of the natural language query.", + "title": "Sql", "type": "string" + } + }, + "required": [ + "NaturalLanguage", + "Sql" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.EmbeddingModelConfiguration": { + "additionalProperties": false, + "properties": { + "BedrockEmbeddingModelConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.BedrockEmbeddingModelConfiguration", + "markdownDescription": "The vector configuration details on the Bedrock embeddings model.", + "title": "BedrockEmbeddingModelConfiguration" + } + }, + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.KendraKnowledgeBaseConfiguration": { + "additionalProperties": false, + "properties": { + "KendraIndexArn": { + "markdownDescription": "The ARN of the Amazon Kendra index.", + "title": "KendraIndexArn", + "type": "string" + } + }, + "required": [ + "KendraIndexArn" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.KnowledgeBaseConfiguration": { + "additionalProperties": false, + "properties": { + "KendraKnowledgeBaseConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.KendraKnowledgeBaseConfiguration", + "markdownDescription": "Settings for an Amazon Kendra knowledge base.", + "title": "KendraKnowledgeBaseConfiguration" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description of the macro.", - "title": "Description", - "type": "string" - }, - "FunctionName": { - "markdownDescription": "The Amazon Resource Name (ARN) of the underlying Lambda function that you want CloudFormation to invoke when the macro is run.", - "title": "FunctionName", - "type": "string" - }, - "LogGroupName": { - "markdownDescription": "The CloudWatch Logs group to which CloudFormation sends error logging information when invoking the macro's underlying Lambda function.\n\nThis will be an existing CloudWatch Logs LogGroup. Neither CloudFormation or Lambda will create the group.", - "title": "LogGroupName", - "type": "string" - }, - "LogRoleARN": { - "markdownDescription": "The ARN of the role CloudFormation should assume when sending log entries to CloudWatch Logs .", - "title": "LogRoleARN", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the macro. The name of the macro must be unique across all macros in the account.", - "title": "Name", - "type": "string" - } - }, - "required": [ - "FunctionName", - "Name" - ], - "type": "object" + "SqlKnowledgeBaseConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.SqlKnowledgeBaseConfiguration", + "markdownDescription": "Specifies configurations for a knowledge base connected to an SQL database.", + "title": "SqlKnowledgeBaseConfiguration" }, "Type": { - "enum": [ - "AWS::CloudFormation::Macro" - ], + "markdownDescription": "The type of data that the data source is converted into for the knowledge base.", + "title": "Type", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "VectorKnowledgeBaseConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.VectorKnowledgeBaseConfiguration", + "markdownDescription": "Contains details about the model that's used to convert the data source into vector embeddings.", + "title": "VectorKnowledgeBaseConfiguration" } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::CloudFormation::ModuleDefaultVersion": { + "AWS::Bedrock::KnowledgeBase.MongoDbAtlasConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "CollectionName": { + "markdownDescription": "The collection name of the knowledge base in MongoDB Atlas.", + "title": "CollectionName", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "CredentialsSecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the secret that you created in AWS Secrets Manager that contains user credentials for your MongoDB Atlas cluster.", + "title": "CredentialsSecretArn", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "DatabaseName": { + "markdownDescription": "The database name in your MongoDB Atlas cluster for your knowledge base.", + "title": "DatabaseName", + "type": "string" }, - "Metadata": { - "type": "object" + "Endpoint": { + "markdownDescription": "The endpoint URL of your MongoDB Atlas cluster for your knowledge base.", + "title": "Endpoint", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the module version to set as the default version.\n\nConditional: You must specify either `Arn` , or `ModuleName` and `VersionId` .", - "title": "Arn", - "type": "string" - }, - "ModuleName": { - "markdownDescription": "The name of the module.\n\nConditional: You must specify either `Arn` , or `ModuleName` and `VersionId` .", - "title": "ModuleName", - "type": "string" - }, - "VersionId": { - "markdownDescription": "The ID for the specific version of the module.\n\nConditional: You must specify either `Arn` , or `ModuleName` and `VersionId` .", - "title": "VersionId", - "type": "string" - } - }, - "type": "object" + "EndpointServiceName": { + "markdownDescription": "The name of the VPC endpoint service in your account that is connected to your MongoDB Atlas cluster.", + "title": "EndpointServiceName", + "type": "string" }, - "Type": { - "enum": [ - "AWS::CloudFormation::ModuleDefaultVersion" - ], + "FieldMapping": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.MongoDbAtlasFieldMapping", + "markdownDescription": "Contains the names of the fields to which to map information about the vector store.", + "title": "FieldMapping" + }, + "TextIndexName": { + "markdownDescription": "The name of the text search index in the MongoDB collection. This is required for using the hybrid search feature.", + "title": "TextIndexName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VectorIndexName": { + "markdownDescription": "The name of the MongoDB Atlas vector search index.", + "title": "VectorIndexName", "type": "string" } }, "required": [ - "Type" + "CollectionName", + "CredentialsSecretArn", + "DatabaseName", + "Endpoint", + "FieldMapping", + "VectorIndexName" ], "type": "object" }, - "AWS::CloudFormation::ModuleVersion": { + "AWS::Bedrock::KnowledgeBase.MongoDbAtlasFieldMapping": { "additionalProperties": false, "properties": { - "Condition": { + "MetadataField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores metadata about the vector store.", + "title": "MetadataField", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TextField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose.", + "title": "TextField", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ModuleName": { - "markdownDescription": "The name of the module being registered.", - "title": "ModuleName", - "type": "string" - }, - "ModulePackage": { - "markdownDescription": "A URL to the S3 bucket containing the package that contains the template fragment and schema files for the module version to register.\n\nFor more information, see [Module structure and requirements](https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/modules-structure.html) in the *AWS CloudFormation Command Line Interface (CLI) User Guide* .\n\n> To register the module version, you must have `s3:GetObject` permissions to access the S3 objects.", - "title": "ModulePackage", - "type": "string" - } - }, - "required": [ - "ModuleName", - "ModulePackage" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::CloudFormation::ModuleVersion" - ], + "VectorField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores the vector embeddings for your data sources.", + "title": "VectorField", "type": "string" + } + }, + "required": [ + "MetadataField", + "TextField", + "VectorField" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.NeptuneAnalyticsConfiguration": { + "additionalProperties": false, + "properties": { + "FieldMapping": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.NeptuneAnalyticsFieldMapping", + "markdownDescription": "Contains the names of the fields to which to map information about the vector store.", + "title": "FieldMapping" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "GraphArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Neptune Analytics vector store.", + "title": "GraphArn", "type": "string" } }, "required": [ - "Type", - "Properties" + "FieldMapping", + "GraphArn" ], "type": "object" }, - "AWS::CloudFormation::PublicTypeVersion": { + "AWS::Bedrock::KnowledgeBase.NeptuneAnalyticsFieldMapping": { "additionalProperties": false, "properties": { - "Condition": { + "MetadataField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores metadata about the vector store.", + "title": "MetadataField", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TextField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose.", + "title": "TextField", + "type": "string" + } + }, + "required": [ + "MetadataField", + "TextField" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.OpenSearchManagedClusterConfiguration": { + "additionalProperties": false, + "properties": { + "DomainArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the OpenSearch domain.", + "title": "DomainArn", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Number (ARN) of the extension.\n\nConditional: You must specify `Arn` , or `TypeName` and `Type` .", - "title": "Arn", - "type": "string" - }, - "LogDeliveryBucket": { - "markdownDescription": "The S3 bucket to which CloudFormation delivers the contract test execution logs.\n\nCloudFormation delivers the logs by the time contract testing has completed and the extension has been assigned a test type status of `PASSED` or `FAILED` .\n\nThe user initiating the stack operation must be able to access items in the specified S3 bucket. Specifically, the user needs the following permissions:\n\n- s3:GetObject\n- s3:PutObject", - "title": "LogDeliveryBucket", - "type": "string" - }, - "PublicVersionNumber": { - "markdownDescription": "The version number to assign to this version of the extension.\n\nUse the following format, and adhere to semantic versioning when assigning a version number to your extension:\n\n`MAJOR.MINOR.PATCH`\n\nFor more information, see [Semantic Versioning 2.0.0](https://docs.aws.amazon.com/https://semver.org/) .\n\nIf you don't specify a version number, CloudFormation increments the version number by one minor version release.\n\nYou cannot specify a version number the first time you publish a type. CloudFormation automatically sets the first version number to be `1.0.0` .", - "title": "PublicVersionNumber", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of the extension to test.\n\nConditional: You must specify `Arn` , or `TypeName` and `Type` .", - "title": "Type", - "type": "string" - }, - "TypeName": { - "markdownDescription": "The name of the extension to test.\n\nConditional: You must specify `Arn` , or `TypeName` and `Type` .", - "title": "TypeName", - "type": "string" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::CloudFormation::PublicTypeVersion" - ], + "DomainEndpoint": { + "markdownDescription": "The endpoint URL the OpenSearch domain.", + "title": "DomainEndpoint", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FieldMapping": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.OpenSearchManagedClusterFieldMapping", + "markdownDescription": "Contains the names of the fields to which to map information about the vector store.", + "title": "FieldMapping" + }, + "VectorIndexName": { + "markdownDescription": "The name of the vector store.", + "title": "VectorIndexName", "type": "string" } }, "required": [ - "Type" + "DomainArn", + "DomainEndpoint", + "FieldMapping", + "VectorIndexName" ], "type": "object" }, - "AWS::CloudFormation::Publisher": { + "AWS::Bedrock::KnowledgeBase.OpenSearchManagedClusterFieldMapping": { "additionalProperties": false, "properties": { - "Condition": { + "MetadataField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores metadata about the vector store.", + "title": "MetadataField", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TextField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose.", + "title": "TextField", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "VectorField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores the vector embeddings for your data sources.", + "title": "VectorField", + "type": "string" + } + }, + "required": [ + "MetadataField", + "TextField", + "VectorField" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.OpenSearchServerlessConfiguration": { + "additionalProperties": false, + "properties": { + "CollectionArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the OpenSearch Service vector store.", + "title": "CollectionArn", + "type": "string" }, - "Metadata": { - "type": "object" + "FieldMapping": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.OpenSearchServerlessFieldMapping", + "markdownDescription": "Contains the names of the fields to which to map information about the vector store.", + "title": "FieldMapping" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AcceptTermsAndConditions": { - "markdownDescription": "Whether you accept the [Terms and Conditions](https://docs.aws.amazon.com/https://cloudformation-registry-documents.s3.amazonaws.com/Terms_and_Conditions_for_AWS_CloudFormation_Registry_Publishers.pdf) for publishing extensions in the CloudFormation registry. You must accept the terms and conditions in order to register to publish public extensions to the CloudFormation registry.\n\nThe default is `false` .", - "title": "AcceptTermsAndConditions", - "type": "boolean" - }, - "ConnectionArn": { - "markdownDescription": "If you are using a Bitbucket or GitHub account for identity verification, the Amazon Resource Name (ARN) for your connection to that account.\n\nFor more information, see [Prerequisite: Registering your account to publish CloudFormation extensions](https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/publish-extension.html#publish-extension-prereqs) in the *AWS CloudFormation Command Line Interface (CLI) User Guide* .", - "title": "ConnectionArn", - "type": "string" - } - }, - "required": [ - "AcceptTermsAndConditions" - ], - "type": "object" + "VectorIndexName": { + "markdownDescription": "The name of the vector store.", + "title": "VectorIndexName", + "type": "string" + } + }, + "required": [ + "CollectionArn", + "FieldMapping", + "VectorIndexName" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.OpenSearchServerlessFieldMapping": { + "additionalProperties": false, + "properties": { + "MetadataField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores metadata about the vector store.", + "title": "MetadataField", + "type": "string" }, - "Type": { - "enum": [ - "AWS::CloudFormation::Publisher" - ], + "TextField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose.", + "title": "TextField", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VectorField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores the vector embeddings for your data sources.", + "title": "VectorField", "type": "string" } }, "required": [ - "Type", - "Properties" + "MetadataField", + "TextField", + "VectorField" ], "type": "object" }, - "AWS::CloudFormation::ResourceDefaultVersion": { + "AWS::Bedrock::KnowledgeBase.PineconeConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "ConnectionString": { + "markdownDescription": "The endpoint URL for your index management page.", + "title": "ConnectionString", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "CredentialsSecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the secret that you created in AWS Secrets Manager that is linked to your Pinecone API key.", + "title": "CredentialsSecretArn", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "TypeName": { - "markdownDescription": "The name of the resource.\n\nConditional: You must specify either `TypeVersionArn` , or `TypeName` and `VersionId` .", - "title": "TypeName", - "type": "string" - }, - "TypeVersionArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource version.\n\nConditional: You must specify either `TypeVersionArn` , or `TypeName` and `VersionId` .", - "title": "TypeVersionArn", - "type": "string" - }, - "VersionId": { - "markdownDescription": "The ID of a specific version of the resource. The version ID is the value at the end of the Amazon Resource Name (ARN) assigned to the resource version when it's registered.\n\nConditional: You must specify either `TypeVersionArn` , or `TypeName` and `VersionId` .", - "title": "VersionId", - "type": "string" - } - }, - "type": "object" + "FieldMapping": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.PineconeFieldMapping", + "markdownDescription": "Contains the names of the fields to which to map information about the vector store.", + "title": "FieldMapping" }, - "Type": { - "enum": [ - "AWS::CloudFormation::ResourceDefaultVersion" - ], + "Namespace": { + "markdownDescription": "The namespace to be used to write new data to your database.", + "title": "Namespace", + "type": "string" + } + }, + "required": [ + "ConnectionString", + "CredentialsSecretArn", + "FieldMapping" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.PineconeFieldMapping": { + "additionalProperties": false, + "properties": { + "MetadataField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores metadata about the vector store.", + "title": "MetadataField", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TextField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose.", + "title": "TextField", "type": "string" } }, "required": [ - "Type" + "MetadataField", + "TextField" ], "type": "object" }, - "AWS::CloudFormation::ResourceVersion": { + "AWS::Bedrock::KnowledgeBase.QueryGenerationColumn": { "additionalProperties": false, "properties": { - "Condition": { + "Description": { + "markdownDescription": "A description of the column that helps the query engine understand the contents of the column.", + "title": "Description", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Inclusion": { + "markdownDescription": "Specifies whether to include or exclude the column during query generation. If you specify `EXCLUDE` , the column will be ignored. If you specify `INCLUDE` , all other columns in the table will be ignored.", + "title": "Inclusion", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Name": { + "markdownDescription": "The name of the column for which the other fields in this object apply.", + "title": "Name", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.QueryGenerationConfiguration": { + "additionalProperties": false, + "properties": { + "ExecutionTimeoutSeconds": { + "markdownDescription": "The time after which query generation will time out.", + "title": "ExecutionTimeoutSeconds", + "type": "number" }, - "Metadata": { - "type": "object" + "GenerationContext": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.QueryGenerationContext", + "markdownDescription": "Specifies configurations for context to use during query generation.", + "title": "GenerationContext" + } + }, + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.QueryGenerationContext": { + "additionalProperties": false, + "properties": { + "CuratedQueries": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.CuratedQuery" + }, + "markdownDescription": "An array of objects, each of which defines information about example queries to help the query engine generate appropriate SQL queries.", + "title": "CuratedQueries", + "type": "array" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ExecutionRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role for CloudFormation to assume when invoking the resource. If your resource calls AWS APIs in any of its handlers, you must create an IAM execution role that includes the necessary permissions to call those AWS APIs, and provision that execution role in your account. When CloudFormation needs to invoke the resource type handler, CloudFormation assumes this execution role to create a temporary session token, which it then passes to the resource type handler, thereby supplying your resource type with the appropriate credentials.", - "title": "ExecutionRoleArn", - "type": "string" - }, - "LoggingConfig": { - "$ref": "#/definitions/AWS::CloudFormation::ResourceVersion.LoggingConfig", - "markdownDescription": "Logging configuration information for a resource.", - "title": "LoggingConfig" - }, - "SchemaHandlerPackage": { - "markdownDescription": "A URL to the S3 bucket containing the resource project package that contains the necessary files for the resource you want to register.\n\nFor information on generating a schema handler package, see [Modeling resource types to use with AWS CloudFormation](https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/resource-type-model.html) in the *AWS CloudFormation Command Line Interface (CLI) User Guide* .\n\n> To register the resource version, you must have `s3:GetObject` permissions to access the S3 objects.", - "title": "SchemaHandlerPackage", - "type": "string" - }, - "TypeName": { - "markdownDescription": "The name of the resource being registered.\n\nWe recommend that resource names adhere to the following pattern: *company_or_organization* :: *service* :: *type* .\n\n> The following organization namespaces are reserved and can't be used in your resource names:\n> \n> - `Alexa`\n> - `AMZN`\n> - `Amazon`\n> - `AWS`\n> - `Custom`\n> - `Dev`", - "title": "TypeName", - "type": "string" - } + "Tables": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.QueryGenerationTable" }, - "required": [ - "SchemaHandlerPackage", - "TypeName" - ], - "type": "object" + "markdownDescription": "An array of objects, each of which defines information about a table in the database.", + "title": "Tables", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.QueryGenerationTable": { + "additionalProperties": false, + "properties": { + "Columns": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.QueryGenerationColumn" + }, + "markdownDescription": "An array of objects, each of which defines information about a column in the table.", + "title": "Columns", + "type": "array" }, - "Type": { - "enum": [ - "AWS::CloudFormation::ResourceVersion" - ], + "Description": { + "markdownDescription": "A description of the table that helps the query engine understand the contents of the table.", + "title": "Description", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Inclusion": { + "markdownDescription": "Specifies whether to include or exclude the table during query generation. If you specify `EXCLUDE` , the table will be ignored. If you specify `INCLUDE` , all other tables will be ignored.", + "title": "Inclusion", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the table for which the other fields in this object apply.", + "title": "Name", "type": "string" } }, "required": [ - "Type", - "Properties" + "Name" ], "type": "object" }, - "AWS::CloudFormation::ResourceVersion.LoggingConfig": { + "AWS::Bedrock::KnowledgeBase.RdsConfiguration": { "additionalProperties": false, "properties": { - "LogGroupName": { - "markdownDescription": "The Amazon CloudWatch logs group to which CloudFormation sends error logging information when invoking the type's handlers.", - "title": "LogGroupName", + "CredentialsSecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the secret that you created in AWS Secrets Manager that is linked to your Amazon RDS database.", + "title": "CredentialsSecretArn", "type": "string" }, - "LogRoleArn": { - "markdownDescription": "The ARN of the role that CloudFormation should assume when sending log entries to CloudWatch logs.", - "title": "LogRoleArn", + "DatabaseName": { + "markdownDescription": "The name of your Amazon RDS database.", + "title": "DatabaseName", + "type": "string" + }, + "FieldMapping": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.RdsFieldMapping", + "markdownDescription": "Contains the names of the fields to which to map information about the vector store.", + "title": "FieldMapping" + }, + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the vector store.", + "title": "ResourceArn", + "type": "string" + }, + "TableName": { + "markdownDescription": "The name of the table in the database.", + "title": "TableName", "type": "string" } }, + "required": [ + "CredentialsSecretArn", + "DatabaseName", + "FieldMapping", + "ResourceArn", + "TableName" + ], "type": "object" }, - "AWS::CloudFormation::Stack": { + "AWS::Bedrock::KnowledgeBase.RdsFieldMapping": { "additionalProperties": false, "properties": { - "Condition": { + "CustomMetadataField": { + "markdownDescription": "Provide a name for the universal metadata field where Amazon Bedrock will store any custom metadata from your data source.", + "title": "CustomMetadataField", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "MetadataField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores metadata about the vector store.", + "title": "MetadataField", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "NotificationARNs": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon SNS topic ARNs to publish stack related events. You can find your Amazon SNS topic ARNs using the Amazon SNS console or your Command Line Interface (CLI).", - "title": "NotificationARNs", - "type": "array" - }, - "Parameters": { - "additionalProperties": true, - "markdownDescription": "The set value pairs that represent the parameters passed to CloudFormation when this nested stack is created. Each parameter has a name corresponding to a parameter defined in the embedded template and a value representing the value that you want to set for the parameter.\n\n> If you use the `Ref` function to pass a parameter value to a nested stack, comma-delimited list parameters must be of type `String` . In other words, you can't pass values that are of type `CommaDelimitedList` to nested stacks. \n\nRequired if the nested stack requires input parameters.\n\nWhether an update causes interruptions depends on the resources that are being updated. An update never causes a nested stack to be replaced.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Parameters", - "type": "object" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Key-value pairs to associate with this stack. CloudFormation also propagates these tags to the resources created in the stack. A maximum number of 50 tags can be specified.", - "title": "Tags", - "type": "array" - }, - "TemplateURL": { - "markdownDescription": "The URL of a file containing the template body. The URL must point to a template (max size: 1 MB) that's located in an Amazon S3 bucket. The location for an Amazon S3 bucket must start with `https://` .\n\nWhether an update causes interruptions depends on the resources that are being updated. An update never causes a nested stack to be replaced.", - "title": "TemplateURL", - "type": "string" - }, - "TimeoutInMinutes": { - "markdownDescription": "The length of time, in minutes, that CloudFormation waits for the nested stack to reach the `CREATE_COMPLETE` state. The default is no timeout. When CloudFormation detects that the nested stack has reached the `CREATE_COMPLETE` state, it marks the nested stack resource as `CREATE_COMPLETE` in the parent stack and resumes creating the parent stack. If the timeout period expires before the nested stack reaches `CREATE_COMPLETE` , CloudFormation marks the nested stack as failed and rolls back both the nested stack and parent stack.\n\nUpdates aren't supported.", - "title": "TimeoutInMinutes", - "type": "number" - } - }, - "required": [ - "TemplateURL" - ], - "type": "object" + "PrimaryKeyField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores the ID for each entry.", + "title": "PrimaryKeyField", + "type": "string" }, - "Type": { - "enum": [ - "AWS::CloudFormation::Stack" - ], + "TextField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose.", + "title": "TextField", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VectorField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores the vector embeddings for your data sources.", + "title": "VectorField", "type": "string" } }, "required": [ - "Type", - "Properties" + "MetadataField", + "PrimaryKeyField", + "TextField", + "VectorField" ], "type": "object" }, - "AWS::CloudFormation::StackSet": { + "AWS::Bedrock::KnowledgeBase.RedshiftConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "QueryEngineConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.RedshiftQueryEngineConfiguration", + "markdownDescription": "Specifies configurations for an Amazon Redshift query engine.", + "title": "QueryEngineConfiguration" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "QueryGenerationConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.QueryGenerationConfiguration", + "markdownDescription": "Specifies configurations for generating queries.", + "title": "QueryGenerationConfiguration" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AdministrationRoleARN": { - "markdownDescription": "The Amazon Resource Number (ARN) of the IAM role to use to create this stack set. Specify an IAM role only if you are using customized administrator roles to control which users or groups can manage specific stack sets within the same administrator account.\n\nUse customized administrator roles to control which users or groups can manage specific stack sets within the same administrator account. For more information, see [Grant self-managed permissions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-prereqs-self-managed.html) in the *AWS CloudFormation User Guide* .\n\nValid only if the permissions model is `SELF_MANAGED` .", - "title": "AdministrationRoleARN", - "type": "string" - }, - "AutoDeployment": { - "$ref": "#/definitions/AWS::CloudFormation::StackSet.AutoDeployment", - "markdownDescription": "Describes whether StackSets automatically deploys to AWS Organizations accounts that are added to a target organization or organizational unit (OU). For more information, see [Enable or disable automatic deployments for StackSets in AWS Organizations](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-orgs-manage-auto-deployment.html) in the *AWS CloudFormation User Guide* .\n\nRequired if the permissions model is `SERVICE_MANAGED` . (Not used with self-managed permissions.)", - "title": "AutoDeployment" - }, - "CallAs": { - "markdownDescription": "Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.\n\nBy default, `SELF` is specified. Use `SELF` for stack sets with self-managed permissions.\n\n- To create a stack set with service-managed permissions while signed in to the management account, specify `SELF` .\n- To create a stack set with service-managed permissions while signed in to a delegated administrator account, specify `DELEGATED_ADMIN` .\n\nYour AWS account must be registered as a delegated admin in the management account. For more information, see [Register a delegated administrator](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-orgs-delegated-admin.html) in the *AWS CloudFormation User Guide* .\n\nStack sets with service-managed permissions are created in the management account, including stack sets that are created by delegated administrators.\n\nValid only if the permissions model is `SERVICE_MANAGED` .", - "title": "CallAs", - "type": "string" - }, - "Capabilities": { - "items": { - "type": "string" - }, - "markdownDescription": "The capabilities that are allowed in the stack set. Some stack set templates might include resources that can affect permissions in your AWS account \u2014for example, by creating new IAM users. For more information, see [Acknowledging IAM resources in CloudFormation templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/control-access-with-iam.html#using-iam-capabilities) in the *AWS CloudFormation User Guide* .", - "title": "Capabilities", - "type": "array" - }, - "Description": { - "markdownDescription": "A description of the stack set.", - "title": "Description", - "type": "string" - }, - "ExecutionRoleName": { - "markdownDescription": "The name of the IAM execution role to use to create the stack set. If you don't specify an execution role, CloudFormation uses the `AWSCloudFormationStackSetExecutionRole` role for the stack set operation.\n\nValid only if the permissions model is `SELF_MANAGED` .\n\n*Pattern* : `[a-zA-Z_0-9+=,.@-]+`", - "title": "ExecutionRoleName", - "type": "string" - }, - "ManagedExecution": { - "$ref": "#/definitions/AWS::CloudFormation::StackSet.ManagedExecution", - "markdownDescription": "Describes whether StackSets performs non-conflicting operations concurrently and queues conflicting operations.\n\nWhen active, StackSets performs non-conflicting operations concurrently and queues conflicting operations. After conflicting operations finish, StackSets starts queued operations in request order.\n\n> If there are already running or queued operations, StackSets queues all incoming operations even if they are non-conflicting.\n> \n> You can't modify your stack set's execution configuration while there are running or queued operations for that stack set. \n\nWhen inactive (default), StackSets performs one operation at a time in request order.", - "title": "ManagedExecution" - }, - "OperationPreferences": { - "$ref": "#/definitions/AWS::CloudFormation::StackSet.OperationPreferences", - "markdownDescription": "The user-specified preferences for how CloudFormation performs a stack set operation.", - "title": "OperationPreferences" - }, - "Parameters": { - "items": { - "$ref": "#/definitions/AWS::CloudFormation::StackSet.Parameter" - }, - "markdownDescription": "The input parameters for the stack set template.", - "title": "Parameters", - "type": "array" - }, - "PermissionModel": { - "markdownDescription": "Describes how the IAM roles required for stack set operations are created.\n\n- With `SELF_MANAGED` permissions, you must create the administrator and execution roles required to deploy to target accounts. For more information, see [Grant self-managed permissions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-prereqs-self-managed.html) in the *AWS CloudFormation User Guide* .\n- With `SERVICE_MANAGED` permissions, StackSets automatically creates the IAM roles required to deploy to accounts managed by AWS Organizations . For more information, see [Activate trusted access for stack sets with AWS Organizations](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-orgs-activate-trusted-access.html) in the *AWS CloudFormation User Guide* .", - "title": "PermissionModel", - "type": "string" - }, - "StackInstancesGroup": { - "items": { - "$ref": "#/definitions/AWS::CloudFormation::StackSet.StackInstances" - }, - "markdownDescription": "A group of stack instances with parameters in some specific accounts and Regions.", - "title": "StackInstancesGroup", - "type": "array" - }, - "StackSetName": { - "markdownDescription": "The name to associate with the stack set. The name must be unique in the Region where you create your stack set.", - "title": "StackSetName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Key-value pairs to associate with this stack. CloudFormation also propagates these tags to supported resources in the stack. You can specify a maximum number of 50 tags.\n\nIf you don't specify this parameter, CloudFormation doesn't modify the stack's tags. If you specify an empty value, CloudFormation removes all associated tags.", - "title": "Tags", - "type": "array" - }, - "TemplateBody": { - "markdownDescription": "The structure that contains the template body, with a minimum length of 1 byte and a maximum length of 51,200 bytes.\n\nYou must include either `TemplateURL` or `TemplateBody` in a StackSet, but you can't use both. Dynamic references in the `TemplateBody` may not work correctly in all cases. It's recommended to pass templates containing dynamic references through `TemplateUrl` instead.", - "title": "TemplateBody", - "type": "string" - }, - "TemplateURL": { - "markdownDescription": "The URL of a file containing the template body. The URL must point to a template (max size: 1 MB) that's located in an Amazon S3 bucket or a Systems Manager document. The location for an Amazon S3 bucket must start with `https://` .\n\nConditional: You must specify only one of the following parameters: `TemplateBody` , `TemplateURL` .", - "title": "TemplateURL", - "type": "string" - } + "StorageConfigurations": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.RedshiftQueryEngineStorageConfiguration" }, - "required": [ - "PermissionModel", - "StackSetName" - ], - "type": "object" + "markdownDescription": "Specifies configurations for Amazon Redshift database storage.", + "title": "StorageConfigurations", + "type": "array" + } + }, + "required": [ + "QueryEngineConfiguration", + "StorageConfigurations" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.RedshiftProvisionedAuthConfiguration": { + "additionalProperties": false, + "properties": { + "DatabaseUser": { + "markdownDescription": "The database username for authentication to an Amazon Redshift provisioned data warehouse.", + "title": "DatabaseUser", + "type": "string" }, "Type": { - "enum": [ - "AWS::CloudFormation::StackSet" - ], + "markdownDescription": "The type of authentication to use.", + "title": "Type", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "UsernamePasswordSecretArn": { + "markdownDescription": "The ARN of an Secrets Manager secret for authentication.", + "title": "UsernamePasswordSecretArn", "type": "string" } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::CloudFormation::StackSet.AutoDeployment": { + "AWS::Bedrock::KnowledgeBase.RedshiftProvisionedConfiguration": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "If set to `true` , StackSets automatically deploys additional stack instances to AWS Organizations accounts that are added to a target organization or organizational unit (OU) in the specified Regions. If an account is removed from a target organization or OU, StackSets deletes stack instances from the account in the specified Regions.", - "title": "Enabled", - "type": "boolean" + "AuthConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.RedshiftProvisionedAuthConfiguration", + "markdownDescription": "Specifies configurations for authentication to Amazon Redshift.", + "title": "AuthConfiguration" }, - "RetainStacksOnAccountRemoval": { - "markdownDescription": "If set to `true` , stack resources are retained when an account is removed from a target organization or OU. If set to `false` , stack resources are deleted. Specify only if `Enabled` is set to `True` .", - "title": "RetainStacksOnAccountRemoval", - "type": "boolean" + "ClusterIdentifier": { + "markdownDescription": "The ID of the Amazon Redshift cluster.", + "title": "ClusterIdentifier", + "type": "string" } }, + "required": [ + "AuthConfiguration", + "ClusterIdentifier" + ], "type": "object" }, - "AWS::CloudFormation::StackSet.DeploymentTargets": { + "AWS::Bedrock::KnowledgeBase.RedshiftQueryEngineAwsDataCatalogStorageConfiguration": { "additionalProperties": false, "properties": { - "AccountFilterType": { - "markdownDescription": "Limit deployment targets to individual accounts or include additional accounts with provided OUs.\n\nThe following is a list of possible values for the `AccountFilterType` operation.\n\n- `INTERSECTION` : StackSet deploys to the accounts specified in the `Accounts` parameter.\n- `DIFFERENCE` : StackSet deploys to the OU, excluding the accounts specified in the `Accounts` parameter.\n- `UNION` StackSet deploys to the OU, and the accounts specified in the `Accounts` parameter. `UNION` is not supported for create operations when using StackSet as a resource.", - "title": "AccountFilterType", - "type": "string" - }, - "Accounts": { + "TableNames": { "items": { "type": "string" }, - "markdownDescription": "The account IDs of the AWS accounts . If you have many account numbers, you can provide those accounts using the `AccountsUrl` property instead.\n\n*Pattern* : `^[0-9]{12}$`", - "title": "Accounts", + "markdownDescription": "A list of names of the tables to use.", + "title": "TableNames", "type": "array" + } + }, + "required": [ + "TableNames" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.RedshiftQueryEngineConfiguration": { + "additionalProperties": false, + "properties": { + "ProvisionedConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.RedshiftProvisionedConfiguration", + "markdownDescription": "Specifies configurations for a provisioned Amazon Redshift query engine.", + "title": "ProvisionedConfiguration" }, - "AccountsUrl": { - "markdownDescription": "The Amazon S3 URL path to a file that contains a list of AWS account IDs. The file format must be either `.csv` or `.txt` , and the data can be comma-separated or new-line-separated. There is currently a 10MB limit for the data (approximately 800,000 accounts).", - "title": "AccountsUrl", - "type": "string" + "ServerlessConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.RedshiftServerlessConfiguration", + "markdownDescription": "Specifies configurations for a serverless Amazon Redshift query engine.", + "title": "ServerlessConfiguration" }, - "OrganizationalUnitIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The organization root ID or organizational unit (OU) IDs.\n\n*Pattern* : `^(ou-[a-z0-9]{4,32}-[a-z0-9]{8,32}|r-[a-z0-9]{4,32})$`", - "title": "OrganizationalUnitIds", - "type": "array" + "Type": { + "markdownDescription": "The type of query engine.", + "title": "Type", + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::CloudFormation::StackSet.ManagedExecution": { + "AWS::Bedrock::KnowledgeBase.RedshiftQueryEngineRedshiftStorageConfiguration": { "additionalProperties": false, "properties": { - "Active": { - "markdownDescription": "When `true` , StackSets performs non-conflicting operations concurrently and queues conflicting operations. After conflicting operations finish, StackSets starts queued operations in request order.\n\n> If there are already running or queued operations, StackSets queues all incoming operations even if they are non-conflicting.\n> \n> You can't modify your stack set's execution configuration while there are running or queued operations for that stack set. \n\nWhen `false` (default), StackSets performs one operation at a time in request order.", - "title": "Active", - "type": "boolean" + "DatabaseName": { + "markdownDescription": "The name of the Amazon Redshift database.", + "title": "DatabaseName", + "type": "string" } }, + "required": [ + "DatabaseName" + ], "type": "object" }, - "AWS::CloudFormation::StackSet.OperationPreferences": { + "AWS::Bedrock::KnowledgeBase.RedshiftQueryEngineStorageConfiguration": { "additionalProperties": false, "properties": { - "FailureToleranceCount": { - "markdownDescription": "The number of accounts, per Region, for which this operation can fail before CloudFormation stops the operation in that Region. If the operation is stopped in a Region, CloudFormation doesn't attempt the operation in any subsequent Regions.\n\nConditional: You must specify either `FailureToleranceCount` or `FailureTolerancePercentage` (but not both).", - "title": "FailureToleranceCount", - "type": "number" - }, - "FailureTolerancePercentage": { - "markdownDescription": "The percentage of accounts, per Region, for which this stack operation can fail before CloudFormation stops the operation in that Region. If the operation is stopped in a Region, CloudFormation doesn't attempt the operation in any subsequent Regions.\n\nWhen calculating the number of accounts based on the specified percentage, CloudFormation rounds *down* to the next whole number.\n\nConditional: You must specify either `FailureToleranceCount` or `FailureTolerancePercentage` , but not both.", - "title": "FailureTolerancePercentage", - "type": "number" + "AwsDataCatalogConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.RedshiftQueryEngineAwsDataCatalogStorageConfiguration", + "markdownDescription": "Specifies configurations for storage in AWS Glue Data Catalog.", + "title": "AwsDataCatalogConfiguration" }, - "MaxConcurrentCount": { - "markdownDescription": "The maximum number of accounts in which to perform this operation at one time. This is dependent on the value of `FailureToleranceCount` . `MaxConcurrentCount` is at most one more than the `FailureToleranceCount` .\n\nNote that this setting lets you specify the *maximum* for operations. For large deployments, under certain circumstances the actual number of accounts acted upon concurrently may be lower due to service throttling.\n\nConditional: You must specify either `MaxConcurrentCount` or `MaxConcurrentPercentage` , but not both.", - "title": "MaxConcurrentCount", - "type": "number" + "RedshiftConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.RedshiftQueryEngineRedshiftStorageConfiguration", + "markdownDescription": "Specifies configurations for storage in Amazon Redshift.", + "title": "RedshiftConfiguration" }, - "MaxConcurrentPercentage": { - "markdownDescription": "The maximum percentage of accounts in which to perform this operation at one time.\n\nWhen calculating the number of accounts based on the specified percentage, CloudFormation rounds down to the next whole number. This is true except in cases where rounding down would result is zero. In this case, CloudFormation sets the number as one instead.\n\nNote that this setting lets you specify the *maximum* for operations. For large deployments, under certain circumstances the actual number of accounts acted upon concurrently may be lower due to service throttling.\n\nConditional: You must specify either `MaxConcurrentCount` or `MaxConcurrentPercentage` , but not both.", - "title": "MaxConcurrentPercentage", - "type": "number" + "Type": { + "markdownDescription": "The data storage service to use.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.RedshiftServerlessAuthConfiguration": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "The type of authentication to use.", + "title": "Type", + "type": "string" }, - "RegionConcurrencyType": { - "markdownDescription": "The concurrency type of deploying StackSets operations in Regions, could be in parallel or one Region at a time.", - "title": "RegionConcurrencyType", + "UsernamePasswordSecretArn": { + "markdownDescription": "The ARN of an Secrets Manager secret for authentication.", + "title": "UsernamePasswordSecretArn", "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.RedshiftServerlessConfiguration": { + "additionalProperties": false, + "properties": { + "AuthConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.RedshiftServerlessAuthConfiguration", + "markdownDescription": "Specifies configurations for authentication to an Amazon Redshift provisioned data warehouse.", + "title": "AuthConfiguration" }, - "RegionOrder": { - "items": { - "type": "string" - }, - "markdownDescription": "The order of the Regions where you want to perform the stack operation.", - "title": "RegionOrder", - "type": "array" + "WorkgroupArn": { + "markdownDescription": "The ARN of the Amazon Redshift workgroup.", + "title": "WorkgroupArn", + "type": "string" } }, + "required": [ + "AuthConfiguration", + "WorkgroupArn" + ], "type": "object" }, - "AWS::CloudFormation::StackSet.Parameter": { + "AWS::Bedrock::KnowledgeBase.S3Location": { "additionalProperties": false, "properties": { - "ParameterKey": { - "markdownDescription": "The key associated with the parameter. If you don't specify a key and value for a particular parameter, CloudFormation uses the default value that's specified in your template.", - "title": "ParameterKey", + "URI": { + "markdownDescription": "An object URI starting with `s3://` .", + "title": "URI", "type": "string" + } + }, + "required": [ + "URI" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.SqlKnowledgeBaseConfiguration": { + "additionalProperties": false, + "properties": { + "RedshiftConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.RedshiftConfiguration", + "markdownDescription": "Specifies configurations for a knowledge base connected to an Amazon Redshift database.", + "title": "RedshiftConfiguration" }, - "ParameterValue": { - "markdownDescription": "The input value associated with the parameter.", - "title": "ParameterValue", + "Type": { + "markdownDescription": "The type of SQL database to connect to the knowledge base.", + "title": "Type", "type": "string" } }, "required": [ - "ParameterKey", - "ParameterValue" + "Type" ], "type": "object" }, - "AWS::CloudFormation::StackSet.StackInstances": { + "AWS::Bedrock::KnowledgeBase.StorageConfiguration": { "additionalProperties": false, "properties": { - "DeploymentTargets": { - "$ref": "#/definitions/AWS::CloudFormation::StackSet.DeploymentTargets", - "markdownDescription": "The AWS `OrganizationalUnitIds` or `Accounts` for which to create stack instances in the specified Regions.", - "title": "DeploymentTargets" + "MongoDbAtlasConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.MongoDbAtlasConfiguration", + "markdownDescription": "Contains the storage configuration of the knowledge base in MongoDB Atlas.", + "title": "MongoDbAtlasConfiguration" }, - "ParameterOverrides": { - "items": { - "$ref": "#/definitions/AWS::CloudFormation::StackSet.Parameter" - }, - "markdownDescription": "A list of stack set parameters whose values you want to override in the selected stack instances.", - "title": "ParameterOverrides", - "type": "array" + "NeptuneAnalyticsConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.NeptuneAnalyticsConfiguration", + "markdownDescription": "Contains details about the Neptune Analytics configuration of the knowledge base in Amazon Neptune. For more information, see [Create a vector index in Amazon Neptune Analytics.](https://docs.aws.amazon.com/bedrock/latest/userguide/knowledge-base-setup-neptune.html) .", + "title": "NeptuneAnalyticsConfiguration" }, - "Regions": { + "OpensearchManagedClusterConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.OpenSearchManagedClusterConfiguration", + "markdownDescription": "Contains details about the storage configuration of the knowledge base in OpenSearch Managed Cluster. For more information, see [Create a vector index in Amazon OpenSearch Service](https://docs.aws.amazon.com/bedrock/latest/userguide/knowledge-base-setup-osm.html) .", + "title": "OpensearchManagedClusterConfiguration" + }, + "OpensearchServerlessConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.OpenSearchServerlessConfiguration", + "markdownDescription": "Contains the storage configuration of the knowledge base in Amazon OpenSearch Service.", + "title": "OpensearchServerlessConfiguration" + }, + "PineconeConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.PineconeConfiguration", + "markdownDescription": "Contains the storage configuration of the knowledge base in Pinecone.", + "title": "PineconeConfiguration" + }, + "RdsConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.RdsConfiguration", + "markdownDescription": "Contains details about the storage configuration of the knowledge base in Amazon RDS. For more information, see [Create a vector index in Amazon RDS](https://docs.aws.amazon.com/bedrock/latest/userguide/knowledge-base-setup-rds.html) .", + "title": "RdsConfiguration" + }, + "Type": { + "markdownDescription": "The vector store service in which the knowledge base is stored.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.SupplementalDataStorageConfiguration": { + "additionalProperties": false, + "properties": { + "SupplementalDataStorageLocations": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.SupplementalDataStorageLocation" }, - "markdownDescription": "The names of one or more Regions where you want to create stack instances using the specified AWS accounts .", - "title": "Regions", + "markdownDescription": "", + "title": "SupplementalDataStorageLocations", "type": "array" } }, "required": [ - "DeploymentTargets", - "Regions" + "SupplementalDataStorageLocations" ], "type": "object" }, - "AWS::CloudFormation::TypeActivation": { + "AWS::Bedrock::KnowledgeBase.SupplementalDataStorageLocation": { + "additionalProperties": false, + "properties": { + "S3Location": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.S3Location", + "markdownDescription": "Contains information about the Amazon S3 location for the extracted images.", + "title": "S3Location" + }, + "SupplementalDataStorageLocationType": { + "markdownDescription": "", + "title": "SupplementalDataStorageLocationType", + "type": "string" + } + }, + "required": [ + "SupplementalDataStorageLocationType" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.VectorKnowledgeBaseConfiguration": { + "additionalProperties": false, + "properties": { + "EmbeddingModelArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the model used to create vector embeddings for the knowledge base.", + "title": "EmbeddingModelArn", + "type": "string" + }, + "EmbeddingModelConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.EmbeddingModelConfiguration", + "markdownDescription": "The embeddings model configuration details for the vector model used in Knowledge Base.", + "title": "EmbeddingModelConfiguration" + }, + "SupplementalDataStorageConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.SupplementalDataStorageConfiguration", + "markdownDescription": "If you include multimodal data from your data source, use this object to specify configurations for the storage location of the images extracted from your documents. These images can be retrieved and returned to the end user. They can also be used in generation when using [RetrieveAndGenerate](https://docs.aws.amazon.com/bedrock/latest/APIReference/API_agent-runtime_RetrieveAndGenerate.html) .", + "title": "SupplementalDataStorageConfiguration" + } + }, + "required": [ + "EmbeddingModelArn" + ], + "type": "object" + }, + "AWS::Bedrock::Prompt": { "additionalProperties": false, "properties": { "Condition": { @@ -35580,62 +39839,54 @@ "Properties": { "additionalProperties": false, "properties": { - "AutoUpdate": { - "markdownDescription": "Whether to automatically update the extension in this account and Region when a new *minor* version is published by the extension publisher. Major versions released by the publisher must be manually updated.\n\nThe default is `true` .", - "title": "AutoUpdate", - "type": "boolean" - }, - "ExecutionRoleArn": { - "markdownDescription": "The name of the IAM execution role to use to activate the extension.", - "title": "ExecutionRoleArn", - "type": "string" - }, - "LoggingConfig": { - "$ref": "#/definitions/AWS::CloudFormation::TypeActivation.LoggingConfig", - "markdownDescription": "Specifies logging configuration information for an extension.", - "title": "LoggingConfig" - }, - "MajorVersion": { - "markdownDescription": "The major version of this extension you want to activate, if multiple major versions are available. The default is the latest major version. CloudFormation uses the latest available *minor* version of the major version selected.\n\nYou can specify `MajorVersion` or `VersionBump` , but not both.", - "title": "MajorVersion", - "type": "string" - }, - "PublicTypeArn": { - "markdownDescription": "The Amazon Resource Number (ARN) of the public extension.\n\nConditional: You must specify `PublicTypeArn` , or `TypeName` , `Type` , and `PublisherId` .", - "title": "PublicTypeArn", + "CustomerEncryptionKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key that the prompt is encrypted with.", + "title": "CustomerEncryptionKeyArn", "type": "string" }, - "PublisherId": { - "markdownDescription": "The ID of the extension publisher.\n\nConditional: You must specify `PublicTypeArn` , or `TypeName` , `Type` , and `PublisherId` .", - "title": "PublisherId", + "DefaultVariant": { + "markdownDescription": "The name of the default variant for the prompt. This value must match the `name` field in the relevant [PromptVariant](https://docs.aws.amazon.com/bedrock/latest/APIReference/API_agent_PromptVariant.html) object.", + "title": "DefaultVariant", "type": "string" }, - "Type": { - "markdownDescription": "The extension type.\n\nConditional: You must specify `PublicTypeArn` , or `TypeName` , `Type` , and `PublisherId` .", - "title": "Type", + "Description": { + "markdownDescription": "The description of the prompt.", + "title": "Description", "type": "string" }, - "TypeName": { - "markdownDescription": "The name of the extension.\n\nConditional: You must specify `PublicTypeArn` , or `TypeName` , `Type` , and `PublisherId` .", - "title": "TypeName", + "Name": { + "markdownDescription": "The name of the prompt.", + "title": "Name", "type": "string" }, - "TypeNameAlias": { - "markdownDescription": "An alias to assign to the public extension, in this account and Region. If you specify an alias for the extension, CloudFormation treats the alias as the extension type name within this account and Region. You must use the alias to refer to the extension in your templates, API calls, and CloudFormation console.\n\nAn extension alias must be unique within a given account and Region. You can activate the same public resource multiple times in the same account and Region, using different type name aliases.", - "title": "TypeNameAlias", - "type": "string" + "Tags": { + "additionalProperties": true, + "markdownDescription": "Metadata that you can assign to a resource as key-value pairs. For more information, see the following resources:\n\n- [Tag naming limits and requirements](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-conventions)\n- [Tagging best practices](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-best-practices)", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" }, - "VersionBump": { - "markdownDescription": "Manually updates a previously-activated type to a new major or minor version, if available. You can also use this parameter to update the value of `AutoUpdate` .\n\n- `MAJOR` : CloudFormation updates the extension to the newest major version, if one is available.\n- `MINOR` : CloudFormation updates the extension to the newest minor version, if one is available.", - "title": "VersionBump", - "type": "string" + "Variants": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.PromptVariant" + }, + "markdownDescription": "A list of objects, each containing details about a variant of the prompt.", + "title": "Variants", + "type": "array" } }, + "required": [ + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFormation::TypeActivation" + "AWS::Bedrock::Prompt" ], "type": "string" }, @@ -35649,160 +39900,457 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::CloudFormation::TypeActivation.LoggingConfig": { + "AWS::Bedrock::Prompt.CachePointBlock": { "additionalProperties": false, "properties": { - "LogGroupName": { - "markdownDescription": "The Amazon CloudWatch Logs group to which CloudFormation sends error logging information when invoking the extension's handlers.", - "title": "LogGroupName", - "type": "string" - }, - "LogRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role that CloudFormation should assume when sending log entries to CloudWatch Logs.", - "title": "LogRoleArn", + "Type": { + "markdownDescription": "Specifies the type of cache point within the CachePointBlock.", + "title": "Type", "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::CloudFormation::WaitCondition": { + "AWS::Bedrock::Prompt.ChatPromptTemplateConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "InputVariables": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.PromptInputVariable" + }, + "markdownDescription": "An array of the variables in the prompt template.", + "title": "InputVariables", + "type": "array" + }, + "Messages": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.Message" + }, + "markdownDescription": "Contains messages in the chat for the prompt.", + "title": "Messages", + "type": "array" + }, + "System": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.SystemContentBlock" + }, + "markdownDescription": "Contains system prompts to provide context to the model or to describe how it should behave.", + "title": "System", + "type": "array" + }, + "ToolConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.ToolConfiguration", + "markdownDescription": "Configuration information for the tools that the model can use when generating a response.", + "title": "ToolConfiguration" + } + }, + "required": [ + "Messages" + ], + "type": "object" + }, + "AWS::Bedrock::Prompt.ContentBlock": { + "additionalProperties": false, + "properties": { + "CachePoint": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.CachePointBlock", + "markdownDescription": "CachePoint to include in the message.", + "title": "CachePoint" + }, + "Text": { + "markdownDescription": "Text to include in the message.", + "title": "Text", "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::Prompt.Message": { + "additionalProperties": false, + "properties": { + "Content": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.ContentBlock" + }, + "markdownDescription": "The message content. Note the following restrictions:\n\n- You can include up to 20 images. Each image's size, height, and width must be no more than 3.75 MB, 8000 px, and 8000 px, respectively.\n- You can include up to five documents. Each document's size must be no more than 4.5 MB.\n- If you include a `ContentBlock` with a `document` field in the array, you must also include a `ContentBlock` with a `text` field.\n- You can only include images and documents if the `role` is `user` .", + "title": "Content", + "type": "array" }, - "CreationPolicy": { - "type": "object" + "Role": { + "markdownDescription": "The role that the message plays in the message.", + "title": "Role", + "type": "string" + } + }, + "required": [ + "Content", + "Role" + ], + "type": "object" + }, + "AWS::Bedrock::Prompt.PromptAgentResource": { + "additionalProperties": false, + "properties": { + "AgentIdentifier": { + "markdownDescription": "The ARN of the agent with which to use the prompt.", + "title": "AgentIdentifier", + "type": "string" + } + }, + "required": [ + "AgentIdentifier" + ], + "type": "object" + }, + "AWS::Bedrock::Prompt.PromptGenAiResource": { + "additionalProperties": false, + "properties": { + "Agent": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.PromptAgentResource", + "markdownDescription": "Specifies an Amazon Bedrock agent with which to use the prompt.", + "title": "Agent" + } + }, + "required": [ + "Agent" + ], + "type": "object" + }, + "AWS::Bedrock::Prompt.PromptInferenceConfiguration": { + "additionalProperties": false, + "properties": { + "Text": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.PromptModelInferenceConfiguration", + "markdownDescription": "Contains inference configurations for a text prompt.", + "title": "Text" + } + }, + "required": [ + "Text" + ], + "type": "object" + }, + "AWS::Bedrock::Prompt.PromptInputVariable": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the variable.", + "title": "Name", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::Prompt.PromptMetadataEntry": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The key of a metadata tag for a prompt variant.", + "title": "Key", + "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Value": { + "markdownDescription": "The value of a metadata tag for a prompt variant.", + "title": "Value", "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::Bedrock::Prompt.PromptModelInferenceConfiguration": { + "additionalProperties": false, + "properties": { + "MaxTokens": { + "markdownDescription": "The maximum number of tokens to return in the response.", + "title": "MaxTokens", + "type": "number" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "StopSequences": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of strings that define sequences after which the model will stop generating.", + "title": "StopSequences", + "type": "array" }, - "Metadata": { + "Temperature": { + "markdownDescription": "Controls the randomness of the response. Choose a lower value for more predictable outputs and a higher value for more surprising outputs.", + "title": "Temperature", + "type": "number" + }, + "TopP": { + "markdownDescription": "The percentage of most-likely candidates that the model considers for the next token.", + "title": "TopP", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Bedrock::Prompt.PromptTemplateConfiguration": { + "additionalProperties": false, + "properties": { + "Chat": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.ChatPromptTemplateConfiguration", + "markdownDescription": "Contains configurations to use the prompt in a conversational format.", + "title": "Chat" + }, + "Text": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.TextPromptTemplateConfiguration", + "markdownDescription": "Contains configurations for the text in a message for a prompt.", + "title": "Text" + } + }, + "type": "object" + }, + "AWS::Bedrock::Prompt.PromptVariant": { + "additionalProperties": false, + "properties": { + "AdditionalModelRequestFields": { + "markdownDescription": "Contains model-specific inference configurations that aren't in the `inferenceConfiguration` field. To see model-specific inference parameters, see [Inference request parameters and response fields for foundation models](https://docs.aws.amazon.com/bedrock/latest/userguide/model-parameters.html) .", + "title": "AdditionalModelRequestFields", "type": "object" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Count": { - "markdownDescription": "The number of success signals that CloudFormation must receive before it continues the stack creation process. When the wait condition receives the requisite number of success signals, CloudFormation resumes the creation of the stack. If the wait condition doesn't receive the specified number of success signals before the Timeout period expires, CloudFormation assumes that the wait condition has failed and rolls the stack back.\n\nUpdates aren't supported.", - "title": "Count", - "type": "number" - }, - "Handle": { - "markdownDescription": "A reference to the wait condition handle used to signal this wait condition. Use the `Ref` intrinsic function to specify an [AWS::CloudFormation::WaitConditionHandle](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudformation-waitconditionhandle.html) resource.\n\nAnytime you add a `WaitCondition` resource during a stack update, you must associate the wait condition with a new WaitConditionHandle resource. Don't reuse an old wait condition handle that has already been defined in the template. If you reuse a wait condition handle, the wait condition might evaluate old signals from a previous create or update stack command.\n\nUpdates aren't supported.", - "title": "Handle", - "type": "string" - }, - "Timeout": { - "markdownDescription": "The length of time (in seconds) to wait for the number of signals that the `Count` property specifies. `Timeout` is a minimum-bound property, meaning the timeout occurs no sooner than the time you specify, but can occur shortly thereafter. The maximum time that can be specified for this property is 12 hours (43200 seconds).\n\nUpdates aren't supported.", - "title": "Timeout", - "type": "string" - } + "GenAiResource": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.PromptGenAiResource", + "markdownDescription": "Specifies a generative AI resource with which to use the prompt.", + "title": "GenAiResource" + }, + "InferenceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.PromptInferenceConfiguration", + "markdownDescription": "Contains inference configurations for the prompt variant.", + "title": "InferenceConfiguration" + }, + "Metadata": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.PromptMetadataEntry" }, - "type": "object" + "markdownDescription": "An array of objects, each containing a key-value pair that defines a metadata tag and value to attach to a prompt variant.", + "title": "Metadata", + "type": "array" }, - "Type": { - "enum": [ - "AWS::CloudFormation::WaitCondition" - ], + "ModelId": { + "markdownDescription": "The unique identifier of the model or [inference profile](https://docs.aws.amazon.com/bedrock/latest/userguide/cross-region-inference.html) with which to run inference on the prompt.", + "title": "ModelId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "The name of the prompt variant.", + "title": "Name", + "type": "string" + }, + "TemplateConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.PromptTemplateConfiguration", + "markdownDescription": "Contains configurations for the prompt template.", + "title": "TemplateConfiguration" + }, + "TemplateType": { + "markdownDescription": "The type of prompt template to use.", + "title": "TemplateType", "type": "string" } }, "required": [ - "Type" + "Name", + "TemplateConfiguration", + "TemplateType" ], "type": "object" }, - "AWS::CloudFormation::WaitConditionHandle": { + "AWS::Bedrock::Prompt.SpecificToolChoice": { "additionalProperties": false, "properties": { - "Condition": { + "Name": { + "markdownDescription": "The name of the tool that the model must request.", + "title": "Name", "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::Bedrock::Prompt.SystemContentBlock": { + "additionalProperties": false, + "properties": { + "CachePoint": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.CachePointBlock", + "markdownDescription": "CachePoint to include in the system prompt.", + "title": "CachePoint" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Text": { + "markdownDescription": "A system prompt for the model.", + "title": "Text", "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::Prompt.TextPromptTemplateConfiguration": { + "additionalProperties": false, + "properties": { + "CachePoint": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.CachePointBlock", + "markdownDescription": "A cache checkpoint within a template configuration.", + "title": "CachePoint" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "InputVariables": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.PromptInputVariable" + }, + "markdownDescription": "An array of the variables in the prompt template.", + "title": "InputVariables", + "type": "array" }, - "Metadata": { + "Text": { + "markdownDescription": "The message for the prompt.", + "title": "Text", + "type": "string" + }, + "TextS3Location": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.TextS3Location", + "markdownDescription": "The Amazon S3 location of the prompt text.", + "title": "TextS3Location" + } + }, + "type": "object" + }, + "AWS::Bedrock::Prompt.TextS3Location": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The Amazon S3 bucket containing the prompt text.", + "title": "Bucket", + "type": "string" + }, + "Key": { + "markdownDescription": "The object key for the Amazon S3 location.", + "title": "Key", + "type": "string" + }, + "Version": { + "markdownDescription": "The version of the Amazon S3 location to use.", + "title": "Version", + "type": "string" + } + }, + "required": [ + "Bucket", + "Key" + ], + "type": "object" + }, + "AWS::Bedrock::Prompt.Tool": { + "additionalProperties": false, + "properties": { + "CachePoint": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.CachePointBlock", + "markdownDescription": "CachePoint to include in the tool configuration.", + "title": "CachePoint" + }, + "ToolSpec": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.ToolSpecification", + "markdownDescription": "The specfication for the tool.", + "title": "ToolSpec" + } + }, + "type": "object" + }, + "AWS::Bedrock::Prompt.ToolChoice": { + "additionalProperties": false, + "properties": { + "Any": { + "markdownDescription": "The model must request at least one tool (no text is generated).", + "title": "Any", "type": "object" }, - "Properties": { - "additionalProperties": false, - "properties": {}, + "Auto": { + "markdownDescription": "(Default). The Model automatically decides if a tool should be called or whether to generate text instead.", + "title": "Auto", "type": "object" }, - "Type": { - "enum": [ - "AWS::CloudFormation::WaitConditionHandle" - ], + "Tool": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.SpecificToolChoice", + "markdownDescription": "The Model must request the specified tool. Only supported by Anthropic Claude 3 and Amazon Nova models.", + "title": "Tool" + } + }, + "type": "object" + }, + "AWS::Bedrock::Prompt.ToolConfiguration": { + "additionalProperties": false, + "properties": { + "ToolChoice": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.ToolChoice", + "markdownDescription": "If supported by model, forces the model to request a tool.", + "title": "ToolChoice" + }, + "Tools": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.Tool" + }, + "markdownDescription": "An array of tools that you want to pass to a model.", + "title": "Tools", + "type": "array" + } + }, + "required": [ + "Tools" + ], + "type": "object" + }, + "AWS::Bedrock::Prompt.ToolInputSchema": { + "additionalProperties": false, + "properties": { + "Json": { + "markdownDescription": "The JSON schema for the tool. For more information, see [JSON Schema Reference](https://docs.aws.amazon.com/https://json-schema.org/understanding-json-schema/reference) .", + "title": "Json", + "type": "object" + } + }, + "required": [ + "Json" + ], + "type": "object" + }, + "AWS::Bedrock::Prompt.ToolSpecification": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description for the tool.", + "title": "Description", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "InputSchema": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.ToolInputSchema", + "markdownDescription": "The input schema for the tool in JSON format.", + "title": "InputSchema" + }, + "Name": { + "markdownDescription": "The name for the tool.", + "title": "Name", "type": "string" } }, "required": [ - "Type" + "InputSchema", + "Name" ], "type": "object" }, - "AWS::CloudFront::CachePolicy": { + "AWS::Bedrock::PromptVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -35837,20 +40385,36 @@ "Properties": { "additionalProperties": false, "properties": { - "CachePolicyConfig": { - "$ref": "#/definitions/AWS::CloudFront::CachePolicy.CachePolicyConfig", - "markdownDescription": "The cache policy configuration.", - "title": "CachePolicyConfig" + "Description": { + "markdownDescription": "The description of the prompt version.", + "title": "Description", + "type": "string" + }, + "PromptArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the version of the prompt.", + "title": "PromptArn", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "A map of tags attached to the prompt version and their values.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" } }, "required": [ - "CachePolicyConfig" + "PromptArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFront::CachePolicy" + "AWS::Bedrock::PromptVersion" ], "type": "string" }, @@ -35869,153 +40433,425 @@ ], "type": "object" }, - "AWS::CloudFront::CachePolicy.CachePolicyConfig": { + "AWS::Bedrock::PromptVersion.CachePointBlock": { "additionalProperties": false, "properties": { - "Comment": { - "markdownDescription": "A comment to describe the cache policy. The comment cannot be longer than 128 characters.", - "title": "Comment", + "Type": { + "markdownDescription": "Specifies the type of cache point within the CachePointBlock.", + "title": "Type", "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Bedrock::PromptVersion.ChatPromptTemplateConfiguration": { + "additionalProperties": false, + "properties": { + "InputVariables": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.PromptInputVariable" + }, + "markdownDescription": "An array of the variables in the prompt template.", + "title": "InputVariables", + "type": "array" }, - "DefaultTTL": { - "markdownDescription": "The default amount of time, in seconds, that you want objects to stay in the CloudFront cache before CloudFront sends another request to the origin to see if the object has been updated. CloudFront uses this value as the object's time to live (TTL) only when the origin does *not* send `Cache-Control` or `Expires` headers with the object. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .\n\nThe default value for this field is 86400 seconds (one day). If the value of `MinTTL` is more than 86400 seconds, then the default value for this field is the same as the value of `MinTTL` .", - "title": "DefaultTTL", - "type": "number" + "Messages": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.Message" + }, + "markdownDescription": "Contains messages in the chat for the prompt.", + "title": "Messages", + "type": "array" }, - "MaxTTL": { - "markdownDescription": "The maximum amount of time, in seconds, that objects stay in the CloudFront cache before CloudFront sends another request to the origin to see if the object has been updated. CloudFront uses this value only when the origin sends `Cache-Control` or `Expires` headers with the object. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .\n\nThe default value for this field is 31536000 seconds (one year). If the value of `MinTTL` or `DefaultTTL` is more than 31536000 seconds, then the default value for this field is the same as the value of `DefaultTTL` .", - "title": "MaxTTL", - "type": "number" + "System": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.SystemContentBlock" + }, + "markdownDescription": "Contains system prompts to provide context to the model or to describe how it should behave.", + "title": "System", + "type": "array" }, - "MinTTL": { - "markdownDescription": "The minimum amount of time, in seconds, that you want objects to stay in the CloudFront cache before CloudFront sends another request to the origin to see if the object has been updated. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", - "title": "MinTTL", - "type": "number" + "ToolConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.ToolConfiguration", + "markdownDescription": "Configuration information for the tools that the model can use when generating a response.", + "title": "ToolConfiguration" + } + }, + "required": [ + "Messages" + ], + "type": "object" + }, + "AWS::Bedrock::PromptVersion.ContentBlock": { + "additionalProperties": false, + "properties": { + "CachePoint": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.CachePointBlock", + "markdownDescription": "CachePoint to include in the message.", + "title": "CachePoint" + }, + "Text": { + "markdownDescription": "Text to include in the message.", + "title": "Text", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::PromptVersion.Message": { + "additionalProperties": false, + "properties": { + "Content": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.ContentBlock" + }, + "markdownDescription": "The message content. Note the following restrictions:\n\n- You can include up to 20 images. Each image's size, height, and width must be no more than 3.75 MB, 8000 px, and 8000 px, respectively.\n- You can include up to five documents. Each document's size must be no more than 4.5 MB.\n- If you include a `ContentBlock` with a `document` field in the array, you must also include a `ContentBlock` with a `text` field.\n- You can only include images and documents if the `role` is `user` .", + "title": "Content", + "type": "array" }, + "Role": { + "markdownDescription": "The role that the message plays in the message.", + "title": "Role", + "type": "string" + } + }, + "required": [ + "Content", + "Role" + ], + "type": "object" + }, + "AWS::Bedrock::PromptVersion.PromptAgentResource": { + "additionalProperties": false, + "properties": { + "AgentIdentifier": { + "markdownDescription": "The ARN of the agent with which to use the prompt.", + "title": "AgentIdentifier", + "type": "string" + } + }, + "required": [ + "AgentIdentifier" + ], + "type": "object" + }, + "AWS::Bedrock::PromptVersion.PromptGenAiResource": { + "additionalProperties": false, + "properties": { + "Agent": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.PromptAgentResource", + "markdownDescription": "Specifies an Amazon Bedrock agent with which to use the prompt.", + "title": "Agent" + } + }, + "required": [ + "Agent" + ], + "type": "object" + }, + "AWS::Bedrock::PromptVersion.PromptInferenceConfiguration": { + "additionalProperties": false, + "properties": { + "Text": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.PromptModelInferenceConfiguration", + "markdownDescription": "Contains inference configurations for a text prompt.", + "title": "Text" + } + }, + "required": [ + "Text" + ], + "type": "object" + }, + "AWS::Bedrock::PromptVersion.PromptInputVariable": { + "additionalProperties": false, + "properties": { "Name": { - "markdownDescription": "A unique name to identify the cache policy.", + "markdownDescription": "The name of the variable.", "title": "Name", "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::PromptVersion.PromptMetadataEntry": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The key of a metadata tag for a prompt variant.", + "title": "Key", + "type": "string" }, - "ParametersInCacheKeyAndForwardedToOrigin": { - "$ref": "#/definitions/AWS::CloudFront::CachePolicy.ParametersInCacheKeyAndForwardedToOrigin", - "markdownDescription": "The HTTP headers, cookies, and URL query strings to include in the cache key. The values included in the cache key are also included in requests that CloudFront sends to the origin.", - "title": "ParametersInCacheKeyAndForwardedToOrigin" + "Value": { + "markdownDescription": "The value of a metadata tag for a prompt variant.", + "title": "Value", + "type": "string" } }, "required": [ - "DefaultTTL", - "MaxTTL", - "MinTTL", - "Name", - "ParametersInCacheKeyAndForwardedToOrigin" + "Key", + "Value" ], "type": "object" }, - "AWS::CloudFront::CachePolicy.CookiesConfig": { + "AWS::Bedrock::PromptVersion.PromptModelInferenceConfiguration": { "additionalProperties": false, "properties": { - "CookieBehavior": { - "markdownDescription": "Determines whether any cookies in viewer requests are included in the cache key and in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` \u2013 No cookies in viewer requests are included in the cache key or in requests that CloudFront sends to the origin. Even when this field is set to `none` , any cookies that are listed in an `OriginRequestPolicy` *are* included in origin requests.\n- `whitelist` \u2013 Only the cookies in viewer requests that are listed in the `CookieNames` type are included in the cache key and in requests that CloudFront sends to the origin.\n- `allExcept` \u2013 All cookies in viewer requests are included in the cache key and in requests that CloudFront sends to the origin, **except** for those that are listed in the `CookieNames` type, which are not included.\n- `all` \u2013 All cookies in viewer requests are included in the cache key and in requests that CloudFront sends to the origin.", - "title": "CookieBehavior", - "type": "string" + "MaxTokens": { + "markdownDescription": "The maximum number of tokens to return in the response.", + "title": "MaxTokens", + "type": "number" }, - "Cookies": { + "StopSequences": { "items": { "type": "string" }, - "markdownDescription": "Contains a list of cookie names.", - "title": "Cookies", + "markdownDescription": "A list of strings that define sequences after which the model will stop generating.", + "title": "StopSequences", + "type": "array" + }, + "Temperature": { + "markdownDescription": "Controls the randomness of the response. Choose a lower value for more predictable outputs and a higher value for more surprising outputs.", + "title": "Temperature", + "type": "number" + }, + "TopP": { + "markdownDescription": "The percentage of most-likely candidates that the model considers for the next token.", + "title": "TopP", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Bedrock::PromptVersion.PromptTemplateConfiguration": { + "additionalProperties": false, + "properties": { + "Chat": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.ChatPromptTemplateConfiguration", + "markdownDescription": "Contains configurations to use the prompt in a conversational format.", + "title": "Chat" + }, + "Text": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.TextPromptTemplateConfiguration", + "markdownDescription": "Contains configurations for the text in a message for a prompt.", + "title": "Text" + } + }, + "type": "object" + }, + "AWS::Bedrock::PromptVersion.PromptVariant": { + "additionalProperties": false, + "properties": { + "AdditionalModelRequestFields": { + "markdownDescription": "Contains model-specific inference configurations that aren't in the `inferenceConfiguration` field. To see model-specific inference parameters, see [Inference request parameters and response fields for foundation models](https://docs.aws.amazon.com/bedrock/latest/userguide/model-parameters.html) .", + "title": "AdditionalModelRequestFields", + "type": "object" + }, + "GenAiResource": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.PromptGenAiResource", + "markdownDescription": "Specifies a generative AI resource with which to use the prompt.", + "title": "GenAiResource" + }, + "InferenceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.PromptInferenceConfiguration", + "markdownDescription": "Contains inference configurations for the prompt variant.", + "title": "InferenceConfiguration" + }, + "Metadata": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.PromptMetadataEntry" + }, + "markdownDescription": "An array of objects, each containing a key-value pair that defines a metadata tag and value to attach to a prompt variant.", + "title": "Metadata", "type": "array" + }, + "ModelId": { + "markdownDescription": "The unique identifier of the model or [inference profile](https://docs.aws.amazon.com/bedrock/latest/userguide/cross-region-inference.html) with which to run inference on the prompt.", + "title": "ModelId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the prompt variant.", + "title": "Name", + "type": "string" + }, + "TemplateConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.PromptTemplateConfiguration", + "markdownDescription": "Contains configurations for the prompt template.", + "title": "TemplateConfiguration" + }, + "TemplateType": { + "markdownDescription": "The type of prompt template to use.", + "title": "TemplateType", + "type": "string" } }, "required": [ - "CookieBehavior" + "Name", + "TemplateConfiguration", + "TemplateType" ], "type": "object" }, - "AWS::CloudFront::CachePolicy.HeadersConfig": { + "AWS::Bedrock::PromptVersion.SpecificToolChoice": { "additionalProperties": false, "properties": { - "HeaderBehavior": { - "markdownDescription": "Determines whether any HTTP headers are included in the cache key and in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` \u2013 No HTTP headers are included in the cache key or in requests that CloudFront sends to the origin. Even when this field is set to `none` , any headers that are listed in an `OriginRequestPolicy` *are* included in origin requests.\n- `whitelist` \u2013 Only the HTTP headers that are listed in the `Headers` type are included in the cache key and in requests that CloudFront sends to the origin.", - "title": "HeaderBehavior", + "Name": { + "markdownDescription": "The name of the tool that the model must request.", + "title": "Name", "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::Bedrock::PromptVersion.SystemContentBlock": { + "additionalProperties": false, + "properties": { + "CachePoint": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.CachePointBlock", + "markdownDescription": "CachePoint to include in the system prompt.", + "title": "CachePoint" }, - "Headers": { + "Text": { + "markdownDescription": "A system prompt for the model.", + "title": "Text", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::PromptVersion.TextPromptTemplateConfiguration": { + "additionalProperties": false, + "properties": { + "CachePoint": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.CachePointBlock", + "markdownDescription": "A cache checkpoint within a template configuration.", + "title": "CachePoint" + }, + "InputVariables": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.PromptInputVariable" }, - "markdownDescription": "Contains a list of HTTP header names.", - "title": "Headers", + "markdownDescription": "An array of the variables in the prompt template.", + "title": "InputVariables", "type": "array" + }, + "Text": { + "markdownDescription": "The message for the prompt.", + "title": "Text", + "type": "string" } }, "required": [ - "HeaderBehavior" + "Text" ], "type": "object" }, - "AWS::CloudFront::CachePolicy.ParametersInCacheKeyAndForwardedToOrigin": { + "AWS::Bedrock::PromptVersion.Tool": { "additionalProperties": false, "properties": { - "CookiesConfig": { - "$ref": "#/definitions/AWS::CloudFront::CachePolicy.CookiesConfig", - "markdownDescription": "An object that determines whether any cookies in viewer requests (and if so, which cookies) are included in the cache key and in requests that CloudFront sends to the origin.", - "title": "CookiesConfig" + "CachePoint": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.CachePointBlock", + "markdownDescription": "CachePoint to include in the tool configuration.", + "title": "CachePoint" }, - "EnableAcceptEncodingBrotli": { - "markdownDescription": "A flag that can affect whether the `Accept-Encoding` HTTP header is included in the cache key and included in requests that CloudFront sends to the origin.\n\nThis field is related to the `EnableAcceptEncodingGzip` field. If one or both of these fields is `true` *and* the viewer request includes the `Accept-Encoding` header, then CloudFront does the following:\n\n- Normalizes the value of the viewer's `Accept-Encoding` header\n- Includes the normalized header in the cache key\n- Includes the normalized header in the request to the origin, if a request is necessary\n\nFor more information, see [Compression support](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-policy-compressed-objects) in the *Amazon CloudFront Developer Guide* .\n\nIf you set this value to `true` , and this cache behavior also has an origin request policy attached, do not include the `Accept-Encoding` header in the origin request policy. CloudFront always includes the `Accept-Encoding` header in origin requests when the value of this field is `true` , so including this header in an origin request policy has no effect.\n\nIf both of these fields are `false` , then CloudFront treats the `Accept-Encoding` header the same as any other HTTP header in the viewer request. By default, it's not included in the cache key and it's not included in origin requests. In this case, you can manually add `Accept-Encoding` to the headers whitelist like any other HTTP header.", - "title": "EnableAcceptEncodingBrotli", - "type": "boolean" + "ToolSpec": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.ToolSpecification", + "markdownDescription": "The specfication for the tool.", + "title": "ToolSpec" + } + }, + "type": "object" + }, + "AWS::Bedrock::PromptVersion.ToolChoice": { + "additionalProperties": false, + "properties": { + "Any": { + "markdownDescription": "The model must request at least one tool (no text is generated).", + "title": "Any", + "type": "object" }, - "EnableAcceptEncodingGzip": { - "markdownDescription": "A flag that can affect whether the `Accept-Encoding` HTTP header is included in the cache key and included in requests that CloudFront sends to the origin.\n\nThis field is related to the `EnableAcceptEncodingBrotli` field. If one or both of these fields is `true` *and* the viewer request includes the `Accept-Encoding` header, then CloudFront does the following:\n\n- Normalizes the value of the viewer's `Accept-Encoding` header\n- Includes the normalized header in the cache key\n- Includes the normalized header in the request to the origin, if a request is necessary\n\nFor more information, see [Compression support](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-policy-compressed-objects) in the *Amazon CloudFront Developer Guide* .\n\nIf you set this value to `true` , and this cache behavior also has an origin request policy attached, do not include the `Accept-Encoding` header in the origin request policy. CloudFront always includes the `Accept-Encoding` header in origin requests when the value of this field is `true` , so including this header in an origin request policy has no effect.\n\nIf both of these fields are `false` , then CloudFront treats the `Accept-Encoding` header the same as any other HTTP header in the viewer request. By default, it's not included in the cache key and it's not included in origin requests. In this case, you can manually add `Accept-Encoding` to the headers whitelist like any other HTTP header.", - "title": "EnableAcceptEncodingGzip", - "type": "boolean" + "Auto": { + "markdownDescription": "(Default). The Model automatically decides if a tool should be called or whether to generate text instead.", + "title": "Auto", + "type": "object" }, - "HeadersConfig": { - "$ref": "#/definitions/AWS::CloudFront::CachePolicy.HeadersConfig", - "markdownDescription": "An object that determines whether any HTTP headers (and if so, which headers) are included in the cache key and in requests that CloudFront sends to the origin.", - "title": "HeadersConfig" + "Tool": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.SpecificToolChoice", + "markdownDescription": "The Model must request the specified tool. Only supported by Anthropic Claude 3 and Amazon Nova models.", + "title": "Tool" + } + }, + "type": "object" + }, + "AWS::Bedrock::PromptVersion.ToolConfiguration": { + "additionalProperties": false, + "properties": { + "ToolChoice": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.ToolChoice", + "markdownDescription": "If supported by model, forces the model to request a tool.", + "title": "ToolChoice" }, - "QueryStringsConfig": { - "$ref": "#/definitions/AWS::CloudFront::CachePolicy.QueryStringsConfig", - "markdownDescription": "An object that determines whether any URL query strings in viewer requests (and if so, which query strings) are included in the cache key and in requests that CloudFront sends to the origin.", - "title": "QueryStringsConfig" + "Tools": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.Tool" + }, + "markdownDescription": "An array of tools that you want to pass to a model.", + "title": "Tools", + "type": "array" } }, "required": [ - "CookiesConfig", - "EnableAcceptEncodingGzip", - "HeadersConfig", - "QueryStringsConfig" + "Tools" ], "type": "object" }, - "AWS::CloudFront::CachePolicy.QueryStringsConfig": { + "AWS::Bedrock::PromptVersion.ToolInputSchema": { "additionalProperties": false, "properties": { - "QueryStringBehavior": { - "markdownDescription": "Determines whether any URL query strings in viewer requests are included in the cache key and in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` \u2013 No query strings in viewer requests are included in the cache key or in requests that CloudFront sends to the origin. Even when this field is set to `none` , any query strings that are listed in an `OriginRequestPolicy` *are* included in origin requests.\n- `whitelist` \u2013 Only the query strings in viewer requests that are listed in the `QueryStringNames` type are included in the cache key and in requests that CloudFront sends to the origin.\n- `allExcept` \u2013 All query strings in viewer requests are included in the cache key and in requests that CloudFront sends to the origin, **except** those that are listed in the `QueryStringNames` type, which are not included.\n- `all` \u2013 All query strings in viewer requests are included in the cache key and in requests that CloudFront sends to the origin.", - "title": "QueryStringBehavior", + "Json": { + "markdownDescription": "The JSON schema for the tool. For more information, see [JSON Schema Reference](https://docs.aws.amazon.com/https://json-schema.org/understanding-json-schema/reference) .", + "title": "Json", + "type": "object" + } + }, + "required": [ + "Json" + ], + "type": "object" + }, + "AWS::Bedrock::PromptVersion.ToolSpecification": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description for the tool.", + "title": "Description", "type": "string" }, - "QueryStrings": { - "items": { - "type": "string" - }, - "markdownDescription": "Contains a list of query string names.", - "title": "QueryStrings", - "type": "array" + "InputSchema": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.ToolInputSchema", + "markdownDescription": "The input schema for the tool in JSON format.", + "title": "InputSchema" + }, + "Name": { + "markdownDescription": "The name for the tool.", + "title": "Name", + "type": "string" } }, "required": [ - "QueryStringBehavior" + "InputSchema", + "Name" ], "type": "object" }, - "AWS::CloudFront::CloudFrontOriginAccessIdentity": { + "AWS::Billing::BillingView": { "additionalProperties": false, "properties": { "Condition": { @@ -36050,20 +40886,47 @@ "Properties": { "additionalProperties": false, "properties": { - "CloudFrontOriginAccessIdentityConfig": { - "$ref": "#/definitions/AWS::CloudFront::CloudFrontOriginAccessIdentity.CloudFrontOriginAccessIdentityConfig", - "markdownDescription": "The current configuration information for the identity.", - "title": "CloudFrontOriginAccessIdentityConfig" + "DataFilterExpression": { + "$ref": "#/definitions/AWS::Billing::BillingView.DataFilterExpression", + "markdownDescription": "See [Expression](https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_billing_Expression.html) . Billing view only supports `LINKED_ACCOUNT` and `Tags` .", + "title": "DataFilterExpression" + }, + "Description": { + "markdownDescription": "The description of the billing view.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the billing view.", + "title": "Name", + "type": "string" + }, + "SourceViews": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of billing views used as the data source for the custom billing view.", + "title": "SourceViews", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key value map specifying tags associated to the billing view being created.", + "title": "Tags", + "type": "array" } }, "required": [ - "CloudFrontOriginAccessIdentityConfig" + "Name", + "SourceViews" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFront::CloudFrontOriginAccessIdentity" + "AWS::Billing::BillingView" ], "type": "string" }, @@ -36082,21 +40945,61 @@ ], "type": "object" }, - "AWS::CloudFront::CloudFrontOriginAccessIdentity.CloudFrontOriginAccessIdentityConfig": { + "AWS::Billing::BillingView.DataFilterExpression": { "additionalProperties": false, "properties": { - "Comment": { - "markdownDescription": "A comment to describe the origin access identity. The comment cannot be longer than 128 characters.", - "title": "Comment", + "Dimensions": { + "$ref": "#/definitions/AWS::Billing::BillingView.Dimensions", + "markdownDescription": "The specific `Dimension` to use for `Expression` .", + "title": "Dimensions" + }, + "Tags": { + "$ref": "#/definitions/AWS::Billing::BillingView.Tags", + "markdownDescription": "The specific `Tag` to use for `Expression` .", + "title": "Tags" + } + }, + "type": "object" + }, + "AWS::Billing::BillingView.Dimensions": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The key that's associated with the tag.", + "title": "Key", + "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The metadata that you can use to filter and group your results.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Billing::BillingView.Tags": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "A list of tag key value pairs that are associated with the resource.", + "title": "Key", "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The metadata values that you can use to filter and group your results.", + "title": "Values", + "type": "array" } }, - "required": [ - "Comment" - ], "type": "object" }, - "AWS::CloudFront::ContinuousDeploymentPolicy": { + "AWS::BillingConductor::BillingGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -36131,20 +41034,51 @@ "Properties": { "additionalProperties": false, "properties": { - "ContinuousDeploymentPolicyConfig": { - "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.ContinuousDeploymentPolicyConfig", - "markdownDescription": "Contains the configuration for a continuous deployment policy.", - "title": "ContinuousDeploymentPolicyConfig" + "AccountGrouping": { + "$ref": "#/definitions/AWS::BillingConductor::BillingGroup.AccountGrouping", + "markdownDescription": "The set of accounts that will be under the billing group. The set of accounts resemble the linked accounts in a consolidated billing family.", + "title": "AccountGrouping" + }, + "ComputationPreference": { + "$ref": "#/definitions/AWS::BillingConductor::BillingGroup.ComputationPreference", + "markdownDescription": "The preferences and settings that will be used to compute the AWS charges for a billing group.", + "title": "ComputationPreference" + }, + "Description": { + "markdownDescription": "The description of the billing group.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The billing group's name.", + "title": "Name", + "type": "string" + }, + "PrimaryAccountId": { + "markdownDescription": "The account ID that serves as the main account in a billing group.", + "title": "PrimaryAccountId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A map that contains tag keys and tag values that are attached to a billing group.", + "title": "Tags", + "type": "array" } }, "required": [ - "ContinuousDeploymentPolicyConfig" + "AccountGrouping", + "ComputationPreference", + "Name", + "PrimaryAccountId" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFront::ContinuousDeploymentPolicy" + "AWS::BillingConductor::BillingGroup" ], "type": "string" }, @@ -36163,172 +41097,43 @@ ], "type": "object" }, - "AWS::CloudFront::ContinuousDeploymentPolicy.ContinuousDeploymentPolicyConfig": { + "AWS::BillingConductor::BillingGroup.AccountGrouping": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "A Boolean that indicates whether this continuous deployment policy is enabled (in effect). When this value is `true` , this policy is enabled and in effect. When this value is `false` , this policy is not enabled and has no effect.", - "title": "Enabled", + "AutoAssociate": { + "markdownDescription": "Specifies if this billing group will automatically associate newly added AWS accounts that join your consolidated billing family.", + "title": "AutoAssociate", "type": "boolean" }, - "SingleHeaderPolicyConfig": { - "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.SingleHeaderPolicyConfig", - "markdownDescription": "This configuration determines which HTTP requests are sent to the staging distribution. If the HTTP request contains a header and value that matches what you specify here, the request is sent to the staging distribution. Otherwise the request is sent to the primary distribution.", - "title": "SingleHeaderPolicyConfig" - }, - "SingleWeightPolicyConfig": { - "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.SingleWeightPolicyConfig", - "markdownDescription": "This configuration determines the percentage of HTTP requests that are sent to the staging distribution.", - "title": "SingleWeightPolicyConfig" - }, - "StagingDistributionDnsNames": { + "LinkedAccountIds": { "items": { "type": "string" }, - "markdownDescription": "The CloudFront domain name of the staging distribution. For example: `d111111abcdef8.cloudfront.net` .", - "title": "StagingDistributionDnsNames", + "markdownDescription": "The account IDs that make up the billing group. Account IDs must be a part of the consolidated billing family, and not associated with another billing group.", + "title": "LinkedAccountIds", "type": "array" - }, - "TrafficConfig": { - "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.TrafficConfig", - "markdownDescription": "Contains the parameters for routing production traffic from your primary to staging distributions.", - "title": "TrafficConfig" - }, - "Type": { - "markdownDescription": "The type of traffic configuration.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Enabled", - "StagingDistributionDnsNames" - ], - "type": "object" - }, - "AWS::CloudFront::ContinuousDeploymentPolicy.SessionStickinessConfig": { - "additionalProperties": false, - "properties": { - "IdleTTL": { - "markdownDescription": "The amount of time after which you want sessions to cease if no requests are received. Allowed values are 300\u20133600 seconds (5\u201360 minutes).", - "title": "IdleTTL", - "type": "number" - }, - "MaximumTTL": { - "markdownDescription": "The maximum amount of time to consider requests from the viewer as being part of the same session. Allowed values are 300\u20133600 seconds (5\u201360 minutes).", - "title": "MaximumTTL", - "type": "number" - } - }, - "required": [ - "IdleTTL", - "MaximumTTL" - ], - "type": "object" - }, - "AWS::CloudFront::ContinuousDeploymentPolicy.SingleHeaderConfig": { - "additionalProperties": false, - "properties": { - "Header": { - "markdownDescription": "The request header name that you want CloudFront to send to your staging distribution. The header must contain the prefix `aws-cf-cd-` .", - "title": "Header", - "type": "string" - }, - "Value": { - "markdownDescription": "The request header value.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Header", - "Value" - ], - "type": "object" - }, - "AWS::CloudFront::ContinuousDeploymentPolicy.SingleHeaderPolicyConfig": { - "additionalProperties": false, - "properties": { - "Header": { - "markdownDescription": "The name of the HTTP header that CloudFront uses to configure for the single header policy.", - "title": "Header", - "type": "string" - }, - "Value": { - "markdownDescription": "Specifies the value to assign to the header for a single header policy.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Header", - "Value" - ], - "type": "object" - }, - "AWS::CloudFront::ContinuousDeploymentPolicy.SingleWeightConfig": { - "additionalProperties": false, - "properties": { - "SessionStickinessConfig": { - "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.SessionStickinessConfig", - "markdownDescription": "Session stickiness provides the ability to define multiple requests from a single viewer as a single session. This prevents the potentially inconsistent experience of sending some of a given user's requests to your staging distribution, while others are sent to your primary distribution. Define the session duration using TTL values.", - "title": "SessionStickinessConfig" - }, - "Weight": { - "markdownDescription": "The percentage of traffic to send to a staging distribution, expressed as a decimal number between 0 and 0.15. For example, a value of 0.10 means 10% of traffic is sent to the staging distribution.", - "title": "Weight", - "type": "number" - } - }, - "required": [ - "Weight" - ], - "type": "object" - }, - "AWS::CloudFront::ContinuousDeploymentPolicy.SingleWeightPolicyConfig": { - "additionalProperties": false, - "properties": { - "SessionStickinessConfig": { - "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.SessionStickinessConfig", - "markdownDescription": "Enable session stickiness for the associated origin or cache settings.", - "title": "SessionStickinessConfig" - }, - "Weight": { - "markdownDescription": "The percentage of requests that CloudFront will use to send to an associated origin or cache settings.", - "title": "Weight", - "type": "number" } }, "required": [ - "Weight" + "LinkedAccountIds" ], "type": "object" }, - "AWS::CloudFront::ContinuousDeploymentPolicy.TrafficConfig": { + "AWS::BillingConductor::BillingGroup.ComputationPreference": { "additionalProperties": false, "properties": { - "SingleHeaderConfig": { - "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.SingleHeaderConfig", - "markdownDescription": "Determines which HTTP requests are sent to the staging distribution.", - "title": "SingleHeaderConfig" - }, - "SingleWeightConfig": { - "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.SingleWeightConfig", - "markdownDescription": "Contains the percentage of traffic to send to the staging distribution.", - "title": "SingleWeightConfig" - }, - "Type": { - "markdownDescription": "The type of traffic configuration.", - "title": "Type", + "PricingPlanArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the pricing plan used to compute the AWS charges for a billing group.", + "title": "PricingPlanArn", "type": "string" } }, "required": [ - "Type" + "PricingPlanArn" ], "type": "object" }, - "AWS::CloudFront::Distribution": { + "AWS::BillingConductor::CustomLineItem": { "additionalProperties": false, "properties": { "Condition": { @@ -36363,28 +41168,54 @@ "Properties": { "additionalProperties": false, "properties": { - "DistributionConfig": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.DistributionConfig", - "markdownDescription": "The distribution's configuration.", - "title": "DistributionConfig" + "AccountId": { + "markdownDescription": "The AWS account in which this custom line item will be applied to.", + "title": "AccountId", + "type": "string" + }, + "BillingGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that references the billing group where the custom line item applies to.", + "title": "BillingGroupArn", + "type": "string" + }, + "BillingPeriodRange": { + "$ref": "#/definitions/AWS::BillingConductor::CustomLineItem.BillingPeriodRange", + "markdownDescription": "A time range for which the custom line item is effective.", + "title": "BillingPeriodRange" + }, + "CustomLineItemChargeDetails": { + "$ref": "#/definitions/AWS::BillingConductor::CustomLineItem.CustomLineItemChargeDetails", + "markdownDescription": "The charge details of a custom line item. It should contain only one of `Flat` or `Percentage` .", + "title": "CustomLineItemChargeDetails" + }, + "Description": { + "markdownDescription": "The custom line item's description. This is shown on the Bills page in association with the charge value.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The custom line item's name.", + "title": "Name", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A complex type that contains zero or more `Tag` elements.", + "markdownDescription": "A map that contains tag keys and tag values that are attached to a custom line item.", "title": "Tags", "type": "array" } }, "required": [ - "DistributionConfig" + "BillingGroupArn", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFront::Distribution" + "AWS::BillingConductor::CustomLineItem" ], "type": "string" }, @@ -36403,935 +41234,1142 @@ ], "type": "object" }, - "AWS::CloudFront::Distribution.CacheBehavior": { + "AWS::BillingConductor::CustomLineItem.BillingPeriodRange": { "additionalProperties": false, "properties": { - "AllowedMethods": { - "items": { - "type": "string" - }, - "markdownDescription": "A complex type that controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin. There are three choices:\n\n- CloudFront forwards only `GET` and `HEAD` requests.\n- CloudFront forwards only `GET` , `HEAD` , and `OPTIONS` requests.\n- CloudFront forwards `GET, HEAD, OPTIONS, PUT, PATCH, POST` , and `DELETE` requests.\n\nIf you pick the third choice, you may need to restrict access to your Amazon S3 bucket or to your custom origin so users can't perform operations that you don't want them to. For example, you might not want users to have permissions to delete objects from your origin.", - "title": "AllowedMethods", - "type": "array" + "ExclusiveEndBillingPeriod": { + "markdownDescription": "The exclusive end billing period that defines a billing period range where a custom line is applied.", + "title": "ExclusiveEndBillingPeriod", + "type": "string" }, - "CachePolicyId": { - "markdownDescription": "The unique identifier of the cache policy that is attached to this cache behavior. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nA `CacheBehavior` must include either a `CachePolicyId` or `ForwardedValues` . We recommend that you use a `CachePolicyId` .", - "title": "CachePolicyId", + "InclusiveStartBillingPeriod": { + "markdownDescription": "The inclusive start billing period that defines a billing period range where a custom line is applied.", + "title": "InclusiveStartBillingPeriod", "type": "string" + } + }, + "type": "object" + }, + "AWS::BillingConductor::CustomLineItem.CustomLineItemChargeDetails": { + "additionalProperties": false, + "properties": { + "Flat": { + "$ref": "#/definitions/AWS::BillingConductor::CustomLineItem.CustomLineItemFlatChargeDetails", + "markdownDescription": "A `CustomLineItemFlatChargeDetails` that describes the charge details of a flat custom line item.", + "title": "Flat" }, - "CachedMethods": { + "LineItemFilters": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::BillingConductor::CustomLineItem.LineItemFilter" }, - "markdownDescription": "A complex type that controls whether CloudFront caches the response to requests using the specified HTTP methods. There are two choices:\n\n- CloudFront caches responses to `GET` and `HEAD` requests.\n- CloudFront caches responses to `GET` , `HEAD` , and `OPTIONS` requests.\n\nIf you pick the second choice for your Amazon S3 Origin, you may need to forward Access-Control-Request-Method, Access-Control-Request-Headers, and Origin headers for the responses to be cached correctly.", - "title": "CachedMethods", + "markdownDescription": "A representation of the line item filter.", + "title": "LineItemFilters", "type": "array" }, - "Compress": { - "markdownDescription": "Whether you want CloudFront to automatically compress certain files for this cache behavior. If so, specify true; if not, specify false. For more information, see [Serving Compressed Files](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/ServingCompressedFiles.html) in the *Amazon CloudFront Developer Guide* .", - "title": "Compress", - "type": "boolean" - }, - "DefaultTTL": { - "markdownDescription": "This field is deprecated. We recommend that you use the `DefaultTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe default amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin does not add HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", - "title": "DefaultTTL", - "type": "number" + "Percentage": { + "$ref": "#/definitions/AWS::BillingConductor::CustomLineItem.CustomLineItemPercentageChargeDetails", + "markdownDescription": "A `CustomLineItemPercentageChargeDetails` that describes the charge details of a percentage custom line item.", + "title": "Percentage" }, - "FieldLevelEncryptionId": { - "markdownDescription": "The value of `ID` for the field-level encryption configuration that you want CloudFront to use for encrypting specific fields of data for this cache behavior.", - "title": "FieldLevelEncryptionId", + "Type": { + "markdownDescription": "The type of the custom line item that indicates whether the charge is a fee or credit.", + "title": "Type", "type": "string" - }, - "ForwardedValues": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.ForwardedValues", - "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field. For more information, see [Working with policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/working-with-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to include values in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send values to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) or [Using the managed origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nA `CacheBehavior` must include either a `CachePolicyId` or `ForwardedValues` . We recommend that you use a `CachePolicyId` .\n\nA complex type that specifies how CloudFront handles query strings, cookies, and HTTP headers.", - "title": "ForwardedValues" - }, - "FunctionAssociations": { - "items": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.FunctionAssociation" - }, - "markdownDescription": "A list of CloudFront functions that are associated with this cache behavior. CloudFront functions must be published to the `LIVE` stage to associate them with a cache behavior.", - "title": "FunctionAssociations", - "type": "array" - }, - "LambdaFunctionAssociations": { - "items": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.LambdaFunctionAssociation" - }, - "markdownDescription": "A complex type that contains zero or more Lambda@Edge function associations for a cache behavior.", - "title": "LambdaFunctionAssociations", - "type": "array" - }, - "MaxTTL": { - "markdownDescription": "This field is deprecated. We recommend that you use the `MaxTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe maximum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin adds HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", - "title": "MaxTTL", - "type": "number" - }, - "MinTTL": { - "markdownDescription": "This field is deprecated. We recommend that you use the `MinTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe minimum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .\n\nYou must specify `0` for `MinTTL` if you configure CloudFront to forward all headers to your origin (under `Headers` , if you specify `1` for `Quantity` and `*` for `Name` ).", - "title": "MinTTL", + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::BillingConductor::CustomLineItem.CustomLineItemFlatChargeDetails": { + "additionalProperties": false, + "properties": { + "ChargeValue": { + "markdownDescription": "The custom line item's fixed charge value in USD.", + "title": "ChargeValue", "type": "number" - }, - "OriginRequestPolicyId": { - "markdownDescription": "The unique identifier of the origin request policy that is attached to this cache behavior. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) or [Using the managed origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html) in the *Amazon CloudFront Developer Guide* .", - "title": "OriginRequestPolicyId", - "type": "string" - }, - "PathPattern": { - "markdownDescription": "The pattern (for example, `images/*.jpg` ) that specifies which requests to apply the behavior to. When CloudFront receives a viewer request, the requested path is compared with path patterns in the order in which cache behaviors are listed in the distribution.\n\n> You can optionally include a slash ( `/` ) at the beginning of the path pattern. For example, `/images/*.jpg` . CloudFront behavior is the same with or without the leading `/` . \n\nThe path pattern for the default cache behavior is `*` and cannot be changed. If the request for an object does not match the path pattern for any cache behaviors, CloudFront applies the behavior in the default cache behavior.\n\nFor more information, see [Path Pattern](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesPathPattern) in the *Amazon CloudFront Developer Guide* .", - "title": "PathPattern", - "type": "string" - }, - "RealtimeLogConfigArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the real-time log configuration that is attached to this cache behavior. For more information, see [Real-time logs](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html) in the *Amazon CloudFront Developer Guide* .", - "title": "RealtimeLogConfigArn", - "type": "string" - }, - "ResponseHeadersPolicyId": { - "markdownDescription": "The identifier for a response headers policy.", - "title": "ResponseHeadersPolicyId", - "type": "string" - }, - "SmoothStreaming": { - "markdownDescription": "Indicates whether you want to distribute media files in the Microsoft Smooth Streaming format using the origin that is associated with this cache behavior. If so, specify `true` ; if not, specify `false` . If you specify `true` for `SmoothStreaming` , you can still distribute other content using this cache behavior if the content matches the value of `PathPattern` .", - "title": "SmoothStreaming", - "type": "boolean" - }, - "TargetOriginId": { - "markdownDescription": "The value of `ID` for the origin that you want CloudFront to route requests to when they match this cache behavior.", - "title": "TargetOriginId", - "type": "string" - }, - "TrustedKeyGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of key groups that CloudFront can use to validate signed URLs or signed cookies.\n\nWhen a cache behavior contains trusted key groups, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with a private key whose corresponding public key is in the key group. The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", - "title": "TrustedKeyGroups", - "type": "array" - }, - "TrustedSigners": { + } + }, + "required": [ + "ChargeValue" + ], + "type": "object" + }, + "AWS::BillingConductor::CustomLineItem.CustomLineItemPercentageChargeDetails": { + "additionalProperties": false, + "properties": { + "ChildAssociatedResources": { "items": { "type": "string" }, - "markdownDescription": "> We recommend using `TrustedKeyGroups` instead of `TrustedSigners` . \n\nA list of AWS account IDs whose public keys CloudFront can use to validate signed URLs or signed cookies.\n\nWhen a cache behavior contains trusted signers, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with the private key of a CloudFront key pair in the trusted signer's AWS account . The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", - "title": "TrustedSigners", + "markdownDescription": "A list of resource ARNs to associate to the percentage custom line item.", + "title": "ChildAssociatedResources", "type": "array" }, - "ViewerProtocolPolicy": { - "markdownDescription": "The protocol that viewers can use to access the files in the origin specified by `TargetOriginId` when a request matches the path pattern in `PathPattern` . You can specify the following options:\n\n- `allow-all` : Viewers can use HTTP or HTTPS.\n- `redirect-to-https` : If a viewer submits an HTTP request, CloudFront returns an HTTP status code of 301 (Moved Permanently) to the viewer along with the HTTPS URL. The viewer then resubmits the request using the new URL.\n- `https-only` : If a viewer sends an HTTP request, CloudFront returns an HTTP status code of 403 (Forbidden).\n\nFor more information about requiring the HTTPS protocol, see [Requiring HTTPS Between Viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-https-viewers-to-cloudfront.html) in the *Amazon CloudFront Developer Guide* .\n\n> The only way to guarantee that viewers retrieve an object that was fetched from the origin using HTTPS is never to use any other protocol to fetch the object. If you have recently changed from HTTP to HTTPS, we recommend that you clear your objects' cache because cached objects are protocol agnostic. That means that an edge location will return an object from the cache regardless of whether the current request protocol matches the protocol used previously. For more information, see [Managing Cache Expiration](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", - "title": "ViewerProtocolPolicy", - "type": "string" + "PercentageValue": { + "markdownDescription": "The custom line item's percentage value. This will be multiplied against the combined value of its associated resources to determine its charge value.", + "title": "PercentageValue", + "type": "number" } }, "required": [ - "PathPattern", - "TargetOriginId", - "ViewerProtocolPolicy" + "PercentageValue" ], "type": "object" }, - "AWS::CloudFront::Distribution.Cookies": { + "AWS::BillingConductor::CustomLineItem.LineItemFilter": { "additionalProperties": false, "properties": { - "Forward": { - "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include cookies in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send cookies to the origin but not include them in the cache key, use origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nSpecifies which cookies to forward to the origin for this cache behavior: all, none, or the list of cookies specified in the `WhitelistedNames` complex type.\n\nAmazon S3 doesn't process cookies. When the cache behavior is forwarding requests to an Amazon S3 origin, specify none for the `Forward` element.", - "title": "Forward", + "Attribute": { + "markdownDescription": "The attribute of the line item filter. This specifies what attribute that you can filter on.", + "title": "Attribute", "type": "string" }, - "WhitelistedNames": { + "MatchOption": { + "markdownDescription": "The match criteria of the line item filter. This parameter specifies whether not to include the resource value from the billing group total cost.", + "title": "MatchOption", + "type": "string" + }, + "Values": { "items": { "type": "string" }, - "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include cookies in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send cookies to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nRequired if you specify `whitelist` for the value of `Forward` . A complex type that specifies how many different cookies you want CloudFront to forward to the origin for this cache behavior and, if you want to forward selected cookies, the names of those cookies.\n\nIf you specify `all` or `none` for the value of `Forward` , omit `WhitelistedNames` . If you change the value of `Forward` from `whitelist` to `all` or `none` and you don't delete the `WhitelistedNames` element and its child elements, CloudFront deletes them automatically.\n\nFor the current limit on the number of cookie names that you can whitelist for each cache behavior, see [CloudFront Limits](https://docs.aws.amazon.com/general/latest/gr/xrefaws_service_limits.html#limits_cloudfront) in the *AWS General Reference* .", - "title": "WhitelistedNames", + "markdownDescription": "The values of the line item filter. This specifies the values to filter on. Currently, you can only exclude Savings Plan discounts.", + "title": "Values", "type": "array" } }, "required": [ - "Forward" + "Attribute", + "MatchOption", + "Values" ], "type": "object" }, - "AWS::CloudFront::Distribution.CustomErrorResponse": { + "AWS::BillingConductor::PricingPlan": { "additionalProperties": false, "properties": { - "ErrorCachingMinTTL": { - "markdownDescription": "The minimum amount of time, in seconds, that you want CloudFront to cache the HTTP status code specified in `ErrorCode` . When this time period has elapsed, CloudFront queries your origin to see whether the problem that caused the error has been resolved and the requested object is now available.\n\nFor more information, see [Customizing Error Responses](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/custom-error-pages.html) in the *Amazon CloudFront Developer Guide* .", - "title": "ErrorCachingMinTTL", - "type": "number" + "Condition": { + "type": "string" }, - "ErrorCode": { - "markdownDescription": "The HTTP status code for which you want to specify a custom error page and/or a caching duration.", - "title": "ErrorCode", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ResponseCode": { - "markdownDescription": "The HTTP status code that you want CloudFront to return to the viewer along with the custom error page. There are a variety of reasons that you might want CloudFront to return a status code different from the status code that your origin returned to CloudFront, for example:\n\n- Some Internet devices (some firewalls and corporate proxies, for example) intercept HTTP 4xx and 5xx and prevent the response from being returned to the viewer. If you substitute `200` , the response typically won't be intercepted.\n- If you don't care about distinguishing among different client errors or server errors, you can specify `400` or `500` as the `ResponseCode` for all 4xx or 5xx errors.\n- You might want to return a `200` status code (OK) and static website so your customers don't know that your website is down.\n\nIf you specify a value for `ResponseCode` , you must also specify a value for `ResponsePagePath` .", - "title": "ResponseCode", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ResponsePagePath": { - "markdownDescription": "The path to the custom error page that you want CloudFront to return to a viewer when your origin returns the HTTP status code specified by `ErrorCode` , for example, `/4xx-errors/403-forbidden.html` . If you want to store your objects and your custom error pages in different locations, your distribution must include a cache behavior for which the following is true:\n\n- The value of `PathPattern` matches the path to your custom error messages. For example, suppose you saved custom error pages for 4xx errors in an Amazon S3 bucket in a directory named `/4xx-errors` . Your distribution must include a cache behavior for which the path pattern routes requests for your custom error pages to that location, for example, `/4xx-errors/*` .\n- The value of `TargetOriginId` specifies the value of the `ID` element for the origin that contains your custom error pages.\n\nIf you specify a value for `ResponsePagePath` , you must also specify a value for `ResponseCode` .\n\nWe recommend that you store custom error pages in an Amazon S3 bucket. If you store custom error pages on an HTTP server and the server starts to return 5xx errors, CloudFront can't get the files that you want to return to viewers because the origin server is unavailable.", - "title": "ResponsePagePath", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The pricing plan description.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a pricing plan.", + "title": "Name", + "type": "string" + }, + "PricingRuleArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The `PricingRuleArns` that are associated with the Pricing Plan.", + "title": "PricingRuleArns", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A map that contains tag keys and tag values that are attached to a pricing plan.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::BillingConductor::PricingPlan" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ErrorCode" + "Type", + "Properties" ], "type": "object" }, - "AWS::CloudFront::Distribution.CustomOriginConfig": { + "AWS::BillingConductor::PricingRule": { "additionalProperties": false, "properties": { - "HTTPPort": { - "markdownDescription": "The HTTP port that CloudFront uses to connect to the origin. Specify the HTTP port that the origin listens on.", - "title": "HTTPPort", - "type": "number" - }, - "HTTPSPort": { - "markdownDescription": "The HTTPS port that CloudFront uses to connect to the origin. Specify the HTTPS port that the origin listens on.", - "title": "HTTPSPort", - "type": "number" - }, - "OriginKeepaliveTimeout": { - "markdownDescription": "Specifies how long, in seconds, CloudFront persists its connection to the origin. The minimum timeout is 1 second, the maximum is 60 seconds, and the default (if you don't specify otherwise) is 5 seconds.\n\nFor more information, see [Keep-alive timeout (custom origins only)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginKeepaliveTimeout) in the *Amazon CloudFront Developer Guide* .", - "title": "OriginKeepaliveTimeout", - "type": "number" + "Condition": { + "type": "string" }, - "OriginProtocolPolicy": { - "markdownDescription": "Specifies the protocol (HTTP or HTTPS) that CloudFront uses to connect to the origin. Valid values are:\n\n- `http-only` \u2013 CloudFront always uses HTTP to connect to the origin.\n- `match-viewer` \u2013 CloudFront connects to the origin using the same protocol that the viewer used to connect to CloudFront.\n- `https-only` \u2013 CloudFront always uses HTTPS to connect to the origin.", - "title": "OriginProtocolPolicy", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "OriginReadTimeout": { - "markdownDescription": "Specifies how long, in seconds, CloudFront waits for a response from the origin. This is also known as the *origin response timeout* . The minimum timeout is 1 second, the maximum is 60 seconds, and the default (if you don't specify otherwise) is 30 seconds.\n\nFor more information, see [Response timeout (custom origins only)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginResponseTimeout) in the *Amazon CloudFront Developer Guide* .", - "title": "OriginReadTimeout", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "OriginSSLProtocols": { - "items": { - "type": "string" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "BillingEntity": { + "markdownDescription": "The seller of services provided by AWS , their affiliates, or third-party providers selling services via AWS Marketplace .", + "title": "BillingEntity", + "type": "string" + }, + "Description": { + "markdownDescription": "The pricing rule description.", + "title": "Description", + "type": "string" + }, + "ModifierPercentage": { + "markdownDescription": "A percentage modifier applied on the public pricing rates.", + "title": "ModifierPercentage", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of a pricing rule.", + "title": "Name", + "type": "string" + }, + "Operation": { + "markdownDescription": "Operation is the specific AWS action covered by this line item. This describes the specific usage of the line item.\n\nIf the `Scope` attribute is set to `SKU` , this attribute indicates which operation the `PricingRule` is modifying. For example, a value of `RunInstances:0202` indicates the operation of running an Amazon EC2 instance.", + "title": "Operation", + "type": "string" + }, + "Scope": { + "markdownDescription": "The scope of pricing rule that indicates if it's globally applicable or service-specific.", + "title": "Scope", + "type": "string" + }, + "Service": { + "markdownDescription": "If the `Scope` attribute is `SERVICE` , this attribute indicates which service the `PricingRule` is applicable for.", + "title": "Service", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A map that contains tag keys and tag values that are attached to a pricing rule.", + "title": "Tags", + "type": "array" + }, + "Tiering": { + "$ref": "#/definitions/AWS::BillingConductor::PricingRule.Tiering", + "markdownDescription": "The set of tiering configurations for the pricing rule.", + "title": "Tiering" + }, + "Type": { + "markdownDescription": "The type of pricing rule.", + "title": "Type", + "type": "string" + }, + "UsageType": { + "markdownDescription": "Usage Type is the unit that each service uses to measure the usage of a specific type of resource.", + "title": "UsageType", + "type": "string" + } }, - "markdownDescription": "Specifies the minimum SSL/TLS protocol that CloudFront uses when connecting to your origin over HTTPS. Valid values include `SSLv3` , `TLSv1` , `TLSv1.1` , and `TLSv1.2` .\n\nFor more information, see [Minimum Origin SSL Protocol](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginSSLProtocols) in the *Amazon CloudFront Developer Guide* .", - "title": "OriginSSLProtocols", - "type": "array" + "required": [ + "Name", + "Scope", + "Type" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::BillingConductor::PricingRule" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "OriginProtocolPolicy" + "Type", + "Properties" ], "type": "object" }, - "AWS::CloudFront::Distribution.DefaultCacheBehavior": { + "AWS::BillingConductor::PricingRule.FreeTier": { "additionalProperties": false, "properties": { - "AllowedMethods": { - "items": { - "type": "string" - }, - "markdownDescription": "A complex type that controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin. There are three choices:\n\n- CloudFront forwards only `GET` and `HEAD` requests.\n- CloudFront forwards only `GET` , `HEAD` , and `OPTIONS` requests.\n- CloudFront forwards `GET, HEAD, OPTIONS, PUT, PATCH, POST` , and `DELETE` requests.\n\nIf you pick the third choice, you may need to restrict access to your Amazon S3 bucket or to your custom origin so users can't perform operations that you don't want them to. For example, you might not want users to have permissions to delete objects from your origin.", - "title": "AllowedMethods", - "type": "array" + "Activated": { + "markdownDescription": "Activate or deactivate AWS Free Tier.", + "title": "Activated", + "type": "boolean" + } + }, + "required": [ + "Activated" + ], + "type": "object" + }, + "AWS::BillingConductor::PricingRule.Tiering": { + "additionalProperties": false, + "properties": { + "FreeTier": { + "$ref": "#/definitions/AWS::BillingConductor::PricingRule.FreeTier", + "markdownDescription": "The possible AWS Free Tier configurations.", + "title": "FreeTier" + } + }, + "type": "object" + }, + "AWS::Budgets::Budget": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" }, - "CachePolicyId": { - "markdownDescription": "The unique identifier of the cache policy that is attached to the default cache behavior. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nA `DefaultCacheBehavior` must include either a `CachePolicyId` or `ForwardedValues` . We recommend that you use a `CachePolicyId` .", - "title": "CachePolicyId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "CachedMethods": { - "items": { - "type": "string" - }, - "markdownDescription": "A complex type that controls whether CloudFront caches the response to requests using the specified HTTP methods. There are two choices:\n\n- CloudFront caches responses to `GET` and `HEAD` requests.\n- CloudFront caches responses to `GET` , `HEAD` , and `OPTIONS` requests.\n\nIf you pick the second choice for your Amazon S3 Origin, you may need to forward Access-Control-Request-Method, Access-Control-Request-Headers, and Origin headers for the responses to be cached correctly.", - "title": "CachedMethods", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Compress": { - "markdownDescription": "Whether you want CloudFront to automatically compress certain files for this cache behavior. If so, specify `true` ; if not, specify `false` . For more information, see [Serving Compressed Files](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/ServingCompressedFiles.html) in the *Amazon CloudFront Developer Guide* .", - "title": "Compress", - "type": "boolean" + "Metadata": { + "type": "object" }, - "DefaultTTL": { - "markdownDescription": "This field is deprecated. We recommend that you use the `DefaultTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe default amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin does not add HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", - "title": "DefaultTTL", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "Budget": { + "$ref": "#/definitions/AWS::Budgets::Budget.BudgetData", + "markdownDescription": "The budget object that you want to create.", + "title": "Budget" + }, + "NotificationsWithSubscribers": { + "items": { + "$ref": "#/definitions/AWS::Budgets::Budget.NotificationWithSubscribers" + }, + "markdownDescription": "A notification that you want to associate with a budget. A budget can have up to five notifications, and each notification can have one SNS subscriber and up to 10 email subscribers. If you include notifications and subscribers in your `CreateBudget` call, AWS creates the notifications and subscribers for you.", + "title": "NotificationsWithSubscribers", + "type": "array" + }, + "ResourceTags": { + "items": { + "$ref": "#/definitions/AWS::Budgets::Budget.ResourceTag" + }, + "markdownDescription": "An optional list of tags to associate with the specified budget. Each tag consists of a key and a value, and each key must be unique for the resource.", + "title": "ResourceTags", + "type": "array" + } + }, + "required": [ + "Budget" + ], + "type": "object" }, - "FieldLevelEncryptionId": { - "markdownDescription": "The value of `ID` for the field-level encryption configuration that you want CloudFront to use for encrypting specific fields of data for the default cache behavior.", - "title": "FieldLevelEncryptionId", + "Type": { + "enum": [ + "AWS::Budgets::Budget" + ], "type": "string" }, - "ForwardedValues": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.ForwardedValues", - "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field. For more information, see [Working with policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/working-with-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to include values in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send values to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) or [Using the managed origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nA `DefaultCacheBehavior` must include either a `CachePolicyId` or `ForwardedValues` . We recommend that you use a `CachePolicyId` .\n\nA complex type that specifies how CloudFront handles query strings, cookies, and HTTP headers.", - "title": "ForwardedValues" - }, - "FunctionAssociations": { - "items": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.FunctionAssociation" - }, - "markdownDescription": "A list of CloudFront functions that are associated with this cache behavior. Your functions must be published to the `LIVE` stage to associate them with a cache behavior.", - "title": "FunctionAssociations", - "type": "array" - }, - "LambdaFunctionAssociations": { - "items": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.LambdaFunctionAssociation" - }, - "markdownDescription": "A complex type that contains zero or more Lambda@Edge function associations for a cache behavior.", - "title": "LambdaFunctionAssociations", - "type": "array" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Budgets::Budget.AutoAdjustData": { + "additionalProperties": false, + "properties": { + "AutoAdjustType": { + "markdownDescription": "The string that defines whether your budget auto-adjusts based on historical or forecasted data.", + "title": "AutoAdjustType", + "type": "string" }, - "MaxTTL": { - "markdownDescription": "This field is deprecated. We recommend that you use the `MaxTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe maximum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin adds HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", - "title": "MaxTTL", - "type": "number" + "HistoricalOptions": { + "$ref": "#/definitions/AWS::Budgets::Budget.HistoricalOptions", + "markdownDescription": "The parameters that define or describe the historical data that your auto-adjusting budget is based on.", + "title": "HistoricalOptions" + } + }, + "required": [ + "AutoAdjustType" + ], + "type": "object" + }, + "AWS::Budgets::Budget.BudgetData": { + "additionalProperties": false, + "properties": { + "AutoAdjustData": { + "$ref": "#/definitions/AWS::Budgets::Budget.AutoAdjustData", + "markdownDescription": "Determine the budget amount for an auto-adjusting budget.", + "title": "AutoAdjustData" }, - "MinTTL": { - "markdownDescription": "This field is deprecated. We recommend that you use the `MinTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe minimum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .\n\nYou must specify `0` for `MinTTL` if you configure CloudFront to forward all headers to your origin (under `Headers` , if you specify `1` for `Quantity` and `*` for `Name` ).", - "title": "MinTTL", - "type": "number" + "BudgetLimit": { + "$ref": "#/definitions/AWS::Budgets::Budget.Spend", + "markdownDescription": "The total amount of cost, usage, RI utilization, RI coverage, Savings Plans utilization, or Savings Plans coverage that you want to track with your budget.\n\n`BudgetLimit` is required for cost or usage budgets, but optional for RI or Savings Plans utilization or coverage budgets. RI and Savings Plans utilization or coverage budgets default to `100` . This is the only valid value for RI or Savings Plans utilization or coverage budgets. You can't use `BudgetLimit` with `PlannedBudgetLimits` for `CreateBudget` and `UpdateBudget` actions.", + "title": "BudgetLimit" }, - "OriginRequestPolicyId": { - "markdownDescription": "The unique identifier of the origin request policy that is attached to the default cache behavior. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) or [Using the managed origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html) in the *Amazon CloudFront Developer Guide* .", - "title": "OriginRequestPolicyId", + "BudgetName": { + "markdownDescription": "The name of a budget. The value must be unique within an account. `BudgetName` can't include `:` and `\\` characters. If you don't include value for `BudgetName` in the template, Billing and Cost Management assigns your budget a randomly generated name.", + "title": "BudgetName", "type": "string" }, - "RealtimeLogConfigArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the real-time log configuration that is attached to this cache behavior. For more information, see [Real-time logs](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html) in the *Amazon CloudFront Developer Guide* .", - "title": "RealtimeLogConfigArn", + "BudgetType": { + "markdownDescription": "Specifies whether this budget tracks costs, usage, RI utilization, RI coverage, Savings Plans utilization, or Savings Plans coverage.", + "title": "BudgetType", "type": "string" }, - "ResponseHeadersPolicyId": { - "markdownDescription": "The identifier for a response headers policy.", - "title": "ResponseHeadersPolicyId", - "type": "string" + "CostFilters": { + "markdownDescription": "The cost filters, such as `Region` , `Service` , `LinkedAccount` , `Tag` , or `CostCategory` , that are applied to a budget.\n\nAWS Budgets supports the following services as a `Service` filter for RI budgets:\n\n- Amazon EC2\n- Amazon Redshift\n- Amazon Relational Database Service\n- Amazon ElastiCache\n- Amazon OpenSearch Service", + "title": "CostFilters", + "type": "object" }, - "SmoothStreaming": { - "markdownDescription": "Indicates whether you want to distribute media files in the Microsoft Smooth Streaming format using the origin that is associated with this cache behavior. If so, specify `true` ; if not, specify `false` . If you specify `true` for `SmoothStreaming` , you can still distribute other content using this cache behavior if the content matches the value of `PathPattern` .", - "title": "SmoothStreaming", - "type": "boolean" + "CostTypes": { + "$ref": "#/definitions/AWS::Budgets::Budget.CostTypes", + "markdownDescription": "The types of costs that are included in this `COST` budget.\n\n`USAGE` , `RI_UTILIZATION` , `RI_COVERAGE` , `SAVINGS_PLANS_UTILIZATION` , and `SAVINGS_PLANS_COVERAGE` budgets do not have `CostTypes` .", + "title": "CostTypes" }, - "TargetOriginId": { - "markdownDescription": "The value of `ID` for the origin that you want CloudFront to route requests to when they use the default cache behavior.", - "title": "TargetOriginId", - "type": "string" + "FilterExpression": { + "$ref": "#/definitions/AWS::Budgets::Budget.Expression", + "markdownDescription": "", + "title": "FilterExpression" }, - "TrustedKeyGroups": { + "Metrics": { "items": { "type": "string" }, - "markdownDescription": "A list of key groups that CloudFront can use to validate signed URLs or signed cookies.\n\nWhen a cache behavior contains trusted key groups, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with a private key whose corresponding public key is in the key group. The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", - "title": "TrustedKeyGroups", + "markdownDescription": "", + "title": "Metrics", "type": "array" }, - "TrustedSigners": { - "items": { - "type": "string" - }, - "markdownDescription": "> We recommend using `TrustedKeyGroups` instead of `TrustedSigners` . \n\nA list of AWS account IDs whose public keys CloudFront can use to validate signed URLs or signed cookies.\n\nWhen a cache behavior contains trusted signers, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with the private key of a CloudFront key pair in a trusted signer's AWS account . The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", - "title": "TrustedSigners", - "type": "array" + "PlannedBudgetLimits": { + "markdownDescription": "A map containing multiple `BudgetLimit` , including current or future limits.\n\n`PlannedBudgetLimits` is available for cost or usage budget and supports both monthly and quarterly `TimeUnit` .\n\nFor monthly budgets, provide 12 months of `PlannedBudgetLimits` values. This must start from the current month and include the next 11 months. The `key` is the start of the month, `UTC` in epoch seconds.\n\nFor quarterly budgets, provide four quarters of `PlannedBudgetLimits` value entries in standard calendar quarter increments. This must start from the current quarter and include the next three quarters. The `key` is the start of the quarter, `UTC` in epoch seconds.\n\nIf the planned budget expires before 12 months for monthly or four quarters for quarterly, provide the `PlannedBudgetLimits` values only for the remaining periods.\n\nIf the budget begins at a date in the future, provide `PlannedBudgetLimits` values from the start date of the budget.\n\nAfter all of the `BudgetLimit` values in `PlannedBudgetLimits` are used, the budget continues to use the last limit as the `BudgetLimit` . At that point, the planned budget provides the same experience as a fixed budget.\n\n`DescribeBudget` and `DescribeBudgets` response along with `PlannedBudgetLimits` also contain `BudgetLimit` representing the current month or quarter limit present in `PlannedBudgetLimits` . This only applies to budgets that are created with `PlannedBudgetLimits` . Budgets that are created without `PlannedBudgetLimits` only contain `BudgetLimit` . They don't contain `PlannedBudgetLimits` .", + "title": "PlannedBudgetLimits", + "type": "object" }, - "ViewerProtocolPolicy": { - "markdownDescription": "The protocol that viewers can use to access the files in the origin specified by `TargetOriginId` when a request matches the path pattern in `PathPattern` . You can specify the following options:\n\n- `allow-all` : Viewers can use HTTP or HTTPS.\n- `redirect-to-https` : If a viewer submits an HTTP request, CloudFront returns an HTTP status code of 301 (Moved Permanently) to the viewer along with the HTTPS URL. The viewer then resubmits the request using the new URL.\n- `https-only` : If a viewer sends an HTTP request, CloudFront returns an HTTP status code of 403 (Forbidden).\n\nFor more information about requiring the HTTPS protocol, see [Requiring HTTPS Between Viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-https-viewers-to-cloudfront.html) in the *Amazon CloudFront Developer Guide* .\n\n> The only way to guarantee that viewers retrieve an object that was fetched from the origin using HTTPS is never to use any other protocol to fetch the object. If you have recently changed from HTTP to HTTPS, we recommend that you clear your objects' cache because cached objects are protocol agnostic. That means that an edge location will return an object from the cache regardless of whether the current request protocol matches the protocol used previously. For more information, see [Managing Cache Expiration](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", - "title": "ViewerProtocolPolicy", + "TimePeriod": { + "$ref": "#/definitions/AWS::Budgets::Budget.TimePeriod", + "markdownDescription": "The period of time that is covered by a budget. The period has a start date and an end date. The start date must come before the end date. There are no restrictions on the end date.\n\nThe start date for a budget. If you created your budget and didn't specify a start date, the start date defaults to the start of the chosen time period (MONTHLY, QUARTERLY, or ANNUALLY). For example, if you create your budget on January 24, 2019, choose `MONTHLY` , and don't set a start date, the start date defaults to `01/01/19 00:00 UTC` . The defaults are the same for the Billing and Cost Management console and the API.\n\nYou can change your start date with the `UpdateBudget` operation.\n\nAfter the end date, AWS deletes the budget and all associated notifications and subscribers.", + "title": "TimePeriod" + }, + "TimeUnit": { + "markdownDescription": "The length of time until a budget resets the actual and forecasted spend. `DAILY` is available only for `RI_UTILIZATION` and `RI_COVERAGE` budgets.", + "title": "TimeUnit", "type": "string" } }, "required": [ - "TargetOriginId", - "ViewerProtocolPolicy" + "BudgetType", + "TimeUnit" ], "type": "object" }, - "AWS::CloudFront::Distribution.DistributionConfig": { + "AWS::Budgets::Budget.CostCategoryValues": { "additionalProperties": false, "properties": { - "Aliases": { - "items": { - "type": "string" - }, - "markdownDescription": "A complex type that contains information about CNAMEs (alternate domain names), if any, for this distribution.", - "title": "Aliases", - "type": "array" + "Key": { + "markdownDescription": "The unique name of the cost category.", + "title": "Key", + "type": "string" }, - "CNAMEs": { + "MatchOptions": { "items": { "type": "string" }, - "markdownDescription": "An alias for the CloudFront distribution's domain name.\n\n> This property is legacy. We recommend that you use [Aliases](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-distributionconfig.html#cfn-cloudfront-distribution-distributionconfig-aliases) instead.", - "title": "CNAMEs", + "markdownDescription": "The match options that you can use to filter your results.", + "title": "MatchOptions", "type": "array" }, - "CacheBehaviors": { + "Values": { "items": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.CacheBehavior" + "type": "string" }, - "markdownDescription": "A complex type that contains zero or more `CacheBehavior` elements.", - "title": "CacheBehaviors", + "markdownDescription": "The specific value of the cost category.", + "title": "Values", "type": "array" + } + }, + "type": "object" + }, + "AWS::Budgets::Budget.CostTypes": { + "additionalProperties": false, + "properties": { + "IncludeCredit": { + "markdownDescription": "Specifies whether a budget includes credits.\n\nThe default value is `true` .", + "title": "IncludeCredit", + "type": "boolean" }, - "Comment": { - "markdownDescription": "A comment to describe the distribution. The comment cannot be longer than 128 characters.", - "title": "Comment", - "type": "string" - }, - "ContinuousDeploymentPolicyId": { - "markdownDescription": "The identifier of a continuous deployment policy. For more information, see `CreateContinuousDeploymentPolicy` .", - "title": "ContinuousDeploymentPolicyId", - "type": "string" - }, - "CustomErrorResponses": { - "items": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.CustomErrorResponse" - }, - "markdownDescription": "A complex type that controls the following:\n\n- Whether CloudFront replaces HTTP status codes in the 4xx and 5xx range with custom error messages before returning the response to the viewer.\n- How long CloudFront caches HTTP status codes in the 4xx and 5xx range.\n\nFor more information about custom error pages, see [Customizing Error Responses](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/custom-error-pages.html) in the *Amazon CloudFront Developer Guide* .", - "title": "CustomErrorResponses", - "type": "array" + "IncludeDiscount": { + "markdownDescription": "Specifies whether a budget includes discounts.\n\nThe default value is `true` .", + "title": "IncludeDiscount", + "type": "boolean" }, - "CustomOrigin": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.LegacyCustomOrigin", - "markdownDescription": "The user-defined HTTP server that serves as the origin for content that CloudFront distributes.\n\n> This property is legacy. We recommend that you use [Origin](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-origin.html) instead.", - "title": "CustomOrigin" + "IncludeOtherSubscription": { + "markdownDescription": "Specifies whether a budget includes non-RI subscription costs.\n\nThe default value is `true` .", + "title": "IncludeOtherSubscription", + "type": "boolean" }, - "DefaultCacheBehavior": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.DefaultCacheBehavior", - "markdownDescription": "A complex type that describes the default cache behavior if you don't specify a `CacheBehavior` element or if files don't match any of the values of `PathPattern` in `CacheBehavior` elements. You must create exactly one default cache behavior.", - "title": "DefaultCacheBehavior" + "IncludeRecurring": { + "markdownDescription": "Specifies whether a budget includes recurring fees such as monthly RI fees.\n\nThe default value is `true` .", + "title": "IncludeRecurring", + "type": "boolean" }, - "DefaultRootObject": { - "markdownDescription": "When a viewer requests the root URL for your distribution, the default root object is the object that you want CloudFront to request from your origin. For example, if your root URL is `https://www.example.com` , you can specify CloudFront to return the `index.html` file as the default root object. You can specify a default root object so that viewers see a specific file or object, instead of another object in your distribution (for example, `https://www.example.com/product-description.html` ). A default root object avoids exposing the contents of your distribution.\n\nYou can specify the object name or a path to the object name (for example, `index.html` or `exampleFolderName/index.html` ). Your string can't begin with a forward slash ( `/` ). Only specify the object name or the path to the object.\n\nIf you don't want to specify a default root object when you create a distribution, include an empty `DefaultRootObject` element.\n\nTo delete the default root object from an existing distribution, update the distribution configuration and include an empty `DefaultRootObject` element.\n\nTo replace the default root object, update the distribution configuration and specify the new object.\n\nFor more information about the default root object, see [Specify a default root object](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DefaultRootObject.html) in the *Amazon CloudFront Developer Guide* .", - "title": "DefaultRootObject", - "type": "string" + "IncludeRefund": { + "markdownDescription": "Specifies whether a budget includes refunds.\n\nThe default value is `true` .", + "title": "IncludeRefund", + "type": "boolean" }, - "Enabled": { - "markdownDescription": "From this field, you can enable or disable the selected distribution.", - "title": "Enabled", + "IncludeSubscription": { + "markdownDescription": "Specifies whether a budget includes subscriptions.\n\nThe default value is `true` .", + "title": "IncludeSubscription", "type": "boolean" }, - "HttpVersion": { - "markdownDescription": "(Optional) Specify the HTTP version(s) that you want viewers to use to communicate with CloudFront . The default value for new distributions is `http1.1` .\n\nFor viewers and CloudFront to use HTTP/2, viewers must support TLSv1.2 or later, and must support Server Name Indication (SNI).\n\nFor viewers and CloudFront to use HTTP/3, viewers must support TLSv1.3 and Server Name Indication (SNI). CloudFront supports HTTP/3 connection migration to allow the viewer to switch networks without losing connection. For more information about connection migration, see [Connection Migration](https://docs.aws.amazon.com/https://www.rfc-editor.org/rfc/rfc9000.html#name-connection-migration) at RFC 9000. For more information about supported TLSv1.3 ciphers, see [Supported protocols and ciphers between viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/secure-connections-supported-viewer-protocols-ciphers.html) .", - "title": "HttpVersion", - "type": "string" + "IncludeSupport": { + "markdownDescription": "Specifies whether a budget includes support subscription fees.\n\nThe default value is `true` .", + "title": "IncludeSupport", + "type": "boolean" }, - "IPV6Enabled": { - "markdownDescription": "If you want CloudFront to respond to IPv6 DNS requests with an IPv6 address for your distribution, specify `true` . If you specify `false` , CloudFront responds to IPv6 DNS requests with the DNS response code `NOERROR` and with no IP addresses. This allows viewers to submit a second request, for an IPv4 address for your distribution.\n\nIn general, you should enable IPv6 if you have users on IPv6 networks who want to access your content. However, if you're using signed URLs or signed cookies to restrict access to your content, and if you're using a custom policy that includes the `IpAddress` parameter to restrict the IP addresses that can access your content, don't enable IPv6. If you want to restrict access to some content by IP address and not restrict access to other content (or restrict access but not by IP address), you can create two distributions. For more information, see [Creating a Signed URL Using a Custom Policy](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-creating-signed-url-custom-policy.html) in the *Amazon CloudFront Developer Guide* .\n\nIf you're using an Amazon Route\u00a053 AWS Integration alias resource record set to route traffic to your CloudFront distribution, you need to create a second alias resource record set when both of the following are true:\n\n- You enable IPv6 for the distribution\n- You're using alternate domain names in the URLs for your objects\n\nFor more information, see [Routing Traffic to an Amazon CloudFront Web Distribution by Using Your Domain Name](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-to-cloudfront-distribution.html) in the *Amazon Route\u00a053 AWS Integration Developer Guide* .\n\nIf you created a CNAME resource record set, either with Amazon Route\u00a053 AWS Integration or with another DNS service, you don't need to make any changes. A CNAME record will route traffic to your distribution regardless of the IP address format of the viewer request.", - "title": "IPV6Enabled", + "IncludeTax": { + "markdownDescription": "Specifies whether a budget includes taxes.\n\nThe default value is `true` .", + "title": "IncludeTax", "type": "boolean" }, - "Logging": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.Logging", - "markdownDescription": "A complex type that controls whether access logs are written for the distribution.\n\nFor more information about logging, see [Access Logs](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/AccessLogs.html) in the *Amazon CloudFront Developer Guide* .", - "title": "Logging" + "IncludeUpfront": { + "markdownDescription": "Specifies whether a budget includes upfront RI costs.\n\nThe default value is `true` .", + "title": "IncludeUpfront", + "type": "boolean" }, - "OriginGroups": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginGroups", - "markdownDescription": "A complex type that contains information about origin groups for this distribution.\n\nSpecify a value for either the `Origins` or `OriginGroups` property.", - "title": "OriginGroups" + "UseAmortized": { + "markdownDescription": "Specifies whether a budget uses the amortized rate.\n\nThe default value is `false` .", + "title": "UseAmortized", + "type": "boolean" }, - "Origins": { + "UseBlended": { + "markdownDescription": "Specifies whether a budget uses a blended rate.\n\nThe default value is `false` .", + "title": "UseBlended", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::Budgets::Budget.Expression": { + "additionalProperties": false, + "properties": { + "And": { "items": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.Origin" + "$ref": "#/definitions/AWS::Budgets::Budget.Expression" }, - "markdownDescription": "A complex type that contains information about origins for this distribution.\n\nSpecify a value for either the `Origins` or `OriginGroups` property.", - "title": "Origins", + "markdownDescription": "Return results that match both Dimension objects.", + "title": "And", "type": "array" }, - "PriceClass": { - "markdownDescription": "The price class that corresponds with the maximum price that you want to pay for CloudFront service. If you specify `PriceClass_All` , CloudFront responds to requests for your objects from all CloudFront edge locations.\n\nIf you specify a price class other than `PriceClass_All` , CloudFront serves your objects from the CloudFront edge location that has the lowest latency among the edge locations in your price class. Viewers who are in or near regions that are excluded from your specified price class may encounter slower performance.\n\nFor more information about price classes, see [Choosing the Price Class for a CloudFront Distribution](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PriceClass.html) in the *Amazon CloudFront Developer Guide* . For information about CloudFront pricing, including how price classes (such as Price Class 100) map to CloudFront regions, see [Amazon CloudFront Pricing](https://docs.aws.amazon.com/cloudfront/pricing/) .", - "title": "PriceClass", - "type": "string" - }, - "Restrictions": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.Restrictions", - "markdownDescription": "A complex type that identifies ways in which you want to restrict distribution of your content.", - "title": "Restrictions" + "CostCategories": { + "$ref": "#/definitions/AWS::Budgets::Budget.CostCategoryValues", + "markdownDescription": "The filter that's based on CostCategoryValues.", + "title": "CostCategories" }, - "S3Origin": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.LegacyS3Origin", - "markdownDescription": "The origin as an Amazon S3 bucket.\n\n> This property is legacy. We recommend that you use [Origin](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-origin.html) instead.", - "title": "S3Origin" + "Dimensions": { + "$ref": "#/definitions/AWS::Budgets::Budget.ExpressionDimensionValues", + "markdownDescription": "The specific Dimension to use for Expression.", + "title": "Dimensions" }, - "Staging": { - "markdownDescription": "A Boolean that indicates whether this is a staging distribution. When this value is `true` , this is a staging distribution. When this value is `false` , this is not a staging distribution.", - "title": "Staging", - "type": "boolean" + "Not": { + "$ref": "#/definitions/AWS::Budgets::Budget.Expression", + "markdownDescription": "Return results that don't match a Dimension object.", + "title": "Not" }, - "ViewerCertificate": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.ViewerCertificate", - "markdownDescription": "A complex type that determines the distribution's SSL/TLS configuration for communicating with viewers.", - "title": "ViewerCertificate" + "Or": { + "items": { + "$ref": "#/definitions/AWS::Budgets::Budget.Expression" + }, + "markdownDescription": "Return results that match either Dimension object.", + "title": "Or", + "type": "array" }, - "WebACLId": { - "markdownDescription": "A unique identifier that specifies the AWS WAF web ACL, if any, to associate with this distribution. To specify a web ACL created using the latest version of AWS WAF , use the ACL ARN, for example `arn:aws:wafv2:us-east-1:123456789012:global/webacl/ExampleWebACL/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111` . To specify a web ACL created using AWS WAF Classic, use the ACL ID, for example `a1b2c3d4-5678-90ab-cdef-EXAMPLE11111` .\n\nAWS WAF is a web application firewall that lets you monitor the HTTP and HTTPS requests that are forwarded to CloudFront, and lets you control access to your content. Based on conditions that you specify, such as the IP addresses that requests originate from or the values of query strings, CloudFront responds to requests either with the requested content or with an HTTP 403 status code (Forbidden). You can also configure CloudFront to return a custom error page when a request is blocked. For more information about AWS WAF , see the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/what-is-aws-waf.html) .", - "title": "WebACLId", - "type": "string" + "Tags": { + "$ref": "#/definitions/AWS::Budgets::Budget.TagValues", + "markdownDescription": "The specific Tag to use for Expression.", + "title": "Tags" } }, - "required": [ - "DefaultCacheBehavior", - "Enabled" - ], "type": "object" }, - "AWS::CloudFront::Distribution.ForwardedValues": { + "AWS::Budgets::Budget.ExpressionDimensionValues": { "additionalProperties": false, "properties": { - "Cookies": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.Cookies", - "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include cookies in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send cookies to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nA complex type that specifies whether you want CloudFront to forward cookies to the origin and, if so, which ones. For more information about forwarding cookies to the origin, see [How CloudFront Forwards, Caches, and Logs Cookies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Cookies.html) in the *Amazon CloudFront Developer Guide* .", - "title": "Cookies" + "Key": { + "markdownDescription": "The name of the dimension that you want to filter on.", + "title": "Key", + "type": "string" }, - "Headers": { + "MatchOptions": { "items": { "type": "string" }, - "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include headers in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send headers to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nA complex type that specifies the `Headers` , if any, that you want CloudFront to forward to the origin for this cache behavior (whitelisted headers). For the headers that you specify, CloudFront also caches separate versions of a specified object that is based on the header values in viewer requests.\n\nFor more information, see [Caching Content Based on Request Headers](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/header-caching.html) in the *Amazon CloudFront Developer Guide* .", - "title": "Headers", + "markdownDescription": "The match options that you can use to filter your results. You can specify only one of these values in the array.", + "title": "MatchOptions", "type": "array" }, - "QueryString": { - "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include query strings in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send query strings to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nIndicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior and cache based on the query string parameters. CloudFront behavior depends on the value of `QueryString` and on the values that you specify for `QueryStringCacheKeys` , if any:\n\nIf you specify true for `QueryString` and you don't specify any values for `QueryStringCacheKeys` , CloudFront forwards all query string parameters to the origin and caches based on all query string parameters. Depending on how many query string parameters and values you have, this can adversely affect performance because CloudFront must forward more requests to the origin.\n\nIf you specify true for `QueryString` and you specify one or more values for `QueryStringCacheKeys` , CloudFront forwards all query string parameters to the origin, but it only caches based on the query string parameters that you specify.\n\nIf you specify false for `QueryString` , CloudFront doesn't forward any query string parameters to the origin, and doesn't cache based on query string parameters.\n\nFor more information, see [Configuring CloudFront to Cache Based on Query String Parameters](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/QueryStringParameters.html) in the *Amazon CloudFront Developer Guide* .", - "title": "QueryString", - "type": "boolean" - }, - "QueryStringCacheKeys": { + "Values": { "items": { "type": "string" }, - "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include query strings in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send query strings to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nA complex type that contains information about the query string parameters that you want CloudFront to use for caching for this cache behavior.", - "title": "QueryStringCacheKeys", + "markdownDescription": "The metadata values you can specify to filter upon, so that the results all match at least one of the specified values.", + "title": "Values", "type": "array" } }, - "required": [ - "QueryString" - ], "type": "object" }, - "AWS::CloudFront::Distribution.FunctionAssociation": { + "AWS::Budgets::Budget.HistoricalOptions": { "additionalProperties": false, "properties": { - "EventType": { - "markdownDescription": "The event type of the function, either `viewer-request` or `viewer-response` . You cannot use origin-facing event types ( `origin-request` and `origin-response` ) with a CloudFront function.", - "title": "EventType", - "type": "string" - }, - "FunctionARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the function.", - "title": "FunctionARN", - "type": "string" + "BudgetAdjustmentPeriod": { + "markdownDescription": "The number of budget periods included in the moving-average calculation that determines your auto-adjusted budget amount. The maximum value depends on the `TimeUnit` granularity of the budget:\n\n- For the `DAILY` granularity, the maximum value is `60` .\n- For the `MONTHLY` granularity, the maximum value is `12` .\n- For the `QUARTERLY` granularity, the maximum value is `4` .\n- For the `ANNUALLY` granularity, the maximum value is `1` .", + "title": "BudgetAdjustmentPeriod", + "type": "number" } }, + "required": [ + "BudgetAdjustmentPeriod" + ], "type": "object" }, - "AWS::CloudFront::Distribution.GeoRestriction": { + "AWS::Budgets::Budget.Notification": { "additionalProperties": false, "properties": { - "Locations": { - "items": { - "type": "string" - }, - "markdownDescription": "A complex type that contains a `Location` element for each country in which you want CloudFront either to distribute your content ( `whitelist` ) or not distribute your content ( `blacklist` ).\n\nThe `Location` element is a two-letter, uppercase country code for a country that you want to include in your `blacklist` or `whitelist` . Include one `Location` element for each country.\n\nCloudFront and `MaxMind` both use `ISO 3166` country codes. For the current list of countries and the corresponding codes, see `ISO 3166-1-alpha-2` code on the *International Organization for Standardization* website. You can also refer to the country list on the CloudFront console, which includes both country names and codes.", - "title": "Locations", - "type": "array" + "ComparisonOperator": { + "markdownDescription": "The comparison that's used for this notification.", + "title": "ComparisonOperator", + "type": "string" }, - "RestrictionType": { - "markdownDescription": "The method that you want to use to restrict distribution of your content by country:\n\n- `none` : No geo restriction is enabled, meaning access to content is not restricted by client geo location.\n- `blacklist` : The `Location` elements specify the countries in which you don't want CloudFront to distribute your content.\n- `whitelist` : The `Location` elements specify the countries in which you want CloudFront to distribute your content.", - "title": "RestrictionType", + "NotificationType": { + "markdownDescription": "Specifies whether the notification is for how much you have spent ( `ACTUAL` ) or for how much that you're forecasted to spend ( `FORECASTED` ).", + "title": "NotificationType", + "type": "string" + }, + "Threshold": { + "markdownDescription": "The threshold that's associated with a notification. Thresholds are always a percentage, and many customers find value being alerted between 50% - 200% of the budgeted amount. The maximum limit for your threshold is 1,000,000% above the budgeted amount.", + "title": "Threshold", + "type": "number" + }, + "ThresholdType": { + "markdownDescription": "The type of threshold for a notification. For `ABSOLUTE_VALUE` thresholds, AWS notifies you when you go over or are forecasted to go over your total cost threshold. For `PERCENTAGE` thresholds, AWS notifies you when you go over or are forecasted to go over a certain percentage of your forecasted spend. For example, if you have a budget for 200 dollars and you have a `PERCENTAGE` threshold of 80%, AWS notifies you when you go over 160 dollars.", + "title": "ThresholdType", "type": "string" } }, "required": [ - "RestrictionType" + "ComparisonOperator", + "NotificationType", + "Threshold" ], "type": "object" }, - "AWS::CloudFront::Distribution.LambdaFunctionAssociation": { + "AWS::Budgets::Budget.NotificationWithSubscribers": { "additionalProperties": false, "properties": { - "EventType": { - "markdownDescription": "Specifies the event type that triggers a Lambda@Edge function invocation. You can specify the following values:\n\n- `viewer-request` : The function executes when CloudFront receives a request from a viewer and before it checks to see whether the requested object is in the edge cache.\n- `origin-request` : The function executes only when CloudFront sends a request to your origin. When the requested object is in the edge cache, the function doesn't execute.\n- `origin-response` : The function executes after CloudFront receives a response from the origin and before it caches the object in the response. When the requested object is in the edge cache, the function doesn't execute.\n- `viewer-response` : The function executes before CloudFront returns the requested object to the viewer. The function executes regardless of whether the object was already in the edge cache.\n\nIf the origin returns an HTTP status code other than HTTP 200 (OK), the function doesn't execute.", - "title": "EventType", - "type": "string" - }, - "IncludeBody": { - "markdownDescription": "A flag that allows a Lambda@Edge function to have read access to the body content. For more information, see [Accessing the Request Body by Choosing the Include Body Option](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/lambda-include-body-access.html) in the Amazon CloudFront Developer Guide.", - "title": "IncludeBody", - "type": "boolean" + "Notification": { + "$ref": "#/definitions/AWS::Budgets::Budget.Notification", + "markdownDescription": "The notification that's associated with a budget.", + "title": "Notification" }, - "LambdaFunctionARN": { - "markdownDescription": "The ARN of the Lambda@Edge function. You must specify the ARN of a function version; you can't specify an alias or $LATEST.", - "title": "LambdaFunctionARN", - "type": "string" + "Subscribers": { + "items": { + "$ref": "#/definitions/AWS::Budgets::Budget.Subscriber" + }, + "markdownDescription": "A list of subscribers who are subscribed to this notification.", + "title": "Subscribers", + "type": "array" } }, + "required": [ + "Notification", + "Subscribers" + ], "type": "object" }, - "AWS::CloudFront::Distribution.LegacyCustomOrigin": { + "AWS::Budgets::Budget.ResourceTag": { "additionalProperties": false, "properties": { - "DNSName": { - "markdownDescription": "The domain name assigned to your CloudFront distribution.", - "title": "DNSName", + "Key": { + "markdownDescription": "The key that's associated with the tag.", + "title": "Key", "type": "string" }, - "HTTPPort": { - "markdownDescription": "The HTTP port that CloudFront uses to connect to the origin. Specify the HTTP port that the origin listens on.", - "title": "HTTPPort", - "type": "number" - }, - "HTTPSPort": { - "markdownDescription": "The HTTPS port that CloudFront uses to connect to the origin. Specify the HTTPS port that the origin listens on.", - "title": "HTTPSPort", - "type": "number" - }, - "OriginProtocolPolicy": { - "markdownDescription": "Specifies the protocol (HTTP or HTTPS) that CloudFront uses to connect to the origin.", - "title": "OriginProtocolPolicy", + "Value": { + "markdownDescription": "The value that's associated with the tag.", + "title": "Value", "type": "string" - }, - "OriginSSLProtocols": { - "items": { - "type": "string" - }, - "markdownDescription": "The minimum SSL/TLS protocol version that CloudFront uses when communicating with your origin server over HTTPs.\n\nFor more information, see [Minimum Origin SSL Protocol](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginSSLProtocols) in the *Amazon CloudFront Developer Guide* .", - "title": "OriginSSLProtocols", - "type": "array" } }, "required": [ - "DNSName", - "OriginProtocolPolicy", - "OriginSSLProtocols" + "Key" ], "type": "object" }, - "AWS::CloudFront::Distribution.LegacyS3Origin": { + "AWS::Budgets::Budget.Spend": { "additionalProperties": false, "properties": { - "DNSName": { - "markdownDescription": "The domain name assigned to your CloudFront distribution.", - "title": "DNSName", - "type": "string" + "Amount": { + "markdownDescription": "The cost or usage amount that's associated with a budget forecast, actual spend, or budget threshold.", + "title": "Amount", + "type": "number" }, - "OriginAccessIdentity": { - "markdownDescription": "The CloudFront origin access identity to associate with the distribution. Use an origin access identity to configure the distribution so that end users can only access objects in an Amazon S3 through CloudFront .\n\n> This property is legacy. We recommend that you use [OriginAccessControl](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-originaccesscontrol.html) instead.", - "title": "OriginAccessIdentity", + "Unit": { + "markdownDescription": "The unit of measurement that's used for the budget forecast, actual spend, or budget threshold.", + "title": "Unit", "type": "string" } }, "required": [ - "DNSName" + "Amount", + "Unit" ], "type": "object" }, - "AWS::CloudFront::Distribution.Logging": { + "AWS::Budgets::Budget.Subscriber": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The Amazon S3 bucket to store the access logs in, for example, `amzn-s3-demo-bucket.s3.amazonaws.com` .", - "title": "Bucket", + "Address": { + "markdownDescription": "The address that AWS sends budget notifications to, either an SNS topic or an email.\n\nWhen you create a subscriber, the value of `Address` can't contain line breaks.", + "title": "Address", "type": "string" }, - "IncludeCookies": { - "markdownDescription": "Specifies whether you want CloudFront to include cookies in access logs, specify `true` for `IncludeCookies` . If you choose to include cookies in logs, CloudFront logs all cookies regardless of how you configure the cache behaviors for this distribution. If you don't want to include cookies when you create a distribution or if you want to disable include cookies for an existing distribution, specify `false` for `IncludeCookies` .", - "title": "IncludeCookies", - "type": "boolean" - }, - "Prefix": { - "markdownDescription": "An optional string that you want CloudFront to prefix to the access log `filenames` for this distribution, for example, `myprefix/` . If you want to enable logging, but you don't want to specify a prefix, you still must include an empty `Prefix` element in the `Logging` element.", - "title": "Prefix", + "SubscriptionType": { + "markdownDescription": "The type of notification that AWS sends to a subscriber.", + "title": "SubscriptionType", "type": "string" } }, "required": [ - "Bucket" + "Address", + "SubscriptionType" ], "type": "object" }, - "AWS::CloudFront::Distribution.Origin": { + "AWS::Budgets::Budget.TagValues": { "additionalProperties": false, "properties": { - "ConnectionAttempts": { - "markdownDescription": "The number of times that CloudFront attempts to connect to the origin. The minimum number is 1, the maximum is 3, and the default (if you don't specify otherwise) is 3.\n\nFor a custom origin (including an Amazon S3 bucket that's configured with static website hosting), this value also specifies the number of times that CloudFront attempts to get a response from the origin, in the case of an [Origin Response Timeout](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginResponseTimeout) .\n\nFor more information, see [Origin Connection Attempts](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#origin-connection-attempts) in the *Amazon CloudFront Developer Guide* .", - "title": "ConnectionAttempts", - "type": "number" - }, - "ConnectionTimeout": { - "markdownDescription": "The number of seconds that CloudFront waits when trying to establish a connection to the origin. The minimum timeout is 1 second, the maximum is 10 seconds, and the default (if you don't specify otherwise) is 10 seconds.\n\nFor more information, see [Origin Connection Timeout](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#origin-connection-timeout) in the *Amazon CloudFront Developer Guide* .", - "title": "ConnectionTimeout", - "type": "number" - }, - "CustomOriginConfig": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.CustomOriginConfig", - "markdownDescription": "Use this type to specify an origin that is not an Amazon S3 bucket, with one exception. If the Amazon S3 bucket is configured with static website hosting, use this type. If the Amazon S3 bucket is not configured with static website hosting, use the `S3OriginConfig` type instead.", - "title": "CustomOriginConfig" - }, - "DomainName": { - "markdownDescription": "The domain name for the origin.\n\nFor more information, see [Origin Domain Name](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesDomainName) in the *Amazon CloudFront Developer Guide* .", - "title": "DomainName", - "type": "string" - }, - "Id": { - "markdownDescription": "A unique identifier for the origin. This value must be unique within the distribution.\n\nUse this value to specify the `TargetOriginId` in a `CacheBehavior` or `DefaultCacheBehavior` .", - "title": "Id", - "type": "string" - }, - "OriginAccessControlId": { - "markdownDescription": "The unique identifier of an origin access control for this origin.\n\nFor more information, see [Restricting access to an Amazon S3 origin](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html) in the *Amazon CloudFront Developer Guide* .", - "title": "OriginAccessControlId", + "Key": { + "markdownDescription": "The key for the tag.", + "title": "Key", "type": "string" }, - "OriginCustomHeaders": { + "MatchOptions": { "items": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginCustomHeader" + "type": "string" }, - "markdownDescription": "A list of HTTP header names and values that CloudFront adds to the requests that it sends to the origin.\n\nFor more information, see [Adding Custom Headers to Origin Requests](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/add-origin-custom-headers.html) in the *Amazon CloudFront Developer Guide* .", - "title": "OriginCustomHeaders", + "markdownDescription": "The match options that you can use to filter your results.", + "title": "MatchOptions", "type": "array" }, - "OriginPath": { - "markdownDescription": "An optional path that CloudFront appends to the origin domain name when CloudFront requests content from the origin.\n\nFor more information, see [Origin Path](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginPath) in the *Amazon CloudFront Developer Guide* .", - "title": "OriginPath", - "type": "string" - }, - "OriginShield": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginShield", - "markdownDescription": "CloudFront Origin Shield. Using Origin Shield can help reduce the load on your origin.\n\nFor more information, see [Using Origin Shield](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/origin-shield.html) in the *Amazon CloudFront Developer Guide* .", - "title": "OriginShield" - }, - "S3OriginConfig": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.S3OriginConfig", - "markdownDescription": "Use this type to specify an origin that is an Amazon S3 bucket that is not configured with static website hosting. To specify any other type of origin, including an Amazon S3 bucket that is configured with static website hosting, use the `CustomOriginConfig` type instead.", - "title": "S3OriginConfig" + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The specific value of the tag.", + "title": "Values", + "type": "array" } }, - "required": [ - "DomainName", - "Id" - ], "type": "object" }, - "AWS::CloudFront::Distribution.OriginCustomHeader": { + "AWS::Budgets::Budget.TimePeriod": { "additionalProperties": false, "properties": { - "HeaderName": { - "markdownDescription": "The name of a header that you want CloudFront to send to your origin. For more information, see [Adding Custom Headers to Origin Requests](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/forward-custom-headers.html) in the *Amazon CloudFront Developer Guide* .", - "title": "HeaderName", + "End": { + "markdownDescription": "The end date for a budget. If you didn't specify an end date, AWS set your end date to `06/15/87 00:00 UTC` . The defaults are the same for the Billing and Cost Management console and the API.\n\nAfter the end date, AWS deletes the budget and all the associated notifications and subscribers. You can change your end date with the `UpdateBudget` operation.", + "title": "End", "type": "string" }, - "HeaderValue": { - "markdownDescription": "The value for the header that you specified in the `HeaderName` field.", - "title": "HeaderValue", + "Start": { + "markdownDescription": "The start date for a budget. If you created your budget and didn't specify a start date, the start date defaults to the start of the chosen time period (MONTHLY, QUARTERLY, or ANNUALLY). For example, if you create your budget on January 24, 2019, choose `MONTHLY` , and don't set a start date, the start date defaults to `01/01/19 00:00 UTC` . The defaults are the same for the Billing and Cost Management console and the API.\n\nYou can change your start date with the `UpdateBudget` operation.\n\nValid values depend on the value of `BudgetType` :\n\n- If `BudgetType` is `COST` or `USAGE` : Valid values are `MONTHLY` , `QUARTERLY` , and `ANNUALLY` .\n- If `BudgetType` is `RI_UTILIZATION` or `RI_COVERAGE` : Valid values are `DAILY` , `MONTHLY` , `QUARTERLY` , and `ANNUALLY` .", + "title": "Start", "type": "string" } }, - "required": [ - "HeaderName", - "HeaderValue" - ], "type": "object" }, - "AWS::CloudFront::Distribution.OriginGroup": { + "AWS::Budgets::BudgetsAction": { "additionalProperties": false, "properties": { - "FailoverCriteria": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginGroupFailoverCriteria", - "markdownDescription": "A complex type that contains information about the failover criteria for an origin group.", - "title": "FailoverCriteria" + "Condition": { + "type": "string" }, - "Id": { - "markdownDescription": "The origin group's ID.", - "title": "Id", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Members": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginGroupMembers", - "markdownDescription": "A complex type that contains information about the origins in an origin group.", - "title": "Members" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ActionThreshold": { + "$ref": "#/definitions/AWS::Budgets::BudgetsAction.ActionThreshold", + "markdownDescription": "The trigger threshold of the action.", + "title": "ActionThreshold" + }, + "ActionType": { + "markdownDescription": "The type of action. This defines the type of tasks that can be carried out by this action. This field also determines the format for definition.", + "title": "ActionType", + "type": "string" + }, + "ApprovalModel": { + "markdownDescription": "This specifies if the action needs manual or automatic approval.", + "title": "ApprovalModel", + "type": "string" + }, + "BudgetName": { + "markdownDescription": "A string that represents the budget name. \":\" and \"\\\" characters aren't allowed.", + "title": "BudgetName", + "type": "string" + }, + "Definition": { + "$ref": "#/definitions/AWS::Budgets::BudgetsAction.Definition", + "markdownDescription": "Specifies all of the type-specific parameters.", + "title": "Definition" + }, + "ExecutionRoleArn": { + "markdownDescription": "The role passed for action execution and reversion. Roles and actions must be in the same account.", + "title": "ExecutionRoleArn", + "type": "string" + }, + "NotificationType": { + "markdownDescription": "The type of a notification.", + "title": "NotificationType", + "type": "string" + }, + "ResourceTags": { + "items": { + "$ref": "#/definitions/AWS::Budgets::BudgetsAction.ResourceTag" + }, + "markdownDescription": "An optional list of tags to associate with the specified budget action. Each tag consists of a key and a value, and each key must be unique for the resource.", + "title": "ResourceTags", + "type": "array" + }, + "Subscribers": { + "items": { + "$ref": "#/definitions/AWS::Budgets::BudgetsAction.Subscriber" + }, + "markdownDescription": "A list of subscribers.", + "title": "Subscribers", + "type": "array" + } + }, + "required": [ + "ActionThreshold", + "ActionType", + "BudgetName", + "Definition", + "ExecutionRoleArn", + "NotificationType", + "Subscribers" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Budgets::BudgetsAction" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "FailoverCriteria", - "Id", - "Members" + "Type", + "Properties" ], "type": "object" }, - "AWS::CloudFront::Distribution.OriginGroupFailoverCriteria": { + "AWS::Budgets::BudgetsAction.ActionThreshold": { "additionalProperties": false, "properties": { - "StatusCodes": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.StatusCodes", - "markdownDescription": "The status codes that, when returned from the primary origin, will trigger CloudFront to failover to the second origin.", - "title": "StatusCodes" + "Type": { + "markdownDescription": "The type of threshold for a notification.", + "title": "Type", + "type": "string" + }, + "Value": { + "markdownDescription": "The threshold of a notification.", + "title": "Value", + "type": "number" } }, "required": [ - "StatusCodes" + "Type", + "Value" ], "type": "object" }, - "AWS::CloudFront::Distribution.OriginGroupMember": { + "AWS::Budgets::BudgetsAction.Definition": { "additionalProperties": false, "properties": { - "OriginId": { - "markdownDescription": "The ID for an origin in an origin group.", - "title": "OriginId", - "type": "string" + "IamActionDefinition": { + "$ref": "#/definitions/AWS::Budgets::BudgetsAction.IamActionDefinition", + "markdownDescription": "The AWS Identity and Access Management ( IAM ) action definition details.", + "title": "IamActionDefinition" + }, + "ScpActionDefinition": { + "$ref": "#/definitions/AWS::Budgets::BudgetsAction.ScpActionDefinition", + "markdownDescription": "The service control policies (SCP) action definition details.", + "title": "ScpActionDefinition" + }, + "SsmActionDefinition": { + "$ref": "#/definitions/AWS::Budgets::BudgetsAction.SsmActionDefinition", + "markdownDescription": "The Amazon EC2 Systems Manager ( SSM ) action definition details.", + "title": "SsmActionDefinition" } }, - "required": [ - "OriginId" - ], "type": "object" }, - "AWS::CloudFront::Distribution.OriginGroupMembers": { + "AWS::Budgets::BudgetsAction.IamActionDefinition": { "additionalProperties": false, "properties": { - "Items": { + "Groups": { "items": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginGroupMember" + "type": "string" }, - "markdownDescription": "Items (origins) in an origin group.", - "title": "Items", + "markdownDescription": "A list of groups to be attached. There must be at least one group.", + "title": "Groups", "type": "array" }, - "Quantity": { - "markdownDescription": "The number of origins in an origin group.", - "title": "Quantity", - "type": "number" - } - }, - "required": [ - "Items", - "Quantity" - ], - "type": "object" - }, - "AWS::CloudFront::Distribution.OriginGroups": { - "additionalProperties": false, - "properties": { - "Items": { + "PolicyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the policy to be attached.", + "title": "PolicyArn", + "type": "string" + }, + "Roles": { "items": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginGroup" + "type": "string" }, - "markdownDescription": "The items (origin groups) in a distribution.", - "title": "Items", + "markdownDescription": "A list of roles to be attached. There must be at least one role.", + "title": "Roles", "type": "array" }, - "Quantity": { - "markdownDescription": "The number of origin groups.", - "title": "Quantity", - "type": "number" + "Users": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of users to be attached. There must be at least one user.", + "title": "Users", + "type": "array" } }, "required": [ - "Quantity" + "PolicyArn" ], "type": "object" }, - "AWS::CloudFront::Distribution.OriginShield": { + "AWS::Budgets::BudgetsAction.ResourceTag": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "A flag that specifies whether Origin Shield is enabled.\n\nWhen it's enabled, CloudFront routes all requests through Origin Shield, which can help protect your origin. When it's disabled, CloudFront might send requests directly to your origin from multiple edge locations or regional edge caches.", - "title": "Enabled", - "type": "boolean" + "Key": { + "markdownDescription": "The key that's associated with the tag.", + "title": "Key", + "type": "string" }, - "OriginShieldRegion": { - "markdownDescription": "The AWS Region for Origin Shield.\n\nSpecify the AWS Region that has the lowest latency to your origin. To specify a region, use the region code, not the region name. For example, specify the US East (Ohio) region as `us-east-2` .\n\nWhen you enable CloudFront Origin Shield, you must specify the AWS Region for Origin Shield. For the list of AWS Regions that you can specify, and for help choosing the best Region for your origin, see [Choosing the AWS Region for Origin Shield](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/origin-shield.html#choose-origin-shield-region) in the *Amazon CloudFront Developer Guide* .", - "title": "OriginShieldRegion", + "Value": { + "markdownDescription": "The value that's associated with the tag.", + "title": "Value", "type": "string" } }, - "type": "object" - }, - "AWS::CloudFront::Distribution.Restrictions": { - "additionalProperties": false, - "properties": { - "GeoRestriction": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.GeoRestriction", - "markdownDescription": "A complex type that controls the countries in which your content is distributed. CloudFront determines the location of your users using `MaxMind` GeoIP databases. To disable geo restriction, remove the [Restrictions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-distributionconfig.html#cfn-cloudfront-distribution-distributionconfig-restrictions) property from your stack template.", - "title": "GeoRestriction" - } - }, "required": [ - "GeoRestriction" + "Key", + "Value" ], "type": "object" }, - "AWS::CloudFront::Distribution.S3OriginConfig": { + "AWS::Budgets::BudgetsAction.ScpActionDefinition": { "additionalProperties": false, "properties": { - "OriginAccessIdentity": { - "markdownDescription": "> If you're using origin access control (OAC) instead of origin access identity, specify an empty `OriginAccessIdentity` element. For more information, see [Restricting access to an AWS](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-origin.html) in the *Amazon CloudFront Developer Guide* . \n\nThe CloudFront origin access identity to associate with the origin. Use an origin access identity to configure the origin so that viewers can *only* access objects in an Amazon S3 bucket through CloudFront. The format of the value is:\n\n`origin-access-identity/cloudfront/ID-of-origin-access-identity`\n\nThe `*ID-of-origin-access-identity*` is the value that CloudFront returned in the `ID` element when you created the origin access identity.\n\nIf you want viewers to be able to access objects using either the CloudFront URL or the Amazon S3 URL, specify an empty `OriginAccessIdentity` element.\n\nTo delete the origin access identity from an existing distribution, update the distribution configuration and include an empty `OriginAccessIdentity` element.\n\nTo replace the origin access identity, update the distribution configuration and specify the new origin access identity.\n\nFor more information about the origin access identity, see [Serving Private Content through CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", - "title": "OriginAccessIdentity", + "PolicyId": { + "markdownDescription": "The policy ID attached.", + "title": "PolicyId", "type": "string" + }, + "TargetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of target IDs.", + "title": "TargetIds", + "type": "array" } }, + "required": [ + "PolicyId", + "TargetIds" + ], "type": "object" }, - "AWS::CloudFront::Distribution.StatusCodes": { + "AWS::Budgets::BudgetsAction.SsmActionDefinition": { "additionalProperties": false, "properties": { - "Items": { + "InstanceIds": { "items": { - "type": "number" + "type": "string" }, - "markdownDescription": "The items (status codes) for an origin group.", - "title": "Items", + "markdownDescription": "The EC2 and RDS instance IDs.", + "title": "InstanceIds", "type": "array" }, - "Quantity": { - "markdownDescription": "The number of status codes.", - "title": "Quantity", - "type": "number" + "Region": { + "markdownDescription": "The Region to run the ( SSM ) document.", + "title": "Region", + "type": "string" + }, + "Subtype": { + "markdownDescription": "The action subType.", + "title": "Subtype", + "type": "string" } }, "required": [ - "Items", - "Quantity" + "InstanceIds", + "Region", + "Subtype" ], "type": "object" }, - "AWS::CloudFront::Distribution.ViewerCertificate": { + "AWS::Budgets::BudgetsAction.Subscriber": { "additionalProperties": false, "properties": { - "AcmCertificateArn": { - "markdownDescription": "> In CloudFormation, this field name is `AcmCertificateArn` . Note the different capitalization. \n\nIf the distribution uses `Aliases` (alternate domain names or CNAMEs) and the SSL/TLS certificate is stored in [AWS Certificate Manager (ACM)](https://docs.aws.amazon.com/acm/latest/userguide/acm-overview.html) , provide the Amazon Resource Name (ARN) of the ACM certificate. CloudFront only supports ACM certificates in the US East (N. Virginia) Region ( `us-east-1` ).\n\nIf you specify an ACM certificate ARN, you must also specify values for `MinimumProtocolVersion` and `SSLSupportMethod` . (In CloudFormation, the field name is `SslSupportMethod` . Note the different capitalization.)", - "title": "AcmCertificateArn", - "type": "string" - }, - "CloudFrontDefaultCertificate": { - "markdownDescription": "If the distribution uses the CloudFront domain name such as `d111111abcdef8.cloudfront.net` , set this field to `true` .\n\nIf the distribution uses `Aliases` (alternate domain names or CNAMEs), omit this field and specify values for the following fields:\n\n- `AcmCertificateArn` or `IamCertificateId` (specify a value for one, not both)\n- `MinimumProtocolVersion`\n- `SslSupportMethod`", - "title": "CloudFrontDefaultCertificate", - "type": "boolean" - }, - "IamCertificateId": { - "markdownDescription": "> In CloudFormation, this field name is `IamCertificateId` . Note the different capitalization. \n\nIf the distribution uses `Aliases` (alternate domain names or CNAMEs) and the SSL/TLS certificate is stored in [AWS Identity and Access Management (IAM)](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html) , provide the ID of the IAM certificate.\n\nIf you specify an IAM certificate ID, you must also specify values for `MinimumProtocolVersion` and `SSLSupportMethod` . (In CloudFormation, the field name is `SslSupportMethod` . Note the different capitalization.)", - "title": "IamCertificateId", - "type": "string" - }, - "MinimumProtocolVersion": { - "markdownDescription": "If the distribution uses `Aliases` (alternate domain names or CNAMEs), specify the security policy that you want CloudFront to use for HTTPS connections with viewers. The security policy determines two settings:\n\n- The minimum SSL/TLS protocol that CloudFront can use to communicate with viewers.\n- The ciphers that CloudFront can use to encrypt the content that it returns to viewers.\n\nFor more information, see [Security Policy](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValues-security-policy) and [Supported Protocols and Ciphers Between Viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/secure-connections-supported-viewer-protocols-ciphers.html#secure-connections-supported-ciphers) in the *Amazon CloudFront Developer Guide* .\n\n> On the CloudFront console, this setting is called *Security Policy* . \n\nWhen you're using SNI only (you set `SSLSupportMethod` to `sni-only` ), you must specify `TLSv1` or higher. (In CloudFormation, the field name is `SslSupportMethod` . Note the different capitalization.)\n\nIf the distribution uses the CloudFront domain name such as `d111111abcdef8.cloudfront.net` (you set `CloudFrontDefaultCertificate` to `true` ), CloudFront automatically sets the security policy to `TLSv1` regardless of the value that you set here.", - "title": "MinimumProtocolVersion", + "Address": { + "markdownDescription": "The address that AWS sends budget notifications to, either an SNS topic or an email.\n\nWhen you create a subscriber, the value of `Address` can't contain line breaks.", + "title": "Address", "type": "string" }, - "SslSupportMethod": { - "markdownDescription": "> In CloudFormation, this field name is `SslSupportMethod` . Note the different capitalization. \n\nIf the distribution uses `Aliases` (alternate domain names or CNAMEs), specify which viewers the distribution accepts HTTPS connections from.\n\n- `sni-only` \u2013 The distribution accepts HTTPS connections from only viewers that support [server name indication (SNI)](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Server_Name_Indication) . This is recommended. Most browsers and clients support SNI.\n- `vip` \u2013 The distribution accepts HTTPS connections from all viewers including those that don't support SNI. This is not recommended, and results in additional monthly charges from CloudFront.\n- `static-ip` - Do not specify this value unless your distribution has been enabled for this feature by the CloudFront team. If you have a use case that requires static IP addresses for a distribution, contact CloudFront through the [Support Center](https://docs.aws.amazon.com/support/home) .\n\nIf the distribution uses the CloudFront domain name such as `d111111abcdef8.cloudfront.net` , don't set a value for this field.", - "title": "SslSupportMethod", + "Type": { + "markdownDescription": "The type of notification that AWS sends to a subscriber.", + "title": "Type", "type": "string" } }, + "required": [ + "Address", + "Type" + ], "type": "object" }, - "AWS::CloudFront::Function": { + "AWS::CE::AnomalyMonitor": { "additionalProperties": false, "properties": { "Condition": { @@ -37366,42 +42404,44 @@ "Properties": { "additionalProperties": false, "properties": { - "AutoPublish": { - "markdownDescription": "A flag that determines whether to automatically publish the function to the `LIVE` stage when it\u2019s created. To automatically publish to the `LIVE` stage, set this property to `true` .", - "title": "AutoPublish", - "type": "boolean" - }, - "FunctionCode": { - "markdownDescription": "The function code. For more information about writing a CloudFront function, see [Writing function code for CloudFront Functions](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/writing-function-code.html) in the *Amazon CloudFront Developer Guide* .", - "title": "FunctionCode", + "MonitorDimension": { + "markdownDescription": "The dimensions to evaluate.", + "title": "MonitorDimension", "type": "string" }, - "FunctionConfig": { - "$ref": "#/definitions/AWS::CloudFront::Function.FunctionConfig", - "markdownDescription": "Contains configuration information about a CloudFront function.", - "title": "FunctionConfig" + "MonitorName": { + "markdownDescription": "The name of the monitor.", + "title": "MonitorName", + "type": "string" }, - "FunctionMetadata": { - "$ref": "#/definitions/AWS::CloudFront::Function.FunctionMetadata", - "markdownDescription": "Contains metadata about a CloudFront function.", - "title": "FunctionMetadata" + "MonitorSpecification": { + "markdownDescription": "The array of `MonitorSpecification` in JSON array format. For instance, you can use `MonitorSpecification` to specify a tag, Cost Category, or linked account for your custom anomaly monitor. For further information, see the [Examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ce-anomalymonitor.html#aws-resource-ce-anomalymonitor--examples) section of this page.", + "title": "MonitorSpecification", + "type": "string" }, - "Name": { - "markdownDescription": "A name to identify the function.", - "title": "Name", + "MonitorType": { + "markdownDescription": "The possible type values.", + "title": "MonitorType", "type": "string" + }, + "ResourceTags": { + "items": { + "$ref": "#/definitions/AWS::CE::AnomalyMonitor.ResourceTag" + }, + "markdownDescription": "", + "title": "ResourceTags", + "type": "array" } }, "required": [ - "FunctionCode", - "FunctionConfig", - "Name" + "MonitorName", + "MonitorType" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFront::Function" + "AWS::CE::AnomalyMonitor" ], "type": "string" }, @@ -37420,60 +42460,27 @@ ], "type": "object" }, - "AWS::CloudFront::Function.FunctionConfig": { + "AWS::CE::AnomalyMonitor.ResourceTag": { "additionalProperties": false, "properties": { - "Comment": { - "markdownDescription": "A comment to describe the function.", - "title": "Comment", + "Key": { + "markdownDescription": "The key that's associated with the tag.", + "title": "Key", "type": "string" }, - "KeyValueStoreAssociations": { - "items": { - "$ref": "#/definitions/AWS::CloudFront::Function.KeyValueStoreAssociation" - }, - "markdownDescription": "The configuration for the key value store associations.", - "title": "KeyValueStoreAssociations", - "type": "array" - }, - "Runtime": { - "markdownDescription": "The function's runtime environment version.", - "title": "Runtime", - "type": "string" - } - }, - "required": [ - "Comment", - "Runtime" - ], - "type": "object" - }, - "AWS::CloudFront::Function.FunctionMetadata": { - "additionalProperties": false, - "properties": { - "FunctionARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the function. The ARN uniquely identifies the function.", - "title": "FunctionARN", - "type": "string" - } - }, - "type": "object" - }, - "AWS::CloudFront::Function.KeyValueStoreAssociation": { - "additionalProperties": false, - "properties": { - "KeyValueStoreARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the key value store association.", - "title": "KeyValueStoreARN", + "Value": { + "markdownDescription": "The value that's associated with the tag.", + "title": "Value", "type": "string" } }, "required": [ - "KeyValueStoreARN" + "Key", + "Value" ], "type": "object" }, - "AWS::CloudFront::KeyGroup": { + "AWS::CE::AnomalySubscription": { "additionalProperties": false, "properties": { "Condition": { @@ -37508,20 +42515,62 @@ "Properties": { "additionalProperties": false, "properties": { - "KeyGroupConfig": { - "$ref": "#/definitions/AWS::CloudFront::KeyGroup.KeyGroupConfig", - "markdownDescription": "The key group configuration.", - "title": "KeyGroupConfig" + "Frequency": { + "markdownDescription": "The frequency that anomaly notifications are sent. Notifications are sent either over email (for DAILY and WEEKLY frequencies) or SNS (for IMMEDIATE frequency). For more information, see [Creating an Amazon SNS topic for anomaly notifications](https://docs.aws.amazon.com/cost-management/latest/userguide/ad-SNS.html) .", + "title": "Frequency", + "type": "string" + }, + "MonitorArnList": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of cost anomaly monitors.", + "title": "MonitorArnList", + "type": "array" + }, + "ResourceTags": { + "items": { + "$ref": "#/definitions/AWS::CE::AnomalySubscription.ResourceTag" + }, + "markdownDescription": "", + "title": "ResourceTags", + "type": "array" + }, + "Subscribers": { + "items": { + "$ref": "#/definitions/AWS::CE::AnomalySubscription.Subscriber" + }, + "markdownDescription": "A list of subscribers to notify.", + "title": "Subscribers", + "type": "array" + }, + "SubscriptionName": { + "markdownDescription": "The name for the subscription.", + "title": "SubscriptionName", + "type": "string" + }, + "Threshold": { + "markdownDescription": "(deprecated)\n\nAn absolute dollar value that must be exceeded by the anomaly's total impact (see [Impact](https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_Impact.html) for more details) for an anomaly notification to be generated.\n\nThis field has been deprecated. To specify a threshold, use ThresholdExpression. Continued use of Threshold will be treated as shorthand syntax for a ThresholdExpression.\n\nOne of Threshold or ThresholdExpression is required for `AWS::CE::AnomalySubscription` . You cannot specify both.", + "title": "Threshold", + "type": "number" + }, + "ThresholdExpression": { + "markdownDescription": "An [Expression](https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_Expression.html) object in JSON string format used to specify the anomalies that you want to generate alerts for. This supports dimensions and nested expressions. The supported dimensions are `ANOMALY_TOTAL_IMPACT_ABSOLUTE` and `ANOMALY_TOTAL_IMPACT_PERCENTAGE` , corresponding to an anomaly\u2019s TotalImpact and TotalImpactPercentage, respectively (see [Impact](https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_Impact.html) for more details). The supported nested expression types are `AND` and `OR` . The match option `GREATER_THAN_OR_EQUAL` is required. Values must be numbers between 0 and 10,000,000,000 in string format.\n\nOne of Threshold or ThresholdExpression is required for `AWS::CE::AnomalySubscription` . You cannot specify both.\n\nFor further information, see the [Examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ce-anomalysubscription.html#aws-resource-ce-anomalysubscription--examples) section of this page.", + "title": "ThresholdExpression", + "type": "string" } }, "required": [ - "KeyGroupConfig" + "Frequency", + "MonitorArnList", + "Subscribers", + "SubscriptionName" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFront::KeyGroup" + "AWS::CE::AnomalySubscription" ], "type": "string" }, @@ -37540,35 +42589,52 @@ ], "type": "object" }, - "AWS::CloudFront::KeyGroup.KeyGroupConfig": { + "AWS::CE::AnomalySubscription.ResourceTag": { "additionalProperties": false, "properties": { - "Comment": { - "markdownDescription": "A comment to describe the key group. The comment cannot be longer than 128 characters.", - "title": "Comment", + "Key": { + "markdownDescription": "The key that's associated with the tag.", + "title": "Key", "type": "string" }, - "Items": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the identifiers of the public keys in the key group.", - "title": "Items", - "type": "array" + "Value": { + "markdownDescription": "The value that's associated with the tag.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::CE::AnomalySubscription.Subscriber": { + "additionalProperties": false, + "properties": { + "Address": { + "markdownDescription": "The email address or SNS Topic Amazon Resource Name (ARN), depending on the `Type` .", + "title": "Address", + "type": "string" }, - "Name": { - "markdownDescription": "A name to identify the key group.", - "title": "Name", + "Status": { + "markdownDescription": "Indicates if the subscriber accepts the notifications.", + "title": "Status", + "type": "string" + }, + "Type": { + "markdownDescription": "The notification delivery channel.", + "title": "Type", "type": "string" } }, "required": [ - "Items", - "Name" + "Address", + "Type" ], "type": "object" }, - "AWS::CloudFront::KeyValueStore": { + "AWS::CE::CostCategory": { "additionalProperties": false, "properties": { "Condition": { @@ -37603,30 +42669,50 @@ "Properties": { "additionalProperties": false, "properties": { - "Comment": { - "markdownDescription": "A comment for the key value store.", - "title": "Comment", + "DefaultValue": { + "markdownDescription": "The default value for the cost category.", + "title": "DefaultValue", "type": "string" }, - "ImportSource": { - "$ref": "#/definitions/AWS::CloudFront::KeyValueStore.ImportSource", - "markdownDescription": "The import source for the key value store.", - "title": "ImportSource" - }, "Name": { - "markdownDescription": "The name of the key value store.", + "markdownDescription": "The unique name of the Cost Category.", "title": "Name", "type": "string" + }, + "RuleVersion": { + "markdownDescription": "The rule schema version in this particular Cost Category.", + "title": "RuleVersion", + "type": "string" + }, + "Rules": { + "markdownDescription": "The array of CostCategoryRule in JSON array format.\n\n> Rules are processed in order. If there are multiple rules that match the line item, then the first rule to match is used to determine that Cost Category value.", + "title": "Rules", + "type": "string" + }, + "SplitChargeRules": { + "markdownDescription": "The split charge rules that are used to allocate your charges between your Cost Category values.", + "title": "SplitChargeRules", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::CE::CostCategory.ResourceTag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" } }, "required": [ - "Name" + "Name", + "RuleVersion", + "Rules" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFront::KeyValueStore" + "AWS::CE::CostCategory" ], "type": "string" }, @@ -37645,27 +42731,27 @@ ], "type": "object" }, - "AWS::CloudFront::KeyValueStore.ImportSource": { + "AWS::CE::CostCategory.ResourceTag": { "additionalProperties": false, "properties": { - "SourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the import source for the key value store.", - "title": "SourceArn", + "Key": { + "markdownDescription": "The key that's associated with the tag.", + "title": "Key", "type": "string" }, - "SourceType": { - "markdownDescription": "The source type of the import source for the key value store.", - "title": "SourceType", + "Value": { + "markdownDescription": "The value that's associated with the tag.", + "title": "Value", "type": "string" } }, "required": [ - "SourceArn", - "SourceType" + "Key", + "Value" ], "type": "object" }, - "AWS::CloudFront::MonitoringSubscription": { + "AWS::CUR::ReportDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -37700,26 +42786,89 @@ "Properties": { "additionalProperties": false, "properties": { - "DistributionId": { - "markdownDescription": "The ID of the distribution that you are enabling metrics for.", - "title": "DistributionId", + "AdditionalArtifacts": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of manifests that you want AWS to create for this report.", + "title": "AdditionalArtifacts", + "type": "array" + }, + "AdditionalSchemaElements": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of strings that indicate additional content that AWS includes in the report, such as individual resource IDs.", + "title": "AdditionalSchemaElements", + "type": "array" + }, + "BillingViewArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the billing view. You can get this value by using the billing view service public APIs.", + "title": "BillingViewArn", "type": "string" }, - "MonitoringSubscription": { - "$ref": "#/definitions/AWS::CloudFront::MonitoringSubscription.MonitoringSubscription", - "markdownDescription": "A subscription configuration for additional CloudWatch metrics.", - "title": "MonitoringSubscription" + "Compression": { + "markdownDescription": "The compression format that Amazon Web Services uses for the report.", + "title": "Compression", + "type": "string" + }, + "Format": { + "markdownDescription": "The format that Amazon Web Services saves the report in.", + "title": "Format", + "type": "string" + }, + "RefreshClosedReports": { + "markdownDescription": "Whether you want AWS to update your reports after they have been finalized if AWS detects charges related to previous months. These charges can include refunds, credits, or support fees.", + "title": "RefreshClosedReports", + "type": "boolean" + }, + "ReportName": { + "markdownDescription": "The name of the report that you want to create. The name must be unique, is case sensitive, and can't include spaces.", + "title": "ReportName", + "type": "string" + }, + "ReportVersioning": { + "markdownDescription": "Whether you want AWS to overwrite the previous version of each report or to deliver the report in addition to the previous versions.", + "title": "ReportVersioning", + "type": "string" + }, + "S3Bucket": { + "markdownDescription": "The S3 bucket where Amazon Web Services delivers the report.", + "title": "S3Bucket", + "type": "string" + }, + "S3Prefix": { + "markdownDescription": "The prefix that Amazon Web Services adds to the report name when Amazon Web Services delivers the report. Your prefix can't include spaces.", + "title": "S3Prefix", + "type": "string" + }, + "S3Region": { + "markdownDescription": "The Region of the S3 bucket that Amazon Web Services delivers the report into.", + "title": "S3Region", + "type": "string" + }, + "TimeUnit": { + "markdownDescription": "The granularity of the line items in the report.", + "title": "TimeUnit", + "type": "string" } }, "required": [ - "DistributionId", - "MonitoringSubscription" + "Compression", + "Format", + "RefreshClosedReports", + "ReportName", + "ReportVersioning", + "S3Bucket", + "S3Prefix", + "S3Region", + "TimeUnit" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFront::MonitoringSubscription" + "AWS::CUR::ReportDefinition" ], "type": "string" }, @@ -37738,32 +42887,7 @@ ], "type": "object" }, - "AWS::CloudFront::MonitoringSubscription.MonitoringSubscription": { - "additionalProperties": false, - "properties": { - "RealtimeMetricsSubscriptionConfig": { - "$ref": "#/definitions/AWS::CloudFront::MonitoringSubscription.RealtimeMetricsSubscriptionConfig", - "markdownDescription": "A subscription configuration for additional CloudWatch metrics.", - "title": "RealtimeMetricsSubscriptionConfig" - } - }, - "type": "object" - }, - "AWS::CloudFront::MonitoringSubscription.RealtimeMetricsSubscriptionConfig": { - "additionalProperties": false, - "properties": { - "RealtimeMetricsSubscriptionStatus": { - "markdownDescription": "A flag that indicates whether additional CloudWatch metrics are enabled for a given CloudFront distribution.", - "title": "RealtimeMetricsSubscriptionStatus", - "type": "string" - } - }, - "required": [ - "RealtimeMetricsSubscriptionStatus" - ], - "type": "object" - }, - "AWS::CloudFront::OriginAccessControl": { + "AWS::Cassandra::Keyspace": { "additionalProperties": false, "properties": { "Condition": { @@ -37798,20 +42922,35 @@ "Properties": { "additionalProperties": false, "properties": { - "OriginAccessControlConfig": { - "$ref": "#/definitions/AWS::CloudFront::OriginAccessControl.OriginAccessControlConfig", - "markdownDescription": "The origin access control.", - "title": "OriginAccessControlConfig" + "ClientSideTimestampsEnabled": { + "markdownDescription": "Indicates whether client-side timestamps are enabled (true) or disabled (false) for all tables in the keyspace. To add a Region to a single-Region keyspace with at least one table, the value must be set to true. After you've enabled client-side timestamps for a table, you can\u2019t disable it again.", + "title": "ClientSideTimestampsEnabled", + "type": "boolean" + }, + "KeyspaceName": { + "markdownDescription": "The name of the keyspace to be created. The keyspace name is case sensitive. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the keyspace name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n*Length constraints:* Minimum length of 1. Maximum length of 48.", + "title": "KeyspaceName", + "type": "string" + }, + "ReplicationSpecification": { + "$ref": "#/definitions/AWS::Cassandra::Keyspace.ReplicationSpecification", + "markdownDescription": "Specifies the `ReplicationStrategy` of a keyspace. The options are:\n\n- `SINGLE_REGION` for a single Region keyspace (optional) or\n- `MULTI_REGION` for a multi-Region keyspace\n\nIf no `ReplicationStrategy` is provided, the default is `SINGLE_REGION` . If you choose `MULTI_REGION` , you must also provide a `RegionList` with the AWS Regions that the keyspace is replicated in.", + "title": "ReplicationSpecification" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, - "required": [ - "OriginAccessControlConfig" - ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFront::OriginAccessControl" + "AWS::Cassandra::Keyspace" ], "type": "string" }, @@ -37825,49 +42964,30 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::CloudFront::OriginAccessControl.OriginAccessControlConfig": { + "AWS::Cassandra::Keyspace.ReplicationSpecification": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the origin access control.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "A name to identify the origin access control. You can specify up to 64 characters.", - "title": "Name", - "type": "string" - }, - "OriginAccessControlOriginType": { - "markdownDescription": "The type of origin that this origin access control is for.", - "title": "OriginAccessControlOriginType", - "type": "string" - }, - "SigningBehavior": { - "markdownDescription": "Specifies which requests CloudFront signs (adds authentication information to). Specify `always` for the most common use case. For more information, see [origin access control advanced settings](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html#oac-advanced-settings) in the *Amazon CloudFront Developer Guide* .\n\nThis field can have one of the following values:\n\n- `always` \u2013 CloudFront signs all origin requests, overwriting the `Authorization` header from the viewer request if one exists.\n- `never` \u2013 CloudFront doesn't sign any origin requests. This value turns off origin access control for all origins in all distributions that use this origin access control.\n- `no-override` \u2013 If the viewer request doesn't contain the `Authorization` header, then CloudFront signs the origin request. If the viewer request contains the `Authorization` header, then CloudFront doesn't sign the origin request and instead passes along the `Authorization` header from the viewer request. *WARNING: To pass along the `Authorization` header from the viewer request, you *must* add the `Authorization` header to a [cache policy](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html) for all cache behaviors that use origins associated with this origin access control.*", - "title": "SigningBehavior", - "type": "string" + "RegionList": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the AWS Regions that the keyspace is replicated in. You must specify at least two Regions, including the Region that the keyspace is being created in.\n\nTo specify a Region [that's disabled by default](https://docs.aws.amazon.com/accounts/latest/reference/manage-acct-regions.html#rande-manage-enable) , you must first enable the Region. For more information, see [Multi-Region replication in AWS Regions disabled by default](https://docs.aws.amazon.com/keyspaces/latest/devguide/multiRegion-replication_how-it-works.html#howitworks_mrr_opt_in) in the *Amazon Keyspaces Developer Guide* .", + "title": "RegionList", + "type": "array" }, - "SigningProtocol": { - "markdownDescription": "The signing protocol of the origin access control, which determines how CloudFront signs (authenticates) requests. The only valid value is `sigv4` .", - "title": "SigningProtocol", + "ReplicationStrategy": { + "markdownDescription": "The options are:\n\n- `SINGLE_REGION` (optional)\n- `MULTI_REGION`\n\nIf no value is specified, the default is `SINGLE_REGION` . If `MULTI_REGION` is specified, `RegionList` is required.", + "title": "ReplicationStrategy", "type": "string" } }, - "required": [ - "Name", - "OriginAccessControlOriginType", - "SigningBehavior", - "SigningProtocol" - ], "type": "object" }, - "AWS::CloudFront::OriginRequestPolicy": { + "AWS::Cassandra::Table": { "additionalProperties": false, "properties": { "Condition": { @@ -37902,20 +43022,101 @@ "Properties": { "additionalProperties": false, "properties": { - "OriginRequestPolicyConfig": { - "$ref": "#/definitions/AWS::CloudFront::OriginRequestPolicy.OriginRequestPolicyConfig", - "markdownDescription": "The origin request policy configuration.", - "title": "OriginRequestPolicyConfig" + "AutoScalingSpecifications": { + "$ref": "#/definitions/AWS::Cassandra::Table.AutoScalingSpecification", + "markdownDescription": "The optional auto scaling capacity settings for a table in provisioned capacity mode.", + "title": "AutoScalingSpecifications" + }, + "BillingMode": { + "$ref": "#/definitions/AWS::Cassandra::Table.BillingMode", + "markdownDescription": "The billing mode for the table, which determines how you'll be charged for reads and writes:\n\n- *On-demand mode* (default) - You pay based on the actual reads and writes your application performs.\n- *Provisioned mode* - Lets you specify the number of reads and writes per second that you need for your application.\n\nIf you don't specify a value for this property, then the table will use on-demand mode.", + "title": "BillingMode" + }, + "CdcSpecification": { + "$ref": "#/definitions/AWS::Cassandra::Table.CdcSpecification", + "markdownDescription": "The settings for the CDC stream of a table. For more information about CDC streams, see [Working with change data capture (CDC) streams in Amazon Keyspaces](https://docs.aws.amazon.com/keyspaces/latest/devguide/cdc.html) in the *Amazon Keyspaces Developer Guide* .", + "title": "CdcSpecification" + }, + "ClientSideTimestampsEnabled": { + "markdownDescription": "Enables client-side timestamps for the table. By default, the setting is disabled. You can enable client-side timestamps with the following option:\n\n- `status: \"enabled\"`\n\nAfter client-side timestamps are enabled for a table, you can't disable this setting.", + "title": "ClientSideTimestampsEnabled", + "type": "boolean" + }, + "ClusteringKeyColumns": { + "items": { + "$ref": "#/definitions/AWS::Cassandra::Table.ClusteringKeyColumn" + }, + "markdownDescription": "One or more columns that determine how the table data is sorted.", + "title": "ClusteringKeyColumns", + "type": "array" + }, + "DefaultTimeToLive": { + "markdownDescription": "The default Time To Live (TTL) value for all rows in a table in seconds. The maximum configurable value is 630,720,000 seconds, which is the equivalent of 20 years. By default, the TTL value for a table is 0, which means data does not expire.\n\nFor more information, see [Setting the default TTL value for a table](https://docs.aws.amazon.com/keyspaces/latest/devguide/TTL-how-it-works.html#ttl-howitworks_default_ttl) in the *Amazon Keyspaces Developer Guide* .", + "title": "DefaultTimeToLive", + "type": "number" + }, + "EncryptionSpecification": { + "$ref": "#/definitions/AWS::Cassandra::Table.EncryptionSpecification", + "markdownDescription": "The encryption at rest options for the table.\n\n- *AWS owned key* (default) - The key is owned by Amazon Keyspaces .\n- *Customer managed key* - The key is stored in your account and is created, owned, and managed by you.\n\n> If you choose encryption with a customer managed key, you must specify a valid customer managed KMS key with permissions granted to Amazon Keyspaces.\n\nFor more information, see [Encryption at rest in Amazon Keyspaces](https://docs.aws.amazon.com/keyspaces/latest/devguide/EncryptionAtRest.html) in the *Amazon Keyspaces Developer Guide* .", + "title": "EncryptionSpecification" + }, + "KeyspaceName": { + "markdownDescription": "The name of the keyspace to create the table in. The keyspace must already exist.", + "title": "KeyspaceName", + "type": "string" + }, + "PartitionKeyColumns": { + "items": { + "$ref": "#/definitions/AWS::Cassandra::Table.Column" + }, + "markdownDescription": "One or more columns that uniquely identify every row in the table. Every table must have a partition key.", + "title": "PartitionKeyColumns", + "type": "array" + }, + "PointInTimeRecoveryEnabled": { + "markdownDescription": "Specifies if point-in-time recovery is enabled or disabled for the table. The options are `PointInTimeRecoveryEnabled=true` and `PointInTimeRecoveryEnabled=false` . If not specified, the default is `PointInTimeRecoveryEnabled=false` .", + "title": "PointInTimeRecoveryEnabled", + "type": "boolean" + }, + "RegularColumns": { + "items": { + "$ref": "#/definitions/AWS::Cassandra::Table.Column" + }, + "markdownDescription": "One or more columns that are not part of the primary key - that is, columns that are *not* defined as partition key columns or clustering key columns.\n\nYou can add regular columns to existing tables by adding them to the template.", + "title": "RegularColumns", + "type": "array" + }, + "ReplicaSpecifications": { + "items": { + "$ref": "#/definitions/AWS::Cassandra::Table.ReplicaSpecification" + }, + "markdownDescription": "The AWS Region specific settings of a multi-Region table.\n\nFor a multi-Region table, you can configure the table's read capacity differently per AWS Region. You can do this by configuring the following parameters.\n\n- `region` : The Region where these settings are applied. (Required)\n- `readCapacityUnits` : The provisioned read capacity units. (Optional)\n- `readCapacityAutoScaling` : The read capacity auto scaling settings for the table. (Optional)", + "title": "ReplicaSpecifications", + "type": "array" + }, + "TableName": { + "markdownDescription": "The name of the table to be created. The table name is case sensitive. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the table name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you can't perform updates that require replacing this resource. You can perform updates that require no interruption or some interruption. If you must replace the resource, specify a new name. \n\n*Length constraints:* Minimum length of 3. Maximum length of 255.\n\n*Pattern:* `^[a-zA-Z0-9][a-zA-Z0-9_]{1,47}$`", + "title": "TableName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, "required": [ - "OriginRequestPolicyConfig" + "KeyspaceName", + "PartitionKeyColumns" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFront::OriginRequestPolicy" + "AWS::Cassandra::Table" ], "type": "string" }, @@ -37934,208 +43135,237 @@ ], "type": "object" }, - "AWS::CloudFront::OriginRequestPolicy.CookiesConfig": { + "AWS::Cassandra::Table.AutoScalingSetting": { "additionalProperties": false, "properties": { - "CookieBehavior": { - "markdownDescription": "Determines whether cookies in viewer requests are included in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` \u2013 No cookies in viewer requests are included in requests that CloudFront sends to the origin. Even when this field is set to `none` , any cookies that are listed in a `CachePolicy` *are* included in origin requests.\n- `whitelist` \u2013 Only the cookies in viewer requests that are listed in the `CookieNames` type are included in requests that CloudFront sends to the origin.\n- `all` \u2013 All cookies in viewer requests are included in requests that CloudFront sends to the origin.\n- `allExcept` \u2013 All cookies in viewer requests are included in requests that CloudFront sends to the origin, **except** for those listed in the `CookieNames` type, which are not included.", - "title": "CookieBehavior", + "AutoScalingDisabled": { + "markdownDescription": "This optional parameter enables auto scaling for the table if set to `false` .", + "title": "AutoScalingDisabled", + "type": "boolean" + }, + "MaximumUnits": { + "markdownDescription": "Manage costs by specifying the maximum amount of throughput to provision. The value must be between 1 and the max throughput per second quota for your account (40,000 by default).", + "title": "MaximumUnits", + "type": "number" + }, + "MinimumUnits": { + "markdownDescription": "The minimum level of throughput the table should always be ready to support. The value must be between 1 and the max throughput per second quota for your account (40,000 by default).", + "title": "MinimumUnits", + "type": "number" + }, + "ScalingPolicy": { + "$ref": "#/definitions/AWS::Cassandra::Table.ScalingPolicy", + "markdownDescription": "Amazon Keyspaces supports the `target tracking` auto scaling policy. With this policy, Amazon Keyspaces auto scaling ensures that the table's ratio of consumed to provisioned capacity stays at or near the target value that you specify. You define the target value as a percentage between 20 and 90.", + "title": "ScalingPolicy" + } + }, + "type": "object" + }, + "AWS::Cassandra::Table.AutoScalingSpecification": { + "additionalProperties": false, + "properties": { + "ReadCapacityAutoScaling": { + "$ref": "#/definitions/AWS::Cassandra::Table.AutoScalingSetting", + "markdownDescription": "The auto scaling settings for the table's read capacity.", + "title": "ReadCapacityAutoScaling" + }, + "WriteCapacityAutoScaling": { + "$ref": "#/definitions/AWS::Cassandra::Table.AutoScalingSetting", + "markdownDescription": "The auto scaling settings for the table's write capacity.", + "title": "WriteCapacityAutoScaling" + } + }, + "type": "object" + }, + "AWS::Cassandra::Table.BillingMode": { + "additionalProperties": false, + "properties": { + "Mode": { + "markdownDescription": "The billing mode for the table:\n\n- On-demand mode - `ON_DEMAND`\n- Provisioned mode - `PROVISIONED`\n\n> If you choose `PROVISIONED` mode, then you also need to specify provisioned throughput (read and write capacity) for the table.\n\nValid values: `ON_DEMAND` | `PROVISIONED`", + "title": "Mode", "type": "string" }, - "Cookies": { - "items": { - "type": "string" - }, - "markdownDescription": "Contains a list of cookie names.", - "title": "Cookies", - "type": "array" + "ProvisionedThroughput": { + "$ref": "#/definitions/AWS::Cassandra::Table.ProvisionedThroughput", + "markdownDescription": "The provisioned read capacity and write capacity for the table. For more information, see [Provisioned throughput capacity mode](https://docs.aws.amazon.com/keyspaces/latest/devguide/ReadWriteCapacityMode.html#ReadWriteCapacityMode.Provisioned) in the *Amazon Keyspaces Developer Guide* .", + "title": "ProvisionedThroughput" } }, "required": [ - "CookieBehavior" + "Mode" ], "type": "object" }, - "AWS::CloudFront::OriginRequestPolicy.HeadersConfig": { + "AWS::Cassandra::Table.CdcSpecification": { "additionalProperties": false, "properties": { - "HeaderBehavior": { - "markdownDescription": "Determines whether any HTTP headers are included in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` \u2013 No HTTP headers in viewer requests are included in requests that CloudFront sends to the origin. Even when this field is set to `none` , any headers that are listed in a `CachePolicy` *are* included in origin requests.\n- `whitelist` \u2013 Only the HTTP headers that are listed in the `Headers` type are included in requests that CloudFront sends to the origin.\n- `allViewer` \u2013 All HTTP headers in viewer requests are included in requests that CloudFront sends to the origin.\n- `allViewerAndWhitelistCloudFront` \u2013 All HTTP headers in viewer requests and the additional CloudFront headers that are listed in the `Headers` type are included in requests that CloudFront sends to the origin. The additional headers are added by CloudFront.\n- `allExcept` \u2013 All HTTP headers in viewer requests are included in requests that CloudFront sends to the origin, **except** for those listed in the `Headers` type, which are not included.", - "title": "HeaderBehavior", + "Status": { + "markdownDescription": "The status of the CDC stream. You can enable or disable a stream for a table.", + "title": "Status", "type": "string" }, - "Headers": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "Contains a list of HTTP header names.", - "title": "Headers", + "markdownDescription": "The tags (key-value pairs) that you want to apply to the stream.", + "title": "Tags", "type": "array" + }, + "ViewType": { + "markdownDescription": "The view type specifies the changes Amazon Keyspaces records for each changed row in the stream. After you create the stream, you can't make changes to this selection.\n\nThe options are:\n\n- `NEW_AND_OLD_IMAGES` - both versions of the row, before and after the change. This is the default.\n- `NEW_IMAGE` - the version of the row after the change.\n- `OLD_IMAGE` - the version of the row before the change.\n- `KEYS_ONLY` - the partition and clustering keys of the row that was changed.", + "title": "ViewType", + "type": "string" } }, "required": [ - "HeaderBehavior" + "Status" ], "type": "object" }, - "AWS::CloudFront::OriginRequestPolicy.OriginRequestPolicyConfig": { + "AWS::Cassandra::Table.ClusteringKeyColumn": { "additionalProperties": false, "properties": { - "Comment": { - "markdownDescription": "A comment to describe the origin request policy. The comment cannot be longer than 128 characters.", - "title": "Comment", - "type": "string" - }, - "CookiesConfig": { - "$ref": "#/definitions/AWS::CloudFront::OriginRequestPolicy.CookiesConfig", - "markdownDescription": "The cookies from viewer requests to include in origin requests.", - "title": "CookiesConfig" - }, - "HeadersConfig": { - "$ref": "#/definitions/AWS::CloudFront::OriginRequestPolicy.HeadersConfig", - "markdownDescription": "The HTTP headers to include in origin requests. These can include headers from viewer requests and additional headers added by CloudFront.", - "title": "HeadersConfig" + "Column": { + "$ref": "#/definitions/AWS::Cassandra::Table.Column", + "markdownDescription": "The name and data type of this clustering key column.", + "title": "Column" }, - "Name": { - "markdownDescription": "A unique name to identify the origin request policy.", - "title": "Name", + "OrderBy": { + "markdownDescription": "The order in which this column's data is stored:\n\n- `ASC` (default) - The column's data is stored in ascending order.\n- `DESC` - The column's data is stored in descending order.", + "title": "OrderBy", "type": "string" - }, - "QueryStringsConfig": { - "$ref": "#/definitions/AWS::CloudFront::OriginRequestPolicy.QueryStringsConfig", - "markdownDescription": "The URL query strings from viewer requests to include in origin requests.", - "title": "QueryStringsConfig" } }, "required": [ - "CookiesConfig", - "HeadersConfig", - "Name", - "QueryStringsConfig" + "Column" ], "type": "object" }, - "AWS::CloudFront::OriginRequestPolicy.QueryStringsConfig": { + "AWS::Cassandra::Table.Column": { "additionalProperties": false, "properties": { - "QueryStringBehavior": { - "markdownDescription": "Determines whether any URL query strings in viewer requests are included in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` \u2013 No query strings in viewer requests are included in requests that CloudFront sends to the origin. Even when this field is set to `none` , any query strings that are listed in a `CachePolicy` *are* included in origin requests.\n- `whitelist` \u2013 Only the query strings in viewer requests that are listed in the `QueryStringNames` type are included in requests that CloudFront sends to the origin.\n- `all` \u2013 All query strings in viewer requests are included in requests that CloudFront sends to the origin.\n- `allExcept` \u2013 All query strings in viewer requests are included in requests that CloudFront sends to the origin, **except** for those listed in the `QueryStringNames` type, which are not included.", - "title": "QueryStringBehavior", + "ColumnName": { + "markdownDescription": "The name of the column. For more information, see [Identifiers](https://docs.aws.amazon.com/keyspaces/latest/devguide/cql.elements.html#cql.elements.identifier) in the *Amazon Keyspaces Developer Guide* .", + "title": "ColumnName", "type": "string" }, - "QueryStrings": { - "items": { - "type": "string" - }, - "markdownDescription": "Contains a list of query string names.", - "title": "QueryStrings", - "type": "array" + "ColumnType": { + "markdownDescription": "The data type of the column. For more information, see [Data types](https://docs.aws.amazon.com/keyspaces/latest/devguide/cql.elements.html#cql.data-types) in the *Amazon Keyspaces Developer Guide* .", + "title": "ColumnType", + "type": "string" } }, "required": [ - "QueryStringBehavior" + "ColumnName", + "ColumnType" ], "type": "object" }, - "AWS::CloudFront::PublicKey": { + "AWS::Cassandra::Table.EncryptionSpecification": { "additionalProperties": false, "properties": { - "Condition": { + "EncryptionType": { + "markdownDescription": "The encryption at rest options for the table.\n\n- *AWS owned key* (default) - `AWS_OWNED_KMS_KEY`\n- *Customer managed key* - `CUSTOMER_MANAGED_KMS_KEY`\n\n> If you choose `CUSTOMER_MANAGED_KMS_KEY` , a `kms_key_identifier` in the format of a key ARN is required.\n\nValid values: `CUSTOMER_MANAGED_KMS_KEY` | `AWS_OWNED_KMS_KEY` .", + "title": "EncryptionType", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "KmsKeyIdentifier": { + "markdownDescription": "Requires a `kms_key_identifier` in the format of a key ARN.", + "title": "KmsKeyIdentifier", "type": "string" + } + }, + "required": [ + "EncryptionType" + ], + "type": "object" + }, + "AWS::Cassandra::Table.ProvisionedThroughput": { + "additionalProperties": false, + "properties": { + "ReadCapacityUnits": { + "markdownDescription": "The amount of read capacity that's provisioned for the table. For more information, see [Read/write capacity mode](https://docs.aws.amazon.com/keyspaces/latest/devguide/ReadWriteCapacityMode.html) in the *Amazon Keyspaces Developer Guide* .", + "title": "ReadCapacityUnits", + "type": "number" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "PublicKeyConfig": { - "$ref": "#/definitions/AWS::CloudFront::PublicKey.PublicKeyConfig", - "markdownDescription": "Configuration information about a public key that you can use with [signed URLs and signed cookies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) , or with [field-level encryption](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/field-level-encryption.html) .", - "title": "PublicKeyConfig" - } - }, - "required": [ - "PublicKeyConfig" - ], - "type": "object" + "WriteCapacityUnits": { + "markdownDescription": "The amount of write capacity that's provisioned for the table. For more information, see [Read/write capacity mode](https://docs.aws.amazon.com/keyspaces/latest/devguide/ReadWriteCapacityMode.html) in the *Amazon Keyspaces Developer Guide* .", + "title": "WriteCapacityUnits", + "type": "number" + } + }, + "required": [ + "ReadCapacityUnits", + "WriteCapacityUnits" + ], + "type": "object" + }, + "AWS::Cassandra::Table.ReplicaSpecification": { + "additionalProperties": false, + "properties": { + "ReadCapacityAutoScaling": { + "$ref": "#/definitions/AWS::Cassandra::Table.AutoScalingSetting", + "markdownDescription": "The read capacity auto scaling settings for the multi-Region table in the specified AWS Region.", + "title": "ReadCapacityAutoScaling" }, - "Type": { - "enum": [ - "AWS::CloudFront::PublicKey" - ], - "type": "string" + "ReadCapacityUnits": { + "markdownDescription": "The provisioned read capacity units for the multi-Region table in the specified AWS Region.", + "title": "ReadCapacityUnits", + "type": "number" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Region": { + "markdownDescription": "The AWS Region.", + "title": "Region", "type": "string" } }, "required": [ - "Type", - "Properties" + "Region" ], "type": "object" }, - "AWS::CloudFront::PublicKey.PublicKeyConfig": { + "AWS::Cassandra::Table.ScalingPolicy": { "additionalProperties": false, "properties": { - "CallerReference": { - "markdownDescription": "A string included in the request to help make sure that the request can't be replayed.", - "title": "CallerReference", - "type": "string" + "TargetTrackingScalingPolicyConfiguration": { + "$ref": "#/definitions/AWS::Cassandra::Table.TargetTrackingScalingPolicyConfiguration", + "markdownDescription": "The auto scaling policy that scales a table based on the ratio of consumed to provisioned capacity.", + "title": "TargetTrackingScalingPolicyConfiguration" + } + }, + "type": "object" + }, + "AWS::Cassandra::Table.TargetTrackingScalingPolicyConfiguration": { + "additionalProperties": false, + "properties": { + "DisableScaleIn": { + "markdownDescription": "Specifies if `scale-in` is enabled.\n\nWhen auto scaling automatically decreases capacity for a table, the table *scales in* . When scaling policies are set, they can't scale in the table lower than its minimum capacity.", + "title": "DisableScaleIn", + "type": "boolean" }, - "Comment": { - "markdownDescription": "A comment to describe the public key. The comment cannot be longer than 128 characters.", - "title": "Comment", - "type": "string" + "ScaleInCooldown": { + "markdownDescription": "Specifies a `scale-in` cool down period.\n\nA cooldown period in seconds between scaling activities that lets the table stabilize before another scaling activity starts.", + "title": "ScaleInCooldown", + "type": "number" }, - "EncodedKey": { - "markdownDescription": "The public key that you can use with [signed URLs and signed cookies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) , or with [field-level encryption](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/field-level-encryption.html) .", - "title": "EncodedKey", - "type": "string" + "ScaleOutCooldown": { + "markdownDescription": "Specifies a scale out cool down period.\n\nA cooldown period in seconds between scaling activities that lets the table stabilize before another scaling activity starts.", + "title": "ScaleOutCooldown", + "type": "number" }, - "Name": { - "markdownDescription": "A name to help identify the public key.", - "title": "Name", - "type": "string" + "TargetValue": { + "markdownDescription": "Specifies the target value for the target tracking auto scaling policy.\n\nAmazon Keyspaces auto scaling scales up capacity automatically when traffic exceeds this target utilization rate, and then back down when it falls below the target. This ensures that the ratio of consumed capacity to provisioned capacity stays at or near this value. You define `targetValue` as a percentage. An `integer` between 20 and 90.", + "title": "TargetValue", + "type": "number" } }, "required": [ - "CallerReference", - "EncodedKey", - "Name" + "TargetValue" ], "type": "object" }, - "AWS::CloudFront::RealtimeLogConfig": { + "AWS::Cassandra::Type": { "additionalProperties": false, "properties": { "Condition": { @@ -38170,44 +43400,35 @@ "Properties": { "additionalProperties": false, "properties": { - "EndPoints": { - "items": { - "$ref": "#/definitions/AWS::CloudFront::RealtimeLogConfig.EndPoint" - }, - "markdownDescription": "Contains information about the Amazon Kinesis data stream where you are sending real-time log data for this real-time log configuration.", - "title": "EndPoints", - "type": "array" - }, "Fields": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Cassandra::Type.Field" }, - "markdownDescription": "A list of fields that are included in each real-time log record. In an API response, the fields are provided in the same order in which they are sent to the Amazon Kinesis data stream.\n\nFor more information about fields, see [Real-time log configuration fields](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html#understand-real-time-log-config-fields) in the *Amazon CloudFront Developer Guide* .", + "markdownDescription": "A list of fields that define this type.", "title": "Fields", "type": "array" }, - "Name": { - "markdownDescription": "The unique name of this real-time log configuration.", - "title": "Name", + "KeyspaceName": { + "markdownDescription": "The name of the keyspace to create the type in. The keyspace must already exist.", + "title": "KeyspaceName", "type": "string" }, - "SamplingRate": { - "markdownDescription": "The sampling rate for this real-time log configuration. The sampling rate determines the percentage of viewer requests that are represented in the real-time log data. The sampling rate is an integer between 1 and 100, inclusive.", - "title": "SamplingRate", - "type": "number" + "TypeName": { + "markdownDescription": "The name of the user-defined type. UDT names must contain 48 characters or less, must begin with an alphabetic character, and can only contain alpha-numeric characters and underscores. Amazon Keyspaces converts upper case characters automatically into lower case characters. For more information, see [Create a user-defined type (UDT) in Amazon Keyspaces](https://docs.aws.amazon.com/keyspaces/latest/devguide/keyspaces-create-udt.html) in the *Amazon Keyspaces Developer Guide* .", + "title": "TypeName", + "type": "string" } }, "required": [ - "EndPoints", "Fields", - "Name", - "SamplingRate" + "KeyspaceName", + "TypeName" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFront::RealtimeLogConfig" + "AWS::Cassandra::Type" ], "type": "string" }, @@ -38226,47 +43447,27 @@ ], "type": "object" }, - "AWS::CloudFront::RealtimeLogConfig.EndPoint": { - "additionalProperties": false, - "properties": { - "KinesisStreamConfig": { - "$ref": "#/definitions/AWS::CloudFront::RealtimeLogConfig.KinesisStreamConfig", - "markdownDescription": "Contains information about the Amazon Kinesis data stream where you are sending real-time log data in a real-time log configuration.", - "title": "KinesisStreamConfig" - }, - "StreamType": { - "markdownDescription": "The type of data stream where you are sending real-time log data. The only valid value is `Kinesis` .", - "title": "StreamType", - "type": "string" - } - }, - "required": [ - "KinesisStreamConfig", - "StreamType" - ], - "type": "object" - }, - "AWS::CloudFront::RealtimeLogConfig.KinesisStreamConfig": { + "AWS::Cassandra::Type.Field": { "additionalProperties": false, "properties": { - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Identity and Access Management (IAM) role that CloudFront can use to send real-time log data to your Kinesis data stream.\n\nFor more information the IAM role, see [Real-time log configuration IAM role](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html#understand-real-time-log-config-iam-role) in the *Amazon CloudFront Developer Guide* .", - "title": "RoleArn", + "FieldName": { + "markdownDescription": "The name of the field.", + "title": "FieldName", "type": "string" }, - "StreamArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Kinesis data stream where you are sending real-time log data.", - "title": "StreamArn", + "FieldType": { + "markdownDescription": "The data type of the field. This can be any Cassandra data type or another user-defined type.", + "title": "FieldType", "type": "string" } }, "required": [ - "RoleArn", - "StreamArn" + "FieldName", + "FieldType" ], "type": "object" }, - "AWS::CloudFront::ResponseHeadersPolicy": { + "AWS::CertificateManager::Account": { "additionalProperties": false, "properties": { "Condition": { @@ -38301,20 +43502,20 @@ "Properties": { "additionalProperties": false, "properties": { - "ResponseHeadersPolicyConfig": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.ResponseHeadersPolicyConfig", - "markdownDescription": "A response headers policy configuration.", - "title": "ResponseHeadersPolicyConfig" + "ExpiryEventsConfiguration": { + "$ref": "#/definitions/AWS::CertificateManager::Account.ExpiryEventsConfiguration", + "markdownDescription": "Object containing expiration events options associated with an AWS account . For more information, see [ExpiryEventsConfiguration](https://docs.aws.amazon.com/acm/latest/APIReference/API_ExpiryEventsConfiguration.html) in the API reference.", + "title": "ExpiryEventsConfiguration" } }, "required": [ - "ResponseHeadersPolicyConfig" + "ExpiryEventsConfiguration" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFront::ResponseHeadersPolicy" + "AWS::CertificateManager::Account" ], "type": "string" }, @@ -38333,430 +43534,158 @@ ], "type": "object" }, - "AWS::CloudFront::ResponseHeadersPolicy.AccessControlAllowHeaders": { - "additionalProperties": false, - "properties": { - "Items": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of HTTP header names. You can specify `*` to allow all headers.", - "title": "Items", - "type": "array" - } - }, - "required": [ - "Items" - ], - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.AccessControlAllowMethods": { - "additionalProperties": false, - "properties": { - "Items": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of HTTP methods. Valid values are:\n\n- `GET`\n- `DELETE`\n- `HEAD`\n- `OPTIONS`\n- `PATCH`\n- `POST`\n- `PUT`\n- `ALL`\n\n`ALL` is a special value that includes all of the listed HTTP methods.", - "title": "Items", - "type": "array" - } - }, - "required": [ - "Items" - ], - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.AccessControlAllowOrigins": { - "additionalProperties": false, - "properties": { - "Items": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of origins (domain names). You can specify `*` to allow all origins.", - "title": "Items", - "type": "array" - } - }, - "required": [ - "Items" - ], - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.AccessControlExposeHeaders": { + "AWS::CertificateManager::Account.ExpiryEventsConfiguration": { "additionalProperties": false, "properties": { - "Items": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of HTTP headers. You can specify `*` to expose all headers.", - "title": "Items", - "type": "array" + "DaysBeforeExpiry": { + "markdownDescription": "This option specifies the number of days prior to certificate expiration when ACM starts generating `EventBridge` events. ACM sends one event per day per certificate until the certificate expires. By default, accounts receive events starting 45 days before certificate expiration.", + "title": "DaysBeforeExpiry", + "type": "number" } }, - "required": [ - "Items" - ], "type": "object" }, - "AWS::CloudFront::ResponseHeadersPolicy.ContentSecurityPolicy": { + "AWS::CertificateManager::Certificate": { "additionalProperties": false, "properties": { - "ContentSecurityPolicy": { - "markdownDescription": "The policy directives and their values that CloudFront includes as values for the `Content-Security-Policy` HTTP response header.", - "title": "ContentSecurityPolicy", + "Condition": { "type": "string" }, - "Override": { - "markdownDescription": "A Boolean that determines whether CloudFront overrides the `Content-Security-Policy` HTTP response header received from the origin with the one specified in this response headers policy.", - "title": "Override", - "type": "boolean" - } - }, - "required": [ - "ContentSecurityPolicy", - "Override" - ], - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.ContentTypeOptions": { - "additionalProperties": false, - "properties": { - "Override": { - "markdownDescription": "A Boolean that determines whether CloudFront overrides the `X-Content-Type-Options` HTTP response header received from the origin with the one specified in this response headers policy.", - "title": "Override", - "type": "boolean" - } - }, - "required": [ - "Override" - ], - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.CorsConfig": { - "additionalProperties": false, - "properties": { - "AccessControlAllowCredentials": { - "markdownDescription": "A Boolean that CloudFront uses as the value for the `Access-Control-Allow-Credentials` HTTP response header.\n\nFor more information about the `Access-Control-Allow-Credentials` HTTP response header, see [Access-Control-Allow-Credentials](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials) in the MDN Web Docs.", - "title": "AccessControlAllowCredentials", - "type": "boolean" - }, - "AccessControlAllowHeaders": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.AccessControlAllowHeaders", - "markdownDescription": "A list of HTTP header names that CloudFront includes as values for the `Access-Control-Allow-Headers` HTTP response header.\n\nFor more information about the `Access-Control-Allow-Headers` HTTP response header, see [Access-Control-Allow-Headers](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Headers) in the MDN Web Docs.", - "title": "AccessControlAllowHeaders" - }, - "AccessControlAllowMethods": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.AccessControlAllowMethods", - "markdownDescription": "A list of HTTP methods that CloudFront includes as values for the `Access-Control-Allow-Methods` HTTP response header.\n\nFor more information about the `Access-Control-Allow-Methods` HTTP response header, see [Access-Control-Allow-Methods](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Methods) in the MDN Web Docs.", - "title": "AccessControlAllowMethods" - }, - "AccessControlAllowOrigins": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.AccessControlAllowOrigins", - "markdownDescription": "A list of origins (domain names) that CloudFront can use as the value for the `Access-Control-Allow-Origin` HTTP response header.\n\nFor more information about the `Access-Control-Allow-Origin` HTTP response header, see [Access-Control-Allow-Origin](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin) in the MDN Web Docs.", - "title": "AccessControlAllowOrigins" - }, - "AccessControlExposeHeaders": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.AccessControlExposeHeaders", - "markdownDescription": "A list of HTTP headers that CloudFront includes as values for the `Access-Control-Expose-Headers` HTTP response header.\n\nFor more information about the `Access-Control-Expose-Headers` HTTP response header, see [Access-Control-Expose-Headers](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Expose-Headers) in the MDN Web Docs.", - "title": "AccessControlExposeHeaders" - }, - "AccessControlMaxAgeSec": { - "markdownDescription": "A number that CloudFront uses as the value for the `Access-Control-Max-Age` HTTP response header.\n\nFor more information about the `Access-Control-Max-Age` HTTP response header, see [Access-Control-Max-Age](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Max-Age) in the MDN Web Docs.", - "title": "AccessControlMaxAgeSec", - "type": "number" - }, - "OriginOverride": { - "markdownDescription": "A Boolean that determines whether CloudFront overrides HTTP response headers received from the origin with the ones specified in this response headers policy.", - "title": "OriginOverride", - "type": "boolean" - } - }, - "required": [ - "AccessControlAllowCredentials", - "AccessControlAllowHeaders", - "AccessControlAllowMethods", - "AccessControlAllowOrigins", - "OriginOverride" - ], - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.CustomHeader": { - "additionalProperties": false, - "properties": { - "Header": { - "markdownDescription": "The HTTP response header name.", - "title": "Header", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Override": { - "markdownDescription": "A Boolean that determines whether CloudFront overrides a response header with the same name received from the origin with the header specified here.", - "title": "Override", - "type": "boolean" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Value": { - "markdownDescription": "The value for the HTTP response header.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Header", - "Override", - "Value" - ], - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.CustomHeadersConfig": { - "additionalProperties": false, - "properties": { - "Items": { - "items": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.CustomHeader" - }, - "markdownDescription": "The list of HTTP response headers and their values.", - "title": "Items", - "type": "array" - } - }, - "required": [ - "Items" - ], - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.FrameOptions": { - "additionalProperties": false, - "properties": { - "FrameOption": { - "markdownDescription": "The value of the `X-Frame-Options` HTTP response header. Valid values are `DENY` and `SAMEORIGIN` .\n\nFor more information about these values, see [X-Frame-Options](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options) in the MDN Web Docs.", - "title": "FrameOption", - "type": "string" + "Metadata": { + "type": "object" }, - "Override": { - "markdownDescription": "A Boolean that determines whether CloudFront overrides the `X-Frame-Options` HTTP response header received from the origin with the one specified in this response headers policy.", - "title": "Override", - "type": "boolean" - } - }, - "required": [ - "FrameOption", - "Override" - ], - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.ReferrerPolicy": { - "additionalProperties": false, - "properties": { - "Override": { - "markdownDescription": "A Boolean that determines whether CloudFront overrides the `Referrer-Policy` HTTP response header received from the origin with the one specified in this response headers policy.", - "title": "Override", - "type": "boolean" + "Properties": { + "additionalProperties": false, + "properties": { + "CertificateAuthorityArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the private certificate authority (CA) that will be used to issue the certificate. If you do not provide an ARN and you are trying to request a private certificate, ACM will attempt to issue a public certificate. For more information about private CAs, see the [AWS Private Certificate Authority](https://docs.aws.amazon.com/privateca/latest/userguide/PcaWelcome.html) user guide. The ARN must have the following form:\n\n`arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012`", + "title": "CertificateAuthorityArn", + "type": "string" + }, + "CertificateExport": { + "markdownDescription": "You can opt out of allowing export of your certificate by specifying the `DISABLED` option. Allow export of your certificate by specifying the `ENABLED` option.\n\nIf you do not specify an export preference in a new CloudFormation template, it is the same as explicitly denying export of your certificate.", + "title": "CertificateExport", + "type": "string" + }, + "CertificateTransparencyLoggingPreference": { + "markdownDescription": "You can opt out of certificate transparency logging by specifying the `DISABLED` option. Opt in by specifying `ENABLED` .\n\nIf you do not specify a certificate transparency logging preference on a new CloudFormation template, or if you remove the logging preference from an existing template, this is the same as explicitly enabling the preference.\n\nChanging the certificate transparency logging preference will update the existing resource by calling `UpdateCertificateOptions` on the certificate. This action will not create a new resource.", + "title": "CertificateTransparencyLoggingPreference", + "type": "string" + }, + "DomainName": { + "markdownDescription": "The fully qualified domain name (FQDN), such as www.example.com, with which you want to secure an ACM certificate. Use an asterisk (*) to create a wildcard certificate that protects several sites in the same domain. For example, `*.example.com` protects `www.example.com` , `site.example.com` , and `images.example.com.`", + "title": "DomainName", + "type": "string" + }, + "DomainValidationOptions": { + "items": { + "$ref": "#/definitions/AWS::CertificateManager::Certificate.DomainValidationOption" + }, + "markdownDescription": "Domain information that domain name registrars use to verify your identity.\n\n> In order for a AWS::CertificateManager::Certificate to be provisioned and validated in CloudFormation automatically, the `DomainName` property needs to be identical to one of the `DomainName` property supplied in DomainValidationOptions, if the ValidationMethod is **DNS**. Failing to keep them like-for-like will result in failure to create the domain validation records in Route53.", + "title": "DomainValidationOptions", + "type": "array" + }, + "KeyAlgorithm": { + "markdownDescription": "Specifies the algorithm of the public and private key pair that your certificate uses to encrypt data. RSA is the default key algorithm for ACM certificates. Elliptic Curve Digital Signature Algorithm (ECDSA) keys are smaller, offering security comparable to RSA keys but with greater computing efficiency. However, ECDSA is not supported by all network clients. Some AWS services may require RSA keys, or only support ECDSA keys of a particular size, while others allow the use of either RSA and ECDSA keys to ensure that compatibility is not broken. Check the requirements for the AWS service where you plan to deploy your certificate. For more information about selecting an algorithm, see [Key algorithms](https://docs.aws.amazon.com/acm/latest/userguide/acm-certificate-characteristics.html#algorithms-term) .\n\n> Algorithms supported for an ACM certificate request include:\n> \n> - `RSA_2048`\n> - `EC_prime256v1`\n> - `EC_secp384r1`\n> \n> Other listed algorithms are for imported certificates only. > When you request a private PKI certificate signed by a CA from AWS Private CA, the specified signing algorithm family (RSA or ECDSA) must match the algorithm family of the CA's secret key. \n\nDefault: RSA_2048", + "title": "KeyAlgorithm", + "type": "string" + }, + "SubjectAlternativeNames": { + "items": { + "type": "string" + }, + "markdownDescription": "Additional FQDNs to be included in the Subject Alternative Name extension of the ACM certificate. For example, you can add www.example.net to a certificate for which the `DomainName` field is www.example.com if users can reach your site by using either name.", + "title": "SubjectAlternativeNames", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Key-value pairs that can identify the certificate.", + "title": "Tags", + "type": "array" + }, + "ValidationMethod": { + "markdownDescription": "The method you want to use to validate that you own or control the domain associated with a public certificate. You can [validate with DNS](https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-dns.html) or [validate with email](https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-email.html) . We recommend that you use DNS validation.\n\nIf not specified, this property defaults to email validation.", + "title": "ValidationMethod", + "type": "string" + } + }, + "required": [ + "DomainName" + ], + "type": "object" }, - "ReferrerPolicy": { - "markdownDescription": "The value of the `Referrer-Policy` HTTP response header. Valid values are:\n\n- `no-referrer`\n- `no-referrer-when-downgrade`\n- `origin`\n- `origin-when-cross-origin`\n- `same-origin`\n- `strict-origin`\n- `strict-origin-when-cross-origin`\n- `unsafe-url`\n\nFor more information about these values, see [Referrer-Policy](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy) in the MDN Web Docs.", - "title": "ReferrerPolicy", + "Type": { + "enum": [ + "AWS::CertificateManager::Certificate" + ], "type": "string" - } - }, - "required": [ - "Override", - "ReferrerPolicy" - ], - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.RemoveHeader": { - "additionalProperties": false, - "properties": { - "Header": { - "markdownDescription": "The HTTP header name.", - "title": "Header", + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Header" - ], - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.RemoveHeadersConfig": { - "additionalProperties": false, - "properties": { - "Items": { - "items": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.RemoveHeader" - }, - "markdownDescription": "The list of HTTP header names.", - "title": "Items", - "type": "array" - } - }, - "required": [ - "Items" + "Type", + "Properties" ], "type": "object" }, - "AWS::CloudFront::ResponseHeadersPolicy.ResponseHeadersPolicyConfig": { + "AWS::CertificateManager::Certificate.DomainValidationOption": { "additionalProperties": false, "properties": { - "Comment": { - "markdownDescription": "A comment to describe the response headers policy.\n\nThe comment cannot be longer than 128 characters.", - "title": "Comment", + "DomainName": { + "markdownDescription": "A fully qualified domain name (FQDN) in the certificate request.", + "title": "DomainName", "type": "string" }, - "CorsConfig": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.CorsConfig", - "markdownDescription": "A configuration for a set of HTTP response headers that are used for cross-origin resource sharing (CORS).", - "title": "CorsConfig" - }, - "CustomHeadersConfig": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.CustomHeadersConfig", - "markdownDescription": "A configuration for a set of custom HTTP response headers.", - "title": "CustomHeadersConfig" - }, - "Name": { - "markdownDescription": "A name to identify the response headers policy.\n\nThe name must be unique for response headers policies in this AWS account .", - "title": "Name", + "HostedZoneId": { + "markdownDescription": "The `HostedZoneId` option, which is available if you are using Route 53 as your domain registrar, causes ACM to add your CNAME to the domain record. Your list of `DomainValidationOptions` must contain one and only one of the domain-validation options, and the `HostedZoneId` can be used only when `DNS` is specified as your validation method.\n\nUse the Route 53 `ListHostedZones` API to discover IDs for available hosted zones.\n\nThis option is required for publicly trusted certificates.\n\n> The `ListHostedZones` API returns IDs in the format \"/hostedzone/Z111111QQQQQQQ\", but CloudFormation requires the IDs to be in the format \"Z111111QQQQQQQ\". \n\nWhen you change your `DomainValidationOptions` , a new resource is created.", + "title": "HostedZoneId", "type": "string" }, - "RemoveHeadersConfig": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.RemoveHeadersConfig", - "markdownDescription": "A configuration for a set of HTTP headers to remove from the HTTP response.", - "title": "RemoveHeadersConfig" - }, - "SecurityHeadersConfig": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.SecurityHeadersConfig", - "markdownDescription": "A configuration for a set of security-related HTTP response headers.", - "title": "SecurityHeadersConfig" - }, - "ServerTimingHeadersConfig": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.ServerTimingHeadersConfig", - "markdownDescription": "A configuration for enabling the `Server-Timing` header in HTTP responses sent from CloudFront.", - "title": "ServerTimingHeadersConfig" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.SecurityHeadersConfig": { - "additionalProperties": false, - "properties": { - "ContentSecurityPolicy": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.ContentSecurityPolicy", - "markdownDescription": "The policy directives and their values that CloudFront includes as values for the `Content-Security-Policy` HTTP response header.\n\nFor more information about the `Content-Security-Policy` HTTP response header, see [Content-Security-Policy](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy) in the MDN Web Docs.", - "title": "ContentSecurityPolicy" - }, - "ContentTypeOptions": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.ContentTypeOptions", - "markdownDescription": "Determines whether CloudFront includes the `X-Content-Type-Options` HTTP response header with its value set to `nosniff` .\n\nFor more information about the `X-Content-Type-Options` HTTP response header, see [X-Content-Type-Options](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options) in the MDN Web Docs.", - "title": "ContentTypeOptions" - }, - "FrameOptions": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.FrameOptions", - "markdownDescription": "Determines whether CloudFront includes the `X-Frame-Options` HTTP response header and the header's value.\n\nFor more information about the `X-Frame-Options` HTTP response header, see [X-Frame-Options](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options) in the MDN Web Docs.", - "title": "FrameOptions" - }, - "ReferrerPolicy": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.ReferrerPolicy", - "markdownDescription": "Determines whether CloudFront includes the `Referrer-Policy` HTTP response header and the header's value.\n\nFor more information about the `Referrer-Policy` HTTP response header, see [Referrer-Policy](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy) in the MDN Web Docs.", - "title": "ReferrerPolicy" - }, - "StrictTransportSecurity": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.StrictTransportSecurity", - "markdownDescription": "Determines whether CloudFront includes the `Strict-Transport-Security` HTTP response header and the header's value.\n\nFor more information about the `Strict-Transport-Security` HTTP response header, see [Security headers](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/understanding-response-headers-policies.html#understanding-response-headers-policies-security) in the *Amazon CloudFront Developer Guide* and [Strict-Transport-Security](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security) in the MDN Web Docs.", - "title": "StrictTransportSecurity" - }, - "XSSProtection": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.XSSProtection", - "markdownDescription": "Determines whether CloudFront includes the `X-XSS-Protection` HTTP response header and the header's value.\n\nFor more information about the `X-XSS-Protection` HTTP response header, see [X-XSS-Protection](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection) in the MDN Web Docs.", - "title": "XSSProtection" - } - }, - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.ServerTimingHeadersConfig": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "A Boolean that determines whether CloudFront adds the `Server-Timing` header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.", - "title": "Enabled", - "type": "boolean" - }, - "SamplingRate": { - "markdownDescription": "A number 0\u2013100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the `Server-Timing` header to. When you set the sampling rate to 100, CloudFront adds the `Server-Timing` header to the HTTP response for every request that matches the cache behavior that this response headers policy is attached to. When you set it to 50, CloudFront adds the header to 50% of the responses for requests that match the cache behavior. You can set the sampling rate to any number 0\u2013100 with up to four decimal places.", - "title": "SamplingRate", - "type": "number" - } - }, - "required": [ - "Enabled" - ], - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.StrictTransportSecurity": { - "additionalProperties": false, - "properties": { - "AccessControlMaxAgeSec": { - "markdownDescription": "A number that CloudFront uses as the value for the `max-age` directive in the `Strict-Transport-Security` HTTP response header.", - "title": "AccessControlMaxAgeSec", - "type": "number" - }, - "IncludeSubdomains": { - "markdownDescription": "A Boolean that determines whether CloudFront includes the `includeSubDomains` directive in the `Strict-Transport-Security` HTTP response header.", - "title": "IncludeSubdomains", - "type": "boolean" - }, - "Override": { - "markdownDescription": "A Boolean that determines whether CloudFront overrides the `Strict-Transport-Security` HTTP response header received from the origin with the one specified in this response headers policy.", - "title": "Override", - "type": "boolean" - }, - "Preload": { - "markdownDescription": "A Boolean that determines whether CloudFront includes the `preload` directive in the `Strict-Transport-Security` HTTP response header.", - "title": "Preload", - "type": "boolean" - } - }, - "required": [ - "AccessControlMaxAgeSec", - "Override" - ], - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.XSSProtection": { - "additionalProperties": false, - "properties": { - "ModeBlock": { - "markdownDescription": "A Boolean that determines whether CloudFront includes the `mode=block` directive in the `X-XSS-Protection` header.\n\nFor more information about this directive, see [X-XSS-Protection](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection) in the MDN Web Docs.", - "title": "ModeBlock", - "type": "boolean" - }, - "Override": { - "markdownDescription": "A Boolean that determines whether CloudFront overrides the `X-XSS-Protection` HTTP response header received from the origin with the one specified in this response headers policy.", - "title": "Override", - "type": "boolean" - }, - "Protection": { - "markdownDescription": "A Boolean that determines the value of the `X-XSS-Protection` HTTP response header. When this setting is `true` , the value of the `X-XSS-Protection` header is `1` . When this setting is `false` , the value of the `X-XSS-Protection` header is `0` .\n\nFor more information about these settings, see [X-XSS-Protection](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection) in the MDN Web Docs.", - "title": "Protection", - "type": "boolean" - }, - "ReportUri": { - "markdownDescription": "A reporting URI, which CloudFront uses as the value of the `report` directive in the `X-XSS-Protection` header.\n\nYou cannot specify a `ReportUri` when `ModeBlock` is `true` .\n\nFor more information about using a reporting URL, see [X-XSS-Protection](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection) in the MDN Web Docs.", - "title": "ReportUri", + "ValidationDomain": { + "markdownDescription": "The domain name to which you want ACM to send validation emails. This domain name is the suffix of the email addresses that you want ACM to use. This must be the same as the `DomainName` value or a superdomain of the `DomainName` value. For example, if you request a certificate for `testing.example.com` , you can specify `example.com` as this value. In that case, ACM sends domain validation emails to the following five addresses:\n\n- admin@example.com\n- administrator@example.com\n- hostmaster@example.com\n- postmaster@example.com\n- webmaster@example.com", + "title": "ValidationDomain", "type": "string" } }, "required": [ - "Override", - "Protection" + "DomainName" ], "type": "object" }, - "AWS::CloudFront::StreamingDistribution": { + "AWS::Chatbot::CustomAction": { "additionalProperties": false, "properties": { "Condition": { @@ -38791,29 +43720,47 @@ "Properties": { "additionalProperties": false, "properties": { - "StreamingDistributionConfig": { - "$ref": "#/definitions/AWS::CloudFront::StreamingDistribution.StreamingDistributionConfig", - "markdownDescription": "The current configuration information for the RTMP distribution.", - "title": "StreamingDistributionConfig" + "ActionName": { + "markdownDescription": "The name of the custom action. This name is included in the Amazon Resource Name (ARN).", + "title": "ActionName", + "type": "string" + }, + "AliasName": { + "markdownDescription": "The name used to invoke this action in a chat channel. For example, `@Amazon Q run my-alias` .", + "title": "AliasName", + "type": "string" + }, + "Attachments": { + "items": { + "$ref": "#/definitions/AWS::Chatbot::CustomAction.CustomActionAttachment" + }, + "markdownDescription": "Defines when this custom action button should be attached to a notification.", + "title": "Attachments", + "type": "array" + }, + "Definition": { + "$ref": "#/definitions/AWS::Chatbot::CustomAction.CustomActionDefinition", + "markdownDescription": "The definition of the command to run when invoked as an alias or as an action button.", + "title": "Definition" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A complex type that contains zero or more `Tag` elements.", + "markdownDescription": "The tags to add to the configuration.", "title": "Tags", "type": "array" } }, "required": [ - "StreamingDistributionConfig", - "Tags" + "ActionName", + "Definition" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFront::StreamingDistribution" + "AWS::Chatbot::CustomAction" ], "type": "string" }, @@ -38832,125 +43779,81 @@ ], "type": "object" }, - "AWS::CloudFront::StreamingDistribution.Logging": { + "AWS::Chatbot::CustomAction.CustomActionAttachment": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The Amazon S3 bucket to store the access logs in, for example, `amzn-s3-demo-bucket.s3.amazonaws.com` .", - "title": "Bucket", + "ButtonText": { + "markdownDescription": "The text of the button that appears on the notification.", + "title": "ButtonText", "type": "string" }, - "Enabled": { - "markdownDescription": "Specifies whether you want CloudFront to save access logs to an Amazon S3 bucket. If you don't want to enable logging when you create a streaming distribution or if you want to disable logging for an existing streaming distribution, specify `false` for `Enabled` , and specify `empty Bucket` and `Prefix` elements. If you specify `false` for `Enabled` but you specify values for `Bucket` and `Prefix` , the values are automatically deleted.", - "title": "Enabled", - "type": "boolean" + "Criteria": { + "items": { + "$ref": "#/definitions/AWS::Chatbot::CustomAction.CustomActionAttachmentCriteria" + }, + "markdownDescription": "The criteria for when a button should be shown based on values in the notification.", + "title": "Criteria", + "type": "array" }, - "Prefix": { - "markdownDescription": "An optional string that you want CloudFront to prefix to the access log filenames for this streaming distribution, for example, `myprefix/` . If you want to enable logging, but you don't want to specify a prefix, you still must include an empty `Prefix` element in the `Logging` element.", - "title": "Prefix", - "type": "string" - } - }, - "required": [ - "Bucket", - "Enabled", - "Prefix" - ], - "type": "object" - }, - "AWS::CloudFront::StreamingDistribution.S3Origin": { - "additionalProperties": false, - "properties": { - "DomainName": { - "markdownDescription": "The DNS name of the Amazon S3 origin.", - "title": "DomainName", + "NotificationType": { + "markdownDescription": "The type of notification that the custom action should be attached to.", + "title": "NotificationType", "type": "string" }, - "OriginAccessIdentity": { - "markdownDescription": "The CloudFront origin access identity to associate with the distribution. Use an origin access identity to configure the distribution so that end users can only access objects in an Amazon S3 bucket through CloudFront.\n\nIf you want end users to be able to access objects using either the CloudFront URL or the Amazon S3 URL, specify an empty `OriginAccessIdentity` element.\n\nTo delete the origin access identity from an existing distribution, update the distribution configuration and include an empty `OriginAccessIdentity` element.\n\nTo replace the origin access identity, update the distribution configuration and specify the new origin access identity.\n\nFor more information, see [Using an Origin Access Identity to Restrict Access to Your Amazon S3 Content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html) in the *Amazon CloudFront Developer Guide* .", - "title": "OriginAccessIdentity", - "type": "string" + "Variables": { + "additionalProperties": true, + "markdownDescription": "The variables to extract from the notification.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Variables", + "type": "object" } }, - "required": [ - "DomainName", - "OriginAccessIdentity" - ], "type": "object" }, - "AWS::CloudFront::StreamingDistribution.StreamingDistributionConfig": { + "AWS::Chatbot::CustomAction.CustomActionAttachmentCriteria": { "additionalProperties": false, "properties": { - "Aliases": { - "items": { - "type": "string" - }, - "markdownDescription": "A complex type that contains information about CNAMEs (alternate domain names), if any, for this streaming distribution.", - "title": "Aliases", - "type": "array" - }, - "Comment": { - "markdownDescription": "Any comments you want to include about the streaming distribution.", - "title": "Comment", + "Operator": { + "markdownDescription": "The operation to perform on the named variable.", + "title": "Operator", "type": "string" }, - "Enabled": { - "markdownDescription": "Whether the streaming distribution is enabled to accept user requests for content.", - "title": "Enabled", - "type": "boolean" - }, - "Logging": { - "$ref": "#/definitions/AWS::CloudFront::StreamingDistribution.Logging", - "markdownDescription": "A complex type that controls whether access logs are written for the streaming distribution.", - "title": "Logging" - }, - "PriceClass": { - "markdownDescription": "A complex type that contains information about price class for this streaming distribution.", - "title": "PriceClass", + "Value": { + "markdownDescription": "A value that is compared with the actual value of the variable based on the behavior of the operator.", + "title": "Value", "type": "string" }, - "S3Origin": { - "$ref": "#/definitions/AWS::CloudFront::StreamingDistribution.S3Origin", - "markdownDescription": "A complex type that contains information about the Amazon S3 bucket from which you want CloudFront to get your media files for distribution.", - "title": "S3Origin" - }, - "TrustedSigners": { - "$ref": "#/definitions/AWS::CloudFront::StreamingDistribution.TrustedSigners", - "markdownDescription": "A complex type that specifies any AWS accounts that you want to permit to create signed URLs for private content. If you want the distribution to use signed URLs, include this element; if you want the distribution to use public URLs, remove this element. For more information, see [Serving Private Content through CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", - "title": "TrustedSigners" + "VariableName": { + "markdownDescription": "The name of the variable to operate on.", + "title": "VariableName", + "type": "string" } }, "required": [ - "Comment", - "Enabled", - "S3Origin", - "TrustedSigners" + "Operator", + "VariableName" ], "type": "object" }, - "AWS::CloudFront::StreamingDistribution.TrustedSigners": { + "AWS::Chatbot::CustomAction.CustomActionDefinition": { "additionalProperties": false, "properties": { - "AwsAccountNumbers": { - "items": { - "type": "string" - }, - "markdownDescription": "An AWS account number that contains active CloudFront key pairs that CloudFront can use to verify the signatures of signed URLs and signed cookies. If the AWS account that owns the key pairs is the same account that owns the CloudFront distribution, the value of this field is `self` .", - "title": "AwsAccountNumbers", - "type": "array" - }, - "Enabled": { - "markdownDescription": "This field is `true` if any of the AWS accounts in the list are configured as trusted signers. If not, this field is `false` .", - "title": "Enabled", - "type": "boolean" + "CommandText": { + "markdownDescription": "The command string to run which may include variables by prefixing with a dollar sign ($).", + "title": "CommandText", + "type": "string" } }, "required": [ - "Enabled" + "CommandText" ], "type": "object" }, - "AWS::CloudTrail::Channel": { + "AWS::Chatbot::MicrosoftTeamsChannelConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -38985,38 +43888,91 @@ "Properties": { "additionalProperties": false, "properties": { - "Destinations": { + "ConfigurationName": { + "markdownDescription": "The name of the configuration.", + "title": "ConfigurationName", + "type": "string" + }, + "CustomizationResourceArns": { "items": { - "$ref": "#/definitions/AWS::CloudTrail::Channel.Destination" + "type": "string" }, - "markdownDescription": "One or more event data stores to which events arriving through a channel will be logged.", - "title": "Destinations", + "markdownDescription": "Links a list of resource ARNs (for example, custom action ARNs) to a Microsoft Teams channel configuration for .", + "title": "CustomizationResourceArns", "type": "array" }, - "Name": { - "markdownDescription": "The name of the channel.", - "title": "Name", + "GuardrailPolicies": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of IAM policy ARNs that are applied as channel guardrails. The AWS managed 'AdministratorAccess' policy is applied as a default if this is not set.", + "title": "GuardrailPolicies", + "type": "array" + }, + "IamRoleArn": { + "markdownDescription": "The ARN of the IAM role that defines the permissions for .\n\nThis is a user-defined role that will assume. This is not the service-linked role. For more information, see [IAM Policies for in chat applications](https://docs.aws.amazon.com/chatbot/latest/adminguide/chatbot-iam-policies.html) .", + "title": "IamRoleArn", "type": "string" }, - "Source": { - "markdownDescription": "The name of the partner or external event source. You cannot change this name after you create the channel. A maximum of one channel is allowed per source.\n\nA source can be either `Custom` for all valid non- AWS events, or the name of a partner event source. For information about the source names for available partners, see [Additional information about integration partners](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-event-data-store-integration.html#cloudtrail-lake-partner-information) in the CloudTrail User Guide.", - "title": "Source", + "LoggingLevel": { + "markdownDescription": "Specifies the logging level for this configuration. This property affects the log entries pushed to Amazon CloudWatch Logs.\n\nLogging levels include `ERROR` , `INFO` , or `NONE` .", + "title": "LoggingLevel", "type": "string" }, + "SnsTopicArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The ARNs of the SNS topics that deliver notifications to .", + "title": "SnsTopicArns", + "type": "array" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tags.", + "markdownDescription": "The tags to add to the configuration.", "title": "Tags", "type": "array" + }, + "TeamId": { + "markdownDescription": "The ID of the Microsoft Team authorized with .\n\nTo get the team ID, you must perform the initial authorization flow with Microsoft Teams in the in chat applications console. Then you can copy and paste the team ID from the console. For more details, see steps 1-3 in [Tutorial: Get started with Microsoft Teams](https://docs.aws.amazon.com/chatbot/latest/adminguide/teams-setup.html) in the *in chat applications Administrator Guide* .", + "title": "TeamId", + "type": "string" + }, + "TeamsChannelId": { + "markdownDescription": "The ID of the Microsoft Teams channel.\n\nTo get the channel ID, open Microsoft Teams, right click on the channel name in the left pane, then choose *Copy* . An example of the channel ID syntax is: `19%3ab6ef35dc342d56ba5654e6fc6d25a071%40thread.tacv2` .", + "title": "TeamsChannelId", + "type": "string" + }, + "TeamsChannelName": { + "markdownDescription": "", + "title": "TeamsChannelName", + "type": "string" + }, + "TeamsTenantId": { + "markdownDescription": "The ID of the Microsoft Teams tenant.\n\nTo get the tenant ID, you must perform the initial authorization flow with Microsoft Teams in the in chat applications console. Then you can copy and paste the tenant ID from the console. For more details, see steps 1-3 in [Tutorial: Get started with Microsoft Teams](https://docs.aws.amazon.com/chatbot/latest/adminguide/teams-setup.html) in the *in chat applications Administrator Guide* .", + "title": "TeamsTenantId", + "type": "string" + }, + "UserRoleRequired": { + "markdownDescription": "Enables use of a user role requirement in your chat configuration.", + "title": "UserRoleRequired", + "type": "boolean" } }, + "required": [ + "ConfigurationName", + "IamRoleArn", + "TeamId", + "TeamsChannelId", + "TeamsTenantId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudTrail::Channel" + "AWS::Chatbot::MicrosoftTeamsChannelConfiguration" ], "type": "string" }, @@ -39030,31 +43986,12 @@ } }, "required": [ - "Type" - ], - "type": "object" - }, - "AWS::CloudTrail::Channel.Destination": { - "additionalProperties": false, - "properties": { - "Location": { - "markdownDescription": "For channels used for a CloudTrail Lake integration, the location is the ARN of an event data store that receives events from a channel. For service-linked channels, the location is the name of the AWS service.", - "title": "Location", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of destination for events arriving from a channel. For channels used for a CloudTrail Lake integration, the value is `EVENT_DATA_STORE` . For service-linked channels, the value is `AWS_SERVICE` .", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Location", - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::CloudTrail::EventDataStore": { + "AWS::Chatbot::SlackChannelConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -39089,258 +44026,80 @@ "Properties": { "additionalProperties": false, "properties": { - "AdvancedEventSelectors": { + "ConfigurationName": { + "markdownDescription": "The name of the configuration.", + "title": "ConfigurationName", + "type": "string" + }, + "CustomizationResourceArns": { "items": { - "$ref": "#/definitions/AWS::CloudTrail::EventDataStore.AdvancedEventSelector" + "type": "string" }, - "markdownDescription": "The advanced event selectors to use to select the events for the data store. You can configure up to five advanced event selectors for each event data store.\n\nFor more information about how to use advanced event selectors to log CloudTrail events, see [Log events by using advanced event selectors](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#creating-data-event-selectors-advanced) in the CloudTrail User Guide.\n\nFor more information about how to use advanced event selectors to include AWS Config configuration items in your event data store, see [Create an event data store for AWS Config configuration items](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/lake-eds-cli.html#lake-cli-create-eds-config) in the CloudTrail User Guide.\n\nFor more information about how to use advanced event selectors to include events outside of AWS events in your event data store, see [Create an integration to log events from outside AWS](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/lake-integrations-cli.html#lake-cli-create-integration) in the CloudTrail User Guide.", - "title": "AdvancedEventSelectors", + "markdownDescription": "Links a list of resource ARNs (for example, custom action ARNs) to a Slack channel configuration for .", + "title": "CustomizationResourceArns", "type": "array" }, - "BillingMode": { - "markdownDescription": "The billing mode for the event data store determines the cost for ingesting events and the default and maximum retention period for the event data store.\n\nThe following are the possible values:\n\n- `EXTENDABLE_RETENTION_PRICING` - This billing mode is generally recommended if you want a flexible retention period of up to 3653 days (about 10 years). The default retention period for this billing mode is 366 days.\n- `FIXED_RETENTION_PRICING` - This billing mode is recommended if you expect to ingest more than 25 TB of event data per month and need a retention period of up to 2557 days (about 7 years). The default retention period for this billing mode is 2557 days.\n\nThe default value is `EXTENDABLE_RETENTION_PRICING` .\n\nFor more information about CloudTrail pricing, see [AWS CloudTrail Pricing](https://docs.aws.amazon.com/cloudtrail/pricing/) and [Managing CloudTrail Lake costs](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-lake-manage-costs.html) .", - "title": "BillingMode", - "type": "string" - }, - "FederationEnabled": { - "markdownDescription": "Indicates if [Lake query federation](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-federation.html) is enabled. By default, Lake query federation is disabled. You cannot delete an event data store if Lake query federation is enabled.", - "title": "FederationEnabled", - "type": "boolean" - }, - "FederationRoleArn": { - "markdownDescription": "If Lake query federation is enabled, provides the ARN of the federation role used to access the resources for the federated event data store.\n\nThe federation role must exist in your account and provide the [required minimum permissions](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-federation.html#query-federation-permissions-role) .", - "title": "FederationRoleArn", - "type": "string" - }, - "IngestionEnabled": { - "markdownDescription": "Specifies whether the event data store should start ingesting live events. The default is true.", - "title": "IngestionEnabled", - "type": "boolean" - }, - "InsightSelectors": { + "GuardrailPolicies": { "items": { - "$ref": "#/definitions/AWS::CloudTrail::EventDataStore.InsightSelector" + "type": "string" }, - "markdownDescription": "A JSON string that contains the Insights types you want to log on an event data store. `ApiCallRateInsight` and `ApiErrorRateInsight` are valid Insight types.\n\nThe `ApiCallRateInsight` Insights type analyzes write-only management API calls that are aggregated per minute against a baseline API call volume.\n\nThe `ApiErrorRateInsight` Insights type analyzes management API calls that result in error codes. The error is shown if the API call is unsuccessful.", - "title": "InsightSelectors", + "markdownDescription": "The list of IAM policy ARNs that are applied as channel guardrails. The AWS managed 'AdministratorAccess' policy is applied as a default if this is not set.", + "title": "GuardrailPolicies", "type": "array" }, - "InsightsDestination": { - "markdownDescription": "The ARN (or ID suffix of the ARN) of the destination event data store that logs Insights events. For more information, see [Create an event data store for CloudTrail Insights events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-event-data-store-insights.html) .", - "title": "InsightsDestination", + "IamRoleArn": { + "markdownDescription": "The ARN of the IAM role that defines the permissions for .\n\nThis is a user-defined role that will assume. This is not the service-linked role. For more information, see [IAM Policies for in chat applications](https://docs.aws.amazon.com/chatbot/latest/adminguide/chatbot-iam-policies.html) .", + "title": "IamRoleArn", "type": "string" }, - "KmsKeyId": { - "markdownDescription": "Specifies the AWS KMS key ID to use to encrypt the events delivered by CloudTrail. The value can be an alias name prefixed by `alias/` , a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.\n\n> Disabling or deleting the KMS key, or removing CloudTrail permissions on the key, prevents CloudTrail from logging events to the event data store, and prevents users from querying the data in the event data store that was encrypted with the key. After you associate an event data store with a KMS key, the KMS key cannot be removed or changed. Before you disable or delete a KMS key that you are using with an event data store, delete or back up your event data store. \n\nCloudTrail also supports AWS KMS multi-Region keys. For more information about multi-Region keys, see [Using multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the *AWS Key Management Service Developer Guide* .\n\nExamples:\n\n- `alias/MyAliasName`\n- `arn:aws:kms:us-east-2:123456789012:alias/MyAliasName`\n- `arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012`\n- `12345678-1234-1234-1234-123456789012`", - "title": "KmsKeyId", + "LoggingLevel": { + "markdownDescription": "Specifies the logging level for this configuration. This property affects the log entries pushed to Amazon CloudWatch Logs.\n\nLogging levels include `ERROR` , `INFO` , or `NONE` .", + "title": "LoggingLevel", "type": "string" }, - "MultiRegionEnabled": { - "markdownDescription": "Specifies whether the event data store includes events from all Regions, or only from the Region in which the event data store is created.", - "title": "MultiRegionEnabled", - "type": "boolean" - }, - "Name": { - "markdownDescription": "The name of the event data store.", - "title": "Name", + "SlackChannelId": { + "markdownDescription": "The ID of the Slack channel.\n\nTo get the ID, open Slack, right click on the channel name in the left pane, then choose Copy Link. The channel ID is the character string at the end of the URL. For example, `ABCBBLZZZ` .", + "title": "SlackChannelId", "type": "string" }, - "OrganizationEnabled": { - "markdownDescription": "Specifies whether an event data store collects events logged for an organization in AWS Organizations .", - "title": "OrganizationEnabled", - "type": "boolean" + "SlackWorkspaceId": { + "markdownDescription": "The ID of the Slack workspace authorized with .\n\nTo get the workspace ID, you must perform the initial authorization flow with Slack in the in chat applications console. Then you can copy and paste the workspace ID from the console. For more details, see steps 1-3 in [Tutorial: Get started with Slack](https://docs.aws.amazon.com/chatbot/latest/adminguide/slack-setup.html#slack-client-setup) in the *in chat applications User Guide* .", + "title": "SlackWorkspaceId", + "type": "string" }, - "RetentionPeriod": { - "markdownDescription": "The retention period of the event data store, in days. If `BillingMode` is set to `EXTENDABLE_RETENTION_PRICING` , you can set a retention period of up to 3653 days, the equivalent of 10 years. If `BillingMode` is set to `FIXED_RETENTION_PRICING` , you can set a retention period of up to 2557 days, the equivalent of seven years.\n\nCloudTrail Lake determines whether to retain an event by checking if the `eventTime` of the event is within the specified retention period. For example, if you set a retention period of 90 days, CloudTrail will remove events when the `eventTime` is older than 90 days.\n\n> If you plan to copy trail events to this event data store, we recommend that you consider both the age of the events that you want to copy as well as how long you want to keep the copied events in your event data store. For example, if you copy trail events that are 5 years old and specify a retention period of 7 years, the event data store will retain those events for two years.", - "title": "RetentionPeriod", - "type": "number" + "SnsTopicArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The ARNs of the SNS topics that deliver notifications to .", + "title": "SnsTopicArns", + "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tags.", + "markdownDescription": "The tags to add to the configuration.", "title": "Tags", "type": "array" }, - "TerminationProtectionEnabled": { - "markdownDescription": "Specifies whether termination protection is enabled for the event data store. If termination protection is enabled, you cannot delete the event data store until termination protection is disabled.", - "title": "TerminationProtectionEnabled", + "UserRoleRequired": { + "markdownDescription": "Enables use of a user role requirement in your chat configuration.", + "title": "UserRoleRequired", "type": "boolean" } }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::CloudTrail::EventDataStore" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::CloudTrail::EventDataStore.AdvancedEventSelector": { - "additionalProperties": false, - "properties": { - "FieldSelectors": { - "items": { - "$ref": "#/definitions/AWS::CloudTrail::EventDataStore.AdvancedFieldSelector" - }, - "markdownDescription": "Contains all selector statements in an advanced event selector.", - "title": "FieldSelectors", - "type": "array" - }, - "Name": { - "markdownDescription": "An optional, descriptive name for an advanced event selector, such as \"Log data events for only two S3 buckets\".", - "title": "Name", - "type": "string" - } - }, - "required": [ - "FieldSelectors" - ], - "type": "object" - }, - "AWS::CloudTrail::EventDataStore.AdvancedFieldSelector": { - "additionalProperties": false, - "properties": { - "EndsWith": { - "items": { - "type": "string" - }, - "markdownDescription": "An operator that includes events that match the last few characters of the event record field specified as the value of `Field` .", - "title": "EndsWith", - "type": "array" - }, - "Equals": { - "items": { - "type": "string" - }, - "markdownDescription": "An operator that includes events that match the exact value of the event record field specified as the value of `Field` . This is the only valid operator that you can use with the `readOnly` , `eventCategory` , and `resources.type` fields.", - "title": "Equals", - "type": "array" - }, - "Field": { - "markdownDescription": "A field in a CloudTrail event record on which to filter events to be logged. For event data stores for CloudTrail Insights events, AWS Config configuration items, Audit Manager evidence, or events outside of AWS , the field is used only for selecting events as filtering is not supported.\n\nFor CloudTrail management events, supported fields include `eventCategory` (required), `eventSource` , and `readOnly` . The following additional fields are available for event data stores: `eventName` , `eventType` , `sessionCredentialFromConsole` , and `userIdentity.arn` .\n\nFor CloudTrail data events, supported fields include `eventCategory` (required), `eventName` , `eventSource` , `eventType` , `resources.type` (required), `readOnly` , `resources.ARN` , `sessionCredentialFromConsole` , and `userIdentity.arn` .\n\nFor CloudTrail network activity events, supported fields include `eventCategory` (required), `eventSource` (required), `eventName` , `errorCode` , and `vpcEndpointId` .\n\nFor event data stores for CloudTrail Insights events, AWS Config configuration items, Audit Manager evidence, or events outside of AWS , the only supported field is `eventCategory` .\n\n> Selectors don't support the use of wildcards like `*` . To match multiple values with a single condition, you may use `StartsWith` , `EndsWith` , `NotStartsWith` , or `NotEndsWith` to explicitly match the beginning or end of the event field. \n\n- *`readOnly`* - This is an optional field that is only used for management events and data events. This field can be set to `Equals` with a value of `true` or `false` . If you do not add this field, CloudTrail logs both `read` and `write` events. A value of `true` logs only `read` events. A value of `false` logs only `write` events.\n- *`eventSource`* - This field is only used for management events, data events, and network activity events.\n\nFor management events for trails, this is an optional field that can be set to `NotEquals` `kms.amazonaws.com` to exclude KMS management events, or `NotEquals` `rdsdata.amazonaws.com` to exclude RDS management events.\n\nFor data events for trails, this is an optional field that you can use to include or exclude any event source and can use any operator.\n\nFor management and data events for event data stores, this is an optional field that you can use to include or exclude any event source and can use any operator.\n\nFor network activity events, this is a required field that only uses the `Equals` operator. Set this field to the event source for which you want to log network activity events. If you want to log network activity events for multiple event sources, you must create a separate field selector for each event source. For a list of services supporting network activity events, see [Logging network activity events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-network-events-with-cloudtrail.html) in the *AWS CloudTrail User Guide* .\n- *`eventName`* - This is an optional field that is only used for data events, management events (for event data stores only), and network activity events. You can use any operator with `eventName` . You can use it to \ufb01lter in or \ufb01lter out specific events. You can have multiple values for this \ufb01eld, separated by commas.\n- *`eventCategory`* - This field is required and must be set to `Equals` .\n\n- For CloudTrail management events, the value must be `Management` .\n- For CloudTrail data events, the value must be `Data` .\n- For CloudTrail network activity events, the value must be `NetworkActivity` .\n\nThe following are used only for event data stores:\n\n- For CloudTrail Insights events, the value must be `Insight` .\n- For AWS Config configuration items, the value must be `ConfigurationItem` .\n- For Audit Manager evidence, the value must be `Evidence` .\n- For events outside of AWS , the value must be `ActivityAuditLog` .\n- *`eventType`* - For event data stores, this is an optional field available for event data stores to filter management and data events on the event type. For trails, this is an optional field to filter data events on the event type. For information about available event types, see [CloudTrail record contents](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-event-reference-record-contents.html#ct-event-type) in the *AWS CloudTrail user guide* .\n- *`errorCode`* - This \ufb01eld is only used to filter CloudTrail network activity events and is optional. This is the error code to filter on. Currently, the only valid `errorCode` is `VpceAccessDenied` . `errorCode` can only use the `Equals` operator.\n- *`sessionCredentialFromConsole`* - For event data stores, this is an optional field used to filter management and data events based on whether the events originated from an AWS Management Console session. For trails, this is an optional field used to filter data events. `sessionCredentialFromConsole` can only use the `Equals` and `NotEquals` operators.\n- *`resources.type`* - This \ufb01eld is required for CloudTrail data events. `resources.type` can only use the `Equals` operator.\n\nFor a list of available resource types for data events, see [Data events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#logging-data-events) in the *AWS CloudTrail User Guide* .\n\nYou can have only one `resources.type` \ufb01eld per selector. To log events on more than one resource type, add another selector.\n- *`resources.ARN`* - The `resources.ARN` is an optional field for data events. You can use any operator with `resources.ARN` , but if you use `Equals` or `NotEquals` , the value must exactly match the ARN of a valid resource of the type you've speci\ufb01ed in the template as the value of resources.type. To log all data events for all objects in a specific S3 bucket, use the `StartsWith` operator, and include only the bucket ARN as the matching value.\n\nFor more information about the ARN formats of data event resources, see [Actions, resources, and condition keys for AWS services](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html) in the *Service Authorization Reference* .\n\n> You can't use the `resources.ARN` field to filter resource types that do not have ARNs.\n- *`userIdentity.arn`* - For event data stores, this is an optional field used to filter management and data events for actions taken by specific IAM identities. For trails, this is an optional field used to filter data events. You can use any operator with `userIdentity.arn` . For more information on the userIdentity element, see [CloudTrail userIdentity element](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-event-reference-user-identity.html) in the *AWS CloudTrail User Guide* .\n- *`vpcEndpointId`* - This \ufb01eld is only used to filter CloudTrail network activity events and is optional. This field identifies the VPC endpoint that the request passed through. You can use any operator with `vpcEndpointId` .", - "title": "Field", - "type": "string" - }, - "NotEndsWith": { - "items": { - "type": "string" - }, - "markdownDescription": "An operator that excludes events that match the last few characters of the event record field specified as the value of `Field` .", - "title": "NotEndsWith", - "type": "array" - }, - "NotEquals": { - "items": { - "type": "string" - }, - "markdownDescription": "An operator that excludes events that match the exact value of the event record field specified as the value of `Field` .", - "title": "NotEquals", - "type": "array" - }, - "NotStartsWith": { - "items": { - "type": "string" - }, - "markdownDescription": "An operator that excludes events that match the first few characters of the event record field specified as the value of `Field` .", - "title": "NotStartsWith", - "type": "array" - }, - "StartsWith": { - "items": { - "type": "string" - }, - "markdownDescription": "An operator that includes events that match the first few characters of the event record field specified as the value of `Field` .", - "title": "StartsWith", - "type": "array" - } - }, - "required": [ - "Field" - ], - "type": "object" - }, - "AWS::CloudTrail::EventDataStore.InsightSelector": { - "additionalProperties": false, - "properties": { - "InsightType": { - "markdownDescription": "The type of Insights events to log on an event data store. `ApiCallRateInsight` and `ApiErrorRateInsight` are valid Insight types.\n\nThe `ApiCallRateInsight` Insights type analyzes write-only management API calls that are aggregated per minute against a baseline API call volume.\n\nThe `ApiErrorRateInsight` Insights type analyzes management API calls that result in error codes. The error is shown if the API call is unsuccessful.", - "title": "InsightType", - "type": "string" - } - }, - "type": "object" - }, - "AWS::CloudTrail::ResourcePolicy": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the CloudTrail event data store, dashboard, or channel attached to the resource-based policy.\n\nExample event data store ARN format: `arn:aws:cloudtrail:us-east-2:123456789012:eventdatastore/EXAMPLE-f852-4e8f-8bd1-bcf6cEXAMPLE`\n\nExample dashboard ARN format: `arn:aws:cloudtrail:us-east-1:123456789012:dashboard/exampleDash`\n\nExample channel ARN format: `arn:aws:cloudtrail:us-east-2:123456789012:channel/01234567890`", - "title": "ResourceArn", - "type": "string" - }, - "ResourcePolicy": { - "markdownDescription": "A JSON-formatted string for an AWS resource-based policy.\n\nFor example resource-based policies, see [CloudTrail resource-based policy examples](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/security_iam_resource-based-policy-examples.html) in the *CloudTrail User Guide* .", - "title": "ResourcePolicy", - "type": "object" - } - }, "required": [ - "ResourceArn", - "ResourcePolicy" + "ConfigurationName", + "IamRoleArn", + "SlackChannelId", + "SlackWorkspaceId" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudTrail::ResourcePolicy" + "AWS::Chatbot::SlackChannelConfiguration" ], "type": "string" }, @@ -39359,7 +44118,7 @@ ], "type": "object" }, - "AWS::CloudTrail::Trail": { + "AWS::CleanRooms::AnalysisTemplate": { "additionalProperties": false, "properties": { "Condition": { @@ -39394,108 +44153,69 @@ "Properties": { "additionalProperties": false, "properties": { - "AdvancedEventSelectors": { + "AnalysisParameters": { "items": { - "$ref": "#/definitions/AWS::CloudTrail::Trail.AdvancedEventSelector" + "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate.AnalysisParameter" }, - "markdownDescription": "Specifies the settings for advanced event selectors. You can use advanced event selectors to log management events, data events for all resource types, and network activity events.\n\nYou can add advanced event selectors, and conditions for your advanced event selectors, up to a maximum of 500 values for all conditions and selectors on a trail. You can use either `AdvancedEventSelectors` or `EventSelectors` , but not both. If you apply `AdvancedEventSelectors` to a trail, any existing `EventSelectors` are overwritten. For more information about advanced event selectors, see [Logging data events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html) and [Logging network activity events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-network-events-with-cloudtrail.html) in the *AWS CloudTrail User Guide* .", - "title": "AdvancedEventSelectors", + "markdownDescription": "The parameters of the analysis template.", + "title": "AnalysisParameters", "type": "array" }, - "CloudWatchLogsLogGroupArn": { - "markdownDescription": "Specifies a log group name using an Amazon Resource Name (ARN), a unique identifier that represents the log group to which CloudTrail logs are delivered. You must use a log group that exists in your account.\n\nTo enable CloudWatch Logs delivery, you must provide values for `CloudWatchLogsLogGroupArn` and `CloudWatchLogsRoleArn` .\n\n> If you previously enabled CloudWatch Logs delivery and want to disable CloudWatch Logs delivery, you must set the values of the `CloudWatchLogsRoleArn` and `CloudWatchLogsLogGroupArn` fields to `\"\"` .", - "title": "CloudWatchLogsLogGroupArn", + "Description": { + "markdownDescription": "The description of the analysis template.", + "title": "Description", "type": "string" }, - "CloudWatchLogsRoleArn": { - "markdownDescription": "Specifies the role for the CloudWatch Logs endpoint to assume to write to a user's log group. You must use a role that exists in your account.\n\nTo enable CloudWatch Logs delivery, you must provide values for `CloudWatchLogsLogGroupArn` and `CloudWatchLogsRoleArn` .\n\n> If you previously enabled CloudWatch Logs delivery and want to disable CloudWatch Logs delivery, you must set the values of the `CloudWatchLogsRoleArn` and `CloudWatchLogsLogGroupArn` fields to `\"\"` .", - "title": "CloudWatchLogsRoleArn", + "Format": { + "markdownDescription": "The format of the analysis template.", + "title": "Format", "type": "string" }, - "EnableLogFileValidation": { - "markdownDescription": "Specifies whether log file validation is enabled. The default is false.\n\n> When you disable log file integrity validation, the chain of digest files is broken after one hour. CloudTrail does not create digest files for log files that were delivered during a period in which log file integrity validation was disabled. For example, if you enable log file integrity validation at noon on January 1, disable it at noon on January 2, and re-enable it at noon on January 10, digest files will not be created for the log files delivered from noon on January 2 to noon on January 10. The same applies whenever you stop CloudTrail logging or delete a trail.", - "title": "EnableLogFileValidation", - "type": "boolean" - }, - "EventSelectors": { - "items": { - "$ref": "#/definitions/AWS::CloudTrail::Trail.EventSelector" - }, - "markdownDescription": "Use event selectors to further specify the management and data event settings for your trail. By default, trails created without specific event selectors will be configured to log all read and write management events, and no data events. When an event occurs in your account, CloudTrail evaluates the event selector for all trails. For each trail, if the event matches any event selector, the trail processes and logs the event. If the event doesn't match any event selector, the trail doesn't log the event.\n\nYou can configure up to five event selectors for a trail.\n\nYou cannot apply both event selectors and advanced event selectors to a trail.", - "title": "EventSelectors", - "type": "array" - }, - "IncludeGlobalServiceEvents": { - "markdownDescription": "Specifies whether the trail is publishing events from global services such as IAM to the log files.", - "title": "IncludeGlobalServiceEvents", - "type": "boolean" - }, - "InsightSelectors": { - "items": { - "$ref": "#/definitions/AWS::CloudTrail::Trail.InsightSelector" - }, - "markdownDescription": "A JSON string that contains the Insights types you want to log on a trail. `ApiCallRateInsight` and `ApiErrorRateInsight` are valid Insight types.\n\nThe `ApiCallRateInsight` Insights type analyzes write-only management API calls that are aggregated per minute against a baseline API call volume.\n\nThe `ApiErrorRateInsight` Insights type analyzes management API calls that result in error codes. The error is shown if the API call is unsuccessful.", - "title": "InsightSelectors", - "type": "array" - }, - "IsLogging": { - "markdownDescription": "Whether the CloudTrail trail is currently logging AWS API calls.", - "title": "IsLogging", - "type": "boolean" - }, - "IsMultiRegionTrail": { - "markdownDescription": "Specifies whether the trail applies only to the current Region or to all Regions. The default is false. If the trail exists only in the current Region and this value is set to true, shadow trails (replications of the trail) will be created in the other Regions. If the trail exists in all Regions and this value is set to false, the trail will remain in the Region where it was created, and its shadow trails in other Regions will be deleted. As a best practice, consider using trails that log events in all Regions.", - "title": "IsMultiRegionTrail", - "type": "boolean" - }, - "IsOrganizationTrail": { - "markdownDescription": "Specifies whether the trail is applied to all accounts in an organization in AWS Organizations , or only for the current AWS account . The default is false, and cannot be true unless the call is made on behalf of an AWS account that is the management account for an organization in AWS Organizations . If the trail is not an organization trail and this is set to `true` , the trail will be created in all AWS accounts that belong to the organization. If the trail is an organization trail and this is set to `false` , the trail will remain in the current AWS account but be deleted from all member accounts in the organization.\n\n> Only the management account for the organization can convert an organization trail to a non-organization trail, or convert a non-organization trail to an organization trail.", - "title": "IsOrganizationTrail", - "type": "boolean" - }, - "KMSKeyId": { - "markdownDescription": "Specifies the AWS KMS key ID to use to encrypt the logs and digest files delivered by CloudTrail. The value can be an alias name prefixed by \"alias/\", a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.\n\nCloudTrail also supports AWS KMS multi-Region keys. For more information about multi-Region keys, see [Using multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the *AWS Key Management Service Developer Guide* .\n\nExamples:\n\n- alias/MyAliasName\n- arn:aws:kms:us-east-2:123456789012:alias/MyAliasName\n- arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012\n- 12345678-1234-1234-1234-123456789012", - "title": "KMSKeyId", + "MembershipIdentifier": { + "markdownDescription": "The identifier for a membership resource.", + "title": "MembershipIdentifier", "type": "string" }, - "S3BucketName": { - "markdownDescription": "Specifies the name of the Amazon S3 bucket designated for publishing log files. See [Amazon S3 Bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html) .", - "title": "S3BucketName", + "Name": { + "markdownDescription": "The name of the analysis template.", + "title": "Name", "type": "string" }, - "S3KeyPrefix": { - "markdownDescription": "Specifies the Amazon S3 key prefix that comes after the name of the bucket you have designated for log file delivery. For more information, see [Finding Your CloudTrail Log Files](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/get-and-view-cloudtrail-log-files.html#cloudtrail-find-log-files) . The maximum length is 200 characters.", - "title": "S3KeyPrefix", - "type": "string" + "Schema": { + "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate.AnalysisSchema", + "markdownDescription": "The entire schema object.", + "title": "Schema" }, - "SnsTopicName": { - "markdownDescription": "Specifies the name or ARN of the Amazon SNS topic defined for notification of log file delivery. The maximum length is 256 characters.", - "title": "SnsTopicName", - "type": "string" + "Source": { + "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate.AnalysisSource", + "markdownDescription": "The source of the analysis template.", + "title": "Source" + }, + "SourceMetadata": { + "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate.AnalysisSourceMetadata", + "markdownDescription": "The source metadata for the analysis template.", + "title": "SourceMetadata" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A custom set of tags (key-value pairs) for this trail.", + "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", "title": "Tags", "type": "array" - }, - "TrailName": { - "markdownDescription": "Specifies the name of the trail. The name must meet the following requirements:\n\n- Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores (_), or dashes (-)\n- Start with a letter or number, and end with a letter or number\n- Be between 3 and 128 characters\n- Have no adjacent periods, underscores or dashes. Names like `my-_namespace` and `my--namespace` are not valid.\n- Not be in IP address format (for example, 192.168.5.4)", - "title": "TrailName", - "type": "string" } }, "required": [ - "IsLogging", - "S3BucketName" + "Format", + "MembershipIdentifier", + "Name", + "Source" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudTrail::Trail" + "AWS::CleanRooms::AnalysisTemplate" ], "type": "string" }, @@ -39514,156 +44234,174 @@ ], "type": "object" }, - "AWS::CloudTrail::Trail.AdvancedEventSelector": { + "AWS::CleanRooms::AnalysisTemplate.AnalysisParameter": { "additionalProperties": false, "properties": { - "FieldSelectors": { - "items": { - "$ref": "#/definitions/AWS::CloudTrail::Trail.AdvancedFieldSelector" - }, - "markdownDescription": "Contains all selector statements in an advanced event selector.", - "title": "FieldSelectors", - "type": "array" + "DefaultValue": { + "markdownDescription": "Optional. The default value that is applied in the analysis template. The member who can query can override this value in the query editor.", + "title": "DefaultValue", + "type": "string" }, "Name": { - "markdownDescription": "An optional, descriptive name for an advanced event selector, such as \"Log data events for only two S3 buckets\".", + "markdownDescription": "The name of the parameter. The name must use only alphanumeric, underscore (_), or hyphen (-) characters but cannot start or end with a hyphen.", "title": "Name", "type": "string" + }, + "Type": { + "markdownDescription": "The type of parameter.", + "title": "Type", + "type": "string" } }, "required": [ - "FieldSelectors" + "Name", + "Type" ], "type": "object" }, - "AWS::CloudTrail::Trail.AdvancedFieldSelector": { + "AWS::CleanRooms::AnalysisTemplate.AnalysisSchema": { "additionalProperties": false, "properties": { - "EndsWith": { - "items": { - "type": "string" - }, - "markdownDescription": "An operator that includes events that match the last few characters of the event record field specified as the value of `Field` .", - "title": "EndsWith", - "type": "array" - }, - "Equals": { + "ReferencedTables": { "items": { "type": "string" }, - "markdownDescription": "An operator that includes events that match the exact value of the event record field specified as the value of `Field` . This is the only valid operator that you can use with the `readOnly` , `eventCategory` , and `resources.type` fields.", - "title": "Equals", + "markdownDescription": "The tables referenced in the analysis schema.", + "title": "ReferencedTables", "type": "array" + } + }, + "required": [ + "ReferencedTables" + ], + "type": "object" + }, + "AWS::CleanRooms::AnalysisTemplate.AnalysisSource": { + "additionalProperties": false, + "properties": { + "Artifacts": { + "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate.AnalysisTemplateArtifacts", + "markdownDescription": "The artifacts of the analysis source.", + "title": "Artifacts" }, - "Field": { - "markdownDescription": "A field in a CloudTrail event record on which to filter events to be logged. For event data stores for CloudTrail Insights events, AWS Config configuration items, Audit Manager evidence, or events outside of AWS , the field is used only for selecting events as filtering is not supported.\n\nFor CloudTrail management events, supported fields include `eventCategory` (required), `eventSource` , and `readOnly` . The following additional fields are available for event data stores: `eventName` , `eventType` , `sessionCredentialFromConsole` , and `userIdentity.arn` .\n\nFor CloudTrail data events, supported fields include `eventCategory` (required), `eventName` , `eventSource` , `eventType` , `resources.type` (required), `readOnly` , `resources.ARN` , `sessionCredentialFromConsole` , and `userIdentity.arn` .\n\nFor CloudTrail network activity events, supported fields include `eventCategory` (required), `eventSource` (required), `eventName` , `errorCode` , and `vpcEndpointId` .\n\nFor event data stores for CloudTrail Insights events, AWS Config configuration items, Audit Manager evidence, or events outside of AWS , the only supported field is `eventCategory` .\n\n> Selectors don't support the use of wildcards like `*` . To match multiple values with a single condition, you may use `StartsWith` , `EndsWith` , `NotStartsWith` , or `NotEndsWith` to explicitly match the beginning or end of the event field. \n\n- *`readOnly`* - This is an optional field that is only used for management events and data events. This field can be set to `Equals` with a value of `true` or `false` . If you do not add this field, CloudTrail logs both `read` and `write` events. A value of `true` logs only `read` events. A value of `false` logs only `write` events.\n- *`eventSource`* - This field is only used for management events, data events, and network activity events.\n\nFor management events for trails, this is an optional field that can be set to `NotEquals` `kms.amazonaws.com` to exclude KMS management events, or `NotEquals` `rdsdata.amazonaws.com` to exclude RDS management events.\n\nFor data events for trails, this is an optional field that you can use to include or exclude any event source and can use any operator.\n\nFor management and data events for event data stores, this is an optional field that you can use to include or exclude any event source and can use any operator.\n\nFor network activity events, this is a required field that only uses the `Equals` operator. Set this field to the event source for which you want to log network activity events. If you want to log network activity events for multiple event sources, you must create a separate field selector for each event source. For a list of services supporting network activity events, see [Logging network activity events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-network-events-with-cloudtrail.html) in the *AWS CloudTrail User Guide* .\n- *`eventName`* - This is an optional field that is only used for data events, management events (for event data stores only), and network activity events. You can use any operator with `eventName` . You can use it to \ufb01lter in or \ufb01lter out specific events. You can have multiple values for this \ufb01eld, separated by commas.\n- *`eventCategory`* - This field is required and must be set to `Equals` .\n\n- For CloudTrail management events, the value must be `Management` .\n- For CloudTrail data events, the value must be `Data` .\n- For CloudTrail network activity events, the value must be `NetworkActivity` .\n\nThe following are used only for event data stores:\n\n- For CloudTrail Insights events, the value must be `Insight` .\n- For AWS Config configuration items, the value must be `ConfigurationItem` .\n- For Audit Manager evidence, the value must be `Evidence` .\n- For events outside of AWS , the value must be `ActivityAuditLog` .\n- *`eventType`* - For event data stores, this is an optional field available for event data stores to filter management and data events on the event type. For trails, this is an optional field to filter data events on the event type. For information about available event types, see [CloudTrail record contents](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-event-reference-record-contents.html#ct-event-type) in the *AWS CloudTrail user guide* .\n- *`errorCode`* - This \ufb01eld is only used to filter CloudTrail network activity events and is optional. This is the error code to filter on. Currently, the only valid `errorCode` is `VpceAccessDenied` . `errorCode` can only use the `Equals` operator.\n- *`sessionCredentialFromConsole`* - For event data stores, this is an optional field used to filter management and data events based on whether the events originated from an AWS Management Console session. For trails, this is an optional field used to filter data events. `sessionCredentialFromConsole` can only use the `Equals` and `NotEquals` operators.\n- *`resources.type`* - This \ufb01eld is required for CloudTrail data events. `resources.type` can only use the `Equals` operator.\n\nFor a list of available resource types for data events, see [Data events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#logging-data-events) in the *AWS CloudTrail User Guide* .\n\nYou can have only one `resources.type` \ufb01eld per selector. To log events on more than one resource type, add another selector.\n- *`resources.ARN`* - The `resources.ARN` is an optional field for data events. You can use any operator with `resources.ARN` , but if you use `Equals` or `NotEquals` , the value must exactly match the ARN of a valid resource of the type you've speci\ufb01ed in the template as the value of resources.type. To log all data events for all objects in a specific S3 bucket, use the `StartsWith` operator, and include only the bucket ARN as the matching value.\n\nFor more information about the ARN formats of data event resources, see [Actions, resources, and condition keys for AWS services](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html) in the *Service Authorization Reference* .\n\n> You can't use the `resources.ARN` field to filter resource types that do not have ARNs.\n- *`userIdentity.arn`* - For event data stores, this is an optional field used to filter management and data events for actions taken by specific IAM identities. For trails, this is an optional field used to filter data events. You can use any operator with `userIdentity.arn` . For more information on the userIdentity element, see [CloudTrail userIdentity element](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-event-reference-user-identity.html) in the *AWS CloudTrail User Guide* .\n- *`vpcEndpointId`* - This \ufb01eld is only used to filter CloudTrail network activity events and is optional. This field identifies the VPC endpoint that the request passed through. You can use any operator with `vpcEndpointId` .", - "title": "Field", + "Text": { + "markdownDescription": "The query text.", + "title": "Text", "type": "string" - }, - "NotEndsWith": { - "items": { - "type": "string" - }, - "markdownDescription": "An operator that excludes events that match the last few characters of the event record field specified as the value of `Field` .", - "title": "NotEndsWith", - "type": "array" - }, - "NotEquals": { - "items": { - "type": "string" - }, - "markdownDescription": "An operator that excludes events that match the exact value of the event record field specified as the value of `Field` .", - "title": "NotEquals", - "type": "array" - }, - "NotStartsWith": { - "items": { - "type": "string" - }, - "markdownDescription": "An operator that excludes events that match the first few characters of the event record field specified as the value of `Field` .", - "title": "NotStartsWith", - "type": "array" - }, - "StartsWith": { - "items": { - "type": "string" - }, - "markdownDescription": "An operator that includes events that match the first few characters of the event record field specified as the value of `Field` .", - "title": "StartsWith", - "type": "array" + } + }, + "type": "object" + }, + "AWS::CleanRooms::AnalysisTemplate.AnalysisSourceMetadata": { + "additionalProperties": false, + "properties": { + "Artifacts": { + "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate.AnalysisTemplateArtifactMetadata", + "markdownDescription": "The artifacts of the analysis source metadata.", + "title": "Artifacts" } }, "required": [ - "Field" + "Artifacts" ], "type": "object" }, - "AWS::CloudTrail::Trail.DataResource": { + "AWS::CleanRooms::AnalysisTemplate.AnalysisTemplateArtifact": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The resource type in which you want to log data events. You can specify the following *basic* event selector resource types:\n\n- `AWS::DynamoDB::Table`\n- `AWS::Lambda::Function`\n- `AWS::S3::Object`\n\nAdditional resource types are available through *advanced* event selectors. For more information, see [AdvancedEventSelector](https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_AdvancedEventSelector.html) .", - "title": "Type", - "type": "string" - }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of Amazon Resource Name (ARN) strings or partial ARN strings for the specified resource type.\n\n- To log data events for all objects in all S3 buckets in your AWS account , specify the prefix as `arn:aws:s3` .\n\n> This also enables logging of data event activity performed by any user or role in your AWS account , even if that activity is performed on a bucket that belongs to another AWS account .\n- To log data events for all objects in an S3 bucket, specify the bucket and an empty object prefix such as `arn:aws:s3:::amzn-s3-demo-bucket1/` . The trail logs data events for all objects in this S3 bucket.\n- To log data events for specific objects, specify the S3 bucket and object prefix such as `arn:aws:s3:::amzn-s3-demo-bucket1/example-images` . The trail logs data events for objects in this S3 bucket that match the prefix.\n- To log data events for all Lambda functions in your AWS account , specify the prefix as `arn:aws:lambda` .\n\n> This also enables logging of `Invoke` activity performed by any user or role in your AWS account , even if that activity is performed on a function that belongs to another AWS account .\n- To log data events for a specific Lambda function, specify the function ARN.\n\n> Lambda function ARNs are exact. For example, if you specify a function ARN *arn:aws:lambda:us-west-2:111111111111:function:helloworld* , data events will only be logged for *arn:aws:lambda:us-west-2:111111111111:function:helloworld* . They will not be logged for *arn:aws:lambda:us-west-2:111111111111:function:helloworld2* .\n- To log data events for all DynamoDB tables in your AWS account , specify the prefix as `arn:aws:dynamodb` .", - "title": "Values", - "type": "array" + "Location": { + "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate.S3Location", + "markdownDescription": "The artifact location.", + "title": "Location" } }, "required": [ - "Type" + "Location" ], "type": "object" }, - "AWS::CloudTrail::Trail.EventSelector": { + "AWS::CleanRooms::AnalysisTemplate.AnalysisTemplateArtifactMetadata": { "additionalProperties": false, "properties": { - "DataResources": { + "AdditionalArtifactHashes": { "items": { - "$ref": "#/definitions/AWS::CloudTrail::Trail.DataResource" + "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate.Hash" }, - "markdownDescription": "CloudTrail supports data event logging for Amazon S3 objects in standard S3 buckets, AWS Lambda functions, and Amazon DynamoDB tables with basic event selectors. You can specify up to 250 resources for an individual event selector, but the total number of data resources cannot exceed 250 across all event selectors in a trail. This limit does not apply if you configure resource logging for all data events.\n\nFor more information, see [Data Events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html) and [Limits in AWS CloudTrail](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/WhatIsCloudTrail-Limits.html) in the *AWS CloudTrail User Guide* .\n\n> To log data events for all other resource types including objects stored in [directory buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-overview.html) , you must use [AdvancedEventSelectors](https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_AdvancedEventSelector.html) . You must also use `AdvancedEventSelectors` if you want to filter on the `eventName` field.", - "title": "DataResources", + "markdownDescription": "Additional artifact hashes for the analysis template.", + "title": "AdditionalArtifactHashes", "type": "array" }, - "ExcludeManagementEventSources": { + "EntryPointHash": { + "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate.Hash", + "markdownDescription": "The hash of the entry point for the analysis template artifact metadata.", + "title": "EntryPointHash" + } + }, + "required": [ + "EntryPointHash" + ], + "type": "object" + }, + "AWS::CleanRooms::AnalysisTemplate.AnalysisTemplateArtifacts": { + "additionalProperties": false, + "properties": { + "AdditionalArtifacts": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate.AnalysisTemplateArtifact" }, - "markdownDescription": "An optional list of service event sources from which you do not want management events to be logged on your trail. In this release, the list can be empty (disables the filter), or it can filter out AWS Key Management Service or Amazon RDS Data API events by containing `kms.amazonaws.com` or `rdsdata.amazonaws.com` . By default, `ExcludeManagementEventSources` is empty, and AWS KMS and Amazon RDS Data API events are logged to your trail. You can exclude management event sources only in Regions that support the event source.", - "title": "ExcludeManagementEventSources", + "markdownDescription": "Additional artifacts for the analysis template.", + "title": "AdditionalArtifacts", "type": "array" }, - "IncludeManagementEvents": { - "markdownDescription": "Specify if you want your event selector to include management events for your trail.\n\nFor more information, see [Management Events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-events-with-cloudtrail.html) in the *AWS CloudTrail User Guide* .\n\nBy default, the value is `true` .\n\nThe first copy of management events is free. You are charged for additional copies of management events that you are logging on any subsequent trail in the same Region. For more information about CloudTrail pricing, see [AWS CloudTrail Pricing](https://docs.aws.amazon.com/cloudtrail/pricing/) .", - "title": "IncludeManagementEvents", - "type": "boolean" + "EntryPoint": { + "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate.AnalysisTemplateArtifact", + "markdownDescription": "The entry point for the analysis template artifacts.", + "title": "EntryPoint" }, - "ReadWriteType": { - "markdownDescription": "Specify if you want your trail to log read-only events, write-only events, or all. For example, the EC2 `GetConsoleOutput` is a read-only API operation and `RunInstances` is a write-only API operation.\n\nBy default, the value is `All` .", - "title": "ReadWriteType", + "RoleArn": { + "markdownDescription": "The role ARN for the analysis template artifacts.", + "title": "RoleArn", "type": "string" } }, + "required": [ + "EntryPoint", + "RoleArn" + ], "type": "object" }, - "AWS::CloudTrail::Trail.InsightSelector": { + "AWS::CleanRooms::AnalysisTemplate.Hash": { "additionalProperties": false, "properties": { - "InsightType": { - "markdownDescription": "The type of Insights events to log on a trail. `ApiCallRateInsight` and `ApiErrorRateInsight` are valid Insight types.\n\nThe `ApiCallRateInsight` Insights type analyzes write-only management API calls that are aggregated per minute against a baseline API call volume.\n\nThe `ApiErrorRateInsight` Insights type analyzes management API calls that result in error codes. The error is shown if the API call is unsuccessful.", - "title": "InsightType", + "Sha256": { + "markdownDescription": "The SHA-256 hash value.", + "title": "Sha256", "type": "string" } }, "type": "object" }, - "AWS::CloudWatch::Alarm": { + "AWS::CleanRooms::AnalysisTemplate.S3Location": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The bucket name.", + "title": "Bucket", + "type": "string" + }, + "Key": { + "markdownDescription": "The object key.", + "title": "Key", + "type": "string" + } + }, + "required": [ + "Bucket", + "Key" + ], + "type": "object" + }, + "AWS::CleanRooms::Collaboration": { "additionalProperties": false, "properties": { "Condition": { @@ -39698,144 +44436,87 @@ "Properties": { "additionalProperties": false, "properties": { - "ActionsEnabled": { - "markdownDescription": "Indicates whether actions should be executed during any changes to the alarm state. The default is TRUE.", - "title": "ActionsEnabled", - "type": "boolean" - }, - "AlarmActions": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of actions to execute when this alarm transitions into an ALARM state from any other state. Specify each action as an Amazon Resource Name (ARN). For more information about creating alarms and the actions that you can specify, see [PutMetricAlarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutMetricAlarm.html) in the *Amazon CloudWatch API Reference* .", - "title": "AlarmActions", - "type": "array" - }, - "AlarmDescription": { - "markdownDescription": "The description of the alarm.", - "title": "AlarmDescription", - "type": "string" - }, - "AlarmName": { - "markdownDescription": "The name of the alarm. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the alarm name.\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "AlarmName", + "AnalyticsEngine": { + "markdownDescription": "The analytics engine for the collaboration.\n\n> After July 16, 2025, the `CLEAN_ROOMS_SQL` parameter will no longer be available.", + "title": "AnalyticsEngine", "type": "string" }, - "ComparisonOperator": { - "markdownDescription": "The arithmetic operation to use when comparing the specified statistic and threshold. The specified statistic value is used as the first operand.", - "title": "ComparisonOperator", + "CreatorDisplayName": { + "markdownDescription": "A display name of the collaboration creator.", + "title": "CreatorDisplayName", "type": "string" }, - "DatapointsToAlarm": { - "markdownDescription": "The number of datapoints that must be breaching to trigger the alarm. This is used only if you are setting an \"M out of N\" alarm. In that case, this value is the M, and the value that you set for `EvaluationPeriods` is the N value. For more information, see [Evaluating an Alarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/AlarmThatSendsEmail.html#alarm-evaluation) in the *Amazon CloudWatch User Guide* .\n\nIf you omit this parameter, CloudWatch uses the same value here that you set for `EvaluationPeriods` , and the alarm goes to alarm state if that many consecutive periods are breaching.", - "title": "DatapointsToAlarm", - "type": "number" + "CreatorMLMemberAbilities": { + "$ref": "#/definitions/AWS::CleanRooms::Collaboration.MLMemberAbilities", + "markdownDescription": "The ML member abilities for a collaboration member.", + "title": "CreatorMLMemberAbilities" }, - "Dimensions": { + "CreatorMemberAbilities": { "items": { - "$ref": "#/definitions/AWS::CloudWatch::Alarm.Dimension" + "type": "string" }, - "markdownDescription": "The dimensions for the metric associated with the alarm. For an alarm based on a math expression, you can't specify `Dimensions` . Instead, you use `Metrics` .", - "title": "Dimensions", + "markdownDescription": "The abilities granted to the collaboration creator.\n\n*Allowed values* `CAN_QUERY` | `CAN_RECEIVE_RESULTS` | `CAN_RUN_JOB`", + "title": "CreatorMemberAbilities", "type": "array" }, - "EvaluateLowSampleCountPercentile": { - "markdownDescription": "Used only for alarms based on percentiles. If `ignore` , the alarm state does not change during periods with too few data points to be statistically significant. If `evaluate` or this parameter is not used, the alarm is always evaluated and possibly changes state no matter how many data points are available.", - "title": "EvaluateLowSampleCountPercentile", - "type": "string" + "CreatorPaymentConfiguration": { + "$ref": "#/definitions/AWS::CleanRooms::Collaboration.PaymentConfiguration", + "markdownDescription": "An object representing the collaboration member's payment responsibilities set by the collaboration creator.", + "title": "CreatorPaymentConfiguration" }, - "EvaluationPeriods": { - "markdownDescription": "The number of periods over which data is compared to the specified threshold. If you are setting an alarm that requires that a number of consecutive data points be breaching to trigger the alarm, this value specifies that number. If you are setting an \"M out of N\" alarm, this value is the N, and `DatapointsToAlarm` is the M.\n\nFor more information, see [Evaluating an Alarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/AlarmThatSendsEmail.html#alarm-evaluation) in the *Amazon CloudWatch User Guide* .", - "title": "EvaluationPeriods", - "type": "number" + "DataEncryptionMetadata": { + "$ref": "#/definitions/AWS::CleanRooms::Collaboration.DataEncryptionMetadata", + "markdownDescription": "The settings for client-side encryption for cryptographic computing.", + "title": "DataEncryptionMetadata" }, - "ExtendedStatistic": { - "markdownDescription": "The percentile statistic for the metric associated with the alarm. Specify a value between p0.0 and p100.\n\nFor an alarm based on a metric, you must specify either `Statistic` or `ExtendedStatistic` but not both.\n\nFor an alarm based on a math expression, you can't specify `ExtendedStatistic` . Instead, you use `Metrics` .", - "title": "ExtendedStatistic", + "Description": { + "markdownDescription": "A description of the collaboration provided by the collaboration owner.", + "title": "Description", "type": "string" }, - "InsufficientDataActions": { - "items": { - "type": "string" - }, - "markdownDescription": "The actions to execute when this alarm transitions to the `INSUFFICIENT_DATA` state from any other state. Each action is specified as an Amazon Resource Name (ARN).", - "title": "InsufficientDataActions", - "type": "array" - }, - "MetricName": { - "markdownDescription": "The name of the metric associated with the alarm. This is required for an alarm based on a metric. For an alarm based on a math expression, you use `Metrics` instead and you can't specify `MetricName` .", - "title": "MetricName", + "JobLogStatus": { + "markdownDescription": "An indicator as to whether job logging has been enabled or disabled for the collaboration.\n\nWhen `ENABLED` , AWS Clean Rooms logs details about jobs run within this collaboration and those logs can be viewed in Amazon CloudWatch Logs. The default value is `DISABLED` .", + "title": "JobLogStatus", "type": "string" }, - "Metrics": { + "Members": { "items": { - "$ref": "#/definitions/AWS::CloudWatch::Alarm.MetricDataQuery" + "$ref": "#/definitions/AWS::CleanRooms::Collaboration.MemberSpecification" }, - "markdownDescription": "An array that enables you to create an alarm based on the result of a metric math expression. Each item in the array either retrieves a metric or performs a math expression.\n\nIf you specify the `Metrics` parameter, you cannot specify `MetricName` , `Dimensions` , `Period` , `Namespace` , `Statistic` , `ExtendedStatistic` , or `Unit` .", - "title": "Metrics", + "markdownDescription": "A list of initial members, not including the creator. This list is immutable.", + "title": "Members", "type": "array" }, - "Namespace": { - "markdownDescription": "The namespace of the metric associated with the alarm. This is required for an alarm based on a metric. For an alarm based on a math expression, you can't specify `Namespace` and you use `Metrics` instead.\n\nFor a list of namespaces for metrics from AWS services, see [AWS Services That Publish CloudWatch Metrics.](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/aws-services-cloudwatch-metrics.html)", - "title": "Namespace", + "Name": { + "markdownDescription": "A human-readable identifier provided by the collaboration owner. Display names are not unique.", + "title": "Name", "type": "string" }, - "OKActions": { - "items": { - "type": "string" - }, - "markdownDescription": "The actions to execute when this alarm transitions to the `OK` state from any other state. Each action is specified as an Amazon Resource Name (ARN).", - "title": "OKActions", - "type": "array" - }, - "Period": { - "markdownDescription": "The period, in seconds, over which the statistic is applied. This is required for an alarm based on a metric. Valid values are 10, 20, 30, 60, and any multiple of 60.\n\nFor an alarm based on a math expression, you can't specify `Period` , and instead you use the `Metrics` parameter.\n\n*Minimum:* 10", - "title": "Period", - "type": "number" - }, - "Statistic": { - "markdownDescription": "The statistic for the metric associated with the alarm, other than percentile. For percentile statistics, use `ExtendedStatistic` .\n\nFor an alarm based on a metric, you must specify either `Statistic` or `ExtendedStatistic` but not both.\n\nFor an alarm based on a math expression, you can't specify `Statistic` . Instead, you use `Metrics` .", - "title": "Statistic", + "QueryLogStatus": { + "markdownDescription": "An indicator as to whether query logging has been enabled or disabled for the collaboration.\n\nWhen `ENABLED` , AWS Clean Rooms logs details about queries run within this collaboration and those logs can be viewed in Amazon CloudWatch Logs. The default value is `DISABLED` .", + "title": "QueryLogStatus", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of key-value pairs to associate with the alarm. You can associate as many as 50 tags with an alarm. To be able to associate tags with the alarm when you create the alarm, you must have the `cloudwatch:TagResource` permission.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.", + "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", "title": "Tags", "type": "array" - }, - "Threshold": { - "markdownDescription": "The value to compare with the specified statistic.", - "title": "Threshold", - "type": "number" - }, - "ThresholdMetricId": { - "markdownDescription": "In an alarm based on an anomaly detection model, this is the ID of the `ANOMALY_DETECTION_BAND` function used as the threshold for the alarm.", - "title": "ThresholdMetricId", - "type": "string" - }, - "TreatMissingData": { - "markdownDescription": "Sets how this alarm is to handle missing data points. Valid values are `breaching` , `notBreaching` , `ignore` , and `missing` . For more information, see [Configuring How CloudWatch Alarms Treat Missing Data](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/AlarmThatSendsEmail.html#alarms-and-missing-data) in the *Amazon CloudWatch User Guide* .\n\nIf you omit this parameter, the default behavior of `missing` is used.", - "title": "TreatMissingData", - "type": "string" - }, - "Unit": { - "markdownDescription": "The unit of the metric associated with the alarm. Specify this only if you are creating an alarm based on a single metric. Do not specify this if you are specifying a `Metrics` array.\n\nYou can specify the following values: Seconds, Microseconds, Milliseconds, Bytes, Kilobytes, Megabytes, Gigabytes, Terabytes, Bits, Kilobits, Megabits, Gigabits, Terabits, Percent, Count, Bytes/Second, Kilobytes/Second, Megabytes/Second, Gigabytes/Second, Terabytes/Second, Bits/Second, Kilobits/Second, Megabits/Second, Gigabits/Second, Terabits/Second, Count/Second, or None.", - "title": "Unit", - "type": "string" } }, "required": [ - "ComparisonOperator", - "EvaluationPeriods" + "CreatorDisplayName", + "Description", + "Name", + "QueryLogStatus" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudWatch::Alarm" + "AWS::CleanRooms::Collaboration" ], "type": "string" }, @@ -39854,126 +44535,190 @@ ], "type": "object" }, - "AWS::CloudWatch::Alarm.Dimension": { + "AWS::CleanRooms::Collaboration.DataEncryptionMetadata": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the dimension, from 1\u2013255 characters in length. This dimension name must have been included when the metric was published.", - "title": "Name", - "type": "string" + "AllowCleartext": { + "markdownDescription": "Indicates whether encrypted tables can contain cleartext data ( `TRUE` ) or are to cryptographically process every column ( `FALSE` ).", + "title": "AllowCleartext", + "type": "boolean" }, - "Value": { - "markdownDescription": "The value for the dimension, from 1\u2013255 characters in length.", - "title": "Value", - "type": "string" + "AllowDuplicates": { + "markdownDescription": "Indicates whether Fingerprint columns can contain duplicate entries ( `TRUE` ) or are to contain only non-repeated values ( `FALSE` ).", + "title": "AllowDuplicates", + "type": "boolean" + }, + "AllowJoinsOnColumnsWithDifferentNames": { + "markdownDescription": "Indicates whether Fingerprint columns can be joined on any other Fingerprint column with a different name ( `TRUE` ) or can only be joined on Fingerprint columns of the same name ( `FALSE` ).", + "title": "AllowJoinsOnColumnsWithDifferentNames", + "type": "boolean" + }, + "PreserveNulls": { + "markdownDescription": "Indicates whether NULL values are to be copied as NULL to encrypted tables ( `TRUE` ) or cryptographically processed ( `FALSE` ).", + "title": "PreserveNulls", + "type": "boolean" } }, "required": [ - "Name", - "Value" + "AllowCleartext", + "AllowDuplicates", + "AllowJoinsOnColumnsWithDifferentNames", + "PreserveNulls" ], "type": "object" }, - "AWS::CloudWatch::Alarm.Metric": { + "AWS::CleanRooms::Collaboration.JobComputePaymentConfig": { "additionalProperties": false, "properties": { - "Dimensions": { + "IsResponsible": { + "markdownDescription": "Indicates whether the collaboration creator has configured the collaboration member to pay for query and job compute costs ( `TRUE` ) or has not configured the collaboration member to pay for query and job compute costs ( `FALSE` ).\n\nExactly one member can be configured to pay for query and job compute costs. An error is returned if the collaboration creator sets a `TRUE` value for more than one member in the collaboration.\n\nAn error is returned if the collaboration creator sets a `FALSE` value for the member who can run queries and jobs.", + "title": "IsResponsible", + "type": "boolean" + } + }, + "required": [ + "IsResponsible" + ], + "type": "object" + }, + "AWS::CleanRooms::Collaboration.MLMemberAbilities": { + "additionalProperties": false, + "properties": { + "CustomMLMemberAbilities": { "items": { - "$ref": "#/definitions/AWS::CloudWatch::Alarm.Dimension" + "type": "string" }, - "markdownDescription": "The metric dimensions that you want to be used for the metric that the alarm will watch.", - "title": "Dimensions", + "markdownDescription": "The custom ML member abilities for a collaboration member.", + "title": "CustomMLMemberAbilities", "type": "array" + } + }, + "required": [ + "CustomMLMemberAbilities" + ], + "type": "object" + }, + "AWS::CleanRooms::Collaboration.MLPaymentConfig": { + "additionalProperties": false, + "properties": { + "ModelInference": { + "$ref": "#/definitions/AWS::CleanRooms::Collaboration.ModelInferencePaymentConfig", + "markdownDescription": "The payment responsibilities accepted by the member for model inference.", + "title": "ModelInference" }, - "MetricName": { - "markdownDescription": "The name of the metric that you want the alarm to watch. This is a required field.", - "title": "MetricName", - "type": "string" - }, - "Namespace": { - "markdownDescription": "The namespace of the metric that the alarm will watch.", - "title": "Namespace", - "type": "string" + "ModelTraining": { + "$ref": "#/definitions/AWS::CleanRooms::Collaboration.ModelTrainingPaymentConfig", + "markdownDescription": "The payment responsibilities accepted by the member for model training.", + "title": "ModelTraining" } }, "type": "object" }, - "AWS::CloudWatch::Alarm.MetricDataQuery": { + "AWS::CleanRooms::Collaboration.MemberSpecification": { "additionalProperties": false, "properties": { "AccountId": { - "markdownDescription": "The ID of the account where the metrics are located, if this is a cross-account alarm.", + "markdownDescription": "The identifier used to reference members of the collaboration. Currently only supports AWS account ID.", "title": "AccountId", "type": "string" }, - "Expression": { - "markdownDescription": "The math expression to be performed on the returned data, if this object is performing a math expression. This expression can use the `Id` of the other metrics to refer to those metrics, and can also use the `Id` of other expressions to use the result of those expressions. For more information about metric math expressions, see [Metric Math Syntax and Functions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/using-metric-math.html#metric-math-syntax) in the *Amazon CloudWatch User Guide* .\n\nWithin each MetricDataQuery object, you must specify either `Expression` or `MetricStat` but not both.", - "title": "Expression", - "type": "string" - }, - "Id": { - "markdownDescription": "A short name used to tie this object to the results in the response. This name must be unique within a single call to `GetMetricData` . If you are performing math expressions on this set of data, this name represents that data and can serve as a variable in the mathematical expression. The valid characters are letters, numbers, and underscore. The first character must be a lowercase letter.", - "title": "Id", - "type": "string" - }, - "Label": { - "markdownDescription": "A human-readable label for this metric or expression. This is especially useful if this is an expression, so that you know what the value represents. If the metric or expression is shown in a CloudWatch dashboard widget, the label is shown. If `Label` is omitted, CloudWatch generates a default.", - "title": "Label", + "DisplayName": { + "markdownDescription": "The member's display name.", + "title": "DisplayName", "type": "string" }, - "MetricStat": { - "$ref": "#/definitions/AWS::CloudWatch::Alarm.MetricStat", - "markdownDescription": "The metric to be returned, along with statistics, period, and units. Use this parameter only if this object is retrieving a metric and not performing a math expression on returned data.\n\nWithin one MetricDataQuery object, you must specify either `Expression` or `MetricStat` but not both.", - "title": "MetricStat" + "MLMemberAbilities": { + "$ref": "#/definitions/AWS::CleanRooms::Collaboration.MLMemberAbilities", + "markdownDescription": "The ML abilities granted to the collaboration member.", + "title": "MLMemberAbilities" }, - "Period": { - "markdownDescription": "The granularity, in seconds, of the returned data points. For metrics with regular resolution, a period can be as short as one minute (60 seconds) and must be a multiple of 60. For high-resolution metrics that are collected at intervals of less than one minute, the period can be 1, 5, 10, 20, 30, 60, or any multiple of 60. High-resolution metrics are those metrics stored by a `PutMetricData` operation that includes a `StorageResolution of 1 second` .", - "title": "Period", - "type": "number" + "MemberAbilities": { + "items": { + "type": "string" + }, + "markdownDescription": "The abilities granted to the collaboration member.\n\n*Allowed Values* : `CAN_QUERY` | `CAN_RECEIVE_RESULTS`", + "title": "MemberAbilities", + "type": "array" }, - "ReturnData": { - "markdownDescription": "This option indicates whether to return the timestamps and raw data values of this metric.\n\nWhen you create an alarm based on a metric math expression, specify `True` for this value for only the one math expression that the alarm is based on. You must specify `False` for `ReturnData` for all the other metrics and expressions used in the alarm.\n\nThis field is required.", - "title": "ReturnData", + "PaymentConfiguration": { + "$ref": "#/definitions/AWS::CleanRooms::Collaboration.PaymentConfiguration", + "markdownDescription": "The collaboration member's payment responsibilities set by the collaboration creator.\n\nIf the collaboration creator hasn't speci\ufb01ed anyone as the member paying for query compute costs, then the member who can query is the default payer.", + "title": "PaymentConfiguration" + } + }, + "required": [ + "AccountId", + "DisplayName" + ], + "type": "object" + }, + "AWS::CleanRooms::Collaboration.ModelInferencePaymentConfig": { + "additionalProperties": false, + "properties": { + "IsResponsible": { + "markdownDescription": "Indicates whether the collaboration creator has configured the collaboration member to pay for model inference costs ( `TRUE` ) or has not configured the collaboration member to pay for model inference costs ( `FALSE` ).\n\nExactly one member can be configured to pay for model inference costs. An error is returned if the collaboration creator sets a `TRUE` value for more than one member in the collaboration.\n\nIf the collaboration creator hasn't specified anyone as the member paying for model inference costs, then the member who can query is the default payer. An error is returned if the collaboration creator sets a `FALSE` value for the member who can query.", + "title": "IsResponsible", "type": "boolean" } }, "required": [ - "Id" + "IsResponsible" ], "type": "object" }, - "AWS::CloudWatch::Alarm.MetricStat": { + "AWS::CleanRooms::Collaboration.ModelTrainingPaymentConfig": { "additionalProperties": false, "properties": { - "Metric": { - "$ref": "#/definitions/AWS::CloudWatch::Alarm.Metric", - "markdownDescription": "The metric to return, including the metric name, namespace, and dimensions.", - "title": "Metric" - }, - "Period": { - "markdownDescription": "The granularity, in seconds, of the returned data points. For metrics with regular resolution, a period can be as short as one minute (60 seconds) and must be a multiple of 60. For high-resolution metrics that are collected at intervals of less than one minute, the period can be 1, 5, 10, 20, 30, 60, or any multiple of 60. High-resolution metrics are those metrics stored by a `PutMetricData` call that includes a `StorageResolution` of 1 second.\n\nIf the `StartTime` parameter specifies a time stamp that is greater than 3 hours ago, you must specify the period as follows or no data points in that time range is returned:\n\n- Start time between 3 hours and 15 days ago - Use a multiple of 60 seconds (1 minute).\n- Start time between 15 and 63 days ago - Use a multiple of 300 seconds (5 minutes).\n- Start time greater than 63 days ago - Use a multiple of 3600 seconds (1 hour).", - "title": "Period", - "type": "number" + "IsResponsible": { + "markdownDescription": "Indicates whether the collaboration creator has configured the collaboration member to pay for model training costs ( `TRUE` ) or has not configured the collaboration member to pay for model training costs ( `FALSE` ).\n\nExactly one member can be configured to pay for model training costs. An error is returned if the collaboration creator sets a `TRUE` value for more than one member in the collaboration.\n\nIf the collaboration creator hasn't specified anyone as the member paying for model training costs, then the member who can query is the default payer. An error is returned if the collaboration creator sets a `FALSE` value for the member who can query.", + "title": "IsResponsible", + "type": "boolean" + } + }, + "required": [ + "IsResponsible" + ], + "type": "object" + }, + "AWS::CleanRooms::Collaboration.PaymentConfiguration": { + "additionalProperties": false, + "properties": { + "JobCompute": { + "$ref": "#/definitions/AWS::CleanRooms::Collaboration.JobComputePaymentConfig", + "markdownDescription": "The compute configuration for the job.", + "title": "JobCompute" }, - "Stat": { - "markdownDescription": "The statistic to return. It can include any CloudWatch statistic or extended statistic. For a list of valid values, see the table in [Statistics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html#Statistic) in the *Amazon CloudWatch User Guide* .", - "title": "Stat", - "type": "string" + "MachineLearning": { + "$ref": "#/definitions/AWS::CleanRooms::Collaboration.MLPaymentConfig", + "markdownDescription": "An object representing the collaboration member's machine learning payment responsibilities set by the collaboration creator.", + "title": "MachineLearning" }, - "Unit": { - "markdownDescription": "The unit to use for the returned data points.\n\nValid values are: Seconds, Microseconds, Milliseconds, Bytes, Kilobytes, Megabytes, Gigabytes, Terabytes, Bits, Kilobits, Megabits, Gigabits, Terabits, Percent, Count, Bytes/Second, Kilobytes/Second, Megabytes/Second, Gigabytes/Second, Terabytes/Second, Bits/Second, Kilobits/Second, Megabits/Second, Gigabits/Second, Terabits/Second, Count/Second, or None.", - "title": "Unit", - "type": "string" + "QueryCompute": { + "$ref": "#/definitions/AWS::CleanRooms::Collaboration.QueryComputePaymentConfig", + "markdownDescription": "The collaboration member's payment responsibilities set by the collaboration creator for query compute costs.", + "title": "QueryCompute" } }, "required": [ - "Metric", - "Period", - "Stat" + "QueryCompute" ], "type": "object" }, - "AWS::CloudWatch::AnomalyDetector": { + "AWS::CleanRooms::Collaboration.QueryComputePaymentConfig": { + "additionalProperties": false, + "properties": { + "IsResponsible": { + "markdownDescription": "Indicates whether the collaboration creator has configured the collaboration member to pay for query compute costs ( `TRUE` ) or has not configured the collaboration member to pay for query compute costs ( `FALSE` ).\n\nExactly one member can be configured to pay for query compute costs. An error is returned if the collaboration creator sets a `TRUE` value for more than one member in the collaboration.\n\nIf the collaboration creator hasn't specified anyone as the member paying for query compute costs, then the member who can query is the default payer. An error is returned if the collaboration creator sets a `FALSE` value for the member who can query.", + "title": "IsResponsible", + "type": "boolean" + } + }, + "required": [ + "IsResponsible" + ], + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTable": { "additionalProperties": false, "properties": { "Condition": { @@ -40008,55 +44753,70 @@ "Properties": { "additionalProperties": false, "properties": { - "Configuration": { - "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.Configuration", - "markdownDescription": "Specifies details about how the anomaly detection model is to be trained, including time ranges to exclude when training and updating the model. The configuration can also include the time zone to use for the metric.", - "title": "Configuration" - }, - "Dimensions": { + "AllowedColumns": { "items": { - "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.Dimension" + "type": "string" }, - "markdownDescription": "The dimensions of the metric associated with the anomaly detection band.", - "title": "Dimensions", + "markdownDescription": "The columns within the underlying AWS Glue table that can be utilized within collaborations.", + "title": "AllowedColumns", "type": "array" }, - "MetricCharacteristics": { - "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.MetricCharacteristics", - "markdownDescription": "Use this object to include parameters to provide information about your metric to CloudWatch to help it build more accurate anomaly detection models. Currently, it includes the `PeriodicSpikes` parameter.", - "title": "MetricCharacteristics" + "AnalysisMethod": { + "markdownDescription": "The analysis method for the configured table.\n\n`DIRECT_QUERY` allows SQL queries to be run directly on this table.\n\n`DIRECT_JOB` allows PySpark jobs to be run directly on this table.\n\n`MULTIPLE` allows both SQL queries and PySpark jobs to be run directly on this table.", + "title": "AnalysisMethod", + "type": "string" }, - "MetricMathAnomalyDetector": { - "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.MetricMathAnomalyDetector", - "markdownDescription": "The CloudWatch metric math expression for this anomaly detector.", - "title": "MetricMathAnomalyDetector" + "AnalysisRules": { + "items": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AnalysisRule" + }, + "markdownDescription": "The analysis rule that was created for the configured table.", + "title": "AnalysisRules", + "type": "array" }, - "MetricName": { - "markdownDescription": "The name of the metric associated with the anomaly detection band.", - "title": "MetricName", + "Description": { + "markdownDescription": "A description for the configured table.", + "title": "Description", "type": "string" }, - "Namespace": { - "markdownDescription": "The namespace of the metric associated with the anomaly detection band.", - "title": "Namespace", + "Name": { + "markdownDescription": "A name for the configured table.", + "title": "Name", "type": "string" }, - "SingleMetricAnomalyDetector": { - "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.SingleMetricAnomalyDetector", - "markdownDescription": "The CloudWatch metric and statistic for this anomaly detector.", - "title": "SingleMetricAnomalyDetector" + "SelectedAnalysisMethods": { + "items": { + "type": "string" + }, + "markdownDescription": "The selected analysis methods for the configured table.", + "title": "SelectedAnalysisMethods", + "type": "array" }, - "Stat": { - "markdownDescription": "The statistic of the metric associated with the anomaly detection band.", - "title": "Stat", - "type": "string" + "TableReference": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.TableReference", + "markdownDescription": "The table that this configured table represents.", + "title": "TableReference" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", + "title": "Tags", + "type": "array" } }, + "required": [ + "AllowedColumns", + "AnalysisMethod", + "Name", + "TableReference" + ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudWatch::AnomalyDetector" + "AWS::CleanRooms::ConfiguredTable" ], "type": "string" }, @@ -40070,237 +44830,453 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::CloudWatch::AnomalyDetector.Configuration": { + "AWS::CleanRooms::ConfiguredTable.AggregateColumn": { "additionalProperties": false, "properties": { - "ExcludedTimeRanges": { + "ColumnNames": { "items": { - "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.Range" + "type": "string" }, - "markdownDescription": "Specifies an array of time ranges to exclude from use when the anomaly detection model is trained and updated. Use this to make sure that events that could cause unusual values for the metric, such as deployments, aren't used when CloudWatch creates or updates the model.", - "title": "ExcludedTimeRanges", + "markdownDescription": "Column names in configured table of aggregate columns.", + "title": "ColumnNames", "type": "array" }, - "MetricTimeZone": { - "markdownDescription": "The time zone to use for the metric. This is useful to enable the model to automatically account for daylight savings time changes if the metric is sensitive to such time changes.\n\nTo specify a time zone, use the name of the time zone as specified in the standard tz database. For more information, see [tz database](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Tz_database) .", - "title": "MetricTimeZone", + "Function": { + "markdownDescription": "Aggregation function that can be applied to aggregate column in query.", + "title": "Function", "type": "string" } }, + "required": [ + "ColumnNames", + "Function" + ], "type": "object" }, - "AWS::CloudWatch::AnomalyDetector.Dimension": { + "AWS::CleanRooms::ConfiguredTable.AggregationConstraint": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the dimension.", - "title": "Name", + "ColumnName": { + "markdownDescription": "Column in aggregation constraint for which there must be a minimum number of distinct values in an output row for it to be in the query output.", + "title": "ColumnName", "type": "string" }, - "Value": { - "markdownDescription": "The value of the dimension. Dimension values must contain only ASCII characters and must include at least one non-whitespace character. ASCII control characters are not supported as part of dimension values.", - "title": "Value", + "Minimum": { + "markdownDescription": "The minimum number of distinct values that an output row must be an aggregation of. Minimum threshold of distinct values for a specified column that must exist in an output row for it to be in the query output.", + "title": "Minimum", + "type": "number" + }, + "Type": { + "markdownDescription": "The type of aggregation the constraint allows. The only valid value is currently `COUNT_DISTINCT`.", + "title": "Type", "type": "string" } }, "required": [ - "Name", - "Value" + "ColumnName", + "Minimum", + "Type" ], "type": "object" }, - "AWS::CloudWatch::AnomalyDetector.Metric": { + "AWS::CleanRooms::ConfiguredTable.AnalysisRule": { "additionalProperties": false, "properties": { - "Dimensions": { - "items": { - "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.Dimension" - }, - "markdownDescription": "The dimensions for the metric.", - "title": "Dimensions", - "type": "array" - }, - "MetricName": { - "markdownDescription": "The name of the metric. This is a required field.", - "title": "MetricName", - "type": "string" + "Policy": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.ConfiguredTableAnalysisRulePolicy", + "markdownDescription": "A policy that describes the associated data usage limitations.", + "title": "Policy" }, - "Namespace": { - "markdownDescription": "The namespace of the metric.", - "title": "Namespace", + "Type": { + "markdownDescription": "The type of analysis rule.", + "title": "Type", "type": "string" } }, "required": [ - "MetricName", - "Namespace" + "Policy", + "Type" ], "type": "object" }, - "AWS::CloudWatch::AnomalyDetector.MetricCharacteristics": { - "additionalProperties": false, - "properties": { - "PeriodicSpikes": { - "markdownDescription": "Set this parameter to true if values for this metric consistently include spikes that should not be considered to be anomalies. With this set to true, CloudWatch will expect to see spikes that occurred consistently during the model training period, and won't flag future similar spikes as anomalies.", - "title": "PeriodicSpikes", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::CloudWatch::AnomalyDetector.MetricDataQueries": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::CloudWatch::AnomalyDetector.MetricDataQuery": { + "AWS::CleanRooms::ConfiguredTable.AnalysisRuleAggregation": { "additionalProperties": false, "properties": { - "AccountId": { - "markdownDescription": "The ID of the account where the metrics are located.\n\nIf you are performing a `GetMetricData` operation in a monitoring account, use this to specify which account to retrieve this metric from.\n\nIf you are performing a `PutMetricAlarm` operation, use this to specify which account contains the metric that the alarm is watching.", - "title": "AccountId", + "AdditionalAnalyses": { + "markdownDescription": "An indicator as to whether additional analyses (such as AWS Clean Rooms ML) can be applied to the output of the direct query.\n\nThe `additionalAnalyses` parameter is currently supported for the list analysis rule ( `AnalysisRuleList` ) and the custom analysis rule ( `AnalysisRuleCustom` ).", + "title": "AdditionalAnalyses", "type": "string" }, - "Expression": { - "markdownDescription": "This field can contain either a Metrics Insights query, or a metric math expression to be performed on the returned data. For more information about Metrics Insights queries, see [Metrics Insights query components and syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch-metrics-insights-querylanguage) in the *Amazon CloudWatch User Guide* .\n\nA math expression can use the `Id` of the other metrics or queries to refer to those metrics, and can also use the `Id` of other expressions to use the result of those expressions. For more information about metric math expressions, see [Metric Math Syntax and Functions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/using-metric-math.html#metric-math-syntax) in the *Amazon CloudWatch User Guide* .\n\nWithin each MetricDataQuery object, you must specify either `Expression` or `MetricStat` but not both.", - "title": "Expression", - "type": "string" + "AggregateColumns": { + "items": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AggregateColumn" + }, + "markdownDescription": "The columns that query runners are allowed to use in aggregation queries.", + "title": "AggregateColumns", + "type": "array" }, - "Id": { - "markdownDescription": "A short name used to tie this object to the results in the response. This name must be unique within a single call to `GetMetricData` . If you are performing math expressions on this set of data, this name represents that data and can serve as a variable in the mathematical expression. The valid characters are letters, numbers, and underscore. The first character must be a lowercase letter.", - "title": "Id", - "type": "string" + "AllowedJoinOperators": { + "items": { + "type": "string" + }, + "markdownDescription": "Which logical operators (if any) are to be used in an INNER JOIN match condition. Default is `AND` .", + "title": "AllowedJoinOperators", + "type": "array" }, - "Label": { - "markdownDescription": "A human-readable label for this metric or expression. This is especially useful if this is an expression, so that you know what the value represents. If the metric or expression is shown in a CloudWatch dashboard widget, the label is shown. If Label is omitted, CloudWatch generates a default.\n\nYou can put dynamic expressions into a label, so that it is more descriptive. For more information, see [Using Dynamic Labels](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/graph-dynamic-labels.html) .", - "title": "Label", - "type": "string" + "DimensionColumns": { + "items": { + "type": "string" + }, + "markdownDescription": "The columns that query runners are allowed to select, group by, or filter by.", + "title": "DimensionColumns", + "type": "array" }, - "MetricStat": { - "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.MetricStat", - "markdownDescription": "The metric to be returned, along with statistics, period, and units. Use this parameter only if this object is retrieving a metric and not performing a math expression on returned data.\n\nWithin one MetricDataQuery object, you must specify either `Expression` or `MetricStat` but not both.", - "title": "MetricStat" + "JoinColumns": { + "items": { + "type": "string" + }, + "markdownDescription": "Columns in configured table that can be used in join statements and/or as aggregate columns. They can never be outputted directly.", + "title": "JoinColumns", + "type": "array" }, - "Period": { - "markdownDescription": "The granularity, in seconds, of the returned data points. For metrics with regular resolution, a period can be as short as one minute (60 seconds) and must be a multiple of 60. For high-resolution metrics that are collected at intervals of less than one minute, the period can be 1, 5, 10, 20, 30, 60, or any multiple of 60. High-resolution metrics are those metrics stored by a `PutMetricData` operation that includes a `StorageResolution of 1 second` .", - "title": "Period", - "type": "number" + "JoinRequired": { + "markdownDescription": "Control that requires member who runs query to do a join with their configured table and/or other configured table in query.", + "title": "JoinRequired", + "type": "string" }, - "ReturnData": { - "markdownDescription": "When used in `GetMetricData` , this option indicates whether to return the timestamps and raw data values of this metric. If you are performing this call just to do math expressions and do not also need the raw data returned, you can specify `false` . If you omit this, the default of `true` is used.\n\nWhen used in `PutMetricAlarm` , specify `true` for the one expression result to use as the alarm. For all other metrics and expressions in the same `PutMetricAlarm` operation, specify `ReturnData` as False.", - "title": "ReturnData", - "type": "boolean" + "OutputConstraints": { + "items": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AggregationConstraint" + }, + "markdownDescription": "Columns that must meet a specific threshold value (after an aggregation function is applied to it) for each output row to be returned.", + "title": "OutputConstraints", + "type": "array" + }, + "ScalarFunctions": { + "items": { + "type": "string" + }, + "markdownDescription": "Set of scalar functions that are allowed to be used on dimension columns and the output of aggregation of metrics.", + "title": "ScalarFunctions", + "type": "array" } }, "required": [ - "Id" + "AggregateColumns", + "DimensionColumns", + "JoinColumns", + "OutputConstraints", + "ScalarFunctions" ], "type": "object" }, - "AWS::CloudWatch::AnomalyDetector.MetricMathAnomalyDetector": { + "AWS::CleanRooms::ConfiguredTable.AnalysisRuleCustom": { "additionalProperties": false, "properties": { - "MetricDataQueries": { + "AdditionalAnalyses": { + "markdownDescription": "An indicator as to whether additional analyses (such as AWS Clean Rooms ML) can be applied to the output of the direct query.", + "title": "AdditionalAnalyses", + "type": "string" + }, + "AllowedAnalyses": { "items": { - "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.MetricDataQuery" + "type": "string" }, - "markdownDescription": "An array of metric data query structures that enables you to create an anomaly detector based on the result of a metric math expression. Each item in `MetricDataQueries` gets a metric or performs a math expression. One item in `MetricDataQueries` is the expression that provides the time series that the anomaly detector uses as input. Designate the expression by setting `ReturnData` to `true` for this object in the array. For all other expressions and metrics, set `ReturnData` to `false` . The designated expression must return a single time series.", - "title": "MetricDataQueries", + "markdownDescription": "The ARN of the analysis templates that are allowed by the custom analysis rule.", + "title": "AllowedAnalyses", "type": "array" - } - }, - "type": "object" - }, - "AWS::CloudWatch::AnomalyDetector.MetricStat": { - "additionalProperties": false, - "properties": { - "Metric": { - "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.Metric", - "markdownDescription": "The metric to return, including the metric name, namespace, and dimensions.", - "title": "Metric" }, - "Period": { - "markdownDescription": "The granularity, in seconds, of the returned data points. For metrics with regular resolution, a period can be as short as one minute (60 seconds) and must be a multiple of 60. For high-resolution metrics that are collected at intervals of less than one minute, the period can be 1, 5, 10, 20, 30, 60, or any multiple of 60. High-resolution metrics are those metrics stored by a `PutMetricData` call that includes a `StorageResolution` of 1 second.\n\nIf the `StartTime` parameter specifies a time stamp that is greater than 3 hours ago, you must specify the period as follows or no data points in that time range is returned:\n\n- Start time between 3 hours and 15 days ago - Use a multiple of 60 seconds (1 minute).\n- Start time between 15 and 63 days ago - Use a multiple of 300 seconds (5 minutes).\n- Start time greater than 63 days ago - Use a multiple of 3600 seconds (1 hour).", - "title": "Period", - "type": "number" + "AllowedAnalysisProviders": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the AWS accounts that are allowed to query by the custom analysis rule. Required when `allowedAnalyses` is `ANY_QUERY` .", + "title": "AllowedAnalysisProviders", + "type": "array" }, - "Stat": { - "markdownDescription": "The statistic to return. It can include any CloudWatch statistic or extended statistic.", - "title": "Stat", - "type": "string" + "DifferentialPrivacy": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.DifferentialPrivacy", + "markdownDescription": "The differential privacy configuration.", + "title": "DifferentialPrivacy" }, - "Unit": { - "markdownDescription": "When you are using a `Put` operation, this defines what unit you want to use when storing the metric.\n\nIn a `Get` operation, if you omit `Unit` then all data that was collected with any unit is returned, along with the corresponding units that were specified when the data was reported to CloudWatch. If you specify a unit, the operation returns only data that was collected with that unit specified. If you specify a unit that does not match the data collected, the results of the operation are null. CloudWatch does not perform unit conversions.", - "title": "Unit", + "DisallowedOutputColumns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of columns that aren't allowed to be shown in the query output.", + "title": "DisallowedOutputColumns", + "type": "array" + } + }, + "required": [ + "AllowedAnalyses" + ], + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTable.AnalysisRuleList": { + "additionalProperties": false, + "properties": { + "AdditionalAnalyses": { + "markdownDescription": "An indicator as to whether additional analyses (such as AWS Clean Rooms ML) can be applied to the output of the direct query.", + "title": "AdditionalAnalyses", "type": "string" + }, + "AllowedJoinOperators": { + "items": { + "type": "string" + }, + "markdownDescription": "The logical operators (if any) that are to be used in an INNER JOIN match condition. Default is `AND` .", + "title": "AllowedJoinOperators", + "type": "array" + }, + "JoinColumns": { + "items": { + "type": "string" + }, + "markdownDescription": "Columns that can be used to join a configured table with the table of the member who can query and other members' configured tables.", + "title": "JoinColumns", + "type": "array" + }, + "ListColumns": { + "items": { + "type": "string" + }, + "markdownDescription": "Columns that can be listed in the output.", + "title": "ListColumns", + "type": "array" } }, "required": [ - "Metric", - "Period", - "Stat" + "JoinColumns", + "ListColumns" ], "type": "object" }, - "AWS::CloudWatch::AnomalyDetector.Range": { + "AWS::CleanRooms::ConfiguredTable.AthenaTableReference": { "additionalProperties": false, "properties": { - "EndTime": { - "markdownDescription": "The end time of the range to exclude. The format is `yyyy-MM-dd'T'HH:mm:ss` . For example, `2019-07-01T23:59:59` .", - "title": "EndTime", + "DatabaseName": { + "markdownDescription": "The database name.", + "title": "DatabaseName", "type": "string" }, - "StartTime": { - "markdownDescription": "The start time of the range to exclude. The format is `yyyy-MM-dd'T'HH:mm:ss` . For example, `2019-07-01T23:59:59` .", - "title": "StartTime", + "OutputLocation": { + "markdownDescription": "The output location for the Athena table.", + "title": "OutputLocation", + "type": "string" + }, + "TableName": { + "markdownDescription": "The table reference.", + "title": "TableName", + "type": "string" + }, + "WorkGroup": { + "markdownDescription": "The workgroup of the Athena table reference.", + "title": "WorkGroup", "type": "string" } }, "required": [ - "EndTime", - "StartTime" + "DatabaseName", + "TableName", + "WorkGroup" ], "type": "object" }, - "AWS::CloudWatch::AnomalyDetector.SingleMetricAnomalyDetector": { + "AWS::CleanRooms::ConfiguredTable.ConfiguredTableAnalysisRulePolicy": { "additionalProperties": false, "properties": { - "AccountId": { - "markdownDescription": "If the CloudWatch metric that provides the time series that the anomaly detector uses as input is in another account, specify that account ID here. If you omit this parameter, the current account is used.", - "title": "AccountId", - "type": "string" + "V1": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.ConfiguredTableAnalysisRulePolicyV1", + "markdownDescription": "Controls on the query specifications that can be run on a configured table.", + "title": "V1" + } + }, + "required": [ + "V1" + ], + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTable.ConfiguredTableAnalysisRulePolicyV1": { + "additionalProperties": false, + "properties": { + "Aggregation": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AnalysisRuleAggregation", + "markdownDescription": "Analysis rule type that enables only aggregation queries on a configured table.", + "title": "Aggregation" }, - "Dimensions": { + "Custom": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AnalysisRuleCustom", + "markdownDescription": "Analysis rule type that enables custom SQL queries on a configured table.", + "title": "Custom" + }, + "List": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AnalysisRuleList", + "markdownDescription": "Analysis rule type that enables only list queries on a configured table.", + "title": "List" + } + }, + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTable.DifferentialPrivacy": { + "additionalProperties": false, + "properties": { + "Columns": { "items": { - "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.Dimension" + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.DifferentialPrivacyColumn" }, - "markdownDescription": "The metric dimensions to create the anomaly detection model for.", - "title": "Dimensions", + "markdownDescription": "The name of the column, such as user_id, that contains the unique identifier of your users, whose privacy you want to protect. If you want to turn on differential privacy for two or more tables in a collaboration, you must configure the same column as the user identifier column in both analysis rules.", + "title": "Columns", "type": "array" + } + }, + "required": [ + "Columns" + ], + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTable.DifferentialPrivacyColumn": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the column, such as user_id, that contains the unique identifier of your users, whose privacy you want to protect. If you want to turn on differential privacy for two or more tables in a collaboration, you must configure the same column as the user identifier column in both analysis rules.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTable.GlueTableReference": { + "additionalProperties": false, + "properties": { + "DatabaseName": { + "markdownDescription": "The name of the database the AWS Glue table belongs to.", + "title": "DatabaseName", + "type": "string" }, - "MetricName": { - "markdownDescription": "The name of the metric to create the anomaly detection model for.", - "title": "MetricName", + "TableName": { + "markdownDescription": "The name of the AWS Glue table.", + "title": "TableName", + "type": "string" + } + }, + "required": [ + "DatabaseName", + "TableName" + ], + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTable.SnowflakeTableReference": { + "additionalProperties": false, + "properties": { + "AccountIdentifier": { + "markdownDescription": "The account identifier for the Snowflake table reference.", + "title": "AccountIdentifier", "type": "string" }, - "Namespace": { - "markdownDescription": "The namespace of the metric to create the anomaly detection model for.", - "title": "Namespace", + "DatabaseName": { + "markdownDescription": "The name of the database the Snowflake table belongs to.", + "title": "DatabaseName", "type": "string" }, - "Stat": { - "markdownDescription": "The statistic to use for the metric and anomaly detection model.", - "title": "Stat", + "SchemaName": { + "markdownDescription": "The schema name of the Snowflake table reference.", + "title": "SchemaName", + "type": "string" + }, + "SecretArn": { + "markdownDescription": "The secret ARN of the Snowflake table reference.", + "title": "SecretArn", + "type": "string" + }, + "TableName": { + "markdownDescription": "The name of the Snowflake table.", + "title": "TableName", "type": "string" + }, + "TableSchema": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.SnowflakeTableSchema", + "markdownDescription": "The schema of the Snowflake table.", + "title": "TableSchema" } }, + "required": [ + "AccountIdentifier", + "DatabaseName", + "SchemaName", + "SecretArn", + "TableName", + "TableSchema" + ], "type": "object" }, - "AWS::CloudWatch::CompositeAlarm": { + "AWS::CleanRooms::ConfiguredTable.SnowflakeTableSchema": { + "additionalProperties": false, + "properties": { + "V1": { + "items": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.SnowflakeTableSchemaV1" + }, + "markdownDescription": "The schema of a Snowflake table.", + "title": "V1", + "type": "array" + } + }, + "required": [ + "V1" + ], + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTable.SnowflakeTableSchemaV1": { + "additionalProperties": false, + "properties": { + "ColumnName": { + "markdownDescription": "The column name.", + "title": "ColumnName", + "type": "string" + }, + "ColumnType": { + "markdownDescription": "The column's data type. Supported data types: `ARRAY` , `BIGINT` , `BOOLEAN` , `CHAR` , `DATE` , `DECIMAL` , `DOUBLE` , `DOUBLE PRECISION` , `FLOAT` , `FLOAT4` , `INT` , `INTEGER` , `MAP` , `NUMERIC` , `NUMBER` , `REAL` , `SMALLINT` , `STRING` , `TIMESTAMP` , `TIMESTAMP_LTZ` , `TIMESTAMP_NTZ` , `DATETIME` , `TINYINT` , `VARCHAR` , `TEXT` , `CHARACTER` .", + "title": "ColumnType", + "type": "string" + } + }, + "required": [ + "ColumnName", + "ColumnType" + ], + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTable.TableReference": { + "additionalProperties": false, + "properties": { + "Athena": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AthenaTableReference", + "markdownDescription": "If present, a reference to the Athena table referred to by this table reference.", + "title": "Athena" + }, + "Glue": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.GlueTableReference", + "markdownDescription": "If present, a reference to the AWS Glue table referred to by this table reference.", + "title": "Glue" + }, + "Snowflake": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.SnowflakeTableReference", + "markdownDescription": "If present, a reference to the Snowflake table referred to by this table reference.", + "title": "Snowflake" + } + }, + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTableAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -40335,82 +45311,59 @@ "Properties": { "additionalProperties": false, "properties": { - "ActionsEnabled": { - "markdownDescription": "Indicates whether actions should be executed during any changes to the alarm state of the composite alarm. The default is TRUE.", - "title": "ActionsEnabled", - "type": "boolean" - }, - "ActionsSuppressor": { - "markdownDescription": "Actions will be suppressed if the suppressor alarm is in the `ALARM` state. `ActionsSuppressor` can be an AlarmName or an Amazon Resource Name (ARN) from an existing alarm.", - "title": "ActionsSuppressor", - "type": "string" - }, - "ActionsSuppressorExtensionPeriod": { - "markdownDescription": "The maximum time in seconds that the composite alarm waits after suppressor alarm goes out of the `ALARM` state. After this time, the composite alarm performs its actions.\n\n> `ExtensionPeriod` is required only when `ActionsSuppressor` is specified.", - "title": "ActionsSuppressorExtensionPeriod", - "type": "number" - }, - "ActionsSuppressorWaitPeriod": { - "markdownDescription": "The maximum time in seconds that the composite alarm waits for the suppressor alarm to go into the `ALARM` state. After this time, the composite alarm performs its actions.\n\n> `WaitPeriod` is required only when `ActionsSuppressor` is specified.", - "title": "ActionsSuppressorWaitPeriod", - "type": "number" - }, - "AlarmActions": { + "ConfiguredTableAssociationAnalysisRules": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTableAssociation.ConfiguredTableAssociationAnalysisRule" }, - "markdownDescription": "The actions to execute when this alarm transitions to the ALARM state from any other state. Each action is specified as an Amazon Resource Name (ARN). For more information about creating alarms and the actions that you can specify, see [PutCompositeAlarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutCompositeAlarm.html) in the *Amazon CloudWatch API Reference* .", - "title": "AlarmActions", + "markdownDescription": "An analysis rule for a configured table association. This analysis rule specifies how data from the table can be used within its associated collaboration. In the console, the `ConfiguredTableAssociationAnalysisRule` is referred to as the *collaboration analysis rule* .", + "title": "ConfiguredTableAssociationAnalysisRules", "type": "array" }, - "AlarmDescription": { - "markdownDescription": "The description for the composite alarm.", - "title": "AlarmDescription", + "ConfiguredTableIdentifier": { + "markdownDescription": "A unique identifier for the configured table to be associated to. Currently accepts a configured table ID.", + "title": "ConfiguredTableIdentifier", "type": "string" }, - "AlarmName": { - "markdownDescription": "The name for the composite alarm. This name must be unique within your AWS account.", - "title": "AlarmName", + "Description": { + "markdownDescription": "A description of the configured table association.", + "title": "Description", "type": "string" }, - "AlarmRule": { - "markdownDescription": "An expression that specifies which other alarms are to be evaluated to determine this composite alarm's state. For each alarm that you reference, you designate a function that specifies whether that alarm needs to be in ALARM state, OK state, or INSUFFICIENT_DATA state. You can use operators (AND, OR and NOT) to combine multiple functions in a single expression. You can use parenthesis to logically group the functions in your expression.\n\nYou can use either alarm names or ARNs to reference the other alarms that are to be evaluated.\n\nFunctions can include the following:\n\n- ALARM(\"alarm-name or alarm-ARN\") is TRUE if the named alarm is in ALARM state.\n- OK(\"alarm-name or alarm-ARN\") is TRUE if the named alarm is in OK state.\n- INSUFFICIENT_DATA(\"alarm-name or alarm-ARN\") is TRUE if the named alarm is in INSUFFICIENT_DATA state.\n- TRUE always evaluates to TRUE.\n- FALSE always evaluates to FALSE.\n\nTRUE and FALSE are useful for testing a complex AlarmRule structure, and for testing your alarm actions.\n\nFor more information about `AlarmRule` syntax, see [PutCompositeAlarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutCompositeAlarm.html) in the *Amazon CloudWatch API Reference* .", - "title": "AlarmRule", + "MembershipIdentifier": { + "markdownDescription": "The unique ID for the membership this configured table association belongs to.", + "title": "MembershipIdentifier", "type": "string" }, - "InsufficientDataActions": { - "items": { - "type": "string" - }, - "markdownDescription": "The actions to execute when this alarm transitions to the INSUFFICIENT_DATA state from any other state. Each action is specified as an Amazon Resource Name (ARN). For more information about creating alarms and the actions that you can specify, see [PutCompositeAlarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutCompositeAlarm.html) in the *Amazon CloudWatch API Reference* .", - "title": "InsufficientDataActions", - "type": "array" + "Name": { + "markdownDescription": "The name of the configured table association, in lowercase. The table is identified by this name when running protected queries against the underlying data.", + "title": "Name", + "type": "string" }, - "OKActions": { - "items": { - "type": "string" - }, - "markdownDescription": "The actions to execute when this alarm transitions to the OK state from any other state. Each action is specified as an Amazon Resource Name (ARN). For more information about creating alarms and the actions that you can specify, see [PutCompositeAlarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutCompositeAlarm.html) in the *Amazon CloudWatch API Reference* .", - "title": "OKActions", - "type": "array" + "RoleArn": { + "markdownDescription": "The service will assume this role to access catalog metadata and query the table.", + "title": "RoleArn", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of key-value pairs to associate with the alarm. You can associate as many as 50 tags with an alarm. To be able to associate tags with the alarm when you create the alarm, you must have the `cloudwatch:TagResource` permission.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.", + "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", "title": "Tags", "type": "array" } }, "required": [ - "AlarmRule" + "ConfiguredTableIdentifier", + "MembershipIdentifier", + "Name", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudWatch::CompositeAlarm" + "AWS::CleanRooms::ConfiguredTableAssociation" ], "type": "string" }, @@ -40429,7 +45382,128 @@ ], "type": "object" }, - "AWS::CloudWatch::Dashboard": { + "AWS::CleanRooms::ConfiguredTableAssociation.ConfiguredTableAssociationAnalysisRule": { + "additionalProperties": false, + "properties": { + "Policy": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTableAssociation.ConfiguredTableAssociationAnalysisRulePolicy", + "markdownDescription": "The policy of the configured table association analysis rule.", + "title": "Policy" + }, + "Type": { + "markdownDescription": "The type of the configured table association analysis rule.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Policy", + "Type" + ], + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTableAssociation.ConfiguredTableAssociationAnalysisRuleAggregation": { + "additionalProperties": false, + "properties": { + "AllowedAdditionalAnalyses": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of resources or wildcards (ARNs) that are allowed to perform additional analysis on query output.\n\nThe `allowedAdditionalAnalyses` parameter is currently supported for the list analysis rule ( `AnalysisRuleList` ) and the custom analysis rule ( `AnalysisRuleCustom` ).", + "title": "AllowedAdditionalAnalyses", + "type": "array" + }, + "AllowedResultReceivers": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of collaboration members who are allowed to receive results of queries run with this configured table.", + "title": "AllowedResultReceivers", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTableAssociation.ConfiguredTableAssociationAnalysisRuleCustom": { + "additionalProperties": false, + "properties": { + "AllowedAdditionalAnalyses": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of resources or wildcards (ARNs) that are allowed to perform additional analysis on query output.", + "title": "AllowedAdditionalAnalyses", + "type": "array" + }, + "AllowedResultReceivers": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of collaboration members who are allowed to receive results of queries run with this configured table.", + "title": "AllowedResultReceivers", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTableAssociation.ConfiguredTableAssociationAnalysisRuleList": { + "additionalProperties": false, + "properties": { + "AllowedAdditionalAnalyses": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of resources or wildcards (ARNs) that are allowed to perform additional analysis on query output.", + "title": "AllowedAdditionalAnalyses", + "type": "array" + }, + "AllowedResultReceivers": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of collaboration members who are allowed to receive results of queries run with this configured table.", + "title": "AllowedResultReceivers", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTableAssociation.ConfiguredTableAssociationAnalysisRulePolicy": { + "additionalProperties": false, + "properties": { + "V1": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTableAssociation.ConfiguredTableAssociationAnalysisRulePolicyV1", + "markdownDescription": "The policy for the configured table association analysis rule.", + "title": "V1" + } + }, + "required": [ + "V1" + ], + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTableAssociation.ConfiguredTableAssociationAnalysisRulePolicyV1": { + "additionalProperties": false, + "properties": { + "Aggregation": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTableAssociation.ConfiguredTableAssociationAnalysisRuleAggregation", + "markdownDescription": "Analysis rule type that enables only aggregation queries on a configured table.", + "title": "Aggregation" + }, + "Custom": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTableAssociation.ConfiguredTableAssociationAnalysisRuleCustom", + "markdownDescription": "Analysis rule type that enables the table owner to approve custom SQL queries on their configured tables. It supports differential privacy.", + "title": "Custom" + }, + "List": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTableAssociation.ConfiguredTableAssociationAnalysisRuleList", + "markdownDescription": "Analysis rule type that enables only list queries on a configured table.", + "title": "List" + } + }, + "type": "object" + }, + "AWS::CleanRooms::IdMappingTable": { "additionalProperties": false, "properties": { "Condition": { @@ -40464,25 +45538,50 @@ "Properties": { "additionalProperties": false, "properties": { - "DashboardBody": { - "markdownDescription": "The detailed information about the dashboard in JSON format, including the widgets to include and their location on the dashboard. This parameter is required.\n\nFor more information about the syntax, see [Dashboard Body Structure and Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/CloudWatch-Dashboard-Body-Structure.html) .", - "title": "DashboardBody", + "Description": { + "markdownDescription": "The description of the ID mapping table.", + "title": "Description", "type": "string" }, - "DashboardName": { - "markdownDescription": "The name of the dashboard. The name must be between 1 and 255 characters. If you do not specify a name, one will be generated automatically.", - "title": "DashboardName", + "InputReferenceConfig": { + "$ref": "#/definitions/AWS::CleanRooms::IdMappingTable.IdMappingTableInputReferenceConfig", + "markdownDescription": "The input reference configuration for the ID mapping table.", + "title": "InputReferenceConfig" + }, + "KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key.", + "title": "KmsKeyArn", + "type": "string" + }, + "MembershipIdentifier": { + "markdownDescription": "The unique identifier of the membership resource for the ID mapping table.", + "title": "MembershipIdentifier", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the ID mapping table.", + "title": "Name", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", + "title": "Tags", + "type": "array" } }, "required": [ - "DashboardBody" + "InputReferenceConfig", + "MembershipIdentifier", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudWatch::Dashboard" + "AWS::CleanRooms::IdMappingTable" ], "type": "string" }, @@ -40501,7 +45600,64 @@ ], "type": "object" }, - "AWS::CloudWatch::InsightRule": { + "AWS::CleanRooms::IdMappingTable.IdMappingTableInputReferenceConfig": { + "additionalProperties": false, + "properties": { + "InputReferenceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the referenced resource in AWS Entity Resolution . Valid values are ID mapping workflow ARNs.", + "title": "InputReferenceArn", + "type": "string" + }, + "ManageResourcePolicies": { + "markdownDescription": "When `TRUE` , AWS Clean Rooms manages permissions for the ID mapping table resource.\n\nWhen `FALSE` , the resource owner manages permissions for the ID mapping table resource.", + "title": "ManageResourcePolicies", + "type": "boolean" + } + }, + "required": [ + "InputReferenceArn", + "ManageResourcePolicies" + ], + "type": "object" + }, + "AWS::CleanRooms::IdMappingTable.IdMappingTableInputReferenceProperties": { + "additionalProperties": false, + "properties": { + "IdMappingTableInputSource": { + "items": { + "$ref": "#/definitions/AWS::CleanRooms::IdMappingTable.IdMappingTableInputSource" + }, + "markdownDescription": "The input source of the ID mapping table.", + "title": "IdMappingTableInputSource", + "type": "array" + } + }, + "required": [ + "IdMappingTableInputSource" + ], + "type": "object" + }, + "AWS::CleanRooms::IdMappingTable.IdMappingTableInputSource": { + "additionalProperties": false, + "properties": { + "IdNamespaceAssociationId": { + "markdownDescription": "The unique identifier of the ID namespace association.", + "title": "IdNamespaceAssociationId", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the input source of the ID mapping table.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "IdNamespaceAssociationId", + "Type" + ], + "type": "object" + }, + "AWS::CleanRooms::IdNamespaceAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -40536,37 +45692,50 @@ "Properties": { "additionalProperties": false, "properties": { - "RuleBody": { - "markdownDescription": "The definition of the rule, as a JSON object. For details about the syntax, see [Contributor Insights Rule Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/ContributorInsights-RuleSyntax.html) in the *Amazon CloudWatch User Guide* .", - "title": "RuleBody", + "Description": { + "markdownDescription": "The description of the ID namespace association.", + "title": "Description", "type": "string" }, - "RuleName": { - "markdownDescription": "The name of the rule.", - "title": "RuleName", + "IdMappingConfig": { + "$ref": "#/definitions/AWS::CleanRooms::IdNamespaceAssociation.IdMappingConfig", + "markdownDescription": "The configuration settings for the ID mapping table.", + "title": "IdMappingConfig" + }, + "InputReferenceConfig": { + "$ref": "#/definitions/AWS::CleanRooms::IdNamespaceAssociation.IdNamespaceAssociationInputReferenceConfig", + "markdownDescription": "The input reference configuration for the ID namespace association.", + "title": "InputReferenceConfig" + }, + "MembershipIdentifier": { + "markdownDescription": "The unique identifier of the membership that contains the ID namespace association.", + "title": "MembershipIdentifier", "type": "string" }, - "RuleState": { - "markdownDescription": "The current state of the rule. Valid values are `ENABLED` and `DISABLED` .", - "title": "RuleState", + "Name": { + "markdownDescription": "The name of this ID namespace association.", + "title": "Name", "type": "string" }, "Tags": { - "$ref": "#/definitions/AWS::CloudWatch::InsightRule.Tags", - "markdownDescription": "A list of key-value pairs to associate with the Contributor Insights rule. You can associate as many as 50 tags with a rule.\n\nTags can help you organize and categorize your resources. For more information, see [Tagging Your Amazon CloudWatch Resources](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Tagging.html) .\n\nTo be able to associate tags with a rule, you must have the `cloudwatch:TagResource` permission in addition to the `cloudwatch:PutInsightRule` permission.", - "title": "Tags" + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", + "title": "Tags", + "type": "array" } }, "required": [ - "RuleBody", - "RuleName", - "RuleState" + "InputReferenceConfig", + "MembershipIdentifier", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudWatch::InsightRule" + "AWS::CleanRooms::IdNamespaceAssociation" ], "type": "string" }, @@ -40585,12 +45754,60 @@ ], "type": "object" }, - "AWS::CloudWatch::InsightRule.Tags": { + "AWS::CleanRooms::IdNamespaceAssociation.IdMappingConfig": { "additionalProperties": false, - "properties": {}, + "properties": { + "AllowUseAsDimensionColumn": { + "markdownDescription": "An indicator as to whether you can use your column as a dimension column in the ID mapping table ( `TRUE` ) or not ( `FALSE` ).\n\nDefault is `FALSE` .", + "title": "AllowUseAsDimensionColumn", + "type": "boolean" + } + }, + "required": [ + "AllowUseAsDimensionColumn" + ], "type": "object" }, - "AWS::CloudWatch::MetricStream": { + "AWS::CleanRooms::IdNamespaceAssociation.IdNamespaceAssociationInputReferenceConfig": { + "additionalProperties": false, + "properties": { + "InputReferenceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Entity Resolution resource that is being associated to the collaboration. Valid resource ARNs are from the ID namespaces that you own.", + "title": "InputReferenceArn", + "type": "string" + }, + "ManageResourcePolicies": { + "markdownDescription": "When `TRUE` , AWS Clean Rooms manages permissions for the ID namespace association resource.\n\nWhen `FALSE` , the resource owner manages permissions for the ID namespace association resource.", + "title": "ManageResourcePolicies", + "type": "boolean" + } + }, + "required": [ + "InputReferenceArn", + "ManageResourcePolicies" + ], + "type": "object" + }, + "AWS::CleanRooms::IdNamespaceAssociation.IdNamespaceAssociationInputReferenceProperties": { + "additionalProperties": false, + "properties": { + "IdMappingWorkflowsSupported": { + "items": { + "type": "object" + }, + "markdownDescription": "Defines how ID mapping workflows are supported for this ID namespace association.", + "title": "IdMappingWorkflowsSupported", + "type": "array" + }, + "IdNamespaceType": { + "markdownDescription": "The ID namespace type for this ID namespace association.", + "title": "IdNamespaceType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CleanRooms::Membership": { "additionalProperties": false, "properties": { "Condition": { @@ -40625,74 +45842,54 @@ "Properties": { "additionalProperties": false, "properties": { - "ExcludeFilters": { - "items": { - "$ref": "#/definitions/AWS::CloudWatch::MetricStream.MetricStreamFilter" - }, - "markdownDescription": "If you specify this parameter, the stream sends metrics from all metric namespaces except for the namespaces that you specify here. You cannot specify both `IncludeFilters` and `ExcludeFilters` in the same metric stream.\n\nWhen you modify the `IncludeFilters` or `ExcludeFilters` of an existing metric stream in any way, the metric stream is effectively restarted, so after such a change you will get only the datapoints that have a timestamp after the time of the update.", - "title": "ExcludeFilters", - "type": "array" - }, - "FirehoseArn": { - "markdownDescription": "The ARN of the Amazon Kinesis Firehose delivery stream to use for this metric stream. This Amazon Kinesis Firehose delivery stream must already exist and must be in the same account as the metric stream.", - "title": "FirehoseArn", + "CollaborationIdentifier": { + "markdownDescription": "The unique ID for the associated collaboration.", + "title": "CollaborationIdentifier", "type": "string" }, - "IncludeFilters": { - "items": { - "$ref": "#/definitions/AWS::CloudWatch::MetricStream.MetricStreamFilter" - }, - "markdownDescription": "If you specify this parameter, the stream sends only the metrics from the metric namespaces that you specify here. You cannot specify both `IncludeFilters` and `ExcludeFilters` in the same metric stream.\n\nWhen you modify the `IncludeFilters` or `ExcludeFilters` of an existing metric stream in any way, the metric stream is effectively restarted, so after such a change you will get only the datapoints that have a timestamp after the time of the update.", - "title": "IncludeFilters", - "type": "array" + "DefaultJobResultConfiguration": { + "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipProtectedJobResultConfiguration", + "markdownDescription": "The default job result configuration for the membership.", + "title": "DefaultJobResultConfiguration" }, - "IncludeLinkedAccountsMetrics": { - "markdownDescription": "If you are creating a metric stream in a monitoring account, specify `true` to include metrics from source accounts that are linked to this monitoring account, in the metric stream. The default is `false` .\n\nFor more information about linking accounts, see [CloudWatch cross-account observability](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Unified-Cross-Account.html)", - "title": "IncludeLinkedAccountsMetrics", - "type": "boolean" + "DefaultResultConfiguration": { + "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipProtectedQueryResultConfiguration", + "markdownDescription": "The default protected query result configuration as specified by the member who can receive results.", + "title": "DefaultResultConfiguration" }, - "Name": { - "markdownDescription": "If you are creating a new metric stream, this is the name for the new stream. The name must be different than the names of other metric streams in this account and Region.\n\nIf you are updating a metric stream, specify the name of that stream here.", - "title": "Name", + "JobLogStatus": { + "markdownDescription": "An indicator as to whether job logging has been enabled or disabled for the collaboration.\n\nWhen `ENABLED` , AWS Clean Rooms logs details about jobs run within this collaboration and those logs can be viewed in Amazon CloudWatch Logs. The default value is `DISABLED` .", + "title": "JobLogStatus", "type": "string" }, - "OutputFormat": { - "markdownDescription": "The output format for the stream. Valid values are `json` , `opentelemetry1.0` and `opentelemetry0.7` For more information about metric stream output formats, see [Metric streams output formats](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-metric-streams-formats.html) .\n\nThis parameter is required.", - "title": "OutputFormat", - "type": "string" + "PaymentConfiguration": { + "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipPaymentConfiguration", + "markdownDescription": "The payment responsibilities accepted by the collaboration member.", + "title": "PaymentConfiguration" }, - "RoleArn": { - "markdownDescription": "The ARN of an IAM role that this metric stream will use to access Amazon Kinesis Firehose resources. This IAM role must already exist and must be in the same account as the metric stream. This IAM role must include the `firehose:PutRecord` and `firehose:PutRecordBatch` permissions.", - "title": "RoleArn", + "QueryLogStatus": { + "markdownDescription": "An indicator as to whether query logging has been enabled or disabled for the membership.\n\nWhen `ENABLED` , AWS Clean Rooms logs details about queries run within this collaboration and those logs can be viewed in Amazon CloudWatch Logs. The default value is `DISABLED` .", + "title": "QueryLogStatus", "type": "string" }, - "StatisticsConfigurations": { - "items": { - "$ref": "#/definitions/AWS::CloudWatch::MetricStream.MetricStreamStatisticsConfiguration" - }, - "markdownDescription": "By default, a metric stream always sends the MAX, MIN, SUM, and SAMPLECOUNT statistics for each metric that is streamed. You can use this parameter to have the metric stream also send additional statistics in the stream. This array can have up to 100 members.\n\nFor each entry in this array, you specify one or more metrics and the list of additional statistics to stream for those metrics. The additional statistics that you can stream depend on the stream's `OutputFormat` . If the `OutputFormat` is `json` , you can stream any additional statistic that is supported by CloudWatch , listed in [CloudWatch statistics definitions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Statistics-definitions.html) . If the `OutputFormat` is OpenTelemetry, you can stream percentile statistics.", - "title": "StatisticsConfigurations", - "type": "array" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to the metric stream.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", "title": "Tags", "type": "array" } }, "required": [ - "FirehoseArn", - "OutputFormat", - "RoleArn" + "CollaborationIdentifier", + "QueryLogStatus" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudWatch::MetricStream" + "AWS::CleanRooms::Membership" ], "type": "string" }, @@ -40711,75 +45908,219 @@ ], "type": "object" }, - "AWS::CloudWatch::MetricStream.MetricStreamFilter": { + "AWS::CleanRooms::Membership.MembershipJobComputePaymentConfig": { "additionalProperties": false, "properties": { - "MetricNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The names of the metrics to either include or exclude from the metric stream.\n\nIf you omit this parameter, all metrics in the namespace are included or excluded, depending on whether this filter is specified as an exclude filter or an include filter.\n\nEach metric name can contain only ASCII printable characters (ASCII range 32 through 126). Each metric name must contain at least one non-whitespace character.", - "title": "MetricNames", - "type": "array" + "IsResponsible": { + "markdownDescription": "Indicates whether the collaboration member has accepted to pay for job compute costs ( `TRUE` ) or has not accepted to pay for query and job compute costs ( `FALSE` ).\n\nThere is only one member who pays for queries and jobs.\n\nAn error message is returned for the following reasons:\n\n- If you set the value to `FALSE` but you are responsible to pay for query and job compute costs.\n- If you set the value to `TRUE` but you are not responsible to pay for query and job compute costs.", + "title": "IsResponsible", + "type": "boolean" + } + }, + "required": [ + "IsResponsible" + ], + "type": "object" + }, + "AWS::CleanRooms::Membership.MembershipMLPaymentConfig": { + "additionalProperties": false, + "properties": { + "ModelInference": { + "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipModelInferencePaymentConfig", + "markdownDescription": "The payment responsibilities accepted by the member for model inference.", + "title": "ModelInference" }, - "Namespace": { - "markdownDescription": "The name of the metric namespace in the filter.\n\nThe namespace can contain only ASCII printable characters (ASCII range 32 through 126). It must contain at least one non-whitespace character.", - "title": "Namespace", + "ModelTraining": { + "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipModelTrainingPaymentConfig", + "markdownDescription": "The payment responsibilities accepted by the member for model training.", + "title": "ModelTraining" + } + }, + "type": "object" + }, + "AWS::CleanRooms::Membership.MembershipModelInferencePaymentConfig": { + "additionalProperties": false, + "properties": { + "IsResponsible": { + "markdownDescription": "Indicates whether the collaboration member has accepted to pay for model inference costs ( `TRUE` ) or has not accepted to pay for model inference costs ( `FALSE` ).\n\nIf the collaboration creator has not specified anyone to pay for model inference costs, then the member who can query is the default payer.\n\nAn error message is returned for the following reasons:\n\n- If you set the value to `FALSE` but you are responsible to pay for model inference costs.\n- If you set the value to `TRUE` but you are not responsible to pay for model inference costs.", + "title": "IsResponsible", + "type": "boolean" + } + }, + "required": [ + "IsResponsible" + ], + "type": "object" + }, + "AWS::CleanRooms::Membership.MembershipModelTrainingPaymentConfig": { + "additionalProperties": false, + "properties": { + "IsResponsible": { + "markdownDescription": "Indicates whether the collaboration member has accepted to pay for model training costs ( `TRUE` ) or has not accepted to pay for model training costs ( `FALSE` ).\n\nIf the collaboration creator has not specified anyone to pay for model training costs, then the member who can query is the default payer.\n\nAn error message is returned for the following reasons:\n\n- If you set the value to `FALSE` but you are responsible to pay for model training costs.\n- If you set the value to `TRUE` but you are not responsible to pay for model training costs.", + "title": "IsResponsible", + "type": "boolean" + } + }, + "required": [ + "IsResponsible" + ], + "type": "object" + }, + "AWS::CleanRooms::Membership.MembershipPaymentConfiguration": { + "additionalProperties": false, + "properties": { + "JobCompute": { + "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipJobComputePaymentConfig", + "markdownDescription": "The payment responsibilities accepted by the collaboration member for job compute costs.", + "title": "JobCompute" + }, + "MachineLearning": { + "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipMLPaymentConfig", + "markdownDescription": "The payment responsibilities accepted by the collaboration member for machine learning costs.", + "title": "MachineLearning" + }, + "QueryCompute": { + "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipQueryComputePaymentConfig", + "markdownDescription": "The payment responsibilities accepted by the collaboration member for query compute costs.", + "title": "QueryCompute" + } + }, + "required": [ + "QueryCompute" + ], + "type": "object" + }, + "AWS::CleanRooms::Membership.MembershipProtectedJobOutputConfiguration": { + "additionalProperties": false, + "properties": { + "S3": { + "$ref": "#/definitions/AWS::CleanRooms::Membership.ProtectedJobS3OutputConfigurationInput", + "markdownDescription": "Contains the configuration to write the job results to S3.", + "title": "S3" + } + }, + "required": [ + "S3" + ], + "type": "object" + }, + "AWS::CleanRooms::Membership.MembershipProtectedJobResultConfiguration": { + "additionalProperties": false, + "properties": { + "OutputConfiguration": { + "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipProtectedJobOutputConfiguration", + "markdownDescription": "The output configuration for a protected job result.", + "title": "OutputConfiguration" + }, + "RoleArn": { + "markdownDescription": "The unique ARN for an IAM role that is used by AWS Clean Rooms to write protected job results to the result location, given by the member who can receive results.", + "title": "RoleArn", "type": "string" } }, "required": [ - "Namespace" + "OutputConfiguration", + "RoleArn" ], "type": "object" }, - "AWS::CloudWatch::MetricStream.MetricStreamStatisticsConfiguration": { + "AWS::CleanRooms::Membership.MembershipProtectedQueryOutputConfiguration": { "additionalProperties": false, "properties": { - "AdditionalStatistics": { - "items": { - "type": "string" - }, - "markdownDescription": "The additional statistics to stream for the metrics listed in `IncludeMetrics` .", - "title": "AdditionalStatistics", - "type": "array" + "S3": { + "$ref": "#/definitions/AWS::CleanRooms::Membership.ProtectedQueryS3OutputConfiguration", + "markdownDescription": "Required configuration for a protected query with an `s3` output type.", + "title": "S3" + } + }, + "required": [ + "S3" + ], + "type": "object" + }, + "AWS::CleanRooms::Membership.MembershipProtectedQueryResultConfiguration": { + "additionalProperties": false, + "properties": { + "OutputConfiguration": { + "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipProtectedQueryOutputConfiguration", + "markdownDescription": "Configuration for protected query results.", + "title": "OutputConfiguration" }, - "IncludeMetrics": { - "items": { - "$ref": "#/definitions/AWS::CloudWatch::MetricStream.MetricStreamStatisticsMetric" - }, - "markdownDescription": "An array that defines the metrics that are to have additional statistics streamed.", - "title": "IncludeMetrics", - "type": "array" + "RoleArn": { + "markdownDescription": "The unique ARN for an IAM role that is used by AWS Clean Rooms to write protected query results to the result location, given by the member who can receive results.", + "title": "RoleArn", + "type": "string" } }, "required": [ - "AdditionalStatistics", - "IncludeMetrics" + "OutputConfiguration" ], "type": "object" }, - "AWS::CloudWatch::MetricStream.MetricStreamStatisticsMetric": { + "AWS::CleanRooms::Membership.MembershipQueryComputePaymentConfig": { "additionalProperties": false, "properties": { - "MetricName": { - "markdownDescription": "The name of the metric.", - "title": "MetricName", + "IsResponsible": { + "markdownDescription": "Indicates whether the collaboration member has accepted to pay for query compute costs ( `TRUE` ) or has not accepted to pay for query compute costs ( `FALSE` ).\n\nIf the collaboration creator has not specified anyone to pay for query compute costs, then the member who can query is the default payer.\n\nAn error message is returned for the following reasons:\n\n- If you set the value to `FALSE` but you are responsible to pay for query compute costs.\n- If you set the value to `TRUE` but you are not responsible to pay for query compute costs.", + "title": "IsResponsible", + "type": "boolean" + } + }, + "required": [ + "IsResponsible" + ], + "type": "object" + }, + "AWS::CleanRooms::Membership.ProtectedJobS3OutputConfigurationInput": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The S3 bucket for job output.", + "title": "Bucket", "type": "string" }, - "Namespace": { - "markdownDescription": "The namespace of the metric.", - "title": "Namespace", + "KeyPrefix": { + "markdownDescription": "The S3 prefix to unload the protected job results.", + "title": "KeyPrefix", "type": "string" } }, "required": [ - "MetricName", - "Namespace" + "Bucket" ], "type": "object" }, - "AWS::CodeArtifact::Domain": { + "AWS::CleanRooms::Membership.ProtectedQueryS3OutputConfiguration": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The S3 bucket to unload the protected query results.", + "title": "Bucket", + "type": "string" + }, + "KeyPrefix": { + "markdownDescription": "The S3 prefix to unload the protected query results.", + "title": "KeyPrefix", + "type": "string" + }, + "ResultFormat": { + "markdownDescription": "Intended file format of the result.", + "title": "ResultFormat", + "type": "string" + }, + "SingleFileOutput": { + "markdownDescription": "Indicates whether files should be output as a single file ( `TRUE` ) or output as multiple files ( `FALSE` ). This parameter is only supported for analyses with the Spark analytics engine.", + "title": "SingleFileOutput", + "type": "boolean" + } + }, + "required": [ + "Bucket", + "ResultFormat" + ], + "type": "object" + }, + "AWS::CleanRooms::PrivacyBudgetTemplate": { "additionalProperties": false, "properties": { "Condition": { @@ -40814,38 +46155,46 @@ "Properties": { "additionalProperties": false, "properties": { - "DomainName": { - "markdownDescription": "A string that specifies the name of the requested domain.", - "title": "DomainName", + "AutoRefresh": { + "markdownDescription": "How often the privacy budget refreshes.\n\n> If you plan to regularly bring new data into the collaboration, use `CALENDAR_MONTH` to automatically get a new privacy budget for the collaboration every calendar month. Choosing this option allows arbitrary amounts of information to be revealed about rows of the data when repeatedly queried across refreshes. Avoid choosing this if the same rows will be repeatedly queried between privacy budget refreshes.", + "title": "AutoRefresh", "type": "string" }, - "EncryptionKey": { - "markdownDescription": "The key used to encrypt the domain.", - "title": "EncryptionKey", + "MembershipIdentifier": { + "markdownDescription": "The identifier for a membership resource.", + "title": "MembershipIdentifier", "type": "string" }, - "PermissionsPolicyDocument": { - "markdownDescription": "The document that defines the resource policy that is set on a domain.", - "title": "PermissionsPolicyDocument", - "type": "object" + "Parameters": { + "$ref": "#/definitions/AWS::CleanRooms::PrivacyBudgetTemplate.Parameters", + "markdownDescription": "Specifies the epsilon and noise parameters for the privacy budget template.", + "title": "Parameters" + }, + "PrivacyBudgetType": { + "markdownDescription": "Specifies the type of the privacy budget template.", + "title": "PrivacyBudgetType", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tags to be applied to the domain.", + "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", "title": "Tags", "type": "array" } }, "required": [ - "DomainName" + "AutoRefresh", + "MembershipIdentifier", + "Parameters", + "PrivacyBudgetType" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeArtifact::Domain" + "AWS::CleanRooms::PrivacyBudgetTemplate" ], "type": "string" }, @@ -40864,7 +46213,27 @@ ], "type": "object" }, - "AWS::CodeArtifact::PackageGroup": { + "AWS::CleanRooms::PrivacyBudgetTemplate.Parameters": { + "additionalProperties": false, + "properties": { + "Epsilon": { + "markdownDescription": "The epsilon value that you want to use.", + "title": "Epsilon", + "type": "number" + }, + "UsersNoisePerQuery": { + "markdownDescription": "Noise added per query is measured in terms of the number of users whose contributions you want to obscure. This value governs the rate at which the privacy budget is depleted.", + "title": "UsersNoisePerQuery", + "type": "number" + } + }, + "required": [ + "Epsilon", + "UsersNoisePerQuery" + ], + "type": "object" + }, + "AWS::CleanRoomsML::TrainingDataset": { "additionalProperties": false, "properties": { "Condition": { @@ -40899,54 +46268,48 @@ "Properties": { "additionalProperties": false, "properties": { - "ContactInfo": { - "markdownDescription": "The contact information of the package group.", - "title": "ContactInfo", - "type": "string" - }, "Description": { - "markdownDescription": "The description of the package group.", + "markdownDescription": "The description of the training dataset.", "title": "Description", "type": "string" }, - "DomainName": { - "markdownDescription": "The domain that contains the package group.", - "title": "DomainName", - "type": "string" - }, - "DomainOwner": { - "markdownDescription": "The 12-digit account number of the AWS account that owns the domain. It does not include dashes or spaces.", - "title": "DomainOwner", + "Name": { + "markdownDescription": "The name of the training dataset.", + "title": "Name", "type": "string" }, - "OriginConfiguration": { - "$ref": "#/definitions/AWS::CodeArtifact::PackageGroup.OriginConfiguration", - "markdownDescription": "Details about the package origin configuration of a package group.", - "title": "OriginConfiguration" - }, - "Pattern": { - "markdownDescription": "The pattern of the package group. The pattern determines which packages are associated with the package group.", - "title": "Pattern", + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that Clean Rooms ML can assume to read the data referred to in the `dataSource` field of each dataset.\n\nPassing a role across accounts is not allowed. If you pass a role that isn't in your account, you get an `AccessDeniedException` error.", + "title": "RoleArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "", + "markdownDescription": "The optional metadata that you apply to the resource to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50.\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8.\n- Maximum value length - 256 Unicode characters in UTF-8.\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for keys as it is reserved. You cannot edit or delete tag keys with this prefix. Values can have this prefix. If a tag value has `aws` as its prefix but the key does not, then Clean Rooms ML considers it to be a user tag and will count against the limit of 50 tags. Tags with only the key prefix of `aws` do not count against your tags per resource limit.", "title": "Tags", "type": "array" + }, + "TrainingData": { + "items": { + "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.Dataset" + }, + "markdownDescription": "An array of information that lists the Dataset objects, which specifies the dataset type and details on its location and schema. You must provide a role that has read access to these tables.", + "title": "TrainingData", + "type": "array" } }, "required": [ - "DomainName", - "Pattern" + "Name", + "RoleArn", + "TrainingData" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeArtifact::PackageGroup" + "AWS::CleanRoomsML::TrainingDataset" ], "type": "string" }, @@ -40965,64 +46328,112 @@ ], "type": "object" }, - "AWS::CodeArtifact::PackageGroup.OriginConfiguration": { + "AWS::CleanRoomsML::TrainingDataset.ColumnSchema": { "additionalProperties": false, "properties": { - "Restrictions": { - "$ref": "#/definitions/AWS::CodeArtifact::PackageGroup.Restrictions", - "markdownDescription": "", - "title": "Restrictions" + "ColumnName": { + "markdownDescription": "The name of a column.", + "title": "ColumnName", + "type": "string" + }, + "ColumnTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The data type of column.", + "title": "ColumnTypes", + "type": "array" } }, "required": [ - "Restrictions" + "ColumnName", + "ColumnTypes" ], "type": "object" }, - "AWS::CodeArtifact::PackageGroup.RestrictionType": { + "AWS::CleanRoomsML::TrainingDataset.DataSource": { "additionalProperties": false, "properties": { - "Repositories": { + "GlueDataSource": { + "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.GlueDataSource", + "markdownDescription": "A GlueDataSource object that defines the catalog ID, database name, and table name for the training data.", + "title": "GlueDataSource" + } + }, + "required": [ + "GlueDataSource" + ], + "type": "object" + }, + "AWS::CleanRoomsML::TrainingDataset.Dataset": { + "additionalProperties": false, + "properties": { + "InputConfig": { + "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.DatasetInputConfig", + "markdownDescription": "A DatasetInputConfig object that defines the data source and schema mapping.", + "title": "InputConfig" + }, + "Type": { + "markdownDescription": "What type of information is found in the dataset.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "InputConfig", + "Type" + ], + "type": "object" + }, + "AWS::CleanRoomsML::TrainingDataset.DatasetInputConfig": { + "additionalProperties": false, + "properties": { + "DataSource": { + "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.DataSource", + "markdownDescription": "A DataSource object that specifies the Glue data source for the training data.", + "title": "DataSource" + }, + "Schema": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.ColumnSchema" }, - "markdownDescription": "", - "title": "Repositories", + "markdownDescription": "The schema information for the training data.", + "title": "Schema", "type": "array" - }, - "RestrictionMode": { - "markdownDescription": "", - "title": "RestrictionMode", - "type": "string" } }, "required": [ - "RestrictionMode" + "DataSource", + "Schema" ], "type": "object" }, - "AWS::CodeArtifact::PackageGroup.Restrictions": { + "AWS::CleanRoomsML::TrainingDataset.GlueDataSource": { "additionalProperties": false, "properties": { - "ExternalUpstream": { - "$ref": "#/definitions/AWS::CodeArtifact::PackageGroup.RestrictionType", - "markdownDescription": "", - "title": "ExternalUpstream" + "CatalogId": { + "markdownDescription": "The Glue catalog that contains the training data.", + "title": "CatalogId", + "type": "string" }, - "InternalUpstream": { - "$ref": "#/definitions/AWS::CodeArtifact::PackageGroup.RestrictionType", - "markdownDescription": "", - "title": "InternalUpstream" + "DatabaseName": { + "markdownDescription": "The Glue database that contains the training data.", + "title": "DatabaseName", + "type": "string" }, - "Publish": { - "$ref": "#/definitions/AWS::CodeArtifact::PackageGroup.RestrictionType", - "markdownDescription": "", - "title": "Publish" + "TableName": { + "markdownDescription": "The Glue table that contains the training data.", + "title": "TableName", + "type": "string" } }, + "required": [ + "DatabaseName", + "TableName" + ], "type": "object" }, - "AWS::CodeArtifact::Repository": { + "AWS::Cloud9::EnvironmentEC2": { "additionalProperties": false, "properties": { "Condition": { @@ -41057,65 +46468,72 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A text description of the repository.", - "title": "Description", + "AutomaticStopTimeMinutes": { + "markdownDescription": "The number of minutes until the running instance is shut down after the environment was last used.", + "title": "AutomaticStopTimeMinutes", + "type": "number" + }, + "ConnectionType": { + "markdownDescription": "The connection type used for connecting to an Amazon EC2 environment. Valid values are `CONNECT_SSH` (default) and `CONNECT_SSM` (connected through AWS Systems Manager ).", + "title": "ConnectionType", "type": "string" }, - "DomainName": { - "markdownDescription": "The name of the domain that contains the repository.", - "title": "DomainName", + "Description": { + "markdownDescription": "The description of the environment to create.", + "title": "Description", "type": "string" }, - "DomainOwner": { - "markdownDescription": "The 12-digit account number of the AWS account that owns the domain that contains the repository. It does not include dashes or spaces.", - "title": "DomainOwner", + "ImageId": { + "markdownDescription": "The identifier for the Amazon Machine Image (AMI) that's used to create the EC2 instance. To choose an AMI for the instance, you must specify a valid AMI alias or a valid AWS Systems Manager path.\n\nFrom December 04, 2023, you will be required to include the `ImageId` parameter for the `CreateEnvironmentEC2` action. This change will be reflected across all direct methods of communicating with the API, such as AWS SDK, AWS CLI and AWS CloudFormation. This change will only affect direct API consumers, and not AWS Cloud9 console users.\n\nSince Ubuntu 18.04 has ended standard support as of May 31, 2023, we recommend you choose Ubuntu 22.04.\n\n*AMI aliases*\n\n- Amazon Linux 2: `amazonlinux-2-x86_64`\n- Amazon Linux 2023 (recommended): `amazonlinux-2023-x86_64`\n- Ubuntu 18.04: `ubuntu-18.04-x86_64`\n- Ubuntu 22.04: `ubuntu-22.04-x86_64`\n\n*SSM paths*\n\n- Amazon Linux 2: `resolve:ssm:/aws/service/cloud9/amis/amazonlinux-2-x86_64`\n- Amazon Linux 2023 (recommended): `resolve:ssm:/aws/service/cloud9/amis/amazonlinux-2023-x86_64`\n- Ubuntu 18.04: `resolve:ssm:/aws/service/cloud9/amis/ubuntu-18.04-x86_64`\n- Ubuntu 22.04: `resolve:ssm:/aws/service/cloud9/amis/ubuntu-22.04-x86_64`", + "title": "ImageId", "type": "string" }, - "ExternalConnections": { + "InstanceType": { + "markdownDescription": "The type of instance to connect to the environment (for example, `t2.micro` ).", + "title": "InstanceType", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the environment.", + "title": "Name", + "type": "string" + }, + "OwnerArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the environment owner. This ARN can be the ARN of any AWS Identity and Access Management principal. If this value is not specified, the ARN defaults to this environment's creator.", + "title": "OwnerArn", + "type": "string" + }, + "Repositories": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Cloud9::EnvironmentEC2.Repository" }, - "markdownDescription": "An array of external connections associated with the repository. For more information, see [Supported external connection repositories](https://docs.aws.amazon.com/codeartifact/latest/ug/external-connection.html#supported-public-repositories) in the *CodeArtifact user guide* .", - "title": "ExternalConnections", + "markdownDescription": "Any AWS CodeCommit source code repositories to be cloned into the development environment.", + "title": "Repositories", "type": "array" }, - "PermissionsPolicyDocument": { - "markdownDescription": "The document that defines the resource policy that is set on a repository.", - "title": "PermissionsPolicyDocument", - "type": "object" - }, - "RepositoryName": { - "markdownDescription": "The name of an upstream repository.", - "title": "RepositoryName", + "SubnetId": { + "markdownDescription": "The ID of the subnet in Amazon Virtual Private Cloud (Amazon VPC) that AWS Cloud9 will use to communicate with the Amazon Elastic Compute Cloud (Amazon EC2) instance.", + "title": "SubnetId", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tags to be applied to the repository.", + "markdownDescription": "An array of key-value pairs that will be associated with the new AWS Cloud9 development environment.", "title": "Tags", "type": "array" - }, - "Upstreams": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of upstream repositories to associate with the repository. The order of the upstream repositories in the list determines their priority order when AWS CodeArtifact looks for a requested package version. For more information, see [Working with upstream repositories](https://docs.aws.amazon.com/codeartifact/latest/ug/repos-upstream.html) .", - "title": "Upstreams", - "type": "array" } }, "required": [ - "DomainName", - "RepositoryName" + "ImageId", + "InstanceType" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeArtifact::Repository" + "AWS::Cloud9::EnvironmentEC2" ], "type": "string" }, @@ -41134,7 +46552,27 @@ ], "type": "object" }, - "AWS::CodeBuild::Fleet": { + "AWS::Cloud9::EnvironmentEC2.Repository": { + "additionalProperties": false, + "properties": { + "PathComponent": { + "markdownDescription": "The path within the development environment's default file system location to clone the AWS CodeCommit repository into. For example, `/REPOSITORY_NAME` would clone the repository into the `/home/USER_NAME/environment/REPOSITORY_NAME` directory in the environment.", + "title": "PathComponent", + "type": "string" + }, + "RepositoryUrl": { + "markdownDescription": "The clone URL of the AWS CodeCommit repository to be cloned. For example, for an AWS CodeCommit repository this might be `https://git-codecommit.us-east-2.amazonaws.com/v1/repos/REPOSITORY_NAME` .", + "title": "RepositoryUrl", + "type": "string" + } + }, + "required": [ + "PathComponent", + "RepositoryUrl" + ], + "type": "object" + }, + "AWS::CloudFormation::CustomResource": { "additionalProperties": false, "properties": { "Condition": { @@ -41169,40 +46607,25 @@ "Properties": { "additionalProperties": false, "properties": { - "BaseCapacity": { - "markdownDescription": "The initial number of machines allocated to the compute \ufb02eet, which de\ufb01nes the number of builds that can run in parallel.", - "title": "BaseCapacity", + "ServiceTimeout": { + "markdownDescription": "The maximum time, in seconds, that can elapse before a custom resource operation times out.\n\nThe value must be an integer from 1 to 3600. The default value is 3600 seconds (1 hour).", + "title": "ServiceTimeout", "type": "number" }, - "ComputeType": { - "markdownDescription": "Information about the compute resources the compute fleet uses. Available values include:\n\n- `ATTRIBUTE_BASED_COMPUTE` : Specify the amount of vCPUs, memory, disk space, and the type of machine.\n\n> If you use `ATTRIBUTE_BASED_COMPUTE` , you must define your attributes by using `computeConfiguration` . AWS CodeBuild will select the cheapest instance that satisfies your specified attributes. For more information, see [Reserved capacity environment types](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html#environment-reserved-capacity.types) in the *AWS CodeBuild User Guide* .\n- `BUILD_GENERAL1_SMALL` : Use up to 4 GiB memory and 2 vCPUs for builds.\n- `BUILD_GENERAL1_MEDIUM` : Use up to 8 GiB memory and 4 vCPUs for builds.\n- `BUILD_GENERAL1_LARGE` : Use up to 16 GiB memory and 8 vCPUs for builds, depending on your environment type.\n- `BUILD_GENERAL1_XLARGE` : Use up to 72 GiB memory and 36 vCPUs for builds, depending on your environment type.\n- `BUILD_GENERAL1_2XLARGE` : Use up to 144 GiB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed.\n- `BUILD_LAMBDA_1GB` : Use up to 1 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_2GB` : Use up to 2 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_4GB` : Use up to 4 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_8GB` : Use up to 8 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_10GB` : Use up to 10 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n\nIf you use `BUILD_GENERAL1_SMALL` :\n\n- For environment type `LINUX_CONTAINER` , you can use up to 4 GiB memory and 2 vCPUs for builds.\n- For environment type `LINUX_GPU_CONTAINER` , you can use up to 16 GiB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds.\n- For environment type `ARM_CONTAINER` , you can use up to 4 GiB memory and 2 vCPUs on ARM-based processors for builds.\n\nIf you use `BUILD_GENERAL1_LARGE` :\n\n- For environment type `LINUX_CONTAINER` , you can use up to 16 GiB memory and 8 vCPUs for builds.\n- For environment type `LINUX_GPU_CONTAINER` , you can use up to 255 GiB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds.\n- For environment type `ARM_CONTAINER` , you can use up to 16 GiB memory and 8 vCPUs on ARM-based processors for builds.\n\nFor more information, see [On-demand environment types](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html#environment.types) in the *AWS CodeBuild User Guide.*", - "title": "ComputeType", - "type": "string" - }, - "EnvironmentType": { - "markdownDescription": "The environment type of the compute fleet.\n\n- The environment type `ARM_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), EU (Frankfurt), and South America (S\u00e3o Paulo).\n- The environment type `ARM_EC2` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (S\u00e3o Paulo), and Asia Pacific (Mumbai).\n- The environment type `LINUX_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (S\u00e3o Paulo), and Asia Pacific (Mumbai).\n- The environment type `LINUX_EC2` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (S\u00e3o Paulo), and Asia Pacific (Mumbai).\n- The environment type `LINUX_GPU_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), and Asia Pacific (Sydney).\n- The environment type `MAC_ARM` is available only in regions US East (Ohio), US East (N. Virginia), US West (Oregon), Europe (Frankfurt), and Asia Pacific (Sydney).\n- The environment type `WINDOWS_EC2` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (S\u00e3o Paulo), and Asia Pacific (Mumbai).\n- The environment type `WINDOWS_SERVER_2019_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Sydney), Asia Pacific (Tokyo), Asia Pacific (Mumbai) and EU (Ireland).\n- The environment type `WINDOWS_SERVER_2022_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Sydney), Asia Pacific (Singapore), Asia Pacific (Tokyo), South America (S\u00e3o Paulo) and Asia Pacific (Mumbai).\n\nFor more information, see [Build environment compute types](https://docs.aws.amazon.com//codebuild/latest/userguide/build-env-ref-compute-types.html) in the *AWS CodeBuild user guide* .", - "title": "EnvironmentType", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the compute fleet.", - "title": "Name", + "ServiceToken": { + "markdownDescription": "The service token, such as an Amazon SNS topic ARN or Lambda function ARN. The service token must be from the same Region as the stack.\n\nUpdates aren't supported.", + "title": "ServiceToken", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of tag key and value pairs associated with this compute fleet.\n\nThese tags are available for use by AWS services that support AWS CodeBuild compute fleet tags.", - "title": "Tags", - "type": "array" } }, + "required": [ + "ServiceToken" + ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeBuild::Fleet" + "AWS::CloudFormation::CustomResource" ], "type": "string" }, @@ -41216,11 +46639,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::CodeBuild::Project": { + "AWS::CloudFormation::GuardHook": { "additionalProperties": false, "properties": { "Condition": { @@ -41255,153 +46679,73 @@ "Properties": { "additionalProperties": false, "properties": { - "Artifacts": { - "$ref": "#/definitions/AWS::CodeBuild::Project.Artifacts", - "markdownDescription": "`Artifacts` is a property of the [AWS::CodeBuild::Project](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codebuild-project.html) resource that specifies output settings for artifacts generated by an AWS CodeBuild build.", - "title": "Artifacts" - }, - "BadgeEnabled": { - "markdownDescription": "Indicates whether AWS CodeBuild generates a publicly accessible URL for your project's build badge. For more information, see [Build Badges Sample](https://docs.aws.amazon.com/codebuild/latest/userguide/sample-build-badges.html) in the *AWS CodeBuild User Guide* .\n\n> Including build badges with your project is currently not supported if the source type is CodePipeline. If you specify `CODEPIPELINE` for the `Source` property, do not specify the `BadgeEnabled` property.", - "title": "BadgeEnabled", - "type": "boolean" - }, - "BuildBatchConfig": { - "$ref": "#/definitions/AWS::CodeBuild::Project.ProjectBuildBatchConfig", - "markdownDescription": "A `ProjectBuildBatchConfig` object that defines the batch build options for the project.", - "title": "BuildBatchConfig" - }, - "Cache": { - "$ref": "#/definitions/AWS::CodeBuild::Project.ProjectCache", - "markdownDescription": "Settings that AWS CodeBuild uses to store and reuse build dependencies.", - "title": "Cache" - }, - "ConcurrentBuildLimit": { - "markdownDescription": "The maximum number of concurrent builds that are allowed for this project.\n\nNew builds are only started if the current number of builds is less than or equal to this limit. If the current build count meets this limit, new builds are throttled and are not run.", - "title": "ConcurrentBuildLimit", - "type": "number" - }, - "Description": { - "markdownDescription": "A description that makes the build project easy to identify.", - "title": "Description", + "Alias": { + "markdownDescription": "The type name alias for the Hook. This alias must be unique per account and Region.\n\nThe alias must be in the form `Name1::Name2::Name3` and must not begin with `AWS` . For example, `Private::Guard::MyTestHook` .", + "title": "Alias", "type": "string" }, - "EncryptionKey": { - "markdownDescription": "The AWS Key Management Service customer master key (CMK) to be used for encrypting the build output artifacts.\n\n> You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key. \n\nYou can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format `alias/` ). If you don't specify a value, CodeBuild uses the managed CMK for Amazon Simple Storage Service (Amazon S3).", - "title": "EncryptionKey", + "ExecutionRole": { + "markdownDescription": "The IAM role that the Hook assumes to retrieve your Guard rules from S3 and optionally write a detailed Guard output report back.", + "title": "ExecutionRole", "type": "string" }, - "Environment": { - "$ref": "#/definitions/AWS::CodeBuild::Project.Environment", - "markdownDescription": "The build environment settings for the project, such as the environment type or the environment variables to use for the build environment.", - "title": "Environment" - }, - "FileSystemLocations": { - "items": { - "$ref": "#/definitions/AWS::CodeBuild::Project.ProjectFileSystemLocation" - }, - "markdownDescription": "An array of `ProjectFileSystemLocation` objects for a CodeBuild build project. A `ProjectFileSystemLocation` object specifies the `identifier` , `location` , `mountOptions` , `mountPoint` , and `type` of a file system created using Amazon Elastic File System.", - "title": "FileSystemLocations", - "type": "array" - }, - "LogsConfig": { - "$ref": "#/definitions/AWS::CodeBuild::Project.LogsConfig", - "markdownDescription": "Information about logs for the build project. A project can create logs in CloudWatch Logs, an S3 bucket, or both.", - "title": "LogsConfig" - }, - "Name": { - "markdownDescription": "The name of the build project. The name must be unique across all of the projects in your AWS account .", - "title": "Name", + "FailureMode": { + "markdownDescription": "Specifies how the Hook responds when rules fail their evaluation.\n\n- `FAIL` : Prevents the action from proceeding. This is helpful for enforcing strict compliance or security policies.\n- `WARN` : Issues warnings to users but allows actions to continue. This is useful for non-critical validations or informational checks.", + "title": "FailureMode", "type": "string" }, - "QueuedTimeoutInMinutes": { - "markdownDescription": "The number of minutes a build is allowed to be queued before it times out.", - "title": "QueuedTimeoutInMinutes", - "type": "number" - }, - "ResourceAccessRole": { - "markdownDescription": "The ARN of the IAM role that enables CodeBuild to access the CloudWatch Logs and Amazon S3 artifacts for the project's builds.", - "title": "ResourceAccessRole", + "HookStatus": { + "markdownDescription": "Specifies if the Hook is `ENABLED` or `DISABLED` .", + "title": "HookStatus", "type": "string" }, - "SecondaryArtifacts": { - "items": { - "$ref": "#/definitions/AWS::CodeBuild::Project.Artifacts" - }, - "markdownDescription": "A list of `Artifacts` objects. Each artifacts object specifies output settings that the project generates during a build.", - "title": "SecondaryArtifacts", - "type": "array" - }, - "SecondarySourceVersions": { - "items": { - "$ref": "#/definitions/AWS::CodeBuild::Project.ProjectSourceVersion" - }, - "markdownDescription": "An array of `ProjectSourceVersion` objects. If `secondarySourceVersions` is specified at the build level, then they take over these `secondarySourceVersions` (at the project level).", - "title": "SecondarySourceVersions", - "type": "array" + "LogBucket": { + "markdownDescription": "Specifies the name of an S3 bucket to store the Guard output report. This report contains the results of your Guard rule validations.", + "title": "LogBucket", + "type": "string" }, - "SecondarySources": { - "items": { - "$ref": "#/definitions/AWS::CodeBuild::Project.Source" - }, - "markdownDescription": "An array of `ProjectSource` objects.", - "title": "SecondarySources", - "type": "array" + "Options": { + "$ref": "#/definitions/AWS::CloudFormation::GuardHook.Options", + "markdownDescription": "Specifies the S3 location of your input parameters.", + "title": "Options" }, - "ServiceRole": { - "markdownDescription": "The ARN of the IAM role that enables AWS CodeBuild to interact with dependent AWS services on behalf of the AWS account.", - "title": "ServiceRole", - "type": "string" + "RuleLocation": { + "$ref": "#/definitions/AWS::CloudFormation::GuardHook.S3Location", + "markdownDescription": "Specifies the S3 location of your Guard rules.", + "title": "RuleLocation" }, - "Source": { - "$ref": "#/definitions/AWS::CodeBuild::Project.Source", - "markdownDescription": "The source code settings for the project, such as the source code's repository type and location.", - "title": "Source" + "StackFilters": { + "$ref": "#/definitions/AWS::CloudFormation::GuardHook.StackFilters", + "markdownDescription": "Specifies the stack level filters for the Hook.\n\nExample stack level filter in JSON:\n\n`\"StackFilters\": {\"FilteringCriteria\": \"ALL\", \"StackNames\": {\"Exclude\": [ \"stack-1\", \"stack-2\"]}}` \n\nExample stack level filter in YAML:\n\n`StackFilters: FilteringCriteria: ALL StackNames: Exclude: - stack-1 - stack-2`", + "title": "StackFilters" }, - "SourceVersion": { - "markdownDescription": "A version of the build input to be built for this project. If not specified, the latest version is used. If specified, it must be one of:\n\n- For CodeCommit: the commit ID, branch, or Git tag to use.\n- For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format `pr/pull-request-ID` (for example `pr/25` ). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.\n- For GitLab: the commit ID, branch, or Git tag to use.\n- For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.\n- For Amazon S3: the version ID of the object that represents the build input ZIP file to use.\n\nIf `sourceVersion` is specified at the build level, then that version takes precedence over this `sourceVersion` (at the project level).\n\nFor more information, see [Source Version Sample with CodeBuild](https://docs.aws.amazon.com/codebuild/latest/userguide/sample-source-version.html) in the *AWS CodeBuild User Guide* .", - "title": "SourceVersion", - "type": "string" + "TargetFilters": { + "$ref": "#/definitions/AWS::CloudFormation::GuardHook.TargetFilters", + "markdownDescription": "Specifies the target filters for the Hook.\n\nExample target filter in JSON:\n\n`\"TargetFilters\": {\"Actions\": [ \"Create\", \"Update\", \"Delete\" ]}` \n\nExample target filter in YAML:\n\n`TargetFilters: Actions: - CREATE - UPDATE - DELETE`", + "title": "TargetFilters" }, - "Tags": { + "TargetOperations": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "An arbitrary set of tags (key-value pairs) for the AWS CodeBuild project.\n\nThese tags are available for use by AWS services that support AWS CodeBuild build project tags.", - "title": "Tags", + "markdownDescription": "Specifies the list of operations the Hook is run against. For more information, see [Hook targets](https://docs.aws.amazon.com/cloudformation-cli/latest/hooks-userguide/hooks-concepts.html#hook-terms-hook-target) in the *AWS CloudFormation Hooks User Guide* .\n\nValid values: `STACK` | `RESOURCE` | `CHANGE_SET` | `CLOUD_CONTROL`", + "title": "TargetOperations", "type": "array" - }, - "TimeoutInMinutes": { - "markdownDescription": "How long, in minutes, from 5 to 2160 (36 hours), for AWS CodeBuild to wait before timing out any related build that did not get marked as completed. The default is 60 minutes.", - "title": "TimeoutInMinutes", - "type": "number" - }, - "Triggers": { - "$ref": "#/definitions/AWS::CodeBuild::Project.ProjectTriggers", - "markdownDescription": "For an existing AWS CodeBuild build project that has its source code stored in a GitHub repository, enables AWS CodeBuild to begin automatically rebuilding the source code every time a code change is pushed to the repository.", - "title": "Triggers" - }, - "Visibility": { - "markdownDescription": "Specifies the visibility of the project's builds. Possible values are:\n\n- **PUBLIC_READ** - The project builds are visible to the public.\n- **PRIVATE** - The project builds are not visible to the public.", - "title": "Visibility", - "type": "string" - }, - "VpcConfig": { - "$ref": "#/definitions/AWS::CodeBuild::Project.VpcConfig", - "markdownDescription": "`VpcConfig` specifies settings that enable AWS CodeBuild to access resources in an Amazon VPC. For more information, see [Use AWS CodeBuild with Amazon Virtual Private Cloud](https://docs.aws.amazon.com/codebuild/latest/userguide/vpc-support.html) in the *AWS CodeBuild User Guide* .", - "title": "VpcConfig" } }, "required": [ - "Artifacts", - "Environment", - "ServiceRole", - "Source" + "Alias", + "ExecutionRole", + "FailureMode", + "HookStatus", + "RuleLocation", + "TargetOperations" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeBuild::Project" + "AWS::CloudFormation::GuardHook" ], "type": "string" }, @@ -41420,560 +46764,155 @@ ], "type": "object" }, - "AWS::CodeBuild::Project.Artifacts": { + "AWS::CloudFormation::GuardHook.HookTarget": { "additionalProperties": false, "properties": { - "ArtifactIdentifier": { - "markdownDescription": "An identifier for this artifact definition.", - "title": "ArtifactIdentifier", - "type": "string" - }, - "EncryptionDisabled": { - "markdownDescription": "Set to true if you do not want your output artifacts encrypted. This option is valid only if your artifacts type is Amazon Simple Storage Service (Amazon S3). If this is set with another artifacts type, an `invalidInputException` is thrown.", - "title": "EncryptionDisabled", - "type": "boolean" - }, - "Location": { - "markdownDescription": "Information about the build output artifact location:\n\n- If `type` is set to `CODEPIPELINE` , AWS CodePipeline ignores this value if specified. This is because CodePipeline manages its build output locations instead of CodeBuild .\n- If `type` is set to `NO_ARTIFACTS` , this value is ignored if specified, because no build output is produced.\n- If `type` is set to `S3` , this is the name of the output bucket.\n\nIf you specify `CODEPIPELINE` or `NO_ARTIFACTS` for the `Type` property, don't specify this property. For all of the other types, you must specify this property.", - "title": "Location", - "type": "string" - }, - "Name": { - "markdownDescription": "Along with `path` and `namespaceType` , the pattern that AWS CodeBuild uses to name and store the output artifact:\n\n- If `type` is set to `CODEPIPELINE` , AWS CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of AWS CodeBuild .\n- If `type` is set to `NO_ARTIFACTS` , this value is ignored if specified, because no build output is produced.\n- If `type` is set to `S3` , this is the name of the output artifact object. If you set the name to be a forward slash (\"/\"), the artifact is stored in the root of the output bucket.\n\nFor example:\n\n- If `path` is set to `MyArtifacts` , `namespaceType` is set to `BUILD_ID` , and `name` is set to `MyArtifact.zip` , then the output artifact is stored in `MyArtifacts/ *build-ID* /MyArtifact.zip` .\n- If `path` is empty, `namespaceType` is set to `NONE` , and `name` is set to \" `/` \", the output artifact is stored in the root of the output bucket.\n- If `path` is set to `MyArtifacts` , `namespaceType` is set to `BUILD_ID` , and `name` is set to \" `/` \", the output artifact is stored in `MyArtifacts/ *build-ID*` .\n\nIf you specify `CODEPIPELINE` or `NO_ARTIFACTS` for the `Type` property, don't specify this property. For all of the other types, you must specify this property.", - "title": "Name", - "type": "string" - }, - "NamespaceType": { - "markdownDescription": "Along with `path` and `name` , the pattern that AWS CodeBuild uses to determine the name and location to store the output artifact:\n\n- If `type` is set to `CODEPIPELINE` , CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of AWS CodeBuild .\n- If `type` is set to `NO_ARTIFACTS` , this value is ignored if specified, because no build output is produced.\n- If `type` is set to `S3` , valid values include:\n\n- `BUILD_ID` : Include the build ID in the location of the build output artifact.\n- `NONE` : Do not include the build ID. This is the default if `namespaceType` is not specified.\n\nFor example, if `path` is set to `MyArtifacts` , `namespaceType` is set to `BUILD_ID` , and `name` is set to `MyArtifact.zip` , the output artifact is stored in `MyArtifacts//MyArtifact.zip` .", - "title": "NamespaceType", - "type": "string" - }, - "OverrideArtifactName": { - "markdownDescription": "If set to true a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell command language. For example, you can append a date and time to your artifact name so that it is always unique.", - "title": "OverrideArtifactName", - "type": "boolean" - }, - "Packaging": { - "markdownDescription": "The type of build output artifact to create:\n\n- If `type` is set to `CODEPIPELINE` , CodePipeline ignores this value if specified. This is because CodePipeline manages its build output artifacts instead of AWS CodeBuild .\n- If `type` is set to `NO_ARTIFACTS` , this value is ignored if specified, because no build output is produced.\n- If `type` is set to `S3` , valid values include:\n\n- `NONE` : AWS CodeBuild creates in the output bucket a folder that contains the build output. This is the default if `packaging` is not specified.\n- `ZIP` : AWS CodeBuild creates in the output bucket a ZIP file that contains the build output.", - "title": "Packaging", + "Action": { "type": "string" }, - "Path": { - "markdownDescription": "Along with `namespaceType` and `name` , the pattern that AWS CodeBuild uses to name and store the output artifact:\n\n- If `type` is set to `CODEPIPELINE` , CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of AWS CodeBuild .\n- If `type` is set to `NO_ARTIFACTS` , this value is ignored if specified, because no build output is produced.\n- If `type` is set to `S3` , this is the path to the output artifact. If `path` is not specified, `path` is not used.\n\nFor example, if `path` is set to `MyArtifacts` , `namespaceType` is set to `NONE` , and `name` is set to `MyArtifact.zip` , the output artifact is stored in the output bucket at `MyArtifacts/MyArtifact.zip` .", - "title": "Path", + "InvocationPoint": { "type": "string" }, - "Type": { - "markdownDescription": "The type of build output artifact. Valid values include:\n\n- `CODEPIPELINE` : The build project has build output generated through CodePipeline.\n\n> The `CODEPIPELINE` type is not supported for `secondaryArtifacts` .\n- `NO_ARTIFACTS` : The build project does not produce any build output.\n- `S3` : The build project stores build output in Amazon S3.", - "title": "Type", + "TargetName": { "type": "string" } }, "required": [ - "Type" + "Action", + "InvocationPoint", + "TargetName" ], "type": "object" }, - "AWS::CodeBuild::Project.BatchRestrictions": { + "AWS::CloudFormation::GuardHook.Options": { "additionalProperties": false, "properties": { - "ComputeTypesAllowed": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of strings that specify the compute types that are allowed for the batch build. See [Build environment compute types](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html) in the *AWS CodeBuild User Guide* for these values.", - "title": "ComputeTypesAllowed", - "type": "array" - }, - "MaximumBuildsAllowed": { - "markdownDescription": "Specifies the maximum number of builds allowed.", - "title": "MaximumBuildsAllowed", - "type": "number" + "InputParams": { + "$ref": "#/definitions/AWS::CloudFormation::GuardHook.S3Location", + "markdownDescription": "Specifies the S3 location where your input parameters are located.", + "title": "InputParams" } }, "type": "object" }, - "AWS::CodeBuild::Project.BuildStatusConfig": { + "AWS::CloudFormation::GuardHook.S3Location": { "additionalProperties": false, "properties": { - "Context": { - "markdownDescription": "Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.\n\n- **Bitbucket** - This parameter is used for the `name` parameter in the Bitbucket commit status. For more information, see [build](https://docs.aws.amazon.com/https://developer.atlassian.com/bitbucket/api/2/reference/resource/repositories/%7Bworkspace%7D/%7Brepo_slug%7D/commit/%7Bnode%7D/statuses/build) in the Bitbucket API documentation.\n- **GitHub/GitHub Enterprise Server** - This parameter is used for the `context` parameter in the GitHub commit status. For more information, see [Create a commit status](https://docs.aws.amazon.com/https://developer.github.com/v3/repos/statuses/#create-a-commit-status) in the GitHub developer guide.", - "title": "Context", + "Uri": { + "markdownDescription": "Specifies the S3 path to the file that contains your Guard rules or input parameters (in the form `s3:///` ).\n\nFor Guard rules, the object stored in S3 must have one of the following file extensions: `.guard` , `.zip` , or `.tar.gz` .\n\nFor input parameters, the object stored in S3 must have one of the following file extensions: `.yaml` , `.json` , `.zip` , or `.tar.gz` .", + "title": "Uri", "type": "string" }, - "TargetUrl": { - "markdownDescription": "Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.\n\n- **Bitbucket** - This parameter is used for the `url` parameter in the Bitbucket commit status. For more information, see [build](https://docs.aws.amazon.com/https://developer.atlassian.com/bitbucket/api/2/reference/resource/repositories/%7Bworkspace%7D/%7Brepo_slug%7D/commit/%7Bnode%7D/statuses/build) in the Bitbucket API documentation.\n- **GitHub/GitHub Enterprise Server** - This parameter is used for the `target_url` parameter in the GitHub commit status. For more information, see [Create a commit status](https://docs.aws.amazon.com/https://developer.github.com/v3/repos/statuses/#create-a-commit-status) in the GitHub developer guide.", - "title": "TargetUrl", + "VersionId": { + "markdownDescription": "For S3 buckets with versioning enabled, specifies the unique ID of the S3 object version to download your Guard rules or input parameters from.\n\nThe Guard Hook downloads files from S3 every time the Hook is invoked. To prevent accidental changes or deletions, we recommend using a version when configuring your Guard Hook.", + "title": "VersionId", "type": "string" } }, + "required": [ + "Uri" + ], "type": "object" }, - "AWS::CodeBuild::Project.CloudWatchLogsConfig": { + "AWS::CloudFormation::GuardHook.StackFilters": { "additionalProperties": false, "properties": { - "GroupName": { - "markdownDescription": "The group name of the logs in CloudWatch Logs. For more information, see [Working with Log Groups and Log Streams](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/Working-with-log-groups-and-streams.html) .", - "title": "GroupName", + "FilteringCriteria": { + "markdownDescription": "The filtering criteria.\n\n- All stack names and stack roles ( `All` ): The Hook will only be invoked when all specified filters match.\n- Any stack names and stack roles ( `Any` ): The Hook will be invoked if at least one of the specified filters match.", + "title": "FilteringCriteria", "type": "string" }, - "Status": { - "markdownDescription": "The current status of the logs in CloudWatch Logs for a build project. Valid values are:\n\n- `ENABLED` : CloudWatch Logs are enabled for this build project.\n- `DISABLED` : CloudWatch Logs are not enabled for this build project.", - "title": "Status", - "type": "string" + "StackNames": { + "$ref": "#/definitions/AWS::CloudFormation::GuardHook.StackNames", + "markdownDescription": "Includes or excludes specific stacks from Hook invocations.", + "title": "StackNames" }, - "StreamName": { - "markdownDescription": "The prefix of the stream name of the CloudWatch Logs. For more information, see [Working with Log Groups and Log Streams](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/Working-with-log-groups-and-streams.html) .", - "title": "StreamName", - "type": "string" + "StackRoles": { + "$ref": "#/definitions/AWS::CloudFormation::GuardHook.StackRoles", + "markdownDescription": "Includes or excludes specific stacks from Hook invocations based on their associated IAM roles.", + "title": "StackRoles" } }, "required": [ - "Status" + "FilteringCriteria" ], "type": "object" }, - "AWS::CodeBuild::Project.Environment": { + "AWS::CloudFormation::GuardHook.StackNames": { "additionalProperties": false, "properties": { - "Certificate": { - "markdownDescription": "The ARN of the Amazon S3 bucket, path prefix, and object key that contains the PEM-encoded certificate for the build project. For more information, see [certificate](https://docs.aws.amazon.com/codebuild/latest/userguide/create-project-cli.html#cli.environment.certificate) in the *AWS CodeBuild User Guide* .", - "title": "Certificate", - "type": "string" - }, - "ComputeType": { - "markdownDescription": "The type of compute environment. This determines the number of CPU cores and memory the build environment uses. Available values include:\n\n- `ATTRIBUTE_BASED_COMPUTE` : Specify the amount of vCPUs, memory, disk space, and the type of machine.\n\n> If you use `ATTRIBUTE_BASED_COMPUTE` , you must define your attributes by using `computeConfiguration` . AWS CodeBuild will select the cheapest instance that satisfies your specified attributes. For more information, see [Reserved capacity environment types](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html#environment-reserved-capacity.types) in the *AWS CodeBuild User Guide* .\n- `BUILD_GENERAL1_SMALL` : Use up to 4 GiB memory and 2 vCPUs for builds.\n- `BUILD_GENERAL1_MEDIUM` : Use up to 8 GiB memory and 4 vCPUs for builds.\n- `BUILD_GENERAL1_LARGE` : Use up to 16 GiB memory and 8 vCPUs for builds, depending on your environment type.\n- `BUILD_GENERAL1_XLARGE` : Use up to 72 GiB memory and 36 vCPUs for builds, depending on your environment type.\n- `BUILD_GENERAL1_2XLARGE` : Use up to 144 GiB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed.\n- `BUILD_LAMBDA_1GB` : Use up to 1 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_2GB` : Use up to 2 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_4GB` : Use up to 4 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_8GB` : Use up to 8 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_10GB` : Use up to 10 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n\nIf you use `BUILD_GENERAL1_SMALL` :\n\n- For environment type `LINUX_CONTAINER` , you can use up to 4 GiB memory and 2 vCPUs for builds.\n- For environment type `LINUX_GPU_CONTAINER` , you can use up to 16 GiB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds.\n- For environment type `ARM_CONTAINER` , you can use up to 4 GiB memory and 2 vCPUs on ARM-based processors for builds.\n\nIf you use `BUILD_GENERAL1_LARGE` :\n\n- For environment type `LINUX_CONTAINER` , you can use up to 16 GiB memory and 8 vCPUs for builds.\n- For environment type `LINUX_GPU_CONTAINER` , you can use up to 255 GiB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds.\n- For environment type `ARM_CONTAINER` , you can use up to 16 GiB memory and 8 vCPUs on ARM-based processors for builds.\n\nFor more information, see [On-demand environment types](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html#environment.types) in the *AWS CodeBuild User Guide.*", - "title": "ComputeType", - "type": "string" - }, - "EnvironmentVariables": { + "Exclude": { "items": { - "$ref": "#/definitions/AWS::CodeBuild::Project.EnvironmentVariable" + "type": "string" }, - "markdownDescription": "A set of environment variables to make available to builds for this build project.", - "title": "EnvironmentVariables", + "markdownDescription": "The stack names to exclude. All stacks except those listed here will invoke the Hook.", + "title": "Exclude", "type": "array" }, - "Fleet": { - "$ref": "#/definitions/AWS::CodeBuild::Project.ProjectFleet" - }, - "Image": { - "markdownDescription": "The image tag or image digest that identifies the Docker image to use for this build project. Use the following formats:\n\n- For an image tag: `/:` . For example, in the Docker repository that CodeBuild uses to manage its Docker images, this would be `aws/codebuild/standard:4.0` .\n- For an image digest: `/@` . For example, to specify an image with the digest \"sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf,\" use `/@sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf` .\n\nFor more information, see [Docker images provided by CodeBuild](https://docs.aws.amazon.com//codebuild/latest/userguide/build-env-ref-available.html) in the *AWS CodeBuild user guide* .", - "title": "Image", - "type": "string" - }, - "ImagePullCredentialsType": { - "markdownDescription": "The type of credentials AWS CodeBuild uses to pull images in your build. There are two valid values:\n\n- `CODEBUILD` specifies that AWS CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust AWS CodeBuild service principal.\n- `SERVICE_ROLE` specifies that AWS CodeBuild uses your build project's service role.\n\nWhen you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an AWS CodeBuild curated image, you must use CODEBUILD credentials.", - "title": "ImagePullCredentialsType", - "type": "string" - }, - "PrivilegedMode": { - "markdownDescription": "Enables running the Docker daemon inside a Docker container. Set to true only if the build project is used to build Docker images. Otherwise, a build that attempts to interact with the Docker daemon fails. The default setting is `false` .\n\nYou can initialize the Docker daemon during the install phase of your build by adding one of the following sets of commands to the install phase of your buildspec file:\n\nIf the operating system's base image is Ubuntu Linux:\n\n`- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&`\n\n`- timeout 15 sh -c \"until docker info; do echo .; sleep 1; done\"`\n\nIf the operating system's base image is Alpine Linux and the previous command does not work, add the `-t` argument to `timeout` :\n\n`- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&`\n\n`- timeout -t 15 sh -c \"until docker info; do echo .; sleep 1; done\"`", - "title": "PrivilegedMode", - "type": "boolean" - }, - "RegistryCredential": { - "$ref": "#/definitions/AWS::CodeBuild::Project.RegistryCredential", - "markdownDescription": "`RegistryCredential` is a property of the [AWS::CodeBuild::Project Environment](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codebuild-project.html#cfn-codebuild-project-environment) property that specifies information about credentials that provide access to a private Docker registry. When this is set:\n\n- `imagePullCredentialsType` must be set to `SERVICE_ROLE` .\n- images cannot be curated or an Amazon ECR image.", - "title": "RegistryCredential" - }, - "Type": { - "markdownDescription": "The type of build environment to use for related builds.\n\n> If you're using compute fleets during project creation, `type` will be ignored. \n\nFor more information, see [Build environment compute types](https://docs.aws.amazon.com//codebuild/latest/userguide/build-env-ref-compute-types.html) in the *AWS CodeBuild user guide* .", - "title": "Type", - "type": "string" - } - }, - "required": [ - "ComputeType", - "Image", - "Type" - ], - "type": "object" - }, - "AWS::CodeBuild::Project.EnvironmentVariable": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name or key of the environment variable.", - "title": "Name", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of environment variable. Valid values include:\n\n- `PARAMETER_STORE` : An environment variable stored in Systems Manager Parameter Store. For environment variables of this type, specify the name of the parameter as the `value` of the EnvironmentVariable. The parameter value will be substituted for the name at runtime. You can also define Parameter Store environment variables in the buildspec. To learn how to do so, see [env/parameter-store](https://docs.aws.amazon.com/codebuild/latest/userguide/build-spec-ref.html#build-spec.env.parameter-store) in the *AWS CodeBuild User Guide* .\n- `PLAINTEXT` : An environment variable in plain text format. This is the default value.\n- `SECRETS_MANAGER` : An environment variable stored in AWS Secrets Manager . For environment variables of this type, specify the name of the secret as the `value` of the EnvironmentVariable. The secret value will be substituted for the name at runtime. You can also define AWS Secrets Manager environment variables in the buildspec. To learn how to do so, see [env/secrets-manager](https://docs.aws.amazon.com/codebuild/latest/userguide/build-spec-ref.html#build-spec.env.secrets-manager) in the *AWS CodeBuild User Guide* .", - "title": "Type", - "type": "string" - }, - "Value": { - "markdownDescription": "The value of the environment variable.\n\n> We strongly discourage the use of `PLAINTEXT` environment variables to store sensitive values, especially AWS secret key IDs. `PLAINTEXT` environment variables can be displayed in plain text using the AWS CodeBuild console and the AWS CLI . For sensitive values, we recommend you use an environment variable of type `PARAMETER_STORE` or `SECRETS_MANAGER` .", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Name", - "Value" - ], - "type": "object" - }, - "AWS::CodeBuild::Project.FilterGroup": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::CodeBuild::Project.GitSubmodulesConfig": { - "additionalProperties": false, - "properties": { - "FetchSubmodules": { - "markdownDescription": "Set to true to fetch Git submodules for your AWS CodeBuild build project.", - "title": "FetchSubmodules", - "type": "boolean" - } - }, - "required": [ - "FetchSubmodules" - ], - "type": "object" - }, - "AWS::CodeBuild::Project.LogsConfig": { - "additionalProperties": false, - "properties": { - "CloudWatchLogs": { - "$ref": "#/definitions/AWS::CodeBuild::Project.CloudWatchLogsConfig", - "markdownDescription": "Information about CloudWatch Logs for a build project. CloudWatch Logs are enabled by default.", - "title": "CloudWatchLogs" - }, - "S3Logs": { - "$ref": "#/definitions/AWS::CodeBuild::Project.S3LogsConfig", - "markdownDescription": "Information about logs built to an S3 bucket for a build project. S3 logs are not enabled by default.", - "title": "S3Logs" - } - }, - "type": "object" - }, - "AWS::CodeBuild::Project.ProjectBuildBatchConfig": { - "additionalProperties": false, - "properties": { - "BatchReportMode": { - "markdownDescription": "Specifies how build status reports are sent to the source provider for the batch build. This property is only used when the source provider for your project is Bitbucket, GitHub, or GitHub Enterprise, and your project is configured to report build statuses to the source provider.\n\n- **REPORT_AGGREGATED_BATCH** - (Default) Aggregate all of the build statuses into a single status report.\n- **REPORT_INDIVIDUAL_BUILDS** - Send a separate status report for each individual build.", - "title": "BatchReportMode", - "type": "string" - }, - "CombineArtifacts": { - "markdownDescription": "Specifies if the build artifacts for the batch build should be combined into a single artifact location.", - "title": "CombineArtifacts", - "type": "boolean" - }, - "Restrictions": { - "$ref": "#/definitions/AWS::CodeBuild::Project.BatchRestrictions", - "markdownDescription": "A `BatchRestrictions` object that specifies the restrictions for the batch build.", - "title": "Restrictions" - }, - "ServiceRole": { - "markdownDescription": "Specifies the service role ARN for the batch build project.", - "title": "ServiceRole", - "type": "string" - }, - "TimeoutInMins": { - "markdownDescription": "Specifies the maximum amount of time, in minutes, that the batch build must be completed in.", - "title": "TimeoutInMins", - "type": "number" - } - }, - "type": "object" - }, - "AWS::CodeBuild::Project.ProjectCache": { - "additionalProperties": false, - "properties": { - "Location": { - "markdownDescription": "Information about the cache location:\n\n- `NO_CACHE` or `LOCAL` : This value is ignored.\n- `S3` : This is the S3 bucket name/prefix.", - "title": "Location", - "type": "string" - }, - "Modes": { + "Include": { "items": { "type": "string" }, - "markdownDescription": "An array of strings that specify the local cache modes. You can use one or more local cache modes at the same time. This is only used for `LOCAL` cache types.\n\nPossible values are:\n\n- **LOCAL_SOURCE_CACHE** - Caches Git metadata for primary and secondary sources. After the cache is created, subsequent builds pull only the change between commits. This mode is a good choice for projects with a clean working directory and a source that is a large Git repository. If you choose this option and your project does not use a Git repository (GitHub, GitHub Enterprise, or Bitbucket), the option is ignored.\n- **LOCAL_DOCKER_LAYER_CACHE** - Caches existing Docker layers. This mode is a good choice for projects that build or pull large Docker images. It can prevent the performance issues caused by pulling large Docker images down from the network.\n\n> - You can use a Docker layer cache in the Linux environment only.\n> - The `privileged` flag must be set so that your project has the required Docker permissions.\n> - You should consider the security implications before you use a Docker layer cache.\n- **LOCAL_CUSTOM_CACHE** - Caches directories you specify in the buildspec file. This mode is a good choice if your build scenario is not suited to one of the other three local cache modes. If you use a custom cache:\n\n- Only directories can be specified for caching. You cannot specify individual files.\n- Symlinks are used to reference cached directories.\n- Cached directories are linked to your build before it downloads its project sources. Cached items are overridden if a source item has the same name. Directories are specified using cache paths in the buildspec file.", - "title": "Modes", + "markdownDescription": "The stack names to include. Only the stacks specified in this list will invoke the Hook.", + "title": "Include", "type": "array" - }, - "Type": { - "markdownDescription": "The type of cache used by the build project. Valid values include:\n\n- `NO_CACHE` : The build project does not use any cache.\n- `S3` : The build project reads and writes from and to S3.\n- `LOCAL` : The build project stores a cache locally on a build host that is only available to that build host.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::CodeBuild::Project.ProjectFileSystemLocation": { - "additionalProperties": false, - "properties": { - "Identifier": { - "markdownDescription": "The name used to access a file system created by Amazon EFS. CodeBuild creates an environment variable by appending the `identifier` in all capital letters to `CODEBUILD_` . For example, if you specify `my_efs` for `identifier` , a new environment variable is create named `CODEBUILD_MY_EFS` .\n\nThe `identifier` is used to mount your file system.", - "title": "Identifier", - "type": "string" - }, - "Location": { - "markdownDescription": "A string that specifies the location of the file system created by Amazon EFS. Its format is `efs-dns-name:/directory-path` . You can find the DNS name of file system when you view it in the Amazon EFS console. The directory path is a path to a directory in the file system that CodeBuild mounts. For example, if the DNS name of a file system is `fs-abcd1234.efs.us-west-2.amazonaws.com` , and its mount directory is `my-efs-mount-directory` , then the `location` is `fs-abcd1234.efs.us-west-2.amazonaws.com:/my-efs-mount-directory` .\n\nThe directory path in the format `efs-dns-name:/directory-path` is optional. If you do not specify a directory path, the location is only the DNS name and CodeBuild mounts the entire file system.", - "title": "Location", - "type": "string" - }, - "MountOptions": { - "markdownDescription": "The mount options for a file system created by Amazon EFS. The default mount options used by CodeBuild are `nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2` . For more information, see [Recommended NFS Mount Options](https://docs.aws.amazon.com/efs/latest/ug/mounting-fs-nfs-mount-settings.html) .", - "title": "MountOptions", - "type": "string" - }, - "MountPoint": { - "markdownDescription": "The location in the container where you mount the file system.", - "title": "MountPoint", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of the file system. The one supported type is `EFS` .", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Identifier", - "Location", - "MountPoint", - "Type" - ], - "type": "object" - }, - "AWS::CodeBuild::Project.ProjectFleet": { - "additionalProperties": false, - "properties": { - "FleetArn": { - "markdownDescription": "Specifies the compute fleet ARN for the build project.", - "title": "FleetArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::CodeBuild::Project.ProjectSourceVersion": { - "additionalProperties": false, - "properties": { - "SourceIdentifier": { - "markdownDescription": "An identifier for a source in the build project. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.", - "title": "SourceIdentifier", - "type": "string" - }, - "SourceVersion": { - "markdownDescription": "The source version for the corresponding source identifier. If specified, must be one of:\n\n- For CodeCommit: the commit ID, branch, or Git tag to use.\n- For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format `pr/pull-request-ID` (for example, `pr/25` ). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.\n- For GitLab: the commit ID, branch, or Git tag to use.\n- For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.\n- For Amazon S3: the version ID of the object that represents the build input ZIP file to use.\n\nFor more information, see [Source Version Sample with CodeBuild](https://docs.aws.amazon.com/codebuild/latest/userguide/sample-source-version.html) in the *AWS CodeBuild User Guide* .", - "title": "SourceVersion", - "type": "string" } }, - "required": [ - "SourceIdentifier" - ], "type": "object" }, - "AWS::CodeBuild::Project.ProjectTriggers": { + "AWS::CloudFormation::GuardHook.StackRoles": { "additionalProperties": false, "properties": { - "BuildType": { - "markdownDescription": "Specifies the type of build this webhook will trigger. Allowed values are:\n\n- **BUILD** - A single build\n- **BUILD_BATCH** - A batch build", - "title": "BuildType", - "type": "string" - }, - "FilterGroups": { + "Exclude": { "items": { - "$ref": "#/definitions/AWS::CodeBuild::Project.FilterGroup" + "type": "string" }, - "markdownDescription": "A list of lists of `WebhookFilter` objects used to determine which webhook events are triggered. At least one `WebhookFilter` in the array must specify `EVENT` as its type.", - "title": "FilterGroups", + "markdownDescription": "The IAM role ARNs for stacks you want to exclude. The Hook will be invoked on all stacks except those initiated by the specified roles.", + "title": "Exclude", "type": "array" }, - "Webhook": { - "markdownDescription": "Specifies whether or not to begin automatically rebuilding the source code every time a code change is pushed to the repository.", - "title": "Webhook", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::CodeBuild::Project.RegistryCredential": { - "additionalProperties": false, - "properties": { - "Credential": { - "markdownDescription": "The Amazon Resource Name (ARN) or name of credentials created using AWS Secrets Manager .\n\n> The `credential` can use the name of the credentials only if they exist in your current AWS Region .", - "title": "Credential", - "type": "string" - }, - "CredentialProvider": { - "markdownDescription": "The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for AWS Secrets Manager .", - "title": "CredentialProvider", - "type": "string" - } - }, - "required": [ - "Credential", - "CredentialProvider" - ], - "type": "object" - }, - "AWS::CodeBuild::Project.S3LogsConfig": { - "additionalProperties": false, - "properties": { - "EncryptionDisabled": { - "markdownDescription": "Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted.", - "title": "EncryptionDisabled", - "type": "boolean" - }, - "Location": { - "markdownDescription": "The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is `my-bucket` , and your path prefix is `build-log` , then acceptable formats are `my-bucket/build-log` or `arn:aws:s3:::my-bucket/build-log` .", - "title": "Location", - "type": "string" - }, - "Status": { - "markdownDescription": "The current status of the S3 build logs. Valid values are:\n\n- `ENABLED` : S3 build logs are enabled for this build project.\n- `DISABLED` : S3 build logs are not enabled for this build project.", - "title": "Status", - "type": "string" - } - }, - "required": [ - "Status" - ], - "type": "object" - }, - "AWS::CodeBuild::Project.Source": { - "additionalProperties": false, - "properties": { - "Auth": { - "$ref": "#/definitions/AWS::CodeBuild::Project.SourceAuth", - "markdownDescription": "Information about the authorization settings for AWS CodeBuild to access the source code to be built.", - "title": "Auth" - }, - "BuildSpec": { - "markdownDescription": "The build specification for the project. If this value is not provided, then the source code must contain a buildspec file named `buildspec.yml` at the root level. If this value is provided, it can be either a single string containing the entire build specification, or the path to an alternate buildspec file relative to the value of the built-in environment variable `CODEBUILD_SRC_DIR` . The alternate buildspec file can have a name other than `buildspec.yml` , for example `myspec.yml` or `build_spec_qa.yml` or similar. For more information, see the [Build Spec Reference](https://docs.aws.amazon.com/codebuild/latest/userguide/build-spec-ref.html#build-spec-ref-example) in the *AWS CodeBuild User Guide* .", - "title": "BuildSpec", - "type": "string" - }, - "BuildStatusConfig": { - "$ref": "#/definitions/AWS::CodeBuild::Project.BuildStatusConfig", - "markdownDescription": "Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is `GITHUB` , `GITHUB_ENTERPRISE` , or `BITBUCKET` .", - "title": "BuildStatusConfig" - }, - "GitCloneDepth": { - "markdownDescription": "The depth of history to download. Minimum value is 0. If this value is 0, greater than 25, or not provided, then the full history is downloaded with each build project. If your source type is Amazon S3, this value is not supported.", - "title": "GitCloneDepth", - "type": "number" - }, - "GitSubmodulesConfig": { - "$ref": "#/definitions/AWS::CodeBuild::Project.GitSubmodulesConfig", - "markdownDescription": "Information about the Git submodules configuration for the build project.", - "title": "GitSubmodulesConfig" - }, - "InsecureSsl": { - "markdownDescription": "This is used with GitHub Enterprise only. Set to true to ignore SSL warnings while connecting to your GitHub Enterprise project repository. The default value is `false` . `InsecureSsl` should be used for testing purposes only. It should not be used in a production environment.", - "title": "InsecureSsl", - "type": "boolean" - }, - "Location": { - "markdownDescription": "Information about the location of the source code to be built. Valid values include:\n\n- For source code settings that are specified in the source action of a pipeline in CodePipeline, `location` should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value.\n- For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, `https://git-codecommit..amazonaws.com/v1/repos/` ).\n- For source code in an Amazon S3 input bucket, one of the following.\n\n- The path to the ZIP file that contains the source code (for example, `//.zip` ).\n- The path to the folder that contains the source code (for example, `///` ).\n- For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your AWS account to your GitHub account. Use the AWS CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub *Authorize application* page, for *Organization access* , choose *Request access* next to each repository you want to allow AWS CodeBuild to have access to, and then choose *Authorize application* . (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the AWS CodeBuild console.) To instruct AWS CodeBuild to use this connection, in the `source` object, set the `auth` object's `type` value to `OAUTH` .\n- For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your AWS account to your GitLab account. Use the AWS CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections *Authorize application* page, choose *Authorize* . Then on the AWS CodeConnections *Create GitLab connection* page, choose *Connect to GitLab* . (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the AWS CodeBuild console.) To instruct AWS CodeBuild to override the default connection and use this connection instead, set the `auth` object's `type` value to `CODECONNECTIONS` in the `source` object.\n- For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your AWS account to your Bitbucket account. Use the AWS CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket *Confirm access to your account* page, choose *Grant access* . (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the AWS CodeBuild console.) To instruct AWS CodeBuild to use this connection, in the `source` object, set the `auth` object's `type` value to `OAUTH` .\n\nIf you specify `CODEPIPELINE` for the `Type` property, don't specify this property. For all of the other types, you must specify `Location` .", - "title": "Location", - "type": "string" - }, - "ReportBuildStatus": { - "markdownDescription": "Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an `invalidInputException` is thrown.", - "title": "ReportBuildStatus", - "type": "boolean" - }, - "SourceIdentifier": { - "markdownDescription": "An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.", - "title": "SourceIdentifier", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of repository that contains the source code to be built. Valid values include:\n\n- `BITBUCKET` : The source code is in a Bitbucket repository.\n- `CODECOMMIT` : The source code is in an CodeCommit repository.\n- `CODEPIPELINE` : The source code settings are specified in the source action of a pipeline in CodePipeline.\n- `GITHUB` : The source code is in a GitHub repository.\n- `GITHUB_ENTERPRISE` : The source code is in a GitHub Enterprise Server repository.\n- `GITLAB` : The source code is in a GitLab repository.\n- `GITLAB_SELF_MANAGED` : The source code is in a self-managed GitLab repository.\n- `NO_SOURCE` : The project does not have input source code.\n- `S3` : The source code is in an Amazon S3 bucket.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::CodeBuild::Project.SourceAuth": { - "additionalProperties": false, - "properties": { - "Resource": { - "markdownDescription": "The resource value that applies to the specified authorization type.", - "title": "Resource", - "type": "string" - }, - "Type": { - "markdownDescription": "The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.", - "title": "Type", - "type": "string" + "Include": { + "items": { + "type": "string" + }, + "markdownDescription": "The IAM role ARNs to target stacks associated with these roles. Only stack operations initiated by these roles will invoke the Hook.", + "title": "Include", + "type": "array" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::CodeBuild::Project.VpcConfig": { + "AWS::CloudFormation::GuardHook.TargetFilters": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { + "Actions": { "items": { "type": "string" }, - "markdownDescription": "A list of one or more security groups IDs in your Amazon VPC. The maximum count is 5.", - "title": "SecurityGroupIds", "type": "array" }, - "Subnets": { + "InvocationPoints": { "items": { "type": "string" }, - "markdownDescription": "A list of one or more subnet IDs in your Amazon VPC. The maximum count is 16.", - "title": "Subnets", "type": "array" }, - "VpcId": { - "markdownDescription": "The ID of the Amazon VPC.", - "title": "VpcId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::CodeBuild::Project.WebhookFilter": { - "additionalProperties": false, - "properties": { - "ExcludeMatchedPattern": { - "markdownDescription": "Used to indicate that the `pattern` determines which webhook events do not trigger a build. If true, then a webhook event that does not match the `pattern` triggers a build. If false, then a webhook event that matches the `pattern` triggers a build.", - "title": "ExcludeMatchedPattern", - "type": "boolean" - }, - "Pattern": { - "markdownDescription": "For a `WebHookFilter` that uses `EVENT` type, a comma-separated string that specifies one or more events. For example, the webhook filter `PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED` allows all push, pull request created, and pull request updated events to trigger a build.\n\nFor a `WebHookFilter` that uses any of the other filter types, a regular expression pattern. For example, a `WebHookFilter` that uses `HEAD_REF` for its `type` and the pattern `^refs/heads/` triggers a build when the head reference is a branch with a reference name `refs/heads/branch-name` .", - "title": "Pattern", - "type": "string" + "TargetNames": { + "items": { + "type": "string" + }, + "type": "array" }, - "Type": { - "markdownDescription": "The type of webhook filter. There are 11 webhook filter types: `EVENT` , `ACTOR_ACCOUNT_ID` , `HEAD_REF` , `BASE_REF` , `FILE_PATH` , `COMMIT_MESSAGE` , `TAG_NAME` , `RELEASE_NAME` , `REPOSITORY_NAME` , `ORGANIZATION_NAME` , and `WORKFLOW_NAME` .\n\n- EVENT\n\n- A webhook event triggers a build when the provided `pattern` matches one of nine event types: `PUSH` , `PULL_REQUEST_CREATED` , `PULL_REQUEST_UPDATED` , `PULL_REQUEST_CLOSED` , `PULL_REQUEST_REOPENED` , `PULL_REQUEST_MERGED` , `RELEASED` , `PRERELEASED` , and `WORKFLOW_JOB_QUEUED` . The `EVENT` patterns are specified as a comma-separated string. For example, `PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED` filters all push, pull request created, and pull request updated events.\n\n> Types `PULL_REQUEST_REOPENED` and `WORKFLOW_JOB_QUEUED` work with GitHub and GitHub Enterprise only. Types `RELEASED` and `PRERELEASED` work with GitHub only.\n- ACTOR_ACCOUNT_ID\n\n- A webhook event triggers a build when a GitHub, GitHub Enterprise, or Bitbucket account ID matches the regular expression `pattern` .\n- HEAD_REF\n\n- A webhook event triggers a build when the head reference matches the regular expression `pattern` . For example, `refs/heads/branch-name` and `refs/tags/tag-name` .\n\n> Works with GitHub and GitHub Enterprise push, GitHub and GitHub Enterprise pull request, Bitbucket push, and Bitbucket pull request events.\n- BASE_REF\n\n- A webhook event triggers a build when the base reference matches the regular expression `pattern` . For example, `refs/heads/branch-name` .\n\n> Works with pull request events only.\n- FILE_PATH\n\n- A webhook triggers a build when the path of a changed file matches the regular expression `pattern` .\n\n> Works with push and pull request events only.\n- COMMIT_MESSAGE\n\n- A webhook triggers a build when the head commit message matches the regular expression `pattern` .\n\n> Works with push and pull request events only.\n- TAG_NAME\n\n- A webhook triggers a build when the tag name of the release matches the regular expression `pattern` .\n\n> Works with `RELEASED` and `PRERELEASED` events only.\n- RELEASE_NAME\n\n- A webhook triggers a build when the release name matches the regular expression `pattern` .\n\n> Works with `RELEASED` and `PRERELEASED` events only.\n- REPOSITORY_NAME\n\n- A webhook triggers a build when the repository name matches the regular expression `pattern` .\n\n> Works with GitHub global or organization webhooks only.\n- ORGANIZATION_NAME\n\n- A webhook triggers a build when the organization name matches the regular expression `pattern` .\n\n> Works with GitHub global webhooks only.\n- WORKFLOW_NAME\n\n- A webhook triggers a build when the workflow name matches the regular expression `pattern` .\n\n> Works with `WORKFLOW_JOB_QUEUED` events only. > For CodeBuild-hosted Buildkite runner builds, WORKFLOW_NAME filters will filter by pipeline name.", - "title": "Type", - "type": "string" + "Targets": { + "items": { + "$ref": "#/definitions/AWS::CloudFormation::GuardHook.HookTarget" + }, + "type": "array" } }, - "required": [ - "Pattern", - "Type" - ], "type": "object" }, - "AWS::CodeBuild::ReportGroup": { + "AWS::CloudFormation::HookDefaultVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -42008,44 +46947,27 @@ "Properties": { "additionalProperties": false, "properties": { - "DeleteReports": { - "markdownDescription": "When deleting a report group, specifies if reports within the report group should be deleted.\n\n- **true** - Deletes any reports that belong to the report group before deleting the report group.\n- **false** - You must delete any reports in the report group. This is the default value. If you delete a report group that contains one or more reports, an exception is thrown.", - "title": "DeleteReports", - "type": "boolean" - }, - "ExportConfig": { - "$ref": "#/definitions/AWS::CodeBuild::ReportGroup.ReportExportConfig", - "markdownDescription": "Information about the destination where the raw data of this `ReportGroup` is exported.", - "title": "ExportConfig" - }, - "Name": { - "markdownDescription": "The name of the `ReportGroup` .", - "title": "Name", + "TypeName": { + "markdownDescription": "The name of the Hook.\n\nYou must specify either `TypeVersionArn` , or `TypeName` and `VersionId` .", + "title": "TypeName", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of tag key and value pairs associated with this report group.\n\nThese tags are available for use by AWS services that support AWS CodeBuild report group tags.", - "title": "Tags", - "type": "array" + "TypeVersionArn": { + "markdownDescription": "The version ID of the type configuration.\n\nYou must specify either `TypeVersionArn` , or `TypeName` and `VersionId` .", + "title": "TypeVersionArn", + "type": "string" }, - "Type": { - "markdownDescription": "The type of the `ReportGroup` . This can be one of the following values:\n\n- **CODE_COVERAGE** - The report group contains code coverage reports.\n- **TEST** - The report group contains test reports.", - "title": "Type", + "VersionId": { + "markdownDescription": "The version ID of the type specified.\n\nYou must specify either `TypeVersionArn` , or `TypeName` and `VersionId` .", + "title": "VersionId", "type": "string" } }, - "required": [ - "ExportConfig", - "Type" - ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeBuild::ReportGroup" + "AWS::CloudFormation::HookDefaultVersion" ], "type": "string" }, @@ -42059,70 +46981,11 @@ } }, "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::CodeBuild::ReportGroup.ReportExportConfig": { - "additionalProperties": false, - "properties": { - "ExportConfigType": { - "markdownDescription": "The export configuration type. Valid values are:\n\n- `S3` : The report results are exported to an S3 bucket.\n- `NO_EXPORT` : The report results are not exported.", - "title": "ExportConfigType", - "type": "string" - }, - "S3Destination": { - "$ref": "#/definitions/AWS::CodeBuild::ReportGroup.S3ReportExportConfig", - "markdownDescription": "A `S3ReportExportConfig` object that contains information about the S3 bucket where the run of a report is exported.", - "title": "S3Destination" - } - }, - "required": [ - "ExportConfigType" - ], - "type": "object" - }, - "AWS::CodeBuild::ReportGroup.S3ReportExportConfig": { - "additionalProperties": false, - "properties": { - "Bucket": { - "markdownDescription": "The name of the S3 bucket where the raw data of a report are exported.", - "title": "Bucket", - "type": "string" - }, - "BucketOwner": { - "markdownDescription": "The AWS account identifier of the owner of the Amazon S3 bucket. This allows report data to be exported to an Amazon S3 bucket that is owned by an account other than the account running the build.", - "title": "BucketOwner", - "type": "string" - }, - "EncryptionDisabled": { - "markdownDescription": "A boolean value that specifies if the results of a report are encrypted.", - "title": "EncryptionDisabled", - "type": "boolean" - }, - "EncryptionKey": { - "markdownDescription": "The encryption key for the report's encrypted raw data.", - "title": "EncryptionKey", - "type": "string" - }, - "Packaging": { - "markdownDescription": "The type of build output artifact to create. Valid values include:\n\n- `NONE` : CodeBuild creates the raw data in the output bucket. This is the default if packaging is not specified.\n- `ZIP` : CodeBuild creates a ZIP file with the raw data in the output bucket.", - "title": "Packaging", - "type": "string" - }, - "Path": { - "markdownDescription": "The path to the exported report's raw data results.", - "title": "Path", - "type": "string" - } - }, - "required": [ - "Bucket" + "Type" ], "type": "object" }, - "AWS::CodeBuild::SourceCredential": { + "AWS::CloudFormation::HookTypeConfig": { "additionalProperties": false, "properties": { "Condition": { @@ -42157,37 +47020,35 @@ "Properties": { "additionalProperties": false, "properties": { - "AuthType": { - "markdownDescription": "The type of authentication used by the credentials. Valid options are OAUTH, BASIC_AUTH, PERSONAL_ACCESS_TOKEN, CODECONNECTIONS, or SECRETS_MANAGER.", - "title": "AuthType", + "Configuration": { + "markdownDescription": "Specifies the activated Hook type configuration, in this AWS account and AWS Region .\n\nYou must specify either `TypeName` and `Configuration` or `TypeArn` and `Configuration` .", + "title": "Configuration", "type": "string" }, - "ServerType": { - "markdownDescription": "The type of source provider. The valid options are GITHUB, GITHUB_ENTERPRISE, GITLAB, GITLAB_SELF_MANAGED, or BITBUCKET.", - "title": "ServerType", + "ConfigurationAlias": { + "markdownDescription": "An alias by which to refer to this configuration data.\n\nDefaults to `default` alias. Hook types currently support default configuration alias.", + "title": "ConfigurationAlias", "type": "string" }, - "Token": { - "markdownDescription": "For GitHub or GitHub Enterprise, this is the personal access token. For Bitbucket, this is either the access token or the app password. For the `authType` CODECONNECTIONS, this is the `connectionArn` . For the `authType` SECRETS_MANAGER, this is the `secretArn` .", - "title": "Token", + "TypeArn": { + "markdownDescription": "The Amazon Resource Number (ARN) for the Hook to set `Configuration` for.\n\nYou must specify either `TypeName` and `Configuration` or `TypeArn` and `Configuration` .", + "title": "TypeArn", "type": "string" }, - "Username": { - "markdownDescription": "The Bitbucket username when the `authType` is BASIC_AUTH. This parameter is not valid for other types of source providers or connections.", - "title": "Username", + "TypeName": { + "markdownDescription": "The unique name for your Hook. Specifies a three-part namespace for your Hook, with a recommended pattern of `Organization::Service::Hook` .\n\nYou must specify either `TypeName` and `Configuration` or `TypeArn` and `Configuration` .", + "title": "TypeName", "type": "string" } }, "required": [ - "AuthType", - "ServerType", - "Token" + "Configuration" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeBuild::SourceCredential" + "AWS::CloudFormation::HookTypeConfig" ], "type": "string" }, @@ -42206,7 +47067,7 @@ ], "type": "object" }, - "AWS::CodeCommit::Repository": { + "AWS::CloudFormation::HookVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -42241,51 +47102,36 @@ "Properties": { "additionalProperties": false, "properties": { - "Code": { - "$ref": "#/definitions/AWS::CodeCommit::Repository.Code", - "markdownDescription": "Information about code to be committed to a repository after it is created in an AWS CloudFormation stack. Information about code is only used in resource creation. Updates to a stack will not reflect changes made to code properties after initial resource creation.\n\n> You can only use this property to add code when creating a repository with a AWS CloudFormation template at creation time. This property cannot be used for updating code to an existing repository.", - "title": "Code" - }, - "KmsKeyId": { - "markdownDescription": "The ID of the AWS Key Management Service encryption key used to encrypt and decrypt the repository.\n\n> The input can be the full ARN, the key ID, or the key alias. For more information, see [Finding the key ID and key ARN](https://docs.aws.amazon.com/kms/latest/developerguide/find-cmk-id-arn.html) .", - "title": "KmsKeyId", + "ExecutionRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the task execution role that grants the Hook permission.", + "title": "ExecutionRoleArn", "type": "string" }, - "RepositoryDescription": { - "markdownDescription": "A comment or description about the new repository.\n\n> The description field for a repository accepts all HTML characters and all valid Unicode characters. Applications that do not HTML-encode the description and display it in a webpage can expose users to potentially malicious code. Make sure that you HTML-encode the description field in any application that uses this API to display the repository description on a webpage.", - "title": "RepositoryDescription", - "type": "string" + "LoggingConfig": { + "$ref": "#/definitions/AWS::CloudFormation::HookVersion.LoggingConfig", + "markdownDescription": "Contains logging configuration information for an extension.", + "title": "LoggingConfig" }, - "RepositoryName": { - "markdownDescription": "The name of the new repository to be created.\n\n> The repository name must be unique across the calling AWS account . Repository names are limited to 100 alphanumeric, dash, and underscore characters, and cannot include certain characters. For more information about the limits on repository names, see [Quotas](https://docs.aws.amazon.com/codecommit/latest/userguide/limits.html) in the *AWS CodeCommit User Guide* . The suffix .git is prohibited.", - "title": "RepositoryName", + "SchemaHandlerPackage": { + "markdownDescription": "A URL to the Amazon S3 bucket for the Hook project package that contains the necessary files for the Hook you want to register.\n\nFor information on generating a schema handler package, see [Modeling custom CloudFormation Hooks](https://docs.aws.amazon.com/cloudformation-cli/latest/hooks-userguide/hooks-model.html) in the *AWS CloudFormation Hooks User Guide* .\n\n> To register the Hook, you must have `s3:GetObject` permissions to access the S3 objects.", + "title": "SchemaHandlerPackage", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "One or more tag key-value pairs to use when tagging this repository.", - "title": "Tags", - "type": "array" - }, - "Triggers": { - "items": { - "$ref": "#/definitions/AWS::CodeCommit::Repository.RepositoryTrigger" - }, - "markdownDescription": "The JSON block of configuration information for each trigger.", - "title": "Triggers", - "type": "array" + "TypeName": { + "markdownDescription": "The unique name for your hook. Specifies a three-part namespace for your hook, with a recommended pattern of `Organization::Service::Hook` .\n\n> The following organization namespaces are reserved and can't be used in your hook type names:\n> \n> - `Alexa`\n> - `AMZN`\n> - `Amazon`\n> - `ASK`\n> - `AWS`\n> - `Custom`\n> - `Dev`", + "title": "TypeName", + "type": "string" } }, "required": [ - "RepositoryName" + "SchemaHandlerPackage", + "TypeName" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeCommit::Repository" + "AWS::CloudFormation::HookVersion" ], "type": "string" }, @@ -42304,93 +47150,23 @@ ], "type": "object" }, - "AWS::CodeCommit::Repository.Code": { - "additionalProperties": false, - "properties": { - "BranchName": { - "markdownDescription": "Optional. Specifies a branch name to be used as the default branch when importing code into a repository on initial creation. If this property is not set, the name *main* will be used for the default branch for the repository. Changes to this property are ignored after initial resource creation. We recommend using this parameter to set the name to *main* to align with the default behavior of CodeCommit unless another name is needed.", - "title": "BranchName", - "type": "string" - }, - "S3": { - "$ref": "#/definitions/AWS::CodeCommit::Repository.S3", - "markdownDescription": "Information about the Amazon S3 bucket that contains a ZIP file of code to be committed to the repository. Changes to this property are ignored after initial resource creation.", - "title": "S3" - } - }, - "required": [ - "S3" - ], - "type": "object" - }, - "AWS::CodeCommit::Repository.RepositoryTrigger": { - "additionalProperties": false, - "properties": { - "Branches": { - "items": { - "type": "string" - }, - "markdownDescription": "The branches to be included in the trigger configuration. If you specify an empty array, the trigger applies to all branches.\n\n> Although no content is required in the array, you must include the array itself.", - "title": "Branches", - "type": "array" - }, - "CustomData": { - "markdownDescription": "Any custom data associated with the trigger to be included in the information sent to the target of the trigger.", - "title": "CustomData", - "type": "string" - }, - "DestinationArn": { - "markdownDescription": "The ARN of the resource that is the target for a trigger (for example, the ARN of a topic in Amazon SNS).", - "title": "DestinationArn", - "type": "string" - }, - "Events": { - "items": { - "type": "string" - }, - "markdownDescription": "The repository events that cause the trigger to run actions in another service, such as sending a notification through Amazon SNS.\n\n> The valid value \"all\" cannot be used with any other values.", - "title": "Events", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the trigger.", - "title": "Name", - "type": "string" - } - }, - "required": [ - "DestinationArn", - "Events", - "Name" - ], - "type": "object" - }, - "AWS::CodeCommit::Repository.S3": { + "AWS::CloudFormation::HookVersion.LoggingConfig": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The name of the Amazon S3 bucket that contains the ZIP file with the content that will be committed to the new repository. This can be specified using the name of the bucket in the AWS account . Changes to this property are ignored after initial resource creation.", - "title": "Bucket", - "type": "string" - }, - "Key": { - "markdownDescription": "The key to use for accessing the Amazon S3 bucket. Changes to this property are ignored after initial resource creation. For more information, see [Creating object key names](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html) and [Uploading objects](https://docs.aws.amazon.com/AmazonS3/latest/userguide/upload-objects.html) in the Amazon S3 User Guide.", - "title": "Key", + "LogGroupName": { + "markdownDescription": "The Amazon CloudWatch Logs group to which CloudFormation sends error logging information when invoking the extension's handlers.", + "title": "LogGroupName", "type": "string" }, - "ObjectVersion": { - "markdownDescription": "The object version of the ZIP file, if versioning is enabled for the Amazon S3 bucket. Changes to this property are ignored after initial resource creation.", - "title": "ObjectVersion", + "LogRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role that CloudFormation should assume when sending log entries to CloudWatch Logs.", + "title": "LogRoleArn", "type": "string" } }, - "required": [ - "Bucket", - "Key" - ], "type": "object" }, - "AWS::CodeConnections::Connection": { + "AWS::CloudFormation::LambdaHook": { "additionalProperties": false, "properties": { "Condition": { @@ -42425,38 +47201,63 @@ "Properties": { "additionalProperties": false, "properties": { - "ConnectionName": { - "markdownDescription": "The name of the connection. Connection names must be unique in an AWS account .", - "title": "ConnectionName", + "Alias": { + "markdownDescription": "The type name alias for the Hook. This alias must be unique per account and Region.\n\nThe alias must be in the form `Name1::Name2::Name3` and must not begin with `AWS` . For example, `Private::Lambda::MyTestHook` .", + "title": "Alias", "type": "string" }, - "HostArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the host associated with the connection.", - "title": "HostArn", + "ExecutionRole": { + "markdownDescription": "The IAM role that the Hook assumes to invoke your Lambda function.", + "title": "ExecutionRole", "type": "string" }, - "ProviderType": { - "markdownDescription": "The name of the external provider where your third-party code repository is configured.", - "title": "ProviderType", + "FailureMode": { + "markdownDescription": "Specifies how the Hook responds when the Lambda function invoked by the Hook returns a `FAILED` response.\n\n- `FAIL` : Prevents the action from proceeding. This is helpful for enforcing strict compliance or security policies.\n- `WARN` : Issues warnings to users but allows actions to continue. This is useful for non-critical validations or informational checks.", + "title": "FailureMode", "type": "string" }, - "Tags": { + "HookStatus": { + "markdownDescription": "Specifies if the Hook is `ENABLED` or `DISABLED` .", + "title": "HookStatus", + "type": "string" + }, + "LambdaFunction": { + "markdownDescription": "Specifies the Lambda function for the Hook. You can use:\n\n- The full Amazon Resource Name (ARN) without a suffix.\n- A qualified ARN with a version or alias suffix.", + "title": "LambdaFunction", + "type": "string" + }, + "StackFilters": { + "$ref": "#/definitions/AWS::CloudFormation::LambdaHook.StackFilters", + "markdownDescription": "Specifies the stack level filters for the Hook.\n\nExample stack level filter in JSON:\n\n`\"StackFilters\": {\"FilteringCriteria\": \"ALL\", \"StackNames\": {\"Exclude\": [ \"stack-1\", \"stack-2\"]}}` \n\nExample stack level filter in YAML:\n\n`StackFilters: FilteringCriteria: ALL StackNames: Exclude: - stack-1 - stack-2`", + "title": "StackFilters" + }, + "TargetFilters": { + "$ref": "#/definitions/AWS::CloudFormation::LambdaHook.TargetFilters", + "markdownDescription": "Specifies the target filters for the Hook.\n\nExample target filter in JSON:\n\n`\"TargetFilters\": {\"Actions\": [ \"Create\", \"Update\", \"Delete\" ]}` \n\nExample target filter in YAML:\n\n`TargetFilters: Actions: - CREATE - UPDATE - DELETE`", + "title": "TargetFilters" + }, + "TargetOperations": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "", - "title": "Tags", + "markdownDescription": "Specifies the list of operations the Hook is run against. For more information, see [Hook targets](https://docs.aws.amazon.com/cloudformation-cli/latest/hooks-userguide/hooks-concepts.html#hook-terms-hook-target) in the *AWS CloudFormation Hooks User Guide* .\n\nValid values: `STACK` | `RESOURCE` | `CHANGE_SET` | `CLOUD_CONTROL`", + "title": "TargetOperations", "type": "array" } }, "required": [ - "ConnectionName" + "Alias", + "ExecutionRole", + "FailureMode", + "HookStatus", + "LambdaFunction", + "TargetOperations" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeConnections::Connection" + "AWS::CloudFormation::LambdaHook" ], "type": "string" }, @@ -42475,7 +47276,125 @@ ], "type": "object" }, - "AWS::CodeDeploy::Application": { + "AWS::CloudFormation::LambdaHook.HookTarget": { + "additionalProperties": false, + "properties": { + "Action": { + "type": "string" + }, + "InvocationPoint": { + "type": "string" + }, + "TargetName": { + "type": "string" + } + }, + "required": [ + "Action", + "InvocationPoint", + "TargetName" + ], + "type": "object" + }, + "AWS::CloudFormation::LambdaHook.StackFilters": { + "additionalProperties": false, + "properties": { + "FilteringCriteria": { + "markdownDescription": "The filtering criteria.\n\n- All stack names and stack roles ( `All` ): The Hook will only be invoked when all specified filters match.\n- Any stack names and stack roles ( `Any` ): The Hook will be invoked if at least one of the specified filters match.", + "title": "FilteringCriteria", + "type": "string" + }, + "StackNames": { + "$ref": "#/definitions/AWS::CloudFormation::LambdaHook.StackNames", + "markdownDescription": "Includes or excludes specific stacks from Hook invocations.", + "title": "StackNames" + }, + "StackRoles": { + "$ref": "#/definitions/AWS::CloudFormation::LambdaHook.StackRoles", + "markdownDescription": "Includes or excludes specific stacks from Hook invocations based on their associated IAM roles.", + "title": "StackRoles" + } + }, + "required": [ + "FilteringCriteria" + ], + "type": "object" + }, + "AWS::CloudFormation::LambdaHook.StackNames": { + "additionalProperties": false, + "properties": { + "Exclude": { + "items": { + "type": "string" + }, + "markdownDescription": "The stack names to exclude. All stacks except those listed here will invoke the Hook.", + "title": "Exclude", + "type": "array" + }, + "Include": { + "items": { + "type": "string" + }, + "markdownDescription": "The stack names to include. Only the stacks specified in this list will invoke the Hook.", + "title": "Include", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CloudFormation::LambdaHook.StackRoles": { + "additionalProperties": false, + "properties": { + "Exclude": { + "items": { + "type": "string" + }, + "markdownDescription": "The IAM role ARNs for stacks you want to exclude. The Hook will be invoked on all stacks except those initiated by the specified roles.", + "title": "Exclude", + "type": "array" + }, + "Include": { + "items": { + "type": "string" + }, + "markdownDescription": "The IAM role ARNs to target stacks associated with these roles. Only stack operations initiated by these roles will invoke the Hook.", + "title": "Include", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CloudFormation::LambdaHook.TargetFilters": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "type": "string" + }, + "type": "array" + }, + "InvocationPoints": { + "items": { + "type": "string" + }, + "type": "array" + }, + "TargetNames": { + "items": { + "type": "string" + }, + "type": "array" + }, + "Targets": { + "items": { + "$ref": "#/definitions/AWS::CloudFormation::LambdaHook.HookTarget" + }, + "type": "array" + } + }, + "type": "object" + }, + "AWS::CloudFormation::Macro": { "additionalProperties": false, "properties": { "Condition": { @@ -42510,30 +47429,41 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationName": { - "markdownDescription": "A name for the application. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the application name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> Updates to `ApplicationName` are not supported.", - "title": "ApplicationName", + "Description": { + "markdownDescription": "A description of the macro.", + "title": "Description", "type": "string" }, - "ComputePlatform": { - "markdownDescription": "The compute platform that CodeDeploy deploys the application to.", - "title": "ComputePlatform", + "FunctionName": { + "markdownDescription": "The Amazon Resource Name (ARN) of the underlying Lambda function that you want CloudFormation to invoke when the macro is run.", + "title": "FunctionName", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The metadata that you apply to CodeDeploy applications to help you organize and categorize them. Each tag consists of a key and an optional value, both of which you define.", - "title": "Tags", - "type": "array" + "LogGroupName": { + "markdownDescription": "The CloudWatch Logs group to which CloudFormation sends error logging information when invoking the macro's underlying Lambda function.\n\nThis will be an existing CloudWatch Logs LogGroup. Neither CloudFormation or Lambda will create the group.", + "title": "LogGroupName", + "type": "string" + }, + "LogRoleARN": { + "markdownDescription": "The ARN of the role CloudFormation should assume when sending log entries to CloudWatch Logs .", + "title": "LogRoleARN", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the macro. The name of the macro must be unique across all macros in the account.", + "title": "Name", + "type": "string" } }, + "required": [ + "FunctionName", + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeDeploy::Application" + "AWS::CloudFormation::Macro" ], "type": "string" }, @@ -42547,11 +47477,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::CodeDeploy::DeploymentConfig": { + "AWS::CloudFormation::ModuleDefaultVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -42586,37 +47517,27 @@ "Properties": { "additionalProperties": false, "properties": { - "ComputePlatform": { - "markdownDescription": "The destination platform type for the deployment ( `Lambda` , `Server` , or `ECS` ).", - "title": "ComputePlatform", + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the module version to set as the default version.\n\nConditional: You must specify either `Arn` , or `ModuleName` and `VersionId` .", + "title": "Arn", "type": "string" }, - "DeploymentConfigName": { - "markdownDescription": "A name for the deployment configuration. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the deployment configuration name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "DeploymentConfigName", + "ModuleName": { + "markdownDescription": "The name of the module.\n\nConditional: You must specify either `Arn` , or `ModuleName` and `VersionId` .", + "title": "ModuleName", "type": "string" }, - "MinimumHealthyHosts": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig.MinimumHealthyHosts", - "markdownDescription": "The minimum number of healthy instances that should be available at any time during the deployment. There are two parameters expected in the input: type and value.\n\nThe type parameter takes either of the following values:\n\n- HOST_COUNT: The value parameter represents the minimum number of healthy instances as an absolute value.\n- FLEET_PERCENT: The value parameter represents the minimum number of healthy instances as a percentage of the total number of instances in the deployment. If you specify FLEET_PERCENT, at the start of the deployment, AWS CodeDeploy converts the percentage to the equivalent number of instance and rounds up fractional instances.\n\nThe value parameter takes an integer.\n\nFor example, to set a minimum of 95% healthy instance, specify a type of FLEET_PERCENT and a value of 95.\n\nFor more information about instance health, see [CodeDeploy Instance Health](https://docs.aws.amazon.com/codedeploy/latest/userguide/instances-health.html) in the AWS CodeDeploy User Guide.", - "title": "MinimumHealthyHosts" - }, - "TrafficRoutingConfig": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig.TrafficRoutingConfig", - "markdownDescription": "The configuration that specifies how the deployment traffic is routed.", - "title": "TrafficRoutingConfig" - }, - "ZonalConfig": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig.ZonalConfig", - "markdownDescription": "Configure the `ZonalConfig` object if you want AWS CodeDeploy to deploy your application to one [Availability Zone](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#concepts-availability-zones) at a time, within an AWS Region.\n\nFor more information about the zonal configuration feature, see [zonal configuration](https://docs.aws.amazon.com/codedeploy/latest/userguide/deployment-configurations-create.html#zonal-config) in the *CodeDeploy User Guide* .", - "title": "ZonalConfig" + "VersionId": { + "markdownDescription": "The ID for the specific version of the module.\n\nConditional: You must specify either `Arn` , or `ModuleName` and `VersionId` .", + "title": "VersionId", + "type": "string" } }, "type": "object" }, "Type": { "enum": [ - "AWS::CodeDeploy::DeploymentConfig" + "AWS::CloudFormation::ModuleDefaultVersion" ], "type": "string" }, @@ -42634,132 +47555,407 @@ ], "type": "object" }, - "AWS::CodeDeploy::DeploymentConfig.MinimumHealthyHosts": { + "AWS::CloudFormation::ModuleVersion": { "additionalProperties": false, "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ModuleName": { + "markdownDescription": "The name of the module being registered.", + "title": "ModuleName", + "type": "string" + }, + "ModulePackage": { + "markdownDescription": "A URL to the S3 bucket for the package that contains the template fragment and schema files for the module version to register.\n\nFor more information, see [Module structure and requirements](https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/modules-structure.html) in the *AWS CloudFormation Command Line Interface (CLI) User Guide* .\n\n> To register the module version, you must have `s3:GetObject` permissions to access the S3 objects.", + "title": "ModulePackage", + "type": "string" + } + }, + "required": [ + "ModuleName", + "ModulePackage" + ], + "type": "object" + }, "Type": { - "markdownDescription": "The minimum healthy instance type:\n\n- HOST_COUNT: The minimum number of healthy instance as an absolute value.\n- FLEET_PERCENT: The minimum number of healthy instance as a percentage of the total number of instance in the deployment.\n\nIn an example of nine instance, if a HOST_COUNT of six is specified, deploy to up to three instances at a time. The deployment is successful if six or more instances are deployed to successfully. Otherwise, the deployment fails. If a FLEET_PERCENT of 40 is specified, deploy to up to five instance at a time. The deployment is successful if four or more instance are deployed to successfully. Otherwise, the deployment fails.\n\n> In a call to `GetDeploymentConfig` , CodeDeployDefault.OneAtATime returns a minimum healthy instance type of MOST_CONCURRENCY and a value of 1. This means a deployment to only one instance at a time. (You cannot set the type to MOST_CONCURRENCY, only to HOST_COUNT or FLEET_PERCENT.) In addition, with CodeDeployDefault.OneAtATime, AWS CodeDeploy attempts to ensure that all instances but one are kept in a healthy state during the deployment. Although this allows one instance at a time to be taken offline for a new deployment, it also means that if the deployment to the last instance fails, the overall deployment is still successful. \n\nFor more information, see [AWS CodeDeploy Instance Health](https://docs.aws.amazon.com//codedeploy/latest/userguide/instances-health.html) in the *AWS CodeDeploy User Guide* .", - "title": "Type", + "enum": [ + "AWS::CloudFormation::ModuleVersion" + ], "type": "string" }, - "Value": { - "markdownDescription": "The minimum healthy instance value.", - "title": "Value", - "type": "number" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ "Type", - "Value" + "Properties" ], "type": "object" }, - "AWS::CodeDeploy::DeploymentConfig.MinimumHealthyHostsPerZone": { + "AWS::CloudFormation::PublicTypeVersion": { "additionalProperties": false, "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Amazon Resource Number (ARN) of the extension.\n\nConditional: You must specify `Arn` , or `TypeName` and `Type` .", + "title": "Arn", + "type": "string" + }, + "LogDeliveryBucket": { + "markdownDescription": "The S3 bucket to which CloudFormation delivers the contract test execution logs.\n\nCloudFormation delivers the logs by the time contract testing has completed and the extension has been assigned a test type status of `PASSED` or `FAILED` .\n\nThe user initiating the stack operation must be able to access items in the specified S3 bucket. Specifically, the user needs the following permissions:\n\n- s3:GetObject\n- s3:PutObject", + "title": "LogDeliveryBucket", + "type": "string" + }, + "PublicVersionNumber": { + "markdownDescription": "The version number to assign to this version of the extension.\n\nUse the following format, and adhere to semantic versioning when assigning a version number to your extension:\n\n`MAJOR.MINOR.PATCH`\n\nFor more information, see [Semantic Versioning 2.0.0](https://docs.aws.amazon.com/https://semver.org/) .\n\nIf you don't specify a version number, CloudFormation increments the version number by one minor version release.\n\nYou cannot specify a version number the first time you publish a type. CloudFormation automatically sets the first version number to be `1.0.0` .", + "title": "PublicVersionNumber", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the extension to test.\n\nConditional: You must specify `Arn` , or `TypeName` and `Type` .", + "title": "Type", + "type": "string" + }, + "TypeName": { + "markdownDescription": "The name of the extension to test.\n\nConditional: You must specify `Arn` , or `TypeName` and `Type` .", + "title": "TypeName", + "type": "string" + } + }, + "type": "object" + }, "Type": { - "markdownDescription": "The `type` associated with the `MinimumHealthyHostsPerZone` option.", - "title": "Type", + "enum": [ + "AWS::CloudFormation::PublicTypeVersion" + ], "type": "string" }, - "Value": { - "markdownDescription": "The `value` associated with the `MinimumHealthyHostsPerZone` option.", - "title": "Value", - "type": "number" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Type", - "Value" + "Type" ], "type": "object" }, - "AWS::CodeDeploy::DeploymentConfig.TimeBasedCanary": { + "AWS::CloudFormation::Publisher": { "additionalProperties": false, "properties": { - "CanaryInterval": { - "markdownDescription": "The number of minutes between the first and second traffic shifts of a `TimeBasedCanary` deployment.", - "title": "CanaryInterval", - "type": "number" + "Condition": { + "type": "string" }, - "CanaryPercentage": { - "markdownDescription": "The percentage of traffic to shift in the first increment of a `TimeBasedCanary` deployment.", - "title": "CanaryPercentage", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AcceptTermsAndConditions": { + "markdownDescription": "Whether you accept the [Terms and Conditions](https://docs.aws.amazon.com/https://cloudformation-registry-documents.s3.amazonaws.com/Terms_and_Conditions_for_AWS_CloudFormation_Registry_Publishers.pdf) for publishing extensions in the CloudFormation registry. You must accept the terms and conditions in order to register to publish public extensions to the CloudFormation registry.\n\nThe default is `false` .", + "title": "AcceptTermsAndConditions", + "type": "boolean" + }, + "ConnectionArn": { + "markdownDescription": "If you are using a Bitbucket or GitHub account for identity verification, the Amazon Resource Name (ARN) for your connection to that account.\n\nFor more information, see [Prerequisite: Registering your account to publish CloudFormation extensions](https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/publish-extension.html#publish-extension-prereqs) in the *AWS CloudFormation Command Line Interface (CLI) User Guide* .", + "title": "ConnectionArn", + "type": "string" + } + }, + "required": [ + "AcceptTermsAndConditions" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::CloudFormation::Publisher" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "CanaryInterval", - "CanaryPercentage" + "Type", + "Properties" ], "type": "object" }, - "AWS::CodeDeploy::DeploymentConfig.TimeBasedLinear": { + "AWS::CloudFormation::ResourceDefaultVersion": { "additionalProperties": false, "properties": { - "LinearInterval": { - "markdownDescription": "The number of minutes between each incremental traffic shift of a `TimeBasedLinear` deployment.", - "title": "LinearInterval", - "type": "number" + "Condition": { + "type": "string" }, - "LinearPercentage": { - "markdownDescription": "The percentage of traffic that is shifted at the start of each increment of a `TimeBasedLinear` deployment.", - "title": "LinearPercentage", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "TypeName": { + "markdownDescription": "The name of the resource.\n\nConditional: You must specify either `TypeVersionArn` , or `TypeName` and `VersionId` .", + "title": "TypeName", + "type": "string" + }, + "TypeVersionArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource version.\n\nConditional: You must specify either `TypeVersionArn` , or `TypeName` and `VersionId` .", + "title": "TypeVersionArn", + "type": "string" + }, + "VersionId": { + "markdownDescription": "The ID of a specific version of the resource. The version ID is the value at the end of the Amazon Resource Name (ARN) assigned to the resource version when it's registered.\n\nConditional: You must specify either `TypeVersionArn` , or `TypeName` and `VersionId` .", + "title": "VersionId", + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::CloudFormation::ResourceDefaultVersion" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "LinearInterval", - "LinearPercentage" + "Type" ], "type": "object" }, - "AWS::CodeDeploy::DeploymentConfig.TrafficRoutingConfig": { + "AWS::CloudFormation::ResourceVersion": { "additionalProperties": false, "properties": { - "TimeBasedCanary": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig.TimeBasedCanary", - "markdownDescription": "A configuration that shifts traffic from one version of a Lambda function or ECS task set to another in two increments. The original and target Lambda function versions or ECS task sets are specified in the deployment's AppSpec file.", - "title": "TimeBasedCanary" + "Condition": { + "type": "string" }, - "TimeBasedLinear": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig.TimeBasedLinear", - "markdownDescription": "A configuration that shifts traffic from one version of a Lambda function or Amazon ECS task set to another in equal increments, with an equal number of minutes between each increment. The original and target Lambda function versions or Amazon ECS task sets are specified in the deployment's AppSpec file.", - "title": "TimeBasedLinear" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ExecutionRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role for CloudFormation to assume when invoking the resource. If your resource calls AWS APIs in any of its handlers, you must create an IAM execution role that includes the necessary permissions to call those AWS APIs, and provision that execution role in your account. When CloudFormation needs to invoke the resource type handler, CloudFormation assumes this execution role to create a temporary session token, which it then passes to the resource type handler, thereby supplying your resource type with the appropriate credentials.", + "title": "ExecutionRoleArn", + "type": "string" + }, + "LoggingConfig": { + "$ref": "#/definitions/AWS::CloudFormation::ResourceVersion.LoggingConfig", + "markdownDescription": "Logging configuration information for a resource.", + "title": "LoggingConfig" + }, + "SchemaHandlerPackage": { + "markdownDescription": "A URL to the S3 bucket for the resource project package that contains the necessary files for the resource you want to register.\n\nFor information on generating a schema handler package, see [Modeling resource types to use with AWS CloudFormation](https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/resource-type-model.html) in the *AWS CloudFormation Command Line Interface (CLI) User Guide* .\n\n> To register the resource version, you must have `s3:GetObject` permissions to access the S3 objects.", + "title": "SchemaHandlerPackage", + "type": "string" + }, + "TypeName": { + "markdownDescription": "The name of the resource being registered.\n\nWe recommend that resource names adhere to the following pattern: *company_or_organization* :: *service* :: *type* .\n\n> The following organization namespaces are reserved and can't be used in your resource names:\n> \n> - `Alexa`\n> - `AMZN`\n> - `Amazon`\n> - `AWS`\n> - `Custom`\n> - `Dev`", + "title": "TypeName", + "type": "string" + } + }, + "required": [ + "SchemaHandlerPackage", + "TypeName" + ], + "type": "object" }, "Type": { - "markdownDescription": "The type of traffic shifting ( `TimeBasedCanary` or `TimeBasedLinear` ) used by a deployment configuration.", - "title": "Type", + "enum": [ + "AWS::CloudFormation::ResourceVersion" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::CodeDeploy::DeploymentConfig.ZonalConfig": { + "AWS::CloudFormation::ResourceVersion.LoggingConfig": { "additionalProperties": false, "properties": { - "FirstZoneMonitorDurationInSeconds": { - "markdownDescription": "The period of time, in seconds, that CodeDeploy must wait after completing a deployment to the *first* Availability Zone. CodeDeploy will wait this amount of time before starting a deployment to the second Availability Zone. You might set this option if you want to allow extra bake time for the first Availability Zone. If you don't specify a value for `firstZoneMonitorDurationInSeconds` , then CodeDeploy uses the `monitorDurationInSeconds` value for the first Availability Zone.\n\nFor more information about the zonal configuration feature, see [zonal configuration](https://docs.aws.amazon.com/codedeploy/latest/userguide/deployment-configurations-create.html#zonal-config) in the *CodeDeploy User Guide* .", - "title": "FirstZoneMonitorDurationInSeconds", - "type": "number" - }, - "MinimumHealthyHostsPerZone": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig.MinimumHealthyHostsPerZone", - "markdownDescription": "The number or percentage of instances that must remain available per Availability Zone during a deployment. This option works in conjunction with the `MinimumHealthyHosts` option. For more information, see [About the minimum number of healthy hosts per Availability Zone](https://docs.aws.amazon.com//codedeploy/latest/userguide/instances-health.html#minimum-healthy-hosts-az) in the *CodeDeploy User Guide* .\n\nIf you don't specify the `minimumHealthyHostsPerZone` option, then CodeDeploy uses a default value of `0` percent.\n\nFor more information about the zonal configuration feature, see [zonal configuration](https://docs.aws.amazon.com/codedeploy/latest/userguide/deployment-configurations-create.html#zonal-config) in the *CodeDeploy User Guide* .", - "title": "MinimumHealthyHostsPerZone" + "LogGroupName": { + "markdownDescription": "The Amazon CloudWatch logs group to which CloudFormation sends error logging information when invoking the type's handlers.", + "title": "LogGroupName", + "type": "string" }, - "MonitorDurationInSeconds": { - "markdownDescription": "The period of time, in seconds, that CodeDeploy must wait after completing a deployment to an Availability Zone. CodeDeploy will wait this amount of time before starting a deployment to the next Availability Zone. Consider adding a monitor duration to give the deployment some time to prove itself (or 'bake') in one Availability Zone before it is released in the next zone. If you don't specify a `monitorDurationInSeconds` , CodeDeploy starts deploying to the next Availability Zone immediately.\n\nFor more information about the zonal configuration feature, see [zonal configuration](https://docs.aws.amazon.com/codedeploy/latest/userguide/deployment-configurations-create.html#zonal-config) in the *CodeDeploy User Guide* .", - "title": "MonitorDurationInSeconds", - "type": "number" + "LogRoleArn": { + "markdownDescription": "The ARN of the role that CloudFormation should assume when sending log entries to CloudWatch logs.", + "title": "LogRoleArn", + "type": "string" } }, "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup": { + "AWS::CloudFormation::Stack": { "additionalProperties": false, "properties": { "Condition": { @@ -42794,134 +47990,202 @@ "Properties": { "additionalProperties": false, "properties": { - "AlarmConfiguration": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.AlarmConfiguration", - "markdownDescription": "Information about the Amazon CloudWatch alarms that are associated with the deployment group.", - "title": "AlarmConfiguration" - }, - "ApplicationName": { - "markdownDescription": "The name of an existing CodeDeploy application to associate this deployment group with.", - "title": "ApplicationName", - "type": "string" - }, - "AutoRollbackConfiguration": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.AutoRollbackConfiguration", - "markdownDescription": "Information about the automatic rollback configuration that is associated with the deployment group. If you specify this property, don't specify the `Deployment` property.", - "title": "AutoRollbackConfiguration" - }, - "AutoScalingGroups": { + "NotificationARNs": { "items": { "type": "string" }, - "markdownDescription": "A list of associated Auto Scaling groups that CodeDeploy automatically deploys revisions to when new instances are created. Duplicates are not allowed.", - "title": "AutoScalingGroups", + "markdownDescription": "The Amazon SNS topic ARNs to publish stack related events. You can find your Amazon SNS topic ARNs using the Amazon SNS console or your Command Line Interface (CLI).", + "title": "NotificationARNs", "type": "array" }, - "BlueGreenDeploymentConfiguration": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.BlueGreenDeploymentConfiguration", - "markdownDescription": "Information about blue/green deployment options for a deployment group.", - "title": "BlueGreenDeploymentConfiguration" + "Parameters": { + "additionalProperties": true, + "markdownDescription": "The set value pairs that represent the parameters passed to CloudFormation when this nested stack is created. Each parameter has a name corresponding to a parameter defined in the embedded template and a value representing the value that you want to set for the parameter.\n\n> If you use the `Ref` function to pass a parameter value to a nested stack, comma-delimited list parameters must be of type `String` . In other words, you can't pass values that are of type `CommaDelimitedList` to nested stacks. \n\nRequired if the nested stack requires input parameters.\n\nWhether an update causes interruptions depends on the resources that are being updated. An update never causes a nested stack to be replaced.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Parameters", + "type": "object" }, - "Deployment": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.Deployment", - "markdownDescription": "The application revision to deploy to this deployment group. If you specify this property, your target application revision is deployed as soon as the provisioning process is complete. If you specify this property, don't specify the `AutoRollbackConfiguration` property.", - "title": "Deployment" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Key-value pairs to associate with this stack. CloudFormation also propagates these tags to the resources created in the stack. A maximum number of 50 tags can be specified.", + "title": "Tags", + "type": "array" }, - "DeploymentConfigName": { - "markdownDescription": "A deployment configuration name or a predefined configuration name. With predefined configurations, you can deploy application revisions to one instance at a time ( `CodeDeployDefault.OneAtATime` ), half of the instances at a time ( `CodeDeployDefault.HalfAtATime` ), or all the instances at once ( `CodeDeployDefault.AllAtOnce` ). For more information and valid values, see [Working with Deployment Configurations](https://docs.aws.amazon.com/codedeploy/latest/userguide/deployment-configurations.html) in the *AWS CodeDeploy User Guide* .", - "title": "DeploymentConfigName", + "TemplateURL": { + "markdownDescription": "The URL of a file that contains the template body. The URL must point to a template (max size: 1 MB) that's located in an Amazon S3 bucket. The location for an Amazon S3 bucket must start with `https://` .\n\nWhether an update causes interruptions depends on the resources that are being updated. An update never causes a nested stack to be replaced.", + "title": "TemplateURL", "type": "string" }, - "DeploymentGroupName": { - "markdownDescription": "A name for the deployment group. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the deployment group name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "DeploymentGroupName", + "TimeoutInMinutes": { + "markdownDescription": "The length of time, in minutes, that CloudFormation waits for the nested stack to reach the `CREATE_COMPLETE` state. The default is no timeout. When CloudFormation detects that the nested stack has reached the `CREATE_COMPLETE` state, it marks the nested stack resource as `CREATE_COMPLETE` in the parent stack and resumes creating the parent stack. If the timeout period expires before the nested stack reaches `CREATE_COMPLETE` , CloudFormation marks the nested stack as failed and rolls back both the nested stack and parent stack.\n\nUpdates aren't supported.", + "title": "TimeoutInMinutes", + "type": "number" + } + }, + "required": [ + "TemplateURL" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::CloudFormation::Stack" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::CloudFormation::StackSet": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, - "DeploymentStyle": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.DeploymentStyle", - "markdownDescription": "Attributes that determine the type of deployment to run and whether to route deployment traffic behind a load balancer.\n\nIf you specify this property with a blue/green deployment type, don't specify the `AutoScalingGroups` , `LoadBalancerInfo` , or `Deployment` properties.\n\n> For blue/green deployments, AWS CloudFormation supports deployments on Lambda compute platforms only. You can perform Amazon ECS blue/green deployments using `AWS::CodeDeploy::BlueGreen` hook. See [Perform Amazon ECS blue/green deployments through CodeDeploy using AWS CloudFormation](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/blue-green.html) for more information.", - "title": "DeploymentStyle" - }, - "ECSServices": { + { "items": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.ECSService" + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" }, - "markdownDescription": "The target Amazon ECS services in the deployment group. This applies only to deployment groups that use the Amazon ECS compute platform. A target Amazon ECS service is specified as an Amazon ECS cluster and service name pair using the format `:` .", - "title": "ECSServices", "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AdministrationRoleARN": { + "markdownDescription": "The Amazon Resource Number (ARN) of the IAM role to use to create this StackSet. Specify an IAM role only if you are using customized administrator roles to control which users or groups can manage specific StackSets within the same administrator account.\n\nUse customized administrator roles to control which users or groups can manage specific StackSets within the same administrator account. For more information, see [Grant self-managed permissions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-prereqs-self-managed.html) in the *AWS CloudFormation User Guide* .\n\nValid only if the permissions model is `SELF_MANAGED` .", + "title": "AdministrationRoleARN", + "type": "string" }, - "Ec2TagFilters": { + "AutoDeployment": { + "$ref": "#/definitions/AWS::CloudFormation::StackSet.AutoDeployment", + "markdownDescription": "Describes whether StackSets automatically deploys to AWS Organizations accounts that are added to a target organization or organizational unit (OU). For more information, see [Enable or disable automatic deployments for StackSets in AWS Organizations](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-orgs-manage-auto-deployment.html) in the *AWS CloudFormation User Guide* .\n\nRequired if the permissions model is `SERVICE_MANAGED` . (Not used with self-managed permissions.)", + "title": "AutoDeployment" + }, + "CallAs": { + "markdownDescription": "Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.\n\nBy default, `SELF` is specified. Use `SELF` for StackSets with self-managed permissions.\n\n- To create a StackSet with service-managed permissions while signed in to the management account, specify `SELF` .\n- To create a StackSet with service-managed permissions while signed in to a delegated administrator account, specify `DELEGATED_ADMIN` .\n\nYour AWS account must be registered as a delegated admin in the management account. For more information, see [Register a delegated administrator](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-orgs-delegated-admin.html) in the *AWS CloudFormation User Guide* .\n\nStackSets with service-managed permissions are created in the management account, including StackSets that are created by delegated administrators.\n\nValid only if the permissions model is `SERVICE_MANAGED` .", + "title": "CallAs", + "type": "string" + }, + "Capabilities": { "items": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.EC2TagFilter" + "type": "string" }, - "markdownDescription": "The Amazon EC2 tags that are already applied to Amazon EC2 instances that you want to include in the deployment group. CodeDeploy includes all Amazon EC2 instances identified by any of the tags you specify in this deployment group. Duplicates are not allowed.\n\nYou can specify `EC2TagFilters` or `Ec2TagSet` , but not both.", - "title": "Ec2TagFilters", + "markdownDescription": "The capabilities that are allowed in the StackSet. Some StackSet templates might include resources that can affect permissions in your AWS account \u2014for example, by creating new IAM users. For more information, see [Acknowledging IAM resources in CloudFormation templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/control-access-with-iam.html#using-iam-capabilities) in the *AWS CloudFormation User Guide* .", + "title": "Capabilities", "type": "array" }, - "Ec2TagSet": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.EC2TagSet", - "markdownDescription": "Information about groups of tags applied to Amazon EC2 instances. The deployment group includes only Amazon EC2 instances identified by all the tag groups. Cannot be used in the same call as `ec2TagFilter` .", - "title": "Ec2TagSet" + "Description": { + "markdownDescription": "A description of the StackSet.", + "title": "Description", + "type": "string" }, - "LoadBalancerInfo": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.LoadBalancerInfo", - "markdownDescription": "Information about the load balancer to use in a deployment. For more information, see [Integrating CodeDeploy with Elastic Load Balancing](https://docs.aws.amazon.com/codedeploy/latest/userguide/integrations-aws-elastic-load-balancing.html) in the *AWS CodeDeploy User Guide* .", - "title": "LoadBalancerInfo" + "ExecutionRoleName": { + "markdownDescription": "The name of the IAM execution role to use to create the StackSet. If you don't specify an execution role, CloudFormation uses the `AWSCloudFormationStackSetExecutionRole` role for the StackSet operation.\n\nValid only if the permissions model is `SELF_MANAGED` .\n\n*Pattern* : `[a-zA-Z_0-9+=,.@-]+`", + "title": "ExecutionRoleName", + "type": "string" }, - "OnPremisesInstanceTagFilters": { + "ManagedExecution": { + "$ref": "#/definitions/AWS::CloudFormation::StackSet.ManagedExecution", + "markdownDescription": "Describes whether StackSets performs non-conflicting operations concurrently and queues conflicting operations.\n\nWhen active, StackSets performs non-conflicting operations concurrently and queues conflicting operations. After conflicting operations finish, StackSets starts queued operations in request order.\n\n> If there are already running or queued operations, StackSets queues all incoming operations even if they are non-conflicting.\n> \n> You can't modify your StackSet's execution configuration while there are running or queued operations for that StackSet. \n\nWhen inactive (default), StackSets performs one operation at a time in request order.", + "title": "ManagedExecution" + }, + "OperationPreferences": { + "$ref": "#/definitions/AWS::CloudFormation::StackSet.OperationPreferences", + "markdownDescription": "The user-specified preferences for how CloudFormation performs a StackSet operation.", + "title": "OperationPreferences" + }, + "Parameters": { "items": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TagFilter" + "$ref": "#/definitions/AWS::CloudFormation::StackSet.Parameter" }, - "markdownDescription": "The on-premises instance tags already applied to on-premises instances that you want to include in the deployment group. CodeDeploy includes all on-premises instances identified by any of the tags you specify in this deployment group. To register on-premises instances with CodeDeploy , see [Working with On-Premises Instances for CodeDeploy](https://docs.aws.amazon.com/codedeploy/latest/userguide/instances-on-premises.html) in the *AWS CodeDeploy User Guide* . Duplicates are not allowed.\n\nYou can specify `OnPremisesInstanceTagFilters` or `OnPremisesInstanceTagSet` , but not both.", - "title": "OnPremisesInstanceTagFilters", + "markdownDescription": "The input parameters for the StackSet template.", + "title": "Parameters", "type": "array" }, - "OnPremisesTagSet": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.OnPremisesTagSet", - "markdownDescription": "Information about groups of tags applied to on-premises instances. The deployment group includes only on-premises instances identified by all the tag groups.\n\nYou can specify `OnPremisesInstanceTagFilters` or `OnPremisesInstanceTagSet` , but not both.", - "title": "OnPremisesTagSet" - }, - "OutdatedInstancesStrategy": { - "markdownDescription": "Indicates what happens when new Amazon EC2 instances are launched mid-deployment and do not receive the deployed application revision.\n\nIf this option is set to `UPDATE` or is unspecified, CodeDeploy initiates one or more 'auto-update outdated instances' deployments to apply the deployed application revision to the new Amazon EC2 instances.\n\nIf this option is set to `IGNORE` , CodeDeploy does not initiate a deployment to update the new Amazon EC2 instances. This may result in instances having different revisions.", - "title": "OutdatedInstancesStrategy", + "PermissionModel": { + "markdownDescription": "Describes how the IAM roles required for StackSet operations are created.\n\n- With `SELF_MANAGED` permissions, you must create the administrator and execution roles required to deploy to target accounts. For more information, see [Grant self-managed permissions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-prereqs-self-managed.html) in the *AWS CloudFormation User Guide* .\n- With `SERVICE_MANAGED` permissions, StackSets automatically creates the IAM roles required to deploy to accounts managed by AWS Organizations . For more information, see [Activate trusted access for StackSets with AWS Organizations](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-orgs-activate-trusted-access.html) in the *AWS CloudFormation User Guide* .", + "title": "PermissionModel", "type": "string" }, - "ServiceRoleArn": { - "markdownDescription": "A service role Amazon Resource Name (ARN) that grants CodeDeploy permission to make calls to AWS services on your behalf. For more information, see [Create a Service Role for AWS CodeDeploy](https://docs.aws.amazon.com/codedeploy/latest/userguide/getting-started-create-service-role.html) in the *AWS CodeDeploy User Guide* .\n\n> In some cases, you might need to add a dependency on the service role's policy. For more information, see IAM role policy in [DependsOn Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) .", - "title": "ServiceRoleArn", + "StackInstancesGroup": { + "items": { + "$ref": "#/definitions/AWS::CloudFormation::StackSet.StackInstances" + }, + "markdownDescription": "A group of stack instances with parameters in some specific accounts and Regions.", + "title": "StackInstancesGroup", + "type": "array" + }, + "StackSetName": { + "markdownDescription": "The name to associate with the StackSet. The name must be unique in the Region where you create your StackSet.", + "title": "StackSetName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The metadata that you apply to CodeDeploy deployment groups to help you organize and categorize them. Each tag consists of a key and an optional value, both of which you define.", + "markdownDescription": "Key-value pairs to associate with this stack. CloudFormation also propagates these tags to supported resources in the stack. You can specify a maximum number of 50 tags.\n\nIf you don't specify this parameter, CloudFormation doesn't modify the stack's tags. If you specify an empty value, CloudFormation removes all associated tags.", "title": "Tags", "type": "array" }, - "TerminationHookEnabled": { - "markdownDescription": "Indicates whether the deployment group was configured to have CodeDeploy install a termination hook into an Auto Scaling group.\n\nFor more information about the termination hook, see [How Amazon EC2 Auto Scaling works with CodeDeploy](https://docs.aws.amazon.com//codedeploy/latest/userguide/integrations-aws-auto-scaling.html#integrations-aws-auto-scaling-behaviors) in the *AWS CodeDeploy User Guide* .", - "title": "TerminationHookEnabled", - "type": "boolean" + "TemplateBody": { + "markdownDescription": "The structure that contains the template body, with a minimum length of 1 byte and a maximum length of 51,200 bytes.\n\nYou must include either `TemplateURL` or `TemplateBody` in a StackSet, but you can't use both. Dynamic references in the `TemplateBody` may not work correctly in all cases. It's recommended to pass templates that contain dynamic references through `TemplateUrl` instead.", + "title": "TemplateBody", + "type": "string" }, - "TriggerConfigurations": { - "items": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TriggerConfig" - }, - "markdownDescription": "Information about triggers associated with the deployment group. Duplicates are not allowed", - "title": "TriggerConfigurations", - "type": "array" + "TemplateURL": { + "markdownDescription": "The URL of a file that contains the template body. The URL must point to a template (max size: 1 MB) that's located in an Amazon S3 bucket or a Systems Manager document. The location for an Amazon S3 bucket must start with `https://` .\n\nConditional: You must specify only one of the following parameters: `TemplateBody` , `TemplateURL` .", + "title": "TemplateURL", + "type": "string" } }, "required": [ - "ApplicationName", - "ServiceRoleArn" + "PermissionModel", + "StackSetName" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeDeploy::DeploymentGroup" + "AWS::CloudFormation::StackSet" ], "type": "string" }, @@ -42940,473 +48204,776 @@ ], "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.Alarm": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the alarm. Maximum length is 255 characters. Each alarm name can be used only once in a list of alarms.", - "title": "Name", - "type": "string" - } - }, - "type": "object" - }, - "AWS::CodeDeploy::DeploymentGroup.AlarmConfiguration": { + "AWS::CloudFormation::StackSet.AutoDeployment": { "additionalProperties": false, "properties": { - "Alarms": { - "items": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.Alarm" - }, - "markdownDescription": "A list of alarms configured for the deployment or deployment group. A maximum of 10 alarms can be added.", - "title": "Alarms", - "type": "array" - }, "Enabled": { - "markdownDescription": "Indicates whether the alarm configuration is enabled.", + "markdownDescription": "If set to `true` , StackSets automatically deploys additional stack instances to AWS Organizations accounts that are added to a target organization or organizational unit (OU) in the specified Regions. If an account is removed from a target organization or OU, StackSets deletes stack instances from the account in the specified Regions.", "title": "Enabled", "type": "boolean" }, - "IgnorePollAlarmFailure": { - "markdownDescription": "Indicates whether a deployment should continue if information about the current state of alarms cannot be retrieved from Amazon CloudWatch . The default value is `false` .\n\n- `true` : The deployment proceeds even if alarm status information can't be retrieved from CloudWatch .\n- `false` : The deployment stops if alarm status information can't be retrieved from CloudWatch .", - "title": "IgnorePollAlarmFailure", + "RetainStacksOnAccountRemoval": { + "markdownDescription": "If set to `true` , stack resources are retained when an account is removed from a target organization or OU. If set to `false` , stack resources are deleted. Specify only if `Enabled` is set to `True` .", + "title": "RetainStacksOnAccountRemoval", "type": "boolean" } }, "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.AutoRollbackConfiguration": { + "AWS::CloudFormation::StackSet.DeploymentTargets": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Indicates whether a defined automatic rollback configuration is currently enabled.", - "title": "Enabled", - "type": "boolean" + "AccountFilterType": { + "markdownDescription": "Refines which accounts to deploy stacks to by specifying how to use the `Accounts` and `OrganizationalUnitIds` properties together.\n\nThe following values determine how CloudFormation selects target accounts:\n\n- `INTERSECTION` : StackSet deploys to the accounts specified in the `Accounts` property.\n- `DIFFERENCE` : StackSet deploys to the OU, excluding the accounts specified in the `Accounts` property.\n- `UNION` : StackSet deploys to the OU, and the accounts specified in the `Accounts` property. `UNION` is not supported for create operations when using StackSet as a resource or the `CreateStackInstances` API.", + "title": "AccountFilterType", + "type": "string" }, - "Events": { + "Accounts": { "items": { "type": "string" }, - "markdownDescription": "The event type or types that trigger a rollback. Valid values are `DEPLOYMENT_FAILURE` , `DEPLOYMENT_STOP_ON_ALARM` , or `DEPLOYMENT_STOP_ON_REQUEST` .", - "title": "Events", + "markdownDescription": "The account IDs of the AWS accounts . If you have many account numbers, you can provide those accounts using the `AccountsUrl` property instead.\n\n*Pattern* : `^[0-9]{12}$`", + "title": "Accounts", + "type": "array" + }, + "AccountsUrl": { + "markdownDescription": "The Amazon S3 URL path to a file that contains a list of AWS account IDs. The file format must be either `.csv` or `.txt` , and the data can be comma-separated or new-line-separated. There is currently a 10MB limit for the data (approximately 800,000 accounts).\n\nThis property serves the same purpose as `Accounts` but allows you to specify a large number of accounts.", + "title": "AccountsUrl", + "type": "string" + }, + "OrganizationalUnitIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The organization root ID or organizational unit (OU) IDs.\n\n*Pattern* : `^(ou-[a-z0-9]{4,32}-[a-z0-9]{8,32}|r-[a-z0-9]{4,32})$`", + "title": "OrganizationalUnitIds", "type": "array" } }, "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.BlueGreenDeploymentConfiguration": { + "AWS::CloudFormation::StackSet.ManagedExecution": { "additionalProperties": false, "properties": { - "DeploymentReadyOption": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.DeploymentReadyOption", - "markdownDescription": "Information about the action to take when newly provisioned instances are ready to receive traffic in a blue/green deployment.", - "title": "DeploymentReadyOption" - }, - "GreenFleetProvisioningOption": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.GreenFleetProvisioningOption", - "markdownDescription": "Information about how instances are provisioned for a replacement environment in a blue/green deployment.", - "title": "GreenFleetProvisioningOption" - }, - "TerminateBlueInstancesOnDeploymentSuccess": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.BlueInstanceTerminationOption", - "markdownDescription": "Information about whether to terminate instances in the original fleet during a blue/green deployment.", - "title": "TerminateBlueInstancesOnDeploymentSuccess" + "Active": { + "markdownDescription": "When `true` , CloudFormation performs non-conflicting operations concurrently and queues conflicting operations. After conflicting operations finish, CloudFormation starts queued operations in request order.\n\n> If there are already running or queued operations, CloudFormation queues all incoming operations even if they are non-conflicting.\n> \n> You can't modify your StackSet's execution configuration while there are running or queued operations for that StackSet. \n\nWhen `false` (default), StackSets performs one operation at a time in request order.", + "title": "Active", + "type": "boolean" } }, "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.BlueInstanceTerminationOption": { + "AWS::CloudFormation::StackSet.OperationPreferences": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The action to take on instances in the original environment after a successful blue/green deployment.\n\n- `TERMINATE` : Instances are terminated after a specified wait time.\n- `KEEP_ALIVE` : Instances are left running after they are deregistered from the load balancer and removed from the deployment group.", - "title": "Action", + "ConcurrencyMode": { + "markdownDescription": "Specifies how the concurrency level behaves during the operation execution.\n\n- `STRICT_FAILURE_TOLERANCE` : This option dynamically lowers the concurrency level to ensure the number of failed accounts never exceeds the value of `FailureToleranceCount` +1. The initial actual concurrency is set to the lower of either the value of the `MaxConcurrentCount` , or the value of `FailureToleranceCount` +1. The actual concurrency is then reduced proportionally by the number of failures. This is the default behavior.\n\nIf failure tolerance or Maximum concurrent accounts are set to percentages, the behavior is similar.\n- `SOFT_FAILURE_TOLERANCE` : This option decouples `FailureToleranceCount` from the actual concurrency. This allows StackSet operations to run at the concurrency level set by the `MaxConcurrentCount` value, or `MaxConcurrentPercentage` , regardless of the number of failures.", + "title": "ConcurrencyMode", "type": "string" }, - "TerminationWaitTimeInMinutes": { - "markdownDescription": "For an Amazon EC2 deployment, the number of minutes to wait after a successful blue/green deployment before terminating instances from the original environment.\n\nFor an Amazon ECS deployment, the number of minutes before deleting the original (blue) task set. During an Amazon ECS deployment, CodeDeploy shifts traffic from the original (blue) task set to a replacement (green) task set.\n\nThe maximum setting is 2880 minutes (2 days).", - "title": "TerminationWaitTimeInMinutes", + "FailureToleranceCount": { + "markdownDescription": "The number of accounts per Region this operation can fail in before CloudFormation stops the operation in that Region. If the operation is stopped in a Region, CloudFormation doesn't attempt the operation in any subsequent Regions.\n\nConditional: You must specify either `FailureToleranceCount` or `FailureTolerancePercentage` (but not both).", + "title": "FailureToleranceCount", + "type": "number" + }, + "FailureTolerancePercentage": { + "markdownDescription": "The percentage of accounts per Region this stack operation can fail in before CloudFormation stops the operation in that Region. If the operation is stopped in a Region, CloudFormation doesn't attempt the operation in any subsequent Regions.\n\nWhen calculating the number of accounts based on the specified percentage, CloudFormation rounds *down* to the next whole number.\n\nConditional: You must specify either `FailureToleranceCount` or `FailureTolerancePercentage` , but not both.", + "title": "FailureTolerancePercentage", + "type": "number" + }, + "MaxConcurrentCount": { + "markdownDescription": "The maximum number of accounts in which to perform this operation at one time. This is dependent on the value of `FailureToleranceCount` . `MaxConcurrentCount` is at most one more than the `FailureToleranceCount` .\n\nNote that this setting lets you specify the *maximum* for operations. For large deployments, under certain circumstances the actual number of accounts acted upon concurrently may be lower due to service throttling.\n\nConditional: You must specify either `MaxConcurrentCount` or `MaxConcurrentPercentage` , but not both.", + "title": "MaxConcurrentCount", + "type": "number" + }, + "MaxConcurrentPercentage": { + "markdownDescription": "The maximum percentage of accounts in which to perform this operation at one time.\n\nWhen calculating the number of accounts based on the specified percentage, CloudFormation rounds down to the next whole number. This is true except in cases where rounding down would result is zero. In this case, CloudFormation sets the number as one instead.\n\nNote that this setting lets you specify the *maximum* for operations. For large deployments, under certain circumstances the actual number of accounts acted upon concurrently may be lower due to service throttling.\n\nConditional: You must specify either `MaxConcurrentCount` or `MaxConcurrentPercentage` , but not both.", + "title": "MaxConcurrentPercentage", "type": "number" + }, + "RegionConcurrencyType": { + "markdownDescription": "The concurrency type of deploying StackSets operations in Regions, could be in parallel or one Region at a time.", + "title": "RegionConcurrencyType", + "type": "string" + }, + "RegionOrder": { + "items": { + "type": "string" + }, + "markdownDescription": "The order of the Regions where you want to perform the stack operation.", + "title": "RegionOrder", + "type": "array" } }, "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.Deployment": { + "AWS::CloudFormation::StackSet.Parameter": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A comment about the deployment.", - "title": "Description", + "ParameterKey": { + "markdownDescription": "The key associated with the parameter. If you don't specify a key and value for a particular parameter, CloudFormation uses the default value that's specified in your template.", + "title": "ParameterKey", "type": "string" }, - "IgnoreApplicationStopFailures": { - "markdownDescription": "If true, then if an `ApplicationStop` , `BeforeBlockTraffic` , or `AfterBlockTraffic` deployment lifecycle event to an instance fails, then the deployment continues to the next deployment lifecycle event. For example, if `ApplicationStop` fails, the deployment continues with DownloadBundle. If `BeforeBlockTraffic` fails, the deployment continues with `BlockTraffic` . If `AfterBlockTraffic` fails, the deployment continues with `ApplicationStop` .\n\nIf false or not specified, then if a lifecycle event fails during a deployment to an instance, that deployment fails. If deployment to that instance is part of an overall deployment and the number of healthy hosts is not less than the minimum number of healthy hosts, then a deployment to the next instance is attempted.\n\nDuring a deployment, the AWS CodeDeploy agent runs the scripts specified for `ApplicationStop` , `BeforeBlockTraffic` , and `AfterBlockTraffic` in the AppSpec file from the previous successful deployment. (All other scripts are run from the AppSpec file in the current deployment.) If one of these scripts contains an error and does not run successfully, the deployment can fail.\n\nIf the cause of the failure is a script from the last successful deployment that will never run successfully, create a new deployment and use `ignoreApplicationStopFailures` to specify that the `ApplicationStop` , `BeforeBlockTraffic` , and `AfterBlockTraffic` failures should be ignored.", - "title": "IgnoreApplicationStopFailures", - "type": "boolean" - }, - "Revision": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.RevisionLocation", - "markdownDescription": "Information about the location of stored application artifacts and the service from which to retrieve them.", - "title": "Revision" + "ParameterValue": { + "markdownDescription": "The input value associated with the parameter.", + "title": "ParameterValue", + "type": "string" } }, "required": [ - "Revision" + "ParameterKey", + "ParameterValue" ], "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.DeploymentReadyOption": { + "AWS::CloudFormation::StackSet.StackInstances": { "additionalProperties": false, "properties": { - "ActionOnTimeout": { - "markdownDescription": "Information about when to reroute traffic from an original environment to a replacement environment in a blue/green deployment.\n\n- CONTINUE_DEPLOYMENT: Register new instances with the load balancer immediately after the new application revision is installed on the instances in the replacement environment.\n- STOP_DEPLOYMENT: Do not register new instances with a load balancer unless traffic rerouting is started using [ContinueDeployment](https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_ContinueDeployment.html) . If traffic rerouting is not started before the end of the specified wait period, the deployment status is changed to Stopped.", - "title": "ActionOnTimeout", - "type": "string" + "DeploymentTargets": { + "$ref": "#/definitions/AWS::CloudFormation::StackSet.DeploymentTargets", + "markdownDescription": "The AWS Organizations accounts or AWS accounts to deploy stacks to in the specified Regions.", + "title": "DeploymentTargets" }, - "WaitTimeInMinutes": { - "markdownDescription": "The number of minutes to wait before the status of a blue/green deployment is changed to Stopped if rerouting is not started manually. Applies only to the `STOP_DEPLOYMENT` option for `actionOnTimeout` .", - "title": "WaitTimeInMinutes", - "type": "number" - } - }, - "type": "object" - }, - "AWS::CodeDeploy::DeploymentGroup.DeploymentStyle": { - "additionalProperties": false, - "properties": { - "DeploymentOption": { - "markdownDescription": "Indicates whether to route deployment traffic behind a load balancer.\n\n> An Amazon EC2 Application Load Balancer or Network Load Balancer is required for an Amazon ECS deployment.", - "title": "DeploymentOption", - "type": "string" + "ParameterOverrides": { + "items": { + "$ref": "#/definitions/AWS::CloudFormation::StackSet.Parameter" + }, + "markdownDescription": "A list of StackSet parameters whose values you want to override in the selected stack instances.", + "title": "ParameterOverrides", + "type": "array" }, - "DeploymentType": { - "markdownDescription": "Indicates whether to run an in-place or blue/green deployment.", - "title": "DeploymentType", - "type": "string" + "Regions": { + "items": { + "type": "string" + }, + "markdownDescription": "The names of one or more Regions where you want to create stack instances using the specified AWS accounts .", + "title": "Regions", + "type": "array" } }, + "required": [ + "DeploymentTargets", + "Regions" + ], "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.EC2TagFilter": { + "AWS::CloudFormation::TypeActivation": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The tag filter key.", - "title": "Key", + "Condition": { "type": "string" }, - "Type": { - "markdownDescription": "The tag filter type:\n\n- `KEY_ONLY` : Key only.\n- `VALUE_ONLY` : Value only.\n- `KEY_AND_VALUE` : Key and value.", - "title": "Type", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Value": { - "markdownDescription": "The tag filter value.", - "title": "Value", - "type": "string" - } - }, - "type": "object" - }, - "AWS::CodeDeploy::DeploymentGroup.EC2TagSet": { - "additionalProperties": false, - "properties": { - "Ec2TagSetList": { - "items": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.EC2TagSetListObject" - }, - "markdownDescription": "The Amazon EC2 tags that are already applied to Amazon EC2 instances that you want to include in the deployment group. CodeDeploy includes all Amazon EC2 instances identified by any of the tags you specify in this deployment group.\n\nDuplicates are not allowed.", - "title": "Ec2TagSetList", - "type": "array" - } - }, - "type": "object" - }, - "AWS::CodeDeploy::DeploymentGroup.EC2TagSetListObject": { - "additionalProperties": false, - "properties": { - "Ec2TagGroup": { - "items": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.EC2TagFilter" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AutoUpdate": { + "markdownDescription": "Whether to automatically update the extension in this account and Region when a new *minor* version is published by the extension publisher. Major versions released by the publisher must be manually updated.\n\nThe default is `true` .", + "title": "AutoUpdate", + "type": "boolean" + }, + "ExecutionRoleArn": { + "markdownDescription": "The name of the IAM execution role to use to activate the extension.", + "title": "ExecutionRoleArn", + "type": "string" + }, + "LoggingConfig": { + "$ref": "#/definitions/AWS::CloudFormation::TypeActivation.LoggingConfig", + "markdownDescription": "Specifies logging configuration information for an extension.", + "title": "LoggingConfig" + }, + "MajorVersion": { + "markdownDescription": "The major version of this extension you want to activate, if multiple major versions are available. The default is the latest major version. CloudFormation uses the latest available *minor* version of the major version selected.\n\nYou can specify `MajorVersion` or `VersionBump` , but not both.", + "title": "MajorVersion", + "type": "string" + }, + "PublicTypeArn": { + "markdownDescription": "The Amazon Resource Number (ARN) of the public extension.\n\nConditional: You must specify `PublicTypeArn` , or `TypeName` , `Type` , and `PublisherId` .", + "title": "PublicTypeArn", + "type": "string" + }, + "PublisherId": { + "markdownDescription": "The ID of the extension publisher.\n\nConditional: You must specify `PublicTypeArn` , or `TypeName` , `Type` , and `PublisherId` .", + "title": "PublisherId", + "type": "string" + }, + "Type": { + "markdownDescription": "The extension type.\n\nConditional: You must specify `PublicTypeArn` , or `TypeName` , `Type` , and `PublisherId` .", + "title": "Type", + "type": "string" + }, + "TypeName": { + "markdownDescription": "The name of the extension.\n\nConditional: You must specify `PublicTypeArn` , or `TypeName` , `Type` , and `PublisherId` .", + "title": "TypeName", + "type": "string" + }, + "TypeNameAlias": { + "markdownDescription": "An alias to assign to the public extension, in this account and Region. If you specify an alias for the extension, CloudFormation treats the alias as the extension type name within this account and Region. You must use the alias to refer to the extension in your templates, API calls, and CloudFormation console.\n\nAn extension alias must be unique within a given account and Region. You can activate the same public resource multiple times in the same account and Region, using different type name aliases.", + "title": "TypeNameAlias", + "type": "string" + }, + "VersionBump": { + "markdownDescription": "Manually updates a previously-activated type to a new major or minor version, if available. You can also use this parameter to update the value of `AutoUpdate` .\n\n- `MAJOR` : CloudFormation updates the extension to the newest major version, if one is available.\n- `MINOR` : CloudFormation updates the extension to the newest minor version, if one is available.", + "title": "VersionBump", + "type": "string" + } }, - "markdownDescription": "A list that contains other lists of Amazon EC2 instance tag groups. For an instance to be included in the deployment group, it must be identified by all of the tag groups in the list.", - "title": "Ec2TagGroup", - "type": "array" - } - }, - "type": "object" - }, - "AWS::CodeDeploy::DeploymentGroup.ECSService": { - "additionalProperties": false, - "properties": { - "ClusterName": { - "markdownDescription": "The name of the cluster that the Amazon ECS service is associated with.", - "title": "ClusterName", + "type": "object" + }, + "Type": { + "enum": [ + "AWS::CloudFormation::TypeActivation" + ], "type": "string" }, - "ServiceName": { - "markdownDescription": "The name of the target Amazon ECS service.", - "title": "ServiceName", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ClusterName", - "ServiceName" + "Type" ], "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.ELBInfo": { + "AWS::CloudFormation::TypeActivation.LoggingConfig": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "For blue/green deployments, the name of the load balancer that is used to route traffic from original instances to replacement instances in a blue/green deployment. For in-place deployments, the name of the load balancer that instances are deregistered from so they are not serving traffic during a deployment, and then re-registered with after the deployment is complete.\n\n> AWS CloudFormation supports blue/green deployments on AWS Lambda compute platforms only.", - "title": "Name", + "LogGroupName": { + "markdownDescription": "The Amazon CloudWatch Logs group to which CloudFormation sends error logging information when invoking the extension's handlers.", + "title": "LogGroupName", + "type": "string" + }, + "LogRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role that CloudFormation should assume when sending log entries to CloudWatch Logs.", + "title": "LogRoleArn", "type": "string" } }, "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.GitHubLocation": { + "AWS::CloudFormation::WaitCondition": { "additionalProperties": false, "properties": { - "CommitId": { - "markdownDescription": "The SHA1 commit ID of the GitHub commit that represents the bundled artifacts for the application revision.", - "title": "CommitId", + "Condition": { "type": "string" }, - "Repository": { - "markdownDescription": "The GitHub account and repository pair that stores a reference to the commit that represents the bundled artifacts for the application revision.\n\nSpecify the value as `account/repository` .", - "title": "Repository", + "CreationPolicy": { + "type": "object" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Count": { + "markdownDescription": "The number of success signals that CloudFormation must receive before it continues the stack creation process. When the wait condition receives the requisite number of success signals, CloudFormation resumes the creation of the stack. If the wait condition doesn't receive the specified number of success signals before the Timeout period expires, CloudFormation assumes that the wait condition has failed and rolls the stack back.\n\nUpdates aren't supported.", + "title": "Count", + "type": "number" + }, + "Handle": { + "markdownDescription": "A reference to the wait condition handle used to signal this wait condition. Use the `Ref` intrinsic function to specify an [AWS::CloudFormation::WaitConditionHandle](https://docs.aws.amazon.com/AWSCloudFormation/latest/TemplateReference/aws-resource-cloudformation-waitconditionhandle.html) resource.\n\nAnytime you add a `WaitCondition` resource during a stack update, you must associate the wait condition with a new WaitConditionHandle resource. Don't reuse an old wait condition handle that has already been defined in the template. If you reuse a wait condition handle, the wait condition might evaluate old signals from a previous create or update stack command.\n\nUpdates aren't supported.", + "title": "Handle", + "type": "string" + }, + "Timeout": { + "markdownDescription": "The length of time (in seconds) to wait for the number of signals that the `Count` property specifies. `Timeout` is a minimum-bound property, meaning the timeout occurs no sooner than the time you specify, but can occur shortly thereafter. The maximum time that can be specified for this property is 12 hours (43200 seconds).\n\nUpdates aren't supported.", + "title": "Timeout", + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::CloudFormation::WaitCondition" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "CommitId", - "Repository" + "Type" ], "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.GreenFleetProvisioningOption": { + "AWS::CloudFormation::WaitConditionHandle": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The method used to add instances to a replacement environment.\n\n- `DISCOVER_EXISTING` : Use instances that already exist or will be created manually.\n- `COPY_AUTO_SCALING_GROUP` : Use settings from a specified Auto Scaling group to define and create instances in a new Auto Scaling group.", - "title": "Action", + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::CloudFormation::WaitConditionHandle" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.LoadBalancerInfo": { + "AWS::CloudFront::AnycastIpList": { "additionalProperties": false, "properties": { - "ElbInfoList": { - "items": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.ELBInfo" - }, - "markdownDescription": "An array that contains information about the load balancers to use for load balancing in a deployment. If you're using Classic Load Balancers, specify those load balancers in this array.\n\n> You can add up to 10 load balancers to the array. > If you're using Application Load Balancers or Network Load Balancers, use the `targetGroupInfoList` array instead of this one.", - "title": "ElbInfoList", - "type": "array" + "Condition": { + "type": "string" }, - "TargetGroupInfoList": { - "items": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TargetGroupInfo" - }, - "markdownDescription": "An array that contains information about the target groups to use for load balancing in a deployment. If you're using Application Load Balancers and Network Load Balancers, specify their associated target groups in this array.\n\n> You can add up to 10 target groups to the array. > If you're using Classic Load Balancers, use the `elbInfoList` array instead of this one.", - "title": "TargetGroupInfoList", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "TargetGroupPairInfoList": { - "items": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TargetGroupPairInfo" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "IpCount": { + "markdownDescription": "The number of IP addresses in the Anycast static IP list.", + "title": "IpCount", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of the Anycast static IP list.", + "title": "Name", + "type": "string" + }, + "Tags": { + "$ref": "#/definitions/AWS::CloudFront::AnycastIpList.Tags", + "markdownDescription": "A complex type that contains zero or more `Tag` elements.", + "title": "Tags" + } }, - "markdownDescription": "The target group pair information. This is an array of `TargeGroupPairInfo` objects with a maximum size of one.", - "title": "TargetGroupPairInfoList", - "type": "array" + "required": [ + "IpCount", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::CloudFront::AnycastIpList" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.OnPremisesTagSet": { + "AWS::CloudFront::AnycastIpList.AnycastIpList": { "additionalProperties": false, "properties": { - "OnPremisesTagSetList": { + "AnycastIps": { "items": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.OnPremisesTagSetListObject" + "type": "string" }, - "markdownDescription": "A list that contains other lists of on-premises instance tag groups. For an instance to be included in the deployment group, it must be identified by all of the tag groups in the list.\n\nDuplicates are not allowed.", - "title": "OnPremisesTagSetList", + "markdownDescription": "The static IP addresses that are allocated to the Anycast static IP list.", + "title": "AnycastIps", "type": "array" + }, + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Anycast static IP list.", + "title": "Arn", + "type": "string" + }, + "Id": { + "markdownDescription": "The ID of the Anycast static IP list.", + "title": "Id", + "type": "string" + }, + "IpCount": { + "markdownDescription": "The number of IP addresses in the Anycast static IP list.", + "title": "IpCount", + "type": "number" + }, + "LastModifiedTime": { + "markdownDescription": "The last time the Anycast static IP list was modified.", + "title": "LastModifiedTime", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the Anycast static IP list.", + "title": "Name", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the Anycast static IP list. Valid values: `Deployed` , `Deploying` , or `Failed` .", + "title": "Status", + "type": "string" } }, + "required": [ + "AnycastIps", + "Arn", + "Id", + "IpCount", + "LastModifiedTime", + "Name", + "Status" + ], "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.OnPremisesTagSetListObject": { + "AWS::CloudFront::AnycastIpList.Tags": { "additionalProperties": false, "properties": { - "OnPremisesTagGroup": { + "Items": { "items": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TagFilter" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "Information about groups of on-premises instance tags.", - "title": "OnPremisesTagGroup", + "markdownDescription": "A complex type that contains `Tag` elements.", + "title": "Items", "type": "array" } }, "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.RevisionLocation": { + "AWS::CloudFront::CachePolicy": { "additionalProperties": false, "properties": { - "GitHubLocation": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.GitHubLocation", - "markdownDescription": "Information about the location of application artifacts stored in GitHub.", - "title": "GitHubLocation" - }, - "RevisionType": { - "markdownDescription": "The type of application revision:\n\n- S3: An application revision stored in Amazon S3.\n- GitHub: An application revision stored in GitHub (EC2/On-premises deployments only).\n- String: A YAML-formatted or JSON-formatted string ( AWS Lambda deployments only).\n- AppSpecContent: An `AppSpecContent` object that contains the contents of an AppSpec file for an AWS Lambda or Amazon ECS deployment. The content is formatted as JSON or YAML stored as a RawString.", - "title": "RevisionType", + "Condition": { "type": "string" }, - "S3Location": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.S3Location", - "markdownDescription": "Information about the location of a revision stored in Amazon S3.", - "title": "S3Location" - } - }, - "type": "object" - }, - "AWS::CodeDeploy::DeploymentGroup.S3Location": { - "additionalProperties": false, - "properties": { - "Bucket": { - "markdownDescription": "The name of the Amazon S3 bucket where the application revision is stored.", - "title": "Bucket", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "BundleType": { - "markdownDescription": "The file type of the application revision. Must be one of the following:\n\n- JSON\n- tar: A tar archive file.\n- tgz: A compressed tar archive file.\n- YAML\n- zip: A zip archive file.", - "title": "BundleType", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ETag": { - "markdownDescription": "The ETag of the Amazon S3 object that represents the bundled artifacts for the application revision.\n\nIf the ETag is not specified as an input parameter, ETag validation of the object is skipped.", - "title": "ETag", - "type": "string" + "Metadata": { + "type": "object" }, - "Key": { - "markdownDescription": "The name of the Amazon S3 object that represents the bundled artifacts for the application revision.", - "title": "Key", + "Properties": { + "additionalProperties": false, + "properties": { + "CachePolicyConfig": { + "$ref": "#/definitions/AWS::CloudFront::CachePolicy.CachePolicyConfig", + "markdownDescription": "The cache policy configuration.", + "title": "CachePolicyConfig" + } + }, + "required": [ + "CachePolicyConfig" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::CloudFront::CachePolicy" + ], "type": "string" }, - "Version": { - "markdownDescription": "A specific version of the Amazon S3 object that represents the bundled artifacts for the application revision.\n\nIf the version is not specified, the system uses the most recent version by default.", - "title": "Version", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Bucket", - "Key" + "Type", + "Properties" ], "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.TagFilter": { + "AWS::CloudFront::CachePolicy.CachePolicyConfig": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The on-premises instance tag filter key.", - "title": "Key", + "Comment": { + "markdownDescription": "A comment to describe the cache policy. The comment cannot be longer than 128 characters.", + "title": "Comment", "type": "string" }, - "Type": { - "markdownDescription": "The on-premises instance tag filter type:\n\n- KEY_ONLY: Key only.\n- VALUE_ONLY: Value only.\n- KEY_AND_VALUE: Key and value.", - "title": "Type", - "type": "string" + "DefaultTTL": { + "markdownDescription": "The default amount of time, in seconds, that you want objects to stay in the CloudFront cache before CloudFront sends another request to the origin to see if the object has been updated. CloudFront uses this value as the object's time to live (TTL) only when the origin does *not* send `Cache-Control` or `Expires` headers with the object. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .\n\nThe default value for this field is 86400 seconds (one day). If the value of `MinTTL` is more than 86400 seconds, then the default value for this field is the same as the value of `MinTTL` .", + "title": "DefaultTTL", + "type": "number" }, - "Value": { - "markdownDescription": "The on-premises instance tag filter value.", - "title": "Value", + "MaxTTL": { + "markdownDescription": "The maximum amount of time, in seconds, that objects stay in the CloudFront cache before CloudFront sends another request to the origin to see if the object has been updated. CloudFront uses this value only when the origin sends `Cache-Control` or `Expires` headers with the object. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .\n\nThe default value for this field is 31536000 seconds (one year). If the value of `MinTTL` or `DefaultTTL` is more than 31536000 seconds, then the default value for this field is the same as the value of `DefaultTTL` .", + "title": "MaxTTL", + "type": "number" + }, + "MinTTL": { + "markdownDescription": "The minimum amount of time, in seconds, that you want objects to stay in the CloudFront cache before CloudFront sends another request to the origin to see if the object has been updated. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", + "title": "MinTTL", + "type": "number" + }, + "Name": { + "markdownDescription": "A unique name to identify the cache policy.", + "title": "Name", "type": "string" + }, + "ParametersInCacheKeyAndForwardedToOrigin": { + "$ref": "#/definitions/AWS::CloudFront::CachePolicy.ParametersInCacheKeyAndForwardedToOrigin", + "markdownDescription": "The HTTP headers, cookies, and URL query strings to include in the cache key. The values included in the cache key are also included in requests that CloudFront sends to the origin.", + "title": "ParametersInCacheKeyAndForwardedToOrigin" } }, + "required": [ + "DefaultTTL", + "MaxTTL", + "MinTTL", + "Name", + "ParametersInCacheKeyAndForwardedToOrigin" + ], "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.TargetGroupInfo": { + "AWS::CloudFront::CachePolicy.CookiesConfig": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "For blue/green deployments, the name of the target group that instances in the original environment are deregistered from, and instances in the replacement environment registered with. For in-place deployments, the name of the target group that instances are deregistered from, so they are not serving traffic during a deployment, and then re-registered with after the deployment completes. No duplicates allowed.\n\n> AWS CloudFormation supports blue/green deployments on AWS Lambda compute platforms only. \n\nThis value cannot exceed 32 characters, so you should use the `Name` property of the target group, or the `TargetGroupName` attribute with the `Fn::GetAtt` intrinsic function, as shown in the following example. Don't use the group's Amazon Resource Name (ARN) or `TargetGroupFullName` attribute.", - "title": "Name", + "CookieBehavior": { + "markdownDescription": "Determines whether any cookies in viewer requests are included in the cache key and in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` \u2013 No cookies in viewer requests are included in the cache key or in requests that CloudFront sends to the origin. Even when this field is set to `none` , any cookies that are listed in an `OriginRequestPolicy` *are* included in origin requests.\n- `whitelist` \u2013 Only the cookies in viewer requests that are listed in the `CookieNames` type are included in the cache key and in requests that CloudFront sends to the origin.\n- `allExcept` \u2013 All cookies in viewer requests are included in the cache key and in requests that CloudFront sends to the origin, **except** for those that are listed in the `CookieNames` type, which are not included.\n- `all` \u2013 All cookies in viewer requests are included in the cache key and in requests that CloudFront sends to the origin.", + "title": "CookieBehavior", "type": "string" + }, + "Cookies": { + "items": { + "type": "string" + }, + "markdownDescription": "Contains a list of cookie names.", + "title": "Cookies", + "type": "array" } }, + "required": [ + "CookieBehavior" + ], "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.TargetGroupPairInfo": { + "AWS::CloudFront::CachePolicy.HeadersConfig": { "additionalProperties": false, "properties": { - "ProdTrafficRoute": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TrafficRoute", - "markdownDescription": "The path used by a load balancer to route production traffic when an Amazon ECS deployment is complete.", - "title": "ProdTrafficRoute" + "HeaderBehavior": { + "markdownDescription": "Determines whether any HTTP headers are included in the cache key and in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` \u2013 No HTTP headers are included in the cache key or in requests that CloudFront sends to the origin. Even when this field is set to `none` , any headers that are listed in an `OriginRequestPolicy` *are* included in origin requests.\n- `whitelist` \u2013 Only the HTTP headers that are listed in the `Headers` type are included in the cache key and in requests that CloudFront sends to the origin.", + "title": "HeaderBehavior", + "type": "string" }, - "TargetGroups": { + "Headers": { "items": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TargetGroupInfo" + "type": "string" }, - "markdownDescription": "One pair of target groups. One is associated with the original task set. The second is associated with the task set that serves traffic after the deployment is complete.", - "title": "TargetGroups", + "markdownDescription": "Contains a list of HTTP header names.", + "title": "Headers", "type": "array" - }, - "TestTrafficRoute": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TrafficRoute", - "markdownDescription": "An optional path used by a load balancer to route test traffic after an Amazon ECS deployment. Validation can occur while test traffic is served during a deployment.", - "title": "TestTrafficRoute" } }, + "required": [ + "HeaderBehavior" + ], "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.TrafficRoute": { + "AWS::CloudFront::CachePolicy.ParametersInCacheKeyAndForwardedToOrigin": { "additionalProperties": false, "properties": { - "ListenerArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Name (ARN) of one listener. The listener identifies the route between a target group and a load balancer. This is an array of strings with a maximum size of one.", - "title": "ListenerArns", - "type": "array" + "CookiesConfig": { + "$ref": "#/definitions/AWS::CloudFront::CachePolicy.CookiesConfig", + "markdownDescription": "An object that determines whether any cookies in viewer requests (and if so, which cookies) are included in the cache key and in requests that CloudFront sends to the origin.", + "title": "CookiesConfig" + }, + "EnableAcceptEncodingBrotli": { + "markdownDescription": "A flag that can affect whether the `Accept-Encoding` HTTP header is included in the cache key and included in requests that CloudFront sends to the origin.\n\nThis field is related to the `EnableAcceptEncodingGzip` field. If one or both of these fields is `true` *and* the viewer request includes the `Accept-Encoding` header, then CloudFront does the following:\n\n- Normalizes the value of the viewer's `Accept-Encoding` header\n- Includes the normalized header in the cache key\n- Includes the normalized header in the request to the origin, if a request is necessary\n\nFor more information, see [Compression support](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-policy-compressed-objects) in the *Amazon CloudFront Developer Guide* .\n\nIf you set this value to `true` , and this cache behavior also has an origin request policy attached, do not include the `Accept-Encoding` header in the origin request policy. CloudFront always includes the `Accept-Encoding` header in origin requests when the value of this field is `true` , so including this header in an origin request policy has no effect.\n\nIf both of these fields are `false` , then CloudFront treats the `Accept-Encoding` header the same as any other HTTP header in the viewer request. By default, it's not included in the cache key and it's not included in origin requests. In this case, you can manually add `Accept-Encoding` to the headers whitelist like any other HTTP header.", + "title": "EnableAcceptEncodingBrotli", + "type": "boolean" + }, + "EnableAcceptEncodingGzip": { + "markdownDescription": "A flag that can affect whether the `Accept-Encoding` HTTP header is included in the cache key and included in requests that CloudFront sends to the origin.\n\nThis field is related to the `EnableAcceptEncodingBrotli` field. If one or both of these fields is `true` *and* the viewer request includes the `Accept-Encoding` header, then CloudFront does the following:\n\n- Normalizes the value of the viewer's `Accept-Encoding` header\n- Includes the normalized header in the cache key\n- Includes the normalized header in the request to the origin, if a request is necessary\n\nFor more information, see [Compression support](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-policy-compressed-objects) in the *Amazon CloudFront Developer Guide* .\n\nIf you set this value to `true` , and this cache behavior also has an origin request policy attached, do not include the `Accept-Encoding` header in the origin request policy. CloudFront always includes the `Accept-Encoding` header in origin requests when the value of this field is `true` , so including this header in an origin request policy has no effect.\n\nIf both of these fields are `false` , then CloudFront treats the `Accept-Encoding` header the same as any other HTTP header in the viewer request. By default, it's not included in the cache key and it's not included in origin requests. In this case, you can manually add `Accept-Encoding` to the headers whitelist like any other HTTP header.", + "title": "EnableAcceptEncodingGzip", + "type": "boolean" + }, + "HeadersConfig": { + "$ref": "#/definitions/AWS::CloudFront::CachePolicy.HeadersConfig", + "markdownDescription": "An object that determines whether any HTTP headers (and if so, which headers) are included in the cache key and in requests that CloudFront sends to the origin.", + "title": "HeadersConfig" + }, + "QueryStringsConfig": { + "$ref": "#/definitions/AWS::CloudFront::CachePolicy.QueryStringsConfig", + "markdownDescription": "An object that determines whether any URL query strings in viewer requests (and if so, which query strings) are included in the cache key and in requests that CloudFront sends to the origin.", + "title": "QueryStringsConfig" } }, + "required": [ + "CookiesConfig", + "EnableAcceptEncodingGzip", + "HeadersConfig", + "QueryStringsConfig" + ], "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.TriggerConfig": { + "AWS::CloudFront::CachePolicy.QueryStringsConfig": { "additionalProperties": false, "properties": { - "TriggerEvents": { + "QueryStringBehavior": { + "markdownDescription": "Determines whether any URL query strings in viewer requests are included in the cache key and in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` \u2013 No query strings in viewer requests are included in the cache key or in requests that CloudFront sends to the origin. Even when this field is set to `none` , any query strings that are listed in an `OriginRequestPolicy` *are* included in origin requests.\n- `whitelist` \u2013 Only the query strings in viewer requests that are listed in the `QueryStringNames` type are included in the cache key and in requests that CloudFront sends to the origin.\n- `allExcept` \u2013 All query strings in viewer requests are included in the cache key and in requests that CloudFront sends to the origin, **except** those that are listed in the `QueryStringNames` type, which are not included.\n- `all` \u2013 All query strings in viewer requests are included in the cache key and in requests that CloudFront sends to the origin.", + "title": "QueryStringBehavior", + "type": "string" + }, + "QueryStrings": { "items": { "type": "string" }, - "markdownDescription": "The event type or types that trigger notifications.", - "title": "TriggerEvents", + "markdownDescription": "Contains a list of query string names.", + "title": "QueryStrings", "type": "array" - }, - "TriggerName": { - "markdownDescription": "The name of the notification trigger.", - "title": "TriggerName", - "type": "string" - }, - "TriggerTargetArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Simple Notification Service topic through which notifications about deployment or instance events are sent.", - "title": "TriggerTargetArn", - "type": "string" } }, + "required": [ + "QueryStringBehavior" + ], "type": "object" }, - "AWS::CodeGuruProfiler::ProfilingGroup": { + "AWS::CloudFront::CloudFrontOriginAccessIdentity": { "additionalProperties": false, "properties": { "Condition": { @@ -43441,46 +49008,20 @@ "Properties": { "additionalProperties": false, "properties": { - "AgentPermissions": { - "$ref": "#/definitions/AWS::CodeGuruProfiler::ProfilingGroup.AgentPermissions", - "markdownDescription": "The agent permissions attached to this profiling group. This action group grants `ConfigureAgent` and `PostAgentProfile` permissions to perform actions required by the profiling agent. The Json consists of key `Principals` .\n\n*Principals* : A list of string ARNs for the roles and users you want to grant access to the profiling group. Wildcards are not supported in the ARNs. You are allowed to provide up to 50 ARNs. An empty list is not permitted. This is a required key.\n\nFor more information, see [Resource-based policies in CodeGuru Profiler](https://docs.aws.amazon.com/codeguru/latest/profiler-ug/resource-based-policies.html) in the *Amazon CodeGuru Profiler user guide* , [ConfigureAgent](https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_ConfigureAgent.html) , and [PostAgentProfile](https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_PostAgentProfile.html) .", - "title": "AgentPermissions" - }, - "AnomalyDetectionNotificationConfiguration": { - "items": { - "$ref": "#/definitions/AWS::CodeGuruProfiler::ProfilingGroup.Channel" - }, - "markdownDescription": "Adds anomaly notifications for a profiling group.", - "title": "AnomalyDetectionNotificationConfiguration", - "type": "array" - }, - "ComputePlatform": { - "markdownDescription": "The compute platform of the profiling group. Use `AWSLambda` if your application runs on AWS Lambda. Use `Default` if your application runs on a compute platform that is not AWS Lambda , such an Amazon EC2 instance, an on-premises server, or a different platform. If not specified, `Default` is used. This property is immutable.", - "title": "ComputePlatform", - "type": "string" - }, - "ProfilingGroupName": { - "markdownDescription": "The name of the profiling group.", - "title": "ProfilingGroupName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of tags to add to the created profiling group.", - "title": "Tags", - "type": "array" + "CloudFrontOriginAccessIdentityConfig": { + "$ref": "#/definitions/AWS::CloudFront::CloudFrontOriginAccessIdentity.CloudFrontOriginAccessIdentityConfig", + "markdownDescription": "The current configuration information for the identity.", + "title": "CloudFrontOriginAccessIdentityConfig" } }, "required": [ - "ProfilingGroupName" + "CloudFrontOriginAccessIdentityConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeGuruProfiler::ProfilingGroup" + "AWS::CloudFront::CloudFrontOriginAccessIdentity" ], "type": "string" }, @@ -43499,43 +49040,21 @@ ], "type": "object" }, - "AWS::CodeGuruProfiler::ProfilingGroup.AgentPermissions": { - "additionalProperties": false, - "properties": { - "Principals": { - "items": { - "type": "string" - }, - "markdownDescription": "", - "title": "Principals", - "type": "array" - } - }, - "required": [ - "Principals" - ], - "type": "object" - }, - "AWS::CodeGuruProfiler::ProfilingGroup.Channel": { + "AWS::CloudFront::CloudFrontOriginAccessIdentity.CloudFrontOriginAccessIdentityConfig": { "additionalProperties": false, "properties": { - "channelId": { - "markdownDescription": "The channel ID.", - "title": "channelId", - "type": "string" - }, - "channelUri": { - "markdownDescription": "The channel URI.", - "title": "channelUri", + "Comment": { + "markdownDescription": "A comment to describe the origin access identity. The comment cannot be longer than 128 characters.", + "title": "Comment", "type": "string" } }, "required": [ - "channelUri" + "Comment" ], "type": "object" }, - "AWS::CodeGuruReviewer::RepositoryAssociation": { + "AWS::CloudFront::ConnectionGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -43570,49 +49089,43 @@ "Properties": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "The name of the bucket. This is required for your S3Bucket repository. The name must start with the prefix `codeguru-reviewer-*` .", - "title": "BucketName", + "AnycastIpListId": { + "markdownDescription": "The ID of the Anycast static IP list.", + "title": "AnycastIpListId", "type": "string" }, - "ConnectionArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS CodeStar Connections connection. Its format is `arn:aws:codestar-connections:region-id:aws-account_id:connection/connection-id` . For more information, see [Connection](https://docs.aws.amazon.com/codestar-connections/latest/APIReference/API_Connection.html) in the *AWS CodeStar Connections API Reference* .\n\n`ConnectionArn` must be specified for Bitbucket and GitHub Enterprise Server repositories. It has no effect if it is specified for an AWS CodeCommit repository.", - "title": "ConnectionArn", - "type": "string" + "Enabled": { + "markdownDescription": "Whether the connection group is enabled.", + "title": "Enabled", + "type": "boolean" + }, + "Ipv6Enabled": { + "markdownDescription": "IPv6 is enabled for the connection group.", + "title": "Ipv6Enabled", + "type": "boolean" }, "Name": { - "markdownDescription": "The name of the repository.", + "markdownDescription": "The name of the connection group.", "title": "Name", "type": "string" }, - "Owner": { - "markdownDescription": "The owner of the repository. For a GitHub Enterprise Server or Bitbucket repository, this is the username for the account that owns the repository.\n\n`Owner` must be specified for Bitbucket and GitHub Enterprise Server repositories. It has no effect if it is specified for an AWS CodeCommit repository.", - "title": "Owner", - "type": "string" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs used to tag an associated repository. A tag is a custom attribute label with two parts:\n\n- A *tag key* (for example, `CostCenter` , `Environment` , `Project` , or `Secret` ). Tag keys are case sensitive.\n- An optional field known as a *tag value* (for example, `111122223333` , `Production` , or a team name). Omitting the tag value is the same as using an empty string. Like tag keys, tag values are case sensitive.", + "markdownDescription": "A complex type that contains zero or more `Tag` elements.", "title": "Tags", "type": "array" - }, - "Type": { - "markdownDescription": "The type of repository that contains the source code to be reviewed. The valid values are:\n\n- `CodeCommit`\n- `Bitbucket`\n- `GitHubEnterpriseServer`\n- `S3Bucket`", - "title": "Type", - "type": "string" } }, "required": [ - "Name", - "Type" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeGuruReviewer::RepositoryAssociation" + "AWS::CloudFront::ConnectionGroup" ], "type": "string" }, @@ -43631,7 +49144,7 @@ ], "type": "object" }, - "AWS::CodePipeline::CustomActionType": { + "AWS::CloudFront::ContinuousDeploymentPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -43666,65 +49179,20 @@ "Properties": { "additionalProperties": false, "properties": { - "Category": { - "markdownDescription": "The category of the custom action, such as a build action or a test action.", - "title": "Category", - "type": "string" - }, - "ConfigurationProperties": { - "items": { - "$ref": "#/definitions/AWS::CodePipeline::CustomActionType.ConfigurationProperties" - }, - "markdownDescription": "The configuration properties for the custom action.\n\n> You can refer to a name in the configuration properties of the custom action within the URL templates by following the format of {Config:name}, as long as the configuration property is both required and not secret. For more information, see [Create a Custom Action for a Pipeline](https://docs.aws.amazon.com/codepipeline/latest/userguide/how-to-create-custom-action.html) .", - "title": "ConfigurationProperties", - "type": "array" - }, - "InputArtifactDetails": { - "$ref": "#/definitions/AWS::CodePipeline::CustomActionType.ArtifactDetails", - "markdownDescription": "The details of the input artifact for the action, such as its commit ID.", - "title": "InputArtifactDetails" - }, - "OutputArtifactDetails": { - "$ref": "#/definitions/AWS::CodePipeline::CustomActionType.ArtifactDetails", - "markdownDescription": "The details of the output artifact of the action, such as its commit ID.", - "title": "OutputArtifactDetails" - }, - "Provider": { - "markdownDescription": "The provider of the service used in the custom action, such as CodeDeploy.", - "title": "Provider", - "type": "string" - }, - "Settings": { - "$ref": "#/definitions/AWS::CodePipeline::CustomActionType.Settings", - "markdownDescription": "URLs that provide users information about this custom action.", - "title": "Settings" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags for the custom action.", - "title": "Tags", - "type": "array" - }, - "Version": { - "markdownDescription": "The version identifier of the custom action.", - "title": "Version", - "type": "string" + "ContinuousDeploymentPolicyConfig": { + "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.ContinuousDeploymentPolicyConfig", + "markdownDescription": "Contains the configuration for a continuous deployment policy.", + "title": "ContinuousDeploymentPolicyConfig" } }, "required": [ - "Category", - "InputArtifactDetails", - "OutputArtifactDetails", - "Provider", - "Version" + "ContinuousDeploymentPolicyConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodePipeline::CustomActionType" + "AWS::CloudFront::ContinuousDeploymentPolicy" ], "type": "string" }, @@ -43743,100 +49211,172 @@ ], "type": "object" }, - "AWS::CodePipeline::CustomActionType.ArtifactDetails": { + "AWS::CloudFront::ContinuousDeploymentPolicy.ContinuousDeploymentPolicyConfig": { "additionalProperties": false, "properties": { - "MaximumCount": { - "markdownDescription": "The maximum number of artifacts allowed for the action type.", - "title": "MaximumCount", + "Enabled": { + "markdownDescription": "A Boolean that indicates whether this continuous deployment policy is enabled (in effect). When this value is `true` , this policy is enabled and in effect. When this value is `false` , this policy is not enabled and has no effect.", + "title": "Enabled", + "type": "boolean" + }, + "SingleHeaderPolicyConfig": { + "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.SingleHeaderPolicyConfig", + "markdownDescription": "This configuration determines which HTTP requests are sent to the staging distribution. If the HTTP request contains a header and value that matches what you specify here, the request is sent to the staging distribution. Otherwise the request is sent to the primary distribution.", + "title": "SingleHeaderPolicyConfig" + }, + "SingleWeightPolicyConfig": { + "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.SingleWeightPolicyConfig", + "markdownDescription": "This configuration determines the percentage of HTTP requests that are sent to the staging distribution.", + "title": "SingleWeightPolicyConfig" + }, + "StagingDistributionDnsNames": { + "items": { + "type": "string" + }, + "markdownDescription": "The CloudFront domain name of the staging distribution. For example: `d111111abcdef8.cloudfront.net` .", + "title": "StagingDistributionDnsNames", + "type": "array" + }, + "TrafficConfig": { + "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.TrafficConfig", + "markdownDescription": "Contains the parameters for routing production traffic from your primary to staging distributions.", + "title": "TrafficConfig" + }, + "Type": { + "markdownDescription": "The type of traffic configuration.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Enabled", + "StagingDistributionDnsNames" + ], + "type": "object" + }, + "AWS::CloudFront::ContinuousDeploymentPolicy.SessionStickinessConfig": { + "additionalProperties": false, + "properties": { + "IdleTTL": { + "markdownDescription": "The amount of time after which you want sessions to cease if no requests are received. Allowed values are 300\u20133600 seconds (5\u201360 minutes).", + "title": "IdleTTL", "type": "number" }, - "MinimumCount": { - "markdownDescription": "The minimum number of artifacts allowed for the action type.", - "title": "MinimumCount", + "MaximumTTL": { + "markdownDescription": "The maximum amount of time to consider requests from the viewer as being part of the same session. Allowed values are 300\u20133600 seconds (5\u201360 minutes).", + "title": "MaximumTTL", "type": "number" } }, "required": [ - "MaximumCount", - "MinimumCount" + "IdleTTL", + "MaximumTTL" ], "type": "object" }, - "AWS::CodePipeline::CustomActionType.ConfigurationProperties": { + "AWS::CloudFront::ContinuousDeploymentPolicy.SingleHeaderConfig": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the action configuration property that is displayed to users.", - "title": "Description", - "type": "string" - }, - "Key": { - "markdownDescription": "Whether the configuration property is a key.", - "title": "Key", - "type": "boolean" - }, - "Name": { - "markdownDescription": "The name of the action configuration property.", - "title": "Name", + "Header": { + "markdownDescription": "The request header name that you want CloudFront to send to your staging distribution. The header must contain the prefix `aws-cf-cd-` .", + "title": "Header", "type": "string" }, - "Queryable": { - "markdownDescription": "Indicates that the property is used with `PollForJobs` . When creating a custom action, an action can have up to one queryable property. If it has one, that property must be both required and not secret.\n\nIf you create a pipeline with a custom action type, and that custom action contains a queryable property, the value for that configuration property is subject to other restrictions. The value must be less than or equal to twenty (20) characters. The value can contain only alphanumeric characters, underscores, and hyphens.", - "title": "Queryable", - "type": "boolean" - }, - "Required": { - "markdownDescription": "Whether the configuration property is a required value.", - "title": "Required", - "type": "boolean" - }, - "Secret": { - "markdownDescription": "Whether the configuration property is secret. Secrets are hidden from all calls except for `GetJobDetails` , `GetThirdPartyJobDetails` , `PollForJobs` , and `PollForThirdPartyJobs` .\n\nWhen updating a pipeline, passing * * * * * without changing any other values of the action preserves the previous value of the secret.", - "title": "Secret", - "type": "boolean" - }, - "Type": { - "markdownDescription": "The type of the configuration property.", - "title": "Type", + "Value": { + "markdownDescription": "The request header value.", + "title": "Value", "type": "string" } }, "required": [ - "Key", - "Name", - "Required", - "Secret" + "Header", + "Value" ], "type": "object" }, - "AWS::CodePipeline::CustomActionType.Settings": { + "AWS::CloudFront::ContinuousDeploymentPolicy.SingleHeaderPolicyConfig": { "additionalProperties": false, "properties": { - "EntityUrlTemplate": { - "markdownDescription": "The URL returned to the CodePipeline console that provides a deep link to the resources of the external system, such as the configuration page for a CodeDeploy deployment group. This link is provided as part of the action display in the pipeline.", - "title": "EntityUrlTemplate", + "Header": { + "markdownDescription": "The name of the HTTP header that CloudFront uses to configure for the single header policy.", + "title": "Header", "type": "string" }, - "ExecutionUrlTemplate": { - "markdownDescription": "The URL returned to the CodePipeline console that contains a link to the top-level landing page for the external system, such as the console page for CodeDeploy. This link is shown on the pipeline view page in the CodePipeline console and provides a link to the execution entity of the external action.", - "title": "ExecutionUrlTemplate", + "Value": { + "markdownDescription": "Specifies the value to assign to the header for a single header policy.", + "title": "Value", "type": "string" + } + }, + "required": [ + "Header", + "Value" + ], + "type": "object" + }, + "AWS::CloudFront::ContinuousDeploymentPolicy.SingleWeightConfig": { + "additionalProperties": false, + "properties": { + "SessionStickinessConfig": { + "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.SessionStickinessConfig", + "markdownDescription": "Session stickiness provides the ability to define multiple requests from a single viewer as a single session. This prevents the potentially inconsistent experience of sending some of a given user's requests to your staging distribution, while others are sent to your primary distribution. Define the session duration using TTL values.", + "title": "SessionStickinessConfig" }, - "RevisionUrlTemplate": { - "markdownDescription": "The URL returned to the CodePipeline console that contains a link to the page where customers can update or change the configuration of the external action.", - "title": "RevisionUrlTemplate", - "type": "string" + "Weight": { + "markdownDescription": "The percentage of traffic to send to a staging distribution, expressed as a decimal number between 0 and 0.15. For example, a value of 0.10 means 10% of traffic is sent to the staging distribution.", + "title": "Weight", + "type": "number" + } + }, + "required": [ + "Weight" + ], + "type": "object" + }, + "AWS::CloudFront::ContinuousDeploymentPolicy.SingleWeightPolicyConfig": { + "additionalProperties": false, + "properties": { + "SessionStickinessConfig": { + "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.SessionStickinessConfig", + "markdownDescription": "Enable session stickiness for the associated origin or cache settings.", + "title": "SessionStickinessConfig" }, - "ThirdPartyConfigurationUrl": { - "markdownDescription": "The URL of a sign-up page where users can sign up for an external service and perform initial configuration of the action provided by that service.", - "title": "ThirdPartyConfigurationUrl", + "Weight": { + "markdownDescription": "The percentage of requests that CloudFront will use to send to an associated origin or cache settings.", + "title": "Weight", + "type": "number" + } + }, + "required": [ + "Weight" + ], + "type": "object" + }, + "AWS::CloudFront::ContinuousDeploymentPolicy.TrafficConfig": { + "additionalProperties": false, + "properties": { + "SingleHeaderConfig": { + "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.SingleHeaderConfig", + "markdownDescription": "Determines which HTTP requests are sent to the staging distribution.", + "title": "SingleHeaderConfig" + }, + "SingleWeightConfig": { + "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.SingleWeightConfig", + "markdownDescription": "Contains the percentage of traffic to send to the staging distribution.", + "title": "SingleWeightConfig" + }, + "Type": { + "markdownDescription": "The type of traffic configuration.", + "title": "Type", "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::CodePipeline::Pipeline": { + "AWS::CloudFront::Distribution": { "additionalProperties": false, "properties": { "Condition": { @@ -43871,94 +49411,28 @@ "Properties": { "additionalProperties": false, "properties": { - "ArtifactStore": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.ArtifactStore", - "markdownDescription": "The S3 bucket where artifacts for the pipeline are stored.\n\n> You must include either `artifactStore` or `artifactStores` in your pipeline, but you cannot use both. If you create a cross-region action in your pipeline, you must use `artifactStores` .", - "title": "ArtifactStore" - }, - "ArtifactStores": { - "items": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.ArtifactStoreMap" - }, - "markdownDescription": "A mapping of `artifactStore` objects and their corresponding AWS Regions. There must be an artifact store for the pipeline Region and for each cross-region action in the pipeline.\n\n> You must include either `artifactStore` or `artifactStores` in your pipeline, but you cannot use both. If you create a cross-region action in your pipeline, you must use `artifactStores` .", - "title": "ArtifactStores", - "type": "array" + "DistributionConfig": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.DistributionConfig", + "markdownDescription": "The distribution's configuration.", + "title": "DistributionConfig" }, - "DisableInboundStageTransitions": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.StageTransition" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "Represents the input of a `DisableStageTransition` action.", - "title": "DisableInboundStageTransitions", - "type": "array" - }, - "ExecutionMode": { - "markdownDescription": "The method that the pipeline will use to handle multiple executions. The default mode is SUPERSEDED.", - "title": "ExecutionMode", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the pipeline.", - "title": "Name", - "type": "string" - }, - "PipelineType": { - "markdownDescription": "CodePipeline provides the following pipeline types, which differ in characteristics and price, so that you can tailor your pipeline features and cost to the needs of your applications.\n\n- V1 type pipelines have a JSON structure that contains standard pipeline, stage, and action-level parameters.\n- V2 type pipelines have the same structure as a V1 type, along with additional parameters for release safety and trigger configuration.\n\n> Including V2 parameters, such as triggers on Git tags, in the pipeline JSON when creating or updating a pipeline will result in the pipeline having the V2 type of pipeline and the associated costs. \n\nFor information about pricing for CodePipeline, see [Pricing](https://docs.aws.amazon.com/codepipeline/pricing/) .\n\nFor information about which type of pipeline to choose, see [What type of pipeline is right for me?](https://docs.aws.amazon.com/codepipeline/latest/userguide/pipeline-types-planning.html) .", - "title": "PipelineType", - "type": "string" - }, - "RestartExecutionOnUpdate": { - "markdownDescription": "Indicates whether to rerun the CodePipeline pipeline after you update it.", - "title": "RestartExecutionOnUpdate", - "type": "boolean" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for CodePipeline to use to either perform actions with no `actionRoleArn` , or to use to assume roles for actions with an `actionRoleArn` .", - "title": "RoleArn", - "type": "string" - }, - "Stages": { - "items": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.StageDeclaration" - }, - "markdownDescription": "Represents information about a stage and its definition.", - "title": "Stages", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Specifies the tags applied to the pipeline.", - "title": "Tags", - "type": "array" - }, - "Triggers": { - "items": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.PipelineTriggerDeclaration" - }, - "markdownDescription": "The trigger configuration specifying a type of event, such as Git tags, that starts the pipeline.\n\n> When a trigger configuration is specified, default change detection for repository and branch commits is disabled.", - "title": "Triggers", - "type": "array" - }, - "Variables": { - "items": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.VariableDeclaration" - }, - "markdownDescription": "A list that defines the pipeline variables for a pipeline resource. Variable names can have alphanumeric and underscore characters, and the values must match `[A-Za-z0-9@\\-_]+` .", - "title": "Variables", + "markdownDescription": "A complex type that contains zero or more `Tag` elements.", + "title": "Tags", "type": "array" } }, "required": [ - "RoleArn", - "Stages" + "DistributionConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodePipeline::Pipeline" + "AWS::CloudFront::Distribution" ], "type": "string" }, @@ -43977,740 +49451,1084 @@ ], "type": "object" }, - "AWS::CodePipeline::Pipeline.ActionDeclaration": { + "AWS::CloudFront::Distribution.CacheBehavior": { "additionalProperties": false, "properties": { - "ActionTypeId": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.ActionTypeId", - "markdownDescription": "Specifies the action type and the provider of the action.", - "title": "ActionTypeId" + "AllowedMethods": { + "items": { + "type": "string" + }, + "markdownDescription": "A complex type that controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin. There are three choices:\n\n- CloudFront forwards only `GET` and `HEAD` requests.\n- CloudFront forwards only `GET` , `HEAD` , and `OPTIONS` requests.\n- CloudFront forwards `GET, HEAD, OPTIONS, PUT, PATCH, POST` , and `DELETE` requests.\n\nIf you pick the third choice, you may need to restrict access to your Amazon S3 bucket or to your custom origin so users can't perform operations that you don't want them to. For example, you might not want users to have permissions to delete objects from your origin.", + "title": "AllowedMethods", + "type": "array" }, - "Configuration": { - "markdownDescription": "The action's configuration. These are key-value pairs that specify input values for an action. For more information, see [Action Structure Requirements in CodePipeline](https://docs.aws.amazon.com/codepipeline/latest/userguide/reference-pipeline-structure.html#action-requirements) . For the list of configuration properties for the AWS CloudFormation action type in CodePipeline, see [Configuration Properties Reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/continuous-delivery-codepipeline-action-reference.html) in the *AWS CloudFormation User Guide* . For template snippets with examples, see [Using Parameter Override Functions with CodePipeline Pipelines](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/continuous-delivery-codepipeline-parameter-override-functions.html) in the *AWS CloudFormation User Guide* .\n\nThe values can be represented in either JSON or YAML format. For example, the JSON configuration item format is as follows:\n\n*JSON:*\n\n`\"Configuration\" : { Key : Value },`", - "title": "Configuration", - "type": "object" + "CachePolicyId": { + "markdownDescription": "The unique identifier of the cache policy that is attached to this cache behavior. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nA `CacheBehavior` must include either a `CachePolicyId` or `ForwardedValues` . We recommend that you use a `CachePolicyId` .", + "title": "CachePolicyId", + "type": "string" }, - "InputArtifacts": { + "CachedMethods": { "items": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.InputArtifact" + "type": "string" }, - "markdownDescription": "The name or ID of the artifact consumed by the action, such as a test or build artifact. While the field is not a required parameter, most actions have an action configuration that requires a specified quantity of input artifacts. To refer to the action configuration specification by action provider, see the [Action structure reference](https://docs.aws.amazon.com/codepipeline/latest/userguide/action-reference.html) in the *AWS CodePipeline User Guide* .\n\n> For a CodeBuild action with multiple input artifacts, one of your input sources must be designated the PrimarySource. For more information, see the [CodeBuild action reference page](https://docs.aws.amazon.com/codepipeline/latest/userguide/action-reference-CodeBuild.html) in the *AWS CodePipeline User Guide* .", - "title": "InputArtifacts", + "markdownDescription": "A complex type that controls whether CloudFront caches the response to requests using the specified HTTP methods. There are two choices:\n\n- CloudFront caches responses to `GET` and `HEAD` requests.\n- CloudFront caches responses to `GET` , `HEAD` , and `OPTIONS` requests.\n\nIf you pick the second choice for your Amazon S3 Origin, you may need to forward Access-Control-Request-Method, Access-Control-Request-Headers, and Origin headers for the responses to be cached correctly.", + "title": "CachedMethods", "type": "array" }, - "Name": { - "markdownDescription": "The action declaration's name.", - "title": "Name", - "type": "string" + "Compress": { + "markdownDescription": "Whether you want CloudFront to automatically compress certain files for this cache behavior. If so, specify true; if not, specify false. For more information, see [Serving Compressed Files](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/ServingCompressedFiles.html) in the *Amazon CloudFront Developer Guide* .", + "title": "Compress", + "type": "boolean" }, - "Namespace": { - "markdownDescription": "The variable namespace associated with the action. All variables produced as output by this action fall under this namespace.", - "title": "Namespace", + "DefaultTTL": { + "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThis field is deprecated. We recommend that you use the `DefaultTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe default amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin does not add HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", + "title": "DefaultTTL", + "type": "number" + }, + "FieldLevelEncryptionId": { + "markdownDescription": "The value of `ID` for the field-level encryption configuration that you want CloudFront to use for encrypting specific fields of data for this cache behavior.", + "title": "FieldLevelEncryptionId", "type": "string" }, - "OutputArtifacts": { + "ForwardedValues": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.ForwardedValues", + "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field. For more information, see [Working with policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/working-with-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to include values in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send values to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) or [Using the managed origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nA `CacheBehavior` must include either a `CachePolicyId` or `ForwardedValues` . We recommend that you use a `CachePolicyId` .\n\nA complex type that specifies how CloudFront handles query strings, cookies, and HTTP headers.", + "title": "ForwardedValues" + }, + "FunctionAssociations": { "items": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.OutputArtifact" + "$ref": "#/definitions/AWS::CloudFront::Distribution.FunctionAssociation" }, - "markdownDescription": "The name or ID of the result of the action declaration, such as a test or build artifact. While the field is not a required parameter, most actions have an action configuration that requires a specified quantity of output artifacts. To refer to the action configuration specification by action provider, see the [Action structure reference](https://docs.aws.amazon.com/codepipeline/latest/userguide/action-reference.html) in the *AWS CodePipeline User Guide* .", - "title": "OutputArtifacts", + "markdownDescription": "A list of CloudFront functions that are associated with this cache behavior. CloudFront functions must be published to the `LIVE` stage to associate them with a cache behavior.", + "title": "FunctionAssociations", "type": "array" }, - "Region": { - "markdownDescription": "The action declaration's AWS Region, such as us-east-1.", - "title": "Region", - "type": "string" + "GrpcConfig": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.GrpcConfig", + "markdownDescription": "The gRPC configuration for your cache behavior.", + "title": "GrpcConfig" }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM service role that performs the declared action. This is assumed through the roleArn for the pipeline.", - "title": "RoleArn", - "type": "string" + "LambdaFunctionAssociations": { + "items": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.LambdaFunctionAssociation" + }, + "markdownDescription": "A complex type that contains zero or more Lambda@Edge function associations for a cache behavior.", + "title": "LambdaFunctionAssociations", + "type": "array" }, - "RunOrder": { - "markdownDescription": "The order in which actions are run.", - "title": "RunOrder", + "MaxTTL": { + "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThis field is deprecated. We recommend that you use the `MaxTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe maximum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin adds HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", + "title": "MaxTTL", "type": "number" }, - "TimeoutInMinutes": { - "markdownDescription": "A timeout duration in minutes that can be applied against the ActionType\u2019s default timeout value specified in [Quotas for AWS CodePipeline](https://docs.aws.amazon.com/codepipeline/latest/userguide/limits.html) . This attribute is available only to the manual approval ActionType.", - "title": "TimeoutInMinutes", + "MinTTL": { + "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThis field is deprecated. We recommend that you use the `MinTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe minimum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .\n\nYou must specify `0` for `MinTTL` if you configure CloudFront to forward all headers to your origin (under `Headers` , if you specify `1` for `Quantity` and `*` for `Name` ).", + "title": "MinTTL", "type": "number" - } - }, - "required": [ - "ActionTypeId", - "Name" - ], - "type": "object" - }, - "AWS::CodePipeline::Pipeline.ActionTypeId": { - "additionalProperties": false, - "properties": { - "Category": { - "markdownDescription": "A category defines what kind of action can be taken in the stage, and constrains the provider type for the action. Valid categories are limited to one of the values below.\n\n- `Source`\n- `Build`\n- `Test`\n- `Deploy`\n- `Invoke`\n- `Approval`\n- `Compute`", - "title": "Category", + }, + "OriginRequestPolicyId": { + "markdownDescription": "The unique identifier of the origin request policy that is attached to this cache behavior. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) or [Using the managed origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginRequestPolicyId", "type": "string" }, - "Owner": { - "markdownDescription": "The creator of the action being called. There are three valid values for the `Owner` field in the action category section within your pipeline structure: `AWS` , `ThirdParty` , and `Custom` . For more information, see [Valid Action Types and Providers in CodePipeline](https://docs.aws.amazon.com/codepipeline/latest/userguide/reference-pipeline-structure.html#actions-valid-providers) .", - "title": "Owner", + "PathPattern": { + "markdownDescription": "The pattern (for example, `images/*.jpg` ) that specifies which requests to apply the behavior to. When CloudFront receives a viewer request, the requested path is compared with path patterns in the order in which cache behaviors are listed in the distribution.\n\n> You can optionally include a slash ( `/` ) at the beginning of the path pattern. For example, `/images/*.jpg` . CloudFront behavior is the same with or without the leading `/` . \n\nThe path pattern for the default cache behavior is `*` and cannot be changed. If the request for an object does not match the path pattern for any cache behaviors, CloudFront applies the behavior in the default cache behavior.\n\nFor more information, see [Path Pattern](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesPathPattern) in the *Amazon CloudFront Developer Guide* .", + "title": "PathPattern", "type": "string" }, - "Provider": { - "markdownDescription": "The provider of the service being called by the action. Valid providers are determined by the action category. For example, an action in the Deploy category type might have a provider of CodeDeploy, which would be specified as `CodeDeploy` . For more information, see [Valid Action Types and Providers in CodePipeline](https://docs.aws.amazon.com/codepipeline/latest/userguide/reference-pipeline-structure.html#actions-valid-providers) .", - "title": "Provider", + "RealtimeLogConfigArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the real-time log configuration that is attached to this cache behavior. For more information, see [Real-time logs](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html) in the *Amazon CloudFront Developer Guide* .", + "title": "RealtimeLogConfigArn", "type": "string" }, - "Version": { - "markdownDescription": "A string that describes the action version.", - "title": "Version", + "ResponseHeadersPolicyId": { + "markdownDescription": "The identifier for a response headers policy.", + "title": "ResponseHeadersPolicyId", "type": "string" - } - }, - "required": [ - "Category", - "Owner", - "Provider", - "Version" - ], - "type": "object" - }, - "AWS::CodePipeline::Pipeline.ArtifactStore": { - "additionalProperties": false, - "properties": { - "EncryptionKey": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.EncryptionKey", - "markdownDescription": "The encryption key used to encrypt the data in the artifact store, such as an AWS Key Management Service ( AWS KMS) key. If this is undefined, the default key for Amazon S3 is used. To see an example artifact store encryption key field, see the example structure here: [AWS::CodePipeline::Pipeline](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codepipeline-pipeline.html) .", - "title": "EncryptionKey" }, - "Location": { - "markdownDescription": "The S3 bucket used for storing the artifacts for a pipeline. You can specify the name of an S3 bucket but not a folder in the bucket. A folder to contain the pipeline artifacts is created for you based on the name of the pipeline. You can use any S3 bucket in the same AWS Region as the pipeline to store your pipeline artifacts.", - "title": "Location", + "SmoothStreaming": { + "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nIndicates whether you want to distribute media files in the Microsoft Smooth Streaming format using the origin that is associated with this cache behavior. If so, specify `true` ; if not, specify `false` . If you specify `true` for `SmoothStreaming` , you can still distribute other content using this cache behavior if the content matches the value of `PathPattern` .", + "title": "SmoothStreaming", + "type": "boolean" + }, + "TargetOriginId": { + "markdownDescription": "The value of `ID` for the origin that you want CloudFront to route requests to when they match this cache behavior.", + "title": "TargetOriginId", "type": "string" }, - "Type": { - "markdownDescription": "The type of the artifact store, such as S3.", - "title": "Type", + "TrustedKeyGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of key groups that CloudFront can use to validate signed URLs or signed cookies.\n\nWhen a cache behavior contains trusted key groups, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with a private key whose corresponding public key is in the key group. The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", + "title": "TrustedKeyGroups", + "type": "array" + }, + "TrustedSigners": { + "items": { + "type": "string" + }, + "markdownDescription": "> We recommend using `TrustedKeyGroups` instead of `TrustedSigners` . > This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nA list of AWS account IDs whose public keys CloudFront can use to validate signed URLs or signed cookies.\n\nWhen a cache behavior contains trusted signers, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with the private key of a CloudFront key pair in the trusted signer's AWS account . The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", + "title": "TrustedSigners", + "type": "array" + }, + "ViewerProtocolPolicy": { + "markdownDescription": "The protocol that viewers can use to access the files in the origin specified by `TargetOriginId` when a request matches the path pattern in `PathPattern` . You can specify the following options:\n\n- `allow-all` : Viewers can use HTTP or HTTPS.\n- `redirect-to-https` : If a viewer submits an HTTP request, CloudFront returns an HTTP status code of 301 (Moved Permanently) to the viewer along with the HTTPS URL. The viewer then resubmits the request using the new URL.\n- `https-only` : If a viewer sends an HTTP request, CloudFront returns an HTTP status code of 403 (Forbidden).\n\nFor more information about requiring the HTTPS protocol, see [Requiring HTTPS Between Viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-https-viewers-to-cloudfront.html) in the *Amazon CloudFront Developer Guide* .\n\n> The only way to guarantee that viewers retrieve an object that was fetched from the origin using HTTPS is never to use any other protocol to fetch the object. If you have recently changed from HTTP to HTTPS, we recommend that you clear your objects' cache because cached objects are protocol agnostic. That means that an edge location will return an object from the cache regardless of whether the current request protocol matches the protocol used previously. For more information, see [Managing Cache Expiration](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", + "title": "ViewerProtocolPolicy", "type": "string" } }, "required": [ - "Location", - "Type" + "PathPattern", + "TargetOriginId", + "ViewerProtocolPolicy" ], "type": "object" }, - "AWS::CodePipeline::Pipeline.ArtifactStoreMap": { + "AWS::CloudFront::Distribution.Cookies": { "additionalProperties": false, "properties": { - "ArtifactStore": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.ArtifactStore", - "markdownDescription": "Represents information about the S3 bucket where artifacts are stored for the pipeline.\n\n> You must include either `artifactStore` or `artifactStores` in your pipeline, but you cannot use both. If you create a cross-region action in your pipeline, you must use `artifactStores` .", - "title": "ArtifactStore" - }, - "Region": { - "markdownDescription": "The action declaration's AWS Region, such as us-east-1.", - "title": "Region", + "Forward": { + "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include cookies in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send cookies to the origin but not include them in the cache key, use origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nSpecifies which cookies to forward to the origin for this cache behavior: all, none, or the list of cookies specified in the `WhitelistedNames` complex type.\n\nAmazon S3 doesn't process cookies. When the cache behavior is forwarding requests to an Amazon S3 origin, specify none for the `Forward` element.", + "title": "Forward", "type": "string" + }, + "WhitelistedNames": { + "items": { + "type": "string" + }, + "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include cookies in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send cookies to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nRequired if you specify `whitelist` for the value of `Forward` . A complex type that specifies how many different cookies you want CloudFront to forward to the origin for this cache behavior and, if you want to forward selected cookies, the names of those cookies.\n\nIf you specify `all` or `none` for the value of `Forward` , omit `WhitelistedNames` . If you change the value of `Forward` from `whitelist` to `all` or `none` and you don't delete the `WhitelistedNames` element and its child elements, CloudFront deletes them automatically.\n\nFor the current limit on the number of cookie names that you can whitelist for each cache behavior, see [CloudFront Limits](https://docs.aws.amazon.com/general/latest/gr/xrefaws_service_limits.html#limits_cloudfront) in the *AWS General Reference* .", + "title": "WhitelistedNames", + "type": "array" } }, "required": [ - "ArtifactStore", - "Region" + "Forward" ], "type": "object" }, - "AWS::CodePipeline::Pipeline.BlockerDeclaration": { + "AWS::CloudFront::Distribution.CustomErrorResponse": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "Reserved for future use.", - "title": "Name", - "type": "string" + "ErrorCachingMinTTL": { + "markdownDescription": "The minimum amount of time, in seconds, that you want CloudFront to cache the HTTP status code specified in `ErrorCode` . When this time period has elapsed, CloudFront queries your origin to see whether the problem that caused the error has been resolved and the requested object is now available.\n\nFor more information, see [Customizing Error Responses](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/custom-error-pages.html) in the *Amazon CloudFront Developer Guide* .", + "title": "ErrorCachingMinTTL", + "type": "number" }, - "Type": { - "markdownDescription": "Reserved for future use.", - "title": "Type", + "ErrorCode": { + "markdownDescription": "The HTTP status code for which you want to specify a custom error page and/or a caching duration.", + "title": "ErrorCode", + "type": "number" + }, + "ResponseCode": { + "markdownDescription": "The HTTP status code that you want CloudFront to return to the viewer along with the custom error page. There are a variety of reasons that you might want CloudFront to return a status code different from the status code that your origin returned to CloudFront, for example:\n\n- Some Internet devices (some firewalls and corporate proxies, for example) intercept HTTP 4xx and 5xx and prevent the response from being returned to the viewer. If you substitute `200` , the response typically won't be intercepted.\n- If you don't care about distinguishing among different client errors or server errors, you can specify `400` or `500` as the `ResponseCode` for all 4xx or 5xx errors.\n- You might want to return a `200` status code (OK) and static website so your customers don't know that your website is down.\n\nIf you specify a value for `ResponseCode` , you must also specify a value for `ResponsePagePath` .", + "title": "ResponseCode", + "type": "number" + }, + "ResponsePagePath": { + "markdownDescription": "The path to the custom error page that you want CloudFront to return to a viewer when your origin returns the HTTP status code specified by `ErrorCode` , for example, `/4xx-errors/403-forbidden.html` . If you want to store your objects and your custom error pages in different locations, your distribution must include a cache behavior for which the following is true:\n\n- The value of `PathPattern` matches the path to your custom error messages. For example, suppose you saved custom error pages for 4xx errors in an Amazon S3 bucket in a directory named `/4xx-errors` . Your distribution must include a cache behavior for which the path pattern routes requests for your custom error pages to that location, for example, `/4xx-errors/*` .\n- The value of `TargetOriginId` specifies the value of the `ID` element for the origin that contains your custom error pages.\n\nIf you specify a value for `ResponsePagePath` , you must also specify a value for `ResponseCode` .\n\nWe recommend that you store custom error pages in an Amazon S3 bucket. If you store custom error pages on an HTTP server and the server starts to return 5xx errors, CloudFront can't get the files that you want to return to viewers because the origin server is unavailable.", + "title": "ResponsePagePath", "type": "string" } }, "required": [ - "Name", - "Type" + "ErrorCode" ], "type": "object" }, - "AWS::CodePipeline::Pipeline.EncryptionKey": { + "AWS::CloudFront::Distribution.CustomOriginConfig": { "additionalProperties": false, "properties": { - "Id": { - "markdownDescription": "The ID used to identify the key. For an AWS KMS key, you can use the key ID, the key ARN, or the alias ARN.\n\n> Aliases are recognized only in the account that created the AWS KMS key. For cross-account actions, you can only use the key ID or key ARN to identify the key. Cross-account actions involve using the role from the other account (AccountB), so specifying the key ID will use the key from the other account (AccountB).", - "title": "Id", - "type": "string" + "HTTPPort": { + "markdownDescription": "The HTTP port that CloudFront uses to connect to the origin. Specify the HTTP port that the origin listens on.", + "title": "HTTPPort", + "type": "number" }, - "Type": { - "markdownDescription": "The type of encryption key, such as an AWS KMS key. When creating or updating a pipeline, the value must be set to 'KMS'.", - "title": "Type", + "HTTPSPort": { + "markdownDescription": "The HTTPS port that CloudFront uses to connect to the origin. Specify the HTTPS port that the origin listens on.", + "title": "HTTPSPort", + "type": "number" + }, + "OriginKeepaliveTimeout": { + "markdownDescription": "Specifies how long, in seconds, CloudFront persists its connection to the origin. The minimum timeout is 1 second, the maximum is 120 seconds, and the default (if you don't specify otherwise) is 5 seconds.\n\nFor more information, see [Keep-alive timeout (custom origins only)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DownloadDistValuesOrigin.html#DownloadDistValuesOriginKeepaliveTimeout) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginKeepaliveTimeout", + "type": "number" + }, + "OriginProtocolPolicy": { + "markdownDescription": "Specifies the protocol (HTTP or HTTPS) that CloudFront uses to connect to the origin. Valid values are:\n\n- `http-only` \u2013 CloudFront always uses HTTP to connect to the origin.\n- `match-viewer` \u2013 CloudFront connects to the origin using the same protocol that the viewer used to connect to CloudFront.\n- `https-only` \u2013 CloudFront always uses HTTPS to connect to the origin.", + "title": "OriginProtocolPolicy", "type": "string" + }, + "OriginReadTimeout": { + "markdownDescription": "Specifies how long, in seconds, CloudFront waits for a response from the origin. This is also known as the *origin response timeout* . The minimum timeout is 1 second, the maximum is 120 seconds, and the default (if you don't specify otherwise) is 30 seconds.\n\nFor more information, see [Response timeout (custom origins only)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DownloadDistValuesOrigin.html#DownloadDistValuesOriginResponseTimeout) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginReadTimeout", + "type": "number" + }, + "OriginSSLProtocols": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the minimum SSL/TLS protocol that CloudFront uses when connecting to your origin over HTTPS. Valid values include `SSLv3` , `TLSv1` , `TLSv1.1` , and `TLSv1.2` .\n\nFor more information, see [Minimum Origin SSL Protocol](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DownloadDistValuesOrigin.html#DownloadDistValuesOriginSSLProtocols) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginSSLProtocols", + "type": "array" } }, "required": [ - "Id", - "Type" + "OriginProtocolPolicy" ], "type": "object" }, - "AWS::CodePipeline::Pipeline.GitBranchFilterCriteria": { + "AWS::CloudFront::Distribution.DefaultCacheBehavior": { "additionalProperties": false, "properties": { - "Excludes": { + "AllowedMethods": { "items": { "type": "string" }, - "markdownDescription": "The list of patterns of Git branches that, when a commit is pushed, are to be excluded from starting the pipeline.", - "title": "Excludes", + "markdownDescription": "A complex type that controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin. There are three choices:\n\n- CloudFront forwards only `GET` and `HEAD` requests.\n- CloudFront forwards only `GET` , `HEAD` , and `OPTIONS` requests.\n- CloudFront forwards `GET, HEAD, OPTIONS, PUT, PATCH, POST` , and `DELETE` requests.\n\nIf you pick the third choice, you may need to restrict access to your Amazon S3 bucket or to your custom origin so users can't perform operations that you don't want them to. For example, you might not want users to have permissions to delete objects from your origin.", + "title": "AllowedMethods", "type": "array" }, - "Includes": { + "CachePolicyId": { + "markdownDescription": "The unique identifier of the cache policy that is attached to the default cache behavior. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nA `DefaultCacheBehavior` must include either a `CachePolicyId` or `ForwardedValues` . We recommend that you use a `CachePolicyId` .", + "title": "CachePolicyId", + "type": "string" + }, + "CachedMethods": { "items": { "type": "string" }, - "markdownDescription": "The list of patterns of Git branches that, when a commit is pushed, are to be included as criteria that starts the pipeline.", - "title": "Includes", + "markdownDescription": "A complex type that controls whether CloudFront caches the response to requests using the specified HTTP methods. There are two choices:\n\n- CloudFront caches responses to `GET` and `HEAD` requests.\n- CloudFront caches responses to `GET` , `HEAD` , and `OPTIONS` requests.\n\nIf you pick the second choice for your Amazon S3 Origin, you may need to forward Access-Control-Request-Method, Access-Control-Request-Headers, and Origin headers for the responses to be cached correctly.", + "title": "CachedMethods", "type": "array" - } - }, - "type": "object" - }, - "AWS::CodePipeline::Pipeline.GitConfiguration": { - "additionalProperties": false, - "properties": { - "PullRequest": { + }, + "Compress": { + "markdownDescription": "Whether you want CloudFront to automatically compress certain files for this cache behavior. If so, specify `true` ; if not, specify `false` . For more information, see [Serving Compressed Files](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/ServingCompressedFiles.html) in the *Amazon CloudFront Developer Guide* .", + "title": "Compress", + "type": "boolean" + }, + "DefaultTTL": { + "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThis field is deprecated. We recommend that you use the `DefaultTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe default amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin does not add HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", + "title": "DefaultTTL", + "type": "number" + }, + "FieldLevelEncryptionId": { + "markdownDescription": "The value of `ID` for the field-level encryption configuration that you want CloudFront to use for encrypting specific fields of data for the default cache behavior.", + "title": "FieldLevelEncryptionId", + "type": "string" + }, + "ForwardedValues": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.ForwardedValues", + "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field. For more information, see [Working with policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/working-with-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to include values in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send values to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) or [Using the managed origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nA `DefaultCacheBehavior` must include either a `CachePolicyId` or `ForwardedValues` . We recommend that you use a `CachePolicyId` .\n\nA complex type that specifies how CloudFront handles query strings, cookies, and HTTP headers.", + "title": "ForwardedValues" + }, + "FunctionAssociations": { "items": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitPullRequestFilter" + "$ref": "#/definitions/AWS::CloudFront::Distribution.FunctionAssociation" }, - "markdownDescription": "The field where the repository event that will start the pipeline is specified as pull requests.", - "title": "PullRequest", + "markdownDescription": "A list of CloudFront functions that are associated with this cache behavior. Your functions must be published to the `LIVE` stage to associate them with a cache behavior.", + "title": "FunctionAssociations", "type": "array" }, - "Push": { + "GrpcConfig": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.GrpcConfig", + "markdownDescription": "The gRPC configuration for your cache behavior.", + "title": "GrpcConfig" + }, + "LambdaFunctionAssociations": { "items": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitPushFilter" + "$ref": "#/definitions/AWS::CloudFront::Distribution.LambdaFunctionAssociation" }, - "markdownDescription": "The field where the repository event that will start the pipeline, such as pushing Git tags, is specified with details.", - "title": "Push", + "markdownDescription": "A complex type that contains zero or more Lambda@Edge function associations for a cache behavior.", + "title": "LambdaFunctionAssociations", "type": "array" }, - "SourceActionName": { - "markdownDescription": "The name of the pipeline source action where the trigger configuration, such as Git tags, is specified. The trigger configuration will start the pipeline upon the specified change only.\n\n> You can only specify one trigger configuration per source action.", - "title": "SourceActionName", + "MaxTTL": { + "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThis field is deprecated. We recommend that you use the `MaxTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe maximum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin adds HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", + "title": "MaxTTL", + "type": "number" + }, + "MinTTL": { + "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThis field is deprecated. We recommend that you use the `MinTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe minimum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .\n\nYou must specify `0` for `MinTTL` if you configure CloudFront to forward all headers to your origin (under `Headers` , if you specify `1` for `Quantity` and `*` for `Name` ).", + "title": "MinTTL", + "type": "number" + }, + "OriginRequestPolicyId": { + "markdownDescription": "The unique identifier of the origin request policy that is attached to the default cache behavior. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) or [Using the managed origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginRequestPolicyId", + "type": "string" + }, + "RealtimeLogConfigArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the real-time log configuration that is attached to this cache behavior. For more information, see [Real-time logs](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html) in the *Amazon CloudFront Developer Guide* .", + "title": "RealtimeLogConfigArn", + "type": "string" + }, + "ResponseHeadersPolicyId": { + "markdownDescription": "The identifier for a response headers policy.", + "title": "ResponseHeadersPolicyId", + "type": "string" + }, + "SmoothStreaming": { + "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nIndicates whether you want to distribute media files in the Microsoft Smooth Streaming format using the origin that is associated with this cache behavior. If so, specify `true` ; if not, specify `false` . If you specify `true` for `SmoothStreaming` , you can still distribute other content using this cache behavior if the content matches the value of `PathPattern` .", + "title": "SmoothStreaming", + "type": "boolean" + }, + "TargetOriginId": { + "markdownDescription": "The value of `ID` for the origin that you want CloudFront to route requests to when they use the default cache behavior.", + "title": "TargetOriginId", + "type": "string" + }, + "TrustedKeyGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of key groups that CloudFront can use to validate signed URLs or signed cookies.\n\nWhen a cache behavior contains trusted key groups, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with a private key whose corresponding public key is in the key group. The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", + "title": "TrustedKeyGroups", + "type": "array" + }, + "TrustedSigners": { + "items": { + "type": "string" + }, + "markdownDescription": "> We recommend using `TrustedKeyGroups` instead of `TrustedSigners` . > This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nA list of AWS account IDs whose public keys CloudFront can use to validate signed URLs or signed cookies.\n\nWhen a cache behavior contains trusted signers, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with the private key of a CloudFront key pair in a trusted signer's AWS account . The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", + "title": "TrustedSigners", + "type": "array" + }, + "ViewerProtocolPolicy": { + "markdownDescription": "The protocol that viewers can use to access the files in the origin specified by `TargetOriginId` when a request matches the path pattern in `PathPattern` . You can specify the following options:\n\n- `allow-all` : Viewers can use HTTP or HTTPS.\n- `redirect-to-https` : If a viewer submits an HTTP request, CloudFront returns an HTTP status code of 301 (Moved Permanently) to the viewer along with the HTTPS URL. The viewer then resubmits the request using the new URL.\n- `https-only` : If a viewer sends an HTTP request, CloudFront returns an HTTP status code of 403 (Forbidden).\n\nFor more information about requiring the HTTPS protocol, see [Requiring HTTPS Between Viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-https-viewers-to-cloudfront.html) in the *Amazon CloudFront Developer Guide* .\n\n> The only way to guarantee that viewers retrieve an object that was fetched from the origin using HTTPS is never to use any other protocol to fetch the object. If you have recently changed from HTTP to HTTPS, we recommend that you clear your objects' cache because cached objects are protocol agnostic. That means that an edge location will return an object from the cache regardless of whether the current request protocol matches the protocol used previously. For more information, see [Managing Cache Expiration](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", + "title": "ViewerProtocolPolicy", "type": "string" } }, "required": [ - "SourceActionName" + "TargetOriginId", + "ViewerProtocolPolicy" ], "type": "object" }, - "AWS::CodePipeline::Pipeline.GitFilePathFilterCriteria": { + "AWS::CloudFront::Distribution.Definition": { "additionalProperties": false, "properties": { - "Excludes": { + "StringSchema": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.StringSchema", + "markdownDescription": "", + "title": "StringSchema" + } + }, + "type": "object" + }, + "AWS::CloudFront::Distribution.DistributionConfig": { + "additionalProperties": false, + "properties": { + "Aliases": { "items": { "type": "string" }, - "markdownDescription": "The list of patterns of Git repository file paths that, when a commit is pushed, are to be excluded from starting the pipeline.", - "title": "Excludes", + "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nA complex type that contains information about CNAMEs (alternate domain names), if any, for this distribution.", + "title": "Aliases", "type": "array" }, - "Includes": { + "AnycastIpListId": { + "markdownDescription": "> To use this field for a multi-tenant distribution, use a connection group instead. For more information, see [ConnectionGroup](https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ConnectionGroup.html) . \n\nID of the Anycast static IP list that is associated with the distribution.", + "title": "AnycastIpListId", + "type": "string" + }, + "CNAMEs": { "items": { "type": "string" }, - "markdownDescription": "The list of patterns of Git repository file paths that, when a commit is pushed, are to be included as criteria that starts the pipeline.", - "title": "Includes", + "markdownDescription": "An alias for the CloudFront distribution's domain name.\n\n> This property is legacy. We recommend that you use [Aliases](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-distributionconfig.html#cfn-cloudfront-distribution-distributionconfig-aliases) instead.", + "title": "CNAMEs", + "type": "array" + }, + "CacheBehaviors": { + "items": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.CacheBehavior" + }, + "markdownDescription": "A complex type that contains zero or more `CacheBehavior` elements.", + "title": "CacheBehaviors", + "type": "array" + }, + "Comment": { + "markdownDescription": "A comment to describe the distribution. The comment cannot be longer than 128 characters.", + "title": "Comment", + "type": "string" + }, + "ConnectionMode": { + "markdownDescription": "This field specifies whether the connection mode is through a standard distribution (direct) or a multi-tenant distribution with distribution tenants (tenant-only).", + "title": "ConnectionMode", + "type": "string" + }, + "ContinuousDeploymentPolicyId": { + "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThe identifier of a continuous deployment policy. For more information, see `CreateContinuousDeploymentPolicy` .", + "title": "ContinuousDeploymentPolicyId", + "type": "string" + }, + "CustomErrorResponses": { + "items": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.CustomErrorResponse" + }, + "markdownDescription": "A complex type that controls the following:\n\n- Whether CloudFront replaces HTTP status codes in the 4xx and 5xx range with custom error messages before returning the response to the viewer.\n- How long CloudFront caches HTTP status codes in the 4xx and 5xx range.\n\nFor more information about custom error pages, see [Customizing Error Responses](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/custom-error-pages.html) in the *Amazon CloudFront Developer Guide* .", + "title": "CustomErrorResponses", + "type": "array" + }, + "CustomOrigin": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.LegacyCustomOrigin", + "markdownDescription": "The user-defined HTTP server that serves as the origin for content that CloudFront distributes.\n\n> This property is legacy. We recommend that you use [Origin](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-origin.html) instead.", + "title": "CustomOrigin" + }, + "DefaultCacheBehavior": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.DefaultCacheBehavior", + "markdownDescription": "A complex type that describes the default cache behavior if you don't specify a `CacheBehavior` element or if files don't match any of the values of `PathPattern` in `CacheBehavior` elements. You must create exactly one default cache behavior.", + "title": "DefaultCacheBehavior" + }, + "DefaultRootObject": { + "markdownDescription": "When a viewer requests the root URL for your distribution, the default root object is the object that you want CloudFront to request from your origin. For example, if your root URL is `https://www.example.com` , you can specify CloudFront to return the `index.html` file as the default root object. You can specify a default root object so that viewers see a specific file or object, instead of another object in your distribution (for example, `https://www.example.com/product-description.html` ). A default root object avoids exposing the contents of your distribution.\n\nYou can specify the object name or a path to the object name (for example, `index.html` or `exampleFolderName/index.html` ). Your string can't begin with a forward slash ( `/` ). Only specify the object name or the path to the object.\n\nIf you don't want to specify a default root object when you create a distribution, include an empty `DefaultRootObject` element.\n\nTo delete the default root object from an existing distribution, update the distribution configuration and include an empty `DefaultRootObject` element.\n\nTo replace the default root object, update the distribution configuration and specify the new object.\n\nFor more information about the default root object, see [Specify a default root object](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DefaultRootObject.html) in the *Amazon CloudFront Developer Guide* .", + "title": "DefaultRootObject", + "type": "string" + }, + "Enabled": { + "markdownDescription": "From this field, you can enable or disable the selected distribution.", + "title": "Enabled", + "type": "boolean" + }, + "HttpVersion": { + "markdownDescription": "(Optional) Specify the HTTP version(s) that you want viewers to use to communicate with CloudFront . The default value for new distributions is `http1.1` .\n\nFor viewers and CloudFront to use HTTP/2, viewers must support TLSv1.2 or later, and must support Server Name Indication (SNI).\n\nFor viewers and CloudFront to use HTTP/3, viewers must support TLSv1.3 and Server Name Indication (SNI). CloudFront supports HTTP/3 connection migration to allow the viewer to switch networks without losing connection. For more information about connection migration, see [Connection Migration](https://docs.aws.amazon.com/https://www.rfc-editor.org/rfc/rfc9000.html#name-connection-migration) at RFC 9000. For more information about supported TLSv1.3 ciphers, see [Supported protocols and ciphers between viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/secure-connections-supported-viewer-protocols-ciphers.html) .", + "title": "HttpVersion", + "type": "string" + }, + "IPV6Enabled": { + "markdownDescription": "> To use this field for a multi-tenant distribution, use a connection group instead. For more information, see [ConnectionGroup](https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ConnectionGroup.html) . \n\nIf you want CloudFront to respond to IPv6 DNS requests with an IPv6 address for your distribution, specify `true` . If you specify `false` , CloudFront responds to IPv6 DNS requests with the DNS response code `NOERROR` and with no IP addresses. This allows viewers to submit a second request, for an IPv4 address for your distribution.\n\nIn general, you should enable IPv6 if you have users on IPv6 networks who want to access your content. However, if you're using signed URLs or signed cookies to restrict access to your content, and if you're using a custom policy that includes the `IpAddress` parameter to restrict the IP addresses that can access your content, don't enable IPv6. If you want to restrict access to some content by IP address and not restrict access to other content (or restrict access but not by IP address), you can create two distributions. For more information, see [Creating a Signed URL Using a Custom Policy](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-creating-signed-url-custom-policy.html) in the *Amazon CloudFront Developer Guide* .\n\nIf you're using an Amazon Route\u00a053 AWS Integration alias resource record set to route traffic to your CloudFront distribution, you need to create a second alias resource record set when both of the following are true:\n\n- You enable IPv6 for the distribution\n- You're using alternate domain names in the URLs for your objects\n\nFor more information, see [Routing Traffic to an Amazon CloudFront Web Distribution by Using Your Domain Name](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-to-cloudfront-distribution.html) in the *Amazon Route\u00a053 AWS Integration Developer Guide* .\n\nIf you created a CNAME resource record set, either with Amazon Route\u00a053 AWS Integration or with another DNS service, you don't need to make any changes. A CNAME record will route traffic to your distribution regardless of the IP address format of the viewer request.", + "title": "IPV6Enabled", + "type": "boolean" + }, + "Logging": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.Logging", + "markdownDescription": "A complex type that controls whether access logs are written for the distribution.\n\nFor more information about logging, see [Access Logs](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/AccessLogs.html) in the *Amazon CloudFront Developer Guide* .", + "title": "Logging" + }, + "OriginGroups": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginGroups", + "markdownDescription": "A complex type that contains information about origin groups for this distribution.\n\nSpecify a value for either the `Origins` or `OriginGroups` property.", + "title": "OriginGroups" + }, + "Origins": { + "items": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.Origin" + }, + "markdownDescription": "A complex type that contains information about origins for this distribution.\n\nSpecify a value for either the `Origins` or `OriginGroups` property.", + "title": "Origins", "type": "array" + }, + "PriceClass": { + "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThe price class that corresponds with the maximum price that you want to pay for CloudFront service. If you specify `PriceClass_All` , CloudFront responds to requests for your objects from all CloudFront edge locations.\n\nIf you specify a price class other than `PriceClass_All` , CloudFront serves your objects from the CloudFront edge location that has the lowest latency among the edge locations in your price class. Viewers who are in or near regions that are excluded from your specified price class may encounter slower performance.\n\nFor more information about price classes, see [Choosing the Price Class for a CloudFront Distribution](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PriceClass.html) in the *Amazon CloudFront Developer Guide* . For information about CloudFront pricing, including how price classes (such as Price Class 100) map to CloudFront regions, see [Amazon CloudFront Pricing](https://docs.aws.amazon.com/cloudfront/pricing/) .", + "title": "PriceClass", + "type": "string" + }, + "Restrictions": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.Restrictions", + "markdownDescription": "A complex type that identifies ways in which you want to restrict distribution of your content.", + "title": "Restrictions" + }, + "S3Origin": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.LegacyS3Origin", + "markdownDescription": "The origin as an Amazon S3 bucket.\n\n> This property is legacy. We recommend that you use [Origin](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-origin.html) instead.", + "title": "S3Origin" + }, + "Staging": { + "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nA Boolean that indicates whether this is a staging distribution. When this value is `true` , this is a staging distribution. When this value is `false` , this is not a staging distribution.", + "title": "Staging", + "type": "boolean" + }, + "TenantConfig": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.TenantConfig", + "markdownDescription": "> This field only supports multi-tenant distributions. You can't specify this field for standard distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nA distribution tenant configuration.", + "title": "TenantConfig" + }, + "ViewerCertificate": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.ViewerCertificate", + "markdownDescription": "A complex type that determines the distribution's SSL/TLS configuration for communicating with viewers.", + "title": "ViewerCertificate" + }, + "WebACLId": { + "markdownDescription": "> Multi-tenant distributions only support AWS WAF V2 web ACLs. \n\nA unique identifier that specifies the AWS WAF web ACL, if any, to associate with this distribution. To specify a web ACL created using the latest version of AWS WAF , use the ACL ARN, for example `arn:aws:wafv2:us-east-1:123456789012:global/webacl/ExampleWebACL/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111` . To specify a web ACL created using AWS WAF Classic, use the ACL ID, for example `a1b2c3d4-5678-90ab-cdef-EXAMPLE11111` .\n\nAWS WAF is a web application firewall that lets you monitor the HTTP and HTTPS requests that are forwarded to CloudFront, and lets you control access to your content. Based on conditions that you specify, such as the IP addresses that requests originate from or the values of query strings, CloudFront responds to requests either with the requested content or with an HTTP 403 status code (Forbidden). You can also configure CloudFront to return a custom error page when a request is blocked. For more information about AWS WAF , see the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/what-is-aws-waf.html) .", + "title": "WebACLId", + "type": "string" } }, + "required": [ + "DefaultCacheBehavior", + "Enabled" + ], "type": "object" }, - "AWS::CodePipeline::Pipeline.GitPullRequestFilter": { + "AWS::CloudFront::Distribution.ForwardedValues": { "additionalProperties": false, "properties": { - "Branches": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitBranchFilterCriteria", - "markdownDescription": "The field that specifies to filter on branches for the pull request trigger configuration.", - "title": "Branches" + "Cookies": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.Cookies", + "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include cookies in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send cookies to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nA complex type that specifies whether you want CloudFront to forward cookies to the origin and, if so, which ones. For more information about forwarding cookies to the origin, see [How CloudFront Forwards, Caches, and Logs Cookies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Cookies.html) in the *Amazon CloudFront Developer Guide* .", + "title": "Cookies" }, - "Events": { + "Headers": { "items": { "type": "string" }, - "markdownDescription": "The field that specifies which pull request events to filter on (OPEN, UPDATED, CLOSED) for the trigger configuration.", - "title": "Events", + "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include headers in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send headers to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nA complex type that specifies the `Headers` , if any, that you want CloudFront to forward to the origin for this cache behavior (whitelisted headers). For the headers that you specify, CloudFront also caches separate versions of a specified object that is based on the header values in viewer requests.\n\nFor more information, see [Caching Content Based on Request Headers](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/header-caching.html) in the *Amazon CloudFront Developer Guide* .", + "title": "Headers", "type": "array" }, - "FilePaths": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitFilePathFilterCriteria", - "markdownDescription": "The field that specifies to filter on file paths for the pull request trigger configuration.", - "title": "FilePaths" + "QueryString": { + "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include query strings in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send query strings to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nIndicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior and cache based on the query string parameters. CloudFront behavior depends on the value of `QueryString` and on the values that you specify for `QueryStringCacheKeys` , if any:\n\nIf you specify true for `QueryString` and you don't specify any values for `QueryStringCacheKeys` , CloudFront forwards all query string parameters to the origin and caches based on all query string parameters. Depending on how many query string parameters and values you have, this can adversely affect performance because CloudFront must forward more requests to the origin.\n\nIf you specify true for `QueryString` and you specify one or more values for `QueryStringCacheKeys` , CloudFront forwards all query string parameters to the origin, but it only caches based on the query string parameters that you specify.\n\nIf you specify false for `QueryString` , CloudFront doesn't forward any query string parameters to the origin, and doesn't cache based on query string parameters.\n\nFor more information, see [Configuring CloudFront to Cache Based on Query String Parameters](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/QueryStringParameters.html) in the *Amazon CloudFront Developer Guide* .", + "title": "QueryString", + "type": "boolean" + }, + "QueryStringCacheKeys": { + "items": { + "type": "string" + }, + "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include query strings in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send query strings to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nA complex type that contains information about the query string parameters that you want CloudFront to use for caching for this cache behavior.", + "title": "QueryStringCacheKeys", + "type": "array" } }, + "required": [ + "QueryString" + ], "type": "object" }, - "AWS::CodePipeline::Pipeline.GitPushFilter": { + "AWS::CloudFront::Distribution.FunctionAssociation": { "additionalProperties": false, "properties": { - "Branches": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitBranchFilterCriteria", - "markdownDescription": "The field that specifies to filter on branches for the push trigger configuration.", - "title": "Branches" - }, - "FilePaths": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitFilePathFilterCriteria", - "markdownDescription": "The field that specifies to filter on file paths for the push trigger configuration.", - "title": "FilePaths" + "EventType": { + "markdownDescription": "The event type of the function, either `viewer-request` or `viewer-response` . You cannot use origin-facing event types ( `origin-request` and `origin-response` ) with a CloudFront function.", + "title": "EventType", + "type": "string" }, - "Tags": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitTagFilterCriteria", - "markdownDescription": "The field that contains the details for the Git tags trigger configuration.", - "title": "Tags" + "FunctionARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the function.", + "title": "FunctionARN", + "type": "string" } }, "type": "object" }, - "AWS::CodePipeline::Pipeline.GitTagFilterCriteria": { + "AWS::CloudFront::Distribution.GeoRestriction": { "additionalProperties": false, "properties": { - "Excludes": { + "Locations": { "items": { "type": "string" }, - "markdownDescription": "The list of patterns of Git tags that, when pushed, are to be excluded from starting the pipeline.", - "title": "Excludes", + "markdownDescription": "A complex type that contains a `Location` element for each country in which you want CloudFront either to distribute your content ( `whitelist` ) or not distribute your content ( `blacklist` ).\n\nThe `Location` element is a two-letter, uppercase country code for a country that you want to include in your `blacklist` or `whitelist` . Include one `Location` element for each country.\n\nCloudFront and `MaxMind` both use `ISO 3166` country codes. For the current list of countries and the corresponding codes, see `ISO 3166-1-alpha-2` code on the *International Organization for Standardization* website. You can also refer to the country list on the CloudFront console, which includes both country names and codes.", + "title": "Locations", "type": "array" }, - "Includes": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of patterns of Git tags that, when pushed, are to be included as criteria that starts the pipeline.", - "title": "Includes", - "type": "array" - } - }, - "type": "object" - }, - "AWS::CodePipeline::Pipeline.InputArtifact": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the artifact to be worked on (for example, \"My App\").\n\nArtifacts are the files that are worked on by actions in the pipeline. See the action configuration for each action for details about artifact parameters. For example, the S3 source action input artifact is a file name (or file path), and the files are generally provided as a ZIP file. Example artifact name: SampleApp_Windows.zip\n\nThe input artifact of an action must exactly match the output artifact declared in a preceding action, but the input artifact does not have to be the next action in strict sequence from the action that provided the output artifact. Actions in parallel can declare different output artifacts, which are in turn consumed by different following actions.", - "title": "Name", + "RestrictionType": { + "markdownDescription": "The method that you want to use to restrict distribution of your content by country:\n\n- `none` : No geo restriction is enabled, meaning access to content is not restricted by client geo location.\n- `blacklist` : The `Location` elements specify the countries in which you don't want CloudFront to distribute your content.\n- `whitelist` : The `Location` elements specify the countries in which you want CloudFront to distribute your content.", + "title": "RestrictionType", "type": "string" } }, "required": [ - "Name" + "RestrictionType" ], "type": "object" }, - "AWS::CodePipeline::Pipeline.OutputArtifact": { + "AWS::CloudFront::Distribution.GrpcConfig": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the output of an artifact, such as \"My App\".\n\nThe output artifact name must exactly match the input artifact declared for a downstream action. However, the downstream action's input artifact does not have to be the next action in strict sequence from the action that provided the output artifact. Actions in parallel can declare different output artifacts, which are in turn consumed by different following actions.\n\nOutput artifact names must be unique within a pipeline.", - "title": "Name", - "type": "string" + "Enabled": { + "markdownDescription": "Enables your CloudFront distribution to receive gRPC requests and to proxy them directly to your origins.", + "title": "Enabled", + "type": "boolean" } }, "required": [ - "Name" + "Enabled" ], "type": "object" }, - "AWS::CodePipeline::Pipeline.PipelineTriggerDeclaration": { + "AWS::CloudFront::Distribution.LambdaFunctionAssociation": { "additionalProperties": false, "properties": { - "GitConfiguration": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitConfiguration", - "markdownDescription": "Provides the filter criteria and the source stage for the repository event that starts the pipeline, such as Git tags.", - "title": "GitConfiguration" + "EventType": { + "markdownDescription": "Specifies the event type that triggers a Lambda@Edge function invocation. You can specify the following values:\n\n- `viewer-request` : The function executes when CloudFront receives a request from a viewer and before it checks to see whether the requested object is in the edge cache.\n- `origin-request` : The function executes only when CloudFront sends a request to your origin. When the requested object is in the edge cache, the function doesn't execute.\n- `origin-response` : The function executes after CloudFront receives a response from the origin and before it caches the object in the response. When the requested object is in the edge cache, the function doesn't execute.\n- `viewer-response` : The function executes before CloudFront returns the requested object to the viewer. The function executes regardless of whether the object was already in the edge cache.\n\nIf the origin returns an HTTP status code other than HTTP 200 (OK), the function doesn't execute.", + "title": "EventType", + "type": "string" }, - "ProviderType": { - "markdownDescription": "The source provider for the event, such as connections configured for a repository with Git tags, for the specified trigger configuration.", - "title": "ProviderType", + "IncludeBody": { + "markdownDescription": "A flag that allows a Lambda@Edge function to have read access to the body content. For more information, see [Accessing the Request Body by Choosing the Include Body Option](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/lambda-include-body-access.html) in the Amazon CloudFront Developer Guide.", + "title": "IncludeBody", + "type": "boolean" + }, + "LambdaFunctionARN": { + "markdownDescription": "The ARN of the Lambda@Edge function. You must specify the ARN of a function version; you can't specify an alias or $LATEST.", + "title": "LambdaFunctionARN", "type": "string" } }, - "required": [ - "ProviderType" - ], "type": "object" }, - "AWS::CodePipeline::Pipeline.StageDeclaration": { + "AWS::CloudFront::Distribution.LegacyCustomOrigin": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.ActionDeclaration" - }, - "markdownDescription": "The actions included in a stage.", - "title": "Actions", - "type": "array" + "DNSName": { + "markdownDescription": "The domain name assigned to your CloudFront distribution.", + "title": "DNSName", + "type": "string" }, - "Blockers": { + "HTTPPort": { + "markdownDescription": "The HTTP port that CloudFront uses to connect to the origin. Specify the HTTP port that the origin listens on.", + "title": "HTTPPort", + "type": "number" + }, + "HTTPSPort": { + "markdownDescription": "The HTTPS port that CloudFront uses to connect to the origin. Specify the HTTPS port that the origin listens on.", + "title": "HTTPSPort", + "type": "number" + }, + "OriginProtocolPolicy": { + "markdownDescription": "Specifies the protocol (HTTP or HTTPS) that CloudFront uses to connect to the origin.", + "title": "OriginProtocolPolicy", + "type": "string" + }, + "OriginSSLProtocols": { "items": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.BlockerDeclaration" + "type": "string" }, - "markdownDescription": "Reserved for future use.", - "title": "Blockers", + "markdownDescription": "The minimum SSL/TLS protocol version that CloudFront uses when communicating with your origin server over HTTPs.\n\nFor more information, see [Minimum Origin SSL Protocol](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginSSLProtocols) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginSSLProtocols", "type": "array" - }, - "Name": { - "markdownDescription": "The name of the stage.", - "title": "Name", - "type": "string" } }, "required": [ - "Actions", - "Name" + "DNSName", + "OriginProtocolPolicy", + "OriginSSLProtocols" ], "type": "object" }, - "AWS::CodePipeline::Pipeline.StageTransition": { + "AWS::CloudFront::Distribution.LegacyS3Origin": { "additionalProperties": false, "properties": { - "Reason": { - "markdownDescription": "The reason given to the user that a stage is disabled, such as waiting for manual approval or manual tests. This message is displayed in the pipeline console UI.", - "title": "Reason", + "DNSName": { + "markdownDescription": "The domain name assigned to your CloudFront distribution.", + "title": "DNSName", "type": "string" }, - "StageName": { - "markdownDescription": "The name of the stage where you want to disable the inbound or outbound transition of artifacts.", - "title": "StageName", + "OriginAccessIdentity": { + "markdownDescription": "The CloudFront origin access identity to associate with the distribution. Use an origin access identity to configure the distribution so that end users can only access objects in an Amazon S3 through CloudFront .\n\n> This property is legacy. We recommend that you use [OriginAccessControl](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-originaccesscontrol.html) instead.", + "title": "OriginAccessIdentity", "type": "string" } }, "required": [ - "Reason", - "StageName" + "DNSName" ], "type": "object" }, - "AWS::CodePipeline::Pipeline.VariableDeclaration": { + "AWS::CloudFront::Distribution.Logging": { "additionalProperties": false, "properties": { - "DefaultValue": { - "markdownDescription": "The value of a pipeline-level variable.", - "title": "DefaultValue", + "Bucket": { + "markdownDescription": "The Amazon S3 bucket to store the access logs in, for example, `amzn-s3-demo-bucket.s3.amazonaws.com` .", + "title": "Bucket", "type": "string" }, - "Description": { - "markdownDescription": "The description of a pipeline-level variable. It's used to add additional context about the variable, and not being used at time when pipeline executes.", - "title": "Description", - "type": "string" + "IncludeCookies": { + "markdownDescription": "Specifies whether you want CloudFront to include cookies in access logs, specify `true` for `IncludeCookies` . If you choose to include cookies in logs, CloudFront logs all cookies regardless of how you configure the cache behaviors for this distribution. If you don't want to include cookies when you create a distribution or if you want to disable include cookies for an existing distribution, specify `false` for `IncludeCookies` .", + "title": "IncludeCookies", + "type": "boolean" }, - "Name": { - "markdownDescription": "The name of a pipeline-level variable.", - "title": "Name", + "Prefix": { + "markdownDescription": "An optional string that you want CloudFront to prefix to the access log `filenames` for this distribution, for example, `myprefix/` . If you want to enable logging, but you don't want to specify a prefix, you still must include an empty `Prefix` element in the `Logging` element.", + "title": "Prefix", "type": "string" } }, - "required": [ - "Name" - ], "type": "object" }, - "AWS::CodePipeline::Webhook": { + "AWS::CloudFront::Distribution.Origin": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "ConnectionAttempts": { + "markdownDescription": "The number of times that CloudFront attempts to connect to the origin. The minimum number is 1, the maximum is 3, and the default (if you don't specify otherwise) is 3.\n\nFor a custom origin (including an Amazon S3 bucket that's configured with static website hosting), this value also specifies the number of times that CloudFront attempts to get a response from the origin, in the case of an [Origin Response Timeout](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginResponseTimeout) .\n\nFor more information, see [Origin Connection Attempts](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#origin-connection-attempts) in the *Amazon CloudFront Developer Guide* .", + "title": "ConnectionAttempts", + "type": "number" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ConnectionTimeout": { + "markdownDescription": "The number of seconds that CloudFront waits when trying to establish a connection to the origin. The minimum timeout is 1 second, the maximum is 10 seconds, and the default (if you don't specify otherwise) is 10 seconds.\n\nFor more information, see [Origin Connection Timeout](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#origin-connection-timeout) in the *Amazon CloudFront Developer Guide* .", + "title": "ConnectionTimeout", + "type": "number" + }, + "CustomOriginConfig": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.CustomOriginConfig", + "markdownDescription": "Use this type to specify an origin that is not an Amazon S3 bucket, with one exception. If the Amazon S3 bucket is configured with static website hosting, use this type. If the Amazon S3 bucket is not configured with static website hosting, use the `S3OriginConfig` type instead.", + "title": "CustomOriginConfig" + }, + "DomainName": { + "markdownDescription": "The domain name for the origin.\n\nFor more information, see [Origin Domain Name](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesDomainName) in the *Amazon CloudFront Developer Guide* .", + "title": "DomainName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Id": { + "markdownDescription": "A unique identifier for the origin. This value must be unique within the distribution.\n\nUse this value to specify the `TargetOriginId` in a `CacheBehavior` or `DefaultCacheBehavior` .", + "title": "Id", + "type": "string" }, - "Metadata": { - "type": "object" + "OriginAccessControlId": { + "markdownDescription": "The unique identifier of an origin access control for this origin.\n\nFor more information, see [Restricting access to an Amazon S3 origin](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginAccessControlId", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Authentication": { - "markdownDescription": "Supported options are GITHUB_HMAC, IP, and UNAUTHENTICATED.\n\n> When creating CodePipeline webhooks, do not use your own credentials or reuse the same secret token across multiple webhooks. For optimal security, generate a unique secret token for each webhook you create. The secret token is an arbitrary string that you provide, which GitHub uses to compute and sign the webhook payloads sent to CodePipeline, for protecting the integrity and authenticity of the webhook payloads. Using your own credentials or reusing the same token across multiple webhooks can lead to security vulnerabilities. > If a secret token was provided, it will be redacted in the response. \n\n- For information about the authentication scheme implemented by GITHUB_HMAC, see [Securing your webhooks](https://docs.aws.amazon.com/https://developer.github.com/webhooks/securing/) on the GitHub Developer website.\n- IP rejects webhooks trigger requests unless they originate from an IP address in the IP range whitelisted in the authentication configuration.\n- UNAUTHENTICATED accepts all webhook trigger requests regardless of origin.", - "title": "Authentication", - "type": "string" - }, - "AuthenticationConfiguration": { - "$ref": "#/definitions/AWS::CodePipeline::Webhook.WebhookAuthConfiguration", - "markdownDescription": "Properties that configure the authentication applied to incoming webhook trigger requests. The required properties depend on the authentication type. For GITHUB_HMAC, only the `SecretToken` property must be set. For IP, only the `AllowedIPRange` property must be set to a valid CIDR range. For UNAUTHENTICATED, no properties can be set.", - "title": "AuthenticationConfiguration" - }, - "Filters": { - "items": { - "$ref": "#/definitions/AWS::CodePipeline::Webhook.WebhookFilterRule" - }, - "markdownDescription": "A list of rules applied to the body/payload sent in the POST request to a webhook URL. All defined rules must pass for the request to be accepted and the pipeline started.", - "title": "Filters", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the webhook.", - "title": "Name", - "type": "string" - }, - "RegisterWithThirdParty": { - "markdownDescription": "Configures a connection between the webhook that was created and the external tool with events to be detected.", - "title": "RegisterWithThirdParty", - "type": "boolean" - }, - "TargetAction": { - "markdownDescription": "The name of the action in a pipeline you want to connect to the webhook. The action must be from the source (first) stage of the pipeline.", - "title": "TargetAction", - "type": "string" - }, - "TargetPipeline": { - "markdownDescription": "The name of the pipeline you want to connect to the webhook.", - "title": "TargetPipeline", - "type": "string" - }, - "TargetPipelineVersion": { - "markdownDescription": "The version number of the pipeline to be connected to the trigger request.\n\nRequired: Yes\n\nType: Integer\n\nUpdate requires: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt)", - "title": "TargetPipelineVersion", - "type": "number" - } + "OriginCustomHeaders": { + "items": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginCustomHeader" }, - "required": [ - "Authentication", - "AuthenticationConfiguration", - "Filters", - "TargetAction", - "TargetPipeline", - "TargetPipelineVersion" - ], - "type": "object" + "markdownDescription": "A list of HTTP header names and values that CloudFront adds to the requests that it sends to the origin.\n\nFor more information, see [Adding Custom Headers to Origin Requests](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/add-origin-custom-headers.html) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginCustomHeaders", + "type": "array" }, - "Type": { - "enum": [ - "AWS::CodePipeline::Webhook" - ], + "OriginPath": { + "markdownDescription": "An optional path that CloudFront appends to the origin domain name when CloudFront requests content from the origin.\n\nFor more information, see [Origin Path](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginPath) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginPath", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "OriginShield": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginShield", + "markdownDescription": "CloudFront Origin Shield. Using Origin Shield can help reduce the load on your origin.\n\nFor more information, see [Using Origin Shield](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/origin-shield.html) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginShield" + }, + "ResponseCompletionTimeout": { + "markdownDescription": "", + "title": "ResponseCompletionTimeout", + "type": "number" + }, + "S3OriginConfig": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.S3OriginConfig", + "markdownDescription": "Use this type to specify an origin that is an Amazon S3 bucket that is not configured with static website hosting. To specify any other type of origin, including an Amazon S3 bucket that is configured with static website hosting, use the `CustomOriginConfig` type instead.", + "title": "S3OriginConfig" + }, + "VpcOriginConfig": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.VpcOriginConfig", + "markdownDescription": "The VPC origin configuration.", + "title": "VpcOriginConfig" } }, "required": [ - "Type", - "Properties" + "DomainName", + "Id" ], "type": "object" }, - "AWS::CodePipeline::Webhook.WebhookAuthConfiguration": { + "AWS::CloudFront::Distribution.OriginCustomHeader": { "additionalProperties": false, "properties": { - "AllowedIPRange": { - "markdownDescription": "The property used to configure acceptance of webhooks in an IP address range. For IP, only the `AllowedIPRange` property must be set. This property must be set to a valid CIDR range.", - "title": "AllowedIPRange", + "HeaderName": { + "markdownDescription": "The name of a header that you want CloudFront to send to your origin. For more information, see [Adding Custom Headers to Origin Requests](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/forward-custom-headers.html) in the *Amazon CloudFront Developer Guide* .", + "title": "HeaderName", "type": "string" }, - "SecretToken": { - "markdownDescription": "The property used to configure GitHub authentication. For GITHUB_HMAC, only the `SecretToken` property must be set.\n\n> When creating CodePipeline webhooks, do not use your own credentials or reuse the same secret token across multiple webhooks. For optimal security, generate a unique secret token for each webhook you create. The secret token is an arbitrary string that you provide, which GitHub uses to compute and sign the webhook payloads sent to CodePipeline, for protecting the integrity and authenticity of the webhook payloads. Using your own credentials or reusing the same token across multiple webhooks can lead to security vulnerabilities. > If a secret token was provided, it will be redacted in the response.", - "title": "SecretToken", + "HeaderValue": { + "markdownDescription": "The value for the header that you specified in the `HeaderName` field.", + "title": "HeaderValue", "type": "string" } }, + "required": [ + "HeaderName", + "HeaderValue" + ], "type": "object" }, - "AWS::CodePipeline::Webhook.WebhookFilterRule": { + "AWS::CloudFront::Distribution.OriginGroup": { "additionalProperties": false, "properties": { - "JsonPath": { - "markdownDescription": "A JsonPath expression that is applied to the body/payload of the webhook. The value selected by the JsonPath expression must match the value specified in the `MatchEquals` field. Otherwise, the request is ignored. For more information, see [Java JsonPath implementation](https://docs.aws.amazon.com/https://github.com/json-path/JsonPath) in GitHub.", - "title": "JsonPath", + "FailoverCriteria": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginGroupFailoverCriteria", + "markdownDescription": "A complex type that contains information about the failover criteria for an origin group.", + "title": "FailoverCriteria" + }, + "Id": { + "markdownDescription": "The origin group's ID.", + "title": "Id", "type": "string" }, - "MatchEquals": { - "markdownDescription": "The value selected by the `JsonPath` expression must match what is supplied in the `MatchEquals` field. Otherwise, the request is ignored. Properties from the target action configuration can be included as placeholders in this value by surrounding the action configuration key with curly brackets. For example, if the value supplied here is \"refs/heads/{Branch}\" and the target action has an action configuration property called \"Branch\" with a value of \"main\", the `MatchEquals` value is evaluated as \"refs/heads/main\". For a list of action configuration properties for built-in action types, see [Pipeline Structure Reference Action Requirements](https://docs.aws.amazon.com/codepipeline/latest/userguide/reference-pipeline-structure.html#action-requirements) .", - "title": "MatchEquals", + "Members": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginGroupMembers", + "markdownDescription": "A complex type that contains information about the origins in an origin group.", + "title": "Members" + }, + "SelectionCriteria": { + "markdownDescription": "The selection criteria for the origin group. For more information, see [Create an origin group](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/high_availability_origin_failover.html#concept_origin_groups.creating) in the *Amazon CloudFront Developer Guide* .", + "title": "SelectionCriteria", "type": "string" } }, "required": [ - "JsonPath" + "FailoverCriteria", + "Id", + "Members" ], "type": "object" }, - "AWS::CodeStar::GitHubRepository": { + "AWS::CloudFront::Distribution.OriginGroupFailoverCriteria": { "additionalProperties": false, "properties": { - "Condition": { + "StatusCodes": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.StatusCodes", + "markdownDescription": "The status codes that, when returned from the primary origin, will trigger CloudFront to failover to the second origin.", + "title": "StatusCodes" + } + }, + "required": [ + "StatusCodes" + ], + "type": "object" + }, + "AWS::CloudFront::Distribution.OriginGroupMember": { + "additionalProperties": false, + "properties": { + "OriginId": { + "markdownDescription": "The ID for an origin in an origin group.", + "title": "OriginId", "type": "string" + } + }, + "required": [ + "OriginId" + ], + "type": "object" + }, + "AWS::CloudFront::Distribution.OriginGroupMembers": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginGroupMember" + }, + "markdownDescription": "Items (origins) in an origin group.", + "title": "Items", + "type": "array" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Quantity": { + "markdownDescription": "The number of origins in an origin group.", + "title": "Quantity", + "type": "number" + } + }, + "required": [ + "Items", + "Quantity" + ], + "type": "object" + }, + "AWS::CloudFront::Distribution.OriginGroups": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginGroup" + }, + "markdownDescription": "The items (origin groups) in a distribution.", + "title": "Items", + "type": "array" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Quantity": { + "markdownDescription": "The number of origin groups.", + "title": "Quantity", + "type": "number" + } + }, + "required": [ + "Quantity" + ], + "type": "object" + }, + "AWS::CloudFront::Distribution.OriginShield": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "A flag that specifies whether Origin Shield is enabled.\n\nWhen it's enabled, CloudFront routes all requests through Origin Shield, which can help protect your origin. When it's disabled, CloudFront might send requests directly to your origin from multiple edge locations or regional edge caches.", + "title": "Enabled", + "type": "boolean" }, - "Metadata": { - "type": "object" + "OriginShieldRegion": { + "markdownDescription": "The AWS Region for Origin Shield.\n\nSpecify the AWS Region that has the lowest latency to your origin. To specify a region, use the region code, not the region name. For example, specify the US East (Ohio) region as `us-east-2` .\n\nWhen you enable CloudFront Origin Shield, you must specify the AWS Region for Origin Shield. For the list of AWS Regions that you can specify, and for help choosing the best Region for your origin, see [Choosing the AWS Region for Origin Shield](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/origin-shield.html#choose-origin-shield-region) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginShieldRegion", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CloudFront::Distribution.ParameterDefinition": { + "additionalProperties": false, + "properties": { + "Definition": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.Definition", + "markdownDescription": "The value that you assigned to the parameter.", + "title": "Definition" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Code": { - "$ref": "#/definitions/AWS::CodeStar::GitHubRepository.Code", - "markdownDescription": "Information about code to be committed to a repository after it is created in an AWS CloudFormation stack.", - "title": "Code" - }, - "ConnectionArn": { - "markdownDescription": "", - "title": "ConnectionArn", - "type": "string" - }, - "EnableIssues": { - "markdownDescription": "Indicates whether to enable issues for the GitHub repository. You can use GitHub issues to track information and bugs for your repository.", - "title": "EnableIssues", - "type": "boolean" - }, - "IsPrivate": { - "markdownDescription": "Indicates whether the GitHub repository is a private repository. If so, you choose who can see and commit to this repository.", - "title": "IsPrivate", - "type": "boolean" - }, - "RepositoryAccessToken": { - "markdownDescription": "The GitHub user's personal access token for the GitHub repository.", - "title": "RepositoryAccessToken", - "type": "string" - }, - "RepositoryDescription": { - "markdownDescription": "A comment or description about the new repository. This description is displayed in GitHub after the repository is created.", - "title": "RepositoryDescription", - "type": "string" - }, - "RepositoryName": { - "markdownDescription": "The name of the repository you want to create in GitHub with AWS CloudFormation stack creation.", - "title": "RepositoryName", - "type": "string" - }, - "RepositoryOwner": { - "markdownDescription": "The GitHub user name for the owner of the GitHub repository to be created. If this repository should be owned by a GitHub organization, provide its name.", - "title": "RepositoryOwner", - "type": "string" - } + "Name": { + "markdownDescription": "The name of the parameter.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Definition", + "Name" + ], + "type": "object" + }, + "AWS::CloudFront::Distribution.Restrictions": { + "additionalProperties": false, + "properties": { + "GeoRestriction": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.GeoRestriction", + "markdownDescription": "A complex type that controls the countries in which your content is distributed. CloudFront determines the location of your users using `MaxMind` GeoIP databases. To disable geo restriction, remove the [Restrictions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-distributionconfig.html#cfn-cloudfront-distribution-distributionconfig-restrictions) property from your stack template.", + "title": "GeoRestriction" + } + }, + "required": [ + "GeoRestriction" + ], + "type": "object" + }, + "AWS::CloudFront::Distribution.S3OriginConfig": { + "additionalProperties": false, + "properties": { + "OriginAccessIdentity": { + "markdownDescription": "> If you're using origin access control (OAC) instead of origin access identity, specify an empty `OriginAccessIdentity` element. For more information, see [Restricting access to an AWS](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-origin.html) in the *Amazon CloudFront Developer Guide* . \n\nThe CloudFront origin access identity to associate with the origin. Use an origin access identity to configure the origin so that viewers can *only* access objects in an Amazon S3 bucket through CloudFront. The format of the value is:\n\n`origin-access-identity/cloudfront/ID-of-origin-access-identity`\n\nThe `*ID-of-origin-access-identity*` is the value that CloudFront returned in the `ID` element when you created the origin access identity.\n\nIf you want viewers to be able to access objects using either the CloudFront URL or the Amazon S3 URL, specify an empty `OriginAccessIdentity` element.\n\nTo delete the origin access identity from an existing distribution, update the distribution configuration and include an empty `OriginAccessIdentity` element.\n\nTo replace the origin access identity, update the distribution configuration and specify the new origin access identity.\n\nFor more information about the origin access identity, see [Serving Private Content through CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginAccessIdentity", + "type": "string" + }, + "OriginReadTimeout": { + "markdownDescription": "", + "title": "OriginReadTimeout", + "type": "number" + } + }, + "type": "object" + }, + "AWS::CloudFront::Distribution.StatusCodes": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "type": "number" }, - "required": [ - "RepositoryName", - "RepositoryOwner" - ], - "type": "object" + "markdownDescription": "The items (status codes) for an origin group.", + "title": "Items", + "type": "array" }, - "Type": { - "enum": [ - "AWS::CodeStar::GitHubRepository" - ], + "Quantity": { + "markdownDescription": "The number of status codes.", + "title": "Quantity", + "type": "number" + } + }, + "required": [ + "Items", + "Quantity" + ], + "type": "object" + }, + "AWS::CloudFront::Distribution.StringSchema": { + "additionalProperties": false, + "properties": { + "Comment": { + "markdownDescription": "", + "title": "Comment", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DefaultValue": { + "markdownDescription": "", + "title": "DefaultValue", "type": "string" + }, + "Required": { + "markdownDescription": "", + "title": "Required", + "type": "boolean" } }, "required": [ - "Type", - "Properties" + "Required" ], "type": "object" }, - "AWS::CodeStar::GitHubRepository.Code": { + "AWS::CloudFront::Distribution.TenantConfig": { "additionalProperties": false, "properties": { - "S3": { - "$ref": "#/definitions/AWS::CodeStar::GitHubRepository.S3", - "markdownDescription": "Information about the Amazon S3 bucket that contains a ZIP file of code to be committed to the repository.", - "title": "S3" + "ParameterDefinitions": { + "items": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.ParameterDefinition" + }, + "markdownDescription": "The parameters that you specify for a distribution tenant.", + "title": "ParameterDefinitions", + "type": "array" } }, - "required": [ - "S3" - ], "type": "object" }, - "AWS::CodeStar::GitHubRepository.S3": { + "AWS::CloudFront::Distribution.ViewerCertificate": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The name of the Amazon S3 bucket that contains the ZIP file with the content to be committed to the new repository.", - "title": "Bucket", + "AcmCertificateArn": { + "markdownDescription": "> In CloudFormation, this field name is `AcmCertificateArn` . Note the different capitalization. \n\nIf the distribution uses `Aliases` (alternate domain names or CNAMEs) and the SSL/TLS certificate is stored in [AWS Certificate Manager (ACM)](https://docs.aws.amazon.com/acm/latest/userguide/acm-overview.html) , provide the Amazon Resource Name (ARN) of the ACM certificate. CloudFront only supports ACM certificates in the US East (N. Virginia) Region ( `us-east-1` ).\n\nIf you specify an ACM certificate ARN, you must also specify values for `MinimumProtocolVersion` and `SSLSupportMethod` . (In CloudFormation, the field name is `SslSupportMethod` . Note the different capitalization.)", + "title": "AcmCertificateArn", "type": "string" }, - "Key": { - "markdownDescription": "The S3 object key or file name for the ZIP file.", - "title": "Key", + "CloudFrontDefaultCertificate": { + "markdownDescription": "If the distribution uses the CloudFront domain name such as `d111111abcdef8.cloudfront.net` , set this field to `true` .\n\nIf the distribution uses `Aliases` (alternate domain names or CNAMEs), omit this field and specify values for the following fields:\n\n- `AcmCertificateArn` or `IamCertificateId` (specify a value for one, not both)\n- `MinimumProtocolVersion`\n- `SslSupportMethod`", + "title": "CloudFrontDefaultCertificate", + "type": "boolean" + }, + "IamCertificateId": { + "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . > In CloudFormation, this field name is `IamCertificateId` . Note the different capitalization. \n\nIf the distribution uses `Aliases` (alternate domain names or CNAMEs) and the SSL/TLS certificate is stored in [AWS Identity and Access Management (IAM)](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html) , provide the ID of the IAM certificate.\n\nIf you specify an IAM certificate ID, you must also specify values for `MinimumProtocolVersion` and `SSLSupportMethod` . (In CloudFormation, the field name is `SslSupportMethod` . Note the different capitalization.)", + "title": "IamCertificateId", "type": "string" }, - "ObjectVersion": { - "markdownDescription": "The object version of the ZIP file, if versioning is enabled for the Amazon S3 bucket.", - "title": "ObjectVersion", + "MinimumProtocolVersion": { + "markdownDescription": "If the distribution uses `Aliases` (alternate domain names or CNAMEs), specify the security policy that you want CloudFront to use for HTTPS connections with viewers. The security policy determines two settings:\n\n- The minimum SSL/TLS protocol that CloudFront can use to communicate with viewers.\n- The ciphers that CloudFront can use to encrypt the content that it returns to viewers.\n\nFor more information, see [Security Policy](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValues-security-policy) and [Supported Protocols and Ciphers Between Viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/secure-connections-supported-viewer-protocols-ciphers.html#secure-connections-supported-ciphers) in the *Amazon CloudFront Developer Guide* .\n\n> On the CloudFront console, this setting is called *Security Policy* . \n\nWhen you're using SNI only (you set `SSLSupportMethod` to `sni-only` ), you must specify `TLSv1` or higher. (In CloudFormation, the field name is `SslSupportMethod` . Note the different capitalization.)\n\nIf the distribution uses the CloudFront domain name such as `d111111abcdef8.cloudfront.net` (you set `CloudFrontDefaultCertificate` to `true` ), CloudFront automatically sets the security policy to `TLSv1` regardless of the value that you set here.", + "title": "MinimumProtocolVersion", + "type": "string" + }, + "SslSupportMethod": { + "markdownDescription": "> In CloudFormation, this field name is `SslSupportMethod` . Note the different capitalization. \n\nIf the distribution uses `Aliases` (alternate domain names or CNAMEs), specify which viewers the distribution accepts HTTPS connections from.\n\n- `sni-only` \u2013 The distribution accepts HTTPS connections from only viewers that support [server name indication (SNI)](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Server_Name_Indication) . This is recommended. Most browsers and clients support SNI.\n- `vip` \u2013 The distribution accepts HTTPS connections from all viewers including those that don't support SNI. This is not recommended, and results in additional monthly charges from CloudFront.\n- `static-ip` - Do not specify this value unless your distribution has been enabled for this feature by the CloudFront team. If you have a use case that requires static IP addresses for a distribution, contact CloudFront through the [Support Center](https://docs.aws.amazon.com/support/home) .\n\nIf the distribution uses the CloudFront domain name such as `d111111abcdef8.cloudfront.net` , don't set a value for this field.", + "title": "SslSupportMethod", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CloudFront::Distribution.VpcOriginConfig": { + "additionalProperties": false, + "properties": { + "OriginKeepaliveTimeout": { + "markdownDescription": "Specifies how long, in seconds, CloudFront persists its connection to the origin. The minimum timeout is 1 second, the maximum is 120 seconds, and the default (if you don't specify otherwise) is 5 seconds.\n\nFor more information, see [Keep-alive timeout (custom origins only)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DownloadDistValuesOrigin.html#DownloadDistValuesOriginKeepaliveTimeout) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginKeepaliveTimeout", + "type": "number" + }, + "OriginReadTimeout": { + "markdownDescription": "Specifies how long, in seconds, CloudFront waits for a response from the origin. This is also known as the *origin response timeout* . The minimum timeout is 1 second, the maximum is 120 seconds, and the default (if you don't specify otherwise) is 30 seconds.\n\nFor more information, see [Response timeout (custom origins only)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DownloadDistValuesOrigin.html#DownloadDistValuesOriginResponseTimeout) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginReadTimeout", + "type": "number" + }, + "VpcOriginId": { + "markdownDescription": "The VPC origin ID.", + "title": "VpcOriginId", "type": "string" } }, "required": [ - "Bucket", - "Key" + "VpcOriginId" ], "type": "object" }, - "AWS::CodeStarConnections::Connection": { + "AWS::CloudFront::DistributionTenant": { "additionalProperties": false, "properties": { "Condition": { @@ -44745,38 +50563,71 @@ "Properties": { "additionalProperties": false, "properties": { - "ConnectionName": { - "markdownDescription": "The name of the connection. Connection names must be unique in an AWS account .", - "title": "ConnectionName", + "ConnectionGroupId": { + "markdownDescription": "The ID of the connection group for the distribution tenant. If you don't specify a connection group, CloudFront uses the default connection group.", + "title": "ConnectionGroupId", "type": "string" }, - "HostArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the host associated with the connection.", - "title": "HostArn", + "Customizations": { + "$ref": "#/definitions/AWS::CloudFront::DistributionTenant.Customizations", + "markdownDescription": "Customizations for the distribution tenant. For each distribution tenant, you can specify the geographic restrictions, and the Amazon Resource Names (ARNs) for the ACM certificate and AWS WAF web ACL. These are specific values that you can override or disable from the multi-tenant distribution that was used to create the distribution tenant.", + "title": "Customizations" + }, + "DistributionId": { + "markdownDescription": "The ID of the multi-tenant distribution.", + "title": "DistributionId", "type": "string" }, - "ProviderType": { - "markdownDescription": "The name of the external provider where your third-party code repository is configured.", - "title": "ProviderType", + "Domains": { + "items": { + "type": "string" + }, + "markdownDescription": "The domains associated with the distribution tenant.", + "title": "Domains", + "type": "array" + }, + "Enabled": { + "markdownDescription": "Indicates whether the distribution tenant is in an enabled state. If disabled, the distribution tenant won't serve traffic.", + "title": "Enabled", + "type": "boolean" + }, + "ManagedCertificateRequest": { + "$ref": "#/definitions/AWS::CloudFront::DistributionTenant.ManagedCertificateRequest", + "markdownDescription": "An object that represents the request for the Amazon CloudFront managed ACM certificate.", + "title": "ManagedCertificateRequest" + }, + "Name": { + "markdownDescription": "The name of the distribution tenant.", + "title": "Name", "type": "string" }, + "Parameters": { + "items": { + "$ref": "#/definitions/AWS::CloudFront::DistributionTenant.Parameter" + }, + "markdownDescription": "A list of parameter values to add to the resource. A parameter is specified as a key-value pair. A valid parameter value must exist for any parameter that is marked as required in the multi-tenant distribution.", + "title": "Parameters", + "type": "array" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Specifies the tags applied to the resource.", + "markdownDescription": "A complex type that contains zero or more `Tag` elements.", "title": "Tags", "type": "array" } }, "required": [ - "ConnectionName" + "DistributionId", + "Domains", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeStarConnections::Connection" + "AWS::CloudFront::DistributionTenant" ], "type": "string" }, @@ -44795,7 +50646,127 @@ ], "type": "object" }, - "AWS::CodeStarConnections::RepositoryLink": { + "AWS::CloudFront::DistributionTenant.Certificate": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the ACM certificate.", + "title": "Arn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CloudFront::DistributionTenant.Customizations": { + "additionalProperties": false, + "properties": { + "Certificate": { + "$ref": "#/definitions/AWS::CloudFront::DistributionTenant.Certificate", + "markdownDescription": "The AWS Certificate Manager (ACM) certificate.", + "title": "Certificate" + }, + "GeoRestrictions": { + "$ref": "#/definitions/AWS::CloudFront::DistributionTenant.GeoRestrictionCustomization", + "markdownDescription": "The geographic restrictions.", + "title": "GeoRestrictions" + }, + "WebAcl": { + "$ref": "#/definitions/AWS::CloudFront::DistributionTenant.WebAclCustomization", + "markdownDescription": "The AWS WAF web ACL.", + "title": "WebAcl" + } + }, + "type": "object" + }, + "AWS::CloudFront::DistributionTenant.DomainResult": { + "additionalProperties": false, + "properties": { + "Domain": { + "markdownDescription": "The specified domain.", + "title": "Domain", + "type": "string" + }, + "Status": { + "markdownDescription": "Whether the domain is active or inactive.", + "title": "Status", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CloudFront::DistributionTenant.GeoRestrictionCustomization": { + "additionalProperties": false, + "properties": { + "Locations": { + "items": { + "type": "string" + }, + "markdownDescription": "The locations for geographic restrictions.", + "title": "Locations", + "type": "array" + }, + "RestrictionType": { + "markdownDescription": "The method that you want to use to restrict distribution of your content by country:\n\n- `none` : No geographic restriction is enabled, meaning access to content is not restricted by client geo location.\n- `blacklist` : The `Location` elements specify the countries in which you don't want CloudFront to distribute your content.\n- `whitelist` : The `Location` elements specify the countries in which you want CloudFront to distribute your content.", + "title": "RestrictionType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CloudFront::DistributionTenant.ManagedCertificateRequest": { + "additionalProperties": false, + "properties": { + "CertificateTransparencyLoggingPreference": { + "markdownDescription": "You can opt out of certificate transparency logging by specifying the `disabled` option. Opt in by specifying `enabled` . For more information, see [Certificate Transparency Logging](https://docs.aws.amazon.com/acm/latest/userguide/acm-concepts.html#concept-transparency) in the *AWS Certificate Manager User Guide* .", + "title": "CertificateTransparencyLoggingPreference", + "type": "string" + }, + "PrimaryDomainName": { + "markdownDescription": "The primary domain name associated with the CloudFront managed ACM certificate.", + "title": "PrimaryDomainName", + "type": "string" + }, + "ValidationTokenHost": { + "markdownDescription": "Specify how the HTTP validation token will be served when requesting the CloudFront managed ACM certificate.\n\n- For `cloudfront` , CloudFront will automatically serve the validation token. Choose this mode if you can point the domain's DNS to CloudFront immediately.\n- For `self-hosted` , you serve the validation token from your existing infrastructure. Choose this mode when you need to maintain current traffic flow while your certificate is being issued. You can place the validation token at the well-known path on your existing web server, wait for ACM to validate and issue the certificate, and then update your DNS to point to CloudFront.", + "title": "ValidationTokenHost", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CloudFront::DistributionTenant.Parameter": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The parameter name.", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The parameter value.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CloudFront::DistributionTenant.WebAclCustomization": { + "additionalProperties": false, + "properties": { + "Action": { + "markdownDescription": "The action for the AWS WAF web ACL customization. You can specify `override` to specify a separate AWS WAF web ACL for the distribution tenant. If you specify `disable` , the distribution tenant won't have AWS WAF web ACL protections and won't inherit from the multi-tenant distribution.", + "title": "Action", + "type": "string" + }, + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS WAF web ACL.", + "title": "Arn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CloudFront::Function": { "additionalProperties": false, "properties": { "Condition": { @@ -44830,45 +50801,42 @@ "Properties": { "additionalProperties": false, "properties": { - "ConnectionArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the connection associated with the repository link.", - "title": "ConnectionArn", - "type": "string" + "AutoPublish": { + "markdownDescription": "A flag that determines whether to automatically publish the function to the `LIVE` stage when it\u2019s created. To automatically publish to the `LIVE` stage, set this property to `true` .", + "title": "AutoPublish", + "type": "boolean" }, - "EncryptionKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the encryption key for the repository associated with the repository link.", - "title": "EncryptionKeyArn", + "FunctionCode": { + "markdownDescription": "The function code. For more information about writing a CloudFront function, see [Writing function code for CloudFront Functions](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/writing-function-code.html) in the *Amazon CloudFront Developer Guide* .", + "title": "FunctionCode", "type": "string" }, - "OwnerId": { - "markdownDescription": "The owner ID for the repository associated with the repository link, such as the owner ID in GitHub.", - "title": "OwnerId", - "type": "string" + "FunctionConfig": { + "$ref": "#/definitions/AWS::CloudFront::Function.FunctionConfig", + "markdownDescription": "Contains configuration information about a CloudFront function.", + "title": "FunctionConfig" }, - "RepositoryName": { - "markdownDescription": "The name of the repository associated with the repository link.", - "title": "RepositoryName", - "type": "string" + "FunctionMetadata": { + "$ref": "#/definitions/AWS::CloudFront::Function.FunctionMetadata", + "markdownDescription": "Contains metadata about a CloudFront function.", + "title": "FunctionMetadata" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags for the repository to be associated with the repository link.", - "title": "Tags", - "type": "array" + "Name": { + "markdownDescription": "A name to identify the function.", + "title": "Name", + "type": "string" } }, "required": [ - "ConnectionArn", - "OwnerId", - "RepositoryName" + "FunctionCode", + "FunctionConfig", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeStarConnections::RepositoryLink" + "AWS::CloudFront::Function" ], "type": "string" }, @@ -44887,7 +50855,60 @@ ], "type": "object" }, - "AWS::CodeStarConnections::SyncConfiguration": { + "AWS::CloudFront::Function.FunctionConfig": { + "additionalProperties": false, + "properties": { + "Comment": { + "markdownDescription": "A comment to describe the function.", + "title": "Comment", + "type": "string" + }, + "KeyValueStoreAssociations": { + "items": { + "$ref": "#/definitions/AWS::CloudFront::Function.KeyValueStoreAssociation" + }, + "markdownDescription": "The configuration for the key value store associations.", + "title": "KeyValueStoreAssociations", + "type": "array" + }, + "Runtime": { + "markdownDescription": "The function's runtime environment version.", + "title": "Runtime", + "type": "string" + } + }, + "required": [ + "Comment", + "Runtime" + ], + "type": "object" + }, + "AWS::CloudFront::Function.FunctionMetadata": { + "additionalProperties": false, + "properties": { + "FunctionARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the function. The ARN uniquely identifies the function.", + "title": "FunctionARN", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CloudFront::Function.KeyValueStoreAssociation": { + "additionalProperties": false, + "properties": { + "KeyValueStoreARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the key value store association.", + "title": "KeyValueStoreARN", + "type": "string" + } + }, + "required": [ + "KeyValueStoreARN" + ], + "type": "object" + }, + "AWS::CloudFront::KeyGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -44922,60 +50943,20 @@ "Properties": { "additionalProperties": false, "properties": { - "Branch": { - "markdownDescription": "The branch associated with a specific sync configuration.", - "title": "Branch", - "type": "string" - }, - "ConfigFile": { - "markdownDescription": "The file path to the configuration file associated with a specific sync configuration. The path should point to an actual file in the sync configurations linked repository.", - "title": "ConfigFile", - "type": "string" - }, - "PublishDeploymentStatus": { - "markdownDescription": "Whether to enable or disable publishing of deployment status to source providers.", - "title": "PublishDeploymentStatus", - "type": "string" - }, - "RepositoryLinkId": { - "markdownDescription": "The ID of the repository link associated with a specific sync configuration.", - "title": "RepositoryLinkId", - "type": "string" - }, - "ResourceName": { - "markdownDescription": "The name of the connection resource associated with a specific sync configuration.", - "title": "ResourceName", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role associated with a specific sync configuration.", - "title": "RoleArn", - "type": "string" - }, - "SyncType": { - "markdownDescription": "The type of sync for a specific sync configuration.", - "title": "SyncType", - "type": "string" - }, - "TriggerResourceUpdateOn": { - "markdownDescription": "When to trigger Git sync to begin the stack update.", - "title": "TriggerResourceUpdateOn", - "type": "string" + "KeyGroupConfig": { + "$ref": "#/definitions/AWS::CloudFront::KeyGroup.KeyGroupConfig", + "markdownDescription": "The key group configuration.", + "title": "KeyGroupConfig" } }, "required": [ - "Branch", - "ConfigFile", - "RepositoryLinkId", - "ResourceName", - "RoleArn", - "SyncType" + "KeyGroupConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeStarConnections::SyncConfiguration" + "AWS::CloudFront::KeyGroup" ], "type": "string" }, @@ -44994,7 +50975,35 @@ ], "type": "object" }, - "AWS::CodeStarNotifications::NotificationRule": { + "AWS::CloudFront::KeyGroup.KeyGroupConfig": { + "additionalProperties": false, + "properties": { + "Comment": { + "markdownDescription": "A comment to describe the key group. The comment cannot be longer than 128 characters.", + "title": "Comment", + "type": "string" + }, + "Items": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the identifiers of the public keys in the key group.", + "title": "Items", + "type": "array" + }, + "Name": { + "markdownDescription": "A name to identify the key group.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Items", + "Name" + ], + "type": "object" + }, + "AWS::CloudFront::KeyValueStore": { "additionalProperties": false, "properties": { "Condition": { @@ -45029,81 +51038,30 @@ "Properties": { "additionalProperties": false, "properties": { - "CreatedBy": { - "markdownDescription": "The name or email alias of the person who created the notification rule.", - "title": "CreatedBy", - "type": "string" - }, - "DetailType": { - "markdownDescription": "The level of detail to include in the notifications for this resource. `BASIC` will include only the contents of the event as it would appear in Amazon CloudWatch. `FULL` will include any supplemental information provided by AWS CodeStar Notifications and/or the service for the resource for which the notification is created.", - "title": "DetailType", - "type": "string" - }, - "EventTypeId": { - "markdownDescription": "The event type associated with this notification rule. For a complete list of event types and IDs, see [Notification concepts](https://docs.aws.amazon.com/dtconsole/latest/userguide/concepts.html#concepts-api) in the *Developer Tools Console User Guide* .", - "title": "EventTypeId", + "Comment": { + "markdownDescription": "A comment for the key value store.", + "title": "Comment", "type": "string" }, - "EventTypeIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of event types associated with this notification rule. For a complete list of event types and IDs, see [Notification concepts](https://docs.aws.amazon.com/dtconsole/latest/userguide/concepts.html#concepts-api) in the *Developer Tools Console User Guide* .", - "title": "EventTypeIds", - "type": "array" + "ImportSource": { + "$ref": "#/definitions/AWS::CloudFront::KeyValueStore.ImportSource", + "markdownDescription": "The import source for the key value store.", + "title": "ImportSource" }, "Name": { - "markdownDescription": "The name for the notification rule. Notification rule names must be unique in your AWS account .", + "markdownDescription": "The name of the key value store.", "title": "Name", "type": "string" - }, - "Resource": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource to associate with the notification rule. Supported resources include pipelines in AWS CodePipeline , repositories in AWS CodeCommit , and build projects in AWS CodeBuild .", - "title": "Resource", - "type": "string" - }, - "Status": { - "markdownDescription": "The status of the notification rule. The default value is `ENABLED` . If the status is set to `DISABLED` , notifications aren't sent for the notification rule.", - "title": "Status", - "type": "string" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "A list of tags to apply to this notification rule. Key names cannot start with \" `aws` \".", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - }, - "TargetAddress": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic or client.", - "title": "TargetAddress", - "type": "string" - }, - "Targets": { - "items": { - "$ref": "#/definitions/AWS::CodeStarNotifications::NotificationRule.Target" - }, - "markdownDescription": "A list of Amazon Resource Names (ARNs) of Amazon SNS topics and clients to associate with the notification rule.", - "title": "Targets", - "type": "array" } }, "required": [ - "DetailType", - "EventTypeIds", - "Name", - "Resource", - "Targets" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeStarNotifications::NotificationRule" + "AWS::CloudFront::KeyValueStore" ], "type": "string" }, @@ -45122,27 +51080,27 @@ ], "type": "object" }, - "AWS::CodeStarNotifications::NotificationRule.Target": { + "AWS::CloudFront::KeyValueStore.ImportSource": { "additionalProperties": false, "properties": { - "TargetAddress": { - "markdownDescription": "The Amazon Resource Name (ARN) of the topic or client.", - "title": "TargetAddress", + "SourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the import source for the key value store.", + "title": "SourceArn", "type": "string" }, - "TargetType": { - "markdownDescription": "The target type. Can be an Amazon Simple Notification Service topic or client.\n\n- Amazon Simple Notification Service topics are specified as `SNS` .\n- clients are specified as `AWSChatbotSlack` .\n- clients for Microsoft Teams are specified as `AWSChatbotMicrosoftTeams` .", - "title": "TargetType", + "SourceType": { + "markdownDescription": "The source type of the import source for the key value store.", + "title": "SourceType", "type": "string" } }, "required": [ - "TargetAddress", - "TargetType" + "SourceArn", + "SourceType" ], "type": "object" }, - "AWS::Cognito::IdentityPool": { + "AWS::CloudFront::MonitoringSubscription": { "additionalProperties": false, "properties": { "Condition": { @@ -45177,79 +51135,26 @@ "Properties": { "additionalProperties": false, "properties": { - "AllowClassicFlow": { - "markdownDescription": "Enables the Basic (Classic) authentication flow.", - "title": "AllowClassicFlow", - "type": "boolean" - }, - "AllowUnauthenticatedIdentities": { - "markdownDescription": "Specifies whether the identity pool supports unauthenticated logins.", - "title": "AllowUnauthenticatedIdentities", - "type": "boolean" - }, - "CognitoEvents": { - "markdownDescription": "The events to configure.", - "title": "CognitoEvents", - "type": "object" - }, - "CognitoIdentityProviders": { - "items": { - "$ref": "#/definitions/AWS::Cognito::IdentityPool.CognitoIdentityProvider" - }, - "markdownDescription": "The Amazon Cognito user pools and their client IDs.", - "title": "CognitoIdentityProviders", - "type": "array" - }, - "CognitoStreams": { - "$ref": "#/definitions/AWS::Cognito::IdentityPool.CognitoStreams", - "markdownDescription": "Configuration options for configuring Amazon Cognito streams.", - "title": "CognitoStreams" - }, - "DeveloperProviderName": { - "markdownDescription": "The \"domain\" Amazon Cognito uses when referencing your users. This name acts as a placeholder that allows your backend and the Amazon Cognito service to communicate about the developer provider. For the `DeveloperProviderName` , you can use letters and periods (.), underscores (_), and dashes (-).\n\n*Minimum length* : 1\n\n*Maximum length* : 100", - "title": "DeveloperProviderName", - "type": "string" - }, - "IdentityPoolName": { - "markdownDescription": "The name of your Amazon Cognito identity pool.\n\n*Minimum length* : 1\n\n*Maximum length* : 128\n\n*Pattern* : `[\\w\\s+=,.@-]+`", - "title": "IdentityPoolName", + "DistributionId": { + "markdownDescription": "The ID of the distribution that you are enabling metrics for.", + "title": "DistributionId", "type": "string" }, - "OpenIdConnectProviderARNs": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Names (ARNs) of the OpenID connect providers.", - "title": "OpenIdConnectProviderARNs", - "type": "array" - }, - "PushSync": { - "$ref": "#/definitions/AWS::Cognito::IdentityPool.PushSync", - "markdownDescription": "The configuration options to be applied to the identity pool.", - "title": "PushSync" - }, - "SamlProviderARNs": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Names (ARNs) of the Security Assertion Markup Language (SAML) providers.", - "title": "SamlProviderARNs", - "type": "array" - }, - "SupportedLoginProviders": { - "markdownDescription": "Key-value pairs that map provider names to provider app IDs.", - "title": "SupportedLoginProviders", - "type": "object" + "MonitoringSubscription": { + "$ref": "#/definitions/AWS::CloudFront::MonitoringSubscription.MonitoringSubscription", + "markdownDescription": "A subscription configuration for additional CloudWatch metrics.", + "title": "MonitoringSubscription" } }, "required": [ - "AllowUnauthenticatedIdentities" + "DistributionId", + "MonitoringSubscription" ], "type": "object" }, "Type": { "enum": [ - "AWS::Cognito::IdentityPool" + "AWS::CloudFront::MonitoringSubscription" ], "type": "string" }, @@ -45268,72 +51173,32 @@ ], "type": "object" }, - "AWS::Cognito::IdentityPool.CognitoIdentityProvider": { - "additionalProperties": false, - "properties": { - "ClientId": { - "markdownDescription": "The client ID for the Amazon Cognito user pool.", - "title": "ClientId", - "type": "string" - }, - "ProviderName": { - "markdownDescription": "The provider name for an Amazon Cognito user pool. For example: `cognito-idp.us-east-2.amazonaws.com/us-east-2_123456789` .", - "title": "ProviderName", - "type": "string" - }, - "ServerSideTokenCheck": { - "markdownDescription": "TRUE if server-side token validation is enabled for the identity provider\u2019s token.\n\nAfter you set the `ServerSideTokenCheck` to TRUE for an identity pool, that identity pool checks with the integrated user pools to make sure the user has not been globally signed out or deleted before the identity pool provides an OIDC token or AWS credentials for the user.\n\nIf the user is signed out or deleted, the identity pool returns a 400 Not Authorized error.", - "title": "ServerSideTokenCheck", - "type": "boolean" - } - }, - "required": [ - "ClientId", - "ProviderName" - ], - "type": "object" - }, - "AWS::Cognito::IdentityPool.CognitoStreams": { + "AWS::CloudFront::MonitoringSubscription.MonitoringSubscription": { "additionalProperties": false, "properties": { - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role Amazon Cognito can assume to publish to the stream. This role must grant access to Amazon Cognito (cognito-sync) to invoke `PutRecord` on your Amazon Cognito stream.", - "title": "RoleArn", - "type": "string" - }, - "StreamName": { - "markdownDescription": "The name of the Amazon Cognito stream to receive updates. This stream must be in the developer's account and in the same Region as the identity pool.", - "title": "StreamName", - "type": "string" - }, - "StreamingStatus": { - "markdownDescription": "Status of the Amazon Cognito streams. Valid values are: `ENABLED` or `DISABLED` .", - "title": "StreamingStatus", - "type": "string" + "RealtimeMetricsSubscriptionConfig": { + "$ref": "#/definitions/AWS::CloudFront::MonitoringSubscription.RealtimeMetricsSubscriptionConfig", + "markdownDescription": "A subscription configuration for additional CloudWatch metrics.", + "title": "RealtimeMetricsSubscriptionConfig" } }, "type": "object" }, - "AWS::Cognito::IdentityPool.PushSync": { + "AWS::CloudFront::MonitoringSubscription.RealtimeMetricsSubscriptionConfig": { "additionalProperties": false, "properties": { - "ApplicationArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The ARNs of the Amazon SNS platform applications that could be used by clients.", - "title": "ApplicationArns", - "type": "array" - }, - "RoleArn": { - "markdownDescription": "An IAM role configured to allow Amazon Cognito to call Amazon SNS on behalf of the developer.", - "title": "RoleArn", + "RealtimeMetricsSubscriptionStatus": { + "markdownDescription": "A flag that indicates whether additional CloudWatch metrics are enabled for a given CloudFront distribution.", + "title": "RealtimeMetricsSubscriptionStatus", "type": "string" } }, + "required": [ + "RealtimeMetricsSubscriptionStatus" + ], "type": "object" }, - "AWS::Cognito::IdentityPoolPrincipalTag": { + "AWS::CloudFront::OriginAccessControl": { "additionalProperties": false, "properties": { "Condition": { @@ -45368,36 +51233,20 @@ "Properties": { "additionalProperties": false, "properties": { - "IdentityPoolId": { - "markdownDescription": "The identity pool that you want to associate with this principal tag map.", - "title": "IdentityPoolId", - "type": "string" - }, - "IdentityProviderName": { - "markdownDescription": "The identity pool identity provider (IdP) that you want to associate with this principal tag map.", - "title": "IdentityProviderName", - "type": "string" - }, - "PrincipalTags": { - "markdownDescription": "A JSON-formatted list of user claims and the principal tags that you want to associate with them. When Amazon Cognito requests credentials, it sets the value of the principal tag to the value of the user's claim.", - "title": "PrincipalTags", - "type": "object" - }, - "UseDefaults": { - "markdownDescription": "Use a default set of mappings between claims and tags for this provider, instead of a custom map.", - "title": "UseDefaults", - "type": "boolean" + "OriginAccessControlConfig": { + "$ref": "#/definitions/AWS::CloudFront::OriginAccessControl.OriginAccessControlConfig", + "markdownDescription": "The origin access control.", + "title": "OriginAccessControlConfig" } }, "required": [ - "IdentityPoolId", - "IdentityProviderName" + "OriginAccessControlConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::Cognito::IdentityPoolPrincipalTag" + "AWS::CloudFront::OriginAccessControl" ], "type": "string" }, @@ -45416,7 +51265,44 @@ ], "type": "object" }, - "AWS::Cognito::IdentityPoolRoleAttachment": { + "AWS::CloudFront::OriginAccessControl.OriginAccessControlConfig": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the origin access control.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "A name to identify the origin access control. You can specify up to 64 characters.", + "title": "Name", + "type": "string" + }, + "OriginAccessControlOriginType": { + "markdownDescription": "The type of origin that this origin access control is for.", + "title": "OriginAccessControlOriginType", + "type": "string" + }, + "SigningBehavior": { + "markdownDescription": "Specifies which requests CloudFront signs (adds authentication information to). Specify `always` for the most common use case. For more information, see [origin access control advanced settings](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html#oac-advanced-settings) in the *Amazon CloudFront Developer Guide* .\n\nThis field can have one of the following values:\n\n- `always` \u2013 CloudFront signs all origin requests, overwriting the `Authorization` header from the viewer request if one exists.\n- `never` \u2013 CloudFront doesn't sign any origin requests. This value turns off origin access control for all origins in all distributions that use this origin access control.\n- `no-override` \u2013 If the viewer request doesn't contain the `Authorization` header, then CloudFront signs the origin request. If the viewer request contains the `Authorization` header, then CloudFront doesn't sign the origin request and instead passes along the `Authorization` header from the viewer request. *WARNING: To pass along the `Authorization` header from the viewer request, you *must* add the `Authorization` header to a [cache policy](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html) for all cache behaviors that use origins associated with this origin access control.*", + "title": "SigningBehavior", + "type": "string" + }, + "SigningProtocol": { + "markdownDescription": "The signing protocol of the origin access control, which determines how CloudFront signs (authenticates) requests. The only valid value is `sigv4` .", + "title": "SigningProtocol", + "type": "string" + } + }, + "required": [ + "Name", + "OriginAccessControlOriginType", + "SigningBehavior", + "SigningProtocol" + ], + "type": "object" + }, + "AWS::CloudFront::OriginRequestPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -45451,42 +51337,20 @@ "Properties": { "additionalProperties": false, "properties": { - "IdentityPoolId": { - "markdownDescription": "An identity pool ID in the format `REGION:GUID` .", - "title": "IdentityPoolId", - "type": "string" - }, - "RoleMappings": { - "additionalProperties": false, - "markdownDescription": "How users for a specific identity provider are mapped to roles. This is a string to the `RoleMapping` object map. The string identifies the identity provider. For example: `graph.facebook.com` or `cognito-idp.us-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id` .\n\nIf the `IdentityProvider` field isn't provided in this object, the string is used as the identity provider name.\n\nFor more information, see the [RoleMapping property](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypoolroleattachment-rolemapping.html) .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::Cognito::IdentityPoolRoleAttachment.RoleMapping" - } - }, - "title": "RoleMappings", - "type": "object" - }, - "Roles": { - "additionalProperties": true, - "markdownDescription": "The map of the roles associated with this pool. For a given role, the key is either \"authenticated\" or \"unauthenticated\". The value is the role ARN.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Roles", - "type": "object" + "OriginRequestPolicyConfig": { + "$ref": "#/definitions/AWS::CloudFront::OriginRequestPolicy.OriginRequestPolicyConfig", + "markdownDescription": "The origin request policy configuration.", + "title": "OriginRequestPolicyConfig" } }, "required": [ - "IdentityPoolId" + "OriginRequestPolicyConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::Cognito::IdentityPoolRoleAttachment" + "AWS::CloudFront::OriginRequestPolicy" ], "type": "string" }, @@ -45505,85 +51369,110 @@ ], "type": "object" }, - "AWS::Cognito::IdentityPoolRoleAttachment.MappingRule": { + "AWS::CloudFront::OriginRequestPolicy.CookiesConfig": { "additionalProperties": false, "properties": { - "Claim": { - "markdownDescription": "The claim name that must be present in the token. For example: \"isAdmin\" or \"paid\".", - "title": "Claim", - "type": "string" - }, - "MatchType": { - "markdownDescription": "The match condition that specifies how closely the claim value in the IdP token must match `Value` .\n\nValid values are: `Equals` , `Contains` , `StartsWith` , and `NotEqual` .", - "title": "MatchType", + "CookieBehavior": { + "markdownDescription": "Determines whether cookies in viewer requests are included in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` \u2013 No cookies in viewer requests are included in requests that CloudFront sends to the origin. Even when this field is set to `none` , any cookies that are listed in a `CachePolicy` *are* included in origin requests.\n- `whitelist` \u2013 Only the cookies in viewer requests that are listed in the `CookieNames` type are included in requests that CloudFront sends to the origin.\n- `all` \u2013 All cookies in viewer requests are included in requests that CloudFront sends to the origin.\n- `allExcept` \u2013 All cookies in viewer requests are included in requests that CloudFront sends to the origin, **except** for those listed in the `CookieNames` type, which are not included.", + "title": "CookieBehavior", "type": "string" }, - "RoleARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role.", - "title": "RoleARN", + "Cookies": { + "items": { + "type": "string" + }, + "markdownDescription": "Contains a list of cookie names.", + "title": "Cookies", + "type": "array" + } + }, + "required": [ + "CookieBehavior" + ], + "type": "object" + }, + "AWS::CloudFront::OriginRequestPolicy.HeadersConfig": { + "additionalProperties": false, + "properties": { + "HeaderBehavior": { + "markdownDescription": "Determines whether any HTTP headers are included in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` \u2013 No HTTP headers in viewer requests are included in requests that CloudFront sends to the origin. Even when this field is set to `none` , any headers that are listed in a `CachePolicy` *are* included in origin requests.\n- `whitelist` \u2013 Only the HTTP headers that are listed in the `Headers` type are included in requests that CloudFront sends to the origin.\n- `allViewer` \u2013 All HTTP headers in viewer requests are included in requests that CloudFront sends to the origin.\n- `allViewerAndWhitelistCloudFront` \u2013 All HTTP headers in viewer requests and the additional CloudFront headers that are listed in the `Headers` type are included in requests that CloudFront sends to the origin. The additional headers are added by CloudFront.\n- `allExcept` \u2013 All HTTP headers in viewer requests are included in requests that CloudFront sends to the origin, **except** for those listed in the `Headers` type, which are not included.", + "title": "HeaderBehavior", "type": "string" }, - "Value": { - "markdownDescription": "A brief string that the claim must match. For example, \"paid\" or \"yes\".", - "title": "Value", - "type": "string" + "Headers": { + "items": { + "type": "string" + }, + "markdownDescription": "Contains a list of HTTP header names.", + "title": "Headers", + "type": "array" } }, "required": [ - "Claim", - "MatchType", - "RoleARN", - "Value" + "HeaderBehavior" ], "type": "object" }, - "AWS::Cognito::IdentityPoolRoleAttachment.RoleMapping": { + "AWS::CloudFront::OriginRequestPolicy.OriginRequestPolicyConfig": { "additionalProperties": false, "properties": { - "AmbiguousRoleResolution": { - "markdownDescription": "If you specify Token or Rules as the `Type` , `AmbiguousRoleResolution` is required.\n\nSpecifies the action to be taken if either no rules match the claim value for the `Rules` type, or there is no `cognito:preferred_role` claim and there are multiple `cognito:roles` matches for the `Token` type.", - "title": "AmbiguousRoleResolution", + "Comment": { + "markdownDescription": "A comment to describe the origin request policy. The comment cannot be longer than 128 characters.", + "title": "Comment", "type": "string" }, - "IdentityProvider": { - "markdownDescription": "Identifier for the identity provider for which the role is mapped. For example: `graph.facebook.com` or `cognito-idp.us-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id (http://cognito-idp.us-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id)` . This is the identity provider that is used by the user for authentication.\n\nIf the identity provider property isn't provided, the key of the entry in the `RoleMappings` map is used as the identity provider.", - "title": "IdentityProvider", - "type": "string" + "CookiesConfig": { + "$ref": "#/definitions/AWS::CloudFront::OriginRequestPolicy.CookiesConfig", + "markdownDescription": "The cookies from viewer requests to include in origin requests.", + "title": "CookiesConfig" }, - "RulesConfiguration": { - "$ref": "#/definitions/AWS::Cognito::IdentityPoolRoleAttachment.RulesConfigurationType", - "markdownDescription": "The rules to be used for mapping users to roles. If you specify \"Rules\" as the role-mapping type, RulesConfiguration is required.", - "title": "RulesConfiguration" + "HeadersConfig": { + "$ref": "#/definitions/AWS::CloudFront::OriginRequestPolicy.HeadersConfig", + "markdownDescription": "The HTTP headers to include in origin requests. These can include headers from viewer requests and additional headers added by CloudFront.", + "title": "HeadersConfig" }, - "Type": { - "markdownDescription": "The role mapping type. Token will use `cognito:roles` and `cognito:preferred_role` claims from the Cognito identity provider token to map groups to roles. Rules will attempt to match claims from the token to map to a role.", - "title": "Type", + "Name": { + "markdownDescription": "A unique name to identify the origin request policy.", + "title": "Name", "type": "string" + }, + "QueryStringsConfig": { + "$ref": "#/definitions/AWS::CloudFront::OriginRequestPolicy.QueryStringsConfig", + "markdownDescription": "The URL query strings from viewer requests to include in origin requests.", + "title": "QueryStringsConfig" } }, "required": [ - "Type" + "CookiesConfig", + "HeadersConfig", + "Name", + "QueryStringsConfig" ], "type": "object" }, - "AWS::Cognito::IdentityPoolRoleAttachment.RulesConfigurationType": { + "AWS::CloudFront::OriginRequestPolicy.QueryStringsConfig": { "additionalProperties": false, "properties": { - "Rules": { + "QueryStringBehavior": { + "markdownDescription": "Determines whether any URL query strings in viewer requests are included in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` \u2013 No query strings in viewer requests are included in requests that CloudFront sends to the origin. Even when this field is set to `none` , any query strings that are listed in a `CachePolicy` *are* included in origin requests.\n- `whitelist` \u2013 Only the query strings in viewer requests that are listed in the `QueryStringNames` type are included in requests that CloudFront sends to the origin.\n- `all` \u2013 All query strings in viewer requests are included in requests that CloudFront sends to the origin.\n- `allExcept` \u2013 All query strings in viewer requests are included in requests that CloudFront sends to the origin, **except** for those listed in the `QueryStringNames` type, which are not included.", + "title": "QueryStringBehavior", + "type": "string" + }, + "QueryStrings": { "items": { - "$ref": "#/definitions/AWS::Cognito::IdentityPoolRoleAttachment.MappingRule" + "type": "string" }, - "markdownDescription": "The rules. You can specify up to 25 rules per identity provider.", - "title": "Rules", + "markdownDescription": "Contains a list of query string names.", + "title": "QueryStrings", "type": "array" } }, "required": [ - "Rules" + "QueryStringBehavior" ], "type": "object" }, - "AWS::Cognito::LogDeliveryConfiguration": { + "AWS::CloudFront::PublicKey": { "additionalProperties": false, "properties": { "Condition": { @@ -45618,28 +51507,20 @@ "Properties": { "additionalProperties": false, "properties": { - "LogConfigurations": { - "items": { - "$ref": "#/definitions/AWS::Cognito::LogDeliveryConfiguration.LogConfiguration" - }, - "markdownDescription": "A logging destination of a user pool. User pools can have multiple logging destinations for message-delivery and user-activity logs.", - "title": "LogConfigurations", - "type": "array" - }, - "UserPoolId": { - "markdownDescription": "The ID of the user pool where you configured logging.", - "title": "UserPoolId", - "type": "string" + "PublicKeyConfig": { + "$ref": "#/definitions/AWS::CloudFront::PublicKey.PublicKeyConfig", + "markdownDescription": "Configuration information about a public key that you can use with [signed URLs and signed cookies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) , or with [field-level encryption](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/field-level-encryption.html) .", + "title": "PublicKeyConfig" } }, "required": [ - "UserPoolId" + "PublicKeyConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::Cognito::LogDeliveryConfiguration" + "AWS::CloudFront::PublicKey" ], "type": "string" }, @@ -45658,39 +51539,38 @@ ], "type": "object" }, - "AWS::Cognito::LogDeliveryConfiguration.CloudWatchLogsConfiguration": { + "AWS::CloudFront::PublicKey.PublicKeyConfig": { "additionalProperties": false, "properties": { - "LogGroupArn": { - "markdownDescription": "The Amazon Resource Name (arn) of a CloudWatch Logs log group where your user pool sends logs. The log group must not be encrypted with AWS Key Management Service and must be in the same AWS account as your user pool.\n\nTo send logs to log groups with a resource policy of a size greater than 5120 characters, configure a log group with a path that starts with `/aws/vendedlogs` . For more information, see [Enabling logging from certain AWS services](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AWS-logs-and-resource-policy.html) .", - "title": "LogGroupArn", + "CallerReference": { + "markdownDescription": "A string included in the request to help make sure that the request can't be replayed.", + "title": "CallerReference", "type": "string" - } - }, - "type": "object" - }, - "AWS::Cognito::LogDeliveryConfiguration.LogConfiguration": { - "additionalProperties": false, - "properties": { - "CloudWatchLogsConfiguration": { - "$ref": "#/definitions/AWS::Cognito::LogDeliveryConfiguration.CloudWatchLogsConfiguration", - "markdownDescription": "Configuration for the CloudWatch log group destination of user pool detailed activity logging, or of user activity log export with advanced security features.", - "title": "CloudWatchLogsConfiguration" }, - "EventSource": { - "markdownDescription": "The source of events that your user pool sends for logging. To send error-level logs about user notification activity, set to `userNotification` . To send info-level logs about threat-protection user activity in user pools with the Plus feature plan, set to `userAuthEvents` .", - "title": "EventSource", + "Comment": { + "markdownDescription": "A comment to describe the public key. The comment cannot be longer than 128 characters.", + "title": "Comment", "type": "string" }, - "LogLevel": { - "markdownDescription": "The `errorlevel` selection of logs that a user pool sends for detailed activity logging. To send `userNotification` activity with [information about message delivery](https://docs.aws.amazon.com/cognito/latest/developerguide/exporting-quotas-and-usage.html) , choose `ERROR` with `CloudWatchLogsConfiguration` . To send `userAuthEvents` activity with user logs from threat protection with the Plus feature plan, choose `INFO` with one of `CloudWatchLogsConfiguration` , `FirehoseConfiguration` , or `S3Configuration` .", - "title": "LogLevel", + "EncodedKey": { + "markdownDescription": "The public key that you can use with [signed URLs and signed cookies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) , or with [field-level encryption](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/field-level-encryption.html) .", + "title": "EncodedKey", + "type": "string" + }, + "Name": { + "markdownDescription": "A name to help identify the public key.", + "title": "Name", "type": "string" } }, + "required": [ + "CallerReference", + "EncodedKey", + "Name" + ], "type": "object" }, - "AWS::Cognito::UserPool": { + "AWS::CloudFront::RealtimeLogConfig": { "additionalProperties": false, "properties": { "Condition": { @@ -45725,153 +51605,44 @@ "Properties": { "additionalProperties": false, "properties": { - "AccountRecoverySetting": { - "$ref": "#/definitions/AWS::Cognito::UserPool.AccountRecoverySetting", - "markdownDescription": "The available verified method a user can use to recover their password when they call `ForgotPassword` . You can use this setting to define a preferred method when a user has more than one method available. With this setting, SMS doesn't qualify for a valid password recovery mechanism if the user also has SMS multi-factor authentication (MFA) activated. In the absence of this setting, Amazon Cognito uses the legacy behavior to determine the recovery method where SMS is preferred through email.", - "title": "AccountRecoverySetting" - }, - "AdminCreateUserConfig": { - "$ref": "#/definitions/AWS::Cognito::UserPool.AdminCreateUserConfig", - "markdownDescription": "The settings for administrator creation of users in a user pool. Contains settings for allowing user sign-up, customizing invitation messages to new users, and the amount of time before temporary passwords expire.", - "title": "AdminCreateUserConfig" - }, - "AliasAttributes": { - "items": { - "type": "string" - }, - "markdownDescription": "Attributes supported as an alias for this user pool. For more information about alias attributes, see [Customizing sign-in attributes](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html#user-pool-settings-aliases) .", - "title": "AliasAttributes", - "type": "array" - }, - "AutoVerifiedAttributes": { + "EndPoints": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::CloudFront::RealtimeLogConfig.EndPoint" }, - "markdownDescription": "The attributes that you want your user pool to automatically verify. For more information, see [Verifying contact information at sign-up](https://docs.aws.amazon.com/cognito/latest/developerguide/signing-up-users-in-your-app.html#allowing-users-to-sign-up-and-confirm-themselves) .", - "title": "AutoVerifiedAttributes", + "markdownDescription": "Contains information about the Amazon Kinesis data stream where you are sending real-time log data for this real-time log configuration.", + "title": "EndPoints", "type": "array" }, - "DeletionProtection": { - "markdownDescription": "When active, `DeletionProtection` prevents accidental deletion of your user\npool. Before you can delete a user pool that you have protected against deletion, you\nmust deactivate this feature.\n\nWhen you try to delete a protected user pool in a `DeleteUserPool` API request, Amazon Cognito returns an `InvalidParameterException` error. To delete a protected user pool, send a new `DeleteUserPool` request after you deactivate deletion protection in an `UpdateUserPool` API request.", - "title": "DeletionProtection", - "type": "string" - }, - "DeviceConfiguration": { - "$ref": "#/definitions/AWS::Cognito::UserPool.DeviceConfiguration", - "markdownDescription": "The device-remembering configuration for a user pool. Device remembering or device tracking is a \"Remember me on this device\" option for user pools that perform authentication with the device key of a trusted device in the back end, instead of a user-provided MFA code. For more information about device authentication, see [Working with user devices in your user pool](https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html) . A null value indicates that you have deactivated device remembering in your user pool.\n\n> When you provide a value for any `DeviceConfiguration` field, you activate the Amazon Cognito device-remembering feature. For more information, see [Working with devices](https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html) .", - "title": "DeviceConfiguration" - }, - "EmailConfiguration": { - "$ref": "#/definitions/AWS::Cognito::UserPool.EmailConfiguration", - "markdownDescription": "The email configuration of your user pool. The email configuration type sets your preferred sending method, AWS Region, and sender for messages from your user pool.", - "title": "EmailConfiguration" - }, - "EmailVerificationMessage": { - "markdownDescription": "This parameter is no longer used. See [VerificationMessageTemplateType](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-verificationmessagetemplate.html) .", - "title": "EmailVerificationMessage", - "type": "string" - }, - "EmailVerificationSubject": { - "markdownDescription": "This parameter is no longer used. See [VerificationMessageTemplateType](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-verificationmessagetemplate.html) .", - "title": "EmailVerificationSubject", - "type": "string" - }, - "EnabledMfas": { + "Fields": { "items": { "type": "string" }, - "markdownDescription": "Set enabled MFA options on a specified user pool. To disable all MFAs after it has been enabled, set `MfaConfiguration` to `OFF` and remove EnabledMfas. MFAs can only be all disabled if `MfaConfiguration` is `OFF` . After you enable `SMS_MFA` , you can only disable it by setting `MfaConfiguration` to `OFF` . Can be one of the following values:\n\n- `SMS_MFA` - Enables MFA with SMS for the user pool. To select this option, you must also provide values for `SmsConfiguration` .\n- `SOFTWARE_TOKEN_MFA` - Enables software token MFA for the user pool.\n- `EMAIL_OTP` - Enables MFA with email for the user pool. To select this option, you must provide values for `EmailConfiguration` and within those, set `EmailSendingAccount` to `DEVELOPER` .\n\nAllowed values: `SMS_MFA` | `SOFTWARE_TOKEN_MFA` | `EMAIL_OTP`", - "title": "EnabledMfas", - "type": "array" - }, - "LambdaConfig": { - "$ref": "#/definitions/AWS::Cognito::UserPool.LambdaConfig", - "markdownDescription": "A collection of user pool Lambda triggers. Amazon Cognito invokes triggers at several possible stages of authentication operations. Triggers can modify the outcome of the operations that invoked them.", - "title": "LambdaConfig" - }, - "MfaConfiguration": { - "markdownDescription": "Displays the state of multi-factor authentication (MFA) as on, off, or optional. When `ON` , all users must set up MFA before they can sign in. When `OPTIONAL` , your application must make a client-side determination of whether a user wants to register an MFA device. For user pools with adaptive authentication with threat protection, choose `OPTIONAL` .\n\nWhen `MfaConfiguration` is `OPTIONAL` , managed login doesn't automatically prompt users to set up MFA. Amazon Cognito generates MFA prompts in API responses and in managed login for users who have chosen and configured a preferred MFA factor.", - "title": "MfaConfiguration", - "type": "string" - }, - "Policies": { - "$ref": "#/definitions/AWS::Cognito::UserPool.Policies", - "markdownDescription": "A list of user pool policies. Contains the policy that sets password-complexity requirements.", - "title": "Policies" - }, - "Schema": { - "items": { - "$ref": "#/definitions/AWS::Cognito::UserPool.SchemaAttribute" - }, - "markdownDescription": "An array of attributes for the new user pool. You can add custom attributes and modify the properties of default attributes. The specifications in this parameter set the required attributes in your user pool. For more information, see [Working with user attributes](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html) .", - "title": "Schema", + "markdownDescription": "A list of fields that are included in each real-time log record. In an API response, the fields are provided in the same order in which they are sent to the Amazon Kinesis data stream.\n\nFor more information about fields, see [Real-time log configuration fields](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html#understand-real-time-log-config-fields) in the *Amazon CloudFront Developer Guide* .", + "title": "Fields", "type": "array" }, - "SmsAuthenticationMessage": { - "markdownDescription": "The contents of the SMS authentication message.", - "title": "SmsAuthenticationMessage", - "type": "string" - }, - "SmsConfiguration": { - "$ref": "#/definitions/AWS::Cognito::UserPool.SmsConfiguration", - "markdownDescription": "The settings for your Amazon Cognito user pool to send SMS messages with Amazon Simple Notification Service. To send SMS messages with Amazon SNS in the AWS Region that you want, the Amazon Cognito user pool uses an AWS Identity and Access Management (IAM) role in your AWS account . For more information see [SMS message settings](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html) .", - "title": "SmsConfiguration" - }, - "SmsVerificationMessage": { - "markdownDescription": "This parameter is no longer used. See [VerificationMessageTemplateType](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-verificationmessagetemplate.html) .", - "title": "SmsVerificationMessage", - "type": "string" - }, - "UserAttributeUpdateSettings": { - "$ref": "#/definitions/AWS::Cognito::UserPool.UserAttributeUpdateSettings", - "markdownDescription": "The settings for updates to user attributes. These settings include the property `AttributesRequireVerificationBeforeUpdate` ,\na user-pool setting that tells Amazon Cognito how to handle changes to the value of your users' email address and phone number attributes. For\nmore information, see [Verifying updates to email addresses and phone numbers](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html#user-pool-settings-verifications-verify-attribute-updates) .", - "title": "UserAttributeUpdateSettings" - }, - "UserPoolAddOns": { - "$ref": "#/definitions/AWS::Cognito::UserPool.UserPoolAddOns", - "markdownDescription": "Contains settings for activation of threat protection, including the operating mode and additional authentication types. To log user security information but take no action, set to `AUDIT` . To configure automatic security responses to potentially unwanted traffic to your user pool, set to `ENFORCED` .\n\nFor more information, see [Adding advanced security to a user pool](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html) . To activate this setting, your user pool must be on the [Plus tier](https://docs.aws.amazon.com/cognito/latest/developerguide/feature-plans-features-plus.html) .", - "title": "UserPoolAddOns" - }, - "UserPoolName": { - "markdownDescription": "A friendly name for your user pool.", - "title": "UserPoolName", + "Name": { + "markdownDescription": "The unique name of this real-time log configuration.", + "title": "Name", "type": "string" }, - "UserPoolTags": { - "additionalProperties": true, - "markdownDescription": "The tag keys and values to assign to the user pool. A tag is a label that you can use to categorize and manage user pools in different ways, such as by purpose, owner, environment, or other criteria.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "UserPoolTags", - "type": "object" - }, - "UsernameAttributes": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies whether a user can use an email address or phone number as a username when they sign up.", - "title": "UsernameAttributes", - "type": "array" - }, - "UsernameConfiguration": { - "$ref": "#/definitions/AWS::Cognito::UserPool.UsernameConfiguration", - "markdownDescription": "Sets the case sensitivity option for sign-in usernames. When `CaseSensitive` is `false` (case insensitive), users can sign in with any combination of capital and lowercase letters. For example, `username` , `USERNAME` , or `UserName` , or for email, `email@example.com` or `EMaiL@eXamplE.Com` . For most use cases, set case sensitivity to `false` as a best practice. When usernames and email addresses are case insensitive, Amazon Cognito treats any variation in case as the same user, and prevents a case variation from being assigned to the same attribute for a different user.\n\nWhen `CaseSensitive` is `true` (case sensitive), Amazon Cognito interprets `USERNAME` and `UserName` as distinct users.\n\nThis configuration is immutable after you set it.", - "title": "UsernameConfiguration" - }, - "VerificationMessageTemplate": { - "$ref": "#/definitions/AWS::Cognito::UserPool.VerificationMessageTemplate", - "markdownDescription": "The template for the verification message that your user pool delivers to users who set an email address or phone number attribute.\n\nSet the email message type that corresponds to your `DefaultEmailOption` selection. For `CONFIRM_WITH_LINK` , specify an `EmailMessageByLink` and leave `EmailMessage` blank. For `CONFIRM_WITH_CODE` , specify an `EmailMessage` and leave `EmailMessageByLink` blank. When you supply both parameters with either choice, Amazon Cognito returns an error.", - "title": "VerificationMessageTemplate" + "SamplingRate": { + "markdownDescription": "The sampling rate for this real-time log configuration. The sampling rate determines the percentage of viewer requests that are represented in the real-time log data. The sampling rate is an integer between 1 and 100, inclusive.", + "title": "SamplingRate", + "type": "number" } }, + "required": [ + "EndPoints", + "Fields", + "Name", + "SamplingRate" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Cognito::UserPool" + "AWS::CloudFront::RealtimeLogConfig" ], "type": "string" }, @@ -45885,470 +51656,542 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Cognito::UserPool.AccountRecoverySetting": { + "AWS::CloudFront::RealtimeLogConfig.EndPoint": { "additionalProperties": false, "properties": { - "RecoveryMechanisms": { - "items": { - "$ref": "#/definitions/AWS::Cognito::UserPool.RecoveryOption" - }, - "markdownDescription": "The list of options and priorities for user message delivery in forgot-password operations. Sets or displays user pool preferences for email or SMS message priority, whether users should fall back to a second delivery method, and whether passwords should only be reset by administrators.", - "title": "RecoveryMechanisms", - "type": "array" + "KinesisStreamConfig": { + "$ref": "#/definitions/AWS::CloudFront::RealtimeLogConfig.KinesisStreamConfig", + "markdownDescription": "Contains information about the Amazon Kinesis data stream where you are sending real-time log data in a real-time log configuration.", + "title": "KinesisStreamConfig" + }, + "StreamType": { + "markdownDescription": "The type of data stream where you are sending real-time log data. The only valid value is `Kinesis` .", + "title": "StreamType", + "type": "string" } }, + "required": [ + "KinesisStreamConfig", + "StreamType" + ], "type": "object" }, - "AWS::Cognito::UserPool.AdminCreateUserConfig": { + "AWS::CloudFront::RealtimeLogConfig.KinesisStreamConfig": { "additionalProperties": false, "properties": { - "AllowAdminCreateUserOnly": { - "markdownDescription": "The setting for allowing self-service sign-up. When `true` , only administrators can create new user profiles. When `false` , users can register themselves and create a new user profile with the `SignUp` operation.", - "title": "AllowAdminCreateUserOnly", - "type": "boolean" - }, - "InviteMessageTemplate": { - "$ref": "#/definitions/AWS::Cognito::UserPool.InviteMessageTemplate", - "markdownDescription": "The template for the welcome message to new users. This template must include the `{####}` temporary password placeholder if you are creating users with passwords. If your users don't have passwords, you can omit the placeholder.\n\nSee also [Customizing User Invitation Messages](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-message-customizations.html#cognito-user-pool-settings-user-invitation-message-customization) .", - "title": "InviteMessageTemplate" + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Identity and Access Management (IAM) role that CloudFront can use to send real-time log data to your Kinesis data stream.\n\nFor more information the IAM role, see [Real-time log configuration IAM role](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html#understand-real-time-log-config-iam-role) in the *Amazon CloudFront Developer Guide* .", + "title": "RoleArn", + "type": "string" }, - "UnusedAccountValidityDays": { - "markdownDescription": "This parameter is no longer in use.\n\nThe password expiration limit in days for administrator-created users. When this time expires, the user can't sign in with their temporary password. To reset the account after that time limit, you must call `AdminCreateUser` again, specifying `RESEND` for the `MessageAction` parameter.\n\nThe default value for this parameter is 7.", - "title": "UnusedAccountValidityDays", - "type": "number" + "StreamArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Kinesis data stream where you are sending real-time log data.", + "title": "StreamArn", + "type": "string" } }, + "required": [ + "RoleArn", + "StreamArn" + ], "type": "object" }, - "AWS::Cognito::UserPool.CustomEmailSender": { + "AWS::CloudFront::ResponseHeadersPolicy": { "additionalProperties": false, "properties": { - "LambdaArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the function that you want to assign to your Lambda trigger.", - "title": "LambdaArn", + "Condition": { "type": "string" }, - "LambdaVersion": { - "markdownDescription": "The user pool trigger version of the request that Amazon Cognito sends to your Lambda function. Higher-numbered versions add fields that support new features.\n\nYou must use a `LambdaVersion` of `V1_0` with a custom sender function.", - "title": "LambdaVersion", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ResponseHeadersPolicyConfig": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.ResponseHeadersPolicyConfig", + "markdownDescription": "A response headers policy configuration.", + "title": "ResponseHeadersPolicyConfig" + } + }, + "required": [ + "ResponseHeadersPolicyConfig" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::CloudFront::ResponseHeadersPolicy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::Cognito::UserPool.CustomSMSSender": { + "AWS::CloudFront::ResponseHeadersPolicy.AccessControlAllowHeaders": { "additionalProperties": false, "properties": { - "LambdaArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the function that you want to assign to your Lambda trigger.", - "title": "LambdaArn", - "type": "string" - }, - "LambdaVersion": { - "markdownDescription": "The user pool trigger version of the request that Amazon Cognito sends to your Lambda function. Higher-numbered versions add fields that support new features.\n\nYou must use a `LambdaVersion` of `V1_0` with a custom sender function.", - "title": "LambdaVersion", - "type": "string" + "Items": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of HTTP header names. You can specify `*` to allow all headers.", + "title": "Items", + "type": "array" } }, + "required": [ + "Items" + ], "type": "object" }, - "AWS::Cognito::UserPool.DeviceConfiguration": { + "AWS::CloudFront::ResponseHeadersPolicy.AccessControlAllowMethods": { "additionalProperties": false, "properties": { - "ChallengeRequiredOnNewDevice": { - "markdownDescription": "When true, a remembered device can sign in with device authentication instead of SMS and time-based one-time password (TOTP) factors for multi-factor authentication (MFA).\n\n> Whether or not `ChallengeRequiredOnNewDevice` is true, users who sign in with devices that have not been confirmed or remembered must still provide a second factor in a user pool that requires MFA.", - "title": "ChallengeRequiredOnNewDevice", - "type": "boolean" - }, - "DeviceOnlyRememberedOnUserPrompt": { - "markdownDescription": "When true, Amazon Cognito doesn't automatically remember a user's device when your app sends a `ConfirmDevice` API request. In your app, create a prompt for your user to choose whether they want to remember their device. Return the user's choice in an `UpdateDeviceStatus` API request.\n\nWhen `DeviceOnlyRememberedOnUserPrompt` is `false` , Amazon Cognito immediately remembers devices that you register in a `ConfirmDevice` API request.", - "title": "DeviceOnlyRememberedOnUserPrompt", - "type": "boolean" + "Items": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of HTTP methods. Valid values are:\n\n- `GET`\n- `DELETE`\n- `HEAD`\n- `OPTIONS`\n- `PATCH`\n- `POST`\n- `PUT`\n- `ALL`\n\n`ALL` is a special value that includes all of the listed HTTP methods.", + "title": "Items", + "type": "array" } }, + "required": [ + "Items" + ], "type": "object" }, - "AWS::Cognito::UserPool.EmailConfiguration": { + "AWS::CloudFront::ResponseHeadersPolicy.AccessControlAllowOrigins": { "additionalProperties": false, "properties": { - "ConfigurationSet": { - "markdownDescription": "The set of configuration rules that can be applied to emails sent using Amazon Simple Email Service. A configuration set is applied to an email by including a reference to the configuration set in the headers of the email. Once applied, all of the rules in that configuration set are applied to the email. Configuration sets can be used to apply the following types of rules to emails:\n\n- **Event publishing** - Amazon Simple Email Service can track the number of send, delivery, open, click, bounce, and complaint events for each email sent. Use event publishing to send information about these events to other AWS services such as and Amazon CloudWatch\n- **IP pool management** - When leasing dedicated IP addresses with Amazon Simple Email Service, you can create groups of IP addresses, called dedicated IP pools. You can then associate the dedicated IP pools with configuration sets.", - "title": "ConfigurationSet", - "type": "string" - }, - "EmailSendingAccount": { - "markdownDescription": "Specifies whether Amazon Cognito uses its built-in functionality to send your users email messages, or uses your Amazon Simple Email Service email configuration. Specify one of the following values:\n\n- **COGNITO_DEFAULT** - When Amazon Cognito emails your users, it uses its built-in email functionality. When you use the default option, Amazon Cognito allows only a limited number of emails each day for your user pool. For typical production environments, the default email limit is less than the required delivery volume. To achieve a higher delivery volume, specify DEVELOPER to use your Amazon SES email configuration.\n\nTo look up the email delivery limit for the default option, see [Limits](https://docs.aws.amazon.com/cognito/latest/developerguide/limits.html) in the *Amazon Cognito Developer Guide* .\n\nThe default FROM address is `no-reply@verificationemail.com` . To customize the FROM address, provide the Amazon Resource Name (ARN) of an Amazon SES verified email address for the `SourceArn` parameter.\n- **DEVELOPER** - When Amazon Cognito emails your users, it uses your Amazon SES configuration. Amazon Cognito calls Amazon SES on your behalf to send email from your verified email address. When you use this option, the email delivery limits are the same limits that apply to your Amazon SES verified email address in your AWS account .\n\nIf you use this option, provide the ARN of an Amazon SES verified email address for the `SourceArn` parameter.\n\nBefore Amazon Cognito can email your users, it requires additional permissions to call Amazon SES on your behalf. When you update your user pool with this option, Amazon Cognito creates a *service-linked role* , which is a type of role in your AWS account . This role contains the permissions that allow you to access Amazon SES and send email messages from your email address. For more information about the service-linked role that Amazon Cognito creates, see [Using Service-Linked Roles for Amazon Cognito](https://docs.aws.amazon.com/cognito/latest/developerguide/using-service-linked-roles.html) in the *Amazon Cognito Developer Guide* .", - "title": "EmailSendingAccount", - "type": "string" - }, - "From": { - "markdownDescription": "Either the sender\u2019s email address or the sender\u2019s name with their email address. For example, `testuser@example.com` or `Test User ` . This address appears before the body of the email.", - "title": "From", - "type": "string" - }, - "ReplyToEmailAddress": { - "markdownDescription": "The destination to which the receiver of the email should reply.", - "title": "ReplyToEmailAddress", - "type": "string" - }, - "SourceArn": { - "markdownDescription": "The ARN of a verified email address or an address from a verified domain in Amazon SES. You can set a `SourceArn` email from a verified domain only with an API request. You can set a verified email address, but not an address in a verified domain, in the Amazon Cognito console. Amazon Cognito uses the email address that you provide in one of the following ways, depending on the value that you specify for the `EmailSendingAccount` parameter:\n\n- If you specify `COGNITO_DEFAULT` , Amazon Cognito uses this address as the custom FROM address when it emails your users using its built-in email account.\n- If you specify `DEVELOPER` , Amazon Cognito emails your users with this address by calling Amazon SES on your behalf.\n\nThe Region value of the `SourceArn` parameter must indicate a supported AWS Region of your user pool. Typically, the Region in the `SourceArn` and the user pool Region are the same. For more information, see [Amazon SES email configuration regions](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-email.html#user-pool-email-developer-region-mapping) in the [Amazon Cognito Developer Guide](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools.html) .", - "title": "SourceArn", - "type": "string" + "Items": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of origins (domain names). You can specify `*` to allow all origins.", + "title": "Items", + "type": "array" } }, + "required": [ + "Items" + ], "type": "object" }, - "AWS::Cognito::UserPool.InviteMessageTemplate": { + "AWS::CloudFront::ResponseHeadersPolicy.AccessControlExposeHeaders": { "additionalProperties": false, "properties": { - "EmailMessage": { - "markdownDescription": "The message template for email messages. EmailMessage is allowed only if [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is DEVELOPER.", - "title": "EmailMessage", - "type": "string" - }, - "EmailSubject": { - "markdownDescription": "The subject line for email messages. EmailSubject is allowed only if [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is DEVELOPER.", - "title": "EmailSubject", - "type": "string" - }, - "SMSMessage": { - "markdownDescription": "The message template for SMS messages.", - "title": "SMSMessage", - "type": "string" + "Items": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of HTTP headers. You can specify `*` to expose all headers.", + "title": "Items", + "type": "array" } }, + "required": [ + "Items" + ], "type": "object" }, - "AWS::Cognito::UserPool.LambdaConfig": { + "AWS::CloudFront::ResponseHeadersPolicy.ContentSecurityPolicy": { "additionalProperties": false, "properties": { - "CreateAuthChallenge": { - "markdownDescription": "The configuration of a create auth challenge Lambda trigger, one of three triggers in the sequence of the [custom authentication challenge triggers](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-challenge.html) .", - "title": "CreateAuthChallenge", - "type": "string" - }, - "CustomEmailSender": { - "$ref": "#/definitions/AWS::Cognito::UserPool.CustomEmailSender", - "markdownDescription": "The configuration of a custom email sender Lambda trigger. This trigger routes all email notifications from a user pool to a Lambda function that delivers the message using custom logic.", - "title": "CustomEmailSender" - }, - "CustomMessage": { - "markdownDescription": "A custom message Lambda trigger. This trigger is an opportunity to customize all SMS and email messages from your user pool. When a custom message trigger is active, your user pool routes all messages to a Lambda function that returns a runtime-customized message subject and body for your user pool to deliver to a user.", - "title": "CustomMessage", - "type": "string" - }, - "CustomSMSSender": { - "$ref": "#/definitions/AWS::Cognito::UserPool.CustomSMSSender", - "markdownDescription": "The configuration of a custom SMS sender Lambda trigger. This trigger routes all SMS notifications from a user pool to a Lambda function that delivers the message using custom logic.", - "title": "CustomSMSSender" - }, - "DefineAuthChallenge": { - "markdownDescription": "The configuration of a define auth challenge Lambda trigger, one of three triggers in the sequence of the [custom authentication challenge triggers](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-challenge.html) .", - "title": "DefineAuthChallenge", - "type": "string" - }, - "KMSKeyID": { - "markdownDescription": "The ARN of an [KMS key](https://docs.aws.amazon.com//kms/latest/developerguide/concepts.html#master_keys) . Amazon Cognito uses the key to encrypt codes and temporary passwords sent to custom sender Lambda triggers.", - "title": "KMSKeyID", - "type": "string" - }, - "PostAuthentication": { - "markdownDescription": "The configuration of a [post authentication Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-post-authentication.html) in a user pool. This trigger can take custom actions after a user signs in.", - "title": "PostAuthentication", - "type": "string" - }, - "PostConfirmation": { - "markdownDescription": "The configuration of a [post confirmation Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-post-confirmation.html) in a user pool. This trigger can take custom actions after a user confirms their user account and their email address or phone number.", - "title": "PostConfirmation", - "type": "string" - }, - "PreAuthentication": { - "markdownDescription": "The configuration of a [pre authentication trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-authentication.html) in a user pool. This trigger can evaluate and modify user sign-in events.", - "title": "PreAuthentication", - "type": "string" - }, - "PreSignUp": { - "markdownDescription": "The configuration of a [pre sign-up Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-sign-up.html) in a user pool. This trigger evaluates new users and can bypass confirmation, [link a federated user profile](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-identity-federation-consolidate-users.html) , or block sign-up requests.", - "title": "PreSignUp", - "type": "string" - }, - "PreTokenGeneration": { - "markdownDescription": "The legacy configuration of a [pre token generation Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-token-generation.html) in a user pool.\n\nSet this parameter for legacy purposes. If you also set an ARN in `PreTokenGenerationConfig` , its value must be identical to `PreTokenGeneration` . For new instances of pre token generation triggers, set the `LambdaArn` of `PreTokenGenerationConfig` .", - "title": "PreTokenGeneration", - "type": "string" - }, - "PreTokenGenerationConfig": { - "$ref": "#/definitions/AWS::Cognito::UserPool.PreTokenGenerationConfig", - "markdownDescription": "The detailed configuration of a [pre token generation Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-token-generation.html) in a user pool. If you also set an ARN in `PreTokenGeneration` , its value must be identical to `PreTokenGenerationConfig` .", - "title": "PreTokenGenerationConfig" - }, - "UserMigration": { - "markdownDescription": "The configuration of a [migrate user Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-migrate-user.html) in a user pool. This trigger can create user profiles when users sign in or attempt to reset their password with credentials that don't exist yet.", - "title": "UserMigration", + "ContentSecurityPolicy": { + "markdownDescription": "The policy directives and their values that CloudFront includes as values for the `Content-Security-Policy` HTTP response header.", + "title": "ContentSecurityPolicy", "type": "string" }, - "VerifyAuthChallengeResponse": { - "markdownDescription": "The configuration of a verify auth challenge Lambda trigger, one of three triggers in the sequence of the [custom authentication challenge triggers](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-challenge.html) .", - "title": "VerifyAuthChallengeResponse", - "type": "string" + "Override": { + "markdownDescription": "A Boolean that determines whether CloudFront overrides the `Content-Security-Policy` HTTP response header received from the origin with the one specified in this response headers policy.", + "title": "Override", + "type": "boolean" } }, + "required": [ + "ContentSecurityPolicy", + "Override" + ], "type": "object" }, - "AWS::Cognito::UserPool.NumberAttributeConstraints": { + "AWS::CloudFront::ResponseHeadersPolicy.ContentTypeOptions": { "additionalProperties": false, "properties": { - "MaxValue": { - "markdownDescription": "The maximum length of a number attribute value. Must be a number less than or equal to `2^1023` , represented as a string with a length of 131072 characters or fewer.", - "title": "MaxValue", - "type": "string" - }, - "MinValue": { - "markdownDescription": "The minimum value of an attribute that is of the number data type.", - "title": "MinValue", - "type": "string" + "Override": { + "markdownDescription": "A Boolean that determines whether CloudFront overrides the `X-Content-Type-Options` HTTP response header received from the origin with the one specified in this response headers policy.", + "title": "Override", + "type": "boolean" } }, + "required": [ + "Override" + ], "type": "object" }, - "AWS::Cognito::UserPool.PasswordPolicy": { + "AWS::CloudFront::ResponseHeadersPolicy.CorsConfig": { "additionalProperties": false, "properties": { - "MinimumLength": { - "markdownDescription": "The minimum length of the password in the policy that you have set. This value can't be less than 6.", - "title": "MinimumLength", - "type": "number" - }, - "RequireLowercase": { - "markdownDescription": "The requirement in a password policy that users must include at least one lowercase letter in their password.", - "title": "RequireLowercase", + "AccessControlAllowCredentials": { + "markdownDescription": "A Boolean that CloudFront uses as the value for the `Access-Control-Allow-Credentials` HTTP response header.\n\nFor more information about the `Access-Control-Allow-Credentials` HTTP response header, see [Access-Control-Allow-Credentials](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials) in the MDN Web Docs.", + "title": "AccessControlAllowCredentials", "type": "boolean" }, - "RequireNumbers": { - "markdownDescription": "The requirement in a password policy that users must include at least one number in their password.", - "title": "RequireNumbers", - "type": "boolean" + "AccessControlAllowHeaders": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.AccessControlAllowHeaders", + "markdownDescription": "A list of HTTP header names that CloudFront includes as values for the `Access-Control-Allow-Headers` HTTP response header.\n\nFor more information about the `Access-Control-Allow-Headers` HTTP response header, see [Access-Control-Allow-Headers](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Headers) in the MDN Web Docs.", + "title": "AccessControlAllowHeaders" }, - "RequireSymbols": { - "markdownDescription": "The requirement in a password policy that users must include at least one symbol in their password.", - "title": "RequireSymbols", - "type": "boolean" + "AccessControlAllowMethods": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.AccessControlAllowMethods", + "markdownDescription": "A list of HTTP methods that CloudFront includes as values for the `Access-Control-Allow-Methods` HTTP response header.\n\nFor more information about the `Access-Control-Allow-Methods` HTTP response header, see [Access-Control-Allow-Methods](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Methods) in the MDN Web Docs.", + "title": "AccessControlAllowMethods" }, - "RequireUppercase": { - "markdownDescription": "The requirement in a password policy that users must include at least one uppercase letter in their password.", - "title": "RequireUppercase", - "type": "boolean" + "AccessControlAllowOrigins": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.AccessControlAllowOrigins", + "markdownDescription": "A list of origins (domain names) that CloudFront can use as the value for the `Access-Control-Allow-Origin` HTTP response header.\n\nFor more information about the `Access-Control-Allow-Origin` HTTP response header, see [Access-Control-Allow-Origin](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin) in the MDN Web Docs.", + "title": "AccessControlAllowOrigins" }, - "TemporaryPasswordValidityDays": { - "markdownDescription": "The number of days a temporary password is valid in the password policy. If the user doesn't sign in during this time, an administrator must reset their password. Defaults to `7` . If you submit a value of `0` , Amazon Cognito treats it as a null value and sets `TemporaryPasswordValidityDays` to its default value.\n\n> When you set `TemporaryPasswordValidityDays` for a user pool, you can no longer set a value for the legacy `UnusedAccountValidityDays` parameter in that user pool.", - "title": "TemporaryPasswordValidityDays", + "AccessControlExposeHeaders": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.AccessControlExposeHeaders", + "markdownDescription": "A list of HTTP headers that CloudFront includes as values for the `Access-Control-Expose-Headers` HTTP response header.\n\nFor more information about the `Access-Control-Expose-Headers` HTTP response header, see [Access-Control-Expose-Headers](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Expose-Headers) in the MDN Web Docs.", + "title": "AccessControlExposeHeaders" + }, + "AccessControlMaxAgeSec": { + "markdownDescription": "A number that CloudFront uses as the value for the `Access-Control-Max-Age` HTTP response header.\n\nFor more information about the `Access-Control-Max-Age` HTTP response header, see [Access-Control-Max-Age](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Max-Age) in the MDN Web Docs.", + "title": "AccessControlMaxAgeSec", "type": "number" + }, + "OriginOverride": { + "markdownDescription": "A Boolean that determines whether CloudFront overrides HTTP response headers received from the origin with the ones specified in this response headers policy.", + "title": "OriginOverride", + "type": "boolean" } }, + "required": [ + "AccessControlAllowCredentials", + "AccessControlAllowHeaders", + "AccessControlAllowMethods", + "AccessControlAllowOrigins", + "OriginOverride" + ], "type": "object" }, - "AWS::Cognito::UserPool.Policies": { - "additionalProperties": false, - "properties": { - "PasswordPolicy": { - "$ref": "#/definitions/AWS::Cognito::UserPool.PasswordPolicy", - "markdownDescription": "The password policy settings for a user pool, including complexity, history, and length requirements.", - "title": "PasswordPolicy" - } - }, - "type": "object" - }, - "AWS::Cognito::UserPool.PreTokenGenerationConfig": { + "AWS::CloudFront::ResponseHeadersPolicy.CustomHeader": { "additionalProperties": false, "properties": { - "LambdaArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the function that you want to assign to your Lambda trigger.\n\nThis parameter and the `PreTokenGeneration` property of `LambdaConfig` have the same value. For new instances of pre token generation triggers, set `LambdaArn` .", - "title": "LambdaArn", + "Header": { + "markdownDescription": "The HTTP response header name.", + "title": "Header", "type": "string" }, - "LambdaVersion": { - "markdownDescription": "The user pool trigger version of the request that Amazon Cognito sends to your Lambda function. Higher-numbered versions add fields that support new features.", - "title": "LambdaVersion", + "Override": { + "markdownDescription": "A Boolean that determines whether CloudFront overrides a response header with the same name received from the origin with the header specified here.", + "title": "Override", + "type": "boolean" + }, + "Value": { + "markdownDescription": "The value for the HTTP response header.", + "title": "Value", "type": "string" } }, + "required": [ + "Header", + "Override", + "Value" + ], "type": "object" }, - "AWS::Cognito::UserPool.RecoveryOption": { + "AWS::CloudFront::ResponseHeadersPolicy.CustomHeadersConfig": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The recovery method that this object sets a recovery option for.", - "title": "Name", - "type": "string" - }, - "Priority": { - "markdownDescription": "Your priority preference for using the specified attribute in account recovery. The highest priority is `1` .", - "title": "Priority", - "type": "number" + "Items": { + "items": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.CustomHeader" + }, + "markdownDescription": "The list of HTTP response headers and their values.", + "title": "Items", + "type": "array" } }, + "required": [ + "Items" + ], "type": "object" }, - "AWS::Cognito::UserPool.SchemaAttribute": { + "AWS::CloudFront::ResponseHeadersPolicy.FrameOptions": { "additionalProperties": false, "properties": { - "AttributeDataType": { - "markdownDescription": "The data format of the values for your attribute. When you choose an `AttributeDataType` , Amazon Cognito validates the input against the data type. A custom attribute value in your user's ID token is always a string, for example `\"custom:isMember\" : \"true\"` or `\"custom:YearsAsMember\" : \"12\"` .", - "title": "AttributeDataType", - "type": "string" - }, - "DeveloperOnlyAttribute": { - "markdownDescription": "> You should use [WriteAttributes](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UserPoolClientType.html#CognitoUserPools-Type-UserPoolClientType-WriteAttributes) in the user pool client to control how attributes can be mutated for new use cases instead of using `DeveloperOnlyAttribute` . \n\nSpecifies whether the attribute type is developer only. This attribute can only be modified by an administrator. Users won't be able to modify this attribute using their access token. For example, `DeveloperOnlyAttribute` can be modified using AdminUpdateUserAttributes but can't be updated using UpdateUserAttributes.", - "title": "DeveloperOnlyAttribute", - "type": "boolean" - }, - "Mutable": { - "markdownDescription": "Specifies whether the value of the attribute can be changed.\n\nAny user pool attribute whose value you map from an IdP attribute must be mutable, with a parameter value of `true` . Amazon Cognito updates mapped attributes when users sign in to your application through an IdP. If an attribute is immutable, Amazon Cognito throws an error when it attempts to update the attribute. For more information, see [Specifying Identity Provider Attribute Mappings for Your User Pool](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-specifying-attribute-mapping.html) .", - "title": "Mutable", - "type": "boolean" - }, - "Name": { - "markdownDescription": "The name of your user pool attribute. When you create or update a user pool, adding a schema attribute creates a custom or developer-only attribute. When you add an attribute with a `Name` value of `MyAttribute` , Amazon Cognito creates the custom attribute `custom:MyAttribute` . When `DeveloperOnlyAttribute` is `true` , Amazon Cognito creates your attribute as `dev:MyAttribute` . In an operation that describes a user pool, Amazon Cognito returns this value as `value` for standard attributes, `custom:value` for custom attributes, and `dev:value` for developer-only attributes..", - "title": "Name", + "FrameOption": { + "markdownDescription": "The value of the `X-Frame-Options` HTTP response header. Valid values are `DENY` and `SAMEORIGIN` .\n\nFor more information about these values, see [X-Frame-Options](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options) in the MDN Web Docs.", + "title": "FrameOption", "type": "string" }, - "NumberAttributeConstraints": { - "$ref": "#/definitions/AWS::Cognito::UserPool.NumberAttributeConstraints", - "markdownDescription": "Specifies the constraints for an attribute of the number type.", - "title": "NumberAttributeConstraints" - }, - "Required": { - "markdownDescription": "Specifies whether a user pool attribute is required. If the attribute is required and the user doesn't provide a value, registration or sign-in will fail.", - "title": "Required", + "Override": { + "markdownDescription": "A Boolean that determines whether CloudFront overrides the `X-Frame-Options` HTTP response header received from the origin with the one specified in this response headers policy.", + "title": "Override", "type": "boolean" - }, - "StringAttributeConstraints": { - "$ref": "#/definitions/AWS::Cognito::UserPool.StringAttributeConstraints", - "markdownDescription": "Specifies the constraints for an attribute of the string type.", - "title": "StringAttributeConstraints" } }, + "required": [ + "FrameOption", + "Override" + ], "type": "object" }, - "AWS::Cognito::UserPool.SmsConfiguration": { + "AWS::CloudFront::ResponseHeadersPolicy.ReferrerPolicy": { "additionalProperties": false, "properties": { - "ExternalId": { - "markdownDescription": "The external ID provides additional security for your IAM role. You can use an `ExternalId` with the IAM role that you use with Amazon SNS to send SMS messages for your user pool. If you provide an `ExternalId` , your Amazon Cognito user pool includes it in the request to assume your IAM role. You can configure the role trust policy to require that Amazon Cognito, and any principal, provide the `ExternalID` . If you use the Amazon Cognito Management Console to create a role for SMS multi-factor authentication (MFA), Amazon Cognito creates a role with the required permissions and a trust policy that demonstrates use of the `ExternalId` .\n\nFor more information about the `ExternalId` of a role, see [How to use an external ID when granting access to your AWS resources to a third party](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user_externalid.html) .", - "title": "ExternalId", - "type": "string" - }, - "SnsCallerArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS caller. This is the ARN of the IAM role in your AWS account that Amazon Cognito will use to send SMS messages. SMS messages are subject to a [spending limit](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html) .", - "title": "SnsCallerArn", - "type": "string" + "Override": { + "markdownDescription": "A Boolean that determines whether CloudFront overrides the `Referrer-Policy` HTTP response header received from the origin with the one specified in this response headers policy.", + "title": "Override", + "type": "boolean" }, - "SnsRegion": { - "markdownDescription": "The AWS Region to use with Amazon SNS integration. You can choose the same Region as your user pool, or a supported *Legacy Amazon SNS alternate Region* .\n\nAmazon Cognito resources in the Asia Pacific (Seoul) AWS Region must use your Amazon SNS configuration in the Asia Pacific (Tokyo) Region. For more information, see [SMS message settings for Amazon Cognito user pools](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html) .", - "title": "SnsRegion", + "ReferrerPolicy": { + "markdownDescription": "The value of the `Referrer-Policy` HTTP response header. Valid values are:\n\n- `no-referrer`\n- `no-referrer-when-downgrade`\n- `origin`\n- `origin-when-cross-origin`\n- `same-origin`\n- `strict-origin`\n- `strict-origin-when-cross-origin`\n- `unsafe-url`\n\nFor more information about these values, see [Referrer-Policy](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy) in the MDN Web Docs.", + "title": "ReferrerPolicy", "type": "string" } }, + "required": [ + "Override", + "ReferrerPolicy" + ], "type": "object" }, - "AWS::Cognito::UserPool.StringAttributeConstraints": { + "AWS::CloudFront::ResponseHeadersPolicy.RemoveHeader": { "additionalProperties": false, "properties": { - "MaxLength": { - "markdownDescription": "The maximum length of a string attribute value. Must be a number less than or equal to `2^1023` , represented as a string with a length of 131072 characters or fewer.", - "title": "MaxLength", - "type": "string" - }, - "MinLength": { - "markdownDescription": "The minimum length of a string attribute value.", - "title": "MinLength", + "Header": { + "markdownDescription": "The HTTP header name.", + "title": "Header", "type": "string" } }, + "required": [ + "Header" + ], "type": "object" }, - "AWS::Cognito::UserPool.UserAttributeUpdateSettings": { + "AWS::CloudFront::ResponseHeadersPolicy.RemoveHeadersConfig": { "additionalProperties": false, "properties": { - "AttributesRequireVerificationBeforeUpdate": { + "Items": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.RemoveHeader" }, - "markdownDescription": "Requires that your user verifies their email address, phone number, or both before Amazon Cognito updates the value of that attribute. When you update a user attribute that has this option activated, Amazon Cognito sends a verification message to the new phone number or email address. Amazon Cognito doesn\u2019t change the value of the attribute until your user responds to the verification message and confirms the new value.\n\nWhen `AttributesRequireVerificationBeforeUpdate` is false, your user pool doesn't require that your users verify attribute changes before Amazon Cognito updates them. In a user pool where `AttributesRequireVerificationBeforeUpdate` is false, API operations that change attribute values can immediately update a user\u2019s `email` or `phone_number` attribute.", - "title": "AttributesRequireVerificationBeforeUpdate", + "markdownDescription": "The list of HTTP header names.", + "title": "Items", "type": "array" } }, "required": [ - "AttributesRequireVerificationBeforeUpdate" + "Items" ], "type": "object" }, - "AWS::Cognito::UserPool.UserPoolAddOns": { + "AWS::CloudFront::ResponseHeadersPolicy.ResponseHeadersPolicyConfig": { "additionalProperties": false, "properties": { - "AdvancedSecurityMode": { - "markdownDescription": "The operating mode of threat protection for standard authentication types in your user pool, including username-password and secure remote password (SRP) authentication.", - "title": "AdvancedSecurityMode", + "Comment": { + "markdownDescription": "A comment to describe the response headers policy.\n\nThe comment cannot be longer than 128 characters.", + "title": "Comment", + "type": "string" + }, + "CorsConfig": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.CorsConfig", + "markdownDescription": "A configuration for a set of HTTP response headers that are used for cross-origin resource sharing (CORS).", + "title": "CorsConfig" + }, + "CustomHeadersConfig": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.CustomHeadersConfig", + "markdownDescription": "A configuration for a set of custom HTTP response headers.", + "title": "CustomHeadersConfig" + }, + "Name": { + "markdownDescription": "A name to identify the response headers policy.\n\nThe name must be unique for response headers policies in this AWS account .", + "title": "Name", "type": "string" + }, + "RemoveHeadersConfig": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.RemoveHeadersConfig", + "markdownDescription": "A configuration for a set of HTTP headers to remove from the HTTP response.", + "title": "RemoveHeadersConfig" + }, + "SecurityHeadersConfig": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.SecurityHeadersConfig", + "markdownDescription": "A configuration for a set of security-related HTTP response headers.", + "title": "SecurityHeadersConfig" + }, + "ServerTimingHeadersConfig": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.ServerTimingHeadersConfig", + "markdownDescription": "A configuration for enabling the `Server-Timing` header in HTTP responses sent from CloudFront.", + "title": "ServerTimingHeadersConfig" } }, + "required": [ + "Name" + ], "type": "object" }, - "AWS::Cognito::UserPool.UsernameConfiguration": { + "AWS::CloudFront::ResponseHeadersPolicy.SecurityHeadersConfig": { "additionalProperties": false, "properties": { - "CaseSensitive": { - "markdownDescription": "Specifies whether user name case sensitivity will be applied for all users in the user pool through Amazon Cognito APIs. For most use cases, set case sensitivity to `False` (case insensitive) as a best practice. When usernames and email addresses are case insensitive, users can sign in as the same user when they enter a different capitalization of their user name.\n\nValid values include:\n\n- **true** - Enables case sensitivity for all username input. When this option is set to `true` , users must sign in using the exact capitalization of their given username, such as \u201cUserName\u201d. This is the default value.\n- **false** - Enables case insensitivity for all username input. For example, when this option is set to `false` , users can sign in using `username` , `USERNAME` , or `UserName` . This option also enables both `preferred_username` and `email` alias to be case insensitive, in addition to the `username` attribute.", - "title": "CaseSensitive", + "ContentSecurityPolicy": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.ContentSecurityPolicy", + "markdownDescription": "The policy directives and their values that CloudFront includes as values for the `Content-Security-Policy` HTTP response header.\n\nFor more information about the `Content-Security-Policy` HTTP response header, see [Content-Security-Policy](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy) in the MDN Web Docs.", + "title": "ContentSecurityPolicy" + }, + "ContentTypeOptions": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.ContentTypeOptions", + "markdownDescription": "Determines whether CloudFront includes the `X-Content-Type-Options` HTTP response header with its value set to `nosniff` .\n\nFor more information about the `X-Content-Type-Options` HTTP response header, see [X-Content-Type-Options](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options) in the MDN Web Docs.", + "title": "ContentTypeOptions" + }, + "FrameOptions": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.FrameOptions", + "markdownDescription": "Determines whether CloudFront includes the `X-Frame-Options` HTTP response header and the header's value.\n\nFor more information about the `X-Frame-Options` HTTP response header, see [X-Frame-Options](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options) in the MDN Web Docs.", + "title": "FrameOptions" + }, + "ReferrerPolicy": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.ReferrerPolicy", + "markdownDescription": "Determines whether CloudFront includes the `Referrer-Policy` HTTP response header and the header's value.\n\nFor more information about the `Referrer-Policy` HTTP response header, see [Referrer-Policy](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy) in the MDN Web Docs.", + "title": "ReferrerPolicy" + }, + "StrictTransportSecurity": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.StrictTransportSecurity", + "markdownDescription": "Determines whether CloudFront includes the `Strict-Transport-Security` HTTP response header and the header's value.\n\nFor more information about the `Strict-Transport-Security` HTTP response header, see [Security headers](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/understanding-response-headers-policies.html#understanding-response-headers-policies-security) in the *Amazon CloudFront Developer Guide* and [Strict-Transport-Security](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security) in the MDN Web Docs.", + "title": "StrictTransportSecurity" + }, + "XSSProtection": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.XSSProtection", + "markdownDescription": "Determines whether CloudFront includes the `X-XSS-Protection` HTTP response header and the header's value.\n\nFor more information about the `X-XSS-Protection` HTTP response header, see [X-XSS-Protection](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection) in the MDN Web Docs.", + "title": "XSSProtection" + } + }, + "type": "object" + }, + "AWS::CloudFront::ResponseHeadersPolicy.ServerTimingHeadersConfig": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "A Boolean that determines whether CloudFront adds the `Server-Timing` header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.", + "title": "Enabled", "type": "boolean" + }, + "SamplingRate": { + "markdownDescription": "A number 0\u2013100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the `Server-Timing` header to. When you set the sampling rate to 100, CloudFront adds the `Server-Timing` header to the HTTP response for every request that matches the cache behavior that this response headers policy is attached to. When you set it to 50, CloudFront adds the header to 50% of the responses for requests that match the cache behavior. You can set the sampling rate to any number 0\u2013100 with up to four decimal places.", + "title": "SamplingRate", + "type": "number" } }, + "required": [ + "Enabled" + ], "type": "object" }, - "AWS::Cognito::UserPool.VerificationMessageTemplate": { + "AWS::CloudFront::ResponseHeadersPolicy.StrictTransportSecurity": { "additionalProperties": false, "properties": { - "DefaultEmailOption": { - "markdownDescription": "The configuration of verification emails to contain a clickable link or a verification code.\n\nFor link, your template body must contain link text in the format `{##Click here##}` . \"Click here\" in the example is a customizable string. For code, your template body must contain a code placeholder in the format `{####}` .", - "title": "DefaultEmailOption", - "type": "string" + "AccessControlMaxAgeSec": { + "markdownDescription": "A number that CloudFront uses as the value for the `max-age` directive in the `Strict-Transport-Security` HTTP response header.", + "title": "AccessControlMaxAgeSec", + "type": "number" }, - "EmailMessage": { - "markdownDescription": "The template for email messages that Amazon Cognito sends to your users. You can set an `EmailMessage` template only if the value of [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` . When your [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` , your user pool sends email messages with your own Amazon SES configuration.", - "title": "EmailMessage", - "type": "string" + "IncludeSubdomains": { + "markdownDescription": "A Boolean that determines whether CloudFront includes the `includeSubDomains` directive in the `Strict-Transport-Security` HTTP response header.", + "title": "IncludeSubdomains", + "type": "boolean" }, - "EmailMessageByLink": { - "markdownDescription": "The email message template for sending a confirmation link to the user. You can set an `EmailMessageByLink` template only if the value of [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` . When your [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` , your user pool sends email messages with your own Amazon SES configuration.", - "title": "EmailMessageByLink", - "type": "string" + "Override": { + "markdownDescription": "A Boolean that determines whether CloudFront overrides the `Strict-Transport-Security` HTTP response header received from the origin with the one specified in this response headers policy.", + "title": "Override", + "type": "boolean" }, - "EmailSubject": { - "markdownDescription": "The subject line for the email message template. You can set an `EmailSubject` template only if the value of [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` . When your [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` , your user pool sends email messages with your own Amazon SES configuration.", - "title": "EmailSubject", - "type": "string" + "Preload": { + "markdownDescription": "A Boolean that determines whether CloudFront includes the `preload` directive in the `Strict-Transport-Security` HTTP response header.", + "title": "Preload", + "type": "boolean" + } + }, + "required": [ + "AccessControlMaxAgeSec", + "Override" + ], + "type": "object" + }, + "AWS::CloudFront::ResponseHeadersPolicy.XSSProtection": { + "additionalProperties": false, + "properties": { + "ModeBlock": { + "markdownDescription": "A Boolean that determines whether CloudFront includes the `mode=block` directive in the `X-XSS-Protection` header.\n\nFor more information about this directive, see [X-XSS-Protection](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection) in the MDN Web Docs.", + "title": "ModeBlock", + "type": "boolean" }, - "EmailSubjectByLink": { - "markdownDescription": "The subject line for the email message template for sending a confirmation link to the user. You can set an `EmailSubjectByLink` template only if the value of [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` . When your [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` , your user pool sends email messages with your own Amazon SES configuration.", - "title": "EmailSubjectByLink", - "type": "string" + "Override": { + "markdownDescription": "A Boolean that determines whether CloudFront overrides the `X-XSS-Protection` HTTP response header received from the origin with the one specified in this response headers policy.", + "title": "Override", + "type": "boolean" }, - "SmsMessage": { - "markdownDescription": "The template for SMS messages that Amazon Cognito sends to your users.", - "title": "SmsMessage", + "Protection": { + "markdownDescription": "A Boolean that determines the value of the `X-XSS-Protection` HTTP response header. When this setting is `true` , the value of the `X-XSS-Protection` header is `1` . When this setting is `false` , the value of the `X-XSS-Protection` header is `0` .\n\nFor more information about these settings, see [X-XSS-Protection](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection) in the MDN Web Docs.", + "title": "Protection", + "type": "boolean" + }, + "ReportUri": { + "markdownDescription": "A reporting URI, which CloudFront uses as the value of the `report` directive in the `X-XSS-Protection` header.\n\nYou cannot specify a `ReportUri` when `ModeBlock` is `true` .\n\nFor more information about using a reporting URL, see [X-XSS-Protection](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection) in the MDN Web Docs.", + "title": "ReportUri", "type": "string" } }, + "required": [ + "Override", + "Protection" + ], "type": "object" }, - "AWS::Cognito::UserPoolClient": { + "AWS::CloudFront::StreamingDistribution": { "additionalProperties": false, "properties": { "Condition": { @@ -46383,149 +52226,29 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessTokenValidity": { - "markdownDescription": "The access token time limit. After this limit expires, your user can't use their access token. To specify the time unit for `AccessTokenValidity` as `seconds` , `minutes` , `hours` , or `days` , set a `TokenValidityUnits` value in your API request.\n\nFor example, when you set `AccessTokenValidity` to `10` and `TokenValidityUnits` to `hours` , your user can authorize access with\ntheir access token for 10 hours.\n\nThe default time unit for `AccessTokenValidity` in an API request is hours. *Valid range* is displayed below in seconds.\n\nIf you don't specify otherwise in the configuration of your app client, your access\ntokens are valid for one hour.", - "title": "AccessTokenValidity", - "type": "number" - }, - "AllowedOAuthFlows": { - "items": { - "type": "string" - }, - "markdownDescription": "The OAuth grant types that you want your app client to generate for clients in managed login authentication. To create an app client that generates client credentials grants, you must add `client_credentials` as the only allowed OAuth flow.\n\n- **code** - Use a code grant flow, which provides an authorization code as the response. This code can be exchanged for access tokens with the `/oauth2/token` endpoint.\n- **implicit** - Issue the access token, and the ID token when scopes like `openid` and `profile` are requested, directly to your user.\n- **client_credentials** - Issue the access token from the `/oauth2/token` endpoint directly to a non-person user, authorized by a combination of the client ID and client secret.", - "title": "AllowedOAuthFlows", - "type": "array" - }, - "AllowedOAuthFlowsUserPoolClient": { - "markdownDescription": "Set to `true` to use OAuth 2.0 authorization server features in your app client.\n\nThis parameter must have a value of `true` before you can configure the following features in your app client.\n\n- `CallBackURLs` : Callback URLs.\n- `LogoutURLs` : Sign-out redirect URLs.\n- `AllowedOAuthScopes` : OAuth 2.0 scopes.\n- `AllowedOAuthFlows` : Support for authorization code, implicit, and client credentials OAuth 2.0 grants.\n\nTo use authorization server features, configure one of these features in the Amazon Cognito console or set `AllowedOAuthFlowsUserPoolClient` to `true` in a `CreateUserPoolClient` or `UpdateUserPoolClient` API request. If you don't set a value for `AllowedOAuthFlowsUserPoolClient` in a request with the AWS CLI or SDKs, it defaults to `false` . When `false` , only SDK-based API sign-in is permitted.", - "title": "AllowedOAuthFlowsUserPoolClient", - "type": "boolean" - }, - "AllowedOAuthScopes": { - "items": { - "type": "string" - }, - "markdownDescription": "The OAuth, OpenID Connect (OIDC), and custom scopes that you want to permit your app client to authorize access with. Scopes govern access control to user pool self-service API operations, user data from the `userInfo` endpoint, and third-party APIs. Scope values include `phone` , `email` , `openid` , and `profile` . The `aws.cognito.signin.user.admin` scope authorizes user self-service operations. Custom scopes with resource servers authorize access to external APIs.", - "title": "AllowedOAuthScopes", - "type": "array" - }, - "AnalyticsConfiguration": { - "$ref": "#/definitions/AWS::Cognito::UserPoolClient.AnalyticsConfiguration", - "markdownDescription": "The user pool analytics configuration for collecting metrics and sending them to your Amazon Pinpoint campaign.\n\nIn AWS Regions where Amazon Pinpoint isn't available, user pools might not have access to analytics or might be configurable with campaigns in the US East (N. Virginia) Region. For more information, see [Using Amazon Pinpoint analytics](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-pinpoint-integration.html) .", - "title": "AnalyticsConfiguration" - }, - "AuthSessionValidity": { - "markdownDescription": "Amazon Cognito creates a session token for each API request in an authentication flow. `AuthSessionValidity` is the duration, in minutes, of that session token. Your user pool native user must respond to each authentication challenge before the session expires.", - "title": "AuthSessionValidity", - "type": "number" - }, - "CallbackURLs": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of allowed redirect, or callback, URLs for managed login authentication. These URLs are the paths where you want to send your users' browsers after they complete authentication with managed login or a third-party IdP. Typically, callback URLs are the home of an application that uses OAuth or OIDC libraries to process authentication outcomes.\n\nA redirect URI must meet the following requirements:\n\n- Be an absolute URI.\n- Be registered with the authorization server. Amazon Cognito doesn't accept authorization requests with `redirect_uri` values that aren't in the list of `CallbackURLs` that you provide in this parameter.\n- Not include a fragment component.\n\nSee [OAuth 2.0 - Redirection Endpoint](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6749#section-3.1.2) .\n\nAmazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only.\n\nApp callback URLs such as myapp://example are also supported.", - "title": "CallbackURLs", - "type": "array" - }, - "ClientName": { - "markdownDescription": "A friendly name for the app client that you want to create.", - "title": "ClientName", - "type": "string" - }, - "DefaultRedirectURI": { - "markdownDescription": "The default redirect URI. In app clients with one assigned IdP, replaces `redirect_uri` in authentication requests. Must be in the `CallbackURLs` list.", - "title": "DefaultRedirectURI", - "type": "string" - }, - "EnablePropagateAdditionalUserContextData": { - "markdownDescription": "When `true` , your application can include additional `UserContextData` in authentication requests. This data includes the IP address, and contributes to analysis by threat protection features. For more information about propagation of user context data, see [Adding session data to API requests](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-adaptive-authentication.html#user-pool-settings-adaptive-authentication-device-fingerprint) . If you don\u2019t include this parameter, you can't send the source IP address to Amazon Cognito threat protection features. You can only activate `EnablePropagateAdditionalUserContextData` in an app client that has a client secret.", - "title": "EnablePropagateAdditionalUserContextData", - "type": "boolean" - }, - "EnableTokenRevocation": { - "markdownDescription": "Activates or deactivates token revocation.\n\nIf you don't include this parameter, token revocation is automatically activated for the new user pool client.", - "title": "EnableTokenRevocation", - "type": "boolean" - }, - "ExplicitAuthFlows": { - "items": { - "type": "string" - }, - "markdownDescription": "The [authentication flows](https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-authentication-flow-methods.html) that you want your user pool client to support. For each app client in your user pool, you can sign in your users with any combination of one or more flows, including with a user name and Secure Remote Password (SRP), a user name and password, or a custom authentication process that you define with Lambda functions.\n\n> If you don't specify a value for `ExplicitAuthFlows` , your app client supports `ALLOW_REFRESH_TOKEN_AUTH` , `ALLOW_USER_SRP_AUTH` , and `ALLOW_CUSTOM_AUTH` . \n\nThe values for authentication flow options include the following.\n\n- `ALLOW_USER_AUTH` : Enable selection-based sign-in with `USER_AUTH` . This setting covers username-password, secure remote password (SRP), passwordless, and passkey authentication. This authentiation flow can do username-password and SRP authentication without other `ExplicitAuthFlows` permitting them. For example users can complete an SRP challenge through `USER_AUTH` without the flow `USER_SRP_AUTH` being active for the app client. This flow doesn't include `CUSTOM_AUTH` .\n\nTo activate this setting, your user pool must be in the [Essentials tier](https://docs.aws.amazon.com/cognito/latest/developerguide/feature-plans-features-essentials.html) or higher.\n- `ALLOW_ADMIN_USER_PASSWORD_AUTH` : Enable admin based user password authentication flow `ADMIN_USER_PASSWORD_AUTH` . This setting replaces the `ADMIN_NO_SRP_AUTH` setting. With this authentication flow, your app passes a user name and password to Amazon Cognito in the request, instead of using the Secure Remote Password (SRP) protocol to securely transmit the password.\n- `ALLOW_CUSTOM_AUTH` : Enable Lambda trigger based authentication.\n- `ALLOW_USER_PASSWORD_AUTH` : Enable user password-based authentication. In this flow, Amazon Cognito receives the password in the request instead of using the SRP protocol to verify passwords.\n- `ALLOW_USER_SRP_AUTH` : Enable SRP-based authentication.\n- `ALLOW_REFRESH_TOKEN_AUTH` : Enable authflow to refresh tokens.\n\nIn some environments, you will see the values `ADMIN_NO_SRP_AUTH` , `CUSTOM_AUTH_FLOW_ONLY` , or `USER_PASSWORD_AUTH` . You can't assign these legacy `ExplicitAuthFlows` values to user pool clients at the same time as values that begin with `ALLOW_` ,\nlike `ALLOW_USER_SRP_AUTH` .", - "title": "ExplicitAuthFlows", - "type": "array" - }, - "GenerateSecret": { - "markdownDescription": "When `true` , generates a client secret for the app client. Client secrets are used with server-side and machine-to-machine applications. Client secrets are automatically generated; you can't specify a secret value. For more information, see [App client types](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-client-apps.html#user-pool-settings-client-app-client-types) .", - "title": "GenerateSecret", - "type": "boolean" - }, - "IdTokenValidity": { - "markdownDescription": "The ID token time limit. After this limit expires, your user can't use their ID token. To specify the time unit for `IdTokenValidity` as `seconds` , `minutes` , `hours` , or `days` , set a `TokenValidityUnits` value in your API request.\n\nFor example, when you set `IdTokenValidity` as `10` and `TokenValidityUnits` as `hours` , your user can authenticate their session with their ID token for 10 hours.\n\nThe default time unit for `IdTokenValidity` in an API request is hours. *Valid range* is displayed below in seconds.\n\nIf you don't specify otherwise in the configuration of your app client, your ID\ntokens are valid for one hour.", - "title": "IdTokenValidity", - "type": "number" - }, - "LogoutURLs": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of allowed logout URLs for managed login authentication. When you pass `logout_uri` and `client_id` parameters to `/logout` , Amazon Cognito signs out your user and redirects them to the logout URL. This parameter describes the URLs that you want to be the permitted targets of `logout_uri` . A typical use of these URLs is when a user selects \"Sign out\" and you redirect them to your public homepage. For more information, see [Logout endpoint](https://docs.aws.amazon.com/cognito/latest/developerguide/logout-endpoint.html) .", - "title": "LogoutURLs", - "type": "array" - }, - "PreventUserExistenceErrors": { - "markdownDescription": "Errors and responses that you want Amazon Cognito APIs to return during authentication, account confirmation, and password recovery when the user doesn't exist in the user pool. When set to `ENABLED` and the user doesn't exist, authentication returns an error indicating either the username or password was incorrect. Account confirmation and password recovery return a response indicating a code was sent to a simulated destination. When set to `LEGACY` , those APIs return a `UserNotFoundException` exception if the user doesn't exist in the user pool.\n\nValid values include:\n\n- `ENABLED` - This prevents user existence-related errors.\n- `LEGACY` - This represents the early behavior of Amazon Cognito where user existence related errors aren't prevented.\n\nDefaults to `LEGACY` when you don't provide a value.", - "title": "PreventUserExistenceErrors", - "type": "string" - }, - "ReadAttributes": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of user attributes that you want your app client to have read access to. After your user authenticates in your app, their access token authorizes them to read their own attribute value for any attribute in this list. An example of this kind of activity is when your user selects a link to view their profile information.\n\nWhen you don't specify the `ReadAttributes` for your app client, your app can read the values of `email_verified` , `phone_number_verified` , and the Standard attributes of your user pool. When your user pool app client has read access to these default attributes, `ReadAttributes` doesn't return any information. Amazon Cognito only populates `ReadAttributes` in the API response if you have specified your own custom set of read attributes.", - "title": "ReadAttributes", - "type": "array" - }, - "RefreshTokenValidity": { - "markdownDescription": "The refresh token time limit. After this limit expires, your user can't use their refresh token. To specify the time unit for `RefreshTokenValidity` as `seconds` , `minutes` , `hours` , or `days` , set a `TokenValidityUnits` value in your API request.\n\nFor example, when you set `RefreshTokenValidity` as `10` and `TokenValidityUnits` as `days` , your user can refresh their session\nand retrieve new access and ID tokens for 10 days.\n\nThe default time unit for `RefreshTokenValidity` in an API request is days. You can't set `RefreshTokenValidity` to 0. If you do, Amazon Cognito overrides the value with the default value of 30 days. *Valid range* is displayed below in seconds.\n\nIf you don't specify otherwise in the configuration of your app client, your refresh\ntokens are valid for 30 days.", - "title": "RefreshTokenValidity", - "type": "number" - }, - "SupportedIdentityProviders": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of provider names for the identity providers (IdPs) that are supported on this client. The following are supported: `COGNITO` , `Facebook` , `Google` , `SignInWithApple` , and `LoginWithAmazon` . You can also specify the names that you configured for the SAML and OIDC IdPs in your user pool, for example `MySAMLIdP` or `MyOIDCIdP` .\n\nThis parameter sets the IdPs that [managed login](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-managed-login.html) will display on the login page for your app client. The removal of `COGNITO` from this list doesn't prevent authentication operations for local users with the user pools API in an AWS SDK. The only way to prevent SDK-based authentication is to block access with a [AWS WAF rule](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-waf.html) .", - "title": "SupportedIdentityProviders", - "type": "array" - }, - "TokenValidityUnits": { - "$ref": "#/definitions/AWS::Cognito::UserPoolClient.TokenValidityUnits", - "markdownDescription": "The units that validity times are represented in. The default unit for refresh tokens is days, and the default for ID and access tokens are hours.", - "title": "TokenValidityUnits" - }, - "UserPoolId": { - "markdownDescription": "The ID of the user pool where you want to create an app client.", - "title": "UserPoolId", - "type": "string" + "StreamingDistributionConfig": { + "$ref": "#/definitions/AWS::CloudFront::StreamingDistribution.StreamingDistributionConfig", + "markdownDescription": "The current configuration information for the RTMP distribution.", + "title": "StreamingDistributionConfig" }, - "WriteAttributes": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The list of user attributes that you want your app client to have write access to. After your user authenticates in your app, their access token authorizes them to set or modify their own attribute value for any attribute in this list.\n\nWhen you don't specify the `WriteAttributes` for your app client, your app can write the values of the Standard attributes of your user pool. When your user pool has write access to these default attributes, `WriteAttributes` doesn't return any information. Amazon Cognito only populates `WriteAttributes` in the API response if you have specified your own custom set of write attributes.\n\nIf your app client allows users to sign in through an IdP, this array must include all attributes that you have mapped to IdP attributes. Amazon Cognito updates mapped attributes when users sign in to your application through an IdP. If your app client does not have write access to a mapped attribute, Amazon Cognito throws an error when it tries to update the attribute. For more information, see [Specifying IdP Attribute Mappings for Your user pool](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-specifying-attribute-mapping.html) .", - "title": "WriteAttributes", + "markdownDescription": "A complex type that contains zero or more `Tag` elements.", + "title": "Tags", "type": "array" } }, "required": [ - "UserPoolId" + "StreamingDistributionConfig", + "Tags" ], "type": "object" }, "Type": { "enum": [ - "AWS::Cognito::UserPoolClient" + "AWS::CloudFront::StreamingDistribution" ], "type": "string" }, @@ -46544,148 +52267,125 @@ ], "type": "object" }, - "AWS::Cognito::UserPoolClient.AnalyticsConfiguration": { + "AWS::CloudFront::StreamingDistribution.Logging": { "additionalProperties": false, "properties": { - "ApplicationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an Amazon Pinpoint project that you want to connect to your user pool app client. Amazon Cognito publishes events to the Amazon Pinpoint project that `ApplicationArn` declares. You can also configure your application to pass an endpoint ID in the `AnalyticsMetadata` parameter of sign-in operations. The endpoint ID is information about the destination for push notifications", - "title": "ApplicationArn", - "type": "string" - }, - "ApplicationId": { - "markdownDescription": "Your Amazon Pinpoint project ID.", - "title": "ApplicationId", + "Bucket": { + "markdownDescription": "The Amazon S3 bucket to store the access logs in, for example, `amzn-s3-demo-bucket.s3.amazonaws.com` .", + "title": "Bucket", "type": "string" }, - "ExternalId": { - "markdownDescription": "The [external ID](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user_externalid.html) of the role that Amazon Cognito assumes to send analytics data to Amazon Pinpoint.", - "title": "ExternalId", - "type": "string" + "Enabled": { + "markdownDescription": "Specifies whether you want CloudFront to save access logs to an Amazon S3 bucket. If you don't want to enable logging when you create a streaming distribution or if you want to disable logging for an existing streaming distribution, specify `false` for `Enabled` , and specify `empty Bucket` and `Prefix` elements. If you specify `false` for `Enabled` but you specify values for `Bucket` and `Prefix` , the values are automatically deleted.", + "title": "Enabled", + "type": "boolean" }, - "RoleArn": { - "markdownDescription": "The ARN of an AWS Identity and Access Management role that has the permissions required for Amazon Cognito to publish events to Amazon Pinpoint analytics.", - "title": "RoleArn", + "Prefix": { + "markdownDescription": "An optional string that you want CloudFront to prefix to the access log filenames for this streaming distribution, for example, `myprefix/` . If you want to enable logging, but you don't want to specify a prefix, you still must include an empty `Prefix` element in the `Logging` element.", + "title": "Prefix", "type": "string" - }, - "UserDataShared": { - "markdownDescription": "If `UserDataShared` is `true` , Amazon Cognito includes user data in the events that it publishes to Amazon Pinpoint analytics.", - "title": "UserDataShared", - "type": "boolean" } }, + "required": [ + "Bucket", + "Enabled", + "Prefix" + ], "type": "object" }, - "AWS::Cognito::UserPoolClient.TokenValidityUnits": { + "AWS::CloudFront::StreamingDistribution.S3Origin": { "additionalProperties": false, "properties": { - "AccessToken": { - "markdownDescription": "A time unit for the value that you set in the `AccessTokenValidity` parameter. The default `AccessTokenValidity` time unit is `hours` . `AccessTokenValidity` duration can range from five minutes to one day.", - "title": "AccessToken", - "type": "string" - }, - "IdToken": { - "markdownDescription": "A time unit for the value that you set in the `IdTokenValidity` parameter. The default `IdTokenValidity` time unit is `hours` . `IdTokenValidity` duration can range from five minutes to one day.", - "title": "IdToken", + "DomainName": { + "markdownDescription": "The DNS name of the Amazon S3 origin.", + "title": "DomainName", "type": "string" }, - "RefreshToken": { - "markdownDescription": "A time unit for the value that you set in the `RefreshTokenValidity` parameter. The default `RefreshTokenValidity` time unit is `days` . `RefreshTokenValidity` duration can range from 60 minutes to 10 years.", - "title": "RefreshToken", + "OriginAccessIdentity": { + "markdownDescription": "The CloudFront origin access identity to associate with the distribution. Use an origin access identity to configure the distribution so that end users can only access objects in an Amazon S3 bucket through CloudFront.\n\nIf you want end users to be able to access objects using either the CloudFront URL or the Amazon S3 URL, specify an empty `OriginAccessIdentity` element.\n\nTo delete the origin access identity from an existing distribution, update the distribution configuration and include an empty `OriginAccessIdentity` element.\n\nTo replace the origin access identity, update the distribution configuration and specify the new origin access identity.\n\nFor more information, see [Using an Origin Access Identity to Restrict Access to Your Amazon S3 Content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginAccessIdentity", "type": "string" } }, + "required": [ + "DomainName", + "OriginAccessIdentity" + ], "type": "object" }, - "AWS::Cognito::UserPoolDomain": { + "AWS::CloudFront::StreamingDistribution.StreamingDistributionConfig": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Aliases": { + "items": { + "type": "string" + }, + "markdownDescription": "A complex type that contains information about CNAMEs (alternate domain names), if any, for this streaming distribution.", + "title": "Aliases", + "type": "array" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Comment": { + "markdownDescription": "Any comments you want to include about the streaming distribution.", + "title": "Comment", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "Enabled": { + "markdownDescription": "Whether the streaming distribution is enabled to accept user requests for content.", + "title": "Enabled", + "type": "boolean" }, - "Properties": { - "additionalProperties": false, - "properties": { - "CustomDomainConfig": { - "$ref": "#/definitions/AWS::Cognito::UserPoolDomain.CustomDomainConfigType", - "markdownDescription": "The configuration for a custom domain that hosts the sign-up and sign-in pages for your application. Use this object to specify an SSL certificate that is managed by ACM.\n\nWhen you create a custom domain, the passkey RP ID defaults to the custom domain. If you had a prefix domain active, this will cause passkey integration for your prefix domain to stop working due to a mismatch in RP ID. To keep the prefix domain passkey integration working, you can explicitly set RP ID to the prefix domain.", - "title": "CustomDomainConfig" - }, - "Domain": { - "markdownDescription": "The name of the domain that you want to update. For custom domains, this is the fully-qualified domain name, for example `auth.example.com` . For prefix domains, this is the prefix alone, such as `myprefix` .", - "title": "Domain", - "type": "string" - }, - "UserPoolId": { - "markdownDescription": "The ID of the user pool that is associated with the domain you're updating.", - "title": "UserPoolId", - "type": "string" - } - }, - "required": [ - "Domain", - "UserPoolId" - ], - "type": "object" + "Logging": { + "$ref": "#/definitions/AWS::CloudFront::StreamingDistribution.Logging", + "markdownDescription": "A complex type that controls whether access logs are written for the streaming distribution.", + "title": "Logging" }, - "Type": { - "enum": [ - "AWS::Cognito::UserPoolDomain" - ], + "PriceClass": { + "markdownDescription": "A complex type that contains information about price class for this streaming distribution.", + "title": "PriceClass", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "S3Origin": { + "$ref": "#/definitions/AWS::CloudFront::StreamingDistribution.S3Origin", + "markdownDescription": "A complex type that contains information about the Amazon S3 bucket from which you want CloudFront to get your media files for distribution.", + "title": "S3Origin" + }, + "TrustedSigners": { + "$ref": "#/definitions/AWS::CloudFront::StreamingDistribution.TrustedSigners", + "markdownDescription": "A complex type that specifies any AWS accounts that you want to permit to create signed URLs for private content. If you want the distribution to use signed URLs, include this element; if you want the distribution to use public URLs, remove this element. For more information, see [Serving Private Content through CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", + "title": "TrustedSigners" } }, "required": [ - "Type", - "Properties" + "Comment", + "Enabled", + "S3Origin", + "TrustedSigners" ], "type": "object" }, - "AWS::Cognito::UserPoolDomain.CustomDomainConfigType": { + "AWS::CloudFront::StreamingDistribution.TrustedSigners": { "additionalProperties": false, "properties": { - "CertificateArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Certificate Manager SSL certificate. You use this certificate for the subdomain of your custom domain.", - "title": "CertificateArn", - "type": "string" + "AwsAccountNumbers": { + "items": { + "type": "string" + }, + "markdownDescription": "An AWS account number that contains active CloudFront key pairs that CloudFront can use to verify the signatures of signed URLs and signed cookies. If the AWS account that owns the key pairs is the same account that owns the CloudFront distribution, the value of this field is `self` .", + "title": "AwsAccountNumbers", + "type": "array" + }, + "Enabled": { + "markdownDescription": "This field is `true` if any of the AWS accounts in the list are configured as trusted signers. If not, this field is `false` .", + "title": "Enabled", + "type": "boolean" } }, + "required": [ + "Enabled" + ], "type": "object" }, - "AWS::Cognito::UserPoolGroup": { + "AWS::CloudFront::VpcOrigin": { "additionalProperties": false, "properties": { "Condition": { @@ -46720,40 +52420,28 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the group that you're creating.", - "title": "Description", - "type": "string" - }, - "GroupName": { - "markdownDescription": "A name for the group. This name must be unique in your user pool.", - "title": "GroupName", - "type": "string" - }, - "Precedence": { - "markdownDescription": "A non-negative integer value that specifies the precedence of this group relative to the other groups that a user can belong to in the user pool. Zero is the highest precedence value. Groups with lower `Precedence` values take precedence over groups with higher or null `Precedence` values. If a user belongs to two or more groups, it is the group with the lowest precedence value whose role ARN is given in the user's tokens for the `cognito:roles` and `cognito:preferred_role` claims.\n\nTwo groups can have the same `Precedence` value. If this happens, neither group takes precedence over the other. If two groups with the same `Precedence` have the same role ARN, that role is used in the `cognito:preferred_role` claim in tokens for users in each group. If the two groups have different role ARNs, the `cognito:preferred_role` claim isn't set in users' tokens.\n\nThe default `Precedence` value is null. The maximum `Precedence` value is `2^31-1` .", - "title": "Precedence", - "type": "number" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the IAM role that you want to associate with the group. A group role primarily declares a preferred role for the credentials that you get from an identity pool. Amazon Cognito ID tokens have a `cognito:preferred_role` claim that presents the highest-precedence group that a user belongs to. Both ID and access tokens also contain a `cognito:groups` claim that list all the groups that a user is a member of.", - "title": "RoleArn", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A complex type that contains zero or more `Tag` elements.", + "title": "Tags", + "type": "array" }, - "UserPoolId": { - "markdownDescription": "The ID of the user pool where you want to create a user group.", - "title": "UserPoolId", - "type": "string" + "VpcOriginEndpointConfig": { + "$ref": "#/definitions/AWS::CloudFront::VpcOrigin.VpcOriginEndpointConfig", + "markdownDescription": "The VPC origin endpoint configuration.", + "title": "VpcOriginEndpointConfig" } }, "required": [ - "UserPoolId" + "VpcOriginEndpointConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::Cognito::UserPoolGroup" + "AWS::CloudFront::VpcOrigin" ], "type": "string" }, @@ -46772,7 +52460,50 @@ ], "type": "object" }, - "AWS::Cognito::UserPoolIdentityProvider": { + "AWS::CloudFront::VpcOrigin.VpcOriginEndpointConfig": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The ARN of the CloudFront VPC origin endpoint configuration.", + "title": "Arn", + "type": "string" + }, + "HTTPPort": { + "markdownDescription": "The HTTP port for the CloudFront VPC origin endpoint configuration. The default value is `80` .", + "title": "HTTPPort", + "type": "number" + }, + "HTTPSPort": { + "markdownDescription": "The HTTPS port of the CloudFront VPC origin endpoint configuration. The default value is `443` .", + "title": "HTTPSPort", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of the CloudFront VPC origin endpoint configuration.", + "title": "Name", + "type": "string" + }, + "OriginProtocolPolicy": { + "markdownDescription": "The origin protocol policy for the CloudFront VPC origin endpoint configuration.", + "title": "OriginProtocolPolicy", + "type": "string" + }, + "OriginSSLProtocols": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the minimum SSL/TLS protocol that CloudFront uses when connecting to your origin over HTTPS. Valid values include `SSLv3` , `TLSv1` , `TLSv1.1` , and `TLSv1.2` .\n\nFor more information, see [Minimum Origin SSL Protocol](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DownloadDistValuesOrigin.html#DownloadDistValuesOriginSSLProtocols) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginSSLProtocols", + "type": "array" + } + }, + "required": [ + "Arn", + "Name" + ], + "type": "object" + }, + "AWS::CloudTrail::Channel": { "additionalProperties": false, "properties": { "Condition": { @@ -46807,50 +52538,38 @@ "Properties": { "additionalProperties": false, "properties": { - "AttributeMapping": { - "markdownDescription": "A mapping of IdP attributes to standard and custom user pool attributes. Specify a user pool attribute as the key of the key-value pair, and the IdP attribute claim name as the value.", - "title": "AttributeMapping", - "type": "object" - }, - "IdpIdentifiers": { + "Destinations": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::CloudTrail::Channel.Destination" }, - "markdownDescription": "An array of IdP identifiers, for example `\"IdPIdentifiers\": [ \"MyIdP\", \"MyIdP2\" ]` . Identifiers are friendly names that you can pass in the `idp_identifier` query parameter of requests to the [Authorize endpoint](https://docs.aws.amazon.com/cognito/latest/developerguide/authorization-endpoint.html) to silently redirect to sign-in with the associated IdP. Identifiers in a domain format also enable the use of [email-address matching with SAML providers](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-managing-saml-idp-naming.html) .", - "title": "IdpIdentifiers", + "markdownDescription": "One or more event data stores to which events arriving through a channel will be logged.", + "title": "Destinations", "type": "array" }, - "ProviderDetails": { - "markdownDescription": "The scopes, URLs, and identifiers for your external identity provider. The following\nexamples describe the provider detail keys for each IdP type. These values and their\nschema are subject to change. Social IdP `authorize_scopes` values must match\nthe values listed here.\n\n- **OpenID Connect (OIDC)** - Amazon Cognito accepts the following elements when it can't discover endpoint URLs from `oidc_issuer` : `attributes_url` , `authorize_url` , `jwks_uri` , `token_url` .\n\nCreate or update request: `\"ProviderDetails\": { \"attributes_request_method\": \"GET\", \"attributes_url\": \"https://auth.example.com/userInfo\", \"authorize_scopes\": \"openid profile email\", \"authorize_url\": \"https://auth.example.com/authorize\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"jwks_uri\": \"https://auth.example.com/.well-known/jwks.json\", \"oidc_issuer\": \"https://auth.example.com\", \"token_url\": \"https://example.com/token\" }`\n\nDescribe response: `\"ProviderDetails\": { \"attributes_request_method\": \"GET\", \"attributes_url\": \"https://auth.example.com/userInfo\", \"attributes_url_add_attributes\": \"false\", \"authorize_scopes\": \"openid profile email\", \"authorize_url\": \"https://auth.example.com/authorize\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"jwks_uri\": \"https://auth.example.com/.well-known/jwks.json\", \"oidc_issuer\": \"https://auth.example.com\", \"token_url\": \"https://example.com/token\" }`\n- **SAML** - Create or update request with Metadata URL: `\"ProviderDetails\": { \"IDPInit\": \"true\", \"IDPSignout\": \"true\", \"EncryptedResponses\" : \"true\", \"MetadataURL\": \"https://auth.example.com/sso/saml/metadata\", \"RequestSigningAlgorithm\": \"rsa-sha256\" }`\n\nCreate or update request with Metadata file: `\"ProviderDetails\": { \"IDPInit\": \"true\", \"IDPSignout\": \"true\", \"EncryptedResponses\" : \"true\", \"MetadataFile\": \"[metadata XML]\", \"RequestSigningAlgorithm\": \"rsa-sha256\" }`\n\nThe value of `MetadataFile` must be the plaintext metadata document with all quote (\") characters escaped by backslashes.\n\nDescribe response: `\"ProviderDetails\": { \"IDPInit\": \"true\", \"IDPSignout\": \"true\", \"EncryptedResponses\" : \"true\", \"ActiveEncryptionCertificate\": \"[certificate]\", \"MetadataURL\": \"https://auth.example.com/sso/saml/metadata\", \"RequestSigningAlgorithm\": \"rsa-sha256\", \"SLORedirectBindingURI\": \"https://auth.example.com/slo/saml\", \"SSORedirectBindingURI\": \"https://auth.example.com/sso/saml\" }`\n- **LoginWithAmazon** - Create or update request: `\"ProviderDetails\": { \"authorize_scopes\": \"profile postal_code\", \"client_id\": \"amzn1.application-oa2-client.1example23456789\", \"client_secret\": \"provider-app-client-secret\"`\n\nDescribe response: `\"ProviderDetails\": { \"attributes_url\": \"https://api.amazon.com/user/profile\", \"attributes_url_add_attributes\": \"false\", \"authorize_scopes\": \"profile postal_code\", \"authorize_url\": \"https://www.amazon.com/ap/oa\", \"client_id\": \"amzn1.application-oa2-client.1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"token_request_method\": \"POST\", \"token_url\": \"https://api.amazon.com/auth/o2/token\" }`\n- **Google** - Create or update request: `\"ProviderDetails\": { \"authorize_scopes\": \"email profile openid\", \"client_id\": \"1example23456789.apps.googleusercontent.com\", \"client_secret\": \"provider-app-client-secret\" }`\n\nDescribe response: `\"ProviderDetails\": { \"attributes_url\": \"https://people.googleapis.com/v1/people/me?personFields=\", \"attributes_url_add_attributes\": \"true\", \"authorize_scopes\": \"email profile openid\", \"authorize_url\": \"https://accounts.google.com/o/oauth2/v2/auth\", \"client_id\": \"1example23456789.apps.googleusercontent.com\", \"client_secret\": \"provider-app-client-secret\", \"oidc_issuer\": \"https://accounts.google.com\", \"token_request_method\": \"POST\", \"token_url\": \"https://www.googleapis.com/oauth2/v4/token\" }`\n- **SignInWithApple** - Create or update request: `\"ProviderDetails\": { \"authorize_scopes\": \"email name\", \"client_id\": \"com.example.cognito\", \"private_key\": \"1EXAMPLE\", \"key_id\": \"2EXAMPLE\", \"team_id\": \"3EXAMPLE\" }`\n\nDescribe response: `\"ProviderDetails\": { \"attributes_url_add_attributes\": \"false\", \"authorize_scopes\": \"email name\", \"authorize_url\": \"https://appleid.apple.com/auth/authorize\", \"client_id\": \"com.example.cognito\", \"key_id\": \"1EXAMPLE\", \"oidc_issuer\": \"https://appleid.apple.com\", \"team_id\": \"2EXAMPLE\", \"token_request_method\": \"POST\", \"token_url\": \"https://appleid.apple.com/auth/token\" }`\n- **Facebook** - Create or update request: `\"ProviderDetails\": { \"api_version\": \"v17.0\", \"authorize_scopes\": \"public_profile, email\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\" }`\n\nDescribe response: `\"ProviderDetails\": { \"api_version\": \"v17.0\", \"attributes_url\": \"https://graph.facebook.com/v17.0/me?fields=\", \"attributes_url_add_attributes\": \"true\", \"authorize_scopes\": \"public_profile, email\", \"authorize_url\": \"https://www.facebook.com/v17.0/dialog/oauth\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"token_request_method\": \"GET\", \"token_url\": \"https://graph.facebook.com/v17.0/oauth/access_token\" }`", - "title": "ProviderDetails", - "type": "object" - }, - "ProviderName": { - "markdownDescription": "The name that you want to assign to the IdP. You can pass the identity provider name in the `identity_provider` query parameter of requests to the [Authorize endpoint](https://docs.aws.amazon.com/cognito/latest/developerguide/authorization-endpoint.html) to silently redirect to sign-in with the associated IdP.", - "title": "ProviderName", + "Name": { + "markdownDescription": "The name of the channel.", + "title": "Name", "type": "string" }, - "ProviderType": { - "markdownDescription": "The type of IdP that you want to add. Amazon Cognito supports OIDC, SAML 2.0, Login With Amazon, Sign In With Apple, Google, and Facebook IdPs.", - "title": "ProviderType", + "Source": { + "markdownDescription": "The name of the partner or external event source. You cannot change this name after you create the channel. A maximum of one channel is allowed per source.\n\nA source can be either `Custom` for all valid non- AWS events, or the name of a partner event source. For information about the source names for available partners, see [Additional information about integration partners](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-event-data-store-integration.html#cloudtrail-lake-partner-information) in the CloudTrail User Guide.", + "title": "Source", "type": "string" }, - "UserPoolId": { - "markdownDescription": "The Id of the user pool where you want to create an IdP.", - "title": "UserPoolId", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags.", + "title": "Tags", + "type": "array" } }, - "required": [ - "ProviderName", - "ProviderType", - "UserPoolId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Cognito::UserPoolIdentityProvider" + "AWS::CloudTrail::Channel" ], "type": "string" }, @@ -46864,12 +52583,31 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Cognito::UserPoolResourceServer": { + "AWS::CloudTrail::Channel.Destination": { + "additionalProperties": false, + "properties": { + "Location": { + "markdownDescription": "For channels used for a CloudTrail Lake integration, the location is the ARN of an event data store that receives events from a channel. For service-linked channels, the location is the name of the AWS service.", + "title": "Location", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of destination for events arriving from a channel. For channels used for a CloudTrail Lake integration, the value is `EVENT_DATA_STORE` . For service-linked channels, the value is `AWS_SERVICE` .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Location", + "Type" + ], + "type": "object" + }, + "AWS::CloudTrail::Dashboard": { "additionalProperties": false, "properties": { "Condition": { @@ -46904,40 +52642,43 @@ "Properties": { "additionalProperties": false, "properties": { - "Identifier": { - "markdownDescription": "A unique resource server identifier for the resource server. The identifier can be an API friendly name like `solar-system-data` . You can also set an API URL like `https://solar-system-data-api.example.com` as your identifier.\n\nAmazon Cognito represents scopes in the access token in the format `$resource-server-identifier/$scope` . Longer scope-identifier strings increase the size of your access tokens.", - "title": "Identifier", - "type": "string" - }, "Name": { - "markdownDescription": "A friendly name for the resource server.", + "markdownDescription": "The name of the dashboard. The name must be unique to your account.\n\nTo create the Highlights dashboard, the name must be `AWSCloudTrail-Highlights` .", "title": "Name", "type": "string" }, - "Scopes": { + "RefreshSchedule": { + "$ref": "#/definitions/AWS::CloudTrail::Dashboard.RefreshSchedule", + "markdownDescription": "The schedule for a dashboard refresh.", + "title": "RefreshSchedule" + }, + "Tags": { "items": { - "$ref": "#/definitions/AWS::Cognito::UserPoolResourceServer.ResourceServerScopeType" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of scopes. Each scope is a map with keys `ScopeName` and `ScopeDescription` .", - "title": "Scopes", + "markdownDescription": "A list of tags.", + "title": "Tags", "type": "array" }, - "UserPoolId": { - "markdownDescription": "The ID of the user pool where you want to create a resource server.", - "title": "UserPoolId", - "type": "string" + "TerminationProtectionEnabled": { + "markdownDescription": "Specifies whether termination protection is enabled for the dashboard. If termination protection is enabled, you cannot delete the dashboard until termination protection is disabled.", + "title": "TerminationProtectionEnabled", + "type": "boolean" + }, + "Widgets": { + "items": { + "$ref": "#/definitions/AWS::CloudTrail::Dashboard.Widget" + }, + "markdownDescription": "An array of widgets for a custom dashboard. A custom dashboard can have a maximum of ten widgets.\n\nYou do not need to specify widgets for the Highlights dashboard.", + "title": "Widgets", + "type": "array" } }, - "required": [ - "Identifier", - "Name", - "UserPoolId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Cognito::UserPoolResourceServer" + "AWS::CloudTrail::Dashboard" ], "type": "string" }, @@ -46951,32 +52692,85 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Cognito::UserPoolResourceServer.ResourceServerScopeType": { + "AWS::CloudTrail::Dashboard.Frequency": { "additionalProperties": false, "properties": { - "ScopeDescription": { - "markdownDescription": "A friendly description of a custom scope.", - "title": "ScopeDescription", + "Unit": { + "markdownDescription": "The unit to use for the refresh.\n\nFor custom dashboards, the unit can be `HOURS` or `DAYS` .\n\nFor the Highlights dashboard, the `Unit` must be `HOURS` .", + "title": "Unit", "type": "string" }, - "ScopeName": { - "markdownDescription": "The name of the scope. Amazon Cognito renders custom scopes in the format `resourceServerIdentifier/ScopeName` . For example, if this parameter is `exampleScope` in the resource server with the identifier `exampleResourceServer` , you request and receive the scope `exampleResourceServer/exampleScope` .", - "title": "ScopeName", + "Value": { + "markdownDescription": "The value for the refresh schedule.\n\nFor custom dashboards, the following values are valid when the unit is `HOURS` : `1` , `6` , `12` , `24`\n\nFor custom dashboards, the only valid value when the unit is `DAYS` is `1` .\n\nFor the Highlights dashboard, the `Value` must be `6` .", + "title": "Value", + "type": "number" + } + }, + "required": [ + "Unit", + "Value" + ], + "type": "object" + }, + "AWS::CloudTrail::Dashboard.RefreshSchedule": { + "additionalProperties": false, + "properties": { + "Frequency": { + "$ref": "#/definitions/AWS::CloudTrail::Dashboard.Frequency", + "markdownDescription": "The frequency at which you want the dashboard refreshed.", + "title": "Frequency" + }, + "Status": { + "markdownDescription": "Specifies whether the refresh schedule is enabled. Set the value to `ENABLED` to enable the refresh schedule, or to `DISABLED` to turn off the refresh schedule.", + "title": "Status", "type": "string" + }, + "TimeOfDay": { + "markdownDescription": "The time of day in UTC to run the schedule; for hourly only refer to minutes; default is 00:00.", + "title": "TimeOfDay", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CloudTrail::Dashboard.Widget": { + "additionalProperties": false, + "properties": { + "QueryParameters": { + "items": { + "type": "string" + }, + "markdownDescription": "The optional query parameters. The following query parameters are valid: `$StartTime$` , `$EndTime$` , and `$Period$` .", + "title": "QueryParameters", + "type": "array" + }, + "QueryStatement": { + "markdownDescription": "The query statement for the widget. For custom dashboard widgets, you can query across multiple event data stores as long as all event data stores exist in your account.\n\n> When a query uses `?` with `eventTime` , `?` must be surrounded by single quotes as follows: `'?'` .", + "title": "QueryStatement", + "type": "string" + }, + "ViewProperties": { + "additionalProperties": true, + "markdownDescription": "The view properties for the widget. For more information about view properties, see [View properties for widgets](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/lake-widget-properties.html) in the *AWS CloudTrail User Guide* .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "ViewProperties", + "type": "object" } }, "required": [ - "ScopeDescription", - "ScopeName" + "QueryStatement" ], "type": "object" }, - "AWS::Cognito::UserPoolRiskConfigurationAttachment": { + "AWS::CloudTrail::EventDataStore": { "additionalProperties": false, "properties": { "Condition": { @@ -47011,41 +52805,104 @@ "Properties": { "additionalProperties": false, "properties": { - "AccountTakeoverRiskConfiguration": { - "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverRiskConfigurationType", - "markdownDescription": "The settings for automated responses and notification templates for adaptive authentication with threat protection.", - "title": "AccountTakeoverRiskConfiguration" + "AdvancedEventSelectors": { + "items": { + "$ref": "#/definitions/AWS::CloudTrail::EventDataStore.AdvancedEventSelector" + }, + "markdownDescription": "The advanced event selectors to use to select the events for the data store. You can configure up to five advanced event selectors for each event data store.\n\nFor more information about how to use advanced event selectors to log CloudTrail events, see [Log events by using advanced event selectors](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#creating-data-event-selectors-advanced) in the CloudTrail User Guide.\n\nFor more information about how to use advanced event selectors to include AWS Config configuration items in your event data store, see [Create an event data store for AWS Config configuration items](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/lake-eds-cli.html#lake-cli-create-eds-config) in the CloudTrail User Guide.\n\nFor more information about how to use advanced event selectors to include events outside of AWS events in your event data store, see [Create an integration to log events from outside AWS](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/lake-integrations-cli.html#lake-cli-create-integration) in the CloudTrail User Guide.", + "title": "AdvancedEventSelectors", + "type": "array" }, - "ClientId": { - "markdownDescription": "The app client where this configuration is applied. When this parameter isn't present, the risk configuration applies to all user pool app clients that don't have client-level settings.", - "title": "ClientId", + "BillingMode": { + "markdownDescription": "The billing mode for the event data store determines the cost for ingesting events and the default and maximum retention period for the event data store.\n\nThe following are the possible values:\n\n- `EXTENDABLE_RETENTION_PRICING` - This billing mode is generally recommended if you want a flexible retention period of up to 3653 days (about 10 years). The default retention period for this billing mode is 366 days.\n- `FIXED_RETENTION_PRICING` - This billing mode is recommended if you expect to ingest more than 25 TB of event data per month and need a retention period of up to 2557 days (about 7 years). The default retention period for this billing mode is 2557 days.\n\nThe default value is `EXTENDABLE_RETENTION_PRICING` .\n\nFor more information about CloudTrail pricing, see [AWS CloudTrail Pricing](https://docs.aws.amazon.com/cloudtrail/pricing/) and [Managing CloudTrail Lake costs](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-lake-manage-costs.html) .", + "title": "BillingMode", "type": "string" }, - "CompromisedCredentialsRiskConfiguration": { - "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.CompromisedCredentialsRiskConfigurationType", - "markdownDescription": "Settings for compromised-credentials actions and authentication types with threat protection in full-function `ENFORCED` mode.", - "title": "CompromisedCredentialsRiskConfiguration" + "ContextKeySelectors": { + "items": { + "$ref": "#/definitions/AWS::CloudTrail::EventDataStore.ContextKeySelector" + }, + "markdownDescription": "The list of context key selectors that are configured for the event data store.", + "title": "ContextKeySelectors", + "type": "array" }, - "RiskExceptionConfiguration": { - "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.RiskExceptionConfigurationType", - "markdownDescription": "Exceptions to the risk evaluation configuration, including always-allow and always-block IP address ranges.", - "title": "RiskExceptionConfiguration" + "FederationEnabled": { + "markdownDescription": "Indicates if [Lake query federation](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-federation.html) is enabled. By default, Lake query federation is disabled. You cannot delete an event data store if Lake query federation is enabled.", + "title": "FederationEnabled", + "type": "boolean" }, - "UserPoolId": { - "markdownDescription": "The ID of the user pool that has the risk configuration applied.", - "title": "UserPoolId", + "FederationRoleArn": { + "markdownDescription": "If Lake query federation is enabled, provides the ARN of the federation role used to access the resources for the federated event data store.\n\nThe federation role must exist in your account and provide the [required minimum permissions](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-federation.html#query-federation-permissions-role) .", + "title": "FederationRoleArn", + "type": "string" + }, + "IngestionEnabled": { + "markdownDescription": "Specifies whether the event data store should start ingesting live events. The default is true.", + "title": "IngestionEnabled", + "type": "boolean" + }, + "InsightSelectors": { + "items": { + "$ref": "#/definitions/AWS::CloudTrail::EventDataStore.InsightSelector" + }, + "markdownDescription": "A JSON string that contains the Insights types you want to log on an event data store. `ApiCallRateInsight` and `ApiErrorRateInsight` are valid Insight types.\n\nThe `ApiCallRateInsight` Insights type analyzes write-only management API calls that are aggregated per minute against a baseline API call volume.\n\nThe `ApiErrorRateInsight` Insights type analyzes management API calls that result in error codes. The error is shown if the API call is unsuccessful.", + "title": "InsightSelectors", + "type": "array" + }, + "InsightsDestination": { + "markdownDescription": "The ARN (or ID suffix of the ARN) of the destination event data store that logs Insights events. For more information, see [Create an event data store for CloudTrail Insights events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-event-data-store-insights.html) .", + "title": "InsightsDestination", + "type": "string" + }, + "KmsKeyId": { + "markdownDescription": "Specifies the AWS KMS key ID to use to encrypt the events delivered by CloudTrail. The value can be an alias name prefixed by `alias/` , a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.\n\n> Disabling or deleting the KMS key, or removing CloudTrail permissions on the key, prevents CloudTrail from logging events to the event data store, and prevents users from querying the data in the event data store that was encrypted with the key. After you associate an event data store with a KMS key, the KMS key cannot be removed or changed. Before you disable or delete a KMS key that you are using with an event data store, delete or back up your event data store. \n\nCloudTrail also supports AWS KMS multi-Region keys. For more information about multi-Region keys, see [Using multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the *AWS Key Management Service Developer Guide* .\n\nExamples:\n\n- `alias/MyAliasName`\n- `arn:aws:kms:us-east-2:123456789012:alias/MyAliasName`\n- `arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012`\n- `12345678-1234-1234-1234-123456789012`", + "title": "KmsKeyId", + "type": "string" + }, + "MaxEventSize": { + "markdownDescription": "The maximum allowed size for events to be stored in the specified event data store. If you are using context key selectors, MaxEventSize must be set to Large.", + "title": "MaxEventSize", "type": "string" + }, + "MultiRegionEnabled": { + "markdownDescription": "Specifies whether the event data store includes events from all Regions, or only from the Region in which the event data store is created.", + "title": "MultiRegionEnabled", + "type": "boolean" + }, + "Name": { + "markdownDescription": "The name of the event data store.", + "title": "Name", + "type": "string" + }, + "OrganizationEnabled": { + "markdownDescription": "Specifies whether an event data store collects events logged for an organization in AWS Organizations .", + "title": "OrganizationEnabled", + "type": "boolean" + }, + "RetentionPeriod": { + "markdownDescription": "The retention period of the event data store, in days. If `BillingMode` is set to `EXTENDABLE_RETENTION_PRICING` , you can set a retention period of up to 3653 days, the equivalent of 10 years. If `BillingMode` is set to `FIXED_RETENTION_PRICING` , you can set a retention period of up to 2557 days, the equivalent of seven years.\n\nCloudTrail Lake determines whether to retain an event by checking if the `eventTime` of the event is within the specified retention period. For example, if you set a retention period of 90 days, CloudTrail will remove events when the `eventTime` is older than 90 days.\n\n> If you plan to copy trail events to this event data store, we recommend that you consider both the age of the events that you want to copy as well as how long you want to keep the copied events in your event data store. For example, if you copy trail events that are 5 years old and specify a retention period of 7 years, the event data store will retain those events for two years.", + "title": "RetentionPeriod", + "type": "number" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags.", + "title": "Tags", + "type": "array" + }, + "TerminationProtectionEnabled": { + "markdownDescription": "Specifies whether termination protection is enabled for the event data store. If termination protection is enabled, you cannot delete the event data store until termination protection is disabled.", + "title": "TerminationProtectionEnabled", + "type": "boolean" } }, - "required": [ - "ClientId", - "UserPoolId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Cognito::UserPoolRiskConfigurationAttachment" + "AWS::CloudTrail::EventDataStore" ], "type": "string" }, @@ -47059,193 +52916,129 @@ } }, "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionType": { - "additionalProperties": false, - "properties": { - "EventAction": { - "markdownDescription": "The action to take for the attempted account takeover action for the associated risk level. Valid values are as follows:\n\n- `BLOCK` : Block the request.\n- `MFA_IF_CONFIGURED` : Present an MFA challenge if possible. MFA is possible if the user pool has active MFA methods that the user can set up. For example, if the user pool only supports SMS message MFA but the user doesn't have a phone number attribute, MFA setup isn't possible. If MFA setup isn't possible, allow the request.\n- `MFA_REQUIRED` : Present an MFA challenge if possible. Block the request if a user hasn't set up MFA. To sign in with required MFA, users must have an email address or phone number attribute, or a registered TOTP factor.\n- `NO_ACTION` : Take no action. Permit sign-in.", - "title": "EventAction", - "type": "string" - }, - "Notify": { - "markdownDescription": "Determines whether Amazon Cognito sends a user a notification message when your user pools assesses a user's session at the associated risk level.", - "title": "Notify", - "type": "boolean" - } - }, - "required": [ - "EventAction", - "Notify" + "Type" ], "type": "object" }, - "AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionsType": { - "additionalProperties": false, - "properties": { - "HighAction": { - "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionType", - "markdownDescription": "The action that you assign to a high-risk assessment by threat protection.", - "title": "HighAction" - }, - "LowAction": { - "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionType", - "markdownDescription": "The action that you assign to a low-risk assessment by threat protection.", - "title": "LowAction" - }, - "MediumAction": { - "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionType", - "markdownDescription": "The action that you assign to a medium-risk assessment by threat protection.", - "title": "MediumAction" - } - }, - "type": "object" - }, - "AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverRiskConfigurationType": { + "AWS::CloudTrail::EventDataStore.AdvancedEventSelector": { "additionalProperties": false, "properties": { - "Actions": { - "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionsType", - "markdownDescription": "A list of account-takeover actions for each level of risk that Amazon Cognito might assess with threat protection.", - "title": "Actions" + "FieldSelectors": { + "items": { + "$ref": "#/definitions/AWS::CloudTrail::EventDataStore.AdvancedFieldSelector" + }, + "markdownDescription": "Contains all selector statements in an advanced event selector.", + "title": "FieldSelectors", + "type": "array" }, - "NotifyConfiguration": { - "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyConfigurationType", - "markdownDescription": "The settings for composing and sending an email message when threat protection assesses a risk level with adaptive authentication. When you choose to notify users in `AccountTakeoverRiskConfiguration` , Amazon Cognito sends an email message using the method and template that you set with this data type.", - "title": "NotifyConfiguration" - } - }, - "required": [ - "Actions" - ], - "type": "object" - }, - "AWS::Cognito::UserPoolRiskConfigurationAttachment.CompromisedCredentialsActionsType": { - "additionalProperties": false, - "properties": { - "EventAction": { - "markdownDescription": "The action that Amazon Cognito takes when it detects compromised credentials.", - "title": "EventAction", + "Name": { + "markdownDescription": "An optional, descriptive name for an advanced event selector, such as \"Log data events for only two S3 buckets\".", + "title": "Name", "type": "string" } }, "required": [ - "EventAction" + "FieldSelectors" ], "type": "object" }, - "AWS::Cognito::UserPoolRiskConfigurationAttachment.CompromisedCredentialsRiskConfigurationType": { + "AWS::CloudTrail::EventDataStore.AdvancedFieldSelector": { "additionalProperties": false, "properties": { - "Actions": { - "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.CompromisedCredentialsActionsType", - "markdownDescription": "Settings for the actions that you want your user pool to take when Amazon Cognito detects compromised credentials.", - "title": "Actions" + "EndsWith": { + "items": { + "type": "string" + }, + "markdownDescription": "An operator that includes events that match the last few characters of the event record field specified as the value of `Field` .", + "title": "EndsWith", + "type": "array" }, - "EventFilter": { + "Equals": { "items": { "type": "string" }, - "markdownDescription": "Settings for the sign-in activity where you want to configure compromised-credentials actions. Defaults to all events.", - "title": "EventFilter", + "markdownDescription": "An operator that includes events that match the exact value of the event record field specified as the value of `Field` . This is the only valid operator that you can use with the `readOnly` , `eventCategory` , and `resources.type` fields.", + "title": "Equals", "type": "array" - } - }, - "required": [ - "Actions" - ], - "type": "object" - }, - "AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyConfigurationType": { - "additionalProperties": false, - "properties": { - "BlockEmail": { - "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyEmailType", - "markdownDescription": "The template for the email message that your user pool sends when a detected risk event is blocked.", - "title": "BlockEmail" }, - "From": { - "markdownDescription": "The email address that sends the email message. The address must be either individually verified with Amazon Simple Email Service, or from a domain that has been verified with Amazon SES.", - "title": "From", + "Field": { + "markdownDescription": "A field in a CloudTrail event record on which to filter events to be logged. For event data stores for CloudTrail Insights events, AWS Config configuration items, Audit Manager evidence, or events outside of AWS , the field is used only for selecting events as filtering is not supported.\n\nFor CloudTrail management events, supported fields include `eventCategory` (required), `eventSource` , and `readOnly` . The following additional fields are available for event data stores: `eventName` , `eventType` , `sessionCredentialFromConsole` , and `userIdentity.arn` .\n\nFor CloudTrail data events, supported fields include `eventCategory` (required), `eventName` , `eventSource` , `eventType` , `resources.type` (required), `readOnly` , `resources.ARN` , `sessionCredentialFromConsole` , and `userIdentity.arn` .\n\nFor CloudTrail network activity events, supported fields include `eventCategory` (required), `eventSource` (required), `eventName` , `errorCode` , and `vpcEndpointId` .\n\nFor event data stores for CloudTrail Insights events, AWS Config configuration items, Audit Manager evidence, or events outside of AWS , the only supported field is `eventCategory` .\n\n> Selectors don't support the use of wildcards like `*` . To match multiple values with a single condition, you may use `StartsWith` , `EndsWith` , `NotStartsWith` , or `NotEndsWith` to explicitly match the beginning or end of the event field. \n\n- *`readOnly`* - This is an optional field that is only used for management events and data events. This field can be set to `Equals` with a value of `true` or `false` . If you do not add this field, CloudTrail logs both `read` and `write` events. A value of `true` logs only `read` events. A value of `false` logs only `write` events.\n- *`eventSource`* - This field is only used for management events, data events, and network activity events.\n\nFor management events for trails, this is an optional field that can be set to `NotEquals` `kms.amazonaws.com` to exclude KMS management events, or `NotEquals` `rdsdata.amazonaws.com` to exclude RDS management events.\n\nFor data events for trails, this is an optional field that you can use to include or exclude any event source and can use any operator.\n\nFor management and data events for event data stores, this is an optional field that you can use to include or exclude any event source and can use any operator.\n\nFor network activity events, this is a required field that only uses the `Equals` operator. Set this field to the event source for which you want to log network activity events. If you want to log network activity events for multiple event sources, you must create a separate field selector for each event source. For a list of services supporting network activity events, see [Logging network activity events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-network-events-with-cloudtrail.html) in the *AWS CloudTrail User Guide* .\n- *`eventName`* - This is an optional field that is only used for data events, management events (for event data stores only), and network activity events. You can use any operator with `eventName` . You can use it to \ufb01lter in or \ufb01lter out specific events. You can have multiple values for this \ufb01eld, separated by commas.\n- *`eventCategory`* - This field is required and must be set to `Equals` .\n\n- For CloudTrail management events, the value must be `Management` .\n- For CloudTrail data events, the value must be `Data` .\n- For CloudTrail network activity events, the value must be `NetworkActivity` .\n\nThe following are used only for event data stores:\n\n- For CloudTrail Insights events, the value must be `Insight` .\n- For AWS Config configuration items, the value must be `ConfigurationItem` .\n- For Audit Manager evidence, the value must be `Evidence` .\n- For events outside of AWS , the value must be `ActivityAuditLog` .\n- *`eventType`* - For event data stores, this is an optional field available for event data stores to filter management and data events on the event type. For trails, this is an optional field to filter data events on the event type. For information about available event types, see [CloudTrail record contents](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-event-reference-record-contents.html#ct-event-type) in the *AWS CloudTrail user guide* .\n- *`errorCode`* - This \ufb01eld is only used to filter CloudTrail network activity events and is optional. This is the error code to filter on. Currently, the only valid `errorCode` is `VpceAccessDenied` . `errorCode` can only use the `Equals` operator.\n- *`sessionCredentialFromConsole`* - For event data stores, this is an optional field used to filter management and data events based on whether the events originated from an AWS Management Console session. For trails, this is an optional field used to filter data events. `sessionCredentialFromConsole` can only use the `Equals` and `NotEquals` operators.\n- *`resources.type`* - This \ufb01eld is required for CloudTrail data events. `resources.type` can only use the `Equals` operator.\n\nFor a list of available resource types for data events, see [Data events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#logging-data-events) in the *AWS CloudTrail User Guide* .\n\nYou can have only one `resources.type` \ufb01eld per selector. To log events on more than one resource type, add another selector.\n- *`resources.ARN`* - The `resources.ARN` is an optional field for data events. You can use any operator with `resources.ARN` , but if you use `Equals` or `NotEquals` , the value must exactly match the ARN of a valid resource of the type you've speci\ufb01ed in the template as the value of resources.type. To log all data events for all objects in a specific S3 bucket, use the `StartsWith` operator, and include only the bucket ARN as the matching value.\n\nFor more information about the ARN formats of data event resources, see [Actions, resources, and condition keys for AWS services](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html) in the *Service Authorization Reference* .\n\n> You can't use the `resources.ARN` field to filter resource types that do not have ARNs.\n- *`userIdentity.arn`* - For event data stores, this is an optional field used to filter management and data events for actions taken by specific IAM identities. For trails, this is an optional field used to filter data events. You can use any operator with `userIdentity.arn` . For more information on the userIdentity element, see [CloudTrail userIdentity element](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-event-reference-user-identity.html) in the *AWS CloudTrail User Guide* .\n- *`vpcEndpointId`* - This \ufb01eld is only used to filter CloudTrail network activity events and is optional. This field identifies the VPC endpoint that the request passed through. You can use any operator with `vpcEndpointId` .", + "title": "Field", "type": "string" }, - "MfaEmail": { - "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyEmailType", - "markdownDescription": "The template for the email message that your user pool sends when MFA is challenged in response to a detected risk.", - "title": "MfaEmail" + "NotEndsWith": { + "items": { + "type": "string" + }, + "markdownDescription": "An operator that excludes events that match the last few characters of the event record field specified as the value of `Field` .", + "title": "NotEndsWith", + "type": "array" }, - "NoActionEmail": { - "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyEmailType", - "markdownDescription": "The template for the email message that your user pool sends when no action is taken in response to a detected risk.", - "title": "NoActionEmail" + "NotEquals": { + "items": { + "type": "string" + }, + "markdownDescription": "An operator that excludes events that match the exact value of the event record field specified as the value of `Field` .", + "title": "NotEquals", + "type": "array" }, - "ReplyTo": { - "markdownDescription": "The reply-to email address of an email template.", - "title": "ReplyTo", - "type": "string" + "NotStartsWith": { + "items": { + "type": "string" + }, + "markdownDescription": "An operator that excludes events that match the first few characters of the event record field specified as the value of `Field` .", + "title": "NotStartsWith", + "type": "array" }, - "SourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the identity that is associated with the sending authorization policy. This identity permits Amazon Cognito to send for the email address specified in the `From` parameter.", - "title": "SourceArn", - "type": "string" + "StartsWith": { + "items": { + "type": "string" + }, + "markdownDescription": "An operator that includes events that match the first few characters of the event record field specified as the value of `Field` .", + "title": "StartsWith", + "type": "array" } }, "required": [ - "SourceArn" + "Field" ], "type": "object" }, - "AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyEmailType": { + "AWS::CloudTrail::EventDataStore.ContextKeySelector": { "additionalProperties": false, "properties": { - "HtmlBody": { - "markdownDescription": "The body of an email notification formatted in HTML. Choose an `HtmlBody` or a `TextBody` to send an HTML-formatted or plaintext message, respectively.", - "title": "HtmlBody", - "type": "string" - }, - "Subject": { - "markdownDescription": "The subject of the threat protection email notification.", - "title": "Subject", - "type": "string" + "Equals": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of keys defined by Type to be included in CloudTrail enriched events.", + "title": "Equals", + "type": "array" }, - "TextBody": { - "markdownDescription": "The body of an email notification formatted in plaintext. Choose an `HtmlBody` or a `TextBody` to send an HTML-formatted or plaintext message, respectively.", - "title": "TextBody", + "Type": { + "markdownDescription": "Specifies the type of the event record field in ContextKeySelector. Valid values include RequestContext, TagContext.", + "title": "Type", "type": "string" } }, "required": [ - "Subject" + "Equals", + "Type" ], "type": "object" }, - "AWS::Cognito::UserPoolRiskConfigurationAttachment.RiskExceptionConfigurationType": { + "AWS::CloudTrail::EventDataStore.InsightSelector": { "additionalProperties": false, "properties": { - "BlockedIPRangeList": { - "items": { - "type": "string" - }, - "markdownDescription": "An always-block IP address list. Overrides the risk decision and always blocks authentication requests. This parameter is displayed and set in CIDR notation.", - "title": "BlockedIPRangeList", - "type": "array" - }, - "SkippedIPRangeList": { - "items": { - "type": "string" - }, - "markdownDescription": "An always-allow IP address list. Risk detection isn't performed on the IP addresses in this range list. This parameter is displayed and set in CIDR notation.", - "title": "SkippedIPRangeList", - "type": "array" + "InsightType": { + "markdownDescription": "The type of Insights events to log on an event data store. `ApiCallRateInsight` and `ApiErrorRateInsight` are valid Insight types.\n\nThe `ApiCallRateInsight` Insights type analyzes write-only management API calls that are aggregated per minute against a baseline API call volume.\n\nThe `ApiErrorRateInsight` Insights type analyzes management API calls that result in error codes. The error is shown if the API call is unsuccessful.", + "title": "InsightType", + "type": "string" } }, "type": "object" }, - "AWS::Cognito::UserPoolUICustomizationAttachment": { + "AWS::CloudTrail::ResourcePolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -47280,31 +53073,26 @@ "Properties": { "additionalProperties": false, "properties": { - "CSS": { - "markdownDescription": "A plaintext CSS file that contains the custom fields that you want to apply to your user pool or app client. To download a template, go to the Amazon Cognito console. Navigate to your user pool *App clients* tab, select *Login pages* , edit *Hosted UI (classic) style* , and select the link to `CSS template.css` .", - "title": "CSS", - "type": "string" - }, - "ClientId": { - "markdownDescription": "The app client ID for your UI customization. When this value isn't present, the customization applies to all user pool app clients that don't have client-level settings..", - "title": "ClientId", + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the CloudTrail event data store, dashboard, or channel attached to the resource-based policy.\n\nExample event data store ARN format: `arn:aws:cloudtrail:us-east-2:123456789012:eventdatastore/EXAMPLE-f852-4e8f-8bd1-bcf6cEXAMPLE`\n\nExample dashboard ARN format: `arn:aws:cloudtrail:us-east-1:123456789012:dashboard/exampleDash`\n\nExample channel ARN format: `arn:aws:cloudtrail:us-east-2:123456789012:channel/01234567890`", + "title": "ResourceArn", "type": "string" }, - "UserPoolId": { - "markdownDescription": "The ID of the user pool where you want to apply branding to the classic hosted UI.", - "title": "UserPoolId", - "type": "string" + "ResourcePolicy": { + "markdownDescription": "A JSON-formatted string for an AWS resource-based policy.\n\nFor example resource-based policies, see [CloudTrail resource-based policy examples](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/security_iam_resource-based-policy-examples.html) in the *CloudTrail User Guide* .", + "title": "ResourcePolicy", + "type": "object" } }, "required": [ - "ClientId", - "UserPoolId" + "ResourceArn", + "ResourcePolicy" ], "type": "object" }, "Type": { "enum": [ - "AWS::Cognito::UserPoolUICustomizationAttachment" + "AWS::CloudTrail::ResourcePolicy" ], "type": "string" }, @@ -47323,7 +53111,7 @@ ], "type": "object" }, - "AWS::Cognito::UserPoolUser": { + "AWS::CloudTrail::Trail": { "additionalProperties": false, "properties": { "Condition": { @@ -47358,70 +53146,108 @@ "Properties": { "additionalProperties": false, "properties": { - "ClientMetadata": { - "additionalProperties": true, - "markdownDescription": "A map of custom key-value pairs that you can provide as input for any custom workflows that this action triggers.\n\nYou create custom workflows by assigning AWS Lambda functions to user pool triggers. When you use the AdminCreateUser API action, Amazon Cognito invokes the function that is assigned to the *pre sign-up* trigger. When Amazon Cognito invokes this function, it passes a JSON payload, which the function receives as input. This payload contains a `ClientMetadata` attribute, which provides the data that you assigned to the ClientMetadata parameter in your AdminCreateUser request. In your function code in AWS Lambda , you can process the `clientMetadata` value to enhance your workflow for your specific needs.\n\nFor more information, see [Using Lambda triggers](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html) in the *Amazon Cognito Developer Guide* .\n\n> When you use the `ClientMetadata` parameter, note that Amazon Cognito won't do the following:\n> \n> - Store the `ClientMetadata` value. This data is available only to AWS Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool configuration doesn't include triggers, the `ClientMetadata` parameter serves no purpose.\n> - Validate the `ClientMetadata` value.\n> - Encrypt the `ClientMetadata` value. Don't send sensitive information in this parameter.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "AdvancedEventSelectors": { + "items": { + "$ref": "#/definitions/AWS::CloudTrail::Trail.AdvancedEventSelector" }, - "title": "ClientMetadata", - "type": "object" + "markdownDescription": "Specifies the settings for advanced event selectors. You can use advanced event selectors to log management events, data events for all resource types, and network activity events.\n\nYou can add advanced event selectors, and conditions for your advanced event selectors, up to a maximum of 500 values for all conditions and selectors on a trail. You can use either `AdvancedEventSelectors` or `EventSelectors` , but not both. If you apply `AdvancedEventSelectors` to a trail, any existing `EventSelectors` are overwritten. For more information about advanced event selectors, see [Logging data events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html) and [Logging network activity events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-network-events-with-cloudtrail.html) in the *AWS CloudTrail User Guide* .", + "title": "AdvancedEventSelectors", + "type": "array" }, - "DesiredDeliveryMediums": { + "CloudWatchLogsLogGroupArn": { + "markdownDescription": "Specifies a log group name using an Amazon Resource Name (ARN), a unique identifier that represents the log group to which CloudTrail logs are delivered. You must use a log group that exists in your account.\n\nTo enable CloudWatch Logs delivery, you must provide values for `CloudWatchLogsLogGroupArn` and `CloudWatchLogsRoleArn` .\n\n> If you previously enabled CloudWatch Logs delivery and want to disable CloudWatch Logs delivery, you must set the values of the `CloudWatchLogsRoleArn` and `CloudWatchLogsLogGroupArn` fields to `\"\"` .", + "title": "CloudWatchLogsLogGroupArn", + "type": "string" + }, + "CloudWatchLogsRoleArn": { + "markdownDescription": "Specifies the role for the CloudWatch Logs endpoint to assume to write to a user's log group. You must use a role that exists in your account.\n\nTo enable CloudWatch Logs delivery, you must provide values for `CloudWatchLogsLogGroupArn` and `CloudWatchLogsRoleArn` .\n\n> If you previously enabled CloudWatch Logs delivery and want to disable CloudWatch Logs delivery, you must set the values of the `CloudWatchLogsRoleArn` and `CloudWatchLogsLogGroupArn` fields to `\"\"` .", + "title": "CloudWatchLogsRoleArn", + "type": "string" + }, + "EnableLogFileValidation": { + "markdownDescription": "Specifies whether log file validation is enabled. The default is false.\n\n> When you disable log file integrity validation, the chain of digest files is broken after one hour. CloudTrail does not create digest files for log files that were delivered during a period in which log file integrity validation was disabled. For example, if you enable log file integrity validation at noon on January 1, disable it at noon on January 2, and re-enable it at noon on January 10, digest files will not be created for the log files delivered from noon on January 2 to noon on January 10. The same applies whenever you stop CloudTrail logging or delete a trail.", + "title": "EnableLogFileValidation", + "type": "boolean" + }, + "EventSelectors": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::CloudTrail::Trail.EventSelector" }, - "markdownDescription": "Specify `EMAIL` if email will be used to send the welcome message. Specify `SMS` if the phone number will be used. The default value is `SMS` . You can specify more than one value.", - "title": "DesiredDeliveryMediums", + "markdownDescription": "Use event selectors to further specify the management and data event settings for your trail. By default, trails created without specific event selectors will be configured to log all read and write management events, and no data events. When an event occurs in your account, CloudTrail evaluates the event selector for all trails. For each trail, if the event matches any event selector, the trail processes and logs the event. If the event doesn't match any event selector, the trail doesn't log the event.\n\nYou can configure up to five event selectors for a trail.\n\nYou cannot apply both event selectors and advanced event selectors to a trail.", + "title": "EventSelectors", "type": "array" }, - "ForceAliasCreation": { - "markdownDescription": "This parameter is used only if the `phone_number_verified` or `email_verified` attribute is set to `True` . Otherwise, it is ignored.\n\nIf this parameter is set to `True` and the phone number or email address specified in the `UserAttributes` parameter already exists as an alias with a different user, this request migrates the alias from the previous user to the newly-created user. The previous user will no longer be able to log in using that alias.\n\nIf this parameter is set to `False` , the API throws an `AliasExistsException` error if the alias already exists. The default value is `False` .", - "title": "ForceAliasCreation", + "IncludeGlobalServiceEvents": { + "markdownDescription": "Specifies whether the trail is publishing events from global services such as IAM to the log files.", + "title": "IncludeGlobalServiceEvents", "type": "boolean" }, - "MessageAction": { - "markdownDescription": "Set to `RESEND` to resend the invitation message to a user that already exists, and to reset the temporary-password duration with a new temporary password. Set to `SUPPRESS` to suppress sending the message. You can specify only one value.", - "title": "MessageAction", - "type": "string" - }, - "UserAttributes": { + "InsightSelectors": { "items": { - "$ref": "#/definitions/AWS::Cognito::UserPoolUser.AttributeType" + "$ref": "#/definitions/AWS::CloudTrail::Trail.InsightSelector" }, - "markdownDescription": "An array of name-value pairs that contain user attributes and attribute values to be set for the user to be created. You can create a user without specifying any attributes other than `Username` . However, any attributes that you specify as required (when creating a user pool or in the *Attributes* tab of the console) either you should supply (in your call to `AdminCreateUser` ) or the user should supply (when they sign up in response to your welcome message).\n\nFor custom attributes, you must prepend the `custom:` prefix to the attribute name.\n\nTo send a message inviting the user to sign up, you must specify the user's email address or phone number. You can do this in your call to AdminCreateUser or in the *Users* tab of the Amazon Cognito console for managing your user pools.\n\nYou must also provide an email address or phone number when you expect the user to do passwordless sign-in with an email or SMS OTP. These attributes must be provided when passwordless options are the only available, or when you don't submit a `TemporaryPassword` .\n\nIn your call to `AdminCreateUser` , you can set the `email_verified` attribute to `True` , and you can set the `phone_number_verified` attribute to `True` .\n\n- *email* : The email address of the user to whom the message that contains the code and username will be sent. Required if the `email_verified` attribute is set to `True` , or if `\"EMAIL\"` is specified in the `DesiredDeliveryMediums` parameter.\n- *phone_number* : The phone number of the user to whom the message that contains the code and username will be sent. Required if the `phone_number_verified` attribute is set to `True` , or if `\"SMS\"` is specified in the `DesiredDeliveryMediums` parameter.", - "title": "UserAttributes", + "markdownDescription": "A JSON string that contains the Insights types you want to log on a trail. `ApiCallRateInsight` and `ApiErrorRateInsight` are valid Insight types.\n\nThe `ApiCallRateInsight` Insights type analyzes write-only management API calls that are aggregated per minute against a baseline API call volume.\n\nThe `ApiErrorRateInsight` Insights type analyzes management API calls that result in error codes. The error is shown if the API call is unsuccessful.", + "title": "InsightSelectors", "type": "array" }, - "UserPoolId": { - "markdownDescription": "The ID of the user pool where you want to create a user.", - "title": "UserPoolId", + "IsLogging": { + "markdownDescription": "Whether the CloudTrail trail is currently logging AWS API calls.", + "title": "IsLogging", + "type": "boolean" + }, + "IsMultiRegionTrail": { + "markdownDescription": "Specifies whether the trail applies only to the current Region or to all Regions. The default is false. If the trail exists only in the current Region and this value is set to true, shadow trails (replications of the trail) will be created in the other Regions. If the trail exists in all Regions and this value is set to false, the trail will remain in the Region where it was created, and its shadow trails in other Regions will be deleted. As a best practice, consider using trails that log events in all Regions.", + "title": "IsMultiRegionTrail", + "type": "boolean" + }, + "IsOrganizationTrail": { + "markdownDescription": "Specifies whether the trail is applied to all accounts in an organization in AWS Organizations , or only for the current AWS account . The default is false, and cannot be true unless the call is made on behalf of an AWS account that is the management account for an organization in AWS Organizations . If the trail is not an organization trail and this is set to `true` , the trail will be created in all AWS accounts that belong to the organization. If the trail is an organization trail and this is set to `false` , the trail will remain in the current AWS account but be deleted from all member accounts in the organization.\n\n> Only the management account for the organization can convert an organization trail to a non-organization trail, or convert a non-organization trail to an organization trail.", + "title": "IsOrganizationTrail", + "type": "boolean" + }, + "KMSKeyId": { + "markdownDescription": "Specifies the AWS KMS key ID to use to encrypt the logs and digest files delivered by CloudTrail. The value can be an alias name prefixed by \"alias/\", a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.\n\nCloudTrail also supports AWS KMS multi-Region keys. For more information about multi-Region keys, see [Using multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the *AWS Key Management Service Developer Guide* .\n\nExamples:\n\n- alias/MyAliasName\n- arn:aws:kms:us-east-2:123456789012:alias/MyAliasName\n- arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012\n- 12345678-1234-1234-1234-123456789012", + "title": "KMSKeyId", "type": "string" }, - "Username": { - "markdownDescription": "The value that you want to set as the username sign-in attribute. The following conditions apply to the username parameter.\n\n- The username can't be a duplicate of another username in the same user pool.\n- You can't change the value of a username after you create it.\n- You can only provide a value if usernames are a valid sign-in attribute for your user pool. If your user pool only supports phone numbers or email addresses as sign-in attributes, Amazon Cognito automatically generates a username value. For more information, see [Customizing sign-in attributes](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html#user-pool-settings-aliases) .", - "title": "Username", + "S3BucketName": { + "markdownDescription": "Specifies the name of the Amazon S3 bucket designated for publishing log files. See [Amazon S3 Bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html) .", + "title": "S3BucketName", "type": "string" }, - "ValidationData": { + "S3KeyPrefix": { + "markdownDescription": "Specifies the Amazon S3 key prefix that comes after the name of the bucket you have designated for log file delivery. For more information, see [Finding Your CloudTrail Log Files](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/get-and-view-cloudtrail-log-files.html#cloudtrail-find-log-files) . The maximum length is 200 characters.", + "title": "S3KeyPrefix", + "type": "string" + }, + "SnsTopicName": { + "markdownDescription": "Specifies the name or ARN of the Amazon SNS topic defined for notification of log file delivery. The maximum length is 256 characters.", + "title": "SnsTopicName", + "type": "string" + }, + "Tags": { "items": { - "$ref": "#/definitions/AWS::Cognito::UserPoolUser.AttributeType" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "Temporary user attributes that contribute to the outcomes of your pre sign-up Lambda trigger. This set of key-value pairs are for custom validation of information that you collect from your users but don't need to retain.\n\nYour Lambda function can analyze this additional data and act on it. Your function can automatically confirm and verify select users or perform external API operations like logging user attributes and validation data to Amazon CloudWatch Logs.\n\nFor more information about the pre sign-up Lambda trigger, see [Pre sign-up Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-sign-up.html) .", - "title": "ValidationData", + "markdownDescription": "A custom set of tags (key-value pairs) for this trail.", + "title": "Tags", "type": "array" + }, + "TrailName": { + "markdownDescription": "Specifies the name of the trail. The name must meet the following requirements:\n\n- Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores (_), or dashes (-)\n- Start with a letter or number, and end with a letter or number\n- Be between 3 and 128 characters\n- Have no adjacent periods, underscores or dashes. Names like `my-_namespace` and `my--namespace` are not valid.\n- Not be in IP address format (for example, 192.168.5.4)", + "title": "TrailName", + "type": "string" } }, "required": [ - "UserPoolId" + "IsLogging", + "S3BucketName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Cognito::UserPoolUser" + "AWS::CloudTrail::Trail" ], "type": "string" }, @@ -47440,23 +53266,156 @@ ], "type": "object" }, - "AWS::Cognito::UserPoolUser.AttributeType": { + "AWS::CloudTrail::Trail.AdvancedEventSelector": { "additionalProperties": false, "properties": { + "FieldSelectors": { + "items": { + "$ref": "#/definitions/AWS::CloudTrail::Trail.AdvancedFieldSelector" + }, + "markdownDescription": "Contains all selector statements in an advanced event selector.", + "title": "FieldSelectors", + "type": "array" + }, "Name": { - "markdownDescription": "The name of the attribute.", + "markdownDescription": "An optional, descriptive name for an advanced event selector, such as \"Log data events for only two S3 buckets\".", "title": "Name", "type": "string" + } + }, + "required": [ + "FieldSelectors" + ], + "type": "object" + }, + "AWS::CloudTrail::Trail.AdvancedFieldSelector": { + "additionalProperties": false, + "properties": { + "EndsWith": { + "items": { + "type": "string" + }, + "markdownDescription": "An operator that includes events that match the last few characters of the event record field specified as the value of `Field` .", + "title": "EndsWith", + "type": "array" + }, + "Equals": { + "items": { + "type": "string" + }, + "markdownDescription": "An operator that includes events that match the exact value of the event record field specified as the value of `Field` . This is the only valid operator that you can use with the `readOnly` , `eventCategory` , and `resources.type` fields.", + "title": "Equals", + "type": "array" + }, + "Field": { + "markdownDescription": "A field in a CloudTrail event record on which to filter events to be logged. For event data stores for CloudTrail Insights events, AWS Config configuration items, Audit Manager evidence, or events outside of AWS , the field is used only for selecting events as filtering is not supported.\n\nFor CloudTrail management events, supported fields include `eventCategory` (required), `eventSource` , and `readOnly` . The following additional fields are available for event data stores: `eventName` , `eventType` , `sessionCredentialFromConsole` , and `userIdentity.arn` .\n\nFor CloudTrail data events, supported fields include `eventCategory` (required), `eventName` , `eventSource` , `eventType` , `resources.type` (required), `readOnly` , `resources.ARN` , `sessionCredentialFromConsole` , and `userIdentity.arn` .\n\nFor CloudTrail network activity events, supported fields include `eventCategory` (required), `eventSource` (required), `eventName` , `errorCode` , and `vpcEndpointId` .\n\nFor event data stores for CloudTrail Insights events, AWS Config configuration items, Audit Manager evidence, or events outside of AWS , the only supported field is `eventCategory` .\n\n> Selectors don't support the use of wildcards like `*` . To match multiple values with a single condition, you may use `StartsWith` , `EndsWith` , `NotStartsWith` , or `NotEndsWith` to explicitly match the beginning or end of the event field. \n\n- *`readOnly`* - This is an optional field that is only used for management events and data events. This field can be set to `Equals` with a value of `true` or `false` . If you do not add this field, CloudTrail logs both `read` and `write` events. A value of `true` logs only `read` events. A value of `false` logs only `write` events.\n- *`eventSource`* - This field is only used for management events, data events, and network activity events.\n\nFor management events for trails, this is an optional field that can be set to `NotEquals` `kms.amazonaws.com` to exclude KMS management events, or `NotEquals` `rdsdata.amazonaws.com` to exclude RDS management events.\n\nFor data events for trails, this is an optional field that you can use to include or exclude any event source and can use any operator.\n\nFor management and data events for event data stores, this is an optional field that you can use to include or exclude any event source and can use any operator.\n\nFor network activity events, this is a required field that only uses the `Equals` operator. Set this field to the event source for which you want to log network activity events. If you want to log network activity events for multiple event sources, you must create a separate field selector for each event source. For a list of services supporting network activity events, see [Logging network activity events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-network-events-with-cloudtrail.html) in the *AWS CloudTrail User Guide* .\n- *`eventName`* - This is an optional field that is only used for data events, management events (for event data stores only), and network activity events. You can use any operator with `eventName` . You can use it to \ufb01lter in or \ufb01lter out specific events. You can have multiple values for this \ufb01eld, separated by commas.\n- *`eventCategory`* - This field is required and must be set to `Equals` .\n\n- For CloudTrail management events, the value must be `Management` .\n- For CloudTrail data events, the value must be `Data` .\n- For CloudTrail network activity events, the value must be `NetworkActivity` .\n\nThe following are used only for event data stores:\n\n- For CloudTrail Insights events, the value must be `Insight` .\n- For AWS Config configuration items, the value must be `ConfigurationItem` .\n- For Audit Manager evidence, the value must be `Evidence` .\n- For events outside of AWS , the value must be `ActivityAuditLog` .\n- *`eventType`* - For event data stores, this is an optional field available for event data stores to filter management and data events on the event type. For trails, this is an optional field to filter data events on the event type. For information about available event types, see [CloudTrail record contents](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-event-reference-record-contents.html#ct-event-type) in the *AWS CloudTrail user guide* .\n- *`errorCode`* - This \ufb01eld is only used to filter CloudTrail network activity events and is optional. This is the error code to filter on. Currently, the only valid `errorCode` is `VpceAccessDenied` . `errorCode` can only use the `Equals` operator.\n- *`sessionCredentialFromConsole`* - For event data stores, this is an optional field used to filter management and data events based on whether the events originated from an AWS Management Console session. For trails, this is an optional field used to filter data events. `sessionCredentialFromConsole` can only use the `Equals` and `NotEquals` operators.\n- *`resources.type`* - This \ufb01eld is required for CloudTrail data events. `resources.type` can only use the `Equals` operator.\n\nFor a list of available resource types for data events, see [Data events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#logging-data-events) in the *AWS CloudTrail User Guide* .\n\nYou can have only one `resources.type` \ufb01eld per selector. To log events on more than one resource type, add another selector.\n- *`resources.ARN`* - The `resources.ARN` is an optional field for data events. You can use any operator with `resources.ARN` , but if you use `Equals` or `NotEquals` , the value must exactly match the ARN of a valid resource of the type you've speci\ufb01ed in the template as the value of resources.type. To log all data events for all objects in a specific S3 bucket, use the `StartsWith` operator, and include only the bucket ARN as the matching value.\n\nFor more information about the ARN formats of data event resources, see [Actions, resources, and condition keys for AWS services](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html) in the *Service Authorization Reference* .\n\n> You can't use the `resources.ARN` field to filter resource types that do not have ARNs.\n- *`userIdentity.arn`* - For event data stores, this is an optional field used to filter management and data events for actions taken by specific IAM identities. For trails, this is an optional field used to filter data events. You can use any operator with `userIdentity.arn` . For more information on the userIdentity element, see [CloudTrail userIdentity element](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-event-reference-user-identity.html) in the *AWS CloudTrail User Guide* .\n- *`vpcEndpointId`* - This \ufb01eld is only used to filter CloudTrail network activity events and is optional. This field identifies the VPC endpoint that the request passed through. You can use any operator with `vpcEndpointId` .", + "title": "Field", + "type": "string" }, - "Value": { - "markdownDescription": "The value of the attribute.", - "title": "Value", + "NotEndsWith": { + "items": { + "type": "string" + }, + "markdownDescription": "An operator that excludes events that match the last few characters of the event record field specified as the value of `Field` .", + "title": "NotEndsWith", + "type": "array" + }, + "NotEquals": { + "items": { + "type": "string" + }, + "markdownDescription": "An operator that excludes events that match the exact value of the event record field specified as the value of `Field` .", + "title": "NotEquals", + "type": "array" + }, + "NotStartsWith": { + "items": { + "type": "string" + }, + "markdownDescription": "An operator that excludes events that match the first few characters of the event record field specified as the value of `Field` .", + "title": "NotStartsWith", + "type": "array" + }, + "StartsWith": { + "items": { + "type": "string" + }, + "markdownDescription": "An operator that includes events that match the first few characters of the event record field specified as the value of `Field` .", + "title": "StartsWith", + "type": "array" + } + }, + "required": [ + "Field" + ], + "type": "object" + }, + "AWS::CloudTrail::Trail.DataResource": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "The resource type in which you want to log data events. You can specify the following *basic* event selector resource types:\n\n- `AWS::DynamoDB::Table`\n- `AWS::Lambda::Function`\n- `AWS::S3::Object`\n\nAdditional resource types are available through *advanced* event selectors. For more information, see [AdvancedEventSelector](https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_AdvancedEventSelector.html) .", + "title": "Type", + "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of Amazon Resource Name (ARN) strings or partial ARN strings for the specified resource type.\n\n- To log data events for all objects in all S3 buckets in your AWS account , specify the prefix as `arn:aws:s3` .\n\n> This also enables logging of data event activity performed by any user or role in your AWS account , even if that activity is performed on a bucket that belongs to another AWS account .\n- To log data events for all objects in an S3 bucket, specify the bucket and an empty object prefix such as `arn:aws:s3:::amzn-s3-demo-bucket1/` . The trail logs data events for all objects in this S3 bucket.\n- To log data events for specific objects, specify the S3 bucket and object prefix such as `arn:aws:s3:::amzn-s3-demo-bucket1/example-images` . The trail logs data events for objects in this S3 bucket that match the prefix.\n- To log data events for all Lambda functions in your AWS account , specify the prefix as `arn:aws:lambda` .\n\n> This also enables logging of `Invoke` activity performed by any user or role in your AWS account , even if that activity is performed on a function that belongs to another AWS account .\n- To log data events for a specific Lambda function, specify the function ARN.\n\n> Lambda function ARNs are exact. For example, if you specify a function ARN *arn:aws:lambda:us-west-2:111111111111:function:helloworld* , data events will only be logged for *arn:aws:lambda:us-west-2:111111111111:function:helloworld* . They will not be logged for *arn:aws:lambda:us-west-2:111111111111:function:helloworld2* .\n- To log data events for all DynamoDB tables in your AWS account , specify the prefix as `arn:aws:dynamodb` .", + "title": "Values", + "type": "array" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::CloudTrail::Trail.EventSelector": { + "additionalProperties": false, + "properties": { + "DataResources": { + "items": { + "$ref": "#/definitions/AWS::CloudTrail::Trail.DataResource" + }, + "markdownDescription": "CloudTrail supports data event logging for Amazon S3 objects in standard S3 buckets, AWS Lambda functions, and Amazon DynamoDB tables with basic event selectors. You can specify up to 250 resources for an individual event selector, but the total number of data resources cannot exceed 250 across all event selectors in a trail. This limit does not apply if you configure resource logging for all data events.\n\nFor more information, see [Data Events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html) and [Limits in AWS CloudTrail](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/WhatIsCloudTrail-Limits.html) in the *AWS CloudTrail User Guide* .\n\n> To log data events for all other resource types including objects stored in [directory buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-overview.html) , you must use [AdvancedEventSelectors](https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_AdvancedEventSelector.html) . You must also use `AdvancedEventSelectors` if you want to filter on the `eventName` field.", + "title": "DataResources", + "type": "array" + }, + "ExcludeManagementEventSources": { + "items": { + "type": "string" + }, + "markdownDescription": "An optional list of service event sources from which you do not want management events to be logged on your trail. In this release, the list can be empty (disables the filter), or it can filter out AWS Key Management Service or Amazon RDS Data API events by containing `kms.amazonaws.com` or `rdsdata.amazonaws.com` . By default, `ExcludeManagementEventSources` is empty, and AWS KMS and Amazon RDS Data API events are logged to your trail. You can exclude management event sources only in Regions that support the event source.", + "title": "ExcludeManagementEventSources", + "type": "array" + }, + "IncludeManagementEvents": { + "markdownDescription": "Specify if you want your event selector to include management events for your trail.\n\nFor more information, see [Management Events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-events-with-cloudtrail.html) in the *AWS CloudTrail User Guide* .\n\nBy default, the value is `true` .\n\nThe first copy of management events is free. You are charged for additional copies of management events that you are logging on any subsequent trail in the same Region. For more information about CloudTrail pricing, see [AWS CloudTrail Pricing](https://docs.aws.amazon.com/cloudtrail/pricing/) .", + "title": "IncludeManagementEvents", + "type": "boolean" + }, + "ReadWriteType": { + "markdownDescription": "Specify if you want your trail to log read-only events, write-only events, or all. For example, the EC2 `GetConsoleOutput` is a read-only API operation and `RunInstances` is a write-only API operation.\n\nBy default, the value is `All` .", + "title": "ReadWriteType", "type": "string" } }, "type": "object" }, - "AWS::Cognito::UserPoolUserToGroupAttachment": { + "AWS::CloudTrail::Trail.InsightSelector": { + "additionalProperties": false, + "properties": { + "InsightType": { + "markdownDescription": "The type of Insights events to log on a trail. `ApiCallRateInsight` and `ApiErrorRateInsight` are valid Insight types.\n\nThe `ApiCallRateInsight` Insights type analyzes write-only management API calls that are aggregated per minute against a baseline API call volume.\n\nThe `ApiErrorRateInsight` Insights type analyzes management API calls that result in error codes. The error is shown if the API call is unsuccessful.", + "title": "InsightType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CloudWatch::Alarm": { "additionalProperties": false, "properties": { "Condition": { @@ -47491,160 +53450,144 @@ "Properties": { "additionalProperties": false, "properties": { - "GroupName": { - "markdownDescription": "The name of the group that you want to add your user to.", - "title": "GroupName", - "type": "string" + "ActionsEnabled": { + "markdownDescription": "Indicates whether actions should be executed during any changes to the alarm state. The default is TRUE.", + "title": "ActionsEnabled", + "type": "boolean" }, - "UserPoolId": { - "markdownDescription": "The ID of the user pool that contains the group that you want to add the user to.", - "title": "UserPoolId", + "AlarmActions": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of actions to execute when this alarm transitions into an ALARM state from any other state. Specify each action as an Amazon Resource Name (ARN). For more information about creating alarms and the actions that you can specify, see [PutMetricAlarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutMetricAlarm.html) in the *Amazon CloudWatch API Reference* .", + "title": "AlarmActions", + "type": "array" + }, + "AlarmDescription": { + "markdownDescription": "The description of the alarm.", + "title": "AlarmDescription", "type": "string" }, - "Username": { - "markdownDescription": "The user's username.", - "title": "Username", + "AlarmName": { + "markdownDescription": "The name of the alarm. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the alarm name.\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "AlarmName", "type": "string" - } - }, - "required": [ - "GroupName", - "UserPoolId", - "Username" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Cognito::UserPoolUserToGroupAttachment" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::Comprehend::DocumentClassifier": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + }, + "ComparisonOperator": { + "markdownDescription": "The arithmetic operation to use when comparing the specified statistic and threshold. The specified statistic value is used as the first operand.", + "title": "ComparisonOperator", "type": "string" }, - { + "DatapointsToAlarm": { + "markdownDescription": "The number of datapoints that must be breaching to trigger the alarm. This is used only if you are setting an \"M out of N\" alarm. In that case, this value is the M, and the value that you set for `EvaluationPeriods` is the N value. For more information, see [Evaluating an Alarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/AlarmThatSendsEmail.html#alarm-evaluation) in the *Amazon CloudWatch User Guide* .\n\nIf you omit this parameter, CloudWatch uses the same value here that you set for `EvaluationPeriods` , and the alarm goes to alarm state if that many consecutive periods are breaching.", + "title": "DatapointsToAlarm", + "type": "number" + }, + "Dimensions": { "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" + "$ref": "#/definitions/AWS::CloudWatch::Alarm.Dimension" }, + "markdownDescription": "The dimensions for the metric associated with the alarm. For an alarm based on a math expression, you can't specify `Dimensions` . Instead, you use `Metrics` .", + "title": "Dimensions", "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DataAccessRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that grants Amazon Comprehend read access to your input data.", - "title": "DataAccessRoleArn", - "type": "string" }, - "DocumentClassifierName": { - "markdownDescription": "The name of the document classifier.", - "title": "DocumentClassifierName", + "EvaluateLowSampleCountPercentile": { + "markdownDescription": "Used only for alarms based on percentiles. If `ignore` , the alarm state does not change during periods with too few data points to be statistically significant. If `evaluate` or this parameter is not used, the alarm is always evaluated and possibly changes state no matter how many data points are available.", + "title": "EvaluateLowSampleCountPercentile", "type": "string" }, - "InputDataConfig": { - "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier.DocumentClassifierInputDataConfig", - "markdownDescription": "Specifies the format and location of the input data for the job.", - "title": "InputDataConfig" + "EvaluationPeriods": { + "markdownDescription": "The number of periods over which data is compared to the specified threshold. If you are setting an alarm that requires that a number of consecutive data points be breaching to trigger the alarm, this value specifies that number. If you are setting an \"M out of N\" alarm, this value is the N, and `DatapointsToAlarm` is the M.\n\nFor more information, see [Evaluating an Alarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/AlarmThatSendsEmail.html#alarm-evaluation) in the *Amazon CloudWatch User Guide* .", + "title": "EvaluationPeriods", + "type": "number" }, - "LanguageCode": { - "markdownDescription": "The language of the input documents. You can specify any of the languages supported by Amazon Comprehend. All documents must be in the same language.", - "title": "LanguageCode", + "ExtendedStatistic": { + "markdownDescription": "The percentile statistic for the metric associated with the alarm. Specify a value between p0.0 and p100.\n\nFor an alarm based on a metric, you must specify either `Statistic` or `ExtendedStatistic` but not both.\n\nFor an alarm based on a math expression, you can't specify `ExtendedStatistic` . Instead, you use `Metrics` .", + "title": "ExtendedStatistic", "type": "string" }, - "Mode": { - "markdownDescription": "Indicates the mode in which the classifier will be trained. The classifier can be trained in multi-class (single-label) mode or multi-label mode. Multi-class mode identifies a single class label for each document and multi-label mode identifies one or more class labels for each document. Multiple labels for an individual document are separated by a delimiter. The default delimiter between labels is a pipe (|).", - "title": "Mode", - "type": "string" + "InsufficientDataActions": { + "items": { + "type": "string" + }, + "markdownDescription": "The actions to execute when this alarm transitions to the `INSUFFICIENT_DATA` state from any other state. Each action is specified as an Amazon Resource Name (ARN).", + "title": "InsufficientDataActions", + "type": "array" }, - "ModelKmsKeyId": { - "markdownDescription": "ID for the AWS KMS key that Amazon Comprehend uses to encrypt trained custom models. The ModelKmsKeyId can be either of the following formats:\n\n- KMS Key ID: `\"1234abcd-12ab-34cd-56ef-1234567890ab\"`\n- Amazon Resource Name (ARN) of a KMS Key: `\"arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\"`", - "title": "ModelKmsKeyId", + "MetricName": { + "markdownDescription": "The name of the metric associated with the alarm. This is required for an alarm based on a metric. For an alarm based on a math expression, you use `Metrics` instead and you can't specify `MetricName` .", + "title": "MetricName", "type": "string" }, - "ModelPolicy": { - "markdownDescription": "The resource-based policy to attach to your custom document classifier model. You can use this policy to allow another AWS account to import your custom model.\n\nProvide your policy as a JSON body that you enter as a UTF-8 encoded string without line breaks. To provide valid JSON, enclose the attribute names and values in double quotes. If the JSON body is also enclosed in double quotes, then you must escape the double quotes that are inside the policy:\n\n`\"{\\\"attribute\\\": \\\"value\\\", \\\"attribute\\\": [\\\"value\\\"]}\"`\n\nTo avoid escaping quotes, you can use single quotes to enclose the policy and double quotes to enclose the JSON names and values:\n\n`'{\"attribute\": \"value\", \"attribute\": [\"value\"]}'`", - "title": "ModelPolicy", + "Metrics": { + "items": { + "$ref": "#/definitions/AWS::CloudWatch::Alarm.MetricDataQuery" + }, + "markdownDescription": "An array that enables you to create an alarm based on the result of a metric math expression. Each item in the array either retrieves a metric or performs a math expression.\n\nIf you specify the `Metrics` parameter, you cannot specify `MetricName` , `Dimensions` , `Period` , `Namespace` , `Statistic` , `ExtendedStatistic` , or `Unit` .", + "title": "Metrics", + "type": "array" + }, + "Namespace": { + "markdownDescription": "The namespace of the metric associated with the alarm. This is required for an alarm based on a metric. For an alarm based on a math expression, you can't specify `Namespace` and you use `Metrics` instead.\n\nFor a list of namespaces for metrics from AWS services, see [AWS Services That Publish CloudWatch Metrics.](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/aws-services-cloudwatch-metrics.html)", + "title": "Namespace", "type": "string" }, - "OutputDataConfig": { - "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier.DocumentClassifierOutputDataConfig", - "markdownDescription": "Provides output results configuration parameters for custom classifier jobs.", - "title": "OutputDataConfig" + "OKActions": { + "items": { + "type": "string" + }, + "markdownDescription": "The actions to execute when this alarm transitions to the `OK` state from any other state. Each action is specified as an Amazon Resource Name (ARN).", + "title": "OKActions", + "type": "array" + }, + "Period": { + "markdownDescription": "The period, in seconds, over which the statistic is applied. This is required for an alarm based on a metric. Valid values are 10, 20, 30, 60, and any multiple of 60.\n\nFor an alarm based on a math expression, you can't specify `Period` , and instead you use the `Metrics` parameter.\n\n*Minimum:* 10", + "title": "Period", + "type": "number" + }, + "Statistic": { + "markdownDescription": "The statistic for the metric associated with the alarm, other than percentile. For percentile statistics, use `ExtendedStatistic` .\n\nFor an alarm based on a metric, you must specify either `Statistic` or `ExtendedStatistic` but not both.\n\nFor an alarm based on a math expression, you can't specify `Statistic` . Instead, you use `Metrics` .", + "title": "Statistic", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Tags to associate with the document classifier. A tag is a key-value pair that adds as a metadata to a resource used by Amazon Comprehend. For example, a tag with \"Sales\" as the key might be added to a resource to indicate its use by the sales department.", + "markdownDescription": "A list of key-value pairs to associate with the alarm. You can associate as many as 50 tags with an alarm. To be able to associate tags with the alarm when you create the alarm, you must have the `cloudwatch:TagResource` permission.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.", "title": "Tags", "type": "array" }, - "VersionName": { - "markdownDescription": "The version name given to the newly created classifier. Version names can have a maximum of 256 characters. Alphanumeric characters, hyphens (-) and underscores (_) are allowed. The version name must be unique among all models with the same classifier name in the AWS account / AWS Region .", - "title": "VersionName", + "Threshold": { + "markdownDescription": "The value to compare with the specified statistic.", + "title": "Threshold", + "type": "number" + }, + "ThresholdMetricId": { + "markdownDescription": "In an alarm based on an anomaly detection model, this is the ID of the `ANOMALY_DETECTION_BAND` function used as the threshold for the alarm.", + "title": "ThresholdMetricId", "type": "string" }, - "VolumeKmsKeyId": { - "markdownDescription": "ID for the AWS Key Management Service (KMS) key that Amazon Comprehend uses to encrypt data on the storage volume attached to the ML compute instance(s) that process the analysis job. The VolumeKmsKeyId can be either of the following formats:\n\n- KMS Key ID: `\"1234abcd-12ab-34cd-56ef-1234567890ab\"`\n- Amazon Resource Name (ARN) of a KMS Key: `\"arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\"`", - "title": "VolumeKmsKeyId", + "TreatMissingData": { + "markdownDescription": "Sets how this alarm is to handle missing data points. Valid values are `breaching` , `notBreaching` , `ignore` , and `missing` . For more information, see [Configuring How CloudWatch Alarms Treat Missing Data](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/AlarmThatSendsEmail.html#alarms-and-missing-data) in the *Amazon CloudWatch User Guide* .\n\nIf you omit this parameter, the default behavior of `missing` is used.", + "title": "TreatMissingData", "type": "string" }, - "VpcConfig": { - "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier.VpcConfig", - "markdownDescription": "Configuration parameters for a private Virtual Private Cloud (VPC) containing the resources you are using for your custom classifier. For more information, see [Amazon VPC](https://docs.aws.amazon.com/vpc/latest/userguide/what-is-amazon-vpc.html) .", - "title": "VpcConfig" + "Unit": { + "markdownDescription": "The unit of the metric associated with the alarm. Specify this only if you are creating an alarm based on a single metric. Do not specify this if you are specifying a `Metrics` array.\n\nYou can specify the following values: Seconds, Microseconds, Milliseconds, Bytes, Kilobytes, Megabytes, Gigabytes, Terabytes, Bits, Kilobits, Megabits, Gigabits, Terabits, Percent, Count, Bytes/Second, Kilobytes/Second, Megabytes/Second, Gigabytes/Second, Terabytes/Second, Bits/Second, Kilobits/Second, Megabits/Second, Gigabits/Second, Terabits/Second, Count/Second, or None.", + "title": "Unit", + "type": "string" } }, "required": [ - "DataAccessRoleArn", - "DocumentClassifierName", - "InputDataConfig", - "LanguageCode" + "ComparisonOperator", + "EvaluationPeriods" ], "type": "object" }, "Type": { "enum": [ - "AWS::Comprehend::DocumentClassifier" + "AWS::CloudWatch::Alarm" ], "type": "string" }, @@ -47663,172 +53606,126 @@ ], "type": "object" }, - "AWS::Comprehend::DocumentClassifier.AugmentedManifestsListItem": { - "additionalProperties": false, - "properties": { - "AttributeNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The JSON attribute that contains the annotations for your training documents. The number of attribute names that you specify depends on whether your augmented manifest file is the output of a single labeling job or a chained labeling job.\n\nIf your file is the output of a single labeling job, specify the LabelAttributeName key that was used when the job was created in Ground Truth.\n\nIf your file is the output of a chained labeling job, specify the LabelAttributeName key for one or more jobs in the chain. Each LabelAttributeName key provides the annotations from an individual job.", - "title": "AttributeNames", - "type": "array" - }, - "S3Uri": { - "markdownDescription": "The Amazon S3 location of the augmented manifest file.", - "title": "S3Uri", - "type": "string" - }, - "Split": { - "markdownDescription": "The purpose of the data you've provided in the augmented manifest. You can either train or test this data. If you don't specify, the default is train.\n\nTRAIN - all of the documents in the manifest will be used for training. If no test documents are provided, Amazon Comprehend will automatically reserve a portion of the training documents for testing.\n\nTEST - all of the documents in the manifest will be used for testing.", - "title": "Split", - "type": "string" - } - }, - "required": [ - "AttributeNames", - "S3Uri" - ], - "type": "object" - }, - "AWS::Comprehend::DocumentClassifier.DocumentClassifierDocuments": { + "AWS::CloudWatch::Alarm.Dimension": { "additionalProperties": false, "properties": { - "S3Uri": { - "markdownDescription": "The S3 URI location of the training documents specified in the S3Uri CSV file.", - "title": "S3Uri", + "Name": { + "markdownDescription": "The name of the dimension, from 1\u2013255 characters in length. This dimension name must have been included when the metric was published.", + "title": "Name", "type": "string" }, - "TestS3Uri": { - "markdownDescription": "The S3 URI location of the test documents included in the TestS3Uri CSV file. This field is not required if you do not specify a test CSV file.", - "title": "TestS3Uri", + "Value": { + "markdownDescription": "The value for the dimension, from 1\u2013255 characters in length.", + "title": "Value", "type": "string" } }, "required": [ - "S3Uri" + "Name", + "Value" ], "type": "object" }, - "AWS::Comprehend::DocumentClassifier.DocumentClassifierInputDataConfig": { + "AWS::CloudWatch::Alarm.Metric": { "additionalProperties": false, "properties": { - "AugmentedManifests": { + "Dimensions": { "items": { - "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier.AugmentedManifestsListItem" + "$ref": "#/definitions/AWS::CloudWatch::Alarm.Dimension" }, - "markdownDescription": "A list of augmented manifest files that provide training data for your custom model. An augmented manifest file is a labeled dataset that is produced by Amazon SageMaker Ground Truth.\n\nThis parameter is required if you set `DataFormat` to `AUGMENTED_MANIFEST` .", - "title": "AugmentedManifests", + "markdownDescription": "The metric dimensions that you want to be used for the metric that the alarm will watch.", + "title": "Dimensions", "type": "array" }, - "DataFormat": { - "markdownDescription": "The format of your training data:\n\n- `COMPREHEND_CSV` : A two-column CSV file, where labels are provided in the first column, and documents are provided in the second. If you use this value, you must provide the `S3Uri` parameter in your request.\n- `AUGMENTED_MANIFEST` : A labeled dataset that is produced by Amazon SageMaker Ground Truth. This file is in JSON lines format. Each line is a complete JSON object that contains a training document and its associated labels.\n\nIf you use this value, you must provide the `AugmentedManifests` parameter in your request.\n\nIf you don't specify a value, Amazon Comprehend uses `COMPREHEND_CSV` as the default.", - "title": "DataFormat", - "type": "string" - }, - "DocumentReaderConfig": { - "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier.DocumentReaderConfig", - "markdownDescription": "", - "title": "DocumentReaderConfig" - }, - "DocumentType": { - "markdownDescription": "The type of input documents for training the model. Provide plain-text documents to create a plain-text model, and provide semi-structured documents to create a native document model.", - "title": "DocumentType", - "type": "string" - }, - "Documents": { - "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier.DocumentClassifierDocuments", - "markdownDescription": "The S3 location of the training documents. This parameter is required in a request to create a native document model.", - "title": "Documents" - }, - "LabelDelimiter": { - "markdownDescription": "Indicates the delimiter used to separate each label for training a multi-label classifier. The default delimiter between labels is a pipe (|). You can use a different character as a delimiter (if it's an allowed character) by specifying it under Delimiter for labels. If the training documents use a delimiter other than the default or the delimiter you specify, the labels on that line will be combined to make a single unique label, such as LABELLABELLABEL.", - "title": "LabelDelimiter", - "type": "string" - }, - "S3Uri": { - "markdownDescription": "The Amazon S3 URI for the input data. The S3 bucket must be in the same Region as the API endpoint that you are calling. The URI can point to a single input file or it can provide the prefix for a collection of input files.\n\nFor example, if you use the URI `S3://bucketName/prefix` , if the prefix is a single file, Amazon Comprehend uses that file as input. If more than one file begins with the prefix, Amazon Comprehend uses all of them as input.\n\nThis parameter is required if you set `DataFormat` to `COMPREHEND_CSV` .", - "title": "S3Uri", + "MetricName": { + "markdownDescription": "The name of the metric that you want the alarm to watch. This is a required field.", + "title": "MetricName", "type": "string" }, - "TestS3Uri": { - "markdownDescription": "This specifies the Amazon S3 location that contains the test annotations for the document classifier. The URI must be in the same AWS Region as the API endpoint that you are calling.", - "title": "TestS3Uri", + "Namespace": { + "markdownDescription": "The namespace of the metric that the alarm will watch.", + "title": "Namespace", "type": "string" } }, "type": "object" }, - "AWS::Comprehend::DocumentClassifier.DocumentClassifierOutputDataConfig": { + "AWS::CloudWatch::Alarm.MetricDataQuery": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "ID for the AWS Key Management Service (KMS) key that Amazon Comprehend uses to encrypt the output results from an analysis job. The KmsKeyId can be one of the following formats:\n\n- KMS Key ID: `\"1234abcd-12ab-34cd-56ef-1234567890ab\"`\n- Amazon Resource Name (ARN) of a KMS Key: `\"arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\"`\n- KMS Key Alias: `\"alias/ExampleAlias\"`\n- ARN of a KMS Key Alias: `\"arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias\"`", - "title": "KmsKeyId", + "AccountId": { + "markdownDescription": "The ID of the account where the metrics are located, if this is a cross-account alarm.", + "title": "AccountId", "type": "string" }, - "S3Uri": { - "markdownDescription": "When you use the `OutputDataConfig` object while creating a custom classifier, you specify the Amazon S3 location where you want to write the confusion matrix and other output files. The URI must be in the same Region as the API endpoint that you are calling. The location is used as the prefix for the actual location of this output file.\n\nWhen the custom classifier job is finished, the service creates the output file in a directory specific to the job. The `S3Uri` field contains the location of the output file, called `output.tar.gz` . It is a compressed archive that contains the confusion matrix.", - "title": "S3Uri", + "Expression": { + "markdownDescription": "The math expression to be performed on the returned data, if this object is performing a math expression. This expression can use the `Id` of the other metrics to refer to those metrics, and can also use the `Id` of other expressions to use the result of those expressions. For more information about metric math expressions, see [Metric Math Syntax and Functions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/using-metric-math.html#metric-math-syntax) in the *Amazon CloudWatch User Guide* .\n\nWithin each MetricDataQuery object, you must specify either `Expression` or `MetricStat` but not both.", + "title": "Expression", "type": "string" - } - }, - "type": "object" - }, - "AWS::Comprehend::DocumentClassifier.DocumentReaderConfig": { - "additionalProperties": false, - "properties": { - "DocumentReadAction": { - "markdownDescription": "This field defines the Amazon Textract API operation that Amazon Comprehend uses to extract text from PDF files and image files. Enter one of the following values:\n\n- `TEXTRACT_DETECT_DOCUMENT_TEXT` - The Amazon Comprehend service uses the `DetectDocumentText` API operation.\n- `TEXTRACT_ANALYZE_DOCUMENT` - The Amazon Comprehend service uses the `AnalyzeDocument` API operation.", - "title": "DocumentReadAction", + }, + "Id": { + "markdownDescription": "A short name used to tie this object to the results in the response. This name must be unique within a single call to `GetMetricData` . If you are performing math expressions on this set of data, this name represents that data and can serve as a variable in the mathematical expression. The valid characters are letters, numbers, and underscore. The first character must be a lowercase letter.", + "title": "Id", "type": "string" }, - "DocumentReadMode": { - "markdownDescription": "Determines the text extraction actions for PDF files. Enter one of the following values:\n\n- `SERVICE_DEFAULT` - use the Amazon Comprehend service defaults for PDF files.\n- `FORCE_DOCUMENT_READ_ACTION` - Amazon Comprehend uses the Textract API specified by DocumentReadAction for all PDF files, including digital PDF files.", - "title": "DocumentReadMode", + "Label": { + "markdownDescription": "A human-readable label for this metric or expression. This is especially useful if this is an expression, so that you know what the value represents. If the metric or expression is shown in a CloudWatch dashboard widget, the label is shown. If `Label` is omitted, CloudWatch generates a default.", + "title": "Label", "type": "string" }, - "FeatureTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the type of Amazon Textract features to apply. If you chose `TEXTRACT_ANALYZE_DOCUMENT` as the read action, you must specify one or both of the following values:\n\n- `TABLES` - Returns additional information about any tables that are detected in the input document.\n- `FORMS` - Returns additional information about any forms that are detected in the input document.", - "title": "FeatureTypes", - "type": "array" + "MetricStat": { + "$ref": "#/definitions/AWS::CloudWatch::Alarm.MetricStat", + "markdownDescription": "The metric to be returned, along with statistics, period, and units. Use this parameter only if this object is retrieving a metric and not performing a math expression on returned data.\n\nWithin one MetricDataQuery object, you must specify either `Expression` or `MetricStat` but not both.", + "title": "MetricStat" + }, + "Period": { + "markdownDescription": "The granularity, in seconds, of the returned data points. For metrics with regular resolution, a period can be as short as one minute (60 seconds) and must be a multiple of 60. For high-resolution metrics that are collected at intervals of less than one minute, the period can be 1, 5, 10, 20, 30, 60, or any multiple of 60. High-resolution metrics are those metrics stored by a `PutMetricData` operation that includes a `StorageResolution of 1 second` .", + "title": "Period", + "type": "number" + }, + "ReturnData": { + "markdownDescription": "This option indicates whether to return the timestamps and raw data values of this metric.\n\nWhen you create an alarm based on a metric math expression, specify `True` for this value for only the one math expression that the alarm is based on. You must specify `False` for `ReturnData` for all the other metrics and expressions used in the alarm.\n\nThis field is required.", + "title": "ReturnData", + "type": "boolean" } }, "required": [ - "DocumentReadAction" + "Id" ], "type": "object" }, - "AWS::Comprehend::DocumentClassifier.VpcConfig": { + "AWS::CloudWatch::Alarm.MetricStat": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The ID number for a security group on an instance of your private VPC. Security groups on your VPC function serve as a virtual firewall to control inbound and outbound traffic and provides security for the resources that you\u2019ll be accessing on the VPC. This ID number is preceded by \"sg-\", for instance: \"sg-03b388029b0a285ea\". For more information, see [Security Groups for your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) .", - "title": "SecurityGroupIds", - "type": "array" + "Metric": { + "$ref": "#/definitions/AWS::CloudWatch::Alarm.Metric", + "markdownDescription": "The metric to return, including the metric name, namespace, and dimensions.", + "title": "Metric" }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "The ID for each subnet being used in your private VPC. This subnet is a subset of the a range of IPv4 addresses used by the VPC and is specific to a given availability zone in the VPC\u2019s Region. This ID number is preceded by \"subnet-\", for instance: \"subnet-04ccf456919e69055\". For more information, see [VPCs and Subnets](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) .", - "title": "Subnets", - "type": "array" + "Period": { + "markdownDescription": "The granularity, in seconds, of the returned data points. For metrics with regular resolution, a period can be as short as one minute (60 seconds) and must be a multiple of 60. For high-resolution metrics that are collected at intervals of less than one minute, the period can be 1, 5, 10, 20, 30, 60, or any multiple of 60. High-resolution metrics are those metrics stored by a `PutMetricData` call that includes a `StorageResolution` of 1 second.\n\nIf the `StartTime` parameter specifies a time stamp that is greater than 3 hours ago, you must specify the period as follows or no data points in that time range is returned:\n\n- Start time between 3 hours and 15 days ago - Use a multiple of 60 seconds (1 minute).\n- Start time between 15 and 63 days ago - Use a multiple of 300 seconds (5 minutes).\n- Start time greater than 63 days ago - Use a multiple of 3600 seconds (1 hour).", + "title": "Period", + "type": "number" + }, + "Stat": { + "markdownDescription": "The statistic to return. It can include any CloudWatch statistic or extended statistic. For a list of valid values, see the table in [Statistics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html#Statistic) in the *Amazon CloudWatch User Guide* .", + "title": "Stat", + "type": "string" + }, + "Unit": { + "markdownDescription": "The unit to use for the returned data points.\n\nValid values are: Seconds, Microseconds, Milliseconds, Bytes, Kilobytes, Megabytes, Gigabytes, Terabytes, Bits, Kilobits, Megabits, Gigabits, Terabits, Percent, Count, Bytes/Second, Kilobytes/Second, Megabytes/Second, Gigabytes/Second, Terabytes/Second, Bits/Second, Kilobits/Second, Megabits/Second, Gigabits/Second, Terabits/Second, Count/Second, or None.", + "title": "Unit", + "type": "string" } }, "required": [ - "SecurityGroupIds", - "Subnets" + "Metric", + "Period", + "Stat" ], "type": "object" }, - "AWS::Comprehend::Flywheel": { + "AWS::CloudWatch::AnomalyDetector": { "additionalProperties": false, "properties": { "Condition": { @@ -47863,60 +53760,55 @@ "Properties": { "additionalProperties": false, "properties": { - "ActiveModelArn": { - "markdownDescription": "The Amazon Resource Number (ARN) of the active model version.", - "title": "ActiveModelArn", - "type": "string" + "Configuration": { + "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.Configuration", + "markdownDescription": "Specifies details about how the anomaly detection model is to be trained, including time ranges to exclude when training and updating the model. The configuration can also include the time zone to use for the metric.", + "title": "Configuration" }, - "DataAccessRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that grants Amazon Comprehend permission to access the flywheel data.", - "title": "DataAccessRoleArn", - "type": "string" + "Dimensions": { + "items": { + "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.Dimension" + }, + "markdownDescription": "The dimensions of the metric associated with the anomaly detection band.", + "title": "Dimensions", + "type": "array" }, - "DataLakeS3Uri": { - "markdownDescription": "Amazon S3 URI of the data lake location.", - "title": "DataLakeS3Uri", - "type": "string" + "MetricCharacteristics": { + "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.MetricCharacteristics", + "markdownDescription": "Use this object to include parameters to provide information about your metric to CloudWatch to help it build more accurate anomaly detection models. Currently, it includes the `PeriodicSpikes` parameter.", + "title": "MetricCharacteristics" }, - "DataSecurityConfig": { - "$ref": "#/definitions/AWS::Comprehend::Flywheel.DataSecurityConfig", - "markdownDescription": "Data security configuration.", - "title": "DataSecurityConfig" + "MetricMathAnomalyDetector": { + "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.MetricMathAnomalyDetector", + "markdownDescription": "The CloudWatch metric math expression for this anomaly detector.", + "title": "MetricMathAnomalyDetector" }, - "FlywheelName": { - "markdownDescription": "Name for the flywheel.", - "title": "FlywheelName", + "MetricName": { + "markdownDescription": "The name of the metric associated with the anomaly detection band.", + "title": "MetricName", "type": "string" }, - "ModelType": { - "markdownDescription": "Model type of the flywheel's model.", - "title": "ModelType", + "Namespace": { + "markdownDescription": "The namespace of the metric associated with the anomaly detection band.", + "title": "Namespace", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Tags associated with the endpoint being created. A tag is a key-value pair that adds metadata to the endpoint. For example, a tag with \"Sales\" as the key might be added to an endpoint to indicate its use by the sales department.", - "title": "Tags", - "type": "array" + "SingleMetricAnomalyDetector": { + "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.SingleMetricAnomalyDetector", + "markdownDescription": "The CloudWatch metric and statistic for this anomaly detector.", + "title": "SingleMetricAnomalyDetector" }, - "TaskConfig": { - "$ref": "#/definitions/AWS::Comprehend::Flywheel.TaskConfig", - "markdownDescription": "Configuration about the model associated with a flywheel.", - "title": "TaskConfig" + "Stat": { + "markdownDescription": "The statistic of the metric associated with the anomaly detection band.", + "title": "Stat", + "type": "string" } }, - "required": [ - "DataAccessRoleArn", - "DataLakeS3Uri", - "FlywheelName" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Comprehend::Flywheel" + "AWS::CloudWatch::AnomalyDetector" ], "type": "string" }, @@ -47930,138 +53822,237 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Comprehend::Flywheel.DataSecurityConfig": { + "AWS::CloudWatch::AnomalyDetector.Configuration": { "additionalProperties": false, "properties": { - "DataLakeKmsKeyId": { - "markdownDescription": "ID for the AWS KMS key that Amazon Comprehend uses to encrypt the data in the data lake.", - "title": "DataLakeKmsKeyId", - "type": "string" + "ExcludedTimeRanges": { + "items": { + "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.Range" + }, + "markdownDescription": "Specifies an array of time ranges to exclude from use when the anomaly detection model is trained and updated. Use this to make sure that events that could cause unusual values for the metric, such as deployments, aren't used when CloudWatch creates or updates the model.", + "title": "ExcludedTimeRanges", + "type": "array" }, - "ModelKmsKeyId": { - "markdownDescription": "ID for the AWS KMS key that Amazon Comprehend uses to encrypt trained custom models. The ModelKmsKeyId can be either of the following formats:\n\n- KMS Key ID: `\"1234abcd-12ab-34cd-56ef-1234567890ab\"`\n- Amazon Resource Name (ARN) of a KMS Key: `\"arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\"`", - "title": "ModelKmsKeyId", + "MetricTimeZone": { + "markdownDescription": "The time zone to use for the metric. This is useful to enable the model to automatically account for daylight savings time changes if the metric is sensitive to such time changes.\n\nTo specify a time zone, use the name of the time zone as specified in the standard tz database. For more information, see [tz database](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Tz_database) .", + "title": "MetricTimeZone", "type": "string" - }, - "VolumeKmsKeyId": { - "markdownDescription": "ID for the AWS KMS key that Amazon Comprehend uses to encrypt the volume.", - "title": "VolumeKmsKeyId", + } + }, + "type": "object" + }, + "AWS::CloudWatch::AnomalyDetector.Dimension": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the dimension.", + "title": "Name", "type": "string" }, - "VpcConfig": { - "$ref": "#/definitions/AWS::Comprehend::Flywheel.VpcConfig", - "markdownDescription": "Configuration parameters for an optional private Virtual Private Cloud (VPC) containing the resources you are using for the job. For more information, see [Amazon VPC](https://docs.aws.amazon.com/vpc/latest/userguide/what-is-amazon-vpc.html) .", - "title": "VpcConfig" + "Value": { + "markdownDescription": "The value of the dimension. Dimension values must contain only ASCII characters and must include at least one non-whitespace character. ASCII control characters are not supported as part of dimension values.", + "title": "Value", + "type": "string" } }, + "required": [ + "Name", + "Value" + ], "type": "object" }, - "AWS::Comprehend::Flywheel.DocumentClassificationConfig": { + "AWS::CloudWatch::AnomalyDetector.Metric": { "additionalProperties": false, "properties": { - "Labels": { + "Dimensions": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.Dimension" }, - "markdownDescription": "One or more labels to associate with the custom classifier.", - "title": "Labels", + "markdownDescription": "The dimensions for the metric.", + "title": "Dimensions", "type": "array" }, - "Mode": { - "markdownDescription": "Classification mode indicates whether the documents are `MULTI_CLASS` or `MULTI_LABEL` .", - "title": "Mode", + "MetricName": { + "markdownDescription": "The name of the metric. This is a required field.", + "title": "MetricName", + "type": "string" + }, + "Namespace": { + "markdownDescription": "The namespace of the metric.", + "title": "Namespace", "type": "string" } }, "required": [ - "Mode" + "MetricName", + "Namespace" ], "type": "object" }, - "AWS::Comprehend::Flywheel.EntityRecognitionConfig": { + "AWS::CloudWatch::AnomalyDetector.MetricCharacteristics": { "additionalProperties": false, "properties": { - "EntityTypes": { + "PeriodicSpikes": { + "markdownDescription": "Set this parameter to true if values for this metric consistently include spikes that should not be considered to be anomalies. With this set to true, CloudWatch will expect to see spikes that occurred consistently during the model training period, and won't flag future similar spikes as anomalies.", + "title": "PeriodicSpikes", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::CloudWatch::AnomalyDetector.MetricDataQueries": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::CloudWatch::AnomalyDetector.MetricDataQuery": { + "additionalProperties": false, + "properties": { + "AccountId": { + "markdownDescription": "The ID of the account where the metrics are located.\n\nIf you are performing a `GetMetricData` operation in a monitoring account, use this to specify which account to retrieve this metric from.\n\nIf you are performing a `PutMetricAlarm` operation, use this to specify which account contains the metric that the alarm is watching.", + "title": "AccountId", + "type": "string" + }, + "Expression": { + "markdownDescription": "This field can contain either a Metrics Insights query, or a metric math expression to be performed on the returned data. For more information about Metrics Insights queries, see [Metrics Insights query components and syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch-metrics-insights-querylanguage) in the *Amazon CloudWatch User Guide* .\n\nA math expression can use the `Id` of the other metrics or queries to refer to those metrics, and can also use the `Id` of other expressions to use the result of those expressions. For more information about metric math expressions, see [Metric Math Syntax and Functions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/using-metric-math.html#metric-math-syntax) in the *Amazon CloudWatch User Guide* .\n\nWithin each MetricDataQuery object, you must specify either `Expression` or `MetricStat` but not both.", + "title": "Expression", + "type": "string" + }, + "Id": { + "markdownDescription": "A short name used to tie this object to the results in the response. This name must be unique within a single call to `GetMetricData` . If you are performing math expressions on this set of data, this name represents that data and can serve as a variable in the mathematical expression. The valid characters are letters, numbers, and underscore. The first character must be a lowercase letter.", + "title": "Id", + "type": "string" + }, + "Label": { + "markdownDescription": "A human-readable label for this metric or expression. This is especially useful if this is an expression, so that you know what the value represents. If the metric or expression is shown in a CloudWatch dashboard widget, the label is shown. If Label is omitted, CloudWatch generates a default.\n\nYou can put dynamic expressions into a label, so that it is more descriptive. For more information, see [Using Dynamic Labels](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/graph-dynamic-labels.html) .", + "title": "Label", + "type": "string" + }, + "MetricStat": { + "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.MetricStat", + "markdownDescription": "The metric to be returned, along with statistics, period, and units. Use this parameter only if this object is retrieving a metric and not performing a math expression on returned data.\n\nWithin one MetricDataQuery object, you must specify either `Expression` or `MetricStat` but not both.", + "title": "MetricStat" + }, + "Period": { + "markdownDescription": "The granularity, in seconds, of the returned data points. For metrics with regular resolution, a period can be as short as one minute (60 seconds) and must be a multiple of 60. For high-resolution metrics that are collected at intervals of less than one minute, the period can be 1, 5, 10, 20, 30, 60, or any multiple of 60. High-resolution metrics are those metrics stored by a `PutMetricData` operation that includes a `StorageResolution of 1 second` .", + "title": "Period", + "type": "number" + }, + "ReturnData": { + "markdownDescription": "When used in `GetMetricData` , this option indicates whether to return the timestamps and raw data values of this metric. If you are performing this call just to do math expressions and do not also need the raw data returned, you can specify `false` . If you omit this, the default of `true` is used.\n\nWhen used in `PutMetricAlarm` , specify `true` for the one expression result to use as the alarm. For all other metrics and expressions in the same `PutMetricAlarm` operation, specify `ReturnData` as False.", + "title": "ReturnData", + "type": "boolean" + } + }, + "required": [ + "Id" + ], + "type": "object" + }, + "AWS::CloudWatch::AnomalyDetector.MetricMathAnomalyDetector": { + "additionalProperties": false, + "properties": { + "MetricDataQueries": { "items": { - "$ref": "#/definitions/AWS::Comprehend::Flywheel.EntityTypesListItem" + "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.MetricDataQuery" }, - "markdownDescription": "Up to 25 entity types that the model is trained to recognize.", - "title": "EntityTypes", + "markdownDescription": "An array of metric data query structures that enables you to create an anomaly detector based on the result of a metric math expression. Each item in `MetricDataQueries` gets a metric or performs a math expression. One item in `MetricDataQueries` is the expression that provides the time series that the anomaly detector uses as input. Designate the expression by setting `ReturnData` to `true` for this object in the array. For all other expressions and metrics, set `ReturnData` to `false` . The designated expression must return a single time series.", + "title": "MetricDataQueries", "type": "array" } }, "type": "object" }, - "AWS::Comprehend::Flywheel.EntityTypesListItem": { + "AWS::CloudWatch::AnomalyDetector.MetricStat": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "An entity type within a labeled training dataset that Amazon Comprehend uses to train a custom entity recognizer.\n\nEntity types must not contain the following invalid characters: \\n (line break), \\\\n (escaped line break, \\r (carriage return), \\\\r (escaped carriage return), \\t (tab), \\\\t (escaped tab), and , (comma).", - "title": "Type", + "Metric": { + "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.Metric", + "markdownDescription": "The metric to return, including the metric name, namespace, and dimensions.", + "title": "Metric" + }, + "Period": { + "markdownDescription": "The granularity, in seconds, of the returned data points. For metrics with regular resolution, a period can be as short as one minute (60 seconds) and must be a multiple of 60. For high-resolution metrics that are collected at intervals of less than one minute, the period can be 1, 5, 10, 20, 30, 60, or any multiple of 60. High-resolution metrics are those metrics stored by a `PutMetricData` call that includes a `StorageResolution` of 1 second.\n\nIf the `StartTime` parameter specifies a time stamp that is greater than 3 hours ago, you must specify the period as follows or no data points in that time range is returned:\n\n- Start time between 3 hours and 15 days ago - Use a multiple of 60 seconds (1 minute).\n- Start time between 15 and 63 days ago - Use a multiple of 300 seconds (5 minutes).\n- Start time greater than 63 days ago - Use a multiple of 3600 seconds (1 hour).", + "title": "Period", + "type": "number" + }, + "Stat": { + "markdownDescription": "The statistic to return. It can include any CloudWatch statistic or extended statistic.", + "title": "Stat", + "type": "string" + }, + "Unit": { + "markdownDescription": "When you are using a `Put` operation, this defines what unit you want to use when storing the metric.\n\nIn a `Get` operation, if you omit `Unit` then all data that was collected with any unit is returned, along with the corresponding units that were specified when the data was reported to CloudWatch. If you specify a unit, the operation returns only data that was collected with that unit specified. If you specify a unit that does not match the data collected, the results of the operation are null. CloudWatch does not perform unit conversions.", + "title": "Unit", "type": "string" } }, "required": [ - "Type" + "Metric", + "Period", + "Stat" ], "type": "object" }, - "AWS::Comprehend::Flywheel.TaskConfig": { + "AWS::CloudWatch::AnomalyDetector.Range": { "additionalProperties": false, "properties": { - "DocumentClassificationConfig": { - "$ref": "#/definitions/AWS::Comprehend::Flywheel.DocumentClassificationConfig", - "markdownDescription": "Configuration required for a document classification model.", - "title": "DocumentClassificationConfig" - }, - "EntityRecognitionConfig": { - "$ref": "#/definitions/AWS::Comprehend::Flywheel.EntityRecognitionConfig", - "markdownDescription": "Configuration required for an entity recognition model.", - "title": "EntityRecognitionConfig" + "EndTime": { + "markdownDescription": "The end time of the range to exclude. The format is `yyyy-MM-dd'T'HH:mm:ss` . For example, `2019-07-01T23:59:59` .", + "title": "EndTime", + "type": "string" }, - "LanguageCode": { - "markdownDescription": "Language code for the language that the model supports.", - "title": "LanguageCode", + "StartTime": { + "markdownDescription": "The start time of the range to exclude. The format is `yyyy-MM-dd'T'HH:mm:ss` . For example, `2019-07-01T23:59:59` .", + "title": "StartTime", "type": "string" } }, "required": [ - "LanguageCode" + "EndTime", + "StartTime" ], "type": "object" }, - "AWS::Comprehend::Flywheel.VpcConfig": { + "AWS::CloudWatch::AnomalyDetector.SingleMetricAnomalyDetector": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The ID number for a security group on an instance of your private VPC. Security groups on your VPC function serve as a virtual firewall to control inbound and outbound traffic and provides security for the resources that you\u2019ll be accessing on the VPC. This ID number is preceded by \"sg-\", for instance: \"sg-03b388029b0a285ea\". For more information, see [Security Groups for your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) .", - "title": "SecurityGroupIds", - "type": "array" + "AccountId": { + "markdownDescription": "If the CloudWatch metric that provides the time series that the anomaly detector uses as input is in another account, specify that account ID here. If you omit this parameter, the current account is used.", + "title": "AccountId", + "type": "string" }, - "Subnets": { + "Dimensions": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.Dimension" }, - "markdownDescription": "The ID for each subnet being used in your private VPC. This subnet is a subset of the a range of IPv4 addresses used by the VPC and is specific to a given availability zone in the VPC\u2019s Region. This ID number is preceded by \"subnet-\", for instance: \"subnet-04ccf456919e69055\". For more information, see [VPCs and Subnets](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) .", - "title": "Subnets", + "markdownDescription": "The metric dimensions to create the anomaly detection model for.", + "title": "Dimensions", "type": "array" + }, + "MetricName": { + "markdownDescription": "The name of the metric to create the anomaly detection model for.", + "title": "MetricName", + "type": "string" + }, + "Namespace": { + "markdownDescription": "The namespace of the metric to create the anomaly detection model for.", + "title": "Namespace", + "type": "string" + }, + "Stat": { + "markdownDescription": "The statistic to use for the metric and anomaly detection model.", + "title": "Stat", + "type": "string" } }, - "required": [ - "SecurityGroupIds", - "Subnets" - ], "type": "object" }, - "AWS::Config::AggregationAuthorization": { + "AWS::CloudWatch::CompositeAlarm": { "additionalProperties": false, "properties": { "Condition": { @@ -48096,34 +54087,82 @@ "Properties": { "additionalProperties": false, "properties": { - "AuthorizedAccountId": { - "markdownDescription": "The 12-digit account ID of the account authorized to aggregate data.", - "title": "AuthorizedAccountId", + "ActionsEnabled": { + "markdownDescription": "Indicates whether actions should be executed during any changes to the alarm state of the composite alarm. The default is TRUE.", + "title": "ActionsEnabled", + "type": "boolean" + }, + "ActionsSuppressor": { + "markdownDescription": "Actions will be suppressed if the suppressor alarm is in the `ALARM` state. `ActionsSuppressor` can be an AlarmName or an Amazon Resource Name (ARN) from an existing alarm.", + "title": "ActionsSuppressor", "type": "string" }, - "AuthorizedAwsRegion": { - "markdownDescription": "The region authorized to collect aggregated data.", - "title": "AuthorizedAwsRegion", + "ActionsSuppressorExtensionPeriod": { + "markdownDescription": "The maximum time in seconds that the composite alarm waits after suppressor alarm goes out of the `ALARM` state. After this time, the composite alarm performs its actions.\n\n> `ExtensionPeriod` is required only when `ActionsSuppressor` is specified.", + "title": "ActionsSuppressorExtensionPeriod", + "type": "number" + }, + "ActionsSuppressorWaitPeriod": { + "markdownDescription": "The maximum time in seconds that the composite alarm waits for the suppressor alarm to go into the `ALARM` state. After this time, the composite alarm performs its actions.\n\n> `WaitPeriod` is required only when `ActionsSuppressor` is specified.", + "title": "ActionsSuppressorWaitPeriod", + "type": "number" + }, + "AlarmActions": { + "items": { + "type": "string" + }, + "markdownDescription": "The actions to execute when this alarm transitions to the ALARM state from any other state. Each action is specified as an Amazon Resource Name (ARN). For more information about creating alarms and the actions that you can specify, see [PutCompositeAlarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutCompositeAlarm.html) in the *Amazon CloudWatch API Reference* .", + "title": "AlarmActions", + "type": "array" + }, + "AlarmDescription": { + "markdownDescription": "The description for the composite alarm.", + "title": "AlarmDescription", + "type": "string" + }, + "AlarmName": { + "markdownDescription": "The name for the composite alarm. This name must be unique within your AWS account.", + "title": "AlarmName", + "type": "string" + }, + "AlarmRule": { + "markdownDescription": "An expression that specifies which other alarms are to be evaluated to determine this composite alarm's state. For each alarm that you reference, you designate a function that specifies whether that alarm needs to be in ALARM state, OK state, or INSUFFICIENT_DATA state. You can use operators (AND, OR and NOT) to combine multiple functions in a single expression. You can use parenthesis to logically group the functions in your expression.\n\nYou can use either alarm names or ARNs to reference the other alarms that are to be evaluated.\n\nFunctions can include the following:\n\n- ALARM(\"alarm-name or alarm-ARN\") is TRUE if the named alarm is in ALARM state.\n- OK(\"alarm-name or alarm-ARN\") is TRUE if the named alarm is in OK state.\n- INSUFFICIENT_DATA(\"alarm-name or alarm-ARN\") is TRUE if the named alarm is in INSUFFICIENT_DATA state.\n- TRUE always evaluates to TRUE.\n- FALSE always evaluates to FALSE.\n\nTRUE and FALSE are useful for testing a complex AlarmRule structure, and for testing your alarm actions.\n\nFor more information about `AlarmRule` syntax, see [PutCompositeAlarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutCompositeAlarm.html) in the *Amazon CloudWatch API Reference* .", + "title": "AlarmRule", "type": "string" }, + "InsufficientDataActions": { + "items": { + "type": "string" + }, + "markdownDescription": "The actions to execute when this alarm transitions to the INSUFFICIENT_DATA state from any other state. Each action is specified as an Amazon Resource Name (ARN). For more information about creating alarms and the actions that you can specify, see [PutCompositeAlarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutCompositeAlarm.html) in the *Amazon CloudWatch API Reference* .", + "title": "InsufficientDataActions", + "type": "array" + }, + "OKActions": { + "items": { + "type": "string" + }, + "markdownDescription": "The actions to execute when this alarm transitions to the OK state from any other state. Each action is specified as an Amazon Resource Name (ARN). For more information about creating alarms and the actions that you can specify, see [PutCompositeAlarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutCompositeAlarm.html) in the *Amazon CloudWatch API Reference* .", + "title": "OKActions", + "type": "array" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of tag object.", + "markdownDescription": "A list of key-value pairs to associate with the alarm. You can associate as many as 50 tags with an alarm. To be able to associate tags with the alarm when you create the alarm, you must have the `cloudwatch:TagResource` permission.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.", "title": "Tags", "type": "array" } }, "required": [ - "AuthorizedAccountId", - "AuthorizedAwsRegion" + "AlarmRule" ], "type": "object" }, "Type": { "enum": [ - "AWS::Config::AggregationAuthorization" + "AWS::CloudWatch::CompositeAlarm" ], "type": "string" }, @@ -48142,7 +54181,7 @@ ], "type": "object" }, - "AWS::Config::ConfigRule": { + "AWS::CloudWatch::Dashboard": { "additionalProperties": false, "properties": { "Condition": { @@ -48177,58 +54216,25 @@ "Properties": { "additionalProperties": false, "properties": { - "Compliance": { - "$ref": "#/definitions/AWS::Config::ConfigRule.Compliance", - "markdownDescription": "Indicates whether an AWS resource or AWS Config rule is compliant and provides the number of contributors that affect the compliance.", - "title": "Compliance" - }, - "ConfigRuleName": { - "markdownDescription": "A name for the AWS Config rule. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the rule name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .", - "title": "ConfigRuleName", - "type": "string" - }, - "Description": { - "markdownDescription": "The description that you provide for the AWS Config rule.", - "title": "Description", + "DashboardBody": { + "markdownDescription": "The detailed information about the dashboard in JSON format, including the widgets to include and their location on the dashboard. This parameter is required.\n\nFor more information about the syntax, see [Dashboard Body Structure and Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/CloudWatch-Dashboard-Body-Structure.html) .", + "title": "DashboardBody", "type": "string" }, - "EvaluationModes": { - "items": { - "$ref": "#/definitions/AWS::Config::ConfigRule.EvaluationModeConfiguration" - }, - "markdownDescription": "The modes the AWS Config rule can be evaluated in. The valid values are distinct objects. By default, the value is Detective evaluation mode only.", - "title": "EvaluationModes", - "type": "array" - }, - "InputParameters": { - "markdownDescription": "A string, in JSON format, that is passed to the AWS Config rule Lambda function.", - "title": "InputParameters", - "type": "object" - }, - "MaximumExecutionFrequency": { - "markdownDescription": "The maximum frequency with which AWS Config runs evaluations for a rule. You can specify a value for `MaximumExecutionFrequency` when:\n\n- You are using an AWS managed rule that is triggered at a periodic frequency.\n- Your custom rule is triggered when AWS Config delivers the configuration snapshot. For more information, see [ConfigSnapshotDeliveryProperties](https://docs.aws.amazon.com/config/latest/APIReference/API_ConfigSnapshotDeliveryProperties.html) .\n\n> By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the `MaximumExecutionFrequency` parameter.", - "title": "MaximumExecutionFrequency", + "DashboardName": { + "markdownDescription": "The name of the dashboard. The name must be between 1 and 255 characters. If you do not specify a name, one will be generated automatically.", + "title": "DashboardName", "type": "string" - }, - "Scope": { - "$ref": "#/definitions/AWS::Config::ConfigRule.Scope", - "markdownDescription": "Defines which resources can trigger an evaluation for the rule. The scope can include one or more resource types, a combination of one resource type and one resource ID, or a combination of a tag key and value. Specify a scope to constrain the resources that can trigger an evaluation for the rule. If you do not specify a scope, evaluations are triggered when any resource in the recording group changes.", - "title": "Scope" - }, - "Source": { - "$ref": "#/definitions/AWS::Config::ConfigRule.Source", - "markdownDescription": "Provides the rule owner ( `AWS` for managed rules, `CUSTOM_POLICY` for Custom Policy rules, and `CUSTOM_LAMBDA` for Custom Lambda rules), the rule identifier, and the notifications that cause the function to evaluate your AWS resources.", - "title": "Source" } }, "required": [ - "Source" + "DashboardBody" ], "type": "object" }, "Type": { "enum": [ - "AWS::Config::ConfigRule" + "AWS::CloudWatch::Dashboard" ], "type": "string" }, @@ -48247,136 +54253,7 @@ ], "type": "object" }, - "AWS::Config::ConfigRule.Compliance": { - "additionalProperties": false, - "properties": { - "Type": { - "markdownDescription": "Indicates whether an AWS resource or AWS Config rule is compliant.\n\nA resource is compliant if it complies with all of the AWS Config rules that evaluate it. A resource is noncompliant if it does not comply with one or more of these rules.\n\nA rule is compliant if all of the resources that the rule evaluates comply with it. A rule is noncompliant if any of these resources do not comply.\n\nAWS Config returns the `INSUFFICIENT_DATA` value when no evaluation results are available for the AWS resource or AWS Config rule.\n\nFor the `Compliance` data type, AWS Config supports only `COMPLIANT` , `NON_COMPLIANT` , and `INSUFFICIENT_DATA` values. AWS Config does not support the `NOT_APPLICABLE` value for the `Compliance` data type.", - "title": "Type", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Config::ConfigRule.CustomPolicyDetails": { - "additionalProperties": false, - "properties": { - "EnableDebugLogDelivery": { - "markdownDescription": "The boolean expression for enabling debug logging for your AWS Config Custom Policy rule. The default value is `false` .", - "title": "EnableDebugLogDelivery", - "type": "boolean" - }, - "PolicyRuntime": { - "markdownDescription": "The runtime system for your AWS Config Custom Policy rule. Guard is a policy-as-code language that allows you to write policies that are enforced by AWS Config Custom Policy rules. For more information about Guard, see the [Guard GitHub Repository](https://docs.aws.amazon.com/https://github.com/aws-cloudformation/cloudformation-guard) .", - "title": "PolicyRuntime", - "type": "string" - }, - "PolicyText": { - "markdownDescription": "The policy definition containing the logic for your AWS Config Custom Policy rule.", - "title": "PolicyText", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Config::ConfigRule.EvaluationModeConfiguration": { - "additionalProperties": false, - "properties": { - "Mode": { - "markdownDescription": "The mode of an evaluation. The valid values are Detective or Proactive.", - "title": "Mode", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Config::ConfigRule.Scope": { - "additionalProperties": false, - "properties": { - "ComplianceResourceId": { - "markdownDescription": "The ID of the only AWS resource that you want to trigger an evaluation for the rule. If you specify a resource ID, you must specify one resource type for `ComplianceResourceTypes` .", - "title": "ComplianceResourceId", - "type": "string" - }, - "ComplianceResourceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The resource types of only those AWS resources that you want to trigger an evaluation for the rule. You can only specify one type if you also specify a resource ID for `ComplianceResourceId` .", - "title": "ComplianceResourceTypes", - "type": "array" - }, - "TagKey": { - "markdownDescription": "The tag key that is applied to only those AWS resources that you want to trigger an evaluation for the rule.", - "title": "TagKey", - "type": "string" - }, - "TagValue": { - "markdownDescription": "The tag value applied to only those AWS resources that you want to trigger an evaluation for the rule. If you specify a value for `TagValue` , you must also specify a value for `TagKey` .", - "title": "TagValue", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Config::ConfigRule.Source": { - "additionalProperties": false, - "properties": { - "CustomPolicyDetails": { - "$ref": "#/definitions/AWS::Config::ConfigRule.CustomPolicyDetails", - "markdownDescription": "Provides the runtime system, policy definition, and whether debug logging is enabled. Required when owner is set to `CUSTOM_POLICY` .", - "title": "CustomPolicyDetails" - }, - "Owner": { - "markdownDescription": "Indicates whether AWS or the customer owns and manages the AWS Config rule.\n\nAWS Config Managed Rules are predefined rules owned by AWS . For more information, see [AWS Config Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html) in the *AWS Config developer guide* .\n\nAWS Config Custom Rules are rules that you can develop either with Guard ( `CUSTOM_POLICY` ) or AWS Lambda ( `CUSTOM_LAMBDA` ). For more information, see [AWS Config Custom Rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_develop-rules.html) in the *AWS Config developer guide* .", - "title": "Owner", - "type": "string" - }, - "SourceDetails": { - "items": { - "$ref": "#/definitions/AWS::Config::ConfigRule.SourceDetail" - }, - "markdownDescription": "Provides the source and the message types that cause AWS Config to evaluate your AWS resources against a rule. It also provides the frequency with which you want AWS Config to run evaluations for the rule if the trigger type is periodic.\n\nIf the owner is set to `CUSTOM_POLICY` , the only acceptable values for the AWS Config rule trigger message type are `ConfigurationItemChangeNotification` and `OversizedConfigurationItemChangeNotification` .", - "title": "SourceDetails", - "type": "array" - }, - "SourceIdentifier": { - "markdownDescription": "For AWS Config Managed rules, a predefined identifier from a list. For example, `IAM_PASSWORD_POLICY` is a managed rule. To reference a managed rule, see [List of AWS Config Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/managed-rules-by-aws-config.html) .\n\nFor AWS Config Custom Lambda rules, the identifier is the Amazon Resource Name (ARN) of the rule's AWS Lambda function, such as `arn:aws:lambda:us-east-2:123456789012:function:custom_rule_name` .\n\nFor AWS Config Custom Policy rules, this field will be ignored.", - "title": "SourceIdentifier", - "type": "string" - } - }, - "required": [ - "Owner" - ], - "type": "object" - }, - "AWS::Config::ConfigRule.SourceDetail": { - "additionalProperties": false, - "properties": { - "EventSource": { - "markdownDescription": "The source of the event, such as an AWS service, that triggers AWS Config to evaluate your AWS resources.", - "title": "EventSource", - "type": "string" - }, - "MaximumExecutionFrequency": { - "markdownDescription": "The frequency at which you want AWS Config to run evaluations for a custom rule with a periodic trigger. If you specify a value for `MaximumExecutionFrequency` , then `MessageType` must use the `ScheduledNotification` value.\n\n> By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the `MaximumExecutionFrequency` parameter.\n> \n> Based on the valid value you choose, AWS Config runs evaluations once for each valid value. For example, if you choose `Three_Hours` , AWS Config runs evaluations once every three hours. In this case, `Three_Hours` is the frequency of this rule.", - "title": "MaximumExecutionFrequency", - "type": "string" - }, - "MessageType": { - "markdownDescription": "The type of notification that triggers AWS Config to run an evaluation for a rule. You can specify the following notification types:\n\n- `ConfigurationItemChangeNotification` - Triggers an evaluation when AWS Config delivers a configuration item as a result of a resource change.\n- `OversizedConfigurationItemChangeNotification` - Triggers an evaluation when AWS Config delivers an oversized configuration item. AWS Config may generate this notification type when a resource changes and the notification exceeds the maximum size allowed by Amazon SNS.\n- `ScheduledNotification` - Triggers a periodic evaluation at the frequency specified for `MaximumExecutionFrequency` .\n- `ConfigurationSnapshotDeliveryCompleted` - Triggers a periodic evaluation when AWS Config delivers a configuration snapshot.\n\nIf you want your custom rule to be triggered by configuration changes, specify two SourceDetail objects, one for `ConfigurationItemChangeNotification` and one for `OversizedConfigurationItemChangeNotification` .", - "title": "MessageType", - "type": "string" - } - }, - "required": [ - "EventSource", - "MessageType" - ], - "type": "object" - }, - "AWS::Config::ConfigurationAggregator": { + "AWS::CloudWatch::InsightRule": { "additionalProperties": false, "properties": { "Condition": { @@ -48411,38 +54288,42 @@ "Properties": { "additionalProperties": false, "properties": { - "AccountAggregationSources": { - "items": { - "$ref": "#/definitions/AWS::Config::ConfigurationAggregator.AccountAggregationSource" - }, - "markdownDescription": "Provides a list of source accounts and regions to be aggregated.", - "title": "AccountAggregationSources", - "type": "array" + "ApplyOnTransformedLogs": { + "markdownDescription": "Determines whether the rules is evaluated on transformed versions of logs. Valid values are `TRUE` and `FALSE` .", + "title": "ApplyOnTransformedLogs", + "type": "boolean" }, - "ConfigurationAggregatorName": { - "markdownDescription": "The name of the aggregator.", - "title": "ConfigurationAggregatorName", + "RuleBody": { + "markdownDescription": "The definition of the rule, as a JSON object. For details about the syntax, see [Contributor Insights Rule Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/ContributorInsights-RuleSyntax.html) in the *Amazon CloudWatch User Guide* .", + "title": "RuleBody", "type": "string" }, - "OrganizationAggregationSource": { - "$ref": "#/definitions/AWS::Config::ConfigurationAggregator.OrganizationAggregationSource", - "markdownDescription": "Provides an organization and list of regions to be aggregated.", - "title": "OrganizationAggregationSource" + "RuleName": { + "markdownDescription": "The name of the rule.", + "title": "RuleName", + "type": "string" + }, + "RuleState": { + "markdownDescription": "The current state of the rule. Valid values are `ENABLED` and `DISABLED` .", + "title": "RuleState", + "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of tag object.", - "title": "Tags", - "type": "array" + "$ref": "#/definitions/AWS::CloudWatch::InsightRule.Tags", + "markdownDescription": "A list of key-value pairs to associate with the Contributor Insights rule. You can associate as many as 50 tags with a rule.\n\nTags can help you organize and categorize your resources. For more information, see [Tagging Your Amazon CloudWatch Resources](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Tagging.html) .\n\nTo be able to associate tags with a rule, you must have the `cloudwatch:TagResource` permission in addition to the `cloudwatch:PutInsightRule` permission.", + "title": "Tags" } }, + "required": [ + "RuleBody", + "RuleName", + "RuleState" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Config::ConfigurationAggregator" + "AWS::CloudWatch::InsightRule" ], "type": "string" }, @@ -48456,80 +54337,29 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Config::ConfigurationAggregator.AccountAggregationSource": { + "AWS::CloudWatch::InsightRule.Tags": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::CloudWatch::MetricStream": { "additionalProperties": false, "properties": { - "AccountIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The 12-digit account ID of the account being aggregated.", - "title": "AccountIds", - "type": "array" + "Condition": { + "type": "string" }, - "AllAwsRegions": { - "markdownDescription": "If true, aggregate existing AWS Config regions and future regions.", - "title": "AllAwsRegions", - "type": "boolean" - }, - "AwsRegions": { - "items": { - "type": "string" - }, - "markdownDescription": "The source regions being aggregated.", - "title": "AwsRegions", - "type": "array" - } - }, - "required": [ - "AccountIds" - ], - "type": "object" - }, - "AWS::Config::ConfigurationAggregator.OrganizationAggregationSource": { - "additionalProperties": false, - "properties": { - "AllAwsRegions": { - "markdownDescription": "If true, aggregate existing AWS Config regions and future regions.", - "title": "AllAwsRegions", - "type": "boolean" - }, - "AwsRegions": { - "items": { - "type": "string" - }, - "markdownDescription": "The source regions being aggregated.", - "title": "AwsRegions", - "type": "array" - }, - "RoleArn": { - "markdownDescription": "ARN of the IAM role used to retrieve AWS Organizations details associated with the aggregator account.", - "title": "RoleArn", - "type": "string" - } - }, - "required": [ - "RoleArn" - ], - "type": "object" - }, - "AWS::Config::ConfigurationRecorder": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, "DependsOn": { "anyOf": [ @@ -48552,35 +54382,74 @@ "Properties": { "additionalProperties": false, "properties": { + "ExcludeFilters": { + "items": { + "$ref": "#/definitions/AWS::CloudWatch::MetricStream.MetricStreamFilter" + }, + "markdownDescription": "If you specify this parameter, the stream sends metrics from all metric namespaces except for the namespaces that you specify here. You cannot specify both `IncludeFilters` and `ExcludeFilters` in the same metric stream.\n\nWhen you modify the `IncludeFilters` or `ExcludeFilters` of an existing metric stream in any way, the metric stream is effectively restarted, so after such a change you will get only the datapoints that have a timestamp after the time of the update.", + "title": "ExcludeFilters", + "type": "array" + }, + "FirehoseArn": { + "markdownDescription": "The ARN of the Amazon Kinesis Firehose delivery stream to use for this metric stream. This Amazon Kinesis Firehose delivery stream must already exist and must be in the same account as the metric stream.", + "title": "FirehoseArn", + "type": "string" + }, + "IncludeFilters": { + "items": { + "$ref": "#/definitions/AWS::CloudWatch::MetricStream.MetricStreamFilter" + }, + "markdownDescription": "If you specify this parameter, the stream sends only the metrics from the metric namespaces that you specify here. You cannot specify both `IncludeFilters` and `ExcludeFilters` in the same metric stream.\n\nWhen you modify the `IncludeFilters` or `ExcludeFilters` of an existing metric stream in any way, the metric stream is effectively restarted, so after such a change you will get only the datapoints that have a timestamp after the time of the update.", + "title": "IncludeFilters", + "type": "array" + }, + "IncludeLinkedAccountsMetrics": { + "markdownDescription": "If you are creating a metric stream in a monitoring account, specify `true` to include metrics from source accounts that are linked to this monitoring account, in the metric stream. The default is `false` .\n\nFor more information about linking accounts, see [CloudWatch cross-account observability](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Unified-Cross-Account.html)", + "title": "IncludeLinkedAccountsMetrics", + "type": "boolean" + }, "Name": { - "markdownDescription": "The name of the configuration recorder. AWS Config automatically assigns the name of \"default\" when creating the configuration recorder.\n\nYou cannot change the name of the configuration recorder after it has been created. To change the configuration recorder name, you must delete it and create a new configuration recorder with a new name.", + "markdownDescription": "If you are creating a new metric stream, this is the name for the new stream. The name must be different than the names of other metric streams in this account and Region.\n\nIf you are updating a metric stream, specify the name of that stream here.", "title": "Name", "type": "string" }, - "RecordingGroup": { - "$ref": "#/definitions/AWS::Config::ConfigurationRecorder.RecordingGroup", - "markdownDescription": "Specifies which resource types AWS Config records for configuration changes.\n\n> *High Number of AWS Config Evaluations*\n> \n> You may notice increased activity in your account during your initial month recording with AWS Config when compared to subsequent months. During the initial bootstrapping process, AWS Config runs evaluations on all the resources in your account that you have selected for AWS Config to record.\n> \n> If you are running ephemeral workloads, you may see increased activity from AWS Config as it records configuration changes associated with creating and deleting these temporary resources. An *ephemeral workload* is a temporary use of computing resources that are loaded and run when needed. Examples include Amazon Elastic Compute Cloud ( Amazon EC2 ) Spot Instances, Amazon EMR jobs, and AWS Auto Scaling . If you want to avoid the increased activity from running ephemeral workloads, you can run these types of workloads in a separate account with AWS Config turned off to avoid increased configuration recording and rule evaluations.", - "title": "RecordingGroup" - }, - "RecordingMode": { - "$ref": "#/definitions/AWS::Config::ConfigurationRecorder.RecordingMode", - "markdownDescription": "Specifies the default recording frequency for the configuration recorder. AWS Config supports *Continuous recording* and *Daily recording* .\n\n- Continuous recording allows you to record configuration changes continuously whenever a change occurs.\n- Daily recording allows you to receive a configuration item (CI) representing the most recent state of your resources over the last 24-hour period, only if it\u2019s different from the previous CI recorded.\n\n> *Some resource types require continuous recording*\n> \n> AWS Firewall Manager depends on continuous recording to monitor your resources. If you are using Firewall Manager, it is recommended that you set the recording frequency to Continuous. \n\nYou can also override the recording frequency for specific resource types.", - "title": "RecordingMode" + "OutputFormat": { + "markdownDescription": "The output format for the stream. Valid values are `json` , `opentelemetry1.0` and `opentelemetry0.7` For more information about metric stream output formats, see [Metric streams output formats](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-metric-streams-formats.html) .\n\nThis parameter is required.", + "title": "OutputFormat", + "type": "string" }, - "RoleARN": { - "markdownDescription": "Amazon Resource Name (ARN) of the IAM role assumed by AWS Config and used by the configuration recorder. For more information, see [Permissions for the IAM Role Assigned](https://docs.aws.amazon.com/config/latest/developerguide/iamrole-permissions.html) to AWS Config in the AWS Config Developer Guide.\n\n> *Pre-existing AWS Config role*\n> \n> If you have used an AWS service that uses AWS Config , such as AWS Security Hub or AWS Control Tower , and an AWS Config role has already been created, make sure that the IAM role that you use when setting up AWS Config keeps the same minimum permissions as the already created AWS Config role. You must do this so that the other AWS service continues to run as expected.\n> \n> For example, if AWS Control Tower has an IAM role that allows AWS Config to read Amazon Simple Storage Service ( Amazon S3 ) objects, make sure that the same permissions are granted within the IAM role you use when setting up AWS Config . Otherwise, it may interfere with how AWS Control Tower operates. For more information about IAM roles for AWS Config , see [*Identity and Access Management for AWS Config*](https://docs.aws.amazon.com/config/latest/developerguide/security-iam.html) in the *AWS Config Developer Guide* .", - "title": "RoleARN", + "RoleArn": { + "markdownDescription": "The ARN of an IAM role that this metric stream will use to access Amazon Kinesis Firehose resources. This IAM role must already exist and must be in the same account as the metric stream. This IAM role must include the `firehose:PutRecord` and `firehose:PutRecordBatch` permissions.", + "title": "RoleArn", "type": "string" + }, + "StatisticsConfigurations": { + "items": { + "$ref": "#/definitions/AWS::CloudWatch::MetricStream.MetricStreamStatisticsConfiguration" + }, + "markdownDescription": "By default, a metric stream always sends the MAX, MIN, SUM, and SAMPLECOUNT statistics for each metric that is streamed. You can use this parameter to have the metric stream also send additional statistics in the stream. This array can have up to 100 members.\n\nFor each entry in this array, you specify one or more metrics and the list of additional statistics to stream for those metrics. The additional statistics that you can stream depend on the stream's `OutputFormat` . If the `OutputFormat` is `json` , you can stream any additional statistic that is supported by CloudWatch , listed in [CloudWatch statistics definitions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Statistics-definitions.html) . If the `OutputFormat` is OpenTelemetry, you can stream percentile statistics.", + "title": "StatisticsConfigurations", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to the metric stream.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, "required": [ - "RoleARN" + "FirehoseArn", + "OutputFormat", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Config::ConfigurationRecorder" + "AWS::CloudWatch::MetricStream" ], "type": "string" }, @@ -48599,122 +54468,75 @@ ], "type": "object" }, - "AWS::Config::ConfigurationRecorder.ExclusionByResourceTypes": { + "AWS::CloudWatch::MetricStream.MetricStreamFilter": { "additionalProperties": false, "properties": { - "ResourceTypes": { + "MetricNames": { "items": { "type": "string" }, - "markdownDescription": "A comma-separated list of resource types to exclude from recording by the configuration recorder.", - "title": "ResourceTypes", + "markdownDescription": "The names of the metrics to either include or exclude from the metric stream.\n\nIf you omit this parameter, all metrics in the namespace are included or excluded, depending on whether this filter is specified as an exclude filter or an include filter.\n\nEach metric name can contain only ASCII printable characters (ASCII range 32 through 126). Each metric name must contain at least one non-whitespace character.", + "title": "MetricNames", "type": "array" + }, + "Namespace": { + "markdownDescription": "The name of the metric namespace in the filter.\n\nThe namespace can contain only ASCII printable characters (ASCII range 32 through 126). It must contain at least one non-whitespace character.", + "title": "Namespace", + "type": "string" } }, "required": [ - "ResourceTypes" + "Namespace" ], "type": "object" }, - "AWS::Config::ConfigurationRecorder.RecordingGroup": { + "AWS::CloudWatch::MetricStream.MetricStreamStatisticsConfiguration": { "additionalProperties": false, "properties": { - "AllSupported": { - "markdownDescription": "Specifies whether AWS Config records configuration changes for all supported resource types, excluding the global IAM resource types.\n\nIf you set this field to `true` , when AWS Config adds support for a new resource type, AWS Config starts recording resources of that type automatically.\n\nIf you set this field to `true` , you cannot enumerate specific resource types to record in the `resourceTypes` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) , or to exclude in the `resourceTypes` field of [ExclusionByResourceTypes](https://docs.aws.amazon.com/config/latest/APIReference/API_ExclusionByResourceTypes.html) .\n\n> *Region availability*\n> \n> Check [Resource Coverage by Region Availability](https://docs.aws.amazon.com/config/latest/developerguide/what-is-resource-config-coverage.html) to see if a resource type is supported in the AWS Region where you set up AWS Config .", - "title": "AllSupported", - "type": "boolean" - }, - "ExclusionByResourceTypes": { - "$ref": "#/definitions/AWS::Config::ConfigurationRecorder.ExclusionByResourceTypes", - "markdownDescription": "An object that specifies how AWS Config excludes resource types from being recorded by the configuration recorder.\n\nTo use this option, you must set the `useOnly` field of [AWS::Config::ConfigurationRecorder RecordingStrategy](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-config-configurationrecorder-recordingstrategy.html) to `EXCLUSION_BY_RESOURCE_TYPES` .", - "title": "ExclusionByResourceTypes" - }, - "IncludeGlobalResourceTypes": { - "markdownDescription": "This option is a bundle which only applies to the global IAM resource types: IAM users, groups, roles, and customer managed policies. These global IAM resource types can only be recorded by AWS Config in Regions where AWS Config was available before February 2022. You cannot be record the global IAM resouce types in Regions supported by AWS Config after February 2022. This list where you cannot record the global IAM resource types includes the following Regions:\n\n- Asia Pacific (Hyderabad)\n- Asia Pacific (Melbourne)\n- Canada West (Calgary)\n- Europe (Spain)\n- Europe (Zurich)\n- Israel (Tel Aviv)\n- Middle East (UAE)\n\n> *Aurora global clusters are recorded in all enabled Regions*\n> \n> The `AWS::RDS::GlobalCluster` resource type will be recorded in all supported AWS Config Regions where the configuration recorder is enabled, even if `IncludeGlobalResourceTypes` is set to `false` . The `IncludeGlobalResourceTypes` option is a bundle which only applies to IAM users, groups, roles, and customer managed policies.\n> \n> If you do not want to record `AWS::RDS::GlobalCluster` in all enabled Regions, use one of the following recording strategies:\n> \n> - *Record all current and future resource types with exclusions* ( `EXCLUSION_BY_RESOURCE_TYPES` ), or\n> - *Record specific resource types* ( `INCLUSION_BY_RESOURCE_TYPES` ).\n> \n> For more information, see [Selecting Which Resources are Recorded](https://docs.aws.amazon.com/config/latest/developerguide/select-resources.html#select-resources-all) in the *AWS Config developer guide* . > *IncludeGlobalResourceTypes and the exclusion recording strategy*\n> \n> The `IncludeGlobalResourceTypes` field has no impact on the `EXCLUSION_BY_RESOURCE_TYPES` recording strategy. This means that the global IAM resource types ( IAM users, groups, roles, and customer managed policies) will not be automatically added as exclusions for `ExclusionByResourceTypes` when `IncludeGlobalResourceTypes` is set to `false` .\n> \n> The `IncludeGlobalResourceTypes` field should only be used to modify the `AllSupported` field, as the default for the `AllSupported` field is to record configuration changes for all supported resource types excluding the global IAM resource types. To include the global IAM resource types when `AllSupported` is set to `true` , make sure to set `IncludeGlobalResourceTypes` to `true` .\n> \n> To exclude the global IAM resource types for the `EXCLUSION_BY_RESOURCE_TYPES` recording strategy, you need to manually add them to the `ResourceTypes` field of `ExclusionByResourceTypes` . > *Required and optional fields*\n> \n> Before you set this field to `true` , set the `AllSupported` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) to `true` . Optionally, you can set the `useOnly` field of [RecordingStrategy](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingStrategy.html) to `ALL_SUPPORTED_RESOURCE_TYPES` . > *Overriding fields*\n> \n> If you set this field to `false` but list global IAM resource types in the `ResourceTypes` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) , AWS Config will still record configuration changes for those specified resource types *regardless* of if you set the `IncludeGlobalResourceTypes` field to false.\n> \n> If you do not want to record configuration changes to the global IAM resource types (IAM users, groups, roles, and customer managed policies), make sure to not list them in the `ResourceTypes` field in addition to setting the `IncludeGlobalResourceTypes` field to false.", - "title": "IncludeGlobalResourceTypes", - "type": "boolean" - }, - "RecordingStrategy": { - "$ref": "#/definitions/AWS::Config::ConfigurationRecorder.RecordingStrategy", - "markdownDescription": "An object that specifies the recording strategy for the configuration recorder.\n\n- If you set the `useOnly` field of [RecordingStrategy](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingStrategy.html) to `ALL_SUPPORTED_RESOURCE_TYPES` , AWS Config records configuration changes for all supported resource types, excluding the global IAM resource types. You also must set the `AllSupported` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) to `true` . When AWS Config adds support for a new resource type, AWS Config automatically starts recording resources of that type.\n- If you set the `useOnly` field of [RecordingStrategy](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingStrategy.html) to `INCLUSION_BY_RESOURCE_TYPES` , AWS Config records configuration changes for only the resource types you specify in the `ResourceTypes` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) .\n- If you set the `useOnly` field of [RecordingStrategy](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingStrategy.html) to `EXCLUSION_BY_RESOURCE_TYPES` , AWS Config records configuration changes for all supported resource types except the resource types that you specify to exclude from being recorded in the `ResourceTypes` field of [ExclusionByResourceTypes](https://docs.aws.amazon.com/config/latest/APIReference/API_ExclusionByResourceTypes.html) .\n\n> *Required and optional fields*\n> \n> The `recordingStrategy` field is optional when you set the `AllSupported` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) to `true` .\n> \n> The `recordingStrategy` field is optional when you list resource types in the `ResourceTypes` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) .\n> \n> The `recordingStrategy` field is required if you list resource types to exclude from recording in the `ResourceTypes` field of [ExclusionByResourceTypes](https://docs.aws.amazon.com/config/latest/APIReference/API_ExclusionByResourceTypes.html) . > *Overriding fields*\n> \n> If you choose `EXCLUSION_BY_RESOURCE_TYPES` for the recording strategy, the `ExclusionByResourceTypes` field will override other properties in the request.\n> \n> For example, even if you set `IncludeGlobalResourceTypes` to false, global IAM resource types will still be automatically recorded in this option unless those resource types are specifically listed as exclusions in the `ResourceTypes` field of `ExclusionByResourceTypes` . > *Global resources types and the resource exclusion recording strategy*\n> \n> By default, if you choose the `EXCLUSION_BY_RESOURCE_TYPES` recording strategy, when AWS Config adds support for a new resource type in the Region where you set up the configuration recorder, including global resource types, AWS Config starts recording resources of that type automatically.\n> \n> Unless specifically listed as exclusions, `AWS::RDS::GlobalCluster` will be recorded automatically in all supported AWS Config Regions were the configuration recorder is enabled.\n> \n> IAM users, groups, roles, and customer managed policies will be recorded in the Region where you set up the configuration recorder if that is a Region where AWS Config was available before February 2022. You cannot be record the global IAM resouce types in Regions supported by AWS Config after February 2022. This list where you cannot record the global IAM resource types includes the following Regions:\n> \n> - Asia Pacific (Hyderabad)\n> - Asia Pacific (Melbourne)\n> - Canada West (Calgary)\n> - Europe (Spain)\n> - Europe (Zurich)\n> - Israel (Tel Aviv)\n> - Middle East (UAE)", - "title": "RecordingStrategy" - }, - "ResourceTypes": { + "AdditionalStatistics": { "items": { "type": "string" }, - "markdownDescription": "A comma-separated list that specifies which resource types AWS Config records.\n\nFor a list of valid `ResourceTypes` values, see the *Resource Type Value* column in [Supported AWS resource Types](https://docs.aws.amazon.com/config/latest/developerguide/resource-config-reference.html#supported-resources) in the *AWS Config developer guide* .\n\n> *Required and optional fields*\n> \n> Optionally, you can set the `useOnly` field of [RecordingStrategy](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingStrategy.html) to `INCLUSION_BY_RESOURCE_TYPES` .\n> \n> To record all configuration changes, set the `AllSupported` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) to `true` , and either omit this field or don't specify any resource types in this field. If you set the `AllSupported` field to `false` and specify values for `ResourceTypes` , when AWS Config adds support for a new type of resource, it will not record resources of that type unless you manually add that type to your recording group. > *Region availability*\n> \n> Before specifying a resource type for AWS Config to track, check [Resource Coverage by Region Availability](https://docs.aws.amazon.com/config/latest/developerguide/what-is-resource-config-coverage.html) to see if the resource type is supported in the AWS Region where you set up AWS Config . If a resource type is supported by AWS Config in at least one Region, you can enable the recording of that resource type in all Regions supported by AWS Config , even if the specified resource type is not supported in the AWS Region where you set up AWS Config .", - "title": "ResourceTypes", + "markdownDescription": "The additional statistics to stream for the metrics listed in `IncludeMetrics` .", + "title": "AdditionalStatistics", "type": "array" - } - }, - "type": "object" - }, - "AWS::Config::ConfigurationRecorder.RecordingMode": { - "additionalProperties": false, - "properties": { - "RecordingFrequency": { - "markdownDescription": "The default recording frequency that AWS Config uses to record configuration changes.\n\n> Daily recording cannot be specified for the following resource types:\n> \n> - `AWS::Config::ResourceCompliance`\n> - `AWS::Config::ConformancePackCompliance`\n> - `AWS::Config::ConfigurationRecorder`\n> \n> For the *allSupported* ( `ALL_SUPPORTED_RESOURCE_TYPES` ) recording strategy, these resource types will be set to Continuous recording.", - "title": "RecordingFrequency", - "type": "string" }, - "RecordingModeOverrides": { + "IncludeMetrics": { "items": { - "$ref": "#/definitions/AWS::Config::ConfigurationRecorder.RecordingModeOverride" + "$ref": "#/definitions/AWS::CloudWatch::MetricStream.MetricStreamStatisticsMetric" }, - "markdownDescription": "An array of `recordingModeOverride` objects for you to specify your overrides for the recording mode. The `recordingModeOverride` object in the `recordingModeOverrides` array consists of three fields: a `description` , the new `recordingFrequency` , and an array of `resourceTypes` to override.", - "title": "RecordingModeOverrides", + "markdownDescription": "An array that defines the metrics that are to have additional statistics streamed.", + "title": "IncludeMetrics", "type": "array" } }, "required": [ - "RecordingFrequency" + "AdditionalStatistics", + "IncludeMetrics" ], "type": "object" }, - "AWS::Config::ConfigurationRecorder.RecordingModeOverride": { + "AWS::CloudWatch::MetricStream.MetricStreamStatisticsMetric": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description that you provide for the override.", - "title": "Description", - "type": "string" - }, - "RecordingFrequency": { - "markdownDescription": "The recording frequency that will be applied to all the resource types specified in the override.\n\n- Continuous recording allows you to record configuration changes continuously whenever a change occurs.\n- Daily recording allows you to receive a configuration item (CI) representing the most recent state of your resources over the last 24-hour period, only if it\u2019s different from the previous CI recorded.\n\n> AWS Firewall Manager depends on continuous recording to monitor your resources. If you are using Firewall Manager, it is recommended that you set the recording frequency to Continuous.", - "title": "RecordingFrequency", + "MetricName": { + "markdownDescription": "The name of the metric.", + "title": "MetricName", "type": "string" }, - "ResourceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "A comma-separated list that specifies which resource types AWS Config includes in the override.\n\n> Daily recording cannot be specified for the following resource types:\n> \n> - `AWS::Config::ResourceCompliance`\n> - `AWS::Config::ConformancePackCompliance`\n> - `AWS::Config::ConfigurationRecorder`", - "title": "ResourceTypes", - "type": "array" - } - }, - "required": [ - "RecordingFrequency", - "ResourceTypes" - ], - "type": "object" - }, - "AWS::Config::ConfigurationRecorder.RecordingStrategy": { - "additionalProperties": false, - "properties": { - "UseOnly": { - "markdownDescription": "The recording strategy for the configuration recorder.\n\n- If you set this option to `ALL_SUPPORTED_RESOURCE_TYPES` , AWS Config records configuration changes for all supported resource types, excluding the global IAM resource types. You also must set the `AllSupported` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) to `true` . When AWS Config adds support for a new resource type, AWS Config automatically starts recording resources of that type. For a list of supported resource types, see [Supported Resource Types](https://docs.aws.amazon.com/config/latest/developerguide/resource-config-reference.html#supported-resources) in the *AWS Config developer guide* .\n- If you set this option to `INCLUSION_BY_RESOURCE_TYPES` , AWS Config records configuration changes for only the resource types that you specify in the `ResourceTypes` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) .\n- If you set this option to `EXCLUSION_BY_RESOURCE_TYPES` , AWS Config records configuration changes for all supported resource types, except the resource types that you specify to exclude from being recorded in the `ResourceTypes` field of [ExclusionByResourceTypes](https://docs.aws.amazon.com/config/latest/APIReference/API_ExclusionByResourceTypes.html) .\n\n> *Required and optional fields*\n> \n> The `recordingStrategy` field is optional when you set the `AllSupported` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) to `true` .\n> \n> The `recordingStrategy` field is optional when you list resource types in the `ResourceTypes` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) .\n> \n> The `recordingStrategy` field is required if you list resource types to exclude from recording in the `ResourceTypes` field of [ExclusionByResourceTypes](https://docs.aws.amazon.com/config/latest/APIReference/API_ExclusionByResourceTypes.html) . > *Overriding fields*\n> \n> If you choose `EXCLUSION_BY_RESOURCE_TYPES` for the recording strategy, the `ExclusionByResourceTypes` field will override other properties in the request.\n> \n> For example, even if you set `IncludeGlobalResourceTypes` to false, global IAM resource types will still be automatically recorded in this option unless those resource types are specifically listed as exclusions in the `ResourceTypes` field of `ExclusionByResourceTypes` . > *Global resource types and the exclusion recording strategy*\n> \n> By default, if you choose the `EXCLUSION_BY_RESOURCE_TYPES` recording strategy, when AWS Config adds support for a new resource type in the Region where you set up the configuration recorder, including global resource types, AWS Config starts recording resources of that type automatically.\n> \n> Unless specifically listed as exclusions, `AWS::RDS::GlobalCluster` will be recorded automatically in all supported AWS Config Regions were the configuration recorder is enabled.\n> \n> IAM users, groups, roles, and customer managed policies will be recorded in the Region where you set up the configuration recorder if that is a Region where AWS Config was available before February 2022. You cannot be record the global IAM resouce types in Regions supported by AWS Config after February 2022. This list where you cannot record the global IAM resource types includes the following Regions:\n> \n> - Asia Pacific (Hyderabad)\n> - Asia Pacific (Melbourne)\n> - Canada West (Calgary)\n> - Europe (Spain)\n> - Europe (Zurich)\n> - Israel (Tel Aviv)\n> - Middle East (UAE)", - "title": "UseOnly", + "Namespace": { + "markdownDescription": "The namespace of the metric.", + "title": "Namespace", "type": "string" } }, "required": [ - "UseOnly" + "MetricName", + "Namespace" ], "type": "object" }, - "AWS::Config::ConformancePack": { + "AWS::CodeArtifact::Domain": { "additionalProperties": false, "properties": { "Condition": { @@ -48749,53 +54571,38 @@ "Properties": { "additionalProperties": false, "properties": { - "ConformancePackInputParameters": { - "items": { - "$ref": "#/definitions/AWS::Config::ConformancePack.ConformancePackInputParameter" - }, - "markdownDescription": "A list of ConformancePackInputParameter objects.", - "title": "ConformancePackInputParameters", - "type": "array" - }, - "ConformancePackName": { - "markdownDescription": "Name of the conformance pack you want to create.", - "title": "ConformancePackName", - "type": "string" - }, - "DeliveryS3Bucket": { - "markdownDescription": "The name of the Amazon S3 bucket where AWS Config stores conformance pack templates.", - "title": "DeliveryS3Bucket", - "type": "string" - }, - "DeliveryS3KeyPrefix": { - "markdownDescription": "The prefix for the Amazon S3 bucket.", - "title": "DeliveryS3KeyPrefix", + "DomainName": { + "markdownDescription": "A string that specifies the name of the requested domain.", + "title": "DomainName", "type": "string" }, - "TemplateBody": { - "markdownDescription": "A string containing full conformance pack template body. Structure containing the template body with a minimum length of 1 byte and a maximum length of 51,200 bytes.\n\n> You can only use a YAML template with two resource types: config rule ( `AWS::Config::ConfigRule` ) and a remediation action ( `AWS::Config::RemediationConfiguration` ).", - "title": "TemplateBody", + "EncryptionKey": { + "markdownDescription": "The key used to encrypt the domain.", + "title": "EncryptionKey", "type": "string" }, - "TemplateS3Uri": { - "markdownDescription": "Location of file containing the template body (s3://bucketname/prefix). The uri must point to the conformance pack template (max size: 300 KB) that is located in an Amazon S3 bucket.\n\n> You must have access to read Amazon S3 bucket.", - "title": "TemplateS3Uri", - "type": "string" + "PermissionsPolicyDocument": { + "markdownDescription": "The document that defines the resource policy that is set on a domain.", + "title": "PermissionsPolicyDocument", + "type": "object" }, - "TemplateSSMDocumentDetails": { - "$ref": "#/definitions/AWS::Config::ConformancePack.TemplateSSMDocumentDetails", - "markdownDescription": "An object that contains the name or Amazon Resource Name (ARN) of the AWS Systems Manager document (SSM document) and the version of the SSM document that is used to create a conformance pack.", - "title": "TemplateSSMDocumentDetails" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags to be applied to the domain.", + "title": "Tags", + "type": "array" } }, "required": [ - "ConformancePackName" + "DomainName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Config::ConformancePack" + "AWS::CodeArtifact::Domain" ], "type": "string" }, @@ -48814,43 +54621,7 @@ ], "type": "object" }, - "AWS::Config::ConformancePack.ConformancePackInputParameter": { - "additionalProperties": false, - "properties": { - "ParameterName": { - "markdownDescription": "One part of a key-value pair.", - "title": "ParameterName", - "type": "string" - }, - "ParameterValue": { - "markdownDescription": "Another part of the key-value pair.", - "title": "ParameterValue", - "type": "string" - } - }, - "required": [ - "ParameterName", - "ParameterValue" - ], - "type": "object" - }, - "AWS::Config::ConformancePack.TemplateSSMDocumentDetails": { - "additionalProperties": false, - "properties": { - "DocumentName": { - "markdownDescription": "The name or Amazon Resource Name (ARN) of the SSM document to use to create a conformance pack. If you use the document name, AWS Config checks only your account and AWS Region for the SSM document.", - "title": "DocumentName", - "type": "string" - }, - "DocumentVersion": { - "markdownDescription": "The version of the SSM document to use to create a conformance pack. By default, AWS Config uses the latest version.\n\n> This field is optional.", - "title": "DocumentVersion", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Config::DeliveryChannel": { + "AWS::CodeArtifact::PackageGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -48885,146 +54656,54 @@ "Properties": { "additionalProperties": false, "properties": { - "ConfigSnapshotDeliveryProperties": { - "$ref": "#/definitions/AWS::Config::DeliveryChannel.ConfigSnapshotDeliveryProperties", - "markdownDescription": "The options for how often AWS Config delivers configuration snapshots to the Amazon S3 bucket.", - "title": "ConfigSnapshotDeliveryProperties" - }, - "Name": { - "markdownDescription": "A name for the delivery channel. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the delivery channel name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nUpdates are not supported. To change the name, you must run two separate updates. In the first update, delete this resource, and then recreate it with a new name in the second update.", - "title": "Name", + "ContactInfo": { + "markdownDescription": "The contact information of the package group.", + "title": "ContactInfo", "type": "string" }, - "S3BucketName": { - "markdownDescription": "The name of the Amazon S3 bucket to which AWS Config delivers configuration snapshots and configuration history files.\n\nIf you specify a bucket that belongs to another AWS account , that bucket must have policies that grant access permissions to AWS Config . For more information, see [Permissions for the Amazon S3 Bucket](https://docs.aws.amazon.com/config/latest/developerguide/s3-bucket-policy.html) in the *AWS Config Developer Guide* .", - "title": "S3BucketName", + "Description": { + "markdownDescription": "The description of the package group.", + "title": "Description", "type": "string" }, - "S3KeyPrefix": { - "markdownDescription": "The prefix for the specified Amazon S3 bucket.", - "title": "S3KeyPrefix", + "DomainName": { + "markdownDescription": "The domain that contains the package group.", + "title": "DomainName", "type": "string" }, - "S3KmsKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Key Management Service ( AWS KMS ) AWS KMS key (KMS key) used to encrypt objects delivered by AWS Config . Must belong to the same Region as the destination S3 bucket.", - "title": "S3KmsKeyArn", + "DomainOwner": { + "markdownDescription": "The 12-digit account number of the AWS account that owns the domain. It does not include dashes or spaces.", + "title": "DomainOwner", "type": "string" }, - "SnsTopicARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to which AWS Config sends notifications about configuration changes.\n\nIf you choose a topic from another account, the topic must have policies that grant access permissions to AWS Config . For more information, see [Permissions for the Amazon SNS Topic](https://docs.aws.amazon.com/config/latest/developerguide/sns-topic-policy.html) in the *AWS Config Developer Guide* .", - "title": "SnsTopicARN", - "type": "string" - } - }, - "required": [ - "S3BucketName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Config::DeliveryChannel" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::Config::DeliveryChannel.ConfigSnapshotDeliveryProperties": { - "additionalProperties": false, - "properties": { - "DeliveryFrequency": { - "markdownDescription": "The frequency with which AWS Config delivers configuration snapshots.", - "title": "DeliveryFrequency", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Config::OrganizationConfigRule": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + "OriginConfiguration": { + "$ref": "#/definitions/AWS::CodeArtifact::PackageGroup.OriginConfiguration", + "markdownDescription": "Details about the package origin configuration of a package group.", + "title": "OriginConfiguration" + }, + "Pattern": { + "markdownDescription": "The pattern of the package group. The pattern determines which packages are associated with the package group.", + "title": "Pattern", "type": "string" }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ExcludedAccounts": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "A comma-separated list of accounts excluded from organization AWS Config rule.", - "title": "ExcludedAccounts", + "markdownDescription": "", + "title": "Tags", "type": "array" - }, - "OrganizationConfigRuleName": { - "markdownDescription": "The name that you assign to organization AWS Config rule.", - "title": "OrganizationConfigRuleName", - "type": "string" - }, - "OrganizationCustomPolicyRuleMetadata": { - "$ref": "#/definitions/AWS::Config::OrganizationConfigRule.OrganizationCustomPolicyRuleMetadata", - "markdownDescription": "An object that specifies metadata for your organization's AWS Config Custom Policy rule. The metadata includes the runtime system in use, which accounts have debug logging enabled, and other custom rule metadata, such as resource type, resource ID of AWS resource, and organization trigger types that initiate AWS Config to evaluate AWS resources against a rule.", - "title": "OrganizationCustomPolicyRuleMetadata" - }, - "OrganizationCustomRuleMetadata": { - "$ref": "#/definitions/AWS::Config::OrganizationConfigRule.OrganizationCustomRuleMetadata", - "markdownDescription": "An `OrganizationCustomRuleMetadata` object.", - "title": "OrganizationCustomRuleMetadata" - }, - "OrganizationManagedRuleMetadata": { - "$ref": "#/definitions/AWS::Config::OrganizationConfigRule.OrganizationManagedRuleMetadata", - "markdownDescription": "An `OrganizationManagedRuleMetadata` object.", - "title": "OrganizationManagedRuleMetadata" } }, "required": [ - "OrganizationConfigRuleName" + "DomainName", + "Pattern" ], "type": "object" }, "Type": { "enum": [ - "AWS::Config::OrganizationConfigRule" + "AWS::CodeArtifact::PackageGroup" ], "type": "string" }, @@ -49043,194 +54722,64 @@ ], "type": "object" }, - "AWS::Config::OrganizationConfigRule.OrganizationCustomPolicyRuleMetadata": { + "AWS::CodeArtifact::PackageGroup.OriginConfiguration": { "additionalProperties": false, "properties": { - "DebugLogDeliveryAccounts": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of accounts that you can enable debug logging for your organization AWS Config Custom Policy rule. List is null when debug logging is enabled for all accounts.", - "title": "DebugLogDeliveryAccounts", - "type": "array" - }, - "Description": { - "markdownDescription": "The description that you provide for your organization AWS Config Custom Policy rule.", - "title": "Description", - "type": "string" - }, - "InputParameters": { - "markdownDescription": "A string, in JSON format, that is passed to your organization AWS Config Custom Policy rule.", - "title": "InputParameters", - "type": "string" - }, - "MaximumExecutionFrequency": { - "markdownDescription": "The maximum frequency with which AWS Config runs evaluations for a rule. Your AWS Config Custom Policy rule is triggered when AWS Config delivers the configuration snapshot. For more information, see `ConfigSnapshotDeliveryProperties` .", - "title": "MaximumExecutionFrequency", - "type": "string" - }, - "OrganizationConfigRuleTriggerTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The type of notification that initiates AWS Config to run an evaluation for a rule. For AWS Config Custom Policy rules, AWS Config supports change-initiated notification types:\n\n- `ConfigurationItemChangeNotification` - Initiates an evaluation when AWS Config delivers a configuration item as a result of a resource change.\n- `OversizedConfigurationItemChangeNotification` - Initiates an evaluation when AWS Config delivers an oversized configuration item. AWS Config may generate this notification type when a resource changes and the notification exceeds the maximum size allowed by Amazon SNS.", - "title": "OrganizationConfigRuleTriggerTypes", - "type": "array" - }, - "PolicyText": { - "markdownDescription": "The policy definition containing the logic for your organization AWS Config Custom Policy rule.", - "title": "PolicyText", - "type": "string" - }, - "ResourceIdScope": { - "markdownDescription": "The ID of the AWS resource that was evaluated.", - "title": "ResourceIdScope", - "type": "string" - }, - "ResourceTypesScope": { - "items": { - "type": "string" - }, - "markdownDescription": "The type of the AWS resource that was evaluated.", - "title": "ResourceTypesScope", - "type": "array" - }, - "Runtime": { - "markdownDescription": "The runtime system for your organization AWS Config Custom Policy rules. Guard is a policy-as-code language that allows you to write policies that are enforced by AWS Config Custom Policy rules. For more information about Guard, see the [Guard GitHub Repository](https://docs.aws.amazon.com/https://github.com/aws-cloudformation/cloudformation-guard) .", - "title": "Runtime", - "type": "string" - }, - "TagKeyScope": { - "markdownDescription": "One part of a key-value pair that make up a tag. A key is a general label that acts like a category for more specific tag values.", - "title": "TagKeyScope", - "type": "string" - }, - "TagValueScope": { - "markdownDescription": "The optional part of a key-value pair that make up a tag. A value acts as a descriptor within a tag category (key).", - "title": "TagValueScope", - "type": "string" + "Restrictions": { + "$ref": "#/definitions/AWS::CodeArtifact::PackageGroup.Restrictions", + "markdownDescription": "", + "title": "Restrictions" } }, "required": [ - "PolicyText", - "Runtime" + "Restrictions" ], "type": "object" }, - "AWS::Config::OrganizationConfigRule.OrganizationCustomRuleMetadata": { + "AWS::CodeArtifact::PackageGroup.RestrictionType": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description that you provide for your organization AWS Config rule.", - "title": "Description", - "type": "string" - }, - "InputParameters": { - "markdownDescription": "A string, in JSON format, that is passed to your organization AWS Config rule Lambda function.", - "title": "InputParameters", - "type": "string" - }, - "LambdaFunctionArn": { - "markdownDescription": "The lambda function ARN.", - "title": "LambdaFunctionArn", - "type": "string" - }, - "MaximumExecutionFrequency": { - "markdownDescription": "The maximum frequency with which AWS Config runs evaluations for a rule. Your custom rule is triggered when AWS Config delivers the configuration snapshot. For more information, see `ConfigSnapshotDeliveryProperties` .\n\n> By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the `MaximumExecutionFrequency` parameter.", - "title": "MaximumExecutionFrequency", - "type": "string" - }, - "OrganizationConfigRuleTriggerTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The type of notification that triggers AWS Config to run an evaluation for a rule. You can specify the following notification types:\n\n- `ConfigurationItemChangeNotification` - Triggers an evaluation when AWS Config delivers a configuration item as a result of a resource change.\n- `OversizedConfigurationItemChangeNotification` - Triggers an evaluation when AWS Config delivers an oversized configuration item. AWS Config may generate this notification type when a resource changes and the notification exceeds the maximum size allowed by Amazon SNS.\n- `ScheduledNotification` - Triggers a periodic evaluation at the frequency specified for `MaximumExecutionFrequency` .", - "title": "OrganizationConfigRuleTriggerTypes", - "type": "array" - }, - "ResourceIdScope": { - "markdownDescription": "The ID of the AWS resource that was evaluated.", - "title": "ResourceIdScope", - "type": "string" - }, - "ResourceTypesScope": { + "Repositories": { "items": { "type": "string" }, - "markdownDescription": "The type of the AWS resource that was evaluated.", - "title": "ResourceTypesScope", + "markdownDescription": "", + "title": "Repositories", "type": "array" }, - "TagKeyScope": { - "markdownDescription": "One part of a key-value pair that make up a tag. A key is a general label that acts like a category for more specific tag values.", - "title": "TagKeyScope", - "type": "string" - }, - "TagValueScope": { - "markdownDescription": "The optional part of a key-value pair that make up a tag. A value acts as a descriptor within a tag category (key).", - "title": "TagValueScope", + "RestrictionMode": { + "markdownDescription": "", + "title": "RestrictionMode", "type": "string" } }, "required": [ - "LambdaFunctionArn", - "OrganizationConfigRuleTriggerTypes" + "RestrictionMode" ], "type": "object" }, - "AWS::Config::OrganizationConfigRule.OrganizationManagedRuleMetadata": { + "AWS::CodeArtifact::PackageGroup.Restrictions": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description that you provide for your organization AWS Config rule.", - "title": "Description", - "type": "string" - }, - "InputParameters": { - "markdownDescription": "A string, in JSON format, that is passed to your organization AWS Config rule Lambda function.", - "title": "InputParameters", - "type": "string" - }, - "MaximumExecutionFrequency": { - "markdownDescription": "The maximum frequency with which AWS Config runs evaluations for a rule. This is for an AWS Config managed rule that is triggered at a periodic frequency.\n\n> By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the `MaximumExecutionFrequency` parameter.", - "title": "MaximumExecutionFrequency", - "type": "string" - }, - "ResourceIdScope": { - "markdownDescription": "The ID of the AWS resource that was evaluated.", - "title": "ResourceIdScope", - "type": "string" - }, - "ResourceTypesScope": { - "items": { - "type": "string" - }, - "markdownDescription": "The type of the AWS resource that was evaluated.", - "title": "ResourceTypesScope", - "type": "array" - }, - "RuleIdentifier": { - "markdownDescription": "For organization config managed rules, a predefined identifier from a list. For example, `IAM_PASSWORD_POLICY` is a managed rule. To reference a managed rule, see [Using AWS Config managed rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html) .", - "title": "RuleIdentifier", - "type": "string" + "ExternalUpstream": { + "$ref": "#/definitions/AWS::CodeArtifact::PackageGroup.RestrictionType", + "markdownDescription": "", + "title": "ExternalUpstream" }, - "TagKeyScope": { - "markdownDescription": "One part of a key-value pair that make up a tag. A key is a general label that acts like a category for more specific tag values.", - "title": "TagKeyScope", - "type": "string" + "InternalUpstream": { + "$ref": "#/definitions/AWS::CodeArtifact::PackageGroup.RestrictionType", + "markdownDescription": "", + "title": "InternalUpstream" }, - "TagValueScope": { - "markdownDescription": "The optional part of a key-value pair that make up a tag. A value acts as a descriptor within a tag category (key).", - "title": "TagValueScope", - "type": "string" + "Publish": { + "$ref": "#/definitions/AWS::CodeArtifact::PackageGroup.RestrictionType", + "markdownDescription": "", + "title": "Publish" } }, - "required": [ - "RuleIdentifier" - ], "type": "object" }, - "AWS::Config::OrganizationConformancePack": { + "AWS::CodeArtifact::Repository": { "additionalProperties": false, "properties": { "Condition": { @@ -49265,56 +54814,65 @@ "Properties": { "additionalProperties": false, "properties": { - "ConformancePackInputParameters": { - "items": { - "$ref": "#/definitions/AWS::Config::OrganizationConformancePack.ConformancePackInputParameter" - }, - "markdownDescription": "A list of `ConformancePackInputParameter` objects.", - "title": "ConformancePackInputParameters", - "type": "array" + "Description": { + "markdownDescription": "A text description of the repository.", + "title": "Description", + "type": "string" }, - "DeliveryS3Bucket": { - "markdownDescription": "The name of the Amazon S3 bucket where AWS Config stores conformance pack templates.\n\n> This field is optional.", - "title": "DeliveryS3Bucket", + "DomainName": { + "markdownDescription": "The name of the domain that contains the repository.", + "title": "DomainName", "type": "string" }, - "DeliveryS3KeyPrefix": { - "markdownDescription": "Any folder structure you want to add to an Amazon S3 bucket.\n\n> This field is optional.", - "title": "DeliveryS3KeyPrefix", + "DomainOwner": { + "markdownDescription": "The 12-digit account number of the AWS account that owns the domain that contains the repository. It does not include dashes or spaces.", + "title": "DomainOwner", "type": "string" }, - "ExcludedAccounts": { + "ExternalConnections": { "items": { "type": "string" }, - "markdownDescription": "A comma-separated list of accounts excluded from organization conformance pack.", - "title": "ExcludedAccounts", + "markdownDescription": "An array of external connections associated with the repository. For more information, see [Supported external connection repositories](https://docs.aws.amazon.com/codeartifact/latest/ug/external-connection.html#supported-public-repositories) in the *CodeArtifact user guide* .", + "title": "ExternalConnections", "type": "array" }, - "OrganizationConformancePackName": { - "markdownDescription": "The name you assign to an organization conformance pack.", - "title": "OrganizationConformancePackName", - "type": "string" + "PermissionsPolicyDocument": { + "markdownDescription": "The document that defines the resource policy that is set on a repository.", + "title": "PermissionsPolicyDocument", + "type": "object" }, - "TemplateBody": { - "markdownDescription": "A string containing full conformance pack template body. Structure containing the template body with a minimum length of 1 byte and a maximum length of 51,200 bytes.", - "title": "TemplateBody", + "RepositoryName": { + "markdownDescription": "The name of an upstream repository.", + "title": "RepositoryName", "type": "string" }, - "TemplateS3Uri": { - "markdownDescription": "Location of file containing the template body. The uri must point to the conformance pack template (max size: 300 KB).", - "title": "TemplateS3Uri", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags to be applied to the repository.", + "title": "Tags", + "type": "array" + }, + "Upstreams": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of upstream repositories to associate with the repository. The order of the upstream repositories in the list determines their priority order when AWS CodeArtifact looks for a requested package version. For more information, see [Working with upstream repositories](https://docs.aws.amazon.com/codeartifact/latest/ug/repos-upstream.html) .", + "title": "Upstreams", + "type": "array" } }, "required": [ - "OrganizationConformancePackName" + "DomainName", + "RepositoryName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Config::OrganizationConformancePack" + "AWS::CodeArtifact::Repository" ], "type": "string" }, @@ -49333,27 +54891,7 @@ ], "type": "object" }, - "AWS::Config::OrganizationConformancePack.ConformancePackInputParameter": { - "additionalProperties": false, - "properties": { - "ParameterName": { - "markdownDescription": "One part of a key-value pair.", - "title": "ParameterName", - "type": "string" - }, - "ParameterValue": { - "markdownDescription": "One part of a key-value pair.", - "title": "ParameterValue", - "type": "string" - } - }, - "required": [ - "ParameterName", - "ParameterValue" - ], - "type": "object" - }, - "AWS::Config::RemediationConfiguration": { + "AWS::CodeBuild::Fleet": { "additionalProperties": false, "properties": { "Condition": { @@ -49388,67 +54926,75 @@ "Properties": { "additionalProperties": false, "properties": { - "Automatic": { - "markdownDescription": "The remediation is triggered automatically.", - "title": "Automatic", - "type": "boolean" + "BaseCapacity": { + "markdownDescription": "The initial number of machines allocated to the compute \ufb02eet, which de\ufb01nes the number of builds that can run in parallel.", + "title": "BaseCapacity", + "type": "number" }, - "ConfigRuleName": { - "markdownDescription": "The name of the AWS Config rule.", - "title": "ConfigRuleName", - "type": "string" + "ComputeConfiguration": { + "$ref": "#/definitions/AWS::CodeBuild::Fleet.ComputeConfiguration", + "markdownDescription": "The compute configuration of the compute fleet. This is only required if `computeType` is set to `ATTRIBUTE_BASED_COMPUTE` or `CUSTOM_INSTANCE_TYPE` .", + "title": "ComputeConfiguration" }, - "ExecutionControls": { - "$ref": "#/definitions/AWS::Config::RemediationConfiguration.ExecutionControls", - "markdownDescription": "An ExecutionControls object.", - "title": "ExecutionControls" + "ComputeType": { + "markdownDescription": "Information about the compute resources the compute fleet uses. Available values include:\n\n- `ATTRIBUTE_BASED_COMPUTE` : Specify the amount of vCPUs, memory, disk space, and the type of machine.\n\n> If you use `ATTRIBUTE_BASED_COMPUTE` , you must define your attributes by using `computeConfiguration` . AWS CodeBuild will select the cheapest instance that satisfies your specified attributes. For more information, see [Reserved capacity environment types](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html#environment-reserved-capacity.types) in the *AWS CodeBuild User Guide* .\n- `BUILD_GENERAL1_SMALL` : Use up to 4 GiB memory and 2 vCPUs for builds.\n- `BUILD_GENERAL1_MEDIUM` : Use up to 8 GiB memory and 4 vCPUs for builds.\n- `BUILD_GENERAL1_LARGE` : Use up to 16 GiB memory and 8 vCPUs for builds, depending on your environment type.\n- `BUILD_GENERAL1_XLARGE` : Use up to 72 GiB memory and 36 vCPUs for builds, depending on your environment type.\n- `BUILD_GENERAL1_2XLARGE` : Use up to 144 GiB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed.\n- `BUILD_LAMBDA_1GB` : Use up to 1 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_2GB` : Use up to 2 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_4GB` : Use up to 4 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_8GB` : Use up to 8 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_10GB` : Use up to 10 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n\nIf you use `BUILD_GENERAL1_SMALL` :\n\n- For environment type `LINUX_CONTAINER` , you can use up to 4 GiB memory and 2 vCPUs for builds.\n- For environment type `LINUX_GPU_CONTAINER` , you can use up to 16 GiB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds.\n- For environment type `ARM_CONTAINER` , you can use up to 4 GiB memory and 2 vCPUs on ARM-based processors for builds.\n\nIf you use `BUILD_GENERAL1_LARGE` :\n\n- For environment type `LINUX_CONTAINER` , you can use up to 16 GiB memory and 8 vCPUs for builds.\n- For environment type `LINUX_GPU_CONTAINER` , you can use up to 255 GiB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds.\n- For environment type `ARM_CONTAINER` , you can use up to 16 GiB memory and 8 vCPUs on ARM-based processors for builds.\n\nFor more information, see [On-demand environment types](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html#environment.types) in the *AWS CodeBuild User Guide.*", + "title": "ComputeType", + "type": "string" }, - "MaximumAutomaticAttempts": { - "markdownDescription": "The maximum number of failed attempts for auto-remediation. If you do not select a number, the default is 5.\n\nFor example, if you specify MaximumAutomaticAttempts as 5 with RetryAttemptSeconds as 50 seconds, AWS Config will put a RemediationException on your behalf for the failing resource after the 5th failed attempt within 50 seconds.", - "title": "MaximumAutomaticAttempts", - "type": "number" + "EnvironmentType": { + "markdownDescription": "The environment type of the compute fleet.\n\n- The environment type `ARM_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), EU (Frankfurt), and South America (S\u00e3o Paulo).\n- The environment type `ARM_EC2` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (S\u00e3o Paulo), and Asia Pacific (Mumbai).\n- The environment type `LINUX_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (S\u00e3o Paulo), and Asia Pacific (Mumbai).\n- The environment type `LINUX_EC2` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (S\u00e3o Paulo), and Asia Pacific (Mumbai).\n- The environment type `LINUX_GPU_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), and Asia Pacific (Sydney).\n- The environment type `MAC_ARM` is available only in regions US East (Ohio), US East (N. Virginia), US West (Oregon), Europe (Frankfurt), and Asia Pacific (Sydney).\n- The environment type `WINDOWS_EC2` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (S\u00e3o Paulo), and Asia Pacific (Mumbai).\n- The environment type `WINDOWS_SERVER_2019_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Sydney), Asia Pacific (Tokyo), Asia Pacific (Mumbai) and EU (Ireland).\n- The environment type `WINDOWS_SERVER_2022_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Sydney), Asia Pacific (Singapore), Asia Pacific (Tokyo), South America (S\u00e3o Paulo) and Asia Pacific (Mumbai).\n\nFor more information, see [Build environment compute types](https://docs.aws.amazon.com//codebuild/latest/userguide/build-env-ref-compute-types.html) in the *AWS CodeBuild user guide* .", + "title": "EnvironmentType", + "type": "string" }, - "Parameters": { - "markdownDescription": "An object of the RemediationParameterValue. For more information, see [RemediationParameterValue](https://docs.aws.amazon.com/config/latest/APIReference/API_RemediationParameterValue.html) .\n\n> The type is a map of strings to RemediationParameterValue.", - "title": "Parameters", - "type": "object" + "FleetProxyConfiguration": { + "$ref": "#/definitions/AWS::CodeBuild::Fleet.ProxyConfiguration", + "markdownDescription": "Information about the proxy configurations that apply network access control to your reserved capacity instances.", + "title": "FleetProxyConfiguration" }, - "ResourceType": { - "markdownDescription": "The type of a resource.", - "title": "ResourceType", + "FleetServiceRole": { + "markdownDescription": "The service role associated with the compute fleet. For more information, see [Allow a user to add a permission policy for a fleet service role](https://docs.aws.amazon.com/codebuild/latest/userguide/auth-and-access-control-iam-identity-based-access-control.html#customer-managed-policies-example-permission-policy-fleet-service-role.html) in the *AWS CodeBuild User Guide* .", + "title": "FleetServiceRole", "type": "string" }, - "RetryAttemptSeconds": { - "markdownDescription": "Time window to determine whether or not to add a remediation exception to prevent infinite remediation attempts. If `MaximumAutomaticAttempts` remediation attempts have been made under `RetryAttemptSeconds` , a remediation exception will be added to the resource. If you do not select a number, the default is 60 seconds.\n\nFor example, if you specify `RetryAttemptSeconds` as 50 seconds and `MaximumAutomaticAttempts` as 5, AWS Config will run auto-remediations 5 times within 50 seconds before adding a remediation exception to the resource.", - "title": "RetryAttemptSeconds", - "type": "number" + "FleetVpcConfig": { + "$ref": "#/definitions/AWS::CodeBuild::Fleet.VpcConfig", + "markdownDescription": "Information about the VPC configuration that AWS CodeBuild accesses.", + "title": "FleetVpcConfig" }, - "TargetId": { - "markdownDescription": "Target ID is the name of the SSM document.", - "title": "TargetId", + "ImageId": { + "markdownDescription": "The Amazon Machine Image (AMI) of the compute fleet.", + "title": "ImageId", "type": "string" }, - "TargetType": { - "markdownDescription": "The type of the target. Target executes remediation. For example, SSM document.", - "title": "TargetType", + "Name": { + "markdownDescription": "The name of the compute fleet.", + "title": "Name", "type": "string" }, - "TargetVersion": { - "markdownDescription": "Version of the target. For example, version of the SSM document.\n\n> If you make backward incompatible changes to the SSM document, you must call PutRemediationConfiguration API again to ensure the remediations can run.", - "title": "TargetVersion", + "OverflowBehavior": { + "markdownDescription": "The compute fleet overflow behavior.\n\n- For overflow behavior `QUEUE` , your overflow builds need to wait on the existing fleet instance to become available.\n- For overflow behavior `ON_DEMAND` , your overflow builds run on CodeBuild on-demand.\n\n> If you choose to set your overflow behavior to on-demand while creating a VPC-connected fleet, make sure that you add the required VPC permissions to your project service role. For more information, see [Example policy statement to allow CodeBuild access to AWS services required to create a VPC network interface](https://docs.aws.amazon.com/codebuild/latest/userguide/auth-and-access-control-iam-identity-based-access-control.html#customer-managed-policies-example-create-vpc-network-interface) .", + "title": "OverflowBehavior", "type": "string" + }, + "ScalingConfiguration": { + "$ref": "#/definitions/AWS::CodeBuild::Fleet.ScalingConfigurationInput", + "markdownDescription": "The scaling configuration of the compute fleet.", + "title": "ScalingConfiguration" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tag key and value pairs associated with this compute fleet.\n\nThese tags are available for use by AWS services that support AWS CodeBuild compute fleet tags.", + "title": "Tags", + "type": "array" } }, - "required": [ - "ConfigRuleName", - "TargetId", - "TargetType" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Config::RemediationConfiguration" + "AWS::CodeBuild::Fleet" ], "type": "string" }, @@ -49462,76 +55008,152 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Config::RemediationConfiguration.ExecutionControls": { + "AWS::CodeBuild::Fleet.ComputeConfiguration": { "additionalProperties": false, "properties": { - "SsmControls": { - "$ref": "#/definitions/AWS::Config::RemediationConfiguration.SsmControls", - "markdownDescription": "A SsmControls object.", - "title": "SsmControls" + "disk": { + "markdownDescription": "The amount of disk space of the instance type included in your fleet.", + "title": "disk", + "type": "number" + }, + "instanceType": { + "markdownDescription": "The EC2 instance type to be launched in your fleet.", + "title": "instanceType", + "type": "string" + }, + "machineType": { + "markdownDescription": "The machine type of the instance type included in your fleet.", + "title": "machineType", + "type": "string" + }, + "memory": { + "markdownDescription": "The amount of memory of the instance type included in your fleet.", + "title": "memory", + "type": "number" + }, + "vCpu": { + "markdownDescription": "The number of vCPUs of the instance type included in your fleet.", + "title": "vCpu", + "type": "number" } }, "type": "object" }, - "AWS::Config::RemediationConfiguration.RemediationParameterValue": { + "AWS::CodeBuild::Fleet.FleetProxyRule": { "additionalProperties": false, "properties": { - "ResourceValue": { - "$ref": "#/definitions/AWS::Config::RemediationConfiguration.ResourceValue", - "markdownDescription": "The value is dynamic and changes at run-time.", - "title": "ResourceValue" + "Effect": { + "markdownDescription": "The behavior of the proxy rule.", + "title": "Effect", + "type": "string" }, - "StaticValue": { - "$ref": "#/definitions/AWS::Config::RemediationConfiguration.StaticValue", - "markdownDescription": "The value is static and does not change at run-time.", - "title": "StaticValue" + "Entities": { + "items": { + "type": "string" + }, + "markdownDescription": "The destination of the proxy rule.", + "title": "Entities", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of proxy rule.", + "title": "Type", + "type": "string" } }, "type": "object" }, - "AWS::Config::RemediationConfiguration.ResourceValue": { + "AWS::CodeBuild::Fleet.ProxyConfiguration": { "additionalProperties": false, "properties": { - "Value": { + "DefaultBehavior": { + "markdownDescription": "The default behavior of outgoing traffic.", + "title": "DefaultBehavior", "type": "string" + }, + "OrderedProxyRules": { + "items": { + "$ref": "#/definitions/AWS::CodeBuild::Fleet.FleetProxyRule" + }, + "markdownDescription": "An array of `FleetProxyRule` objects that represent the specified destination domains or IPs to allow or deny network access control to.", + "title": "OrderedProxyRules", + "type": "array" } }, "type": "object" }, - "AWS::Config::RemediationConfiguration.SsmControls": { + "AWS::CodeBuild::Fleet.ScalingConfigurationInput": { "additionalProperties": false, "properties": { - "ConcurrentExecutionRatePercentage": { - "markdownDescription": "The maximum percentage of remediation actions allowed to run in parallel on the non-compliant resources for that specific rule. You can specify a percentage, such as 10%. The default value is 10.", - "title": "ConcurrentExecutionRatePercentage", + "MaxCapacity": { + "markdownDescription": "The maximum number of instances in the \ufb02eet when auto-scaling.", + "title": "MaxCapacity", "type": "number" }, - "ErrorPercentage": { - "markdownDescription": "The percentage of errors that are allowed before SSM stops running automations on non-compliant resources for that specific rule. You can specify a percentage of errors, for example 10%. If you do not specifiy a percentage, the default is 50%. For example, if you set the ErrorPercentage to 40% for 10 non-compliant resources, then SSM stops running the automations when the fifth error is received.", - "title": "ErrorPercentage", + "ScalingType": { + "markdownDescription": "The scaling type for a compute fleet.", + "title": "ScalingType", + "type": "string" + }, + "TargetTrackingScalingConfigs": { + "items": { + "$ref": "#/definitions/AWS::CodeBuild::Fleet.TargetTrackingScalingConfiguration" + }, + "markdownDescription": "A list of `TargetTrackingScalingConfiguration` objects.", + "title": "TargetTrackingScalingConfigs", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CodeBuild::Fleet.TargetTrackingScalingConfiguration": { + "additionalProperties": false, + "properties": { + "MetricType": { + "markdownDescription": "The metric type to determine auto-scaling.", + "title": "MetricType", + "type": "string" + }, + "TargetValue": { + "markdownDescription": "The value of `metricType` when to start scaling.", + "title": "TargetValue", "type": "number" } }, "type": "object" }, - "AWS::Config::RemediationConfiguration.StaticValue": { + "AWS::CodeBuild::Fleet.VpcConfig": { "additionalProperties": false, "properties": { - "Values": { + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of one or more security groups IDs in your Amazon VPC.", + "title": "SecurityGroupIds", + "type": "array" + }, + "Subnets": { "items": { "type": "string" }, + "markdownDescription": "A list of one or more subnet IDs in your Amazon VPC.", + "title": "Subnets", "type": "array" + }, + "VpcId": { + "markdownDescription": "The ID of the Amazon VPC.", + "title": "VpcId", + "type": "string" } }, "type": "object" }, - "AWS::Config::StoredQuery": { + "AWS::CodeBuild::Project": { "additionalProperties": false, "properties": { "Condition": { @@ -49566,112 +55188,156 @@ "Properties": { "additionalProperties": false, "properties": { - "QueryDescription": { - "markdownDescription": "A unique description for the query.", - "title": "QueryDescription", + "Artifacts": { + "$ref": "#/definitions/AWS::CodeBuild::Project.Artifacts", + "markdownDescription": "`Artifacts` is a property of the [AWS::CodeBuild::Project](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codebuild-project.html) resource that specifies output settings for artifacts generated by an AWS CodeBuild build.", + "title": "Artifacts" + }, + "AutoRetryLimit": { + "type": "number" + }, + "BadgeEnabled": { + "markdownDescription": "Indicates whether AWS CodeBuild generates a publicly accessible URL for your project's build badge. For more information, see [Build Badges Sample](https://docs.aws.amazon.com/codebuild/latest/userguide/sample-build-badges.html) in the *AWS CodeBuild User Guide* .\n\n> Including build badges with your project is currently not supported if the source type is CodePipeline. If you specify `CODEPIPELINE` for the `Source` property, do not specify the `BadgeEnabled` property.", + "title": "BadgeEnabled", + "type": "boolean" + }, + "BuildBatchConfig": { + "$ref": "#/definitions/AWS::CodeBuild::Project.ProjectBuildBatchConfig", + "markdownDescription": "A `ProjectBuildBatchConfig` object that defines the batch build options for the project.", + "title": "BuildBatchConfig" + }, + "Cache": { + "$ref": "#/definitions/AWS::CodeBuild::Project.ProjectCache", + "markdownDescription": "Settings that AWS CodeBuild uses to store and reuse build dependencies.", + "title": "Cache" + }, + "ConcurrentBuildLimit": { + "markdownDescription": "The maximum number of concurrent builds that are allowed for this project.\n\nNew builds are only started if the current number of builds is less than or equal to this limit. If the current build count meets this limit, new builds are throttled and are not run.", + "title": "ConcurrentBuildLimit", + "type": "number" + }, + "Description": { + "markdownDescription": "A description that makes the build project easy to identify.", + "title": "Description", "type": "string" }, - "QueryExpression": { - "markdownDescription": "The expression of the query. For example, `SELECT resourceId, resourceType, supplementaryConfiguration.BucketVersioningConfiguration.status WHERE resourceType = 'AWS::S3::Bucket' AND supplementaryConfiguration.BucketVersioningConfiguration.status = 'Off'.`", - "title": "QueryExpression", + "EncryptionKey": { + "markdownDescription": "The AWS Key Management Service customer master key (CMK) to be used for encrypting the build output artifacts.\n\n> You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key. \n\nYou can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format `alias/` ). If you don't specify a value, CodeBuild uses the managed CMK for Amazon Simple Storage Service (Amazon S3).", + "title": "EncryptionKey", "type": "string" }, - "QueryName": { - "markdownDescription": "The name of the query.", - "title": "QueryName", + "Environment": { + "$ref": "#/definitions/AWS::CodeBuild::Project.Environment", + "markdownDescription": "The build environment settings for the project, such as the environment type or the environment variables to use for the build environment.", + "title": "Environment" + }, + "FileSystemLocations": { + "items": { + "$ref": "#/definitions/AWS::CodeBuild::Project.ProjectFileSystemLocation" + }, + "markdownDescription": "An array of `ProjectFileSystemLocation` objects for a CodeBuild build project. A `ProjectFileSystemLocation` object specifies the `identifier` , `location` , `mountOptions` , `mountPoint` , and `type` of a file system created using Amazon Elastic File System.", + "title": "FileSystemLocations", + "type": "array" + }, + "LogsConfig": { + "$ref": "#/definitions/AWS::CodeBuild::Project.LogsConfig", + "markdownDescription": "Information about logs for the build project. A project can create logs in CloudWatch Logs, an S3 bucket, or both.", + "title": "LogsConfig" + }, + "Name": { + "markdownDescription": "The name of the build project. The name must be unique across all of the projects in your AWS account .", + "title": "Name", + "type": "string" + }, + "QueuedTimeoutInMinutes": { + "markdownDescription": "The number of minutes a build is allowed to be queued before it times out.", + "title": "QueuedTimeoutInMinutes", + "type": "number" + }, + "ResourceAccessRole": { + "markdownDescription": "The ARN of the IAM role that enables CodeBuild to access the CloudWatch Logs and Amazon S3 artifacts for the project's builds.", + "title": "ResourceAccessRole", + "type": "string" + }, + "SecondaryArtifacts": { + "items": { + "$ref": "#/definitions/AWS::CodeBuild::Project.Artifacts" + }, + "markdownDescription": "A list of `Artifacts` objects. Each artifacts object specifies output settings that the project generates during a build.", + "title": "SecondaryArtifacts", + "type": "array" + }, + "SecondarySourceVersions": { + "items": { + "$ref": "#/definitions/AWS::CodeBuild::Project.ProjectSourceVersion" + }, + "markdownDescription": "An array of `ProjectSourceVersion` objects. If `secondarySourceVersions` is specified at the build level, then they take over these `secondarySourceVersions` (at the project level).", + "title": "SecondarySourceVersions", + "type": "array" + }, + "SecondarySources": { + "items": { + "$ref": "#/definitions/AWS::CodeBuild::Project.Source" + }, + "markdownDescription": "An array of `ProjectSource` objects.", + "title": "SecondarySources", + "type": "array" + }, + "ServiceRole": { + "markdownDescription": "The ARN of the IAM role that enables AWS CodeBuild to interact with dependent AWS services on behalf of the AWS account.", + "title": "ServiceRole", + "type": "string" + }, + "Source": { + "$ref": "#/definitions/AWS::CodeBuild::Project.Source", + "markdownDescription": "The source code settings for the project, such as the source code's repository type and location.", + "title": "Source" + }, + "SourceVersion": { + "markdownDescription": "A version of the build input to be built for this project. If not specified, the latest version is used. If specified, it must be one of:\n\n- For CodeCommit: the commit ID, branch, or Git tag to use.\n- For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format `pr/pull-request-ID` (for example `pr/25` ). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.\n- For GitLab: the commit ID, branch, or Git tag to use.\n- For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.\n- For Amazon S3: the version ID of the object that represents the build input ZIP file to use.\n\nIf `sourceVersion` is specified at the build level, then that version takes precedence over this `sourceVersion` (at the project level).\n\nFor more information, see [Source Version Sample with CodeBuild](https://docs.aws.amazon.com/codebuild/latest/userguide/sample-source-version.html) in the *AWS CodeBuild User Guide* .", + "title": "SourceVersion", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.", + "markdownDescription": "An arbitrary set of tags (key-value pairs) for the AWS CodeBuild project.\n\nThese tags are available for use by AWS services that support AWS CodeBuild build project tags.", "title": "Tags", "type": "array" - } - }, - "required": [ - "QueryExpression", - "QueryName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Config::StoredQuery" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::Connect::ApprovedOrigin": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "InstanceId": { - "markdownDescription": "The Amazon Resource Name (ARN) of the instance.\n\n*Minimum* : `1`\n\n*Maximum* : `100`", - "title": "InstanceId", - "type": "string" + "TimeoutInMinutes": { + "markdownDescription": "How long, in minutes, from 5 to 2160 (36 hours), for AWS CodeBuild to wait before timing out any related build that did not get marked as completed. The default is 60 minutes.", + "title": "TimeoutInMinutes", + "type": "number" }, - "Origin": { - "markdownDescription": "Domain name to be added to the allow-list of the instance.\n\n*Maximum* : `267`", - "title": "Origin", + "Triggers": { + "$ref": "#/definitions/AWS::CodeBuild::Project.ProjectTriggers", + "markdownDescription": "For an existing AWS CodeBuild build project that has its source code stored in a GitHub repository, enables AWS CodeBuild to begin automatically rebuilding the source code every time a code change is pushed to the repository.", + "title": "Triggers" + }, + "Visibility": { + "markdownDescription": "Specifies the visibility of the project's builds. Possible values are:\n\n- **PUBLIC_READ** - The project builds are visible to the public.\n- **PRIVATE** - The project builds are not visible to the public.", + "title": "Visibility", "type": "string" + }, + "VpcConfig": { + "$ref": "#/definitions/AWS::CodeBuild::Project.VpcConfig", + "markdownDescription": "`VpcConfig` specifies settings that enable AWS CodeBuild to access resources in an Amazon VPC. For more information, see [Use AWS CodeBuild with Amazon Virtual Private Cloud](https://docs.aws.amazon.com/codebuild/latest/userguide/vpc-support.html) in the *AWS CodeBuild User Guide* .", + "title": "VpcConfig" } }, "required": [ - "InstanceId", - "Origin" + "Artifacts", + "Environment", + "ServiceRole", + "Source" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::ApprovedOrigin" + "AWS::CodeBuild::Project" ], "type": "string" }, @@ -49690,673 +55356,615 @@ ], "type": "object" }, - "AWS::Connect::ContactFlow": { + "AWS::CodeBuild::Project.Artifacts": { "additionalProperties": false, "properties": { - "Condition": { + "ArtifactIdentifier": { + "markdownDescription": "An identifier for this artifact definition.", + "title": "ArtifactIdentifier", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "EncryptionDisabled": { + "markdownDescription": "Set to true if you do not want your output artifacts encrypted. This option is valid only if your artifacts type is Amazon Simple Storage Service (Amazon S3). If this is set with another artifacts type, an `invalidInputException` is thrown.", + "title": "EncryptionDisabled", + "type": "boolean" + }, + "Location": { + "markdownDescription": "Information about the build output artifact location:\n\n- If `type` is set to `CODEPIPELINE` , AWS CodePipeline ignores this value if specified. This is because CodePipeline manages its build output locations instead of CodeBuild .\n- If `type` is set to `NO_ARTIFACTS` , this value is ignored if specified, because no build output is produced.\n- If `type` is set to `S3` , this is the name of the output bucket.\n\nIf you specify `CODEPIPELINE` or `NO_ARTIFACTS` for the `Type` property, don't specify this property. For all of the other types, you must specify this property.", + "title": "Location", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Name": { + "markdownDescription": "Along with `path` and `namespaceType` , the pattern that AWS CodeBuild uses to name and store the output artifact:\n\n- If `type` is set to `CODEPIPELINE` , AWS CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of AWS CodeBuild .\n- If `type` is set to `NO_ARTIFACTS` , this value is ignored if specified, because no build output is produced.\n- If `type` is set to `S3` , this is the name of the output artifact object. If you set the name to be a forward slash (\"/\"), the artifact is stored in the root of the output bucket.\n\nFor example:\n\n- If `path` is set to `MyArtifacts` , `namespaceType` is set to `BUILD_ID` , and `name` is set to `MyArtifact.zip` , then the output artifact is stored in `MyArtifacts/ *build-ID* /MyArtifact.zip` .\n- If `path` is empty, `namespaceType` is set to `NONE` , and `name` is set to \" `/` \", the output artifact is stored in the root of the output bucket.\n- If `path` is set to `MyArtifacts` , `namespaceType` is set to `BUILD_ID` , and `name` is set to \" `/` \", the output artifact is stored in `MyArtifacts/ *build-ID*` .\n\nIf you specify `CODEPIPELINE` or `NO_ARTIFACTS` for the `Type` property, don't specify this property. For all of the other types, you must specify this property.", + "title": "Name", + "type": "string" }, - "Metadata": { - "type": "object" + "NamespaceType": { + "markdownDescription": "Along with `path` and `name` , the pattern that AWS CodeBuild uses to determine the name and location to store the output artifact:\n\n- If `type` is set to `CODEPIPELINE` , CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of AWS CodeBuild .\n- If `type` is set to `NO_ARTIFACTS` , this value is ignored if specified, because no build output is produced.\n- If `type` is set to `S3` , valid values include:\n\n- `BUILD_ID` : Include the build ID in the location of the build output artifact.\n- `NONE` : Do not include the build ID. This is the default if `namespaceType` is not specified.\n\nFor example, if `path` is set to `MyArtifacts` , `namespaceType` is set to `BUILD_ID` , and `name` is set to `MyArtifact.zip` , the output artifact is stored in `MyArtifacts//MyArtifact.zip` .", + "title": "NamespaceType", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Content": { - "markdownDescription": "The content of the flow.\n\nFor more information, see [Amazon Connect Flow language](https://docs.aws.amazon.com/connect/latest/adminguide/flow-language.html) in the *Amazon Connect Administrator Guide* .", - "title": "Content", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the flow.", - "title": "Description", - "type": "string" - }, - "InstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Connect instance.", - "title": "InstanceArn", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the flow.", - "title": "Name", - "type": "string" - }, - "State": { - "markdownDescription": "The state of the flow.", - "title": "State", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - }, - "Type": { - "markdownDescription": "The type of the flow. For descriptions of the available types, see [Choose a flow type](https://docs.aws.amazon.com/connect/latest/adminguide/create-contact-flow.html#contact-flow-types) in the *Amazon Connect Administrator Guide* .", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Content", - "InstanceArn", - "Name", - "Type" - ], - "type": "object" + "OverrideArtifactName": { + "markdownDescription": "If set to true a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell command language. For example, you can append a date and time to your artifact name so that it is always unique.", + "title": "OverrideArtifactName", + "type": "boolean" }, - "Type": { - "enum": [ - "AWS::Connect::ContactFlow" - ], + "Packaging": { + "markdownDescription": "The type of build output artifact to create:\n\n- If `type` is set to `CODEPIPELINE` , CodePipeline ignores this value if specified. This is because CodePipeline manages its build output artifacts instead of AWS CodeBuild .\n- If `type` is set to `NO_ARTIFACTS` , this value is ignored if specified, because no build output is produced.\n- If `type` is set to `S3` , valid values include:\n\n- `NONE` : AWS CodeBuild creates in the output bucket a folder that contains the build output. This is the default if `packaging` is not specified.\n- `ZIP` : AWS CodeBuild creates in the output bucket a ZIP file that contains the build output.", + "title": "Packaging", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Path": { + "markdownDescription": "Along with `namespaceType` and `name` , the pattern that AWS CodeBuild uses to name and store the output artifact:\n\n- If `type` is set to `CODEPIPELINE` , CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of AWS CodeBuild .\n- If `type` is set to `NO_ARTIFACTS` , this value is ignored if specified, because no build output is produced.\n- If `type` is set to `S3` , this is the path to the output artifact. If `path` is not specified, `path` is not used.\n\nFor example, if `path` is set to `MyArtifacts` , `namespaceType` is set to `NONE` , and `name` is set to `MyArtifact.zip` , the output artifact is stored in the output bucket at `MyArtifacts/MyArtifact.zip` .", + "title": "Path", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of build output artifact. Valid values include:\n\n- `CODEPIPELINE` : The build project has build output generated through CodePipeline.\n\n> The `CODEPIPELINE` type is not supported for `secondaryArtifacts` .\n- `NO_ARTIFACTS` : The build project does not produce any build output.\n- `S3` : The build project stores build output in Amazon S3.", + "title": "Type", "type": "string" } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Connect::ContactFlowModule": { + "AWS::CodeBuild::Project.BatchRestrictions": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "ComputeTypesAllowed": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of strings that specify the compute types that are allowed for the batch build. See [Build environment compute types](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html) in the *AWS CodeBuild User Guide* for these values.", + "title": "ComputeTypesAllowed", + "type": "array" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "MaximumBuildsAllowed": { + "markdownDescription": "Specifies the maximum number of builds allowed.", + "title": "MaximumBuildsAllowed", + "type": "number" + } + }, + "type": "object" + }, + "AWS::CodeBuild::Project.BuildStatusConfig": { + "additionalProperties": false, + "properties": { + "Context": { + "markdownDescription": "Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.\n\n- **Bitbucket** - This parameter is used for the `name` parameter in the Bitbucket commit status. For more information, see [build](https://docs.aws.amazon.com/https://developer.atlassian.com/bitbucket/api/2/reference/resource/repositories/%7Bworkspace%7D/%7Brepo_slug%7D/commit/%7Bnode%7D/statuses/build) in the Bitbucket API documentation.\n- **GitHub/GitHub Enterprise Server** - This parameter is used for the `context` parameter in the GitHub commit status. For more information, see [Create a commit status](https://docs.aws.amazon.com/https://developer.github.com/v3/repos/statuses/#create-a-commit-status) in the GitHub developer guide.", + "title": "Context", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Content": { - "markdownDescription": "The content of the flow module.", - "title": "Content", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the flow module.", - "title": "Description", - "type": "string" - }, - "InstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Connect instance.", - "title": "InstanceArn", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the flow module.", - "title": "Name", - "type": "string" - }, - "State": { - "markdownDescription": "The state of the flow module.", - "title": "State", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Content", - "InstanceArn", - "Name" - ], - "type": "object" + "TargetUrl": { + "markdownDescription": "Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.\n\n- **Bitbucket** - This parameter is used for the `url` parameter in the Bitbucket commit status. For more information, see [build](https://docs.aws.amazon.com/https://developer.atlassian.com/bitbucket/api/2/reference/resource/repositories/%7Bworkspace%7D/%7Brepo_slug%7D/commit/%7Bnode%7D/statuses/build) in the Bitbucket API documentation.\n- **GitHub/GitHub Enterprise Server** - This parameter is used for the `target_url` parameter in the GitHub commit status. For more information, see [Create a commit status](https://docs.aws.amazon.com/https://developer.github.com/v3/repos/statuses/#create-a-commit-status) in the GitHub developer guide.", + "title": "TargetUrl", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CodeBuild::Project.CloudWatchLogsConfig": { + "additionalProperties": false, + "properties": { + "GroupName": { + "markdownDescription": "The group name of the logs in CloudWatch Logs. For more information, see [Working with Log Groups and Log Streams](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/Working-with-log-groups-and-streams.html) .", + "title": "GroupName", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Connect::ContactFlowModule" - ], + "Status": { + "markdownDescription": "The current status of the logs in CloudWatch Logs for a build project. Valid values are:\n\n- `ENABLED` : CloudWatch Logs are enabled for this build project.\n- `DISABLED` : CloudWatch Logs are not enabled for this build project.", + "title": "Status", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "StreamName": { + "markdownDescription": "The prefix of the stream name of the CloudWatch Logs. For more information, see [Working with Log Groups and Log Streams](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/Working-with-log-groups-and-streams.html) .", + "title": "StreamName", "type": "string" } }, "required": [ - "Type", - "Properties" + "Status" ], "type": "object" }, - "AWS::Connect::EvaluationForm": { + "AWS::CodeBuild::Project.DockerServer": { "additionalProperties": false, "properties": { - "Condition": { + "ComputeType": { "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "ComputeType" + ], + "type": "object" + }, + "AWS::CodeBuild::Project.Environment": { + "additionalProperties": false, + "properties": { + "Certificate": { + "markdownDescription": "The ARN of the Amazon S3 bucket, path prefix, and object key that contains the PEM-encoded certificate for the build project. For more information, see [certificate](https://docs.aws.amazon.com/codebuild/latest/userguide/create-project-cli.html#cli.environment.certificate) in the *AWS CodeBuild User Guide* .", + "title": "Certificate", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ComputeType": { + "markdownDescription": "The type of compute environment. This determines the number of CPU cores and memory the build environment uses. Available values include:\n\n- `ATTRIBUTE_BASED_COMPUTE` : Specify the amount of vCPUs, memory, disk space, and the type of machine.\n\n> If you use `ATTRIBUTE_BASED_COMPUTE` , you must define your attributes by using `computeConfiguration` . AWS CodeBuild will select the cheapest instance that satisfies your specified attributes. For more information, see [Reserved capacity environment types](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html#environment-reserved-capacity.types) in the *AWS CodeBuild User Guide* .\n- `BUILD_GENERAL1_SMALL` : Use up to 4 GiB memory and 2 vCPUs for builds.\n- `BUILD_GENERAL1_MEDIUM` : Use up to 8 GiB memory and 4 vCPUs for builds.\n- `BUILD_GENERAL1_LARGE` : Use up to 16 GiB memory and 8 vCPUs for builds, depending on your environment type.\n- `BUILD_GENERAL1_XLARGE` : Use up to 72 GiB memory and 36 vCPUs for builds, depending on your environment type.\n- `BUILD_GENERAL1_2XLARGE` : Use up to 144 GiB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed.\n- `BUILD_LAMBDA_1GB` : Use up to 1 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_2GB` : Use up to 2 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_4GB` : Use up to 4 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_8GB` : Use up to 8 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_10GB` : Use up to 10 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n\nIf you use `BUILD_GENERAL1_SMALL` :\n\n- For environment type `LINUX_CONTAINER` , you can use up to 4 GiB memory and 2 vCPUs for builds.\n- For environment type `LINUX_GPU_CONTAINER` , you can use up to 16 GiB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds.\n- For environment type `ARM_CONTAINER` , you can use up to 4 GiB memory and 2 vCPUs on ARM-based processors for builds.\n\nIf you use `BUILD_GENERAL1_LARGE` :\n\n- For environment type `LINUX_CONTAINER` , you can use up to 16 GiB memory and 8 vCPUs for builds.\n- For environment type `LINUX_GPU_CONTAINER` , you can use up to 255 GiB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds.\n- For environment type `ARM_CONTAINER` , you can use up to 16 GiB memory and 8 vCPUs on ARM-based processors for builds.\n\nFor more information, see [On-demand environment types](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html#environment.types) in the *AWS CodeBuild User Guide.*", + "title": "ComputeType", + "type": "string" }, - "Metadata": { - "type": "object" + "DockerServer": { + "$ref": "#/definitions/AWS::CodeBuild::Project.DockerServer" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The description of the evaluation form.\n\n*Length Constraints* : Minimum length of 0. Maximum length of 1024.", - "title": "Description", - "type": "string" - }, - "InstanceArn": { - "markdownDescription": "The identifier of the Amazon Connect instance.", - "title": "InstanceArn", - "type": "string" - }, - "Items": { - "items": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormBaseItem" - }, - "markdownDescription": "Items that are part of the evaluation form. The total number of sections and questions must not exceed 100 each. Questions must be contained in a section.\n\n*Minimum size* : 1\n\n*Maximum size* : 100", - "title": "Items", - "type": "array" - }, - "ScoringStrategy": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.ScoringStrategy", - "markdownDescription": "A scoring strategy of the evaluation form.", - "title": "ScoringStrategy" - }, - "Status": { - "markdownDescription": "The status of the evaluation form.\n\n*Allowed values* : `DRAFT` | `ACTIVE`", - "title": "Status", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", - "title": "Tags", - "type": "array" - }, - "Title": { - "markdownDescription": "A title of the evaluation form.", - "title": "Title", - "type": "string" - } + "EnvironmentVariables": { + "items": { + "$ref": "#/definitions/AWS::CodeBuild::Project.EnvironmentVariable" }, - "required": [ - "InstanceArn", - "Items", - "Status", - "Title" - ], - "type": "object" + "markdownDescription": "A set of environment variables to make available to builds for this build project.", + "title": "EnvironmentVariables", + "type": "array" }, - "Type": { - "enum": [ - "AWS::Connect::EvaluationForm" - ], + "Fleet": { + "$ref": "#/definitions/AWS::CodeBuild::Project.ProjectFleet" + }, + "Image": { + "markdownDescription": "The image tag or image digest that identifies the Docker image to use for this build project. Use the following formats:\n\n- For an image tag: `/:` . For example, in the Docker repository that CodeBuild uses to manage its Docker images, this would be `aws/codebuild/standard:4.0` .\n- For an image digest: `/@` . For example, to specify an image with the digest \"sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf,\" use `/@sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf` .\n\nFor more information, see [Docker images provided by CodeBuild](https://docs.aws.amazon.com//codebuild/latest/userguide/build-env-ref-available.html) in the *AWS CodeBuild user guide* .", + "title": "Image", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ImagePullCredentialsType": { + "markdownDescription": "The type of credentials AWS CodeBuild uses to pull images in your build. There are two valid values:\n\n- `CODEBUILD` specifies that AWS CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust AWS CodeBuild service principal.\n- `SERVICE_ROLE` specifies that AWS CodeBuild uses your build project's service role.\n\nWhen you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an AWS CodeBuild curated image, you must use CODEBUILD credentials.", + "title": "ImagePullCredentialsType", + "type": "string" + }, + "PrivilegedMode": { + "markdownDescription": "Enables running the Docker daemon inside a Docker container. Set to true only if the build project is used to build Docker images. Otherwise, a build that attempts to interact with the Docker daemon fails. The default setting is `false` .\n\nYou can initialize the Docker daemon during the install phase of your build by adding one of the following sets of commands to the install phase of your buildspec file:\n\nIf the operating system's base image is Ubuntu Linux:\n\n`- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&`\n\n`- timeout 15 sh -c \"until docker info; do echo .; sleep 1; done\"`\n\nIf the operating system's base image is Alpine Linux and the previous command does not work, add the `-t` argument to `timeout` :\n\n`- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&`\n\n`- timeout -t 15 sh -c \"until docker info; do echo .; sleep 1; done\"`", + "title": "PrivilegedMode", + "type": "boolean" + }, + "RegistryCredential": { + "$ref": "#/definitions/AWS::CodeBuild::Project.RegistryCredential", + "markdownDescription": "`RegistryCredential` is a property of the [AWS::CodeBuild::Project Environment](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codebuild-project.html#cfn-codebuild-project-environment) property that specifies information about credentials that provide access to a private Docker registry. When this is set:\n\n- `imagePullCredentialsType` must be set to `SERVICE_ROLE` .\n- images cannot be curated or an Amazon ECR image.", + "title": "RegistryCredential" + }, + "Type": { + "markdownDescription": "The type of build environment to use for related builds.\n\n> If you're using compute fleets during project creation, `type` will be ignored. \n\nFor more information, see [Build environment compute types](https://docs.aws.amazon.com//codebuild/latest/userguide/build-env-ref-compute-types.html) in the *AWS CodeBuild user guide* .", + "title": "Type", "type": "string" } }, "required": [ - "Type", - "Properties" + "ComputeType", + "Image", + "Type" ], "type": "object" }, - "AWS::Connect::EvaluationForm.EvaluationFormBaseItem": { + "AWS::CodeBuild::Project.EnvironmentVariable": { "additionalProperties": false, "properties": { - "Section": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormSection", - "markdownDescription": "A subsection or inner section of an item.", - "title": "Section" + "Name": { + "markdownDescription": "The name or key of the environment variable.", + "title": "Name", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of environment variable. Valid values include:\n\n- `PARAMETER_STORE` : An environment variable stored in Systems Manager Parameter Store. For environment variables of this type, specify the name of the parameter as the `value` of the EnvironmentVariable. The parameter value will be substituted for the name at runtime. You can also define Parameter Store environment variables in the buildspec. To learn how to do so, see [env/parameter-store](https://docs.aws.amazon.com/codebuild/latest/userguide/build-spec-ref.html#build-spec.env.parameter-store) in the *AWS CodeBuild User Guide* .\n- `PLAINTEXT` : An environment variable in plain text format. This is the default value.\n- `SECRETS_MANAGER` : An environment variable stored in AWS Secrets Manager . For environment variables of this type, specify the name of the secret as the `value` of the EnvironmentVariable. The secret value will be substituted for the name at runtime. You can also define AWS Secrets Manager environment variables in the buildspec. To learn how to do so, see [env/secrets-manager](https://docs.aws.amazon.com/codebuild/latest/userguide/build-spec-ref.html#build-spec.env.secrets-manager) in the *AWS CodeBuild User Guide* .", + "title": "Type", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the environment variable.\n\n> We strongly discourage the use of `PLAINTEXT` environment variables to store sensitive values, especially AWS secret key IDs. `PLAINTEXT` environment variables can be displayed in plain text using the AWS CodeBuild console and the AWS CLI . For sensitive values, we recommend you use an environment variable of type `PARAMETER_STORE` or `SECRETS_MANAGER` .", + "title": "Value", + "type": "string" } }, "required": [ - "Section" + "Name", + "Value" ], "type": "object" }, - "AWS::Connect::EvaluationForm.EvaluationFormItem": { + "AWS::CodeBuild::Project.FilterGroup": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::CodeBuild::Project.GitSubmodulesConfig": { "additionalProperties": false, "properties": { - "Question": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormQuestion", - "markdownDescription": "The information of the question.", - "title": "Question" - }, - "Section": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormSection", - "markdownDescription": "The information of the section.", - "title": "Section" + "FetchSubmodules": { + "markdownDescription": "Set to true to fetch Git submodules for your AWS CodeBuild build project.", + "title": "FetchSubmodules", + "type": "boolean" } }, + "required": [ + "FetchSubmodules" + ], "type": "object" }, - "AWS::Connect::EvaluationForm.EvaluationFormNumericQuestionAutomation": { + "AWS::CodeBuild::Project.LogsConfig": { "additionalProperties": false, "properties": { - "PropertyValue": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.NumericQuestionPropertyValueAutomation", - "markdownDescription": "The property value of the automation.", - "title": "PropertyValue" + "CloudWatchLogs": { + "$ref": "#/definitions/AWS::CodeBuild::Project.CloudWatchLogsConfig", + "markdownDescription": "Information about CloudWatch Logs for a build project. CloudWatch Logs are enabled by default.", + "title": "CloudWatchLogs" + }, + "S3Logs": { + "$ref": "#/definitions/AWS::CodeBuild::Project.S3LogsConfig", + "markdownDescription": "Information about logs built to an S3 bucket for a build project. S3 logs are not enabled by default.", + "title": "S3Logs" } }, - "required": [ - "PropertyValue" - ], "type": "object" }, - "AWS::Connect::EvaluationForm.EvaluationFormNumericQuestionOption": { + "AWS::CodeBuild::Project.ProjectBuildBatchConfig": { "additionalProperties": false, "properties": { - "AutomaticFail": { - "markdownDescription": "The flag to mark the option as automatic fail. If an automatic fail answer is provided, the overall evaluation gets a score of 0.", - "title": "AutomaticFail", + "BatchReportMode": { + "markdownDescription": "Specifies how build status reports are sent to the source provider for the batch build. This property is only used when the source provider for your project is Bitbucket, GitHub, or GitHub Enterprise, and your project is configured to report build statuses to the source provider.\n\n- **REPORT_AGGREGATED_BATCH** - (Default) Aggregate all of the build statuses into a single status report.\n- **REPORT_INDIVIDUAL_BUILDS** - Send a separate status report for each individual build.", + "title": "BatchReportMode", + "type": "string" + }, + "CombineArtifacts": { + "markdownDescription": "Specifies if the build artifacts for the batch build should be combined into a single artifact location.", + "title": "CombineArtifacts", "type": "boolean" }, - "MaxValue": { - "markdownDescription": "The maximum answer value of the range option.", - "title": "MaxValue", - "type": "number" + "Restrictions": { + "$ref": "#/definitions/AWS::CodeBuild::Project.BatchRestrictions", + "markdownDescription": "A `BatchRestrictions` object that specifies the restrictions for the batch build.", + "title": "Restrictions" }, - "MinValue": { - "markdownDescription": "The minimum answer value of the range option.", - "title": "MinValue", - "type": "number" + "ServiceRole": { + "markdownDescription": "Specifies the service role ARN for the batch build project.", + "title": "ServiceRole", + "type": "string" }, - "Score": { - "markdownDescription": "The score assigned to answer values within the range option.\n\n*Minimum* : 0\n\n*Maximum* : 10", - "title": "Score", + "TimeoutInMins": { + "markdownDescription": "Specifies the maximum amount of time, in minutes, that the batch build must be completed in.", + "title": "TimeoutInMins", "type": "number" } }, - "required": [ - "MaxValue", - "MinValue" - ], "type": "object" }, - "AWS::Connect::EvaluationForm.EvaluationFormNumericQuestionProperties": { + "AWS::CodeBuild::Project.ProjectCache": { "additionalProperties": false, "properties": { - "Automation": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormNumericQuestionAutomation", - "markdownDescription": "The automation properties of the numeric question.", - "title": "Automation" - }, - "MaxValue": { - "markdownDescription": "The maximum answer value.", - "title": "MaxValue", - "type": "number" + "CacheNamespace": { + "markdownDescription": "Defines the scope of the cache. You can use this namespace to share a cache across multiple projects. For more information, see [Cache sharing between projects](https://docs.aws.amazon.com/codebuild/latest/userguide/caching-s3.html#caching-s3-sharing) in the *AWS CodeBuild User Guide* .", + "title": "CacheNamespace", + "type": "string" }, - "MinValue": { - "markdownDescription": "The minimum answer value.", - "title": "MinValue", - "type": "number" + "Location": { + "markdownDescription": "Information about the cache location:\n\n- `NO_CACHE` or `LOCAL` : This value is ignored.\n- `S3` : This is the S3 bucket name/prefix.", + "title": "Location", + "type": "string" }, - "Options": { + "Modes": { "items": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormNumericQuestionOption" + "type": "string" }, - "markdownDescription": "The scoring options of the numeric question.", - "title": "Options", + "markdownDescription": "An array of strings that specify the local cache modes. You can use one or more local cache modes at the same time. This is only used for `LOCAL` cache types.\n\nPossible values are:\n\n- **LOCAL_SOURCE_CACHE** - Caches Git metadata for primary and secondary sources. After the cache is created, subsequent builds pull only the change between commits. This mode is a good choice for projects with a clean working directory and a source that is a large Git repository. If you choose this option and your project does not use a Git repository (GitHub, GitHub Enterprise, or Bitbucket), the option is ignored.\n- **LOCAL_DOCKER_LAYER_CACHE** - Caches existing Docker layers. This mode is a good choice for projects that build or pull large Docker images. It can prevent the performance issues caused by pulling large Docker images down from the network.\n\n> - You can use a Docker layer cache in the Linux environment only.\n> - The `privileged` flag must be set so that your project has the required Docker permissions.\n> - You should consider the security implications before you use a Docker layer cache.\n- **LOCAL_CUSTOM_CACHE** - Caches directories you specify in the buildspec file. This mode is a good choice if your build scenario is not suited to one of the other three local cache modes. If you use a custom cache:\n\n- Only directories can be specified for caching. You cannot specify individual files.\n- Symlinks are used to reference cached directories.\n- Cached directories are linked to your build before it downloads its project sources. Cached items are overridden if a source item has the same name. Directories are specified using cache paths in the buildspec file.", + "title": "Modes", "type": "array" + }, + "Type": { + "markdownDescription": "The type of cache used by the build project. Valid values include:\n\n- `NO_CACHE` : The build project does not use any cache.\n- `S3` : The build project reads and writes from and to S3.\n- `LOCAL` : The build project stores a cache locally on a build host that is only available to that build host.", + "title": "Type", + "type": "string" } }, "required": [ - "MaxValue", - "MinValue" + "Type" ], "type": "object" }, - "AWS::Connect::EvaluationForm.EvaluationFormQuestion": { + "AWS::CodeBuild::Project.ProjectFileSystemLocation": { "additionalProperties": false, "properties": { - "Instructions": { - "markdownDescription": "The instructions of the section.\n\n*Length Constraints* : Minimum length of 0. Maximum length of 1024.", - "title": "Instructions", + "Identifier": { + "markdownDescription": "The name used to access a file system created by Amazon EFS. CodeBuild creates an environment variable by appending the `identifier` in all capital letters to `CODEBUILD_` . For example, if you specify `my_efs` for `identifier` , a new environment variable is create named `CODEBUILD_MY_EFS` .\n\nThe `identifier` is used to mount your file system.", + "title": "Identifier", "type": "string" }, - "NotApplicableEnabled": { - "markdownDescription": "The flag to enable not applicable answers to the question.", - "title": "NotApplicableEnabled", - "type": "boolean" - }, - "QuestionType": { - "markdownDescription": "The type of the question.\n\n*Allowed values* : `NUMERIC` | `SINGLESELECT` | `TEXT`", - "title": "QuestionType", + "Location": { + "markdownDescription": "A string that specifies the location of the file system created by Amazon EFS. Its format is `efs-dns-name:/directory-path` . You can find the DNS name of file system when you view it in the Amazon EFS console. The directory path is a path to a directory in the file system that CodeBuild mounts. For example, if the DNS name of a file system is `fs-abcd1234.efs.us-west-2.amazonaws.com` , and its mount directory is `my-efs-mount-directory` , then the `location` is `fs-abcd1234.efs.us-west-2.amazonaws.com:/my-efs-mount-directory` .\n\nThe directory path in the format `efs-dns-name:/directory-path` is optional. If you do not specify a directory path, the location is only the DNS name and CodeBuild mounts the entire file system.", + "title": "Location", "type": "string" }, - "QuestionTypeProperties": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormQuestionTypeProperties", - "markdownDescription": "The properties of the type of question. Text questions do not have to define question type properties.", - "title": "QuestionTypeProperties" - }, - "RefId": { - "markdownDescription": "The identifier of the question. An identifier must be unique within the evaluation form.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 40.", - "title": "RefId", + "MountOptions": { + "markdownDescription": "The mount options for a file system created by Amazon EFS. The default mount options used by CodeBuild are `nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2` . For more information, see [Recommended NFS Mount Options](https://docs.aws.amazon.com/efs/latest/ug/mounting-fs-nfs-mount-settings.html) .", + "title": "MountOptions", "type": "string" }, - "Title": { - "markdownDescription": "The title of the question.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 350.", - "title": "Title", + "MountPoint": { + "markdownDescription": "The location in the container where you mount the file system.", + "title": "MountPoint", "type": "string" }, - "Weight": { - "markdownDescription": "The scoring weight of the section.\n\n*Minimum* : 0\n\n*Maximum* : 100", - "title": "Weight", - "type": "number" + "Type": { + "markdownDescription": "The type of the file system. The one supported type is `EFS` .", + "title": "Type", + "type": "string" } }, "required": [ - "QuestionType", - "RefId", - "Title" + "Identifier", + "Location", + "MountPoint", + "Type" ], "type": "object" }, - "AWS::Connect::EvaluationForm.EvaluationFormQuestionTypeProperties": { + "AWS::CodeBuild::Project.ProjectFleet": { "additionalProperties": false, "properties": { - "Numeric": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormNumericQuestionProperties", - "markdownDescription": "The properties of the numeric question.", - "title": "Numeric" - }, - "SingleSelect": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionProperties", - "markdownDescription": "The properties of the numeric question.", - "title": "SingleSelect" + "FleetArn": { + "markdownDescription": "Specifies the compute fleet ARN for the build project.", + "title": "FleetArn", + "type": "string" } }, "type": "object" }, - "AWS::Connect::EvaluationForm.EvaluationFormSection": { + "AWS::CodeBuild::Project.ProjectSourceVersion": { "additionalProperties": false, "properties": { - "Instructions": { - "markdownDescription": "The instructions of the section.", - "title": "Instructions", - "type": "string" - }, - "Items": { - "items": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormItem" - }, - "markdownDescription": "The items of the section.\n\n*Minimum* : 1", - "title": "Items", - "type": "array" - }, - "RefId": { - "markdownDescription": "The identifier of the section. An identifier must be unique within the evaluation form.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 40.", - "title": "RefId", + "SourceIdentifier": { + "markdownDescription": "An identifier for a source in the build project. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.", + "title": "SourceIdentifier", "type": "string" }, - "Title": { - "markdownDescription": "The title of the section.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 128.", - "title": "Title", + "SourceVersion": { + "markdownDescription": "The source version for the corresponding source identifier. If specified, must be one of:\n\n- For CodeCommit: the commit ID, branch, or Git tag to use.\n- For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format `pr/pull-request-ID` (for example, `pr/25` ). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.\n- For GitLab: the commit ID, branch, or Git tag to use.\n- For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.\n- For Amazon S3: the version ID of the object that represents the build input ZIP file to use.\n\nFor more information, see [Source Version Sample with CodeBuild](https://docs.aws.amazon.com/codebuild/latest/userguide/sample-source-version.html) in the *AWS CodeBuild User Guide* .", + "title": "SourceVersion", "type": "string" - }, - "Weight": { - "markdownDescription": "The scoring weight of the section.\n\n*Minimum* : 0\n\n*Maximum* : 100", - "title": "Weight", - "type": "number" } }, "required": [ - "RefId", - "Title" + "SourceIdentifier" ], "type": "object" }, - "AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionAutomation": { + "AWS::CodeBuild::Project.ProjectTriggers": { "additionalProperties": false, "properties": { - "DefaultOptionRefId": { - "markdownDescription": "The identifier of the default answer option, when none of the automation options match the criteria.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 40.", - "title": "DefaultOptionRefId", + "BuildType": { + "markdownDescription": "Specifies the type of build this webhook will trigger. Allowed values are:\n\n- **BUILD** - A single build\n- **BUILD_BATCH** - A batch build", + "title": "BuildType", "type": "string" }, - "Options": { + "FilterGroups": { "items": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionAutomationOption" + "$ref": "#/definitions/AWS::CodeBuild::Project.FilterGroup" }, - "markdownDescription": "The automation options of the single select question.\n\n*Minimum* : 1\n\n*Maximum* : 20", - "title": "Options", + "markdownDescription": "A list of lists of `WebhookFilter` objects used to determine which webhook events are triggered. At least one `WebhookFilter` in the array must specify `EVENT` as its type.", + "title": "FilterGroups", "type": "array" + }, + "ScopeConfiguration": { + "$ref": "#/definitions/AWS::CodeBuild::Project.ScopeConfiguration", + "markdownDescription": "Contains configuration information about the scope for a webhook.", + "title": "ScopeConfiguration" + }, + "Webhook": { + "markdownDescription": "Specifies whether or not to begin automatically rebuilding the source code every time a code change is pushed to the repository.", + "title": "Webhook", + "type": "boolean" } }, - "required": [ - "Options" - ], "type": "object" }, - "AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionAutomationOption": { + "AWS::CodeBuild::Project.RegistryCredential": { "additionalProperties": false, "properties": { - "RuleCategory": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.SingleSelectQuestionRuleCategoryAutomation", - "markdownDescription": "The automation option based on a rule category for the single select question.", - "title": "RuleCategory" + "Credential": { + "markdownDescription": "The Amazon Resource Name (ARN) or name of credentials created using AWS Secrets Manager .\n\n> The `credential` can use the name of the credentials only if they exist in your current AWS Region .", + "title": "Credential", + "type": "string" + }, + "CredentialProvider": { + "markdownDescription": "The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for AWS Secrets Manager .", + "title": "CredentialProvider", + "type": "string" } }, "required": [ - "RuleCategory" + "Credential", + "CredentialProvider" ], "type": "object" }, - "AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionOption": { + "AWS::CodeBuild::Project.S3LogsConfig": { "additionalProperties": false, "properties": { - "AutomaticFail": { - "markdownDescription": "The flag to mark the option as automatic fail. If an automatic fail answer is provided, the overall evaluation gets a score of 0.", - "title": "AutomaticFail", + "EncryptionDisabled": { + "markdownDescription": "Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted.", + "title": "EncryptionDisabled", "type": "boolean" }, - "RefId": { - "markdownDescription": "The identifier of the answer option. An identifier must be unique within the question.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 40.", - "title": "RefId", + "Location": { + "markdownDescription": "The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is `my-bucket` , and your path prefix is `build-log` , then acceptable formats are `my-bucket/build-log` or `arn:aws:s3:::my-bucket/build-log` .", + "title": "Location", "type": "string" }, - "Score": { - "markdownDescription": "The score assigned to the answer option.\n\n*Minimum* : 0\n\n*Maximum* : 10", - "title": "Score", - "type": "number" - }, - "Text": { - "markdownDescription": "The title of the answer option.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 128.", - "title": "Text", + "Status": { + "markdownDescription": "The current status of the S3 build logs. Valid values are:\n\n- `ENABLED` : S3 build logs are enabled for this build project.\n- `DISABLED` : S3 build logs are not enabled for this build project.", + "title": "Status", "type": "string" } }, "required": [ - "RefId", - "Text" + "Status" ], "type": "object" }, - "AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionProperties": { + "AWS::CodeBuild::Project.ScopeConfiguration": { "additionalProperties": false, "properties": { - "Automation": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionAutomation", - "markdownDescription": "The display mode of the single select question.", - "title": "Automation" + "Domain": { + "markdownDescription": "The domain of the GitHub Enterprise organization or the GitLab Self Managed group. Note that this parameter is only required if your project's source type is GITHUB_ENTERPRISE or GITLAB_SELF_MANAGED.", + "title": "Domain", + "type": "string" }, - "DisplayAs": { - "markdownDescription": "The display mode of the single select question.\n\n*Allowed values* : `DROPDOWN` | `RADIO`", - "title": "DisplayAs", + "Name": { + "markdownDescription": "The name of either the enterprise or organization that will send webhook events to CodeBuild , depending on if the webhook is a global or organization webhook respectively.", + "title": "Name", "type": "string" }, - "Options": { - "items": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionOption" - }, - "markdownDescription": "The answer options of the single select question.\n\n*Minimum* : 2\n\n*Maximum* : 256", - "title": "Options", - "type": "array" + "Scope": { + "markdownDescription": "The type of scope for a GitHub or GitLab webhook. The scope default is GITHUB_ORGANIZATION.", + "title": "Scope", + "type": "string" } }, "required": [ - "Options" + "Name" ], "type": "object" }, - "AWS::Connect::EvaluationForm.NumericQuestionPropertyValueAutomation": { + "AWS::CodeBuild::Project.Source": { "additionalProperties": false, "properties": { - "Label": { - "markdownDescription": "The property label of the automation.", - "title": "Label", + "Auth": { + "$ref": "#/definitions/AWS::CodeBuild::Project.SourceAuth", + "markdownDescription": "Information about the authorization settings for AWS CodeBuild to access the source code to be built.", + "title": "Auth" + }, + "BuildSpec": { + "markdownDescription": "The build specification for the project. If this value is not provided, then the source code must contain a buildspec file named `buildspec.yml` at the root level. If this value is provided, it can be either a single string containing the entire build specification, or the path to an alternate buildspec file relative to the value of the built-in environment variable `CODEBUILD_SRC_DIR` . The alternate buildspec file can have a name other than `buildspec.yml` , for example `myspec.yml` or `build_spec_qa.yml` or similar. For more information, see the [Build Spec Reference](https://docs.aws.amazon.com/codebuild/latest/userguide/build-spec-ref.html#build-spec-ref-example) in the *AWS CodeBuild User Guide* .", + "title": "BuildSpec", + "type": "string" + }, + "BuildStatusConfig": { + "$ref": "#/definitions/AWS::CodeBuild::Project.BuildStatusConfig", + "markdownDescription": "Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is `GITHUB` , `GITHUB_ENTERPRISE` , or `BITBUCKET` .", + "title": "BuildStatusConfig" + }, + "GitCloneDepth": { + "markdownDescription": "The depth of history to download. Minimum value is 0. If this value is 0, greater than 25, or not provided, then the full history is downloaded with each build project. If your source type is Amazon S3, this value is not supported.", + "title": "GitCloneDepth", + "type": "number" + }, + "GitSubmodulesConfig": { + "$ref": "#/definitions/AWS::CodeBuild::Project.GitSubmodulesConfig", + "markdownDescription": "Information about the Git submodules configuration for the build project.", + "title": "GitSubmodulesConfig" + }, + "InsecureSsl": { + "markdownDescription": "This is used with GitHub Enterprise only. Set to true to ignore SSL warnings while connecting to your GitHub Enterprise project repository. The default value is `false` . `InsecureSsl` should be used for testing purposes only. It should not be used in a production environment.", + "title": "InsecureSsl", + "type": "boolean" + }, + "Location": { + "markdownDescription": "Information about the location of the source code to be built. Valid values include:\n\n- For source code settings that are specified in the source action of a pipeline in CodePipeline, `location` should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value.\n- For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, `https://git-codecommit..amazonaws.com/v1/repos/` ).\n- For source code in an Amazon S3 input bucket, one of the following.\n\n- The path to the ZIP file that contains the source code (for example, `//.zip` ).\n- The path to the folder that contains the source code (for example, `///` ).\n- For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your AWS account to your GitHub account. Use the AWS CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub *Authorize application* page, for *Organization access* , choose *Request access* next to each repository you want to allow AWS CodeBuild to have access to, and then choose *Authorize application* . (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the AWS CodeBuild console.) To instruct AWS CodeBuild to use this connection, in the `source` object, set the `auth` object's `type` value to `OAUTH` .\n- For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your AWS account to your GitLab account. Use the AWS CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections *Authorize application* page, choose *Authorize* . Then on the AWS CodeConnections *Create GitLab connection* page, choose *Connect to GitLab* . (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the AWS CodeBuild console.) To instruct AWS CodeBuild to override the default connection and use this connection instead, set the `auth` object's `type` value to `CODECONNECTIONS` in the `source` object.\n- For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your AWS account to your Bitbucket account. Use the AWS CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket *Confirm access to your account* page, choose *Grant access* . (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the AWS CodeBuild console.) To instruct AWS CodeBuild to use this connection, in the `source` object, set the `auth` object's `type` value to `OAUTH` .\n\nIf you specify `CODEPIPELINE` for the `Type` property, don't specify this property. For all of the other types, you must specify `Location` .", + "title": "Location", + "type": "string" + }, + "ReportBuildStatus": { + "markdownDescription": "Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an `invalidInputException` is thrown.", + "title": "ReportBuildStatus", + "type": "boolean" + }, + "SourceIdentifier": { + "markdownDescription": "An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.", + "title": "SourceIdentifier", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of repository that contains the source code to be built. Valid values include:\n\n- `BITBUCKET` : The source code is in a Bitbucket repository.\n- `CODECOMMIT` : The source code is in an CodeCommit repository.\n- `CODEPIPELINE` : The source code settings are specified in the source action of a pipeline in CodePipeline.\n- `GITHUB` : The source code is in a GitHub repository.\n- `GITHUB_ENTERPRISE` : The source code is in a GitHub Enterprise Server repository.\n- `GITLAB` : The source code is in a GitLab repository.\n- `GITLAB_SELF_MANAGED` : The source code is in a self-managed GitLab repository.\n- `NO_SOURCE` : The project does not have input source code.\n- `S3` : The source code is in an Amazon S3 bucket.", + "title": "Type", "type": "string" } }, "required": [ - "Label" + "Type" ], "type": "object" }, - "AWS::Connect::EvaluationForm.ScoringStrategy": { + "AWS::CodeBuild::Project.SourceAuth": { "additionalProperties": false, "properties": { - "Mode": { - "markdownDescription": "The scoring mode of the evaluation form.\n\n*Allowed values* : `QUESTION_ONLY` | `SECTION_ONLY`", - "title": "Mode", + "Resource": { + "markdownDescription": "The resource value that applies to the specified authorization type.", + "title": "Resource", "type": "string" }, - "Status": { - "markdownDescription": "The scoring status of the evaluation form.\n\n*Allowed values* : `ENABLED` | `DISABLED`", - "title": "Status", + "Type": { + "markdownDescription": "The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.", + "title": "Type", "type": "string" } }, "required": [ - "Mode", - "Status" + "Type" ], "type": "object" }, - "AWS::Connect::EvaluationForm.SingleSelectQuestionRuleCategoryAutomation": { + "AWS::CodeBuild::Project.VpcConfig": { "additionalProperties": false, "properties": { - "Category": { - "markdownDescription": "The category name, as defined in Rules.\n\n*Minimum* : 1\n\n*Maximum* : 50", - "title": "Category", + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of one or more security groups IDs in your Amazon VPC. The maximum count is 5.", + "title": "SecurityGroupIds", + "type": "array" + }, + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of one or more subnet IDs in your Amazon VPC. The maximum count is 16.", + "title": "Subnets", + "type": "array" + }, + "VpcId": { + "markdownDescription": "The ID of the Amazon VPC.", + "title": "VpcId", "type": "string" + } + }, + "type": "object" + }, + "AWS::CodeBuild::Project.WebhookFilter": { + "additionalProperties": false, + "properties": { + "ExcludeMatchedPattern": { + "markdownDescription": "Used to indicate that the `pattern` determines which webhook events do not trigger a build. If true, then a webhook event that does not match the `pattern` triggers a build. If false, then a webhook event that matches the `pattern` triggers a build.", + "title": "ExcludeMatchedPattern", + "type": "boolean" }, - "Condition": { - "markdownDescription": "The condition to apply for the automation option. If the condition is PRESENT, then the option is applied when the contact data includes the category. Similarly, if the condition is NOT_PRESENT, then the option is applied when the contact data does not include the category.\n\n*Allowed values* : `PRESENT` | `NOT_PRESENT`\n\n*Maximum* : 50", - "title": "Condition", + "Pattern": { + "markdownDescription": "For a `WebHookFilter` that uses `EVENT` type, a comma-separated string that specifies one or more events. For example, the webhook filter `PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED` allows all push, pull request created, and pull request updated events to trigger a build.\n\nFor a `WebHookFilter` that uses any of the other filter types, a regular expression pattern. For example, a `WebHookFilter` that uses `HEAD_REF` for its `type` and the pattern `^refs/heads/` triggers a build when the head reference is a branch with a reference name `refs/heads/branch-name` .", + "title": "Pattern", "type": "string" }, - "OptionRefId": { - "markdownDescription": "The identifier of the answer option. An identifier must be unique within the question.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 40.", - "title": "OptionRefId", + "Type": { + "markdownDescription": "The type of webhook filter. There are 11 webhook filter types: `EVENT` , `ACTOR_ACCOUNT_ID` , `HEAD_REF` , `BASE_REF` , `FILE_PATH` , `COMMIT_MESSAGE` , `TAG_NAME` , `RELEASE_NAME` , `REPOSITORY_NAME` , `ORGANIZATION_NAME` , and `WORKFLOW_NAME` .\n\n- EVENT\n\n- A webhook event triggers a build when the provided `pattern` matches one of nine event types: `PUSH` , `PULL_REQUEST_CREATED` , `PULL_REQUEST_UPDATED` , `PULL_REQUEST_CLOSED` , `PULL_REQUEST_REOPENED` , `PULL_REQUEST_MERGED` , `RELEASED` , `PRERELEASED` , and `WORKFLOW_JOB_QUEUED` . The `EVENT` patterns are specified as a comma-separated string. For example, `PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED` filters all push, pull request created, and pull request updated events.\n\n> Types `PULL_REQUEST_REOPENED` and `WORKFLOW_JOB_QUEUED` work with GitHub and GitHub Enterprise only. Types `RELEASED` and `PRERELEASED` work with GitHub only.\n- ACTOR_ACCOUNT_ID\n\n- A webhook event triggers a build when a GitHub, GitHub Enterprise, or Bitbucket account ID matches the regular expression `pattern` .\n- HEAD_REF\n\n- A webhook event triggers a build when the head reference matches the regular expression `pattern` . For example, `refs/heads/branch-name` and `refs/tags/tag-name` .\n\n> Works with GitHub and GitHub Enterprise push, GitHub and GitHub Enterprise pull request, Bitbucket push, and Bitbucket pull request events.\n- BASE_REF\n\n- A webhook event triggers a build when the base reference matches the regular expression `pattern` . For example, `refs/heads/branch-name` .\n\n> Works with pull request events only.\n- FILE_PATH\n\n- A webhook triggers a build when the path of a changed file matches the regular expression `pattern` .\n\n> Works with push and pull request events only.\n- COMMIT_MESSAGE\n\n- A webhook triggers a build when the head commit message matches the regular expression `pattern` .\n\n> Works with push and pull request events only.\n- TAG_NAME\n\n- A webhook triggers a build when the tag name of the release matches the regular expression `pattern` .\n\n> Works with `RELEASED` and `PRERELEASED` events only.\n- RELEASE_NAME\n\n- A webhook triggers a build when the release name matches the regular expression `pattern` .\n\n> Works with `RELEASED` and `PRERELEASED` events only.\n- REPOSITORY_NAME\n\n- A webhook triggers a build when the repository name matches the regular expression `pattern` .\n\n> Works with GitHub global or organization webhooks only.\n- ORGANIZATION_NAME\n\n- A webhook triggers a build when the organization name matches the regular expression `pattern` .\n\n> Works with GitHub global webhooks only.\n- WORKFLOW_NAME\n\n- A webhook triggers a build when the workflow name matches the regular expression `pattern` .\n\n> Works with `WORKFLOW_JOB_QUEUED` events only. > For CodeBuild-hosted Buildkite runner builds, WORKFLOW_NAME filters will filter by pipeline name.", + "title": "Type", "type": "string" } }, "required": [ - "Category", - "Condition", - "OptionRefId" + "Pattern", + "Type" ], "type": "object" }, - "AWS::Connect::HoursOfOperation": { + "AWS::CodeBuild::ReportGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -50391,26 +55999,18 @@ "Properties": { "additionalProperties": false, "properties": { - "Config": { - "items": { - "$ref": "#/definitions/AWS::Connect::HoursOfOperation.HoursOfOperationConfig" - }, - "markdownDescription": "Configuration information for the hours of operation.", - "title": "Config", - "type": "array" - }, - "Description": { - "markdownDescription": "The description for the hours of operation.", - "title": "Description", - "type": "string" + "DeleteReports": { + "markdownDescription": "When deleting a report group, specifies if reports within the report group should be deleted.\n\n- **true** - Deletes any reports that belong to the report group before deleting the report group.\n- **false** - You must delete any reports in the report group. This is the default value. If you delete a report group that contains one or more reports, an exception is thrown.", + "title": "DeleteReports", + "type": "boolean" }, - "InstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", - "title": "InstanceArn", - "type": "string" + "ExportConfig": { + "$ref": "#/definitions/AWS::CodeBuild::ReportGroup.ReportExportConfig", + "markdownDescription": "Information about the destination where the raw data of this `ReportGroup` is exported.", + "title": "ExportConfig" }, "Name": { - "markdownDescription": "The name for the hours of operation.", + "markdownDescription": "The name of the `ReportGroup` .", "title": "Name", "type": "string" }, @@ -50418,27 +56018,25 @@ "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"Tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "markdownDescription": "A list of tag key and value pairs associated with this report group.\n\nThese tags are available for use by AWS services that support AWS CodeBuild report group tags.", "title": "Tags", "type": "array" }, - "TimeZone": { - "markdownDescription": "The time zone for the hours of operation.", - "title": "TimeZone", + "Type": { + "markdownDescription": "The type of the `ReportGroup` . This can be one of the following values:\n\n- **CODE_COVERAGE** - The report group contains code coverage reports.\n- **TEST** - The report group contains test reports.", + "title": "Type", "type": "string" } }, "required": [ - "Config", - "InstanceArn", - "Name", - "TimeZone" + "ExportConfig", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::HoursOfOperation" + "AWS::CodeBuild::ReportGroup" ], "type": "string" }, @@ -50457,53 +56055,65 @@ ], "type": "object" }, - "AWS::Connect::HoursOfOperation.HoursOfOperationConfig": { + "AWS::CodeBuild::ReportGroup.ReportExportConfig": { "additionalProperties": false, "properties": { - "Day": { - "markdownDescription": "The day that the hours of operation applies to.", - "title": "Day", + "ExportConfigType": { + "markdownDescription": "The export configuration type. Valid values are:\n\n- `S3` : The report results are exported to an S3 bucket.\n- `NO_EXPORT` : The report results are not exported.", + "title": "ExportConfigType", "type": "string" }, - "EndTime": { - "$ref": "#/definitions/AWS::Connect::HoursOfOperation.HoursOfOperationTimeSlice", - "markdownDescription": "The end time that your contact center closes.", - "title": "EndTime" - }, - "StartTime": { - "$ref": "#/definitions/AWS::Connect::HoursOfOperation.HoursOfOperationTimeSlice", - "markdownDescription": "The start time that your contact center opens.", - "title": "StartTime" + "S3Destination": { + "$ref": "#/definitions/AWS::CodeBuild::ReportGroup.S3ReportExportConfig", + "markdownDescription": "A `S3ReportExportConfig` object that contains information about the S3 bucket where the run of a report is exported.", + "title": "S3Destination" } }, "required": [ - "Day", - "EndTime", - "StartTime" + "ExportConfigType" ], "type": "object" }, - "AWS::Connect::HoursOfOperation.HoursOfOperationTimeSlice": { + "AWS::CodeBuild::ReportGroup.S3ReportExportConfig": { "additionalProperties": false, "properties": { - "Hours": { - "markdownDescription": "The hours.", - "title": "Hours", - "type": "number" + "Bucket": { + "markdownDescription": "The name of the S3 bucket where the raw data of a report are exported.", + "title": "Bucket", + "type": "string" }, - "Minutes": { - "markdownDescription": "The minutes.", - "title": "Minutes", - "type": "number" - } - }, - "required": [ - "Hours", - "Minutes" + "BucketOwner": { + "markdownDescription": "The AWS account identifier of the owner of the Amazon S3 bucket. This allows report data to be exported to an Amazon S3 bucket that is owned by an account other than the account running the build.", + "title": "BucketOwner", + "type": "string" + }, + "EncryptionDisabled": { + "markdownDescription": "A boolean value that specifies if the results of a report are encrypted.", + "title": "EncryptionDisabled", + "type": "boolean" + }, + "EncryptionKey": { + "markdownDescription": "The encryption key for the report's encrypted raw data.", + "title": "EncryptionKey", + "type": "string" + }, + "Packaging": { + "markdownDescription": "The type of build output artifact to create. Valid values include:\n\n- `NONE` : CodeBuild creates the raw data in the output bucket. This is the default if packaging is not specified.\n- `ZIP` : CodeBuild creates a ZIP file with the raw data in the output bucket.", + "title": "Packaging", + "type": "string" + }, + "Path": { + "markdownDescription": "The path to the exported report's raw data results.", + "title": "Path", + "type": "string" + } + }, + "required": [ + "Bucket" ], "type": "object" }, - "AWS::Connect::Instance": { + "AWS::CodeBuild::SourceCredential": { "additionalProperties": false, "properties": { "Condition": { @@ -50538,44 +56148,37 @@ "Properties": { "additionalProperties": false, "properties": { - "Attributes": { - "$ref": "#/definitions/AWS::Connect::Instance.Attributes", - "markdownDescription": "A toggle for an individual feature at the instance level.", - "title": "Attributes" - }, - "DirectoryId": { - "markdownDescription": "The identifier for the directory.", - "title": "DirectoryId", + "AuthType": { + "markdownDescription": "The type of authentication used by the credentials. Valid options are OAUTH, BASIC_AUTH, PERSONAL_ACCESS_TOKEN, CODECONNECTIONS, or SECRETS_MANAGER.", + "title": "AuthType", "type": "string" }, - "IdentityManagementType": { - "markdownDescription": "The identity management type.", - "title": "IdentityManagementType", + "ServerType": { + "markdownDescription": "The type of source provider. The valid options are GITHUB, GITHUB_ENTERPRISE, GITLAB, GITLAB_SELF_MANAGED, or BITBUCKET.", + "title": "ServerType", "type": "string" }, - "InstanceAlias": { - "markdownDescription": "The alias of instance. `InstanceAlias` is only required when `IdentityManagementType` is `CONNECT_MANAGED` or `SAML` . `InstanceAlias` is not required when `IdentityManagementType` is `EXISTING_DIRECTORY` .", - "title": "InstanceAlias", + "Token": { + "markdownDescription": "For GitHub or GitHub Enterprise, this is the personal access token. For Bitbucket, this is either the access token or the app password. For the `authType` CODECONNECTIONS, this is the `connectionArn` . For the `authType` SECRETS_MANAGER, this is the `secretArn` .", + "title": "Token", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.", - "title": "Tags", - "type": "array" + "Username": { + "markdownDescription": "The Bitbucket username when the `authType` is BASIC_AUTH. This parameter is not valid for other types of source providers or connections.", + "title": "Username", + "type": "string" } }, "required": [ - "Attributes", - "IdentityManagementType" + "AuthType", + "ServerType", + "Token" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::Instance" + "AWS::CodeBuild::SourceCredential" ], "type": "string" }, @@ -50594,52 +56197,7 @@ ], "type": "object" }, - "AWS::Connect::Instance.Attributes": { - "additionalProperties": false, - "properties": { - "AutoResolveBestVoices": { - "markdownDescription": "", - "title": "AutoResolveBestVoices", - "type": "boolean" - }, - "ContactLens": { - "markdownDescription": "", - "title": "ContactLens", - "type": "boolean" - }, - "ContactflowLogs": { - "markdownDescription": "", - "title": "ContactflowLogs", - "type": "boolean" - }, - "EarlyMedia": { - "markdownDescription": "", - "title": "EarlyMedia", - "type": "boolean" - }, - "InboundCalls": { - "markdownDescription": "", - "title": "InboundCalls", - "type": "boolean" - }, - "OutboundCalls": { - "markdownDescription": "", - "title": "OutboundCalls", - "type": "boolean" - }, - "UseCustomTTSVoices": { - "markdownDescription": "", - "title": "UseCustomTTSVoices", - "type": "boolean" - } - }, - "required": [ - "InboundCalls", - "OutboundCalls" - ], - "type": "object" - }, - "AWS::Connect::InstanceStorageConfig": { + "AWS::CodeCommit::Repository": { "additionalProperties": false, "properties": { "Condition": { @@ -50674,52 +56232,51 @@ "Properties": { "additionalProperties": false, "properties": { - "InstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", - "title": "InstanceArn", - "type": "string" - }, - "KinesisFirehoseConfig": { - "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig.KinesisFirehoseConfig", - "markdownDescription": "The configuration of the Kinesis Firehose delivery stream.", - "title": "KinesisFirehoseConfig" + "Code": { + "$ref": "#/definitions/AWS::CodeCommit::Repository.Code", + "markdownDescription": "Information about code to be committed to a repository after it is created in an AWS CloudFormation stack. Information about code is only used in resource creation. Updates to a stack will not reflect changes made to code properties after initial resource creation.\n\n> You can only use this property to add code when creating a repository with a AWS CloudFormation template at creation time. This property cannot be used for updating code to an existing repository.", + "title": "Code" }, - "KinesisStreamConfig": { - "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig.KinesisStreamConfig", - "markdownDescription": "The configuration of the Kinesis data stream.", - "title": "KinesisStreamConfig" + "KmsKeyId": { + "markdownDescription": "The ID of the AWS Key Management Service encryption key used to encrypt and decrypt the repository.\n\n> The input can be the full ARN, the key ID, or the key alias. For more information, see [Finding the key ID and key ARN](https://docs.aws.amazon.com/kms/latest/developerguide/find-cmk-id-arn.html) .", + "title": "KmsKeyId", + "type": "string" }, - "KinesisVideoStreamConfig": { - "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig.KinesisVideoStreamConfig", - "markdownDescription": "The configuration of the Kinesis video stream.", - "title": "KinesisVideoStreamConfig" + "RepositoryDescription": { + "markdownDescription": "A comment or description about the new repository.\n\n> The description field for a repository accepts all HTML characters and all valid Unicode characters. Applications that do not HTML-encode the description and display it in a webpage can expose users to potentially malicious code. Make sure that you HTML-encode the description field in any application that uses this API to display the repository description on a webpage.", + "title": "RepositoryDescription", + "type": "string" }, - "ResourceType": { - "markdownDescription": "A valid resource type. Following are the valid resource types: `CHAT_TRANSCRIPTS` | `CALL_RECORDINGS` | `SCHEDULED_REPORTS` | `MEDIA_STREAMS` | `CONTACT_TRACE_RECORDS` | `AGENT_EVENTS`", - "title": "ResourceType", + "RepositoryName": { + "markdownDescription": "The name of the new repository to be created.\n\n> The repository name must be unique across the calling AWS account . Repository names are limited to 100 alphanumeric, dash, and underscore characters, and cannot include certain characters. For more information about the limits on repository names, see [Quotas](https://docs.aws.amazon.com/codecommit/latest/userguide/limits.html) in the *AWS CodeCommit User Guide* . The suffix .git is prohibited.", + "title": "RepositoryName", "type": "string" }, - "S3Config": { - "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig.S3Config", - "markdownDescription": "The S3 bucket configuration.", - "title": "S3Config" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "One or more tag key-value pairs to use when tagging this repository.", + "title": "Tags", + "type": "array" }, - "StorageType": { - "markdownDescription": "A valid storage type.", - "title": "StorageType", - "type": "string" + "Triggers": { + "items": { + "$ref": "#/definitions/AWS::CodeCommit::Repository.RepositoryTrigger" + }, + "markdownDescription": "The JSON block of configuration information for each trigger.", + "title": "Triggers", + "type": "array" } }, "required": [ - "InstanceArn", - "ResourceType", - "StorageType" + "RepositoryName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::InstanceStorageConfig" + "AWS::CodeCommit::Repository" ], "type": "string" }, @@ -50738,185 +56295,93 @@ ], "type": "object" }, - "AWS::Connect::InstanceStorageConfig.EncryptionConfig": { + "AWS::CodeCommit::Repository.Code": { "additionalProperties": false, "properties": { - "EncryptionType": { - "markdownDescription": "The type of encryption.", - "title": "EncryptionType", + "BranchName": { + "markdownDescription": "Optional. Specifies a branch name to be used as the default branch when importing code into a repository on initial creation. If this property is not set, the name *main* will be used for the default branch for the repository. Changes to this property are ignored after initial resource creation. We recommend using this parameter to set the name to *main* to align with the default behavior of CodeCommit unless another name is needed.", + "title": "BranchName", "type": "string" }, - "KeyId": { - "markdownDescription": "The full ARN of the encryption key.\n\n> Be sure to provide the full ARN of the encryption key, not just the ID.\n> \n> Amazon Connect supports only KMS keys with the default key spec of [`SYMMETRIC_DEFAULT`](https://docs.aws.amazon.com/kms/latest/developerguide/asymmetric-key-specs.html#key-spec-symmetric-default) .", - "title": "KeyId", - "type": "string" - } - }, - "required": [ - "EncryptionType", - "KeyId" - ], - "type": "object" - }, - "AWS::Connect::InstanceStorageConfig.KinesisFirehoseConfig": { - "additionalProperties": false, - "properties": { - "FirehoseArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the delivery stream.", - "title": "FirehoseArn", - "type": "string" - } - }, - "required": [ - "FirehoseArn" - ], - "type": "object" - }, - "AWS::Connect::InstanceStorageConfig.KinesisStreamConfig": { - "additionalProperties": false, - "properties": { - "StreamArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the data stream.", - "title": "StreamArn", - "type": "string" + "S3": { + "$ref": "#/definitions/AWS::CodeCommit::Repository.S3", + "markdownDescription": "Information about the Amazon S3 bucket that contains a ZIP file of code to be committed to the repository. Changes to this property are ignored after initial resource creation.", + "title": "S3" } }, "required": [ - "StreamArn" + "S3" ], "type": "object" }, - "AWS::Connect::InstanceStorageConfig.KinesisVideoStreamConfig": { + "AWS::CodeCommit::Repository.RepositoryTrigger": { "additionalProperties": false, "properties": { - "EncryptionConfig": { - "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig.EncryptionConfig", - "markdownDescription": "The encryption configuration.", - "title": "EncryptionConfig" + "Branches": { + "items": { + "type": "string" + }, + "markdownDescription": "The branches to be included in the trigger configuration. If you specify an empty array, the trigger applies to all branches.\n\n> Although no content is required in the array, you must include the array itself.", + "title": "Branches", + "type": "array" }, - "Prefix": { - "markdownDescription": "The prefix of the video stream.", - "title": "Prefix", + "CustomData": { + "markdownDescription": "Any custom data associated with the trigger to be included in the information sent to the target of the trigger.", + "title": "CustomData", "type": "string" }, - "RetentionPeriodHours": { - "markdownDescription": "The number of hours data is retained in the stream. Kinesis Video Streams retains the data in a data store that is associated with the stream.\n\nThe default value is 0, indicating that the stream does not persist data.", - "title": "RetentionPeriodHours", - "type": "number" - } - }, - "required": [ - "EncryptionConfig", - "Prefix", - "RetentionPeriodHours" - ], - "type": "object" - }, - "AWS::Connect::InstanceStorageConfig.S3Config": { - "additionalProperties": false, - "properties": { - "BucketName": { - "markdownDescription": "The S3 bucket name.", - "title": "BucketName", + "DestinationArn": { + "markdownDescription": "The ARN of the resource that is the target for a trigger (for example, the ARN of a topic in Amazon SNS).", + "title": "DestinationArn", "type": "string" }, - "BucketPrefix": { - "markdownDescription": "The S3 bucket prefix.", - "title": "BucketPrefix", - "type": "string" + "Events": { + "items": { + "type": "string" + }, + "markdownDescription": "The repository events that cause the trigger to run actions in another service, such as sending a notification through Amazon SNS.\n\n> The valid value \"all\" cannot be used with any other values.", + "title": "Events", + "type": "array" }, - "EncryptionConfig": { - "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig.EncryptionConfig", - "markdownDescription": "The Amazon S3 encryption configuration.", - "title": "EncryptionConfig" + "Name": { + "markdownDescription": "The name of the trigger.", + "title": "Name", + "type": "string" } }, "required": [ - "BucketName", - "BucketPrefix" + "DestinationArn", + "Events", + "Name" ], "type": "object" }, - "AWS::Connect::IntegrationAssociation": { + "AWS::CodeCommit::Repository.S3": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Bucket": { + "markdownDescription": "The name of the Amazon S3 bucket that contains the ZIP file with the content that will be committed to the new repository. This can be specified using the name of the bucket in the AWS account . Changes to this property are ignored after initial resource creation.", + "title": "Bucket", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "InstanceId": { - "markdownDescription": "The Amazon Resource Name (ARN) of the instance.\n\n*Minimum* : `1`\n\n*Maximum* : `100`", - "title": "InstanceId", - "type": "string" - }, - "IntegrationArn": { - "markdownDescription": "ARN of the integration being associated with the instance.\n\n*Minimum* : `1`\n\n*Maximum* : `140`", - "title": "IntegrationArn", - "type": "string" - }, - "IntegrationType": { - "markdownDescription": "Specifies the integration type to be associated with the instance.\n\n*Allowed Values* : `LEX_BOT` | `LAMBDA_FUNCTION`", - "title": "IntegrationType", - "type": "string" - } - }, - "required": [ - "InstanceId", - "IntegrationArn", - "IntegrationType" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Connect::IntegrationAssociation" - ], + "Key": { + "markdownDescription": "The key to use for accessing the Amazon S3 bucket. Changes to this property are ignored after initial resource creation. For more information, see [Creating object key names](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html) and [Uploading objects](https://docs.aws.amazon.com/AmazonS3/latest/userguide/upload-objects.html) in the Amazon S3 User Guide.", + "title": "Key", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ObjectVersion": { + "markdownDescription": "The object version of the ZIP file, if versioning is enabled for the Amazon S3 bucket. Changes to this property are ignored after initial resource creation.", + "title": "ObjectVersion", "type": "string" } }, "required": [ - "Type", - "Properties" + "Bucket", + "Key" ], "type": "object" }, - "AWS::Connect::PhoneNumber": { + "AWS::CodeConnections::Connection": { "additionalProperties": false, "properties": { "Condition": { @@ -50951,132 +56416,38 @@ "Properties": { "additionalProperties": false, "properties": { - "CountryCode": { - "markdownDescription": "The ISO country code.", - "title": "CountryCode", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the phone number.", - "title": "Description", + "ConnectionName": { + "markdownDescription": "The name of the connection. Connection names must be unique in an AWS account .", + "title": "ConnectionName", "type": "string" }, - "Prefix": { - "markdownDescription": "The prefix of the phone number. If provided, it must contain `+` as part of the country code.\n\n*Pattern* : `^\\\\+[0-9]{1,15}`", - "title": "Prefix", + "HostArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the host associated with the connection.", + "title": "HostArn", "type": "string" }, - "SourcePhoneNumberArn": { - "markdownDescription": "The claimed phone number ARN that was previously imported from the external service, such as AWS End User Messaging. If it is from AWS End User Messaging, it looks like the ARN of the phone number that was imported from AWS End User Messaging.", - "title": "SourcePhoneNumberArn", + "ProviderType": { + "markdownDescription": "The name of the external provider where your third-party code repository is configured.", + "title": "ProviderType", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "markdownDescription": "", "title": "Tags", "type": "array" - }, - "TargetArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for Amazon Connect instances or traffic distribution group that phone numbers are claimed to.", - "title": "TargetArn", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of phone number.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "TargetArn" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Connect::PhoneNumber" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::Connect::PredefinedAttribute": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "InstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", - "title": "InstanceArn", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the predefined attribute.", - "title": "Name", - "type": "string" - }, - "Values": { - "$ref": "#/definitions/AWS::Connect::PredefinedAttribute.Values", - "markdownDescription": "The values of a predefined attribute.", - "title": "Values" } }, "required": [ - "InstanceArn", - "Name", - "Values" + "ConnectionName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::PredefinedAttribute" + "AWS::CodeConnections::Connection" ], "type": "string" }, @@ -51095,21 +56466,7 @@ ], "type": "object" }, - "AWS::Connect::PredefinedAttribute.Values": { - "additionalProperties": false, - "properties": { - "StringList": { - "items": { - "type": "string" - }, - "markdownDescription": "Predefined attribute values of type string list.", - "title": "StringList", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Connect::Prompt": { + "AWS::CodeDeploy::Application": { "additionalProperties": false, "properties": { "Condition": { @@ -51144,44 +56501,30 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the prompt.", - "title": "Description", - "type": "string" - }, - "InstanceArn": { - "markdownDescription": "The identifier of the Amazon Connect instance.", - "title": "InstanceArn", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the prompt.", - "title": "Name", + "ApplicationName": { + "markdownDescription": "A name for the application. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the application name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> Updates to `ApplicationName` are not supported.", + "title": "ApplicationName", "type": "string" }, - "S3Uri": { - "markdownDescription": "The URI for the S3 bucket where the prompt is stored. This property is required when you create a prompt.", - "title": "S3Uri", + "ComputePlatform": { + "markdownDescription": "The compute platform that CodeDeploy deploys the application to.", + "title": "ComputePlatform", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "markdownDescription": "The metadata that you apply to CodeDeploy applications to help you organize and categorize them. Each tag consists of a key and an optional value, both of which you define.", "title": "Tags", "type": "array" } }, - "required": [ - "InstanceArn", - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::Prompt" + "AWS::CodeDeploy::Application" ], "type": "string" }, @@ -51195,12 +56538,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Connect::Queue": { + "AWS::CodeDeploy::DeploymentConfig": { "additionalProperties": false, "properties": { "Condition": { @@ -51235,68 +56577,37 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the queue.", - "title": "Description", - "type": "string" - }, - "HoursOfOperationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the hours of operation.", - "title": "HoursOfOperationArn", - "type": "string" - }, - "InstanceArn": { - "markdownDescription": "The identifier of the Amazon Connect instance.", - "title": "InstanceArn", + "ComputePlatform": { + "markdownDescription": "The destination platform type for the deployment ( `Lambda` , `Server` , or `ECS` ).", + "title": "ComputePlatform", "type": "string" }, - "MaxContacts": { - "markdownDescription": "The maximum number of contacts that can be in the queue before it is considered full.", - "title": "MaxContacts", - "type": "number" - }, - "Name": { - "markdownDescription": "The name of the queue.", - "title": "Name", + "DeploymentConfigName": { + "markdownDescription": "A name for the deployment configuration. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the deployment configuration name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "DeploymentConfigName", "type": "string" }, - "OutboundCallerConfig": { - "$ref": "#/definitions/AWS::Connect::Queue.OutboundCallerConfig", - "markdownDescription": "The outbound caller ID name, number, and outbound whisper flow.", - "title": "OutboundCallerConfig" - }, - "QuickConnectArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Names (ARN) of the of the quick connects available to agents who are working the queue.", - "title": "QuickConnectArns", - "type": "array" + "MinimumHealthyHosts": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig.MinimumHealthyHosts", + "markdownDescription": "The minimum number of healthy instances that should be available at any time during the deployment. There are two parameters expected in the input: type and value.\n\nThe type parameter takes either of the following values:\n\n- HOST_COUNT: The value parameter represents the minimum number of healthy instances as an absolute value.\n- FLEET_PERCENT: The value parameter represents the minimum number of healthy instances as a percentage of the total number of instances in the deployment. If you specify FLEET_PERCENT, at the start of the deployment, AWS CodeDeploy converts the percentage to the equivalent number of instance and rounds up fractional instances.\n\nThe value parameter takes an integer.\n\nFor example, to set a minimum of 95% healthy instance, specify a type of FLEET_PERCENT and a value of 95.\n\nFor more information about instance health, see [CodeDeploy Instance Health](https://docs.aws.amazon.com/codedeploy/latest/userguide/instances-health.html) in the AWS CodeDeploy User Guide.", + "title": "MinimumHealthyHosts" }, - "Status": { - "markdownDescription": "The status of the queue.", - "title": "Status", - "type": "string" + "TrafficRoutingConfig": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig.TrafficRoutingConfig", + "markdownDescription": "The configuration that specifies how the deployment traffic is routed.", + "title": "TrafficRoutingConfig" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"Tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", - "title": "Tags", - "type": "array" + "ZonalConfig": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig.ZonalConfig", + "markdownDescription": "Configure the `ZonalConfig` object if you want AWS CodeDeploy to deploy your application to one [Availability Zone](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#concepts-availability-zones) at a time, within an AWS Region.\n\nFor more information about the zonal configuration feature, see [zonal configuration](https://docs.aws.amazon.com/codedeploy/latest/userguide/deployment-configurations-create.html#zonal-config) in the *CodeDeploy User Guide* .", + "title": "ZonalConfig" } }, - "required": [ - "HoursOfOperationArn", - "InstanceArn", - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::Queue" + "AWS::CodeDeploy::DeploymentConfig" ], "type": "string" }, @@ -51310,208 +56621,136 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Connect::Queue.OutboundCallerConfig": { + "AWS::CodeDeploy::DeploymentConfig.MinimumHealthyHosts": { "additionalProperties": false, "properties": { - "OutboundCallerIdName": { - "markdownDescription": "The caller ID name.", - "title": "OutboundCallerIdName", - "type": "string" - }, - "OutboundCallerIdNumberArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the outbound caller ID number.\n\n> Only use the phone number ARN format that doesn't contain `instance` in the path, for example, `arn:aws:connect:us-east-1:1234567890:phone-number/uuid` . This is the same ARN format that is returned when you create a phone number using CloudFormation , or when you call the [ListPhoneNumbersV2](https://docs.aws.amazon.com/connect/latest/APIReference/API_ListPhoneNumbersV2.html) API.", - "title": "OutboundCallerIdNumberArn", + "Type": { + "markdownDescription": "The minimum healthy instance type:\n\n- HOST_COUNT: The minimum number of healthy instance as an absolute value.\n- FLEET_PERCENT: The minimum number of healthy instance as a percentage of the total number of instance in the deployment.\n\nIn an example of nine instance, if a HOST_COUNT of six is specified, deploy to up to three instances at a time. The deployment is successful if six or more instances are deployed to successfully. Otherwise, the deployment fails. If a FLEET_PERCENT of 40 is specified, deploy to up to five instance at a time. The deployment is successful if four or more instance are deployed to successfully. Otherwise, the deployment fails.\n\n> In a call to `GetDeploymentConfig` , CodeDeployDefault.OneAtATime returns a minimum healthy instance type of MOST_CONCURRENCY and a value of 1. This means a deployment to only one instance at a time. (You cannot set the type to MOST_CONCURRENCY, only to HOST_COUNT or FLEET_PERCENT.) In addition, with CodeDeployDefault.OneAtATime, AWS CodeDeploy attempts to ensure that all instances but one are kept in a healthy state during the deployment. Although this allows one instance at a time to be taken offline for a new deployment, it also means that if the deployment to the last instance fails, the overall deployment is still successful. \n\nFor more information, see [AWS CodeDeploy Instance Health](https://docs.aws.amazon.com//codedeploy/latest/userguide/instances-health.html) in the *AWS CodeDeploy User Guide* .", + "title": "Type", "type": "string" }, - "OutboundFlowArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the outbound flow.", - "title": "OutboundFlowArn", - "type": "string" + "Value": { + "markdownDescription": "The minimum healthy instance value.", + "title": "Value", + "type": "number" } }, + "required": [ + "Type", + "Value" + ], "type": "object" }, - "AWS::Connect::QuickConnect": { + "AWS::CodeDeploy::DeploymentConfig.MinimumHealthyHostsPerZone": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The description of the quick connect.", - "title": "Description", - "type": "string" - }, - "InstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", - "title": "InstanceArn", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the quick connect.", - "title": "Name", - "type": "string" - }, - "QuickConnectConfig": { - "$ref": "#/definitions/AWS::Connect::QuickConnect.QuickConnectConfig", - "markdownDescription": "Contains information about the quick connect.", - "title": "QuickConnectConfig" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"Tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "InstanceArn", - "Name", - "QuickConnectConfig" - ], - "type": "object" - }, "Type": { - "enum": [ - "AWS::Connect::QuickConnect" - ], + "markdownDescription": "The `type` associated with the `MinimumHealthyHostsPerZone` option.", + "title": "Type", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Value": { + "markdownDescription": "The `value` associated with the `MinimumHealthyHostsPerZone` option.", + "title": "Value", + "type": "number" } }, "required": [ "Type", - "Properties" + "Value" ], "type": "object" }, - "AWS::Connect::QuickConnect.PhoneNumberQuickConnectConfig": { + "AWS::CodeDeploy::DeploymentConfig.TimeBasedCanary": { "additionalProperties": false, "properties": { - "PhoneNumber": { - "markdownDescription": "The phone number in E.164 format.", - "title": "PhoneNumber", - "type": "string" + "CanaryInterval": { + "markdownDescription": "The number of minutes between the first and second traffic shifts of a `TimeBasedCanary` deployment.", + "title": "CanaryInterval", + "type": "number" + }, + "CanaryPercentage": { + "markdownDescription": "The percentage of traffic to shift in the first increment of a `TimeBasedCanary` deployment.", + "title": "CanaryPercentage", + "type": "number" } }, "required": [ - "PhoneNumber" + "CanaryInterval", + "CanaryPercentage" ], "type": "object" }, - "AWS::Connect::QuickConnect.QueueQuickConnectConfig": { + "AWS::CodeDeploy::DeploymentConfig.TimeBasedLinear": { "additionalProperties": false, "properties": { - "ContactFlowArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", - "title": "ContactFlowArn", - "type": "string" + "LinearInterval": { + "markdownDescription": "The number of minutes between each incremental traffic shift of a `TimeBasedLinear` deployment.", + "title": "LinearInterval", + "type": "number" }, - "QueueArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the queue.", - "title": "QueueArn", - "type": "string" + "LinearPercentage": { + "markdownDescription": "The percentage of traffic that is shifted at the start of each increment of a `TimeBasedLinear` deployment.", + "title": "LinearPercentage", + "type": "number" } }, "required": [ - "ContactFlowArn", - "QueueArn" + "LinearInterval", + "LinearPercentage" ], "type": "object" }, - "AWS::Connect::QuickConnect.QuickConnectConfig": { + "AWS::CodeDeploy::DeploymentConfig.TrafficRoutingConfig": { "additionalProperties": false, "properties": { - "PhoneConfig": { - "$ref": "#/definitions/AWS::Connect::QuickConnect.PhoneNumberQuickConnectConfig", - "markdownDescription": "The phone configuration. This is required only if QuickConnectType is PHONE_NUMBER.", - "title": "PhoneConfig" + "TimeBasedCanary": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig.TimeBasedCanary", + "markdownDescription": "A configuration that shifts traffic from one version of a Lambda function or ECS task set to another in two increments. The original and target Lambda function versions or ECS task sets are specified in the deployment's AppSpec file.", + "title": "TimeBasedCanary" }, - "QueueConfig": { - "$ref": "#/definitions/AWS::Connect::QuickConnect.QueueQuickConnectConfig", - "markdownDescription": "The queue configuration. This is required only if QuickConnectType is QUEUE.", - "title": "QueueConfig" + "TimeBasedLinear": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig.TimeBasedLinear", + "markdownDescription": "A configuration that shifts traffic from one version of a Lambda function or Amazon ECS task set to another in equal increments, with an equal number of minutes between each increment. The original and target Lambda function versions or Amazon ECS task sets are specified in the deployment's AppSpec file.", + "title": "TimeBasedLinear" }, - "QuickConnectType": { - "markdownDescription": "The type of quick connect. In the Amazon Connect console, when you create a quick connect, you are prompted to assign one of the following types: Agent (USER), External (PHONE_NUMBER), or Queue (QUEUE).", - "title": "QuickConnectType", + "Type": { + "markdownDescription": "The type of traffic shifting ( `TimeBasedCanary` or `TimeBasedLinear` ) used by a deployment configuration.", + "title": "Type", "type": "string" - }, - "UserConfig": { - "$ref": "#/definitions/AWS::Connect::QuickConnect.UserQuickConnectConfig", - "markdownDescription": "The user configuration. This is required only if QuickConnectType is USER.", - "title": "UserConfig" } }, "required": [ - "QuickConnectType" + "Type" ], "type": "object" }, - "AWS::Connect::QuickConnect.UserQuickConnectConfig": { + "AWS::CodeDeploy::DeploymentConfig.ZonalConfig": { "additionalProperties": false, "properties": { - "ContactFlowArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", - "title": "ContactFlowArn", - "type": "string" + "FirstZoneMonitorDurationInSeconds": { + "markdownDescription": "The period of time, in seconds, that CodeDeploy must wait after completing a deployment to the *first* Availability Zone. CodeDeploy will wait this amount of time before starting a deployment to the second Availability Zone. You might set this option if you want to allow extra bake time for the first Availability Zone. If you don't specify a value for `firstZoneMonitorDurationInSeconds` , then CodeDeploy uses the `monitorDurationInSeconds` value for the first Availability Zone.\n\nFor more information about the zonal configuration feature, see [zonal configuration](https://docs.aws.amazon.com/codedeploy/latest/userguide/deployment-configurations-create.html#zonal-config) in the *CodeDeploy User Guide* .", + "title": "FirstZoneMonitorDurationInSeconds", + "type": "number" }, - "UserArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the user.", - "title": "UserArn", - "type": "string" + "MinimumHealthyHostsPerZone": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig.MinimumHealthyHostsPerZone", + "markdownDescription": "The number or percentage of instances that must remain available per Availability Zone during a deployment. This option works in conjunction with the `MinimumHealthyHosts` option. For more information, see [About the minimum number of healthy hosts per Availability Zone](https://docs.aws.amazon.com//codedeploy/latest/userguide/instances-health.html#minimum-healthy-hosts-az) in the *CodeDeploy User Guide* .\n\nIf you don't specify the `minimumHealthyHostsPerZone` option, then CodeDeploy uses a default value of `0` percent.\n\nFor more information about the zonal configuration feature, see [zonal configuration](https://docs.aws.amazon.com/codedeploy/latest/userguide/deployment-configurations-create.html#zonal-config) in the *CodeDeploy User Guide* .", + "title": "MinimumHealthyHostsPerZone" + }, + "MonitorDurationInSeconds": { + "markdownDescription": "The period of time, in seconds, that CodeDeploy must wait after completing a deployment to an Availability Zone. CodeDeploy will wait this amount of time before starting a deployment to the next Availability Zone. Consider adding a monitor duration to give the deployment some time to prove itself (or 'bake') in one Availability Zone before it is released in the next zone. If you don't specify a `monitorDurationInSeconds` , CodeDeploy starts deploying to the next Availability Zone immediately.\n\nFor more information about the zonal configuration feature, see [zonal configuration](https://docs.aws.amazon.com/codedeploy/latest/userguide/deployment-configurations-create.html#zonal-config) in the *CodeDeploy User Guide* .", + "title": "MonitorDurationInSeconds", + "type": "number" } }, - "required": [ - "ContactFlowArn", - "UserArn" - ], "type": "object" }, - "AWS::Connect::RoutingProfile": { + "AWS::CodeDeploy::DeploymentGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -51546,68 +56785,134 @@ "Properties": { "additionalProperties": false, "properties": { - "AgentAvailabilityTimer": { - "markdownDescription": "Whether agents with this routing profile will have their routing order calculated based on *time since their last inbound contact* or *longest idle time* .", - "title": "AgentAvailabilityTimer", - "type": "string" + "AlarmConfiguration": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.AlarmConfiguration", + "markdownDescription": "Information about the Amazon CloudWatch alarms that are associated with the deployment group.", + "title": "AlarmConfiguration" }, - "DefaultOutboundQueueArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the default outbound queue for the routing profile.", - "title": "DefaultOutboundQueueArn", + "ApplicationName": { + "markdownDescription": "The name of an existing CodeDeploy application to associate this deployment group with.", + "title": "ApplicationName", "type": "string" }, - "Description": { - "markdownDescription": "The description of the routing profile.", - "title": "Description", + "AutoRollbackConfiguration": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.AutoRollbackConfiguration", + "markdownDescription": "Information about the automatic rollback configuration that is associated with the deployment group. If you specify this property, don't specify the `Deployment` property.", + "title": "AutoRollbackConfiguration" + }, + "AutoScalingGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of associated Auto Scaling groups that CodeDeploy automatically deploys revisions to when new instances are created. Duplicates are not allowed.", + "title": "AutoScalingGroups", + "type": "array" + }, + "BlueGreenDeploymentConfiguration": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.BlueGreenDeploymentConfiguration", + "markdownDescription": "Information about blue/green deployment options for a deployment group.", + "title": "BlueGreenDeploymentConfiguration" + }, + "Deployment": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.Deployment", + "markdownDescription": "The application revision to deploy to this deployment group. If you specify this property, your target application revision is deployed as soon as the provisioning process is complete. If you specify this property, don't specify the `AutoRollbackConfiguration` property.", + "title": "Deployment" + }, + "DeploymentConfigName": { + "markdownDescription": "A deployment configuration name or a predefined configuration name. With predefined configurations, you can deploy application revisions to one instance at a time ( `CodeDeployDefault.OneAtATime` ), half of the instances at a time ( `CodeDeployDefault.HalfAtATime` ), or all the instances at once ( `CodeDeployDefault.AllAtOnce` ). For more information and valid values, see [Working with Deployment Configurations](https://docs.aws.amazon.com/codedeploy/latest/userguide/deployment-configurations.html) in the *AWS CodeDeploy User Guide* .", + "title": "DeploymentConfigName", "type": "string" }, - "InstanceArn": { - "markdownDescription": "The identifier of the Amazon Connect instance.", - "title": "InstanceArn", + "DeploymentGroupName": { + "markdownDescription": "A name for the deployment group. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the deployment group name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "DeploymentGroupName", "type": "string" }, - "MediaConcurrencies": { + "DeploymentStyle": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.DeploymentStyle", + "markdownDescription": "Attributes that determine the type of deployment to run and whether to route deployment traffic behind a load balancer.\n\nIf you specify this property with a blue/green deployment type, don't specify the `AutoScalingGroups` , `LoadBalancerInfo` , or `Deployment` properties.\n\n> For blue/green deployments, AWS CloudFormation supports deployments on Lambda compute platforms only. You can perform Amazon ECS blue/green deployments using `AWS::CodeDeploy::BlueGreen` hook. See [Perform Amazon ECS blue/green deployments through CodeDeploy using AWS CloudFormation](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/blue-green.html) for more information.", + "title": "DeploymentStyle" + }, + "ECSServices": { "items": { - "$ref": "#/definitions/AWS::Connect::RoutingProfile.MediaConcurrency" + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.ECSService" }, - "markdownDescription": "The channels agents can handle in the Contact Control Panel (CCP) for this routing profile.", - "title": "MediaConcurrencies", + "markdownDescription": "The target Amazon ECS services in the deployment group. This applies only to deployment groups that use the Amazon ECS compute platform. A target Amazon ECS service is specified as an Amazon ECS cluster and service name pair using the format `:` .", + "title": "ECSServices", "type": "array" }, - "Name": { - "markdownDescription": "The name of the routing profile.", - "title": "Name", - "type": "string" + "Ec2TagFilters": { + "items": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.EC2TagFilter" + }, + "markdownDescription": "The Amazon EC2 tags that are already applied to Amazon EC2 instances that you want to include in the deployment group. CodeDeploy includes all Amazon EC2 instances identified by any of the tags you specify in this deployment group. Duplicates are not allowed.\n\nYou can specify `EC2TagFilters` or `Ec2TagSet` , but not both.", + "title": "Ec2TagFilters", + "type": "array" }, - "QueueConfigs": { + "Ec2TagSet": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.EC2TagSet", + "markdownDescription": "Information about groups of tags applied to Amazon EC2 instances. The deployment group includes only Amazon EC2 instances identified by all the tag groups. Cannot be used in the same call as `ec2TagFilter` .", + "title": "Ec2TagSet" + }, + "LoadBalancerInfo": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.LoadBalancerInfo", + "markdownDescription": "Information about the load balancer to use in a deployment. For more information, see [Integrating CodeDeploy with Elastic Load Balancing](https://docs.aws.amazon.com/codedeploy/latest/userguide/integrations-aws-elastic-load-balancing.html) in the *AWS CodeDeploy User Guide* .", + "title": "LoadBalancerInfo" + }, + "OnPremisesInstanceTagFilters": { "items": { - "$ref": "#/definitions/AWS::Connect::RoutingProfile.RoutingProfileQueueConfig" + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TagFilter" }, - "markdownDescription": "The inbound queues associated with the routing profile. If no queue is added, the agent can make only outbound calls.", - "title": "QueueConfigs", + "markdownDescription": "The on-premises instance tags already applied to on-premises instances that you want to include in the deployment group. CodeDeploy includes all on-premises instances identified by any of the tags you specify in this deployment group. To register on-premises instances with CodeDeploy , see [Working with On-Premises Instances for CodeDeploy](https://docs.aws.amazon.com/codedeploy/latest/userguide/instances-on-premises.html) in the *AWS CodeDeploy User Guide* . Duplicates are not allowed.\n\nYou can specify `OnPremisesInstanceTagFilters` or `OnPremisesInstanceTagSet` , but not both.", + "title": "OnPremisesInstanceTagFilters", "type": "array" }, + "OnPremisesTagSet": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.OnPremisesTagSet", + "markdownDescription": "Information about groups of tags applied to on-premises instances. The deployment group includes only on-premises instances identified by all the tag groups.\n\nYou can specify `OnPremisesInstanceTagFilters` or `OnPremisesInstanceTagSet` , but not both.", + "title": "OnPremisesTagSet" + }, + "OutdatedInstancesStrategy": { + "markdownDescription": "Indicates what happens when new Amazon EC2 instances are launched mid-deployment and do not receive the deployed application revision.\n\nIf this option is set to `UPDATE` or is unspecified, CodeDeploy initiates one or more 'auto-update outdated instances' deployments to apply the deployed application revision to the new Amazon EC2 instances.\n\nIf this option is set to `IGNORE` , CodeDeploy does not initiate a deployment to update the new Amazon EC2 instances. This may result in instances having different revisions.", + "title": "OutdatedInstancesStrategy", + "type": "string" + }, + "ServiceRoleArn": { + "markdownDescription": "A service role Amazon Resource Name (ARN) that grants CodeDeploy permission to make calls to AWS services on your behalf. For more information, see [Create a Service Role for AWS CodeDeploy](https://docs.aws.amazon.com/codedeploy/latest/userguide/getting-started-create-service-role.html) in the *AWS CodeDeploy User Guide* .\n\n> In some cases, you might need to add a dependency on the service role's policy. For more information, see IAM role policy in [DependsOn Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) .", + "title": "ServiceRoleArn", + "type": "string" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"Tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "markdownDescription": "The metadata that you apply to CodeDeploy deployment groups to help you organize and categorize them. Each tag consists of a key and an optional value, both of which you define.", "title": "Tags", "type": "array" + }, + "TerminationHookEnabled": { + "markdownDescription": "Indicates whether the deployment group was configured to have CodeDeploy install a termination hook into an Auto Scaling group.\n\nFor more information about the termination hook, see [How Amazon EC2 Auto Scaling works with CodeDeploy](https://docs.aws.amazon.com//codedeploy/latest/userguide/integrations-aws-auto-scaling.html#integrations-aws-auto-scaling-behaviors) in the *AWS CodeDeploy User Guide* .", + "title": "TerminationHookEnabled", + "type": "boolean" + }, + "TriggerConfigurations": { + "items": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TriggerConfig" + }, + "markdownDescription": "Information about triggers associated with the deployment group. Duplicates are not allowed", + "title": "TriggerConfigurations", + "type": "array" } }, "required": [ - "DefaultOutboundQueueArn", - "Description", - "InstanceArn", - "MediaConcurrencies", - "Name" + "ApplicationName", + "ServiceRoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::RoutingProfile" + "AWS::CodeDeploy::DeploymentGroup" ], "type": "string" }, @@ -51626,496 +56931,473 @@ ], "type": "object" }, - "AWS::Connect::RoutingProfile.CrossChannelBehavior": { + "AWS::CodeDeploy::DeploymentGroup.Alarm": { "additionalProperties": false, "properties": { - "BehaviorType": { - "markdownDescription": "Specifies the other channels that can be routed to an agent handling their current channel.", - "title": "BehaviorType", + "Name": { + "markdownDescription": "The name of the alarm. Maximum length is 255 characters. Each alarm name can be used only once in a list of alarms.", + "title": "Name", "type": "string" } }, - "required": [ - "BehaviorType" - ], "type": "object" }, - "AWS::Connect::RoutingProfile.MediaConcurrency": { + "AWS::CodeDeploy::DeploymentGroup.AlarmConfiguration": { "additionalProperties": false, "properties": { - "Channel": { - "markdownDescription": "The channels that agents can handle in the Contact Control Panel (CCP).", - "title": "Channel", - "type": "string" + "Alarms": { + "items": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.Alarm" + }, + "markdownDescription": "A list of alarms configured for the deployment or deployment group. A maximum of 10 alarms can be added.", + "title": "Alarms", + "type": "array" }, - "Concurrency": { - "markdownDescription": "The number of contacts an agent can have on a channel simultaneously.\n\nValid Range for `VOICE` : Minimum value of 1. Maximum value of 1.\n\nValid Range for `CHAT` : Minimum value of 1. Maximum value of 10.\n\nValid Range for `TASK` : Minimum value of 1. Maximum value of 10.", - "title": "Concurrency", - "type": "number" + "Enabled": { + "markdownDescription": "Indicates whether the alarm configuration is enabled.", + "title": "Enabled", + "type": "boolean" }, - "CrossChannelBehavior": { - "$ref": "#/definitions/AWS::Connect::RoutingProfile.CrossChannelBehavior", - "markdownDescription": "Defines the cross-channel routing behavior for each channel that is enabled for this Routing Profile. For example, this allows you to offer an agent a different contact from another channel when they are currently working with a contact from a Voice channel.", - "title": "CrossChannelBehavior" + "IgnorePollAlarmFailure": { + "markdownDescription": "Indicates whether a deployment should continue if information about the current state of alarms cannot be retrieved from Amazon CloudWatch . The default value is `false` .\n\n- `true` : The deployment proceeds even if alarm status information can't be retrieved from CloudWatch .\n- `false` : The deployment stops if alarm status information can't be retrieved from CloudWatch .", + "title": "IgnorePollAlarmFailure", + "type": "boolean" } }, - "required": [ - "Channel", - "Concurrency" - ], "type": "object" }, - "AWS::Connect::RoutingProfile.RoutingProfileQueueConfig": { + "AWS::CodeDeploy::DeploymentGroup.AutoRollbackConfiguration": { "additionalProperties": false, "properties": { - "Delay": { - "markdownDescription": "The delay, in seconds, a contact should be in the queue before they are routed to an available agent. For more information, see [Queues: priority and delay](https://docs.aws.amazon.com/connect/latest/adminguide/concepts-routing-profiles-priority.html) in the *Amazon Connect Administrator Guide* .", - "title": "Delay", - "type": "number" - }, - "Priority": { - "markdownDescription": "The order in which contacts are to be handled for the queue. For more information, see [Queues: priority and delay](https://docs.aws.amazon.com/connect/latest/adminguide/concepts-routing-profiles-priority.html) .", - "title": "Priority", - "type": "number" + "Enabled": { + "markdownDescription": "Indicates whether a defined automatic rollback configuration is currently enabled.", + "title": "Enabled", + "type": "boolean" }, - "QueueReference": { - "$ref": "#/definitions/AWS::Connect::RoutingProfile.RoutingProfileQueueReference", - "markdownDescription": "Contains information about a queue resource.", - "title": "QueueReference" - } - }, - "required": [ - "Delay", - "Priority", - "QueueReference" - ], + "Events": { + "items": { + "type": "string" + }, + "markdownDescription": "The event type or types that trigger a rollback. Valid values are `DEPLOYMENT_FAILURE` , `DEPLOYMENT_STOP_ON_ALARM` , or `DEPLOYMENT_STOP_ON_REQUEST` .", + "title": "Events", + "type": "array" + } + }, "type": "object" }, - "AWS::Connect::RoutingProfile.RoutingProfileQueueReference": { + "AWS::CodeDeploy::DeploymentGroup.BlueGreenDeploymentConfiguration": { "additionalProperties": false, "properties": { - "Channel": { - "markdownDescription": "The channels agents can handle in the Contact Control Panel (CCP) for this routing profile.", - "title": "Channel", + "DeploymentReadyOption": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.DeploymentReadyOption", + "markdownDescription": "Information about the action to take when newly provisioned instances are ready to receive traffic in a blue/green deployment.", + "title": "DeploymentReadyOption" + }, + "GreenFleetProvisioningOption": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.GreenFleetProvisioningOption", + "markdownDescription": "Information about how instances are provisioned for a replacement environment in a blue/green deployment.", + "title": "GreenFleetProvisioningOption" + }, + "TerminateBlueInstancesOnDeploymentSuccess": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.BlueInstanceTerminationOption", + "markdownDescription": "Information about whether to terminate instances in the original fleet during a blue/green deployment.", + "title": "TerminateBlueInstancesOnDeploymentSuccess" + } + }, + "type": "object" + }, + "AWS::CodeDeploy::DeploymentGroup.BlueInstanceTerminationOption": { + "additionalProperties": false, + "properties": { + "Action": { + "markdownDescription": "The action to take on instances in the original environment after a successful blue/green deployment.\n\n- `TERMINATE` : Instances are terminated after a specified wait time.\n- `KEEP_ALIVE` : Instances are left running after they are deregistered from the load balancer and removed from the deployment group.", + "title": "Action", "type": "string" }, - "QueueArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the queue.", - "title": "QueueArn", + "TerminationWaitTimeInMinutes": { + "markdownDescription": "For an Amazon EC2 deployment, the number of minutes to wait after a successful blue/green deployment before terminating instances from the original environment.\n\nFor an Amazon ECS deployment, the number of minutes before deleting the original (blue) task set. During an Amazon ECS deployment, CodeDeploy shifts traffic from the original (blue) task set to a replacement (green) task set.\n\nThe maximum setting is 2880 minutes (2 days).", + "title": "TerminationWaitTimeInMinutes", + "type": "number" + } + }, + "type": "object" + }, + "AWS::CodeDeploy::DeploymentGroup.Deployment": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A comment about the deployment.", + "title": "Description", "type": "string" + }, + "IgnoreApplicationStopFailures": { + "markdownDescription": "If true, then if an `ApplicationStop` , `BeforeBlockTraffic` , or `AfterBlockTraffic` deployment lifecycle event to an instance fails, then the deployment continues to the next deployment lifecycle event. For example, if `ApplicationStop` fails, the deployment continues with DownloadBundle. If `BeforeBlockTraffic` fails, the deployment continues with `BlockTraffic` . If `AfterBlockTraffic` fails, the deployment continues with `ApplicationStop` .\n\nIf false or not specified, then if a lifecycle event fails during a deployment to an instance, that deployment fails. If deployment to that instance is part of an overall deployment and the number of healthy hosts is not less than the minimum number of healthy hosts, then a deployment to the next instance is attempted.\n\nDuring a deployment, the AWS CodeDeploy agent runs the scripts specified for `ApplicationStop` , `BeforeBlockTraffic` , and `AfterBlockTraffic` in the AppSpec file from the previous successful deployment. (All other scripts are run from the AppSpec file in the current deployment.) If one of these scripts contains an error and does not run successfully, the deployment can fail.\n\nIf the cause of the failure is a script from the last successful deployment that will never run successfully, create a new deployment and use `ignoreApplicationStopFailures` to specify that the `ApplicationStop` , `BeforeBlockTraffic` , and `AfterBlockTraffic` failures should be ignored.", + "title": "IgnoreApplicationStopFailures", + "type": "boolean" + }, + "Revision": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.RevisionLocation", + "markdownDescription": "Information about the location of stored application artifacts and the service from which to retrieve them.", + "title": "Revision" } }, "required": [ - "Channel", - "QueueArn" + "Revision" ], "type": "object" }, - "AWS::Connect::Rule": { + "AWS::CodeDeploy::DeploymentGroup.DeploymentReadyOption": { "additionalProperties": false, "properties": { - "Condition": { + "ActionOnTimeout": { + "markdownDescription": "Information about when to reroute traffic from an original environment to a replacement environment in a blue/green deployment.\n\n- CONTINUE_DEPLOYMENT: Register new instances with the load balancer immediately after the new application revision is installed on the instances in the replacement environment.\n- STOP_DEPLOYMENT: Do not register new instances with a load balancer unless traffic rerouting is started using [ContinueDeployment](https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_ContinueDeployment.html) . If traffic rerouting is not started before the end of the specified wait period, the deployment status is changed to Stopped.", + "title": "ActionOnTimeout", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "WaitTimeInMinutes": { + "markdownDescription": "The number of minutes to wait before the status of a blue/green deployment is changed to Stopped if rerouting is not started manually. Applies only to the `STOP_DEPLOYMENT` option for `actionOnTimeout` .", + "title": "WaitTimeInMinutes", + "type": "number" + } + }, + "type": "object" + }, + "AWS::CodeDeploy::DeploymentGroup.DeploymentStyle": { + "additionalProperties": false, + "properties": { + "DeploymentOption": { + "markdownDescription": "Indicates whether to route deployment traffic behind a load balancer.\n\n> An Amazon EC2 Application Load Balancer or Network Load Balancer is required for an Amazon ECS deployment.", + "title": "DeploymentOption", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Actions": { - "$ref": "#/definitions/AWS::Connect::Rule.Actions", - "markdownDescription": "A list of actions to be run when the rule is triggered.", - "title": "Actions" - }, - "Function": { - "markdownDescription": "The conditions of the rule.", - "title": "Function", - "type": "string" - }, - "InstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", - "title": "InstanceArn", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the rule.", - "title": "Name", - "type": "string" - }, - "PublishStatus": { - "markdownDescription": "The publish status of the rule.\n\n*Allowed values* : `DRAFT` | `PUBLISHED`", - "title": "PublishStatus", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", - "title": "Tags", - "type": "array" - }, - "TriggerEventSource": { - "$ref": "#/definitions/AWS::Connect::Rule.RuleTriggerEventSource", - "markdownDescription": "The event source to trigger the rule.", - "title": "TriggerEventSource" - } - }, - "required": [ - "Actions", - "Function", - "InstanceArn", - "Name", - "PublishStatus", - "TriggerEventSource" - ], - "type": "object" + "DeploymentType": { + "markdownDescription": "Indicates whether to run an in-place or blue/green deployment.", + "title": "DeploymentType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CodeDeploy::DeploymentGroup.EC2TagFilter": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The tag filter key.", + "title": "Key", + "type": "string" }, "Type": { - "enum": [ - "AWS::Connect::Rule" - ], + "markdownDescription": "The tag filter type:\n\n- `KEY_ONLY` : Key only.\n- `VALUE_ONLY` : Value only.\n- `KEY_AND_VALUE` : Key and value.", + "title": "Type", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Value": { + "markdownDescription": "The tag filter value.", + "title": "Value", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Connect::Rule.Actions": { + "AWS::CodeDeploy::DeploymentGroup.EC2TagSet": { "additionalProperties": false, "properties": { - "AssignContactCategoryActions": { - "items": { - "type": "object" - }, - "markdownDescription": "Information about the contact category action. The syntax can be empty, for example, `{}` .", - "title": "AssignContactCategoryActions", - "type": "array" - }, - "CreateCaseActions": { - "items": { - "$ref": "#/definitions/AWS::Connect::Rule.CreateCaseAction" - }, - "markdownDescription": "", - "title": "CreateCaseActions", - "type": "array" - }, - "EndAssociatedTasksActions": { - "items": { - "type": "object" - }, - "markdownDescription": "", - "title": "EndAssociatedTasksActions", - "type": "array" - }, - "EventBridgeActions": { - "items": { - "$ref": "#/definitions/AWS::Connect::Rule.EventBridgeAction" - }, - "markdownDescription": "Information about the EventBridge action.", - "title": "EventBridgeActions", - "type": "array" - }, - "SendNotificationActions": { - "items": { - "$ref": "#/definitions/AWS::Connect::Rule.SendNotificationAction" - }, - "markdownDescription": "Information about the send notification action.", - "title": "SendNotificationActions", - "type": "array" - }, - "TaskActions": { - "items": { - "$ref": "#/definitions/AWS::Connect::Rule.TaskAction" - }, - "markdownDescription": "Information about the task action. This field is required if `TriggerEventSource` is one of the following values: `OnZendeskTicketCreate` | `OnZendeskTicketStatusUpdate` | `OnSalesforceCaseCreate`", - "title": "TaskActions", - "type": "array" - }, - "UpdateCaseActions": { + "Ec2TagSetList": { "items": { - "$ref": "#/definitions/AWS::Connect::Rule.UpdateCaseAction" + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.EC2TagSetListObject" }, - "markdownDescription": "", - "title": "UpdateCaseActions", + "markdownDescription": "The Amazon EC2 tags that are already applied to Amazon EC2 instances that you want to include in the deployment group. CodeDeploy includes all Amazon EC2 instances identified by any of the tags you specify in this deployment group.\n\nDuplicates are not allowed.", + "title": "Ec2TagSetList", "type": "array" } }, "type": "object" }, - "AWS::Connect::Rule.CreateCaseAction": { + "AWS::CodeDeploy::DeploymentGroup.EC2TagSetListObject": { "additionalProperties": false, "properties": { - "Fields": { + "Ec2TagGroup": { "items": { - "$ref": "#/definitions/AWS::Connect::Rule.Field" + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.EC2TagFilter" }, - "markdownDescription": "", - "title": "Fields", + "markdownDescription": "A list that contains other lists of Amazon EC2 instance tag groups. For an instance to be included in the deployment group, it must be identified by all of the tag groups in the list.", + "title": "Ec2TagGroup", "type": "array" + } + }, + "type": "object" + }, + "AWS::CodeDeploy::DeploymentGroup.ECSService": { + "additionalProperties": false, + "properties": { + "ClusterName": { + "markdownDescription": "The name of the cluster that the Amazon ECS service is associated with.", + "title": "ClusterName", + "type": "string" }, - "TemplateId": { - "markdownDescription": "", - "title": "TemplateId", + "ServiceName": { + "markdownDescription": "The name of the target Amazon ECS service.", + "title": "ServiceName", "type": "string" } }, "required": [ - "Fields", - "TemplateId" + "ClusterName", + "ServiceName" ], "type": "object" }, - "AWS::Connect::Rule.EventBridgeAction": { + "AWS::CodeDeploy::DeploymentGroup.ELBInfo": { "additionalProperties": false, "properties": { "Name": { - "markdownDescription": "The name.", + "markdownDescription": "For blue/green deployments, the name of the load balancer that is used to route traffic from original instances to replacement instances in a blue/green deployment. For in-place deployments, the name of the load balancer that instances are deregistered from so they are not serving traffic during a deployment, and then re-registered with after the deployment is complete.\n\n> AWS CloudFormation supports blue/green deployments on AWS Lambda compute platforms only.", "title": "Name", "type": "string" } }, - "required": [ - "Name" - ], "type": "object" }, - "AWS::Connect::Rule.Field": { + "AWS::CodeDeploy::DeploymentGroup.GitHubLocation": { "additionalProperties": false, "properties": { - "Id": { - "markdownDescription": "", - "title": "Id", + "CommitId": { + "markdownDescription": "The SHA1 commit ID of the GitHub commit that represents the bundled artifacts for the application revision.", + "title": "CommitId", "type": "string" }, - "Value": { - "$ref": "#/definitions/AWS::Connect::Rule.FieldValue", - "markdownDescription": "", - "title": "Value" + "Repository": { + "markdownDescription": "The GitHub account and repository pair that stores a reference to the commit that represents the bundled artifacts for the application revision.\n\nSpecify the value as `account/repository` .", + "title": "Repository", + "type": "string" } }, "required": [ - "Id", - "Value" + "CommitId", + "Repository" ], "type": "object" }, - "AWS::Connect::Rule.FieldValue": { + "AWS::CodeDeploy::DeploymentGroup.GreenFleetProvisioningOption": { "additionalProperties": false, "properties": { - "BooleanValue": { - "markdownDescription": "", - "title": "BooleanValue", - "type": "boolean" - }, - "DoubleValue": { - "markdownDescription": "", - "title": "DoubleValue", - "type": "number" - }, - "EmptyValue": { - "markdownDescription": "", - "title": "EmptyValue", - "type": "object" - }, - "StringValue": { - "markdownDescription": "", - "title": "StringValue", + "Action": { + "markdownDescription": "The method used to add instances to a replacement environment.\n\n- `DISCOVER_EXISTING` : Use instances that already exist or will be created manually.\n- `COPY_AUTO_SCALING_GROUP` : Use settings from a specified Auto Scaling group to define and create instances in a new Auto Scaling group.", + "title": "Action", "type": "string" } }, "type": "object" }, - "AWS::Connect::Rule.NotificationRecipientType": { + "AWS::CodeDeploy::DeploymentGroup.LoadBalancerInfo": { "additionalProperties": false, "properties": { - "UserArns": { + "ElbInfoList": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.ELBInfo" }, - "markdownDescription": "The Amazon Resource Name (ARN) of the user account.", - "title": "UserArns", + "markdownDescription": "An array that contains information about the load balancers to use for load balancing in a deployment. If you're using Classic Load Balancers, specify those load balancers in this array.\n\n> You can add up to 10 load balancers to the array. > If you're using Application Load Balancers or Network Load Balancers, use the `targetGroupInfoList` array instead of this one.", + "title": "ElbInfoList", "type": "array" }, - "UserTags": { - "additionalProperties": true, - "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }. Amazon Connect users with the specified tags will be notified.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "TargetGroupInfoList": { + "items": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TargetGroupInfo" }, - "title": "UserTags", - "type": "object" + "markdownDescription": "An array that contains information about the target groups to use for load balancing in a deployment. If you're using Application Load Balancers and Network Load Balancers, specify their associated target groups in this array.\n\n> You can add up to 10 target groups to the array. > If you're using Classic Load Balancers, use the `elbInfoList` array instead of this one.", + "title": "TargetGroupInfoList", + "type": "array" + }, + "TargetGroupPairInfoList": { + "items": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TargetGroupPairInfo" + }, + "markdownDescription": "The target group pair information. This is an array of `TargeGroupPairInfo` objects with a maximum size of one.", + "title": "TargetGroupPairInfoList", + "type": "array" } }, "type": "object" }, - "AWS::Connect::Rule.Reference": { + "AWS::CodeDeploy::DeploymentGroup.OnPremisesTagSet": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The type of the reference. `DATE` must be of type Epoch timestamp.\n\n*Allowed values* : `URL` | `ATTACHMENT` | `NUMBER` | `STRING` | `DATE` | `EMAIL`", - "title": "Type", - "type": "string" - }, - "Value": { - "markdownDescription": "A valid value for the reference. For example, for a URL reference, a formatted URL that is displayed to an agent in the Contact Control Panel (CCP).", - "title": "Value", - "type": "string" + "OnPremisesTagSetList": { + "items": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.OnPremisesTagSetListObject" + }, + "markdownDescription": "A list that contains other lists of on-premises instance tag groups. For an instance to be included in the deployment group, it must be identified by all of the tag groups in the list.\n\nDuplicates are not allowed.", + "title": "OnPremisesTagSetList", + "type": "array" } }, - "required": [ - "Type", - "Value" - ], "type": "object" }, - "AWS::Connect::Rule.RuleTriggerEventSource": { + "AWS::CodeDeploy::DeploymentGroup.OnPremisesTagSetListObject": { "additionalProperties": false, "properties": { - "EventSourceName": { - "markdownDescription": "The name of the event source.", - "title": "EventSourceName", - "type": "string" + "OnPremisesTagGroup": { + "items": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TagFilter" + }, + "markdownDescription": "Information about groups of on-premises instance tags.", + "title": "OnPremisesTagGroup", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CodeDeploy::DeploymentGroup.RevisionLocation": { + "additionalProperties": false, + "properties": { + "GitHubLocation": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.GitHubLocation", + "markdownDescription": "Information about the location of application artifacts stored in GitHub.", + "title": "GitHubLocation" }, - "IntegrationAssociationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the integration association. `IntegrationAssociationArn` is required if `TriggerEventSource` is one of the following values: `OnZendeskTicketCreate` | `OnZendeskTicketStatusUpdate` | `OnSalesforceCaseCreate`", - "title": "IntegrationAssociationArn", + "RevisionType": { + "markdownDescription": "The type of application revision:\n\n- S3: An application revision stored in Amazon S3.\n- GitHub: An application revision stored in GitHub (EC2/On-premises deployments only).\n- String: A YAML-formatted or JSON-formatted string ( AWS Lambda deployments only).\n- AppSpecContent: An `AppSpecContent` object that contains the contents of an AppSpec file for an AWS Lambda or Amazon ECS deployment. The content is formatted as JSON or YAML stored as a RawString.", + "title": "RevisionType", "type": "string" + }, + "S3Location": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.S3Location", + "markdownDescription": "Information about the location of a revision stored in Amazon S3.", + "title": "S3Location" } }, - "required": [ - "EventSourceName" - ], "type": "object" }, - "AWS::Connect::Rule.SendNotificationAction": { + "AWS::CodeDeploy::DeploymentGroup.S3Location": { "additionalProperties": false, "properties": { - "Content": { - "markdownDescription": "Notification content. Supports variable injection. For more information, see [JSONPath reference](https://docs.aws.amazon.com/connect/latest/adminguide/contact-lens-variable-injection.html) in the *Amazon Connect Administrators Guide* .", - "title": "Content", + "Bucket": { + "markdownDescription": "The name of the Amazon S3 bucket where the application revision is stored.", + "title": "Bucket", "type": "string" }, - "ContentType": { - "markdownDescription": "Content type format.\n\n*Allowed value* : `PLAIN_TEXT`", - "title": "ContentType", + "BundleType": { + "markdownDescription": "The file type of the application revision. Must be one of the following:\n\n- JSON\n- tar: A tar archive file.\n- tgz: A compressed tar archive file.\n- YAML\n- zip: A zip archive file.", + "title": "BundleType", "type": "string" }, - "DeliveryMethod": { - "markdownDescription": "Notification delivery method.\n\n*Allowed value* : `EMAIL`", - "title": "DeliveryMethod", + "ETag": { + "markdownDescription": "The ETag of the Amazon S3 object that represents the bundled artifacts for the application revision.\n\nIf the ETag is not specified as an input parameter, ETag validation of the object is skipped.", + "title": "ETag", "type": "string" }, - "Recipient": { - "$ref": "#/definitions/AWS::Connect::Rule.NotificationRecipientType", - "markdownDescription": "Notification recipient.", - "title": "Recipient" + "Key": { + "markdownDescription": "The name of the Amazon S3 object that represents the bundled artifacts for the application revision.", + "title": "Key", + "type": "string" }, - "Subject": { - "markdownDescription": "The subject of the email if the delivery method is `EMAIL` . Supports variable injection. For more information, see [JSONPath reference](https://docs.aws.amazon.com/connect/latest/adminguide/contact-lens-variable-injection.html) in the *Amazon Connect Administrators Guide* .", - "title": "Subject", + "Version": { + "markdownDescription": "A specific version of the Amazon S3 object that represents the bundled artifacts for the application revision.\n\nIf the version is not specified, the system uses the most recent version by default.", + "title": "Version", "type": "string" } }, "required": [ - "Content", - "ContentType", - "DeliveryMethod", - "Recipient" + "Bucket", + "Key" ], "type": "object" }, - "AWS::Connect::Rule.TaskAction": { + "AWS::CodeDeploy::DeploymentGroup.TagFilter": { "additionalProperties": false, "properties": { - "ContactFlowArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", - "title": "ContactFlowArn", + "Key": { + "markdownDescription": "The on-premises instance tag filter key.", + "title": "Key", "type": "string" }, - "Description": { - "markdownDescription": "The description. Supports variable injection. For more information, see [JSONPath reference](https://docs.aws.amazon.com/connect/latest/adminguide/contact-lens-variable-injection.html) in the *Amazon Connect Administrators Guide* .", - "title": "Description", + "Type": { + "markdownDescription": "The on-premises instance tag filter type:\n\n- KEY_ONLY: Key only.\n- VALUE_ONLY: Value only.\n- KEY_AND_VALUE: Key and value.", + "title": "Type", "type": "string" }, + "Value": { + "markdownDescription": "The on-premises instance tag filter value.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CodeDeploy::DeploymentGroup.TargetGroupInfo": { + "additionalProperties": false, + "properties": { "Name": { - "markdownDescription": "The name. Supports variable injection. For more information, see [JSONPath reference](https://docs.aws.amazon.com/connect/latest/adminguide/contact-lens-variable-injection.html) in the *Amazon Connect Administrators Guide* .", + "markdownDescription": "For blue/green deployments, the name of the target group that instances in the original environment are deregistered from, and instances in the replacement environment registered with. For in-place deployments, the name of the target group that instances are deregistered from, so they are not serving traffic during a deployment, and then re-registered with after the deployment completes. No duplicates allowed.\n\n> AWS CloudFormation supports blue/green deployments on AWS Lambda compute platforms only. \n\nThis value cannot exceed 32 characters, so you should use the `Name` property of the target group, or the `TargetGroupName` attribute with the `Fn::GetAtt` intrinsic function, as shown in the following example. Don't use the group's Amazon Resource Name (ARN) or `TargetGroupFullName` attribute.", "title": "Name", "type": "string" + } + }, + "type": "object" + }, + "AWS::CodeDeploy::DeploymentGroup.TargetGroupPairInfo": { + "additionalProperties": false, + "properties": { + "ProdTrafficRoute": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TrafficRoute", + "markdownDescription": "The path used by a load balancer to route production traffic when an Amazon ECS deployment is complete.", + "title": "ProdTrafficRoute" }, - "References": { - "additionalProperties": false, - "markdownDescription": "Information about the reference when the `referenceType` is `URL` . Otherwise, null. `URL` is the only accepted type. (Supports variable injection in the `Value` field.)", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::Connect::Rule.Reference" - } + "TargetGroups": { + "items": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TargetGroupInfo" }, - "title": "References", - "type": "object" + "markdownDescription": "One pair of target groups. One is associated with the original task set. The second is associated with the task set that serves traffic after the deployment is complete.", + "title": "TargetGroups", + "type": "array" + }, + "TestTrafficRoute": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TrafficRoute", + "markdownDescription": "An optional path used by a load balancer to route test traffic after an Amazon ECS deployment. Validation can occur while test traffic is served during a deployment.", + "title": "TestTrafficRoute" } }, - "required": [ - "ContactFlowArn", - "Name" - ], "type": "object" }, - "AWS::Connect::Rule.UpdateCaseAction": { + "AWS::CodeDeploy::DeploymentGroup.TrafficRoute": { "additionalProperties": false, "properties": { - "Fields": { + "ListenerArns": { "items": { - "$ref": "#/definitions/AWS::Connect::Rule.Field" + "type": "string" }, - "markdownDescription": "", - "title": "Fields", + "markdownDescription": "The Amazon Resource Name (ARN) of one listener. The listener identifies the route between a target group and a load balancer. This is an array of strings with a maximum size of one.", + "title": "ListenerArns", "type": "array" } }, - "required": [ - "Fields" - ], "type": "object" }, - "AWS::Connect::SecurityKey": { + "AWS::CodeDeploy::DeploymentGroup.TriggerConfig": { + "additionalProperties": false, + "properties": { + "TriggerEvents": { + "items": { + "type": "string" + }, + "markdownDescription": "The event type or types that trigger notifications.", + "title": "TriggerEvents", + "type": "array" + }, + "TriggerName": { + "markdownDescription": "The name of the notification trigger.", + "title": "TriggerName", + "type": "string" + }, + "TriggerTargetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Simple Notification Service topic through which notifications about deployment or instance events are sent.", + "title": "TriggerTargetArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CodeGuruProfiler::ProfilingGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -52150,26 +57432,46 @@ "Properties": { "additionalProperties": false, "properties": { - "InstanceId": { - "markdownDescription": "The Amazon Resource Name (ARN) of the instance.\n\n*Minimum* : `1`\n\n*Maximum* : `100`", - "title": "InstanceId", + "AgentPermissions": { + "$ref": "#/definitions/AWS::CodeGuruProfiler::ProfilingGroup.AgentPermissions", + "markdownDescription": "The agent permissions attached to this profiling group. This action group grants `ConfigureAgent` and `PostAgentProfile` permissions to perform actions required by the profiling agent. The Json consists of key `Principals` .\n\n*Principals* : A list of string ARNs for the roles and users you want to grant access to the profiling group. Wildcards are not supported in the ARNs. You are allowed to provide up to 50 ARNs. An empty list is not permitted. This is a required key.\n\nFor more information, see [Resource-based policies in CodeGuru Profiler](https://docs.aws.amazon.com/codeguru/latest/profiler-ug/resource-based-policies.html) in the *Amazon CodeGuru Profiler user guide* , [ConfigureAgent](https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_ConfigureAgent.html) , and [PostAgentProfile](https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_PostAgentProfile.html) .", + "title": "AgentPermissions" + }, + "AnomalyDetectionNotificationConfiguration": { + "items": { + "$ref": "#/definitions/AWS::CodeGuruProfiler::ProfilingGroup.Channel" + }, + "markdownDescription": "Adds anomaly notifications for a profiling group.", + "title": "AnomalyDetectionNotificationConfiguration", + "type": "array" + }, + "ComputePlatform": { + "markdownDescription": "The compute platform of the profiling group. Use `AWSLambda` if your application runs on AWS Lambda. Use `Default` if your application runs on a compute platform that is not AWS Lambda , such an Amazon EC2 instance, an on-premises server, or a different platform. If not specified, `Default` is used. This property is immutable.", + "title": "ComputePlatform", "type": "string" }, - "Key": { - "markdownDescription": "A valid security key in PEM format. For example:\n\n`\"-----BEGIN PUBLIC KEY-----\\ [a lot of characters] ----END PUBLIC KEY-----\"`\n\n*Minimum* : `1`\n\n*Maximum* : `1024`", - "title": "Key", + "ProfilingGroupName": { + "markdownDescription": "The name of the profiling group.", + "title": "ProfilingGroupName", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags to add to the created profiling group.", + "title": "Tags", + "type": "array" } }, "required": [ - "InstanceId", - "Key" + "ProfilingGroupName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::SecurityKey" + "AWS::CodeGuruProfiler::ProfilingGroup" ], "type": "string" }, @@ -52188,7 +57490,43 @@ ], "type": "object" }, - "AWS::Connect::SecurityProfile": { + "AWS::CodeGuruProfiler::ProfilingGroup.AgentPermissions": { + "additionalProperties": false, + "properties": { + "Principals": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "Principals", + "type": "array" + } + }, + "required": [ + "Principals" + ], + "type": "object" + }, + "AWS::CodeGuruProfiler::ProfilingGroup.Channel": { + "additionalProperties": false, + "properties": { + "channelId": { + "markdownDescription": "The channel ID.", + "title": "channelId", + "type": "string" + }, + "channelUri": { + "markdownDescription": "The channel URI.", + "title": "channelUri", + "type": "string" + } + }, + "required": [ + "channelUri" + ], + "type": "object" + }, + "AWS::CodeGuruReviewer::RepositoryAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -52223,84 +57561,49 @@ "Properties": { "additionalProperties": false, "properties": { - "AllowedAccessControlHierarchyGroupId": { - "markdownDescription": "The identifier of the hierarchy group that a security profile uses to restrict access to resources in Amazon Connect.", - "title": "AllowedAccessControlHierarchyGroupId", + "BucketName": { + "markdownDescription": "The name of the bucket. This is required for your S3Bucket repository. The name must start with the prefix `codeguru-reviewer-*` .", + "title": "BucketName", "type": "string" }, - "AllowedAccessControlTags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The list of tags that a security profile uses to restrict access to resources in Amazon Connect.", - "title": "AllowedAccessControlTags", - "type": "array" - }, - "Applications": { - "items": { - "$ref": "#/definitions/AWS::Connect::SecurityProfile.Application" - }, - "markdownDescription": "", - "title": "Applications", - "type": "array" - }, - "Description": { - "markdownDescription": "The description of the security profile.", - "title": "Description", + "ConnectionArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS CodeStar Connections connection. Its format is `arn:aws:codestar-connections:region-id:aws-account_id:connection/connection-id` . For more information, see [Connection](https://docs.aws.amazon.com/codestar-connections/latest/APIReference/API_Connection.html) in the *AWS CodeStar Connections API Reference* .\n\n`ConnectionArn` must be specified for Bitbucket and GitHub Enterprise Server repositories. It has no effect if it is specified for an AWS CodeCommit repository.", + "title": "ConnectionArn", "type": "string" }, - "HierarchyRestrictedResources": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of resources that a security profile applies hierarchy restrictions to in Amazon Connect. Following are acceptable ResourceNames: `User` .", - "title": "HierarchyRestrictedResources", - "type": "array" - }, - "InstanceArn": { - "markdownDescription": "The identifier of the Amazon Connect instance.", - "title": "InstanceArn", + "Name": { + "markdownDescription": "The name of the repository.", + "title": "Name", "type": "string" }, - "Permissions": { - "items": { - "type": "string" - }, - "markdownDescription": "Permissions assigned to the security profile. For a list of valid permissions, see [List of security profile permissions](https://docs.aws.amazon.com/connect/latest/adminguide/security-profile-list.html) .", - "title": "Permissions", - "type": "array" - }, - "SecurityProfileName": { - "markdownDescription": "The name for the security profile.", - "title": "SecurityProfileName", + "Owner": { + "markdownDescription": "The owner of the repository. For a GitHub Enterprise Server or Bitbucket repository, this is the username for the account that owns the repository.\n\n`Owner` must be specified for Bitbucket and GitHub Enterprise Server repositories. It has no effect if it is specified for an AWS CodeCommit repository.", + "title": "Owner", "type": "string" }, - "TagRestrictedResources": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of resources that a security profile applies tag restrictions to in Amazon Connect.", - "title": "TagRestrictedResources", - "type": "array" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"Tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "markdownDescription": "An array of key-value pairs used to tag an associated repository. A tag is a custom attribute label with two parts:\n\n- A *tag key* (for example, `CostCenter` , `Environment` , `Project` , or `Secret` ). Tag keys are case sensitive.\n- An optional field known as a *tag value* (for example, `111122223333` , `Production` , or a team name). Omitting the tag value is the same as using an empty string. Like tag keys, tag values are case sensitive.", "title": "Tags", "type": "array" + }, + "Type": { + "markdownDescription": "The type of repository that contains the source code to be reviewed. The valid values are:\n\n- `CodeCommit`\n- `Bitbucket`\n- `GitHubEnterpriseServer`\n- `S3Bucket`", + "title": "Type", + "type": "string" } }, "required": [ - "InstanceArn", - "SecurityProfileName" + "Name", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::SecurityProfile" + "AWS::CodeGuruReviewer::RepositoryAssociation" ], "type": "string" }, @@ -52319,30 +57622,7 @@ ], "type": "object" }, - "AWS::Connect::SecurityProfile.Application": { - "additionalProperties": false, - "properties": { - "ApplicationPermissions": { - "items": { - "type": "string" - }, - "markdownDescription": "The permissions that the agent is granted on the application. Only the `ACCESS` permission is supported.", - "title": "ApplicationPermissions", - "type": "array" - }, - "Namespace": { - "markdownDescription": "Namespace of the application that you want to give access to.", - "title": "Namespace", - "type": "string" - } - }, - "required": [ - "ApplicationPermissions", - "Namespace" - ], - "type": "object" - }, - "AWS::Connect::TaskTemplate": { + "AWS::CodePipeline::CustomActionType": { "additionalProperties": false, "properties": { "Condition": { @@ -52377,74 +57657,65 @@ "Properties": { "additionalProperties": false, "properties": { - "ClientToken": { - "markdownDescription": "A unique, case-sensitive identifier that you provide to ensure the idempotency of the request.", - "title": "ClientToken", - "type": "string" - }, - "Constraints": { - "$ref": "#/definitions/AWS::Connect::TaskTemplate.Constraints", - "markdownDescription": "Constraints that are applicable to the fields listed.\n\nThe values can be represented in either JSON or YAML format. For an example of the JSON configuration, see *Examples* at the bottom of this page.", - "title": "Constraints" - }, - "ContactFlowArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the flow that runs by default when a task is created by referencing this template. `ContactFlowArn` is not required when there is a field with `fieldType` = `QUICK_CONNECT` .", - "title": "ContactFlowArn", + "Category": { + "markdownDescription": "The category of the custom action, such as a build action or a test action.", + "title": "Category", "type": "string" }, - "Defaults": { + "ConfigurationProperties": { "items": { - "$ref": "#/definitions/AWS::Connect::TaskTemplate.DefaultFieldValue" + "$ref": "#/definitions/AWS::CodePipeline::CustomActionType.ConfigurationProperties" }, - "markdownDescription": "The default values for fields when a task is created by referencing this template.", - "title": "Defaults", + "markdownDescription": "The configuration properties for the custom action.\n\n> You can refer to a name in the configuration properties of the custom action within the URL templates by following the format of {Config:name}, as long as the configuration property is both required and not secret. For more information, see [Create a Custom Action for a Pipeline](https://docs.aws.amazon.com/codepipeline/latest/userguide/how-to-create-custom-action.html) .", + "title": "ConfigurationProperties", "type": "array" }, - "Description": { - "markdownDescription": "The description of the task template.", - "title": "Description", - "type": "string" - }, - "Fields": { - "items": { - "$ref": "#/definitions/AWS::Connect::TaskTemplate.Field" - }, - "markdownDescription": "Fields that are part of the template. A template requires at least one field that has type `Name` .", - "title": "Fields", - "type": "array" + "InputArtifactDetails": { + "$ref": "#/definitions/AWS::CodePipeline::CustomActionType.ArtifactDetails", + "markdownDescription": "The details of the input artifact for the action, such as its commit ID.", + "title": "InputArtifactDetails" }, - "InstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Connect instance.", - "title": "InstanceArn", - "type": "string" + "OutputArtifactDetails": { + "$ref": "#/definitions/AWS::CodePipeline::CustomActionType.ArtifactDetails", + "markdownDescription": "The details of the output artifact of the action, such as its commit ID.", + "title": "OutputArtifactDetails" }, - "Name": { - "markdownDescription": "The name of the task template.", - "title": "Name", + "Provider": { + "markdownDescription": "The provider of the service used in the custom action, such as CodeDeploy.", + "title": "Provider", "type": "string" }, - "Status": { - "markdownDescription": "The status of the task template.", - "title": "Status", - "type": "string" + "Settings": { + "$ref": "#/definitions/AWS::CodePipeline::CustomActionType.Settings", + "markdownDescription": "URLs that provide users information about this custom action.", + "title": "Settings" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "markdownDescription": "The tags for the custom action.", "title": "Tags", "type": "array" + }, + "Version": { + "markdownDescription": "The version identifier of the custom action.", + "title": "Version", + "type": "string" } }, "required": [ - "InstanceArn" + "Category", + "InputArtifactDetails", + "OutputArtifactDetails", + "Provider", + "Version" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::TaskTemplate" + "AWS::CodePipeline::CustomActionType" ], "type": "string" }, @@ -52463,146 +57734,100 @@ ], "type": "object" }, - "AWS::Connect::TaskTemplate.Constraints": { - "additionalProperties": false, - "properties": { - "InvisibleFields": { - "items": { - "$ref": "#/definitions/AWS::Connect::TaskTemplate.InvisibleFieldInfo" - }, - "markdownDescription": "Lists the fields that are invisible to agents.", - "title": "InvisibleFields", - "type": "array" - }, - "ReadOnlyFields": { - "items": { - "$ref": "#/definitions/AWS::Connect::TaskTemplate.ReadOnlyFieldInfo" - }, - "markdownDescription": "Lists the fields that are read-only to agents, and cannot be edited.", - "title": "ReadOnlyFields", - "type": "array" - }, - "RequiredFields": { - "items": { - "$ref": "#/definitions/AWS::Connect::TaskTemplate.RequiredFieldInfo" - }, - "markdownDescription": "Lists the fields that are required to be filled by agents.", - "title": "RequiredFields", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Connect::TaskTemplate.DefaultFieldValue": { + "AWS::CodePipeline::CustomActionType.ArtifactDetails": { "additionalProperties": false, "properties": { - "DefaultValue": { - "markdownDescription": "Default value for the field.", - "title": "DefaultValue", - "type": "string" + "MaximumCount": { + "markdownDescription": "The maximum number of artifacts allowed for the action type.", + "title": "MaximumCount", + "type": "number" }, - "Id": { - "$ref": "#/definitions/AWS::Connect::TaskTemplate.FieldIdentifier", - "markdownDescription": "Identifier of a field.", - "title": "Id" + "MinimumCount": { + "markdownDescription": "The minimum number of artifacts allowed for the action type.", + "title": "MinimumCount", + "type": "number" } }, "required": [ - "DefaultValue", - "Id" + "MaximumCount", + "MinimumCount" ], "type": "object" }, - "AWS::Connect::TaskTemplate.Field": { + "AWS::CodePipeline::CustomActionType.ConfigurationProperties": { "additionalProperties": false, "properties": { "Description": { - "markdownDescription": "The description of the field.", + "markdownDescription": "The description of the action configuration property that is displayed to users.", "title": "Description", "type": "string" }, - "Id": { - "$ref": "#/definitions/AWS::Connect::TaskTemplate.FieldIdentifier", - "markdownDescription": "The unique identifier for the field.", - "title": "Id" + "Key": { + "markdownDescription": "Whether the configuration property is a key.", + "title": "Key", + "type": "boolean" }, - "SingleSelectOptions": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of options for a single select field.", - "title": "SingleSelectOptions", - "type": "array" + "Name": { + "markdownDescription": "The name of the action configuration property.", + "title": "Name", + "type": "string" + }, + "Queryable": { + "markdownDescription": "Indicates that the property is used with `PollForJobs` . When creating a custom action, an action can have up to one queryable property. If it has one, that property must be both required and not secret.\n\nIf you create a pipeline with a custom action type, and that custom action contains a queryable property, the value for that configuration property is subject to other restrictions. The value must be less than or equal to twenty (20) characters. The value can contain only alphanumeric characters, underscores, and hyphens.", + "title": "Queryable", + "type": "boolean" + }, + "Required": { + "markdownDescription": "Whether the configuration property is a required value.", + "title": "Required", + "type": "boolean" + }, + "Secret": { + "markdownDescription": "Whether the configuration property is secret. Secrets are hidden from all calls except for `GetJobDetails` , `GetThirdPartyJobDetails` , `PollForJobs` , and `PollForThirdPartyJobs` .\n\nWhen updating a pipeline, passing * * * * * without changing any other values of the action preserves the previous value of the secret.", + "title": "Secret", + "type": "boolean" }, "Type": { - "markdownDescription": "Indicates the type of field. Following are the valid field types: `NAME` `DESCRIPTION` | `SCHEDULED_TIME` | `QUICK_CONNECT` | `URL` | `NUMBER` | `TEXT` | `TEXT_AREA` | `DATE_TIME` | `BOOLEAN` | `SINGLE_SELECT` | `EMAIL`", + "markdownDescription": "The type of the configuration property.", "title": "Type", "type": "string" } }, "required": [ - "Id", - "Type" + "Key", + "Name", + "Required", + "Secret" ], "type": "object" }, - "AWS::Connect::TaskTemplate.FieldIdentifier": { + "AWS::CodePipeline::CustomActionType.Settings": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the task template field.", - "title": "Name", + "EntityUrlTemplate": { + "markdownDescription": "The URL returned to the CodePipeline console that provides a deep link to the resources of the external system, such as the configuration page for a CodeDeploy deployment group. This link is provided as part of the action display in the pipeline.", + "title": "EntityUrlTemplate", + "type": "string" + }, + "ExecutionUrlTemplate": { + "markdownDescription": "The URL returned to the CodePipeline console that contains a link to the top-level landing page for the external system, such as the console page for CodeDeploy. This link is shown on the pipeline view page in the CodePipeline console and provides a link to the execution entity of the external action.", + "title": "ExecutionUrlTemplate", + "type": "string" + }, + "RevisionUrlTemplate": { + "markdownDescription": "The URL returned to the CodePipeline console that contains a link to the page where customers can update or change the configuration of the external action.", + "title": "RevisionUrlTemplate", + "type": "string" + }, + "ThirdPartyConfigurationUrl": { + "markdownDescription": "The URL of a sign-up page where users can sign up for an external service and perform initial configuration of the action provided by that service.", + "title": "ThirdPartyConfigurationUrl", "type": "string" } }, - "required": [ - "Name" - ], - "type": "object" - }, - "AWS::Connect::TaskTemplate.InvisibleFieldInfo": { - "additionalProperties": false, - "properties": { - "Id": { - "$ref": "#/definitions/AWS::Connect::TaskTemplate.FieldIdentifier", - "markdownDescription": "Identifier of the invisible field.", - "title": "Id" - } - }, - "required": [ - "Id" - ], - "type": "object" - }, - "AWS::Connect::TaskTemplate.ReadOnlyFieldInfo": { - "additionalProperties": false, - "properties": { - "Id": { - "$ref": "#/definitions/AWS::Connect::TaskTemplate.FieldIdentifier", - "markdownDescription": "Identifier of the read-only field.", - "title": "Id" - } - }, - "required": [ - "Id" - ], - "type": "object" - }, - "AWS::Connect::TaskTemplate.RequiredFieldInfo": { - "additionalProperties": false, - "properties": { - "Id": { - "$ref": "#/definitions/AWS::Connect::TaskTemplate.FieldIdentifier", - "markdownDescription": "The unique identifier for the field.", - "title": "Id" - } - }, - "required": [ - "Id" - ], "type": "object" }, - "AWS::Connect::TrafficDistributionGroup": { + "AWS::CodePipeline::Pipeline": { "additionalProperties": false, "properties": { "Condition": { @@ -52637,169 +57862,94 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the traffic distribution group.", - "title": "Description", - "type": "string" - }, - "InstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN).", - "title": "InstanceArn", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the traffic distribution group.", - "title": "Name", - "type": "string" + "ArtifactStore": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.ArtifactStore", + "markdownDescription": "The S3 bucket where artifacts for the pipeline are stored.\n\n> You must include either `artifactStore` or `artifactStores` in your pipeline, but you cannot use both. If you create a cross-region action in your pipeline, you must use `artifactStores` .", + "title": "ArtifactStore" }, - "Tags": { + "ArtifactStores": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.ArtifactStoreMap" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, {\"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", - "title": "Tags", + "markdownDescription": "A mapping of `artifactStore` objects and their corresponding AWS Regions. There must be an artifact store for the pipeline Region and for each cross-region action in the pipeline.\n\n> You must include either `artifactStore` or `artifactStores` in your pipeline, but you cannot use both. If you create a cross-region action in your pipeline, you must use `artifactStores` .", + "title": "ArtifactStores", "type": "array" - } - }, - "required": [ - "InstanceArn", - "Name" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Connect::TrafficDistributionGroup" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::Connect::User": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" }, - { + "DisableInboundStageTransitions": { "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.StageTransition" }, + "markdownDescription": "Represents the input of a `DisableStageTransition` action.", + "title": "DisableInboundStageTransitions", "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DirectoryUserId": { - "markdownDescription": "The identifier of the user account in the directory used for identity management.", - "title": "DirectoryUserId", - "type": "string" }, - "HierarchyGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the user's hierarchy group.", - "title": "HierarchyGroupArn", + "ExecutionMode": { + "markdownDescription": "The method that the pipeline will use to handle multiple executions. The default mode is SUPERSEDED.", + "title": "ExecutionMode", "type": "string" }, - "IdentityInfo": { - "$ref": "#/definitions/AWS::Connect::User.UserIdentityInfo", - "markdownDescription": "Information about the user identity.", - "title": "IdentityInfo" - }, - "InstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", - "title": "InstanceArn", + "Name": { + "markdownDescription": "The name of the pipeline.", + "title": "Name", "type": "string" }, - "Password": { - "markdownDescription": "The user's password.", - "title": "Password", + "PipelineType": { + "markdownDescription": "CodePipeline provides the following pipeline types, which differ in characteristics and price, so that you can tailor your pipeline features and cost to the needs of your applications.\n\n- V1 type pipelines have a JSON structure that contains standard pipeline, stage, and action-level parameters.\n- V2 type pipelines have the same structure as a V1 type, along with additional parameters for release safety and trigger configuration.\n\n> Including V2 parameters, such as triggers on Git tags, in the pipeline JSON when creating or updating a pipeline will result in the pipeline having the V2 type of pipeline and the associated costs. \n\nFor information about pricing for CodePipeline, see [Pricing](https://docs.aws.amazon.com/codepipeline/pricing/) .\n\nFor information about which type of pipeline to choose, see [What type of pipeline is right for me?](https://docs.aws.amazon.com/codepipeline/latest/userguide/pipeline-types-planning.html) .", + "title": "PipelineType", "type": "string" }, - "PhoneConfig": { - "$ref": "#/definitions/AWS::Connect::User.UserPhoneConfig", - "markdownDescription": "Information about the phone configuration for the user.", - "title": "PhoneConfig" + "RestartExecutionOnUpdate": { + "markdownDescription": "Indicates whether to rerun the CodePipeline pipeline after you update it.", + "title": "RestartExecutionOnUpdate", + "type": "boolean" }, - "RoutingProfileArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the user's routing profile.", - "title": "RoutingProfileArn", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for CodePipeline to use to either perform actions with no `actionRoleArn` , or to use to assume roles for actions with an `actionRoleArn` .", + "title": "RoleArn", "type": "string" }, - "SecurityProfileArns": { + "Stages": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.StageDeclaration" }, - "markdownDescription": "The Amazon Resource Name (ARN) of the user's security profile.", - "title": "SecurityProfileArns", + "markdownDescription": "Represents information about a stage and its definition.", + "title": "Stages", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags.", + "markdownDescription": "Specifies the tags applied to the pipeline.", "title": "Tags", "type": "array" }, - "UserProficiencies": { + "Triggers": { "items": { - "$ref": "#/definitions/AWS::Connect::User.UserProficiency" + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.PipelineTriggerDeclaration" }, - "markdownDescription": "One or more predefined attributes assigned to a user, with a numeric value that indicates how their level of skill in a specified area.", - "title": "UserProficiencies", + "markdownDescription": "The trigger configuration specifying a type of event, such as Git tags, that starts the pipeline.\n\n> When a trigger configuration is specified, default change detection for repository and branch commits is disabled.", + "title": "Triggers", "type": "array" }, - "Username": { - "markdownDescription": "The user name assigned to the user account.", - "title": "Username", - "type": "string" + "Variables": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.VariableDeclaration" + }, + "markdownDescription": "A list that defines the pipeline variables for a pipeline resource. Variable names can have alphanumeric and underscore characters, and the values must match `[A-Za-z0-9@\\-_]+` .", + "title": "Variables", + "type": "array" } }, "required": [ - "InstanceArn", - "PhoneConfig", - "RoutingProfileArn", - "SecurityProfileArns", - "Username" + "RoleArn", + "Stages" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::User" + "AWS::CodePipeline::Pipeline" ], "type": "string" }, @@ -52818,93 +57968,680 @@ ], "type": "object" }, - "AWS::Connect::User.UserIdentityInfo": { + "AWS::CodePipeline::Pipeline.ActionDeclaration": { "additionalProperties": false, "properties": { - "Email": { - "markdownDescription": "The email address. If you are using SAML for identity management and include this parameter, an error is returned.", - "title": "Email", + "ActionTypeId": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.ActionTypeId", + "markdownDescription": "Specifies the action type and the provider of the action.", + "title": "ActionTypeId" + }, + "Commands": { + "items": { + "type": "string" + }, + "markdownDescription": "The shell commands to run with your compute action in CodePipeline. All commands are supported except multi-line formats. While CodeBuild logs and permissions are used, you do not need to create any resources in CodeBuild.\n\n> Using compute time for this action will incur separate charges in AWS CodeBuild .", + "title": "Commands", + "type": "array" + }, + "Configuration": { + "markdownDescription": "The action's configuration. These are key-value pairs that specify input values for an action. For more information, see [Action Structure Requirements in CodePipeline](https://docs.aws.amazon.com/codepipeline/latest/userguide/reference-pipeline-structure.html#action-requirements) . For the list of configuration properties for the AWS CloudFormation action type in CodePipeline, see [Configuration Properties Reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/continuous-delivery-codepipeline-action-reference.html) in the *AWS CloudFormation User Guide* . For template snippets with examples, see [Using Parameter Override Functions with CodePipeline Pipelines](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/continuous-delivery-codepipeline-parameter-override-functions.html) in the *AWS CloudFormation User Guide* .\n\nThe values can be represented in either JSON or YAML format. For example, the JSON configuration item format is as follows:\n\n*JSON:*\n\n`\"Configuration\" : { Key : Value },`", + "title": "Configuration", + "type": "object" + }, + "EnvironmentVariables": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.EnvironmentVariable" + }, + "markdownDescription": "The environment variables for the action.", + "title": "EnvironmentVariables", + "type": "array" + }, + "InputArtifacts": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.InputArtifact" + }, + "markdownDescription": "The name or ID of the artifact consumed by the action, such as a test or build artifact. While the field is not a required parameter, most actions have an action configuration that requires a specified quantity of input artifacts. To refer to the action configuration specification by action provider, see the [Action structure reference](https://docs.aws.amazon.com/codepipeline/latest/userguide/action-reference.html) in the *AWS CodePipeline User Guide* .\n\n> For a CodeBuild action with multiple input artifacts, one of your input sources must be designated the PrimarySource. For more information, see the [CodeBuild action reference page](https://docs.aws.amazon.com/codepipeline/latest/userguide/action-reference-CodeBuild.html) in the *AWS CodePipeline User Guide* .", + "title": "InputArtifacts", + "type": "array" + }, + "Name": { + "markdownDescription": "The action declaration's name.", + "title": "Name", "type": "string" }, - "FirstName": { - "markdownDescription": "The first name. This is required if you are using Amazon Connect or SAML for identity management. Inputs must be in Unicode Normalization Form C (NFC). Text containing characters in a non-NFC form (for example, decomposed characters or combining marks) are not accepted.", - "title": "FirstName", + "Namespace": { + "markdownDescription": "The variable namespace associated with the action. All variables produced as output by this action fall under this namespace.", + "title": "Namespace", "type": "string" }, - "LastName": { - "markdownDescription": "The last name. This is required if you are using Amazon Connect or SAML for identity management. Inputs must be in Unicode Normalization Form C (NFC). Text containing characters in a non-NFC form (for example, decomposed characters or combining marks) are not accepted.", - "title": "LastName", + "OutputArtifacts": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.OutputArtifact" + }, + "markdownDescription": "The name or ID of the result of the action declaration, such as a test or build artifact. While the field is not a required parameter, most actions have an action configuration that requires a specified quantity of output artifacts. To refer to the action configuration specification by action provider, see the [Action structure reference](https://docs.aws.amazon.com/codepipeline/latest/userguide/action-reference.html) in the *AWS CodePipeline User Guide* .", + "title": "OutputArtifacts", + "type": "array" + }, + "OutputVariables": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of variables that are to be exported from the compute action. This is specifically CodeBuild environment variables as used for that action.", + "title": "OutputVariables", + "type": "array" + }, + "Region": { + "markdownDescription": "The action declaration's AWS Region, such as us-east-1.", + "title": "Region", "type": "string" }, - "Mobile": { - "markdownDescription": "The user's mobile number.", - "title": "Mobile", + "RoleArn": { + "markdownDescription": "The ARN of the IAM service role that performs the declared action. This is assumed through the roleArn for the pipeline.", + "title": "RoleArn", "type": "string" }, - "SecondaryEmail": { - "markdownDescription": "The user's secondary email address. If you provide a secondary email, the user receives email notifications -- other than password reset notifications -- to this email address instead of to their primary email address.\n\n*Pattern* : `(?=^.{0,265}$)[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,63}`", - "title": "SecondaryEmail", + "RunOrder": { + "markdownDescription": "The order in which actions are run.", + "title": "RunOrder", + "type": "number" + }, + "TimeoutInMinutes": { + "markdownDescription": "A timeout duration in minutes that can be applied against the ActionType\u2019s default timeout value specified in [Quotas for AWS CodePipeline](https://docs.aws.amazon.com/codepipeline/latest/userguide/limits.html) . This attribute is available only to the manual approval ActionType.", + "title": "TimeoutInMinutes", + "type": "number" + } + }, + "required": [ + "ActionTypeId", + "Name" + ], + "type": "object" + }, + "AWS::CodePipeline::Pipeline.ActionTypeId": { + "additionalProperties": false, + "properties": { + "Category": { + "markdownDescription": "A category defines what kind of action can be taken in the stage, and constrains the provider type for the action. Valid categories are limited to one of the values below.\n\n- `Source`\n- `Build`\n- `Test`\n- `Deploy`\n- `Invoke`\n- `Approval`\n- `Compute`", + "title": "Category", + "type": "string" + }, + "Owner": { + "markdownDescription": "The creator of the action being called. There are three valid values for the `Owner` field in the action category section within your pipeline structure: `AWS` , `ThirdParty` , and `Custom` . For more information, see [Valid Action Types and Providers in CodePipeline](https://docs.aws.amazon.com/codepipeline/latest/userguide/reference-pipeline-structure.html#actions-valid-providers) .", + "title": "Owner", + "type": "string" + }, + "Provider": { + "markdownDescription": "The provider of the service being called by the action. Valid providers are determined by the action category. For example, an action in the Deploy category type might have a provider of CodeDeploy, which would be specified as `CodeDeploy` . For more information, see [Valid Action Types and Providers in CodePipeline](https://docs.aws.amazon.com/codepipeline/latest/userguide/reference-pipeline-structure.html#actions-valid-providers) .", + "title": "Provider", + "type": "string" + }, + "Version": { + "markdownDescription": "A string that describes the action version.", + "title": "Version", + "type": "string" + } + }, + "required": [ + "Category", + "Owner", + "Provider", + "Version" + ], + "type": "object" + }, + "AWS::CodePipeline::Pipeline.ArtifactStore": { + "additionalProperties": false, + "properties": { + "EncryptionKey": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.EncryptionKey", + "markdownDescription": "The encryption key used to encrypt the data in the artifact store, such as an AWS Key Management Service ( AWS KMS) key. If this is undefined, the default key for Amazon S3 is used. To see an example artifact store encryption key field, see the example structure here: [AWS::CodePipeline::Pipeline](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codepipeline-pipeline.html) .", + "title": "EncryptionKey" + }, + "Location": { + "markdownDescription": "The S3 bucket used for storing the artifacts for a pipeline. You can specify the name of an S3 bucket but not a folder in the bucket. A folder to contain the pipeline artifacts is created for you based on the name of the pipeline. You can use any S3 bucket in the same AWS Region as the pipeline to store your pipeline artifacts.", + "title": "Location", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the artifact store, such as S3.", + "title": "Type", "type": "string" } }, + "required": [ + "Location", + "Type" + ], "type": "object" }, - "AWS::Connect::User.UserPhoneConfig": { + "AWS::CodePipeline::Pipeline.ArtifactStoreMap": { "additionalProperties": false, "properties": { - "AfterContactWorkTimeLimit": { - "markdownDescription": "The After Call Work (ACW) timeout setting, in seconds. This parameter has a minimum value of 0 and a maximum value of 2,000,000 seconds (24 days). Enter 0 if you don't want to allocate a specific amount of ACW time. It essentially means an indefinite amount of time. When the conversation ends, ACW starts; the agent must choose Close contact to end ACW.\n\n> When returned by a `SearchUsers` call, `AfterContactWorkTimeLimit` is returned in milliseconds.", - "title": "AfterContactWorkTimeLimit", - "type": "number" + "ArtifactStore": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.ArtifactStore", + "markdownDescription": "Represents information about the S3 bucket where artifacts are stored for the pipeline.\n\n> You must include either `artifactStore` or `artifactStores` in your pipeline, but you cannot use both. If you create a cross-region action in your pipeline, you must use `artifactStores` .", + "title": "ArtifactStore" }, - "AutoAccept": { - "markdownDescription": "The Auto accept setting.", - "title": "AutoAccept", - "type": "boolean" + "Region": { + "markdownDescription": "The action declaration's AWS Region, such as us-east-1.", + "title": "Region", + "type": "string" + } + }, + "required": [ + "ArtifactStore", + "Region" + ], + "type": "object" + }, + "AWS::CodePipeline::Pipeline.BeforeEntryConditions": { + "additionalProperties": false, + "properties": { + "Conditions": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.Condition" + }, + "markdownDescription": "The conditions that are configured as entry conditions.", + "title": "Conditions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CodePipeline::Pipeline.BlockerDeclaration": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "Reserved for future use.", + "title": "Name", + "type": "string" }, - "DeskPhoneNumber": { - "markdownDescription": "The phone number for the user's desk phone.", - "title": "DeskPhoneNumber", + "Type": { + "markdownDescription": "Reserved for future use.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Name", + "Type" + ], + "type": "object" + }, + "AWS::CodePipeline::Pipeline.Condition": { + "additionalProperties": false, + "properties": { + "Result": { + "markdownDescription": "The action to be done when the condition is met. For example, rolling back an execution for a failure condition.", + "title": "Result", "type": "string" }, - "PhoneType": { - "markdownDescription": "The phone type.", - "title": "PhoneType", + "Rules": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.RuleDeclaration" + }, + "markdownDescription": "The rules that make up the condition.", + "title": "Rules", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CodePipeline::Pipeline.EncryptionKey": { + "additionalProperties": false, + "properties": { + "Id": { + "markdownDescription": "The ID used to identify the key. For an AWS KMS key, you can use the key ID, the key ARN, or the alias ARN.\n\n> Aliases are recognized only in the account that created the AWS KMS key. For cross-account actions, you can only use the key ID or key ARN to identify the key. Cross-account actions involve using the role from the other account (AccountB), so specifying the key ID will use the key from the other account (AccountB).", + "title": "Id", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of encryption key, such as an AWS KMS key. When creating or updating a pipeline, the value must be set to 'KMS'.", + "title": "Type", "type": "string" } }, "required": [ - "PhoneType" + "Id", + "Type" ], "type": "object" }, - "AWS::Connect::User.UserProficiency": { + "AWS::CodePipeline::Pipeline.EnvironmentVariable": { "additionalProperties": false, "properties": { - "AttributeName": { - "markdownDescription": "The name of user\u2019s proficiency. You must use a predefined attribute name that is present in the Amazon Connect instance.", - "title": "AttributeName", + "Name": { + "markdownDescription": "The environment variable name in the key-value pair.", + "title": "Name", "type": "string" }, - "AttributeValue": { - "markdownDescription": "The value of user\u2019s proficiency. You must use a predefined attribute value that is present in the Amazon Connect instance.", - "title": "AttributeValue", + "Type": { + "markdownDescription": "Specifies the type of use for the environment variable value. The value can be either `PLAINTEXT` or `SECRETS_MANAGER` . If the value is `SECRETS_MANAGER` , provide the Secrets reference in the EnvironmentVariable value.", + "title": "Type", "type": "string" }, - "Level": { - "markdownDescription": "The level of the proficiency. The valid values are 1, 2, 3, 4 and 5.", - "title": "Level", - "type": "number" + "Value": { + "markdownDescription": "The environment variable value in the key-value pair.", + "title": "Value", + "type": "string" } }, "required": [ - "AttributeName", - "AttributeValue", - "Level" + "Name", + "Value" ], "type": "object" }, - "AWS::Connect::UserHierarchyGroup": { + "AWS::CodePipeline::Pipeline.FailureConditions": { + "additionalProperties": false, + "properties": { + "Conditions": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.Condition" + }, + "markdownDescription": "The conditions that are configured as failure conditions. For more information about conditions, see [Stage conditions](https://docs.aws.amazon.com/codepipeline/latest/userguide/stage-conditions.html) and [How do stage conditions work?](https://docs.aws.amazon.com/codepipeline/latest/userguide/concepts-how-it-works-conditions.html) .", + "title": "Conditions", + "type": "array" + }, + "Result": { + "markdownDescription": "The specified result for when the failure conditions are met, such as rolling back the stage.", + "title": "Result", + "type": "string" + }, + "RetryConfiguration": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.RetryConfiguration", + "markdownDescription": "The retry configuration specifies automatic retry for a failed stage, along with the configured retry mode.", + "title": "RetryConfiguration" + } + }, + "type": "object" + }, + "AWS::CodePipeline::Pipeline.GitBranchFilterCriteria": { + "additionalProperties": false, + "properties": { + "Excludes": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of patterns of Git branches that, when a commit is pushed, are to be excluded from starting the pipeline.", + "title": "Excludes", + "type": "array" + }, + "Includes": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of patterns of Git branches that, when a commit is pushed, are to be included as criteria that starts the pipeline.", + "title": "Includes", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CodePipeline::Pipeline.GitConfiguration": { + "additionalProperties": false, + "properties": { + "PullRequest": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitPullRequestFilter" + }, + "markdownDescription": "The field where the repository event that will start the pipeline is specified as pull requests.", + "title": "PullRequest", + "type": "array" + }, + "Push": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitPushFilter" + }, + "markdownDescription": "The field where the repository event that will start the pipeline, such as pushing Git tags, is specified with details.", + "title": "Push", + "type": "array" + }, + "SourceActionName": { + "markdownDescription": "The name of the pipeline source action where the trigger configuration, such as Git tags, is specified. The trigger configuration will start the pipeline upon the specified change only.\n\n> You can only specify one trigger configuration per source action.", + "title": "SourceActionName", + "type": "string" + } + }, + "required": [ + "SourceActionName" + ], + "type": "object" + }, + "AWS::CodePipeline::Pipeline.GitFilePathFilterCriteria": { + "additionalProperties": false, + "properties": { + "Excludes": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of patterns of Git repository file paths that, when a commit is pushed, are to be excluded from starting the pipeline.", + "title": "Excludes", + "type": "array" + }, + "Includes": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of patterns of Git repository file paths that, when a commit is pushed, are to be included as criteria that starts the pipeline.", + "title": "Includes", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CodePipeline::Pipeline.GitPullRequestFilter": { + "additionalProperties": false, + "properties": { + "Branches": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitBranchFilterCriteria", + "markdownDescription": "The field that specifies to filter on branches for the pull request trigger configuration.", + "title": "Branches" + }, + "Events": { + "items": { + "type": "string" + }, + "markdownDescription": "The field that specifies which pull request events to filter on (OPEN, UPDATED, CLOSED) for the trigger configuration.", + "title": "Events", + "type": "array" + }, + "FilePaths": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitFilePathFilterCriteria", + "markdownDescription": "The field that specifies to filter on file paths for the pull request trigger configuration.", + "title": "FilePaths" + } + }, + "type": "object" + }, + "AWS::CodePipeline::Pipeline.GitPushFilter": { + "additionalProperties": false, + "properties": { + "Branches": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitBranchFilterCriteria", + "markdownDescription": "The field that specifies to filter on branches for the push trigger configuration.", + "title": "Branches" + }, + "FilePaths": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitFilePathFilterCriteria", + "markdownDescription": "The field that specifies to filter on file paths for the push trigger configuration.", + "title": "FilePaths" + }, + "Tags": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitTagFilterCriteria", + "markdownDescription": "The field that contains the details for the Git tags trigger configuration.", + "title": "Tags" + } + }, + "type": "object" + }, + "AWS::CodePipeline::Pipeline.GitTagFilterCriteria": { + "additionalProperties": false, + "properties": { + "Excludes": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of patterns of Git tags that, when pushed, are to be excluded from starting the pipeline.", + "title": "Excludes", + "type": "array" + }, + "Includes": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of patterns of Git tags that, when pushed, are to be included as criteria that starts the pipeline.", + "title": "Includes", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CodePipeline::Pipeline.InputArtifact": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the artifact to be worked on (for example, \"My App\").\n\nArtifacts are the files that are worked on by actions in the pipeline. See the action configuration for each action for details about artifact parameters. For example, the S3 source action input artifact is a file name (or file path), and the files are generally provided as a ZIP file. Example artifact name: SampleApp_Windows.zip\n\nThe input artifact of an action must exactly match the output artifact declared in a preceding action, but the input artifact does not have to be the next action in strict sequence from the action that provided the output artifact. Actions in parallel can declare different output artifacts, which are in turn consumed by different following actions.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::CodePipeline::Pipeline.OutputArtifact": { + "additionalProperties": false, + "properties": { + "Files": { + "items": { + "type": "string" + }, + "markdownDescription": "The files that you want to associate with the output artifact that will be exported from the compute action.", + "title": "Files", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the output of an artifact, such as \"My App\".\n\nThe output artifact name must exactly match the input artifact declared for a downstream action. However, the downstream action's input artifact does not have to be the next action in strict sequence from the action that provided the output artifact. Actions in parallel can declare different output artifacts, which are in turn consumed by different following actions.\n\nOutput artifact names must be unique within a pipeline.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::CodePipeline::Pipeline.PipelineTriggerDeclaration": { + "additionalProperties": false, + "properties": { + "GitConfiguration": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitConfiguration", + "markdownDescription": "Provides the filter criteria and the source stage for the repository event that starts the pipeline, such as Git tags.", + "title": "GitConfiguration" + }, + "ProviderType": { + "markdownDescription": "The source provider for the event, such as connections configured for a repository with Git tags, for the specified trigger configuration.", + "title": "ProviderType", + "type": "string" + } + }, + "required": [ + "ProviderType" + ], + "type": "object" + }, + "AWS::CodePipeline::Pipeline.RetryConfiguration": { + "additionalProperties": false, + "properties": { + "RetryMode": { + "markdownDescription": "The method that you want to configure for automatic stage retry on stage failure. You can specify to retry only failed action in the stage or all actions in the stage.", + "title": "RetryMode", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CodePipeline::Pipeline.RuleDeclaration": { + "additionalProperties": false, + "properties": { + "Commands": { + "items": { + "type": "string" + }, + "markdownDescription": "The shell commands to run with your commands rule in CodePipeline. All commands are supported except multi-line formats. While CodeBuild logs and permissions are used, you do not need to create any resources in CodeBuild.\n\n> Using compute time for this action will incur separate charges in AWS CodeBuild .", + "title": "Commands", + "type": "array" + }, + "Configuration": { + "markdownDescription": "The action configuration fields for the rule.", + "title": "Configuration", + "type": "object" + }, + "InputArtifacts": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.InputArtifact" + }, + "markdownDescription": "The input artifacts fields for the rule, such as specifying an input file for the rule.", + "title": "InputArtifacts", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the rule that is created for the condition, such as `VariableCheck` .", + "title": "Name", + "type": "string" + }, + "Region": { + "markdownDescription": "The Region for the condition associated with the rule.", + "title": "Region", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The pipeline role ARN associated with the rule.", + "title": "RoleArn", + "type": "string" + }, + "RuleTypeId": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.RuleTypeId", + "markdownDescription": "The ID for the rule type, which is made up of the combined values for category, owner, provider, and version.", + "title": "RuleTypeId" + } + }, + "type": "object" + }, + "AWS::CodePipeline::Pipeline.RuleTypeId": { + "additionalProperties": false, + "properties": { + "Category": { + "markdownDescription": "A category defines what kind of rule can be run in the stage, and constrains the provider type for the rule. The valid category is `Rule` .", + "title": "Category", + "type": "string" + }, + "Owner": { + "markdownDescription": "The creator of the rule being called. The valid value for the `Owner` field in the rule category is `AWS` .", + "title": "Owner", + "type": "string" + }, + "Provider": { + "markdownDescription": "The rule provider, such as the `DeploymentWindow` rule. For a list of rule provider names, see the rules listed in the [AWS CodePipeline rule reference](https://docs.aws.amazon.com/codepipeline/latest/userguide/rule-reference.html) .", + "title": "Provider", + "type": "string" + }, + "Version": { + "markdownDescription": "A string that describes the rule version.", + "title": "Version", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CodePipeline::Pipeline.StageDeclaration": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.ActionDeclaration" + }, + "markdownDescription": "The actions included in a stage.", + "title": "Actions", + "type": "array" + }, + "BeforeEntry": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.BeforeEntryConditions", + "markdownDescription": "The method to use when a stage allows entry. For example, configuring this field for conditions will allow entry to the stage when the conditions are met.", + "title": "BeforeEntry" + }, + "Blockers": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.BlockerDeclaration" + }, + "markdownDescription": "Reserved for future use.", + "title": "Blockers", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the stage.", + "title": "Name", + "type": "string" + }, + "OnFailure": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.FailureConditions", + "markdownDescription": "The method to use when a stage has not completed successfully. For example, configuring this field for rollback will roll back a failed stage automatically to the last successful pipeline execution in the stage.", + "title": "OnFailure" + }, + "OnSuccess": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.SuccessConditions", + "markdownDescription": "The method to use when a stage has succeeded. For example, configuring this field for conditions will allow the stage to succeed when the conditions are met.", + "title": "OnSuccess" + } + }, + "required": [ + "Actions", + "Name" + ], + "type": "object" + }, + "AWS::CodePipeline::Pipeline.StageTransition": { + "additionalProperties": false, + "properties": { + "Reason": { + "markdownDescription": "The reason given to the user that a stage is disabled, such as waiting for manual approval or manual tests. This message is displayed in the pipeline console UI.", + "title": "Reason", + "type": "string" + }, + "StageName": { + "markdownDescription": "The name of the stage where you want to disable the inbound or outbound transition of artifacts.", + "title": "StageName", + "type": "string" + } + }, + "required": [ + "Reason", + "StageName" + ], + "type": "object" + }, + "AWS::CodePipeline::Pipeline.SuccessConditions": { + "additionalProperties": false, + "properties": { + "Conditions": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.Condition" + }, + "markdownDescription": "The conditions that are success conditions.", + "title": "Conditions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CodePipeline::Pipeline.VariableDeclaration": { + "additionalProperties": false, + "properties": { + "DefaultValue": { + "markdownDescription": "The value of a pipeline-level variable.", + "title": "DefaultValue", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of a pipeline-level variable. It's used to add additional context about the variable, and not being used at time when pipeline executes.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a pipeline-level variable.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::CodePipeline::Webhook": { "additionalProperties": false, "properties": { "Condition": { @@ -52939,39 +58676,63 @@ "Properties": { "additionalProperties": false, "properties": { - "InstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the user hierarchy group.", - "title": "InstanceArn", + "Authentication": { + "markdownDescription": "Supported options are GITHUB_HMAC, IP, and UNAUTHENTICATED.\n\n> When creating CodePipeline webhooks, do not use your own credentials or reuse the same secret token across multiple webhooks. For optimal security, generate a unique secret token for each webhook you create. The secret token is an arbitrary string that you provide, which GitHub uses to compute and sign the webhook payloads sent to CodePipeline, for protecting the integrity and authenticity of the webhook payloads. Using your own credentials or reusing the same token across multiple webhooks can lead to security vulnerabilities. > If a secret token was provided, it will be redacted in the response. \n\n- For information about the authentication scheme implemented by GITHUB_HMAC, see [Securing your webhooks](https://docs.aws.amazon.com/https://developer.github.com/webhooks/securing/) on the GitHub Developer website.\n- IP rejects webhooks trigger requests unless they originate from an IP address in the IP range whitelisted in the authentication configuration.\n- UNAUTHENTICATED accepts all webhook trigger requests regardless of origin.", + "title": "Authentication", "type": "string" }, + "AuthenticationConfiguration": { + "$ref": "#/definitions/AWS::CodePipeline::Webhook.WebhookAuthConfiguration", + "markdownDescription": "Properties that configure the authentication applied to incoming webhook trigger requests. The required properties depend on the authentication type. For GITHUB_HMAC, only the `SecretToken` property must be set. For IP, only the `AllowedIPRange` property must be set to a valid CIDR range. For UNAUTHENTICATED, no properties can be set.", + "title": "AuthenticationConfiguration" + }, + "Filters": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Webhook.WebhookFilterRule" + }, + "markdownDescription": "A list of rules applied to the body/payload sent in the POST request to a webhook URL. All defined rules must pass for the request to be accepted and the pipeline started.", + "title": "Filters", + "type": "array" + }, "Name": { - "markdownDescription": "The name of the user hierarchy group.", + "markdownDescription": "The name of the webhook.", "title": "Name", "type": "string" }, - "ParentGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the parent group.", - "title": "ParentGroupArn", + "RegisterWithThirdParty": { + "markdownDescription": "Configures a connection between the webhook that was created and the external tool with events to be detected.", + "title": "RegisterWithThirdParty", + "type": "boolean" + }, + "TargetAction": { + "markdownDescription": "The name of the action in a pipeline you want to connect to the webhook. The action must be from the source (first) stage of the pipeline.", + "title": "TargetAction", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.", - "title": "Tags", - "type": "array" + "TargetPipeline": { + "markdownDescription": "The name of the pipeline you want to connect to the webhook.", + "title": "TargetPipeline", + "type": "string" + }, + "TargetPipelineVersion": { + "markdownDescription": "The version number of the pipeline to be connected to the trigger request.\n\nRequired: Yes\n\nType: Integer\n\nUpdate requires: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt)", + "title": "TargetPipelineVersion", + "type": "number" } }, "required": [ - "InstanceArn", - "Name" + "Authentication", + "AuthenticationConfiguration", + "Filters", + "TargetAction", + "TargetPipeline", + "TargetPipelineVersion" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::UserHierarchyGroup" + "AWS::CodePipeline::Webhook" ], "type": "string" }, @@ -52990,7 +58751,42 @@ ], "type": "object" }, - "AWS::Connect::View": { + "AWS::CodePipeline::Webhook.WebhookAuthConfiguration": { + "additionalProperties": false, + "properties": { + "AllowedIPRange": { + "markdownDescription": "The property used to configure acceptance of webhooks in an IP address range. For IP, only the `AllowedIPRange` property must be set. This property must be set to a valid CIDR range.", + "title": "AllowedIPRange", + "type": "string" + }, + "SecretToken": { + "markdownDescription": "The property used to configure GitHub authentication. For GITHUB_HMAC, only the `SecretToken` property must be set.\n\n> When creating CodePipeline webhooks, do not use your own credentials or reuse the same secret token across multiple webhooks. For optimal security, generate a unique secret token for each webhook you create. The secret token is an arbitrary string that you provide, which GitHub uses to compute and sign the webhook payloads sent to CodePipeline, for protecting the integrity and authenticity of the webhook payloads. Using your own credentials or reusing the same token across multiple webhooks can lead to security vulnerabilities. > If a secret token was provided, it will be redacted in the response.", + "title": "SecretToken", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CodePipeline::Webhook.WebhookFilterRule": { + "additionalProperties": false, + "properties": { + "JsonPath": { + "markdownDescription": "A JsonPath expression that is applied to the body/payload of the webhook. The value selected by the JsonPath expression must match the value specified in the `MatchEquals` field. Otherwise, the request is ignored. For more information, see [Java JsonPath implementation](https://docs.aws.amazon.com/https://github.com/json-path/JsonPath) in GitHub.", + "title": "JsonPath", + "type": "string" + }, + "MatchEquals": { + "markdownDescription": "The value selected by the `JsonPath` expression must match what is supplied in the `MatchEquals` field. Otherwise, the request is ignored. Properties from the target action configuration can be included as placeholders in this value by surrounding the action configuration key with curly brackets. For example, if the value supplied here is \"refs/heads/{Branch}\" and the target action has an action configuration property called \"Branch\" with a value of \"main\", the `MatchEquals` value is evaluated as \"refs/heads/main\". For a list of action configuration properties for built-in action types, see [Pipeline Structure Reference Action Requirements](https://docs.aws.amazon.com/codepipeline/latest/userguide/reference-pipeline-structure.html#action-requirements) .", + "title": "MatchEquals", + "type": "string" + } + }, + "required": [ + "JsonPath" + ], + "type": "object" + }, + "AWS::CodeStar::GitHubRepository": { "additionalProperties": false, "properties": { "Condition": { @@ -53025,54 +58821,56 @@ "Properties": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of actions possible from the view.", - "title": "Actions", - "type": "array" + "Code": { + "$ref": "#/definitions/AWS::CodeStar::GitHubRepository.Code", + "markdownDescription": "Information about code to be committed to a repository after it is created in an AWS CloudFormation stack.", + "title": "Code" }, - "Description": { - "markdownDescription": "The description of the view.", - "title": "Description", + "ConnectionArn": { + "markdownDescription": "", + "title": "ConnectionArn", "type": "string" }, - "InstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", - "title": "InstanceArn", + "EnableIssues": { + "markdownDescription": "Indicates whether to enable issues for the GitHub repository. You can use GitHub issues to track information and bugs for your repository.", + "title": "EnableIssues", + "type": "boolean" + }, + "IsPrivate": { + "markdownDescription": "Indicates whether the GitHub repository is a private repository. If so, you choose who can see and commit to this repository.", + "title": "IsPrivate", + "type": "boolean" + }, + "RepositoryAccessToken": { + "markdownDescription": "The GitHub user's personal access token for the GitHub repository.", + "title": "RepositoryAccessToken", "type": "string" }, - "Name": { - "markdownDescription": "The name of the view.", - "title": "Name", + "RepositoryDescription": { + "markdownDescription": "A comment or description about the new repository. This description is displayed in GitHub after the repository is created.", + "title": "RepositoryDescription", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags associated with the view resource (not specific to view version).", - "title": "Tags", - "type": "array" + "RepositoryName": { + "markdownDescription": "The name of the repository you want to create in GitHub with AWS CloudFormation stack creation.", + "title": "RepositoryName", + "type": "string" }, - "Template": { - "markdownDescription": "The view template representing the structure of the view.", - "title": "Template", - "type": "object" + "RepositoryOwner": { + "markdownDescription": "The GitHub user name for the owner of the GitHub repository to be created. If this repository should be owned by a GitHub organization, provide its name.", + "title": "RepositoryOwner", + "type": "string" } }, "required": [ - "Actions", - "InstanceArn", - "Name", - "Template" + "RepositoryName", + "RepositoryOwner" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::View" + "AWS::CodeStar::GitHubRepository" ], "type": "string" }, @@ -53091,7 +58889,46 @@ ], "type": "object" }, - "AWS::Connect::ViewVersion": { + "AWS::CodeStar::GitHubRepository.Code": { + "additionalProperties": false, + "properties": { + "S3": { + "$ref": "#/definitions/AWS::CodeStar::GitHubRepository.S3", + "markdownDescription": "Information about the Amazon S3 bucket that contains a ZIP file of code to be committed to the repository.", + "title": "S3" + } + }, + "required": [ + "S3" + ], + "type": "object" + }, + "AWS::CodeStar::GitHubRepository.S3": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The name of the Amazon S3 bucket that contains the ZIP file with the content to be committed to the new repository.", + "title": "Bucket", + "type": "string" + }, + "Key": { + "markdownDescription": "The S3 object key or file name for the ZIP file.", + "title": "Key", + "type": "string" + }, + "ObjectVersion": { + "markdownDescription": "The object version of the ZIP file, if versioning is enabled for the Amazon S3 bucket.", + "title": "ObjectVersion", + "type": "string" + } + }, + "required": [ + "Bucket", + "Key" + ], + "type": "object" + }, + "AWS::CodeStarConnections::Connection": { "additionalProperties": false, "properties": { "Condition": { @@ -53126,30 +58963,38 @@ "Properties": { "additionalProperties": false, "properties": { - "VersionDescription": { - "markdownDescription": "The description of the view version.", - "title": "VersionDescription", + "ConnectionName": { + "markdownDescription": "The name of the connection. Connection names must be unique in an AWS account .", + "title": "ConnectionName", "type": "string" }, - "ViewArn": { - "markdownDescription": "The unqualified Amazon Resource Name (ARN) of the view.\n\nFor example:\n\n`arn::connect:::instance/00000000-0000-0000-0000-000000000000/view/00000000-0000-0000-0000-000000000000`", - "title": "ViewArn", + "HostArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the host associated with the connection.", + "title": "HostArn", "type": "string" }, - "ViewContentSha256": { - "markdownDescription": "Indicates the checksum value of the latest published view content.", - "title": "ViewContentSha256", + "ProviderType": { + "markdownDescription": "The name of the external provider where your third-party code repository is configured.", + "title": "ProviderType", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies the tags applied to the resource.", + "title": "Tags", + "type": "array" } }, "required": [ - "ViewArn" + "ConnectionName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::ViewVersion" + "AWS::CodeStarConnections::Connection" ], "type": "string" }, @@ -53168,7 +59013,7 @@ ], "type": "object" }, - "AWS::ConnectCampaigns::Campaign": { + "AWS::CodeStarConnections::RepositoryLink": { "additionalProperties": false, "properties": { "Condition": { @@ -53203,46 +59048,45 @@ "Properties": { "additionalProperties": false, "properties": { - "ConnectInstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Connect instance.", - "title": "ConnectInstanceArn", + "ConnectionArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the connection associated with the repository link.", + "title": "ConnectionArn", "type": "string" }, - "DialerConfig": { - "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign.DialerConfig", - "markdownDescription": "Contains information about the dialer configuration.", - "title": "DialerConfig" + "EncryptionKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the encryption key for the repository associated with the repository link.", + "title": "EncryptionKeyArn", + "type": "string" }, - "Name": { - "markdownDescription": "The name of the campaign.", - "title": "Name", + "OwnerId": { + "markdownDescription": "The owner ID for the repository associated with the repository link, such as the owner ID in GitHub.", + "title": "OwnerId", "type": "string" }, - "OutboundCallConfig": { - "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign.OutboundCallConfig", - "markdownDescription": "Contains information about the outbound call configuration.", - "title": "OutboundCallConfig" + "RepositoryName": { + "markdownDescription": "The name of the repository associated with the repository link.", + "title": "RepositoryName", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "markdownDescription": "The tags for the repository to be associated with the repository link.", "title": "Tags", "type": "array" } }, "required": [ - "ConnectInstanceArn", - "DialerConfig", - "Name", - "OutboundCallConfig" - ], + "ConnectionArn", + "OwnerId", + "RepositoryName" + ], "type": "object" }, "Type": { "enum": [ - "AWS::ConnectCampaigns::Campaign" + "AWS::CodeStarConnections::RepositoryLink" ], "type": "string" }, @@ -53261,125 +59105,114 @@ ], "type": "object" }, - "AWS::ConnectCampaigns::Campaign.AgentlessDialerConfig": { - "additionalProperties": false, - "properties": { - "DialingCapacity": { - "markdownDescription": "The allocation of dialing capacity between multiple active campaigns.", - "title": "DialingCapacity", - "type": "number" - } - }, - "type": "object" - }, - "AWS::ConnectCampaigns::Campaign.AnswerMachineDetectionConfig": { + "AWS::CodeStarConnections::SyncConfiguration": { "additionalProperties": false, "properties": { - "AwaitAnswerMachinePrompt": { - "markdownDescription": "Whether waiting for answer machine prompt is enabled.", - "title": "AwaitAnswerMachinePrompt", - "type": "boolean" + "Condition": { + "type": "string" }, - "EnableAnswerMachineDetection": { - "markdownDescription": "Whether answering machine detection is enabled.", - "title": "EnableAnswerMachineDetection", - "type": "boolean" - } - }, - "required": [ - "EnableAnswerMachineDetection" - ], - "type": "object" - }, - "AWS::ConnectCampaigns::Campaign.DialerConfig": { - "additionalProperties": false, - "properties": { - "AgentlessDialerConfig": { - "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign.AgentlessDialerConfig", - "markdownDescription": "The configuration of the agentless dialer.", - "title": "AgentlessDialerConfig" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "PredictiveDialerConfig": { - "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign.PredictiveDialerConfig", - "markdownDescription": "The configuration of the predictive dialer.", - "title": "PredictiveDialerConfig" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ProgressiveDialerConfig": { - "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign.ProgressiveDialerConfig", - "markdownDescription": "The configuration of the progressive dialer.", - "title": "ProgressiveDialerConfig" - } - }, - "type": "object" - }, - "AWS::ConnectCampaigns::Campaign.OutboundCallConfig": { - "additionalProperties": false, - "properties": { - "AnswerMachineDetectionConfig": { - "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign.AnswerMachineDetectionConfig", - "markdownDescription": "Whether answering machine detection has been enabled.", - "title": "AnswerMachineDetectionConfig" + "Metadata": { + "type": "object" }, - "ConnectContactFlowArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", - "title": "ConnectContactFlowArn", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Branch": { + "markdownDescription": "The branch associated with a specific sync configuration.", + "title": "Branch", + "type": "string" + }, + "ConfigFile": { + "markdownDescription": "The file path to the configuration file associated with a specific sync configuration. The path should point to an actual file in the sync configurations linked repository.", + "title": "ConfigFile", + "type": "string" + }, + "PublishDeploymentStatus": { + "markdownDescription": "Whether to enable or disable publishing of deployment status to source providers.", + "title": "PublishDeploymentStatus", + "type": "string" + }, + "RepositoryLinkId": { + "markdownDescription": "The ID of the repository link associated with a specific sync configuration.", + "title": "RepositoryLinkId", + "type": "string" + }, + "ResourceName": { + "markdownDescription": "The name of the connection resource associated with a specific sync configuration.", + "title": "ResourceName", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role associated with a specific sync configuration.", + "title": "RoleArn", + "type": "string" + }, + "SyncType": { + "markdownDescription": "The type of sync for a specific sync configuration.", + "title": "SyncType", + "type": "string" + }, + "TriggerResourceUpdateOn": { + "markdownDescription": "When to trigger Git sync to begin the stack update.", + "title": "TriggerResourceUpdateOn", + "type": "string" + } + }, + "required": [ + "Branch", + "ConfigFile", + "RepositoryLinkId", + "ResourceName", + "RoleArn", + "SyncType" + ], + "type": "object" }, - "ConnectQueueArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the queue.", - "title": "ConnectQueueArn", + "Type": { + "enum": [ + "AWS::CodeStarConnections::SyncConfiguration" + ], "type": "string" }, - "ConnectSourcePhoneNumber": { - "markdownDescription": "The phone number associated with the outbound call. This is the caller ID that is displayed to customers when an agent calls them.", - "title": "ConnectSourcePhoneNumber", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ConnectContactFlowArn" - ], - "type": "object" - }, - "AWS::ConnectCampaigns::Campaign.PredictiveDialerConfig": { - "additionalProperties": false, - "properties": { - "BandwidthAllocation": { - "markdownDescription": "Bandwidth allocation for the predictive dialer.", - "title": "BandwidthAllocation", - "type": "number" - }, - "DialingCapacity": { - "markdownDescription": "The allocation of dialing capacity between multiple active campaigns.", - "title": "DialingCapacity", - "type": "number" - } - }, - "required": [ - "BandwidthAllocation" - ], - "type": "object" - }, - "AWS::ConnectCampaigns::Campaign.ProgressiveDialerConfig": { - "additionalProperties": false, - "properties": { - "BandwidthAllocation": { - "markdownDescription": "Bandwidth allocation for the progressive dialer.", - "title": "BandwidthAllocation", - "type": "number" - }, - "DialingCapacity": { - "markdownDescription": "The allocation of dialing capacity between multiple active campaigns.", - "title": "DialingCapacity", - "type": "number" - } - }, - "required": [ - "BandwidthAllocation" + "Type", + "Properties" ], "type": "object" }, - "AWS::ControlTower::EnabledBaseline": { + "AWS::CodeStarNotifications::NotificationRule": { "additionalProperties": false, "properties": { "Condition": { @@ -53414,48 +59247,81 @@ "Properties": { "additionalProperties": false, "properties": { - "BaselineIdentifier": { - "markdownDescription": "The specific `Baseline` enabled as part of the `EnabledBaseline` resource.", - "title": "BaselineIdentifier", + "CreatedBy": { + "markdownDescription": "The name or email alias of the person who created the notification rule.", + "title": "CreatedBy", "type": "string" }, - "BaselineVersion": { - "markdownDescription": "The enabled version of the `Baseline` .", - "title": "BaselineVersion", + "DetailType": { + "markdownDescription": "The level of detail to include in the notifications for this resource. `BASIC` will include only the contents of the event as it would appear in Amazon CloudWatch. `FULL` will include any supplemental information provided by AWS CodeStar Notifications and/or the service for the resource for which the notification is created.", + "title": "DetailType", "type": "string" }, - "Parameters": { + "EventTypeId": { + "markdownDescription": "The event type associated with this notification rule. For a complete list of event types and IDs, see [Notification concepts](https://docs.aws.amazon.com/dtconsole/latest/userguide/concepts.html#concepts-api) in the *Developer Tools Console User Guide* .", + "title": "EventTypeId", + "type": "string" + }, + "EventTypeIds": { "items": { - "$ref": "#/definitions/AWS::ControlTower::EnabledBaseline.Parameter" + "type": "string" }, - "markdownDescription": "Shows the parameters that are applied when enabling this `Baseline` .", - "title": "Parameters", + "markdownDescription": "A list of event types associated with this notification rule. For a complete list of event types and IDs, see [Notification concepts](https://docs.aws.amazon.com/dtconsole/latest/userguide/concepts.html#concepts-api) in the *Developer Tools Console User Guide* .", + "title": "EventTypeIds", "type": "array" }, + "Name": { + "markdownDescription": "The name for the notification rule. Notification rule names must be unique in your AWS account .", + "title": "Name", + "type": "string" + }, + "Resource": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource to associate with the notification rule. Supported resources include pipelines in AWS CodePipeline , repositories in AWS CodeCommit , and build projects in AWS CodeBuild .", + "title": "Resource", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the notification rule. The default value is `ENABLED` . If the status is set to `DISABLED` , notifications aren't sent for the notification rule.", + "title": "Status", + "type": "string" + }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "A list of tags to apply to this notification rule. Key names cannot start with \" `aws` \".", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "", "title": "Tags", - "type": "array" + "type": "object" }, - "TargetIdentifier": { - "markdownDescription": "The target on which to enable the `Baseline` .", - "title": "TargetIdentifier", + "TargetAddress": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic or client.", + "title": "TargetAddress", "type": "string" + }, + "Targets": { + "items": { + "$ref": "#/definitions/AWS::CodeStarNotifications::NotificationRule.Target" + }, + "markdownDescription": "A list of Amazon Resource Names (ARNs) of Amazon SNS topics and clients to associate with the notification rule.", + "title": "Targets", + "type": "array" } }, "required": [ - "BaselineIdentifier", - "BaselineVersion", - "TargetIdentifier" + "DetailType", + "EventTypeIds", + "Name", + "Resource", + "Targets" ], "type": "object" }, "Type": { "enum": [ - "AWS::ControlTower::EnabledBaseline" + "AWS::CodeStarNotifications::NotificationRule" ], "type": "string" }, @@ -53474,23 +59340,27 @@ ], "type": "object" }, - "AWS::ControlTower::EnabledBaseline.Parameter": { + "AWS::CodeStarNotifications::NotificationRule.Target": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "", - "title": "Key", + "TargetAddress": { + "markdownDescription": "The Amazon Resource Name (ARN) of the topic or client.", + "title": "TargetAddress", "type": "string" }, - "Value": { - "markdownDescription": "", - "title": "Value", - "type": "object" + "TargetType": { + "markdownDescription": "The target type. Can be an Amazon Simple Notification Service topic or client.\n\n- Amazon Simple Notification Service topics are specified as `SNS` .\n- clients are specified as `AWSChatbotSlack` .\n- clients for Microsoft Teams are specified as `AWSChatbotMicrosoftTeams` .", + "title": "TargetType", + "type": "string" } }, + "required": [ + "TargetAddress", + "TargetType" + ], "type": "object" }, - "AWS::ControlTower::EnabledControl": { + "AWS::Cognito::IdentityPool": { "additionalProperties": false, "properties": { "Condition": { @@ -53525,42 +59395,87 @@ "Properties": { "additionalProperties": false, "properties": { - "ControlIdentifier": { - "markdownDescription": "The ARN of the control. Only *Strongly recommended* and *Elective* controls are permitted, with the exception of the *Region deny* control. For information on how to find the `controlIdentifier` , see [the overview page](https://docs.aws.amazon.com//controltower/latest/APIReference/Welcome.html) .", - "title": "ControlIdentifier", - "type": "string" + "AllowClassicFlow": { + "markdownDescription": "Enables the Basic (Classic) authentication flow.", + "title": "AllowClassicFlow", + "type": "boolean" }, - "Parameters": { + "AllowUnauthenticatedIdentities": { + "markdownDescription": "Specifies whether the identity pool supports unauthenticated logins.", + "title": "AllowUnauthenticatedIdentities", + "type": "boolean" + }, + "CognitoEvents": { + "markdownDescription": "The events to configure.", + "title": "CognitoEvents", + "type": "object" + }, + "CognitoIdentityProviders": { "items": { - "$ref": "#/definitions/AWS::ControlTower::EnabledControl.EnabledControlParameter" + "$ref": "#/definitions/AWS::Cognito::IdentityPool.CognitoIdentityProvider" }, - "markdownDescription": "Array of `EnabledControlParameter` objects.", - "title": "Parameters", + "markdownDescription": "The Amazon Cognito user pools and their client IDs.", + "title": "CognitoIdentityProviders", "type": "array" }, - "Tags": { + "CognitoStreams": { + "$ref": "#/definitions/AWS::Cognito::IdentityPool.CognitoStreams", + "markdownDescription": "Configuration options for configuring Amazon Cognito streams.", + "title": "CognitoStreams" + }, + "DeveloperProviderName": { + "markdownDescription": "The \"domain\" Amazon Cognito uses when referencing your users. This name acts as a placeholder that allows your backend and the Amazon Cognito service to communicate about the developer provider. For the `DeveloperProviderName` , you can use letters and periods (.), underscores (_), and dashes (-).\n\n*Minimum length* : 1\n\n*Maximum length* : 100", + "title": "DeveloperProviderName", + "type": "string" + }, + "IdentityPoolName": { + "markdownDescription": "The name of your Amazon Cognito identity pool.\n\n*Minimum length* : 1\n\n*Maximum length* : 128\n\n*Pattern* : `[\\w\\s+=,.@-]+`", + "title": "IdentityPoolName", + "type": "string" + }, + "IdentityPoolTags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "", - "title": "Tags", + "markdownDescription": "Tags to assign to the identity pool. A tag is a label that you can apply to identity pools to categorize and manage them in different ways, such as by purpose, owner, environment, or other criteria.", + "title": "IdentityPoolTags", "type": "array" }, - "TargetIdentifier": { - "markdownDescription": "The ARN of the organizational unit. For information on how to find the `targetIdentifier` , see [the overview page](https://docs.aws.amazon.com//controltower/latest/APIReference/Welcome.html) .", - "title": "TargetIdentifier", - "type": "string" + "OpenIdConnectProviderARNs": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Names (ARNs) of the OpenID connect providers.", + "title": "OpenIdConnectProviderARNs", + "type": "array" + }, + "PushSync": { + "$ref": "#/definitions/AWS::Cognito::IdentityPool.PushSync", + "markdownDescription": "The configuration options to be applied to the identity pool.", + "title": "PushSync" + }, + "SamlProviderARNs": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Names (ARNs) of the Security Assertion Markup Language (SAML) providers.", + "title": "SamlProviderARNs", + "type": "array" + }, + "SupportedLoginProviders": { + "markdownDescription": "Key-value pairs that map provider names to provider app IDs.", + "title": "SupportedLoginProviders", + "type": "object" } }, "required": [ - "ControlIdentifier", - "TargetIdentifier" + "AllowUnauthenticatedIdentities" ], "type": "object" }, "Type": { "enum": [ - "AWS::ControlTower::EnabledControl" + "AWS::Cognito::IdentityPool" ], "type": "string" }, @@ -53579,27 +59494,72 @@ ], "type": "object" }, - "AWS::ControlTower::EnabledControl.EnabledControlParameter": { + "AWS::Cognito::IdentityPool.CognitoIdentityProvider": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The key of a key/value pair. It is of type `string` .", - "title": "Key", + "ClientId": { + "markdownDescription": "The client ID for the Amazon Cognito user pool.", + "title": "ClientId", "type": "string" }, - "Value": { - "markdownDescription": "The value of a key/value pair. It can be of type `array` , `string` , `number` , `object` , or `boolean` . [Note: The *Type* field that follows may show a single type such as Number, which is only one possible type.]", - "title": "Value", - "type": "object" + "ProviderName": { + "markdownDescription": "The provider name for an Amazon Cognito user pool. For example: `cognito-idp.us-east-2.amazonaws.com/us-east-2_123456789` .", + "title": "ProviderName", + "type": "string" + }, + "ServerSideTokenCheck": { + "markdownDescription": "TRUE if server-side token validation is enabled for the identity provider\u2019s token.\n\nAfter you set the `ServerSideTokenCheck` to TRUE for an identity pool, that identity pool checks with the integrated user pools to make sure the user has not been globally signed out or deleted before the identity pool provides an OIDC token or AWS credentials for the user.\n\nIf the user is signed out or deleted, the identity pool returns a 400 Not Authorized error.", + "title": "ServerSideTokenCheck", + "type": "boolean" } }, "required": [ - "Key", - "Value" + "ClientId", + "ProviderName" ], "type": "object" }, - "AWS::ControlTower::LandingZone": { + "AWS::Cognito::IdentityPool.CognitoStreams": { + "additionalProperties": false, + "properties": { + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role Amazon Cognito can assume to publish to the stream. This role must grant access to Amazon Cognito (cognito-sync) to invoke `PutRecord` on your Amazon Cognito stream.", + "title": "RoleArn", + "type": "string" + }, + "StreamName": { + "markdownDescription": "The name of the Amazon Cognito stream to receive updates. This stream must be in the developer's account and in the same Region as the identity pool.", + "title": "StreamName", + "type": "string" + }, + "StreamingStatus": { + "markdownDescription": "Status of the Amazon Cognito streams. Valid values are: `ENABLED` or `DISABLED` .", + "title": "StreamingStatus", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Cognito::IdentityPool.PushSync": { + "additionalProperties": false, + "properties": { + "ApplicationArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The ARNs of the Amazon SNS platform applications that could be used by clients.", + "title": "ApplicationArns", + "type": "array" + }, + "RoleArn": { + "markdownDescription": "An IAM role configured to allow Amazon Cognito to call Amazon SNS on behalf of the developer.", + "title": "RoleArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Cognito::IdentityPoolPrincipalTag": { "additionalProperties": false, "properties": { "Condition": { @@ -53634,34 +59594,36 @@ "Properties": { "additionalProperties": false, "properties": { - "Manifest": { - "markdownDescription": "The landing zone manifest JSON text file that specifies the landing zone configurations.", - "title": "Manifest", - "type": "object" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Tags to be applied to the landing zone.", - "title": "Tags", - "type": "array" + "IdentityPoolId": { + "markdownDescription": "The identity pool that you want to associate with this principal tag map.", + "title": "IdentityPoolId", + "type": "string" }, - "Version": { - "markdownDescription": "The landing zone's current deployed version.", - "title": "Version", + "IdentityProviderName": { + "markdownDescription": "The identity pool identity provider (IdP) that you want to associate with this principal tag map.", + "title": "IdentityProviderName", "type": "string" + }, + "PrincipalTags": { + "markdownDescription": "A JSON-formatted list of user claims and the principal tags that you want to associate with them. When Amazon Cognito requests credentials, it sets the value of the principal tag to the value of the user's claim.", + "title": "PrincipalTags", + "type": "object" + }, + "UseDefaults": { + "markdownDescription": "Use a default set of mappings between claims and tags for this provider, instead of a custom map.", + "title": "UseDefaults", + "type": "boolean" } }, "required": [ - "Manifest", - "Version" + "IdentityPoolId", + "IdentityProviderName" ], "type": "object" }, "Type": { "enum": [ - "AWS::ControlTower::LandingZone" + "AWS::Cognito::IdentityPoolPrincipalTag" ], "type": "string" }, @@ -53680,7 +59642,7 @@ ], "type": "object" }, - "AWS::CustomerProfiles::CalculatedAttributeDefinition": { + "AWS::Cognito::IdentityPoolRoleAttachment": { "additionalProperties": false, "properties": { "Condition": { @@ -53715,61 +59677,42 @@ "Properties": { "additionalProperties": false, "properties": { - "AttributeDetails": { - "$ref": "#/definitions/AWS::CustomerProfiles::CalculatedAttributeDefinition.AttributeDetails", - "markdownDescription": "Mathematical expression and a list of attribute items specified in that expression.", - "title": "AttributeDetails" - }, - "CalculatedAttributeName": { - "markdownDescription": "The name of an attribute defined in a profile object type.", - "title": "CalculatedAttributeName", - "type": "string" - }, - "Conditions": { - "$ref": "#/definitions/AWS::CustomerProfiles::CalculatedAttributeDefinition.Conditions", - "markdownDescription": "The conditions including range, object count, and threshold for the calculated attribute.", - "title": "Conditions" - }, - "Description": { - "markdownDescription": "The description of the calculated attribute.", - "title": "Description", - "type": "string" - }, - "DisplayName": { - "markdownDescription": "The display name of the calculated attribute.", - "title": "DisplayName", - "type": "string" - }, - "DomainName": { - "markdownDescription": "The unique name of the domain.", - "title": "DomainName", + "IdentityPoolId": { + "markdownDescription": "An identity pool ID in the format `REGION:GUID` .", + "title": "IdentityPoolId", "type": "string" }, - "Statistic": { - "markdownDescription": "The aggregation operation to perform for the calculated attribute.", - "title": "Statistic", - "type": "string" + "RoleMappings": { + "additionalProperties": false, + "markdownDescription": "How users for a specific identity provider are mapped to roles. This is a string to the `RoleMapping` object map. The string identifies the identity provider. For example: `graph.facebook.com` or `cognito-idp.us-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id` .\n\nIf the `IdentityProvider` field isn't provided in this object, the string is used as the identity provider name.\n\nFor more information, see the [RoleMapping property](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypoolroleattachment-rolemapping.html) .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::Cognito::IdentityPoolRoleAttachment.RoleMapping" + } + }, + "title": "RoleMappings", + "type": "object" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "Roles": { + "additionalProperties": true, + "markdownDescription": "The map of the roles associated with this pool. For a given role, the key is either \"authenticated\" or \"unauthenticated\". The value is the role ARN.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "An array of key-value pairs to apply to this resource.", - "title": "Tags", - "type": "array" + "title": "Roles", + "type": "object" } }, "required": [ - "AttributeDetails", - "CalculatedAttributeName", - "DomainName", - "Statistic" + "IdentityPoolId" ], "type": "object" }, "Type": { "enum": [ - "AWS::CustomerProfiles::CalculatedAttributeDefinition" + "AWS::Cognito::IdentityPoolRoleAttachment" ], "type": "string" }, @@ -53788,105 +59731,85 @@ ], "type": "object" }, - "AWS::CustomerProfiles::CalculatedAttributeDefinition.AttributeDetails": { + "AWS::Cognito::IdentityPoolRoleAttachment.MappingRule": { "additionalProperties": false, "properties": { - "Attributes": { - "items": { - "$ref": "#/definitions/AWS::CustomerProfiles::CalculatedAttributeDefinition.AttributeItem" - }, - "markdownDescription": "Mathematical expression and a list of attribute items specified in that expression.", - "title": "Attributes", - "type": "array" + "Claim": { + "markdownDescription": "The claim name that must be present in the token. For example: \"isAdmin\" or \"paid\".", + "title": "Claim", + "type": "string" }, - "Expression": { - "markdownDescription": "Mathematical expression that is performed on attribute items provided in the attribute list. Each element in the expression should follow the structure of \\\"{ObjectTypeName.AttributeName}\\\".", - "title": "Expression", + "MatchType": { + "markdownDescription": "The match condition that specifies how closely the claim value in the IdP token must match `Value` .\n\nValid values are: `Equals` , `Contains` , `StartsWith` , and `NotEqual` .", + "title": "MatchType", "type": "string" - } - }, - "required": [ - "Attributes", - "Expression" - ], - "type": "object" - }, - "AWS::CustomerProfiles::CalculatedAttributeDefinition.AttributeItem": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The unique name of the calculated attribute.", - "title": "Name", + }, + "RoleARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role.", + "title": "RoleARN", + "type": "string" + }, + "Value": { + "markdownDescription": "A brief string that the claim must match. For example, \"paid\" or \"yes\".", + "title": "Value", "type": "string" } }, "required": [ - "Name" + "Claim", + "MatchType", + "RoleARN", + "Value" ], "type": "object" }, - "AWS::CustomerProfiles::CalculatedAttributeDefinition.Conditions": { + "AWS::Cognito::IdentityPoolRoleAttachment.RoleMapping": { "additionalProperties": false, "properties": { - "ObjectCount": { - "markdownDescription": "The number of profile objects used for the calculated attribute.", - "title": "ObjectCount", - "type": "number" - }, - "Range": { - "$ref": "#/definitions/AWS::CustomerProfiles::CalculatedAttributeDefinition.Range", - "markdownDescription": "The relative time period over which data is included in the aggregation.", - "title": "Range" + "AmbiguousRoleResolution": { + "markdownDescription": "If you specify Token or Rules as the `Type` , `AmbiguousRoleResolution` is required.\n\nSpecifies the action to be taken if either no rules match the claim value for the `Rules` type, or there is no `cognito:preferred_role` claim and there are multiple `cognito:roles` matches for the `Token` type.", + "title": "AmbiguousRoleResolution", + "type": "string" }, - "Threshold": { - "$ref": "#/definitions/AWS::CustomerProfiles::CalculatedAttributeDefinition.Threshold", - "markdownDescription": "The threshold for the calculated attribute.", - "title": "Threshold" - } - }, - "type": "object" - }, - "AWS::CustomerProfiles::CalculatedAttributeDefinition.Range": { - "additionalProperties": false, - "properties": { - "Unit": { - "markdownDescription": "The unit of time.", - "title": "Unit", + "IdentityProvider": { + "markdownDescription": "Identifier for the identity provider for which the role is mapped. For example: `graph.facebook.com` or `cognito-idp.us-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id (http://cognito-idp.us-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id)` . This is the identity provider that is used by the user for authentication.\n\nIf the identity provider property isn't provided, the key of the entry in the `RoleMappings` map is used as the identity provider.", + "title": "IdentityProvider", "type": "string" }, - "Value": { - "markdownDescription": "The amount of time of the specified unit.", - "title": "Value", - "type": "number" + "RulesConfiguration": { + "$ref": "#/definitions/AWS::Cognito::IdentityPoolRoleAttachment.RulesConfigurationType", + "markdownDescription": "The rules to be used for mapping users to roles. If you specify \"Rules\" as the role-mapping type, RulesConfiguration is required.", + "title": "RulesConfiguration" + }, + "Type": { + "markdownDescription": "The role mapping type. Token will use `cognito:roles` and `cognito:preferred_role` claims from the Cognito identity provider token to map groups to roles. Rules will attempt to match claims from the token to map to a role.", + "title": "Type", + "type": "string" } }, "required": [ - "Unit", - "Value" + "Type" ], "type": "object" }, - "AWS::CustomerProfiles::CalculatedAttributeDefinition.Threshold": { + "AWS::Cognito::IdentityPoolRoleAttachment.RulesConfigurationType": { "additionalProperties": false, "properties": { - "Operator": { - "markdownDescription": "The operator of the threshold.", - "title": "Operator", - "type": "string" - }, - "Value": { - "markdownDescription": "The value of the threshold.", - "title": "Value", - "type": "string" + "Rules": { + "items": { + "$ref": "#/definitions/AWS::Cognito::IdentityPoolRoleAttachment.MappingRule" + }, + "markdownDescription": "The rules. You can specify up to 25 rules per identity provider.", + "title": "Rules", + "type": "array" } }, "required": [ - "Operator", - "Value" + "Rules" ], "type": "object" }, - "AWS::CustomerProfiles::Domain": { + "AWS::Cognito::LogDeliveryConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -53921,54 +59844,28 @@ "Properties": { "additionalProperties": false, "properties": { - "DeadLetterQueueUrl": { - "markdownDescription": "The URL of the SQS dead letter queue, which is used for reporting errors associated with ingesting data from third party applications. You must set up a policy on the `DeadLetterQueue` for the `SendMessage` operation to enable Amazon Connect Customer Profiles to send messages to the `DeadLetterQueue` .", - "title": "DeadLetterQueueUrl", - "type": "string" - }, - "DefaultEncryptionKey": { - "markdownDescription": "The default encryption key, which is an AWS managed key, is used when no specific type of encryption key is specified. It is used to encrypt all data before it is placed in permanent or semi-permanent storage.", - "title": "DefaultEncryptionKey", - "type": "string" - }, - "DefaultExpirationDays": { - "markdownDescription": "The default number of days until the data within the domain expires.", - "title": "DefaultExpirationDays", - "type": "number" - }, - "DomainName": { - "markdownDescription": "The unique name of the domain.", - "title": "DomainName", - "type": "string" - }, - "Matching": { - "$ref": "#/definitions/AWS::CustomerProfiles::Domain.Matching", - "markdownDescription": "The process of matching duplicate profiles.", - "title": "Matching" - }, - "RuleBasedMatching": { - "$ref": "#/definitions/AWS::CustomerProfiles::Domain.RuleBasedMatching", - "markdownDescription": "The process of matching duplicate profiles using Rule-Based matching.", - "title": "RuleBasedMatching" - }, - "Tags": { + "LogConfigurations": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Cognito::LogDeliveryConfiguration.LogConfiguration" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource.", - "title": "Tags", + "markdownDescription": "A logging destination of a user pool. User pools can have multiple logging destinations for message-delivery and user-activity logs.", + "title": "LogConfigurations", "type": "array" + }, + "UserPoolId": { + "markdownDescription": "The ID of the user pool where you configured logging.", + "title": "UserPoolId", + "type": "string" } }, "required": [ - "DefaultExpirationDays", - "DomainName" + "UserPoolId" ], "type": "object" }, "Type": { "enum": [ - "AWS::CustomerProfiles::Domain" + "AWS::Cognito::LogDeliveryConfiguration" ], "type": "string" }, @@ -53987,281 +59884,71 @@ ], "type": "object" }, - "AWS::CustomerProfiles::Domain.AttributeTypesSelector": { + "AWS::Cognito::LogDeliveryConfiguration.CloudWatchLogsConfiguration": { "additionalProperties": false, "properties": { - "Address": { - "items": { - "type": "string" - }, - "markdownDescription": "The `Address` type. You can choose from `Address` , `BusinessAddress` , `MaillingAddress` , and `ShippingAddress` . You only can use the `Address` type in the `MatchingRule` . For example, if you want to match a profile based on `BusinessAddress.City` or `MaillingAddress.City` , you can choose the `BusinessAddress` and the `MaillingAddress` to represent the `Address` type and specify the `Address.City` on the matching rule.", - "title": "Address", - "type": "array" - }, - "AttributeMatchingModel": { - "markdownDescription": "Configures the `AttributeMatchingModel` , you can either choose `ONE_TO_ONE` or `MANY_TO_MANY` .", - "title": "AttributeMatchingModel", + "LogGroupArn": { + "markdownDescription": "The Amazon Resource Name (arn) of a CloudWatch Logs log group where your user pool sends logs. The log group must not be encrypted with AWS Key Management Service and must be in the same AWS account as your user pool.\n\nTo send logs to log groups with a resource policy of a size greater than 5120 characters, configure a log group with a path that starts with `/aws/vendedlogs` . For more information, see [Enabling logging from certain AWS services](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AWS-logs-and-resource-policy.html) .", + "title": "LogGroupArn", "type": "string" - }, - "EmailAddress": { - "items": { - "type": "string" - }, - "markdownDescription": "The Email type. You can choose from `EmailAddress` , `BusinessEmailAddress` and `PersonalEmailAddress` . You only can use the `EmailAddress` type in the `MatchingRule` . For example, if you want to match profile based on `PersonalEmailAddress` or `BusinessEmailAddress` , you can choose the `PersonalEmailAddress` and the `BusinessEmailAddress` to represent the `EmailAddress` type and only specify the `EmailAddress` on the matching rule.", - "title": "EmailAddress", - "type": "array" - }, - "PhoneNumber": { - "items": { - "type": "string" - }, - "markdownDescription": "The `PhoneNumber` type. You can choose from `PhoneNumber` , `HomePhoneNumber` , and `MobilePhoneNumber` . You only can use the `PhoneNumber` type in the `MatchingRule` . For example, if you want to match a profile based on `Phone` or `HomePhone` , you can choose the `Phone` and the `HomePhone` to represent the `PhoneNumber` type and only specify the `PhoneNumber` on the matching rule.", - "title": "PhoneNumber", - "type": "array" - } - }, - "required": [ - "AttributeMatchingModel" - ], - "type": "object" - }, - "AWS::CustomerProfiles::Domain.AutoMerging": { - "additionalProperties": false, - "properties": { - "ConflictResolution": { - "$ref": "#/definitions/AWS::CustomerProfiles::Domain.ConflictResolution", - "markdownDescription": "Determines how the auto-merging process should resolve conflicts between different profiles. For example, if Profile A and Profile B have the same `FirstName` and `LastName` , `ConflictResolution` specifies which `EmailAddress` should be used.", - "title": "ConflictResolution" - }, - "Consolidation": { - "$ref": "#/definitions/AWS::CustomerProfiles::Domain.Consolidation", - "markdownDescription": "A list of matching attributes that represent matching criteria. If two profiles meet at least one of the requirements in the matching attributes list, they will be merged.", - "title": "Consolidation" - }, - "Enabled": { - "markdownDescription": "The flag that enables the auto-merging of duplicate profiles.", - "title": "Enabled", - "type": "boolean" - }, - "MinAllowedConfidenceScoreForMerging": { - "markdownDescription": "A number between 0 and 1 that represents the minimum confidence score required for profiles within a matching group to be merged during the auto-merge process. A higher score means that a higher similarity is required to merge profiles.", - "title": "MinAllowedConfidenceScoreForMerging", - "type": "number" } }, - "required": [ - "Enabled" - ], "type": "object" }, - "AWS::CustomerProfiles::Domain.ConflictResolution": { + "AWS::Cognito::LogDeliveryConfiguration.FirehoseConfiguration": { "additionalProperties": false, "properties": { - "ConflictResolvingModel": { - "markdownDescription": "How the auto-merging process should resolve conflicts between different profiles.", - "title": "ConflictResolvingModel", - "type": "string" - }, - "SourceName": { - "markdownDescription": "The `ObjectType` name that is used to resolve profile merging conflicts when choosing `SOURCE` as the `ConflictResolvingModel` .", - "title": "SourceName", + "StreamArn": { + "markdownDescription": "The ARN of an Amazon Data Firehose stream that's the destination for threat protection log export.", + "title": "StreamArn", "type": "string" } }, - "required": [ - "ConflictResolvingModel" - ], - "type": "object" - }, - "AWS::CustomerProfiles::Domain.Consolidation": { - "additionalProperties": false, - "properties": { - "MatchingAttributesList": { - "markdownDescription": "A list of matching criteria.", - "title": "MatchingAttributesList", - "type": "object" - } - }, - "required": [ - "MatchingAttributesList" - ], - "type": "object" - }, - "AWS::CustomerProfiles::Domain.DomainStats": { - "additionalProperties": false, - "properties": { - "MeteringProfileCount": { - "markdownDescription": "The number of profiles that you are currently paying for in the domain. If you have more than 100 objects associated with a single profile, that profile counts as two profiles. If you have more than 200 objects, that profile counts as three, and so on.", - "title": "MeteringProfileCount", - "type": "number" - }, - "ObjectCount": { - "markdownDescription": "The total number of objects in domain.", - "title": "ObjectCount", - "type": "number" - }, - "ProfileCount": { - "markdownDescription": "The total number of profiles currently in the domain.", - "title": "ProfileCount", - "type": "number" - }, - "TotalSize": { - "markdownDescription": "The total size, in bytes, of all objects in the domain.", - "title": "TotalSize", - "type": "number" - } - }, - "type": "object" - }, - "AWS::CustomerProfiles::Domain.ExportingConfig": { - "additionalProperties": false, - "properties": { - "S3Exporting": { - "$ref": "#/definitions/AWS::CustomerProfiles::Domain.S3ExportingConfig", - "markdownDescription": "", - "title": "S3Exporting" - } - }, "type": "object" }, - "AWS::CustomerProfiles::Domain.JobSchedule": { + "AWS::Cognito::LogDeliveryConfiguration.LogConfiguration": { "additionalProperties": false, "properties": { - "DayOfTheWeek": { - "markdownDescription": "The day when the Identity Resolution Job should run every week.", - "title": "DayOfTheWeek", - "type": "string" + "CloudWatchLogsConfiguration": { + "$ref": "#/definitions/AWS::Cognito::LogDeliveryConfiguration.CloudWatchLogsConfiguration", + "markdownDescription": "Configuration for the CloudWatch log group destination of user pool detailed activity logging, or of user activity log export with advanced security features.", + "title": "CloudWatchLogsConfiguration" }, - "Time": { - "markdownDescription": "The time when the Identity Resolution Job should run every week.", - "title": "Time", + "EventSource": { + "markdownDescription": "The source of events that your user pool sends for logging. To send error-level logs about user notification activity, set to `userNotification` . To send info-level logs about threat-protection user activity in user pools with the Plus feature plan, set to `userAuthEvents` .", + "title": "EventSource", "type": "string" - } - }, - "required": [ - "DayOfTheWeek", - "Time" - ], - "type": "object" - }, - "AWS::CustomerProfiles::Domain.Matching": { - "additionalProperties": false, - "properties": { - "AutoMerging": { - "$ref": "#/definitions/AWS::CustomerProfiles::Domain.AutoMerging", - "markdownDescription": "Configuration information about the auto-merging process.", - "title": "AutoMerging" - }, - "Enabled": { - "markdownDescription": "The flag that enables the matching process of duplicate profiles.", - "title": "Enabled", - "type": "boolean" - }, - "ExportingConfig": { - "$ref": "#/definitions/AWS::CustomerProfiles::Domain.ExportingConfig", - "markdownDescription": "The S3 location where Identity Resolution Jobs write result files.", - "title": "ExportingConfig" - }, - "JobSchedule": { - "$ref": "#/definitions/AWS::CustomerProfiles::Domain.JobSchedule", - "markdownDescription": "The day and time when do you want to start the Identity Resolution Job every week.", - "title": "JobSchedule" - } - }, - "required": [ - "Enabled" - ], - "type": "object" - }, - "AWS::CustomerProfiles::Domain.MatchingRule": { - "additionalProperties": false, - "properties": { - "Rule": { - "items": { - "type": "string" - }, - "markdownDescription": "A single rule level of the `MatchRules` . Configures how the rule-based matching process should match profiles.", - "title": "Rule", - "type": "array" - } - }, - "required": [ - "Rule" - ], - "type": "object" - }, - "AWS::CustomerProfiles::Domain.RuleBasedMatching": { - "additionalProperties": false, - "properties": { - "AttributeTypesSelector": { - "$ref": "#/definitions/AWS::CustomerProfiles::Domain.AttributeTypesSelector", - "markdownDescription": "Configures information about the `AttributeTypesSelector` where the rule-based identity resolution uses to match profiles.", - "title": "AttributeTypesSelector" - }, - "ConflictResolution": { - "$ref": "#/definitions/AWS::CustomerProfiles::Domain.ConflictResolution", - "markdownDescription": "Determines how the auto-merging process should resolve conflicts between different profiles. For example, if Profile A and Profile B have the same `FirstName` and `LastName` , `ConflictResolution` specifies which `EmailAddress` should be used.", - "title": "ConflictResolution" - }, - "Enabled": { - "markdownDescription": "The flag that enables the matching process of duplicate profiles.", - "title": "Enabled", - "type": "boolean" - }, - "ExportingConfig": { - "$ref": "#/definitions/AWS::CustomerProfiles::Domain.ExportingConfig", - "markdownDescription": "The S3 location where Identity Resolution Jobs write result files.", - "title": "ExportingConfig" - }, - "MatchingRules": { - "items": { - "$ref": "#/definitions/AWS::CustomerProfiles::Domain.MatchingRule" - }, - "markdownDescription": "Configures how the rule-based matching process should match profiles. You can have up to 15 `MatchingRule` in the `MatchingRules` .", - "title": "MatchingRules", - "type": "array" - }, - "MaxAllowedRuleLevelForMatching": { - "markdownDescription": "Indicates the maximum allowed rule level for matching.", - "title": "MaxAllowedRuleLevelForMatching", - "type": "number" }, - "MaxAllowedRuleLevelForMerging": { - "markdownDescription": "Indicates the maximum allowed rule level for merging.", - "title": "MaxAllowedRuleLevelForMerging", - "type": "number" + "FirehoseConfiguration": { + "$ref": "#/definitions/AWS::Cognito::LogDeliveryConfiguration.FirehoseConfiguration", + "markdownDescription": "Configuration for the Amazon Data Firehose stream destination of user activity log export with threat protection.", + "title": "FirehoseConfiguration" }, - "Status": { - "markdownDescription": "The status of rule-based matching rule.", - "title": "Status", + "LogLevel": { + "markdownDescription": "The `errorlevel` selection of logs that a user pool sends for detailed activity logging. To send `userNotification` activity with [information about message delivery](https://docs.aws.amazon.com/cognito/latest/developerguide/exporting-quotas-and-usage.html) , choose `ERROR` with `CloudWatchLogsConfiguration` . To send `userAuthEvents` activity with user logs from threat protection with the Plus feature plan, choose `INFO` with one of `CloudWatchLogsConfiguration` , `FirehoseConfiguration` , or `S3Configuration` .", + "title": "LogLevel", "type": "string" + }, + "S3Configuration": { + "$ref": "#/definitions/AWS::Cognito::LogDeliveryConfiguration.S3Configuration", + "markdownDescription": "Configuration for the Amazon S3 bucket destination of user activity log export with threat protection.", + "title": "S3Configuration" } }, - "required": [ - "Enabled" - ], "type": "object" }, - "AWS::CustomerProfiles::Domain.S3ExportingConfig": { + "AWS::Cognito::LogDeliveryConfiguration.S3Configuration": { "additionalProperties": false, "properties": { - "S3BucketName": { - "markdownDescription": "The name of the S3 bucket where Identity Resolution Jobs write result files.", - "title": "S3BucketName", - "type": "string" - }, - "S3KeyName": { - "markdownDescription": "The S3 key name of the location where Identity Resolution Jobs write result files.", - "title": "S3KeyName", + "BucketArn": { + "markdownDescription": "The ARN of an Amazon S3 bucket that's the destination for threat protection log export.", + "title": "BucketArn", "type": "string" } }, - "required": [ - "S3BucketName" - ], "type": "object" }, - "AWS::CustomerProfiles::EventStream": { + "AWS::Cognito::ManagedLoginBranding": { "additionalProperties": false, "properties": { "Condition": { @@ -54296,40 +59983,48 @@ "Properties": { "additionalProperties": false, "properties": { - "DomainName": { - "markdownDescription": "The unique name of the domain.", - "title": "DomainName", - "type": "string" - }, - "EventStreamName": { - "markdownDescription": "The name of the event stream.", - "title": "EventStreamName", - "type": "string" - }, - "Tags": { + "Assets": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Cognito::ManagedLoginBranding.AssetType" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource.", - "title": "Tags", + "markdownDescription": "An array of image files that you want to apply to roles like backgrounds, logos, and icons. Each object must also indicate whether it is for dark mode, light mode, or browser-adaptive mode.", + "title": "Assets", "type": "array" }, - "Uri": { - "markdownDescription": "The StreamARN of the destination to deliver profile events to. For example, arn:aws:kinesis:region:account-id:stream/stream-name.", - "title": "Uri", + "ClientId": { + "markdownDescription": "The app client that you want to assign the branding style to. Each style is linked to an app client until you delete it.", + "title": "ClientId", + "type": "string" + }, + "ReturnMergedResources": { + "markdownDescription": "When `true` , returns values for branding options that are unchanged from Amazon Cognito defaults. When `false` or when you omit this parameter, returns only values that you customized in your branding style.", + "title": "ReturnMergedResources", + "type": "boolean" + }, + "Settings": { + "markdownDescription": "A JSON file, encoded as a `Document` type, with the the settings that you want to apply to your style.", + "title": "Settings", + "type": "object" + }, + "UseCognitoProvidedValues": { + "markdownDescription": "When true, applies the default branding style options. This option reverts to default style options that are managed by Amazon Cognito. You can modify them later in the branding editor.\n\nWhen you specify `true` for this option, you must also omit values for `Settings` and `Assets` in the request.", + "title": "UseCognitoProvidedValues", + "type": "boolean" + }, + "UserPoolId": { + "markdownDescription": "The user pool where the branding style is assigned.", + "title": "UserPoolId", "type": "string" } }, "required": [ - "DomainName", - "EventStreamName", - "Uri" + "UserPoolId" ], "type": "object" }, "Type": { "enum": [ - "AWS::CustomerProfiles::EventStream" + "AWS::Cognito::ManagedLoginBranding" ], "type": "string" }, @@ -54348,27 +60043,43 @@ ], "type": "object" }, - "AWS::CustomerProfiles::EventStream.DestinationDetails": { + "AWS::Cognito::ManagedLoginBranding.AssetType": { "additionalProperties": false, "properties": { - "Status": { - "markdownDescription": "The status of enabling the Kinesis stream as a destination for export.", - "title": "Status", + "Bytes": { + "markdownDescription": "The image file, in Base64-encoded binary.", + "title": "Bytes", "type": "string" }, - "Uri": { - "markdownDescription": "The StreamARN of the destination to deliver profile events to. For example, arn:aws:kinesis:region:account-id:stream/stream-name.", - "title": "Uri", - "type": "string" + "Category": { + "markdownDescription": "The category that the image corresponds to in your managed login configuration. Managed login has asset categories for different types of logos, backgrounds, and icons.", + "title": "Category", + "type": "string" + }, + "ColorMode": { + "markdownDescription": "The display-mode target of the asset: light, dark, or browser-adaptive. For example, Amazon Cognito displays a dark-mode image only when the browser or application is in dark mode, but displays a browser-adaptive file in all contexts.", + "title": "ColorMode", + "type": "string" + }, + "Extension": { + "markdownDescription": "The file type of the image file.", + "title": "Extension", + "type": "string" + }, + "ResourceId": { + "markdownDescription": "The ID of the asset.", + "title": "ResourceId", + "type": "string" } }, "required": [ - "Status", - "Uri" + "Category", + "ColorMode", + "Extension" ], "type": "object" }, - "AWS::CustomerProfiles::Integration": { + "AWS::Cognito::UserPool": { "additionalProperties": false, "properties": { "Condition": { @@ -54403,51 +60114,178 @@ "Properties": { "additionalProperties": false, "properties": { - "DomainName": { - "markdownDescription": "The unique name of the domain.", - "title": "DomainName", + "AccountRecoverySetting": { + "$ref": "#/definitions/AWS::Cognito::UserPool.AccountRecoverySetting", + "markdownDescription": "The available verified method a user can use to recover their password when they call `ForgotPassword` . You can use this setting to define a preferred method when a user has more than one method available. With this setting, SMS doesn't qualify for a valid password recovery mechanism if the user also has SMS multi-factor authentication (MFA) activated. In the absence of this setting, Amazon Cognito uses the legacy behavior to determine the recovery method where SMS is preferred through email.", + "title": "AccountRecoverySetting" + }, + "AdminCreateUserConfig": { + "$ref": "#/definitions/AWS::Cognito::UserPool.AdminCreateUserConfig", + "markdownDescription": "The settings for administrator creation of users in a user pool. Contains settings for allowing user sign-up, customizing invitation messages to new users, and the amount of time before temporary passwords expire.", + "title": "AdminCreateUserConfig" + }, + "AliasAttributes": { + "items": { + "type": "string" + }, + "markdownDescription": "Attributes supported as an alias for this user pool. For more information about alias attributes, see [Customizing sign-in attributes](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html#user-pool-settings-aliases) .", + "title": "AliasAttributes", + "type": "array" + }, + "AutoVerifiedAttributes": { + "items": { + "type": "string" + }, + "markdownDescription": "The attributes that you want your user pool to automatically verify. For more information, see [Verifying contact information at sign-up](https://docs.aws.amazon.com/cognito/latest/developerguide/signing-up-users-in-your-app.html#allowing-users-to-sign-up-and-confirm-themselves) .", + "title": "AutoVerifiedAttributes", + "type": "array" + }, + "DeletionProtection": { + "markdownDescription": "When active, `DeletionProtection` prevents accidental deletion of your user\npool. Before you can delete a user pool that you have protected against deletion, you\nmust deactivate this feature.\n\nWhen you try to delete a protected user pool in a `DeleteUserPool` API request, Amazon Cognito returns an `InvalidParameterException` error. To delete a protected user pool, send a new `DeleteUserPool` request after you deactivate deletion protection in an `UpdateUserPool` API request.", + "title": "DeletionProtection", "type": "string" }, - "FlowDefinition": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.FlowDefinition", - "markdownDescription": "The configuration that controls how Customer Profiles retrieves data from the source.", - "title": "FlowDefinition" + "DeviceConfiguration": { + "$ref": "#/definitions/AWS::Cognito::UserPool.DeviceConfiguration", + "markdownDescription": "The device-remembering configuration for a user pool. Device remembering or device tracking is a \"Remember me on this device\" option for user pools that perform authentication with the device key of a trusted device in the back end, instead of a user-provided MFA code. For more information about device authentication, see [Working with user devices in your user pool](https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html) . A null value indicates that you have deactivated device remembering in your user pool.\n\n> When you provide a value for any `DeviceConfiguration` field, you activate the Amazon Cognito device-remembering feature. For more information, see [Working with devices](https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html) .", + "title": "DeviceConfiguration" }, - "ObjectTypeName": { - "markdownDescription": "The name of the profile object type mapping to use.", - "title": "ObjectTypeName", + "EmailAuthenticationMessage": { + "markdownDescription": "", + "title": "EmailAuthenticationMessage", "type": "string" }, - "ObjectTypeNames": { + "EmailAuthenticationSubject": { + "markdownDescription": "", + "title": "EmailAuthenticationSubject", + "type": "string" + }, + "EmailConfiguration": { + "$ref": "#/definitions/AWS::Cognito::UserPool.EmailConfiguration", + "markdownDescription": "The email configuration of your user pool. The email configuration type sets your preferred sending method, AWS Region, and sender for messages from your user pool.", + "title": "EmailConfiguration" + }, + "EmailVerificationMessage": { + "markdownDescription": "This parameter is no longer used. See [VerificationMessageTemplateType](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-verificationmessagetemplate.html) .", + "title": "EmailVerificationMessage", + "type": "string" + }, + "EmailVerificationSubject": { + "markdownDescription": "This parameter is no longer used. See [VerificationMessageTemplateType](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-verificationmessagetemplate.html) .", + "title": "EmailVerificationSubject", + "type": "string" + }, + "EnabledMfas": { "items": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.ObjectTypeMapping" + "type": "string" }, - "markdownDescription": "The object type mapping.", - "title": "ObjectTypeNames", + "markdownDescription": "Set enabled MFA options on a specified user pool. To disable all MFAs after it has been enabled, set `MfaConfiguration` to `OFF` and remove EnabledMfas. MFAs can only be all disabled if `MfaConfiguration` is `OFF` . After you enable `SMS_MFA` , you can only disable it by setting `MfaConfiguration` to `OFF` . Can be one of the following values:\n\n- `SMS_MFA` - Enables MFA with SMS for the user pool. To select this option, you must also provide values for `SmsConfiguration` .\n- `SOFTWARE_TOKEN_MFA` - Enables software token MFA for the user pool.\n- `EMAIL_OTP` - Enables MFA with email for the user pool. To select this option, you must provide values for `EmailConfiguration` and within those, set `EmailSendingAccount` to `DEVELOPER` .\n\nAllowed values: `SMS_MFA` | `SOFTWARE_TOKEN_MFA` | `EMAIL_OTP`", + "title": "EnabledMfas", "type": "array" }, - "Tags": { + "LambdaConfig": { + "$ref": "#/definitions/AWS::Cognito::UserPool.LambdaConfig", + "markdownDescription": "A collection of user pool Lambda triggers. Amazon Cognito invokes triggers at several possible stages of authentication operations. Triggers can modify the outcome of the operations that invoked them.", + "title": "LambdaConfig" + }, + "MfaConfiguration": { + "markdownDescription": "Displays the state of multi-factor authentication (MFA) as on, off, or optional. When `ON` , all users must set up MFA before they can sign in. When `OPTIONAL` , your application must make a client-side determination of whether a user wants to register an MFA device. For user pools with adaptive authentication with threat protection, choose `OPTIONAL` .\n\nWhen `MfaConfiguration` is `OPTIONAL` , managed login doesn't automatically prompt users to set up MFA. Amazon Cognito generates MFA prompts in API responses and in managed login for users who have chosen and configured a preferred MFA factor.", + "title": "MfaConfiguration", + "type": "string" + }, + "Policies": { + "$ref": "#/definitions/AWS::Cognito::UserPool.Policies", + "markdownDescription": "A list of user pool policies. Contains the policy that sets password-complexity requirements.", + "title": "Policies" + }, + "Schema": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Cognito::UserPool.SchemaAttribute" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource.", - "title": "Tags", + "markdownDescription": "An array of attributes for the new user pool. You can add custom attributes and modify the properties of default attributes. The specifications in this parameter set the required attributes in your user pool. For more information, see [Working with user attributes](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html) .", + "title": "Schema", "type": "array" }, - "Uri": { - "markdownDescription": "The URI of the S3 bucket or any other type of data source.", - "title": "Uri", + "SmsAuthenticationMessage": { + "markdownDescription": "The contents of the SMS authentication message.", + "title": "SmsAuthenticationMessage", + "type": "string" + }, + "SmsConfiguration": { + "$ref": "#/definitions/AWS::Cognito::UserPool.SmsConfiguration", + "markdownDescription": "The settings for your Amazon Cognito user pool to send SMS messages with Amazon Simple Notification Service. To send SMS messages with Amazon SNS in the AWS Region that you want, the Amazon Cognito user pool uses an AWS Identity and Access Management (IAM) role in your AWS account . For more information see [SMS message settings](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html) .", + "title": "SmsConfiguration" + }, + "SmsVerificationMessage": { + "markdownDescription": "This parameter is no longer used. See [VerificationMessageTemplateType](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-verificationmessagetemplate.html) .", + "title": "SmsVerificationMessage", + "type": "string" + }, + "UserAttributeUpdateSettings": { + "$ref": "#/definitions/AWS::Cognito::UserPool.UserAttributeUpdateSettings", + "markdownDescription": "The settings for updates to user attributes. These settings include the property `AttributesRequireVerificationBeforeUpdate` ,\na user-pool setting that tells Amazon Cognito how to handle changes to the value of your users' email address and phone number attributes. For\nmore information, see [Verifying updates to email addresses and phone numbers](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html#user-pool-settings-verifications-verify-attribute-updates) .", + "title": "UserAttributeUpdateSettings" + }, + "UserPoolAddOns": { + "$ref": "#/definitions/AWS::Cognito::UserPool.UserPoolAddOns", + "markdownDescription": "Contains settings for activation of threat protection, including the operating mode and additional authentication types. To log user security information but take no action, set to `AUDIT` . To configure automatic security responses to potentially unwanted traffic to your user pool, set to `ENFORCED` .\n\nFor more information, see [Adding advanced security to a user pool](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html) . To activate this setting, your user pool must be on the [Plus tier](https://docs.aws.amazon.com/cognito/latest/developerguide/feature-plans-features-plus.html) .", + "title": "UserPoolAddOns" + }, + "UserPoolName": { + "markdownDescription": "A friendly name for your user pool.", + "title": "UserPoolName", + "type": "string" + }, + "UserPoolTags": { + "additionalProperties": true, + "markdownDescription": "The tag keys and values to assign to the user pool. A tag is a label that you can use to categorize and manage user pools in different ways, such as by purpose, owner, environment, or other criteria.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "UserPoolTags", + "type": "object" + }, + "UserPoolTier": { + "markdownDescription": "The user pool [feature plan](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-sign-in-feature-plans.html) , or tier. This parameter determines the eligibility of the user pool for features like managed login, access-token customization, and threat protection. Defaults to `ESSENTIALS` .", + "title": "UserPoolTier", + "type": "string" + }, + "UsernameAttributes": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies whether a user can use an email address or phone number as a username when they sign up.", + "title": "UsernameAttributes", + "type": "array" + }, + "UsernameConfiguration": { + "$ref": "#/definitions/AWS::Cognito::UserPool.UsernameConfiguration", + "markdownDescription": "Sets the case sensitivity option for sign-in usernames. When `CaseSensitive` is `false` (case insensitive), users can sign in with any combination of capital and lowercase letters. For example, `username` , `USERNAME` , or `UserName` , or for email, `email@example.com` or `EMaiL@eXamplE.Com` . For most use cases, set case sensitivity to `false` as a best practice. When usernames and email addresses are case insensitive, Amazon Cognito treats any variation in case as the same user, and prevents a case variation from being assigned to the same attribute for a different user.\n\nWhen `CaseSensitive` is `true` (case sensitive), Amazon Cognito interprets `USERNAME` and `UserName` as distinct users.\n\nThis configuration is immutable after you set it.", + "title": "UsernameConfiguration" + }, + "VerificationMessageTemplate": { + "$ref": "#/definitions/AWS::Cognito::UserPool.VerificationMessageTemplate", + "markdownDescription": "The template for the verification message that your user pool delivers to users who set an email address or phone number attribute.\n\nSet the email message type that corresponds to your `DefaultEmailOption` selection. For `CONFIRM_WITH_LINK` , specify an `EmailMessageByLink` and leave `EmailMessage` blank. For `CONFIRM_WITH_CODE` , specify an `EmailMessage` and leave `EmailMessageByLink` blank. When you supply both parameters with either choice, Amazon Cognito returns an error.", + "title": "VerificationMessageTemplate" + }, + "WebAuthnRelyingPartyID": { + "markdownDescription": "Sets or displays the authentication domain, typically your user pool domain, that passkey providers must use as a relying party (RP) in their configuration.\n\nUnder the following conditions, the passkey relying party ID must be the fully-qualified domain name of your custom domain:\n\n- The user pool is configured for passkey authentication.\n- The user pool has a custom domain, whether or not it also has a prefix domain.\n- Your application performs authentication with managed login or the classic hosted UI.", + "title": "WebAuthnRelyingPartyID", + "type": "string" + }, + "WebAuthnUserVerification": { + "markdownDescription": "When `required` , users can only register and sign in users with passkeys that are capable of [user verification](https://docs.aws.amazon.com/https://www.w3.org/TR/webauthn-2/#enum-userVerificationRequirement) . When `preferred` , your user pool doesn't require the use of authenticators with user verification but encourages it.", + "title": "WebAuthnUserVerification", "type": "string" } }, - "required": [ - "DomainName" - ], "type": "object" }, "Type": { "enum": [ - "AWS::CustomerProfiles::Integration" + "AWS::Cognito::UserPool" ], "type": "string" }, @@ -54461,401 +60299,510 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::CustomerProfiles::Integration.ConnectorOperator": { + "AWS::Cognito::UserPool.AccountRecoverySetting": { "additionalProperties": false, "properties": { - "Marketo": { - "markdownDescription": "The operation to be performed on the provided Marketo source fields.", - "title": "Marketo", - "type": "string" - }, - "S3": { - "markdownDescription": "The operation to be performed on the provided Amazon S3 source fields.", - "title": "S3", - "type": "string" - }, - "Salesforce": { - "markdownDescription": "The operation to be performed on the provided Salesforce source fields.", - "title": "Salesforce", - "type": "string" - }, - "ServiceNow": { - "markdownDescription": "The operation to be performed on the provided ServiceNow source fields.", - "title": "ServiceNow", - "type": "string" - }, - "Zendesk": { - "markdownDescription": "The operation to be performed on the provided Zendesk source fields.", - "title": "Zendesk", - "type": "string" + "RecoveryMechanisms": { + "items": { + "$ref": "#/definitions/AWS::Cognito::UserPool.RecoveryOption" + }, + "markdownDescription": "The list of options and priorities for user message delivery in forgot-password operations. Sets or displays user pool preferences for email or SMS message priority, whether users should fall back to a second delivery method, and whether passwords should only be reset by administrators.", + "title": "RecoveryMechanisms", + "type": "array" } }, "type": "object" }, - "AWS::CustomerProfiles::Integration.FlowDefinition": { + "AWS::Cognito::UserPool.AdminCreateUserConfig": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the flow you want to create.", - "title": "Description", - "type": "string" - }, - "FlowName": { - "markdownDescription": "The specified name of the flow. Use underscores (_) or hyphens (-) only. Spaces are not allowed.", - "title": "FlowName", - "type": "string" - }, - "KmsArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) key you provide for encryption.", - "title": "KmsArn", - "type": "string" - }, - "SourceFlowConfig": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.SourceFlowConfig", - "markdownDescription": "The configuration that controls how Customer Profiles retrieves data from the source.", - "title": "SourceFlowConfig" + "AllowAdminCreateUserOnly": { + "markdownDescription": "The setting for allowing self-service sign-up. When `true` , only administrators can create new user profiles. When `false` , users can register themselves and create a new user profile with the `SignUp` operation.", + "title": "AllowAdminCreateUserOnly", + "type": "boolean" }, - "Tasks": { - "items": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.Task" - }, - "markdownDescription": "A list of tasks that Customer Profiles performs while transferring the data in the flow run.", - "title": "Tasks", - "type": "array" + "InviteMessageTemplate": { + "$ref": "#/definitions/AWS::Cognito::UserPool.InviteMessageTemplate", + "markdownDescription": "The template for the welcome message to new users. This template must include the `{####}` temporary password placeholder if you are creating users with passwords. If your users don't have passwords, you can omit the placeholder.\n\nSee also [Customizing User Invitation Messages](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-message-customizations.html#cognito-user-pool-settings-user-invitation-message-customization) .", + "title": "InviteMessageTemplate" }, - "TriggerConfig": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.TriggerConfig", - "markdownDescription": "The trigger settings that determine how and when the flow runs.", - "title": "TriggerConfig" + "UnusedAccountValidityDays": { + "markdownDescription": "This parameter is no longer in use.\n\nThe password expiration limit in days for administrator-created users. When this time expires, the user can't sign in with their temporary password. To reset the account after that time limit, you must call `AdminCreateUser` again, specifying `RESEND` for the `MessageAction` parameter.\n\nThe default value for this parameter is 7.", + "title": "UnusedAccountValidityDays", + "type": "number" } }, - "required": [ - "FlowName", - "KmsArn", - "SourceFlowConfig", - "Tasks", - "TriggerConfig" - ], "type": "object" }, - "AWS::CustomerProfiles::Integration.IncrementalPullConfig": { + "AWS::Cognito::UserPool.AdvancedSecurityAdditionalFlows": { "additionalProperties": false, "properties": { - "DatetimeTypeFieldName": { - "markdownDescription": "A field that specifies the date time or timestamp field as the criteria to use when importing incremental records from the source.", - "title": "DatetimeTypeFieldName", + "CustomAuthMode": { + "markdownDescription": "The operating mode of threat protection in custom authentication with [Custom authentication challenge Lambda triggers](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-challenge.html) .", + "title": "CustomAuthMode", "type": "string" } }, "type": "object" }, - "AWS::CustomerProfiles::Integration.MarketoSourceProperties": { + "AWS::Cognito::UserPool.CustomEmailSender": { "additionalProperties": false, "properties": { - "Object": { - "markdownDescription": "The object specified in the Marketo flow source.", - "title": "Object", + "LambdaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the function that you want to assign to your Lambda trigger.", + "title": "LambdaArn", + "type": "string" + }, + "LambdaVersion": { + "markdownDescription": "The user pool trigger version of the request that Amazon Cognito sends to your Lambda function. Higher-numbered versions add fields that support new features.\n\nYou must use a `LambdaVersion` of `V1_0` with a custom sender function.", + "title": "LambdaVersion", "type": "string" } }, - "required": [ - "Object" - ], "type": "object" }, - "AWS::CustomerProfiles::Integration.ObjectTypeMapping": { + "AWS::Cognito::UserPool.CustomSMSSender": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The key.", - "title": "Key", + "LambdaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the function that you want to assign to your Lambda trigger.", + "title": "LambdaArn", "type": "string" }, - "Value": { - "markdownDescription": "The value.", - "title": "Value", + "LambdaVersion": { + "markdownDescription": "The user pool trigger version of the request that Amazon Cognito sends to your Lambda function. Higher-numbered versions add fields that support new features.\n\nYou must use a `LambdaVersion` of `V1_0` with a custom sender function.", + "title": "LambdaVersion", "type": "string" } }, - "required": [ - "Key", - "Value" - ], "type": "object" }, - "AWS::CustomerProfiles::Integration.S3SourceProperties": { + "AWS::Cognito::UserPool.DeviceConfiguration": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "The Amazon S3 bucket name where the source files are stored.", - "title": "BucketName", + "ChallengeRequiredOnNewDevice": { + "markdownDescription": "When true, a remembered device can sign in with device authentication instead of SMS and time-based one-time password (TOTP) factors for multi-factor authentication (MFA).\n\n> Whether or not `ChallengeRequiredOnNewDevice` is true, users who sign in with devices that have not been confirmed or remembered must still provide a second factor in a user pool that requires MFA.", + "title": "ChallengeRequiredOnNewDevice", + "type": "boolean" + }, + "DeviceOnlyRememberedOnUserPrompt": { + "markdownDescription": "When true, Amazon Cognito doesn't automatically remember a user's device when your app sends a `ConfirmDevice` API request. In your app, create a prompt for your user to choose whether they want to remember their device. Return the user's choice in an `UpdateDeviceStatus` API request.\n\nWhen `DeviceOnlyRememberedOnUserPrompt` is `false` , Amazon Cognito immediately remembers devices that you register in a `ConfirmDevice` API request.", + "title": "DeviceOnlyRememberedOnUserPrompt", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::Cognito::UserPool.EmailConfiguration": { + "additionalProperties": false, + "properties": { + "ConfigurationSet": { + "markdownDescription": "The set of configuration rules that can be applied to emails sent using Amazon Simple Email Service. A configuration set is applied to an email by including a reference to the configuration set in the headers of the email. Once applied, all of the rules in that configuration set are applied to the email. Configuration sets can be used to apply the following types of rules to emails:\n\n- **Event publishing** - Amazon Simple Email Service can track the number of send, delivery, open, click, bounce, and complaint events for each email sent. Use event publishing to send information about these events to other AWS services such as and Amazon CloudWatch\n- **IP pool management** - When leasing dedicated IP addresses with Amazon Simple Email Service, you can create groups of IP addresses, called dedicated IP pools. You can then associate the dedicated IP pools with configuration sets.", + "title": "ConfigurationSet", "type": "string" }, - "BucketPrefix": { - "markdownDescription": "The object key for the Amazon S3 bucket in which the source files are stored.", - "title": "BucketPrefix", + "EmailSendingAccount": { + "markdownDescription": "Specifies whether Amazon Cognito uses its built-in functionality to send your users email messages, or uses your Amazon Simple Email Service email configuration. Specify one of the following values:\n\n- **COGNITO_DEFAULT** - When Amazon Cognito emails your users, it uses its built-in email functionality. When you use the default option, Amazon Cognito allows only a limited number of emails each day for your user pool. For typical production environments, the default email limit is less than the required delivery volume. To achieve a higher delivery volume, specify DEVELOPER to use your Amazon SES email configuration.\n\nTo look up the email delivery limit for the default option, see [Limits](https://docs.aws.amazon.com/cognito/latest/developerguide/limits.html) in the *Amazon Cognito Developer Guide* .\n\nThe default FROM address is `no-reply@verificationemail.com` . To customize the FROM address, provide the Amazon Resource Name (ARN) of an Amazon SES verified email address for the `SourceArn` parameter.\n- **DEVELOPER** - When Amazon Cognito emails your users, it uses your Amazon SES configuration. Amazon Cognito calls Amazon SES on your behalf to send email from your verified email address. When you use this option, the email delivery limits are the same limits that apply to your Amazon SES verified email address in your AWS account .\n\nIf you use this option, provide the ARN of an Amazon SES verified email address for the `SourceArn` parameter.\n\nBefore Amazon Cognito can email your users, it requires additional permissions to call Amazon SES on your behalf. When you update your user pool with this option, Amazon Cognito creates a *service-linked role* , which is a type of role in your AWS account . This role contains the permissions that allow you to access Amazon SES and send email messages from your email address. For more information about the service-linked role that Amazon Cognito creates, see [Using Service-Linked Roles for Amazon Cognito](https://docs.aws.amazon.com/cognito/latest/developerguide/using-service-linked-roles.html) in the *Amazon Cognito Developer Guide* .", + "title": "EmailSendingAccount", + "type": "string" + }, + "From": { + "markdownDescription": "Either the sender\u2019s email address or the sender\u2019s name with their email address. For example, `testuser@example.com` or `Test User ` . This address appears before the body of the email.", + "title": "From", + "type": "string" + }, + "ReplyToEmailAddress": { + "markdownDescription": "The destination to which the receiver of the email should reply.", + "title": "ReplyToEmailAddress", + "type": "string" + }, + "SourceArn": { + "markdownDescription": "The ARN of a verified email address or an address from a verified domain in Amazon SES. You can set a `SourceArn` email from a verified domain only with an API request. You can set a verified email address, but not an address in a verified domain, in the Amazon Cognito console. Amazon Cognito uses the email address that you provide in one of the following ways, depending on the value that you specify for the `EmailSendingAccount` parameter:\n\n- If you specify `COGNITO_DEFAULT` , Amazon Cognito uses this address as the custom FROM address when it emails your users using its built-in email account.\n- If you specify `DEVELOPER` , Amazon Cognito emails your users with this address by calling Amazon SES on your behalf.\n\nThe Region value of the `SourceArn` parameter must indicate a supported AWS Region of your user pool. Typically, the Region in the `SourceArn` and the user pool Region are the same. For more information, see [Amazon SES email configuration regions](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-email.html#user-pool-email-developer-region-mapping) in the [Amazon Cognito Developer Guide](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools.html) .", + "title": "SourceArn", "type": "string" } }, - "required": [ - "BucketName" - ], "type": "object" }, - "AWS::CustomerProfiles::Integration.SalesforceSourceProperties": { + "AWS::Cognito::UserPool.InviteMessageTemplate": { "additionalProperties": false, "properties": { - "EnableDynamicFieldUpdate": { - "markdownDescription": "The flag that enables dynamic fetching of new (recently added) fields in the Salesforce objects while running a flow.", - "title": "EnableDynamicFieldUpdate", - "type": "boolean" + "EmailMessage": { + "markdownDescription": "The message template for email messages. EmailMessage is allowed only if [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is DEVELOPER.", + "title": "EmailMessage", + "type": "string" }, - "IncludeDeletedRecords": { - "markdownDescription": "Indicates whether Amazon AppFlow includes deleted files in the flow run.", - "title": "IncludeDeletedRecords", - "type": "boolean" + "EmailSubject": { + "markdownDescription": "The subject line for email messages. EmailSubject is allowed only if [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is DEVELOPER.", + "title": "EmailSubject", + "type": "string" }, - "Object": { - "markdownDescription": "The object specified in the Salesforce flow source.", - "title": "Object", + "SMSMessage": { + "markdownDescription": "The message template for SMS messages.", + "title": "SMSMessage", "type": "string" } }, - "required": [ - "Object" - ], "type": "object" }, - "AWS::CustomerProfiles::Integration.ScheduledTriggerProperties": { + "AWS::Cognito::UserPool.LambdaConfig": { "additionalProperties": false, "properties": { - "DataPullMode": { - "markdownDescription": "Specifies whether a scheduled flow has an incremental data transfer or a complete data transfer for each flow run.", - "title": "DataPullMode", + "CreateAuthChallenge": { + "markdownDescription": "The configuration of a create auth challenge Lambda trigger, one of three triggers in the sequence of the [custom authentication challenge triggers](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-challenge.html) .", + "title": "CreateAuthChallenge", "type": "string" }, - "FirstExecutionFrom": { - "markdownDescription": "Specifies the date range for the records to import from the connector in the first flow run.", - "title": "FirstExecutionFrom", - "type": "number" + "CustomEmailSender": { + "$ref": "#/definitions/AWS::Cognito::UserPool.CustomEmailSender", + "markdownDescription": "The configuration of a custom email sender Lambda trigger. This trigger routes all email notifications from a user pool to a Lambda function that delivers the message using custom logic.", + "title": "CustomEmailSender" }, - "ScheduleEndTime": { - "markdownDescription": "Specifies the scheduled end time for a scheduled-trigger flow.", - "title": "ScheduleEndTime", - "type": "number" + "CustomMessage": { + "markdownDescription": "A custom message Lambda trigger. This trigger is an opportunity to customize all SMS and email messages from your user pool. When a custom message trigger is active, your user pool routes all messages to a Lambda function that returns a runtime-customized message subject and body for your user pool to deliver to a user.", + "title": "CustomMessage", + "type": "string" }, - "ScheduleExpression": { - "markdownDescription": "The scheduling expression that determines the rate at which the schedule will run, for example rate (5 minutes).", - "title": "ScheduleExpression", + "CustomSMSSender": { + "$ref": "#/definitions/AWS::Cognito::UserPool.CustomSMSSender", + "markdownDescription": "The configuration of a custom SMS sender Lambda trigger. This trigger routes all SMS notifications from a user pool to a Lambda function that delivers the message using custom logic.", + "title": "CustomSMSSender" + }, + "DefineAuthChallenge": { + "markdownDescription": "The configuration of a define auth challenge Lambda trigger, one of three triggers in the sequence of the [custom authentication challenge triggers](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-challenge.html) .", + "title": "DefineAuthChallenge", "type": "string" }, - "ScheduleOffset": { - "markdownDescription": "Specifies the optional offset that is added to the time interval for a schedule-triggered flow.", - "title": "ScheduleOffset", - "type": "number" + "KMSKeyID": { + "markdownDescription": "The ARN of an [KMS key](https://docs.aws.amazon.com//kms/latest/developerguide/concepts.html#master_keys) . Amazon Cognito uses the key to encrypt codes and temporary passwords sent to custom sender Lambda triggers.", + "title": "KMSKeyID", + "type": "string" }, - "ScheduleStartTime": { - "markdownDescription": "Specifies the scheduled start time for a scheduled-trigger flow. The value must be a date/time value in EPOCH format.", - "title": "ScheduleStartTime", - "type": "number" + "PostAuthentication": { + "markdownDescription": "The configuration of a [post authentication Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-post-authentication.html) in a user pool. This trigger can take custom actions after a user signs in.", + "title": "PostAuthentication", + "type": "string" }, - "Timezone": { - "markdownDescription": "Specifies the time zone used when referring to the date and time of a scheduled-triggered flow, such as America/New_York.", - "title": "Timezone", + "PostConfirmation": { + "markdownDescription": "The configuration of a [post confirmation Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-post-confirmation.html) in a user pool. This trigger can take custom actions after a user confirms their user account and their email address or phone number.", + "title": "PostConfirmation", + "type": "string" + }, + "PreAuthentication": { + "markdownDescription": "The configuration of a [pre authentication trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-authentication.html) in a user pool. This trigger can evaluate and modify user sign-in events.", + "title": "PreAuthentication", + "type": "string" + }, + "PreSignUp": { + "markdownDescription": "The configuration of a [pre sign-up Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-sign-up.html) in a user pool. This trigger evaluates new users and can bypass confirmation, [link a federated user profile](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-identity-federation-consolidate-users.html) , or block sign-up requests.", + "title": "PreSignUp", + "type": "string" + }, + "PreTokenGeneration": { + "markdownDescription": "The legacy configuration of a [pre token generation Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-token-generation.html) in a user pool.\n\nSet this parameter for legacy purposes. If you also set an ARN in `PreTokenGenerationConfig` , its value must be identical to `PreTokenGeneration` . For new instances of pre token generation triggers, set the `LambdaArn` of `PreTokenGenerationConfig` .", + "title": "PreTokenGeneration", + "type": "string" + }, + "PreTokenGenerationConfig": { + "$ref": "#/definitions/AWS::Cognito::UserPool.PreTokenGenerationConfig", + "markdownDescription": "The detailed configuration of a [pre token generation Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-token-generation.html) in a user pool. If you also set an ARN in `PreTokenGeneration` , its value must be identical to `PreTokenGenerationConfig` .", + "title": "PreTokenGenerationConfig" + }, + "UserMigration": { + "markdownDescription": "The configuration of a [migrate user Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-migrate-user.html) in a user pool. This trigger can create user profiles when users sign in or attempt to reset their password with credentials that don't exist yet.", + "title": "UserMigration", + "type": "string" + }, + "VerifyAuthChallengeResponse": { + "markdownDescription": "The configuration of a verify auth challenge Lambda trigger, one of three triggers in the sequence of the [custom authentication challenge triggers](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-challenge.html) .", + "title": "VerifyAuthChallengeResponse", "type": "string" } }, - "required": [ - "ScheduleExpression" - ], "type": "object" }, - "AWS::CustomerProfiles::Integration.ServiceNowSourceProperties": { + "AWS::Cognito::UserPool.NumberAttributeConstraints": { "additionalProperties": false, "properties": { - "Object": { - "markdownDescription": "The object specified in the ServiceNow flow source.", - "title": "Object", + "MaxValue": { + "markdownDescription": "The maximum length of a number attribute value. Must be a number less than or equal to `2^1023` , represented as a string with a length of 131072 characters or fewer.", + "title": "MaxValue", + "type": "string" + }, + "MinValue": { + "markdownDescription": "The minimum value of an attribute that is of the number data type.", + "title": "MinValue", "type": "string" } }, - "required": [ - "Object" - ], "type": "object" }, - "AWS::CustomerProfiles::Integration.SourceConnectorProperties": { + "AWS::Cognito::UserPool.PasswordPolicy": { "additionalProperties": false, "properties": { - "Marketo": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.MarketoSourceProperties", - "markdownDescription": "The properties that are applied when Marketo is being used as a source.", - "title": "Marketo" + "MinimumLength": { + "markdownDescription": "The minimum length of the password in the policy that you have set. This value can't be less than 6.", + "title": "MinimumLength", + "type": "number" }, - "S3": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.S3SourceProperties", - "markdownDescription": "The properties that are applied when Amazon S3 is being used as the flow source.", - "title": "S3" + "PasswordHistorySize": { + "markdownDescription": "The number of previous passwords that you want Amazon Cognito to restrict each user from reusing. Users can't set a password that matches any of `n` previous passwords, where `n` is the value of `PasswordHistorySize` .", + "title": "PasswordHistorySize", + "type": "number" }, - "Salesforce": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.SalesforceSourceProperties", - "markdownDescription": "The properties that are applied when Salesforce is being used as a source.", - "title": "Salesforce" + "RequireLowercase": { + "markdownDescription": "The requirement in a password policy that users must include at least one lowercase letter in their password.", + "title": "RequireLowercase", + "type": "boolean" }, - "ServiceNow": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.ServiceNowSourceProperties", - "markdownDescription": "The properties that are applied when ServiceNow is being used as a source.", - "title": "ServiceNow" + "RequireNumbers": { + "markdownDescription": "The requirement in a password policy that users must include at least one number in their password.", + "title": "RequireNumbers", + "type": "boolean" }, - "Zendesk": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.ZendeskSourceProperties", - "markdownDescription": "The properties that are applied when using Zendesk as a flow source.", - "title": "Zendesk" + "RequireSymbols": { + "markdownDescription": "The requirement in a password policy that users must include at least one symbol in their password.", + "title": "RequireSymbols", + "type": "boolean" + }, + "RequireUppercase": { + "markdownDescription": "The requirement in a password policy that users must include at least one uppercase letter in their password.", + "title": "RequireUppercase", + "type": "boolean" + }, + "TemporaryPasswordValidityDays": { + "markdownDescription": "The number of days a temporary password is valid in the password policy. If the user doesn't sign in during this time, an administrator must reset their password. Defaults to `7` . If you submit a value of `0` , Amazon Cognito treats it as a null value and sets `TemporaryPasswordValidityDays` to its default value.\n\n> When you set `TemporaryPasswordValidityDays` for a user pool, you can no longer set a value for the legacy `UnusedAccountValidityDays` parameter in that user pool.", + "title": "TemporaryPasswordValidityDays", + "type": "number" } }, "type": "object" }, - "AWS::CustomerProfiles::Integration.SourceFlowConfig": { + "AWS::Cognito::UserPool.Policies": { "additionalProperties": false, "properties": { - "ConnectorProfileName": { - "markdownDescription": "The name of the Amazon AppFlow connector profile. This name must be unique for each connector profile in the AWS account .", - "title": "ConnectorProfileName", - "type": "string" + "PasswordPolicy": { + "$ref": "#/definitions/AWS::Cognito::UserPool.PasswordPolicy", + "markdownDescription": "The password policy settings for a user pool, including complexity, history, and length requirements.", + "title": "PasswordPolicy" }, - "ConnectorType": { - "markdownDescription": "The type of connector, such as Salesforce, Marketo, and so on.", - "title": "ConnectorType", + "SignInPolicy": { + "$ref": "#/definitions/AWS::Cognito::UserPool.SignInPolicy", + "markdownDescription": "The policy for allowed types of authentication in a user pool. To activate this setting, your user pool must be in the [Essentials tier](https://docs.aws.amazon.com/cognito/latest/developerguide/feature-plans-features-essentials.html) or higher.", + "title": "SignInPolicy" + } + }, + "type": "object" + }, + "AWS::Cognito::UserPool.PreTokenGenerationConfig": { + "additionalProperties": false, + "properties": { + "LambdaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the function that you want to assign to your Lambda trigger.\n\nThis parameter and the `PreTokenGeneration` property of `LambdaConfig` have the same value. For new instances of pre token generation triggers, set `LambdaArn` .", + "title": "LambdaArn", "type": "string" }, - "IncrementalPullConfig": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.IncrementalPullConfig", - "markdownDescription": "Defines the configuration for a scheduled incremental data pull. If a valid configuration is provided, the fields specified in the configuration are used when querying for the incremental data pull.", - "title": "IncrementalPullConfig" + "LambdaVersion": { + "markdownDescription": "The user pool trigger version of the request that Amazon Cognito sends to your Lambda function. Higher-numbered versions add fields that support new features.", + "title": "LambdaVersion", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Cognito::UserPool.RecoveryOption": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The recovery method that this object sets a recovery option for.", + "title": "Name", + "type": "string" }, - "SourceConnectorProperties": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.SourceConnectorProperties", - "markdownDescription": "Specifies the information that is required to query a particular source connector.", - "title": "SourceConnectorProperties" + "Priority": { + "markdownDescription": "Your priority preference for using the specified attribute in account recovery. The highest priority is `1` .", + "title": "Priority", + "type": "number" } }, - "required": [ - "ConnectorType", - "SourceConnectorProperties" - ], "type": "object" }, - "AWS::CustomerProfiles::Integration.Task": { + "AWS::Cognito::UserPool.SchemaAttribute": { "additionalProperties": false, "properties": { - "ConnectorOperator": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.ConnectorOperator", - "markdownDescription": "The operation to be performed on the provided source fields.", - "title": "ConnectorOperator" + "AttributeDataType": { + "markdownDescription": "The data format of the values for your attribute. When you choose an `AttributeDataType` , Amazon Cognito validates the input against the data type. A custom attribute value in your user's ID token is always a string, for example `\"custom:isMember\" : \"true\"` or `\"custom:YearsAsMember\" : \"12\"` .", + "title": "AttributeDataType", + "type": "string" }, - "DestinationField": { - "markdownDescription": "A field in a destination connector, or a field value against which Amazon AppFlow validates a source field.", - "title": "DestinationField", + "DeveloperOnlyAttribute": { + "markdownDescription": "> You should use [WriteAttributes](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UserPoolClientType.html#CognitoUserPools-Type-UserPoolClientType-WriteAttributes) in the user pool client to control how attributes can be mutated for new use cases instead of using `DeveloperOnlyAttribute` . \n\nSpecifies whether the attribute type is developer only. This attribute can only be modified by an administrator. Users won't be able to modify this attribute using their access token. For example, `DeveloperOnlyAttribute` can be modified using AdminUpdateUserAttributes but can't be updated using UpdateUserAttributes.", + "title": "DeveloperOnlyAttribute", + "type": "boolean" + }, + "Mutable": { + "markdownDescription": "Specifies whether the value of the attribute can be changed.\n\nAny user pool attribute whose value you map from an IdP attribute must be mutable, with a parameter value of `true` . Amazon Cognito updates mapped attributes when users sign in to your application through an IdP. If an attribute is immutable, Amazon Cognito throws an error when it attempts to update the attribute. For more information, see [Specifying Identity Provider Attribute Mappings for Your User Pool](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-specifying-attribute-mapping.html) .", + "title": "Mutable", + "type": "boolean" + }, + "Name": { + "markdownDescription": "The name of your user pool attribute. When you create or update a user pool, adding a schema attribute creates a custom or developer-only attribute. When you add an attribute with a `Name` value of `MyAttribute` , Amazon Cognito creates the custom attribute `custom:MyAttribute` . When `DeveloperOnlyAttribute` is `true` , Amazon Cognito creates your attribute as `dev:MyAttribute` . In an operation that describes a user pool, Amazon Cognito returns this value as `value` for standard attributes, `custom:value` for custom attributes, and `dev:value` for developer-only attributes..", + "title": "Name", "type": "string" }, - "SourceFields": { + "NumberAttributeConstraints": { + "$ref": "#/definitions/AWS::Cognito::UserPool.NumberAttributeConstraints", + "markdownDescription": "Specifies the constraints for an attribute of the number type.", + "title": "NumberAttributeConstraints" + }, + "Required": { + "markdownDescription": "Specifies whether a user pool attribute is required. If the attribute is required and the user doesn't provide a value, registration or sign-in will fail.", + "title": "Required", + "type": "boolean" + }, + "StringAttributeConstraints": { + "$ref": "#/definitions/AWS::Cognito::UserPool.StringAttributeConstraints", + "markdownDescription": "Specifies the constraints for an attribute of the string type.", + "title": "StringAttributeConstraints" + } + }, + "type": "object" + }, + "AWS::Cognito::UserPool.SignInPolicy": { + "additionalProperties": false, + "properties": { + "AllowedFirstAuthFactors": { "items": { "type": "string" }, - "markdownDescription": "The source fields to which a particular task is applied.", - "title": "SourceFields", + "markdownDescription": "The sign-in methods that a user pool supports as the first factor. You can permit users to start authentication with a standard username and password, or with other one-time password and hardware factors.\n\nSupports values of `EMAIL_OTP` , `SMS_OTP` , `WEB_AUTHN` and `PASSWORD` ,", + "title": "AllowedFirstAuthFactors", "type": "array" + } + }, + "type": "object" + }, + "AWS::Cognito::UserPool.SmsConfiguration": { + "additionalProperties": false, + "properties": { + "ExternalId": { + "markdownDescription": "The external ID provides additional security for your IAM role. You can use an `ExternalId` with the IAM role that you use with Amazon SNS to send SMS messages for your user pool. If you provide an `ExternalId` , your Amazon Cognito user pool includes it in the request to assume your IAM role. You can configure the role trust policy to require that Amazon Cognito, and any principal, provide the `ExternalID` . If you use the Amazon Cognito Management Console to create a role for SMS multi-factor authentication (MFA), Amazon Cognito creates a role with the required permissions and a trust policy that demonstrates use of the `ExternalId` .\n\nFor more information about the `ExternalId` of a role, see [How to use an external ID when granting access to your AWS resources to a third party](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user_externalid.html) .", + "title": "ExternalId", + "type": "string" }, - "TaskProperties": { - "items": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.TaskPropertiesMap" - }, - "markdownDescription": "A map used to store task-related information. The service looks for particular information based on the TaskType.", - "title": "TaskProperties", - "type": "array" + "SnsCallerArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS caller. This is the ARN of the IAM role in your AWS account that Amazon Cognito will use to send SMS messages. SMS messages are subject to a [spending limit](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html) .", + "title": "SnsCallerArn", + "type": "string" }, - "TaskType": { - "markdownDescription": "Specifies the particular task implementation that Amazon AppFlow performs.", - "title": "TaskType", + "SnsRegion": { + "markdownDescription": "The AWS Region to use with Amazon SNS integration. You can choose the same Region as your user pool, or a supported *Legacy Amazon SNS alternate Region* .\n\nAmazon Cognito resources in the Asia Pacific (Seoul) AWS Region must use your Amazon SNS configuration in the Asia Pacific (Tokyo) Region. For more information, see [SMS message settings for Amazon Cognito user pools](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html) .", + "title": "SnsRegion", "type": "string" } }, - "required": [ - "SourceFields", - "TaskType" - ], "type": "object" }, - "AWS::CustomerProfiles::Integration.TaskPropertiesMap": { + "AWS::Cognito::UserPool.StringAttributeConstraints": { "additionalProperties": false, "properties": { - "OperatorPropertyKey": { - "markdownDescription": "The task property key.", - "title": "OperatorPropertyKey", + "MaxLength": { + "markdownDescription": "The maximum length of a string attribute value. Must be a number less than or equal to `2^1023` , represented as a string with a length of 131072 characters or fewer.", + "title": "MaxLength", "type": "string" }, - "Property": { - "markdownDescription": "The task property value.", - "title": "Property", + "MinLength": { + "markdownDescription": "The minimum length of a string attribute value.", + "title": "MinLength", "type": "string" } }, + "type": "object" + }, + "AWS::Cognito::UserPool.UserAttributeUpdateSettings": { + "additionalProperties": false, + "properties": { + "AttributesRequireVerificationBeforeUpdate": { + "items": { + "type": "string" + }, + "markdownDescription": "Requires that your user verifies their email address, phone number, or both before Amazon Cognito updates the value of that attribute. When you update a user attribute that has this option activated, Amazon Cognito sends a verification message to the new phone number or email address. Amazon Cognito doesn\u2019t change the value of the attribute until your user responds to the verification message and confirms the new value.\n\nWhen `AttributesRequireVerificationBeforeUpdate` is false, your user pool doesn't require that your users verify attribute changes before Amazon Cognito updates them. In a user pool where `AttributesRequireVerificationBeforeUpdate` is false, API operations that change attribute values can immediately update a user\u2019s `email` or `phone_number` attribute.", + "title": "AttributesRequireVerificationBeforeUpdate", + "type": "array" + } + }, "required": [ - "OperatorPropertyKey", - "Property" + "AttributesRequireVerificationBeforeUpdate" ], "type": "object" }, - "AWS::CustomerProfiles::Integration.TriggerConfig": { + "AWS::Cognito::UserPool.UserPoolAddOns": { "additionalProperties": false, "properties": { - "TriggerProperties": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.TriggerProperties", - "markdownDescription": "Specifies the configuration details of a schedule-triggered flow that you define. Currently, these settings only apply to the Scheduled trigger type.", - "title": "TriggerProperties" + "AdvancedSecurityAdditionalFlows": { + "$ref": "#/definitions/AWS::Cognito::UserPool.AdvancedSecurityAdditionalFlows", + "markdownDescription": "Threat protection configuration options for additional authentication types in your user pool, including custom authentication.", + "title": "AdvancedSecurityAdditionalFlows" }, - "TriggerType": { - "markdownDescription": "Specifies the type of flow trigger. It can be OnDemand, Scheduled, or Event.", - "title": "TriggerType", + "AdvancedSecurityMode": { + "markdownDescription": "The operating mode of threat protection for standard authentication types in your user pool, including username-password and secure remote password (SRP) authentication.", + "title": "AdvancedSecurityMode", "type": "string" } }, - "required": [ - "TriggerType" - ], "type": "object" }, - "AWS::CustomerProfiles::Integration.TriggerProperties": { + "AWS::Cognito::UserPool.UsernameConfiguration": { "additionalProperties": false, "properties": { - "Scheduled": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.ScheduledTriggerProperties", - "markdownDescription": "Specifies the configuration details of a schedule-triggered flow that you define.", - "title": "Scheduled" + "CaseSensitive": { + "markdownDescription": "Specifies whether user name case sensitivity will be applied for all users in the user pool through Amazon Cognito APIs. For most use cases, set case sensitivity to `False` (case insensitive) as a best practice. When usernames and email addresses are case insensitive, users can sign in as the same user when they enter a different capitalization of their user name.\n\nValid values include:\n\n- **true** - Enables case sensitivity for all username input. When this option is set to `true` , users must sign in using the exact capitalization of their given username, such as \u201cUserName\u201d. This is the default value.\n- **false** - Enables case insensitivity for all username input. For example, when this option is set to `false` , users can sign in using `username` , `USERNAME` , or `UserName` . This option also enables both `preferred_username` and `email` alias to be case insensitive, in addition to the `username` attribute.", + "title": "CaseSensitive", + "type": "boolean" } }, "type": "object" }, - "AWS::CustomerProfiles::Integration.ZendeskSourceProperties": { + "AWS::Cognito::UserPool.VerificationMessageTemplate": { "additionalProperties": false, "properties": { - "Object": { - "markdownDescription": "The object specified in the Zendesk flow source.", - "title": "Object", + "DefaultEmailOption": { + "markdownDescription": "The configuration of verification emails to contain a clickable link or a verification code.\n\nFor link, your template body must contain link text in the format `{##Click here##}` . \"Click here\" in the example is a customizable string. For code, your template body must contain a code placeholder in the format `{####}` .", + "title": "DefaultEmailOption", + "type": "string" + }, + "EmailMessage": { + "markdownDescription": "The template for email messages that Amazon Cognito sends to your users. You can set an `EmailMessage` template only if the value of [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` . When your [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` , your user pool sends email messages with your own Amazon SES configuration.", + "title": "EmailMessage", + "type": "string" + }, + "EmailMessageByLink": { + "markdownDescription": "The email message template for sending a confirmation link to the user. You can set an `EmailMessageByLink` template only if the value of [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` . When your [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` , your user pool sends email messages with your own Amazon SES configuration.", + "title": "EmailMessageByLink", + "type": "string" + }, + "EmailSubject": { + "markdownDescription": "The subject line for the email message template. You can set an `EmailSubject` template only if the value of [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` . When your [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` , your user pool sends email messages with your own Amazon SES configuration.", + "title": "EmailSubject", + "type": "string" + }, + "EmailSubjectByLink": { + "markdownDescription": "The subject line for the email message template for sending a confirmation link to the user. You can set an `EmailSubjectByLink` template only if the value of [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` . When your [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` , your user pool sends email messages with your own Amazon SES configuration.", + "title": "EmailSubjectByLink", + "type": "string" + }, + "SmsMessage": { + "markdownDescription": "The template for SMS messages that Amazon Cognito sends to your users.", + "title": "SmsMessage", "type": "string" } }, - "required": [ - "Object" - ], "type": "object" }, - "AWS::CustomerProfiles::ObjectType": { + "AWS::Cognito::UserPoolClient": { "additionalProperties": false, "properties": { "Condition": { @@ -54890,81 +60837,154 @@ "Properties": { "additionalProperties": false, "properties": { - "AllowProfileCreation": { - "markdownDescription": "Indicates whether a profile should be created when data is received if one doesn\u2019t exist for an object of this type. The default is `FALSE` . If the AllowProfileCreation flag is set to `FALSE` , then the service tries to fetch a standard profile and associate this object with the profile. If it is set to `TRUE` , and if no match is found, then the service creates a new standard profile.", - "title": "AllowProfileCreation", + "AccessTokenValidity": { + "markdownDescription": "The access token time limit. After this limit expires, your user can't use their access token. To specify the time unit for `AccessTokenValidity` as `seconds` , `minutes` , `hours` , or `days` , set a `TokenValidityUnits` value in your API request.\n\nFor example, when you set `AccessTokenValidity` to `10` and `TokenValidityUnits` to `hours` , your user can authorize access with\ntheir access token for 10 hours.\n\nThe default time unit for `AccessTokenValidity` in an API request is hours. *Valid range* is displayed below in seconds.\n\nIf you don't specify otherwise in the configuration of your app client, your access\ntokens are valid for one hour.", + "title": "AccessTokenValidity", + "type": "number" + }, + "AllowedOAuthFlows": { + "items": { + "type": "string" + }, + "markdownDescription": "The OAuth grant types that you want your app client to generate for clients in managed login authentication. To create an app client that generates client credentials grants, you must add `client_credentials` as the only allowed OAuth flow.\n\n- **code** - Use a code grant flow, which provides an authorization code as the response. This code can be exchanged for access tokens with the `/oauth2/token` endpoint.\n- **implicit** - Issue the access token, and the ID token when scopes like `openid` and `profile` are requested, directly to your user.\n- **client_credentials** - Issue the access token from the `/oauth2/token` endpoint directly to a non-person user, authorized by a combination of the client ID and client secret.", + "title": "AllowedOAuthFlows", + "type": "array" + }, + "AllowedOAuthFlowsUserPoolClient": { + "markdownDescription": "Set to `true` to use OAuth 2.0 authorization server features in your app client.\n\nThis parameter must have a value of `true` before you can configure the following features in your app client.\n\n- `CallBackURLs` : Callback URLs.\n- `LogoutURLs` : Sign-out redirect URLs.\n- `AllowedOAuthScopes` : OAuth 2.0 scopes.\n- `AllowedOAuthFlows` : Support for authorization code, implicit, and client credentials OAuth 2.0 grants.\n\nTo use authorization server features, configure one of these features in the Amazon Cognito console or set `AllowedOAuthFlowsUserPoolClient` to `true` in a `CreateUserPoolClient` or `UpdateUserPoolClient` API request. If you don't set a value for `AllowedOAuthFlowsUserPoolClient` in a request with the AWS CLI or SDKs, it defaults to `false` . When `false` , only SDK-based API sign-in is permitted.", + "title": "AllowedOAuthFlowsUserPoolClient", "type": "boolean" }, - "Description": { - "markdownDescription": "The description of the profile object type mapping.", - "title": "Description", - "type": "string" + "AllowedOAuthScopes": { + "items": { + "type": "string" + }, + "markdownDescription": "The OAuth, OpenID Connect (OIDC), and custom scopes that you want to permit your app client to authorize access with. Scopes govern access control to user pool self-service API operations, user data from the `userInfo` endpoint, and third-party APIs. Scope values include `phone` , `email` , `openid` , and `profile` . The `aws.cognito.signin.user.admin` scope authorizes user self-service operations. Custom scopes with resource servers authorize access to external APIs.", + "title": "AllowedOAuthScopes", + "type": "array" }, - "DomainName": { - "markdownDescription": "The unique name of the domain.", - "title": "DomainName", + "AnalyticsConfiguration": { + "$ref": "#/definitions/AWS::Cognito::UserPoolClient.AnalyticsConfiguration", + "markdownDescription": "The user pool analytics configuration for collecting metrics and sending them to your Amazon Pinpoint campaign.\n\nIn AWS Regions where Amazon Pinpoint isn't available, user pools might not have access to analytics or might be configurable with campaigns in the US East (N. Virginia) Region. For more information, see [Using Amazon Pinpoint analytics](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-pinpoint-integration.html) .", + "title": "AnalyticsConfiguration" + }, + "AuthSessionValidity": { + "markdownDescription": "Amazon Cognito creates a session token for each API request in an authentication flow. `AuthSessionValidity` is the duration, in minutes, of that session token. Your user pool native user must respond to each authentication challenge before the session expires.", + "title": "AuthSessionValidity", + "type": "number" + }, + "CallbackURLs": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of allowed redirect, or callback, URLs for managed login authentication. These URLs are the paths where you want to send your users' browsers after they complete authentication with managed login or a third-party IdP. Typically, callback URLs are the home of an application that uses OAuth or OIDC libraries to process authentication outcomes.\n\nA redirect URI must meet the following requirements:\n\n- Be an absolute URI.\n- Be registered with the authorization server. Amazon Cognito doesn't accept authorization requests with `redirect_uri` values that aren't in the list of `CallbackURLs` that you provide in this parameter.\n- Not include a fragment component.\n\nSee [OAuth 2.0 - Redirection Endpoint](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6749#section-3.1.2) .\n\nAmazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only.\n\nApp callback URLs such as myapp://example are also supported.", + "title": "CallbackURLs", + "type": "array" + }, + "ClientName": { + "markdownDescription": "A friendly name for the app client that you want to create.", + "title": "ClientName", "type": "string" }, - "EncryptionKey": { - "markdownDescription": "The customer-provided key to encrypt the profile object that will be created in this profile object type mapping. If not specified the system will use the encryption key of the domain.", - "title": "EncryptionKey", + "DefaultRedirectURI": { + "markdownDescription": "The default redirect URI. In app clients with one assigned IdP, replaces `redirect_uri` in authentication requests. Must be in the `CallbackURLs` list.", + "title": "DefaultRedirectURI", "type": "string" }, - "ExpirationDays": { - "markdownDescription": "The number of days until the data of this type expires.", - "title": "ExpirationDays", - "type": "number" + "EnablePropagateAdditionalUserContextData": { + "markdownDescription": "When `true` , your application can include additional `UserContextData` in authentication requests. This data includes the IP address, and contributes to analysis by threat protection features. For more information about propagation of user context data, see [Adding session data to API requests](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-adaptive-authentication.html#user-pool-settings-adaptive-authentication-device-fingerprint) . If you don\u2019t include this parameter, you can't send the source IP address to Amazon Cognito threat protection features. You can only activate `EnablePropagateAdditionalUserContextData` in an app client that has a client secret.", + "title": "EnablePropagateAdditionalUserContextData", + "type": "boolean" }, - "Fields": { + "EnableTokenRevocation": { + "markdownDescription": "Activates or deactivates token revocation.\n\nIf you don't include this parameter, token revocation is automatically activated for the new user pool client.", + "title": "EnableTokenRevocation", + "type": "boolean" + }, + "ExplicitAuthFlows": { "items": { - "$ref": "#/definitions/AWS::CustomerProfiles::ObjectType.FieldMap" + "type": "string" }, - "markdownDescription": "A list of field definitions for the object type mapping.", - "title": "Fields", + "markdownDescription": "The [authentication flows](https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-authentication-flow-methods.html) that you want your user pool client to support. For each app client in your user pool, you can sign in your users with any combination of one or more flows, including with a user name and Secure Remote Password (SRP), a user name and password, or a custom authentication process that you define with Lambda functions.\n\n> If you don't specify a value for `ExplicitAuthFlows` , your app client supports `ALLOW_REFRESH_TOKEN_AUTH` , `ALLOW_USER_SRP_AUTH` , and `ALLOW_CUSTOM_AUTH` . \n\nThe values for authentication flow options include the following.\n\n- `ALLOW_USER_AUTH` : Enable selection-based sign-in with `USER_AUTH` . This setting covers username-password, secure remote password (SRP), passwordless, and passkey authentication. This authentiation flow can do username-password and SRP authentication without other `ExplicitAuthFlows` permitting them. For example users can complete an SRP challenge through `USER_AUTH` without the flow `USER_SRP_AUTH` being active for the app client. This flow doesn't include `CUSTOM_AUTH` .\n\nTo activate this setting, your user pool must be in the [Essentials tier](https://docs.aws.amazon.com/cognito/latest/developerguide/feature-plans-features-essentials.html) or higher.\n- `ALLOW_ADMIN_USER_PASSWORD_AUTH` : Enable admin based user password authentication flow `ADMIN_USER_PASSWORD_AUTH` . This setting replaces the `ADMIN_NO_SRP_AUTH` setting. With this authentication flow, your app passes a user name and password to Amazon Cognito in the request, instead of using the Secure Remote Password (SRP) protocol to securely transmit the password.\n- `ALLOW_CUSTOM_AUTH` : Enable Lambda trigger based authentication.\n- `ALLOW_USER_PASSWORD_AUTH` : Enable user password-based authentication. In this flow, Amazon Cognito receives the password in the request instead of using the SRP protocol to verify passwords.\n- `ALLOW_USER_SRP_AUTH` : Enable SRP-based authentication.\n- `ALLOW_REFRESH_TOKEN_AUTH` : Enable authflow to refresh tokens.\n\nIn some environments, you will see the values `ADMIN_NO_SRP_AUTH` , `CUSTOM_AUTH_FLOW_ONLY` , or `USER_PASSWORD_AUTH` . You can't assign these legacy `ExplicitAuthFlows` values to user pool clients at the same time as values that begin with `ALLOW_` ,\nlike `ALLOW_USER_SRP_AUTH` .", + "title": "ExplicitAuthFlows", "type": "array" }, - "Keys": { + "GenerateSecret": { + "markdownDescription": "When `true` , generates a client secret for the app client. Client secrets are used with server-side and machine-to-machine applications. Client secrets are automatically generated; you can't specify a secret value. For more information, see [App client types](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-client-apps.html#user-pool-settings-client-app-client-types) .", + "title": "GenerateSecret", + "type": "boolean" + }, + "IdTokenValidity": { + "markdownDescription": "The ID token time limit. After this limit expires, your user can't use their ID token. To specify the time unit for `IdTokenValidity` as `seconds` , `minutes` , `hours` , or `days` , set a `TokenValidityUnits` value in your API request.\n\nFor example, when you set `IdTokenValidity` as `10` and `TokenValidityUnits` as `hours` , your user can authenticate their session with their ID token for 10 hours.\n\nThe default time unit for `IdTokenValidity` in an API request is hours. *Valid range* is displayed below in seconds.\n\nIf you don't specify otherwise in the configuration of your app client, your ID\ntokens are valid for one hour.", + "title": "IdTokenValidity", + "type": "number" + }, + "LogoutURLs": { "items": { - "$ref": "#/definitions/AWS::CustomerProfiles::ObjectType.KeyMap" + "type": "string" }, - "markdownDescription": "A list of keys that can be used to map data to the profile or search for the profile.", - "title": "Keys", + "markdownDescription": "A list of allowed logout URLs for managed login authentication. When you pass `logout_uri` and `client_id` parameters to `/logout` , Amazon Cognito signs out your user and redirects them to the logout URL. This parameter describes the URLs that you want to be the permitted targets of `logout_uri` . A typical use of these URLs is when a user selects \"Sign out\" and you redirect them to your public homepage. For more information, see [Logout endpoint](https://docs.aws.amazon.com/cognito/latest/developerguide/logout-endpoint.html) .", + "title": "LogoutURLs", "type": "array" }, - "ObjectTypeName": { - "markdownDescription": "The name of the profile object type.", - "title": "ObjectTypeName", + "PreventUserExistenceErrors": { + "markdownDescription": "Errors and responses that you want Amazon Cognito APIs to return during authentication, account confirmation, and password recovery when the user doesn't exist in the user pool. When set to `ENABLED` and the user doesn't exist, authentication returns an error indicating either the username or password was incorrect. Account confirmation and password recovery return a response indicating a code was sent to a simulated destination. When set to `LEGACY` , those APIs return a `UserNotFoundException` exception if the user doesn't exist in the user pool.\n\nValid values include:\n\n- `ENABLED` - This prevents user existence-related errors.\n- `LEGACY` - This represents the early behavior of Amazon Cognito where user existence related errors aren't prevented.\n\nDefaults to `LEGACY` when you don't provide a value.", + "title": "PreventUserExistenceErrors", "type": "string" }, - "SourceLastUpdatedTimestampFormat": { - "markdownDescription": "The format of your sourceLastUpdatedTimestamp that was previously set up.", - "title": "SourceLastUpdatedTimestampFormat", - "type": "string" + "ReadAttributes": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of user attributes that you want your app client to have read access to. After your user authenticates in your app, their access token authorizes them to read their own attribute value for any attribute in this list. An example of this kind of activity is when your user selects a link to view their profile information.\n\nWhen you don't specify the `ReadAttributes` for your app client, your app can read the values of `email_verified` , `phone_number_verified` , and the Standard attributes of your user pool. When your user pool app client has read access to these default attributes, `ReadAttributes` doesn't return any information. Amazon Cognito only populates `ReadAttributes` in the API response if you have specified your own custom set of read attributes.", + "title": "ReadAttributes", + "type": "array" }, - "Tags": { + "RefreshTokenRotation": { + "$ref": "#/definitions/AWS::Cognito::UserPoolClient.RefreshTokenRotation", + "markdownDescription": "The configuration of your app client for refresh token rotation. When enabled, your app client issues new ID, access, and refresh tokens when users renew their sessions with refresh tokens. When disabled, token refresh issues only ID and access tokens.", + "title": "RefreshTokenRotation" + }, + "RefreshTokenValidity": { + "markdownDescription": "The refresh token time limit. After this limit expires, your user can't use their refresh token. To specify the time unit for `RefreshTokenValidity` as `seconds` , `minutes` , `hours` , or `days` , set a `TokenValidityUnits` value in your API request.\n\nFor example, when you set `RefreshTokenValidity` as `10` and `TokenValidityUnits` as `days` , your user can refresh their session\nand retrieve new access and ID tokens for 10 days.\n\nThe default time unit for `RefreshTokenValidity` in an API request is days. You can't set `RefreshTokenValidity` to 0. If you do, Amazon Cognito overrides the value with the default value of 30 days. *Valid range* is displayed below in seconds.\n\nIf you don't specify otherwise in the configuration of your app client, your refresh\ntokens are valid for 30 days.", + "title": "RefreshTokenValidity", + "type": "number" + }, + "SupportedIdentityProviders": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource.", - "title": "Tags", + "markdownDescription": "A list of provider names for the identity providers (IdPs) that are supported on this client. The following are supported: `COGNITO` , `Facebook` , `Google` , `SignInWithApple` , and `LoginWithAmazon` . You can also specify the names that you configured for the SAML and OIDC IdPs in your user pool, for example `MySAMLIdP` or `MyOIDCIdP` .\n\nThis parameter sets the IdPs that [managed login](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-managed-login.html) will display on the login page for your app client. The removal of `COGNITO` from this list doesn't prevent authentication operations for local users with the user pools API in an AWS SDK. The only way to prevent SDK-based authentication is to block access with a [AWS WAF rule](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-waf.html) .", + "title": "SupportedIdentityProviders", "type": "array" }, - "TemplateId": { - "markdownDescription": "A unique identifier for the template mapping. This can be used instead of specifying the Keys and Fields properties directly.", - "title": "TemplateId", + "TokenValidityUnits": { + "$ref": "#/definitions/AWS::Cognito::UserPoolClient.TokenValidityUnits", + "markdownDescription": "The units that validity times are represented in. The default unit for refresh tokens is days, and the default for ID and access tokens are hours.", + "title": "TokenValidityUnits" + }, + "UserPoolId": { + "markdownDescription": "The ID of the user pool where you want to create an app client.", + "title": "UserPoolId", "type": "string" + }, + "WriteAttributes": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of user attributes that you want your app client to have write access to. After your user authenticates in your app, their access token authorizes them to set or modify their own attribute value for any attribute in this list.\n\nWhen you don't specify the `WriteAttributes` for your app client, your app can write the values of the Standard attributes of your user pool. When your user pool has write access to these default attributes, `WriteAttributes` doesn't return any information. Amazon Cognito only populates `WriteAttributes` in the API response if you have specified your own custom set of write attributes.\n\nIf your app client allows users to sign in through an IdP, this array must include all attributes that you have mapped to IdP attributes. Amazon Cognito updates mapped attributes when users sign in to your application through an IdP. If your app client does not have write access to a mapped attribute, Amazon Cognito throws an error when it tries to update the attribute. For more information, see [Specifying IdP Attribute Mappings for Your user pool](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-specifying-attribute-mapping.html) .", + "title": "WriteAttributes", + "type": "array" } }, "required": [ - "Description", - "DomainName", - "ObjectTypeName" + "UserPoolId" ], "type": "object" }, "Type": { "enum": [ - "AWS::CustomerProfiles::ObjectType" + "AWS::Cognito::UserPoolClient" ], "type": "string" }, @@ -54983,85 +61003,75 @@ ], "type": "object" }, - "AWS::CustomerProfiles::ObjectType.FieldMap": { + "AWS::Cognito::UserPoolClient.AnalyticsConfiguration": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "Name of the field.", - "title": "Name", + "ApplicationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an Amazon Pinpoint project that you want to connect to your user pool app client. Amazon Cognito publishes events to the Amazon Pinpoint project that `ApplicationArn` declares. You can also configure your application to pass an endpoint ID in the `AnalyticsMetadata` parameter of sign-in operations. The endpoint ID is information about the destination for push notifications", + "title": "ApplicationArn", "type": "string" }, - "ObjectTypeField": { - "$ref": "#/definitions/AWS::CustomerProfiles::ObjectType.ObjectTypeField", - "markdownDescription": "Represents a field in a ProfileObjectType.", - "title": "ObjectTypeField" + "ApplicationId": { + "markdownDescription": "Your Amazon Pinpoint project ID.", + "title": "ApplicationId", + "type": "string" + }, + "ExternalId": { + "markdownDescription": "The [external ID](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user_externalid.html) of the role that Amazon Cognito assumes to send analytics data to Amazon Pinpoint.", + "title": "ExternalId", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of an AWS Identity and Access Management role that has the permissions required for Amazon Cognito to publish events to Amazon Pinpoint analytics.", + "title": "RoleArn", + "type": "string" + }, + "UserDataShared": { + "markdownDescription": "If `UserDataShared` is `true` , Amazon Cognito includes user data in the events that it publishes to Amazon Pinpoint analytics.", + "title": "UserDataShared", + "type": "boolean" } }, "type": "object" }, - "AWS::CustomerProfiles::ObjectType.KeyMap": { + "AWS::Cognito::UserPoolClient.RefreshTokenRotation": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "Name of the key.", - "title": "Name", + "Feature": { + "markdownDescription": "The state of refresh token rotation for the current app client.", + "title": "Feature", "type": "string" }, - "ObjectTypeKeyList": { - "items": { - "$ref": "#/definitions/AWS::CustomerProfiles::ObjectType.ObjectTypeKey" - }, - "markdownDescription": "A list of ObjectTypeKey.", - "title": "ObjectTypeKeyList", - "type": "array" + "RetryGracePeriodSeconds": { + "markdownDescription": "When you request a token refresh with `GetTokensFromRefreshToken` , the original refresh token that you're rotating out can remain valid for a period of time of up to 60 seconds. This allows for client-side retries. When `RetryGracePeriodSeconds` is `0` , the grace period is disabled and a successful request immediately invalidates the submitted refresh token.", + "title": "RetryGracePeriodSeconds", + "type": "number" } }, "type": "object" }, - "AWS::CustomerProfiles::ObjectType.ObjectTypeField": { + "AWS::Cognito::UserPoolClient.TokenValidityUnits": { "additionalProperties": false, "properties": { - "ContentType": { - "markdownDescription": "The content type of the field. Used for determining equality when searching.", - "title": "ContentType", + "AccessToken": { + "markdownDescription": "A time unit for the value that you set in the `AccessTokenValidity` parameter. The default `AccessTokenValidity` time unit is `hours` . `AccessTokenValidity` duration can range from five minutes to one day.", + "title": "AccessToken", "type": "string" }, - "Source": { - "markdownDescription": "A field of a ProfileObject. For example: _source.FirstName, where \u201c_source\u201d is a ProfileObjectType of a Zendesk user and \u201cFirstName\u201d is a field in that ObjectType.", - "title": "Source", + "IdToken": { + "markdownDescription": "A time unit for the value that you set in the `IdTokenValidity` parameter. The default `IdTokenValidity` time unit is `hours` . `IdTokenValidity` duration can range from five minutes to one day.", + "title": "IdToken", "type": "string" }, - "Target": { - "markdownDescription": "The location of the data in the standard ProfileObject model. For example: _profile.Address.PostalCode.", - "title": "Target", + "RefreshToken": { + "markdownDescription": "A time unit for the value that you set in the `RefreshTokenValidity` parameter. The default `RefreshTokenValidity` time unit is `days` . `RefreshTokenValidity` duration can range from 60 minutes to 10 years.", + "title": "RefreshToken", "type": "string" } }, "type": "object" }, - "AWS::CustomerProfiles::ObjectType.ObjectTypeKey": { - "additionalProperties": false, - "properties": { - "FieldNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The reference for the key name of the fields map.", - "title": "FieldNames", - "type": "array" - }, - "StandardIdentifiers": { - "items": { - "type": "string" - }, - "markdownDescription": "The types of keys that a ProfileObject can have. Each ProfileObject can have only 1 UNIQUE key but multiple PROFILE keys. PROFILE means that this key can be used to tie an object to a PROFILE. UNIQUE means that it can be used to uniquely identify an object. If a key a is marked as SECONDARY, it will be used to search for profiles after all other PROFILE keys have been searched. A LOOKUP_ONLY key is only used to match a profile but is not persisted to be used for searching of the profile. A NEW_ONLY key is only used if the profile does not already exist before the object is ingested, otherwise it is only used for matching objects to profiles.", - "title": "StandardIdentifiers", - "type": "array" - } - }, - "type": "object" - }, - "AWS::DAX::Cluster": { + "AWS::Cognito::UserPoolDomain": { "additionalProperties": false, "properties": { "Condition": { @@ -55096,93 +61106,36 @@ "Properties": { "additionalProperties": false, "properties": { - "AvailabilityZones": { - "items": { - "type": "string" - }, - "markdownDescription": "The Availability Zones (AZs) in which the cluster nodes will reside after the cluster has been created or updated. If provided, the length of this list must equal the `ReplicationFactor` parameter. If you omit this parameter, DAX will spread the nodes across Availability Zones for the highest availability.", - "title": "AvailabilityZones", - "type": "array" + "CustomDomainConfig": { + "$ref": "#/definitions/AWS::Cognito::UserPoolDomain.CustomDomainConfigType", + "markdownDescription": "The configuration for a custom domain that hosts the sign-up and sign-in pages for your application. Use this object to specify an SSL certificate that is managed by ACM.\n\nWhen you create a custom domain, the passkey RP ID defaults to the custom domain. If you had a prefix domain active, this will cause passkey integration for your prefix domain to stop working due to a mismatch in RP ID. To keep the prefix domain passkey integration working, you can explicitly set RP ID to the prefix domain.", + "title": "CustomDomainConfig" }, - "ClusterEndpointEncryptionType": { - "markdownDescription": "The encryption type of the cluster's endpoint. Available values are:\n\n- `NONE` - The cluster's endpoint will be unencrypted.\n- `TLS` - The cluster's endpoint will be encrypted with Transport Layer Security, and will provide an x509 certificate for authentication.\n\nThe default value is `NONE` .", - "title": "ClusterEndpointEncryptionType", - "type": "string" - }, - "ClusterName": { - "markdownDescription": "The name of the DAX cluster.", - "title": "ClusterName", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the cluster.", - "title": "Description", - "type": "string" - }, - "IAMRoleARN": { - "markdownDescription": "A valid Amazon Resource Name (ARN) that identifies an IAM role. At runtime, DAX will assume this role and use the role's permissions to access DynamoDB on your behalf.", - "title": "IAMRoleARN", - "type": "string" - }, - "NodeType": { - "markdownDescription": "The node type for the nodes in the cluster. (All nodes in a DAX cluster are of the same type.)", - "title": "NodeType", - "type": "string" - }, - "NotificationTopicARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to which notifications will be sent.\n\n> The Amazon SNS topic owner must be same as the DAX cluster owner.", - "title": "NotificationTopicARN", - "type": "string" - }, - "ParameterGroupName": { - "markdownDescription": "The parameter group to be associated with the DAX cluster.", - "title": "ParameterGroupName", - "type": "string" - }, - "PreferredMaintenanceWindow": { - "markdownDescription": "A range of time when maintenance of DAX cluster software will be performed. For example: `sun:01:00-sun:09:00` . Cluster maintenance normally takes less than 30 minutes, and is performed automatically within the maintenance window.", - "title": "PreferredMaintenanceWindow", + "Domain": { + "markdownDescription": "The name of the domain that you want to update. For custom domains, this is the fully-qualified domain name, for example `auth.example.com` . For prefix domains, this is the prefix alone, such as `myprefix` .", + "title": "Domain", "type": "string" }, - "ReplicationFactor": { - "markdownDescription": "The number of nodes in the DAX cluster. A replication factor of 1 will create a single-node cluster, without any read replicas. For additional fault tolerance, you can create a multiple node cluster with one or more read replicas. To do this, set `ReplicationFactor` to a number between 3 (one primary and two read replicas) and 10 (one primary and nine read replicas). `If the AvailabilityZones` parameter is provided, its length must equal the `ReplicationFactor` .\n\n> AWS recommends that you have at least two read replicas per cluster.", - "title": "ReplicationFactor", + "ManagedLoginVersion": { + "markdownDescription": "A version number that indicates the state of managed login for your domain. Version `1` is hosted UI (classic). Version `2` is the newer managed login with the branding editor. For more information, see [Managed login](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-managed-login.html) .", + "title": "ManagedLoginVersion", "type": "number" }, - "SSESpecification": { - "$ref": "#/definitions/AWS::DAX::Cluster.SSESpecification", - "markdownDescription": "Represents the settings used to enable server-side encryption on the cluster.", - "title": "SSESpecification" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of security group IDs to be assigned to each node in the DAX cluster. (Each of the security group ID is system-generated.)\n\nIf this parameter is not specified, DAX assigns the default VPC security group to each node.", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetGroupName": { - "markdownDescription": "The name of the subnet group to be used for the replication group.\n\n> DAX clusters can only run in an Amazon VPC environment. All of the subnets that you specify in a subnet group must exist in the same VPC.", - "title": "SubnetGroupName", + "UserPoolId": { + "markdownDescription": "The ID of the user pool that is associated with the domain you're updating.", + "title": "UserPoolId", "type": "string" - }, - "Tags": { - "markdownDescription": "A set of tags to associate with the DAX cluster.", - "title": "Tags", - "type": "object" } }, "required": [ - "IAMRoleARN", - "NodeType", - "ReplicationFactor" + "Domain", + "UserPoolId" ], "type": "object" }, "Type": { "enum": [ - "AWS::DAX::Cluster" + "AWS::Cognito::UserPoolDomain" ], "type": "string" }, @@ -55201,18 +61154,18 @@ ], "type": "object" }, - "AWS::DAX::Cluster.SSESpecification": { + "AWS::Cognito::UserPoolDomain.CustomDomainConfigType": { "additionalProperties": false, "properties": { - "SSEEnabled": { - "markdownDescription": "Indicates whether server-side encryption is enabled (true) or disabled (false) on the cluster.", - "title": "SSEEnabled", - "type": "boolean" + "CertificateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Certificate Manager SSL certificate. You use this certificate for the subdomain of your custom domain.", + "title": "CertificateArn", + "type": "string" } }, "type": "object" }, - "AWS::DAX::ParameterGroup": { + "AWS::Cognito::UserPoolGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -55248,26 +61201,39 @@ "additionalProperties": false, "properties": { "Description": { - "markdownDescription": "A description of the parameter group.", + "markdownDescription": "A description of the group that you're creating.", "title": "Description", "type": "string" }, - "ParameterGroupName": { - "markdownDescription": "The name of the parameter group.", - "title": "ParameterGroupName", + "GroupName": { + "markdownDescription": "A name for the group. This name must be unique in your user pool.", + "title": "GroupName", "type": "string" }, - "ParameterNameValues": { - "markdownDescription": "An array of name-value pairs for the parameters in the group. Each element in the array represents a single parameter.\n\n> `record-ttl-millis` and `query-ttl-millis` are the only supported parameter names. For more details, see [Configuring TTL Settings](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/DAX.cluster-management.html#DAX.cluster-management.custom-settings.ttl) .", - "title": "ParameterNameValues", - "type": "object" + "Precedence": { + "markdownDescription": "A non-negative integer value that specifies the precedence of this group relative to the other groups that a user can belong to in the user pool. Zero is the highest precedence value. Groups with lower `Precedence` values take precedence over groups with higher or null `Precedence` values. If a user belongs to two or more groups, it is the group with the lowest precedence value whose role ARN is given in the user's tokens for the `cognito:roles` and `cognito:preferred_role` claims.\n\nTwo groups can have the same `Precedence` value. If this happens, neither group takes precedence over the other. If two groups with the same `Precedence` have the same role ARN, that role is used in the `cognito:preferred_role` claim in tokens for users in each group. If the two groups have different role ARNs, the `cognito:preferred_role` claim isn't set in users' tokens.\n\nThe default `Precedence` value is null. The maximum `Precedence` value is `2^31-1` .", + "title": "Precedence", + "type": "number" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the IAM role that you want to associate with the group. A group role primarily declares a preferred role for the credentials that you get from an identity pool. Amazon Cognito ID tokens have a `cognito:preferred_role` claim that presents the highest-precedence group that a user belongs to. Both ID and access tokens also contain a `cognito:groups` claim that list all the groups that a user is a member of.", + "title": "RoleArn", + "type": "string" + }, + "UserPoolId": { + "markdownDescription": "The ID of the user pool where you want to create a user group.", + "title": "UserPoolId", + "type": "string" } }, + "required": [ + "UserPoolId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::DAX::ParameterGroup" + "AWS::Cognito::UserPoolGroup" ], "type": "string" }, @@ -55281,11 +61247,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::DAX::SubnetGroup": { + "AWS::Cognito::UserPoolIdentityProvider": { "additionalProperties": false, "properties": { "Condition": { @@ -55320,33 +61287,63 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the subnet group.", - "title": "Description", - "type": "string" - }, - "SubnetGroupName": { - "markdownDescription": "The name of the subnet group.", - "title": "SubnetGroupName", - "type": "string" + "AttributeMapping": { + "additionalProperties": true, + "markdownDescription": "A mapping of IdP attributes to standard and custom user pool attributes. Specify a user pool attribute as the key of the key-value pair, and the IdP attribute claim name as the value.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AttributeMapping", + "type": "object" }, - "SubnetIds": { + "IdpIdentifiers": { "items": { "type": "string" }, - "markdownDescription": "A list of VPC subnet IDs for the subnet group.", - "title": "SubnetIds", + "markdownDescription": "An array of IdP identifiers, for example `\"IdPIdentifiers\": [ \"MyIdP\", \"MyIdP2\" ]` . Identifiers are friendly names that you can pass in the `idp_identifier` query parameter of requests to the [Authorize endpoint](https://docs.aws.amazon.com/cognito/latest/developerguide/authorization-endpoint.html) to silently redirect to sign-in with the associated IdP. Identifiers in a domain format also enable the use of [email-address matching with SAML providers](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-managing-saml-idp-naming.html) .", + "title": "IdpIdentifiers", "type": "array" + }, + "ProviderDetails": { + "additionalProperties": true, + "markdownDescription": "The scopes, URLs, and identifiers for your external identity provider. The following\nexamples describe the provider detail keys for each IdP type. These values and their\nschema are subject to change. Social IdP `authorize_scopes` values must match\nthe values listed here.\n\n- **OpenID Connect (OIDC)** - Amazon Cognito accepts the following elements when it can't discover endpoint URLs from `oidc_issuer` : `attributes_url` , `authorize_url` , `jwks_uri` , `token_url` .\n\nCreate or update request: `\"ProviderDetails\": { \"attributes_request_method\": \"GET\", \"attributes_url\": \"https://auth.example.com/userInfo\", \"authorize_scopes\": \"openid profile email\", \"authorize_url\": \"https://auth.example.com/authorize\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"jwks_uri\": \"https://auth.example.com/.well-known/jwks.json\", \"oidc_issuer\": \"https://auth.example.com\", \"token_url\": \"https://example.com/token\" }`\n\nDescribe response: `\"ProviderDetails\": { \"attributes_request_method\": \"GET\", \"attributes_url\": \"https://auth.example.com/userInfo\", \"attributes_url_add_attributes\": \"false\", \"authorize_scopes\": \"openid profile email\", \"authorize_url\": \"https://auth.example.com/authorize\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"jwks_uri\": \"https://auth.example.com/.well-known/jwks.json\", \"oidc_issuer\": \"https://auth.example.com\", \"token_url\": \"https://example.com/token\" }`\n- **SAML** - Create or update request with Metadata URL: `\"ProviderDetails\": { \"IDPInit\": \"true\", \"IDPSignout\": \"true\", \"EncryptedResponses\" : \"true\", \"MetadataURL\": \"https://auth.example.com/sso/saml/metadata\", \"RequestSigningAlgorithm\": \"rsa-sha256\" }`\n\nCreate or update request with Metadata file: `\"ProviderDetails\": { \"IDPInit\": \"true\", \"IDPSignout\": \"true\", \"EncryptedResponses\" : \"true\", \"MetadataFile\": \"[metadata XML]\", \"RequestSigningAlgorithm\": \"rsa-sha256\" }`\n\nThe value of `MetadataFile` must be the plaintext metadata document with all quote (\") characters escaped by backslashes.\n\nDescribe response: `\"ProviderDetails\": { \"IDPInit\": \"true\", \"IDPSignout\": \"true\", \"EncryptedResponses\" : \"true\", \"ActiveEncryptionCertificate\": \"[certificate]\", \"MetadataURL\": \"https://auth.example.com/sso/saml/metadata\", \"RequestSigningAlgorithm\": \"rsa-sha256\", \"SLORedirectBindingURI\": \"https://auth.example.com/slo/saml\", \"SSORedirectBindingURI\": \"https://auth.example.com/sso/saml\" }`\n- **LoginWithAmazon** - Create or update request: `\"ProviderDetails\": { \"authorize_scopes\": \"profile postal_code\", \"client_id\": \"amzn1.application-oa2-client.1example23456789\", \"client_secret\": \"provider-app-client-secret\"`\n\nDescribe response: `\"ProviderDetails\": { \"attributes_url\": \"https://api.amazon.com/user/profile\", \"attributes_url_add_attributes\": \"false\", \"authorize_scopes\": \"profile postal_code\", \"authorize_url\": \"https://www.amazon.com/ap/oa\", \"client_id\": \"amzn1.application-oa2-client.1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"token_request_method\": \"POST\", \"token_url\": \"https://api.amazon.com/auth/o2/token\" }`\n- **Google** - Create or update request: `\"ProviderDetails\": { \"authorize_scopes\": \"email profile openid\", \"client_id\": \"1example23456789.apps.googleusercontent.com\", \"client_secret\": \"provider-app-client-secret\" }`\n\nDescribe response: `\"ProviderDetails\": { \"attributes_url\": \"https://people.googleapis.com/v1/people/me?personFields=\", \"attributes_url_add_attributes\": \"true\", \"authorize_scopes\": \"email profile openid\", \"authorize_url\": \"https://accounts.google.com/o/oauth2/v2/auth\", \"client_id\": \"1example23456789.apps.googleusercontent.com\", \"client_secret\": \"provider-app-client-secret\", \"oidc_issuer\": \"https://accounts.google.com\", \"token_request_method\": \"POST\", \"token_url\": \"https://www.googleapis.com/oauth2/v4/token\" }`\n- **SignInWithApple** - Create or update request: `\"ProviderDetails\": { \"authorize_scopes\": \"email name\", \"client_id\": \"com.example.cognito\", \"private_key\": \"1EXAMPLE\", \"key_id\": \"2EXAMPLE\", \"team_id\": \"3EXAMPLE\" }`\n\nDescribe response: `\"ProviderDetails\": { \"attributes_url_add_attributes\": \"false\", \"authorize_scopes\": \"email name\", \"authorize_url\": \"https://appleid.apple.com/auth/authorize\", \"client_id\": \"com.example.cognito\", \"key_id\": \"1EXAMPLE\", \"oidc_issuer\": \"https://appleid.apple.com\", \"team_id\": \"2EXAMPLE\", \"token_request_method\": \"POST\", \"token_url\": \"https://appleid.apple.com/auth/token\" }`\n- **Facebook** - Create or update request: `\"ProviderDetails\": { \"api_version\": \"v17.0\", \"authorize_scopes\": \"public_profile, email\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\" }`\n\nDescribe response: `\"ProviderDetails\": { \"api_version\": \"v17.0\", \"attributes_url\": \"https://graph.facebook.com/v17.0/me?fields=\", \"attributes_url_add_attributes\": \"true\", \"authorize_scopes\": \"public_profile, email\", \"authorize_url\": \"https://www.facebook.com/v17.0/dialog/oauth\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"token_request_method\": \"GET\", \"token_url\": \"https://graph.facebook.com/v17.0/oauth/access_token\" }`", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "ProviderDetails", + "type": "object" + }, + "ProviderName": { + "markdownDescription": "The name that you want to assign to the IdP. You can pass the identity provider name in the `identity_provider` query parameter of requests to the [Authorize endpoint](https://docs.aws.amazon.com/cognito/latest/developerguide/authorization-endpoint.html) to silently redirect to sign-in with the associated IdP.", + "title": "ProviderName", + "type": "string" + }, + "ProviderType": { + "markdownDescription": "The type of IdP that you want to add. Amazon Cognito supports OIDC, SAML 2.0, Login With Amazon, Sign In With Apple, Google, and Facebook IdPs.", + "title": "ProviderType", + "type": "string" + }, + "UserPoolId": { + "markdownDescription": "The Id of the user pool where you want to create an IdP.", + "title": "UserPoolId", + "type": "string" } }, "required": [ - "SubnetIds" + "ProviderDetails", + "ProviderName", + "ProviderType", + "UserPoolId" ], "type": "object" }, "Type": { "enum": [ - "AWS::DAX::SubnetGroup" + "AWS::Cognito::UserPoolIdentityProvider" ], "type": "string" }, @@ -55365,7 +61362,7 @@ ], "type": "object" }, - "AWS::DLM::LifecyclePolicy": { + "AWS::Cognito::UserPoolResourceServer": { "additionalProperties": false, "properties": { "Condition": { @@ -55400,75 +61397,40 @@ "Properties": { "additionalProperties": false, "properties": { - "CopyTags": { - "markdownDescription": "*[Default policies only]* Indicates whether the policy should copy tags from the source resource to the snapshot or AMI. If you do not specify a value, the default is `false` .\n\nDefault: false", - "title": "CopyTags", - "type": "boolean" - }, - "CreateInterval": { - "markdownDescription": "*[Default policies only]* Specifies how often the policy should run and create snapshots or AMIs. The creation frequency can range from 1 to 7 days. If you do not specify a value, the default is 1.\n\nDefault: 1", - "title": "CreateInterval", - "type": "number" - }, - "CrossRegionCopyTargets": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyTargets", - "markdownDescription": "*[Default policies only]* Specifies destination Regions for snapshot or AMI copies. You can specify up to 3 destination Regions. If you do not want to create cross-Region copies, omit this parameter.", - "title": "CrossRegionCopyTargets" - }, - "DefaultPolicy": { - "markdownDescription": "*[Default policies only]* Specify the type of default policy to create.\n\n- To create a default policy for EBS snapshots, that creates snapshots of all volumes in the Region that do not have recent backups, specify `VOLUME` .\n- To create a default policy for EBS-backed AMIs, that creates EBS-backed AMIs from all instances in the Region that do not have recent backups, specify `INSTANCE` .", - "title": "DefaultPolicy", - "type": "string" - }, - "Description": { - "markdownDescription": "A description of the lifecycle policy. The characters ^[0-9A-Za-z _-]+$ are supported.", - "title": "Description", - "type": "string" - }, - "Exclusions": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Exclusions", - "markdownDescription": "*[Default policies only]* Specifies exclusion parameters for volumes or instances for which you do not want to create snapshots or AMIs. The policy will not create snapshots or AMIs for target resources that match any of the specified exclusion parameters.", - "title": "Exclusions" - }, - "ExecutionRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role used to run the operations specified by the lifecycle policy.", - "title": "ExecutionRoleArn", + "Identifier": { + "markdownDescription": "A unique resource server identifier for the resource server. The identifier can be an API friendly name like `solar-system-data` . You can also set an API URL like `https://solar-system-data-api.example.com` as your identifier.\n\nAmazon Cognito represents scopes in the access token in the format `$resource-server-identifier/$scope` . Longer scope-identifier strings increase the size of your access tokens.", + "title": "Identifier", "type": "string" }, - "ExtendDeletion": { - "markdownDescription": "*[Default policies only]* Defines the snapshot or AMI retention behavior for the policy if the source volume or instance is deleted, or if the policy enters the error, disabled, or deleted state.\n\nBy default ( *ExtendDeletion=false* ):\n\n- If a source resource is deleted, Amazon Data Lifecycle Manager will continue to delete previously created snapshots or AMIs, up to but not including the last one, based on the specified retention period. If you want Amazon Data Lifecycle Manager to delete all snapshots or AMIs, including the last one, specify `true` .\n- If a policy enters the error, disabled, or deleted state, Amazon Data Lifecycle Manager stops deleting snapshots and AMIs. If you want Amazon Data Lifecycle Manager to continue deleting snapshots or AMIs, including the last one, if the policy enters one of these states, specify `true` .\n\nIf you enable extended deletion ( *ExtendDeletion=true* ), you override both default behaviors simultaneously.\n\nIf you do not specify a value, the default is `false` .\n\nDefault: false", - "title": "ExtendDeletion", - "type": "boolean" - }, - "PolicyDetails": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.PolicyDetails", - "markdownDescription": "The configuration details of the lifecycle policy.\n\n> If you create a default policy, you can specify the request parameters either in the request body, or in the PolicyDetails request structure, but not both.", - "title": "PolicyDetails" - }, - "RetainInterval": { - "markdownDescription": "*[Default policies only]* Specifies how long the policy should retain snapshots or AMIs before deleting them. The retention period can range from 2 to 14 days, but it must be greater than the creation frequency to ensure that the policy retains at least 1 snapshot or AMI at any given time. If you do not specify a value, the default is 7.\n\nDefault: 7", - "title": "RetainInterval", - "type": "number" - }, - "State": { - "markdownDescription": "The activation state of the lifecycle policy.", - "title": "State", + "Name": { + "markdownDescription": "A friendly name for the resource server.", + "title": "Name", "type": "string" }, - "Tags": { + "Scopes": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Cognito::UserPoolResourceServer.ResourceServerScopeType" }, - "markdownDescription": "The tags to apply to the lifecycle policy during creation.", - "title": "Tags", + "markdownDescription": "A list of scopes. Each scope is a map with keys `ScopeName` and `ScopeDescription` .", + "title": "Scopes", "type": "array" + }, + "UserPoolId": { + "markdownDescription": "The ID of the user pool where you want to create a resource server.", + "title": "UserPoolId", + "type": "string" } }, + "required": [ + "Identifier", + "Name", + "UserPoolId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::DLM::LifecyclePolicy" + "AWS::Cognito::UserPoolResourceServer" ], "type": "string" }, @@ -55482,682 +61444,301 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::DLM::LifecyclePolicy.Action": { + "AWS::Cognito::UserPoolResourceServer.ResourceServerScopeType": { "additionalProperties": false, "properties": { - "CrossRegionCopy": { - "items": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyAction" - }, - "markdownDescription": "The rule for copying shared snapshots across Regions.", - "title": "CrossRegionCopy", - "type": "array" + "ScopeDescription": { + "markdownDescription": "A friendly description of a custom scope.", + "title": "ScopeDescription", + "type": "string" }, - "Name": { - "markdownDescription": "A descriptive name for the action.", - "title": "Name", + "ScopeName": { + "markdownDescription": "The name of the scope. Amazon Cognito renders custom scopes in the format `resourceServerIdentifier/ScopeName` . For example, if this parameter is `exampleScope` in the resource server with the identifier `exampleResourceServer` , you request and receive the scope `exampleResourceServer/exampleScope` .", + "title": "ScopeName", "type": "string" } }, "required": [ - "CrossRegionCopy", - "Name" - ], - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.ArchiveRetainRule": { - "additionalProperties": false, - "properties": { - "RetentionArchiveTier": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.RetentionArchiveTier", - "markdownDescription": "Information about retention period in the Amazon EBS Snapshots Archive. For more information, see [Archive Amazon EBS snapshots](https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/snapshot-archive.html) .", - "title": "RetentionArchiveTier" - } - }, - "required": [ - "RetentionArchiveTier" - ], - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.ArchiveRule": { - "additionalProperties": false, - "properties": { - "RetainRule": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.ArchiveRetainRule", - "markdownDescription": "Information about the retention period for the snapshot archiving rule.", - "title": "RetainRule" - } - }, - "required": [ - "RetainRule" + "ScopeDescription", + "ScopeName" ], "type": "object" }, - "AWS::DLM::LifecyclePolicy.CreateRule": { + "AWS::Cognito::UserPoolRiskConfigurationAttachment": { "additionalProperties": false, "properties": { - "CronExpression": { - "markdownDescription": "The schedule, as a Cron expression. The schedule interval must be between 1 hour and 1 year. For more information, see the [Cron and rate expressions](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-scheduled-rule-pattern.html) in the *Amazon EventBridge User Guide* .", - "title": "CronExpression", + "Condition": { "type": "string" }, - "Interval": { - "markdownDescription": "The interval between snapshots. The supported values are 1, 2, 3, 4, 6, 8, 12, and 24.", - "title": "Interval", - "type": "number" - }, - "IntervalUnit": { - "markdownDescription": "The interval unit.", - "title": "IntervalUnit", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Location": { - "markdownDescription": "*[Custom snapshot policies only]* Specifies the destination for snapshots created by the policy. The allowed destinations depend on the location of the targeted resources.\n\n- If the policy targets resources in a Region, then you must create snapshots in the same Region as the source resource.\n- If the policy targets resources in a Local Zone, you can create snapshots in the same Local Zone or in its parent Region.\n- If the policy targets resources on an Outpost, then you can create snapshots on the same Outpost or in its parent Region.\n\nSpecify one of the following values:\n\n- To create snapshots in the same Region as the source resource, specify `CLOUD` .\n- To create snapshots in the same Local Zone as the source resource, specify `LOCAL_ZONE` .\n- To create snapshots on the same Outpost as the source resource, specify `OUTPOST_LOCAL` .\n\nDefault: `CLOUD`", - "title": "Location", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Scripts": { - "items": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Script" - }, - "markdownDescription": "*[Custom snapshot policies that target instances only]* Specifies pre and/or post scripts for a snapshot lifecycle policy that targets instances. This is useful for creating application-consistent snapshots, or for performing specific administrative tasks before or after Amazon Data Lifecycle Manager initiates snapshot creation.\n\nFor more information, see [Automating application-consistent snapshots with pre and post scripts](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/automate-app-consistent-backups.html) .", - "title": "Scripts", - "type": "array" + "Metadata": { + "type": "object" }, - "Times": { - "items": { - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "AccountTakeoverRiskConfiguration": { + "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverRiskConfigurationType", + "markdownDescription": "The settings for automated responses and notification templates for adaptive authentication with threat protection.", + "title": "AccountTakeoverRiskConfiguration" + }, + "ClientId": { + "markdownDescription": "The app client where this configuration is applied. When this parameter isn't present, the risk configuration applies to all user pool app clients that don't have client-level settings.", + "title": "ClientId", + "type": "string" + }, + "CompromisedCredentialsRiskConfiguration": { + "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.CompromisedCredentialsRiskConfigurationType", + "markdownDescription": "Settings for compromised-credentials actions and authentication types with threat protection in full-function `ENFORCED` mode.", + "title": "CompromisedCredentialsRiskConfiguration" + }, + "RiskExceptionConfiguration": { + "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.RiskExceptionConfigurationType", + "markdownDescription": "Exceptions to the risk evaluation configuration, including always-allow and always-block IP address ranges.", + "title": "RiskExceptionConfiguration" + }, + "UserPoolId": { + "markdownDescription": "The ID of the user pool that has the risk configuration applied.", + "title": "UserPoolId", + "type": "string" + } }, - "markdownDescription": "The time, in UTC, to start the operation. The supported format is hh:mm.\n\nThe operation occurs within a one-hour window following the specified time. If you do not specify a time, Amazon Data Lifecycle Manager selects a time within the next 24 hours.", - "title": "Times", - "type": "array" - } - }, - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.CrossRegionCopyAction": { - "additionalProperties": false, - "properties": { - "EncryptionConfiguration": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.EncryptionConfiguration", - "markdownDescription": "The encryption settings for the copied snapshot.", - "title": "EncryptionConfiguration" - }, - "RetainRule": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyRetainRule", - "markdownDescription": "Specifies a retention rule for cross-Region snapshot copies created by snapshot or event-based policies, or cross-Region AMI copies created by AMI policies. After the retention period expires, the cross-Region copy is deleted.", - "title": "RetainRule" - }, - "Target": { - "markdownDescription": "The target Region.", - "title": "Target", - "type": "string" - } - }, - "required": [ - "EncryptionConfiguration", - "Target" - ], - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.CrossRegionCopyDeprecateRule": { - "additionalProperties": false, - "properties": { - "Interval": { - "markdownDescription": "The period after which to deprecate the cross-Region AMI copies. The period must be less than or equal to the cross-Region AMI copy retention period, and it can't be greater than 10 years. This is equivalent to 120 months, 520 weeks, or 3650 days.", - "title": "Interval", - "type": "number" + "required": [ + "ClientId", + "UserPoolId" + ], + "type": "object" }, - "IntervalUnit": { - "markdownDescription": "The unit of time in which to measure the *Interval* . For example, to deprecate a cross-Region AMI copy after 3 months, specify `Interval=3` and `IntervalUnit=MONTHS` .", - "title": "IntervalUnit", + "Type": { + "enum": [ + "AWS::Cognito::UserPoolRiskConfigurationAttachment" + ], "type": "string" - } - }, - "required": [ - "Interval", - "IntervalUnit" - ], - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.CrossRegionCopyRetainRule": { - "additionalProperties": false, - "properties": { - "Interval": { - "markdownDescription": "The amount of time to retain a cross-Region snapshot or AMI copy. The maximum is 100 years. This is equivalent to 1200 months, 5200 weeks, or 36500 days.", - "title": "Interval", - "type": "number" }, - "IntervalUnit": { - "markdownDescription": "The unit of time for time-based retention. For example, to retain a cross-Region copy for 3 months, specify `Interval=3` and `IntervalUnit=MONTHS` .", - "title": "IntervalUnit", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Interval", - "IntervalUnit" + "Type", + "Properties" ], "type": "object" }, - "AWS::DLM::LifecyclePolicy.CrossRegionCopyRule": { + "AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionType": { "additionalProperties": false, "properties": { - "CmkArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key to use for EBS encryption. If this parameter is not specified, the default KMS key for the account is used.", - "title": "CmkArn", + "EventAction": { + "markdownDescription": "The action to take for the attempted account takeover action for the associated risk level. Valid values are as follows:\n\n- `BLOCK` : Block the request.\n- `MFA_IF_CONFIGURED` : Present an MFA challenge if possible. MFA is possible if the user pool has active MFA methods that the user can set up. For example, if the user pool only supports SMS message MFA but the user doesn't have a phone number attribute, MFA setup isn't possible. If MFA setup isn't possible, allow the request.\n- `MFA_REQUIRED` : Present an MFA challenge if possible. Block the request if a user hasn't set up MFA. To sign in with required MFA, users must have an email address or phone number attribute, or a registered TOTP factor.\n- `NO_ACTION` : Take no action. Permit sign-in.", + "title": "EventAction", "type": "string" }, - "CopyTags": { - "markdownDescription": "Indicates whether to copy all user-defined tags from the source snapshot or AMI to the cross-Region copy.", - "title": "CopyTags", - "type": "boolean" - }, - "DeprecateRule": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyDeprecateRule", - "markdownDescription": "*[Custom AMI policies only]* The AMI deprecation rule for cross-Region AMI copies created by the rule.", - "title": "DeprecateRule" - }, - "Encrypted": { - "markdownDescription": "To encrypt a copy of an unencrypted snapshot if encryption by default is not enabled, enable encryption using this parameter. Copies of encrypted snapshots are encrypted, even if this parameter is false or if encryption by default is not enabled.", - "title": "Encrypted", + "Notify": { + "markdownDescription": "Determines whether Amazon Cognito sends a user a notification message when your user pools assesses a user's session at the associated risk level.", + "title": "Notify", "type": "boolean" - }, - "RetainRule": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyRetainRule", - "markdownDescription": "The retention rule that indicates how long the cross-Region snapshot or AMI copies are to be retained in the destination Region.", - "title": "RetainRule" - }, - "Target": { - "markdownDescription": "> Use this parameter for snapshot policies only. For AMI policies, use *TargetRegion* instead. \n\n*[Custom snapshot policies only]* The target Region or the Amazon Resource Name (ARN) of the target Outpost for the snapshot copies.", - "title": "Target", - "type": "string" - }, - "TargetRegion": { - "markdownDescription": "> Use this parameter for AMI policies only. For snapshot policies, use *Target* instead. For snapshot policies created before the *Target* parameter was introduced, this parameter indicates the target Region for snapshot copies. \n\n*[Custom AMI policies only]* The target Region or the Amazon Resource Name (ARN) of the target Outpost for the snapshot copies.", - "title": "TargetRegion", - "type": "string" } }, "required": [ - "Encrypted" + "EventAction", + "Notify" ], "type": "object" }, - "AWS::DLM::LifecyclePolicy.CrossRegionCopyTarget": { - "additionalProperties": false, - "properties": { - "TargetRegion": { - "type": "string" - } - }, - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.CrossRegionCopyTargets": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.DeprecateRule": { + "AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionsType": { "additionalProperties": false, "properties": { - "Count": { - "markdownDescription": "If the schedule has a count-based retention rule, this parameter specifies the number of oldest AMIs to deprecate. The count must be less than or equal to the schedule's retention count, and it can't be greater than 1000.", - "title": "Count", - "type": "number" - }, - "Interval": { - "markdownDescription": "If the schedule has an age-based retention rule, this parameter specifies the period after which to deprecate AMIs created by the schedule. The period must be less than or equal to the schedule's retention period, and it can't be greater than 10 years. This is equivalent to 120 months, 520 weeks, or 3650 days.", - "title": "Interval", - "type": "number" + "HighAction": { + "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionType", + "markdownDescription": "The action that you assign to a high-risk assessment by threat protection.", + "title": "HighAction" }, - "IntervalUnit": { - "markdownDescription": "The unit of time in which to measure the *Interval* .", - "title": "IntervalUnit", - "type": "string" - } - }, - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.EncryptionConfiguration": { - "additionalProperties": false, - "properties": { - "CmkArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key to use for EBS encryption. If this parameter is not specified, the default KMS key for the account is used.", - "title": "CmkArn", - "type": "string" + "LowAction": { + "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionType", + "markdownDescription": "The action that you assign to a low-risk assessment by threat protection.", + "title": "LowAction" }, - "Encrypted": { - "markdownDescription": "To encrypt a copy of an unencrypted snapshot when encryption by default is not enabled, enable encryption using this parameter. Copies of encrypted snapshots are encrypted, even if this parameter is false or when encryption by default is not enabled.", - "title": "Encrypted", - "type": "boolean" + "MediumAction": { + "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionType", + "markdownDescription": "The action that you assign to a medium-risk assessment by threat protection.", + "title": "MediumAction" } }, - "required": [ - "Encrypted" - ], "type": "object" }, - "AWS::DLM::LifecyclePolicy.EventParameters": { + "AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverRiskConfigurationType": { "additionalProperties": false, "properties": { - "DescriptionRegex": { - "markdownDescription": "The snapshot description that can trigger the policy. The description pattern is specified using a regular expression. The policy runs only if a snapshot with a description that matches the specified pattern is shared with your account.\n\nFor example, specifying `^.*Created for policy: policy-1234567890abcdef0.*$` configures the policy to run only if snapshots created by policy `policy-1234567890abcdef0` are shared with your account.", - "title": "DescriptionRegex", - "type": "string" - }, - "EventType": { - "markdownDescription": "The type of event. Currently, only snapshot sharing events are supported.", - "title": "EventType", - "type": "string" + "Actions": { + "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionsType", + "markdownDescription": "A list of account-takeover actions for each level of risk that Amazon Cognito might assess with threat protection.", + "title": "Actions" }, - "SnapshotOwner": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the AWS accounts that can trigger policy by sharing snapshots with your account. The policy only runs if one of the specified AWS accounts shares a snapshot with your account.", - "title": "SnapshotOwner", - "type": "array" + "NotifyConfiguration": { + "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyConfigurationType", + "markdownDescription": "The settings for composing and sending an email message when threat protection assesses a risk level with adaptive authentication. When you choose to notify users in `AccountTakeoverRiskConfiguration` , Amazon Cognito sends an email message using the method and template that you set with this data type.", + "title": "NotifyConfiguration" } }, "required": [ - "EventType", - "SnapshotOwner" + "Actions" ], "type": "object" }, - "AWS::DLM::LifecyclePolicy.EventSource": { + "AWS::Cognito::UserPoolRiskConfigurationAttachment.CompromisedCredentialsActionsType": { "additionalProperties": false, "properties": { - "Parameters": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.EventParameters", - "markdownDescription": "Information about the event.", - "title": "Parameters" - }, - "Type": { - "markdownDescription": "The source of the event. Currently only managed Amazon EventBridge (formerly known as Amazon CloudWatch) events are supported.", - "title": "Type", + "EventAction": { + "markdownDescription": "The action that Amazon Cognito takes when it detects compromised credentials.", + "title": "EventAction", "type": "string" } }, "required": [ - "Type" + "EventAction" ], "type": "object" }, - "AWS::DLM::LifecyclePolicy.ExcludeTags": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.ExcludeVolumeTypesList": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.Exclusions": { + "AWS::Cognito::UserPoolRiskConfigurationAttachment.CompromisedCredentialsRiskConfigurationType": { "additionalProperties": false, "properties": { - "ExcludeBootVolumes": { - "markdownDescription": "*[Default policies for EBS snapshots only]* Indicates whether to exclude volumes that are attached to instances as the boot volume. If you exclude boot volumes, only volumes attached as data (non-boot) volumes will be backed up by the policy. To exclude boot volumes, specify `true` .", - "title": "ExcludeBootVolumes", - "type": "boolean" - }, - "ExcludeTags": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.ExcludeTags", - "markdownDescription": "*[Default policies for EBS-backed AMIs only]* Specifies whether to exclude volumes that have specific tags.", - "title": "ExcludeTags" + "Actions": { + "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.CompromisedCredentialsActionsType", + "markdownDescription": "Settings for the actions that you want your user pool to take when Amazon Cognito detects compromised credentials.", + "title": "Actions" }, - "ExcludeVolumeTypes": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.ExcludeVolumeTypesList", - "markdownDescription": "*[Default policies for EBS snapshots only]* Specifies the volume types to exclude. Volumes of the specified types will not be targeted by the policy.", - "title": "ExcludeVolumeTypes" - } - }, - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.FastRestoreRule": { - "additionalProperties": false, - "properties": { - "AvailabilityZones": { + "EventFilter": { "items": { "type": "string" }, - "markdownDescription": "The Availability Zones in which to enable fast snapshot restore.", - "title": "AvailabilityZones", - "type": "array" - }, - "Count": { - "markdownDescription": "The number of snapshots to be enabled with fast snapshot restore.", - "title": "Count", - "type": "number" - }, - "Interval": { - "markdownDescription": "The amount of time to enable fast snapshot restore. The maximum is 100 years. This is equivalent to 1200 months, 5200 weeks, or 36500 days.", - "title": "Interval", - "type": "number" - }, - "IntervalUnit": { - "markdownDescription": "The unit of time for enabling fast snapshot restore.", - "title": "IntervalUnit", - "type": "string" - } - }, - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.Parameters": { - "additionalProperties": false, - "properties": { - "ExcludeBootVolume": { - "markdownDescription": "*[Custom snapshot policies that target instances only]* Indicates whether to exclude the root volume from multi-volume snapshot sets. The default is `false` . If you specify `true` , then the root volumes attached to targeted instances will be excluded from the multi-volume snapshot sets created by the policy.", - "title": "ExcludeBootVolume", - "type": "boolean" - }, - "ExcludeDataVolumeTags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "*[Custom snapshot policies that target instances only]* The tags used to identify data (non-root) volumes to exclude from multi-volume snapshot sets.\n\nIf you create a snapshot lifecycle policy that targets instances and you specify tags for this parameter, then data volumes with the specified tags that are attached to targeted instances will be excluded from the multi-volume snapshot sets created by the policy.", - "title": "ExcludeDataVolumeTags", + "markdownDescription": "Settings for the sign-in activity where you want to configure compromised-credentials actions. Defaults to all events.", + "title": "EventFilter", "type": "array" - }, - "NoReboot": { - "markdownDescription": "*[Custom AMI policies only]* Indicates whether targeted instances are rebooted when the lifecycle policy runs. `true` indicates that targeted instances are not rebooted when the policy runs. `false` indicates that target instances are rebooted when the policy runs. The default is `true` (instances are not rebooted).", - "title": "NoReboot", - "type": "boolean" } }, + "required": [ + "Actions" + ], "type": "object" }, - "AWS::DLM::LifecyclePolicy.PolicyDetails": { + "AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyConfigurationType": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Action" - }, - "markdownDescription": "*[Event-based policies only]* The actions to be performed when the event-based policy is activated. You can specify only one action per policy.", - "title": "Actions", - "type": "array" - }, - "CopyTags": { - "markdownDescription": "*[Default policies only]* Indicates whether the policy should copy tags from the source resource to the snapshot or AMI. If you do not specify a value, the default is `false` .\n\nDefault: false", - "title": "CopyTags", - "type": "boolean" - }, - "CreateInterval": { - "markdownDescription": "*[Default policies only]* Specifies how often the policy should run and create snapshots or AMIs. The creation frequency can range from 1 to 7 days. If you do not specify a value, the default is 1.\n\nDefault: 1", - "title": "CreateInterval", - "type": "number" - }, - "CrossRegionCopyTargets": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyTargets", - "markdownDescription": "*[Default policies only]* Specifies destination Regions for snapshot or AMI copies. You can specify up to 3 destination Regions. If you do not want to create cross-Region copies, omit this parameter.", - "title": "CrossRegionCopyTargets" - }, - "EventSource": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.EventSource", - "markdownDescription": "*[Event-based policies only]* The event that activates the event-based policy.", - "title": "EventSource" - }, - "Exclusions": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Exclusions", - "markdownDescription": "*[Default policies only]* Specifies exclusion parameters for volumes or instances for which you do not want to create snapshots or AMIs. The policy will not create snapshots or AMIs for target resources that match any of the specified exclusion parameters.", - "title": "Exclusions" - }, - "ExtendDeletion": { - "markdownDescription": "*[Default policies only]* Defines the snapshot or AMI retention behavior for the policy if the source volume or instance is deleted, or if the policy enters the error, disabled, or deleted state.\n\nBy default ( *ExtendDeletion=false* ):\n\n- If a source resource is deleted, Amazon Data Lifecycle Manager will continue to delete previously created snapshots or AMIs, up to but not including the last one, based on the specified retention period. If you want Amazon Data Lifecycle Manager to delete all snapshots or AMIs, including the last one, specify `true` .\n- If a policy enters the error, disabled, or deleted state, Amazon Data Lifecycle Manager stops deleting snapshots and AMIs. If you want Amazon Data Lifecycle Manager to continue deleting snapshots or AMIs, including the last one, if the policy enters one of these states, specify `true` .\n\nIf you enable extended deletion ( *ExtendDeletion=true* ), you override both default behaviors simultaneously.\n\nIf you do not specify a value, the default is `false` .\n\nDefault: false", - "title": "ExtendDeletion", - "type": "boolean" - }, - "Parameters": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Parameters", - "markdownDescription": "*[Custom snapshot and AMI policies only]* A set of optional parameters for snapshot and AMI lifecycle policies.\n\n> If you are modifying a policy that was created or previously modified using the Amazon Data Lifecycle Manager console, then you must include this parameter and specify either the default values or the new values that you require. You can't omit this parameter or set its values to null.", - "title": "Parameters" + "BlockEmail": { + "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyEmailType", + "markdownDescription": "The template for the email message that your user pool sends when a detected risk event is blocked.", + "title": "BlockEmail" }, - "PolicyLanguage": { - "markdownDescription": "The type of policy to create. Specify one of the following:\n\n- `SIMPLIFIED` To create a default policy.\n- `STANDARD` To create a custom policy.", - "title": "PolicyLanguage", + "From": { + "markdownDescription": "The email address that sends the email message. The address must be either individually verified with Amazon Simple Email Service, or from a domain that has been verified with Amazon SES.", + "title": "From", "type": "string" }, - "PolicyType": { - "markdownDescription": "The type of policy. Specify `EBS_SNAPSHOT_MANAGEMENT` to create a lifecycle policy that manages the lifecycle of Amazon EBS snapshots. Specify `IMAGE_MANAGEMENT` to create a lifecycle policy that manages the lifecycle of EBS-backed AMIs. Specify `EVENT_BASED_POLICY` to create an event-based policy that performs specific actions when a defined event occurs in your AWS account .\n\nThe default is `EBS_SNAPSHOT_MANAGEMENT` .", - "title": "PolicyType", - "type": "string" + "MfaEmail": { + "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyEmailType", + "markdownDescription": "The template for the email message that your user pool sends when MFA is challenged in response to a detected risk.", + "title": "MfaEmail" }, - "ResourceLocations": { - "items": { - "type": "string" - }, - "markdownDescription": "*[Custom snapshot and AMI policies only]* The location of the resources to backup.\n\n- If the source resources are located in a Region, specify `CLOUD` . In this case, the policy targets all resources of the specified type with matching target tags across all Availability Zones in the Region.\n- *[Custom snapshot policies only]* If the source resources are located in a Local Zone, specify `LOCAL_ZONE` . In this case, the policy targets all resources of the specified type with matching target tags across all Local Zones in the Region.\n- If the source resources are located on an Outpost in your account, specify `OUTPOST` . In this case, the policy targets all resources of the specified type with matching target tags across all of the Outposts in your account.", - "title": "ResourceLocations", - "type": "array" + "NoActionEmail": { + "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyEmailType", + "markdownDescription": "The template for the email message that your user pool sends when no action is taken in response to a detected risk.", + "title": "NoActionEmail" }, - "ResourceType": { - "markdownDescription": "*[Default policies only]* Specify the type of default policy to create.\n\n- To create a default policy for EBS snapshots, that creates snapshots of all volumes in the Region that do not have recent backups, specify `VOLUME` .\n- To create a default policy for EBS-backed AMIs, that creates EBS-backed AMIs from all instances in the Region that do not have recent backups, specify `INSTANCE` .", - "title": "ResourceType", + "ReplyTo": { + "markdownDescription": "The reply-to email address of an email template.", + "title": "ReplyTo", "type": "string" }, - "ResourceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "*[Custom snapshot policies only]* The target resource type for snapshot and AMI lifecycle policies. Use `VOLUME` to create snapshots of individual volumes or use `INSTANCE` to create multi-volume snapshots from the volumes for an instance.", - "title": "ResourceTypes", - "type": "array" - }, - "RetainInterval": { - "markdownDescription": "*[Default policies only]* Specifies how long the policy should retain snapshots or AMIs before deleting them. The retention period can range from 2 to 14 days, but it must be greater than the creation frequency to ensure that the policy retains at least 1 snapshot or AMI at any given time. If you do not specify a value, the default is 7.\n\nDefault: 7", - "title": "RetainInterval", - "type": "number" - }, - "Schedules": { - "items": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Schedule" - }, - "markdownDescription": "*[Custom snapshot and AMI policies only]* The schedules of policy-defined actions for snapshot and AMI lifecycle policies. A policy can have up to four schedules\u2014one mandatory schedule and up to three optional schedules.", - "title": "Schedules", - "type": "array" - }, - "TargetTags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "*[Custom snapshot and AMI policies only]* The single tag that identifies targeted resources for this policy.", - "title": "TargetTags", - "type": "array" - } - }, - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.RetainRule": { - "additionalProperties": false, - "properties": { - "Count": { - "markdownDescription": "The number of snapshots to retain for each volume, up to a maximum of 1000. For example if you want to retain a maximum of three snapshots, specify `3` . When the fourth snapshot is created, the oldest retained snapshot is deleted, or it is moved to the archive tier if you have specified an [ArchiveRule](https://docs.aws.amazon.com/dlm/latest/APIReference/API_ArchiveRule.html) .", - "title": "Count", - "type": "number" - }, - "Interval": { - "markdownDescription": "The amount of time to retain each snapshot. The maximum is 100 years. This is equivalent to 1200 months, 5200 weeks, or 36500 days.", - "title": "Interval", - "type": "number" - }, - "IntervalUnit": { - "markdownDescription": "The unit of time for time-based retention. For example, to retain snapshots for 3 months, specify `Interval=3` and `IntervalUnit=MONTHS` . Once the snapshot has been retained for 3 months, it is deleted, or it is moved to the archive tier if you have specified an [ArchiveRule](https://docs.aws.amazon.com/dlm/latest/APIReference/API_ArchiveRule.html) .", - "title": "IntervalUnit", + "SourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the identity that is associated with the sending authorization policy. This identity permits Amazon Cognito to send for the email address specified in the `From` parameter.", + "title": "SourceArn", "type": "string" } }, + "required": [ + "SourceArn" + ], "type": "object" }, - "AWS::DLM::LifecyclePolicy.RetentionArchiveTier": { + "AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyEmailType": { "additionalProperties": false, "properties": { - "Count": { - "markdownDescription": "The maximum number of snapshots to retain in the archive storage tier for each volume. The count must ensure that each snapshot remains in the archive tier for at least 90 days. For example, if the schedule creates snapshots every 30 days, you must specify a count of 3 or more to ensure that each snapshot is archived for at least 90 days.", - "title": "Count", - "type": "number" - }, - "Interval": { - "markdownDescription": "Specifies the period of time to retain snapshots in the archive tier. After this period expires, the snapshot is permanently deleted.", - "title": "Interval", - "type": "number" - }, - "IntervalUnit": { - "markdownDescription": "The unit of time in which to measure the *Interval* . For example, to retain a snapshots in the archive tier for 6 months, specify `Interval=6` and `IntervalUnit=MONTHS` .", - "title": "IntervalUnit", + "HtmlBody": { + "markdownDescription": "The body of an email notification formatted in HTML. Choose an `HtmlBody` or a `TextBody` to send an HTML-formatted or plaintext message, respectively.", + "title": "HtmlBody", "type": "string" - } - }, - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.Schedule": { - "additionalProperties": false, - "properties": { - "ArchiveRule": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.ArchiveRule", - "markdownDescription": "*[Custom snapshot policies that target volumes only]* The snapshot archiving rule for the schedule. When you specify an archiving rule, snapshots are automatically moved from the standard tier to the archive tier once the schedule's retention threshold is met. Snapshots are then retained in the archive tier for the archive retention period that you specify.\n\nFor more information about using snapshot archiving, see [Considerations for snapshot lifecycle policies](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/snapshot-ami-policy.html#dlm-archive) .", - "title": "ArchiveRule" - }, - "CopyTags": { - "markdownDescription": "Copy all user-defined tags on a source volume to snapshots of the volume created by this policy.", - "title": "CopyTags", - "type": "boolean" - }, - "CreateRule": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CreateRule", - "markdownDescription": "The creation rule.", - "title": "CreateRule" - }, - "CrossRegionCopyRules": { - "items": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyRule" - }, - "markdownDescription": "Specifies a rule for copying snapshots or AMIs across Regions.\n\n> You can't specify cross-Region copy rules for policies that create snapshots on an Outpost or in a Local Zone. If the policy creates snapshots in a Region, then snapshots can be copied to up to three Regions or Outposts.", - "title": "CrossRegionCopyRules", - "type": "array" - }, - "DeprecateRule": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.DeprecateRule", - "markdownDescription": "*[Custom AMI policies only]* The AMI deprecation rule for the schedule.", - "title": "DeprecateRule" - }, - "FastRestoreRule": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.FastRestoreRule", - "markdownDescription": "*[Custom snapshot policies only]* The rule for enabling fast snapshot restore.", - "title": "FastRestoreRule" }, - "Name": { - "markdownDescription": "The name of the schedule.", - "title": "Name", + "Subject": { + "markdownDescription": "The subject of the threat protection email notification.", + "title": "Subject", "type": "string" }, - "RetainRule": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.RetainRule", - "markdownDescription": "The retention rule for snapshots or AMIs created by the policy.", - "title": "RetainRule" - }, - "ShareRules": { - "items": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.ShareRule" - }, - "markdownDescription": "*[Custom snapshot policies only]* The rule for sharing snapshots with other AWS accounts .", - "title": "ShareRules", - "type": "array" - }, - "TagsToAdd": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to apply to policy-created resources. These user-defined tags are in addition to the AWS -added lifecycle tags.", - "title": "TagsToAdd", - "type": "array" - }, - "VariableTags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "*[AMI policies and snapshot policies that target instances only]* A collection of key/value pairs with values determined dynamically when the policy is executed. Keys may be any valid Amazon EC2 tag key. Values must be in one of the two following formats: `$(instance-id)` or `$(timestamp)` . Variable tags are only valid for EBS Snapshot Management \u2013 Instance policies.", - "title": "VariableTags", - "type": "array" + "TextBody": { + "markdownDescription": "The body of an email notification formatted in plaintext. Choose an `HtmlBody` or a `TextBody` to send an HTML-formatted or plaintext message, respectively.", + "title": "TextBody", + "type": "string" } }, + "required": [ + "Subject" + ], "type": "object" }, - "AWS::DLM::LifecyclePolicy.Script": { + "AWS::Cognito::UserPoolRiskConfigurationAttachment.RiskExceptionConfigurationType": { "additionalProperties": false, "properties": { - "ExecuteOperationOnScriptFailure": { - "markdownDescription": "Indicates whether Amazon Data Lifecycle Manager should default to crash-consistent snapshots if the pre script fails.\n\n- To default to crash consistent snapshot if the pre script fails, specify `true` .\n- To skip the instance for snapshot creation if the pre script fails, specify `false` .\n\nThis parameter is supported only if you run a pre script. If you run a post script only, omit this parameter.\n\nDefault: true", - "title": "ExecuteOperationOnScriptFailure", - "type": "boolean" - }, - "ExecutionHandler": { - "markdownDescription": "The SSM document that includes the pre and/or post scripts to run.\n\n- If you are automating VSS backups, specify `AWS_VSS_BACKUP` . In this case, Amazon Data Lifecycle Manager automatically uses the `AWSEC2-CreateVssSnapshot` SSM document.\n- If you are automating application-consistent snapshots for SAP HANA workloads, specify `AWSSystemsManagerSAP-CreateDLMSnapshotForSAPHANA` .\n- If you are using a custom SSM document that you own, specify either the name or ARN of the SSM document. If you are using a custom SSM document that is shared with you, specify the ARN of the SSM document.", - "title": "ExecutionHandler", - "type": "string" - }, - "ExecutionHandlerService": { - "markdownDescription": "Indicates the service used to execute the pre and/or post scripts.\n\n- If you are using custom SSM documents or automating application-consistent snapshots of SAP HANA workloads, specify `AWS_SYSTEMS_MANAGER` .\n- If you are automating VSS Backups, omit this parameter.\n\nDefault: AWS_SYSTEMS_MANAGER", - "title": "ExecutionHandlerService", - "type": "string" - }, - "ExecutionTimeout": { - "markdownDescription": "Specifies a timeout period, in seconds, after which Amazon Data Lifecycle Manager fails the script run attempt if it has not completed. If a script does not complete within its timeout period, Amazon Data Lifecycle Manager fails the attempt. The timeout period applies to the pre and post scripts individually.\n\nIf you are automating VSS Backups, omit this parameter.\n\nDefault: 10", - "title": "ExecutionTimeout", - "type": "number" - }, - "MaximumRetryCount": { - "markdownDescription": "Specifies the number of times Amazon Data Lifecycle Manager should retry scripts that fail.\n\n- If the pre script fails, Amazon Data Lifecycle Manager retries the entire snapshot creation process, including running the pre and post scripts.\n- If the post script fails, Amazon Data Lifecycle Manager retries the post script only; in this case, the pre script will have completed and the snapshot might have been created.\n\nIf you do not want Amazon Data Lifecycle Manager to retry failed scripts, specify `0` .\n\nDefault: 0", - "title": "MaximumRetryCount", - "type": "number" - }, - "Stages": { + "BlockedIPRangeList": { "items": { "type": "string" }, - "markdownDescription": "Indicate which scripts Amazon Data Lifecycle Manager should run on target instances. Pre scripts run before Amazon Data Lifecycle Manager initiates snapshot creation. Post scripts run after Amazon Data Lifecycle Manager initiates snapshot creation.\n\n- To run a pre script only, specify `PRE` . In this case, Amazon Data Lifecycle Manager calls the SSM document with the `pre-script` parameter before initiating snapshot creation.\n- To run a post script only, specify `POST` . In this case, Amazon Data Lifecycle Manager calls the SSM document with the `post-script` parameter after initiating snapshot creation.\n- To run both pre and post scripts, specify both `PRE` and `POST` . In this case, Amazon Data Lifecycle Manager calls the SSM document with the `pre-script` parameter before initiating snapshot creation, and then it calls the SSM document again with the `post-script` parameter after initiating snapshot creation.\n\nIf you are automating VSS Backups, omit this parameter.\n\nDefault: PRE and POST", - "title": "Stages", + "markdownDescription": "An always-block IP address list. Overrides the risk decision and always blocks authentication requests. This parameter is displayed and set in CIDR notation.", + "title": "BlockedIPRangeList", "type": "array" - } - }, - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.ShareRule": { - "additionalProperties": false, - "properties": { - "TargetAccounts": { + }, + "SkippedIPRangeList": { "items": { "type": "string" }, - "markdownDescription": "The IDs of the AWS accounts with which to share the snapshots.", - "title": "TargetAccounts", + "markdownDescription": "An always-allow IP address list. Risk detection isn't performed on the IP addresses in this range list. This parameter is displayed and set in CIDR notation.", + "title": "SkippedIPRangeList", "type": "array" - }, - "UnshareInterval": { - "markdownDescription": "The period after which snapshots that are shared with other AWS accounts are automatically unshared.", - "title": "UnshareInterval", - "type": "number" - }, - "UnshareIntervalUnit": { - "markdownDescription": "The unit of time for the automatic unsharing interval.", - "title": "UnshareIntervalUnit", - "type": "string" } }, "type": "object" }, - "AWS::DLM::LifecyclePolicy.VolumeTypeValues": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::DMS::Certificate": { + "AWS::Cognito::UserPoolUICustomizationAttachment": { "additionalProperties": false, "properties": { "Condition": { @@ -56192,27 +61773,31 @@ "Properties": { "additionalProperties": false, "properties": { - "CertificateIdentifier": { - "markdownDescription": "A customer-assigned name for the certificate. Identifiers must begin with a letter and must contain only ASCII letters, digits, and hyphens. They can't end with a hyphen or contain two consecutive hyphens.", - "title": "CertificateIdentifier", + "CSS": { + "markdownDescription": "A plaintext CSS file that contains the custom fields that you want to apply to your user pool or app client. To download a template, go to the Amazon Cognito console. Navigate to your user pool *App clients* tab, select *Login pages* , edit *Hosted UI (classic) style* , and select the link to `CSS template.css` .", + "title": "CSS", "type": "string" }, - "CertificatePem": { - "markdownDescription": "The contents of a `.pem` file, which contains an X.509 certificate.", - "title": "CertificatePem", + "ClientId": { + "markdownDescription": "The app client ID for your UI customization. When this value isn't present, the customization applies to all user pool app clients that don't have client-level settings..", + "title": "ClientId", "type": "string" }, - "CertificateWallet": { - "markdownDescription": "The location of an imported Oracle Wallet certificate for use with SSL. An example is: `filebase64(\"${path.root}/rds-ca-2019-root.sso\")`", - "title": "CertificateWallet", + "UserPoolId": { + "markdownDescription": "The ID of the user pool where you want to apply branding to the classic hosted UI.", + "title": "UserPoolId", "type": "string" } }, + "required": [ + "ClientId", + "UserPoolId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::DMS::Certificate" + "AWS::Cognito::UserPoolUICustomizationAttachment" ], "type": "string" }, @@ -56226,11 +61811,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::DMS::DataProvider": { + "AWS::Cognito::UserPoolUser": { "additionalProperties": false, "properties": { "Condition": { @@ -56265,53 +61851,70 @@ "Properties": { "additionalProperties": false, "properties": { - "DataProviderIdentifier": { - "markdownDescription": "The identifier of the data provider. Identifiers must begin with a letter and must contain only ASCII letters, digits, and hyphens. They can't end with a hyphen, or contain two consecutive hyphens.", - "title": "DataProviderIdentifier", - "type": "string" + "ClientMetadata": { + "additionalProperties": true, + "markdownDescription": "A map of custom key-value pairs that you can provide as input for any custom workflows that this action triggers.\n\nYou create custom workflows by assigning AWS Lambda functions to user pool triggers. When you use the AdminCreateUser API action, Amazon Cognito invokes the function that is assigned to the *pre sign-up* trigger. When Amazon Cognito invokes this function, it passes a JSON payload, which the function receives as input. This payload contains a `ClientMetadata` attribute, which provides the data that you assigned to the ClientMetadata parameter in your AdminCreateUser request. In your function code in AWS Lambda , you can process the `clientMetadata` value to enhance your workflow for your specific needs.\n\nFor more information, see [Using Lambda triggers](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html) in the *Amazon Cognito Developer Guide* .\n\n> When you use the `ClientMetadata` parameter, note that Amazon Cognito won't do the following:\n> \n> - Store the `ClientMetadata` value. This data is available only to AWS Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool configuration doesn't include triggers, the `ClientMetadata` parameter serves no purpose.\n> - Validate the `ClientMetadata` value.\n> - Encrypt the `ClientMetadata` value. Don't send sensitive information in this parameter.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "ClientMetadata", + "type": "object" }, - "DataProviderName": { - "markdownDescription": "The name of the data provider.", - "title": "DataProviderName", - "type": "string" + "DesiredDeliveryMediums": { + "items": { + "type": "string" + }, + "markdownDescription": "Specify `EMAIL` if email will be used to send the welcome message. Specify `SMS` if the phone number will be used. The default value is `SMS` . You can specify more than one value.", + "title": "DesiredDeliveryMediums", + "type": "array" }, - "Description": { - "markdownDescription": "A description of the data provider. Descriptions can have up to 31 characters. A description can contain only ASCII letters, digits, and hyphens ('-'). Also, it can't end with a hyphen or contain two consecutive hyphens, and can only begin with a letter.", - "title": "Description", - "type": "string" + "ForceAliasCreation": { + "markdownDescription": "This parameter is used only if the `phone_number_verified` or `email_verified` attribute is set to `True` . Otherwise, it is ignored.\n\nIf this parameter is set to `True` and the phone number or email address specified in the `UserAttributes` parameter already exists as an alias with a different user, this request migrates the alias from the previous user to the newly-created user. The previous user will no longer be able to log in using that alias.\n\nIf this parameter is set to `False` , the API throws an `AliasExistsException` error if the alias already exists. The default value is `False` .", + "title": "ForceAliasCreation", + "type": "boolean" }, - "Engine": { - "markdownDescription": "The type of database engine for the data provider. Valid values include `\"aurora\"` , `\"aurora-postgresql\"` , `\"mysql\"` , `\"oracle\"` , `\"postgres\"` , `\"sqlserver\"` , `redshift` , `mariadb` , `mongodb` , `db2` , `db2-zos` and `docdb` . A value of `\"aurora\"` represents Amazon Aurora MySQL-Compatible Edition.", - "title": "Engine", + "MessageAction": { + "markdownDescription": "Set to `RESEND` to resend the invitation message to a user that already exists, and to reset the temporary-password duration with a new temporary password. Set to `SUPPRESS` to suppress sending the message. You can specify only one value.", + "title": "MessageAction", "type": "string" }, - "ExactSettings": { - "markdownDescription": "", - "title": "ExactSettings", - "type": "boolean" + "UserAttributes": { + "items": { + "$ref": "#/definitions/AWS::Cognito::UserPoolUser.AttributeType" + }, + "markdownDescription": "An array of name-value pairs that contain user attributes and attribute values to be set for the user to be created. You can create a user without specifying any attributes other than `Username` . However, any attributes that you specify as required (when creating a user pool or in the *Attributes* tab of the console) either you should supply (in your call to `AdminCreateUser` ) or the user should supply (when they sign up in response to your welcome message).\n\nFor custom attributes, you must prepend the `custom:` prefix to the attribute name.\n\nTo send a message inviting the user to sign up, you must specify the user's email address or phone number. You can do this in your call to AdminCreateUser or in the *Users* tab of the Amazon Cognito console for managing your user pools.\n\nYou must also provide an email address or phone number when you expect the user to do passwordless sign-in with an email or SMS OTP. These attributes must be provided when passwordless options are the only available, or when you don't submit a `TemporaryPassword` .\n\nIn your call to `AdminCreateUser` , you can set the `email_verified` attribute to `True` , and you can set the `phone_number_verified` attribute to `True` .\n\n- *email* : The email address of the user to whom the message that contains the code and username will be sent. Required if the `email_verified` attribute is set to `True` , or if `\"EMAIL\"` is specified in the `DesiredDeliveryMediums` parameter.\n- *phone_number* : The phone number of the user to whom the message that contains the code and username will be sent. Required if the `phone_number_verified` attribute is set to `True` , or if `\"SMS\"` is specified in the `DesiredDeliveryMediums` parameter.", + "title": "UserAttributes", + "type": "array" }, - "Settings": { - "$ref": "#/definitions/AWS::DMS::DataProvider.Settings", - "markdownDescription": "The settings in JSON format for a data provider.", - "title": "Settings" + "UserPoolId": { + "markdownDescription": "The ID of the user pool where you want to create a user.", + "title": "UserPoolId", + "type": "string" }, - "Tags": { + "Username": { + "markdownDescription": "The value that you want to set as the username sign-in attribute. The following conditions apply to the username parameter.\n\n- The username can't be a duplicate of another username in the same user pool.\n- You can't change the value of a username after you create it.\n- You can only provide a value if usernames are a valid sign-in attribute for your user pool. If your user pool only supports phone numbers or email addresses as sign-in attributes, Amazon Cognito automatically generates a username value. For more information, see [Customizing sign-in attributes](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html#user-pool-settings-aliases) .", + "title": "Username", + "type": "string" + }, + "ValidationData": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Cognito::UserPoolUser.AttributeType" }, - "markdownDescription": "", - "title": "Tags", + "markdownDescription": "Temporary user attributes that contribute to the outcomes of your pre sign-up Lambda trigger. This set of key-value pairs are for custom validation of information that you collect from your users but don't need to retain.\n\nYour Lambda function can analyze this additional data and act on it. Your function can automatically confirm and verify select users or perform external API operations like logging user attributes and validation data to Amazon CloudWatch Logs.\n\nFor more information about the pre sign-up Lambda trigger, see [Pre sign-up Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-sign-up.html) .", + "title": "ValidationData", "type": "array" } }, "required": [ - "Engine" + "UserPoolId" ], "type": "object" }, "Type": { "enum": [ - "AWS::DMS::DataProvider" + "AWS::Cognito::UserPoolUser" ], "type": "string" }, @@ -56330,200 +61933,395 @@ ], "type": "object" }, - "AWS::DMS::DataProvider.MicrosoftSqlServerSettings": { + "AWS::Cognito::UserPoolUser.AttributeType": { "additionalProperties": false, "properties": { - "CertificateArn": { - "markdownDescription": "", - "title": "CertificateArn", + "Name": { + "markdownDescription": "The name of the attribute.", + "title": "Name", "type": "string" }, - "DatabaseName": { - "markdownDescription": "Database name for the endpoint.", - "title": "DatabaseName", + "Value": { + "markdownDescription": "The value of the attribute.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Cognito::UserPoolUserToGroupAttachment": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "Port": { - "markdownDescription": "Endpoint TCP port.", - "title": "Port", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ServerName": { - "markdownDescription": "Fully qualified domain name of the endpoint. For an Amazon RDS SQL Server instance, this is the output of [DescribeDBInstances](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html) , in the `[Endpoint](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_Endpoint.html) .Address` field.", - "title": "ServerName", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "GroupName": { + "markdownDescription": "The name of the group that you want to add your user to.", + "title": "GroupName", + "type": "string" + }, + "UserPoolId": { + "markdownDescription": "The ID of the user pool that contains the group that you want to add the user to.", + "title": "UserPoolId", + "type": "string" + }, + "Username": { + "markdownDescription": "The user's username.", + "title": "Username", + "type": "string" + } + }, + "required": [ + "GroupName", + "UserPoolId", + "Username" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Cognito::UserPoolUserToGroupAttachment" + ], "type": "string" }, - "SslMode": { - "markdownDescription": "", - "title": "SslMode", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "DatabaseName", - "Port", - "ServerName", - "SslMode" + "Type", + "Properties" ], "type": "object" }, - "AWS::DMS::DataProvider.MySqlSettings": { + "AWS::Comprehend::DocumentClassifier": { "additionalProperties": false, "properties": { - "CertificateArn": { - "markdownDescription": "", - "title": "CertificateArn", + "Condition": { "type": "string" }, - "Port": { - "markdownDescription": "Endpoint TCP port.", - "title": "Port", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ServerName": { - "markdownDescription": "The host name of the endpoint database.\n\nFor an Amazon RDS MySQL instance, this is the output of [DescribeDBInstances](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html) , in the `[Endpoint](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_Endpoint.html) .Address` field.\n\nFor an Aurora MySQL instance, this is the output of [DescribeDBClusters](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBClusters.html) , in the `Endpoint` field.", - "title": "ServerName", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DataAccessRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that grants Amazon Comprehend read access to your input data.", + "title": "DataAccessRoleArn", + "type": "string" + }, + "DocumentClassifierName": { + "markdownDescription": "The name of the document classifier.", + "title": "DocumentClassifierName", + "type": "string" + }, + "InputDataConfig": { + "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier.DocumentClassifierInputDataConfig", + "markdownDescription": "Specifies the format and location of the input data for the job.", + "title": "InputDataConfig" + }, + "LanguageCode": { + "markdownDescription": "The language of the input documents. You can specify any of the languages supported by Amazon Comprehend. All documents must be in the same language.", + "title": "LanguageCode", + "type": "string" + }, + "Mode": { + "markdownDescription": "Indicates the mode in which the classifier will be trained. The classifier can be trained in multi-class (single-label) mode or multi-label mode. Multi-class mode identifies a single class label for each document and multi-label mode identifies one or more class labels for each document. Multiple labels for an individual document are separated by a delimiter. The default delimiter between labels is a pipe (|).", + "title": "Mode", + "type": "string" + }, + "ModelKmsKeyId": { + "markdownDescription": "ID for the AWS KMS key that Amazon Comprehend uses to encrypt trained custom models. The ModelKmsKeyId can be either of the following formats:\n\n- KMS Key ID: `\"1234abcd-12ab-34cd-56ef-1234567890ab\"`\n- Amazon Resource Name (ARN) of a KMS Key: `\"arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\"`", + "title": "ModelKmsKeyId", + "type": "string" + }, + "ModelPolicy": { + "markdownDescription": "The resource-based policy to attach to your custom document classifier model. You can use this policy to allow another AWS account to import your custom model.\n\nProvide your policy as a JSON body that you enter as a UTF-8 encoded string without line breaks. To provide valid JSON, enclose the attribute names and values in double quotes. If the JSON body is also enclosed in double quotes, then you must escape the double quotes that are inside the policy:\n\n`\"{\\\"attribute\\\": \\\"value\\\", \\\"attribute\\\": [\\\"value\\\"]}\"`\n\nTo avoid escaping quotes, you can use single quotes to enclose the policy and double quotes to enclose the JSON names and values:\n\n`'{\"attribute\": \"value\", \"attribute\": [\"value\"]}'`", + "title": "ModelPolicy", + "type": "string" + }, + "OutputDataConfig": { + "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier.DocumentClassifierOutputDataConfig", + "markdownDescription": "Provides output results configuration parameters for custom classifier jobs.", + "title": "OutputDataConfig" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags to associate with the document classifier. A tag is a key-value pair that adds as a metadata to a resource used by Amazon Comprehend. For example, a tag with \"Sales\" as the key might be added to a resource to indicate its use by the sales department.", + "title": "Tags", + "type": "array" + }, + "VersionName": { + "markdownDescription": "The version name given to the newly created classifier. Version names can have a maximum of 256 characters. Alphanumeric characters, hyphens (-) and underscores (_) are allowed. The version name must be unique among all models with the same classifier name in the AWS account / AWS Region .", + "title": "VersionName", + "type": "string" + }, + "VolumeKmsKeyId": { + "markdownDescription": "ID for the AWS Key Management Service (KMS) key that Amazon Comprehend uses to encrypt data on the storage volume attached to the ML compute instance(s) that process the analysis job. The VolumeKmsKeyId can be either of the following formats:\n\n- KMS Key ID: `\"1234abcd-12ab-34cd-56ef-1234567890ab\"`\n- Amazon Resource Name (ARN) of a KMS Key: `\"arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\"`", + "title": "VolumeKmsKeyId", + "type": "string" + }, + "VpcConfig": { + "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier.VpcConfig", + "markdownDescription": "Configuration parameters for a private Virtual Private Cloud (VPC) containing the resources you are using for your custom classifier. For more information, see [Amazon VPC](https://docs.aws.amazon.com/vpc/latest/userguide/what-is-amazon-vpc.html) .", + "title": "VpcConfig" + } + }, + "required": [ + "DataAccessRoleArn", + "DocumentClassifierName", + "InputDataConfig", + "LanguageCode" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Comprehend::DocumentClassifier" + ], "type": "string" }, - "SslMode": { - "markdownDescription": "", - "title": "SslMode", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Port", - "ServerName", - "SslMode" + "Type", + "Properties" ], "type": "object" }, - "AWS::DMS::DataProvider.OracleSettings": { + "AWS::Comprehend::DocumentClassifier.AugmentedManifestsListItem": { "additionalProperties": false, "properties": { - "AsmServer": { - "markdownDescription": "For an Oracle source endpoint, your ASM server address. You can set this value from the `asm_server` value. You set `asm_server` as part of the extra connection attribute string to access an Oracle server with Binary Reader that uses ASM. For more information, see [Configuration for change data capture (CDC) on an Oracle source database](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.CDC.Configuration) .", - "title": "AsmServer", - "type": "string" + "AttributeNames": { + "items": { + "type": "string" + }, + "markdownDescription": "The JSON attribute that contains the annotations for your training documents. The number of attribute names that you specify depends on whether your augmented manifest file is the output of a single labeling job or a chained labeling job.\n\nIf your file is the output of a single labeling job, specify the LabelAttributeName key that was used when the job was created in Ground Truth.\n\nIf your file is the output of a chained labeling job, specify the LabelAttributeName key for one or more jobs in the chain. Each LabelAttributeName key provides the annotations from an individual job.", + "title": "AttributeNames", + "type": "array" }, - "CertificateArn": { - "markdownDescription": "", - "title": "CertificateArn", + "S3Uri": { + "markdownDescription": "The Amazon S3 location of the augmented manifest file.", + "title": "S3Uri", "type": "string" }, - "DatabaseName": { - "markdownDescription": "Database name for the endpoint.", - "title": "DatabaseName", + "Split": { + "markdownDescription": "The purpose of the data you've provided in the augmented manifest. You can either train or test this data. If you don't specify, the default is train.\n\nTRAIN - all of the documents in the manifest will be used for training. If no test documents are provided, Amazon Comprehend will automatically reserve a portion of the training documents for testing.\n\nTEST - all of the documents in the manifest will be used for testing.", + "title": "Split", + "type": "string" + } + }, + "required": [ + "AttributeNames", + "S3Uri" + ], + "type": "object" + }, + "AWS::Comprehend::DocumentClassifier.DocumentClassifierDocuments": { + "additionalProperties": false, + "properties": { + "S3Uri": { + "markdownDescription": "The S3 URI location of the training documents specified in the S3Uri CSV file.", + "title": "S3Uri", "type": "string" }, - "Port": { - "markdownDescription": "Endpoint TCP port.", - "title": "Port", - "type": "number" - }, - "SecretsManagerOracleAsmAccessRoleArn": { - "markdownDescription": "Required only if your Oracle endpoint uses Automatic Storage Management (ASM). The full ARN of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the `SecretsManagerOracleAsmSecret` . This `SecretsManagerOracleAsmSecret` has the secret value that allows access to the Oracle ASM of the endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerOracleAsmSecretId` . Or you can specify clear-text values for `AsmUser` , `AsmPassword` , and `AsmServerName` . You can't specify both. For more information on creating this `SecretsManagerOracleAsmSecret` and the `SecretsManagerOracleAsmAccessRoleArn` and `SecretsManagerOracleAsmSecretId` required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", - "title": "SecretsManagerOracleAsmAccessRoleArn", + "TestS3Uri": { + "markdownDescription": "The S3 URI location of the test documents included in the TestS3Uri CSV file. This field is not required if you do not specify a test CSV file.", + "title": "TestS3Uri", "type": "string" + } + }, + "required": [ + "S3Uri" + ], + "type": "object" + }, + "AWS::Comprehend::DocumentClassifier.DocumentClassifierInputDataConfig": { + "additionalProperties": false, + "properties": { + "AugmentedManifests": { + "items": { + "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier.AugmentedManifestsListItem" + }, + "markdownDescription": "A list of augmented manifest files that provide training data for your custom model. An augmented manifest file is a labeled dataset that is produced by Amazon SageMaker Ground Truth.\n\nThis parameter is required if you set `DataFormat` to `AUGMENTED_MANIFEST` .", + "title": "AugmentedManifests", + "type": "array" }, - "SecretsManagerOracleAsmSecretId": { - "markdownDescription": "Required only if your Oracle endpoint uses Automatic Storage Management (ASM). The full ARN, partial ARN, or friendly name of the `SecretsManagerOracleAsmSecret` that contains the Oracle ASM connection details for the Oracle endpoint.", - "title": "SecretsManagerOracleAsmSecretId", + "DataFormat": { + "markdownDescription": "The format of your training data:\n\n- `COMPREHEND_CSV` : A two-column CSV file, where labels are provided in the first column, and documents are provided in the second. If you use this value, you must provide the `S3Uri` parameter in your request.\n- `AUGMENTED_MANIFEST` : A labeled dataset that is produced by Amazon SageMaker Ground Truth. This file is in JSON lines format. Each line is a complete JSON object that contains a training document and its associated labels.\n\nIf you use this value, you must provide the `AugmentedManifests` parameter in your request.\n\nIf you don't specify a value, Amazon Comprehend uses `COMPREHEND_CSV` as the default.", + "title": "DataFormat", "type": "string" }, - "SecretsManagerSecurityDbEncryptionAccessRoleArn": { + "DocumentReaderConfig": { + "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier.DocumentReaderConfig", "markdownDescription": "", - "title": "SecretsManagerSecurityDbEncryptionAccessRoleArn", + "title": "DocumentReaderConfig" + }, + "DocumentType": { + "markdownDescription": "The type of input documents for training the model. Provide plain-text documents to create a plain-text model, and provide semi-structured documents to create a native document model.", + "title": "DocumentType", "type": "string" }, - "SecretsManagerSecurityDbEncryptionSecretId": { - "markdownDescription": "", - "title": "SecretsManagerSecurityDbEncryptionSecretId", + "Documents": { + "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier.DocumentClassifierDocuments", + "markdownDescription": "The S3 location of the training documents. This parameter is required in a request to create a native document model.", + "title": "Documents" + }, + "LabelDelimiter": { + "markdownDescription": "Indicates the delimiter used to separate each label for training a multi-label classifier. The default delimiter between labels is a pipe (|). You can use a different character as a delimiter (if it's an allowed character) by specifying it under Delimiter for labels. If the training documents use a delimiter other than the default or the delimiter you specify, the labels on that line will be combined to make a single unique label, such as LABELLABELLABEL.", + "title": "LabelDelimiter", "type": "string" }, - "ServerName": { - "markdownDescription": "Fully qualified domain name of the endpoint.\n\nFor an Amazon RDS Oracle instance, this is the output of [DescribeDBInstances](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html) , in the `[Endpoint](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_Endpoint.html) .Address` field.", - "title": "ServerName", + "S3Uri": { + "markdownDescription": "The Amazon S3 URI for the input data. The S3 bucket must be in the same Region as the API endpoint that you are calling. The URI can point to a single input file or it can provide the prefix for a collection of input files.\n\nFor example, if you use the URI `S3://bucketName/prefix` , if the prefix is a single file, Amazon Comprehend uses that file as input. If more than one file begins with the prefix, Amazon Comprehend uses all of them as input.\n\nThis parameter is required if you set `DataFormat` to `COMPREHEND_CSV` .", + "title": "S3Uri", "type": "string" }, - "SslMode": { - "markdownDescription": "", - "title": "SslMode", + "TestS3Uri": { + "markdownDescription": "This specifies the Amazon S3 location that contains the test annotations for the document classifier. The URI must be in the same AWS Region as the API endpoint that you are calling.", + "title": "TestS3Uri", "type": "string" } }, - "required": [ - "DatabaseName", - "Port", - "ServerName", - "SslMode" - ], "type": "object" }, - "AWS::DMS::DataProvider.PostgreSqlSettings": { + "AWS::Comprehend::DocumentClassifier.DocumentClassifierOutputDataConfig": { "additionalProperties": false, "properties": { - "CertificateArn": { - "markdownDescription": "", - "title": "CertificateArn", + "KmsKeyId": { + "markdownDescription": "ID for the AWS Key Management Service (KMS) key that Amazon Comprehend uses to encrypt the output results from an analysis job. The KmsKeyId can be one of the following formats:\n\n- KMS Key ID: `\"1234abcd-12ab-34cd-56ef-1234567890ab\"`\n- Amazon Resource Name (ARN) of a KMS Key: `\"arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\"`\n- KMS Key Alias: `\"alias/ExampleAlias\"`\n- ARN of a KMS Key Alias: `\"arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias\"`", + "title": "KmsKeyId", "type": "string" }, - "DatabaseName": { - "markdownDescription": "Database name for the endpoint.", - "title": "DatabaseName", + "S3Uri": { + "markdownDescription": "When you use the `OutputDataConfig` object while creating a custom classifier, you specify the Amazon S3 location where you want to write the confusion matrix and other output files. The URI must be in the same Region as the API endpoint that you are calling. The location is used as the prefix for the actual location of this output file.\n\nWhen the custom classifier job is finished, the service creates the output file in a directory specific to the job. The `S3Uri` field contains the location of the output file, called `output.tar.gz` . It is a compressed archive that contains the confusion matrix.", + "title": "S3Uri", "type": "string" - }, - "Port": { - "markdownDescription": "Endpoint TCP port. The default is 5432.", - "title": "Port", - "type": "number" - }, - "ServerName": { - "markdownDescription": "The host name of the endpoint database.\n\nFor an Amazon RDS PostgreSQL instance, this is the output of [DescribeDBInstances](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html) , in the `[Endpoint](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_Endpoint.html) .Address` field.\n\nFor an Aurora PostgreSQL instance, this is the output of [DescribeDBClusters](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBClusters.html) , in the `Endpoint` field.", - "title": "ServerName", + } + }, + "type": "object" + }, + "AWS::Comprehend::DocumentClassifier.DocumentReaderConfig": { + "additionalProperties": false, + "properties": { + "DocumentReadAction": { + "markdownDescription": "This field defines the Amazon Textract API operation that Amazon Comprehend uses to extract text from PDF files and image files. Enter one of the following values:\n\n- `TEXTRACT_DETECT_DOCUMENT_TEXT` - The Amazon Comprehend service uses the `DetectDocumentText` API operation.\n- `TEXTRACT_ANALYZE_DOCUMENT` - The Amazon Comprehend service uses the `AnalyzeDocument` API operation.", + "title": "DocumentReadAction", "type": "string" }, - "SslMode": { - "markdownDescription": "", - "title": "SslMode", + "DocumentReadMode": { + "markdownDescription": "Determines the text extraction actions for PDF files. Enter one of the following values:\n\n- `SERVICE_DEFAULT` - use the Amazon Comprehend service defaults for PDF files.\n- `FORCE_DOCUMENT_READ_ACTION` - Amazon Comprehend uses the Textract API specified by DocumentReadAction for all PDF files, including digital PDF files.", + "title": "DocumentReadMode", "type": "string" + }, + "FeatureTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the type of Amazon Textract features to apply. If you chose `TEXTRACT_ANALYZE_DOCUMENT` as the read action, you must specify one or both of the following values:\n\n- `TABLES` - Returns additional information about any tables that are detected in the input document.\n- `FORMS` - Returns additional information about any forms that are detected in the input document.", + "title": "FeatureTypes", + "type": "array" } }, "required": [ - "DatabaseName", - "Port", - "ServerName", - "SslMode" + "DocumentReadAction" ], "type": "object" }, - "AWS::DMS::DataProvider.Settings": { + "AWS::Comprehend::DocumentClassifier.VpcConfig": { "additionalProperties": false, "properties": { - "MicrosoftSqlServerSettings": { - "$ref": "#/definitions/AWS::DMS::DataProvider.MicrosoftSqlServerSettings", - "markdownDescription": "", - "title": "MicrosoftSqlServerSettings" - }, - "MySqlSettings": { - "$ref": "#/definitions/AWS::DMS::DataProvider.MySqlSettings", - "markdownDescription": "", - "title": "MySqlSettings" - }, - "OracleSettings": { - "$ref": "#/definitions/AWS::DMS::DataProvider.OracleSettings", - "markdownDescription": "", - "title": "OracleSettings" + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The ID number for a security group on an instance of your private VPC. Security groups on your VPC function serve as a virtual firewall to control inbound and outbound traffic and provides security for the resources that you\u2019ll be accessing on the VPC. This ID number is preceded by \"sg-\", for instance: \"sg-03b388029b0a285ea\". For more information, see [Security Groups for your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) .", + "title": "SecurityGroupIds", + "type": "array" }, - "PostgreSqlSettings": { - "$ref": "#/definitions/AWS::DMS::DataProvider.PostgreSqlSettings", - "markdownDescription": "", - "title": "PostgreSqlSettings" + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The ID for each subnet being used in your private VPC. This subnet is a subset of the a range of IPv4 addresses used by the VPC and is specific to a given availability zone in the VPC\u2019s Region. This ID number is preceded by \"subnet-\", for instance: \"subnet-04ccf456919e69055\". For more information, see [VPCs and Subnets](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) .", + "title": "Subnets", + "type": "array" } }, + "required": [ + "SecurityGroupIds", + "Subnets" + ], "type": "object" }, - "AWS::DMS::Endpoint": { + "AWS::Comprehend::Flywheel": { "additionalProperties": false, "properties": { "Condition": { @@ -56558,174 +62356,60 @@ "Properties": { "additionalProperties": false, "properties": { - "CertificateArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the certificate.", - "title": "CertificateArn", - "type": "string" - }, - "DatabaseName": { - "markdownDescription": "The name of the endpoint database. For a MySQL source or target endpoint, don't specify `DatabaseName` . To migrate to a specific database, use this setting and `targetDbType` .", - "title": "DatabaseName", - "type": "string" - }, - "DocDbSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.DocDbSettings", - "markdownDescription": "Settings in JSON format for the source and target DocumentDB endpoint. For more information about other available settings, see [Using extra connections attributes with Amazon DocumentDB as a source](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.DocumentDB.html#CHAP_Source.DocumentDB.ECAs) and [Using Amazon DocumentDB as a target for AWS Database Migration Service](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.DocumentDB.html) in the *AWS Database Migration Service User Guide* .", - "title": "DocDbSettings" - }, - "DynamoDbSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.DynamoDbSettings", - "markdownDescription": "Settings in JSON format for the target Amazon DynamoDB endpoint. For information about other available settings, see [Using object mapping to migrate data to DynamoDB](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.DynamoDB.html#CHAP_Target.DynamoDB.ObjectMapping) in the *AWS Database Migration Service User Guide* .", - "title": "DynamoDbSettings" - }, - "ElasticsearchSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.ElasticsearchSettings", - "markdownDescription": "Settings in JSON format for the target OpenSearch endpoint. For more information about the available settings, see [Extra connection attributes when using OpenSearch as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Elasticsearch.html#CHAP_Target.Elasticsearch.Configuration) in the *AWS Database Migration Service User Guide* .", - "title": "ElasticsearchSettings" - }, - "EndpointIdentifier": { - "markdownDescription": "The database endpoint identifier. Identifiers must begin with a letter and must contain only ASCII letters, digits, and hyphens. They can't end with a hyphen, or contain two consecutive hyphens.", - "title": "EndpointIdentifier", - "type": "string" - }, - "EndpointType": { - "markdownDescription": "The type of endpoint. Valid values are `source` and `target` .", - "title": "EndpointType", - "type": "string" - }, - "EngineName": { - "markdownDescription": "The type of engine for the endpoint, depending on the `EndpointType` value.\n\n*Valid values* : `mysql` | `oracle` | `postgres` | `mariadb` | `aurora` | `aurora-postgresql` | `opensearch` | `redshift` | `redshift-serverless` | `s3` | `db2` | `azuredb` | `sybase` | `dynamodb` | `mongodb` | `kinesis` | `kafka` | `elasticsearch` | `docdb` | `sqlserver` | `neptune`", - "title": "EngineName", - "type": "string" - }, - "ExtraConnectionAttributes": { - "markdownDescription": "Additional attributes associated with the connection. Each attribute is specified as a name-value pair associated by an equal sign (=). Multiple attributes are separated by a semicolon (;) with no additional white space. For information on the attributes available for connecting your source or target endpoint, see [Working with AWS DMS Endpoints](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Endpoints.html) in the *AWS Database Migration Service User Guide* .", - "title": "ExtraConnectionAttributes", - "type": "string" - }, - "GcpMySQLSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.GcpMySQLSettings", - "markdownDescription": "Settings in JSON format for the source GCP MySQL endpoint. These settings are much the same as the settings for any MySQL-compatible endpoint. For more information, see [Extra connection attributes when using MySQL as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.MySQL.html#CHAP_Source.MySQL.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", - "title": "GcpMySQLSettings" - }, - "IbmDb2Settings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.IbmDb2Settings", - "markdownDescription": "Settings in JSON format for the source IBM Db2 LUW endpoint. For information about other available settings, see [Extra connection attributes when using Db2 LUW as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.DB2.html#CHAP_Source.DB2.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", - "title": "IbmDb2Settings" - }, - "KafkaSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.KafkaSettings", - "markdownDescription": "Settings in JSON format for the target Apache Kafka endpoint. For more information about other available settings, see [Using object mapping to migrate data to a Kafka topic](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Kafka.html#CHAP_Target.Kafka.ObjectMapping) in the *AWS Database Migration Service User Guide* .", - "title": "KafkaSettings" - }, - "KinesisSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.KinesisSettings", - "markdownDescription": "Settings in JSON format for the target endpoint for Amazon Kinesis Data Streams. For more information about other available settings, see [Using object mapping to migrate data to a Kinesis data stream](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Kinesis.html#CHAP_Target.Kinesis.ObjectMapping) in the *AWS Database Migration Service User Guide* .", - "title": "KinesisSettings" - }, - "KmsKeyId": { - "markdownDescription": "An AWS KMS key identifier that is used to encrypt the connection parameters for the endpoint.\n\nIf you don't specify a value for the `KmsKeyId` parameter, AWS DMS uses your default encryption key.\n\nAWS KMS creates the default encryption key for your AWS account . Your AWS account has a different default encryption key for each AWS Region .", - "title": "KmsKeyId", + "ActiveModelArn": { + "markdownDescription": "The Amazon Resource Number (ARN) of the active model version.", + "title": "ActiveModelArn", "type": "string" }, - "MicrosoftSqlServerSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.MicrosoftSqlServerSettings", - "markdownDescription": "Settings in JSON format for the source and target Microsoft SQL Server endpoint. For information about other available settings, see [Extra connection attributes when using SQL Server as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.SQLServer.html#CHAP_Source.SQLServer.ConnectionAttrib) and [Extra connection attributes when using SQL Server as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.SQLServer.html#CHAP_Target.SQLServer.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", - "title": "MicrosoftSqlServerSettings" - }, - "MongoDbSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.MongoDbSettings", - "markdownDescription": "Settings in JSON format for the source MongoDB endpoint. For more information about the available settings, see [Using MongoDB as a target for AWS Database Migration Service](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.MongoDB.html#CHAP_Source.MongoDB.Configuration) in the *AWS Database Migration Service User Guide* .", - "title": "MongoDbSettings" - }, - "MySqlSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.MySqlSettings", - "markdownDescription": "Settings in JSON format for the source and target MySQL endpoint. For information about other available settings, see [Extra connection attributes when using MySQL as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.MySQL.html#CHAP_Source.MySQL.ConnectionAttrib) and [Extra connection attributes when using a MySQL-compatible database as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.MySQL.html#CHAP_Target.MySQL.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", - "title": "MySqlSettings" - }, - "NeptuneSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.NeptuneSettings", - "markdownDescription": "Settings in JSON format for the target Amazon Neptune endpoint. For more information about the available settings, see [Specifying endpoint settings for Amazon Neptune as a target](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Neptune.html#CHAP_Target.Neptune.EndpointSettings) in the *AWS Database Migration Service User Guide* .", - "title": "NeptuneSettings" - }, - "OracleSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.OracleSettings", - "markdownDescription": "Settings in JSON format for the source and target Oracle endpoint. For information about other available settings, see [Extra connection attributes when using Oracle as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.ConnectionAttrib) and [Extra connection attributes when using Oracle as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Oracle.html#CHAP_Target.Oracle.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", - "title": "OracleSettings" - }, - "Password": { - "markdownDescription": "The password to be used to log in to the endpoint database.", - "title": "Password", + "DataAccessRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that grants Amazon Comprehend permission to access the flywheel data.", + "title": "DataAccessRoleArn", "type": "string" }, - "Port": { - "markdownDescription": "The port used by the endpoint database.", - "title": "Port", - "type": "number" - }, - "PostgreSqlSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.PostgreSqlSettings", - "markdownDescription": "Settings in JSON format for the source and target PostgreSQL endpoint.\n\nFor information about other available settings, see [Extra connection attributes when using PostgreSQL as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.PostgreSQL.html#CHAP_Source.PostgreSQL.ConnectionAttrib) and [Extra connection attributes when using PostgreSQL as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.PostgreSQL.html#CHAP_Target.PostgreSQL.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", - "title": "PostgreSqlSettings" - }, - "RedisSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.RedisSettings", - "markdownDescription": "Settings in JSON format for the target Redis endpoint. For information about other available settings, see [Specifying endpoint settings for Redis as a target](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Redis.html#CHAP_Target.Redis.EndpointSettings) in the *AWS Database Migration Service User Guide* .", - "title": "RedisSettings" - }, - "RedshiftSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.RedshiftSettings", - "markdownDescription": "Settings in JSON format for the Amazon Redshift endpoint.\n\nFor more information about other available settings, see [Extra connection attributes when using Amazon Redshift as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Redshift.html#CHAP_Target.Redshift.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", - "title": "RedshiftSettings" - }, - "ResourceIdentifier": { - "markdownDescription": "A display name for the resource identifier at the end of the `EndpointArn` response parameter that is returned in the created `Endpoint` object. The value for this parameter can have up to 31 characters. It can contain only ASCII letters, digits, and hyphen ('-'). Also, it can't end with a hyphen or contain two consecutive hyphens, and can only begin with a letter, such as `Example-App-ARN1` .\n\nFor example, this value might result in the `EndpointArn` value `arn:aws:dms:eu-west-1:012345678901:rep:Example-App-ARN1` . If you don't specify a `ResourceIdentifier` value, AWS DMS generates a default identifier value for the end of `EndpointArn` .", - "title": "ResourceIdentifier", + "DataLakeS3Uri": { + "markdownDescription": "Amazon S3 URI of the data lake location.", + "title": "DataLakeS3Uri", "type": "string" }, - "S3Settings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.S3Settings", - "markdownDescription": "Settings in JSON format for the source and target Amazon S3 endpoint. For more information about other available settings, see [Extra connection attributes when using Amazon S3 as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.S3.html#CHAP_Source.S3.Configuring) and [Extra connection attributes when using Amazon S3 as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.Configuring) in the *AWS Database Migration Service User Guide* .", - "title": "S3Settings" + "DataSecurityConfig": { + "$ref": "#/definitions/AWS::Comprehend::Flywheel.DataSecurityConfig", + "markdownDescription": "Data security configuration.", + "title": "DataSecurityConfig" }, - "ServerName": { - "markdownDescription": "The name of the server where the endpoint database resides.", - "title": "ServerName", + "FlywheelName": { + "markdownDescription": "Name for the flywheel.", + "title": "FlywheelName", "type": "string" }, - "SslMode": { - "markdownDescription": "The Secure Sockets Layer (SSL) mode to use for the SSL connection. The default is `none` .\n\n> When `engine_name` is set to S3, the only allowed value is `none` .", - "title": "SslMode", + "ModelType": { + "markdownDescription": "Model type of the flywheel's model.", + "title": "ModelType", "type": "string" }, - "SybaseSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.SybaseSettings", - "markdownDescription": "Settings in JSON format for the source and target SAP ASE endpoint. For information about other available settings, see [Extra connection attributes when using SAP ASE as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.SAP.html#CHAP_Source.SAP.ConnectionAttrib) and [Extra connection attributes when using SAP ASE as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.SAP.html#CHAP_Target.SAP.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", - "title": "SybaseSettings" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "One or more tags to be assigned to the endpoint.", + "markdownDescription": "Tags associated with the endpoint being created. A tag is a key-value pair that adds metadata to the endpoint. For example, a tag with \"Sales\" as the key might be added to an endpoint to indicate its use by the sales department.", "title": "Tags", "type": "array" }, - "Username": { - "markdownDescription": "The user name to be used to log in to the endpoint database.", - "title": "Username", - "type": "string" + "TaskConfig": { + "$ref": "#/definitions/AWS::Comprehend::Flywheel.TaskConfig", + "markdownDescription": "Configuration about the model associated with a flywheel.", + "title": "TaskConfig" } }, "required": [ - "EndpointType", - "EngineName" + "DataAccessRoleArn", + "DataLakeS3Uri", + "FlywheelName" ], "type": "object" }, "Type": { "enum": [ - "AWS::DMS::Endpoint" + "AWS::Comprehend::Flywheel" ], "type": "string" }, @@ -56744,1277 +62428,1302 @@ ], "type": "object" }, - "AWS::DMS::Endpoint.DocDbSettings": { + "AWS::Comprehend::Flywheel.DataSecurityConfig": { "additionalProperties": false, "properties": { - "DocsToInvestigate": { - "markdownDescription": "Indicates the number of documents to preview to determine the document organization. Use this setting when `NestingLevel` is set to `\"one\"` .\n\nMust be a positive value greater than `0` . Default value is `1000` .", - "title": "DocsToInvestigate", - "type": "number" - }, - "ExtractDocId": { - "markdownDescription": "Specifies the document ID. Use this setting when `NestingLevel` is set to `\"none\"` .\n\nDefault value is `\"false\"` .", - "title": "ExtractDocId", - "type": "boolean" - }, - "NestingLevel": { - "markdownDescription": "Specifies either document or table mode.\n\nDefault value is `\"none\"` . Specify `\"none\"` to use document mode. Specify `\"one\"` to use table mode.", - "title": "NestingLevel", + "DataLakeKmsKeyId": { + "markdownDescription": "ID for the AWS KMS key that Amazon Comprehend uses to encrypt the data in the data lake.", + "title": "DataLakeKmsKeyId", "type": "string" }, - "SecretsManagerAccessRoleArn": { - "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the DocumentDB endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", - "title": "SecretsManagerAccessRoleArn", + "ModelKmsKeyId": { + "markdownDescription": "ID for the AWS KMS key that Amazon Comprehend uses to encrypt trained custom models. The ModelKmsKeyId can be either of the following formats:\n\n- KMS Key ID: `\"1234abcd-12ab-34cd-56ef-1234567890ab\"`\n- Amazon Resource Name (ARN) of a KMS Key: `\"arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\"`", + "title": "ModelKmsKeyId", "type": "string" }, - "SecretsManagerSecretId": { - "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the DocumentDB endpoint connection details.", - "title": "SecretsManagerSecretId", + "VolumeKmsKeyId": { + "markdownDescription": "ID for the AWS KMS key that Amazon Comprehend uses to encrypt the volume.", + "title": "VolumeKmsKeyId", "type": "string" + }, + "VpcConfig": { + "$ref": "#/definitions/AWS::Comprehend::Flywheel.VpcConfig", + "markdownDescription": "Configuration parameters for an optional private Virtual Private Cloud (VPC) containing the resources you are using for the job. For more information, see [Amazon VPC](https://docs.aws.amazon.com/vpc/latest/userguide/what-is-amazon-vpc.html) .", + "title": "VpcConfig" } }, "type": "object" }, - "AWS::DMS::Endpoint.DynamoDbSettings": { + "AWS::Comprehend::Flywheel.DocumentClassificationConfig": { "additionalProperties": false, "properties": { - "ServiceAccessRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) used by the service to access the IAM role. The role must allow the `iam:PassRole` action.", - "title": "ServiceAccessRoleArn", + "Labels": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more labels to associate with the custom classifier.", + "title": "Labels", + "type": "array" + }, + "Mode": { + "markdownDescription": "Classification mode indicates whether the documents are `MULTI_CLASS` or `MULTI_LABEL` .", + "title": "Mode", "type": "string" } }, + "required": [ + "Mode" + ], "type": "object" }, - "AWS::DMS::Endpoint.ElasticsearchSettings": { + "AWS::Comprehend::Flywheel.EntityRecognitionConfig": { "additionalProperties": false, "properties": { - "EndpointUri": { - "markdownDescription": "The endpoint for the OpenSearch cluster. AWS DMS uses HTTPS if a transport protocol (either HTTP or HTTPS) isn't specified.", - "title": "EndpointUri", - "type": "string" - }, - "ErrorRetryDuration": { - "markdownDescription": "The maximum number of seconds for which DMS retries failed API requests to the OpenSearch cluster.", - "title": "ErrorRetryDuration", - "type": "number" - }, - "FullLoadErrorPercentage": { - "markdownDescription": "The maximum percentage of records that can fail to be written before a full load operation stops.\n\nTo avoid early failure, this counter is only effective after 1,000 records are transferred. OpenSearch also has the concept of error monitoring during the last 10 minutes of an Observation Window. If transfer of all records fail in the last 10 minutes, the full load operation stops.", - "title": "FullLoadErrorPercentage", - "type": "number" - }, - "ServiceAccessRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) used by the service to access the IAM role. The role must allow the `iam:PassRole` action.", - "title": "ServiceAccessRoleArn", - "type": "string" + "EntityTypes": { + "items": { + "$ref": "#/definitions/AWS::Comprehend::Flywheel.EntityTypesListItem" + }, + "markdownDescription": "Up to 25 entity types that the model is trained to recognize.", + "title": "EntityTypes", + "type": "array" } }, "type": "object" }, - "AWS::DMS::Endpoint.GcpMySQLSettings": { + "AWS::Comprehend::Flywheel.EntityTypesListItem": { "additionalProperties": false, "properties": { - "AfterConnectScript": { - "markdownDescription": "Specifies a script to run immediately after AWS DMS connects to the endpoint. The migration task continues running regardless if the SQL statement succeeds or fails.\n\nFor this parameter, provide the code of the script itself, not the name of a file containing the script.", - "title": "AfterConnectScript", - "type": "string" - }, - "CleanSourceMetadataOnMismatch": { - "markdownDescription": "Adjusts the behavior of AWS DMS when migrating from an SQL Server source database that is hosted as part of an Always On availability group cluster. If you need AWS DMS to poll all the nodes in the Always On cluster for transaction backups, set this attribute to `false` .", - "title": "CleanSourceMetadataOnMismatch", - "type": "boolean" - }, - "DatabaseName": { - "markdownDescription": "Database name for the endpoint. For a MySQL source or target endpoint, don't explicitly specify the database using the `DatabaseName` request parameter on either the `CreateEndpoint` or `ModifyEndpoint` API call. Specifying `DatabaseName` when you create or modify a MySQL endpoint replicates all the task tables to this single database. For MySQL endpoints, you specify the database only when you specify the schema in the table-mapping rules of the AWS DMS task.", - "title": "DatabaseName", - "type": "string" - }, - "EventsPollInterval": { - "markdownDescription": "Specifies how often to check the binary log for new changes/events when the database is idle. The default is five seconds.\n\nExample: `eventsPollInterval=5;`\n\nIn the example, AWS DMS checks for changes in the binary logs every five seconds.", - "title": "EventsPollInterval", - "type": "number" - }, - "MaxFileSize": { - "markdownDescription": "Specifies the maximum size (in KB) of any .csv file used to transfer data to a MySQL-compatible database.\n\nExample: `maxFileSize=512`", - "title": "MaxFileSize", - "type": "number" - }, - "ParallelLoadThreads": { - "markdownDescription": "Improves performance when loading data into the MySQL-compatible target database. Specifies how many threads to use to load the data into the MySQL-compatible target database. Setting a large number of threads can have an adverse effect on database performance, because a separate connection is required for each thread. The default is one.\n\nExample: `parallelLoadThreads=1`", - "title": "ParallelLoadThreads", - "type": "number" - }, - "Password": { - "markdownDescription": "Endpoint connection password.", - "title": "Password", - "type": "string" - }, - "Port": { - "markdownDescription": "The port used by the endpoint database.", - "title": "Port", - "type": "number" - }, - "SecretsManagerAccessRoleArn": { - "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret.` The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the MySQL endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", - "title": "SecretsManagerAccessRoleArn", - "type": "string" - }, - "SecretsManagerSecretId": { - "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the MySQL endpoint connection details.", - "title": "SecretsManagerSecretId", + "Type": { + "markdownDescription": "An entity type within a labeled training dataset that Amazon Comprehend uses to train a custom entity recognizer.\n\nEntity types must not contain the following invalid characters: \\n (line break), \\\\n (escaped line break, \\r (carriage return), \\\\r (escaped carriage return), \\t (tab), \\\\t (escaped tab), and , (comma).", + "title": "Type", "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Comprehend::Flywheel.TaskConfig": { + "additionalProperties": false, + "properties": { + "DocumentClassificationConfig": { + "$ref": "#/definitions/AWS::Comprehend::Flywheel.DocumentClassificationConfig", + "markdownDescription": "Configuration required for a document classification model.", + "title": "DocumentClassificationConfig" }, - "ServerName": { - "markdownDescription": "The MySQL host name.", - "title": "ServerName", - "type": "string" + "EntityRecognitionConfig": { + "$ref": "#/definitions/AWS::Comprehend::Flywheel.EntityRecognitionConfig", + "markdownDescription": "Configuration required for an entity recognition model.", + "title": "EntityRecognitionConfig" }, - "ServerTimezone": { - "markdownDescription": "Specifies the time zone for the source MySQL database. Don't enclose time zones in single quotation marks.\n\nExample: `serverTimezone=US/Pacific;`", - "title": "ServerTimezone", + "LanguageCode": { + "markdownDescription": "Language code for the language that the model supports.", + "title": "LanguageCode", "type": "string" + } + }, + "required": [ + "LanguageCode" + ], + "type": "object" + }, + "AWS::Comprehend::Flywheel.VpcConfig": { + "additionalProperties": false, + "properties": { + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The ID number for a security group on an instance of your private VPC. Security groups on your VPC function serve as a virtual firewall to control inbound and outbound traffic and provides security for the resources that you\u2019ll be accessing on the VPC. This ID number is preceded by \"sg-\", for instance: \"sg-03b388029b0a285ea\". For more information, see [Security Groups for your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) .", + "title": "SecurityGroupIds", + "type": "array" }, - "Username": { - "markdownDescription": "Endpoint connection user name.", - "title": "Username", - "type": "string" + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The ID for each subnet being used in your private VPC. This subnet is a subset of the a range of IPv4 addresses used by the VPC and is specific to a given availability zone in the VPC\u2019s Region. This ID number is preceded by \"subnet-\", for instance: \"subnet-04ccf456919e69055\". For more information, see [VPCs and Subnets](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) .", + "title": "Subnets", + "type": "array" } }, + "required": [ + "SecurityGroupIds", + "Subnets" + ], "type": "object" }, - "AWS::DMS::Endpoint.IbmDb2Settings": { + "AWS::Config::AggregationAuthorization": { "additionalProperties": false, "properties": { - "CurrentLsn": { - "markdownDescription": "For ongoing replication (CDC), use CurrentLSN to specify a log sequence number (LSN) where you want the replication to start.", - "title": "CurrentLsn", + "Condition": { "type": "string" }, - "KeepCsvFiles": { - "markdownDescription": "If true, AWS DMS saves any .csv files to the Db2 LUW target that were used to replicate data. DMS uses these files for analysis and troubleshooting.\n\nThe default value is false.", - "title": "KeepCsvFiles", - "type": "boolean" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "LoadTimeout": { - "markdownDescription": "The amount of time (in milliseconds) before AWS DMS times out operations performed by DMS on the Db2 target. The default value is 1200 (20 minutes).", - "title": "LoadTimeout", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "MaxFileSize": { - "markdownDescription": "Specifies the maximum size (in KB) of .csv files used to transfer data to Db2 LUW.", - "title": "MaxFileSize", - "type": "number" + "Metadata": { + "type": "object" }, - "MaxKBytesPerRead": { - "markdownDescription": "Maximum number of bytes per read, as a NUMBER value. The default is 64 KB.", - "title": "MaxKBytesPerRead", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "AuthorizedAccountId": { + "markdownDescription": "The 12-digit account ID of the account authorized to aggregate data.", + "title": "AuthorizedAccountId", + "type": "string" + }, + "AuthorizedAwsRegion": { + "markdownDescription": "The region authorized to collect aggregated data.", + "title": "AuthorizedAwsRegion", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of tag object.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "AuthorizedAccountId", + "AuthorizedAwsRegion" + ], + "type": "object" }, - "SecretsManagerAccessRoleArn": { - "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value ofthe AWS Secrets Manager secret that allows access to the Db2 LUW endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", - "title": "SecretsManagerAccessRoleArn", + "Type": { + "enum": [ + "AWS::Config::AggregationAuthorization" + ], "type": "string" }, - "SecretsManagerSecretId": { - "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the IBMDB2 endpoint connection details.", - "title": "SecretsManagerSecretId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "SetDataCaptureChanges": { - "markdownDescription": "Enables ongoing replication (CDC) as a BOOLEAN value. The default is true.", - "title": "SetDataCaptureChanges", - "type": "boolean" - }, - "WriteBufferSize": { - "markdownDescription": "The size (in KB) of the in-memory file write buffer used when generating .csv files on the local disk on the DMS replication instance. The default value is 1024 (1 MB).", - "title": "WriteBufferSize", - "type": "number" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::DMS::Endpoint.KafkaSettings": { + "AWS::Config::ConfigRule": { "additionalProperties": false, "properties": { - "Broker": { - "markdownDescription": "A comma-separated list of one or more broker locations in your Kafka cluster that host your Kafka instance. Specify each broker location in the form `*broker-hostname-or-ip* : *port*` . For example, `\"ec2-12-345-678-901.compute-1.amazonaws.com:2345\"` . For more information and examples of specifying a list of broker locations, see [Using Apache Kafka as a target for AWS Database Migration Service](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Kafka.html) in the *AWS Database Migration Service User Guide* .", - "title": "Broker", + "Condition": { "type": "string" }, - "IncludeControlDetails": { - "markdownDescription": "Shows detailed control information for table definition, column definition, and table and column changes in the Kafka message output. The default is `false` .", - "title": "IncludeControlDetails", - "type": "boolean" - }, - "IncludeNullAndEmpty": { - "markdownDescription": "Include NULL and empty columns for records migrated to the endpoint. The default is `false` .", - "title": "IncludeNullAndEmpty", - "type": "boolean" - }, - "IncludePartitionValue": { - "markdownDescription": "Shows the partition value within the Kafka message output unless the partition type is `schema-table-type` . The default is `false` .", - "title": "IncludePartitionValue", - "type": "boolean" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "IncludeTableAlterOperations": { - "markdownDescription": "Includes any data definition language (DDL) operations that change the table in the control data, such as `rename-table` , `drop-table` , `add-column` , `drop-column` , and `rename-column` . The default is `false` .", - "title": "IncludeTableAlterOperations", - "type": "boolean" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "IncludeTransactionDetails": { - "markdownDescription": "Provides detailed transaction information from the source database. This information includes a commit timestamp, a log position, and values for `transaction_id` , previous `transaction_id` , and `transaction_record_id` (the record offset within a transaction). The default is `false` .", - "title": "IncludeTransactionDetails", - "type": "boolean" + "Metadata": { + "type": "object" }, - "MessageFormat": { - "markdownDescription": "The output format for the records created on the endpoint. The message format is `JSON` (default) or `JSON_UNFORMATTED` (a single line with no tab).", - "title": "MessageFormat", - "type": "string" - }, - "MessageMaxBytes": { - "markdownDescription": "The maximum size in bytes for records created on the endpoint The default is 1,000,000.", - "title": "MessageMaxBytes", - "type": "number" - }, - "NoHexPrefix": { - "markdownDescription": "Set this optional parameter to `true` to avoid adding a '0x' prefix to raw data in hexadecimal format. For example, by default, AWS DMS adds a '0x' prefix to the LOB column type in hexadecimal format moving from an Oracle source to a Kafka target. Use the `NoHexPrefix` endpoint setting to enable migration of RAW data type columns without adding the '0x' prefix.", - "title": "NoHexPrefix", - "type": "boolean" - }, - "PartitionIncludeSchemaTable": { - "markdownDescription": "Prefixes schema and table names to partition values, when the partition type is `primary-key-type` . Doing this increases data distribution among Kafka partitions. For example, suppose that a SysBench schema has thousands of tables and each table has only limited range for a primary key. In this case, the same primary key is sent from thousands of tables to the same partition, which causes throttling. The default is `false` .", - "title": "PartitionIncludeSchemaTable", - "type": "boolean" - }, - "SaslPassword": { - "markdownDescription": "The secure password that you created when you first set up your Amazon MSK cluster to validate a client identity and make an encrypted connection between server and client using SASL-SSL authentication.", - "title": "SaslPassword", - "type": "string" - }, - "SaslUserName": { - "markdownDescription": "The secure user name you created when you first set up your Amazon MSK cluster to validate a client identity and make an encrypted connection between server and client using SASL-SSL authentication.", - "title": "SaslUserName", - "type": "string" - }, - "SecurityProtocol": { - "markdownDescription": "Set secure connection to a Kafka target endpoint using Transport Layer Security (TLS). Options include `ssl-encryption` , `ssl-authentication` , and `sasl-ssl` . `sasl-ssl` requires `SaslUsername` and `SaslPassword` .", - "title": "SecurityProtocol", - "type": "string" - }, - "SslCaCertificateArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the private certificate authority (CA) cert that AWS DMS uses to securely connect to your Kafka target endpoint.", - "title": "SslCaCertificateArn", - "type": "string" - }, - "SslClientCertificateArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the client certificate used to securely connect to a Kafka target endpoint.", - "title": "SslClientCertificateArn", - "type": "string" - }, - "SslClientKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the client private key used to securely connect to a Kafka target endpoint.", - "title": "SslClientKeyArn", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Compliance": { + "$ref": "#/definitions/AWS::Config::ConfigRule.Compliance", + "markdownDescription": "Indicates whether an AWS resource or AWS Config rule is compliant and provides the number of contributors that affect the compliance.", + "title": "Compliance" + }, + "ConfigRuleName": { + "markdownDescription": "A name for the AWS Config rule. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the rule name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .", + "title": "ConfigRuleName", + "type": "string" + }, + "Description": { + "markdownDescription": "The description that you provide for the AWS Config rule.", + "title": "Description", + "type": "string" + }, + "EvaluationModes": { + "items": { + "$ref": "#/definitions/AWS::Config::ConfigRule.EvaluationModeConfiguration" + }, + "markdownDescription": "The modes the AWS Config rule can be evaluated in. The valid values are distinct objects. By default, the value is Detective evaluation mode only.", + "title": "EvaluationModes", + "type": "array" + }, + "InputParameters": { + "markdownDescription": "A string, in JSON format, that is passed to the AWS Config rule Lambda function.", + "title": "InputParameters", + "type": "object" + }, + "MaximumExecutionFrequency": { + "markdownDescription": "The maximum frequency with which AWS Config runs evaluations for a rule. You can specify a value for `MaximumExecutionFrequency` when:\n\n- You are using an AWS managed rule that is triggered at a periodic frequency.\n- Your custom rule is triggered when AWS Config delivers the configuration snapshot. For more information, see [ConfigSnapshotDeliveryProperties](https://docs.aws.amazon.com/config/latest/APIReference/API_ConfigSnapshotDeliveryProperties.html) .\n\n> By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the `MaximumExecutionFrequency` parameter.", + "title": "MaximumExecutionFrequency", + "type": "string" + }, + "Scope": { + "$ref": "#/definitions/AWS::Config::ConfigRule.Scope", + "markdownDescription": "Defines which resources can trigger an evaluation for the rule. The scope can include one or more resource types, a combination of one resource type and one resource ID, or a combination of a tag key and value. Specify a scope to constrain the resources that can trigger an evaluation for the rule. If you do not specify a scope, evaluations are triggered when any resource in the recording group changes.", + "title": "Scope" + }, + "Source": { + "$ref": "#/definitions/AWS::Config::ConfigRule.Source", + "markdownDescription": "Provides the rule owner ( `AWS` for managed rules, `CUSTOM_POLICY` for Custom Policy rules, and `CUSTOM_LAMBDA` for Custom Lambda rules), the rule identifier, and the notifications that cause the function to evaluate your AWS resources.", + "title": "Source" + } + }, + "required": [ + "Source" + ], + "type": "object" }, - "SslClientKeyPassword": { - "markdownDescription": "The password for the client private key used to securely connect to a Kafka target endpoint.", - "title": "SslClientKeyPassword", + "Type": { + "enum": [ + "AWS::Config::ConfigRule" + ], "type": "string" }, - "Topic": { - "markdownDescription": "The topic to which you migrate the data. If you don't specify a topic, AWS DMS specifies `\"kafka-default-topic\"` as the migration topic.", - "title": "Topic", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::DMS::Endpoint.KinesisSettings": { + "AWS::Config::ConfigRule.Compliance": { "additionalProperties": false, "properties": { - "IncludeControlDetails": { - "markdownDescription": "Shows detailed control information for table definition, column definition, and table and column changes in the Kinesis message output. The default is `false` .", - "title": "IncludeControlDetails", - "type": "boolean" - }, - "IncludeNullAndEmpty": { - "markdownDescription": "Include NULL and empty columns for records migrated to the endpoint. The default is `false` .", - "title": "IncludeNullAndEmpty", - "type": "boolean" - }, - "IncludePartitionValue": { - "markdownDescription": "Shows the partition value within the Kinesis message output, unless the partition type is `schema-table-type` . The default is `false` .", - "title": "IncludePartitionValue", - "type": "boolean" - }, - "IncludeTableAlterOperations": { - "markdownDescription": "Includes any data definition language (DDL) operations that change the table in the control data, such as `rename-table` , `drop-table` , `add-column` , `drop-column` , and `rename-column` . The default is `false` .", - "title": "IncludeTableAlterOperations", - "type": "boolean" - }, - "IncludeTransactionDetails": { - "markdownDescription": "Provides detailed transaction information from the source database. This information includes a commit timestamp, a log position, and values for `transaction_id` , previous `transaction_id` , and `transaction_record_id` (the record offset within a transaction). The default is `false` .", - "title": "IncludeTransactionDetails", - "type": "boolean" - }, - "MessageFormat": { - "markdownDescription": "The output format for the records created on the endpoint. The message format is `JSON` (default) or `JSON_UNFORMATTED` (a single line with no tab).", - "title": "MessageFormat", - "type": "string" - }, - "NoHexPrefix": { - "markdownDescription": "Set this optional parameter to `true` to avoid adding a '0x' prefix to raw data in hexadecimal format. For example, by default, AWS DMS adds a '0x' prefix to the LOB column type in hexadecimal format moving from an Oracle source to an Amazon Kinesis target. Use the `NoHexPrefix` endpoint setting to enable migration of RAW data type columns without adding the '0x' prefix.", - "title": "NoHexPrefix", - "type": "boolean" - }, - "PartitionIncludeSchemaTable": { - "markdownDescription": "Prefixes schema and table names to partition values, when the partition type is `primary-key-type` . Doing this increases data distribution among Kinesis shards. For example, suppose that a SysBench schema has thousands of tables and each table has only limited range for a primary key. In this case, the same primary key is sent from thousands of tables to the same shard, which causes throttling. The default is `false` .", - "title": "PartitionIncludeSchemaTable", - "type": "boolean" - }, - "ServiceAccessRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the IAM role that AWS DMS uses to write to the Kinesis data stream. The role must allow the `iam:PassRole` action.", - "title": "ServiceAccessRoleArn", - "type": "string" - }, - "StreamArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the Amazon Kinesis Data Streams endpoint.", - "title": "StreamArn", + "Type": { + "markdownDescription": "Indicates whether an AWS resource or AWS Config rule is compliant.\n\nA resource is compliant if it complies with all of the AWS Config rules that evaluate it. A resource is noncompliant if it does not comply with one or more of these rules.\n\nA rule is compliant if all of the resources that the rule evaluates comply with it. A rule is noncompliant if any of these resources do not comply.\n\nAWS Config returns the `INSUFFICIENT_DATA` value when no evaluation results are available for the AWS resource or AWS Config rule.\n\nFor the `Compliance` data type, AWS Config supports only `COMPLIANT` , `NON_COMPLIANT` , and `INSUFFICIENT_DATA` values. AWS Config does not support the `NOT_APPLICABLE` value for the `Compliance` data type.", + "title": "Type", "type": "string" } }, "type": "object" }, - "AWS::DMS::Endpoint.MicrosoftSqlServerSettings": { + "AWS::Config::ConfigRule.CustomPolicyDetails": { "additionalProperties": false, "properties": { - "BcpPacketSize": { - "markdownDescription": "The maximum size of the packets (in bytes) used to transfer data using BCP.", - "title": "BcpPacketSize", - "type": "number" - }, - "ControlTablesFileGroup": { - "markdownDescription": "Specifies a file group for the AWS DMS internal tables. When the replication task starts, all the internal AWS DMS control tables (awsdms_ apply_exception, awsdms_apply, awsdms_changes) are created for the specified file group.", - "title": "ControlTablesFileGroup", - "type": "string" - }, - "DatabaseName": { - "markdownDescription": "Database name for the endpoint.", - "title": "DatabaseName", - "type": "string" - }, - "ForceLobLookup": { - "markdownDescription": "Forces LOB lookup on inline LOB.", - "title": "ForceLobLookup", - "type": "boolean" - }, - "Password": { - "markdownDescription": "Endpoint connection password.", - "title": "Password", - "type": "string" - }, - "Port": { - "markdownDescription": "Endpoint TCP port.", - "title": "Port", - "type": "number" - }, - "QuerySingleAlwaysOnNode": { - "markdownDescription": "Cleans and recreates table metadata information on the replication instance when a mismatch occurs. An example is a situation where running an alter DDL statement on a table might result in different information about the table cached in the replication instance.", - "title": "QuerySingleAlwaysOnNode", - "type": "boolean" - }, - "ReadBackupOnly": { - "markdownDescription": "When this attribute is set to `Y` , AWS DMS only reads changes from transaction log backups and doesn't read from the active transaction log file during ongoing replication. Setting this parameter to `Y` enables you to control active transaction log file growth during full load and ongoing replication tasks. However, it can add some source latency to ongoing replication.", - "title": "ReadBackupOnly", + "EnableDebugLogDelivery": { + "markdownDescription": "The boolean expression for enabling debug logging for your AWS Config Custom Policy rule. The default value is `false` .", + "title": "EnableDebugLogDelivery", "type": "boolean" }, - "SafeguardPolicy": { - "markdownDescription": "Use this attribute to minimize the need to access the backup log and enable AWS DMS to prevent truncation using one of the following two methods.\n\n*Start transactions in the database:* This is the default method. When this method is used, AWS DMS prevents TLOG truncation by mimicking a transaction in the database. As long as such a transaction is open, changes that appear after the transaction started aren't truncated. If you need Microsoft Replication to be enabled in your database, then you must choose this method.\n\n*Exclusively use sp_repldone within a single task* : When this method is used, AWS DMS reads the changes and then uses sp_repldone to mark the TLOG transactions as ready for truncation. Although this method doesn't involve any transactional activities, it can only be used when Microsoft Replication isn't running. Also, when using this method, only one AWS DMS task can access the database at any given time. Therefore, if you need to run parallel AWS DMS tasks against the same database, use the default method.", - "title": "SafeguardPolicy", - "type": "string" - }, - "SecretsManagerAccessRoleArn": { - "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the SQL Server endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", - "title": "SecretsManagerAccessRoleArn", - "type": "string" - }, - "SecretsManagerSecretId": { - "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the MicrosoftSQLServer endpoint connection details.", - "title": "SecretsManagerSecretId", - "type": "string" - }, - "ServerName": { - "markdownDescription": "Fully qualified domain name of the endpoint. For an Amazon RDS SQL Server instance, this is the output of [DescribeDBInstances](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html) , in the `[Endpoint](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_Endpoint.html) .Address` field.", - "title": "ServerName", - "type": "string" - }, - "TlogAccessMode": { - "markdownDescription": "Indicates the mode used to fetch CDC data.", - "title": "TlogAccessMode", + "PolicyRuntime": { + "markdownDescription": "The runtime system for your AWS Config Custom Policy rule. Guard is a policy-as-code language that allows you to write policies that are enforced by AWS Config Custom Policy rules. For more information about Guard, see the [Guard GitHub Repository](https://docs.aws.amazon.com/https://github.com/aws-cloudformation/cloudformation-guard) .", + "title": "PolicyRuntime", "type": "string" }, - "TrimSpaceInChar": { - "markdownDescription": "Use the `TrimSpaceInChar` source endpoint setting to right-trim data on CHAR and NCHAR data types during migration. Setting `TrimSpaceInChar` does not left-trim data. The default value is `true` .", - "title": "TrimSpaceInChar", - "type": "boolean" - }, - "UseBcpFullLoad": { - "markdownDescription": "Use this to attribute to transfer data for full-load operations using BCP. When the target table contains an identity column that does not exist in the source table, you must disable the use BCP for loading table option.", - "title": "UseBcpFullLoad", - "type": "boolean" - }, - "UseThirdPartyBackupDevice": { - "markdownDescription": "When this attribute is set to `Y` , DMS processes third-party transaction log backups if they are created in native format.", - "title": "UseThirdPartyBackupDevice", - "type": "boolean" - }, - "Username": { - "markdownDescription": "Endpoint connection user name.", - "title": "Username", + "PolicyText": { + "markdownDescription": "The policy definition containing the logic for your AWS Config Custom Policy rule.", + "title": "PolicyText", "type": "string" } }, "type": "object" }, - "AWS::DMS::Endpoint.MongoDbSettings": { + "AWS::Config::ConfigRule.EvaluationModeConfiguration": { "additionalProperties": false, "properties": { - "AuthMechanism": { - "markdownDescription": "The authentication mechanism you use to access the MongoDB source endpoint.\n\nFor the default value, in MongoDB version 2.x, `\"default\"` is `\"mongodb_cr\"` . For MongoDB version 3.x or later, `\"default\"` is `\"scram_sha_1\"` . This setting isn't used when `AuthType` is set to `\"no\"` .", - "title": "AuthMechanism", - "type": "string" - }, - "AuthSource": { - "markdownDescription": "The MongoDB database name. This setting isn't used when `AuthType` is set to `\"no\"` .\n\nThe default is `\"admin\"` .", - "title": "AuthSource", - "type": "string" - }, - "AuthType": { - "markdownDescription": "The authentication type you use to access the MongoDB source endpoint.\n\nWhen set to `\"no\"` , user name and password parameters are not used and can be empty.", - "title": "AuthType", + "Mode": { + "markdownDescription": "The mode of an evaluation. The valid values are Detective or Proactive.", + "title": "Mode", "type": "string" - }, - "DatabaseName": { - "markdownDescription": "The database name on the MongoDB source endpoint.", - "title": "DatabaseName", + } + }, + "type": "object" + }, + "AWS::Config::ConfigRule.Scope": { + "additionalProperties": false, + "properties": { + "ComplianceResourceId": { + "markdownDescription": "The ID of the only AWS resource that you want to trigger an evaluation for the rule. If you specify a resource ID, you must specify one resource type for `ComplianceResourceTypes` .", + "title": "ComplianceResourceId", "type": "string" }, - "DocsToInvestigate": { - "markdownDescription": "Indicates the number of documents to preview to determine the document organization. Use this setting when `NestingLevel` is set to `\"one\"` .\n\nMust be a positive value greater than `0` . Default value is `1000` .", - "title": "DocsToInvestigate", - "type": "string" + "ComplianceResourceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The resource types of only those AWS resources that you want to trigger an evaluation for the rule. You can only specify one type if you also specify a resource ID for `ComplianceResourceId` .", + "title": "ComplianceResourceTypes", + "type": "array" }, - "ExtractDocId": { - "markdownDescription": "Specifies the document ID. Use this setting when `NestingLevel` is set to `\"none\"` .\n\nDefault value is `\"false\"` .", - "title": "ExtractDocId", + "TagKey": { + "markdownDescription": "The tag key that is applied to only those AWS resources that you want to trigger an evaluation for the rule.", + "title": "TagKey", "type": "string" }, - "NestingLevel": { - "markdownDescription": "Specifies either document or table mode.\n\nDefault value is `\"none\"` . Specify `\"none\"` to use document mode. Specify `\"one\"` to use table mode.", - "title": "NestingLevel", + "TagValue": { + "markdownDescription": "The tag value applied to only those AWS resources that you want to trigger an evaluation for the rule. If you specify a value for `TagValue` , you must also specify a value for `TagKey` .", + "title": "TagValue", "type": "string" + } + }, + "type": "object" + }, + "AWS::Config::ConfigRule.Source": { + "additionalProperties": false, + "properties": { + "CustomPolicyDetails": { + "$ref": "#/definitions/AWS::Config::ConfigRule.CustomPolicyDetails", + "markdownDescription": "Provides the runtime system, policy definition, and whether debug logging is enabled. Required when owner is set to `CUSTOM_POLICY` .", + "title": "CustomPolicyDetails" }, - "Password": { - "markdownDescription": "The password for the user account you use to access the MongoDB source endpoint.", - "title": "Password", + "Owner": { + "markdownDescription": "Indicates whether AWS or the customer owns and manages the AWS Config rule.\n\nAWS Config Managed Rules are predefined rules owned by AWS . For more information, see [AWS Config Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html) in the *AWS Config developer guide* .\n\nAWS Config Custom Rules are rules that you can develop either with Guard ( `CUSTOM_POLICY` ) or AWS Lambda ( `CUSTOM_LAMBDA` ). For more information, see [AWS Config Custom Rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_develop-rules.html) in the *AWS Config developer guide* .", + "title": "Owner", "type": "string" }, - "Port": { - "markdownDescription": "The port value for the MongoDB source endpoint.", - "title": "Port", - "type": "number" + "SourceDetails": { + "items": { + "$ref": "#/definitions/AWS::Config::ConfigRule.SourceDetail" + }, + "markdownDescription": "Provides the source and the message types that cause AWS Config to evaluate your AWS resources against a rule. It also provides the frequency with which you want AWS Config to run evaluations for the rule if the trigger type is periodic.\n\nIf the owner is set to `CUSTOM_POLICY` , the only acceptable values for the AWS Config rule trigger message type are `ConfigurationItemChangeNotification` and `OversizedConfigurationItemChangeNotification` .", + "title": "SourceDetails", + "type": "array" }, - "SecretsManagerAccessRoleArn": { - "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the MongoDB endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", - "title": "SecretsManagerAccessRoleArn", + "SourceIdentifier": { + "markdownDescription": "For AWS Config Managed rules, a predefined identifier from a list. For example, `IAM_PASSWORD_POLICY` is a managed rule. To reference a managed rule, see [List of AWS Config Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/managed-rules-by-aws-config.html) .\n\nFor AWS Config Custom Lambda rules, the identifier is the Amazon Resource Name (ARN) of the rule's AWS Lambda function, such as `arn:aws:lambda:us-east-2:123456789012:function:custom_rule_name` .\n\nFor AWS Config Custom Policy rules, this field will be ignored.", + "title": "SourceIdentifier", "type": "string" - }, - "SecretsManagerSecretId": { - "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the MongoDB endpoint connection details.", - "title": "SecretsManagerSecretId", + } + }, + "required": [ + "Owner" + ], + "type": "object" + }, + "AWS::Config::ConfigRule.SourceDetail": { + "additionalProperties": false, + "properties": { + "EventSource": { + "markdownDescription": "The source of the event, such as an AWS service, that triggers AWS Config to evaluate your AWS resources.", + "title": "EventSource", "type": "string" }, - "ServerName": { - "markdownDescription": "The name of the server on the MongoDB source endpoint.", - "title": "ServerName", + "MaximumExecutionFrequency": { + "markdownDescription": "The frequency at which you want AWS Config to run evaluations for a custom rule with a periodic trigger. If you specify a value for `MaximumExecutionFrequency` , then `MessageType` must use the `ScheduledNotification` value.\n\n> By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the `MaximumExecutionFrequency` parameter.\n> \n> Based on the valid value you choose, AWS Config runs evaluations once for each valid value. For example, if you choose `Three_Hours` , AWS Config runs evaluations once every three hours. In this case, `Three_Hours` is the frequency of this rule.", + "title": "MaximumExecutionFrequency", "type": "string" }, - "Username": { - "markdownDescription": "The user name you use to access the MongoDB source endpoint.", - "title": "Username", + "MessageType": { + "markdownDescription": "The type of notification that triggers AWS Config to run an evaluation for a rule. You can specify the following notification types:\n\n- `ConfigurationItemChangeNotification` - Triggers an evaluation when AWS Config delivers a configuration item as a result of a resource change.\n- `OversizedConfigurationItemChangeNotification` - Triggers an evaluation when AWS Config delivers an oversized configuration item. AWS Config may generate this notification type when a resource changes and the notification exceeds the maximum size allowed by Amazon SNS.\n- `ScheduledNotification` - Triggers a periodic evaluation at the frequency specified for `MaximumExecutionFrequency` .\n- `ConfigurationSnapshotDeliveryCompleted` - Triggers a periodic evaluation when AWS Config delivers a configuration snapshot.\n\nIf you want your custom rule to be triggered by configuration changes, specify two SourceDetail objects, one for `ConfigurationItemChangeNotification` and one for `OversizedConfigurationItemChangeNotification` .", + "title": "MessageType", "type": "string" } }, + "required": [ + "EventSource", + "MessageType" + ], "type": "object" }, - "AWS::DMS::Endpoint.MySqlSettings": { + "AWS::Config::ConfigurationAggregator": { "additionalProperties": false, "properties": { - "AfterConnectScript": { - "markdownDescription": "Specifies a script to run immediately after AWS DMS connects to the endpoint. The migration task continues running regardless if the SQL statement succeeds or fails.\n\nFor this parameter, provide the code of the script itself, not the name of a file containing the script.", - "title": "AfterConnectScript", + "Condition": { "type": "string" }, - "CleanSourceMetadataOnMismatch": { - "markdownDescription": "Cleans and recreates table metadata information on the replication instance when a mismatch occurs. For example, in a situation where running an alter DDL on the table could result in different information about the table cached in the replication instance.", - "title": "CleanSourceMetadataOnMismatch", - "type": "boolean" - }, - "EventsPollInterval": { - "markdownDescription": "Specifies how often to check the binary log for new changes/events when the database is idle. The default is five seconds.\n\nExample: `eventsPollInterval=5;`\n\nIn the example, AWS DMS checks for changes in the binary logs every five seconds.", - "title": "EventsPollInterval", - "type": "number" - }, - "MaxFileSize": { - "markdownDescription": "Specifies the maximum size (in KB) of any .csv file used to transfer data to a MySQL-compatible database.\n\nExample: `maxFileSize=512`", - "title": "MaxFileSize", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ParallelLoadThreads": { - "markdownDescription": "Improves performance when loading data into the MySQL-compatible target database. Specifies how many threads to use to load the data into the MySQL-compatible target database. Setting a large number of threads can have an adverse effect on database performance, because a separate connection is required for each thread. The default is one.\n\nExample: `parallelLoadThreads=1`", - "title": "ParallelLoadThreads", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SecretsManagerAccessRoleArn": { - "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the MySQL endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", - "title": "SecretsManagerAccessRoleArn", - "type": "string" + "Metadata": { + "type": "object" }, - "SecretsManagerSecretId": { - "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the MySQL endpoint connection details.", - "title": "SecretsManagerSecretId", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "AccountAggregationSources": { + "items": { + "$ref": "#/definitions/AWS::Config::ConfigurationAggregator.AccountAggregationSource" + }, + "markdownDescription": "Provides a list of source accounts and regions to be aggregated.", + "title": "AccountAggregationSources", + "type": "array" + }, + "ConfigurationAggregatorName": { + "markdownDescription": "The name of the aggregator.", + "title": "ConfigurationAggregatorName", + "type": "string" + }, + "OrganizationAggregationSource": { + "$ref": "#/definitions/AWS::Config::ConfigurationAggregator.OrganizationAggregationSource", + "markdownDescription": "Provides an organization and list of regions to be aggregated.", + "title": "OrganizationAggregationSource" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of tag object.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" }, - "ServerTimezone": { - "markdownDescription": "Specifies the time zone for the source MySQL database.\n\nExample: `serverTimezone=US/Pacific;`\n\nNote: Do not enclose time zones in single quotes.", - "title": "ServerTimezone", + "Type": { + "enum": [ + "AWS::Config::ConfigurationAggregator" + ], "type": "string" }, - "TargetDbType": { - "markdownDescription": "Specifies where to migrate source tables on the target, either to a single database or multiple databases. If you specify `SPECIFIC_DATABASE` , specify the database name using the `DatabaseName` parameter of the `Endpoint` object.\n\nExample: `targetDbType=MULTIPLE_DATABASES`", - "title": "TargetDbType", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::DMS::Endpoint.NeptuneSettings": { + "AWS::Config::ConfigurationAggregator.AccountAggregationSource": { "additionalProperties": false, "properties": { - "ErrorRetryDuration": { - "markdownDescription": "The number of milliseconds for AWS DMS to wait to retry a bulk-load of migrated graph data to the Neptune target database before raising an error. The default is 250.", - "title": "ErrorRetryDuration", - "type": "number" + "AccountIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The 12-digit account ID of the account being aggregated.", + "title": "AccountIds", + "type": "array" }, - "IamAuthEnabled": { - "markdownDescription": "If you want IAM authorization enabled for this endpoint, set this parameter to `true` . Then attach the appropriate IAM policy document to your service role specified by `ServiceAccessRoleArn` . The default is `false` .", - "title": "IamAuthEnabled", + "AllAwsRegions": { + "markdownDescription": "If true, aggregate existing AWS Config regions and future regions.", + "title": "AllAwsRegions", "type": "boolean" }, - "MaxFileSize": { - "markdownDescription": "The maximum size in kilobytes of migrated graph data stored in a .csv file before AWS DMS bulk-loads the data to the Neptune target database. The default is 1,048,576 KB. If the bulk load is successful, AWS DMS clears the bucket, ready to store the next batch of migrated graph data.", - "title": "MaxFileSize", - "type": "number" - }, - "MaxRetryCount": { - "markdownDescription": "The number of times for AWS DMS to retry a bulk load of migrated graph data to the Neptune target database before raising an error. The default is 5.", - "title": "MaxRetryCount", - "type": "number" - }, - "S3BucketFolder": { - "markdownDescription": "A folder path where you want AWS DMS to store migrated graph data in the S3 bucket specified by `S3BucketName`", - "title": "S3BucketFolder", - "type": "string" - }, - "S3BucketName": { - "markdownDescription": "The name of the Amazon S3 bucket where AWS DMS can temporarily store migrated graph data in .csv files before bulk-loading it to the Neptune target database. AWS DMS maps the SQL source data to graph data before storing it in these .csv files.", - "title": "S3BucketName", - "type": "string" - }, - "ServiceAccessRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the service role that you created for the Neptune target endpoint. The role must allow the `iam:PassRole` action.\n\nFor more information, see [Creating an IAM Service Role for Accessing Amazon Neptune as a Target](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Neptune.html#CHAP_Target.Neptune.ServiceRole) in the *AWS Database Migration Service User Guide* .", - "title": "ServiceAccessRoleArn", - "type": "string" + "AwsRegions": { + "items": { + "type": "string" + }, + "markdownDescription": "The source regions being aggregated.", + "title": "AwsRegions", + "type": "array" } }, + "required": [ + "AccountIds" + ], "type": "object" }, - "AWS::DMS::Endpoint.OracleSettings": { + "AWS::Config::ConfigurationAggregator.OrganizationAggregationSource": { "additionalProperties": false, "properties": { - "AccessAlternateDirectly": { - "markdownDescription": "Set this attribute to `false` in order to use the Binary Reader to capture change data for an Amazon RDS for Oracle as the source. This tells the DMS instance to not access redo logs through any specified path prefix replacement using direct file access.", - "title": "AccessAlternateDirectly", - "type": "boolean" - }, - "AddSupplementalLogging": { - "markdownDescription": "Set this attribute to set up table-level supplemental logging for the Oracle database. This attribute enables PRIMARY KEY supplemental logging on all tables selected for a migration task.\n\nIf you use this option, you still need to enable database-level supplemental logging.", - "title": "AddSupplementalLogging", - "type": "boolean" - }, - "AdditionalArchivedLogDestId": { - "markdownDescription": "Set this attribute with `ArchivedLogDestId` in a primary/ standby setup. This attribute is useful in the case of a switchover. In this case, AWS DMS needs to know which destination to get archive redo logs from to read changes. This need arises because the previous primary instance is now a standby instance after switchover.\n\nAlthough AWS DMS supports the use of the Oracle `RESETLOGS` option to open the database, never use `RESETLOGS` unless necessary. For additional information about `RESETLOGS` , see [RMAN Data Repair Concepts](https://docs.aws.amazon.com/https://docs.oracle.com/en/database/oracle/oracle-database/19/bradv/rman-data-repair-concepts.html#GUID-1805CCF7-4AF2-482D-B65A-998192F89C2B) in the *Oracle Database Backup and Recovery User's Guide* .", - "title": "AdditionalArchivedLogDestId", - "type": "number" - }, - "AllowSelectNestedTables": { - "markdownDescription": "Set this attribute to `true` to enable replication of Oracle tables containing columns that are nested tables or defined types.", - "title": "AllowSelectNestedTables", - "type": "boolean" - }, - "ArchivedLogDestId": { - "markdownDescription": "Specifies the ID of the destination for the archived redo logs. This value should be the same as a number in the dest_id column of the v$archived_log view. If you work with an additional redo log destination, use the `AdditionalArchivedLogDestId` option to specify the additional destination ID. Doing this improves performance by ensuring that the correct logs are accessed from the outset.", - "title": "ArchivedLogDestId", - "type": "number" - }, - "ArchivedLogsOnly": { - "markdownDescription": "When this field is set to `True` , AWS DMS only accesses the archived redo logs. If the archived redo logs are stored on Automatic Storage Management (ASM) only, the AWS DMS user account needs to be granted ASM privileges.", - "title": "ArchivedLogsOnly", - "type": "boolean" - }, - "AsmPassword": { - "markdownDescription": "For an Oracle source endpoint, your Oracle Automatic Storage Management (ASM) password. You can set this value from the `*asm_user_password*` value. You set this value as part of the comma-separated value that you set to the `Password` request parameter when you create the endpoint to access transaction logs using Binary Reader. For more information, see [Configuration for change data capture (CDC) on an Oracle source database](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.CDC.Configuration) .", - "title": "AsmPassword", - "type": "string" - }, - "AsmServer": { - "markdownDescription": "For an Oracle source endpoint, your ASM server address. You can set this value from the `asm_server` value. You set `asm_server` as part of the extra connection attribute string to access an Oracle server with Binary Reader that uses ASM. For more information, see [Configuration for change data capture (CDC) on an Oracle source database](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.CDC.Configuration) .", - "title": "AsmServer", - "type": "string" - }, - "AsmUser": { - "markdownDescription": "For an Oracle source endpoint, your ASM user name. You can set this value from the `asm_user` value. You set `asm_user` as part of the extra connection attribute string to access an Oracle server with Binary Reader that uses ASM. For more information, see [Configuration for change data capture (CDC) on an Oracle source database](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.CDC.Configuration) .", - "title": "AsmUser", - "type": "string" - }, - "CharLengthSemantics": { - "markdownDescription": "Specifies whether the length of a character column is in bytes or in characters. To indicate that the character column length is in characters, set this attribute to `CHAR` . Otherwise, the character column length is in bytes.\n\nExample: `charLengthSemantics=CHAR;`", - "title": "CharLengthSemantics", - "type": "string" - }, - "DirectPathNoLog": { - "markdownDescription": "When set to `true` , this attribute helps to increase the commit rate on the Oracle target database by writing directly to tables and not writing a trail to database logs.", - "title": "DirectPathNoLog", - "type": "boolean" - }, - "DirectPathParallelLoad": { - "markdownDescription": "When set to `true` , this attribute specifies a parallel load when `useDirectPathFullLoad` is set to `Y` . This attribute also only applies when you use the AWS DMS parallel load feature. Note that the target table cannot have any constraints or indexes.", - "title": "DirectPathParallelLoad", - "type": "boolean" - }, - "EnableHomogenousTablespace": { - "markdownDescription": "Set this attribute to enable homogenous tablespace replication and create existing tables or indexes under the same tablespace on the target.", - "title": "EnableHomogenousTablespace", + "AllAwsRegions": { + "markdownDescription": "If true, aggregate existing AWS Config regions and future regions.", + "title": "AllAwsRegions", "type": "boolean" }, - "ExtraArchivedLogDestIds": { + "AwsRegions": { "items": { - "type": "number" + "type": "string" }, - "markdownDescription": "Specifies the IDs of one more destinations for one or more archived redo logs. These IDs are the values of the `dest_id` column in the `v$archived_log` view. Use this setting with the `archivedLogDestId` extra connection attribute in a primary-to-single setup or a primary-to-multiple-standby setup.\n\nThis setting is useful in a switchover when you use an Oracle Data Guard database as a source. In this case, AWS DMS needs information about what destination to get archive redo logs from to read changes. AWS DMS needs this because after the switchover the previous primary is a standby instance. For example, in a primary-to-single standby setup you might apply the following settings.\n\n`archivedLogDestId=1; ExtraArchivedLogDestIds=[2]`\n\nIn a primary-to-multiple-standby setup, you might apply the following settings.\n\n`archivedLogDestId=1; ExtraArchivedLogDestIds=[2,3,4]`\n\nAlthough AWS DMS supports the use of the Oracle `RESETLOGS` option to open the database, never use `RESETLOGS` unless it's necessary. For more information about `RESETLOGS` , see [RMAN Data Repair Concepts](https://docs.aws.amazon.com/https://docs.oracle.com/en/database/oracle/oracle-database/19/bradv/rman-data-repair-concepts.html#GUID-1805CCF7-4AF2-482D-B65A-998192F89C2B) in the *Oracle Database Backup and Recovery User's Guide* .", - "title": "ExtraArchivedLogDestIds", + "markdownDescription": "The source regions being aggregated.", + "title": "AwsRegions", "type": "array" }, - "FailTasksOnLobTruncation": { - "markdownDescription": "When set to `true` , this attribute causes a task to fail if the actual size of an LOB column is greater than the specified `LobMaxSize` .\n\nIf a task is set to limited LOB mode and this option is set to `true` , the task fails instead of truncating the LOB data.", - "title": "FailTasksOnLobTruncation", - "type": "boolean" - }, - "NumberDatatypeScale": { - "markdownDescription": "Specifies the number scale. You can select a scale up to 38, or you can select FLOAT. By default, the NUMBER data type is converted to precision 38, scale 10.\n\nExample: `numberDataTypeScale=12`", - "title": "NumberDatatypeScale", - "type": "number" - }, - "OraclePathPrefix": { - "markdownDescription": "Set this string attribute to the required value in order to use the Binary Reader to capture change data for an Amazon RDS for Oracle as the source. This value specifies the default Oracle root used to access the redo logs.", - "title": "OraclePathPrefix", - "type": "string" - }, - "ParallelAsmReadThreads": { - "markdownDescription": "Set this attribute to change the number of threads that DMS configures to perform a change data capture (CDC) load using Oracle Automatic Storage Management (ASM). You can specify an integer value between 2 (the default) and 8 (the maximum). Use this attribute together with the `readAheadBlocks` attribute.", - "title": "ParallelAsmReadThreads", - "type": "number" - }, - "ReadAheadBlocks": { - "markdownDescription": "Set this attribute to change the number of read-ahead blocks that DMS configures to perform a change data capture (CDC) load using Oracle Automatic Storage Management (ASM). You can specify an integer value between 1000 (the default) and 200,000 (the maximum).", - "title": "ReadAheadBlocks", - "type": "number" - }, - "ReadTableSpaceName": { - "markdownDescription": "When set to `true` , this attribute supports tablespace replication.", - "title": "ReadTableSpaceName", - "type": "boolean" - }, - "ReplacePathPrefix": { - "markdownDescription": "Set this attribute to true in order to use the Binary Reader to capture change data for an Amazon RDS for Oracle as the source. This setting tells DMS instance to replace the default Oracle root with the specified `usePathPrefix` setting to access the redo logs.", - "title": "ReplacePathPrefix", - "type": "boolean" - }, - "RetryInterval": { - "markdownDescription": "Specifies the number of seconds that the system waits before resending a query.\n\nExample: `retryInterval=6;`", - "title": "RetryInterval", - "type": "number" - }, - "SecretsManagerAccessRoleArn": { - "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the Oracle endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", - "title": "SecretsManagerAccessRoleArn", + "RoleArn": { + "markdownDescription": "ARN of the IAM role used to retrieve AWS Organizations details associated with the aggregator account.", + "title": "RoleArn", "type": "string" - }, - "SecretsManagerOracleAsmAccessRoleArn": { - "markdownDescription": "Required only if your Oracle endpoint uses Advanced Storage Manager (ASM). The full ARN of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the `SecretsManagerOracleAsmSecret` . This `SecretsManagerOracleAsmSecret` has the secret value that allows access to the Oracle ASM of the endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerOracleAsmSecretId` . Or you can specify clear-text values for `AsmUser` , `AsmPassword` , and `AsmServerName` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerOracleAsmSecret` , the corresponding `SecretsManagerOracleAsmAccessRoleArn` , and the `SecretsManagerOracleAsmSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", - "title": "SecretsManagerOracleAsmAccessRoleArn", + } + }, + "required": [ + "RoleArn" + ], + "type": "object" + }, + "AWS::Config::ConfigurationRecorder": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "SecretsManagerOracleAsmSecretId": { - "markdownDescription": "Required only if your Oracle endpoint uses Advanced Storage Manager (ASM). The full ARN, partial ARN, or display name of the `SecretsManagerOracleAsmSecret` that contains the Oracle ASM connection details for the Oracle endpoint.", - "title": "SecretsManagerOracleAsmSecretId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SecretsManagerSecretId": { - "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the Oracle endpoint connection details.", - "title": "SecretsManagerSecretId", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SecurityDbEncryption": { - "markdownDescription": "For an Oracle source endpoint, the transparent data encryption (TDE) password required by AWM DMS to access Oracle redo logs encrypted by TDE using Binary Reader. It is also the `*TDE_Password*` part of the comma-separated value you set to the `Password` request parameter when you create the endpoint. The `SecurityDbEncryptian` setting is related to this `SecurityDbEncryptionName` setting. For more information, see [Supported encryption methods for using Oracle as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.Encryption) in the *AWS Database Migration Service User Guide* .", - "title": "SecurityDbEncryption", - "type": "string" + "Metadata": { + "type": "object" }, - "SecurityDbEncryptionName": { - "markdownDescription": "For an Oracle source endpoint, the name of a key used for the transparent data encryption (TDE) of the columns and tablespaces in an Oracle source database that is encrypted using TDE. The key value is the value of the `SecurityDbEncryption` setting. For more information on setting the key name value of `SecurityDbEncryptionName` , see the information and example for setting the `securityDbEncryptionName` extra connection attribute in [Supported encryption methods for using Oracle as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.Encryption) in the *AWS Database Migration Service User Guide* .", - "title": "SecurityDbEncryptionName", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the configuration recorder. AWS Config automatically assigns the name of \"default\" when creating the configuration recorder.\n\nYou cannot change the name of the configuration recorder after it has been created. To change the configuration recorder name, you must delete it and create a new configuration recorder with a new name.", + "title": "Name", + "type": "string" + }, + "RecordingGroup": { + "$ref": "#/definitions/AWS::Config::ConfigurationRecorder.RecordingGroup", + "markdownDescription": "Specifies which resource types AWS Config records for configuration changes.\n\n> *High Number of AWS Config Evaluations*\n> \n> You may notice increased activity in your account during your initial month recording with AWS Config when compared to subsequent months. During the initial bootstrapping process, AWS Config runs evaluations on all the resources in your account that you have selected for AWS Config to record.\n> \n> If you are running ephemeral workloads, you may see increased activity from AWS Config as it records configuration changes associated with creating and deleting these temporary resources. An *ephemeral workload* is a temporary use of computing resources that are loaded and run when needed. Examples include Amazon Elastic Compute Cloud ( Amazon EC2 ) Spot Instances, Amazon EMR jobs, and AWS Auto Scaling . If you want to avoid the increased activity from running ephemeral workloads, you can run these types of workloads in a separate account with AWS Config turned off to avoid increased configuration recording and rule evaluations.", + "title": "RecordingGroup" + }, + "RecordingMode": { + "$ref": "#/definitions/AWS::Config::ConfigurationRecorder.RecordingMode", + "markdownDescription": "Specifies the default recording frequency for the configuration recorder. AWS Config supports *Continuous recording* and *Daily recording* .\n\n- Continuous recording allows you to record configuration changes continuously whenever a change occurs.\n- Daily recording allows you to receive a configuration item (CI) representing the most recent state of your resources over the last 24-hour period, only if it\u2019s different from the previous CI recorded.\n\n> *Some resource types require continuous recording*\n> \n> AWS Firewall Manager depends on continuous recording to monitor your resources. If you are using Firewall Manager, it is recommended that you set the recording frequency to Continuous. \n\nYou can also override the recording frequency for specific resource types.", + "title": "RecordingMode" + }, + "RoleARN": { + "markdownDescription": "Amazon Resource Name (ARN) of the IAM role assumed by AWS Config and used by the configuration recorder. For more information, see [Permissions for the IAM Role Assigned](https://docs.aws.amazon.com/config/latest/developerguide/iamrole-permissions.html) to AWS Config in the AWS Config Developer Guide.\n\n> *Pre-existing AWS Config role*\n> \n> If you have used an AWS service that uses AWS Config , such as AWS Security Hub or AWS Control Tower , and an AWS Config role has already been created, make sure that the IAM role that you use when setting up AWS Config keeps the same minimum permissions as the already created AWS Config role. You must do this so that the other AWS service continues to run as expected.\n> \n> For example, if AWS Control Tower has an IAM role that allows AWS Config to read Amazon Simple Storage Service ( Amazon S3 ) objects, make sure that the same permissions are granted within the IAM role you use when setting up AWS Config . Otherwise, it may interfere with how AWS Control Tower operates. For more information about IAM roles for AWS Config , see [*Identity and Access Management for AWS Config*](https://docs.aws.amazon.com/config/latest/developerguide/security-iam.html) in the *AWS Config Developer Guide* .", + "title": "RoleARN", + "type": "string" + } + }, + "required": [ + "RoleARN" + ], + "type": "object" }, - "SpatialDataOptionToGeoJsonFunctionName": { - "markdownDescription": "Use this attribute to convert `SDO_GEOMETRY` to `GEOJSON` format. By default, DMS calls the `SDO2GEOJSON` custom function if present and accessible. Or you can create your own custom function that mimics the operation of `SDOGEOJSON` and set `SpatialDataOptionToGeoJsonFunctionName` to call it instead.", - "title": "SpatialDataOptionToGeoJsonFunctionName", + "Type": { + "enum": [ + "AWS::Config::ConfigurationRecorder" + ], "type": "string" }, - "StandbyDelayTime": { - "markdownDescription": "Use this attribute to specify a time in minutes for the delay in standby sync. If the source is an Oracle Active Data Guard standby database, use this attribute to specify the time lag between primary and standby databases.\n\nIn AWS DMS , you can create an Oracle CDC task that uses an Active Data Guard standby instance as a source for replicating ongoing changes. Doing this eliminates the need to connect to an active database that might be in production.", - "title": "StandbyDelayTime", - "type": "number" - }, - "UseAlternateFolderForOnline": { - "markdownDescription": "Set this attribute to `true` in order to use the Binary Reader to capture change data for an Amazon RDS for Oracle as the source. This tells the DMS instance to use any specified prefix replacement to access all online redo logs.", - "title": "UseAlternateFolderForOnline", - "type": "boolean" - }, - "UseBFile": { - "markdownDescription": "Set this attribute to True to capture change data using the Binary Reader utility. Set `UseLogminerReader` to False to set this attribute to True. To use Binary Reader with Amazon RDS for Oracle as the source, you set additional attributes. For more information about using this setting with Oracle Automatic Storage Management (ASM), see [Using Oracle LogMiner or AWS DMS Binary Reader for CDC](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.CDC) .", - "title": "UseBFile", - "type": "boolean" - }, - "UseDirectPathFullLoad": { - "markdownDescription": "Set this attribute to True to have AWS DMS use a direct path full load. Specify this value to use the direct path protocol in the Oracle Call Interface (OCI). By using this OCI protocol, you can bulk-load Oracle target tables during a full load.", - "title": "UseDirectPathFullLoad", - "type": "boolean" - }, - "UseLogminerReader": { - "markdownDescription": "Set this attribute to True to capture change data using the Oracle LogMiner utility (the default). Set this attribute to False if you want to access the redo logs as a binary file. When you set `UseLogminerReader` to False, also set `UseBfile` to True. For more information on this setting and using Oracle ASM, see [Using Oracle LogMiner or AWS DMS Binary Reader for CDC](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.CDC) in the *AWS DMS User Guide* .", - "title": "UseLogminerReader", - "type": "boolean" - }, - "UsePathPrefix": { - "markdownDescription": "Set this string attribute to the required value in order to use the Binary Reader to capture change data for an Amazon RDS for Oracle as the source. This value specifies the path prefix used to replace the default Oracle root to access the redo logs.", - "title": "UsePathPrefix", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::DMS::Endpoint.PostgreSqlSettings": { + "AWS::Config::ConfigurationRecorder.ExclusionByResourceTypes": { "additionalProperties": false, "properties": { - "AfterConnectScript": { - "markdownDescription": "For use with change data capture (CDC) only, this attribute has AWS DMS bypass foreign keys and user triggers to reduce the time it takes to bulk load data.\n\nExample: `afterConnectScript=SET session_replication_role='replica'`", - "title": "AfterConnectScript", - "type": "string" - }, - "BabelfishDatabaseName": { - "markdownDescription": "The Babelfish for Aurora PostgreSQL database name for the endpoint.", - "title": "BabelfishDatabaseName", - "type": "string" - }, - "CaptureDdls": { - "markdownDescription": "To capture DDL events, AWS DMS creates various artifacts in the PostgreSQL database when the task starts. You can later remove these artifacts.\n\nIf this value is set to `True` , you don't have to create tables or triggers on the source database.", - "title": "CaptureDdls", - "type": "boolean" - }, - "DatabaseMode": { - "markdownDescription": "Specifies the default behavior of the replication's handling of PostgreSQL- compatible endpoints that require some additional configuration, such as Babelfish endpoints.", - "title": "DatabaseMode", - "type": "string" - }, - "DdlArtifactsSchema": { - "markdownDescription": "The schema in which the operational DDL database artifacts are created.\n\nThe default value is `public` .\n\nExample: `ddlArtifactsSchema=xyzddlschema;`", - "title": "DdlArtifactsSchema", - "type": "string" - }, - "ExecuteTimeout": { - "markdownDescription": "Sets the client statement timeout for the PostgreSQL instance, in seconds. The default value is 60 seconds.\n\nExample: `executeTimeout=100;`", - "title": "ExecuteTimeout", - "type": "number" - }, - "FailTasksOnLobTruncation": { - "markdownDescription": "When set to `true` , this value causes a task to fail if the actual size of a LOB column is greater than the specified `LobMaxSize` .\n\nThe default value is `false` .\n\nIf task is set to Limited LOB mode and this option is set to true, the task fails instead of truncating the LOB data.", - "title": "FailTasksOnLobTruncation", - "type": "boolean" - }, - "HeartbeatEnable": { - "markdownDescription": "The write-ahead log (WAL) heartbeat feature mimics a dummy transaction. By doing this, it prevents idle logical replication slots from holding onto old WAL logs, which can result in storage full situations on the source. This heartbeat keeps `restart_lsn` moving and prevents storage full scenarios.\n\nThe default value is `false` .", - "title": "HeartbeatEnable", + "ResourceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "A comma-separated list of resource types to exclude from recording by the configuration recorder.", + "title": "ResourceTypes", + "type": "array" + } + }, + "required": [ + "ResourceTypes" + ], + "type": "object" + }, + "AWS::Config::ConfigurationRecorder.RecordingGroup": { + "additionalProperties": false, + "properties": { + "AllSupported": { + "markdownDescription": "Specifies whether AWS Config records configuration changes for all supported resource types, excluding the global IAM resource types.\n\nIf you set this field to `true` , when AWS Config adds support for a new resource type, AWS Config starts recording resources of that type automatically.\n\nIf you set this field to `true` , you cannot enumerate specific resource types to record in the `resourceTypes` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) , or to exclude in the `resourceTypes` field of [ExclusionByResourceTypes](https://docs.aws.amazon.com/config/latest/APIReference/API_ExclusionByResourceTypes.html) .\n\n> *Region availability*\n> \n> Check [Resource Coverage by Region Availability](https://docs.aws.amazon.com/config/latest/developerguide/what-is-resource-config-coverage.html) to see if a resource type is supported in the AWS Region where you set up AWS Config .", + "title": "AllSupported", "type": "boolean" }, - "HeartbeatFrequency": { - "markdownDescription": "Sets the WAL heartbeat frequency (in minutes).\n\nThe default value is 5 minutes.", - "title": "HeartbeatFrequency", - "type": "number" - }, - "HeartbeatSchema": { - "markdownDescription": "Sets the schema in which the heartbeat artifacts are created.\n\nThe default value is `public` .", - "title": "HeartbeatSchema", - "type": "string" + "ExclusionByResourceTypes": { + "$ref": "#/definitions/AWS::Config::ConfigurationRecorder.ExclusionByResourceTypes", + "markdownDescription": "An object that specifies how AWS Config excludes resource types from being recorded by the configuration recorder.\n\nTo use this option, you must set the `useOnly` field of [AWS::Config::ConfigurationRecorder RecordingStrategy](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-config-configurationrecorder-recordingstrategy.html) to `EXCLUSION_BY_RESOURCE_TYPES` .", + "title": "ExclusionByResourceTypes" }, - "MapBooleanAsBoolean": { - "markdownDescription": "When true, lets PostgreSQL migrate the boolean type as boolean. By default, PostgreSQL migrates booleans as `varchar(5)` . You must set this setting on both the source and target endpoints for it to take effect.\n\nThe default value is `false` .", - "title": "MapBooleanAsBoolean", + "IncludeGlobalResourceTypes": { + "markdownDescription": "This option is a bundle which only applies to the global IAM resource types: IAM users, groups, roles, and customer managed policies. These global IAM resource types can only be recorded by AWS Config in Regions where AWS Config was available before February 2022. You cannot be record the global IAM resouce types in Regions supported by AWS Config after February 2022. This list where you cannot record the global IAM resource types includes the following Regions:\n\n- Asia Pacific (Hyderabad)\n- Asia Pacific (Melbourne)\n- Canada West (Calgary)\n- Europe (Spain)\n- Europe (Zurich)\n- Israel (Tel Aviv)\n- Middle East (UAE)\n\n> *Aurora global clusters are recorded in all enabled Regions*\n> \n> The `AWS::RDS::GlobalCluster` resource type will be recorded in all supported AWS Config Regions where the configuration recorder is enabled, even if `IncludeGlobalResourceTypes` is set to `false` . The `IncludeGlobalResourceTypes` option is a bundle which only applies to IAM users, groups, roles, and customer managed policies.\n> \n> If you do not want to record `AWS::RDS::GlobalCluster` in all enabled Regions, use one of the following recording strategies:\n> \n> - *Record all current and future resource types with exclusions* ( `EXCLUSION_BY_RESOURCE_TYPES` ), or\n> - *Record specific resource types* ( `INCLUSION_BY_RESOURCE_TYPES` ).\n> \n> For more information, see [Selecting Which Resources are Recorded](https://docs.aws.amazon.com/config/latest/developerguide/select-resources.html#select-resources-all) in the *AWS Config developer guide* . > *IncludeGlobalResourceTypes and the exclusion recording strategy*\n> \n> The `IncludeGlobalResourceTypes` field has no impact on the `EXCLUSION_BY_RESOURCE_TYPES` recording strategy. This means that the global IAM resource types ( IAM users, groups, roles, and customer managed policies) will not be automatically added as exclusions for `ExclusionByResourceTypes` when `IncludeGlobalResourceTypes` is set to `false` .\n> \n> The `IncludeGlobalResourceTypes` field should only be used to modify the `AllSupported` field, as the default for the `AllSupported` field is to record configuration changes for all supported resource types excluding the global IAM resource types. To include the global IAM resource types when `AllSupported` is set to `true` , make sure to set `IncludeGlobalResourceTypes` to `true` .\n> \n> To exclude the global IAM resource types for the `EXCLUSION_BY_RESOURCE_TYPES` recording strategy, you need to manually add them to the `ResourceTypes` field of `ExclusionByResourceTypes` . > *Required and optional fields*\n> \n> Before you set this field to `true` , set the `AllSupported` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) to `true` . Optionally, you can set the `useOnly` field of [RecordingStrategy](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingStrategy.html) to `ALL_SUPPORTED_RESOURCE_TYPES` . > *Overriding fields*\n> \n> If you set this field to `false` but list global IAM resource types in the `ResourceTypes` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) , AWS Config will still record configuration changes for those specified resource types *regardless* of if you set the `IncludeGlobalResourceTypes` field to false.\n> \n> If you do not want to record configuration changes to the global IAM resource types (IAM users, groups, roles, and customer managed policies), make sure to not list them in the `ResourceTypes` field in addition to setting the `IncludeGlobalResourceTypes` field to false.", + "title": "IncludeGlobalResourceTypes", "type": "boolean" }, - "MaxFileSize": { - "markdownDescription": "Specifies the maximum size (in KB) of any .csv file used to transfer data to PostgreSQL.\n\nThe default value is 32,768 KB (32 MB).\n\nExample: `maxFileSize=512`", - "title": "MaxFileSize", - "type": "number" - }, - "PluginName": { - "markdownDescription": "Specifies the plugin to use to create a replication slot.\n\nThe default value is `pglogical` .", - "title": "PluginName", - "type": "string" - }, - "SecretsManagerAccessRoleArn": { - "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the PostgreSQL endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", - "title": "SecretsManagerAccessRoleArn", - "type": "string" - }, - "SecretsManagerSecretId": { - "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the PostgreSQL endpoint connection details.", - "title": "SecretsManagerSecretId", - "type": "string" + "RecordingStrategy": { + "$ref": "#/definitions/AWS::Config::ConfigurationRecorder.RecordingStrategy", + "markdownDescription": "An object that specifies the recording strategy for the configuration recorder.\n\n- If you set the `useOnly` field of [RecordingStrategy](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingStrategy.html) to `ALL_SUPPORTED_RESOURCE_TYPES` , AWS Config records configuration changes for all supported resource types, excluding the global IAM resource types. You also must set the `AllSupported` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) to `true` . When AWS Config adds support for a new resource type, AWS Config automatically starts recording resources of that type.\n- If you set the `useOnly` field of [RecordingStrategy](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingStrategy.html) to `INCLUSION_BY_RESOURCE_TYPES` , AWS Config records configuration changes for only the resource types you specify in the `ResourceTypes` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) .\n- If you set the `useOnly` field of [RecordingStrategy](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingStrategy.html) to `EXCLUSION_BY_RESOURCE_TYPES` , AWS Config records configuration changes for all supported resource types except the resource types that you specify to exclude from being recorded in the `ResourceTypes` field of [ExclusionByResourceTypes](https://docs.aws.amazon.com/config/latest/APIReference/API_ExclusionByResourceTypes.html) .\n\n> *Required and optional fields*\n> \n> The `recordingStrategy` field is optional when you set the `AllSupported` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) to `true` .\n> \n> The `recordingStrategy` field is optional when you list resource types in the `ResourceTypes` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) .\n> \n> The `recordingStrategy` field is required if you list resource types to exclude from recording in the `ResourceTypes` field of [ExclusionByResourceTypes](https://docs.aws.amazon.com/config/latest/APIReference/API_ExclusionByResourceTypes.html) . > *Overriding fields*\n> \n> If you choose `EXCLUSION_BY_RESOURCE_TYPES` for the recording strategy, the `ExclusionByResourceTypes` field will override other properties in the request.\n> \n> For example, even if you set `IncludeGlobalResourceTypes` to false, global IAM resource types will still be automatically recorded in this option unless those resource types are specifically listed as exclusions in the `ResourceTypes` field of `ExclusionByResourceTypes` . > *Global resources types and the resource exclusion recording strategy*\n> \n> By default, if you choose the `EXCLUSION_BY_RESOURCE_TYPES` recording strategy, when AWS Config adds support for a new resource type in the Region where you set up the configuration recorder, including global resource types, AWS Config starts recording resources of that type automatically.\n> \n> Unless specifically listed as exclusions, `AWS::RDS::GlobalCluster` will be recorded automatically in all supported AWS Config Regions were the configuration recorder is enabled.\n> \n> IAM users, groups, roles, and customer managed policies will be recorded in the Region where you set up the configuration recorder if that is a Region where AWS Config was available before February 2022. You cannot be record the global IAM resouce types in Regions supported by AWS Config after February 2022. This list where you cannot record the global IAM resource types includes the following Regions:\n> \n> - Asia Pacific (Hyderabad)\n> - Asia Pacific (Melbourne)\n> - Canada West (Calgary)\n> - Europe (Spain)\n> - Europe (Zurich)\n> - Israel (Tel Aviv)\n> - Middle East (UAE)", + "title": "RecordingStrategy" }, - "SlotName": { - "markdownDescription": "Sets the name of a previously created logical replication slot for a change data capture (CDC) load of the PostgreSQL source instance.\n\nWhen used with the `CdcStartPosition` request parameter for the AWS DMS API , this attribute also makes it possible to use native CDC start points. DMS verifies that the specified logical replication slot exists before starting the CDC load task. It also verifies that the task was created with a valid setting of `CdcStartPosition` . If the specified slot doesn't exist or the task doesn't have a valid `CdcStartPosition` setting, DMS raises an error.\n\nFor more information about setting the `CdcStartPosition` request parameter, see [Determining a CDC native start point](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Task.CDC.html#CHAP_Task.CDC.StartPoint.Native) in the *AWS Database Migration Service User Guide* . For more information about using `CdcStartPosition` , see [CreateReplicationTask](https://docs.aws.amazon.com/dms/latest/APIReference/API_CreateReplicationTask.html) , [StartReplicationTask](https://docs.aws.amazon.com/dms/latest/APIReference/API_StartReplicationTask.html) , and [ModifyReplicationTask](https://docs.aws.amazon.com/dms/latest/APIReference/API_ModifyReplicationTask.html) .", - "title": "SlotName", - "type": "string" + "ResourceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "A comma-separated list that specifies which resource types AWS Config records.\n\nFor a list of valid `ResourceTypes` values, see the *Resource Type Value* column in [Supported AWS resource Types](https://docs.aws.amazon.com/config/latest/developerguide/resource-config-reference.html#supported-resources) in the *AWS Config developer guide* .\n\n> *Required and optional fields*\n> \n> Optionally, you can set the `useOnly` field of [RecordingStrategy](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingStrategy.html) to `INCLUSION_BY_RESOURCE_TYPES` .\n> \n> To record all configuration changes, set the `AllSupported` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) to `true` , and either omit this field or don't specify any resource types in this field. If you set the `AllSupported` field to `false` and specify values for `ResourceTypes` , when AWS Config adds support for a new type of resource, it will not record resources of that type unless you manually add that type to your recording group. > *Region availability*\n> \n> Before specifying a resource type for AWS Config to track, check [Resource Coverage by Region Availability](https://docs.aws.amazon.com/config/latest/developerguide/what-is-resource-config-coverage.html) to see if the resource type is supported in the AWS Region where you set up AWS Config . If a resource type is supported by AWS Config in at least one Region, you can enable the recording of that resource type in all Regions supported by AWS Config , even if the specified resource type is not supported in the AWS Region where you set up AWS Config .", + "title": "ResourceTypes", + "type": "array" } }, "type": "object" }, - "AWS::DMS::Endpoint.RedisSettings": { + "AWS::Config::ConfigurationRecorder.RecordingMode": { "additionalProperties": false, "properties": { - "AuthPassword": { - "markdownDescription": "The password provided with the `auth-role` and `auth-token` options of the `AuthType` setting for a Redis target endpoint.", - "title": "AuthPassword", - "type": "string" - }, - "AuthType": { - "markdownDescription": "The type of authentication to perform when connecting to a Redis target. Options include `none` , `auth-token` , and `auth-role` . The `auth-token` option requires an `AuthPassword` value to be provided. The `auth-role` option requires `AuthUserName` and `AuthPassword` values to be provided.", - "title": "AuthType", - "type": "string" - }, - "AuthUserName": { - "markdownDescription": "The user name provided with the `auth-role` option of the `AuthType` setting for a Redis target endpoint.", - "title": "AuthUserName", + "RecordingFrequency": { + "markdownDescription": "The default recording frequency that AWS Config uses to record configuration changes.\n\n> Daily recording cannot be specified for the following resource types:\n> \n> - `AWS::Config::ResourceCompliance`\n> - `AWS::Config::ConformancePackCompliance`\n> - `AWS::Config::ConfigurationRecorder`\n> \n> For the *allSupported* ( `ALL_SUPPORTED_RESOURCE_TYPES` ) recording strategy, these resource types will be set to Continuous recording.", + "title": "RecordingFrequency", "type": "string" }, - "Port": { - "markdownDescription": "Transmission Control Protocol (TCP) port for the endpoint.", - "title": "Port", - "type": "number" - }, - "ServerName": { - "markdownDescription": "Fully qualified domain name of the endpoint.", - "title": "ServerName", + "RecordingModeOverrides": { + "items": { + "$ref": "#/definitions/AWS::Config::ConfigurationRecorder.RecordingModeOverride" + }, + "markdownDescription": "An array of `recordingModeOverride` objects for you to specify your overrides for the recording mode. The `recordingModeOverride` object in the `recordingModeOverrides` array consists of three fields: a `description` , the new `recordingFrequency` , and an array of `resourceTypes` to override.", + "title": "RecordingModeOverrides", + "type": "array" + } + }, + "required": [ + "RecordingFrequency" + ], + "type": "object" + }, + "AWS::Config::ConfigurationRecorder.RecordingModeOverride": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description that you provide for the override.", + "title": "Description", "type": "string" }, - "SslCaCertificateArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the certificate authority (CA) that DMS uses to connect to your Redis target endpoint.", - "title": "SslCaCertificateArn", + "RecordingFrequency": { + "markdownDescription": "The recording frequency that will be applied to all the resource types specified in the override.\n\n- Continuous recording allows you to record configuration changes continuously whenever a change occurs.\n- Daily recording allows you to receive a configuration item (CI) representing the most recent state of your resources over the last 24-hour period, only if it\u2019s different from the previous CI recorded.\n\n> AWS Firewall Manager depends on continuous recording to monitor your resources. If you are using Firewall Manager, it is recommended that you set the recording frequency to Continuous.", + "title": "RecordingFrequency", "type": "string" }, - "SslSecurityProtocol": { - "markdownDescription": "The connection to a Redis target endpoint using Transport Layer Security (TLS). Valid values include `plaintext` and `ssl-encryption` . The default is `ssl-encryption` . The `ssl-encryption` option makes an encrypted connection. Optionally, you can identify an Amazon Resource Name (ARN) for an SSL certificate authority (CA) using the `SslCaCertificateArn` setting. If an ARN isn't given for a CA, DMS uses the Amazon root CA.\n\nThe `plaintext` option doesn't provide Transport Layer Security (TLS) encryption for traffic between endpoint and database.", - "title": "SslSecurityProtocol", + "ResourceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "A comma-separated list that specifies which resource types AWS Config includes in the override.\n\n> Daily recording cannot be specified for the following resource types:\n> \n> - `AWS::Config::ResourceCompliance`\n> - `AWS::Config::ConformancePackCompliance`\n> - `AWS::Config::ConfigurationRecorder`", + "title": "ResourceTypes", + "type": "array" + } + }, + "required": [ + "RecordingFrequency", + "ResourceTypes" + ], + "type": "object" + }, + "AWS::Config::ConfigurationRecorder.RecordingStrategy": { + "additionalProperties": false, + "properties": { + "UseOnly": { + "markdownDescription": "The recording strategy for the configuration recorder.\n\n- If you set this option to `ALL_SUPPORTED_RESOURCE_TYPES` , AWS Config records configuration changes for all supported resource types, excluding the global IAM resource types. You also must set the `AllSupported` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) to `true` . When AWS Config adds support for a new resource type, AWS Config automatically starts recording resources of that type. For a list of supported resource types, see [Supported Resource Types](https://docs.aws.amazon.com/config/latest/developerguide/resource-config-reference.html#supported-resources) in the *AWS Config developer guide* .\n- If you set this option to `INCLUSION_BY_RESOURCE_TYPES` , AWS Config records configuration changes for only the resource types that you specify in the `ResourceTypes` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) .\n- If you set this option to `EXCLUSION_BY_RESOURCE_TYPES` , AWS Config records configuration changes for all supported resource types, except the resource types that you specify to exclude from being recorded in the `ResourceTypes` field of [ExclusionByResourceTypes](https://docs.aws.amazon.com/config/latest/APIReference/API_ExclusionByResourceTypes.html) .\n\n> *Required and optional fields*\n> \n> The `recordingStrategy` field is optional when you set the `AllSupported` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) to `true` .\n> \n> The `recordingStrategy` field is optional when you list resource types in the `ResourceTypes` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) .\n> \n> The `recordingStrategy` field is required if you list resource types to exclude from recording in the `ResourceTypes` field of [ExclusionByResourceTypes](https://docs.aws.amazon.com/config/latest/APIReference/API_ExclusionByResourceTypes.html) . > *Overriding fields*\n> \n> If you choose `EXCLUSION_BY_RESOURCE_TYPES` for the recording strategy, the `ExclusionByResourceTypes` field will override other properties in the request.\n> \n> For example, even if you set `IncludeGlobalResourceTypes` to false, global IAM resource types will still be automatically recorded in this option unless those resource types are specifically listed as exclusions in the `ResourceTypes` field of `ExclusionByResourceTypes` . > *Global resource types and the exclusion recording strategy*\n> \n> By default, if you choose the `EXCLUSION_BY_RESOURCE_TYPES` recording strategy, when AWS Config adds support for a new resource type in the Region where you set up the configuration recorder, including global resource types, AWS Config starts recording resources of that type automatically.\n> \n> Unless specifically listed as exclusions, `AWS::RDS::GlobalCluster` will be recorded automatically in all supported AWS Config Regions were the configuration recorder is enabled.\n> \n> IAM users, groups, roles, and customer managed policies will be recorded in the Region where you set up the configuration recorder if that is a Region where AWS Config was available before February 2022. You cannot be record the global IAM resouce types in Regions supported by AWS Config after February 2022. This list where you cannot record the global IAM resource types includes the following Regions:\n> \n> - Asia Pacific (Hyderabad)\n> - Asia Pacific (Melbourne)\n> - Canada West (Calgary)\n> - Europe (Spain)\n> - Europe (Zurich)\n> - Israel (Tel Aviv)\n> - Middle East (UAE)", + "title": "UseOnly", "type": "string" } }, + "required": [ + "UseOnly" + ], "type": "object" }, - "AWS::DMS::Endpoint.RedshiftSettings": { + "AWS::Config::ConformancePack": { "additionalProperties": false, "properties": { - "AcceptAnyDate": { - "markdownDescription": "A value that indicates to allow any date format, including invalid formats such as 00/00/00 00:00:00, to be loaded without generating an error. You can choose `true` or `false` (the default).\n\nThis parameter applies only to TIMESTAMP and DATE columns. Always use ACCEPTANYDATE with the DATEFORMAT parameter. If the date format for the data doesn't match the DATEFORMAT specification, Amazon Redshift inserts a NULL value into that field.", - "title": "AcceptAnyDate", - "type": "boolean" - }, - "AfterConnectScript": { - "markdownDescription": "Code to run after connecting. This parameter should contain the code itself, not the name of a file containing the code.", - "title": "AfterConnectScript", + "Condition": { "type": "string" }, - "BucketFolder": { - "markdownDescription": "An S3 folder where the comma-separated-value (.csv) files are stored before being uploaded to the target Redshift cluster.\n\nFor full load mode, AWS DMS converts source records into .csv files and loads them to the *BucketFolder/TableID* path. AWS DMS uses the Redshift `COPY` command to upload the .csv files to the target table. The files are deleted once the `COPY` operation has finished. For more information, see [COPY](https://docs.aws.amazon.com/redshift/latest/dg/r_COPY.html) in the *Amazon Redshift Database Developer Guide* .\n\nFor change-data-capture (CDC) mode, AWS DMS creates a *NetChanges* table, and loads the .csv files to this *BucketFolder/NetChangesTableID* path.", - "title": "BucketFolder", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "BucketName": { - "markdownDescription": "The name of the intermediate S3 bucket used to store .csv files before uploading data to Redshift.", - "title": "BucketName", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "CaseSensitiveNames": { - "markdownDescription": "If Amazon Redshift is configured to support case sensitive schema names, set `CaseSensitiveNames` to `true` . The default is `false` .", - "title": "CaseSensitiveNames", - "type": "boolean" - }, - "CompUpdate": { - "markdownDescription": "If you set `CompUpdate` to `true` Amazon Redshift applies automatic compression if the table is empty. This applies even if the table columns already have encodings other than `RAW` . If you set `CompUpdate` to `false` , automatic compression is disabled and existing column encodings aren't changed. The default is `true` .", - "title": "CompUpdate", - "type": "boolean" + "Metadata": { + "type": "object" }, - "ConnectionTimeout": { - "markdownDescription": "A value that sets the amount of time to wait (in milliseconds) before timing out, beginning from when you initially establish a connection.", - "title": "ConnectionTimeout", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "ConformancePackInputParameters": { + "items": { + "$ref": "#/definitions/AWS::Config::ConformancePack.ConformancePackInputParameter" + }, + "markdownDescription": "A list of ConformancePackInputParameter objects.", + "title": "ConformancePackInputParameters", + "type": "array" + }, + "ConformancePackName": { + "markdownDescription": "Name of the conformance pack you want to create.", + "title": "ConformancePackName", + "type": "string" + }, + "DeliveryS3Bucket": { + "markdownDescription": "The name of the Amazon S3 bucket where AWS Config stores conformance pack templates.", + "title": "DeliveryS3Bucket", + "type": "string" + }, + "DeliveryS3KeyPrefix": { + "markdownDescription": "The prefix for the Amazon S3 bucket.", + "title": "DeliveryS3KeyPrefix", + "type": "string" + }, + "TemplateBody": { + "markdownDescription": "A string containing full conformance pack template body. Structure containing the template body with a minimum length of 1 byte and a maximum length of 51,200 bytes.\n\n> You can only use a YAML template with two resource types: config rule ( `AWS::Config::ConfigRule` ) and a remediation action ( `AWS::Config::RemediationConfiguration` ).", + "title": "TemplateBody", + "type": "string" + }, + "TemplateS3Uri": { + "markdownDescription": "Location of file containing the template body (s3://bucketname/prefix). The uri must point to the conformance pack template (max size: 300 KB) that is located in an Amazon S3 bucket.\n\n> You must have access to read Amazon S3 bucket.", + "title": "TemplateS3Uri", + "type": "string" + }, + "TemplateSSMDocumentDetails": { + "$ref": "#/definitions/AWS::Config::ConformancePack.TemplateSSMDocumentDetails", + "markdownDescription": "An object that contains the name or Amazon Resource Name (ARN) of the AWS Systems Manager document (SSM document) and the version of the SSM document that is used to create a conformance pack.", + "title": "TemplateSSMDocumentDetails" + } + }, + "required": [ + "ConformancePackName" + ], + "type": "object" }, - "DateFormat": { - "markdownDescription": "The date format that you are using. Valid values are `auto` (case-sensitive), your date format string enclosed in quotes, or NULL. If this parameter is left unset (NULL), it defaults to a format of 'YYYY-MM-DD'. Using `auto` recognizes most strings, even some that aren't supported when you use a date format string.\n\nIf your date and time values use formats different from each other, set this to `auto` .", - "title": "DateFormat", + "Type": { + "enum": [ + "AWS::Config::ConformancePack" + ], "type": "string" }, - "EmptyAsNull": { - "markdownDescription": "A value that specifies whether AWS DMS should migrate empty CHAR and VARCHAR fields as NULL. A value of `true` sets empty CHAR and VARCHAR fields to null. The default is `false` .", - "title": "EmptyAsNull", - "type": "boolean" - }, - "EncryptionMode": { - "markdownDescription": "The type of server-side encryption that you want to use for your data. This encryption type is part of the endpoint settings or the extra connections attributes for Amazon S3. You can choose either `SSE_S3` (the default) or `SSE_KMS` .\n\n> For the `ModifyEndpoint` operation, you can change the existing value of the `EncryptionMode` parameter from `SSE_KMS` to `SSE_S3` . But you can\u2019t change the existing value from `SSE_S3` to `SSE_KMS` . \n\nTo use `SSE_S3` , create an AWS Identity and Access Management (IAM) role with a policy that allows `\"arn:aws:s3:::*\"` to use the following actions: `\"s3:PutObject\", \"s3:ListBucket\"`", - "title": "EncryptionMode", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "ExplicitIds": { - "markdownDescription": "This setting is only valid for a full-load migration task. Set `ExplicitIds` to `true` to have tables with `IDENTITY` columns override their auto-generated values with explicit values loaded from the source data files used to populate the tables. The default is `false` .", - "title": "ExplicitIds", - "type": "boolean" - }, - "FileTransferUploadStreams": { - "markdownDescription": "The number of threads used to upload a single file. This parameter accepts a value from 1 through 64. It defaults to 10.\n\nThe number of parallel streams used to upload a single .csv file to an S3 bucket using S3 Multipart Upload. For more information, see [Multipart upload overview](https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html) .\n\n`FileTransferUploadStreams` accepts a value from 1 through 64. It defaults to 10.", - "title": "FileTransferUploadStreams", - "type": "number" - }, - "LoadTimeout": { - "markdownDescription": "The amount of time to wait (in milliseconds) before timing out of operations performed by AWS DMS on a Redshift cluster, such as Redshift COPY, INSERT, DELETE, and UPDATE.", - "title": "LoadTimeout", - "type": "number" - }, - "MapBooleanAsBoolean": { - "markdownDescription": "When true, lets Redshift migrate the boolean type as boolean. By default, Redshift migrates booleans as `varchar(1)` . You must set this setting on both the source and target endpoints for it to take effect.", - "title": "MapBooleanAsBoolean", - "type": "boolean" - }, - "MaxFileSize": { - "markdownDescription": "The maximum size (in KB) of any .csv file used to load data on an S3 bucket and transfer data to Amazon Redshift. It defaults to 1048576KB (1 GB).", - "title": "MaxFileSize", - "type": "number" - }, - "RemoveQuotes": { - "markdownDescription": "A value that specifies to remove surrounding quotation marks from strings in the incoming data. All characters within the quotation marks, including delimiters, are retained. Choose `true` to remove quotation marks. The default is `false` .", - "title": "RemoveQuotes", - "type": "boolean" - }, - "ReplaceChars": { - "markdownDescription": "A value that specifies to replaces the invalid characters specified in `ReplaceInvalidChars` , substituting the specified characters instead. The default is `\"?\"` .", - "title": "ReplaceChars", + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Config::ConformancePack.ConformancePackInputParameter": { + "additionalProperties": false, + "properties": { + "ParameterName": { + "markdownDescription": "One part of a key-value pair.", + "title": "ParameterName", "type": "string" }, - "ReplaceInvalidChars": { - "markdownDescription": "A list of characters that you want to replace. Use with `ReplaceChars` .", - "title": "ReplaceInvalidChars", + "ParameterValue": { + "markdownDescription": "Another part of the key-value pair.", + "title": "ParameterValue", "type": "string" - }, - "SecretsManagerAccessRoleArn": { - "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the Amazon Redshift endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", - "title": "SecretsManagerAccessRoleArn", + } + }, + "required": [ + "ParameterName", + "ParameterValue" + ], + "type": "object" + }, + "AWS::Config::ConformancePack.TemplateSSMDocumentDetails": { + "additionalProperties": false, + "properties": { + "DocumentName": { + "markdownDescription": "The name or Amazon Resource Name (ARN) of the SSM document to use to create a conformance pack. If you use the document name, AWS Config checks only your account and AWS Region for the SSM document.", + "title": "DocumentName", "type": "string" }, - "SecretsManagerSecretId": { - "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the Amazon Redshift endpoint connection details.", - "title": "SecretsManagerSecretId", + "DocumentVersion": { + "markdownDescription": "The version of the SSM document to use to create a conformance pack. By default, AWS Config uses the latest version.\n\n> This field is optional.", + "title": "DocumentVersion", "type": "string" - }, - "ServerSideEncryptionKmsKeyId": { - "markdownDescription": "The AWS KMS key ID. If you are using `SSE_KMS` for the `EncryptionMode` , provide this key ID. The key that you use needs an attached policy that enables IAM user permissions and allows use of the key.", - "title": "ServerSideEncryptionKmsKeyId", + } + }, + "type": "object" + }, + "AWS::Config::DeliveryChannel": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "ServiceAccessRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that has access to the Amazon Redshift service. The role must allow the `iam:PassRole` action.", - "title": "ServiceAccessRoleArn", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "TimeFormat": { - "markdownDescription": "The time format that you want to use. Valid values are `auto` (case-sensitive), `'timeformat_string'` , `'epochsecs'` , or `'epochmillisecs'` . It defaults to 10. Using `auto` recognizes most strings, even some that aren't supported when you use a time format string.\n\nIf your date and time values use formats different from each other, set this parameter to `auto` .", - "title": "TimeFormat", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "TrimBlanks": { - "markdownDescription": "A value that specifies to remove the trailing white space characters from a VARCHAR string. This parameter applies only to columns with a VARCHAR data type. Choose `true` to remove unneeded white space. The default is `false` .", - "title": "TrimBlanks", - "type": "boolean" + "Metadata": { + "type": "object" }, - "TruncateColumns": { - "markdownDescription": "A value that specifies to truncate data in columns to the appropriate number of characters, so that the data fits in the column. This parameter applies only to columns with a VARCHAR or CHAR data type, and rows with a size of 4 MB or less. Choose `true` to truncate data. The default is `false` .", - "title": "TruncateColumns", - "type": "boolean" + "Properties": { + "additionalProperties": false, + "properties": { + "ConfigSnapshotDeliveryProperties": { + "$ref": "#/definitions/AWS::Config::DeliveryChannel.ConfigSnapshotDeliveryProperties", + "markdownDescription": "The options for how often AWS Config delivers configuration snapshots to the Amazon S3 bucket.", + "title": "ConfigSnapshotDeliveryProperties" + }, + "Name": { + "markdownDescription": "A name for the delivery channel. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the delivery channel name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nUpdates are not supported. To change the name, you must run two separate updates. In the first update, delete this resource, and then recreate it with a new name in the second update.", + "title": "Name", + "type": "string" + }, + "S3BucketName": { + "markdownDescription": "The name of the Amazon S3 bucket to which AWS Config delivers configuration snapshots and configuration history files.\n\nIf you specify a bucket that belongs to another AWS account , that bucket must have policies that grant access permissions to AWS Config . For more information, see [Permissions for the Amazon S3 Bucket](https://docs.aws.amazon.com/config/latest/developerguide/s3-bucket-policy.html) in the *AWS Config Developer Guide* .", + "title": "S3BucketName", + "type": "string" + }, + "S3KeyPrefix": { + "markdownDescription": "The prefix for the specified Amazon S3 bucket.", + "title": "S3KeyPrefix", + "type": "string" + }, + "S3KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Key Management Service ( AWS KMS ) AWS KMS key (KMS key) used to encrypt objects delivered by AWS Config . Must belong to the same Region as the destination S3 bucket.", + "title": "S3KmsKeyArn", + "type": "string" + }, + "SnsTopicARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to which AWS Config sends notifications about configuration changes.\n\nIf you choose a topic from another account, the topic must have policies that grant access permissions to AWS Config . For more information, see [Permissions for the Amazon SNS Topic](https://docs.aws.amazon.com/config/latest/developerguide/sns-topic-policy.html) in the *AWS Config Developer Guide* .", + "title": "SnsTopicARN", + "type": "string" + } + }, + "required": [ + "S3BucketName" + ], + "type": "object" }, - "WriteBufferSize": { - "markdownDescription": "The size (in KB) of the in-memory file write buffer used when generating .csv files on the local disk at the DMS replication instance. The default value is 1000 (buffer size is 1000KB).", - "title": "WriteBufferSize", - "type": "number" + "Type": { + "enum": [ + "AWS::Config::DeliveryChannel" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::DMS::Endpoint.S3Settings": { + "AWS::Config::DeliveryChannel.ConfigSnapshotDeliveryProperties": { "additionalProperties": false, "properties": { - "AddColumnName": { - "markdownDescription": "An optional parameter that, when set to `true` or `y` , you can use to add column name information to the .csv output file.\n\nThe default value is `false` . Valid values are `true` , `false` , `y` , and `n` .", - "title": "AddColumnName", - "type": "boolean" - }, - "AddTrailingPaddingCharacter": { - "markdownDescription": "Use the S3 target endpoint setting `AddTrailingPaddingCharacter` to add padding on string data. The default value is `false` .", - "title": "AddTrailingPaddingCharacter", - "type": "boolean" - }, - "BucketFolder": { - "markdownDescription": "An optional parameter to set a folder name in the S3 bucket. If provided, tables are created in the path `*bucketFolder* / *schema_name* / *table_name* /` . If this parameter isn't specified, the path used is `*schema_name* / *table_name* /` .", - "title": "BucketFolder", + "DeliveryFrequency": { + "markdownDescription": "The frequency with which AWS Config delivers configuration snapshots.", + "title": "DeliveryFrequency", "type": "string" - }, - "BucketName": { - "markdownDescription": "The name of the S3 bucket.", - "title": "BucketName", + } + }, + "type": "object" + }, + "AWS::Config::OrganizationConfigRule": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "CannedAclForObjects": { - "markdownDescription": "A value that enables AWS DMS to specify a predefined (canned) access control list (ACL) for objects created in an Amazon S3 bucket as .csv or .parquet files. For more information about Amazon S3 canned ACLs, see [Canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) in the *Amazon S3 Developer Guide* .\n\nThe default value is NONE. Valid values include NONE, PRIVATE, PUBLIC_READ, PUBLIC_READ_WRITE, AUTHENTICATED_READ, AWS_EXEC_READ, BUCKET_OWNER_READ, and BUCKET_OWNER_FULL_CONTROL.", - "title": "CannedAclForObjects", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "CdcInsertsAndUpdates": { - "markdownDescription": "A value that enables a change data capture (CDC) load to write INSERT and UPDATE operations to .csv or .parquet (columnar storage) output files. The default setting is `false` , but when `CdcInsertsAndUpdates` is set to `true` or `y` , only INSERTs and UPDATEs from the source database are migrated to the .csv or .parquet file.\n\nFor .csv file format only, how these INSERTs and UPDATEs are recorded depends on the value of the `IncludeOpForFullLoad` parameter. If `IncludeOpForFullLoad` is set to `true` , the first field of every CDC record is set to either `I` or `U` to indicate INSERT and UPDATE operations at the source. But if `IncludeOpForFullLoad` is set to `false` , CDC records are written without an indication of INSERT or UPDATE operations at the source. For more information about how these settings work together, see [Indicating Source DB Operations in Migrated S3 Data](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.Configuring.InsertOps) in the *AWS Database Migration Service User Guide* .\n\n> AWS DMS supports the use of the `CdcInsertsAndUpdates` parameter in versions 3.3.1 and later.\n> \n> `CdcInsertsOnly` and `CdcInsertsAndUpdates` can't both be set to `true` for the same endpoint. Set either `CdcInsertsOnly` or `CdcInsertsAndUpdates` to `true` for the same endpoint, but not both.", - "title": "CdcInsertsAndUpdates", - "type": "boolean" - }, - "CdcInsertsOnly": { - "markdownDescription": "A value that enables a change data capture (CDC) load to write only INSERT operations to .csv or columnar storage (.parquet) output files. By default (the `false` setting), the first field in a .csv or .parquet record contains the letter I (INSERT), U (UPDATE), or D (DELETE). These values indicate whether the row was inserted, updated, or deleted at the source database for a CDC load to the target.\n\nIf `CdcInsertsOnly` is set to `true` or `y` , only INSERTs from the source database are migrated to the .csv or .parquet file. For .csv format only, how these INSERTs are recorded depends on the value of `IncludeOpForFullLoad` . If `IncludeOpForFullLoad` is set to `true` , the first field of every CDC record is set to I to indicate the INSERT operation at the source. If `IncludeOpForFullLoad` is set to `false` , every CDC record is written without a first field to indicate the INSERT operation at the source. For more information about how these settings work together, see [Indicating Source DB Operations in Migrated S3 Data](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.Configuring.InsertOps) in the *AWS Database Migration Service User Guide* .\n\n> AWS DMS supports the interaction described preceding between the `CdcInsertsOnly` and `IncludeOpForFullLoad` parameters in versions 3.1.4 and later.\n> \n> `CdcInsertsOnly` and `CdcInsertsAndUpdates` can't both be set to `true` for the same endpoint. Set either `CdcInsertsOnly` or `CdcInsertsAndUpdates` to `true` for the same endpoint, but not both.", - "title": "CdcInsertsOnly", - "type": "boolean" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "CdcMaxBatchInterval": { - "markdownDescription": "Maximum length of the interval, defined in seconds, after which to output a file to Amazon S3.\n\nWhen `CdcMaxBatchInterval` and `CdcMinFileSize` are both specified, the file write is triggered by whichever parameter condition is met first within an AWS DMS CloudFormation template.\n\nThe default value is 60 seconds.", - "title": "CdcMaxBatchInterval", - "type": "number" + "Metadata": { + "type": "object" }, - "CdcMinFileSize": { - "markdownDescription": "Minimum file size, defined in kilobytes, to reach for a file output to Amazon S3.\n\nWhen `CdcMinFileSize` and `CdcMaxBatchInterval` are both specified, the file write is triggered by whichever parameter condition is met first within an AWS DMS CloudFormation template.\n\nThe default value is 32 MB.", - "title": "CdcMinFileSize", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "ExcludedAccounts": { + "items": { + "type": "string" + }, + "markdownDescription": "A comma-separated list of accounts excluded from organization AWS Config rule.", + "title": "ExcludedAccounts", + "type": "array" + }, + "OrganizationConfigRuleName": { + "markdownDescription": "The name that you assign to organization AWS Config rule.", + "title": "OrganizationConfigRuleName", + "type": "string" + }, + "OrganizationCustomPolicyRuleMetadata": { + "$ref": "#/definitions/AWS::Config::OrganizationConfigRule.OrganizationCustomPolicyRuleMetadata", + "markdownDescription": "An object that specifies metadata for your organization's AWS Config Custom Policy rule. The metadata includes the runtime system in use, which accounts have debug logging enabled, and other custom rule metadata, such as resource type, resource ID of AWS resource, and organization trigger types that initiate AWS Config to evaluate AWS resources against a rule.", + "title": "OrganizationCustomPolicyRuleMetadata" + }, + "OrganizationCustomRuleMetadata": { + "$ref": "#/definitions/AWS::Config::OrganizationConfigRule.OrganizationCustomRuleMetadata", + "markdownDescription": "An `OrganizationCustomRuleMetadata` object.", + "title": "OrganizationCustomRuleMetadata" + }, + "OrganizationManagedRuleMetadata": { + "$ref": "#/definitions/AWS::Config::OrganizationConfigRule.OrganizationManagedRuleMetadata", + "markdownDescription": "An `OrganizationManagedRuleMetadata` object.", + "title": "OrganizationManagedRuleMetadata" + } + }, + "required": [ + "OrganizationConfigRuleName" + ], + "type": "object" }, - "CdcPath": { - "markdownDescription": "Specifies the folder path of CDC files. For an S3 source, this setting is required if a task captures change data; otherwise, it's optional. If `CdcPath` is set, AWS DMS reads CDC files from this path and replicates the data changes to the target endpoint. For an S3 target if you set [`PreserveTransactions`](https://docs.aws.amazon.com/dms/latest/APIReference/API_S3Settings.html#DMS-Type-S3Settings-PreserveTransactions) to `true` , AWS DMS verifies that you have set this parameter to a folder path on your S3 target where AWS DMS can save the transaction order for the CDC load. AWS DMS creates this CDC folder path in either your S3 target working directory or the S3 target location specified by [`BucketFolder`](https://docs.aws.amazon.com/dms/latest/APIReference/API_S3Settings.html#DMS-Type-S3Settings-BucketFolder) and [`BucketName`](https://docs.aws.amazon.com/dms/latest/APIReference/API_S3Settings.html#DMS-Type-S3Settings-BucketName) .\n\nFor example, if you specify `CdcPath` as `MyChangedData` , and you specify `BucketName` as `MyTargetBucket` but do not specify `BucketFolder` , AWS DMS creates the CDC folder path following: `MyTargetBucket/MyChangedData` .\n\nIf you specify the same `CdcPath` , and you specify `BucketName` as `MyTargetBucket` and `BucketFolder` as `MyTargetData` , AWS DMS creates the CDC folder path following: `MyTargetBucket/MyTargetData/MyChangedData` .\n\nFor more information on CDC including transaction order on an S3 target, see [Capturing data changes (CDC) including transaction order on the S3 target](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.EndpointSettings.CdcPath) .\n\n> This setting is supported in AWS DMS versions 3.4.2 and later.", - "title": "CdcPath", + "Type": { + "enum": [ + "AWS::Config::OrganizationConfigRule" + ], "type": "string" }, - "CompressionType": { - "markdownDescription": "An optional parameter. When set to GZIP it enables the service to compress the target files. To allow the service to write the target files uncompressed, either set this parameter to NONE (the default) or don't specify the parameter at all. This parameter applies to both .csv and .parquet file formats.", - "title": "CompressionType", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Config::OrganizationConfigRule.OrganizationCustomPolicyRuleMetadata": { + "additionalProperties": false, + "properties": { + "DebugLogDeliveryAccounts": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of accounts that you can enable debug logging for your organization AWS Config Custom Policy rule. List is null when debug logging is enabled for all accounts.", + "title": "DebugLogDeliveryAccounts", + "type": "array" }, - "CsvDelimiter": { - "markdownDescription": "The delimiter used to separate columns in the .csv file for both source and target. The default is a comma.", - "title": "CsvDelimiter", + "Description": { + "markdownDescription": "The description that you provide for your organization AWS Config Custom Policy rule.", + "title": "Description", "type": "string" }, - "CsvNoSupValue": { - "markdownDescription": "This setting only applies if your Amazon S3 output files during a change data capture (CDC) load are written in .csv format. If [`UseCsvNoSupValue`](https://docs.aws.amazon.com/dms/latest/APIReference/API_S3Settings.html#DMS-Type-S3Settings-UseCsvNoSupValue) is set to true, specify a string value that you want AWS DMS to use for all columns not included in the supplemental log. If you do not specify a string value, AWS DMS uses the null value for these columns regardless of the `UseCsvNoSupValue` setting.\n\n> This setting is supported in AWS DMS versions 3.4.1 and later.", - "title": "CsvNoSupValue", + "InputParameters": { + "markdownDescription": "A string, in JSON format, that is passed to your organization AWS Config Custom Policy rule.", + "title": "InputParameters", "type": "string" }, - "CsvNullValue": { - "markdownDescription": "An optional parameter that specifies how AWS DMS treats null values. While handling the null value, you can use this parameter to pass a user-defined string as null when writing to the target. For example, when target columns are not nullable, you can use this option to differentiate between the empty string value and the null value. So, if you set this parameter value to the empty string (\"\" or ''), AWS DMS treats the empty string as the null value instead of `NULL` .\n\nThe default value is `NULL` . Valid values include any valid string.", - "title": "CsvNullValue", + "MaximumExecutionFrequency": { + "markdownDescription": "The maximum frequency with which AWS Config runs evaluations for a rule. Your AWS Config Custom Policy rule is triggered when AWS Config delivers the configuration snapshot. For more information, see `ConfigSnapshotDeliveryProperties` .", + "title": "MaximumExecutionFrequency", "type": "string" }, - "CsvRowDelimiter": { - "markdownDescription": "The delimiter used to separate rows in the .csv file for both source and target.\n\nThe default is a carriage return ( `\\n` ).", - "title": "CsvRowDelimiter", - "type": "string" + "OrganizationConfigRuleTriggerTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The type of notification that initiates AWS Config to run an evaluation for a rule. For AWS Config Custom Policy rules, AWS Config supports change-initiated notification types:\n\n- `ConfigurationItemChangeNotification` - Initiates an evaluation when AWS Config delivers a configuration item as a result of a resource change.\n- `OversizedConfigurationItemChangeNotification` - Initiates an evaluation when AWS Config delivers an oversized configuration item. AWS Config may generate this notification type when a resource changes and the notification exceeds the maximum size allowed by Amazon SNS.", + "title": "OrganizationConfigRuleTriggerTypes", + "type": "array" }, - "DataFormat": { - "markdownDescription": "The format of the data that you want to use for output. You can choose one of the following:\n\n- `csv` : This is a row-based file format with comma-separated values (.csv).\n- `parquet` : Apache Parquet (.parquet) is a columnar storage file format that features efficient compression and provides faster query response.", - "title": "DataFormat", + "PolicyText": { + "markdownDescription": "The policy definition containing the logic for your organization AWS Config Custom Policy rule.", + "title": "PolicyText", "type": "string" }, - "DataPageSize": { - "markdownDescription": "The size of one data page in bytes. This parameter defaults to 1024 * 1024 bytes (1 MiB). This number is used for .parquet file format only.", - "title": "DataPageSize", - "type": "number" - }, - "DatePartitionDelimiter": { - "markdownDescription": "Specifies a date separating delimiter to use during folder partitioning. The default value is `SLASH` . Use this parameter when `DatePartitionedEnabled` is set to `true` .", - "title": "DatePartitionDelimiter", + "ResourceIdScope": { + "markdownDescription": "The ID of the AWS resource that was evaluated.", + "title": "ResourceIdScope", "type": "string" }, - "DatePartitionEnabled": { - "markdownDescription": "When set to `true` , this parameter partitions S3 bucket folders based on transaction commit dates. The default value is `false` . For more information about date-based folder partitioning, see [Using date-based folder partitioning](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.DatePartitioning) .", - "title": "DatePartitionEnabled", - "type": "boolean" + "ResourceTypesScope": { + "items": { + "type": "string" + }, + "markdownDescription": "The type of the AWS resource that was evaluated.", + "title": "ResourceTypesScope", + "type": "array" }, - "DatePartitionSequence": { - "markdownDescription": "Identifies the sequence of the date format to use during folder partitioning. The default value is `YYYYMMDD` . Use this parameter when `DatePartitionedEnabled` is set to `true` .", - "title": "DatePartitionSequence", + "Runtime": { + "markdownDescription": "The runtime system for your organization AWS Config Custom Policy rules. Guard is a policy-as-code language that allows you to write policies that are enforced by AWS Config Custom Policy rules. For more information about Guard, see the [Guard GitHub Repository](https://docs.aws.amazon.com/https://github.com/aws-cloudformation/cloudformation-guard) .", + "title": "Runtime", "type": "string" }, - "DatePartitionTimezone": { - "markdownDescription": "When creating an S3 target endpoint, set `DatePartitionTimezone` to convert the current UTC time into a specified time zone. The conversion occurs when a date partition folder is created and a change data capture (CDC) file name is generated. The time zone format is Area/Location. Use this parameter when `DatePartitionedEnabled` is set to `true` , as shown in the following example.\n\n`s3-settings='{\"DatePartitionEnabled\": true, \"DatePartitionSequence\": \"YYYYMMDDHH\", \"DatePartitionDelimiter\": \"SLASH\", \"DatePartitionTimezone\":\" *Asia/Seoul* \", \"BucketName\": \"dms-nattarat-test\"}'`", - "title": "DatePartitionTimezone", + "TagKeyScope": { + "markdownDescription": "One part of a key-value pair that make up a tag. A key is a general label that acts like a category for more specific tag values.", + "title": "TagKeyScope", "type": "string" }, - "DictPageSizeLimit": { - "markdownDescription": "The maximum size of an encoded dictionary page of a column. If the dictionary page exceeds this, this column is stored using an encoding type of `PLAIN` . This parameter defaults to 1024 * 1024 bytes (1 MiB), the maximum size of a dictionary page before it reverts to `PLAIN` encoding. This size is used for .parquet file format only.", - "title": "DictPageSizeLimit", - "type": "number" - }, - "EnableStatistics": { - "markdownDescription": "A value that enables statistics for Parquet pages and row groups. Choose `true` to enable statistics, `false` to disable. Statistics include `NULL` , `DISTINCT` , `MAX` , and `MIN` values. This parameter defaults to `true` . This value is used for .parquet file format only.", - "title": "EnableStatistics", - "type": "boolean" - }, - "EncodingType": { - "markdownDescription": "The type of encoding that you're using:\n\n- `RLE_DICTIONARY` uses a combination of bit-packing and run-length encoding to store repeated values more efficiently. This is the default.\n- `PLAIN` doesn't use encoding at all. Values are stored as they are.\n- `PLAIN_DICTIONARY` builds a dictionary of the values encountered in a given column. The dictionary is stored in a dictionary page for each column chunk.", - "title": "EncodingType", + "TagValueScope": { + "markdownDescription": "The optional part of a key-value pair that make up a tag. A value acts as a descriptor within a tag category (key).", + "title": "TagValueScope", "type": "string" - }, - "EncryptionMode": { - "markdownDescription": "The type of server-side encryption that you want to use for your data. This encryption type is part of the endpoint settings or the extra connections attributes for Amazon S3. You can choose either `SSE_S3` (the default) or `SSE_KMS` .\n\n> For the `ModifyEndpoint` operation, you can change the existing value of the `EncryptionMode` parameter from `SSE_KMS` to `SSE_S3` . But you can\u2019t change the existing value from `SSE_S3` to `SSE_KMS` . \n\nTo use `SSE_S3` , you need an IAM role with permission to allow `\"arn:aws:s3:::dms-*\"` to use the following actions:\n\n- `s3:CreateBucket`\n- `s3:ListBucket`\n- `s3:DeleteBucket`\n- `s3:GetBucketLocation`\n- `s3:GetObject`\n- `s3:PutObject`\n- `s3:DeleteObject`\n- `s3:GetObjectVersion`\n- `s3:GetBucketPolicy`\n- `s3:PutBucketPolicy`\n- `s3:DeleteBucketPolicy`", - "title": "EncryptionMode", + } + }, + "required": [ + "PolicyText", + "Runtime" + ], + "type": "object" + }, + "AWS::Config::OrganizationConfigRule.OrganizationCustomRuleMetadata": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description that you provide for your organization AWS Config rule.", + "title": "Description", "type": "string" }, - "ExpectedBucketOwner": { - "markdownDescription": "To specify a bucket owner and prevent sniping, you can use the `ExpectedBucketOwner` endpoint setting.\n\nExample: `--s3-settings='{\"ExpectedBucketOwner\": \" *AWS_Account_ID* \"}'`\n\nWhen you make a request to test a connection or perform a migration, S3 checks the account ID of the bucket owner against the specified parameter.", - "title": "ExpectedBucketOwner", + "InputParameters": { + "markdownDescription": "A string, in JSON format, that is passed to your organization AWS Config rule Lambda function.", + "title": "InputParameters", "type": "string" }, - "ExternalTableDefinition": { - "markdownDescription": "The external table definition.\n\nConditional: If `S3` is used as a source then `ExternalTableDefinition` is required.", - "title": "ExternalTableDefinition", + "LambdaFunctionArn": { + "markdownDescription": "The lambda function ARN.", + "title": "LambdaFunctionArn", "type": "string" }, - "GlueCatalogGeneration": { - "markdownDescription": "When true, allows AWS Glue to catalog your S3 bucket. Creating an AWS Glue catalog lets you use Athena to query your data.", - "title": "GlueCatalogGeneration", - "type": "boolean" - }, - "IgnoreHeaderRows": { - "markdownDescription": "When this value is set to 1, AWS DMS ignores the first row header in a .csv file. A value of 1 turns on the feature; a value of 0 turns off the feature.\n\nThe default is 0.", - "title": "IgnoreHeaderRows", - "type": "number" - }, - "IncludeOpForFullLoad": { - "markdownDescription": "A value that enables a full load to write INSERT operations to the comma-separated value (.csv) output files only to indicate how the rows were added to the source database.\n\n> AWS DMS supports the `IncludeOpForFullLoad` parameter in versions 3.1.4 and later. \n\nFor full load, records can only be inserted. By default (the `false` setting), no information is recorded in these output files for a full load to indicate that the rows were inserted at the source database. If `IncludeOpForFullLoad` is set to `true` or `y` , the INSERT is recorded as an I annotation in the first field of the .csv file. This allows the format of your target records from a full load to be consistent with the target records from a CDC load.\n\n> This setting works together with the `CdcInsertsOnly` and the `CdcInsertsAndUpdates` parameters for output to .csv files only. For more information about how these settings work together, see [Indicating Source DB Operations in Migrated S3 Data](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.Configuring.InsertOps) in the *AWS Database Migration Service User Guide* .", - "title": "IncludeOpForFullLoad", - "type": "boolean" - }, - "MaxFileSize": { - "markdownDescription": "A value that specifies the maximum size (in KB) of any .csv file to be created while migrating to an S3 target during full load.\n\nThe default value is 1,048,576 KB (1 GB). Valid values include 1 to 1,048,576.", - "title": "MaxFileSize", - "type": "number" - }, - "ParquetTimestampInMillisecond": { - "markdownDescription": "A value that specifies the precision of any `TIMESTAMP` column values that are written to an Amazon S3 object file in .parquet format.\n\n> AWS DMS supports the `ParquetTimestampInMillisecond` parameter in versions 3.1.4 and later. \n\nWhen `ParquetTimestampInMillisecond` is set to `true` or `y` , AWS DMS writes all `TIMESTAMP` columns in a .parquet formatted file with millisecond precision. Otherwise, DMS writes them with microsecond precision.\n\nCurrently, Amazon Athena and AWS Glue can handle only millisecond precision for `TIMESTAMP` values. Set this parameter to `true` for S3 endpoint object files that are .parquet formatted only if you plan to query or process the data with Athena or AWS Glue .\n\n> AWS DMS writes any `TIMESTAMP` column values written to an S3 file in .csv format with microsecond precision.\n> \n> Setting `ParquetTimestampInMillisecond` has no effect on the string format of the timestamp column value that is inserted by setting the `TimestampColumnName` parameter.", - "title": "ParquetTimestampInMillisecond", - "type": "boolean" - }, - "ParquetVersion": { - "markdownDescription": "The version of the Apache Parquet format that you want to use: `parquet_1_0` (the default) or `parquet_2_0` .", - "title": "ParquetVersion", + "MaximumExecutionFrequency": { + "markdownDescription": "The maximum frequency with which AWS Config runs evaluations for a rule. Your custom rule is triggered when AWS Config delivers the configuration snapshot. For more information, see `ConfigSnapshotDeliveryProperties` .\n\n> By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the `MaximumExecutionFrequency` parameter.", + "title": "MaximumExecutionFrequency", "type": "string" }, - "PreserveTransactions": { - "markdownDescription": "If this setting is set to `true` , AWS DMS saves the transaction order for a change data capture (CDC) load on the Amazon S3 target specified by [`CdcPath`](https://docs.aws.amazon.com/dms/latest/APIReference/API_S3Settings.html#DMS-Type-S3Settings-CdcPath) . For more information, see [Capturing data changes (CDC) including transaction order on the S3 target](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.EndpointSettings.CdcPath) .\n\n> This setting is supported in AWS DMS versions 3.4.2 and later.", - "title": "PreserveTransactions", - "type": "boolean" - }, - "Rfc4180": { - "markdownDescription": "For an S3 source, when this value is set to `true` or `y` , each leading double quotation mark has to be followed by an ending double quotation mark. This formatting complies with RFC 4180. When this value is set to `false` or `n` , string literals are copied to the target as is. In this case, a delimiter (row or column) signals the end of the field. Thus, you can't use a delimiter as part of the string, because it signals the end of the value.\n\nFor an S3 target, an optional parameter used to set behavior to comply with RFC 4180 for data migrated to Amazon S3 using .csv file format only. When this value is set to `true` or `y` using Amazon S3 as a target, if the data has quotation marks or newline characters in it, AWS DMS encloses the entire column with an additional pair of double quotation marks (\"). Every quotation mark within the data is repeated twice.\n\nThe default value is `true` . Valid values include `true` , `false` , `y` , and `n` .", - "title": "Rfc4180", - "type": "boolean" - }, - "RowGroupLength": { - "markdownDescription": "The number of rows in a row group. A smaller row group size provides faster reads. But as the number of row groups grows, the slower writes become. This parameter defaults to 10,000 rows. This number is used for .parquet file format only.\n\nIf you choose a value larger than the maximum, `RowGroupLength` is set to the max row group length in bytes (64 * 1024 * 1024).", - "title": "RowGroupLength", - "type": "number" + "OrganizationConfigRuleTriggerTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The type of notification that triggers AWS Config to run an evaluation for a rule. You can specify the following notification types:\n\n- `ConfigurationItemChangeNotification` - Triggers an evaluation when AWS Config delivers a configuration item as a result of a resource change.\n- `OversizedConfigurationItemChangeNotification` - Triggers an evaluation when AWS Config delivers an oversized configuration item. AWS Config may generate this notification type when a resource changes and the notification exceeds the maximum size allowed by Amazon SNS.\n- `ScheduledNotification` - Triggers a periodic evaluation at the frequency specified for `MaximumExecutionFrequency` .", + "title": "OrganizationConfigRuleTriggerTypes", + "type": "array" }, - "ServerSideEncryptionKmsKeyId": { - "markdownDescription": "If you are using `SSE_KMS` for the `EncryptionMode` , provide the AWS KMS key ID. The key that you use needs an attached policy that enables IAM user permissions and allows use of the key.\n\nHere is a CLI example: `aws dms create-endpoint --endpoint-identifier *value* --endpoint-type target --engine-name s3 --s3-settings ServiceAccessRoleArn= *value* ,BucketFolder= *value* ,BucketName= *value* ,EncryptionMode=SSE_KMS,ServerSideEncryptionKmsKeyId= *value*`", - "title": "ServerSideEncryptionKmsKeyId", + "ResourceIdScope": { + "markdownDescription": "The ID of the AWS resource that was evaluated.", + "title": "ResourceIdScope", "type": "string" }, - "ServiceAccessRoleArn": { - "markdownDescription": "A required parameter that specifies the Amazon Resource Name (ARN) used by the service to access the IAM role. The role must allow the `iam:PassRole` action. It enables AWS DMS to read and write objects from an S3 bucket.", - "title": "ServiceAccessRoleArn", - "type": "string" + "ResourceTypesScope": { + "items": { + "type": "string" + }, + "markdownDescription": "The type of the AWS resource that was evaluated.", + "title": "ResourceTypesScope", + "type": "array" }, - "TimestampColumnName": { - "markdownDescription": "A value that when nonblank causes AWS DMS to add a column with timestamp information to the endpoint data for an Amazon S3 target.\n\n> AWS DMS supports the `TimestampColumnName` parameter in versions 3.1.4 and later. \n\nAWS DMS includes an additional `STRING` column in the .csv or .parquet object files of your migrated data when you set `TimestampColumnName` to a nonblank value.\n\nFor a full load, each row of this timestamp column contains a timestamp for when the data was transferred from the source to the target by DMS.\n\nFor a change data capture (CDC) load, each row of the timestamp column contains the timestamp for the commit of that row in the source database.\n\nThe string format for this timestamp column value is `yyyy-MM-dd HH:mm:ss.SSSSSS` . By default, the precision of this value is in microseconds. For a CDC load, the rounding of the precision depends on the commit timestamp supported by DMS for the source database.\n\nWhen the `AddColumnName` parameter is set to `true` , DMS also includes a name for the timestamp column that you set with `TimestampColumnName` .", - "title": "TimestampColumnName", + "TagKeyScope": { + "markdownDescription": "One part of a key-value pair that make up a tag. A key is a general label that acts like a category for more specific tag values.", + "title": "TagKeyScope", "type": "string" }, - "UseCsvNoSupValue": { - "markdownDescription": "This setting applies if the S3 output files during a change data capture (CDC) load are written in .csv format. If this setting is set to `true` for columns not included in the supplemental log, AWS DMS uses the value specified by [`CsvNoSupValue`](https://docs.aws.amazon.com/dms/latest/APIReference/API_S3Settings.html#DMS-Type-S3Settings-CsvNoSupValue) . If this setting isn't set or is set to `false` , AWS DMS uses the null value for these columns.\n\n> This setting is supported in AWS DMS versions 3.4.1 and later.", - "title": "UseCsvNoSupValue", - "type": "boolean" - }, - "UseTaskStartTimeForFullLoadTimestamp": { - "markdownDescription": "When set to true, this parameter uses the task start time as the timestamp column value instead of the time data is written to target. For full load, when `useTaskStartTimeForFullLoadTimestamp` is set to `true` , each row of the timestamp column contains the task start time. For CDC loads, each row of the timestamp column contains the transaction commit time.\n\nWhen `useTaskStartTimeForFullLoadTimestamp` is set to `false` , the full load timestamp in the timestamp column increments with the time data arrives at the target.", - "title": "UseTaskStartTimeForFullLoadTimestamp", - "type": "boolean" + "TagValueScope": { + "markdownDescription": "The optional part of a key-value pair that make up a tag. A value acts as a descriptor within a tag category (key).", + "title": "TagValueScope", + "type": "string" } }, + "required": [ + "LambdaFunctionArn", + "OrganizationConfigRuleTriggerTypes" + ], "type": "object" }, - "AWS::DMS::Endpoint.SybaseSettings": { + "AWS::Config::OrganizationConfigRule.OrganizationManagedRuleMetadata": { "additionalProperties": false, "properties": { - "SecretsManagerAccessRoleArn": { - "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the SAP ASE endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", - "title": "SecretsManagerAccessRoleArn", + "Description": { + "markdownDescription": "The description that you provide for your organization AWS Config rule.", + "title": "Description", "type": "string" }, - "SecretsManagerSecretId": { - "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the SAP SAE endpoint connection details.", - "title": "SecretsManagerSecretId", + "InputParameters": { + "markdownDescription": "A string, in JSON format, that is passed to your organization AWS Config rule Lambda function.", + "title": "InputParameters", + "type": "string" + }, + "MaximumExecutionFrequency": { + "markdownDescription": "The maximum frequency with which AWS Config runs evaluations for a rule. This is for an AWS Config managed rule that is triggered at a periodic frequency.\n\n> By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the `MaximumExecutionFrequency` parameter.", + "title": "MaximumExecutionFrequency", + "type": "string" + }, + "ResourceIdScope": { + "markdownDescription": "The ID of the AWS resource that was evaluated.", + "title": "ResourceIdScope", + "type": "string" + }, + "ResourceTypesScope": { + "items": { + "type": "string" + }, + "markdownDescription": "The type of the AWS resource that was evaluated.", + "title": "ResourceTypesScope", + "type": "array" + }, + "RuleIdentifier": { + "markdownDescription": "For organization config managed rules, a predefined identifier from a list. For example, `IAM_PASSWORD_POLICY` is a managed rule. To reference a managed rule, see [Using AWS Config managed rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html) .", + "title": "RuleIdentifier", + "type": "string" + }, + "TagKeyScope": { + "markdownDescription": "One part of a key-value pair that make up a tag. A key is a general label that acts like a category for more specific tag values.", + "title": "TagKeyScope", + "type": "string" + }, + "TagValueScope": { + "markdownDescription": "The optional part of a key-value pair that make up a tag. A value acts as a descriptor within a tag category (key).", + "title": "TagValueScope", "type": "string" } }, + "required": [ + "RuleIdentifier" + ], "type": "object" }, - "AWS::DMS::EventSubscription": { + "AWS::Config::OrganizationConformancePack": { "additionalProperties": false, "properties": { "Condition": { @@ -58049,59 +63758,56 @@ "Properties": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Indicates whether to activate the subscription. If you don't specify this property, AWS CloudFormation activates the subscription.", - "title": "Enabled", - "type": "boolean" - }, - "EventCategories": { + "ConformancePackInputParameters": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Config::OrganizationConformancePack.ConformancePackInputParameter" }, - "markdownDescription": "A list of event categories for a source type that you want to subscribe to. If you don't specify this property, you are notified about all event categories. For more information, see [Working with Events and Notifications](https://docs.aws.amazon.com//dms/latest/userguide/CHAP_Events.html) in the *AWS DMS User Guide* .", - "title": "EventCategories", + "markdownDescription": "A list of `ConformancePackInputParameter` objects.", + "title": "ConformancePackInputParameters", "type": "array" }, - "SnsTopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic created for event notification. The ARN is created by Amazon SNS when you create a topic and subscribe to it.", - "title": "SnsTopicArn", + "DeliveryS3Bucket": { + "markdownDescription": "The name of the Amazon S3 bucket where AWS Config stores conformance pack templates.\n\n> This field is optional.", + "title": "DeliveryS3Bucket", "type": "string" }, - "SourceIds": { + "DeliveryS3KeyPrefix": { + "markdownDescription": "Any folder structure you want to add to an Amazon S3 bucket.\n\n> This field is optional.", + "title": "DeliveryS3KeyPrefix", + "type": "string" + }, + "ExcludedAccounts": { "items": { "type": "string" }, - "markdownDescription": "A list of identifiers for which AWS DMS provides notification events.\n\nIf you don't specify a value, notifications are provided for all sources.\n\nIf you specify multiple values, they must be of the same type. For example, if you specify a database instance ID, then all of the other values must be database instance IDs.", - "title": "SourceIds", + "markdownDescription": "A comma-separated list of accounts excluded from organization conformance pack.", + "title": "ExcludedAccounts", "type": "array" }, - "SourceType": { - "markdownDescription": "The type of AWS DMS resource that generates the events. For example, if you want to be notified of events generated by a replication instance, you set this parameter to `replication-instance` . If this value isn't specified, all events are returned.\n\n*Valid values* : `replication-instance` | `replication-task`", - "title": "SourceType", + "OrganizationConformancePackName": { + "markdownDescription": "The name you assign to an organization conformance pack.", + "title": "OrganizationConformancePackName", "type": "string" }, - "SubscriptionName": { - "markdownDescription": "The name of the AWS DMS event notification subscription. This name must be less than 255 characters.", - "title": "SubscriptionName", + "TemplateBody": { + "markdownDescription": "A string containing full conformance pack template body. Structure containing the template body with a minimum length of 1 byte and a maximum length of 51,200 bytes.", + "title": "TemplateBody", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "One or more tags to be assigned to the event subscription.", - "title": "Tags", - "type": "array" + "TemplateS3Uri": { + "markdownDescription": "Location of file containing the template body. The uri must point to the conformance pack template (max size: 300 KB).", + "title": "TemplateS3Uri", + "type": "string" } }, "required": [ - "SnsTopicArn" + "OrganizationConformancePackName" ], "type": "object" }, "Type": { "enum": [ - "AWS::DMS::EventSubscription" + "AWS::Config::OrganizationConformancePack" ], "type": "string" }, @@ -58120,7 +63826,27 @@ ], "type": "object" }, - "AWS::DMS::InstanceProfile": { + "AWS::Config::OrganizationConformancePack.ConformancePackInputParameter": { + "additionalProperties": false, + "properties": { + "ParameterName": { + "markdownDescription": "One part of a key-value pair.", + "title": "ParameterName", + "type": "string" + }, + "ParameterValue": { + "markdownDescription": "One part of a key-value pair.", + "title": "ParameterValue", + "type": "string" + } + }, + "required": [ + "ParameterName", + "ParameterValue" + ], + "type": "object" + }, + "AWS::Config::RemediationConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -58155,68 +63881,67 @@ "Properties": { "additionalProperties": false, "properties": { - "AvailabilityZone": { - "markdownDescription": "The Availability Zone where the instance profile runs.", - "title": "AvailabilityZone", - "type": "string" + "Automatic": { + "markdownDescription": "The remediation is triggered automatically.", + "title": "Automatic", + "type": "boolean" }, - "Description": { - "markdownDescription": "A description of the instance profile. Descriptions can have up to 31 characters. A description can contain only ASCII letters, digits, and hyphens ('-'). Also, it can't end with a hyphen or contain two consecutive hyphens, and can only begin with a letter.", - "title": "Description", + "ConfigRuleName": { + "markdownDescription": "The name of the AWS Config rule.", + "title": "ConfigRuleName", "type": "string" }, - "InstanceProfileIdentifier": { - "markdownDescription": "The identifier of the instance profile. Identifiers must begin with a letter and must contain only ASCII letters, digits, and hyphens. They can't end with a hyphen, or contain two consecutive hyphens.", - "title": "InstanceProfileIdentifier", - "type": "string" + "ExecutionControls": { + "$ref": "#/definitions/AWS::Config::RemediationConfiguration.ExecutionControls", + "markdownDescription": "An ExecutionControls object.", + "title": "ExecutionControls" }, - "InstanceProfileName": { - "markdownDescription": "The user-friendly name for the instance profile.", - "title": "InstanceProfileName", - "type": "string" + "MaximumAutomaticAttempts": { + "markdownDescription": "The maximum number of failed attempts for auto-remediation. If you do not select a number, the default is 5.\n\nFor example, if you specify MaximumAutomaticAttempts as 5 with RetryAttemptSeconds as 50 seconds, AWS Config will put a RemediationException on your behalf for the failing resource after the 5th failed attempt within 50 seconds.", + "title": "MaximumAutomaticAttempts", + "type": "number" }, - "KmsKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key that is used to encrypt the connection parameters for the instance profile.\n\nIf you don't specify a value for the `KmsKeyArn` parameter, then AWS DMS uses your default encryption key.\n\nAWS KMS creates the default encryption key for your AWS account . Your AWS account has a different default encryption key for each AWS Region .", - "title": "KmsKeyArn", - "type": "string" + "Parameters": { + "markdownDescription": "An object of the RemediationParameterValue. For more information, see [RemediationParameterValue](https://docs.aws.amazon.com/config/latest/APIReference/API_RemediationParameterValue.html) .\n\n> The type is a map of strings to RemediationParameterValue.", + "title": "Parameters", + "type": "object" }, - "NetworkType": { - "markdownDescription": "Specifies the network type for the instance profile. A value of `IPV4` represents an instance profile with IPv4 network type and only supports IPv4 addressing. A value of `IPV6` represents an instance profile with IPv6 network type and only supports IPv6 addressing. A value of `DUAL` represents an instance profile with dual network type that supports IPv4 and IPv6 addressing.", - "title": "NetworkType", + "ResourceType": { + "markdownDescription": "The type of a resource.", + "title": "ResourceType", "type": "string" }, - "PubliclyAccessible": { - "markdownDescription": "Specifies the accessibility options for the instance profile. A value of `true` represents an instance profile with a public IP address. A value of `false` represents an instance profile with a private IP address. The default value is `true` .", - "title": "PubliclyAccessible", - "type": "boolean" + "RetryAttemptSeconds": { + "markdownDescription": "Time window to determine whether or not to add a remediation exception to prevent infinite remediation attempts. If `MaximumAutomaticAttempts` remediation attempts have been made under `RetryAttemptSeconds` , a remediation exception will be added to the resource. If you do not select a number, the default is 60 seconds.\n\nFor example, if you specify `RetryAttemptSeconds` as 50 seconds and `MaximumAutomaticAttempts` as 5, AWS Config will run auto-remediations 5 times within 50 seconds before adding a remediation exception to the resource.", + "title": "RetryAttemptSeconds", + "type": "number" }, - "SubnetGroupIdentifier": { - "markdownDescription": "The identifier of the subnet group that is associated with the instance profile.", - "title": "SubnetGroupIdentifier", + "TargetId": { + "markdownDescription": "Target ID is the name of the SSM document.", + "title": "TargetId", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "", - "title": "Tags", - "type": "array" + "TargetType": { + "markdownDescription": "The type of the target. Target executes remediation. For example, SSM document.", + "title": "TargetType", + "type": "string" }, - "VpcSecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "The VPC security groups that are used with the instance profile. The VPC security group must work with the VPC containing the instance profile.", - "title": "VpcSecurityGroups", - "type": "array" + "TargetVersion": { + "markdownDescription": "Version of the target. For example, version of the SSM document.\n\n> If you make backward incompatible changes to the SSM document, you must call PutRemediationConfiguration API again to ensure the remediations can run.", + "title": "TargetVersion", + "type": "string" } }, + "required": [ + "ConfigRuleName", + "TargetId", + "TargetType" + ], "type": "object" }, "Type": { "enum": [ - "AWS::DMS::InstanceProfile" + "AWS::Config::RemediationConfiguration" ], "type": "string" }, @@ -58230,11 +63955,76 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::DMS::MigrationProject": { + "AWS::Config::RemediationConfiguration.ExecutionControls": { + "additionalProperties": false, + "properties": { + "SsmControls": { + "$ref": "#/definitions/AWS::Config::RemediationConfiguration.SsmControls", + "markdownDescription": "A SsmControls object.", + "title": "SsmControls" + } + }, + "type": "object" + }, + "AWS::Config::RemediationConfiguration.RemediationParameterValue": { + "additionalProperties": false, + "properties": { + "ResourceValue": { + "$ref": "#/definitions/AWS::Config::RemediationConfiguration.ResourceValue", + "markdownDescription": "The value is dynamic and changes at run-time.", + "title": "ResourceValue" + }, + "StaticValue": { + "$ref": "#/definitions/AWS::Config::RemediationConfiguration.StaticValue", + "markdownDescription": "The value is static and does not change at run-time.", + "title": "StaticValue" + } + }, + "type": "object" + }, + "AWS::Config::RemediationConfiguration.ResourceValue": { + "additionalProperties": false, + "properties": { + "Value": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::Config::RemediationConfiguration.SsmControls": { + "additionalProperties": false, + "properties": { + "ConcurrentExecutionRatePercentage": { + "markdownDescription": "The maximum percentage of remediation actions allowed to run in parallel on the non-compliant resources for that specific rule. You can specify a percentage, such as 10%. The default value is 10.", + "title": "ConcurrentExecutionRatePercentage", + "type": "number" + }, + "ErrorPercentage": { + "markdownDescription": "The percentage of errors that are allowed before SSM stops running automations on non-compliant resources for that specific rule. You can specify a percentage of errors, for example 10%. If you do not specifiy a percentage, the default is 50%. For example, if you set the ErrorPercentage to 40% for 10 non-compliant resources, then SSM stops running the automations when the fifth error is received.", + "title": "ErrorPercentage", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Config::RemediationConfiguration.StaticValue": { + "additionalProperties": false, + "properties": { + "Values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "AWS::Config::StoredQuery": { "additionalProperties": false, "properties": { "Condition": { @@ -58269,76 +64059,39 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A user-friendly description of the migration project.", - "title": "Description", - "type": "string" - }, - "InstanceProfileArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the instance profile for your migration project.", - "title": "InstanceProfileArn", - "type": "string" - }, - "InstanceProfileIdentifier": { - "markdownDescription": "The identifier of the instance profile for your migration project.", - "title": "InstanceProfileIdentifier", - "type": "string" - }, - "InstanceProfileName": { - "markdownDescription": "The name of the associated instance profile.", - "title": "InstanceProfileName", + "QueryDescription": { + "markdownDescription": "A unique description for the query.", + "title": "QueryDescription", "type": "string" }, - "MigrationProjectIdentifier": { - "markdownDescription": "The identifier of the migration project. Identifiers must begin with a letter and must contain only ASCII letters, digits, and hyphens. They can't end with a hyphen, or contain two consecutive hyphens.", - "title": "MigrationProjectIdentifier", + "QueryExpression": { + "markdownDescription": "The expression of the query. For example, `SELECT resourceId, resourceType, supplementaryConfiguration.BucketVersioningConfiguration.status WHERE resourceType = 'AWS::S3::Bucket' AND supplementaryConfiguration.BucketVersioningConfiguration.status = 'Off'.`", + "title": "QueryExpression", "type": "string" }, - "MigrationProjectName": { - "markdownDescription": "The name of the migration project.", - "title": "MigrationProjectName", + "QueryName": { + "markdownDescription": "The name of the query.", + "title": "QueryName", "type": "string" }, - "SchemaConversionApplicationAttributes": { - "$ref": "#/definitions/AWS::DMS::MigrationProject.SchemaConversionApplicationAttributes", - "markdownDescription": "The schema conversion application attributes, including the Amazon S3 bucket name and Amazon S3 role ARN.", - "title": "SchemaConversionApplicationAttributes" - }, - "SourceDataProviderDescriptors": { - "items": { - "$ref": "#/definitions/AWS::DMS::MigrationProject.DataProviderDescriptor" - }, - "markdownDescription": "Information about the source data provider, including the name or ARN, and AWS Secrets Manager parameters.", - "title": "SourceDataProviderDescriptors", - "type": "array" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "", + "markdownDescription": "An array of key-value pairs to apply to this resource.", "title": "Tags", "type": "array" - }, - "TargetDataProviderDescriptors": { - "items": { - "$ref": "#/definitions/AWS::DMS::MigrationProject.DataProviderDescriptor" - }, - "markdownDescription": "Information about the target data provider, including the name or ARN, and AWS Secrets Manager parameters.", - "title": "TargetDataProviderDescriptors", - "type": "array" - }, - "TransformationRules": { - "markdownDescription": "The settings in JSON format for migration rules. Migration rules make it possible for you to change the object names according to the rules that you specify. For example, you can change an object name to lowercase or uppercase, add or remove a prefix or suffix, or rename objects.", - "title": "TransformationRules", - "type": "string" } }, + "required": [ + "QueryExpression", + "QueryName" + ], "type": "object" }, "Type": { "enum": [ - "AWS::DMS::MigrationProject" + "AWS::Config::StoredQuery" ], "type": "string" }, @@ -58352,58 +64105,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::DMS::MigrationProject.DataProviderDescriptor": { - "additionalProperties": false, - "properties": { - "DataProviderArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the data provider.", - "title": "DataProviderArn", - "type": "string" - }, - "DataProviderIdentifier": { - "markdownDescription": "", - "title": "DataProviderIdentifier", - "type": "string" - }, - "DataProviderName": { - "markdownDescription": "The user-friendly name of the data provider.", - "title": "DataProviderName", - "type": "string" - }, - "SecretsManagerAccessRoleArn": { - "markdownDescription": "The ARN of the role used to access AWS Secrets Manager.", - "title": "SecretsManagerAccessRoleArn", - "type": "string" - }, - "SecretsManagerSecretId": { - "markdownDescription": "The identifier of the AWS Secrets Manager Secret used to store access credentials for the data provider.", - "title": "SecretsManagerSecretId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::DMS::MigrationProject.SchemaConversionApplicationAttributes": { - "additionalProperties": false, - "properties": { - "S3BucketPath": { - "markdownDescription": "", - "title": "S3BucketPath", - "type": "string" - }, - "S3BucketRoleArn": { - "markdownDescription": "", - "title": "S3BucketRoleArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::DMS::ReplicationConfig": { + "AWS::Connect::AgentStatus": { "additionalProperties": false, "properties": { "Condition": { @@ -58438,68 +64145,60 @@ "Properties": { "additionalProperties": false, "properties": { - "ComputeConfig": { - "$ref": "#/definitions/AWS::DMS::ReplicationConfig.ComputeConfig", - "markdownDescription": "Configuration parameters for provisioning an AWS DMS Serverless replication.", - "title": "ComputeConfig" - }, - "ReplicationConfigArn": { - "type": "string" - }, - "ReplicationConfigIdentifier": { - "markdownDescription": "A unique identifier that you want to use to create a `ReplicationConfigArn` that is returned as part of the output from this action. You can then pass this output `ReplicationConfigArn` as the value of the `ReplicationConfigArn` option for other actions to identify both AWS DMS Serverless replications and replication configurations that you want those actions to operate on. For some actions, you can also use either this unique identifier or a corresponding ARN in action filters to identify the specific replication and replication configuration to operate on.", - "title": "ReplicationConfigIdentifier", + "Description": { + "markdownDescription": "The description of the agent status.", + "title": "Description", "type": "string" }, - "ReplicationSettings": { - "markdownDescription": "Optional JSON settings for AWS DMS Serverless replications that are provisioned using this replication configuration. For example, see [Change processing tuning settings](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TaskSettings.ChangeProcessingTuning.html) .", - "title": "ReplicationSettings", - "type": "object" - }, - "ReplicationType": { - "markdownDescription": "The type of AWS DMS Serverless replication to provision using this replication configuration.\n\nPossible values:\n\n- `\"full-load\"`\n- `\"cdc\"`\n- `\"full-load-and-cdc\"`", - "title": "ReplicationType", - "type": "string" + "DisplayOrder": { + "markdownDescription": "The display order of the agent status.", + "title": "DisplayOrder", + "type": "number" }, - "ResourceIdentifier": { - "markdownDescription": "Optional unique value or name that you set for a given resource that can be used to construct an Amazon Resource Name (ARN) for that resource. For more information, see [Fine-grained access control using resource names and tags](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#CHAP_Security.FineGrainedAccess) .", - "title": "ResourceIdentifier", + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", + "title": "InstanceArn", "type": "string" }, - "SourceEndpointArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the source endpoint for this AWS DMS Serverless replication configuration.", - "title": "SourceEndpointArn", + "Name": { + "markdownDescription": "The name of the agent status.", + "title": "Name", "type": "string" }, - "SupplementalSettings": { - "markdownDescription": "Optional JSON settings for specifying supplemental data. For more information, see [Specifying supplemental data for task settings](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.TaskData.html) .", - "title": "SupplementalSettings", - "type": "object" + "ResetOrderNumber": { + "markdownDescription": "A number indicating the reset order of the agent status.", + "title": "ResetOrderNumber", + "type": "boolean" }, - "TableMappings": { - "markdownDescription": "JSON table mappings for AWS DMS Serverless replications that are provisioned using this replication configuration. For more information, see [Specifying table selection and transformations rules using JSON](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TableMapping.SelectionTransformation.html) .", - "title": "TableMappings", - "type": "object" + "State": { + "markdownDescription": "The state of the agent status.", + "title": "State", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "One or more optional tags associated with resources used by the AWS DMS Serverless replication. For more information, see [Tagging resources in AWS Database Migration Service](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tagging.html) .", + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"Tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" }, - "TargetEndpointArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the target endpoint for this AWS DMS serverless replication configuration.", - "title": "TargetEndpointArn", + "Type": { + "markdownDescription": "The type of agent status.", + "title": "Type", "type": "string" } }, + "required": [ + "InstanceArn", + "Name", + "State" + ], "type": "object" }, "Type": { "enum": [ - "AWS::DMS::ReplicationConfig" + "AWS::Connect::AgentStatus" ], "type": "string" }, @@ -58513,68 +64212,85 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::DMS::ReplicationConfig.ComputeConfig": { + "AWS::Connect::ApprovedOrigin": { "additionalProperties": false, "properties": { - "AvailabilityZone": { - "markdownDescription": "The Availability Zone where the AWS DMS Serverless replication using this configuration will run. The default value is a random, system-chosen Availability Zone in the configuration's AWS Region , for example, `\"us-west-2\"` . You can't set this parameter if the `MultiAZ` parameter is set to `true` .", - "title": "AvailabilityZone", - "type": "string" - }, - "DnsNameServers": { - "markdownDescription": "A list of custom DNS name servers supported for the AWS DMS Serverless replication to access your source or target database. This list overrides the default name servers supported by the AWS DMS Serverless replication. You can specify a comma-separated list of internet addresses for up to four DNS name servers. For example: `\"1.1.1.1,2.2.2.2,3.3.3.3,4.4.4.4\"`", - "title": "DnsNameServers", + "Condition": { "type": "string" }, - "KmsKeyId": { - "markdownDescription": "An AWS Key Management Service ( AWS KMS ) key Amazon Resource Name (ARN) that is used to encrypt the data during AWS DMS Serverless replication.\n\nIf you don't specify a value for the `KmsKeyId` parameter, AWS DMS uses your default encryption key.\n\nAWS KMS creates the default encryption key for your Amazon Web Services account. Your AWS account has a different default encryption key for each AWS Region .", - "title": "KmsKeyId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "MaxCapacityUnits": { - "markdownDescription": "Specifies the maximum value of the AWS DMS capacity units (DCUs) for which a given AWS DMS Serverless replication can be provisioned. A single DCU is 2GB of RAM, with 1 DCU as the minimum value allowed. The list of valid DCU values includes 1, 2, 4, 8, 16, 32, 64, 128, 192, 256, and 384. So, the maximum value that you can specify for AWS DMS Serverless is 384. The `MaxCapacityUnits` parameter is the only DCU parameter you are required to specify.", - "title": "MaxCapacityUnits", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "MinCapacityUnits": { - "markdownDescription": "Specifies the minimum value of the AWS DMS capacity units (DCUs) for which a given AWS DMS Serverless replication can be provisioned. A single DCU is 2GB of RAM, with 1 DCU as the minimum value allowed. The list of valid DCU values includes 1, 2, 4, 8, 16, 32, 64, 128, 192, 256, and 384. So, the minimum DCU value that you can specify for AWS DMS Serverless is 1. If you don't set this value, AWS DMS sets this parameter to the minimum DCU value allowed, 1. If there is no current source activity, AWS DMS scales down your replication until it reaches the value specified in `MinCapacityUnits` .", - "title": "MinCapacityUnits", - "type": "number" + "Metadata": { + "type": "object" }, - "MultiAZ": { - "markdownDescription": "Specifies whether the AWS DMS Serverless replication is a Multi-AZ deployment. You can't set the `AvailabilityZone` parameter if the `MultiAZ` parameter is set to `true` .", - "title": "MultiAZ", - "type": "boolean" + "Properties": { + "additionalProperties": false, + "properties": { + "InstanceId": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance.\n\n*Minimum* : `1`\n\n*Maximum* : `100`", + "title": "InstanceId", + "type": "string" + }, + "Origin": { + "markdownDescription": "Domain name to be added to the allow-list of the instance.\n\n*Maximum* : `267`", + "title": "Origin", + "type": "string" + } + }, + "required": [ + "InstanceId", + "Origin" + ], + "type": "object" }, - "PreferredMaintenanceWindow": { - "markdownDescription": "The weekly time range during which system maintenance can occur for the AWS DMS Serverless replication, in Universal Coordinated Time (UTC). The format is `ddd:hh24:mi-ddd:hh24:mi` .\n\nThe default is a 30-minute window selected at random from an 8-hour block of time per AWS Region . This maintenance occurs on a random day of the week. Valid values for days of the week include `Mon` , `Tue` , `Wed` , `Thu` , `Fri` , `Sat` , and `Sun` .\n\nConstraints include a minimum 30-minute window.", - "title": "PreferredMaintenanceWindow", + "Type": { + "enum": [ + "AWS::Connect::ApprovedOrigin" + ], "type": "string" }, - "ReplicationSubnetGroupId": { - "markdownDescription": "Specifies a subnet group identifier to associate with the AWS DMS Serverless replication.", - "title": "ReplicationSubnetGroupId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "VpcSecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the virtual private cloud (VPC) security group to use with the AWS DMS Serverless replication. The VPC security group must work with the VPC containing the replication.", - "title": "VpcSecurityGroupIds", - "type": "array" } }, "required": [ - "MaxCapacityUnits" + "Type", + "Properties" ], "type": "object" }, - "AWS::DMS::ReplicationInstance": { + "AWS::Connect::ContactFlow": { "additionalProperties": false, "properties": { "Condition": { @@ -58609,96 +64325,56 @@ "Properties": { "additionalProperties": false, "properties": { - "AllocatedStorage": { - "markdownDescription": "The amount of storage (in gigabytes) to be initially allocated for the replication instance.", - "title": "AllocatedStorage", - "type": "number" - }, - "AllowMajorVersionUpgrade": { - "markdownDescription": "Indicates that major version upgrades are allowed. Changing this parameter does not result in an outage, and the change is asynchronously applied as soon as possible.\n\nThis parameter must be set to `true` when specifying a value for the `EngineVersion` parameter that is a different major version than the replication instance's current version.", - "title": "AllowMajorVersionUpgrade", - "type": "boolean" - }, - "AutoMinorVersionUpgrade": { - "markdownDescription": "A value that indicates whether minor engine upgrades are applied automatically to the replication instance during the maintenance window. This parameter defaults to `true` .\n\nDefault: `true`", - "title": "AutoMinorVersionUpgrade", - "type": "boolean" - }, - "AvailabilityZone": { - "markdownDescription": "The Availability Zone that the replication instance will be created in.\n\nThe default value is a random, system-chosen Availability Zone in the endpoint's AWS Region , for example `us-east-1d` .", - "title": "AvailabilityZone", - "type": "string" - }, - "EngineVersion": { - "markdownDescription": "The engine version number of the replication instance.\n\nIf an engine version number is not specified when a replication instance is created, the default is the latest engine version available.", - "title": "EngineVersion", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "An AWS KMS key identifier that is used to encrypt the data on the replication instance.\n\nIf you don't specify a value for the `KmsKeyId` parameter, AWS DMS uses your default encryption key.\n\nAWS KMS creates the default encryption key for your AWS account . Your AWS account has a different default encryption key for each AWS Region .", - "title": "KmsKeyId", - "type": "string" - }, - "MultiAZ": { - "markdownDescription": "Specifies whether the replication instance is a Multi-AZ deployment. You can't set the `AvailabilityZone` parameter if the Multi-AZ parameter is set to `true` .", - "title": "MultiAZ", - "type": "boolean" - }, - "PreferredMaintenanceWindow": { - "markdownDescription": "The weekly time range during which system maintenance can occur, in UTC.\n\n*Format* : `ddd:hh24:mi-ddd:hh24:mi`\n\n*Default* : A 30-minute window selected at random from an 8-hour block of time per AWS Region , occurring on a random day of the week.\n\n*Valid days* ( `ddd` ): `Mon` | `Tue` | `Wed` | `Thu` | `Fri` | `Sat` | `Sun`\n\n*Constraints* : Minimum 30-minute window.", - "title": "PreferredMaintenanceWindow", + "Content": { + "markdownDescription": "The content of the flow.\n\nFor more information, see [Amazon Connect Flow language](https://docs.aws.amazon.com/connect/latest/adminguide/flow-language.html) in the *Amazon Connect Administrator Guide* .", + "title": "Content", "type": "string" }, - "PubliclyAccessible": { - "markdownDescription": "Specifies the accessibility options for the replication instance. A value of `true` represents an instance with a public IP address. A value of `false` represents an instance with a private IP address. The default value is `true` .", - "title": "PubliclyAccessible", - "type": "boolean" - }, - "ReplicationInstanceClass": { - "markdownDescription": "The compute and memory capacity of the replication instance as defined for the specified replication instance class. For example, to specify the instance class dms.c4.large, set this parameter to `\"dms.c4.large\"` . For more information on the settings and capacities for the available replication instance classes, see [Selecting the right AWS DMS replication instance for your migration](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_ReplicationInstance.html#CHAP_ReplicationInstance.InDepth) in the *AWS Database Migration Service User Guide* .", - "title": "ReplicationInstanceClass", + "Description": { + "markdownDescription": "The description of the flow.", + "title": "Description", "type": "string" }, - "ReplicationInstanceIdentifier": { - "markdownDescription": "The replication instance identifier. This parameter is stored as a lowercase string.\n\nConstraints:\n\n- Must contain 1-63 alphanumeric characters or hyphens.\n- First character must be a letter.\n- Can't end with a hyphen or contain two consecutive hyphens.\n\nExample: `myrepinstance`", - "title": "ReplicationInstanceIdentifier", + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Connect instance.", + "title": "InstanceArn", "type": "string" }, - "ReplicationSubnetGroupIdentifier": { - "markdownDescription": "A subnet group to associate with the replication instance.", - "title": "ReplicationSubnetGroupIdentifier", + "Name": { + "markdownDescription": "The name of the flow.", + "title": "Name", "type": "string" }, - "ResourceIdentifier": { - "markdownDescription": "A display name for the resource identifier at the end of the `EndpointArn` response parameter that is returned in the created `Endpoint` object. The value for this parameter can have up to 31 characters. It can contain only ASCII letters, digits, and hyphen ('-'). Also, it can't end with a hyphen or contain two consecutive hyphens, and can only begin with a letter, such as `Example-App-ARN1` . For example, this value might result in the `EndpointArn` value `arn:aws:dms:eu-west-1:012345678901:rep:Example-App-ARN1` . If you don't specify a `ResourceIdentifier` value, AWS DMS generates a default identifier value for the end of `EndpointArn` .", - "title": "ResourceIdentifier", + "State": { + "markdownDescription": "The state of the flow.", + "title": "State", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "One or more tags to be assigned to the replication instance.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" }, - "VpcSecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the virtual private cloud (VPC) security group to be used with the replication instance. The VPC security group must work with the VPC containing the replication instance.", - "title": "VpcSecurityGroupIds", - "type": "array" + "Type": { + "markdownDescription": "The type of the flow. For descriptions of the available types, see [Choose a flow type](https://docs.aws.amazon.com/connect/latest/adminguide/create-contact-flow.html#contact-flow-types) in the *Amazon Connect Administrator Guide* .", + "title": "Type", + "type": "string" } }, "required": [ - "ReplicationInstanceClass" + "Content", + "InstanceArn", + "Name", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::DMS::ReplicationInstance" + "AWS::Connect::ContactFlow" ], "type": "string" }, @@ -58717,7 +64393,7 @@ ], "type": "object" }, - "AWS::DMS::ReplicationSubnetGroup": { + "AWS::Connect::ContactFlowModule": { "additionalProperties": false, "properties": { "Condition": { @@ -58752,42 +64428,50 @@ "Properties": { "additionalProperties": false, "properties": { - "ReplicationSubnetGroupDescription": { - "markdownDescription": "The description for the subnet group.", - "title": "ReplicationSubnetGroupDescription", + "Content": { + "markdownDescription": "The content of the flow module.", + "title": "Content", "type": "string" }, - "ReplicationSubnetGroupIdentifier": { - "markdownDescription": "The identifier for the replication subnet group. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the identifier.", - "title": "ReplicationSubnetGroupIdentifier", + "Description": { + "markdownDescription": "The description of the flow module.", + "title": "Description", "type": "string" }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more subnet IDs to be assigned to the subnet group.", - "title": "SubnetIds", - "type": "array" + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Connect instance.", + "title": "InstanceArn", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the flow module.", + "title": "Name", + "type": "string" + }, + "State": { + "markdownDescription": "The state of the flow module.", + "title": "State", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "One or more tags to be assigned to the subnet group.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ - "ReplicationSubnetGroupDescription", - "SubnetIds" + "Content", + "InstanceArn", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::DMS::ReplicationSubnetGroup" + "AWS::Connect::ContactFlowModule" ], "type": "string" }, @@ -58806,7 +64490,7 @@ ], "type": "object" }, - "AWS::DMS::ReplicationTask": { + "AWS::Connect::ContactFlowVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -58841,87 +64525,116 @@ "Properties": { "additionalProperties": false, "properties": { - "CdcStartPosition": { - "markdownDescription": "Indicates when you want a change data capture (CDC) operation to start. Use either `CdcStartPosition` or `CdcStartTime` to specify when you want a CDC operation to start. Specifying both values results in an error.\n\nThe value can be in date, checkpoint, log sequence number (LSN), or system change number (SCN) format.\n\nHere is a date example: `--cdc-start-position \"2018-03-08T12:12:12\"`\n\nHere is a checkpoint example: `--cdc-start-position \"checkpoint:V1#27#mysql-bin-changelog.157832:1975:-1:2002:677883278264080:mysql-bin-changelog.157832:1876#0#0#*#0#93\"`\n\nHere is an LSN example: `--cdc-start-position \u201cmysql-bin-changelog.000024:373\u201d`\n\n> When you use this task setting with a source PostgreSQL database, a logical replication slot should already be created and associated with the source endpoint. You can verify this by setting the `slotName` extra connection attribute to the name of this logical replication slot. For more information, see [Extra Connection Attributes When Using PostgreSQL as a Source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.PostgreSQL.html#CHAP_Source.PostgreSQL.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", - "title": "CdcStartPosition", - "type": "string" - }, - "CdcStartTime": { - "markdownDescription": "Indicates the start time for a change data capture (CDC) operation.", - "title": "CdcStartTime", - "type": "number" - }, - "CdcStopPosition": { - "markdownDescription": "Indicates when you want a change data capture (CDC) operation to stop. The value can be either server time or commit time.\n\nHere is a server time example: `--cdc-stop-position \"server_time:2018-02-09T12:12:12\"`\n\nHere is a commit time example: `--cdc-stop-position \"commit_time: 2018-02-09T12:12:12\"`", - "title": "CdcStopPosition", - "type": "string" - }, - "MigrationType": { - "markdownDescription": "The migration type. Valid values: `full-load` | `cdc` | `full-load-and-cdc`", - "title": "MigrationType", + "ContactFlowId": { + "markdownDescription": "The identifier of the flow.", + "title": "ContactFlowId", "type": "string" }, - "ReplicationInstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of a replication instance.", - "title": "ReplicationInstanceArn", + "Description": { + "markdownDescription": "The description of the flow version.", + "title": "Description", "type": "string" - }, - "ReplicationTaskIdentifier": { - "markdownDescription": "An identifier for the replication task.\n\nConstraints:\n\n- Must contain 1-255 alphanumeric characters or hyphens.\n- First character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.", - "title": "ReplicationTaskIdentifier", + } + }, + "required": [ + "ContactFlowId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Connect::ContactFlowVersion" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Connect::EmailAddress": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, - "ReplicationTaskSettings": { - "markdownDescription": "Overall settings for the task, in JSON format. For more information, see [Specifying Task Settings for AWS Database Migration Service Tasks](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TaskSettings.html) in the *AWS Database Migration Service User Guide* .", - "title": "ReplicationTaskSettings", + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the email address.", + "title": "Description", "type": "string" }, - "ResourceIdentifier": { - "markdownDescription": "A display name for the resource identifier at the end of the `EndpointArn` response parameter that is returned in the created `Endpoint` object. The value for this parameter can have up to 31 characters. It can contain only ASCII letters, digits, and hyphen ('-'). Also, it can't end with a hyphen or contain two consecutive hyphens, and can only begin with a letter, such as `Example-App-ARN1` .\n\nFor example, this value might result in the `EndpointArn` value `arn:aws:dms:eu-west-1:012345678901:rep:Example-App-ARN1` . If you don't specify a `ResourceIdentifier` value, AWS DMS generates a default identifier value for the end of `EndpointArn` .", - "title": "ResourceIdentifier", + "DisplayName": { + "markdownDescription": "The display name of email address.", + "title": "DisplayName", "type": "string" }, - "SourceEndpointArn": { - "markdownDescription": "An Amazon Resource Name (ARN) that uniquely identifies the source endpoint.", - "title": "SourceEndpointArn", + "EmailAddress": { + "markdownDescription": "The email address, including the domain.", + "title": "EmailAddress", "type": "string" }, - "TableMappings": { - "markdownDescription": "The table mappings for the task, in JSON format. For more information, see [Using Table Mapping to Specify Task Settings](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TableMapping.html) in the *AWS Database Migration Service User Guide* .", - "title": "TableMappings", + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", + "title": "InstanceArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "One or more tags to be assigned to the replication task.", + "markdownDescription": "An array of key-value pairs to apply to this resource.", "title": "Tags", "type": "array" - }, - "TargetEndpointArn": { - "markdownDescription": "An Amazon Resource Name (ARN) that uniquely identifies the target endpoint.", - "title": "TargetEndpointArn", - "type": "string" - }, - "TaskData": { - "markdownDescription": "Supplemental information that the task requires to migrate the data for certain source and target endpoints. For more information, see [Specifying Supplemental Data for Task Settings](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.TaskData.html) in the *AWS Database Migration Service User Guide.*", - "title": "TaskData", - "type": "string" } }, "required": [ - "MigrationType", - "ReplicationInstanceArn", - "SourceEndpointArn", - "TableMappings", - "TargetEndpointArn" + "EmailAddress", + "InstanceArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::DMS::ReplicationTask" + "AWS::Connect::EmailAddress" ], "type": "string" }, @@ -58940,7 +64653,7 @@ ], "type": "object" }, - "AWS::DataBrew::Dataset": { + "AWS::Connect::EvaluationForm": { "additionalProperties": false, "properties": { "Condition": { @@ -58975,49 +64688,64 @@ "Properties": { "additionalProperties": false, "properties": { - "Format": { - "markdownDescription": "The file format of a dataset that is created from an Amazon S3 file or folder.", - "title": "Format", + "AutoEvaluationConfiguration": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.AutoEvaluationConfiguration", + "markdownDescription": "", + "title": "AutoEvaluationConfiguration" + }, + "Description": { + "markdownDescription": "The description of the evaluation form.\n\n*Length Constraints* : Minimum length of 0. Maximum length of 1024.", + "title": "Description", "type": "string" }, - "FormatOptions": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.FormatOptions", - "markdownDescription": "A set of options that define how DataBrew interprets the data in the dataset.", - "title": "FormatOptions" + "InstanceArn": { + "markdownDescription": "The identifier of the Amazon Connect instance.", + "title": "InstanceArn", + "type": "string" }, - "Input": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.Input", - "markdownDescription": "Information on how DataBrew can find the dataset, in either the AWS Glue Data Catalog or Amazon S3 .", - "title": "Input" + "Items": { + "items": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormBaseItem" + }, + "markdownDescription": "Items that are part of the evaluation form. The total number of sections and questions must not exceed 100 each. Questions must be contained in a section.\n\n*Minimum size* : 1\n\n*Maximum size* : 100", + "title": "Items", + "type": "array" }, - "Name": { - "markdownDescription": "The unique name of the dataset.", - "title": "Name", - "type": "string" + "ScoringStrategy": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.ScoringStrategy", + "markdownDescription": "A scoring strategy of the evaluation form.", + "title": "ScoringStrategy" }, - "PathOptions": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.PathOptions", - "markdownDescription": "A set of options that defines how DataBrew interprets an Amazon S3 path of the dataset.", - "title": "PathOptions" + "Status": { + "markdownDescription": "The status of the evaluation form.\n\n*Allowed values* : `DRAFT` | `ACTIVE`", + "title": "Status", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata tags that have been applied to the dataset.", + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" + }, + "Title": { + "markdownDescription": "A title of the evaluation form.", + "title": "Title", + "type": "string" } }, "required": [ - "Input", - "Name" + "InstanceArn", + "Items", + "Status", + "Title" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataBrew::Dataset" + "AWS::Connect::EvaluationForm" ], "type": "string" }, @@ -59036,363 +64764,380 @@ ], "type": "object" }, - "AWS::DataBrew::Dataset.CsvOptions": { + "AWS::Connect::EvaluationForm.AutoEvaluationConfiguration": { "additionalProperties": false, "properties": { - "Delimiter": { - "markdownDescription": "A single character that specifies the delimiter being used in the CSV file.", - "title": "Delimiter", - "type": "string" - }, - "HeaderRow": { - "markdownDescription": "A variable that specifies whether the first row in the file is parsed as the header. If this value is false, column names are auto-generated.", - "title": "HeaderRow", + "Enabled": { + "markdownDescription": "", + "title": "Enabled", "type": "boolean" } }, "type": "object" }, - "AWS::DataBrew::Dataset.DataCatalogInputDefinition": { + "AWS::Connect::EvaluationForm.EvaluationFormBaseItem": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The unique identifier of the AWS account that holds the Data Catalog that stores the data.", - "title": "CatalogId", - "type": "string" - }, - "DatabaseName": { - "markdownDescription": "The name of a database in the Data Catalog.", - "title": "DatabaseName", - "type": "string" + "Section": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormSection", + "markdownDescription": "A subsection or inner section of an item.", + "title": "Section" + } + }, + "required": [ + "Section" + ], + "type": "object" + }, + "AWS::Connect::EvaluationForm.EvaluationFormItem": { + "additionalProperties": false, + "properties": { + "Question": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormQuestion", + "markdownDescription": "The information of the question.", + "title": "Question" }, - "TableName": { - "markdownDescription": "The name of a database table in the Data Catalog. This table corresponds to a DataBrew dataset.", - "title": "TableName", - "type": "string" + "Section": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormSection", + "markdownDescription": "The information of the section.", + "title": "Section" + } + }, + "type": "object" + }, + "AWS::Connect::EvaluationForm.EvaluationFormNumericQuestionAutomation": { + "additionalProperties": false, + "properties": { + "AnswerSource": { + "markdownDescription": "", + "title": "AnswerSource", + "type": "object" }, - "TempDirectory": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.S3Location", - "markdownDescription": "An Amazon location that AWS Glue Data Catalog can use as a temporary directory.", - "title": "TempDirectory" + "PropertyValue": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.NumericQuestionPropertyValueAutomation", + "markdownDescription": "The property value of the automation.", + "title": "PropertyValue" } }, "type": "object" }, - "AWS::DataBrew::Dataset.DatabaseInputDefinition": { + "AWS::Connect::EvaluationForm.EvaluationFormNumericQuestionOption": { "additionalProperties": false, "properties": { - "DatabaseTableName": { - "markdownDescription": "The table within the target database.", - "title": "DatabaseTableName", - "type": "string" + "AutomaticFail": { + "markdownDescription": "The flag to mark the option as automatic fail. If an automatic fail answer is provided, the overall evaluation gets a score of 0.", + "title": "AutomaticFail", + "type": "boolean" }, - "GlueConnectionName": { - "markdownDescription": "The AWS Glue Connection that stores the connection information for the target database.", - "title": "GlueConnectionName", - "type": "string" + "MaxValue": { + "markdownDescription": "The maximum answer value of the range option.", + "title": "MaxValue", + "type": "number" }, - "QueryString": { - "markdownDescription": "Custom SQL to run against the provided AWS Glue connection. This SQL will be used as the input for DataBrew projects and jobs.", - "title": "QueryString", - "type": "string" + "MinValue": { + "markdownDescription": "The minimum answer value of the range option.", + "title": "MinValue", + "type": "number" }, - "TempDirectory": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.S3Location", - "markdownDescription": "An Amazon location that AWS Glue Data Catalog can use as a temporary directory.", - "title": "TempDirectory" + "Score": { + "markdownDescription": "The score assigned to answer values within the range option.\n\n*Minimum* : 0\n\n*Maximum* : 10", + "title": "Score", + "type": "number" } }, "required": [ - "GlueConnectionName" + "MaxValue", + "MinValue" ], "type": "object" }, - "AWS::DataBrew::Dataset.DatasetParameter": { + "AWS::Connect::EvaluationForm.EvaluationFormNumericQuestionProperties": { "additionalProperties": false, "properties": { - "CreateColumn": { - "markdownDescription": "Optional boolean value that defines whether the captured value of this parameter should be loaded as an additional column in the dataset.", - "title": "CreateColumn", - "type": "boolean" - }, - "DatetimeOptions": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.DatetimeOptions", - "markdownDescription": "Additional parameter options such as a format and a timezone. Required for datetime parameters.", - "title": "DatetimeOptions" + "Automation": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormNumericQuestionAutomation", + "markdownDescription": "The automation properties of the numeric question.", + "title": "Automation" }, - "Filter": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.FilterExpression", - "markdownDescription": "The optional filter expression structure to apply additional matching criteria to the parameter.", - "title": "Filter" + "MaxValue": { + "markdownDescription": "The maximum answer value.", + "title": "MaxValue", + "type": "number" }, - "Name": { - "markdownDescription": "The name of the parameter that is used in the dataset's Amazon S3 path.", - "title": "Name", - "type": "string" + "MinValue": { + "markdownDescription": "The minimum answer value.", + "title": "MinValue", + "type": "number" }, - "Type": { - "markdownDescription": "The type of the dataset parameter, can be one of a 'String', 'Number' or 'Datetime'.", - "title": "Type", - "type": "string" + "Options": { + "items": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormNumericQuestionOption" + }, + "markdownDescription": "The scoring options of the numeric question.", + "title": "Options", + "type": "array" } }, "required": [ - "Name", - "Type" + "MaxValue", + "MinValue" ], "type": "object" }, - "AWS::DataBrew::Dataset.DatetimeOptions": { + "AWS::Connect::EvaluationForm.EvaluationFormQuestion": { "additionalProperties": false, "properties": { - "Format": { - "markdownDescription": "Required option, that defines the datetime format used for a date parameter in the Amazon S3 path. Should use only supported datetime specifiers and separation characters, all litera a-z or A-Z character should be escaped with single quotes. E.g. \"MM.dd.yyyy-'at'-HH:mm\".", - "title": "Format", + "Instructions": { + "markdownDescription": "The instructions of the section.\n\n*Length Constraints* : Minimum length of 0. Maximum length of 1024.", + "title": "Instructions", "type": "string" }, - "LocaleCode": { - "markdownDescription": "Optional value for a non-US locale code, needed for correct interpretation of some date formats.", - "title": "LocaleCode", + "NotApplicableEnabled": { + "markdownDescription": "The flag to enable not applicable answers to the question.", + "title": "NotApplicableEnabled", + "type": "boolean" + }, + "QuestionType": { + "markdownDescription": "The type of the question.\n\n*Allowed values* : `NUMERIC` | `SINGLESELECT` | `TEXT`", + "title": "QuestionType", "type": "string" }, - "TimezoneOffset": { - "markdownDescription": "Optional value for a timezone offset of the datetime parameter value in the Amazon S3 path. Shouldn't be used if Format for this parameter includes timezone fields. If no offset specified, UTC is assumed.", - "title": "TimezoneOffset", + "QuestionTypeProperties": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormQuestionTypeProperties", + "markdownDescription": "The properties of the type of question. Text questions do not have to define question type properties.", + "title": "QuestionTypeProperties" + }, + "RefId": { + "markdownDescription": "The identifier of the question. An identifier must be unique within the evaluation form.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 40.", + "title": "RefId", "type": "string" + }, + "Title": { + "markdownDescription": "The title of the question.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 350.", + "title": "Title", + "type": "string" + }, + "Weight": { + "markdownDescription": "The scoring weight of the section.\n\n*Minimum* : 0\n\n*Maximum* : 100", + "title": "Weight", + "type": "number" } }, "required": [ - "Format" + "QuestionType", + "RefId", + "Title" ], "type": "object" }, - "AWS::DataBrew::Dataset.ExcelOptions": { + "AWS::Connect::EvaluationForm.EvaluationFormQuestionTypeProperties": { "additionalProperties": false, "properties": { - "HeaderRow": { - "markdownDescription": "A variable that specifies whether the first row in the file is parsed as the header. If this value is false, column names are auto-generated.", - "title": "HeaderRow", - "type": "boolean" - }, - "SheetIndexes": { - "items": { - "type": "number" - }, - "markdownDescription": "One or more sheet numbers in the Excel file that will be included in the dataset.", - "title": "SheetIndexes", - "type": "array" + "Numeric": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormNumericQuestionProperties", + "markdownDescription": "The properties of the numeric question.", + "title": "Numeric" }, - "SheetNames": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more named sheets in the Excel file that will be included in the dataset.", - "title": "SheetNames", - "type": "array" + "SingleSelect": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionProperties", + "markdownDescription": "The properties of the numeric question.", + "title": "SingleSelect" } }, "type": "object" }, - "AWS::DataBrew::Dataset.FilesLimit": { + "AWS::Connect::EvaluationForm.EvaluationFormSection": { "additionalProperties": false, "properties": { - "MaxFiles": { - "markdownDescription": "The number of Amazon S3 files to select.", - "title": "MaxFiles", - "type": "number" + "Instructions": { + "markdownDescription": "The instructions of the section.", + "title": "Instructions", + "type": "string" }, - "Order": { - "markdownDescription": "A criteria to use for Amazon S3 files sorting before their selection. By default uses DESCENDING order, i.e. most recent files are selected first. Anotherpossible value is ASCENDING.", - "title": "Order", + "Items": { + "items": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormItem" + }, + "markdownDescription": "The items of the section.\n\n*Minimum* : 1", + "title": "Items", + "type": "array" + }, + "RefId": { + "markdownDescription": "The identifier of the section. An identifier must be unique within the evaluation form.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 40.", + "title": "RefId", "type": "string" }, - "OrderedBy": { - "markdownDescription": "A criteria to use for Amazon S3 files sorting before their selection. By default uses LAST_MODIFIED_DATE as a sorting criteria. Currently it's the only allowed value.", - "title": "OrderedBy", + "Title": { + "markdownDescription": "The title of the section.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 128.", + "title": "Title", "type": "string" + }, + "Weight": { + "markdownDescription": "The scoring weight of the section.\n\n*Minimum* : 0\n\n*Maximum* : 100", + "title": "Weight", + "type": "number" } }, "required": [ - "MaxFiles" + "RefId", + "Title" ], "type": "object" }, - "AWS::DataBrew::Dataset.FilterExpression": { + "AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionAutomation": { "additionalProperties": false, "properties": { - "Expression": { - "markdownDescription": "The expression which includes condition names followed by substitution variables, possibly grouped and combined with other conditions. For example, \"(starts_with :prefix1 or starts_with :prefix2) and (ends_with :suffix1 or ends_with :suffix2)\". Substitution variables should start with ':' symbol.", - "title": "Expression", + "DefaultOptionRefId": { + "markdownDescription": "The identifier of the default answer option, when none of the automation options match the criteria.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 40.", + "title": "DefaultOptionRefId", "type": "string" }, - "ValuesMap": { + "Options": { "items": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.FilterValue" + "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionAutomationOption" }, - "markdownDescription": "The map of substitution variable names to their values used in this filter expression.", - "title": "ValuesMap", + "markdownDescription": "The automation options of the single select question.\n\n*Minimum* : 1\n\n*Maximum* : 20", + "title": "Options", "type": "array" } }, "required": [ - "Expression", - "ValuesMap" + "Options" ], "type": "object" }, - "AWS::DataBrew::Dataset.FilterValue": { + "AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionAutomationOption": { "additionalProperties": false, "properties": { - "Value": { - "markdownDescription": "The value to be associated with the substitution variable.", - "title": "Value", - "type": "string" - }, - "ValueReference": { - "markdownDescription": "The substitution variable reference.", - "title": "ValueReference", - "type": "string" + "RuleCategory": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.SingleSelectQuestionRuleCategoryAutomation", + "markdownDescription": "The automation option based on a rule category for the single select question.", + "title": "RuleCategory" } }, "required": [ - "Value", - "ValueReference" + "RuleCategory" ], "type": "object" }, - "AWS::DataBrew::Dataset.FormatOptions": { + "AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionOption": { "additionalProperties": false, "properties": { - "Csv": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.CsvOptions", - "markdownDescription": "Options that define how CSV input is to be interpreted by DataBrew.", - "title": "Csv" + "AutomaticFail": { + "markdownDescription": "The flag to mark the option as automatic fail. If an automatic fail answer is provided, the overall evaluation gets a score of 0.", + "title": "AutomaticFail", + "type": "boolean" }, - "Excel": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.ExcelOptions", - "markdownDescription": "Options that define how Excel input is to be interpreted by DataBrew.", - "title": "Excel" + "RefId": { + "markdownDescription": "The identifier of the answer option. An identifier must be unique within the question.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 40.", + "title": "RefId", + "type": "string" }, - "Json": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.JsonOptions", - "markdownDescription": "Options that define how JSON input is to be interpreted by DataBrew.", - "title": "Json" + "Score": { + "markdownDescription": "The score assigned to the answer option.\n\n*Minimum* : 0\n\n*Maximum* : 10", + "title": "Score", + "type": "number" + }, + "Text": { + "markdownDescription": "The title of the answer option.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 128.", + "title": "Text", + "type": "string" } }, + "required": [ + "RefId", + "Text" + ], "type": "object" }, - "AWS::DataBrew::Dataset.Input": { + "AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionProperties": { "additionalProperties": false, "properties": { - "DataCatalogInputDefinition": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.DataCatalogInputDefinition", - "markdownDescription": "The AWS Glue Data Catalog parameters for the data.", - "title": "DataCatalogInputDefinition" - }, - "DatabaseInputDefinition": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.DatabaseInputDefinition", - "markdownDescription": "Connection information for dataset input files stored in a database.", - "title": "DatabaseInputDefinition" + "Automation": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionAutomation", + "markdownDescription": "The display mode of the single select question.", + "title": "Automation" }, - "Metadata": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.Metadata", - "markdownDescription": "Contains additional resource information needed for specific datasets.", - "title": "Metadata" + "DisplayAs": { + "markdownDescription": "The display mode of the single select question.\n\n*Allowed values* : `DROPDOWN` | `RADIO`", + "title": "DisplayAs", + "type": "string" }, - "S3InputDefinition": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.S3Location", - "markdownDescription": "The Amazon S3 location where the data is stored.", - "title": "S3InputDefinition" - } - }, - "type": "object" - }, - "AWS::DataBrew::Dataset.JsonOptions": { - "additionalProperties": false, - "properties": { - "MultiLine": { - "markdownDescription": "A value that specifies whether JSON input contains embedded new line characters.", - "title": "MultiLine", - "type": "boolean" + "Options": { + "items": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionOption" + }, + "markdownDescription": "The answer options of the single select question.\n\n*Minimum* : 2\n\n*Maximum* : 256", + "title": "Options", + "type": "array" } }, + "required": [ + "Options" + ], "type": "object" }, - "AWS::DataBrew::Dataset.Metadata": { + "AWS::Connect::EvaluationForm.NumericQuestionPropertyValueAutomation": { "additionalProperties": false, "properties": { - "SourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) associated with the dataset. Currently, DataBrew only supports ARNs from Amazon AppFlow.", - "title": "SourceArn", + "Label": { + "markdownDescription": "The property label of the automation.", + "title": "Label", "type": "string" } }, + "required": [ + "Label" + ], "type": "object" }, - "AWS::DataBrew::Dataset.PathOptions": { - "additionalProperties": false, - "properties": { - "FilesLimit": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.FilesLimit", - "markdownDescription": "If provided, this structure imposes a limit on a number of files that should be selected.", - "title": "FilesLimit" - }, - "LastModifiedDateCondition": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.FilterExpression", - "markdownDescription": "If provided, this structure defines a date range for matching Amazon S3 objects based on their LastModifiedDate attribute in Amazon S3 .", - "title": "LastModifiedDateCondition" - }, - "Parameters": { - "items": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.PathParameter" - }, - "markdownDescription": "A structure that maps names of parameters used in the Amazon S3 path of a dataset to their definitions.", - "title": "Parameters", - "type": "array" - } - }, - "type": "object" - }, - "AWS::DataBrew::Dataset.PathParameter": { + "AWS::Connect::EvaluationForm.ScoringStrategy": { "additionalProperties": false, "properties": { - "DatasetParameter": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.DatasetParameter", - "markdownDescription": "The path parameter definition.", - "title": "DatasetParameter" + "Mode": { + "markdownDescription": "The scoring mode of the evaluation form.\n\n*Allowed values* : `QUESTION_ONLY` | `SECTION_ONLY`", + "title": "Mode", + "type": "string" }, - "PathParameterName": { - "markdownDescription": "The name of the path parameter.", - "title": "PathParameterName", + "Status": { + "markdownDescription": "The scoring status of the evaluation form.\n\n*Allowed values* : `ENABLED` | `DISABLED`", + "title": "Status", "type": "string" } }, "required": [ - "DatasetParameter", - "PathParameterName" + "Mode", + "Status" ], "type": "object" }, - "AWS::DataBrew::Dataset.S3Location": { + "AWS::Connect::EvaluationForm.SingleSelectQuestionRuleCategoryAutomation": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The Amazon S3 bucket name.", - "title": "Bucket", + "Category": { + "markdownDescription": "The category name, as defined in Rules.\n\n*Minimum* : 1\n\n*Maximum* : 50", + "title": "Category", "type": "string" }, - "Key": { - "markdownDescription": "The unique name of the object in the bucket.", - "title": "Key", + "Condition": { + "markdownDescription": "The condition to apply for the automation option. If the condition is PRESENT, then the option is applied when the contact data includes the category. Similarly, if the condition is NOT_PRESENT, then the option is applied when the contact data does not include the category.\n\n*Allowed values* : `PRESENT` | `NOT_PRESENT`\n\n*Maximum* : 50", + "title": "Condition", + "type": "string" + }, + "OptionRefId": { + "markdownDescription": "The identifier of the answer option. An identifier must be unique within the question.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 40.", + "title": "OptionRefId", "type": "string" } }, "required": [ - "Bucket" + "Category", + "Condition", + "OptionRefId" ], "type": "object" }, - "AWS::DataBrew::Job": { + "AWS::Connect::HoursOfOperation": { "additionalProperties": false, "properties": { "Condition": { @@ -59427,132 +65172,62 @@ "Properties": { "additionalProperties": false, "properties": { - "DataCatalogOutputs": { - "items": { - "$ref": "#/definitions/AWS::DataBrew::Job.DataCatalogOutput" - }, - "markdownDescription": "One or more artifacts that represent the AWS Glue Data Catalog output from running the job.", - "title": "DataCatalogOutputs", - "type": "array" - }, - "DatabaseOutputs": { + "Config": { "items": { - "$ref": "#/definitions/AWS::DataBrew::Job.DatabaseOutput" + "$ref": "#/definitions/AWS::Connect::HoursOfOperation.HoursOfOperationConfig" }, - "markdownDescription": "Represents a list of JDBC database output objects which defines the output destination for a DataBrew recipe job to write into.", - "title": "DatabaseOutputs", + "markdownDescription": "Configuration information for the hours of operation.", + "title": "Config", "type": "array" }, - "DatasetName": { - "markdownDescription": "A dataset that the job is to process.", - "title": "DatasetName", - "type": "string" - }, - "EncryptionKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an encryption key that is used to protect the job output. For more information, see [Encrypting data written by DataBrew jobs](https://docs.aws.amazon.com/databrew/latest/dg/encryption-security-configuration.html)", - "title": "EncryptionKeyArn", - "type": "string" - }, - "EncryptionMode": { - "markdownDescription": "The encryption mode for the job, which can be one of the following:\n\n- `SSE-KMS` - Server-side encryption with keys managed by AWS KMS .\n- `SSE-S3` - Server-side encryption with keys managed by Amazon S3.", - "title": "EncryptionMode", - "type": "string" - }, - "JobSample": { - "$ref": "#/definitions/AWS::DataBrew::Job.JobSample", - "markdownDescription": "A sample configuration for profile jobs only, which determines the number of rows on which the profile job is run. If a `JobSample` value isn't provided, the default value is used. The default value is CUSTOM_ROWS for the mode parameter and 20,000 for the size parameter.", - "title": "JobSample" - }, - "LogSubscription": { - "markdownDescription": "The current status of Amazon CloudWatch logging for the job.", - "title": "LogSubscription", - "type": "string" - }, - "MaxCapacity": { - "markdownDescription": "The maximum number of nodes that can be consumed when the job processes data.", - "title": "MaxCapacity", - "type": "number" - }, - "MaxRetries": { - "markdownDescription": "The maximum number of times to retry the job after a job run fails.", - "title": "MaxRetries", - "type": "number" - }, - "Name": { - "markdownDescription": "The unique name of the job.", - "title": "Name", + "Description": { + "markdownDescription": "The description for the hours of operation.", + "title": "Description", "type": "string" }, - "OutputLocation": { - "$ref": "#/definitions/AWS::DataBrew::Job.OutputLocation", - "markdownDescription": "The location in Amazon S3 where the job writes its output.", - "title": "OutputLocation" - }, - "Outputs": { + "HoursOfOperationOverrides": { "items": { - "$ref": "#/definitions/AWS::DataBrew::Job.Output" + "$ref": "#/definitions/AWS::Connect::HoursOfOperation.HoursOfOperationOverride" }, - "markdownDescription": "One or more artifacts that represent output from running the job.", - "title": "Outputs", + "markdownDescription": "", + "title": "HoursOfOperationOverrides", "type": "array" }, - "ProfileConfiguration": { - "$ref": "#/definitions/AWS::DataBrew::Job.ProfileConfiguration", - "markdownDescription": "Configuration for profile jobs. Configuration can be used to select columns, do evaluations, and override default parameters of evaluations. When configuration is undefined, the profile job will apply default settings to all supported columns.", - "title": "ProfileConfiguration" - }, - "ProjectName": { - "markdownDescription": "The name of the project that the job is associated with.", - "title": "ProjectName", + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", + "title": "InstanceArn", "type": "string" }, - "Recipe": { - "$ref": "#/definitions/AWS::DataBrew::Job.Recipe", - "markdownDescription": "A series of data transformation steps that the job runs.", - "title": "Recipe" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role to be assumed for this job.", - "title": "RoleArn", + "Name": { + "markdownDescription": "The name for the hours of operation.", + "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata tags that have been applied to the job.", + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"Tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" }, - "Timeout": { - "markdownDescription": "The job's timeout in minutes. A job that attempts to run longer than this timeout period ends with a status of `TIMEOUT` .", - "title": "Timeout", - "type": "number" - }, - "Type": { - "markdownDescription": "The job type of the job, which must be one of the following:\n\n- `PROFILE` - A job to analyze a dataset, to determine its size, data types, data distribution, and more.\n- `RECIPE` - A job to apply one or more transformations to a dataset.", - "title": "Type", + "TimeZone": { + "markdownDescription": "The time zone for the hours of operation.", + "title": "TimeZone", "type": "string" - }, - "ValidationConfigurations": { - "items": { - "$ref": "#/definitions/AWS::DataBrew::Job.ValidationConfiguration" - }, - "markdownDescription": "List of validation configurations that are applied to the profile job.", - "title": "ValidationConfigurations", - "type": "array" } }, "required": [ + "Config", + "InstanceArn", "Name", - "RoleArn", - "Type" + "TimeZone" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataBrew::Job" + "AWS::Connect::HoursOfOperation" ], "type": "string" }, @@ -59571,433 +65246,582 @@ ], "type": "object" }, - "AWS::DataBrew::Job.AllowedStatistics": { - "additionalProperties": false, - "properties": { - "Statistics": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more column statistics to allow for columns that contain detected entities.", - "title": "Statistics", - "type": "array" - } - }, - "required": [ - "Statistics" - ], - "type": "object" - }, - "AWS::DataBrew::Job.ColumnSelector": { + "AWS::Connect::HoursOfOperation.HoursOfOperationConfig": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of a column from a dataset.", - "title": "Name", + "Day": { + "markdownDescription": "The day that the hours of operation applies to.", + "title": "Day", "type": "string" }, - "Regex": { - "markdownDescription": "A regular expression for selecting a column from a dataset.", - "title": "Regex", - "type": "string" - } - }, - "type": "object" - }, - "AWS::DataBrew::Job.ColumnStatisticsConfiguration": { - "additionalProperties": false, - "properties": { - "Selectors": { - "items": { - "$ref": "#/definitions/AWS::DataBrew::Job.ColumnSelector" - }, - "markdownDescription": "List of column selectors. Selectors can be used to select columns from the dataset. When selectors are undefined, configuration will be applied to all supported columns.", - "title": "Selectors", - "type": "array" + "EndTime": { + "$ref": "#/definitions/AWS::Connect::HoursOfOperation.HoursOfOperationTimeSlice", + "markdownDescription": "The end time that your contact center closes.", + "title": "EndTime" }, - "Statistics": { - "$ref": "#/definitions/AWS::DataBrew::Job.StatisticsConfiguration", - "markdownDescription": "Configuration for evaluations. Statistics can be used to select evaluations and override parameters of evaluations.", - "title": "Statistics" + "StartTime": { + "$ref": "#/definitions/AWS::Connect::HoursOfOperation.HoursOfOperationTimeSlice", + "markdownDescription": "The start time that your contact center opens.", + "title": "StartTime" } }, "required": [ - "Statistics" + "Day", + "EndTime", + "StartTime" ], "type": "object" }, - "AWS::DataBrew::Job.CsvOutputOptions": { - "additionalProperties": false, - "properties": { - "Delimiter": { - "markdownDescription": "A single character that specifies the delimiter used to create CSV job output.", - "title": "Delimiter", - "type": "string" - } - }, - "type": "object" - }, - "AWS::DataBrew::Job.DataCatalogOutput": { + "AWS::Connect::HoursOfOperation.HoursOfOperationOverride": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The unique identifier of the AWS account that holds the Data Catalog that stores the data.", - "title": "CatalogId", + "EffectiveFrom": { + "markdownDescription": "The date from which the hours of operation override would be effective.", + "title": "EffectiveFrom", "type": "string" }, - "DatabaseName": { - "markdownDescription": "The name of a database in the Data Catalog.", - "title": "DatabaseName", + "EffectiveTill": { + "markdownDescription": "The date till which the hours of operation override would be effective.", + "title": "EffectiveTill", "type": "string" }, - "DatabaseOptions": { - "$ref": "#/definitions/AWS::DataBrew::Job.DatabaseTableOutputOptions", - "markdownDescription": "Represents options that specify how and where DataBrew writes the database output generated by recipe jobs.", - "title": "DatabaseOptions" - }, - "Overwrite": { - "markdownDescription": "A value that, if true, means that any data in the location specified for output is overwritten with new output. Not supported with DatabaseOptions.", - "title": "Overwrite", - "type": "boolean" - }, - "S3Options": { - "$ref": "#/definitions/AWS::DataBrew::Job.S3TableOutputOptions", - "markdownDescription": "Represents options that specify how and where DataBrew writes the Amazon S3 output generated by recipe jobs.", - "title": "S3Options" - }, - "TableName": { - "markdownDescription": "The name of a table in the Data Catalog.", - "title": "TableName", + "HoursOfOperationOverrideId": { + "markdownDescription": "The identifier for the hours of operation override.", + "title": "HoursOfOperationOverrideId", "type": "string" - } - }, - "required": [ - "DatabaseName", - "TableName" - ], - "type": "object" - }, - "AWS::DataBrew::Job.DatabaseOutput": { - "additionalProperties": false, - "properties": { - "DatabaseOptions": { - "$ref": "#/definitions/AWS::DataBrew::Job.DatabaseTableOutputOptions", - "markdownDescription": "Represents options that specify how and where DataBrew writes the database output generated by recipe jobs.", - "title": "DatabaseOptions" }, - "DatabaseOutputMode": { - "markdownDescription": "The output mode to write into the database. Currently supported option: NEW_TABLE.", - "title": "DatabaseOutputMode", + "OverrideConfig": { + "items": { + "$ref": "#/definitions/AWS::Connect::HoursOfOperation.HoursOfOperationOverrideConfig" + }, + "markdownDescription": "", + "title": "OverrideConfig", + "type": "array" + }, + "OverrideDescription": { + "markdownDescription": "", + "title": "OverrideDescription", "type": "string" }, - "GlueConnectionName": { - "markdownDescription": "The AWS Glue connection that stores the connection information for the target database.", - "title": "GlueConnectionName", + "OverrideName": { + "markdownDescription": "", + "title": "OverrideName", "type": "string" } }, "required": [ - "DatabaseOptions", - "GlueConnectionName" + "EffectiveFrom", + "EffectiveTill", + "OverrideConfig", + "OverrideName" ], "type": "object" }, - "AWS::DataBrew::Job.DatabaseTableOutputOptions": { + "AWS::Connect::HoursOfOperation.HoursOfOperationOverrideConfig": { "additionalProperties": false, "properties": { - "TableName": { - "markdownDescription": "A prefix for the name of a table DataBrew will create in the database.", - "title": "TableName", + "Day": { + "markdownDescription": "The day that the hours of operation override applies to.", + "title": "Day", "type": "string" }, - "TempDirectory": { - "$ref": "#/definitions/AWS::DataBrew::Job.S3Location", - "markdownDescription": "Represents an Amazon S3 location (bucket name and object key) where DataBrew can store intermediate results.", - "title": "TempDirectory" + "EndTime": { + "$ref": "#/definitions/AWS::Connect::HoursOfOperation.OverrideTimeSlice", + "markdownDescription": "The end time that your contact center closes if overrides are applied.", + "title": "EndTime" + }, + "StartTime": { + "$ref": "#/definitions/AWS::Connect::HoursOfOperation.OverrideTimeSlice", + "markdownDescription": "The start time when your contact center opens if overrides are applied.", + "title": "StartTime" } }, "required": [ - "TableName" + "Day", + "EndTime", + "StartTime" ], "type": "object" }, - "AWS::DataBrew::Job.EntityDetectorConfiguration": { + "AWS::Connect::HoursOfOperation.HoursOfOperationTimeSlice": { "additionalProperties": false, "properties": { - "AllowedStatistics": { - "$ref": "#/definitions/AWS::DataBrew::Job.AllowedStatistics", - "markdownDescription": "Configuration of statistics that are allowed to be run on columns that contain detected entities. When undefined, no statistics will be computed on columns that contain detected entities.", - "title": "AllowedStatistics" + "Hours": { + "markdownDescription": "The hours.", + "title": "Hours", + "type": "number" }, - "EntityTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "Entity types to detect. Can be any of the following:\n\n- USA_SSN\n- EMAIL\n- USA_ITIN\n- USA_PASSPORT_NUMBER\n- PHONE_NUMBER\n- USA_DRIVING_LICENSE\n- BANK_ACCOUNT\n- CREDIT_CARD\n- IP_ADDRESS\n- MAC_ADDRESS\n- USA_DEA_NUMBER\n- USA_HCPCS_CODE\n- USA_NATIONAL_PROVIDER_IDENTIFIER\n- USA_NATIONAL_DRUG_CODE\n- USA_HEALTH_INSURANCE_CLAIM_NUMBER\n- USA_MEDICARE_BENEFICIARY_IDENTIFIER\n- USA_CPT_CODE\n- PERSON_NAME\n- DATE\n\nThe Entity type group USA_ALL is also supported, and includes all of the above entity types except PERSON_NAME and DATE.", - "title": "EntityTypes", - "type": "array" + "Minutes": { + "markdownDescription": "The minutes.", + "title": "Minutes", + "type": "number" } }, "required": [ - "EntityTypes" + "Hours", + "Minutes" ], "type": "object" }, - "AWS::DataBrew::Job.JobSample": { + "AWS::Connect::HoursOfOperation.OverrideTimeSlice": { "additionalProperties": false, "properties": { - "Mode": { - "markdownDescription": "A value that determines whether the profile job is run on the entire dataset or a specified number of rows. This value must be one of the following:\n\n- FULL_DATASET - The profile job is run on the entire dataset.\n- CUSTOM_ROWS - The profile job is run on the number of rows specified in the `Size` parameter.", - "title": "Mode", - "type": "string" + "Hours": { + "markdownDescription": "The hours.", + "title": "Hours", + "type": "number" }, - "Size": { - "markdownDescription": "The `Size` parameter is only required when the mode is CUSTOM_ROWS. The profile job is run on the specified number of rows. The maximum value for size is Long.MAX_VALUE.\n\nLong.MAX_VALUE = 9223372036854775807", - "title": "Size", + "Minutes": { + "markdownDescription": "The minutes.", + "title": "Minutes", "type": "number" } }, + "required": [ + "Hours", + "Minutes" + ], "type": "object" }, - "AWS::DataBrew::Job.Output": { + "AWS::Connect::Instance": { "additionalProperties": false, "properties": { - "CompressionFormat": { - "markdownDescription": "The compression algorithm used to compress the output text of the job.", - "title": "CompressionFormat", + "Condition": { "type": "string" }, - "Format": { - "markdownDescription": "The data format of the output of the job.", - "title": "Format", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "FormatOptions": { - "$ref": "#/definitions/AWS::DataBrew::Job.OutputFormatOptions", - "markdownDescription": "Represents options that define how DataBrew formats job output files.", - "title": "FormatOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Location": { - "$ref": "#/definitions/AWS::DataBrew::Job.S3Location", - "markdownDescription": "The location in Amazon S3 where the job writes its output.", - "title": "Location" + "Metadata": { + "type": "object" }, - "MaxOutputFiles": { - "markdownDescription": "The maximum number of files to be generated by the job and written to the output folder.", - "title": "MaxOutputFiles", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "Attributes": { + "$ref": "#/definitions/AWS::Connect::Instance.Attributes", + "markdownDescription": "A toggle for an individual feature at the instance level.", + "title": "Attributes" + }, + "DirectoryId": { + "markdownDescription": "The identifier for the directory.", + "title": "DirectoryId", + "type": "string" + }, + "IdentityManagementType": { + "markdownDescription": "The identity management type.", + "title": "IdentityManagementType", + "type": "string" + }, + "InstanceAlias": { + "markdownDescription": "The alias of instance. `InstanceAlias` is only required when `IdentityManagementType` is `CONNECT_MANAGED` or `SAML` . `InstanceAlias` is not required when `IdentityManagementType` is `EXISTING_DIRECTORY` .", + "title": "InstanceAlias", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Attributes", + "IdentityManagementType" + ], + "type": "object" }, - "Overwrite": { - "markdownDescription": "A value that, if true, means that any data in the location specified for output is overwritten with new output.", - "title": "Overwrite", - "type": "boolean" + "Type": { + "enum": [ + "AWS::Connect::Instance" + ], + "type": "string" }, - "PartitionColumns": { - "items": { - "type": "string" - }, - "markdownDescription": "The names of one or more partition columns for the output of the job.", - "title": "PartitionColumns", - "type": "array" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Location" + "Type", + "Properties" ], "type": "object" }, - "AWS::DataBrew::Job.OutputFormatOptions": { - "additionalProperties": false, - "properties": { - "Csv": { - "$ref": "#/definitions/AWS::DataBrew::Job.CsvOutputOptions", - "markdownDescription": "Represents a set of options that define the structure of comma-separated value (CSV) job output.", - "title": "Csv" - } - }, - "type": "object" - }, - "AWS::DataBrew::Job.OutputLocation": { + "AWS::Connect::Instance.Attributes": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The Amazon S3 bucket name.", - "title": "Bucket", - "type": "string" + "AutoResolveBestVoices": { + "markdownDescription": "", + "title": "AutoResolveBestVoices", + "type": "boolean" }, - "BucketOwner": { + "ContactLens": { "markdownDescription": "", - "title": "BucketOwner", - "type": "string" + "title": "ContactLens", + "type": "boolean" }, - "Key": { - "markdownDescription": "The unique name of the object in the bucket.", - "title": "Key", - "type": "string" + "ContactflowLogs": { + "markdownDescription": "", + "title": "ContactflowLogs", + "type": "boolean" + }, + "EarlyMedia": { + "markdownDescription": "", + "title": "EarlyMedia", + "type": "boolean" + }, + "EnhancedChatMonitoring": { + "markdownDescription": "", + "title": "EnhancedChatMonitoring", + "type": "boolean" + }, + "EnhancedContactMonitoring": { + "markdownDescription": "", + "title": "EnhancedContactMonitoring", + "type": "boolean" + }, + "HighVolumeOutBound": { + "markdownDescription": "", + "title": "HighVolumeOutBound", + "type": "boolean" + }, + "InboundCalls": { + "markdownDescription": "", + "title": "InboundCalls", + "type": "boolean" + }, + "MultiPartyChatConference": { + "markdownDescription": "", + "title": "MultiPartyChatConference", + "type": "boolean" + }, + "MultiPartyConference": { + "markdownDescription": "", + "title": "MultiPartyConference", + "type": "boolean" + }, + "OutboundCalls": { + "markdownDescription": "", + "title": "OutboundCalls", + "type": "boolean" + }, + "UseCustomTTSVoices": { + "markdownDescription": "", + "title": "UseCustomTTSVoices", + "type": "boolean" } }, "required": [ - "Bucket" + "InboundCalls", + "OutboundCalls" ], "type": "object" }, - "AWS::DataBrew::Job.ProfileConfiguration": { + "AWS::Connect::InstanceStorageConfig": { "additionalProperties": false, "properties": { - "ColumnStatisticsConfigurations": { - "items": { - "$ref": "#/definitions/AWS::DataBrew::Job.ColumnStatisticsConfiguration" - }, - "markdownDescription": "List of configurations for column evaluations. ColumnStatisticsConfigurations are used to select evaluations and override parameters of evaluations for particular columns. When ColumnStatisticsConfigurations is undefined, the profile job will profile all supported columns and run all supported evaluations.", - "title": "ColumnStatisticsConfigurations", - "type": "array" + "Condition": { + "type": "string" }, - "DatasetStatisticsConfiguration": { - "$ref": "#/definitions/AWS::DataBrew::Job.StatisticsConfiguration", - "markdownDescription": "Configuration for inter-column evaluations. Configuration can be used to select evaluations and override parameters of evaluations. When configuration is undefined, the profile job will run all supported inter-column evaluations.", - "title": "DatasetStatisticsConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "EntityDetectorConfiguration": { - "$ref": "#/definitions/AWS::DataBrew::Job.EntityDetectorConfiguration", - "markdownDescription": "Configuration of entity detection for a profile job. When undefined, entity detection is disabled.", - "title": "EntityDetectorConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ProfileColumns": { - "items": { - "$ref": "#/definitions/AWS::DataBrew::Job.ColumnSelector" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", + "title": "InstanceArn", + "type": "string" + }, + "KinesisFirehoseConfig": { + "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig.KinesisFirehoseConfig", + "markdownDescription": "The configuration of the Kinesis Firehose delivery stream.", + "title": "KinesisFirehoseConfig" + }, + "KinesisStreamConfig": { + "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig.KinesisStreamConfig", + "markdownDescription": "The configuration of the Kinesis data stream.", + "title": "KinesisStreamConfig" + }, + "KinesisVideoStreamConfig": { + "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig.KinesisVideoStreamConfig", + "markdownDescription": "The configuration of the Kinesis video stream.", + "title": "KinesisVideoStreamConfig" + }, + "ResourceType": { + "markdownDescription": "A valid resource type. Following are the valid resource types: `CHAT_TRANSCRIPTS` | `CALL_RECORDINGS` | `SCHEDULED_REPORTS` | `MEDIA_STREAMS` | `CONTACT_TRACE_RECORDS` | `AGENT_EVENTS`", + "title": "ResourceType", + "type": "string" + }, + "S3Config": { + "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig.S3Config", + "markdownDescription": "The S3 bucket configuration.", + "title": "S3Config" + }, + "StorageType": { + "markdownDescription": "A valid storage type.", + "title": "StorageType", + "type": "string" + } }, - "markdownDescription": "List of column selectors. ProfileColumns can be used to select columns from the dataset. When ProfileColumns is undefined, the profile job will profile all supported columns.", - "title": "ProfileColumns", - "type": "array" + "required": [ + "InstanceArn", + "ResourceType", + "StorageType" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Connect::InstanceStorageConfig" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::DataBrew::Job.Recipe": { + "AWS::Connect::InstanceStorageConfig.EncryptionConfig": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The unique name for the recipe.", - "title": "Name", + "EncryptionType": { + "markdownDescription": "The type of encryption.", + "title": "EncryptionType", "type": "string" }, - "Version": { - "markdownDescription": "The identifier for the version for the recipe.", - "title": "Version", + "KeyId": { + "markdownDescription": "The full ARN of the encryption key.\n\n> Be sure to provide the full ARN of the encryption key, not just the ID.\n> \n> Amazon Connect supports only KMS keys with the default key spec of [`SYMMETRIC_DEFAULT`](https://docs.aws.amazon.com/kms/latest/developerguide/asymmetric-key-specs.html#key-spec-symmetric-default) .", + "title": "KeyId", "type": "string" } }, "required": [ - "Name" + "EncryptionType", + "KeyId" ], "type": "object" }, - "AWS::DataBrew::Job.S3Location": { + "AWS::Connect::InstanceStorageConfig.KinesisFirehoseConfig": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The Amazon S3 bucket name.", - "title": "Bucket", - "type": "string" - }, - "BucketOwner": { - "markdownDescription": "The AWS account ID of the bucket owner.", - "title": "BucketOwner", - "type": "string" - }, - "Key": { - "markdownDescription": "The unique name of the object in the bucket.", - "title": "Key", + "FirehoseArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the delivery stream.", + "title": "FirehoseArn", "type": "string" } }, "required": [ - "Bucket" + "FirehoseArn" ], "type": "object" }, - "AWS::DataBrew::Job.S3TableOutputOptions": { + "AWS::Connect::InstanceStorageConfig.KinesisStreamConfig": { "additionalProperties": false, "properties": { - "Location": { - "$ref": "#/definitions/AWS::DataBrew::Job.S3Location", - "markdownDescription": "Represents an Amazon S3 location (bucket name and object key) where DataBrew can write output from a job.", - "title": "Location" + "StreamArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the data stream.", + "title": "StreamArn", + "type": "string" } }, "required": [ - "Location" + "StreamArn" ], "type": "object" }, - "AWS::DataBrew::Job.StatisticOverride": { + "AWS::Connect::InstanceStorageConfig.KinesisVideoStreamConfig": { "additionalProperties": false, "properties": { - "Parameters": { - "additionalProperties": true, - "markdownDescription": "A map that includes overrides of an evaluation\u2019s parameters.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Parameters", - "type": "object" + "EncryptionConfig": { + "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig.EncryptionConfig", + "markdownDescription": "The encryption configuration.", + "title": "EncryptionConfig" }, - "Statistic": { - "markdownDescription": "The name of an evaluation", - "title": "Statistic", + "Prefix": { + "markdownDescription": "The prefix of the video stream.", + "title": "Prefix", "type": "string" + }, + "RetentionPeriodHours": { + "markdownDescription": "The number of hours data is retained in the stream. Kinesis Video Streams retains the data in a data store that is associated with the stream.\n\nThe default value is 0, indicating that the stream does not persist data.", + "title": "RetentionPeriodHours", + "type": "number" } }, "required": [ - "Parameters", - "Statistic" + "EncryptionConfig", + "Prefix", + "RetentionPeriodHours" ], "type": "object" }, - "AWS::DataBrew::Job.StatisticsConfiguration": { + "AWS::Connect::InstanceStorageConfig.S3Config": { "additionalProperties": false, "properties": { - "IncludedStatistics": { - "items": { - "type": "string" - }, - "markdownDescription": "List of included evaluations. When the list is undefined, all supported evaluations will be included.", - "title": "IncludedStatistics", - "type": "array" + "BucketName": { + "markdownDescription": "The S3 bucket name.", + "title": "BucketName", + "type": "string" }, - "Overrides": { - "items": { - "$ref": "#/definitions/AWS::DataBrew::Job.StatisticOverride" - }, - "markdownDescription": "List of overrides for evaluations.", - "title": "Overrides", - "type": "array" + "BucketPrefix": { + "markdownDescription": "The S3 bucket prefix.", + "title": "BucketPrefix", + "type": "string" + }, + "EncryptionConfig": { + "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig.EncryptionConfig", + "markdownDescription": "The Amazon S3 encryption configuration.", + "title": "EncryptionConfig" } }, + "required": [ + "BucketName", + "BucketPrefix" + ], "type": "object" }, - "AWS::DataBrew::Job.ValidationConfiguration": { + "AWS::Connect::IntegrationAssociation": { "additionalProperties": false, "properties": { - "RulesetArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the ruleset to be validated in the profile job. The TargetArn of the selected ruleset should be the same as the Amazon Resource Name (ARN) of the dataset that is associated with the profile job.", - "title": "RulesetArn", + "Condition": { "type": "string" }, - "ValidationMode": { - "markdownDescription": "Mode of data quality validation. Default mode is \u201cCHECK_ALL\u201d which verifies all rules defined in the selected ruleset.", - "title": "ValidationMode", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "InstanceId": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance.\n\n*Minimum* : `1`\n\n*Maximum* : `100`", + "title": "InstanceId", + "type": "string" + }, + "IntegrationArn": { + "markdownDescription": "ARN of the integration being associated with the instance.\n\n*Minimum* : `1`\n\n*Maximum* : `140`", + "title": "IntegrationArn", + "type": "string" + }, + "IntegrationType": { + "markdownDescription": "Specifies the integration type to be associated with the instance.\n\n*Allowed Values* : `LEX_BOT` | `LAMBDA_FUNCTION`", + "title": "IntegrationType", + "type": "string" + } + }, + "required": [ + "InstanceId", + "IntegrationArn", + "IntegrationType" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Connect::IntegrationAssociation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "RulesetArn" + "Type", + "Properties" ], "type": "object" }, - "AWS::DataBrew::Project": { + "AWS::Connect::PhoneNumber": { "additionalProperties": false, "properties": { "Condition": { @@ -60032,51 +65856,53 @@ "Properties": { "additionalProperties": false, "properties": { - "DatasetName": { - "markdownDescription": "The dataset that the project is to act upon.", - "title": "DatasetName", + "CountryCode": { + "markdownDescription": "The ISO country code.", + "title": "CountryCode", "type": "string" }, - "Name": { - "markdownDescription": "The unique name of a project.", - "title": "Name", + "Description": { + "markdownDescription": "The description of the phone number.", + "title": "Description", "type": "string" }, - "RecipeName": { - "markdownDescription": "The name of a recipe that will be developed during a project session.", - "title": "RecipeName", + "Prefix": { + "markdownDescription": "The prefix of the phone number. If provided, it must contain `+` as part of the country code.\n\n*Pattern* : `^\\\\+[0-9]{1,15}`", + "title": "Prefix", "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role that will be assumed for this project.", - "title": "RoleArn", + "SourcePhoneNumberArn": { + "markdownDescription": "The claimed phone number ARN that was previously imported from the external service, such as AWS End User Messaging. If it is from AWS End User Messaging, it looks like the ARN of the phone number that was imported from AWS End User Messaging.", + "title": "SourcePhoneNumberArn", "type": "string" }, - "Sample": { - "$ref": "#/definitions/AWS::DataBrew::Project.Sample", - "markdownDescription": "The sample size and sampling type to apply to the data. If this parameter isn't specified, then the sample consists of the first 500 rows from the dataset.", - "title": "Sample" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata tags that have been applied to the project.", + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" + }, + "TargetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for Amazon Connect instances or traffic distribution group that phone numbers are claimed to.", + "title": "TargetArn", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of phone number.", + "title": "Type", + "type": "string" } }, "required": [ - "DatasetName", - "Name", - "RecipeName", - "RoleArn" + "TargetArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataBrew::Project" + "AWS::Connect::PhoneNumber" ], "type": "string" }, @@ -60095,26 +65921,100 @@ ], "type": "object" }, - "AWS::DataBrew::Project.Sample": { + "AWS::Connect::PredefinedAttribute": { "additionalProperties": false, "properties": { - "Size": { - "markdownDescription": "The number of rows in the sample.", - "title": "Size", - "type": "number" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", + "title": "InstanceArn", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the predefined attribute.", + "title": "Name", + "type": "string" + }, + "Values": { + "$ref": "#/definitions/AWS::Connect::PredefinedAttribute.Values", + "markdownDescription": "The values of a predefined attribute.", + "title": "Values" + } + }, + "required": [ + "InstanceArn", + "Name", + "Values" + ], + "type": "object" }, "Type": { - "markdownDescription": "The way in which DataBrew obtains rows from a dataset.", - "title": "Type", + "enum": [ + "AWS::Connect::PredefinedAttribute" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::DataBrew::Recipe": { + "AWS::Connect::PredefinedAttribute.Values": { + "additionalProperties": false, + "properties": { + "StringList": { + "items": { + "type": "string" + }, + "markdownDescription": "Predefined attribute values of type string list.", + "title": "StringList", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Connect::Prompt": { "additionalProperties": false, "properties": { "Condition": { @@ -60150,41 +66050,43 @@ "additionalProperties": false, "properties": { "Description": { - "markdownDescription": "The description of the recipe.", + "markdownDescription": "The description of the prompt.", "title": "Description", "type": "string" }, + "InstanceArn": { + "markdownDescription": "The identifier of the Amazon Connect instance.", + "title": "InstanceArn", + "type": "string" + }, "Name": { - "markdownDescription": "The unique name for the recipe.", + "markdownDescription": "The name of the prompt.", "title": "Name", "type": "string" }, - "Steps": { - "items": { - "$ref": "#/definitions/AWS::DataBrew::Recipe.RecipeStep" - }, - "markdownDescription": "A list of steps that are defined by the recipe.", - "title": "Steps", - "type": "array" + "S3Uri": { + "markdownDescription": "The URI for the S3 bucket where the prompt is stored. This property is required when you create a prompt.", + "title": "S3Uri", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata tags that have been applied to the recipe.", + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" } }, "required": [ - "Name", - "Steps" + "InstanceArn", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataBrew::Recipe" + "AWS::Connect::Prompt" ], "type": "string" }, @@ -60203,670 +66105,159 @@ ], "type": "object" }, - "AWS::DataBrew::Recipe.Action": { + "AWS::Connect::Queue": { "additionalProperties": false, "properties": { - "Operation": { - "markdownDescription": "The name of a valid DataBrew transformation to be performed on the data.", - "title": "Operation", + "Condition": { "type": "string" }, - "Parameters": { - "$ref": "#/definitions/AWS::DataBrew::Recipe.RecipeParameters", - "markdownDescription": "Contextual parameters for the transformation.", - "title": "Parameters" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the queue.", + "title": "Description", + "type": "string" + }, + "HoursOfOperationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the hours of operation.", + "title": "HoursOfOperationArn", + "type": "string" + }, + "InstanceArn": { + "markdownDescription": "The identifier of the Amazon Connect instance.", + "title": "InstanceArn", + "type": "string" + }, + "MaxContacts": { + "markdownDescription": "The maximum number of contacts that can be in the queue before it is considered full.", + "title": "MaxContacts", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of the queue.", + "title": "Name", + "type": "string" + }, + "OutboundCallerConfig": { + "$ref": "#/definitions/AWS::Connect::Queue.OutboundCallerConfig", + "markdownDescription": "The outbound caller ID name, number, and outbound whisper flow.", + "title": "OutboundCallerConfig" + }, + "OutboundEmailConfig": { + "$ref": "#/definitions/AWS::Connect::Queue.OutboundEmailConfig", + "markdownDescription": "The outbound email address ID for a specified queue.", + "title": "OutboundEmailConfig" + }, + "QuickConnectArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Names (ARN) of the of the quick connects available to agents who are working the queue.", + "title": "QuickConnectArns", + "type": "array" + }, + "Status": { + "markdownDescription": "The status of the queue.", + "title": "Status", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"Tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "HoursOfOperationArn", + "InstanceArn", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Connect::Queue" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Operation" + "Type", + "Properties" ], "type": "object" }, - "AWS::DataBrew::Recipe.ConditionExpression": { + "AWS::Connect::Queue.OutboundCallerConfig": { "additionalProperties": false, "properties": { - "Condition": { - "markdownDescription": "A specific condition to apply to a recipe action. For more information, see [Recipe structure](https://docs.aws.amazon.com/databrew/latest/dg/recipe-structure.html) in the *AWS Glue DataBrew Developer Guide* .", - "title": "Condition", + "OutboundCallerIdName": { + "markdownDescription": "The caller ID name.", + "title": "OutboundCallerIdName", "type": "string" }, - "TargetColumn": { - "markdownDescription": "A column to apply this condition to.", - "title": "TargetColumn", + "OutboundCallerIdNumberArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the outbound caller ID number.\n\n> Only use the phone number ARN format that doesn't contain `instance` in the path, for example, `arn:aws:connect:us-east-1:1234567890:phone-number/uuid` . This is the same ARN format that is returned when you create a phone number using CloudFormation , or when you call the [ListPhoneNumbersV2](https://docs.aws.amazon.com/connect/latest/APIReference/API_ListPhoneNumbersV2.html) API.", + "title": "OutboundCallerIdNumberArn", "type": "string" }, - "Value": { - "markdownDescription": "A value that the condition must evaluate to for the condition to succeed.", - "title": "Value", + "OutboundFlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the outbound flow.", + "title": "OutboundFlowArn", "type": "string" } }, - "required": [ - "Condition", - "TargetColumn" - ], "type": "object" }, - "AWS::DataBrew::Recipe.DataCatalogInputDefinition": { + "AWS::Connect::Queue.OutboundEmailConfig": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The unique identifier of the AWS account that holds the Data Catalog that stores the data.", - "title": "CatalogId", - "type": "string" - }, - "DatabaseName": { - "markdownDescription": "The name of a database in the Data Catalog.", - "title": "DatabaseName", - "type": "string" - }, - "TableName": { - "markdownDescription": "The name of a database table in the Data Catalog. This table corresponds to a DataBrew dataset.", - "title": "TableName", + "OutboundEmailAddressId": { + "markdownDescription": "The identifier of the email address.", + "title": "OutboundEmailAddressId", "type": "string" - }, - "TempDirectory": { - "$ref": "#/definitions/AWS::DataBrew::Recipe.S3Location", - "markdownDescription": "Represents an Amazon location where DataBrew can store intermediate results.", - "title": "TempDirectory" } }, "type": "object" }, - "AWS::DataBrew::Recipe.Input": { - "additionalProperties": false, - "properties": { - "DataCatalogInputDefinition": { - "$ref": "#/definitions/AWS::DataBrew::Recipe.DataCatalogInputDefinition", - "markdownDescription": "The AWS Glue Data Catalog parameters for the data.", - "title": "DataCatalogInputDefinition" - }, - "S3InputDefinition": { - "$ref": "#/definitions/AWS::DataBrew::Recipe.S3Location", - "markdownDescription": "The Amazon S3 location where the data is stored.", - "title": "S3InputDefinition" - } - }, - "type": "object" - }, - "AWS::DataBrew::Recipe.RecipeParameters": { - "additionalProperties": false, - "properties": { - "AggregateFunction": { - "markdownDescription": "The name of an aggregation function to apply.", - "title": "AggregateFunction", - "type": "string" - }, - "Base": { - "markdownDescription": "The number of digits used in a counting system.", - "title": "Base", - "type": "string" - }, - "CaseStatement": { - "markdownDescription": "A case statement associated with a recipe.", - "title": "CaseStatement", - "type": "string" - }, - "CategoryMap": { - "markdownDescription": "A category map used for one-hot encoding.", - "title": "CategoryMap", - "type": "string" - }, - "CharsToRemove": { - "markdownDescription": "Characters to remove from a step that applies one-hot encoding or tokenization.", - "title": "CharsToRemove", - "type": "string" - }, - "CollapseConsecutiveWhitespace": { - "markdownDescription": "Remove any non-word non-punctuation character.", - "title": "CollapseConsecutiveWhitespace", - "type": "string" - }, - "ColumnDataType": { - "markdownDescription": "The data type of the column.", - "title": "ColumnDataType", - "type": "string" - }, - "ColumnRange": { - "markdownDescription": "A range of columns to which a step is applied.", - "title": "ColumnRange", - "type": "string" - }, - "Count": { - "markdownDescription": "The number of times a string needs to be repeated.", - "title": "Count", - "type": "string" - }, - "CustomCharacters": { - "markdownDescription": "One or more characters that can be substituted or removed, depending on the context.", - "title": "CustomCharacters", - "type": "string" - }, - "CustomStopWords": { - "markdownDescription": "A list of words to ignore in a step that applies word tokenization.", - "title": "CustomStopWords", - "type": "string" - }, - "CustomValue": { - "markdownDescription": "A list of custom values to use in a step that requires that you provide a value to finish the operation.", - "title": "CustomValue", - "type": "string" - }, - "DatasetsColumns": { - "markdownDescription": "A list of the dataset columns included in a project.", - "title": "DatasetsColumns", - "type": "string" - }, - "DateAddValue": { - "markdownDescription": "A value that specifies how many units of time to add or subtract for a date math operation.", - "title": "DateAddValue", - "type": "string" - }, - "DateTimeFormat": { - "markdownDescription": "A date format to apply to a date.", - "title": "DateTimeFormat", - "type": "string" - }, - "DateTimeParameters": { - "markdownDescription": "A set of parameters associated with a datetime.", - "title": "DateTimeParameters", - "type": "string" - }, - "DeleteOtherRows": { - "markdownDescription": "Determines whether unmapped rows in a categorical mapping should be deleted", - "title": "DeleteOtherRows", - "type": "string" - }, - "Delimiter": { - "markdownDescription": "The delimiter to use when parsing separated values in a text file.", - "title": "Delimiter", - "type": "string" - }, - "EndPattern": { - "markdownDescription": "The end pattern to locate.", - "title": "EndPattern", - "type": "string" - }, - "EndPosition": { - "markdownDescription": "The end position to locate.", - "title": "EndPosition", - "type": "string" - }, - "EndValue": { - "markdownDescription": "The end value to locate.", - "title": "EndValue", - "type": "string" - }, - "ExpandContractions": { - "markdownDescription": "A list of word contractions and what they expand to. For eample: *can't* ; *cannot* ; *can not* .", - "title": "ExpandContractions", - "type": "string" - }, - "Exponent": { - "markdownDescription": "The exponent to apply in an exponential operation.", - "title": "Exponent", - "type": "string" - }, - "FalseString": { - "markdownDescription": "A value that represents `FALSE` .", - "title": "FalseString", - "type": "string" - }, - "GroupByAggFunctionOptions": { - "markdownDescription": "Specifies options to apply to the `GROUP BY` used in an aggregation.", - "title": "GroupByAggFunctionOptions", - "type": "string" - }, - "GroupByColumns": { - "markdownDescription": "The columns to use in the `GROUP BY` clause.", - "title": "GroupByColumns", - "type": "string" - }, - "HiddenColumns": { - "markdownDescription": "A list of columns to hide.", - "title": "HiddenColumns", - "type": "string" - }, - "IgnoreCase": { - "markdownDescription": "Indicates that lower and upper case letters are treated equally.", - "title": "IgnoreCase", - "type": "string" - }, - "IncludeInSplit": { - "markdownDescription": "Indicates if this column is participating in a split transform.", - "title": "IncludeInSplit", - "type": "string" - }, - "Input": { - "$ref": "#/definitions/AWS::DataBrew::Recipe.Input", - "markdownDescription": "The input location to load the dataset from - Amazon S3 or AWS Glue Data Catalog .", - "title": "Input" - }, - "Interval": { - "markdownDescription": "The number of characters to split by.", - "title": "Interval", - "type": "string" - }, - "IsText": { - "markdownDescription": "Indicates if the content is text.", - "title": "IsText", - "type": "string" - }, - "JoinKeys": { - "markdownDescription": "The keys or columns involved in a join.", - "title": "JoinKeys", - "type": "string" - }, - "JoinType": { - "markdownDescription": "The type of join to use, for example, `INNER JOIN` , `OUTER JOIN` , and so on.", - "title": "JoinType", - "type": "string" - }, - "LeftColumns": { - "markdownDescription": "The columns on the left side of the join.", - "title": "LeftColumns", - "type": "string" - }, - "Limit": { - "markdownDescription": "The number of times to perform `split` or `replaceBy` in a string", - "title": "Limit", - "type": "string" - }, - "LowerBound": { - "markdownDescription": "The lower boundary for a value.", - "title": "LowerBound", - "type": "string" - }, - "MapType": { - "markdownDescription": "The type of mappings to apply to construct a new dynamic frame.", - "title": "MapType", - "type": "string" - }, - "ModeType": { - "markdownDescription": "Determines the manner in which mode value is calculated, in case there is more than one mode value. Valid values: `NONE` | `AVERAGE` | `MINIMUM` | `MAXIMUM`", - "title": "ModeType", - "type": "string" - }, - "MultiLine": { - "markdownDescription": "Specifies whether JSON input contains embedded new line characters.", - "title": "MultiLine", - "type": "boolean" - }, - "NumRows": { - "markdownDescription": "The number of rows to consider in a window.", - "title": "NumRows", - "type": "string" - }, - "NumRowsAfter": { - "markdownDescription": "The number of rows to consider after the current row in a window", - "title": "NumRowsAfter", - "type": "string" - }, - "NumRowsBefore": { - "markdownDescription": "The number of rows to consider before the current row in a window", - "title": "NumRowsBefore", - "type": "string" - }, - "OrderByColumn": { - "markdownDescription": "A column to sort the results by.", - "title": "OrderByColumn", - "type": "string" - }, - "OrderByColumns": { - "markdownDescription": "The columns to sort the results by.", - "title": "OrderByColumns", - "type": "string" - }, - "Other": { - "markdownDescription": "The value to assign to unmapped cells, in categorical mapping", - "title": "Other", - "type": "string" - }, - "Pattern": { - "markdownDescription": "The pattern to locate.", - "title": "Pattern", - "type": "string" - }, - "PatternOption1": { - "markdownDescription": "The starting pattern to split between.", - "title": "PatternOption1", - "type": "string" - }, - "PatternOption2": { - "markdownDescription": "The ending pattern to split between.", - "title": "PatternOption2", - "type": "string" - }, - "PatternOptions": { - "markdownDescription": "For splitting by multiple delimiters: A JSON-encoded string that lists the patterns in the format. For example: `[{\\\"pattern\\\":\\\"1\\\",\\\"includeInSplit\\\":true}]`", - "title": "PatternOptions", - "type": "string" - }, - "Period": { - "markdownDescription": "The size of the rolling window.", - "title": "Period", - "type": "string" - }, - "Position": { - "markdownDescription": "The character index within a string", - "title": "Position", - "type": "string" - }, - "RemoveAllPunctuation": { - "markdownDescription": "If `true` , removes all of the following characters: `.` `.!` `.,` `.?`", - "title": "RemoveAllPunctuation", - "type": "string" - }, - "RemoveAllQuotes": { - "markdownDescription": "If `true` , removes all single quotes and double quotes.", - "title": "RemoveAllQuotes", - "type": "string" - }, - "RemoveAllWhitespace": { - "markdownDescription": "If `true` , removes all whitespaces from the value.", - "title": "RemoveAllWhitespace", - "type": "string" - }, - "RemoveCustomCharacters": { - "markdownDescription": "If `true` , removes all chraracters specified by `CustomCharacters` .", - "title": "RemoveCustomCharacters", - "type": "string" - }, - "RemoveCustomValue": { - "markdownDescription": "If `true` , removes all chraracters specified by `CustomValue` .", - "title": "RemoveCustomValue", - "type": "string" - }, - "RemoveLeadingAndTrailingPunctuation": { - "markdownDescription": "If `true` , removes the following characters if they occur at the start or end of the value: `.` `!` `,` `?`", - "title": "RemoveLeadingAndTrailingPunctuation", - "type": "string" - }, - "RemoveLeadingAndTrailingQuotes": { - "markdownDescription": "If `true` , removes single quotes and double quotes from the beginning and end of the value.", - "title": "RemoveLeadingAndTrailingQuotes", - "type": "string" - }, - "RemoveLeadingAndTrailingWhitespace": { - "markdownDescription": "If `true` , removes all whitespaces from the beginning and end of the value.", - "title": "RemoveLeadingAndTrailingWhitespace", - "type": "string" - }, - "RemoveLetters": { - "markdownDescription": "If `true` , removes all uppercase and lowercase alphabetic characters (A through Z; a through z).", - "title": "RemoveLetters", - "type": "string" - }, - "RemoveNumbers": { - "markdownDescription": "If `true` , removes all numeric characters (0 through 9).", - "title": "RemoveNumbers", - "type": "string" - }, - "RemoveSourceColumn": { - "markdownDescription": "If `true` , the source column will be removed after un-nesting that column. (Used with nested column types, such as Map, Struct, or Array.)", - "title": "RemoveSourceColumn", - "type": "string" - }, - "RemoveSpecialCharacters": { - "markdownDescription": "If `true` , removes all of the following characters: `! \" # $ % & ' ( ) * + , - . / : ; < = > ? @ [ \\ ] ^ _ ` { | } ~`", - "title": "RemoveSpecialCharacters", - "type": "string" - }, - "RightColumns": { - "markdownDescription": "The columns on the right side of a join.", - "title": "RightColumns", - "type": "string" - }, - "SampleSize": { - "markdownDescription": "The number of rows in the sample.", - "title": "SampleSize", - "type": "string" - }, - "SampleType": { - "markdownDescription": "The sampling type to apply to the dataset. Valid values: `FIRST_N` | `LAST_N` | `RANDOM`", - "title": "SampleType", - "type": "string" - }, - "SecondInput": { - "markdownDescription": "A object value to indicate the second dataset used in a join.", - "title": "SecondInput", - "type": "string" - }, - "SecondaryInputs": { - "items": { - "$ref": "#/definitions/AWS::DataBrew::Recipe.SecondaryInput" - }, - "markdownDescription": "A list of secondary inputs in a UNION transform", - "title": "SecondaryInputs", - "type": "array" - }, - "SheetIndexes": { - "items": { - "type": "number" - }, - "markdownDescription": "One or more sheet numbers in the Excel file, which will be included in a dataset.", - "title": "SheetIndexes", - "type": "array" - }, - "SheetNames": { - "items": { - "type": "string" - }, - "markdownDescription": "Oone or more named sheets in the Excel file, which will be included in a dataset.", - "title": "SheetNames", - "type": "array" - }, - "SourceColumn": { - "markdownDescription": "A source column needed for an operation, step, or transform.", - "title": "SourceColumn", - "type": "string" - }, - "SourceColumn1": { - "markdownDescription": "A source column needed for an operation, step, or transform.", - "title": "SourceColumn1", - "type": "string" - }, - "SourceColumn2": { - "markdownDescription": "A source column needed for an operation, step, or transform.", - "title": "SourceColumn2", - "type": "string" - }, - "SourceColumns": { - "markdownDescription": "A list of source columns needed for an operation, step, or transform.", - "title": "SourceColumns", - "type": "string" - }, - "StartColumnIndex": { - "markdownDescription": "The index number of the first column used by an operation, step, or transform.", - "title": "StartColumnIndex", - "type": "string" - }, - "StartPattern": { - "markdownDescription": "The starting pattern to locate.", - "title": "StartPattern", - "type": "string" - }, - "StartPosition": { - "markdownDescription": "The starting position to locate.", - "title": "StartPosition", - "type": "string" - }, - "StartValue": { - "markdownDescription": "The starting value to locate.", - "title": "StartValue", - "type": "string" - }, - "StemmingMode": { - "markdownDescription": "Indicates this operation uses stems and lemmas (base words) for word tokenization.", - "title": "StemmingMode", - "type": "string" - }, - "StepCount": { - "markdownDescription": "The total number of transforms in this recipe.", - "title": "StepCount", - "type": "string" - }, - "StepIndex": { - "markdownDescription": "The index ID of a step.", - "title": "StepIndex", - "type": "string" - }, - "StopWordsMode": { - "markdownDescription": "Indicates this operation uses stop words as part of word tokenization.", - "title": "StopWordsMode", - "type": "string" - }, - "Strategy": { - "markdownDescription": "The resolution strategy to apply in resolving ambiguities.", - "title": "Strategy", - "type": "string" - }, - "TargetColumn": { - "markdownDescription": "The column targeted by this operation.", - "title": "TargetColumn", - "type": "string" - }, - "TargetColumnNames": { - "markdownDescription": "The names to give columns altered by this operation.", - "title": "TargetColumnNames", - "type": "string" - }, - "TargetDateFormat": { - "markdownDescription": "The date format to convert to.", - "title": "TargetDateFormat", - "type": "string" - }, - "TargetIndex": { - "markdownDescription": "The index number of an object that is targeted by this operation.", - "title": "TargetIndex", - "type": "string" - }, - "TimeZone": { - "markdownDescription": "The current timezone that you want to use for dates.", - "title": "TimeZone", - "type": "string" - }, - "TokenizerPattern": { - "markdownDescription": "A regex expression to use when splitting text into terms, also called words or tokens.", - "title": "TokenizerPattern", - "type": "string" - }, - "TrueString": { - "markdownDescription": "A value to use to represent `TRUE` .", - "title": "TrueString", - "type": "string" - }, - "UdfLang": { - "markdownDescription": "The language that's used in the user-defined function.", - "title": "UdfLang", - "type": "string" - }, - "Units": { - "markdownDescription": "Specifies a unit of time. For example: `MINUTES` ; `SECONDS` ; `HOURS` ; etc.", - "title": "Units", - "type": "string" - }, - "UnpivotColumn": { - "markdownDescription": "Cast columns as rows, so that each value is a different row in a single column.", - "title": "UnpivotColumn", - "type": "string" - }, - "UpperBound": { - "markdownDescription": "The upper boundary for a value.", - "title": "UpperBound", - "type": "string" - }, - "UseNewDataFrame": { - "markdownDescription": "Create a new container to hold a dataset.", - "title": "UseNewDataFrame", - "type": "string" - }, - "Value": { - "markdownDescription": "A static value that can be used in a comparison, a substitution, or in another context-specific way. A `Value` can be a number, string, or other datatype, depending on the recipe action in which it's used.", - "title": "Value", - "type": "string" - }, - "Value1": { - "markdownDescription": "A value that's used by this operation.", - "title": "Value1", - "type": "string" - }, - "Value2": { - "markdownDescription": "A value that's used by this operation.", - "title": "Value2", - "type": "string" - }, - "ValueColumn": { - "markdownDescription": "The column that is provided as a value that's used by this operation.", - "title": "ValueColumn", - "type": "string" - }, - "ViewFrame": { - "markdownDescription": "The subset of rows currently available for viewing.", - "title": "ViewFrame", - "type": "string" - } - }, - "type": "object" - }, - "AWS::DataBrew::Recipe.RecipeStep": { - "additionalProperties": false, - "properties": { - "Action": { - "$ref": "#/definitions/AWS::DataBrew::Recipe.Action", - "markdownDescription": "The particular action to be performed in the recipe step.", - "title": "Action" - }, - "ConditionExpressions": { - "items": { - "$ref": "#/definitions/AWS::DataBrew::Recipe.ConditionExpression" - }, - "markdownDescription": "One or more conditions that must be met for the recipe step to succeed.\n\n> All of the conditions in the array must be met. In other words, all of the conditions must be combined using a logical AND operation.", - "title": "ConditionExpressions", - "type": "array" - } - }, - "required": [ - "Action" - ], - "type": "object" - }, - "AWS::DataBrew::Recipe.S3Location": { - "additionalProperties": false, - "properties": { - "Bucket": { - "markdownDescription": "The Amazon S3 bucket name.", - "title": "Bucket", - "type": "string" - }, - "Key": { - "markdownDescription": "The unique name of the object in the bucket.", - "title": "Key", - "type": "string" - } - }, - "required": [ - "Bucket" - ], - "type": "object" - }, - "AWS::DataBrew::Recipe.SecondaryInput": { - "additionalProperties": false, - "properties": { - "DataCatalogInputDefinition": { - "$ref": "#/definitions/AWS::DataBrew::Recipe.DataCatalogInputDefinition", - "markdownDescription": "The AWS Glue Data Catalog parameters for the data.", - "title": "DataCatalogInputDefinition" - }, - "S3InputDefinition": { - "$ref": "#/definitions/AWS::DataBrew::Recipe.S3Location", - "markdownDescription": "The Amazon S3 location where the data is stored.", - "title": "S3InputDefinition" - } - }, - "type": "object" - }, - "AWS::DataBrew::Ruleset": { + "AWS::Connect::QuickConnect": { "additionalProperties": false, "properties": { "Condition": { @@ -60902,47 +66293,44 @@ "additionalProperties": false, "properties": { "Description": { - "markdownDescription": "The description of the ruleset.", + "markdownDescription": "The description of the quick connect.", "title": "Description", "type": "string" }, + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", + "title": "InstanceArn", + "type": "string" + }, "Name": { - "markdownDescription": "The name of the ruleset.", + "markdownDescription": "The name of the quick connect.", "title": "Name", "type": "string" }, - "Rules": { - "items": { - "$ref": "#/definitions/AWS::DataBrew::Ruleset.Rule" - }, - "markdownDescription": "Contains metadata about the ruleset.", - "title": "Rules", - "type": "array" + "QuickConnectConfig": { + "$ref": "#/definitions/AWS::Connect::QuickConnect.QuickConnectConfig", + "markdownDescription": "Contains information about the quick connect.", + "title": "QuickConnectConfig" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"Tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" - }, - "TargetArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of a resource (dataset) that the ruleset is associated with.", - "title": "TargetArn", - "type": "string" } }, "required": [ + "InstanceArn", "Name", - "Rules", - "TargetArn" + "QuickConnectConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataBrew::Ruleset" + "AWS::Connect::QuickConnect" ], "type": "string" }, @@ -60961,113 +66349,90 @@ ], "type": "object" }, - "AWS::DataBrew::Ruleset.ColumnSelector": { + "AWS::Connect::QuickConnect.PhoneNumberQuickConnectConfig": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of a column from a dataset.", - "title": "Name", - "type": "string" - }, - "Regex": { - "markdownDescription": "A regular expression for selecting a column from a dataset.", - "title": "Regex", + "PhoneNumber": { + "markdownDescription": "The phone number in E.164 format.", + "title": "PhoneNumber", "type": "string" } }, + "required": [ + "PhoneNumber" + ], "type": "object" }, - "AWS::DataBrew::Ruleset.Rule": { + "AWS::Connect::QuickConnect.QueueQuickConnectConfig": { "additionalProperties": false, "properties": { - "CheckExpression": { - "markdownDescription": "The expression which includes column references, condition names followed by variable references, possibly grouped and combined with other conditions. For example, `(:col1 starts_with :prefix1 or :col1 starts_with :prefix2) and (:col1 ends_with :suffix1 or :col1 ends_with :suffix2)` . Column and value references are substitution variables that should start with the ':' symbol. Depending on the context, substitution variables' values can be either an actual value or a column name. These values are defined in the SubstitutionMap. If a CheckExpression starts with a column reference, then ColumnSelectors in the rule should be null. If ColumnSelectors has been defined, then there should be no columnn reference in the left side of a condition, for example, `is_between :val1 and :val2` .", - "title": "CheckExpression", + "ContactFlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", + "title": "ContactFlowArn", "type": "string" }, - "ColumnSelectors": { - "items": { - "$ref": "#/definitions/AWS::DataBrew::Ruleset.ColumnSelector" - }, - "markdownDescription": "List of column selectors. Selectors can be used to select columns using a name or regular expression from the dataset. Rule will be applied to selected columns.", - "title": "ColumnSelectors", - "type": "array" - }, - "Disabled": { - "markdownDescription": "A value that specifies whether the rule is disabled. Once a rule is disabled, a profile job will not validate it during a job run. Default value is false.", - "title": "Disabled", - "type": "boolean" - }, - "Name": { - "markdownDescription": "The name of the rule.", - "title": "Name", + "QueueArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the queue.", + "title": "QueueArn", "type": "string" - }, - "SubstitutionMap": { - "items": { - "$ref": "#/definitions/AWS::DataBrew::Ruleset.SubstitutionValue" - }, - "markdownDescription": "The map of substitution variable names to their values used in a check expression. Variable names should start with a ':' (colon). Variable values can either be actual values or column names. To differentiate between the two, column names should be enclosed in backticks, for example, `\":col1\": \"`Column A`\".`", - "title": "SubstitutionMap", - "type": "array" - }, - "Threshold": { - "$ref": "#/definitions/AWS::DataBrew::Ruleset.Threshold", - "markdownDescription": "The threshold used with a non-aggregate check expression. Non-aggregate check expressions will be applied to each row in a specific column, and the threshold will be used to determine whether the validation succeeds.", - "title": "Threshold" } }, "required": [ - "CheckExpression", - "Name" + "ContactFlowArn", + "QueueArn" ], "type": "object" }, - "AWS::DataBrew::Ruleset.SubstitutionValue": { + "AWS::Connect::QuickConnect.QuickConnectConfig": { "additionalProperties": false, "properties": { - "Value": { - "markdownDescription": "Value or column name.", - "title": "Value", - "type": "string" + "PhoneConfig": { + "$ref": "#/definitions/AWS::Connect::QuickConnect.PhoneNumberQuickConnectConfig", + "markdownDescription": "The phone configuration. This is required only if QuickConnectType is PHONE_NUMBER.", + "title": "PhoneConfig" }, - "ValueReference": { - "markdownDescription": "Variable name.", - "title": "ValueReference", + "QueueConfig": { + "$ref": "#/definitions/AWS::Connect::QuickConnect.QueueQuickConnectConfig", + "markdownDescription": "The queue configuration. This is required only if QuickConnectType is QUEUE.", + "title": "QueueConfig" + }, + "QuickConnectType": { + "markdownDescription": "The type of quick connect. In the Amazon Connect console, when you create a quick connect, you are prompted to assign one of the following types: Agent (USER), External (PHONE_NUMBER), or Queue (QUEUE).", + "title": "QuickConnectType", "type": "string" + }, + "UserConfig": { + "$ref": "#/definitions/AWS::Connect::QuickConnect.UserQuickConnectConfig", + "markdownDescription": "The user configuration. This is required only if QuickConnectType is USER.", + "title": "UserConfig" } }, "required": [ - "Value", - "ValueReference" + "QuickConnectType" ], "type": "object" }, - "AWS::DataBrew::Ruleset.Threshold": { + "AWS::Connect::QuickConnect.UserQuickConnectConfig": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The type of a threshold. Used for comparison of an actual count of rows that satisfy the rule to the threshold value.", - "title": "Type", + "ContactFlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", + "title": "ContactFlowArn", "type": "string" }, - "Unit": { - "markdownDescription": "Unit of threshold value. Can be either a COUNT or PERCENTAGE of the full sample size used for validation.", - "title": "Unit", + "UserArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the user.", + "title": "UserArn", "type": "string" - }, - "Value": { - "markdownDescription": "The value of a threshold.", - "title": "Value", - "type": "number" } }, "required": [ - "Value" + "ContactFlowArn", + "UserArn" ], "type": "object" }, - "AWS::DataBrew::Schedule": { + "AWS::Connect::RoutingProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -61102,42 +66467,68 @@ "Properties": { "additionalProperties": false, "properties": { - "CronExpression": { - "markdownDescription": "The dates and times when the job is to run. For more information, see [Working with cron expressions for recipe jobs](https://docs.aws.amazon.com/databrew/latest/dg/jobs.recipe.html#jobs.cron) in the *AWS Glue DataBrew Developer Guide* .", - "title": "CronExpression", + "AgentAvailabilityTimer": { + "markdownDescription": "Whether agents with this routing profile will have their routing order calculated based on *time since their last inbound contact* or *longest idle time* .", + "title": "AgentAvailabilityTimer", "type": "string" }, - "JobNames": { + "DefaultOutboundQueueArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the default outbound queue for the routing profile.", + "title": "DefaultOutboundQueueArn", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the routing profile.", + "title": "Description", + "type": "string" + }, + "InstanceArn": { + "markdownDescription": "The identifier of the Amazon Connect instance.", + "title": "InstanceArn", + "type": "string" + }, + "MediaConcurrencies": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Connect::RoutingProfile.MediaConcurrency" }, - "markdownDescription": "A list of jobs to be run, according to the schedule.", - "title": "JobNames", + "markdownDescription": "The channels agents can handle in the Contact Control Panel (CCP) for this routing profile.", + "title": "MediaConcurrencies", "type": "array" }, "Name": { - "markdownDescription": "The name of the schedule.", + "markdownDescription": "The name of the routing profile.", "title": "Name", "type": "string" }, + "QueueConfigs": { + "items": { + "$ref": "#/definitions/AWS::Connect::RoutingProfile.RoutingProfileQueueConfig" + }, + "markdownDescription": "The inbound queues associated with the routing profile. If no queue is added, the agent can make only outbound calls.", + "title": "QueueConfigs", + "type": "array" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata tags that have been applied to the schedule.", + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"Tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" } }, "required": [ - "CronExpression", + "DefaultOutboundQueueArn", + "Description", + "InstanceArn", + "MediaConcurrencies", "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataBrew::Schedule" + "AWS::Connect::RoutingProfile" ], "type": "string" }, @@ -61156,7 +66547,92 @@ ], "type": "object" }, - "AWS::DataPipeline::Pipeline": { + "AWS::Connect::RoutingProfile.CrossChannelBehavior": { + "additionalProperties": false, + "properties": { + "BehaviorType": { + "markdownDescription": "Specifies the other channels that can be routed to an agent handling their current channel.", + "title": "BehaviorType", + "type": "string" + } + }, + "required": [ + "BehaviorType" + ], + "type": "object" + }, + "AWS::Connect::RoutingProfile.MediaConcurrency": { + "additionalProperties": false, + "properties": { + "Channel": { + "markdownDescription": "The channels that agents can handle in the Contact Control Panel (CCP).", + "title": "Channel", + "type": "string" + }, + "Concurrency": { + "markdownDescription": "The number of contacts an agent can have on a channel simultaneously.\n\nValid Range for `VOICE` : Minimum value of 1. Maximum value of 1.\n\nValid Range for `CHAT` : Minimum value of 1. Maximum value of 10.\n\nValid Range for `TASK` : Minimum value of 1. Maximum value of 10.", + "title": "Concurrency", + "type": "number" + }, + "CrossChannelBehavior": { + "$ref": "#/definitions/AWS::Connect::RoutingProfile.CrossChannelBehavior", + "markdownDescription": "Defines the cross-channel routing behavior for each channel that is enabled for this Routing Profile. For example, this allows you to offer an agent a different contact from another channel when they are currently working with a contact from a Voice channel.", + "title": "CrossChannelBehavior" + } + }, + "required": [ + "Channel", + "Concurrency" + ], + "type": "object" + }, + "AWS::Connect::RoutingProfile.RoutingProfileQueueConfig": { + "additionalProperties": false, + "properties": { + "Delay": { + "markdownDescription": "The delay, in seconds, a contact should be in the queue before they are routed to an available agent. For more information, see [Queues: priority and delay](https://docs.aws.amazon.com/connect/latest/adminguide/concepts-routing-profiles-priority.html) in the *Amazon Connect Administrator Guide* .", + "title": "Delay", + "type": "number" + }, + "Priority": { + "markdownDescription": "The order in which contacts are to be handled for the queue. For more information, see [Queues: priority and delay](https://docs.aws.amazon.com/connect/latest/adminguide/concepts-routing-profiles-priority.html) .", + "title": "Priority", + "type": "number" + }, + "QueueReference": { + "$ref": "#/definitions/AWS::Connect::RoutingProfile.RoutingProfileQueueReference", + "markdownDescription": "Contains information about a queue resource.", + "title": "QueueReference" + } + }, + "required": [ + "Delay", + "Priority", + "QueueReference" + ], + "type": "object" + }, + "AWS::Connect::RoutingProfile.RoutingProfileQueueReference": { + "additionalProperties": false, + "properties": { + "Channel": { + "markdownDescription": "The channels agents can handle in the Contact Control Panel (CCP) for this routing profile.", + "title": "Channel", + "type": "string" + }, + "QueueArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the queue.", + "title": "QueueArn", + "type": "string" + } + }, + "required": [ + "Channel", + "QueueArn" + ], + "type": "object" + }, + "AWS::Connect::Rule": { "additionalProperties": false, "properties": { "Condition": { @@ -61191,62 +66667,58 @@ "Properties": { "additionalProperties": false, "properties": { - "Activate": { - "markdownDescription": "Indicates whether to validate and start the pipeline or stop an active pipeline. By default, the value is set to `true` .", - "title": "Activate", - "type": "boolean" + "Actions": { + "$ref": "#/definitions/AWS::Connect::Rule.Actions", + "markdownDescription": "A list of actions to be run when the rule is triggered.", + "title": "Actions" }, - "Description": { - "markdownDescription": "A description of the pipeline.", - "title": "Description", + "Function": { + "markdownDescription": "The conditions of the rule.", + "title": "Function", + "type": "string" + }, + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", + "title": "InstanceArn", "type": "string" }, "Name": { - "markdownDescription": "The name of the pipeline.", + "markdownDescription": "The name of the rule.", "title": "Name", "type": "string" }, - "ParameterObjects": { - "items": { - "$ref": "#/definitions/AWS::DataPipeline::Pipeline.ParameterObject" - }, - "markdownDescription": "The parameter objects used with the pipeline.", - "title": "ParameterObjects", - "type": "array" - }, - "ParameterValues": { - "items": { - "$ref": "#/definitions/AWS::DataPipeline::Pipeline.ParameterValue" - }, - "markdownDescription": "The parameter values used with the pipeline.", - "title": "ParameterValues", - "type": "array" + "PublishStatus": { + "markdownDescription": "The publish status of the rule.\n\n*Allowed values* : `DRAFT` | `PUBLISHED`", + "title": "PublishStatus", + "type": "string" }, - "PipelineObjects": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::DataPipeline::Pipeline.PipelineObject" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The objects that define the pipeline. These objects overwrite the existing pipeline definition. Not all objects, fields, and values can be updated. For information about restrictions, see [Editing Your Pipeline](https://docs.aws.amazon.com/datapipeline/latest/DeveloperGuide/dp-manage-pipeline-modify-console.html) in the *AWS Data Pipeline Developer Guide* .", - "title": "PipelineObjects", + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "title": "Tags", "type": "array" }, - "PipelineTags": { - "items": { - "$ref": "#/definitions/AWS::DataPipeline::Pipeline.PipelineTag" - }, - "markdownDescription": "A list of arbitrary tags (key-value pairs) to associate with the pipeline, which you can use to control permissions. For more information, see [Controlling Access to Pipelines and Resources](https://docs.aws.amazon.com/datapipeline/latest/DeveloperGuide/dp-control-access.html) in the *AWS Data Pipeline Developer Guide* .", - "title": "PipelineTags", - "type": "array" + "TriggerEventSource": { + "$ref": "#/definitions/AWS::Connect::Rule.RuleTriggerEventSource", + "markdownDescription": "The event source to trigger the rule.", + "title": "TriggerEventSource" } }, "required": [ - "Name" + "Actions", + "Function", + "InstanceArn", + "Name", + "PublishStatus", + "TriggerEventSource" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataPipeline::Pipeline" + "AWS::Connect::Rule" ], "type": "string" }, @@ -61265,143 +66737,328 @@ ], "type": "object" }, - "AWS::DataPipeline::Pipeline.Field": { + "AWS::Connect::Rule.Actions": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "Specifies the name of a field for a particular object. To view valid values for a particular field, see [Pipeline Object Reference](https://docs.aws.amazon.com/datapipeline/latest/DeveloperGuide/dp-pipeline-objects.html) in the *AWS Data Pipeline Developer Guide* .", - "title": "Key", - "type": "string" + "AssignContactCategoryActions": { + "items": { + "type": "object" + }, + "markdownDescription": "Information about the contact category action. The syntax can be empty, for example, `{}` .", + "title": "AssignContactCategoryActions", + "type": "array" }, - "RefValue": { - "markdownDescription": "A field value that you specify as an identifier of another object in the same pipeline definition.\n\n> You can specify the field value as either a string value ( `StringValue` ) or a reference to another object ( `RefValue` ), but not both. \n\nRequired if the key that you are using requires it.", - "title": "RefValue", - "type": "string" + "CreateCaseActions": { + "items": { + "$ref": "#/definitions/AWS::Connect::Rule.CreateCaseAction" + }, + "markdownDescription": "", + "title": "CreateCaseActions", + "type": "array" }, - "StringValue": { - "markdownDescription": "A field value that you specify as a string. To view valid values for a particular field, see [Pipeline Object Reference](https://docs.aws.amazon.com/datapipeline/latest/DeveloperGuide/dp-pipeline-objects.html) in the *AWS Data Pipeline Developer Guide* .\n\n> You can specify the field value as either a string value ( `StringValue` ) or a reference to another object ( `RefValue` ), but not both. \n\nRequired if the key that you are using requires it.", - "title": "StringValue", - "type": "string" + "EndAssociatedTasksActions": { + "items": { + "type": "object" + }, + "markdownDescription": "", + "title": "EndAssociatedTasksActions", + "type": "array" + }, + "EventBridgeActions": { + "items": { + "$ref": "#/definitions/AWS::Connect::Rule.EventBridgeAction" + }, + "markdownDescription": "Information about the EventBridge action.", + "title": "EventBridgeActions", + "type": "array" + }, + "SendNotificationActions": { + "items": { + "$ref": "#/definitions/AWS::Connect::Rule.SendNotificationAction" + }, + "markdownDescription": "Information about the send notification action.", + "title": "SendNotificationActions", + "type": "array" + }, + "SubmitAutoEvaluationActions": { + "items": { + "$ref": "#/definitions/AWS::Connect::Rule.SubmitAutoEvaluationAction" + }, + "markdownDescription": "", + "title": "SubmitAutoEvaluationActions", + "type": "array" + }, + "TaskActions": { + "items": { + "$ref": "#/definitions/AWS::Connect::Rule.TaskAction" + }, + "markdownDescription": "Information about the task action. This field is required if `TriggerEventSource` is one of the following values: `OnZendeskTicketCreate` | `OnZendeskTicketStatusUpdate` | `OnSalesforceCaseCreate`", + "title": "TaskActions", + "type": "array" + }, + "UpdateCaseActions": { + "items": { + "$ref": "#/definitions/AWS::Connect::Rule.UpdateCaseAction" + }, + "markdownDescription": "", + "title": "UpdateCaseActions", + "type": "array" } }, - "required": [ - "Key" - ], "type": "object" }, - "AWS::DataPipeline::Pipeline.ParameterAttribute": { + "AWS::Connect::Rule.CreateCaseAction": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The field identifier.", - "title": "Key", - "type": "string" - }, - "StringValue": { - "markdownDescription": "The field value, expressed as a String.", - "title": "StringValue", - "type": "string" - } + "Fields": { + "items": { + "$ref": "#/definitions/AWS::Connect::Rule.Field" + }, + "markdownDescription": "", + "title": "Fields", + "type": "array" + }, + "TemplateId": { + "markdownDescription": "", + "title": "TemplateId", + "type": "string" + } }, "required": [ - "Key", - "StringValue" + "Fields", + "TemplateId" ], "type": "object" }, - "AWS::DataPipeline::Pipeline.ParameterObject": { + "AWS::Connect::Rule.EventBridgeAction": { "additionalProperties": false, "properties": { - "Attributes": { - "items": { - "$ref": "#/definitions/AWS::DataPipeline::Pipeline.ParameterAttribute" - }, - "markdownDescription": "The attributes of the parameter object.", - "title": "Attributes", - "type": "array" - }, - "Id": { - "markdownDescription": "The ID of the parameter object.", - "title": "Id", + "Name": { + "markdownDescription": "The name.", + "title": "Name", "type": "string" } }, "required": [ - "Attributes", - "Id" + "Name" ], "type": "object" }, - "AWS::DataPipeline::Pipeline.ParameterValue": { + "AWS::Connect::Rule.Field": { "additionalProperties": false, "properties": { "Id": { - "markdownDescription": "The ID of the parameter value.", + "markdownDescription": "", "title": "Id", "type": "string" }, - "StringValue": { - "markdownDescription": "The field value, expressed as a String.", - "title": "StringValue", - "type": "string" + "Value": { + "$ref": "#/definitions/AWS::Connect::Rule.FieldValue", + "markdownDescription": "", + "title": "Value" } }, "required": [ "Id", - "StringValue" + "Value" ], "type": "object" }, - "AWS::DataPipeline::Pipeline.PipelineObject": { + "AWS::Connect::Rule.FieldValue": { "additionalProperties": false, "properties": { - "Fields": { + "BooleanValue": { + "markdownDescription": "", + "title": "BooleanValue", + "type": "boolean" + }, + "DoubleValue": { + "markdownDescription": "", + "title": "DoubleValue", + "type": "number" + }, + "EmptyValue": { + "markdownDescription": "", + "title": "EmptyValue", + "type": "object" + }, + "StringValue": { + "markdownDescription": "", + "title": "StringValue", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Connect::Rule.NotificationRecipientType": { + "additionalProperties": false, + "properties": { + "UserArns": { "items": { - "$ref": "#/definitions/AWS::DataPipeline::Pipeline.Field" + "type": "string" }, - "markdownDescription": "Key-value pairs that define the properties of the object.", - "title": "Fields", + "markdownDescription": "The Amazon Resource Name (ARN) of the user account.", + "title": "UserArns", "type": "array" }, - "Id": { - "markdownDescription": "The ID of the object.", - "title": "Id", + "UserTags": { + "additionalProperties": true, + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }. Amazon Connect users with the specified tags will be notified.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "UserTags", + "type": "object" + } + }, + "type": "object" + }, + "AWS::Connect::Rule.Reference": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "The type of the reference. `DATE` must be of type Epoch timestamp.\n\n*Allowed values* : `URL` | `ATTACHMENT` | `NUMBER` | `STRING` | `DATE` | `EMAIL`", + "title": "Type", "type": "string" }, - "Name": { - "markdownDescription": "The name of the object.", - "title": "Name", + "Value": { + "markdownDescription": "A valid value for the reference. For example, for a URL reference, a formatted URL that is displayed to an agent in the Contact Control Panel (CCP).", + "title": "Value", "type": "string" } }, "required": [ - "Fields", - "Id", - "Name" + "Type", + "Value" ], "type": "object" }, - "AWS::DataPipeline::Pipeline.PipelineTag": { + "AWS::Connect::Rule.RuleTriggerEventSource": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The key name of a tag.", - "title": "Key", + "EventSourceName": { + "markdownDescription": "The name of the event source.", + "title": "EventSourceName", "type": "string" }, - "Value": { - "markdownDescription": "The value to associate with the key name.", - "title": "Value", + "IntegrationAssociationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the integration association. `IntegrationAssociationArn` is required if `TriggerEventSource` is one of the following values: `OnZendeskTicketCreate` | `OnZendeskTicketStatusUpdate` | `OnSalesforceCaseCreate`", + "title": "IntegrationAssociationArn", "type": "string" } }, "required": [ - "Key", - "Value" + "EventSourceName" ], "type": "object" }, - "AWS::DataSync::Agent": { + "AWS::Connect::Rule.SendNotificationAction": { + "additionalProperties": false, + "properties": { + "Content": { + "markdownDescription": "Notification content. Supports variable injection. For more information, see [JSONPath reference](https://docs.aws.amazon.com/connect/latest/adminguide/contact-lens-variable-injection.html) in the *Amazon Connect Administrators Guide* .", + "title": "Content", + "type": "string" + }, + "ContentType": { + "markdownDescription": "Content type format.\n\n*Allowed value* : `PLAIN_TEXT`", + "title": "ContentType", + "type": "string" + }, + "DeliveryMethod": { + "markdownDescription": "Notification delivery method.\n\n*Allowed value* : `EMAIL`", + "title": "DeliveryMethod", + "type": "string" + }, + "Recipient": { + "$ref": "#/definitions/AWS::Connect::Rule.NotificationRecipientType", + "markdownDescription": "Notification recipient.", + "title": "Recipient" + }, + "Subject": { + "markdownDescription": "The subject of the email if the delivery method is `EMAIL` . Supports variable injection. For more information, see [JSONPath reference](https://docs.aws.amazon.com/connect/latest/adminguide/contact-lens-variable-injection.html) in the *Amazon Connect Administrators Guide* .", + "title": "Subject", + "type": "string" + } + }, + "required": [ + "Content", + "ContentType", + "DeliveryMethod", + "Recipient" + ], + "type": "object" + }, + "AWS::Connect::Rule.SubmitAutoEvaluationAction": { + "additionalProperties": false, + "properties": { + "EvaluationFormArn": { + "markdownDescription": "", + "title": "EvaluationFormArn", + "type": "string" + } + }, + "required": [ + "EvaluationFormArn" + ], + "type": "object" + }, + "AWS::Connect::Rule.TaskAction": { + "additionalProperties": false, + "properties": { + "ContactFlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", + "title": "ContactFlowArn", + "type": "string" + }, + "Description": { + "markdownDescription": "The description. Supports variable injection. For more information, see [JSONPath reference](https://docs.aws.amazon.com/connect/latest/adminguide/contact-lens-variable-injection.html) in the *Amazon Connect Administrators Guide* .", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name. Supports variable injection. For more information, see [JSONPath reference](https://docs.aws.amazon.com/connect/latest/adminguide/contact-lens-variable-injection.html) in the *Amazon Connect Administrators Guide* .", + "title": "Name", + "type": "string" + }, + "References": { + "additionalProperties": false, + "markdownDescription": "Information about the reference when the `referenceType` is `URL` . Otherwise, null. `URL` is the only accepted type. (Supports variable injection in the `Value` field.)", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::Connect::Rule.Reference" + } + }, + "title": "References", + "type": "object" + } + }, + "required": [ + "ContactFlowArn", + "Name" + ], + "type": "object" + }, + "AWS::Connect::Rule.UpdateCaseAction": { + "additionalProperties": false, + "properties": { + "Fields": { + "items": { + "$ref": "#/definitions/AWS::Connect::Rule.Field" + }, + "markdownDescription": "", + "title": "Fields", + "type": "array" + } + }, + "required": [ + "Fields" + ], + "type": "object" + }, + "AWS::Connect::SecurityKey": { "additionalProperties": false, "properties": { "Condition": { @@ -61436,51 +67093,26 @@ "Properties": { "additionalProperties": false, "properties": { - "ActivationKey": { - "markdownDescription": "Specifies your DataSync agent's activation key. If you don't have an activation key, see [Activating your agent](https://docs.aws.amazon.com/datasync/latest/userguide/activate-agent.html) .", - "title": "ActivationKey", - "type": "string" - }, - "AgentName": { - "markdownDescription": "Specifies a name for your agent. We recommend specifying a name that you can remember.", - "title": "AgentName", + "InstanceId": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance.\n\n*Minimum* : `1`\n\n*Maximum* : `100`", + "title": "InstanceId", "type": "string" }, - "SecurityGroupArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Names (ARNs) of the security groups used to protect your data transfer task subnets. See [SecurityGroupArns](https://docs.aws.amazon.com/datasync/latest/userguide/API_Ec2Config.html#DataSync-Type-Ec2Config-SecurityGroupArns) .\n\n*Pattern* : `^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):ec2:[a-z\\-0-9]*:[0-9]{12}:security-group/.*$`", - "title": "SecurityGroupArns", - "type": "array" - }, - "SubnetArns": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the ARN of the subnet where your VPC service endpoint is located. You can only specify one ARN.", - "title": "SubnetArns", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least one tag for your agent.", - "title": "Tags", - "type": "array" - }, - "VpcEndpointId": { - "markdownDescription": "The ID of the virtual private cloud (VPC) endpoint that the agent has access to. This is the client-side VPC endpoint, powered by AWS PrivateLink . If you don't have an AWS PrivateLink VPC endpoint, see [AWS PrivateLink and VPC endpoints](https://docs.aws.amazon.com//vpc/latest/userguide/endpoint-services-overview.html) in the *Amazon VPC User Guide* .\n\nFor more information about activating your agent in a private network based on a VPC, see [Using AWS DataSync in a Virtual Private Cloud](https://docs.aws.amazon.com/datasync/latest/userguide/datasync-in-vpc.html) in the *AWS DataSync User Guide.*\n\nA VPC endpoint ID looks like this: `vpce-01234d5aff67890e1` .", - "title": "VpcEndpointId", + "Key": { + "markdownDescription": "A valid security key in PEM format. For example:\n\n`\"-----BEGIN PUBLIC KEY-----\\ [a lot of characters] ----END PUBLIC KEY-----\"`\n\n*Minimum* : `1`\n\n*Maximum* : `1024`", + "title": "Key", "type": "string" } }, + "required": [ + "InstanceId", + "Key" + ], "type": "object" }, "Type": { "enum": [ - "AWS::DataSync::Agent" + "AWS::Connect::SecurityKey" ], "type": "string" }, @@ -61494,11 +67126,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::DataSync::LocationAzureBlob": { + "AWS::Connect::SecurityProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -61533,62 +67166,84 @@ "Properties": { "additionalProperties": false, "properties": { - "AgentArns": { + "AllowedAccessControlHierarchyGroupId": { + "markdownDescription": "The identifier of the hierarchy group that a security profile uses to restrict access to resources in Amazon Connect.", + "title": "AllowedAccessControlHierarchyGroupId", + "type": "string" + }, + "AllowedAccessControlTags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "(Optional) Specifies the Amazon Resource Name (ARN) of the DataSync agent that can connect with your Azure Blob Storage container. If you are setting up an agentless cross-cloud transfer, you do not need to specify a value for this parameter.\n\nYou can specify more than one agent. For more information, see [Using multiple agents for your transfer](https://docs.aws.amazon.com/datasync/latest/userguide/multiple-agents.html) .\n\n> Make sure you configure this parameter correctly when you first create your storage location. You cannot add or remove agents from a storage location after you create it.", - "title": "AgentArns", + "markdownDescription": "The list of tags that a security profile uses to restrict access to resources in Amazon Connect.", + "title": "AllowedAccessControlTags", "type": "array" }, - "AzureAccessTier": { - "markdownDescription": "Specifies the access tier that you want your objects or files transferred into. This only applies when using the location as a transfer destination. For more information, see [Access tiers](https://docs.aws.amazon.com/datasync/latest/userguide/creating-azure-blob-location.html#azure-blob-access-tiers) .", - "title": "AzureAccessTier", - "type": "string" + "Applications": { + "items": { + "$ref": "#/definitions/AWS::Connect::SecurityProfile.Application" + }, + "markdownDescription": "", + "title": "Applications", + "type": "array" }, - "AzureBlobAuthenticationType": { - "markdownDescription": "Specifies the authentication method DataSync uses to access your Azure Blob Storage. DataSync can access blob storage using a shared access signature (SAS).", - "title": "AzureBlobAuthenticationType", + "Description": { + "markdownDescription": "The description of the security profile.", + "title": "Description", "type": "string" }, - "AzureBlobContainerUrl": { - "markdownDescription": "Specifies the URL of the Azure Blob Storage container involved in your transfer.", - "title": "AzureBlobContainerUrl", + "HierarchyRestrictedResources": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of resources that a security profile applies hierarchy restrictions to in Amazon Connect. Following are acceptable ResourceNames: `User` .", + "title": "HierarchyRestrictedResources", + "type": "array" + }, + "InstanceArn": { + "markdownDescription": "The identifier of the Amazon Connect instance.", + "title": "InstanceArn", "type": "string" }, - "AzureBlobSasConfiguration": { - "$ref": "#/definitions/AWS::DataSync::LocationAzureBlob.AzureBlobSasConfiguration", - "markdownDescription": "Specifies the SAS configuration that allows DataSync to access your Azure Blob Storage.\n\n> If you provide an authentication token using `SasConfiguration` , but do not provide secret configuration details using `CmkSecretConfig` or `CustomSecretConfig` , then DataSync stores the token using your AWS account's secrets manager secret.", - "title": "AzureBlobSasConfiguration" + "Permissions": { + "items": { + "type": "string" + }, + "markdownDescription": "Permissions assigned to the security profile. For a list of valid permissions, see [List of security profile permissions](https://docs.aws.amazon.com/connect/latest/adminguide/security-profile-list.html) .", + "title": "Permissions", + "type": "array" }, - "AzureBlobType": { - "markdownDescription": "Specifies the type of blob that you want your objects or files to be when transferring them into Azure Blob Storage. Currently, DataSync only supports moving data into Azure Blob Storage as block blobs. For more information on blob types, see the [Azure Blob Storage documentation](https://docs.aws.amazon.com/https://learn.microsoft.com/en-us/rest/api/storageservices/understanding-block-blobs--append-blobs--and-page-blobs) .", - "title": "AzureBlobType", + "SecurityProfileName": { + "markdownDescription": "The name for the security profile.", + "title": "SecurityProfileName", "type": "string" }, - "Subdirectory": { - "markdownDescription": "Specifies path segments if you want to limit your transfer to a virtual directory in your container (for example, `/my/images` ).", - "title": "Subdirectory", - "type": "string" + "TagRestrictedResources": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of resources that a security profile applies tag restrictions to in Amazon Connect.", + "title": "TagRestrictedResources", + "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your transfer location.", + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"Tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" } }, "required": [ - "AgentArns", - "AzureBlobAuthenticationType" + "InstanceArn", + "SecurityProfileName" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataSync::LocationAzureBlob" + "AWS::Connect::SecurityProfile" ], "type": "string" }, @@ -61607,21 +67262,30 @@ ], "type": "object" }, - "AWS::DataSync::LocationAzureBlob.AzureBlobSasConfiguration": { + "AWS::Connect::SecurityProfile.Application": { "additionalProperties": false, "properties": { - "AzureBlobSasToken": { - "markdownDescription": "Specifies a SAS token that provides permissions to access your Azure Blob Storage.\n\nThe token is part of the SAS URI string that comes after the storage resource URI and a question mark. A token looks something like this:\n\n`sp=r&st=2023-12-20T14:54:52Z&se=2023-12-20T22:54:52Z&spr=https&sv=2021-06-08&sr=c&sig=aBBKDWQvyuVcTPH9EBp%2FXTI9E%2F%2Fmq171%2BZU178wcwqU%3D`", - "title": "AzureBlobSasToken", + "ApplicationPermissions": { + "items": { + "type": "string" + }, + "markdownDescription": "The permissions that the agent is granted on the application. Only the `ACCESS` permission is supported.", + "title": "ApplicationPermissions", + "type": "array" + }, + "Namespace": { + "markdownDescription": "Namespace of the application that you want to give access to.", + "title": "Namespace", "type": "string" } }, "required": [ - "AzureBlobSasToken" + "ApplicationPermissions", + "Namespace" ], "type": "object" }, - "AWS::DataSync::LocationEFS": { + "AWS::Connect::TaskTemplate": { "additionalProperties": false, "properties": { "Condition": { @@ -61656,53 +67320,79 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessPointArn": { - "markdownDescription": "Specifies the Amazon Resource Name (ARN) of the access point that DataSync uses to mount your Amazon EFS file system.\n\nFor more information, see [Accessing restricted file systems](https://docs.aws.amazon.com/datasync/latest/userguide/create-efs-location.html#create-efs-location-iam) .", - "title": "AccessPointArn", + "ClientToken": { + "markdownDescription": "A unique, case-sensitive identifier that you provide to ensure the idempotency of the request.", + "title": "ClientToken", "type": "string" }, - "Ec2Config": { - "$ref": "#/definitions/AWS::DataSync::LocationEFS.Ec2Config", - "markdownDescription": "Specifies the subnet and security groups DataSync uses to connect to one of your Amazon EFS file system's [mount targets](https://docs.aws.amazon.com/efs/latest/ug/accessing-fs.html) .", - "title": "Ec2Config" + "Constraints": { + "$ref": "#/definitions/AWS::Connect::TaskTemplate.Constraints", + "markdownDescription": "Constraints that are applicable to the fields listed.\n\nThe values can be represented in either JSON or YAML format. For an example of the JSON configuration, see *Examples* at the bottom of this page.", + "title": "Constraints" }, - "EfsFilesystemArn": { - "markdownDescription": "Specifies the ARN for your Amazon EFS file system.", - "title": "EfsFilesystemArn", + "ContactFlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the flow that runs by default when a task is created by referencing this template. `ContactFlowArn` is not required when there is a field with `fieldType` = `QUICK_CONNECT` .", + "title": "ContactFlowArn", "type": "string" }, - "FileSystemAccessRoleArn": { - "markdownDescription": "Specifies an AWS Identity and Access Management (IAM) role that allows DataSync to access your Amazon EFS file system.\n\nFor information on creating this role, see [Creating a DataSync IAM role for file system access](https://docs.aws.amazon.com/datasync/latest/userguide/create-efs-location.html#create-efs-location-iam-role) .", - "title": "FileSystemAccessRoleArn", + "Defaults": { + "items": { + "$ref": "#/definitions/AWS::Connect::TaskTemplate.DefaultFieldValue" + }, + "markdownDescription": "The default values for fields when a task is created by referencing this template.", + "title": "Defaults", + "type": "array" + }, + "Description": { + "markdownDescription": "The description of the task template.", + "title": "Description", "type": "string" }, - "InTransitEncryption": { - "markdownDescription": "Specifies whether you want DataSync to use Transport Layer Security (TLS) 1.2 encryption when it transfers data to or from your Amazon EFS file system.\n\nIf you specify an access point using `AccessPointArn` or an IAM role using `FileSystemAccessRoleArn` , you must set this parameter to `TLS1_2` .", - "title": "InTransitEncryption", + "Fields": { + "items": { + "$ref": "#/definitions/AWS::Connect::TaskTemplate.Field" + }, + "markdownDescription": "Fields that are part of the template. A template requires at least one field that has type `Name` .", + "title": "Fields", + "type": "array" + }, + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Connect instance.", + "title": "InstanceArn", "type": "string" }, - "Subdirectory": { - "markdownDescription": "Specifies a mount path for your Amazon EFS file system. This is where DataSync reads or writes data on your file system (depending on if this is a source or destination location).\n\nBy default, DataSync uses the root directory (or [access point](https://docs.aws.amazon.com/efs/latest/ug/efs-access-points.html) if you provide one by using `AccessPointArn` ). You can also include subdirectories using forward slashes (for example, `/path/to/folder` ).", - "title": "Subdirectory", + "Name": { + "markdownDescription": "The name of the task template.", + "title": "Name", + "type": "string" + }, + "SelfAssignContactFlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", + "title": "SelfAssignContactFlowArn", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the task template.", + "title": "Status", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Specifies the key-value pair that represents a tag that you want to add to the resource. The value can be an empty string. This value helps you manage, filter, and search for your resources. We recommend that you create a name tag for your location.", + "markdownDescription": "The tags used to organize, track, or control access for this resource.", "title": "Tags", "type": "array" } }, "required": [ - "Ec2Config" + "InstanceArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataSync::LocationEFS" + "AWS::Connect::TaskTemplate" ], "type": "string" }, @@ -61721,30 +67411,146 @@ ], "type": "object" }, - "AWS::DataSync::LocationEFS.Ec2Config": { + "AWS::Connect::TaskTemplate.Constraints": { "additionalProperties": false, "properties": { - "SecurityGroupArns": { + "InvisibleFields": { + "items": { + "$ref": "#/definitions/AWS::Connect::TaskTemplate.InvisibleFieldInfo" + }, + "markdownDescription": "Lists the fields that are invisible to agents.", + "title": "InvisibleFields", + "type": "array" + }, + "ReadOnlyFields": { + "items": { + "$ref": "#/definitions/AWS::Connect::TaskTemplate.ReadOnlyFieldInfo" + }, + "markdownDescription": "Lists the fields that are read-only to agents, and cannot be edited.", + "title": "ReadOnlyFields", + "type": "array" + }, + "RequiredFields": { + "items": { + "$ref": "#/definitions/AWS::Connect::TaskTemplate.RequiredFieldInfo" + }, + "markdownDescription": "Lists the fields that are required to be filled by agents.", + "title": "RequiredFields", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Connect::TaskTemplate.DefaultFieldValue": { + "additionalProperties": false, + "properties": { + "DefaultValue": { + "markdownDescription": "Default value for the field.", + "title": "DefaultValue", + "type": "string" + }, + "Id": { + "$ref": "#/definitions/AWS::Connect::TaskTemplate.FieldIdentifier", + "markdownDescription": "Identifier of a field.", + "title": "Id" + } + }, + "required": [ + "DefaultValue", + "Id" + ], + "type": "object" + }, + "AWS::Connect::TaskTemplate.Field": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the field.", + "title": "Description", + "type": "string" + }, + "Id": { + "$ref": "#/definitions/AWS::Connect::TaskTemplate.FieldIdentifier", + "markdownDescription": "The unique identifier for the field.", + "title": "Id" + }, + "SingleSelectOptions": { "items": { "type": "string" }, - "markdownDescription": "Specifies the Amazon Resource Names (ARNs) of the security groups associated with an Amazon EFS file system's mount target.", - "title": "SecurityGroupArns", + "markdownDescription": "A list of options for a single select field.", + "title": "SingleSelectOptions", "type": "array" }, - "SubnetArn": { - "markdownDescription": "Specifies the ARN of a subnet where DataSync creates the [network interfaces](https://docs.aws.amazon.com/datasync/latest/userguide/datasync-network.html#required-network-interfaces) for managing traffic during your transfer.\n\nThe subnet must be located:\n\n- In the same virtual private cloud (VPC) as the Amazon EFS file system.\n- In the same Availability Zone as at least one mount target for the Amazon EFS file system.\n\n> You don't need to specify a subnet that includes a file system mount target.", - "title": "SubnetArn", + "Type": { + "markdownDescription": "Indicates the type of field. Following are the valid field types: `NAME` `DESCRIPTION` | `SCHEDULED_TIME` | `QUICK_CONNECT` | `URL` | `NUMBER` | `TEXT` | `TEXT_AREA` | `DATE_TIME` | `BOOLEAN` | `SINGLE_SELECT` | `EMAIL`", + "title": "Type", "type": "string" } }, "required": [ - "SecurityGroupArns", - "SubnetArn" + "Id", + "Type" ], "type": "object" }, - "AWS::DataSync::LocationFSxLustre": { + "AWS::Connect::TaskTemplate.FieldIdentifier": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the task template field.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::Connect::TaskTemplate.InvisibleFieldInfo": { + "additionalProperties": false, + "properties": { + "Id": { + "$ref": "#/definitions/AWS::Connect::TaskTemplate.FieldIdentifier", + "markdownDescription": "Identifier of the invisible field.", + "title": "Id" + } + }, + "required": [ + "Id" + ], + "type": "object" + }, + "AWS::Connect::TaskTemplate.ReadOnlyFieldInfo": { + "additionalProperties": false, + "properties": { + "Id": { + "$ref": "#/definitions/AWS::Connect::TaskTemplate.FieldIdentifier", + "markdownDescription": "Identifier of the read-only field.", + "title": "Id" + } + }, + "required": [ + "Id" + ], + "type": "object" + }, + "AWS::Connect::TaskTemplate.RequiredFieldInfo": { + "additionalProperties": false, + "properties": { + "Id": { + "$ref": "#/definitions/AWS::Connect::TaskTemplate.FieldIdentifier", + "markdownDescription": "The unique identifier for the field.", + "title": "Id" + } + }, + "required": [ + "Id" + ], + "type": "object" + }, + "AWS::Connect::TrafficDistributionGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -61779,41 +67585,39 @@ "Properties": { "additionalProperties": false, "properties": { - "FsxFilesystemArn": { - "markdownDescription": "Specifies the Amazon Resource Name (ARN) of the FSx for Lustre file system.", - "title": "FsxFilesystemArn", + "Description": { + "markdownDescription": "The description of the traffic distribution group.", + "title": "Description", "type": "string" }, - "SecurityGroupArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The ARNs of the security groups that are used to configure the FSx for Lustre file system.\n\n*Pattern* : `^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):ec2:[a-z\\-0-9]*:[0-9]{12}:security-group/.*$`\n\n*Length constraints* : Maximum length of 128.", - "title": "SecurityGroupArns", - "type": "array" + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN).", + "title": "InstanceArn", + "type": "string" }, - "Subdirectory": { - "markdownDescription": "Specifies a mount path for your FSx for Lustre file system. The path can include subdirectories.\n\nWhen the location is used as a source, DataSync reads data from the mount path. When the location is used as a destination, DataSync writes data to the mount path. If you don't include this parameter, DataSync uses the file system's root directory ( `/` ).", - "title": "Subdirectory", + "Name": { + "markdownDescription": "The name of the traffic distribution group.", + "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your location.", + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, {\"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" } }, "required": [ - "SecurityGroupArns" + "InstanceArn", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataSync::LocationFSxLustre" + "AWS::Connect::TrafficDistributionGroup" ], "type": "string" }, @@ -61832,7 +67636,7 @@ ], "type": "object" }, - "AWS::DataSync::LocationFSxONTAP": { + "AWS::Connect::User": { "additionalProperties": false, "properties": { "Condition": { @@ -61867,47 +67671,83 @@ "Properties": { "additionalProperties": false, "properties": { - "Protocol": { - "$ref": "#/definitions/AWS::DataSync::LocationFSxONTAP.Protocol", - "markdownDescription": "Specifies the data transfer protocol that DataSync uses to access your Amazon FSx file system.", - "title": "Protocol" + "DirectoryUserId": { + "markdownDescription": "The identifier of the user account in the directory used for identity management.", + "title": "DirectoryUserId", + "type": "string" }, - "SecurityGroupArns": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the Amazon Resource Names (ARNs) of the security groups that DataSync can use to access your FSx for ONTAP file system. You must configure the security groups to allow outbound traffic on the following ports (depending on the protocol that you're using):\n\n- *Network File System (NFS)* : TCP ports 111, 635, and 2049\n- *Server Message Block (SMB)* : TCP port 445\n\nYour file system's security groups must also allow inbound traffic on the same port.", - "title": "SecurityGroupArns", - "type": "array" + "HierarchyGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the user's hierarchy group.", + "title": "HierarchyGroupArn", + "type": "string" }, - "StorageVirtualMachineArn": { - "markdownDescription": "Specifies the ARN of the storage virtual machine (SVM) in your file system where you want to copy data to or from.", - "title": "StorageVirtualMachineArn", + "IdentityInfo": { + "$ref": "#/definitions/AWS::Connect::User.UserIdentityInfo", + "markdownDescription": "Information about the user identity.", + "title": "IdentityInfo" + }, + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", + "title": "InstanceArn", "type": "string" }, - "Subdirectory": { - "markdownDescription": "Specifies a path to the file share in the SVM where you want to transfer data to or from.\n\nYou can specify a junction path (also known as a mount point), qtree path (for NFS file shares), or share name (for SMB file shares). For example, your mount path might be `/vol1` , `/vol1/tree1` , or `/share1` .\n\n> Don't specify a junction path in the SVM's root volume. For more information, see [Managing FSx for ONTAP storage virtual machines](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-svms.html) in the *Amazon FSx for NetApp ONTAP User Guide* .", - "title": "Subdirectory", + "Password": { + "markdownDescription": "The user's password.", + "title": "Password", + "type": "string" + }, + "PhoneConfig": { + "$ref": "#/definitions/AWS::Connect::User.UserPhoneConfig", + "markdownDescription": "Information about the phone configuration for the user.", + "title": "PhoneConfig" + }, + "RoutingProfileArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the user's routing profile.", + "title": "RoutingProfileArn", "type": "string" }, + "SecurityProfileArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Name (ARN) of the user's security profile.", + "title": "SecurityProfileArns", + "type": "array" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your location.", + "markdownDescription": "The tags.", "title": "Tags", "type": "array" + }, + "UserProficiencies": { + "items": { + "$ref": "#/definitions/AWS::Connect::User.UserProficiency" + }, + "markdownDescription": "One or more predefined attributes assigned to a user, with a numeric value that indicates how their level of skill in a specified area.", + "title": "UserProficiencies", + "type": "array" + }, + "Username": { + "markdownDescription": "The user name assigned to the user account.", + "title": "Username", + "type": "string" } }, "required": [ - "SecurityGroupArns", - "StorageVirtualMachineArn" + "InstanceArn", + "PhoneConfig", + "RoutingProfileArn", + "SecurityProfileArns", + "Username" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataSync::LocationFSxONTAP" + "AWS::Connect::User" ], "type": "string" }, @@ -61926,90 +67766,93 @@ ], "type": "object" }, - "AWS::DataSync::LocationFSxONTAP.NFS": { - "additionalProperties": false, - "properties": { - "MountOptions": { - "$ref": "#/definitions/AWS::DataSync::LocationFSxONTAP.NfsMountOptions", - "markdownDescription": "Specifies how DataSync can access a location using the NFS protocol.", - "title": "MountOptions" - } - }, - "required": [ - "MountOptions" - ], - "type": "object" - }, - "AWS::DataSync::LocationFSxONTAP.NfsMountOptions": { + "AWS::Connect::User.UserIdentityInfo": { "additionalProperties": false, "properties": { - "Version": { - "markdownDescription": "Specifies the NFS version that you want DataSync to use when mounting your NFS share. If the server refuses to use the version specified, the task fails.\n\nYou can specify the following options:\n\n- `AUTOMATIC` (default): DataSync chooses NFS version 4.1.\n- `NFS3` : Stateless protocol version that allows for asynchronous writes on the server.\n- `NFSv4_0` : Stateful, firewall-friendly protocol version that supports delegations and pseudo file systems.\n- `NFSv4_1` : Stateful protocol version that supports sessions, directory delegations, and parallel data processing. NFS version 4.1 also includes all features available in version 4.0.\n\n> DataSync currently only supports NFS version 3 with Amazon FSx for NetApp ONTAP locations.", - "title": "Version", + "Email": { + "markdownDescription": "The email address. If you are using SAML for identity management and include this parameter, an error is returned.", + "title": "Email", "type": "string" - } - }, - "type": "object" - }, - "AWS::DataSync::LocationFSxONTAP.Protocol": { - "additionalProperties": false, - "properties": { - "NFS": { - "$ref": "#/definitions/AWS::DataSync::LocationFSxONTAP.NFS", - "markdownDescription": "Specifies the Network File System (NFS) protocol configuration that DataSync uses to access your FSx for ONTAP file system's storage virtual machine (SVM).", - "title": "NFS" }, - "SMB": { - "$ref": "#/definitions/AWS::DataSync::LocationFSxONTAP.SMB", - "markdownDescription": "Specifies the Server Message Block (SMB) protocol configuration that DataSync uses to access your FSx for ONTAP file system's SVM.", - "title": "SMB" + "FirstName": { + "markdownDescription": "The first name. This is required if you are using Amazon Connect or SAML for identity management. Inputs must be in Unicode Normalization Form C (NFC). Text containing characters in a non-NFC form (for example, decomposed characters or combining marks) are not accepted.", + "title": "FirstName", + "type": "string" + }, + "LastName": { + "markdownDescription": "The last name. This is required if you are using Amazon Connect or SAML for identity management. Inputs must be in Unicode Normalization Form C (NFC). Text containing characters in a non-NFC form (for example, decomposed characters or combining marks) are not accepted.", + "title": "LastName", + "type": "string" + }, + "Mobile": { + "markdownDescription": "The user's mobile number.", + "title": "Mobile", + "type": "string" + }, + "SecondaryEmail": { + "markdownDescription": "The user's secondary email address. If you provide a secondary email, the user receives email notifications -- other than password reset notifications -- to this email address instead of to their primary email address.\n\n*Pattern* : `(?=^.{0,265}$)[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,63}`", + "title": "SecondaryEmail", + "type": "string" } }, "type": "object" }, - "AWS::DataSync::LocationFSxONTAP.SMB": { + "AWS::Connect::User.UserPhoneConfig": { "additionalProperties": false, "properties": { - "Domain": { - "markdownDescription": "Specifies the name of the Windows domain that your storage virtual machine (SVM) belongs to.\n\nIf you have multiple domains in your environment, configuring this setting makes sure that DataSync connects to the right SVM.\n\nIf you have multiple Active Directory domains in your environment, configuring this parameter makes sure that DataSync connects to the right SVM.", - "title": "Domain", - "type": "string" + "AfterContactWorkTimeLimit": { + "markdownDescription": "The After Call Work (ACW) timeout setting, in seconds. This parameter has a minimum value of 0 and a maximum value of 2,000,000 seconds (24 days). Enter 0 if you don't want to allocate a specific amount of ACW time. It essentially means an indefinite amount of time. When the conversation ends, ACW starts; the agent must choose Close contact to end ACW.\n\n> When returned by a `SearchUsers` call, `AfterContactWorkTimeLimit` is returned in milliseconds.", + "title": "AfterContactWorkTimeLimit", + "type": "number" }, - "MountOptions": { - "$ref": "#/definitions/AWS::DataSync::LocationFSxONTAP.SmbMountOptions", - "markdownDescription": "Specifies how DataSync can access a location using the SMB protocol.", - "title": "MountOptions" + "AutoAccept": { + "markdownDescription": "The Auto accept setting.", + "title": "AutoAccept", + "type": "boolean" }, - "Password": { - "markdownDescription": "Specifies the password of a user who has permission to access your SVM.", - "title": "Password", + "DeskPhoneNumber": { + "markdownDescription": "The phone number for the user's desk phone.", + "title": "DeskPhoneNumber", "type": "string" }, - "User": { - "markdownDescription": "Specifies a user name that can mount the location and access the files, folders, and metadata that you need in the SVM.\n\nIf you provide a user in your Active Directory, note the following:\n\n- If you're using AWS Directory Service for Microsoft Active Directory , the user must be a member of the AWS Delegated FSx Administrators group.\n- If you're using a self-managed Active Directory, the user must be a member of either the Domain Admins group or a custom group that you specified for file system administration when you created your file system.\n\nMake sure that the user has the permissions it needs to copy the data you want:\n\n- `SE_TCB_NAME` : Required to set object ownership and file metadata. With this privilege, you also can copy NTFS discretionary access lists (DACLs).\n- `SE_SECURITY_NAME` : May be needed to copy NTFS system access control lists (SACLs). This operation specifically requires the Windows privilege, which is granted to members of the Domain Admins group. If you configure your task to copy SACLs, make sure that the user has the required privileges. For information about copying SACLs, see [Ownership and permissions-related options](https://docs.aws.amazon.com/datasync/latest/userguide/create-task.html#configure-ownership-and-permissions) .", - "title": "User", + "PhoneType": { + "markdownDescription": "The phone type.", + "title": "PhoneType", "type": "string" } }, "required": [ - "MountOptions", - "Password", - "User" + "PhoneType" ], "type": "object" }, - "AWS::DataSync::LocationFSxONTAP.SmbMountOptions": { + "AWS::Connect::User.UserProficiency": { "additionalProperties": false, "properties": { - "Version": { - "markdownDescription": "By default, DataSync automatically chooses an SMB protocol version based on negotiation with your SMB file server. You also can configure DataSync to use a specific SMB version, but we recommend doing this only if DataSync has trouble negotiating with the SMB file server automatically.\n\nThese are the following options for configuring the SMB version:\n\n- `AUTOMATIC` (default): DataSync and the SMB file server negotiate the highest version of SMB that they mutually support between 2.1 and 3.1.1.\n\nThis is the recommended option. If you instead choose a specific version that your file server doesn't support, you may get an `Operation Not Supported` error.\n- `SMB3` : Restricts the protocol negotiation to only SMB version 3.0.2.\n- `SMB2` : Restricts the protocol negotiation to only SMB version 2.1.\n- `SMB2_0` : Restricts the protocol negotiation to only SMB version 2.0.\n- `SMB1` : Restricts the protocol negotiation to only SMB version 1.0.\n\n> The `SMB1` option isn't available when [creating an Amazon FSx for NetApp ONTAP location](https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateLocationFsxOntap.html) .", - "title": "Version", + "AttributeName": { + "markdownDescription": "The name of user\u2019s proficiency. You must use a predefined attribute name that is present in the Amazon Connect instance.", + "title": "AttributeName", + "type": "string" + }, + "AttributeValue": { + "markdownDescription": "The value of user\u2019s proficiency. You must use a predefined attribute value that is present in the Amazon Connect instance.", + "title": "AttributeValue", "type": "string" + }, + "Level": { + "markdownDescription": "The level of the proficiency. The valid values are 1, 2, 3, 4 and 5.", + "title": "Level", + "type": "number" } }, + "required": [ + "AttributeName", + "AttributeValue", + "Level" + ], "type": "object" }, - "AWS::DataSync::LocationFSxOpenZFS": { + "AWS::Connect::UserHierarchyGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -62044,47 +67887,39 @@ "Properties": { "additionalProperties": false, "properties": { - "FsxFilesystemArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the FSx for OpenZFS file system.", - "title": "FsxFilesystemArn", + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the user hierarchy group.", + "title": "InstanceArn", "type": "string" }, - "Protocol": { - "$ref": "#/definitions/AWS::DataSync::LocationFSxOpenZFS.Protocol", - "markdownDescription": "The type of protocol that AWS DataSync uses to access your file system.", - "title": "Protocol" - }, - "SecurityGroupArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The ARNs of the security groups that are used to configure the FSx for OpenZFS file system.\n\n*Pattern* : `^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):ec2:[a-z\\-0-9]*:[0-9]{12}:security-group/.*$`\n\n*Length constraints* : Maximum length of 128.", - "title": "SecurityGroupArns", - "type": "array" + "Name": { + "markdownDescription": "The name of the user hierarchy group.", + "title": "Name", + "type": "string" }, - "Subdirectory": { - "markdownDescription": "A subdirectory in the location's path that must begin with `/fsx` . DataSync uses this subdirectory to read or write data (depending on whether the file system is a source or destination location).", - "title": "Subdirectory", + "ParentGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the parent group.", + "title": "ParentGroupArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The key-value pair that represents a tag that you want to add to the resource. The value can be an empty string. This value helps you manage, filter, and search for your resources. We recommend that you create a name tag for your location.", + "markdownDescription": "An array of key-value pairs to apply to this resource.", "title": "Tags", "type": "array" } }, "required": [ - "Protocol", - "SecurityGroupArns" + "InstanceArn", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataSync::LocationFSxOpenZFS" + "AWS::Connect::UserHierarchyGroup" ], "type": "string" }, @@ -62103,43 +67938,7 @@ ], "type": "object" }, - "AWS::DataSync::LocationFSxOpenZFS.MountOptions": { - "additionalProperties": false, - "properties": { - "Version": { - "markdownDescription": "The specific NFS version that you want DataSync to use to mount your NFS share. If the server refuses to use the version specified, the sync will fail. If you don't specify a version, DataSync defaults to `AUTOMATIC` . That is, DataSync automatically selects a version based on negotiation with the NFS server.\n\nYou can specify the following NFS versions:\n\n- *[NFSv3](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc1813)* : Stateless protocol version that allows for asynchronous writes on the server.\n- *[NFSv4.0](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc3530)* : Stateful, firewall-friendly protocol version that supports delegations and pseudo file systems.\n- *[NFSv4.1](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc5661)* : Stateful protocol version that supports sessions, directory delegations, and parallel data processing. Version 4.1 also includes all features available in version 4.0.", - "title": "Version", - "type": "string" - } - }, - "type": "object" - }, - "AWS::DataSync::LocationFSxOpenZFS.NFS": { - "additionalProperties": false, - "properties": { - "MountOptions": { - "$ref": "#/definitions/AWS::DataSync::LocationFSxOpenZFS.MountOptions", - "markdownDescription": "Represents the mount options that are available for DataSync to access an NFS location.", - "title": "MountOptions" - } - }, - "required": [ - "MountOptions" - ], - "type": "object" - }, - "AWS::DataSync::LocationFSxOpenZFS.Protocol": { - "additionalProperties": false, - "properties": { - "NFS": { - "$ref": "#/definitions/AWS::DataSync::LocationFSxOpenZFS.NFS", - "markdownDescription": "Represents the Network File System (NFS) protocol that DataSync uses to access your FSx for OpenZFS file system.", - "title": "NFS" - } - }, - "type": "object" - }, - "AWS::DataSync::LocationFSxWindows": { + "AWS::Connect::UserHierarchyStructure": { "additionalProperties": false, "properties": { "Condition": { @@ -62174,57 +67973,25 @@ "Properties": { "additionalProperties": false, "properties": { - "Domain": { - "markdownDescription": "Specifies the name of the Windows domain that the FSx for Windows File Server file system belongs to.\n\nIf you have multiple Active Directory domains in your environment, configuring this parameter makes sure that DataSync connects to the right file system.", - "title": "Domain", - "type": "string" - }, - "FsxFilesystemArn": { - "markdownDescription": "Specifies the Amazon Resource Name (ARN) for the FSx for Windows File Server file system.", - "title": "FsxFilesystemArn", - "type": "string" - }, - "Password": { - "markdownDescription": "Specifies the password of the user with the permissions to mount and access the files, folders, and file metadata in your FSx for Windows File Server file system.", - "title": "Password", - "type": "string" - }, - "SecurityGroupArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Names (ARNs) of the security groups that are used to configure the FSx for Windows File Server file system.\n\n*Pattern* : `^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):ec2:[a-z\\-0-9]*:[0-9]{12}:security-group/.*$`\n\n*Length constraints* : Maximum length of 128.", - "title": "SecurityGroupArns", - "type": "array" - }, - "Subdirectory": { - "markdownDescription": "Specifies a mount path for your file system using forward slashes. This is where DataSync reads or writes data (depending on if this is a source or destination location).", - "title": "Subdirectory", + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", + "title": "InstanceArn", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your location.", - "title": "Tags", - "type": "array" - }, - "User": { - "markdownDescription": "The user who has the permissions to access files and folders in the FSx for Windows File Server file system.\n\nFor information about choosing a user name that ensures sufficient permissions to files, folders, and metadata, see [user](https://docs.aws.amazon.com/datasync/latest/userguide/create-fsx-location.html#FSxWuser) .", - "title": "User", - "type": "string" + "UserHierarchyStructure": { + "$ref": "#/definitions/AWS::Connect::UserHierarchyStructure.UserHierarchyStructure", + "markdownDescription": "Contains information about a hierarchy structure.", + "title": "UserHierarchyStructure" } }, "required": [ - "SecurityGroupArns", - "User" + "InstanceArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataSync::LocationFSxWindows" + "AWS::Connect::UserHierarchyStructure" ], "type": "string" }, @@ -62243,299 +68010,158 @@ ], "type": "object" }, - "AWS::DataSync::LocationHDFS": { + "AWS::Connect::UserHierarchyStructure.LevelFive": { "additionalProperties": false, "properties": { - "Condition": { + "HierarchyLevelArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the hierarchy level.", + "title": "HierarchyLevelArn", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "HierarchyLevelId": { + "markdownDescription": "The identifier of the hierarchy level.", + "title": "HierarchyLevelId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Name": { + "markdownDescription": "The name of the hierarchy level.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::Connect::UserHierarchyStructure.LevelFour": { + "additionalProperties": false, + "properties": { + "HierarchyLevelArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the hierarchy level.", + "title": "HierarchyLevelArn", + "type": "string" }, - "Metadata": { - "type": "object" + "HierarchyLevelId": { + "markdownDescription": "The identifier of the hierarchy level.", + "title": "HierarchyLevelId", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AgentArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Names (ARNs) of the DataSync agents that can connect to your HDFS cluster.", - "title": "AgentArns", - "type": "array" - }, - "AuthenticationType": { - "markdownDescription": "", - "title": "AuthenticationType", - "type": "string" - }, - "BlockSize": { - "markdownDescription": "The size of data blocks to write into the HDFS cluster. The block size must be a multiple of 512 bytes. The default block size is 128 mebibytes (MiB).", - "title": "BlockSize", - "type": "number" - }, - "KerberosKeytab": { - "markdownDescription": "The Kerberos key table (keytab) that contains mappings between the defined Kerberos principal and the encrypted keys. Provide the base64-encoded file text. If `KERBEROS` is specified for `AuthType` , this value is required.", - "title": "KerberosKeytab", - "type": "string" - }, - "KerberosKrb5Conf": { - "markdownDescription": "The `krb5.conf` file that contains the Kerberos configuration information. You can load the `krb5.conf` by providing a string of the file's contents or an Amazon S3 presigned URL of the file. If `KERBEROS` is specified for `AuthType` , this value is required.", - "title": "KerberosKrb5Conf", - "type": "string" - }, - "KerberosPrincipal": { - "markdownDescription": "The Kerberos principal with access to the files and folders on the HDFS cluster.\n\n> If `KERBEROS` is specified for `AuthenticationType` , this parameter is required.", - "title": "KerberosPrincipal", - "type": "string" - }, - "KmsKeyProviderUri": { - "markdownDescription": "The URI of the HDFS cluster's Key Management Server (KMS).", - "title": "KmsKeyProviderUri", - "type": "string" - }, - "NameNodes": { - "items": { - "$ref": "#/definitions/AWS::DataSync::LocationHDFS.NameNode" - }, - "markdownDescription": "The NameNode that manages the HDFS namespace. The NameNode performs operations such as opening, closing, and renaming files and directories. The NameNode contains the information to map blocks of data to the DataNodes. You can use only one NameNode.", - "title": "NameNodes", - "type": "array" - }, - "QopConfiguration": { - "$ref": "#/definitions/AWS::DataSync::LocationHDFS.QopConfiguration", - "markdownDescription": "The Quality of Protection (QOP) configuration specifies the Remote Procedure Call (RPC) and data transfer protection settings configured on the Hadoop Distributed File System (HDFS) cluster. If `QopConfiguration` isn't specified, `RpcProtection` and `DataTransferProtection` default to `PRIVACY` . If you set `RpcProtection` or `DataTransferProtection` , the other parameter assumes the same value.", - "title": "QopConfiguration" - }, - "ReplicationFactor": { - "markdownDescription": "The number of DataNodes to replicate the data to when writing to the HDFS cluster. By default, data is replicated to three DataNodes.", - "title": "ReplicationFactor", - "type": "number" - }, - "SimpleUser": { - "markdownDescription": "The user name used to identify the client on the host operating system.\n\n> If `SIMPLE` is specified for `AuthenticationType` , this parameter is required.", - "title": "SimpleUser", - "type": "string" - }, - "Subdirectory": { - "markdownDescription": "A subdirectory in the HDFS cluster. This subdirectory is used to read data from or write data to the HDFS cluster. If the subdirectory isn't specified, it will default to `/` .", - "title": "Subdirectory", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The key-value pair that represents the tag that you want to add to the location. The value can be an empty string. We recommend using tags to name your resources.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "AgentArns", - "AuthenticationType", - "NameNodes" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::DataSync::LocationHDFS" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "The name of the hierarchy level.", + "title": "Name", "type": "string" } }, "required": [ - "Type", - "Properties" + "Name" ], "type": "object" }, - "AWS::DataSync::LocationHDFS.NameNode": { + "AWS::Connect::UserHierarchyStructure.LevelOne": { "additionalProperties": false, "properties": { - "Hostname": { - "markdownDescription": "The hostname of the NameNode in the HDFS cluster. This value is the IP address or Domain Name Service (DNS) name of the NameNode. An agent that's installed on-premises uses this hostname to communicate with the NameNode in the network.", - "title": "Hostname", + "HierarchyLevelArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the hierarchy level.", + "title": "HierarchyLevelArn", "type": "string" }, - "Port": { - "markdownDescription": "The port that the NameNode uses to listen to client requests.", - "title": "Port", - "type": "number" + "HierarchyLevelId": { + "markdownDescription": "The identifier of the hierarchy level.", + "title": "HierarchyLevelId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the hierarchy level.", + "title": "Name", + "type": "string" } }, "required": [ - "Hostname", - "Port" + "Name" ], "type": "object" }, - "AWS::DataSync::LocationHDFS.QopConfiguration": { + "AWS::Connect::UserHierarchyStructure.LevelThree": { "additionalProperties": false, "properties": { - "DataTransferProtection": { - "markdownDescription": "The data transfer protection setting configured on the HDFS cluster. This setting corresponds to your `dfs.data.transfer.protection` setting in the `hdfs-site.xml` file on your Hadoop cluster.", - "title": "DataTransferProtection", + "HierarchyLevelArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the hierarchy level.", + "title": "HierarchyLevelArn", "type": "string" }, - "RpcProtection": { - "markdownDescription": "The Remote Procedure Call (RPC) protection setting configured on the HDFS cluster. This setting corresponds to your `hadoop.rpc.protection` setting in your `core-site.xml` file on your Hadoop cluster.", - "title": "RpcProtection", + "HierarchyLevelId": { + "markdownDescription": "", + "title": "HierarchyLevelId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the hierarchy level.", + "title": "Name", "type": "string" } }, + "required": [ + "Name" + ], "type": "object" }, - "AWS::DataSync::LocationNFS": { + "AWS::Connect::UserHierarchyStructure.LevelTwo": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "HierarchyLevelArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the hierarchy level.", + "title": "HierarchyLevelArn", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "MountOptions": { - "$ref": "#/definitions/AWS::DataSync::LocationNFS.MountOptions", - "markdownDescription": "Specifies the options that DataSync can use to mount your NFS file server.", - "title": "MountOptions" - }, - "OnPremConfig": { - "$ref": "#/definitions/AWS::DataSync::LocationNFS.OnPremConfig", - "markdownDescription": "Specifies the Amazon Resource Name (ARN) of the DataSync agent that can connect to your NFS file server.\n\nYou can specify more than one agent. For more information, see [Using multiple DataSync agents](https://docs.aws.amazon.com/datasync/latest/userguide/do-i-need-datasync-agent.html#multiple-agents) .", - "title": "OnPremConfig" - }, - "ServerHostname": { - "markdownDescription": "Specifies the DNS name or IP version 4 address of the NFS file server that your DataSync agent connects to.", - "title": "ServerHostname", - "type": "string" - }, - "Subdirectory": { - "markdownDescription": "Specifies the export path in your NFS file server that you want DataSync to mount.\n\nThis path (or a subdirectory of the path) is where DataSync transfers data to or from. For information on configuring an export for DataSync, see [Accessing NFS file servers](https://docs.aws.amazon.com/datasync/latest/userguide/create-nfs-location.html#accessing-nfs) .", - "title": "Subdirectory", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your location.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "OnPremConfig" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::DataSync::LocationNFS" - ], + "HierarchyLevelId": { + "markdownDescription": "The identifier of the hierarchy level.", + "title": "HierarchyLevelId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "The name of the hierarchy level.", + "title": "Name", "type": "string" } }, "required": [ - "Type", - "Properties" + "Name" ], "type": "object" }, - "AWS::DataSync::LocationNFS.MountOptions": { - "additionalProperties": false, - "properties": { - "Version": { - "markdownDescription": "Specifies the NFS version that you want DataSync to use when mounting your NFS share. If the server refuses to use the version specified, the task fails.\n\nYou can specify the following options:\n\n- `AUTOMATIC` (default): DataSync chooses NFS version 4.1.\n- `NFS3` : Stateless protocol version that allows for asynchronous writes on the server.\n- `NFSv4_0` : Stateful, firewall-friendly protocol version that supports delegations and pseudo file systems.\n- `NFSv4_1` : Stateful protocol version that supports sessions, directory delegations, and parallel data processing. NFS version 4.1 also includes all features available in version 4.0.\n\n> DataSync currently only supports NFS version 3 with Amazon FSx for NetApp ONTAP locations.", - "title": "Version", - "type": "string" - } - }, - "type": "object" - }, - "AWS::DataSync::LocationNFS.OnPremConfig": { + "AWS::Connect::UserHierarchyStructure.UserHierarchyStructure": { "additionalProperties": false, "properties": { - "AgentArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Names (ARNs) of the DataSync agents that can connect to your NFS file server.\n\nYou can specify more than one agent. For more information, see [Using multiple DataSync agents](https://docs.aws.amazon.com/datasync/latest/userguide/do-i-need-datasync-agent.html#multiple-agents) .", - "title": "AgentArns", - "type": "array" + "LevelFive": { + "$ref": "#/definitions/AWS::Connect::UserHierarchyStructure.LevelFive", + "markdownDescription": "", + "title": "LevelFive" + }, + "LevelFour": { + "$ref": "#/definitions/AWS::Connect::UserHierarchyStructure.LevelFour", + "markdownDescription": "The update for level four.", + "title": "LevelFour" + }, + "LevelOne": { + "$ref": "#/definitions/AWS::Connect::UserHierarchyStructure.LevelOne", + "markdownDescription": "The update for level one.", + "title": "LevelOne" + }, + "LevelThree": { + "$ref": "#/definitions/AWS::Connect::UserHierarchyStructure.LevelThree", + "markdownDescription": "The update for level three.", + "title": "LevelThree" + }, + "LevelTwo": { + "$ref": "#/definitions/AWS::Connect::UserHierarchyStructure.LevelTwo", + "markdownDescription": "The update for level two.", + "title": "LevelTwo" } }, - "required": [ - "AgentArns" - ], "type": "object" }, - "AWS::DataSync::LocationObjectStorage": { + "AWS::Connect::View": { "additionalProperties": false, "properties": { "Condition": { @@ -62570,71 +68196,54 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessKey": { - "markdownDescription": "Specifies the access key (for example, a user name) if credentials are required to authenticate with the object storage server.", - "title": "AccessKey", - "type": "string" - }, - "AgentArns": { + "Actions": { "items": { "type": "string" }, - "markdownDescription": "(Optional) Specifies the Amazon Resource Names (ARNs) of the DataSync agents that can connect with your object storage system. If you are setting up an agentless cross-cloud transfer, you do not need to specify a value for this parameter.\n\n> Make sure you configure this parameter correctly when you first create your storage location. You cannot add or remove agents from a storage location after you create it.", - "title": "AgentArns", + "markdownDescription": "A list of actions possible from the view.", + "title": "Actions", "type": "array" }, - "BucketName": { - "markdownDescription": "Specifies the name of the object storage bucket involved in the transfer.", - "title": "BucketName", - "type": "string" - }, - "SecretKey": { - "markdownDescription": "Specifies the secret key (for example, a password) if credentials are required to authenticate with the object storage server.\n\n> If you provide a secret using `SecretKey` , but do not provide secret configuration details using `CmkSecretConfig` or `CustomSecretConfig` , then DataSync stores the token using your AWS account's Secrets Manager secret.", - "title": "SecretKey", - "type": "string" - }, - "ServerCertificate": { - "markdownDescription": "Specifies a certificate chain for DataSync to authenticate with your object storage system if the system uses a private or self-signed certificate authority (CA). You must specify a single `.pem` file with a full certificate chain (for example, `file:///home/user/.ssh/object_storage_certificates.pem` ).\n\nThe certificate chain might include:\n\n- The object storage system's certificate\n- All intermediate certificates (if there are any)\n- The root certificate of the signing CA\n\nYou can concatenate your certificates into a `.pem` file (which can be up to 32768 bytes before base64 encoding). The following example `cat` command creates an `object_storage_certificates.pem` file that includes three certificates:\n\n`cat object_server_certificate.pem intermediate_certificate.pem ca_root_certificate.pem > object_storage_certificates.pem`\n\nTo use this parameter, configure `ServerProtocol` to `HTTPS` .", - "title": "ServerCertificate", - "type": "string" - }, - "ServerHostname": { - "markdownDescription": "Specifies the domain name or IP version 4 (IPv4) address of the object storage server that your DataSync agent connects to.", - "title": "ServerHostname", + "Description": { + "markdownDescription": "The description of the view.", + "title": "Description", "type": "string" }, - "ServerPort": { - "markdownDescription": "Specifies the port that your object storage server accepts inbound network traffic on (for example, port 443).", - "title": "ServerPort", - "type": "number" - }, - "ServerProtocol": { - "markdownDescription": "Specifies the protocol that your object storage server uses to communicate. If not specified, the default value is `HTTPS` .", - "title": "ServerProtocol", + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", + "title": "InstanceArn", "type": "string" }, - "Subdirectory": { - "markdownDescription": "Specifies the object prefix for your object storage server. If this is a source location, DataSync only copies objects with this prefix. If this is a destination location, DataSync writes all objects with this prefix.", - "title": "Subdirectory", + "Name": { + "markdownDescription": "The name of the view.", + "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Specifies the key-value pair that represents a tag that you want to add to the resource. Tags can help you manage, filter, and search for your resources. We recommend creating a name tag for your location.", + "markdownDescription": "The tags associated with the view resource (not specific to view version).", "title": "Tags", "type": "array" + }, + "Template": { + "markdownDescription": "The view template representing the structure of the view.", + "title": "Template", + "type": "object" } }, "required": [ - "AgentArns" + "Actions", + "InstanceArn", + "Name", + "Template" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataSync::LocationObjectStorage" + "AWS::Connect::View" ], "type": "string" }, @@ -62653,7 +68262,7 @@ ], "type": "object" }, - "AWS::DataSync::LocationS3": { + "AWS::Connect::ViewVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -62688,43 +68297,30 @@ "Properties": { "additionalProperties": false, "properties": { - "S3BucketArn": { - "markdownDescription": "The ARN of the Amazon S3 bucket.", - "title": "S3BucketArn", + "VersionDescription": { + "markdownDescription": "The description of the view version.", + "title": "VersionDescription", "type": "string" }, - "S3Config": { - "$ref": "#/definitions/AWS::DataSync::LocationS3.S3Config", - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that is used to access an Amazon S3 bucket.\n\nFor detailed information about using such a role, see [Creating a Location for Amazon S3](https://docs.aws.amazon.com/datasync/latest/userguide/working-with-locations.html#create-s3-location) in the *AWS DataSync User Guide* .", - "title": "S3Config" - }, - "S3StorageClass": { - "markdownDescription": "The Amazon S3 storage class that you want to store your files in when this location is used as a task destination. For buckets in AWS Regions , the storage class defaults to S3 Standard.\n\nFor more information about S3 storage classes, see [Amazon S3 Storage Classes](https://docs.aws.amazon.com/s3/storage-classes/) . Some storage classes have behaviors that can affect your S3 storage costs. For detailed information, see [Considerations When Working with Amazon S3 Storage Classes in DataSync](https://docs.aws.amazon.com/datasync/latest/userguide/create-s3-location.html#using-storage-classes) .", - "title": "S3StorageClass", + "ViewArn": { + "markdownDescription": "The unqualified Amazon Resource Name (ARN) of the view.\n\nFor example:\n\n`arn::connect:::instance/00000000-0000-0000-0000-000000000000/view/00000000-0000-0000-0000-000000000000`", + "title": "ViewArn", "type": "string" }, - "Subdirectory": { - "markdownDescription": "Specifies a prefix in the S3 bucket that DataSync reads from or writes to (depending on whether the bucket is a source or destination location).\n\n> DataSync can't transfer objects with a prefix that begins with a slash ( `/` ) or includes `//` , `/./` , or `/../` patterns. For example:\n> \n> - `/photos`\n> - `photos//2006/January`\n> - `photos/./2006/February`\n> - `photos/../2006/March`", - "title": "Subdirectory", + "ViewContentSha256": { + "markdownDescription": "Indicates the checksum value of the latest published view content.", + "title": "ViewContentSha256", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your transfer location.", - "title": "Tags", - "type": "array" } }, "required": [ - "S3Config" + "ViewArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataSync::LocationS3" + "AWS::Connect::ViewVersion" ], "type": "string" }, @@ -62743,21 +68339,7 @@ ], "type": "object" }, - "AWS::DataSync::LocationS3.S3Config": { - "additionalProperties": false, - "properties": { - "BucketAccessRoleArn": { - "markdownDescription": "Specifies the ARN of the IAM role that DataSync uses to access your S3 bucket.", - "title": "BucketAccessRoleArn", - "type": "string" - } - }, - "required": [ - "BucketAccessRoleArn" - ], - "type": "object" - }, - "AWS::DataSync::LocationSMB": { + "AWS::ConnectCampaigns::Campaign": { "additionalProperties": false, "properties": { "Condition": { @@ -62792,62 +68374,46 @@ "Properties": { "additionalProperties": false, "properties": { - "AgentArns": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the DataSync agent (or agents) that can connect to your SMB file server. You specify an agent by using its Amazon Resource Name (ARN).", - "title": "AgentArns", - "type": "array" - }, - "Domain": { - "markdownDescription": "Specifies the Windows domain name that your SMB file server belongs to. This parameter applies only if `AuthenticationType` is set to `NTLM` .\n\nIf you have multiple domains in your environment, configuring this parameter makes sure that DataSync connects to the right file server.", - "title": "Domain", + "ConnectInstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Connect instance.", + "title": "ConnectInstanceArn", "type": "string" }, - "MountOptions": { - "$ref": "#/definitions/AWS::DataSync::LocationSMB.MountOptions", - "markdownDescription": "Specifies the version of the SMB protocol that DataSync uses to access your SMB file server.", - "title": "MountOptions" - }, - "Password": { - "markdownDescription": "Specifies the password of the user who can mount your SMB file server and has permission to access the files and folders involved in your transfer. This parameter applies only if `AuthenticationType` is set to `NTLM` .", - "title": "Password", - "type": "string" + "DialerConfig": { + "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign.DialerConfig", + "markdownDescription": "Contains information about the dialer configuration.", + "title": "DialerConfig" }, - "ServerHostname": { - "markdownDescription": "Specifies the domain name or IP address of the SMB file server that your DataSync agent connects to.\n\nRemember the following when configuring this parameter:\n\n- You can't specify an IP version 6 (IPv6) address.\n- If you're using Kerberos authentication, you must specify a domain name.", - "title": "ServerHostname", + "Name": { + "markdownDescription": "The name of the campaign.", + "title": "Name", "type": "string" }, - "Subdirectory": { - "markdownDescription": "Specifies the name of the share exported by your SMB file server where DataSync will read or write data. You can include a subdirectory in the share path (for example, `/path/to/subdirectory` ). Make sure that other SMB clients in your network can also mount this path.\n\nTo copy all data in the subdirectory, DataSync must be able to mount the SMB share and access all of its data. For more information, see [Providing DataSync access to SMB file servers](https://docs.aws.amazon.com/datasync/latest/userguide/create-smb-location.html#configuring-smb-permissions) .", - "title": "Subdirectory", - "type": "string" + "OutboundCallConfig": { + "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign.OutboundCallConfig", + "markdownDescription": "Contains information about the outbound call configuration.", + "title": "OutboundCallConfig" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your location.", + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" - }, - "User": { - "markdownDescription": "Specifies the user that can mount and access the files, folders, and file metadata in your SMB file server. This parameter applies only if `AuthenticationType` is set to `NTLM` .\n\nFor information about choosing a user with the right level of access for your transfer, see [Providing DataSync access to SMB file servers](https://docs.aws.amazon.com/datasync/latest/userguide/create-smb-location.html#configuring-smb-permissions) .", - "title": "User", - "type": "string" } }, "required": [ - "AgentArns", - "User" + "ConnectInstanceArn", + "DialerConfig", + "Name", + "OutboundCallConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataSync::LocationSMB" + "AWS::ConnectCampaigns::Campaign" ], "type": "string" }, @@ -62866,140 +68432,125 @@ ], "type": "object" }, - "AWS::DataSync::LocationSMB.MountOptions": { + "AWS::ConnectCampaigns::Campaign.AgentlessDialerConfig": { "additionalProperties": false, "properties": { - "Version": { - "markdownDescription": "By default, DataSync automatically chooses an SMB protocol version based on negotiation with your SMB file server. You also can configure DataSync to use a specific SMB version, but we recommend doing this only if DataSync has trouble negotiating with the SMB file server automatically.\n\nThese are the following options for configuring the SMB version:\n\n- `AUTOMATIC` (default): DataSync and the SMB file server negotiate the highest version of SMB that they mutually support between 2.1 and 3.1.1.\n\nThis is the recommended option. If you instead choose a specific version that your file server doesn't support, you may get an `Operation Not Supported` error.\n- `SMB3` : Restricts the protocol negotiation to only SMB version 3.0.2.\n- `SMB2` : Restricts the protocol negotiation to only SMB version 2.1.\n- `SMB2_0` : Restricts the protocol negotiation to only SMB version 2.0.\n- `SMB1` : Restricts the protocol negotiation to only SMB version 1.0.\n\n> The `SMB1` option isn't available when [creating an Amazon FSx for NetApp ONTAP location](https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateLocationFsxOntap.html) .", - "title": "Version", - "type": "string" + "DialingCapacity": { + "markdownDescription": "The allocation of dialing capacity between multiple active campaigns.", + "title": "DialingCapacity", + "type": "number" } }, "type": "object" }, - "AWS::DataSync::StorageSystem": { + "AWS::ConnectCampaigns::Campaign.AnswerMachineDetectionConfig": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "AwaitAnswerMachinePrompt": { + "markdownDescription": "Whether waiting for answer machine prompt is enabled.", + "title": "AwaitAnswerMachinePrompt", + "type": "boolean" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "EnableAnswerMachineDetection": { + "markdownDescription": "Whether answering machine detection is enabled.", + "title": "EnableAnswerMachineDetection", + "type": "boolean" + } + }, + "required": [ + "EnableAnswerMachineDetection" + ], + "type": "object" + }, + "AWS::ConnectCampaigns::Campaign.DialerConfig": { + "additionalProperties": false, + "properties": { + "AgentlessDialerConfig": { + "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign.AgentlessDialerConfig", + "markdownDescription": "The configuration of the agentless dialer.", + "title": "AgentlessDialerConfig" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "PredictiveDialerConfig": { + "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign.PredictiveDialerConfig", + "markdownDescription": "The configuration of the predictive dialer.", + "title": "PredictiveDialerConfig" }, - "Metadata": { - "type": "object" + "ProgressiveDialerConfig": { + "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign.ProgressiveDialerConfig", + "markdownDescription": "The configuration of the progressive dialer.", + "title": "ProgressiveDialerConfig" + } + }, + "type": "object" + }, + "AWS::ConnectCampaigns::Campaign.OutboundCallConfig": { + "additionalProperties": false, + "properties": { + "AnswerMachineDetectionConfig": { + "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign.AnswerMachineDetectionConfig", + "markdownDescription": "Whether answering machine detection has been enabled.", + "title": "AnswerMachineDetectionConfig" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AgentArns": { - "items": { - "type": "string" - }, - "type": "array" - }, - "CloudWatchLogGroupArn": { - "type": "string" - }, - "Name": { - "type": "string" - }, - "ServerConfiguration": { - "$ref": "#/definitions/AWS::DataSync::StorageSystem.ServerConfiguration" - }, - "ServerCredentials": { - "$ref": "#/definitions/AWS::DataSync::StorageSystem.ServerCredentials" - }, - "SystemType": { - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "type": "array" - } - }, - "required": [ - "AgentArns", - "ServerConfiguration", - "SystemType" - ], - "type": "object" + "ConnectContactFlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", + "title": "ConnectContactFlowArn", + "type": "string" }, - "Type": { - "enum": [ - "AWS::DataSync::StorageSystem" - ], + "ConnectQueueArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the queue.", + "title": "ConnectQueueArn", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ConnectSourcePhoneNumber": { + "markdownDescription": "The phone number associated with the outbound call. This is the caller ID that is displayed to customers when an agent calls them.", + "title": "ConnectSourcePhoneNumber", "type": "string" } }, "required": [ - "Type", - "Properties" + "ConnectContactFlowArn" ], "type": "object" }, - "AWS::DataSync::StorageSystem.ServerConfiguration": { + "AWS::ConnectCampaigns::Campaign.PredictiveDialerConfig": { "additionalProperties": false, "properties": { - "ServerHostname": { - "type": "string" + "BandwidthAllocation": { + "markdownDescription": "Bandwidth allocation for the predictive dialer.", + "title": "BandwidthAllocation", + "type": "number" }, - "ServerPort": { + "DialingCapacity": { + "markdownDescription": "The allocation of dialing capacity between multiple active campaigns.", + "title": "DialingCapacity", "type": "number" } }, "required": [ - "ServerHostname" + "BandwidthAllocation" ], "type": "object" }, - "AWS::DataSync::StorageSystem.ServerCredentials": { + "AWS::ConnectCampaigns::Campaign.ProgressiveDialerConfig": { "additionalProperties": false, "properties": { - "Password": { - "type": "string" + "BandwidthAllocation": { + "markdownDescription": "Bandwidth allocation for the progressive dialer.", + "title": "BandwidthAllocation", + "type": "number" }, - "Username": { - "type": "string" + "DialingCapacity": { + "markdownDescription": "The allocation of dialing capacity between multiple active campaigns.", + "title": "DialingCapacity", + "type": "number" } }, "required": [ - "Password", - "Username" + "BandwidthAllocation" ], "type": "object" }, - "AWS::DataSync::Task": { + "AWS::ConnectCampaignsV2::Campaign": { "additionalProperties": false, "properties": { "Condition": { @@ -63034,80 +68585,65 @@ "Properties": { "additionalProperties": false, "properties": { - "CloudWatchLogGroupArn": { - "markdownDescription": "Specifies the Amazon Resource Name (ARN) of an Amazon CloudWatch log group for monitoring your task.\n\nFor Enhanced mode tasks, you don't need to specify anything. DataSync automatically sends logs to a CloudWatch log group named `/aws/datasync` .\n\nFor more information, see [Monitoring data transfers with CloudWatch Logs](https://docs.aws.amazon.com/datasync/latest/userguide/configure-logging.html) .", - "title": "CloudWatchLogGroupArn", - "type": "string" + "ChannelSubtypeConfig": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.ChannelSubtypeConfig", + "markdownDescription": "Contains channel subtype configuration for an outbound campaign.", + "title": "ChannelSubtypeConfig" }, - "DestinationLocationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS storage resource's location.", - "title": "DestinationLocationArn", - "type": "string" + "CommunicationLimitsOverride": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.CommunicationLimitsConfig", + "markdownDescription": "Communication limits configuration for an outbound campaign.", + "title": "CommunicationLimitsOverride" }, - "Excludes": { - "items": { - "$ref": "#/definitions/AWS::DataSync::Task.FilterRule" - }, - "markdownDescription": "Specifies exclude filters that define the files, objects, and folders in your source location that you don't want DataSync to transfer. For more information and examples, see [Specifying what DataSync transfers by using filters](https://docs.aws.amazon.com/datasync/latest/userguide/filtering.html) .", - "title": "Excludes", - "type": "array" + "CommunicationTimeConfig": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.CommunicationTimeConfig", + "markdownDescription": "Contains communication time configuration for an outbound campaign.", + "title": "CommunicationTimeConfig" }, - "Includes": { - "items": { - "$ref": "#/definitions/AWS::DataSync::Task.FilterRule" - }, - "markdownDescription": "Specifies include filters that define the files, objects, and folders in your source location that you want DataSync to transfer. For more information and examples, see [Specifying what DataSync transfers by using filters](https://docs.aws.amazon.com/datasync/latest/userguide/filtering.html) .", - "title": "Includes", - "type": "array" + "ConnectCampaignFlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Connect campaign flow associated with the outbound campaign.", + "title": "ConnectCampaignFlowArn", + "type": "string" }, - "ManifestConfig": { - "$ref": "#/definitions/AWS::DataSync::Task.ManifestConfig", - "markdownDescription": "The configuration of the manifest that lists the files or objects that you want DataSync to transfer. For more information, see [Specifying what DataSync transfers by using a manifest](https://docs.aws.amazon.com/datasync/latest/userguide/transferring-with-manifest.html) .", - "title": "ManifestConfig" + "ConnectInstanceId": { + "markdownDescription": "The identifier of the Amazon Connect instance. You can find the `instanceId` in the ARN of the instance.", + "title": "ConnectInstanceId", + "type": "string" }, "Name": { - "markdownDescription": "Specifies the name of your task.", + "markdownDescription": "The name of the outbound campaign.", "title": "Name", "type": "string" }, - "Options": { - "$ref": "#/definitions/AWS::DataSync::Task.Options", - "markdownDescription": "Specifies your task's settings, such as preserving file metadata, verifying data integrity, among other options.", - "title": "Options" - }, "Schedule": { - "$ref": "#/definitions/AWS::DataSync::Task.TaskSchedule", - "markdownDescription": "Specifies a schedule for when you want your task to run. For more information, see [Scheduling your task](https://docs.aws.amazon.com/datasync/latest/userguide/task-scheduling.html) .", + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.Schedule", + "markdownDescription": "Contains the schedule configuration.", "title": "Schedule" }, - "SourceLocationArn": { - "markdownDescription": "Specifies the ARN of your transfer's source location.", - "title": "SourceLocationArn", - "type": "string" + "Source": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.Source", + "markdownDescription": "Contains source configuration.", + "title": "Source" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Specifies the tags that you want to apply to your task.\n\n*Tags* are key-value pairs that help you manage, filter, and search for your DataSync resources.", + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, `{ \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }` .", "title": "Tags", "type": "array" - }, - "TaskReportConfig": { - "$ref": "#/definitions/AWS::DataSync::Task.TaskReportConfig", - "markdownDescription": "The configuration of your task report, which provides detailed information about your DataSync transfer. For more information, see [Monitoring your DataSync transfers with task reports](https://docs.aws.amazon.com/datasync/latest/userguide/task-reports.html) .", - "title": "TaskReportConfig" } }, "required": [ - "DestinationLocationArn", - "SourceLocationArn" + "ChannelSubtypeConfig", + "ConnectInstanceId", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataSync::Task" + "AWS::ConnectCampaignsV2::Campaign" ], "type": "string" }, @@ -63126,318 +68662,540 @@ ], "type": "object" }, - "AWS::DataSync::Task.Deleted": { + "AWS::ConnectCampaignsV2::Campaign.AnswerMachineDetectionConfig": { "additionalProperties": false, "properties": { - "ReportLevel": { - "markdownDescription": "", - "title": "ReportLevel", - "type": "string" + "AwaitAnswerMachinePrompt": { + "markdownDescription": "Whether or not waiting for an answer machine prompt is enabled.", + "title": "AwaitAnswerMachinePrompt", + "type": "boolean" + }, + "EnableAnswerMachineDetection": { + "markdownDescription": "Enables answering machine detection.", + "title": "EnableAnswerMachineDetection", + "type": "boolean" } }, + "required": [ + "EnableAnswerMachineDetection" + ], "type": "object" }, - "AWS::DataSync::Task.Destination": { + "AWS::ConnectCampaignsV2::Campaign.ChannelSubtypeConfig": { "additionalProperties": false, "properties": { - "S3": { - "$ref": "#/definitions/AWS::DataSync::Task.TaskReportConfigDestinationS3", - "markdownDescription": "", - "title": "S3" + "Email": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.EmailChannelSubtypeConfig", + "markdownDescription": "The configuration of the email channel subtype.", + "title": "Email" + }, + "Sms": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.SmsChannelSubtypeConfig", + "markdownDescription": "The configuration of the SMS channel subtype.", + "title": "Sms" + }, + "Telephony": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.TelephonyChannelSubtypeConfig", + "markdownDescription": "The configuration of the telephony channel subtype.", + "title": "Telephony" } }, "type": "object" }, - "AWS::DataSync::Task.FilterRule": { + "AWS::ConnectCampaignsV2::Campaign.CommunicationLimit": { "additionalProperties": false, "properties": { - "FilterType": { - "markdownDescription": "The type of filter rule to apply. AWS DataSync only supports the SIMPLE_PATTERN rule type.", - "title": "FilterType", - "type": "string" + "Frequency": { + "markdownDescription": "The frequency of communication limit evaluation.", + "title": "Frequency", + "type": "number" }, - "Value": { - "markdownDescription": "A single filter string that consists of the patterns to include or exclude. The patterns are delimited by \"|\" (that is, a pipe), for example: `/folder1|/folder2`", - "title": "Value", + "MaxCountPerRecipient": { + "markdownDescription": "The maximum outreaching count for each recipient.", + "title": "MaxCountPerRecipient", + "type": "number" + }, + "Unit": { + "markdownDescription": "The unit of communication limit evaluation.", + "title": "Unit", "type": "string" } }, + "required": [ + "Frequency", + "MaxCountPerRecipient", + "Unit" + ], "type": "object" }, - "AWS::DataSync::Task.ManifestConfig": { + "AWS::ConnectCampaignsV2::Campaign.CommunicationLimits": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "Specifies what DataSync uses the manifest for.", - "title": "Action", - "type": "string" + "CommunicationLimitList": { + "items": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.CommunicationLimit" + }, + "markdownDescription": "The list of CommunicationLimits.", + "title": "CommunicationLimitList", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.CommunicationLimitsConfig": { + "additionalProperties": false, + "properties": { + "AllChannelsSubtypes": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.CommunicationLimits", + "markdownDescription": "The CommunicationLimits that apply to all channel subtypes defined in an outbound campaign.", + "title": "AllChannelsSubtypes" }, - "Format": { - "markdownDescription": "Specifies the file format of your manifest. For more information, see [Creating a manifest](https://docs.aws.amazon.com/datasync/latest/userguide/transferring-with-manifest.html#transferring-with-manifest-create) .", - "title": "Format", + "InstanceLimitsHandling": { + "markdownDescription": "Opt-in or Opt-out from instance-level limits.", + "title": "InstanceLimitsHandling", "type": "string" - }, - "Source": { - "$ref": "#/definitions/AWS::DataSync::Task.Source", - "markdownDescription": "Specifies the manifest that you want DataSync to use and where it's hosted.\n\n> You must specify this parameter if you're configuring a new manifest on or after February 7, 2024.\n> \n> If you don't, you'll get a 400 status code and `ValidationException` error stating that you're missing the IAM role for DataSync to access the S3 bucket where you're hosting your manifest. For more information, see [Providing DataSync access to your manifest](https://docs.aws.amazon.com/datasync/latest/userguide/transferring-with-manifest.html#transferring-with-manifest-access) .", - "title": "Source" } }, - "required": [ - "Source" - ], "type": "object" }, - "AWS::DataSync::Task.ManifestConfigSourceS3": { + "AWS::ConnectCampaignsV2::Campaign.CommunicationTimeConfig": { "additionalProperties": false, "properties": { - "BucketAccessRoleArn": { - "markdownDescription": "", - "title": "BucketAccessRoleArn", - "type": "string" + "Email": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.TimeWindow", + "markdownDescription": "The communication time configuration for the email channel subtype.", + "title": "Email" }, - "ManifestObjectPath": { - "markdownDescription": "", - "title": "ManifestObjectPath", - "type": "string" + "LocalTimeZoneConfig": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.LocalTimeZoneConfig", + "markdownDescription": "The local timezone configuration.", + "title": "LocalTimeZoneConfig" }, - "ManifestObjectVersionId": { - "markdownDescription": "", - "title": "ManifestObjectVersionId", - "type": "string" + "Sms": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.TimeWindow", + "markdownDescription": "The communication time configuration for the SMS channel subtype.", + "title": "Sms" }, - "S3BucketArn": { - "markdownDescription": "", - "title": "S3BucketArn", - "type": "string" + "Telephony": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.TimeWindow", + "markdownDescription": "The communication time configuration for the telephony channel subtype.", + "title": "Telephony" } }, + "required": [ + "LocalTimeZoneConfig" + ], "type": "object" }, - "AWS::DataSync::Task.Options": { + "AWS::ConnectCampaignsV2::Campaign.DailyHour": { "additionalProperties": false, "properties": { - "Atime": { - "markdownDescription": "A file metadata value that shows the last time that a file was accessed (that is, when the file was read or written to). If you set `Atime` to `BEST_EFFORT` , AWS DataSync attempts to preserve the original `Atime` attribute on all source files (that is, the version before the PREPARING phase). However, `Atime` 's behavior is not fully standard across platforms, so AWS DataSync can only do this on a best-effort basis.\n\nDefault value: `BEST_EFFORT`\n\n`BEST_EFFORT` : Attempt to preserve the per-file `Atime` value (recommended).\n\n`NONE` : Ignore `Atime` .\n\n> If `Atime` is set to `BEST_EFFORT` , `Mtime` must be set to `PRESERVE` .\n> \n> If `Atime` is set to `NONE` , `Mtime` must also be `NONE` .", - "title": "Atime", + "Key": { + "markdownDescription": "The key for DailyHour.", + "title": "Key", "type": "string" }, - "BytesPerSecond": { - "markdownDescription": "A value that limits the bandwidth used by AWS DataSync . For example, if you want AWS DataSync to use a maximum of 1 MB, set this value to `1048576` (=1024*1024).", - "title": "BytesPerSecond", + "Value": { + "items": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.TimeRange" + }, + "markdownDescription": "The value for DailyHour.", + "title": "Value", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.EmailChannelSubtypeConfig": { + "additionalProperties": false, + "properties": { + "Capacity": { + "markdownDescription": "The allocation of email capacity between multiple running outbound campaigns.", + "title": "Capacity", "type": "number" }, - "Gid": { - "markdownDescription": "The group ID (GID) of the file's owners.\n\nDefault value: `INT_VALUE`\n\n`INT_VALUE` : Preserve the integer value of the user ID (UID) and group ID (GID) (recommended).\n\n`NAME` : Currently not supported.\n\n`NONE` : Ignore the UID and GID.", - "title": "Gid", - "type": "string" - }, - "LogLevel": { - "markdownDescription": "Specifies the type of logs that DataSync publishes to a Amazon CloudWatch Logs log group. To specify the log group, see [CloudWatchLogGroupArn](https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateTask.html#DataSync-CreateTask-request-CloudWatchLogGroupArn) .\n\n- `BASIC` - Publishes logs with only basic information (such as transfer errors).\n- `TRANSFER` - Publishes logs for all files or objects that your DataSync task transfers and performs data-integrity checks on.\n- `OFF` - No logs are published.", - "title": "LogLevel", - "type": "string" + "DefaultOutboundConfig": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.EmailOutboundConfig", + "markdownDescription": "The default email outbound configuration of an outbound campaign.", + "title": "DefaultOutboundConfig" }, - "Mtime": { - "markdownDescription": "A value that indicates the last time that a file was modified (that is, a file was written to) before the PREPARING phase. This option is required for cases when you need to run the same task more than one time.\n\nDefault value: `PRESERVE`\n\n`PRESERVE` : Preserve original `Mtime` (recommended)\n\n`NONE` : Ignore `Mtime` .\n\n> If `Mtime` is set to `PRESERVE` , `Atime` must be set to `BEST_EFFORT` .\n> \n> If `Mtime` is set to `NONE` , `Atime` must also be set to `NONE` .", - "title": "Mtime", + "OutboundMode": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.EmailOutboundMode", + "markdownDescription": "The outbound mode for email of an outbound campaign.", + "title": "OutboundMode" + } + }, + "required": [ + "DefaultOutboundConfig", + "OutboundMode" + ], + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.EmailOutboundConfig": { + "additionalProperties": false, + "properties": { + "ConnectSourceEmailAddress": { + "markdownDescription": "The Amazon Connect source email address.", + "title": "ConnectSourceEmailAddress", "type": "string" }, - "ObjectTags": { - "markdownDescription": "Specifies whether you want DataSync to `PRESERVE` object tags (default behavior) when transferring between object storage systems. If you want your DataSync task to ignore object tags, specify the `NONE` value.", - "title": "ObjectTags", + "SourceEmailAddressDisplayName": { + "markdownDescription": "The display name for the Amazon Connect source email address.", + "title": "SourceEmailAddressDisplayName", "type": "string" }, - "OverwriteMode": { - "markdownDescription": "Specifies whether DataSync should modify or preserve data at the destination location.\n\n- `ALWAYS` (default) - DataSync modifies data in the destination location when source data (including metadata) has changed.\n\nIf DataSync overwrites objects, you might incur additional charges for certain Amazon S3 storage classes (for example, for retrieval or early deletion). For more information, see [Storage class considerations with Amazon S3 transfers](https://docs.aws.amazon.com/datasync/latest/userguide/create-s3-location.html#using-storage-classes) .\n- `NEVER` - DataSync doesn't overwrite data in the destination location even if the source data has changed. You can use this option to protect against overwriting changes made to files or objects in the destination.", - "title": "OverwriteMode", + "WisdomTemplateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Q in Connect template.", + "title": "WisdomTemplateArn", "type": "string" - }, - "PosixPermissions": { - "markdownDescription": "A value that determines which users or groups can access a file for a specific purpose, such as reading, writing, or execution of the file. This option should be set only for Network File System (NFS), Amazon EFS, and Amazon S3 locations. For more information about what metadata is copied by DataSync, see [Metadata Copied by DataSync](https://docs.aws.amazon.com/datasync/latest/userguide/special-files.html#metadata-copied) .\n\nDefault value: `PRESERVE`\n\n`PRESERVE` : Preserve POSIX-style permissions (recommended).\n\n`NONE` : Ignore permissions.\n\n> AWS DataSync can preserve extant permissions of a source location.", - "title": "PosixPermissions", + } + }, + "required": [ + "ConnectSourceEmailAddress", + "WisdomTemplateArn" + ], + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.EmailOutboundMode": { + "additionalProperties": false, + "properties": { + "AgentlessConfig": { + "markdownDescription": "The agentless outbound mode configuration for email.", + "title": "AgentlessConfig", + "type": "object" + } + }, + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.EventTrigger": { + "additionalProperties": false, + "properties": { + "CustomerProfilesDomainArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Customer Profiles domain.", + "title": "CustomerProfilesDomainArn", "type": "string" - }, - "PreserveDeletedFiles": { - "markdownDescription": "A value that specifies whether files in the destination that don't exist in the source file system are preserved. This option can affect your storage costs. If your task deletes objects, you might incur minimum storage duration charges for certain storage classes. For detailed information, see [Considerations when working with Amazon S3 storage classes in DataSync](https://docs.aws.amazon.com/datasync/latest/userguide/create-s3-location.html#using-storage-classes) in the *AWS DataSync User Guide* .\n\nDefault value: `PRESERVE`\n\n`PRESERVE` : Ignore destination files that aren't present in the source (recommended).\n\n`REMOVE` : Delete destination files that aren't present in the source.", - "title": "PreserveDeletedFiles", + } + }, + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.LocalTimeZoneConfig": { + "additionalProperties": false, + "properties": { + "DefaultTimeZone": { + "markdownDescription": "The timezone to use for all recipients.", + "title": "DefaultTimeZone", "type": "string" }, - "PreserveDevices": { - "markdownDescription": "A value that determines whether AWS DataSync should preserve the metadata of block and character devices in the source file system, and re-create the files with that device name and metadata on the destination. DataSync does not copy the contents of such devices, only the name and metadata.\n\n> AWS DataSync can't sync the actual contents of such devices, because they are nonterminal and don't return an end-of-file (EOF) marker. \n\nDefault value: `NONE`\n\n`NONE` : Ignore special devices (recommended).\n\n`PRESERVE` : Preserve character and block device metadata. This option isn't currently supported for Amazon EFS.", - "title": "PreserveDevices", + "LocalTimeZoneDetection": { + "items": { + "type": "string" + }, + "markdownDescription": "Detects methods for the recipient's timezone.", + "title": "LocalTimeZoneDetection", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.OpenHours": { + "additionalProperties": false, + "properties": { + "DailyHours": { + "items": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.DailyHour" + }, + "markdownDescription": "The daily hours configuration.", + "title": "DailyHours", + "type": "array" + } + }, + "required": [ + "DailyHours" + ], + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.PredictiveConfig": { + "additionalProperties": false, + "properties": { + "BandwidthAllocation": { + "markdownDescription": "Bandwidth allocation for the predictive outbound mode.", + "title": "BandwidthAllocation", + "type": "number" + } + }, + "required": [ + "BandwidthAllocation" + ], + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.ProgressiveConfig": { + "additionalProperties": false, + "properties": { + "BandwidthAllocation": { + "markdownDescription": "Bandwidth allocation for the progressive outbound mode.", + "title": "BandwidthAllocation", + "type": "number" + } + }, + "required": [ + "BandwidthAllocation" + ], + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.RestrictedPeriod": { + "additionalProperties": false, + "properties": { + "EndDate": { + "markdownDescription": "The end date of the restricted period.", + "title": "EndDate", "type": "string" }, - "SecurityDescriptorCopyFlags": { - "markdownDescription": "A value that determines which components of the SMB security descriptor are copied from source to destination objects.\n\nThis value is only used for transfers between SMB and Amazon FSx for Windows File Server locations, or between two Amazon FSx for Windows File Server locations. For more information about how DataSync handles metadata, see [How DataSync Handles Metadata and Special Files](https://docs.aws.amazon.com/datasync/latest/userguide/special-files.html) .\n\nDefault value: `OWNER_DACL`\n\n`OWNER_DACL` : For each copied object, DataSync copies the following metadata:\n\n- Object owner.\n- NTFS discretionary access control lists (DACLs), which determine whether to grant access to an object.\n\nWhen you use option, DataSync does NOT copy the NTFS system access control lists (SACLs), which are used by administrators to log attempts to access a secured object.\n\n`OWNER_DACL_SACL` : For each copied object, DataSync copies the following metadata:\n\n- Object owner.\n- NTFS discretionary access control lists (DACLs), which determine whether to grant access to an object.\n- NTFS system access control lists (SACLs), which are used by administrators to log attempts to access a secured object.\n\nCopying SACLs requires granting additional permissions to the Windows user that DataSync uses to access your SMB location. For information about choosing a user that ensures sufficient permissions to files, folders, and metadata, see [user](https://docs.aws.amazon.com/datasync/latest/userguide/create-smb-location.html#SMBuser) .\n\n`NONE` : None of the SMB security descriptor components are copied. Destination objects are owned by the user that was provided for accessing the destination location. DACLs and SACLs are set based on the destination server\u2019s configuration.", - "title": "SecurityDescriptorCopyFlags", + "Name": { + "markdownDescription": "The name of the restricted period.", + "title": "Name", "type": "string" }, - "TaskQueueing": { - "markdownDescription": "Specifies whether your transfer tasks should be put into a queue during certain scenarios when [running multiple tasks](https://docs.aws.amazon.com/datasync/latest/userguide/run-task.html#running-multiple-tasks) . This is `ENABLED` by default.", - "title": "TaskQueueing", + "StartDate": { + "markdownDescription": "The start date of the restricted period.", + "title": "StartDate", "type": "string" - }, - "TransferMode": { - "markdownDescription": "A value that determines whether DataSync transfers only the data and metadata that differ between the source and the destination location, or whether DataSync transfers all the content from the source, without comparing it to the destination location.\n\n`CHANGED` : DataSync copies only data or metadata that is new or different from the source location to the destination location.\n\n`ALL` : DataSync copies all source location content to the destination, without comparing it to existing content on the destination.", - "title": "TransferMode", + } + }, + "required": [ + "EndDate", + "StartDate" + ], + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.RestrictedPeriods": { + "additionalProperties": false, + "properties": { + "RestrictedPeriodList": { + "items": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.RestrictedPeriod" + }, + "markdownDescription": "The restricted period list.", + "title": "RestrictedPeriodList", + "type": "array" + } + }, + "required": [ + "RestrictedPeriodList" + ], + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.Schedule": { + "additionalProperties": false, + "properties": { + "EndTime": { + "markdownDescription": "The end time of the schedule in UTC.", + "title": "EndTime", "type": "string" }, - "Uid": { - "markdownDescription": "The user ID (UID) of the file's owner.\n\nDefault value: `INT_VALUE`\n\n`INT_VALUE` : Preserve the integer value of the UID and group ID (GID) (recommended).\n\n`NAME` : Currently not supported\n\n`NONE` : Ignore the UID and GID.", - "title": "Uid", + "RefreshFrequency": { + "markdownDescription": "The refresh frequency of the campaign.", + "title": "RefreshFrequency", "type": "string" }, - "VerifyMode": { - "markdownDescription": "A value that determines whether a data integrity verification is performed at the end of a task execution after all data and metadata have been transferred. For more information, see [Configure task settings](https://docs.aws.amazon.com/datasync/latest/userguide/create-task.html) .\n\nDefault value: `POINT_IN_TIME_CONSISTENT`\n\n`ONLY_FILES_TRANSFERRED` (recommended): Perform verification only on files that were transferred.\n\n`POINT_IN_TIME_CONSISTENT` : Scan the entire source and entire destination at the end of the transfer to verify that the source and destination are fully synchronized. This option isn't supported when transferring to S3 Glacier or S3 Glacier Deep Archive storage classes.\n\n`NONE` : No additional verification is done at the end of the transfer, but all data transmissions are integrity-checked with checksum verification during the transfer.", - "title": "VerifyMode", + "StartTime": { + "markdownDescription": "The start time of the schedule in UTC.", + "title": "StartTime", "type": "string" } }, + "required": [ + "EndTime", + "StartTime" + ], "type": "object" }, - "AWS::DataSync::Task.Overrides": { + "AWS::ConnectCampaignsV2::Campaign.SmsChannelSubtypeConfig": { "additionalProperties": false, "properties": { - "Deleted": { - "$ref": "#/definitions/AWS::DataSync::Task.Deleted", - "markdownDescription": "", - "title": "Deleted" - }, - "Skipped": { - "$ref": "#/definitions/AWS::DataSync::Task.Skipped", - "markdownDescription": "", - "title": "Skipped" + "Capacity": { + "markdownDescription": "The allocation of SMS capacity between multiple running outbound campaigns.", + "title": "Capacity", + "type": "number" }, - "Transferred": { - "$ref": "#/definitions/AWS::DataSync::Task.Transferred", - "markdownDescription": "", - "title": "Transferred" + "DefaultOutboundConfig": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.SmsOutboundConfig", + "markdownDescription": "The default SMS outbound configuration of an outbound campaign.", + "title": "DefaultOutboundConfig" }, - "Verified": { - "$ref": "#/definitions/AWS::DataSync::Task.Verified", - "markdownDescription": "", - "title": "Verified" + "OutboundMode": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.SmsOutboundMode", + "markdownDescription": "The outbound mode of SMS for an outbound campaign.", + "title": "OutboundMode" } }, + "required": [ + "DefaultOutboundConfig", + "OutboundMode" + ], "type": "object" }, - "AWS::DataSync::Task.Skipped": { + "AWS::ConnectCampaignsV2::Campaign.SmsOutboundConfig": { "additionalProperties": false, "properties": { - "ReportLevel": { - "markdownDescription": "", - "title": "ReportLevel", + "ConnectSourcePhoneNumberArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Connect source SMS phone number.", + "title": "ConnectSourcePhoneNumberArn", + "type": "string" + }, + "WisdomTemplateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Q in Connect template.", + "title": "WisdomTemplateArn", "type": "string" } }, + "required": [ + "ConnectSourcePhoneNumberArn", + "WisdomTemplateArn" + ], "type": "object" }, - "AWS::DataSync::Task.Source": { + "AWS::ConnectCampaignsV2::Campaign.SmsOutboundMode": { "additionalProperties": false, "properties": { - "S3": { - "$ref": "#/definitions/AWS::DataSync::Task.ManifestConfigSourceS3", - "markdownDescription": "", - "title": "S3" + "AgentlessConfig": { + "markdownDescription": "Contains agentless outbound mode configuration.", + "title": "AgentlessConfig", + "type": "object" } }, "type": "object" }, - "AWS::DataSync::Task.TaskReportConfig": { + "AWS::ConnectCampaignsV2::Campaign.Source": { "additionalProperties": false, "properties": { - "Destination": { - "$ref": "#/definitions/AWS::DataSync::Task.Destination", - "markdownDescription": "Specifies the Amazon S3 bucket where DataSync uploads your task report. For more information, see [Task reports](https://docs.aws.amazon.com/datasync/latest/userguide/task-reports.html#task-report-access) .", - "title": "Destination" - }, - "ObjectVersionIds": { - "markdownDescription": "Specifies whether your task report includes the new version of each object transferred into an S3 bucket. This only applies if you [enable versioning on your bucket](https://docs.aws.amazon.com/AmazonS3/latest/userguide/manage-versioning-examples.html) . Keep in mind that setting this to `INCLUDE` can increase the duration of your task execution.", - "title": "ObjectVersionIds", + "CustomerProfilesSegmentArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Customer Profiles segment.", + "title": "CustomerProfilesSegmentArn", "type": "string" }, - "OutputType": { - "markdownDescription": "Specifies the type of task report that you want:\n\n- `SUMMARY_ONLY` : Provides necessary details about your task, including the number of files, objects, and directories transferred and transfer duration.\n- `STANDARD` : Provides complete details about your task, including a full list of files, objects, and directories that were transferred, skipped, verified, and more.", - "title": "OutputType", + "EventTrigger": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.EventTrigger", + "markdownDescription": "The event trigger of the campaign.", + "title": "EventTrigger" + } + }, + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.TelephonyChannelSubtypeConfig": { + "additionalProperties": false, + "properties": { + "Capacity": { + "markdownDescription": "The allocation of telephony capacity between multiple running outbound campaigns.", + "title": "Capacity", + "type": "number" + }, + "ConnectQueueId": { + "markdownDescription": "The identifier of the Amazon Connect queue associated with telephony outbound requests of an outbound campaign.", + "title": "ConnectQueueId", "type": "string" }, - "Overrides": { - "$ref": "#/definitions/AWS::DataSync::Task.Overrides", - "markdownDescription": "Customizes the reporting level for aspects of your task report. For example, your report might generally only include errors, but you could specify that you want a list of successes and errors just for the files that DataSync attempted to delete in your destination location.", - "title": "Overrides" + "DefaultOutboundConfig": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.TelephonyOutboundConfig", + "markdownDescription": "The default telephony outbound configuration of an outbound campaign.", + "title": "DefaultOutboundConfig" }, - "ReportLevel": { - "markdownDescription": "Specifies whether you want your task report to include only what went wrong with your transfer or a list of what succeeded and didn't.\n\n- `ERRORS_ONLY` : A report shows what DataSync was unable to transfer, skip, verify, and delete.\n- `SUCCESSES_AND_ERRORS` : A report shows what DataSync was able and unable to transfer, skip, verify, and delete.", - "title": "ReportLevel", - "type": "string" + "OutboundMode": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.TelephonyOutboundMode", + "markdownDescription": "The outbound mode of telephony for an outbound campaign.", + "title": "OutboundMode" } }, "required": [ - "Destination", - "OutputType" + "DefaultOutboundConfig", + "OutboundMode" ], "type": "object" }, - "AWS::DataSync::Task.TaskReportConfigDestinationS3": { + "AWS::ConnectCampaignsV2::Campaign.TelephonyOutboundConfig": { "additionalProperties": false, "properties": { - "BucketAccessRoleArn": { - "markdownDescription": "", - "title": "BucketAccessRoleArn", - "type": "string" + "AnswerMachineDetectionConfig": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.AnswerMachineDetectionConfig", + "markdownDescription": "The answering machine detection configuration.", + "title": "AnswerMachineDetectionConfig" }, - "S3BucketArn": { - "markdownDescription": "", - "title": "S3BucketArn", + "ConnectContactFlowId": { + "markdownDescription": "The identifier of the published Amazon Connect contact flow.", + "title": "ConnectContactFlowId", "type": "string" }, - "Subdirectory": { - "markdownDescription": "", - "title": "Subdirectory", + "ConnectSourcePhoneNumber": { + "markdownDescription": "The Amazon Connect source phone number.", + "title": "ConnectSourcePhoneNumber", "type": "string" } }, + "required": [ + "ConnectContactFlowId" + ], "type": "object" }, - "AWS::DataSync::Task.TaskSchedule": { + "AWS::ConnectCampaignsV2::Campaign.TelephonyOutboundMode": { "additionalProperties": false, "properties": { - "ScheduleExpression": { - "markdownDescription": "Specifies your task schedule by using a cron or rate expression.\n\nUse cron expressions for task schedules that run on a specific time and day. For example, the following cron expression creates a task schedule that runs at 8 AM on the first Wednesday of every month:\n\n`cron(0 8 * * 3#1)`\n\nUse rate expressions for task schedules that run on a regular interval. For example, the following rate expression creates a task schedule that runs every 12 hours:\n\n`rate(12 hours)`\n\nFor information about cron and rate expression syntax, see the [*Amazon EventBridge User Guide*](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-scheduled-rule-pattern.html) .", - "title": "ScheduleExpression", - "type": "string" + "AgentlessConfig": { + "markdownDescription": "The agentless outbound mode configuration for telephony.", + "title": "AgentlessConfig", + "type": "object" }, - "Status": { - "markdownDescription": "Specifies whether to enable or disable your task schedule. Your schedule is enabled by default, but there can be situations where you need to disable it. For example, you might need to pause a recurring transfer to fix an issue with your task or perform maintenance on your storage system.\n\nDataSync might disable your schedule automatically if your task fails repeatedly with the same error. For more information, see [TaskScheduleDetails](https://docs.aws.amazon.com/datasync/latest/userguide/API_TaskScheduleDetails.html) .", - "title": "Status", - "type": "string" + "PredictiveConfig": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.PredictiveConfig", + "markdownDescription": "Contains predictive outbound mode configuration.", + "title": "PredictiveConfig" + }, + "ProgressiveConfig": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.ProgressiveConfig", + "markdownDescription": "Contains progressive telephony outbound mode configuration.", + "title": "ProgressiveConfig" } }, "type": "object" }, - "AWS::DataSync::Task.Transferred": { + "AWS::ConnectCampaignsV2::Campaign.TimeRange": { "additionalProperties": false, "properties": { - "ReportLevel": { - "markdownDescription": "", - "title": "ReportLevel", + "EndTime": { + "markdownDescription": "The end time of the time range.", + "title": "EndTime", + "type": "string" + }, + "StartTime": { + "markdownDescription": "The start time of the time range.", + "title": "StartTime", "type": "string" } }, + "required": [ + "EndTime", + "StartTime" + ], "type": "object" }, - "AWS::DataSync::Task.Verified": { + "AWS::ConnectCampaignsV2::Campaign.TimeWindow": { "additionalProperties": false, "properties": { - "ReportLevel": { - "markdownDescription": "", - "title": "ReportLevel", - "type": "string" + "OpenHours": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.OpenHours", + "markdownDescription": "The open hours configuration.", + "title": "OpenHours" + }, + "RestrictedPeriods": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.RestrictedPeriods", + "markdownDescription": "The restricted periods configuration.", + "title": "RestrictedPeriods" } }, + "required": [ + "OpenHours" + ], "type": "object" }, - "AWS::DataZone::DataSource": { + "AWS::ControlTower::EnabledBaseline": { "additionalProperties": false, "properties": { "Condition": { @@ -63472,82 +69230,48 @@ "Properties": { "additionalProperties": false, "properties": { - "AssetFormsInput": { - "items": { - "$ref": "#/definitions/AWS::DataZone::DataSource.FormInput" - }, - "markdownDescription": "The metadata forms attached to the assets that the data source works with.", - "title": "AssetFormsInput", - "type": "array" - }, - "Configuration": { - "$ref": "#/definitions/AWS::DataZone::DataSource.DataSourceConfigurationInput", - "markdownDescription": "The configuration of the data source.", - "title": "Configuration" - }, - "Description": { - "markdownDescription": "The description of the data source.", - "title": "Description", - "type": "string" - }, - "DomainIdentifier": { - "markdownDescription": "The ID of the Amazon DataZone domain where the data source is created.", - "title": "DomainIdentifier", + "BaselineIdentifier": { + "markdownDescription": "The specific `Baseline` enabled as part of the `EnabledBaseline` resource.", + "title": "BaselineIdentifier", "type": "string" }, - "EnableSetting": { - "markdownDescription": "Specifies whether the data source is enabled.", - "title": "EnableSetting", + "BaselineVersion": { + "markdownDescription": "The enabled version of the `Baseline` .", + "title": "BaselineVersion", "type": "string" }, - "EnvironmentIdentifier": { - "markdownDescription": "The unique identifier of the Amazon DataZone environment to which the data source publishes assets.", - "title": "EnvironmentIdentifier", - "type": "string" + "Parameters": { + "items": { + "$ref": "#/definitions/AWS::ControlTower::EnabledBaseline.Parameter" + }, + "markdownDescription": "Shows the parameters that are applied when enabling this `Baseline` .", + "title": "Parameters", + "type": "array" }, - "Name": { - "markdownDescription": "The name of the data source.", - "title": "Name", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" }, - "ProjectIdentifier": { - "markdownDescription": "The identifier of the Amazon DataZone project in which you want to add this data source.", - "title": "ProjectIdentifier", - "type": "string" - }, - "PublishOnImport": { - "markdownDescription": "Specifies whether the assets that this data source creates in the inventory are to be also automatically published to the catalog.", - "title": "PublishOnImport", - "type": "boolean" - }, - "Recommendation": { - "$ref": "#/definitions/AWS::DataZone::DataSource.RecommendationConfiguration", - "markdownDescription": "Specifies whether the business name generation is to be enabled for this data source.", - "title": "Recommendation" - }, - "Schedule": { - "$ref": "#/definitions/AWS::DataZone::DataSource.ScheduleConfiguration", - "markdownDescription": "The schedule of the data source runs.", - "title": "Schedule" - }, - "Type": { - "markdownDescription": "The type of the data source. In Amazon DataZone, you can use data sources to import technical metadata of assets (data) from the source databases or data warehouses into Amazon DataZone. In the current release of Amazon DataZone, you can create and run data sources for AWS Glue and Amazon Redshift.", - "title": "Type", + "TargetIdentifier": { + "markdownDescription": "The target on which to enable the `Baseline` .", + "title": "TargetIdentifier", "type": "string" } }, "required": [ - "DomainIdentifier", - "EnvironmentIdentifier", - "Name", - "ProjectIdentifier", - "Type" + "BaselineIdentifier", + "BaselineVersion", + "TargetIdentifier" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataZone::DataSource" + "AWS::ControlTower::EnabledBaseline" ], "type": "string" }, @@ -63566,245 +69290,23 @@ ], "type": "object" }, - "AWS::DataZone::DataSource.DataSourceConfigurationInput": { - "additionalProperties": false, - "properties": { - "GlueRunConfiguration": { - "$ref": "#/definitions/AWS::DataZone::DataSource.GlueRunConfigurationInput", - "markdownDescription": "The configuration of the AWS Glue data source.", - "title": "GlueRunConfiguration" - }, - "RedshiftRunConfiguration": { - "$ref": "#/definitions/AWS::DataZone::DataSource.RedshiftRunConfigurationInput", - "markdownDescription": "The configuration of the Amazon Redshift data source.", - "title": "RedshiftRunConfiguration" - } - }, - "type": "object" - }, - "AWS::DataZone::DataSource.FilterExpression": { - "additionalProperties": false, - "properties": { - "Expression": { - "markdownDescription": "The search filter expression.", - "title": "Expression", - "type": "string" - }, - "Type": { - "markdownDescription": "The search filter explresison type.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Expression", - "Type" - ], - "type": "object" - }, - "AWS::DataZone::DataSource.FormInput": { + "AWS::ControlTower::EnabledBaseline.Parameter": { "additionalProperties": false, "properties": { - "Content": { - "markdownDescription": "", - "title": "Content", - "type": "string" - }, - "FormName": { - "markdownDescription": "", - "title": "FormName", - "type": "string" - }, - "TypeIdentifier": { + "Key": { "markdownDescription": "", - "title": "TypeIdentifier", + "title": "Key", "type": "string" }, - "TypeRevision": { + "Value": { "markdownDescription": "", - "title": "TypeRevision", - "type": "string" - } - }, - "required": [ - "FormName" - ], - "type": "object" - }, - "AWS::DataZone::DataSource.GlueRunConfigurationInput": { - "additionalProperties": false, - "properties": { - "AutoImportDataQualityResult": { - "markdownDescription": "Specifies whether to automatically import data quality metrics as part of the data source run.", - "title": "AutoImportDataQualityResult", - "type": "boolean" - }, - "DataAccessRole": { - "markdownDescription": "The data access role included in the configuration details of the AWS Glue data source.", - "title": "DataAccessRole", - "type": "string" - }, - "RelationalFilterConfigurations": { - "items": { - "$ref": "#/definitions/AWS::DataZone::DataSource.RelationalFilterConfiguration" - }, - "markdownDescription": "The relational filter configurations included in the configuration details of the AWS Glue data source.", - "title": "RelationalFilterConfigurations", - "type": "array" - } - }, - "required": [ - "RelationalFilterConfigurations" - ], - "type": "object" - }, - "AWS::DataZone::DataSource.RecommendationConfiguration": { - "additionalProperties": false, - "properties": { - "EnableBusinessNameGeneration": { - "markdownDescription": "Specifies whether automatic business name generation is to be enabled or not as part of the recommendation configuration.", - "title": "EnableBusinessNameGeneration", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::DataZone::DataSource.RedshiftClusterStorage": { - "additionalProperties": false, - "properties": { - "ClusterName": { - "markdownDescription": "The name of an Amazon Redshift cluster.", - "title": "ClusterName", - "type": "string" - } - }, - "required": [ - "ClusterName" - ], - "type": "object" - }, - "AWS::DataZone::DataSource.RedshiftCredentialConfiguration": { - "additionalProperties": false, - "properties": { - "SecretManagerArn": { - "markdownDescription": "The ARN of a secret manager for an Amazon Redshift cluster.", - "title": "SecretManagerArn", - "type": "string" - } - }, - "required": [ - "SecretManagerArn" - ], - "type": "object" - }, - "AWS::DataZone::DataSource.RedshiftRunConfigurationInput": { - "additionalProperties": false, - "properties": { - "DataAccessRole": { - "markdownDescription": "The data access role included in the configuration details of the Amazon Redshift data source.", - "title": "DataAccessRole", - "type": "string" - }, - "RedshiftCredentialConfiguration": { - "$ref": "#/definitions/AWS::DataZone::DataSource.RedshiftCredentialConfiguration", - "markdownDescription": "The details of the credentials required to access an Amazon Redshift cluster.", - "title": "RedshiftCredentialConfiguration" - }, - "RedshiftStorage": { - "$ref": "#/definitions/AWS::DataZone::DataSource.RedshiftStorage", - "markdownDescription": "The details of the Amazon Redshift storage as part of the configuration of an Amazon Redshift data source run.", - "title": "RedshiftStorage" - }, - "RelationalFilterConfigurations": { - "items": { - "$ref": "#/definitions/AWS::DataZone::DataSource.RelationalFilterConfiguration" - }, - "markdownDescription": "The relational filter configurations included in the configuration details of the AWS Glue data source.", - "title": "RelationalFilterConfigurations", - "type": "array" - } - }, - "required": [ - "RedshiftCredentialConfiguration", - "RedshiftStorage", - "RelationalFilterConfigurations" - ], - "type": "object" - }, - "AWS::DataZone::DataSource.RedshiftServerlessStorage": { - "additionalProperties": false, - "properties": { - "WorkgroupName": { - "markdownDescription": "The name of the Amazon Redshift Serverless workgroup.", - "title": "WorkgroupName", - "type": "string" - } - }, - "required": [ - "WorkgroupName" - ], - "type": "object" - }, - "AWS::DataZone::DataSource.RedshiftStorage": { - "additionalProperties": false, - "properties": { - "RedshiftClusterSource": { - "$ref": "#/definitions/AWS::DataZone::DataSource.RedshiftClusterStorage", - "markdownDescription": "The details of the Amazon Redshift cluster source.", - "title": "RedshiftClusterSource" - }, - "RedshiftServerlessSource": { - "$ref": "#/definitions/AWS::DataZone::DataSource.RedshiftServerlessStorage", - "markdownDescription": "The details of the Amazon Redshift Serverless workgroup source.", - "title": "RedshiftServerlessSource" - } - }, - "type": "object" - }, - "AWS::DataZone::DataSource.RelationalFilterConfiguration": { - "additionalProperties": false, - "properties": { - "DatabaseName": { - "markdownDescription": "The database name specified in the relational filter configuration for the data source.", - "title": "DatabaseName", - "type": "string" - }, - "FilterExpressions": { - "items": { - "$ref": "#/definitions/AWS::DataZone::DataSource.FilterExpression" - }, - "markdownDescription": "The filter expressions specified in the relational filter configuration for the data source.", - "title": "FilterExpressions", - "type": "array" - }, - "SchemaName": { - "markdownDescription": "The schema name specified in the relational filter configuration for the data source.", - "title": "SchemaName", - "type": "string" - } - }, - "required": [ - "DatabaseName" - ], - "type": "object" - }, - "AWS::DataZone::DataSource.ScheduleConfiguration": { - "additionalProperties": false, - "properties": { - "Schedule": { - "markdownDescription": "The schedule of the data source runs.", - "title": "Schedule", - "type": "string" - }, - "Timezone": { - "markdownDescription": "The timezone of the data source run.", - "title": "Timezone", - "type": "string" + "title": "Value", + "type": "object" } }, "type": "object" }, - "AWS::DataZone::Domain": { + "AWS::ControlTower::EnabledControl": { "additionalProperties": false, "properties": { "Condition": { @@ -63839,49 +69341,42 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the Amazon DataZone domain.", - "title": "Description", - "type": "string" - }, - "DomainExecutionRole": { - "markdownDescription": "The domain execution role that is created when an Amazon DataZone domain is created. The domain execution role is created in the AWS account that houses the Amazon DataZone domain.", - "title": "DomainExecutionRole", - "type": "string" - }, - "KmsKeyIdentifier": { - "markdownDescription": "The identifier of the AWS Key Management Service (KMS) key that is used to encrypt the Amazon DataZone domain, metadata, and reporting data.", - "title": "KmsKeyIdentifier", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the Amazon DataZone domain.", - "title": "Name", + "ControlIdentifier": { + "markdownDescription": "The ARN of the control. Only *Strongly recommended* and *Elective* controls are permitted, with the exception of the *Region deny* control. For information on how to find the `controlIdentifier` , see [the overview page](https://docs.aws.amazon.com//controltower/latest/APIReference/Welcome.html) .", + "title": "ControlIdentifier", "type": "string" }, - "SingleSignOn": { - "$ref": "#/definitions/AWS::DataZone::Domain.SingleSignOn", - "markdownDescription": "The single sign-on details in Amazon DataZone.", - "title": "SingleSignOn" + "Parameters": { + "items": { + "$ref": "#/definitions/AWS::ControlTower::EnabledControl.EnabledControlParameter" + }, + "markdownDescription": "Array of `EnabledControlParameter` objects.", + "title": "Parameters", + "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags specified for the Amazon DataZone domain.", + "markdownDescription": "", "title": "Tags", "type": "array" + }, + "TargetIdentifier": { + "markdownDescription": "The ARN of the organizational unit. For information on how to find the `targetIdentifier` , see [the overview page](https://docs.aws.amazon.com//controltower/latest/APIReference/Welcome.html) .", + "title": "TargetIdentifier", + "type": "string" } }, "required": [ - "DomainExecutionRole", - "Name" + "ControlIdentifier", + "TargetIdentifier" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataZone::Domain" + "AWS::ControlTower::EnabledControl" ], "type": "string" }, @@ -63900,23 +69395,27 @@ ], "type": "object" }, - "AWS::DataZone::Domain.SingleSignOn": { + "AWS::ControlTower::EnabledControl.EnabledControlParameter": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The type of single sign-on in Amazon DataZone.", - "title": "Type", + "Key": { + "markdownDescription": "The key of a key/value pair. It is of type `string` .", + "title": "Key", "type": "string" }, - "UserAssignment": { - "markdownDescription": "The single sign-on user assignment in Amazon DataZone.", - "title": "UserAssignment", - "type": "string" + "Value": { + "markdownDescription": "The value of a key/value pair. It can be of type `array` , `string` , `number` , `object` , or `boolean` . [Note: The *Type* field that follows may show a single type such as Number, which is only one possible type.]", + "title": "Value", + "type": "object" } }, + "required": [ + "Key", + "Value" + ], "type": "object" }, - "AWS::DataZone::Environment": { + "AWS::ControlTower::LandingZone": { "additionalProperties": false, "properties": { "Condition": { @@ -63951,59 +69450,34 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the environment.", - "title": "Description", - "type": "string" - }, - "DomainIdentifier": { - "markdownDescription": "The identifier of the Amazon DataZone domain in which the environment is created.", - "title": "DomainIdentifier", - "type": "string" - }, - "EnvironmentProfileIdentifier": { - "markdownDescription": "The identifier of the environment profile that is used to create this Amazon DataZone environment.", - "title": "EnvironmentProfileIdentifier", - "type": "string" + "Manifest": { + "markdownDescription": "The landing zone manifest JSON text file that specifies the landing zone configurations.", + "title": "Manifest", + "type": "object" }, - "GlossaryTerms": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The glossary terms that can be used in this Amazon DataZone environment.", - "title": "GlossaryTerms", + "markdownDescription": "Tags to be applied to the landing zone.", + "title": "Tags", "type": "array" }, - "Name": { - "markdownDescription": "The name of the Amazon DataZone environment.", - "title": "Name", - "type": "string" - }, - "ProjectIdentifier": { - "markdownDescription": "The identifier of the Amazon DataZone project in which this environment is created.", - "title": "ProjectIdentifier", + "Version": { + "markdownDescription": "The landing zone's current deployed version.", + "title": "Version", "type": "string" - }, - "UserParameters": { - "items": { - "$ref": "#/definitions/AWS::DataZone::Environment.EnvironmentParameter" - }, - "markdownDescription": "The user parameters of this Amazon DataZone environment.", - "title": "UserParameters", - "type": "array" } }, "required": [ - "DomainIdentifier", - "EnvironmentProfileIdentifier", - "Name", - "ProjectIdentifier" + "Manifest", + "Version" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataZone::Environment" + "AWS::ControlTower::LandingZone" ], "type": "string" }, @@ -64022,23 +69496,7 @@ ], "type": "object" }, - "AWS::DataZone::Environment.EnvironmentParameter": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the environment parameter.", - "title": "Name", - "type": "string" - }, - "Value": { - "markdownDescription": "The value of the environment parameter.", - "title": "Value", - "type": "string" - } - }, - "type": "object" - }, - "AWS::DataZone::EnvironmentBlueprintConfiguration": { + "AWS::CustomerProfiles::CalculatedAttributeDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -64073,53 +69531,66 @@ "Properties": { "additionalProperties": false, "properties": { - "DomainIdentifier": { - "markdownDescription": "The identifier of the Amazon DataZone domain in which an environment blueprint exists.", - "title": "DomainIdentifier", + "AttributeDetails": { + "$ref": "#/definitions/AWS::CustomerProfiles::CalculatedAttributeDefinition.AttributeDetails", + "markdownDescription": "Mathematical expression and a list of attribute items specified in that expression.", + "title": "AttributeDetails" + }, + "CalculatedAttributeName": { + "markdownDescription": "The name of an attribute defined in a profile object type.", + "title": "CalculatedAttributeName", "type": "string" }, - "EnabledRegions": { - "items": { - "type": "string" - }, - "markdownDescription": "The enabled AWS Regions specified in a blueprint configuration.", - "title": "EnabledRegions", - "type": "array" + "Conditions": { + "$ref": "#/definitions/AWS::CustomerProfiles::CalculatedAttributeDefinition.Conditions", + "markdownDescription": "The conditions including range, object count, and threshold for the calculated attribute.", + "title": "Conditions" }, - "EnvironmentBlueprintIdentifier": { - "markdownDescription": "The identifier of the environment blueprint.\n\nIn the current release, only the following values are supported: `DefaultDataLake` and `DefaultDataWarehouse` .", - "title": "EnvironmentBlueprintIdentifier", + "Description": { + "markdownDescription": "The description of the calculated attribute.", + "title": "Description", "type": "string" }, - "ManageAccessRoleArn": { - "markdownDescription": "The ARN of the manage access role.", - "title": "ManageAccessRoleArn", + "DisplayName": { + "markdownDescription": "The display name of the calculated attribute.", + "title": "DisplayName", "type": "string" }, - "ProvisioningRoleArn": { - "markdownDescription": "The ARN of the provisioning role.", - "title": "ProvisioningRoleArn", + "DomainName": { + "markdownDescription": "The unique name of the domain.", + "title": "DomainName", "type": "string" }, - "RegionalParameters": { + "Statistic": { + "markdownDescription": "The aggregation operation to perform for the calculated attribute.", + "title": "Statistic", + "type": "string" + }, + "Tags": { "items": { - "$ref": "#/definitions/AWS::DataZone::EnvironmentBlueprintConfiguration.RegionalParameter" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The regional parameters of the environment blueprint.", - "title": "RegionalParameters", + "markdownDescription": "An array of key-value pairs to apply to this resource.", + "title": "Tags", "type": "array" + }, + "UseHistoricalData": { + "markdownDescription": "Whether historical data ingested before the Calculated Attribute was created should be included in calculations.", + "title": "UseHistoricalData", + "type": "boolean" } }, "required": [ - "DomainIdentifier", - "EnabledRegions", - "EnvironmentBlueprintIdentifier" + "AttributeDetails", + "CalculatedAttributeName", + "DomainName", + "Statistic" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataZone::EnvironmentBlueprintConfiguration" + "AWS::CustomerProfiles::CalculatedAttributeDefinition" ], "type": "string" }, @@ -64138,29 +69609,155 @@ ], "type": "object" }, - "AWS::DataZone::EnvironmentBlueprintConfiguration.RegionalParameter": { + "AWS::CustomerProfiles::CalculatedAttributeDefinition.AttributeDetails": { "additionalProperties": false, "properties": { - "Parameters": { - "additionalProperties": true, - "markdownDescription": "A string to string map containing parameters for the region.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "Attributes": { + "items": { + "$ref": "#/definitions/AWS::CustomerProfiles::CalculatedAttributeDefinition.AttributeItem" }, - "title": "Parameters", - "type": "object" + "markdownDescription": "Mathematical expression and a list of attribute items specified in that expression.", + "title": "Attributes", + "type": "array" }, - "Region": { - "markdownDescription": "The region specified in the environment parameter.", - "title": "Region", + "Expression": { + "markdownDescription": "Mathematical expression that is performed on attribute items provided in the attribute list. Each element in the expression should follow the structure of \\\"{ObjectTypeName.AttributeName}\\\".", + "title": "Expression", "type": "string" } }, + "required": [ + "Attributes", + "Expression" + ], "type": "object" }, - "AWS::DataZone::EnvironmentProfile": { + "AWS::CustomerProfiles::CalculatedAttributeDefinition.AttributeItem": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The unique name of the calculated attribute.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::CustomerProfiles::CalculatedAttributeDefinition.Conditions": { + "additionalProperties": false, + "properties": { + "ObjectCount": { + "markdownDescription": "The number of profile objects used for the calculated attribute.", + "title": "ObjectCount", + "type": "number" + }, + "Range": { + "$ref": "#/definitions/AWS::CustomerProfiles::CalculatedAttributeDefinition.Range", + "markdownDescription": "The relative time period over which data is included in the aggregation.", + "title": "Range" + }, + "Threshold": { + "$ref": "#/definitions/AWS::CustomerProfiles::CalculatedAttributeDefinition.Threshold", + "markdownDescription": "The threshold for the calculated attribute.", + "title": "Threshold" + } + }, + "type": "object" + }, + "AWS::CustomerProfiles::CalculatedAttributeDefinition.Range": { + "additionalProperties": false, + "properties": { + "TimestampFormat": { + "markdownDescription": "The format the timestamp field in your JSON object is specified. This value should be one of EPOCHMILLI (for Unix epoch timestamps with second/millisecond level precision) or ISO_8601 (following ISO_8601 format with second/millisecond level precision, with an optional offset of Z or in the format HH:MM or HHMM.). E.g. if your object type is MyType and source JSON is {\"generatedAt\": {\"timestamp\": \"2001-07-04T12:08:56.235-0700\"}}, then TimestampFormat should be \"ISO_8601\"", + "title": "TimestampFormat", + "type": "string" + }, + "TimestampSource": { + "markdownDescription": "An expression specifying the field in your JSON object from which the date should be parsed. The expression should follow the structure of \\\"{ObjectTypeName.}\\\". E.g. if your object type is MyType and source JSON is {\"generatedAt\": {\"timestamp\": \"1737587945945\"}}, then TimestampSource should be \"{MyType.generatedAt.timestamp}\"", + "title": "TimestampSource", + "type": "string" + }, + "Unit": { + "markdownDescription": "The unit of time.", + "title": "Unit", + "type": "string" + }, + "Value": { + "markdownDescription": "The amount of time of the specified unit.", + "title": "Value", + "type": "number" + }, + "ValueRange": { + "$ref": "#/definitions/AWS::CustomerProfiles::CalculatedAttributeDefinition.ValueRange", + "markdownDescription": "A structure letting customers specify a relative time window over which over which data is included in the Calculated Attribute. Use positive numbers to indicate that the endpoint is in the past, and negative numbers to indicate it is in the future. ValueRange overrides Value.", + "title": "ValueRange" + } + }, + "required": [ + "Unit" + ], + "type": "object" + }, + "AWS::CustomerProfiles::CalculatedAttributeDefinition.Readiness": { + "additionalProperties": false, + "properties": { + "Message": { + "markdownDescription": "Any customer messaging.", + "title": "Message", + "type": "string" + }, + "ProgressPercentage": { + "markdownDescription": "Approximately how far the Calculated Attribute creation is from completion.", + "title": "ProgressPercentage", + "type": "number" + } + }, + "type": "object" + }, + "AWS::CustomerProfiles::CalculatedAttributeDefinition.Threshold": { + "additionalProperties": false, + "properties": { + "Operator": { + "markdownDescription": "The operator of the threshold.", + "title": "Operator", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the threshold.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Operator", + "Value" + ], + "type": "object" + }, + "AWS::CustomerProfiles::CalculatedAttributeDefinition.ValueRange": { + "additionalProperties": false, + "properties": { + "End": { + "markdownDescription": "The ending point for this overridden range. Positive numbers indicate how many days in the past data should be included, and negative numbers indicate how many days in the future.", + "title": "End", + "type": "number" + }, + "Start": { + "markdownDescription": "The starting point for this overridden range. Positive numbers indicate how many days in the past data should be included, and negative numbers indicate how many days in the future.", + "title": "Start", + "type": "number" + } + }, + "required": [ + "End", + "Start" + ], + "type": "object" + }, + "AWS::CustomerProfiles::Domain": { "additionalProperties": false, "properties": { "Condition": { @@ -64195,63 +69792,54 @@ "Properties": { "additionalProperties": false, "properties": { - "AwsAccountId": { - "markdownDescription": "The identifier of an AWS account in which an environment profile exists.", - "title": "AwsAccountId", - "type": "string" - }, - "AwsAccountRegion": { - "markdownDescription": "The AWS Region in which an environment profile exists.", - "title": "AwsAccountRegion", + "DeadLetterQueueUrl": { + "markdownDescription": "The URL of the SQS dead letter queue, which is used for reporting errors associated with ingesting data from third party applications. You must set up a policy on the `DeadLetterQueue` for the `SendMessage` operation to enable Amazon Connect Customer Profiles to send messages to the `DeadLetterQueue` .", + "title": "DeadLetterQueueUrl", "type": "string" }, - "Description": { - "markdownDescription": "The description of the environment profile.", - "title": "Description", + "DefaultEncryptionKey": { + "markdownDescription": "The default encryption key, which is an AWS managed key, is used when no specific type of encryption key is specified. It is used to encrypt all data before it is placed in permanent or semi-permanent storage.", + "title": "DefaultEncryptionKey", "type": "string" }, - "DomainIdentifier": { - "markdownDescription": "The identifier of the Amazon DataZone domain in which the environment profile exists.", - "title": "DomainIdentifier", - "type": "string" + "DefaultExpirationDays": { + "markdownDescription": "The default number of days until the data within the domain expires.", + "title": "DefaultExpirationDays", + "type": "number" }, - "EnvironmentBlueprintIdentifier": { - "markdownDescription": "The identifier of a blueprint with which an environment profile is created.", - "title": "EnvironmentBlueprintIdentifier", + "DomainName": { + "markdownDescription": "The unique name of the domain.", + "title": "DomainName", "type": "string" }, - "Name": { - "markdownDescription": "The name of the environment profile.", - "title": "Name", - "type": "string" + "Matching": { + "$ref": "#/definitions/AWS::CustomerProfiles::Domain.Matching", + "markdownDescription": "The process of matching duplicate profiles.", + "title": "Matching" }, - "ProjectIdentifier": { - "markdownDescription": "The identifier of a project in which an environment profile exists.", - "title": "ProjectIdentifier", - "type": "string" + "RuleBasedMatching": { + "$ref": "#/definitions/AWS::CustomerProfiles::Domain.RuleBasedMatching", + "markdownDescription": "The process of matching duplicate profiles using Rule-Based matching.", + "title": "RuleBasedMatching" }, - "UserParameters": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::DataZone::EnvironmentProfile.EnvironmentParameter" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The user parameters of this Amazon DataZone environment profile.", - "title": "UserParameters", + "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "title": "Tags", "type": "array" } }, "required": [ - "AwsAccountId", - "AwsAccountRegion", - "DomainIdentifier", - "EnvironmentBlueprintIdentifier", - "Name", - "ProjectIdentifier" + "DefaultExpirationDays", + "DomainName" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataZone::EnvironmentProfile" + "AWS::CustomerProfiles::Domain" ], "type": "string" }, @@ -64270,23 +69858,281 @@ ], "type": "object" }, - "AWS::DataZone::EnvironmentProfile.EnvironmentParameter": { + "AWS::CustomerProfiles::Domain.AttributeTypesSelector": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name specified in the environment parameter.", - "title": "Name", + "Address": { + "items": { + "type": "string" + }, + "markdownDescription": "The `Address` type. You can choose from `Address` , `BusinessAddress` , `MaillingAddress` , and `ShippingAddress` . You only can use the `Address` type in the `MatchingRule` . For example, if you want to match a profile based on `BusinessAddress.City` or `MaillingAddress.City` , you can choose the `BusinessAddress` and the `MaillingAddress` to represent the `Address` type and specify the `Address.City` on the matching rule.", + "title": "Address", + "type": "array" + }, + "AttributeMatchingModel": { + "markdownDescription": "Configures the `AttributeMatchingModel` , you can either choose `ONE_TO_ONE` or `MANY_TO_MANY` .", + "title": "AttributeMatchingModel", "type": "string" }, - "Value": { - "markdownDescription": "The value of the environment profile.", - "title": "Value", + "EmailAddress": { + "items": { + "type": "string" + }, + "markdownDescription": "The Email type. You can choose from `EmailAddress` , `BusinessEmailAddress` and `PersonalEmailAddress` . You only can use the `EmailAddress` type in the `MatchingRule` . For example, if you want to match profile based on `PersonalEmailAddress` or `BusinessEmailAddress` , you can choose the `PersonalEmailAddress` and the `BusinessEmailAddress` to represent the `EmailAddress` type and only specify the `EmailAddress` on the matching rule.", + "title": "EmailAddress", + "type": "array" + }, + "PhoneNumber": { + "items": { + "type": "string" + }, + "markdownDescription": "The `PhoneNumber` type. You can choose from `PhoneNumber` , `HomePhoneNumber` , and `MobilePhoneNumber` . You only can use the `PhoneNumber` type in the `MatchingRule` . For example, if you want to match a profile based on `Phone` or `HomePhone` , you can choose the `Phone` and the `HomePhone` to represent the `PhoneNumber` type and only specify the `PhoneNumber` on the matching rule.", + "title": "PhoneNumber", + "type": "array" + } + }, + "required": [ + "AttributeMatchingModel" + ], + "type": "object" + }, + "AWS::CustomerProfiles::Domain.AutoMerging": { + "additionalProperties": false, + "properties": { + "ConflictResolution": { + "$ref": "#/definitions/AWS::CustomerProfiles::Domain.ConflictResolution", + "markdownDescription": "Determines how the auto-merging process should resolve conflicts between different profiles. For example, if Profile A and Profile B have the same `FirstName` and `LastName` , `ConflictResolution` specifies which `EmailAddress` should be used.", + "title": "ConflictResolution" + }, + "Consolidation": { + "$ref": "#/definitions/AWS::CustomerProfiles::Domain.Consolidation", + "markdownDescription": "A list of matching attributes that represent matching criteria. If two profiles meet at least one of the requirements in the matching attributes list, they will be merged.", + "title": "Consolidation" + }, + "Enabled": { + "markdownDescription": "The flag that enables the auto-merging of duplicate profiles.", + "title": "Enabled", + "type": "boolean" + }, + "MinAllowedConfidenceScoreForMerging": { + "markdownDescription": "A number between 0 and 1 that represents the minimum confidence score required for profiles within a matching group to be merged during the auto-merge process. A higher score means that a higher similarity is required to merge profiles.", + "title": "MinAllowedConfidenceScoreForMerging", + "type": "number" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::CustomerProfiles::Domain.ConflictResolution": { + "additionalProperties": false, + "properties": { + "ConflictResolvingModel": { + "markdownDescription": "How the auto-merging process should resolve conflicts between different profiles.", + "title": "ConflictResolvingModel", + "type": "string" + }, + "SourceName": { + "markdownDescription": "The `ObjectType` name that is used to resolve profile merging conflicts when choosing `SOURCE` as the `ConflictResolvingModel` .", + "title": "SourceName", "type": "string" } }, + "required": [ + "ConflictResolvingModel" + ], "type": "object" }, - "AWS::DataZone::Project": { + "AWS::CustomerProfiles::Domain.Consolidation": { + "additionalProperties": false, + "properties": { + "MatchingAttributesList": { + "markdownDescription": "A list of matching criteria.", + "title": "MatchingAttributesList", + "type": "object" + } + }, + "required": [ + "MatchingAttributesList" + ], + "type": "object" + }, + "AWS::CustomerProfiles::Domain.DomainStats": { + "additionalProperties": false, + "properties": { + "MeteringProfileCount": { + "markdownDescription": "The number of profiles that you are currently paying for in the domain. If you have more than 100 objects associated with a single profile, that profile counts as two profiles. If you have more than 200 objects, that profile counts as three, and so on.", + "title": "MeteringProfileCount", + "type": "number" + }, + "ObjectCount": { + "markdownDescription": "The total number of objects in domain.", + "title": "ObjectCount", + "type": "number" + }, + "ProfileCount": { + "markdownDescription": "The total number of profiles currently in the domain.", + "title": "ProfileCount", + "type": "number" + }, + "TotalSize": { + "markdownDescription": "The total size, in bytes, of all objects in the domain.", + "title": "TotalSize", + "type": "number" + } + }, + "type": "object" + }, + "AWS::CustomerProfiles::Domain.ExportingConfig": { + "additionalProperties": false, + "properties": { + "S3Exporting": { + "$ref": "#/definitions/AWS::CustomerProfiles::Domain.S3ExportingConfig", + "markdownDescription": "", + "title": "S3Exporting" + } + }, + "type": "object" + }, + "AWS::CustomerProfiles::Domain.JobSchedule": { + "additionalProperties": false, + "properties": { + "DayOfTheWeek": { + "markdownDescription": "The day when the Identity Resolution Job should run every week.", + "title": "DayOfTheWeek", + "type": "string" + }, + "Time": { + "markdownDescription": "The time when the Identity Resolution Job should run every week.", + "title": "Time", + "type": "string" + } + }, + "required": [ + "DayOfTheWeek", + "Time" + ], + "type": "object" + }, + "AWS::CustomerProfiles::Domain.Matching": { + "additionalProperties": false, + "properties": { + "AutoMerging": { + "$ref": "#/definitions/AWS::CustomerProfiles::Domain.AutoMerging", + "markdownDescription": "Configuration information about the auto-merging process.", + "title": "AutoMerging" + }, + "Enabled": { + "markdownDescription": "The flag that enables the matching process of duplicate profiles.", + "title": "Enabled", + "type": "boolean" + }, + "ExportingConfig": { + "$ref": "#/definitions/AWS::CustomerProfiles::Domain.ExportingConfig", + "markdownDescription": "The S3 location where Identity Resolution Jobs write result files.", + "title": "ExportingConfig" + }, + "JobSchedule": { + "$ref": "#/definitions/AWS::CustomerProfiles::Domain.JobSchedule", + "markdownDescription": "The day and time when do you want to start the Identity Resolution Job every week.", + "title": "JobSchedule" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::CustomerProfiles::Domain.MatchingRule": { + "additionalProperties": false, + "properties": { + "Rule": { + "items": { + "type": "string" + }, + "markdownDescription": "A single rule level of the `MatchRules` . Configures how the rule-based matching process should match profiles.", + "title": "Rule", + "type": "array" + } + }, + "required": [ + "Rule" + ], + "type": "object" + }, + "AWS::CustomerProfiles::Domain.RuleBasedMatching": { + "additionalProperties": false, + "properties": { + "AttributeTypesSelector": { + "$ref": "#/definitions/AWS::CustomerProfiles::Domain.AttributeTypesSelector", + "markdownDescription": "Configures information about the `AttributeTypesSelector` where the rule-based identity resolution uses to match profiles.", + "title": "AttributeTypesSelector" + }, + "ConflictResolution": { + "$ref": "#/definitions/AWS::CustomerProfiles::Domain.ConflictResolution", + "markdownDescription": "Determines how the auto-merging process should resolve conflicts between different profiles. For example, if Profile A and Profile B have the same `FirstName` and `LastName` , `ConflictResolution` specifies which `EmailAddress` should be used.", + "title": "ConflictResolution" + }, + "Enabled": { + "markdownDescription": "The flag that enables the matching process of duplicate profiles.", + "title": "Enabled", + "type": "boolean" + }, + "ExportingConfig": { + "$ref": "#/definitions/AWS::CustomerProfiles::Domain.ExportingConfig", + "markdownDescription": "The S3 location where Identity Resolution Jobs write result files.", + "title": "ExportingConfig" + }, + "MatchingRules": { + "items": { + "$ref": "#/definitions/AWS::CustomerProfiles::Domain.MatchingRule" + }, + "markdownDescription": "Configures how the rule-based matching process should match profiles. You can have up to 15 `MatchingRule` in the `MatchingRules` .", + "title": "MatchingRules", + "type": "array" + }, + "MaxAllowedRuleLevelForMatching": { + "markdownDescription": "Indicates the maximum allowed rule level for matching.", + "title": "MaxAllowedRuleLevelForMatching", + "type": "number" + }, + "MaxAllowedRuleLevelForMerging": { + "markdownDescription": "Indicates the maximum allowed rule level for merging.", + "title": "MaxAllowedRuleLevelForMerging", + "type": "number" + }, + "Status": { + "markdownDescription": "The status of rule-based matching rule.", + "title": "Status", + "type": "string" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::CustomerProfiles::Domain.S3ExportingConfig": { + "additionalProperties": false, + "properties": { + "S3BucketName": { + "markdownDescription": "The name of the S3 bucket where Identity Resolution Jobs write result files.", + "title": "S3BucketName", + "type": "string" + }, + "S3KeyName": { + "markdownDescription": "The S3 key name of the location where Identity Resolution Jobs write result files.", + "title": "S3KeyName", + "type": "string" + } + }, + "required": [ + "S3BucketName" + ], + "type": "object" + }, + "AWS::CustomerProfiles::EventStream": { "additionalProperties": false, "properties": { "Condition": { @@ -64321,39 +70167,40 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of a project.", - "title": "Description", + "DomainName": { + "markdownDescription": "The unique name of the domain.", + "title": "DomainName", "type": "string" }, - "DomainIdentifier": { - "markdownDescription": "The identifier of a Amazon DataZone domain where the project exists.", - "title": "DomainIdentifier", + "EventStreamName": { + "markdownDescription": "The name of the event stream.", + "title": "EventStreamName", "type": "string" }, - "GlossaryTerms": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The glossary terms that can be used in this Amazon DataZone project.", - "title": "GlossaryTerms", + "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "title": "Tags", "type": "array" }, - "Name": { - "markdownDescription": "The name of a project.", - "title": "Name", + "Uri": { + "markdownDescription": "The StreamARN of the destination to deliver profile events to. For example, arn:aws:kinesis:region:account-id:stream/stream-name.", + "title": "Uri", "type": "string" } }, "required": [ - "DomainIdentifier", - "Name" + "DomainName", + "EventStreamName", + "Uri" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataZone::Project" + "AWS::CustomerProfiles::EventStream" ], "type": "string" }, @@ -64372,7 +70219,27 @@ ], "type": "object" }, - "AWS::DataZone::SubscriptionTarget": { + "AWS::CustomerProfiles::EventStream.DestinationDetails": { + "additionalProperties": false, + "properties": { + "Status": { + "markdownDescription": "The status of enabling the Kinesis stream as a destination for export.", + "title": "Status", + "type": "string" + }, + "Uri": { + "markdownDescription": "The StreamARN of the destination to deliver profile events to. For example, arn:aws:kinesis:region:account-id:stream/stream-name.", + "title": "Uri", + "type": "string" + } + }, + "required": [ + "Status", + "Uri" + ], + "type": "object" + }, + "AWS::CustomerProfiles::EventTrigger": { "additionalProperties": false, "properties": { "Condition": { @@ -64407,76 +70274,64 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicableAssetTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The asset types included in the subscription target.", - "title": "ApplicableAssetTypes", - "type": "array" + "Description": { + "markdownDescription": "The description of the event trigger.", + "title": "Description", + "type": "string" }, - "AuthorizedPrincipals": { + "DomainName": { + "markdownDescription": "The unique name of the domain.", + "title": "DomainName", + "type": "string" + }, + "EventTriggerConditions": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::CustomerProfiles::EventTrigger.EventTriggerCondition" }, - "markdownDescription": "The authorized principals included in the subscription target.", - "title": "AuthorizedPrincipals", + "markdownDescription": "A list of conditions that determine when an event should trigger the destination.", + "title": "EventTriggerConditions", "type": "array" }, - "DomainIdentifier": { - "markdownDescription": "The ID of the Amazon DataZone domain in which subscription target is created.", - "title": "DomainIdentifier", - "type": "string" - }, - "EnvironmentIdentifier": { - "markdownDescription": "The ID of the environment in which subscription target is created.", - "title": "EnvironmentIdentifier", - "type": "string" + "EventTriggerLimits": { + "$ref": "#/definitions/AWS::CustomerProfiles::EventTrigger.EventTriggerLimits", + "markdownDescription": "Defines limits controlling whether an event triggers the destination, based on ingestion latency and the number of invocations per profile over specific time periods.", + "title": "EventTriggerLimits" }, - "ManageAccessRole": { - "markdownDescription": "The manage access role that is used to create the subscription target.", - "title": "ManageAccessRole", + "EventTriggerName": { + "markdownDescription": "The unique name of the event trigger.", + "title": "EventTriggerName", "type": "string" }, - "Name": { - "markdownDescription": "The name of the subscription target.", - "title": "Name", + "ObjectTypeName": { + "markdownDescription": "The unique name of the object type.", + "title": "ObjectTypeName", "type": "string" }, - "Provider": { - "markdownDescription": "The provider of the subscription target.", - "title": "Provider", + "SegmentFilter": { + "markdownDescription": "The destination is triggered only for profiles that meet the criteria of a segment definition.", + "title": "SegmentFilter", "type": "string" }, - "SubscriptionTargetConfig": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::DataZone::SubscriptionTarget.SubscriptionTargetForm" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The configuration of the subscription target.", - "title": "SubscriptionTargetConfig", + "markdownDescription": "An array of key-value pairs to apply to this resource.", + "title": "Tags", "type": "array" - }, - "Type": { - "markdownDescription": "The type of the subscription target.", - "title": "Type", - "type": "string" } }, "required": [ - "ApplicableAssetTypes", - "AuthorizedPrincipals", - "DomainIdentifier", - "EnvironmentIdentifier", - "ManageAccessRole", - "Name", - "SubscriptionTargetConfig", - "Type" + "DomainName", + "EventTriggerConditions", + "EventTriggerName", + "ObjectTypeName" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataZone::SubscriptionTarget" + "AWS::CustomerProfiles::EventTrigger" ], "type": "string" }, @@ -64495,104 +70350,129 @@ ], "type": "object" }, - "AWS::DataZone::SubscriptionTarget.SubscriptionTargetForm": { + "AWS::CustomerProfiles::EventTrigger.EventTriggerCondition": { "additionalProperties": false, "properties": { - "Content": { - "markdownDescription": "The content of the subscription target configuration.", - "title": "Content", - "type": "string" + "EventTriggerDimensions": { + "items": { + "$ref": "#/definitions/AWS::CustomerProfiles::EventTrigger.EventTriggerDimension" + }, + "markdownDescription": "A list of dimensions to be evaluated for the event.", + "title": "EventTriggerDimensions", + "type": "array" }, - "FormName": { - "markdownDescription": "The form name included in the subscription target configuration.", - "title": "FormName", + "LogicalOperator": { + "markdownDescription": "The operator used to combine multiple dimensions.", + "title": "LogicalOperator", "type": "string" } }, "required": [ - "Content", - "FormName" + "EventTriggerDimensions", + "LogicalOperator" ], "type": "object" }, - "AWS::Deadline::Farm": { + "AWS::CustomerProfiles::EventTrigger.EventTriggerDimension": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "ObjectAttributes": { + "items": { + "$ref": "#/definitions/AWS::CustomerProfiles::EventTrigger.ObjectAttribute" + }, + "markdownDescription": "A list of object attributes to be evaluated.", + "title": "ObjectAttributes", + "type": "array" + } + }, + "required": [ + "ObjectAttributes" + ], + "type": "object" + }, + "AWS::CustomerProfiles::EventTrigger.EventTriggerLimits": { + "additionalProperties": false, + "properties": { + "EventExpiration": { + "markdownDescription": "Specifies that an event will only trigger the destination if it is processed within a certain latency period.", + "title": "EventExpiration", + "type": "number" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Periods": { + "items": { + "$ref": "#/definitions/AWS::CustomerProfiles::EventTrigger.Period" + }, + "markdownDescription": "A list of time periods during which the limits apply.", + "title": "Periods", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CustomerProfiles::EventTrigger.ObjectAttribute": { + "additionalProperties": false, + "properties": { + "ComparisonOperator": { + "markdownDescription": "The operator used to compare an attribute against a list of values.", + "title": "ComparisonOperator", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "FieldName": { + "markdownDescription": "A field defined within an object type.", + "title": "FieldName", + "type": "string" }, - "Metadata": { - "type": "object" + "Source": { + "markdownDescription": "An attribute contained within a source object.", + "title": "Source", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description of the farm that helps identify what the farm is used for.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", - "title": "Description", - "type": "string" - }, - "DisplayName": { - "markdownDescription": "The display name of the farm.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", - "title": "DisplayName", - "type": "string" - }, - "KmsKeyArn": { - "markdownDescription": "The ARN for the KMS key.", - "title": "KmsKeyArn", - "type": "string" - } + "Values": { + "items": { + "type": "string" }, - "required": [ - "DisplayName" - ], - "type": "object" + "markdownDescription": "The amount of time of the specified unit.", + "title": "Values", + "type": "array" + } + }, + "required": [ + "ComparisonOperator", + "Values" + ], + "type": "object" + }, + "AWS::CustomerProfiles::EventTrigger.Period": { + "additionalProperties": false, + "properties": { + "MaxInvocationsPerProfile": { + "markdownDescription": "The maximum allowed number of destination invocations per profile.", + "title": "MaxInvocationsPerProfile", + "type": "number" }, - "Type": { - "enum": [ - "AWS::Deadline::Farm" - ], + "Unit": { + "markdownDescription": "The unit of time.", + "title": "Unit", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Unlimited": { + "markdownDescription": "If set to true, there is no limit on the number of destination invocations per profile. The default is false.", + "title": "Unlimited", + "type": "boolean" + }, + "Value": { + "markdownDescription": "The amount of time of the specified unit.", + "title": "Value", + "type": "number" } }, "required": [ - "Type", - "Properties" + "Unit", + "Value" ], "type": "object" }, - "AWS::Deadline::Fleet": { + "AWS::CustomerProfiles::Integration": { "additionalProperties": false, "properties": { "Condition": { @@ -64627,53 +70507,59 @@ "Properties": { "additionalProperties": false, "properties": { - "Configuration": { - "$ref": "#/definitions/AWS::Deadline::Fleet.FleetConfiguration", - "markdownDescription": "The configuration details for the fleet.", - "title": "Configuration" - }, - "Description": { - "markdownDescription": "A description that helps identify what the fleet is used for.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", - "title": "Description", + "DomainName": { + "markdownDescription": "The unique name of the domain.", + "title": "DomainName", "type": "string" }, - "DisplayName": { - "markdownDescription": "The display name of the fleet summary to update.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", - "title": "DisplayName", - "type": "string" + "EventTriggerNames": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of unique names for active event triggers associated with the integration.", + "title": "EventTriggerNames", + "type": "array" }, - "FarmId": { - "markdownDescription": "The farm ID.", - "title": "FarmId", + "FlowDefinition": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.FlowDefinition", + "markdownDescription": "The configuration that controls how Customer Profiles retrieves data from the source.", + "title": "FlowDefinition" + }, + "ObjectTypeName": { + "markdownDescription": "The name of the profile object type mapping to use.", + "title": "ObjectTypeName", "type": "string" }, - "MaxWorkerCount": { - "markdownDescription": "The maximum number of workers specified in the fleet.", - "title": "MaxWorkerCount", - "type": "number" + "ObjectTypeNames": { + "items": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.ObjectTypeMapping" + }, + "markdownDescription": "The object type mapping.", + "title": "ObjectTypeNames", + "type": "array" }, - "MinWorkerCount": { - "markdownDescription": "The minimum number of workers in the fleet.", - "title": "MinWorkerCount", - "type": "number" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "title": "Tags", + "type": "array" }, - "RoleArn": { - "markdownDescription": "The IAM role that workers in the fleet use when processing jobs.", - "title": "RoleArn", + "Uri": { + "markdownDescription": "The URI of the S3 bucket or any other type of data source.", + "title": "Uri", "type": "string" } }, "required": [ - "Configuration", - "DisplayName", - "MaxWorkerCount", - "RoleArn" + "DomainName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Deadline::Fleet" + "AWS::CustomerProfiles::Integration" ], "type": "string" }, @@ -64692,384 +70578,396 @@ ], "type": "object" }, - "AWS::Deadline::Fleet.AcceleratorCountRange": { + "AWS::CustomerProfiles::Integration.ConnectorOperator": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum number of GPU accelerators in the worker host.", - "title": "Max", - "type": "number" + "Marketo": { + "markdownDescription": "The operation to be performed on the provided Marketo source fields.", + "title": "Marketo", + "type": "string" }, - "Min": { - "markdownDescription": "The minimum number of GPU accelerators in the worker host.", - "title": "Min", - "type": "number" - } - }, - "required": [ - "Min" - ], - "type": "object" - }, - "AWS::Deadline::Fleet.AcceleratorTotalMemoryMiBRange": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum amount of memory to use for the accelerator, measured in MiB.", - "title": "Max", - "type": "number" + "S3": { + "markdownDescription": "The operation to be performed on the provided Amazon S3 source fields.", + "title": "S3", + "type": "string" }, - "Min": { - "markdownDescription": "The minimum amount of memory to use for the accelerator, measured in MiB.", - "title": "Min", - "type": "number" - } - }, - "required": [ - "Min" - ], - "type": "object" - }, - "AWS::Deadline::Fleet.CustomerManagedFleetConfiguration": { - "additionalProperties": false, - "properties": { - "Mode": { - "markdownDescription": "The AWS Auto Scaling mode for the customer managed fleet configuration.", - "title": "Mode", + "Salesforce": { + "markdownDescription": "The operation to be performed on the provided Salesforce source fields.", + "title": "Salesforce", "type": "string" }, - "StorageProfileId": { - "markdownDescription": "The storage profile ID.", - "title": "StorageProfileId", + "ServiceNow": { + "markdownDescription": "The operation to be performed on the provided ServiceNow source fields.", + "title": "ServiceNow", "type": "string" }, - "WorkerCapabilities": { - "$ref": "#/definitions/AWS::Deadline::Fleet.CustomerManagedWorkerCapabilities", - "markdownDescription": "The worker capabilities for a customer managed fleet configuration.", - "title": "WorkerCapabilities" + "Zendesk": { + "markdownDescription": "The operation to be performed on the provided Zendesk source fields.", + "title": "Zendesk", + "type": "string" } }, - "required": [ - "Mode", - "WorkerCapabilities" - ], "type": "object" }, - "AWS::Deadline::Fleet.CustomerManagedWorkerCapabilities": { + "AWS::CustomerProfiles::Integration.FlowDefinition": { "additionalProperties": false, "properties": { - "AcceleratorCount": { - "$ref": "#/definitions/AWS::Deadline::Fleet.AcceleratorCountRange", - "markdownDescription": "The range of the accelerator.", - "title": "AcceleratorCount" - }, - "AcceleratorTotalMemoryMiB": { - "$ref": "#/definitions/AWS::Deadline::Fleet.AcceleratorTotalMemoryMiBRange", - "markdownDescription": "The total memory (MiB) for the customer managed worker capabilities.", - "title": "AcceleratorTotalMemoryMiB" + "Description": { + "markdownDescription": "A description of the flow you want to create.", + "title": "Description", + "type": "string" }, - "AcceleratorTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The accelerator types for the customer managed worker capabilities.", - "title": "AcceleratorTypes", - "type": "array" + "FlowName": { + "markdownDescription": "The specified name of the flow. Use underscores (_) or hyphens (-) only. Spaces are not allowed.", + "title": "FlowName", + "type": "string" }, - "CpuArchitectureType": { - "markdownDescription": "The CPU architecture type for the customer managed worker capabilities.", - "title": "CpuArchitectureType", + "KmsArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) key you provide for encryption.", + "title": "KmsArn", "type": "string" }, - "CustomAmounts": { - "items": { - "$ref": "#/definitions/AWS::Deadline::Fleet.FleetAmountCapability" - }, - "markdownDescription": "Custom requirement ranges for customer managed worker capabilities.", - "title": "CustomAmounts", - "type": "array" + "SourceFlowConfig": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.SourceFlowConfig", + "markdownDescription": "The configuration that controls how Customer Profiles retrieves data from the source.", + "title": "SourceFlowConfig" }, - "CustomAttributes": { + "Tasks": { "items": { - "$ref": "#/definitions/AWS::Deadline::Fleet.FleetAttributeCapability" + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.Task" }, - "markdownDescription": "Custom attributes for the customer manged worker capabilities.", - "title": "CustomAttributes", + "markdownDescription": "A list of tasks that Customer Profiles performs while transferring the data in the flow run.", + "title": "Tasks", "type": "array" }, - "MemoryMiB": { - "$ref": "#/definitions/AWS::Deadline::Fleet.MemoryMiBRange", - "markdownDescription": "The memory (MiB).", - "title": "MemoryMiB" - }, - "OsFamily": { - "markdownDescription": "The operating system (OS) family.", - "title": "OsFamily", - "type": "string" - }, - "VCpuCount": { - "$ref": "#/definitions/AWS::Deadline::Fleet.VCpuCountRange", - "markdownDescription": "The vCPU count for the customer manged worker capabilities.", - "title": "VCpuCount" + "TriggerConfig": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.TriggerConfig", + "markdownDescription": "The trigger settings that determine how and when the flow runs.", + "title": "TriggerConfig" } }, "required": [ - "CpuArchitectureType", - "MemoryMiB", - "OsFamily", - "VCpuCount" + "FlowName", + "KmsArn", + "SourceFlowConfig", + "Tasks", + "TriggerConfig" ], "type": "object" }, - "AWS::Deadline::Fleet.Ec2EbsVolume": { + "AWS::CustomerProfiles::Integration.IncrementalPullConfig": { "additionalProperties": false, "properties": { - "Iops": { - "markdownDescription": "The IOPS per volume.", - "title": "Iops", - "type": "number" - }, - "SizeGiB": { - "markdownDescription": "The EBS volume size in GiB.", - "title": "SizeGiB", - "type": "number" - }, - "ThroughputMiB": { - "markdownDescription": "The throughput per volume in MiB.", - "title": "ThroughputMiB", - "type": "number" + "DatetimeTypeFieldName": { + "markdownDescription": "A field that specifies the date time or timestamp field as the criteria to use when importing incremental records from the source.", + "title": "DatetimeTypeFieldName", + "type": "string" } }, "type": "object" }, - "AWS::Deadline::Fleet.FleetAmountCapability": { + "AWS::CustomerProfiles::Integration.MarketoSourceProperties": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum amount of the fleet worker capability.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum amount of fleet worker capability.", - "title": "Min", - "type": "number" - }, - "Name": { - "markdownDescription": "The name of the fleet capability.", - "title": "Name", + "Object": { + "markdownDescription": "The object specified in the Marketo flow source.", + "title": "Object", "type": "string" } }, "required": [ - "Min", - "Name" + "Object" ], "type": "object" }, - "AWS::Deadline::Fleet.FleetAttributeCapability": { + "AWS::CustomerProfiles::Integration.ObjectTypeMapping": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the fleet attribute capability for the worker.", - "title": "Name", + "Key": { + "markdownDescription": "The key.", + "title": "Key", "type": "string" }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The number of fleet attribute capabilities.", - "title": "Values", - "type": "array" + "Value": { + "markdownDescription": "The value.", + "title": "Value", + "type": "string" } }, "required": [ - "Name", - "Values" + "Key", + "Value" ], "type": "object" }, - "AWS::Deadline::Fleet.FleetCapabilities": { + "AWS::CustomerProfiles::Integration.S3SourceProperties": { "additionalProperties": false, "properties": { - "Amounts": { - "items": { - "$ref": "#/definitions/AWS::Deadline::Fleet.FleetAmountCapability" - }, - "markdownDescription": "Amount capabilities of the fleet.", - "title": "Amounts", - "type": "array" + "BucketName": { + "markdownDescription": "The Amazon S3 bucket name where the source files are stored.", + "title": "BucketName", + "type": "string" }, - "Attributes": { - "items": { - "$ref": "#/definitions/AWS::Deadline::Fleet.FleetAttributeCapability" - }, - "markdownDescription": "Attribute capabilities of the fleet.", - "title": "Attributes", - "type": "array" + "BucketPrefix": { + "markdownDescription": "The object key for the Amazon S3 bucket in which the source files are stored.", + "title": "BucketPrefix", + "type": "string" } }, + "required": [ + "BucketName" + ], "type": "object" }, - "AWS::Deadline::Fleet.FleetConfiguration": { + "AWS::CustomerProfiles::Integration.SalesforceSourceProperties": { "additionalProperties": false, "properties": { - "CustomerManaged": { - "$ref": "#/definitions/AWS::Deadline::Fleet.CustomerManagedFleetConfiguration", - "markdownDescription": "The customer managed fleets within a fleet configuration.", - "title": "CustomerManaged" + "EnableDynamicFieldUpdate": { + "markdownDescription": "The flag that enables dynamic fetching of new (recently added) fields in the Salesforce objects while running a flow.", + "title": "EnableDynamicFieldUpdate", + "type": "boolean" }, - "ServiceManagedEc2": { - "$ref": "#/definitions/AWS::Deadline::Fleet.ServiceManagedEc2FleetConfiguration", - "markdownDescription": "The service managed Amazon EC2 instances for a fleet configuration.", - "title": "ServiceManagedEc2" + "IncludeDeletedRecords": { + "markdownDescription": "Indicates whether Amazon AppFlow includes deleted files in the flow run.", + "title": "IncludeDeletedRecords", + "type": "boolean" + }, + "Object": { + "markdownDescription": "The object specified in the Salesforce flow source.", + "title": "Object", + "type": "string" } }, + "required": [ + "Object" + ], "type": "object" }, - "AWS::Deadline::Fleet.MemoryMiBRange": { + "AWS::CustomerProfiles::Integration.ScheduledTriggerProperties": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum amount of memory (in MiB).", - "title": "Max", + "DataPullMode": { + "markdownDescription": "Specifies whether a scheduled flow has an incremental data transfer or a complete data transfer for each flow run.", + "title": "DataPullMode", + "type": "string" + }, + "FirstExecutionFrom": { + "markdownDescription": "Specifies the date range for the records to import from the connector in the first flow run.", + "title": "FirstExecutionFrom", "type": "number" }, - "Min": { - "markdownDescription": "The minimum amount of memory (in MiB).", - "title": "Min", + "ScheduleEndTime": { + "markdownDescription": "Specifies the scheduled end time for a scheduled-trigger flow.", + "title": "ScheduleEndTime", + "type": "number" + }, + "ScheduleExpression": { + "markdownDescription": "The scheduling expression that determines the rate at which the schedule will run, for example rate (5 minutes).", + "title": "ScheduleExpression", + "type": "string" + }, + "ScheduleOffset": { + "markdownDescription": "Specifies the optional offset that is added to the time interval for a schedule-triggered flow.", + "title": "ScheduleOffset", + "type": "number" + }, + "ScheduleStartTime": { + "markdownDescription": "Specifies the scheduled start time for a scheduled-trigger flow. The value must be a date/time value in EPOCH format.", + "title": "ScheduleStartTime", "type": "number" + }, + "Timezone": { + "markdownDescription": "Specifies the time zone used when referring to the date and time of a scheduled-triggered flow, such as America/New_York.", + "title": "Timezone", + "type": "string" } }, "required": [ - "Min" + "ScheduleExpression" ], "type": "object" }, - "AWS::Deadline::Fleet.ServiceManagedEc2FleetConfiguration": { + "AWS::CustomerProfiles::Integration.ServiceNowSourceProperties": { "additionalProperties": false, "properties": { - "InstanceCapabilities": { - "$ref": "#/definitions/AWS::Deadline::Fleet.ServiceManagedEc2InstanceCapabilities", - "markdownDescription": "The Amazon EC2 instance capabilities.", - "title": "InstanceCapabilities" - }, - "InstanceMarketOptions": { - "$ref": "#/definitions/AWS::Deadline::Fleet.ServiceManagedEc2InstanceMarketOptions", - "markdownDescription": "The Amazon EC2 market type.", - "title": "InstanceMarketOptions" + "Object": { + "markdownDescription": "The object specified in the ServiceNow flow source.", + "title": "Object", + "type": "string" } }, "required": [ - "InstanceCapabilities", - "InstanceMarketOptions" + "Object" ], "type": "object" }, - "AWS::Deadline::Fleet.ServiceManagedEc2InstanceCapabilities": { + "AWS::CustomerProfiles::Integration.SourceConnectorProperties": { "additionalProperties": false, "properties": { - "AllowedInstanceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The allowable Amazon EC2 instance types.", - "title": "AllowedInstanceTypes", - "type": "array" + "Marketo": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.MarketoSourceProperties", + "markdownDescription": "The properties that are applied when Marketo is being used as a source.", + "title": "Marketo" }, - "CpuArchitectureType": { - "markdownDescription": "The CPU architecture type.", - "title": "CpuArchitectureType", + "S3": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.S3SourceProperties", + "markdownDescription": "The properties that are applied when Amazon S3 is being used as the flow source.", + "title": "S3" + }, + "Salesforce": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.SalesforceSourceProperties", + "markdownDescription": "The properties that are applied when Salesforce is being used as a source.", + "title": "Salesforce" + }, + "ServiceNow": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.ServiceNowSourceProperties", + "markdownDescription": "The properties that are applied when ServiceNow is being used as a source.", + "title": "ServiceNow" + }, + "Zendesk": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.ZendeskSourceProperties", + "markdownDescription": "The properties that are applied when using Zendesk as a flow source.", + "title": "Zendesk" + } + }, + "type": "object" + }, + "AWS::CustomerProfiles::Integration.SourceFlowConfig": { + "additionalProperties": false, + "properties": { + "ConnectorProfileName": { + "markdownDescription": "The name of the Amazon AppFlow connector profile. This name must be unique for each connector profile in the AWS account .", + "title": "ConnectorProfileName", "type": "string" }, - "CustomAmounts": { - "items": { - "$ref": "#/definitions/AWS::Deadline::Fleet.FleetAmountCapability" - }, - "markdownDescription": "The custom capability amounts to require for instances in this fleet.", - "title": "CustomAmounts", - "type": "array" + "ConnectorType": { + "markdownDescription": "The type of connector, such as Salesforce, Marketo, and so on.", + "title": "ConnectorType", + "type": "string" }, - "CustomAttributes": { + "IncrementalPullConfig": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.IncrementalPullConfig", + "markdownDescription": "Defines the configuration for a scheduled incremental data pull. If a valid configuration is provided, the fields specified in the configuration are used when querying for the incremental data pull.", + "title": "IncrementalPullConfig" + }, + "SourceConnectorProperties": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.SourceConnectorProperties", + "markdownDescription": "Specifies the information that is required to query a particular source connector.", + "title": "SourceConnectorProperties" + } + }, + "required": [ + "ConnectorType", + "SourceConnectorProperties" + ], + "type": "object" + }, + "AWS::CustomerProfiles::Integration.Task": { + "additionalProperties": false, + "properties": { + "ConnectorOperator": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.ConnectorOperator", + "markdownDescription": "The operation to be performed on the provided source fields.", + "title": "ConnectorOperator" + }, + "DestinationField": { + "markdownDescription": "A field in a destination connector, or a field value against which Amazon AppFlow validates a source field.", + "title": "DestinationField", + "type": "string" + }, + "SourceFields": { "items": { - "$ref": "#/definitions/AWS::Deadline::Fleet.FleetAttributeCapability" + "type": "string" }, - "markdownDescription": "The custom capability attributes to require for instances in this fleet.", - "title": "CustomAttributes", + "markdownDescription": "The source fields to which a particular task is applied.", + "title": "SourceFields", "type": "array" }, - "ExcludedInstanceTypes": { + "TaskProperties": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.TaskPropertiesMap" }, - "markdownDescription": "The instance types to exclude from the fleet.", - "title": "ExcludedInstanceTypes", + "markdownDescription": "A map used to store task-related information. The service looks for particular information based on the TaskType.", + "title": "TaskProperties", "type": "array" }, - "MemoryMiB": { - "$ref": "#/definitions/AWS::Deadline::Fleet.MemoryMiBRange", - "markdownDescription": "The memory, as MiB, for the Amazon EC2 instance type.", - "title": "MemoryMiB" - }, - "OsFamily": { - "markdownDescription": "The operating system (OS) family.", - "title": "OsFamily", + "TaskType": { + "markdownDescription": "Specifies the particular task implementation that Amazon AppFlow performs.", + "title": "TaskType", "type": "string" - }, - "RootEbsVolume": { - "$ref": "#/definitions/AWS::Deadline::Fleet.Ec2EbsVolume", - "markdownDescription": "The root EBS volume.", - "title": "RootEbsVolume" - }, - "VCpuCount": { - "$ref": "#/definitions/AWS::Deadline::Fleet.VCpuCountRange", - "markdownDescription": "The amount of vCPU to require for instances in this fleet.", - "title": "VCpuCount" } }, "required": [ - "CpuArchitectureType", - "MemoryMiB", - "OsFamily", - "VCpuCount" + "SourceFields", + "TaskType" ], "type": "object" }, - "AWS::Deadline::Fleet.ServiceManagedEc2InstanceMarketOptions": { + "AWS::CustomerProfiles::Integration.TaskPropertiesMap": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The Amazon EC2 instance type.", - "title": "Type", + "OperatorPropertyKey": { + "markdownDescription": "The task property key.", + "title": "OperatorPropertyKey", + "type": "string" + }, + "Property": { + "markdownDescription": "The task property value.", + "title": "Property", "type": "string" } }, "required": [ - "Type" + "OperatorPropertyKey", + "Property" ], "type": "object" }, - "AWS::Deadline::Fleet.VCpuCountRange": { + "AWS::CustomerProfiles::Integration.TriggerConfig": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum amount of vCPU.", - "title": "Max", - "type": "number" + "TriggerProperties": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.TriggerProperties", + "markdownDescription": "Specifies the configuration details of a schedule-triggered flow that you define. Currently, these settings only apply to the Scheduled trigger type.", + "title": "TriggerProperties" }, - "Min": { - "markdownDescription": "The minimum amount of vCPU.", - "title": "Min", - "type": "number" + "TriggerType": { + "markdownDescription": "Specifies the type of flow trigger. It can be OnDemand, Scheduled, or Event.", + "title": "TriggerType", + "type": "string" } }, "required": [ - "Min" + "TriggerType" ], "type": "object" }, - "AWS::Deadline::LicenseEndpoint": { + "AWS::CustomerProfiles::Integration.TriggerProperties": { + "additionalProperties": false, + "properties": { + "Scheduled": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.ScheduledTriggerProperties", + "markdownDescription": "Specifies the configuration details of a schedule-triggered flow that you define.", + "title": "Scheduled" + } + }, + "type": "object" + }, + "AWS::CustomerProfiles::Integration.ZendeskSourceProperties": { + "additionalProperties": false, + "properties": { + "Object": { + "markdownDescription": "The object specified in the Zendesk flow source.", + "title": "Object", + "type": "string" + } + }, + "required": [ + "Object" + ], + "type": "object" + }, + "AWS::CustomerProfiles::ObjectType": { "additionalProperties": false, "properties": { "Condition": { @@ -65104,38 +71002,86 @@ "Properties": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { + "AllowProfileCreation": { + "markdownDescription": "Indicates whether a profile should be created when data is received if one doesn\u2019t exist for an object of this type. The default is `FALSE` . If the AllowProfileCreation flag is set to `FALSE` , then the service tries to fetch a standard profile and associate this object with the profile. If it is set to `TRUE` , and if no match is found, then the service creates a new standard profile.", + "title": "AllowProfileCreation", + "type": "boolean" + }, + "Description": { + "markdownDescription": "The description of the profile object type mapping.", + "title": "Description", + "type": "string" + }, + "DomainName": { + "markdownDescription": "The unique name of the domain.", + "title": "DomainName", + "type": "string" + }, + "EncryptionKey": { + "markdownDescription": "The customer-provided key to encrypt the profile object that will be created in this profile object type mapping. If not specified the system will use the encryption key of the domain.", + "title": "EncryptionKey", + "type": "string" + }, + "ExpirationDays": { + "markdownDescription": "The number of days until the data of this type expires.", + "title": "ExpirationDays", + "type": "number" + }, + "Fields": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::CustomerProfiles::ObjectType.FieldMap" }, - "markdownDescription": "The identifier of the Amazon EC2 security group that controls access to the license endpoint.", - "title": "SecurityGroupIds", + "markdownDescription": "A list of field definitions for the object type mapping.", + "title": "Fields", "type": "array" }, - "SubnetIds": { + "Keys": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::CustomerProfiles::ObjectType.KeyMap" }, - "markdownDescription": "Identifies the VPC subnets that can connect to a license endpoint.", - "title": "SubnetIds", + "markdownDescription": "A list of keys that can be used to map data to the profile or search for the profile.", + "title": "Keys", "type": "array" }, - "VpcId": { - "markdownDescription": "The VCP(virtual private cloud) ID associated with the license endpoint.", - "title": "VpcId", + "MaxProfileObjectCount": { + "markdownDescription": "The amount of profile object max count assigned to the object type.", + "title": "MaxProfileObjectCount", + "type": "number" + }, + "ObjectTypeName": { + "markdownDescription": "The name of the profile object type.", + "title": "ObjectTypeName", + "type": "string" + }, + "SourceLastUpdatedTimestampFormat": { + "markdownDescription": "The format of your sourceLastUpdatedTimestamp that was previously set up.", + "title": "SourceLastUpdatedTimestampFormat", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "title": "Tags", + "type": "array" + }, + "TemplateId": { + "markdownDescription": "A unique identifier for the template mapping. This can be used instead of specifying the Keys and Fields properties directly.", + "title": "TemplateId", "type": "string" } }, "required": [ - "SecurityGroupIds", - "SubnetIds", - "VpcId" + "Description", + "DomainName", + "ObjectTypeName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Deadline::LicenseEndpoint" + "AWS::CustomerProfiles::ObjectType" ], "type": "string" }, @@ -65154,84 +71100,85 @@ ], "type": "object" }, - "AWS::Deadline::MeteredProduct": { + "AWS::CustomerProfiles::ObjectType.FieldMap": { "additionalProperties": false, "properties": { - "Condition": { + "Name": { + "markdownDescription": "Name of the field.", + "title": "Name", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ObjectTypeField": { + "$ref": "#/definitions/AWS::CustomerProfiles::ObjectType.ObjectTypeField", + "markdownDescription": "Represents a field in a ProfileObjectType.", + "title": "ObjectTypeField" + } + }, + "type": "object" + }, + "AWS::CustomerProfiles::ObjectType.KeyMap": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "Name of the key.", + "title": "Name", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Family": { - "type": "string" - }, - "LicenseEndpointId": { - "markdownDescription": "The Amazon EC2 identifier of the license endpoint.", - "title": "LicenseEndpointId", - "type": "string" - }, - "Port": { - "type": "number" - }, - "ProductId": { - "markdownDescription": "The product ID.", - "title": "ProductId", - "type": "string" - }, - "Vendor": { - "type": "string" - } + "ObjectTypeKeyList": { + "items": { + "$ref": "#/definitions/AWS::CustomerProfiles::ObjectType.ObjectTypeKey" }, - "type": "object" + "markdownDescription": "A list of ObjectTypeKey.", + "title": "ObjectTypeKeyList", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CustomerProfiles::ObjectType.ObjectTypeField": { + "additionalProperties": false, + "properties": { + "ContentType": { + "markdownDescription": "The content type of the field. Used for determining equality when searching.", + "title": "ContentType", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Deadline::MeteredProduct" - ], + "Source": { + "markdownDescription": "A field of a ProfileObject. For example: _source.FirstName, where \u201c_source\u201d is a ProfileObjectType of a Zendesk user and \u201cFirstName\u201d is a field in that ObjectType.", + "title": "Source", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Target": { + "markdownDescription": "The location of the data in the standard ProfileObject model. For example: _profile.Address.PostalCode.", + "title": "Target", "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::Deadline::Queue": { + "AWS::CustomerProfiles::ObjectType.ObjectTypeKey": { + "additionalProperties": false, + "properties": { + "FieldNames": { + "items": { + "type": "string" + }, + "markdownDescription": "The reference for the key name of the fields map.", + "title": "FieldNames", + "type": "array" + }, + "StandardIdentifiers": { + "items": { + "type": "string" + }, + "markdownDescription": "The types of keys that a ProfileObject can have. Each ProfileObject can have only 1 UNIQUE key but multiple PROFILE keys. PROFILE means that this key can be used to tie an object to a PROFILE. UNIQUE means that it can be used to uniquely identify an object. If a key a is marked as SECONDARY, it will be used to search for profiles after all other PROFILE keys have been searched. A LOOKUP_ONLY key is only used to match a profile but is not persisted to be used for searching of the profile. A NEW_ONLY key is only used if the profile does not already exist before the object is ingested, otherwise it is only used for matching objects to profiles.", + "title": "StandardIdentifiers", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CustomerProfiles::SegmentDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -65266,66 +71213,51 @@ "Properties": { "additionalProperties": false, "properties": { - "AllowedStorageProfileIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The identifiers of the storage profiles that this queue can use to share assets between workers using different operating systems.", - "title": "AllowedStorageProfileIds", - "type": "array" - }, - "DefaultBudgetAction": { - "markdownDescription": "The default action taken on a queue summary if a budget wasn't configured.", - "title": "DefaultBudgetAction", - "type": "string" - }, "Description": { - "markdownDescription": "A description of the queue that helps identify what the queue is used for.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", + "markdownDescription": "The description of the segment definition.", "title": "Description", "type": "string" }, "DisplayName": { - "markdownDescription": "The display name of the queue summary to update.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", + "markdownDescription": "Display name of the segment definition.", "title": "DisplayName", "type": "string" }, - "FarmId": { - "markdownDescription": "The farm ID.", - "title": "FarmId", + "DomainName": { + "markdownDescription": "The name of the domain.", + "title": "DomainName", "type": "string" }, - "JobAttachmentSettings": { - "$ref": "#/definitions/AWS::Deadline::Queue.JobAttachmentSettings", - "markdownDescription": "The job attachment settings. These are the Amazon S3 bucket name and the Amazon S3 prefix.", - "title": "JobAttachmentSettings" + "SegmentDefinitionName": { + "markdownDescription": "Name of the segment definition.", + "title": "SegmentDefinitionName", + "type": "string" }, - "JobRunAsUser": { - "$ref": "#/definitions/AWS::Deadline::Queue.JobRunAsUser", - "markdownDescription": "Identifies the user for a job.", - "title": "JobRunAsUser" + "SegmentGroups": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.SegmentGroup", + "markdownDescription": "Contains all groups of the segment definition.", + "title": "SegmentGroups" }, - "RequiredFileSystemLocationNames": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The file system location that the queue uses.", - "title": "RequiredFileSystemLocationNames", + "markdownDescription": "The tags belonging to the segment definition.", + "title": "Tags", "type": "array" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that workers use when running jobs in this queue.", - "title": "RoleArn", - "type": "string" } }, "required": [ - "DisplayName" + "DisplayName", + "DomainName", + "SegmentDefinitionName", + "SegmentGroups" ], "type": "object" }, "Type": { "enum": [ - "AWS::Deadline::Queue" + "AWS::CustomerProfiles::SegmentDefinition" ], "type": "string" }, @@ -65344,261 +71276,428 @@ ], "type": "object" }, - "AWS::Deadline::Queue.JobAttachmentSettings": { + "AWS::CustomerProfiles::SegmentDefinition.AddressDimension": { "additionalProperties": false, "properties": { - "RootPrefix": { - "markdownDescription": "The root prefix.", - "title": "RootPrefix", - "type": "string" + "City": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "The city belonging to the address.", + "title": "City" }, - "S3BucketName": { - "markdownDescription": "The Amazon S3 bucket name.", - "title": "S3BucketName", - "type": "string" + "Country": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "The country belonging to the address.", + "title": "Country" + }, + "County": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "The county belonging to the address.", + "title": "County" + }, + "PostalCode": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "The postal code belonging to the address.", + "title": "PostalCode" + }, + "Province": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "The province belonging to the address.", + "title": "Province" + }, + "State": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "The state belonging to the address.", + "title": "State" } }, - "required": [ - "RootPrefix", - "S3BucketName" - ], "type": "object" }, - "AWS::Deadline::Queue.JobRunAsUser": { + "AWS::CustomerProfiles::SegmentDefinition.AttributeDimension": { "additionalProperties": false, "properties": { - "Posix": { - "$ref": "#/definitions/AWS::Deadline::Queue.PosixUser", - "markdownDescription": "The user and group that the jobs in the queue run as.", - "title": "Posix" - }, - "RunAs": { - "markdownDescription": "Specifies whether the job should run using the queue's system user or if the job should run using the worker agent system user.", - "title": "RunAs", + "DimensionType": { + "markdownDescription": "The action to segment with.", + "title": "DimensionType", "type": "string" }, - "Windows": { - "$ref": "#/definitions/AWS::Deadline::Queue.WindowsUser", - "markdownDescription": "Identifies a Microsoft Windows user.", - "title": "Windows" + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The values to apply the DimensionType on.", + "title": "Values", + "type": "array" } }, "required": [ - "RunAs" + "DimensionType", + "Values" ], "type": "object" }, - "AWS::Deadline::Queue.PosixUser": { + "AWS::CustomerProfiles::SegmentDefinition.CalculatedAttributeDimension": { "additionalProperties": false, "properties": { - "Group": { - "markdownDescription": "The name of the POSIX user's group.", - "title": "Group", - "type": "string" + "ConditionOverrides": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ConditionOverrides", + "markdownDescription": "Applies the given condition over the initial Calculated Attribute's definition.", + "title": "ConditionOverrides" }, - "User": { - "markdownDescription": "The name of the POSIX user.", - "title": "User", + "DimensionType": { + "markdownDescription": "The action to segment with.", + "title": "DimensionType", "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The values to apply the DimensionType with.", + "title": "Values", + "type": "array" } }, "required": [ - "Group", - "User" + "DimensionType", + "Values" ], "type": "object" }, - "AWS::Deadline::Queue.WindowsUser": { + "AWS::CustomerProfiles::SegmentDefinition.ConditionOverrides": { "additionalProperties": false, "properties": { - "PasswordArn": { - "markdownDescription": "The password ARN for the Windows user.", - "title": "PasswordArn", + "Range": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.RangeOverride", + "markdownDescription": "The relative time period over which data is included in the aggregation for this override.", + "title": "Range" + } + }, + "type": "object" + }, + "AWS::CustomerProfiles::SegmentDefinition.DateDimension": { + "additionalProperties": false, + "properties": { + "DimensionType": { + "markdownDescription": "The action to segment on.", + "title": "DimensionType", "type": "string" }, - "User": { - "markdownDescription": "The user.", - "title": "User", - "type": "string" + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The values to apply the DimensionType on.", + "title": "Values", + "type": "array" } }, "required": [ - "PasswordArn", - "User" + "DimensionType", + "Values" ], "type": "object" }, - "AWS::Deadline::QueueEnvironment": { + "AWS::CustomerProfiles::SegmentDefinition.Dimension": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { + "CalculatedAttributes": { "additionalProperties": false, - "properties": { - "FarmId": { - "markdownDescription": "The identifier assigned to the farm that contains the queue.", - "title": "FarmId", - "type": "string" - }, - "Priority": { - "markdownDescription": "The queue environment's priority.", - "title": "Priority", - "type": "number" - }, - "QueueId": { - "markdownDescription": "The unique identifier of the queue that contains the environment.", - "title": "QueueId", - "type": "string" - }, - "Template": { - "markdownDescription": "A JSON or YAML template that describes the processing environment for the queue.", - "title": "Template", - "type": "string" - }, - "TemplateType": { - "markdownDescription": "Specifies whether the template for the queue environment is JSON or YAML.", - "title": "TemplateType", - "type": "string" + "markdownDescription": "Object that holds the calculated attributes to segment on.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.CalculatedAttributeDimension" } }, - "required": [ - "FarmId", - "Priority", - "QueueId", - "Template", - "TemplateType" - ], + "title": "CalculatedAttributes", "type": "object" }, - "Type": { - "enum": [ - "AWS::Deadline::QueueEnvironment" - ], + "ProfileAttributes": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileAttributes", + "markdownDescription": "Object that holds the profile attributes to segment on.", + "title": "ProfileAttributes" + } + }, + "type": "object" + }, + "AWS::CustomerProfiles::SegmentDefinition.ExtraLengthValueProfileDimension": { + "additionalProperties": false, + "properties": { + "DimensionType": { + "markdownDescription": "The action to segment with.", + "title": "DimensionType", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The values to apply the DimensionType on.", + "title": "Values", + "type": "array" } }, "required": [ - "Type", - "Properties" + "DimensionType", + "Values" ], "type": "object" }, - "AWS::Deadline::QueueFleetAssociation": { + "AWS::CustomerProfiles::SegmentDefinition.Group": { "additionalProperties": false, "properties": { - "Condition": { + "Dimensions": { + "items": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.Dimension" + }, + "markdownDescription": "Defines the attributes to segment on.", + "title": "Dimensions", + "type": "array" + }, + "SourceSegments": { + "items": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.SourceSegment" + }, + "markdownDescription": "Defines the starting source of data.", + "title": "SourceSegments", + "type": "array" + }, + "SourceType": { + "markdownDescription": "Defines how to interact with the source data.", + "title": "SourceType", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Type": { + "markdownDescription": "Defines how to interact with the profiles found in the current filtering.", + "title": "Type", "type": "string" + } + }, + "type": "object" + }, + "AWS::CustomerProfiles::SegmentDefinition.ProfileAttributes": { + "additionalProperties": false, + "properties": { + "AccountNumber": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within account number.", + "title": "AccountNumber" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "AdditionalInformation": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ExtraLengthValueProfileDimension", + "markdownDescription": "A field to describe values to segment on within additional information.", + "title": "AdditionalInformation" }, - "Metadata": { - "type": "object" + "Address": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.AddressDimension", + "markdownDescription": "A field to describe values to segment on within address.", + "title": "Address" }, - "Properties": { + "Attributes": { "additionalProperties": false, - "properties": { - "FarmId": { - "markdownDescription": "The identifier of the farm that contains the queue and the fleet.", - "title": "FarmId", - "type": "string" - }, - "FleetId": { - "markdownDescription": "The fleet ID.", - "title": "FleetId", - "type": "string" - }, - "QueueId": { - "markdownDescription": "The queue ID.", - "title": "QueueId", - "type": "string" + "markdownDescription": "A field to describe values to segment on within attributes.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.AttributeDimension" } }, - "required": [ - "FarmId", - "FleetId", - "QueueId" - ], + "title": "Attributes", "type": "object" }, - "Type": { - "enum": [ - "AWS::Deadline::QueueFleetAssociation" - ], + "BillingAddress": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.AddressDimension", + "markdownDescription": "A field to describe values to segment on within billing address.", + "title": "BillingAddress" + }, + "BirthDate": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.DateDimension", + "markdownDescription": "A field to describe values to segment on within birthDate.", + "title": "BirthDate" + }, + "BusinessEmailAddress": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within business email address.", + "title": "BusinessEmailAddress" + }, + "BusinessName": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within business name.", + "title": "BusinessName" + }, + "BusinessPhoneNumber": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within business phone number.", + "title": "BusinessPhoneNumber" + }, + "EmailAddress": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within email address.", + "title": "EmailAddress" + }, + "FirstName": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within first name.", + "title": "FirstName" + }, + "GenderString": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within genderString.", + "title": "GenderString" + }, + "HomePhoneNumber": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within home phone number.", + "title": "HomePhoneNumber" + }, + "LastName": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within last name.", + "title": "LastName" + }, + "MailingAddress": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.AddressDimension", + "markdownDescription": "A field to describe values to segment on within mailing address.", + "title": "MailingAddress" + }, + "MiddleName": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within middle name.", + "title": "MiddleName" + }, + "MobilePhoneNumber": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within mobile phone number.", + "title": "MobilePhoneNumber" + }, + "PartyTypeString": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within partyTypeString.", + "title": "PartyTypeString" + }, + "PersonalEmailAddress": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within personal email address.", + "title": "PersonalEmailAddress" + }, + "PhoneNumber": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within phone number.", + "title": "PhoneNumber" + }, + "ProfileType": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileTypeDimension", + "markdownDescription": "The type of profile.", + "title": "ProfileType" + }, + "ShippingAddress": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.AddressDimension", + "markdownDescription": "A field to describe values to segment on within shipping address.", + "title": "ShippingAddress" + } + }, + "type": "object" + }, + "AWS::CustomerProfiles::SegmentDefinition.ProfileDimension": { + "additionalProperties": false, + "properties": { + "DimensionType": { + "markdownDescription": "The action to segment on.", + "title": "DimensionType", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "Values", + "type": "array" + } + }, + "required": [ + "DimensionType", + "Values" + ], + "type": "object" + }, + "AWS::CustomerProfiles::SegmentDefinition.ProfileTypeDimension": { + "additionalProperties": false, + "properties": { + "DimensionType": { + "markdownDescription": "The action to segment on.", + "title": "DimensionType", "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The values to apply the DimensionType on.", + "title": "Values", + "type": "array" } }, "required": [ - "Type", - "Properties" + "DimensionType", + "Values" ], "type": "object" }, - "AWS::Deadline::StorageProfile": { + "AWS::CustomerProfiles::SegmentDefinition.RangeOverride": { + "additionalProperties": false, + "properties": { + "End": { + "markdownDescription": "The end time of when to include objects.", + "title": "End", + "type": "number" + }, + "Start": { + "markdownDescription": "The start time of when to include objects.", + "title": "Start", + "type": "number" + }, + "Unit": { + "markdownDescription": "The unit for start and end.", + "title": "Unit", + "type": "string" + } + }, + "required": [ + "Start", + "Unit" + ], + "type": "object" + }, + "AWS::CustomerProfiles::SegmentDefinition.SegmentGroup": { + "additionalProperties": false, + "properties": { + "Groups": { + "items": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.Group" + }, + "markdownDescription": "Holds the list of groups within the segment definition.", + "title": "Groups", + "type": "array" + }, + "Include": { + "markdownDescription": "Defines whether to include or exclude the profiles that fit the segment criteria.", + "title": "Include", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CustomerProfiles::SegmentDefinition.SourceSegment": { + "additionalProperties": false, + "properties": { + "SegmentDefinitionName": { + "markdownDescription": "The name of the source segment.", + "title": "SegmentDefinitionName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DAX::Cluster": { "additionalProperties": false, "properties": { "Condition": { @@ -65633,39 +71732,96 @@ "Properties": { "additionalProperties": false, "properties": { - "DisplayName": { - "markdownDescription": "The display name of the storage profile summary to update.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", - "title": "DisplayName", + "AvailabilityZones": { + "items": { + "type": "string" + }, + "markdownDescription": "The Availability Zones (AZs) in which the cluster nodes will reside after the cluster has been created or updated. If provided, the length of this list must equal the `ReplicationFactor` parameter. If you omit this parameter, DAX will spread the nodes across Availability Zones for the highest availability.", + "title": "AvailabilityZones", + "type": "array" + }, + "ClusterEndpointEncryptionType": { + "markdownDescription": "The encryption type of the cluster's endpoint. Available values are:\n\n- `NONE` - The cluster's endpoint will be unencrypted.\n- `TLS` - The cluster's endpoint will be encrypted with Transport Layer Security, and will provide an x509 certificate for authentication.\n\nThe default value is `NONE` .", + "title": "ClusterEndpointEncryptionType", "type": "string" }, - "FarmId": { - "markdownDescription": "The unique identifier of the farm that contains the storage profile.", - "title": "FarmId", + "ClusterName": { + "markdownDescription": "The name of the DAX cluster.", + "title": "ClusterName", "type": "string" }, - "FileSystemLocations": { + "Description": { + "markdownDescription": "The description of the cluster.", + "title": "Description", + "type": "string" + }, + "IAMRoleARN": { + "markdownDescription": "A valid Amazon Resource Name (ARN) that identifies an IAM role. At runtime, DAX will assume this role and use the role's permissions to access DynamoDB on your behalf.", + "title": "IAMRoleARN", + "type": "string" + }, + "NetworkType": { + "type": "string" + }, + "NodeType": { + "markdownDescription": "The node type for the nodes in the cluster. (All nodes in a DAX cluster are of the same type.)", + "title": "NodeType", + "type": "string" + }, + "NotificationTopicARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to which notifications will be sent.\n\n> The Amazon SNS topic owner must be same as the DAX cluster owner.", + "title": "NotificationTopicARN", + "type": "string" + }, + "ParameterGroupName": { + "markdownDescription": "The parameter group to be associated with the DAX cluster.", + "title": "ParameterGroupName", + "type": "string" + }, + "PreferredMaintenanceWindow": { + "markdownDescription": "A range of time when maintenance of DAX cluster software will be performed. For example: `sun:01:00-sun:09:00` . Cluster maintenance normally takes less than 30 minutes, and is performed automatically within the maintenance window.", + "title": "PreferredMaintenanceWindow", + "type": "string" + }, + "ReplicationFactor": { + "markdownDescription": "The number of nodes in the DAX cluster. A replication factor of 1 will create a single-node cluster, without any read replicas. For additional fault tolerance, you can create a multiple node cluster with one or more read replicas. To do this, set `ReplicationFactor` to a number between 3 (one primary and two read replicas) and 10 (one primary and nine read replicas). `If the AvailabilityZones` parameter is provided, its length must equal the `ReplicationFactor` .\n\n> AWS recommends that you have at least two read replicas per cluster.", + "title": "ReplicationFactor", + "type": "number" + }, + "SSESpecification": { + "$ref": "#/definitions/AWS::DAX::Cluster.SSESpecification", + "markdownDescription": "Represents the settings used to enable server-side encryption on the cluster.", + "title": "SSESpecification" + }, + "SecurityGroupIds": { "items": { - "$ref": "#/definitions/AWS::Deadline::StorageProfile.FileSystemLocation" + "type": "string" }, - "markdownDescription": "Operating system specific file system path to the storage location.", - "title": "FileSystemLocations", + "markdownDescription": "A list of security group IDs to be assigned to each node in the DAX cluster. (Each of the security group ID is system-generated.)\n\nIf this parameter is not specified, DAX assigns the default VPC security group to each node.", + "title": "SecurityGroupIds", "type": "array" }, - "OsFamily": { - "markdownDescription": "The operating system (OS) family.", - "title": "OsFamily", + "SubnetGroupName": { + "markdownDescription": "The name of the subnet group to be used for the replication group.\n\n> DAX clusters can only run in an Amazon VPC environment. All of the subnets that you specify in a subnet group must exist in the same VPC.", + "title": "SubnetGroupName", "type": "string" + }, + "Tags": { + "markdownDescription": "A set of tags to associate with the DAX cluster.", + "title": "Tags", + "type": "object" } }, "required": [ - "DisplayName", - "OsFamily" + "IAMRoleARN", + "NodeType", + "ReplicationFactor" ], "type": "object" }, "Type": { "enum": [ - "AWS::Deadline::StorageProfile" + "AWS::DAX::Cluster" ], "type": "string" }, @@ -65684,33 +71840,18 @@ ], "type": "object" }, - "AWS::Deadline::StorageProfile.FileSystemLocation": { + "AWS::DAX::Cluster.SSESpecification": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The location name.", - "title": "Name", - "type": "string" - }, - "Path": { - "markdownDescription": "The file path.", - "title": "Path", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of file.", - "title": "Type", - "type": "string" + "SSEEnabled": { + "markdownDescription": "Indicates whether server-side encryption is enabled (true) or disabled (false) on the cluster.", + "title": "SSEEnabled", + "type": "boolean" } }, - "required": [ - "Name", - "Path", - "Type" - ], "type": "object" }, - "AWS::Detective::Graph": { + "AWS::DAX::ParameterGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -65745,25 +71886,27 @@ "Properties": { "additionalProperties": false, "properties": { - "AutoEnableMembers": { - "markdownDescription": "Indicates whether to automatically enable new organization accounts as member accounts in the organization behavior graph.\n\nBy default, this property is set to `false` . If you want to change the value of this property, you must be the Detective administrator for the organization. For more information on setting a Detective administrator account, see [AWS::Detective::OrganizationAdmin](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-detective-organizationadmin.html) .", - "title": "AutoEnableMembers", - "type": "boolean" + "Description": { + "markdownDescription": "A description of the parameter group.", + "title": "Description", + "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tag values to assign to the new behavior graph.", - "title": "Tags", - "type": "array" + "ParameterGroupName": { + "markdownDescription": "The name of the parameter group.", + "title": "ParameterGroupName", + "type": "string" + }, + "ParameterNameValues": { + "markdownDescription": "An array of name-value pairs for the parameters in the group. Each element in the array represents a single parameter.\n\n> `record-ttl-millis` and `query-ttl-millis` are the only supported parameter names. For more details, see [Configuring TTL Settings](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/DAX.cluster-management.html#DAX.cluster-management.custom-settings.ttl) .", + "title": "ParameterNameValues", + "type": "object" } }, "type": "object" }, "Type": { "enum": [ - "AWS::Detective::Graph" + "AWS::DAX::ParameterGroup" ], "type": "string" }, @@ -65781,7 +71924,7 @@ ], "type": "object" }, - "AWS::Detective::MemberInvitation": { + "AWS::DAX::SubnetGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -65816,42 +71959,33 @@ "Properties": { "additionalProperties": false, "properties": { - "DisableEmailNotification": { - "markdownDescription": "Whether to send an invitation email to the member account. If set to true, the member account does not receive an invitation email.", - "title": "DisableEmailNotification", - "type": "boolean" - }, - "GraphArn": { - "markdownDescription": "The ARN of the behavior graph to invite the account to contribute data to.", - "title": "GraphArn", - "type": "string" - }, - "MemberEmailAddress": { - "markdownDescription": "The root user email address of the invited account. If the email address provided is not the root user email address for the provided account, the invitation creation fails.", - "title": "MemberEmailAddress", + "Description": { + "markdownDescription": "The description of the subnet group.", + "title": "Description", "type": "string" }, - "MemberId": { - "markdownDescription": "The AWS account identifier of the invited account", - "title": "MemberId", + "SubnetGroupName": { + "markdownDescription": "The name of the subnet group.", + "title": "SubnetGroupName", "type": "string" }, - "Message": { - "markdownDescription": "Customized text to include in the invitation email message.", - "title": "Message", - "type": "string" + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of VPC subnet IDs for the subnet group.", + "title": "SubnetIds", + "type": "array" } }, "required": [ - "GraphArn", - "MemberEmailAddress", - "MemberId" + "SubnetIds" ], "type": "object" }, "Type": { "enum": [ - "AWS::Detective::MemberInvitation" + "AWS::DAX::SubnetGroup" ], "type": "string" }, @@ -65870,7 +72004,7 @@ ], "type": "object" }, - "AWS::Detective::OrganizationAdmin": { + "AWS::DLM::LifecyclePolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -65905,20 +72039,75 @@ "Properties": { "additionalProperties": false, "properties": { - "AccountId": { - "markdownDescription": "The AWS account identifier of the account to designate as the Detective administrator account for the organization.", - "title": "AccountId", + "CopyTags": { + "markdownDescription": "*[Default policies only]* Indicates whether the policy should copy tags from the source resource to the snapshot or AMI. If you do not specify a value, the default is `false` .\n\nDefault: false", + "title": "CopyTags", + "type": "boolean" + }, + "CreateInterval": { + "markdownDescription": "*[Default policies only]* Specifies how often the policy should run and create snapshots or AMIs. The creation frequency can range from 1 to 7 days. If you do not specify a value, the default is 1.\n\nDefault: 1", + "title": "CreateInterval", + "type": "number" + }, + "CrossRegionCopyTargets": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyTargets", + "markdownDescription": "*[Default policies only]* Specifies destination Regions for snapshot or AMI copies. You can specify up to 3 destination Regions. If you do not want to create cross-Region copies, omit this parameter.", + "title": "CrossRegionCopyTargets" + }, + "DefaultPolicy": { + "markdownDescription": "*[Default policies only]* Specify the type of default policy to create.\n\n- To create a default policy for EBS snapshots, that creates snapshots of all volumes in the Region that do not have recent backups, specify `VOLUME` .\n- To create a default policy for EBS-backed AMIs, that creates EBS-backed AMIs from all instances in the Region that do not have recent backups, specify `INSTANCE` .", + "title": "DefaultPolicy", + "type": "string" + }, + "Description": { + "markdownDescription": "A description of the lifecycle policy. The characters ^[0-9A-Za-z _-]+$ are supported.", + "title": "Description", + "type": "string" + }, + "Exclusions": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Exclusions", + "markdownDescription": "*[Default policies only]* Specifies exclusion parameters for volumes or instances for which you do not want to create snapshots or AMIs. The policy will not create snapshots or AMIs for target resources that match any of the specified exclusion parameters.", + "title": "Exclusions" + }, + "ExecutionRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role used to run the operations specified by the lifecycle policy.", + "title": "ExecutionRoleArn", + "type": "string" + }, + "ExtendDeletion": { + "markdownDescription": "*[Default policies only]* Defines the snapshot or AMI retention behavior for the policy if the source volume or instance is deleted, or if the policy enters the error, disabled, or deleted state.\n\nBy default ( *ExtendDeletion=false* ):\n\n- If a source resource is deleted, Amazon Data Lifecycle Manager will continue to delete previously created snapshots or AMIs, up to but not including the last one, based on the specified retention period. If you want Amazon Data Lifecycle Manager to delete all snapshots or AMIs, including the last one, specify `true` .\n- If a policy enters the error, disabled, or deleted state, Amazon Data Lifecycle Manager stops deleting snapshots and AMIs. If you want Amazon Data Lifecycle Manager to continue deleting snapshots or AMIs, including the last one, if the policy enters one of these states, specify `true` .\n\nIf you enable extended deletion ( *ExtendDeletion=true* ), you override both default behaviors simultaneously.\n\nIf you do not specify a value, the default is `false` .\n\nDefault: false", + "title": "ExtendDeletion", + "type": "boolean" + }, + "PolicyDetails": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.PolicyDetails", + "markdownDescription": "The configuration details of the lifecycle policy.\n\n> If you create a default policy, you can specify the request parameters either in the request body, or in the PolicyDetails request structure, but not both.", + "title": "PolicyDetails" + }, + "RetainInterval": { + "markdownDescription": "*[Default policies only]* Specifies how long the policy should retain snapshots or AMIs before deleting them. The retention period can range from 2 to 14 days, but it must be greater than the creation frequency to ensure that the policy retains at least 1 snapshot or AMI at any given time. If you do not specify a value, the default is 7.\n\nDefault: 7", + "title": "RetainInterval", + "type": "number" + }, + "State": { + "markdownDescription": "The activation state of the lifecycle policy.", + "title": "State", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to apply to the lifecycle policy during creation.", + "title": "Tags", + "type": "array" } }, - "required": [ - "AccountId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Detective::OrganizationAdmin" + "AWS::DLM::LifecyclePolicy" ], "type": "string" }, @@ -65932,743 +72121,682 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::DevOpsGuru::LogAnomalyDetectionIntegration": { + "AWS::DLM::LifecyclePolicy.Action": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::DevOpsGuru::LogAnomalyDetectionIntegration" - ], - "type": "string" + "CrossRegionCopy": { + "items": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyAction" + }, + "markdownDescription": "The rule for copying shared snapshots across Regions.", + "title": "CrossRegionCopy", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "A descriptive name for the action.", + "title": "Name", "type": "string" } }, "required": [ - "Type" + "CrossRegionCopy", + "Name" ], "type": "object" }, - "AWS::DevOpsGuru::NotificationChannel": { + "AWS::DLM::LifecyclePolicy.ArchiveRetainRule": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Config": { - "$ref": "#/definitions/AWS::DevOpsGuru::NotificationChannel.NotificationChannelConfig", - "markdownDescription": "A `NotificationChannelConfig` object that contains information about configured notification channels.", - "title": "Config" - } - }, - "required": [ - "Config" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::DevOpsGuru::NotificationChannel" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "RetentionArchiveTier": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.RetentionArchiveTier", + "markdownDescription": "Information about retention period in the Amazon EBS Snapshots Archive. For more information, see [Archive Amazon EBS snapshots](https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/snapshot-archive.html) .", + "title": "RetentionArchiveTier" } }, "required": [ - "Type", - "Properties" + "RetentionArchiveTier" ], "type": "object" }, - "AWS::DevOpsGuru::NotificationChannel.NotificationChannelConfig": { + "AWS::DLM::LifecyclePolicy.ArchiveRule": { "additionalProperties": false, "properties": { - "Filters": { - "$ref": "#/definitions/AWS::DevOpsGuru::NotificationChannel.NotificationFilterConfig", - "markdownDescription": "The filter configurations for the Amazon SNS notification topic you use with DevOps Guru. If you do not provide filter configurations, the default configurations are to receive notifications for all message types of `High` or `Medium` severity.", - "title": "Filters" - }, - "Sns": { - "$ref": "#/definitions/AWS::DevOpsGuru::NotificationChannel.SnsChannelConfig", - "markdownDescription": "Information about a notification channel configured in DevOps Guru to send notifications when insights are created.\n\nIf you use an Amazon SNS topic in another account, you must attach a policy to it that grants DevOps Guru permission to send it notifications. DevOps Guru adds the required policy on your behalf to send notifications using Amazon SNS in your account. DevOps Guru only supports standard SNS topics. For more information, see [Permissions for Amazon SNS topics](https://docs.aws.amazon.com/devops-guru/latest/userguide/sns-required-permissions.html) .\n\nIf you use an Amazon SNS topic that is encrypted by an AWS Key Management Service customer-managed key (CMK), then you must add permissions to the CMK. For more information, see [Permissions for AWS KMS\u2013encrypted Amazon SNS topics](https://docs.aws.amazon.com/devops-guru/latest/userguide/sns-kms-permissions.html) .", - "title": "Sns" + "RetainRule": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.ArchiveRetainRule", + "markdownDescription": "Information about the retention period for the snapshot archiving rule.", + "title": "RetainRule" } }, + "required": [ + "RetainRule" + ], "type": "object" }, - "AWS::DevOpsGuru::NotificationChannel.NotificationFilterConfig": { + "AWS::DLM::LifecyclePolicy.CreateRule": { "additionalProperties": false, "properties": { - "MessageTypes": { + "CronExpression": { + "markdownDescription": "The schedule, as a Cron expression. The schedule interval must be between 1 hour and 1 year. For more information, see the [Cron and rate expressions](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-scheduled-rule-pattern.html) in the *Amazon EventBridge User Guide* .", + "title": "CronExpression", + "type": "string" + }, + "Interval": { + "markdownDescription": "The interval between snapshots. The supported values are 1, 2, 3, 4, 6, 8, 12, and 24.", + "title": "Interval", + "type": "number" + }, + "IntervalUnit": { + "markdownDescription": "The interval unit.", + "title": "IntervalUnit", + "type": "string" + }, + "Location": { + "markdownDescription": "*[Custom snapshot policies only]* Specifies the destination for snapshots created by the policy. The allowed destinations depend on the location of the targeted resources.\n\n- If the policy targets resources in a Region, then you must create snapshots in the same Region as the source resource.\n- If the policy targets resources in a Local Zone, you can create snapshots in the same Local Zone or in its parent Region.\n- If the policy targets resources on an Outpost, then you can create snapshots on the same Outpost or in its parent Region.\n\nSpecify one of the following values:\n\n- To create snapshots in the same Region as the source resource, specify `CLOUD` .\n- To create snapshots in the same Local Zone as the source resource, specify `LOCAL_ZONE` .\n- To create snapshots on the same Outpost as the source resource, specify `OUTPOST_LOCAL` .\n\nDefault: `CLOUD`", + "title": "Location", + "type": "string" + }, + "Scripts": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Script" }, - "markdownDescription": "The events that you want to receive notifications for. For example, you can choose to receive notifications only when the severity level is upgraded or a new insight is created.", - "title": "MessageTypes", + "markdownDescription": "*[Custom snapshot policies that target instances only]* Specifies pre and/or post scripts for a snapshot lifecycle policy that targets instances. This is useful for creating application-consistent snapshots, or for performing specific administrative tasks before or after Amazon Data Lifecycle Manager initiates snapshot creation.\n\nFor more information, see [Automating application-consistent snapshots with pre and post scripts](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/automate-app-consistent-backups.html) .", + "title": "Scripts", "type": "array" }, - "Severities": { + "Times": { "items": { "type": "string" }, - "markdownDescription": "The severity levels that you want to receive notifications for. For example, you can choose to receive notifications only for insights with `HIGH` and `MEDIUM` severity levels. For more information, see [Understanding insight severities](https://docs.aws.amazon.com/devops-guru/latest/userguide/working-with-insights.html#understanding-insights-severities) .", - "title": "Severities", + "markdownDescription": "The time, in UTC, to start the operation. The supported format is hh:mm.\n\nThe operation occurs within a one-hour window following the specified time. If you do not specify a time, Amazon Data Lifecycle Manager selects a time within the next 24 hours.", + "title": "Times", "type": "array" } }, "type": "object" }, - "AWS::DevOpsGuru::NotificationChannel.SnsChannelConfig": { + "AWS::DLM::LifecyclePolicy.CrossRegionCopyAction": { "additionalProperties": false, "properties": { - "TopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an Amazon Simple Notification Service topic.", - "title": "TopicArn", + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.EncryptionConfiguration", + "markdownDescription": "The encryption settings for the copied snapshot.", + "title": "EncryptionConfiguration" + }, + "RetainRule": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyRetainRule", + "markdownDescription": "Specifies a retention rule for cross-Region snapshot copies created by snapshot or event-based policies, or cross-Region AMI copies created by AMI policies. After the retention period expires, the cross-Region copy is deleted.", + "title": "RetainRule" + }, + "Target": { + "markdownDescription": "The target Region.", + "title": "Target", "type": "string" } }, + "required": [ + "EncryptionConfiguration", + "Target" + ], "type": "object" }, - "AWS::DevOpsGuru::ResourceCollection": { + "AWS::DLM::LifecyclePolicy.CrossRegionCopyDeprecateRule": { "additionalProperties": false, "properties": { - "Condition": { + "Interval": { + "markdownDescription": "The period after which to deprecate the cross-Region AMI copies. The period must be less than or equal to the cross-Region AMI copy retention period, and it can't be greater than 10 years. This is equivalent to 120 months, 520 weeks, or 3650 days.", + "title": "Interval", + "type": "number" + }, + "IntervalUnit": { + "markdownDescription": "The unit of time in which to measure the *Interval* . For example, to deprecate a cross-Region AMI copy after 3 months, specify `Interval=3` and `IntervalUnit=MONTHS` .", + "title": "IntervalUnit", "type": "string" + } + }, + "required": [ + "Interval", + "IntervalUnit" + ], + "type": "object" + }, + "AWS::DLM::LifecyclePolicy.CrossRegionCopyRetainRule": { + "additionalProperties": false, + "properties": { + "Interval": { + "markdownDescription": "The amount of time to retain a cross-Region snapshot or AMI copy. The maximum is 100 years. This is equivalent to 1200 months, 5200 weeks, or 36500 days.", + "title": "Interval", + "type": "number" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "IntervalUnit": { + "markdownDescription": "The unit of time for time-based retention. For example, to retain a cross-Region copy for 3 months, specify `Interval=3` and `IntervalUnit=MONTHS` .", + "title": "IntervalUnit", + "type": "string" + } + }, + "required": [ + "Interval", + "IntervalUnit" + ], + "type": "object" + }, + "AWS::DLM::LifecyclePolicy.CrossRegionCopyRule": { + "additionalProperties": false, + "properties": { + "CmkArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key to use for EBS encryption. If this parameter is not specified, the default KMS key for the account is used.", + "title": "CmkArn", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "CopyTags": { + "markdownDescription": "Indicates whether to copy all user-defined tags from the source snapshot or AMI to the cross-Region copy.", + "title": "CopyTags", + "type": "boolean" }, - "Metadata": { - "type": "object" + "DeprecateRule": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyDeprecateRule", + "markdownDescription": "*[Custom AMI policies only]* The AMI deprecation rule for cross-Region AMI copies created by the rule.", + "title": "DeprecateRule" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ResourceCollectionFilter": { - "$ref": "#/definitions/AWS::DevOpsGuru::ResourceCollection.ResourceCollectionFilter", - "markdownDescription": "Information about a filter used to specify which AWS resources are analyzed for anomalous behavior by DevOps Guru.", - "title": "ResourceCollectionFilter" - } - }, - "required": [ - "ResourceCollectionFilter" - ], - "type": "object" + "Encrypted": { + "markdownDescription": "To encrypt a copy of an unencrypted snapshot if encryption by default is not enabled, enable encryption using this parameter. Copies of encrypted snapshots are encrypted, even if this parameter is false or if encryption by default is not enabled.", + "title": "Encrypted", + "type": "boolean" }, - "Type": { - "enum": [ - "AWS::DevOpsGuru::ResourceCollection" - ], + "RetainRule": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyRetainRule", + "markdownDescription": "The retention rule that indicates how long the cross-Region snapshot or AMI copies are to be retained in the destination Region.", + "title": "RetainRule" + }, + "Target": { + "markdownDescription": "> Use this parameter for snapshot policies only. For AMI policies, use *TargetRegion* instead. \n\n*[Custom snapshot policies only]* The target Region or the Amazon Resource Name (ARN) of the target Outpost for the snapshot copies.", + "title": "Target", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TargetRegion": { + "markdownDescription": "> Use this parameter for AMI policies only. For snapshot policies, use *Target* instead. For snapshot policies created before the *Target* parameter was introduced, this parameter indicates the target Region for snapshot copies. \n\n*[Custom AMI policies only]* The target Region or the Amazon Resource Name (ARN) of the target Outpost for the snapshot copies.", + "title": "TargetRegion", "type": "string" } }, "required": [ - "Type", - "Properties" + "Encrypted" ], "type": "object" }, - "AWS::DevOpsGuru::ResourceCollection.CloudFormationCollectionFilter": { + "AWS::DLM::LifecyclePolicy.CrossRegionCopyTarget": { "additionalProperties": false, "properties": { - "StackNames": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of CloudFormation stack names.", - "title": "StackNames", - "type": "array" + "TargetRegion": { + "type": "string" } }, "type": "object" }, - "AWS::DevOpsGuru::ResourceCollection.ResourceCollectionFilter": { + "AWS::DLM::LifecyclePolicy.CrossRegionCopyTargets": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::DLM::LifecyclePolicy.DeprecateRule": { "additionalProperties": false, "properties": { - "CloudFormation": { - "$ref": "#/definitions/AWS::DevOpsGuru::ResourceCollection.CloudFormationCollectionFilter", - "markdownDescription": "Information about AWS CloudFormation stacks. You can use up to 1000 stacks to specify which AWS resources in your account to analyze. For more information, see [Stacks](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacks.html) in the *AWS CloudFormation User Guide* .", - "title": "CloudFormation" + "Count": { + "markdownDescription": "If the schedule has a count-based retention rule, this parameter specifies the number of oldest AMIs to deprecate. The count must be less than or equal to the schedule's retention count, and it can't be greater than 1000.", + "title": "Count", + "type": "number" }, - "Tags": { - "items": { - "$ref": "#/definitions/AWS::DevOpsGuru::ResourceCollection.TagCollection" - }, - "markdownDescription": "The AWS tags used to filter the resources in the resource collection.\n\nTags help you identify and organize your AWS resources. Many AWS services support tagging, so you can assign the same tag to resources from different services to indicate that the resources are related. For example, you can assign the same tag to an Amazon DynamoDB table resource that you assign to an AWS Lambda function. For more information about using tags, see the [Tagging best practices](https://docs.aws.amazon.com/whitepapers/latest/tagging-best-practices/tagging-best-practices.html) whitepaper.\n\nEach AWS tag has two parts.\n\n- A tag *key* (for example, `CostCenter` , `Environment` , `Project` , or `Secret` ). Tag *keys* are case-sensitive.\n- A field known as a tag *value* (for example, `111122223333` , `Production` , or a team name). Omitting the tag *value* is the same as using an empty string. Like tag *keys* , tag *values* are case-sensitive. The tag value is a required property when AppBoundaryKey is specified.\n\nTogether these are known as *key* - *value* pairs.\n\n> The string used for a *key* in a tag that you use to define your resource coverage must begin with the prefix `Devops-guru-` . The tag *key* might be `DevOps-Guru-deployment-application` or `devops-guru-rds-application` . When you create a *key* , the case of characters in the *key* can be whatever you choose. After you create a *key* , it is case-sensitive. For example, DevOps Guru works with a *key* named `devops-guru-rds` and a *key* named `DevOps-Guru-RDS` , and these act as two different *keys* . Possible *key* / *value* pairs in your application might be `Devops-Guru-production-application/RDS` or `Devops-Guru-production-application/containers` .", - "title": "Tags", - "type": "array" + "Interval": { + "markdownDescription": "If the schedule has an age-based retention rule, this parameter specifies the period after which to deprecate AMIs created by the schedule. The period must be less than or equal to the schedule's retention period, and it can't be greater than 10 years. This is equivalent to 120 months, 520 weeks, or 3650 days.", + "title": "Interval", + "type": "number" + }, + "IntervalUnit": { + "markdownDescription": "The unit of time in which to measure the *Interval* .", + "title": "IntervalUnit", + "type": "string" } }, "type": "object" }, - "AWS::DevOpsGuru::ResourceCollection.TagCollection": { + "AWS::DLM::LifecyclePolicy.EncryptionConfiguration": { "additionalProperties": false, "properties": { - "AppBoundaryKey": { - "markdownDescription": "An AWS tag *key* that is used to identify the AWS resources that DevOps Guru analyzes. All AWS resources in your account and Region tagged with this *key* make up your DevOps Guru application and analysis boundary.\n\n> When you create a *key* , the case of characters in the *key* can be whatever you choose. After you create a *key* , it is case-sensitive. For example, DevOps Guru works with a *key* named `devops-guru-rds` and a *key* named `DevOps-Guru-RDS` , and these act as two different *keys* . Possible *key* / *value* pairs in your application might be `Devops-Guru-production-application/RDS` or `Devops-Guru-production-application/containers` .", - "title": "AppBoundaryKey", + "CmkArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key to use for EBS encryption. If this parameter is not specified, the default KMS key for the account is used.", + "title": "CmkArn", "type": "string" }, - "TagValues": { + "Encrypted": { + "markdownDescription": "To encrypt a copy of an unencrypted snapshot when encryption by default is not enabled, enable encryption using this parameter. Copies of encrypted snapshots are encrypted, even if this parameter is false or when encryption by default is not enabled.", + "title": "Encrypted", + "type": "boolean" + } + }, + "required": [ + "Encrypted" + ], + "type": "object" + }, + "AWS::DLM::LifecyclePolicy.EventParameters": { + "additionalProperties": false, + "properties": { + "DescriptionRegex": { + "markdownDescription": "The snapshot description that can trigger the policy. The description pattern is specified using a regular expression. The policy runs only if a snapshot with a description that matches the specified pattern is shared with your account.\n\nFor example, specifying `^.*Created for policy: policy-1234567890abcdef0.*$` configures the policy to run only if snapshots created by policy `policy-1234567890abcdef0` are shared with your account.", + "title": "DescriptionRegex", + "type": "string" + }, + "EventType": { + "markdownDescription": "The type of event. Currently, only snapshot sharing events are supported.", + "title": "EventType", + "type": "string" + }, + "SnapshotOwner": { "items": { "type": "string" }, - "markdownDescription": "The values in an AWS tag collection.\n\nThe tag's *value* is a field used to associate a string with the tag *key* (for example, `111122223333` , `Production` , or a team name). The *key* and *value* are the tag's *key* pair. Omitting the tag *value* is the same as using an empty string. Like tag *keys* , tag *values* are case-sensitive. You can specify a maximum of 256 characters for a tag value. The tag value is a required property when *AppBoundaryKey* is specified.", - "title": "TagValues", + "markdownDescription": "The IDs of the AWS accounts that can trigger policy by sharing snapshots with your account. The policy only runs if one of the specified AWS accounts shares a snapshot with your account.", + "title": "SnapshotOwner", "type": "array" } }, + "required": [ + "EventType", + "SnapshotOwner" + ], "type": "object" }, - "AWS::DirectoryService::MicrosoftAD": { + "AWS::DLM::LifecyclePolicy.EventSource": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Parameters": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.EventParameters", + "markdownDescription": "Information about the event.", + "title": "Parameters" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Type": { + "markdownDescription": "The source of the event. Currently only managed Amazon EventBridge (formerly known as Amazon CloudWatch) events are supported.", + "title": "Type", "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::DLM::LifecyclePolicy.ExcludeTags": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::DLM::LifecyclePolicy.ExcludeVolumeTypesList": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::DLM::LifecyclePolicy.Exclusions": { + "additionalProperties": false, + "properties": { + "ExcludeBootVolumes": { + "markdownDescription": "*[Default policies for EBS snapshots only]* Indicates whether to exclude volumes that are attached to instances as the boot volume. If you exclude boot volumes, only volumes attached as data (non-boot) volumes will be backed up by the policy. To exclude boot volumes, specify `true` .", + "title": "ExcludeBootVolumes", + "type": "boolean" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "ExcludeTags": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.ExcludeTags", + "markdownDescription": "*[Default policies for EBS-backed AMIs only]* Specifies whether to exclude volumes that have specific tags.", + "title": "ExcludeTags" }, - "Properties": { - "additionalProperties": false, - "properties": { - "CreateAlias": { - "markdownDescription": "Specifies an alias for a directory and assigns the alias to the directory. The alias is used to construct the access URL for the directory, such as `http://.awsapps.com` . By default, AWS CloudFormation does not create an alias.\n\n> After an alias has been created, it cannot be deleted or reused, so this operation should only be used when absolutely necessary.", - "title": "CreateAlias", - "type": "boolean" - }, - "Edition": { - "markdownDescription": "AWS Managed Microsoft AD is available in two editions: `Standard` and `Enterprise` . `Enterprise` is the default.", - "title": "Edition", - "type": "string" - }, - "EnableSso": { - "markdownDescription": "Whether to enable single sign-on for a Microsoft Active Directory in AWS . Single sign-on allows users in your directory to access certain AWS services from a computer joined to the directory without having to enter their credentials separately. If you don't specify a value, AWS CloudFormation disables single sign-on by default.", - "title": "EnableSso", - "type": "boolean" - }, - "Name": { - "markdownDescription": "The fully qualified domain name for the AWS Managed Microsoft AD directory, such as `corp.example.com` . This name will resolve inside your VPC only. It does not need to be publicly resolvable.", - "title": "Name", - "type": "string" - }, - "Password": { - "markdownDescription": "The password for the default administrative user named `Admin` .\n\nIf you need to change the password for the administrator account, see the [ResetUserPassword](https://docs.aws.amazon.com/directoryservice/latest/devguide/API_ResetUserPassword.html) API call in the *AWS Directory Service API Reference* .", - "title": "Password", - "type": "string" - }, - "ShortName": { - "markdownDescription": "The NetBIOS name for your domain, such as `CORP` . If you don't specify a NetBIOS name, it will default to the first part of your directory DNS. For example, `CORP` for the directory DNS `corp.example.com` .", - "title": "ShortName", - "type": "string" - }, - "VpcSettings": { - "$ref": "#/definitions/AWS::DirectoryService::MicrosoftAD.VpcSettings", - "markdownDescription": "Specifies the VPC settings of the Microsoft AD directory server in AWS .", - "title": "VpcSettings" - } + "ExcludeVolumeTypes": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.ExcludeVolumeTypesList", + "markdownDescription": "*[Default policies for EBS snapshots only]* Specifies the volume types to exclude. Volumes of the specified types will not be targeted by the policy.", + "title": "ExcludeVolumeTypes" + } + }, + "type": "object" + }, + "AWS::DLM::LifecyclePolicy.FastRestoreRule": { + "additionalProperties": false, + "properties": { + "AvailabilityZones": { + "items": { + "type": "string" }, - "required": [ - "Name", - "Password", - "VpcSettings" - ], - "type": "object" + "markdownDescription": "The Availability Zones in which to enable fast snapshot restore.", + "title": "AvailabilityZones", + "type": "array" }, - "Type": { - "enum": [ - "AWS::DirectoryService::MicrosoftAD" - ], - "type": "string" + "Count": { + "markdownDescription": "The number of snapshots to be enabled with fast snapshot restore.", + "title": "Count", + "type": "number" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Interval": { + "markdownDescription": "The amount of time to enable fast snapshot restore. The maximum is 100 years. This is equivalent to 1200 months, 5200 weeks, or 36500 days.", + "title": "Interval", + "type": "number" + }, + "IntervalUnit": { + "markdownDescription": "The unit of time for enabling fast snapshot restore.", + "title": "IntervalUnit", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::DirectoryService::MicrosoftAD.VpcSettings": { + "AWS::DLM::LifecyclePolicy.Parameters": { "additionalProperties": false, "properties": { - "SubnetIds": { + "ExcludeBootVolume": { + "markdownDescription": "*[Custom snapshot policies that target instances only]* Indicates whether to exclude the root volume from multi-volume snapshot sets. The default is `false` . If you specify `true` , then the root volumes attached to targeted instances will be excluded from the multi-volume snapshot sets created by the policy.", + "title": "ExcludeBootVolume", + "type": "boolean" + }, + "ExcludeDataVolumeTags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The identifiers of the subnets for the directory servers. The two subnets must be in different Availability Zones. AWS Directory Service specifies a directory server and a DNS server in each of these subnets.", - "title": "SubnetIds", + "markdownDescription": "*[Custom snapshot policies that target instances only]* The tags used to identify data (non-root) volumes to exclude from multi-volume snapshot sets.\n\nIf you create a snapshot lifecycle policy that targets instances and you specify tags for this parameter, then data volumes with the specified tags that are attached to targeted instances will be excluded from the multi-volume snapshot sets created by the policy.", + "title": "ExcludeDataVolumeTags", "type": "array" }, - "VpcId": { - "markdownDescription": "The identifier of the VPC in which to create the directory.", - "title": "VpcId", - "type": "string" + "NoReboot": { + "markdownDescription": "*[Custom AMI policies only]* Indicates whether targeted instances are rebooted when the lifecycle policy runs. `true` indicates that targeted instances are not rebooted when the policy runs. `false` indicates that target instances are rebooted when the policy runs. The default is `true` (instances are not rebooted).", + "title": "NoReboot", + "type": "boolean" } }, - "required": [ - "SubnetIds", - "VpcId" - ], "type": "object" }, - "AWS::DirectoryService::SimpleAD": { + "AWS::DLM::LifecyclePolicy.PolicyDetails": { "additionalProperties": false, "properties": { - "Condition": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Action" + }, + "markdownDescription": "*[Event-based policies only]* The actions to be performed when the event-based policy is activated. You can specify only one action per policy.", + "title": "Actions", + "type": "array" + }, + "CopyTags": { + "markdownDescription": "*[Default policies only]* Indicates whether the policy should copy tags from the source resource to the snapshot or AMI. If you do not specify a value, the default is `false` .\n\nDefault: false", + "title": "CopyTags", + "type": "boolean" + }, + "CreateInterval": { + "markdownDescription": "*[Default policies only]* Specifies how often the policy should run and create snapshots or AMIs. The creation frequency can range from 1 to 7 days. If you do not specify a value, the default is 1.\n\nDefault: 1", + "title": "CreateInterval", + "type": "number" + }, + "CrossRegionCopyTargets": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyTargets", + "markdownDescription": "*[Default policies only]* Specifies destination Regions for snapshot or AMI copies. You can specify up to 3 destination Regions. If you do not want to create cross-Region copies, omit this parameter.", + "title": "CrossRegionCopyTargets" + }, + "EventSource": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.EventSource", + "markdownDescription": "*[Event-based policies only]* The event that activates the event-based policy.", + "title": "EventSource" + }, + "Exclusions": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Exclusions", + "markdownDescription": "*[Default policies only]* Specifies exclusion parameters for volumes or instances for which you do not want to create snapshots or AMIs. The policy will not create snapshots or AMIs for target resources that match any of the specified exclusion parameters.", + "title": "Exclusions" + }, + "ExtendDeletion": { + "markdownDescription": "*[Default policies only]* Defines the snapshot or AMI retention behavior for the policy if the source volume or instance is deleted, or if the policy enters the error, disabled, or deleted state.\n\nBy default ( *ExtendDeletion=false* ):\n\n- If a source resource is deleted, Amazon Data Lifecycle Manager will continue to delete previously created snapshots or AMIs, up to but not including the last one, based on the specified retention period. If you want Amazon Data Lifecycle Manager to delete all snapshots or AMIs, including the last one, specify `true` .\n- If a policy enters the error, disabled, or deleted state, Amazon Data Lifecycle Manager stops deleting snapshots and AMIs. If you want Amazon Data Lifecycle Manager to continue deleting snapshots or AMIs, including the last one, if the policy enters one of these states, specify `true` .\n\nIf you enable extended deletion ( *ExtendDeletion=true* ), you override both default behaviors simultaneously.\n\nIf you do not specify a value, the default is `false` .\n\nDefault: false", + "title": "ExtendDeletion", + "type": "boolean" + }, + "Parameters": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Parameters", + "markdownDescription": "*[Custom snapshot and AMI policies only]* A set of optional parameters for snapshot and AMI lifecycle policies.\n\n> If you are modifying a policy that was created or previously modified using the Amazon Data Lifecycle Manager console, then you must include this parameter and specify either the default values or the new values that you require. You can't omit this parameter or set its values to null.", + "title": "Parameters" + }, + "PolicyLanguage": { + "markdownDescription": "The type of policy to create. Specify one of the following:\n\n- `SIMPLIFIED` To create a default policy.\n- `STANDARD` To create a custom policy.", + "title": "PolicyLanguage", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "PolicyType": { + "markdownDescription": "The type of policy. Specify `EBS_SNAPSHOT_MANAGEMENT` to create a lifecycle policy that manages the lifecycle of Amazon EBS snapshots. Specify `IMAGE_MANAGEMENT` to create a lifecycle policy that manages the lifecycle of EBS-backed AMIs. Specify `EVENT_BASED_POLICY` to create an event-based policy that performs specific actions when a defined event occurs in your AWS account .\n\nThe default is `EBS_SNAPSHOT_MANAGEMENT` .", + "title": "PolicyType", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ResourceLocations": { + "items": { + "type": "string" + }, + "markdownDescription": "*[Custom snapshot and AMI policies only]* The location of the resources to backup.\n\n- If the source resources are located in a Region, specify `CLOUD` . In this case, the policy targets all resources of the specified type with matching target tags across all Availability Zones in the Region.\n- *[Custom snapshot policies only]* If the source resources are located in a Local Zone, specify `LOCAL_ZONE` . In this case, the policy targets all resources of the specified type with matching target tags across all Local Zones in the Region.\n- If the source resources are located on an Outpost in your account, specify `OUTPOST` . In this case, the policy targets all resources of the specified type with matching target tags across all of the Outposts in your account.", + "title": "ResourceLocations", + "type": "array" }, - "Metadata": { - "type": "object" + "ResourceType": { + "markdownDescription": "*[Default policies only]* Specify the type of default policy to create.\n\n- To create a default policy for EBS snapshots, that creates snapshots of all volumes in the Region that do not have recent backups, specify `VOLUME` .\n- To create a default policy for EBS-backed AMIs, that creates EBS-backed AMIs from all instances in the Region that do not have recent backups, specify `INSTANCE` .", + "title": "ResourceType", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "CreateAlias": { - "markdownDescription": "If set to `true` , specifies an alias for a directory and assigns the alias to the directory. The alias is used to construct the access URL for the directory, such as `http://.awsapps.com` . By default, this property is set to `false` .\n\n> After an alias has been created, it cannot be deleted or reused, so this operation should only be used when absolutely necessary.", - "title": "CreateAlias", - "type": "boolean" - }, - "Description": { - "markdownDescription": "A description for the directory.", - "title": "Description", - "type": "string" - }, - "EnableSso": { - "markdownDescription": "Whether to enable single sign-on for a directory. If you don't specify a value, AWS CloudFormation disables single sign-on by default.", - "title": "EnableSso", - "type": "boolean" - }, - "Name": { - "markdownDescription": "The fully qualified name for the directory, such as `corp.example.com` .", - "title": "Name", - "type": "string" - }, - "Password": { - "markdownDescription": "The password for the directory administrator. The directory creation process creates a directory administrator account with the user name `Administrator` and this password.\n\nIf you need to change the password for the administrator account, see the [ResetUserPassword](https://docs.aws.amazon.com/directoryservice/latest/devguide/API_ResetUserPassword.html) API call in the *AWS Directory Service API Reference* .", - "title": "Password", - "type": "string" - }, - "ShortName": { - "markdownDescription": "The NetBIOS name of the directory, such as `CORP` .", - "title": "ShortName", - "type": "string" - }, - "Size": { - "markdownDescription": "The size of the directory. For valid values, see [CreateDirectory](https://docs.aws.amazon.com/directoryservice/latest/devguide/API_CreateDirectory.html) in the *AWS Directory Service API Reference* .", - "title": "Size", - "type": "string" - }, - "VpcSettings": { - "$ref": "#/definitions/AWS::DirectoryService::SimpleAD.VpcSettings", - "markdownDescription": "A [DirectoryVpcSettings](https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DirectoryVpcSettings.html) object that contains additional information for the operation.", - "title": "VpcSettings" - } + "ResourceTypes": { + "items": { + "type": "string" }, - "required": [ - "Name", - "Size", - "VpcSettings" - ], - "type": "object" + "markdownDescription": "*[Custom snapshot policies only]* The target resource type for snapshot and AMI lifecycle policies. Use `VOLUME` to create snapshots of individual volumes or use `INSTANCE` to create multi-volume snapshots from the volumes for an instance.", + "title": "ResourceTypes", + "type": "array" }, - "Type": { - "enum": [ - "AWS::DirectoryService::SimpleAD" - ], + "RetainInterval": { + "markdownDescription": "*[Default policies only]* Specifies how long the policy should retain snapshots or AMIs before deleting them. The retention period can range from 2 to 14 days, but it must be greater than the creation frequency to ensure that the policy retains at least 1 snapshot or AMI at any given time. If you do not specify a value, the default is 7.\n\nDefault: 7", + "title": "RetainInterval", + "type": "number" + }, + "Schedules": { + "items": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Schedule" + }, + "markdownDescription": "*[Custom snapshot and AMI policies only]* The schedules of policy-defined actions for snapshot and AMI lifecycle policies. A policy can have up to four schedules\u2014one mandatory schedule and up to three optional schedules.", + "title": "Schedules", + "type": "array" + }, + "TargetTags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "*[Custom snapshot and AMI policies only]* The single tag that identifies targeted resources for this policy.", + "title": "TargetTags", + "type": "array" + } + }, + "type": "object" + }, + "AWS::DLM::LifecyclePolicy.RetainRule": { + "additionalProperties": false, + "properties": { + "Count": { + "markdownDescription": "The number of snapshots to retain for each volume, up to a maximum of 1000. For example if you want to retain a maximum of three snapshots, specify `3` . When the fourth snapshot is created, the oldest retained snapshot is deleted, or it is moved to the archive tier if you have specified an [ArchiveRule](https://docs.aws.amazon.com/dlm/latest/APIReference/API_ArchiveRule.html) .", + "title": "Count", + "type": "number" + }, + "Interval": { + "markdownDescription": "The amount of time to retain each snapshot. The maximum is 100 years. This is equivalent to 1200 months, 5200 weeks, or 36500 days.", + "title": "Interval", + "type": "number" + }, + "IntervalUnit": { + "markdownDescription": "The unit of time for time-based retention. For example, to retain snapshots for 3 months, specify `Interval=3` and `IntervalUnit=MONTHS` . Once the snapshot has been retained for 3 months, it is deleted, or it is moved to the archive tier if you have specified an [ArchiveRule](https://docs.aws.amazon.com/dlm/latest/APIReference/API_ArchiveRule.html) .", + "title": "IntervalUnit", "type": "string" + } + }, + "type": "object" + }, + "AWS::DLM::LifecyclePolicy.RetentionArchiveTier": { + "additionalProperties": false, + "properties": { + "Count": { + "markdownDescription": "The maximum number of snapshots to retain in the archive storage tier for each volume. The count must ensure that each snapshot remains in the archive tier for at least 90 days. For example, if the schedule creates snapshots every 30 days, you must specify a count of 3 or more to ensure that each snapshot is archived for at least 90 days.", + "title": "Count", + "type": "number" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Interval": { + "markdownDescription": "Specifies the period of time to retain snapshots in the archive tier. After this period expires, the snapshot is permanently deleted.", + "title": "Interval", + "type": "number" + }, + "IntervalUnit": { + "markdownDescription": "The unit of time in which to measure the *Interval* . For example, to retain a snapshots in the archive tier for 6 months, specify `Interval=6` and `IntervalUnit=MONTHS` .", + "title": "IntervalUnit", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::DirectoryService::SimpleAD.VpcSettings": { + "AWS::DLM::LifecyclePolicy.Schedule": { "additionalProperties": false, "properties": { - "SubnetIds": { + "ArchiveRule": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.ArchiveRule", + "markdownDescription": "*[Custom snapshot policies that target volumes only]* The snapshot archiving rule for the schedule. When you specify an archiving rule, snapshots are automatically moved from the standard tier to the archive tier once the schedule's retention threshold is met. Snapshots are then retained in the archive tier for the archive retention period that you specify.\n\nFor more information about using snapshot archiving, see [Considerations for snapshot lifecycle policies](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/snapshot-ami-policy.html#dlm-archive) .", + "title": "ArchiveRule" + }, + "CopyTags": { + "markdownDescription": "Copy all user-defined tags on a source volume to snapshots of the volume created by this policy.", + "title": "CopyTags", + "type": "boolean" + }, + "CreateRule": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CreateRule", + "markdownDescription": "The creation rule.", + "title": "CreateRule" + }, + "CrossRegionCopyRules": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyRule" }, - "markdownDescription": "The identifiers of the subnets for the directory servers. The two subnets must be in different Availability Zones. AWS Directory Service specifies a directory server and a DNS server in each of these subnets.", - "title": "SubnetIds", + "markdownDescription": "Specifies a rule for copying snapshots or AMIs across Regions.\n\n> You can't specify cross-Region copy rules for policies that create snapshots on an Outpost or in a Local Zone. If the policy creates snapshots in a Region, then snapshots can be copied to up to three Regions or Outposts.", + "title": "CrossRegionCopyRules", "type": "array" }, - "VpcId": { - "markdownDescription": "The identifier of the VPC in which to create the directory.", - "title": "VpcId", + "DeprecateRule": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.DeprecateRule", + "markdownDescription": "*[Custom AMI policies only]* The AMI deprecation rule for the schedule.", + "title": "DeprecateRule" + }, + "FastRestoreRule": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.FastRestoreRule", + "markdownDescription": "*[Custom snapshot policies only]* The rule for enabling fast snapshot restore.", + "title": "FastRestoreRule" + }, + "Name": { + "markdownDescription": "The name of the schedule.", + "title": "Name", "type": "string" + }, + "RetainRule": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.RetainRule", + "markdownDescription": "The retention rule for snapshots or AMIs created by the policy.", + "title": "RetainRule" + }, + "ShareRules": { + "items": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.ShareRule" + }, + "markdownDescription": "*[Custom snapshot policies only]* The rule for sharing snapshots with other AWS accounts .", + "title": "ShareRules", + "type": "array" + }, + "TagsToAdd": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to apply to policy-created resources. These user-defined tags are in addition to the AWS -added lifecycle tags.", + "title": "TagsToAdd", + "type": "array" + }, + "VariableTags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "*[AMI policies and snapshot policies that target instances only]* A collection of key/value pairs with values determined dynamically when the policy is executed. Keys may be any valid Amazon EC2 tag key. Values must be in one of the two following formats: `$(instance-id)` or `$(timestamp)` . Variable tags are only valid for EBS Snapshot Management \u2013 Instance policies.", + "title": "VariableTags", + "type": "array" } }, - "required": [ - "SubnetIds", - "VpcId" - ], "type": "object" }, - "AWS::DocDB::DBCluster": { + "AWS::DLM::LifecyclePolicy.Script": { "additionalProperties": false, "properties": { - "Condition": { + "ExecuteOperationOnScriptFailure": { + "markdownDescription": "Indicates whether Amazon Data Lifecycle Manager should default to crash-consistent snapshots if the pre script fails.\n\n- To default to crash consistent snapshot if the pre script fails, specify `true` .\n- To skip the instance for snapshot creation if the pre script fails, specify `false` .\n\nThis parameter is supported only if you run a pre script. If you run a post script only, omit this parameter.\n\nDefault: true", + "title": "ExecuteOperationOnScriptFailure", + "type": "boolean" + }, + "ExecutionHandler": { + "markdownDescription": "The SSM document that includes the pre and/or post scripts to run.\n\n- If you are automating VSS backups, specify `AWS_VSS_BACKUP` . In this case, Amazon Data Lifecycle Manager automatically uses the `AWSEC2-CreateVssSnapshot` SSM document.\n- If you are automating application-consistent snapshots for SAP HANA workloads, specify `AWSSystemsManagerSAP-CreateDLMSnapshotForSAPHANA` .\n- If you are using a custom SSM document that you own, specify either the name or ARN of the SSM document. If you are using a custom SSM document that is shared with you, specify the ARN of the SSM document.", + "title": "ExecutionHandler", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ExecutionHandlerService": { + "markdownDescription": "Indicates the service used to execute the pre and/or post scripts.\n\n- If you are using custom SSM documents or automating application-consistent snapshots of SAP HANA workloads, specify `AWS_SYSTEMS_MANAGER` .\n- If you are automating VSS Backups, omit this parameter.\n\nDefault: AWS_SYSTEMS_MANAGER", + "title": "ExecutionHandlerService", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ExecutionTimeout": { + "markdownDescription": "Specifies a timeout period, in seconds, after which Amazon Data Lifecycle Manager fails the script run attempt if it has not completed. If a script does not complete within its timeout period, Amazon Data Lifecycle Manager fails the attempt. The timeout period applies to the pre and post scripts individually.\n\nIf you are automating VSS Backups, omit this parameter.\n\nDefault: 10", + "title": "ExecutionTimeout", + "type": "number" }, - "Metadata": { - "type": "object" + "MaximumRetryCount": { + "markdownDescription": "Specifies the number of times Amazon Data Lifecycle Manager should retry scripts that fail.\n\n- If the pre script fails, Amazon Data Lifecycle Manager retries the entire snapshot creation process, including running the pre and post scripts.\n- If the post script fails, Amazon Data Lifecycle Manager retries the post script only; in this case, the pre script will have completed and the snapshot might have been created.\n\nIf you do not want Amazon Data Lifecycle Manager to retry failed scripts, specify `0` .\n\nDefault: 0", + "title": "MaximumRetryCount", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AvailabilityZones": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of Amazon EC2 Availability Zones that instances in the cluster can be created in.", - "title": "AvailabilityZones", - "type": "array" - }, - "BackupRetentionPeriod": { - "markdownDescription": "The number of days for which automated backups are retained. You must specify a minimum value of 1.\n\nDefault: 1\n\nConstraints:\n\n- Must be a value from 1 to 35.", - "title": "BackupRetentionPeriod", - "type": "number" - }, - "CopyTagsToSnapshot": { - "markdownDescription": "Set to `true` to copy all tags from the source cluster snapshot to the target cluster snapshot, and otherwise `false` . The default is `false` .", - "title": "CopyTagsToSnapshot", - "type": "boolean" - }, - "DBClusterIdentifier": { - "markdownDescription": "The cluster identifier. This parameter is stored as a lowercase string.\n\nConstraints:\n\n- Must contain from 1 to 63 letters, numbers, or hyphens.\n- The first character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.\n\nExample: `my-cluster`", - "title": "DBClusterIdentifier", - "type": "string" - }, - "DBClusterParameterGroupName": { - "markdownDescription": "The name of the cluster parameter group to associate with this cluster.", - "title": "DBClusterParameterGroupName", - "type": "string" - }, - "DBSubnetGroupName": { - "markdownDescription": "A subnet group to associate with this cluster.\n\nConstraints: Must match the name of an existing `DBSubnetGroup` . Must not be default.\n\nExample: `mySubnetgroup`", - "title": "DBSubnetGroupName", - "type": "string" - }, - "DeletionProtection": { - "markdownDescription": "Protects clusters from being accidentally deleted. If enabled, the cluster cannot be deleted unless it is modified and `DeletionProtection` is disabled.", - "title": "DeletionProtection", - "type": "boolean" - }, - "EnableCloudwatchLogsExports": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of log types that need to be enabled for exporting to Amazon CloudWatch Logs. You can enable audit logs or profiler logs. For more information, see [Auditing Amazon DocumentDB Events](https://docs.aws.amazon.com/documentdb/latest/developerguide/event-auditing.html) and [Profiling Amazon DocumentDB Operations](https://docs.aws.amazon.com/documentdb/latest/developerguide/profiling.html) .", - "title": "EnableCloudwatchLogsExports", - "type": "array" - }, - "EngineVersion": { - "markdownDescription": "The version number of the database engine to use. The `--engine-version` will default to the latest major engine version. For production workloads, we recommend explicitly declaring this parameter with the intended major engine version.\n\nIf you intend to trigger an in-place upgrade, please refer to [Amazon DocumentDB in-place major version upgrade](https://docs.aws.amazon.com/documentdb/latest/developerguide/docdb-mvu.html) . Note that for an in-place engine version upgrade, you need to remove other cluster properties changes (e.g. SecurityGroupId) from the CFN template.", - "title": "EngineVersion", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "The AWS KMS key identifier for an encrypted cluster.\n\nThe AWS KMS key identifier is the Amazon Resource Name (ARN) for the AWS KMS encryption key. If you are creating a cluster using the same AWS account that owns the AWS KMS encryption key that is used to encrypt the new cluster, you can use the AWS KMS key alias instead of the ARN for the AWS KMS encryption key.\n\nIf an encryption key is not specified in `KmsKeyId` :\n\n- If the `StorageEncrypted` parameter is `true` , Amazon DocumentDB uses your default encryption key.\n\nAWS KMS creates the default encryption key for your AWS account . Your AWS account has a different default encryption key for each AWS Regions .", - "title": "KmsKeyId", - "type": "string" - }, - "MasterUserPassword": { - "markdownDescription": "The password for the master database user. This password can contain any printable ASCII character except forward slash (/), double quote (\"), or the \"at\" symbol (@).\n\nConstraints: Must contain from 8 to 100 characters.", - "title": "MasterUserPassword", - "type": "string" - }, - "MasterUsername": { - "markdownDescription": "The name of the master user for the cluster.\n\nConstraints:\n\n- Must be from 1 to 63 letters or numbers.\n- The first character must be a letter.\n- Cannot be a reserved word for the chosen database engine.", - "title": "MasterUsername", - "type": "string" - }, - "Port": { - "markdownDescription": "Specifies the port that the database engine is listening on.", - "title": "Port", - "type": "number" - }, - "PreferredBackupWindow": { - "markdownDescription": "The daily time range during which automated backups are created if automated backups are enabled using the `BackupRetentionPeriod` parameter.\n\nThe default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region .\n\nConstraints:\n\n- Must be in the format `hh24:mi-hh24:mi` .\n- Must be in Universal Coordinated Time (UTC).\n- Must not conflict with the preferred maintenance window.\n- Must be at least 30 minutes.", - "title": "PreferredBackupWindow", - "type": "string" - }, - "PreferredMaintenanceWindow": { - "markdownDescription": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n\nFormat: `ddd:hh24:mi-ddd:hh24:mi`\n\nThe default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region , occurring on a random day of the week.\n\nValid days: Mon, Tue, Wed, Thu, Fri, Sat, Sun\n\nConstraints: Minimum 30-minute window.", - "title": "PreferredMaintenanceWindow", - "type": "string" - }, - "RestoreToTime": { - "markdownDescription": "The date and time to restore the cluster to.\n\nValid values: A time in Universal Coordinated Time (UTC) format.\n\nConstraints:\n\n- Must be before the latest restorable time for the instance.\n- Must be specified if the `UseLatestRestorableTime` parameter is not provided.\n- Cannot be specified if the `UseLatestRestorableTime` parameter is `true` .\n- Cannot be specified if the `RestoreType` parameter is `copy-on-write` .\n\nExample: `2015-03-07T23:45:00Z`", - "title": "RestoreToTime", - "type": "string" - }, - "RestoreType": { - "markdownDescription": "The type of restore to be performed. You can specify one of the following values:\n\n- `full-copy` - The new DB cluster is restored as a full copy of the source DB cluster.\n- `copy-on-write` - The new DB cluster is restored as a clone of the source DB cluster.\n\nConstraints: You can't specify `copy-on-write` if the engine version of the source DB cluster is earlier than 1.11.\n\nIf you don't specify a `RestoreType` value, then the new DB cluster is restored as a full copy of the source DB cluster.", - "title": "RestoreType", - "type": "string" - }, - "SnapshotIdentifier": { - "markdownDescription": "The identifier for the snapshot or cluster snapshot to restore from.\n\nYou can use either the name or the Amazon Resource Name (ARN) to specify a cluster snapshot. However, you can use only the ARN to specify a snapshot.\n\nConstraints:\n\n- Must match the identifier of an existing snapshot.", - "title": "SnapshotIdentifier", - "type": "string" - }, - "SourceDBClusterIdentifier": { - "markdownDescription": "The identifier of the source cluster from which to restore.\n\nConstraints:\n\n- Must match the identifier of an existing `DBCluster` .", - "title": "SourceDBClusterIdentifier", - "type": "string" - }, - "StorageEncrypted": { - "markdownDescription": "Specifies whether the cluster is encrypted.\n\nIf you specify `SourceDBClusterIdentifier` or `SnapshotIdentifier` and don\u2019t specify `StorageEncrypted` , the encryption property is inherited from the source cluster or snapshot (unless `KMSKeyId` is specified, in which case the restored cluster will be encrypted with that KMS key). If the source is encrypted and `StorageEncrypted` is specified to be true, the restored cluster will be encrypted (if you want to use a different KMS key, specify the `KMSKeyId` property as well). If the source is unencrypted and `StorageEncrypted` is specified to be true, then the `KMSKeyId` property must be specified. If the source is encrypted, don\u2019t specify `StorageEncrypted` to be false as opting out of encryption is not allowed.", - "title": "StorageEncrypted", - "type": "boolean" - }, - "StorageType": { - "markdownDescription": "The storage type to associate with the DB cluster.\n\nFor information on storage types for Amazon DocumentDB clusters, see Cluster storage configurations in the *Amazon DocumentDB Developer Guide* .\n\nValid values for storage type - `standard | iopt1`\n\nDefault value is `standard`\n\n> When you create a DocumentDB DB cluster with the storage type set to `iopt1` , the storage type is returned in the response. The storage type isn't returned when you set it to `standard` .", - "title": "StorageType", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to be assigned to the cluster.", - "title": "Tags", - "type": "array" - }, - "UseLatestRestorableTime": { - "markdownDescription": "A value that is set to `true` to restore the cluster to the latest restorable backup time, and `false` otherwise.\n\nDefault: `false`\n\nConstraints: Cannot be specified if the `RestoreToTime` parameter is provided.", - "title": "UseLatestRestorableTime", - "type": "boolean" - }, - "VpcSecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of EC2 VPC security groups to associate with this cluster.", - "title": "VpcSecurityGroupIds", - "type": "array" - } + "Stages": { + "items": { + "type": "string" }, - "type": "object" + "markdownDescription": "Indicate which scripts Amazon Data Lifecycle Manager should run on target instances. Pre scripts run before Amazon Data Lifecycle Manager initiates snapshot creation. Post scripts run after Amazon Data Lifecycle Manager initiates snapshot creation.\n\n- To run a pre script only, specify `PRE` . In this case, Amazon Data Lifecycle Manager calls the SSM document with the `pre-script` parameter before initiating snapshot creation.\n- To run a post script only, specify `POST` . In this case, Amazon Data Lifecycle Manager calls the SSM document with the `post-script` parameter after initiating snapshot creation.\n- To run both pre and post scripts, specify both `PRE` and `POST` . In this case, Amazon Data Lifecycle Manager calls the SSM document with the `pre-script` parameter before initiating snapshot creation, and then it calls the SSM document again with the `post-script` parameter after initiating snapshot creation.\n\nIf you are automating VSS Backups, omit this parameter.\n\nDefault: PRE and POST", + "title": "Stages", + "type": "array" + } + }, + "type": "object" + }, + "AWS::DLM::LifecyclePolicy.ShareRule": { + "additionalProperties": false, + "properties": { + "TargetAccounts": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the AWS accounts with which to share the snapshots.", + "title": "TargetAccounts", + "type": "array" }, - "Type": { - "enum": [ - "AWS::DocDB::DBCluster" - ], - "type": "string" + "UnshareInterval": { + "markdownDescription": "The period after which snapshots that are shared with other AWS accounts are automatically unshared.", + "title": "UnshareInterval", + "type": "number" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "UnshareIntervalUnit": { + "markdownDescription": "The unit of time for the automatic unsharing interval.", + "title": "UnshareIntervalUnit", "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::DocDB::DBClusterParameterGroup": { + "AWS::DLM::LifecyclePolicy.VolumeTypeValues": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::DMS::Certificate": { "additionalProperties": false, "properties": { "Condition": { @@ -66703,45 +72831,27 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description for the cluster parameter group.", - "title": "Description", + "CertificateIdentifier": { + "markdownDescription": "A customer-assigned name for the certificate. Identifiers must begin with a letter and must contain only ASCII letters, digits, and hyphens. They can't end with a hyphen or contain two consecutive hyphens.", + "title": "CertificateIdentifier", "type": "string" }, - "Family": { - "markdownDescription": "The cluster parameter group family name.", - "title": "Family", + "CertificatePem": { + "markdownDescription": "The contents of a `.pem` file, which contains an X.509 certificate.", + "title": "CertificatePem", "type": "string" }, - "Name": { - "markdownDescription": "The name of the DB cluster parameter group.\n\nConstraints:\n\n- Must not match the name of an existing `DBClusterParameterGroup` .\n\n> This value is stored as a lowercase string.", - "title": "Name", + "CertificateWallet": { + "markdownDescription": "The location of an imported Oracle Wallet certificate for use with SSL. An example is: `filebase64(\"${path.root}/rds-ca-2019-root.sso\")`", + "title": "CertificateWallet", "type": "string" - }, - "Parameters": { - "markdownDescription": "Provides a list of parameters for the cluster parameter group.", - "title": "Parameters", - "type": "object" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to be assigned to the cluster parameter group.", - "title": "Tags", - "type": "array" } }, - "required": [ - "Description", - "Family", - "Parameters" - ], "type": "object" }, "Type": { "enum": [ - "AWS::DocDB::DBClusterParameterGroup" + "AWS::DMS::Certificate" ], "type": "string" }, @@ -66755,12 +72865,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::DocDB::DBInstance": { + "AWS::DMS::DataMigration": { "additionalProperties": false, "properties": { "Condition": { @@ -66795,69 +72904,63 @@ "Properties": { "additionalProperties": false, "properties": { - "AutoMinorVersionUpgrade": { - "markdownDescription": "This parameter does not apply to Amazon DocumentDB. Amazon DocumentDB does not perform minor version upgrades regardless of the value set.\n\nDefault: `false`", - "title": "AutoMinorVersionUpgrade", - "type": "boolean" - }, - "AvailabilityZone": { - "markdownDescription": "The Amazon EC2 Availability Zone that the instance is created in.\n\nDefault: A random, system-chosen Availability Zone in the endpoint's AWS Region .\n\nExample: `us-east-1d`", - "title": "AvailabilityZone", + "DataMigrationIdentifier": { + "markdownDescription": "", + "title": "DataMigrationIdentifier", "type": "string" }, - "CACertificateIdentifier": { - "markdownDescription": "The identifier of the CA certificate for this DB instance.", - "title": "CACertificateIdentifier", + "DataMigrationName": { + "markdownDescription": "The user-friendly name for the data migration.", + "title": "DataMigrationName", "type": "string" }, - "CertificateRotationRestart": { - "markdownDescription": "Specifies whether the DB instance is restarted when you rotate your SSL/TLS certificate.\n\nBy default, the DB instance is restarted when you rotate your SSL/TLS certificate. The certificate is not updated until the DB instance is restarted.\n\n> Set this parameter only if you are *not* using SSL/TLS to connect to the DB instance. \n\nIf you are using SSL/TLS to connect to the DB instance, see [Updating Your Amazon DocumentDB TLS Certificates](https://docs.aws.amazon.com/documentdb/latest/developerguide/ca_cert_rotation.html) and [Encrypting Data in Transit](https://docs.aws.amazon.com/documentdb/latest/developerguide/security.encryption.ssl.html) in the *Amazon DocumentDB Developer Guide* .", - "title": "CertificateRotationRestart", - "type": "boolean" + "DataMigrationSettings": { + "$ref": "#/definitions/AWS::DMS::DataMigration.DataMigrationSettings", + "markdownDescription": "Specifies CloudWatch settings and selection rules for the data migration.", + "title": "DataMigrationSettings" }, - "DBClusterIdentifier": { - "markdownDescription": "The identifier of the cluster that the instance will belong to.", - "title": "DBClusterIdentifier", + "DataMigrationType": { + "markdownDescription": "Specifies whether the data migration is full-load only, change data capture (CDC) only, or full-load and CDC.", + "title": "DataMigrationType", "type": "string" }, - "DBInstanceClass": { - "markdownDescription": "The compute and memory capacity of the instance; for example, `db.m4.large` . If you change the class of an instance there can be some interruption in the cluster's service.", - "title": "DBInstanceClass", + "MigrationProjectIdentifier": { + "markdownDescription": "", + "title": "MigrationProjectIdentifier", "type": "string" }, - "DBInstanceIdentifier": { - "markdownDescription": "The instance identifier. This parameter is stored as a lowercase string.\n\nConstraints:\n\n- Must contain from 1 to 63 letters, numbers, or hyphens.\n- The first character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.\n\nExample: `mydbinstance`", - "title": "DBInstanceIdentifier", + "ServiceAccessRoleArn": { + "markdownDescription": "The IAM role that the data migration uses to access AWS resources.", + "title": "ServiceAccessRoleArn", "type": "string" }, - "EnablePerformanceInsights": { - "markdownDescription": "A value that indicates whether to enable Performance Insights for the DB Instance. For more information, see [Using Amazon Performance Insights](https://docs.aws.amazon.com/documentdb/latest/developerguide/performance-insights.html) .", - "title": "EnablePerformanceInsights", - "type": "boolean" - }, - "PreferredMaintenanceWindow": { - "markdownDescription": "The time range each week during which system maintenance can occur, in Universal Coordinated Time (UTC).\n\nFormat: `ddd:hh24:mi-ddd:hh24:mi`\n\nThe default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region , occurring on a random day of the week.\n\nValid days: Mon, Tue, Wed, Thu, Fri, Sat, Sun\n\nConstraints: Minimum 30-minute window.", - "title": "PreferredMaintenanceWindow", - "type": "string" + "SourceDataSettings": { + "items": { + "$ref": "#/definitions/AWS::DMS::DataMigration.SourceDataSettings" + }, + "markdownDescription": "Specifies information about the data migration's source data provider.", + "title": "SourceDataSettings", + "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to be assigned to the instance. You can assign up to 10 tags to an instance.", + "markdownDescription": "", "title": "Tags", "type": "array" } }, "required": [ - "DBClusterIdentifier", - "DBInstanceClass" + "DataMigrationType", + "MigrationProjectIdentifier", + "ServiceAccessRoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::DocDB::DBInstance" + "AWS::DMS::DataMigration" ], "type": "string" }, @@ -66876,194 +72979,54 @@ ], "type": "object" }, - "AWS::DocDB::DBSubnetGroup": { + "AWS::DMS::DataMigration.DataMigrationSettings": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DBSubnetGroupDescription": { - "markdownDescription": "The description for the subnet group.", - "title": "DBSubnetGroupDescription", - "type": "string" - }, - "DBSubnetGroupName": { - "markdownDescription": "The name for the subnet group. This value is stored as a lowercase string.\n\nConstraints: Must contain no more than 255 letters, numbers, periods, underscores, spaces, or hyphens. Must not be default.\n\nExample: `mySubnetgroup`", - "title": "DBSubnetGroupName", - "type": "string" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon EC2 subnet IDs for the subnet group.", - "title": "SubnetIds", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to be assigned to the subnet group.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "DBSubnetGroupDescription", - "SubnetIds" - ], - "type": "object" + "CloudwatchLogsEnabled": { + "markdownDescription": "Whether to enable CloudWatch logging for the data migration.", + "title": "CloudwatchLogsEnabled", + "type": "boolean" }, - "Type": { - "enum": [ - "AWS::DocDB::DBSubnetGroup" - ], - "type": "string" + "NumberOfJobs": { + "markdownDescription": "The number of parallel jobs that trigger parallel threads to unload the tables from the source, and then load them to the target.", + "title": "NumberOfJobs", + "type": "number" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SelectionRules": { + "markdownDescription": "A JSON-formatted string that defines what objects to include and exclude from the migration.", + "title": "SelectionRules", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::DocDB::EventSubscription": { + "AWS::DMS::DataMigration.SourceDataSettings": { "additionalProperties": false, "properties": { - "Condition": { + "CDCStartPosition": { + "markdownDescription": "", + "title": "CDCStartPosition", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "CDCStartTime": { + "markdownDescription": "", + "title": "CDCStartTime", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "A Boolean value; set to `true` to activate the subscription, set to `false` to create the subscription but not active it.", - "title": "Enabled", - "type": "boolean" - }, - "EventCategories": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of event categories for a `SourceType` that you want to subscribe to.", - "title": "EventCategories", - "type": "array" - }, - "SnsTopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the SNS topic created for event notification. Amazon SNS creates the ARN when you create a topic and subscribe to it.", - "title": "SnsTopicArn", - "type": "string" - }, - "SourceIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of identifiers of the event sources for which events are returned. If not specified, then all sources are included in the response. An identifier must begin with a letter and must contain only ASCII letters, digits, and hyphens; it can't end with a hyphen or contain two consecutive hyphens.\n\nConstraints:\n\n- If `SourceIds` are provided, `SourceType` must also be provided.\n- If the source type is an instance, a `DBInstanceIdentifier` must be provided.\n- If the source type is a security group, a `DBSecurityGroupName` must be provided.\n- If the source type is a parameter group, a `DBParameterGroupName` must be provided.\n- If the source type is a snapshot, a `DBSnapshotIdentifier` must be provided.", - "title": "SourceIds", - "type": "array" - }, - "SourceType": { - "markdownDescription": "The type of source that is generating the events. For example, if you want to be notified of events generated by an instance, you would set this parameter to `db-instance` . If this value is not specified, all events are returned.\n\nValid values: `db-instance` , `db-cluster` , `db-parameter-group` , `db-security-group` , `db-cluster-snapshot`", - "title": "SourceType", - "type": "string" - }, - "SubscriptionName": { - "markdownDescription": "The name of the subscription.\n\nConstraints: The name must be fewer than 255 characters.", - "title": "SubscriptionName", - "type": "string" - } - }, - "required": [ - "SnsTopicArn" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::DocDB::EventSubscription" - ], + "CDCStopTime": { + "markdownDescription": "", + "title": "CDCStopTime", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SlotName": { + "markdownDescription": "", + "title": "SlotName", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::DocDBElastic::Cluster": { + "AWS::DMS::DataProvider": { "additionalProperties": false, "properties": { "Condition": { @@ -67098,98 +73061,53 @@ "Properties": { "additionalProperties": false, "properties": { - "AdminUserName": { - "markdownDescription": "The name of the Amazon DocumentDB elastic clusters administrator.\n\n*Constraints* :\n\n- Must be from 1 to 63 letters or numbers.\n- The first character must be a letter.\n- Cannot be a reserved word.", - "title": "AdminUserName", - "type": "string" - }, - "AdminUserPassword": { - "markdownDescription": "The password for the Elastic DocumentDB cluster administrator and can contain any printable ASCII characters.\n\n*Constraints* :\n\n- Must contain from 8 to 100 characters.\n- Cannot contain a forward slash (/), double quote (\"), or the \"at\" symbol (@).\n- A valid `AdminUserName` entry is also required.", - "title": "AdminUserPassword", - "type": "string" - }, - "AuthType": { - "markdownDescription": "The authentication type used to determine where to fetch the password used for accessing the elastic cluster. Valid types are `PLAIN_TEXT` or `SECRET_ARN` .", - "title": "AuthType", - "type": "string" - }, - "BackupRetentionPeriod": { - "markdownDescription": "The number of days for which automatic snapshots are retained.", - "title": "BackupRetentionPeriod", - "type": "number" - }, - "ClusterName": { - "markdownDescription": "The name of the new elastic cluster. This parameter is stored as a lowercase string.\n\n*Constraints* :\n\n- Must contain from 1 to 63 letters, numbers, or hyphens.\n- The first character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.\n\n*Example* : `my-cluster`", - "title": "ClusterName", + "DataProviderIdentifier": { + "markdownDescription": "The identifier of the data provider. Identifiers must begin with a letter and must contain only ASCII letters, digits, and hyphens. They can't end with a hyphen, or contain two consecutive hyphens.", + "title": "DataProviderIdentifier", "type": "string" }, - "KmsKeyId": { - "markdownDescription": "The KMS key identifier to use to encrypt the new elastic cluster.\n\nThe KMS key identifier is the Amazon Resource Name (ARN) for the KMS encryption key. If you are creating a cluster using the same Amazon account that owns this KMS encryption key, you can use the KMS key alias instead of the ARN as the KMS encryption key.\n\nIf an encryption key is not specified, Amazon DocumentDB uses the default encryption key that KMS creates for your account. Your account has a different default encryption key for each Amazon Region.", - "title": "KmsKeyId", + "DataProviderName": { + "markdownDescription": "The name of the data provider.", + "title": "DataProviderName", "type": "string" }, - "PreferredBackupWindow": { - "markdownDescription": "The daily time range during which automated backups are created if automated backups are enabled, as determined by `backupRetentionPeriod` .", - "title": "PreferredBackupWindow", + "Description": { + "markdownDescription": "A description of the data provider. Descriptions can have up to 31 characters. A description can contain only ASCII letters, digits, and hyphens ('-'). Also, it can't end with a hyphen or contain two consecutive hyphens, and can only begin with a letter.", + "title": "Description", "type": "string" }, - "PreferredMaintenanceWindow": { - "markdownDescription": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n\n*Format* : `ddd:hh24:mi-ddd:hh24:mi`\n\n*Default* : a 30-minute window selected at random from an 8-hour block of time for each AWS Region , occurring on a random day of the week.\n\n*Valid days* : Mon, Tue, Wed, Thu, Fri, Sat, Sun\n\n*Constraints* : Minimum 30-minute window.", - "title": "PreferredMaintenanceWindow", + "Engine": { + "markdownDescription": "The type of database engine for the data provider. Valid values include `\"aurora\"` , `\"aurora-postgresql\"` , `\"mysql\"` , `\"oracle\"` , `\"postgres\"` , `\"sqlserver\"` , `redshift` , `mariadb` , `mongodb` , `db2` , `db2-zos` and `docdb` . A value of `\"aurora\"` represents Amazon Aurora MySQL-Compatible Edition.", + "title": "Engine", "type": "string" }, - "ShardCapacity": { - "markdownDescription": "The number of vCPUs assigned to each elastic cluster shard. Maximum is 64. Allowed values are 2, 4, 8, 16, 32, 64.", - "title": "ShardCapacity", - "type": "number" - }, - "ShardCount": { - "markdownDescription": "The number of shards assigned to the elastic cluster. Maximum is 32.", - "title": "ShardCount", - "type": "number" - }, - "ShardInstanceCount": { - "markdownDescription": "The number of replica instances applying to all shards in the cluster. A `shardInstanceCount` value of 1 means there is one writer instance, and any additional instances are replicas that can be used for reads and to improve availability.", - "title": "ShardInstanceCount", - "type": "number" + "ExactSettings": { + "markdownDescription": "", + "title": "ExactSettings", + "type": "boolean" }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon EC2 subnet IDs for the new elastic cluster.", - "title": "SubnetIds", - "type": "array" + "Settings": { + "$ref": "#/definitions/AWS::DMS::DataProvider.Settings", + "markdownDescription": "The settings in JSON format for a data provider.", + "title": "Settings" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to be assigned to the new elastic cluster.", + "markdownDescription": "", "title": "Tags", "type": "array" - }, - "VpcSecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of EC2 VPC security groups to associate with the new elastic cluster.", - "title": "VpcSecurityGroupIds", - "type": "array" } }, "required": [ - "AdminUserName", - "AuthType", - "ClusterName", - "ShardCapacity", - "ShardCount" + "Engine" ], "type": "object" }, "Type": { "enum": [ - "AWS::DocDBElastic::Cluster" + "AWS::DMS::DataProvider" ], "type": "string" }, @@ -67208,599 +73126,452 @@ ], "type": "object" }, - "AWS::DynamoDB::GlobalTable": { + "AWS::DMS::DataProvider.DocDbSettings": { "additionalProperties": false, "properties": { - "Condition": { + "CertificateArn": { + "markdownDescription": "", + "title": "CertificateArn", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DatabaseName": { + "markdownDescription": "The database name on the DocumentDB source endpoint.", + "title": "DatabaseName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AttributeDefinitions": { - "items": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.AttributeDefinition" - }, - "markdownDescription": "A list of attributes that describe the key schema for the global table and indexes.", - "title": "AttributeDefinitions", - "type": "array" - }, - "BillingMode": { - "markdownDescription": "Specifies how you are charged for read and write throughput and how you manage capacity. Valid values are:\n\n- `PAY_PER_REQUEST`\n- `PROVISIONED`\n\nAll replicas in your global table will have the same billing mode. If you use `PROVISIONED` billing mode, you must provide an auto scaling configuration via the `WriteProvisionedThroughputSettings` property. The default value of this property is `PROVISIONED` .", - "title": "BillingMode", - "type": "string" - }, - "GlobalSecondaryIndexes": { - "items": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.GlobalSecondaryIndex" - }, - "markdownDescription": "Global secondary indexes to be created on the global table. You can create up to 20 global secondary indexes. Each replica in your global table will have the same global secondary index settings. You can only create or delete one global secondary index in a single stack operation.\n\nSince the backfilling of an index could take a long time, CloudFormation does not wait for the index to become active. If a stack operation rolls back, CloudFormation might not delete an index that has been added. In that case, you will need to delete the index manually.", - "title": "GlobalSecondaryIndexes", - "type": "array" - }, - "KeySchema": { - "items": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.KeySchema" - }, - "markdownDescription": "Specifies the attributes that make up the primary key for the table. The attributes in the `KeySchema` property must also be defined in the `AttributeDefinitions` property.", - "title": "KeySchema", - "type": "array" - }, - "LocalSecondaryIndexes": { - "items": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.LocalSecondaryIndex" - }, - "markdownDescription": "Local secondary indexes to be created on the table. You can create up to five local secondary indexes. Each index is scoped to a given hash key value. The size of each hash key can be up to 10 gigabytes. Each replica in your global table will have the same local secondary index settings.", - "title": "LocalSecondaryIndexes", - "type": "array" - }, - "Replicas": { - "items": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReplicaSpecification" - }, - "markdownDescription": "Specifies the list of replicas for your global table. The list must contain at least one element, the region where the stack defining the global table is deployed. For example, if you define your table in a stack deployed to us-east-1, you must have an entry in `Replicas` with the region us-east-1. You cannot remove the replica in the stack region.\n\n> Adding a replica might take a few minutes for an empty table, or up to several hours for large tables. If you want to add or remove a replica, we recommend submitting an `UpdateStack` operation containing only that change.\n> \n> If you add or delete a replica during an update, we recommend that you don't update any other resources. If your stack fails to update and is rolled back while adding a new replica, you might need to manually delete the replica. \n\nYou can create a new global table with as many replicas as needed. You can add or remove replicas after table creation, but you can only add or remove a single replica in each update.", - "title": "Replicas", - "type": "array" - }, - "SSESpecification": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.SSESpecification", - "markdownDescription": "Specifies the settings to enable server-side encryption. These settings will be applied to all replicas. If you plan to use customer-managed KMS keys, you must provide a key for each replica using the `ReplicaSpecification.ReplicaSSESpecification` property.", - "title": "SSESpecification" - }, - "StreamSpecification": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.StreamSpecification", - "markdownDescription": "Specifies the streams settings on your global table. You must provide a value for this property if your global table contains more than one replica. You can only change the streams settings if your global table has only one replica.", - "title": "StreamSpecification" - }, - "TableName": { - "markdownDescription": "A name for the global table. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID as the table name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "TableName", - "type": "string" - }, - "TimeToLiveSpecification": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.TimeToLiveSpecification", - "markdownDescription": "Specifies the time to live (TTL) settings for the table. This setting will be applied to all replicas.", - "title": "TimeToLiveSpecification" - }, - "WriteProvisionedThroughputSettings": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.WriteProvisionedThroughputSettings", - "markdownDescription": "Specifies an auto scaling policy for write capacity. This policy will be applied to all replicas. This setting must be specified if `BillingMode` is set to `PROVISIONED` .", - "title": "WriteProvisionedThroughputSettings" - } - }, - "required": [ - "AttributeDefinitions", - "KeySchema", - "Replicas" - ], - "type": "object" + "Port": { + "markdownDescription": "The port value for the DocumentDB source endpoint.", + "title": "Port", + "type": "number" }, - "Type": { - "enum": [ - "AWS::DynamoDB::GlobalTable" - ], + "ServerName": { + "markdownDescription": "The name of the server on the DocumentDB source endpoint.", + "title": "ServerName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SslMode": { + "markdownDescription": "", + "title": "SslMode", "type": "string" } }, "required": [ - "Type", - "Properties" + "DatabaseName", + "Port", + "ServerName" ], "type": "object" }, - "AWS::DynamoDB::GlobalTable.AttributeDefinition": { + "AWS::DMS::DataProvider.IbmDb2LuwSettings": { "additionalProperties": false, "properties": { - "AttributeName": { - "markdownDescription": "A name for the attribute.", - "title": "AttributeName", + "CertificateArn": { + "markdownDescription": "", + "title": "CertificateArn", "type": "string" }, - "AttributeType": { - "markdownDescription": "The data type for the attribute, where:\n\n- `S` - the attribute is of type String\n- `N` - the attribute is of type Number\n- `B` - the attribute is of type Binary", - "title": "AttributeType", + "DatabaseName": { + "markdownDescription": "", + "title": "DatabaseName", "type": "string" - } - }, - "required": [ - "AttributeName", - "AttributeType" - ], - "type": "object" - }, - "AWS::DynamoDB::GlobalTable.CapacityAutoScalingSettings": { - "additionalProperties": false, - "properties": { - "MaxCapacity": { - "markdownDescription": "The maximum provisioned capacity units for the global table.", - "title": "MaxCapacity", - "type": "number" }, - "MinCapacity": { - "markdownDescription": "The minimum provisioned capacity units for the global table.", - "title": "MinCapacity", + "Port": { + "markdownDescription": "", + "title": "Port", "type": "number" }, - "SeedCapacity": { - "markdownDescription": "When switching billing mode from `PAY_PER_REQUEST` to `PROVISIONED` , DynamoDB requires you to specify read and write capacity unit values for the table and for each global secondary index. These values will be applied to all replicas. The table will use these provisioned values until CloudFormation creates the autoscaling policies you configured in your template. CloudFormation cannot determine what capacity the table and its global secondary indexes will require in this time period, since they are application-dependent.\n\nIf you want to switch a table's billing mode from `PAY_PER_REQUEST` to `PROVISIONED` , you must specify a value for this property for each autoscaled resource. If you specify different values for the same resource in different regions, CloudFormation will use the highest value found in either the `SeedCapacity` or `ReadCapacityUnits` properties. For example, if your global secondary index `myGSI` has a `SeedCapacity` of 10 in us-east-1 and a fixed `ReadCapacityUnits` of 20 in eu-west-1, CloudFormation will initially set the read capacity for `myGSI` to 20. Note that if you disable `ScaleIn` for `myGSI` in us-east-1, its read capacity units might not be set back to 10.\n\nYou must also specify a value for `SeedCapacity` when you plan to switch a table's billing mode from `PROVISIONED` to `PAY_PER_REQUEST` , because CloudFormation might need to roll back the operation (reverting the billing mode to `PROVISIONED` ) and this cannot succeed without specifying a value for `SeedCapacity` .", - "title": "SeedCapacity", - "type": "number" + "ServerName": { + "markdownDescription": "", + "title": "ServerName", + "type": "string" }, - "TargetTrackingScalingPolicyConfiguration": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.TargetTrackingScalingPolicyConfiguration", - "markdownDescription": "Defines a target tracking scaling policy.", - "title": "TargetTrackingScalingPolicyConfiguration" - } - }, - "required": [ - "MaxCapacity", - "MinCapacity", - "TargetTrackingScalingPolicyConfiguration" - ], - "type": "object" - }, - "AWS::DynamoDB::GlobalTable.ContributorInsightsSpecification": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Indicates whether CloudWatch Contributor Insights are to be enabled (true) or disabled (false).", - "title": "Enabled", - "type": "boolean" + "SslMode": { + "markdownDescription": "", + "title": "SslMode", + "type": "string" } }, "required": [ - "Enabled" + "DatabaseName", + "Port", + "ServerName", + "SslMode" ], "type": "object" }, - "AWS::DynamoDB::GlobalTable.GlobalSecondaryIndex": { + "AWS::DMS::DataProvider.IbmDb2zOsSettings": { "additionalProperties": false, "properties": { - "IndexName": { - "markdownDescription": "The name of the global secondary index. The name must be unique among all other indexes on this table.", - "title": "IndexName", + "CertificateArn": { + "markdownDescription": "", + "title": "CertificateArn", "type": "string" }, - "KeySchema": { - "items": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.KeySchema" - }, - "markdownDescription": "The complete key schema for a global secondary index, which consists of one or more pairs of attribute names and key types:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.", - "title": "KeySchema", - "type": "array" + "DatabaseName": { + "markdownDescription": "", + "title": "DatabaseName", + "type": "string" }, - "Projection": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.Projection", - "markdownDescription": "Represents attributes that are copied (projected) from the table into the global secondary index. These are in addition to the primary key attributes and index key attributes, which are automatically projected.", - "title": "Projection" + "Port": { + "markdownDescription": "", + "title": "Port", + "type": "number" }, - "WriteProvisionedThroughputSettings": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.WriteProvisionedThroughputSettings", - "markdownDescription": "Defines write capacity settings for the global secondary index. You must specify a value for this property if the table's `BillingMode` is `PROVISIONED` . All replicas will have the same write capacity settings for this global secondary index.", - "title": "WriteProvisionedThroughputSettings" - } - }, - "required": [ - "IndexName", - "KeySchema", - "Projection" - ], - "type": "object" - }, - "AWS::DynamoDB::GlobalTable.KeySchema": { - "additionalProperties": false, - "properties": { - "AttributeName": { - "markdownDescription": "The name of a key attribute.", - "title": "AttributeName", + "ServerName": { + "markdownDescription": "", + "title": "ServerName", "type": "string" }, - "KeyType": { - "markdownDescription": "The role that this key attribute will assume:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.", - "title": "KeyType", + "SslMode": { + "markdownDescription": "", + "title": "SslMode", "type": "string" } }, "required": [ - "AttributeName", - "KeyType" + "DatabaseName", + "Port", + "ServerName", + "SslMode" ], "type": "object" }, - "AWS::DynamoDB::GlobalTable.KinesisStreamSpecification": { + "AWS::DMS::DataProvider.MariaDbSettings": { "additionalProperties": false, "properties": { - "ApproximateCreationDateTimePrecision": { - "markdownDescription": "The precision for the time and date that the stream was created.", - "title": "ApproximateCreationDateTimePrecision", + "CertificateArn": { + "markdownDescription": "", + "title": "CertificateArn", "type": "string" }, - "StreamArn": { - "markdownDescription": "The ARN for a specific Kinesis data stream.", - "title": "StreamArn", + "Port": { + "markdownDescription": "", + "title": "Port", + "type": "number" + }, + "ServerName": { + "markdownDescription": "", + "title": "ServerName", + "type": "string" + }, + "SslMode": { + "markdownDescription": "", + "title": "SslMode", "type": "string" } }, "required": [ - "StreamArn" + "Port", + "ServerName", + "SslMode" ], "type": "object" }, - "AWS::DynamoDB::GlobalTable.LocalSecondaryIndex": { + "AWS::DMS::DataProvider.MicrosoftSqlServerSettings": { "additionalProperties": false, "properties": { - "IndexName": { - "markdownDescription": "The name of the local secondary index. The name must be unique among all other indexes on this table.", - "title": "IndexName", + "CertificateArn": { + "markdownDescription": "", + "title": "CertificateArn", "type": "string" }, - "KeySchema": { - "items": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.KeySchema" - }, - "markdownDescription": "The complete key schema for the local secondary index, consisting of one or more pairs of attribute names and key types:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.", - "title": "KeySchema", - "type": "array" + "DatabaseName": { + "markdownDescription": "Database name for the endpoint.", + "title": "DatabaseName", + "type": "string" }, - "Projection": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.Projection", - "markdownDescription": "Represents attributes that are copied (projected) from the table into the local secondary index. These are in addition to the primary key attributes and index key attributes, which are automatically projected.", - "title": "Projection" + "Port": { + "markdownDescription": "Endpoint TCP port.", + "title": "Port", + "type": "number" + }, + "ServerName": { + "markdownDescription": "Fully qualified domain name of the endpoint. For an Amazon RDS SQL Server instance, this is the output of [DescribeDBInstances](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html) , in the `[Endpoint](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_Endpoint.html) .Address` field.", + "title": "ServerName", + "type": "string" + }, + "SslMode": { + "markdownDescription": "", + "title": "SslMode", + "type": "string" } }, "required": [ - "IndexName", - "KeySchema", - "Projection" + "DatabaseName", + "Port", + "ServerName", + "SslMode" ], "type": "object" }, - "AWS::DynamoDB::GlobalTable.PointInTimeRecoverySpecification": { - "additionalProperties": false, - "properties": { - "PointInTimeRecoveryEnabled": { - "markdownDescription": "Indicates whether point in time recovery is enabled (true) or disabled (false) on the table.", - "title": "PointInTimeRecoveryEnabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::DynamoDB::GlobalTable.Projection": { + "AWS::DMS::DataProvider.MongoDbSettings": { "additionalProperties": false, "properties": { - "NonKeyAttributes": { - "items": { - "type": "string" - }, - "markdownDescription": "Represents the non-key attribute names which will be projected into the index.\n\nFor global and local secondary indexes, the total count of `NonKeyAttributes` summed across all of the secondary indexes, must not exceed 100. If you project the same attribute into two different indexes, this counts as two distinct attributes when determining the total. This limit only applies when you specify the ProjectionType of `INCLUDE` . You still can specify the ProjectionType of `ALL` to project all attributes from the source table, even if the table has more than 100 attributes.", - "title": "NonKeyAttributes", - "type": "array" + "AuthMechanism": { + "markdownDescription": "The authentication mechanism you use to access the MongoDB source endpoint.\n\nFor the default value, in MongoDB version 2.x, `\"default\"` is `\"mongodb_cr\"` . For MongoDB version 3.x or later, `\"default\"` is `\"scram_sha_1\"` . This setting isn't used when `AuthType` is set to `\"no\"` .", + "title": "AuthMechanism", + "type": "string" }, - "ProjectionType": { - "markdownDescription": "The set of attributes that are projected into the index:\n\n- `KEYS_ONLY` - Only the index and primary keys are projected into the index.\n- `INCLUDE` - In addition to the attributes described in `KEYS_ONLY` , the secondary index will include other non-key attributes that you specify.\n- `ALL` - All of the table attributes are projected into the index.\n\nWhen using the DynamoDB console, `ALL` is selected by default.", - "title": "ProjectionType", + "AuthSource": { + "markdownDescription": "The MongoDB database name. This setting isn't used when `AuthType` is set to `\"no\"` .\n\nThe default is `\"admin\"` .", + "title": "AuthSource", "type": "string" - } - }, - "type": "object" - }, - "AWS::DynamoDB::GlobalTable.ReadProvisionedThroughputSettings": { - "additionalProperties": false, - "properties": { - "ReadCapacityAutoScalingSettings": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.CapacityAutoScalingSettings", - "markdownDescription": "Specifies auto scaling settings for the replica table or global secondary index.", - "title": "ReadCapacityAutoScalingSettings" }, - "ReadCapacityUnits": { - "markdownDescription": "Specifies a fixed read capacity for the replica table or global secondary index.", - "title": "ReadCapacityUnits", + "AuthType": { + "markdownDescription": "The authentication type you use to access the MongoDB source endpoint.\n\nWhen when set to `\"no\"` , user name and password parameters are not used and can be empty.", + "title": "AuthType", + "type": "string" + }, + "CertificateArn": { + "markdownDescription": "", + "title": "CertificateArn", + "type": "string" + }, + "DatabaseName": { + "markdownDescription": "The database name on the MongoDB source endpoint.", + "title": "DatabaseName", + "type": "string" + }, + "Port": { + "markdownDescription": "The port value for the MongoDB source endpoint.", + "title": "Port", "type": "number" - } - }, - "type": "object" - }, - "AWS::DynamoDB::GlobalTable.ReplicaGlobalSecondaryIndexSpecification": { - "additionalProperties": false, - "properties": { - "ContributorInsightsSpecification": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ContributorInsightsSpecification", - "markdownDescription": "Updates the status for contributor insights for a specific table or index. CloudWatch Contributor Insights for DynamoDB graphs display the partition key and (if applicable) sort key of frequently accessed items and frequently throttled items in plaintext. If you require the use of AWS Key Management Service (KMS) to encrypt this table\u2019s partition key and sort key data with an AWS managed key or customer managed key, you should not enable CloudWatch Contributor Insights for DynamoDB for this table.", - "title": "ContributorInsightsSpecification" }, - "IndexName": { - "markdownDescription": "The name of the global secondary index. The name must be unique among all other indexes on this table.", - "title": "IndexName", + "ServerName": { + "markdownDescription": "The name of the server on the MongoDB source endpoint. For MongoDB Atlas, provide the server name for any of the servers in the replication set.", + "title": "ServerName", "type": "string" }, - "ReadProvisionedThroughputSettings": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReadProvisionedThroughputSettings", - "markdownDescription": "Allows you to specify the read capacity settings for a replica global secondary index when the `BillingMode` is set to `PROVISIONED` .", - "title": "ReadProvisionedThroughputSettings" + "SslMode": { + "markdownDescription": "", + "title": "SslMode", + "type": "string" } }, "required": [ - "IndexName" + "Port", + "ServerName" ], "type": "object" }, - "AWS::DynamoDB::GlobalTable.ReplicaSSESpecification": { + "AWS::DMS::DataProvider.MySqlSettings": { "additionalProperties": false, "properties": { - "KMSMasterKeyId": { - "markdownDescription": "The AWS KMS key that should be used for the AWS KMS encryption. To specify a key, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. Note that you should only provide this parameter if the key is different from the default DynamoDB key `alias/aws/dynamodb` .", - "title": "KMSMasterKeyId", + "CertificateArn": { + "markdownDescription": "", + "title": "CertificateArn", + "type": "string" + }, + "Port": { + "markdownDescription": "Endpoint TCP port.", + "title": "Port", + "type": "number" + }, + "ServerName": { + "markdownDescription": "The host name of the endpoint database.\n\nFor an Amazon RDS MySQL instance, this is the output of [DescribeDBInstances](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html) , in the `[Endpoint](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_Endpoint.html) .Address` field.\n\nFor an Aurora MySQL instance, this is the output of [DescribeDBClusters](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBClusters.html) , in the `Endpoint` field.", + "title": "ServerName", + "type": "string" + }, + "SslMode": { + "markdownDescription": "", + "title": "SslMode", "type": "string" } }, "required": [ - "KMSMasterKeyId" + "Port", + "ServerName", + "SslMode" ], "type": "object" }, - "AWS::DynamoDB::GlobalTable.ReplicaSpecification": { + "AWS::DMS::DataProvider.OracleSettings": { "additionalProperties": false, "properties": { - "ContributorInsightsSpecification": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ContributorInsightsSpecification", - "markdownDescription": "The settings used to enable or disable CloudWatch Contributor Insights for the specified replica. When not specified, defaults to contributor insights disabled for the replica.", - "title": "ContributorInsightsSpecification" - }, - "DeletionProtectionEnabled": { - "markdownDescription": "Determines if a replica is protected from deletion. When enabled, the table cannot be deleted by any user or process. This setting is disabled by default. For more information, see [Using deletion protection](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/WorkingWithTables.Basics.html#WorkingWithTables.Basics.DeletionProtection) in the *Amazon DynamoDB Developer Guide* .", - "title": "DeletionProtectionEnabled", - "type": "boolean" - }, - "GlobalSecondaryIndexes": { - "items": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReplicaGlobalSecondaryIndexSpecification" - }, - "markdownDescription": "Defines additional settings for the global secondary indexes of this replica.", - "title": "GlobalSecondaryIndexes", - "type": "array" + "AsmServer": { + "markdownDescription": "For an Oracle source endpoint, your ASM server address. You can set this value from the `asm_server` value. You set `asm_server` as part of the extra connection attribute string to access an Oracle server with Binary Reader that uses ASM. For more information, see [Configuration for change data capture (CDC) on an Oracle source database](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.CDC.Configuration) .", + "title": "AsmServer", + "type": "string" }, - "KinesisStreamSpecification": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.KinesisStreamSpecification", - "markdownDescription": "Defines the Kinesis Data Streams configuration for the specified replica.", - "title": "KinesisStreamSpecification" + "CertificateArn": { + "markdownDescription": "", + "title": "CertificateArn", + "type": "string" }, - "PointInTimeRecoverySpecification": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.PointInTimeRecoverySpecification", - "markdownDescription": "The settings used to enable point in time recovery. When not specified, defaults to point in time recovery disabled for the replica.", - "title": "PointInTimeRecoverySpecification" + "DatabaseName": { + "markdownDescription": "Database name for the endpoint.", + "title": "DatabaseName", + "type": "string" }, - "ReadProvisionedThroughputSettings": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReadProvisionedThroughputSettings", - "markdownDescription": "Defines read capacity settings for the replica table.", - "title": "ReadProvisionedThroughputSettings" + "Port": { + "markdownDescription": "Endpoint TCP port.", + "title": "Port", + "type": "number" }, - "Region": { - "markdownDescription": "The region in which this replica exists.", - "title": "Region", + "SecretsManagerOracleAsmAccessRoleArn": { + "markdownDescription": "Required only if your Oracle endpoint uses Automatic Storage Management (ASM). The full ARN of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the `SecretsManagerOracleAsmSecret` . This `SecretsManagerOracleAsmSecret` has the secret value that allows access to the Oracle ASM of the endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerOracleAsmSecretId` . Or you can specify clear-text values for `AsmUser` , `AsmPassword` , and `AsmServerName` . You can't specify both. For more information on creating this `SecretsManagerOracleAsmSecret` and the `SecretsManagerOracleAsmAccessRoleArn` and `SecretsManagerOracleAsmSecretId` required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", + "title": "SecretsManagerOracleAsmAccessRoleArn", "type": "string" }, - "ReplicaStreamSpecification": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReplicaStreamSpecification", - "markdownDescription": "Represents the DynamoDB Streams configuration for a global table replica.", - "title": "ReplicaStreamSpecification" - }, - "ResourcePolicy": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ResourcePolicy", - "markdownDescription": "A resource-based policy document that contains permissions to add to the specified replica of a DynamoDB global table. Resource-based policies let you define access permissions by specifying who has access to each resource, and the actions they are allowed to perform on each resource.\n\nIn a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) .", - "title": "ResourcePolicy" + "SecretsManagerOracleAsmSecretId": { + "markdownDescription": "Required only if your Oracle endpoint uses Automatic Storage Management (ASM). The full ARN, partial ARN, or friendly name of the `SecretsManagerOracleAsmSecret` that contains the Oracle ASM connection details for the Oracle endpoint.", + "title": "SecretsManagerOracleAsmSecretId", + "type": "string" }, - "SSESpecification": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReplicaSSESpecification", - "markdownDescription": "Allows you to specify a customer-managed key for the replica. When using customer-managed keys for server-side encryption, this property must have a value in all replicas.", - "title": "SSESpecification" + "SecretsManagerSecurityDbEncryptionAccessRoleArn": { + "markdownDescription": "", + "title": "SecretsManagerSecurityDbEncryptionAccessRoleArn", + "type": "string" }, - "TableClass": { - "markdownDescription": "The table class of the specified table. Valid values are `STANDARD` and `STANDARD_INFREQUENT_ACCESS` .", - "title": "TableClass", + "SecretsManagerSecurityDbEncryptionSecretId": { + "markdownDescription": "", + "title": "SecretsManagerSecurityDbEncryptionSecretId", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this replica.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Region" - ], - "type": "object" - }, - "AWS::DynamoDB::GlobalTable.ReplicaStreamSpecification": { - "additionalProperties": false, - "properties": { - "ResourcePolicy": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ResourcePolicy", - "markdownDescription": "A resource-based policy document that contains the permissions for the specified stream of a DynamoDB global table replica. Resource-based policies let you define access permissions by specifying who has access to each resource, and the actions they are allowed to perform on each resource.\n\nIn a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) .\n\nYou can update the `ResourcePolicy` property if you've specified more than one table using the [AWS ::DynamoDB::GlobalTable](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-globaltable.html) resource.", - "title": "ResourcePolicy" - } - }, - "required": [ - "ResourcePolicy" - ], - "type": "object" - }, - "AWS::DynamoDB::GlobalTable.ResourcePolicy": { - "additionalProperties": false, - "properties": { - "PolicyDocument": { - "markdownDescription": "A resource-based policy document that contains permissions to add to the specified DynamoDB table, its indexes, and stream. In a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) .", - "title": "PolicyDocument", - "type": "object" - } - }, - "required": [ - "PolicyDocument" - ], - "type": "object" - }, - "AWS::DynamoDB::GlobalTable.SSESpecification": { - "additionalProperties": false, - "properties": { - "SSEEnabled": { - "markdownDescription": "Indicates whether server-side encryption is performed using an AWS managed key or an AWS owned key. If enabled (true), server-side encryption type is set to KMS and an AWS managed key is used ( AWS KMS charges apply). If disabled (false) or not specified,server-side encryption is set to an AWS owned key. If you choose to use KMS encryption, you can also use customer managed KMS keys by specifying them in the `ReplicaSpecification.SSESpecification` object. You cannot mix AWS managed and customer managed KMS keys.", - "title": "SSEEnabled", - "type": "boolean" + "ServerName": { + "markdownDescription": "Fully qualified domain name of the endpoint.\n\nFor an Amazon RDS Oracle instance, this is the output of [DescribeDBInstances](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html) , in the `[Endpoint](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_Endpoint.html) .Address` field.", + "title": "ServerName", + "type": "string" }, - "SSEType": { - "markdownDescription": "Server-side encryption type. The only supported value is:\n\n- `KMS` - Server-side encryption that uses AWS Key Management Service . The key is stored in your account and is managed by AWS KMS ( AWS KMS charges apply).", - "title": "SSEType", + "SslMode": { + "markdownDescription": "", + "title": "SslMode", "type": "string" } }, "required": [ - "SSEEnabled" + "DatabaseName", + "Port", + "ServerName", + "SslMode" ], "type": "object" }, - "AWS::DynamoDB::GlobalTable.StreamSpecification": { + "AWS::DMS::DataProvider.PostgreSqlSettings": { "additionalProperties": false, "properties": { - "StreamViewType": { - "markdownDescription": "When an item in the table is modified, `StreamViewType` determines what information is written to the stream for this table. Valid values for `StreamViewType` are:\n\n- `KEYS_ONLY` - Only the key attributes of the modified item are written to the stream.\n- `NEW_IMAGE` - The entire item, as it appears after it was modified, is written to the stream.\n- `OLD_IMAGE` - The entire item, as it appeared before it was modified, is written to the stream.\n- `NEW_AND_OLD_IMAGES` - Both the new and the old item images of the item are written to the stream.", - "title": "StreamViewType", + "CertificateArn": { + "markdownDescription": "", + "title": "CertificateArn", "type": "string" - } - }, - "required": [ - "StreamViewType" - ], - "type": "object" - }, - "AWS::DynamoDB::GlobalTable.TargetTrackingScalingPolicyConfiguration": { - "additionalProperties": false, - "properties": { - "DisableScaleIn": { - "markdownDescription": "Indicates whether scale in by the target tracking scaling policy is disabled. The default value is `false` .", - "title": "DisableScaleIn", - "type": "boolean" }, - "ScaleInCooldown": { - "markdownDescription": "The amount of time, in seconds, after a scale-in activity completes before another scale-in activity can start.", - "title": "ScaleInCooldown", - "type": "number" + "DatabaseName": { + "markdownDescription": "Database name for the endpoint.", + "title": "DatabaseName", + "type": "string" }, - "ScaleOutCooldown": { - "markdownDescription": "The amount of time, in seconds, after a scale-out activity completes before another scale-out activity can start.", - "title": "ScaleOutCooldown", + "Port": { + "markdownDescription": "Endpoint TCP port. The default is 5432.", + "title": "Port", "type": "number" }, - "TargetValue": { - "markdownDescription": "Defines a target value for the scaling policy.", - "title": "TargetValue", - "type": "number" + "ServerName": { + "markdownDescription": "The host name of the endpoint database.\n\nFor an Amazon RDS PostgreSQL instance, this is the output of [DescribeDBInstances](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html) , in the `[Endpoint](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_Endpoint.html) .Address` field.\n\nFor an Aurora PostgreSQL instance, this is the output of [DescribeDBClusters](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBClusters.html) , in the `Endpoint` field.", + "title": "ServerName", + "type": "string" + }, + "SslMode": { + "markdownDescription": "", + "title": "SslMode", + "type": "string" } }, "required": [ - "TargetValue" + "DatabaseName", + "Port", + "ServerName", + "SslMode" ], "type": "object" }, - "AWS::DynamoDB::GlobalTable.TimeToLiveSpecification": { + "AWS::DMS::DataProvider.RedshiftSettings": { "additionalProperties": false, "properties": { - "AttributeName": { - "markdownDescription": "The name of the attribute used to store the expiration time for items in the table.\n\nCurrently, you cannot directly change the attribute name used to evaluate time to live. In order to do so, you must first disable time to live, and then re-enable it with the new attribute name. It can take up to one hour for changes to time to live to take effect. If you attempt to modify time to live within that time window, your stack operation might be delayed.", - "title": "AttributeName", + "DatabaseName": { + "markdownDescription": "The name of the Amazon Redshift data warehouse (service) that you are working with.", + "title": "DatabaseName", "type": "string" }, - "Enabled": { - "markdownDescription": "Indicates whether TTL is to be enabled (true) or disabled (false) on the table.", - "title": "Enabled", - "type": "boolean" + "Port": { + "markdownDescription": "The port number for Amazon Redshift. The default value is 5439.", + "title": "Port", + "type": "number" + }, + "ServerName": { + "markdownDescription": "The name of the Amazon Redshift cluster you are using.", + "title": "ServerName", + "type": "string" } }, "required": [ - "Enabled" + "DatabaseName", + "Port", + "ServerName" ], "type": "object" }, - "AWS::DynamoDB::GlobalTable.WriteProvisionedThroughputSettings": { + "AWS::DMS::DataProvider.Settings": { "additionalProperties": false, "properties": { - "WriteCapacityAutoScalingSettings": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.CapacityAutoScalingSettings", - "markdownDescription": "Specifies auto scaling settings for the replica table or global secondary index.", - "title": "WriteCapacityAutoScalingSettings" + "DocDbSettings": { + "$ref": "#/definitions/AWS::DMS::DataProvider.DocDbSettings", + "markdownDescription": "", + "title": "DocDbSettings" + }, + "IbmDb2LuwSettings": { + "$ref": "#/definitions/AWS::DMS::DataProvider.IbmDb2LuwSettings", + "markdownDescription": "", + "title": "IbmDb2LuwSettings" + }, + "IbmDb2zOsSettings": { + "$ref": "#/definitions/AWS::DMS::DataProvider.IbmDb2zOsSettings", + "markdownDescription": "", + "title": "IbmDb2zOsSettings" + }, + "MariaDbSettings": { + "$ref": "#/definitions/AWS::DMS::DataProvider.MariaDbSettings", + "markdownDescription": "", + "title": "MariaDbSettings" + }, + "MicrosoftSqlServerSettings": { + "$ref": "#/definitions/AWS::DMS::DataProvider.MicrosoftSqlServerSettings", + "markdownDescription": "", + "title": "MicrosoftSqlServerSettings" + }, + "MongoDbSettings": { + "$ref": "#/definitions/AWS::DMS::DataProvider.MongoDbSettings", + "markdownDescription": "", + "title": "MongoDbSettings" + }, + "MySqlSettings": { + "$ref": "#/definitions/AWS::DMS::DataProvider.MySqlSettings", + "markdownDescription": "", + "title": "MySqlSettings" + }, + "OracleSettings": { + "$ref": "#/definitions/AWS::DMS::DataProvider.OracleSettings", + "markdownDescription": "", + "title": "OracleSettings" + }, + "PostgreSqlSettings": { + "$ref": "#/definitions/AWS::DMS::DataProvider.PostgreSqlSettings", + "markdownDescription": "", + "title": "PostgreSqlSettings" + }, + "RedshiftSettings": { + "$ref": "#/definitions/AWS::DMS::DataProvider.RedshiftSettings", + "markdownDescription": "", + "title": "RedshiftSettings" } }, "type": "object" }, - "AWS::DynamoDB::Table": { + "AWS::DMS::Endpoint": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, - "Connectors": { - "additionalProperties": { - "$ref": "#/definitions/EmbeddedConnector" - }, - "title": "Connectors", - "type": "object" - }, "DeletionPolicy": { "enum": [ "Delete", @@ -67830,120 +73601,174 @@ "Properties": { "additionalProperties": false, "properties": { - "AttributeDefinitions": { - "items": { - "$ref": "#/definitions/AWS::DynamoDB::Table.AttributeDefinition" - }, - "markdownDescription": "A list of attributes that describe the key schema for the table and indexes.\n\nThis property is required to create a DynamoDB table.\n\nUpdate requires: [Some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt) . Replacement if you edit an existing AttributeDefinition.", - "title": "AttributeDefinitions", - "type": "array" + "CertificateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the certificate.", + "title": "CertificateArn", + "type": "string" }, - "BillingMode": { - "markdownDescription": "Specify how you are charged for read and write throughput and how you manage capacity.\n\nValid values include:\n\n- `PAY_PER_REQUEST` - We recommend using `PAY_PER_REQUEST` for most DynamoDB workloads. `PAY_PER_REQUEST` sets the billing mode to [On-demand capacity mode](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/on-demand-capacity-mode.html) .\n- `PROVISIONED` - We recommend using `PROVISIONED` for steady workloads with predictable growth where capacity requirements can be reliably forecasted. `PROVISIONED` sets the billing mode to [Provisioned capacity mode](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/provisioned-capacity-mode.html) .\n\nIf not specified, the default is `PROVISIONED` .", - "title": "BillingMode", + "DatabaseName": { + "markdownDescription": "The name of the endpoint database. For a MySQL source or target endpoint, don't specify `DatabaseName` . To migrate to a specific database, use this setting and `targetDbType` .", + "title": "DatabaseName", "type": "string" }, - "ContributorInsightsSpecification": { - "$ref": "#/definitions/AWS::DynamoDB::Table.ContributorInsightsSpecification", - "markdownDescription": "The settings used to enable or disable CloudWatch Contributor Insights for the specified table.", - "title": "ContributorInsightsSpecification" + "DocDbSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.DocDbSettings", + "markdownDescription": "Settings in JSON format for the source and target DocumentDB endpoint. For more information about other available settings, see [Using extra connections attributes with Amazon DocumentDB as a source](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.DocumentDB.html#CHAP_Source.DocumentDB.ECAs) and [Using Amazon DocumentDB as a target for AWS Database Migration Service](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.DocumentDB.html) in the *AWS Database Migration Service User Guide* .", + "title": "DocDbSettings" }, - "DeletionProtectionEnabled": { - "markdownDescription": "Determines if a table is protected from deletion. When enabled, the table cannot be deleted by any user or process. This setting is disabled by default. For more information, see [Using deletion protection](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/WorkingWithTables.Basics.html#WorkingWithTables.Basics.DeletionProtection) in the *Amazon DynamoDB Developer Guide* .", - "title": "DeletionProtectionEnabled", - "type": "boolean" + "DynamoDbSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.DynamoDbSettings", + "markdownDescription": "Settings in JSON format for the target Amazon DynamoDB endpoint. For information about other available settings, see [Using object mapping to migrate data to DynamoDB](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.DynamoDB.html#CHAP_Target.DynamoDB.ObjectMapping) in the *AWS Database Migration Service User Guide* .", + "title": "DynamoDbSettings" }, - "GlobalSecondaryIndexes": { - "items": { - "$ref": "#/definitions/AWS::DynamoDB::Table.GlobalSecondaryIndex" - }, - "markdownDescription": "Global secondary indexes to be created on the table. You can create up to 20 global secondary indexes.\n\n> If you update a table to include a new global secondary index, AWS CloudFormation initiates the index creation and then proceeds with the stack update. AWS CloudFormation doesn't wait for the index to complete creation because the backfilling phase can take a long time, depending on the size of the table. You can't use the index or update the table until the index's status is `ACTIVE` . You can track its status by using the DynamoDB [DescribeTable](https://docs.aws.amazon.com/cli/latest/reference/dynamodb/describe-table.html) command.\n> \n> If you add or delete an index during an update, we recommend that you don't update any other resources. If your stack fails to update and is rolled back while adding a new index, you must manually delete the index.\n> \n> Updates are not supported. The following are exceptions:\n> \n> - If you update either the contributor insights specification or the provisioned throughput values of global secondary indexes, you can update the table without interruption.\n> - You can delete or add one global secondary index without interruption. If you do both in the same update (for example, by changing the index's logical ID), the update fails.", - "title": "GlobalSecondaryIndexes", - "type": "array" + "ElasticsearchSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.ElasticsearchSettings", + "markdownDescription": "Settings in JSON format for the target OpenSearch endpoint. For more information about the available settings, see [Extra connection attributes when using OpenSearch as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Elasticsearch.html#CHAP_Target.Elasticsearch.Configuration) in the *AWS Database Migration Service User Guide* .", + "title": "ElasticsearchSettings" }, - "ImportSourceSpecification": { - "$ref": "#/definitions/AWS::DynamoDB::Table.ImportSourceSpecification", - "markdownDescription": "Specifies the properties of data being imported from the S3 bucket source to the\" table.\n\n> If you specify the `ImportSourceSpecification` property, and also specify either the `StreamSpecification` , the `TableClass` property, the `DeletionProtectionEnabled` property, or the `WarmThroughput` property, the IAM entity creating/updating stack must have `UpdateTable` permission.", - "title": "ImportSourceSpecification" + "EndpointIdentifier": { + "markdownDescription": "The database endpoint identifier. Identifiers must begin with a letter and must contain only ASCII letters, digits, and hyphens. They can't end with a hyphen, or contain two consecutive hyphens.", + "title": "EndpointIdentifier", + "type": "string" }, - "KeySchema": { - "items": { - "$ref": "#/definitions/AWS::DynamoDB::Table.KeySchema" - }, - "markdownDescription": "Specifies the attributes that make up the primary key for the table. The attributes in the `KeySchema` property must also be defined in the `AttributeDefinitions` property.", - "title": "KeySchema", - "type": "array" + "EndpointType": { + "markdownDescription": "The type of endpoint. Valid values are `source` and `target` .", + "title": "EndpointType", + "type": "string" }, - "KinesisStreamSpecification": { - "$ref": "#/definitions/AWS::DynamoDB::Table.KinesisStreamSpecification", - "markdownDescription": "The Kinesis Data Streams configuration for the specified table.", - "title": "KinesisStreamSpecification" + "EngineName": { + "markdownDescription": "The type of engine for the endpoint, depending on the `EndpointType` value.\n\n*Valid values* : `mysql` | `oracle` | `postgres` | `mariadb` | `aurora` | `aurora-postgresql` | `opensearch` | `redshift` | `redshift-serverless` | `s3` | `db2` | `azuredb` | `sybase` | `dynamodb` | `mongodb` | `kinesis` | `kafka` | `elasticsearch` | `docdb` | `sqlserver` | `neptune`", + "title": "EngineName", + "type": "string" }, - "LocalSecondaryIndexes": { - "items": { - "$ref": "#/definitions/AWS::DynamoDB::Table.LocalSecondaryIndex" - }, - "markdownDescription": "Local secondary indexes to be created on the table. You can create up to 5 local secondary indexes. Each index is scoped to a given hash key value. The size of each hash key can be up to 10 gigabytes.", - "title": "LocalSecondaryIndexes", - "type": "array" + "ExtraConnectionAttributes": { + "markdownDescription": "Additional attributes associated with the connection. Each attribute is specified as a name-value pair associated by an equal sign (=). Multiple attributes are separated by a semicolon (;) with no additional white space. For information on the attributes available for connecting your source or target endpoint, see [Working with AWS DMS Endpoints](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Endpoints.html) in the *AWS Database Migration Service User Guide* .", + "title": "ExtraConnectionAttributes", + "type": "string" }, - "PointInTimeRecoverySpecification": { - "$ref": "#/definitions/AWS::DynamoDB::Table.PointInTimeRecoverySpecification", - "markdownDescription": "The settings used to enable point in time recovery.", - "title": "PointInTimeRecoverySpecification" + "GcpMySQLSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.GcpMySQLSettings", + "markdownDescription": "Settings in JSON format for the source GCP MySQL endpoint. These settings are much the same as the settings for any MySQL-compatible endpoint. For more information, see [Extra connection attributes when using MySQL as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.MySQL.html#CHAP_Source.MySQL.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", + "title": "GcpMySQLSettings" }, - "ProvisionedThroughput": { - "$ref": "#/definitions/AWS::DynamoDB::Table.ProvisionedThroughput", - "markdownDescription": "Throughput for the specified table, which consists of values for `ReadCapacityUnits` and `WriteCapacityUnits` . For more information about the contents of a provisioned throughput structure, see [Amazon DynamoDB Table ProvisionedThroughput](https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_ProvisionedThroughput.html) .\n\nIf you set `BillingMode` as `PROVISIONED` , you must specify this property. If you set `BillingMode` as `PAY_PER_REQUEST` , you cannot specify this property.", - "title": "ProvisionedThroughput" + "IbmDb2Settings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.IbmDb2Settings", + "markdownDescription": "Settings in JSON format for the source IBM Db2 LUW endpoint. For information about other available settings, see [Extra connection attributes when using Db2 LUW as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.DB2.html#CHAP_Source.DB2.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", + "title": "IbmDb2Settings" }, - "ResourcePolicy": { - "$ref": "#/definitions/AWS::DynamoDB::Table.ResourcePolicy", - "markdownDescription": "A resource-based policy document that contains permissions to add to the specified table. In a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) .\n\nWhen you attach a resource-based policy while creating a table, the policy creation is *strongly consistent* . For information about the considerations that you should keep in mind while attaching a resource-based policy, see [Resource-based policy considerations](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-considerations.html) .", - "title": "ResourcePolicy" + "KafkaSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.KafkaSettings", + "markdownDescription": "Settings in JSON format for the target Apache Kafka endpoint. For more information about other available settings, see [Using object mapping to migrate data to a Kafka topic](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Kafka.html#CHAP_Target.Kafka.ObjectMapping) in the *AWS Database Migration Service User Guide* .", + "title": "KafkaSettings" }, - "SSESpecification": { - "$ref": "#/definitions/AWS::DynamoDB::Table.SSESpecification", - "markdownDescription": "Specifies the settings to enable server-side encryption.", - "title": "SSESpecification" + "KinesisSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.KinesisSettings", + "markdownDescription": "Settings in JSON format for the target endpoint for Amazon Kinesis Data Streams. For more information about other available settings, see [Using object mapping to migrate data to a Kinesis data stream](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Kinesis.html#CHAP_Target.Kinesis.ObjectMapping) in the *AWS Database Migration Service User Guide* .", + "title": "KinesisSettings" }, - "StreamSpecification": { - "$ref": "#/definitions/AWS::DynamoDB::Table.StreamSpecification", - "markdownDescription": "The settings for the DynamoDB table stream, which capture changes to items stored in the table.", - "title": "StreamSpecification" + "KmsKeyId": { + "markdownDescription": "An AWS KMS key identifier that is used to encrypt the connection parameters for the endpoint.\n\nIf you don't specify a value for the `KmsKeyId` parameter, AWS DMS uses your default encryption key.\n\nAWS KMS creates the default encryption key for your AWS account . Your AWS account has a different default encryption key for each AWS Region .", + "title": "KmsKeyId", + "type": "string" }, - "TableClass": { - "markdownDescription": "The table class of the new table. Valid values are `STANDARD` and `STANDARD_INFREQUENT_ACCESS` .", - "title": "TableClass", + "MicrosoftSqlServerSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.MicrosoftSqlServerSettings", + "markdownDescription": "Settings in JSON format for the source and target Microsoft SQL Server endpoint. For information about other available settings, see [Extra connection attributes when using SQL Server as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.SQLServer.html#CHAP_Source.SQLServer.ConnectionAttrib) and [Extra connection attributes when using SQL Server as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.SQLServer.html#CHAP_Target.SQLServer.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", + "title": "MicrosoftSqlServerSettings" + }, + "MongoDbSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.MongoDbSettings", + "markdownDescription": "Settings in JSON format for the source MongoDB endpoint. For more information about the available settings, see [Using MongoDB as a target for AWS Database Migration Service](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.MongoDB.html#CHAP_Source.MongoDB.Configuration) in the *AWS Database Migration Service User Guide* .", + "title": "MongoDbSettings" + }, + "MySqlSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.MySqlSettings", + "markdownDescription": "Settings in JSON format for the source and target MySQL endpoint. For information about other available settings, see [Extra connection attributes when using MySQL as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.MySQL.html#CHAP_Source.MySQL.ConnectionAttrib) and [Extra connection attributes when using a MySQL-compatible database as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.MySQL.html#CHAP_Target.MySQL.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", + "title": "MySqlSettings" + }, + "NeptuneSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.NeptuneSettings", + "markdownDescription": "Settings in JSON format for the target Amazon Neptune endpoint. For more information about the available settings, see [Specifying endpoint settings for Amazon Neptune as a target](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Neptune.html#CHAP_Target.Neptune.EndpointSettings) in the *AWS Database Migration Service User Guide* .", + "title": "NeptuneSettings" + }, + "OracleSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.OracleSettings", + "markdownDescription": "Settings in JSON format for the source and target Oracle endpoint. For information about other available settings, see [Extra connection attributes when using Oracle as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.ConnectionAttrib) and [Extra connection attributes when using Oracle as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Oracle.html#CHAP_Target.Oracle.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", + "title": "OracleSettings" + }, + "Password": { + "markdownDescription": "The password to be used to log in to the endpoint database.", + "title": "Password", "type": "string" }, - "TableName": { - "markdownDescription": "A name for the table. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the table name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "TableName", + "Port": { + "markdownDescription": "The port used by the endpoint database.", + "title": "Port", + "type": "number" + }, + "PostgreSqlSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.PostgreSqlSettings", + "markdownDescription": "Settings in JSON format for the source and target PostgreSQL endpoint.\n\nFor information about other available settings, see [Extra connection attributes when using PostgreSQL as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.PostgreSQL.html#CHAP_Source.PostgreSQL.ConnectionAttrib) and [Extra connection attributes when using PostgreSQL as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.PostgreSQL.html#CHAP_Target.PostgreSQL.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", + "title": "PostgreSqlSettings" + }, + "RedisSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.RedisSettings", + "markdownDescription": "Settings in JSON format for the target Redis endpoint. For information about other available settings, see [Specifying endpoint settings for Redis as a target](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Redis.html#CHAP_Target.Redis.EndpointSettings) in the *AWS Database Migration Service User Guide* .", + "title": "RedisSettings" + }, + "RedshiftSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.RedshiftSettings", + "markdownDescription": "Settings in JSON format for the Amazon Redshift endpoint.\n\nFor more information about other available settings, see [Extra connection attributes when using Amazon Redshift as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Redshift.html#CHAP_Target.Redshift.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", + "title": "RedshiftSettings" + }, + "ResourceIdentifier": { + "markdownDescription": "A display name for the resource identifier at the end of the `EndpointArn` response parameter that is returned in the created `Endpoint` object. The value for this parameter can have up to 31 characters. It can contain only ASCII letters, digits, and hyphen ('-'). Also, it can't end with a hyphen or contain two consecutive hyphens, and can only begin with a letter, such as `Example-App-ARN1` .\n\nFor example, this value might result in the `EndpointArn` value `arn:aws:dms:eu-west-1:012345678901:rep:Example-App-ARN1` . If you don't specify a `ResourceIdentifier` value, AWS DMS generates a default identifier value for the end of `EndpointArn` .", + "title": "ResourceIdentifier", "type": "string" }, + "S3Settings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.S3Settings", + "markdownDescription": "Settings in JSON format for the source and target Amazon S3 endpoint. For more information about other available settings, see [Extra connection attributes when using Amazon S3 as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.S3.html#CHAP_Source.S3.Configuring) and [Extra connection attributes when using Amazon S3 as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.Configuring) in the *AWS Database Migration Service User Guide* .", + "title": "S3Settings" + }, + "ServerName": { + "markdownDescription": "The name of the server where the endpoint database resides.", + "title": "ServerName", + "type": "string" + }, + "SslMode": { + "markdownDescription": "The Secure Sockets Layer (SSL) mode to use for the SSL connection. The default is `none` .\n\n> When `engine_name` is set to S3, the only allowed value is `none` .", + "title": "SslMode", + "type": "string" + }, + "SybaseSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.SybaseSettings", + "markdownDescription": "Settings in JSON format for the source and target SAP ASE endpoint. For information about other available settings, see [Extra connection attributes when using SAP ASE as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.SAP.html#CHAP_Source.SAP.ConnectionAttrib) and [Extra connection attributes when using SAP ASE as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.SAP.html#CHAP_Target.SAP.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", + "title": "SybaseSettings" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "One or more tags to be assigned to the endpoint.", "title": "Tags", "type": "array" }, - "TimeToLiveSpecification": { - "$ref": "#/definitions/AWS::DynamoDB::Table.TimeToLiveSpecification", - "markdownDescription": "Specifies the Time to Live (TTL) settings for the table.\n\n> For detailed information about the limits in DynamoDB, see [Limits in Amazon DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Limits.html) in the Amazon DynamoDB Developer Guide.", - "title": "TimeToLiveSpecification" + "Username": { + "markdownDescription": "The user name to be used to log in to the endpoint database.", + "title": "Username", + "type": "string" } }, "required": [ - "KeySchema" + "EndpointType", + "EngineName" ], "type": "object" }, "Type": { "enum": [ - "AWS::DynamoDB::Table" + "AWS::DMS::Endpoint" ], "type": "string" }, @@ -67962,1160 +73787,1277 @@ ], "type": "object" }, - "AWS::DynamoDB::Table.AttributeDefinition": { + "AWS::DMS::Endpoint.DocDbSettings": { "additionalProperties": false, "properties": { - "AttributeName": { - "markdownDescription": "A name for the attribute.", - "title": "AttributeName", + "DocsToInvestigate": { + "markdownDescription": "Indicates the number of documents to preview to determine the document organization. Use this setting when `NestingLevel` is set to `\"one\"` .\n\nMust be a positive value greater than `0` . Default value is `1000` .", + "title": "DocsToInvestigate", + "type": "number" + }, + "ExtractDocId": { + "markdownDescription": "Specifies the document ID. Use this setting when `NestingLevel` is set to `\"none\"` .\n\nDefault value is `\"false\"` .", + "title": "ExtractDocId", + "type": "boolean" + }, + "NestingLevel": { + "markdownDescription": "Specifies either document or table mode.\n\nDefault value is `\"none\"` . Specify `\"none\"` to use document mode. Specify `\"one\"` to use table mode.", + "title": "NestingLevel", "type": "string" }, - "AttributeType": { - "markdownDescription": "The data type for the attribute, where:\n\n- `S` - the attribute is of type String\n- `N` - the attribute is of type Number\n- `B` - the attribute is of type Binary", - "title": "AttributeType", + "SecretsManagerAccessRoleArn": { + "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the DocumentDB endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", + "title": "SecretsManagerAccessRoleArn", + "type": "string" + }, + "SecretsManagerSecretId": { + "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the DocumentDB endpoint connection details.", + "title": "SecretsManagerSecretId", "type": "string" } }, - "required": [ - "AttributeName", - "AttributeType" - ], - "type": "object" - }, - "AWS::DynamoDB::Table.ContributorInsightsSpecification": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Indicates whether CloudWatch Contributor Insights are to be enabled (true) or disabled (false).", - "title": "Enabled", - "type": "boolean" - } - }, - "required": [ - "Enabled" - ], "type": "object" }, - "AWS::DynamoDB::Table.Csv": { + "AWS::DMS::Endpoint.DynamoDbSettings": { "additionalProperties": false, "properties": { - "Delimiter": { - "markdownDescription": "The delimiter used for separating items in the CSV file being imported.", - "title": "Delimiter", + "ServiceAccessRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) used by the service to access the IAM role. The role must allow the `iam:PassRole` action.", + "title": "ServiceAccessRoleArn", "type": "string" - }, - "HeaderList": { - "items": { - "type": "string" - }, - "markdownDescription": "List of the headers used to specify a common header for all source CSV files being imported. If this field is specified then the first line of each CSV file is treated as data instead of the header. If this field is not specified the the first line of each CSV file is treated as the header.", - "title": "HeaderList", - "type": "array" } }, "type": "object" }, - "AWS::DynamoDB::Table.GlobalSecondaryIndex": { + "AWS::DMS::Endpoint.ElasticsearchSettings": { "additionalProperties": false, "properties": { - "ContributorInsightsSpecification": { - "$ref": "#/definitions/AWS::DynamoDB::Table.ContributorInsightsSpecification", - "markdownDescription": "The settings used to enable or disable CloudWatch Contributor Insights for the specified global secondary index.", - "title": "ContributorInsightsSpecification" - }, - "IndexName": { - "markdownDescription": "The name of the global secondary index. The name must be unique among all other indexes on this table.", - "title": "IndexName", + "EndpointUri": { + "markdownDescription": "The endpoint for the OpenSearch cluster. AWS DMS uses HTTPS if a transport protocol (either HTTP or HTTPS) isn't specified.", + "title": "EndpointUri", "type": "string" }, - "KeySchema": { - "items": { - "$ref": "#/definitions/AWS::DynamoDB::Table.KeySchema" - }, - "markdownDescription": "The complete key schema for a global secondary index, which consists of one or more pairs of attribute names and key types:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.", - "title": "KeySchema", - "type": "array" + "ErrorRetryDuration": { + "markdownDescription": "The maximum number of seconds for which DMS retries failed API requests to the OpenSearch cluster.", + "title": "ErrorRetryDuration", + "type": "number" }, - "Projection": { - "$ref": "#/definitions/AWS::DynamoDB::Table.Projection", - "markdownDescription": "Represents attributes that are copied (projected) from the table into the global secondary index. These are in addition to the primary key attributes and index key attributes, which are automatically projected.", - "title": "Projection" + "FullLoadErrorPercentage": { + "markdownDescription": "The maximum percentage of records that can fail to be written before a full load operation stops.\n\nTo avoid early failure, this counter is only effective after 1,000 records are transferred. OpenSearch also has the concept of error monitoring during the last 10 minutes of an Observation Window. If transfer of all records fail in the last 10 minutes, the full load operation stops.", + "title": "FullLoadErrorPercentage", + "type": "number" }, - "ProvisionedThroughput": { - "$ref": "#/definitions/AWS::DynamoDB::Table.ProvisionedThroughput", - "markdownDescription": "Represents the provisioned throughput settings for the specified global secondary index. You must use either `OnDemandThroughput` or `ProvisionedThroughput` based on your table's capacity mode.\n\nFor current minimum and maximum provisioned throughput values, see [Service, Account, and Table Quotas](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Limits.html) in the *Amazon DynamoDB Developer Guide* .", - "title": "ProvisionedThroughput" + "ServiceAccessRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) used by the service to access the IAM role. The role must allow the `iam:PassRole` action.", + "title": "ServiceAccessRoleArn", + "type": "string" } }, - "required": [ - "IndexName", - "KeySchema", - "Projection" - ], "type": "object" }, - "AWS::DynamoDB::Table.ImportSourceSpecification": { + "AWS::DMS::Endpoint.GcpMySQLSettings": { "additionalProperties": false, "properties": { - "InputCompressionType": { - "markdownDescription": "Type of compression to be used on the input coming from the imported table.", - "title": "InputCompressionType", + "AfterConnectScript": { + "markdownDescription": "Specifies a script to run immediately after AWS DMS connects to the endpoint. The migration task continues running regardless if the SQL statement succeeds or fails.\n\nFor this parameter, provide the code of the script itself, not the name of a file containing the script.", + "title": "AfterConnectScript", "type": "string" }, - "InputFormat": { - "markdownDescription": "The format of the source data. Valid values for `ImportFormat` are `CSV` , `DYNAMODB_JSON` or `ION` .", - "title": "InputFormat", - "type": "string" + "CleanSourceMetadataOnMismatch": { + "markdownDescription": "Adjusts the behavior of AWS DMS when migrating from an SQL Server source database that is hosted as part of an Always On availability group cluster. If you need AWS DMS to poll all the nodes in the Always On cluster for transaction backups, set this attribute to `false` .", + "title": "CleanSourceMetadataOnMismatch", + "type": "boolean" }, - "InputFormatOptions": { - "$ref": "#/definitions/AWS::DynamoDB::Table.InputFormatOptions", - "markdownDescription": "Additional properties that specify how the input is formatted,", - "title": "InputFormatOptions" + "DatabaseName": { + "markdownDescription": "Database name for the endpoint. For a MySQL source or target endpoint, don't explicitly specify the database using the `DatabaseName` request parameter on either the `CreateEndpoint` or `ModifyEndpoint` API call. Specifying `DatabaseName` when you create or modify a MySQL endpoint replicates all the task tables to this single database. For MySQL endpoints, you specify the database only when you specify the schema in the table-mapping rules of the AWS DMS task.", + "title": "DatabaseName", + "type": "string" }, - "S3BucketSource": { - "$ref": "#/definitions/AWS::DynamoDB::Table.S3BucketSource", - "markdownDescription": "The S3 bucket that provides the source for the import.", - "title": "S3BucketSource" - } - }, - "required": [ - "InputFormat", - "S3BucketSource" - ], - "type": "object" - }, - "AWS::DynamoDB::Table.InputFormatOptions": { - "additionalProperties": false, - "properties": { - "Csv": { - "$ref": "#/definitions/AWS::DynamoDB::Table.Csv", - "markdownDescription": "The options for imported source files in CSV format. The values are Delimiter and HeaderList.", - "title": "Csv" - } - }, - "type": "object" - }, - "AWS::DynamoDB::Table.KeySchema": { - "additionalProperties": false, - "properties": { - "AttributeName": { - "markdownDescription": "The name of a key attribute.", - "title": "AttributeName", + "EventsPollInterval": { + "markdownDescription": "Specifies how often to check the binary log for new changes/events when the database is idle. The default is five seconds.\n\nExample: `eventsPollInterval=5;`\n\nIn the example, AWS DMS checks for changes in the binary logs every five seconds.", + "title": "EventsPollInterval", + "type": "number" + }, + "MaxFileSize": { + "markdownDescription": "Specifies the maximum size (in KB) of any .csv file used to transfer data to a MySQL-compatible database.\n\nExample: `maxFileSize=512`", + "title": "MaxFileSize", + "type": "number" + }, + "ParallelLoadThreads": { + "markdownDescription": "Improves performance when loading data into the MySQL-compatible target database. Specifies how many threads to use to load the data into the MySQL-compatible target database. Setting a large number of threads can have an adverse effect on database performance, because a separate connection is required for each thread. The default is one.\n\nExample: `parallelLoadThreads=1`", + "title": "ParallelLoadThreads", + "type": "number" + }, + "Password": { + "markdownDescription": "Endpoint connection password.", + "title": "Password", "type": "string" }, - "KeyType": { - "markdownDescription": "The role that this key attribute will assume:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.", - "title": "KeyType", + "Port": { + "markdownDescription": "The port used by the endpoint database.", + "title": "Port", + "type": "number" + }, + "SecretsManagerAccessRoleArn": { + "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret.` The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the MySQL endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", + "title": "SecretsManagerAccessRoleArn", "type": "string" - } - }, - "required": [ - "AttributeName", - "KeyType" - ], - "type": "object" - }, - "AWS::DynamoDB::Table.KinesisStreamSpecification": { - "additionalProperties": false, - "properties": { - "ApproximateCreationDateTimePrecision": { - "markdownDescription": "The precision for the time and date that the stream was created.", - "title": "ApproximateCreationDateTimePrecision", + }, + "SecretsManagerSecretId": { + "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the MySQL endpoint connection details.", + "title": "SecretsManagerSecretId", "type": "string" }, - "StreamArn": { - "markdownDescription": "The ARN for a specific Kinesis data stream.\n\nLength Constraints: Minimum length of 37. Maximum length of 1024.", - "title": "StreamArn", + "ServerName": { + "markdownDescription": "The MySQL host name.", + "title": "ServerName", + "type": "string" + }, + "ServerTimezone": { + "markdownDescription": "Specifies the time zone for the source MySQL database. Don't enclose time zones in single quotation marks.\n\nExample: `serverTimezone=US/Pacific;`", + "title": "ServerTimezone", + "type": "string" + }, + "Username": { + "markdownDescription": "Endpoint connection user name.", + "title": "Username", "type": "string" } }, - "required": [ - "StreamArn" - ], "type": "object" }, - "AWS::DynamoDB::Table.LocalSecondaryIndex": { + "AWS::DMS::Endpoint.IbmDb2Settings": { "additionalProperties": false, "properties": { - "IndexName": { - "markdownDescription": "The name of the local secondary index. The name must be unique among all other indexes on this table.", - "title": "IndexName", + "CurrentLsn": { + "markdownDescription": "For ongoing replication (CDC), use CurrentLSN to specify a log sequence number (LSN) where you want the replication to start.", + "title": "CurrentLsn", "type": "string" }, - "KeySchema": { - "items": { - "$ref": "#/definitions/AWS::DynamoDB::Table.KeySchema" - }, - "markdownDescription": "The complete key schema for the local secondary index, consisting of one or more pairs of attribute names and key types:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.", - "title": "KeySchema", - "type": "array" + "KeepCsvFiles": { + "markdownDescription": "If true, AWS DMS saves any .csv files to the Db2 LUW target that were used to replicate data. DMS uses these files for analysis and troubleshooting.\n\nThe default value is false.", + "title": "KeepCsvFiles", + "type": "boolean" }, - "Projection": { - "$ref": "#/definitions/AWS::DynamoDB::Table.Projection", - "markdownDescription": "Represents attributes that are copied (projected) from the table into the local secondary index. These are in addition to the primary key attributes and index key attributes, which are automatically projected.", - "title": "Projection" - } - }, - "required": [ - "IndexName", - "KeySchema", - "Projection" - ], - "type": "object" - }, - "AWS::DynamoDB::Table.PointInTimeRecoverySpecification": { - "additionalProperties": false, - "properties": { - "PointInTimeRecoveryEnabled": { - "markdownDescription": "Indicates whether point in time recovery is enabled (true) or disabled (false) on the table.", - "title": "PointInTimeRecoveryEnabled", + "LoadTimeout": { + "markdownDescription": "The amount of time (in milliseconds) before AWS DMS times out operations performed by DMS on the Db2 target. The default value is 1200 (20 minutes).", + "title": "LoadTimeout", + "type": "number" + }, + "MaxFileSize": { + "markdownDescription": "Specifies the maximum size (in KB) of .csv files used to transfer data to Db2 LUW.", + "title": "MaxFileSize", + "type": "number" + }, + "MaxKBytesPerRead": { + "markdownDescription": "Maximum number of bytes per read, as a NUMBER value. The default is 64 KB.", + "title": "MaxKBytesPerRead", + "type": "number" + }, + "SecretsManagerAccessRoleArn": { + "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value ofthe AWS Secrets Manager secret that allows access to the Db2 LUW endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", + "title": "SecretsManagerAccessRoleArn", + "type": "string" + }, + "SecretsManagerSecretId": { + "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the IBMDB2 endpoint connection details.", + "title": "SecretsManagerSecretId", + "type": "string" + }, + "SetDataCaptureChanges": { + "markdownDescription": "Enables ongoing replication (CDC) as a BOOLEAN value. The default is true.", + "title": "SetDataCaptureChanges", "type": "boolean" + }, + "WriteBufferSize": { + "markdownDescription": "The size (in KB) of the in-memory file write buffer used when generating .csv files on the local disk on the DMS replication instance. The default value is 1024 (1 MB).", + "title": "WriteBufferSize", + "type": "number" } }, "type": "object" }, - "AWS::DynamoDB::Table.Projection": { + "AWS::DMS::Endpoint.KafkaSettings": { "additionalProperties": false, "properties": { - "NonKeyAttributes": { - "items": { - "type": "string" - }, - "markdownDescription": "Represents the non-key attribute names which will be projected into the index.\n\nFor global and local secondary indexes, the total count of `NonKeyAttributes` summed across all of the secondary indexes, must not exceed 100. If you project the same attribute into two different indexes, this counts as two distinct attributes when determining the total. This limit only applies when you specify the ProjectionType of `INCLUDE` . You still can specify the ProjectionType of `ALL` to project all attributes from the source table, even if the table has more than 100 attributes.", - "title": "NonKeyAttributes", - "type": "array" + "Broker": { + "markdownDescription": "A comma-separated list of one or more broker locations in your Kafka cluster that host your Kafka instance. Specify each broker location in the form `*broker-hostname-or-ip* : *port*` . For example, `\"ec2-12-345-678-901.compute-1.amazonaws.com:2345\"` . For more information and examples of specifying a list of broker locations, see [Using Apache Kafka as a target for AWS Database Migration Service](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Kafka.html) in the *AWS Database Migration Service User Guide* .", + "title": "Broker", + "type": "string" }, - "ProjectionType": { - "markdownDescription": "The set of attributes that are projected into the index:\n\n- `KEYS_ONLY` - Only the index and primary keys are projected into the index.\n- `INCLUDE` - In addition to the attributes described in `KEYS_ONLY` , the secondary index will include other non-key attributes that you specify.\n- `ALL` - All of the table attributes are projected into the index.\n\nWhen using the DynamoDB console, `ALL` is selected by default.", - "title": "ProjectionType", + "IncludeControlDetails": { + "markdownDescription": "Shows detailed control information for table definition, column definition, and table and column changes in the Kafka message output. The default is `false` .", + "title": "IncludeControlDetails", + "type": "boolean" + }, + "IncludeNullAndEmpty": { + "markdownDescription": "Include NULL and empty columns for records migrated to the endpoint. The default is `false` .", + "title": "IncludeNullAndEmpty", + "type": "boolean" + }, + "IncludePartitionValue": { + "markdownDescription": "Shows the partition value within the Kafka message output unless the partition type is `schema-table-type` . The default is `false` .", + "title": "IncludePartitionValue", + "type": "boolean" + }, + "IncludeTableAlterOperations": { + "markdownDescription": "Includes any data definition language (DDL) operations that change the table in the control data, such as `rename-table` , `drop-table` , `add-column` , `drop-column` , and `rename-column` . The default is `false` .", + "title": "IncludeTableAlterOperations", + "type": "boolean" + }, + "IncludeTransactionDetails": { + "markdownDescription": "Provides detailed transaction information from the source database. This information includes a commit timestamp, a log position, and values for `transaction_id` , previous `transaction_id` , and `transaction_record_id` (the record offset within a transaction). The default is `false` .", + "title": "IncludeTransactionDetails", + "type": "boolean" + }, + "MessageFormat": { + "markdownDescription": "The output format for the records created on the endpoint. The message format is `JSON` (default) or `JSON_UNFORMATTED` (a single line with no tab).", + "title": "MessageFormat", "type": "string" - } - }, - "type": "object" - }, - "AWS::DynamoDB::Table.ProvisionedThroughput": { - "additionalProperties": false, - "properties": { - "ReadCapacityUnits": { - "markdownDescription": "The maximum number of strongly consistent reads consumed per second before DynamoDB returns a `ThrottlingException` . For more information, see [Specifying Read and Write Requirements](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/ProvisionedThroughput.html) in the *Amazon DynamoDB Developer Guide* .\n\nIf read/write capacity mode is `PAY_PER_REQUEST` the value is set to 0.", - "title": "ReadCapacityUnits", - "type": "number" }, - "WriteCapacityUnits": { - "markdownDescription": "The maximum number of writes consumed per second before DynamoDB returns a `ThrottlingException` . For more information, see [Specifying Read and Write Requirements](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/ProvisionedThroughput.html) in the *Amazon DynamoDB Developer Guide* .\n\nIf read/write capacity mode is `PAY_PER_REQUEST` the value is set to 0.", - "title": "WriteCapacityUnits", + "MessageMaxBytes": { + "markdownDescription": "The maximum size in bytes for records created on the endpoint The default is 1,000,000.", + "title": "MessageMaxBytes", "type": "number" - } - }, - "required": [ - "ReadCapacityUnits", - "WriteCapacityUnits" - ], - "type": "object" - }, - "AWS::DynamoDB::Table.ResourcePolicy": { - "additionalProperties": false, - "properties": { - "PolicyDocument": { - "markdownDescription": "A resource-based policy document that contains permissions to add to the specified DynamoDB table, index, or both. In a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) .", - "title": "PolicyDocument", - "type": "object" - } - }, - "required": [ - "PolicyDocument" - ], - "type": "object" - }, - "AWS::DynamoDB::Table.S3BucketSource": { - "additionalProperties": false, - "properties": { - "S3Bucket": { - "markdownDescription": "The S3 bucket that is being imported from.", - "title": "S3Bucket", + }, + "NoHexPrefix": { + "markdownDescription": "Set this optional parameter to `true` to avoid adding a '0x' prefix to raw data in hexadecimal format. For example, by default, AWS DMS adds a '0x' prefix to the LOB column type in hexadecimal format moving from an Oracle source to a Kafka target. Use the `NoHexPrefix` endpoint setting to enable migration of RAW data type columns without adding the '0x' prefix.", + "title": "NoHexPrefix", + "type": "boolean" + }, + "PartitionIncludeSchemaTable": { + "markdownDescription": "Prefixes schema and table names to partition values, when the partition type is `primary-key-type` . Doing this increases data distribution among Kafka partitions. For example, suppose that a SysBench schema has thousands of tables and each table has only limited range for a primary key. In this case, the same primary key is sent from thousands of tables to the same partition, which causes throttling. The default is `false` .", + "title": "PartitionIncludeSchemaTable", + "type": "boolean" + }, + "SaslPassword": { + "markdownDescription": "The secure password that you created when you first set up your Amazon MSK cluster to validate a client identity and make an encrypted connection between server and client using SASL-SSL authentication.", + "title": "SaslPassword", "type": "string" }, - "S3BucketOwner": { - "markdownDescription": "The account number of the S3 bucket that is being imported from. If the bucket is owned by the requester this is optional.", - "title": "S3BucketOwner", + "SaslUserName": { + "markdownDescription": "The secure user name you created when you first set up your Amazon MSK cluster to validate a client identity and make an encrypted connection between server and client using SASL-SSL authentication.", + "title": "SaslUserName", "type": "string" }, - "S3KeyPrefix": { - "markdownDescription": "The key prefix shared by all S3 Objects that are being imported.", - "title": "S3KeyPrefix", + "SecurityProtocol": { + "markdownDescription": "Set secure connection to a Kafka target endpoint using Transport Layer Security (TLS). Options include `ssl-encryption` , `ssl-authentication` , and `sasl-ssl` . `sasl-ssl` requires `SaslUsername` and `SaslPassword` .", + "title": "SecurityProtocol", "type": "string" - } - }, - "required": [ - "S3Bucket" - ], - "type": "object" - }, - "AWS::DynamoDB::Table.SSESpecification": { - "additionalProperties": false, - "properties": { - "KMSMasterKeyId": { - "markdownDescription": "The AWS KMS key that should be used for the AWS KMS encryption. To specify a key, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. Note that you should only provide this parameter if the key is different from the default DynamoDB key `alias/aws/dynamodb` .", - "title": "KMSMasterKeyId", + }, + "SslCaCertificateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the private certificate authority (CA) cert that AWS DMS uses to securely connect to your Kafka target endpoint.", + "title": "SslCaCertificateArn", "type": "string" }, - "SSEEnabled": { - "markdownDescription": "Indicates whether server-side encryption is done using an AWS managed key or an AWS owned key. If enabled (true), server-side encryption type is set to `KMS` and an AWS managed key is used ( AWS KMS charges apply). If disabled (false) or not specified, server-side encryption is set to AWS owned key.", - "title": "SSEEnabled", - "type": "boolean" + "SslClientCertificateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the client certificate used to securely connect to a Kafka target endpoint.", + "title": "SslClientCertificateArn", + "type": "string" }, - "SSEType": { - "markdownDescription": "Server-side encryption type. The only supported value is:\n\n- `KMS` - Server-side encryption that uses AWS Key Management Service . The key is stored in your account and is managed by AWS KMS ( AWS KMS charges apply).", - "title": "SSEType", + "SslClientKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the client private key used to securely connect to a Kafka target endpoint.", + "title": "SslClientKeyArn", "type": "string" - } - }, - "required": [ - "SSEEnabled" - ], - "type": "object" - }, - "AWS::DynamoDB::Table.StreamSpecification": { - "additionalProperties": false, - "properties": { - "ResourcePolicy": { - "$ref": "#/definitions/AWS::DynamoDB::Table.ResourcePolicy", - "markdownDescription": "Creates or updates a resource-based policy document that contains the permissions for DynamoDB resources, such as a table's streams. Resource-based policies let you define access permissions by specifying who has access to each resource, and the actions they are allowed to perform on each resource.\n\nIn a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) .", - "title": "ResourcePolicy" }, - "StreamViewType": { - "markdownDescription": "When an item in the table is modified, `StreamViewType` determines what information is written to the stream for this table. Valid values for `StreamViewType` are:\n\n- `KEYS_ONLY` - Only the key attributes of the modified item are written to the stream.\n- `NEW_IMAGE` - The entire item, as it appears after it was modified, is written to the stream.\n- `OLD_IMAGE` - The entire item, as it appeared before it was modified, is written to the stream.\n- `NEW_AND_OLD_IMAGES` - Both the new and the old item images of the item are written to the stream.", - "title": "StreamViewType", + "SslClientKeyPassword": { + "markdownDescription": "The password for the client private key used to securely connect to a Kafka target endpoint.", + "title": "SslClientKeyPassword", + "type": "string" + }, + "Topic": { + "markdownDescription": "The topic to which you migrate the data. If you don't specify a topic, AWS DMS specifies `\"kafka-default-topic\"` as the migration topic.", + "title": "Topic", "type": "string" } }, - "required": [ - "StreamViewType" - ], "type": "object" }, - "AWS::DynamoDB::Table.TimeToLiveSpecification": { + "AWS::DMS::Endpoint.KinesisSettings": { "additionalProperties": false, "properties": { - "AttributeName": { - "markdownDescription": "The name of the TTL attribute used to store the expiration time for items in the table.\n\n> - The `AttributeName` property is required when enabling the TTL, or when TTL is already enabled.\n> - To update this property, you must first disable TTL and then enable TTL with the new attribute name.", - "title": "AttributeName", + "IncludeControlDetails": { + "markdownDescription": "Shows detailed control information for table definition, column definition, and table and column changes in the Kinesis message output. The default is `false` .", + "title": "IncludeControlDetails", + "type": "boolean" + }, + "IncludeNullAndEmpty": { + "markdownDescription": "Include NULL and empty columns for records migrated to the endpoint. The default is `false` .", + "title": "IncludeNullAndEmpty", + "type": "boolean" + }, + "IncludePartitionValue": { + "markdownDescription": "Shows the partition value within the Kinesis message output, unless the partition type is `schema-table-type` . The default is `false` .", + "title": "IncludePartitionValue", + "type": "boolean" + }, + "IncludeTableAlterOperations": { + "markdownDescription": "Includes any data definition language (DDL) operations that change the table in the control data, such as `rename-table` , `drop-table` , `add-column` , `drop-column` , and `rename-column` . The default is `false` .", + "title": "IncludeTableAlterOperations", + "type": "boolean" + }, + "IncludeTransactionDetails": { + "markdownDescription": "Provides detailed transaction information from the source database. This information includes a commit timestamp, a log position, and values for `transaction_id` , previous `transaction_id` , and `transaction_record_id` (the record offset within a transaction). The default is `false` .", + "title": "IncludeTransactionDetails", + "type": "boolean" + }, + "MessageFormat": { + "markdownDescription": "The output format for the records created on the endpoint. The message format is `JSON` (default) or `JSON_UNFORMATTED` (a single line with no tab).", + "title": "MessageFormat", "type": "string" }, - "Enabled": { - "markdownDescription": "Indicates whether TTL is to be enabled (true) or disabled (false) on the table.", - "title": "Enabled", + "NoHexPrefix": { + "markdownDescription": "Set this optional parameter to `true` to avoid adding a '0x' prefix to raw data in hexadecimal format. For example, by default, AWS DMS adds a '0x' prefix to the LOB column type in hexadecimal format moving from an Oracle source to an Amazon Kinesis target. Use the `NoHexPrefix` endpoint setting to enable migration of RAW data type columns without adding the '0x' prefix.", + "title": "NoHexPrefix", + "type": "boolean" + }, + "PartitionIncludeSchemaTable": { + "markdownDescription": "Prefixes schema and table names to partition values, when the partition type is `primary-key-type` . Doing this increases data distribution among Kinesis shards. For example, suppose that a SysBench schema has thousands of tables and each table has only limited range for a primary key. In this case, the same primary key is sent from thousands of tables to the same shard, which causes throttling. The default is `false` .", + "title": "PartitionIncludeSchemaTable", "type": "boolean" + }, + "ServiceAccessRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the IAM role that AWS DMS uses to write to the Kinesis data stream. The role must allow the `iam:PassRole` action.", + "title": "ServiceAccessRoleArn", + "type": "string" + }, + "StreamArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the Amazon Kinesis Data Streams endpoint.", + "title": "StreamArn", + "type": "string" } }, - "required": [ - "Enabled" - ], "type": "object" }, - "AWS::EC2::CapacityReservation": { + "AWS::DMS::Endpoint.MicrosoftSqlServerSettings": { "additionalProperties": false, "properties": { - "Condition": { + "BcpPacketSize": { + "markdownDescription": "The maximum size of the packets (in bytes) used to transfer data using BCP.", + "title": "BcpPacketSize", + "type": "number" + }, + "ControlTablesFileGroup": { + "markdownDescription": "Specifies a file group for the AWS DMS internal tables. When the replication task starts, all the internal AWS DMS control tables (awsdms_ apply_exception, awsdms_apply, awsdms_changes) are created for the specified file group.", + "title": "ControlTablesFileGroup", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DatabaseName": { + "markdownDescription": "Database name for the endpoint.", + "title": "DatabaseName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ForceLobLookup": { + "markdownDescription": "Forces LOB lookup on inline LOB.", + "title": "ForceLobLookup", + "type": "boolean" }, - "Metadata": { - "type": "object" + "Password": { + "markdownDescription": "Endpoint connection password.", + "title": "Password", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AvailabilityZone": { - "markdownDescription": "The Availability Zone in which to create the Capacity Reservation.", - "title": "AvailabilityZone", - "type": "string" - }, - "EbsOptimized": { - "markdownDescription": "Indicates whether the Capacity Reservation supports EBS-optimized instances. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS- optimized instance.", - "title": "EbsOptimized", - "type": "boolean" - }, - "EndDate": { - "markdownDescription": "The date and time at which the Capacity Reservation expires. When a Capacity Reservation expires, the reserved capacity is released and you can no longer launch instances into it. The Capacity Reservation's state changes to `expired` when it reaches its end date and time.\n\nYou must provide an `EndDate` value if `EndDateType` is `limited` . Omit `EndDate` if `EndDateType` is `unlimited` .\n\nIf the `EndDateType` is `limited` , the Capacity Reservation is cancelled within an hour from the specified time. For example, if you specify 5/31/2019, 13:30:55, the Capacity Reservation is guaranteed to end between 13:30:55 and 14:30:55 on 5/31/2019.\n\nIf you are requesting a future-dated Capacity Reservation, you can't specify an end date and time that is within the commitment duration.", - "title": "EndDate", - "type": "string" - }, - "EndDateType": { - "markdownDescription": "Indicates the way in which the Capacity Reservation ends. A Capacity Reservation can have one of the following end types:\n\n- `unlimited` - The Capacity Reservation remains active until you explicitly cancel it. Do not provide an `EndDate` if the `EndDateType` is `unlimited` .\n- `limited` - The Capacity Reservation expires automatically at a specified date and time. You must provide an `EndDate` value if the `EndDateType` value is `limited` .", - "title": "EndDateType", - "type": "string" - }, - "EphemeralStorage": { - "markdownDescription": "*Deprecated.*", - "title": "EphemeralStorage", - "type": "boolean" - }, - "InstanceCount": { - "markdownDescription": "The number of instances for which to reserve capacity.\n\n> You can request future-dated Capacity Reservations for an instance count with a minimum of 100 vCPUs. For example, if you request a future-dated Capacity Reservation for `m5.xlarge` instances, you must request at least 25 instances ( *25 * m5.xlarge = 100 vCPUs* ). \n\nValid range: 1 - 1000", - "title": "InstanceCount", - "type": "number" - }, - "InstanceMatchCriteria": { - "markdownDescription": "Indicates the type of instance launches that the Capacity Reservation accepts. The options include:\n\n- `open` - The Capacity Reservation automatically matches all instances that have matching attributes (instance type, platform, and Availability Zone). Instances that have matching attributes run in the Capacity Reservation automatically without specifying any additional parameters.\n- `targeted` - The Capacity Reservation only accepts instances that have matching attributes (instance type, platform, and Availability Zone), and explicitly target the Capacity Reservation. This ensures that only permitted instances can use the reserved capacity.\n\n> If you are requesting a future-dated Capacity Reservation, you must specify `targeted` . \n\nDefault: `open`", - "title": "InstanceMatchCriteria", - "type": "string" - }, - "InstancePlatform": { - "markdownDescription": "The type of operating system for which to reserve capacity.", - "title": "InstancePlatform", - "type": "string" - }, - "InstanceType": { - "markdownDescription": "The instance type for which to reserve capacity.\n\n> You can request future-dated Capacity Reservations for instance types in the C, M, R, I, and T instance families only. \n\nFor more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .", - "title": "InstanceType", - "type": "string" - }, - "OutPostArn": { - "markdownDescription": "> Not supported for future-dated Capacity Reservations. \n\nThe Amazon Resource Name (ARN) of the Outpost on which to create the Capacity Reservation.", - "title": "OutPostArn", - "type": "string" - }, - "PlacementGroupArn": { - "markdownDescription": "> Not supported for future-dated Capacity Reservations. \n\nThe Amazon Resource Name (ARN) of the cluster placement group in which to create the Capacity Reservation. For more information, see [Capacity Reservations for cluster placement groups](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/cr-cpg.html) in the *Amazon EC2 User Guide* .", - "title": "PlacementGroupArn", - "type": "string" - }, - "TagSpecifications": { - "items": { - "$ref": "#/definitions/AWS::EC2::CapacityReservation.TagSpecification" - }, - "markdownDescription": "The tags to apply to the Capacity Reservation during launch.", - "title": "TagSpecifications", - "type": "array" - }, - "Tenancy": { - "markdownDescription": "Indicates the tenancy of the Capacity Reservation. A Capacity Reservation can have one of the following tenancy settings:\n\n- `default` - The Capacity Reservation is created on hardware that is shared with other AWS accounts .\n- `dedicated` - The Capacity Reservation is created on single-tenant hardware that is dedicated to a single AWS account .", - "title": "Tenancy", - "type": "string" - } - }, - "required": [ - "AvailabilityZone", - "InstanceCount", - "InstancePlatform", - "InstanceType" - ], - "type": "object" + "Port": { + "markdownDescription": "Endpoint TCP port.", + "title": "Port", + "type": "number" }, - "Type": { - "enum": [ - "AWS::EC2::CapacityReservation" - ], - "type": "string" + "QuerySingleAlwaysOnNode": { + "markdownDescription": "Cleans and recreates table metadata information on the replication instance when a mismatch occurs. An example is a situation where running an alter DDL statement on a table might result in different information about the table cached in the replication instance.", + "title": "QuerySingleAlwaysOnNode", + "type": "boolean" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ReadBackupOnly": { + "markdownDescription": "When this attribute is set to `Y` , AWS DMS only reads changes from transaction log backups and doesn't read from the active transaction log file during ongoing replication. Setting this parameter to `Y` enables you to control active transaction log file growth during full load and ongoing replication tasks. However, it can add some source latency to ongoing replication.", + "title": "ReadBackupOnly", + "type": "boolean" + }, + "SafeguardPolicy": { + "markdownDescription": "Use this attribute to minimize the need to access the backup log and enable AWS DMS to prevent truncation using one of the following two methods.\n\n*Start transactions in the database:* This is the default method. When this method is used, AWS DMS prevents TLOG truncation by mimicking a transaction in the database. As long as such a transaction is open, changes that appear after the transaction started aren't truncated. If you need Microsoft Replication to be enabled in your database, then you must choose this method.\n\n*Exclusively use sp_repldone within a single task* : When this method is used, AWS DMS reads the changes and then uses sp_repldone to mark the TLOG transactions as ready for truncation. Although this method doesn't involve any transactional activities, it can only be used when Microsoft Replication isn't running. Also, when using this method, only one AWS DMS task can access the database at any given time. Therefore, if you need to run parallel AWS DMS tasks against the same database, use the default method.", + "title": "SafeguardPolicy", "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::EC2::CapacityReservation.TagSpecification": { - "additionalProperties": false, - "properties": { - "ResourceType": { - "markdownDescription": "The type of resource to tag. Specify `capacity-reservation` .", - "title": "ResourceType", + }, + "SecretsManagerAccessRoleArn": { + "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the SQL Server endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", + "title": "SecretsManagerAccessRoleArn", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to apply to the resource.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, - "AWS::EC2::CapacityReservationFleet": { - "additionalProperties": false, - "properties": { - "Condition": { + "SecretsManagerSecretId": { + "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the MicrosoftSQLServer endpoint connection details.", + "title": "SecretsManagerSecretId", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ServerName": { + "markdownDescription": "Fully qualified domain name of the endpoint. For an Amazon RDS SQL Server instance, this is the output of [DescribeDBInstances](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html) , in the `[Endpoint](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_Endpoint.html) .Address` field.", + "title": "ServerName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "TlogAccessMode": { + "markdownDescription": "Indicates the mode used to fetch CDC data.", + "title": "TlogAccessMode", + "type": "string" }, - "Metadata": { - "type": "object" + "TrimSpaceInChar": { + "markdownDescription": "Use the `TrimSpaceInChar` source endpoint setting to right-trim data on CHAR and NCHAR data types during migration. Setting `TrimSpaceInChar` does not left-trim data. The default value is `true` .", + "title": "TrimSpaceInChar", + "type": "boolean" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AllocationStrategy": { - "markdownDescription": "The strategy used by the Capacity Reservation Fleet to determine which of the specified instance types to use. Currently, only the `prioritized` allocation strategy is supported. For more information, see [Allocation strategy](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/crfleet-concepts.html#allocation-strategy) in the *Amazon EC2 User Guide* .\n\nValid values: `prioritized`", - "title": "AllocationStrategy", - "type": "string" - }, - "EndDate": { - "markdownDescription": "The date and time at which the Capacity Reservation Fleet expires. When the Capacity Reservation Fleet expires, its state changes to `expired` and all of the Capacity Reservations in the Fleet expire.\n\nThe Capacity Reservation Fleet expires within an hour after the specified time. For example, if you specify `5/31/2019` , `13:30:55` , the Capacity Reservation Fleet is guaranteed to expire between `13:30:55` and `14:30:55` on `5/31/2019` .", - "title": "EndDate", - "type": "string" - }, - "InstanceMatchCriteria": { - "markdownDescription": "Indicates the type of instance launches that the Capacity Reservation Fleet accepts. All Capacity Reservations in the Fleet inherit this instance matching criteria.\n\nCurrently, Capacity Reservation Fleets support `open` instance matching criteria only. This means that instances that have matching attributes (instance type, platform, and Availability Zone) run in the Capacity Reservations automatically. Instances do not need to explicitly target a Capacity Reservation Fleet to use its reserved capacity.", - "title": "InstanceMatchCriteria", - "type": "string" - }, - "InstanceTypeSpecifications": { - "items": { - "$ref": "#/definitions/AWS::EC2::CapacityReservationFleet.InstanceTypeSpecification" - }, - "markdownDescription": "Information about the instance types for which to reserve the capacity.", - "title": "InstanceTypeSpecifications", - "type": "array" - }, - "NoRemoveEndDate": { - "markdownDescription": "Used to add an end date to a Capacity Reservation Fleet that has no end date and time. To add an end date to a Capacity Reservation Fleet, specify `true` for this paramater and specify the end date and time (in UTC time format) for the *EndDate* parameter.", - "title": "NoRemoveEndDate", - "type": "boolean" - }, - "RemoveEndDate": { - "markdownDescription": "Used to remove an end date from a Capacity Reservation Fleet that is configured to end automatically at a specific date and time. To remove the end date from a Capacity Reservation Fleet, specify `true` for this paramater and omit the *EndDate* parameter.", - "title": "RemoveEndDate", - "type": "boolean" - }, - "TagSpecifications": { - "items": { - "$ref": "#/definitions/AWS::EC2::CapacityReservationFleet.TagSpecification" - }, - "markdownDescription": "The tags to assign to the Capacity Reservation Fleet. The tags are automatically assigned to the Capacity Reservations in the Fleet.", - "title": "TagSpecifications", - "type": "array" - }, - "Tenancy": { - "markdownDescription": "Indicates the tenancy of the Capacity Reservation Fleet. All Capacity Reservations in the Fleet inherit this tenancy. The Capacity Reservation Fleet can have one of the following tenancy settings:\n\n- `default` - The Capacity Reservation Fleet is created on hardware that is shared with other AWS accounts .\n- `dedicated` - The Capacity Reservations are created on single-tenant hardware that is dedicated to a single AWS account .", - "title": "Tenancy", - "type": "string" - }, - "TotalTargetCapacity": { - "markdownDescription": "The total number of capacity units to be reserved by the Capacity Reservation Fleet. This value, together with the instance type weights that you assign to each instance type used by the Fleet determine the number of instances for which the Fleet reserves capacity. Both values are based on units that make sense for your workload. For more information, see [Total target capacity](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/crfleet-concepts.html#target-capacity) in the *Amazon EC2 User Guide* .", - "title": "TotalTargetCapacity", - "type": "number" - } - }, - "type": "object" + "UseBcpFullLoad": { + "markdownDescription": "Use this to attribute to transfer data for full-load operations using BCP. When the target table contains an identity column that does not exist in the source table, you must disable the use BCP for loading table option.", + "title": "UseBcpFullLoad", + "type": "boolean" }, - "Type": { - "enum": [ - "AWS::EC2::CapacityReservationFleet" - ], - "type": "string" + "UseThirdPartyBackupDevice": { + "markdownDescription": "When this attribute is set to `Y` , DMS processes third-party transaction log backups if they are created in native format.", + "title": "UseThirdPartyBackupDevice", + "type": "boolean" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Username": { + "markdownDescription": "Endpoint connection user name.", + "title": "Username", "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::EC2::CapacityReservationFleet.InstanceTypeSpecification": { + "AWS::DMS::Endpoint.MongoDbSettings": { "additionalProperties": false, "properties": { - "AvailabilityZone": { - "markdownDescription": "The Availability Zone in which the Capacity Reservation Fleet reserves the capacity. A Capacity Reservation Fleet can't span Availability Zones. All instance type specifications that you specify for the Fleet must use the same Availability Zone.", - "title": "AvailabilityZone", + "AuthMechanism": { + "markdownDescription": "The authentication mechanism you use to access the MongoDB source endpoint.\n\nFor the default value, in MongoDB version 2.x, `\"default\"` is `\"mongodb_cr\"` . For MongoDB version 3.x or later, `\"default\"` is `\"scram_sha_1\"` . This setting isn't used when `AuthType` is set to `\"no\"` .", + "title": "AuthMechanism", "type": "string" }, - "AvailabilityZoneId": { - "markdownDescription": "The ID of the Availability Zone in which the Capacity Reservation Fleet reserves the capacity. A Capacity Reservation Fleet can't span Availability Zones. All instance type specifications that you specify for the Fleet must use the same Availability Zone.", - "title": "AvailabilityZoneId", + "AuthSource": { + "markdownDescription": "The MongoDB database name. This setting isn't used when `AuthType` is set to `\"no\"` .\n\nThe default is `\"admin\"` .", + "title": "AuthSource", "type": "string" }, - "EbsOptimized": { - "markdownDescription": "Indicates whether the Capacity Reservation Fleet supports EBS-optimized instances types. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using EBS-optimized instance types.", - "title": "EbsOptimized", - "type": "boolean" + "AuthType": { + "markdownDescription": "The authentication type you use to access the MongoDB source endpoint.\n\nWhen set to `\"no\"` , user name and password parameters are not used and can be empty.", + "title": "AuthType", + "type": "string" }, - "InstancePlatform": { - "markdownDescription": "The type of operating system for which the Capacity Reservation Fleet reserves capacity.", - "title": "InstancePlatform", + "DatabaseName": { + "markdownDescription": "The database name on the MongoDB source endpoint.", + "title": "DatabaseName", "type": "string" }, - "InstanceType": { - "markdownDescription": "The instance type for which the Capacity Reservation Fleet reserves capacity.", - "title": "InstanceType", + "DocsToInvestigate": { + "markdownDescription": "Indicates the number of documents to preview to determine the document organization. Use this setting when `NestingLevel` is set to `\"one\"` .\n\nMust be a positive value greater than `0` . Default value is `1000` .", + "title": "DocsToInvestigate", "type": "string" }, - "Priority": { - "markdownDescription": "The priority to assign to the instance type. This value is used to determine which of the instance types specified for the Fleet should be prioritized for use. A lower value indicates a high priority. For more information, see [Instance type priority](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/crfleet-concepts.html#instance-priority) in the *Amazon EC2 User Guide* .", - "title": "Priority", - "type": "number" + "ExtractDocId": { + "markdownDescription": "Specifies the document ID. Use this setting when `NestingLevel` is set to `\"none\"` .\n\nDefault value is `\"false\"` .", + "title": "ExtractDocId", + "type": "string" }, - "Weight": { - "markdownDescription": "The number of capacity units provided by the specified instance type. This value, together with the total target capacity that you specify for the Fleet determine the number of instances for which the Fleet reserves capacity. Both values are based on units that make sense for your workload. For more information, see [Total target capacity](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/crfleet-concepts.html#target-capacity) in the Amazon EC2 User Guide.\n\nValid Range: Minimum value of `0.001` . Maximum value of `99.999` .", - "title": "Weight", + "NestingLevel": { + "markdownDescription": "Specifies either document or table mode.\n\nDefault value is `\"none\"` . Specify `\"none\"` to use document mode. Specify `\"one\"` to use table mode.", + "title": "NestingLevel", + "type": "string" + }, + "Password": { + "markdownDescription": "The password for the user account you use to access the MongoDB source endpoint.", + "title": "Password", + "type": "string" + }, + "Port": { + "markdownDescription": "The port value for the MongoDB source endpoint.", + "title": "Port", "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::CapacityReservationFleet.TagSpecification": { - "additionalProperties": false, - "properties": { - "ResourceType": { - "markdownDescription": "The type of resource to tag on creation. Specify `capacity-reservation-fleet` .\n\nTo tag a resource after it has been created, see [CreateTags](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTags.html) .", - "title": "ResourceType", + }, + "SecretsManagerAccessRoleArn": { + "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the MongoDB endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", + "title": "SecretsManagerAccessRoleArn", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to apply to the resource.", - "title": "Tags", - "type": "array" + "SecretsManagerSecretId": { + "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the MongoDB endpoint connection details.", + "title": "SecretsManagerSecretId", + "type": "string" + }, + "ServerName": { + "markdownDescription": "The name of the server on the MongoDB source endpoint.", + "title": "ServerName", + "type": "string" + }, + "Username": { + "markdownDescription": "The user name you use to access the MongoDB source endpoint.", + "title": "Username", + "type": "string" } }, "type": "object" }, - "AWS::EC2::CarrierGateway": { + "AWS::DMS::Endpoint.MySqlSettings": { "additionalProperties": false, "properties": { - "Condition": { + "AfterConnectScript": { + "markdownDescription": "Specifies a script to run immediately after AWS DMS connects to the endpoint. The migration task continues running regardless if the SQL statement succeeds or fails.\n\nFor this parameter, provide the code of the script itself, not the name of a file containing the script.", + "title": "AfterConnectScript", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "CleanSourceMetadataOnMismatch": { + "markdownDescription": "Cleans and recreates table metadata information on the replication instance when a mismatch occurs. For example, in a situation where running an alter DDL on the table could result in different information about the table cached in the replication instance.", + "title": "CleanSourceMetadataOnMismatch", + "type": "boolean" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "EventsPollInterval": { + "markdownDescription": "Specifies how often to check the binary log for new changes/events when the database is idle. The default is five seconds.\n\nExample: `eventsPollInterval=5;`\n\nIn the example, AWS DMS checks for changes in the binary logs every five seconds.", + "title": "EventsPollInterval", + "type": "number" }, - "Metadata": { - "type": "object" + "MaxFileSize": { + "markdownDescription": "Specifies the maximum size (in KB) of any .csv file used to transfer data to a MySQL-compatible database.\n\nExample: `maxFileSize=512`", + "title": "MaxFileSize", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags assigned to the carrier gateway.", - "title": "Tags", - "type": "array" - }, - "VpcId": { - "markdownDescription": "The ID of the VPC associated with the carrier gateway.", - "title": "VpcId", - "type": "string" - } - }, - "required": [ - "VpcId" - ], - "type": "object" + "ParallelLoadThreads": { + "markdownDescription": "Improves performance when loading data into the MySQL-compatible target database. Specifies how many threads to use to load the data into the MySQL-compatible target database. Setting a large number of threads can have an adverse effect on database performance, because a separate connection is required for each thread. The default is one.\n\nExample: `parallelLoadThreads=1`", + "title": "ParallelLoadThreads", + "type": "number" }, - "Type": { - "enum": [ - "AWS::EC2::CarrierGateway" - ], + "SecretsManagerAccessRoleArn": { + "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the MySQL endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", + "title": "SecretsManagerAccessRoleArn", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SecretsManagerSecretId": { + "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the MySQL endpoint connection details.", + "title": "SecretsManagerSecretId", + "type": "string" + }, + "ServerTimezone": { + "markdownDescription": "Specifies the time zone for the source MySQL database.\n\nExample: `serverTimezone=US/Pacific;`\n\nNote: Do not enclose time zones in single quotes.", + "title": "ServerTimezone", + "type": "string" + }, + "TargetDbType": { + "markdownDescription": "Specifies where to migrate source tables on the target, either to a single database or multiple databases. If you specify `SPECIFIC_DATABASE` , specify the database name using the `DatabaseName` parameter of the `Endpoint` object.\n\nExample: `targetDbType=MULTIPLE_DATABASES`", + "title": "TargetDbType", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::EC2::ClientVpnAuthorizationRule": { + "AWS::DMS::Endpoint.NeptuneSettings": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "ErrorRetryDuration": { + "markdownDescription": "The number of milliseconds for AWS DMS to wait to retry a bulk-load of migrated graph data to the Neptune target database before raising an error. The default is 250.", + "title": "ErrorRetryDuration", + "type": "number" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "IamAuthEnabled": { + "markdownDescription": "If you want IAM authorization enabled for this endpoint, set this parameter to `true` . Then attach the appropriate IAM policy document to your service role specified by `ServiceAccessRoleArn` . The default is `false` .", + "title": "IamAuthEnabled", + "type": "boolean" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "MaxFileSize": { + "markdownDescription": "The maximum size in kilobytes of migrated graph data stored in a .csv file before AWS DMS bulk-loads the data to the Neptune target database. The default is 1,048,576 KB. If the bulk load is successful, AWS DMS clears the bucket, ready to store the next batch of migrated graph data.", + "title": "MaxFileSize", + "type": "number" }, - "Metadata": { - "type": "object" + "MaxRetryCount": { + "markdownDescription": "The number of times for AWS DMS to retry a bulk load of migrated graph data to the Neptune target database before raising an error. The default is 5.", + "title": "MaxRetryCount", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AccessGroupId": { - "markdownDescription": "The ID of the group to grant access to, for example, the Active Directory group or identity provider (IdP) group. Required if `AuthorizeAllGroups` is `false` or not specified.", - "title": "AccessGroupId", - "type": "string" - }, - "AuthorizeAllGroups": { - "markdownDescription": "Indicates whether to grant access to all clients. Specify `true` to grant all clients who successfully establish a VPN connection access to the network. Must be set to `true` if `AccessGroupId` is not specified.", - "title": "AuthorizeAllGroups", - "type": "boolean" - }, - "ClientVpnEndpointId": { - "markdownDescription": "The ID of the Client VPN endpoint.", - "title": "ClientVpnEndpointId", - "type": "string" - }, - "Description": { - "markdownDescription": "A brief description of the authorization rule.", - "title": "Description", - "type": "string" - }, - "TargetNetworkCidr": { - "markdownDescription": "The IPv4 address range, in CIDR notation, of the network for which access is being authorized.", - "title": "TargetNetworkCidr", - "type": "string" - } - }, - "required": [ - "ClientVpnEndpointId", - "TargetNetworkCidr" - ], - "type": "object" + "S3BucketFolder": { + "markdownDescription": "A folder path where you want AWS DMS to store migrated graph data in the S3 bucket specified by `S3BucketName`", + "title": "S3BucketFolder", + "type": "string" }, - "Type": { - "enum": [ - "AWS::EC2::ClientVpnAuthorizationRule" - ], + "S3BucketName": { + "markdownDescription": "The name of the Amazon S3 bucket where AWS DMS can temporarily store migrated graph data in .csv files before bulk-loading it to the Neptune target database. AWS DMS maps the SQL source data to graph data before storing it in these .csv files.", + "title": "S3BucketName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ServiceAccessRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the service role that you created for the Neptune target endpoint. The role must allow the `iam:PassRole` action.\n\nFor more information, see [Creating an IAM Service Role for Accessing Amazon Neptune as a Target](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Neptune.html#CHAP_Target.Neptune.ServiceRole) in the *AWS Database Migration Service User Guide* .", + "title": "ServiceAccessRoleArn", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::EC2::ClientVpnEndpoint": { + "AWS::DMS::Endpoint.OracleSettings": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "AccessAlternateDirectly": { + "markdownDescription": "Set this attribute to `false` in order to use the Binary Reader to capture change data for an Amazon RDS for Oracle as the source. This tells the DMS instance to not access redo logs through any specified path prefix replacement using direct file access.", + "title": "AccessAlternateDirectly", + "type": "boolean" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "AddSupplementalLogging": { + "markdownDescription": "Set this attribute to set up table-level supplemental logging for the Oracle database. This attribute enables PRIMARY KEY supplemental logging on all tables selected for a migration task.\n\nIf you use this option, you still need to enable database-level supplemental logging.", + "title": "AddSupplementalLogging", + "type": "boolean" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "AdditionalArchivedLogDestId": { + "markdownDescription": "Set this attribute with `ArchivedLogDestId` in a primary/ standby setup. This attribute is useful in the case of a switchover. In this case, AWS DMS needs to know which destination to get archive redo logs from to read changes. This need arises because the previous primary instance is now a standby instance after switchover.\n\nAlthough AWS DMS supports the use of the Oracle `RESETLOGS` option to open the database, never use `RESETLOGS` unless necessary. For additional information about `RESETLOGS` , see [RMAN Data Repair Concepts](https://docs.aws.amazon.com/https://docs.oracle.com/en/database/oracle/oracle-database/19/bradv/rman-data-repair-concepts.html#GUID-1805CCF7-4AF2-482D-B65A-998192F89C2B) in the *Oracle Database Backup and Recovery User's Guide* .", + "title": "AdditionalArchivedLogDestId", + "type": "number" }, - "Metadata": { - "type": "object" + "AllowSelectNestedTables": { + "markdownDescription": "Set this attribute to `true` to enable replication of Oracle tables containing columns that are nested tables or defined types.", + "title": "AllowSelectNestedTables", + "type": "boolean" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AuthenticationOptions": { - "items": { - "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.ClientAuthenticationRequest" - }, - "markdownDescription": "Information about the authentication method to be used to authenticate clients.", - "title": "AuthenticationOptions", - "type": "array" - }, - "ClientCidrBlock": { - "markdownDescription": "The IPv4 address range, in CIDR notation, from which to assign client IP addresses. The address range cannot overlap with the local CIDR of the VPC in which the associated subnet is located, or the routes that you add manually. The address range cannot be changed after the Client VPN endpoint has been created. Client CIDR range must have a size of at least /22 and must not be greater than /12.", - "title": "ClientCidrBlock", - "type": "string" - }, - "ClientConnectOptions": { - "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.ClientConnectOptions", - "markdownDescription": "The options for managing connection authorization for new client connections.", - "title": "ClientConnectOptions" - }, - "ClientLoginBannerOptions": { - "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.ClientLoginBannerOptions", - "markdownDescription": "Options for enabling a customizable text banner that will be displayed on AWS provided clients when a VPN session is established.", - "title": "ClientLoginBannerOptions" - }, - "ConnectionLogOptions": { - "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.ConnectionLogOptions", - "markdownDescription": "Information about the client connection logging options.\n\nIf you enable client connection logging, data about client connections is sent to a Cloudwatch Logs log stream. The following information is logged:\n\n- Client connection requests\n- Client connection results (successful and unsuccessful)\n- Reasons for unsuccessful client connection requests\n- Client connection termination time", - "title": "ConnectionLogOptions" - }, - "Description": { - "markdownDescription": "A brief description of the Client VPN endpoint.", - "title": "Description", - "type": "string" - }, - "DnsServers": { - "items": { - "type": "string" - }, - "markdownDescription": "Information about the DNS servers to be used for DNS resolution. A Client VPN endpoint can have up to two DNS servers. If no DNS server is specified, the DNS address configured on the device is used for the DNS server.", - "title": "DnsServers", - "type": "array" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of one or more security groups to apply to the target network. You must also specify the ID of the VPC that contains the security groups.", - "title": "SecurityGroupIds", - "type": "array" - }, - "SelfServicePortal": { - "markdownDescription": "Specify whether to enable the self-service portal for the Client VPN endpoint.\n\nDefault Value: `enabled`", - "title": "SelfServicePortal", - "type": "string" - }, - "ServerCertificateArn": { - "markdownDescription": "The ARN of the server certificate. For more information, see the [AWS Certificate Manager User Guide](https://docs.aws.amazon.com/acm/latest/userguide/) .", - "title": "ServerCertificateArn", - "type": "string" - }, - "SessionTimeoutHours": { - "markdownDescription": "The maximum VPN session duration time in hours.\n\nValid values: `8 | 10 | 12 | 24`\n\nDefault value: `24`", - "title": "SessionTimeoutHours", - "type": "number" - }, - "SplitTunnel": { - "markdownDescription": "Indicates whether split-tunnel is enabled on the AWS Client VPN endpoint.\n\nBy default, split-tunnel on a VPN endpoint is disabled.\n\nFor information about split-tunnel VPN endpoints, see [Split-tunnel AWS Client VPN endpoint](https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/split-tunnel-vpn.html) in the *AWS Client VPN Administrator Guide* .", - "title": "SplitTunnel", - "type": "boolean" - }, - "TagSpecifications": { - "items": { - "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.TagSpecification" - }, - "markdownDescription": "The tags to apply to the Client VPN endpoint during creation.", - "title": "TagSpecifications", - "type": "array" - }, - "TransportProtocol": { - "markdownDescription": "The transport protocol to be used by the VPN session.\n\nDefault value: `udp`", - "title": "TransportProtocol", - "type": "string" - }, - "VpcId": { - "markdownDescription": "The ID of the VPC to associate with the Client VPN endpoint. If no security group IDs are specified in the request, the default security group for the VPC is applied.", - "title": "VpcId", - "type": "string" - }, - "VpnPort": { - "markdownDescription": "The port number to assign to the Client VPN endpoint for TCP and UDP traffic.\n\nValid Values: `443` | `1194`\n\nDefault Value: `443`", - "title": "VpnPort", - "type": "number" - } + "ArchivedLogDestId": { + "markdownDescription": "Specifies the ID of the destination for the archived redo logs. This value should be the same as a number in the dest_id column of the v$archived_log view. If you work with an additional redo log destination, use the `AdditionalArchivedLogDestId` option to specify the additional destination ID. Doing this improves performance by ensuring that the correct logs are accessed from the outset.", + "title": "ArchivedLogDestId", + "type": "number" + }, + "ArchivedLogsOnly": { + "markdownDescription": "When this field is set to `True` , AWS DMS only accesses the archived redo logs. If the archived redo logs are stored on Automatic Storage Management (ASM) only, the AWS DMS user account needs to be granted ASM privileges.", + "title": "ArchivedLogsOnly", + "type": "boolean" + }, + "AsmPassword": { + "markdownDescription": "For an Oracle source endpoint, your Oracle Automatic Storage Management (ASM) password. You can set this value from the `*asm_user_password*` value. You set this value as part of the comma-separated value that you set to the `Password` request parameter when you create the endpoint to access transaction logs using Binary Reader. For more information, see [Configuration for change data capture (CDC) on an Oracle source database](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.CDC.Configuration) .", + "title": "AsmPassword", + "type": "string" + }, + "AsmServer": { + "markdownDescription": "For an Oracle source endpoint, your ASM server address. You can set this value from the `asm_server` value. You set `asm_server` as part of the extra connection attribute string to access an Oracle server with Binary Reader that uses ASM. For more information, see [Configuration for change data capture (CDC) on an Oracle source database](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.CDC.Configuration) .", + "title": "AsmServer", + "type": "string" + }, + "AsmUser": { + "markdownDescription": "For an Oracle source endpoint, your ASM user name. You can set this value from the `asm_user` value. You set `asm_user` as part of the extra connection attribute string to access an Oracle server with Binary Reader that uses ASM. For more information, see [Configuration for change data capture (CDC) on an Oracle source database](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.CDC.Configuration) .", + "title": "AsmUser", + "type": "string" + }, + "CharLengthSemantics": { + "markdownDescription": "Specifies whether the length of a character column is in bytes or in characters. To indicate that the character column length is in characters, set this attribute to `CHAR` . Otherwise, the character column length is in bytes.\n\nExample: `charLengthSemantics=CHAR;`", + "title": "CharLengthSemantics", + "type": "string" + }, + "DirectPathNoLog": { + "markdownDescription": "When set to `true` , this attribute helps to increase the commit rate on the Oracle target database by writing directly to tables and not writing a trail to database logs.", + "title": "DirectPathNoLog", + "type": "boolean" + }, + "DirectPathParallelLoad": { + "markdownDescription": "When set to `true` , this attribute specifies a parallel load when `useDirectPathFullLoad` is set to `Y` . This attribute also only applies when you use the AWS DMS parallel load feature. Note that the target table cannot have any constraints or indexes.", + "title": "DirectPathParallelLoad", + "type": "boolean" + }, + "EnableHomogenousTablespace": { + "markdownDescription": "Set this attribute to enable homogenous tablespace replication and create existing tables or indexes under the same tablespace on the target.", + "title": "EnableHomogenousTablespace", + "type": "boolean" + }, + "ExtraArchivedLogDestIds": { + "items": { + "type": "number" }, - "required": [ - "AuthenticationOptions", - "ClientCidrBlock", - "ConnectionLogOptions", - "ServerCertificateArn" - ], - "type": "object" + "markdownDescription": "Specifies the IDs of one more destinations for one or more archived redo logs. These IDs are the values of the `dest_id` column in the `v$archived_log` view. Use this setting with the `archivedLogDestId` extra connection attribute in a primary-to-single setup or a primary-to-multiple-standby setup.\n\nThis setting is useful in a switchover when you use an Oracle Data Guard database as a source. In this case, AWS DMS needs information about what destination to get archive redo logs from to read changes. AWS DMS needs this because after the switchover the previous primary is a standby instance. For example, in a primary-to-single standby setup you might apply the following settings.\n\n`archivedLogDestId=1; ExtraArchivedLogDestIds=[2]`\n\nIn a primary-to-multiple-standby setup, you might apply the following settings.\n\n`archivedLogDestId=1; ExtraArchivedLogDestIds=[2,3,4]`\n\nAlthough AWS DMS supports the use of the Oracle `RESETLOGS` option to open the database, never use `RESETLOGS` unless it's necessary. For more information about `RESETLOGS` , see [RMAN Data Repair Concepts](https://docs.aws.amazon.com/https://docs.oracle.com/en/database/oracle/oracle-database/19/bradv/rman-data-repair-concepts.html#GUID-1805CCF7-4AF2-482D-B65A-998192F89C2B) in the *Oracle Database Backup and Recovery User's Guide* .", + "title": "ExtraArchivedLogDestIds", + "type": "array" }, - "Type": { - "enum": [ - "AWS::EC2::ClientVpnEndpoint" - ], + "FailTasksOnLobTruncation": { + "markdownDescription": "When set to `true` , this attribute causes a task to fail if the actual size of an LOB column is greater than the specified `LobMaxSize` .\n\nIf a task is set to limited LOB mode and this option is set to `true` , the task fails instead of truncating the LOB data.", + "title": "FailTasksOnLobTruncation", + "type": "boolean" + }, + "NumberDatatypeScale": { + "markdownDescription": "Specifies the number scale. You can select a scale up to 38, or you can select FLOAT. By default, the NUMBER data type is converted to precision 38, scale 10.\n\nExample: `numberDataTypeScale=12`", + "title": "NumberDatatypeScale", + "type": "number" + }, + "OraclePathPrefix": { + "markdownDescription": "Set this string attribute to the required value in order to use the Binary Reader to capture change data for an Amazon RDS for Oracle as the source. This value specifies the default Oracle root used to access the redo logs.", + "title": "OraclePathPrefix", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ParallelAsmReadThreads": { + "markdownDescription": "Set this attribute to change the number of threads that DMS configures to perform a change data capture (CDC) load using Oracle Automatic Storage Management (ASM). You can specify an integer value between 2 (the default) and 8 (the maximum). Use this attribute together with the `readAheadBlocks` attribute.", + "title": "ParallelAsmReadThreads", + "type": "number" + }, + "ReadAheadBlocks": { + "markdownDescription": "Set this attribute to change the number of read-ahead blocks that DMS configures to perform a change data capture (CDC) load using Oracle Automatic Storage Management (ASM). You can specify an integer value between 1000 (the default) and 200,000 (the maximum).", + "title": "ReadAheadBlocks", + "type": "number" + }, + "ReadTableSpaceName": { + "markdownDescription": "When set to `true` , this attribute supports tablespace replication.", + "title": "ReadTableSpaceName", + "type": "boolean" + }, + "ReplacePathPrefix": { + "markdownDescription": "Set this attribute to true in order to use the Binary Reader to capture change data for an Amazon RDS for Oracle as the source. This setting tells DMS instance to replace the default Oracle root with the specified `usePathPrefix` setting to access the redo logs.", + "title": "ReplacePathPrefix", + "type": "boolean" + }, + "RetryInterval": { + "markdownDescription": "Specifies the number of seconds that the system waits before resending a query.\n\nExample: `retryInterval=6;`", + "title": "RetryInterval", + "type": "number" + }, + "SecretsManagerAccessRoleArn": { + "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the Oracle endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", + "title": "SecretsManagerAccessRoleArn", + "type": "string" + }, + "SecretsManagerOracleAsmAccessRoleArn": { + "markdownDescription": "Required only if your Oracle endpoint uses Advanced Storage Manager (ASM). The full ARN of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the `SecretsManagerOracleAsmSecret` . This `SecretsManagerOracleAsmSecret` has the secret value that allows access to the Oracle ASM of the endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerOracleAsmSecretId` . Or you can specify clear-text values for `AsmUser` , `AsmPassword` , and `AsmServerName` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerOracleAsmSecret` , the corresponding `SecretsManagerOracleAsmAccessRoleArn` , and the `SecretsManagerOracleAsmSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", + "title": "SecretsManagerOracleAsmAccessRoleArn", + "type": "string" + }, + "SecretsManagerOracleAsmSecretId": { + "markdownDescription": "Required only if your Oracle endpoint uses Advanced Storage Manager (ASM). The full ARN, partial ARN, or display name of the `SecretsManagerOracleAsmSecret` that contains the Oracle ASM connection details for the Oracle endpoint.", + "title": "SecretsManagerOracleAsmSecretId", + "type": "string" + }, + "SecretsManagerSecretId": { + "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the Oracle endpoint connection details.", + "title": "SecretsManagerSecretId", + "type": "string" + }, + "SecurityDbEncryption": { + "markdownDescription": "For an Oracle source endpoint, the transparent data encryption (TDE) password required by AWM DMS to access Oracle redo logs encrypted by TDE using Binary Reader. It is also the `*TDE_Password*` part of the comma-separated value you set to the `Password` request parameter when you create the endpoint. The `SecurityDbEncryptian` setting is related to this `SecurityDbEncryptionName` setting. For more information, see [Supported encryption methods for using Oracle as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.Encryption) in the *AWS Database Migration Service User Guide* .", + "title": "SecurityDbEncryption", + "type": "string" + }, + "SecurityDbEncryptionName": { + "markdownDescription": "For an Oracle source endpoint, the name of a key used for the transparent data encryption (TDE) of the columns and tablespaces in an Oracle source database that is encrypted using TDE. The key value is the value of the `SecurityDbEncryption` setting. For more information on setting the key name value of `SecurityDbEncryptionName` , see the information and example for setting the `securityDbEncryptionName` extra connection attribute in [Supported encryption methods for using Oracle as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.Encryption) in the *AWS Database Migration Service User Guide* .", + "title": "SecurityDbEncryptionName", + "type": "string" + }, + "SpatialDataOptionToGeoJsonFunctionName": { + "markdownDescription": "Use this attribute to convert `SDO_GEOMETRY` to `GEOJSON` format. By default, DMS calls the `SDO2GEOJSON` custom function if present and accessible. Or you can create your own custom function that mimics the operation of `SDOGEOJSON` and set `SpatialDataOptionToGeoJsonFunctionName` to call it instead.", + "title": "SpatialDataOptionToGeoJsonFunctionName", + "type": "string" + }, + "StandbyDelayTime": { + "markdownDescription": "Use this attribute to specify a time in minutes for the delay in standby sync. If the source is an Oracle Active Data Guard standby database, use this attribute to specify the time lag between primary and standby databases.\n\nIn AWS DMS , you can create an Oracle CDC task that uses an Active Data Guard standby instance as a source for replicating ongoing changes. Doing this eliminates the need to connect to an active database that might be in production.", + "title": "StandbyDelayTime", + "type": "number" + }, + "UseAlternateFolderForOnline": { + "markdownDescription": "Set this attribute to `true` in order to use the Binary Reader to capture change data for an Amazon RDS for Oracle as the source. This tells the DMS instance to use any specified prefix replacement to access all online redo logs.", + "title": "UseAlternateFolderForOnline", + "type": "boolean" + }, + "UseBFile": { + "markdownDescription": "Set this attribute to True to capture change data using the Binary Reader utility. Set `UseLogminerReader` to False to set this attribute to True. To use Binary Reader with Amazon RDS for Oracle as the source, you set additional attributes. For more information about using this setting with Oracle Automatic Storage Management (ASM), see [Using Oracle LogMiner or AWS DMS Binary Reader for CDC](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.CDC) .", + "title": "UseBFile", + "type": "boolean" + }, + "UseDirectPathFullLoad": { + "markdownDescription": "Set this attribute to True to have AWS DMS use a direct path full load. Specify this value to use the direct path protocol in the Oracle Call Interface (OCI). By using this OCI protocol, you can bulk-load Oracle target tables during a full load.", + "title": "UseDirectPathFullLoad", + "type": "boolean" + }, + "UseLogminerReader": { + "markdownDescription": "Set this attribute to True to capture change data using the Oracle LogMiner utility (the default). Set this attribute to False if you want to access the redo logs as a binary file. When you set `UseLogminerReader` to False, also set `UseBfile` to True. For more information on this setting and using Oracle ASM, see [Using Oracle LogMiner or AWS DMS Binary Reader for CDC](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.CDC) in the *AWS DMS User Guide* .", + "title": "UseLogminerReader", + "type": "boolean" + }, + "UsePathPrefix": { + "markdownDescription": "Set this string attribute to the required value in order to use the Binary Reader to capture change data for an Amazon RDS for Oracle as the source. This value specifies the path prefix used to replace the default Oracle root to access the redo logs.", + "title": "UsePathPrefix", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::EC2::ClientVpnEndpoint.CertificateAuthenticationRequest": { + "AWS::DMS::Endpoint.PostgreSqlSettings": { "additionalProperties": false, "properties": { - "ClientRootCertificateChainArn": { - "markdownDescription": "The ARN of the client certificate. The certificate must be signed by a certificate authority (CA) and it must be provisioned in AWS Certificate Manager (ACM).", - "title": "ClientRootCertificateChainArn", + "AfterConnectScript": { + "markdownDescription": "For use with change data capture (CDC) only, this attribute has AWS DMS bypass foreign keys and user triggers to reduce the time it takes to bulk load data.\n\nExample: `afterConnectScript=SET session_replication_role='replica'`", + "title": "AfterConnectScript", + "type": "string" + }, + "BabelfishDatabaseName": { + "markdownDescription": "The Babelfish for Aurora PostgreSQL database name for the endpoint.", + "title": "BabelfishDatabaseName", + "type": "string" + }, + "CaptureDdls": { + "markdownDescription": "To capture DDL events, AWS DMS creates various artifacts in the PostgreSQL database when the task starts. You can later remove these artifacts.\n\nIf this value is set to `True` , you don't have to create tables or triggers on the source database.", + "title": "CaptureDdls", + "type": "boolean" + }, + "DatabaseMode": { + "markdownDescription": "Specifies the default behavior of the replication's handling of PostgreSQL- compatible endpoints that require some additional configuration, such as Babelfish endpoints.", + "title": "DatabaseMode", + "type": "string" + }, + "DdlArtifactsSchema": { + "markdownDescription": "The schema in which the operational DDL database artifacts are created.\n\nThe default value is `public` .\n\nExample: `ddlArtifactsSchema=xyzddlschema;`", + "title": "DdlArtifactsSchema", + "type": "string" + }, + "ExecuteTimeout": { + "markdownDescription": "Sets the client statement timeout for the PostgreSQL instance, in seconds. The default value is 60 seconds.\n\nExample: `executeTimeout=100;`", + "title": "ExecuteTimeout", + "type": "number" + }, + "FailTasksOnLobTruncation": { + "markdownDescription": "When set to `true` , this value causes a task to fail if the actual size of a LOB column is greater than the specified `LobMaxSize` .\n\nThe default value is `false` .\n\nIf task is set to Limited LOB mode and this option is set to true, the task fails instead of truncating the LOB data.", + "title": "FailTasksOnLobTruncation", + "type": "boolean" + }, + "HeartbeatEnable": { + "markdownDescription": "The write-ahead log (WAL) heartbeat feature mimics a dummy transaction. By doing this, it prevents idle logical replication slots from holding onto old WAL logs, which can result in storage full situations on the source. This heartbeat keeps `restart_lsn` moving and prevents storage full scenarios.\n\nThe default value is `false` .", + "title": "HeartbeatEnable", + "type": "boolean" + }, + "HeartbeatFrequency": { + "markdownDescription": "Sets the WAL heartbeat frequency (in minutes).\n\nThe default value is 5 minutes.", + "title": "HeartbeatFrequency", + "type": "number" + }, + "HeartbeatSchema": { + "markdownDescription": "Sets the schema in which the heartbeat artifacts are created.\n\nThe default value is `public` .", + "title": "HeartbeatSchema", + "type": "string" + }, + "MapBooleanAsBoolean": { + "markdownDescription": "When true, lets PostgreSQL migrate the boolean type as boolean. By default, PostgreSQL migrates booleans as `varchar(5)` . You must set this setting on both the source and target endpoints for it to take effect.\n\nThe default value is `false` .", + "title": "MapBooleanAsBoolean", + "type": "boolean" + }, + "MaxFileSize": { + "markdownDescription": "Specifies the maximum size (in KB) of any .csv file used to transfer data to PostgreSQL.\n\nThe default value is 32,768 KB (32 MB).\n\nExample: `maxFileSize=512`", + "title": "MaxFileSize", + "type": "number" + }, + "PluginName": { + "markdownDescription": "Specifies the plugin to use to create a replication slot.\n\nThe default value is `pglogical` .", + "title": "PluginName", + "type": "string" + }, + "SecretsManagerAccessRoleArn": { + "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the PostgreSQL endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", + "title": "SecretsManagerAccessRoleArn", + "type": "string" + }, + "SecretsManagerSecretId": { + "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the PostgreSQL endpoint connection details.", + "title": "SecretsManagerSecretId", + "type": "string" + }, + "SlotName": { + "markdownDescription": "Sets the name of a previously created logical replication slot for a change data capture (CDC) load of the PostgreSQL source instance.\n\nWhen used with the `CdcStartPosition` request parameter for the AWS DMS API , this attribute also makes it possible to use native CDC start points. DMS verifies that the specified logical replication slot exists before starting the CDC load task. It also verifies that the task was created with a valid setting of `CdcStartPosition` . If the specified slot doesn't exist or the task doesn't have a valid `CdcStartPosition` setting, DMS raises an error.\n\nFor more information about setting the `CdcStartPosition` request parameter, see [Determining a CDC native start point](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Task.CDC.html#CHAP_Task.CDC.StartPoint.Native) in the *AWS Database Migration Service User Guide* . For more information about using `CdcStartPosition` , see [CreateReplicationTask](https://docs.aws.amazon.com/dms/latest/APIReference/API_CreateReplicationTask.html) , [StartReplicationTask](https://docs.aws.amazon.com/dms/latest/APIReference/API_StartReplicationTask.html) , and [ModifyReplicationTask](https://docs.aws.amazon.com/dms/latest/APIReference/API_ModifyReplicationTask.html) .", + "title": "SlotName", "type": "string" } }, - "required": [ - "ClientRootCertificateChainArn" - ], "type": "object" }, - "AWS::EC2::ClientVpnEndpoint.ClientAuthenticationRequest": { + "AWS::DMS::Endpoint.RedisSettings": { "additionalProperties": false, "properties": { - "ActiveDirectory": { - "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.DirectoryServiceAuthenticationRequest", - "markdownDescription": "Information about the Active Directory to be used, if applicable. You must provide this information if *Type* is `directory-service-authentication` .", - "title": "ActiveDirectory" + "AuthPassword": { + "markdownDescription": "The password provided with the `auth-role` and `auth-token` options of the `AuthType` setting for a Redis target endpoint.", + "title": "AuthPassword", + "type": "string" }, - "FederatedAuthentication": { - "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.FederatedAuthenticationRequest", - "markdownDescription": "Information about the IAM SAML identity provider, if applicable.", - "title": "FederatedAuthentication" + "AuthType": { + "markdownDescription": "The type of authentication to perform when connecting to a Redis target. Options include `none` , `auth-token` , and `auth-role` . The `auth-token` option requires an `AuthPassword` value to be provided. The `auth-role` option requires `AuthUserName` and `AuthPassword` values to be provided.", + "title": "AuthType", + "type": "string" }, - "MutualAuthentication": { - "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.CertificateAuthenticationRequest", - "markdownDescription": "Information about the authentication certificates to be used, if applicable. You must provide this information if *Type* is `certificate-authentication` .", - "title": "MutualAuthentication" + "AuthUserName": { + "markdownDescription": "The user name provided with the `auth-role` option of the `AuthType` setting for a Redis target endpoint.", + "title": "AuthUserName", + "type": "string" }, - "Type": { - "markdownDescription": "The type of client authentication to be used.", - "title": "Type", + "Port": { + "markdownDescription": "Transmission Control Protocol (TCP) port for the endpoint.", + "title": "Port", + "type": "number" + }, + "ServerName": { + "markdownDescription": "Fully qualified domain name of the endpoint.", + "title": "ServerName", + "type": "string" + }, + "SslCaCertificateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the certificate authority (CA) that DMS uses to connect to your Redis target endpoint.", + "title": "SslCaCertificateArn", + "type": "string" + }, + "SslSecurityProtocol": { + "markdownDescription": "The connection to a Redis target endpoint using Transport Layer Security (TLS). Valid values include `plaintext` and `ssl-encryption` . The default is `ssl-encryption` . The `ssl-encryption` option makes an encrypted connection. Optionally, you can identify an Amazon Resource Name (ARN) for an SSL certificate authority (CA) using the `SslCaCertificateArn` setting. If an ARN isn't given for a CA, DMS uses the Amazon root CA.\n\nThe `plaintext` option doesn't provide Transport Layer Security (TLS) encryption for traffic between endpoint and database.", + "title": "SslSecurityProtocol", "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::EC2::ClientVpnEndpoint.ClientConnectOptions": { + "AWS::DMS::Endpoint.RedshiftSettings": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Indicates whether client connect options are enabled. The default is `false` (not enabled).", - "title": "Enabled", + "AcceptAnyDate": { + "markdownDescription": "A value that indicates to allow any date format, including invalid formats such as 00/00/00 00:00:00, to be loaded without generating an error. You can choose `true` or `false` (the default).\n\nThis parameter applies only to TIMESTAMP and DATE columns. Always use ACCEPTANYDATE with the DATEFORMAT parameter. If the date format for the data doesn't match the DATEFORMAT specification, Amazon Redshift inserts a NULL value into that field.", + "title": "AcceptAnyDate", "type": "boolean" }, - "LambdaFunctionArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Lambda function used for connection authorization.", - "title": "LambdaFunctionArn", + "AfterConnectScript": { + "markdownDescription": "Code to run after connecting. This parameter should contain the code itself, not the name of a file containing the code.", + "title": "AfterConnectScript", "type": "string" - } - }, - "required": [ - "Enabled" - ], - "type": "object" - }, - "AWS::EC2::ClientVpnEndpoint.ClientLoginBannerOptions": { - "additionalProperties": false, - "properties": { - "BannerText": { - "markdownDescription": "Customizable text that will be displayed in a banner on AWS provided clients when a VPN session is established. UTF-8 encoded characters only. Maximum of 1400 characters.", - "title": "BannerText", + }, + "BucketFolder": { + "markdownDescription": "An S3 folder where the comma-separated-value (.csv) files are stored before being uploaded to the target Redshift cluster.\n\nFor full load mode, AWS DMS converts source records into .csv files and loads them to the *BucketFolder/TableID* path. AWS DMS uses the Redshift `COPY` command to upload the .csv files to the target table. The files are deleted once the `COPY` operation has finished. For more information, see [COPY](https://docs.aws.amazon.com/redshift/latest/dg/r_COPY.html) in the *Amazon Redshift Database Developer Guide* .\n\nFor change-data-capture (CDC) mode, AWS DMS creates a *NetChanges* table, and loads the .csv files to this *BucketFolder/NetChangesTableID* path.", + "title": "BucketFolder", "type": "string" }, - "Enabled": { - "markdownDescription": "Enable or disable a customizable text banner that will be displayed on AWS provided clients when a VPN session is established.\n\nValid values: `true | false`\n\nDefault value: `false`", - "title": "Enabled", + "BucketName": { + "markdownDescription": "The name of the intermediate S3 bucket used to store .csv files before uploading data to Redshift.", + "title": "BucketName", + "type": "string" + }, + "CaseSensitiveNames": { + "markdownDescription": "If Amazon Redshift is configured to support case sensitive schema names, set `CaseSensitiveNames` to `true` . The default is `false` .", + "title": "CaseSensitiveNames", "type": "boolean" - } - }, - "required": [ - "Enabled" - ], - "type": "object" - }, - "AWS::EC2::ClientVpnEndpoint.ConnectionLogOptions": { - "additionalProperties": false, - "properties": { - "CloudwatchLogGroup": { - "markdownDescription": "The name of the CloudWatch Logs log group. Required if connection logging is enabled.", - "title": "CloudwatchLogGroup", + }, + "CompUpdate": { + "markdownDescription": "If you set `CompUpdate` to `true` Amazon Redshift applies automatic compression if the table is empty. This applies even if the table columns already have encodings other than `RAW` . If you set `CompUpdate` to `false` , automatic compression is disabled and existing column encodings aren't changed. The default is `true` .", + "title": "CompUpdate", + "type": "boolean" + }, + "ConnectionTimeout": { + "markdownDescription": "A value that sets the amount of time to wait (in milliseconds) before timing out, beginning from when you initially establish a connection.", + "title": "ConnectionTimeout", + "type": "number" + }, + "DateFormat": { + "markdownDescription": "The date format that you are using. Valid values are `auto` (case-sensitive), your date format string enclosed in quotes, or NULL. If this parameter is left unset (NULL), it defaults to a format of 'YYYY-MM-DD'. Using `auto` recognizes most strings, even some that aren't supported when you use a date format string.\n\nIf your date and time values use formats different from each other, set this to `auto` .", + "title": "DateFormat", "type": "string" }, - "CloudwatchLogStream": { - "markdownDescription": "The name of the CloudWatch Logs log stream to which the connection data is published.", - "title": "CloudwatchLogStream", + "EmptyAsNull": { + "markdownDescription": "A value that specifies whether AWS DMS should migrate empty CHAR and VARCHAR fields as NULL. A value of `true` sets empty CHAR and VARCHAR fields to null. The default is `false` .", + "title": "EmptyAsNull", + "type": "boolean" + }, + "EncryptionMode": { + "markdownDescription": "The type of server-side encryption that you want to use for your data. This encryption type is part of the endpoint settings or the extra connections attributes for Amazon S3. You can choose either `SSE_S3` (the default) or `SSE_KMS` .\n\n> For the `ModifyEndpoint` operation, you can change the existing value of the `EncryptionMode` parameter from `SSE_KMS` to `SSE_S3` . But you can\u2019t change the existing value from `SSE_S3` to `SSE_KMS` . \n\nTo use `SSE_S3` , create an AWS Identity and Access Management (IAM) role with a policy that allows `\"arn:aws:s3:::*\"` to use the following actions: `\"s3:PutObject\", \"s3:ListBucket\"`", + "title": "EncryptionMode", "type": "string" }, - "Enabled": { - "markdownDescription": "Indicates whether connection logging is enabled.", - "title": "Enabled", + "ExplicitIds": { + "markdownDescription": "This setting is only valid for a full-load migration task. Set `ExplicitIds` to `true` to have tables with `IDENTITY` columns override their auto-generated values with explicit values loaded from the source data files used to populate the tables. The default is `false` .", + "title": "ExplicitIds", "type": "boolean" - } - }, - "required": [ - "Enabled" - ], - "type": "object" - }, - "AWS::EC2::ClientVpnEndpoint.DirectoryServiceAuthenticationRequest": { - "additionalProperties": false, - "properties": { - "DirectoryId": { - "markdownDescription": "The ID of the Active Directory to be used for authentication.", - "title": "DirectoryId", + }, + "FileTransferUploadStreams": { + "markdownDescription": "The number of threads used to upload a single file. This parameter accepts a value from 1 through 64. It defaults to 10.\n\nThe number of parallel streams used to upload a single .csv file to an S3 bucket using S3 Multipart Upload. For more information, see [Multipart upload overview](https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html) .\n\n`FileTransferUploadStreams` accepts a value from 1 through 64. It defaults to 10.", + "title": "FileTransferUploadStreams", + "type": "number" + }, + "LoadTimeout": { + "markdownDescription": "The amount of time to wait (in milliseconds) before timing out of operations performed by AWS DMS on a Redshift cluster, such as Redshift COPY, INSERT, DELETE, and UPDATE.", + "title": "LoadTimeout", + "type": "number" + }, + "MapBooleanAsBoolean": { + "markdownDescription": "When true, lets Redshift migrate the boolean type as boolean. By default, Redshift migrates booleans as `varchar(1)` . You must set this setting on both the source and target endpoints for it to take effect.", + "title": "MapBooleanAsBoolean", + "type": "boolean" + }, + "MaxFileSize": { + "markdownDescription": "The maximum size (in KB) of any .csv file used to load data on an S3 bucket and transfer data to Amazon Redshift. It defaults to 1048576KB (1 GB).", + "title": "MaxFileSize", + "type": "number" + }, + "RemoveQuotes": { + "markdownDescription": "A value that specifies to remove surrounding quotation marks from strings in the incoming data. All characters within the quotation marks, including delimiters, are retained. Choose `true` to remove quotation marks. The default is `false` .", + "title": "RemoveQuotes", + "type": "boolean" + }, + "ReplaceChars": { + "markdownDescription": "A value that specifies to replaces the invalid characters specified in `ReplaceInvalidChars` , substituting the specified characters instead. The default is `\"?\"` .", + "title": "ReplaceChars", + "type": "string" + }, + "ReplaceInvalidChars": { + "markdownDescription": "A list of characters that you want to replace. Use with `ReplaceChars` .", + "title": "ReplaceInvalidChars", + "type": "string" + }, + "SecretsManagerAccessRoleArn": { + "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the Amazon Redshift endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", + "title": "SecretsManagerAccessRoleArn", + "type": "string" + }, + "SecretsManagerSecretId": { + "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the Amazon Redshift endpoint connection details.", + "title": "SecretsManagerSecretId", + "type": "string" + }, + "ServerSideEncryptionKmsKeyId": { + "markdownDescription": "The AWS KMS key ID. If you are using `SSE_KMS` for the `EncryptionMode` , provide this key ID. The key that you use needs an attached policy that enables IAM user permissions and allows use of the key.", + "title": "ServerSideEncryptionKmsKeyId", + "type": "string" + }, + "ServiceAccessRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that has access to the Amazon Redshift service. The role must allow the `iam:PassRole` action.", + "title": "ServiceAccessRoleArn", + "type": "string" + }, + "TimeFormat": { + "markdownDescription": "The time format that you want to use. Valid values are `auto` (case-sensitive), `'timeformat_string'` , `'epochsecs'` , or `'epochmillisecs'` . It defaults to 10. Using `auto` recognizes most strings, even some that aren't supported when you use a time format string.\n\nIf your date and time values use formats different from each other, set this parameter to `auto` .", + "title": "TimeFormat", "type": "string" + }, + "TrimBlanks": { + "markdownDescription": "A value that specifies to remove the trailing white space characters from a VARCHAR string. This parameter applies only to columns with a VARCHAR data type. Choose `true` to remove unneeded white space. The default is `false` .", + "title": "TrimBlanks", + "type": "boolean" + }, + "TruncateColumns": { + "markdownDescription": "A value that specifies to truncate data in columns to the appropriate number of characters, so that the data fits in the column. This parameter applies only to columns with a VARCHAR or CHAR data type, and rows with a size of 4 MB or less. Choose `true` to truncate data. The default is `false` .", + "title": "TruncateColumns", + "type": "boolean" + }, + "WriteBufferSize": { + "markdownDescription": "The size (in KB) of the in-memory file write buffer used when generating .csv files on the local disk at the DMS replication instance. The default value is 1000 (buffer size is 1000KB).", + "title": "WriteBufferSize", + "type": "number" } }, - "required": [ - "DirectoryId" - ], "type": "object" }, - "AWS::EC2::ClientVpnEndpoint.FederatedAuthenticationRequest": { + "AWS::DMS::Endpoint.S3Settings": { "additionalProperties": false, "properties": { - "SAMLProviderArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM SAML identity provider.", - "title": "SAMLProviderArn", + "AddColumnName": { + "markdownDescription": "An optional parameter that, when set to `true` or `y` , you can use to add column name information to the .csv output file.\n\nThe default value is `false` . Valid values are `true` , `false` , `y` , and `n` .", + "title": "AddColumnName", + "type": "boolean" + }, + "AddTrailingPaddingCharacter": { + "markdownDescription": "Use the S3 target endpoint setting `AddTrailingPaddingCharacter` to add padding on string data. The default value is `false` .", + "title": "AddTrailingPaddingCharacter", + "type": "boolean" + }, + "BucketFolder": { + "markdownDescription": "An optional parameter to set a folder name in the S3 bucket. If provided, tables are created in the path `*bucketFolder* / *schema_name* / *table_name* /` . If this parameter isn't specified, the path used is `*schema_name* / *table_name* /` .", + "title": "BucketFolder", "type": "string" }, - "SelfServiceSAMLProviderArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM SAML identity provider for the self-service portal.", - "title": "SelfServiceSAMLProviderArn", + "BucketName": { + "markdownDescription": "The name of the S3 bucket.", + "title": "BucketName", + "type": "string" + }, + "CannedAclForObjects": { + "markdownDescription": "A value that enables AWS DMS to specify a predefined (canned) access control list (ACL) for objects created in an Amazon S3 bucket as .csv or .parquet files. For more information about Amazon S3 canned ACLs, see [Canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) in the *Amazon S3 Developer Guide* .\n\nThe default value is NONE. Valid values include NONE, PRIVATE, PUBLIC_READ, PUBLIC_READ_WRITE, AUTHENTICATED_READ, AWS_EXEC_READ, BUCKET_OWNER_READ, and BUCKET_OWNER_FULL_CONTROL.", + "title": "CannedAclForObjects", + "type": "string" + }, + "CdcInsertsAndUpdates": { + "markdownDescription": "A value that enables a change data capture (CDC) load to write INSERT and UPDATE operations to .csv or .parquet (columnar storage) output files. The default setting is `false` , but when `CdcInsertsAndUpdates` is set to `true` or `y` , only INSERTs and UPDATEs from the source database are migrated to the .csv or .parquet file.\n\nFor .csv file format only, how these INSERTs and UPDATEs are recorded depends on the value of the `IncludeOpForFullLoad` parameter. If `IncludeOpForFullLoad` is set to `true` , the first field of every CDC record is set to either `I` or `U` to indicate INSERT and UPDATE operations at the source. But if `IncludeOpForFullLoad` is set to `false` , CDC records are written without an indication of INSERT or UPDATE operations at the source. For more information about how these settings work together, see [Indicating Source DB Operations in Migrated S3 Data](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.Configuring.InsertOps) in the *AWS Database Migration Service User Guide* .\n\n> AWS DMS supports the use of the `CdcInsertsAndUpdates` parameter in versions 3.3.1 and later.\n> \n> `CdcInsertsOnly` and `CdcInsertsAndUpdates` can't both be set to `true` for the same endpoint. Set either `CdcInsertsOnly` or `CdcInsertsAndUpdates` to `true` for the same endpoint, but not both.", + "title": "CdcInsertsAndUpdates", + "type": "boolean" + }, + "CdcInsertsOnly": { + "markdownDescription": "A value that enables a change data capture (CDC) load to write only INSERT operations to .csv or columnar storage (.parquet) output files. By default (the `false` setting), the first field in a .csv or .parquet record contains the letter I (INSERT), U (UPDATE), or D (DELETE). These values indicate whether the row was inserted, updated, or deleted at the source database for a CDC load to the target.\n\nIf `CdcInsertsOnly` is set to `true` or `y` , only INSERTs from the source database are migrated to the .csv or .parquet file. For .csv format only, how these INSERTs are recorded depends on the value of `IncludeOpForFullLoad` . If `IncludeOpForFullLoad` is set to `true` , the first field of every CDC record is set to I to indicate the INSERT operation at the source. If `IncludeOpForFullLoad` is set to `false` , every CDC record is written without a first field to indicate the INSERT operation at the source. For more information about how these settings work together, see [Indicating Source DB Operations in Migrated S3 Data](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.Configuring.InsertOps) in the *AWS Database Migration Service User Guide* .\n\n> AWS DMS supports the interaction described preceding between the `CdcInsertsOnly` and `IncludeOpForFullLoad` parameters in versions 3.1.4 and later.\n> \n> `CdcInsertsOnly` and `CdcInsertsAndUpdates` can't both be set to `true` for the same endpoint. Set either `CdcInsertsOnly` or `CdcInsertsAndUpdates` to `true` for the same endpoint, but not both.", + "title": "CdcInsertsOnly", + "type": "boolean" + }, + "CdcMaxBatchInterval": { + "markdownDescription": "Maximum length of the interval, defined in seconds, after which to output a file to Amazon S3.\n\nWhen `CdcMaxBatchInterval` and `CdcMinFileSize` are both specified, the file write is triggered by whichever parameter condition is met first within an AWS DMS CloudFormation template.\n\nThe default value is 60 seconds.", + "title": "CdcMaxBatchInterval", + "type": "number" + }, + "CdcMinFileSize": { + "markdownDescription": "Minimum file size, defined in kilobytes, to reach for a file output to Amazon S3.\n\nWhen `CdcMinFileSize` and `CdcMaxBatchInterval` are both specified, the file write is triggered by whichever parameter condition is met first within an AWS DMS CloudFormation template.\n\nThe default value is 32 MB.", + "title": "CdcMinFileSize", + "type": "number" + }, + "CdcPath": { + "markdownDescription": "Specifies the folder path of CDC files. For an S3 source, this setting is required if a task captures change data; otherwise, it's optional. If `CdcPath` is set, AWS DMS reads CDC files from this path and replicates the data changes to the target endpoint. For an S3 target if you set [`PreserveTransactions`](https://docs.aws.amazon.com/dms/latest/APIReference/API_S3Settings.html#DMS-Type-S3Settings-PreserveTransactions) to `true` , AWS DMS verifies that you have set this parameter to a folder path on your S3 target where AWS DMS can save the transaction order for the CDC load. AWS DMS creates this CDC folder path in either your S3 target working directory or the S3 target location specified by [`BucketFolder`](https://docs.aws.amazon.com/dms/latest/APIReference/API_S3Settings.html#DMS-Type-S3Settings-BucketFolder) and [`BucketName`](https://docs.aws.amazon.com/dms/latest/APIReference/API_S3Settings.html#DMS-Type-S3Settings-BucketName) .\n\nFor example, if you specify `CdcPath` as `MyChangedData` , and you specify `BucketName` as `MyTargetBucket` but do not specify `BucketFolder` , AWS DMS creates the CDC folder path following: `MyTargetBucket/MyChangedData` .\n\nIf you specify the same `CdcPath` , and you specify `BucketName` as `MyTargetBucket` and `BucketFolder` as `MyTargetData` , AWS DMS creates the CDC folder path following: `MyTargetBucket/MyTargetData/MyChangedData` .\n\nFor more information on CDC including transaction order on an S3 target, see [Capturing data changes (CDC) including transaction order on the S3 target](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.EndpointSettings.CdcPath) .\n\n> This setting is supported in AWS DMS versions 3.4.2 and later.", + "title": "CdcPath", + "type": "string" + }, + "CompressionType": { + "markdownDescription": "An optional parameter. When set to GZIP it enables the service to compress the target files. To allow the service to write the target files uncompressed, either set this parameter to NONE (the default) or don't specify the parameter at all. This parameter applies to both .csv and .parquet file formats.", + "title": "CompressionType", + "type": "string" + }, + "CsvDelimiter": { + "markdownDescription": "The delimiter used to separate columns in the .csv file for both source and target. The default is a comma.", + "title": "CsvDelimiter", + "type": "string" + }, + "CsvNoSupValue": { + "markdownDescription": "This setting only applies if your Amazon S3 output files during a change data capture (CDC) load are written in .csv format. If [`UseCsvNoSupValue`](https://docs.aws.amazon.com/dms/latest/APIReference/API_S3Settings.html#DMS-Type-S3Settings-UseCsvNoSupValue) is set to true, specify a string value that you want AWS DMS to use for all columns not included in the supplemental log. If you do not specify a string value, AWS DMS uses the null value for these columns regardless of the `UseCsvNoSupValue` setting.\n\n> This setting is supported in AWS DMS versions 3.4.1 and later.", + "title": "CsvNoSupValue", + "type": "string" + }, + "CsvNullValue": { + "markdownDescription": "An optional parameter that specifies how AWS DMS treats null values. While handling the null value, you can use this parameter to pass a user-defined string as null when writing to the target. For example, when target columns are not nullable, you can use this option to differentiate between the empty string value and the null value. So, if you set this parameter value to the empty string (\"\" or ''), AWS DMS treats the empty string as the null value instead of `NULL` .\n\nThe default value is `NULL` . Valid values include any valid string.", + "title": "CsvNullValue", + "type": "string" + }, + "CsvRowDelimiter": { + "markdownDescription": "The delimiter used to separate rows in the .csv file for both source and target.\n\nThe default is a carriage return ( `\\n` ).", + "title": "CsvRowDelimiter", + "type": "string" + }, + "DataFormat": { + "markdownDescription": "The format of the data that you want to use for output. You can choose one of the following:\n\n- `csv` : This is a row-based file format with comma-separated values (.csv).\n- `parquet` : Apache Parquet (.parquet) is a columnar storage file format that features efficient compression and provides faster query response.", + "title": "DataFormat", + "type": "string" + }, + "DataPageSize": { + "markdownDescription": "The size of one data page in bytes. This parameter defaults to 1024 * 1024 bytes (1 MiB). This number is used for .parquet file format only.", + "title": "DataPageSize", + "type": "number" + }, + "DatePartitionDelimiter": { + "markdownDescription": "Specifies a date separating delimiter to use during folder partitioning. The default value is `SLASH` . Use this parameter when `DatePartitionedEnabled` is set to `true` .", + "title": "DatePartitionDelimiter", + "type": "string" + }, + "DatePartitionEnabled": { + "markdownDescription": "When set to `true` , this parameter partitions S3 bucket folders based on transaction commit dates. The default value is `false` . For more information about date-based folder partitioning, see [Using date-based folder partitioning](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.DatePartitioning) .", + "title": "DatePartitionEnabled", + "type": "boolean" + }, + "DatePartitionSequence": { + "markdownDescription": "Identifies the sequence of the date format to use during folder partitioning. The default value is `YYYYMMDD` . Use this parameter when `DatePartitionedEnabled` is set to `true` .", + "title": "DatePartitionSequence", + "type": "string" + }, + "DatePartitionTimezone": { + "markdownDescription": "When creating an S3 target endpoint, set `DatePartitionTimezone` to convert the current UTC time into a specified time zone. The conversion occurs when a date partition folder is created and a change data capture (CDC) file name is generated. The time zone format is Area/Location. Use this parameter when `DatePartitionedEnabled` is set to `true` , as shown in the following example.\n\n`s3-settings='{\"DatePartitionEnabled\": true, \"DatePartitionSequence\": \"YYYYMMDDHH\", \"DatePartitionDelimiter\": \"SLASH\", \"DatePartitionTimezone\":\" *Asia/Seoul* \", \"BucketName\": \"dms-nattarat-test\"}'`", + "title": "DatePartitionTimezone", + "type": "string" + }, + "DictPageSizeLimit": { + "markdownDescription": "The maximum size of an encoded dictionary page of a column. If the dictionary page exceeds this, this column is stored using an encoding type of `PLAIN` . This parameter defaults to 1024 * 1024 bytes (1 MiB), the maximum size of a dictionary page before it reverts to `PLAIN` encoding. This size is used for .parquet file format only.", + "title": "DictPageSizeLimit", + "type": "number" + }, + "EnableStatistics": { + "markdownDescription": "A value that enables statistics for Parquet pages and row groups. Choose `true` to enable statistics, `false` to disable. Statistics include `NULL` , `DISTINCT` , `MAX` , and `MIN` values. This parameter defaults to `true` . This value is used for .parquet file format only.", + "title": "EnableStatistics", + "type": "boolean" + }, + "EncodingType": { + "markdownDescription": "The type of encoding that you're using:\n\n- `RLE_DICTIONARY` uses a combination of bit-packing and run-length encoding to store repeated values more efficiently. This is the default.\n- `PLAIN` doesn't use encoding at all. Values are stored as they are.\n- `PLAIN_DICTIONARY` builds a dictionary of the values encountered in a given column. The dictionary is stored in a dictionary page for each column chunk.", + "title": "EncodingType", + "type": "string" + }, + "EncryptionMode": { + "markdownDescription": "The type of server-side encryption that you want to use for your data. This encryption type is part of the endpoint settings or the extra connections attributes for Amazon S3. You can choose either `SSE_S3` (the default) or `SSE_KMS` .\n\n> For the `ModifyEndpoint` operation, you can change the existing value of the `EncryptionMode` parameter from `SSE_KMS` to `SSE_S3` . But you can\u2019t change the existing value from `SSE_S3` to `SSE_KMS` . \n\nTo use `SSE_S3` , you need an IAM role with permission to allow `\"arn:aws:s3:::dms-*\"` to use the following actions:\n\n- `s3:CreateBucket`\n- `s3:ListBucket`\n- `s3:DeleteBucket`\n- `s3:GetBucketLocation`\n- `s3:GetObject`\n- `s3:PutObject`\n- `s3:DeleteObject`\n- `s3:GetObjectVersion`\n- `s3:GetBucketPolicy`\n- `s3:PutBucketPolicy`\n- `s3:DeleteBucketPolicy`", + "title": "EncryptionMode", + "type": "string" + }, + "ExpectedBucketOwner": { + "markdownDescription": "To specify a bucket owner and prevent sniping, you can use the `ExpectedBucketOwner` endpoint setting.\n\nExample: `--s3-settings='{\"ExpectedBucketOwner\": \" *AWS_Account_ID* \"}'`\n\nWhen you make a request to test a connection or perform a migration, S3 checks the account ID of the bucket owner against the specified parameter.", + "title": "ExpectedBucketOwner", + "type": "string" + }, + "ExternalTableDefinition": { + "markdownDescription": "The external table definition.\n\nConditional: If `S3` is used as a source then `ExternalTableDefinition` is required.", + "title": "ExternalTableDefinition", + "type": "string" + }, + "GlueCatalogGeneration": { + "markdownDescription": "When true, allows AWS Glue to catalog your S3 bucket. Creating an AWS Glue catalog lets you use Athena to query your data.", + "title": "GlueCatalogGeneration", + "type": "boolean" + }, + "IgnoreHeaderRows": { + "markdownDescription": "When this value is set to 1, AWS DMS ignores the first row header in a .csv file. A value of 1 turns on the feature; a value of 0 turns off the feature.\n\nThe default is 0.", + "title": "IgnoreHeaderRows", + "type": "number" + }, + "IncludeOpForFullLoad": { + "markdownDescription": "A value that enables a full load to write INSERT operations to the comma-separated value (.csv) output files only to indicate how the rows were added to the source database.\n\n> AWS DMS supports the `IncludeOpForFullLoad` parameter in versions 3.1.4 and later. \n\nFor full load, records can only be inserted. By default (the `false` setting), no information is recorded in these output files for a full load to indicate that the rows were inserted at the source database. If `IncludeOpForFullLoad` is set to `true` or `y` , the INSERT is recorded as an I annotation in the first field of the .csv file. This allows the format of your target records from a full load to be consistent with the target records from a CDC load.\n\n> This setting works together with the `CdcInsertsOnly` and the `CdcInsertsAndUpdates` parameters for output to .csv files only. For more information about how these settings work together, see [Indicating Source DB Operations in Migrated S3 Data](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.Configuring.InsertOps) in the *AWS Database Migration Service User Guide* .", + "title": "IncludeOpForFullLoad", + "type": "boolean" + }, + "MaxFileSize": { + "markdownDescription": "A value that specifies the maximum size (in KB) of any .csv file to be created while migrating to an S3 target during full load.\n\nThe default value is 1,048,576 KB (1 GB). Valid values include 1 to 1,048,576.", + "title": "MaxFileSize", + "type": "number" + }, + "ParquetTimestampInMillisecond": { + "markdownDescription": "A value that specifies the precision of any `TIMESTAMP` column values that are written to an Amazon S3 object file in .parquet format.\n\n> AWS DMS supports the `ParquetTimestampInMillisecond` parameter in versions 3.1.4 and later. \n\nWhen `ParquetTimestampInMillisecond` is set to `true` or `y` , AWS DMS writes all `TIMESTAMP` columns in a .parquet formatted file with millisecond precision. Otherwise, DMS writes them with microsecond precision.\n\nCurrently, Amazon Athena and AWS Glue can handle only millisecond precision for `TIMESTAMP` values. Set this parameter to `true` for S3 endpoint object files that are .parquet formatted only if you plan to query or process the data with Athena or AWS Glue .\n\n> AWS DMS writes any `TIMESTAMP` column values written to an S3 file in .csv format with microsecond precision.\n> \n> Setting `ParquetTimestampInMillisecond` has no effect on the string format of the timestamp column value that is inserted by setting the `TimestampColumnName` parameter.", + "title": "ParquetTimestampInMillisecond", + "type": "boolean" + }, + "ParquetVersion": { + "markdownDescription": "The version of the Apache Parquet format that you want to use: `parquet_1_0` (the default) or `parquet_2_0` .", + "title": "ParquetVersion", + "type": "string" + }, + "PreserveTransactions": { + "markdownDescription": "If this setting is set to `true` , AWS DMS saves the transaction order for a change data capture (CDC) load on the Amazon S3 target specified by [`CdcPath`](https://docs.aws.amazon.com/dms/latest/APIReference/API_S3Settings.html#DMS-Type-S3Settings-CdcPath) . For more information, see [Capturing data changes (CDC) including transaction order on the S3 target](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.EndpointSettings.CdcPath) .\n\n> This setting is supported in AWS DMS versions 3.4.2 and later.", + "title": "PreserveTransactions", + "type": "boolean" + }, + "Rfc4180": { + "markdownDescription": "For an S3 source, when this value is set to `true` or `y` , each leading double quotation mark has to be followed by an ending double quotation mark. This formatting complies with RFC 4180. When this value is set to `false` or `n` , string literals are copied to the target as is. In this case, a delimiter (row or column) signals the end of the field. Thus, you can't use a delimiter as part of the string, because it signals the end of the value.\n\nFor an S3 target, an optional parameter used to set behavior to comply with RFC 4180 for data migrated to Amazon S3 using .csv file format only. When this value is set to `true` or `y` using Amazon S3 as a target, if the data has quotation marks or newline characters in it, AWS DMS encloses the entire column with an additional pair of double quotation marks (\"). Every quotation mark within the data is repeated twice.\n\nThe default value is `true` . Valid values include `true` , `false` , `y` , and `n` .", + "title": "Rfc4180", + "type": "boolean" + }, + "RowGroupLength": { + "markdownDescription": "The number of rows in a row group. A smaller row group size provides faster reads. But as the number of row groups grows, the slower writes become. This parameter defaults to 10,000 rows. This number is used for .parquet file format only.\n\nIf you choose a value larger than the maximum, `RowGroupLength` is set to the max row group length in bytes (64 * 1024 * 1024).", + "title": "RowGroupLength", + "type": "number" + }, + "ServerSideEncryptionKmsKeyId": { + "markdownDescription": "If you are using `SSE_KMS` for the `EncryptionMode` , provide the AWS KMS key ID. The key that you use needs an attached policy that enables IAM user permissions and allows use of the key.\n\nHere is a CLI example: `aws dms create-endpoint --endpoint-identifier *value* --endpoint-type target --engine-name s3 --s3-settings ServiceAccessRoleArn= *value* ,BucketFolder= *value* ,BucketName= *value* ,EncryptionMode=SSE_KMS,ServerSideEncryptionKmsKeyId= *value*`", + "title": "ServerSideEncryptionKmsKeyId", + "type": "string" + }, + "ServiceAccessRoleArn": { + "markdownDescription": "A required parameter that specifies the Amazon Resource Name (ARN) used by the service to access the IAM role. The role must allow the `iam:PassRole` action. It enables AWS DMS to read and write objects from an S3 bucket.", + "title": "ServiceAccessRoleArn", "type": "string" + }, + "TimestampColumnName": { + "markdownDescription": "A value that when nonblank causes AWS DMS to add a column with timestamp information to the endpoint data for an Amazon S3 target.\n\n> AWS DMS supports the `TimestampColumnName` parameter in versions 3.1.4 and later. \n\nAWS DMS includes an additional `STRING` column in the .csv or .parquet object files of your migrated data when you set `TimestampColumnName` to a nonblank value.\n\nFor a full load, each row of this timestamp column contains a timestamp for when the data was transferred from the source to the target by DMS.\n\nFor a change data capture (CDC) load, each row of the timestamp column contains the timestamp for the commit of that row in the source database.\n\nThe string format for this timestamp column value is `yyyy-MM-dd HH:mm:ss.SSSSSS` . By default, the precision of this value is in microseconds. For a CDC load, the rounding of the precision depends on the commit timestamp supported by DMS for the source database.\n\nWhen the `AddColumnName` parameter is set to `true` , DMS also includes a name for the timestamp column that you set with `TimestampColumnName` .", + "title": "TimestampColumnName", + "type": "string" + }, + "UseCsvNoSupValue": { + "markdownDescription": "This setting applies if the S3 output files during a change data capture (CDC) load are written in .csv format. If this setting is set to `true` for columns not included in the supplemental log, AWS DMS uses the value specified by [`CsvNoSupValue`](https://docs.aws.amazon.com/dms/latest/APIReference/API_S3Settings.html#DMS-Type-S3Settings-CsvNoSupValue) . If this setting isn't set or is set to `false` , AWS DMS uses the null value for these columns.\n\n> This setting is supported in AWS DMS versions 3.4.1 and later.", + "title": "UseCsvNoSupValue", + "type": "boolean" + }, + "UseTaskStartTimeForFullLoadTimestamp": { + "markdownDescription": "When set to true, this parameter uses the task start time as the timestamp column value instead of the time data is written to target. For full load, when `useTaskStartTimeForFullLoadTimestamp` is set to `true` , each row of the timestamp column contains the task start time. For CDC loads, each row of the timestamp column contains the transaction commit time.\n\nWhen `useTaskStartTimeForFullLoadTimestamp` is set to `false` , the full load timestamp in the timestamp column increments with the time data arrives at the target.", + "title": "UseTaskStartTimeForFullLoadTimestamp", + "type": "boolean" } }, - "required": [ - "SAMLProviderArn" - ], "type": "object" }, - "AWS::EC2::ClientVpnEndpoint.TagSpecification": { + "AWS::DMS::Endpoint.SybaseSettings": { "additionalProperties": false, "properties": { - "ResourceType": { - "markdownDescription": "The type of resource to tag. To tag a Client VPN endpoint, `ResourceType` must be `client-vpn-endpoint` .", - "title": "ResourceType", + "SecretsManagerAccessRoleArn": { + "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the SAP ASE endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", + "title": "SecretsManagerAccessRoleArn", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to apply to the resource.", - "title": "Tags", - "type": "array" + "SecretsManagerSecretId": { + "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the SAP SAE endpoint connection details.", + "title": "SecretsManagerSecretId", + "type": "string" } }, - "required": [ - "ResourceType", - "Tags" - ], "type": "object" }, - "AWS::EC2::ClientVpnRoute": { + "AWS::DMS::EventSubscription": { "additionalProperties": false, "properties": { "Condition": { @@ -69150,37 +75092,59 @@ "Properties": { "additionalProperties": false, "properties": { - "ClientVpnEndpointId": { - "markdownDescription": "The ID of the Client VPN endpoint to which to add the route.", - "title": "ClientVpnEndpointId", - "type": "string" + "Enabled": { + "markdownDescription": "Indicates whether to activate the subscription. If you don't specify this property, AWS CloudFormation activates the subscription.", + "title": "Enabled", + "type": "boolean" }, - "Description": { - "markdownDescription": "A brief description of the route.", - "title": "Description", + "EventCategories": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of event categories for a source type that you want to subscribe to. If you don't specify this property, you are notified about all event categories. For more information, see [Working with Events and Notifications](https://docs.aws.amazon.com//dms/latest/userguide/CHAP_Events.html) in the *AWS DMS User Guide* .", + "title": "EventCategories", + "type": "array" + }, + "SnsTopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic created for event notification. The ARN is created by Amazon SNS when you create a topic and subscribe to it.", + "title": "SnsTopicArn", "type": "string" }, - "DestinationCidrBlock": { - "markdownDescription": "The IPv4 address range, in CIDR notation, of the route destination. For example:\n\n- To add a route for Internet access, enter `0.0.0.0/0`\n- To add a route for a peered VPC, enter the peered VPC's IPv4 CIDR range\n- To add a route for an on-premises network, enter the AWS Site-to-Site VPN connection's IPv4 CIDR range\n- To add a route for the local network, enter the client CIDR range", - "title": "DestinationCidrBlock", + "SourceIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of identifiers for which AWS DMS provides notification events.\n\nIf you don't specify a value, notifications are provided for all sources.\n\nIf you specify multiple values, they must be of the same type. For example, if you specify a database instance ID, then all of the other values must be database instance IDs.", + "title": "SourceIds", + "type": "array" + }, + "SourceType": { + "markdownDescription": "The type of AWS DMS resource that generates the events. For example, if you want to be notified of events generated by a replication instance, you set this parameter to `replication-instance` . If this value isn't specified, all events are returned.\n\n*Valid values* : `replication-instance` | `replication-task`", + "title": "SourceType", "type": "string" }, - "TargetVpcSubnetId": { - "markdownDescription": "The ID of the subnet through which you want to route traffic. The specified subnet must be an existing target network of the Client VPN endpoint.\n\nAlternatively, if you're adding a route for the local network, specify `local` .", - "title": "TargetVpcSubnetId", + "SubscriptionName": { + "markdownDescription": "The name of the AWS DMS event notification subscription. This name must be less than 255 characters.", + "title": "SubscriptionName", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "One or more tags to be assigned to the event subscription.", + "title": "Tags", + "type": "array" } }, "required": [ - "ClientVpnEndpointId", - "DestinationCidrBlock", - "TargetVpcSubnetId" + "SnsTopicArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::ClientVpnRoute" + "AWS::DMS::EventSubscription" ], "type": "string" }, @@ -69199,7 +75163,7 @@ ], "type": "object" }, - "AWS::EC2::ClientVpnTargetNetworkAssociation": { + "AWS::DMS::InstanceProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -69234,26 +75198,68 @@ "Properties": { "additionalProperties": false, "properties": { - "ClientVpnEndpointId": { - "markdownDescription": "The ID of the Client VPN endpoint.", - "title": "ClientVpnEndpointId", + "AvailabilityZone": { + "markdownDescription": "The Availability Zone where the instance profile runs.", + "title": "AvailabilityZone", "type": "string" }, - "SubnetId": { - "markdownDescription": "The ID of the subnet to associate with the Client VPN endpoint.", - "title": "SubnetId", + "Description": { + "markdownDescription": "A description of the instance profile. Descriptions can have up to 31 characters. A description can contain only ASCII letters, digits, and hyphens ('-'). Also, it can't end with a hyphen or contain two consecutive hyphens, and can only begin with a letter.", + "title": "Description", + "type": "string" + }, + "InstanceProfileIdentifier": { + "markdownDescription": "The identifier of the instance profile. Identifiers must begin with a letter and must contain only ASCII letters, digits, and hyphens. They can't end with a hyphen, or contain two consecutive hyphens.", + "title": "InstanceProfileIdentifier", + "type": "string" + }, + "InstanceProfileName": { + "markdownDescription": "The user-friendly name for the instance profile.", + "title": "InstanceProfileName", + "type": "string" + }, + "KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key that is used to encrypt the connection parameters for the instance profile.\n\nIf you don't specify a value for the `KmsKeyArn` parameter, then AWS DMS uses your default encryption key.\n\nAWS KMS creates the default encryption key for your AWS account . Your AWS account has a different default encryption key for each AWS Region .", + "title": "KmsKeyArn", "type": "string" + }, + "NetworkType": { + "markdownDescription": "Specifies the network type for the instance profile. A value of `IPV4` represents an instance profile with IPv4 network type and only supports IPv4 addressing. A value of `IPV6` represents an instance profile with IPv6 network type and only supports IPv6 addressing. A value of `DUAL` represents an instance profile with dual network type that supports IPv4 and IPv6 addressing.", + "title": "NetworkType", + "type": "string" + }, + "PubliclyAccessible": { + "markdownDescription": "Specifies the accessibility options for the instance profile. A value of `true` represents an instance profile with a public IP address. A value of `false` represents an instance profile with a private IP address. The default value is `true` .", + "title": "PubliclyAccessible", + "type": "boolean" + }, + "SubnetGroupIdentifier": { + "markdownDescription": "The identifier of the subnet group that is associated with the instance profile.", + "title": "SubnetGroupIdentifier", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + }, + "VpcSecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The VPC security groups that are used with the instance profile. The VPC security group must work with the VPC containing the instance profile.", + "title": "VpcSecurityGroups", + "type": "array" } }, - "required": [ - "ClientVpnEndpointId", - "SubnetId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::ClientVpnTargetNetworkAssociation" + "AWS::DMS::InstanceProfile" ], "type": "string" }, @@ -69267,12 +75273,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::EC2::CustomerGateway": { + "AWS::DMS::MigrationProject": { "additionalProperties": false, "properties": { "Condition": { @@ -69307,49 +75312,76 @@ "Properties": { "additionalProperties": false, "properties": { - "BgpAsn": { - "markdownDescription": "For customer gateway devices that support BGP, specify the device's ASN. You must specify either `BgpAsn` or `BgpAsnExtended` when creating the customer gateway. If the ASN is larger than `2,147,483,647` , you must use `BgpAsnExtended` .\n\nDefault: 65000\n\nValid values: `1` to `2,147,483,647`", - "title": "BgpAsn", - "type": "number" + "Description": { + "markdownDescription": "A user-friendly description of the migration project.", + "title": "Description", + "type": "string" }, - "CertificateArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the customer gateway certificate.", - "title": "CertificateArn", + "InstanceProfileArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance profile for your migration project.", + "title": "InstanceProfileArn", "type": "string" }, - "DeviceName": { - "markdownDescription": "The name of customer gateway device.", - "title": "DeviceName", + "InstanceProfileIdentifier": { + "markdownDescription": "The identifier of the instance profile for your migration project.", + "title": "InstanceProfileIdentifier", "type": "string" }, - "IpAddress": { - "markdownDescription": "IPv4 address for the customer gateway device's outside interface. The address must be static. If `OutsideIpAddressType` in your VPN connection options is set to `PrivateIpv4` , you can use an RFC6598 or RFC1918 private IPv4 address. If `OutsideIpAddressType` is set to `PublicIpv4` , you can use a public IPv4 address.", - "title": "IpAddress", + "InstanceProfileName": { + "markdownDescription": "The name of the associated instance profile.", + "title": "InstanceProfileName", + "type": "string" + }, + "MigrationProjectIdentifier": { + "markdownDescription": "The identifier of the migration project. Identifiers must begin with a letter and must contain only ASCII letters, digits, and hyphens. They can't end with a hyphen, or contain two consecutive hyphens.", + "title": "MigrationProjectIdentifier", "type": "string" }, + "MigrationProjectName": { + "markdownDescription": "The name of the migration project.", + "title": "MigrationProjectName", + "type": "string" + }, + "SchemaConversionApplicationAttributes": { + "$ref": "#/definitions/AWS::DMS::MigrationProject.SchemaConversionApplicationAttributes", + "markdownDescription": "The schema conversion application attributes, including the Amazon S3 bucket name and Amazon S3 role ARN.", + "title": "SchemaConversionApplicationAttributes" + }, + "SourceDataProviderDescriptors": { + "items": { + "$ref": "#/definitions/AWS::DMS::MigrationProject.DataProviderDescriptor" + }, + "markdownDescription": "Information about the source data provider, including the name or ARN, and AWS Secrets Manager parameters.", + "title": "SourceDataProviderDescriptors", + "type": "array" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "One or more tags for the customer gateway.", + "markdownDescription": "", "title": "Tags", "type": "array" }, - "Type": { - "markdownDescription": "The type of VPN connection that this customer gateway supports ( `ipsec.1` ).", - "title": "Type", + "TargetDataProviderDescriptors": { + "items": { + "$ref": "#/definitions/AWS::DMS::MigrationProject.DataProviderDescriptor" + }, + "markdownDescription": "Information about the target data provider, including the name or ARN, and AWS Secrets Manager parameters.", + "title": "TargetDataProviderDescriptors", + "type": "array" + }, + "TransformationRules": { + "markdownDescription": "The settings in JSON format for migration rules. Migration rules make it possible for you to change the object names according to the rules that you specify. For example, you can change an object name to lowercase or uppercase, add or remove a prefix or suffix, or rename objects.", + "title": "TransformationRules", "type": "string" } }, - "required": [ - "IpAddress", - "Type" - ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::CustomerGateway" + "AWS::DMS::MigrationProject" ], "type": "string" }, @@ -69363,117 +75395,58 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::EC2::DHCPOptions": { + "AWS::DMS::MigrationProject.DataProviderDescriptor": { "additionalProperties": false, "properties": { - "Condition": { + "DataProviderArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the data provider.", + "title": "DataProviderArn", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DataProviderIdentifier": { + "markdownDescription": "", + "title": "DataProviderIdentifier", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "DataProviderName": { + "markdownDescription": "The user-friendly name of the data provider.", + "title": "DataProviderName", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DomainName": { - "markdownDescription": "This value is used to complete unqualified DNS hostnames. If you're using AmazonProvidedDNS in `us-east-1` , specify `ec2.internal` . If you're using AmazonProvidedDNS in another Region, specify *region* . `compute.internal` (for example, `ap-northeast-1.compute.internal` ). Otherwise, specify a domain name (for example, *MyCompany.com* ).", - "title": "DomainName", - "type": "string" - }, - "DomainNameServers": { - "items": { - "type": "string" - }, - "markdownDescription": "The IPv4 addresses of up to four domain name servers, or `AmazonProvidedDNS` . The default is `AmazonProvidedDNS` . To have your instance receive a custom DNS hostname as specified in `DomainName` , you must set this property to a custom DNS server.", - "title": "DomainNameServers", - "type": "array" - }, - "Ipv6AddressPreferredLeaseTime": { - "markdownDescription": "A value (in seconds, minutes, hours, or years) for how frequently a running instance with an IPv6 assigned to it goes through DHCPv6 lease renewal. Acceptable values are between 140 and 2147483647 seconds (approximately 68 years). If no value is entered, the default lease time is 140 seconds. If you use long-term addressing for EC2 instances, you can increase the lease time and avoid frequent lease renewal requests. Lease renewal typically occurs when half of the lease time has elapsed.", - "title": "Ipv6AddressPreferredLeaseTime", - "type": "number" - }, - "NetbiosNameServers": { - "items": { - "type": "string" - }, - "markdownDescription": "The IPv4 addresses of up to four NetBIOS name servers.", - "title": "NetbiosNameServers", - "type": "array" - }, - "NetbiosNodeType": { - "markdownDescription": "The NetBIOS node type (1, 2, 4, or 8). We recommend that you specify 2 (broadcast and multicast are not currently supported).", - "title": "NetbiosNodeType", - "type": "number" - }, - "NtpServers": { - "items": { - "type": "string" - }, - "markdownDescription": "The IPv4 addresses of up to four Network Time Protocol (NTP) servers.", - "title": "NtpServers", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Any tags assigned to the DHCP options set.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" + "SecretsManagerAccessRoleArn": { + "markdownDescription": "The ARN of the role used to access AWS Secrets Manager.", + "title": "SecretsManagerAccessRoleArn", + "type": "string" }, - "Type": { - "enum": [ - "AWS::EC2::DHCPOptions" - ], + "SecretsManagerSecretId": { + "markdownDescription": "The identifier of the AWS Secrets Manager Secret used to store access credentials for the data provider.", + "title": "SecretsManagerSecretId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DMS::MigrationProject.SchemaConversionApplicationAttributes": { + "additionalProperties": false, + "properties": { + "S3BucketPath": { + "markdownDescription": "", + "title": "S3BucketPath", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "S3BucketRoleArn": { + "markdownDescription": "", + "title": "S3BucketRoleArn", "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::EC2::EC2Fleet": { + "AWS::DMS::ReplicationConfig": { "additionalProperties": false, "properties": { "Condition": { @@ -69508,82 +75481,73 @@ "Properties": { "additionalProperties": false, "properties": { - "Context": { - "markdownDescription": "Reserved.", - "title": "Context", + "ComputeConfig": { + "$ref": "#/definitions/AWS::DMS::ReplicationConfig.ComputeConfig", + "markdownDescription": "Configuration parameters for provisioning an AWS DMS Serverless replication.", + "title": "ComputeConfig" + }, + "ReplicationConfigIdentifier": { + "markdownDescription": "A unique identifier that you want to use to create a `ReplicationConfigArn` that is returned as part of the output from this action. You can then pass this output `ReplicationConfigArn` as the value of the `ReplicationConfigArn` option for other actions to identify both AWS DMS Serverless replications and replication configurations that you want those actions to operate on. For some actions, you can also use either this unique identifier or a corresponding ARN in action filters to identify the specific replication and replication configuration to operate on.", + "title": "ReplicationConfigIdentifier", "type": "string" }, - "ExcessCapacityTerminationPolicy": { - "markdownDescription": "Indicates whether running instances should be terminated if the total target capacity of the EC2 Fleet is decreased below the current size of the EC2 Fleet.\n\nSupported only for fleets of type `maintain` .", - "title": "ExcessCapacityTerminationPolicy", + "ReplicationSettings": { + "markdownDescription": "Optional JSON settings for AWS DMS Serverless replications that are provisioned using this replication configuration. For example, see [Change processing tuning settings](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TaskSettings.ChangeProcessingTuning.html) .", + "title": "ReplicationSettings", + "type": "object" + }, + "ReplicationType": { + "markdownDescription": "The type of AWS DMS Serverless replication to provision using this replication configuration.\n\nPossible values:\n\n- `\"full-load\"`\n- `\"cdc\"`\n- `\"full-load-and-cdc\"`", + "title": "ReplicationType", "type": "string" }, - "LaunchTemplateConfigs": { - "items": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.FleetLaunchTemplateConfigRequest" - }, - "markdownDescription": "The configuration for the EC2 Fleet.", - "title": "LaunchTemplateConfigs", - "type": "array" + "ResourceIdentifier": { + "markdownDescription": "Optional unique value or name that you set for a given resource that can be used to construct an Amazon Resource Name (ARN) for that resource. For more information, see [Fine-grained access control using resource names and tags](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#CHAP_Security.FineGrainedAccess) .", + "title": "ResourceIdentifier", + "type": "string" }, - "OnDemandOptions": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.OnDemandOptionsRequest", - "markdownDescription": "Describes the configuration of On-Demand Instances in an EC2 Fleet.", - "title": "OnDemandOptions" + "SourceEndpointArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the source endpoint for this AWS DMS Serverless replication configuration.", + "title": "SourceEndpointArn", + "type": "string" }, - "ReplaceUnhealthyInstances": { - "markdownDescription": "Indicates whether EC2 Fleet should replace unhealthy Spot Instances. Supported only for fleets of type `maintain` . For more information, see [EC2 Fleet health checks](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/manage-ec2-fleet.html#ec2-fleet-health-checks) in the *Amazon EC2 User Guide* .", - "title": "ReplaceUnhealthyInstances", - "type": "boolean" + "SupplementalSettings": { + "markdownDescription": "Optional JSON settings for specifying supplemental data. For more information, see [Specifying supplemental data for task settings](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.TaskData.html) .", + "title": "SupplementalSettings", + "type": "object" }, - "SpotOptions": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.SpotOptionsRequest", - "markdownDescription": "Describes the configuration of Spot Instances in an EC2 Fleet.", - "title": "SpotOptions" + "TableMappings": { + "markdownDescription": "JSON table mappings for AWS DMS Serverless replications that are provisioned using this replication configuration. For more information, see [Specifying table selection and transformations rules using JSON](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TableMapping.SelectionTransformation.html) .", + "title": "TableMappings", + "type": "object" }, - "TagSpecifications": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.TagSpecification" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The key-value pair for tagging the EC2 Fleet request on creation. For more information, see [Tag your resources](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#tag-resources) .\n\nIf the fleet type is `instant` , specify a resource type of `fleet` to tag the fleet or `instance` to tag the instances at launch.\n\nIf the fleet type is `maintain` or `request` , specify a resource type of `fleet` to tag the fleet. You cannot specify a resource type of `instance` . To tag instances at launch, specify the tags in a [launch template](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html#create-launch-template) .", - "title": "TagSpecifications", + "markdownDescription": "One or more optional tags associated with resources used by the AWS DMS Serverless replication. For more information, see [Tagging resources in AWS Database Migration Service](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tagging.html) .", + "title": "Tags", "type": "array" }, - "TargetCapacitySpecification": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.TargetCapacitySpecificationRequest", - "markdownDescription": "The number of units to request.", - "title": "TargetCapacitySpecification" - }, - "TerminateInstancesWithExpiration": { - "markdownDescription": "Indicates whether running instances should be terminated when the EC2 Fleet expires.", - "title": "TerminateInstancesWithExpiration", - "type": "boolean" - }, - "Type": { - "markdownDescription": "The fleet type. The default value is `maintain` .\n\n- `maintain` - The EC2 Fleet places an asynchronous request for your desired capacity, and continues to maintain your desired Spot capacity by replenishing interrupted Spot Instances.\n- `request` - The EC2 Fleet places an asynchronous one-time request for your desired capacity, but does submit Spot requests in alternative capacity pools if Spot capacity is unavailable, and does not maintain Spot capacity if Spot Instances are interrupted.\n- `instant` - The EC2 Fleet places a synchronous one-time request for your desired capacity, and returns errors for any instances that could not be launched.\n\nFor more information, see [EC2 Fleet request types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-request-type.html) in the *Amazon EC2 User Guide* .", - "title": "Type", - "type": "string" - }, - "ValidFrom": { - "markdownDescription": "The start date and time of the request, in UTC format (for example, *YYYY* - *MM* - *DD* T *HH* : *MM* : *SS* Z). The default is to start fulfilling the request immediately.", - "title": "ValidFrom", - "type": "string" - }, - "ValidUntil": { - "markdownDescription": "The end date and time of the request, in UTC format (for example, *YYYY* - *MM* - *DD* T *HH* : *MM* : *SS* Z). At this point, no new EC2 Fleet requests are placed or able to fulfill the request. If no value is specified, the request remains until you cancel it.", - "title": "ValidUntil", + "TargetEndpointArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the target endpoint for this AWS DMS serverless replication configuration.", + "title": "TargetEndpointArn", "type": "string" } }, "required": [ - "LaunchTemplateConfigs", - "TargetCapacitySpecification" + "ComputeConfig", + "ReplicationConfigIdentifier", + "ReplicationType", + "SourceEndpointArn", + "TableMappings", + "TargetEndpointArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::EC2Fleet" + "AWS::DMS::ReplicationConfig" ], "type": "string" }, @@ -69602,609 +75566,64 @@ ], "type": "object" }, - "AWS::EC2::EC2Fleet.AcceleratorCountRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum number of accelerators. To specify no maximum limit, omit this parameter. To exclude accelerator-enabled instance types, set `Max` to `0` .", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum number of accelerators. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::EC2Fleet.AcceleratorTotalMemoryMiBRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum amount of accelerator memory, in MiB. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum amount of accelerator memory, in MiB. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::EC2Fleet.BaselineEbsBandwidthMbpsRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum baseline bandwidth, in Mbps. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum baseline bandwidth, in Mbps. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::EC2Fleet.CapacityRebalance": { - "additionalProperties": false, - "properties": { - "ReplacementStrategy": { - "markdownDescription": "The replacement strategy to use. Only available for fleets of type `maintain` .\n\n`launch` - EC2 Fleet launches a replacement Spot Instance when a rebalance notification is emitted for an existing Spot Instance in the fleet. EC2 Fleet does not terminate the instances that receive a rebalance notification. You can terminate the old instances, or you can leave them running. You are charged for all instances while they are running.\n\n`launch-before-terminate` - EC2 Fleet launches a replacement Spot Instance when a rebalance notification is emitted for an existing Spot Instance in the fleet, and then, after a delay that you specify (in `TerminationDelay` ), terminates the instances that received a rebalance notification.", - "title": "ReplacementStrategy", - "type": "string" - }, - "TerminationDelay": { - "markdownDescription": "The amount of time (in seconds) that Amazon EC2 waits before terminating the old Spot Instance after launching a new replacement Spot Instance.\n\nRequired when `ReplacementStrategy` is set to `launch-before-terminate` .\n\nNot valid when `ReplacementStrategy` is set to `launch` .\n\nValid values: Minimum value of `120` seconds. Maximum value of `7200` seconds.", - "title": "TerminationDelay", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::EC2Fleet.CapacityReservationOptionsRequest": { - "additionalProperties": false, - "properties": { - "UsageStrategy": { - "markdownDescription": "Indicates whether to use unused Capacity Reservations for fulfilling On-Demand capacity.\n\nIf you specify `use-capacity-reservations-first` , the fleet uses unused Capacity Reservations to fulfill On-Demand capacity up to the target On-Demand capacity. If multiple instance pools have unused Capacity Reservations, the On-Demand allocation strategy ( `lowest-price` or `prioritized` ) is applied. If the number of unused Capacity Reservations is less than the On-Demand target capacity, the remaining On-Demand target capacity is launched according to the On-Demand allocation strategy ( `lowest-price` or `prioritized` ).\n\nIf you do not specify a value, the fleet fulfils the On-Demand capacity according to the chosen On-Demand allocation strategy.", - "title": "UsageStrategy", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::EC2Fleet.FleetLaunchTemplateConfigRequest": { - "additionalProperties": false, - "properties": { - "LaunchTemplateSpecification": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.FleetLaunchTemplateSpecificationRequest", - "markdownDescription": "The launch template to use. You must specify either the launch template ID or launch template name in the request.", - "title": "LaunchTemplateSpecification" - }, - "Overrides": { - "items": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.FleetLaunchTemplateOverridesRequest" - }, - "markdownDescription": "Any parameters that you specify override the same parameters in the launch template.\n\nFor fleets of type `request` and `maintain` , a maximum of 300 items is allowed across all launch templates.", - "title": "Overrides", - "type": "array" - } - }, - "type": "object" - }, - "AWS::EC2::EC2Fleet.FleetLaunchTemplateOverridesRequest": { + "AWS::DMS::ReplicationConfig.ComputeConfig": { "additionalProperties": false, "properties": { "AvailabilityZone": { - "markdownDescription": "The Availability Zone in which to launch the instances.", + "markdownDescription": "The Availability Zone where the AWS DMS Serverless replication using this configuration will run. The default value is a random, system-chosen Availability Zone in the configuration's AWS Region , for example, `\"us-west-2\"` . You can't set this parameter if the `MultiAZ` parameter is set to `true` .", "title": "AvailabilityZone", "type": "string" }, - "InstanceRequirements": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.InstanceRequirementsRequest", - "markdownDescription": "The attributes for the instance types. When you specify instance attributes, Amazon EC2 will identify instance types with those attributes.\n\n> If you specify `InstanceRequirements` , you can't specify `InstanceType` .", - "title": "InstanceRequirements" - }, - "InstanceType": { - "markdownDescription": "The instance type.\n\n`mac1.metal` is not supported as a launch template override.\n\n> If you specify `InstanceType` , you can't specify `InstanceRequirements` .", - "title": "InstanceType", - "type": "string" - }, - "MaxPrice": { - "markdownDescription": "The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.\n\n> If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.\n> \n> If you specify a maximum price, it must be more than USD $0.001. Specifying a value below USD $0.001 will result in an `InvalidParameterValue` error message.", - "title": "MaxPrice", - "type": "string" - }, - "Placement": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.Placement", - "markdownDescription": "The location where the instance launched, if applicable.", - "title": "Placement" - }, - "Priority": { - "markdownDescription": "The priority for the launch template override. The highest priority is launched first.\n\nIf the On-Demand `AllocationStrategy` is set to `prioritized` , EC2 Fleet uses priority to determine which launch template override to use first in fulfilling On-Demand capacity.\n\nIf the Spot `AllocationStrategy` is set to `capacity-optimized-prioritized` , EC2 Fleet uses priority on a best-effort basis to determine which launch template override to use in fulfilling Spot capacity, but optimizes for capacity first.\n\nValid values are whole numbers starting at `0` . The lower the number, the higher the priority. If no number is set, the launch template override has the lowest priority. You can set the same priority for different launch template overrides.", - "title": "Priority", - "type": "number" - }, - "SubnetId": { - "markdownDescription": "The IDs of the subnets in which to launch the instances. Separate multiple subnet IDs using commas (for example, `subnet-1234abcdeexample1, subnet-0987cdef6example2` ). A request of type `instant` can have only one subnet ID.", - "title": "SubnetId", - "type": "string" - }, - "WeightedCapacity": { - "markdownDescription": "The number of units provided by the specified instance type. These are the same units that you chose to set the target capacity in terms of instances, or a performance characteristic such as vCPUs, memory, or I/O.\n\nIf the target capacity divided by this value is not a whole number, Amazon EC2 rounds the number of instances to the next whole number. If this value is not specified, the default is 1.\n\n> When specifying weights, the price used in the `lowest-price` and `price-capacity-optimized` allocation strategies is per *unit* hour (where the instance price is divided by the specified weight). However, if all the specified weights are above the requested `TargetCapacity` , resulting in only 1 instance being launched, the price used is per *instance* hour.", - "title": "WeightedCapacity", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::EC2Fleet.FleetLaunchTemplateSpecificationRequest": { - "additionalProperties": false, - "properties": { - "LaunchTemplateId": { - "markdownDescription": "The ID of the launch template.\n\nYou must specify the `LaunchTemplateId` or the `LaunchTemplateName` , but not both.", - "title": "LaunchTemplateId", - "type": "string" - }, - "LaunchTemplateName": { - "markdownDescription": "The name of the launch template.\n\nYou must specify the `LaunchTemplateName` or the `LaunchTemplateId` , but not both.", - "title": "LaunchTemplateName", - "type": "string" - }, - "Version": { - "markdownDescription": "The launch template version number, `$Latest` , or `$Default` . You must specify a value, otherwise the request fails.\n\nIf the value is `$Latest` , Amazon EC2 uses the latest version of the launch template.\n\nIf the value is `$Default` , Amazon EC2 uses the default version of the launch template.", - "title": "Version", - "type": "string" - } - }, - "required": [ - "Version" - ], - "type": "object" - }, - "AWS::EC2::EC2Fleet.InstanceRequirementsRequest": { - "additionalProperties": false, - "properties": { - "AcceleratorCount": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.AcceleratorCountRequest", - "markdownDescription": "The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferentia chips) on an instance.\n\nTo exclude accelerator-enabled instance types, set `Max` to `0` .\n\nDefault: No minimum or maximum limits", - "title": "AcceleratorCount" - }, - "AcceleratorManufacturers": { - "items": { - "type": "string" - }, - "markdownDescription": "Indicates whether instance types must have accelerators by specific manufacturers.\n\n- For instance types with AWS devices, specify `amazon-web-services` .\n- For instance types with AMD devices, specify `amd` .\n- For instance types with Habana devices, specify `habana` .\n- For instance types with NVIDIA devices, specify `nvidia` .\n- For instance types with Xilinx devices, specify `xilinx` .\n\nDefault: Any manufacturer", - "title": "AcceleratorManufacturers", - "type": "array" - }, - "AcceleratorNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The accelerators that must be on the instance type.\n\n- For instance types with NVIDIA A10G GPUs, specify `a10g` .\n- For instance types with NVIDIA A100 GPUs, specify `a100` .\n- For instance types with NVIDIA H100 GPUs, specify `h100` .\n- For instance types with AWS Inferentia chips, specify `inferentia` .\n- For instance types with NVIDIA GRID K520 GPUs, specify `k520` .\n- For instance types with NVIDIA K80 GPUs, specify `k80` .\n- For instance types with NVIDIA M60 GPUs, specify `m60` .\n- For instance types with AMD Radeon Pro V520 GPUs, specify `radeon-pro-v520` .\n- For instance types with NVIDIA T4 GPUs, specify `t4` .\n- For instance types with NVIDIA T4G GPUs, specify `t4g` .\n- For instance types with Xilinx VU9P FPGAs, specify `vu9p` .\n- For instance types with NVIDIA V100 GPUs, specify `v100` .\n\nDefault: Any accelerator", - "title": "AcceleratorNames", - "type": "array" - }, - "AcceleratorTotalMemoryMiB": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.AcceleratorTotalMemoryMiBRequest", - "markdownDescription": "The minimum and maximum amount of total accelerator memory, in MiB.\n\nDefault: No minimum or maximum limits", - "title": "AcceleratorTotalMemoryMiB" - }, - "AcceleratorTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The accelerator types that must be on the instance type.\n\n- For instance types with FPGA accelerators, specify `fpga` .\n- For instance types with GPU accelerators, specify `gpu` .\n- For instance types with Inference accelerators, specify `inference` .\n\nDefault: Any accelerator type", - "title": "AcceleratorTypes", - "type": "array" - }, - "AllowedInstanceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The instance types to apply your specified attributes against. All other instance types are ignored, even if they match your specified attributes.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to allow an instance type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will allow the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will allow all the M5a instance types, but not the M5n instance types.\n\n> If you specify `AllowedInstanceTypes` , you can't specify `ExcludedInstanceTypes` . \n\nDefault: All instance types", - "title": "AllowedInstanceTypes", - "type": "array" - }, - "BareMetal": { - "markdownDescription": "Indicates whether bare metal instance types must be included, excluded, or required.\n\n- To include bare metal instance types, specify `included` .\n- To require only bare metal instance types, specify `required` .\n- To exclude bare metal instance types, specify `excluded` .\n\nDefault: `excluded`", - "title": "BareMetal", - "type": "string" - }, - "BaselineEbsBandwidthMbps": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.BaselineEbsBandwidthMbpsRequest", - "markdownDescription": "The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps. For more information, see [Amazon EBS\u2013optimized instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-optimized.html) in the *Amazon EC2 User Guide* .\n\nDefault: No minimum or maximum limits", - "title": "BaselineEbsBandwidthMbps" - }, - "BurstablePerformance": { - "markdownDescription": "Indicates whether burstable performance T instance types are included, excluded, or required. For more information, see [Burstable performance instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) .\n\n- To include burstable performance instance types, specify `included` .\n- To require only burstable performance instance types, specify `required` .\n- To exclude burstable performance instance types, specify `excluded` .\n\nDefault: `excluded`", - "title": "BurstablePerformance", + "DnsNameServers": { + "markdownDescription": "A list of custom DNS name servers supported for the AWS DMS Serverless replication to access your source or target database. This list overrides the default name servers supported by the AWS DMS Serverless replication. You can specify a comma-separated list of internet addresses for up to four DNS name servers. For example: `\"1.1.1.1,2.2.2.2,3.3.3.3,4.4.4.4\"`", + "title": "DnsNameServers", "type": "string" }, - "CpuManufacturers": { - "items": { - "type": "string" - }, - "markdownDescription": "The CPU manufacturers to include.\n\n- For instance types with Intel CPUs, specify `intel` .\n- For instance types with AMD CPUs, specify `amd` .\n- For instance types with AWS CPUs, specify `amazon-web-services` .\n- For instance types with Apple CPUs, specify `apple` .\n\n> Don't confuse the CPU manufacturer with the CPU architecture. Instances will be launched with a compatible CPU architecture based on the Amazon Machine Image (AMI) that you specify in your launch template. \n\nDefault: Any manufacturer", - "title": "CpuManufacturers", - "type": "array" - }, - "ExcludedInstanceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The instance types to exclude.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to exclude an instance family, type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will exclude the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will exclude all the M5a instance types, but not the M5n instance types.\n\n> If you specify `ExcludedInstanceTypes` , you can't specify `AllowedInstanceTypes` . \n\nDefault: No excluded instance types", - "title": "ExcludedInstanceTypes", - "type": "array" - }, - "InstanceGenerations": { - "items": { - "type": "string" - }, - "markdownDescription": "Indicates whether current or previous generation instance types are included. The current generation instance types are recommended for use. Current generation instance types are typically the latest two to three generations in each instance family. For more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .\n\nFor current generation instance types, specify `current` .\n\nFor previous generation instance types, specify `previous` .\n\nDefault: Current and previous generation instance types", - "title": "InstanceGenerations", - "type": "array" - }, - "LocalStorage": { - "markdownDescription": "Indicates whether instance types with instance store volumes are included, excluded, or required. For more information, [Amazon EC2 instance store](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html) in the *Amazon EC2 User Guide* .\n\n- To include instance types with instance store volumes, specify `included` .\n- To require only instance types with instance store volumes, specify `required` .\n- To exclude instance types with instance store volumes, specify `excluded` .\n\nDefault: `included`", - "title": "LocalStorage", + "KmsKeyId": { + "markdownDescription": "An AWS Key Management Service ( AWS KMS ) key Amazon Resource Name (ARN) that is used to encrypt the data during AWS DMS Serverless replication.\n\nIf you don't specify a value for the `KmsKeyId` parameter, AWS DMS uses your default encryption key.\n\nAWS KMS creates the default encryption key for your Amazon Web Services account. Your AWS account has a different default encryption key for each AWS Region .", + "title": "KmsKeyId", "type": "string" }, - "LocalStorageTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The type of local storage that is required.\n\n- For instance types with hard disk drive (HDD) storage, specify `hdd` .\n- For instance types with solid state drive (SSD) storage, specify `ssd` .\n\nDefault: `hdd` and `ssd`", - "title": "LocalStorageTypes", - "type": "array" - }, - "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice": { - "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage of an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is based on the per vCPU or per memory price instead of the per instance price.\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` .", - "title": "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice", - "type": "number" - }, - "MemoryGiBPerVCpu": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.MemoryGiBPerVCpuRequest", - "markdownDescription": "The minimum and maximum amount of memory per vCPU, in GiB.\n\nDefault: No minimum or maximum limits", - "title": "MemoryGiBPerVCpu" - }, - "MemoryMiB": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.MemoryMiBRequest", - "markdownDescription": "The minimum and maximum amount of memory, in MiB.", - "title": "MemoryMiB" - }, - "NetworkBandwidthGbps": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.NetworkBandwidthGbpsRequest", - "markdownDescription": "The minimum and maximum amount of baseline network bandwidth, in gigabits per second (Gbps). For more information, see [Amazon EC2 instance network bandwidth](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-network-bandwidth.html) in the *Amazon EC2 User Guide* .\n\nDefault: No minimum or maximum limits", - "title": "NetworkBandwidthGbps" - }, - "NetworkInterfaceCount": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.NetworkInterfaceCountRequest", - "markdownDescription": "The minimum and maximum number of network interfaces.\n\nDefault: No minimum or maximum limits", - "title": "NetworkInterfaceCount" - }, - "OnDemandMaxPricePercentageOverLowestPrice": { - "markdownDescription": "[Price protection] The price protection threshold for On-Demand Instances, as a percentage higher than an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nTo indicate no price protection threshold, specify a high value, such as `999999` .\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n> If you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price. \n\nDefault: `20`", - "title": "OnDemandMaxPricePercentageOverLowestPrice", - "type": "number" - }, - "RequireHibernateSupport": { - "markdownDescription": "Indicates whether instance types must support hibernation for On-Demand Instances.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) .\n\nDefault: `false`", - "title": "RequireHibernateSupport", - "type": "boolean" - }, - "SpotMaxPricePercentageOverLowestPrice": { - "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage higher than an identified Spot price. The identified Spot price is the Spot price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified Spot price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose Spot price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` . \n\nDefault: `100`", - "title": "SpotMaxPricePercentageOverLowestPrice", - "type": "number" - }, - "TotalLocalStorageGB": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.TotalLocalStorageGBRequest", - "markdownDescription": "The minimum and maximum amount of total local storage, in GB.\n\nDefault: No minimum or maximum limits", - "title": "TotalLocalStorageGB" - }, - "VCpuCount": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.VCpuCountRangeRequest", - "markdownDescription": "The minimum and maximum number of vCPUs.", - "title": "VCpuCount" - } - }, - "type": "object" - }, - "AWS::EC2::EC2Fleet.MaintenanceStrategies": { - "additionalProperties": false, - "properties": { - "CapacityRebalance": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.CapacityRebalance", - "markdownDescription": "The strategy to use when Amazon EC2 emits a signal that your Spot Instance is at an elevated risk of being interrupted.", - "title": "CapacityRebalance" - } - }, - "type": "object" - }, - "AWS::EC2::EC2Fleet.MemoryGiBPerVCpuRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum amount of memory per vCPU, in GiB. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum amount of memory per vCPU, in GiB. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::EC2Fleet.MemoryMiBRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum amount of memory, in MiB. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum amount of memory, in MiB. To specify no minimum limit, specify `0` .", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::EC2Fleet.NetworkBandwidthGbpsRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum amount of network bandwidth, in Gbps. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum amount of network bandwidth, in Gbps. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::EC2Fleet.NetworkInterfaceCountRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum number of network interfaces. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum number of network interfaces. To specify no minimum limit, omit this parameter.", - "title": "Min", + "MaxCapacityUnits": { + "markdownDescription": "Specifies the maximum value of the AWS DMS capacity units (DCUs) for which a given AWS DMS Serverless replication can be provisioned. A single DCU is 2GB of RAM, with 1 DCU as the minimum value allowed. The list of valid DCU values includes 1, 2, 4, 8, 16, 32, 64, 128, 192, 256, and 384. So, the maximum value that you can specify for AWS DMS Serverless is 384. The `MaxCapacityUnits` parameter is the only DCU parameter you are required to specify.", + "title": "MaxCapacityUnits", "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::EC2Fleet.OnDemandOptionsRequest": { - "additionalProperties": false, - "properties": { - "AllocationStrategy": { - "markdownDescription": "The strategy that determines the order of the launch template overrides to use in fulfilling On-Demand capacity.\n\n`lowest-price` - EC2 Fleet uses price to determine the order, launching the lowest price first.\n\n`prioritized` - EC2 Fleet uses the priority that you assigned to each launch template override, launching the highest priority first.\n\nDefault: `lowest-price`", - "title": "AllocationStrategy", - "type": "string" - }, - "CapacityReservationOptions": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.CapacityReservationOptionsRequest", - "markdownDescription": "The strategy for using unused Capacity Reservations for fulfilling On-Demand capacity.\n\nSupported only for fleets of type `instant` .", - "title": "CapacityReservationOptions" - }, - "MaxTotalPrice": { - "markdownDescription": "The maximum amount per hour for On-Demand Instances that you're willing to pay.\n\n> If your fleet includes T instances that are configured as `unlimited` , and if their average CPU usage exceeds the baseline utilization, you will incur a charge for surplus credits. The `MaxTotalPrice` does not account for surplus credits, and, if you use surplus credits, your final cost might be higher than what you specified for `MaxTotalPrice` . For more information, see [Surplus credits can incur charges](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) in the *Amazon EC2 User Guide* .", - "title": "MaxTotalPrice", - "type": "string" }, - "MinTargetCapacity": { - "markdownDescription": "The minimum target capacity for On-Demand Instances in the fleet. If this minimum capacity isn't reached, no instances are launched.\n\nConstraints: Maximum value of `1000` . Supported only for fleets of type `instant` .\n\nAt least one of the following must be specified: `SingleAvailabilityZone` | `SingleInstanceType`", - "title": "MinTargetCapacity", + "MinCapacityUnits": { + "markdownDescription": "Specifies the minimum value of the AWS DMS capacity units (DCUs) for which a given AWS DMS Serverless replication can be provisioned. A single DCU is 2GB of RAM, with 1 DCU as the minimum value allowed. The list of valid DCU values includes 1, 2, 4, 8, 16, 32, 64, 128, 192, 256, and 384. So, the minimum DCU value that you can specify for AWS DMS Serverless is 1. If you don't set this value, AWS DMS sets this parameter to the minimum DCU value allowed, 1. If there is no current source activity, AWS DMS scales down your replication until it reaches the value specified in `MinCapacityUnits` .", + "title": "MinCapacityUnits", "type": "number" }, - "SingleAvailabilityZone": { - "markdownDescription": "Indicates that the fleet launches all On-Demand Instances into a single Availability Zone.\n\nSupported only for fleets of type `instant` .", - "title": "SingleAvailabilityZone", - "type": "boolean" - }, - "SingleInstanceType": { - "markdownDescription": "Indicates that the fleet uses a single instance type to launch all On-Demand Instances in the fleet.\n\nSupported only for fleets of type `instant` .", - "title": "SingleInstanceType", + "MultiAZ": { + "markdownDescription": "Specifies whether the AWS DMS Serverless replication is a Multi-AZ deployment. You can't set the `AvailabilityZone` parameter if the `MultiAZ` parameter is set to `true` .", + "title": "MultiAZ", "type": "boolean" - } - }, - "type": "object" - }, - "AWS::EC2::EC2Fleet.Placement": { - "additionalProperties": false, - "properties": { - "Affinity": { - "markdownDescription": "The affinity setting for the instance on the Dedicated Host.\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) or [ImportInstance](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportInstance.html) .", - "title": "Affinity", - "type": "string" - }, - "AvailabilityZone": { - "markdownDescription": "The Availability Zone of the instance.\n\nIf not specified, an Availability Zone will be automatically chosen for you based on the load balancing criteria for the Region.\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) .", - "title": "AvailabilityZone", - "type": "string" - }, - "GroupName": { - "markdownDescription": "The name of the placement group that the instance is in. If you specify `GroupName` , you can't specify `GroupId` .", - "title": "GroupName", - "type": "string" - }, - "HostId": { - "markdownDescription": "The ID of the Dedicated Host on which the instance resides.\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) or [ImportInstance](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportInstance.html) .", - "title": "HostId", - "type": "string" - }, - "HostResourceGroupArn": { - "markdownDescription": "The ARN of the host resource group in which to launch the instances.\n\nIf you specify this parameter, either omit the *Tenancy* parameter or set it to `host` .\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) .", - "title": "HostResourceGroupArn", - "type": "string" - }, - "PartitionNumber": { - "markdownDescription": "The number of the partition that the instance is in. Valid only if the placement group strategy is set to `partition` .\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) .", - "title": "PartitionNumber", - "type": "number" - }, - "SpreadDomain": { - "markdownDescription": "Reserved for future use.", - "title": "SpreadDomain", - "type": "string" - }, - "Tenancy": { - "markdownDescription": "The tenancy of the instance. An instance with a tenancy of `dedicated` runs on single-tenant hardware.\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) . The `host` tenancy is not supported for [ImportInstance](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportInstance.html) or for T3 instances that are configured for the `unlimited` CPU credit option.", - "title": "Tenancy", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::EC2Fleet.SpotOptionsRequest": { - "additionalProperties": false, - "properties": { - "AllocationStrategy": { - "markdownDescription": "Indicates how to allocate the target Spot Instance capacity across the Spot Instance pools specified by the EC2 Fleet.\n\nIf the allocation strategy is `lowestPrice` , EC2 Fleet launches instances from the Spot Instance pools with the lowest price. This is the default allocation strategy.\n\nIf the allocation strategy is `diversified` , EC2 Fleet launches instances from all the Spot Instance pools that you specify.\n\nIf the allocation strategy is `capacityOptimized` , EC2 Fleet launches instances from Spot Instance pools that are optimally chosen based on the available Spot Instance capacity.\n\n*Allowed Values* : `lowestPrice` | `diversified` | `capacityOptimized` | `capacityOptimizedPrioritized`", - "title": "AllocationStrategy", - "type": "string" - }, - "InstanceInterruptionBehavior": { - "markdownDescription": "The behavior when a Spot Instance is interrupted.\n\nDefault: `terminate`", - "title": "InstanceInterruptionBehavior", - "type": "string" - }, - "InstancePoolsToUseCount": { - "markdownDescription": "The number of Spot pools across which to allocate your target Spot capacity. Supported only when Spot `AllocationStrategy` is set to `lowest-price` . EC2 Fleet selects the cheapest Spot pools and evenly allocates your target Spot capacity across the number of Spot pools that you specify.\n\nNote that EC2 Fleet attempts to draw Spot Instances from the number of pools that you specify on a best effort basis. If a pool runs out of Spot capacity before fulfilling your target capacity, EC2 Fleet will continue to fulfill your request by drawing from the next cheapest pool. To ensure that your target capacity is met, you might receive Spot Instances from more than the number of pools that you specified. Similarly, if most of the pools have no Spot capacity, you might receive your full target capacity from fewer than the number of pools that you specified.", - "title": "InstancePoolsToUseCount", - "type": "number" - }, - "MaintenanceStrategies": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.MaintenanceStrategies", - "markdownDescription": "The strategies for managing your Spot Instances that are at an elevated risk of being interrupted.", - "title": "MaintenanceStrategies" }, - "MaxTotalPrice": { - "markdownDescription": "The maximum amount per hour for Spot Instances that you're willing to pay. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.\n\n> If you specify a maximum price, your Spot Instances will be interrupted more frequently than if you do not specify this parameter. > If your fleet includes T instances that are configured as `unlimited` , and if their average CPU usage exceeds the baseline utilization, you will incur a charge for surplus credits. The `MaxTotalPrice` does not account for surplus credits, and, if you use surplus credits, your final cost might be higher than what you specified for `MaxTotalPrice` . For more information, see [Surplus credits can incur charges](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) in the *Amazon EC2 User Guide* .", - "title": "MaxTotalPrice", + "PreferredMaintenanceWindow": { + "markdownDescription": "The weekly time range during which system maintenance can occur for the AWS DMS Serverless replication, in Universal Coordinated Time (UTC). The format is `ddd:hh24:mi-ddd:hh24:mi` .\n\nThe default is a 30-minute window selected at random from an 8-hour block of time per AWS Region . This maintenance occurs on a random day of the week. Valid values for days of the week include `Mon` , `Tue` , `Wed` , `Thu` , `Fri` , `Sat` , and `Sun` .\n\nConstraints include a minimum 30-minute window.", + "title": "PreferredMaintenanceWindow", "type": "string" }, - "MinTargetCapacity": { - "markdownDescription": "The minimum target capacity for Spot Instances in the fleet. If this minimum capacity isn't reached, no instances are launched.\n\nConstraints: Maximum value of `1000` . Supported only for fleets of type `instant` .\n\nAt least one of the following must be specified: `SingleAvailabilityZone` | `SingleInstanceType`", - "title": "MinTargetCapacity", - "type": "number" - }, - "SingleAvailabilityZone": { - "markdownDescription": "Indicates that the fleet launches all Spot Instances into a single Availability Zone.\n\nSupported only for fleets of type `instant` .", - "title": "SingleAvailabilityZone", - "type": "boolean" - }, - "SingleInstanceType": { - "markdownDescription": "Indicates that the fleet uses a single instance type to launch all Spot Instances in the fleet.\n\nSupported only for fleets of type `instant` .", - "title": "SingleInstanceType", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::EC2::EC2Fleet.TagSpecification": { - "additionalProperties": false, - "properties": { - "ResourceType": { - "markdownDescription": "The type of resource to tag.", - "title": "ResourceType", + "ReplicationSubnetGroupId": { + "markdownDescription": "Specifies a subnet group identifier to associate with the AWS DMS Serverless replication.", + "title": "ReplicationSubnetGroupId", "type": "string" }, - "Tags": { + "VpcSecurityGroupIds": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "The tags to apply to the resource.", - "title": "Tags", + "markdownDescription": "Specifies the virtual private cloud (VPC) security group to use with the AWS DMS Serverless replication. The VPC security group must work with the VPC containing the replication.", + "title": "VpcSecurityGroupIds", "type": "array" } }, - "type": "object" - }, - "AWS::EC2::EC2Fleet.TargetCapacitySpecificationRequest": { - "additionalProperties": false, - "properties": { - "DefaultTargetCapacityType": { - "markdownDescription": "The default target capacity type.", - "title": "DefaultTargetCapacityType", - "type": "string" - }, - "OnDemandTargetCapacity": { - "markdownDescription": "The number of On-Demand units to request.", - "title": "OnDemandTargetCapacity", - "type": "number" - }, - "SpotTargetCapacity": { - "markdownDescription": "The number of Spot units to request.", - "title": "SpotTargetCapacity", - "type": "number" - }, - "TargetCapacityUnitType": { - "markdownDescription": "The unit for the target capacity. You can specify this parameter only when using attributed-based instance type selection.\n\nDefault: `units` (the number of instances)", - "title": "TargetCapacityUnitType", - "type": "string" - }, - "TotalTargetCapacity": { - "markdownDescription": "The number of units to request, filled using the default target capacity type.", - "title": "TotalTargetCapacity", - "type": "number" - } - }, "required": [ - "TotalTargetCapacity" + "MaxCapacityUnits" ], "type": "object" }, - "AWS::EC2::EC2Fleet.TotalLocalStorageGBRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum amount of total local storage, in GB. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum amount of total local storage, in GB. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::EC2Fleet.VCpuCountRangeRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum number of vCPUs. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum number of vCPUs. To specify no minimum limit, specify `0` .", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::EIP": { + "AWS::DMS::ReplicationInstance": { "additionalProperties": false, "properties": { "Condition": { @@ -70239,45 +75658,106 @@ "Properties": { "additionalProperties": false, "properties": { - "Domain": { - "markdownDescription": "The network ( `vpc` ).\n\nIf you define an Elastic IP address and associate it with a VPC that is defined in the same template, you must declare a dependency on the VPC-gateway attachment by using the [DependsOn Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) on this resource.", - "title": "Domain", + "AllocatedStorage": { + "markdownDescription": "The amount of storage (in gigabytes) to be initially allocated for the replication instance.", + "title": "AllocatedStorage", + "type": "number" + }, + "AllowMajorVersionUpgrade": { + "markdownDescription": "Indicates that major version upgrades are allowed. Changing this parameter does not result in an outage, and the change is asynchronously applied as soon as possible.\n\nThis parameter must be set to `true` when specifying a value for the `EngineVersion` parameter that is a different major version than the replication instance's current version.", + "title": "AllowMajorVersionUpgrade", + "type": "boolean" + }, + "AutoMinorVersionUpgrade": { + "markdownDescription": "A value that indicates whether minor engine upgrades are applied automatically to the replication instance during the maintenance window. This parameter defaults to `true` .\n\nDefault: `true`", + "title": "AutoMinorVersionUpgrade", + "type": "boolean" + }, + "AvailabilityZone": { + "markdownDescription": "The Availability Zone that the replication instance will be created in.\n\nThe default value is a random, system-chosen Availability Zone in the endpoint's AWS Region , for example `us-east-1d` .", + "title": "AvailabilityZone", "type": "string" }, - "InstanceId": { - "markdownDescription": "The ID of the instance.\n\n> Updates to the `InstanceId` property may require *some interruptions* . Updates on an EIP reassociates the address on its associated resource.", - "title": "InstanceId", + "DnsNameServers": { + "markdownDescription": "A list of custom DNS name servers supported for the replication instance to access your on-premise source or target database. This list overrides the default name servers supported by the replication instance. You can specify a comma-separated list of internet addresses for up to four on-premise DNS name servers. For example: `\"1.1.1.1,2.2.2.2,3.3.3.3,4.4.4.4\"`", + "title": "DnsNameServers", "type": "string" }, - "NetworkBorderGroup": { - "markdownDescription": "A unique set of Availability Zones, Local Zones, or Wavelength Zones from which AWS advertises IP addresses. Use this parameter to limit the IP address to this location. IP addresses cannot move between network border groups.\n\nUse [DescribeAvailabilityZones](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAvailabilityZones.html) to view the network border groups.", - "title": "NetworkBorderGroup", + "EngineVersion": { + "markdownDescription": "The engine version number of the replication instance.\n\nIf an engine version number is not specified when a replication instance is created, the default is the latest engine version available.", + "title": "EngineVersion", "type": "string" }, - "PublicIpv4Pool": { - "markdownDescription": "The ID of an address pool that you own. Use this parameter to let Amazon EC2 select an address from the address pool.\n\n> Updates to the `PublicIpv4Pool` property may require *some interruptions* . Updates on an EIP reassociates the address on its associated resource.", - "title": "PublicIpv4Pool", + "KmsKeyId": { + "markdownDescription": "An AWS KMS key identifier that is used to encrypt the data on the replication instance.\n\nIf you don't specify a value for the `KmsKeyId` parameter, AWS DMS uses your default encryption key.\n\nAWS KMS creates the default encryption key for your AWS account . Your AWS account has a different default encryption key for each AWS Region .", + "title": "KmsKeyId", + "type": "string" + }, + "MultiAZ": { + "markdownDescription": "Specifies whether the replication instance is a Multi-AZ deployment. You can't set the `AvailabilityZone` parameter if the Multi-AZ parameter is set to `true` .", + "title": "MultiAZ", + "type": "boolean" + }, + "NetworkType": { + "markdownDescription": "The type of IP address protocol used by a replication instance, such as IPv4 only or Dual-stack that supports both IPv4 and IPv6 addressing. IPv6 only is not yet supported.", + "title": "NetworkType", + "type": "string" + }, + "PreferredMaintenanceWindow": { + "markdownDescription": "The weekly time range during which system maintenance can occur, in UTC.\n\n*Format* : `ddd:hh24:mi-ddd:hh24:mi`\n\n*Default* : A 30-minute window selected at random from an 8-hour block of time per AWS Region , occurring on a random day of the week.\n\n*Valid days* ( `ddd` ): `Mon` | `Tue` | `Wed` | `Thu` | `Fri` | `Sat` | `Sun`\n\n*Constraints* : Minimum 30-minute window.", + "title": "PreferredMaintenanceWindow", + "type": "string" + }, + "PubliclyAccessible": { + "markdownDescription": "Specifies the accessibility options for the replication instance. A value of `true` represents an instance with a public IP address. A value of `false` represents an instance with a private IP address. The default value is `true` .", + "title": "PubliclyAccessible", + "type": "boolean" + }, + "ReplicationInstanceClass": { + "markdownDescription": "The compute and memory capacity of the replication instance as defined for the specified replication instance class. For example, to specify the instance class dms.c4.large, set this parameter to `\"dms.c4.large\"` . For more information on the settings and capacities for the available replication instance classes, see [Selecting the right AWS DMS replication instance for your migration](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_ReplicationInstance.html#CHAP_ReplicationInstance.InDepth) in the *AWS Database Migration Service User Guide* .", + "title": "ReplicationInstanceClass", + "type": "string" + }, + "ReplicationInstanceIdentifier": { + "markdownDescription": "The replication instance identifier. This parameter is stored as a lowercase string.\n\nConstraints:\n\n- Must contain 1-63 alphanumeric characters or hyphens.\n- First character must be a letter.\n- Can't end with a hyphen or contain two consecutive hyphens.\n\nExample: `myrepinstance`", + "title": "ReplicationInstanceIdentifier", + "type": "string" + }, + "ReplicationSubnetGroupIdentifier": { + "markdownDescription": "A subnet group to associate with the replication instance.", + "title": "ReplicationSubnetGroupIdentifier", + "type": "string" + }, + "ResourceIdentifier": { + "markdownDescription": "A display name for the resource identifier at the end of the `EndpointArn` response parameter that is returned in the created `Endpoint` object. The value for this parameter can have up to 31 characters. It can contain only ASCII letters, digits, and hyphen ('-'). Also, it can't end with a hyphen or contain two consecutive hyphens, and can only begin with a letter, such as `Example-App-ARN1` . For example, this value might result in the `EndpointArn` value `arn:aws:dms:eu-west-1:012345678901:rep:Example-App-ARN1` . If you don't specify a `ResourceIdentifier` value, AWS DMS generates a default identifier value for the end of `EndpointArn` .", + "title": "ResourceIdentifier", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Any tags assigned to the Elastic IP address.\n\n> Updates to the `Tags` property may require *some interruptions* . Updates on an EIP reassociates the address on its associated resource.", + "markdownDescription": "One or more tags to be assigned to the replication instance.", "title": "Tags", "type": "array" }, - "TransferAddress": { - "markdownDescription": "The Elastic IP address you are accepting for transfer. You can only accept one transferred address. For more information on Elastic IP address transfers, see [Transfer Elastic IP addresses](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-eips.html#transfer-EIPs-intro) in the *Amazon Virtual Private Cloud User Guide* .", - "title": "TransferAddress", - "type": "string" + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the virtual private cloud (VPC) security group to be used with the replication instance. The VPC security group must work with the VPC containing the replication instance.", + "title": "VpcSecurityGroupIds", + "type": "array" } }, + "required": [ + "ReplicationInstanceClass" + ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::EIP" + "AWS::DMS::ReplicationInstance" ], "type": "string" }, @@ -70291,11 +75771,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::EC2::EIPAssociation": { + "AWS::DMS::ReplicationSubnetGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -70330,98 +75811,42 @@ "Properties": { "additionalProperties": false, "properties": { - "AllocationId": { - "markdownDescription": "The allocation ID. This is required.", - "title": "AllocationId", - "type": "string" - }, - "InstanceId": { - "markdownDescription": "The ID of the instance. The instance must have exactly one attached network interface. You can specify either the instance ID or the network interface ID, but not both.", - "title": "InstanceId", - "type": "string" - }, - "NetworkInterfaceId": { - "markdownDescription": "The ID of the network interface. If the instance has more than one network interface, you must specify a network interface ID.\n\nYou can specify either the instance ID or the network interface ID, but not both.", - "title": "NetworkInterfaceId", + "ReplicationSubnetGroupDescription": { + "markdownDescription": "The description for the subnet group.", + "title": "ReplicationSubnetGroupDescription", "type": "string" }, - "PrivateIpAddress": { - "markdownDescription": "The primary or secondary private IP address to associate with the Elastic IP address. If no private IP address is specified, the Elastic IP address is associated with the primary private IP address.", - "title": "PrivateIpAddress", - "type": "string" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::EC2::EIPAssociation" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::EC2::EgressOnlyInternetGateway": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + "ReplicationSubnetGroupIdentifier": { + "markdownDescription": "The identifier for the replication subnet group. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the identifier.", + "title": "ReplicationSubnetGroupIdentifier", "type": "string" }, - { + "SubnetIds": { "items": { - "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, + "markdownDescription": "One or more subnet IDs to be assigned to the subnet group.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "One or more tags to be assigned to the subnet group.", + "title": "Tags", "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "VpcId": { - "markdownDescription": "The ID of the VPC for which to create the egress-only internet gateway.", - "title": "VpcId", - "type": "string" } }, "required": [ - "VpcId" + "ReplicationSubnetGroupDescription", + "SubnetIds" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::EgressOnlyInternetGateway" + "AWS::DMS::ReplicationSubnetGroup" ], "type": "string" }, @@ -70440,7 +75865,7 @@ ], "type": "object" }, - "AWS::EC2::EnclaveCertificateIamRoleAssociation": { + "AWS::DMS::ReplicationTask": { "additionalProperties": false, "properties": { "Condition": { @@ -70475,26 +75900,87 @@ "Properties": { "additionalProperties": false, "properties": { - "CertificateArn": { - "markdownDescription": "The ARN of the ACM certificate with which to associate the IAM role.", - "title": "CertificateArn", + "CdcStartPosition": { + "markdownDescription": "Indicates when you want a change data capture (CDC) operation to start. Use either `CdcStartPosition` or `CdcStartTime` to specify when you want a CDC operation to start. Specifying both values results in an error.\n\nThe value can be in date, checkpoint, log sequence number (LSN), or system change number (SCN) format.\n\nHere is a date example: `--cdc-start-position \"2018-03-08T12:12:12\"`\n\nHere is a checkpoint example: `--cdc-start-position \"checkpoint:V1#27#mysql-bin-changelog.157832:1975:-1:2002:677883278264080:mysql-bin-changelog.157832:1876#0#0#*#0#93\"`\n\nHere is an LSN example: `--cdc-start-position \u201cmysql-bin-changelog.000024:373\u201d`\n\n> When you use this task setting with a source PostgreSQL database, a logical replication slot should already be created and associated with the source endpoint. You can verify this by setting the `slotName` extra connection attribute to the name of this logical replication slot. For more information, see [Extra Connection Attributes When Using PostgreSQL as a Source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.PostgreSQL.html#CHAP_Source.PostgreSQL.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", + "title": "CdcStartPosition", "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role to associate with the ACM certificate. You can associate up to 16 IAM roles with an ACM certificate.", - "title": "RoleArn", + "CdcStartTime": { + "markdownDescription": "Indicates the start time for a change data capture (CDC) operation.", + "title": "CdcStartTime", + "type": "number" + }, + "CdcStopPosition": { + "markdownDescription": "Indicates when you want a change data capture (CDC) operation to stop. The value can be either server time or commit time.\n\nHere is a server time example: `--cdc-stop-position \"server_time:2018-02-09T12:12:12\"`\n\nHere is a commit time example: `--cdc-stop-position \"commit_time: 2018-02-09T12:12:12\"`", + "title": "CdcStopPosition", + "type": "string" + }, + "MigrationType": { + "markdownDescription": "The migration type. Valid values: `full-load` | `cdc` | `full-load-and-cdc`", + "title": "MigrationType", + "type": "string" + }, + "ReplicationInstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of a replication instance.", + "title": "ReplicationInstanceArn", + "type": "string" + }, + "ReplicationTaskIdentifier": { + "markdownDescription": "An identifier for the replication task.\n\nConstraints:\n\n- Must contain 1-255 alphanumeric characters or hyphens.\n- First character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.", + "title": "ReplicationTaskIdentifier", + "type": "string" + }, + "ReplicationTaskSettings": { + "markdownDescription": "Overall settings for the task, in JSON format. For more information, see [Specifying Task Settings for AWS Database Migration Service Tasks](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TaskSettings.html) in the *AWS Database Migration Service User Guide* .", + "title": "ReplicationTaskSettings", + "type": "string" + }, + "ResourceIdentifier": { + "markdownDescription": "A display name for the resource identifier at the end of the `EndpointArn` response parameter that is returned in the created `Endpoint` object. The value for this parameter can have up to 31 characters. It can contain only ASCII letters, digits, and hyphen ('-'). Also, it can't end with a hyphen or contain two consecutive hyphens, and can only begin with a letter, such as `Example-App-ARN1` .\n\nFor example, this value might result in the `EndpointArn` value `arn:aws:dms:eu-west-1:012345678901:rep:Example-App-ARN1` . If you don't specify a `ResourceIdentifier` value, AWS DMS generates a default identifier value for the end of `EndpointArn` .", + "title": "ResourceIdentifier", + "type": "string" + }, + "SourceEndpointArn": { + "markdownDescription": "An Amazon Resource Name (ARN) that uniquely identifies the source endpoint.", + "title": "SourceEndpointArn", + "type": "string" + }, + "TableMappings": { + "markdownDescription": "The table mappings for the task, in JSON format. For more information, see [Using Table Mapping to Specify Task Settings](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TableMapping.html) in the *AWS Database Migration Service User Guide* .", + "title": "TableMappings", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "One or more tags to be assigned to the replication task.", + "title": "Tags", + "type": "array" + }, + "TargetEndpointArn": { + "markdownDescription": "An Amazon Resource Name (ARN) that uniquely identifies the target endpoint.", + "title": "TargetEndpointArn", + "type": "string" + }, + "TaskData": { + "markdownDescription": "Supplemental information that the task requires to migrate the data for certain source and target endpoints. For more information, see [Specifying Supplemental Data for Task Settings](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.TaskData.html) in the *AWS Database Migration Service User Guide.*", + "title": "TaskData", "type": "string" } }, "required": [ - "CertificateArn", - "RoleArn" + "MigrationType", + "ReplicationInstanceArn", + "SourceEndpointArn", + "TableMappings", + "TargetEndpointArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::EnclaveCertificateIamRoleAssociation" + "AWS::DMS::ReplicationTask" ], "type": "string" }, @@ -70513,7 +75999,7 @@ ], "type": "object" }, - "AWS::EC2::FlowLog": { + "AWS::DSQL::Cluster": { "additionalProperties": false, "properties": { "Condition": { @@ -70548,79 +76034,35 @@ "Properties": { "additionalProperties": false, "properties": { - "DeliverCrossAccountRole": { - "markdownDescription": "The ARN of the IAM role that allows the service to publish flow logs across accounts.", - "title": "DeliverCrossAccountRole", - "type": "string" - }, - "DeliverLogsPermissionArn": { - "markdownDescription": "The ARN of the IAM role that allows Amazon EC2 to publish flow logs to the log destination.\n\nThis parameter is required if the destination type is `cloud-watch-logs` , or if the destination type is `kinesis-data-firehose` and the delivery stream and the resources to monitor are in different accounts.", - "title": "DeliverLogsPermissionArn", - "type": "string" - }, - "DestinationOptions": { - "$ref": "#/definitions/AWS::EC2::FlowLog.DestinationOptions", - "markdownDescription": "The destination options.", - "title": "DestinationOptions" - }, - "LogDestination": { - "markdownDescription": "The destination for the flow log data. The meaning of this parameter depends on the destination type.\n\n- If the destination type is `cloud-watch-logs` , specify the ARN of a CloudWatch Logs log group. For example:\n\narn:aws:logs: *region* : *account_id* :log-group: *my_group*\n\nAlternatively, use the `LogGroupName` parameter.\n- If the destination type is `s3` , specify the ARN of an S3 bucket. For example:\n\narn:aws:s3::: *my_bucket* / *my_subfolder* /\n\nThe subfolder is optional. Note that you can't use `AWSLogs` as a subfolder name.\n- If the destination type is `kinesis-data-firehose` , specify the ARN of a Kinesis Data Firehose delivery stream. For example:\n\narn:aws:firehose: *region* : *account_id* :deliverystream: *my_stream*", - "title": "LogDestination", - "type": "string" - }, - "LogDestinationType": { - "markdownDescription": "The type of destination for the flow log data.\n\nDefault: `cloud-watch-logs`", - "title": "LogDestinationType", - "type": "string" - }, - "LogFormat": { - "markdownDescription": "The fields to include in the flow log record, in the order in which they should appear. If you omit this parameter, the flow log is created using the default format. If you specify this parameter, you must include at least one field. For more information about the available fields, see [Flow log records](https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html#flow-log-records) in the *Amazon VPC User Guide* or [Transit Gateway Flow Log records](https://docs.aws.amazon.com/vpc/latest/tgw/tgw-flow-logs.html#flow-log-records) in the *AWS Transit Gateway Guide* .\n\nSpecify the fields using the `${field-id}` format, separated by spaces.", - "title": "LogFormat", - "type": "string" - }, - "LogGroupName": { - "markdownDescription": "The name of a new or existing CloudWatch Logs log group where Amazon EC2 publishes your flow logs.\n\nThis parameter is valid only if the destination type is `cloud-watch-logs` .", - "title": "LogGroupName", - "type": "string" - }, - "MaxAggregationInterval": { - "markdownDescription": "The maximum interval of time during which a flow of packets is captured and aggregated into a flow log record. The possible values are 60 seconds (1 minute) or 600 seconds (10 minutes). This parameter must be 60 seconds for transit gateway resource types.\n\nWhen a network interface is attached to a [Nitro-based instance](https://docs.aws.amazon.com/ec2/latest/instancetypes/ec2-nitro-instances.html) , the aggregation interval is always 60 seconds or less, regardless of the value that you specify.\n\nDefault: 600", - "title": "MaxAggregationInterval", - "type": "number" + "DeletionProtectionEnabled": { + "markdownDescription": "Whether deletion protection is enabled on this cluster.", + "title": "DeletionProtectionEnabled", + "type": "boolean" }, - "ResourceId": { - "markdownDescription": "The ID of the resource to monitor. For example, if the resource type is `VPC` , specify the ID of the VPC.", - "title": "ResourceId", + "KmsEncryptionKey": { + "markdownDescription": "", + "title": "KmsEncryptionKey", "type": "string" }, - "ResourceType": { - "markdownDescription": "The type of resource to monitor.", - "title": "ResourceType", - "type": "string" + "MultiRegionProperties": { + "$ref": "#/definitions/AWS::DSQL::Cluster.MultiRegionProperties", + "markdownDescription": "Defines the structure for multi-Region cluster configurations, containing the witness Region and peered cluster settings.", + "title": "MultiRegionProperties" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to apply to the flow logs.", + "markdownDescription": "A map of key and value pairs this cluster is tagged with.", "title": "Tags", "type": "array" - }, - "TrafficType": { - "markdownDescription": "The type of traffic to monitor (accepted traffic, rejected traffic, or all traffic). This parameter is not supported for transit gateway resource types. It is required for the other resource types.", - "title": "TrafficType", - "type": "string" } }, - "required": [ - "ResourceId", - "ResourceType" - ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::FlowLog" + "AWS::DSQL::Cluster" ], "type": "string" }, @@ -70634,38 +76076,51 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::EC2::FlowLog.DestinationOptions": { + "AWS::DSQL::Cluster.EncryptionDetails": { "additionalProperties": false, "properties": { - "FileFormat": { - "markdownDescription": "The format for the flow log. The default is `plain-text` .", - "title": "FileFormat", + "EncryptionStatus": { + "markdownDescription": "The status of encryption for the cluster.", + "title": "EncryptionStatus", "type": "string" }, - "HiveCompatiblePartitions": { - "markdownDescription": "Indicates whether to use Hive-compatible prefixes for flow logs stored in Amazon S3. The default is `false` .", - "title": "HiveCompatiblePartitions", - "type": "boolean" + "EncryptionType": { + "markdownDescription": "The type of encryption that protects the data on your cluster.", + "title": "EncryptionType", + "type": "string" }, - "PerHourPartition": { - "markdownDescription": "Indicates whether to partition the flow log per hour. This reduces the cost and response time for queries. The default is `false` .", - "title": "PerHourPartition", - "type": "boolean" + "KmsKeyArn": { + "markdownDescription": "The ARN of the AWS KMS key that encrypts data in the cluster.", + "title": "KmsKeyArn", + "type": "string" } }, - "required": [ - "FileFormat", - "HiveCompatiblePartitions", - "PerHourPartition" - ], "type": "object" }, - "AWS::EC2::GatewayRouteTableAssociation": { + "AWS::DSQL::Cluster.MultiRegionProperties": { + "additionalProperties": false, + "properties": { + "Clusters": { + "items": { + "type": "string" + }, + "markdownDescription": "The set of peered clusters that form the multi-Region cluster configuration. Each peered cluster represents a database instance in a different Region.", + "title": "Clusters", + "type": "array" + }, + "WitnessRegion": { + "markdownDescription": "The Region that serves as the witness Region for a multi-Region cluster. The witness Region helps maintain cluster consistency and quorum.", + "title": "WitnessRegion", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataBrew::Dataset": { "additionalProperties": false, "properties": { "Condition": { @@ -70700,26 +76155,54 @@ "Properties": { "additionalProperties": false, "properties": { - "GatewayId": { - "markdownDescription": "The ID of the gateway.", - "title": "GatewayId", + "Format": { + "markdownDescription": "The file format of a dataset that is created from an Amazon S3 file or folder.", + "title": "Format", "type": "string" }, - "RouteTableId": { - "markdownDescription": "The ID of the route table.", - "title": "RouteTableId", + "FormatOptions": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.FormatOptions", + "markdownDescription": "A set of options that define how DataBrew interprets the data in the dataset.", + "title": "FormatOptions" + }, + "Input": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.Input", + "markdownDescription": "Information on how DataBrew can find the dataset, in either the AWS Glue Data Catalog or Amazon S3 .", + "title": "Input" + }, + "Name": { + "markdownDescription": "The unique name of the dataset.", + "title": "Name", + "type": "string" + }, + "PathOptions": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.PathOptions", + "markdownDescription": "A set of options that defines how DataBrew interprets an Amazon S3 path of the dataset.", + "title": "PathOptions" + }, + "Source": { + "markdownDescription": "The location of the data for the dataset, either Amazon S3 or the AWS Glue Data Catalog .", + "title": "Source", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata tags that have been applied to the dataset.", + "title": "Tags", + "type": "array" } }, "required": [ - "GatewayId", - "RouteTableId" + "Input", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::GatewayRouteTableAssociation" + "AWS::DataBrew::Dataset" ], "type": "string" }, @@ -70738,289 +76221,368 @@ ], "type": "object" }, - "AWS::EC2::Host": { + "AWS::DataBrew::Dataset.CsvOptions": { "additionalProperties": false, "properties": { - "Condition": { + "Delimiter": { + "markdownDescription": "A single character that specifies the delimiter being used in the CSV file.", + "title": "Delimiter", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "HeaderRow": { + "markdownDescription": "A variable that specifies whether the first row in the file is parsed as the header. If this value is false, column names are auto-generated.", + "title": "HeaderRow", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::DataBrew::Dataset.DataCatalogInputDefinition": { + "additionalProperties": false, + "properties": { + "CatalogId": { + "markdownDescription": "The unique identifier of the AWS account that holds the Data Catalog that stores the data.", + "title": "CatalogId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "DatabaseName": { + "markdownDescription": "The name of a database in the Data Catalog.", + "title": "DatabaseName", + "type": "string" }, - "Metadata": { - "type": "object" + "TableName": { + "markdownDescription": "The name of a database table in the Data Catalog. This table corresponds to a DataBrew dataset.", + "title": "TableName", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AssetId": { - "markdownDescription": "The ID of the Outpost hardware asset on which the Dedicated Host is allocated.", - "title": "AssetId", - "type": "string" - }, - "AutoPlacement": { - "markdownDescription": "Indicates whether the host accepts any untargeted instance launches that match its instance type configuration, or if it only accepts Host tenancy instance launches that specify its unique host ID. For more information, see [Understanding auto-placement and affinity](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/how-dedicated-hosts-work.html#dedicated-hosts-understanding) in the *Amazon EC2 User Guide* .\n\nDefault: `off`", - "title": "AutoPlacement", - "type": "string" - }, - "AvailabilityZone": { - "markdownDescription": "The Availability Zone in which to allocate the Dedicated Host.", - "title": "AvailabilityZone", - "type": "string" - }, - "HostMaintenance": { - "markdownDescription": "Indicates whether host maintenance is enabled or disabled for the Dedicated Host.", - "title": "HostMaintenance", - "type": "string" - }, - "HostRecovery": { - "markdownDescription": "Indicates whether to enable or disable host recovery for the Dedicated Host. Host recovery is disabled by default. For more information, see [Host recovery](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-hosts-recovery.html) in the *Amazon EC2 User Guide* .\n\nDefault: `off`", - "title": "HostRecovery", - "type": "string" - }, - "InstanceFamily": { - "markdownDescription": "The instance family supported by the Dedicated Host. For example, `m5` .", - "title": "InstanceFamily", - "type": "string" - }, - "InstanceType": { - "markdownDescription": "Specifies the instance type to be supported by the Dedicated Hosts. If you specify an instance type, the Dedicated Hosts support instances of the specified instance type only.", - "title": "InstanceType", - "type": "string" - }, - "OutpostArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Outpost on which the Dedicated Host is allocated.", - "title": "OutpostArn", - "type": "string" - } - }, - "required": [ - "AvailabilityZone" - ], - "type": "object" + "TempDirectory": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.S3Location", + "markdownDescription": "An Amazon location that AWS Glue Data Catalog can use as a temporary directory.", + "title": "TempDirectory" + } + }, + "type": "object" + }, + "AWS::DataBrew::Dataset.DatabaseInputDefinition": { + "additionalProperties": false, + "properties": { + "DatabaseTableName": { + "markdownDescription": "The table within the target database.", + "title": "DatabaseTableName", + "type": "string" }, - "Type": { - "enum": [ - "AWS::EC2::Host" - ], + "GlueConnectionName": { + "markdownDescription": "The AWS Glue Connection that stores the connection information for the target database.", + "title": "GlueConnectionName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "QueryString": { + "markdownDescription": "Custom SQL to run against the provided AWS Glue connection. This SQL will be used as the input for DataBrew projects and jobs.", + "title": "QueryString", "type": "string" + }, + "TempDirectory": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.S3Location", + "markdownDescription": "An Amazon location that AWS Glue Data Catalog can use as a temporary directory.", + "title": "TempDirectory" } }, "required": [ - "Type", - "Properties" + "GlueConnectionName" ], "type": "object" }, - "AWS::EC2::IPAM": { + "AWS::DataBrew::Dataset.DatasetParameter": { "additionalProperties": false, "properties": { - "Condition": { + "CreateColumn": { + "markdownDescription": "Optional boolean value that defines whether the captured value of this parameter should be loaded as an additional column in the dataset.", + "title": "CreateColumn", + "type": "boolean" + }, + "DatetimeOptions": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.DatetimeOptions", + "markdownDescription": "Additional parameter options such as a format and a timezone. Required for datetime parameters.", + "title": "DatetimeOptions" + }, + "Filter": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.FilterExpression", + "markdownDescription": "The optional filter expression structure to apply additional matching criteria to the parameter.", + "title": "Filter" + }, + "Name": { + "markdownDescription": "The name of the parameter that is used in the dataset's Amazon S3 path.", + "title": "Name", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Type": { + "markdownDescription": "The type of the dataset parameter, can be one of a 'String', 'Number' or 'Datetime'.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Name", + "Type" + ], + "type": "object" + }, + "AWS::DataBrew::Dataset.DatetimeOptions": { + "additionalProperties": false, + "properties": { + "Format": { + "markdownDescription": "Required option, that defines the datetime format used for a date parameter in the Amazon S3 path. Should use only supported datetime specifiers and separation characters, all litera a-z or A-Z character should be escaped with single quotes. E.g. \"MM.dd.yyyy-'at'-HH:mm\".", + "title": "Format", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "LocaleCode": { + "markdownDescription": "Optional value for a non-US locale code, needed for correct interpretation of some date formats.", + "title": "LocaleCode", + "type": "string" }, - "Metadata": { - "type": "object" + "TimezoneOffset": { + "markdownDescription": "Optional value for a timezone offset of the datetime parameter value in the Amazon S3 path. Shouldn't be used if Format for this parameter includes timezone fields. If no offset specified, UTC is assumed.", + "title": "TimezoneOffset", + "type": "string" + } + }, + "required": [ + "Format" + ], + "type": "object" + }, + "AWS::DataBrew::Dataset.ExcelOptions": { + "additionalProperties": false, + "properties": { + "HeaderRow": { + "markdownDescription": "A variable that specifies whether the first row in the file is parsed as the header. If this value is false, column names are auto-generated.", + "title": "HeaderRow", + "type": "boolean" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The description for the IPAM.", - "title": "Description", - "type": "string" - }, - "OperatingRegions": { - "items": { - "$ref": "#/definitions/AWS::EC2::IPAM.IpamOperatingRegion" - }, - "markdownDescription": "The operating Regions for an IPAM. Operating Regions are AWS Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only discovers and monitors resources in the AWS Regions you select as operating Regions.\n\nFor more information about operating Regions, see [Create an IPAM](https://docs.aws.amazon.com//vpc/latest/ipam/create-ipam.html) in the *Amazon VPC IPAM User Guide* .", - "title": "OperatingRegions", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key `Owner` and the value `TeamA` , specify `tag:Owner` for the filter name and `TeamA` for the filter value.", - "title": "Tags", - "type": "array" - }, - "Tier": { - "markdownDescription": "IPAM is offered in a Free Tier and an Advanced Tier. For more information about the features available in each tier and the costs associated with the tiers, see the [VPC IPAM product pricing page](https://docs.aws.amazon.com//vpc/pricing/) .", - "title": "Tier", - "type": "string" - } + "SheetIndexes": { + "items": { + "type": "number" }, - "type": "object" + "markdownDescription": "One or more sheet numbers in the Excel file that will be included in the dataset.", + "title": "SheetIndexes", + "type": "array" }, - "Type": { - "enum": [ - "AWS::EC2::IPAM" - ], + "SheetNames": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more named sheets in the Excel file that will be included in the dataset.", + "title": "SheetNames", + "type": "array" + } + }, + "type": "object" + }, + "AWS::DataBrew::Dataset.FilesLimit": { + "additionalProperties": false, + "properties": { + "MaxFiles": { + "markdownDescription": "The number of Amazon S3 files to select.", + "title": "MaxFiles", + "type": "number" + }, + "Order": { + "markdownDescription": "A criteria to use for Amazon S3 files sorting before their selection. By default uses DESCENDING order, i.e. most recent files are selected first. Anotherpossible value is ASCENDING.", + "title": "Order", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "OrderedBy": { + "markdownDescription": "A criteria to use for Amazon S3 files sorting before their selection. By default uses LAST_MODIFIED_DATE as a sorting criteria. Currently it's the only allowed value.", + "title": "OrderedBy", "type": "string" } }, "required": [ - "Type" + "MaxFiles" ], "type": "object" }, - "AWS::EC2::IPAM.IpamOperatingRegion": { + "AWS::DataBrew::Dataset.FilterExpression": { "additionalProperties": false, "properties": { - "RegionName": { - "markdownDescription": "The name of the operating Region.", - "title": "RegionName", + "Expression": { + "markdownDescription": "The expression which includes condition names followed by substitution variables, possibly grouped and combined with other conditions. For example, \"(starts_with :prefix1 or starts_with :prefix2) and (ends_with :suffix1 or ends_with :suffix2)\". Substitution variables should start with ':' symbol.", + "title": "Expression", "type": "string" + }, + "ValuesMap": { + "items": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.FilterValue" + }, + "markdownDescription": "The map of substitution variable names to their values used in this filter expression.", + "title": "ValuesMap", + "type": "array" } }, "required": [ - "RegionName" + "Expression", + "ValuesMap" ], "type": "object" }, - "AWS::EC2::IPAMAllocation": { + "AWS::DataBrew::Dataset.FilterValue": { "additionalProperties": false, "properties": { - "Condition": { + "Value": { + "markdownDescription": "The value to be associated with the substitution variable.", + "title": "Value", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ValueReference": { + "markdownDescription": "The substitution variable reference.", + "title": "ValueReference", "type": "string" + } + }, + "required": [ + "Value", + "ValueReference" + ], + "type": "object" + }, + "AWS::DataBrew::Dataset.FormatOptions": { + "additionalProperties": false, + "properties": { + "Csv": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.CsvOptions", + "markdownDescription": "Options that define how CSV input is to be interpreted by DataBrew.", + "title": "Csv" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Excel": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.ExcelOptions", + "markdownDescription": "Options that define how Excel input is to be interpreted by DataBrew.", + "title": "Excel" + }, + "Json": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.JsonOptions", + "markdownDescription": "Options that define how JSON input is to be interpreted by DataBrew.", + "title": "Json" + } + }, + "type": "object" + }, + "AWS::DataBrew::Dataset.Input": { + "additionalProperties": false, + "properties": { + "DataCatalogInputDefinition": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.DataCatalogInputDefinition", + "markdownDescription": "The AWS Glue Data Catalog parameters for the data.", + "title": "DataCatalogInputDefinition" + }, + "DatabaseInputDefinition": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.DatabaseInputDefinition", + "markdownDescription": "Connection information for dataset input files stored in a database.", + "title": "DatabaseInputDefinition" }, "Metadata": { - "type": "object" + "$ref": "#/definitions/AWS::DataBrew::Dataset.Metadata", + "markdownDescription": "Contains additional resource information needed for specific datasets.", + "title": "Metadata" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Cidr": { - "markdownDescription": "The CIDR you would like to allocate from the IPAM pool. Note the following:\n\n- If there is no DefaultNetmaskLength allocation rule set on the pool, you must specify either the NetmaskLength or the CIDR.\n- If the DefaultNetmaskLength allocation rule is set on the pool, you can specify either the NetmaskLength or the CIDR and the DefaultNetmaskLength allocation rule will be ignored.\n\nPossible values: Any available IPv4 or IPv6 CIDR.", - "title": "Cidr", - "type": "string" - }, - "Description": { - "markdownDescription": "A description for the allocation.", - "title": "Description", - "type": "string" - }, - "IpamPoolId": { - "markdownDescription": "The ID of the IPAM pool from which you would like to allocate a CIDR.", - "title": "IpamPoolId", - "type": "string" - }, - "NetmaskLength": { - "markdownDescription": "The netmask length of the CIDR you would like to allocate from the IPAM pool. Note the following:\n\n- If there is no DefaultNetmaskLength allocation rule set on the pool, you must specify either the NetmaskLength or the CIDR.\n- If the DefaultNetmaskLength allocation rule is set on the pool, you can specify either the NetmaskLength or the CIDR and the DefaultNetmaskLength allocation rule will be ignored.\n\nPossible netmask lengths for IPv4 addresses are 0 - 32. Possible netmask lengths for IPv6 addresses are 0 - 128.", - "title": "NetmaskLength", - "type": "number" - } + "S3InputDefinition": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.S3Location", + "markdownDescription": "The Amazon S3 location where the data is stored.", + "title": "S3InputDefinition" + } + }, + "type": "object" + }, + "AWS::DataBrew::Dataset.JsonOptions": { + "additionalProperties": false, + "properties": { + "MultiLine": { + "markdownDescription": "A value that specifies whether JSON input contains embedded new line characters.", + "title": "MultiLine", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::DataBrew::Dataset.Metadata": { + "additionalProperties": false, + "properties": { + "SourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) associated with the dataset. Currently, DataBrew only supports ARNs from Amazon AppFlow.", + "title": "SourceArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataBrew::Dataset.PathOptions": { + "additionalProperties": false, + "properties": { + "FilesLimit": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.FilesLimit", + "markdownDescription": "If provided, this structure imposes a limit on a number of files that should be selected.", + "title": "FilesLimit" + }, + "LastModifiedDateCondition": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.FilterExpression", + "markdownDescription": "If provided, this structure defines a date range for matching Amazon S3 objects based on their LastModifiedDate attribute in Amazon S3 .", + "title": "LastModifiedDateCondition" + }, + "Parameters": { + "items": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.PathParameter" }, - "required": [ - "IpamPoolId" - ], - "type": "object" + "markdownDescription": "A structure that maps names of parameters used in the Amazon S3 path of a dataset to their definitions.", + "title": "Parameters", + "type": "array" + } + }, + "type": "object" + }, + "AWS::DataBrew::Dataset.PathParameter": { + "additionalProperties": false, + "properties": { + "DatasetParameter": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.DatasetParameter", + "markdownDescription": "The path parameter definition.", + "title": "DatasetParameter" }, - "Type": { - "enum": [ - "AWS::EC2::IPAMAllocation" - ], + "PathParameterName": { + "markdownDescription": "The name of the path parameter.", + "title": "PathParameterName", + "type": "string" + } + }, + "required": [ + "DatasetParameter", + "PathParameterName" + ], + "type": "object" + }, + "AWS::DataBrew::Dataset.S3Location": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The Amazon S3 bucket name.", + "title": "Bucket", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "BucketOwner": { + "markdownDescription": "The AWS account ID of the bucket owner.", + "title": "BucketOwner", + "type": "string" + }, + "Key": { + "markdownDescription": "The unique name of the object in the bucket.", + "title": "Key", "type": "string" } }, "required": [ - "Type", - "Properties" + "Bucket" ], "type": "object" }, - "AWS::EC2::IPAMPool": { + "AWS::DataBrew::Job": { "additionalProperties": false, "properties": { "Condition": { @@ -71055,105 +76617,132 @@ "Properties": { "additionalProperties": false, "properties": { - "AddressFamily": { - "markdownDescription": "The address family of the pool.", - "title": "AddressFamily", - "type": "string" - }, - "AllocationDefaultNetmaskLength": { - "markdownDescription": "The default netmask length for allocations added to this pool. If, for example, the CIDR assigned to this pool is 10.0.0.0/8 and you enter 16 here, new allocations will default to 10.0.0.0/16.", - "title": "AllocationDefaultNetmaskLength", - "type": "number" - }, - "AllocationMaxNetmaskLength": { - "markdownDescription": "The maximum netmask length possible for CIDR allocations in this IPAM pool to be compliant. The maximum netmask length must be greater than the minimum netmask length. Possible netmask lengths for IPv4 addresses are 0 - 32. Possible netmask lengths for IPv6 addresses are 0 - 128.", - "title": "AllocationMaxNetmaskLength", - "type": "number" - }, - "AllocationMinNetmaskLength": { - "markdownDescription": "The minimum netmask length required for CIDR allocations in this IPAM pool to be compliant. The minimum netmask length must be less than the maximum netmask length. Possible netmask lengths for IPv4 addresses are 0 - 32. Possible netmask lengths for IPv6 addresses are 0 - 128.", - "title": "AllocationMinNetmaskLength", - "type": "number" + "DataCatalogOutputs": { + "items": { + "$ref": "#/definitions/AWS::DataBrew::Job.DataCatalogOutput" + }, + "markdownDescription": "One or more artifacts that represent the AWS Glue Data Catalog output from running the job.", + "title": "DataCatalogOutputs", + "type": "array" }, - "AllocationResourceTags": { + "DatabaseOutputs": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::DataBrew::Job.DatabaseOutput" }, - "markdownDescription": "Tags that are required for resources that use CIDRs from this IPAM pool. Resources that do not have these tags will not be allowed to allocate space from the pool. If the resources have their tags changed after they have allocated space or if the allocation tagging requirements are changed on the pool, the resource may be marked as noncompliant.", - "title": "AllocationResourceTags", + "markdownDescription": "Represents a list of JDBC database output objects which defines the output destination for a DataBrew recipe job to write into.", + "title": "DatabaseOutputs", "type": "array" }, - "AutoImport": { - "markdownDescription": "If selected, IPAM will continuously look for resources within the CIDR range of this pool and automatically import them as allocations into your IPAM. The CIDRs that will be allocated for these resources must not already be allocated to other resources in order for the import to succeed. IPAM will import a CIDR regardless of its compliance with the pool's allocation rules, so a resource might be imported and subsequently marked as noncompliant. If IPAM discovers multiple CIDRs that overlap, IPAM will import the largest CIDR only. If IPAM discovers multiple CIDRs with matching CIDRs, IPAM will randomly import one of them only.\n\nA locale must be set on the pool for this feature to work.", - "title": "AutoImport", - "type": "boolean" + "DatasetName": { + "markdownDescription": "A dataset that the job is to process.", + "title": "DatasetName", + "type": "string" }, - "AwsService": { - "markdownDescription": "Limits which service in AWS that the pool can be used in. \"ec2\", for example, allows users to use space for Elastic IP addresses and VPCs.", - "title": "AwsService", + "EncryptionKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an encryption key that is used to protect the job output. For more information, see [Encrypting data written by DataBrew jobs](https://docs.aws.amazon.com/databrew/latest/dg/encryption-security-configuration.html)", + "title": "EncryptionKeyArn", "type": "string" }, - "Description": { - "markdownDescription": "The description of the IPAM pool.", - "title": "Description", + "EncryptionMode": { + "markdownDescription": "The encryption mode for the job, which can be one of the following:\n\n- `SSE-KMS` - Server-side encryption with keys managed by AWS KMS .\n- `SSE-S3` - Server-side encryption with keys managed by Amazon S3.", + "title": "EncryptionMode", "type": "string" }, - "IpamScopeId": { - "markdownDescription": "The ID of the scope in which you would like to create the IPAM pool.", - "title": "IpamScopeId", + "JobSample": { + "$ref": "#/definitions/AWS::DataBrew::Job.JobSample", + "markdownDescription": "A sample configuration for profile jobs only, which determines the number of rows on which the profile job is run. If a `JobSample` value isn't provided, the default value is used. The default value is CUSTOM_ROWS for the mode parameter and 20,000 for the size parameter.", + "title": "JobSample" + }, + "LogSubscription": { + "markdownDescription": "The current status of Amazon CloudWatch logging for the job.", + "title": "LogSubscription", "type": "string" }, - "Locale": { - "markdownDescription": "The locale of the IPAM pool.\n\nThe locale for the pool should be one of the following:\n\n- An AWS Region where you want this IPAM pool to be available for allocations.\n- The network border group for an AWS Local Zone where you want this IPAM pool to be available for allocations ( [supported Local Zones](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-byoip.html#byoip-zone-avail) ). This option is only available for IPAM IPv4 pools in the public scope.\n\nIf you choose an AWS Region for locale that has not been configured as an operating Region for the IPAM, you'll get an error.", - "title": "Locale", + "MaxCapacity": { + "markdownDescription": "The maximum number of nodes that can be consumed when the job processes data.", + "title": "MaxCapacity", + "type": "number" + }, + "MaxRetries": { + "markdownDescription": "The maximum number of times to retry the job after a job run fails.", + "title": "MaxRetries", + "type": "number" + }, + "Name": { + "markdownDescription": "The unique name of the job.", + "title": "Name", "type": "string" }, - "ProvisionedCidrs": { + "OutputLocation": { + "$ref": "#/definitions/AWS::DataBrew::Job.OutputLocation", + "markdownDescription": "The location in Amazon S3 where the job writes its output.", + "title": "OutputLocation" + }, + "Outputs": { "items": { - "$ref": "#/definitions/AWS::EC2::IPAMPool.ProvisionedCidr" + "$ref": "#/definitions/AWS::DataBrew::Job.Output" }, - "markdownDescription": "Information about the CIDRs provisioned to an IPAM pool.", - "title": "ProvisionedCidrs", + "markdownDescription": "One or more artifacts that represent output from running the job.", + "title": "Outputs", "type": "array" }, - "PublicIpSource": { - "markdownDescription": "The IP address source for pools in the public scope. Only used for provisioning IP address CIDRs to pools in the public scope. Default is `BYOIP` . For more information, see [Create IPv6 pools](https://docs.aws.amazon.com//vpc/latest/ipam/intro-create-ipv6-pools.html) in the *Amazon VPC IPAM User Guide* . By default, you can add only one Amazon-provided IPv6 CIDR block to a top-level IPv6 pool. For information on increasing the default limit, see [Quotas for your IPAM](https://docs.aws.amazon.com//vpc/latest/ipam/quotas-ipam.html) in the *Amazon VPC IPAM User Guide* .", - "title": "PublicIpSource", + "ProfileConfiguration": { + "$ref": "#/definitions/AWS::DataBrew::Job.ProfileConfiguration", + "markdownDescription": "Configuration for profile jobs. Configuration can be used to select columns, do evaluations, and override default parameters of evaluations. When configuration is undefined, the profile job will apply default settings to all supported columns.", + "title": "ProfileConfiguration" + }, + "ProjectName": { + "markdownDescription": "The name of the project that the job is associated with.", + "title": "ProjectName", "type": "string" }, - "PubliclyAdvertisable": { - "markdownDescription": "Determines if a pool is publicly advertisable. This option is not available for pools with AddressFamily set to `ipv4` .", - "title": "PubliclyAdvertisable", - "type": "boolean" + "Recipe": { + "$ref": "#/definitions/AWS::DataBrew::Job.Recipe", + "markdownDescription": "A series of data transformation steps that the job runs.", + "title": "Recipe" }, - "SourceIpamPoolId": { - "markdownDescription": "The ID of the source IPAM pool. You can use this option to create an IPAM pool within an existing source pool.", - "title": "SourceIpamPoolId", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role to be assumed for this job.", + "title": "RoleArn", "type": "string" }, - "SourceResource": { - "$ref": "#/definitions/AWS::EC2::IPAMPool.SourceResource", - "markdownDescription": "The resource used to provision CIDRs to a resource planning pool.", - "title": "SourceResource" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key `Owner` and the value `TeamA` , specify `tag:Owner` for the filter name and `TeamA` for the filter value.", + "markdownDescription": "Metadata tags that have been applied to the job.", "title": "Tags", "type": "array" + }, + "Timeout": { + "markdownDescription": "The job's timeout in minutes. A job that attempts to run longer than this timeout period ends with a status of `TIMEOUT` .", + "title": "Timeout", + "type": "number" + }, + "Type": { + "markdownDescription": "The job type of the job, which must be one of the following:\n\n- `PROFILE` - A job to analyze a dataset, to determine its size, data types, data distribution, and more.\n- `RECIPE` - A job to apply one or more transformations to a dataset.", + "title": "Type", + "type": "string" + }, + "ValidationConfigurations": { + "items": { + "$ref": "#/definitions/AWS::DataBrew::Job.ValidationConfiguration" + }, + "markdownDescription": "List of validation configurations that are applied to the profile job.", + "title": "ValidationConfigurations", + "type": "array" } }, "required": [ - "AddressFamily", - "IpamScopeId" + "Name", + "RoleArn", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::IPAMPool" + "AWS::DataBrew::Job" ], "type": "string" }, @@ -71172,304 +76761,433 @@ ], "type": "object" }, - "AWS::EC2::IPAMPool.ProvisionedCidr": { + "AWS::DataBrew::Job.AllowedStatistics": { "additionalProperties": false, "properties": { - "Cidr": { - "markdownDescription": "The CIDR provisioned to the IPAM pool. A CIDR is a representation of an IP address and its associated network mask (or netmask) and refers to a range of IP addresses. An IPv4 CIDR example is `10.24.34.0/23` . An IPv6 CIDR example is `2001:DB8::/32` .", - "title": "Cidr", - "type": "string" + "Statistics": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more column statistics to allow for columns that contain detected entities.", + "title": "Statistics", + "type": "array" } }, "required": [ - "Cidr" + "Statistics" ], "type": "object" }, - "AWS::EC2::IPAMPool.SourceResource": { + "AWS::DataBrew::Job.ColumnSelector": { "additionalProperties": false, "properties": { - "ResourceId": { - "markdownDescription": "The source resource ID.", - "title": "ResourceId", - "type": "string" - }, - "ResourceOwner": { - "markdownDescription": "The source resource owner.", - "title": "ResourceOwner", - "type": "string" - }, - "ResourceRegion": { - "markdownDescription": "The source resource Region.", - "title": "ResourceRegion", + "Name": { + "markdownDescription": "The name of a column from a dataset.", + "title": "Name", "type": "string" }, - "ResourceType": { - "markdownDescription": "The source resource type.", - "title": "ResourceType", + "Regex": { + "markdownDescription": "A regular expression for selecting a column from a dataset.", + "title": "Regex", "type": "string" } }, - "required": [ - "ResourceId", - "ResourceOwner", - "ResourceRegion", - "ResourceType" - ], "type": "object" }, - "AWS::EC2::IPAMPoolCidr": { + "AWS::DataBrew::Job.ColumnStatisticsConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Cidr": { - "markdownDescription": "The CIDR provisioned to the IPAM pool. A CIDR is a representation of an IP address and its associated network mask (or netmask) and refers to a range of IP addresses. An IPv4 CIDR example is `10.24.34.0/23` . An IPv6 CIDR example is `2001:DB8::/32` .", - "title": "Cidr", - "type": "string" - }, - "IpamPoolId": { - "markdownDescription": "The ID of the IPAM pool.", - "title": "IpamPoolId", - "type": "string" - }, - "NetmaskLength": { - "markdownDescription": "The netmask length of the CIDR you'd like to provision to a pool. Can be used for provisioning Amazon-provided IPv6 CIDRs to top-level pools and for provisioning CIDRs to pools with source pools. Cannot be used to provision BYOIP CIDRs to top-level pools. \"NetmaskLength\" or \"Cidr\" is required.", - "title": "NetmaskLength", - "type": "number" - } + "Selectors": { + "items": { + "$ref": "#/definitions/AWS::DataBrew::Job.ColumnSelector" }, - "required": [ - "IpamPoolId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::EC2::IPAMPoolCidr" - ], - "type": "string" + "markdownDescription": "List of column selectors. Selectors can be used to select columns from the dataset. When selectors are undefined, configuration will be applied to all supported columns.", + "title": "Selectors", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Statistics": { + "$ref": "#/definitions/AWS::DataBrew::Job.StatisticsConfiguration", + "markdownDescription": "Configuration for evaluations. Statistics can be used to select evaluations and override parameters of evaluations.", + "title": "Statistics" } }, "required": [ - "Type", - "Properties" + "Statistics" ], "type": "object" }, - "AWS::EC2::IPAMResourceDiscovery": { + "AWS::DataBrew::Job.CsvOutputOptions": { "additionalProperties": false, "properties": { - "Condition": { + "Delimiter": { + "markdownDescription": "A single character that specifies the delimiter used to create CSV job output.", + "title": "Delimiter", "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + } + }, + "type": "object" + }, + "AWS::DataBrew::Job.DataCatalogOutput": { + "additionalProperties": false, + "properties": { + "CatalogId": { + "markdownDescription": "The unique identifier of the AWS account that holds the Data Catalog that stores the data.", + "title": "CatalogId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "DatabaseName": { + "markdownDescription": "The name of a database in the Data Catalog.", + "title": "DatabaseName", + "type": "string" }, - "Metadata": { - "type": "object" + "DatabaseOptions": { + "$ref": "#/definitions/AWS::DataBrew::Job.DatabaseTableOutputOptions", + "markdownDescription": "Represents options that specify how and where DataBrew writes the database output generated by recipe jobs.", + "title": "DatabaseOptions" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The resource discovery description.", - "title": "Description", - "type": "string" - }, - "OperatingRegions": { - "items": { - "$ref": "#/definitions/AWS::EC2::IPAMResourceDiscovery.IpamOperatingRegion" - }, - "markdownDescription": "The operating Regions for the resource discovery. Operating Regions are AWS Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only discovers and monitors resources in the AWS Regions you select as operating Regions.", - "title": "OperatingRegions", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A tag is a label that you assign to an AWS resource. Each tag consists of a key and an optional value. You can use tags to search and filter your resources or track your AWS costs.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" + "Overwrite": { + "markdownDescription": "A value that, if true, means that any data in the location specified for output is overwritten with new output. Not supported with DatabaseOptions.", + "title": "Overwrite", + "type": "boolean" }, - "Type": { - "enum": [ - "AWS::EC2::IPAMResourceDiscovery" - ], + "S3Options": { + "$ref": "#/definitions/AWS::DataBrew::Job.S3TableOutputOptions", + "markdownDescription": "Represents options that specify how and where DataBrew writes the Amazon S3 output generated by recipe jobs.", + "title": "S3Options" + }, + "TableName": { + "markdownDescription": "The name of a table in the Data Catalog.", + "title": "TableName", "type": "string" + } + }, + "required": [ + "DatabaseName", + "TableName" + ], + "type": "object" + }, + "AWS::DataBrew::Job.DatabaseOutput": { + "additionalProperties": false, + "properties": { + "DatabaseOptions": { + "$ref": "#/definitions/AWS::DataBrew::Job.DatabaseTableOutputOptions", + "markdownDescription": "Represents options that specify how and where DataBrew writes the database output generated by recipe jobs.", + "title": "DatabaseOptions" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DatabaseOutputMode": { + "markdownDescription": "The output mode to write into the database. Currently supported option: NEW_TABLE.", + "title": "DatabaseOutputMode", + "type": "string" + }, + "GlueConnectionName": { + "markdownDescription": "The AWS Glue connection that stores the connection information for the target database.", + "title": "GlueConnectionName", "type": "string" } }, "required": [ - "Type" + "DatabaseOptions", + "GlueConnectionName" ], "type": "object" }, - "AWS::EC2::IPAMResourceDiscovery.IpamOperatingRegion": { + "AWS::DataBrew::Job.DatabaseTableOutputOptions": { "additionalProperties": false, "properties": { - "RegionName": { - "markdownDescription": "The name of the operating Region.", - "title": "RegionName", + "TableName": { + "markdownDescription": "A prefix for the name of a table DataBrew will create in the database.", + "title": "TableName", "type": "string" + }, + "TempDirectory": { + "$ref": "#/definitions/AWS::DataBrew::Job.S3Location", + "markdownDescription": "Represents an Amazon S3 location (bucket name and object key) where DataBrew can store intermediate results.", + "title": "TempDirectory" } }, "required": [ - "RegionName" + "TableName" ], "type": "object" }, - "AWS::EC2::IPAMResourceDiscoveryAssociation": { + "AWS::DataBrew::Job.EntityDetectorConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "AllowedStatistics": { + "$ref": "#/definitions/AWS::DataBrew::Job.AllowedStatistics", + "markdownDescription": "Configuration of statistics that are allowed to be run on columns that contain detected entities. When undefined, no statistics will be computed on columns that contain detected entities.", + "title": "AllowedStatistics" + }, + "EntityTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "Entity types to detect. Can be any of the following:\n\n- USA_SSN\n- EMAIL\n- USA_ITIN\n- USA_PASSPORT_NUMBER\n- PHONE_NUMBER\n- USA_DRIVING_LICENSE\n- BANK_ACCOUNT\n- CREDIT_CARD\n- IP_ADDRESS\n- MAC_ADDRESS\n- USA_DEA_NUMBER\n- USA_HCPCS_CODE\n- USA_NATIONAL_PROVIDER_IDENTIFIER\n- USA_NATIONAL_DRUG_CODE\n- USA_HEALTH_INSURANCE_CLAIM_NUMBER\n- USA_MEDICARE_BENEFICIARY_IDENTIFIER\n- USA_CPT_CODE\n- PERSON_NAME\n- DATE\n\nThe Entity type group USA_ALL is also supported, and includes all of the above entity types except PERSON_NAME and DATE.", + "title": "EntityTypes", + "type": "array" + } + }, + "required": [ + "EntityTypes" + ], + "type": "object" + }, + "AWS::DataBrew::Job.JobSample": { + "additionalProperties": false, + "properties": { + "Mode": { + "markdownDescription": "A value that determines whether the profile job is run on the entire dataset or a specified number of rows. This value must be one of the following:\n\n- FULL_DATASET - The profile job is run on the entire dataset.\n- CUSTOM_ROWS - The profile job is run on the number of rows specified in the `Size` parameter.", + "title": "Mode", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Size": { + "markdownDescription": "The `Size` parameter is only required when the mode is CUSTOM_ROWS. The profile job is run on the specified number of rows. The maximum value for size is Long.MAX_VALUE.\n\nLong.MAX_VALUE = 9223372036854775807", + "title": "Size", + "type": "number" + } + }, + "type": "object" + }, + "AWS::DataBrew::Job.Output": { + "additionalProperties": false, + "properties": { + "CompressionFormat": { + "markdownDescription": "The compression algorithm used to compress the output text of the job.", + "title": "CompressionFormat", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Format": { + "markdownDescription": "The data format of the output of the job.", + "title": "Format", + "type": "string" }, - "Metadata": { - "type": "object" + "FormatOptions": { + "$ref": "#/definitions/AWS::DataBrew::Job.OutputFormatOptions", + "markdownDescription": "Represents options that define how DataBrew formats job output files.", + "title": "FormatOptions" }, - "Properties": { - "additionalProperties": false, - "properties": { - "IpamId": { - "markdownDescription": "The IPAM ID.", - "title": "IpamId", - "type": "string" - }, - "IpamResourceDiscoveryId": { - "markdownDescription": "The resource discovery ID.", - "title": "IpamResourceDiscoveryId", + "Location": { + "$ref": "#/definitions/AWS::DataBrew::Job.S3Location", + "markdownDescription": "The location in Amazon S3 where the job writes its output.", + "title": "Location" + }, + "MaxOutputFiles": { + "markdownDescription": "The maximum number of files to be generated by the job and written to the output folder.", + "title": "MaxOutputFiles", + "type": "number" + }, + "Overwrite": { + "markdownDescription": "A value that, if true, means that any data in the location specified for output is overwritten with new output.", + "title": "Overwrite", + "type": "boolean" + }, + "PartitionColumns": { + "items": { + "type": "string" + }, + "markdownDescription": "The names of one or more partition columns for the output of the job.", + "title": "PartitionColumns", + "type": "array" + } + }, + "required": [ + "Location" + ], + "type": "object" + }, + "AWS::DataBrew::Job.OutputFormatOptions": { + "additionalProperties": false, + "properties": { + "Csv": { + "$ref": "#/definitions/AWS::DataBrew::Job.CsvOutputOptions", + "markdownDescription": "Represents a set of options that define the structure of comma-separated value (CSV) job output.", + "title": "Csv" + } + }, + "type": "object" + }, + "AWS::DataBrew::Job.OutputLocation": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The Amazon S3 bucket name.", + "title": "Bucket", + "type": "string" + }, + "BucketOwner": { + "markdownDescription": "", + "title": "BucketOwner", + "type": "string" + }, + "Key": { + "markdownDescription": "The unique name of the object in the bucket.", + "title": "Key", + "type": "string" + } + }, + "required": [ + "Bucket" + ], + "type": "object" + }, + "AWS::DataBrew::Job.ProfileConfiguration": { + "additionalProperties": false, + "properties": { + "ColumnStatisticsConfigurations": { + "items": { + "$ref": "#/definitions/AWS::DataBrew::Job.ColumnStatisticsConfiguration" + }, + "markdownDescription": "List of configurations for column evaluations. ColumnStatisticsConfigurations are used to select evaluations and override parameters of evaluations for particular columns. When ColumnStatisticsConfigurations is undefined, the profile job will profile all supported columns and run all supported evaluations.", + "title": "ColumnStatisticsConfigurations", + "type": "array" + }, + "DatasetStatisticsConfiguration": { + "$ref": "#/definitions/AWS::DataBrew::Job.StatisticsConfiguration", + "markdownDescription": "Configuration for inter-column evaluations. Configuration can be used to select evaluations and override parameters of evaluations. When configuration is undefined, the profile job will run all supported inter-column evaluations.", + "title": "DatasetStatisticsConfiguration" + }, + "EntityDetectorConfiguration": { + "$ref": "#/definitions/AWS::DataBrew::Job.EntityDetectorConfiguration", + "markdownDescription": "Configuration of entity detection for a profile job. When undefined, entity detection is disabled.", + "title": "EntityDetectorConfiguration" + }, + "ProfileColumns": { + "items": { + "$ref": "#/definitions/AWS::DataBrew::Job.ColumnSelector" + }, + "markdownDescription": "List of column selectors. ProfileColumns can be used to select columns from the dataset. When ProfileColumns is undefined, the profile job will profile all supported columns.", + "title": "ProfileColumns", + "type": "array" + } + }, + "type": "object" + }, + "AWS::DataBrew::Job.Recipe": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The unique name for the recipe.", + "title": "Name", + "type": "string" + }, + "Version": { + "markdownDescription": "The identifier for the version for the recipe.", + "title": "Version", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::DataBrew::Job.S3Location": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The Amazon S3 bucket name.", + "title": "Bucket", + "type": "string" + }, + "BucketOwner": { + "markdownDescription": "The AWS account ID of the bucket owner.", + "title": "BucketOwner", + "type": "string" + }, + "Key": { + "markdownDescription": "The unique name of the object in the bucket.", + "title": "Key", + "type": "string" + } + }, + "required": [ + "Bucket" + ], + "type": "object" + }, + "AWS::DataBrew::Job.S3TableOutputOptions": { + "additionalProperties": false, + "properties": { + "Location": { + "$ref": "#/definitions/AWS::DataBrew::Job.S3Location", + "markdownDescription": "Represents an Amazon S3 location (bucket name and object key) where DataBrew can write output from a job.", + "title": "Location" + } + }, + "required": [ + "Location" + ], + "type": "object" + }, + "AWS::DataBrew::Job.StatisticOverride": { + "additionalProperties": false, + "properties": { + "Parameters": { + "additionalProperties": true, + "markdownDescription": "A map that includes overrides of an evaluation\u2019s parameters.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A tag is a label that you assign to an AWS resource. Each tag consists of a key and an optional value. You can use tags to search and filter your resources or track your AWS costs.", - "title": "Tags", - "type": "array" } }, - "required": [ - "IpamId", - "IpamResourceDiscoveryId" - ], + "title": "Parameters", "type": "object" }, - "Type": { - "enum": [ - "AWS::EC2::IPAMResourceDiscoveryAssociation" - ], + "Statistic": { + "markdownDescription": "The name of an evaluation", + "title": "Statistic", "type": "string" + } + }, + "required": [ + "Parameters", + "Statistic" + ], + "type": "object" + }, + "AWS::DataBrew::Job.StatisticsConfiguration": { + "additionalProperties": false, + "properties": { + "IncludedStatistics": { + "items": { + "type": "string" + }, + "markdownDescription": "List of included evaluations. When the list is undefined, all supported evaluations will be included.", + "title": "IncludedStatistics", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Overrides": { + "items": { + "$ref": "#/definitions/AWS::DataBrew::Job.StatisticOverride" + }, + "markdownDescription": "List of overrides for evaluations.", + "title": "Overrides", + "type": "array" + } + }, + "type": "object" + }, + "AWS::DataBrew::Job.ValidationConfiguration": { + "additionalProperties": false, + "properties": { + "RulesetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the ruleset to be validated in the profile job. The TargetArn of the selected ruleset should be the same as the Amazon Resource Name (ARN) of the dataset that is associated with the profile job.", + "title": "RulesetArn", + "type": "string" + }, + "ValidationMode": { + "markdownDescription": "Mode of data quality validation. Default mode is \u201cCHECK_ALL\u201d which verifies all rules defined in the selected ruleset.", + "title": "ValidationMode", "type": "string" } }, "required": [ - "Type", - "Properties" + "RulesetArn" ], "type": "object" }, - "AWS::EC2::IPAMScope": { + "AWS::DataBrew::Project": { "additionalProperties": false, "properties": { "Condition": { @@ -71504,33 +77222,51 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the scope.", - "title": "Description", + "DatasetName": { + "markdownDescription": "The dataset that the project is to act upon.", + "title": "DatasetName", "type": "string" }, - "IpamId": { - "markdownDescription": "The ID of the IPAM for which you're creating this scope.", - "title": "IpamId", + "Name": { + "markdownDescription": "The unique name of a project.", + "title": "Name", + "type": "string" + }, + "RecipeName": { + "markdownDescription": "The name of a recipe that will be developed during a project session.", + "title": "RecipeName", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role that will be assumed for this project.", + "title": "RoleArn", "type": "string" }, + "Sample": { + "$ref": "#/definitions/AWS::DataBrew::Project.Sample", + "markdownDescription": "The sample size and sampling type to apply to the data. If this parameter isn't specified, then the sample consists of the first 500 rows from the dataset.", + "title": "Sample" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key `Owner` and the value `TeamA` , specify `tag:Owner` for the filter name and `TeamA` for the filter value.", + "markdownDescription": "Metadata tags that have been applied to the project.", "title": "Tags", "type": "array" } }, "required": [ - "IpamId" + "DatasetName", + "Name", + "RecipeName", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::IPAMScope" + "AWS::DataBrew::Project" ], "type": "string" }, @@ -71549,15 +77285,31 @@ ], "type": "object" }, - "AWS::EC2::Instance": { + "AWS::DataBrew::Project.Sample": { + "additionalProperties": false, + "properties": { + "Size": { + "markdownDescription": "The number of rows in the sample.", + "title": "Size", + "type": "number" + }, + "Type": { + "markdownDescription": "The way in which DataBrew obtains rows from a dataset.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::DataBrew::Recipe": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, - "CreationPolicy": { - "type": "object" - }, "DeletionPolicy": { "enum": [ "Delete", @@ -71587,245 +77339,42 @@ "Properties": { "additionalProperties": false, "properties": { - "AdditionalInfo": { - "markdownDescription": "This property is reserved for internal use. If you use it, the stack fails with this error: `Bad property set: [Testing this property] (Service: AmazonEC2; Status Code: 400; Error Code: InvalidParameterCombination; Request ID: 0XXXXXX-49c7-4b40-8bcc-76885dcXXXXX)` .", - "title": "AdditionalInfo", - "type": "string" - }, - "Affinity": { - "markdownDescription": "Indicates whether the instance is associated with a dedicated host. If you want the instance to always restart on the same host on which it was launched, specify `host` . If you want the instance to restart on any available host, but try to launch onto the last host it ran on (on a best-effort basis), specify `default` .", - "title": "Affinity", - "type": "string" - }, - "AvailabilityZone": { - "markdownDescription": "The Availability Zone of the instance.\n\nIf not specified, an Availability Zone will be automatically chosen for you based on the load balancing criteria for the Region.\n\nThis parameter is not supported by [DescribeImageAttribute](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeImageAttribute.html) .", - "title": "AvailabilityZone", - "type": "string" - }, - "BlockDeviceMappings": { - "items": { - "$ref": "#/definitions/AWS::EC2::Instance.BlockDeviceMapping" - }, - "markdownDescription": "The block device mapping entries that defines the block devices to attach to the instance at launch.\n\nBy default, the block devices specified in the block device mapping for the AMI are used. You can override the AMI block device mapping using the instance block device mapping. For the root volume, you can override only the volume size, volume type, volume encryption settings, and the `DeleteOnTermination` setting.\n\n> After the instance is running, you can modify only the `DeleteOnTermination` parameter for the attached volumes without interrupting the instance. Modifying any other parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "BlockDeviceMappings", - "type": "array" - }, - "CpuOptions": { - "$ref": "#/definitions/AWS::EC2::Instance.CpuOptions", - "markdownDescription": "The CPU options for the instance. For more information, see [Optimize CPU options](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html) in the *Amazon Elastic Compute Cloud User Guide* .", - "title": "CpuOptions" - }, - "CreditSpecification": { - "$ref": "#/definitions/AWS::EC2::Instance.CreditSpecification", - "markdownDescription": "The credit option for CPU usage of the burstable performance instance. Valid values are `standard` and `unlimited` . To change this attribute after launch, use [ModifyInstanceCreditSpecification](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyInstanceCreditSpecification.html) . For more information, see [Burstable performance instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) in the *Amazon EC2 User Guide* .\n\nDefault: `standard` (T2 instances) or `unlimited` (T3/T3a/T4g instances)\n\nFor T3 instances with `host` tenancy, only `standard` is supported.", - "title": "CreditSpecification" - }, - "DisableApiTermination": { - "markdownDescription": "Indicates whether termination protection is enabled for the instance. The default is `false` , which means that you can terminate the instance using the Amazon EC2 console, command line tools, or API. You can enable termination protection when you launch an instance, while the instance is running, or while the instance is stopped.", - "title": "DisableApiTermination", - "type": "boolean" - }, - "EbsOptimized": { - "markdownDescription": "Indicates whether the instance is optimized for Amazon EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal Amazon EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS-optimized instance.\n\nDefault: `false`", - "title": "EbsOptimized", - "type": "boolean" - }, - "ElasticGpuSpecifications": { - "items": { - "$ref": "#/definitions/AWS::EC2::Instance.ElasticGpuSpecification" - }, - "markdownDescription": "An elastic GPU to associate with the instance.\n\n> Amazon Elastic Graphics reached end of life on January 8, 2024.", - "title": "ElasticGpuSpecifications", - "type": "array" - }, - "ElasticInferenceAccelerators": { - "items": { - "$ref": "#/definitions/AWS::EC2::Instance.ElasticInferenceAccelerator" - }, - "markdownDescription": "An elastic inference accelerator to associate with the instance.\n\n> Amazon Elastic Inference is no longer available.", - "title": "ElasticInferenceAccelerators", - "type": "array" - }, - "EnclaveOptions": { - "$ref": "#/definitions/AWS::EC2::Instance.EnclaveOptions", - "markdownDescription": "Indicates whether the instance is enabled for AWS Nitro Enclaves.", - "title": "EnclaveOptions" - }, - "HibernationOptions": { - "$ref": "#/definitions/AWS::EC2::Instance.HibernationOptions", - "markdownDescription": "Indicates whether an instance is enabled for hibernation. This parameter is valid only if the instance meets the [hibernation prerequisites](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/hibernating-prerequisites.html) . For more information, see [Hibernate your Amazon EC2 instance](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) in the *Amazon EC2 User Guide* .\n\nYou can't enable hibernation and AWS Nitro Enclaves on the same instance.", - "title": "HibernationOptions" - }, - "HostId": { - "markdownDescription": "If you specify host for the `Affinity` property, the ID of a dedicated host that the instance is associated with. If you don't specify an ID, Amazon EC2 launches the instance onto any available, compatible dedicated host in your account. This type of launch is called an untargeted launch. Note that for untargeted launches, you must have a compatible, dedicated host available to successfully launch instances.", - "title": "HostId", - "type": "string" - }, - "HostResourceGroupArn": { - "markdownDescription": "The ARN of the host resource group in which to launch the instances. If you specify a host resource group ARN, omit the *Tenancy* parameter or set it to `host` .", - "title": "HostResourceGroupArn", - "type": "string" - }, - "IamInstanceProfile": { - "markdownDescription": "The name of an IAM instance profile. To create a new IAM instance profile, use the [AWS::IAM::InstanceProfile](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-instanceprofile.html) resource.", - "title": "IamInstanceProfile", - "type": "string" - }, - "ImageId": { - "markdownDescription": "The ID of the AMI. An AMI ID is required to launch an instance and must be specified here or in a launch template.", - "title": "ImageId", - "type": "string" - }, - "InstanceInitiatedShutdownBehavior": { - "markdownDescription": "Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).\n\nDefault: `stop`", - "title": "InstanceInitiatedShutdownBehavior", - "type": "string" - }, - "InstanceType": { - "markdownDescription": "The instance type. For more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .\n\nWhen you change your EBS-backed instance type, instance restart or replacement behavior depends on the instance type compatibility between the old and new types. An instance with an instance store volume as the root volume is always replaced. For more information, see [Change the instance type](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-resize.html) in the *Amazon EC2 User Guide* .", - "title": "InstanceType", - "type": "string" - }, - "Ipv6AddressCount": { - "markdownDescription": "The number of IPv6 addresses to associate with the primary network interface. Amazon EC2 chooses the IPv6 addresses from the range of your subnet. You cannot specify this option and the option to assign specific IPv6 addresses in the same request. You can specify this option if you've specified a minimum number of instances to launch.\n\nYou cannot specify this option and the network interfaces option in the same request.", - "title": "Ipv6AddressCount", - "type": "number" - }, - "Ipv6Addresses": { - "items": { - "$ref": "#/definitions/AWS::EC2::Instance.InstanceIpv6Address" - }, - "markdownDescription": "The IPv6 addresses from the range of the subnet to associate with the primary network interface. You cannot specify this option and the option to assign a number of IPv6 addresses in the same request. You cannot specify this option if you've specified a minimum number of instances to launch.\n\nYou cannot specify this option and the network interfaces option in the same request.", - "title": "Ipv6Addresses", - "type": "array" - }, - "KernelId": { - "markdownDescription": "The ID of the kernel.\n\n> We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see [PV-GRUB](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) in the *Amazon EC2 User Guide* .", - "title": "KernelId", - "type": "string" - }, - "KeyName": { - "markdownDescription": "The name of the key pair. You can create a key pair using [CreateKeyPair](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateKeyPair.html) or [ImportKeyPair](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportKeyPair.html) .\n\n> If you do not specify a key pair, you can't connect to the instance unless you choose an AMI that is configured to allow users another way to log in.", - "title": "KeyName", - "type": "string" - }, - "LaunchTemplate": { - "$ref": "#/definitions/AWS::EC2::Instance.LaunchTemplateSpecification", - "markdownDescription": "The launch template. Any additional parameters that you specify for the new instance overwrite the corresponding parameters included in the launch template.", - "title": "LaunchTemplate" - }, - "LicenseSpecifications": { - "items": { - "$ref": "#/definitions/AWS::EC2::Instance.LicenseSpecification" - }, - "markdownDescription": "The license configurations.", - "title": "LicenseSpecifications", - "type": "array" - }, - "Monitoring": { - "markdownDescription": "Specifies whether detailed monitoring is enabled for the instance. Specify `true` to enable detailed monitoring. Otherwise, basic monitoring is enabled. For more information about detailed monitoring, see [Enable or turn off detailed monitoring for your instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-cloudwatch-new.html) in the *Amazon EC2 User Guide* .", - "title": "Monitoring", - "type": "boolean" - }, - "NetworkInterfaces": { - "items": { - "$ref": "#/definitions/AWS::EC2::Instance.NetworkInterface" - }, - "markdownDescription": "The network interfaces to associate with the instance.\n\n> If you use this property to point to a network interface, you must terminate the original interface before attaching a new one to allow the update of the instance to succeed.\n> \n> If this resource has a public IP address and is also in a VPC that is defined in the same template, you must use the [DependsOn Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) to declare a dependency on the VPC-gateway attachment.", - "title": "NetworkInterfaces", - "type": "array" - }, - "PlacementGroupName": { - "markdownDescription": "The name of an existing placement group that you want to launch the instance into (cluster | partition | spread).", - "title": "PlacementGroupName", - "type": "string" - }, - "PrivateDnsNameOptions": { - "$ref": "#/definitions/AWS::EC2::Instance.PrivateDnsNameOptions", - "markdownDescription": "The options for the instance hostname.", - "title": "PrivateDnsNameOptions" - }, - "PrivateIpAddress": { - "markdownDescription": "The primary IPv4 address. You must specify a value from the IPv4 address range of the subnet.\n\nOnly one private IP address can be designated as primary. You can't specify this option if you've specified the option to designate a private IP address as the primary IP address in a network interface specification. You cannot specify this option if you're launching more than one instance in the request.\n\nYou cannot specify this option and the network interfaces option in the same request.\n\nIf you make an update to an instance that requires replacement, you must assign a new private IP address. During a replacement, AWS CloudFormation creates a new instance but doesn't delete the old instance until the stack has successfully updated. If the stack update fails, AWS CloudFormation uses the old instance to roll back the stack to the previous working state. The old and new instances cannot have the same private IP address.", - "title": "PrivateIpAddress", + "Description": { + "markdownDescription": "The description of the recipe.", + "title": "Description", "type": "string" }, - "PropagateTagsToVolumeOnCreation": { - "markdownDescription": "Indicates whether to assign the tags specified in the `Tags` property to the volumes specified in the `BlockDeviceMappings` property.\n\nNote that using this feature does not assign the tags to volumes that are created separately and then attached using `AWS::EC2::VolumeAttachment` .", - "title": "PropagateTagsToVolumeOnCreation", - "type": "boolean" - }, - "RamdiskId": { - "markdownDescription": "The ID of the RAM disk to select. Some kernels require additional drivers at launch. Check the kernel requirements for information about whether you need to specify a RAM disk. To find kernel requirements, go to the AWS Resource Center and search for the kernel ID.\n\n> We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see [PV-GRUB](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) in the *Amazon EC2 User Guide* .", - "title": "RamdiskId", + "Name": { + "markdownDescription": "The unique name for the recipe.", + "title": "Name", "type": "string" }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the security groups. You can specify the IDs of existing security groups and references to resources created by the stack template.\n\nIf you specify a network interface, you must specify any security groups as part of the network interface.", - "title": "SecurityGroupIds", - "type": "array" - }, - "SecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "[Default VPC] The names of the security groups. For a nondefault VPC, you must use security group IDs instead.\n\nYou cannot specify this option and the network interfaces option in the same request. The list can contain both the name of existing Amazon EC2 security groups or references to AWS::EC2::SecurityGroup resources created in the template.\n\nDefault: Amazon EC2 uses the default security group.", - "title": "SecurityGroups", - "type": "array" - }, - "SourceDestCheck": { - "markdownDescription": "Enable or disable source/destination checks, which ensure that the instance is either the source or the destination of any traffic that it receives. If the value is `true` , source/destination checks are enabled; otherwise, they are disabled. The default value is `true` . You must disable source/destination checks if the instance runs services such as network address translation, routing, or firewalls.", - "title": "SourceDestCheck", - "type": "boolean" - }, - "SsmAssociations": { + "Steps": { "items": { - "$ref": "#/definitions/AWS::EC2::Instance.SsmAssociation" + "$ref": "#/definitions/AWS::DataBrew::Recipe.RecipeStep" }, - "markdownDescription": "The SSM [document](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-document.html) and parameter values in AWS Systems Manager to associate with this instance. To use this property, you must specify an IAM instance profile role for the instance. For more information, see [Create an IAM instance profile for Systems Manager](https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-configuring-access-role.html) in the *AWS Systems Manager User Guide* .\n\n> You can associate only one document with an instance.", - "title": "SsmAssociations", + "markdownDescription": "A list of steps that are defined by the recipe.", + "title": "Steps", "type": "array" }, - "SubnetId": { - "markdownDescription": "The ID of the subnet to launch the instance into.\n\nIf you specify a network interface, you must specify any subnets as part of the network interface instead of using this parameter.", - "title": "SubnetId", - "type": "string" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to add to the instance. These tags are not applied to the EBS volumes, such as the root volume, unless [PropagateTagsToVolumeOnCreation](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html#cfn-ec2-instance-propagatetagstovolumeoncreation) is `true` .", + "markdownDescription": "Metadata tags that have been applied to the recipe.", "title": "Tags", "type": "array" - }, - "Tenancy": { - "markdownDescription": "The tenancy of the instance. An instance with a tenancy of `dedicated` runs on single-tenant hardware.", - "title": "Tenancy", - "type": "string" - }, - "UserData": { - "markdownDescription": "The parameters or scripts to store as user data. Any scripts in user data are run when you launch the instance. User data is limited to 16 KB. You must provide base64-encoded text. For more information, see [Fn::Base64](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-base64.html) .\n\nIf the root volume is an EBS volume and you update user data, CloudFormation restarts the instance. If the root volume is an instance store volume and you update user data, the instance is replaced.", - "title": "UserData", - "type": "string" - }, - "Volumes": { - "items": { - "$ref": "#/definitions/AWS::EC2::Instance.Volume" - }, - "markdownDescription": "The volumes to attach to the instance.", - "title": "Volumes", - "type": "array" } }, + "required": [ + "Name", + "Steps" + ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::Instance" + "AWS::DataBrew::Recipe" ], "type": "string" }, @@ -71839,404 +77388,675 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::EC2::Instance.AssociationParameter": { + "AWS::DataBrew::Recipe.Action": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The name of an input parameter that is in the associated SSM document.", - "title": "Key", + "Operation": { + "markdownDescription": "The name of a valid DataBrew transformation to be performed on the data.", + "title": "Operation", "type": "string" }, - "Value": { - "items": { - "type": "string" - }, - "markdownDescription": "The value of an input parameter.", - "title": "Value", - "type": "array" + "Parameters": { + "$ref": "#/definitions/AWS::DataBrew::Recipe.RecipeParameters", + "markdownDescription": "Contextual parameters for the transformation.", + "title": "Parameters" } }, "required": [ - "Key", - "Value" + "Operation" ], "type": "object" }, - "AWS::EC2::Instance.BlockDeviceMapping": { + "AWS::DataBrew::Recipe.ConditionExpression": { "additionalProperties": false, "properties": { - "DeviceName": { - "markdownDescription": "The device name (for example, `/dev/sdh` or `xvdh` ).\n\n> After the instance is running, this parameter is used to specify the device name of the block device mapping to update.", - "title": "DeviceName", + "Condition": { + "markdownDescription": "A specific condition to apply to a recipe action. For more information, see [Recipe structure](https://docs.aws.amazon.com/databrew/latest/dg/recipe-structure.html) in the *AWS Glue DataBrew Developer Guide* .", + "title": "Condition", "type": "string" }, - "Ebs": { - "$ref": "#/definitions/AWS::EC2::Instance.Ebs", - "markdownDescription": "Parameters used to automatically set up EBS volumes when the instance is launched.\n\n> After the instance is running, you can modify only the `DeleteOnTermination` parameter for the attached volumes without interrupting the instance. Modifying any other parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) .", - "title": "Ebs" - }, - "NoDevice": { - "markdownDescription": "To omit the device from the block device mapping, specify an empty string.\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "NoDevice", - "type": "object" + "TargetColumn": { + "markdownDescription": "A column to apply this condition to.", + "title": "TargetColumn", + "type": "string" }, - "VirtualName": { - "markdownDescription": "The virtual device name ( `ephemeral` N). The name must be in the form `ephemeral` *X* where *X* is a number starting from zero (0). For example, an instance type with 2 available instance store volumes can specify mappings for `ephemeral0` and `ephemeral1` . The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume.\n\nNVMe instance store volumes are automatically enumerated and assigned a device name. Including them in your block device mapping has no effect.\n\n*Constraints* : For M3 instances, you must specify instance store volumes in the block device mapping for the instance. When you launch an M3 instance, we ignore any instance store volumes specified in the block device mapping for the AMI.\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "VirtualName", + "Value": { + "markdownDescription": "A value that the condition must evaluate to for the condition to succeed.", + "title": "Value", "type": "string" } }, "required": [ - "DeviceName" + "Condition", + "TargetColumn" ], "type": "object" }, - "AWS::EC2::Instance.CpuOptions": { + "AWS::DataBrew::Recipe.DataCatalogInputDefinition": { "additionalProperties": false, "properties": { - "CoreCount": { - "markdownDescription": "The number of CPU cores for the instance.", - "title": "CoreCount", - "type": "number" + "CatalogId": { + "markdownDescription": "The unique identifier of the AWS account that holds the Data Catalog that stores the data.", + "title": "CatalogId", + "type": "string" }, - "ThreadsPerCore": { - "markdownDescription": "The number of threads per CPU core.", - "title": "ThreadsPerCore", - "type": "number" + "DatabaseName": { + "markdownDescription": "The name of a database in the Data Catalog.", + "title": "DatabaseName", + "type": "string" + }, + "TableName": { + "markdownDescription": "The name of a database table in the Data Catalog. This table corresponds to a DataBrew dataset.", + "title": "TableName", + "type": "string" + }, + "TempDirectory": { + "$ref": "#/definitions/AWS::DataBrew::Recipe.S3Location", + "markdownDescription": "Represents an Amazon location where DataBrew can store intermediate results.", + "title": "TempDirectory" } }, "type": "object" }, - "AWS::EC2::Instance.CreditSpecification": { + "AWS::DataBrew::Recipe.Input": { "additionalProperties": false, "properties": { - "CPUCredits": { - "markdownDescription": "The credit option for CPU usage of the instance.\n\nValid values: `standard` | `unlimited`\n\nT3 instances with `host` tenancy do not support the `unlimited` CPU credit option.", - "title": "CPUCredits", - "type": "string" + "DataCatalogInputDefinition": { + "$ref": "#/definitions/AWS::DataBrew::Recipe.DataCatalogInputDefinition", + "markdownDescription": "The AWS Glue Data Catalog parameters for the data.", + "title": "DataCatalogInputDefinition" + }, + "S3InputDefinition": { + "$ref": "#/definitions/AWS::DataBrew::Recipe.S3Location", + "markdownDescription": "The Amazon S3 location where the data is stored.", + "title": "S3InputDefinition" } }, "type": "object" }, - "AWS::EC2::Instance.Ebs": { + "AWS::DataBrew::Recipe.RecipeParameters": { "additionalProperties": false, "properties": { - "DeleteOnTermination": { - "markdownDescription": "Indicates whether the EBS volume is deleted on instance termination. For more information, see [Preserving Amazon EBS volumes on instance termination](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#preserving-volumes-on-termination) in the *Amazon EC2 User Guide* .", - "title": "DeleteOnTermination", - "type": "boolean" + "AggregateFunction": { + "markdownDescription": "The name of an aggregation function to apply.", + "title": "AggregateFunction", + "type": "string" }, - "Encrypted": { - "markdownDescription": "Indicates whether the volume should be encrypted. The effect of setting the encryption state to `true` depends on the volume origin (new or from a snapshot), starting encryption state, ownership, and whether encryption by default is enabled. For more information, see [Encryption by default](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#encryption-by-default) in the *Amazon Elastic Compute Cloud User Guide* .\n\nEncrypted Amazon EBS volumes must be attached to instances that support Amazon EBS encryption. For more information, see [Supported instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#EBSEncryption_supported_instances) .\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "Encrypted", - "type": "boolean" + "Base": { + "markdownDescription": "The number of digits used in a counting system.", + "title": "Base", + "type": "string" }, - "Iops": { - "markdownDescription": "The number of I/O operations per second (IOPS). For `gp3` , `io1` , and `io2` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n\nThe following are the supported values for each volume type:\n\n- `gp3` : 3,000-16,000 IOPS\n- `io1` : 100-64,000 IOPS\n- `io2` : 100-64,000 IOPS\n\nFor `io1` and `io2` volumes, we guarantee 64,000 IOPS only for [Instances built on the Nitro System](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances) . Other instance families guarantee performance up to 32,000 IOPS.\n\nThis parameter is required for `io1` and `io2` volumes. The default for `gp3` volumes is 3,000 IOPS. This parameter is not supported for `gp2` , `st1` , `sc1` , or `standard` volumes.\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "Iops", - "type": "number" + "CaseStatement": { + "markdownDescription": "A case statement associated with a recipe.", + "title": "CaseStatement", + "type": "string" }, - "KmsKeyId": { - "markdownDescription": "The identifier of the AWS KMS key to use for Amazon EBS encryption. If `KmsKeyId` is specified, the encrypted state must be `true` . If the encrypted state is `true` but you do not specify `KmsKeyId` , your KMS key for EBS is used.\n\nYou can specify the KMS key using any of the following:\n\n- Key ID. For example, 1234abcd-12ab-34cd-56ef-1234567890ab.\n- Key alias. For example, alias/ExampleAlias.\n- Key ARN. For example, arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab.\n- Alias ARN. For example, arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias.\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "KmsKeyId", + "CategoryMap": { + "markdownDescription": "A category map used for one-hot encoding.", + "title": "CategoryMap", "type": "string" }, - "SnapshotId": { - "markdownDescription": "The ID of the snapshot.\n\nIf you specify both `SnapshotId` and `VolumeSize` , `VolumeSize` must be equal or greater than the size of the snapshot.\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "SnapshotId", + "CharsToRemove": { + "markdownDescription": "Characters to remove from a step that applies one-hot encoding or tokenization.", + "title": "CharsToRemove", "type": "string" }, - "VolumeSize": { - "markdownDescription": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. If you specify a snapshot, the default is the snapshot size. You can specify a volume size that is equal to or larger than the snapshot size.\n\nThe following are the supported volumes sizes for each volume type:\n\n- `gp2` and `gp3` :1-16,384\n- `io1` and `io2` : 4-16,384\n- `st1` and `sc1` : 125-16,384\n- `standard` : 1-1,024\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "VolumeSize", - "type": "number" + "CollapseConsecutiveWhitespace": { + "markdownDescription": "Remove any non-word non-punctuation character.", + "title": "CollapseConsecutiveWhitespace", + "type": "string" }, - "VolumeType": { - "markdownDescription": "The volume type. For more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) in the *Amazon EC2 User Guide* . If the volume type is `io1` or `io2` , you must specify the IOPS that the volume supports.\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "VolumeType", + "ColumnDataType": { + "markdownDescription": "The data type of the column.", + "title": "ColumnDataType", "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::Instance.ElasticGpuSpecification": { - "additionalProperties": false, - "properties": { - "Type": { - "markdownDescription": "The type of Elastic Graphics accelerator.", - "title": "Type", + }, + "ColumnRange": { + "markdownDescription": "A range of columns to which a step is applied.", + "title": "ColumnRange", "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::EC2::Instance.ElasticInferenceAccelerator": { - "additionalProperties": false, - "properties": { + }, "Count": { - "markdownDescription": "The number of elastic inference accelerators to attach to the instance.", + "markdownDescription": "The number of times a string needs to be repeated.", "title": "Count", - "type": "number" - }, - "Type": { - "markdownDescription": "The type of elastic inference accelerator. The possible values are `eia1.medium` , `eia1.large` , `eia1.xlarge` , `eia2.medium` , `eia2.large` , and `eia2.xlarge` .", - "title": "Type", "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::EC2::Instance.EnclaveOptions": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "If this parameter is set to `true` , the instance is enabled for AWS Nitro Enclaves; otherwise, it is not enabled for AWS Nitro Enclaves.", - "title": "Enabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::EC2::Instance.HibernationOptions": { - "additionalProperties": false, - "properties": { - "Configured": { - "markdownDescription": "Set to `true` to enable your instance for hibernation.\n\nFor Spot Instances, if you set `Configured` to `true` , either omit the `InstanceInterruptionBehavior` parameter (for [`SpotMarketOptions`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotMarketOptions.html) ), or set it to `hibernate` . When `Configured` is true:\n\n- If you omit `InstanceInterruptionBehavior` , it defaults to `hibernate` .\n- If you set `InstanceInterruptionBehavior` to a value other than `hibernate` , you'll get an error.\n\nDefault: `false`", - "title": "Configured", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::EC2::Instance.InstanceIpv6Address": { - "additionalProperties": false, - "properties": { - "Ipv6Address": { - "markdownDescription": "The IPv6 address.", - "title": "Ipv6Address", + }, + "CustomCharacters": { + "markdownDescription": "One or more characters that can be substituted or removed, depending on the context.", + "title": "CustomCharacters", "type": "string" - } - }, - "required": [ - "Ipv6Address" - ], - "type": "object" - }, - "AWS::EC2::Instance.LaunchTemplateSpecification": { - "additionalProperties": false, - "properties": { - "LaunchTemplateId": { - "markdownDescription": "The ID of the launch template.\n\nYou must specify either the launch template ID or the launch template name, but not both.", - "title": "LaunchTemplateId", + }, + "CustomStopWords": { + "markdownDescription": "A list of words to ignore in a step that applies word tokenization.", + "title": "CustomStopWords", "type": "string" }, - "LaunchTemplateName": { - "markdownDescription": "The name of the launch template.\n\nYou must specify either the launch template ID or the launch template name, but not both.", - "title": "LaunchTemplateName", + "CustomValue": { + "markdownDescription": "A list of custom values to use in a step that requires that you provide a value to finish the operation.", + "title": "CustomValue", "type": "string" }, - "Version": { - "markdownDescription": "The version number of the launch template. You must specify this property.\n\nTo specify the default version of the template, use the `Fn::GetAtt` intrinsic function to retrieve the `DefaultVersionNumber` attribute of the launch template. To specify the latest version of the template, use `Fn::GetAtt` to retrieve the `LatestVersionNumber` attribute. For more information, see [AWS::EC2:LaunchTemplate return values for Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html#aws-resource-ec2-launchtemplate-return-values-fn--getatt) .", - "title": "Version", + "DatasetsColumns": { + "markdownDescription": "A list of the dataset columns included in a project.", + "title": "DatasetsColumns", "type": "string" - } - }, - "required": [ - "Version" - ], - "type": "object" - }, - "AWS::EC2::Instance.LicenseSpecification": { - "additionalProperties": false, - "properties": { - "LicenseConfigurationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the license configuration.", - "title": "LicenseConfigurationArn", + }, + "DateAddValue": { + "markdownDescription": "A value that specifies how many units of time to add or subtract for a date math operation.", + "title": "DateAddValue", "type": "string" - } - }, - "required": [ - "LicenseConfigurationArn" - ], - "type": "object" - }, - "AWS::EC2::Instance.NetworkInterface": { - "additionalProperties": false, - "properties": { - "AssociateCarrierIpAddress": { - "markdownDescription": "Indicates whether to assign a carrier IP address to the network interface.\n\nYou can only assign a carrier IP address to a network interface that is in a subnet in a Wavelength Zone. For more information about carrier IP addresses, see [Carrier IP address](https://docs.aws.amazon.com/wavelength/latest/developerguide/how-wavelengths-work.html#provider-owned-ip) in the *AWS Wavelength Developer Guide* .", - "title": "AssociateCarrierIpAddress", - "type": "boolean" }, - "AssociatePublicIpAddress": { - "markdownDescription": "Indicates whether to assign a public IPv4 address to an instance. Applies only if creating a network interface when launching an instance. The network interface must be the primary network interface. If launching into a default subnet, the default value is `true` .\n\nAWS charges for all public IPv4 addresses, including public IPv4 addresses associated with running instances and Elastic IP addresses. For more information, see the *Public IPv4 Address* tab on the [VPC pricing page](https://docs.aws.amazon.com/vpc/pricing/) .", - "title": "AssociatePublicIpAddress", - "type": "boolean" + "DateTimeFormat": { + "markdownDescription": "A date format to apply to a date.", + "title": "DateTimeFormat", + "type": "string" }, - "DeleteOnTermination": { - "markdownDescription": "Indicates whether the network interface is deleted when the instance is terminated. Applies only if creating a network interface when launching an instance.", - "title": "DeleteOnTermination", + "DateTimeParameters": { + "markdownDescription": "A set of parameters associated with a datetime.", + "title": "DateTimeParameters", + "type": "string" + }, + "DeleteOtherRows": { + "markdownDescription": "Determines whether unmapped rows in a categorical mapping should be deleted", + "title": "DeleteOtherRows", + "type": "string" + }, + "Delimiter": { + "markdownDescription": "The delimiter to use when parsing separated values in a text file.", + "title": "Delimiter", + "type": "string" + }, + "EndPattern": { + "markdownDescription": "The end pattern to locate.", + "title": "EndPattern", + "type": "string" + }, + "EndPosition": { + "markdownDescription": "The end position to locate.", + "title": "EndPosition", + "type": "string" + }, + "EndValue": { + "markdownDescription": "The end value to locate.", + "title": "EndValue", + "type": "string" + }, + "ExpandContractions": { + "markdownDescription": "A list of word contractions and what they expand to. For eample: *can't* ; *cannot* ; *can not* .", + "title": "ExpandContractions", + "type": "string" + }, + "Exponent": { + "markdownDescription": "The exponent to apply in an exponential operation.", + "title": "Exponent", + "type": "string" + }, + "FalseString": { + "markdownDescription": "A value that represents `FALSE` .", + "title": "FalseString", + "type": "string" + }, + "GroupByAggFunctionOptions": { + "markdownDescription": "Specifies options to apply to the `GROUP BY` used in an aggregation.", + "title": "GroupByAggFunctionOptions", + "type": "string" + }, + "GroupByColumns": { + "markdownDescription": "The columns to use in the `GROUP BY` clause.", + "title": "GroupByColumns", + "type": "string" + }, + "HiddenColumns": { + "markdownDescription": "A list of columns to hide.", + "title": "HiddenColumns", + "type": "string" + }, + "IgnoreCase": { + "markdownDescription": "Indicates that lower and upper case letters are treated equally.", + "title": "IgnoreCase", + "type": "string" + }, + "IncludeInSplit": { + "markdownDescription": "Indicates if this column is participating in a split transform.", + "title": "IncludeInSplit", + "type": "string" + }, + "Input": { + "$ref": "#/definitions/AWS::DataBrew::Recipe.Input", + "markdownDescription": "The input location to load the dataset from - Amazon S3 or AWS Glue Data Catalog .", + "title": "Input" + }, + "Interval": { + "markdownDescription": "The number of characters to split by.", + "title": "Interval", + "type": "string" + }, + "IsText": { + "markdownDescription": "Indicates if the content is text.", + "title": "IsText", + "type": "string" + }, + "JoinKeys": { + "markdownDescription": "The keys or columns involved in a join.", + "title": "JoinKeys", + "type": "string" + }, + "JoinType": { + "markdownDescription": "The type of join to use, for example, `INNER JOIN` , `OUTER JOIN` , and so on.", + "title": "JoinType", + "type": "string" + }, + "LeftColumns": { + "markdownDescription": "The columns on the left side of the join.", + "title": "LeftColumns", + "type": "string" + }, + "Limit": { + "markdownDescription": "The number of times to perform `split` or `replaceBy` in a string", + "title": "Limit", + "type": "string" + }, + "LowerBound": { + "markdownDescription": "The lower boundary for a value.", + "title": "LowerBound", + "type": "string" + }, + "MapType": { + "markdownDescription": "The type of mappings to apply to construct a new dynamic frame.", + "title": "MapType", + "type": "string" + }, + "ModeType": { + "markdownDescription": "Determines the manner in which mode value is calculated, in case there is more than one mode value. Valid values: `NONE` | `AVERAGE` | `MINIMUM` | `MAXIMUM`", + "title": "ModeType", + "type": "string" + }, + "MultiLine": { + "markdownDescription": "Specifies whether JSON input contains embedded new line characters.", + "title": "MultiLine", "type": "boolean" }, - "Description": { - "markdownDescription": "The description of the network interface. Applies only if creating a network interface when launching an instance.", - "title": "Description", + "NumRows": { + "markdownDescription": "The number of rows to consider in a window.", + "title": "NumRows", "type": "string" }, - "DeviceIndex": { - "markdownDescription": "The position of the network interface in the attachment order. A primary network interface has a device index of 0.\n\nIf you create a network interface when launching an instance, you must specify the device index.", - "title": "DeviceIndex", + "NumRowsAfter": { + "markdownDescription": "The number of rows to consider after the current row in a window", + "title": "NumRowsAfter", "type": "string" }, - "GroupSet": { + "NumRowsBefore": { + "markdownDescription": "The number of rows to consider before the current row in a window", + "title": "NumRowsBefore", + "type": "string" + }, + "OrderByColumn": { + "markdownDescription": "A column to sort the results by.", + "title": "OrderByColumn", + "type": "string" + }, + "OrderByColumns": { + "markdownDescription": "The columns to sort the results by.", + "title": "OrderByColumns", + "type": "string" + }, + "Other": { + "markdownDescription": "The value to assign to unmapped cells, in categorical mapping", + "title": "Other", + "type": "string" + }, + "Pattern": { + "markdownDescription": "The pattern to locate.", + "title": "Pattern", + "type": "string" + }, + "PatternOption1": { + "markdownDescription": "The starting pattern to split between.", + "title": "PatternOption1", + "type": "string" + }, + "PatternOption2": { + "markdownDescription": "The ending pattern to split between.", + "title": "PatternOption2", + "type": "string" + }, + "PatternOptions": { + "markdownDescription": "For splitting by multiple delimiters: A JSON-encoded string that lists the patterns in the format. For example: `[{\\\"pattern\\\":\\\"1\\\",\\\"includeInSplit\\\":true}]`", + "title": "PatternOptions", + "type": "string" + }, + "Period": { + "markdownDescription": "The size of the rolling window.", + "title": "Period", + "type": "string" + }, + "Position": { + "markdownDescription": "The character index within a string", + "title": "Position", + "type": "string" + }, + "RemoveAllPunctuation": { + "markdownDescription": "If `true` , removes all of the following characters: `.` `.!` `.,` `.?`", + "title": "RemoveAllPunctuation", + "type": "string" + }, + "RemoveAllQuotes": { + "markdownDescription": "If `true` , removes all single quotes and double quotes.", + "title": "RemoveAllQuotes", + "type": "string" + }, + "RemoveAllWhitespace": { + "markdownDescription": "If `true` , removes all whitespaces from the value.", + "title": "RemoveAllWhitespace", + "type": "string" + }, + "RemoveCustomCharacters": { + "markdownDescription": "If `true` , removes all chraracters specified by `CustomCharacters` .", + "title": "RemoveCustomCharacters", + "type": "string" + }, + "RemoveCustomValue": { + "markdownDescription": "If `true` , removes all chraracters specified by `CustomValue` .", + "title": "RemoveCustomValue", + "type": "string" + }, + "RemoveLeadingAndTrailingPunctuation": { + "markdownDescription": "If `true` , removes the following characters if they occur at the start or end of the value: `.` `!` `,` `?`", + "title": "RemoveLeadingAndTrailingPunctuation", + "type": "string" + }, + "RemoveLeadingAndTrailingQuotes": { + "markdownDescription": "If `true` , removes single quotes and double quotes from the beginning and end of the value.", + "title": "RemoveLeadingAndTrailingQuotes", + "type": "string" + }, + "RemoveLeadingAndTrailingWhitespace": { + "markdownDescription": "If `true` , removes all whitespaces from the beginning and end of the value.", + "title": "RemoveLeadingAndTrailingWhitespace", + "type": "string" + }, + "RemoveLetters": { + "markdownDescription": "If `true` , removes all uppercase and lowercase alphabetic characters (A through Z; a through z).", + "title": "RemoveLetters", + "type": "string" + }, + "RemoveNumbers": { + "markdownDescription": "If `true` , removes all numeric characters (0 through 9).", + "title": "RemoveNumbers", + "type": "string" + }, + "RemoveSourceColumn": { + "markdownDescription": "If `true` , the source column will be removed after un-nesting that column. (Used with nested column types, such as Map, Struct, or Array.)", + "title": "RemoveSourceColumn", + "type": "string" + }, + "RemoveSpecialCharacters": { + "markdownDescription": "If `true` , removes all of the following characters: `! \" # $ % & ' ( ) * + , - . / : ; < = > ? @ [ \\ ] ^ _ ` { | } ~`", + "title": "RemoveSpecialCharacters", + "type": "string" + }, + "RightColumns": { + "markdownDescription": "The columns on the right side of a join.", + "title": "RightColumns", + "type": "string" + }, + "SampleSize": { + "markdownDescription": "The number of rows in the sample.", + "title": "SampleSize", + "type": "string" + }, + "SampleType": { + "markdownDescription": "The sampling type to apply to the dataset. Valid values: `FIRST_N` | `LAST_N` | `RANDOM`", + "title": "SampleType", + "type": "string" + }, + "SecondInput": { + "markdownDescription": "A object value to indicate the second dataset used in a join.", + "title": "SecondInput", + "type": "string" + }, + "SecondaryInputs": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::DataBrew::Recipe.SecondaryInput" }, - "markdownDescription": "The IDs of the security groups for the network interface. Applies only if creating a network interface when launching an instance.", - "title": "GroupSet", + "markdownDescription": "A list of secondary inputs in a UNION transform", + "title": "SecondaryInputs", "type": "array" }, - "Ipv6AddressCount": { - "markdownDescription": "A number of IPv6 addresses to assign to the network interface. Amazon EC2 chooses the IPv6 addresses from the range of the subnet. You cannot specify this option and the option to assign specific IPv6 addresses in the same request. You can specify this option if you've specified a minimum number of instances to launch.", - "title": "Ipv6AddressCount", - "type": "number" + "SheetIndexes": { + "items": { + "type": "number" + }, + "markdownDescription": "One or more sheet numbers in the Excel file, which will be included in a dataset.", + "title": "SheetIndexes", + "type": "array" }, - "Ipv6Addresses": { + "SheetNames": { "items": { - "$ref": "#/definitions/AWS::EC2::Instance.InstanceIpv6Address" + "type": "string" }, - "markdownDescription": "The IPv6 addresses to assign to the network interface. You cannot specify this option and the option to assign a number of IPv6 addresses in the same request. You cannot specify this option if you've specified a minimum number of instances to launch.", - "title": "Ipv6Addresses", + "markdownDescription": "Oone or more named sheets in the Excel file, which will be included in a dataset.", + "title": "SheetNames", "type": "array" }, - "NetworkInterfaceId": { - "markdownDescription": "The ID of the network interface, when attaching an existing network interface.", - "title": "NetworkInterfaceId", + "SourceColumn": { + "markdownDescription": "A source column needed for an operation, step, or transform.", + "title": "SourceColumn", "type": "string" }, - "PrivateIpAddress": { - "markdownDescription": "The private IPv4 address of the network interface. Applies only if creating a network interface when launching an instance.", - "title": "PrivateIpAddress", + "SourceColumn1": { + "markdownDescription": "A source column needed for an operation, step, or transform.", + "title": "SourceColumn1", "type": "string" }, - "PrivateIpAddresses": { - "items": { - "$ref": "#/definitions/AWS::EC2::Instance.PrivateIpAddressSpecification" - }, - "markdownDescription": "One or more private IPv4 addresses to assign to the network interface. Only one private IPv4 address can be designated as primary.", - "title": "PrivateIpAddresses", - "type": "array" + "SourceColumn2": { + "markdownDescription": "A source column needed for an operation, step, or transform.", + "title": "SourceColumn2", + "type": "string" }, - "SecondaryPrivateIpAddressCount": { - "markdownDescription": "The number of secondary private IPv4 addresses. You can't specify this option and specify more than one private IP address using the private IP addresses option.", - "title": "SecondaryPrivateIpAddressCount", - "type": "number" + "SourceColumns": { + "markdownDescription": "A list of source columns needed for an operation, step, or transform.", + "title": "SourceColumns", + "type": "string" }, - "SubnetId": { - "markdownDescription": "The ID of the subnet associated with the network interface.", - "title": "SubnetId", + "StartColumnIndex": { + "markdownDescription": "The index number of the first column used by an operation, step, or transform.", + "title": "StartColumnIndex", "type": "string" - } - }, - "required": [ - "DeviceIndex" - ], - "type": "object" - }, - "AWS::EC2::Instance.PrivateDnsNameOptions": { - "additionalProperties": false, - "properties": { - "EnableResourceNameDnsAAAARecord": { - "markdownDescription": "Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .", - "title": "EnableResourceNameDnsAAAARecord", - "type": "boolean" }, - "EnableResourceNameDnsARecord": { - "markdownDescription": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .", - "title": "EnableResourceNameDnsARecord", - "type": "boolean" + "StartPattern": { + "markdownDescription": "The starting pattern to locate.", + "title": "StartPattern", + "type": "string" }, - "HostnameType": { - "markdownDescription": "The type of hostnames to assign to instances in the subnet at launch. For IPv4 only subnets, an instance DNS name must be based on the instance IPv4 address. For IPv6 only subnets, an instance DNS name must be based on the instance ID. For dual-stack subnets, you can specify whether DNS names use the instance IPv4 address or the instance ID. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .", - "title": "HostnameType", + "StartPosition": { + "markdownDescription": "The starting position to locate.", + "title": "StartPosition", + "type": "string" + }, + "StartValue": { + "markdownDescription": "The starting value to locate.", + "title": "StartValue", + "type": "string" + }, + "StemmingMode": { + "markdownDescription": "Indicates this operation uses stems and lemmas (base words) for word tokenization.", + "title": "StemmingMode", + "type": "string" + }, + "StepCount": { + "markdownDescription": "The total number of transforms in this recipe.", + "title": "StepCount", + "type": "string" + }, + "StepIndex": { + "markdownDescription": "The index ID of a step.", + "title": "StepIndex", + "type": "string" + }, + "StopWordsMode": { + "markdownDescription": "Indicates this operation uses stop words as part of word tokenization.", + "title": "StopWordsMode", + "type": "string" + }, + "Strategy": { + "markdownDescription": "The resolution strategy to apply in resolving ambiguities.", + "title": "Strategy", + "type": "string" + }, + "TargetColumn": { + "markdownDescription": "The column targeted by this operation.", + "title": "TargetColumn", + "type": "string" + }, + "TargetColumnNames": { + "markdownDescription": "The names to give columns altered by this operation.", + "title": "TargetColumnNames", + "type": "string" + }, + "TargetDateFormat": { + "markdownDescription": "The date format to convert to.", + "title": "TargetDateFormat", + "type": "string" + }, + "TargetIndex": { + "markdownDescription": "The index number of an object that is targeted by this operation.", + "title": "TargetIndex", + "type": "string" + }, + "TimeZone": { + "markdownDescription": "The current timezone that you want to use for dates.", + "title": "TimeZone", + "type": "string" + }, + "TokenizerPattern": { + "markdownDescription": "A regex expression to use when splitting text into terms, also called words or tokens.", + "title": "TokenizerPattern", + "type": "string" + }, + "TrueString": { + "markdownDescription": "A value to use to represent `TRUE` .", + "title": "TrueString", + "type": "string" + }, + "UdfLang": { + "markdownDescription": "The language that's used in the user-defined function.", + "title": "UdfLang", + "type": "string" + }, + "Units": { + "markdownDescription": "Specifies a unit of time. For example: `MINUTES` ; `SECONDS` ; `HOURS` ; etc.", + "title": "Units", + "type": "string" + }, + "UnpivotColumn": { + "markdownDescription": "Cast columns as rows, so that each value is a different row in a single column.", + "title": "UnpivotColumn", + "type": "string" + }, + "UpperBound": { + "markdownDescription": "The upper boundary for a value.", + "title": "UpperBound", + "type": "string" + }, + "UseNewDataFrame": { + "markdownDescription": "Create a new container to hold a dataset.", + "title": "UseNewDataFrame", + "type": "string" + }, + "Value": { + "markdownDescription": "A static value that can be used in a comparison, a substitution, or in another context-specific way. A `Value` can be a number, string, or other datatype, depending on the recipe action in which it's used.", + "title": "Value", + "type": "string" + }, + "Value1": { + "markdownDescription": "A value that's used by this operation.", + "title": "Value1", + "type": "string" + }, + "Value2": { + "markdownDescription": "A value that's used by this operation.", + "title": "Value2", + "type": "string" + }, + "ValueColumn": { + "markdownDescription": "The column that is provided as a value that's used by this operation.", + "title": "ValueColumn", + "type": "string" + }, + "ViewFrame": { + "markdownDescription": "The subset of rows currently available for viewing.", + "title": "ViewFrame", "type": "string" } }, "type": "object" }, - "AWS::EC2::Instance.PrivateIpAddressSpecification": { + "AWS::DataBrew::Recipe.RecipeStep": { "additionalProperties": false, "properties": { - "Primary": { - "markdownDescription": "Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.", - "title": "Primary", - "type": "boolean" + "Action": { + "$ref": "#/definitions/AWS::DataBrew::Recipe.Action", + "markdownDescription": "The particular action to be performed in the recipe step.", + "title": "Action" }, - "PrivateIpAddress": { - "markdownDescription": "The private IPv4 address.", - "title": "PrivateIpAddress", - "type": "string" + "ConditionExpressions": { + "items": { + "$ref": "#/definitions/AWS::DataBrew::Recipe.ConditionExpression" + }, + "markdownDescription": "One or more conditions that must be met for the recipe step to succeed.\n\n> All of the conditions in the array must be met. In other words, all of the conditions must be combined using a logical AND operation.", + "title": "ConditionExpressions", + "type": "array" } }, "required": [ - "Primary", - "PrivateIpAddress" + "Action" ], "type": "object" }, - "AWS::EC2::Instance.SsmAssociation": { + "AWS::DataBrew::Recipe.S3Location": { "additionalProperties": false, "properties": { - "AssociationParameters": { - "items": { - "$ref": "#/definitions/AWS::EC2::Instance.AssociationParameter" - }, - "markdownDescription": "The input parameter values to use with the associated SSM document.", - "title": "AssociationParameters", - "type": "array" + "Bucket": { + "markdownDescription": "The Amazon S3 bucket name.", + "title": "Bucket", + "type": "string" }, - "DocumentName": { - "markdownDescription": "The name of an SSM document to associate with the instance.", - "title": "DocumentName", + "Key": { + "markdownDescription": "The unique name of the object in the bucket.", + "title": "Key", "type": "string" } }, "required": [ - "DocumentName" + "Bucket" ], "type": "object" }, - "AWS::EC2::Instance.Volume": { + "AWS::DataBrew::Recipe.SecondaryInput": { "additionalProperties": false, "properties": { - "Device": { - "markdownDescription": "The device name (for example, `/dev/sdh` or `xvdh` ).", - "title": "Device", - "type": "string" + "DataCatalogInputDefinition": { + "$ref": "#/definitions/AWS::DataBrew::Recipe.DataCatalogInputDefinition", + "markdownDescription": "The AWS Glue Data Catalog parameters for the data.", + "title": "DataCatalogInputDefinition" }, - "VolumeId": { - "markdownDescription": "The ID of the EBS volume. The volume and instance must be within the same Availability Zone.", - "title": "VolumeId", - "type": "string" + "S3InputDefinition": { + "$ref": "#/definitions/AWS::DataBrew::Recipe.S3Location", + "markdownDescription": "The Amazon S3 location where the data is stored.", + "title": "S3InputDefinition" } }, - "required": [ - "Device", - "VolumeId" - ], "type": "object" }, - "AWS::EC2::InstanceConnectEndpoint": { + "AWS::DataBrew::Ruleset": { "additionalProperties": false, "properties": { "Condition": { @@ -72271,46 +78091,48 @@ "Properties": { "additionalProperties": false, "properties": { - "ClientToken": { - "markdownDescription": "Unique, case-sensitive identifier that you provide to ensure the idempotency of the request.", - "title": "ClientToken", + "Description": { + "markdownDescription": "The description of the ruleset.", + "title": "Description", "type": "string" }, - "PreserveClientIp": { - "markdownDescription": "Indicates whether the client IP address is preserved as the source. The following are the possible values.\n\n- `true` - Use the client IP address as the source.\n- `false` - Use the network interface IP address as the source.\n\nDefault: `false`", - "title": "PreserveClientIp", - "type": "boolean" + "Name": { + "markdownDescription": "The name of the ruleset.", + "title": "Name", + "type": "string" }, - "SecurityGroupIds": { + "Rules": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::DataBrew::Ruleset.Rule" }, - "markdownDescription": "One or more security groups to associate with the endpoint. If you don't specify a security group, the default security group for your VPC will be associated with the endpoint.", - "title": "SecurityGroupIds", + "markdownDescription": "Contains metadata about the ruleset.", + "title": "Rules", "type": "array" }, - "SubnetId": { - "markdownDescription": "The ID of the subnet in which to create the EC2 Instance Connect Endpoint.", - "title": "SubnetId", - "type": "string" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to apply to the EC2 Instance Connect Endpoint during creation.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" + }, + "TargetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of a resource (dataset) that the ruleset is associated with.", + "title": "TargetArn", + "type": "string" } }, "required": [ - "SubnetId" + "Name", + "Rules", + "TargetArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::InstanceConnectEndpoint" + "AWS::DataBrew::Ruleset" ], "type": "string" }, @@ -72329,73 +78151,113 @@ ], "type": "object" }, - "AWS::EC2::InternetGateway": { + "AWS::DataBrew::Ruleset.ColumnSelector": { "additionalProperties": false, "properties": { - "Condition": { + "Name": { + "markdownDescription": "The name of a column from a dataset.", + "title": "Name", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Regex": { + "markdownDescription": "A regular expression for selecting a column from a dataset.", + "title": "Regex", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataBrew::Ruleset.Rule": { + "additionalProperties": false, + "properties": { + "CheckExpression": { + "markdownDescription": "The expression which includes column references, condition names followed by variable references, possibly grouped and combined with other conditions. For example, `(:col1 starts_with :prefix1 or :col1 starts_with :prefix2) and (:col1 ends_with :suffix1 or :col1 ends_with :suffix2)` . Column and value references are substitution variables that should start with the ':' symbol. Depending on the context, substitution variables' values can be either an actual value or a column name. These values are defined in the SubstitutionMap. If a CheckExpression starts with a column reference, then ColumnSelectors in the rule should be null. If ColumnSelectors has been defined, then there should be no columnn reference in the left side of a condition, for example, `is_between :val1 and :val2` .", + "title": "CheckExpression", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ColumnSelectors": { + "items": { + "$ref": "#/definitions/AWS::DataBrew::Ruleset.ColumnSelector" + }, + "markdownDescription": "List of column selectors. Selectors can be used to select columns using a name or regular expression from the dataset. Rule will be applied to selected columns.", + "title": "ColumnSelectors", + "type": "array" }, - "Metadata": { - "type": "object" + "Disabled": { + "markdownDescription": "A value that specifies whether the rule is disabled. Once a rule is disabled, a profile job will not validate it during a job run. Default value is false.", + "title": "Disabled", + "type": "boolean" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Any tags to assign to the internet gateway.", - "title": "Tags", - "type": "array" - } + "Name": { + "markdownDescription": "The name of the rule.", + "title": "Name", + "type": "string" + }, + "SubstitutionMap": { + "items": { + "$ref": "#/definitions/AWS::DataBrew::Ruleset.SubstitutionValue" }, - "type": "object" + "markdownDescription": "The map of substitution variable names to their values used in a check expression. Variable names should start with a ':' (colon). Variable values can either be actual values or column names. To differentiate between the two, column names should be enclosed in backticks, for example, `\":col1\": \"`Column A`\".`", + "title": "SubstitutionMap", + "type": "array" + }, + "Threshold": { + "$ref": "#/definitions/AWS::DataBrew::Ruleset.Threshold", + "markdownDescription": "The threshold used with a non-aggregate check expression. Non-aggregate check expressions will be applied to each row in a specific column, and the threshold will be used to determine whether the validation succeeds.", + "title": "Threshold" + } + }, + "required": [ + "CheckExpression", + "Name" + ], + "type": "object" + }, + "AWS::DataBrew::Ruleset.SubstitutionValue": { + "additionalProperties": false, + "properties": { + "Value": { + "markdownDescription": "Value or column name.", + "title": "Value", + "type": "string" }, + "ValueReference": { + "markdownDescription": "Variable name.", + "title": "ValueReference", + "type": "string" + } + }, + "required": [ + "Value", + "ValueReference" + ], + "type": "object" + }, + "AWS::DataBrew::Ruleset.Threshold": { + "additionalProperties": false, + "properties": { "Type": { - "enum": [ - "AWS::EC2::InternetGateway" - ], + "markdownDescription": "The type of a threshold. Used for comparison of an actual count of rows that satisfy the rule to the threshold value.", + "title": "Type", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Unit": { + "markdownDescription": "Unit of threshold value. Can be either a COUNT or PERCENTAGE of the full sample size used for validation.", + "title": "Unit", "type": "string" + }, + "Value": { + "markdownDescription": "The value of a threshold.", + "title": "Value", + "type": "number" } }, "required": [ - "Type" + "Value" ], "type": "object" }, - "AWS::EC2::KeyPair": { + "AWS::DataBrew::Schedule": { "additionalProperties": false, "properties": { "Condition": { @@ -72430,43 +78292,42 @@ "Properties": { "additionalProperties": false, "properties": { - "KeyFormat": { - "markdownDescription": "The format of the key pair.\n\nDefault: `pem`", - "title": "KeyFormat", - "type": "string" - }, - "KeyName": { - "markdownDescription": "A unique name for the key pair.\n\nConstraints: Up to 255 ASCII characters", - "title": "KeyName", + "CronExpression": { + "markdownDescription": "The dates and times when the job is to run. For more information, see [Working with cron expressions for recipe jobs](https://docs.aws.amazon.com/databrew/latest/dg/jobs.recipe.html#jobs.cron) in the *AWS Glue DataBrew Developer Guide* .", + "title": "CronExpression", "type": "string" }, - "KeyType": { - "markdownDescription": "The type of key pair. Note that ED25519 keys are not supported for Windows instances.\n\nIf the `PublicKeyMaterial` property is specified, the `KeyType` property is ignored, and the key type is inferred from the `PublicKeyMaterial` value.\n\nDefault: `rsa`", - "title": "KeyType", - "type": "string" + "JobNames": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of jobs to be run, according to the schedule.", + "title": "JobNames", + "type": "array" }, - "PublicKeyMaterial": { - "markdownDescription": "The public key material. The `PublicKeyMaterial` property is used to import a key pair. If this property is not specified, then a new key pair will be created.", - "title": "PublicKeyMaterial", + "Name": { + "markdownDescription": "The name of the schedule.", + "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to apply to the key pair.", + "markdownDescription": "Metadata tags that have been applied to the schedule.", "title": "Tags", "type": "array" } }, "required": [ - "KeyName" + "CronExpression", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::KeyPair" + "AWS::DataBrew::Schedule" ], "type": "string" }, @@ -72485,7 +78346,7 @@ ], "type": "object" }, - "AWS::EC2::LaunchTemplate": { + "AWS::DataPipeline::Pipeline": { "additionalProperties": false, "properties": { "Condition": { @@ -72520,38 +78381,62 @@ "Properties": { "additionalProperties": false, "properties": { - "LaunchTemplateData": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.LaunchTemplateData", - "markdownDescription": "The information for the launch template.", - "title": "LaunchTemplateData" + "Activate": { + "markdownDescription": "Indicates whether to validate and start the pipeline or stop an active pipeline. By default, the value is set to `true` .", + "title": "Activate", + "type": "boolean" }, - "LaunchTemplateName": { - "markdownDescription": "A name for the launch template.", - "title": "LaunchTemplateName", + "Description": { + "markdownDescription": "A description of the pipeline.", + "title": "Description", "type": "string" }, - "TagSpecifications": { + "Name": { + "markdownDescription": "The name of the pipeline.", + "title": "Name", + "type": "string" + }, + "ParameterObjects": { "items": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.LaunchTemplateTagSpecification" + "$ref": "#/definitions/AWS::DataPipeline::Pipeline.ParameterObject" }, - "markdownDescription": "The tags to apply to the launch template on creation. To tag the launch template, the resource type must be `launch-template` .\n\nTo specify the tags for resources that are created during instance launch, use [TagSpecifications](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-launchtemplatedata.html#cfn-ec2-launchtemplate-launchtemplatedata-tagspecifications) .", - "title": "TagSpecifications", + "markdownDescription": "The parameter objects used with the pipeline.", + "title": "ParameterObjects", "type": "array" }, - "VersionDescription": { - "markdownDescription": "A description for the first version of the launch template.", - "title": "VersionDescription", - "type": "string" + "ParameterValues": { + "items": { + "$ref": "#/definitions/AWS::DataPipeline::Pipeline.ParameterValue" + }, + "markdownDescription": "The parameter values used with the pipeline.", + "title": "ParameterValues", + "type": "array" + }, + "PipelineObjects": { + "items": { + "$ref": "#/definitions/AWS::DataPipeline::Pipeline.PipelineObject" + }, + "markdownDescription": "The objects that define the pipeline. These objects overwrite the existing pipeline definition. Not all objects, fields, and values can be updated. For information about restrictions, see [Editing Your Pipeline](https://docs.aws.amazon.com/datapipeline/latest/DeveloperGuide/dp-manage-pipeline-modify-console.html) in the *AWS Data Pipeline Developer Guide* .", + "title": "PipelineObjects", + "type": "array" + }, + "PipelineTags": { + "items": { + "$ref": "#/definitions/AWS::DataPipeline::Pipeline.PipelineTag" + }, + "markdownDescription": "A list of arbitrary tags (key-value pairs) to associate with the pipeline, which you can use to control permissions. For more information, see [Controlling Access to Pipelines and Resources](https://docs.aws.amazon.com/datapipeline/latest/DeveloperGuide/dp-control-access.html) in the *AWS Data Pipeline Developer Guide* .", + "title": "PipelineTags", + "type": "array" } }, "required": [ - "LaunchTemplateData" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::LaunchTemplate" + "AWS::DataPipeline::Pipeline" ], "type": "string" }, @@ -72570,1136 +78455,940 @@ ], "type": "object" }, - "AWS::EC2::LaunchTemplate.AcceleratorCount": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum number of accelerators. To specify no maximum limit, omit this parameter. To exclude accelerator-enabled instance types, set `Max` to `0` .", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum number of accelerators. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::LaunchTemplate.AcceleratorTotalMemoryMiB": { + "AWS::DataPipeline::Pipeline.Field": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum amount of accelerator memory, in MiB. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" + "Key": { + "markdownDescription": "Specifies the name of a field for a particular object. To view valid values for a particular field, see [Pipeline Object Reference](https://docs.aws.amazon.com/datapipeline/latest/DeveloperGuide/dp-pipeline-objects.html) in the *AWS Data Pipeline Developer Guide* .", + "title": "Key", + "type": "string" }, - "Min": { - "markdownDescription": "The minimum amount of accelerator memory, in MiB. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::LaunchTemplate.BaselineEbsBandwidthMbps": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum baseline bandwidth, in Mbps. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" + "RefValue": { + "markdownDescription": "A field value that you specify as an identifier of another object in the same pipeline definition.\n\n> You can specify the field value as either a string value ( `StringValue` ) or a reference to another object ( `RefValue` ), but not both. \n\nRequired if the key that you are using requires it.", + "title": "RefValue", + "type": "string" }, - "Min": { - "markdownDescription": "The minimum baseline bandwidth, in Mbps. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" + "StringValue": { + "markdownDescription": "A field value that you specify as a string. To view valid values for a particular field, see [Pipeline Object Reference](https://docs.aws.amazon.com/datapipeline/latest/DeveloperGuide/dp-pipeline-objects.html) in the *AWS Data Pipeline Developer Guide* .\n\n> You can specify the field value as either a string value ( `StringValue` ) or a reference to another object ( `RefValue` ), but not both. \n\nRequired if the key that you are using requires it.", + "title": "StringValue", + "type": "string" } }, + "required": [ + "Key" + ], "type": "object" }, - "AWS::EC2::LaunchTemplate.BlockDeviceMapping": { + "AWS::DataPipeline::Pipeline.ParameterAttribute": { "additionalProperties": false, "properties": { - "DeviceName": { - "markdownDescription": "The device name (for example, /dev/sdh or xvdh).", - "title": "DeviceName", - "type": "string" - }, - "Ebs": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Ebs", - "markdownDescription": "Parameters used to automatically set up EBS volumes when the instance is launched.", - "title": "Ebs" - }, - "NoDevice": { - "markdownDescription": "To omit the device from the block device mapping, specify an empty string.", - "title": "NoDevice", + "Key": { + "markdownDescription": "The field identifier.", + "title": "Key", "type": "string" }, - "VirtualName": { - "markdownDescription": "The virtual device name (ephemeralN). Instance store volumes are numbered starting from 0. An instance type with 2 available instance store volumes can specify mappings for ephemeral0 and ephemeral1. The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume.", - "title": "VirtualName", + "StringValue": { + "markdownDescription": "The field value, expressed as a String.", + "title": "StringValue", "type": "string" } }, + "required": [ + "Key", + "StringValue" + ], "type": "object" }, - "AWS::EC2::LaunchTemplate.CapacityReservationSpecification": { + "AWS::DataPipeline::Pipeline.ParameterObject": { "additionalProperties": false, "properties": { - "CapacityReservationPreference": { - "markdownDescription": "Indicates the instance's Capacity Reservation preferences. Possible preferences include:\n\n- `capacity-reservations-only` - The instance will only run in a Capacity Reservation or Capacity Reservation group. If capacity isn't available, the instance will fail to launch.\n- `open` - The instance can run in any `open` Capacity Reservation that has matching attributes (instance type, platform, Availability Zone, tenancy).\n- `none` - The instance avoids running in a Capacity Reservation even if one is available. The instance runs in On-Demand capacity.", - "title": "CapacityReservationPreference", - "type": "string" + "Attributes": { + "items": { + "$ref": "#/definitions/AWS::DataPipeline::Pipeline.ParameterAttribute" + }, + "markdownDescription": "The attributes of the parameter object.", + "title": "Attributes", + "type": "array" }, - "CapacityReservationTarget": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.CapacityReservationTarget", - "markdownDescription": "Information about the target Capacity Reservation or Capacity Reservation group.", - "title": "CapacityReservationTarget" + "Id": { + "markdownDescription": "The ID of the parameter object.", + "title": "Id", + "type": "string" } }, + "required": [ + "Attributes", + "Id" + ], "type": "object" }, - "AWS::EC2::LaunchTemplate.CapacityReservationTarget": { + "AWS::DataPipeline::Pipeline.ParameterValue": { "additionalProperties": false, "properties": { - "CapacityReservationId": { - "markdownDescription": "The ID of the Capacity Reservation in which to run the instance.", - "title": "CapacityReservationId", + "Id": { + "markdownDescription": "The ID of the parameter value.", + "title": "Id", "type": "string" }, - "CapacityReservationResourceGroupArn": { - "markdownDescription": "The ARN of the Capacity Reservation resource group in which to run the instance.", - "title": "CapacityReservationResourceGroupArn", + "StringValue": { + "markdownDescription": "The field value, expressed as a String.", + "title": "StringValue", "type": "string" } }, + "required": [ + "Id", + "StringValue" + ], "type": "object" }, - "AWS::EC2::LaunchTemplate.ConnectionTrackingSpecification": { + "AWS::DataPipeline::Pipeline.PipelineObject": { "additionalProperties": false, "properties": { - "TcpEstablishedTimeout": { - "markdownDescription": "Timeout (in seconds) for idle TCP connections in an established state. Min: 60 seconds. Max: 432000 seconds (5 days). Default: 432000 seconds. Recommended: Less than 432000 seconds.", - "title": "TcpEstablishedTimeout", - "type": "number" + "Fields": { + "items": { + "$ref": "#/definitions/AWS::DataPipeline::Pipeline.Field" + }, + "markdownDescription": "Key-value pairs that define the properties of the object.", + "title": "Fields", + "type": "array" }, - "UdpStreamTimeout": { - "markdownDescription": "Timeout (in seconds) for idle UDP flows classified as streams which have seen more than one request-response transaction. Min: 60 seconds. Max: 180 seconds (3 minutes). Default: 180 seconds.", - "title": "UdpStreamTimeout", - "type": "number" + "Id": { + "markdownDescription": "The ID of the object.", + "title": "Id", + "type": "string" }, - "UdpTimeout": { - "markdownDescription": "Timeout (in seconds) for idle UDP flows that have seen traffic only in a single direction or a single request-response transaction. Min: 30 seconds. Max: 60 seconds. Default: 30 seconds.", - "title": "UdpTimeout", - "type": "number" + "Name": { + "markdownDescription": "The name of the object.", + "title": "Name", + "type": "string" } }, + "required": [ + "Fields", + "Id", + "Name" + ], "type": "object" }, - "AWS::EC2::LaunchTemplate.CpuOptions": { + "AWS::DataPipeline::Pipeline.PipelineTag": { "additionalProperties": false, "properties": { - "AmdSevSnp": { - "markdownDescription": "Indicates whether to enable the instance for AMD SEV-SNP. AMD SEV-SNP is supported with M6a, R6a, and C6a instance types only. For more information, see [AMD SEV-SNP for Amazon EC2 instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/sev-snp.html) .", - "title": "AmdSevSnp", + "Key": { + "markdownDescription": "The key name of a tag.", + "title": "Key", "type": "string" }, - "CoreCount": { - "markdownDescription": "The number of CPU cores for the instance.", - "title": "CoreCount", - "type": "number" - }, - "ThreadsPerCore": { - "markdownDescription": "The number of threads per CPU core. To disable multithreading for the instance, specify a value of `1` . Otherwise, specify the default value of `2` .", - "title": "ThreadsPerCore", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::LaunchTemplate.CreditSpecification": { - "additionalProperties": false, - "properties": { - "CpuCredits": { - "markdownDescription": "The credit option for CPU usage of a T instance.\n\nValid values: `standard` | `unlimited`", - "title": "CpuCredits", + "Value": { + "markdownDescription": "The value to associate with the key name.", + "title": "Value", "type": "string" } }, + "required": [ + "Key", + "Value" + ], "type": "object" }, - "AWS::EC2::LaunchTemplate.Ebs": { + "AWS::DataSync::Agent": { "additionalProperties": false, "properties": { - "DeleteOnTermination": { - "markdownDescription": "Indicates whether the EBS volume is deleted on instance termination.", - "title": "DeleteOnTermination", - "type": "boolean" - }, - "Encrypted": { - "markdownDescription": "Indicates whether the EBS volume is encrypted. Encrypted volumes can only be attached to instances that support Amazon EBS encryption. If you are creating a volume from a snapshot, you can't specify an encryption value.", - "title": "Encrypted", - "type": "boolean" + "Condition": { + "type": "string" }, - "Iops": { - "markdownDescription": "The number of I/O operations per second (IOPS). For `gp3` , `io1` , and `io2` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n\nThe following are the supported values for each volume type:\n\n- `gp3` : 3,000 - 16,000 IOPS\n- `io1` : 100 - 64,000 IOPS\n- `io2` : 100 - 256,000 IOPS\n\nFor `io2` volumes, you can achieve up to 256,000 IOPS on [instances built on the Nitro System](https://docs.aws.amazon.com/ec2/latest/instancetypes/ec2-nitro-instances.html) . On other instances, you can achieve performance up to 32,000 IOPS.\n\nThis parameter is supported for `io1` , `io2` , and `gp3` volumes only.", - "title": "Iops", - "type": "number" - }, - "KmsKeyId": { - "markdownDescription": "Identifier (key ID, key alias, key ARN, or alias ARN) of the customer managed KMS key to use for EBS encryption.", - "title": "KmsKeyId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SnapshotId": { - "markdownDescription": "The ID of the snapshot.", - "title": "SnapshotId", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Throughput": { - "markdownDescription": "The throughput to provision for a `gp3` volume, with a maximum of 1,000 MiB/s.\n\nValid Range: Minimum value of 125. Maximum value of 1000.", - "title": "Throughput", - "type": "number" + "Metadata": { + "type": "object" }, - "VolumeSize": { - "markdownDescription": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. The following are the supported volumes sizes for each volume type:\n\n- `gp2` and `gp3` : 1 - 16,384 GiB\n- `io1` : 4 - 16,384 GiB\n- `io2` : 4 - 65,536 GiB\n- `st1` and `sc1` : 125 - 16,384 GiB\n- `standard` : 1 - 1024 GiB", - "title": "VolumeSize", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "ActivationKey": { + "markdownDescription": "Specifies your DataSync agent's activation key. If you don't have an activation key, see [Activating your agent](https://docs.aws.amazon.com/datasync/latest/userguide/activate-agent.html) .", + "title": "ActivationKey", + "type": "string" + }, + "AgentName": { + "markdownDescription": "Specifies a name for your agent. We recommend specifying a name that you can remember.", + "title": "AgentName", + "type": "string" + }, + "SecurityGroupArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Names (ARNs) of the security groups used to protect your data transfer task subnets. See [SecurityGroupArns](https://docs.aws.amazon.com/datasync/latest/userguide/API_Ec2Config.html#DataSync-Type-Ec2Config-SecurityGroupArns) .\n\n*Pattern* : `^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):ec2:[a-z\\-0-9]*:[0-9]{12}:security-group/.*$`", + "title": "SecurityGroupArns", + "type": "array" + }, + "SubnetArns": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the ARN of the subnet where your VPC service endpoint is located. You can only specify one ARN.", + "title": "SubnetArns", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least one tag for your agent.", + "title": "Tags", + "type": "array" + }, + "VpcEndpointId": { + "markdownDescription": "The ID of the virtual private cloud (VPC) endpoint that the agent has access to. This is the client-side VPC endpoint, powered by AWS PrivateLink . If you don't have an AWS PrivateLink VPC endpoint, see [AWS PrivateLink and VPC endpoints](https://docs.aws.amazon.com//vpc/latest/userguide/endpoint-services-overview.html) in the *Amazon VPC User Guide* .\n\nFor more information about activating your agent in a private network based on a VPC, see [Using AWS DataSync in a Virtual Private Cloud](https://docs.aws.amazon.com/datasync/latest/userguide/datasync-in-vpc.html) in the *AWS DataSync User Guide.*\n\nA VPC endpoint ID looks like this: `vpce-01234d5aff67890e1` .", + "title": "VpcEndpointId", + "type": "string" + } + }, + "type": "object" }, - "VolumeType": { - "markdownDescription": "The volume type. For more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volume-types.html) in the *Amazon EBS User Guide* .", - "title": "VolumeType", + "Type": { + "enum": [ + "AWS::DataSync::Agent" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::EC2::LaunchTemplate.ElasticGpuSpecification": { + "AWS::DataSync::LocationAzureBlob": { "additionalProperties": false, "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AgentArns": { + "items": { + "type": "string" + }, + "markdownDescription": "(Optional) Specifies the Amazon Resource Name (ARN) of the DataSync agent that can connect with your Azure Blob Storage container. If you are setting up an agentless cross-cloud transfer, you do not need to specify a value for this parameter.\n\nYou can specify more than one agent. For more information, see [Using multiple agents for your transfer](https://docs.aws.amazon.com/datasync/latest/userguide/multiple-agents.html) .\n\n> Make sure you configure this parameter correctly when you first create your storage location. You cannot add or remove agents from a storage location after you create it.", + "title": "AgentArns", + "type": "array" + }, + "AzureAccessTier": { + "markdownDescription": "Specifies the access tier that you want your objects or files transferred into. This only applies when using the location as a transfer destination. For more information, see [Access tiers](https://docs.aws.amazon.com/datasync/latest/userguide/creating-azure-blob-location.html#azure-blob-access-tiers) .", + "title": "AzureAccessTier", + "type": "string" + }, + "AzureBlobAuthenticationType": { + "markdownDescription": "Specifies the authentication method DataSync uses to access your Azure Blob Storage. DataSync can access blob storage using a shared access signature (SAS).", + "title": "AzureBlobAuthenticationType", + "type": "string" + }, + "AzureBlobContainerUrl": { + "markdownDescription": "Specifies the URL of the Azure Blob Storage container involved in your transfer.", + "title": "AzureBlobContainerUrl", + "type": "string" + }, + "AzureBlobSasConfiguration": { + "$ref": "#/definitions/AWS::DataSync::LocationAzureBlob.AzureBlobSasConfiguration", + "markdownDescription": "Specifies the SAS configuration that allows DataSync to access your Azure Blob Storage.\n\n> If you provide an authentication token using `SasConfiguration` , but do not provide secret configuration details using `CmkSecretConfig` or `CustomSecretConfig` , then DataSync stores the token using your AWS account's secrets manager secret.", + "title": "AzureBlobSasConfiguration" + }, + "AzureBlobType": { + "markdownDescription": "Specifies the type of blob that you want your objects or files to be when transferring them into Azure Blob Storage. Currently, DataSync only supports moving data into Azure Blob Storage as block blobs. For more information on blob types, see the [Azure Blob Storage documentation](https://docs.aws.amazon.com/https://learn.microsoft.com/en-us/rest/api/storageservices/understanding-block-blobs--append-blobs--and-page-blobs) .", + "title": "AzureBlobType", + "type": "string" + }, + "CmkSecretConfig": { + "$ref": "#/definitions/AWS::DataSync::LocationAzureBlob.CmkSecretConfig", + "markdownDescription": "Specifies configuration information for a DataSync-managed secret, such as an authentication token or secret key that DataSync uses to access a specific storage location, with a customer-managed AWS KMS key .\n\n> You can use either `CmkSecretConfig` or `CustomSecretConfig` to provide credentials for a `CreateLocation` request. Do not provide both parameters for the same request.", + "title": "CmkSecretConfig" + }, + "CustomSecretConfig": { + "$ref": "#/definitions/AWS::DataSync::LocationAzureBlob.CustomSecretConfig", + "markdownDescription": "Specifies configuration information for a customer-managed Secrets Manager secret where a storage location authentication token or secret key is stored in plain text. This configuration includes the secret ARN, and the ARN for an IAM role that provides access to the secret.\n\n> You can use either `CmkSecretConfig` or `CustomSecretConfig` to provide credentials for a `CreateLocation` request. Do not provide both parameters for the same request.", + "title": "CustomSecretConfig" + }, + "Subdirectory": { + "markdownDescription": "Specifies path segments if you want to limit your transfer to a virtual directory in your container (for example, `/my/images` ).", + "title": "Subdirectory", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your transfer location.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "AzureBlobAuthenticationType" + ], + "type": "object" + }, "Type": { - "markdownDescription": "The type of Elastic Graphics accelerator.", - "title": "Type", + "enum": [ + "AWS::DataSync::LocationAzureBlob" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::EC2::LaunchTemplate.EnaSrdSpecification": { + "AWS::DataSync::LocationAzureBlob.AzureBlobSasConfiguration": { "additionalProperties": false, "properties": { - "EnaSrdEnabled": { - "markdownDescription": "Indicates whether ENA Express is enabled for the network interface.", - "title": "EnaSrdEnabled", - "type": "boolean" - }, - "EnaSrdUdpSpecification": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.EnaSrdUdpSpecification", - "markdownDescription": "Configures ENA Express for UDP network traffic.", - "title": "EnaSrdUdpSpecification" + "AzureBlobSasToken": { + "markdownDescription": "Specifies a SAS token that provides permissions to access your Azure Blob Storage.\n\nThe token is part of the SAS URI string that comes after the storage resource URI and a question mark. A token looks something like this:\n\n`sp=r&st=2023-12-20T14:54:52Z&se=2023-12-20T22:54:52Z&spr=https&sv=2021-06-08&sr=c&sig=aBBKDWQvyuVcTPH9EBp%2FXTI9E%2F%2Fmq171%2BZU178wcwqU%3D`", + "title": "AzureBlobSasToken", + "type": "string" } }, + "required": [ + "AzureBlobSasToken" + ], "type": "object" }, - "AWS::EC2::LaunchTemplate.EnaSrdUdpSpecification": { + "AWS::DataSync::LocationAzureBlob.CmkSecretConfig": { "additionalProperties": false, "properties": { - "EnaSrdUdpEnabled": { - "markdownDescription": "Indicates whether UDP traffic to and from the instance uses ENA Express. To specify this setting, you must first enable ENA Express.", - "title": "EnaSrdUdpEnabled", - "type": "boolean" + "KmsKeyArn": { + "markdownDescription": "Specifies the ARN for the customer-managed AWS KMS key that DataSync uses to encrypt the DataSync-managed secret stored for `SecretArn` . DataSync provides this key to AWS Secrets Manager .", + "title": "KmsKeyArn", + "type": "string" + }, + "SecretArn": { + "markdownDescription": "Specifies the ARN for the DataSync-managed AWS Secrets Manager secret that that is used to access a specific storage location. This property is generated by DataSync and is read-only. DataSync encrypts this secret with the KMS key that you specify for `KmsKeyArn` .", + "title": "SecretArn", + "type": "string" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.EnclaveOptions": { + "AWS::DataSync::LocationAzureBlob.CustomSecretConfig": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "If this parameter is set to `true` , the instance is enabled for AWS Nitro Enclaves; otherwise, it is not enabled for AWS Nitro Enclaves.", - "title": "Enabled", - "type": "boolean" + "SecretAccessRoleArn": { + "markdownDescription": "Specifies the ARN for the AWS Identity and Access Management role that DataSync uses to access the secret specified for `SecretArn` .", + "title": "SecretAccessRoleArn", + "type": "string" + }, + "SecretArn": { + "markdownDescription": "Specifies the ARN for an AWS Secrets Manager secret.", + "title": "SecretArn", + "type": "string" } }, + "required": [ + "SecretAccessRoleArn", + "SecretArn" + ], "type": "object" }, - "AWS::EC2::LaunchTemplate.HibernationOptions": { + "AWS::DataSync::LocationAzureBlob.ManagedSecretConfig": { "additionalProperties": false, "properties": { - "Configured": { - "markdownDescription": "If you set this parameter to `true` , the instance is enabled for hibernation.\n\nDefault: `false`", - "title": "Configured", - "type": "boolean" + "SecretArn": { + "markdownDescription": "Specifies the ARN for an AWS Secrets Manager secret.", + "title": "SecretArn", + "type": "string" } }, + "required": [ + "SecretArn" + ], "type": "object" }, - "AWS::EC2::LaunchTemplate.IamInstanceProfile": { + "AWS::DataSync::LocationEFS": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the instance profile.", - "title": "Arn", + "Condition": { "type": "string" }, - "Name": { - "markdownDescription": "The name of the instance profile.", - "title": "Name", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AccessPointArn": { + "markdownDescription": "Specifies the Amazon Resource Name (ARN) of the access point that DataSync uses to mount your Amazon EFS file system.\n\nFor more information, see [Accessing restricted file systems](https://docs.aws.amazon.com/datasync/latest/userguide/create-efs-location.html#create-efs-location-iam) .", + "title": "AccessPointArn", + "type": "string" + }, + "Ec2Config": { + "$ref": "#/definitions/AWS::DataSync::LocationEFS.Ec2Config", + "markdownDescription": "Specifies the subnet and security groups DataSync uses to connect to one of your Amazon EFS file system's [mount targets](https://docs.aws.amazon.com/efs/latest/ug/accessing-fs.html) .", + "title": "Ec2Config" + }, + "EfsFilesystemArn": { + "markdownDescription": "Specifies the ARN for your Amazon EFS file system.", + "title": "EfsFilesystemArn", + "type": "string" + }, + "FileSystemAccessRoleArn": { + "markdownDescription": "Specifies an AWS Identity and Access Management (IAM) role that allows DataSync to access your Amazon EFS file system.\n\nFor information on creating this role, see [Creating a DataSync IAM role for file system access](https://docs.aws.amazon.com/datasync/latest/userguide/create-efs-location.html#create-efs-location-iam-role) .", + "title": "FileSystemAccessRoleArn", + "type": "string" + }, + "InTransitEncryption": { + "markdownDescription": "Specifies whether you want DataSync to use Transport Layer Security (TLS) 1.2 encryption when it transfers data to or from your Amazon EFS file system.\n\nIf you specify an access point using `AccessPointArn` or an IAM role using `FileSystemAccessRoleArn` , you must set this parameter to `TLS1_2` .", + "title": "InTransitEncryption", + "type": "string" + }, + "Subdirectory": { + "markdownDescription": "Specifies a mount path for your Amazon EFS file system. This is where DataSync reads or writes data on your file system (depending on if this is a source or destination location).\n\nBy default, DataSync uses the root directory (or [access point](https://docs.aws.amazon.com/efs/latest/ug/efs-access-points.html) if you provide one by using `AccessPointArn` ). You can also include subdirectories using forward slashes (for example, `/path/to/folder` ).", + "title": "Subdirectory", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies the key-value pair that represents a tag that you want to add to the resource. The value can be an empty string. This value helps you manage, filter, and search for your resources. We recommend that you create a name tag for your location.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Ec2Config" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::DataSync::LocationEFS" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::EC2::LaunchTemplate.InstanceMarketOptions": { + "AWS::DataSync::LocationEFS.Ec2Config": { "additionalProperties": false, "properties": { - "MarketType": { - "markdownDescription": "The market type.", - "title": "MarketType", - "type": "string" + "SecurityGroupArns": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the Amazon Resource Names (ARNs) of the security groups associated with an Amazon EFS file system's mount target.", + "title": "SecurityGroupArns", + "type": "array" }, - "SpotOptions": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.SpotOptions", - "markdownDescription": "The options for Spot Instances.", - "title": "SpotOptions" + "SubnetArn": { + "markdownDescription": "Specifies the ARN of a subnet where DataSync creates the [network interfaces](https://docs.aws.amazon.com/datasync/latest/userguide/datasync-network.html#required-network-interfaces.html) for managing traffic during your transfer.\n\nThe subnet must be located:\n\n- In the same virtual private cloud (VPC) as the Amazon EFS file system.\n- In the same Availability Zone as at least one mount target for the Amazon EFS file system.\n\n> You don't need to specify a subnet that includes a file system mount target.", + "title": "SubnetArn", + "type": "string" } }, + "required": [ + "SecurityGroupArns", + "SubnetArn" + ], "type": "object" }, - "AWS::EC2::LaunchTemplate.InstanceRequirements": { + "AWS::DataSync::LocationFSxLustre": { "additionalProperties": false, "properties": { - "AcceleratorCount": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.AcceleratorCount", - "markdownDescription": "The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferentia chips) on an instance.\n\nTo exclude accelerator-enabled instance types, set `Max` to `0` .\n\nDefault: No minimum or maximum limits", - "title": "AcceleratorCount" - }, - "AcceleratorManufacturers": { - "items": { - "type": "string" - }, - "markdownDescription": "Indicates whether instance types must have accelerators by specific manufacturers.\n\n- For instance types with AWS devices, specify `amazon-web-services` .\n- For instance types with AMD devices, specify `amd` .\n- For instance types with Habana devices, specify `habana` .\n- For instance types with NVIDIA devices, specify `nvidia` .\n- For instance types with Xilinx devices, specify `xilinx` .\n\nDefault: Any manufacturer", - "title": "AcceleratorManufacturers", - "type": "array" + "Condition": { + "type": "string" }, - "AcceleratorNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The accelerators that must be on the instance type.\n\n- For instance types with NVIDIA A10G GPUs, specify `a10g` .\n- For instance types with NVIDIA A100 GPUs, specify `a100` .\n- For instance types with NVIDIA H100 GPUs, specify `h100` .\n- For instance types with AWS Inferentia chips, specify `inferentia` .\n- For instance types with NVIDIA GRID K520 GPUs, specify `k520` .\n- For instance types with NVIDIA K80 GPUs, specify `k80` .\n- For instance types with NVIDIA M60 GPUs, specify `m60` .\n- For instance types with AMD Radeon Pro V520 GPUs, specify `radeon-pro-v520` .\n- For instance types with NVIDIA T4 GPUs, specify `t4` .\n- For instance types with NVIDIA T4G GPUs, specify `t4g` .\n- For instance types with Xilinx VU9P FPGAs, specify `vu9p` .\n- For instance types with NVIDIA V100 GPUs, specify `v100` .\n\nDefault: Any accelerator", - "title": "AcceleratorNames", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "AcceleratorTotalMemoryMiB": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.AcceleratorTotalMemoryMiB", - "markdownDescription": "The minimum and maximum amount of total accelerator memory, in MiB.\n\nDefault: No minimum or maximum limits", - "title": "AcceleratorTotalMemoryMiB" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "AcceleratorTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The accelerator types that must be on the instance type.\n\n- For instance types with FPGA accelerators, specify `fpga` .\n- For instance types with GPU accelerators, specify `gpu` .\n- For instance types with Inference accelerators, specify `inference` .\n\nDefault: Any accelerator type", - "title": "AcceleratorTypes", - "type": "array" + "Metadata": { + "type": "object" }, - "AllowedInstanceTypes": { - "items": { - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "FsxFilesystemArn": { + "markdownDescription": "Specifies the Amazon Resource Name (ARN) of the FSx for Lustre file system.", + "title": "FsxFilesystemArn", + "type": "string" + }, + "SecurityGroupArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The ARNs of the security groups that are used to configure the FSx for Lustre file system.\n\n*Pattern* : `^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):ec2:[a-z\\-0-9]*:[0-9]{12}:security-group/.*$`\n\n*Length constraints* : Maximum length of 128.", + "title": "SecurityGroupArns", + "type": "array" + }, + "Subdirectory": { + "markdownDescription": "Specifies a mount path for your FSx for Lustre file system. The path can include subdirectories.\n\nWhen the location is used as a source, DataSync reads data from the mount path. When the location is used as a destination, DataSync writes data to the mount path. If you don't include this parameter, DataSync uses the file system's root directory ( `/` ).", + "title": "Subdirectory", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your location.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The instance types to apply your specified attributes against. All other instance types are ignored, even if they match your specified attributes.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to allow an instance type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will allow the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will allow all the M5a instance types, but not the M5n instance types.\n\n> If you specify `AllowedInstanceTypes` , you can't specify `ExcludedInstanceTypes` . \n\nDefault: All instance types", - "title": "AllowedInstanceTypes", - "type": "array" + "required": [ + "SecurityGroupArns" + ], + "type": "object" }, - "BareMetal": { - "markdownDescription": "Indicates whether bare metal instance types must be included, excluded, or required.\n\n- To include bare metal instance types, specify `included` .\n- To require only bare metal instance types, specify `required` .\n- To exclude bare metal instance types, specify `excluded` .\n\nDefault: `excluded`", - "title": "BareMetal", + "Type": { + "enum": [ + "AWS::DataSync::LocationFSxLustre" + ], "type": "string" }, - "BaselineEbsBandwidthMbps": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.BaselineEbsBandwidthMbps", - "markdownDescription": "The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps. For more information, see [Amazon EBS\u2013optimized instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-optimized.html) in the *Amazon EC2 User Guide* .\n\nDefault: No minimum or maximum limits", - "title": "BaselineEbsBandwidthMbps" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::DataSync::LocationFSxONTAP": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" }, - "BurstablePerformance": { - "markdownDescription": "Indicates whether burstable performance T instance types are included, excluded, or required. For more information, see [Burstable performance instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) .\n\n- To include burstable performance instance types, specify `included` .\n- To require only burstable performance instance types, specify `required` .\n- To exclude burstable performance instance types, specify `excluded` .\n\nDefault: `excluded`", - "title": "BurstablePerformance", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "CpuManufacturers": { - "items": { - "type": "string" - }, - "markdownDescription": "The CPU manufacturers to include.\n\n- For instance types with Intel CPUs, specify `intel` .\n- For instance types with AMD CPUs, specify `amd` .\n- For instance types with AWS CPUs, specify `amazon-web-services` .\n- For instance types with Apple CPUs, specify `apple` .\n\n> Don't confuse the CPU manufacturer with the CPU architecture. Instances will be launched with a compatible CPU architecture based on the Amazon Machine Image (AMI) that you specify in your launch template. \n\nDefault: Any manufacturer", - "title": "CpuManufacturers", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ExcludedInstanceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The instance types to exclude.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to exclude an instance type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will exclude the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will exclude all the M5a instance types, but not the M5n instance types.\n\n> If you specify `ExcludedInstanceTypes` , you can't specify `AllowedInstanceTypes` . \n\nDefault: No excluded instance types", - "title": "ExcludedInstanceTypes", - "type": "array" + "Metadata": { + "type": "object" }, - "InstanceGenerations": { - "items": { - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Protocol": { + "$ref": "#/definitions/AWS::DataSync::LocationFSxONTAP.Protocol", + "markdownDescription": "Specifies the data transfer protocol that DataSync uses to access your Amazon FSx file system.", + "title": "Protocol" + }, + "SecurityGroupArns": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the Amazon Resource Names (ARNs) of the security groups that DataSync can use to access your FSx for ONTAP file system. You must configure the security groups to allow outbound traffic on the following ports (depending on the protocol that you're using):\n\n- *Network File System (NFS)* : TCP ports 111, 635, and 2049\n- *Server Message Block (SMB)* : TCP port 445\n\nYour file system's security groups must also allow inbound traffic on the same port.", + "title": "SecurityGroupArns", + "type": "array" + }, + "StorageVirtualMachineArn": { + "markdownDescription": "Specifies the ARN of the storage virtual machine (SVM) in your file system where you want to copy data to or from.", + "title": "StorageVirtualMachineArn", + "type": "string" + }, + "Subdirectory": { + "markdownDescription": "Specifies a path to the file share in the SVM where you want to transfer data to or from.\n\nYou can specify a junction path (also known as a mount point), qtree path (for NFS file shares), or share name (for SMB file shares). For example, your mount path might be `/vol1` , `/vol1/tree1` , or `/share1` .\n\n> Don't specify a junction path in the SVM's root volume. For more information, see [Managing FSx for ONTAP storage virtual machines](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-svms.html) in the *Amazon FSx for NetApp ONTAP User Guide* .", + "title": "Subdirectory", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your location.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "Indicates whether current or previous generation instance types are included. The current generation instance types are recommended for use. Current generation instance types are typically the latest two to three generations in each instance family. For more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .\n\nFor current generation instance types, specify `current` .\n\nFor previous generation instance types, specify `previous` .\n\nDefault: Current and previous generation instance types", - "title": "InstanceGenerations", - "type": "array" + "required": [ + "SecurityGroupArns", + "StorageVirtualMachineArn" + ], + "type": "object" }, - "LocalStorage": { - "markdownDescription": "Indicates whether instance types with instance store volumes are included, excluded, or required. For more information, [Amazon EC2 instance store](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html) in the *Amazon EC2 User Guide* .\n\n- To include instance types with instance store volumes, specify `included` .\n- To require only instance types with instance store volumes, specify `required` .\n- To exclude instance types with instance store volumes, specify `excluded` .\n\nDefault: `included`", - "title": "LocalStorage", + "Type": { + "enum": [ + "AWS::DataSync::LocationFSxONTAP" + ], "type": "string" }, - "LocalStorageTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The type of local storage that is required.\n\n- For instance types with hard disk drive (HDD) storage, specify `hdd` .\n- For instance types with solid state drive (SSD) storage, specify `ssd` .\n\nDefault: `hdd` and `ssd`", - "title": "LocalStorageTypes", - "type": "array" - }, - "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice": { - "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage of an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is based on the per vCPU or per memory price instead of the per instance price.\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` .", - "title": "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice", - "type": "number" - }, - "MemoryGiBPerVCpu": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.MemoryGiBPerVCpu", - "markdownDescription": "The minimum and maximum amount of memory per vCPU, in GiB.\n\nDefault: No minimum or maximum limits", - "title": "MemoryGiBPerVCpu" - }, - "MemoryMiB": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.MemoryMiB", - "markdownDescription": "The minimum and maximum amount of memory, in MiB.", - "title": "MemoryMiB" - }, - "NetworkBandwidthGbps": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.NetworkBandwidthGbps", - "markdownDescription": "The minimum and maximum amount of network bandwidth, in gigabits per second (Gbps).\n\nDefault: No minimum or maximum limits", - "title": "NetworkBandwidthGbps" - }, - "NetworkInterfaceCount": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.NetworkInterfaceCount", - "markdownDescription": "The minimum and maximum number of network interfaces.\n\nDefault: No minimum or maximum limits", - "title": "NetworkInterfaceCount" - }, - "OnDemandMaxPricePercentageOverLowestPrice": { - "markdownDescription": "[Price protection] The price protection threshold for On-Demand Instances, as a percentage higher than an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nTo turn off price protection, specify a high value, such as `999999` .\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n> If you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price. \n\nDefault: `20`", - "title": "OnDemandMaxPricePercentageOverLowestPrice", - "type": "number" - }, - "RequireHibernateSupport": { - "markdownDescription": "Indicates whether instance types must support hibernation for On-Demand Instances.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) .\n\nDefault: `false`", - "title": "RequireHibernateSupport", - "type": "boolean" - }, - "SpotMaxPricePercentageOverLowestPrice": { - "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage higher than an identified Spot price. The identified Spot price is the Spot price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified Spot price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose Spot price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` . \n\nDefault: `100`", - "title": "SpotMaxPricePercentageOverLowestPrice", - "type": "number" - }, - "TotalLocalStorageGB": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.TotalLocalStorageGB", - "markdownDescription": "The minimum and maximum amount of total local storage, in GB.\n\nDefault: No minimum or maximum limits", - "title": "TotalLocalStorageGB" - }, - "VCpuCount": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.VCpuCount", - "markdownDescription": "The minimum and maximum number of vCPUs.", - "title": "VCpuCount" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::EC2::LaunchTemplate.Ipv4PrefixSpecification": { + "AWS::DataSync::LocationFSxONTAP.NFS": { "additionalProperties": false, "properties": { - "Ipv4Prefix": { - "markdownDescription": "The IPv4 prefix. For information, see [Assigning prefixes to network interfaces](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-prefix-eni.html) in the *Amazon EC2 User Guide* .", - "title": "Ipv4Prefix", - "type": "string" + "MountOptions": { + "$ref": "#/definitions/AWS::DataSync::LocationFSxONTAP.NfsMountOptions", + "markdownDescription": "Specifies how DataSync can access a location using the NFS protocol.", + "title": "MountOptions" } }, + "required": [ + "MountOptions" + ], "type": "object" }, - "AWS::EC2::LaunchTemplate.Ipv6Add": { + "AWS::DataSync::LocationFSxONTAP.NfsMountOptions": { "additionalProperties": false, "properties": { - "Ipv6Address": { - "markdownDescription": "One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet. You can't use this option if you're specifying a number of IPv6 addresses.", - "title": "Ipv6Address", + "Version": { + "markdownDescription": "Specifies the NFS version that you want DataSync to use when mounting your NFS share. If the server refuses to use the version specified, the task fails.\n\nYou can specify the following options:\n\n- `AUTOMATIC` (default): DataSync chooses NFS version 4.1.\n- `NFS3` : Stateless protocol version that allows for asynchronous writes on the server.\n- `NFSv4_0` : Stateful, firewall-friendly protocol version that supports delegations and pseudo file systems.\n- `NFSv4_1` : Stateful protocol version that supports sessions, directory delegations, and parallel data processing. NFS version 4.1 also includes all features available in version 4.0.\n\n> DataSync currently only supports NFS version 3 with Amazon FSx for NetApp ONTAP locations.", + "title": "Version", "type": "string" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.Ipv6PrefixSpecification": { + "AWS::DataSync::LocationFSxONTAP.Protocol": { "additionalProperties": false, "properties": { - "Ipv6Prefix": { - "markdownDescription": "The IPv6 prefix.", - "title": "Ipv6Prefix", - "type": "string" + "NFS": { + "$ref": "#/definitions/AWS::DataSync::LocationFSxONTAP.NFS", + "markdownDescription": "Specifies the Network File System (NFS) protocol configuration that DataSync uses to access your FSx for ONTAP file system's storage virtual machine (SVM).", + "title": "NFS" + }, + "SMB": { + "$ref": "#/definitions/AWS::DataSync::LocationFSxONTAP.SMB", + "markdownDescription": "Specifies the Server Message Block (SMB) protocol configuration that DataSync uses to access your FSx for ONTAP file system's SVM.", + "title": "SMB" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.LaunchTemplateData": { + "AWS::DataSync::LocationFSxONTAP.SMB": { "additionalProperties": false, "properties": { - "BlockDeviceMappings": { - "items": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.BlockDeviceMapping" - }, - "markdownDescription": "The block device mapping.", - "title": "BlockDeviceMappings", - "type": "array" - }, - "CapacityReservationSpecification": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.CapacityReservationSpecification", - "markdownDescription": "The Capacity Reservation targeting option. If you do not specify this parameter, the instance's Capacity Reservation preference defaults to `open` , which enables it to run in any open Capacity Reservation that has matching attributes (instance type, platform, Availability Zone).", - "title": "CapacityReservationSpecification" - }, - "CpuOptions": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.CpuOptions", - "markdownDescription": "The CPU options for the instance. For more information, see [CPU options for Amazon EC2 instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html) in the *Amazon EC2 User Guide* .", - "title": "CpuOptions" - }, - "CreditSpecification": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.CreditSpecification", - "markdownDescription": "The credit option for CPU usage of the instance. Valid only for T instances.", - "title": "CreditSpecification" - }, - "DisableApiStop": { - "markdownDescription": "Indicates whether to enable the instance for stop protection. For more information, see [Enable stop protection for your EC2 instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-stop-protection.html) in the *Amazon EC2 User Guide* .", - "title": "DisableApiStop", - "type": "boolean" - }, - "DisableApiTermination": { - "markdownDescription": "Indicates whether termination protection is enabled for the instance. The default is `false` , which means that you can terminate the instance using the Amazon EC2 console, command line tools, or API. You can enable termination protection when you launch an instance, while the instance is running, or while the instance is stopped.", - "title": "DisableApiTermination", - "type": "boolean" - }, - "EbsOptimized": { - "markdownDescription": "Indicates whether the instance is optimized for Amazon EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal Amazon EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS-optimized instance.", - "title": "EbsOptimized", - "type": "boolean" - }, - "ElasticGpuSpecifications": { - "items": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.ElasticGpuSpecification" - }, - "markdownDescription": "Deprecated.\n\n> Amazon Elastic Graphics reached end of life on January 8, 2024.", - "title": "ElasticGpuSpecifications", - "type": "array" - }, - "ElasticInferenceAccelerators": { - "items": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.LaunchTemplateElasticInferenceAccelerator" - }, - "markdownDescription": "> Amazon Elastic Inference is no longer available. \n\nAn elastic inference accelerator to associate with the instance. Elastic inference accelerators are a resource you can attach to your Amazon EC2 instances to accelerate your Deep Learning (DL) inference workloads.\n\nYou cannot specify accelerators from different generations in the same request.", - "title": "ElasticInferenceAccelerators", - "type": "array" - }, - "EnclaveOptions": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.EnclaveOptions", - "markdownDescription": "Indicates whether the instance is enabled for AWS Nitro Enclaves. For more information, see [What is Nitro Enclaves?](https://docs.aws.amazon.com/enclaves/latest/user/nitro-enclave.html) in the *AWS Nitro Enclaves User Guide* .\n\nYou can't enable AWS Nitro Enclaves and hibernation on the same instance.", - "title": "EnclaveOptions" - }, - "HibernationOptions": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.HibernationOptions", - "markdownDescription": "Indicates whether an instance is enabled for hibernation. This parameter is valid only if the instance meets the [hibernation prerequisites](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/hibernating-prerequisites.html) . For more information, see [Hibernate your Amazon EC2 instance](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) in the *Amazon EC2 User Guide* .", - "title": "HibernationOptions" + "Domain": { + "markdownDescription": "Specifies the name of the Windows domain that your storage virtual machine (SVM) belongs to.\n\nIf you have multiple domains in your environment, configuring this setting makes sure that DataSync connects to the right SVM.\n\nIf you have multiple Active Directory domains in your environment, configuring this parameter makes sure that DataSync connects to the right SVM.", + "title": "Domain", + "type": "string" }, - "IamInstanceProfile": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.IamInstanceProfile", - "markdownDescription": "The name or Amazon Resource Name (ARN) of an IAM instance profile.", - "title": "IamInstanceProfile" + "MountOptions": { + "$ref": "#/definitions/AWS::DataSync::LocationFSxONTAP.SmbMountOptions", + "markdownDescription": "Specifies how DataSync can access a location using the SMB protocol.", + "title": "MountOptions" }, - "ImageId": { - "markdownDescription": "The ID of the AMI. Alternatively, you can specify a Systems Manager parameter, which will resolve to an AMI ID on launch.\n\nValid formats:\n\n- `ami-0ac394d6a3example`\n- `resolve:ssm:parameter-name`\n- `resolve:ssm:parameter-name:version-number`\n- `resolve:ssm:parameter-name:label`\n\nFor more information, see [Use a Systems Manager parameter to find an AMI](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/finding-an-ami.html#using-systems-manager-parameter-to-find-AMI) in the *Amazon Elastic Compute Cloud User Guide* .", - "title": "ImageId", + "Password": { + "markdownDescription": "Specifies the password of a user who has permission to access your SVM.", + "title": "Password", "type": "string" }, - "InstanceInitiatedShutdownBehavior": { - "markdownDescription": "Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).\n\nDefault: `stop`", - "title": "InstanceInitiatedShutdownBehavior", + "User": { + "markdownDescription": "Specifies a user name that can mount the location and access the files, folders, and metadata that you need in the SVM.\n\nIf you provide a user in your Active Directory, note the following:\n\n- If you're using AWS Directory Service for Microsoft Active Directory , the user must be a member of the AWS Delegated FSx Administrators group.\n- If you're using a self-managed Active Directory, the user must be a member of either the Domain Admins group or a custom group that you specified for file system administration when you created your file system.\n\nMake sure that the user has the permissions it needs to copy the data you want:\n\n- `SE_TCB_NAME` : Required to set object ownership and file metadata. With this privilege, you also can copy NTFS discretionary access lists (DACLs).\n- `SE_SECURITY_NAME` : May be needed to copy NTFS system access control lists (SACLs). This operation specifically requires the Windows privilege, which is granted to members of the Domain Admins group. If you configure your task to copy SACLs, make sure that the user has the required privileges. For information about copying SACLs, see [Ownership and permissions-related options](https://docs.aws.amazon.com/datasync/latest/userguide/create-task.html#configure-ownership-and-permissions) .", + "title": "User", "type": "string" - }, - "InstanceMarketOptions": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.InstanceMarketOptions", - "markdownDescription": "The market (purchasing) option for the instances.", - "title": "InstanceMarketOptions" - }, - "InstanceRequirements": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.InstanceRequirements", - "markdownDescription": "The attributes for the instance types. When you specify instance attributes, Amazon EC2 will identify instance types with these attributes.\n\nYou must specify `VCpuCount` and `MemoryMiB` . All other attributes are optional. Any unspecified optional attribute is set to its default.\n\nWhen you specify multiple attributes, you get instance types that satisfy all of the specified attributes. If you specify multiple values for an attribute, you get instance types that satisfy any of the specified values.\n\nTo limit the list of instance types from which Amazon EC2 can identify matching instance types, you can use one of the following parameters, but not both in the same request:\n\n- `AllowedInstanceTypes` - The instance types to include in the list. All other instance types are ignored, even if they match your specified attributes.\n- `ExcludedInstanceTypes` - The instance types to exclude from the list, even if they match your specified attributes.\n\n> If you specify `InstanceRequirements` , you can't specify `InstanceType` .\n> \n> Attribute-based instance type selection is only supported when using Auto Scaling groups, EC2 Fleet, and Spot Fleet to launch instances. If you plan to use the launch template in the [launch instance wizard](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-instance-wizard.html) , or with the [RunInstances](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html) API or [AWS::EC2::Instance](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html) AWS CloudFormation resource, you can't specify `InstanceRequirements` . \n\nFor more information, see [Specify attributes for instance type selection for EC2 Fleet or Spot Fleet](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-attribute-based-instance-type-selection.html) and [Spot placement score](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-placement-score.html) in the *Amazon EC2 User Guide* .", - "title": "InstanceRequirements" - }, - "InstanceType": { - "markdownDescription": "The instance type. For more information, see [Amazon EC2 instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .\n\nIf you specify `InstanceType` , you can't specify `InstanceRequirements` .", - "title": "InstanceType", + } + }, + "required": [ + "MountOptions", + "Password", + "User" + ], + "type": "object" + }, + "AWS::DataSync::LocationFSxONTAP.SmbMountOptions": { + "additionalProperties": false, + "properties": { + "Version": { + "markdownDescription": "By default, DataSync automatically chooses an SMB protocol version based on negotiation with your SMB file server. You also can configure DataSync to use a specific SMB version, but we recommend doing this only if DataSync has trouble negotiating with the SMB file server automatically.\n\nThese are the following options for configuring the SMB version:\n\n- `AUTOMATIC` (default): DataSync and the SMB file server negotiate the highest version of SMB that they mutually support between 2.1 and 3.1.1.\n\nThis is the recommended option. If you instead choose a specific version that your file server doesn't support, you may get an `Operation Not Supported` error.\n- `SMB3` : Restricts the protocol negotiation to only SMB version 3.0.2.\n- `SMB2` : Restricts the protocol negotiation to only SMB version 2.1.\n- `SMB2_0` : Restricts the protocol negotiation to only SMB version 2.0.\n- `SMB1` : Restricts the protocol negotiation to only SMB version 1.0.\n\n> The `SMB1` option isn't available when [creating an Amazon FSx for NetApp ONTAP location](https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateLocationFsxOntap.html) .", + "title": "Version", "type": "string" - }, - "KernelId": { - "markdownDescription": "The ID of the kernel.\n\nWe recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see [User Provided Kernels](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) in the *Amazon EC2 User Guide* .", - "title": "KernelId", + } + }, + "type": "object" + }, + "AWS::DataSync::LocationFSxOpenZFS": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "KeyName": { - "markdownDescription": "The name of the key pair. You can create a key pair using [CreateKeyPair](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateKeyPair.html) or [ImportKeyPair](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportKeyPair.html) .\n\n> If you do not specify a key pair, you can't connect to the instance unless you choose an AMI that is configured to allow users another way to log in.", - "title": "KeyName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "LicenseSpecifications": { - "items": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.LicenseSpecification" - }, - "markdownDescription": "The license configurations.", - "title": "LicenseSpecifications", - "type": "array" - }, - "MaintenanceOptions": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.MaintenanceOptions", - "markdownDescription": "The maintenance options of your instance.", - "title": "MaintenanceOptions" - }, - "MetadataOptions": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.MetadataOptions", - "markdownDescription": "The metadata options for the instance. For more information, see [Configure the Instance Metadata Service options](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-options.html) in the *Amazon EC2 User Guide* .", - "title": "MetadataOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Monitoring": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Monitoring", - "markdownDescription": "The monitoring for the instance.", - "title": "Monitoring" + "Metadata": { + "type": "object" }, - "NetworkInterfaces": { - "items": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.NetworkInterface" + "Properties": { + "additionalProperties": false, + "properties": { + "FsxFilesystemArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the FSx for OpenZFS file system.", + "title": "FsxFilesystemArn", + "type": "string" + }, + "Protocol": { + "$ref": "#/definitions/AWS::DataSync::LocationFSxOpenZFS.Protocol", + "markdownDescription": "The type of protocol that AWS DataSync uses to access your file system.", + "title": "Protocol" + }, + "SecurityGroupArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The ARNs of the security groups that are used to configure the FSx for OpenZFS file system.\n\n*Pattern* : `^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):ec2:[a-z\\-0-9]*:[0-9]{12}:security-group/.*$`\n\n*Length constraints* : Maximum length of 128.", + "title": "SecurityGroupArns", + "type": "array" + }, + "Subdirectory": { + "markdownDescription": "A subdirectory in the location's path that must begin with `/fsx` . DataSync uses this subdirectory to read or write data (depending on whether the file system is a source or destination location).", + "title": "Subdirectory", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The key-value pair that represents a tag that you want to add to the resource. The value can be an empty string. This value helps you manage, filter, and search for your resources. We recommend that you create a name tag for your location.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The network interfaces for the instance.", - "title": "NetworkInterfaces", - "type": "array" - }, - "Placement": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Placement", - "markdownDescription": "The placement for the instance.", - "title": "Placement" - }, - "PrivateDnsNameOptions": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.PrivateDnsNameOptions", - "markdownDescription": "The hostname type for EC2 instances launched into this subnet and how DNS A and AAAA record queries should be handled. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .", - "title": "PrivateDnsNameOptions" + "required": [ + "Protocol", + "SecurityGroupArns" + ], + "type": "object" }, - "RamDiskId": { - "markdownDescription": "The ID of the RAM disk.\n\n> We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see [User provided kernels](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) in the *Amazon EC2 User Guide* .", - "title": "RamDiskId", + "Type": { + "enum": [ + "AWS::DataSync::LocationFSxOpenZFS" + ], "type": "string" }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the security groups. You can specify the IDs of existing security groups and references to resources created by the stack template.\n\nIf you specify a network interface, you must specify any security groups as part of the network interface instead.", - "title": "SecurityGroupIds", - "type": "array" - }, - "SecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "The names of the security groups. For a nondefault VPC, you must use security group IDs instead.\n\nIf you specify a network interface, you must specify any security groups as part of the network interface instead of using this parameter.", - "title": "SecurityGroups", - "type": "array" - }, - "TagSpecifications": { - "items": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.TagSpecification" - }, - "markdownDescription": "The tags to apply to resources that are created during instance launch.\n\nTo tag the launch template itself, use [TagSpecifications](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html#cfn-ec2-launchtemplate-tagspecifications) .", - "title": "TagSpecifications", - "type": "array" - }, - "UserData": { - "markdownDescription": "The user data to make available to the instance. You must provide base64-encoded text. User data is limited to 16 KB. For more information, see [Run commands when you launch an EC2 instance with user data input](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html) in the *Amazon EC2 User Guide* .\n\nIf you are creating the launch template for use with AWS Batch , the user data must be provided in the [MIME multi-part archive format](https://docs.aws.amazon.com/https://cloudinit.readthedocs.io/en/latest/topics/format.html#mime-multi-part-archive) . For more information, see [Amazon EC2 user data in launch templates](https://docs.aws.amazon.com/batch/latest/userguide/launch-templates.html#lt-user-data) in the *AWS Batch User Guide* .", - "title": "UserData", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::EC2::LaunchTemplate.LaunchTemplateElasticInferenceAccelerator": { + "AWS::DataSync::LocationFSxOpenZFS.MountOptions": { "additionalProperties": false, "properties": { - "Count": { - "markdownDescription": "The number of elastic inference accelerators to attach to the instance.\n\nDefault: 1", - "title": "Count", - "type": "number" - }, - "Type": { - "markdownDescription": "The type of elastic inference accelerator. The possible values are eia1.medium, eia1.large, and eia1.xlarge.", - "title": "Type", + "Version": { + "markdownDescription": "The specific NFS version that you want DataSync to use to mount your NFS share. If the server refuses to use the version specified, the sync will fail. If you don't specify a version, DataSync defaults to `AUTOMATIC` . That is, DataSync automatically selects a version based on negotiation with the NFS server.\n\nYou can specify the following NFS versions:\n\n- *[NFSv3](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc1813)* : Stateless protocol version that allows for asynchronous writes on the server.\n- *[NFSv4.0](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc3530)* : Stateful, firewall-friendly protocol version that supports delegations and pseudo file systems.\n- *[NFSv4.1](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc5661)* : Stateful protocol version that supports sessions, directory delegations, and parallel data processing. Version 4.1 also includes all features available in version 4.0.", + "title": "Version", "type": "string" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.LaunchTemplateTagSpecification": { + "AWS::DataSync::LocationFSxOpenZFS.NFS": { "additionalProperties": false, "properties": { - "ResourceType": { - "markdownDescription": "The type of resource. To tag a launch template, `ResourceType` must be `launch-template` .", - "title": "ResourceType", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags for the resource.", - "title": "Tags", - "type": "array" + "MountOptions": { + "$ref": "#/definitions/AWS::DataSync::LocationFSxOpenZFS.MountOptions", + "markdownDescription": "Represents the mount options that are available for DataSync to access an NFS location.", + "title": "MountOptions" } }, + "required": [ + "MountOptions" + ], "type": "object" }, - "AWS::EC2::LaunchTemplate.LicenseSpecification": { + "AWS::DataSync::LocationFSxOpenZFS.Protocol": { "additionalProperties": false, "properties": { - "LicenseConfigurationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the license configuration.", - "title": "LicenseConfigurationArn", - "type": "string" + "NFS": { + "$ref": "#/definitions/AWS::DataSync::LocationFSxOpenZFS.NFS", + "markdownDescription": "Represents the Network File System (NFS) protocol that DataSync uses to access your FSx for OpenZFS file system.", + "title": "NFS" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.MaintenanceOptions": { - "additionalProperties": false, - "properties": { - "AutoRecovery": { - "markdownDescription": "Disables the automatic recovery behavior of your instance or sets it to default.", - "title": "AutoRecovery", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::LaunchTemplate.MemoryGiBPerVCpu": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum amount of memory per vCPU, in GiB. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum amount of memory per vCPU, in GiB. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::LaunchTemplate.MemoryMiB": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum amount of memory, in MiB. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum amount of memory, in MiB. To specify no minimum limit, specify `0` .", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::LaunchTemplate.MetadataOptions": { - "additionalProperties": false, - "properties": { - "HttpEndpoint": { - "markdownDescription": "Enables or disables the HTTP metadata endpoint on your instances. If the parameter is not specified, the default state is `enabled` .\n\n> If you specify a value of `disabled` , you will not be able to access your instance metadata.", - "title": "HttpEndpoint", - "type": "string" - }, - "HttpProtocolIpv6": { - "markdownDescription": "Enables or disables the IPv6 endpoint for the instance metadata service.\n\nDefault: `disabled`", - "title": "HttpProtocolIpv6", - "type": "string" - }, - "HttpPutResponseHopLimit": { - "markdownDescription": "The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel.\n\nDefault: `1`\n\nPossible values: Integers from 1 to 64", - "title": "HttpPutResponseHopLimit", - "type": "number" - }, - "HttpTokens": { - "markdownDescription": "Indicates whether IMDSv2 is required.\n\n- `optional` - IMDSv2 is optional. You can choose whether to send a session token in your instance metadata retrieval requests. If you retrieve IAM role credentials without a session token, you receive the IMDSv1 role credentials. If you retrieve IAM role credentials using a valid session token, you receive the IMDSv2 role credentials.\n- `required` - IMDSv2 is required. You must send a session token in your instance metadata retrieval requests. With this option, retrieving the IAM role credentials always returns IMDSv2 credentials; IMDSv1 credentials are not available.\n\nDefault: If the value of `ImdsSupport` for the Amazon Machine Image (AMI) for your instance is `v2.0` , the default is `required` .", - "title": "HttpTokens", - "type": "string" - }, - "InstanceMetadataTags": { - "markdownDescription": "Set to `enabled` to allow access to instance tags from the instance metadata. Set to `disabled` to turn off access to instance tags from the instance metadata. For more information, see [View tags for your EC2 instances using instance metadata](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/work-with-tags-in-IMDS.html) .\n\nDefault: `disabled`", - "title": "InstanceMetadataTags", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::LaunchTemplate.Monitoring": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Specify `true` to enable detailed monitoring. Otherwise, basic monitoring is enabled.", - "title": "Enabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::EC2::LaunchTemplate.NetworkBandwidthGbps": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum amount of network bandwidth, in Gbps. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum amount of network bandwidth, in Gbps. If this parameter is not specified, there is no minimum limit.", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::LaunchTemplate.NetworkInterface": { - "additionalProperties": false, - "properties": { - "AssociateCarrierIpAddress": { - "markdownDescription": "Associates a Carrier IP address with eth0 for a new network interface.\n\nUse this option when you launch an instance in a Wavelength Zone and want to associate a Carrier IP address with the network interface. For more information about Carrier IP addresses, see [Carrier IP addresses](https://docs.aws.amazon.com/wavelength/latest/developerguide/how-wavelengths-work.html#provider-owned-ip) in the *AWS Wavelength Developer Guide* .", - "title": "AssociateCarrierIpAddress", - "type": "boolean" - }, - "AssociatePublicIpAddress": { - "markdownDescription": "Associates a public IPv4 address with eth0 for a new network interface.\n\nAWS charges for all public IPv4 addresses, including public IPv4 addresses associated with running instances and Elastic IP addresses. For more information, see the *Public IPv4 Address* tab on the [Amazon VPC pricing page](https://docs.aws.amazon.com/vpc/pricing/) .", - "title": "AssociatePublicIpAddress", - "type": "boolean" - }, - "ConnectionTrackingSpecification": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.ConnectionTrackingSpecification", - "markdownDescription": "A connection tracking specification for the network interface.", - "title": "ConnectionTrackingSpecification" - }, - "DeleteOnTermination": { - "markdownDescription": "Indicates whether the network interface is deleted when the instance is terminated.", - "title": "DeleteOnTermination", - "type": "boolean" - }, - "Description": { - "markdownDescription": "A description for the network interface.", - "title": "Description", - "type": "string" - }, - "DeviceIndex": { - "markdownDescription": "The device index for the network interface attachment. The primary network interface has a device index of 0. If the network interface is of type `interface` , you must specify a device index.\n\nIf you create a launch template that includes secondary network interfaces but no primary network interface, and you specify it using the `LaunchTemplate` property of `AWS::EC2::Instance` , then you must include a primary network interface using the `NetworkInterfaces` property of `AWS::EC2::Instance` .", - "title": "DeviceIndex", - "type": "number" - }, - "EnaSrdSpecification": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.EnaSrdSpecification", - "markdownDescription": "The ENA Express configuration for the network interface.", - "title": "EnaSrdSpecification" - }, - "Groups": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of one or more security groups.", - "title": "Groups", - "type": "array" - }, - "InterfaceType": { - "markdownDescription": "The type of network interface. To create an Elastic Fabric Adapter (EFA), specify `efa` or `efa` . For more information, see [Elastic Fabric Adapter for AI/ML and HPC workloads on Amazon EC2](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/efa.html) in the *Amazon EC2 User Guide* .\n\nIf you are not creating an EFA, specify `interface` or omit this parameter.\n\nIf you specify `efa-only` , do not assign any IP addresses to the network interface. EFA-only network interfaces do not support IP addresses.\n\nValid values: `interface` | `efa` | `efa-only`", - "title": "InterfaceType", - "type": "string" - }, - "Ipv4PrefixCount": { - "markdownDescription": "The number of IPv4 prefixes to be automatically assigned to the network interface. You cannot use this option if you use the `Ipv4Prefix` option.", - "title": "Ipv4PrefixCount", - "type": "number" - }, - "Ipv4Prefixes": { - "items": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Ipv4PrefixSpecification" - }, - "markdownDescription": "One or more IPv4 prefixes to be assigned to the network interface. You cannot use this option if you use the `Ipv4PrefixCount` option.", - "title": "Ipv4Prefixes", - "type": "array" - }, - "Ipv6AddressCount": { - "markdownDescription": "The number of IPv6 addresses to assign to a network interface. Amazon EC2 automatically selects the IPv6 addresses from the subnet range. You can't use this option if specifying specific IPv6 addresses.", - "title": "Ipv6AddressCount", - "type": "number" - }, - "Ipv6Addresses": { - "items": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Ipv6Add" - }, - "markdownDescription": "One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet. You can't use this option if you're specifying a number of IPv6 addresses.", - "title": "Ipv6Addresses", - "type": "array" - }, - "Ipv6PrefixCount": { - "markdownDescription": "The number of IPv6 prefixes to be automatically assigned to the network interface. You cannot use this option if you use the `Ipv6Prefix` option.", - "title": "Ipv6PrefixCount", - "type": "number" - }, - "Ipv6Prefixes": { - "items": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Ipv6PrefixSpecification" - }, - "markdownDescription": "One or more IPv6 prefixes to be assigned to the network interface. You cannot use this option if you use the `Ipv6PrefixCount` option.", - "title": "Ipv6Prefixes", - "type": "array" - }, - "NetworkCardIndex": { - "markdownDescription": "The index of the network card. Some instance types support multiple network cards. The primary network interface must be assigned to network card index 0. The default is network card index 0.", - "title": "NetworkCardIndex", - "type": "number" - }, - "NetworkInterfaceId": { - "markdownDescription": "The ID of the network interface.", - "title": "NetworkInterfaceId", - "type": "string" - }, - "PrimaryIpv6": { - "markdownDescription": "The primary IPv6 address of the network interface. When you enable an IPv6 GUA address to be a primary IPv6, the first IPv6 GUA will be made the primary IPv6 address until the instance is terminated or the network interface is detached. For more information about primary IPv6 addresses, see [RunInstances](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html) .", - "title": "PrimaryIpv6", - "type": "boolean" - }, - "PrivateIpAddress": { - "markdownDescription": "The primary private IPv4 address of the network interface.", - "title": "PrivateIpAddress", - "type": "string" - }, - "PrivateIpAddresses": { - "items": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.PrivateIpAdd" - }, - "markdownDescription": "One or more private IPv4 addresses.", - "title": "PrivateIpAddresses", - "type": "array" - }, - "SecondaryPrivateIpAddressCount": { - "markdownDescription": "The number of secondary private IPv4 addresses to assign to a network interface.", - "title": "SecondaryPrivateIpAddressCount", - "type": "number" - }, - "SubnetId": { - "markdownDescription": "The ID of the subnet for the network interface.", - "title": "SubnetId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::LaunchTemplate.NetworkInterfaceCount": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum number of network interfaces. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum number of network interfaces. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::LaunchTemplate.Placement": { - "additionalProperties": false, - "properties": { - "Affinity": { - "markdownDescription": "The affinity setting for an instance on a Dedicated Host.", - "title": "Affinity", - "type": "string" - }, - "AvailabilityZone": { - "markdownDescription": "The Availability Zone for the instance.", - "title": "AvailabilityZone", - "type": "string" - }, - "GroupId": { - "markdownDescription": "The Group Id of a placement group. You must specify the Placement Group *Group Id* to launch an instance in a shared placement group.", - "title": "GroupId", - "type": "string" - }, - "GroupName": { - "markdownDescription": "The name of the placement group for the instance.", - "title": "GroupName", - "type": "string" - }, - "HostId": { - "markdownDescription": "The ID of the Dedicated Host for the instance.", - "title": "HostId", - "type": "string" - }, - "HostResourceGroupArn": { - "markdownDescription": "The ARN of the host resource group in which to launch the instances. If you specify a host resource group ARN, omit the *Tenancy* parameter or set it to `host` .", - "title": "HostResourceGroupArn", - "type": "string" - }, - "PartitionNumber": { - "markdownDescription": "The number of the partition the instance should launch in. Valid only if the placement group strategy is set to `partition` .", - "title": "PartitionNumber", - "type": "number" - }, - "SpreadDomain": { - "markdownDescription": "Reserved for future use.", - "title": "SpreadDomain", - "type": "string" - }, - "Tenancy": { - "markdownDescription": "The tenancy of the instance. An instance with a tenancy of dedicated runs on single-tenant hardware.", - "title": "Tenancy", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::LaunchTemplate.PrivateDnsNameOptions": { - "additionalProperties": false, - "properties": { - "EnableResourceNameDnsAAAARecord": { - "markdownDescription": "Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records.", - "title": "EnableResourceNameDnsAAAARecord", - "type": "boolean" - }, - "EnableResourceNameDnsARecord": { - "markdownDescription": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records.", - "title": "EnableResourceNameDnsARecord", - "type": "boolean" - }, - "HostnameType": { - "markdownDescription": "The type of hostname for EC2 instances. For IPv4 only subnets, an instance DNS name must be based on the instance IPv4 address. For IPv6 only subnets, an instance DNS name must be based on the instance ID. For dual-stack subnets, you can specify whether DNS names use the instance IPv4 address or the instance ID. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .", - "title": "HostnameType", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::LaunchTemplate.PrivateIpAdd": { - "additionalProperties": false, - "properties": { - "Primary": { - "markdownDescription": "Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.", - "title": "Primary", - "type": "boolean" - }, - "PrivateIpAddress": { - "markdownDescription": "The private IPv4 address.", - "title": "PrivateIpAddress", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::LaunchTemplate.SpotOptions": { - "additionalProperties": false, - "properties": { - "BlockDurationMinutes": { - "markdownDescription": "Deprecated.", - "title": "BlockDurationMinutes", - "type": "number" - }, - "InstanceInterruptionBehavior": { - "markdownDescription": "The behavior when a Spot Instance is interrupted. The default is `terminate` .", - "title": "InstanceInterruptionBehavior", - "type": "string" - }, - "MaxPrice": { - "markdownDescription": "The maximum hourly price you're willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price. If you do specify this parameter, it must be more than USD $0.001. Specifying a value below USD $0.001 will result in an `InvalidParameterValue` error message when the launch template is used to launch an instance.\n\n> If you specify a maximum price, your Spot Instances will be interrupted more frequently than if you do not specify this parameter.", - "title": "MaxPrice", - "type": "string" - }, - "SpotInstanceType": { - "markdownDescription": "The Spot Instance request type.\n\nIf you are using Spot Instances with an Auto Scaling group, use `one-time` requests, as the Amazon EC2 Auto Scaling service handles requesting new Spot Instances whenever the group is below its desired capacity.", - "title": "SpotInstanceType", - "type": "string" - }, - "ValidUntil": { - "markdownDescription": "The end date of the request, in UTC format ( *YYYY-MM-DD* T *HH:MM:SS* Z). Supported only for persistent requests.\n\n- For a persistent request, the request remains active until the `ValidUntil` date and time is reached. Otherwise, the request remains active until you cancel it.\n- For a one-time request, `ValidUntil` is not supported. The request remains active until all instances launch or you cancel the request.\n\nDefault: 7 days from the current date", - "title": "ValidUntil", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::LaunchTemplate.TagSpecification": { - "additionalProperties": false, - "properties": { - "ResourceType": { - "markdownDescription": "The type of resource to tag. You can specify tags for the following resource types only: `instance` | `volume` | `network-interface` | `spot-instances-request` . If the instance does not include the resource type that you specify, the instance launch fails. For example, not all instance types include a volume.\n\nTo tag a resource after it has been created, see [CreateTags](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTags.html) .", - "title": "ResourceType", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to apply to the resource.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, - "AWS::EC2::LaunchTemplate.TotalLocalStorageGB": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum amount of total local storage, in GB. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum amount of total local storage, in GB. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::LaunchTemplate.VCpuCount": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum number of vCPUs. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum number of vCPUs. To specify no minimum limit, specify `0` .", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::LocalGatewayRoute": { + "AWS::DataSync::LocationFSxWindows": { "additionalProperties": false, "properties": { "Condition": { @@ -73734,36 +79423,57 @@ "Properties": { "additionalProperties": false, "properties": { - "DestinationCidrBlock": { - "markdownDescription": "The CIDR block used for destination matches.", - "title": "DestinationCidrBlock", + "Domain": { + "markdownDescription": "Specifies the name of the Windows domain that the FSx for Windows File Server file system belongs to.\n\nIf you have multiple Active Directory domains in your environment, configuring this parameter makes sure that DataSync connects to the right file system.", + "title": "Domain", "type": "string" }, - "LocalGatewayRouteTableId": { - "markdownDescription": "The ID of the local gateway route table.", - "title": "LocalGatewayRouteTableId", + "FsxFilesystemArn": { + "markdownDescription": "Specifies the Amazon Resource Name (ARN) for the FSx for Windows File Server file system.", + "title": "FsxFilesystemArn", "type": "string" }, - "LocalGatewayVirtualInterfaceGroupId": { - "markdownDescription": "The ID of the virtual interface group.", - "title": "LocalGatewayVirtualInterfaceGroupId", + "Password": { + "markdownDescription": "Specifies the password of the user with the permissions to mount and access the files, folders, and file metadata in your FSx for Windows File Server file system.", + "title": "Password", "type": "string" }, - "NetworkInterfaceId": { - "markdownDescription": "The ID of the network interface.", - "title": "NetworkInterfaceId", + "SecurityGroupArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Names (ARNs) of the security groups that are used to configure the FSx for Windows File Server file system.\n\n*Pattern* : `^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):ec2:[a-z\\-0-9]*:[0-9]{12}:security-group/.*$`\n\n*Length constraints* : Maximum length of 128.", + "title": "SecurityGroupArns", + "type": "array" + }, + "Subdirectory": { + "markdownDescription": "Specifies a mount path for your file system using forward slashes. This is where DataSync reads or writes data (depending on if this is a source or destination location).", + "title": "Subdirectory", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your location.", + "title": "Tags", + "type": "array" + }, + "User": { + "markdownDescription": "The user who has the permissions to access files and folders in the FSx for Windows File Server file system.\n\nFor information about choosing a user name that ensures sufficient permissions to files, folders, and metadata, see [user](https://docs.aws.amazon.com/datasync/latest/userguide/create-fsx-location.html#FSxWuser) .", + "title": "User", "type": "string" } }, "required": [ - "DestinationCidrBlock", - "LocalGatewayRouteTableId" + "SecurityGroupArns", + "User" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::LocalGatewayRoute" + "AWS::DataSync::LocationFSxWindows" ], "type": "string" }, @@ -73782,7 +79492,7 @@ ], "type": "object" }, - "AWS::EC2::LocalGatewayRouteTable": { + "AWS::DataSync::LocationHDFS": { "additionalProperties": false, "properties": { "Condition": { @@ -73817,33 +79527,91 @@ "Properties": { "additionalProperties": false, "properties": { - "LocalGatewayId": { - "markdownDescription": "The ID of the local gateway.", - "title": "LocalGatewayId", + "AgentArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Names (ARNs) of the DataSync agents that can connect to your HDFS cluster.", + "title": "AgentArns", + "type": "array" + }, + "AuthenticationType": { + "markdownDescription": "", + "title": "AuthenticationType", "type": "string" }, - "Mode": { - "markdownDescription": "The mode of the local gateway route table.", - "title": "Mode", + "BlockSize": { + "markdownDescription": "The size of data blocks to write into the HDFS cluster. The block size must be a multiple of 512 bytes. The default block size is 128 mebibytes (MiB).", + "title": "BlockSize", + "type": "number" + }, + "KerberosKeytab": { + "markdownDescription": "The Kerberos key table (keytab) that contains mappings between the defined Kerberos principal and the encrypted keys. Provide the base64-encoded file text. If `KERBEROS` is specified for `AuthType` , this value is required.", + "title": "KerberosKeytab", + "type": "string" + }, + "KerberosKrb5Conf": { + "markdownDescription": "The `krb5.conf` file that contains the Kerberos configuration information. You can load the `krb5.conf` by providing a string of the file's contents or an Amazon S3 presigned URL of the file. If `KERBEROS` is specified for `AuthType` , this value is required.", + "title": "KerberosKrb5Conf", + "type": "string" + }, + "KerberosPrincipal": { + "markdownDescription": "The Kerberos principal with access to the files and folders on the HDFS cluster.\n\n> If `KERBEROS` is specified for `AuthenticationType` , this parameter is required.", + "title": "KerberosPrincipal", + "type": "string" + }, + "KmsKeyProviderUri": { + "markdownDescription": "The URI of the HDFS cluster's Key Management Server (KMS).", + "title": "KmsKeyProviderUri", + "type": "string" + }, + "NameNodes": { + "items": { + "$ref": "#/definitions/AWS::DataSync::LocationHDFS.NameNode" + }, + "markdownDescription": "The NameNode that manages the HDFS namespace. The NameNode performs operations such as opening, closing, and renaming files and directories. The NameNode contains the information to map blocks of data to the DataNodes. You can use only one NameNode.", + "title": "NameNodes", + "type": "array" + }, + "QopConfiguration": { + "$ref": "#/definitions/AWS::DataSync::LocationHDFS.QopConfiguration", + "markdownDescription": "The Quality of Protection (QOP) configuration specifies the Remote Procedure Call (RPC) and data transfer protection settings configured on the Hadoop Distributed File System (HDFS) cluster. If `QopConfiguration` isn't specified, `RpcProtection` and `DataTransferProtection` default to `PRIVACY` . If you set `RpcProtection` or `DataTransferProtection` , the other parameter assumes the same value.", + "title": "QopConfiguration" + }, + "ReplicationFactor": { + "markdownDescription": "The number of DataNodes to replicate the data to when writing to the HDFS cluster. By default, data is replicated to three DataNodes.", + "title": "ReplicationFactor", + "type": "number" + }, + "SimpleUser": { + "markdownDescription": "The user name used to identify the client on the host operating system.\n\n> If `SIMPLE` is specified for `AuthenticationType` , this parameter is required.", + "title": "SimpleUser", + "type": "string" + }, + "Subdirectory": { + "markdownDescription": "A subdirectory in the HDFS cluster. This subdirectory is used to read data from or write data to the HDFS cluster. If the subdirectory isn't specified, it will default to `/` .", + "title": "Subdirectory", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags assigned to the local gateway route table.", + "markdownDescription": "The key-value pair that represents the tag that you want to add to the location. The value can be an empty string. We recommend using tags to name your resources.", "title": "Tags", "type": "array" } }, "required": [ - "LocalGatewayId" + "AgentArns", + "AuthenticationType", + "NameNodes" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::LocalGatewayRouteTable" + "AWS::DataSync::LocationHDFS" ], "type": "string" }, @@ -73862,7 +79630,43 @@ ], "type": "object" }, - "AWS::EC2::LocalGatewayRouteTableVPCAssociation": { + "AWS::DataSync::LocationHDFS.NameNode": { + "additionalProperties": false, + "properties": { + "Hostname": { + "markdownDescription": "The hostname of the NameNode in the HDFS cluster. This value is the IP address or Domain Name Service (DNS) name of the NameNode. An agent that's installed on-premises uses this hostname to communicate with the NameNode in the network.", + "title": "Hostname", + "type": "string" + }, + "Port": { + "markdownDescription": "The port that the NameNode uses to listen to client requests.", + "title": "Port", + "type": "number" + } + }, + "required": [ + "Hostname", + "Port" + ], + "type": "object" + }, + "AWS::DataSync::LocationHDFS.QopConfiguration": { + "additionalProperties": false, + "properties": { + "DataTransferProtection": { + "markdownDescription": "The data transfer protection setting configured on the HDFS cluster. This setting corresponds to your `dfs.data.transfer.protection` setting in the `hdfs-site.xml` file on your Hadoop cluster.", + "title": "DataTransferProtection", + "type": "string" + }, + "RpcProtection": { + "markdownDescription": "The Remote Procedure Call (RPC) protection setting configured on the HDFS cluster. This setting corresponds to your `hadoop.rpc.protection` setting in your `core-site.xml` file on your Hadoop cluster.", + "title": "RpcProtection", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataSync::LocationNFS": { "additionalProperties": false, "properties": { "Condition": { @@ -73897,34 +79701,43 @@ "Properties": { "additionalProperties": false, "properties": { - "LocalGatewayRouteTableId": { - "markdownDescription": "The ID of the local gateway route table.", - "title": "LocalGatewayRouteTableId", + "MountOptions": { + "$ref": "#/definitions/AWS::DataSync::LocationNFS.MountOptions", + "markdownDescription": "Specifies the options that DataSync can use to mount your NFS file server.", + "title": "MountOptions" + }, + "OnPremConfig": { + "$ref": "#/definitions/AWS::DataSync::LocationNFS.OnPremConfig", + "markdownDescription": "Specifies the Amazon Resource Name (ARN) of the DataSync agent that can connect to your NFS file server.\n\nYou can specify more than one agent. For more information, see [Using multiple DataSync agents](https://docs.aws.amazon.com/datasync/latest/userguide/do-i-need-datasync-agent.html#multiple-agents) .", + "title": "OnPremConfig" + }, + "ServerHostname": { + "markdownDescription": "Specifies the DNS name or IP address (IPv4 or IPv6) of the NFS file server that your DataSync agent connects to.", + "title": "ServerHostname", + "type": "string" + }, + "Subdirectory": { + "markdownDescription": "Specifies the export path in your NFS file server that you want DataSync to mount.\n\nThis path (or a subdirectory of the path) is where DataSync transfers data to or from. For information on configuring an export for DataSync, see [Accessing NFS file servers](https://docs.aws.amazon.com/datasync/latest/userguide/create-nfs-location.html#accessing-nfs) .", + "title": "Subdirectory", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags assigned to the association.", + "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your location.", "title": "Tags", "type": "array" - }, - "VpcId": { - "markdownDescription": "The ID of the VPC.", - "title": "VpcId", - "type": "string" } }, "required": [ - "LocalGatewayRouteTableId", - "VpcId" + "OnPremConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::LocalGatewayRouteTableVPCAssociation" + "AWS::DataSync::LocationNFS" ], "type": "string" }, @@ -73943,7 +79756,35 @@ ], "type": "object" }, - "AWS::EC2::LocalGatewayRouteTableVirtualInterfaceGroupAssociation": { + "AWS::DataSync::LocationNFS.MountOptions": { + "additionalProperties": false, + "properties": { + "Version": { + "markdownDescription": "Specifies the NFS version that you want DataSync to use when mounting your NFS share. If the server refuses to use the version specified, the task fails.\n\nYou can specify the following options:\n\n- `AUTOMATIC` (default): DataSync chooses NFS version 4.1.\n- `NFS3` : Stateless protocol version that allows for asynchronous writes on the server.\n- `NFSv4_0` : Stateful, firewall-friendly protocol version that supports delegations and pseudo file systems.\n- `NFSv4_1` : Stateful protocol version that supports sessions, directory delegations, and parallel data processing. NFS version 4.1 also includes all features available in version 4.0.\n\n> DataSync currently only supports NFS version 3 with Amazon FSx for NetApp ONTAP locations.", + "title": "Version", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataSync::LocationNFS.OnPremConfig": { + "additionalProperties": false, + "properties": { + "AgentArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Names (ARNs) of the DataSync agents that can connect to your NFS file server.\n\nYou can specify more than one agent. For more information, see [Using multiple DataSync agents](https://docs.aws.amazon.com/datasync/latest/userguide/do-i-need-datasync-agent.html#multiple-agents) .", + "title": "AgentArns", + "type": "array" + } + }, + "required": [ + "AgentArns" + ], + "type": "object" + }, + "AWS::DataSync::LocationObjectStorage": { "additionalProperties": false, "properties": { "Condition": { @@ -73978,34 +79819,78 @@ "Properties": { "additionalProperties": false, "properties": { - "LocalGatewayRouteTableId": { - "markdownDescription": "The ID of the local gateway route table.", - "title": "LocalGatewayRouteTableId", + "AccessKey": { + "markdownDescription": "Specifies the access key (for example, a user name) if credentials are required to authenticate with the object storage server.", + "title": "AccessKey", "type": "string" }, - "LocalGatewayVirtualInterfaceGroupId": { - "markdownDescription": "The ID of the virtual interface group.", - "title": "LocalGatewayVirtualInterfaceGroupId", + "AgentArns": { + "items": { + "type": "string" + }, + "markdownDescription": "(Optional) Specifies the Amazon Resource Names (ARNs) of the DataSync agents that can connect with your object storage system. If you are setting up an agentless cross-cloud transfer, you do not need to specify a value for this parameter.\n\n> Make sure you configure this parameter correctly when you first create your storage location. You cannot add or remove agents from a storage location after you create it.", + "title": "AgentArns", + "type": "array" + }, + "BucketName": { + "markdownDescription": "Specifies the name of the object storage bucket involved in the transfer.", + "title": "BucketName", + "type": "string" + }, + "CmkSecretConfig": { + "$ref": "#/definitions/AWS::DataSync::LocationObjectStorage.CmkSecretConfig", + "markdownDescription": "Specifies configuration information for a DataSync-managed secret, which includes the `SecretKey` that DataSync uses to access a specific object storage location, with a customer-managed AWS KMS key .\n\nWhen you include this paramater as part of a `CreateLocationObjectStorage` request, you provide only the KMS key ARN. DataSync uses this KMS key together with the value you specify for the `SecretKey` parameter to create a DataSync-managed secret to store the location access credentials.\n\nMake sure the DataSync has permission to access the KMS key that you specify.\n\n> You can use either `CmkSecretConfig` (with `SecretKey` ) or `CustomSecretConfig` (without `SecretKey` ) to provide credentials for a `CreateLocationObjectStorage` request. Do not provide both parameters for the same request.", + "title": "CmkSecretConfig" + }, + "CustomSecretConfig": { + "$ref": "#/definitions/AWS::DataSync::LocationObjectStorage.CustomSecretConfig", + "markdownDescription": "Specifies configuration information for a customer-managed Secrets Manager secret where the secret key for a specific object storage location is stored in plain text. This configuration includes the secret ARN, and the ARN for an IAM role that provides access to the secret.\n\n> You can use either `CmkSecretConfig` (with `SecretKey` ) or `CustomSecretConfig` (without `SecretKey` ) to provide credentials for a `CreateLocationObjectStorage` request. Do not provide both parameters for the same request.", + "title": "CustomSecretConfig" + }, + "SecretKey": { + "markdownDescription": "Specifies the secret key (for example, a password) if credentials are required to authenticate with the object storage server.\n\n> If you provide a secret using `SecretKey` , but do not provide secret configuration details using `CmkSecretConfig` or `CustomSecretConfig` , then DataSync stores the token using your AWS account's Secrets Manager secret.", + "title": "SecretKey", + "type": "string" + }, + "ServerCertificate": { + "markdownDescription": "Specifies a certificate chain for DataSync to authenticate with your object storage system if the system uses a private or self-signed certificate authority (CA). You must specify a single `.pem` file with a full certificate chain (for example, `file:///home/user/.ssh/object_storage_certificates.pem` ).\n\nThe certificate chain might include:\n\n- The object storage system's certificate\n- All intermediate certificates (if there are any)\n- The root certificate of the signing CA\n\nYou can concatenate your certificates into a `.pem` file (which can be up to 32768 bytes before base64 encoding). The following example `cat` command creates an `object_storage_certificates.pem` file that includes three certificates:\n\n`cat object_server_certificate.pem intermediate_certificate.pem ca_root_certificate.pem > object_storage_certificates.pem`\n\nTo use this parameter, configure `ServerProtocol` to `HTTPS` .", + "title": "ServerCertificate", + "type": "string" + }, + "ServerHostname": { + "markdownDescription": "Specifies the domain name or IP address (IPv4 or IPv6) of the object storage server that your DataSync agent connects to.", + "title": "ServerHostname", + "type": "string" + }, + "ServerPort": { + "markdownDescription": "Specifies the port that your object storage server accepts inbound network traffic on (for example, port 443).", + "title": "ServerPort", + "type": "number" + }, + "ServerProtocol": { + "markdownDescription": "Specifies the protocol that your object storage server uses to communicate. If not specified, the default value is `HTTPS` .", + "title": "ServerProtocol", + "type": "string" + }, + "Subdirectory": { + "markdownDescription": "Specifies the object prefix for your object storage server. If this is a source location, DataSync only copies objects with this prefix. If this is a destination location, DataSync writes all objects with this prefix.", + "title": "Subdirectory", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags assigned to the association.", + "markdownDescription": "Specifies the key-value pair that represents a tag that you want to add to the resource. Tags can help you manage, filter, and search for your resources. We recommend creating a name tag for your location.", "title": "Tags", "type": "array" } }, - "required": [ - "LocalGatewayRouteTableId", - "LocalGatewayVirtualInterfaceGroupId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::LocalGatewayRouteTableVirtualInterfaceGroupAssociation" + "AWS::DataSync::LocationObjectStorage" ], "type": "string" }, @@ -74019,12 +79904,61 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::EC2::NatGateway": { + "AWS::DataSync::LocationObjectStorage.CmkSecretConfig": { + "additionalProperties": false, + "properties": { + "KmsKeyArn": { + "markdownDescription": "Specifies the ARN for the customer-managed AWS KMS key that DataSync uses to encrypt the DataSync-managed secret stored for `SecretArn` . DataSync provides this key to AWS Secrets Manager .", + "title": "KmsKeyArn", + "type": "string" + }, + "SecretArn": { + "markdownDescription": "Specifies the ARN for the DataSync-managed AWS Secrets Manager secret that that is used to access a specific storage location. This property is generated by DataSync and is read-only. DataSync encrypts this secret with the KMS key that you specify for `KmsKeyArn` .", + "title": "SecretArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataSync::LocationObjectStorage.CustomSecretConfig": { + "additionalProperties": false, + "properties": { + "SecretAccessRoleArn": { + "markdownDescription": "Specifies the ARN for the AWS Identity and Access Management role that DataSync uses to access the secret specified for `SecretArn` .", + "title": "SecretAccessRoleArn", + "type": "string" + }, + "SecretArn": { + "markdownDescription": "Specifies the ARN for an AWS Secrets Manager secret.", + "title": "SecretArn", + "type": "string" + } + }, + "required": [ + "SecretAccessRoleArn", + "SecretArn" + ], + "type": "object" + }, + "AWS::DataSync::LocationObjectStorage.ManagedSecretConfig": { + "additionalProperties": false, + "properties": { + "SecretArn": { + "markdownDescription": "Specifies the ARN for an AWS Secrets Manager secret.", + "title": "SecretArn", + "type": "string" + } + }, + "required": [ + "SecretArn" + ], + "type": "object" + }, + "AWS::DataSync::LocationS3": { "additionalProperties": false, "properties": { "Condition": { @@ -74059,69 +79993,43 @@ "Properties": { "additionalProperties": false, "properties": { - "AllocationId": { - "markdownDescription": "[Public NAT gateway only] The allocation ID of the Elastic IP address that's associated with the NAT gateway. This property is required for a public NAT gateway and cannot be specified with a private NAT gateway.", - "title": "AllocationId", - "type": "string" - }, - "ConnectivityType": { - "markdownDescription": "Indicates whether the NAT gateway supports public or private connectivity. The default is public connectivity.", - "title": "ConnectivityType", + "S3BucketArn": { + "markdownDescription": "The ARN of the Amazon S3 bucket.", + "title": "S3BucketArn", "type": "string" }, - "MaxDrainDurationSeconds": { - "markdownDescription": "The maximum amount of time to wait (in seconds) before forcibly releasing the IP addresses if connections are still in progress. Default value is 350 seconds.", - "title": "MaxDrainDurationSeconds", - "type": "number" + "S3Config": { + "$ref": "#/definitions/AWS::DataSync::LocationS3.S3Config", + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that is used to access an Amazon S3 bucket.\n\nFor detailed information about using such a role, see [Creating a Location for Amazon S3](https://docs.aws.amazon.com/datasync/latest/userguide/working-with-locations.html#create-s3-location) in the *AWS DataSync User Guide* .", + "title": "S3Config" }, - "PrivateIpAddress": { - "markdownDescription": "The private IPv4 address to assign to the NAT gateway. If you don't provide an address, a private IPv4 address will be automatically assigned.", - "title": "PrivateIpAddress", + "S3StorageClass": { + "markdownDescription": "The Amazon S3 storage class that you want to store your files in when this location is used as a task destination. For buckets in AWS Regions , the storage class defaults to S3 Standard.\n\nFor more information about S3 storage classes, see [Amazon S3 Storage Classes](https://docs.aws.amazon.com/s3/storage-classes/) . Some storage classes have behaviors that can affect your S3 storage costs. For detailed information, see [Considerations When Working with Amazon S3 Storage Classes in DataSync](https://docs.aws.amazon.com/datasync/latest/userguide/create-s3-location.html#using-storage-classes) .", + "title": "S3StorageClass", "type": "string" }, - "SecondaryAllocationIds": { - "items": { - "type": "string" - }, - "markdownDescription": "Secondary EIP allocation IDs. For more information, see [Create a NAT gateway](https://docs.aws.amazon.com/vpc/latest/userguide/nat-gateway-working-with.html) in the *Amazon VPC User Guide* .", - "title": "SecondaryAllocationIds", - "type": "array" - }, - "SecondaryPrivateIpAddressCount": { - "markdownDescription": "[Private NAT gateway only] The number of secondary private IPv4 addresses you want to assign to the NAT gateway. For more information about secondary addresses, see [Create a NAT gateway](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html#nat-gateway-creating) in the *Amazon Virtual Private Cloud User Guide* .\n\n`SecondaryPrivateIpAddressCount` and `SecondaryPrivateIpAddresses` cannot be set at the same time.", - "title": "SecondaryPrivateIpAddressCount", - "type": "number" - }, - "SecondaryPrivateIpAddresses": { - "items": { - "type": "string" - }, - "markdownDescription": "Secondary private IPv4 addresses. For more information about secondary addresses, see [Create a NAT gateway](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html#nat-gateway-creating) in the *Amazon Virtual Private Cloud User Guide* .\n\n`SecondaryPrivateIpAddressCount` and `SecondaryPrivateIpAddresses` cannot be set at the same time.", - "title": "SecondaryPrivateIpAddresses", - "type": "array" - }, - "SubnetId": { - "markdownDescription": "The ID of the subnet in which the NAT gateway is located.", - "title": "SubnetId", + "Subdirectory": { + "markdownDescription": "Specifies a prefix in the S3 bucket that DataSync reads from or writes to (depending on whether the bucket is a source or destination location).\n\n> DataSync can't transfer objects with a prefix that begins with a slash ( `/` ) or includes `//` , `/./` , or `/../` patterns. For example:\n> \n> - `/photos`\n> - `photos//2006/January`\n> - `photos/./2006/February`\n> - `photos/../2006/March`", + "title": "Subdirectory", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags for the NAT gateway.", + "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your transfer location.", "title": "Tags", "type": "array" } }, "required": [ - "SubnetId" + "S3Config" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::NatGateway" + "AWS::DataSync::LocationS3" ], "type": "string" }, @@ -74140,7 +80048,21 @@ ], "type": "object" }, - "AWS::EC2::NetworkAcl": { + "AWS::DataSync::LocationS3.S3Config": { + "additionalProperties": false, + "properties": { + "BucketAccessRoleArn": { + "markdownDescription": "Specifies the ARN of the IAM role that DataSync uses to access your S3 bucket.", + "title": "BucketAccessRoleArn", + "type": "string" + } + }, + "required": [ + "BucketAccessRoleArn" + ], + "type": "object" + }, + "AWS::DataSync::LocationSMB": { "additionalProperties": false, "properties": { "Condition": { @@ -74175,28 +80097,89 @@ "Properties": { "additionalProperties": false, "properties": { + "AgentArns": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the DataSync agent (or agents) that can connect to your SMB file server. You specify an agent by using its Amazon Resource Name (ARN).", + "title": "AgentArns", + "type": "array" + }, + "AuthenticationType": { + "markdownDescription": "", + "title": "AuthenticationType", + "type": "string" + }, + "DnsIpAddresses": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "DnsIpAddresses", + "type": "array" + }, + "Domain": { + "markdownDescription": "Specifies the Windows domain name that your SMB file server belongs to. This parameter applies only if `AuthenticationType` is set to `NTLM` .\n\nIf you have multiple domains in your environment, configuring this parameter makes sure that DataSync connects to the right file server.", + "title": "Domain", + "type": "string" + }, + "KerberosKeytab": { + "markdownDescription": "", + "title": "KerberosKeytab", + "type": "string" + }, + "KerberosKrb5Conf": { + "markdownDescription": "", + "title": "KerberosKrb5Conf", + "type": "string" + }, + "KerberosPrincipal": { + "markdownDescription": "", + "title": "KerberosPrincipal", + "type": "string" + }, + "MountOptions": { + "$ref": "#/definitions/AWS::DataSync::LocationSMB.MountOptions", + "markdownDescription": "Specifies the version of the SMB protocol that DataSync uses to access your SMB file server.", + "title": "MountOptions" + }, + "Password": { + "markdownDescription": "Specifies the password of the user who can mount your SMB file server and has permission to access the files and folders involved in your transfer. This parameter applies only if `AuthenticationType` is set to `NTLM` .", + "title": "Password", + "type": "string" + }, + "ServerHostname": { + "markdownDescription": "Specifies the domain name or IP address (IPv4 or IPv6) of the SMB file server that your DataSync agent connects to.\n\n> If you're using Kerberos authentication, you must specify a domain name.", + "title": "ServerHostname", + "type": "string" + }, + "Subdirectory": { + "markdownDescription": "Specifies the name of the share exported by your SMB file server where DataSync will read or write data. You can include a subdirectory in the share path (for example, `/path/to/subdirectory` ). Make sure that other SMB clients in your network can also mount this path.\n\nTo copy all data in the subdirectory, DataSync must be able to mount the SMB share and access all of its data. For more information, see [Providing DataSync access to SMB file servers](https://docs.aws.amazon.com/datasync/latest/userguide/create-smb-location.html#configuring-smb-permissions) .", + "title": "Subdirectory", + "type": "string" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags for the network ACL.", + "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your location.", "title": "Tags", "type": "array" }, - "VpcId": { - "markdownDescription": "The ID of the VPC for the network ACL.", - "title": "VpcId", + "User": { + "markdownDescription": "Specifies the user that can mount and access the files, folders, and file metadata in your SMB file server. This parameter applies only if `AuthenticationType` is set to `NTLM` .\n\nFor information about choosing a user with the right level of access for your transfer, see [Providing DataSync access to SMB file servers](https://docs.aws.amazon.com/datasync/latest/userguide/create-smb-location.html#configuring-smb-permissions) .", + "title": "User", "type": "string" } }, "required": [ - "VpcId" + "AgentArns" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::NetworkAcl" + "AWS::DataSync::LocationSMB" ], "type": "string" }, @@ -74215,7 +80198,18 @@ ], "type": "object" }, - "AWS::EC2::NetworkAclEntry": { + "AWS::DataSync::LocationSMB.MountOptions": { + "additionalProperties": false, + "properties": { + "Version": { + "markdownDescription": "By default, DataSync automatically chooses an SMB protocol version based on negotiation with your SMB file server. You also can configure DataSync to use a specific SMB version, but we recommend doing this only if DataSync has trouble negotiating with the SMB file server automatically.\n\nThese are the following options for configuring the SMB version:\n\n- `AUTOMATIC` (default): DataSync and the SMB file server negotiate the highest version of SMB that they mutually support between 2.1 and 3.1.1.\n\nThis is the recommended option. If you instead choose a specific version that your file server doesn't support, you may get an `Operation Not Supported` error.\n- `SMB3` : Restricts the protocol negotiation to only SMB version 3.0.2.\n- `SMB2` : Restricts the protocol negotiation to only SMB version 2.1.\n- `SMB2_0` : Restricts the protocol negotiation to only SMB version 2.0.\n- `SMB1` : Restricts the protocol negotiation to only SMB version 1.0.\n\n> The `SMB1` option isn't available when [creating an Amazon FSx for NetApp ONTAP location](https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateLocationFsxOntap.html) .", + "title": "Version", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataSync::Task": { "additionalProperties": false, "properties": { "Condition": { @@ -74250,63 +80244,85 @@ "Properties": { "additionalProperties": false, "properties": { - "CidrBlock": { - "markdownDescription": "The IPv4 CIDR range to allow or deny, in CIDR notation (for example, 172.16.0.0/24). You must specify an IPv4 CIDR block or an IPv6 CIDR block.", - "title": "CidrBlock", + "CloudWatchLogGroupArn": { + "markdownDescription": "Specifies the Amazon Resource Name (ARN) of an Amazon CloudWatch log group for monitoring your task.\n\nFor Enhanced mode tasks, you don't need to specify anything. DataSync automatically sends logs to a CloudWatch log group named `/aws/datasync` .\n\nFor more information, see [Monitoring data transfers with CloudWatch Logs](https://docs.aws.amazon.com/datasync/latest/userguide/configure-logging.html) .", + "title": "CloudWatchLogGroupArn", "type": "string" }, - "Egress": { - "markdownDescription": "Whether this rule applies to egress traffic from the subnet ( `true` ) or ingress traffic to the subnet ( `false` ). By default, AWS CloudFormation specifies `false` .", - "title": "Egress", - "type": "boolean" + "DestinationLocationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS storage resource's location.", + "title": "DestinationLocationArn", + "type": "string" }, - "Icmp": { - "$ref": "#/definitions/AWS::EC2::NetworkAclEntry.Icmp", - "markdownDescription": "The Internet Control Message Protocol (ICMP) code and type. Required if specifying 1 (ICMP) for the protocol parameter.", - "title": "Icmp" + "Excludes": { + "items": { + "$ref": "#/definitions/AWS::DataSync::Task.FilterRule" + }, + "markdownDescription": "Specifies exclude filters that define the files, objects, and folders in your source location that you don't want DataSync to transfer. For more information and examples, see [Specifying what DataSync transfers by using filters](https://docs.aws.amazon.com/datasync/latest/userguide/filtering.html) .", + "title": "Excludes", + "type": "array" }, - "Ipv6CidrBlock": { - "markdownDescription": "The IPv6 network range to allow or deny, in CIDR notation. You must specify an IPv4 CIDR block or an IPv6 CIDR block.", - "title": "Ipv6CidrBlock", - "type": "string" + "Includes": { + "items": { + "$ref": "#/definitions/AWS::DataSync::Task.FilterRule" + }, + "markdownDescription": "Specifies include filters that define the files, objects, and folders in your source location that you want DataSync to transfer. For more information and examples, see [Specifying what DataSync transfers by using filters](https://docs.aws.amazon.com/datasync/latest/userguide/filtering.html) .", + "title": "Includes", + "type": "array" }, - "NetworkAclId": { - "markdownDescription": "The ID of the ACL for the entry.", - "title": "NetworkAclId", + "ManifestConfig": { + "$ref": "#/definitions/AWS::DataSync::Task.ManifestConfig", + "markdownDescription": "The configuration of the manifest that lists the files or objects that you want DataSync to transfer. For more information, see [Specifying what DataSync transfers by using a manifest](https://docs.aws.amazon.com/datasync/latest/userguide/transferring-with-manifest.html) .", + "title": "ManifestConfig" + }, + "Name": { + "markdownDescription": "Specifies the name of your task.", + "title": "Name", "type": "string" }, - "PortRange": { - "$ref": "#/definitions/AWS::EC2::NetworkAclEntry.PortRange", - "markdownDescription": "The range of port numbers for the UDP/TCP protocol. Required if specifying 6 (TCP) or 17 (UDP) for the protocol parameter.", - "title": "PortRange" + "Options": { + "$ref": "#/definitions/AWS::DataSync::Task.Options", + "markdownDescription": "Specifies your task's settings, such as preserving file metadata, verifying data integrity, among other options.", + "title": "Options" }, - "Protocol": { - "markdownDescription": "The IP protocol that the rule applies to. You must specify -1 or a protocol number. You can specify -1 for all protocols.\n\n> If you specify -1, all ports are opened and the `PortRange` property is ignored.", - "title": "Protocol", - "type": "number" + "Schedule": { + "$ref": "#/definitions/AWS::DataSync::Task.TaskSchedule", + "markdownDescription": "Specifies a schedule for when you want your task to run. For more information, see [Scheduling your task](https://docs.aws.amazon.com/datasync/latest/userguide/task-scheduling.html) .", + "title": "Schedule" }, - "RuleAction": { - "markdownDescription": "Whether to allow or deny traffic that matches the rule; valid values are \"allow\" or \"deny\".", - "title": "RuleAction", + "SourceLocationArn": { + "markdownDescription": "Specifies the ARN of your transfer's source location.", + "title": "SourceLocationArn", "type": "string" }, - "RuleNumber": { - "markdownDescription": "Rule number to assign to the entry, such as 100. ACL entries are processed in ascending order by rule number. Entries can't use the same rule number unless one is an egress rule and the other is an ingress rule.", - "title": "RuleNumber", - "type": "number" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies the tags that you want to apply to your task.\n\n*Tags* are key-value pairs that help you manage, filter, and search for your DataSync resources.", + "title": "Tags", + "type": "array" + }, + "TaskMode": { + "markdownDescription": "The task mode that you're using. For more information, see [Choosing a task mode for your data transfer](https://docs.aws.amazon.com/datasync/latest/userguide/choosing-task-mode.html) .", + "title": "TaskMode", + "type": "string" + }, + "TaskReportConfig": { + "$ref": "#/definitions/AWS::DataSync::Task.TaskReportConfig", + "markdownDescription": "The configuration of your task report, which provides detailed information about your DataSync transfer. For more information, see [Monitoring your DataSync transfers with task reports](https://docs.aws.amazon.com/datasync/latest/userguide/task-reports.html) .", + "title": "TaskReportConfig" } }, "required": [ - "NetworkAclId", - "Protocol", - "RuleAction", - "RuleNumber" + "DestinationLocationArn", + "SourceLocationArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::NetworkAclEntry" + "AWS::DataSync::Task" ], "type": "string" }, @@ -74325,331 +80341,318 @@ ], "type": "object" }, - "AWS::EC2::NetworkAclEntry.Icmp": { + "AWS::DataSync::Task.Deleted": { "additionalProperties": false, "properties": { - "Code": { - "markdownDescription": "The Internet Control Message Protocol (ICMP) code. You can use -1 to specify all ICMP codes for the given ICMP type. Required if you specify 1 (ICMP) for the protocol parameter.", - "title": "Code", - "type": "number" - }, - "Type": { - "markdownDescription": "The Internet Control Message Protocol (ICMP) type. You can use -1 to specify all ICMP types. Conditional requirement: Required if you specify 1 (ICMP) for the `CreateNetworkAclEntry` protocol parameter.", - "title": "Type", - "type": "number" + "ReportLevel": { + "markdownDescription": "", + "title": "ReportLevel", + "type": "string" } }, "type": "object" }, - "AWS::EC2::NetworkAclEntry.PortRange": { + "AWS::DataSync::Task.Destination": { "additionalProperties": false, "properties": { - "From": { - "markdownDescription": "The first port in the range. Required if you specify 6 (TCP) or 17 (UDP) for the protocol parameter.", - "title": "From", - "type": "number" - }, - "To": { - "markdownDescription": "The last port in the range. Required if you specify 6 (TCP) or 17 (UDP) for the protocol parameter.", - "title": "To", - "type": "number" + "S3": { + "$ref": "#/definitions/AWS::DataSync::Task.TaskReportConfigDestinationS3", + "markdownDescription": "", + "title": "S3" } }, "type": "object" }, - "AWS::EC2::NetworkInsightsAccessScope": { + "AWS::DataSync::Task.FilterRule": { "additionalProperties": false, "properties": { - "Condition": { + "FilterType": { + "markdownDescription": "The type of filter rule to apply. AWS DataSync only supports the SIMPLE_PATTERN rule type.", + "title": "FilterType", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Value": { + "markdownDescription": "A single filter string that consists of the patterns to include or exclude. The patterns are delimited by \"|\" (that is, a pipe), for example: `/folder1|/folder2`", + "title": "Value", "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ExcludePaths": { - "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.AccessScopePathRequest" - }, - "markdownDescription": "The paths to exclude.", - "title": "ExcludePaths", - "type": "array" - }, - "MatchPaths": { - "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.AccessScopePathRequest" - }, - "markdownDescription": "The paths to match.", - "title": "MatchPaths", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::EC2::NetworkInsightsAccessScope" - ], + } + }, + "type": "object" + }, + "AWS::DataSync::Task.ManifestConfig": { + "additionalProperties": false, + "properties": { + "Action": { + "markdownDescription": "Specifies what DataSync uses the manifest for.", + "title": "Action", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Format": { + "markdownDescription": "Specifies the file format of your manifest. For more information, see [Creating a manifest](https://docs.aws.amazon.com/datasync/latest/userguide/transferring-with-manifest.html#transferring-with-manifest-create) .", + "title": "Format", "type": "string" + }, + "Source": { + "$ref": "#/definitions/AWS::DataSync::Task.Source", + "markdownDescription": "Specifies the manifest that you want DataSync to use and where it's hosted.\n\n> You must specify this parameter if you're configuring a new manifest on or after February 7, 2024.\n> \n> If you don't, you'll get a 400 status code and `ValidationException` error stating that you're missing the IAM role for DataSync to access the S3 bucket where you're hosting your manifest. For more information, see [Providing DataSync access to your manifest](https://docs.aws.amazon.com/datasync/latest/userguide/transferring-with-manifest.html#transferring-with-manifest-access) .", + "title": "Source" } }, "required": [ - "Type" + "Source" ], "type": "object" }, - "AWS::EC2::NetworkInsightsAccessScope.AccessScopePathRequest": { + "AWS::DataSync::Task.ManifestConfigSourceS3": { "additionalProperties": false, "properties": { - "Destination": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.PathStatementRequest", - "markdownDescription": "The destination.", - "title": "Destination" + "BucketAccessRoleArn": { + "markdownDescription": "", + "title": "BucketAccessRoleArn", + "type": "string" }, - "Source": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.PathStatementRequest", - "markdownDescription": "The source.", - "title": "Source" + "ManifestObjectPath": { + "markdownDescription": "", + "title": "ManifestObjectPath", + "type": "string" }, - "ThroughResources": { - "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.ThroughResourcesStatementRequest" - }, - "markdownDescription": "The through resources.", - "title": "ThroughResources", - "type": "array" + "ManifestObjectVersionId": { + "markdownDescription": "", + "title": "ManifestObjectVersionId", + "type": "string" + }, + "S3BucketArn": { + "markdownDescription": "", + "title": "S3BucketArn", + "type": "string" } }, "type": "object" }, - "AWS::EC2::NetworkInsightsAccessScope.PacketHeaderStatementRequest": { + "AWS::DataSync::Task.Options": { "additionalProperties": false, "properties": { - "DestinationAddresses": { - "items": { - "type": "string" - }, - "markdownDescription": "The destination addresses.", - "title": "DestinationAddresses", - "type": "array" + "Atime": { + "markdownDescription": "A file metadata value that shows the last time that a file was accessed (that is, when the file was read or written to). If you set `Atime` to `BEST_EFFORT` , AWS DataSync attempts to preserve the original `Atime` attribute on all source files (that is, the version before the PREPARING phase). However, `Atime` 's behavior is not fully standard across platforms, so AWS DataSync can only do this on a best-effort basis.\n\nDefault value: `BEST_EFFORT`\n\n`BEST_EFFORT` : Attempt to preserve the per-file `Atime` value (recommended).\n\n`NONE` : Ignore `Atime` .\n\n> If `Atime` is set to `BEST_EFFORT` , `Mtime` must be set to `PRESERVE` .\n> \n> If `Atime` is set to `NONE` , `Mtime` must also be `NONE` .", + "title": "Atime", + "type": "string" }, - "DestinationPorts": { - "items": { - "type": "string" - }, - "markdownDescription": "The destination ports.", - "title": "DestinationPorts", - "type": "array" + "BytesPerSecond": { + "markdownDescription": "A value that limits the bandwidth used by AWS DataSync . For example, if you want AWS DataSync to use a maximum of 1 MB, set this value to `1048576` (=1024*1024).", + "title": "BytesPerSecond", + "type": "number" }, - "DestinationPrefixLists": { - "items": { - "type": "string" - }, - "markdownDescription": "The destination prefix lists.", - "title": "DestinationPrefixLists", - "type": "array" + "Gid": { + "markdownDescription": "The group ID (GID) of the file's owners.\n\nDefault value: `INT_VALUE`\n\n`INT_VALUE` : Preserve the integer value of the user ID (UID) and group ID (GID) (recommended).\n\n`NAME` : Currently not supported.\n\n`NONE` : Ignore the UID and GID.", + "title": "Gid", + "type": "string" }, - "Protocols": { - "items": { - "type": "string" - }, - "markdownDescription": "The protocols.", - "title": "Protocols", - "type": "array" + "LogLevel": { + "markdownDescription": "Specifies the type of logs that DataSync publishes to a Amazon CloudWatch Logs log group. To specify the log group, see [CloudWatchLogGroupArn](https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateTask.html#DataSync-CreateTask-request-CloudWatchLogGroupArn) .\n\n- `BASIC` - Publishes logs with only basic information (such as transfer errors).\n- `TRANSFER` - Publishes logs for all files or objects that your DataSync task transfers and performs data-integrity checks on.\n- `OFF` - No logs are published.", + "title": "LogLevel", + "type": "string" }, - "SourceAddresses": { - "items": { - "type": "string" - }, - "markdownDescription": "The source addresses.", - "title": "SourceAddresses", - "type": "array" + "Mtime": { + "markdownDescription": "A value that indicates the last time that a file was modified (that is, a file was written to) before the PREPARING phase. This option is required for cases when you need to run the same task more than one time.\n\nDefault value: `PRESERVE`\n\n`PRESERVE` : Preserve original `Mtime` (recommended)\n\n`NONE` : Ignore `Mtime` .\n\n> If `Mtime` is set to `PRESERVE` , `Atime` must be set to `BEST_EFFORT` .\n> \n> If `Mtime` is set to `NONE` , `Atime` must also be set to `NONE` .", + "title": "Mtime", + "type": "string" }, - "SourcePorts": { - "items": { - "type": "string" - }, - "markdownDescription": "The source ports.", - "title": "SourcePorts", - "type": "array" + "ObjectTags": { + "markdownDescription": "Specifies whether you want DataSync to `PRESERVE` object tags (default behavior) when transferring between object storage systems. If you want your DataSync task to ignore object tags, specify the `NONE` value.", + "title": "ObjectTags", + "type": "string" }, - "SourcePrefixLists": { - "items": { - "type": "string" - }, - "markdownDescription": "The source prefix lists.", - "title": "SourcePrefixLists", - "type": "array" + "OverwriteMode": { + "markdownDescription": "Specifies whether DataSync should modify or preserve data at the destination location.\n\n- `ALWAYS` (default) - DataSync modifies data in the destination location when source data (including metadata) has changed.\n\nIf DataSync overwrites objects, you might incur additional charges for certain Amazon S3 storage classes (for example, for retrieval or early deletion). For more information, see [Storage class considerations with Amazon S3 transfers](https://docs.aws.amazon.com/datasync/latest/userguide/create-s3-location.html#using-storage-classes) .\n- `NEVER` - DataSync doesn't overwrite data in the destination location even if the source data has changed. You can use this option to protect against overwriting changes made to files or objects in the destination.", + "title": "OverwriteMode", + "type": "string" + }, + "PosixPermissions": { + "markdownDescription": "A value that determines which users or groups can access a file for a specific purpose, such as reading, writing, or execution of the file. This option should be set only for Network File System (NFS), Amazon EFS, and Amazon S3 locations. For more information about what metadata is copied by DataSync, see [Metadata Copied by DataSync](https://docs.aws.amazon.com/datasync/latest/userguide/special-files.html#metadata-copied) .\n\nDefault value: `PRESERVE`\n\n`PRESERVE` : Preserve POSIX-style permissions (recommended).\n\n`NONE` : Ignore permissions.\n\n> AWS DataSync can preserve extant permissions of a source location.", + "title": "PosixPermissions", + "type": "string" + }, + "PreserveDeletedFiles": { + "markdownDescription": "A value that specifies whether files in the destination that don't exist in the source file system are preserved. This option can affect your storage costs. If your task deletes objects, you might incur minimum storage duration charges for certain storage classes. For detailed information, see [Considerations when working with Amazon S3 storage classes in DataSync](https://docs.aws.amazon.com/datasync/latest/userguide/create-s3-location.html#using-storage-classes) in the *AWS DataSync User Guide* .\n\nDefault value: `PRESERVE`\n\n`PRESERVE` : Ignore destination files that aren't present in the source (recommended).\n\n`REMOVE` : Delete destination files that aren't present in the source.", + "title": "PreserveDeletedFiles", + "type": "string" + }, + "PreserveDevices": { + "markdownDescription": "A value that determines whether AWS DataSync should preserve the metadata of block and character devices in the source file system, and re-create the files with that device name and metadata on the destination. DataSync does not copy the contents of such devices, only the name and metadata.\n\n> AWS DataSync can't sync the actual contents of such devices, because they are nonterminal and don't return an end-of-file (EOF) marker. \n\nDefault value: `NONE`\n\n`NONE` : Ignore special devices (recommended).\n\n`PRESERVE` : Preserve character and block device metadata. This option isn't currently supported for Amazon EFS.", + "title": "PreserveDevices", + "type": "string" + }, + "SecurityDescriptorCopyFlags": { + "markdownDescription": "A value that determines which components of the SMB security descriptor are copied from source to destination objects.\n\nThis value is only used for transfers between SMB and Amazon FSx for Windows File Server locations, or between two Amazon FSx for Windows File Server locations. For more information about how DataSync handles metadata, see [How DataSync Handles Metadata and Special Files](https://docs.aws.amazon.com/datasync/latest/userguide/special-files.html) .\n\nDefault value: `OWNER_DACL`\n\n`OWNER_DACL` : For each copied object, DataSync copies the following metadata:\n\n- Object owner.\n- NTFS discretionary access control lists (DACLs), which determine whether to grant access to an object.\n\nWhen you use option, DataSync does NOT copy the NTFS system access control lists (SACLs), which are used by administrators to log attempts to access a secured object.\n\n`OWNER_DACL_SACL` : For each copied object, DataSync copies the following metadata:\n\n- Object owner.\n- NTFS discretionary access control lists (DACLs), which determine whether to grant access to an object.\n- NTFS system access control lists (SACLs), which are used by administrators to log attempts to access a secured object.\n\nCopying SACLs requires granting additional permissions to the Windows user that DataSync uses to access your SMB location. For information about choosing a user that ensures sufficient permissions to files, folders, and metadata, see [user](https://docs.aws.amazon.com/datasync/latest/userguide/create-smb-location.html#SMBuser) .\n\n`NONE` : None of the SMB security descriptor components are copied. Destination objects are owned by the user that was provided for accessing the destination location. DACLs and SACLs are set based on the destination server\u2019s configuration.", + "title": "SecurityDescriptorCopyFlags", + "type": "string" + }, + "TaskQueueing": { + "markdownDescription": "Specifies whether your transfer tasks should be put into a queue during certain scenarios when [running multiple tasks](https://docs.aws.amazon.com/datasync/latest/userguide/run-task.html#running-multiple-tasks) . This is `ENABLED` by default.", + "title": "TaskQueueing", + "type": "string" + }, + "TransferMode": { + "markdownDescription": "A value that determines whether DataSync transfers only the data and metadata that differ between the source and the destination location, or whether DataSync transfers all the content from the source, without comparing it to the destination location.\n\n`CHANGED` : DataSync copies only data or metadata that is new or different from the source location to the destination location.\n\n`ALL` : DataSync copies all source location content to the destination, without comparing it to existing content on the destination.", + "title": "TransferMode", + "type": "string" + }, + "Uid": { + "markdownDescription": "The user ID (UID) of the file's owner.\n\nDefault value: `INT_VALUE`\n\n`INT_VALUE` : Preserve the integer value of the UID and group ID (GID) (recommended).\n\n`NAME` : Currently not supported\n\n`NONE` : Ignore the UID and GID.", + "title": "Uid", + "type": "string" + }, + "VerifyMode": { + "markdownDescription": "A value that determines whether a data integrity verification is performed at the end of a task execution after all data and metadata have been transferred. For more information, see [Configure task settings](https://docs.aws.amazon.com/datasync/latest/userguide/create-task.html) .\n\nDefault value: `POINT_IN_TIME_CONSISTENT`\n\n`ONLY_FILES_TRANSFERRED` (recommended): Perform verification only on files that were transferred.\n\n`POINT_IN_TIME_CONSISTENT` : Scan the entire source and entire destination at the end of the transfer to verify that the source and destination are fully synchronized. This option isn't supported when transferring to S3 Glacier or S3 Glacier Deep Archive storage classes.\n\n`NONE` : No additional verification is done at the end of the transfer, but all data transmissions are integrity-checked with checksum verification during the transfer.", + "title": "VerifyMode", + "type": "string" } }, "type": "object" }, - "AWS::EC2::NetworkInsightsAccessScope.PathStatementRequest": { + "AWS::DataSync::Task.Overrides": { "additionalProperties": false, "properties": { - "PacketHeaderStatement": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.PacketHeaderStatementRequest", - "markdownDescription": "The packet header statement.", - "title": "PacketHeaderStatement" + "Deleted": { + "$ref": "#/definitions/AWS::DataSync::Task.Deleted", + "markdownDescription": "", + "title": "Deleted" }, - "ResourceStatement": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.ResourceStatementRequest", - "markdownDescription": "The resource statement.", - "title": "ResourceStatement" + "Skipped": { + "$ref": "#/definitions/AWS::DataSync::Task.Skipped", + "markdownDescription": "", + "title": "Skipped" + }, + "Transferred": { + "$ref": "#/definitions/AWS::DataSync::Task.Transferred", + "markdownDescription": "", + "title": "Transferred" + }, + "Verified": { + "$ref": "#/definitions/AWS::DataSync::Task.Verified", + "markdownDescription": "", + "title": "Verified" } }, "type": "object" }, - "AWS::EC2::NetworkInsightsAccessScope.ResourceStatementRequest": { + "AWS::DataSync::Task.Skipped": { "additionalProperties": false, "properties": { - "ResourceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The resource types.", - "title": "ResourceTypes", - "type": "array" - }, - "Resources": { - "items": { - "type": "string" - }, - "markdownDescription": "The resources.", - "title": "Resources", - "type": "array" + "ReportLevel": { + "markdownDescription": "", + "title": "ReportLevel", + "type": "string" } }, "type": "object" }, - "AWS::EC2::NetworkInsightsAccessScope.ThroughResourcesStatementRequest": { + "AWS::DataSync::Task.Source": { "additionalProperties": false, "properties": { - "ResourceStatement": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.ResourceStatementRequest", - "markdownDescription": "The resource statement.", - "title": "ResourceStatement" + "S3": { + "$ref": "#/definitions/AWS::DataSync::Task.ManifestConfigSourceS3", + "markdownDescription": "", + "title": "S3" } }, "type": "object" }, - "AWS::EC2::NetworkInsightsAccessScopeAnalysis": { + "AWS::DataSync::Task.TaskReportConfig": { "additionalProperties": false, "properties": { - "Condition": { + "Destination": { + "$ref": "#/definitions/AWS::DataSync::Task.Destination", + "markdownDescription": "Specifies the Amazon S3 bucket where DataSync uploads your task report. For more information, see [Task reports](https://docs.aws.amazon.com/datasync/latest/userguide/task-reports.html#task-report-access) .", + "title": "Destination" + }, + "ObjectVersionIds": { + "markdownDescription": "Specifies whether your task report includes the new version of each object transferred into an S3 bucket. This only applies if you [enable versioning on your bucket](https://docs.aws.amazon.com/AmazonS3/latest/userguide/manage-versioning-examples.html) . Keep in mind that setting this to `INCLUDE` can increase the duration of your task execution.", + "title": "ObjectVersionIds", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "OutputType": { + "markdownDescription": "Specifies the type of task report that you want:\n\n- `SUMMARY_ONLY` : Provides necessary details about your task, including the number of files, objects, and directories transferred and transfer duration.\n- `STANDARD` : Provides complete details about your task, including a full list of files, objects, and directories that were transferred, skipped, verified, and more.", + "title": "OutputType", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Overrides": { + "$ref": "#/definitions/AWS::DataSync::Task.Overrides", + "markdownDescription": "Customizes the reporting level for aspects of your task report. For example, your report might generally only include errors, but you could specify that you want a list of successes and errors just for the files that DataSync attempted to delete in your destination location.", + "title": "Overrides" }, - "Metadata": { - "type": "object" + "ReportLevel": { + "markdownDescription": "Specifies whether you want your task report to include only what went wrong with your transfer or a list of what succeeded and didn't.\n\n- `ERRORS_ONLY` : A report shows what DataSync was unable to transfer, skip, verify, and delete.\n- `SUCCESSES_AND_ERRORS` : A report shows what DataSync was able and unable to transfer, skip, verify, and delete.", + "title": "ReportLevel", + "type": "string" + } + }, + "required": [ + "Destination", + "OutputType" + ], + "type": "object" + }, + "AWS::DataSync::Task.TaskReportConfigDestinationS3": { + "additionalProperties": false, + "properties": { + "BucketAccessRoleArn": { + "markdownDescription": "", + "title": "BucketAccessRoleArn", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "NetworkInsightsAccessScopeId": { - "markdownDescription": "The ID of the Network Access Scope.", - "title": "NetworkInsightsAccessScopeId", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "NetworkInsightsAccessScopeId" - ], - "type": "object" + "S3BucketArn": { + "markdownDescription": "", + "title": "S3BucketArn", + "type": "string" }, - "Type": { - "enum": [ - "AWS::EC2::NetworkInsightsAccessScopeAnalysis" - ], + "Subdirectory": { + "markdownDescription": "", + "title": "Subdirectory", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataSync::Task.TaskSchedule": { + "additionalProperties": false, + "properties": { + "ScheduleExpression": { + "markdownDescription": "Specifies your task schedule by using a cron or rate expression.\n\nUse cron expressions for task schedules that run on a specific time and day. For example, the following cron expression creates a task schedule that runs at 8 AM on the first Wednesday of every month:\n\n`cron(0 8 * * 3#1)`\n\nUse rate expressions for task schedules that run on a regular interval. For example, the following rate expression creates a task schedule that runs every 12 hours:\n\n`rate(12 hours)`\n\nFor information about cron and rate expression syntax, see the [*Amazon EventBridge User Guide*](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-scheduled-rule-pattern.html) .", + "title": "ScheduleExpression", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Status": { + "markdownDescription": "Specifies whether to enable or disable your task schedule. Your schedule is enabled by default, but there can be situations where you need to disable it. For example, you might need to pause a recurring transfer to fix an issue with your task or perform maintenance on your storage system.\n\nDataSync might disable your schedule automatically if your task fails repeatedly with the same error. For more information, see [TaskScheduleDetails](https://docs.aws.amazon.com/datasync/latest/userguide/API_TaskScheduleDetails.html) .", + "title": "Status", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::EC2::NetworkInsightsAnalysis": { + "AWS::DataSync::Task.Transferred": { + "additionalProperties": false, + "properties": { + "ReportLevel": { + "markdownDescription": "", + "title": "ReportLevel", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataSync::Task.Verified": { + "additionalProperties": false, + "properties": { + "ReportLevel": { + "markdownDescription": "", + "title": "ReportLevel", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataZone::Connection": { "additionalProperties": false, "properties": { "Condition": { @@ -74684,44 +80687,47 @@ "Properties": { "additionalProperties": false, "properties": { - "AdditionalAccounts": { - "items": { - "type": "string" - }, - "markdownDescription": "The member accounts that contain resources that the path can traverse.", - "title": "AdditionalAccounts", - "type": "array" + "AwsLocation": { + "$ref": "#/definitions/AWS::DataZone::Connection.AwsLocation", + "markdownDescription": "The location where the connection is created.", + "title": "AwsLocation" }, - "FilterInArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Names (ARN) of the resources that the path must traverse.", - "title": "FilterInArns", - "type": "array" + "Description": { + "markdownDescription": "Connection description.", + "title": "Description", + "type": "string" }, - "NetworkInsightsPathId": { - "markdownDescription": "The ID of the path.", - "title": "NetworkInsightsPathId", + "DomainIdentifier": { + "markdownDescription": "The ID of the domain where the connection is created.", + "title": "DomainIdentifier", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to apply.", - "title": "Tags", - "type": "array" + "EnvironmentIdentifier": { + "markdownDescription": "The ID of the environment where the connection is created.", + "title": "EnvironmentIdentifier", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the connection.", + "title": "Name", + "type": "string" + }, + "Props": { + "$ref": "#/definitions/AWS::DataZone::Connection.ConnectionPropertiesInput", + "markdownDescription": "Connection props.", + "title": "Props" } }, "required": [ - "NetworkInsightsPathId" + "DomainIdentifier", + "EnvironmentIdentifier", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::NetworkInsightsAnalysis" + "AWS::DataZone::Connection" ], "type": "string" }, @@ -74740,722 +80746,620 @@ ], "type": "object" }, - "AWS::EC2::NetworkInsightsAnalysis.AdditionalDetail": { + "AWS::DataZone::Connection.AthenaPropertiesInput": { "additionalProperties": false, "properties": { - "AdditionalDetailType": { - "markdownDescription": "The additional detail code.", - "title": "AdditionalDetailType", + "WorkgroupName": { + "markdownDescription": "The Amazon Athena workgroup name of a connection.", + "title": "WorkgroupName", + "type": "string" + } + }, + "required": [ + "WorkgroupName" + ], + "type": "object" + }, + "AWS::DataZone::Connection.AuthenticationConfigurationInput": { + "additionalProperties": false, + "properties": { + "AuthenticationType": { + "markdownDescription": "The authentication type of a connection.", + "title": "AuthenticationType", "type": "string" }, - "Component": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The path component.", - "title": "Component" + "BasicAuthenticationCredentials": { + "$ref": "#/definitions/AWS::DataZone::Connection.BasicAuthenticationCredentials", + "markdownDescription": "The basic authentication credentials of a connection.", + "title": "BasicAuthenticationCredentials" }, - "LoadBalancers": { - "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent" + "CustomAuthenticationCredentials": { + "additionalProperties": true, + "markdownDescription": "The custom authentication credentials of a connection.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "The load balancers.", - "title": "LoadBalancers", - "type": "array" + "title": "CustomAuthenticationCredentials", + "type": "object" }, - "ServiceName": { - "markdownDescription": "The name of the VPC endpoint service.", - "title": "ServiceName", + "KmsKeyArn": { + "markdownDescription": "The KMS key ARN of a connection.", + "title": "KmsKeyArn", + "type": "string" + }, + "OAuth2Properties": { + "$ref": "#/definitions/AWS::DataZone::Connection.OAuth2Properties", + "markdownDescription": "The oAuth2 properties of a connection.", + "title": "OAuth2Properties" + }, + "SecretArn": { + "markdownDescription": "The secret ARN of a connection.", + "title": "SecretArn", "type": "string" } }, "type": "object" }, - "AWS::EC2::NetworkInsightsAnalysis.AlternatePathHint": { + "AWS::DataZone::Connection.AuthorizationCodeProperties": { "additionalProperties": false, "properties": { - "ComponentArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the component.", - "title": "ComponentArn", + "AuthorizationCode": { + "markdownDescription": "The authorization code of a connection.", + "title": "AuthorizationCode", "type": "string" }, - "ComponentId": { - "markdownDescription": "The ID of the component.", - "title": "ComponentId", + "RedirectUri": { + "markdownDescription": "The redirect URI of a connection.", + "title": "RedirectUri", "type": "string" } }, "type": "object" }, - "AWS::EC2::NetworkInsightsAnalysis.AnalysisAclRule": { + "AWS::DataZone::Connection.AwsLocation": { "additionalProperties": false, "properties": { - "Cidr": { - "markdownDescription": "The IPv4 address range, in CIDR notation.", - "title": "Cidr", + "AccessRole": { + "markdownDescription": "The access role of a connection.", + "title": "AccessRole", "type": "string" }, - "Egress": { - "markdownDescription": "Indicates whether the rule is an outbound rule.", - "title": "Egress", - "type": "boolean" - }, - "PortRange": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.PortRange", - "markdownDescription": "The range of ports.", - "title": "PortRange" - }, - "Protocol": { - "markdownDescription": "The protocol.", - "title": "Protocol", + "AwsAccountId": { + "markdownDescription": "The account ID of a connection.", + "title": "AwsAccountId", "type": "string" }, - "RuleAction": { - "markdownDescription": "Indicates whether to allow or deny traffic that matches the rule.", - "title": "RuleAction", + "AwsRegion": { + "markdownDescription": "The Region of a connection.", + "title": "AwsRegion", "type": "string" }, - "RuleNumber": { - "markdownDescription": "The rule number.", - "title": "RuleNumber", - "type": "number" + "IamConnectionId": { + "markdownDescription": "The IAM connection ID of a connection.", + "title": "IamConnectionId", + "type": "string" } }, "type": "object" }, - "AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent": { + "AWS::DataZone::Connection.BasicAuthenticationCredentials": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the component.", - "title": "Arn", + "Password": { + "markdownDescription": "The password for a connection.", + "title": "Password", "type": "string" }, - "Id": { - "markdownDescription": "The ID of the component.", - "title": "Id", + "UserName": { + "markdownDescription": "The user name for the connecion.", + "title": "UserName", "type": "string" } }, "type": "object" }, - "AWS::EC2::NetworkInsightsAnalysis.AnalysisLoadBalancerListener": { + "AWS::DataZone::Connection.ConnectionPropertiesInput": { "additionalProperties": false, "properties": { - "InstancePort": { - "markdownDescription": "[Classic Load Balancers] The back-end port for the listener.", - "title": "InstancePort", - "type": "number" + "AthenaProperties": { + "$ref": "#/definitions/AWS::DataZone::Connection.AthenaPropertiesInput", + "markdownDescription": "The Amazon Athena properties of a connection.", + "title": "AthenaProperties" }, - "LoadBalancerPort": { - "markdownDescription": "The port on which the load balancer is listening.", - "title": "LoadBalancerPort", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::NetworkInsightsAnalysis.AnalysisLoadBalancerTarget": { - "additionalProperties": false, - "properties": { - "Address": { - "markdownDescription": "The IP address.", - "title": "Address", - "type": "string" + "GlueProperties": { + "$ref": "#/definitions/AWS::DataZone::Connection.GluePropertiesInput", + "markdownDescription": "The AWS Glue properties of a connection.", + "title": "GlueProperties" }, - "AvailabilityZone": { - "markdownDescription": "The Availability Zone.", - "title": "AvailabilityZone", - "type": "string" + "HyperPodProperties": { + "$ref": "#/definitions/AWS::DataZone::Connection.HyperPodPropertiesInput", + "markdownDescription": "The hyper pod properties of a connection.", + "title": "HyperPodProperties" }, - "Instance": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "Information about the instance.", - "title": "Instance" + "IamProperties": { + "$ref": "#/definitions/AWS::DataZone::Connection.IamPropertiesInput", + "markdownDescription": "The IAM properties of a connection.", + "title": "IamProperties" }, - "Port": { - "markdownDescription": "The port on which the target is listening.", - "title": "Port", - "type": "number" + "RedshiftProperties": { + "$ref": "#/definitions/AWS::DataZone::Connection.RedshiftPropertiesInput", + "markdownDescription": "The Amazon Redshift properties of a connection.", + "title": "RedshiftProperties" + }, + "SparkEmrProperties": { + "$ref": "#/definitions/AWS::DataZone::Connection.SparkEmrPropertiesInput", + "markdownDescription": "The Spark EMR properties of a connection.", + "title": "SparkEmrProperties" + }, + "SparkGlueProperties": { + "$ref": "#/definitions/AWS::DataZone::Connection.SparkGluePropertiesInput", + "markdownDescription": "The Spark AWS Glue properties of a connection.", + "title": "SparkGlueProperties" } }, "type": "object" }, - "AWS::EC2::NetworkInsightsAnalysis.AnalysisPacketHeader": { + "AWS::DataZone::Connection.GlueConnectionInput": { "additionalProperties": false, "properties": { - "DestinationAddresses": { - "items": { - "type": "string" + "AthenaProperties": { + "additionalProperties": true, + "markdownDescription": "The Amazon Athena properties of the AWS Glue connection.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "The destination addresses.", - "title": "DestinationAddresses", - "type": "array" + "title": "AthenaProperties", + "type": "object" }, - "DestinationPortRanges": { - "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.PortRange" + "AuthenticationConfiguration": { + "$ref": "#/definitions/AWS::DataZone::Connection.AuthenticationConfigurationInput", + "markdownDescription": "The authentication configuration of the AWS Glue connection.", + "title": "AuthenticationConfiguration" + }, + "ConnectionProperties": { + "additionalProperties": true, + "markdownDescription": "The connection properties of the AWS Glue connection.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "The destination port ranges.", - "title": "DestinationPortRanges", - "type": "array" + "title": "ConnectionProperties", + "type": "object" }, - "Protocol": { - "markdownDescription": "The protocol.", - "title": "Protocol", + "ConnectionType": { + "markdownDescription": "The connection type of the AWS Glue connection.", + "title": "ConnectionType", "type": "string" }, - "SourceAddresses": { - "items": { - "type": "string" + "Description": { + "markdownDescription": "The description of the AWS Glue connection.", + "title": "Description", + "type": "string" + }, + "MatchCriteria": { + "markdownDescription": "The match criteria of the AWS Glue connection.", + "title": "MatchCriteria", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the AWS Glue connection.", + "title": "Name", + "type": "string" + }, + "PhysicalConnectionRequirements": { + "$ref": "#/definitions/AWS::DataZone::Connection.PhysicalConnectionRequirements", + "markdownDescription": "The physical connection requirements for the AWS Glue connection.", + "title": "PhysicalConnectionRequirements" + }, + "PythonProperties": { + "additionalProperties": true, + "markdownDescription": "The Python properties of the AWS Glue connection.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "The source addresses.", - "title": "SourceAddresses", - "type": "array" + "title": "PythonProperties", + "type": "object" }, - "SourcePortRanges": { + "SparkProperties": { + "additionalProperties": true, + "markdownDescription": "The Spark properties of the AWS Glue connection.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "SparkProperties", + "type": "object" + }, + "ValidateCredentials": { + "markdownDescription": "Speciefies whether to validate credentials of the AWS Glue connection.", + "title": "ValidateCredentials", + "type": "boolean" + }, + "ValidateForComputeEnvironments": { "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.PortRange" + "type": "string" }, - "markdownDescription": "The source port ranges.", - "title": "SourcePortRanges", + "markdownDescription": "Speciefies whether to validate for compute environments of the AWS Glue connection.", + "title": "ValidateForComputeEnvironments", "type": "array" } }, "type": "object" }, - "AWS::EC2::NetworkInsightsAnalysis.AnalysisRouteTableRoute": { + "AWS::DataZone::Connection.GlueOAuth2Credentials": { "additionalProperties": false, "properties": { - "NatGatewayId": { - "markdownDescription": "The ID of a NAT gateway.", - "title": "NatGatewayId", - "type": "string" - }, - "NetworkInterfaceId": { - "markdownDescription": "The ID of a network interface.", - "title": "NetworkInterfaceId", - "type": "string" - }, - "Origin": { - "markdownDescription": "Describes how the route was created. The following are the possible values:\n\n- CreateRouteTable - The route was automatically created when the route table was created.\n- CreateRoute - The route was manually added to the route table.\n- EnableVgwRoutePropagation - The route was propagated by route propagation.", - "title": "Origin", - "type": "string" - }, - "State": { - "markdownDescription": "The state. The following are the possible values:\n\n- active\n- blackhole", - "title": "State", + "AccessToken": { + "markdownDescription": "The access token of a connection.", + "title": "AccessToken", "type": "string" }, - "TransitGatewayId": { - "markdownDescription": "The ID of a transit gateway.", - "title": "TransitGatewayId", + "JwtToken": { + "markdownDescription": "The jwt token of the connection.", + "title": "JwtToken", "type": "string" }, - "VpcPeeringConnectionId": { - "markdownDescription": "The ID of a VPC peering connection.", - "title": "VpcPeeringConnectionId", + "RefreshToken": { + "markdownDescription": "The refresh token of the connection.", + "title": "RefreshToken", "type": "string" }, - "destinationCidr": { - "markdownDescription": "The destination IPv4 address, in CIDR notation.", - "title": "destinationCidr", + "UserManagedClientApplicationClientSecret": { + "markdownDescription": "The user managed client application client secret of the connection.", + "title": "UserManagedClientApplicationClientSecret", "type": "string" - }, - "destinationPrefixListId": { - "markdownDescription": "The prefix of the AWS service.", - "title": "destinationPrefixListId", + } + }, + "type": "object" + }, + "AWS::DataZone::Connection.GluePropertiesInput": { + "additionalProperties": false, + "properties": { + "GlueConnectionInput": { + "$ref": "#/definitions/AWS::DataZone::Connection.GlueConnectionInput", + "markdownDescription": "The AWS Glue connection.", + "title": "GlueConnectionInput" + } + }, + "type": "object" + }, + "AWS::DataZone::Connection.HyperPodPropertiesInput": { + "additionalProperties": false, + "properties": { + "ClusterName": { + "markdownDescription": "The cluster name the hyper pod properties.", + "title": "ClusterName", "type": "string" - }, - "egressOnlyInternetGatewayId": { - "markdownDescription": "The ID of an egress-only internet gateway.", - "title": "egressOnlyInternetGatewayId", + } + }, + "required": [ + "ClusterName" + ], + "type": "object" + }, + "AWS::DataZone::Connection.IamPropertiesInput": { + "additionalProperties": false, + "properties": { + "GlueLineageSyncEnabled": { + "markdownDescription": "Specifies whether AWS Glue lineage sync is enabled for a connection.", + "title": "GlueLineageSyncEnabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::DataZone::Connection.LineageSyncSchedule": { + "additionalProperties": false, + "properties": { + "Schedule": { + "markdownDescription": "The lineage sync schedule.", + "title": "Schedule", "type": "string" - }, - "gatewayId": { - "markdownDescription": "The ID of the gateway, such as an internet gateway or virtual private gateway.", - "title": "gatewayId", + } + }, + "type": "object" + }, + "AWS::DataZone::Connection.OAuth2ClientApplication": { + "additionalProperties": false, + "properties": { + "AWSManagedClientApplicationReference": { + "markdownDescription": "The AWS managed client application reference in the OAuth2Client application.", + "title": "AWSManagedClientApplicationReference", "type": "string" }, - "instanceId": { - "markdownDescription": "The ID of the instance, such as a NAT instance.", - "title": "instanceId", + "UserManagedClientApplicationClientId": { + "markdownDescription": "The user managed client application client ID in the OAuth2Client application.", + "title": "UserManagedClientApplicationClientId", "type": "string" } }, "type": "object" }, - "AWS::EC2::NetworkInsightsAnalysis.AnalysisSecurityGroupRule": { + "AWS::DataZone::Connection.OAuth2Properties": { "additionalProperties": false, "properties": { - "Cidr": { - "markdownDescription": "The IPv4 address range, in CIDR notation.", - "title": "Cidr", - "type": "string" + "AuthorizationCodeProperties": { + "$ref": "#/definitions/AWS::DataZone::Connection.AuthorizationCodeProperties", + "markdownDescription": "The authorization code properties of the OAuth2 properties.", + "title": "AuthorizationCodeProperties" }, - "Direction": { - "markdownDescription": "The direction. The following are the possible values:\n\n- egress\n- ingress", - "title": "Direction", - "type": "string" + "OAuth2ClientApplication": { + "$ref": "#/definitions/AWS::DataZone::Connection.OAuth2ClientApplication", + "markdownDescription": "The OAuth2 client application of the OAuth2 properties.", + "title": "OAuth2ClientApplication" }, - "PortRange": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.PortRange", - "markdownDescription": "The port range.", - "title": "PortRange" + "OAuth2Credentials": { + "$ref": "#/definitions/AWS::DataZone::Connection.GlueOAuth2Credentials", + "markdownDescription": "The OAuth2 credentials of the OAuth2 properties.", + "title": "OAuth2Credentials" }, - "PrefixListId": { - "markdownDescription": "The prefix list ID.", - "title": "PrefixListId", + "OAuth2GrantType": { + "markdownDescription": "The OAuth2 grant type of the OAuth2 properties.", + "title": "OAuth2GrantType", "type": "string" }, - "Protocol": { - "markdownDescription": "The protocol name.", - "title": "Protocol", + "TokenUrl": { + "markdownDescription": "The OAuth2 token URL of the OAuth2 properties.", + "title": "TokenUrl", "type": "string" }, - "SecurityGroupId": { - "markdownDescription": "The security group ID.", - "title": "SecurityGroupId", - "type": "string" + "TokenUrlParametersMap": { + "additionalProperties": true, + "markdownDescription": "The OAuth2 token URL parameter map of the OAuth2 properties.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "TokenUrlParametersMap", + "type": "object" } }, "type": "object" }, - "AWS::EC2::NetworkInsightsAnalysis.Explanation": { + "AWS::DataZone::Connection.PhysicalConnectionRequirements": { "additionalProperties": false, "properties": { - "Acl": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The network ACL.", - "title": "Acl" - }, - "AclRule": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisAclRule", - "markdownDescription": "The network ACL rule.", - "title": "AclRule" - }, - "Address": { - "markdownDescription": "The IPv4 address, in CIDR notation.", - "title": "Address", + "AvailabilityZone": { + "markdownDescription": "The availability zone of the physical connection requirements of a connection.", + "title": "AvailabilityZone", "type": "string" }, - "Addresses": { + "SecurityGroupIdList": { "items": { "type": "string" }, - "markdownDescription": "The IPv4 addresses, in CIDR notation.", - "title": "Addresses", + "markdownDescription": "The group ID list of the physical connection requirements of a connection.", + "title": "SecurityGroupIdList", "type": "array" }, - "AttachedTo": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The resource to which the component is attached.", - "title": "AttachedTo" - }, - "AvailabilityZones": { - "items": { - "type": "string" - }, - "markdownDescription": "The Availability Zones.", - "title": "AvailabilityZones", - "type": "array" + "SubnetId": { + "markdownDescription": "The subnet ID of the physical connection requirements of a connection.", + "title": "SubnetId", + "type": "string" }, - "Cidrs": { + "SubnetIdList": { "items": { "type": "string" }, - "markdownDescription": "The CIDR ranges.", - "title": "Cidrs", + "markdownDescription": "The subnet ID list of the physical connection requirements of a connection.", + "title": "SubnetIdList", "type": "array" + } + }, + "type": "object" + }, + "AWS::DataZone::Connection.RedshiftCredentials": { + "additionalProperties": false, + "properties": { + "SecretArn": { + "markdownDescription": "The secret ARN of the Amazon Redshift credentials of a connection.", + "title": "SecretArn", + "type": "string" }, - "ClassicLoadBalancerListener": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisLoadBalancerListener", - "markdownDescription": "The listener for a Classic Load Balancer.", - "title": "ClassicLoadBalancerListener" + "UsernamePassword": { + "$ref": "#/definitions/AWS::DataZone::Connection.UsernamePassword", + "markdownDescription": "The username and password of the Amazon Redshift credentials of a connection.", + "title": "UsernamePassword" + } + }, + "type": "object" + }, + "AWS::DataZone::Connection.RedshiftLineageSyncConfigurationInput": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Specifies whether the Amaon Redshift lineage sync configuration is enabled.", + "title": "Enabled", + "type": "boolean" }, - "Component": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The component.", - "title": "Component" + "Schedule": { + "$ref": "#/definitions/AWS::DataZone::Connection.LineageSyncSchedule", + "markdownDescription": "The schedule of the Amaon Redshift lineage sync configuration.", + "title": "Schedule" + } + }, + "type": "object" + }, + "AWS::DataZone::Connection.RedshiftPropertiesInput": { + "additionalProperties": false, + "properties": { + "Credentials": { + "$ref": "#/definitions/AWS::DataZone::Connection.RedshiftCredentials", + "markdownDescription": "The Amaon Redshift credentials.", + "title": "Credentials" }, - "ComponentAccount": { - "markdownDescription": "The AWS account for the component.", - "title": "ComponentAccount", + "DatabaseName": { + "markdownDescription": "The Amazon Redshift database name.", + "title": "DatabaseName", "type": "string" }, - "ComponentRegion": { - "markdownDescription": "The Region for the component.", - "title": "ComponentRegion", + "Host": { + "markdownDescription": "The Amazon Redshift host.", + "title": "Host", "type": "string" }, - "CustomerGateway": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The customer gateway.", - "title": "CustomerGateway" - }, - "Destination": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The destination.", - "title": "Destination" + "LineageSync": { + "$ref": "#/definitions/AWS::DataZone::Connection.RedshiftLineageSyncConfigurationInput", + "markdownDescription": "The lineage sync of the Amazon Redshift.", + "title": "LineageSync" }, - "DestinationVpc": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The destination VPC.", - "title": "DestinationVpc" + "Port": { + "markdownDescription": "The Amaon Redshift port.", + "title": "Port", + "type": "number" }, - "Direction": { - "markdownDescription": "The direction. The following are the possible values:\n\n- egress\n- ingress", - "title": "Direction", + "Storage": { + "$ref": "#/definitions/AWS::DataZone::Connection.RedshiftStorageProperties", + "markdownDescription": "The Amazon Redshift storage.", + "title": "Storage" + } + }, + "type": "object" + }, + "AWS::DataZone::Connection.RedshiftStorageProperties": { + "additionalProperties": false, + "properties": { + "ClusterName": { + "markdownDescription": "The cluster name in the Amazon Redshift storage properties.", + "title": "ClusterName", "type": "string" }, - "ElasticLoadBalancerListener": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The load balancer listener.", - "title": "ElasticLoadBalancerListener" + "WorkgroupName": { + "markdownDescription": "The workgroup name in the Amazon Redshift storage properties.", + "title": "WorkgroupName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataZone::Connection.SparkEmrPropertiesInput": { + "additionalProperties": false, + "properties": { + "ComputeArn": { + "markdownDescription": "The compute ARN of Spark EMR.", + "title": "ComputeArn", + "type": "string" }, - "ExplanationCode": { - "markdownDescription": "The explanation code.", - "title": "ExplanationCode", + "InstanceProfileArn": { + "markdownDescription": "The instance profile ARN of Spark EMR.", + "title": "InstanceProfileArn", "type": "string" }, - "IngressRouteTable": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The route table.", - "title": "IngressRouteTable" + "JavaVirtualEnv": { + "markdownDescription": "The java virtual env of the Spark EMR.", + "title": "JavaVirtualEnv", + "type": "string" }, - "InternetGateway": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The internet gateway.", - "title": "InternetGateway" + "LogUri": { + "markdownDescription": "The log URI of the Spark EMR.", + "title": "LogUri", + "type": "string" }, - "LoadBalancerArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the load balancer.", - "title": "LoadBalancerArn", + "PythonVirtualEnv": { + "markdownDescription": "The Python virtual env of the Spark EMR.", + "title": "PythonVirtualEnv", "type": "string" }, - "LoadBalancerListenerPort": { - "markdownDescription": "The listener port of the load balancer.", - "title": "LoadBalancerListenerPort", - "type": "number" + "RuntimeRole": { + "markdownDescription": "The runtime role of the Spark EMR.", + "title": "RuntimeRole", + "type": "string" }, - "LoadBalancerTarget": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisLoadBalancerTarget", - "markdownDescription": "The target.", - "title": "LoadBalancerTarget" + "TrustedCertificatesS3Uri": { + "markdownDescription": "The certificates S3 URI of the Spark EMR.", + "title": "TrustedCertificatesS3Uri", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataZone::Connection.SparkGlueArgs": { + "additionalProperties": false, + "properties": { + "Connection": { + "markdownDescription": "The connection in the Spark AWS Glue args.", + "title": "Connection", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataZone::Connection.SparkGluePropertiesInput": { + "additionalProperties": false, + "properties": { + "AdditionalArgs": { + "$ref": "#/definitions/AWS::DataZone::Connection.SparkGlueArgs", + "markdownDescription": "The additional args in the Spark AWS Glue properties.", + "title": "AdditionalArgs" }, - "LoadBalancerTargetGroup": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The target group.", - "title": "LoadBalancerTargetGroup" + "GlueConnectionName": { + "markdownDescription": "The AWS Glue connection name in the Spark AWS Glue properties.", + "title": "GlueConnectionName", + "type": "string" }, - "LoadBalancerTargetGroups": { - "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent" - }, - "markdownDescription": "The target groups.", - "title": "LoadBalancerTargetGroups", - "type": "array" + "GlueVersion": { + "markdownDescription": "The AWS Glue version in the Spark AWS Glue properties.", + "title": "GlueVersion", + "type": "string" }, - "LoadBalancerTargetPort": { - "markdownDescription": "The target port.", - "title": "LoadBalancerTargetPort", + "IdleTimeout": { + "markdownDescription": "The idle timeout in the Spark AWS Glue properties.", + "title": "IdleTimeout", "type": "number" }, - "MissingComponent": { - "markdownDescription": "The missing component.", - "title": "MissingComponent", + "JavaVirtualEnv": { + "markdownDescription": "The Java virtual env in the Spark AWS Glue properties.", + "title": "JavaVirtualEnv", "type": "string" }, - "NatGateway": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The NAT gateway.", - "title": "NatGateway" + "NumberOfWorkers": { + "markdownDescription": "The number of workers in the Spark AWS Glue properties.", + "title": "NumberOfWorkers", + "type": "number" }, - "NetworkInterface": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The network interface.", - "title": "NetworkInterface" - }, - "PacketField": { - "markdownDescription": "The packet field.", - "title": "PacketField", - "type": "string" - }, - "Port": { - "markdownDescription": "The port.", - "title": "Port", - "type": "number" - }, - "PortRanges": { - "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.PortRange" - }, - "markdownDescription": "The port ranges.", - "title": "PortRanges", - "type": "array" - }, - "PrefixList": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The prefix list.", - "title": "PrefixList" - }, - "Protocols": { - "items": { - "type": "string" - }, - "markdownDescription": "The protocols.", - "title": "Protocols", - "type": "array" - }, - "RouteTable": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The route table.", - "title": "RouteTable" - }, - "RouteTableRoute": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisRouteTableRoute", - "markdownDescription": "The route table route.", - "title": "RouteTableRoute" - }, - "SecurityGroup": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The security group.", - "title": "SecurityGroup" - }, - "SecurityGroupRule": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisSecurityGroupRule", - "markdownDescription": "The security group rule.", - "title": "SecurityGroupRule" - }, - "SecurityGroups": { - "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent" - }, - "markdownDescription": "The security groups.", - "title": "SecurityGroups", - "type": "array" - }, - "SourceVpc": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The source VPC.", - "title": "SourceVpc" - }, - "State": { - "markdownDescription": "The state.", - "title": "State", + "PythonVirtualEnv": { + "markdownDescription": "The Python virtual env in the Spark AWS Glue properties.", + "title": "PythonVirtualEnv", "type": "string" }, - "Subnet": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The subnet.", - "title": "Subnet" - }, - "SubnetRouteTable": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The route table for the subnet.", - "title": "SubnetRouteTable" - }, - "TransitGateway": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The transit gateway.", - "title": "TransitGateway" - }, - "TransitGatewayAttachment": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The transit gateway attachment.", - "title": "TransitGatewayAttachment" - }, - "TransitGatewayRouteTable": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The transit gateway route table.", - "title": "TransitGatewayRouteTable" - }, - "TransitGatewayRouteTableRoute": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.TransitGatewayRouteTableRoute", - "markdownDescription": "The transit gateway route table route.", - "title": "TransitGatewayRouteTableRoute" - }, - "Vpc": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The component VPC.", - "title": "Vpc" - }, - "VpcPeeringConnection": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The VPC peering connection.", - "title": "VpcPeeringConnection" - }, - "VpnConnection": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The VPN connection.", - "title": "VpnConnection" - }, - "VpnGateway": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The VPN gateway.", - "title": "VpnGateway" - }, - "vpcEndpoint": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The VPC endpoint.", - "title": "vpcEndpoint" - } - }, - "type": "object" - }, - "AWS::EC2::NetworkInsightsAnalysis.PathComponent": { - "additionalProperties": false, - "properties": { - "AclRule": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisAclRule", - "markdownDescription": "The network ACL rule.", - "title": "AclRule" - }, - "AdditionalDetails": { - "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AdditionalDetail" - }, - "markdownDescription": "The additional details.", - "title": "AdditionalDetails", - "type": "array" - }, - "Component": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The component.", - "title": "Component" - }, - "DestinationVpc": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The destination VPC.", - "title": "DestinationVpc" - }, - "ElasticLoadBalancerListener": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The load balancer listener.", - "title": "ElasticLoadBalancerListener" - }, - "Explanations": { - "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.Explanation" - }, - "markdownDescription": "The explanation codes.", - "title": "Explanations", - "type": "array" - }, - "InboundHeader": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisPacketHeader", - "markdownDescription": "The inbound header.", - "title": "InboundHeader" - }, - "OutboundHeader": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisPacketHeader", - "markdownDescription": "The outbound header.", - "title": "OutboundHeader" - }, - "RouteTableRoute": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisRouteTableRoute", - "markdownDescription": "The route table route.", - "title": "RouteTableRoute" - }, - "SecurityGroupRule": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisSecurityGroupRule", - "markdownDescription": "The security group rule.", - "title": "SecurityGroupRule" - }, - "SequenceNumber": { - "markdownDescription": "The sequence number.", - "title": "SequenceNumber", - "type": "number" - }, - "ServiceName": { - "markdownDescription": "The name of the VPC endpoint service.", - "title": "ServiceName", + "WorkerType": { + "markdownDescription": "The worker type in the Spark AWS Glue properties.", + "title": "WorkerType", "type": "string" - }, - "SourceVpc": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The source VPC.", - "title": "SourceVpc" - }, - "Subnet": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The subnet.", - "title": "Subnet" - }, - "TransitGateway": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The transit gateway.", - "title": "TransitGateway" - }, - "TransitGatewayRouteTableRoute": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.TransitGatewayRouteTableRoute", - "markdownDescription": "The route in a transit gateway route table.", - "title": "TransitGatewayRouteTableRoute" - }, - "Vpc": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The component VPC.", - "title": "Vpc" - } - }, - "type": "object" - }, - "AWS::EC2::NetworkInsightsAnalysis.PortRange": { - "additionalProperties": false, - "properties": { - "From": { - "markdownDescription": "The first port in the range.", - "title": "From", - "type": "number" - }, - "To": { - "markdownDescription": "The last port in the range.", - "title": "To", - "type": "number" } }, "type": "object" }, - "AWS::EC2::NetworkInsightsAnalysis.TransitGatewayRouteTableRoute": { + "AWS::DataZone::Connection.UsernamePassword": { "additionalProperties": false, "properties": { - "AttachmentId": { - "markdownDescription": "The ID of the route attachment.", - "title": "AttachmentId", - "type": "string" - }, - "DestinationCidr": { - "markdownDescription": "The CIDR block used for destination matches.", - "title": "DestinationCidr", - "type": "string" - }, - "PrefixListId": { - "markdownDescription": "The ID of the prefix list.", - "title": "PrefixListId", - "type": "string" - }, - "ResourceId": { - "markdownDescription": "The ID of the resource for the route attachment.", - "title": "ResourceId", - "type": "string" - }, - "ResourceType": { - "markdownDescription": "The resource type for the route attachment.", - "title": "ResourceType", - "type": "string" - }, - "RouteOrigin": { - "markdownDescription": "The route origin. The following are the possible values:\n\n- static\n- propagated", - "title": "RouteOrigin", + "Password": { + "markdownDescription": "The password of a connection.", + "title": "Password", "type": "string" }, - "State": { - "markdownDescription": "The state of the route.", - "title": "State", + "Username": { + "markdownDescription": "The username of a connection.", + "title": "Username", "type": "string" } }, + "required": [ + "Password", + "Username" + ], "type": "object" }, - "AWS::EC2::NetworkInsightsPath": { + "AWS::DataZone::DataSource": { "additionalProperties": false, "properties": { "Condition": { @@ -75490,64 +81394,86 @@ "Properties": { "additionalProperties": false, "properties": { - "Destination": { - "markdownDescription": "The ID or ARN of the destination. If the resource is in another account, you must specify an ARN.", - "title": "Destination", - "type": "string" + "AssetFormsInput": { + "items": { + "$ref": "#/definitions/AWS::DataZone::DataSource.FormInput" + }, + "markdownDescription": "The metadata forms attached to the assets that the data source works with.", + "title": "AssetFormsInput", + "type": "array" }, - "DestinationIp": { - "markdownDescription": "The IP address of the destination.", - "title": "DestinationIp", + "Configuration": { + "$ref": "#/definitions/AWS::DataZone::DataSource.DataSourceConfigurationInput", + "markdownDescription": "The configuration of the data source.", + "title": "Configuration" + }, + "ConnectionIdentifier": { + "markdownDescription": "", + "title": "ConnectionIdentifier", "type": "string" }, - "DestinationPort": { - "markdownDescription": "The destination port.", - "title": "DestinationPort", - "type": "number" + "Description": { + "markdownDescription": "The description of the data source.", + "title": "Description", + "type": "string" }, - "FilterAtDestination": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsPath.PathFilter", - "markdownDescription": "Scopes the analysis to network paths that match specific filters at the destination. If you specify this parameter, you can't specify the parameter for the destination IP address.", - "title": "FilterAtDestination" + "DomainIdentifier": { + "markdownDescription": "The ID of the Amazon DataZone domain where the data source is created.", + "title": "DomainIdentifier", + "type": "string" }, - "FilterAtSource": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsPath.PathFilter", - "markdownDescription": "Scopes the analysis to network paths that match specific filters at the source. If you specify this parameter, you can't specify the parameters for the source IP address or the destination port.", - "title": "FilterAtSource" + "EnableSetting": { + "markdownDescription": "Specifies whether the data source is enabled.", + "title": "EnableSetting", + "type": "string" }, - "Protocol": { - "markdownDescription": "The protocol.", - "title": "Protocol", + "EnvironmentIdentifier": { + "markdownDescription": "The unique identifier of the Amazon DataZone environment to which the data source publishes assets.", + "title": "EnvironmentIdentifier", "type": "string" }, - "Source": { - "markdownDescription": "The ID or ARN of the source. If the resource is in another account, you must specify an ARN.", - "title": "Source", + "Name": { + "markdownDescription": "The name of the data source.", + "title": "Name", "type": "string" }, - "SourceIp": { - "markdownDescription": "The IP address of the source.", - "title": "SourceIp", + "ProjectIdentifier": { + "markdownDescription": "The identifier of the Amazon DataZone project in which you want to add this data source.", + "title": "ProjectIdentifier", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to add to the path.", - "title": "Tags", - "type": "array" + "PublishOnImport": { + "markdownDescription": "Specifies whether the assets that this data source creates in the inventory are to be also automatically published to the catalog.", + "title": "PublishOnImport", + "type": "boolean" + }, + "Recommendation": { + "$ref": "#/definitions/AWS::DataZone::DataSource.RecommendationConfiguration", + "markdownDescription": "Specifies whether the business name generation is to be enabled for this data source.", + "title": "Recommendation" + }, + "Schedule": { + "$ref": "#/definitions/AWS::DataZone::DataSource.ScheduleConfiguration", + "markdownDescription": "The schedule of the data source runs.", + "title": "Schedule" + }, + "Type": { + "markdownDescription": "The type of the data source. In Amazon DataZone, you can use data sources to import technical metadata of assets (data) from the source databases or data warehouses into Amazon DataZone. In the current release of Amazon DataZone, you can create and run data sources for AWS Glue and Amazon Redshift.", + "title": "Type", + "type": "string" } }, "required": [ - "Protocol", - "Source" + "DomainIdentifier", + "Name", + "ProjectIdentifier", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::NetworkInsightsPath" + "AWS::DataZone::DataSource" ], "type": "string" }, @@ -75566,292 +81492,267 @@ ], "type": "object" }, - "AWS::EC2::NetworkInsightsPath.FilterPortRange": { + "AWS::DataZone::DataSource.DataSourceConfigurationInput": { "additionalProperties": false, "properties": { - "FromPort": { - "markdownDescription": "The first port in the range.", - "title": "FromPort", - "type": "number" + "GlueRunConfiguration": { + "$ref": "#/definitions/AWS::DataZone::DataSource.GlueRunConfigurationInput", + "markdownDescription": "The configuration of the AWS Glue data source.", + "title": "GlueRunConfiguration" }, - "ToPort": { - "markdownDescription": "The last port in the range.", - "title": "ToPort", - "type": "number" + "RedshiftRunConfiguration": { + "$ref": "#/definitions/AWS::DataZone::DataSource.RedshiftRunConfigurationInput", + "markdownDescription": "The configuration of the Amazon Redshift data source.", + "title": "RedshiftRunConfiguration" + }, + "SageMakerRunConfiguration": { + "$ref": "#/definitions/AWS::DataZone::DataSource.SageMakerRunConfigurationInput", + "markdownDescription": "", + "title": "SageMakerRunConfiguration" } }, "type": "object" }, - "AWS::EC2::NetworkInsightsPath.PathFilter": { + "AWS::DataZone::DataSource.FilterExpression": { "additionalProperties": false, "properties": { - "DestinationAddress": { - "markdownDescription": "The destination IPv4 address.", - "title": "DestinationAddress", + "Expression": { + "markdownDescription": "The search filter expression.", + "title": "Expression", "type": "string" }, - "DestinationPortRange": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsPath.FilterPortRange", - "markdownDescription": "The destination port range.", - "title": "DestinationPortRange" - }, - "SourceAddress": { - "markdownDescription": "The source IPv4 address.", - "title": "SourceAddress", + "Type": { + "markdownDescription": "The search filter explresison type.", + "title": "Type", "type": "string" - }, - "SourcePortRange": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsPath.FilterPortRange", - "markdownDescription": "The source port range.", - "title": "SourcePortRange" } }, + "required": [ + "Expression", + "Type" + ], "type": "object" }, - "AWS::EC2::NetworkInterface": { + "AWS::DataZone::DataSource.FormInput": { "additionalProperties": false, "properties": { - "Condition": { + "Content": { + "markdownDescription": "", + "title": "Content", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FormName": { + "markdownDescription": "", + "title": "FormName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ConnectionTrackingSpecification": { - "$ref": "#/definitions/AWS::EC2::NetworkInterface.ConnectionTrackingSpecification", - "markdownDescription": "A connection tracking specification for the network interface.", - "title": "ConnectionTrackingSpecification" - }, - "Description": { - "markdownDescription": "A description for the network interface.", - "title": "Description", - "type": "string" - }, - "GroupSet": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the security groups associated with this network interface.", - "title": "GroupSet", - "type": "array" - }, - "InterfaceType": { - "markdownDescription": "The type of network interface. The default is `interface` . The supported values are `efa` and `trunk` .", - "title": "InterfaceType", - "type": "string" - }, - "Ipv4PrefixCount": { - "markdownDescription": "The number of IPv4 prefixes to be automatically assigned to the network interface.\n\nWhen creating a network interface, you can't specify a count of IPv4 prefixes if you've specified one of the following: specific IPv4 prefixes, specific private IPv4 addresses, or a count of private IPv4 addresses.", - "title": "Ipv4PrefixCount", - "type": "number" - }, - "Ipv4Prefixes": { - "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInterface.Ipv4PrefixSpecification" - }, - "markdownDescription": "The IPv4 delegated prefixes that are assigned to the network interface.\n\nWhen creating a network interface, you can't specify IPv4 prefixes if you've specified one of the following: a count of IPv4 prefixes, specific private IPv4 addresses, or a count of private IPv4 addresses.", - "title": "Ipv4Prefixes", - "type": "array" - }, - "Ipv6AddressCount": { - "markdownDescription": "The number of IPv6 addresses to assign to the network interface. Amazon EC2 automatically selects the IPv6 addresses from the subnet range. To specify specific IPv6 addresses, use the `Ipv6Addresses` property and don't specify this property.\n\nWhen creating a network interface, you can't specify a count of IPv6 addresses if you've specified one of the following: specific IPv6 addresses, specific IPv6 prefixes, or a count of IPv6 prefixes.", - "title": "Ipv6AddressCount", - "type": "number" - }, - "Ipv6Addresses": { - "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInterface.InstanceIpv6Address" - }, - "markdownDescription": "The IPv6 addresses from the IPv6 CIDR block range of your subnet to assign to the network interface. If you're specifying a number of IPv6 addresses, use the `Ipv6AddressCount` property and don't specify this property.\n\nWhen creating a network interface, you can't specify IPv6 addresses if you've specified one of the following: a count of IPv6 addresses, specific IPv6 prefixes, or a count of IPv6 prefixes.", - "title": "Ipv6Addresses", - "type": "array" - }, - "Ipv6PrefixCount": { - "markdownDescription": "The number of IPv6 prefixes to be automatically assigned to the network interface.\n\nWhen creating a network interface, you can't specify a count of IPv6 prefixes if you've specified one of the following: specific IPv6 prefixes, specific IPv6 addresses, or a count of IPv6 addresses.", - "title": "Ipv6PrefixCount", - "type": "number" - }, - "Ipv6Prefixes": { - "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInterface.Ipv6PrefixSpecification" - }, - "markdownDescription": "The IPv6 delegated prefixes that are assigned to the network interface.\n\nWhen creating a network interface, you can't specify IPv6 prefixes if you've specified one of the following: a count of IPv6 prefixes, specific IPv6 addresses, or a count of IPv6 addresses.", - "title": "Ipv6Prefixes", - "type": "array" - }, - "PrivateIpAddress": { - "markdownDescription": "The private IPv4 address to assign to the network interface as the primary private IP address. If you want to specify multiple private IP addresses, use the `PrivateIpAddresses` property.", - "title": "PrivateIpAddress", - "type": "string" - }, - "PrivateIpAddresses": { - "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInterface.PrivateIpAddressSpecification" - }, - "markdownDescription": "The private IPv4 addresses to assign to the network interface. You can specify a primary private IP address by setting the value of the `Primary` property to `true` in the `PrivateIpAddressSpecification` property. If you want EC2 to automatically assign private IP addresses, use the `SecondaryPrivateIpAddressCount` property and do not specify this property.\n\nWhen creating a network interface, you can't specify private IPv4 addresses if you've specified one of the following: a count of private IPv4 addresses, specific IPv4 prefixes, or a count of IPv4 prefixes.", - "title": "PrivateIpAddresses", - "type": "array" - }, - "SecondaryPrivateIpAddressCount": { - "markdownDescription": "The number of secondary private IPv4 addresses to assign to a network interface. When you specify a number of secondary IPv4 addresses, Amazon EC2 selects these IP addresses within the subnet's IPv4 CIDR range. You can't specify this option and specify more than one private IP address using `privateIpAddresses` .\n\nWhen creating a Network Interface, you can't specify a count of private IPv4 addresses if you've specified one of the following: specific private IPv4 addresses, specific IPv4 prefixes, or a count of IPv4 prefixes.", - "title": "SecondaryPrivateIpAddressCount", - "type": "number" - }, - "SourceDestCheck": { - "markdownDescription": "Enable or disable source/destination checks, which ensure that the instance is either the source or the destination of any traffic that it receives. If the value is `true` , source/destination checks are enabled; otherwise, they are disabled. The default value is `true` . You must disable source/destination checks if the instance runs services such as network address translation, routing, or firewalls.", - "title": "SourceDestCheck", - "type": "boolean" - }, - "SubnetId": { - "markdownDescription": "The ID of the subnet to associate with the network interface.", - "title": "SubnetId", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to apply to the network interface.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "SubnetId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::EC2::NetworkInterface" - ], + "TypeIdentifier": { + "markdownDescription": "", + "title": "TypeIdentifier", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TypeRevision": { + "markdownDescription": "", + "title": "TypeRevision", "type": "string" } }, "required": [ - "Type", - "Properties" + "FormName" ], "type": "object" }, - "AWS::EC2::NetworkInterface.ConnectionTrackingSpecification": { + "AWS::DataZone::DataSource.GlueRunConfigurationInput": { "additionalProperties": false, "properties": { - "TcpEstablishedTimeout": { - "markdownDescription": "Timeout (in seconds) for idle TCP connections in an established state. Min: 60 seconds. Max: 432000 seconds (5 days). Default: 432000 seconds. Recommended: Less than 432000 seconds.", - "title": "TcpEstablishedTimeout", - "type": "number" + "AutoImportDataQualityResult": { + "markdownDescription": "Specifies whether to automatically import data quality metrics as part of the data source run.", + "title": "AutoImportDataQualityResult", + "type": "boolean" }, - "UdpStreamTimeout": { - "markdownDescription": "Timeout (in seconds) for idle UDP flows classified as streams which have seen more than one request-response transaction. Min: 60 seconds. Max: 180 seconds (3 minutes). Default: 180 seconds.", - "title": "UdpStreamTimeout", - "type": "number" + "CatalogName": { + "markdownDescription": "", + "title": "CatalogName", + "type": "string" }, - "UdpTimeout": { - "markdownDescription": "Timeout (in seconds) for idle UDP flows that have seen traffic only in a single direction or a single request-response transaction. Min: 30 seconds. Max: 60 seconds. Default: 30 seconds.", - "title": "UdpTimeout", - "type": "number" + "DataAccessRole": { + "markdownDescription": "The data access role included in the configuration details of the AWS Glue data source.", + "title": "DataAccessRole", + "type": "string" + }, + "RelationalFilterConfigurations": { + "items": { + "$ref": "#/definitions/AWS::DataZone::DataSource.RelationalFilterConfiguration" + }, + "markdownDescription": "The relational filter configurations included in the configuration details of the AWS Glue data source.", + "title": "RelationalFilterConfigurations", + "type": "array" } }, + "required": [ + "RelationalFilterConfigurations" + ], "type": "object" }, - "AWS::EC2::NetworkInterface.InstanceIpv6Address": { + "AWS::DataZone::DataSource.RecommendationConfiguration": { "additionalProperties": false, "properties": { - "Ipv6Address": { - "markdownDescription": "An IPv6 address to associate with the network interface.", - "title": "Ipv6Address", + "EnableBusinessNameGeneration": { + "markdownDescription": "Specifies whether automatic business name generation is to be enabled or not as part of the recommendation configuration.", + "title": "EnableBusinessNameGeneration", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::DataZone::DataSource.RedshiftClusterStorage": { + "additionalProperties": false, + "properties": { + "ClusterName": { + "markdownDescription": "The name of an Amazon Redshift cluster.", + "title": "ClusterName", "type": "string" } }, "required": [ - "Ipv6Address" + "ClusterName" ], "type": "object" }, - "AWS::EC2::NetworkInterface.Ipv4PrefixSpecification": { + "AWS::DataZone::DataSource.RedshiftCredentialConfiguration": { "additionalProperties": false, "properties": { - "Ipv4Prefix": { - "markdownDescription": "The IPv4 prefix. For information, see [Assigning prefixes to network interfaces](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-prefix-eni.html) in the *Amazon EC2 User Guide* .", - "title": "Ipv4Prefix", + "SecretManagerArn": { + "markdownDescription": "The ARN of a secret manager for an Amazon Redshift cluster.", + "title": "SecretManagerArn", "type": "string" } }, "required": [ - "Ipv4Prefix" + "SecretManagerArn" ], "type": "object" }, - "AWS::EC2::NetworkInterface.Ipv6PrefixSpecification": { + "AWS::DataZone::DataSource.RedshiftRunConfigurationInput": { "additionalProperties": false, "properties": { - "Ipv6Prefix": { - "markdownDescription": "The IPv6 prefix. For information, see [Assigning prefixes to Amazon EC2 network interfaces](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-prefix-eni.html) in the *Amazon Elastic Compute Cloud User Guide* .", - "title": "Ipv6Prefix", + "DataAccessRole": { + "markdownDescription": "The data access role included in the configuration details of the Amazon Redshift data source.", + "title": "DataAccessRole", + "type": "string" + }, + "RedshiftCredentialConfiguration": { + "$ref": "#/definitions/AWS::DataZone::DataSource.RedshiftCredentialConfiguration", + "markdownDescription": "The details of the credentials required to access an Amazon Redshift cluster.", + "title": "RedshiftCredentialConfiguration" + }, + "RedshiftStorage": { + "$ref": "#/definitions/AWS::DataZone::DataSource.RedshiftStorage", + "markdownDescription": "The details of the Amazon Redshift storage as part of the configuration of an Amazon Redshift data source run.", + "title": "RedshiftStorage" + }, + "RelationalFilterConfigurations": { + "items": { + "$ref": "#/definitions/AWS::DataZone::DataSource.RelationalFilterConfiguration" + }, + "markdownDescription": "The relational filter configurations included in the configuration details of the AWS Glue data source.", + "title": "RelationalFilterConfigurations", + "type": "array" + } + }, + "required": [ + "RelationalFilterConfigurations" + ], + "type": "object" + }, + "AWS::DataZone::DataSource.RedshiftServerlessStorage": { + "additionalProperties": false, + "properties": { + "WorkgroupName": { + "markdownDescription": "The name of the Amazon Redshift Serverless workgroup.", + "title": "WorkgroupName", "type": "string" } }, "required": [ - "Ipv6Prefix" + "WorkgroupName" ], "type": "object" }, - "AWS::EC2::NetworkInterface.PrivateIpAddressSpecification": { + "AWS::DataZone::DataSource.RedshiftStorage": { "additionalProperties": false, "properties": { - "Primary": { - "markdownDescription": "Sets the private IP address as the primary private address. You can set only one primary private IP address. If you don't specify a primary private IP address, Amazon EC2 automatically assigns a primary private IP address.", - "title": "Primary", - "type": "boolean" + "RedshiftClusterSource": { + "$ref": "#/definitions/AWS::DataZone::DataSource.RedshiftClusterStorage", + "markdownDescription": "The details of the Amazon Redshift cluster source.", + "title": "RedshiftClusterSource" }, - "PrivateIpAddress": { - "markdownDescription": "The private IP address of the network interface.", - "title": "PrivateIpAddress", + "RedshiftServerlessSource": { + "$ref": "#/definitions/AWS::DataZone::DataSource.RedshiftServerlessStorage", + "markdownDescription": "The details of the Amazon Redshift Serverless workgroup source.", + "title": "RedshiftServerlessSource" + } + }, + "type": "object" + }, + "AWS::DataZone::DataSource.RelationalFilterConfiguration": { + "additionalProperties": false, + "properties": { + "DatabaseName": { + "markdownDescription": "The database name specified in the relational filter configuration for the data source.", + "title": "DatabaseName", + "type": "string" + }, + "FilterExpressions": { + "items": { + "$ref": "#/definitions/AWS::DataZone::DataSource.FilterExpression" + }, + "markdownDescription": "The filter expressions specified in the relational filter configuration for the data source.", + "title": "FilterExpressions", + "type": "array" + }, + "SchemaName": { + "markdownDescription": "The schema name specified in the relational filter configuration for the data source.", + "title": "SchemaName", "type": "string" } }, "required": [ - "Primary", - "PrivateIpAddress" + "DatabaseName" ], "type": "object" }, - "AWS::EC2::NetworkInterfaceAttachment": { + "AWS::DataZone::DataSource.SageMakerRunConfigurationInput": { + "additionalProperties": false, + "properties": { + "TrackingAssets": { + "markdownDescription": "", + "title": "TrackingAssets", + "type": "object" + } + }, + "required": [ + "TrackingAssets" + ], + "type": "object" + }, + "AWS::DataZone::DataSource.ScheduleConfiguration": { + "additionalProperties": false, + "properties": { + "Schedule": { + "markdownDescription": "The schedule of the data source runs.", + "title": "Schedule", + "type": "string" + }, + "Timezone": { + "markdownDescription": "The timezone of the data source run.", + "title": "Timezone", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataZone::Domain": { "additionalProperties": false, "properties": { "Condition": { @@ -75886,42 +81787,59 @@ "Properties": { "additionalProperties": false, "properties": { - "DeleteOnTermination": { - "markdownDescription": "Whether to delete the network interface when the instance terminates. By default, this value is set to `true` .", - "title": "DeleteOnTermination", - "type": "boolean" + "Description": { + "markdownDescription": "The description of the Amazon DataZone domain.", + "title": "Description", + "type": "string" }, - "DeviceIndex": { - "markdownDescription": "The network interface's position in the attachment order. For example, the first attached network interface has a `DeviceIndex` of 0.", - "title": "DeviceIndex", + "DomainExecutionRole": { + "markdownDescription": "The domain execution role that is created when an Amazon DataZone domain is created. The domain execution role is created in the AWS account that houses the Amazon DataZone domain.", + "title": "DomainExecutionRole", "type": "string" }, - "EnaSrdSpecification": { - "$ref": "#/definitions/AWS::EC2::NetworkInterfaceAttachment.EnaSrdSpecification", - "markdownDescription": "Configures ENA Express for the network interface that this action attaches to the instance.", - "title": "EnaSrdSpecification" + "DomainVersion": { + "markdownDescription": "The domain version.", + "title": "DomainVersion", + "type": "string" }, - "InstanceId": { - "markdownDescription": "The ID of the instance to which you will attach the ENI.", - "title": "InstanceId", + "KmsKeyIdentifier": { + "markdownDescription": "The identifier of the AWS Key Management Service (KMS) key that is used to encrypt the Amazon DataZone domain, metadata, and reporting data.", + "title": "KmsKeyIdentifier", "type": "string" }, - "NetworkInterfaceId": { - "markdownDescription": "The ID of the ENI that you want to attach.", - "title": "NetworkInterfaceId", + "Name": { + "markdownDescription": "The name of the Amazon DataZone domain.", + "title": "Name", + "type": "string" + }, + "ServiceRole": { + "markdownDescription": "The service role of the domain.", + "title": "ServiceRole", "type": "string" + }, + "SingleSignOn": { + "$ref": "#/definitions/AWS::DataZone::Domain.SingleSignOn", + "markdownDescription": "The single sign-on details in Amazon DataZone.", + "title": "SingleSignOn" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags specified for the Amazon DataZone domain.", + "title": "Tags", + "type": "array" } }, "required": [ - "DeviceIndex", - "InstanceId", - "NetworkInterfaceId" + "DomainExecutionRole", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::NetworkInterfaceAttachment" + "AWS::DataZone::Domain" ], "type": "string" }, @@ -75940,34 +81858,28 @@ ], "type": "object" }, - "AWS::EC2::NetworkInterfaceAttachment.EnaSrdSpecification": { + "AWS::DataZone::Domain.SingleSignOn": { "additionalProperties": false, "properties": { - "EnaSrdEnabled": { - "markdownDescription": "Indicates whether ENA Express is enabled for the network interface.", - "title": "EnaSrdEnabled", - "type": "boolean" + "IdcInstanceArn": { + "markdownDescription": "The ARN of the IDC instance.", + "title": "IdcInstanceArn", + "type": "string" }, - "EnaSrdUdpSpecification": { - "$ref": "#/definitions/AWS::EC2::NetworkInterfaceAttachment.EnaSrdUdpSpecification", - "markdownDescription": "Configures ENA Express for UDP network traffic.", - "title": "EnaSrdUdpSpecification" - } - }, - "type": "object" - }, - "AWS::EC2::NetworkInterfaceAttachment.EnaSrdUdpSpecification": { - "additionalProperties": false, - "properties": { - "EnaSrdUdpEnabled": { - "markdownDescription": "Indicates whether UDP traffic to and from the instance uses ENA Express. To specify this setting, you must first enable ENA Express.", - "title": "EnaSrdUdpEnabled", - "type": "boolean" + "Type": { + "markdownDescription": "The type of single sign-on in Amazon DataZone.", + "title": "Type", + "type": "string" + }, + "UserAssignment": { + "markdownDescription": "The single sign-on user assignment in Amazon DataZone.", + "title": "UserAssignment", + "type": "string" } }, "type": "object" }, - "AWS::EC2::NetworkInterfacePermission": { + "AWS::DataZone::DomainUnit": { "additionalProperties": false, "properties": { "Condition": { @@ -76002,32 +81914,37 @@ "Properties": { "additionalProperties": false, "properties": { - "AwsAccountId": { - "markdownDescription": "The AWS account ID.", - "title": "AwsAccountId", + "Description": { + "markdownDescription": "The description of the domain unit.", + "title": "Description", "type": "string" }, - "NetworkInterfaceId": { - "markdownDescription": "The ID of the network interface.", - "title": "NetworkInterfaceId", + "DomainIdentifier": { + "markdownDescription": "The ID of the domain where you want to crate a domain unit.", + "title": "DomainIdentifier", "type": "string" }, - "Permission": { - "markdownDescription": "The type of permission to grant: `INSTANCE-ATTACH` or `EIP-ASSOCIATE` .", - "title": "Permission", + "Name": { + "markdownDescription": "The name of the domain unit.", + "title": "Name", + "type": "string" + }, + "ParentDomainUnitIdentifier": { + "markdownDescription": "The ID of the parent domain unit.", + "title": "ParentDomainUnitIdentifier", "type": "string" } }, "required": [ - "AwsAccountId", - "NetworkInterfaceId", - "Permission" + "DomainIdentifier", + "Name", + "ParentDomainUnitIdentifier" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::NetworkInterfacePermission" + "AWS::DataZone::DomainUnit" ], "type": "string" }, @@ -76046,7 +81963,7 @@ ], "type": "object" }, - "AWS::EC2::NetworkPerformanceMetricSubscription": { + "AWS::DataZone::Environment": { "additionalProperties": false, "properties": { "Condition": { @@ -76081,38 +81998,73 @@ "Properties": { "additionalProperties": false, "properties": { - "Destination": { - "markdownDescription": "The Region or Availability Zone that's the target for the subscription. For example, `eu-west-1` .", - "title": "Destination", + "Description": { + "markdownDescription": "The description of the environment.", + "title": "Description", "type": "string" }, - "Metric": { - "markdownDescription": "The metric used for the subscription.", - "title": "Metric", + "DomainIdentifier": { + "markdownDescription": "The identifier of the Amazon DataZone domain in which the environment is created.", + "title": "DomainIdentifier", "type": "string" }, - "Source": { - "markdownDescription": "The Region or Availability Zone that's the source for the subscription. For example, `us-east-1` .", - "title": "Source", + "EnvironmentAccountIdentifier": { + "markdownDescription": "The identifier of the AWS account in which an environment exists.", + "title": "EnvironmentAccountIdentifier", "type": "string" }, - "Statistic": { - "markdownDescription": "The statistic used for the subscription.", - "title": "Statistic", + "EnvironmentAccountRegion": { + "markdownDescription": "The AWS Region in which an environment exists.", + "title": "EnvironmentAccountRegion", + "type": "string" + }, + "EnvironmentProfileIdentifier": { + "markdownDescription": "The identifier of the environment profile that is used to create this Amazon DataZone environment.", + "title": "EnvironmentProfileIdentifier", + "type": "string" + }, + "EnvironmentRoleArn": { + "markdownDescription": "The ARN of the environment role.", + "title": "EnvironmentRoleArn", "type": "string" + }, + "GlossaryTerms": { + "items": { + "type": "string" + }, + "markdownDescription": "The glossary terms that can be used in this Amazon DataZone environment.", + "title": "GlossaryTerms", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the Amazon DataZone environment.", + "title": "Name", + "type": "string" + }, + "ProjectIdentifier": { + "markdownDescription": "The identifier of the Amazon DataZone project in which this environment is created.", + "title": "ProjectIdentifier", + "type": "string" + }, + "UserParameters": { + "items": { + "$ref": "#/definitions/AWS::DataZone::Environment.EnvironmentParameter" + }, + "markdownDescription": "The user parameters of this Amazon DataZone environment.", + "title": "UserParameters", + "type": "array" } }, "required": [ - "Destination", - "Metric", - "Source", - "Statistic" + "DomainIdentifier", + "Name", + "ProjectIdentifier" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::NetworkPerformanceMetricSubscription" + "AWS::DataZone::Environment" ], "type": "string" }, @@ -76131,7 +82083,23 @@ ], "type": "object" }, - "AWS::EC2::PlacementGroup": { + "AWS::DataZone::Environment.EnvironmentParameter": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the environment parameter.", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the environment parameter.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataZone::EnvironmentActions": { "additionalProperties": false, "properties": { "Condition": { @@ -76166,35 +82134,45 @@ "Properties": { "additionalProperties": false, "properties": { - "PartitionCount": { - "markdownDescription": "The number of partitions. Valid only when *Strategy* is set to `partition` .", - "title": "PartitionCount", - "type": "number" + "Description": { + "markdownDescription": "The environment action description.", + "title": "Description", + "type": "string" }, - "SpreadLevel": { - "markdownDescription": "Determines how placement groups spread instances.\n\n- Host \u2013 You can use `host` only with Outpost placement groups.\n- Rack \u2013 No usage restrictions.", - "title": "SpreadLevel", + "DomainIdentifier": { + "markdownDescription": "The Amazon DataZone domain ID of the environment action.", + "title": "DomainIdentifier", "type": "string" }, - "Strategy": { - "markdownDescription": "The placement strategy.", - "title": "Strategy", + "EnvironmentIdentifier": { + "markdownDescription": "The environment ID of the environment action.", + "title": "EnvironmentIdentifier", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to apply to the new placement group.", - "title": "Tags", - "type": "array" + "Identifier": { + "markdownDescription": "The ID of the environment action.", + "title": "Identifier", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the environment action.", + "title": "Name", + "type": "string" + }, + "Parameters": { + "$ref": "#/definitions/AWS::DataZone::EnvironmentActions.AwsConsoleLinkParameters", + "markdownDescription": "The parameters of the environment action.", + "title": "Parameters" } }, + "required": [ + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::PlacementGroup" + "AWS::DataZone::EnvironmentActions" ], "type": "string" }, @@ -76208,11 +82186,23 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::EC2::PrefixList": { + "AWS::DataZone::EnvironmentActions.AwsConsoleLinkParameters": { + "additionalProperties": false, + "properties": { + "Uri": { + "markdownDescription": "The URI of the console link specified as part of the environment action.", + "title": "Uri", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataZone::EnvironmentBlueprintConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -76247,47 +82237,66 @@ "Properties": { "additionalProperties": false, "properties": { - "AddressFamily": { - "markdownDescription": "The IP address type.\n\nValid Values: `IPv4` | `IPv6`", - "title": "AddressFamily", + "DomainIdentifier": { + "markdownDescription": "The identifier of the Amazon DataZone domain in which an environment blueprint exists.", + "title": "DomainIdentifier", "type": "string" }, - "Entries": { + "EnabledRegions": { "items": { - "$ref": "#/definitions/AWS::EC2::PrefixList.Entry" + "type": "string" }, - "markdownDescription": "The entries for the prefix list.", - "title": "Entries", + "markdownDescription": "The enabled AWS Regions specified in a blueprint configuration.", + "title": "EnabledRegions", "type": "array" }, - "MaxEntries": { - "markdownDescription": "The maximum number of entries for the prefix list. You can't modify the entries and the size of a prefix list at the same time.\n\nThis property is required when you create a prefix list.", - "title": "MaxEntries", - "type": "number" + "EnvironmentBlueprintIdentifier": { + "markdownDescription": "The identifier of the environment blueprint.\n\nIn the current release, only the following values are supported: `DefaultDataLake` and `DefaultDataWarehouse` .", + "title": "EnvironmentBlueprintIdentifier", + "type": "string" }, - "PrefixListName": { - "markdownDescription": "A name for the prefix list.\n\nConstraints: Up to 255 characters in length. The name cannot start with `com.amazonaws` .", - "title": "PrefixListName", + "EnvironmentRolePermissionBoundary": { + "markdownDescription": "The environment role permission boundary.", + "title": "EnvironmentRolePermissionBoundary", "type": "string" }, - "Tags": { + "ManageAccessRoleArn": { + "markdownDescription": "The ARN of the manage access role.", + "title": "ManageAccessRoleArn", + "type": "string" + }, + "ProvisioningConfigurations": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::DataZone::EnvironmentBlueprintConfiguration.ProvisioningConfiguration" }, - "markdownDescription": "The tags for the prefix list.", - "title": "Tags", + "markdownDescription": "The provisioning configuration of a blueprint.", + "title": "ProvisioningConfigurations", + "type": "array" + }, + "ProvisioningRoleArn": { + "markdownDescription": "The ARN of the provisioning role.", + "title": "ProvisioningRoleArn", + "type": "string" + }, + "RegionalParameters": { + "items": { + "$ref": "#/definitions/AWS::DataZone::EnvironmentBlueprintConfiguration.RegionalParameter" + }, + "markdownDescription": "The regional parameters of the environment blueprint.", + "title": "RegionalParameters", "type": "array" } }, "required": [ - "AddressFamily", - "PrefixListName" + "DomainIdentifier", + "EnabledRegions", + "EnvironmentBlueprintIdentifier" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::PrefixList" + "AWS::DataZone::EnvironmentBlueprintConfiguration" ], "type": "string" }, @@ -76306,26 +82315,62 @@ ], "type": "object" }, - "AWS::EC2::PrefixList.Entry": { + "AWS::DataZone::EnvironmentBlueprintConfiguration.LakeFormationConfiguration": { "additionalProperties": false, "properties": { - "Cidr": { - "markdownDescription": "The CIDR block.", - "title": "Cidr", - "type": "string" + "LocationRegistrationExcludeS3Locations": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies certain Amazon S3 locations if you do not want Amazon DataZone to automatically register them in hybrid mode.", + "title": "LocationRegistrationExcludeS3Locations", + "type": "array" }, - "Description": { - "markdownDescription": "A description for the entry.\n\nConstraints: Up to 255 characters in length.", - "title": "Description", + "LocationRegistrationRole": { + "markdownDescription": "The role that is used to manage read/write access to the chosen Amazon S3 bucket(s) for Data Lake using AWS Lake Formation hybrid access mode.", + "title": "LocationRegistrationRole", "type": "string" } }, + "type": "object" + }, + "AWS::DataZone::EnvironmentBlueprintConfiguration.ProvisioningConfiguration": { + "additionalProperties": false, + "properties": { + "LakeFormationConfiguration": { + "$ref": "#/definitions/AWS::DataZone::EnvironmentBlueprintConfiguration.LakeFormationConfiguration", + "markdownDescription": "The Lake Formation configuration of the Data Lake blueprint.", + "title": "LakeFormationConfiguration" + } + }, "required": [ - "Cidr" + "LakeFormationConfiguration" ], "type": "object" }, - "AWS::EC2::Route": { + "AWS::DataZone::EnvironmentBlueprintConfiguration.RegionalParameter": { + "additionalProperties": false, + "properties": { + "Parameters": { + "additionalProperties": true, + "markdownDescription": "A string to string map containing parameters for the region.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Parameters", + "type": "object" + }, + "Region": { + "markdownDescription": "The region specified in the environment parameter.", + "title": "Region", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataZone::EnvironmentProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -76360,90 +82405,157 @@ "Properties": { "additionalProperties": false, "properties": { - "CarrierGatewayId": { - "markdownDescription": "The ID of the carrier gateway.\n\nYou can only use this option when the VPC contains a subnet which is associated with a Wavelength Zone.", - "title": "CarrierGatewayId", - "type": "string" - }, - "CoreNetworkArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the core network.", - "title": "CoreNetworkArn", - "type": "string" - }, - "DestinationCidrBlock": { - "markdownDescription": "The IPv4 CIDR address block used for the destination match. Routing decisions are based on the most specific match. We modify the specified CIDR block to its canonical form; for example, if you specify `100.68.0.18/18` , we modify it to `100.68.0.0/18` .", - "title": "DestinationCidrBlock", - "type": "string" - }, - "DestinationIpv6CidrBlock": { - "markdownDescription": "The IPv6 CIDR block used for the destination match. Routing decisions are based on the most specific match.", - "title": "DestinationIpv6CidrBlock", - "type": "string" - }, - "DestinationPrefixListId": { - "markdownDescription": "The ID of a prefix list used for the destination match.", - "title": "DestinationPrefixListId", + "AwsAccountId": { + "markdownDescription": "The identifier of an AWS account in which an environment profile exists.", + "title": "AwsAccountId", "type": "string" }, - "EgressOnlyInternetGatewayId": { - "markdownDescription": "[IPv6 traffic only] The ID of an egress-only internet gateway.", - "title": "EgressOnlyInternetGatewayId", + "AwsAccountRegion": { + "markdownDescription": "The AWS Region in which an environment profile exists.", + "title": "AwsAccountRegion", "type": "string" }, - "GatewayId": { - "markdownDescription": "The ID of an internet gateway or virtual private gateway attached to your VPC.", - "title": "GatewayId", + "Description": { + "markdownDescription": "The description of the environment profile.", + "title": "Description", "type": "string" }, - "InstanceId": { - "markdownDescription": "The ID of a NAT instance in your VPC. The operation fails if you specify an instance ID unless exactly one network interface is attached.", - "title": "InstanceId", + "DomainIdentifier": { + "markdownDescription": "The identifier of the Amazon DataZone domain in which the environment profile exists.", + "title": "DomainIdentifier", "type": "string" }, - "LocalGatewayId": { - "markdownDescription": "The ID of the local gateway.", - "title": "LocalGatewayId", + "EnvironmentBlueprintIdentifier": { + "markdownDescription": "The identifier of a blueprint with which an environment profile is created.", + "title": "EnvironmentBlueprintIdentifier", "type": "string" }, - "NatGatewayId": { - "markdownDescription": "[IPv4 traffic only] The ID of a NAT gateway.", - "title": "NatGatewayId", + "Name": { + "markdownDescription": "The name of the environment profile.", + "title": "Name", "type": "string" }, - "NetworkInterfaceId": { - "markdownDescription": "The ID of a network interface.", - "title": "NetworkInterfaceId", + "ProjectIdentifier": { + "markdownDescription": "The identifier of a project in which an environment profile exists.", + "title": "ProjectIdentifier", "type": "string" }, - "RouteTableId": { - "markdownDescription": "The ID of the route table for the route.", - "title": "RouteTableId", + "UserParameters": { + "items": { + "$ref": "#/definitions/AWS::DataZone::EnvironmentProfile.EnvironmentParameter" + }, + "markdownDescription": "The user parameters of this Amazon DataZone environment profile.", + "title": "UserParameters", + "type": "array" + } + }, + "required": [ + "AwsAccountId", + "AwsAccountRegion", + "DomainIdentifier", + "EnvironmentBlueprintIdentifier", + "Name", + "ProjectIdentifier" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::DataZone::EnvironmentProfile" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::DataZone::EnvironmentProfile.EnvironmentParameter": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name specified in the environment parameter.", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the environment profile.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataZone::GroupProfile": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, - "TransitGatewayId": { - "markdownDescription": "The ID of a transit gateway.", - "title": "TransitGatewayId", + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DomainIdentifier": { + "markdownDescription": "The identifier of the Amazon DataZone domain in which a group profile exists.", + "title": "DomainIdentifier", "type": "string" }, - "VpcEndpointId": { - "markdownDescription": "The ID of a VPC endpoint. Supported for Gateway Load Balancer endpoints only.", - "title": "VpcEndpointId", + "GroupIdentifier": { + "markdownDescription": "The ID of the group of a project member.", + "title": "GroupIdentifier", "type": "string" }, - "VpcPeeringConnectionId": { - "markdownDescription": "The ID of a VPC peering connection.", - "title": "VpcPeeringConnectionId", + "Status": { + "markdownDescription": "The status of a group profile.", + "title": "Status", "type": "string" } }, "required": [ - "RouteTableId" + "DomainIdentifier", + "GroupIdentifier" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::Route" + "AWS::DataZone::GroupProfile" ], "type": "string" }, @@ -76462,7 +82574,7 @@ ], "type": "object" }, - "AWS::EC2::RouteTable": { + "AWS::DataZone::Owner": { "additionalProperties": false, "properties": { "Condition": { @@ -76497,28 +82609,38 @@ "Properties": { "additionalProperties": false, "properties": { - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Any tags assigned to the route table.", - "title": "Tags", - "type": "array" + "DomainIdentifier": { + "markdownDescription": "The ID of the domain in which you want to add the entity owner.", + "title": "DomainIdentifier", + "type": "string" }, - "VpcId": { - "markdownDescription": "The ID of the VPC.", - "title": "VpcId", + "EntityIdentifier": { + "markdownDescription": "The ID of the entity to which you want to add an owner.", + "title": "EntityIdentifier", "type": "string" + }, + "EntityType": { + "markdownDescription": "The type of an entity.", + "title": "EntityType", + "type": "string" + }, + "Owner": { + "$ref": "#/definitions/AWS::DataZone::Owner.OwnerProperties", + "markdownDescription": "The owner that you want to add to the entity.", + "title": "Owner" } }, "required": [ - "VpcId" + "DomainIdentifier", + "EntityIdentifier", + "EntityType", + "Owner" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::RouteTable" + "AWS::DataZone::Owner" ], "type": "string" }, @@ -76537,7 +82659,45 @@ ], "type": "object" }, - "AWS::EC2::SecurityGroup": { + "AWS::DataZone::Owner.OwnerGroupProperties": { + "additionalProperties": false, + "properties": { + "GroupIdentifier": { + "markdownDescription": "The ID of the domain unit owners group.", + "title": "GroupIdentifier", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataZone::Owner.OwnerProperties": { + "additionalProperties": false, + "properties": { + "Group": { + "$ref": "#/definitions/AWS::DataZone::Owner.OwnerGroupProperties", + "markdownDescription": "Specifies that the domain unit owner is a group.", + "title": "Group" + }, + "User": { + "$ref": "#/definitions/AWS::DataZone::Owner.OwnerUserProperties", + "markdownDescription": "Specifies that the domain unit owner is a user.", + "title": "User" + } + }, + "type": "object" + }, + "AWS::DataZone::Owner.OwnerUserProperties": { + "additionalProperties": false, + "properties": { + "UserIdentifier": { + "markdownDescription": "The ID of the owner user.", + "title": "UserIdentifier", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataZone::Project": { "additionalProperties": false, "properties": { "Condition": { @@ -76572,54 +82732,187 @@ "Properties": { "additionalProperties": false, "properties": { - "GroupDescription": { - "markdownDescription": "A description for the security group.\n\nConstraints: Up to 255 characters in length\n\nValid characters: a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*", - "title": "GroupDescription", + "Description": { + "markdownDescription": "The description of a project.", + "title": "Description", "type": "string" }, - "GroupName": { - "markdownDescription": "The name of the security group. Names are case-insensitive and must be unique within the VPC.\n\nConstraints: Up to 255 characters in length. Can't start with `sg-` .\n\nValid characters: a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*", - "title": "GroupName", + "DomainIdentifier": { + "markdownDescription": "The identifier of a Amazon DataZone domain where the project exists.", + "title": "DomainIdentifier", "type": "string" }, - "SecurityGroupEgress": { + "DomainUnitId": { + "markdownDescription": "The ID of the domain unit. This parameter is not required and if it is not specified, then the project is created at the root domain unit level.", + "title": "DomainUnitId", + "type": "string" + }, + "GlossaryTerms": { "items": { - "$ref": "#/definitions/AWS::EC2::SecurityGroup.Egress" + "type": "string" }, - "markdownDescription": "The outbound rules associated with the security group.", - "title": "SecurityGroupEgress", + "markdownDescription": "The glossary terms that can be used in this Amazon DataZone project.", + "title": "GlossaryTerms", "type": "array" }, - "SecurityGroupIngress": { + "Name": { + "markdownDescription": "The name of a project.", + "title": "Name", + "type": "string" + }, + "ProjectProfileId": { + "markdownDescription": "The ID of the project profile.", + "title": "ProjectProfileId", + "type": "string" + }, + "ProjectProfileVersion": { + "markdownDescription": "The project profile version to which the project should be updated. You can only specify the following string for this parameter: `latest` .", + "title": "ProjectProfileVersion", + "type": "string" + }, + "UserParameters": { "items": { - "$ref": "#/definitions/AWS::EC2::SecurityGroup.Ingress" + "$ref": "#/definitions/AWS::DataZone::Project.EnvironmentConfigurationUserParameter" }, - "markdownDescription": "The inbound rules associated with the security group.", - "title": "SecurityGroupIngress", + "markdownDescription": "The user parameters of the project.", + "title": "UserParameters", "type": "array" + } + }, + "required": [ + "DomainIdentifier", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::DataZone::Project" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::DataZone::Project.EnvironmentConfigurationUserParameter": { + "additionalProperties": false, + "properties": { + "EnvironmentConfigurationName": { + "markdownDescription": "The environment configuration name.", + "title": "EnvironmentConfigurationName", + "type": "string" + }, + "EnvironmentId": { + "markdownDescription": "The ID of the environment.", + "title": "EnvironmentId", + "type": "string" + }, + "EnvironmentParameters": { + "items": { + "$ref": "#/definitions/AWS::DataZone::Project.EnvironmentParameter" + }, + "markdownDescription": "The environment parameters.", + "title": "EnvironmentParameters", + "type": "array" + } + }, + "type": "object" + }, + "AWS::DataZone::Project.EnvironmentParameter": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of an environment profile parameter.", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of an environment profile parameter.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataZone::ProjectMembership": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" }, - "Tags": { + { "items": { - "$ref": "#/definitions/Tag" + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" }, - "markdownDescription": "Any tags assigned to the security group.", - "title": "Tags", "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Designation": { + "markdownDescription": "The designated role of a project member.", + "title": "Designation", + "type": "string" }, - "VpcId": { - "markdownDescription": "The ID of the VPC for the security group. If you do not specify a VPC, the default is to use the default VPC for the Region. If there's no specified VPC and no default VPC, security group creation fails.", - "title": "VpcId", + "DomainIdentifier": { + "markdownDescription": "The ID of the Amazon DataZone domain in which project membership is created.", + "title": "DomainIdentifier", + "type": "string" + }, + "Member": { + "$ref": "#/definitions/AWS::DataZone::ProjectMembership.Member", + "markdownDescription": "The details about a project member.", + "title": "Member" + }, + "ProjectIdentifier": { + "markdownDescription": "The ID of the project for which this project membership was created.", + "title": "ProjectIdentifier", "type": "string" } }, "required": [ - "GroupDescription" + "Designation", + "DomainIdentifier", + "Member", + "ProjectIdentifier" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::SecurityGroup" + "AWS::DataZone::ProjectMembership" ], "type": "string" }, @@ -76638,115 +82931,250 @@ ], "type": "object" }, - "AWS::EC2::SecurityGroup.Egress": { + "AWS::DataZone::ProjectMembership.Member": { "additionalProperties": false, "properties": { - "CidrIp": { - "markdownDescription": "The IPv4 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", - "title": "CidrIp", + "GroupIdentifier": { + "markdownDescription": "The ID of the group of a project member.", + "title": "GroupIdentifier", "type": "string" }, - "CidrIpv6": { - "markdownDescription": "The IPv6 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", - "title": "CidrIpv6", + "UserIdentifier": { + "markdownDescription": "The user ID of a project member.", + "title": "UserIdentifier", "type": "string" - }, - "Description": { - "markdownDescription": "A description for the security group rule.\n\nConstraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*", - "title": "Description", + } + }, + "type": "object" + }, + "AWS::DataZone::ProjectProfile": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "DestinationPrefixListId": { - "markdownDescription": "The prefix list IDs for the destination AWS service. This is the AWS service that you want to access through a VPC endpoint from instances associated with the security group.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .", - "title": "DestinationPrefixListId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "DestinationSecurityGroupId": { - "markdownDescription": "The ID of the destination VPC security group.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .", - "title": "DestinationSecurityGroupId", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "FromPort": { - "markdownDescription": "If the protocol is TCP or UDP, this is the start of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP type or -1 (all ICMP types).", - "title": "FromPort", - "type": "number" + "Metadata": { + "type": "object" }, - "IpProtocol": { - "markdownDescription": "The IP protocol name ( `tcp` , `udp` , `icmp` , `icmpv6` ) or number (see [Protocol Numbers](https://docs.aws.amazon.com/http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) ).\n\nUse `-1` to specify all protocols. When authorizing security group rules, specifying `-1` or a protocol number other than `tcp` , `udp` , `icmp` , or `icmpv6` allows traffic on all ports, regardless of any port range you specify. For `tcp` , `udp` , and `icmp` , you must specify a port range. For `icmpv6` , the port range is optional; if you omit the port range, traffic for all types and codes is allowed.", - "title": "IpProtocol", + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the project profile.", + "title": "Description", + "type": "string" + }, + "DomainIdentifier": { + "markdownDescription": "A domain ID of the project profile.", + "title": "DomainIdentifier", + "type": "string" + }, + "DomainUnitIdentifier": { + "markdownDescription": "A domain unit ID of the project profile.", + "title": "DomainUnitIdentifier", + "type": "string" + }, + "EnvironmentConfigurations": { + "items": { + "$ref": "#/definitions/AWS::DataZone::ProjectProfile.EnvironmentConfiguration" + }, + "markdownDescription": "Environment configurations of a project profile.", + "title": "EnvironmentConfigurations", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of a project profile.", + "title": "Name", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of a project profile.", + "title": "Status", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::DataZone::ProjectProfile" + ], "type": "string" }, - "ToPort": { - "markdownDescription": "If the protocol is TCP or UDP, this is the end of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP code or -1 (all ICMP codes). If the start port is -1 (all ICMP types), then the end port must be -1 (all ICMP codes).", - "title": "ToPort", - "type": "number" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "IpProtocol" + "Type", + "Properties" ], "type": "object" }, - "AWS::EC2::SecurityGroup.Ingress": { + "AWS::DataZone::ProjectProfile.AwsAccount": { "additionalProperties": false, "properties": { - "CidrIp": { - "markdownDescription": "The IPv4 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `SourcePrefixListId` , or `SourceSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", - "title": "CidrIp", + "AwsAccountId": { + "markdownDescription": "The account ID of a project.", + "title": "AwsAccountId", "type": "string" + } + }, + "required": [ + "AwsAccountId" + ], + "type": "object" + }, + "AWS::DataZone::ProjectProfile.EnvironmentConfiguration": { + "additionalProperties": false, + "properties": { + "AwsAccount": { + "$ref": "#/definitions/AWS::DataZone::ProjectProfile.AwsAccount", + "markdownDescription": "The AWS account of the environment.", + "title": "AwsAccount" }, - "CidrIpv6": { - "markdownDescription": "The IPv6 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `SourcePrefixListId` , or `SourceSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", - "title": "CidrIpv6", + "AwsRegion": { + "$ref": "#/definitions/AWS::DataZone::ProjectProfile.Region", + "markdownDescription": "The AWS Region of the environment.", + "title": "AwsRegion" + }, + "ConfigurationParameters": { + "$ref": "#/definitions/AWS::DataZone::ProjectProfile.EnvironmentConfigurationParametersDetails", + "markdownDescription": "The configuration parameters of the environment.", + "title": "ConfigurationParameters" + }, + "DeploymentMode": { + "markdownDescription": "The deployment mode of the environment.", + "title": "DeploymentMode", "type": "string" }, + "DeploymentOrder": { + "markdownDescription": "The deployment order of the environment.", + "title": "DeploymentOrder", + "type": "number" + }, "Description": { - "markdownDescription": "Updates the description of an ingress (inbound) security group rule. You can replace an existing description, or add a description to a rule that did not have one previously.\n\nConstraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*", + "markdownDescription": "The environment description.", "title": "Description", "type": "string" }, - "FromPort": { - "markdownDescription": "If the protocol is TCP or UDP, this is the start of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP type or -1 (all ICMP types).", - "title": "FromPort", - "type": "number" - }, - "IpProtocol": { - "markdownDescription": "The IP protocol name ( `tcp` , `udp` , `icmp` , `icmpv6` ) or number (see [Protocol Numbers](https://docs.aws.amazon.com/http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) ).\n\nUse `-1` to specify all protocols. When authorizing security group rules, specifying `-1` or a protocol number other than `tcp` , `udp` , `icmp` , or `icmpv6` allows traffic on all ports, regardless of any port range you specify. For `tcp` , `udp` , and `icmp` , you must specify a port range. For `icmpv6` , the port range is optional; if you omit the port range, traffic for all types and codes is allowed.", - "title": "IpProtocol", + "EnvironmentBlueprintId": { + "markdownDescription": "The environment blueprint ID.", + "title": "EnvironmentBlueprintId", "type": "string" }, - "SourcePrefixListId": { - "markdownDescription": "The ID of a prefix list.", - "title": "SourcePrefixListId", + "Id": { + "markdownDescription": "The environment ID.", + "title": "Id", "type": "string" }, - "SourceSecurityGroupId": { - "markdownDescription": "The ID of the security group.", - "title": "SourceSecurityGroupId", + "Name": { + "markdownDescription": "The environment name.", + "title": "Name", "type": "string" + } + }, + "required": [ + "AwsRegion", + "EnvironmentBlueprintId", + "Name" + ], + "type": "object" + }, + "AWS::DataZone::ProjectProfile.EnvironmentConfigurationParameter": { + "additionalProperties": false, + "properties": { + "IsEditable": { + "markdownDescription": "Specifies whether the environment parameter is editable.", + "title": "IsEditable", + "type": "boolean" }, - "SourceSecurityGroupName": { - "markdownDescription": "[Default VPC] The name of the source security group. You must specify either the security group ID or the security group name. You can't specify the group name in combination with an IP address range. Creates rules that grant full ICMP, UDP, and TCP access.\n\nFor security groups in a nondefault VPC, you must specify the group ID.", - "title": "SourceSecurityGroupName", + "Name": { + "markdownDescription": "The name of the environment configuration parameter.", + "title": "Name", "type": "string" }, - "SourceSecurityGroupOwnerId": { - "markdownDescription": "[nondefault VPC] The AWS account ID for the source security group, if the source security group is in a different account. You can't specify this property with an IP address range. Creates rules that grant full ICMP, UDP, and TCP access.\n\nIf you specify `SourceSecurityGroupName` or `SourceSecurityGroupId` and that security group is owned by a different account than the account creating the stack, you must specify the `SourceSecurityGroupOwnerId` ; otherwise, this property is optional.", - "title": "SourceSecurityGroupOwnerId", + "Value": { + "markdownDescription": "The value of the environment configuration parameter.", + "title": "Value", "type": "string" + } + }, + "type": "object" + }, + "AWS::DataZone::ProjectProfile.EnvironmentConfigurationParametersDetails": { + "additionalProperties": false, + "properties": { + "ParameterOverrides": { + "items": { + "$ref": "#/definitions/AWS::DataZone::ProjectProfile.EnvironmentConfigurationParameter" + }, + "markdownDescription": "The parameter overrides.", + "title": "ParameterOverrides", + "type": "array" }, - "ToPort": { - "markdownDescription": "If the protocol is TCP or UDP, this is the end of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP code or -1 (all ICMP codes). If the start port is -1 (all ICMP types), then the end port must be -1 (all ICMP codes).", - "title": "ToPort", - "type": "number" + "ResolvedParameters": { + "items": { + "$ref": "#/definitions/AWS::DataZone::ProjectProfile.EnvironmentConfigurationParameter" + }, + "markdownDescription": "The resolved environment configuration parameters.", + "title": "ResolvedParameters", + "type": "array" + }, + "SsmPath": { + "markdownDescription": "Ssm path environment configuration parameters.", + "title": "SsmPath", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataZone::ProjectProfile.Region": { + "additionalProperties": false, + "properties": { + "RegionName": { + "markdownDescription": "The AWS Region name.", + "title": "RegionName", + "type": "string" } }, "required": [ - "IpProtocol" + "RegionName" ], "type": "object" }, - "AWS::EC2::SecurityGroupEgress": { + "AWS::DataZone::SubscriptionTarget": { "additionalProperties": false, "properties": { "Condition": { @@ -76781,61 +83209,75 @@ "Properties": { "additionalProperties": false, "properties": { - "CidrIp": { - "markdownDescription": "The IPv4 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", - "title": "CidrIp", - "type": "string" + "ApplicableAssetTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The asset types included in the subscription target.", + "title": "ApplicableAssetTypes", + "type": "array" }, - "CidrIpv6": { - "markdownDescription": "The IPv6 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", - "title": "CidrIpv6", - "type": "string" + "AuthorizedPrincipals": { + "items": { + "type": "string" + }, + "markdownDescription": "The authorized principals included in the subscription target.", + "title": "AuthorizedPrincipals", + "type": "array" }, - "Description": { - "markdownDescription": "The description of an egress (outbound) security group rule.\n\nConstraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*", - "title": "Description", + "DomainIdentifier": { + "markdownDescription": "The ID of the Amazon DataZone domain in which subscription target is created.", + "title": "DomainIdentifier", "type": "string" }, - "DestinationPrefixListId": { - "markdownDescription": "The prefix list IDs for an AWS service. This is the AWS service to access through a VPC endpoint from instances associated with the security group.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .", - "title": "DestinationPrefixListId", + "EnvironmentIdentifier": { + "markdownDescription": "The ID of the environment in which subscription target is created.", + "title": "EnvironmentIdentifier", "type": "string" }, - "DestinationSecurityGroupId": { - "markdownDescription": "The ID of the security group.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .", - "title": "DestinationSecurityGroupId", + "ManageAccessRole": { + "markdownDescription": "The manage access role that is used to create the subscription target.", + "title": "ManageAccessRole", "type": "string" }, - "FromPort": { - "markdownDescription": "If the protocol is TCP or UDP, this is the start of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP type or -1 (all ICMP types).", - "title": "FromPort", - "type": "number" - }, - "GroupId": { - "markdownDescription": "The ID of the security group. You must specify either the security group ID or the security group name in the request. For security groups in a nondefault VPC, you must specify the security group ID.", - "title": "GroupId", + "Name": { + "markdownDescription": "The name of the subscription target.", + "title": "Name", "type": "string" }, - "IpProtocol": { - "markdownDescription": "The IP protocol name ( `tcp` , `udp` , `icmp` , `icmpv6` ) or number (see [Protocol Numbers](https://docs.aws.amazon.com/http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) ).\n\nUse `-1` to specify all protocols. When authorizing security group rules, specifying `-1` or a protocol number other than `tcp` , `udp` , `icmp` , or `icmpv6` allows traffic on all ports, regardless of any port range you specify. For `tcp` , `udp` , and `icmp` , you must specify a port range. For `icmpv6` , the port range is optional; if you omit the port range, traffic for all types and codes is allowed.", - "title": "IpProtocol", + "Provider": { + "markdownDescription": "The provider of the subscription target.", + "title": "Provider", "type": "string" }, - "ToPort": { - "markdownDescription": "If the protocol is TCP or UDP, this is the end of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP code or -1 (all ICMP codes). If the start port is -1 (all ICMP types), then the end port must be -1 (all ICMP codes).", - "title": "ToPort", - "type": "number" + "SubscriptionTargetConfig": { + "items": { + "$ref": "#/definitions/AWS::DataZone::SubscriptionTarget.SubscriptionTargetForm" + }, + "markdownDescription": "The configuration of the subscription target.", + "title": "SubscriptionTargetConfig", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of the subscription target.", + "title": "Type", + "type": "string" } }, "required": [ - "GroupId", - "IpProtocol" + "ApplicableAssetTypes", + "AuthorizedPrincipals", + "DomainIdentifier", + "EnvironmentIdentifier", + "Name", + "SubscriptionTargetConfig", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::SecurityGroupEgress" + "AWS::DataZone::SubscriptionTarget" ], "type": "string" }, @@ -76854,7 +83296,27 @@ ], "type": "object" }, - "AWS::EC2::SecurityGroupIngress": { + "AWS::DataZone::SubscriptionTarget.SubscriptionTargetForm": { + "additionalProperties": false, + "properties": { + "Content": { + "markdownDescription": "The content of the subscription target configuration.", + "title": "Content", + "type": "string" + }, + "FormName": { + "markdownDescription": "The form name included in the subscription target configuration.", + "title": "FormName", + "type": "string" + } + }, + "required": [ + "Content", + "FormName" + ], + "type": "object" + }, + "AWS::DataZone::UserProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -76889,75 +83351,36 @@ "Properties": { "additionalProperties": false, "properties": { - "CidrIp": { - "markdownDescription": "The IPv4 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `SourcePrefixListId` , or `SourceSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", - "title": "CidrIp", - "type": "string" - }, - "CidrIpv6": { - "markdownDescription": "The IPv6 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `SourcePrefixListId` , or `SourceSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", - "title": "CidrIpv6", - "type": "string" - }, - "Description": { - "markdownDescription": "Updates the description of an ingress (inbound) security group rule. You can replace an existing description, or add a description to a rule that did not have one previously.\n\nConstraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*", - "title": "Description", - "type": "string" - }, - "FromPort": { - "markdownDescription": "The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type number. A value of `-1` indicates all ICMP/ICMPv6 types. If you specify all ICMP/ICMPv6 types, you must specify all codes.\n\nUse this for ICMP and any protocol that uses ports.", - "title": "FromPort", - "type": "number" - }, - "GroupId": { - "markdownDescription": "The ID of the security group.", - "title": "GroupId", - "type": "string" - }, - "GroupName": { - "markdownDescription": "[Default VPC] The name of the security group. For security groups for a default VPC you can specify either the ID or the name of the security group. For security groups for a nondefault VPC, you must specify the ID of the security group.", - "title": "GroupName", - "type": "string" - }, - "IpProtocol": { - "markdownDescription": "The IP protocol name ( `tcp` , `udp` , `icmp` , `icmpv6` ) or number (see [Protocol Numbers](https://docs.aws.amazon.com/http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) ).\n\nUse `-1` to specify all protocols. When authorizing security group rules, specifying `-1` or a protocol number other than `tcp` , `udp` , `icmp` , or `icmpv6` allows traffic on all ports, regardless of any port range you specify. For `tcp` , `udp` , and `icmp` , you must specify a port range. For `icmpv6` , the port range is optional; if you omit the port range, traffic for all types and codes is allowed.", - "title": "IpProtocol", - "type": "string" - }, - "SourcePrefixListId": { - "markdownDescription": "The ID of a prefix list.", - "title": "SourcePrefixListId", + "DomainIdentifier": { + "markdownDescription": "The identifier of a Amazon DataZone domain in which a user profile exists.", + "title": "DomainIdentifier", "type": "string" }, - "SourceSecurityGroupId": { - "markdownDescription": "The ID of the security group. You must specify either the security group ID or the security group name. For security groups in a nondefault VPC, you must specify the security group ID.", - "title": "SourceSecurityGroupId", + "Status": { + "markdownDescription": "The status of the user profile.", + "title": "Status", "type": "string" }, - "SourceSecurityGroupName": { - "markdownDescription": "[Default VPC] The name of the source security group. You must specify either the security group ID or the security group name. You can't specify the group name in combination with an IP address range. Creates rules that grant full ICMP, UDP, and TCP access.\n\nFor security groups in a nondefault VPC, you must specify the group ID.", - "title": "SourceSecurityGroupName", + "UserIdentifier": { + "markdownDescription": "The identifier of the user for which the user profile is created.", + "title": "UserIdentifier", "type": "string" }, - "SourceSecurityGroupOwnerId": { - "markdownDescription": "[nondefault VPC] The AWS account ID for the source security group, if the source security group is in a different account. You can't specify this property with an IP address range. Creates rules that grant full ICMP, UDP, and TCP access.\n\nIf you specify `SourceSecurityGroupName` or `SourceSecurityGroupId` and that security group is owned by a different account than the account creating the stack, you must specify `SourceSecurityGroupOwnerId` ; otherwise, this property is optional.", - "title": "SourceSecurityGroupOwnerId", + "UserType": { + "markdownDescription": "The user type of the user for which the user profile is created.", + "title": "UserType", "type": "string" - }, - "ToPort": { - "markdownDescription": "The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code. A value of `-1` indicates all ICMP/ICMPv6 codes for the specified ICMP type. If you specify all ICMP/ICMPv6 types, you must specify all codes.\n\nUse this for ICMP and any protocol that uses ports.", - "title": "ToPort", - "type": "number" } }, "required": [ - "IpProtocol" + "DomainIdentifier", + "UserIdentifier" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::SecurityGroupIngress" + "AWS::DataZone::UserProfile" ], "type": "string" }, @@ -76976,7 +83399,55 @@ ], "type": "object" }, - "AWS::EC2::SnapshotBlockPublicAccess": { + "AWS::DataZone::UserProfile.IamUserProfileDetails": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The ARN of an IAM user profile in Amazon DataZone.", + "title": "Arn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataZone::UserProfile.SsoUserProfileDetails": { + "additionalProperties": false, + "properties": { + "FirstName": { + "markdownDescription": "The first name included in the single sign-on details of the user profile.", + "title": "FirstName", + "type": "string" + }, + "LastName": { + "markdownDescription": "The last name included in the single sign-on details of the user profile.", + "title": "LastName", + "type": "string" + }, + "Username": { + "markdownDescription": "The username included in the single sign-on details of the user profile.", + "title": "Username", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataZone::UserProfile.UserProfileDetails": { + "additionalProperties": false, + "properties": { + "Iam": { + "$ref": "#/definitions/AWS::DataZone::UserProfile.IamUserProfileDetails", + "markdownDescription": "The IAM details included in the user profile details.", + "title": "Iam" + }, + "Sso": { + "$ref": "#/definitions/AWS::DataZone::UserProfile.SsoUserProfileDetails", + "markdownDescription": "The single sign-on details included in the user profile details.", + "title": "Sso" + } + }, + "type": "object" + }, + "AWS::Deadline::Farm": { "additionalProperties": false, "properties": { "Condition": { @@ -77011,20 +83482,38 @@ "Properties": { "additionalProperties": false, "properties": { - "State": { - "markdownDescription": "The mode in which to enable block public access for snapshots for the Region. Specify one of the following values:\n\n- `block-all-sharing` - Prevents all public sharing of snapshots in the Region. Users in the account will no longer be able to request new public sharing. Additionally, snapshots that are already publicly shared are treated as private and they are no longer publicly available.\n\n> If you enable block public access for snapshots in `block-all-sharing` mode, it does not change the permissions for snapshots that are already publicly shared. Instead, it prevents these snapshots from be publicly visible and publicly accessible. Therefore, the attributes for these snapshots still indicate that they are publicly shared, even though they are not publicly available.\n- `block-new-sharing` - Prevents only new public sharing of snapshots in the Region. Users in the account will no longer be able to request new public sharing. However, snapshots that are already publicly shared, remain publicly available.", - "title": "State", + "Description": { + "markdownDescription": "A description of the farm that helps identify what the farm is used for.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", + "title": "Description", + "type": "string" + }, + "DisplayName": { + "markdownDescription": "The display name of the farm.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", + "title": "DisplayName", + "type": "string" + }, + "KmsKeyArn": { + "markdownDescription": "The ARN for the KMS key.", + "title": "KmsKeyArn", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to add to your farm. Each tag consists of a tag key and a tag value. Tag keys and values are both required, but tag values can be empty strings.", + "title": "Tags", + "type": "array" } }, "required": [ - "State" + "DisplayName" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::SnapshotBlockPublicAccess" + "AWS::Deadline::Farm" ], "type": "string" }, @@ -77043,7 +83532,7 @@ ], "type": "object" }, - "AWS::EC2::SpotFleet": { + "AWS::Deadline::Fleet": { "additionalProperties": false, "properties": { "Condition": { @@ -77078,20 +83567,67 @@ "Properties": { "additionalProperties": false, "properties": { - "SpotFleetRequestConfigData": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotFleetRequestConfigData", - "markdownDescription": "Describes the configuration of a Spot Fleet request.", - "title": "SpotFleetRequestConfigData" + "Configuration": { + "$ref": "#/definitions/AWS::Deadline::Fleet.FleetConfiguration", + "markdownDescription": "The configuration details for the fleet.", + "title": "Configuration" + }, + "Description": { + "markdownDescription": "A description that helps identify what the fleet is used for.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", + "title": "Description", + "type": "string" + }, + "DisplayName": { + "markdownDescription": "The display name of the fleet summary to update.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", + "title": "DisplayName", + "type": "string" + }, + "FarmId": { + "markdownDescription": "The farm ID.", + "title": "FarmId", + "type": "string" + }, + "HostConfiguration": { + "$ref": "#/definitions/AWS::Deadline::Fleet.HostConfiguration", + "markdownDescription": "Provides a script that runs as a worker is starting up that you can use to provide additional configuration for workers in your fleet.\n\nTo remove a script from a fleet, use the [UpdateFleet](https://docs.aws.amazon.com/deadline-cloud/latest/APIReference/API_UpdateFleet.html) operation with the `hostConfiguration` `scriptBody` parameter set to an empty string (\"\").", + "title": "HostConfiguration" + }, + "MaxWorkerCount": { + "markdownDescription": "The maximum number of workers specified in the fleet.", + "title": "MaxWorkerCount", + "type": "number" + }, + "MinWorkerCount": { + "markdownDescription": "The minimum number of workers in the fleet.", + "title": "MinWorkerCount", + "type": "number" + }, + "RoleArn": { + "markdownDescription": "The IAM role that workers in the fleet use when processing jobs.", + "title": "RoleArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to add to your fleet. Each tag consists of a tag key and a tag value. Tag keys and values are both required, but tag values can be empty strings.", + "title": "Tags", + "type": "array" } }, "required": [ - "SpotFleetRequestConfigData" + "Configuration", + "DisplayName", + "FarmId", + "MaxWorkerCount", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::SpotFleet" + "AWS::Deadline::Fleet" ], "type": "string" }, @@ -77110,979 +83646,459 @@ ], "type": "object" }, - "AWS::EC2::SpotFleet.AcceleratorCountRequest": { + "AWS::Deadline::Fleet.AcceleratorCapabilities": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum number of accelerators. To specify no maximum limit, omit this parameter. To exclude accelerator-enabled instance types, set `Max` to `0` .", - "title": "Max", - "type": "number" + "Count": { + "$ref": "#/definitions/AWS::Deadline::Fleet.AcceleratorCountRange", + "markdownDescription": "The number of GPU accelerators specified for worker hosts in this fleet.", + "title": "Count" }, - "Min": { - "markdownDescription": "The minimum number of accelerators. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" + "Selections": { + "items": { + "$ref": "#/definitions/AWS::Deadline::Fleet.AcceleratorSelection" + }, + "markdownDescription": "A list of accelerator capabilities requested for this fleet. Only Amazon Elastic Compute Cloud instances that provide these capabilities will be used. For example, if you specify both L4 and T4 chips, Deadline Cloud will use Amazon EC2 instances that have either the L4 or the T4 chip installed.", + "title": "Selections", + "type": "array" } }, + "required": [ + "Selections" + ], "type": "object" }, - "AWS::EC2::SpotFleet.AcceleratorTotalMemoryMiBRequest": { + "AWS::Deadline::Fleet.AcceleratorCountRange": { "additionalProperties": false, "properties": { "Max": { - "markdownDescription": "The maximum amount of accelerator memory, in MiB. To specify no maximum limit, omit this parameter.", + "markdownDescription": "The maximum number of GPU accelerators in the worker host.", "title": "Max", "type": "number" }, "Min": { - "markdownDescription": "The minimum amount of accelerator memory, in MiB. To specify no minimum limit, omit this parameter.", + "markdownDescription": "The minimum number of GPU accelerators in the worker host.", "title": "Min", "type": "number" } }, + "required": [ + "Min" + ], "type": "object" }, - "AWS::EC2::SpotFleet.BaselineEbsBandwidthMbpsRequest": { + "AWS::Deadline::Fleet.AcceleratorSelection": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the chip used by the GPU accelerator.\n\nIf you specify `l4` as the name of the accelerator, you must specify `latest` or `grid:r570` as the runtime.\n\nThe available GPU accelerators are:\n\n- `t4` - NVIDIA T4 Tensor Core GPU\n- `a10g` - NVIDIA A10G Tensor Core GPU\n- `l4` - NVIDIA L4 Tensor Core GPU\n- `l40s` - NVIDIA L40S Tensor Core GPU", + "title": "Name", + "type": "string" + }, + "Runtime": { + "markdownDescription": "Specifies the runtime driver to use for the GPU accelerator. You must use the same runtime for all GPUs.\n\nYou can choose from the following runtimes:\n\n- `latest` - Use the latest runtime available for the chip. If you specify `latest` and a new version of the runtime is released, the new version of the runtime is used.\n- `grid:r570` - [NVIDIA vGPU software 18](https://docs.aws.amazon.com/https://docs.nvidia.com/vgpu/18.0/index.html)\n- `grid:r535` - [NVIDIA vGPU software 16](https://docs.aws.amazon.com/https://docs.nvidia.com/vgpu/16.0/index.html)\n\nIf you don't specify a runtime, Deadline Cloud uses `latest` as the default. However, if you have multiple accelerators and specify `latest` for some and leave others blank, Deadline Cloud raises an exception.", + "title": "Runtime", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::Deadline::Fleet.AcceleratorTotalMemoryMiBRange": { "additionalProperties": false, "properties": { "Max": { - "markdownDescription": "The maximum baseline bandwidth, in Mbps. To specify no maximum limit, omit this parameter.", + "markdownDescription": "The maximum amount of memory to use for the accelerator, measured in MiB.", "title": "Max", "type": "number" }, "Min": { - "markdownDescription": "The minimum baseline bandwidth, in Mbps. To specify no minimum limit, omit this parameter.", + "markdownDescription": "The minimum amount of memory to use for the accelerator, measured in MiB.", "title": "Min", "type": "number" } }, + "required": [ + "Min" + ], "type": "object" }, - "AWS::EC2::SpotFleet.BlockDeviceMapping": { + "AWS::Deadline::Fleet.CustomerManagedFleetConfiguration": { "additionalProperties": false, "properties": { - "DeviceName": { - "markdownDescription": "The device name (for example, `/dev/sdh` or `xvdh` ).", - "title": "DeviceName", + "Mode": { + "markdownDescription": "The AWS Auto Scaling mode for the customer managed fleet configuration.", + "title": "Mode", "type": "string" }, - "Ebs": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.EbsBlockDevice", - "markdownDescription": "Parameters used to automatically set up EBS volumes when the instance is launched.", - "title": "Ebs" - }, - "NoDevice": { - "markdownDescription": "To omit the device from the block device mapping, specify an empty string. When this property is specified, the device is removed from the block device mapping regardless of the assigned value.", - "title": "NoDevice", + "StorageProfileId": { + "markdownDescription": "The storage profile ID.", + "title": "StorageProfileId", "type": "string" }, - "VirtualName": { - "markdownDescription": "The virtual device name ( `ephemeral` N). Instance store volumes are numbered starting from 0. An instance type with 2 available instance store volumes can specify mappings for `ephemeral0` and `ephemeral1` . The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume.\n\nNVMe instance store volumes are automatically enumerated and assigned a device name. Including them in your block device mapping has no effect.\n\nConstraints: For M3 instances, you must specify instance store volumes in the block device mapping for the instance. When you launch an M3 instance, we ignore any instance store volumes specified in the block device mapping for the AMI.", - "title": "VirtualName", - "type": "string" - } - }, - "required": [ - "DeviceName" - ], - "type": "object" - }, - "AWS::EC2::SpotFleet.ClassicLoadBalancer": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the load balancer.", - "title": "Name", + "TagPropagationMode": { + "markdownDescription": "Specifies whether tags associated with a fleet are attached to workers when the worker is launched.\n\nWhen the `tagPropagationMode` is set to `PROPAGATE_TAGS_TO_WORKERS_AT_LAUNCH` any tag associated with a fleet is attached to workers when they launch. If the tags for a fleet change, the tags associated with running workers *do not* change.\n\nIf you don't specify `tagPropagationMode` , the default is `NO_PROPAGATION` .", + "title": "TagPropagationMode", "type": "string" + }, + "WorkerCapabilities": { + "$ref": "#/definitions/AWS::Deadline::Fleet.CustomerManagedWorkerCapabilities", + "markdownDescription": "The worker capabilities for a customer managed fleet configuration.", + "title": "WorkerCapabilities" } }, "required": [ - "Name" + "Mode", + "WorkerCapabilities" ], "type": "object" }, - "AWS::EC2::SpotFleet.ClassicLoadBalancersConfig": { + "AWS::Deadline::Fleet.CustomerManagedWorkerCapabilities": { "additionalProperties": false, "properties": { - "ClassicLoadBalancers": { + "AcceleratorCount": { + "$ref": "#/definitions/AWS::Deadline::Fleet.AcceleratorCountRange", + "markdownDescription": "The range of the accelerator.", + "title": "AcceleratorCount" + }, + "AcceleratorTotalMemoryMiB": { + "$ref": "#/definitions/AWS::Deadline::Fleet.AcceleratorTotalMemoryMiBRange", + "markdownDescription": "The total memory (MiB) for the customer managed worker capabilities.", + "title": "AcceleratorTotalMemoryMiB" + }, + "AcceleratorTypes": { "items": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.ClassicLoadBalancer" + "type": "string" }, - "markdownDescription": "One or more Classic Load Balancers.", - "title": "ClassicLoadBalancers", + "markdownDescription": "The accelerator types for the customer managed worker capabilities.", + "title": "AcceleratorTypes", + "type": "array" + }, + "CpuArchitectureType": { + "markdownDescription": "The CPU architecture type for the customer managed worker capabilities.", + "title": "CpuArchitectureType", + "type": "string" + }, + "CustomAmounts": { + "items": { + "$ref": "#/definitions/AWS::Deadline::Fleet.FleetAmountCapability" + }, + "markdownDescription": "Custom requirement ranges for customer managed worker capabilities.", + "title": "CustomAmounts", + "type": "array" + }, + "CustomAttributes": { + "items": { + "$ref": "#/definitions/AWS::Deadline::Fleet.FleetAttributeCapability" + }, + "markdownDescription": "Custom attributes for the customer manged worker capabilities.", + "title": "CustomAttributes", "type": "array" + }, + "MemoryMiB": { + "$ref": "#/definitions/AWS::Deadline::Fleet.MemoryMiBRange", + "markdownDescription": "The memory (MiB).", + "title": "MemoryMiB" + }, + "OsFamily": { + "markdownDescription": "The operating system (OS) family.", + "title": "OsFamily", + "type": "string" + }, + "VCpuCount": { + "$ref": "#/definitions/AWS::Deadline::Fleet.VCpuCountRange", + "markdownDescription": "The vCPU count for the customer manged worker capabilities.", + "title": "VCpuCount" } }, "required": [ - "ClassicLoadBalancers" + "CpuArchitectureType", + "MemoryMiB", + "OsFamily", + "VCpuCount" ], "type": "object" }, - "AWS::EC2::SpotFleet.EbsBlockDevice": { + "AWS::Deadline::Fleet.Ec2EbsVolume": { "additionalProperties": false, "properties": { - "DeleteOnTermination": { - "markdownDescription": "Indicates whether the EBS volume is deleted on instance termination. For more information, see [Preserving Amazon EBS volumes on instance termination](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#preserving-volumes-on-termination) in the *Amazon EC2 User Guide* .", - "title": "DeleteOnTermination", - "type": "boolean" - }, - "Encrypted": { - "markdownDescription": "Indicates whether the encryption state of an EBS volume is changed while being restored from a backing snapshot. The effect of setting the encryption state to `true` depends on the volume origin (new or from a snapshot), starting encryption state, ownership, and whether encryption by default is enabled. For more information, see [Amazon EBS Encryption](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#encryption-parameters) in the *Amazon EC2 User Guide* .\n\nIn no case can you remove encryption from an encrypted volume.\n\nEncrypted volumes can only be attached to instances that support Amazon EBS encryption. For more information, see [Supported Instance Types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#EBSEncryption_supported_instances) .\n\nThis parameter is not returned by [DescribeImageAttribute](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeImageAttribute.html) .", - "title": "Encrypted", - "type": "boolean" - }, "Iops": { - "markdownDescription": "The number of I/O operations per second (IOPS). For `gp3` , `io1` , and `io2` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n\nThe following are the supported values for each volume type:\n\n- `gp3` : 3,000 - 16,000 IOPS\n- `io1` : 100 - 64,000 IOPS\n- `io2` : 100 - 256,000 IOPS\n\nFor `io2` volumes, you can achieve up to 256,000 IOPS on [instances built on the Nitro System](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances) . On other instances, you can achieve performance up to 32,000 IOPS.\n\nThis parameter is required for `io1` and `io2` volumes. The default for `gp3` volumes is 3,000 IOPS.", + "markdownDescription": "The IOPS per volume.", "title": "Iops", "type": "number" }, - "SnapshotId": { - "markdownDescription": "The ID of the snapshot.", - "title": "SnapshotId", - "type": "string" - }, - "VolumeSize": { - "markdownDescription": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. If you specify a snapshot, the default is the snapshot size. You can specify a volume size that is equal to or larger than the snapshot size.\n\nThe following are the supported sizes for each volume type:\n\n- `gp2` and `gp3` : 1 - 16,384 GiB\n- `io1` : 4 - 16,384 GiB\n- `io2` : 4 - 65,536 GiB\n- `st1` and `sc1` : 125 - 16,384 GiB\n- `standard` : 1 - 1024 GiB", - "title": "VolumeSize", + "SizeGiB": { + "markdownDescription": "The EBS volume size in GiB.", + "title": "SizeGiB", "type": "number" }, - "VolumeType": { - "markdownDescription": "The volume type. For more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volume-types.html) in the *Amazon EBS User Guide* .", - "title": "VolumeType", - "type": "string" + "ThroughputMiB": { + "markdownDescription": "The throughput per volume in MiB.", + "title": "ThroughputMiB", + "type": "number" } }, "type": "object" }, - "AWS::EC2::SpotFleet.FleetLaunchTemplateSpecification": { + "AWS::Deadline::Fleet.FleetAmountCapability": { "additionalProperties": false, "properties": { - "LaunchTemplateId": { - "markdownDescription": "The ID of the launch template.\n\nYou must specify the `LaunchTemplateId` or the `LaunchTemplateName` , but not both.", - "title": "LaunchTemplateId", - "type": "string" + "Max": { + "markdownDescription": "The maximum amount of the fleet worker capability.", + "title": "Max", + "type": "number" }, - "LaunchTemplateName": { - "markdownDescription": "The name of the launch template.\n\nYou must specify the `LaunchTemplateName` or the `LaunchTemplateId` , but not both.", - "title": "LaunchTemplateName", - "type": "string" + "Min": { + "markdownDescription": "The minimum amount of fleet worker capability.", + "title": "Min", + "type": "number" }, - "Version": { - "markdownDescription": "The version number of the launch template.\n\nSpecifying `$Latest` or `$Default` for the template version number is not supported. However, you can specify `LatestVersionNumber` or `DefaultVersionNumber` using the `Fn::GetAtt` intrinsic function. For more information, see [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html#aws-resource-ec2-launchtemplate-return-values-fn--getatt) .", - "title": "Version", - "type": "string" - } - }, - "required": [ - "Version" - ], - "type": "object" - }, - "AWS::EC2::SpotFleet.GroupIdentifier": { - "additionalProperties": false, - "properties": { - "GroupId": { - "markdownDescription": "The ID of the security group.", - "title": "GroupId", - "type": "string" - } - }, - "required": [ - "GroupId" - ], - "type": "object" - }, - "AWS::EC2::SpotFleet.IamInstanceProfileSpecification": { - "additionalProperties": false, - "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the instance profile.", - "title": "Arn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::SpotFleet.InstanceIpv6Address": { - "additionalProperties": false, - "properties": { - "Ipv6Address": { - "markdownDescription": "The IPv6 address.", - "title": "Ipv6Address", + "Name": { + "markdownDescription": "The name of the fleet capability.", + "title": "Name", "type": "string" } }, "required": [ - "Ipv6Address" + "Min", + "Name" ], "type": "object" }, - "AWS::EC2::SpotFleet.InstanceNetworkInterfaceSpecification": { + "AWS::Deadline::Fleet.FleetAttributeCapability": { "additionalProperties": false, "properties": { - "AssociatePublicIpAddress": { - "markdownDescription": "Indicates whether to assign a public IPv4 address to an instance you launch in a VPC. The public IP address can only be assigned to a network interface for eth0, and can only be assigned to a new network interface, not an existing one. You cannot specify more than one network interface in the request. If launching into a default subnet, the default value is `true` .\n\nAWS charges for all public IPv4 addresses, including public IPv4 addresses associated with running instances and Elastic IP addresses. For more information, see the *Public IPv4 Address* tab on the [Amazon VPC pricing page](https://docs.aws.amazon.com/vpc/pricing/) .", - "title": "AssociatePublicIpAddress", - "type": "boolean" - }, - "DeleteOnTermination": { - "markdownDescription": "Indicates whether the network interface is deleted when the instance is terminated.", - "title": "DeleteOnTermination", - "type": "boolean" - }, - "Description": { - "markdownDescription": "The description of the network interface. Applies only if creating a network interface when launching an instance.", - "title": "Description", + "Name": { + "markdownDescription": "The name of the fleet attribute capability for the worker.", + "title": "Name", "type": "string" }, - "DeviceIndex": { - "markdownDescription": "The position of the network interface in the attachment order. A primary network interface has a device index of 0.\n\nIf you specify a network interface when launching an instance, you must specify the device index.", - "title": "DeviceIndex", - "type": "number" - }, - "Groups": { + "Values": { "items": { "type": "string" }, - "markdownDescription": "The IDs of the security groups for the network interface. Applies only if creating a network interface when launching an instance.", - "title": "Groups", - "type": "array" - }, - "Ipv6AddressCount": { - "markdownDescription": "A number of IPv6 addresses to assign to the network interface. Amazon EC2 chooses the IPv6 addresses from the range of the subnet. You cannot specify this option and the option to assign specific IPv6 addresses in the same request. You can specify this option if you've specified a minimum number of instances to launch.", - "title": "Ipv6AddressCount", - "type": "number" - }, - "Ipv6Addresses": { - "items": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.InstanceIpv6Address" - }, - "markdownDescription": "The IPv6 addresses to assign to the network interface. You cannot specify this option and the option to assign a number of IPv6 addresses in the same request. You cannot specify this option if you've specified a minimum number of instances to launch.", - "title": "Ipv6Addresses", - "type": "array" - }, - "NetworkInterfaceId": { - "markdownDescription": "The ID of the network interface.\n\nIf you are creating a Spot Fleet, omit this parameter because you can\u2019t specify a network interface ID in a launch specification.", - "title": "NetworkInterfaceId", - "type": "string" - }, - "PrivateIpAddresses": { - "items": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.PrivateIpAddressSpecification" - }, - "markdownDescription": "The private IPv4 addresses to assign to the network interface. Only one private IPv4 address can be designated as primary. You cannot specify this option if you're launching more than one instance in a [RunInstances](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html) request.", - "title": "PrivateIpAddresses", + "markdownDescription": "The number of fleet attribute capabilities.", + "title": "Values", "type": "array" - }, - "SecondaryPrivateIpAddressCount": { - "markdownDescription": "The number of secondary private IPv4 addresses. You can\u2019t specify this parameter and also specify a secondary private IP address using the `PrivateIpAddress` parameter.", - "title": "SecondaryPrivateIpAddressCount", - "type": "number" - }, - "SubnetId": { - "markdownDescription": "The ID of the subnet associated with the network interface.", - "title": "SubnetId", - "type": "string" } }, + "required": [ + "Name", + "Values" + ], "type": "object" }, - "AWS::EC2::SpotFleet.InstanceRequirementsRequest": { + "AWS::Deadline::Fleet.FleetCapabilities": { "additionalProperties": false, "properties": { - "AcceleratorCount": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.AcceleratorCountRequest", - "markdownDescription": "The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferentia chips) on an instance.\n\nTo exclude accelerator-enabled instance types, set `Max` to `0` .\n\nDefault: No minimum or maximum limits", - "title": "AcceleratorCount" - }, - "AcceleratorManufacturers": { - "items": { - "type": "string" - }, - "markdownDescription": "Indicates whether instance types must have accelerators by specific manufacturers.\n\n- For instance types with AWS devices, specify `amazon-web-services` .\n- For instance types with AMD devices, specify `amd` .\n- For instance types with Habana devices, specify `habana` .\n- For instance types with NVIDIA devices, specify `nvidia` .\n- For instance types with Xilinx devices, specify `xilinx` .\n\nDefault: Any manufacturer", - "title": "AcceleratorManufacturers", - "type": "array" - }, - "AcceleratorNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The accelerators that must be on the instance type.\n\n- For instance types with NVIDIA A10G GPUs, specify `a10g` .\n- For instance types with NVIDIA A100 GPUs, specify `a100` .\n- For instance types with NVIDIA H100 GPUs, specify `h100` .\n- For instance types with AWS Inferentia chips, specify `inferentia` .\n- For instance types with NVIDIA GRID K520 GPUs, specify `k520` .\n- For instance types with NVIDIA K80 GPUs, specify `k80` .\n- For instance types with NVIDIA M60 GPUs, specify `m60` .\n- For instance types with AMD Radeon Pro V520 GPUs, specify `radeon-pro-v520` .\n- For instance types with NVIDIA T4 GPUs, specify `t4` .\n- For instance types with NVIDIA T4G GPUs, specify `t4g` .\n- For instance types with Xilinx VU9P FPGAs, specify `vu9p` .\n- For instance types with NVIDIA V100 GPUs, specify `v100` .\n\nDefault: Any accelerator", - "title": "AcceleratorNames", - "type": "array" - }, - "AcceleratorTotalMemoryMiB": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.AcceleratorTotalMemoryMiBRequest", - "markdownDescription": "The minimum and maximum amount of total accelerator memory, in MiB.\n\nDefault: No minimum or maximum limits", - "title": "AcceleratorTotalMemoryMiB" - }, - "AcceleratorTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The accelerator types that must be on the instance type.\n\n- For instance types with FPGA accelerators, specify `fpga` .\n- For instance types with GPU accelerators, specify `gpu` .\n- For instance types with Inference accelerators, specify `inference` .\n\nDefault: Any accelerator type", - "title": "AcceleratorTypes", - "type": "array" - }, - "AllowedInstanceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The instance types to apply your specified attributes against. All other instance types are ignored, even if they match your specified attributes.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to allow an instance type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will allow the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will allow all the M5a instance types, but not the M5n instance types.\n\n> If you specify `AllowedInstanceTypes` , you can't specify `ExcludedInstanceTypes` . \n\nDefault: All instance types", - "title": "AllowedInstanceTypes", - "type": "array" - }, - "BareMetal": { - "markdownDescription": "Indicates whether bare metal instance types must be included, excluded, or required.\n\n- To include bare metal instance types, specify `included` .\n- To require only bare metal instance types, specify `required` .\n- To exclude bare metal instance types, specify `excluded` .\n\nDefault: `excluded`", - "title": "BareMetal", - "type": "string" - }, - "BaselineEbsBandwidthMbps": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.BaselineEbsBandwidthMbpsRequest", - "markdownDescription": "The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps. For more information, see [Amazon EBS\u2013optimized instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-optimized.html) in the *Amazon EC2 User Guide* .\n\nDefault: No minimum or maximum limits", - "title": "BaselineEbsBandwidthMbps" - }, - "BurstablePerformance": { - "markdownDescription": "Indicates whether burstable performance T instance types are included, excluded, or required. For more information, see [Burstable performance instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) .\n\n- To include burstable performance instance types, specify `included` .\n- To require only burstable performance instance types, specify `required` .\n- To exclude burstable performance instance types, specify `excluded` .\n\nDefault: `excluded`", - "title": "BurstablePerformance", - "type": "string" - }, - "CpuManufacturers": { - "items": { - "type": "string" - }, - "markdownDescription": "The CPU manufacturers to include.\n\n- For instance types with Intel CPUs, specify `intel` .\n- For instance types with AMD CPUs, specify `amd` .\n- For instance types with AWS CPUs, specify `amazon-web-services` .\n- For instance types with Apple CPUs, specify `apple` .\n\n> Don't confuse the CPU manufacturer with the CPU architecture. Instances will be launched with a compatible CPU architecture based on the Amazon Machine Image (AMI) that you specify in your launch template. \n\nDefault: Any manufacturer", - "title": "CpuManufacturers", - "type": "array" - }, - "ExcludedInstanceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The instance types to exclude.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to exclude an instance family, type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will exclude the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will exclude all the M5a instance types, but not the M5n instance types.\n\n> If you specify `ExcludedInstanceTypes` , you can't specify `AllowedInstanceTypes` . \n\nDefault: No excluded instance types", - "title": "ExcludedInstanceTypes", - "type": "array" - }, - "InstanceGenerations": { + "Amounts": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Deadline::Fleet.FleetAmountCapability" }, - "markdownDescription": "Indicates whether current or previous generation instance types are included. The current generation instance types are recommended for use. Current generation instance types are typically the latest two to three generations in each instance family. For more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .\n\nFor current generation instance types, specify `current` .\n\nFor previous generation instance types, specify `previous` .\n\nDefault: Current and previous generation instance types", - "title": "InstanceGenerations", + "markdownDescription": "Amount capabilities of the fleet.", + "title": "Amounts", "type": "array" }, - "LocalStorage": { - "markdownDescription": "Indicates whether instance types with instance store volumes are included, excluded, or required. For more information, [Amazon EC2 instance store](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html) in the *Amazon EC2 User Guide* .\n\n- To include instance types with instance store volumes, specify `included` .\n- To require only instance types with instance store volumes, specify `required` .\n- To exclude instance types with instance store volumes, specify `excluded` .\n\nDefault: `included`", - "title": "LocalStorage", - "type": "string" - }, - "LocalStorageTypes": { + "Attributes": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Deadline::Fleet.FleetAttributeCapability" }, - "markdownDescription": "The type of local storage that is required.\n\n- For instance types with hard disk drive (HDD) storage, specify `hdd` .\n- For instance types with solid state drive (SSD) storage, specify `ssd` .\n\nDefault: `hdd` and `ssd`", - "title": "LocalStorageTypes", + "markdownDescription": "Attribute capabilities of the fleet.", + "title": "Attributes", "type": "array" - }, - "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice": { - "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage of an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is based on the per vCPU or per memory price instead of the per instance price.\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` .", - "title": "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice", - "type": "number" - }, - "MemoryGiBPerVCpu": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.MemoryGiBPerVCpuRequest", - "markdownDescription": "The minimum and maximum amount of memory per vCPU, in GiB.\n\nDefault: No minimum or maximum limits", - "title": "MemoryGiBPerVCpu" - }, - "MemoryMiB": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.MemoryMiBRequest", - "markdownDescription": "The minimum and maximum amount of memory, in MiB.", - "title": "MemoryMiB" - }, - "NetworkBandwidthGbps": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.NetworkBandwidthGbpsRequest", - "markdownDescription": "The minimum and maximum amount of baseline network bandwidth, in gigabits per second (Gbps). For more information, see [Amazon EC2 instance network bandwidth](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-network-bandwidth.html) in the *Amazon EC2 User Guide* .\n\nDefault: No minimum or maximum limits", - "title": "NetworkBandwidthGbps" - }, - "NetworkInterfaceCount": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.NetworkInterfaceCountRequest", - "markdownDescription": "The minimum and maximum number of network interfaces.\n\nDefault: No minimum or maximum limits", - "title": "NetworkInterfaceCount" - }, - "OnDemandMaxPricePercentageOverLowestPrice": { - "markdownDescription": "[Price protection] The price protection threshold for On-Demand Instances, as a percentage higher than an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nTo indicate no price protection threshold, specify a high value, such as `999999` .\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n> If you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price. \n\nDefault: `20`", - "title": "OnDemandMaxPricePercentageOverLowestPrice", - "type": "number" - }, - "RequireHibernateSupport": { - "markdownDescription": "Indicates whether instance types must support hibernation for On-Demand Instances.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) .\n\nDefault: `false`", - "title": "RequireHibernateSupport", - "type": "boolean" - }, - "SpotMaxPricePercentageOverLowestPrice": { - "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage higher than an identified Spot price. The identified Spot price is the Spot price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified Spot price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose Spot price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` . \n\nDefault: `100`", - "title": "SpotMaxPricePercentageOverLowestPrice", - "type": "number" - }, - "TotalLocalStorageGB": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.TotalLocalStorageGBRequest", - "markdownDescription": "The minimum and maximum amount of total local storage, in GB.\n\nDefault: No minimum or maximum limits", - "title": "TotalLocalStorageGB" - }, - "VCpuCount": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.VCpuCountRangeRequest", - "markdownDescription": "The minimum and maximum number of vCPUs.", - "title": "VCpuCount" } }, "type": "object" }, - "AWS::EC2::SpotFleet.LaunchTemplateConfig": { + "AWS::Deadline::Fleet.FleetConfiguration": { "additionalProperties": false, "properties": { - "LaunchTemplateSpecification": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.FleetLaunchTemplateSpecification", - "markdownDescription": "The launch template to use. Make sure that the launch template does not contain the `NetworkInterfaceId` parameter because you can't specify a network interface ID in a Spot Fleet.", - "title": "LaunchTemplateSpecification" + "CustomerManaged": { + "$ref": "#/definitions/AWS::Deadline::Fleet.CustomerManagedFleetConfiguration", + "markdownDescription": "The customer managed fleets within a fleet configuration.", + "title": "CustomerManaged" }, - "Overrides": { - "items": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.LaunchTemplateOverrides" - }, - "markdownDescription": "Any parameters that you specify override the same parameters in the launch template.", - "title": "Overrides", - "type": "array" + "ServiceManagedEc2": { + "$ref": "#/definitions/AWS::Deadline::Fleet.ServiceManagedEc2FleetConfiguration", + "markdownDescription": "The service managed Amazon EC2 instances for a fleet configuration.", + "title": "ServiceManagedEc2" } }, "type": "object" }, - "AWS::EC2::SpotFleet.LaunchTemplateOverrides": { + "AWS::Deadline::Fleet.HostConfiguration": { "additionalProperties": false, "properties": { - "AvailabilityZone": { - "markdownDescription": "The Availability Zone in which to launch the instances.", - "title": "AvailabilityZone", - "type": "string" - }, - "InstanceRequirements": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.InstanceRequirementsRequest", - "markdownDescription": "The instance requirements. When you specify instance requirements, Amazon EC2 will identify instance types with the provided requirements, and then use your On-Demand and Spot allocation strategies to launch instances from these instance types, in the same way as when you specify a list of instance types.\n\n> If you specify `InstanceRequirements` , you can't specify `InstanceType` .", - "title": "InstanceRequirements" - }, - "InstanceType": { - "markdownDescription": "The instance type.", - "title": "InstanceType", - "type": "string" - }, - "Priority": { - "markdownDescription": "The priority for the launch template override. The highest priority is launched first.\n\nIf `OnDemandAllocationStrategy` is set to `prioritized` , Spot Fleet uses priority to determine which launch template override to use first in fulfilling On-Demand capacity.\n\nIf the Spot `AllocationStrategy` is set to `capacityOptimizedPrioritized` , Spot Fleet uses priority on a best-effort basis to determine which launch template override to use in fulfilling Spot capacity, but optimizes for capacity first.\n\nValid values are whole numbers starting at `0` . The lower the number, the higher the priority. If no number is set, the launch template override has the lowest priority. You can set the same priority for different launch template overrides.", - "title": "Priority", - "type": "number" - }, - "SpotPrice": { - "markdownDescription": "The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.\n\n> If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.", - "title": "SpotPrice", - "type": "string" - }, - "SubnetId": { - "markdownDescription": "The ID of the subnet in which to launch the instances.", - "title": "SubnetId", + "ScriptBody": { + "markdownDescription": "The text of the script that runs as a worker is starting up that you can use to provide additional configuration for workers in your fleet. The script runs after a worker enters the `STARTING` state and before the worker processes tasks.\n\nFor more information about using the script, see [Run scripts as an administrator to configure workers](https://docs.aws.amazon.com/deadline-cloud/latest/developerguide/smf-admin.html) in the *Deadline Cloud Developer Guide* .\n\n> The script runs as an administrative user ( `sudo root` on Linux, as an Administrator on Windows).", + "title": "ScriptBody", "type": "string" }, - "WeightedCapacity": { - "markdownDescription": "The number of units provided by the specified instance type. These are the same units that you chose to set the target capacity in terms of instances, or a performance characteristic such as vCPUs, memory, or I/O.\n\nIf the target capacity divided by this value is not a whole number, Amazon EC2 rounds the number of instances to the next whole number. If this value is not specified, the default is 1.\n\n> When specifying weights, the price used in the `lowestPrice` and `priceCapacityOptimized` allocation strategies is per *unit* hour (where the instance price is divided by the specified weight). However, if all the specified weights are above the requested `TargetCapacity` , resulting in only 1 instance being launched, the price used is per *instance* hour.", - "title": "WeightedCapacity", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::SpotFleet.LoadBalancersConfig": { - "additionalProperties": false, - "properties": { - "ClassicLoadBalancersConfig": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.ClassicLoadBalancersConfig", - "markdownDescription": "The Classic Load Balancers.", - "title": "ClassicLoadBalancersConfig" - }, - "TargetGroupsConfig": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.TargetGroupsConfig", - "markdownDescription": "The target groups.", - "title": "TargetGroupsConfig" - } - }, - "type": "object" - }, - "AWS::EC2::SpotFleet.MemoryGiBPerVCpuRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum amount of memory per vCPU, in GiB. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum amount of memory per vCPU, in GiB. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::SpotFleet.MemoryMiBRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum amount of memory, in MiB. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum amount of memory, in MiB. To specify no minimum limit, specify `0` .", - "title": "Min", + "ScriptTimeoutSeconds": { + "markdownDescription": "The maximum time that the host configuration can run. If the timeout expires, the worker enters the `NOT RESPONDING` state and shuts down. You are charged for the time that the worker is running the host configuration script.\n\n> You should configure your fleet for a maximum of one worker while testing your host configuration script to avoid starting additional workers. \n\nThe default is 300 seconds (5 minutes).", + "title": "ScriptTimeoutSeconds", "type": "number" } }, + "required": [ + "ScriptBody" + ], "type": "object" }, - "AWS::EC2::SpotFleet.NetworkBandwidthGbpsRequest": { + "AWS::Deadline::Fleet.MemoryMiBRange": { "additionalProperties": false, "properties": { "Max": { - "markdownDescription": "The maximum amount of network bandwidth, in Gbps. To specify no maximum limit, omit this parameter.", + "markdownDescription": "The maximum amount of memory (in MiB).", "title": "Max", "type": "number" }, "Min": { - "markdownDescription": "The minimum amount of network bandwidth, in Gbps. To specify no minimum limit, omit this parameter.", + "markdownDescription": "The minimum amount of memory (in MiB).", "title": "Min", "type": "number" } }, + "required": [ + "Min" + ], "type": "object" }, - "AWS::EC2::SpotFleet.NetworkInterfaceCountRequest": { + "AWS::Deadline::Fleet.ServiceManagedEc2FleetConfiguration": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum number of network interfaces. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" + "InstanceCapabilities": { + "$ref": "#/definitions/AWS::Deadline::Fleet.ServiceManagedEc2InstanceCapabilities", + "markdownDescription": "The Amazon EC2 instance capabilities.", + "title": "InstanceCapabilities" }, - "Min": { - "markdownDescription": "The minimum number of network interfaces. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::SpotFleet.PrivateIpAddressSpecification": { - "additionalProperties": false, - "properties": { - "Primary": { - "markdownDescription": "Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.", - "title": "Primary", - "type": "boolean" + "InstanceMarketOptions": { + "$ref": "#/definitions/AWS::Deadline::Fleet.ServiceManagedEc2InstanceMarketOptions", + "markdownDescription": "The Amazon EC2 market type.", + "title": "InstanceMarketOptions" }, - "PrivateIpAddress": { - "markdownDescription": "The private IPv4 address.", - "title": "PrivateIpAddress", + "StorageProfileId": { + "markdownDescription": "The storage profile ID.", + "title": "StorageProfileId", "type": "string" } }, "required": [ - "PrivateIpAddress" + "InstanceCapabilities", + "InstanceMarketOptions" ], "type": "object" }, - "AWS::EC2::SpotFleet.SpotCapacityRebalance": { - "additionalProperties": false, - "properties": { - "ReplacementStrategy": { - "markdownDescription": "The replacement strategy to use. Only available for fleets of type `maintain` .\n\n`launch` - Spot Fleet launches a new replacement Spot Instance when a rebalance notification is emitted for an existing Spot Instance in the fleet. Spot Fleet does not terminate the instances that receive a rebalance notification. You can terminate the old instances, or you can leave them running. You are charged for all instances while they are running.\n\n`launch-before-terminate` - Spot Fleet launches a new replacement Spot Instance when a rebalance notification is emitted for an existing Spot Instance in the fleet, and then, after a delay that you specify (in `TerminationDelay` ), terminates the instances that received a rebalance notification.", - "title": "ReplacementStrategy", - "type": "string" - }, - "TerminationDelay": { - "markdownDescription": "The amount of time (in seconds) that Amazon EC2 waits before terminating the old Spot Instance after launching a new replacement Spot Instance.\n\nRequired when `ReplacementStrategy` is set to `launch-before-terminate` .\n\nNot valid when `ReplacementStrategy` is set to `launch` .\n\nValid values: Minimum value of `120` seconds. Maximum value of `7200` seconds.", - "title": "TerminationDelay", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::SpotFleet.SpotFleetLaunchSpecification": { + "AWS::Deadline::Fleet.ServiceManagedEc2InstanceCapabilities": { "additionalProperties": false, "properties": { - "BlockDeviceMappings": { - "items": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.BlockDeviceMapping" - }, - "markdownDescription": "One or more block devices that are mapped to the Spot Instances. You can't specify both a snapshot ID and an encryption value. This is because only blank volumes can be encrypted on creation. If a snapshot is the basis for a volume, it is not blank and its encryption status is used for the volume encryption status.", - "title": "BlockDeviceMappings", - "type": "array" - }, - "EbsOptimized": { - "markdownDescription": "Indicates whether the instances are optimized for EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS Optimized instance.\n\nDefault: `false`", - "title": "EbsOptimized", - "type": "boolean" - }, - "IamInstanceProfile": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.IamInstanceProfileSpecification", - "markdownDescription": "The IAM instance profile.", - "title": "IamInstanceProfile" - }, - "ImageId": { - "markdownDescription": "The ID of the AMI.", - "title": "ImageId", - "type": "string" - }, - "InstanceRequirements": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.InstanceRequirementsRequest", - "markdownDescription": "The attributes for the instance types. When you specify instance attributes, Amazon EC2 will identify instance types with those attributes.\n\n> If you specify `InstanceRequirements` , you can't specify `InstanceType` .", - "title": "InstanceRequirements" - }, - "InstanceType": { - "markdownDescription": "The instance type.", - "title": "InstanceType", - "type": "string" - }, - "KernelId": { - "markdownDescription": "The ID of the kernel.", - "title": "KernelId", - "type": "string" - }, - "KeyName": { - "markdownDescription": "The name of the key pair.", - "title": "KeyName", - "type": "string" - }, - "Monitoring": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotFleetMonitoring", - "markdownDescription": "Enable or disable monitoring for the instances.", - "title": "Monitoring" - }, - "NetworkInterfaces": { - "items": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.InstanceNetworkInterfaceSpecification" - }, - "markdownDescription": "The network interfaces.", - "title": "NetworkInterfaces", - "type": "array" - }, - "Placement": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotPlacement", - "markdownDescription": "The placement information.", - "title": "Placement" - }, - "RamdiskId": { - "markdownDescription": "The ID of the RAM disk. Some kernels require additional drivers at launch. Check the kernel requirements for information about whether you need to specify a RAM disk. To find kernel requirements, refer to the AWS Resource Center and search for the kernel ID.", - "title": "RamdiskId", - "type": "string" - }, - "SecurityGroups": { - "items": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.GroupIdentifier" - }, - "markdownDescription": "The security groups.\n\nIf you specify a network interface, you must specify any security groups as part of the network interface instead of using this parameter.", - "title": "SecurityGroups", - "type": "array" - }, - "SpotPrice": { - "markdownDescription": "The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.\n\n> If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.", - "title": "SpotPrice", - "type": "string" - }, - "SubnetId": { - "markdownDescription": "The IDs of the subnets in which to launch the instances. To specify multiple subnets, separate them using commas; for example, \"subnet-1234abcdeexample1, subnet-0987cdef6example2\".\n\nIf you specify a network interface, you must specify any subnets as part of the network interface instead of using this parameter.", - "title": "SubnetId", - "type": "string" + "AcceleratorCapabilities": { + "$ref": "#/definitions/AWS::Deadline::Fleet.AcceleratorCapabilities", + "markdownDescription": "Describes the GPU accelerator capabilities required for worker host instances in this fleet.", + "title": "AcceleratorCapabilities" }, - "TagSpecifications": { + "AllowedInstanceTypes": { "items": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotFleetTagSpecification" + "type": "string" }, - "markdownDescription": "The tags to apply during creation.", - "title": "TagSpecifications", + "markdownDescription": "The allowable Amazon EC2 instance types.", + "title": "AllowedInstanceTypes", "type": "array" }, - "UserData": { - "markdownDescription": "The base64-encoded user data that instances use when starting up. User data is limited to 16 KB.", - "title": "UserData", - "type": "string" - }, - "WeightedCapacity": { - "markdownDescription": "The number of units provided by the specified instance type. These are the same units that you chose to set the target capacity in terms of instances, or a performance characteristic such as vCPUs, memory, or I/O.\n\nIf the target capacity divided by this value is not a whole number, Amazon EC2 rounds the number of instances to the next whole number. If this value is not specified, the default is 1.\n\n> When specifying weights, the price used in the `lowestPrice` and `priceCapacityOptimized` allocation strategies is per *unit* hour (where the instance price is divided by the specified weight). However, if all the specified weights are above the requested `TargetCapacity` , resulting in only 1 instance being launched, the price used is per *instance* hour.", - "title": "WeightedCapacity", - "type": "number" - } - }, - "required": [ - "ImageId" - ], - "type": "object" - }, - "AWS::EC2::SpotFleet.SpotFleetMonitoring": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Enables monitoring for the instance.\n\nDefault: `false`", - "title": "Enabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::EC2::SpotFleet.SpotFleetRequestConfigData": { - "additionalProperties": false, - "properties": { - "AllocationStrategy": { - "markdownDescription": "The strategy that determines how to allocate the target Spot Instance capacity across the Spot Instance pools specified by the Spot Fleet launch configuration. For more information, see [Allocation strategies for Spot Instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-allocation-strategy.html) in the *Amazon EC2 User Guide* .\n\n- **priceCapacityOptimized (recommended)** - Spot Fleet identifies the pools with the highest capacity availability for the number of instances that are launching. This means that we will request Spot Instances from the pools that we believe have the lowest chance of interruption in the near term. Spot Fleet then requests Spot Instances from the lowest priced of these pools.\n- **capacityOptimized** - Spot Fleet identifies the pools with the highest capacity availability for the number of instances that are launching. This means that we will request Spot Instances from the pools that we believe have the lowest chance of interruption in the near term. To give certain instance types a higher chance of launching first, use `capacityOptimizedPrioritized` . Set a priority for each instance type by using the `Priority` parameter for `LaunchTemplateOverrides` . You can assign the same priority to different `LaunchTemplateOverrides` . EC2 implements the priorities on a best-effort basis, but optimizes for capacity first. `capacityOptimizedPrioritized` is supported only if your Spot Fleet uses a launch template. Note that if the `OnDemandAllocationStrategy` is set to `prioritized` , the same priority is applied when fulfilling On-Demand capacity.\n- **diversified** - Spot Fleet requests instances from all of the Spot Instance pools that you specify.\n- **lowestPrice (not recommended)** - > We don't recommend the `lowestPrice` allocation strategy because it has the highest risk of interruption for your Spot Instances. \n\nSpot Fleet requests instances from the lowest priced Spot Instance pool that has available capacity. If the lowest priced pool doesn't have available capacity, the Spot Instances come from the next lowest priced pool that has available capacity. If a pool runs out of capacity before fulfilling your desired capacity, Spot Fleet will continue to fulfill your request by drawing from the next lowest priced pool. To ensure that your desired capacity is met, you might receive Spot Instances from several pools. Because this strategy only considers instance price and not capacity availability, it might lead to high interruption rates.\n\nDefault: `lowestPrice`", - "title": "AllocationStrategy", - "type": "string" - }, - "Context": { - "markdownDescription": "Reserved.", - "title": "Context", - "type": "string" - }, - "ExcessCapacityTerminationPolicy": { - "markdownDescription": "Indicates whether running Spot Instances should be terminated if you decrease the target capacity of the Spot Fleet request below the current size of the Spot Fleet.\n\nSupported only for fleets of type `maintain` .", - "title": "ExcessCapacityTerminationPolicy", - "type": "string" - }, - "IamFleetRole": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Identity and Access Management (IAM) role that grants the Spot Fleet the permission to request, launch, terminate, and tag instances on your behalf. For more information, see [Spot Fleet Prerequisites](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-requests.html#spot-fleet-prerequisites) in the *Amazon EC2 User Guide* . Spot Fleet can terminate Spot Instances on your behalf when you cancel its Spot Fleet request or when the Spot Fleet request expires, if you set `TerminateInstancesWithExpiration` .", - "title": "IamFleetRole", - "type": "string" - }, - "InstanceInterruptionBehavior": { - "markdownDescription": "The behavior when a Spot Instance is interrupted. The default is `terminate` .", - "title": "InstanceInterruptionBehavior", + "CpuArchitectureType": { + "markdownDescription": "The CPU architecture type.", + "title": "CpuArchitectureType", "type": "string" }, - "InstancePoolsToUseCount": { - "markdownDescription": "The number of Spot pools across which to allocate your target Spot capacity. Valid only when Spot *AllocationStrategy* is set to `lowest-price` . Spot Fleet selects the cheapest Spot pools and evenly allocates your target Spot capacity across the number of Spot pools that you specify.\n\nNote that Spot Fleet attempts to draw Spot Instances from the number of pools that you specify on a best effort basis. If a pool runs out of Spot capacity before fulfilling your target capacity, Spot Fleet will continue to fulfill your request by drawing from the next cheapest pool. To ensure that your target capacity is met, you might receive Spot Instances from more than the number of pools that you specified. Similarly, if most of the pools have no Spot capacity, you might receive your full target capacity from fewer than the number of pools that you specified.", - "title": "InstancePoolsToUseCount", - "type": "number" - }, - "LaunchSpecifications": { + "CustomAmounts": { "items": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotFleetLaunchSpecification" + "$ref": "#/definitions/AWS::Deadline::Fleet.FleetAmountCapability" }, - "markdownDescription": "The launch specifications for the Spot Fleet request. If you specify `LaunchSpecifications` , you can't specify `LaunchTemplateConfigs` .", - "title": "LaunchSpecifications", + "markdownDescription": "The custom capability amounts to require for instances in this fleet.", + "title": "CustomAmounts", "type": "array" }, - "LaunchTemplateConfigs": { + "CustomAttributes": { "items": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.LaunchTemplateConfig" + "$ref": "#/definitions/AWS::Deadline::Fleet.FleetAttributeCapability" }, - "markdownDescription": "The launch template and overrides. If you specify `LaunchTemplateConfigs` , you can't specify `LaunchSpecifications` .", - "title": "LaunchTemplateConfigs", + "markdownDescription": "The custom capability attributes to require for instances in this fleet.", + "title": "CustomAttributes", "type": "array" }, - "LoadBalancersConfig": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.LoadBalancersConfig", - "markdownDescription": "One or more Classic Load Balancers and target groups to attach to the Spot Fleet request. Spot Fleet registers the running Spot Instances with the specified Classic Load Balancers and target groups.\n\nWith Network Load Balancers, Spot Fleet cannot register instances that have the following instance types: C1, CC1, CC2, CG1, CG2, CR1, CS1, G1, G2, HI1, HS1, M1, M2, M3, and T1.", - "title": "LoadBalancersConfig" - }, - "OnDemandAllocationStrategy": { - "markdownDescription": "The order of the launch template overrides to use in fulfilling On-Demand capacity. If you specify `lowestPrice` , Spot Fleet uses price to determine the order, launching the lowest price first. If you specify `prioritized` , Spot Fleet uses the priority that you assign to each Spot Fleet launch template override, launching the highest priority first. If you do not specify a value, Spot Fleet defaults to `lowestPrice` .", - "title": "OnDemandAllocationStrategy", - "type": "string" - }, - "OnDemandMaxTotalPrice": { - "markdownDescription": "The maximum amount per hour for On-Demand Instances that you're willing to pay. You can use the `onDemandMaxTotalPrice` parameter, the `spotMaxTotalPrice` parameter, or both parameters to ensure that your fleet cost does not exceed your budget. If you set a maximum price per hour for the On-Demand Instances and Spot Instances in your request, Spot Fleet will launch instances until it reaches the maximum amount you're willing to pay. When the maximum amount you're willing to pay is reached, the fleet stops launching instances even if it hasn\u2019t met the target capacity.\n\n> If your fleet includes T instances that are configured as `unlimited` , and if their average CPU usage exceeds the baseline utilization, you will incur a charge for surplus credits. The `onDemandMaxTotalPrice` does not account for surplus credits, and, if you use surplus credits, your final cost might be higher than what you specified for `onDemandMaxTotalPrice` . For more information, see [Surplus credits can incur charges](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) in the *Amazon EC2 User Guide* .", - "title": "OnDemandMaxTotalPrice", - "type": "string" - }, - "OnDemandTargetCapacity": { - "markdownDescription": "The number of On-Demand units to request. You can choose to set the target capacity in terms of instances or a performance characteristic that is important to your application workload, such as vCPUs, memory, or I/O. If the request type is `maintain` , you can specify a target capacity of 0 and add capacity later.", - "title": "OnDemandTargetCapacity", - "type": "number" - }, - "ReplaceUnhealthyInstances": { - "markdownDescription": "Indicates whether Spot Fleet should replace unhealthy instances.", - "title": "ReplaceUnhealthyInstances", - "type": "boolean" - }, - "SpotMaintenanceStrategies": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotMaintenanceStrategies", - "markdownDescription": "The strategies for managing your Spot Instances that are at an elevated risk of being interrupted.", - "title": "SpotMaintenanceStrategies" - }, - "SpotMaxTotalPrice": { - "markdownDescription": "The maximum amount per hour for Spot Instances that you're willing to pay. You can use the `spotMaxTotalPrice` parameter, the `onDemandMaxTotalPrice` parameter, or both parameters to ensure that your fleet cost does not exceed your budget. If you set a maximum price per hour for the On-Demand Instances and Spot Instances in your request, Spot Fleet will launch instances until it reaches the maximum amount you're willing to pay. When the maximum amount you're willing to pay is reached, the fleet stops launching instances even if it hasn\u2019t met the target capacity.\n\n> If your fleet includes T instances that are configured as `unlimited` , and if their average CPU usage exceeds the baseline utilization, you will incur a charge for surplus credits. The `spotMaxTotalPrice` does not account for surplus credits, and, if you use surplus credits, your final cost might be higher than what you specified for `spotMaxTotalPrice` . For more information, see [Surplus credits can incur charges](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) in the *Amazon EC2 User Guide* .", - "title": "SpotMaxTotalPrice", - "type": "string" - }, - "SpotPrice": { - "markdownDescription": "The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.\n\n> If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.", - "title": "SpotPrice", - "type": "string" - }, - "TagSpecifications": { + "ExcludedInstanceTypes": { "items": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotFleetTagSpecification" + "type": "string" }, - "markdownDescription": "The key-value pair for tagging the Spot Fleet request on creation. The value for `ResourceType` must be `spot-fleet-request` , otherwise the Spot Fleet request fails. To tag instances at launch, specify the tags in the [launch template](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html#create-launch-template) (valid only if you use `LaunchTemplateConfigs` ) or in the `[SpotFleetTagSpecification](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotFleetTagSpecification.html)` (valid only if you use `LaunchSpecifications` ). For information about tagging after launch, see [Tag your resources](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#tag-resources) .", - "title": "TagSpecifications", + "markdownDescription": "The instance types to exclude from the fleet.", + "title": "ExcludedInstanceTypes", "type": "array" }, - "TargetCapacity": { - "markdownDescription": "The number of units to request for the Spot Fleet. You can choose to set the target capacity in terms of instances or a performance characteristic that is important to your application workload, such as vCPUs, memory, or I/O. If the request type is `maintain` , you can specify a target capacity of 0 and add capacity later.", - "title": "TargetCapacity", - "type": "number" - }, - "TargetCapacityUnitType": { - "markdownDescription": "The unit for the target capacity. You can specify this parameter only when using attribute-based instance type selection.\n\nDefault: `units` (the number of instances)", - "title": "TargetCapacityUnitType", - "type": "string" - }, - "TerminateInstancesWithExpiration": { - "markdownDescription": "Indicates whether running Spot Instances are terminated when the Spot Fleet request expires.", - "title": "TerminateInstancesWithExpiration", - "type": "boolean" + "MemoryMiB": { + "$ref": "#/definitions/AWS::Deadline::Fleet.MemoryMiBRange", + "markdownDescription": "The memory, as MiB, for the Amazon EC2 instance type.", + "title": "MemoryMiB" }, - "Type": { - "markdownDescription": "The type of request. Indicates whether the Spot Fleet only requests the target capacity or also attempts to maintain it. When this value is `request` , the Spot Fleet only places the required requests. It does not attempt to replenish Spot Instances if capacity is diminished, nor does it submit requests in alternative Spot pools if capacity is not available. When this value is `maintain` , the Spot Fleet maintains the target capacity. The Spot Fleet places the required requests to meet capacity and automatically replenishes any interrupted instances. Default: `maintain` . `instant` is listed but is not used by Spot Fleet.", - "title": "Type", + "OsFamily": { + "markdownDescription": "The operating system (OS) family.", + "title": "OsFamily", "type": "string" }, - "ValidFrom": { - "markdownDescription": "The start date and time of the request, in UTC format ( *YYYY* - *MM* - *DD* T *HH* : *MM* : *SS* Z). By default, Amazon EC2 starts fulfilling the request immediately.", - "title": "ValidFrom", - "type": "string" + "RootEbsVolume": { + "$ref": "#/definitions/AWS::Deadline::Fleet.Ec2EbsVolume", + "markdownDescription": "The root EBS volume.", + "title": "RootEbsVolume" }, - "ValidUntil": { - "markdownDescription": "The end date and time of the request, in UTC format ( *YYYY* - *MM* - *DD* T *HH* : *MM* : *SS* Z). After the end date and time, no new Spot Instance requests are placed or able to fulfill the request. If no value is specified, the Spot Fleet request remains until you cancel it.", - "title": "ValidUntil", - "type": "string" + "VCpuCount": { + "$ref": "#/definitions/AWS::Deadline::Fleet.VCpuCountRange", + "markdownDescription": "The amount of vCPU to require for instances in this fleet.", + "title": "VCpuCount" } }, "required": [ - "IamFleetRole", - "TargetCapacity" + "CpuArchitectureType", + "MemoryMiB", + "OsFamily", + "VCpuCount" ], "type": "object" }, - "AWS::EC2::SpotFleet.SpotFleetTagSpecification": { - "additionalProperties": false, - "properties": { - "ResourceType": { - "markdownDescription": "The type of resource. Currently, the only resource type that is supported is `instance` . To tag the Spot Fleet request on creation, use the `TagSpecifications` parameter in `[SpotFleetRequestConfigData](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotFleetRequestConfigData.html)` .", - "title": "ResourceType", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, - "AWS::EC2::SpotFleet.SpotMaintenanceStrategies": { - "additionalProperties": false, - "properties": { - "CapacityRebalance": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotCapacityRebalance", - "markdownDescription": "The Spot Instance replacement strategy to use when Amazon EC2 emits a signal that your Spot Instance is at an elevated risk of being interrupted. For more information, see [Capacity rebalancing](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-capacity-rebalance.html) in the *Amazon EC2 User Guide* .", - "title": "CapacityRebalance" - } - }, - "type": "object" - }, - "AWS::EC2::SpotFleet.SpotPlacement": { - "additionalProperties": false, - "properties": { - "AvailabilityZone": { - "markdownDescription": "The Availability Zone.\n\nTo specify multiple Availability Zones, separate them using commas; for example, \"us-west-2a, us-west-2b\".", - "title": "AvailabilityZone", - "type": "string" - }, - "GroupName": { - "markdownDescription": "The name of the placement group.", - "title": "GroupName", - "type": "string" - }, - "Tenancy": { - "markdownDescription": "The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of `dedicated` runs on single-tenant hardware. The `host` tenancy is not supported for Spot Instances.", - "title": "Tenancy", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::SpotFleet.TargetGroup": { + "AWS::Deadline::Fleet.ServiceManagedEc2InstanceMarketOptions": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the target group.", - "title": "Arn", + "Type": { + "markdownDescription": "The Amazon EC2 instance type.", + "title": "Type", "type": "string" } }, "required": [ - "Arn" - ], - "type": "object" - }, - "AWS::EC2::SpotFleet.TargetGroupsConfig": { - "additionalProperties": false, - "properties": { - "TargetGroups": { - "items": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.TargetGroup" - }, - "markdownDescription": "One or more target groups.", - "title": "TargetGroups", - "type": "array" - } - }, - "required": [ - "TargetGroups" + "Type" ], "type": "object" }, - "AWS::EC2::SpotFleet.TotalLocalStorageGBRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum amount of total local storage, in GB. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum amount of total local storage, in GB. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::SpotFleet.VCpuCountRangeRequest": { + "AWS::Deadline::Fleet.VCpuCountRange": { "additionalProperties": false, "properties": { "Max": { - "markdownDescription": "The maximum number of vCPUs. To specify no maximum limit, omit this parameter.", + "markdownDescription": "The maximum amount of vCPU.", "title": "Max", "type": "number" }, "Min": { - "markdownDescription": "The minimum number of vCPUs. To specify no minimum limit, specify `0` .", + "markdownDescription": "The minimum amount of vCPU.", "title": "Min", "type": "number" } }, + "required": [ + "Min" + ], "type": "object" }, - "AWS::EC2::Subnet": { + "AWS::Deadline::LicenseEndpoint": { "additionalProperties": false, "properties": { "Condition": { @@ -78117,109 +84133,46 @@ "Properties": { "additionalProperties": false, "properties": { - "AssignIpv6AddressOnCreation": { - "markdownDescription": "Indicates whether a network interface created in this subnet receives an IPv6 address. The default value is `false` .\n\nIf you specify `AssignIpv6AddressOnCreation` , you must also specify an IPv6 CIDR block.", - "title": "AssignIpv6AddressOnCreation", - "type": "boolean" - }, - "AvailabilityZone": { - "markdownDescription": "The Availability Zone of the subnet.\n\nIf you update this property, you must also update the `CidrBlock` property.", - "title": "AvailabilityZone", - "type": "string" - }, - "AvailabilityZoneId": { - "markdownDescription": "The AZ ID of the subnet.", - "title": "AvailabilityZoneId", - "type": "string" - }, - "CidrBlock": { - "markdownDescription": "The IPv4 CIDR block assigned to the subnet.\n\nIf you update this property, we create a new subnet, and then delete the existing one.", - "title": "CidrBlock", - "type": "string" - }, - "EnableDns64": { - "markdownDescription": "Indicates whether DNS queries made to the Amazon-provided DNS Resolver in this subnet should return synthetic IPv6 addresses for IPv4-only destinations.\n\n> You must first configure a NAT gateway in a public subnet (separate from the subnet containing the IPv6-only workloads). For example, the subnet containing the NAT gateway should have a `0.0.0.0/0` route pointing to the internet gateway. For more information, see [Configure DNS64 and NAT64](https://docs.aws.amazon.com/vpc/latest/userguide/nat-gateway-nat64-dns64.html#nat-gateway-nat64-dns64-walkthrough) in the *Amazon Virtual Private Cloud User Guide* .", - "title": "EnableDns64", - "type": "boolean" - }, - "EnableLniAtDeviceIndex": { - "markdownDescription": "Indicates the device position for local network interfaces in this subnet. For example, `1` indicates local network interfaces in this subnet are the secondary network interface (eth1).", - "title": "EnableLniAtDeviceIndex", - "type": "number" - }, - "Ipv4IpamPoolId": { - "markdownDescription": "An IPv4 IPAM pool ID for the subnet.", - "title": "Ipv4IpamPoolId", - "type": "string" - }, - "Ipv4NetmaskLength": { - "markdownDescription": "An IPv4 netmask length for the subnet.", - "title": "Ipv4NetmaskLength", - "type": "number" - }, - "Ipv6CidrBlock": { - "markdownDescription": "The IPv6 CIDR block.\n\nIf you specify `AssignIpv6AddressOnCreation` , you must also specify an IPv6 CIDR block.", - "title": "Ipv6CidrBlock", - "type": "string" - }, - "Ipv6CidrBlocks": { + "SecurityGroupIds": { "items": { "type": "string" }, + "markdownDescription": "The identifier of the Amazon EC2 security group that controls access to the license endpoint.", + "title": "SecurityGroupIds", "type": "array" }, - "Ipv6IpamPoolId": { - "markdownDescription": "An IPv6 IPAM pool ID for the subnet.", - "title": "Ipv6IpamPoolId", - "type": "string" - }, - "Ipv6Native": { - "markdownDescription": "Indicates whether this is an IPv6 only subnet. For more information, see [Subnet basics](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html#subnet-basics) in the *Amazon Virtual Private Cloud User Guide* .", - "title": "Ipv6Native", - "type": "boolean" - }, - "Ipv6NetmaskLength": { - "markdownDescription": "An IPv6 netmask length for the subnet.", - "title": "Ipv6NetmaskLength", - "type": "number" - }, - "MapPublicIpOnLaunch": { - "markdownDescription": "Indicates whether instances launched in this subnet receive a public IPv4 address. The default value is `false` .\n\nAWS charges for all public IPv4 addresses, including public IPv4 addresses associated with running instances and Elastic IP addresses. For more information, see the *Public IPv4 Address* tab on the [VPC pricing page](https://docs.aws.amazon.com/vpc/pricing/) .", - "title": "MapPublicIpOnLaunch", - "type": "boolean" - }, - "OutpostArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Outpost.", - "title": "OutpostArn", - "type": "string" - }, - "PrivateDnsNameOptionsOnLaunch": { - "$ref": "#/definitions/AWS::EC2::Subnet.PrivateDnsNameOptionsOnLaunch", - "markdownDescription": "The hostname type for EC2 instances launched into this subnet and how DNS A and AAAA record queries to the instances should be handled. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .\n\nAvailable options:\n\n- EnableResourceNameDnsAAAARecord (true | false)\n- EnableResourceNameDnsARecord (true | false)\n- HostnameType (ip-name | resource-name)", - "title": "PrivateDnsNameOptionsOnLaunch" + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "Identifies the VPC subnets that can connect to a license endpoint.", + "title": "SubnetIds", + "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Any tags assigned to the subnet.", + "markdownDescription": "The tags to add to your license endpoint. Each tag consists of a tag key and a tag value. Tag keys and values are both required, but tag values can be empty strings.", "title": "Tags", "type": "array" }, "VpcId": { - "markdownDescription": "The ID of the VPC the subnet is in.\n\nIf you update this property, you must also update the `CidrBlock` property.", + "markdownDescription": "The VCP(virtual private cloud) ID associated with the license endpoint.", "title": "VpcId", "type": "string" } }, "required": [ + "SecurityGroupIds", + "SubnetIds", "VpcId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::Subnet" + "AWS::Deadline::LicenseEndpoint" ], "type": "string" }, @@ -78238,28 +84191,7 @@ ], "type": "object" }, - "AWS::EC2::Subnet.PrivateDnsNameOptionsOnLaunch": { - "additionalProperties": false, - "properties": { - "EnableResourceNameDnsAAAARecord": { - "markdownDescription": "Indicates whether to respond to DNS queries for instance hostname with DNS AAAA records.", - "title": "EnableResourceNameDnsAAAARecord", - "type": "boolean" - }, - "EnableResourceNameDnsARecord": { - "markdownDescription": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records.", - "title": "EnableResourceNameDnsARecord", - "type": "boolean" - }, - "HostnameType": { - "markdownDescription": "The type of hostname for EC2 instances. For IPv4 only subnets, an instance DNS name must be based on the instance IPv4 address. For IPv6 only subnets, an instance DNS name must be based on the instance ID. For dual-stack subnets, you can specify whether DNS names use the instance IPv4 address or the instance ID.", - "title": "HostnameType", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::SubnetCidrBlock": { + "AWS::Deadline::Limit": { "additionalProperties": false, "properties": { "Condition": { @@ -78294,35 +84226,43 @@ "Properties": { "additionalProperties": false, "properties": { - "Ipv6CidrBlock": { - "markdownDescription": "The IPv6 network range for the subnet, in CIDR notation.", - "title": "Ipv6CidrBlock", + "AmountRequirementName": { + "markdownDescription": "The value that you specify as the `name` in the `amounts` field of the `hostRequirements` in a step of a job template to declare the limit requirement.", + "title": "AmountRequirementName", "type": "string" }, - "Ipv6IpamPoolId": { - "markdownDescription": "An IPv6 IPAM pool ID for the subnet.", - "title": "Ipv6IpamPoolId", + "Description": { + "markdownDescription": "A description of the limit. A clear description helps you identify the purpose of the limit.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", + "title": "Description", "type": "string" }, - "Ipv6NetmaskLength": { - "markdownDescription": "An IPv6 netmask length for the subnet.", - "title": "Ipv6NetmaskLength", - "type": "number" + "DisplayName": { + "markdownDescription": "The name of the limit used in lists to identify the limit.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", + "title": "DisplayName", + "type": "string" }, - "SubnetId": { - "markdownDescription": "The ID of the subnet.", - "title": "SubnetId", + "FarmId": { + "markdownDescription": "The unique identifier of the farm that contains the limit.", + "title": "FarmId", "type": "string" + }, + "MaxCount": { + "markdownDescription": "The maximum number of resources constrained by this limit. When all of the resources are in use, steps that require the limit won't be scheduled until the resource is available.\n\nThe `maxValue` must not be 0. If the value is -1, there is no restriction on the number of resources that can be acquired for this limit.", + "title": "MaxCount", + "type": "number" } }, "required": [ - "SubnetId" + "AmountRequirementName", + "DisplayName", + "FarmId", + "MaxCount" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::SubnetCidrBlock" + "AWS::Deadline::Limit" ], "type": "string" }, @@ -78341,7 +84281,7 @@ ], "type": "object" }, - "AWS::EC2::SubnetNetworkAclAssociation": { + "AWS::Deadline::MeteredProduct": { "additionalProperties": false, "properties": { "Condition": { @@ -78376,26 +84316,22 @@ "Properties": { "additionalProperties": false, "properties": { - "NetworkAclId": { - "markdownDescription": "The ID of the network ACL.", - "title": "NetworkAclId", + "LicenseEndpointId": { + "markdownDescription": "The Amazon EC2 identifier of the license endpoint.", + "title": "LicenseEndpointId", "type": "string" }, - "SubnetId": { - "markdownDescription": "The ID of the subnet.", - "title": "SubnetId", + "ProductId": { + "markdownDescription": "The product ID.", + "title": "ProductId", "type": "string" } }, - "required": [ - "NetworkAclId", - "SubnetId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::SubnetNetworkAclAssociation" + "AWS::Deadline::MeteredProduct" ], "type": "string" }, @@ -78409,12 +84345,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::EC2::SubnetRouteTableAssociation": { + "AWS::Deadline::Monitor": { "additionalProperties": false, "properties": { "Condition": { @@ -78449,26 +84384,38 @@ "Properties": { "additionalProperties": false, "properties": { - "RouteTableId": { - "markdownDescription": "The ID of the route table.\n\nThe physical ID changes when the route table ID is changed.", - "title": "RouteTableId", + "DisplayName": { + "markdownDescription": "The name of the monitor that displays on the Deadline Cloud console.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", + "title": "DisplayName", "type": "string" }, - "SubnetId": { - "markdownDescription": "The ID of the subnet.", - "title": "SubnetId", + "IdentityCenterInstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM Identity Center instance responsible for authenticating monitor users.", + "title": "IdentityCenterInstanceArn", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role for the monitor. Users of the monitor use this role to access Deadline Cloud resources.", + "title": "RoleArn", + "type": "string" + }, + "Subdomain": { + "markdownDescription": "The subdomain used for the monitor URL. The full URL of the monitor is subdomain.Region.deadlinecloud.amazonaws.com.", + "title": "Subdomain", "type": "string" } }, "required": [ - "RouteTableId", - "SubnetId" + "DisplayName", + "IdentityCenterInstanceArn", + "RoleArn", + "Subdomain" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::SubnetRouteTableAssociation" + "AWS::Deadline::Monitor" ], "type": "string" }, @@ -78487,7 +84434,7 @@ ], "type": "object" }, - "AWS::EC2::TrafficMirrorFilter": { + "AWS::Deadline::Queue": { "additionalProperties": false, "properties": { "Condition": { @@ -78522,33 +84469,75 @@ "Properties": { "additionalProperties": false, "properties": { + "AllowedStorageProfileIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The identifiers of the storage profiles that this queue can use to share assets between workers using different operating systems.", + "title": "AllowedStorageProfileIds", + "type": "array" + }, + "DefaultBudgetAction": { + "markdownDescription": "The default action taken on a queue summary if a budget wasn't configured.", + "title": "DefaultBudgetAction", + "type": "string" + }, "Description": { - "markdownDescription": "The description of the Traffic Mirror filter.", + "markdownDescription": "A description of the queue that helps identify what the queue is used for.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", "title": "Description", "type": "string" }, - "NetworkServices": { + "DisplayName": { + "markdownDescription": "The display name of the queue summary to update.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", + "title": "DisplayName", + "type": "string" + }, + "FarmId": { + "markdownDescription": "The farm ID.", + "title": "FarmId", + "type": "string" + }, + "JobAttachmentSettings": { + "$ref": "#/definitions/AWS::Deadline::Queue.JobAttachmentSettings", + "markdownDescription": "The job attachment settings. These are the Amazon S3 bucket name and the Amazon S3 prefix.", + "title": "JobAttachmentSettings" + }, + "JobRunAsUser": { + "$ref": "#/definitions/AWS::Deadline::Queue.JobRunAsUser", + "markdownDescription": "Identifies the user for a job.", + "title": "JobRunAsUser" + }, + "RequiredFileSystemLocationNames": { "items": { "type": "string" }, - "markdownDescription": "The network service traffic that is associated with the Traffic Mirror filter.\n\nValid values are `amazon-dns` .", - "title": "NetworkServices", + "markdownDescription": "The file system location that the queue uses.", + "title": "RequiredFileSystemLocationNames", "type": "array" }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that workers use when running jobs in this queue.", + "title": "RoleArn", + "type": "string" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to assign to a Traffic Mirror filter.", + "markdownDescription": "The tags to add to your queue. Each tag consists of a tag key and a tag value. Tag keys and values are both required, but tag values can be empty strings.", "title": "Tags", "type": "array" } }, + "required": [ + "DisplayName", + "FarmId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::TrafficMirrorFilter" + "AWS::Deadline::Queue" ], "type": "string" }, @@ -78562,148 +84551,96 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::EC2::TrafficMirrorFilterRule": { + "AWS::Deadline::Queue.JobAttachmentSettings": { "additionalProperties": false, "properties": { - "Condition": { + "RootPrefix": { + "markdownDescription": "The root prefix.", + "title": "RootPrefix", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "S3BucketName": { + "markdownDescription": "The Amazon S3 bucket name.", + "title": "S3BucketName", "type": "string" + } + }, + "required": [ + "RootPrefix", + "S3BucketName" + ], + "type": "object" + }, + "AWS::Deadline::Queue.JobRunAsUser": { + "additionalProperties": false, + "properties": { + "Posix": { + "$ref": "#/definitions/AWS::Deadline::Queue.PosixUser", + "markdownDescription": "The user and group that the jobs in the queue run as.", + "title": "Posix" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The description of the Traffic Mirror rule.", - "title": "Description", - "type": "string" - }, - "DestinationCidrBlock": { - "markdownDescription": "The destination CIDR block to assign to the Traffic Mirror rule.", - "title": "DestinationCidrBlock", - "type": "string" - }, - "DestinationPortRange": { - "$ref": "#/definitions/AWS::EC2::TrafficMirrorFilterRule.TrafficMirrorPortRange", - "markdownDescription": "The destination port range.", - "title": "DestinationPortRange" - }, - "Protocol": { - "markdownDescription": "The protocol, for example UDP, to assign to the Traffic Mirror rule.\n\nFor information about the protocol value, see [Protocol Numbers](https://docs.aws.amazon.com/https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) on the Internet Assigned Numbers Authority (IANA) website.", - "title": "Protocol", - "type": "number" - }, - "RuleAction": { - "markdownDescription": "The action to take on the filtered traffic.", - "title": "RuleAction", - "type": "string" - }, - "RuleNumber": { - "markdownDescription": "The number of the Traffic Mirror rule. This number must be unique for each Traffic Mirror rule in a given direction. The rules are processed in ascending order by rule number.", - "title": "RuleNumber", - "type": "number" - }, - "SourceCidrBlock": { - "markdownDescription": "The source CIDR block to assign to the Traffic Mirror rule.", - "title": "SourceCidrBlock", - "type": "string" - }, - "SourcePortRange": { - "$ref": "#/definitions/AWS::EC2::TrafficMirrorFilterRule.TrafficMirrorPortRange", - "markdownDescription": "The source port range.", - "title": "SourcePortRange" - }, - "TrafficDirection": { - "markdownDescription": "The type of traffic.", - "title": "TrafficDirection", - "type": "string" - }, - "TrafficMirrorFilterId": { - "markdownDescription": "The ID of the filter that this rule is associated with.", - "title": "TrafficMirrorFilterId", - "type": "string" - } - }, - "required": [ - "DestinationCidrBlock", - "RuleAction", - "RuleNumber", - "SourceCidrBlock", - "TrafficDirection", - "TrafficMirrorFilterId" - ], - "type": "object" + "RunAs": { + "markdownDescription": "Specifies whether the job should run using the queue's system user or if the job should run using the worker agent system user.", + "title": "RunAs", + "type": "string" }, - "Type": { - "enum": [ - "AWS::EC2::TrafficMirrorFilterRule" - ], + "Windows": { + "$ref": "#/definitions/AWS::Deadline::Queue.WindowsUser", + "markdownDescription": "Identifies a Microsoft Windows user.", + "title": "Windows" + } + }, + "required": [ + "RunAs" + ], + "type": "object" + }, + "AWS::Deadline::Queue.PosixUser": { + "additionalProperties": false, + "properties": { + "Group": { + "markdownDescription": "The name of the POSIX user's group.", + "title": "Group", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "User": { + "markdownDescription": "The name of the POSIX user.", + "title": "User", "type": "string" } }, "required": [ - "Type", - "Properties" + "Group", + "User" ], "type": "object" }, - "AWS::EC2::TrafficMirrorFilterRule.TrafficMirrorPortRange": { + "AWS::Deadline::Queue.WindowsUser": { "additionalProperties": false, "properties": { - "FromPort": { - "markdownDescription": "The start of the Traffic Mirror port range. This applies to the TCP and UDP protocols.", - "title": "FromPort", - "type": "number" + "PasswordArn": { + "markdownDescription": "The password ARN for the Windows user.", + "title": "PasswordArn", + "type": "string" }, - "ToPort": { - "markdownDescription": "The end of the Traffic Mirror port range. This applies to the TCP and UDP protocols.", - "title": "ToPort", - "type": "number" + "User": { + "markdownDescription": "The user.", + "title": "User", + "type": "string" } }, "required": [ - "FromPort", - "ToPort" + "PasswordArn", + "User" ], "type": "object" }, - "AWS::EC2::TrafficMirrorSession": { + "AWS::Deadline::QueueEnvironment": { "additionalProperties": false, "properties": { "Condition": { @@ -78738,61 +84675,44 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the Traffic Mirror session.", - "title": "Description", - "type": "string" - }, - "NetworkInterfaceId": { - "markdownDescription": "The ID of the source network interface.", - "title": "NetworkInterfaceId", + "FarmId": { + "markdownDescription": "The identifier assigned to the farm that contains the queue.", + "title": "FarmId", "type": "string" }, - "PacketLength": { - "markdownDescription": "The number of bytes in each packet to mirror. These are bytes after the VXLAN header. Do not specify this parameter when you want to mirror the entire packet. To mirror a subset of the packet, set this to the length (in bytes) that you want to mirror. For example, if you set this value to 100, then the first 100 bytes that meet the filter criteria are copied to the target.\n\nIf you do not want to mirror the entire packet, use the `PacketLength` parameter to specify the number of bytes in each packet to mirror.\n\nFor sessions with Network Load Balancer (NLB) Traffic Mirror targets the default `PacketLength` will be set to 8500. Valid values are 1-8500. Setting a `PacketLength` greater than 8500 will result in an error response.", - "title": "PacketLength", - "type": "number" - }, - "SessionNumber": { - "markdownDescription": "The session number determines the order in which sessions are evaluated when an interface is used by multiple sessions. The first session with a matching filter is the one that mirrors the packets.\n\nValid values are 1-32766.", - "title": "SessionNumber", + "Priority": { + "markdownDescription": "The queue environment's priority.", + "title": "Priority", "type": "number" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to assign to a Traffic Mirror session.", - "title": "Tags", - "type": "array" - }, - "TrafficMirrorFilterId": { - "markdownDescription": "The ID of the Traffic Mirror filter.", - "title": "TrafficMirrorFilterId", + "QueueId": { + "markdownDescription": "The unique identifier of the queue that contains the environment.", + "title": "QueueId", "type": "string" }, - "TrafficMirrorTargetId": { - "markdownDescription": "The ID of the Traffic Mirror target.", - "title": "TrafficMirrorTargetId", + "Template": { + "markdownDescription": "A JSON or YAML template that describes the processing environment for the queue.", + "title": "Template", "type": "string" }, - "VirtualNetworkId": { - "markdownDescription": "The VXLAN ID for the Traffic Mirror session. For more information about the VXLAN protocol, see [RFC 7348](https://docs.aws.amazon.com/https://datatracker.ietf.org/doc/html/rfc7348) . If you do not specify a `VirtualNetworkId` , an account-wide unique ID is chosen at random.", - "title": "VirtualNetworkId", - "type": "number" + "TemplateType": { + "markdownDescription": "Specifies whether the template for the queue environment is JSON or YAML.", + "title": "TemplateType", + "type": "string" } }, "required": [ - "NetworkInterfaceId", - "SessionNumber", - "TrafficMirrorFilterId", - "TrafficMirrorTargetId" + "FarmId", + "Priority", + "QueueId", + "Template", + "TemplateType" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::TrafficMirrorSession" + "AWS::Deadline::QueueEnvironment" ], "type": "string" }, @@ -78811,7 +84731,7 @@ ], "type": "object" }, - "AWS::EC2::TrafficMirrorTarget": { + "AWS::Deadline::QueueFleetAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -78846,40 +84766,32 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the Traffic Mirror target.", - "title": "Description", - "type": "string" - }, - "GatewayLoadBalancerEndpointId": { - "markdownDescription": "The ID of the Gateway Load Balancer endpoint.", - "title": "GatewayLoadBalancerEndpointId", + "FarmId": { + "markdownDescription": "The identifier of the farm that contains the queue and the fleet.", + "title": "FarmId", "type": "string" }, - "NetworkInterfaceId": { - "markdownDescription": "The network interface ID that is associated with the target.", - "title": "NetworkInterfaceId", + "FleetId": { + "markdownDescription": "The fleet ID.", + "title": "FleetId", "type": "string" }, - "NetworkLoadBalancerArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Network Load Balancer that is associated with the target.", - "title": "NetworkLoadBalancerArn", + "QueueId": { + "markdownDescription": "The queue ID.", + "title": "QueueId", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to assign to the Traffic Mirror target.", - "title": "Tags", - "type": "array" } }, + "required": [ + "FarmId", + "FleetId", + "QueueId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::TrafficMirrorTarget" + "AWS::Deadline::QueueFleetAssociation" ], "type": "string" }, @@ -78893,11 +84805,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::EC2::TransitGateway": { + "AWS::Deadline::QueueLimitAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -78932,78 +84845,32 @@ "Properties": { "additionalProperties": false, "properties": { - "AmazonSideAsn": { - "markdownDescription": "A private Autonomous System Number (ASN) for the Amazon side of a BGP session. The range is 64512 to 65534 for 16-bit ASNs. The default is 64512.", - "title": "AmazonSideAsn", - "type": "number" - }, - "AssociationDefaultRouteTableId": { - "markdownDescription": "The ID of the default association route table.", - "title": "AssociationDefaultRouteTableId", - "type": "string" - }, - "AutoAcceptSharedAttachments": { - "markdownDescription": "Enable or disable automatic acceptance of attachment requests. Disabled by default.", - "title": "AutoAcceptSharedAttachments", - "type": "string" - }, - "DefaultRouteTableAssociation": { - "markdownDescription": "Enable or disable automatic association with the default association route table. Enabled by default. If `DefaultRouteTableAssociation` is set to enable, AWS Transit Gateway will create the default transit gateway route table.", - "title": "DefaultRouteTableAssociation", - "type": "string" - }, - "DefaultRouteTablePropagation": { - "markdownDescription": "Enable or disable automatic propagation of routes to the default propagation route table. Enabled by default. If `DefaultRouteTablePropagation` is set to enable, AWS Transit Gateway will create the default transit gateway route table.", - "title": "DefaultRouteTablePropagation", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the transit gateway.", - "title": "Description", - "type": "string" - }, - "DnsSupport": { - "markdownDescription": "Enable or disable DNS support. Enabled by default.", - "title": "DnsSupport", - "type": "string" - }, - "MulticastSupport": { - "markdownDescription": "Indicates whether multicast is enabled on the transit gateway", - "title": "MulticastSupport", + "FarmId": { + "markdownDescription": "The unique identifier of the farm that contains the queue-limit association.", + "title": "FarmId", "type": "string" }, - "PropagationDefaultRouteTableId": { - "markdownDescription": "The ID of the default propagation route table.", - "title": "PropagationDefaultRouteTableId", + "LimitId": { + "markdownDescription": "The unique identifier of the limit in the association.", + "title": "LimitId", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags for the transit gateway.", - "title": "Tags", - "type": "array" - }, - "TransitGatewayCidrBlocks": { - "items": { - "type": "string" - }, - "markdownDescription": "The transit gateway CIDR blocks.", - "title": "TransitGatewayCidrBlocks", - "type": "array" - }, - "VpnEcmpSupport": { - "markdownDescription": "Enable or disable Equal Cost Multipath Protocol support. Enabled by default.", - "title": "VpnEcmpSupport", + "QueueId": { + "markdownDescription": "The unique identifier of the queue in the association.", + "title": "QueueId", "type": "string" } }, + "required": [ + "FarmId", + "LimitId", + "QueueId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::TransitGateway" + "AWS::Deadline::QueueLimitAssociation" ], "type": "string" }, @@ -79017,11 +84884,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::EC2::TransitGatewayAttachment": { + "AWS::Deadline::StorageProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -79056,48 +84924,40 @@ "Properties": { "additionalProperties": false, "properties": { - "Options": { - "$ref": "#/definitions/AWS::EC2::TransitGatewayAttachment.Options", - "markdownDescription": "The VPC attachment options.", - "title": "Options" + "DisplayName": { + "markdownDescription": "The display name of the storage profile summary to update.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", + "title": "DisplayName", + "type": "string" }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of one or more subnets. You can specify only one subnet per Availability Zone. You must specify at least one subnet, but we recommend that you specify two subnets for better availability. The transit gateway uses one IP address from each specified subnet.", - "title": "SubnetIds", - "type": "array" + "FarmId": { + "markdownDescription": "The unique identifier of the farm that contains the storage profile.", + "title": "FarmId", + "type": "string" }, - "Tags": { + "FileSystemLocations": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Deadline::StorageProfile.FileSystemLocation" }, - "markdownDescription": "The tags for the attachment.", - "title": "Tags", + "markdownDescription": "Operating system specific file system path to the storage location.", + "title": "FileSystemLocations", "type": "array" }, - "TransitGatewayId": { - "markdownDescription": "The ID of the transit gateway.", - "title": "TransitGatewayId", - "type": "string" - }, - "VpcId": { - "markdownDescription": "The ID of the VPC.", - "title": "VpcId", + "OsFamily": { + "markdownDescription": "The operating system (OS) family.", + "title": "OsFamily", "type": "string" } }, "required": [ - "SubnetIds", - "TransitGatewayId", - "VpcId" + "DisplayName", + "FarmId", + "OsFamily" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::TransitGatewayAttachment" + "AWS::Deadline::StorageProfile" ], "type": "string" }, @@ -79116,33 +84976,33 @@ ], "type": "object" }, - "AWS::EC2::TransitGatewayAttachment.Options": { + "AWS::Deadline::StorageProfile.FileSystemLocation": { "additionalProperties": false, "properties": { - "ApplianceModeSupport": { - "markdownDescription": "Enable or disable appliance mode support. The default is `disable` .", - "title": "ApplianceModeSupport", - "type": "string" - }, - "DnsSupport": { - "markdownDescription": "Enable or disable DNS support. The default is `disable` .", - "title": "DnsSupport", + "Name": { + "markdownDescription": "The location name.", + "title": "Name", "type": "string" }, - "Ipv6Support": { - "markdownDescription": "Enable or disable IPv6 support. The default is `disable` .", - "title": "Ipv6Support", + "Path": { + "markdownDescription": "The file path.", + "title": "Path", "type": "string" }, - "SecurityGroupReferencingSupport": { - "markdownDescription": "Enables you to reference a security group across VPCs attached to a transit gateway (TGW). Use this option to simplify security group management and control of instance-to-instance traffic across VPCs that are connected by transit gateway. You can also use this option to migrate from VPC peering (which was the only option that supported security group referencing) to transit gateways (which now also support security group referencing). This option is disabled by default and there are no additional costs to use this feature.\n\nFor important information about this feature, see [Create a transit gateway](https://docs.aws.amazon.com/vpc/latest/tgw/tgw-transit-gateways.html#create-tgw) in the *AWS Transit Gateway Guide* .", - "title": "SecurityGroupReferencingSupport", + "Type": { + "markdownDescription": "The type of file.", + "title": "Type", "type": "string" } }, + "required": [ + "Name", + "Path", + "Type" + ], "type": "object" }, - "AWS::EC2::TransitGatewayConnect": { + "AWS::Detective::Graph": { "additionalProperties": false, "properties": { "Condition": { @@ -79177,34 +85037,25 @@ "Properties": { "additionalProperties": false, "properties": { - "Options": { - "$ref": "#/definitions/AWS::EC2::TransitGatewayConnect.TransitGatewayConnectOptions", - "markdownDescription": "The Connect attachment options.\n\n- protocol (gre)", - "title": "Options" + "AutoEnableMembers": { + "markdownDescription": "Indicates whether to automatically enable new organization accounts as member accounts in the organization behavior graph.\n\nBy default, this property is set to `false` . If you want to change the value of this property, you must be the Detective administrator for the organization. For more information on setting a Detective administrator account, see [AWS::Detective::OrganizationAdmin](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-detective-organizationadmin.html) .", + "title": "AutoEnableMembers", + "type": "boolean" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags for the attachment.", + "markdownDescription": "The tag values to assign to the new behavior graph.", "title": "Tags", "type": "array" - }, - "TransportTransitGatewayAttachmentId": { - "markdownDescription": "The ID of the attachment from which the Connect attachment was created.", - "title": "TransportTransitGatewayAttachmentId", - "type": "string" } }, - "required": [ - "Options", - "TransportTransitGatewayAttachmentId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::TransitGatewayConnect" + "AWS::Detective::Graph" ], "type": "string" }, @@ -79218,23 +85069,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::EC2::TransitGatewayConnect.TransitGatewayConnectOptions": { - "additionalProperties": false, - "properties": { - "Protocol": { - "markdownDescription": "The tunnel protocol.", - "title": "Protocol", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::TransitGatewayMulticastDomain": { + "AWS::Detective::MemberInvitation": { "additionalProperties": false, "properties": { "Condition": { @@ -79269,33 +85108,42 @@ "Properties": { "additionalProperties": false, "properties": { - "Options": { - "$ref": "#/definitions/AWS::EC2::TransitGatewayMulticastDomain.Options", - "markdownDescription": "The options for the transit gateway multicast domain.\n\n- AutoAcceptSharedAssociations (enable | disable)\n- Igmpv2Support (enable | disable)\n- StaticSourcesSupport (enable | disable)", - "title": "Options" + "DisableEmailNotification": { + "markdownDescription": "Whether to send an invitation email to the member account. If set to true, the member account does not receive an invitation email.", + "title": "DisableEmailNotification", + "type": "boolean" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags for the transit gateway multicast domain.", - "title": "Tags", - "type": "array" + "GraphArn": { + "markdownDescription": "The ARN of the behavior graph to invite the account to contribute data to.", + "title": "GraphArn", + "type": "string" }, - "TransitGatewayId": { - "markdownDescription": "The ID of the transit gateway.", - "title": "TransitGatewayId", + "MemberEmailAddress": { + "markdownDescription": "The root user email address of the invited account. If the email address provided is not the root user email address for the provided account, the invitation creation fails.", + "title": "MemberEmailAddress", + "type": "string" + }, + "MemberId": { + "markdownDescription": "The AWS account identifier of the invited account", + "title": "MemberId", + "type": "string" + }, + "Message": { + "markdownDescription": "Customized text to include in the invitation email message.", + "title": "Message", "type": "string" } }, "required": [ - "TransitGatewayId" + "GraphArn", + "MemberEmailAddress", + "MemberId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::TransitGatewayMulticastDomain" + "AWS::Detective::MemberInvitation" ], "type": "string" }, @@ -79314,28 +85162,7 @@ ], "type": "object" }, - "AWS::EC2::TransitGatewayMulticastDomain.Options": { - "additionalProperties": false, - "properties": { - "AutoAcceptSharedAssociations": { - "markdownDescription": "Indicates whether to automatically accept cross-account subnet associations that are associated with the transit gateway multicast domain.", - "title": "AutoAcceptSharedAssociations", - "type": "string" - }, - "Igmpv2Support": { - "markdownDescription": "Specify whether to enable Internet Group Management Protocol (IGMP) version 2 for the transit gateway multicast domain.", - "title": "Igmpv2Support", - "type": "string" - }, - "StaticSourcesSupport": { - "markdownDescription": "Specify whether to enable support for statically configuring multicast group sources for a domain.", - "title": "StaticSourcesSupport", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::TransitGatewayMulticastDomainAssociation": { + "AWS::Detective::OrganizationAdmin": { "additionalProperties": false, "properties": { "Condition": { @@ -79370,32 +85197,20 @@ "Properties": { "additionalProperties": false, "properties": { - "SubnetId": { - "markdownDescription": "The IDs of the subnets to associate with the transit gateway multicast domain.", - "title": "SubnetId", - "type": "string" - }, - "TransitGatewayAttachmentId": { - "markdownDescription": "The ID of the transit gateway attachment.", - "title": "TransitGatewayAttachmentId", - "type": "string" - }, - "TransitGatewayMulticastDomainId": { - "markdownDescription": "The ID of the transit gateway multicast domain.", - "title": "TransitGatewayMulticastDomainId", + "AccountId": { + "markdownDescription": "The AWS account identifier of the account to designate as the Detective administrator account for the organization.", + "title": "AccountId", "type": "string" } }, "required": [ - "SubnetId", - "TransitGatewayAttachmentId", - "TransitGatewayMulticastDomainId" + "AccountId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::TransitGatewayMulticastDomainAssociation" + "AWS::Detective::OrganizationAdmin" ], "type": "string" }, @@ -79414,7 +85229,7 @@ ], "type": "object" }, - "AWS::EC2::TransitGatewayMulticastGroupMember": { + "AWS::DevOpsGuru::LogAnomalyDetectionIntegration": { "additionalProperties": false, "properties": { "Condition": { @@ -79448,33 +85263,12 @@ }, "Properties": { "additionalProperties": false, - "properties": { - "GroupIpAddress": { - "markdownDescription": "The IP address assigned to the transit gateway multicast group.", - "title": "GroupIpAddress", - "type": "string" - }, - "NetworkInterfaceId": { - "markdownDescription": "The group members' network interface IDs to register with the transit gateway multicast group.", - "title": "NetworkInterfaceId", - "type": "string" - }, - "TransitGatewayMulticastDomainId": { - "markdownDescription": "The ID of the transit gateway multicast domain.", - "title": "TransitGatewayMulticastDomainId", - "type": "string" - } - }, - "required": [ - "GroupIpAddress", - "NetworkInterfaceId", - "TransitGatewayMulticastDomainId" - ], + "properties": {}, "type": "object" }, "Type": { "enum": [ - "AWS::EC2::TransitGatewayMulticastGroupMember" + "AWS::DevOpsGuru::LogAnomalyDetectionIntegration" ], "type": "string" }, @@ -79488,12 +85282,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::EC2::TransitGatewayMulticastGroupSource": { + "AWS::DevOpsGuru::NotificationChannel": { "additionalProperties": false, "properties": { "Condition": { @@ -79528,32 +85321,20 @@ "Properties": { "additionalProperties": false, "properties": { - "GroupIpAddress": { - "markdownDescription": "The IP address assigned to the transit gateway multicast group.", - "title": "GroupIpAddress", - "type": "string" - }, - "NetworkInterfaceId": { - "markdownDescription": "The group sources' network interface IDs to register with the transit gateway multicast group.", - "title": "NetworkInterfaceId", - "type": "string" - }, - "TransitGatewayMulticastDomainId": { - "markdownDescription": "The ID of the transit gateway multicast domain.", - "title": "TransitGatewayMulticastDomainId", - "type": "string" + "Config": { + "$ref": "#/definitions/AWS::DevOpsGuru::NotificationChannel.NotificationChannelConfig", + "markdownDescription": "A `NotificationChannelConfig` object that contains information about configured notification channels.", + "title": "Config" } }, "required": [ - "GroupIpAddress", - "NetworkInterfaceId", - "TransitGatewayMulticastDomainId" + "Config" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::TransitGatewayMulticastGroupSource" + "AWS::DevOpsGuru::NotificationChannel" ], "type": "string" }, @@ -79572,7 +85353,56 @@ ], "type": "object" }, - "AWS::EC2::TransitGatewayPeeringAttachment": { + "AWS::DevOpsGuru::NotificationChannel.NotificationChannelConfig": { + "additionalProperties": false, + "properties": { + "Filters": { + "$ref": "#/definitions/AWS::DevOpsGuru::NotificationChannel.NotificationFilterConfig", + "markdownDescription": "The filter configurations for the Amazon SNS notification topic you use with DevOps Guru. If you do not provide filter configurations, the default configurations are to receive notifications for all message types of `High` or `Medium` severity.", + "title": "Filters" + }, + "Sns": { + "$ref": "#/definitions/AWS::DevOpsGuru::NotificationChannel.SnsChannelConfig", + "markdownDescription": "Information about a notification channel configured in DevOps Guru to send notifications when insights are created.\n\nIf you use an Amazon SNS topic in another account, you must attach a policy to it that grants DevOps Guru permission to send it notifications. DevOps Guru adds the required policy on your behalf to send notifications using Amazon SNS in your account. DevOps Guru only supports standard SNS topics. For more information, see [Permissions for Amazon SNS topics](https://docs.aws.amazon.com/devops-guru/latest/userguide/sns-required-permissions.html) .\n\nIf you use an Amazon SNS topic that is encrypted by an AWS Key Management Service customer-managed key (CMK), then you must add permissions to the CMK. For more information, see [Permissions for AWS KMS\u2013encrypted Amazon SNS topics](https://docs.aws.amazon.com/devops-guru/latest/userguide/sns-kms-permissions.html) .", + "title": "Sns" + } + }, + "type": "object" + }, + "AWS::DevOpsGuru::NotificationChannel.NotificationFilterConfig": { + "additionalProperties": false, + "properties": { + "MessageTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The events that you want to receive notifications for. For example, you can choose to receive notifications only when the severity level is upgraded or a new insight is created.", + "title": "MessageTypes", + "type": "array" + }, + "Severities": { + "items": { + "type": "string" + }, + "markdownDescription": "The severity levels that you want to receive notifications for. For example, you can choose to receive notifications only for insights with `HIGH` and `MEDIUM` severity levels. For more information, see [Understanding insight severities](https://docs.aws.amazon.com/devops-guru/latest/userguide/working-with-insights.html#understanding-insights-severities) .", + "title": "Severities", + "type": "array" + } + }, + "type": "object" + }, + "AWS::DevOpsGuru::NotificationChannel.SnsChannelConfig": { + "additionalProperties": false, + "properties": { + "TopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an Amazon Simple Notification Service topic.", + "title": "TopicArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DevOpsGuru::ResourceCollection": { "additionalProperties": false, "properties": { "Condition": { @@ -79607,46 +85437,20 @@ "Properties": { "additionalProperties": false, "properties": { - "PeerAccountId": { - "markdownDescription": "The ID of the AWS account that owns the transit gateway.", - "title": "PeerAccountId", - "type": "string" - }, - "PeerRegion": { - "markdownDescription": "The Region where the transit gateway that you want to create the peer for is located.", - "title": "PeerRegion", - "type": "string" - }, - "PeerTransitGatewayId": { - "markdownDescription": "The ID of the transit gateway in the PeerRegion.", - "title": "PeerTransitGatewayId", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags for the transit gateway peering attachment.", - "title": "Tags", - "type": "array" - }, - "TransitGatewayId": { - "markdownDescription": "The ID of the transit gateway peering attachment.", - "title": "TransitGatewayId", - "type": "string" + "ResourceCollectionFilter": { + "$ref": "#/definitions/AWS::DevOpsGuru::ResourceCollection.ResourceCollectionFilter", + "markdownDescription": "Information about a filter used to specify which AWS resources are analyzed for anomalous behavior by DevOps Guru.", + "title": "ResourceCollectionFilter" } }, "required": [ - "PeerAccountId", - "PeerRegion", - "PeerTransitGatewayId", - "TransitGatewayId" + "ResourceCollectionFilter" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::TransitGatewayPeeringAttachment" + "AWS::DevOpsGuru::ResourceCollection" ], "type": "string" }, @@ -79665,23 +85469,59 @@ ], "type": "object" }, - "AWS::EC2::TransitGatewayPeeringAttachment.PeeringAttachmentStatus": { + "AWS::DevOpsGuru::ResourceCollection.CloudFormationCollectionFilter": { "additionalProperties": false, "properties": { - "Code": { - "markdownDescription": "The status code.", - "title": "Code", - "type": "string" + "StackNames": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of CloudFormation stack names.", + "title": "StackNames", + "type": "array" + } + }, + "type": "object" + }, + "AWS::DevOpsGuru::ResourceCollection.ResourceCollectionFilter": { + "additionalProperties": false, + "properties": { + "CloudFormation": { + "$ref": "#/definitions/AWS::DevOpsGuru::ResourceCollection.CloudFormationCollectionFilter", + "markdownDescription": "Information about AWS CloudFormation stacks. You can use up to 1000 stacks to specify which AWS resources in your account to analyze. For more information, see [Stacks](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacks.html) in the *AWS CloudFormation User Guide* .", + "title": "CloudFormation" }, - "Message": { - "markdownDescription": "The status message, if applicable.", - "title": "Message", + "Tags": { + "items": { + "$ref": "#/definitions/AWS::DevOpsGuru::ResourceCollection.TagCollection" + }, + "markdownDescription": "The AWS tags used to filter the resources in the resource collection.\n\nTags help you identify and organize your AWS resources. Many AWS services support tagging, so you can assign the same tag to resources from different services to indicate that the resources are related. For example, you can assign the same tag to an Amazon DynamoDB table resource that you assign to an AWS Lambda function. For more information about using tags, see the [Tagging best practices](https://docs.aws.amazon.com/whitepapers/latest/tagging-best-practices/tagging-best-practices.html) whitepaper.\n\nEach AWS tag has two parts.\n\n- A tag *key* (for example, `CostCenter` , `Environment` , `Project` , or `Secret` ). Tag *keys* are case-sensitive.\n- A field known as a tag *value* (for example, `111122223333` , `Production` , or a team name). Omitting the tag *value* is the same as using an empty string. Like tag *keys* , tag *values* are case-sensitive. The tag value is a required property when AppBoundaryKey is specified.\n\nTogether these are known as *key* - *value* pairs.\n\n> The string used for a *key* in a tag that you use to define your resource coverage must begin with the prefix `Devops-guru-` . The tag *key* might be `DevOps-Guru-deployment-application` or `devops-guru-rds-application` . When you create a *key* , the case of characters in the *key* can be whatever you choose. After you create a *key* , it is case-sensitive. For example, DevOps Guru works with a *key* named `devops-guru-rds` and a *key* named `DevOps-Guru-RDS` , and these act as two different *keys* . Possible *key* / *value* pairs in your application might be `Devops-Guru-production-application/RDS` or `Devops-Guru-production-application/containers` .", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "AWS::DevOpsGuru::ResourceCollection.TagCollection": { + "additionalProperties": false, + "properties": { + "AppBoundaryKey": { + "markdownDescription": "An AWS tag *key* that is used to identify the AWS resources that DevOps Guru analyzes. All AWS resources in your account and Region tagged with this *key* make up your DevOps Guru application and analysis boundary.\n\n> When you create a *key* , the case of characters in the *key* can be whatever you choose. After you create a *key* , it is case-sensitive. For example, DevOps Guru works with a *key* named `devops-guru-rds` and a *key* named `DevOps-Guru-RDS` , and these act as two different *keys* . Possible *key* / *value* pairs in your application might be `Devops-Guru-production-application/RDS` or `Devops-Guru-production-application/containers` .", + "title": "AppBoundaryKey", "type": "string" + }, + "TagValues": { + "items": { + "type": "string" + }, + "markdownDescription": "The values in an AWS tag collection.\n\nThe tag's *value* is a field used to associate a string with the tag *key* (for example, `111122223333` , `Production` , or a team name). The *key* and *value* are the tag's *key* pair. Omitting the tag *value* is the same as using an empty string. Like tag *keys* , tag *values* are case-sensitive. You can specify a maximum of 256 characters for a tag value. The tag value is a required property when *AppBoundaryKey* is specified.", + "title": "TagValues", + "type": "array" } }, "type": "object" }, - "AWS::EC2::TransitGatewayRoute": { + "AWS::DirectoryService::MicrosoftAD": { "additionalProperties": false, "properties": { "Condition": { @@ -79716,35 +85556,52 @@ "Properties": { "additionalProperties": false, "properties": { - "Blackhole": { - "markdownDescription": "Indicates whether to drop traffic that matches this route.", - "title": "Blackhole", + "CreateAlias": { + "markdownDescription": "Specifies an alias for a directory and assigns the alias to the directory. The alias is used to construct the access URL for the directory, such as `http://.awsapps.com` . By default, AWS CloudFormation does not create an alias.\n\n> After an alias has been created, it cannot be deleted or reused, so this operation should only be used when absolutely necessary.", + "title": "CreateAlias", "type": "boolean" }, - "DestinationCidrBlock": { - "markdownDescription": "The CIDR block used for destination matches.", - "title": "DestinationCidrBlock", + "Edition": { + "markdownDescription": "AWS Managed Microsoft AD is available in two editions: `Standard` and `Enterprise` . `Enterprise` is the default.", + "title": "Edition", "type": "string" }, - "TransitGatewayAttachmentId": { - "markdownDescription": "The ID of the attachment.", - "title": "TransitGatewayAttachmentId", + "EnableSso": { + "markdownDescription": "Whether to enable single sign-on for a Microsoft Active Directory in AWS . Single sign-on allows users in your directory to access certain AWS services from a computer joined to the directory without having to enter their credentials separately. If you don't specify a value, AWS CloudFormation disables single sign-on by default.", + "title": "EnableSso", + "type": "boolean" + }, + "Name": { + "markdownDescription": "The fully qualified domain name for the AWS Managed Microsoft AD directory, such as `corp.example.com` . This name will resolve inside your VPC only. It does not need to be publicly resolvable.", + "title": "Name", "type": "string" }, - "TransitGatewayRouteTableId": { - "markdownDescription": "The ID of the transit gateway route table.", - "title": "TransitGatewayRouteTableId", + "Password": { + "markdownDescription": "The password for the default administrative user named `Admin` .\n\nIf you need to change the password for the administrator account, see the [ResetUserPassword](https://docs.aws.amazon.com/directoryservice/latest/devguide/API_ResetUserPassword.html) API call in the *AWS Directory Service API Reference* .", + "title": "Password", + "type": "string" + }, + "ShortName": { + "markdownDescription": "The NetBIOS name for your domain, such as `CORP` . If you don't specify a NetBIOS name, it will default to the first part of your directory DNS. For example, `CORP` for the directory DNS `corp.example.com` .", + "title": "ShortName", "type": "string" + }, + "VpcSettings": { + "$ref": "#/definitions/AWS::DirectoryService::MicrosoftAD.VpcSettings", + "markdownDescription": "Specifies the VPC settings of the Microsoft AD directory server in AWS .", + "title": "VpcSettings" } }, "required": [ - "TransitGatewayRouteTableId" + "Name", + "Password", + "VpcSettings" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::TransitGatewayRoute" + "AWS::DirectoryService::MicrosoftAD" ], "type": "string" }, @@ -79763,7 +85620,30 @@ ], "type": "object" }, - "AWS::EC2::TransitGatewayRouteTable": { + "AWS::DirectoryService::MicrosoftAD.VpcSettings": { + "additionalProperties": false, + "properties": { + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The identifiers of the subnets for the directory servers. The two subnets must be in different Availability Zones. AWS Directory Service specifies a directory server and a DNS server in each of these subnets.", + "title": "SubnetIds", + "type": "array" + }, + "VpcId": { + "markdownDescription": "The identifier of the VPC in which to create the directory.", + "title": "VpcId", + "type": "string" + } + }, + "required": [ + "SubnetIds", + "VpcId" + ], + "type": "object" + }, + "AWS::DirectoryService::SimpleAD": { "additionalProperties": false, "properties": { "Condition": { @@ -79798,28 +85678,57 @@ "Properties": { "additionalProperties": false, "properties": { - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Any tags assigned to the route table.", - "title": "Tags", - "type": "array" + "CreateAlias": { + "markdownDescription": "If set to `true` , specifies an alias for a directory and assigns the alias to the directory. The alias is used to construct the access URL for the directory, such as `http://.awsapps.com` . By default, this property is set to `false` .\n\n> After an alias has been created, it cannot be deleted or reused, so this operation should only be used when absolutely necessary.", + "title": "CreateAlias", + "type": "boolean" }, - "TransitGatewayId": { - "markdownDescription": "The ID of the transit gateway.", - "title": "TransitGatewayId", + "Description": { + "markdownDescription": "A description for the directory.", + "title": "Description", + "type": "string" + }, + "EnableSso": { + "markdownDescription": "Whether to enable single sign-on for a directory. If you don't specify a value, AWS CloudFormation disables single sign-on by default.", + "title": "EnableSso", + "type": "boolean" + }, + "Name": { + "markdownDescription": "The fully qualified name for the directory, such as `corp.example.com` .", + "title": "Name", + "type": "string" + }, + "Password": { + "markdownDescription": "The password for the directory administrator. The directory creation process creates a directory administrator account with the user name `Administrator` and this password.\n\nIf you need to change the password for the administrator account, see the [ResetUserPassword](https://docs.aws.amazon.com/directoryservice/latest/devguide/API_ResetUserPassword.html) API call in the *AWS Directory Service API Reference* .", + "title": "Password", + "type": "string" + }, + "ShortName": { + "markdownDescription": "The NetBIOS name of the directory, such as `CORP` .", + "title": "ShortName", + "type": "string" + }, + "Size": { + "markdownDescription": "The size of the directory. For valid values, see [CreateDirectory](https://docs.aws.amazon.com/directoryservice/latest/devguide/API_CreateDirectory.html) in the *AWS Directory Service API Reference* .", + "title": "Size", "type": "string" + }, + "VpcSettings": { + "$ref": "#/definitions/AWS::DirectoryService::SimpleAD.VpcSettings", + "markdownDescription": "A [DirectoryVpcSettings](https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DirectoryVpcSettings.html) object that contains additional information for the operation.", + "title": "VpcSettings" } }, "required": [ - "TransitGatewayId" + "Name", + "Size", + "VpcSettings" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::TransitGatewayRouteTable" + "AWS::DirectoryService::SimpleAD" ], "type": "string" }, @@ -79838,7 +85747,30 @@ ], "type": "object" }, - "AWS::EC2::TransitGatewayRouteTableAssociation": { + "AWS::DirectoryService::SimpleAD.VpcSettings": { + "additionalProperties": false, + "properties": { + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The identifiers of the subnets for the directory servers. The two subnets must be in different Availability Zones. AWS Directory Service specifies a directory server and a DNS server in each of these subnets.", + "title": "SubnetIds", + "type": "array" + }, + "VpcId": { + "markdownDescription": "The identifier of the VPC in which to create the directory.", + "title": "VpcId", + "type": "string" + } + }, + "required": [ + "SubnetIds", + "VpcId" + ], + "type": "object" + }, + "AWS::DocDB::DBCluster": { "additionalProperties": false, "properties": { "Condition": { @@ -79873,210 +85805,174 @@ "Properties": { "additionalProperties": false, "properties": { - "TransitGatewayAttachmentId": { - "markdownDescription": "The ID of the attachment.", - "title": "TransitGatewayAttachmentId", - "type": "string" + "AvailabilityZones": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of Amazon EC2 Availability Zones that instances in the cluster can be created in.", + "title": "AvailabilityZones", + "type": "array" }, - "TransitGatewayRouteTableId": { - "markdownDescription": "The ID of the route table for the transit gateway.", - "title": "TransitGatewayRouteTableId", + "BackupRetentionPeriod": { + "markdownDescription": "The number of days for which automated backups are retained. You must specify a minimum value of 1.\n\nDefault: 1\n\nConstraints:\n\n- Must be a value from 1 to 35.", + "title": "BackupRetentionPeriod", + "type": "number" + }, + "CopyTagsToSnapshot": { + "markdownDescription": "Set to `true` to copy all tags from the source cluster snapshot to the target cluster snapshot, and otherwise `false` . The default is `false` .", + "title": "CopyTagsToSnapshot", + "type": "boolean" + }, + "DBClusterIdentifier": { + "markdownDescription": "The cluster identifier. This parameter is stored as a lowercase string.\n\nConstraints:\n\n- Must contain from 1 to 63 letters, numbers, or hyphens.\n- The first character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.\n\nExample: `my-cluster`", + "title": "DBClusterIdentifier", "type": "string" - } - }, - "required": [ - "TransitGatewayAttachmentId", - "TransitGatewayRouteTableId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::EC2::TransitGatewayRouteTableAssociation" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::EC2::TransitGatewayRouteTablePropagation": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + }, + "DBClusterParameterGroupName": { + "markdownDescription": "The name of the cluster parameter group to associate with this cluster.", + "title": "DBClusterParameterGroupName", "type": "string" }, - { + "DBSubnetGroupName": { + "markdownDescription": "A subnet group to associate with this cluster.\n\nConstraints: Must match the name of an existing `DBSubnetGroup` . Must not be default.\n\nExample: `mySubnetgroup`", + "title": "DBSubnetGroupName", + "type": "string" + }, + "DeletionProtection": { + "markdownDescription": "Protects clusters from being accidentally deleted. If enabled, the cluster cannot be deleted unless it is modified and `DeletionProtection` is disabled.", + "title": "DeletionProtection", + "type": "boolean" + }, + "EnableCloudwatchLogsExports": { "items": { - "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, + "markdownDescription": "The list of log types that need to be enabled for exporting to Amazon CloudWatch Logs. You can enable audit logs or profiler logs. For more information, see [Auditing Amazon DocumentDB Events](https://docs.aws.amazon.com/documentdb/latest/developerguide/event-auditing.html) and [Profiling Amazon DocumentDB Operations](https://docs.aws.amazon.com/documentdb/latest/developerguide/profiling.html) .", + "title": "EnableCloudwatchLogsExports", "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "TransitGatewayAttachmentId": { - "markdownDescription": "The ID of the attachment.", - "title": "TransitGatewayAttachmentId", + }, + "EngineVersion": { + "markdownDescription": "The version number of the database engine to use. The `--engine-version` will default to the latest major engine version. For production workloads, we recommend explicitly declaring this parameter with the intended major engine version.\n\nIf you intend to trigger an in-place upgrade, please refer to [Amazon DocumentDB in-place major version upgrade](https://docs.aws.amazon.com/documentdb/latest/developerguide/docdb-mvu.html) . Note that for an in-place engine version upgrade, you need to remove other cluster properties changes (e.g. SecurityGroupId) from the CFN template.", + "title": "EngineVersion", "type": "string" }, - "TransitGatewayRouteTableId": { - "markdownDescription": "The ID of the propagation route table.", - "title": "TransitGatewayRouteTableId", + "GlobalClusterIdentifier": { + "markdownDescription": "The cluster identifier of the new global cluster.", + "title": "GlobalClusterIdentifier", "type": "string" - } - }, - "required": [ - "TransitGatewayAttachmentId", - "TransitGatewayRouteTableId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::EC2::TransitGatewayRouteTablePropagation" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::EC2::TransitGatewayVpcAttachment": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + }, + "KmsKeyId": { + "markdownDescription": "The AWS KMS key identifier for an encrypted cluster.\n\nThe AWS KMS key identifier is the Amazon Resource Name (ARN) for the AWS KMS encryption key. If you are creating a cluster using the same AWS account that owns the AWS KMS encryption key that is used to encrypt the new cluster, you can use the AWS KMS key alias instead of the ARN for the AWS KMS encryption key.\n\nIf an encryption key is not specified in `KmsKeyId` :\n\n- If the `StorageEncrypted` parameter is `true` , Amazon DocumentDB uses your default encryption key.\n\nAWS KMS creates the default encryption key for your AWS account . Your AWS account has a different default encryption key for each AWS Regions .", + "title": "KmsKeyId", "type": "string" }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AddSubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of one or more subnets to add. You can specify at most one subnet per Availability Zone.", - "title": "AddSubnetIds", - "type": "array" + "ManageMasterUserPassword": { + "markdownDescription": "Specifies whether to manage the master user password with Amazon Web Services Secrets Manager.\n\nConstraint: You can't manage the master user password with Amazon Web Services Secrets Manager if `MasterUserPassword` is specified.", + "title": "ManageMasterUserPassword", + "type": "boolean" }, - "Options": { - "$ref": "#/definitions/AWS::EC2::TransitGatewayVpcAttachment.Options", - "markdownDescription": "The VPC attachment options.", - "title": "Options" + "MasterUserPassword": { + "markdownDescription": "The password for the master database user. This password can contain any printable ASCII character except forward slash (/), double quote (\"), or the \"at\" symbol (@).\n\nConstraints: Must contain from 8 to 100 characters.", + "title": "MasterUserPassword", + "type": "string" }, - "RemoveSubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of one or more subnets to remove.", - "title": "RemoveSubnetIds", - "type": "array" + "MasterUserSecretKmsKeyId": { + "markdownDescription": "The Amazon Web Services KMS key identifier to encrypt a secret that is automatically generated and managed in Amazon Web Services Secrets Manager. This setting is valid only if the master user password is managed by Amazon DocumentDB in Amazon Web Services Secrets Manager for the DB cluster.\n\nThe Amazon Web Services KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key. To use a KMS key in a different Amazon Web Services account, specify the key ARN or alias ARN.\n\nIf you don't specify `MasterUserSecretKmsKeyId` , then the `aws/secretsmanager` KMS key is used to encrypt the secret. If the secret is in a different Amazon Web Services account, then you can't use the `aws/secretsmanager` KMS key to encrypt the secret, and you must use a customer managed KMS key.\n\nThere is a default KMS key for your Amazon Web Services account. Your Amazon Web Services account has a different default KMS key for each Amazon Web Services Region.", + "title": "MasterUserSecretKmsKeyId", + "type": "string" }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the subnets.", - "title": "SubnetIds", - "type": "array" + "MasterUsername": { + "markdownDescription": "The name of the master user for the cluster.\n\nConstraints:\n\n- Must be from 1 to 63 letters or numbers.\n- The first character must be a letter.\n- Cannot be a reserved word for the chosen database engine.", + "title": "MasterUsername", + "type": "string" + }, + "NetworkType": { + "markdownDescription": "", + "title": "NetworkType", + "type": "string" + }, + "Port": { + "markdownDescription": "Specifies the port that the database engine is listening on.", + "title": "Port", + "type": "number" + }, + "PreferredBackupWindow": { + "markdownDescription": "The daily time range during which automated backups are created if automated backups are enabled using the `BackupRetentionPeriod` parameter.\n\nThe default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region .\n\nConstraints:\n\n- Must be in the format `hh24:mi-hh24:mi` .\n- Must be in Universal Coordinated Time (UTC).\n- Must not conflict with the preferred maintenance window.\n- Must be at least 30 minutes.", + "title": "PreferredBackupWindow", + "type": "string" + }, + "PreferredMaintenanceWindow": { + "markdownDescription": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n\nFormat: `ddd:hh24:mi-ddd:hh24:mi`\n\nThe default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region , occurring on a random day of the week.\n\nValid days: Mon, Tue, Wed, Thu, Fri, Sat, Sun\n\nConstraints: Minimum 30-minute window.", + "title": "PreferredMaintenanceWindow", + "type": "string" + }, + "RestoreToTime": { + "markdownDescription": "The date and time to restore the cluster to.\n\nValid values: A time in Universal Coordinated Time (UTC) format.\n\nConstraints:\n\n- Must be before the latest restorable time for the instance.\n- Must be specified if the `UseLatestRestorableTime` parameter is not provided.\n- Cannot be specified if the `UseLatestRestorableTime` parameter is `true` .\n- Cannot be specified if the `RestoreType` parameter is `copy-on-write` .\n\nExample: `2015-03-07T23:45:00Z`", + "title": "RestoreToTime", + "type": "string" + }, + "RestoreType": { + "markdownDescription": "The type of restore to be performed. You can specify one of the following values:\n\n- `full-copy` - The new DB cluster is restored as a full copy of the source DB cluster.\n- `copy-on-write` - The new DB cluster is restored as a clone of the source DB cluster.\n\nConstraints: You can't specify `copy-on-write` if the engine version of the source DB cluster is earlier than 1.11.\n\nIf you don't specify a `RestoreType` value, then the new DB cluster is restored as a full copy of the source DB cluster.", + "title": "RestoreType", + "type": "string" + }, + "RotateMasterUserPassword": { + "markdownDescription": "Specifies whether to rotate the secret managed by Amazon Web Services Secrets Manager for the master user password.\n\nThis setting is valid only if the master user password is managed by Amazon DocumentDB in Amazon Web Services Secrets Manager for the cluster. The secret value contains the updated password.\n\nConstraint: You must apply the change immediately when rotating the master user password.", + "title": "RotateMasterUserPassword", + "type": "boolean" + }, + "ServerlessV2ScalingConfiguration": { + "$ref": "#/definitions/AWS::DocDB::DBCluster.ServerlessV2ScalingConfiguration", + "markdownDescription": "", + "title": "ServerlessV2ScalingConfiguration" + }, + "SnapshotIdentifier": { + "markdownDescription": "The identifier for the snapshot or cluster snapshot to restore from.\n\nYou can use either the name or the Amazon Resource Name (ARN) to specify a cluster snapshot. However, you can use only the ARN to specify a snapshot.\n\nConstraints:\n\n- Must match the identifier of an existing snapshot.", + "title": "SnapshotIdentifier", + "type": "string" + }, + "SourceDBClusterIdentifier": { + "markdownDescription": "The identifier of the source cluster from which to restore.\n\nConstraints:\n\n- Must match the identifier of an existing `DBCluster` .", + "title": "SourceDBClusterIdentifier", + "type": "string" + }, + "StorageEncrypted": { + "markdownDescription": "Specifies whether the cluster is encrypted.\n\nIf you specify `SourceDBClusterIdentifier` or `SnapshotIdentifier` and don\u2019t specify `StorageEncrypted` , the encryption property is inherited from the source cluster or snapshot (unless `KMSKeyId` is specified, in which case the restored cluster will be encrypted with that KMS key). If the source is encrypted and `StorageEncrypted` is specified to be true, the restored cluster will be encrypted (if you want to use a different KMS key, specify the `KMSKeyId` property as well). If the source is unencrypted and `StorageEncrypted` is specified to be true, then the `KMSKeyId` property must be specified. If the source is encrypted, don\u2019t specify `StorageEncrypted` to be false as opting out of encryption is not allowed.", + "title": "StorageEncrypted", + "type": "boolean" + }, + "StorageType": { + "markdownDescription": "The storage type to associate with the DB cluster.\n\nFor information on storage types for Amazon DocumentDB clusters, see Cluster storage configurations in the *Amazon DocumentDB Developer Guide* .\n\nValid values for storage type - `standard | iopt1`\n\nDefault value is `standard`\n\n> When you create a DocumentDB DB cluster with the storage type set to `iopt1` , the storage type is returned in the response. The storage type isn't returned when you set it to `standard` .", + "title": "StorageType", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags for the VPC attachment.", + "markdownDescription": "The tags to be assigned to the cluster.", "title": "Tags", "type": "array" }, - "TransitGatewayId": { - "markdownDescription": "The ID of the transit gateway.", - "title": "TransitGatewayId", - "type": "string" + "UseLatestRestorableTime": { + "markdownDescription": "A value that is set to `true` to restore the cluster to the latest restorable backup time, and `false` otherwise.\n\nDefault: `false`\n\nConstraints: Cannot be specified if the `RestoreToTime` parameter is provided.", + "title": "UseLatestRestorableTime", + "type": "boolean" }, - "VpcId": { - "markdownDescription": "The ID of the VPC.", - "title": "VpcId", - "type": "string" + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of EC2 VPC security groups to associate with this cluster.", + "title": "VpcSecurityGroupIds", + "type": "array" } }, - "required": [ - "SubnetIds", - "TransitGatewayId", - "VpcId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::TransitGatewayVpcAttachment" + "AWS::DocDB::DBCluster" ], "type": "string" }, @@ -80090,33 +85986,31 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::EC2::TransitGatewayVpcAttachment.Options": { + "AWS::DocDB::DBCluster.ServerlessV2ScalingConfiguration": { "additionalProperties": false, "properties": { - "ApplianceModeSupport": { - "markdownDescription": "Enable or disable appliance mode support. The default is `disable` .", - "title": "ApplianceModeSupport", - "type": "string" - }, - "DnsSupport": { - "markdownDescription": "Enable or disable DNS support. The default is `disable` .", - "title": "DnsSupport", - "type": "string" + "MaxCapacity": { + "markdownDescription": "", + "title": "MaxCapacity", + "type": "number" }, - "Ipv6Support": { - "markdownDescription": "Enable or disable IPv6 support. The default is `disable` .", - "title": "Ipv6Support", - "type": "string" + "MinCapacity": { + "markdownDescription": "", + "title": "MinCapacity", + "type": "number" } }, + "required": [ + "MaxCapacity", + "MinCapacity" + ], "type": "object" }, - "AWS::EC2::VPC": { + "AWS::DocDB::DBClusterParameterGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -80151,50 +86045,45 @@ "Properties": { "additionalProperties": false, "properties": { - "CidrBlock": { - "markdownDescription": "The IPv4 network range for the VPC, in CIDR notation. For example, `10.0.0.0/16` . We modify the specified CIDR block to its canonical form; for example, if you specify `100.68.0.18/18` , we modify it to `100.68.0.0/18` .\n\nYou must specify either `CidrBlock` or `Ipv4IpamPoolId` .", - "title": "CidrBlock", + "Description": { + "markdownDescription": "The description for the cluster parameter group.", + "title": "Description", "type": "string" }, - "EnableDnsHostnames": { - "markdownDescription": "Indicates whether the instances launched in the VPC get DNS hostnames. If enabled, instances in the VPC get DNS hostnames; otherwise, they do not. Disabled by default for nondefault VPCs. For more information, see [DNS attributes in your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-dns.html#vpc-dns-support) .\n\nYou can only enable DNS hostnames if you've enabled DNS support.", - "title": "EnableDnsHostnames", - "type": "boolean" - }, - "EnableDnsSupport": { - "markdownDescription": "Indicates whether the DNS resolution is supported for the VPC. If enabled, queries to the Amazon provided DNS server at the 169.254.169.253 IP address, or the reserved IP address at the base of the VPC network range \"plus two\" succeed. If disabled, the Amazon provided DNS service in the VPC that resolves public DNS hostnames to IP addresses is not enabled. Enabled by default. For more information, see [DNS attributes in your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-dns.html#vpc-dns-support) .", - "title": "EnableDnsSupport", - "type": "boolean" - }, - "InstanceTenancy": { - "markdownDescription": "The allowed tenancy of instances launched into the VPC.\n\n- `default` : An instance launched into the VPC runs on shared hardware by default, unless you explicitly specify a different tenancy during instance launch.\n- `dedicated` : An instance launched into the VPC runs on dedicated hardware by default, unless you explicitly specify a tenancy of `host` during instance launch. You cannot specify a tenancy of `default` during instance launch.\n\nUpdating `InstanceTenancy` requires no replacement only if you are updating its value from `dedicated` to `default` . Updating `InstanceTenancy` from `default` to `dedicated` requires replacement.", - "title": "InstanceTenancy", + "Family": { + "markdownDescription": "The cluster parameter group family name.", + "title": "Family", "type": "string" }, - "Ipv4IpamPoolId": { - "markdownDescription": "The ID of an IPv4 IPAM pool you want to use for allocating this VPC's CIDR. For more information, see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide* .\n\nYou must specify either `CidrBlock` or `Ipv4IpamPoolId` .", - "title": "Ipv4IpamPoolId", + "Name": { + "markdownDescription": "The name of the DB cluster parameter group.\n\nConstraints:\n\n- Must not match the name of an existing `DBClusterParameterGroup` .\n\n> This value is stored as a lowercase string.", + "title": "Name", "type": "string" }, - "Ipv4NetmaskLength": { - "markdownDescription": "The netmask length of the IPv4 CIDR you want to allocate to this VPC from an Amazon VPC IP Address Manager (IPAM) pool. For more information about IPAM, see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide* .", - "title": "Ipv4NetmaskLength", - "type": "number" + "Parameters": { + "markdownDescription": "Provides a list of parameters for the cluster parameter group.", + "title": "Parameters", + "type": "object" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags for the VPC.", + "markdownDescription": "The tags to be assigned to the cluster parameter group.", "title": "Tags", "type": "array" } }, + "required": [ + "Description", + "Family", + "Parameters" + ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::VPC" + "AWS::DocDB::DBClusterParameterGroup" ], "type": "string" }, @@ -80208,11 +86097,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::EC2::VPCCidrBlock": { + "AWS::DocDB::DBInstance": { "additionalProperties": false, "properties": { "Condition": { @@ -80247,60 +86137,69 @@ "Properties": { "additionalProperties": false, "properties": { - "AmazonProvidedIpv6CidrBlock": { - "markdownDescription": "Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC. You cannot specify the range of IPv6 addresses or the size of the CIDR block.", - "title": "AmazonProvidedIpv6CidrBlock", + "AutoMinorVersionUpgrade": { + "markdownDescription": "This parameter does not apply to Amazon DocumentDB. Amazon DocumentDB does not perform minor version upgrades regardless of the value set.\n\nDefault: `false`", + "title": "AutoMinorVersionUpgrade", "type": "boolean" }, - "CidrBlock": { - "markdownDescription": "An IPv4 CIDR block to associate with the VPC.", - "title": "CidrBlock", + "AvailabilityZone": { + "markdownDescription": "The Amazon EC2 Availability Zone that the instance is created in.\n\nDefault: A random, system-chosen Availability Zone in the endpoint's AWS Region .\n\nExample: `us-east-1d`", + "title": "AvailabilityZone", "type": "string" }, - "Ipv4IpamPoolId": { - "markdownDescription": "Associate a CIDR allocated from an IPv4 IPAM pool to a VPC. For more information about Amazon VPC IP Address Manager (IPAM), see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide* .", - "title": "Ipv4IpamPoolId", + "CACertificateIdentifier": { + "markdownDescription": "The identifier of the CA certificate for this DB instance.", + "title": "CACertificateIdentifier", "type": "string" }, - "Ipv4NetmaskLength": { - "markdownDescription": "The netmask length of the IPv4 CIDR you would like to associate from an Amazon VPC IP Address Manager (IPAM) pool. For more information about IPAM, see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide* .", - "title": "Ipv4NetmaskLength", - "type": "number" + "CertificateRotationRestart": { + "markdownDescription": "Specifies whether the DB instance is restarted when you rotate your SSL/TLS certificate.\n\nBy default, the DB instance is restarted when you rotate your SSL/TLS certificate. The certificate is not updated until the DB instance is restarted.\n\n> Set this parameter only if you are *not* using SSL/TLS to connect to the DB instance. \n\nIf you are using SSL/TLS to connect to the DB instance, see [Updating Your Amazon DocumentDB TLS Certificates](https://docs.aws.amazon.com/documentdb/latest/developerguide/ca_cert_rotation.html) and [Encrypting Data in Transit](https://docs.aws.amazon.com/documentdb/latest/developerguide/security.encryption.ssl.html) in the *Amazon DocumentDB Developer Guide* .", + "title": "CertificateRotationRestart", + "type": "boolean" }, - "Ipv6CidrBlock": { - "markdownDescription": "An IPv6 CIDR block from the IPv6 address pool. You must also specify `Ipv6Pool` in the request.\n\nTo let Amazon choose the IPv6 CIDR block for you, omit this parameter.", - "title": "Ipv6CidrBlock", + "DBClusterIdentifier": { + "markdownDescription": "The identifier of the cluster that the instance will belong to.", + "title": "DBClusterIdentifier", "type": "string" }, - "Ipv6IpamPoolId": { - "markdownDescription": "Associates a CIDR allocated from an IPv6 IPAM pool to a VPC. For more information about Amazon VPC IP Address Manager (IPAM), see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide* .", - "title": "Ipv6IpamPoolId", + "DBInstanceClass": { + "markdownDescription": "The compute and memory capacity of the instance; for example, `db.m4.large` . If you change the class of an instance there can be some interruption in the cluster's service.", + "title": "DBInstanceClass", "type": "string" }, - "Ipv6NetmaskLength": { - "markdownDescription": "The netmask length of the IPv6 CIDR you would like to associate from an Amazon VPC IP Address Manager (IPAM) pool. For more information about IPAM, see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide* .", - "title": "Ipv6NetmaskLength", - "type": "number" - }, - "Ipv6Pool": { - "markdownDescription": "The ID of an IPv6 address pool from which to allocate the IPv6 CIDR block.", - "title": "Ipv6Pool", + "DBInstanceIdentifier": { + "markdownDescription": "The instance identifier. This parameter is stored as a lowercase string.\n\nConstraints:\n\n- Must contain from 1 to 63 letters, numbers, or hyphens.\n- The first character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.\n\nExample: `mydbinstance`", + "title": "DBInstanceIdentifier", "type": "string" }, - "VpcId": { - "markdownDescription": "The ID of the VPC.", - "title": "VpcId", + "EnablePerformanceInsights": { + "markdownDescription": "A value that indicates whether to enable Performance Insights for the DB Instance. For more information, see [Using Amazon Performance Insights](https://docs.aws.amazon.com/documentdb/latest/developerguide/performance-insights.html) .", + "title": "EnablePerformanceInsights", + "type": "boolean" + }, + "PreferredMaintenanceWindow": { + "markdownDescription": "The time range each week during which system maintenance can occur, in Universal Coordinated Time (UTC).\n\nFormat: `ddd:hh24:mi-ddd:hh24:mi`\n\nThe default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region , occurring on a random day of the week.\n\nValid days: Mon, Tue, Wed, Thu, Fri, Sat, Sun\n\nConstraints: Minimum 30-minute window.", + "title": "PreferredMaintenanceWindow", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to be assigned to the instance. You can assign up to 10 tags to an instance.", + "title": "Tags", + "type": "array" } }, "required": [ - "VpcId" + "DBClusterIdentifier", + "DBInstanceClass" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::VPCCidrBlock" + "AWS::DocDB::DBInstance" ], "type": "string" }, @@ -80319,7 +86218,7 @@ ], "type": "object" }, - "AWS::EC2::VPCDHCPOptionsAssociation": { + "AWS::DocDB::DBSubnetGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -80354,26 +86253,42 @@ "Properties": { "additionalProperties": false, "properties": { - "DhcpOptionsId": { - "markdownDescription": "The ID of the DHCP options set, or `default` to associate no DHCP options with the VPC.", - "title": "DhcpOptionsId", + "DBSubnetGroupDescription": { + "markdownDescription": "The description for the subnet group.", + "title": "DBSubnetGroupDescription", "type": "string" }, - "VpcId": { - "markdownDescription": "The ID of the VPC.", - "title": "VpcId", + "DBSubnetGroupName": { + "markdownDescription": "The name for the subnet group. This value is stored as a lowercase string.\n\nConstraints: Must contain no more than 255 letters, numbers, periods, underscores, spaces, or hyphens. Must not be default.\n\nExample: `mySubnetgroup`", + "title": "DBSubnetGroupName", "type": "string" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon EC2 subnet IDs for the subnet group.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to be assigned to the subnet group.", + "title": "Tags", + "type": "array" } }, "required": [ - "DhcpOptionsId", - "VpcId" + "DBSubnetGroupDescription", + "SubnetIds" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::VPCDHCPOptionsAssociation" + "AWS::DocDB::DBSubnetGroup" ], "type": "string" }, @@ -80392,7 +86307,7 @@ ], "type": "object" }, - "AWS::EC2::VPCEndpoint": { + "AWS::DocDB::EventSubscription": { "additionalProperties": false, "properties": { "Condition": { @@ -80427,65 +86342,51 @@ "Properties": { "additionalProperties": false, "properties": { - "PolicyDocument": { - "markdownDescription": "An endpoint policy, which controls access to the service from the VPC. The default endpoint policy allows full access to the service. Endpoint policies are supported only for gateway and interface endpoints.\n\nFor CloudFormation templates in YAML, you can provide the policy in JSON or YAML format. For example, if you have a JSON policy, you can convert it to YAML before including it in the YAML template, and AWS CloudFormation converts the policy to JSON format before calling the API actions for AWS PrivateLink . Alternatively, you can include the JSON directly in the YAML, as shown in the following `Properties` section:\n\n`Properties: VpcEndpointType: 'Interface' ServiceName: !Sub 'com.amazonaws.${AWS::Region}.logs' PolicyDocument: '{ \"Version\":\"2012-10-17\", \"Statement\": [{ \"Effect\":\"Allow\", \"Principal\":\"*\", \"Action\":[\"logs:Describe*\",\"logs:Get*\",\"logs:List*\",\"logs:FilterLogEvents\"], \"Resource\":\"*\" }] }'`", - "title": "PolicyDocument", - "type": "object" - }, - "PrivateDnsEnabled": { - "markdownDescription": "Indicate whether to associate a private hosted zone with the specified VPC. The private hosted zone contains a record set for the default public DNS name for the service for the Region (for example, `kinesis.us-east-1.amazonaws.com` ), which resolves to the private IP addresses of the endpoint network interfaces in the VPC. This enables you to make requests to the default public DNS name for the service instead of the public DNS names that are automatically generated by the VPC endpoint service.\n\nTo use a private hosted zone, you must set the following VPC attributes to `true` : `enableDnsHostnames` and `enableDnsSupport` .\n\nThis property is supported only for interface endpoints.\n\nDefault: `false`", - "title": "PrivateDnsEnabled", + "Enabled": { + "markdownDescription": "A Boolean value; set to `true` to activate the subscription, set to `false` to create the subscription but not active it.", + "title": "Enabled", "type": "boolean" }, - "RouteTableIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the route tables. Routing is supported only for gateway endpoints.", - "title": "RouteTableIds", - "type": "array" - }, - "SecurityGroupIds": { + "EventCategories": { "items": { "type": "string" }, - "markdownDescription": "The IDs of the security groups to associate with the endpoint network interfaces. If this parameter is not specified, we use the default security group for the VPC. Security groups are supported only for interface endpoints.", - "title": "SecurityGroupIds", + "markdownDescription": "A list of event categories for a `SourceType` that you want to subscribe to.", + "title": "EventCategories", "type": "array" }, - "ServiceName": { - "markdownDescription": "The name of the endpoint service.", - "title": "ServiceName", + "SnsTopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the SNS topic created for event notification. Amazon SNS creates the ARN when you create a topic and subscribe to it.", + "title": "SnsTopicArn", "type": "string" }, - "SubnetIds": { + "SourceIds": { "items": { "type": "string" }, - "markdownDescription": "The IDs of the subnets in which to create endpoint network interfaces. You must specify this property for an interface endpoint or a Gateway Load Balancer endpoint. You can't specify this property for a gateway endpoint. For a Gateway Load Balancer endpoint, you can specify only one subnet.", - "title": "SubnetIds", + "markdownDescription": "The list of identifiers of the event sources for which events are returned. If not specified, then all sources are included in the response. An identifier must begin with a letter and must contain only ASCII letters, digits, and hyphens; it can't end with a hyphen or contain two consecutive hyphens.\n\nConstraints:\n\n- If `SourceIds` are provided, `SourceType` must also be provided.\n- If the source type is an instance, a `DBInstanceIdentifier` must be provided.\n- If the source type is a security group, a `DBSecurityGroupName` must be provided.\n- If the source type is a parameter group, a `DBParameterGroupName` must be provided.\n- If the source type is a snapshot, a `DBSnapshotIdentifier` must be provided.", + "title": "SourceIds", "type": "array" }, - "VpcEndpointType": { - "markdownDescription": "The type of endpoint.\n\nDefault: Gateway", - "title": "VpcEndpointType", + "SourceType": { + "markdownDescription": "The type of source that is generating the events. For example, if you want to be notified of events generated by an instance, you would set this parameter to `db-instance` . If this value is not specified, all events are returned.\n\nValid values: `db-instance` , `db-cluster` , `db-parameter-group` , `db-security-group` , `db-cluster-snapshot`", + "title": "SourceType", "type": "string" }, - "VpcId": { - "markdownDescription": "The ID of the VPC.", - "title": "VpcId", + "SubscriptionName": { + "markdownDescription": "The name of the subscription.\n\nConstraints: The name must be fewer than 255 characters.", + "title": "SubscriptionName", "type": "string" } }, "required": [ - "ServiceName", - "VpcId" + "SnsTopicArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::VPCEndpoint" + "AWS::DocDB::EventSubscription" ], "type": "string" }, @@ -80504,7 +86405,7 @@ ], "type": "object" }, - "AWS::EC2::VPCEndpointConnectionNotification": { + "AWS::DocDBElastic::Cluster": { "additionalProperties": false, "properties": { "Condition": { @@ -80539,39 +86440,98 @@ "Properties": { "additionalProperties": false, "properties": { - "ConnectionEvents": { - "items": { - "type": "string" - }, - "markdownDescription": "The endpoint events for which to receive notifications. Valid values are `Accept` , `Connect` , `Delete` , and `Reject` .", - "title": "ConnectionEvents", - "type": "array" + "AdminUserName": { + "markdownDescription": "The name of the Amazon DocumentDB elastic clusters administrator.\n\n*Constraints* :\n\n- Must be from 1 to 63 letters or numbers.\n- The first character must be a letter.\n- Cannot be a reserved word.", + "title": "AdminUserName", + "type": "string" }, - "ConnectionNotificationArn": { - "markdownDescription": "The ARN of the SNS topic for the notifications.", - "title": "ConnectionNotificationArn", + "AdminUserPassword": { + "markdownDescription": "The password for the Elastic DocumentDB cluster administrator and can contain any printable ASCII characters.\n\n*Constraints* :\n\n- Must contain from 8 to 100 characters.\n- Cannot contain a forward slash (/), double quote (\"), or the \"at\" symbol (@).\n- A valid `AdminUserName` entry is also required.", + "title": "AdminUserPassword", "type": "string" }, - "ServiceId": { - "markdownDescription": "The ID of the endpoint service.", - "title": "ServiceId", + "AuthType": { + "markdownDescription": "The authentication type used to determine where to fetch the password used for accessing the elastic cluster. Valid types are `PLAIN_TEXT` or `SECRET_ARN` .", + "title": "AuthType", "type": "string" }, - "VPCEndpointId": { - "markdownDescription": "The ID of the endpoint.", - "title": "VPCEndpointId", + "BackupRetentionPeriod": { + "markdownDescription": "The number of days for which automatic snapshots are retained.", + "title": "BackupRetentionPeriod", + "type": "number" + }, + "ClusterName": { + "markdownDescription": "The name of the new elastic cluster. This parameter is stored as a lowercase string.\n\n*Constraints* :\n\n- Must contain from 1 to 63 letters, numbers, or hyphens.\n- The first character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.\n\n*Example* : `my-cluster`", + "title": "ClusterName", + "type": "string" + }, + "KmsKeyId": { + "markdownDescription": "The KMS key identifier to use to encrypt the new elastic cluster.\n\nThe KMS key identifier is the Amazon Resource Name (ARN) for the KMS encryption key. If you are creating a cluster using the same Amazon account that owns this KMS encryption key, you can use the KMS key alias instead of the ARN as the KMS encryption key.\n\nIf an encryption key is not specified, Amazon DocumentDB uses the default encryption key that KMS creates for your account. Your account has a different default encryption key for each Amazon Region.", + "title": "KmsKeyId", + "type": "string" + }, + "PreferredBackupWindow": { + "markdownDescription": "The daily time range during which automated backups are created if automated backups are enabled, as determined by `backupRetentionPeriod` .", + "title": "PreferredBackupWindow", + "type": "string" + }, + "PreferredMaintenanceWindow": { + "markdownDescription": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n\n*Format* : `ddd:hh24:mi-ddd:hh24:mi`\n\n*Default* : a 30-minute window selected at random from an 8-hour block of time for each AWS Region , occurring on a random day of the week.\n\n*Valid days* : Mon, Tue, Wed, Thu, Fri, Sat, Sun\n\n*Constraints* : Minimum 30-minute window.", + "title": "PreferredMaintenanceWindow", "type": "string" + }, + "ShardCapacity": { + "markdownDescription": "The number of vCPUs assigned to each elastic cluster shard. Maximum is 64. Allowed values are 2, 4, 8, 16, 32, 64.", + "title": "ShardCapacity", + "type": "number" + }, + "ShardCount": { + "markdownDescription": "The number of shards assigned to the elastic cluster. Maximum is 32.", + "title": "ShardCount", + "type": "number" + }, + "ShardInstanceCount": { + "markdownDescription": "The number of replica instances applying to all shards in the cluster. A `shardInstanceCount` value of 1 means there is one writer instance, and any additional instances are replicas that can be used for reads and to improve availability.", + "title": "ShardInstanceCount", + "type": "number" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon EC2 subnet IDs for the new elastic cluster.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to be assigned to the new elastic cluster.", + "title": "Tags", + "type": "array" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of EC2 VPC security groups to associate with the new elastic cluster.", + "title": "VpcSecurityGroupIds", + "type": "array" } }, "required": [ - "ConnectionEvents", - "ConnectionNotificationArn" + "AdminUserName", + "AuthType", + "ClusterName", + "ShardCapacity", + "ShardCount" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::VPCEndpointConnectionNotification" + "AWS::DocDBElastic::Cluster" ], "type": "string" }, @@ -80590,7 +86550,7 @@ ], "type": "object" }, - "AWS::EC2::VPCEndpointService": { + "AWS::DynamoDB::GlobalTable": { "additionalProperties": false, "properties": { "Condition": { @@ -80625,117 +86585,110 @@ "Properties": { "additionalProperties": false, "properties": { - "AcceptanceRequired": { - "markdownDescription": "Indicates whether requests from service consumers to create an endpoint to your service must be accepted.", - "title": "AcceptanceRequired", - "type": "boolean" + "AttributeDefinitions": { + "items": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.AttributeDefinition" + }, + "markdownDescription": "A list of attributes that describe the key schema for the global table and indexes.", + "title": "AttributeDefinitions", + "type": "array" }, - "ContributorInsightsEnabled": { - "markdownDescription": "Indicates whether to enable the built-in Contributor Insights rules provided by AWS PrivateLink .", - "title": "ContributorInsightsEnabled", - "type": "boolean" + "BillingMode": { + "markdownDescription": "Specifies how you are charged for read and write throughput and how you manage capacity. Valid values are:\n\n- `PAY_PER_REQUEST`\n- `PROVISIONED`\n\nAll replicas in your global table will have the same billing mode. If you use `PROVISIONED` billing mode, you must provide an auto scaling configuration via the `WriteProvisionedThroughputSettings` property. The default value of this property is `PROVISIONED` .", + "title": "BillingMode", + "type": "string" }, - "GatewayLoadBalancerArns": { + "GlobalSecondaryIndexes": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.GlobalSecondaryIndex" }, - "markdownDescription": "The Amazon Resource Names (ARNs) of the Gateway Load Balancers.", - "title": "GatewayLoadBalancerArns", + "markdownDescription": "Global secondary indexes to be created on the global table. You can create up to 20 global secondary indexes. Each replica in your global table will have the same global secondary index settings. You can only create or delete one global secondary index in a single stack operation.\n\nSince the backfilling of an index could take a long time, CloudFormation does not wait for the index to become active. If a stack operation rolls back, CloudFormation might not delete an index that has been added. In that case, you will need to delete the index manually.", + "title": "GlobalSecondaryIndexes", "type": "array" }, - "NetworkLoadBalancerArns": { + "GlobalTableWitnesses": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.GlobalTableWitness" }, - "markdownDescription": "The Amazon Resource Names (ARNs) of the Network Load Balancers.", - "title": "NetworkLoadBalancerArns", + "markdownDescription": "The list of witnesses of the MRSC global table. Only one witness Region can be configured per MRSC global table.", + "title": "GlobalTableWitnesses", "type": "array" }, - "PayerResponsibility": { - "markdownDescription": "The entity that is responsible for the endpoint costs. The default is the endpoint owner. If you set the payer responsibility to the service owner, you cannot set it back to the endpoint owner.", - "title": "PayerResponsibility", - "type": "string" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::EC2::VPCEndpointService" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::EC2::VPCEndpointServicePermissions": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" + "KeySchema": { + "items": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.KeySchema" + }, + "markdownDescription": "Specifies the attributes that make up the primary key for the table. The attributes in the `KeySchema` property must also be defined in the `AttributeDefinitions` property.", + "title": "KeySchema", + "type": "array" }, - { + "LocalSecondaryIndexes": { "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.LocalSecondaryIndex" }, + "markdownDescription": "Local secondary indexes to be created on the table. You can create up to five local secondary indexes. Each index is scoped to a given hash key value. The size of each hash key can be up to 10 gigabytes. Each replica in your global table will have the same local secondary index settings.", + "title": "LocalSecondaryIndexes", "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AllowedPrincipals": { + }, + "MultiRegionConsistency": { + "markdownDescription": "Specifies the consistency mode for a new global table.\n\nYou can specify one of the following consistency modes:\n\n- `EVENTUAL` : Configures a new global table for multi-Region eventual consistency (MREC).\n- `STRONG` : Configures a new global table for multi-Region strong consistency (MRSC).\n\nIf you don't specify this field, the global table consistency mode defaults to `EVENTUAL` . For more information about global tables consistency modes, see [Consistency modes](https://docs.aws.amazon.com/V2globaltables_HowItWorks.html#V2globaltables_HowItWorks.consistency-modes) in DynamoDB developer guide.", + "title": "MultiRegionConsistency", + "type": "string" + }, + "Replicas": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReplicaSpecification" }, - "markdownDescription": "The Amazon Resource Names (ARN) of one or more principals (for example, users, IAM roles, and AWS accounts ). Permissions are granted to the principals in this list. To grant permissions to all principals, specify an asterisk (*). Permissions are revoked for principals not in this list. If the list is empty, then all permissions are revoked.", - "title": "AllowedPrincipals", + "markdownDescription": "Specifies the list of replicas for your global table. The list must contain at least one element, the region where the stack defining the global table is deployed. For example, if you define your table in a stack deployed to us-east-1, you must have an entry in `Replicas` with the region us-east-1. You cannot remove the replica in the stack region.\n\n> Adding a replica might take a few minutes for an empty table, or up to several hours for large tables. If you want to add or remove a replica, we recommend submitting an `UpdateStack` operation containing only that change.\n> \n> If you add or delete a replica during an update, we recommend that you don't update any other resources. If your stack fails to update and is rolled back while adding a new replica, you might need to manually delete the replica. \n\nYou can create a new global table with as many replicas as needed. You can add or remove replicas after table creation, but you can only add or remove a single replica in each update. For Multi-Region Strong Consistency (MRSC), you can add or remove up to 3 replicas, or 2 replicas plus a witness Region.", + "title": "Replicas", "type": "array" }, - "ServiceId": { - "markdownDescription": "The ID of the service.", - "title": "ServiceId", + "SSESpecification": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.SSESpecification", + "markdownDescription": "Specifies the settings to enable server-side encryption. These settings will be applied to all replicas. If you plan to use customer-managed KMS keys, you must provide a key for each replica using the `ReplicaSpecification.ReplicaSSESpecification` property.", + "title": "SSESpecification" + }, + "StreamSpecification": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.StreamSpecification", + "markdownDescription": "Specifies the streams settings on your global table. You must provide a value for this property if your global table contains more than one replica. You can only change the streams settings if your global table has only one replica. For Multi-Region Strong Consistency (MRSC), you do not need to provide a value for this property and can change the settings at any time.", + "title": "StreamSpecification" + }, + "TableName": { + "markdownDescription": "A name for the global table. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID as the table name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "TableName", "type": "string" + }, + "TimeToLiveSpecification": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.TimeToLiveSpecification", + "markdownDescription": "Specifies the time to live (TTL) settings for the table. This setting will be applied to all replicas.", + "title": "TimeToLiveSpecification" + }, + "WarmThroughput": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.WarmThroughput", + "markdownDescription": "Provides visibility into the number of read and write operations your table or secondary index can instantaneously support. The settings can be modified using the `UpdateTable` operation to meet the throughput requirements of an upcoming peak event.", + "title": "WarmThroughput" + }, + "WriteOnDemandThroughputSettings": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.WriteOnDemandThroughputSettings", + "markdownDescription": "Sets the write request settings for a global table or a global secondary index. You can only specify this setting if your resource uses the `PAY_PER_REQUEST` `BillingMode` .", + "title": "WriteOnDemandThroughputSettings" + }, + "WriteProvisionedThroughputSettings": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.WriteProvisionedThroughputSettings", + "markdownDescription": "Specifies an auto scaling policy for write capacity. This policy will be applied to all replicas. This setting must be specified if `BillingMode` is set to `PROVISIONED` .", + "title": "WriteProvisionedThroughputSettings" } }, "required": [ - "ServiceId" + "AttributeDefinitions", + "KeySchema", + "Replicas" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::VPCEndpointServicePermissions" + "AWS::DynamoDB::GlobalTable" ], "type": "string" }, @@ -80754,854 +86707,539 @@ ], "type": "object" }, - "AWS::EC2::VPCGatewayAttachment": { + "AWS::DynamoDB::GlobalTable.AttributeDefinition": { "additionalProperties": false, "properties": { - "Condition": { + "AttributeName": { + "markdownDescription": "A name for the attribute.", + "title": "AttributeName", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "AttributeType": { + "markdownDescription": "The data type for the attribute, where:\n\n- `S` - the attribute is of type String\n- `N` - the attribute is of type Number\n- `B` - the attribute is of type Binary", + "title": "AttributeType", "type": "string" + } + }, + "required": [ + "AttributeName", + "AttributeType" + ], + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.CapacityAutoScalingSettings": { + "additionalProperties": false, + "properties": { + "MaxCapacity": { + "markdownDescription": "The maximum provisioned capacity units for the global table.", + "title": "MaxCapacity", + "type": "number" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "InternetGatewayId": { - "markdownDescription": "The ID of the internet gateway.\n\nYou must specify either `InternetGatewayId` or `VpnGatewayId` , but not both.", - "title": "InternetGatewayId", - "type": "string" - }, - "VpcId": { - "markdownDescription": "The ID of the VPC.", - "title": "VpcId", - "type": "string" - }, - "VpnGatewayId": { - "markdownDescription": "The ID of the virtual private gateway.\n\nYou must specify either `InternetGatewayId` or `VpnGatewayId` , but not both.", - "title": "VpnGatewayId", - "type": "string" - } - }, - "required": [ - "VpcId" - ], - "type": "object" + "MinCapacity": { + "markdownDescription": "The minimum provisioned capacity units for the global table.", + "title": "MinCapacity", + "type": "number" }, - "Type": { - "enum": [ - "AWS::EC2::VPCGatewayAttachment" - ], - "type": "string" + "SeedCapacity": { + "markdownDescription": "When switching billing mode from `PAY_PER_REQUEST` to `PROVISIONED` , DynamoDB requires you to specify read and write capacity unit values for the table and for each global secondary index. These values will be applied to all replicas. The table will use these provisioned values until CloudFormation creates the autoscaling policies you configured in your template. CloudFormation cannot determine what capacity the table and its global secondary indexes will require in this time period, since they are application-dependent.\n\nIf you want to switch a table's billing mode from `PAY_PER_REQUEST` to `PROVISIONED` , you must specify a value for this property for each autoscaled resource. If you specify different values for the same resource in different regions, CloudFormation will use the highest value found in either the `SeedCapacity` or `ReadCapacityUnits` properties. For example, if your global secondary index `myGSI` has a `SeedCapacity` of 10 in us-east-1 and a fixed `ReadCapacityUnits` of 20 in eu-west-1, CloudFormation will initially set the read capacity for `myGSI` to 20. Note that if you disable `ScaleIn` for `myGSI` in us-east-1, its read capacity units might not be set back to 10.\n\nYou must also specify a value for `SeedCapacity` when you plan to switch a table's billing mode from `PROVISIONED` to `PAY_PER_REQUEST` , because CloudFormation might need to roll back the operation (reverting the billing mode to `PROVISIONED` ) and this cannot succeed without specifying a value for `SeedCapacity` .", + "title": "SeedCapacity", + "type": "number" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "TargetTrackingScalingPolicyConfiguration": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.TargetTrackingScalingPolicyConfiguration", + "markdownDescription": "Defines a target tracking scaling policy.", + "title": "TargetTrackingScalingPolicyConfiguration" } }, "required": [ - "Type", - "Properties" + "MaxCapacity", + "MinCapacity", + "TargetTrackingScalingPolicyConfiguration" ], "type": "object" }, - "AWS::EC2::VPCPeeringConnection": { + "AWS::DynamoDB::GlobalTable.ContributorInsightsSpecification": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Enabled": { + "markdownDescription": "Indicates whether CloudWatch Contributor Insights are to be enabled (true) or disabled (false).", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.GlobalSecondaryIndex": { + "additionalProperties": false, + "properties": { + "IndexName": { + "markdownDescription": "The name of the global secondary index. The name must be unique among all other indexes on this table.", + "title": "IndexName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "KeySchema": { + "items": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.KeySchema" + }, + "markdownDescription": "The complete key schema for a global secondary index, which consists of one or more pairs of attribute names and key types:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.", + "title": "KeySchema", + "type": "array" }, - "Metadata": { - "type": "object" + "Projection": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.Projection", + "markdownDescription": "Represents attributes that are copied (projected) from the table into the global secondary index. These are in addition to the primary key attributes and index key attributes, which are automatically projected.", + "title": "Projection" }, - "Properties": { - "additionalProperties": false, - "properties": { - "PeerOwnerId": { - "markdownDescription": "The AWS account ID of the owner of the accepter VPC.\n\nDefault: Your AWS account ID", - "title": "PeerOwnerId", - "type": "string" - }, - "PeerRegion": { - "markdownDescription": "The Region code for the accepter VPC, if the accepter VPC is located in a Region other than the Region in which you make the request.\n\nDefault: The Region in which you make the request.", - "title": "PeerRegion", - "type": "string" - }, - "PeerRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the VPC peer role for the peering connection in another AWS account.\n\nThis is required when you are peering a VPC in a different AWS account.", - "title": "PeerRoleArn", - "type": "string" - }, - "PeerVpcId": { - "markdownDescription": "The ID of the VPC with which you are creating the VPC peering connection. You must specify this parameter in the request.", - "title": "PeerVpcId", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Any tags assigned to the resource.", - "title": "Tags", - "type": "array" - }, - "VpcId": { - "markdownDescription": "The ID of the VPC.", - "title": "VpcId", - "type": "string" - } - }, - "required": [ - "PeerVpcId", - "VpcId" - ], - "type": "object" + "WarmThroughput": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.WarmThroughput", + "markdownDescription": "Represents the warm throughput value (in read units per second and write units per second) for the specified secondary index. If you use this parameter, you must specify `ReadUnitsPerSecond` , `WriteUnitsPerSecond` , or both.", + "title": "WarmThroughput" }, - "Type": { - "enum": [ - "AWS::EC2::VPCPeeringConnection" - ], - "type": "string" + "WriteOnDemandThroughputSettings": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.WriteOnDemandThroughputSettings", + "markdownDescription": "Sets the write request settings for a global table or a global secondary index. You can only specify this setting if your resource uses the `PAY_PER_REQUEST` `BillingMode` .", + "title": "WriteOnDemandThroughputSettings" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "WriteProvisionedThroughputSettings": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.WriteProvisionedThroughputSettings", + "markdownDescription": "Defines write capacity settings for the global secondary index. You must specify a value for this property if the table's `BillingMode` is `PROVISIONED` . All replicas will have the same write capacity settings for this global secondary index.", + "title": "WriteProvisionedThroughputSettings" } }, "required": [ - "Type", - "Properties" + "IndexName", + "KeySchema", + "Projection" ], "type": "object" }, - "AWS::EC2::VPNConnection": { + "AWS::DynamoDB::GlobalTable.GlobalTableWitness": { "additionalProperties": false, "properties": { - "Condition": { + "Region": { + "markdownDescription": "The name of the AWS Region that serves as a witness for the MRSC global table.", + "title": "Region", "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + } + }, + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.KeySchema": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "markdownDescription": "The name of a key attribute.", + "title": "AttributeName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "CustomerGatewayId": { - "markdownDescription": "The ID of the customer gateway at your end of the VPN connection.", - "title": "CustomerGatewayId", - "type": "string" - }, - "StaticRoutesOnly": { - "markdownDescription": "Indicates whether the VPN connection uses static routes only. Static routes must be used for devices that don't support BGP.\n\nIf you are creating a VPN connection for a device that does not support Border Gateway Protocol (BGP), you must specify `true` .", - "title": "StaticRoutesOnly", - "type": "boolean" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Any tags assigned to the VPN connection.", - "title": "Tags", - "type": "array" - }, - "TransitGatewayId": { - "markdownDescription": "The ID of the transit gateway associated with the VPN connection.\n\nYou must specify either `TransitGatewayId` or `VpnGatewayId` , but not both.", - "title": "TransitGatewayId", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of VPN connection.", - "title": "Type", - "type": "string" - }, - "VpnGatewayId": { - "markdownDescription": "The ID of the virtual private gateway at the AWS side of the VPN connection.\n\nYou must specify either `TransitGatewayId` or `VpnGatewayId` , but not both.", - "title": "VpnGatewayId", - "type": "string" - }, - "VpnTunnelOptionsSpecifications": { - "items": { - "$ref": "#/definitions/AWS::EC2::VPNConnection.VpnTunnelOptionsSpecification" - }, - "markdownDescription": "The tunnel options for the VPN connection.", - "title": "VpnTunnelOptionsSpecifications", - "type": "array" - } - }, - "required": [ - "CustomerGatewayId", - "Type" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::EC2::VPNConnection" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "KeyType": { + "markdownDescription": "The role that this key attribute will assume:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.", + "title": "KeyType", "type": "string" } }, "required": [ - "Type", - "Properties" + "AttributeName", + "KeyType" ], "type": "object" }, - "AWS::EC2::VPNConnection.VpnTunnelOptionsSpecification": { + "AWS::DynamoDB::GlobalTable.KinesisStreamSpecification": { "additionalProperties": false, "properties": { - "PreSharedKey": { - "markdownDescription": "The pre-shared key (PSK) to establish initial authentication between the virtual private gateway and customer gateway.\n\nConstraints: Allowed characters are alphanumeric characters, periods (.), and underscores (_). Must be between 8 and 64 characters in length and cannot start with zero (0).", - "title": "PreSharedKey", + "ApproximateCreationDateTimePrecision": { + "markdownDescription": "The precision for the time and date that the stream was created.", + "title": "ApproximateCreationDateTimePrecision", "type": "string" }, - "TunnelInsideCidr": { - "markdownDescription": "The range of inside IP addresses for the tunnel. Any specified CIDR blocks must be unique across all VPN connections that use the same virtual private gateway.\n\nConstraints: A size /30 CIDR block from the `169.254.0.0/16` range. The following CIDR blocks are reserved and cannot be used:\n\n- `169.254.0.0/30`\n- `169.254.1.0/30`\n- `169.254.2.0/30`\n- `169.254.3.0/30`\n- `169.254.4.0/30`\n- `169.254.5.0/30`\n- `169.254.169.252/30`", - "title": "TunnelInsideCidr", + "StreamArn": { + "markdownDescription": "The ARN for a specific Kinesis data stream.", + "title": "StreamArn", "type": "string" } }, + "required": [ + "StreamArn" + ], "type": "object" }, - "AWS::EC2::VPNConnectionRoute": { + "AWS::DynamoDB::GlobalTable.LocalSecondaryIndex": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "IndexName": { + "markdownDescription": "The name of the local secondary index. The name must be unique among all other indexes on this table.", + "title": "IndexName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DestinationCidrBlock": { - "markdownDescription": "The CIDR block associated with the local subnet of the customer network.", - "title": "DestinationCidrBlock", - "type": "string" - }, - "VpnConnectionId": { - "markdownDescription": "The ID of the VPN connection.", - "title": "VpnConnectionId", - "type": "string" - } + "KeySchema": { + "items": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.KeySchema" }, - "required": [ - "DestinationCidrBlock", - "VpnConnectionId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::EC2::VPNConnectionRoute" - ], - "type": "string" + "markdownDescription": "The complete key schema for the local secondary index, consisting of one or more pairs of attribute names and key types:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.", + "title": "KeySchema", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Projection": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.Projection", + "markdownDescription": "Represents attributes that are copied (projected) from the table into the local secondary index. These are in addition to the primary key attributes and index key attributes, which are automatically projected.", + "title": "Projection" } }, "required": [ - "Type", - "Properties" + "IndexName", + "KeySchema", + "Projection" ], "type": "object" }, - "AWS::EC2::VPNGateway": { + "AWS::DynamoDB::GlobalTable.PointInTimeRecoverySpecification": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "PointInTimeRecoveryEnabled": { + "markdownDescription": "Indicates whether point in time recovery is enabled (true) or disabled (false) on the table.", + "title": "PointInTimeRecoveryEnabled", + "type": "boolean" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AmazonSideAsn": { - "markdownDescription": "The private Autonomous System Number (ASN) for the Amazon side of a BGP session.", - "title": "AmazonSideAsn", - "type": "number" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Any tags assigned to the virtual private gateway.", - "title": "Tags", - "type": "array" - }, - "Type": { - "markdownDescription": "The type of VPN connection the virtual private gateway supports.", - "title": "Type", - "type": "string" - } + "RecoveryPeriodInDays": { + "markdownDescription": "The number of preceding days for which continuous backups are taken and maintained. Your table data is only recoverable to any point-in-time from within the configured recovery period. This parameter is optional. If no value is provided, the value will default to 35.", + "title": "RecoveryPeriodInDays", + "type": "number" + } + }, + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.Projection": { + "additionalProperties": false, + "properties": { + "NonKeyAttributes": { + "items": { + "type": "string" }, - "required": [ - "Type" - ], - "type": "object" + "markdownDescription": "Represents the non-key attribute names which will be projected into the index.\n\nFor global and local secondary indexes, the total count of `NonKeyAttributes` summed across all of the secondary indexes, must not exceed 100. If you project the same attribute into two different indexes, this counts as two distinct attributes when determining the total. This limit only applies when you specify the ProjectionType of `INCLUDE` . You still can specify the ProjectionType of `ALL` to project all attributes from the source table, even if the table has more than 100 attributes.", + "title": "NonKeyAttributes", + "type": "array" }, - "Type": { - "enum": [ - "AWS::EC2::VPNGateway" - ], + "ProjectionType": { + "markdownDescription": "The set of attributes that are projected into the index:\n\n- `KEYS_ONLY` - Only the index and primary keys are projected into the index.\n- `INCLUDE` - In addition to the attributes described in `KEYS_ONLY` , the secondary index will include other non-key attributes that you specify.\n- `ALL` - All of the table attributes are projected into the index.\n\nWhen using the DynamoDB console, `ALL` is selected by default.", + "title": "ProjectionType", "type": "string" + } + }, + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.ReadOnDemandThroughputSettings": { + "additionalProperties": false, + "properties": { + "MaxReadRequestUnits": { + "markdownDescription": "Maximum number of read request units for the specified replica of a global table.", + "title": "MaxReadRequestUnits", + "type": "number" + } + }, + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.ReadProvisionedThroughputSettings": { + "additionalProperties": false, + "properties": { + "ReadCapacityAutoScalingSettings": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.CapacityAutoScalingSettings", + "markdownDescription": "Specifies auto scaling settings for the replica table or global secondary index.", + "title": "ReadCapacityAutoScalingSettings" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "ReadCapacityUnits": { + "markdownDescription": "Specifies a fixed read capacity for the replica table or global secondary index.", + "title": "ReadCapacityUnits", + "type": "number" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::EC2::VPNGatewayRoutePropagation": { + "AWS::DynamoDB::GlobalTable.ReplicaGlobalSecondaryIndexSpecification": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "ContributorInsightsSpecification": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ContributorInsightsSpecification", + "markdownDescription": "Updates the status for contributor insights for a specific table or index. CloudWatch Contributor Insights for DynamoDB graphs display the partition key and (if applicable) sort key of frequently accessed items and frequently throttled items in plaintext. If you require the use of AWS Key Management Service (KMS) to encrypt this table\u2019s partition key and sort key data with an AWS managed key or customer managed key, you should not enable CloudWatch Contributor Insights for DynamoDB for this table.", + "title": "ContributorInsightsSpecification" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "IndexName": { + "markdownDescription": "The name of the global secondary index. The name must be unique among all other indexes on this table.", + "title": "IndexName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "RouteTableIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The ID of the route table. The routing table must be associated with the same VPC that the virtual private gateway is attached to.", - "title": "RouteTableIds", - "type": "array" - }, - "VpnGatewayId": { - "markdownDescription": "The ID of the virtual private gateway that is attached to a VPC. The virtual private gateway must be attached to the same VPC that the routing tables are associated with.", - "title": "VpnGatewayId", - "type": "string" - } - }, - "required": [ - "RouteTableIds", - "VpnGatewayId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::EC2::VPNGatewayRoutePropagation" - ], - "type": "string" + "ReadOnDemandThroughputSettings": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReadOnDemandThroughputSettings", + "markdownDescription": "Sets the read request settings for a replica global secondary index. You can only specify this setting if your resource uses the `PAY_PER_REQUEST` `BillingMode` .", + "title": "ReadOnDemandThroughputSettings" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "ReadProvisionedThroughputSettings": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReadProvisionedThroughputSettings", + "markdownDescription": "Allows you to specify the read capacity settings for a replica global secondary index when the `BillingMode` is set to `PROVISIONED` .", + "title": "ReadProvisionedThroughputSettings" } }, "required": [ - "Type", - "Properties" + "IndexName" ], "type": "object" }, - "AWS::EC2::VerifiedAccessEndpoint": { + "AWS::DynamoDB::GlobalTable.ReplicaSSESpecification": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ApplicationDomain": { - "markdownDescription": "The DNS name for users to reach your application.", - "title": "ApplicationDomain", - "type": "string" - }, - "AttachmentType": { - "markdownDescription": "The type of attachment used to provide connectivity between the AWS Verified Access endpoint and the application.", - "title": "AttachmentType", - "type": "string" - }, - "Description": { - "markdownDescription": "A description for the AWS Verified Access endpoint.", - "title": "Description", - "type": "string" - }, - "DomainCertificateArn": { - "markdownDescription": "The ARN of a public TLS/SSL certificate imported into or created with ACM.", - "title": "DomainCertificateArn", - "type": "string" - }, - "EndpointDomainPrefix": { - "markdownDescription": "A custom identifier that is prepended to the DNS name that is generated for the endpoint.", - "title": "EndpointDomainPrefix", - "type": "string" - }, - "EndpointType": { - "markdownDescription": "The type of AWS Verified Access endpoint. Incoming application requests will be sent to an IP address, load balancer or a network interface depending on the endpoint type specified.", - "title": "EndpointType", - "type": "string" - }, - "LoadBalancerOptions": { - "$ref": "#/definitions/AWS::EC2::VerifiedAccessEndpoint.LoadBalancerOptions", - "markdownDescription": "The load balancer details if creating the AWS Verified Access endpoint as `load-balancer` type.", - "title": "LoadBalancerOptions" - }, - "NetworkInterfaceOptions": { - "$ref": "#/definitions/AWS::EC2::VerifiedAccessEndpoint.NetworkInterfaceOptions", - "markdownDescription": "The options for network-interface type endpoint.", - "title": "NetworkInterfaceOptions" - }, - "PolicyDocument": { - "markdownDescription": "The Verified Access policy document.", - "title": "PolicyDocument", - "type": "string" - }, - "PolicyEnabled": { - "markdownDescription": "The status of the Verified Access policy.", - "title": "PolicyEnabled", - "type": "boolean" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the security groups for the endpoint.", - "title": "SecurityGroupIds", - "type": "array" - }, - "SseSpecification": { - "$ref": "#/definitions/AWS::EC2::VerifiedAccessEndpoint.SseSpecification", - "markdownDescription": "The options for additional server side encryption.", - "title": "SseSpecification" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags.", - "title": "Tags", - "type": "array" - }, - "VerifiedAccessGroupId": { - "markdownDescription": "The ID of the AWS Verified Access group.", - "title": "VerifiedAccessGroupId", - "type": "string" - } - }, - "required": [ - "ApplicationDomain", - "AttachmentType", - "DomainCertificateArn", - "EndpointDomainPrefix", - "EndpointType", - "VerifiedAccessGroupId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::EC2::VerifiedAccessEndpoint" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "KMSMasterKeyId": { + "markdownDescription": "The AWS KMS key that should be used for the AWS KMS encryption. To specify a key, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. Note that you should only provide this parameter if the key is different from the default DynamoDB key `alias/aws/dynamodb` .", + "title": "KMSMasterKeyId", "type": "string" } }, "required": [ - "Type", - "Properties" + "KMSMasterKeyId" ], "type": "object" }, - "AWS::EC2::VerifiedAccessEndpoint.LoadBalancerOptions": { + "AWS::DynamoDB::GlobalTable.ReplicaSpecification": { "additionalProperties": false, "properties": { - "LoadBalancerArn": { - "markdownDescription": "The ARN of the load balancer.", - "title": "LoadBalancerArn", + "ContributorInsightsSpecification": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ContributorInsightsSpecification", + "markdownDescription": "The settings used to enable or disable CloudWatch Contributor Insights for the specified replica. When not specified, defaults to contributor insights disabled for the replica.", + "title": "ContributorInsightsSpecification" + }, + "DeletionProtectionEnabled": { + "markdownDescription": "Determines if a replica is protected from deletion. When enabled, the table cannot be deleted by any user or process. This setting is disabled by default. For more information, see [Using deletion protection](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/WorkingWithTables.Basics.html#WorkingWithTables.Basics.DeletionProtection) in the *Amazon DynamoDB Developer Guide* .", + "title": "DeletionProtectionEnabled", + "type": "boolean" + }, + "GlobalSecondaryIndexes": { + "items": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReplicaGlobalSecondaryIndexSpecification" + }, + "markdownDescription": "Defines additional settings for the global secondary indexes of this replica.", + "title": "GlobalSecondaryIndexes", + "type": "array" + }, + "KinesisStreamSpecification": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.KinesisStreamSpecification", + "markdownDescription": "Defines the Kinesis Data Streams configuration for the specified replica.", + "title": "KinesisStreamSpecification" + }, + "PointInTimeRecoverySpecification": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.PointInTimeRecoverySpecification", + "markdownDescription": "The settings used to enable point in time recovery. When not specified, defaults to point in time recovery disabled for the replica.", + "title": "PointInTimeRecoverySpecification" + }, + "ReadOnDemandThroughputSettings": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReadOnDemandThroughputSettings", + "markdownDescription": "Sets read request settings for the replica table.", + "title": "ReadOnDemandThroughputSettings" + }, + "ReadProvisionedThroughputSettings": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReadProvisionedThroughputSettings", + "markdownDescription": "Defines read capacity settings for the replica table.", + "title": "ReadProvisionedThroughputSettings" + }, + "Region": { + "markdownDescription": "The region in which this replica exists.", + "title": "Region", "type": "string" }, - "Port": { - "markdownDescription": "The IP port number.", - "title": "Port", - "type": "number" + "ReplicaStreamSpecification": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReplicaStreamSpecification", + "markdownDescription": "Represents the DynamoDB Streams configuration for a global table replica.", + "title": "ReplicaStreamSpecification" }, - "Protocol": { - "markdownDescription": "The IP protocol.", - "title": "Protocol", + "ResourcePolicy": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ResourcePolicy", + "markdownDescription": "A resource-based policy document that contains permissions to add to the specified replica of a DynamoDB global table. Resource-based policies let you define access permissions by specifying who has access to each resource, and the actions they are allowed to perform on each resource.\n\nIn a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) .", + "title": "ResourcePolicy" + }, + "SSESpecification": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReplicaSSESpecification", + "markdownDescription": "Allows you to specify a customer-managed key for the replica. When using customer-managed keys for server-side encryption, this property must have a value in all replicas.", + "title": "SSESpecification" + }, + "TableClass": { + "markdownDescription": "The table class of the specified table. Valid values are `STANDARD` and `STANDARD_INFREQUENT_ACCESS` .", + "title": "TableClass", "type": "string" }, - "SubnetIds": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The IDs of the subnets. You can specify only one subnet per Availability Zone.", - "title": "SubnetIds", + "markdownDescription": "An array of key-value pairs to apply to this replica.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", "type": "array" } }, + "required": [ + "Region" + ], "type": "object" }, - "AWS::EC2::VerifiedAccessEndpoint.NetworkInterfaceOptions": { + "AWS::DynamoDB::GlobalTable.ReplicaStreamSpecification": { "additionalProperties": false, "properties": { - "NetworkInterfaceId": { - "markdownDescription": "The ID of the network interface.", - "title": "NetworkInterfaceId", - "type": "string" - }, - "Port": { - "markdownDescription": "The IP port number.", - "title": "Port", - "type": "number" - }, - "Protocol": { - "markdownDescription": "The IP protocol.", - "title": "Protocol", - "type": "string" + "ResourcePolicy": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ResourcePolicy", + "markdownDescription": "A resource-based policy document that contains the permissions for the specified stream of a DynamoDB global table replica. Resource-based policies let you define access permissions by specifying who has access to each resource, and the actions they are allowed to perform on each resource.\n\nIn a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) .\n\nYou can update the `ResourcePolicy` property if you've specified more than one table using the [AWS ::DynamoDB::GlobalTable](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-globaltable.html) resource.", + "title": "ResourcePolicy" } }, + "required": [ + "ResourcePolicy" + ], "type": "object" }, - "AWS::EC2::VerifiedAccessEndpoint.SseSpecification": { + "AWS::DynamoDB::GlobalTable.ResourcePolicy": { "additionalProperties": false, "properties": { - "CustomerManagedKeyEnabled": { - "markdownDescription": "Enable or disable the use of customer managed KMS keys for server side encryption.\n\nValid values: `True` | `False`", - "title": "CustomerManagedKeyEnabled", + "PolicyDocument": { + "markdownDescription": "A resource-based policy document that contains permissions to add to the specified DynamoDB table, its indexes, and stream. In a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) .", + "title": "PolicyDocument", + "type": "object" + } + }, + "required": [ + "PolicyDocument" + ], + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.SSESpecification": { + "additionalProperties": false, + "properties": { + "SSEEnabled": { + "markdownDescription": "Indicates whether server-side encryption is performed using an AWS managed key or an AWS owned key. If enabled (true), server-side encryption type is set to KMS and an AWS managed key is used ( AWS KMS charges apply). If disabled (false) or not specified,server-side encryption is set to an AWS owned key. If you choose to use KMS encryption, you can also use customer managed KMS keys by specifying them in the `ReplicaSpecification.SSESpecification` object. You cannot mix AWS managed and customer managed KMS keys.", + "title": "SSEEnabled", "type": "boolean" }, - "KmsKeyArn": { - "markdownDescription": "The ARN of the KMS key.", - "title": "KmsKeyArn", + "SSEType": { + "markdownDescription": "Server-side encryption type. The only supported value is:\n\n- `KMS` - Server-side encryption that uses AWS Key Management Service . The key is stored in your account and is managed by AWS KMS ( AWS KMS charges apply).", + "title": "SSEType", "type": "string" } }, + "required": [ + "SSEEnabled" + ], "type": "object" }, - "AWS::EC2::VerifiedAccessGroup": { + "AWS::DynamoDB::GlobalTable.StreamSpecification": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "StreamViewType": { + "markdownDescription": "When an item in the table is modified, `StreamViewType` determines what information is written to the stream for this table. Valid values for `StreamViewType` are:\n\n- `KEYS_ONLY` - Only the key attributes of the modified item are written to the stream.\n- `NEW_IMAGE` - The entire item, as it appears after it was modified, is written to the stream.\n- `OLD_IMAGE` - The entire item, as it appeared before it was modified, is written to the stream.\n- `NEW_AND_OLD_IMAGES` - Both the new and the old item images of the item are written to the stream.", + "title": "StreamViewType", "type": "string" + } + }, + "required": [ + "StreamViewType" + ], + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.TargetTrackingScalingPolicyConfiguration": { + "additionalProperties": false, + "properties": { + "DisableScaleIn": { + "markdownDescription": "Indicates whether scale in by the target tracking scaling policy is disabled. The default value is `false` .", + "title": "DisableScaleIn", + "type": "boolean" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "ScaleInCooldown": { + "markdownDescription": "The amount of time, in seconds, after a scale-in activity completes before another scale-in activity can start.", + "title": "ScaleInCooldown", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description for the AWS Verified Access group.", - "title": "Description", - "type": "string" - }, - "PolicyDocument": { - "markdownDescription": "The Verified Access policy document.", - "title": "PolicyDocument", - "type": "string" - }, - "PolicyEnabled": { - "markdownDescription": "The status of the Verified Access policy.", - "title": "PolicyEnabled", - "type": "boolean" - }, - "SseSpecification": { - "$ref": "#/definitions/AWS::EC2::VerifiedAccessGroup.SseSpecification", - "markdownDescription": "The options for additional server side encryption.", - "title": "SseSpecification" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags.", - "title": "Tags", - "type": "array" - }, - "VerifiedAccessInstanceId": { - "markdownDescription": "The ID of the AWS Verified Access instance.", - "title": "VerifiedAccessInstanceId", - "type": "string" - } - }, - "required": [ - "VerifiedAccessInstanceId" - ], - "type": "object" + "ScaleOutCooldown": { + "markdownDescription": "The amount of time, in seconds, after a scale-out activity completes before another scale-out activity can start.", + "title": "ScaleOutCooldown", + "type": "number" }, - "Type": { - "enum": [ - "AWS::EC2::VerifiedAccessGroup" - ], + "TargetValue": { + "markdownDescription": "Defines a target value for the scaling policy.", + "title": "TargetValue", + "type": "number" + } + }, + "required": [ + "TargetValue" + ], + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.TimeToLiveSpecification": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "markdownDescription": "The name of the attribute used to store the expiration time for items in the table.\n\nCurrently, you cannot directly change the attribute name used to evaluate time to live. In order to do so, you must first disable time to live, and then re-enable it with the new attribute name. It can take up to one hour for changes to time to live to take effect. If you attempt to modify time to live within that time window, your stack operation might be delayed.", + "title": "AttributeName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Enabled": { + "markdownDescription": "Indicates whether TTL is to be enabled (true) or disabled (false) on the table.", + "title": "Enabled", + "type": "boolean" } }, "required": [ - "Type", - "Properties" + "Enabled" ], "type": "object" }, - "AWS::EC2::VerifiedAccessGroup.SseSpecification": { + "AWS::DynamoDB::GlobalTable.WarmThroughput": { "additionalProperties": false, "properties": { - "CustomerManagedKeyEnabled": { - "markdownDescription": "Enable or disable the use of customer managed KMS keys for server side encryption.\n\nValid values: `True` | `False`", - "title": "CustomerManagedKeyEnabled", - "type": "boolean" + "ReadUnitsPerSecond": { + "markdownDescription": "Represents the number of read operations your base table can instantaneously support.", + "title": "ReadUnitsPerSecond", + "type": "number" }, - "KmsKeyArn": { - "markdownDescription": "The ARN of the KMS key.", - "title": "KmsKeyArn", - "type": "string" + "WriteUnitsPerSecond": { + "markdownDescription": "Represents the number of write operations your base table can instantaneously support.", + "title": "WriteUnitsPerSecond", + "type": "number" } }, "type": "object" }, - "AWS::EC2::VerifiedAccessInstance": { + "AWS::DynamoDB::GlobalTable.WriteOnDemandThroughputSettings": { + "additionalProperties": false, + "properties": { + "MaxWriteRequestUnits": { + "markdownDescription": "Maximum number of write request settings for the specified replica of a global table.", + "title": "MaxWriteRequestUnits", + "type": "number" + } + }, + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.WriteProvisionedThroughputSettings": { + "additionalProperties": false, + "properties": { + "WriteCapacityAutoScalingSettings": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.CapacityAutoScalingSettings", + "markdownDescription": "Specifies auto scaling settings for the replica table or global secondary index.", + "title": "WriteCapacityAutoScalingSettings" + } + }, + "type": "object" + }, + "AWS::DynamoDB::Table": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, + "Connectors": { + "additionalProperties": { + "$ref": "#/definitions/EmbeddedConnector" + }, + "title": "Connectors", + "type": "object" + }, "DeletionPolicy": { "enum": [ "Delete", @@ -81631,51 +87269,130 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description for the AWS Verified Access instance.", - "title": "Description", + "AttributeDefinitions": { + "items": { + "$ref": "#/definitions/AWS::DynamoDB::Table.AttributeDefinition" + }, + "markdownDescription": "A list of attributes that describe the key schema for the table and indexes.\n\nThis property is required to create a DynamoDB table.\n\nUpdate requires: [Some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt) . Replacement if you edit an existing AttributeDefinition.", + "title": "AttributeDefinitions", + "type": "array" + }, + "BillingMode": { + "markdownDescription": "Specify how you are charged for read and write throughput and how you manage capacity.\n\nValid values include:\n\n- `PAY_PER_REQUEST` - We recommend using `PAY_PER_REQUEST` for most DynamoDB workloads. `PAY_PER_REQUEST` sets the billing mode to [On-demand capacity mode](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/on-demand-capacity-mode.html) .\n- `PROVISIONED` - We recommend using `PROVISIONED` for steady workloads with predictable growth where capacity requirements can be reliably forecasted. `PROVISIONED` sets the billing mode to [Provisioned capacity mode](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/provisioned-capacity-mode.html) .\n\nIf not specified, the default is `PROVISIONED` .", + "title": "BillingMode", "type": "string" }, - "FipsEnabled": { - "markdownDescription": "Indicates whether support for Federal Information Processing Standards (FIPS) is enabled on the instance.", - "title": "FipsEnabled", + "ContributorInsightsSpecification": { + "$ref": "#/definitions/AWS::DynamoDB::Table.ContributorInsightsSpecification", + "markdownDescription": "The settings used to enable or disable CloudWatch Contributor Insights for the specified table.", + "title": "ContributorInsightsSpecification" + }, + "DeletionProtectionEnabled": { + "markdownDescription": "Determines if a table is protected from deletion. When enabled, the table cannot be deleted by any user or process. This setting is disabled by default. For more information, see [Using deletion protection](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/WorkingWithTables.Basics.html#WorkingWithTables.Basics.DeletionProtection) in the *Amazon DynamoDB Developer Guide* .", + "title": "DeletionProtectionEnabled", "type": "boolean" }, - "LoggingConfigurations": { - "$ref": "#/definitions/AWS::EC2::VerifiedAccessInstance.VerifiedAccessLogs", - "markdownDescription": "The logging configuration for the Verified Access instances.", - "title": "LoggingConfigurations" + "GlobalSecondaryIndexes": { + "items": { + "$ref": "#/definitions/AWS::DynamoDB::Table.GlobalSecondaryIndex" + }, + "markdownDescription": "Global secondary indexes to be created on the table. You can create up to 20 global secondary indexes.\n\n> If you update a table to include a new global secondary index, AWS CloudFormation initiates the index creation and then proceeds with the stack update. AWS CloudFormation doesn't wait for the index to complete creation because the backfilling phase can take a long time, depending on the size of the table. You can't use the index or update the table until the index's status is `ACTIVE` . You can track its status by using the DynamoDB [DescribeTable](https://docs.aws.amazon.com/cli/latest/reference/dynamodb/describe-table.html) command.\n> \n> If you add or delete an index during an update, we recommend that you don't update any other resources. If your stack fails to update and is rolled back while adding a new index, you must manually delete the index.\n> \n> Updates are not supported. The following are exceptions:\n> \n> - If you update either the contributor insights specification or the provisioned throughput values of global secondary indexes, you can update the table without interruption.\n> - You can delete or add one global secondary index without interruption. If you do both in the same update (for example, by changing the index's logical ID), the update fails.", + "title": "GlobalSecondaryIndexes", + "type": "array" }, - "Tags": { + "ImportSourceSpecification": { + "$ref": "#/definitions/AWS::DynamoDB::Table.ImportSourceSpecification", + "markdownDescription": "Specifies the properties of data being imported from the S3 bucket source to the\" table.\n\n> If you specify the `ImportSourceSpecification` property, and also specify either the `StreamSpecification` , the `TableClass` property, the `DeletionProtectionEnabled` property, or the `WarmThroughput` property, the IAM entity creating/updating stack must have `UpdateTable` permission.", + "title": "ImportSourceSpecification" + }, + "KeySchema": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::DynamoDB::Table.KeySchema" }, - "markdownDescription": "The tags.", - "title": "Tags", + "markdownDescription": "Specifies the attributes that make up the primary key for the table. The attributes in the `KeySchema` property must also be defined in the `AttributeDefinitions` property.", + "title": "KeySchema", "type": "array" }, - "VerifiedAccessTrustProviderIds": { + "KinesisStreamSpecification": { + "$ref": "#/definitions/AWS::DynamoDB::Table.KinesisStreamSpecification", + "markdownDescription": "The Kinesis Data Streams configuration for the specified table.", + "title": "KinesisStreamSpecification" + }, + "LocalSecondaryIndexes": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::DynamoDB::Table.LocalSecondaryIndex" }, - "markdownDescription": "The IDs of the AWS Verified Access trust providers.", - "title": "VerifiedAccessTrustProviderIds", + "markdownDescription": "Local secondary indexes to be created on the table. You can create up to 5 local secondary indexes. Each index is scoped to a given hash key value. The size of each hash key can be up to 10 gigabytes.", + "title": "LocalSecondaryIndexes", "type": "array" }, - "VerifiedAccessTrustProviders": { + "OnDemandThroughput": { + "$ref": "#/definitions/AWS::DynamoDB::Table.OnDemandThroughput", + "markdownDescription": "Sets the maximum number of read and write units for the specified on-demand table. If you use this property, you must specify `MaxReadRequestUnits` , `MaxWriteRequestUnits` , or both.", + "title": "OnDemandThroughput" + }, + "PointInTimeRecoverySpecification": { + "$ref": "#/definitions/AWS::DynamoDB::Table.PointInTimeRecoverySpecification", + "markdownDescription": "The settings used to enable point in time recovery.", + "title": "PointInTimeRecoverySpecification" + }, + "ProvisionedThroughput": { + "$ref": "#/definitions/AWS::DynamoDB::Table.ProvisionedThroughput", + "markdownDescription": "Throughput for the specified table, which consists of values for `ReadCapacityUnits` and `WriteCapacityUnits` . For more information about the contents of a provisioned throughput structure, see [Amazon DynamoDB Table ProvisionedThroughput](https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_ProvisionedThroughput.html) .\n\nIf you set `BillingMode` as `PROVISIONED` , you must specify this property. If you set `BillingMode` as `PAY_PER_REQUEST` , you cannot specify this property.", + "title": "ProvisionedThroughput" + }, + "ResourcePolicy": { + "$ref": "#/definitions/AWS::DynamoDB::Table.ResourcePolicy", + "markdownDescription": "An AWS resource-based policy document in JSON format that will be attached to the table.\n\nWhen you attach a resource-based policy while creating a table, the policy application is *strongly consistent* .\n\nThe maximum size supported for a resource-based policy document is 20 KB. DynamoDB counts whitespaces when calculating the size of a policy against this limit. For a full list of all considerations that apply for resource-based policies, see [Resource-based policy considerations](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-considerations.html) .\n\n> You need to specify the `CreateTable` and `PutResourcePolicy` IAM actions for authorizing a user to create a table with a resource-based policy.", + "title": "ResourcePolicy" + }, + "SSESpecification": { + "$ref": "#/definitions/AWS::DynamoDB::Table.SSESpecification", + "markdownDescription": "Specifies the settings to enable server-side encryption.", + "title": "SSESpecification" + }, + "StreamSpecification": { + "$ref": "#/definitions/AWS::DynamoDB::Table.StreamSpecification", + "markdownDescription": "The settings for the DynamoDB table stream, which capture changes to items stored in the table.", + "title": "StreamSpecification" + }, + "TableClass": { + "markdownDescription": "The table class of the new table. Valid values are `STANDARD` and `STANDARD_INFREQUENT_ACCESS` .", + "title": "TableClass", + "type": "string" + }, + "TableName": { + "markdownDescription": "A name for the table. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the table name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "TableName", + "type": "string" + }, + "Tags": { "items": { - "$ref": "#/definitions/AWS::EC2::VerifiedAccessInstance.VerifiedAccessTrustProvider" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The IDs of the AWS Verified Access trust providers.", - "title": "VerifiedAccessTrustProviders", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", "type": "array" + }, + "TimeToLiveSpecification": { + "$ref": "#/definitions/AWS::DynamoDB::Table.TimeToLiveSpecification", + "markdownDescription": "Specifies the Time to Live (TTL) settings for the table.\n\n> For detailed information about the limits in DynamoDB, see [Limits in Amazon DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Limits.html) in the Amazon DynamoDB Developer Guide.", + "title": "TimeToLiveSpecification" + }, + "WarmThroughput": { + "$ref": "#/definitions/AWS::DynamoDB::Table.WarmThroughput", + "markdownDescription": "Represents the warm throughput (in read units per second and write units per second) for creating a table.", + "title": "WarmThroughput" } }, + "required": [ + "KeySchema" + ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::VerifiedAccessInstance" + "AWS::DynamoDB::Table" ], "type": "string" }, @@ -81689,315 +87406,410 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::EC2::VerifiedAccessInstance.CloudWatchLogs": { + "AWS::DynamoDB::Table.AttributeDefinition": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Indicates whether logging is enabled.", - "title": "Enabled", - "type": "boolean" + "AttributeName": { + "markdownDescription": "A name for the attribute.", + "title": "AttributeName", + "type": "string" }, - "LogGroup": { - "markdownDescription": "The ID of the CloudWatch Logs log group.", - "title": "LogGroup", + "AttributeType": { + "markdownDescription": "The data type for the attribute, where:\n\n- `S` - the attribute is of type String\n- `N` - the attribute is of type Number\n- `B` - the attribute is of type Binary", + "title": "AttributeType", "type": "string" } }, + "required": [ + "AttributeName", + "AttributeType" + ], "type": "object" }, - "AWS::EC2::VerifiedAccessInstance.KinesisDataFirehose": { + "AWS::DynamoDB::Table.ContributorInsightsSpecification": { "additionalProperties": false, "properties": { - "DeliveryStream": { - "markdownDescription": "The ID of the delivery stream.", - "title": "DeliveryStream", - "type": "string" - }, "Enabled": { - "markdownDescription": "Indicates whether logging is enabled.", + "markdownDescription": "Indicates whether CloudWatch Contributor Insights are to be enabled (true) or disabled (false).", "title": "Enabled", "type": "boolean" } }, + "required": [ + "Enabled" + ], "type": "object" }, - "AWS::EC2::VerifiedAccessInstance.S3": { + "AWS::DynamoDB::Table.Csv": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "The bucket name.", - "title": "BucketName", - "type": "string" - }, - "BucketOwner": { - "markdownDescription": "The AWS account number that owns the bucket.", - "title": "BucketOwner", + "Delimiter": { + "markdownDescription": "The delimiter used for separating items in the CSV file being imported.", + "title": "Delimiter", "type": "string" }, - "Enabled": { - "markdownDescription": "Indicates whether logging is enabled.", - "title": "Enabled", - "type": "boolean" - }, - "Prefix": { - "markdownDescription": "The bucket prefix.", - "title": "Prefix", - "type": "string" + "HeaderList": { + "items": { + "type": "string" + }, + "markdownDescription": "List of the headers used to specify a common header for all source CSV files being imported. If this field is specified then the first line of each CSV file is treated as data instead of the header. If this field is not specified the the first line of each CSV file is treated as the header.", + "title": "HeaderList", + "type": "array" } }, "type": "object" }, - "AWS::EC2::VerifiedAccessInstance.VerifiedAccessLogs": { + "AWS::DynamoDB::Table.GlobalSecondaryIndex": { "additionalProperties": false, "properties": { - "CloudWatchLogs": { - "$ref": "#/definitions/AWS::EC2::VerifiedAccessInstance.CloudWatchLogs", - "markdownDescription": "CloudWatch Logs logging destination.", - "title": "CloudWatchLogs" + "ContributorInsightsSpecification": { + "$ref": "#/definitions/AWS::DynamoDB::Table.ContributorInsightsSpecification", + "markdownDescription": "The settings used to enable or disable CloudWatch Contributor Insights for the specified global secondary index.", + "title": "ContributorInsightsSpecification" }, - "IncludeTrustContext": { - "markdownDescription": "Indicates whether to include trust data sent by trust providers in the logs.", - "title": "IncludeTrustContext", - "type": "boolean" + "IndexName": { + "markdownDescription": "The name of the global secondary index. The name must be unique among all other indexes on this table.", + "title": "IndexName", + "type": "string" }, - "KinesisDataFirehose": { - "$ref": "#/definitions/AWS::EC2::VerifiedAccessInstance.KinesisDataFirehose", - "markdownDescription": "Kinesis logging destination.", - "title": "KinesisDataFirehose" + "KeySchema": { + "items": { + "$ref": "#/definitions/AWS::DynamoDB::Table.KeySchema" + }, + "markdownDescription": "The complete key schema for a global secondary index, which consists of one or more pairs of attribute names and key types:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.", + "title": "KeySchema", + "type": "array" }, - "LogVersion": { - "markdownDescription": "The logging version.\n\nValid values: `ocsf-0.1` | `ocsf-1.0.0-rc.2`", - "title": "LogVersion", - "type": "string" + "OnDemandThroughput": { + "$ref": "#/definitions/AWS::DynamoDB::Table.OnDemandThroughput", + "markdownDescription": "The maximum number of read and write units for the specified global secondary index. If you use this parameter, you must specify `MaxReadRequestUnits` , `MaxWriteRequestUnits` , or both. You must use either `OnDemandThroughput` or `ProvisionedThroughput` based on your table's capacity mode.", + "title": "OnDemandThroughput" }, - "S3": { - "$ref": "#/definitions/AWS::EC2::VerifiedAccessInstance.S3", - "markdownDescription": "Amazon S3 logging options.", - "title": "S3" - } - }, - "type": "object" - }, - "AWS::EC2::VerifiedAccessInstance.VerifiedAccessTrustProvider": { - "additionalProperties": false, + "Projection": { + "$ref": "#/definitions/AWS::DynamoDB::Table.Projection", + "markdownDescription": "Represents attributes that are copied (projected) from the table into the global secondary index. These are in addition to the primary key attributes and index key attributes, which are automatically projected.", + "title": "Projection" + }, + "ProvisionedThroughput": { + "$ref": "#/definitions/AWS::DynamoDB::Table.ProvisionedThroughput", + "markdownDescription": "Represents the provisioned throughput settings for the specified global secondary index. You must use either `OnDemandThroughput` or `ProvisionedThroughput` based on your table's capacity mode.\n\nFor current minimum and maximum provisioned throughput values, see [Service, Account, and Table Quotas](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Limits.html) in the *Amazon DynamoDB Developer Guide* .", + "title": "ProvisionedThroughput" + }, + "WarmThroughput": { + "$ref": "#/definitions/AWS::DynamoDB::Table.WarmThroughput", + "markdownDescription": "Represents the warm throughput value (in read units per second and write units per second) for the specified secondary index. If you use this parameter, you must specify `ReadUnitsPerSecond` , `WriteUnitsPerSecond` , or both.", + "title": "WarmThroughput" + } + }, + "required": [ + "IndexName", + "KeySchema", + "Projection" + ], + "type": "object" + }, + "AWS::DynamoDB::Table.ImportSourceSpecification": { + "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description for the AWS Verified Access trust provider.", - "title": "Description", + "InputCompressionType": { + "markdownDescription": "Type of compression to be used on the input coming from the imported table.", + "title": "InputCompressionType", "type": "string" }, - "DeviceTrustProviderType": { - "markdownDescription": "The type of device-based trust provider.", - "title": "DeviceTrustProviderType", + "InputFormat": { + "markdownDescription": "The format of the source data. Valid values for `ImportFormat` are `CSV` , `DYNAMODB_JSON` or `ION` .", + "title": "InputFormat", "type": "string" }, - "TrustProviderType": { - "markdownDescription": "The type of Verified Access trust provider.", - "title": "TrustProviderType", - "type": "string" + "InputFormatOptions": { + "$ref": "#/definitions/AWS::DynamoDB::Table.InputFormatOptions", + "markdownDescription": "Additional properties that specify how the input is formatted,", + "title": "InputFormatOptions" }, - "UserTrustProviderType": { - "markdownDescription": "The type of user-based trust provider.", - "title": "UserTrustProviderType", + "S3BucketSource": { + "$ref": "#/definitions/AWS::DynamoDB::Table.S3BucketSource", + "markdownDescription": "The S3 bucket that provides the source for the import.", + "title": "S3BucketSource" + } + }, + "required": [ + "InputFormat", + "S3BucketSource" + ], + "type": "object" + }, + "AWS::DynamoDB::Table.InputFormatOptions": { + "additionalProperties": false, + "properties": { + "Csv": { + "$ref": "#/definitions/AWS::DynamoDB::Table.Csv", + "markdownDescription": "The options for imported source files in CSV format. The values are Delimiter and HeaderList.", + "title": "Csv" + } + }, + "type": "object" + }, + "AWS::DynamoDB::Table.KeySchema": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "markdownDescription": "The name of a key attribute.", + "title": "AttributeName", "type": "string" }, - "VerifiedAccessTrustProviderId": { - "markdownDescription": "The ID of the AWS Verified Access trust provider.", - "title": "VerifiedAccessTrustProviderId", + "KeyType": { + "markdownDescription": "The role that this key attribute will assume:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.", + "title": "KeyType", "type": "string" } }, + "required": [ + "AttributeName", + "KeyType" + ], "type": "object" }, - "AWS::EC2::VerifiedAccessTrustProvider": { + "AWS::DynamoDB::Table.KinesisStreamSpecification": { "additionalProperties": false, "properties": { - "Condition": { + "ApproximateCreationDateTimePrecision": { + "markdownDescription": "The precision for the time and date that the stream was created.", + "title": "ApproximateCreationDateTimePrecision", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "StreamArn": { + "markdownDescription": "The ARN for a specific Kinesis data stream.\n\nLength Constraints: Minimum length of 37. Maximum length of 1024.", + "title": "StreamArn", + "type": "string" + } + }, + "required": [ + "StreamArn" + ], + "type": "object" + }, + "AWS::DynamoDB::Table.LocalSecondaryIndex": { + "additionalProperties": false, + "properties": { + "IndexName": { + "markdownDescription": "The name of the local secondary index. The name must be unique among all other indexes on this table.", + "title": "IndexName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "KeySchema": { + "items": { + "$ref": "#/definitions/AWS::DynamoDB::Table.KeySchema" + }, + "markdownDescription": "The complete key schema for the local secondary index, consisting of one or more pairs of attribute names and key types:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.", + "title": "KeySchema", + "type": "array" }, - "Metadata": { - "type": "object" + "Projection": { + "$ref": "#/definitions/AWS::DynamoDB::Table.Projection", + "markdownDescription": "Represents attributes that are copied (projected) from the table into the local secondary index. These are in addition to the primary key attributes and index key attributes, which are automatically projected.", + "title": "Projection" + } + }, + "required": [ + "IndexName", + "KeySchema", + "Projection" + ], + "type": "object" + }, + "AWS::DynamoDB::Table.OnDemandThroughput": { + "additionalProperties": false, + "properties": { + "MaxReadRequestUnits": { + "markdownDescription": "Maximum number of read request units for the specified table.\n\nTo specify a maximum `OnDemandThroughput` on your table, set the value of `MaxReadRequestUnits` as greater than or equal to 1. To remove the maximum `OnDemandThroughput` that is currently set on your table, set the value of `MaxReadRequestUnits` to -1.", + "title": "MaxReadRequestUnits", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description for the AWS Verified Access trust provider.", - "title": "Description", - "type": "string" - }, - "DeviceOptions": { - "$ref": "#/definitions/AWS::EC2::VerifiedAccessTrustProvider.DeviceOptions", - "markdownDescription": "The options for device-identity trust provider.", - "title": "DeviceOptions" - }, - "DeviceTrustProviderType": { - "markdownDescription": "The type of device-based trust provider.", - "title": "DeviceTrustProviderType", - "type": "string" - }, - "OidcOptions": { - "$ref": "#/definitions/AWS::EC2::VerifiedAccessTrustProvider.OidcOptions", - "markdownDescription": "The options for an OpenID Connect-compatible user-identity trust provider.", - "title": "OidcOptions" - }, - "PolicyReferenceName": { - "markdownDescription": "The identifier to be used when working with policy rules.", - "title": "PolicyReferenceName", - "type": "string" - }, - "SseSpecification": { - "$ref": "#/definitions/AWS::EC2::VerifiedAccessTrustProvider.SseSpecification", - "markdownDescription": "The options for additional server side encryption.", - "title": "SseSpecification" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags.", - "title": "Tags", - "type": "array" - }, - "TrustProviderType": { - "markdownDescription": "The type of Verified Access trust provider.", - "title": "TrustProviderType", - "type": "string" - }, - "UserTrustProviderType": { - "markdownDescription": "The type of user-based trust provider.", - "title": "UserTrustProviderType", - "type": "string" - } + "MaxWriteRequestUnits": { + "markdownDescription": "Maximum number of write request units for the specified table.\n\nTo specify a maximum `OnDemandThroughput` on your table, set the value of `MaxWriteRequestUnits` as greater than or equal to 1. To remove the maximum `OnDemandThroughput` that is currently set on your table, set the value of `MaxWriteRequestUnits` to -1.", + "title": "MaxWriteRequestUnits", + "type": "number" + } + }, + "type": "object" + }, + "AWS::DynamoDB::Table.PointInTimeRecoverySpecification": { + "additionalProperties": false, + "properties": { + "PointInTimeRecoveryEnabled": { + "markdownDescription": "Indicates whether point in time recovery is enabled (true) or disabled (false) on the table.", + "title": "PointInTimeRecoveryEnabled", + "type": "boolean" + }, + "RecoveryPeriodInDays": { + "markdownDescription": "The number of preceding days for which continuous backups are taken and maintained. Your table data is only recoverable to any point-in-time from within the configured recovery period. This parameter is optional. If no value is provided, the value will default to 35.", + "title": "RecoveryPeriodInDays", + "type": "number" + } + }, + "type": "object" + }, + "AWS::DynamoDB::Table.Projection": { + "additionalProperties": false, + "properties": { + "NonKeyAttributes": { + "items": { + "type": "string" }, - "required": [ - "PolicyReferenceName", - "TrustProviderType" - ], - "type": "object" + "markdownDescription": "Represents the non-key attribute names which will be projected into the index.\n\nFor global and local secondary indexes, the total count of `NonKeyAttributes` summed across all of the secondary indexes, must not exceed 100. If you project the same attribute into two different indexes, this counts as two distinct attributes when determining the total. This limit only applies when you specify the ProjectionType of `INCLUDE` . You still can specify the ProjectionType of `ALL` to project all attributes from the source table, even if the table has more than 100 attributes.", + "title": "NonKeyAttributes", + "type": "array" }, - "Type": { - "enum": [ - "AWS::EC2::VerifiedAccessTrustProvider" - ], + "ProjectionType": { + "markdownDescription": "The set of attributes that are projected into the index:\n\n- `KEYS_ONLY` - Only the index and primary keys are projected into the index.\n- `INCLUDE` - In addition to the attributes described in `KEYS_ONLY` , the secondary index will include other non-key attributes that you specify.\n- `ALL` - All of the table attributes are projected into the index.\n\nWhen using the DynamoDB console, `ALL` is selected by default.", + "title": "ProjectionType", "type": "string" + } + }, + "type": "object" + }, + "AWS::DynamoDB::Table.ProvisionedThroughput": { + "additionalProperties": false, + "properties": { + "ReadCapacityUnits": { + "markdownDescription": "The maximum number of strongly consistent reads consumed per second before DynamoDB returns a `ThrottlingException` . For more information, see [Specifying Read and Write Requirements](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/ProvisionedThroughput.html) in the *Amazon DynamoDB Developer Guide* .\n\nIf read/write capacity mode is `PAY_PER_REQUEST` the value is set to 0.", + "title": "ReadCapacityUnits", + "type": "number" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "WriteCapacityUnits": { + "markdownDescription": "The maximum number of writes consumed per second before DynamoDB returns a `ThrottlingException` . For more information, see [Specifying Read and Write Requirements](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/ProvisionedThroughput.html) in the *Amazon DynamoDB Developer Guide* .\n\nIf read/write capacity mode is `PAY_PER_REQUEST` the value is set to 0.", + "title": "WriteCapacityUnits", + "type": "number" } }, "required": [ - "Type", - "Properties" + "ReadCapacityUnits", + "WriteCapacityUnits" ], "type": "object" }, - "AWS::EC2::VerifiedAccessTrustProvider.DeviceOptions": { + "AWS::DynamoDB::Table.ResourcePolicy": { "additionalProperties": false, "properties": { - "PublicSigningKeyUrl": { - "markdownDescription": "The URL AWS Verified Access will use to verify the authenticity of the device tokens.", - "title": "PublicSigningKeyUrl", - "type": "string" - }, - "TenantId": { - "markdownDescription": "The ID of the tenant application with the device-identity provider.", - "title": "TenantId", - "type": "string" + "PolicyDocument": { + "markdownDescription": "A resource-based policy document that contains permissions to add to the specified DynamoDB table, index, or both. In a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) .", + "title": "PolicyDocument", + "type": "object" } }, + "required": [ + "PolicyDocument" + ], "type": "object" }, - "AWS::EC2::VerifiedAccessTrustProvider.OidcOptions": { + "AWS::DynamoDB::Table.S3BucketSource": { "additionalProperties": false, "properties": { - "AuthorizationEndpoint": { - "markdownDescription": "The OIDC authorization endpoint.", - "title": "AuthorizationEndpoint", + "S3Bucket": { + "markdownDescription": "The S3 bucket that is being imported from.", + "title": "S3Bucket", "type": "string" }, - "ClientId": { - "markdownDescription": "The client identifier.", - "title": "ClientId", + "S3BucketOwner": { + "markdownDescription": "The account number of the S3 bucket that is being imported from. If the bucket is owned by the requester this is optional.", + "title": "S3BucketOwner", "type": "string" }, - "ClientSecret": { - "markdownDescription": "The client secret.", - "title": "ClientSecret", + "S3KeyPrefix": { + "markdownDescription": "The key prefix shared by all S3 Objects that are being imported.", + "title": "S3KeyPrefix", "type": "string" - }, - "Issuer": { - "markdownDescription": "The OIDC issuer.", - "title": "Issuer", + } + }, + "required": [ + "S3Bucket" + ], + "type": "object" + }, + "AWS::DynamoDB::Table.SSESpecification": { + "additionalProperties": false, + "properties": { + "KMSMasterKeyId": { + "markdownDescription": "The AWS KMS key that should be used for the AWS KMS encryption. To specify a key, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. Note that you should only provide this parameter if the key is different from the default DynamoDB key `alias/aws/dynamodb` .", + "title": "KMSMasterKeyId", "type": "string" }, - "Scope": { - "markdownDescription": "The OpenID Connect (OIDC) scope specified.", - "title": "Scope", - "type": "string" + "SSEEnabled": { + "markdownDescription": "Indicates whether server-side encryption is done using an AWS managed key or an AWS owned key. If enabled (true), server-side encryption type is set to `KMS` and an AWS managed key is used ( AWS KMS charges apply). If disabled (false) or not specified, server-side encryption is set to AWS owned key.", + "title": "SSEEnabled", + "type": "boolean" }, - "TokenEndpoint": { - "markdownDescription": "The OIDC token endpoint.", - "title": "TokenEndpoint", + "SSEType": { + "markdownDescription": "Server-side encryption type. The only supported value is:\n\n- `KMS` - Server-side encryption that uses AWS Key Management Service . The key is stored in your account and is managed by AWS KMS ( AWS KMS charges apply).", + "title": "SSEType", "type": "string" + } + }, + "required": [ + "SSEEnabled" + ], + "type": "object" + }, + "AWS::DynamoDB::Table.StreamSpecification": { + "additionalProperties": false, + "properties": { + "ResourcePolicy": { + "$ref": "#/definitions/AWS::DynamoDB::Table.ResourcePolicy", + "markdownDescription": "Creates or updates a resource-based policy document that contains the permissions for DynamoDB resources, such as a table's streams. Resource-based policies let you define access permissions by specifying who has access to each resource, and the actions they are allowed to perform on each resource.\n\nIn a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) .", + "title": "ResourcePolicy" }, - "UserInfoEndpoint": { - "markdownDescription": "The OIDC user info endpoint.", - "title": "UserInfoEndpoint", + "StreamViewType": { + "markdownDescription": "When an item in the table is modified, `StreamViewType` determines what information is written to the stream for this table. Valid values for `StreamViewType` are:\n\n- `KEYS_ONLY` - Only the key attributes of the modified item are written to the stream.\n- `NEW_IMAGE` - The entire item, as it appears after it was modified, is written to the stream.\n- `OLD_IMAGE` - The entire item, as it appeared before it was modified, is written to the stream.\n- `NEW_AND_OLD_IMAGES` - Both the new and the old item images of the item are written to the stream.", + "title": "StreamViewType", "type": "string" } }, + "required": [ + "StreamViewType" + ], "type": "object" }, - "AWS::EC2::VerifiedAccessTrustProvider.SseSpecification": { + "AWS::DynamoDB::Table.TimeToLiveSpecification": { "additionalProperties": false, "properties": { - "CustomerManagedKeyEnabled": { - "markdownDescription": "Enable or disable the use of customer managed KMS keys for server side encryption.\n\nValid values: `True` | `False`", - "title": "CustomerManagedKeyEnabled", + "AttributeName": { + "markdownDescription": "The name of the TTL attribute used to store the expiration time for items in the table.\n\n> - The `AttributeName` property is required when enabling the TTL, or when TTL is already enabled.\n> - To update this property, you must first disable TTL and then enable TTL with the new attribute name.", + "title": "AttributeName", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Indicates whether TTL is to be enabled (true) or disabled (false) on the table.", + "title": "Enabled", "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::DynamoDB::Table.WarmThroughput": { + "additionalProperties": false, + "properties": { + "ReadUnitsPerSecond": { + "markdownDescription": "Represents the number of read operations your base table can instantaneously support.", + "title": "ReadUnitsPerSecond", + "type": "number" }, - "KmsKeyArn": { - "markdownDescription": "The ARN of the KMS key.", - "title": "KmsKeyArn", - "type": "string" + "WriteUnitsPerSecond": { + "markdownDescription": "Represents the number of write operations your base table can instantaneously support.", + "title": "WriteUnitsPerSecond", + "type": "number" } }, "type": "object" }, - "AWS::EC2::Volume": { + "AWS::EC2::CapacityReservation": { "additionalProperties": false, "properties": { "Condition": { @@ -82032,78 +87844,95 @@ "Properties": { "additionalProperties": false, "properties": { - "AutoEnableIO": { - "markdownDescription": "Indicates whether the volume is auto-enabled for I/O operations. By default, Amazon EBS disables I/O to the volume from attached EC2 instances when it determines that a volume's data is potentially inconsistent. If the consistency of the volume is not a concern, and you prefer that the volume be made available immediately if it's impaired, you can configure the volume to automatically enable I/O.", - "title": "AutoEnableIO", - "type": "boolean" - }, "AvailabilityZone": { - "markdownDescription": "The ID of the Availability Zone in which to create the volume. For example, `us-east-1a` .", + "markdownDescription": "The Availability Zone in which to create the Capacity Reservation.", "title": "AvailabilityZone", "type": "string" }, - "Encrypted": { - "markdownDescription": "Indicates whether the volume should be encrypted. The effect of setting the encryption state to `true` depends on the volume origin (new or from a snapshot), starting encryption state, ownership, and whether encryption by default is enabled. For more information, see [Encryption by default](https://docs.aws.amazon.com/ebs/latest/userguide/work-with-ebs-encr.html#encryption-by-default) in the *Amazon EBS User Guide* .\n\nEncrypted Amazon EBS volumes must be attached to instances that support Amazon EBS encryption. For more information, see [Supported instance types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption-requirements.html#ebs-encryption_supported_instances) .", - "title": "Encrypted", + "AvailabilityZoneId": { + "markdownDescription": "The Availability Zone ID of the Capacity Reservation.", + "title": "AvailabilityZoneId", + "type": "string" + }, + "EbsOptimized": { + "markdownDescription": "Indicates whether the Capacity Reservation supports EBS-optimized instances. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS- optimized instance.", + "title": "EbsOptimized", "type": "boolean" }, - "Iops": { - "markdownDescription": "The number of I/O operations per second (IOPS). For `gp3` , `io1` , and `io2` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n\nThe following are the supported values for each volume type:\n\n- `gp3` : 3,000 - 16,000 IOPS\n- `io1` : 100 - 64,000 IOPS\n- `io2` : 100 - 256,000 IOPS\n\nFor `io2` volumes, you can achieve up to 256,000 IOPS on [instances built on the Nitro System](https://docs.aws.amazon.com/ec2/latest/instancetypes/ec2-nitro-instances.html) . On other instances, you can achieve performance up to 32,000 IOPS.\n\nThis parameter is required for `io1` and `io2` volumes. The default for `gp3` volumes is 3,000 IOPS. This parameter is not supported for `gp2` , `st1` , `sc1` , or `standard` volumes.", - "title": "Iops", - "type": "number" + "EndDate": { + "markdownDescription": "The date and time at which the Capacity Reservation expires. When a Capacity Reservation expires, the reserved capacity is released and you can no longer launch instances into it. The Capacity Reservation's state changes to `expired` when it reaches its end date and time.\n\nYou must provide an `EndDate` value if `EndDateType` is `limited` . Omit `EndDate` if `EndDateType` is `unlimited` .\n\nIf the `EndDateType` is `limited` , the Capacity Reservation is cancelled within an hour from the specified time. For example, if you specify 5/31/2019, 13:30:55, the Capacity Reservation is guaranteed to end between 13:30:55 and 14:30:55 on 5/31/2019.\n\nIf you are requesting a future-dated Capacity Reservation, you can't specify an end date and time that is within the commitment duration.", + "title": "EndDate", + "type": "string" }, - "KmsKeyId": { - "markdownDescription": "The identifier of the AWS KMS key to use for Amazon EBS encryption. If `KmsKeyId` is specified, the encrypted state must be `true` .\n\nIf you omit this property and your account is enabled for encryption by default, or *Encrypted* is set to `true` , then the volume is encrypted using the default key specified for your account. If your account does not have a default key, then the volume is encrypted using the AWS managed key .\n\nAlternatively, if you want to specify a different key, you can specify one of the following:\n\n- Key ID. For example, 1234abcd-12ab-34cd-56ef-1234567890ab.\n- Key alias. Specify the alias for the key, prefixed with `alias/` . For example, for a key with the alias `my_cmk` , use `alias/my_cmk` . Or to specify the AWS managed key , use `alias/aws/ebs` .\n- Key ARN. For example, arn:aws:kms:us-east-1:012345678910:key/1234abcd-12ab-34cd-56ef-1234567890ab.\n- Alias ARN. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias.", - "title": "KmsKeyId", + "EndDateType": { + "markdownDescription": "Indicates the way in which the Capacity Reservation ends. A Capacity Reservation can have one of the following end types:\n\n- `unlimited` - The Capacity Reservation remains active until you explicitly cancel it. Do not provide an `EndDate` if the `EndDateType` is `unlimited` .\n- `limited` - The Capacity Reservation expires automatically at a specified date and time. You must provide an `EndDate` value if the `EndDateType` value is `limited` .", + "title": "EndDateType", "type": "string" }, - "MultiAttachEnabled": { - "markdownDescription": "Indicates whether Amazon EBS Multi-Attach is enabled.\n\nAWS CloudFormation does not currently support updating a single-attach volume to be multi-attach enabled, updating a multi-attach enabled volume to be single-attach, or updating the size or number of I/O operations per second (IOPS) of a multi-attach enabled volume.", - "title": "MultiAttachEnabled", + "EphemeralStorage": { + "markdownDescription": "*Deprecated.*", + "title": "EphemeralStorage", "type": "boolean" }, - "OutpostArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Outpost.", - "title": "OutpostArn", + "InstanceCount": { + "markdownDescription": "The number of instances for which to reserve capacity.\n\n> You can request future-dated Capacity Reservations for an instance count with a minimum of 64 vCPUs. For example, if you request a future-dated Capacity Reservation for `m5.xlarge` instances, you must request at least 25 instances ( *16 * m5.xlarge = 64 vCPUs* ). \n\nValid range: 1 - 1000", + "title": "InstanceCount", + "type": "number" + }, + "InstanceMatchCriteria": { + "markdownDescription": "Indicates the type of instance launches that the Capacity Reservation accepts. The options include:\n\n- `open` - The Capacity Reservation automatically matches all instances that have matching attributes (instance type, platform, and Availability Zone). Instances that have matching attributes run in the Capacity Reservation automatically without specifying any additional parameters.\n- `targeted` - The Capacity Reservation only accepts instances that have matching attributes (instance type, platform, and Availability Zone), and explicitly target the Capacity Reservation. This ensures that only permitted instances can use the reserved capacity.\n\n> If you are requesting a future-dated Capacity Reservation, you must specify `targeted` . \n\nDefault: `open`", + "title": "InstanceMatchCriteria", "type": "string" }, - "Size": { - "markdownDescription": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. If you specify a snapshot, the default is the snapshot size. You can specify a volume size that is equal to or larger than the snapshot size.\n\nThe following are the supported volumes sizes for each volume type:\n\n- `gp2` and `gp3` : 1 - 16,384 GiB\n- `io1` : 4 - 16,384 GiB\n- `io2` : 4 - 65,536 GiB\n- `st1` and `sc1` : 125 - 16,384 GiB\n- `standard` : 1 - 1024 GiB", - "title": "Size", - "type": "number" + "InstancePlatform": { + "markdownDescription": "The type of operating system for which to reserve capacity.", + "title": "InstancePlatform", + "type": "string" }, - "SnapshotId": { - "markdownDescription": "The snapshot from which to create the volume. You must specify either a snapshot ID or a volume size.", - "title": "SnapshotId", + "InstanceType": { + "markdownDescription": "The instance type for which to reserve capacity.\n\n> You can request future-dated Capacity Reservations for instance types in the C, M, R, I, T, and G instance families only. \n\nFor more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .", + "title": "InstanceType", "type": "string" }, - "Tags": { + "OutPostArn": { + "markdownDescription": "> Not supported for future-dated Capacity Reservations. \n\nThe Amazon Resource Name (ARN) of the Outpost on which to create the Capacity Reservation.", + "title": "OutPostArn", + "type": "string" + }, + "PlacementGroupArn": { + "markdownDescription": "> Not supported for future-dated Capacity Reservations. \n\nThe Amazon Resource Name (ARN) of the cluster placement group in which to create the Capacity Reservation. For more information, see [Capacity Reservations for cluster placement groups](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/cr-cpg.html) in the *Amazon EC2 User Guide* .", + "title": "PlacementGroupArn", + "type": "string" + }, + "TagSpecifications": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::EC2::CapacityReservation.TagSpecification" }, - "markdownDescription": "The tags to apply to the volume during creation.", - "title": "Tags", + "markdownDescription": "The tags to apply to the Capacity Reservation during launch.", + "title": "TagSpecifications", "type": "array" }, - "Throughput": { - "markdownDescription": "The throughput to provision for a volume, with a maximum of 1,000 MiB/s.\n\nThis parameter is valid only for `gp3` volumes. The default value is 125.\n\nValid Range: Minimum value of 125. Maximum value of 1000.", - "title": "Throughput", - "type": "number" + "Tenancy": { + "markdownDescription": "Indicates the tenancy of the Capacity Reservation. A Capacity Reservation can have one of the following tenancy settings:\n\n- `default` - The Capacity Reservation is created on hardware that is shared with other AWS accounts .\n- `dedicated` - The Capacity Reservation is created on single-tenant hardware that is dedicated to a single AWS account .", + "title": "Tenancy", + "type": "string" }, - "VolumeType": { - "markdownDescription": "The volume type. This parameter can be one of the following values:\n\n- General Purpose SSD: `gp2` | `gp3`\n- Provisioned IOPS SSD: `io1` | `io2`\n- Throughput Optimized HDD: `st1`\n- Cold HDD: `sc1`\n- Magnetic: `standard`\n\nFor more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volume-types.html) .\n\nDefault: `gp2`", - "title": "VolumeType", + "UnusedReservationBillingOwnerId": { + "markdownDescription": "The ID of the AWS account to which to assign billing of the unused capacity of the Capacity Reservation. A request will be sent to the specified account. That account must accept the request for the billing to be assigned to their account. For more information, see [Billing assignment for shared Amazon EC2 Capacity Reservations](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/assign-billing.html) .\n\nYou can assign billing only for shared Capacity Reservations. To share a Capacity Reservation, you must add it to a resource share. For more information, see [AWS::RAM::ResourceShare](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ram-resourceshare.html) .", + "title": "UnusedReservationBillingOwnerId", "type": "string" } }, "required": [ - "AvailabilityZone" + "InstanceCount", + "InstancePlatform", + "InstanceType" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::Volume" + "AWS::EC2::CapacityReservation" ], "type": "string" }, @@ -82122,85 +87951,58 @@ ], "type": "object" }, - "AWS::EC2::VolumeAttachment": { + "AWS::EC2::CapacityReservation.CapacityAllocation": { "additionalProperties": false, "properties": { - "Condition": { + "AllocationType": { + "markdownDescription": "The usage type. `used` indicates that the instance capacity is in use by instances that are running in the Capacity Reservation.", + "title": "AllocationType", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Count": { + "markdownDescription": "The amount of instance capacity associated with the usage. For example a value of `4` indicates that instance capacity for 4 instances is currently in use.", + "title": "Count", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::CapacityReservation.CommitmentInfo": { + "additionalProperties": false, + "properties": { + "CommitmentEndDate": { + "markdownDescription": "The date and time at which the commitment duration expires, in the ISO8601 format in the UTC time zone ( `YYYY-MM-DDThh:mm:ss.sssZ` ). You can't decrease the instance count or cancel the Capacity Reservation before this date and time.", + "title": "CommitmentEndDate", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Device": { - "markdownDescription": "The device name (for example, `/dev/sdh` or `xvdh` ).", - "title": "Device", - "type": "string" - }, - "InstanceId": { - "markdownDescription": "The ID of the instance to which the volume attaches. This value can be a reference to an [`AWS::EC2::Instance`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html) resource, or it can be the physical ID of an existing EC2 instance.", - "title": "InstanceId", - "type": "string" - }, - "VolumeId": { - "markdownDescription": "The ID of the Amazon EBS volume. The volume and instance must be within the same Availability Zone. This value can be a reference to an [`AWS::EC2::Volume`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-ebs-volume.html) resource, or it can be the volume ID of an existing Amazon EBS volume.", - "title": "VolumeId", - "type": "string" - } - }, - "required": [ - "InstanceId", - "VolumeId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::EC2::VolumeAttachment" - ], + "CommittedInstanceCount": { + "markdownDescription": "The instance capacity that you committed to when you requested the future-dated Capacity Reservation.", + "title": "CommittedInstanceCount", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::CapacityReservation.TagSpecification": { + "additionalProperties": false, + "properties": { + "ResourceType": { + "markdownDescription": "The type of resource to tag. Specify `capacity-reservation` .", + "title": "ResourceType", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to apply to the resource.", + "title": "Tags", + "type": "array" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::ECR::PublicRepository": { + "AWS::EC2::CapacityReservationFleet": { "additionalProperties": false, "properties": { "Condition": { @@ -82235,35 +88037,63 @@ "Properties": { "additionalProperties": false, "properties": { - "RepositoryCatalogData": { - "$ref": "#/definitions/AWS::ECR::PublicRepository.RepositoryCatalogData", - "markdownDescription": "The details about the repository that are publicly visible in the Amazon ECR Public Gallery. For more information, see [Amazon ECR Public repository catalog data](https://docs.aws.amazon.com/AmazonECR/latest/public/public-repository-catalog-data.html) in the *Amazon ECR Public User Guide* .", - "title": "RepositoryCatalogData" + "AllocationStrategy": { + "markdownDescription": "The strategy used by the Capacity Reservation Fleet to determine which of the specified instance types to use. Currently, only the `prioritized` allocation strategy is supported. For more information, see [Allocation strategy](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/crfleet-concepts.html#allocation-strategy) in the *Amazon EC2 User Guide* .\n\nValid values: `prioritized`", + "title": "AllocationStrategy", + "type": "string" }, - "RepositoryName": { - "markdownDescription": "The name to use for the public repository. The repository name may be specified on its own (such as `nginx-web-app` ) or it can be prepended with a namespace to group the repository into a category (such as `project-a/nginx-web-app` ). If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the repository name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "RepositoryName", + "EndDate": { + "markdownDescription": "The date and time at which the Capacity Reservation Fleet expires. When the Capacity Reservation Fleet expires, its state changes to `expired` and all of the Capacity Reservations in the Fleet expire.\n\nThe Capacity Reservation Fleet expires within an hour after the specified time. For example, if you specify `5/31/2019` , `13:30:55` , the Capacity Reservation Fleet is guaranteed to expire between `13:30:55` and `14:30:55` on `5/31/2019` .", + "title": "EndDate", "type": "string" }, - "RepositoryPolicyText": { - "markdownDescription": "The JSON repository policy text to apply to the public repository. For more information, see [Amazon ECR Public repository policies](https://docs.aws.amazon.com/AmazonECR/latest/public/public-repository-policies.html) in the *Amazon ECR Public User Guide* .", - "title": "RepositoryPolicyText", - "type": "object" + "InstanceMatchCriteria": { + "markdownDescription": "Indicates the type of instance launches that the Capacity Reservation Fleet accepts. All Capacity Reservations in the Fleet inherit this instance matching criteria.\n\nCurrently, Capacity Reservation Fleets support `open` instance matching criteria only. This means that instances that have matching attributes (instance type, platform, and Availability Zone) run in the Capacity Reservations automatically. Instances do not need to explicitly target a Capacity Reservation Fleet to use its reserved capacity.", + "title": "InstanceMatchCriteria", + "type": "string" }, - "Tags": { + "InstanceTypeSpecifications": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::EC2::CapacityReservationFleet.InstanceTypeSpecification" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.", - "title": "Tags", + "markdownDescription": "Information about the instance types for which to reserve the capacity.", + "title": "InstanceTypeSpecifications", + "type": "array" + }, + "NoRemoveEndDate": { + "markdownDescription": "Used to add an end date to a Capacity Reservation Fleet that has no end date and time. To add an end date to a Capacity Reservation Fleet, specify `true` for this paramater and specify the end date and time (in UTC time format) for the *EndDate* parameter.", + "title": "NoRemoveEndDate", + "type": "boolean" + }, + "RemoveEndDate": { + "markdownDescription": "Used to remove an end date from a Capacity Reservation Fleet that is configured to end automatically at a specific date and time. To remove the end date from a Capacity Reservation Fleet, specify `true` for this paramater and omit the *EndDate* parameter.", + "title": "RemoveEndDate", + "type": "boolean" + }, + "TagSpecifications": { + "items": { + "$ref": "#/definitions/AWS::EC2::CapacityReservationFleet.TagSpecification" + }, + "markdownDescription": "The tags to assign to the Capacity Reservation Fleet. The tags are automatically assigned to the Capacity Reservations in the Fleet.", + "title": "TagSpecifications", "type": "array" + }, + "Tenancy": { + "markdownDescription": "Indicates the tenancy of the Capacity Reservation Fleet. All Capacity Reservations in the Fleet inherit this tenancy. The Capacity Reservation Fleet can have one of the following tenancy settings:\n\n- `default` - The Capacity Reservation Fleet is created on hardware that is shared with other AWS accounts .\n- `dedicated` - The Capacity Reservations are created on single-tenant hardware that is dedicated to a single AWS account .", + "title": "Tenancy", + "type": "string" + }, + "TotalTargetCapacity": { + "markdownDescription": "The total number of capacity units to be reserved by the Capacity Reservation Fleet. This value, together with the instance type weights that you assign to each instance type used by the Fleet determine the number of instances for which the Fleet reserves capacity. Both values are based on units that make sense for your workload. For more information, see [Total target capacity](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/crfleet-concepts.html#target-capacity) in the *Amazon EC2 User Guide* .", + "title": "TotalTargetCapacity", + "type": "number" } }, "type": "object" }, "Type": { "enum": [ - "AWS::ECR::PublicRepository" + "AWS::EC2::CapacityReservationFleet" ], "type": "string" }, @@ -82281,44 +88111,67 @@ ], "type": "object" }, - "AWS::ECR::PublicRepository.RepositoryCatalogData": { + "AWS::EC2::CapacityReservationFleet.InstanceTypeSpecification": { "additionalProperties": false, "properties": { - "AboutText": { - "markdownDescription": "The longform description of the contents of the repository. This text appears in the repository details on the Amazon ECR Public Gallery.", - "title": "AboutText", + "AvailabilityZone": { + "markdownDescription": "The Availability Zone in which the Capacity Reservation Fleet reserves the capacity. A Capacity Reservation Fleet can't span Availability Zones. All instance type specifications that you specify for the Fleet must use the same Availability Zone.", + "title": "AvailabilityZone", "type": "string" }, - "Architectures": { - "items": { - "type": "string" - }, - "markdownDescription": "The architecture tags that are associated with the repository.", - "title": "Architectures", - "type": "array" + "AvailabilityZoneId": { + "markdownDescription": "The ID of the Availability Zone in which the Capacity Reservation Fleet reserves the capacity. A Capacity Reservation Fleet can't span Availability Zones. All instance type specifications that you specify for the Fleet must use the same Availability Zone.", + "title": "AvailabilityZoneId", + "type": "string" }, - "OperatingSystems": { - "items": { - "type": "string" - }, - "markdownDescription": "The operating system tags that are associated with the repository.", - "title": "OperatingSystems", - "type": "array" + "EbsOptimized": { + "markdownDescription": "Indicates whether the Capacity Reservation Fleet supports EBS-optimized instances types. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using EBS-optimized instance types.", + "title": "EbsOptimized", + "type": "boolean" }, - "RepositoryDescription": { - "markdownDescription": "The short description of the repository.", - "title": "RepositoryDescription", + "InstancePlatform": { + "markdownDescription": "The type of operating system for which the Capacity Reservation Fleet reserves capacity.", + "title": "InstancePlatform", "type": "string" }, - "UsageText": { - "markdownDescription": "The longform usage details of the contents of the repository. The usage text provides context for users of the repository.", - "title": "UsageText", + "InstanceType": { + "markdownDescription": "The instance type for which the Capacity Reservation Fleet reserves capacity.", + "title": "InstanceType", "type": "string" + }, + "Priority": { + "markdownDescription": "The priority to assign to the instance type. This value is used to determine which of the instance types specified for the Fleet should be prioritized for use. A lower value indicates a high priority. For more information, see [Instance type priority](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/crfleet-concepts.html#instance-priority) in the *Amazon EC2 User Guide* .", + "title": "Priority", + "type": "number" + }, + "Weight": { + "markdownDescription": "The number of capacity units provided by the specified instance type. This value, together with the total target capacity that you specify for the Fleet determine the number of instances for which the Fleet reserves capacity. Both values are based on units that make sense for your workload. For more information, see [Total target capacity](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/crfleet-concepts.html#target-capacity) in the Amazon EC2 User Guide.\n\nValid Range: Minimum value of `0.001` . Maximum value of `99.999` .", + "title": "Weight", + "type": "number" } }, "type": "object" }, - "AWS::ECR::PullThroughCacheRule": { + "AWS::EC2::CapacityReservationFleet.TagSpecification": { + "additionalProperties": false, + "properties": { + "ResourceType": { + "markdownDescription": "The type of resource to tag on creation. Specify `capacity-reservation-fleet` .\n\nTo tag a resource after it has been created, see [CreateTags](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTags.html) .", + "title": "ResourceType", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to apply to the resource.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "AWS::EC2::CarrierGateway": { "additionalProperties": false, "properties": { "Condition": { @@ -82353,32 +88206,28 @@ "Properties": { "additionalProperties": false, "properties": { - "CredentialArn": { - "markdownDescription": "The ARN of the Secrets Manager secret associated with the pull through cache rule.", - "title": "CredentialArn", - "type": "string" - }, - "EcrRepositoryPrefix": { - "markdownDescription": "The Amazon ECR repository prefix associated with the pull through cache rule.", - "title": "EcrRepositoryPrefix", - "type": "string" - }, - "UpstreamRegistry": { - "markdownDescription": "The name of the upstream source registry associated with the pull through cache rule.", - "title": "UpstreamRegistry", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags assigned to the carrier gateway.", + "title": "Tags", + "type": "array" }, - "UpstreamRegistryUrl": { - "markdownDescription": "The upstream registry URL associated with the pull through cache rule.", - "title": "UpstreamRegistryUrl", + "VpcId": { + "markdownDescription": "The ID of the VPC associated with the carrier gateway.", + "title": "VpcId", "type": "string" } }, + "required": [ + "VpcId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::ECR::PullThroughCacheRule" + "AWS::EC2::CarrierGateway" ], "type": "string" }, @@ -82392,11 +88241,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::ECR::RegistryPolicy": { + "AWS::EC2::ClientVpnAuthorizationRule": { "additionalProperties": false, "properties": { "Condition": { @@ -82431,20 +88281,41 @@ "Properties": { "additionalProperties": false, "properties": { - "PolicyText": { - "markdownDescription": "The JSON policy text for your registry.", - "title": "PolicyText", - "type": "object" + "AccessGroupId": { + "markdownDescription": "The ID of the group to grant access to, for example, the Active Directory group or identity provider (IdP) group. Required if `AuthorizeAllGroups` is `false` or not specified.", + "title": "AccessGroupId", + "type": "string" + }, + "AuthorizeAllGroups": { + "markdownDescription": "Indicates whether to grant access to all clients. Specify `true` to grant all clients who successfully establish a VPN connection access to the network. Must be set to `true` if `AccessGroupId` is not specified.", + "title": "AuthorizeAllGroups", + "type": "boolean" + }, + "ClientVpnEndpointId": { + "markdownDescription": "The ID of the Client VPN endpoint.", + "title": "ClientVpnEndpointId", + "type": "string" + }, + "Description": { + "markdownDescription": "A brief description of the authorization rule.", + "title": "Description", + "type": "string" + }, + "TargetNetworkCidr": { + "markdownDescription": "The IPv4 address range, in CIDR notation, of the network for which access is being authorized.", + "title": "TargetNetworkCidr", + "type": "string" } }, "required": [ - "PolicyText" + "ClientVpnEndpointId", + "TargetNetworkCidr" ], "type": "object" }, "Type": { "enum": [ - "AWS::ECR::RegistryPolicy" + "AWS::EC2::ClientVpnAuthorizationRule" ], "type": "string" }, @@ -82463,7 +88334,7 @@ ], "type": "object" }, - "AWS::ECR::ReplicationConfiguration": { + "AWS::EC2::ClientVpnEndpoint": { "additionalProperties": false, "properties": { "Condition": { @@ -82498,20 +88369,120 @@ "Properties": { "additionalProperties": false, "properties": { - "ReplicationConfiguration": { - "$ref": "#/definitions/AWS::ECR::ReplicationConfiguration.ReplicationConfiguration", - "markdownDescription": "The replication configuration for a registry.", - "title": "ReplicationConfiguration" + "AuthenticationOptions": { + "items": { + "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.ClientAuthenticationRequest" + }, + "markdownDescription": "Information about the authentication method to be used to authenticate clients.", + "title": "AuthenticationOptions", + "type": "array" + }, + "ClientCidrBlock": { + "markdownDescription": "The IPv4 address range, in CIDR notation, from which to assign client IP addresses. The address range cannot overlap with the local CIDR of the VPC in which the associated subnet is located, or the routes that you add manually. The address range cannot be changed after the Client VPN endpoint has been created. Client CIDR range must have a size of at least /22 and must not be greater than /12.", + "title": "ClientCidrBlock", + "type": "string" + }, + "ClientConnectOptions": { + "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.ClientConnectOptions", + "markdownDescription": "The options for managing connection authorization for new client connections.", + "title": "ClientConnectOptions" + }, + "ClientLoginBannerOptions": { + "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.ClientLoginBannerOptions", + "markdownDescription": "Options for enabling a customizable text banner that will be displayed on AWS provided clients when a VPN session is established.", + "title": "ClientLoginBannerOptions" + }, + "ClientRouteEnforcementOptions": { + "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.ClientRouteEnforcementOptions", + "markdownDescription": "Client route enforcement is a feature of the Client VPN service that helps enforce administrator defined routes on devices connected through the VPN. T his feature helps improve your security posture by ensuring that network traffic originating from a connected client is not inadvertently sent outside the VPN tunnel.\n\nClient route enforcement works by monitoring the route table of a connected device for routing policy changes to the VPN connection. If the feature detects any VPN routing policy modifications, it will automatically force an update to the route table, reverting it back to the expected route configurations.", + "title": "ClientRouteEnforcementOptions" + }, + "ConnectionLogOptions": { + "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.ConnectionLogOptions", + "markdownDescription": "Information about the client connection logging options.\n\nIf you enable client connection logging, data about client connections is sent to a Cloudwatch Logs log stream. The following information is logged:\n\n- Client connection requests\n- Client connection results (successful and unsuccessful)\n- Reasons for unsuccessful client connection requests\n- Client connection termination time", + "title": "ConnectionLogOptions" + }, + "Description": { + "markdownDescription": "A brief description of the Client VPN endpoint.", + "title": "Description", + "type": "string" + }, + "DisconnectOnSessionTimeout": { + "markdownDescription": "Indicates whether the client VPN session is disconnected after the maximum `sessionTimeoutHours` is reached. If `true` , users are prompted to reconnect client VPN. If `false` , client VPN attempts to reconnect automatically. The default value is `true` .", + "title": "DisconnectOnSessionTimeout", + "type": "boolean" + }, + "DnsServers": { + "items": { + "type": "string" + }, + "markdownDescription": "Information about the DNS servers to be used for DNS resolution. A Client VPN endpoint can have up to two DNS servers. If no DNS server is specified, the DNS address configured on the device is used for the DNS server.", + "title": "DnsServers", + "type": "array" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of one or more security groups to apply to the target network. You must also specify the ID of the VPC that contains the security groups.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SelfServicePortal": { + "markdownDescription": "Specify whether to enable the self-service portal for the Client VPN endpoint.\n\nDefault Value: `enabled`", + "title": "SelfServicePortal", + "type": "string" + }, + "ServerCertificateArn": { + "markdownDescription": "The ARN of the server certificate. For more information, see the [AWS Certificate Manager User Guide](https://docs.aws.amazon.com/acm/latest/userguide/) .", + "title": "ServerCertificateArn", + "type": "string" + }, + "SessionTimeoutHours": { + "markdownDescription": "The maximum VPN session duration time in hours.\n\nValid values: `8 | 10 | 12 | 24`\n\nDefault value: `24`", + "title": "SessionTimeoutHours", + "type": "number" + }, + "SplitTunnel": { + "markdownDescription": "Indicates whether split-tunnel is enabled on the AWS Client VPN endpoint.\n\nBy default, split-tunnel on a VPN endpoint is disabled.\n\nFor information about split-tunnel VPN endpoints, see [Split-tunnel AWS Client VPN endpoint](https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/split-tunnel-vpn.html) in the *AWS Client VPN Administrator Guide* .", + "title": "SplitTunnel", + "type": "boolean" + }, + "TagSpecifications": { + "items": { + "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.TagSpecification" + }, + "markdownDescription": "The tags to apply to the Client VPN endpoint during creation.", + "title": "TagSpecifications", + "type": "array" + }, + "TransportProtocol": { + "markdownDescription": "The transport protocol to be used by the VPN session.\n\nDefault value: `udp`", + "title": "TransportProtocol", + "type": "string" + }, + "VpcId": { + "markdownDescription": "The ID of the VPC to associate with the Client VPN endpoint. If no security group IDs are specified in the request, the default security group for the VPC is applied.", + "title": "VpcId", + "type": "string" + }, + "VpnPort": { + "markdownDescription": "The port number to assign to the Client VPN endpoint for TCP and UDP traffic.\n\nValid Values: `443` | `1194`\n\nDefault Value: `443`", + "title": "VpnPort", + "type": "number" } }, "required": [ - "ReplicationConfiguration" + "AuthenticationOptions", + "ClientCidrBlock", + "ConnectionLogOptions", + "ServerCertificateArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::ECR::ReplicationConfiguration" + "AWS::EC2::ClientVpnEndpoint" ], "type": "string" }, @@ -82530,236 +88501,179 @@ ], "type": "object" }, - "AWS::ECR::ReplicationConfiguration.ReplicationConfiguration": { + "AWS::EC2::ClientVpnEndpoint.CertificateAuthenticationRequest": { "additionalProperties": false, "properties": { - "Rules": { - "items": { - "$ref": "#/definitions/AWS::ECR::ReplicationConfiguration.ReplicationRule" - }, - "markdownDescription": "An array of objects representing the replication destinations and repository filters for a replication configuration.", - "title": "Rules", - "type": "array" + "ClientRootCertificateChainArn": { + "markdownDescription": "The ARN of the client certificate. The certificate must be signed by a certificate authority (CA) and it must be provisioned in AWS Certificate Manager (ACM).", + "title": "ClientRootCertificateChainArn", + "type": "string" } }, "required": [ - "Rules" + "ClientRootCertificateChainArn" ], "type": "object" }, - "AWS::ECR::ReplicationConfiguration.ReplicationDestination": { + "AWS::EC2::ClientVpnEndpoint.ClientAuthenticationRequest": { "additionalProperties": false, "properties": { - "Region": { - "markdownDescription": "The Region to replicate to.", - "title": "Region", - "type": "string" + "ActiveDirectory": { + "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.DirectoryServiceAuthenticationRequest", + "markdownDescription": "Information about the Active Directory to be used, if applicable. You must provide this information if *Type* is `directory-service-authentication` .", + "title": "ActiveDirectory" }, - "RegistryId": { - "markdownDescription": "The AWS account ID of the Amazon ECR private registry to replicate to. When configuring cross-Region replication within your own registry, specify your own account ID.", - "title": "RegistryId", + "FederatedAuthentication": { + "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.FederatedAuthenticationRequest", + "markdownDescription": "Information about the IAM SAML identity provider, if applicable.", + "title": "FederatedAuthentication" + }, + "MutualAuthentication": { + "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.CertificateAuthenticationRequest", + "markdownDescription": "Information about the authentication certificates to be used, if applicable. You must provide this information if *Type* is `certificate-authentication` .", + "title": "MutualAuthentication" + }, + "Type": { + "markdownDescription": "The type of client authentication to be used.", + "title": "Type", "type": "string" } }, "required": [ - "Region", - "RegistryId" + "Type" ], "type": "object" }, - "AWS::ECR::ReplicationConfiguration.ReplicationRule": { + "AWS::EC2::ClientVpnEndpoint.ClientConnectOptions": { "additionalProperties": false, "properties": { - "Destinations": { - "items": { - "$ref": "#/definitions/AWS::ECR::ReplicationConfiguration.ReplicationDestination" - }, - "markdownDescription": "An array of objects representing the destination for a replication rule.", - "title": "Destinations", - "type": "array" + "Enabled": { + "markdownDescription": "Indicates whether client connect options are enabled. The default is `false` (not enabled).", + "title": "Enabled", + "type": "boolean" }, - "RepositoryFilters": { - "items": { - "$ref": "#/definitions/AWS::ECR::ReplicationConfiguration.RepositoryFilter" - }, - "markdownDescription": "An array of objects representing the filters for a replication rule. Specifying a repository filter for a replication rule provides a method for controlling which repositories in a private registry are replicated.", - "title": "RepositoryFilters", - "type": "array" + "LambdaFunctionArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Lambda function used for connection authorization.", + "title": "LambdaFunctionArn", + "type": "string" } }, "required": [ - "Destinations" + "Enabled" ], "type": "object" }, - "AWS::ECR::ReplicationConfiguration.RepositoryFilter": { + "AWS::EC2::ClientVpnEndpoint.ClientLoginBannerOptions": { "additionalProperties": false, "properties": { - "Filter": { - "markdownDescription": "The repository filter details. When the `PREFIX_MATCH` filter type is specified, this value is required and should be the repository name prefix to configure replication for.", - "title": "Filter", + "BannerText": { + "markdownDescription": "Customizable text that will be displayed in a banner on AWS provided clients when a VPN session is established. UTF-8 encoded characters only. Maximum of 1400 characters.", + "title": "BannerText", "type": "string" }, - "FilterType": { - "markdownDescription": "The repository filter type. The only supported value is `PREFIX_MATCH` , which is a repository name prefix specified with the `filter` parameter.", - "title": "FilterType", - "type": "string" + "Enabled": { + "markdownDescription": "Enable or disable a customizable text banner that will be displayed on AWS provided clients when a VPN session is established.\n\nValid values: `true | false`\n\nDefault value: `false`", + "title": "Enabled", + "type": "boolean" } }, "required": [ - "Filter", - "FilterType" + "Enabled" ], "type": "object" }, - "AWS::ECR::Repository": { + "AWS::EC2::ClientVpnEndpoint.ClientRouteEnforcementOptions": { "additionalProperties": false, "properties": { - "Condition": { + "Enforced": { + "markdownDescription": "Enable or disable Client Route Enforcement. The state can either be `true` (enabled) or `false` (disabled). The default is `false` .\n\nValid values: `true | false`\n\nDefault value: `false`", + "title": "Enforced", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EC2::ClientVpnEndpoint.ConnectionLogOptions": { + "additionalProperties": false, + "properties": { + "CloudwatchLogGroup": { + "markdownDescription": "The name of the CloudWatch Logs log group. Required if connection logging is enabled.", + "title": "CloudwatchLogGroup", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "CloudwatchLogStream": { + "markdownDescription": "The name of the CloudWatch Logs log stream to which the connection data is published.", + "title": "CloudwatchLogStream", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "EmptyOnDelete": { - "markdownDescription": "If true, deleting the repository force deletes the contents of the repository. If false, the repository must be empty before attempting to delete it.", - "title": "EmptyOnDelete", - "type": "boolean" - }, - "EncryptionConfiguration": { - "$ref": "#/definitions/AWS::ECR::Repository.EncryptionConfiguration", - "markdownDescription": "The encryption configuration for the repository. This determines how the contents of your repository are encrypted at rest.", - "title": "EncryptionConfiguration" - }, - "ImageScanningConfiguration": { - "$ref": "#/definitions/AWS::ECR::Repository.ImageScanningConfiguration", - "markdownDescription": "The image scanning configuration for the repository. This determines whether images are scanned for known vulnerabilities after being pushed to the repository.", - "title": "ImageScanningConfiguration" - }, - "ImageTagMutability": { - "markdownDescription": "The tag mutability setting for the repository. If this parameter is omitted, the default setting of `MUTABLE` will be used which will allow image tags to be overwritten. If `IMMUTABLE` is specified, all image tags within the repository will be immutable which will prevent them from being overwritten.", - "title": "ImageTagMutability", - "type": "string" - }, - "LifecyclePolicy": { - "$ref": "#/definitions/AWS::ECR::Repository.LifecyclePolicy", - "markdownDescription": "Creates or updates a lifecycle policy. For information about lifecycle policy syntax, see [Lifecycle policy template](https://docs.aws.amazon.com/AmazonECR/latest/userguide/LifecyclePolicies.html) .", - "title": "LifecyclePolicy" - }, - "RepositoryName": { - "markdownDescription": "The name to use for the repository. The repository name may be specified on its own (such as `nginx-web-app` ) or it can be prepended with a namespace to group the repository into a category (such as `project-a/nginx-web-app` ). If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the repository name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nThe repository name must start with a letter and can only contain lowercase letters, numbers, hyphens, underscores, and forward slashes.\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "RepositoryName", - "type": "string" - }, - "RepositoryPolicyText": { - "markdownDescription": "The JSON repository policy text to apply to the repository. For more information, see [Amazon ECR repository policies](https://docs.aws.amazon.com/AmazonECR/latest/userguide/repository-policy-examples.html) in the *Amazon Elastic Container Registry User Guide* .", - "title": "RepositoryPolicyText", - "type": "object" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::ECR::Repository" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Enabled": { + "markdownDescription": "Indicates whether connection logging is enabled.", + "title": "Enabled", + "type": "boolean" } }, "required": [ - "Type" + "Enabled" ], "type": "object" }, - "AWS::ECR::Repository.EncryptionConfiguration": { + "AWS::EC2::ClientVpnEndpoint.DirectoryServiceAuthenticationRequest": { "additionalProperties": false, "properties": { - "EncryptionType": { - "markdownDescription": "The encryption type to use.\n\nIf you use the `KMS` encryption type, the contents of the repository will be encrypted using server-side encryption with AWS Key Management Service key stored in AWS KMS . When you use AWS KMS to encrypt your data, you can either use the default AWS managed AWS KMS key for Amazon ECR, or specify your own AWS KMS key, which you already created.\n\nIf you use the `KMS_DSSE` encryption type, the contents of the repository will be encrypted with two layers of encryption using server-side encryption with the AWS KMS Management Service key stored in AWS KMS . Similar to the `KMS` encryption type, you can either use the default AWS managed AWS KMS key for Amazon ECR, or specify your own AWS KMS key, which you've already created.\n\nIf you use the `AES256` encryption type, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts the images in the repository using an AES256 encryption algorithm.\n\nFor more information, see [Amazon ECR encryption at rest](https://docs.aws.amazon.com/AmazonECR/latest/userguide/encryption-at-rest.html) in the *Amazon Elastic Container Registry User Guide* .", - "title": "EncryptionType", - "type": "string" - }, - "KmsKey": { - "markdownDescription": "If you use the `KMS` encryption type, specify the AWS KMS key to use for encryption. The alias, key ID, or full ARN of the AWS KMS key can be specified. The key must exist in the same Region as the repository. If no key is specified, the default AWS managed AWS KMS key for Amazon ECR will be used.", - "title": "KmsKey", + "DirectoryId": { + "markdownDescription": "The ID of the Active Directory to be used for authentication.", + "title": "DirectoryId", "type": "string" } }, "required": [ - "EncryptionType" + "DirectoryId" ], "type": "object" }, - "AWS::ECR::Repository.ImageScanningConfiguration": { + "AWS::EC2::ClientVpnEndpoint.FederatedAuthenticationRequest": { "additionalProperties": false, "properties": { - "ScanOnPush": { - "markdownDescription": "The setting that determines whether images are scanned after being pushed to a repository. If set to `true` , images will be scanned after being pushed. If this parameter is not specified, it will default to `false` and images will not be scanned unless a scan is manually started.", - "title": "ScanOnPush", - "type": "boolean" + "SAMLProviderArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM SAML identity provider.", + "title": "SAMLProviderArn", + "type": "string" + }, + "SelfServiceSAMLProviderArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM SAML identity provider for the self-service portal.", + "title": "SelfServiceSAMLProviderArn", + "type": "string" } }, + "required": [ + "SAMLProviderArn" + ], "type": "object" }, - "AWS::ECR::Repository.LifecyclePolicy": { + "AWS::EC2::ClientVpnEndpoint.TagSpecification": { "additionalProperties": false, "properties": { - "LifecyclePolicyText": { - "markdownDescription": "The JSON repository policy text to apply to the repository.", - "title": "LifecyclePolicyText", + "ResourceType": { + "markdownDescription": "The type of resource to tag. To tag a Client VPN endpoint, `ResourceType` must be `client-vpn-endpoint` .", + "title": "ResourceType", "type": "string" }, - "RegistryId": { - "markdownDescription": "The AWS account ID associated with the registry that contains the repository. If you do not specify a registry, the default registry is assumed.", - "title": "RegistryId", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to apply to the resource.", + "title": "Tags", + "type": "array" } }, + "required": [ + "ResourceType", + "Tags" + ], "type": "object" }, - "AWS::ECR::RepositoryCreationTemplate": { + "AWS::EC2::ClientVpnRoute": { "additionalProperties": false, "properties": { "Condition": { @@ -82794,62 +88708,37 @@ "Properties": { "additionalProperties": false, "properties": { - "AppliedFor": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of enumerable Strings representing the repository creation scenarios that this template will apply towards. The two supported scenarios are PULL_THROUGH_CACHE and REPLICATION", - "title": "AppliedFor", - "type": "array" + "ClientVpnEndpointId": { + "markdownDescription": "The ID of the Client VPN endpoint to which to add the route.", + "title": "ClientVpnEndpointId", + "type": "string" }, "Description": { - "markdownDescription": "The description associated with the repository creation template.", + "markdownDescription": "A brief description of the route.", "title": "Description", "type": "string" }, - "EncryptionConfiguration": { - "$ref": "#/definitions/AWS::ECR::RepositoryCreationTemplate.EncryptionConfiguration", - "markdownDescription": "The encryption configuration associated with the repository creation template.", - "title": "EncryptionConfiguration" - }, - "ImageTagMutability": { - "markdownDescription": "The tag mutability setting for the repository. If this parameter is omitted, the default setting of MUTABLE will be used which will allow image tags to be overwritten. If IMMUTABLE is specified, all image tags within the repository will be immutable which will prevent them from being overwritten.", - "title": "ImageTagMutability", - "type": "string" - }, - "LifecyclePolicy": { - "markdownDescription": "The lifecycle policy to use for repositories created using the template.", - "title": "LifecyclePolicy", - "type": "string" - }, - "Prefix": { - "markdownDescription": "The repository namespace prefix associated with the repository creation template.", - "title": "Prefix", + "DestinationCidrBlock": { + "markdownDescription": "The IPv4 address range, in CIDR notation, of the route destination. For example:\n\n- To add a route for Internet access, enter `0.0.0.0/0`\n- To add a route for a peered VPC, enter the peered VPC's IPv4 CIDR range\n- To add a route for an on-premises network, enter the AWS Site-to-Site VPN connection's IPv4 CIDR range\n- To add a route for the local network, enter the client CIDR range", + "title": "DestinationCidrBlock", "type": "string" }, - "RepositoryPolicy": { - "markdownDescription": "The repository policy to apply to repositories created using the template. A repository policy is a permissions policy associated with a repository to control access permissions.", - "title": "RepositoryPolicy", + "TargetVpcSubnetId": { + "markdownDescription": "The ID of the subnet through which you want to route traffic. The specified subnet must be an existing target network of the Client VPN endpoint.\n\nAlternatively, if you're adding a route for the local network, specify `local` .", + "title": "TargetVpcSubnetId", "type": "string" - }, - "ResourceTags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The metadata to apply to the repository to help you categorize and organize. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.", - "title": "ResourceTags", - "type": "array" } }, "required": [ - "AppliedFor", - "Prefix" + "ClientVpnEndpointId", + "DestinationCidrBlock", + "TargetVpcSubnetId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ECR::RepositoryCreationTemplate" + "AWS::EC2::ClientVpnRoute" ], "type": "string" }, @@ -82868,26 +88757,7 @@ ], "type": "object" }, - "AWS::ECR::RepositoryCreationTemplate.EncryptionConfiguration": { - "additionalProperties": false, - "properties": { - "EncryptionType": { - "markdownDescription": "The encryption type to use.\n\nIf you use the `KMS` encryption type, the contents of the repository will be encrypted using server-side encryption with AWS Key Management Service key stored in AWS KMS . When you use AWS KMS to encrypt your data, you can either use the default AWS managed AWS KMS key for Amazon ECR, or specify your own AWS KMS key, which you already created.\n\nIf you use the `KMS_DSSE` encryption type, the contents of the repository will be encrypted with two layers of encryption using server-side encryption with the AWS KMS Management Service key stored in AWS KMS . Similar to the `KMS` encryption type, you can either use the default AWS managed AWS KMS key for Amazon ECR, or specify your own AWS KMS key, which you've already created.\n\nIf you use the `AES256` encryption type, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts the images in the repository using an AES256 encryption algorithm.\n\nFor more information, see [Amazon ECR encryption at rest](https://docs.aws.amazon.com/AmazonECR/latest/userguide/encryption-at-rest.html) in the *Amazon Elastic Container Registry User Guide* .", - "title": "EncryptionType", - "type": "string" - }, - "KmsKey": { - "markdownDescription": "If you use the `KMS` encryption type, specify the AWS KMS key to use for encryption. The alias, key ID, or full ARN of the AWS KMS key can be specified. The key must exist in the same Region as the repository. If no key is specified, the default AWS managed AWS KMS key for Amazon ECR will be used.", - "title": "KmsKey", - "type": "string" - } - }, - "required": [ - "EncryptionType" - ], - "type": "object" - }, - "AWS::ECS::CapacityProvider": { + "AWS::EC2::ClientVpnTargetNetworkAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -82922,33 +88792,26 @@ "Properties": { "additionalProperties": false, "properties": { - "AutoScalingGroupProvider": { - "$ref": "#/definitions/AWS::ECS::CapacityProvider.AutoScalingGroupProvider", - "markdownDescription": "The Auto Scaling group settings for the capacity provider.", - "title": "AutoScalingGroupProvider" - }, - "Name": { - "markdownDescription": "The name of the capacity provider. If a name is specified, it cannot start with `aws` , `ecs` , or `fargate` . If no name is specified, a default name in the `CFNStackName-CFNResourceName-RandomString` format is used.", - "title": "Name", + "ClientVpnEndpointId": { + "markdownDescription": "The ID of the Client VPN endpoint.", + "title": "ClientVpnEndpointId", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The metadata that you apply to the capacity provider to help you categorize and organize it. Each tag consists of a key and an optional value. You define both.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8\n- Maximum value length - 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", - "title": "Tags", - "type": "array" + "SubnetId": { + "markdownDescription": "The ID of the subnet to associate with the Client VPN endpoint.", + "title": "SubnetId", + "type": "string" } }, "required": [ - "AutoScalingGroupProvider" + "ClientVpnEndpointId", + "SubnetId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ECS::CapacityProvider" + "AWS::EC2::ClientVpnTargetNetworkAssociation" ], "type": "string" }, @@ -82967,67 +88830,7 @@ ], "type": "object" }, - "AWS::ECS::CapacityProvider.AutoScalingGroupProvider": { - "additionalProperties": false, - "properties": { - "AutoScalingGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) that identifies the Auto Scaling group, or the Auto Scaling group name.", - "title": "AutoScalingGroupArn", - "type": "string" - }, - "ManagedDraining": { - "markdownDescription": "The managed draining option for the Auto Scaling group capacity provider. When you enable this, Amazon ECS manages and gracefully drains the EC2 container instances that are in the Auto Scaling group capacity provider.", - "title": "ManagedDraining", - "type": "string" - }, - "ManagedScaling": { - "$ref": "#/definitions/AWS::ECS::CapacityProvider.ManagedScaling", - "markdownDescription": "The managed scaling settings for the Auto Scaling group capacity provider.", - "title": "ManagedScaling" - }, - "ManagedTerminationProtection": { - "markdownDescription": "The managed termination protection setting to use for the Auto Scaling group capacity provider. This determines whether the Auto Scaling group has managed termination protection. The default is off.\n\n> When using managed termination protection, managed scaling must also be used otherwise managed termination protection doesn't work. \n\nWhen managed termination protection is on, Amazon ECS prevents the Amazon EC2 instances in an Auto Scaling group that contain tasks from being terminated during a scale-in action. The Auto Scaling group and each instance in the Auto Scaling group must have instance protection from scale-in actions on as well. For more information, see [Instance Protection](https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-instance-termination.html#instance-protection) in the *AWS Auto Scaling User Guide* .\n\nWhen managed termination protection is off, your Amazon EC2 instances aren't protected from termination when the Auto Scaling group scales in.", - "title": "ManagedTerminationProtection", - "type": "string" - } - }, - "required": [ - "AutoScalingGroupArn" - ], - "type": "object" - }, - "AWS::ECS::CapacityProvider.ManagedScaling": { - "additionalProperties": false, - "properties": { - "InstanceWarmupPeriod": { - "markdownDescription": "The period of time, in seconds, after a newly launched Amazon EC2 instance can contribute to CloudWatch metrics for Auto Scaling group. If this parameter is omitted, the default value of `300` seconds is used.", - "title": "InstanceWarmupPeriod", - "type": "number" - }, - "MaximumScalingStepSize": { - "markdownDescription": "The maximum number of Amazon EC2 instances that Amazon ECS will scale out at one time. If this parameter is omitted, the default value of `10000` is used.", - "title": "MaximumScalingStepSize", - "type": "number" - }, - "MinimumScalingStepSize": { - "markdownDescription": "The minimum number of Amazon EC2 instances that Amazon ECS will scale out at one time. The scale in process is not affected by this parameter If this parameter is omitted, the default value of `1` is used.\n\nWhen additional capacity is required, Amazon ECS will scale up the minimum scaling step size even if the actual demand is less than the minimum scaling step size.\n\nIf you use a capacity provider with an Auto Scaling group configured with more than one Amazon EC2 instance type or Availability Zone, Amazon ECS will scale up by the exact minimum scaling step size value and will ignore both the maximum scaling step size as well as the capacity demand.", - "title": "MinimumScalingStepSize", - "type": "number" - }, - "Status": { - "markdownDescription": "Determines whether to use managed scaling for the capacity provider.", - "title": "Status", - "type": "string" - }, - "TargetCapacity": { - "markdownDescription": "The target capacity utilization as a percentage for the capacity provider. The specified value must be greater than `0` and less than or equal to `100` . For example, if you want the capacity provider to maintain 10% spare capacity, then that means the utilization is 90%, so use a `targetCapacity` of `90` . The default value of `100` percent results in the Amazon EC2 instances in your Auto Scaling group being completely used.", - "title": "TargetCapacity", - "type": "number" - } - }, - "type": "object" - }, - "AWS::ECS::Cluster": { + "AWS::EC2::CustomerGateway": { "additionalProperties": false, "properties": { "Condition": { @@ -83062,59 +88865,54 @@ "Properties": { "additionalProperties": false, "properties": { - "CapacityProviders": { - "items": { - "type": "string" - }, - "markdownDescription": "The short name of one or more capacity providers to associate with the cluster. A capacity provider must be associated with a cluster before it can be included as part of the default capacity provider strategy of the cluster or used in a capacity provider strategy when calling the [CreateService](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_CreateService.html) or [RunTask](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RunTask.html) actions.\n\nIf specifying a capacity provider that uses an Auto Scaling group, the capacity provider must be created but not associated with another cluster. New Auto Scaling group capacity providers can be created with the [CreateCapacityProvider](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_CreateCapacityProvider.html) API operation.\n\nTo use a AWS Fargate capacity provider, specify either the `FARGATE` or `FARGATE_SPOT` capacity providers. The AWS Fargate capacity providers are available to all accounts and only need to be associated with a cluster to be used.\n\nThe [PutCapacityProvider](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutCapacityProvider.html) API operation is used to update the list of available capacity providers for a cluster after the cluster is created.", - "title": "CapacityProviders", - "type": "array" - }, - "ClusterName": { - "markdownDescription": "A user-generated string that you use to identify your cluster. If you don't specify a name, AWS CloudFormation generates a unique physical ID for the name.", - "title": "ClusterName", - "type": "string" + "BgpAsn": { + "markdownDescription": "For customer gateway devices that support BGP, specify the device's ASN. You must specify either `BgpAsn` or `BgpAsnExtended` when creating the customer gateway. If the ASN is larger than `2,147,483,647` , you must use `BgpAsnExtended` .\n\nDefault: 65000\n\nValid values: `1` to `2,147,483,647`", + "title": "BgpAsn", + "type": "number" }, - "ClusterSettings": { - "items": { - "$ref": "#/definitions/AWS::ECS::Cluster.ClusterSettings" - }, - "markdownDescription": "The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights with enhanced observability or CloudWatch Container Insights for a cluster.\n\nContainer Insights with enhanced observability provides all the Container Insights metrics, plus additional task and container metrics. This version supports enhanced observability for Amazon ECS clusters using the Amazon EC2 and Fargate launch types. After you configure Container Insights with enhanced observability on Amazon ECS, Container Insights auto-collects detailed infrastructure telemetry from the cluster level down to the container level in your environment and displays these critical performance data in curated dashboards removing the heavy lifting in observability set-up.\n\nFor more information, see [Monitor Amazon ECS containers using Container Insights with enhanced observability](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cloudwatch-container-insights.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "ClusterSettings", - "type": "array" + "BgpAsnExtended": { + "markdownDescription": "For customer gateway devices that support BGP, specify the device's ASN. You must specify either `BgpAsn` or `BgpAsnExtended` when creating the customer gateway. If the ASN is larger than `2,147,483,647` , you must use `BgpAsnExtended` .\n\nValid values: `2,147,483,648` to `4,294,967,295`", + "title": "BgpAsnExtended", + "type": "number" }, - "Configuration": { - "$ref": "#/definitions/AWS::ECS::Cluster.ClusterConfiguration", - "markdownDescription": "The execute command and managed storage configuration for the cluster.", - "title": "Configuration" + "CertificateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the customer gateway certificate.", + "title": "CertificateArn", + "type": "string" }, - "DefaultCapacityProviderStrategy": { - "items": { - "$ref": "#/definitions/AWS::ECS::Cluster.CapacityProviderStrategyItem" - }, - "markdownDescription": "The default capacity provider strategy for the cluster. When services or tasks are run in the cluster with no launch type or capacity provider strategy specified, the default capacity provider strategy is used.", - "title": "DefaultCapacityProviderStrategy", - "type": "array" + "DeviceName": { + "markdownDescription": "The name of customer gateway device.", + "title": "DeviceName", + "type": "string" }, - "ServiceConnectDefaults": { - "$ref": "#/definitions/AWS::ECS::Cluster.ServiceConnectDefaults", - "markdownDescription": "Use this parameter to set a default Service Connect namespace. After you set a default Service Connect namespace, any new services with Service Connect turned on that are created in the cluster are added as client services in the namespace. This setting only applies to new services that set the `enabled` parameter to `true` in the `ServiceConnectConfiguration` . You can set the namespace of each service individually in the `ServiceConnectConfiguration` to override this default parameter.\n\nTasks that run in a namespace can use short names to connect to services in the namespace. Tasks can connect to services across all of the clusters in the namespace. Tasks connect through a managed proxy container that collects logs and metrics for increased visibility. Only the tasks that Amazon ECS services create are supported with Service Connect. For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "ServiceConnectDefaults" + "IpAddress": { + "markdownDescription": "The IP address for the customer gateway device's outside interface. The address must be static. If `OutsideIpAddressType` in your VPN connection options is set to `PrivateIpv4` , you can use an RFC6598 or RFC1918 private IPv4 address. If `OutsideIpAddressType` is set to `Ipv6` , you can use an IPv6 address.", + "title": "IpAddress", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The metadata that you apply to the cluster to help you categorize and organize them. Each tag consists of a key and an optional value. You define both.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8\n- Maximum value length - 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", + "markdownDescription": "One or more tags for the customer gateway.", "title": "Tags", "type": "array" + }, + "Type": { + "markdownDescription": "The type of VPN connection that this customer gateway supports ( `ipsec.1` ).", + "title": "Type", + "type": "string" } }, + "required": [ + "IpAddress", + "Type" + ], "type": "object" }, "Type": { "enum": [ - "AWS::ECS::Cluster" + "AWS::EC2::CustomerGateway" ], "type": "string" }, @@ -83128,122 +88926,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::ECS::Cluster.CapacityProviderStrategyItem": { - "additionalProperties": false, - "properties": { - "Base": { - "markdownDescription": "The *base* value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a *base* defined. If no value is specified, the default value of `0` is used.", - "title": "Base", - "type": "number" - }, - "CapacityProvider": { - "markdownDescription": "The short name of the capacity provider.", - "title": "CapacityProvider", - "type": "string" - }, - "Weight": { - "markdownDescription": "The *weight* value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The `weight` value is taken into consideration after the `base` value, if defined, is satisfied.\n\nIf no `weight` value is specified, the default value of `0` is used. When multiple capacity providers are specified within a capacity provider strategy, at least one of the capacity providers must have a weight value greater than zero and any capacity providers with a weight of `0` can't be used to place tasks. If you specify multiple capacity providers in a strategy that all have a weight of `0` , any `RunTask` or `CreateService` actions using the capacity provider strategy will fail.\n\nAn example scenario for using weights is defining a strategy that contains two capacity providers and both have a weight of `1` , then when the `base` is satisfied, the tasks will be split evenly across the two capacity providers. Using that same logic, if you specify a weight of `1` for *capacityProviderA* and a weight of `4` for *capacityProviderB* , then for every one task that's run using *capacityProviderA* , four tasks would use *capacityProviderB* .", - "title": "Weight", - "type": "number" - } - }, - "type": "object" - }, - "AWS::ECS::Cluster.ClusterConfiguration": { - "additionalProperties": false, - "properties": { - "ExecuteCommandConfiguration": { - "$ref": "#/definitions/AWS::ECS::Cluster.ExecuteCommandConfiguration", - "markdownDescription": "The details of the execute command configuration.", - "title": "ExecuteCommandConfiguration" - } - }, - "type": "object" - }, - "AWS::ECS::Cluster.ClusterSettings": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the cluster setting. The value is `containerInsights` .", - "title": "Name", - "type": "string" - }, - "Value": { - "markdownDescription": "The value to set for the cluster setting. The supported values are `enhanced` , `enabled` , and `disabled` .\n\nTo use Container Insights with enhanced observability, set the `containerInsights` account setting to `enhanced` .\n\nTo use Container Insights, set the `containerInsights` account setting to `enabled` .\n\nIf a cluster value is specified, it will override the `containerInsights` value set with [PutAccountSetting](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSetting.html) or [PutAccountSettingDefault](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSettingDefault.html) .", - "title": "Value", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ECS::Cluster.ExecuteCommandConfiguration": { - "additionalProperties": false, - "properties": { - "KmsKeyId": { - "markdownDescription": "Specify an AWS Key Management Service key ID to encrypt the data between the local client and the container.", - "title": "KmsKeyId", - "type": "string" - }, - "LogConfiguration": { - "$ref": "#/definitions/AWS::ECS::Cluster.ExecuteCommandLogConfiguration", - "markdownDescription": "The log configuration for the results of the execute command actions. The logs can be sent to CloudWatch Logs or an Amazon S3 bucket. When `logging=OVERRIDE` is specified, a `logConfiguration` must be provided.", - "title": "LogConfiguration" - }, - "Logging": { - "markdownDescription": "The log setting to use for redirecting logs for your execute command results. The following log settings are available.\n\n- `NONE` : The execute command session is not logged.\n- `DEFAULT` : The `awslogs` configuration in the task definition is used. If no logging parameter is specified, it defaults to this value. If no `awslogs` log driver is configured in the task definition, the output won't be logged.\n- `OVERRIDE` : Specify the logging details as a part of `logConfiguration` . If the `OVERRIDE` logging option is specified, the `logConfiguration` is required.", - "title": "Logging", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ECS::Cluster.ExecuteCommandLogConfiguration": { - "additionalProperties": false, - "properties": { - "CloudWatchEncryptionEnabled": { - "markdownDescription": "Determines whether to use encryption on the CloudWatch logs. If not specified, encryption will be off.", - "title": "CloudWatchEncryptionEnabled", - "type": "boolean" - }, - "CloudWatchLogGroupName": { - "markdownDescription": "The name of the CloudWatch log group to send logs to.\n\n> The CloudWatch log group must already be created.", - "title": "CloudWatchLogGroupName", - "type": "string" - }, - "S3BucketName": { - "markdownDescription": "The name of the S3 bucket to send logs to.\n\n> The S3 bucket must already be created.", - "title": "S3BucketName", - "type": "string" - }, - "S3EncryptionEnabled": { - "markdownDescription": "Determines whether to use encryption on the S3 logs. If not specified, encryption is not used.", - "title": "S3EncryptionEnabled", - "type": "boolean" - }, - "S3KeyPrefix": { - "markdownDescription": "An optional folder in the S3 bucket to place logs in.", - "title": "S3KeyPrefix", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ECS::Cluster.ServiceConnectDefaults": { - "additionalProperties": false, - "properties": { - "Namespace": { - "markdownDescription": "The namespace name or full Amazon Resource Name (ARN) of the AWS Cloud Map namespace that's used when you create a service and don't specify a Service Connect configuration. The namespace name can include up to 1024 characters. The name is case-sensitive. The name can't include greater than (>), less than (<), double quotation marks (\"), or slash (/).\n\nIf you enter an existing namespace name or ARN, then that namespace will be used. Any namespace type is supported. The namespace must be in this account and this AWS Region.\n\nIf you enter a new name, a AWS Cloud Map namespace will be created. Amazon ECS creates a AWS Cloud Map namespace with the \"API calls\" method of instance discovery only. This instance discovery method is the \"HTTP\" namespace type in the AWS Command Line Interface . Other types of instance discovery aren't used by Service Connect.\n\nIf you update the cluster with an empty string `\"\"` for the namespace name, the cluster configuration for Service Connect is removed. Note that the namespace will remain in AWS Cloud Map and must be deleted separately.\n\nFor more information about AWS Cloud Map , see [Working with Services](https://docs.aws.amazon.com/cloud-map/latest/dg/working-with-services.html) in the *AWS Cloud Map Developer Guide* .", - "title": "Namespace", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ECS::ClusterCapacityProviderAssociations": { + "AWS::EC2::DHCPOptions": { "additionalProperties": false, "properties": { "Condition": { @@ -83278,141 +88966,59 @@ "Properties": { "additionalProperties": false, "properties": { - "CapacityProviders": { + "DomainName": { + "markdownDescription": "This value is used to complete unqualified DNS hostnames. If you're using AmazonProvidedDNS in `us-east-1` , specify `ec2.internal` . If you're using AmazonProvidedDNS in another Region, specify *region* . `compute.internal` (for example, `ap-northeast-1.compute.internal` ). Otherwise, specify a domain name (for example, *MyCompany.com* ).", + "title": "DomainName", + "type": "string" + }, + "DomainNameServers": { "items": { "type": "string" }, - "markdownDescription": "The capacity providers to associate with the cluster.", - "title": "CapacityProviders", + "markdownDescription": "The IPv4 addresses of up to four domain name servers, or `AmazonProvidedDNS` . The default is `AmazonProvidedDNS` . To have your instance receive a custom DNS hostname as specified in `DomainName` , you must set this property to a custom DNS server.", + "title": "DomainNameServers", "type": "array" }, - "Cluster": { - "markdownDescription": "The cluster the capacity provider association is the target of.", - "title": "Cluster", - "type": "string" + "Ipv6AddressPreferredLeaseTime": { + "markdownDescription": "A value (in seconds, minutes, hours, or years) for how frequently a running instance with an IPv6 assigned to it goes through DHCPv6 lease renewal. Acceptable values are between 140 and 2147483647 seconds (approximately 68 years). If no value is entered, the default lease time is 140 seconds. If you use long-term addressing for EC2 instances, you can increase the lease time and avoid frequent lease renewal requests. Lease renewal typically occurs when half of the lease time has elapsed.", + "title": "Ipv6AddressPreferredLeaseTime", + "type": "number" }, - "DefaultCapacityProviderStrategy": { + "NetbiosNameServers": { "items": { - "$ref": "#/definitions/AWS::ECS::ClusterCapacityProviderAssociations.CapacityProviderStrategy" + "type": "string" }, - "markdownDescription": "The default capacity provider strategy to associate with the cluster.", - "title": "DefaultCapacityProviderStrategy", + "markdownDescription": "The IPv4 addresses of up to four NetBIOS name servers.", + "title": "NetbiosNameServers", "type": "array" - } - }, - "required": [ - "CapacityProviders", - "Cluster", - "DefaultCapacityProviderStrategy" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::ECS::ClusterCapacityProviderAssociations" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::ECS::ClusterCapacityProviderAssociations.CapacityProviderStrategy": { - "additionalProperties": false, - "properties": { - "Base": { - "markdownDescription": "The *base* value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a *base* defined. If no value is specified, the default value of `0` is used.", - "title": "Base", - "type": "number" - }, - "CapacityProvider": { - "markdownDescription": "The short name of the capacity provider.", - "title": "CapacityProvider", - "type": "string" - }, - "Weight": { - "markdownDescription": "The *weight* value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The `weight` value is taken into consideration after the `base` value, if defined, is satisfied.\n\nIf no `weight` value is specified, the default value of `0` is used. When multiple capacity providers are specified within a capacity provider strategy, at least one of the capacity providers must have a weight value greater than zero and any capacity providers with a weight of `0` can't be used to place tasks. If you specify multiple capacity providers in a strategy that all have a weight of `0` , any `RunTask` or `CreateService` actions using the capacity provider strategy will fail.\n\nAn example scenario for using weights is defining a strategy that contains two capacity providers and both have a weight of `1` , then when the `base` is satisfied, the tasks will be split evenly across the two capacity providers. Using that same logic, if you specify a weight of `1` for *capacityProviderA* and a weight of `4` for *capacityProviderB* , then for every one task that's run using *capacityProviderA* , four tasks would use *capacityProviderB* .", - "title": "Weight", - "type": "number" - } - }, - "required": [ - "CapacityProvider" - ], - "type": "object" - }, - "AWS::ECS::PrimaryTaskSet": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" }, - { + "NetbiosNodeType": { + "markdownDescription": "The NetBIOS node type (1, 2, 4, or 8). We recommend that you specify 2 (broadcast and multicast are not currently supported).", + "title": "NetbiosNodeType", + "type": "number" + }, + "NtpServers": { "items": { - "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, + "markdownDescription": "The IPv4 addresses of up to four Network Time Protocol (NTP) servers.", + "title": "NtpServers", "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Cluster": { - "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the cluster that hosts the service that the task set exists in.", - "title": "Cluster", - "type": "string" - }, - "Service": { - "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the service that the task set exists in.", - "title": "Service", - "type": "string" }, - "TaskSetId": { - "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the task set to set as the primary task set in the deployment.", - "title": "TaskSetId", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Any tags assigned to the DHCP options set.", + "title": "Tags", + "type": "array" } }, - "required": [ - "Cluster", - "Service", - "TaskSetId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::ECS::PrimaryTaskSet" + "AWS::EC2::DHCPOptions" ], "type": "string" }, @@ -83426,12 +89032,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::ECS::Service": { + "AWS::EC2::EC2Fleet": { "additionalProperties": false, "properties": { "Condition": { @@ -83466,148 +89071,82 @@ "Properties": { "additionalProperties": false, "properties": { - "CapacityProviderStrategy": { - "items": { - "$ref": "#/definitions/AWS::ECS::Service.CapacityProviderStrategyItem" - }, - "markdownDescription": "The capacity provider strategy to use for the service.\n\nIf a `capacityProviderStrategy` is specified, the `launchType` parameter must be omitted. If no `capacityProviderStrategy` or `launchType` is specified, the `defaultCapacityProviderStrategy` for the cluster is used.\n\nA capacity provider strategy can contain a maximum of 20 capacity providers.\n\n> To remove this property from your service resource, specify an empty `CapacityProviderStrategyItem` array.", - "title": "CapacityProviderStrategy", - "type": "array" - }, - "Cluster": { - "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the cluster that you run your service on. If you do not specify a cluster, the default cluster is assumed.", - "title": "Cluster", + "Context": { + "markdownDescription": "Reserved.", + "title": "Context", "type": "string" }, - "DeploymentConfiguration": { - "$ref": "#/definitions/AWS::ECS::Service.DeploymentConfiguration", - "markdownDescription": "Optional deployment parameters that control how many tasks run during the deployment and the ordering of stopping and starting tasks.", - "title": "DeploymentConfiguration" - }, - "DeploymentController": { - "$ref": "#/definitions/AWS::ECS::Service.DeploymentController", - "markdownDescription": "The deployment controller to use for the service. If no deployment controller is specified, the default value of `ECS` is used.", - "title": "DeploymentController" - }, - "DesiredCount": { - "markdownDescription": "The number of instantiations of the specified task definition to place and keep running in your service.\n\nFor new services, if a desired count is not specified, a default value of `1` is used. When using the `DAEMON` scheduling strategy, the desired count is not required.\n\nFor existing services, if a desired count is not specified, it is omitted from the operation.", - "title": "DesiredCount", - "type": "number" - }, - "EnableECSManagedTags": { - "markdownDescription": "Specifies whether to turn on Amazon ECS managed tags for the tasks within the service. For more information, see [Tagging your Amazon ECS resources](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-using-tags.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nWhen you use Amazon ECS managed tags, you need to set the `propagateTags` request parameter.", - "title": "EnableECSManagedTags", - "type": "boolean" - }, - "EnableExecuteCommand": { - "markdownDescription": "Determines whether the execute command functionality is turned on for the service. If `true` , the execute command functionality is turned on for all containers in tasks as part of the service.", - "title": "EnableExecuteCommand", - "type": "boolean" - }, - "HealthCheckGracePeriodSeconds": { - "markdownDescription": "The period of time, in seconds, that the Amazon ECS service scheduler ignores unhealthy Elastic Load Balancing, VPC Lattice, and container health checks after a task has first started. If you don't specify a health check grace period value, the default value of `0` is used. If you don't use any of the health checks, then `healthCheckGracePeriodSeconds` is unused.\n\nIf your service's tasks take a while to start and respond to health checks, you can specify a health check grace period of up to 2,147,483,647 seconds (about 69 years). During that time, the Amazon ECS service scheduler ignores health check status. This grace period can prevent the service scheduler from marking tasks as unhealthy and stopping them before they have time to come up.", - "title": "HealthCheckGracePeriodSeconds", - "type": "number" - }, - "LaunchType": { - "markdownDescription": "The launch type on which to run your service. For more information, see [Amazon ECS Launch Types](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/launch_types.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "LaunchType", + "ExcessCapacityTerminationPolicy": { + "markdownDescription": "Indicates whether running instances should be terminated if the total target capacity of the EC2 Fleet is decreased below the current size of the EC2 Fleet.\n\nSupported only for fleets of type `maintain` .", + "title": "ExcessCapacityTerminationPolicy", "type": "string" }, - "LoadBalancers": { + "LaunchTemplateConfigs": { "items": { - "$ref": "#/definitions/AWS::ECS::Service.LoadBalancer" + "$ref": "#/definitions/AWS::EC2::EC2Fleet.FleetLaunchTemplateConfigRequest" }, - "markdownDescription": "A list of load balancer objects to associate with the service. If you specify the `Role` property, `LoadBalancers` must be specified as well. For information about the number of load balancers that you can specify per service, see [Service Load Balancing](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-load-balancing.html) in the *Amazon Elastic Container Service Developer Guide* .\n\n> To remove this property from your service resource, specify an empty `LoadBalancer` array.", - "title": "LoadBalancers", + "markdownDescription": "The configuration for the EC2 Fleet.", + "title": "LaunchTemplateConfigs", "type": "array" }, - "NetworkConfiguration": { - "$ref": "#/definitions/AWS::ECS::Service.NetworkConfiguration", - "markdownDescription": "The network configuration for the service. This parameter is required for task definitions that use the `awsvpc` network mode to receive their own elastic network interface, and it is not supported for other network modes. For more information, see [Task Networking](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-networking.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "NetworkConfiguration" + "OnDemandOptions": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.OnDemandOptionsRequest", + "markdownDescription": "Describes the configuration of On-Demand Instances in an EC2 Fleet.", + "title": "OnDemandOptions" }, - "PlacementConstraints": { - "items": { - "$ref": "#/definitions/AWS::ECS::Service.PlacementConstraint" - }, - "markdownDescription": "An array of placement constraint objects to use for tasks in your service. You can specify a maximum of 10 constraints for each task. This limit includes constraints in the task definition and those specified at runtime.\n\n> To remove this property from your service resource, specify an empty `PlacementConstraint` array.", - "title": "PlacementConstraints", - "type": "array" + "ReplaceUnhealthyInstances": { + "markdownDescription": "Indicates whether EC2 Fleet should replace unhealthy Spot Instances. Supported only for fleets of type `maintain` . For more information, see [EC2 Fleet health checks](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/manage-ec2-fleet.html#ec2-fleet-health-checks) in the *Amazon EC2 User Guide* .", + "title": "ReplaceUnhealthyInstances", + "type": "boolean" }, - "PlacementStrategies": { + "SpotOptions": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.SpotOptionsRequest", + "markdownDescription": "Describes the configuration of Spot Instances in an EC2 Fleet.", + "title": "SpotOptions" + }, + "TagSpecifications": { "items": { - "$ref": "#/definitions/AWS::ECS::Service.PlacementStrategy" + "$ref": "#/definitions/AWS::EC2::EC2Fleet.TagSpecification" }, - "markdownDescription": "The placement strategy objects to use for tasks in your service. You can specify a maximum of 5 strategy rules for each service.\n\n> To remove this property from your service resource, specify an empty `PlacementStrategy` array.", - "title": "PlacementStrategies", + "markdownDescription": "The key-value pair for tagging the EC2 Fleet request on creation. For more information, see [Tag your resources](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#tag-resources) .\n\nIf the fleet type is `instant` , specify a resource type of `fleet` to tag the fleet or `instance` to tag the instances at launch.\n\nIf the fleet type is `maintain` or `request` , specify a resource type of `fleet` to tag the fleet. You cannot specify a resource type of `instance` . To tag instances at launch, specify the tags in a [launch template](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html#create-launch-template) .", + "title": "TagSpecifications", "type": "array" }, - "PlatformVersion": { - "markdownDescription": "The platform version that your tasks in the service are running on. A platform version is specified only for tasks using the Fargate launch type. If one isn't specified, the `LATEST` platform version is used. For more information, see [AWS Fargate platform versions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "PlatformVersion", - "type": "string" - }, - "PropagateTags": { - "markdownDescription": "Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags aren't propagated. Tags can only be propagated to the task during task creation. To add tags to a task after task creation, use the [TagResource](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_TagResource.html) API action.\n\nYou must set this to a value other than `NONE` when you use Cost Explorer. For more information, see [Amazon ECS usage reports](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/usage-reports.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nThe default is `NONE` .", - "title": "PropagateTags", - "type": "string" + "TargetCapacitySpecification": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.TargetCapacitySpecificationRequest", + "markdownDescription": "The number of units to request.", + "title": "TargetCapacitySpecification" }, - "Role": { - "markdownDescription": "The name or full Amazon Resource Name (ARN) of the IAM role that allows Amazon ECS to make calls to your load balancer on your behalf. This parameter is only permitted if you are using a load balancer with your service and your task definition doesn't use the `awsvpc` network mode. If you specify the `role` parameter, you must also specify a load balancer object with the `loadBalancers` parameter.\n\n> If your account has already created the Amazon ECS service-linked role, that role is used for your service unless you specify a role here. The service-linked role is required if your task definition uses the `awsvpc` network mode or if the service is configured to use service discovery, an external deployment controller, multiple target groups, or Elastic Inference accelerators in which case you don't specify a role here. For more information, see [Using service-linked roles for Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using-service-linked-roles.html) in the *Amazon Elastic Container Service Developer Guide* . \n\nIf your specified role has a path other than `/` , then you must either specify the full role ARN (this is recommended) or prefix the role name with the path. For example, if a role with the name `bar` has a path of `/foo/` then you would specify `/foo/bar` as the role name. For more information, see [Friendly names and paths](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-friendly-names) in the *IAM User Guide* .", - "title": "Role", - "type": "string" + "TerminateInstancesWithExpiration": { + "markdownDescription": "Indicates whether running instances should be terminated when the EC2 Fleet expires.", + "title": "TerminateInstancesWithExpiration", + "type": "boolean" }, - "SchedulingStrategy": { - "markdownDescription": "The scheduling strategy to use for the service. For more information, see [Services](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs_services.html) .\n\nThere are two service scheduler strategies available:\n\n- `REPLICA` -The replica scheduling strategy places and maintains the desired number of tasks across your cluster. By default, the service scheduler spreads tasks across Availability Zones. You can use task placement strategies and constraints to customize task placement decisions. This scheduler strategy is required if the service uses the `CODE_DEPLOY` or `EXTERNAL` deployment controller types.\n- `DAEMON` -The daemon scheduling strategy deploys exactly one task on each active container instance that meets all of the task placement constraints that you specify in your cluster. The service scheduler also evaluates the task placement constraints for running tasks and will stop tasks that don't meet the placement constraints. When you're using this strategy, you don't need to specify a desired number of tasks, a task placement strategy, or use Service Auto Scaling policies.\n\n> Tasks using the Fargate launch type or the `CODE_DEPLOY` or `EXTERNAL` deployment controller types don't support the `DAEMON` scheduling strategy.", - "title": "SchedulingStrategy", + "Type": { + "markdownDescription": "The fleet type. The default value is `maintain` .\n\n- `maintain` - The EC2 Fleet places an asynchronous request for your desired capacity, and continues to maintain your desired Spot capacity by replenishing interrupted Spot Instances.\n- `request` - The EC2 Fleet places an asynchronous one-time request for your desired capacity, but does submit Spot requests in alternative capacity pools if Spot capacity is unavailable, and does not maintain Spot capacity if Spot Instances are interrupted.\n- `instant` - The EC2 Fleet places a synchronous one-time request for your desired capacity, and returns errors for any instances that could not be launched.\n\nFor more information, see [EC2 Fleet request types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-request-type.html) in the *Amazon EC2 User Guide* .", + "title": "Type", "type": "string" }, - "ServiceConnectConfiguration": { - "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectConfiguration", - "markdownDescription": "The configuration for this service to discover and connect to services, and be discovered by, and connected from, other services within a namespace.\n\nTasks that run in a namespace can use short names to connect to services in the namespace. Tasks can connect to services across all of the clusters in the namespace. Tasks connect through a managed proxy container that collects logs and metrics for increased visibility. Only the tasks that Amazon ECS services create are supported with Service Connect. For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "ServiceConnectConfiguration" - }, - "ServiceName": { - "markdownDescription": "The name of your service. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed. Service names must be unique within a cluster, but you can have similarly named services in multiple clusters within a Region or across multiple Regions.\n\n> The stack update fails if you change any properties that require replacement and the `ServiceName` is configured. This is because AWS CloudFormation creates the replacement service first, but each `ServiceName` must be unique in the cluster.", - "title": "ServiceName", + "ValidFrom": { + "markdownDescription": "The start date and time of the request, in UTC format (for example, *YYYY* - *MM* - *DD* T *HH* : *MM* : *SS* Z). The default is to start fulfilling the request immediately.", + "title": "ValidFrom", "type": "string" }, - "ServiceRegistries": { - "items": { - "$ref": "#/definitions/AWS::ECS::Service.ServiceRegistry" - }, - "markdownDescription": "The details of the service discovery registry to associate with this service. For more information, see [Service discovery](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-discovery.html) .\n\n> Each service may be associated with one service registry. Multiple service registries for each service isn't supported. > To remove this property from your service resource, specify an empty `ServiceRegistry` array.", - "title": "ServiceRegistries", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The metadata that you apply to the service to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define. When a service is deleted, the tags are deleted as well.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8\n- Maximum value length - 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", - "title": "Tags", - "type": "array" - }, - "TaskDefinition": { - "markdownDescription": "The `family` and `revision` ( `family:revision` ) or full ARN of the task definition to run in your service. If a `revision` isn't specified, the latest `ACTIVE` revision is used.\n\nA task definition must be specified if the service uses either the `ECS` or `CODE_DEPLOY` deployment controllers.\n\nFor more information about deployment types, see [Amazon ECS deployment types](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-types.html) .", - "title": "TaskDefinition", + "ValidUntil": { + "markdownDescription": "The end date and time of the request, in UTC format (for example, *YYYY* - *MM* - *DD* T *HH* : *MM* : *SS* Z). At this point, no new EC2 Fleet requests are placed or able to fulfill the request. If no value is specified, the request remains until you cancel it.", + "title": "ValidUntil", "type": "string" - }, - "VolumeConfigurations": { - "items": { - "$ref": "#/definitions/AWS::ECS::Service.ServiceVolumeConfiguration" - }, - "markdownDescription": "The configuration for a volume specified in the task definition as a volume that is configured at launch time. Currently, the only supported volume type is an Amazon EBS volume.\n\n> To remove this property from your service resource, specify an empty `ServiceVolumeConfiguration` array.", - "title": "VolumeConfigurations", - "type": "array" } }, + "required": [ + "LaunchTemplateConfigs", + "TargetCapacitySpecification" + ], "type": "object" }, "Type": { "enum": [ - "AWS::ECS::Service" + "AWS::EC2::EC2Fleet" ], "type": "string" }, @@ -83621,548 +89160,730 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::ECS::Service.AwsVpcConfiguration": { + "AWS::EC2::EC2Fleet.AcceleratorCountRequest": { "additionalProperties": false, "properties": { - "AssignPublicIp": { - "markdownDescription": "Whether the task's elastic network interface receives a public IP address.\n\nConsider the following when you set this value:\n\n- When you use `create-service` or `update-service` , the default is `DISABLED` .\n- When the service `deploymentController` is `ECS` , the value must be `DISABLED` .", - "title": "AssignPublicIp", - "type": "string" - }, - "SecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the security groups associated with the task or service. If you don't specify a security group, the default security group for the VPC is used. There's a limit of 5 security groups that can be specified.\n\n> All specified security groups must be from the same VPC.", - "title": "SecurityGroups", - "type": "array" + "Max": { + "markdownDescription": "The maximum number of accelerators. To specify no maximum limit, omit this parameter. To exclude accelerator-enabled instance types, set `Max` to `0` .", + "title": "Max", + "type": "number" }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the subnets associated with the task or service. There's a limit of 16 subnets that can be specified.\n\n> All specified subnets must be from the same VPC.", - "title": "Subnets", - "type": "array" + "Min": { + "markdownDescription": "The minimum number of accelerators. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" } }, "type": "object" }, - "AWS::ECS::Service.CapacityProviderStrategyItem": { + "AWS::EC2::EC2Fleet.AcceleratorTotalMemoryMiBRequest": { "additionalProperties": false, "properties": { - "Base": { - "markdownDescription": "The *base* value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a *base* defined. If no value is specified, the default value of `0` is used.", - "title": "Base", + "Max": { + "markdownDescription": "The maximum amount of accelerator memory, in MiB. To specify no maximum limit, omit this parameter.", + "title": "Max", "type": "number" }, - "CapacityProvider": { - "markdownDescription": "The short name of the capacity provider.", - "title": "CapacityProvider", - "type": "string" - }, - "Weight": { - "markdownDescription": "The *weight* value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The `weight` value is taken into consideration after the `base` value, if defined, is satisfied.\n\nIf no `weight` value is specified, the default value of `0` is used. When multiple capacity providers are specified within a capacity provider strategy, at least one of the capacity providers must have a weight value greater than zero and any capacity providers with a weight of `0` can't be used to place tasks. If you specify multiple capacity providers in a strategy that all have a weight of `0` , any `RunTask` or `CreateService` actions using the capacity provider strategy will fail.\n\nAn example scenario for using weights is defining a strategy that contains two capacity providers and both have a weight of `1` , then when the `base` is satisfied, the tasks will be split evenly across the two capacity providers. Using that same logic, if you specify a weight of `1` for *capacityProviderA* and a weight of `4` for *capacityProviderB* , then for every one task that's run using *capacityProviderA* , four tasks would use *capacityProviderB* .", - "title": "Weight", + "Min": { + "markdownDescription": "The minimum amount of accelerator memory, in MiB. To specify no minimum limit, omit this parameter.", + "title": "Min", "type": "number" } }, "type": "object" }, - "AWS::ECS::Service.DeploymentAlarms": { + "AWS::EC2::EC2Fleet.BaselineEbsBandwidthMbpsRequest": { "additionalProperties": false, "properties": { - "AlarmNames": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more CloudWatch alarm names. Use a \",\" to separate the alarms.", - "title": "AlarmNames", - "type": "array" - }, - "Enable": { - "markdownDescription": "Determines whether to use the CloudWatch alarm option in the service deployment process.", - "title": "Enable", - "type": "boolean" + "Max": { + "markdownDescription": "The maximum baseline bandwidth, in Mbps. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" }, - "Rollback": { - "markdownDescription": "Determines whether to configure Amazon ECS to roll back the service if a service deployment fails. If rollback is used, when a service deployment fails, the service is rolled back to the last deployment that completed successfully.", - "title": "Rollback", - "type": "boolean" + "Min": { + "markdownDescription": "The minimum baseline bandwidth, in Mbps. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" } }, - "required": [ - "AlarmNames", - "Enable", - "Rollback" - ], "type": "object" }, - "AWS::ECS::Service.DeploymentCircuitBreaker": { + "AWS::EC2::EC2Fleet.BaselinePerformanceFactorsRequest": { "additionalProperties": false, "properties": { - "Enable": { - "markdownDescription": "Determines whether to use the deployment circuit breaker logic for the service.", - "title": "Enable", - "type": "boolean" - }, - "Rollback": { - "markdownDescription": "Determines whether to configure Amazon ECS to roll back the service if a service deployment fails. If rollback is on, when a service deployment fails, the service is rolled back to the last deployment that completed successfully.", - "title": "Rollback", - "type": "boolean" + "Cpu": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.CpuPerformanceFactorRequest", + "markdownDescription": "The CPU performance to consider, using an instance family as the baseline reference.", + "title": "Cpu" } }, - "required": [ - "Enable", - "Rollback" - ], "type": "object" }, - "AWS::ECS::Service.DeploymentConfiguration": { + "AWS::EC2::EC2Fleet.BlockDeviceMapping": { "additionalProperties": false, "properties": { - "Alarms": { - "$ref": "#/definitions/AWS::ECS::Service.DeploymentAlarms", - "markdownDescription": "Information about the CloudWatch alarms.", - "title": "Alarms" + "DeviceName": { + "markdownDescription": "The device name (for example, `/dev/sdh` or `xvdh` ).", + "title": "DeviceName", + "type": "string" }, - "DeploymentCircuitBreaker": { - "$ref": "#/definitions/AWS::ECS::Service.DeploymentCircuitBreaker", - "markdownDescription": "> The deployment circuit breaker can only be used for services using the rolling update ( `ECS` ) deployment type. \n\nThe *deployment circuit breaker* determines whether a service deployment will fail if the service can't reach a steady state. If you use the deployment circuit breaker, a service deployment will transition to a failed state and stop launching new tasks. If you use the rollback option, when a service deployment fails, the service is rolled back to the last deployment that completed successfully. For more information, see [Rolling update](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-type-ecs.html) in the *Amazon Elastic Container Service Developer Guide*", - "title": "DeploymentCircuitBreaker" + "Ebs": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.EbsBlockDevice", + "markdownDescription": "Parameters used to automatically set up EBS volumes when the instance is launched.", + "title": "Ebs" }, - "MaximumPercent": { - "markdownDescription": "If a service is using the rolling update ( `ECS` ) deployment type, the `maximumPercent` parameter represents an upper limit on the number of your service's tasks that are allowed in the `RUNNING` or `PENDING` state during a deployment, as a percentage of the `desiredCount` (rounded down to the nearest integer). This parameter enables you to define the deployment batch size. For example, if your service is using the `REPLICA` service scheduler and has a `desiredCount` of four tasks and a `maximumPercent` value of 200%, the scheduler may start four new tasks before stopping the four older tasks (provided that the cluster resources required to do this are available). The default `maximumPercent` value for a service using the `REPLICA` service scheduler is 200%.\n\nThe Amazon ECS scheduler uses this parameter to replace unhealthy tasks by starting replacement tasks first and then stopping the unhealthy tasks, as long as cluster resources for starting replacement tasks are available. For more information about how the scheduler replaces unhealthy tasks, see [Amazon ECS services](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs_services.html) .\n\nIf a service is using either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types, and tasks in the service use the EC2 launch type, the *maximum percent* value is set to the default value. The *maximum percent* value is used to define the upper limit on the number of the tasks in the service that remain in the `RUNNING` state while the container instances are in the `DRAINING` state.\n\n> You can't specify a custom `maximumPercent` value for a service that uses either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types and has tasks that use the EC2 launch type. \n\nIf the service uses either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types, and the tasks in the service use the Fargate launch type, the maximum percent value is not used. The value is still returned when describing your service.", - "title": "MaximumPercent", - "type": "number" + "NoDevice": { + "markdownDescription": "To omit the device from the block device mapping, specify an empty string. When this property is specified, the device is removed from the block device mapping regardless of the assigned value.", + "title": "NoDevice", + "type": "string" }, - "MinimumHealthyPercent": { - "markdownDescription": "If a service is using the rolling update ( `ECS` ) deployment type, the `minimumHealthyPercent` represents a lower limit on the number of your service's tasks that must remain in the `RUNNING` state during a deployment, as a percentage of the `desiredCount` (rounded up to the nearest integer). This parameter enables you to deploy without using additional cluster capacity. For example, if your service has a `desiredCount` of four tasks and a `minimumHealthyPercent` of 50%, the service scheduler may stop two existing tasks to free up cluster capacity before starting two new tasks.\n\nIf any tasks are unhealthy and if `maximumPercent` doesn't allow the Amazon ECS scheduler to start replacement tasks, the scheduler stops the unhealthy tasks one-by-one \u2014 using the `minimumHealthyPercent` as a constraint \u2014 to clear up capacity to launch replacement tasks. For more information about how the scheduler replaces unhealthy tasks, see [Amazon ECS services](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs_services.html) .\n\nFor services that *do not* use a load balancer, the following should be noted:\n\n- A service is considered healthy if all essential containers within the tasks in the service pass their health checks.\n- If a task has no essential containers with a health check defined, the service scheduler will wait for 40 seconds after a task reaches a `RUNNING` state before the task is counted towards the minimum healthy percent total.\n- If a task has one or more essential containers with a health check defined, the service scheduler will wait for the task to reach a healthy status before counting it towards the minimum healthy percent total. A task is considered healthy when all essential containers within the task have passed their health checks. The amount of time the service scheduler can wait for is determined by the container health check settings.\n\nFor services that *do* use a load balancer, the following should be noted:\n\n- If a task has no essential containers with a health check defined, the service scheduler will wait for the load balancer target group health check to return a healthy status before counting the task towards the minimum healthy percent total.\n- If a task has an essential container with a health check defined, the service scheduler will wait for both the task to reach a healthy status and the load balancer target group health check to return a healthy status before counting the task towards the minimum healthy percent total.\n\nThe default value for a replica service for `minimumHealthyPercent` is 100%. The default `minimumHealthyPercent` value for a service using the `DAEMON` service schedule is 0% for the AWS CLI , the AWS SDKs, and the APIs and 50% for the AWS Management Console.\n\nThe minimum number of healthy tasks during a deployment is the `desiredCount` multiplied by the `minimumHealthyPercent` /100, rounded up to the nearest integer value.\n\nIf a service is using either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types and is running tasks that use the EC2 launch type, the *minimum healthy percent* value is set to the default value. The *minimum healthy percent* value is used to define the lower limit on the number of the tasks in the service that remain in the `RUNNING` state while the container instances are in the `DRAINING` state.\n\n> You can't specify a custom `minimumHealthyPercent` value for a service that uses either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types and has tasks that use the EC2 launch type. \n\nIf a service is using either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types and is running tasks that use the Fargate launch type, the minimum healthy percent value is not used, although it is returned when describing your service.", - "title": "MinimumHealthyPercent", - "type": "number" + "VirtualName": { + "markdownDescription": "The virtual device name ( `ephemeral` N). Instance store volumes are numbered starting from 0. An instance type with 2 available instance store volumes can specify mappings for `ephemeral0` and `ephemeral1` . The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume.\n\nNVMe instance store volumes are automatically enumerated and assigned a device name. Including them in your block device mapping has no effect.\n\nConstraints: For M3 instances, you must specify instance store volumes in the block device mapping for the instance. When you launch an M3 instance, we ignore any instance store volumes specified in the block device mapping for the AMI.", + "title": "VirtualName", + "type": "string" } }, "type": "object" }, - "AWS::ECS::Service.DeploymentController": { + "AWS::EC2::EC2Fleet.CapacityRebalance": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The deployment controller type to use. There are three deployment controller types available:\n\n- **ECS** - The rolling update ( `ECS` ) deployment type involves replacing the current running version of the container with the latest version. The number of containers Amazon ECS adds or removes from the service during a rolling update is controlled by adjusting the minimum and maximum number of healthy tasks allowed during a service deployment, as specified in the [DeploymentConfiguration](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DeploymentConfiguration.html) .\n- **CODE_DEPLOY** - The blue/green ( `CODE_DEPLOY` ) deployment type uses the blue/green deployment model powered by AWS CodeDeploy , which allows you to verify a new deployment of a service before sending production traffic to it.\n- **EXTERNAL** - The external ( `EXTERNAL` ) deployment type enables you to use any third-party deployment controller for full control over the deployment process for an Amazon ECS service.", - "title": "Type", + "ReplacementStrategy": { + "markdownDescription": "The replacement strategy to use. Only available for fleets of type `maintain` .\n\n`launch` - EC2 Fleet launches a replacement Spot Instance when a rebalance notification is emitted for an existing Spot Instance in the fleet. EC2 Fleet does not terminate the instances that receive a rebalance notification. You can terminate the old instances, or you can leave them running. You are charged for all instances while they are running.\n\n`launch-before-terminate` - EC2 Fleet launches a replacement Spot Instance when a rebalance notification is emitted for an existing Spot Instance in the fleet, and then, after a delay that you specify (in `TerminationDelay` ), terminates the instances that received a rebalance notification.", + "title": "ReplacementStrategy", "type": "string" + }, + "TerminationDelay": { + "markdownDescription": "The amount of time (in seconds) that Amazon EC2 waits before terminating the old Spot Instance after launching a new replacement Spot Instance.\n\nRequired when `ReplacementStrategy` is set to `launch-before-terminate` .\n\nNot valid when `ReplacementStrategy` is set to `launch` .\n\nValid values: Minimum value of `120` seconds. Maximum value of `7200` seconds.", + "title": "TerminationDelay", + "type": "number" } }, "type": "object" }, - "AWS::ECS::Service.EBSTagSpecification": { + "AWS::EC2::EC2Fleet.CapacityReservationOptionsRequest": { "additionalProperties": false, "properties": { - "PropagateTags": { - "markdownDescription": "Determines whether to propagate the tags from the task definition to the Amazon EBS volume. Tags can only propagate to a `SERVICE` specified in `ServiceVolumeConfiguration` . If no value is specified, the tags aren't propagated.", - "title": "PropagateTags", - "type": "string" - }, - "ResourceType": { - "markdownDescription": "The type of volume resource.", - "title": "ResourceType", + "UsageStrategy": { + "markdownDescription": "Indicates whether to use unused Capacity Reservations for fulfilling On-Demand capacity.\n\nIf you specify `use-capacity-reservations-first` , the fleet uses unused Capacity Reservations to fulfill On-Demand capacity up to the target On-Demand capacity. If multiple instance pools have unused Capacity Reservations, the On-Demand allocation strategy ( `lowest-price` or `prioritized` ) is applied. If the number of unused Capacity Reservations is less than the On-Demand target capacity, the remaining On-Demand target capacity is launched according to the On-Demand allocation strategy ( `lowest-price` or `prioritized` ).\n\nIf you do not specify a value, the fleet fulfils the On-Demand capacity according to the chosen On-Demand allocation strategy.", + "title": "UsageStrategy", "type": "string" - }, - "Tags": { + } + }, + "type": "object" + }, + "AWS::EC2::EC2Fleet.CpuPerformanceFactorRequest": { + "additionalProperties": false, + "properties": { + "References": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::EC2::EC2Fleet.PerformanceFactorReferenceRequest" }, - "markdownDescription": "The tags applied to this Amazon EBS volume. `AmazonECSCreated` and `AmazonECSManaged` are reserved tags that can't be used.", - "title": "Tags", + "markdownDescription": "Specify an instance family to use as the baseline reference for CPU performance. All instance types that match your specified attributes will be compared against the CPU performance of the referenced instance family, regardless of CPU manufacturer or architecture differences.\n\n> Currently, only one instance family can be specified in the list.", + "title": "References", "type": "array" } }, - "required": [ - "ResourceType" - ], "type": "object" }, - "AWS::ECS::Service.LoadBalancer": { + "AWS::EC2::EC2Fleet.EbsBlockDevice": { "additionalProperties": false, "properties": { - "ContainerName": { - "markdownDescription": "The name of the container (as it appears in a container definition) to associate with the load balancer.\n\nYou need to specify the container name when configuring the target group for an Amazon ECS load balancer.", - "title": "ContainerName", - "type": "string" + "DeleteOnTermination": { + "markdownDescription": "Indicates whether the EBS volume is deleted on instance termination. For more information, see [Preserving Amazon EBS volumes on instance termination](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#preserving-volumes-on-termination) in the *Amazon EC2 User Guide* .", + "title": "DeleteOnTermination", + "type": "boolean" }, - "ContainerPort": { - "markdownDescription": "The port on the container to associate with the load balancer. This port must correspond to a `containerPort` in the task definition the tasks in the service are using. For tasks that use the EC2 launch type, the container instance they're launched on must allow ingress traffic on the `hostPort` of the port mapping.", - "title": "ContainerPort", + "Encrypted": { + "markdownDescription": "Indicates whether the encryption state of an EBS volume is changed while being restored from a backing snapshot. The effect of setting the encryption state to `true` depends on the volume origin (new or from a snapshot), starting encryption state, ownership, and whether encryption by default is enabled. For more information, see [Amazon EBS encryption](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption.html#encryption-parameters) in the *Amazon EBS User Guide* .\n\nIn no case can you remove encryption from an encrypted volume.\n\nEncrypted volumes can only be attached to instances that support Amazon EBS encryption. For more information, see [Supported instance types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption-requirements.html#ebs-encryption_supported_instances) .\n\n- If you are creating a block device mapping for a *new (empty) volume* , you can include this parameter, and specify either `true` for an encrypted volume, or `false` for an unencrypted volume. If you omit this parameter, it defaults to `false` (unencrypted).\n- If you are creating a block device mapping from an *existing encrypted or unencrypted snapshot* , you must omit this parameter. If you include this parameter, the request will fail, regardless of the value that you specify.\n- If you are creating a block device mapping from an *existing unencrypted volume* , you can include this parameter, but you must specify `false` . If you specify `true` , the request will fail. In this case, we recommend that you omit the parameter.\n- If you are creating a block device mapping from an *existing encrypted volume* , you can include this parameter, and specify either `true` or `false` . However, if you specify `false` , the parameter is ignored and the block device mapping is always encrypted. In this case, we recommend that you omit the parameter.", + "title": "Encrypted", + "type": "boolean" + }, + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS). For `gp3` , `io1` , and `io2` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n\nThe following are the supported values for each volume type:\n\n- `gp3` : 3,000 - 16,000 IOPS\n- `io1` : 100 - 64,000 IOPS\n- `io2` : 100 - 256,000 IOPS\n\nFor `io2` volumes, you can achieve up to 256,000 IOPS on [instances built on the Nitro System](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances) . On other instances, you can achieve performance up to 32,000 IOPS.\n\nThis parameter is required for `io1` and `io2` volumes. The default for `gp3` volumes is 3,000 IOPS.", + "title": "Iops", "type": "number" }, - "LoadBalancerName": { - "markdownDescription": "The name of the load balancer to associate with the Amazon ECS service or task set.\n\nIf you are using an Application Load Balancer or a Network Load Balancer the load balancer name parameter should be omitted.", - "title": "LoadBalancerName", + "KmsKeyId": { + "markdownDescription": "Identifier (key ID, key alias, key ARN, or alias ARN) of the customer managed KMS key to use for EBS encryption.\n\nThis parameter is only supported on `BlockDeviceMapping` objects called by [RunInstances](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html) , [RequestSpotFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RequestSpotFleet.html) , and [RequestSpotInstances](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RequestSpotInstances.html) .", + "title": "KmsKeyId", "type": "string" }, - "TargetGroupArn": { - "markdownDescription": "The full Amazon Resource Name (ARN) of the Elastic Load Balancing target group or groups associated with a service or task set.\n\nA target group ARN is only specified when using an Application Load Balancer or Network Load Balancer.\n\nFor services using the `ECS` deployment controller, you can specify one or multiple target groups. For more information, see [Registering multiple target groups with a service](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/register-multiple-targetgroups.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nFor services using the `CODE_DEPLOY` deployment controller, you're required to define two target groups for the load balancer. For more information, see [Blue/green deployment with CodeDeploy](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-type-bluegreen.html) in the *Amazon Elastic Container Service Developer Guide* .\n\n> If your service's task definition uses the `awsvpc` network mode, you must choose `ip` as the target type, not `instance` . Do this when creating your target groups because tasks that use the `awsvpc` network mode are associated with an elastic network interface, not an Amazon EC2 instance. This network mode is required for the Fargate launch type.", - "title": "TargetGroupArn", + "SnapshotId": { + "markdownDescription": "The ID of the snapshot.", + "title": "SnapshotId", + "type": "string" + }, + "VolumeSize": { + "markdownDescription": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. If you specify a snapshot, the default is the snapshot size. You can specify a volume size that is equal to or larger than the snapshot size.\n\nThe following are the supported sizes for each volume type:\n\n- `gp2` and `gp3` : 1 - 16,384 GiB\n- `io1` : 4 - 16,384 GiB\n- `io2` : 4 - 65,536 GiB\n- `st1` and `sc1` : 125 - 16,384 GiB\n- `standard` : 1 - 1024 GiB", + "title": "VolumeSize", + "type": "number" + }, + "VolumeType": { + "markdownDescription": "The volume type. For more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volume-types.html) in the *Amazon EBS User Guide* .", + "title": "VolumeType", "type": "string" } }, "type": "object" }, - "AWS::ECS::Service.LogConfiguration": { + "AWS::EC2::EC2Fleet.FleetLaunchTemplateConfigRequest": { "additionalProperties": false, "properties": { - "LogDriver": { - "markdownDescription": "The log driver to use for the container.\n\nFor tasks on AWS Fargate , the supported log drivers are `awslogs` , `splunk` , and `awsfirelens` .\n\nFor tasks hosted on Amazon EC2 instances, the supported log drivers are `awslogs` , `fluentd` , `gelf` , `json-file` , `journald` , `syslog` , `splunk` , and `awsfirelens` .\n\nFor more information about using the `awslogs` log driver, see [Send Amazon ECS logs to CloudWatch](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_awslogs.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nFor more information about using the `awsfirelens` log driver, see [Send Amazon ECS logs to an AWS service or AWS Partner](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html) .\n\n> If you have a custom driver that isn't listed, you can fork the Amazon ECS container agent project that's [available on GitHub](https://docs.aws.amazon.com/https://github.com/aws/amazon-ecs-agent) and customize it to work with that driver. We encourage you to submit pull requests for changes that you would like to have included. However, we don't currently provide support for running modified copies of this software.", - "title": "LogDriver", - "type": "string" - }, - "Options": { - "additionalProperties": true, - "markdownDescription": "The configuration options to send to the log driver.\n\nThe options you can specify depend on the log driver. Some of the options you can specify when you use the `awslogs` log driver to route logs to Amazon CloudWatch include the following:\n\n- **awslogs-create-group** - Required: No\n\nSpecify whether you want the log group to be created automatically. If this option isn't specified, it defaults to `false` .\n\n> Your IAM policy must include the `logs:CreateLogGroup` permission before you attempt to use `awslogs-create-group` .\n- **awslogs-region** - Required: Yes\n\nSpecify the AWS Region that the `awslogs` log driver is to send your Docker logs to. You can choose to send all of your logs from clusters in different Regions to a single region in CloudWatch Logs. This is so that they're all visible in one location. Otherwise, you can separate them by Region for more granularity. Make sure that the specified log group exists in the Region that you specify with this option.\n- **awslogs-group** - Required: Yes\n\nMake sure to specify a log group that the `awslogs` log driver sends its log streams to.\n- **awslogs-stream-prefix** - Required: Yes, when using Fargate.Optional when using EC2.\n\nUse the `awslogs-stream-prefix` option to associate a log stream with the specified prefix, the container name, and the ID of the Amazon ECS task that the container belongs to. If you specify a prefix with this option, then the log stream takes the format `prefix-name/container-name/ecs-task-id` .\n\nIf you don't specify a prefix with this option, then the log stream is named after the container ID that's assigned by the Docker daemon on the container instance. Because it's difficult to trace logs back to the container that sent them with just the Docker container ID (which is only available on the container instance), we recommend that you specify a prefix with this option.\n\nFor Amazon ECS services, you can use the service name as the prefix. Doing so, you can trace log streams to the service that the container belongs to, the name of the container that sent them, and the ID of the task that the container belongs to.\n\nYou must specify a stream-prefix for your logs to have your logs appear in the Log pane when using the Amazon ECS console.\n- **awslogs-datetime-format** - Required: No\n\nThis option defines a multiline start pattern in Python `strftime` format. A log message consists of a line that matches the pattern and any following lines that don\u2019t match the pattern. The matched line is the delimiter between log messages.\n\nOne example of a use case for using this format is for parsing output such as a stack dump, which might otherwise be logged in multiple entries. The correct pattern allows it to be captured in a single entry.\n\nFor more information, see [awslogs-datetime-format](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/awslogs/#awslogs-datetime-format) .\n\nYou cannot configure both the `awslogs-datetime-format` and `awslogs-multiline-pattern` options.\n\n> Multiline logging performs regular expression parsing and matching of all log messages. This might have a negative impact on logging performance.\n- **awslogs-multiline-pattern** - Required: No\n\nThis option defines a multiline start pattern that uses a regular expression. A log message consists of a line that matches the pattern and any following lines that don\u2019t match the pattern. The matched line is the delimiter between log messages.\n\nFor more information, see [awslogs-multiline-pattern](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/awslogs/#awslogs-multiline-pattern) .\n\nThis option is ignored if `awslogs-datetime-format` is also configured.\n\nYou cannot configure both the `awslogs-datetime-format` and `awslogs-multiline-pattern` options.\n\n> Multiline logging performs regular expression parsing and matching of all log messages. This might have a negative impact on logging performance.\n\nThe following options apply to all supported log drivers.\n\n- **mode** - Required: No\n\nValid values: `non-blocking` | `blocking`\n\nThis option defines the delivery mode of log messages from the container to the log driver specified using `logDriver` . The delivery mode you choose affects application availability when the flow of logs from container is interrupted.\n\nIf you use the `blocking` mode and the flow of logs is interrupted, calls from container code to write to the `stdout` and `stderr` streams will block. The logging thread of the application will block as a result. This may cause the application to become unresponsive and lead to container healthcheck failure.\n\nIf you use the `non-blocking` mode, the container's logs are instead stored in an in-memory intermediate buffer configured with the `max-buffer-size` option. This prevents the application from becoming unresponsive when logs cannot be sent. We recommend using this mode if you want to ensure service availability and are okay with some log loss. For more information, see [Preventing log loss with non-blocking mode in the `awslogs` container log driver](https://docs.aws.amazon.com/containers/preventing-log-loss-with-non-blocking-mode-in-the-awslogs-container-log-driver/) .\n\nYou can set a default `mode` for all containers in a specific AWS Region by using the `defaultLogDriverMode` account setting. If you don't specify the `mode` option or configure the account setting, Amazon ECS will default to the `blocking` mode. For more information about the account setting, see [Default log driver mode](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-account-settings.html#default-log-driver-mode) in the *Amazon Elastic Container Service Developer Guide* .\n\n> On June 25, 2025, Amazon ECS is changing the default log driver mode from `blocking` to `non-blocking` to prioritize task availability over logging. To continue using the `blocking` mode after this change, do one of the following:\n> \n> - Set the `mode` option in your container definition's `logConfiguration` as `blocking` .\n> - Set the `defaultLogDriverMode` account setting to `blocking` .\n- **max-buffer-size** - Required: No\n\nDefault value: `1m`\n\nWhen `non-blocking` mode is used, the `max-buffer-size` log option controls the size of the buffer that's used for intermediate message storage. Make sure to specify an adequate buffer size based on your application. When the buffer fills up, further logs cannot be stored. Logs that cannot be stored are lost.\n\nTo route logs using the `splunk` log router, you need to specify a `splunk-token` and a `splunk-url` .\n\nWhen you use the `awsfirelens` log router to route logs to an AWS Service or AWS Partner Network destination for log storage and analytics, you can set the `log-driver-buffer-limit` option to limit the number of events that are buffered in memory, before being sent to the log router container. It can help to resolve potential log loss issue because high throughput might result in memory running out for the buffer inside of Docker.\n\nOther options you can specify when using `awsfirelens` to route logs depend on the destination. When you export logs to Amazon Data Firehose, you can specify the AWS Region with `region` and a name for the log stream with `delivery_stream` .\n\nWhen you export logs to Amazon Kinesis Data Streams, you can specify an AWS Region with `region` and a data stream name with `stream` .\n\nWhen you export logs to Amazon OpenSearch Service, you can specify options like `Name` , `Host` (OpenSearch Service endpoint without protocol), `Port` , `Index` , `Type` , `Aws_auth` , `Aws_region` , `Suppress_Type_Name` , and `tls` . For more information, see [Under the hood: FireLens for Amazon ECS Tasks](https://docs.aws.amazon.com/containers/under-the-hood-firelens-for-amazon-ecs-tasks/) .\n\nWhen you export logs to Amazon S3, you can specify the bucket using the `bucket` option. You can also specify `region` , `total_file_size` , `upload_timeout` , and `use_put_object` as options.\n\nThis parameter requires version 1.19 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Options", - "type": "object" + "LaunchTemplateSpecification": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.FleetLaunchTemplateSpecificationRequest", + "markdownDescription": "The launch template to use. You must specify either the launch template ID or launch template name in the request.", + "title": "LaunchTemplateSpecification" }, - "SecretOptions": { + "Overrides": { "items": { - "$ref": "#/definitions/AWS::ECS::Service.Secret" + "$ref": "#/definitions/AWS::EC2::EC2Fleet.FleetLaunchTemplateOverridesRequest" }, - "markdownDescription": "The secrets to pass to the log configuration. For more information, see [Specifying sensitive data](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "SecretOptions", + "markdownDescription": "Any parameters that you specify override the same parameters in the launch template.\n\nFor fleets of type `request` and `maintain` , a maximum of 300 items is allowed across all launch templates.", + "title": "Overrides", "type": "array" } }, "type": "object" }, - "AWS::ECS::Service.NetworkConfiguration": { + "AWS::EC2::EC2Fleet.FleetLaunchTemplateOverridesRequest": { "additionalProperties": false, "properties": { - "AwsvpcConfiguration": { - "$ref": "#/definitions/AWS::ECS::Service.AwsVpcConfiguration", - "markdownDescription": "The VPC subnets and security groups that are associated with a task.\n\n> All specified subnets and security groups must be from the same VPC.", - "title": "AwsvpcConfiguration" - } - }, - "type": "object" - }, - "AWS::ECS::Service.PlacementConstraint": { - "additionalProperties": false, - "properties": { - "Expression": { - "markdownDescription": "A cluster query language expression to apply to the constraint. The expression can have a maximum length of 2000 characters. You can't specify an expression if the constraint type is `distinctInstance` . For more information, see [Cluster query language](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "Expression", + "AvailabilityZone": { + "markdownDescription": "The Availability Zone in which to launch the instances.", + "title": "AvailabilityZone", "type": "string" }, - "Type": { - "markdownDescription": "The type of constraint. Use `distinctInstance` to ensure that each task in a particular group is running on a different container instance. Use `memberOf` to restrict the selection to a group of valid candidates.", - "title": "Type", + "BlockDeviceMappings": { + "items": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.BlockDeviceMapping" + }, + "markdownDescription": "The block device mappings, which define the EBS volumes and instance store volumes to attach to the instance at launch.\n\nSupported only for fleets of type `instant` .\n\nFor more information, see [Block device mappings for volumes on Amazon EC2 instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/block-device-mapping-concepts.html) in the *Amazon EC2 User Guide* .", + "title": "BlockDeviceMappings", + "type": "array" + }, + "InstanceRequirements": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.InstanceRequirementsRequest", + "markdownDescription": "The attributes for the instance types. When you specify instance attributes, Amazon EC2 will identify instance types with those attributes.\n\n> If you specify `InstanceRequirements` , you can't specify `InstanceType` .", + "title": "InstanceRequirements" + }, + "InstanceType": { + "markdownDescription": "The instance type.\n\n`mac1.metal` is not supported as a launch template override.\n\n> If you specify `InstanceType` , you can't specify `InstanceRequirements` .", + "title": "InstanceType", + "type": "string" + }, + "MaxPrice": { + "markdownDescription": "The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.\n\n> If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.\n> \n> If you specify a maximum price, it must be more than USD $0.001. Specifying a value below USD $0.001 will result in an `InvalidParameterValue` error message.", + "title": "MaxPrice", + "type": "string" + }, + "Placement": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.Placement", + "markdownDescription": "The location where the instance launched, if applicable.", + "title": "Placement" + }, + "Priority": { + "markdownDescription": "The priority for the launch template override. The highest priority is launched first.\n\nIf the On-Demand `AllocationStrategy` is set to `prioritized` , EC2 Fleet uses priority to determine which launch template override to use first in fulfilling On-Demand capacity.\n\nIf the Spot `AllocationStrategy` is set to `capacity-optimized-prioritized` , EC2 Fleet uses priority on a best-effort basis to determine which launch template override to use in fulfilling Spot capacity, but optimizes for capacity first.\n\nValid values are whole numbers starting at `0` . The lower the number, the higher the priority. If no number is set, the launch template override has the lowest priority. You can set the same priority for different launch template overrides.", + "title": "Priority", + "type": "number" + }, + "SubnetId": { + "markdownDescription": "The IDs of the subnets in which to launch the instances. Separate multiple subnet IDs using commas (for example, `subnet-1234abcdeexample1, subnet-0987cdef6example2` ). A request of type `instant` can have only one subnet ID.", + "title": "SubnetId", "type": "string" + }, + "WeightedCapacity": { + "markdownDescription": "The number of units provided by the specified instance type. These are the same units that you chose to set the target capacity in terms of instances, or a performance characteristic such as vCPUs, memory, or I/O.\n\nIf the target capacity divided by this value is not a whole number, Amazon EC2 rounds the number of instances to the next whole number. If this value is not specified, the default is 1.\n\n> When specifying weights, the price used in the `lowest-price` and `price-capacity-optimized` allocation strategies is per *unit* hour (where the instance price is divided by the specified weight). However, if all the specified weights are above the requested `TargetCapacity` , resulting in only 1 instance being launched, the price used is per *instance* hour.", + "title": "WeightedCapacity", + "type": "number" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::ECS::Service.PlacementStrategy": { + "AWS::EC2::EC2Fleet.FleetLaunchTemplateSpecificationRequest": { "additionalProperties": false, "properties": { - "Field": { - "markdownDescription": "The field to apply the placement strategy against. For the `spread` placement strategy, valid values are `instanceId` (or `host` , which has the same effect), or any platform or custom attribute that's applied to a container instance, such as `attribute:ecs.availability-zone` . For the `binpack` placement strategy, valid values are `cpu` and `memory` . For the `random` placement strategy, this field is not used.", - "title": "Field", + "LaunchTemplateId": { + "markdownDescription": "The ID of the launch template.\n\nYou must specify the `LaunchTemplateId` or the `LaunchTemplateName` , but not both.", + "title": "LaunchTemplateId", "type": "string" }, - "Type": { - "markdownDescription": "The type of placement strategy. The `random` placement strategy randomly places tasks on available candidates. The `spread` placement strategy spreads placement across available candidates evenly based on the `field` parameter. The `binpack` strategy places tasks on available candidates that have the least available amount of the resource that's specified with the `field` parameter. For example, if you binpack on memory, a task is placed on the instance with the least amount of remaining memory but still enough to run the task.", - "title": "Type", + "LaunchTemplateName": { + "markdownDescription": "The name of the launch template.\n\nYou must specify the `LaunchTemplateName` or the `LaunchTemplateId` , but not both.", + "title": "LaunchTemplateName", + "type": "string" + }, + "Version": { + "markdownDescription": "The launch template version number, `$Latest` , or `$Default` . You must specify a value, otherwise the request fails.\n\nIf the value is `$Latest` , Amazon EC2 uses the latest version of the launch template.\n\nIf the value is `$Default` , Amazon EC2 uses the default version of the launch template.", + "title": "Version", "type": "string" } }, "required": [ - "Type" + "Version" ], "type": "object" }, - "AWS::ECS::Service.Secret": { + "AWS::EC2::EC2Fleet.InstanceRequirementsRequest": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the secret.", - "title": "Name", + "AcceleratorCount": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.AcceleratorCountRequest", + "markdownDescription": "The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferentia chips) on an instance.\n\nTo exclude accelerator-enabled instance types, set `Max` to `0` .\n\nDefault: No minimum or maximum limits", + "title": "AcceleratorCount" + }, + "AcceleratorManufacturers": { + "items": { + "type": "string" + }, + "markdownDescription": "Indicates whether instance types must have accelerators by specific manufacturers.\n\n- For instance types with AWS devices, specify `amazon-web-services` .\n- For instance types with AMD devices, specify `amd` .\n- For instance types with Habana devices, specify `habana` .\n- For instance types with NVIDIA devices, specify `nvidia` .\n- For instance types with Xilinx devices, specify `xilinx` .\n\nDefault: Any manufacturer", + "title": "AcceleratorManufacturers", + "type": "array" + }, + "AcceleratorNames": { + "items": { + "type": "string" + }, + "markdownDescription": "The accelerators that must be on the instance type.\n\n- For instance types with NVIDIA A10G GPUs, specify `a10g` .\n- For instance types with NVIDIA A100 GPUs, specify `a100` .\n- For instance types with NVIDIA H100 GPUs, specify `h100` .\n- For instance types with AWS Inferentia chips, specify `inferentia` .\n- For instance types with NVIDIA GRID K520 GPUs, specify `k520` .\n- For instance types with NVIDIA K80 GPUs, specify `k80` .\n- For instance types with NVIDIA M60 GPUs, specify `m60` .\n- For instance types with AMD Radeon Pro V520 GPUs, specify `radeon-pro-v520` .\n- For instance types with NVIDIA T4 GPUs, specify `t4` .\n- For instance types with NVIDIA T4G GPUs, specify `t4g` .\n- For instance types with Xilinx VU9P FPGAs, specify `vu9p` .\n- For instance types with NVIDIA V100 GPUs, specify `v100` .\n\nDefault: Any accelerator", + "title": "AcceleratorNames", + "type": "array" + }, + "AcceleratorTotalMemoryMiB": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.AcceleratorTotalMemoryMiBRequest", + "markdownDescription": "The minimum and maximum amount of total accelerator memory, in MiB.\n\nDefault: No minimum or maximum limits", + "title": "AcceleratorTotalMemoryMiB" + }, + "AcceleratorTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The accelerator types that must be on the instance type.\n\n- For instance types with FPGA accelerators, specify `fpga` .\n- For instance types with GPU accelerators, specify `gpu` .\n- For instance types with Inference accelerators, specify `inference` .\n\nDefault: Any accelerator type", + "title": "AcceleratorTypes", + "type": "array" + }, + "AllowedInstanceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The instance types to apply your specified attributes against. All other instance types are ignored, even if they match your specified attributes.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to allow an instance type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will allow the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will allow all the M5a instance types, but not the M5n instance types.\n\n> If you specify `AllowedInstanceTypes` , you can't specify `ExcludedInstanceTypes` . \n\nDefault: All instance types", + "title": "AllowedInstanceTypes", + "type": "array" + }, + "BareMetal": { + "markdownDescription": "Indicates whether bare metal instance types must be included, excluded, or required.\n\n- To include bare metal instance types, specify `included` .\n- To require only bare metal instance types, specify `required` .\n- To exclude bare metal instance types, specify `excluded` .\n\nDefault: `excluded`", + "title": "BareMetal", "type": "string" }, - "ValueFrom": { - "markdownDescription": "The secret to expose to the container. The supported values are either the full ARN of the AWS Secrets Manager secret or the full ARN of the parameter in the SSM Parameter Store.\n\nFor information about the require AWS Identity and Access Management permissions, see [Required IAM permissions for Amazon ECS secrets](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data-secrets.html#secrets-iam) (for Secrets Manager) or [Required IAM permissions for Amazon ECS secrets](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data-parameters.html) (for Systems Manager Parameter store) in the *Amazon Elastic Container Service Developer Guide* .\n\n> If the SSM Parameter Store parameter exists in the same Region as the task you're launching, then you can use either the full ARN or name of the parameter. If the parameter exists in a different Region, then the full ARN must be specified.", - "title": "ValueFrom", + "BaselineEbsBandwidthMbps": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.BaselineEbsBandwidthMbpsRequest", + "markdownDescription": "The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps. For more information, see [Amazon EBS\u2013optimized instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-optimized.html) in the *Amazon EC2 User Guide* .\n\nDefault: No minimum or maximum limits", + "title": "BaselineEbsBandwidthMbps" + }, + "BaselinePerformanceFactors": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.BaselinePerformanceFactorsRequest", + "markdownDescription": "The baseline performance to consider, using an instance family as a baseline reference. The instance family establishes the lowest acceptable level of performance. Amazon EC2 uses this baseline to guide instance type selection, but there is no guarantee that the selected instance types will always exceed the baseline for every application. Currently, this parameter only supports CPU performance as a baseline performance factor. For more information, see [Performance protection](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-attribute-based-instance-type-selection.html#ec2fleet-abis-performance-protection) in the *Amazon EC2 User Guide* .", + "title": "BaselinePerformanceFactors" + }, + "BurstablePerformance": { + "markdownDescription": "Indicates whether burstable performance T instance types are included, excluded, or required. For more information, see [Burstable performance instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) .\n\n- To include burstable performance instance types, specify `included` .\n- To require only burstable performance instance types, specify `required` .\n- To exclude burstable performance instance types, specify `excluded` .\n\nDefault: `excluded`", + "title": "BurstablePerformance", + "type": "string" + }, + "CpuManufacturers": { + "items": { + "type": "string" + }, + "markdownDescription": "The CPU manufacturers to include.\n\n- For instance types with Intel CPUs, specify `intel` .\n- For instance types with AMD CPUs, specify `amd` .\n- For instance types with AWS CPUs, specify `amazon-web-services` .\n- For instance types with Apple CPUs, specify `apple` .\n\n> Don't confuse the CPU manufacturer with the CPU architecture. Instances will be launched with a compatible CPU architecture based on the Amazon Machine Image (AMI) that you specify in your launch template. \n\nDefault: Any manufacturer", + "title": "CpuManufacturers", + "type": "array" + }, + "ExcludedInstanceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The instance types to exclude.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to exclude an instance family, type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will exclude the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will exclude all the M5a instance types, but not the M5n instance types.\n\n> If you specify `ExcludedInstanceTypes` , you can't specify `AllowedInstanceTypes` . \n\nDefault: No excluded instance types", + "title": "ExcludedInstanceTypes", + "type": "array" + }, + "InstanceGenerations": { + "items": { + "type": "string" + }, + "markdownDescription": "Indicates whether current or previous generation instance types are included. The current generation instance types are recommended for use. Current generation instance types are typically the latest two to three generations in each instance family. For more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .\n\nFor current generation instance types, specify `current` .\n\nFor previous generation instance types, specify `previous` .\n\nDefault: Current and previous generation instance types", + "title": "InstanceGenerations", + "type": "array" + }, + "LocalStorage": { + "markdownDescription": "Indicates whether instance types with instance store volumes are included, excluded, or required. For more information, [Amazon EC2 instance store](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html) in the *Amazon EC2 User Guide* .\n\n- To include instance types with instance store volumes, specify `included` .\n- To require only instance types with instance store volumes, specify `required` .\n- To exclude instance types with instance store volumes, specify `excluded` .\n\nDefault: `included`", + "title": "LocalStorage", "type": "string" + }, + "LocalStorageTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The type of local storage that is required.\n\n- For instance types with hard disk drive (HDD) storage, specify `hdd` .\n- For instance types with solid state drive (SSD) storage, specify `ssd` .\n\nDefault: `hdd` and `ssd`", + "title": "LocalStorageTypes", + "type": "array" + }, + "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice": { + "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage of an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is based on the per vCPU or per memory price instead of the per instance price.\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` .", + "title": "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice", + "type": "number" + }, + "MemoryGiBPerVCpu": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.MemoryGiBPerVCpuRequest", + "markdownDescription": "The minimum and maximum amount of memory per vCPU, in GiB.\n\nDefault: No minimum or maximum limits", + "title": "MemoryGiBPerVCpu" + }, + "MemoryMiB": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.MemoryMiBRequest", + "markdownDescription": "The minimum and maximum amount of memory, in MiB.", + "title": "MemoryMiB" + }, + "NetworkBandwidthGbps": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.NetworkBandwidthGbpsRequest", + "markdownDescription": "The minimum and maximum amount of baseline network bandwidth, in gigabits per second (Gbps). For more information, see [Amazon EC2 instance network bandwidth](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-network-bandwidth.html) in the *Amazon EC2 User Guide* .\n\nDefault: No minimum or maximum limits", + "title": "NetworkBandwidthGbps" + }, + "NetworkInterfaceCount": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.NetworkInterfaceCountRequest", + "markdownDescription": "The minimum and maximum number of network interfaces.\n\nDefault: No minimum or maximum limits", + "title": "NetworkInterfaceCount" + }, + "OnDemandMaxPricePercentageOverLowestPrice": { + "markdownDescription": "[Price protection] The price protection threshold for On-Demand Instances, as a percentage higher than an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nTo indicate no price protection threshold, specify a high value, such as `999999` .\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n> If you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price. \n\nDefault: `20`", + "title": "OnDemandMaxPricePercentageOverLowestPrice", + "type": "number" + }, + "RequireHibernateSupport": { + "markdownDescription": "Indicates whether instance types must support hibernation for On-Demand Instances.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) .\n\nDefault: `false`", + "title": "RequireHibernateSupport", + "type": "boolean" + }, + "SpotMaxPricePercentageOverLowestPrice": { + "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage higher than an identified Spot price. The identified Spot price is the Spot price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified Spot price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose Spot price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` . \n\nDefault: `100`", + "title": "SpotMaxPricePercentageOverLowestPrice", + "type": "number" + }, + "TotalLocalStorageGB": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.TotalLocalStorageGBRequest", + "markdownDescription": "The minimum and maximum amount of total local storage, in GB.\n\nDefault: No minimum or maximum limits", + "title": "TotalLocalStorageGB" + }, + "VCpuCount": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.VCpuCountRangeRequest", + "markdownDescription": "The minimum and maximum number of vCPUs.", + "title": "VCpuCount" } }, - "required": [ - "Name", - "ValueFrom" - ], "type": "object" }, - "AWS::ECS::Service.ServiceConnectClientAlias": { + "AWS::EC2::EC2Fleet.MaintenanceStrategies": { "additionalProperties": false, "properties": { - "DnsName": { - "markdownDescription": "The `dnsName` is the name that you use in the applications of client tasks to connect to this service. The name must be a valid DNS name but doesn't need to be fully-qualified. The name can include up to 127 characters. The name can include lowercase letters, numbers, underscores (_), hyphens (-), and periods (.). The name can't start with a hyphen.\n\nIf this parameter isn't specified, the default value of `discoveryName.namespace` is used. If the `discoveryName` isn't specified, the port mapping name from the task definition is used in `portName.namespace` .\n\nTo avoid changing your applications in client Amazon ECS services, set this to the same name that the client application uses by default. For example, a few common names are `database` , `db` , or the lowercase name of a database, such as `mysql` or `redis` . For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "DnsName", - "type": "string" + "CapacityRebalance": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.CapacityRebalance", + "markdownDescription": "The strategy to use when Amazon EC2 emits a signal that your Spot Instance is at an elevated risk of being interrupted.", + "title": "CapacityRebalance" + } + }, + "type": "object" + }, + "AWS::EC2::EC2Fleet.MemoryGiBPerVCpuRequest": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum amount of memory per vCPU, in GiB. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" }, - "Port": { - "markdownDescription": "The listening port number for the Service Connect proxy. This port is available inside of all of the tasks within the same namespace.\n\nTo avoid changing your applications in client Amazon ECS services, set this to the same port that the client application uses by default. For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "Port", + "Min": { + "markdownDescription": "The minimum amount of memory per vCPU, in GiB. To specify no minimum limit, omit this parameter.", + "title": "Min", "type": "number" } }, - "required": [ - "Port" - ], "type": "object" }, - "AWS::ECS::Service.ServiceConnectConfiguration": { + "AWS::EC2::EC2Fleet.MemoryMiBRequest": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Specifies whether to use Service Connect with this service.", - "title": "Enabled", - "type": "boolean" - }, - "LogConfiguration": { - "$ref": "#/definitions/AWS::ECS::Service.LogConfiguration", - "markdownDescription": "The log configuration for the container. This parameter maps to `LogConfig` in the docker container create command and the `--log-driver` option to docker run.\n\nBy default, containers use the same logging driver that the Docker daemon uses. However, the container might use a different logging driver than the Docker daemon by specifying a log driver configuration in the container definition.\n\nUnderstand the following when specifying a log configuration for your containers.\n\n- Amazon ECS currently supports a subset of the logging drivers available to the Docker daemon. Additional log drivers may be available in future releases of the Amazon ECS container agent.\n\nFor tasks on AWS Fargate , the supported log drivers are `awslogs` , `splunk` , and `awsfirelens` .\n\nFor tasks hosted on Amazon EC2 instances, the supported log drivers are `awslogs` , `fluentd` , `gelf` , `json-file` , `journald` , `syslog` , `splunk` , and `awsfirelens` .\n- This parameter requires version 1.18 of the Docker Remote API or greater on your container instance.\n- For tasks that are hosted on Amazon EC2 instances, the Amazon ECS container agent must register the available logging drivers with the `ECS_AVAILABLE_LOGGING_DRIVERS` environment variable before containers placed on that instance can use these log configuration options. For more information, see [Amazon ECS container agent configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the *Amazon Elastic Container Service Developer Guide* .\n- For tasks that are on AWS Fargate , because you don't have access to the underlying infrastructure your tasks are hosted on, any additional software needed must be installed outside of the task. For example, the Fluentd output aggregators or a remote host running Logstash to send Gelf logs to.", - "title": "LogConfiguration" + "Max": { + "markdownDescription": "The maximum amount of memory, in MiB. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" }, - "Namespace": { - "markdownDescription": "The namespace name or full Amazon Resource Name (ARN) of the AWS Cloud Map namespace for use with Service Connect. The namespace must be in the same AWS Region as the Amazon ECS service and cluster. The type of namespace doesn't affect Service Connect. For more information about AWS Cloud Map , see [Working with Services](https://docs.aws.amazon.com/cloud-map/latest/dg/working-with-services.html) in the *AWS Cloud Map Developer Guide* .", - "title": "Namespace", - "type": "string" + "Min": { + "markdownDescription": "The minimum amount of memory, in MiB. To specify no minimum limit, specify `0` .", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::EC2Fleet.NetworkBandwidthGbpsRequest": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum amount of network bandwidth, in Gbps. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" }, - "Services": { - "items": { - "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectService" - }, - "markdownDescription": "The list of Service Connect service objects. These are names and aliases (also known as endpoints) that are used by other Amazon ECS services to connect to this service.\n\nThis field is not required for a \"client\" Amazon ECS service that's a member of a namespace only to connect to other services within the namespace. An example of this would be a frontend application that accepts incoming requests from either a load balancer that's attached to the service or by other means.\n\nAn object selects a port from the task definition, assigns a name for the AWS Cloud Map service, and a list of aliases (endpoints) and ports for client applications to refer to this service.", - "title": "Services", - "type": "array" + "Min": { + "markdownDescription": "The minimum amount of network bandwidth, in Gbps. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" } }, - "required": [ - "Enabled" - ], "type": "object" }, - "AWS::ECS::Service.ServiceConnectService": { + "AWS::EC2::EC2Fleet.NetworkInterfaceCountRequest": { "additionalProperties": false, "properties": { - "ClientAliases": { - "items": { - "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectClientAlias" - }, - "markdownDescription": "The list of client aliases for this Service Connect service. You use these to assign names that can be used by client applications. The maximum number of client aliases that you can have in this list is 1.\n\nEach alias (\"endpoint\") is a fully-qualified name and port number that other Amazon ECS tasks (\"clients\") can use to connect to this service.\n\nEach name and port mapping must be unique within the namespace.\n\nFor each `ServiceConnectService` , you must provide at least one `clientAlias` with one `port` .", - "title": "ClientAliases", - "type": "array" + "Max": { + "markdownDescription": "The maximum number of network interfaces. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" }, - "DiscoveryName": { - "markdownDescription": "The `discoveryName` is the name of the new AWS Cloud Map service that Amazon ECS creates for this Amazon ECS service. This must be unique within the AWS Cloud Map namespace. The name can contain up to 64 characters. The name can include lowercase letters, numbers, underscores (_), and hyphens (-). The name can't start with a hyphen.\n\nIf the `discoveryName` isn't specified, the port mapping name from the task definition is used in `portName.namespace` .", - "title": "DiscoveryName", + "Min": { + "markdownDescription": "The minimum number of network interfaces. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::EC2Fleet.OnDemandOptionsRequest": { + "additionalProperties": false, + "properties": { + "AllocationStrategy": { + "markdownDescription": "The strategy that determines the order of the launch template overrides to use in fulfilling On-Demand capacity.\n\n`lowest-price` - EC2 Fleet uses price to determine the order, launching the lowest price first.\n\n`prioritized` - EC2 Fleet uses the priority that you assigned to each launch template override, launching the highest priority first.\n\nDefault: `lowest-price`", + "title": "AllocationStrategy", "type": "string" }, - "IngressPortOverride": { - "markdownDescription": "The port number for the Service Connect proxy to listen on.\n\nUse the value of this field to bypass the proxy for traffic on the port number specified in the named `portMapping` in the task definition of this application, and then use it in your VPC security groups to allow traffic into the proxy for this Amazon ECS service.\n\nIn `awsvpc` mode and Fargate, the default value is the container port number. The container port number is in the `portMapping` in the task definition. In bridge mode, the default value is the ephemeral port of the Service Connect proxy.", - "title": "IngressPortOverride", - "type": "number" + "CapacityReservationOptions": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.CapacityReservationOptionsRequest", + "markdownDescription": "The strategy for using unused Capacity Reservations for fulfilling On-Demand capacity.\n\nSupported only for fleets of type `instant` .", + "title": "CapacityReservationOptions" }, - "PortName": { - "markdownDescription": "The `portName` must match the name of one of the `portMappings` from all the containers in the task definition of this Amazon ECS service.", - "title": "PortName", + "MaxTotalPrice": { + "markdownDescription": "The maximum amount per hour for On-Demand Instances that you're willing to pay.\n\n> If your fleet includes T instances that are configured as `unlimited` , and if their average CPU usage exceeds the baseline utilization, you will incur a charge for surplus credits. The `MaxTotalPrice` does not account for surplus credits, and, if you use surplus credits, your final cost might be higher than what you specified for `MaxTotalPrice` . For more information, see [Surplus credits can incur charges](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) in the *Amazon EC2 User Guide* .", + "title": "MaxTotalPrice", "type": "string" }, - "Timeout": { - "$ref": "#/definitions/AWS::ECS::Service.TimeoutConfiguration", - "markdownDescription": "A reference to an object that represents the configured timeouts for Service Connect.", - "title": "Timeout" + "MinTargetCapacity": { + "markdownDescription": "The minimum target capacity for On-Demand Instances in the fleet. If this minimum capacity isn't reached, no instances are launched.\n\nConstraints: Maximum value of `1000` . Supported only for fleets of type `instant` .\n\nAt least one of the following must be specified: `SingleAvailabilityZone` | `SingleInstanceType`", + "title": "MinTargetCapacity", + "type": "number" }, - "Tls": { - "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectTlsConfiguration", - "markdownDescription": "A reference to an object that represents a Transport Layer Security (TLS) configuration.", - "title": "Tls" + "SingleAvailabilityZone": { + "markdownDescription": "Indicates that the fleet launches all On-Demand Instances into a single Availability Zone.\n\nSupported only for fleets of type `instant` .", + "title": "SingleAvailabilityZone", + "type": "boolean" + }, + "SingleInstanceType": { + "markdownDescription": "Indicates that the fleet uses a single instance type to launch all On-Demand Instances in the fleet.\n\nSupported only for fleets of type `instant` .", + "title": "SingleInstanceType", + "type": "boolean" } }, - "required": [ - "PortName" - ], "type": "object" }, - "AWS::ECS::Service.ServiceConnectTlsCertificateAuthority": { + "AWS::EC2::EC2Fleet.PerformanceFactorReferenceRequest": { "additionalProperties": false, "properties": { - "AwsPcaAuthorityArn": { - "markdownDescription": "The ARN of the AWS Private Certificate Authority certificate.", - "title": "AwsPcaAuthorityArn", + "InstanceFamily": { + "markdownDescription": "The instance family to use as a baseline reference.\n\n> Ensure that you specify the correct value for the instance family. The instance family is everything before the period ( `.` ) in the instance type name. For example, in the instance type `c6i.large` , the instance family is `c6i` , not `c6` . For more information, see [Amazon EC2 instance type naming conventions](https://docs.aws.amazon.com/ec2/latest/instancetypes/instance-type-names.html) in *Amazon EC2 Instance Types* . \n\nThe following instance families are *not supported* for performance protection:\n\n- `c1`\n- `g3` | `g3s`\n- `hpc7g`\n- `m1` | `m2`\n- `mac1` | `mac2` | `mac2-m1ultra` | `mac2-m2` | `mac2-m2pro`\n- `p3dn` | `p4d` | `p5`\n- `t1`\n- `u-12tb1` | `u-18tb1` | `u-24tb1` | `u-3tb1` | `u-6tb1` | `u-9tb1` | `u7i-12tb` | `u7in-16tb` | `u7in-24tb` | `u7in-32tb`\n\nIf you enable performance protection by specifying a supported instance family, the returned instance types will exclude the above unsupported instance families.\n\nIf you specify an unsupported instance family as a value for baseline performance, the API returns an empty response response for [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) and an exception for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet.html) , [RequestSpotFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RequestSpotFleet.html) , [ModifyFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyFleet.html) , and [ModifySpotFleetRequest](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifySpotFleetRequest.html) .", + "title": "InstanceFamily", "type": "string" } }, "type": "object" }, - "AWS::ECS::Service.ServiceConnectTlsConfiguration": { + "AWS::EC2::EC2Fleet.Placement": { "additionalProperties": false, "properties": { - "IssuerCertificateAuthority": { - "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectTlsCertificateAuthority", - "markdownDescription": "The signer certificate authority.", - "title": "IssuerCertificateAuthority" + "Affinity": { + "markdownDescription": "The affinity setting for the instance on the Dedicated Host.\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) or [ImportInstance](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportInstance.html) .", + "title": "Affinity", + "type": "string" }, - "KmsKey": { - "markdownDescription": "The AWS Key Management Service key.", - "title": "KmsKey", + "AvailabilityZone": { + "markdownDescription": "The Availability Zone of the instance.\n\nIf not specified, an Availability Zone will be automatically chosen for you based on the load balancing criteria for the Region.\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) .", + "title": "AvailabilityZone", "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that's associated with the Service Connect TLS.", - "title": "RoleArn", + "GroupName": { + "markdownDescription": "The name of the placement group that the instance is in. If you specify `GroupName` , you can't specify `GroupId` .", + "title": "GroupName", + "type": "string" + }, + "HostId": { + "markdownDescription": "The ID of the Dedicated Host on which the instance resides.\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) or [ImportInstance](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportInstance.html) .", + "title": "HostId", + "type": "string" + }, + "HostResourceGroupArn": { + "markdownDescription": "The ARN of the host resource group in which to launch the instances.\n\nIf you specify this parameter, either omit the *Tenancy* parameter or set it to `host` .\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) .", + "title": "HostResourceGroupArn", + "type": "string" + }, + "PartitionNumber": { + "markdownDescription": "The number of the partition that the instance is in. Valid only if the placement group strategy is set to `partition` .\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) .", + "title": "PartitionNumber", + "type": "number" + }, + "SpreadDomain": { + "markdownDescription": "Reserved for future use.", + "title": "SpreadDomain", + "type": "string" + }, + "Tenancy": { + "markdownDescription": "The tenancy of the instance. An instance with a tenancy of `dedicated` runs on single-tenant hardware.\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) . The `host` tenancy is not supported for [ImportInstance](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportInstance.html) or for T3 instances that are configured for the `unlimited` CPU credit option.", + "title": "Tenancy", "type": "string" } }, - "required": [ - "IssuerCertificateAuthority" - ], "type": "object" }, - "AWS::ECS::Service.ServiceManagedEBSVolumeConfiguration": { + "AWS::EC2::EC2Fleet.SpotOptionsRequest": { "additionalProperties": false, "properties": { - "Encrypted": { - "markdownDescription": "Indicates whether the volume should be encrypted. If you turn on Region-level Amazon EBS encryption by default but set this value as `false` , the setting is overridden and the volume is encrypted with the KMS key specified for Amazon EBS encryption by default. This parameter maps 1:1 with the `Encrypted` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .", - "title": "Encrypted", - "type": "boolean" + "AllocationStrategy": { + "markdownDescription": "Indicates how to allocate the target Spot Instance capacity across the Spot Instance pools specified by the EC2 Fleet.\n\nIf the allocation strategy is `lowestPrice` , EC2 Fleet launches instances from the Spot Instance pools with the lowest price. This is the default allocation strategy.\n\nIf the allocation strategy is `diversified` , EC2 Fleet launches instances from all the Spot Instance pools that you specify.\n\nIf the allocation strategy is `capacityOptimized` , EC2 Fleet launches instances from Spot Instance pools that are optimally chosen based on the available Spot Instance capacity.\n\n*Allowed Values* : `lowestPrice` | `diversified` | `capacityOptimized` | `capacityOptimizedPrioritized`", + "title": "AllocationStrategy", + "type": "string" }, - "FilesystemType": { - "markdownDescription": "The filesystem type for the volume. For volumes created from a snapshot, you must specify the same filesystem type that the volume was using when the snapshot was created. If there is a filesystem type mismatch, the tasks will fail to start.\n\nThe available Linux filesystem types are `ext3` , `ext4` , and `xfs` . If no value is specified, the `xfs` filesystem type is used by default.\n\nThe available Windows filesystem types are `NTFS` .", - "title": "FilesystemType", + "InstanceInterruptionBehavior": { + "markdownDescription": "The behavior when a Spot Instance is interrupted.\n\nDefault: `terminate`", + "title": "InstanceInterruptionBehavior", "type": "string" }, - "Iops": { - "markdownDescription": "The number of I/O operations per second (IOPS). For `gp3` , `io1` , and `io2` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n\nThe following are the supported values for each volume type.\n\n- `gp3` : 3,000 - 16,000 IOPS\n- `io1` : 100 - 64,000 IOPS\n- `io2` : 100 - 256,000 IOPS\n\nThis parameter is required for `io1` and `io2` volume types. The default for `gp3` volumes is `3,000 IOPS` . This parameter is not supported for `st1` , `sc1` , or `standard` volume types.\n\nThis parameter maps 1:1 with the `Iops` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .", - "title": "Iops", + "InstancePoolsToUseCount": { + "markdownDescription": "The number of Spot pools across which to allocate your target Spot capacity. Supported only when Spot `AllocationStrategy` is set to `lowest-price` . EC2 Fleet selects the cheapest Spot pools and evenly allocates your target Spot capacity across the number of Spot pools that you specify.\n\nNote that EC2 Fleet attempts to draw Spot Instances from the number of pools that you specify on a best effort basis. If a pool runs out of Spot capacity before fulfilling your target capacity, EC2 Fleet will continue to fulfill your request by drawing from the next cheapest pool. To ensure that your target capacity is met, you might receive Spot Instances from more than the number of pools that you specified. Similarly, if most of the pools have no Spot capacity, you might receive your full target capacity from fewer than the number of pools that you specified.", + "title": "InstancePoolsToUseCount", "type": "number" }, - "KmsKeyId": { - "markdownDescription": "The Amazon Resource Name (ARN) identifier of the AWS Key Management Service key to use for Amazon EBS encryption. When a key is specified using this parameter, it overrides Amazon EBS default encryption or any KMS key that you specified for cluster-level managed storage encryption. This parameter maps 1:1 with the `KmsKeyId` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* . For more information about encrypting Amazon EBS volumes attached to tasks, see [Encrypt data stored in Amazon EBS volumes attached to Amazon ECS tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ebs-kms-encryption.html) .\n\n> AWS authenticates the AWS Key Management Service key asynchronously. Therefore, if you specify an ID, alias, or ARN that is invalid, the action can appear to complete, but eventually fails.", - "title": "KmsKeyId", - "type": "string" + "MaintenanceStrategies": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.MaintenanceStrategies", + "markdownDescription": "The strategies for managing your Spot Instances that are at an elevated risk of being interrupted.", + "title": "MaintenanceStrategies" }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role to associate with this volume. This is the Amazon ECS infrastructure IAM role that is used to manage your AWS infrastructure. We recommend using the Amazon ECS-managed `AmazonECSInfrastructureRolePolicyForVolumes` IAM policy with this role. For more information, see [Amazon ECS infrastructure IAM role](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/infrastructure_IAM_role.html) in the *Amazon ECS Developer Guide* .", - "title": "RoleArn", + "MaxTotalPrice": { + "markdownDescription": "The maximum amount per hour for Spot Instances that you're willing to pay. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.\n\n> If you specify a maximum price, your Spot Instances will be interrupted more frequently than if you do not specify this parameter. > If your fleet includes T instances that are configured as `unlimited` , and if their average CPU usage exceeds the baseline utilization, you will incur a charge for surplus credits. The `MaxTotalPrice` does not account for surplus credits, and, if you use surplus credits, your final cost might be higher than what you specified for `MaxTotalPrice` . For more information, see [Surplus credits can incur charges](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) in the *Amazon EC2 User Guide* .", + "title": "MaxTotalPrice", "type": "string" }, - "SizeInGiB": { - "markdownDescription": "The size of the volume in GiB. You must specify either a volume size or a snapshot ID. If you specify a snapshot ID, the snapshot size is used for the volume size by default. You can optionally specify a volume size greater than or equal to the snapshot size. This parameter maps 1:1 with the `Size` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .\n\nThe following are the supported volume size values for each volume type.\n\n- `gp2` and `gp3` : 1-16,384\n- `io1` and `io2` : 4-16,384\n- `st1` and `sc1` : 125-16,384\n- `standard` : 1-1,024", - "title": "SizeInGiB", + "MinTargetCapacity": { + "markdownDescription": "The minimum target capacity for Spot Instances in the fleet. If this minimum capacity isn't reached, no instances are launched.\n\nConstraints: Maximum value of `1000` . Supported only for fleets of type `instant` .\n\nAt least one of the following must be specified: `SingleAvailabilityZone` | `SingleInstanceType`", + "title": "MinTargetCapacity", "type": "number" }, - "SnapshotId": { - "markdownDescription": "The snapshot that Amazon ECS uses to create volumes for attachment to tasks maintained by the service. You must specify either `snapshotId` or `sizeInGiB` in your volume configuration. This parameter maps 1:1 with the `SnapshotId` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .", - "title": "SnapshotId", + "SingleAvailabilityZone": { + "markdownDescription": "Indicates that the fleet launches all Spot Instances into a single Availability Zone.\n\nSupported only for fleets of type `instant` .", + "title": "SingleAvailabilityZone", + "type": "boolean" + }, + "SingleInstanceType": { + "markdownDescription": "Indicates that the fleet uses a single instance type to launch all Spot Instances in the fleet.\n\nSupported only for fleets of type `instant` .", + "title": "SingleInstanceType", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EC2::EC2Fleet.TagSpecification": { + "additionalProperties": false, + "properties": { + "ResourceType": { + "markdownDescription": "The type of resource to tag.", + "title": "ResourceType", "type": "string" }, - "TagSpecifications": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::ECS::Service.EBSTagSpecification" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to apply to the volume. Amazon ECS applies service-managed tags by default. This parameter maps 1:1 with the `TagSpecifications.N` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .", - "title": "TagSpecifications", + "markdownDescription": "The tags to apply to the resource.", + "title": "Tags", "type": "array" - }, - "Throughput": { - "markdownDescription": "The throughput to provision for a volume, in MiB/s, with a maximum of 1,000 MiB/s. This parameter maps 1:1 with the `Throughput` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .\n\n> This parameter is only supported for the `gp3` volume type.", - "title": "Throughput", - "type": "number" - }, - "VolumeType": { - "markdownDescription": "The volume type. This parameter maps 1:1 with the `VolumeType` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* . For more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-volume-types.html) in the *Amazon EC2 User Guide* .\n\nThe following are the supported volume types.\n\n- General Purpose SSD: `gp2` | `gp3`\n- Provisioned IOPS SSD: `io1` | `io2`\n- Throughput Optimized HDD: `st1`\n- Cold HDD: `sc1`\n- Magnetic: `standard`\n\n> The magnetic volume type is not supported on Fargate.", - "title": "VolumeType", - "type": "string" } }, - "required": [ - "RoleArn" - ], "type": "object" }, - "AWS::ECS::Service.ServiceRegistry": { + "AWS::EC2::EC2Fleet.TargetCapacitySpecificationRequest": { "additionalProperties": false, "properties": { - "ContainerName": { - "markdownDescription": "The container name value to be used for your service discovery service. It's already specified in the task definition. If the task definition that your service task specifies uses the `bridge` or `host` network mode, you must specify a `containerName` and `containerPort` combination from the task definition. If the task definition that your service task specifies uses the `awsvpc` network mode and a type SRV DNS record is used, you must specify either a `containerName` and `containerPort` combination or a `port` value. However, you can't specify both.", - "title": "ContainerName", + "DefaultTargetCapacityType": { + "markdownDescription": "The default target capacity type.", + "title": "DefaultTargetCapacityType", "type": "string" }, - "ContainerPort": { - "markdownDescription": "The port value to be used for your service discovery service. It's already specified in the task definition. If the task definition your service task specifies uses the `bridge` or `host` network mode, you must specify a `containerName` and `containerPort` combination from the task definition. If the task definition your service task specifies uses the `awsvpc` network mode and a type SRV DNS record is used, you must specify either a `containerName` and `containerPort` combination or a `port` value. However, you can't specify both.", - "title": "ContainerPort", + "OnDemandTargetCapacity": { + "markdownDescription": "The number of On-Demand units to request.", + "title": "OnDemandTargetCapacity", "type": "number" }, - "Port": { - "markdownDescription": "The port value used if your service discovery service specified an SRV record. This field might be used if both the `awsvpc` network mode and SRV records are used.", - "title": "Port", + "SpotTargetCapacity": { + "markdownDescription": "The number of Spot units to request.", + "title": "SpotTargetCapacity", "type": "number" }, - "RegistryArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the service registry. The currently supported service registry is AWS Cloud Map . For more information, see [CreateService](https://docs.aws.amazon.com/cloud-map/latest/api/API_CreateService.html) .", - "title": "RegistryArn", + "TargetCapacityUnitType": { + "markdownDescription": "The unit for the target capacity. You can specify this parameter only when using attributed-based instance type selection.\n\nDefault: `units` (the number of instances)", + "title": "TargetCapacityUnitType", "type": "string" + }, + "TotalTargetCapacity": { + "markdownDescription": "The number of units to request, filled using the default target capacity type.", + "title": "TotalTargetCapacity", + "type": "number" } }, + "required": [ + "TotalTargetCapacity" + ], "type": "object" }, - "AWS::ECS::Service.ServiceVolumeConfiguration": { + "AWS::EC2::EC2Fleet.TotalLocalStorageGBRequest": { "additionalProperties": false, "properties": { - "ManagedEBSVolume": { - "$ref": "#/definitions/AWS::ECS::Service.ServiceManagedEBSVolumeConfiguration", - "markdownDescription": "The configuration for the Amazon EBS volume that Amazon ECS creates and manages on your behalf. These settings are used to create each Amazon EBS volume, with one volume created for each task in the service. The Amazon EBS volumes are visible in your account in the Amazon EC2 console once they are created.", - "title": "ManagedEBSVolume" + "Max": { + "markdownDescription": "The maximum amount of total local storage, in GB. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" }, - "Name": { - "markdownDescription": "The name of the volume. This value must match the volume name from the `Volume` object in the task definition.", - "title": "Name", - "type": "string" + "Min": { + "markdownDescription": "The minimum amount of total local storage, in GB. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" } }, - "required": [ - "Name" - ], "type": "object" }, - "AWS::ECS::Service.TimeoutConfiguration": { + "AWS::EC2::EC2Fleet.VCpuCountRangeRequest": { "additionalProperties": false, "properties": { - "IdleTimeoutSeconds": { - "markdownDescription": "The amount of time in seconds a connection will stay active while idle. A value of `0` can be set to disable `idleTimeout` .\n\nThe `idleTimeout` default for `HTTP` / `HTTP2` / `GRPC` is 5 minutes.\n\nThe `idleTimeout` default for `TCP` is 1 hour.", - "title": "IdleTimeoutSeconds", + "Max": { + "markdownDescription": "The maximum number of vCPUs. To specify no maximum limit, omit this parameter.", + "title": "Max", "type": "number" }, - "PerRequestTimeoutSeconds": { - "markdownDescription": "The amount of time waiting for the upstream to respond with a complete response per request. A value of `0` can be set to disable `perRequestTimeout` . `perRequestTimeout` can only be set if Service Connect `appProtocol` isn't `TCP` . Only `idleTimeout` is allowed for `TCP` `appProtocol` .", - "title": "PerRequestTimeoutSeconds", + "Min": { + "markdownDescription": "The minimum number of vCPUs. To specify no minimum limit, specify `0` .", + "title": "Min", "type": "number" } }, "type": "object" }, - "AWS::ECS::TaskDefinition": { + "AWS::EC2::EIP": { "additionalProperties": false, "properties": { "Condition": { @@ -84197,115 +89918,55 @@ "Properties": { "additionalProperties": false, "properties": { - "ContainerDefinitions": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.ContainerDefinition" - }, - "markdownDescription": "A list of container definitions in JSON format that describe the different containers that make up your task. For more information about container definition parameters and defaults, see [Amazon ECS Task Definitions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_defintions.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "ContainerDefinitions", - "type": "array" - }, - "Cpu": { - "markdownDescription": "The number of `cpu` units used by the task. If you use the EC2 launch type, this field is optional. Any value can be used. If you use the Fargate launch type, this field is required. You must use one of the following values. The value that you choose determines your range of valid values for the `memory` parameter.\n\nIf you're using the EC2 launch type or the external launch type, this field is optional. Supported values are between `128` CPU units ( `0.125` vCPUs) and `196608` CPU units ( `192` vCPUs).\n\nThis field is required for Fargate. For information about the valid values, see [Task size](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html#task_size) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "Cpu", - "type": "string" - }, - "EphemeralStorage": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.EphemeralStorage", - "markdownDescription": "The ephemeral storage settings to use for tasks run with the task definition.", - "title": "EphemeralStorage" - }, - "ExecutionRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the task execution role that grants the Amazon ECS container agent permission to make AWS API calls on your behalf. For informationabout the required IAM roles for Amazon ECS, see [IAM roles for Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/security-ecs-iam-role-overview.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "ExecutionRoleArn", + "Address": { + "markdownDescription": "An Elastic IP address or a carrier IP address in a Wavelength Zone.", + "title": "Address", "type": "string" }, - "Family": { - "markdownDescription": "The name of a family that this task definition is registered to. Up to 255 letters (uppercase and lowercase), numbers, hyphens, and underscores are allowed.\n\nA family groups multiple versions of a task definition. Amazon ECS gives the first task definition that you registered to a family a revision number of 1. Amazon ECS gives sequential revision numbers to each task definition that you add.\n\n> To use revision numbers when you update a task definition, specify this property. If you don't specify a value, AWS CloudFormation generates a new task definition each time that you update it.", - "title": "Family", + "Domain": { + "markdownDescription": "The network ( `vpc` ).\n\nIf you define an Elastic IP address and associate it with a VPC that is defined in the same template, you must declare a dependency on the VPC-gateway attachment by using the [DependsOn Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) on this resource.", + "title": "Domain", "type": "string" }, - "InferenceAccelerators": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.InferenceAccelerator" - }, - "markdownDescription": "The Elastic Inference accelerators to use for the containers in the task.", - "title": "InferenceAccelerators", - "type": "array" - }, - "IpcMode": { - "markdownDescription": "The IPC resource namespace to use for the containers in the task. The valid values are `host` , `task` , or `none` . If `host` is specified, then all containers within the tasks that specified the `host` IPC mode on the same container instance share the same IPC resources with the host Amazon EC2 instance. If `task` is specified, all containers within the specified task share the same IPC resources. If `none` is specified, then IPC resources within the containers of a task are private and not shared with other containers in a task or on the container instance. If no value is specified, then the IPC resource namespace sharing depends on the Docker daemon setting on the container instance.\n\nIf the `host` IPC mode is used, be aware that there is a heightened risk of undesired IPC namespace expose.\n\nIf you are setting namespaced kernel parameters using `systemControls` for the containers in the task, the following will apply to your IPC resource namespace. For more information, see [System Controls](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html) in the *Amazon Elastic Container Service Developer Guide* .\n\n- For tasks that use the `host` IPC mode, IPC namespace related `systemControls` are not supported.\n- For tasks that use the `task` IPC mode, IPC namespace related `systemControls` will apply to all containers within a task.\n\n> This parameter is not supported for Windows containers or tasks run on AWS Fargate .", - "title": "IpcMode", + "InstanceId": { + "markdownDescription": "The ID of the instance.\n\n> Updates to the `InstanceId` property may require *some interruptions* . Updates on an EIP reassociates the address on its associated resource.", + "title": "InstanceId", "type": "string" }, - "Memory": { - "markdownDescription": "The amount (in MiB) of memory used by the task.\n\nIf your tasks runs on Amazon EC2 instances, you must specify either a task-level memory value or a container-level memory value. This field is optional and any value can be used. If a task-level memory value is specified, the container-level memory value is optional. For more information regarding container-level memory and memory reservation, see [ContainerDefinition](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ContainerDefinition.html) .\n\nIf your tasks runs on AWS Fargate , this field is required. You must use one of the following values. The value you choose determines your range of valid values for the `cpu` parameter.\n\n- 512 (0.5 GB), 1024 (1 GB), 2048 (2 GB) - Available `cpu` values: 256 (.25 vCPU)\n- 1024 (1 GB), 2048 (2 GB), 3072 (3 GB), 4096 (4 GB) - Available `cpu` values: 512 (.5 vCPU)\n- 2048 (2 GB), 3072 (3 GB), 4096 (4 GB), 5120 (5 GB), 6144 (6 GB), 7168 (7 GB), 8192 (8 GB) - Available `cpu` values: 1024 (1 vCPU)\n- Between 4096 (4 GB) and 16384 (16 GB) in increments of 1024 (1 GB) - Available `cpu` values: 2048 (2 vCPU)\n- Between 8192 (8 GB) and 30720 (30 GB) in increments of 1024 (1 GB) - Available `cpu` values: 4096 (4 vCPU)\n- Between 16 GB and 60 GB in 4 GB increments - Available `cpu` values: 8192 (8 vCPU)\n\nThis option requires Linux platform `1.4.0` or later.\n- Between 32GB and 120 GB in 8 GB increments - Available `cpu` values: 16384 (16 vCPU)\n\nThis option requires Linux platform `1.4.0` or later.", - "title": "Memory", + "IpamPoolId": { + "markdownDescription": "The ID of an IPAM pool which has an Amazon-provided or BYOIP public IPv4 CIDR provisioned to it. For more information, see [Allocate sequential Elastic IP addresses from an IPAM pool](https://docs.aws.amazon.com/vpc/latest/ipam/tutorials-eip-pool.html) in the *Amazon VPC IPAM User Guide* .", + "title": "IpamPoolId", "type": "string" }, - "NetworkMode": { - "markdownDescription": "The Docker networking mode to use for the containers in the task. The valid values are `none` , `bridge` , `awsvpc` , and `host` . If no network mode is specified, the default is `bridge` .\n\nFor Amazon ECS tasks on Fargate, the `awsvpc` network mode is required. For Amazon ECS tasks on Amazon EC2 Linux instances, any network mode can be used. For Amazon ECS tasks on Amazon EC2 Windows instances, `` or `awsvpc` can be used. If the network mode is set to `none` , you cannot specify port mappings in your container definitions, and the tasks containers do not have external connectivity. The `host` and `awsvpc` network modes offer the highest networking performance for containers because they use the EC2 network stack instead of the virtualized network stack provided by the `bridge` mode.\n\nWith the `host` and `awsvpc` network modes, exposed container ports are mapped directly to the corresponding host port (for the `host` network mode) or the attached elastic network interface port (for the `awsvpc` network mode), so you cannot take advantage of dynamic host port mappings.\n\n> When using the `host` network mode, you should not run containers using the root user (UID 0). It is considered best practice to use a non-root user. \n\nIf the network mode is `awsvpc` , the task is allocated an elastic network interface, and you must specify a [NetworkConfiguration](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_NetworkConfiguration.html) value when you create a service or run a task with the task definition. For more information, see [Task Networking](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-networking.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nIf the network mode is `host` , you cannot run multiple instantiations of the same task on a single container instance when port mappings are used.", - "title": "NetworkMode", + "NetworkBorderGroup": { + "markdownDescription": "A unique set of Availability Zones, Local Zones, or Wavelength Zones from which AWS advertises IP addresses. Use this parameter to limit the IP address to this location. IP addresses cannot move between network border groups.\n\nUse [DescribeAvailabilityZones](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAvailabilityZones.html) to view the network border groups.", + "title": "NetworkBorderGroup", "type": "string" }, - "PidMode": { - "markdownDescription": "The process namespace to use for the containers in the task. The valid values are `host` or `task` . On Fargate for Linux containers, the only valid value is `task` . For example, monitoring sidecars might need `pidMode` to access information about other containers running in the same task.\n\nIf `host` is specified, all containers within the tasks that specified the `host` PID mode on the same container instance share the same process namespace with the host Amazon EC2 instance.\n\nIf `task` is specified, all containers within the specified task share the same process namespace.\n\nIf no value is specified, the default is a private namespace for each container.\n\nIf the `host` PID mode is used, there's a heightened risk of undesired process namespace exposure.\n\n> This parameter is not supported for Windows containers. > This parameter is only supported for tasks that are hosted on AWS Fargate if the tasks are using platform version `1.4.0` or later (Linux). This isn't supported for Windows containers on Fargate.", - "title": "PidMode", + "PublicIpv4Pool": { + "markdownDescription": "The ID of an address pool that you own. Use this parameter to let Amazon EC2 select an address from the address pool.\n\n> Updates to the `PublicIpv4Pool` property may require *some interruptions* . Updates on an EIP reassociates the address on its associated resource.", + "title": "PublicIpv4Pool", "type": "string" }, - "PlacementConstraints": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.TaskDefinitionPlacementConstraint" - }, - "markdownDescription": "An array of placement constraint objects to use for tasks.\n\n> This parameter isn't supported for tasks run on AWS Fargate .", - "title": "PlacementConstraints", - "type": "array" - }, - "ProxyConfiguration": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.ProxyConfiguration", - "markdownDescription": "The configuration details for the App Mesh proxy.\n\nYour Amazon ECS container instances require at least version 1.26.0 of the container agent and at least version 1.26.0-1 of the `ecs-init` package to use a proxy configuration. If your container instances are launched from the Amazon ECS optimized AMI version `20190301` or later, they contain the required versions of the container agent and `ecs-init` . For more information, see [Amazon ECS-optimized Linux AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "ProxyConfiguration" - }, - "RequiresCompatibilities": { - "items": { - "type": "string" - }, - "markdownDescription": "The task launch types the task definition was validated against. The valid values are `EC2` , `FARGATE` , and `EXTERNAL` . For more information, see [Amazon ECS launch types](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/launch_types.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "RequiresCompatibilities", - "type": "array" - }, - "RuntimePlatform": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.RuntimePlatform", - "markdownDescription": "The operating system that your tasks definitions run on. A platform family is specified only for tasks using the Fargate launch type.", - "title": "RuntimePlatform" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The metadata that you apply to the task definition to help you categorize and organize them. Each tag consists of a key and an optional value. You define both of them.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8\n- Maximum value length - 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", + "markdownDescription": "Any tags assigned to the Elastic IP address.\n\n> Updates to the `Tags` property may require *some interruptions* . Updates on an EIP reassociates the address on its associated resource.", "title": "Tags", "type": "array" }, - "TaskRoleArn": { - "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the AWS Identity and Access Management role that grants containers in the task permission to call AWS APIs on your behalf. For more information, see [Amazon ECS Task Role](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-iam-roles.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nIAM roles for tasks on Windows require that the `-EnableTaskIAMRole` option is set when you launch the Amazon ECS-optimized Windows AMI. Your containers must also run some configuration code to use the feature. For more information, see [Windows IAM roles for tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/windows_task_IAM_roles.html) in the *Amazon Elastic Container Service Developer Guide* .\n\n> String validation is done on the ECS side. If an invalid string value is given for `TaskRoleArn` , it may cause the Cloudformation job to hang.", - "title": "TaskRoleArn", + "TransferAddress": { + "markdownDescription": "The Elastic IP address you are accepting for transfer. You can only accept one transferred address. For more information on Elastic IP address transfers, see [Transfer Elastic IP addresses](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-eips.html#transfer-EIPs-intro) in the *Amazon Virtual Private Cloud User Guide* .", + "title": "TransferAddress", "type": "string" - }, - "Volumes": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.Volume" - }, - "markdownDescription": "The list of data volume definitions for the task. For more information, see [Using data volumes in tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_data_volumes.html) in the *Amazon Elastic Container Service Developer Guide* .\n\n> The `host` and `sourcePath` parameters aren't supported for tasks run on AWS Fargate .", - "title": "Volumes", - "type": "array" } }, "type": "object" }, "Type": { "enum": [ - "AWS::ECS::TaskDefinition" + "AWS::EC2::EIP" ], "type": "string" }, @@ -84323,876 +89984,1133 @@ ], "type": "object" }, - "AWS::ECS::TaskDefinition.AuthorizationConfig": { + "AWS::EC2::EIPAssociation": { "additionalProperties": false, "properties": { - "AccessPointId": { - "markdownDescription": "The Amazon EFS access point ID to use. If an access point is specified, the root directory value specified in the `EFSVolumeConfiguration` must either be omitted or set to `/` which will enforce the path set on the EFS access point. If an access point is used, transit encryption must be on in the `EFSVolumeConfiguration` . For more information, see [Working with Amazon EFS access points](https://docs.aws.amazon.com/efs/latest/ug/efs-access-points.html) in the *Amazon Elastic File System User Guide* .", - "title": "AccessPointId", + "Condition": { "type": "string" }, - "IAM": { - "markdownDescription": "Determines whether to use the Amazon ECS task role defined in a task definition when mounting the Amazon EFS file system. If it is turned on, transit encryption must be turned on in the `EFSVolumeConfiguration` . If this parameter is omitted, the default value of `DISABLED` is used. For more information, see [Using Amazon EFS access points](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/efs-volumes.html#efs-volume-accesspoints) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "IAM", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AllocationId": { + "markdownDescription": "The allocation ID. This is required.", + "title": "AllocationId", + "type": "string" + }, + "InstanceId": { + "markdownDescription": "The ID of the instance. The instance must have exactly one attached network interface. You can specify either the instance ID or the network interface ID, but not both.", + "title": "InstanceId", + "type": "string" + }, + "NetworkInterfaceId": { + "markdownDescription": "The ID of the network interface. If the instance has more than one network interface, you must specify a network interface ID.\n\nYou can specify either the instance ID or the network interface ID, but not both.", + "title": "NetworkInterfaceId", + "type": "string" + }, + "PrivateIpAddress": { + "markdownDescription": "The primary or secondary private IP address to associate with the Elastic IP address. If no private IP address is specified, the Elastic IP address is associated with the primary private IP address.", + "title": "PrivateIpAddress", + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::EC2::EIPAssociation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::ECS::TaskDefinition.ContainerDefinition": { + "AWS::EC2::EgressOnlyInternetGateway": { "additionalProperties": false, "properties": { - "Command": { - "items": { - "type": "string" - }, - "markdownDescription": "The command that's passed to the container. This parameter maps to `Cmd` in the docker container create command and the `COMMAND` parameter to docker run. If there are multiple arguments, each argument is a separated string in the array.", - "title": "Command", - "type": "array" - }, - "Cpu": { - "markdownDescription": "The number of `cpu` units reserved for the container. This parameter maps to `CpuShares` in the docker container create commandand the `--cpu-shares` option to docker run.\n\nThis field is optional for tasks using the Fargate launch type, and the only requirement is that the total amount of CPU reserved for all containers within a task be lower than the task-level `cpu` value.\n\n> You can determine the number of CPU units that are available per EC2 instance type by multiplying the vCPUs listed for that instance type on the [Amazon EC2 Instances](https://docs.aws.amazon.com/ec2/instance-types/) detail page by 1,024. \n\nLinux containers share unallocated CPU units with other containers on the container instance with the same ratio as their allocated amount. For example, if you run a single-container task on a single-core instance type with 512 CPU units specified for that container, and that's the only task running on the container instance, that container could use the full 1,024 CPU unit share at any given time. However, if you launched another copy of the same task on that container instance, each task is guaranteed a minimum of 512 CPU units when needed. Moreover, each container could float to higher CPU usage if the other container was not using it. If both tasks were 100% active all of the time, they would be limited to 512 CPU units.\n\nOn Linux container instances, the Docker daemon on the container instance uses the CPU value to calculate the relative CPU share ratios for running containers. The minimum valid CPU share value that the Linux kernel allows is 2, and the maximum valid CPU share value that the Linux kernel allows is 262144. However, the CPU parameter isn't required, and you can use CPU values below 2 or above 262144 in your container definitions. For CPU values below 2 (including null) or above 262144, the behavior varies based on your Amazon ECS container agent version:\n\n- *Agent versions less than or equal to 1.1.0:* Null and zero CPU values are passed to Docker as 0, which Docker then converts to 1,024 CPU shares. CPU values of 1 are passed to Docker as 1, which the Linux kernel converts to two CPU shares.\n- *Agent versions greater than or equal to 1.2.0:* Null, zero, and CPU values of 1 are passed to Docker as 2.\n- *Agent versions greater than or equal to 1.84.0:* CPU values greater than 256 vCPU are passed to Docker as 256, which is equivalent to 262144 CPU shares.\n\nOn Windows container instances, the CPU limit is enforced as an absolute limit, or a quota. Windows containers only have access to the specified amount of CPU that's described in the task definition. A null or zero CPU value is passed to Docker as `0` , which Windows interprets as 1% of one CPU.", - "title": "Cpu", - "type": "number" + "Condition": { + "type": "string" }, - "CredentialSpecs": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of ARNs in SSM or Amazon S3 to a credential spec ( `CredSpec` ) file that configures the container for Active Directory authentication. We recommend that you use this parameter instead of the `dockerSecurityOptions` . The maximum number of ARNs is 1.\n\nThere are two formats for each ARN.\n\n- **credentialspecdomainless:MyARN** - You use `credentialspecdomainless:MyARN` to provide a `CredSpec` with an additional section for a secret in AWS Secrets Manager . You provide the login credentials to the domain in the secret.\n\nEach task that runs on any container instance can join different domains.\n\nYou can use this format without joining the container instance to a domain.\n- **credentialspec:MyARN** - You use `credentialspec:MyARN` to provide a `CredSpec` for a single domain.\n\nYou must join the container instance to the domain before you start any tasks that use this task definition.\n\nIn both formats, replace `MyARN` with the ARN in SSM or Amazon S3.\n\nIf you provide a `credentialspecdomainless:MyARN` , the `credspec` must provide a ARN in AWS Secrets Manager for a secret containing the username, password, and the domain to connect to. For better security, the instance isn't joined to the domain for domainless authentication. Other applications on the instance can't use the domainless credentials. You can use this parameter to run tasks on the same instance, even it the tasks need to join different domains. For more information, see [Using gMSAs for Windows Containers](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/windows-gmsa.html) and [Using gMSAs for Linux Containers](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/linux-gmsa.html) .", - "title": "CredentialSpecs", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, "DependsOn": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.ContainerDependency" - }, - "markdownDescription": "The dependencies defined for container startup and shutdown. A container can contain multiple dependencies. When a dependency is defined for container startup, for container shutdown it is reversed.\n\nFor tasks using the EC2 launch type, the container instances require at least version 1.26.0 of the container agent to turn on container dependencies. However, we recommend using the latest container agent version. For information about checking your agent version and updating to the latest version, see [Updating the Amazon ECS Container Agent](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-update.html) in the *Amazon Elastic Container Service Developer Guide* . If you're using an Amazon ECS-optimized Linux AMI, your instance needs at least version 1.26.0-1 of the `ecs-init` package. If your container instances are launched from version `20190301` or later, then they contain the required versions of the container agent and `ecs-init` . For more information, see [Amazon ECS-optimized Linux AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nFor tasks using the Fargate launch type, the task or service requires the following platforms:\n\n- Linux platform version `1.3.0` or later.\n- Windows platform version `1.0.0` or later.\n\nIf the task definition is used in a blue/green deployment that uses [AWS::CodeDeploy::DeploymentGroup BlueGreenDeploymentConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-codedeploy-deploymentgroup-bluegreendeploymentconfiguration.html) , the `dependsOn` parameter is not supported.", - "title": "DependsOn", - "type": "array" - }, - "DisableNetworking": { - "markdownDescription": "When this parameter is true, networking is off within the container. This parameter maps to `NetworkDisabled` in the docker container create command.\n\n> This parameter is not supported for Windows containers.", - "title": "DisableNetworking", - "type": "boolean" - }, - "DnsSearchDomains": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of DNS search domains that are presented to the container. This parameter maps to `DnsSearch` in the docker container create command and the `--dns-search` option to docker run.\n\n> This parameter is not supported for Windows containers.", - "title": "DnsSearchDomains", - "type": "array" + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "DnsServers": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of DNS servers that are presented to the container. This parameter maps to `Dns` in the docker container create command and the `--dns` option to docker run.\n\n> This parameter is not supported for Windows containers.", - "title": "DnsServers", - "type": "array" + "Metadata": { + "type": "object" }, - "DockerLabels": { - "additionalProperties": true, - "markdownDescription": "A key/value map of labels to add to the container. This parameter maps to `Labels` in the docker container create command and the `--label` option to docker run. This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`", - "patternProperties": { - "^[a-zA-Z0-9]+$": { + "Properties": { + "additionalProperties": false, + "properties": { + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags assigned to the egress-only internet gateway.", + "title": "Tags", + "type": "array" + }, + "VpcId": { + "markdownDescription": "The ID of the VPC for which to create the egress-only internet gateway.", + "title": "VpcId", "type": "string" } }, - "title": "DockerLabels", + "required": [ + "VpcId" + ], "type": "object" }, - "DockerSecurityOptions": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of strings to provide custom configuration for multiple security systems. This field isn't valid for containers in tasks using the Fargate launch type.\n\nFor Linux tasks on EC2, this parameter can be used to reference custom labels for SELinux and AppArmor multi-level security systems.\n\nFor any tasks on EC2, this parameter can be used to reference a credential spec file that configures a container for Active Directory authentication. For more information, see [Using gMSAs for Windows Containers](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/windows-gmsa.html) and [Using gMSAs for Linux Containers](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/linux-gmsa.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nThis parameter maps to `SecurityOpt` in the docker container create command and the `--security-opt` option to docker run.\n\n> The Amazon ECS container agent running on a container instance must register with the `ECS_SELINUX_CAPABLE=true` or `ECS_APPARMOR_CAPABLE=true` environment variables before containers placed on that instance can use these security options. For more information, see [Amazon ECS Container Agent Configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the *Amazon Elastic Container Service Developer Guide* . \n\nValid values: \"no-new-privileges\" | \"apparmor:PROFILE\" | \"label:value\" | \"credentialspec:CredentialSpecFilePath\"", - "title": "DockerSecurityOptions", - "type": "array" + "Type": { + "enum": [ + "AWS::EC2::EgressOnlyInternetGateway" + ], + "type": "string" }, - "EntryPoint": { - "items": { - "type": "string" - }, - "markdownDescription": "> Early versions of the Amazon ECS container agent don't properly handle `entryPoint` parameters. If you have problems using `entryPoint` , update your container agent or enter your commands and arguments as `command` array items instead. \n\nThe entry point that's passed to the container. This parameter maps to `Entrypoint` in the docker container create command and the `--entrypoint` option to docker run.", - "title": "EntryPoint", - "type": "array" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::EC2::EnclaveCertificateIamRoleAssociation": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" }, - "Environment": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.KeyValuePair" - }, - "markdownDescription": "The environment variables to pass to a container. This parameter maps to `Env` in the docker container create command and the `--env` option to docker run.\n\n> We don't recommend that you use plaintext environment variables for sensitive information, such as credential data.", - "title": "Environment", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "EnvironmentFiles": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.EnvironmentFile" - }, - "markdownDescription": "A list of files containing the environment variables to pass to a container. This parameter maps to the `--env-file` option to docker run.\n\nYou can specify up to ten environment files. The file must have a `.env` file extension. Each line in an environment file contains an environment variable in `VARIABLE=VALUE` format. Lines beginning with `#` are treated as comments and are ignored.\n\nIf there are environment variables specified using the `environment` parameter in a container definition, they take precedence over the variables contained within an environment file. If multiple environment files are specified that contain the same variable, they're processed from the top down. We recommend that you use unique variable names. For more information, see [Specifying Environment Variables](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/taskdef-envfiles.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "EnvironmentFiles", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Essential": { - "markdownDescription": "If the `essential` parameter of a container is marked as `true` , and that container fails or stops for any reason, all other containers that are part of the task are stopped. If the `essential` parameter of a container is marked as `false` , its failure doesn't affect the rest of the containers in a task. If this parameter is omitted, a container is assumed to be essential.\n\nAll tasks must have at least one essential container. If you have an application that's composed of multiple containers, group containers that are used for a common purpose into components, and separate the different components into multiple task definitions. For more information, see [Application Architecture](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/application_architecture.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "Essential", - "type": "boolean" + "Metadata": { + "type": "object" }, - "ExtraHosts": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.HostEntry" + "Properties": { + "additionalProperties": false, + "properties": { + "CertificateArn": { + "markdownDescription": "The ARN of the ACM certificate with which to associate the IAM role.", + "title": "CertificateArn", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the IAM role to associate with the ACM certificate. You can associate up to 16 IAM roles with an ACM certificate.", + "title": "RoleArn", + "type": "string" + } }, - "markdownDescription": "A list of hostnames and IP address mappings to append to the `/etc/hosts` file on the container. This parameter maps to `ExtraHosts` in the docker container create command and the `--add-host` option to docker run.\n\n> This parameter isn't supported for Windows containers or tasks that use the `awsvpc` network mode.", - "title": "ExtraHosts", - "type": "array" - }, - "FirelensConfiguration": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.FirelensConfiguration", - "markdownDescription": "The FireLens configuration for the container. This is used to specify and configure a log router for container logs. For more information, see [Custom Log Routing](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "FirelensConfiguration" - }, - "HealthCheck": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.HealthCheck", - "markdownDescription": "The container health check command and associated configuration parameters for the container. This parameter maps to `HealthCheck` in the docker container create command and the `HEALTHCHECK` parameter of docker run.", - "title": "HealthCheck" + "required": [ + "CertificateArn", + "RoleArn" + ], + "type": "object" }, - "Hostname": { - "markdownDescription": "The hostname to use for your container. This parameter maps to `Hostname` in the docker container create command and the `--hostname` option to docker run.\n\n> The `hostname` parameter is not supported if you're using the `awsvpc` network mode.", - "title": "Hostname", + "Type": { + "enum": [ + "AWS::EC2::EnclaveCertificateIamRoleAssociation" + ], "type": "string" }, - "Image": { - "markdownDescription": "The image used to start a container. This string is passed directly to the Docker daemon. By default, images in the Docker Hub registry are available. Other repositories are specified with either `*repository-url* / *image* : *tag*` or `*repository-url* / *image* @ *digest*` . Up to 255 letters (uppercase and lowercase), numbers, hyphens, underscores, colons, periods, forward slashes, and number signs are allowed. This parameter maps to `Image` in the docker container create command and the `IMAGE` parameter of docker run.\n\n- When a new task starts, the Amazon ECS container agent pulls the latest version of the specified image and tag for the container to use. However, subsequent updates to a repository image aren't propagated to already running tasks.\n- Images in Amazon ECR repositories can be specified by either using the full `registry/repository:tag` or `registry/repository@digest` . For example, `012345678910.dkr.ecr..amazonaws.com/:latest` or `012345678910.dkr.ecr..amazonaws.com/@sha256:94afd1f2e64d908bc90dbca0035a5b567EXAMPLE` .\n- Images in official repositories on Docker Hub use a single name (for example, `ubuntu` or `mongo` ).\n- Images in other repositories on Docker Hub are qualified with an organization name (for example, `amazon/amazon-ecs-agent` ).\n- Images in other online repositories are qualified further by a domain name (for example, `quay.io/assemblyline/ubuntu` ).", - "title": "Image", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::EC2::FlowLog": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "Interactive": { - "markdownDescription": "When this parameter is `true` , you can deploy containerized applications that require `stdin` or a `tty` to be allocated. This parameter maps to `OpenStdin` in the docker container create command and the `--interactive` option to docker run.", - "title": "Interactive", - "type": "boolean" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Links": { - "items": { - "type": "string" - }, - "markdownDescription": "The `links` parameter allows containers to communicate with each other without the need for port mappings. This parameter is only supported if the network mode of a task definition is `bridge` . The `name:internalName` construct is analogous to `name:alias` in Docker links. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed.. This parameter maps to `Links` in the docker container create command and the `--link` option to docker run.\n\n> This parameter is not supported for Windows containers. > Containers that are collocated on a single container instance may be able to communicate with each other without requiring links or host port mappings. Network isolation is achieved on the container instance using security groups and VPC settings.", - "title": "Links", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "LinuxParameters": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.LinuxParameters", - "markdownDescription": "Linux-specific modifications that are applied to the container, such as Linux kernel capabilities. For more information see [KernelCapabilities](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_KernelCapabilities.html) .\n\n> This parameter is not supported for Windows containers.", - "title": "LinuxParameters" - }, - "LogConfiguration": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.LogConfiguration", - "markdownDescription": "The log configuration specification for the container.\n\nThis parameter maps to `LogConfig` in the docker Create a container command and the `--log-driver` option to docker run. By default, containers use the same logging driver that the Docker daemon uses. However, the container may use a different logging driver than the Docker daemon by specifying a log driver with this parameter in the container definition. To use a different logging driver for a container, the log system must be configured properly on the container instance (or on a different log server for remote logging options). For more information on the options for different supported log drivers, see [Configure logging drivers](https://docs.aws.amazon.com/https://docs.docker.com/engine/admin/logging/overview/) in the Docker documentation.\n\n> Amazon ECS currently supports a subset of the logging drivers available to the Docker daemon (shown in the [LogConfiguration](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_LogConfiguration.html) data type). Additional log drivers may be available in future releases of the Amazon ECS container agent. \n\nThis parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`\n\n> The Amazon ECS container agent running on a container instance must register the logging drivers available on that instance with the `ECS_AVAILABLE_LOGGING_DRIVERS` environment variable before containers placed on that instance can use these log configuration options. For more information, see [Amazon ECS Container Agent Configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "LogConfiguration" - }, - "Memory": { - "markdownDescription": "The amount (in MiB) of memory to present to the container. If your container attempts to exceed the memory specified here, the container is killed. The total amount of memory reserved for all containers within a task must be lower than the task `memory` value, if one is specified. This parameter maps to `Memory` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--memory` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .\n\nIf using the Fargate launch type, this parameter is optional.\n\nIf using the EC2 launch type, you must specify either a task-level memory value or a container-level memory value. If you specify both a container-level `memory` and `memoryReservation` value, `memory` must be greater than `memoryReservation` . If you specify `memoryReservation` , then that value is subtracted from the available memory resources for the container instance where the container is placed. Otherwise, the value of `memory` is used.\n\nThe Docker 20.10.0 or later daemon reserves a minimum of 6 MiB of memory for a container, so you should not specify fewer than 6 MiB of memory for your containers.\n\nThe Docker 19.03.13-ce or earlier daemon reserves a minimum of 4 MiB of memory for a container, so you should not specify fewer than 4 MiB of memory for your containers.", - "title": "Memory", - "type": "number" - }, - "MemoryReservation": { - "markdownDescription": "The soft limit (in MiB) of memory to reserve for the container. When system memory is under heavy contention, Docker attempts to keep the container memory to this soft limit. However, your container can consume more memory when it needs to, up to either the hard limit specified with the `memory` parameter (if applicable), or all of the available memory on the container instance, whichever comes first. This parameter maps to `MemoryReservation` in the docker container create command and the `--memory-reservation` option to docker run.\n\nIf a task-level memory value is not specified, you must specify a non-zero integer for one or both of `memory` or `memoryReservation` in a container definition. If you specify both, `memory` must be greater than `memoryReservation` . If you specify `memoryReservation` , then that value is subtracted from the available memory resources for the container instance where the container is placed. Otherwise, the value of `memory` is used.\n\nFor example, if your container normally uses 128 MiB of memory, but occasionally bursts to 256 MiB of memory for short periods of time, you can set a `memoryReservation` of 128 MiB, and a `memory` hard limit of 300 MiB. This configuration would allow the container to only reserve 128 MiB of memory from the remaining resources on the container instance, but also allow the container to consume more memory resources when needed.\n\nThe Docker 20.10.0 or later daemon reserves a minimum of 6 MiB of memory for a container. So, don't specify less than 6 MiB of memory for your containers.\n\nThe Docker 19.03.13-ce or earlier daemon reserves a minimum of 4 MiB of memory for a container. So, don't specify less than 4 MiB of memory for your containers.", - "title": "MemoryReservation", - "type": "number" - }, - "MountPoints": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.MountPoint" - }, - "markdownDescription": "The mount points for data volumes in your container.\n\nThis parameter maps to `Volumes` in the docker container create command and the `--volume` option to docker run.\n\nWindows containers can mount whole directories on the same drive as `$env:ProgramData` . Windows containers can't mount directories on a different drive, and mount point can't be across drives.", - "title": "MountPoints", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of a container. If you're linking multiple containers together in a task definition, the `name` of one container can be entered in the `links` of another container to connect the containers. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed. This parameter maps to `name` in the docker container create command and the `--name` option to docker run.", - "title": "Name", - "type": "string" - }, - "PortMappings": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.PortMapping" - }, - "markdownDescription": "The list of port mappings for the container. Port mappings allow containers to access ports on the host container instance to send or receive traffic.\n\nFor task definitions that use the `awsvpc` network mode, you should only specify the `containerPort` . The `hostPort` can be left blank or it must be the same value as the `containerPort` .\n\nPort mappings on Windows use the `NetNAT` gateway address rather than `localhost` . There is no loopback for port mappings on Windows, so you cannot access a container's mapped port from the host itself.\n\nThis parameter maps to `PortBindings` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--publish` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . If the network mode of a task definition is set to `none` , then you can't specify port mappings. If the network mode of a task definition is set to `host` , then host ports must either be undefined or they must match the container port in the port mapping.\n\n> After a task reaches the `RUNNING` status, manual and automatic host and container port assignments are visible in the *Network Bindings* section of a container description for a selected task in the Amazon ECS console. The assignments are also visible in the `networkBindings` section [DescribeTasks](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DescribeTasks.html) responses.", - "title": "PortMappings", - "type": "array" - }, - "Privileged": { - "markdownDescription": "When this parameter is true, the container is given elevated privileges on the host container instance (similar to the `root` user). This parameter maps to `Privileged` in the docker container create command and the `--privileged` option to docker run\n\n> This parameter is not supported for Windows containers or tasks run on AWS Fargate .", - "title": "Privileged", - "type": "boolean" - }, - "PseudoTerminal": { - "markdownDescription": "When this parameter is `true` , a TTY is allocated. This parameter maps to `Tty` in the docker container create command and the `--tty` option to docker run.", - "title": "PseudoTerminal", - "type": "boolean" - }, - "ReadonlyRootFilesystem": { - "markdownDescription": "When this parameter is true, the container is given read-only access to its root file system. This parameter maps to `ReadonlyRootfs` in the docker container create command and the `--read-only` option to docker run.\n\n> This parameter is not supported for Windows containers.", - "title": "ReadonlyRootFilesystem", - "type": "boolean" - }, - "RepositoryCredentials": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.RepositoryCredentials", - "markdownDescription": "The private repository authentication credentials to use.", - "title": "RepositoryCredentials" - }, - "ResourceRequirements": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.ResourceRequirement" - }, - "markdownDescription": "The type and amount of a resource to assign to a container. The only supported resource is a GPU.", - "title": "ResourceRequirements", - "type": "array" - }, - "Secrets": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.Secret" - }, - "markdownDescription": "The secrets to pass to the container. For more information, see [Specifying Sensitive Data](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "Secrets", - "type": "array" - }, - "StartTimeout": { - "markdownDescription": "Time duration (in seconds) to wait before giving up on resolving dependencies for a container. For example, you specify two containers in a task definition with containerA having a dependency on containerB reaching a `COMPLETE` , `SUCCESS` , or `HEALTHY` status. If a `startTimeout` value is specified for containerB and it doesn't reach the desired status within that time then containerA gives up and not start. This results in the task transitioning to a `STOPPED` state.\n\n> When the `ECS_CONTAINER_START_TIMEOUT` container agent configuration variable is used, it's enforced independently from this start timeout value. \n\nFor tasks using the Fargate launch type, the task or service requires the following platforms:\n\n- Linux platform version `1.3.0` or later.\n- Windows platform version `1.0.0` or later.\n\nFor tasks using the EC2 launch type, your container instances require at least version `1.26.0` of the container agent to use a container start timeout value. However, we recommend using the latest container agent version. For information about checking your agent version and updating to the latest version, see [Updating the Amazon ECS Container Agent](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-update.html) in the *Amazon Elastic Container Service Developer Guide* . If you're using an Amazon ECS-optimized Linux AMI, your instance needs at least version `1.26.0-1` of the `ecs-init` package. If your container instances are launched from version `20190301` or later, then they contain the required versions of the container agent and `ecs-init` . For more information, see [Amazon ECS-optimized Linux AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nThe valid values for Fargate are 2-120 seconds.", - "title": "StartTimeout", - "type": "number" - }, - "StopTimeout": { - "markdownDescription": "Time duration (in seconds) to wait before the container is forcefully killed if it doesn't exit normally on its own.\n\nFor tasks using the Fargate launch type, the task or service requires the following platforms:\n\n- Linux platform version `1.3.0` or later.\n- Windows platform version `1.0.0` or later.\n\nFor tasks that use the Fargate launch type, the max stop timeout value is 120 seconds and if the parameter is not specified, the default value of 30 seconds is used.\n\nFor tasks that use the EC2 launch type, if the `stopTimeout` parameter isn't specified, the value set for the Amazon ECS container agent configuration variable `ECS_CONTAINER_STOP_TIMEOUT` is used. If neither the `stopTimeout` parameter or the `ECS_CONTAINER_STOP_TIMEOUT` agent configuration variable are set, then the default values of 30 seconds for Linux containers and 30 seconds on Windows containers are used. Your container instances require at least version 1.26.0 of the container agent to use a container stop timeout value. However, we recommend using the latest container agent version. For information about checking your agent version and updating to the latest version, see [Updating the Amazon ECS Container Agent](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-update.html) in the *Amazon Elastic Container Service Developer Guide* . If you're using an Amazon ECS-optimized Linux AMI, your instance needs at least version 1.26.0-1 of the `ecs-init` package. If your container instances are launched from version `20190301` or later, then they contain the required versions of the container agent and `ecs-init` . For more information, see [Amazon ECS-optimized Linux AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nThe valid values for Fargate are 2-120 seconds.", - "title": "StopTimeout", - "type": "number" - }, - "SystemControls": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.SystemControl" - }, - "markdownDescription": "A list of namespaced kernel parameters to set in the container. This parameter maps to `Sysctls` in the docker container create command and the `--sysctl` option to docker run. For example, you can configure `net.ipv4.tcp_keepalive_time` setting to maintain longer lived connections.", - "title": "SystemControls", - "type": "array" + "Metadata": { + "type": "object" }, - "Ulimits": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.Ulimit" + "Properties": { + "additionalProperties": false, + "properties": { + "DeliverCrossAccountRole": { + "markdownDescription": "The ARN of the IAM role that allows the service to publish flow logs across accounts.", + "title": "DeliverCrossAccountRole", + "type": "string" + }, + "DeliverLogsPermissionArn": { + "markdownDescription": "The ARN of the IAM role that allows Amazon EC2 to publish flow logs to the log destination.\n\nThis parameter is required if the destination type is `cloud-watch-logs` , or if the destination type is `kinesis-data-firehose` and the delivery stream and the resources to monitor are in different accounts.", + "title": "DeliverLogsPermissionArn", + "type": "string" + }, + "DestinationOptions": { + "$ref": "#/definitions/AWS::EC2::FlowLog.DestinationOptions", + "markdownDescription": "The destination options.", + "title": "DestinationOptions" + }, + "LogDestination": { + "markdownDescription": "The destination for the flow log data. The meaning of this parameter depends on the destination type.\n\n- If the destination type is `cloud-watch-logs` , specify the ARN of a CloudWatch Logs log group. For example:\n\narn:aws:logs: *region* : *account_id* :log-group: *my_group*\n\nAlternatively, use the `LogGroupName` parameter.\n- If the destination type is `s3` , specify the ARN of an S3 bucket. For example:\n\narn:aws:s3::: *my_bucket* / *my_subfolder* /\n\nThe subfolder is optional. Note that you can't use `AWSLogs` as a subfolder name.\n- If the destination type is `kinesis-data-firehose` , specify the ARN of a Kinesis Data Firehose delivery stream. For example:\n\narn:aws:firehose: *region* : *account_id* :deliverystream: *my_stream*", + "title": "LogDestination", + "type": "string" + }, + "LogDestinationType": { + "markdownDescription": "The type of destination for the flow log data.\n\nDefault: `cloud-watch-logs`", + "title": "LogDestinationType", + "type": "string" + }, + "LogFormat": { + "markdownDescription": "The fields to include in the flow log record, in the order in which they should appear. If you omit this parameter, the flow log is created using the default format. If you specify this parameter, you must include at least one field. For more information about the available fields, see [Flow log records](https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html#flow-log-records) in the *Amazon VPC User Guide* or [Transit Gateway Flow Log records](https://docs.aws.amazon.com/vpc/latest/tgw/tgw-flow-logs.html#flow-log-records) in the *AWS Transit Gateway Guide* .\n\nSpecify the fields using the `${field-id}` format, separated by spaces.", + "title": "LogFormat", + "type": "string" + }, + "LogGroupName": { + "markdownDescription": "The name of a new or existing CloudWatch Logs log group where Amazon EC2 publishes your flow logs.\n\nThis parameter is valid only if the destination type is `cloud-watch-logs` .", + "title": "LogGroupName", + "type": "string" + }, + "MaxAggregationInterval": { + "markdownDescription": "The maximum interval of time during which a flow of packets is captured and aggregated into a flow log record. The possible values are 60 seconds (1 minute) or 600 seconds (10 minutes). This parameter must be 60 seconds for transit gateway resource types.\n\nWhen a network interface is attached to a [Nitro-based instance](https://docs.aws.amazon.com/ec2/latest/instancetypes/ec2-nitro-instances.html) , the aggregation interval is always 60 seconds or less, regardless of the value that you specify.\n\nDefault: 600", + "title": "MaxAggregationInterval", + "type": "number" + }, + "ResourceId": { + "markdownDescription": "The ID of the resource to monitor. For example, if the resource type is `VPC` , specify the ID of the VPC.", + "title": "ResourceId", + "type": "string" + }, + "ResourceType": { + "markdownDescription": "The type of resource to monitor.", + "title": "ResourceType", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to apply to the flow logs.", + "title": "Tags", + "type": "array" + }, + "TrafficType": { + "markdownDescription": "The type of traffic to monitor (accepted traffic, rejected traffic, or all traffic). This parameter is not supported for transit gateway resource types. It is required for the other resource types.", + "title": "TrafficType", + "type": "string" + } }, - "markdownDescription": "A list of `ulimits` to set in the container. This parameter maps to `Ulimits` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--ulimit` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . Valid naming values are displayed in the [Ulimit](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_Ulimit.html) data type. This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`\n\n> This parameter is not supported for Windows containers.", - "title": "Ulimits", - "type": "array" + "required": [ + "ResourceId", + "ResourceType" + ], + "type": "object" }, - "User": { - "markdownDescription": "The user to use inside the container. This parameter maps to `User` in the docker container create command and the `--user` option to docker run.\n\n> When running tasks using the `host` network mode, don't run containers using the root user (UID 0). We recommend using a non-root user for better security. \n\nYou can specify the `user` using the following formats. If specifying a UID or GID, you must specify it as a positive integer.\n\n- `user`\n- `user:group`\n- `uid`\n- `uid:gid`\n- `user:gid`\n- `uid:group`\n\n> This parameter is not supported for Windows containers.", - "title": "User", + "Type": { + "enum": [ + "AWS::EC2::FlowLog" + ], "type": "string" }, - "VolumesFrom": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.VolumeFrom" - }, - "markdownDescription": "Data volumes to mount from another container. This parameter maps to `VolumesFrom` in the docker container create command and the `--volumes-from` option to docker run.", - "title": "VolumesFrom", - "type": "array" - }, - "WorkingDirectory": { - "markdownDescription": "The working directory to run commands inside the container in. This parameter maps to `WorkingDir` in the docker container create command and the `--workdir` option to docker run.", - "title": "WorkingDirectory", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Image", - "Name" + "Type", + "Properties" ], "type": "object" }, - "AWS::ECS::TaskDefinition.ContainerDependency": { + "AWS::EC2::FlowLog.DestinationOptions": { "additionalProperties": false, "properties": { - "Condition": { - "markdownDescription": "The dependency condition of the container. The following are the available conditions and their behavior:\n\n- `START` - This condition emulates the behavior of links and volumes today. It validates that a dependent container is started before permitting other containers to start.\n- `COMPLETE` - This condition validates that a dependent container runs to completion (exits) before permitting other containers to start. This can be useful for nonessential containers that run a script and then exit. This condition can't be set on an essential container.\n- `SUCCESS` - This condition is the same as `COMPLETE` , but it also requires that the container exits with a `zero` status. This condition can't be set on an essential container.\n- `HEALTHY` - This condition validates that the dependent container passes its Docker health check before permitting other containers to start. This requires that the dependent container has health checks configured. This condition is confirmed only at task startup.", - "title": "Condition", + "FileFormat": { + "markdownDescription": "The format for the flow log. The default is `plain-text` .", + "title": "FileFormat", "type": "string" }, - "ContainerName": { - "markdownDescription": "The name of a container.", - "title": "ContainerName", - "type": "string" + "HiveCompatiblePartitions": { + "markdownDescription": "Indicates whether to use Hive-compatible prefixes for flow logs stored in Amazon S3. The default is `false` .", + "title": "HiveCompatiblePartitions", + "type": "boolean" + }, + "PerHourPartition": { + "markdownDescription": "Indicates whether to partition the flow log per hour. This reduces the cost and response time for queries. The default is `false` .", + "title": "PerHourPartition", + "type": "boolean" } }, + "required": [ + "FileFormat", + "HiveCompatiblePartitions", + "PerHourPartition" + ], "type": "object" }, - "AWS::ECS::TaskDefinition.Device": { + "AWS::EC2::GatewayRouteTableAssociation": { "additionalProperties": false, "properties": { - "ContainerPath": { - "markdownDescription": "The path inside the container at which to expose the host device.", - "title": "ContainerPath", + "Condition": { "type": "string" }, - "HostPath": { - "markdownDescription": "The path for the device on the host container instance.", - "title": "HostPath", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Permissions": { - "items": { - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "GatewayId": { + "markdownDescription": "The ID of the gateway.", + "title": "GatewayId", + "type": "string" + }, + "RouteTableId": { + "markdownDescription": "The ID of the route table.", + "title": "RouteTableId", + "type": "string" + } }, - "markdownDescription": "The explicit permissions to provide to the container for the device. By default, the container has permissions for `read` , `write` , and `mknod` for the device.", - "title": "Permissions", - "type": "array" + "required": [ + "GatewayId", + "RouteTableId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::EC2::GatewayRouteTableAssociation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::ECS::TaskDefinition.DockerVolumeConfiguration": { + "AWS::EC2::Host": { "additionalProperties": false, "properties": { - "Autoprovision": { - "markdownDescription": "If this value is `true` , the Docker volume is created if it doesn't already exist.\n\n> This field is only used if the `scope` is `shared` .", - "title": "Autoprovision", - "type": "boolean" + "Condition": { + "type": "string" }, - "Driver": { - "markdownDescription": "The Docker volume driver to use. The driver value must match the driver name provided by Docker because it is used for task placement. If the driver was installed using the Docker plugin CLI, use `docker plugin ls` to retrieve the driver name from your container instance. If the driver was installed using another method, use Docker plugin discovery to retrieve the driver name. This parameter maps to `Driver` in the docker container create command and the `xxdriver` option to docker volume create.", - "title": "Driver", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "DriverOpts": { - "additionalProperties": true, - "markdownDescription": "A map of Docker driver-specific options passed through. This parameter maps to `DriverOpts` in the docker create-volume command and the `xxopt` option to docker volume create.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" } - }, - "title": "DriverOpts", + ] + }, + "Metadata": { "type": "object" }, - "Labels": { - "additionalProperties": true, - "markdownDescription": "Custom metadata to add to your Docker volume. This parameter maps to `Labels` in the docker container create command and the `xxlabel` option to docker volume create.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { + "Properties": { + "additionalProperties": false, + "properties": { + "AssetId": { + "markdownDescription": "The ID of the Outpost hardware asset on which the Dedicated Host is allocated.", + "title": "AssetId", + "type": "string" + }, + "AutoPlacement": { + "markdownDescription": "Indicates whether the host accepts any untargeted instance launches that match its instance type configuration, or if it only accepts Host tenancy instance launches that specify its unique host ID. For more information, see [Understanding auto-placement and affinity](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/how-dedicated-hosts-work.html#dedicated-hosts-understanding) in the *Amazon EC2 User Guide* .\n\nDefault: `off`", + "title": "AutoPlacement", + "type": "string" + }, + "AvailabilityZone": { + "markdownDescription": "The Availability Zone in which to allocate the Dedicated Host.", + "title": "AvailabilityZone", + "type": "string" + }, + "HostMaintenance": { + "markdownDescription": "Indicates whether host maintenance is enabled or disabled for the Dedicated Host.", + "title": "HostMaintenance", + "type": "string" + }, + "HostRecovery": { + "markdownDescription": "Indicates whether to enable or disable host recovery for the Dedicated Host. Host recovery is disabled by default. For more information, see [Host recovery](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-hosts-recovery.html) in the *Amazon EC2 User Guide* .\n\nDefault: `off`", + "title": "HostRecovery", + "type": "string" + }, + "InstanceFamily": { + "markdownDescription": "The instance family supported by the Dedicated Host. For example, `m5` .", + "title": "InstanceFamily", + "type": "string" + }, + "InstanceType": { + "markdownDescription": "Specifies the instance type to be supported by the Dedicated Hosts. If you specify an instance type, the Dedicated Hosts support instances of the specified instance type only.", + "title": "InstanceType", + "type": "string" + }, + "OutpostArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Outpost on which the Dedicated Host is allocated.", + "title": "OutpostArn", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Any tags assigned to the Dedicated Host.", + "title": "Tags", + "type": "array" } }, - "title": "Labels", + "required": [ + "AvailabilityZone" + ], "type": "object" }, - "Scope": { - "markdownDescription": "The scope for the Docker volume that determines its lifecycle. Docker volumes that are scoped to a `task` are automatically provisioned when the task starts and destroyed when the task stops. Docker volumes that are scoped as `shared` persist after the task stops.", - "title": "Scope", + "Type": { + "enum": [ + "AWS::EC2::Host" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::ECS::TaskDefinition.EFSVolumeConfiguration": { + "AWS::EC2::IPAM": { "additionalProperties": false, "properties": { - "AuthorizationConfig": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.AuthorizationConfig", - "markdownDescription": "The authorization configuration details for the Amazon EFS file system.", - "title": "AuthorizationConfig" - }, - "FilesystemId": { - "markdownDescription": "The Amazon EFS file system ID to use.", - "title": "FilesystemId", + "Condition": { "type": "string" }, - "RootDirectory": { - "markdownDescription": "The directory within the Amazon EFS file system to mount as the root directory inside the host. If this parameter is omitted, the root of the Amazon EFS volume will be used. Specifying `/` will have the same effect as omitting this parameter.\n\n> If an EFS access point is specified in the `authorizationConfig` , the root directory parameter must either be omitted or set to `/` which will enforce the path set on the EFS access point.", - "title": "RootDirectory", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "TransitEncryption": { - "markdownDescription": "Determines whether to use encryption for Amazon EFS data in transit between the Amazon ECS host and the Amazon EFS server. Transit encryption must be turned on if Amazon EFS IAM authorization is used. If this parameter is omitted, the default value of `DISABLED` is used. For more information, see [Encrypting data in transit](https://docs.aws.amazon.com/efs/latest/ug/encryption-in-transit.html) in the *Amazon Elastic File System User Guide* .", - "title": "TransitEncryption", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DefaultResourceDiscoveryOrganizationalUnitExclusions": { + "items": { + "$ref": "#/definitions/AWS::EC2::IPAM.IpamOrganizationalUnitExclusion" + }, + "markdownDescription": "If your IPAM is integrated with AWS Organizations, you can exclude an [organizational unit (OU)](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html#organizationalunit) from being managed by IPAM. When you exclude an OU, IPAM will not manage the IP addresses in accounts in that OU. For more information, see [Exclude organizational units from IPAM](https://docs.aws.amazon.com/vpc/latest/ipam/exclude-ous.html) in the *Amazon Virtual Private Cloud IP Address Manager User Guide* .", + "title": "DefaultResourceDiscoveryOrganizationalUnitExclusions", + "type": "array" + }, + "Description": { + "markdownDescription": "The description for the IPAM.", + "title": "Description", + "type": "string" + }, + "EnablePrivateGua": { + "markdownDescription": "Enable this option to use your own GUA ranges as private IPv6 addresses. This option is disabled by default.", + "title": "EnablePrivateGua", + "type": "boolean" + }, + "MeteredAccount": { + "markdownDescription": "A metered account is an AWS account that is charged for active IP addresses managed in IPAM. For more information, see [Enable cost distribution](https://docs.aws.amazon.com/vpc/latest/ipam/ipam-enable-cost-distro.html) in the *Amazon VPC IPAM User Guide* .\n\nPossible values:\n\n- `ipam-owner` (default): The AWS account which owns the IPAM is charged for all active IP addresses managed in IPAM.\n- `resource-owner` : The AWS account that owns the IP address is charged for the active IP address.", + "title": "MeteredAccount", + "type": "string" + }, + "OperatingRegions": { + "items": { + "$ref": "#/definitions/AWS::EC2::IPAM.IpamOperatingRegion" + }, + "markdownDescription": "The operating Regions for an IPAM. Operating Regions are AWS Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only discovers and monitors resources in the AWS Regions you select as operating Regions.\n\nFor more information about operating Regions, see [Create an IPAM](https://docs.aws.amazon.com//vpc/latest/ipam/create-ipam.html) in the *Amazon VPC IPAM User Guide* .", + "title": "OperatingRegions", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key `Owner` and the value `TeamA` , specify `tag:Owner` for the filter name and `TeamA` for the filter value.", + "title": "Tags", + "type": "array" + }, + "Tier": { + "markdownDescription": "IPAM is offered in a Free Tier and an Advanced Tier. For more information about the features available in each tier and the costs associated with the tiers, see the [VPC IPAM product pricing page](https://docs.aws.amazon.com//vpc/pricing/) .", + "title": "Tier", + "type": "string" + } + }, + "type": "object" }, - "TransitEncryptionPort": { - "markdownDescription": "The port to use when sending encrypted data between the Amazon ECS host and the Amazon EFS server. If you do not specify a transit encryption port, it will use the port selection strategy that the Amazon EFS mount helper uses. For more information, see [EFS mount helper](https://docs.aws.amazon.com/efs/latest/ug/efs-mount-helper.html) in the *Amazon Elastic File System User Guide* .", - "title": "TransitEncryptionPort", - "type": "number" - } - }, - "required": [ - "FilesystemId" - ], - "type": "object" - }, - "AWS::ECS::TaskDefinition.EnvironmentFile": { - "additionalProperties": false, - "properties": { "Type": { - "markdownDescription": "The file type to use. Environment files are objects in Amazon S3. The only supported value is `s3` .", - "title": "Type", + "enum": [ + "AWS::EC2::IPAM" + ], "type": "string" }, - "Value": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon S3 object containing the environment variable file.", - "title": "Value", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::ECS::TaskDefinition.EphemeralStorage": { - "additionalProperties": false, - "properties": { - "SizeInGiB": { - "markdownDescription": "The total amount, in GiB, of ephemeral storage to set for the task. The minimum supported value is `21` GiB and the maximum supported value is `200` GiB.", - "title": "SizeInGiB", - "type": "number" - } - }, - "type": "object" - }, - "AWS::ECS::TaskDefinition.FSxAuthorizationConfig": { + "AWS::EC2::IPAM.IpamOperatingRegion": { "additionalProperties": false, "properties": { - "CredentialsParameter": { - "markdownDescription": "The authorization credential option to use. The authorization credential options can be provided using either the Amazon Resource Name (ARN) of an AWS Secrets Manager secret or SSM Parameter Store parameter. The ARN refers to the stored credentials.", - "title": "CredentialsParameter", - "type": "string" - }, - "Domain": { - "markdownDescription": "A fully qualified domain name hosted by an [AWS Directory Service](https://docs.aws.amazon.com/directoryservice/latest/admin-guide/directory_microsoft_ad.html) Managed Microsoft AD (Active Directory) or self-hosted AD on Amazon EC2.", - "title": "Domain", + "RegionName": { + "markdownDescription": "The name of the operating Region.", + "title": "RegionName", "type": "string" } }, "required": [ - "CredentialsParameter", - "Domain" + "RegionName" ], "type": "object" }, - "AWS::ECS::TaskDefinition.FSxWindowsFileServerVolumeConfiguration": { + "AWS::EC2::IPAM.IpamOrganizationalUnitExclusion": { "additionalProperties": false, "properties": { - "AuthorizationConfig": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.FSxAuthorizationConfig", - "markdownDescription": "The authorization configuration details for the Amazon FSx for Windows File Server file system.", - "title": "AuthorizationConfig" - }, - "FileSystemId": { - "markdownDescription": "The Amazon FSx for Windows File Server file system ID to use.", - "title": "FileSystemId", - "type": "string" - }, - "RootDirectory": { - "markdownDescription": "The directory within the Amazon FSx for Windows File Server file system to mount as the root directory inside the host.", - "title": "RootDirectory", + "OrganizationsEntityPath": { + "markdownDescription": "An AWS Organizations entity path. For more information on the entity path, see [Understand the AWS Organizations entity path](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_last-accessed-view-data-orgs.html#access_policies_access-advisor-viewing-orgs-entity-path) in the *AWS Identity and Access Management User Guide* .", + "title": "OrganizationsEntityPath", "type": "string" } }, "required": [ - "FileSystemId", - "RootDirectory" + "OrganizationsEntityPath" ], "type": "object" }, - "AWS::ECS::TaskDefinition.FirelensConfiguration": { + "AWS::EC2::IPAMAllocation": { "additionalProperties": false, "properties": { - "Options": { - "additionalProperties": true, - "markdownDescription": "The options to use when configuring the log router. This field is optional and can be used to add additional metadata, such as the task, task definition, cluster, and container instance details to the log event.\n\nIf specified, valid option keys are:\n\n- `enable-ecs-log-metadata` , which can be `true` or `false`\n- `config-file-type` , which can be `s3` or `file`\n- `config-file-value` , which is either an S3 ARN or a file path", - "patternProperties": { - "^[a-zA-Z0-9]+$": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Cidr": { + "markdownDescription": "The CIDR you would like to allocate from the IPAM pool. Note the following:\n\n- If there is no DefaultNetmaskLength allocation rule set on the pool, you must specify either the NetmaskLength or the CIDR.\n- If the DefaultNetmaskLength allocation rule is set on the pool, you can specify either the NetmaskLength or the CIDR and the DefaultNetmaskLength allocation rule will be ignored.\n\nPossible values: Any available IPv4 or IPv6 CIDR.", + "title": "Cidr", + "type": "string" + }, + "Description": { + "markdownDescription": "A description for the allocation.", + "title": "Description", + "type": "string" + }, + "IpamPoolId": { + "markdownDescription": "The ID of the IPAM pool from which you would like to allocate a CIDR.", + "title": "IpamPoolId", "type": "string" + }, + "NetmaskLength": { + "markdownDescription": "The netmask length of the CIDR you would like to allocate from the IPAM pool. Note the following:\n\n- If there is no DefaultNetmaskLength allocation rule set on the pool, you must specify either the NetmaskLength or the CIDR.\n- If the DefaultNetmaskLength allocation rule is set on the pool, you can specify either the NetmaskLength or the CIDR and the DefaultNetmaskLength allocation rule will be ignored.\n\nPossible netmask lengths for IPv4 addresses are 0 - 32. Possible netmask lengths for IPv6 addresses are 0 - 128.", + "title": "NetmaskLength", + "type": "number" } }, - "title": "Options", + "required": [ + "IpamPoolId" + ], "type": "object" }, "Type": { - "markdownDescription": "The log router to use. The valid values are `fluentd` or `fluentbit` .", - "title": "Type", + "enum": [ + "AWS::EC2::IPAMAllocation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::ECS::TaskDefinition.HealthCheck": { + "AWS::EC2::IPAMPool": { "additionalProperties": false, "properties": { - "Command": { - "items": { - "type": "string" - }, - "markdownDescription": "A string array representing the command that the container runs to determine if it is healthy. The string array must start with `CMD` to run the command arguments directly, or `CMD-SHELL` to run the command with the container's default shell.\n\nWhen you use the AWS Management Console JSON panel, the AWS Command Line Interface , or the APIs, enclose the list of commands in double quotes and brackets.\n\n`[ \"CMD-SHELL\", \"curl -f http://localhost/ || exit 1\" ]`\n\nYou don't include the double quotes and brackets when you use the AWS Management Console.\n\n`CMD-SHELL, curl -f http://localhost/ || exit 1`\n\nAn exit code of 0 indicates success, and non-zero exit code indicates failure. For more information, see `HealthCheck` in the docker container create command.", - "title": "Command", - "type": "array" + "Condition": { + "type": "string" }, - "Interval": { - "markdownDescription": "The time period in seconds between each health check execution. You may specify between 5 and 300 seconds. The default value is 30 seconds. This value applies only when you specify a `command` .", - "title": "Interval", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Retries": { - "markdownDescription": "The number of times to retry a failed health check before the container is considered unhealthy. You may specify between 1 and 10 retries. The default value is 3. This value applies only when you specify a `command` .", - "title": "Retries", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "StartPeriod": { - "markdownDescription": "The optional grace period to provide containers time to bootstrap before failed health checks count towards the maximum number of retries. You can specify between 0 and 300 seconds. By default, the `startPeriod` is off. This value applies only when you specify a `command` .\n\n> If a health check succeeds within the `startPeriod` , then the container is considered healthy and any subsequent failures count toward the maximum number of retries.", - "title": "StartPeriod", - "type": "number" + "Metadata": { + "type": "object" }, - "Timeout": { - "markdownDescription": "The time period in seconds to wait for a health check to succeed before it is considered a failure. You may specify between 2 and 60 seconds. The default value is 5. This value applies only when you specify a `command` .", - "title": "Timeout", - "type": "number" - } - }, - "type": "object" - }, - "AWS::ECS::TaskDefinition.HostEntry": { - "additionalProperties": false, - "properties": { - "Hostname": { - "markdownDescription": "The hostname to use in the `/etc/hosts` entry.", - "title": "Hostname", + "Properties": { + "additionalProperties": false, + "properties": { + "AddressFamily": { + "markdownDescription": "The address family of the pool.", + "title": "AddressFamily", + "type": "string" + }, + "AllocationDefaultNetmaskLength": { + "markdownDescription": "The default netmask length for allocations added to this pool. If, for example, the CIDR assigned to this pool is 10.0.0.0/8 and you enter 16 here, new allocations will default to 10.0.0.0/16.", + "title": "AllocationDefaultNetmaskLength", + "type": "number" + }, + "AllocationMaxNetmaskLength": { + "markdownDescription": "The maximum netmask length possible for CIDR allocations in this IPAM pool to be compliant. The maximum netmask length must be greater than the minimum netmask length. Possible netmask lengths for IPv4 addresses are 0 - 32. Possible netmask lengths for IPv6 addresses are 0 - 128.", + "title": "AllocationMaxNetmaskLength", + "type": "number" + }, + "AllocationMinNetmaskLength": { + "markdownDescription": "The minimum netmask length required for CIDR allocations in this IPAM pool to be compliant. The minimum netmask length must be less than the maximum netmask length. Possible netmask lengths for IPv4 addresses are 0 - 32. Possible netmask lengths for IPv6 addresses are 0 - 128.", + "title": "AllocationMinNetmaskLength", + "type": "number" + }, + "AllocationResourceTags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags that are required for resources that use CIDRs from this IPAM pool. Resources that do not have these tags will not be allowed to allocate space from the pool. If the resources have their tags changed after they have allocated space or if the allocation tagging requirements are changed on the pool, the resource may be marked as noncompliant.", + "title": "AllocationResourceTags", + "type": "array" + }, + "AutoImport": { + "markdownDescription": "If selected, IPAM will continuously look for resources within the CIDR range of this pool and automatically import them as allocations into your IPAM. The CIDRs that will be allocated for these resources must not already be allocated to other resources in order for the import to succeed. IPAM will import a CIDR regardless of its compliance with the pool's allocation rules, so a resource might be imported and subsequently marked as noncompliant. If IPAM discovers multiple CIDRs that overlap, IPAM will import the largest CIDR only. If IPAM discovers multiple CIDRs with matching CIDRs, IPAM will randomly import one of them only.\n\nA locale must be set on the pool for this feature to work.", + "title": "AutoImport", + "type": "boolean" + }, + "AwsService": { + "markdownDescription": "Limits which service in AWS that the pool can be used in. \"ec2\", for example, allows users to use space for Elastic IP addresses and VPCs.", + "title": "AwsService", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the IPAM pool.", + "title": "Description", + "type": "string" + }, + "IpamScopeId": { + "markdownDescription": "The ID of the scope in which you would like to create the IPAM pool.", + "title": "IpamScopeId", + "type": "string" + }, + "Locale": { + "markdownDescription": "The locale of the IPAM pool.\n\nThe locale for the pool should be one of the following:\n\n- An AWS Region where you want this IPAM pool to be available for allocations.\n- The network border group for an AWS Local Zone where you want this IPAM pool to be available for allocations ( [supported Local Zones](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-byoip.html#byoip-zone-avail) ). This option is only available for IPAM IPv4 pools in the public scope.\n\nIf you choose an AWS Region for locale that has not been configured as an operating Region for the IPAM, you'll get an error.", + "title": "Locale", + "type": "string" + }, + "ProvisionedCidrs": { + "items": { + "$ref": "#/definitions/AWS::EC2::IPAMPool.ProvisionedCidr" + }, + "markdownDescription": "Information about the CIDRs provisioned to an IPAM pool.", + "title": "ProvisionedCidrs", + "type": "array" + }, + "PublicIpSource": { + "markdownDescription": "The IP address source for pools in the public scope. Only used for provisioning IP address CIDRs to pools in the public scope. Default is `BYOIP` . For more information, see [Create IPv6 pools](https://docs.aws.amazon.com//vpc/latest/ipam/intro-create-ipv6-pools.html) in the *Amazon VPC IPAM User Guide* . By default, you can add only one Amazon-provided IPv6 CIDR block to a top-level IPv6 pool. For information on increasing the default limit, see [Quotas for your IPAM](https://docs.aws.amazon.com//vpc/latest/ipam/quotas-ipam.html) in the *Amazon VPC IPAM User Guide* .", + "title": "PublicIpSource", + "type": "string" + }, + "PubliclyAdvertisable": { + "markdownDescription": "Determines if a pool is publicly advertisable. This option is not available for pools with AddressFamily set to `ipv4` .", + "title": "PubliclyAdvertisable", + "type": "boolean" + }, + "SourceIpamPoolId": { + "markdownDescription": "The ID of the source IPAM pool. You can use this option to create an IPAM pool within an existing source pool.", + "title": "SourceIpamPoolId", + "type": "string" + }, + "SourceResource": { + "$ref": "#/definitions/AWS::EC2::IPAMPool.SourceResource", + "markdownDescription": "The resource used to provision CIDRs to a resource planning pool.", + "title": "SourceResource" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key `Owner` and the value `TeamA` , specify `tag:Owner` for the filter name and `TeamA` for the filter value.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "AddressFamily", + "IpamScopeId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::EC2::IPAMPool" + ], "type": "string" }, - "IpAddress": { - "markdownDescription": "The IP address to use in the `/etc/hosts` entry.", - "title": "IpAddress", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::ECS::TaskDefinition.HostVolumeProperties": { + "AWS::EC2::IPAMPool.ProvisionedCidr": { "additionalProperties": false, "properties": { - "SourcePath": { - "markdownDescription": "When the `host` parameter is used, specify a `sourcePath` to declare the path on the host container instance that's presented to the container. If this parameter is empty, then the Docker daemon has assigned a host path for you. If the `host` parameter contains a `sourcePath` file location, then the data volume persists at the specified location on the host container instance until you delete it manually. If the `sourcePath` value doesn't exist on the host container instance, the Docker daemon creates it. If the location does exist, the contents of the source path folder are exported.\n\nIf you're using the Fargate launch type, the `sourcePath` parameter is not supported.", - "title": "SourcePath", + "Cidr": { + "markdownDescription": "The CIDR provisioned to the IPAM pool. A CIDR is a representation of an IP address and its associated network mask (or netmask) and refers to a range of IP addresses. An IPv4 CIDR example is `10.24.34.0/23` . An IPv6 CIDR example is `2001:DB8::/32` .", + "title": "Cidr", "type": "string" } }, + "required": [ + "Cidr" + ], "type": "object" }, - "AWS::ECS::TaskDefinition.InferenceAccelerator": { + "AWS::EC2::IPAMPool.SourceResource": { "additionalProperties": false, "properties": { - "DeviceName": { - "markdownDescription": "The Elastic Inference accelerator device name. The `deviceName` must also be referenced in a container definition as a [ResourceRequirement](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ResourceRequirement.html) .", - "title": "DeviceName", + "ResourceId": { + "markdownDescription": "The source resource ID.", + "title": "ResourceId", "type": "string" }, - "DeviceType": { - "markdownDescription": "The Elastic Inference accelerator type to use.", - "title": "DeviceType", + "ResourceOwner": { + "markdownDescription": "The source resource owner.", + "title": "ResourceOwner", "type": "string" - } - }, - "type": "object" - }, - "AWS::ECS::TaskDefinition.KernelCapabilities": { - "additionalProperties": false, - "properties": { - "Add": { - "items": { - "type": "string" - }, - "markdownDescription": "The Linux capabilities for the container that have been added to the default configuration provided by Docker. This parameter maps to `CapAdd` in the docker container create command and the `--cap-add` option to docker run.\n\n> Tasks launched on AWS Fargate only support adding the `SYS_PTRACE` kernel capability. \n\nValid values: `\"ALL\" | \"AUDIT_CONTROL\" | \"AUDIT_WRITE\" | \"BLOCK_SUSPEND\" | \"CHOWN\" | \"DAC_OVERRIDE\" | \"DAC_READ_SEARCH\" | \"FOWNER\" | \"FSETID\" | \"IPC_LOCK\" | \"IPC_OWNER\" | \"KILL\" | \"LEASE\" | \"LINUX_IMMUTABLE\" | \"MAC_ADMIN\" | \"MAC_OVERRIDE\" | \"MKNOD\" | \"NET_ADMIN\" | \"NET_BIND_SERVICE\" | \"NET_BROADCAST\" | \"NET_RAW\" | \"SETFCAP\" | \"SETGID\" | \"SETPCAP\" | \"SETUID\" | \"SYS_ADMIN\" | \"SYS_BOOT\" | \"SYS_CHROOT\" | \"SYS_MODULE\" | \"SYS_NICE\" | \"SYS_PACCT\" | \"SYS_PTRACE\" | \"SYS_RAWIO\" | \"SYS_RESOURCE\" | \"SYS_TIME\" | \"SYS_TTY_CONFIG\" | \"SYSLOG\" | \"WAKE_ALARM\"`", - "title": "Add", - "type": "array" }, - "Drop": { - "items": { - "type": "string" - }, - "markdownDescription": "The Linux capabilities for the container that have been removed from the default configuration provided by Docker. This parameter maps to `CapDrop` in the docker container create command and the `--cap-drop` option to docker run.\n\nValid values: `\"ALL\" | \"AUDIT_CONTROL\" | \"AUDIT_WRITE\" | \"BLOCK_SUSPEND\" | \"CHOWN\" | \"DAC_OVERRIDE\" | \"DAC_READ_SEARCH\" | \"FOWNER\" | \"FSETID\" | \"IPC_LOCK\" | \"IPC_OWNER\" | \"KILL\" | \"LEASE\" | \"LINUX_IMMUTABLE\" | \"MAC_ADMIN\" | \"MAC_OVERRIDE\" | \"MKNOD\" | \"NET_ADMIN\" | \"NET_BIND_SERVICE\" | \"NET_BROADCAST\" | \"NET_RAW\" | \"SETFCAP\" | \"SETGID\" | \"SETPCAP\" | \"SETUID\" | \"SYS_ADMIN\" | \"SYS_BOOT\" | \"SYS_CHROOT\" | \"SYS_MODULE\" | \"SYS_NICE\" | \"SYS_PACCT\" | \"SYS_PTRACE\" | \"SYS_RAWIO\" | \"SYS_RESOURCE\" | \"SYS_TIME\" | \"SYS_TTY_CONFIG\" | \"SYSLOG\" | \"WAKE_ALARM\"`", - "title": "Drop", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ECS::TaskDefinition.KeyValuePair": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the key-value pair. For environment variables, this is the name of the environment variable.", - "title": "Name", + "ResourceRegion": { + "markdownDescription": "The source resource Region.", + "title": "ResourceRegion", "type": "string" }, - "Value": { - "markdownDescription": "The value of the key-value pair. For environment variables, this is the value of the environment variable.", - "title": "Value", + "ResourceType": { + "markdownDescription": "The source resource type.", + "title": "ResourceType", "type": "string" } }, + "required": [ + "ResourceId", + "ResourceOwner", + "ResourceRegion", + "ResourceType" + ], "type": "object" }, - "AWS::ECS::TaskDefinition.LinuxParameters": { + "AWS::EC2::IPAMPoolCidr": { "additionalProperties": false, "properties": { - "Capabilities": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.KernelCapabilities", - "markdownDescription": "The Linux capabilities for the container that are added to or dropped from the default configuration provided by Docker.\n\n> For tasks that use the Fargate launch type, `capabilities` is supported for all platform versions but the `add` parameter is only supported if using platform version 1.4.0 or later.", - "title": "Capabilities" - }, - "Devices": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.Device" - }, - "markdownDescription": "Any host devices to expose to the container. This parameter maps to `Devices` in the docker container create command and the `--device` option to docker run.\n\n> If you're using tasks that use the Fargate launch type, the `devices` parameter isn't supported.", - "title": "Devices", - "type": "array" - }, - "InitProcessEnabled": { - "markdownDescription": "Run an `init` process inside the container that forwards signals and reaps processes. This parameter maps to the `--init` option to docker run. This parameter requires version 1.25 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`", - "title": "InitProcessEnabled", - "type": "boolean" - }, - "MaxSwap": { - "markdownDescription": "The total amount of swap memory (in MiB) a container can use. This parameter will be translated to the `--memory-swap` option to docker run where the value would be the sum of the container memory plus the `maxSwap` value.\n\nIf a `maxSwap` value of `0` is specified, the container will not use swap. Accepted values are `0` or any positive integer. If the `maxSwap` parameter is omitted, the container will use the swap configuration for the container instance it is running on. A `maxSwap` value must be set for the `swappiness` parameter to be used.\n\n> If you're using tasks that use the Fargate launch type, the `maxSwap` parameter isn't supported.\n> \n> If you're using tasks on Amazon Linux 2023 the `swappiness` parameter isn't supported.", - "title": "MaxSwap", - "type": "number" + "Condition": { + "type": "string" }, - "SharedMemorySize": { - "markdownDescription": "The value for the size (in MiB) of the `/dev/shm` volume. This parameter maps to the `--shm-size` option to docker run.\n\n> If you are using tasks that use the Fargate launch type, the `sharedMemorySize` parameter is not supported.", - "title": "SharedMemorySize", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Swappiness": { - "markdownDescription": "This allows you to tune a container's memory swappiness behavior. A `swappiness` value of `0` will cause swapping to not happen unless absolutely necessary. A `swappiness` value of `100` will cause pages to be swapped very aggressively. Accepted values are whole numbers between `0` and `100` . If the `swappiness` parameter is not specified, a default value of `60` is used. If a value is not specified for `maxSwap` then this parameter is ignored. This parameter maps to the `--memory-swappiness` option to docker run.\n\n> If you're using tasks that use the Fargate launch type, the `swappiness` parameter isn't supported.\n> \n> If you're using tasks on Amazon Linux 2023 the `swappiness` parameter isn't supported.", - "title": "Swappiness", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Tmpfs": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.Tmpfs" - }, - "markdownDescription": "The container path, mount options, and size (in MiB) of the tmpfs mount. This parameter maps to the `--tmpfs` option to docker run.\n\n> If you're using tasks that use the Fargate launch type, the `tmpfs` parameter isn't supported.", - "title": "Tmpfs", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ECS::TaskDefinition.LogConfiguration": { - "additionalProperties": false, - "properties": { - "LogDriver": { - "markdownDescription": "The log driver to use for the container.\n\nFor tasks on AWS Fargate , the supported log drivers are `awslogs` , `splunk` , and `awsfirelens` .\n\nFor tasks hosted on Amazon EC2 instances, the supported log drivers are `awslogs` , `fluentd` , `gelf` , `json-file` , `journald` , `syslog` , `splunk` , and `awsfirelens` .\n\nFor more information about using the `awslogs` log driver, see [Send Amazon ECS logs to CloudWatch](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_awslogs.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nFor more information about using the `awsfirelens` log driver, see [Send Amazon ECS logs to an AWS service or AWS Partner](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html) .\n\n> If you have a custom driver that isn't listed, you can fork the Amazon ECS container agent project that's [available on GitHub](https://docs.aws.amazon.com/https://github.com/aws/amazon-ecs-agent) and customize it to work with that driver. We encourage you to submit pull requests for changes that you would like to have included. However, we don't currently provide support for running modified copies of this software.", - "title": "LogDriver", - "type": "string" + "Metadata": { + "type": "object" }, - "Options": { - "additionalProperties": true, - "markdownDescription": "The configuration options to send to the log driver.\n\nThe options you can specify depend on the log driver. Some of the options you can specify when you use the `awslogs` log driver to route logs to Amazon CloudWatch include the following:\n\n- **awslogs-create-group** - Required: No\n\nSpecify whether you want the log group to be created automatically. If this option isn't specified, it defaults to `false` .\n\n> Your IAM policy must include the `logs:CreateLogGroup` permission before you attempt to use `awslogs-create-group` .\n- **awslogs-region** - Required: Yes\n\nSpecify the AWS Region that the `awslogs` log driver is to send your Docker logs to. You can choose to send all of your logs from clusters in different Regions to a single region in CloudWatch Logs. This is so that they're all visible in one location. Otherwise, you can separate them by Region for more granularity. Make sure that the specified log group exists in the Region that you specify with this option.\n- **awslogs-group** - Required: Yes\n\nMake sure to specify a log group that the `awslogs` log driver sends its log streams to.\n- **awslogs-stream-prefix** - Required: Yes, when using Fargate.Optional when using EC2.\n\nUse the `awslogs-stream-prefix` option to associate a log stream with the specified prefix, the container name, and the ID of the Amazon ECS task that the container belongs to. If you specify a prefix with this option, then the log stream takes the format `prefix-name/container-name/ecs-task-id` .\n\nIf you don't specify a prefix with this option, then the log stream is named after the container ID that's assigned by the Docker daemon on the container instance. Because it's difficult to trace logs back to the container that sent them with just the Docker container ID (which is only available on the container instance), we recommend that you specify a prefix with this option.\n\nFor Amazon ECS services, you can use the service name as the prefix. Doing so, you can trace log streams to the service that the container belongs to, the name of the container that sent them, and the ID of the task that the container belongs to.\n\nYou must specify a stream-prefix for your logs to have your logs appear in the Log pane when using the Amazon ECS console.\n- **awslogs-datetime-format** - Required: No\n\nThis option defines a multiline start pattern in Python `strftime` format. A log message consists of a line that matches the pattern and any following lines that don\u2019t match the pattern. The matched line is the delimiter between log messages.\n\nOne example of a use case for using this format is for parsing output such as a stack dump, which might otherwise be logged in multiple entries. The correct pattern allows it to be captured in a single entry.\n\nFor more information, see [awslogs-datetime-format](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/awslogs/#awslogs-datetime-format) .\n\nYou cannot configure both the `awslogs-datetime-format` and `awslogs-multiline-pattern` options.\n\n> Multiline logging performs regular expression parsing and matching of all log messages. This might have a negative impact on logging performance.\n- **awslogs-multiline-pattern** - Required: No\n\nThis option defines a multiline start pattern that uses a regular expression. A log message consists of a line that matches the pattern and any following lines that don\u2019t match the pattern. The matched line is the delimiter between log messages.\n\nFor more information, see [awslogs-multiline-pattern](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/awslogs/#awslogs-multiline-pattern) .\n\nThis option is ignored if `awslogs-datetime-format` is also configured.\n\nYou cannot configure both the `awslogs-datetime-format` and `awslogs-multiline-pattern` options.\n\n> Multiline logging performs regular expression parsing and matching of all log messages. This might have a negative impact on logging performance.\n\nThe following options apply to all supported log drivers.\n\n- **mode** - Required: No\n\nValid values: `non-blocking` | `blocking`\n\nThis option defines the delivery mode of log messages from the container to the log driver specified using `logDriver` . The delivery mode you choose affects application availability when the flow of logs from container is interrupted.\n\nIf you use the `blocking` mode and the flow of logs is interrupted, calls from container code to write to the `stdout` and `stderr` streams will block. The logging thread of the application will block as a result. This may cause the application to become unresponsive and lead to container healthcheck failure.\n\nIf you use the `non-blocking` mode, the container's logs are instead stored in an in-memory intermediate buffer configured with the `max-buffer-size` option. This prevents the application from becoming unresponsive when logs cannot be sent. We recommend using this mode if you want to ensure service availability and are okay with some log loss. For more information, see [Preventing log loss with non-blocking mode in the `awslogs` container log driver](https://docs.aws.amazon.com/containers/preventing-log-loss-with-non-blocking-mode-in-the-awslogs-container-log-driver/) .\n\nYou can set a default `mode` for all containers in a specific AWS Region by using the `defaultLogDriverMode` account setting. If you don't specify the `mode` option or configure the account setting, Amazon ECS will default to the `blocking` mode. For more information about the account setting, see [Default log driver mode](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-account-settings.html#default-log-driver-mode) in the *Amazon Elastic Container Service Developer Guide* .\n\n> On June 25, 2025, Amazon ECS is changing the default log driver mode from `blocking` to `non-blocking` to prioritize task availability over logging. To continue using the `blocking` mode after this change, do one of the following:\n> \n> - Set the `mode` option in your container definition's `logConfiguration` as `blocking` .\n> - Set the `defaultLogDriverMode` account setting to `blocking` .\n- **max-buffer-size** - Required: No\n\nDefault value: `1m`\n\nWhen `non-blocking` mode is used, the `max-buffer-size` log option controls the size of the buffer that's used for intermediate message storage. Make sure to specify an adequate buffer size based on your application. When the buffer fills up, further logs cannot be stored. Logs that cannot be stored are lost.\n\nTo route logs using the `splunk` log router, you need to specify a `splunk-token` and a `splunk-url` .\n\nWhen you use the `awsfirelens` log router to route logs to an AWS Service or AWS Partner Network destination for log storage and analytics, you can set the `log-driver-buffer-limit` option to limit the number of events that are buffered in memory, before being sent to the log router container. It can help to resolve potential log loss issue because high throughput might result in memory running out for the buffer inside of Docker.\n\nOther options you can specify when using `awsfirelens` to route logs depend on the destination. When you export logs to Amazon Data Firehose, you can specify the AWS Region with `region` and a name for the log stream with `delivery_stream` .\n\nWhen you export logs to Amazon Kinesis Data Streams, you can specify an AWS Region with `region` and a data stream name with `stream` .\n\nWhen you export logs to Amazon OpenSearch Service, you can specify options like `Name` , `Host` (OpenSearch Service endpoint without protocol), `Port` , `Index` , `Type` , `Aws_auth` , `Aws_region` , `Suppress_Type_Name` , and `tls` . For more information, see [Under the hood: FireLens for Amazon ECS Tasks](https://docs.aws.amazon.com/containers/under-the-hood-firelens-for-amazon-ecs-tasks/) .\n\nWhen you export logs to Amazon S3, you can specify the bucket using the `bucket` option. You can also specify `region` , `total_file_size` , `upload_timeout` , and `use_put_object` as options.\n\nThis parameter requires version 1.19 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`", - "patternProperties": { - "^[a-zA-Z0-9]+$": { + "Properties": { + "additionalProperties": false, + "properties": { + "Cidr": { + "markdownDescription": "The CIDR provisioned to the IPAM pool. A CIDR is a representation of an IP address and its associated network mask (or netmask) and refers to a range of IP addresses. An IPv4 CIDR example is `10.24.34.0/23` . An IPv6 CIDR example is `2001:DB8::/32` .", + "title": "Cidr", + "type": "string" + }, + "IpamPoolId": { + "markdownDescription": "The ID of the IPAM pool.", + "title": "IpamPoolId", "type": "string" + }, + "NetmaskLength": { + "markdownDescription": "The netmask length of the CIDR you'd like to provision to a pool. Can be used for provisioning Amazon-provided IPv6 CIDRs to top-level pools and for provisioning CIDRs to pools with source pools. Cannot be used to provision BYOIP CIDRs to top-level pools. \"NetmaskLength\" or \"Cidr\" is required.", + "title": "NetmaskLength", + "type": "number" } }, - "title": "Options", + "required": [ + "IpamPoolId" + ], "type": "object" }, - "SecretOptions": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.Secret" - }, - "markdownDescription": "The secrets to pass to the log configuration. For more information, see [Specifying sensitive data](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "SecretOptions", - "type": "array" + "Type": { + "enum": [ + "AWS::EC2::IPAMPoolCidr" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "LogDriver" + "Type", + "Properties" ], "type": "object" }, - "AWS::ECS::TaskDefinition.MountPoint": { + "AWS::EC2::IPAMResourceDiscovery": { "additionalProperties": false, "properties": { - "ContainerPath": { - "markdownDescription": "The path on the container to mount the host volume at.", - "title": "ContainerPath", + "Condition": { "type": "string" }, - "ReadOnly": { - "markdownDescription": "If this value is `true` , the container has read-only access to the volume. If this value is `false` , then the container can write to the volume. The default value is `false` .", - "title": "ReadOnly", - "type": "boolean" - }, - "SourceVolume": { - "markdownDescription": "The name of the volume to mount. Must be a volume name referenced in the `name` parameter of task definition `volume` .", - "title": "SourceVolume", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ECS::TaskDefinition.PortMapping": { - "additionalProperties": false, - "properties": { - "AppProtocol": { - "markdownDescription": "The application protocol that's used for the port mapping. This parameter only applies to Service Connect. We recommend that you set this parameter to be consistent with the protocol that your application uses. If you set this parameter, Amazon ECS adds protocol-specific connection handling to the Service Connect proxy. If you set this parameter, Amazon ECS adds protocol-specific telemetry in the Amazon ECS console and CloudWatch.\n\nIf you don't set a value for this parameter, then TCP is used. However, Amazon ECS doesn't add protocol-specific telemetry for TCP.\n\n`appProtocol` is immutable in a Service Connect service. Updating this field requires a service deletion and redeployment.\n\nTasks that run in a namespace can use short names to connect to services in the namespace. Tasks can connect to services across all of the clusters in the namespace. Tasks connect through a managed proxy container that collects logs and metrics for increased visibility. Only the tasks that Amazon ECS services create are supported with Service Connect. For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "AppProtocol", - "type": "string" - }, - "ContainerPort": { - "markdownDescription": "The port number on the container that's bound to the user-specified or automatically assigned host port.\n\nIf you use containers in a task with the `awsvpc` or `host` network mode, specify the exposed ports using `containerPort` .\n\nIf you use containers in a task with the `bridge` network mode and you specify a container port and not a host port, your container automatically receives a host port in the ephemeral port range. For more information, see `hostPort` . Port mappings that are automatically assigned in this way do not count toward the 100 reserved ports limit of a container instance.", - "title": "ContainerPort", - "type": "number" - }, - "ContainerPortRange": { - "markdownDescription": "The port number range on the container that's bound to the dynamically mapped host port range.\n\nThe following rules apply when you specify a `containerPortRange` :\n\n- You must use either the `bridge` network mode or the `awsvpc` network mode.\n- This parameter is available for both the EC2 and AWS Fargate launch types.\n- This parameter is available for both the Linux and Windows operating systems.\n- The container instance must have at least version 1.67.0 of the container agent and at least version 1.67.0-1 of the `ecs-init` package\n- You can specify a maximum of 100 port ranges per container.\n- You do not specify a `hostPortRange` . The value of the `hostPortRange` is set as follows:\n\n- For containers in a task with the `awsvpc` network mode, the `hostPortRange` is set to the same value as the `containerPortRange` . This is a static mapping strategy.\n- For containers in a task with the `bridge` network mode, the Amazon ECS agent finds open host ports from the default ephemeral range and passes it to docker to bind them to the container ports.\n- The `containerPortRange` valid values are between 1 and 65535.\n- A port can only be included in one port mapping per container.\n- You cannot specify overlapping port ranges.\n- The first port in the range must be less than last port in the range.\n- Docker recommends that you turn off the docker-proxy in the Docker daemon config file when you have a large number of ports.\n\nFor more information, see [Issue #11185](https://docs.aws.amazon.com/https://github.com/moby/moby/issues/11185) on the Github website.\n\nFor information about how to turn off the docker-proxy in the Docker daemon config file, see [Docker daemon](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/bootstrap_container_instance.html#bootstrap_docker_daemon) in the *Amazon ECS Developer Guide* .\n\nYou can call [`DescribeTasks`](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DescribeTasks.html) to view the `hostPortRange` which are the host ports that are bound to the container ports.", - "title": "ContainerPortRange", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "HostPort": { - "markdownDescription": "The port number on the container instance to reserve for your container.\n\nIf you specify a `containerPortRange` , leave this field empty and the value of the `hostPort` is set as follows:\n\n- For containers in a task with the `awsvpc` network mode, the `hostPort` is set to the same value as the `containerPort` . This is a static mapping strategy.\n- For containers in a task with the `bridge` network mode, the Amazon ECS agent finds open ports on the host and automatically binds them to the container ports. This is a dynamic mapping strategy.\n\nIf you use containers in a task with the `awsvpc` or `host` network mode, the `hostPort` can either be left blank or set to the same value as the `containerPort` .\n\nIf you use containers in a task with the `bridge` network mode, you can specify a non-reserved host port for your container port mapping, or you can omit the `hostPort` (or set it to `0` ) while specifying a `containerPort` and your container automatically receives a port in the ephemeral port range for your container instance operating system and Docker version.\n\nThe default ephemeral port range for Docker version 1.6.0 and later is listed on the instance under `/proc/sys/net/ipv4/ip_local_port_range` . If this kernel parameter is unavailable, the default ephemeral port range from 49153 through 65535 (Linux) or 49152 through 65535 (Windows) is used. Do not attempt to specify a host port in the ephemeral port range as these are reserved for automatic assignment. In general, ports below 32768 are outside of the ephemeral port range.\n\nThe default reserved ports are 22 for SSH, the Docker ports 2375 and 2376, and the Amazon ECS container agent ports 51678-51680. Any host port that was previously specified in a running task is also reserved while the task is running. That is, after a task stops, the host port is released. The current reserved ports are displayed in the `remainingResources` of [DescribeContainerInstances](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DescribeContainerInstances.html) output. A container instance can have up to 100 reserved ports at a time. This number includes the default reserved ports. Automatically assigned ports aren't included in the 100 reserved ports quota.", - "title": "HostPort", - "type": "number" - }, - "Name": { - "markdownDescription": "The name that's used for the port mapping. This parameter is the name that you use in the `serviceConnectConfiguration` and the `vpcLatticeConfigurations` of a service. The name can include up to 64 characters. The characters can include lowercase letters, numbers, underscores (_), and hyphens (-). The name can't start with a hyphen.", - "title": "Name", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Protocol": { - "markdownDescription": "The protocol used for the port mapping. Valid values are `tcp` and `udp` . The default is `tcp` . `protocol` is immutable in a Service Connect service. Updating this field requires a service deletion and redeployment.", - "title": "Protocol", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ECS::TaskDefinition.ProxyConfiguration": { - "additionalProperties": false, - "properties": { - "ContainerName": { - "markdownDescription": "The name of the container that will serve as the App Mesh proxy.", - "title": "ContainerName", - "type": "string" + "Metadata": { + "type": "object" }, - "ProxyConfigurationProperties": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.KeyValuePair" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The resource discovery description.", + "title": "Description", + "type": "string" + }, + "OperatingRegions": { + "items": { + "$ref": "#/definitions/AWS::EC2::IPAMResourceDiscovery.IpamOperatingRegion" + }, + "markdownDescription": "The operating Regions for the resource discovery. Operating Regions are AWS Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only discovers and monitors resources in the AWS Regions you select as operating Regions.", + "title": "OperatingRegions", + "type": "array" + }, + "OrganizationalUnitExclusions": { + "items": { + "$ref": "#/definitions/AWS::EC2::IPAMResourceDiscovery.IpamResourceDiscoveryOrganizationalUnitExclusion" + }, + "markdownDescription": "If your IPAM is integrated with AWS Organizations, you can exclude an [organizational unit (OU)](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html#organizationalunit) from being managed by IPAM. When you exclude an OU, IPAM will not manage the IP addresses in accounts in that OU. For more information, see [Exclude organizational units from IPAM](https://docs.aws.amazon.com/vpc/latest/ipam/exclude-ous.html) in the *Amazon Virtual Private Cloud IP Address Manager User Guide* .", + "title": "OrganizationalUnitExclusions", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A tag is a label that you assign to an AWS resource. Each tag consists of a key and an optional value. You can use tags to search and filter your resources or track your AWS costs.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The set of network configuration parameters to provide the Container Network Interface (CNI) plugin, specified as key-value pairs.\n\n- `IgnoredUID` - (Required) The user ID (UID) of the proxy container as defined by the `user` parameter in a container definition. This is used to ensure the proxy ignores its own traffic. If `IgnoredGID` is specified, this field can be empty.\n- `IgnoredGID` - (Required) The group ID (GID) of the proxy container as defined by the `user` parameter in a container definition. This is used to ensure the proxy ignores its own traffic. If `IgnoredUID` is specified, this field can be empty.\n- `AppPorts` - (Required) The list of ports that the application uses. Network traffic to these ports is forwarded to the `ProxyIngressPort` and `ProxyEgressPort` .\n- `ProxyIngressPort` - (Required) Specifies the port that incoming traffic to the `AppPorts` is directed to.\n- `ProxyEgressPort` - (Required) Specifies the port that outgoing traffic from the `AppPorts` is directed to.\n- `EgressIgnoredPorts` - (Required) The egress traffic going to the specified ports is ignored and not redirected to the `ProxyEgressPort` . It can be an empty list.\n- `EgressIgnoredIPs` - (Required) The egress traffic going to the specified IP addresses is ignored and not redirected to the `ProxyEgressPort` . It can be an empty list.", - "title": "ProxyConfigurationProperties", - "type": "array" + "type": "object" }, "Type": { - "markdownDescription": "The proxy type. The only supported value is `APPMESH` .", - "title": "Type", - "type": "string" - } - }, - "required": [ - "ContainerName" - ], - "type": "object" - }, - "AWS::ECS::TaskDefinition.RepositoryCredentials": { - "additionalProperties": false, - "properties": { - "CredentialsParameter": { - "markdownDescription": "The Amazon Resource Name (ARN) of the secret containing the private repository credentials.\n\n> When you use the Amazon ECS API, AWS CLI , or AWS SDK, if the secret exists in the same Region as the task that you're launching then you can use either the full ARN or the name of the secret. When you use the AWS Management Console, you must specify the full ARN of the secret.", - "title": "CredentialsParameter", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ECS::TaskDefinition.ResourceRequirement": { - "additionalProperties": false, - "properties": { - "Type": { - "markdownDescription": "The type of resource to assign to a container.", - "title": "Type", - "type": "string" - }, - "Value": { - "markdownDescription": "The value for the specified resource type.\n\nWhen the type is `GPU` , the value is the number of physical `GPUs` the Amazon ECS container agent reserves for the container. The number of GPUs that's reserved for all containers in a task can't exceed the number of available GPUs on the container instance that the task is launched on.\n\nWhen the type is `InferenceAccelerator` , the `value` matches the `deviceName` for an [InferenceAccelerator](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_InferenceAccelerator.html) specified in a task definition.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Type", - "Value" - ], - "type": "object" - }, - "AWS::ECS::TaskDefinition.RuntimePlatform": { - "additionalProperties": false, - "properties": { - "CpuArchitecture": { - "markdownDescription": "The CPU architecture.\n\nYou can run your Linux tasks on an ARM-based platform by setting the value to `ARM64` . This option is available for tasks that run on Linux Amazon EC2 instance or Linux containers on Fargate.", - "title": "CpuArchitecture", - "type": "string" - }, - "OperatingSystemFamily": { - "markdownDescription": "The operating system.", - "title": "OperatingSystemFamily", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ECS::TaskDefinition.Secret": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the secret.", - "title": "Name", - "type": "string" - }, - "ValueFrom": { - "markdownDescription": "The secret to expose to the container. The supported values are either the full ARN of the AWS Secrets Manager secret or the full ARN of the parameter in the SSM Parameter Store.\n\nFor information about the require AWS Identity and Access Management permissions, see [Required IAM permissions for Amazon ECS secrets](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data-secrets.html#secrets-iam) (for Secrets Manager) or [Required IAM permissions for Amazon ECS secrets](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data-parameters.html) (for Systems Manager Parameter store) in the *Amazon Elastic Container Service Developer Guide* .\n\n> If the SSM Parameter Store parameter exists in the same Region as the task you're launching, then you can use either the full ARN or name of the parameter. If the parameter exists in a different Region, then the full ARN must be specified.", - "title": "ValueFrom", - "type": "string" - } - }, - "required": [ - "Name", - "ValueFrom" - ], - "type": "object" - }, - "AWS::ECS::TaskDefinition.SystemControl": { - "additionalProperties": false, - "properties": { - "Namespace": { - "markdownDescription": "The namespaced kernel parameter to set a `value` for.", - "title": "Namespace", - "type": "string" - }, - "Value": { - "markdownDescription": "The namespaced kernel parameter to set a `value` for.\n\nValid IPC namespace values: `\"kernel.msgmax\" | \"kernel.msgmnb\" | \"kernel.msgmni\" | \"kernel.sem\" | \"kernel.shmall\" | \"kernel.shmmax\" | \"kernel.shmmni\" | \"kernel.shm_rmid_forced\"` , and `Sysctls` that start with `\"fs.mqueue.*\"`\n\nValid network namespace values: `Sysctls` that start with `\"net.*\"` . Only namespaced `Sysctls` that exist within the container starting with \"net.* are accepted.\n\nAll of these values are supported by Fargate.", - "title": "Value", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ECS::TaskDefinition.TaskDefinitionPlacementConstraint": { - "additionalProperties": false, - "properties": { - "Expression": { - "markdownDescription": "A cluster query language expression to apply to the constraint. For more information, see [Cluster query language](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "Expression", + "enum": [ + "AWS::EC2::IPAMResourceDiscovery" + ], "type": "string" }, - "Type": { - "markdownDescription": "The type of constraint. The `MemberOf` constraint restricts selection to be from a group of valid candidates.", - "title": "Type", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, @@ -85201,112 +91119,35 @@ ], "type": "object" }, - "AWS::ECS::TaskDefinition.Tmpfs": { + "AWS::EC2::IPAMResourceDiscovery.IpamOperatingRegion": { "additionalProperties": false, "properties": { - "ContainerPath": { - "markdownDescription": "The absolute file path where the tmpfs volume is to be mounted.", - "title": "ContainerPath", + "RegionName": { + "markdownDescription": "The name of the operating Region.", + "title": "RegionName", "type": "string" - }, - "MountOptions": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of tmpfs volume mount options.\n\nValid values: `\"defaults\" | \"ro\" | \"rw\" | \"suid\" | \"nosuid\" | \"dev\" | \"nodev\" | \"exec\" | \"noexec\" | \"sync\" | \"async\" | \"dirsync\" | \"remount\" | \"mand\" | \"nomand\" | \"atime\" | \"noatime\" | \"diratime\" | \"nodiratime\" | \"bind\" | \"rbind\" | \"unbindable\" | \"runbindable\" | \"private\" | \"rprivate\" | \"shared\" | \"rshared\" | \"slave\" | \"rslave\" | \"relatime\" | \"norelatime\" | \"strictatime\" | \"nostrictatime\" | \"mode\" | \"uid\" | \"gid\" | \"nr_inodes\" | \"nr_blocks\" | \"mpol\"`", - "title": "MountOptions", - "type": "array" - }, - "Size": { - "markdownDescription": "The maximum size (in MiB) of the tmpfs volume.", - "title": "Size", - "type": "number" } }, "required": [ - "Size" + "RegionName" ], "type": "object" }, - "AWS::ECS::TaskDefinition.Ulimit": { + "AWS::EC2::IPAMResourceDiscovery.IpamResourceDiscoveryOrganizationalUnitExclusion": { "additionalProperties": false, "properties": { - "HardLimit": { - "markdownDescription": "The hard limit for the `ulimit` type. The value can be specified in bytes, seconds, or as a count, depending on the `type` of the `ulimit` .", - "title": "HardLimit", - "type": "number" - }, - "Name": { - "markdownDescription": "The `type` of the `ulimit` .", - "title": "Name", + "OrganizationsEntityPath": { + "markdownDescription": "An AWS Organizations entity path. For more information on the entity path, see [Understand the AWS Organizations entity path](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_last-accessed-view-data-orgs.html#access_policies_access-advisor-viewing-orgs-entity-path) in the *AWS Identity and Access Management User Guide* .", + "title": "OrganizationsEntityPath", "type": "string" - }, - "SoftLimit": { - "markdownDescription": "The soft limit for the `ulimit` type. The value can be specified in bytes, seconds, or as a count, depending on the `type` of the `ulimit` .", - "title": "SoftLimit", - "type": "number" } }, "required": [ - "HardLimit", - "Name", - "SoftLimit" + "OrganizationsEntityPath" ], "type": "object" }, - "AWS::ECS::TaskDefinition.Volume": { - "additionalProperties": false, - "properties": { - "ConfiguredAtLaunch": { - "markdownDescription": "Indicates whether the volume should be configured at launch time. This is used to create Amazon EBS volumes for standalone tasks or tasks created as part of a service. Each task definition revision may only have one volume configured at launch in the volume configuration.\n\nTo configure a volume at launch time, use this task definition revision and specify a `volumeConfigurations` object when calling the `CreateService` , `UpdateService` , `RunTask` or `StartTask` APIs.", - "title": "ConfiguredAtLaunch", - "type": "boolean" - }, - "DockerVolumeConfiguration": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.DockerVolumeConfiguration", - "markdownDescription": "This parameter is specified when you use Docker volumes.\n\nWindows containers only support the use of the `local` driver. To use bind mounts, specify the `host` parameter instead.\n\n> Docker volumes aren't supported by tasks run on AWS Fargate .", - "title": "DockerVolumeConfiguration" - }, - "EFSVolumeConfiguration": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.EFSVolumeConfiguration", - "markdownDescription": "This parameter is specified when you use an Amazon Elastic File System file system for task storage.", - "title": "EFSVolumeConfiguration" - }, - "FSxWindowsFileServerVolumeConfiguration": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.FSxWindowsFileServerVolumeConfiguration", - "markdownDescription": "This parameter is specified when you use Amazon FSx for Windows File Server file system for task storage.", - "title": "FSxWindowsFileServerVolumeConfiguration" - }, - "Host": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.HostVolumeProperties", - "markdownDescription": "This parameter is specified when you use bind mount host volumes. The contents of the `host` parameter determine whether your bind mount host volume persists on the host container instance and where it's stored. If the `host` parameter is empty, then the Docker daemon assigns a host path for your data volume. However, the data isn't guaranteed to persist after the containers that are associated with it stop running.\n\nWindows containers can mount whole directories on the same drive as `$env:ProgramData` . Windows containers can't mount directories on a different drive, and mount point can't be across drives. For example, you can mount `C:\\my\\path:C:\\my\\path` and `D:\\:D:\\` , but not `D:\\my\\path:C:\\my\\path` or `D:\\:C:\\my\\path` .", - "title": "Host" - }, - "Name": { - "markdownDescription": "The name of the volume. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed.\n\nWhen using a volume configured at launch, the `name` is required and must also be specified as the volume name in the `ServiceVolumeConfiguration` or `TaskVolumeConfiguration` parameter when creating your service or standalone task.\n\nFor all other types of volumes, this name is referenced in the `sourceVolume` parameter of the `mountPoints` object in the container definition.\n\nWhen a volume is using the `efsVolumeConfiguration` , the name is required.", - "title": "Name", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ECS::TaskDefinition.VolumeFrom": { - "additionalProperties": false, - "properties": { - "ReadOnly": { - "markdownDescription": "If this value is `true` , the container has read-only access to the volume. If this value is `false` , then the container can write to the volume. The default value is `false` .", - "title": "ReadOnly", - "type": "boolean" - }, - "SourceContainer": { - "markdownDescription": "The name of another container within the same task definition to mount volumes from.", - "title": "SourceContainer", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ECS::TaskSet": { + "AWS::EC2::IPAMResourceDiscoveryAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -85341,81 +91182,34 @@ "Properties": { "additionalProperties": false, "properties": { - "Cluster": { - "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the cluster that hosts the service to create the task set in.", - "title": "Cluster", - "type": "string" - }, - "ExternalId": { - "markdownDescription": "An optional non-unique tag that identifies this task set in external systems. If the task set is associated with a service discovery registry, the tasks in this task set will have the `ECS_TASK_SET_EXTERNAL_ID` AWS Cloud Map attribute set to the provided value.", - "title": "ExternalId", - "type": "string" - }, - "LaunchType": { - "markdownDescription": "The launch type that new tasks in the task set uses. For more information, see [Amazon ECS launch types](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/launch_types.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nIf a `launchType` is specified, the `capacityProviderStrategy` parameter must be omitted.", - "title": "LaunchType", - "type": "string" - }, - "LoadBalancers": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskSet.LoadBalancer" - }, - "markdownDescription": "A load balancer object representing the load balancer to use with the task set. The supported load balancer types are either an Application Load Balancer or a Network Load Balancer.", - "title": "LoadBalancers", - "type": "array" - }, - "NetworkConfiguration": { - "$ref": "#/definitions/AWS::ECS::TaskSet.NetworkConfiguration", - "markdownDescription": "The network configuration for the task set.", - "title": "NetworkConfiguration" - }, - "PlatformVersion": { - "markdownDescription": "The platform version that the tasks in the task set uses. A platform version is specified only for tasks using the Fargate launch type. If one isn't specified, the `LATEST` platform version is used.", - "title": "PlatformVersion", + "IpamId": { + "markdownDescription": "The IPAM ID.", + "title": "IpamId", "type": "string" }, - "Scale": { - "$ref": "#/definitions/AWS::ECS::TaskSet.Scale", - "markdownDescription": "A floating-point percentage of your desired number of tasks to place and keep running in the task set.", - "title": "Scale" - }, - "Service": { - "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the service to create the task set in.", - "title": "Service", + "IpamResourceDiscoveryId": { + "markdownDescription": "The resource discovery ID.", + "title": "IpamResourceDiscoveryId", "type": "string" }, - "ServiceRegistries": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskSet.ServiceRegistry" - }, - "markdownDescription": "The details of the service discovery registries to assign to this task set. For more information, see [Service discovery](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-discovery.html) .", - "title": "ServiceRegistries", - "type": "array" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The metadata that you apply to the task set to help you categorize and organize them. Each tag consists of a key and an optional value. You define both.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8\n- Maximum value length - 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", + "markdownDescription": "A tag is a label that you assign to an AWS resource. Each tag consists of a key and an optional value. You can use tags to search and filter your resources or track your AWS costs.", "title": "Tags", "type": "array" - }, - "TaskDefinition": { - "markdownDescription": "The task definition for the tasks in the task set to use. If a revision isn't specified, the latest `ACTIVE` revision is used.", - "title": "TaskDefinition", - "type": "string" } }, "required": [ - "Cluster", - "Service", - "TaskDefinition" + "IpamId", + "IpamResourceDiscoveryId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ECS::TaskSet" + "AWS::EC2::IPAMResourceDiscoveryAssociation" ], "type": "string" }, @@ -85434,111 +91228,7 @@ ], "type": "object" }, - "AWS::ECS::TaskSet.AwsVpcConfiguration": { - "additionalProperties": false, - "properties": { - "AssignPublicIp": { - "markdownDescription": "Whether the task's elastic network interface receives a public IP address.\n\nConsider the following when you set this value:\n\n- When you use `create-service` or `update-service` , the default is `DISABLED` .\n- When the service `deploymentController` is `ECS` , the value must be `DISABLED` .", - "title": "AssignPublicIp", - "type": "string" - }, - "SecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the security groups associated with the task or service. If you don't specify a security group, the default security group for the VPC is used. There's a limit of 5 security groups that can be specified.\n\n> All specified security groups must be from the same VPC.", - "title": "SecurityGroups", - "type": "array" - }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the subnets associated with the task or service. There's a limit of 16 subnets that can be specified.\n\n> All specified subnets must be from the same VPC.", - "title": "Subnets", - "type": "array" - } - }, - "required": [ - "Subnets" - ], - "type": "object" - }, - "AWS::ECS::TaskSet.LoadBalancer": { - "additionalProperties": false, - "properties": { - "ContainerName": { - "markdownDescription": "The name of the container (as it appears in a container definition) to associate with the load balancer.\n\nYou need to specify the container name when configuring the target group for an Amazon ECS load balancer.", - "title": "ContainerName", - "type": "string" - }, - "ContainerPort": { - "markdownDescription": "The port on the container to associate with the load balancer. This port must correspond to a `containerPort` in the task definition the tasks in the service are using. For tasks that use the EC2 launch type, the container instance they're launched on must allow ingress traffic on the `hostPort` of the port mapping.", - "title": "ContainerPort", - "type": "number" - }, - "TargetGroupArn": { - "markdownDescription": "The full Amazon Resource Name (ARN) of the Elastic Load Balancing target group or groups associated with a service or task set.\n\nA target group ARN is only specified when using an Application Load Balancer or Network Load Balancer.\n\nFor services using the `ECS` deployment controller, you can specify one or multiple target groups. For more information, see [Registering multiple target groups with a service](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/register-multiple-targetgroups.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nFor services using the `CODE_DEPLOY` deployment controller, you're required to define two target groups for the load balancer. For more information, see [Blue/green deployment with CodeDeploy](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-type-bluegreen.html) in the *Amazon Elastic Container Service Developer Guide* .\n\n> If your service's task definition uses the `awsvpc` network mode, you must choose `ip` as the target type, not `instance` . Do this when creating your target groups because tasks that use the `awsvpc` network mode are associated with an elastic network interface, not an Amazon EC2 instance. This network mode is required for the Fargate launch type.", - "title": "TargetGroupArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ECS::TaskSet.NetworkConfiguration": { - "additionalProperties": false, - "properties": { - "AwsVpcConfiguration": { - "$ref": "#/definitions/AWS::ECS::TaskSet.AwsVpcConfiguration", - "markdownDescription": "The VPC subnets and security groups that are associated with a task.\n\n> All specified subnets and security groups must be from the same VPC.", - "title": "AwsVpcConfiguration" - } - }, - "type": "object" - }, - "AWS::ECS::TaskSet.Scale": { - "additionalProperties": false, - "properties": { - "Unit": { - "markdownDescription": "The unit of measure for the scale value.", - "title": "Unit", - "type": "string" - }, - "Value": { - "markdownDescription": "The value, specified as a percent total of a service's `desiredCount` , to scale the task set. Accepted values are numbers between 0 and 100.", - "title": "Value", - "type": "number" - } - }, - "type": "object" - }, - "AWS::ECS::TaskSet.ServiceRegistry": { - "additionalProperties": false, - "properties": { - "ContainerName": { - "markdownDescription": "The container name value to be used for your service discovery service. It's already specified in the task definition. If the task definition that your service task specifies uses the `bridge` or `host` network mode, you must specify a `containerName` and `containerPort` combination from the task definition. If the task definition that your service task specifies uses the `awsvpc` network mode and a type SRV DNS record is used, you must specify either a `containerName` and `containerPort` combination or a `port` value. However, you can't specify both.", - "title": "ContainerName", - "type": "string" - }, - "ContainerPort": { - "markdownDescription": "The port value to be used for your service discovery service. It's already specified in the task definition. If the task definition your service task specifies uses the `bridge` or `host` network mode, you must specify a `containerName` and `containerPort` combination from the task definition. If the task definition your service task specifies uses the `awsvpc` network mode and a type SRV DNS record is used, you must specify either a `containerName` and `containerPort` combination or a `port` value. However, you can't specify both.", - "title": "ContainerPort", - "type": "number" - }, - "Port": { - "markdownDescription": "The port value used if your service discovery service specified an SRV record. This field might be used if both the `awsvpc` network mode and SRV records are used.", - "title": "Port", - "type": "number" - }, - "RegistryArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the service registry. The currently supported service registry is AWS Cloud Map . For more information, see [CreateService](https://docs.aws.amazon.com/cloud-map/latest/api/API_CreateService.html) .", - "title": "RegistryArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EFS::AccessPoint": { + "AWS::EC2::IPAMScope": { "additionalProperties": false, "properties": { "Condition": { @@ -85573,43 +91263,33 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessPointTags": { - "items": { - "$ref": "#/definitions/AWS::EFS::AccessPoint.AccessPointTag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "AccessPointTags", - "type": "array" - }, - "ClientToken": { - "markdownDescription": "The opaque string specified in the request to ensure idempotent creation.", - "title": "ClientToken", + "Description": { + "markdownDescription": "The description of the scope.", + "title": "Description", "type": "string" }, - "FileSystemId": { - "markdownDescription": "The ID of the EFS file system that the access point applies to. Accepts only the ID format for input when specifying a file system, for example `fs-0123456789abcedf2` .", - "title": "FileSystemId", + "IpamId": { + "markdownDescription": "The ID of the IPAM for which you're creating this scope.", + "title": "IpamId", "type": "string" }, - "PosixUser": { - "$ref": "#/definitions/AWS::EFS::AccessPoint.PosixUser", - "markdownDescription": "The full POSIX identity, including the user ID, group ID, and secondary group IDs on the access point that is used for all file operations by NFS clients using the access point.", - "title": "PosixUser" - }, - "RootDirectory": { - "$ref": "#/definitions/AWS::EFS::AccessPoint.RootDirectory", - "markdownDescription": "The directory on the EFS file system that the access point exposes as the root directory to NFS clients using the access point.", - "title": "RootDirectory" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key `Owner` and the value `TeamA` , specify `tag:Owner` for the filter name and `TeamA` for the filter value.", + "title": "Tags", + "type": "array" } }, "required": [ - "FileSystemId" + "IpamId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EFS::AccessPoint" + "AWS::EC2::IPAMScope" ], "type": "string" }, @@ -85628,98 +91308,15 @@ ], "type": "object" }, - "AWS::EFS::AccessPoint.AccessPointTag": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "The tag key (String). The key can't start with `aws:` .", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "The value of the tag key.", - "title": "Value", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EFS::AccessPoint.CreationInfo": { - "additionalProperties": false, - "properties": { - "OwnerGid": { - "markdownDescription": "Specifies the POSIX group ID to apply to the `RootDirectory` . Accepts values from 0 to 2^32 (4294967295).", - "title": "OwnerGid", - "type": "string" - }, - "OwnerUid": { - "markdownDescription": "Specifies the POSIX user ID to apply to the `RootDirectory` . Accepts values from 0 to 2^32 (4294967295).", - "title": "OwnerUid", - "type": "string" - }, - "Permissions": { - "markdownDescription": "Specifies the POSIX permissions to apply to the `RootDirectory` , in the format of an octal number representing the file's mode bits.", - "title": "Permissions", - "type": "string" - } - }, - "required": [ - "OwnerGid", - "OwnerUid", - "Permissions" - ], - "type": "object" - }, - "AWS::EFS::AccessPoint.PosixUser": { - "additionalProperties": false, - "properties": { - "Gid": { - "markdownDescription": "The POSIX group ID used for all file system operations using this access point.", - "title": "Gid", - "type": "string" - }, - "SecondaryGids": { - "items": { - "type": "string" - }, - "markdownDescription": "Secondary POSIX group IDs used for all file system operations using this access point.", - "title": "SecondaryGids", - "type": "array" - }, - "Uid": { - "markdownDescription": "The POSIX user ID used for all file system operations using this access point.", - "title": "Uid", - "type": "string" - } - }, - "required": [ - "Gid", - "Uid" - ], - "type": "object" - }, - "AWS::EFS::AccessPoint.RootDirectory": { - "additionalProperties": false, - "properties": { - "CreationInfo": { - "$ref": "#/definitions/AWS::EFS::AccessPoint.CreationInfo", - "markdownDescription": "(Optional) Specifies the POSIX IDs and permissions to apply to the access point's `RootDirectory` . If the `RootDirectory` > `Path` specified does not exist, EFS creates the root directory using the `CreationInfo` settings when a client connects to an access point. When specifying the `CreationInfo` , you must provide values for all properties.\n\n> If you do not provide `CreationInfo` and the specified `RootDirectory` > `Path` does not exist, attempts to mount the file system using the access point will fail.", - "title": "CreationInfo" - }, - "Path": { - "markdownDescription": "Specifies the path on the EFS file system to expose as the root directory to NFS clients using the access point to access the EFS file system. A path can have up to four subdirectories. If the specified path does not exist, you are required to provide the `CreationInfo` .", - "title": "Path", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EFS::FileSystem": { + "AWS::EC2::Instance": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, + "CreationPolicy": { + "type": "object" + }, "DeletionPolicy": { "enum": [ "Delete", @@ -85749,83 +91346,250 @@ "Properties": { "additionalProperties": false, "properties": { - "AvailabilityZoneName": { - "markdownDescription": "For One Zone file systems, specify the AWS Availability Zone in which to create the file system. Use the format `us-east-1a` to specify the Availability Zone. For more information about One Zone file systems, see [EFS file system types](https://docs.aws.amazon.com/efs/latest/ug/availability-durability.html#file-system-type) in the *Amazon EFS User Guide* .\n\n> One Zone file systems are not available in all Availability Zones in AWS Regions where Amazon EFS is available.", - "title": "AvailabilityZoneName", + "AdditionalInfo": { + "markdownDescription": "This property is reserved for internal use. If you use it, the stack fails with this error: `Bad property set: [Testing this property] (Service: AmazonEC2; Status Code: 400; Error Code: InvalidParameterCombination; Request ID: 0XXXXXX-49c7-4b40-8bcc-76885dcXXXXX)` .", + "title": "AdditionalInfo", "type": "string" }, - "BackupPolicy": { - "$ref": "#/definitions/AWS::EFS::FileSystem.BackupPolicy", - "markdownDescription": "Use the `BackupPolicy` to turn automatic backups on or off for the file system.", - "title": "BackupPolicy" + "Affinity": { + "markdownDescription": "Indicates whether the instance is associated with a dedicated host. If you want the instance to always restart on the same host on which it was launched, specify `host` . If you want the instance to restart on any available host, but try to launch onto the last host it ran on (on a best-effort basis), specify `default` .", + "title": "Affinity", + "type": "string" }, - "BypassPolicyLockoutSafetyCheck": { - "markdownDescription": "(Optional) A boolean that specifies whether or not to bypass the `FileSystemPolicy` lockout safety check. The lockout safety check determines whether the policy in the request will lock out, or prevent, the IAM principal that is making the request from making future `PutFileSystemPolicy` requests on this file system. Set `BypassPolicyLockoutSafetyCheck` to `True` only when you intend to prevent the IAM principal that is making the request from making subsequent `PutFileSystemPolicy` requests on this file system. The default value is `False` .", - "title": "BypassPolicyLockoutSafetyCheck", + "AvailabilityZone": { + "markdownDescription": "The Availability Zone of the instance.\n\nIf not specified, an Availability Zone will be automatically chosen for you based on the load balancing criteria for the Region.\n\nThis parameter is not supported by [DescribeImageAttribute](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeImageAttribute.html) .", + "title": "AvailabilityZone", + "type": "string" + }, + "BlockDeviceMappings": { + "items": { + "$ref": "#/definitions/AWS::EC2::Instance.BlockDeviceMapping" + }, + "markdownDescription": "The block device mapping entries that defines the block devices to attach to the instance at launch.\n\nBy default, the block devices specified in the block device mapping for the AMI are used. You can override the AMI block device mapping using the instance block device mapping. For the root volume, you can override only the volume size, volume type, volume encryption settings, and the `DeleteOnTermination` setting.\n\n> After the instance is running, you can modify only the `DeleteOnTermination` parameter for the attached volumes without interrupting the instance. Modifying any other parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", + "title": "BlockDeviceMappings", + "type": "array" + }, + "CpuOptions": { + "$ref": "#/definitions/AWS::EC2::Instance.CpuOptions", + "markdownDescription": "The CPU options for the instance. For more information, see [Optimize CPU options](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html) in the *Amazon Elastic Compute Cloud User Guide* .", + "title": "CpuOptions" + }, + "CreditSpecification": { + "$ref": "#/definitions/AWS::EC2::Instance.CreditSpecification", + "markdownDescription": "The credit option for CPU usage of the burstable performance instance. Valid values are `standard` and `unlimited` . To change this attribute after launch, use [ModifyInstanceCreditSpecification](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyInstanceCreditSpecification.html) . For more information, see [Burstable performance instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) in the *Amazon EC2 User Guide* .\n\nDefault: `standard` (T2 instances) or `unlimited` (T3/T3a/T4g instances)\n\nFor T3 instances with `host` tenancy, only `standard` is supported.", + "title": "CreditSpecification" + }, + "DisableApiTermination": { + "markdownDescription": "Indicates whether termination protection is enabled for the instance. The default is `false` , which means that you can terminate the instance using the Amazon EC2 console, command line tools, or API. You can enable termination protection when you launch an instance, while the instance is running, or while the instance is stopped.", + "title": "DisableApiTermination", "type": "boolean" }, - "Encrypted": { - "markdownDescription": "A Boolean value that, if true, creates an encrypted file system. When creating an encrypted file system, you have the option of specifying a KmsKeyId for an existing AWS KMS key . If you don't specify a KMS key , then the default KMS key for Amazon EFS , `/aws/elasticfilesystem` , is used to protect the encrypted file system.", - "title": "Encrypted", + "EbsOptimized": { + "markdownDescription": "Indicates whether the instance is optimized for Amazon EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal Amazon EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS-optimized instance.\n\nDefault: `false`", + "title": "EbsOptimized", "type": "boolean" }, - "FileSystemPolicy": { - "markdownDescription": "The `FileSystemPolicy` for the EFS file system. A file system policy is an IAM resource policy used to control NFS access to an EFS file system. For more information, see [Using IAM to control NFS access to Amazon EFS](https://docs.aws.amazon.com/efs/latest/ug/iam-access-control-nfs-efs.html) in the *Amazon EFS User Guide* .", - "title": "FileSystemPolicy", - "type": "object" + "ElasticGpuSpecifications": { + "items": { + "$ref": "#/definitions/AWS::EC2::Instance.ElasticGpuSpecification" + }, + "markdownDescription": "An elastic GPU to associate with the instance.\n\n> Amazon Elastic Graphics reached end of life on January 8, 2024.", + "title": "ElasticGpuSpecifications", + "type": "array" }, - "FileSystemProtection": { - "$ref": "#/definitions/AWS::EFS::FileSystem.FileSystemProtection", - "markdownDescription": "Describes the protection on the file system.", - "title": "FileSystemProtection" + "ElasticInferenceAccelerators": { + "items": { + "$ref": "#/definitions/AWS::EC2::Instance.ElasticInferenceAccelerator" + }, + "markdownDescription": "An elastic inference accelerator to associate with the instance.\n\n> Amazon Elastic Inference is no longer available.", + "title": "ElasticInferenceAccelerators", + "type": "array" }, - "FileSystemTags": { + "EnclaveOptions": { + "$ref": "#/definitions/AWS::EC2::Instance.EnclaveOptions", + "markdownDescription": "Indicates whether the instance is enabled for AWS Nitro Enclaves.", + "title": "EnclaveOptions" + }, + "HibernationOptions": { + "$ref": "#/definitions/AWS::EC2::Instance.HibernationOptions", + "markdownDescription": "Indicates whether an instance is enabled for hibernation. This parameter is valid only if the instance meets the [hibernation prerequisites](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/hibernating-prerequisites.html) . For more information, see [Hibernate your Amazon EC2 instance](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) in the *Amazon EC2 User Guide* .\n\nYou can't enable hibernation and AWS Nitro Enclaves on the same instance.", + "title": "HibernationOptions" + }, + "HostId": { + "markdownDescription": "If you specify host for the `Affinity` property, the ID of a dedicated host that the instance is associated with. If you don't specify an ID, Amazon EC2 launches the instance onto any available, compatible dedicated host in your account. This type of launch is called an untargeted launch. Note that for untargeted launches, you must have a compatible, dedicated host available to successfully launch instances.", + "title": "HostId", + "type": "string" + }, + "HostResourceGroupArn": { + "markdownDescription": "The ARN of the host resource group in which to launch the instances. If you specify a host resource group ARN, omit the *Tenancy* parameter or set it to `host` .", + "title": "HostResourceGroupArn", + "type": "string" + }, + "IamInstanceProfile": { + "markdownDescription": "The name of an IAM instance profile. To create a new IAM instance profile, use the [AWS::IAM::InstanceProfile](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-instanceprofile.html) resource.", + "title": "IamInstanceProfile", + "type": "string" + }, + "ImageId": { + "markdownDescription": "The ID of the AMI. An AMI ID is required to launch an instance and must be specified here or in a launch template.", + "title": "ImageId", + "type": "string" + }, + "InstanceInitiatedShutdownBehavior": { + "markdownDescription": "Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).\n\nDefault: `stop`", + "title": "InstanceInitiatedShutdownBehavior", + "type": "string" + }, + "InstanceType": { + "markdownDescription": "The instance type. For more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .\n\nWhen you change your EBS-backed instance type, instance restart or replacement behavior depends on the instance type compatibility between the old and new types. An instance with an instance store volume as the root volume is always replaced. For more information, see [Change the instance type](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-resize.html) in the *Amazon EC2 User Guide* .", + "title": "InstanceType", + "type": "string" + }, + "Ipv6AddressCount": { + "markdownDescription": "The number of IPv6 addresses to associate with the primary network interface. Amazon EC2 chooses the IPv6 addresses from the range of your subnet. You cannot specify this option and the option to assign specific IPv6 addresses in the same request. You can specify this option if you've specified a minimum number of instances to launch.\n\nYou cannot specify this option and the network interfaces option in the same request.", + "title": "Ipv6AddressCount", + "type": "number" + }, + "Ipv6Addresses": { "items": { - "$ref": "#/definitions/AWS::EFS::FileSystem.ElasticFileSystemTag" + "$ref": "#/definitions/AWS::EC2::Instance.InstanceIpv6Address" }, - "markdownDescription": "Use to create one or more tags associated with the file system. Each tag is a user-defined key-value pair. Name your file system on creation by including a `\"Key\":\"Name\",\"Value\":\"{value}\"` key-value pair. Each key must be unique. For more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference Guide* .", - "title": "FileSystemTags", + "markdownDescription": "The IPv6 addresses from the range of the subnet to associate with the primary network interface. You cannot specify this option and the option to assign a number of IPv6 addresses in the same request. You cannot specify this option if you've specified a minimum number of instances to launch.\n\nYou cannot specify this option and the network interfaces option in the same request.", + "title": "Ipv6Addresses", "type": "array" }, - "KmsKeyId": { - "markdownDescription": "The ID of the AWS KMS key to be used to protect the encrypted file system. This parameter is only required if you want to use a nondefault KMS key . If this parameter is not specified, the default KMS key for Amazon EFS is used. This ID can be in one of the following formats:\n\n- Key ID - A unique identifier of the key, for example `1234abcd-12ab-34cd-56ef-1234567890ab` .\n- ARN - An Amazon Resource Name (ARN) for the key, for example `arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab` .\n- Key alias - A previously created display name for a key, for example `alias/projectKey1` .\n- Key alias ARN - An ARN for a key alias, for example `arn:aws:kms:us-west-2:444455556666:alias/projectKey1` .\n\nIf `KmsKeyId` is specified, the `Encrypted` parameter must be set to true.", - "title": "KmsKeyId", + "KernelId": { + "markdownDescription": "The ID of the kernel.\n\n> We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see [PV-GRUB](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) in the *Amazon EC2 User Guide* .", + "title": "KernelId", "type": "string" }, - "LifecyclePolicies": { + "KeyName": { + "markdownDescription": "The name of the key pair. For more information, see [Create a key pair for your EC2 instance](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/create-key-pairs.html) .\n\n> If you do not specify a key pair, you can't connect to the instance unless you choose an AMI that is configured to allow users another way to log in.", + "title": "KeyName", + "type": "string" + }, + "LaunchTemplate": { + "$ref": "#/definitions/AWS::EC2::Instance.LaunchTemplateSpecification", + "markdownDescription": "The launch template. Any additional parameters that you specify for the new instance overwrite the corresponding parameters included in the launch template.", + "title": "LaunchTemplate" + }, + "LicenseSpecifications": { "items": { - "$ref": "#/definitions/AWS::EFS::FileSystem.LifecyclePolicy" + "$ref": "#/definitions/AWS::EC2::Instance.LicenseSpecification" }, - "markdownDescription": "An array of `LifecyclePolicy` objects that define the file system's `LifecycleConfiguration` object. A `LifecycleConfiguration` object informs Lifecycle management of the following:\n\n- When to move files in the file system from primary storage to IA storage.\n- When to move files in the file system from primary storage or IA storage to Archive storage.\n- When to move files that are in IA or Archive storage to primary storage.\n\n> Amazon EFS requires that each `LifecyclePolicy` object have only a single transition. This means that in a request body, `LifecyclePolicies` needs to be structured as an array of `LifecyclePolicy` objects, one object for each transition, `TransitionToIA` , `TransitionToArchive` `TransitionToPrimaryStorageClass` . See the example requests in the following section for more information.", - "title": "LifecyclePolicies", + "markdownDescription": "The license configurations.", + "title": "LicenseSpecifications", "type": "array" }, - "PerformanceMode": { - "markdownDescription": "The performance mode of the file system. We recommend `generalPurpose` performance mode for all file systems. File systems using the `maxIO` performance mode can scale to higher levels of aggregate throughput and operations per second with a tradeoff of slightly higher latencies for most file operations. The performance mode can't be changed after the file system has been created. The `maxIO` mode is not supported on One Zone file systems.\n\n> Due to the higher per-operation latencies with Max I/O, we recommend using General Purpose performance mode for all file systems. \n\nDefault is `generalPurpose` .", - "title": "PerformanceMode", + "MetadataOptions": { + "$ref": "#/definitions/AWS::EC2::Instance.MetadataOptions", + "markdownDescription": "The metadata options for the instance.", + "title": "MetadataOptions" + }, + "Monitoring": { + "markdownDescription": "Specifies whether detailed monitoring is enabled for the instance. Specify `true` to enable detailed monitoring. Otherwise, basic monitoring is enabled. For more information about detailed monitoring, see [Enable or turn off detailed monitoring for your instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-cloudwatch-new.html) in the *Amazon EC2 User Guide* .", + "title": "Monitoring", + "type": "boolean" + }, + "NetworkInterfaces": { + "items": { + "$ref": "#/definitions/AWS::EC2::Instance.NetworkInterface" + }, + "markdownDescription": "The network interfaces to associate with the instance.\n\n> If you use this property to point to a network interface, you must terminate the original interface before attaching a new one to allow the update of the instance to succeed.\n> \n> If this resource has a public IP address and is also in a VPC that is defined in the same template, you must use the [DependsOn Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) to declare a dependency on the VPC-gateway attachment.", + "title": "NetworkInterfaces", + "type": "array" + }, + "PlacementGroupName": { + "markdownDescription": "The name of an existing placement group that you want to launch the instance into (cluster | partition | spread).", + "title": "PlacementGroupName", "type": "string" }, - "ProvisionedThroughputInMibps": { - "markdownDescription": "The throughput, measured in mebibytes per second (MiBps), that you want to provision for a file system that you're creating. Required if `ThroughputMode` is set to `provisioned` . Valid values are 1-3414 MiBps, with the upper limit depending on Region. To increase this limit, contact Support . For more information, see [Amazon EFS quotas that you can increase](https://docs.aws.amazon.com/efs/latest/ug/limits.html#soft-limits) in the *Amazon EFS User Guide* .", - "title": "ProvisionedThroughputInMibps", - "type": "number" + "PrivateDnsNameOptions": { + "$ref": "#/definitions/AWS::EC2::Instance.PrivateDnsNameOptions", + "markdownDescription": "The options for the instance hostname.", + "title": "PrivateDnsNameOptions" }, - "ReplicationConfiguration": { - "$ref": "#/definitions/AWS::EFS::FileSystem.ReplicationConfiguration", - "markdownDescription": "Describes the replication configuration for a specific file system.", - "title": "ReplicationConfiguration" + "PrivateIpAddress": { + "markdownDescription": "The primary IPv4 address. You must specify a value from the IPv4 address range of the subnet.\n\nOnly one private IP address can be designated as primary. You can't specify this option if you've specified the option to designate a private IP address as the primary IP address in a network interface specification. You cannot specify this option if you're launching more than one instance in the request.\n\nYou cannot specify this option and the network interfaces option in the same request.\n\nIf you make an update to an instance that requires replacement, you must assign a new private IP address. During a replacement, AWS CloudFormation creates a new instance but doesn't delete the old instance until the stack has successfully updated. If the stack update fails, AWS CloudFormation uses the old instance to roll back the stack to the previous working state. The old and new instances cannot have the same private IP address.", + "title": "PrivateIpAddress", + "type": "string" }, - "ThroughputMode": { - "markdownDescription": "Specifies the throughput mode for the file system. The mode can be `bursting` , `provisioned` , or `elastic` . If you set `ThroughputMode` to `provisioned` , you must also set a value for `ProvisionedThroughputInMibps` . After you create the file system, you can decrease your file system's Provisioned throughput or change between the throughput modes, with certain time restrictions. For more information, see [Specifying throughput with provisioned mode](https://docs.aws.amazon.com/efs/latest/ug/performance.html#provisioned-throughput) in the *Amazon EFS User Guide* .\n\nDefault is `bursting` .", - "title": "ThroughputMode", + "PropagateTagsToVolumeOnCreation": { + "markdownDescription": "Indicates whether to assign the tags specified in the `Tags` property to the volumes specified in the `BlockDeviceMappings` property.\n\nNote that using this feature does not assign the tags to volumes that are created separately and then attached using `AWS::EC2::VolumeAttachment` .", + "title": "PropagateTagsToVolumeOnCreation", + "type": "boolean" + }, + "RamdiskId": { + "markdownDescription": "The ID of the RAM disk to select. Some kernels require additional drivers at launch. Check the kernel requirements for information about whether you need to specify a RAM disk. To find kernel requirements, go to the AWS Resource Center and search for the kernel ID.\n\n> We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see [PV-GRUB](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) in the *Amazon EC2 User Guide* .", + "title": "RamdiskId", + "type": "string" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the security groups. You can specify the IDs of existing security groups and references to resources created by the stack template.\n\nIf you specify a network interface, you must specify any security groups as part of the network interface.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "[Default VPC] The names of the security groups. For a nondefault VPC, you must use security group IDs instead.\n\nYou cannot specify this option and the network interfaces option in the same request. The list can contain both the name of existing Amazon EC2 security groups or references to AWS::EC2::SecurityGroup resources created in the template.\n\nDefault: Amazon EC2 uses the default security group.", + "title": "SecurityGroups", + "type": "array" + }, + "SourceDestCheck": { + "markdownDescription": "Enable or disable source/destination checks, which ensure that the instance is either the source or the destination of any traffic that it receives. If the value is `true` , source/destination checks are enabled; otherwise, they are disabled. The default value is `true` . You must disable source/destination checks if the instance runs services such as network address translation, routing, or firewalls.", + "title": "SourceDestCheck", + "type": "boolean" + }, + "SsmAssociations": { + "items": { + "$ref": "#/definitions/AWS::EC2::Instance.SsmAssociation" + }, + "markdownDescription": "The SSM [document](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-document.html) and parameter values in AWS Systems Manager to associate with this instance. To use this property, you must specify an IAM instance profile role for the instance. For more information, see [Create an IAM instance profile for Systems Manager](https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-configuring-access-role.html) in the *AWS Systems Manager User Guide* .\n\n> You can associate only one document with an instance.", + "title": "SsmAssociations", + "type": "array" + }, + "SubnetId": { + "markdownDescription": "The ID of the subnet to launch the instance into.\n\nIf you specify a network interface, you must specify any subnets as part of the network interface instead of using this parameter.", + "title": "SubnetId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to add to the instance. These tags are not applied to the EBS volumes, such as the root volume, unless [PropagateTagsToVolumeOnCreation](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html#cfn-ec2-instance-propagatetagstovolumeoncreation) is `true` .", + "title": "Tags", + "type": "array" + }, + "Tenancy": { + "markdownDescription": "The tenancy of the instance. An instance with a tenancy of `dedicated` runs on single-tenant hardware.", + "title": "Tenancy", + "type": "string" + }, + "UserData": { + "markdownDescription": "The parameters or scripts to store as user data. Any scripts in user data are run when you launch the instance. User data is limited to 16 KB. You must provide base64-encoded text. For more information, see [Fn::Base64](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-base64.html) .\n\nIf the root volume is an EBS volume and you update user data, CloudFormation restarts the instance. If the root volume is an instance store volume and you update user data, the instance is replaced.", + "title": "UserData", "type": "string" + }, + "Volumes": { + "items": { + "$ref": "#/definitions/AWS::EC2::Instance.Volume" + }, + "markdownDescription": "The volumes to attach to the instance.", + "title": "Volumes", + "type": "array" } }, "type": "object" }, "Type": { "enum": [ - "AWS::EFS::FileSystem" + "AWS::EC2::Instance" ], "type": "string" }, @@ -85843,32 +91607,21 @@ ], "type": "object" }, - "AWS::EFS::FileSystem.BackupPolicy": { - "additionalProperties": false, - "properties": { - "Status": { - "markdownDescription": "Set the backup policy status for the file system.\n\n- *`ENABLED`* - Turns automatic backups on for the file system.\n- *`DISABLED`* - Turns automatic backups off for the file system.", - "title": "Status", - "type": "string" - } - }, - "required": [ - "Status" - ], - "type": "object" - }, - "AWS::EFS::FileSystem.ElasticFileSystemTag": { + "AWS::EC2::Instance.AssociationParameter": { "additionalProperties": false, "properties": { "Key": { - "markdownDescription": "The tag key (String). The key can't start with `aws:` .", + "markdownDescription": "The name of an input parameter that is in the associated SSM document.", "title": "Key", "type": "string" }, "Value": { - "markdownDescription": "The value of the tag key.", + "items": { + "type": "string" + }, + "markdownDescription": "The value of an input parameter.", "title": "Value", - "type": "string" + "type": "array" } }, "required": [ @@ -85877,85 +91630,462 @@ ], "type": "object" }, - "AWS::EFS::FileSystem.FileSystemProtection": { + "AWS::EC2::Instance.BlockDeviceMapping": { "additionalProperties": false, "properties": { - "ReplicationOverwriteProtection": { - "markdownDescription": "The status of the file system's replication overwrite protection.\n\n- `ENABLED` \u2013 The file system cannot be used as the destination file system in a replication configuration. The file system is writeable. Replication overwrite protection is `ENABLED` by default.\n- `DISABLED` \u2013 The file system can be used as the destination file system in a replication configuration. The file system is read-only and can only be modified by EFS replication.\n- `REPLICATING` \u2013 The file system is being used as the destination file system in a replication configuration. The file system is read-only and is modified only by EFS replication.\n\nIf the replication configuration is deleted, the file system's replication overwrite protection is re-enabled, the file system becomes writeable.", - "title": "ReplicationOverwriteProtection", + "DeviceName": { + "markdownDescription": "The device name (for example, `/dev/sdh` or `xvdh` ).\n\n> After the instance is running, this parameter is used to specify the device name of the block device mapping to update.", + "title": "DeviceName", + "type": "string" + }, + "Ebs": { + "$ref": "#/definitions/AWS::EC2::Instance.Ebs", + "markdownDescription": "Parameters used to automatically set up EBS volumes when the instance is launched.\n\n> After the instance is running, you can modify only the `DeleteOnTermination` parameter for the attached volumes without interrupting the instance. Modifying any other parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) .", + "title": "Ebs" + }, + "NoDevice": { + "markdownDescription": "To omit the device from the block device mapping, specify an empty string.\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", + "title": "NoDevice", + "type": "object" + }, + "VirtualName": { + "markdownDescription": "The virtual device name ( `ephemeral` N). The name must be in the form `ephemeral` *X* where *X* is a number starting from zero (0). For example, an instance type with 2 available instance store volumes can specify mappings for `ephemeral0` and `ephemeral1` . The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume.\n\nNVMe instance store volumes are automatically enumerated and assigned a device name. Including them in your block device mapping has no effect.\n\n*Constraints* : For M3 instances, you must specify instance store volumes in the block device mapping for the instance. When you launch an M3 instance, we ignore any instance store volumes specified in the block device mapping for the AMI.\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", + "title": "VirtualName", "type": "string" } }, + "required": [ + "DeviceName" + ], "type": "object" }, - "AWS::EFS::FileSystem.LifecyclePolicy": { + "AWS::EC2::Instance.CpuOptions": { "additionalProperties": false, "properties": { - "TransitionToArchive": { - "markdownDescription": "The number of days after files were last accessed in primary storage (the Standard storage class) at which to move them to Archive storage. Metadata operations such as listing the contents of a directory don't count as file access events.", - "title": "TransitionToArchive", - "type": "string" - }, - "TransitionToIA": { - "markdownDescription": "The number of days after files were last accessed in primary storage (the Standard storage class) at which to move them to Infrequent Access (IA) storage. Metadata operations such as listing the contents of a directory don't count as file access events.", - "title": "TransitionToIA", - "type": "string" + "CoreCount": { + "markdownDescription": "The number of CPU cores for the instance.", + "title": "CoreCount", + "type": "number" }, - "TransitionToPrimaryStorageClass": { - "markdownDescription": "Whether to move files back to primary (Standard) storage after they are accessed in IA or Archive storage. Metadata operations such as listing the contents of a directory don't count as file access events.", - "title": "TransitionToPrimaryStorageClass", - "type": "string" + "ThreadsPerCore": { + "markdownDescription": "The number of threads per CPU core.", + "title": "ThreadsPerCore", + "type": "number" } }, "type": "object" }, - "AWS::EFS::FileSystem.ReplicationConfiguration": { + "AWS::EC2::Instance.CreditSpecification": { "additionalProperties": false, "properties": { - "Destinations": { - "items": { - "$ref": "#/definitions/AWS::EFS::FileSystem.ReplicationDestination" - }, - "markdownDescription": "An array of destination objects. Only one destination object is supported.", - "title": "Destinations", - "type": "array" + "CPUCredits": { + "markdownDescription": "The credit option for CPU usage of the instance.\n\nValid values: `standard` | `unlimited`\n\nT3 instances with `host` tenancy do not support the `unlimited` CPU credit option.", + "title": "CPUCredits", + "type": "string" } }, "type": "object" }, - "AWS::EFS::FileSystem.ReplicationDestination": { + "AWS::EC2::Instance.Ebs": { "additionalProperties": false, "properties": { - "AvailabilityZoneName": { - "markdownDescription": "For One Zone file systems, the replication configuration must specify the Availability Zone in which the destination file system is located.\n\nUse the format `us-east-1a` to specify the Availability Zone. For more information about One Zone file systems, see [EFS file system types](https://docs.aws.amazon.com/efs/latest/ug/storage-classes.html) in the *Amazon EFS User Guide* .\n\n> One Zone file system type is not available in all Availability Zones in AWS Regions where Amazon EFS is available.", - "title": "AvailabilityZoneName", - "type": "string" + "DeleteOnTermination": { + "markdownDescription": "Indicates whether the EBS volume is deleted on instance termination. For more information, see [Preserving Amazon EBS volumes on instance termination](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#preserving-volumes-on-termination) in the *Amazon EC2 User Guide* .", + "title": "DeleteOnTermination", + "type": "boolean" }, - "FileSystemId": { - "markdownDescription": "The ID of the destination Amazon EFS file system.", - "title": "FileSystemId", - "type": "string" + "Encrypted": { + "markdownDescription": "Indicates whether the volume should be encrypted. The effect of setting the encryption state to `true` depends on the volume origin (new or from a snapshot), starting encryption state, ownership, and whether encryption by default is enabled. For more information, see [Encryption by default](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#encryption-by-default) in the *Amazon Elastic Compute Cloud User Guide* .\n\nEncrypted Amazon EBS volumes must be attached to instances that support Amazon EBS encryption. For more information, see [Supported instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#EBSEncryption_supported_instances) .\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", + "title": "Encrypted", + "type": "boolean" + }, + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS). For `gp3` , `io1` , and `io2` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n\nThe following are the supported values for each volume type:\n\n- `gp3` : 3,000-16,000 IOPS\n- `io1` : 100-64,000 IOPS\n- `io2` : 100-64,000 IOPS\n\nFor `io1` and `io2` volumes, we guarantee 64,000 IOPS only for [Instances built on the Nitro System](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances) . Other instance families guarantee performance up to 32,000 IOPS.\n\nThis parameter is required for `io1` and `io2` volumes. The default for `gp3` volumes is 3,000 IOPS. This parameter is not supported for `gp2` , `st1` , `sc1` , or `standard` volumes.\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", + "title": "Iops", + "type": "number" }, "KmsKeyId": { - "markdownDescription": "The ID of an AWS KMS key used to protect the encrypted file system.", + "markdownDescription": "The identifier of the AWS KMS key to use for Amazon EBS encryption. If `KmsKeyId` is specified, the encrypted state must be `true` . If the encrypted state is `true` but you do not specify `KmsKeyId` , your KMS key for EBS is used.\n\nYou can specify the KMS key using any of the following:\n\n- Key ID. For example, 1234abcd-12ab-34cd-56ef-1234567890ab.\n- Key alias. For example, alias/ExampleAlias.\n- Key ARN. For example, arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab.\n- Alias ARN. For example, arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias.\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", "title": "KmsKeyId", "type": "string" }, - "Region": { - "markdownDescription": "The AWS Region in which the destination file system is located.\n\n> For One Zone file systems, the replication configuration must specify the AWS Region in which the destination file system is located.", - "title": "Region", + "SnapshotId": { + "markdownDescription": "The ID of the snapshot.\n\nIf you specify both `SnapshotId` and `VolumeSize` , `VolumeSize` must be equal or greater than the size of the snapshot.\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", + "title": "SnapshotId", + "type": "string" + }, + "VolumeSize": { + "markdownDescription": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. If you specify a snapshot, the default is the snapshot size. You can specify a volume size that is equal to or larger than the snapshot size.\n\nThe following are the supported volumes sizes for each volume type:\n\n- `gp2` and `gp3` :1-16,384\n- `io1` and `io2` : 4-16,384\n- `st1` and `sc1` : 125-16,384\n- `standard` : 1-1,024\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", + "title": "VolumeSize", + "type": "number" + }, + "VolumeType": { + "markdownDescription": "The volume type. For more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) in the *Amazon EC2 User Guide* . If the volume type is `io1` or `io2` , you must specify the IOPS that the volume supports.\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", + "title": "VolumeType", "type": "string" } }, "type": "object" }, - "AWS::EFS::MountTarget": { + "AWS::EC2::Instance.ElasticGpuSpecification": { "additionalProperties": false, "properties": { - "Condition": { + "Type": { + "markdownDescription": "The type of Elastic Graphics accelerator.", + "title": "Type", "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::EC2::Instance.ElasticInferenceAccelerator": { + "additionalProperties": false, + "properties": { + "Count": { + "markdownDescription": "The number of elastic inference accelerators to attach to the instance.", + "title": "Count", + "type": "number" }, - "DeletionPolicy": { + "Type": { + "markdownDescription": "The type of elastic inference accelerator. The possible values are `eia1.medium` , `eia1.large` , `eia1.xlarge` , `eia2.medium` , `eia2.large` , and `eia2.xlarge` .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::EC2::Instance.EnaSrdSpecification": { + "additionalProperties": false, + "properties": { + "EnaSrdEnabled": { + "markdownDescription": "Indicates whether ENA Express is enabled for the network interface.", + "title": "EnaSrdEnabled", + "type": "boolean" + }, + "EnaSrdUdpSpecification": { + "$ref": "#/definitions/AWS::EC2::Instance.EnaSrdUdpSpecification", + "markdownDescription": "Configures ENA Express for UDP network traffic.", + "title": "EnaSrdUdpSpecification" + } + }, + "type": "object" + }, + "AWS::EC2::Instance.EnaSrdUdpSpecification": { + "additionalProperties": false, + "properties": { + "EnaSrdUdpEnabled": { + "markdownDescription": "Indicates whether UDP traffic to and from the instance uses ENA Express. To specify this setting, you must first enable ENA Express.", + "title": "EnaSrdUdpEnabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EC2::Instance.EnclaveOptions": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "If this parameter is set to `true` , the instance is enabled for AWS Nitro Enclaves; otherwise, it is not enabled for AWS Nitro Enclaves.", + "title": "Enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EC2::Instance.HibernationOptions": { + "additionalProperties": false, + "properties": { + "Configured": { + "markdownDescription": "Set to `true` to enable your instance for hibernation.\n\nFor Spot Instances, if you set `Configured` to `true` , either omit the `InstanceInterruptionBehavior` parameter (for [`SpotMarketOptions`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotMarketOptions.html) ), or set it to `hibernate` . When `Configured` is true:\n\n- If you omit `InstanceInterruptionBehavior` , it defaults to `hibernate` .\n- If you set `InstanceInterruptionBehavior` to a value other than `hibernate` , you'll get an error.\n\nDefault: `false`", + "title": "Configured", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EC2::Instance.InstanceIpv6Address": { + "additionalProperties": false, + "properties": { + "Ipv6Address": { + "markdownDescription": "The IPv6 address.", + "title": "Ipv6Address", + "type": "string" + } + }, + "required": [ + "Ipv6Address" + ], + "type": "object" + }, + "AWS::EC2::Instance.LaunchTemplateSpecification": { + "additionalProperties": false, + "properties": { + "LaunchTemplateId": { + "markdownDescription": "The ID of the launch template.\n\nYou must specify either the launch template ID or the launch template name, but not both.", + "title": "LaunchTemplateId", + "type": "string" + }, + "LaunchTemplateName": { + "markdownDescription": "The name of the launch template.\n\nYou must specify either the launch template ID or the launch template name, but not both.", + "title": "LaunchTemplateName", + "type": "string" + }, + "Version": { + "markdownDescription": "The version number of the launch template. You must specify this property.\n\nTo specify the default version of the template, use the `Fn::GetAtt` intrinsic function to retrieve the `DefaultVersionNumber` attribute of the launch template. To specify the latest version of the template, use `Fn::GetAtt` to retrieve the `LatestVersionNumber` attribute. For more information, see [AWS::EC2:LaunchTemplate return values for Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html#aws-resource-ec2-launchtemplate-return-values-fn--getatt) .", + "title": "Version", + "type": "string" + } + }, + "required": [ + "Version" + ], + "type": "object" + }, + "AWS::EC2::Instance.LicenseSpecification": { + "additionalProperties": false, + "properties": { + "LicenseConfigurationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the license configuration.", + "title": "LicenseConfigurationArn", + "type": "string" + } + }, + "required": [ + "LicenseConfigurationArn" + ], + "type": "object" + }, + "AWS::EC2::Instance.MetadataOptions": { + "additionalProperties": false, + "properties": { + "HttpEndpoint": { + "markdownDescription": "Enables or disables the HTTP metadata endpoint on your instances.\n\nIf you specify a value of `disabled` , you cannot access your instance metadata.\n\nDefault: `enabled`", + "title": "HttpEndpoint", + "type": "string" + }, + "HttpProtocolIpv6": { + "markdownDescription": "Enables or disables the IPv6 endpoint for the instance metadata service.\n\nDefault: `disabled`", + "title": "HttpProtocolIpv6", + "type": "string" + }, + "HttpPutResponseHopLimit": { + "markdownDescription": "The maximum number of hops that the metadata token can travel.\n\nPossible values: Integers from 1 to 64", + "title": "HttpPutResponseHopLimit", + "type": "number" + }, + "HttpTokens": { + "markdownDescription": "Indicates whether IMDSv2 is required.\n\n- `optional` - IMDSv2 is optional, which means that you can use either IMDSv2 or IMDSv1.\n- `required` - IMDSv2 is required, which means that IMDSv1 is disabled, and you must use IMDSv2.\n\nDefault:\n\n- If the value of `ImdsSupport` for the Amazon Machine Image (AMI) for your instance is `v2.0` and the account level default is set to `no-preference` , the default is `required` .\n- If the value of `ImdsSupport` for the Amazon Machine Image (AMI) for your instance is `v2.0` , but the account level default is set to `V1 or V2` , the default is `optional` .\n\nThe default value can also be affected by other combinations of parameters. For more information, see [Order of precedence for instance metadata options](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-options.html#instance-metadata-options-order-of-precedence) in the *Amazon EC2 User Guide* .", + "title": "HttpTokens", + "type": "string" + }, + "InstanceMetadataTags": { + "markdownDescription": "Set to `enabled` to allow access to instance tags from the instance metadata. Set to `disabled` to turn off access to instance tags from the instance metadata. For more information, see [Work with instance tags using the instance metadata](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#work-with-tags-in-IMDS) .\n\nDefault: `disabled`", + "title": "InstanceMetadataTags", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::Instance.NetworkInterface": { + "additionalProperties": false, + "properties": { + "AssociateCarrierIpAddress": { + "markdownDescription": "Indicates whether to assign a carrier IP address to the network interface.\n\nYou can only assign a carrier IP address to a network interface that is in a subnet in a Wavelength Zone. For more information about carrier IP addresses, see [Carrier IP address](https://docs.aws.amazon.com/wavelength/latest/developerguide/how-wavelengths-work.html#provider-owned-ip) in the *AWS Wavelength Developer Guide* .", + "title": "AssociateCarrierIpAddress", + "type": "boolean" + }, + "AssociatePublicIpAddress": { + "markdownDescription": "Indicates whether to assign a public IPv4 address to an instance. Applies only if creating a network interface when launching an instance. The network interface must be the primary network interface. If launching into a default subnet, the default value is `true` .\n\nAWS charges for all public IPv4 addresses, including public IPv4 addresses associated with running instances and Elastic IP addresses. For more information, see the *Public IPv4 Address* tab on the [VPC pricing page](https://docs.aws.amazon.com/vpc/pricing/) .", + "title": "AssociatePublicIpAddress", + "type": "boolean" + }, + "DeleteOnTermination": { + "markdownDescription": "Indicates whether the network interface is deleted when the instance is terminated. Applies only if creating a network interface when launching an instance.", + "title": "DeleteOnTermination", + "type": "boolean" + }, + "Description": { + "markdownDescription": "The description of the network interface. Applies only if creating a network interface when launching an instance.", + "title": "Description", + "type": "string" + }, + "DeviceIndex": { + "markdownDescription": "The position of the network interface in the attachment order. A primary network interface has a device index of 0.\n\nIf you create a network interface when launching an instance, you must specify the device index.", + "title": "DeviceIndex", + "type": "string" + }, + "EnaSrdSpecification": { + "$ref": "#/definitions/AWS::EC2::Instance.EnaSrdSpecification", + "markdownDescription": "Configures ENA Express for UDP network traffic.", + "title": "EnaSrdSpecification" + }, + "GroupSet": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the security groups for the network interface. Applies only if creating a network interface when launching an instance.", + "title": "GroupSet", + "type": "array" + }, + "Ipv6AddressCount": { + "markdownDescription": "A number of IPv6 addresses to assign to the network interface. Amazon EC2 chooses the IPv6 addresses from the range of the subnet. You cannot specify this option and the option to assign specific IPv6 addresses in the same request. You can specify this option if you've specified a minimum number of instances to launch.", + "title": "Ipv6AddressCount", + "type": "number" + }, + "Ipv6Addresses": { + "items": { + "$ref": "#/definitions/AWS::EC2::Instance.InstanceIpv6Address" + }, + "markdownDescription": "The IPv6 addresses to assign to the network interface. You cannot specify this option and the option to assign a number of IPv6 addresses in the same request. You cannot specify this option if you've specified a minimum number of instances to launch.", + "title": "Ipv6Addresses", + "type": "array" + }, + "NetworkInterfaceId": { + "markdownDescription": "The ID of the network interface, when attaching an existing network interface.", + "title": "NetworkInterfaceId", + "type": "string" + }, + "PrivateIpAddress": { + "markdownDescription": "The private IPv4 address of the network interface. Applies only if creating a network interface when launching an instance.", + "title": "PrivateIpAddress", + "type": "string" + }, + "PrivateIpAddresses": { + "items": { + "$ref": "#/definitions/AWS::EC2::Instance.PrivateIpAddressSpecification" + }, + "markdownDescription": "One or more private IPv4 addresses to assign to the network interface. Only one private IPv4 address can be designated as primary.", + "title": "PrivateIpAddresses", + "type": "array" + }, + "SecondaryPrivateIpAddressCount": { + "markdownDescription": "The number of secondary private IPv4 addresses. You can't specify this option and specify more than one private IP address using the private IP addresses option.", + "title": "SecondaryPrivateIpAddressCount", + "type": "number" + }, + "SubnetId": { + "markdownDescription": "The ID of the subnet associated with the network interface.", + "title": "SubnetId", + "type": "string" + } + }, + "required": [ + "DeviceIndex" + ], + "type": "object" + }, + "AWS::EC2::Instance.PrivateDnsNameOptions": { + "additionalProperties": false, + "properties": { + "EnableResourceNameDnsAAAARecord": { + "markdownDescription": "Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .", + "title": "EnableResourceNameDnsAAAARecord", + "type": "boolean" + }, + "EnableResourceNameDnsARecord": { + "markdownDescription": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .", + "title": "EnableResourceNameDnsARecord", + "type": "boolean" + }, + "HostnameType": { + "markdownDescription": "The type of hostnames to assign to instances in the subnet at launch. For IPv4 only subnets, an instance DNS name must be based on the instance IPv4 address. For IPv6 only subnets, an instance DNS name must be based on the instance ID. For dual-stack subnets, you can specify whether DNS names use the instance IPv4 address or the instance ID. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .", + "title": "HostnameType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::Instance.PrivateIpAddressSpecification": { + "additionalProperties": false, + "properties": { + "Primary": { + "markdownDescription": "Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.", + "title": "Primary", + "type": "boolean" + }, + "PrivateIpAddress": { + "markdownDescription": "The private IPv4 address.", + "title": "PrivateIpAddress", + "type": "string" + } + }, + "required": [ + "Primary", + "PrivateIpAddress" + ], + "type": "object" + }, + "AWS::EC2::Instance.SsmAssociation": { + "additionalProperties": false, + "properties": { + "AssociationParameters": { + "items": { + "$ref": "#/definitions/AWS::EC2::Instance.AssociationParameter" + }, + "markdownDescription": "The input parameter values to use with the associated SSM document.", + "title": "AssociationParameters", + "type": "array" + }, + "DocumentName": { + "markdownDescription": "The name of an SSM document to associate with the instance.", + "title": "DocumentName", + "type": "string" + } + }, + "required": [ + "DocumentName" + ], + "type": "object" + }, + "AWS::EC2::Instance.State": { + "additionalProperties": false, + "properties": { + "Code": { + "markdownDescription": "The state of the instance as a 16-bit unsigned integer.\n\nThe high byte is all of the bits between 2^8 and (2^16)-1, which equals decimal values between 256 and 65,535. These numerical values are used for internal purposes and should be ignored.\n\nThe low byte is all of the bits between 2^0 and (2^8)-1, which equals decimal values between 0 and 255.\n\nThe valid values for instance-state-code will all be in the range of the low byte and they are:\n\n- `0` : `pending`\n- `16` : `running`\n- `32` : `shutting-down`\n- `48` : `terminated`\n- `64` : `stopping`\n- `80` : `stopped`\n\nYou can ignore the high byte value by zeroing out all of the bits above 2^8 or 256 in decimal.", + "title": "Code", + "type": "string" + }, + "Name": { + "markdownDescription": "The current state of the instance.", + "title": "Name", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::Instance.Volume": { + "additionalProperties": false, + "properties": { + "Device": { + "markdownDescription": "The device name (for example, `/dev/sdh` or `xvdh` ).", + "title": "Device", + "type": "string" + }, + "VolumeId": { + "markdownDescription": "The ID of the EBS volume. The volume and instance must be within the same Availability Zone.", + "title": "VolumeId", + "type": "string" + } + }, + "required": [ + "Device", + "VolumeId" + ], + "type": "object" + }, + "AWS::EC2::InstanceConnectEndpoint": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { "enum": [ "Delete", "Retain", @@ -85984,40 +92114,46 @@ "Properties": { "additionalProperties": false, "properties": { - "FileSystemId": { - "markdownDescription": "The ID of the file system for which to create the mount target.", - "title": "FileSystemId", + "ClientToken": { + "markdownDescription": "Unique, case-sensitive identifier that you provide to ensure the idempotency of the request.", + "title": "ClientToken", "type": "string" }, - "IpAddress": { - "markdownDescription": "Valid IPv4 address within the address range of the specified subnet.", - "title": "IpAddress", - "type": "string" + "PreserveClientIp": { + "markdownDescription": "Indicates whether the client IP address is preserved as the source. The following are the possible values.\n\n- `true` - Use the client IP address as the source.\n- `false` - Use the network interface IP address as the source.\n\n> `PreserveClientIp` is only supported on IPv4 EC2 Instance Connect Endpoints. To use `PreserveClientIp` , the value for `IpAddressType` must be `ipv4` . \n\nDefault: `false`", + "title": "PreserveClientIp", + "type": "boolean" }, - "SecurityGroups": { + "SecurityGroupIds": { "items": { "type": "string" }, - "markdownDescription": "VPC security group IDs, of the form `sg-xxxxxxxx` . These must be for the same VPC as the subnet specified. The maximum number of security groups depends on account quota. For more information, see [Amazon VPC Quotas](https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html) in the *Amazon VPC User Guide* (see the *Security Groups* table).", - "title": "SecurityGroups", + "markdownDescription": "One or more security groups to associate with the endpoint. If you don't specify a security group, the default security group for your VPC will be associated with the endpoint.", + "title": "SecurityGroupIds", "type": "array" }, "SubnetId": { - "markdownDescription": "The ID of the subnet to add the mount target in. For One Zone file systems, use the subnet that is associated with the file system's Availability Zone.", + "markdownDescription": "The ID of the subnet in which to create the EC2 Instance Connect Endpoint.", "title": "SubnetId", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to apply to the EC2 Instance Connect Endpoint during creation.", + "title": "Tags", + "type": "array" } }, "required": [ - "FileSystemId", - "SecurityGroups", "SubnetId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EFS::MountTarget" + "AWS::EC2::InstanceConnectEndpoint" ], "type": "string" }, @@ -86036,7 +92172,7 @@ ], "type": "object" }, - "AWS::EKS::AccessEntry": { + "AWS::EC2::InternetGateway": { "additionalProperties": false, "properties": { "Condition": { @@ -86071,60 +92207,20 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessPolicies": { - "items": { - "$ref": "#/definitions/AWS::EKS::AccessEntry.AccessPolicy" - }, - "markdownDescription": "The access policies to associate to the access entry.", - "title": "AccessPolicies", - "type": "array" - }, - "ClusterName": { - "markdownDescription": "The name of your cluster.", - "title": "ClusterName", - "type": "string" - }, - "KubernetesGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "The value for `name` that you've specified for `kind: Group` as a `subject` in a Kubernetes `RoleBinding` or `ClusterRoleBinding` object. Amazon EKS doesn't confirm that the value for `name` exists in any bindings on your cluster. You can specify one or more names.\n\nKubernetes authorizes the `principalArn` of the access entry to access any cluster objects that you've specified in a Kubernetes `Role` or `ClusterRole` object that is also specified in a binding's `roleRef` . For more information about creating Kubernetes `RoleBinding` , `ClusterRoleBinding` , `Role` , or `ClusterRole` objects, see [Using RBAC Authorization in the Kubernetes documentation](https://docs.aws.amazon.com/https://kubernetes.io/docs/reference/access-authn-authz/rbac/) .\n\nIf you want Amazon EKS to authorize the `principalArn` (instead of, or in addition to Kubernetes authorizing the `principalArn` ), you can associate one or more access policies to the access entry using `AssociateAccessPolicy` . If you associate any access policies, the `principalARN` has all permissions assigned in the associated access policies and all permissions in any Kubernetes `Role` or `ClusterRole` objects that the group names are bound to.", - "title": "KubernetesGroups", - "type": "array" - }, - "PrincipalArn": { - "markdownDescription": "The ARN of the IAM principal for the `AccessEntry` . You can specify one ARN for each access entry. You can't specify the same ARN in more than one access entry. This value can't be changed after access entry creation.\n\nThe valid principals differ depending on the type of the access entry in the `type` field. For `STANDARD` access entries, you can use every IAM principal type. For nodes ( `EC2` (for EKS Auto Mode), `EC2_LINUX` , `EC2_WINDOWS` , `FARGATE_LINUX` , and `HYBRID_LINUX` ), the only valid ARN is IAM roles. You can't use the STS session principal type with access entries because this is a temporary principal for each session and not a permanent identity that can be assigned permissions.\n\n[IAM best practices](https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#bp-users-federation-idp) recommend using IAM roles with temporary credentials, rather than IAM users with long-term credentials.", - "title": "PrincipalArn", - "type": "string" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or AWS resources.", + "markdownDescription": "Any tags to assign to the internet gateway.", "title": "Tags", "type": "array" - }, - "Type": { - "markdownDescription": "The type of the new access entry. Valid values are `STANDARD` , `FARGATE_LINUX` , `EC2_LINUX` , `EC2_WINDOWS` , `EC2` (for EKS Auto Mode), `HYBRID_LINUX` , and `HYPERPOD_LINUX` .\n\nIf the `principalArn` is for an IAM role that's used for self-managed Amazon EC2 nodes, specify `EC2_LINUX` or `EC2_WINDOWS` . Amazon EKS grants the necessary permissions to the node for you. If the `principalArn` is for any other purpose, specify `STANDARD` . If you don't specify a value, Amazon EKS sets the value to `STANDARD` . If you have the access mode of the cluster set to `API_AND_CONFIG_MAP` , it's unnecessary to create access entries for IAM roles used with Fargate profiles or managed Amazon EC2 nodes, because Amazon EKS creates entries in the `aws-auth` `ConfigMap` for the roles. You can't change this value once you've created the access entry.\n\nIf you set the value to `EC2_LINUX` or `EC2_WINDOWS` , you can't specify values for `kubernetesGroups` , or associate an `AccessPolicy` to the access entry.", - "title": "Type", - "type": "string" - }, - "Username": { - "markdownDescription": "The username to authenticate to Kubernetes with. We recommend not specifying a username and letting Amazon EKS specify it for you. For more information about the value Amazon EKS specifies for you, or constraints before specifying your own username, see [Creating access entries](https://docs.aws.amazon.com/eks/latest/userguide/access-entries.html#creating-access-entries) in the *Amazon EKS User Guide* .", - "title": "Username", - "type": "string" } }, - "required": [ - "ClusterName", - "PrincipalArn" - ], "type": "object" }, "Type": { "enum": [ - "AWS::EKS::AccessEntry" + "AWS::EC2::InternetGateway" ], "type": "string" }, @@ -86137,55 +92233,12 @@ "type": "string" } }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::EKS::AccessEntry.AccessPolicy": { - "additionalProperties": false, - "properties": { - "AccessScope": { - "$ref": "#/definitions/AWS::EKS::AccessEntry.AccessScope", - "markdownDescription": "The scope of an `AccessPolicy` that's associated to an `AccessEntry` .", - "title": "AccessScope" - }, - "PolicyArn": { - "markdownDescription": "The ARN of the access policy.", - "title": "PolicyArn", - "type": "string" - } - }, - "required": [ - "AccessScope", - "PolicyArn" - ], - "type": "object" - }, - "AWS::EKS::AccessEntry.AccessScope": { - "additionalProperties": false, - "properties": { - "Namespaces": { - "items": { - "type": "string" - }, - "markdownDescription": "A Kubernetes `namespace` that an access policy is scoped to. A value is required if you specified `namespace` for `Type` .", - "title": "Namespaces", - "type": "array" - }, - "Type": { - "markdownDescription": "The scope type of an access policy.", - "title": "Type", - "type": "string" - } - }, "required": [ "Type" ], "type": "object" }, - "AWS::EKS::Addon": { + "AWS::EC2::KeyPair": { "additionalProperties": false, "properties": { "Condition": { @@ -86220,59 +92273,43 @@ "Properties": { "additionalProperties": false, "properties": { - "AddonName": { - "markdownDescription": "The name of the add-on.", - "title": "AddonName", - "type": "string" - }, - "AddonVersion": { - "markdownDescription": "The version of the add-on.", - "title": "AddonVersion", - "type": "string" - }, - "ClusterName": { - "markdownDescription": "The name of your cluster.", - "title": "ClusterName", + "KeyFormat": { + "markdownDescription": "The format of the key pair.\n\nDefault: `pem`", + "title": "KeyFormat", "type": "string" }, - "ConfigurationValues": { - "markdownDescription": "The configuration values that you provided.", - "title": "ConfigurationValues", + "KeyName": { + "markdownDescription": "A unique name for the key pair.\n\nConstraints: Up to 255 ASCII characters", + "title": "KeyName", "type": "string" }, - "PreserveOnDelete": { - "markdownDescription": "Specifying this option preserves the add-on software on your cluster but Amazon EKS stops managing any settings for the add-on. If an IAM account is associated with the add-on, it isn't removed.", - "title": "PreserveOnDelete", - "type": "boolean" - }, - "ResolveConflicts": { - "markdownDescription": "How to resolve field value conflicts for an Amazon EKS add-on. Conflicts are handled based on the value you choose:\n\n- *None* \u2013 If the self-managed version of the add-on is installed on your cluster, Amazon EKS doesn't change the value. Creation of the add-on might fail.\n- *Overwrite* \u2013 If the self-managed version of the add-on is installed on your cluster and the Amazon EKS default value is different than the existing value, Amazon EKS changes the value to the Amazon EKS default value.\n- *Preserve* \u2013 This is similar to the NONE option. If the self-managed version of the add-on is installed on your cluster Amazon EKS doesn't change the add-on resource properties. Creation of the add-on might fail if conflicts are detected. This option works differently during the update operation. For more information, see [`UpdateAddon`](https://docs.aws.amazon.com/eks/latest/APIReference/API_UpdateAddon.html) .\n\nIf you don't currently have the self-managed version of the add-on installed on your cluster, the Amazon EKS add-on is installed. Amazon EKS sets all values to default values, regardless of the option that you specify.", - "title": "ResolveConflicts", + "KeyType": { + "markdownDescription": "The type of key pair. Note that ED25519 keys are not supported for Windows instances.\n\nIf the `PublicKeyMaterial` property is specified, the `KeyType` property is ignored, and the key type is inferred from the `PublicKeyMaterial` value.\n\nDefault: `rsa`", + "title": "KeyType", "type": "string" }, - "ServiceAccountRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an existing IAM role to bind to the add-on's service account. The role must be assigned the IAM permissions required by the add-on. If you don't specify an existing IAM role, then the add-on uses the permissions assigned to the node IAM role. For more information, see [Amazon EKS node IAM role](https://docs.aws.amazon.com/eks/latest/userguide/create-node-role.html) in the *Amazon EKS User Guide* .\n\n> To specify an existing IAM role, you must have an IAM OpenID Connect (OIDC) provider created for your cluster. For more information, see [Enabling IAM roles for service accounts on your cluster](https://docs.aws.amazon.com/eks/latest/userguide/enable-iam-roles-for-service-accounts.html) in the *Amazon EKS User Guide* .", - "title": "ServiceAccountRoleArn", + "PublicKeyMaterial": { + "markdownDescription": "The public key material. The `PublicKeyMaterial` property is used to import a key pair. If this property is not specified, then a new key pair will be created.", + "title": "PublicKeyMaterial", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The metadata that you apply to the add-on to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Add-on tags do not propagate to any other resources associated with the cluster.", + "markdownDescription": "The tags to apply to the key pair.", "title": "Tags", "type": "array" } }, "required": [ - "AddonName", - "ClusterName" + "KeyName" ], "type": "object" }, "Type": { "enum": [ - "AWS::EKS::Addon" + "AWS::EC2::KeyPair" ], "type": "string" }, @@ -86291,7 +92328,7 @@ ], "type": "object" }, - "AWS::EKS::Cluster": { + "AWS::EC2::LaunchTemplate": { "additionalProperties": false, "properties": { "Condition": { @@ -86326,72 +92363,38 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessConfig": { - "$ref": "#/definitions/AWS::EKS::Cluster.AccessConfig", - "markdownDescription": "The access configuration for the cluster.", - "title": "AccessConfig" - }, - "EncryptionConfig": { - "items": { - "$ref": "#/definitions/AWS::EKS::Cluster.EncryptionConfig" - }, - "markdownDescription": "The encryption configuration for the cluster.", - "title": "EncryptionConfig", - "type": "array" - }, - "KubernetesNetworkConfig": { - "$ref": "#/definitions/AWS::EKS::Cluster.KubernetesNetworkConfig", - "markdownDescription": "The Kubernetes network configuration for the cluster.", - "title": "KubernetesNetworkConfig" - }, - "Logging": { - "$ref": "#/definitions/AWS::EKS::Cluster.Logging", - "markdownDescription": "The logging configuration for your cluster.", - "title": "Logging" - }, - "Name": { - "markdownDescription": "The unique name to give to your cluster. The name can contain only alphanumeric characters (case-sensitive) and hyphens. It must start with an alphanumeric character and can't be longer than 100 characters. The name must be unique within the AWS Region and AWS account that you're creating the cluster in. Note that underscores can't be used in AWS CloudFormation .", - "title": "Name", - "type": "string" - }, - "OutpostConfig": { - "$ref": "#/definitions/AWS::EKS::Cluster.OutpostConfig", - "markdownDescription": "An object representing the configuration of your local Amazon EKS cluster on an AWS Outpost. This object isn't available for clusters on the AWS cloud.", - "title": "OutpostConfig" - }, - "ResourcesVpcConfig": { - "$ref": "#/definitions/AWS::EKS::Cluster.ResourcesVpcConfig", - "markdownDescription": "The VPC configuration that's used by the cluster control plane. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see [Cluster VPC Considerations](https://docs.aws.amazon.com/eks/latest/userguide/network_reqs.html) and [Cluster Security Group Considerations](https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html) in the *Amazon EKS User Guide* . You must specify at least two subnets. You can specify up to five security groups, but we recommend that you use a dedicated security group for your cluster control plane.", - "title": "ResourcesVpcConfig" + "LaunchTemplateData": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.LaunchTemplateData", + "markdownDescription": "The information for the launch template.", + "title": "LaunchTemplateData" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf. For more information, see [Amazon EKS Service IAM Role](https://docs.aws.amazon.com/eks/latest/userguide/service_IAM_role.html) in the **Amazon EKS User Guide** .", - "title": "RoleArn", + "LaunchTemplateName": { + "markdownDescription": "A name for the launch template.", + "title": "LaunchTemplateName", "type": "string" }, - "Tags": { + "TagSpecifications": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.LaunchTemplateTagSpecification" }, - "markdownDescription": "The metadata that you apply to the cluster to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Cluster tags don't propagate to any other resources associated with the cluster.\n\n> You must have the `eks:TagResource` and `eks:UntagResource` permissions for your [IAM principal](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html) to manage the AWS CloudFormation stack. If you don't have these permissions, there might be unexpected behavior with stack-level tags propagating to the resource during resource creation and update.", - "title": "Tags", + "markdownDescription": "The tags to apply to the launch template on creation. To tag the launch template, the resource type must be `launch-template` .\n\nTo specify the tags for resources that are created during instance launch, use [TagSpecifications](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-launchtemplatedata.html#cfn-ec2-launchtemplate-launchtemplatedata-tagspecifications) .", + "title": "TagSpecifications", "type": "array" }, - "Version": { - "markdownDescription": "The desired Kubernetes version for your cluster. If you don't specify a value here, the default version available in Amazon EKS is used.\n\n> The default version might not be the latest version available.", - "title": "Version", + "VersionDescription": { + "markdownDescription": "A description for the first version of the launch template.", + "title": "VersionDescription", "type": "string" } }, "required": [ - "ResourcesVpcConfig", - "RoleArn" + "LaunchTemplateData" ], "type": "object" }, "Type": { "enum": [ - "AWS::EKS::Cluster" + "AWS::EC2::LaunchTemplate" ], "type": "string" }, @@ -86410,1986 +92413,1856 @@ ], "type": "object" }, - "AWS::EKS::Cluster.AccessConfig": { + "AWS::EC2::LaunchTemplate.AcceleratorCount": { "additionalProperties": false, "properties": { - "AuthenticationMode": { - "markdownDescription": "The desired authentication mode for the cluster. If you create a cluster by using the EKS API, AWS SDKs, or AWS CloudFormation , the default is `CONFIG_MAP` . If you create the cluster by using the AWS Management Console , the default value is `API_AND_CONFIG_MAP` .", - "title": "AuthenticationMode", - "type": "string" + "Max": { + "markdownDescription": "The maximum number of accelerators. To specify no maximum limit, omit this parameter. To exclude accelerator-enabled instance types, set `Max` to `0` .", + "title": "Max", + "type": "number" }, - "BootstrapClusterCreatorAdminPermissions": { - "markdownDescription": "Specifies whether or not the cluster creator IAM principal was set as a cluster admin access entry during cluster creation time. The default value is `true` .", - "title": "BootstrapClusterCreatorAdminPermissions", - "type": "boolean" + "Min": { + "markdownDescription": "The minimum number of accelerators. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" } }, "type": "object" }, - "AWS::EKS::Cluster.ClusterLogging": { + "AWS::EC2::LaunchTemplate.AcceleratorTotalMemoryMiB": { "additionalProperties": false, "properties": { - "EnabledTypes": { - "items": { - "$ref": "#/definitions/AWS::EKS::Cluster.LoggingTypeConfig" - }, - "markdownDescription": "The enabled control plane logs for your cluster. All log types are disabled if the array is empty.\n\n> When updating a resource, you must include this `EnabledTypes` property if the previous CloudFormation template of the resource had it.", - "title": "EnabledTypes", - "type": "array" + "Max": { + "markdownDescription": "The maximum amount of accelerator memory, in MiB. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The minimum amount of accelerator memory, in MiB. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" } }, "type": "object" }, - "AWS::EKS::Cluster.ControlPlanePlacement": { + "AWS::EC2::LaunchTemplate.BaselineEbsBandwidthMbps": { "additionalProperties": false, "properties": { - "GroupName": { - "markdownDescription": "The name of the placement group for the Kubernetes control plane instances. This property is only used for a local cluster on an AWS Outpost.", - "title": "GroupName", - "type": "string" + "Max": { + "markdownDescription": "The maximum baseline bandwidth, in Mbps. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The minimum baseline bandwidth, in Mbps. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" } }, "type": "object" }, - "AWS::EKS::Cluster.EncryptionConfig": { + "AWS::EC2::LaunchTemplate.BaselinePerformanceFactors": { "additionalProperties": false, "properties": { - "Provider": { - "$ref": "#/definitions/AWS::EKS::Cluster.Provider", - "markdownDescription": "The encryption provider for the cluster.", - "title": "Provider" - }, - "Resources": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the resources to be encrypted. The only supported value is `secrets` .", - "title": "Resources", - "type": "array" + "Cpu": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Cpu", + "markdownDescription": "The CPU performance to consider, using an instance family as the baseline reference.", + "title": "Cpu" } }, "type": "object" }, - "AWS::EKS::Cluster.KubernetesNetworkConfig": { + "AWS::EC2::LaunchTemplate.BlockDeviceMapping": { "additionalProperties": false, "properties": { - "IpFamily": { - "markdownDescription": "Specify which IP family is used to assign Kubernetes pod and service IP addresses. If you don't specify a value, `ipv4` is used by default. You can only specify an IP family when you create a cluster and can't change this value once the cluster is created. If you specify `ipv6` , the VPC and subnets that you specify for cluster creation must have both `IPv4` and `IPv6` CIDR blocks assigned to them. You can't specify `ipv6` for clusters in China Regions.\n\nYou can only specify `ipv6` for `1.21` and later clusters that use version `1.10.1` or later of the Amazon VPC CNI add-on. If you specify `ipv6` , then ensure that your VPC meets the requirements listed in the considerations listed in [Assigning IPv6 addresses to pods and services](https://docs.aws.amazon.com/eks/latest/userguide/cni-ipv6.html) in the *Amazon EKS User Guide* . Kubernetes assigns services `IPv6` addresses from the unique local address range `(fc00::/7)` . You can't specify a custom `IPv6` CIDR block. Pod addresses are assigned from the subnet's `IPv6` CIDR.", - "title": "IpFamily", + "DeviceName": { + "markdownDescription": "The device name (for example, /dev/sdh or xvdh).", + "title": "DeviceName", "type": "string" }, - "ServiceIpv4Cidr": { - "markdownDescription": "Don't specify a value if you select `ipv6` for *ipFamily* . The CIDR block to assign Kubernetes service IP addresses from. If you don't specify a block, Kubernetes assigns addresses from either the `10.100.0.0/16` or `172.20.0.0/16` CIDR blocks. We recommend that you specify a block that does not overlap with resources in other networks that are peered or connected to your VPC. The block must meet the following requirements:\n\n- Within one of the following private IP address blocks: `10.0.0.0/8` , `172.16.0.0/12` , or `192.168.0.0/16` .\n- Doesn't overlap with any CIDR block assigned to the VPC that you selected for VPC.\n- Between `/24` and `/12` .\n\n> You can only specify a custom CIDR block when you create a cluster. You can't change this value after the cluster is created.", - "title": "ServiceIpv4Cidr", + "Ebs": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Ebs", + "markdownDescription": "Parameters used to automatically set up EBS volumes when the instance is launched.", + "title": "Ebs" + }, + "NoDevice": { + "markdownDescription": "To omit the device from the block device mapping, specify an empty string.", + "title": "NoDevice", "type": "string" }, - "ServiceIpv6Cidr": { - "markdownDescription": "The CIDR block that Kubernetes pod and service IP addresses are assigned from if you created a 1.21 or later cluster with version 1.10.1 or later of the Amazon VPC CNI add-on and specified `ipv6` for *ipFamily* when you created the cluster. Kubernetes assigns service addresses from the unique local address range ( `fc00::/7` ) because you can't specify a custom IPv6 CIDR block when you create the cluster.", - "title": "ServiceIpv6Cidr", + "VirtualName": { + "markdownDescription": "The virtual device name (ephemeralN). Instance store volumes are numbered starting from 0. An instance type with 2 available instance store volumes can specify mappings for ephemeral0 and ephemeral1. The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume.", + "title": "VirtualName", "type": "string" } }, "type": "object" }, - "AWS::EKS::Cluster.Logging": { + "AWS::EC2::LaunchTemplate.CapacityReservationSpecification": { "additionalProperties": false, "properties": { - "ClusterLogging": { - "$ref": "#/definitions/AWS::EKS::Cluster.ClusterLogging", - "markdownDescription": "The cluster control plane logging configuration for your cluster.", - "title": "ClusterLogging" + "CapacityReservationPreference": { + "markdownDescription": "Indicates the instance's Capacity Reservation preferences. Possible preferences include:\n\n- `capacity-reservations-only` - The instance will only run in a Capacity Reservation or Capacity Reservation group. If capacity isn't available, the instance will fail to launch.\n- `open` - The instance can run in any `open` Capacity Reservation that has matching attributes (instance type, platform, Availability Zone, tenancy).\n- `none` - The instance avoids running in a Capacity Reservation even if one is available. The instance runs in On-Demand capacity.", + "title": "CapacityReservationPreference", + "type": "string" + }, + "CapacityReservationTarget": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.CapacityReservationTarget", + "markdownDescription": "Information about the target Capacity Reservation or Capacity Reservation group.", + "title": "CapacityReservationTarget" } }, "type": "object" }, - "AWS::EKS::Cluster.LoggingTypeConfig": { + "AWS::EC2::LaunchTemplate.CapacityReservationTarget": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The name of the log type.", - "title": "Type", + "CapacityReservationId": { + "markdownDescription": "The ID of the Capacity Reservation in which to run the instance.", + "title": "CapacityReservationId", + "type": "string" + }, + "CapacityReservationResourceGroupArn": { + "markdownDescription": "The ARN of the Capacity Reservation resource group in which to run the instance.", + "title": "CapacityReservationResourceGroupArn", "type": "string" } }, "type": "object" }, - "AWS::EKS::Cluster.OutpostConfig": { + "AWS::EC2::LaunchTemplate.ConnectionTrackingSpecification": { "additionalProperties": false, "properties": { - "ControlPlaneInstanceType": { - "markdownDescription": "The Amazon EC2 instance type that you want to use for your local Amazon EKS cluster on Outposts. Choose an instance type based on the number of nodes that your cluster will have. For more information, see [Capacity considerations](https://docs.aws.amazon.com/eks/latest/userguide/eks-outposts-capacity-considerations.html) in the *Amazon EKS User Guide* .\n\nThe instance type that you specify is used for all Kubernetes control plane instances. The instance type can't be changed after cluster creation. The control plane is not automatically scaled by Amazon EKS.", - "title": "ControlPlaneInstanceType", - "type": "string" + "TcpEstablishedTimeout": { + "markdownDescription": "Timeout (in seconds) for idle TCP connections in an established state. Min: 60 seconds. Max: 432000 seconds (5 days). Default: 432000 seconds. Recommended: Less than 432000 seconds.", + "title": "TcpEstablishedTimeout", + "type": "number" }, - "ControlPlanePlacement": { - "$ref": "#/definitions/AWS::EKS::Cluster.ControlPlanePlacement", - "markdownDescription": "An object representing the placement configuration for all the control plane instances of your local Amazon EKS cluster on an AWS Outpost. For more information, see [Capacity considerations](https://docs.aws.amazon.com/eks/latest/userguide/eks-outposts-capacity-considerations.html) in the *Amazon EKS User Guide* .", - "title": "ControlPlanePlacement" + "UdpStreamTimeout": { + "markdownDescription": "Timeout (in seconds) for idle UDP flows classified as streams which have seen more than one request-response transaction. Min: 60 seconds. Max: 180 seconds (3 minutes). Default: 180 seconds.", + "title": "UdpStreamTimeout", + "type": "number" }, - "OutpostArns": { + "UdpTimeout": { + "markdownDescription": "Timeout (in seconds) for idle UDP flows that have seen traffic only in a single direction or a single request-response transaction. Min: 30 seconds. Max: 60 seconds. Default: 30 seconds.", + "title": "UdpTimeout", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::LaunchTemplate.Cpu": { + "additionalProperties": false, + "properties": { + "References": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Reference" }, - "markdownDescription": "The ARN of the Outpost that you want to use for your local Amazon EKS cluster on Outposts. Only a single Outpost ARN is supported.", - "title": "OutpostArns", + "markdownDescription": "The instance family to use as the baseline reference for CPU performance. All instance types that match your specified attributes are compared against the CPU performance of the referenced instance family, regardless of CPU manufacturer or architecture differences.", + "title": "References", "type": "array" } }, - "required": [ - "ControlPlaneInstanceType", - "OutpostArns" - ], "type": "object" }, - "AWS::EKS::Cluster.Provider": { + "AWS::EC2::LaunchTemplate.CpuOptions": { "additionalProperties": false, "properties": { - "KeyArn": { - "markdownDescription": "Amazon Resource Name (ARN) or alias of the KMS key. The KMS key must be symmetric and created in the same AWS Region as the cluster. If the KMS key was created in a different account, the [IAM principal](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html) must have access to the KMS key. For more information, see [Allowing users in other accounts to use a KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-policy-modifying-external-accounts.html) in the *AWS Key Management Service Developer Guide* .", - "title": "KeyArn", + "AmdSevSnp": { + "markdownDescription": "Indicates whether to enable the instance for AMD SEV-SNP. AMD SEV-SNP is supported with M6a, R6a, and C6a instance types only. For more information, see [AMD SEV-SNP for Amazon EC2 instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/sev-snp.html) .", + "title": "AmdSevSnp", "type": "string" + }, + "CoreCount": { + "markdownDescription": "The number of CPU cores for the instance.", + "title": "CoreCount", + "type": "number" + }, + "ThreadsPerCore": { + "markdownDescription": "The number of threads per CPU core. To disable multithreading for the instance, specify a value of `1` . Otherwise, specify the default value of `2` .", + "title": "ThreadsPerCore", + "type": "number" } }, "type": "object" }, - "AWS::EKS::Cluster.ResourcesVpcConfig": { + "AWS::EC2::LaunchTemplate.CreditSpecification": { "additionalProperties": false, "properties": { - "EndpointPrivateAccess": { - "markdownDescription": "Set this value to `true` to enable private access for your cluster's Kubernetes API server endpoint. If you enable private access, Kubernetes API requests from within your cluster's VPC use the private VPC endpoint. The default value for this parameter is `false` , which disables private access for your Kubernetes API server. If you disable private access and you have nodes or AWS Fargate pods in the cluster, then ensure that `publicAccessCidrs` includes the necessary CIDR blocks for communication with the nodes or Fargate pods. For more information, see [Cluster API server endpoint](https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html) in the **Amazon EKS User Guide** .", - "title": "EndpointPrivateAccess", - "type": "boolean" - }, - "EndpointPublicAccess": { - "markdownDescription": "Set this value to `false` to disable public access to your cluster's Kubernetes API server endpoint. If you disable public access, your cluster's Kubernetes API server can only receive requests from within the cluster VPC. The default value for this parameter is `true` , which enables public access for your Kubernetes API server. The endpoint domain name and IP address family depends on the value of the `ipFamily` for the cluster. For more information, see [Cluster API server endpoint](https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html) in the **Amazon EKS User Guide** .", - "title": "EndpointPublicAccess", - "type": "boolean" - }, - "PublicAccessCidrs": { - "items": { - "type": "string" - }, - "markdownDescription": "The CIDR blocks that are allowed access to your cluster's public Kubernetes API server endpoint. Communication to the endpoint from addresses outside of the CIDR blocks that you specify is denied. The default value is `0.0.0.0/0` and additionally `::/0` for dual-stack `IPv6` clusters. If you've disabled private endpoint access, make sure that you specify the necessary CIDR blocks for every node and AWS Fargate `Pod` in the cluster. For more information, see [Cluster API server endpoint](https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html) in the **Amazon EKS User Guide** .\n\nNote that the public endpoints are dual-stack for only `IPv6` clusters that are made after October 2024. You can't add `IPv6` CIDR blocks to `IPv4` clusters or `IPv6` clusters that were made before October 2024.", - "title": "PublicAccessCidrs", - "type": "array" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "Specify one or more security groups for the cross-account elastic network interfaces that Amazon EKS creates to use that allow communication between your nodes and the Kubernetes control plane. If you don't specify any security groups, then familiarize yourself with the difference between Amazon EKS defaults for clusters deployed with Kubernetes. For more information, see [Amazon EKS security group considerations](https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html) in the **Amazon EKS User Guide** .", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "Specify subnets for your Amazon EKS nodes. Amazon EKS creates cross-account elastic network interfaces in these subnets to allow communication between your nodes and the Kubernetes control plane.", - "title": "SubnetIds", - "type": "array" + "CpuCredits": { + "markdownDescription": "The credit option for CPU usage of a T instance.\n\nValid values: `standard` | `unlimited`", + "title": "CpuCredits", + "type": "string" } }, - "required": [ - "SubnetIds" - ], "type": "object" }, - "AWS::EKS::FargateProfile": { + "AWS::EC2::LaunchTemplate.Ebs": { "additionalProperties": false, "properties": { - "Condition": { + "DeleteOnTermination": { + "markdownDescription": "Indicates whether the EBS volume is deleted on instance termination.", + "title": "DeleteOnTermination", + "type": "boolean" + }, + "Encrypted": { + "markdownDescription": "Indicates whether the EBS volume is encrypted. Encrypted volumes can only be attached to instances that support Amazon EBS encryption. If you are creating a volume from a snapshot, you can't specify an encryption value.", + "title": "Encrypted", + "type": "boolean" + }, + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS). For `gp3` , `io1` , and `io2` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n\nThe following are the supported values for each volume type:\n\n- `gp3` : 3,000 - 16,000 IOPS\n- `io1` : 100 - 64,000 IOPS\n- `io2` : 100 - 256,000 IOPS\n\nFor `io2` volumes, you can achieve up to 256,000 IOPS on [instances built on the Nitro System](https://docs.aws.amazon.com/ec2/latest/instancetypes/ec2-nitro-instances.html) . On other instances, you can achieve performance up to 32,000 IOPS.\n\nThis parameter is supported for `io1` , `io2` , and `gp3` volumes only.", + "title": "Iops", + "type": "number" + }, + "KmsKeyId": { + "markdownDescription": "Identifier (key ID, key alias, key ARN, or alias ARN) of the customer managed KMS key to use for EBS encryption.", + "title": "KmsKeyId", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SnapshotId": { + "markdownDescription": "The ID of the snapshot.", + "title": "SnapshotId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Throughput": { + "markdownDescription": "The throughput to provision for a `gp3` volume, with a maximum of 1,000 MiB/s.\n\nValid Range: Minimum value of 125. Maximum value of 1000.", + "title": "Throughput", + "type": "number" }, - "Metadata": { - "type": "object" + "VolumeInitializationRate": { + "markdownDescription": "Specifies the Amazon EBS Provisioned Rate for Volume Initialization (volume initialization rate), in MiB/s, at which to download the snapshot blocks from Amazon S3 to the volume. This is also known as *volume initialization* . Specifying a volume initialization rate ensures that the volume is initialized at a predictable and consistent rate after creation.\n\nThis parameter is supported only for volumes created from snapshots. Omit this parameter if:\n\n- You want to create the volume using fast snapshot restore. You must specify a snapshot that is enabled for fast snapshot restore. In this case, the volume is fully initialized at creation.\n\n> If you specify a snapshot that is enabled for fast snapshot restore and a volume initialization rate, the volume will be initialized at the specified rate instead of fast snapshot restore.\n- You want to create a volume that is initialized at the default rate.\n\nFor more information, see [Initialize Amazon EBS volumes](https://docs.aws.amazon.com/ebs/latest/userguide/initalize-volume.html) in the *Amazon EC2 User Guide* .\n\nValid range: 100 - 300 MiB/s", + "title": "VolumeInitializationRate", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ClusterName": { - "markdownDescription": "The name of your cluster.", - "title": "ClusterName", - "type": "string" - }, - "FargateProfileName": { - "markdownDescription": "The name of the Fargate profile.", - "title": "FargateProfileName", - "type": "string" - }, - "PodExecutionRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the `Pod` execution role to use for a `Pod` that matches the selectors in the Fargate profile. The `Pod` execution role allows Fargate infrastructure to register with your cluster as a node, and it provides read access to Amazon ECR image repositories. For more information, see [`Pod` execution role](https://docs.aws.amazon.com/eks/latest/userguide/pod-execution-role.html) in the *Amazon EKS User Guide* .", - "title": "PodExecutionRoleArn", - "type": "string" - }, - "Selectors": { - "items": { - "$ref": "#/definitions/AWS::EKS::FargateProfile.Selector" - }, - "markdownDescription": "The selectors to match for a `Pod` to use this Fargate profile. Each selector must have an associated Kubernetes `namespace` . Optionally, you can also specify `labels` for a `namespace` . You may specify up to five selectors in a Fargate profile.", - "title": "Selectors", - "type": "array" - }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of subnets to launch a `Pod` into. A `Pod` running on Fargate isn't assigned a public IP address, so only private subnets (with no direct route to an Internet Gateway) are accepted for this parameter.", - "title": "Subnets", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or AWS resources.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "ClusterName", - "PodExecutionRoleArn", - "Selectors" - ], - "type": "object" + "VolumeSize": { + "markdownDescription": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. The following are the supported volumes sizes for each volume type:\n\n- `gp2` and `gp3` : 1 - 16,384 GiB\n- `io1` : 4 - 16,384 GiB\n- `io2` : 4 - 65,536 GiB\n- `st1` and `sc1` : 125 - 16,384 GiB\n- `standard` : 1 - 1024 GiB", + "title": "VolumeSize", + "type": "number" }, + "VolumeType": { + "markdownDescription": "The volume type. For more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volume-types.html) in the *Amazon EBS User Guide* .", + "title": "VolumeType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::LaunchTemplate.ElasticGpuSpecification": { + "additionalProperties": false, + "properties": { "Type": { - "enum": [ - "AWS::EKS::FargateProfile" - ], + "markdownDescription": "The type of Elastic Graphics accelerator.", + "title": "Type", "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::LaunchTemplate.EnaSrdSpecification": { + "additionalProperties": false, + "properties": { + "EnaSrdEnabled": { + "markdownDescription": "Indicates whether ENA Express is enabled for the network interface.", + "title": "EnaSrdEnabled", + "type": "boolean" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "EnaSrdUdpSpecification": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.EnaSrdUdpSpecification", + "markdownDescription": "Configures ENA Express for UDP network traffic.", + "title": "EnaSrdUdpSpecification" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::EKS::FargateProfile.Label": { + "AWS::EC2::LaunchTemplate.EnaSrdUdpSpecification": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "Enter a key.", - "title": "Key", + "EnaSrdUdpEnabled": { + "markdownDescription": "Indicates whether UDP traffic to and from the instance uses ENA Express. To specify this setting, you must first enable ENA Express.", + "title": "EnaSrdUdpEnabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EC2::LaunchTemplate.EnclaveOptions": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "If this parameter is set to `true` , the instance is enabled for AWS Nitro Enclaves; otherwise, it is not enabled for AWS Nitro Enclaves.", + "title": "Enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EC2::LaunchTemplate.HibernationOptions": { + "additionalProperties": false, + "properties": { + "Configured": { + "markdownDescription": "If you set this parameter to `true` , the instance is enabled for hibernation.\n\nDefault: `false`", + "title": "Configured", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EC2::LaunchTemplate.IamInstanceProfile": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance profile.", + "title": "Arn", "type": "string" }, - "Value": { - "markdownDescription": "Enter a value.", - "title": "Value", + "Name": { + "markdownDescription": "The name of the instance profile.", + "title": "Name", "type": "string" } }, - "required": [ - "Key", - "Value" - ], "type": "object" }, - "AWS::EKS::FargateProfile.Selector": { + "AWS::EC2::LaunchTemplate.InstanceMarketOptions": { "additionalProperties": false, "properties": { - "Labels": { - "items": { - "$ref": "#/definitions/AWS::EKS::FargateProfile.Label" - }, - "markdownDescription": "The Kubernetes labels that the selector should match. A pod must contain all of the labels that are specified in the selector for it to be considered a match.", - "title": "Labels", - "type": "array" - }, - "Namespace": { - "markdownDescription": "The Kubernetes `namespace` that the selector should match.", - "title": "Namespace", + "MarketType": { + "markdownDescription": "The market type.", + "title": "MarketType", "type": "string" + }, + "SpotOptions": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.SpotOptions", + "markdownDescription": "The options for Spot Instances.", + "title": "SpotOptions" } }, - "required": [ - "Namespace" - ], "type": "object" }, - "AWS::EKS::IdentityProviderConfig": { + "AWS::EC2::LaunchTemplate.InstanceRequirements": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "AcceleratorCount": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.AcceleratorCount", + "markdownDescription": "The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferentia chips) on an instance.\n\nTo exclude accelerator-enabled instance types, set `Max` to `0` .\n\nDefault: No minimum or maximum limits", + "title": "AcceleratorCount" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "AcceleratorManufacturers": { + "items": { + "type": "string" + }, + "markdownDescription": "Indicates whether instance types must have accelerators by specific manufacturers.\n\n- For instance types with AWS devices, specify `amazon-web-services` .\n- For instance types with AMD devices, specify `amd` .\n- For instance types with Habana devices, specify `habana` .\n- For instance types with NVIDIA devices, specify `nvidia` .\n- For instance types with Xilinx devices, specify `xilinx` .\n\nDefault: Any manufacturer", + "title": "AcceleratorManufacturers", + "type": "array" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "AcceleratorNames": { + "items": { + "type": "string" + }, + "markdownDescription": "The accelerators that must be on the instance type.\n\n- For instance types with NVIDIA A10G GPUs, specify `a10g` .\n- For instance types with NVIDIA A100 GPUs, specify `a100` .\n- For instance types with NVIDIA H100 GPUs, specify `h100` .\n- For instance types with AWS Inferentia chips, specify `inferentia` .\n- For instance types with NVIDIA GRID K520 GPUs, specify `k520` .\n- For instance types with NVIDIA K80 GPUs, specify `k80` .\n- For instance types with NVIDIA M60 GPUs, specify `m60` .\n- For instance types with AMD Radeon Pro V520 GPUs, specify `radeon-pro-v520` .\n- For instance types with NVIDIA T4 GPUs, specify `t4` .\n- For instance types with NVIDIA T4G GPUs, specify `t4g` .\n- For instance types with Xilinx VU9P FPGAs, specify `vu9p` .\n- For instance types with NVIDIA V100 GPUs, specify `v100` .\n\nDefault: Any accelerator", + "title": "AcceleratorNames", + "type": "array" }, - "Metadata": { - "type": "object" + "AcceleratorTotalMemoryMiB": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.AcceleratorTotalMemoryMiB", + "markdownDescription": "The minimum and maximum amount of total accelerator memory, in MiB.\n\nDefault: No minimum or maximum limits", + "title": "AcceleratorTotalMemoryMiB" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ClusterName": { - "markdownDescription": "The name of your cluster.", - "title": "ClusterName", - "type": "string" - }, - "IdentityProviderConfigName": { - "markdownDescription": "The name of the configuration.", - "title": "IdentityProviderConfigName", - "type": "string" - }, - "Oidc": { - "$ref": "#/definitions/AWS::EKS::IdentityProviderConfig.OidcIdentityProviderConfig", - "markdownDescription": "An object representing an OpenID Connect (OIDC) identity provider configuration.", - "title": "Oidc" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or AWS resources.", - "title": "Tags", - "type": "array" - }, - "Type": { - "markdownDescription": "The type of the identity provider configuration. The only type available is `oidc` .", - "title": "Type", - "type": "string" - } + "AcceleratorTypes": { + "items": { + "type": "string" }, - "required": [ - "ClusterName", - "Type" - ], - "type": "object" + "markdownDescription": "The accelerator types that must be on the instance type.\n\n- For instance types with FPGA accelerators, specify `fpga` .\n- For instance types with GPU accelerators, specify `gpu` .\n- For instance types with Inference accelerators, specify `inference` .\n\nDefault: Any accelerator type", + "title": "AcceleratorTypes", + "type": "array" }, - "Type": { - "enum": [ - "AWS::EKS::IdentityProviderConfig" - ], - "type": "string" + "AllowedInstanceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The instance types to apply your specified attributes against. All other instance types are ignored, even if they match your specified attributes.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to allow an instance type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will allow the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will allow all the M5a instance types, but not the M5n instance types.\n\n> If you specify `AllowedInstanceTypes` , you can't specify `ExcludedInstanceTypes` . \n\nDefault: All instance types", + "title": "AllowedInstanceTypes", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::EKS::IdentityProviderConfig.OidcIdentityProviderConfig": { - "additionalProperties": false, - "properties": { - "ClientId": { - "markdownDescription": "This is also known as *audience* . The ID of the client application that makes authentication requests to the OIDC identity provider.", - "title": "ClientId", + "BareMetal": { + "markdownDescription": "Indicates whether bare metal instance types must be included, excluded, or required.\n\n- To include bare metal instance types, specify `included` .\n- To require only bare metal instance types, specify `required` .\n- To exclude bare metal instance types, specify `excluded` .\n\nDefault: `excluded`", + "title": "BareMetal", "type": "string" }, - "GroupsClaim": { - "markdownDescription": "The JSON web token (JWT) claim that the provider uses to return your groups.", - "title": "GroupsClaim", - "type": "string" + "BaselineEbsBandwidthMbps": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.BaselineEbsBandwidthMbps", + "markdownDescription": "The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps. For more information, see [Amazon EBS\u2013optimized instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-optimized.html) in the *Amazon EC2 User Guide* .\n\nDefault: No minimum or maximum limits", + "title": "BaselineEbsBandwidthMbps" }, - "GroupsPrefix": { - "markdownDescription": "The prefix that is prepended to group claims to prevent clashes with existing names (such as `system:` groups). For example, the value `oidc:` creates group names like `oidc:engineering` and `oidc:infra` . The prefix can't contain `system:`", - "title": "GroupsPrefix", - "type": "string" + "BaselinePerformanceFactors": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.BaselinePerformanceFactors", + "markdownDescription": "The baseline performance to consider, using an instance family as a baseline reference. The instance family establishes the lowest acceptable level of performance. Amazon EC2 uses this baseline to guide instance type selection, but there is no guarantee that the selected instance types will always exceed the baseline for every application. Currently, this parameter only supports CPU performance as a baseline performance factor. For more information, see [Performance protection](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-attribute-based-instance-type-selection.html#ec2fleet-abis-performance-protection) in the *Amazon EC2 User Guide* .", + "title": "BaselinePerformanceFactors" }, - "IssuerUrl": { - "markdownDescription": "The URL of the OIDC identity provider that allows the API server to discover public signing keys for verifying tokens.", - "title": "IssuerUrl", + "BurstablePerformance": { + "markdownDescription": "Indicates whether burstable performance T instance types are included, excluded, or required. For more information, see [Burstable performance instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) .\n\n- To include burstable performance instance types, specify `included` .\n- To require only burstable performance instance types, specify `required` .\n- To exclude burstable performance instance types, specify `excluded` .\n\nDefault: `excluded`", + "title": "BurstablePerformance", "type": "string" }, - "RequiredClaims": { + "CpuManufacturers": { "items": { - "$ref": "#/definitions/AWS::EKS::IdentityProviderConfig.RequiredClaim" + "type": "string" }, - "markdownDescription": "The key-value pairs that describe required claims in the identity token. If set, each claim is verified to be present in the token with a matching value.", - "title": "RequiredClaims", + "markdownDescription": "The CPU manufacturers to include.\n\n- For instance types with Intel CPUs, specify `intel` .\n- For instance types with AMD CPUs, specify `amd` .\n- For instance types with AWS CPUs, specify `amazon-web-services` .\n- For instance types with Apple CPUs, specify `apple` .\n\n> Don't confuse the CPU manufacturer with the CPU architecture. Instances will be launched with a compatible CPU architecture based on the Amazon Machine Image (AMI) that you specify in your launch template. \n\nDefault: Any manufacturer", + "title": "CpuManufacturers", "type": "array" }, - "UsernameClaim": { - "markdownDescription": "The JSON Web token (JWT) claim that is used as the username.", - "title": "UsernameClaim", + "ExcludedInstanceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The instance types to exclude.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to exclude an instance type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will exclude the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will exclude all the M5a instance types, but not the M5n instance types.\n\n> If you specify `ExcludedInstanceTypes` , you can't specify `AllowedInstanceTypes` . \n\nDefault: No excluded instance types", + "title": "ExcludedInstanceTypes", + "type": "array" + }, + "InstanceGenerations": { + "items": { + "type": "string" + }, + "markdownDescription": "Indicates whether current or previous generation instance types are included. The current generation instance types are recommended for use. Current generation instance types are typically the latest two to three generations in each instance family. For more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .\n\nFor current generation instance types, specify `current` .\n\nFor previous generation instance types, specify `previous` .\n\nDefault: Current and previous generation instance types", + "title": "InstanceGenerations", + "type": "array" + }, + "LocalStorage": { + "markdownDescription": "Indicates whether instance types with instance store volumes are included, excluded, or required. For more information, [Amazon EC2 instance store](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html) in the *Amazon EC2 User Guide* .\n\n- To include instance types with instance store volumes, specify `included` .\n- To require only instance types with instance store volumes, specify `required` .\n- To exclude instance types with instance store volumes, specify `excluded` .\n\nDefault: `included`", + "title": "LocalStorage", "type": "string" }, - "UsernamePrefix": { - "markdownDescription": "The prefix that is prepended to username claims to prevent clashes with existing names. The prefix can't contain `system:`", - "title": "UsernamePrefix", + "LocalStorageTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The type of local storage that is required.\n\n- For instance types with hard disk drive (HDD) storage, specify `hdd` .\n- For instance types with solid state drive (SSD) storage, specify `ssd` .\n\nDefault: `hdd` and `ssd`", + "title": "LocalStorageTypes", + "type": "array" + }, + "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice": { + "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage of an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is based on the per vCPU or per memory price instead of the per instance price.\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` .", + "title": "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice", + "type": "number" + }, + "MemoryGiBPerVCpu": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.MemoryGiBPerVCpu", + "markdownDescription": "The minimum and maximum amount of memory per vCPU, in GiB.\n\nDefault: No minimum or maximum limits", + "title": "MemoryGiBPerVCpu" + }, + "MemoryMiB": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.MemoryMiB", + "markdownDescription": "The minimum and maximum amount of memory, in MiB.", + "title": "MemoryMiB" + }, + "NetworkBandwidthGbps": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.NetworkBandwidthGbps", + "markdownDescription": "The minimum and maximum amount of network bandwidth, in gigabits per second (Gbps).\n\nDefault: No minimum or maximum limits", + "title": "NetworkBandwidthGbps" + }, + "NetworkInterfaceCount": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.NetworkInterfaceCount", + "markdownDescription": "The minimum and maximum number of network interfaces.\n\nDefault: No minimum or maximum limits", + "title": "NetworkInterfaceCount" + }, + "OnDemandMaxPricePercentageOverLowestPrice": { + "markdownDescription": "[Price protection] The price protection threshold for On-Demand Instances, as a percentage higher than an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nTo turn off price protection, specify a high value, such as `999999` .\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n> If you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price. \n\nDefault: `20`", + "title": "OnDemandMaxPricePercentageOverLowestPrice", + "type": "number" + }, + "RequireHibernateSupport": { + "markdownDescription": "Indicates whether instance types must support hibernation for On-Demand Instances.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) .\n\nDefault: `false`", + "title": "RequireHibernateSupport", + "type": "boolean" + }, + "SpotMaxPricePercentageOverLowestPrice": { + "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage higher than an identified Spot price. The identified Spot price is the Spot price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified Spot price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose Spot price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` . \n\nDefault: `100`", + "title": "SpotMaxPricePercentageOverLowestPrice", + "type": "number" + }, + "TotalLocalStorageGB": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.TotalLocalStorageGB", + "markdownDescription": "The minimum and maximum amount of total local storage, in GB.\n\nDefault: No minimum or maximum limits", + "title": "TotalLocalStorageGB" + }, + "VCpuCount": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.VCpuCount", + "markdownDescription": "The minimum and maximum number of vCPUs.", + "title": "VCpuCount" + } + }, + "type": "object" + }, + "AWS::EC2::LaunchTemplate.Ipv4PrefixSpecification": { + "additionalProperties": false, + "properties": { + "Ipv4Prefix": { + "markdownDescription": "The IPv4 prefix. For information, see [Assigning prefixes to network interfaces](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-prefix-eni.html) in the *Amazon EC2 User Guide* .", + "title": "Ipv4Prefix", "type": "string" } }, - "required": [ - "ClientId", - "IssuerUrl" - ], "type": "object" }, - "AWS::EKS::IdentityProviderConfig.RequiredClaim": { + "AWS::EC2::LaunchTemplate.Ipv6Add": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The key to match from the token.", - "title": "Key", + "Ipv6Address": { + "markdownDescription": "One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet. You can't use this option if you're specifying a number of IPv6 addresses.", + "title": "Ipv6Address", "type": "string" - }, - "Value": { - "markdownDescription": "The value for the key from the token.", - "title": "Value", + } + }, + "type": "object" + }, + "AWS::EC2::LaunchTemplate.Ipv6PrefixSpecification": { + "additionalProperties": false, + "properties": { + "Ipv6Prefix": { + "markdownDescription": "The IPv6 prefix.", + "title": "Ipv6Prefix", "type": "string" } }, - "required": [ - "Key", - "Value" - ], "type": "object" }, - "AWS::EKS::Nodegroup": { + "AWS::EC2::LaunchTemplate.LaunchTemplateData": { "additionalProperties": false, "properties": { - "Condition": { + "BlockDeviceMappings": { + "items": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.BlockDeviceMapping" + }, + "markdownDescription": "The block device mapping.", + "title": "BlockDeviceMappings", + "type": "array" + }, + "CapacityReservationSpecification": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.CapacityReservationSpecification", + "markdownDescription": "The Capacity Reservation targeting option. If you do not specify this parameter, the instance's Capacity Reservation preference defaults to `open` , which enables it to run in any open Capacity Reservation that has matching attributes (instance type, platform, Availability Zone).", + "title": "CapacityReservationSpecification" + }, + "CpuOptions": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.CpuOptions", + "markdownDescription": "The CPU options for the instance. For more information, see [CPU options for Amazon EC2 instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html) in the *Amazon EC2 User Guide* .", + "title": "CpuOptions" + }, + "CreditSpecification": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.CreditSpecification", + "markdownDescription": "The credit option for CPU usage of the instance. Valid only for T instances.", + "title": "CreditSpecification" + }, + "DisableApiStop": { + "markdownDescription": "Indicates whether to enable the instance for stop protection. For more information, see [Enable stop protection for your EC2 instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-stop-protection.html) in the *Amazon EC2 User Guide* .", + "title": "DisableApiStop", + "type": "boolean" + }, + "DisableApiTermination": { + "markdownDescription": "Indicates whether termination protection is enabled for the instance. The default is `false` , which means that you can terminate the instance using the Amazon EC2 console, command line tools, or API. You can enable termination protection when you launch an instance, while the instance is running, or while the instance is stopped.", + "title": "DisableApiTermination", + "type": "boolean" + }, + "EbsOptimized": { + "markdownDescription": "Indicates whether the instance is optimized for Amazon EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal Amazon EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS-optimized instance.", + "title": "EbsOptimized", + "type": "boolean" + }, + "ElasticGpuSpecifications": { + "items": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.ElasticGpuSpecification" + }, + "markdownDescription": "Deprecated.\n\n> Amazon Elastic Graphics reached end of life on January 8, 2024.", + "title": "ElasticGpuSpecifications", + "type": "array" + }, + "ElasticInferenceAccelerators": { + "items": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.LaunchTemplateElasticInferenceAccelerator" + }, + "markdownDescription": "> Amazon Elastic Inference is no longer available. \n\nAn elastic inference accelerator to associate with the instance. Elastic inference accelerators are a resource you can attach to your Amazon EC2 instances to accelerate your Deep Learning (DL) inference workloads.\n\nYou cannot specify accelerators from different generations in the same request.", + "title": "ElasticInferenceAccelerators", + "type": "array" + }, + "EnclaveOptions": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.EnclaveOptions", + "markdownDescription": "Indicates whether the instance is enabled for AWS Nitro Enclaves. For more information, see [What is Nitro Enclaves?](https://docs.aws.amazon.com/enclaves/latest/user/nitro-enclave.html) in the *AWS Nitro Enclaves User Guide* .\n\nYou can't enable AWS Nitro Enclaves and hibernation on the same instance.", + "title": "EnclaveOptions" + }, + "HibernationOptions": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.HibernationOptions", + "markdownDescription": "Indicates whether an instance is enabled for hibernation. This parameter is valid only if the instance meets the [hibernation prerequisites](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/hibernating-prerequisites.html) . For more information, see [Hibernate your Amazon EC2 instance](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) in the *Amazon EC2 User Guide* .", + "title": "HibernationOptions" + }, + "IamInstanceProfile": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.IamInstanceProfile", + "markdownDescription": "The name or Amazon Resource Name (ARN) of an IAM instance profile.", + "title": "IamInstanceProfile" + }, + "ImageId": { + "markdownDescription": "The ID of the AMI. Alternatively, you can specify a Systems Manager parameter, which will resolve to an AMI ID on launch.\n\nValid formats:\n\n- `ami-0ac394d6a3example`\n- `resolve:ssm:parameter-name`\n- `resolve:ssm:parameter-name:version-number`\n- `resolve:ssm:parameter-name:label`\n\nFor more information, see [Use a Systems Manager parameter to find an AMI](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/finding-an-ami.html#using-systems-manager-parameter-to-find-AMI) in the *Amazon Elastic Compute Cloud User Guide* .", + "title": "ImageId", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "InstanceInitiatedShutdownBehavior": { + "markdownDescription": "Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).\n\nDefault: `stop`", + "title": "InstanceInitiatedShutdownBehavior", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "InstanceMarketOptions": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.InstanceMarketOptions", + "markdownDescription": "The market (purchasing) option for the instances.", + "title": "InstanceMarketOptions" }, - "Metadata": { - "type": "object" + "InstanceRequirements": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.InstanceRequirements", + "markdownDescription": "The attributes for the instance types. When you specify instance attributes, Amazon EC2 will identify instance types with these attributes.\n\nYou must specify `VCpuCount` and `MemoryMiB` . All other attributes are optional. Any unspecified optional attribute is set to its default.\n\nWhen you specify multiple attributes, you get instance types that satisfy all of the specified attributes. If you specify multiple values for an attribute, you get instance types that satisfy any of the specified values.\n\nTo limit the list of instance types from which Amazon EC2 can identify matching instance types, you can use one of the following parameters, but not both in the same request:\n\n- `AllowedInstanceTypes` - The instance types to include in the list. All other instance types are ignored, even if they match your specified attributes.\n- `ExcludedInstanceTypes` - The instance types to exclude from the list, even if they match your specified attributes.\n\n> If you specify `InstanceRequirements` , you can't specify `InstanceType` .\n> \n> Attribute-based instance type selection is only supported when using Auto Scaling groups, EC2 Fleet, and Spot Fleet to launch instances. If you plan to use the launch template in the [launch instance wizard](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-instance-wizard.html) , or with the [RunInstances](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html) API or [AWS::EC2::Instance](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html) AWS CloudFormation resource, you can't specify `InstanceRequirements` . \n\nFor more information, see [Specify attributes for instance type selection for EC2 Fleet or Spot Fleet](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-attribute-based-instance-type-selection.html) and [Spot placement score](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-placement-score.html) in the *Amazon EC2 User Guide* .", + "title": "InstanceRequirements" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AmiType": { - "markdownDescription": "The AMI type for your node group. If you specify `launchTemplate` , and your launch template uses a custom AMI, then don't specify `amiType` , or the node group deployment will fail. If your launch template uses a Windows custom AMI, then add `eks:kube-proxy-windows` to your Windows nodes `rolearn` in the `aws-auth` `ConfigMap` . For more information about using launch templates with Amazon EKS, see [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", - "title": "AmiType", - "type": "string" - }, - "CapacityType": { - "markdownDescription": "The capacity type of your managed node group.", - "title": "CapacityType", - "type": "string" - }, - "ClusterName": { - "markdownDescription": "The name of your cluster.", - "title": "ClusterName", - "type": "string" - }, - "DiskSize": { - "markdownDescription": "The root device disk size (in GiB) for your node group instances. The default disk size is 20 GiB for Linux and Bottlerocket. The default disk size is 50 GiB for Windows. If you specify `launchTemplate` , then don't specify `diskSize` , or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", - "title": "DiskSize", - "type": "number" - }, - "ForceUpdateEnabled": { - "markdownDescription": "Force the update if any `Pod` on the existing node group can't be drained due to a `Pod` disruption budget issue. If an update fails because all Pods can't be drained, you can force the update after it fails to terminate the old node whether or not any `Pod` is running on the node.", - "title": "ForceUpdateEnabled", - "type": "boolean" - }, - "InstanceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "Specify the instance types for a node group. If you specify a GPU instance type, make sure to also specify an applicable GPU AMI type with the `amiType` parameter. If you specify `launchTemplate` , then you can specify zero or one instance type in your launch template *or* you can specify 0-20 instance types for `instanceTypes` . If however, you specify an instance type in your launch template *and* specify any `instanceTypes` , the node group deployment will fail. If you don't specify an instance type in a launch template or for `instanceTypes` , then `t3.medium` is used, by default. If you specify `Spot` for `capacityType` , then we recommend specifying multiple values for `instanceTypes` . For more information, see [Managed node group capacity types](https://docs.aws.amazon.com/eks/latest/userguide/managed-node-groups.html#managed-node-group-capacity-types) and [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", - "title": "InstanceTypes", - "type": "array" - }, - "Labels": { - "additionalProperties": true, - "markdownDescription": "The Kubernetes `labels` applied to the nodes in the node group.\n\n> Only `labels` that are applied with the Amazon EKS API are shown here. There may be other Kubernetes `labels` applied to the nodes in this group.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Labels", - "type": "object" - }, - "LaunchTemplate": { - "$ref": "#/definitions/AWS::EKS::Nodegroup.LaunchTemplateSpecification", - "markdownDescription": "An object representing a node group's launch template specification. When using this object, don't directly specify `instanceTypes` , `diskSize` , or `remoteAccess` . You cannot later specify a different launch template ID or name than what was used to create the node group.\n\nMake sure that the launch template meets the requirements in `launchTemplateSpecification` . Also refer to [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", - "title": "LaunchTemplate" - }, - "NodeRole": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to associate with your node group. The Amazon EKS worker node `kubelet` daemon makes calls to AWS APIs on your behalf. Nodes receive permissions for these API calls through an IAM instance profile and associated policies. Before you can launch nodes and register them into a cluster, you must create an IAM role for those nodes to use when they are launched. For more information, see [Amazon EKS node IAM role](https://docs.aws.amazon.com/eks/latest/userguide/create-node-role.html) in the **Amazon EKS User Guide** . If you specify `launchTemplate` , then don't specify `[IamInstanceProfile](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_IamInstanceProfile.html)` in your launch template, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", - "title": "NodeRole", - "type": "string" - }, - "NodegroupName": { - "markdownDescription": "The unique name to give your node group.", - "title": "NodegroupName", - "type": "string" - }, - "ReleaseVersion": { - "markdownDescription": "The AMI version of the Amazon EKS optimized AMI to use with your node group (for example, `1.14.7- *YYYYMMDD*` ). By default, the latest available AMI version for the node group's current Kubernetes version is used. For more information, see [Amazon EKS optimized Linux AMI Versions](https://docs.aws.amazon.com/eks/latest/userguide/eks-linux-ami-versions.html) in the *Amazon EKS User Guide* .\n\n> Changing this value triggers an update of the node group if one is available. You can't update other properties at the same time as updating `Release Version` .", - "title": "ReleaseVersion", - "type": "string" - }, - "RemoteAccess": { - "$ref": "#/definitions/AWS::EKS::Nodegroup.RemoteAccess", - "markdownDescription": "The remote access configuration to use with your node group. For Linux, the protocol is SSH. For Windows, the protocol is RDP. If you specify `launchTemplate` , then don't specify `remoteAccess` , or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", - "title": "RemoteAccess" - }, - "ScalingConfig": { - "$ref": "#/definitions/AWS::EKS::Nodegroup.ScalingConfig", - "markdownDescription": "The scaling configuration details for the Auto Scaling group that is created for your node group.", - "title": "ScalingConfig" - }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "The subnets to use for the Auto Scaling group that is created for your node group. If you specify `launchTemplate` , then don't specify `[SubnetId](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateNetworkInterface.html)` in your launch template, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", - "title": "Subnets", - "type": "array" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or AWS resources.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - }, - "Taints": { - "items": { - "$ref": "#/definitions/AWS::EKS::Nodegroup.Taint" - }, - "markdownDescription": "The Kubernetes taints to be applied to the nodes in the node group when they are created. Effect is one of `No_Schedule` , `Prefer_No_Schedule` , or `No_Execute` . Kubernetes taints can be used together with tolerations to control how workloads are scheduled to your nodes. For more information, see [Node taints on managed node groups](https://docs.aws.amazon.com/eks/latest/userguide/node-taints-managed-node-groups.html) .", - "title": "Taints", - "type": "array" - }, - "UpdateConfig": { - "$ref": "#/definitions/AWS::EKS::Nodegroup.UpdateConfig", - "markdownDescription": "The node group update configuration.", - "title": "UpdateConfig" - }, - "Version": { - "markdownDescription": "The Kubernetes version to use for your managed nodes. By default, the Kubernetes version of the cluster is used, and this is the only accepted specified value. If you specify `launchTemplate` , and your launch template uses a custom AMI, then don't specify `version` , or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see [Launch template support](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .\n\n> You can't update other properties at the same time as updating `Version` .", - "title": "Version", - "type": "string" - } + "InstanceType": { + "markdownDescription": "The instance type. For more information, see [Amazon EC2 instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .\n\nIf you specify `InstanceType` , you can't specify `InstanceRequirements` .", + "title": "InstanceType", + "type": "string" + }, + "KernelId": { + "markdownDescription": "The ID of the kernel.\n\nWe recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see [User Provided Kernels](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) in the *Amazon EC2 User Guide* .", + "title": "KernelId", + "type": "string" + }, + "KeyName": { + "markdownDescription": "The name of the key pair. You can create a key pair using [CreateKeyPair](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateKeyPair.html) or [ImportKeyPair](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportKeyPair.html) .\n\n> If you do not specify a key pair, you can't connect to the instance unless you choose an AMI that is configured to allow users another way to log in.", + "title": "KeyName", + "type": "string" + }, + "LicenseSpecifications": { + "items": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.LicenseSpecification" }, - "required": [ - "ClusterName", - "NodeRole", - "Subnets" - ], - "type": "object" + "markdownDescription": "The license configurations.", + "title": "LicenseSpecifications", + "type": "array" }, - "Type": { - "enum": [ - "AWS::EKS::Nodegroup" - ], + "MaintenanceOptions": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.MaintenanceOptions", + "markdownDescription": "The maintenance options of your instance.", + "title": "MaintenanceOptions" + }, + "MetadataOptions": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.MetadataOptions", + "markdownDescription": "The metadata options for the instance. For more information, see [Configure the Instance Metadata Service options](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-options.html) in the *Amazon EC2 User Guide* .", + "title": "MetadataOptions" + }, + "Monitoring": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Monitoring", + "markdownDescription": "The monitoring for the instance.", + "title": "Monitoring" + }, + "NetworkInterfaces": { + "items": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.NetworkInterface" + }, + "markdownDescription": "The network interfaces for the instance.", + "title": "NetworkInterfaces", + "type": "array" + }, + "NetworkPerformanceOptions": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.NetworkPerformanceOptions", + "markdownDescription": "The settings for the network performance options for the instance. For more information, see [EC2 instance bandwidth weighting configuration](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configure-bandwidth-weighting.html) .", + "title": "NetworkPerformanceOptions" + }, + "Placement": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Placement", + "markdownDescription": "The placement for the instance.", + "title": "Placement" + }, + "PrivateDnsNameOptions": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.PrivateDnsNameOptions", + "markdownDescription": "The hostname type for EC2 instances launched into this subnet and how DNS A and AAAA record queries should be handled. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .", + "title": "PrivateDnsNameOptions" + }, + "RamDiskId": { + "markdownDescription": "The ID of the RAM disk.\n\n> We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see [User provided kernels](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) in the *Amazon EC2 User Guide* .", + "title": "RamDiskId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the security groups. You can specify the IDs of existing security groups and references to resources created by the stack template.\n\nIf you specify a network interface, you must specify any security groups as part of the network interface instead.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The names of the security groups. For a nondefault VPC, you must use security group IDs instead.\n\nIf you specify a network interface, you must specify any security groups as part of the network interface instead of using this parameter.", + "title": "SecurityGroups", + "type": "array" + }, + "TagSpecifications": { + "items": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.TagSpecification" + }, + "markdownDescription": "The tags to apply to resources that are created during instance launch.\n\nTo tag the launch template itself, use [TagSpecifications](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html#cfn-ec2-launchtemplate-tagspecifications) .", + "title": "TagSpecifications", + "type": "array" + }, + "UserData": { + "markdownDescription": "The user data to make available to the instance. You must provide base64-encoded text. User data is limited to 16 KB. For more information, see [Run commands when you launch an EC2 instance with user data input](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html) in the *Amazon EC2 User Guide* .\n\nIf you are creating the launch template for use with AWS Batch , the user data must be provided in the [MIME multi-part archive format](https://docs.aws.amazon.com/https://cloudinit.readthedocs.io/en/latest/topics/format.html#mime-multi-part-archive) . For more information, see [Amazon EC2 user data in launch templates](https://docs.aws.amazon.com/batch/latest/userguide/launch-templates.html#lt-user-data) in the *AWS Batch User Guide* .", + "title": "UserData", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::EKS::Nodegroup.LaunchTemplateSpecification": { + "AWS::EC2::LaunchTemplate.LaunchTemplateElasticInferenceAccelerator": { "additionalProperties": false, "properties": { - "Id": { - "markdownDescription": "The ID of the launch template.\n\nYou must specify either the launch template ID or the launch template name in the request, but not both. After node group creation, you cannot use a different ID.", - "title": "Id", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the launch template.\n\nYou must specify either the launch template name or the launch template ID in the request, but not both. After node group creation, you cannot use a different name.", - "title": "Name", - "type": "string" + "Count": { + "markdownDescription": "The number of elastic inference accelerators to attach to the instance.\n\nDefault: 1", + "title": "Count", + "type": "number" }, - "Version": { - "markdownDescription": "The version number of the launch template to use. If no version is specified, then the template's default version is used. You can use a different version for node group updates.", - "title": "Version", + "Type": { + "markdownDescription": "The type of elastic inference accelerator. The possible values are eia1.medium, eia1.large, and eia1.xlarge.", + "title": "Type", "type": "string" } }, "type": "object" }, - "AWS::EKS::Nodegroup.RemoteAccess": { + "AWS::EC2::LaunchTemplate.LaunchTemplateTagSpecification": { "additionalProperties": false, "properties": { - "Ec2SshKey": { - "markdownDescription": "The Amazon EC2 SSH key name that provides access for SSH communication with the nodes in the managed node group. For more information, see [Amazon EC2 key pairs and Linux instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html) in the *Amazon Elastic Compute Cloud User Guide for Linux Instances* . For Windows, an Amazon EC2 SSH key is used to obtain the RDP password. For more information, see [Amazon EC2 key pairs and Windows instances](https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ec2-key-pairs.html) in the *Amazon Elastic Compute Cloud User Guide for Windows Instances* .", - "title": "Ec2SshKey", + "ResourceType": { + "markdownDescription": "The type of resource. To tag a launch template, `ResourceType` must be `launch-template` .", + "title": "ResourceType", "type": "string" }, - "SourceSecurityGroups": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The security group IDs that are allowed SSH access (port 22) to the nodes. For Windows, the port is 3389. If you specify an Amazon EC2 SSH key but don't specify a source security group when you create a managed node group, then the port on the nodes is opened to the internet ( `0.0.0.0/0` ). For more information, see [Security Groups for Your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) in the *Amazon Virtual Private Cloud User Guide* .", - "title": "SourceSecurityGroups", + "markdownDescription": "The tags for the resource.", + "title": "Tags", "type": "array" } }, - "required": [ - "Ec2SshKey" - ], "type": "object" }, - "AWS::EKS::Nodegroup.ScalingConfig": { + "AWS::EC2::LaunchTemplate.LicenseSpecification": { "additionalProperties": false, "properties": { - "DesiredSize": { - "markdownDescription": "The current number of nodes that the managed node group should maintain.\n\n> If you use the Kubernetes [Cluster Autoscaler](https://docs.aws.amazon.com/https://github.com/kubernetes/autoscaler#kubernetes-autoscaler) , you shouldn't change the `desiredSize` value directly, as this can cause the Cluster Autoscaler to suddenly scale up or scale down. \n\nWhenever this parameter changes, the number of worker nodes in the node group is updated to the specified size. If this parameter is given a value that is smaller than the current number of running worker nodes, the necessary number of worker nodes are terminated to match the given value. When using CloudFormation, no action occurs if you remove this parameter from your CFN template.\n\nThis parameter can be different from `minSize` in some cases, such as when starting with extra hosts for testing. This parameter can also be different when you want to start with an estimated number of needed hosts, but let the Cluster Autoscaler reduce the number if there are too many. When the Cluster Autoscaler is used, the `desiredSize` parameter is altered by the Cluster Autoscaler (but can be out-of-date for short periods of time). the Cluster Autoscaler doesn't scale a managed node group lower than `minSize` or higher than `maxSize` .", - "title": "DesiredSize", + "LicenseConfigurationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the license configuration.", + "title": "LicenseConfigurationArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::LaunchTemplate.MaintenanceOptions": { + "additionalProperties": false, + "properties": { + "AutoRecovery": { + "markdownDescription": "Disables the automatic recovery behavior of your instance or sets it to default.", + "title": "AutoRecovery", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::LaunchTemplate.MemoryGiBPerVCpu": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum amount of memory per vCPU, in GiB. To specify no maximum limit, omit this parameter.", + "title": "Max", "type": "number" }, - "MaxSize": { - "markdownDescription": "The maximum number of nodes that the managed node group can scale out to. For information about the maximum number that you can specify, see [Amazon EKS service quotas](https://docs.aws.amazon.com/eks/latest/userguide/service-quotas.html) in the *Amazon EKS User Guide* .", - "title": "MaxSize", + "Min": { + "markdownDescription": "The minimum amount of memory per vCPU, in GiB. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::LaunchTemplate.MemoryMiB": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum amount of memory, in MiB. To specify no maximum limit, omit this parameter.", + "title": "Max", "type": "number" }, - "MinSize": { - "markdownDescription": "The minimum number of nodes that the managed node group can scale in to.", - "title": "MinSize", + "Min": { + "markdownDescription": "The minimum amount of memory, in MiB. To specify no minimum limit, specify `0` .", + "title": "Min", "type": "number" } }, "type": "object" }, - "AWS::EKS::Nodegroup.Taint": { + "AWS::EC2::LaunchTemplate.MetadataOptions": { "additionalProperties": false, "properties": { - "Effect": { - "markdownDescription": "The effect of the taint.", - "title": "Effect", + "HttpEndpoint": { + "markdownDescription": "Enables or disables the HTTP metadata endpoint on your instances. If the parameter is not specified, the default state is `enabled` .\n\n> If you specify a value of `disabled` , you will not be able to access your instance metadata.", + "title": "HttpEndpoint", "type": "string" }, - "Key": { - "markdownDescription": "The key of the taint.", - "title": "Key", + "HttpProtocolIpv6": { + "markdownDescription": "Enables or disables the IPv6 endpoint for the instance metadata service.\n\nDefault: `disabled`", + "title": "HttpProtocolIpv6", "type": "string" }, - "Value": { - "markdownDescription": "The value of the taint.", - "title": "Value", + "HttpPutResponseHopLimit": { + "markdownDescription": "The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel.\n\nDefault: `1`\n\nPossible values: Integers from 1 to 64", + "title": "HttpPutResponseHopLimit", + "type": "number" + }, + "HttpTokens": { + "markdownDescription": "Indicates whether IMDSv2 is required.\n\n- `optional` - IMDSv2 is optional. You can choose whether to send a session token in your instance metadata retrieval requests. If you retrieve IAM role credentials without a session token, you receive the IMDSv1 role credentials. If you retrieve IAM role credentials using a valid session token, you receive the IMDSv2 role credentials.\n- `required` - IMDSv2 is required. You must send a session token in your instance metadata retrieval requests. With this option, retrieving the IAM role credentials always returns IMDSv2 credentials; IMDSv1 credentials are not available.\n\nDefault: If the value of `ImdsSupport` for the Amazon Machine Image (AMI) for your instance is `v2.0` , the default is `required` .", + "title": "HttpTokens", + "type": "string" + }, + "InstanceMetadataTags": { + "markdownDescription": "Set to `enabled` to allow access to instance tags from the instance metadata. Set to `disabled` to turn off access to instance tags from the instance metadata. For more information, see [View tags for your EC2 instances using instance metadata](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/work-with-tags-in-IMDS.html) .\n\nDefault: `disabled`", + "title": "InstanceMetadataTags", "type": "string" } }, "type": "object" }, - "AWS::EKS::Nodegroup.UpdateConfig": { + "AWS::EC2::LaunchTemplate.Monitoring": { "additionalProperties": false, "properties": { - "MaxUnavailable": { - "markdownDescription": "The maximum number of nodes unavailable at once during a version update. Nodes are updated in parallel. This value or `maxUnavailablePercentage` is required to have a value.The maximum number is 100.", - "title": "MaxUnavailable", + "Enabled": { + "markdownDescription": "Specify `true` to enable detailed monitoring. Otherwise, basic monitoring is enabled.", + "title": "Enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EC2::LaunchTemplate.NetworkBandwidthGbps": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum amount of network bandwidth, in Gbps. To specify no maximum limit, omit this parameter.", + "title": "Max", "type": "number" }, - "MaxUnavailablePercentage": { - "markdownDescription": "The maximum percentage of nodes unavailable during a version update. This percentage of nodes are updated in parallel, up to 100 nodes at once. This value or `maxUnavailable` is required to have a value.", - "title": "MaxUnavailablePercentage", + "Min": { + "markdownDescription": "The minimum amount of network bandwidth, in Gbps. If this parameter is not specified, there is no minimum limit.", + "title": "Min", "type": "number" } }, "type": "object" }, - "AWS::EKS::PodIdentityAssociation": { + "AWS::EC2::LaunchTemplate.NetworkInterface": { "additionalProperties": false, "properties": { - "Condition": { + "AssociateCarrierIpAddress": { + "markdownDescription": "Associates a Carrier IP address with eth0 for a new network interface.\n\nUse this option when you launch an instance in a Wavelength Zone and want to associate a Carrier IP address with the network interface. For more information about Carrier IP addresses, see [Carrier IP addresses](https://docs.aws.amazon.com/wavelength/latest/developerguide/how-wavelengths-work.html#provider-owned-ip) in the *AWS Wavelength Developer Guide* .", + "title": "AssociateCarrierIpAddress", + "type": "boolean" + }, + "AssociatePublicIpAddress": { + "markdownDescription": "Associates a public IPv4 address with eth0 for a new network interface.\n\nAWS charges for all public IPv4 addresses, including public IPv4 addresses associated with running instances and Elastic IP addresses. For more information, see the *Public IPv4 Address* tab on the [Amazon VPC pricing page](https://docs.aws.amazon.com/vpc/pricing/) .", + "title": "AssociatePublicIpAddress", + "type": "boolean" + }, + "ConnectionTrackingSpecification": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.ConnectionTrackingSpecification", + "markdownDescription": "A connection tracking specification for the network interface.", + "title": "ConnectionTrackingSpecification" + }, + "DeleteOnTermination": { + "markdownDescription": "Indicates whether the network interface is deleted when the instance is terminated.", + "title": "DeleteOnTermination", + "type": "boolean" + }, + "Description": { + "markdownDescription": "A description for the network interface.", + "title": "Description", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DeviceIndex": { + "markdownDescription": "The device index for the network interface attachment. The primary network interface has a device index of 0. If the network interface is of type `interface` , you must specify a device index.\n\nIf you create a launch template that includes secondary network interfaces but no primary network interface, and you specify it using the `LaunchTemplate` property of `AWS::EC2::Instance` , then you must include a primary network interface using the `NetworkInterfaces` property of `AWS::EC2::Instance` .", + "title": "DeviceIndex", + "type": "number" + }, + "EnaSrdSpecification": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.EnaSrdSpecification", + "markdownDescription": "The ENA Express configuration for the network interface.", + "title": "EnaSrdSpecification" + }, + "Groups": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of one or more security groups.", + "title": "Groups", + "type": "array" + }, + "InterfaceType": { + "markdownDescription": "The type of network interface. To create an Elastic Fabric Adapter (EFA), specify `efa` or `efa` . For more information, see [Elastic Fabric Adapter for AI/ML and HPC workloads on Amazon EC2](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/efa.html) in the *Amazon EC2 User Guide* .\n\nIf you are not creating an EFA, specify `interface` or omit this parameter.\n\nIf you specify `efa-only` , do not assign any IP addresses to the network interface. EFA-only network interfaces do not support IP addresses.\n\nValid values: `interface` | `efa` | `efa-only`", + "title": "InterfaceType", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Ipv4PrefixCount": { + "markdownDescription": "The number of IPv4 prefixes to be automatically assigned to the network interface. You cannot use this option if you use the `Ipv4Prefix` option.", + "title": "Ipv4PrefixCount", + "type": "number" }, - "Metadata": { - "type": "object" + "Ipv4Prefixes": { + "items": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Ipv4PrefixSpecification" + }, + "markdownDescription": "One or more IPv4 prefixes to be assigned to the network interface. You cannot use this option if you use the `Ipv4PrefixCount` option.", + "title": "Ipv4Prefixes", + "type": "array" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ClusterName": { - "markdownDescription": "The name of the cluster that the association is in.", - "title": "ClusterName", - "type": "string" - }, - "Namespace": { - "markdownDescription": "The name of the Kubernetes namespace inside the cluster to create the association in. The service account and the pods that use the service account must be in this namespace.", - "title": "Namespace", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to associate with the service account. The EKS Pod Identity agent manages credentials to assume this role for applications in the containers in the pods that use this service account.", - "title": "RoleArn", - "type": "string" - }, - "ServiceAccount": { - "markdownDescription": "The name of the Kubernetes service account inside the cluster to associate the IAM credentials with.", - "title": "ServiceAccount", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or AWS resources.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource \u2013 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length \u2013 128 Unicode characters in UTF-8\n- Maximum value length \u2013 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", - "title": "Tags", - "type": "array" - } + "Ipv6AddressCount": { + "markdownDescription": "The number of IPv6 addresses to assign to a network interface. Amazon EC2 automatically selects the IPv6 addresses from the subnet range. You can't use this option if specifying specific IPv6 addresses.", + "title": "Ipv6AddressCount", + "type": "number" + }, + "Ipv6Addresses": { + "items": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Ipv6Add" }, - "required": [ - "ClusterName", - "Namespace", - "RoleArn", - "ServiceAccount" - ], - "type": "object" + "markdownDescription": "One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet. You can't use this option if you're specifying a number of IPv6 addresses.", + "title": "Ipv6Addresses", + "type": "array" }, - "Type": { - "enum": [ - "AWS::EKS::PodIdentityAssociation" - ], + "Ipv6PrefixCount": { + "markdownDescription": "The number of IPv6 prefixes to be automatically assigned to the network interface. You cannot use this option if you use the `Ipv6Prefix` option.", + "title": "Ipv6PrefixCount", + "type": "number" + }, + "Ipv6Prefixes": { + "items": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Ipv6PrefixSpecification" + }, + "markdownDescription": "One or more IPv6 prefixes to be assigned to the network interface. You cannot use this option if you use the `Ipv6PrefixCount` option.", + "title": "Ipv6Prefixes", + "type": "array" + }, + "NetworkCardIndex": { + "markdownDescription": "The index of the network card. Some instance types support multiple network cards. The primary network interface must be assigned to network card index 0. The default is network card index 0.", + "title": "NetworkCardIndex", + "type": "number" + }, + "NetworkInterfaceId": { + "markdownDescription": "The ID of the network interface.", + "title": "NetworkInterfaceId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "PrimaryIpv6": { + "markdownDescription": "The primary IPv6 address of the network interface. When you enable an IPv6 GUA address to be a primary IPv6, the first IPv6 GUA will be made the primary IPv6 address until the instance is terminated or the network interface is detached. For more information about primary IPv6 addresses, see [RunInstances](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html) .", + "title": "PrimaryIpv6", + "type": "boolean" + }, + "PrivateIpAddress": { + "markdownDescription": "The primary private IPv4 address of the network interface.", + "title": "PrivateIpAddress", + "type": "string" + }, + "PrivateIpAddresses": { + "items": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.PrivateIpAdd" + }, + "markdownDescription": "One or more private IPv4 addresses.", + "title": "PrivateIpAddresses", + "type": "array" + }, + "SecondaryPrivateIpAddressCount": { + "markdownDescription": "The number of secondary private IPv4 addresses to assign to a network interface.", + "title": "SecondaryPrivateIpAddressCount", + "type": "number" + }, + "SubnetId": { + "markdownDescription": "The ID of the subnet for the network interface.", + "title": "SubnetId", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::EMR::Cluster": { + "AWS::EC2::LaunchTemplate.NetworkInterfaceCount": { "additionalProperties": false, "properties": { - "Condition": { + "Max": { + "markdownDescription": "The maximum number of network interfaces. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The minimum number of network interfaces. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::LaunchTemplate.NetworkPerformanceOptions": { + "additionalProperties": false, + "properties": { + "BandwidthWeighting": { + "markdownDescription": "Specify the bandwidth weighting option to boost the associated type of baseline bandwidth, as follows:\n\n- **default** - This option uses the standard bandwidth configuration for your instance type.\n- **vpc-1** - This option boosts your networking baseline bandwidth and reduces your EBS baseline bandwidth.\n- **ebs-1** - This option boosts your EBS baseline bandwidth and reduces your networking baseline bandwidth.", + "title": "BandwidthWeighting", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::LaunchTemplate.Placement": { + "additionalProperties": false, + "properties": { + "Affinity": { + "markdownDescription": "The affinity setting for an instance on a Dedicated Host.", + "title": "Affinity", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "AvailabilityZone": { + "markdownDescription": "The Availability Zone for the instance.", + "title": "AvailabilityZone", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "GroupId": { + "markdownDescription": "The Group Id of a placement group. You must specify the Placement Group *Group Id* to launch an instance in a shared placement group.", + "title": "GroupId", + "type": "string" }, - "Metadata": { - "type": "object" + "GroupName": { + "markdownDescription": "The name of the placement group for the instance.", + "title": "GroupName", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AdditionalInfo": { - "markdownDescription": "A JSON string for selecting additional features.", - "title": "AdditionalInfo", - "type": "object" - }, - "Applications": { - "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.Application" - }, - "markdownDescription": "The applications to install on this cluster, for example, Spark, Flink, Oozie, Zeppelin, and so on.", - "title": "Applications", - "type": "array" - }, - "AutoScalingRole": { - "markdownDescription": "An IAM role for automatic scaling policies. The default role is `EMR_AutoScaling_DefaultRole` . The IAM role provides permissions that the automatic scaling feature requires to launch and terminate Amazon EC2 instances in an instance group.", - "title": "AutoScalingRole", - "type": "string" - }, - "AutoTerminationPolicy": { - "$ref": "#/definitions/AWS::EMR::Cluster.AutoTerminationPolicy", - "markdownDescription": "An auto-termination policy for an Amazon EMR cluster. An auto-termination policy defines the amount of idle time in seconds after which a cluster automatically terminates. For alternative cluster termination options, see [Control cluster termination](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-plan-termination.html) .", - "title": "AutoTerminationPolicy" - }, - "BootstrapActions": { - "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.BootstrapActionConfig" - }, - "markdownDescription": "A list of bootstrap actions to run before Hadoop starts on the cluster nodes.", - "title": "BootstrapActions", - "type": "array" - }, - "Configurations": { - "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.Configuration" - }, - "markdownDescription": "Applies only to Amazon EMR releases 4.x and later. The list of configurations that are supplied to the Amazon EMR cluster.", - "title": "Configurations", - "type": "array" - }, - "CustomAmiId": { - "markdownDescription": "Available only in Amazon EMR releases 5.7.0 and later. The ID of a custom Amazon EBS-backed Linux AMI if the cluster uses a custom AMI.", - "title": "CustomAmiId", - "type": "string" - }, - "EbsRootVolumeIops": { - "markdownDescription": "The IOPS, of the Amazon EBS root device volume of the Linux AMI that is used for each Amazon EC2 instance. Available in Amazon EMR releases 6.15.0 and later.", - "title": "EbsRootVolumeIops", - "type": "number" - }, - "EbsRootVolumeSize": { - "markdownDescription": "The size, in GiB, of the Amazon EBS root device volume of the Linux AMI that is used for each Amazon EC2 instance. Available in Amazon EMR releases 4.x and later.", - "title": "EbsRootVolumeSize", - "type": "number" - }, - "EbsRootVolumeThroughput": { - "markdownDescription": "The throughput, in MiB/s, of the Amazon EBS root device volume of the Linux AMI that is used for each Amazon EC2 instance. Available in Amazon EMR releases 6.15.0 and later.", - "title": "EbsRootVolumeThroughput", - "type": "number" - }, - "Instances": { - "$ref": "#/definitions/AWS::EMR::Cluster.JobFlowInstancesConfig", - "markdownDescription": "A specification of the number and type of Amazon EC2 instances.", - "title": "Instances" - }, - "JobFlowRole": { - "markdownDescription": "Also called instance profile and Amazon EC2 role. An IAM role for an Amazon EMR cluster. The Amazon EC2 instances of the cluster assume this role. The default role is `EMR_EC2_DefaultRole` . In order to use the default role, you must have already created it using the AWS CLI or console.", - "title": "JobFlowRole", - "type": "string" - }, - "KerberosAttributes": { - "$ref": "#/definitions/AWS::EMR::Cluster.KerberosAttributes", - "markdownDescription": "Attributes for Kerberos configuration when Kerberos authentication is enabled using a security configuration. For more information see [Use Kerberos Authentication](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-kerberos.html) in the *Amazon EMR Management Guide* .", - "title": "KerberosAttributes" - }, - "LogEncryptionKmsKeyId": { - "markdownDescription": "The AWS KMS key used for encrypting log files. This attribute is only available with Amazon EMR 5.30.0 and later, excluding Amazon EMR 6.0.0.", - "title": "LogEncryptionKmsKeyId", - "type": "string" - }, - "LogUri": { - "markdownDescription": "The path to the Amazon S3 location where logs for this cluster are stored.", - "title": "LogUri", - "type": "string" - }, - "ManagedScalingPolicy": { - "$ref": "#/definitions/AWS::EMR::Cluster.ManagedScalingPolicy", - "markdownDescription": "Creates or updates a managed scaling policy for an Amazon EMR cluster. The managed scaling policy defines the limits for resources, such as Amazon EC2 instances that can be added or terminated from a cluster. The policy only applies to the core and task nodes. The master node cannot be scaled after initial configuration.", - "title": "ManagedScalingPolicy" - }, - "Name": { - "markdownDescription": "The name of the cluster. This parameter can't contain the characters <, >, $, |, or ` (backtick).", - "title": "Name", - "type": "string" - }, - "OSReleaseLabel": { - "markdownDescription": "The Amazon Linux release specified in a cluster launch RunJobFlow request. If no Amazon Linux release was specified, the default Amazon Linux release is shown in the response.", - "title": "OSReleaseLabel", - "type": "string" - }, - "PlacementGroupConfigs": { - "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.PlacementGroupConfig" - }, - "markdownDescription": "", - "title": "PlacementGroupConfigs", - "type": "array" - }, - "ReleaseLabel": { - "markdownDescription": "The Amazon EMR release label, which determines the version of open-source application packages installed on the cluster. Release labels are in the form `emr-x.x.x` , where x.x.x is an Amazon EMR release version such as `emr-5.14.0` . For more information about Amazon EMR release versions and included application versions and features, see [](https://docs.aws.amazon.com/emr/latest/ReleaseGuide/) . The release label applies only to Amazon EMR releases version 4.0 and later. Earlier versions use `AmiVersion` .", - "title": "ReleaseLabel", - "type": "string" - }, - "ScaleDownBehavior": { - "markdownDescription": "The way that individual Amazon EC2 instances terminate when an automatic scale-in activity occurs or an instance group is resized. `TERMINATE_AT_INSTANCE_HOUR` indicates that Amazon EMR terminates nodes at the instance-hour boundary, regardless of when the request to terminate the instance was submitted. This option is only available with Amazon EMR 5.1.0 and later and is the default for clusters created using that version. `TERMINATE_AT_TASK_COMPLETION` indicates that Amazon EMR adds nodes to a deny list and drains tasks from nodes before terminating the Amazon EC2 instances, regardless of the instance-hour boundary. With either behavior, Amazon EMR removes the least active nodes first and blocks instance termination if it could lead to HDFS corruption. `TERMINATE_AT_TASK_COMPLETION` is available only in Amazon EMR releases 4.1.0 and later, and is the default for versions of Amazon EMR earlier than 5.1.0.", - "title": "ScaleDownBehavior", - "type": "string" - }, - "SecurityConfiguration": { - "markdownDescription": "The name of the security configuration applied to the cluster.", - "title": "SecurityConfiguration", - "type": "string" - }, - "ServiceRole": { - "markdownDescription": "The IAM role that Amazon EMR assumes in order to access AWS resources on your behalf.", - "title": "ServiceRole", - "type": "string" - }, - "StepConcurrencyLevel": { - "markdownDescription": "Specifies the number of steps that can be executed concurrently. The default value is `1` . The maximum value is `256` .", - "title": "StepConcurrencyLevel", - "type": "number" - }, - "Steps": { - "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.StepConfig" - }, - "markdownDescription": "A list of steps to run.", - "title": "Steps", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of tags associated with a cluster.", - "title": "Tags", - "type": "array" - }, - "VisibleToAllUsers": { - "markdownDescription": "Indicates whether the cluster is visible to all IAM users of the AWS account associated with the cluster. If this value is set to `true` , all IAM users of that AWS account can view and manage the cluster if they have the proper policy permissions set. If this value is `false` , only the IAM user that created the cluster can view and manage it. This value can be changed using the SetVisibleToAllUsers action.\n\n> When you create clusters directly through the EMR console or API, this value is set to `true` by default. However, for `AWS::EMR::Cluster` resources in CloudFormation, the default is `false` .", - "title": "VisibleToAllUsers", - "type": "boolean" - } - }, - "required": [ - "Instances", - "JobFlowRole", - "Name", - "ServiceRole" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::EMR::Cluster" - ], + "HostId": { + "markdownDescription": "The ID of the Dedicated Host for the instance.", + "title": "HostId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "HostResourceGroupArn": { + "markdownDescription": "The ARN of the host resource group in which to launch the instances. If you specify a host resource group ARN, omit the *Tenancy* parameter or set it to `host` .", + "title": "HostResourceGroupArn", "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::EMR::Cluster.Application": { - "additionalProperties": false, - "properties": { - "AdditionalInfo": { - "additionalProperties": true, - "markdownDescription": "This option is for advanced users only. This is meta information about clusters and applications that are used for testing and troubleshooting.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "AdditionalInfo", - "type": "object" }, - "Args": { - "items": { - "type": "string" - }, - "markdownDescription": "Arguments for Amazon EMR to pass to the application.", - "title": "Args", - "type": "array" + "PartitionNumber": { + "markdownDescription": "The number of the partition the instance should launch in. Valid only if the placement group strategy is set to `partition` .", + "title": "PartitionNumber", + "type": "number" }, - "Name": { - "markdownDescription": "The name of the application.", - "title": "Name", + "SpreadDomain": { + "markdownDescription": "Reserved for future use.", + "title": "SpreadDomain", "type": "string" }, - "Version": { - "markdownDescription": "The version of the application.", - "title": "Version", + "Tenancy": { + "markdownDescription": "The tenancy of the instance. An instance with a tenancy of dedicated runs on single-tenant hardware.", + "title": "Tenancy", "type": "string" } }, "type": "object" }, - "AWS::EMR::Cluster.AutoScalingPolicy": { + "AWS::EC2::LaunchTemplate.PrivateDnsNameOptions": { "additionalProperties": false, "properties": { - "Constraints": { - "$ref": "#/definitions/AWS::EMR::Cluster.ScalingConstraints", - "markdownDescription": "The upper and lower Amazon EC2 instance limits for an automatic scaling policy. Automatic scaling activity will not cause an instance group to grow above or below these limits.", - "title": "Constraints" + "EnableResourceNameDnsAAAARecord": { + "markdownDescription": "Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records.", + "title": "EnableResourceNameDnsAAAARecord", + "type": "boolean" }, - "Rules": { - "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.ScalingRule" - }, - "markdownDescription": "The scale-in and scale-out rules that comprise the automatic scaling policy.", - "title": "Rules", - "type": "array" + "EnableResourceNameDnsARecord": { + "markdownDescription": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records.", + "title": "EnableResourceNameDnsARecord", + "type": "boolean" + }, + "HostnameType": { + "markdownDescription": "The type of hostname for EC2 instances. For IPv4 only subnets, an instance DNS name must be based on the instance IPv4 address. For IPv6 only subnets, an instance DNS name must be based on the instance ID. For dual-stack subnets, you can specify whether DNS names use the instance IPv4 address or the instance ID. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .", + "title": "HostnameType", + "type": "string" } }, - "required": [ - "Constraints", - "Rules" - ], "type": "object" }, - "AWS::EMR::Cluster.AutoTerminationPolicy": { + "AWS::EC2::LaunchTemplate.PrivateIpAdd": { "additionalProperties": false, "properties": { - "IdleTimeout": { - "markdownDescription": "Specifies the amount of idle time in seconds after which the cluster automatically terminates. You can specify a minimum of 60 seconds and a maximum of 604800 seconds (seven days).", - "title": "IdleTimeout", - "type": "number" + "Primary": { + "markdownDescription": "Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.", + "title": "Primary", + "type": "boolean" + }, + "PrivateIpAddress": { + "markdownDescription": "The private IPv4 address.", + "title": "PrivateIpAddress", + "type": "string" } }, "type": "object" }, - "AWS::EMR::Cluster.BootstrapActionConfig": { + "AWS::EC2::LaunchTemplate.Reference": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the bootstrap action.", - "title": "Name", + "InstanceFamily": { + "markdownDescription": "The instance family to use as a baseline reference.\n\n> Ensure that you specify the correct value for the instance family. The instance family is everything before the period ( `.` ) in the instance type name. For example, in the instance type `c6i.large` , the instance family is `c6i` , not `c6` . For more information, see [Amazon EC2 instance type naming conventions](https://docs.aws.amazon.com/ec2/latest/instancetypes/instance-type-names.html) in *Amazon EC2 Instance Types* . \n\nThe following instance families are *not supported* for performance protection:\n\n- `c1`\n- `g3` | `g3s`\n- `hpc7g`\n- `m1` | `m2`\n- `mac1` | `mac2` | `mac2-m1ultra` | `mac2-m2` | `mac2-m2pro`\n- `p3dn` | `p4d` | `p5`\n- `t1`\n- `u-12tb1` | `u-18tb1` | `u-24tb1` | `u-3tb1` | `u-6tb1` | `u-9tb1` | `u7i-12tb` | `u7in-16tb` | `u7in-24tb` | `u7in-32tb`\n\nIf you enable performance protection by specifying a supported instance family, the returned instance types will exclude the above unsupported instance families.", + "title": "InstanceFamily", "type": "string" - }, - "ScriptBootstrapAction": { - "$ref": "#/definitions/AWS::EMR::Cluster.ScriptBootstrapActionConfig", - "markdownDescription": "The script run by the bootstrap action.", - "title": "ScriptBootstrapAction" } }, - "required": [ - "Name", - "ScriptBootstrapAction" - ], "type": "object" }, - "AWS::EMR::Cluster.CloudWatchAlarmDefinition": { + "AWS::EC2::LaunchTemplate.SpotOptions": { "additionalProperties": false, "properties": { - "ComparisonOperator": { - "markdownDescription": "Determines how the metric specified by `MetricName` is compared to the value specified by `Threshold` .", - "title": "ComparisonOperator", - "type": "string" - }, - "Dimensions": { - "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.MetricDimension" - }, - "markdownDescription": "A CloudWatch metric dimension.", - "title": "Dimensions", - "type": "array" - }, - "EvaluationPeriods": { - "markdownDescription": "The number of periods, in five-minute increments, during which the alarm condition must exist before the alarm triggers automatic scaling activity. The default value is `1` .", - "title": "EvaluationPeriods", + "BlockDurationMinutes": { + "markdownDescription": "Deprecated.", + "title": "BlockDurationMinutes", "type": "number" }, - "MetricName": { - "markdownDescription": "The name of the CloudWatch metric that is watched to determine an alarm condition.", - "title": "MetricName", - "type": "string" - }, - "Namespace": { - "markdownDescription": "The namespace for the CloudWatch metric. The default is `AWS/ElasticMapReduce` .", - "title": "Namespace", + "InstanceInterruptionBehavior": { + "markdownDescription": "The behavior when a Spot Instance is interrupted. The default is `terminate` .", + "title": "InstanceInterruptionBehavior", "type": "string" }, - "Period": { - "markdownDescription": "The period, in seconds, over which the statistic is applied. CloudWatch metrics for Amazon EMR are emitted every five minutes (300 seconds), so if you specify a CloudWatch metric, specify `300` .", - "title": "Period", - "type": "number" - }, - "Statistic": { - "markdownDescription": "The statistic to apply to the metric associated with the alarm. The default is `AVERAGE` .", - "title": "Statistic", + "MaxPrice": { + "markdownDescription": "The maximum hourly price you're willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price. If you do specify this parameter, it must be more than USD $0.001. Specifying a value below USD $0.001 will result in an `InvalidParameterValue` error message when the launch template is used to launch an instance.\n\n> If you specify a maximum price, your Spot Instances will be interrupted more frequently than if you do not specify this parameter.", + "title": "MaxPrice", "type": "string" }, - "Threshold": { - "markdownDescription": "The value against which the specified statistic is compared.", - "title": "Threshold", - "type": "number" - }, - "Unit": { - "markdownDescription": "The unit of measure associated with the CloudWatch metric being watched. The value specified for `Unit` must correspond to the units specified in the CloudWatch metric.", - "title": "Unit", + "SpotInstanceType": { + "markdownDescription": "The Spot Instance request type.\n\nIf you are using Spot Instances with an Auto Scaling group, use `one-time` requests, as the Amazon EC2 Auto Scaling service handles requesting new Spot Instances whenever the group is below its desired capacity.", + "title": "SpotInstanceType", "type": "string" - } - }, - "required": [ - "ComparisonOperator", - "MetricName", - "Period", - "Threshold" - ], - "type": "object" - }, - "AWS::EMR::Cluster.ComputeLimits": { - "additionalProperties": false, - "properties": { - "MaximumCapacityUnits": { - "markdownDescription": "The upper boundary of Amazon EC2 units. It is measured through vCPU cores or instances for instance groups and measured through units for instance fleets. Managed scaling activities are not allowed beyond this boundary. The limit only applies to the core and task nodes. The master node cannot be scaled after initial configuration.", - "title": "MaximumCapacityUnits", - "type": "number" - }, - "MaximumCoreCapacityUnits": { - "markdownDescription": "The upper boundary of Amazon EC2 units for core node type in a cluster. It is measured through vCPU cores or instances for instance groups and measured through units for instance fleets. The core units are not allowed to scale beyond this boundary. The parameter is used to split capacity allocation between core and task nodes.", - "title": "MaximumCoreCapacityUnits", - "type": "number" - }, - "MaximumOnDemandCapacityUnits": { - "markdownDescription": "The upper boundary of On-Demand Amazon EC2 units. It is measured through vCPU cores or instances for instance groups and measured through units for instance fleets. The On-Demand units are not allowed to scale beyond this boundary. The parameter is used to split capacity allocation between On-Demand and Spot Instances.", - "title": "MaximumOnDemandCapacityUnits", - "type": "number" - }, - "MinimumCapacityUnits": { - "markdownDescription": "The lower boundary of Amazon EC2 units. It is measured through vCPU cores or instances for instance groups and measured through units for instance fleets. Managed scaling activities are not allowed beyond this boundary. The limit only applies to the core and task nodes. The master node cannot be scaled after initial configuration.", - "title": "MinimumCapacityUnits", - "type": "number" }, - "UnitType": { - "markdownDescription": "The unit type used for specifying a managed scaling policy.", - "title": "UnitType", + "ValidUntil": { + "markdownDescription": "The end date of the request, in UTC format ( *YYYY-MM-DD* T *HH:MM:SS* Z). Supported only for persistent requests.\n\n- For a persistent request, the request remains active until the `ValidUntil` date and time is reached. Otherwise, the request remains active until you cancel it.\n- For a one-time request, `ValidUntil` is not supported. The request remains active until all instances launch or you cancel the request.\n\nDefault: 7 days from the current date", + "title": "ValidUntil", "type": "string" } }, - "required": [ - "MaximumCapacityUnits", - "MinimumCapacityUnits", - "UnitType" - ], "type": "object" }, - "AWS::EMR::Cluster.Configuration": { + "AWS::EC2::LaunchTemplate.TagSpecification": { "additionalProperties": false, "properties": { - "Classification": { - "markdownDescription": "The classification within a configuration.", - "title": "Classification", + "ResourceType": { + "markdownDescription": "The type of resource to tag. You can specify tags for the following resource types only: `instance` | `volume` | `network-interface` | `spot-instances-request` . If the instance does not include the resource type that you specify, the instance launch fails. For example, not all instance types include a volume.\n\nTo tag a resource after it has been created, see [CreateTags](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTags.html) .", + "title": "ResourceType", "type": "string" }, - "ConfigurationProperties": { - "additionalProperties": true, - "markdownDescription": "A list of additional configurations to apply within a configuration object.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "ConfigurationProperties", - "type": "object" - }, - "Configurations": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.Configuration" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of additional configurations to apply within a configuration object.", - "title": "Configurations", + "markdownDescription": "The tags to apply to the resource.", + "title": "Tags", "type": "array" } }, "type": "object" }, - "AWS::EMR::Cluster.EbsBlockDeviceConfig": { + "AWS::EC2::LaunchTemplate.TotalLocalStorageGB": { "additionalProperties": false, "properties": { - "VolumeSpecification": { - "$ref": "#/definitions/AWS::EMR::Cluster.VolumeSpecification", - "markdownDescription": "EBS volume specifications such as volume type, IOPS, size (GiB) and throughput (MiB/s) that are requested for the EBS volume attached to an Amazon EC2 instance in the cluster.", - "title": "VolumeSpecification" + "Max": { + "markdownDescription": "The maximum amount of total local storage, in GB. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" }, - "VolumesPerInstance": { - "markdownDescription": "Number of EBS volumes with a specific volume configuration that are associated with every instance in the instance group", - "title": "VolumesPerInstance", + "Min": { + "markdownDescription": "The minimum amount of total local storage, in GB. To specify no minimum limit, omit this parameter.", + "title": "Min", "type": "number" } }, - "required": [ - "VolumeSpecification" - ], "type": "object" }, - "AWS::EMR::Cluster.EbsConfiguration": { + "AWS::EC2::LaunchTemplate.VCpuCount": { "additionalProperties": false, "properties": { - "EbsBlockDeviceConfigs": { - "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.EbsBlockDeviceConfig" - }, - "markdownDescription": "An array of Amazon EBS volume specifications attached to a cluster instance.", - "title": "EbsBlockDeviceConfigs", - "type": "array" + "Max": { + "markdownDescription": "The maximum number of vCPUs. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" }, - "EbsOptimized": { - "markdownDescription": "Indicates whether an Amazon EBS volume is EBS-optimized. The default is false. You should explicitly set this value to true to enable the Amazon EBS-optimized setting for an EC2 instance.", - "title": "EbsOptimized", - "type": "boolean" + "Min": { + "markdownDescription": "The minimum number of vCPUs. To specify no minimum limit, specify `0` .", + "title": "Min", + "type": "number" } }, "type": "object" }, - "AWS::EMR::Cluster.HadoopJarStepConfig": { + "AWS::EC2::LocalGatewayRoute": { "additionalProperties": false, "properties": { - "Args": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of command line arguments passed to the JAR file's main function when executed.", - "title": "Args", - "type": "array" - }, - "Jar": { - "markdownDescription": "A path to a JAR file run during the step.", - "title": "Jar", + "Condition": { "type": "string" }, - "MainClass": { - "markdownDescription": "The name of the main class in the specified Java file. If not specified, the JAR file should specify a Main-Class in its manifest file.", - "title": "MainClass", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "StepProperties": { - "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.KeyValue" - }, - "markdownDescription": "A list of Java properties that are set when the step runs. You can use these properties to pass key-value pairs to your main function.", - "title": "StepProperties", - "type": "array" - } - }, - "required": [ - "Jar" - ], - "type": "object" - }, - "AWS::EMR::Cluster.InstanceFleetConfig": { - "additionalProperties": false, - "properties": { - "InstanceTypeConfigs": { - "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.InstanceTypeConfig" - }, - "markdownDescription": "The instance type configurations that define the Amazon EC2 instances in the instance fleet.", - "title": "InstanceTypeConfigs", - "type": "array" - }, - "LaunchSpecifications": { - "$ref": "#/definitions/AWS::EMR::Cluster.InstanceFleetProvisioningSpecifications", - "markdownDescription": "The launch specification for the instance fleet.", - "title": "LaunchSpecifications" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Name": { - "markdownDescription": "The friendly name of the instance fleet.", - "title": "Name", - "type": "string" + "Metadata": { + "type": "object" }, - "TargetOnDemandCapacity": { - "markdownDescription": "The target capacity of On-Demand units for the instance fleet, which determines how many On-Demand instances to provision. When the instance fleet launches, Amazon EMR tries to provision On-Demand instances as specified by `InstanceTypeConfig` . Each instance configuration has a specified `WeightedCapacity` . When an On-Demand instance is provisioned, the `WeightedCapacity` units count toward the target capacity. Amazon EMR provisions instances until the target capacity is totally fulfilled, even if this results in an overage. For example, if there are 2 units remaining to fulfill capacity, and Amazon EMR can only provision an instance with a `WeightedCapacity` of 5 units, the instance is provisioned, and the target capacity is exceeded by 3 units.\n\n> If not specified or set to 0, only Spot instances are provisioned for the instance fleet using `TargetSpotCapacity` . At least one of `TargetSpotCapacity` and `TargetOnDemandCapacity` should be greater than 0. For a master instance fleet, only one of `TargetSpotCapacity` and `TargetOnDemandCapacity` can be specified, and its value must be 1.", - "title": "TargetOnDemandCapacity", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "DestinationCidrBlock": { + "markdownDescription": "The CIDR block used for destination matches.", + "title": "DestinationCidrBlock", + "type": "string" + }, + "LocalGatewayRouteTableId": { + "markdownDescription": "The ID of the local gateway route table.", + "title": "LocalGatewayRouteTableId", + "type": "string" + }, + "LocalGatewayVirtualInterfaceGroupId": { + "markdownDescription": "The ID of the virtual interface group.", + "title": "LocalGatewayVirtualInterfaceGroupId", + "type": "string" + }, + "NetworkInterfaceId": { + "markdownDescription": "The ID of the network interface.", + "title": "NetworkInterfaceId", + "type": "string" + } + }, + "required": [ + "DestinationCidrBlock", + "LocalGatewayRouteTableId" + ], + "type": "object" }, - "TargetSpotCapacity": { - "markdownDescription": "The target capacity of Spot units for the instance fleet, which determines how many Spot instances to provision. When the instance fleet launches, Amazon EMR tries to provision Spot instances as specified by `InstanceTypeConfig` . Each instance configuration has a specified `WeightedCapacity` . When a Spot instance is provisioned, the `WeightedCapacity` units count toward the target capacity. Amazon EMR provisions instances until the target capacity is totally fulfilled, even if this results in an overage. For example, if there are 2 units remaining to fulfill capacity, and Amazon EMR can only provision an instance with a `WeightedCapacity` of 5 units, the instance is provisioned, and the target capacity is exceeded by 3 units.\n\n> If not specified or set to 0, only On-Demand instances are provisioned for the instance fleet. At least one of `TargetSpotCapacity` and `TargetOnDemandCapacity` should be greater than 0. For a master instance fleet, only one of `TargetSpotCapacity` and `TargetOnDemandCapacity` can be specified, and its value must be 1.", - "title": "TargetSpotCapacity", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EMR::Cluster.InstanceFleetProvisioningSpecifications": { - "additionalProperties": false, - "properties": { - "OnDemandSpecification": { - "$ref": "#/definitions/AWS::EMR::Cluster.OnDemandProvisioningSpecification", - "markdownDescription": "The launch specification for On-Demand Instances in the instance fleet, which determines the allocation strategy and capacity reservation options.\n\n> The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and later, excluding 5.0.x versions. On-Demand Instances allocation strategy is available in Amazon EMR releases 5.12.1 and later.", - "title": "OnDemandSpecification" + "Type": { + "enum": [ + "AWS::EC2::LocalGatewayRoute" + ], + "type": "string" }, - "SpotSpecification": { - "$ref": "#/definitions/AWS::EMR::Cluster.SpotProvisioningSpecification", - "markdownDescription": "The launch specification for Spot instances in the fleet, which determines the allocation strategy, defined duration, and provisioning timeout behavior.", - "title": "SpotSpecification" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::EMR::Cluster.InstanceGroupConfig": { + "AWS::EC2::LocalGatewayRouteTable": { "additionalProperties": false, "properties": { - "AutoScalingPolicy": { - "$ref": "#/definitions/AWS::EMR::Cluster.AutoScalingPolicy", - "markdownDescription": "`AutoScalingPolicy` is a subproperty of the [InstanceGroupConfig](https://docs.aws.amazon.com//AWSCloudFormation/latest/UserGuide/aws-properties-emr-cluster-jobflowinstancesconfig-instancegroupconfig.html) property type that specifies the constraints and rules of an automatic scaling policy in Amazon EMR . The automatic scaling policy defines how an instance group dynamically adds and terminates EC2 instances in response to the value of a CloudWatch metric. Only core and task instance groups can use automatic scaling policies. For more information, see [Using Automatic Scaling in Amazon EMR](https://docs.aws.amazon.com//emr/latest/ManagementGuide/emr-automatic-scaling.html) .", - "title": "AutoScalingPolicy" - }, - "BidPrice": { - "markdownDescription": "If specified, indicates that the instance group uses Spot Instances. This is the maximum price you are willing to pay for Spot Instances. Specify `OnDemandPrice` to set the amount equal to the On-Demand price, or specify an amount in USD.", - "title": "BidPrice", + "Condition": { "type": "string" }, - "Configurations": { - "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.Configuration" - }, - "markdownDescription": "> Amazon EMR releases 4.x or later. \n\nThe list of configurations supplied for an Amazon EMR cluster instance group. You can specify a separate configuration for each instance group (master, core, and task).", - "title": "Configurations", - "type": "array" - }, - "CustomAmiId": { - "markdownDescription": "The custom AMI ID to use for the provisioned instance group.", - "title": "CustomAmiId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "EbsConfiguration": { - "$ref": "#/definitions/AWS::EMR::Cluster.EbsConfiguration", - "markdownDescription": "EBS configurations that will be attached to each Amazon EC2 instance in the instance group.", - "title": "EbsConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "InstanceCount": { - "markdownDescription": "Target number of instances for the instance group.", - "title": "InstanceCount", - "type": "number" + "Metadata": { + "type": "object" }, - "InstanceType": { - "markdownDescription": "The Amazon EC2 instance type for all instances in the instance group.", - "title": "InstanceType", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "LocalGatewayId": { + "markdownDescription": "The ID of the local gateway.", + "title": "LocalGatewayId", + "type": "string" + }, + "Mode": { + "markdownDescription": "The mode of the local gateway route table.", + "title": "Mode", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags assigned to the local gateway route table.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "LocalGatewayId" + ], + "type": "object" }, - "Market": { - "markdownDescription": "Market type of the Amazon EC2 instances used to create a cluster node.", - "title": "Market", + "Type": { + "enum": [ + "AWS::EC2::LocalGatewayRouteTable" + ], "type": "string" }, - "Name": { - "markdownDescription": "Friendly name given to the instance group.", - "title": "Name", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "InstanceCount", - "InstanceType" + "Type", + "Properties" ], "type": "object" }, - "AWS::EMR::Cluster.InstanceTypeConfig": { + "AWS::EC2::LocalGatewayRouteTableVPCAssociation": { "additionalProperties": false, "properties": { - "BidPrice": { - "markdownDescription": "The bid price for each Amazon EC2 Spot Instance type as defined by `InstanceType` . Expressed in USD. If neither `BidPrice` nor `BidPriceAsPercentageOfOnDemandPrice` is provided, `BidPriceAsPercentageOfOnDemandPrice` defaults to 100%.", - "title": "BidPrice", + "Condition": { "type": "string" }, - "BidPriceAsPercentageOfOnDemandPrice": { - "markdownDescription": "The bid price, as a percentage of On-Demand price, for each Amazon EC2 Spot Instance as defined by `InstanceType` . Expressed as a number (for example, 20 specifies 20%). If neither `BidPrice` nor `BidPriceAsPercentageOfOnDemandPrice` is provided, `BidPriceAsPercentageOfOnDemandPrice` defaults to 100%.", - "title": "BidPriceAsPercentageOfOnDemandPrice", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Configurations": { - "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.Configuration" - }, - "markdownDescription": "A configuration classification that applies when provisioning cluster instances, which can include configurations for applications and software that run on the cluster.", - "title": "Configurations", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "CustomAmiId": { - "markdownDescription": "The custom AMI ID to use for the instance type.", - "title": "CustomAmiId", - "type": "string" + "Metadata": { + "type": "object" }, - "EbsConfiguration": { - "$ref": "#/definitions/AWS::EMR::Cluster.EbsConfiguration", - "markdownDescription": "The configuration of Amazon Elastic Block Store (Amazon EBS) attached to each instance as defined by `InstanceType` .", - "title": "EbsConfiguration" + "Properties": { + "additionalProperties": false, + "properties": { + "LocalGatewayRouteTableId": { + "markdownDescription": "The ID of the local gateway route table.", + "title": "LocalGatewayRouteTableId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags assigned to the association.", + "title": "Tags", + "type": "array" + }, + "VpcId": { + "markdownDescription": "The ID of the VPC.", + "title": "VpcId", + "type": "string" + } + }, + "required": [ + "LocalGatewayRouteTableId", + "VpcId" + ], + "type": "object" }, - "InstanceType": { - "markdownDescription": "An Amazon EC2 instance type, such as `m3.xlarge` .", - "title": "InstanceType", + "Type": { + "enum": [ + "AWS::EC2::LocalGatewayRouteTableVPCAssociation" + ], "type": "string" }, - "WeightedCapacity": { - "markdownDescription": "The number of units that a provisioned instance of this type provides toward fulfilling the target capacities defined in `InstanceFleetConfig` . This value is 1 for a master instance fleet, and must be 1 or greater for core and task instance fleets. Defaults to 1 if not specified.", - "title": "WeightedCapacity", - "type": "number" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "InstanceType" + "Type", + "Properties" ], "type": "object" }, - "AWS::EMR::Cluster.JobFlowInstancesConfig": { + "AWS::EC2::LocalGatewayRouteTableVirtualInterfaceGroupAssociation": { "additionalProperties": false, "properties": { - "AdditionalMasterSecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of additional Amazon EC2 security group IDs for the master node.", - "title": "AdditionalMasterSecurityGroups", - "type": "array" - }, - "AdditionalSlaveSecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of additional Amazon EC2 security group IDs for the core and task nodes.", - "title": "AdditionalSlaveSecurityGroups", - "type": "array" - }, - "CoreInstanceFleet": { - "$ref": "#/definitions/AWS::EMR::Cluster.InstanceFleetConfig", - "markdownDescription": "Describes the EC2 instances and instance configurations for the core instance fleet when using clusters with the instance fleet configuration.", - "title": "CoreInstanceFleet" - }, - "CoreInstanceGroup": { - "$ref": "#/definitions/AWS::EMR::Cluster.InstanceGroupConfig", - "markdownDescription": "Describes the EC2 instances and instance configurations for core instance groups when using clusters with the uniform instance group configuration.", - "title": "CoreInstanceGroup" - }, - "Ec2KeyName": { - "markdownDescription": "The name of the Amazon EC2 key pair that can be used to connect to the master node using SSH as the user called \"hadoop.\"", - "title": "Ec2KeyName", + "Condition": { "type": "string" }, - "Ec2SubnetId": { - "markdownDescription": "Applies to clusters that use the uniform instance group configuration. To launch the cluster in Amazon Virtual Private Cloud (Amazon VPC), set this parameter to the identifier of the Amazon VPC subnet where you want the cluster to launch. If you do not specify this value and your account supports EC2-Classic, the cluster launches in EC2-Classic.", - "title": "Ec2SubnetId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Ec2SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "Applies to clusters that use the instance fleet configuration. When multiple Amazon EC2 subnet IDs are specified, Amazon EMR evaluates them and launches instances in the optimal subnet.\n\n> The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and later, excluding 5.0.x versions.", - "title": "Ec2SubnetIds", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "EmrManagedMasterSecurityGroup": { - "markdownDescription": "The identifier of the Amazon EC2 security group for the master node. If you specify `EmrManagedMasterSecurityGroup` , you must also specify `EmrManagedSlaveSecurityGroup` .", - "title": "EmrManagedMasterSecurityGroup", - "type": "string" + "Metadata": { + "type": "object" }, - "EmrManagedSlaveSecurityGroup": { - "markdownDescription": "The identifier of the Amazon EC2 security group for the core and task nodes. If you specify `EmrManagedSlaveSecurityGroup` , you must also specify `EmrManagedMasterSecurityGroup` .", - "title": "EmrManagedSlaveSecurityGroup", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "LocalGatewayRouteTableId": { + "markdownDescription": "The ID of the local gateway route table.", + "title": "LocalGatewayRouteTableId", + "type": "string" + }, + "LocalGatewayVirtualInterfaceGroupId": { + "markdownDescription": "The ID of the virtual interface group.", + "title": "LocalGatewayVirtualInterfaceGroupId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags assigned to the association.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "LocalGatewayRouteTableId", + "LocalGatewayVirtualInterfaceGroupId" + ], + "type": "object" }, - "HadoopVersion": { - "markdownDescription": "Applies only to Amazon EMR release versions earlier than 4.0. The Hadoop version for the cluster. Valid inputs are \"0.18\" (no longer maintained), \"0.20\" (no longer maintained), \"0.20.205\" (no longer maintained), \"1.0.3\", \"2.2.0\", or \"2.4.0\". If you do not set this value, the default of 0.18 is used, unless the `AmiVersion` parameter is set in the RunJobFlow call, in which case the default version of Hadoop for that AMI version is used.", - "title": "HadoopVersion", + "Type": { + "enum": [ + "AWS::EC2::LocalGatewayRouteTableVirtualInterfaceGroupAssociation" + ], "type": "string" }, - "KeepJobFlowAliveWhenNoSteps": { - "markdownDescription": "Specifies whether the cluster should remain available after completing all steps. Defaults to `false` . For more information about configuring cluster termination, see [Control Cluster Termination](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-plan-termination.html) in the *EMR Management Guide* .", - "title": "KeepJobFlowAliveWhenNoSteps", - "type": "boolean" - }, - "MasterInstanceFleet": { - "$ref": "#/definitions/AWS::EMR::Cluster.InstanceFleetConfig", - "markdownDescription": "Describes the EC2 instances and instance configurations for the master instance fleet when using clusters with the instance fleet configuration.", - "title": "MasterInstanceFleet" - }, - "MasterInstanceGroup": { - "$ref": "#/definitions/AWS::EMR::Cluster.InstanceGroupConfig", - "markdownDescription": "Describes the EC2 instances and instance configurations for the master instance group when using clusters with the uniform instance group configuration.", - "title": "MasterInstanceGroup" - }, - "Placement": { - "$ref": "#/definitions/AWS::EMR::Cluster.PlacementType", - "markdownDescription": "The Availability Zone in which the cluster runs.", - "title": "Placement" - }, - "ServiceAccessSecurityGroup": { - "markdownDescription": "The identifier of the Amazon EC2 security group for the Amazon EMR service to access clusters in VPC private subnets.", - "title": "ServiceAccessSecurityGroup", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "TaskInstanceFleets": { - "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.InstanceFleetConfig" - }, - "markdownDescription": "Describes the EC2 instances and instance configurations for the task instance fleets when using clusters with the instance fleet configuration. These task instance fleets are added to the cluster as part of the cluster launch. Each task instance fleet must have a unique name specified so that CloudFormation can differentiate between the task instance fleets.\n\n> You can currently specify only one task instance fleet for a cluster. After creating the cluster, you can only modify the mutable properties of `InstanceFleetConfig` , which are `TargetOnDemandCapacity` and `TargetSpotCapacity` . Modifying any other property results in cluster replacement. > To allow a maximum of 30 Amazon EC2 instance types per fleet, include `TaskInstanceFleets` when you create your cluster. If you create your cluster without `TaskInstanceFleets` , Amazon EMR uses its default allocation strategy, which allows for a maximum of five Amazon EC2 instance types.", - "title": "TaskInstanceFleets", - "type": "array" - }, - "TaskInstanceGroups": { - "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.InstanceGroupConfig" - }, - "markdownDescription": "Describes the EC2 instances and instance configurations for task instance groups when using clusters with the uniform instance group configuration. These task instance groups are added to the cluster as part of the cluster launch. Each task instance group must have a unique name specified so that CloudFormation can differentiate between the task instance groups.\n\n> After creating the cluster, you can only modify the mutable properties of `InstanceGroupConfig` , which are `AutoScalingPolicy` and `InstanceCount` . Modifying any other property results in cluster replacement.", - "title": "TaskInstanceGroups", - "type": "array" - }, - "TerminationProtected": { - "markdownDescription": "Specifies whether to lock the cluster to prevent the Amazon EC2 instances from being terminated by API call, user intervention, or in the event of a job-flow error.", - "title": "TerminationProtected", - "type": "boolean" - }, - "UnhealthyNodeReplacement": { - "markdownDescription": "Indicates whether Amazon EMR should gracefully replace core nodes that have degraded within the cluster.", - "title": "UnhealthyNodeReplacement", - "type": "boolean" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::EMR::Cluster.KerberosAttributes": { + "AWS::EC2::NatGateway": { "additionalProperties": false, "properties": { - "ADDomainJoinPassword": { - "markdownDescription": "The Active Directory password for `ADDomainJoinUser` .", - "title": "ADDomainJoinPassword", + "Condition": { "type": "string" }, - "ADDomainJoinUser": { - "markdownDescription": "Required only when establishing a cross-realm trust with an Active Directory domain. A user with sufficient privileges to join resources to the domain.", - "title": "ADDomainJoinUser", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "CrossRealmTrustPrincipalPassword": { - "markdownDescription": "Required only when establishing a cross-realm trust with a KDC in a different realm. The cross-realm principal password, which must be identical across realms.", - "title": "CrossRealmTrustPrincipalPassword", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "KdcAdminPassword": { - "markdownDescription": "The password used within the cluster for the kadmin service on the cluster-dedicated KDC, which maintains Kerberos principals, password policies, and keytabs for the cluster.", - "title": "KdcAdminPassword", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AllocationId": { + "markdownDescription": "[Public NAT gateway only] The allocation ID of the Elastic IP address that's associated with the NAT gateway. This property is required for a public NAT gateway and cannot be specified with a private NAT gateway.", + "title": "AllocationId", + "type": "string" + }, + "ConnectivityType": { + "markdownDescription": "Indicates whether the NAT gateway supports public or private connectivity. The default is public connectivity.", + "title": "ConnectivityType", + "type": "string" + }, + "MaxDrainDurationSeconds": { + "markdownDescription": "The maximum amount of time to wait (in seconds) before forcibly releasing the IP addresses if connections are still in progress. Default value is 350 seconds.", + "title": "MaxDrainDurationSeconds", + "type": "number" + }, + "PrivateIpAddress": { + "markdownDescription": "The private IPv4 address to assign to the NAT gateway. If you don't provide an address, a private IPv4 address will be automatically assigned.", + "title": "PrivateIpAddress", + "type": "string" + }, + "SecondaryAllocationIds": { + "items": { + "type": "string" + }, + "markdownDescription": "Secondary EIP allocation IDs. For more information, see [Create a NAT gateway](https://docs.aws.amazon.com/vpc/latest/userguide/nat-gateway-working-with.html) in the *Amazon VPC User Guide* .", + "title": "SecondaryAllocationIds", + "type": "array" + }, + "SecondaryPrivateIpAddressCount": { + "markdownDescription": "[Private NAT gateway only] The number of secondary private IPv4 addresses you want to assign to the NAT gateway. For more information about secondary addresses, see [Create a NAT gateway](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html#nat-gateway-creating) in the *Amazon Virtual Private Cloud User Guide* .\n\n`SecondaryPrivateIpAddressCount` and `SecondaryPrivateIpAddresses` cannot be set at the same time.", + "title": "SecondaryPrivateIpAddressCount", + "type": "number" + }, + "SecondaryPrivateIpAddresses": { + "items": { + "type": "string" + }, + "markdownDescription": "Secondary private IPv4 addresses. For more information about secondary addresses, see [Create a NAT gateway](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html#nat-gateway-creating) in the *Amazon Virtual Private Cloud User Guide* .\n\n`SecondaryPrivateIpAddressCount` and `SecondaryPrivateIpAddresses` cannot be set at the same time.", + "title": "SecondaryPrivateIpAddresses", + "type": "array" + }, + "SubnetId": { + "markdownDescription": "The ID of the subnet in which the NAT gateway is located.", + "title": "SubnetId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the NAT gateway.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "SubnetId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::EC2::NatGateway" + ], "type": "string" }, - "Realm": { - "markdownDescription": "The name of the Kerberos realm to which all nodes in a cluster belong. For example, `EC2.INTERNAL` .", - "title": "Realm", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "KdcAdminPassword", - "Realm" + "Type", + "Properties" ], "type": "object" }, - "AWS::EMR::Cluster.KeyValue": { + "AWS::EC2::NetworkAcl": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The unique identifier of a key-value pair.", - "title": "Key", + "Condition": { "type": "string" }, - "Value": { - "markdownDescription": "The value part of the identified key.", - "title": "Value", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EMR::Cluster.ManagedScalingPolicy": { - "additionalProperties": false, - "properties": { - "ComputeLimits": { - "$ref": "#/definitions/AWS::EMR::Cluster.ComputeLimits", - "markdownDescription": "The Amazon EC2 unit limits for a managed scaling policy. The managed scaling activity of a cluster is not allowed to go above or below these limits. The limit only applies to the core and task nodes. The master node cannot be scaled after initial configuration.", - "title": "ComputeLimits" - } - }, - "type": "object" - }, - "AWS::EMR::Cluster.MetricDimension": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "The dimension name.", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "The dimension value.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - }, - "AWS::EMR::Cluster.OnDemandProvisioningSpecification": { - "additionalProperties": false, - "properties": { - "AllocationStrategy": { - "markdownDescription": "Specifies the strategy to use in launching On-Demand instance fleets. Available options are `lowest-price` and `prioritized` . `lowest-price` specifies to launch the instances with the lowest price first, and `prioritized` specifies that Amazon EMR should launch the instances with the highest priority first. The default is `lowest-price` .", - "title": "AllocationStrategy", - "type": "string" - } - }, - "required": [ - "AllocationStrategy" - ], - "type": "object" - }, - "AWS::EMR::Cluster.PlacementGroupConfig": { - "additionalProperties": false, - "properties": { - "InstanceRole": { - "markdownDescription": "Role of the instance in the cluster.\n\nStarting with Amazon EMR release 5.23.0, the only supported instance role is `MASTER` .", - "title": "InstanceRole", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "PlacementStrategy": { - "markdownDescription": "Amazon EC2 Placement Group strategy associated with instance role.\n\nStarting with Amazon EMR release 5.23.0, the only supported placement strategy is `SPREAD` for the `MASTER` instance role.", - "title": "PlacementStrategy", - "type": "string" - } - }, - "required": [ - "InstanceRole" - ], - "type": "object" - }, - "AWS::EMR::Cluster.PlacementType": { - "additionalProperties": false, - "properties": { - "AvailabilityZone": { - "markdownDescription": "The Amazon EC2 Availability Zone for the cluster. `AvailabilityZone` is used for uniform instance groups, while `AvailabilityZones` (plural) is used for instance fleets.", - "title": "AvailabilityZone", - "type": "string" - } - }, - "required": [ - "AvailabilityZone" - ], - "type": "object" - }, - "AWS::EMR::Cluster.ScalingAction": { - "additionalProperties": false, - "properties": { - "Market": { - "markdownDescription": "Not available for instance groups. Instance groups use the market type specified for the group.", - "title": "Market", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SimpleScalingPolicyConfiguration": { - "$ref": "#/definitions/AWS::EMR::Cluster.SimpleScalingPolicyConfiguration", - "markdownDescription": "The type of adjustment the automatic scaling activity makes when triggered, and the periodicity of the adjustment.", - "title": "SimpleScalingPolicyConfiguration" - } - }, - "required": [ - "SimpleScalingPolicyConfiguration" - ], - "type": "object" - }, - "AWS::EMR::Cluster.ScalingConstraints": { - "additionalProperties": false, - "properties": { - "MaxCapacity": { - "markdownDescription": "The upper boundary of Amazon EC2 instances in an instance group beyond which scaling activities are not allowed to grow. Scale-out activities will not add instances beyond this boundary.", - "title": "MaxCapacity", - "type": "number" + "Metadata": { + "type": "object" }, - "MinCapacity": { - "markdownDescription": "The lower boundary of Amazon EC2 instances in an instance group below which scaling activities are not allowed to shrink. Scale-in activities will not terminate instances below this boundary.", - "title": "MinCapacity", - "type": "number" - } - }, - "required": [ - "MaxCapacity", - "MinCapacity" - ], - "type": "object" - }, - "AWS::EMR::Cluster.ScalingRule": { - "additionalProperties": false, - "properties": { - "Action": { - "$ref": "#/definitions/AWS::EMR::Cluster.ScalingAction", - "markdownDescription": "The conditions that trigger an automatic scaling activity.", - "title": "Action" + "Properties": { + "additionalProperties": false, + "properties": { + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the network ACL.", + "title": "Tags", + "type": "array" + }, + "VpcId": { + "markdownDescription": "The ID of the VPC for the network ACL.", + "title": "VpcId", + "type": "string" + } + }, + "required": [ + "VpcId" + ], + "type": "object" }, - "Description": { - "markdownDescription": "A friendly, more verbose description of the automatic scaling rule.", - "title": "Description", + "Type": { + "enum": [ + "AWS::EC2::NetworkAcl" + ], "type": "string" }, - "Name": { - "markdownDescription": "The name used to identify an automatic scaling rule. Rule names must be unique within a scaling policy.", - "title": "Name", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "Trigger": { - "$ref": "#/definitions/AWS::EMR::Cluster.ScalingTrigger", - "markdownDescription": "The CloudWatch alarm definition that determines when automatic scaling activity is triggered.", - "title": "Trigger" } }, "required": [ - "Action", - "Name", - "Trigger" - ], - "type": "object" - }, - "AWS::EMR::Cluster.ScalingTrigger": { - "additionalProperties": false, - "properties": { - "CloudWatchAlarmDefinition": { - "$ref": "#/definitions/AWS::EMR::Cluster.CloudWatchAlarmDefinition", - "markdownDescription": "The definition of a CloudWatch metric alarm. When the defined alarm conditions are met along with other trigger parameters, scaling activity begins.", - "title": "CloudWatchAlarmDefinition" - } - }, - "required": [ - "CloudWatchAlarmDefinition" + "Type", + "Properties" ], "type": "object" }, - "AWS::EMR::Cluster.ScriptBootstrapActionConfig": { + "AWS::EC2::NetworkAclEntry": { "additionalProperties": false, "properties": { - "Args": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of command line arguments to pass to the bootstrap action script.", - "title": "Args", - "type": "array" - }, - "Path": { - "markdownDescription": "Location in Amazon S3 of the script to run during a bootstrap action.", - "title": "Path", + "Condition": { "type": "string" - } - }, - "required": [ - "Path" - ], - "type": "object" - }, - "AWS::EMR::Cluster.SimpleScalingPolicyConfiguration": { - "additionalProperties": false, - "properties": { - "AdjustmentType": { - "markdownDescription": "The way in which Amazon EC2 instances are added (if `ScalingAdjustment` is a positive number) or terminated (if `ScalingAdjustment` is a negative number) each time the scaling activity is triggered. `CHANGE_IN_CAPACITY` is the default. `CHANGE_IN_CAPACITY` indicates that the Amazon EC2 instance count increments or decrements by `ScalingAdjustment` , which should be expressed as an integer. `PERCENT_CHANGE_IN_CAPACITY` indicates the instance count increments or decrements by the percentage specified by `ScalingAdjustment` , which should be expressed as an integer. For example, 20 indicates an increase in 20% increments of cluster capacity. `EXACT_CAPACITY` indicates the scaling activity results in an instance group with the number of Amazon EC2 instances specified by `ScalingAdjustment` , which should be expressed as a positive integer.", - "title": "AdjustmentType", + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "CoolDown": { - "markdownDescription": "The amount of time, in seconds, after a scaling activity completes before any further trigger-related scaling activities can start. The default value is 0.", - "title": "CoolDown", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ScalingAdjustment": { - "markdownDescription": "The amount by which to scale in or scale out, based on the specified `AdjustmentType` . A positive value adds to the instance group's Amazon EC2 instance count while a negative number removes instances. If `AdjustmentType` is set to `EXACT_CAPACITY` , the number should only be a positive integer. If `AdjustmentType` is set to `PERCENT_CHANGE_IN_CAPACITY` , the value should express the percentage as an integer. For example, -20 indicates a decrease in 20% increments of cluster capacity.", - "title": "ScalingAdjustment", - "type": "number" - } - }, - "required": [ - "ScalingAdjustment" - ], - "type": "object" - }, - "AWS::EMR::Cluster.SpotProvisioningSpecification": { - "additionalProperties": false, - "properties": { - "AllocationStrategy": { - "markdownDescription": "Specifies one of the following strategies to launch Spot Instance fleets: `capacity-optimized` , `price-capacity-optimized` , `lowest-price` , or `diversified` , and `capacity-optimized-prioritized` . For more information on the provisioning strategies, see [Allocation strategies for Spot Instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-allocation-strategy.html) in the *Amazon EC2 User Guide for Linux Instances* .\n\n> When you launch a Spot Instance fleet with the old console, it automatically launches with the `capacity-optimized` strategy. You can't change the allocation strategy from the old console.", - "title": "AllocationStrategy", - "type": "string" + "Metadata": { + "type": "object" }, - "BlockDurationMinutes": { - "markdownDescription": "The defined duration for Spot Instances (also known as Spot blocks) in minutes. When specified, the Spot Instance does not terminate before the defined duration expires, and defined duration pricing for Spot Instances applies. Valid values are 60, 120, 180, 240, 300, or 360. The duration period starts as soon as a Spot Instance receives its instance ID. At the end of the duration, Amazon EC2 marks the Spot Instance for termination and provides a Spot Instance termination notice, which gives the instance a two-minute warning before it terminates.\n\n> Spot Instances with a defined duration (also known as Spot blocks) are no longer available to new customers from July 1, 2021. For customers who have previously used the feature, we will continue to support Spot Instances with a defined duration until December 31, 2022.", - "title": "BlockDurationMinutes", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "CidrBlock": { + "markdownDescription": "The IPv4 CIDR range to allow or deny, in CIDR notation (for example, 172.16.0.0/24). You must specify an IPv4 CIDR block or an IPv6 CIDR block.", + "title": "CidrBlock", + "type": "string" + }, + "Egress": { + "markdownDescription": "Whether this rule applies to egress traffic from the subnet ( `true` ) or ingress traffic to the subnet ( `false` ). By default, AWS CloudFormation specifies `false` .", + "title": "Egress", + "type": "boolean" + }, + "Icmp": { + "$ref": "#/definitions/AWS::EC2::NetworkAclEntry.Icmp", + "markdownDescription": "The Internet Control Message Protocol (ICMP) code and type. Required if specifying 1 (ICMP) for the protocol parameter.", + "title": "Icmp" + }, + "Ipv6CidrBlock": { + "markdownDescription": "The IPv6 network range to allow or deny, in CIDR notation. You must specify an IPv4 CIDR block or an IPv6 CIDR block.", + "title": "Ipv6CidrBlock", + "type": "string" + }, + "NetworkAclId": { + "markdownDescription": "The ID of the ACL for the entry.", + "title": "NetworkAclId", + "type": "string" + }, + "PortRange": { + "$ref": "#/definitions/AWS::EC2::NetworkAclEntry.PortRange", + "markdownDescription": "The range of port numbers for the UDP/TCP protocol. Required if specifying 6 (TCP) or 17 (UDP) for the protocol parameter.", + "title": "PortRange" + }, + "Protocol": { + "markdownDescription": "The IP protocol that the rule applies to. You must specify -1 or a protocol number. You can specify -1 for all protocols.\n\n> If you specify -1, all ports are opened and the `PortRange` property is ignored.", + "title": "Protocol", + "type": "number" + }, + "RuleAction": { + "markdownDescription": "Whether to allow or deny traffic that matches the rule; valid values are \"allow\" or \"deny\".", + "title": "RuleAction", + "type": "string" + }, + "RuleNumber": { + "markdownDescription": "Rule number to assign to the entry, such as 100. ACL entries are processed in ascending order by rule number. Entries can't use the same rule number unless one is an egress rule and the other is an ingress rule.", + "title": "RuleNumber", + "type": "number" + } + }, + "required": [ + "NetworkAclId", + "Protocol", + "RuleAction", + "RuleNumber" + ], + "type": "object" }, - "TimeoutAction": { - "markdownDescription": "The action to take when `TargetSpotCapacity` has not been fulfilled when the `TimeoutDurationMinutes` has expired; that is, when all Spot Instances could not be provisioned within the Spot provisioning timeout. Valid values are `TERMINATE_CLUSTER` and `SWITCH_TO_ON_DEMAND` . SWITCH_TO_ON_DEMAND specifies that if no Spot Instances are available, On-Demand Instances should be provisioned to fulfill any remaining Spot capacity.", - "title": "TimeoutAction", + "Type": { + "enum": [ + "AWS::EC2::NetworkAclEntry" + ], "type": "string" }, - "TimeoutDurationMinutes": { - "markdownDescription": "The Spot provisioning timeout period in minutes. If Spot Instances are not provisioned within this time period, the `TimeOutAction` is taken. Minimum value is 5 and maximum value is 1440. The timeout applies only during initial provisioning, when the cluster is first created.", - "title": "TimeoutDurationMinutes", - "type": "number" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "TimeoutAction", - "TimeoutDurationMinutes" + "Type", + "Properties" ], "type": "object" }, - "AWS::EMR::Cluster.StepConfig": { + "AWS::EC2::NetworkAclEntry.Icmp": { "additionalProperties": false, "properties": { - "ActionOnFailure": { - "markdownDescription": "The action to take when the cluster step fails. Possible values are `CANCEL_AND_WAIT` and `CONTINUE` .", - "title": "ActionOnFailure", - "type": "string" - }, - "HadoopJarStep": { - "$ref": "#/definitions/AWS::EMR::Cluster.HadoopJarStepConfig", - "markdownDescription": "The JAR file used for the step.", - "title": "HadoopJarStep" + "Code": { + "markdownDescription": "The Internet Control Message Protocol (ICMP) code. You can use -1 to specify all ICMP codes for the given ICMP type. Required if you specify 1 (ICMP) for the protocol parameter.", + "title": "Code", + "type": "number" }, - "Name": { - "markdownDescription": "The name of the step.", - "title": "Name", - "type": "string" + "Type": { + "markdownDescription": "The Internet Control Message Protocol (ICMP) type. You can use -1 to specify all ICMP types. Conditional requirement: Required if you specify 1 (ICMP) for the `CreateNetworkAclEntry` protocol parameter.", + "title": "Type", + "type": "number" } }, - "required": [ - "HadoopJarStep", - "Name" - ], "type": "object" }, - "AWS::EMR::Cluster.VolumeSpecification": { + "AWS::EC2::NetworkAclEntry.PortRange": { "additionalProperties": false, "properties": { - "Iops": { - "markdownDescription": "The number of I/O operations per second (IOPS) that the volume supports.", - "title": "Iops", - "type": "number" - }, - "SizeInGB": { - "markdownDescription": "The volume size, in gibibytes (GiB). This can be a number from 1 - 1024. If the volume type is EBS-optimized, the minimum value is 10.", - "title": "SizeInGB", + "From": { + "markdownDescription": "The first port in the range. Required if you specify 6 (TCP) or 17 (UDP) for the protocol parameter.", + "title": "From", "type": "number" }, - "Throughput": { - "markdownDescription": "The throughput, in mebibyte per second (MiB/s). This optional parameter can be a number from 125 - 1000 and is valid only for gp3 volumes.", - "title": "Throughput", + "To": { + "markdownDescription": "The last port in the range. Required if you specify 6 (TCP) or 17 (UDP) for the protocol parameter.", + "title": "To", "type": "number" - }, - "VolumeType": { - "markdownDescription": "The volume type. Volume types supported are gp3, gp2, io1, st1, sc1, and standard.", - "title": "VolumeType", - "type": "string" } }, - "required": [ - "SizeInGB", - "VolumeType" - ], "type": "object" }, - "AWS::EMR::InstanceFleetConfig": { + "AWS::EC2::NetworkInsightsAccessScope": { "additionalProperties": false, "properties": { "Condition": { @@ -88424,54 +94297,36 @@ "Properties": { "additionalProperties": false, "properties": { - "ClusterId": { - "markdownDescription": "The unique identifier of the EMR cluster.", - "title": "ClusterId", - "type": "string" - }, - "InstanceFleetType": { - "markdownDescription": "The node type that the instance fleet hosts.\n\n*Allowed Values* : TASK", - "title": "InstanceFleetType", - "type": "string" - }, - "InstanceTypeConfigs": { + "ExcludePaths": { "items": { - "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.InstanceTypeConfig" + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.AccessScopePathRequest" }, - "markdownDescription": "`InstanceTypeConfigs` determine the EC2 instances that Amazon EMR attempts to provision to fulfill On-Demand and Spot target capacities.\n\n> The instance fleet configuration is available only in Amazon EMR versions 4.8.0 and later, excluding 5.0.x versions.", - "title": "InstanceTypeConfigs", + "markdownDescription": "The paths to exclude.", + "title": "ExcludePaths", "type": "array" }, - "LaunchSpecifications": { - "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.InstanceFleetProvisioningSpecifications", - "markdownDescription": "The launch specification for the instance fleet.", - "title": "LaunchSpecifications" - }, - "Name": { - "markdownDescription": "The friendly name of the instance fleet.", - "title": "Name", - "type": "string" - }, - "TargetOnDemandCapacity": { - "markdownDescription": "The target capacity of On-Demand units for the instance fleet, which determines how many On-Demand instances to provision. When the instance fleet launches, Amazon EMR tries to provision On-Demand instances as specified by `InstanceTypeConfig` . Each instance configuration has a specified `WeightedCapacity` . When an On-Demand instance is provisioned, the `WeightedCapacity` units count toward the target capacity. Amazon EMR provisions instances until the target capacity is totally fulfilled, even if this results in an overage. For example, if there are 2 units remaining to fulfill capacity, and Amazon EMR can only provision an instance with a `WeightedCapacity` of 5 units, the instance is provisioned, and the target capacity is exceeded by 3 units.\n\n> If not specified or set to 0, only Spot instances are provisioned for the instance fleet using `TargetSpotCapacity` . At least one of `TargetSpotCapacity` and `TargetOnDemandCapacity` should be greater than 0. For a master instance fleet, only one of `TargetSpotCapacity` and `TargetOnDemandCapacity` can be specified, and its value must be 1.", - "title": "TargetOnDemandCapacity", - "type": "number" + "MatchPaths": { + "items": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.AccessScopePathRequest" + }, + "markdownDescription": "The paths to match.", + "title": "MatchPaths", + "type": "array" }, - "TargetSpotCapacity": { - "markdownDescription": "The target capacity of Spot units for the instance fleet, which determines how many Spot instances to provision. When the instance fleet launches, Amazon EMR tries to provision Spot instances as specified by `InstanceTypeConfig` . Each instance configuration has a specified `WeightedCapacity` . When a Spot instance is provisioned, the `WeightedCapacity` units count toward the target capacity. Amazon EMR provisions instances until the target capacity is totally fulfilled, even if this results in an overage. For example, if there are 2 units remaining to fulfill capacity, and Amazon EMR can only provision an instance with a `WeightedCapacity` of 5 units, the instance is provisioned, and the target capacity is exceeded by 3 units.\n\n> If not specified or set to 0, only On-Demand instances are provisioned for the instance fleet. At least one of `TargetSpotCapacity` and `TargetOnDemandCapacity` should be greater than 0. For a master instance fleet, only one of `TargetSpotCapacity` and `TargetOnDemandCapacity` can be specified, and its value must be 1.", - "title": "TargetSpotCapacity", - "type": "number" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags.", + "title": "Tags", + "type": "array" } }, - "required": [ - "ClusterId", - "InstanceFleetType" - ], "type": "object" }, "Type": { "enum": [ - "AWS::EMR::InstanceFleetConfig" + "AWS::EC2::NetworkInsightsAccessScope" ], "type": "string" }, @@ -88485,217 +94340,221 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::EMR::InstanceFleetConfig.Configuration": { + "AWS::EC2::NetworkInsightsAccessScope.AccessScopePathRequest": { "additionalProperties": false, "properties": { - "Classification": { - "markdownDescription": "The classification within a configuration.", - "title": "Classification", - "type": "string" + "Destination": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.PathStatementRequest", + "markdownDescription": "The destination.", + "title": "Destination" }, - "ConfigurationProperties": { - "additionalProperties": true, - "markdownDescription": "Within a configuration classification, a set of properties that represent the settings that you want to change in the configuration file. Duplicates not allowed.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "ConfigurationProperties", - "type": "object" + "Source": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.PathStatementRequest", + "markdownDescription": "The source.", + "title": "Source" }, - "Configurations": { + "ThroughResources": { "items": { - "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.Configuration" + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.ThroughResourcesStatementRequest" }, - "markdownDescription": "A list of additional configurations to apply within a configuration object.", - "title": "Configurations", + "markdownDescription": "The through resources.", + "title": "ThroughResources", "type": "array" } }, "type": "object" }, - "AWS::EMR::InstanceFleetConfig.EbsBlockDeviceConfig": { + "AWS::EC2::NetworkInsightsAccessScope.PacketHeaderStatementRequest": { "additionalProperties": false, "properties": { - "VolumeSpecification": { - "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.VolumeSpecification", - "markdownDescription": "EBS volume specifications such as volume type, IOPS, size (GiB) and throughput (MiB/s) that are requested for the EBS volume attached to an Amazon EC2 instance in the cluster.", - "title": "VolumeSpecification" + "DestinationAddresses": { + "items": { + "type": "string" + }, + "markdownDescription": "The destination addresses.", + "title": "DestinationAddresses", + "type": "array" }, - "VolumesPerInstance": { - "markdownDescription": "Number of EBS volumes with a specific volume configuration that are associated with every instance in the instance group", - "title": "VolumesPerInstance", - "type": "number" - } - }, - "required": [ - "VolumeSpecification" - ], - "type": "object" - }, - "AWS::EMR::InstanceFleetConfig.EbsConfiguration": { - "additionalProperties": false, - "properties": { - "EbsBlockDeviceConfigs": { + "DestinationPorts": { "items": { - "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.EbsBlockDeviceConfig" + "type": "string" }, - "markdownDescription": "An array of Amazon EBS volume specifications attached to a cluster instance.", - "title": "EbsBlockDeviceConfigs", + "markdownDescription": "The destination ports.", + "title": "DestinationPorts", "type": "array" }, - "EbsOptimized": { - "markdownDescription": "Indicates whether an Amazon EBS volume is EBS-optimized. The default is false. You should explicitly set this value to true to enable the Amazon EBS-optimized setting for an EC2 instance.", - "title": "EbsOptimized", - "type": "boolean" + "DestinationPrefixLists": { + "items": { + "type": "string" + }, + "markdownDescription": "The destination prefix lists.", + "title": "DestinationPrefixLists", + "type": "array" + }, + "Protocols": { + "items": { + "type": "string" + }, + "markdownDescription": "The protocols.", + "title": "Protocols", + "type": "array" + }, + "SourceAddresses": { + "items": { + "type": "string" + }, + "markdownDescription": "The source addresses.", + "title": "SourceAddresses", + "type": "array" + }, + "SourcePorts": { + "items": { + "type": "string" + }, + "markdownDescription": "The source ports.", + "title": "SourcePorts", + "type": "array" + }, + "SourcePrefixLists": { + "items": { + "type": "string" + }, + "markdownDescription": "The source prefix lists.", + "title": "SourcePrefixLists", + "type": "array" } }, "type": "object" }, - "AWS::EMR::InstanceFleetConfig.InstanceFleetProvisioningSpecifications": { + "AWS::EC2::NetworkInsightsAccessScope.PathStatementRequest": { "additionalProperties": false, "properties": { - "OnDemandSpecification": { - "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.OnDemandProvisioningSpecification", - "markdownDescription": "The launch specification for On-Demand Instances in the instance fleet, which determines the allocation strategy and capacity reservation options.\n\n> The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and later, excluding 5.0.x versions. On-Demand Instances allocation strategy is available in Amazon EMR releases 5.12.1 and later.", - "title": "OnDemandSpecification" + "PacketHeaderStatement": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.PacketHeaderStatementRequest", + "markdownDescription": "The packet header statement.", + "title": "PacketHeaderStatement" }, - "SpotSpecification": { - "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.SpotProvisioningSpecification", - "markdownDescription": "The launch specification for Spot instances in the fleet, which determines the allocation strategy, defined duration, and provisioning timeout behavior.", - "title": "SpotSpecification" + "ResourceStatement": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.ResourceStatementRequest", + "markdownDescription": "The resource statement.", + "title": "ResourceStatement" } }, "type": "object" }, - "AWS::EMR::InstanceFleetConfig.InstanceTypeConfig": { + "AWS::EC2::NetworkInsightsAccessScope.ResourceStatementRequest": { "additionalProperties": false, "properties": { - "BidPrice": { - "markdownDescription": "The bid price for each Amazon EC2 Spot Instance type as defined by `InstanceType` . Expressed in USD. If neither `BidPrice` nor `BidPriceAsPercentageOfOnDemandPrice` is provided, `BidPriceAsPercentageOfOnDemandPrice` defaults to 100%.", - "title": "BidPrice", - "type": "string" - }, - "BidPriceAsPercentageOfOnDemandPrice": { - "markdownDescription": "The bid price, as a percentage of On-Demand price, for each Amazon EC2 Spot Instance as defined by `InstanceType` . Expressed as a number (for example, 20 specifies 20%). If neither `BidPrice` nor `BidPriceAsPercentageOfOnDemandPrice` is provided, `BidPriceAsPercentageOfOnDemandPrice` defaults to 100%.", - "title": "BidPriceAsPercentageOfOnDemandPrice", - "type": "number" - }, - "Configurations": { + "ResourceTypes": { "items": { - "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.Configuration" + "type": "string" }, - "markdownDescription": "> Amazon EMR releases 4.x or later. \n\nAn optional configuration specification to be used when provisioning cluster instances, which can include configurations for applications and software bundled with Amazon EMR. A configuration consists of a classification, properties, and optional nested configurations. A classification refers to an application-specific configuration file. Properties are the settings you want to change in that file. For more information, see [Configuring Applications](https://docs.aws.amazon.com/emr/latest/ReleaseGuide/emr-configure-apps.html) .", - "title": "Configurations", + "markdownDescription": "The resource types.", + "title": "ResourceTypes", "type": "array" }, - "CustomAmiId": { - "markdownDescription": "The custom AMI ID to use for the instance type.", - "title": "CustomAmiId", - "type": "string" - }, - "EbsConfiguration": { - "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.EbsConfiguration", - "markdownDescription": "The configuration of Amazon Elastic Block Store (Amazon EBS) attached to each instance as defined by `InstanceType` .", - "title": "EbsConfiguration" - }, - "InstanceType": { - "markdownDescription": "An Amazon EC2 instance type, such as `m3.xlarge` .", - "title": "InstanceType", - "type": "string" - }, - "WeightedCapacity": { - "markdownDescription": "The number of units that a provisioned instance of this type provides toward fulfilling the target capacities defined in `InstanceFleetConfig` . This value is 1 for a master instance fleet, and must be 1 or greater for core and task instance fleets. Defaults to 1 if not specified.", - "title": "WeightedCapacity", - "type": "number" + "Resources": { + "items": { + "type": "string" + }, + "markdownDescription": "The resources.", + "title": "Resources", + "type": "array" } }, - "required": [ - "InstanceType" - ], "type": "object" }, - "AWS::EMR::InstanceFleetConfig.OnDemandProvisioningSpecification": { + "AWS::EC2::NetworkInsightsAccessScope.ThroughResourcesStatementRequest": { "additionalProperties": false, "properties": { - "AllocationStrategy": { - "markdownDescription": "Specifies the strategy to use in launching On-Demand instance fleets. Available options are `lowest-price` and `prioritized` . `lowest-price` specifies to launch the instances with the lowest price first, and `prioritized` specifies that Amazon EMR should launch the instances with the highest priority first. The default is `lowest-price` .", - "title": "AllocationStrategy", - "type": "string" + "ResourceStatement": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.ResourceStatementRequest", + "markdownDescription": "The resource statement.", + "title": "ResourceStatement" } }, - "required": [ - "AllocationStrategy" - ], "type": "object" }, - "AWS::EMR::InstanceFleetConfig.SpotProvisioningSpecification": { + "AWS::EC2::NetworkInsightsAccessScopeAnalysis": { "additionalProperties": false, "properties": { - "AllocationStrategy": { - "markdownDescription": "Specifies one of the following strategies to launch Spot Instance fleets: `capacity-optimized` , `price-capacity-optimized` , `lowest-price` , or `diversified` , and `capacity-optimized-prioritized` . For more information on the provisioning strategies, see [Allocation strategies for Spot Instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-allocation-strategy.html) in the *Amazon EC2 User Guide for Linux Instances* .\n\n> When you launch a Spot Instance fleet with the old console, it automatically launches with the `capacity-optimized` strategy. You can't change the allocation strategy from the old console.", - "title": "AllocationStrategy", + "Condition": { "type": "string" }, - "BlockDurationMinutes": { - "markdownDescription": "The defined duration for Spot Instances (also known as Spot blocks) in minutes. When specified, the Spot Instance does not terminate before the defined duration expires, and defined duration pricing for Spot Instances applies. Valid values are 60, 120, 180, 240, 300, or 360. The duration period starts as soon as a Spot Instance receives its instance ID. At the end of the duration, Amazon EC2 marks the Spot Instance for termination and provides a Spot Instance termination notice, which gives the instance a two-minute warning before it terminates.\n\n> Spot Instances with a defined duration (also known as Spot blocks) are no longer available to new customers from July 1, 2021. For customers who have previously used the feature, we will continue to support Spot Instances with a defined duration until December 31, 2022.", - "title": "BlockDurationMinutes", - "type": "number" - }, - "TimeoutAction": { - "markdownDescription": "The action to take when `TargetSpotCapacity` has not been fulfilled when the `TimeoutDurationMinutes` has expired; that is, when all Spot Instances could not be provisioned within the Spot provisioning timeout. Valid values are `TERMINATE_CLUSTER` and `SWITCH_TO_ON_DEMAND` . SWITCH_TO_ON_DEMAND specifies that if no Spot Instances are available, On-Demand Instances should be provisioned to fulfill any remaining Spot capacity.", - "title": "TimeoutAction", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "TimeoutDurationMinutes": { - "markdownDescription": "The Spot provisioning timeout period in minutes. If Spot Instances are not provisioned within this time period, the `TimeOutAction` is taken. Minimum value is 5 and maximum value is 1440. The timeout applies only during initial provisioning, when the cluster is first created.", - "title": "TimeoutDurationMinutes", - "type": "number" - } - }, - "required": [ - "TimeoutAction", - "TimeoutDurationMinutes" - ], - "type": "object" - }, - "AWS::EMR::InstanceFleetConfig.VolumeSpecification": { - "additionalProperties": false, - "properties": { - "Iops": { - "markdownDescription": "The number of I/O operations per second (IOPS) that the volume supports.", - "title": "Iops", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SizeInGB": { - "markdownDescription": "The volume size, in gibibytes (GiB). This can be a number from 1 - 1024. If the volume type is EBS-optimized, the minimum value is 10.", - "title": "SizeInGB", - "type": "number" + "Metadata": { + "type": "object" }, - "Throughput": { - "markdownDescription": "The throughput, in mebibyte per second (MiB/s). This optional parameter can be a number from 125 - 1000 and is valid only for gp3 volumes.", - "title": "Throughput", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "NetworkInsightsAccessScopeId": { + "markdownDescription": "The ID of the Network Access Scope.", + "title": "NetworkInsightsAccessScopeId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "NetworkInsightsAccessScopeId" + ], + "type": "object" }, - "VolumeType": { - "markdownDescription": "The volume type. Volume types supported are gp3, gp2, io1, st1, sc1, and standard.", - "title": "VolumeType", + "Type": { + "enum": [ + "AWS::EC2::NetworkInsightsAccessScopeAnalysis" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "SizeInGB", - "VolumeType" + "Type", + "Properties" ], "type": "object" }, - "AWS::EMR::InstanceGroupConfig": { + "AWS::EC2::NetworkInsightsAnalysis": { "additionalProperties": false, "properties": { "Condition": { @@ -88730,76 +94589,52 @@ "Properties": { "additionalProperties": false, "properties": { - "AutoScalingPolicy": { - "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.AutoScalingPolicy", - "markdownDescription": "`AutoScalingPolicy` is a subproperty of `InstanceGroupConfig` . `AutoScalingPolicy` defines how an instance group dynamically adds and terminates EC2 instances in response to the value of a CloudWatch metric. For more information, see [Using Automatic Scaling in Amazon EMR](https://docs.aws.amazon.com//emr/latest/ManagementGuide/emr-automatic-scaling.html) in the *Amazon EMR Management Guide* .", - "title": "AutoScalingPolicy" - }, - "BidPrice": { - "markdownDescription": "If specified, indicates that the instance group uses Spot Instances. This is the maximum price you are willing to pay for Spot Instances. Specify `OnDemandPrice` to set the amount equal to the On-Demand price, or specify an amount in USD.", - "title": "BidPrice", - "type": "string" - }, - "Configurations": { + "AdditionalAccounts": { "items": { - "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.Configuration" + "type": "string" }, - "markdownDescription": "> Amazon EMR releases 4.x or later. \n\nThe list of configurations supplied for an Amazon EMR cluster instance group. You can specify a separate configuration for each instance group (master, core, and task).", - "title": "Configurations", + "markdownDescription": "The member accounts that contain resources that the path can traverse.", + "title": "AdditionalAccounts", "type": "array" }, - "CustomAmiId": { - "markdownDescription": "The custom AMI ID to use for the provisioned instance group.", - "title": "CustomAmiId", - "type": "string" - }, - "EbsConfiguration": { - "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.EbsConfiguration", - "markdownDescription": "`EbsConfiguration` determines the EBS volumes to attach to EMR cluster instances.", - "title": "EbsConfiguration" - }, - "InstanceCount": { - "markdownDescription": "Target number of instances for the instance group.", - "title": "InstanceCount", - "type": "number" - }, - "InstanceRole": { - "markdownDescription": "The role of the instance group in the cluster.\n\n*Allowed Values* : TASK", - "title": "InstanceRole", - "type": "string" - }, - "InstanceType": { - "markdownDescription": "The Amazon EC2 instance type for all instances in the instance group.", - "title": "InstanceType", - "type": "string" + "FilterInArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Names (ARN) of the resources that the path must traverse.", + "title": "FilterInArns", + "type": "array" }, - "JobFlowId": { - "markdownDescription": "The ID of an Amazon EMR cluster that you want to associate this instance group with.", - "title": "JobFlowId", - "type": "string" + "FilterOutArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Names (ARN) of the resources that the path must ignore.", + "title": "FilterOutArns", + "type": "array" }, - "Market": { - "markdownDescription": "Market type of the Amazon EC2 instances used to create a cluster node.", - "title": "Market", + "NetworkInsightsPathId": { + "markdownDescription": "The ID of the path.", + "title": "NetworkInsightsPathId", "type": "string" }, - "Name": { - "markdownDescription": "Friendly name given to the instance group.", - "title": "Name", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to apply.", + "title": "Tags", + "type": "array" } }, "required": [ - "InstanceCount", - "InstanceRole", - "InstanceType", - "JobFlowId" + "NetworkInsightsPathId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EMR::InstanceGroupConfig" + "AWS::EC2::NetworkInsightsAnalysis" ], "type": "string" }, @@ -88818,316 +94653,722 @@ ], "type": "object" }, - "AWS::EMR::InstanceGroupConfig.AutoScalingPolicy": { + "AWS::EC2::NetworkInsightsAnalysis.AdditionalDetail": { "additionalProperties": false, "properties": { - "Constraints": { - "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.ScalingConstraints", - "markdownDescription": "The upper and lower Amazon EC2 instance limits for an automatic scaling policy. Automatic scaling activity will not cause an instance group to grow above or below these limits.", - "title": "Constraints" + "AdditionalDetailType": { + "markdownDescription": "The additional detail code.", + "title": "AdditionalDetailType", + "type": "string" }, - "Rules": { + "Component": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The path component.", + "title": "Component" + }, + "LoadBalancers": { "items": { - "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.ScalingRule" + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent" }, - "markdownDescription": "The scale-in and scale-out rules that comprise the automatic scaling policy.", - "title": "Rules", + "markdownDescription": "The load balancers.", + "title": "LoadBalancers", "type": "array" + }, + "ServiceName": { + "markdownDescription": "The name of the VPC endpoint service.", + "title": "ServiceName", + "type": "string" } }, - "required": [ - "Constraints", - "Rules" - ], "type": "object" }, - "AWS::EMR::InstanceGroupConfig.CloudWatchAlarmDefinition": { + "AWS::EC2::NetworkInsightsAnalysis.AlternatePathHint": { "additionalProperties": false, "properties": { - "ComparisonOperator": { - "markdownDescription": "Determines how the metric specified by `MetricName` is compared to the value specified by `Threshold` .", - "title": "ComparisonOperator", + "ComponentArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the component.", + "title": "ComponentArn", "type": "string" }, - "Dimensions": { - "items": { - "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.MetricDimension" - }, - "markdownDescription": "A CloudWatch metric dimension.", - "title": "Dimensions", - "type": "array" + "ComponentId": { + "markdownDescription": "The ID of the component.", + "title": "ComponentId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::NetworkInsightsAnalysis.AnalysisAclRule": { + "additionalProperties": false, + "properties": { + "Cidr": { + "markdownDescription": "The IPv4 address range, in CIDR notation.", + "title": "Cidr", + "type": "string" }, - "EvaluationPeriods": { - "markdownDescription": "The number of periods, in five-minute increments, during which the alarm condition must exist before the alarm triggers automatic scaling activity. The default value is `1` .", - "title": "EvaluationPeriods", - "type": "number" + "Egress": { + "markdownDescription": "Indicates whether the rule is an outbound rule.", + "title": "Egress", + "type": "boolean" }, - "MetricName": { - "markdownDescription": "The name of the CloudWatch metric that is watched to determine an alarm condition.", - "title": "MetricName", - "type": "string" + "PortRange": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.PortRange", + "markdownDescription": "The range of ports.", + "title": "PortRange" }, - "Namespace": { - "markdownDescription": "The namespace for the CloudWatch metric. The default is `AWS/ElasticMapReduce` .", - "title": "Namespace", + "Protocol": { + "markdownDescription": "The protocol.", + "title": "Protocol", "type": "string" }, - "Period": { - "markdownDescription": "The period, in seconds, over which the statistic is applied. CloudWatch metrics for Amazon EMR are emitted every five minutes (300 seconds), so if you specify a CloudWatch metric, specify `300` .", - "title": "Period", - "type": "number" - }, - "Statistic": { - "markdownDescription": "The statistic to apply to the metric associated with the alarm. The default is `AVERAGE` .", - "title": "Statistic", + "RuleAction": { + "markdownDescription": "Indicates whether to allow or deny traffic that matches the rule.", + "title": "RuleAction", "type": "string" }, - "Threshold": { - "markdownDescription": "The value against which the specified statistic is compared.", - "title": "Threshold", + "RuleNumber": { + "markdownDescription": "The rule number.", + "title": "RuleNumber", "type": "number" - }, - "Unit": { - "markdownDescription": "The unit of measure associated with the CloudWatch metric being watched. The value specified for `Unit` must correspond to the units specified in the CloudWatch metric.", - "title": "Unit", - "type": "string" } }, - "required": [ - "ComparisonOperator", - "MetricName", - "Period", - "Threshold" - ], "type": "object" }, - "AWS::EMR::InstanceGroupConfig.Configuration": { + "AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent": { "additionalProperties": false, "properties": { - "Classification": { - "markdownDescription": "The classification within a configuration.", - "title": "Classification", + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the component.", + "title": "Arn", "type": "string" }, - "ConfigurationProperties": { - "additionalProperties": true, - "markdownDescription": "Within a configuration classification, a set of properties that represent the settings that you want to change in the configuration file. Duplicates not allowed.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "ConfigurationProperties", - "type": "object" - }, - "Configurations": { - "items": { - "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.Configuration" - }, - "markdownDescription": "A list of additional configurations to apply within a configuration object.", - "title": "Configurations", - "type": "array" + "Id": { + "markdownDescription": "The ID of the component.", + "title": "Id", + "type": "string" } }, "type": "object" }, - "AWS::EMR::InstanceGroupConfig.EbsBlockDeviceConfig": { + "AWS::EC2::NetworkInsightsAnalysis.AnalysisLoadBalancerListener": { "additionalProperties": false, "properties": { - "VolumeSpecification": { - "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.VolumeSpecification", - "markdownDescription": "EBS volume specifications such as volume type, IOPS, size (GiB) and throughput (MiB/s) that are requested for the EBS volume attached to an Amazon EC2 instance in the cluster.", - "title": "VolumeSpecification" + "InstancePort": { + "markdownDescription": "[Classic Load Balancers] The back-end port for the listener.", + "title": "InstancePort", + "type": "number" }, - "VolumesPerInstance": { - "markdownDescription": "Number of EBS volumes with a specific volume configuration that are associated with every instance in the instance group", - "title": "VolumesPerInstance", + "LoadBalancerPort": { + "markdownDescription": "The port on which the load balancer is listening.", + "title": "LoadBalancerPort", "type": "number" } }, - "required": [ - "VolumeSpecification" - ], "type": "object" }, - "AWS::EMR::InstanceGroupConfig.EbsConfiguration": { + "AWS::EC2::NetworkInsightsAnalysis.AnalysisLoadBalancerTarget": { "additionalProperties": false, "properties": { - "EbsBlockDeviceConfigs": { - "items": { - "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.EbsBlockDeviceConfig" - }, - "markdownDescription": "An array of Amazon EBS volume specifications attached to a cluster instance.", - "title": "EbsBlockDeviceConfigs", - "type": "array" + "Address": { + "markdownDescription": "The IP address.", + "title": "Address", + "type": "string" }, - "EbsOptimized": { - "markdownDescription": "Indicates whether an Amazon EBS volume is EBS-optimized. The default is false. You should explicitly set this value to true to enable the Amazon EBS-optimized setting for an EC2 instance.", - "title": "EbsOptimized", - "type": "boolean" + "AvailabilityZone": { + "markdownDescription": "The Availability Zone.", + "title": "AvailabilityZone", + "type": "string" + }, + "Instance": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "Information about the instance.", + "title": "Instance" + }, + "Port": { + "markdownDescription": "The port on which the target is listening.", + "title": "Port", + "type": "number" } }, "type": "object" }, - "AWS::EMR::InstanceGroupConfig.MetricDimension": { + "AWS::EC2::NetworkInsightsAnalysis.AnalysisPacketHeader": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The dimension name.", - "title": "Key", - "type": "string" + "DestinationAddresses": { + "items": { + "type": "string" + }, + "markdownDescription": "The destination addresses.", + "title": "DestinationAddresses", + "type": "array" }, - "Value": { - "markdownDescription": "The dimension value.", - "title": "Value", + "DestinationPortRanges": { + "items": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.PortRange" + }, + "markdownDescription": "The destination port ranges.", + "title": "DestinationPortRanges", + "type": "array" + }, + "Protocol": { + "markdownDescription": "The protocol.", + "title": "Protocol", "type": "string" + }, + "SourceAddresses": { + "items": { + "type": "string" + }, + "markdownDescription": "The source addresses.", + "title": "SourceAddresses", + "type": "array" + }, + "SourcePortRanges": { + "items": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.PortRange" + }, + "markdownDescription": "The source port ranges.", + "title": "SourcePortRanges", + "type": "array" } }, - "required": [ - "Key", - "Value" - ], "type": "object" }, - "AWS::EMR::InstanceGroupConfig.ScalingAction": { + "AWS::EC2::NetworkInsightsAnalysis.AnalysisRouteTableRoute": { "additionalProperties": false, "properties": { - "Market": { - "markdownDescription": "Not available for instance groups. Instance groups use the market type specified for the group.", - "title": "Market", + "NatGatewayId": { + "markdownDescription": "The ID of a NAT gateway.", + "title": "NatGatewayId", "type": "string" }, - "SimpleScalingPolicyConfiguration": { - "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.SimpleScalingPolicyConfiguration", - "markdownDescription": "The type of adjustment the automatic scaling activity makes when triggered, and the periodicity of the adjustment.", - "title": "SimpleScalingPolicyConfiguration" + "NetworkInterfaceId": { + "markdownDescription": "The ID of a network interface.", + "title": "NetworkInterfaceId", + "type": "string" + }, + "Origin": { + "markdownDescription": "Describes how the route was created. The following are the possible values:\n\n- CreateRouteTable - The route was automatically created when the route table was created.\n- CreateRoute - The route was manually added to the route table.\n- EnableVgwRoutePropagation - The route was propagated by route propagation.", + "title": "Origin", + "type": "string" + }, + "State": { + "markdownDescription": "The state. The following are the possible values:\n\n- active\n- blackhole", + "title": "State", + "type": "string" + }, + "TransitGatewayId": { + "markdownDescription": "The ID of a transit gateway.", + "title": "TransitGatewayId", + "type": "string" + }, + "VpcPeeringConnectionId": { + "markdownDescription": "The ID of a VPC peering connection.", + "title": "VpcPeeringConnectionId", + "type": "string" + }, + "destinationCidr": { + "markdownDescription": "The destination IPv4 address, in CIDR notation.", + "title": "destinationCidr", + "type": "string" + }, + "destinationPrefixListId": { + "markdownDescription": "The prefix of the AWS service.", + "title": "destinationPrefixListId", + "type": "string" + }, + "egressOnlyInternetGatewayId": { + "markdownDescription": "The ID of an egress-only internet gateway.", + "title": "egressOnlyInternetGatewayId", + "type": "string" + }, + "gatewayId": { + "markdownDescription": "The ID of the gateway, such as an internet gateway or virtual private gateway.", + "title": "gatewayId", + "type": "string" + }, + "instanceId": { + "markdownDescription": "The ID of the instance, such as a NAT instance.", + "title": "instanceId", + "type": "string" } }, - "required": [ - "SimpleScalingPolicyConfiguration" - ], "type": "object" }, - "AWS::EMR::InstanceGroupConfig.ScalingConstraints": { + "AWS::EC2::NetworkInsightsAnalysis.AnalysisSecurityGroupRule": { "additionalProperties": false, "properties": { - "MaxCapacity": { - "markdownDescription": "The upper boundary of Amazon EC2 instances in an instance group beyond which scaling activities are not allowed to grow. Scale-out activities will not add instances beyond this boundary.", - "title": "MaxCapacity", - "type": "number" + "Cidr": { + "markdownDescription": "The IPv4 address range, in CIDR notation.", + "title": "Cidr", + "type": "string" }, - "MinCapacity": { - "markdownDescription": "The lower boundary of Amazon EC2 instances in an instance group below which scaling activities are not allowed to shrink. Scale-in activities will not terminate instances below this boundary.", - "title": "MinCapacity", - "type": "number" + "Direction": { + "markdownDescription": "The direction. The following are the possible values:\n\n- egress\n- ingress", + "title": "Direction", + "type": "string" + }, + "PortRange": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.PortRange", + "markdownDescription": "The port range.", + "title": "PortRange" + }, + "PrefixListId": { + "markdownDescription": "The prefix list ID.", + "title": "PrefixListId", + "type": "string" + }, + "Protocol": { + "markdownDescription": "The protocol name.", + "title": "Protocol", + "type": "string" + }, + "SecurityGroupId": { + "markdownDescription": "The security group ID.", + "title": "SecurityGroupId", + "type": "string" } }, - "required": [ - "MaxCapacity", - "MinCapacity" - ], "type": "object" }, - "AWS::EMR::InstanceGroupConfig.ScalingRule": { + "AWS::EC2::NetworkInsightsAnalysis.Explanation": { "additionalProperties": false, "properties": { - "Action": { - "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.ScalingAction", - "markdownDescription": "The conditions that trigger an automatic scaling activity.", - "title": "Action" + "Acl": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The network ACL.", + "title": "Acl" }, - "Description": { - "markdownDescription": "A friendly, more verbose description of the automatic scaling rule.", - "title": "Description", + "AclRule": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisAclRule", + "markdownDescription": "The network ACL rule.", + "title": "AclRule" + }, + "Address": { + "markdownDescription": "The IPv4 address, in CIDR notation.", + "title": "Address", "type": "string" }, - "Name": { - "markdownDescription": "The name used to identify an automatic scaling rule. Rule names must be unique within a scaling policy.", - "title": "Name", + "Addresses": { + "items": { + "type": "string" + }, + "markdownDescription": "The IPv4 addresses, in CIDR notation.", + "title": "Addresses", + "type": "array" + }, + "AttachedTo": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The resource to which the component is attached.", + "title": "AttachedTo" + }, + "AvailabilityZones": { + "items": { + "type": "string" + }, + "markdownDescription": "The Availability Zones.", + "title": "AvailabilityZones", + "type": "array" + }, + "Cidrs": { + "items": { + "type": "string" + }, + "markdownDescription": "The CIDR ranges.", + "title": "Cidrs", + "type": "array" + }, + "ClassicLoadBalancerListener": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisLoadBalancerListener", + "markdownDescription": "The listener for a Classic Load Balancer.", + "title": "ClassicLoadBalancerListener" + }, + "Component": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The component.", + "title": "Component" + }, + "ComponentAccount": { + "markdownDescription": "The AWS account for the component.", + "title": "ComponentAccount", "type": "string" }, - "Trigger": { - "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.ScalingTrigger", - "markdownDescription": "The CloudWatch alarm definition that determines when automatic scaling activity is triggered.", - "title": "Trigger" + "ComponentRegion": { + "markdownDescription": "The Region for the component.", + "title": "ComponentRegion", + "type": "string" + }, + "CustomerGateway": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The customer gateway.", + "title": "CustomerGateway" + }, + "Destination": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The destination.", + "title": "Destination" + }, + "DestinationVpc": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The destination VPC.", + "title": "DestinationVpc" + }, + "Direction": { + "markdownDescription": "The direction. The following are the possible values:\n\n- egress\n- ingress", + "title": "Direction", + "type": "string" + }, + "ElasticLoadBalancerListener": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The load balancer listener.", + "title": "ElasticLoadBalancerListener" + }, + "ExplanationCode": { + "markdownDescription": "The explanation code.", + "title": "ExplanationCode", + "type": "string" + }, + "IngressRouteTable": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The route table.", + "title": "IngressRouteTable" + }, + "InternetGateway": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The internet gateway.", + "title": "InternetGateway" + }, + "LoadBalancerArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the load balancer.", + "title": "LoadBalancerArn", + "type": "string" + }, + "LoadBalancerListenerPort": { + "markdownDescription": "The listener port of the load balancer.", + "title": "LoadBalancerListenerPort", + "type": "number" + }, + "LoadBalancerTarget": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisLoadBalancerTarget", + "markdownDescription": "The target.", + "title": "LoadBalancerTarget" + }, + "LoadBalancerTargetGroup": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The target group.", + "title": "LoadBalancerTargetGroup" + }, + "LoadBalancerTargetGroups": { + "items": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent" + }, + "markdownDescription": "The target groups.", + "title": "LoadBalancerTargetGroups", + "type": "array" + }, + "LoadBalancerTargetPort": { + "markdownDescription": "The target port.", + "title": "LoadBalancerTargetPort", + "type": "number" + }, + "MissingComponent": { + "markdownDescription": "The missing component.", + "title": "MissingComponent", + "type": "string" + }, + "NatGateway": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The NAT gateway.", + "title": "NatGateway" + }, + "NetworkInterface": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The network interface.", + "title": "NetworkInterface" + }, + "PacketField": { + "markdownDescription": "The packet field.", + "title": "PacketField", + "type": "string" + }, + "Port": { + "markdownDescription": "The port.", + "title": "Port", + "type": "number" + }, + "PortRanges": { + "items": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.PortRange" + }, + "markdownDescription": "The port ranges.", + "title": "PortRanges", + "type": "array" + }, + "PrefixList": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The prefix list.", + "title": "PrefixList" + }, + "Protocols": { + "items": { + "type": "string" + }, + "markdownDescription": "The protocols.", + "title": "Protocols", + "type": "array" + }, + "RouteTable": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The route table.", + "title": "RouteTable" + }, + "RouteTableRoute": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisRouteTableRoute", + "markdownDescription": "The route table route.", + "title": "RouteTableRoute" + }, + "SecurityGroup": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The security group.", + "title": "SecurityGroup" + }, + "SecurityGroupRule": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisSecurityGroupRule", + "markdownDescription": "The security group rule.", + "title": "SecurityGroupRule" + }, + "SecurityGroups": { + "items": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent" + }, + "markdownDescription": "The security groups.", + "title": "SecurityGroups", + "type": "array" + }, + "SourceVpc": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The source VPC.", + "title": "SourceVpc" + }, + "State": { + "markdownDescription": "The state.", + "title": "State", + "type": "string" + }, + "Subnet": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The subnet.", + "title": "Subnet" + }, + "SubnetRouteTable": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The route table for the subnet.", + "title": "SubnetRouteTable" + }, + "TransitGateway": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The transit gateway.", + "title": "TransitGateway" + }, + "TransitGatewayAttachment": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The transit gateway attachment.", + "title": "TransitGatewayAttachment" + }, + "TransitGatewayRouteTable": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The transit gateway route table.", + "title": "TransitGatewayRouteTable" + }, + "TransitGatewayRouteTableRoute": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.TransitGatewayRouteTableRoute", + "markdownDescription": "The transit gateway route table route.", + "title": "TransitGatewayRouteTableRoute" + }, + "Vpc": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The component VPC.", + "title": "Vpc" + }, + "VpcPeeringConnection": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The VPC peering connection.", + "title": "VpcPeeringConnection" + }, + "VpnConnection": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The VPN connection.", + "title": "VpnConnection" + }, + "VpnGateway": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The VPN gateway.", + "title": "VpnGateway" + }, + "vpcEndpoint": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The VPC endpoint.", + "title": "vpcEndpoint" } }, - "required": [ - "Action", - "Name", - "Trigger" - ], "type": "object" }, - "AWS::EMR::InstanceGroupConfig.ScalingTrigger": { + "AWS::EC2::NetworkInsightsAnalysis.PathComponent": { "additionalProperties": false, "properties": { - "CloudWatchAlarmDefinition": { - "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.CloudWatchAlarmDefinition", - "markdownDescription": "The definition of a CloudWatch metric alarm. When the defined alarm conditions are met along with other trigger parameters, scaling activity begins.", - "title": "CloudWatchAlarmDefinition" + "AclRule": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisAclRule", + "markdownDescription": "The network ACL rule.", + "title": "AclRule" + }, + "AdditionalDetails": { + "items": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AdditionalDetail" + }, + "markdownDescription": "The additional details.", + "title": "AdditionalDetails", + "type": "array" + }, + "Component": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The component.", + "title": "Component" + }, + "DestinationVpc": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The destination VPC.", + "title": "DestinationVpc" + }, + "ElasticLoadBalancerListener": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The load balancer listener.", + "title": "ElasticLoadBalancerListener" + }, + "Explanations": { + "items": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.Explanation" + }, + "markdownDescription": "The explanation codes.", + "title": "Explanations", + "type": "array" + }, + "InboundHeader": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisPacketHeader", + "markdownDescription": "The inbound header.", + "title": "InboundHeader" + }, + "OutboundHeader": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisPacketHeader", + "markdownDescription": "The outbound header.", + "title": "OutboundHeader" + }, + "RouteTableRoute": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisRouteTableRoute", + "markdownDescription": "The route table route.", + "title": "RouteTableRoute" + }, + "SecurityGroupRule": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisSecurityGroupRule", + "markdownDescription": "The security group rule.", + "title": "SecurityGroupRule" + }, + "SequenceNumber": { + "markdownDescription": "The sequence number.", + "title": "SequenceNumber", + "type": "number" + }, + "ServiceName": { + "markdownDescription": "The name of the VPC endpoint service.", + "title": "ServiceName", + "type": "string" + }, + "SourceVpc": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The source VPC.", + "title": "SourceVpc" + }, + "Subnet": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The subnet.", + "title": "Subnet" + }, + "TransitGateway": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The transit gateway.", + "title": "TransitGateway" + }, + "TransitGatewayRouteTableRoute": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.TransitGatewayRouteTableRoute", + "markdownDescription": "The route in a transit gateway route table.", + "title": "TransitGatewayRouteTableRoute" + }, + "Vpc": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The component VPC.", + "title": "Vpc" } }, - "required": [ - "CloudWatchAlarmDefinition" - ], "type": "object" }, - "AWS::EMR::InstanceGroupConfig.SimpleScalingPolicyConfiguration": { + "AWS::EC2::NetworkInsightsAnalysis.PortRange": { "additionalProperties": false, "properties": { - "AdjustmentType": { - "markdownDescription": "The way in which Amazon EC2 instances are added (if `ScalingAdjustment` is a positive number) or terminated (if `ScalingAdjustment` is a negative number) each time the scaling activity is triggered. `CHANGE_IN_CAPACITY` is the default. `CHANGE_IN_CAPACITY` indicates that the Amazon EC2 instance count increments or decrements by `ScalingAdjustment` , which should be expressed as an integer. `PERCENT_CHANGE_IN_CAPACITY` indicates the instance count increments or decrements by the percentage specified by `ScalingAdjustment` , which should be expressed as an integer. For example, 20 indicates an increase in 20% increments of cluster capacity. `EXACT_CAPACITY` indicates the scaling activity results in an instance group with the number of Amazon EC2 instances specified by `ScalingAdjustment` , which should be expressed as a positive integer.", - "title": "AdjustmentType", - "type": "string" - }, - "CoolDown": { - "markdownDescription": "The amount of time, in seconds, after a scaling activity completes before any further trigger-related scaling activities can start. The default value is 0.", - "title": "CoolDown", + "From": { + "markdownDescription": "The first port in the range.", + "title": "From", "type": "number" }, - "ScalingAdjustment": { - "markdownDescription": "The amount by which to scale in or scale out, based on the specified `AdjustmentType` . A positive value adds to the instance group's Amazon EC2 instance count while a negative number removes instances. If `AdjustmentType` is set to `EXACT_CAPACITY` , the number should only be a positive integer. If `AdjustmentType` is set to `PERCENT_CHANGE_IN_CAPACITY` , the value should express the percentage as an integer. For example, -20 indicates a decrease in 20% increments of cluster capacity.", - "title": "ScalingAdjustment", + "To": { + "markdownDescription": "The last port in the range.", + "title": "To", "type": "number" } }, - "required": [ - "ScalingAdjustment" - ], "type": "object" }, - "AWS::EMR::InstanceGroupConfig.VolumeSpecification": { + "AWS::EC2::NetworkInsightsAnalysis.TransitGatewayRouteTableRoute": { "additionalProperties": false, "properties": { - "Iops": { - "markdownDescription": "The number of I/O operations per second (IOPS) that the volume supports.", - "title": "Iops", - "type": "number" + "AttachmentId": { + "markdownDescription": "The ID of the route attachment.", + "title": "AttachmentId", + "type": "string" }, - "SizeInGB": { - "markdownDescription": "The volume size, in gibibytes (GiB). This can be a number from 1 - 1024. If the volume type is EBS-optimized, the minimum value is 10.", - "title": "SizeInGB", - "type": "number" + "DestinationCidr": { + "markdownDescription": "The CIDR block used for destination matches.", + "title": "DestinationCidr", + "type": "string" }, - "Throughput": { - "markdownDescription": "The throughput, in mebibyte per second (MiB/s). This optional parameter can be a number from 125 - 1000 and is valid only for gp3 volumes.", - "title": "Throughput", - "type": "number" + "PrefixListId": { + "markdownDescription": "The ID of the prefix list.", + "title": "PrefixListId", + "type": "string" }, - "VolumeType": { - "markdownDescription": "The volume type. Volume types supported are gp3, gp2, io1, st1, sc1, and standard.", - "title": "VolumeType", + "ResourceId": { + "markdownDescription": "The ID of the resource for the route attachment.", + "title": "ResourceId", + "type": "string" + }, + "ResourceType": { + "markdownDescription": "The resource type for the route attachment.", + "title": "ResourceType", + "type": "string" + }, + "RouteOrigin": { + "markdownDescription": "The route origin. The following are the possible values:\n\n- static\n- propagated", + "title": "RouteOrigin", + "type": "string" + }, + "State": { + "markdownDescription": "The state of the route.", + "title": "State", "type": "string" } }, - "required": [ - "SizeInGB", - "VolumeType" - ], "type": "object" }, - "AWS::EMR::SecurityConfiguration": { + "AWS::EC2::NetworkInsightsPath": { "additionalProperties": false, "properties": { "Condition": { @@ -89162,25 +95403,64 @@ "Properties": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the security configuration.", - "title": "Name", + "Destination": { + "markdownDescription": "The ID or ARN of the destination. If the resource is in another account, you must specify an ARN.", + "title": "Destination", "type": "string" }, - "SecurityConfiguration": { - "markdownDescription": "The security configuration details in JSON format. For JSON parameters and examples, see [Use Security Configurations to Set Up Cluster Security](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-security-configurations.html) in the *Amazon EMR Management Guide* .", - "title": "SecurityConfiguration", - "type": "object" + "DestinationIp": { + "markdownDescription": "The IP address of the destination.", + "title": "DestinationIp", + "type": "string" + }, + "DestinationPort": { + "markdownDescription": "The destination port.", + "title": "DestinationPort", + "type": "number" + }, + "FilterAtDestination": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsPath.PathFilter", + "markdownDescription": "Scopes the analysis to network paths that match specific filters at the destination. If you specify this parameter, you can't specify the parameter for the destination IP address.", + "title": "FilterAtDestination" + }, + "FilterAtSource": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsPath.PathFilter", + "markdownDescription": "Scopes the analysis to network paths that match specific filters at the source. If you specify this parameter, you can't specify the parameters for the source IP address or the destination port.", + "title": "FilterAtSource" + }, + "Protocol": { + "markdownDescription": "The protocol.", + "title": "Protocol", + "type": "string" + }, + "Source": { + "markdownDescription": "The ID or ARN of the source. If the resource is in another account, you must specify an ARN.", + "title": "Source", + "type": "string" + }, + "SourceIp": { + "markdownDescription": "The IP address of the source.", + "title": "SourceIp", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to add to the path.", + "title": "Tags", + "type": "array" } }, "required": [ - "SecurityConfiguration" + "Protocol", + "Source" ], "type": "object" }, "Type": { "enum": [ - "AWS::EMR::SecurityConfiguration" + "AWS::EC2::NetworkInsightsPath" ], "type": "string" }, @@ -89199,7 +95479,49 @@ ], "type": "object" }, - "AWS::EMR::Step": { + "AWS::EC2::NetworkInsightsPath.FilterPortRange": { + "additionalProperties": false, + "properties": { + "FromPort": { + "markdownDescription": "The first port in the range.", + "title": "FromPort", + "type": "number" + }, + "ToPort": { + "markdownDescription": "The last port in the range.", + "title": "ToPort", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::NetworkInsightsPath.PathFilter": { + "additionalProperties": false, + "properties": { + "DestinationAddress": { + "markdownDescription": "The destination IPv4 address.", + "title": "DestinationAddress", + "type": "string" + }, + "DestinationPortRange": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsPath.FilterPortRange", + "markdownDescription": "The destination port range.", + "title": "DestinationPortRange" + }, + "SourceAddress": { + "markdownDescription": "The source IPv4 address.", + "title": "SourceAddress", + "type": "string" + }, + "SourcePortRange": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsPath.FilterPortRange", + "markdownDescription": "The source port range.", + "title": "SourcePortRange" + } + }, + "type": "object" + }, + "AWS::EC2::NetworkInterface": { "additionalProperties": false, "properties": { "Condition": { @@ -89234,38 +95556,113 @@ "Properties": { "additionalProperties": false, "properties": { - "ActionOnFailure": { - "markdownDescription": "This specifies what action to take when the cluster step fails. Possible values are `CANCEL_AND_WAIT` and `CONTINUE` .", - "title": "ActionOnFailure", + "ConnectionTrackingSpecification": { + "$ref": "#/definitions/AWS::EC2::NetworkInterface.ConnectionTrackingSpecification", + "markdownDescription": "A connection tracking specification for the network interface.", + "title": "ConnectionTrackingSpecification" + }, + "Description": { + "markdownDescription": "A description for the network interface.", + "title": "Description", "type": "string" }, - "HadoopJarStep": { - "$ref": "#/definitions/AWS::EMR::Step.HadoopJarStepConfig", - "markdownDescription": "The `HadoopJarStepConfig` property type specifies a job flow step consisting of a JAR file whose main function will be executed. The main function submits a job for the cluster to execute as a step on the master node, and then waits for the job to finish or fail before executing subsequent steps.", - "title": "HadoopJarStep" + "GroupSet": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the security groups associated with this network interface.", + "title": "GroupSet", + "type": "array" }, - "JobFlowId": { - "markdownDescription": "A string that uniquely identifies the cluster (job flow).", - "title": "JobFlowId", + "InterfaceType": { + "markdownDescription": "The type of network interface. The default is `interface` . The supported values are `efa` and `trunk` .", + "title": "InterfaceType", "type": "string" }, - "Name": { - "markdownDescription": "The name of the cluster step.", - "title": "Name", + "Ipv4PrefixCount": { + "markdownDescription": "The number of IPv4 prefixes to be automatically assigned to the network interface.\n\nWhen creating a network interface, you can't specify a count of IPv4 prefixes if you've specified one of the following: specific IPv4 prefixes, specific private IPv4 addresses, or a count of private IPv4 addresses.", + "title": "Ipv4PrefixCount", + "type": "number" + }, + "Ipv4Prefixes": { + "items": { + "$ref": "#/definitions/AWS::EC2::NetworkInterface.Ipv4PrefixSpecification" + }, + "markdownDescription": "The IPv4 delegated prefixes that are assigned to the network interface.\n\nWhen creating a network interface, you can't specify IPv4 prefixes if you've specified one of the following: a count of IPv4 prefixes, specific private IPv4 addresses, or a count of private IPv4 addresses.", + "title": "Ipv4Prefixes", + "type": "array" + }, + "Ipv6AddressCount": { + "markdownDescription": "The number of IPv6 addresses to assign to the network interface. Amazon EC2 automatically selects the IPv6 addresses from the subnet range. To specify specific IPv6 addresses, use the `Ipv6Addresses` property and don't specify this property.\n\nWhen creating a network interface, you can't specify a count of IPv6 addresses if you've specified one of the following: specific IPv6 addresses, specific IPv6 prefixes, or a count of IPv6 prefixes.", + "title": "Ipv6AddressCount", + "type": "number" + }, + "Ipv6Addresses": { + "items": { + "$ref": "#/definitions/AWS::EC2::NetworkInterface.InstanceIpv6Address" + }, + "markdownDescription": "The IPv6 addresses from the IPv6 CIDR block range of your subnet to assign to the network interface. If you're specifying a number of IPv6 addresses, use the `Ipv6AddressCount` property and don't specify this property.\n\nWhen creating a network interface, you can't specify IPv6 addresses if you've specified one of the following: a count of IPv6 addresses, specific IPv6 prefixes, or a count of IPv6 prefixes.", + "title": "Ipv6Addresses", + "type": "array" + }, + "Ipv6PrefixCount": { + "markdownDescription": "The number of IPv6 prefixes to be automatically assigned to the network interface.\n\nWhen creating a network interface, you can't specify a count of IPv6 prefixes if you've specified one of the following: specific IPv6 prefixes, specific IPv6 addresses, or a count of IPv6 addresses.", + "title": "Ipv6PrefixCount", + "type": "number" + }, + "Ipv6Prefixes": { + "items": { + "$ref": "#/definitions/AWS::EC2::NetworkInterface.Ipv6PrefixSpecification" + }, + "markdownDescription": "The IPv6 delegated prefixes that are assigned to the network interface.\n\nWhen creating a network interface, you can't specify IPv6 prefixes if you've specified one of the following: a count of IPv6 prefixes, specific IPv6 addresses, or a count of IPv6 addresses.", + "title": "Ipv6Prefixes", + "type": "array" + }, + "PrivateIpAddress": { + "markdownDescription": "The private IPv4 address to assign to the network interface as the primary private IP address. If you want to specify multiple private IP addresses, use the `PrivateIpAddresses` property.", + "title": "PrivateIpAddress", + "type": "string" + }, + "PrivateIpAddresses": { + "items": { + "$ref": "#/definitions/AWS::EC2::NetworkInterface.PrivateIpAddressSpecification" + }, + "markdownDescription": "The private IPv4 addresses to assign to the network interface. You can specify a primary private IP address by setting the value of the `Primary` property to `true` in the `PrivateIpAddressSpecification` property. If you want EC2 to automatically assign private IP addresses, use the `SecondaryPrivateIpAddressCount` property and do not specify this property.\n\nWhen creating a network interface, you can't specify private IPv4 addresses if you've specified one of the following: a count of private IPv4 addresses, specific IPv4 prefixes, or a count of IPv4 prefixes.", + "title": "PrivateIpAddresses", + "type": "array" + }, + "SecondaryPrivateIpAddressCount": { + "markdownDescription": "The number of secondary private IPv4 addresses to assign to a network interface. When you specify a number of secondary IPv4 addresses, Amazon EC2 selects these IP addresses within the subnet's IPv4 CIDR range. You can't specify this option and specify more than one private IP address using `privateIpAddresses` .\n\nWhen creating a Network Interface, you can't specify a count of private IPv4 addresses if you've specified one of the following: specific private IPv4 addresses, specific IPv4 prefixes, or a count of IPv4 prefixes.", + "title": "SecondaryPrivateIpAddressCount", + "type": "number" + }, + "SourceDestCheck": { + "markdownDescription": "Enable or disable source/destination checks, which ensure that the instance is either the source or the destination of any traffic that it receives. If the value is `true` , source/destination checks are enabled; otherwise, they are disabled. The default value is `true` . You must disable source/destination checks if the instance runs services such as network address translation, routing, or firewalls.", + "title": "SourceDestCheck", + "type": "boolean" + }, + "SubnetId": { + "markdownDescription": "The ID of the subnet to associate with the network interface.", + "title": "SubnetId", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to apply to the network interface.", + "title": "Tags", + "type": "array" } }, "required": [ - "ActionOnFailure", - "HadoopJarStep", - "JobFlowId", - "Name" + "SubnetId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EMR::Step" + "AWS::EC2::NetworkInterface" ], "type": "string" }, @@ -89284,58 +95681,90 @@ ], "type": "object" }, - "AWS::EMR::Step.HadoopJarStepConfig": { + "AWS::EC2::NetworkInterface.ConnectionTrackingSpecification": { "additionalProperties": false, "properties": { - "Args": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of command line arguments passed to the JAR file's main function when executed.", - "title": "Args", - "type": "array" + "TcpEstablishedTimeout": { + "markdownDescription": "Timeout (in seconds) for idle TCP connections in an established state. Min: 60 seconds. Max: 432000 seconds (5 days). Default: 432000 seconds. Recommended: Less than 432000 seconds.", + "title": "TcpEstablishedTimeout", + "type": "number" }, - "Jar": { - "markdownDescription": "A path to a JAR file run during the step.", - "title": "Jar", - "type": "string" + "UdpStreamTimeout": { + "markdownDescription": "Timeout (in seconds) for idle UDP flows classified as streams which have seen more than one request-response transaction. Min: 60 seconds. Max: 180 seconds (3 minutes). Default: 180 seconds.", + "title": "UdpStreamTimeout", + "type": "number" }, - "MainClass": { - "markdownDescription": "The name of the main class in the specified Java file. If not specified, the JAR file should specify a Main-Class in its manifest file.", - "title": "MainClass", + "UdpTimeout": { + "markdownDescription": "Timeout (in seconds) for idle UDP flows that have seen traffic only in a single direction or a single request-response transaction. Min: 30 seconds. Max: 60 seconds. Default: 30 seconds.", + "title": "UdpTimeout", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::NetworkInterface.InstanceIpv6Address": { + "additionalProperties": false, + "properties": { + "Ipv6Address": { + "markdownDescription": "An IPv6 address to associate with the network interface.", + "title": "Ipv6Address", "type": "string" - }, - "StepProperties": { - "items": { - "$ref": "#/definitions/AWS::EMR::Step.KeyValue" - }, - "markdownDescription": "A list of Java properties that are set when the step runs. You can use these properties to pass key value pairs to your main function.", - "title": "StepProperties", - "type": "array" } }, "required": [ - "Jar" + "Ipv6Address" ], "type": "object" }, - "AWS::EMR::Step.KeyValue": { + "AWS::EC2::NetworkInterface.Ipv4PrefixSpecification": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The unique identifier of a key-value pair.", - "title": "Key", + "Ipv4Prefix": { + "markdownDescription": "The IPv4 prefix. For information, see [Assigning prefixes to network interfaces](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-prefix-eni.html) in the *Amazon EC2 User Guide* .", + "title": "Ipv4Prefix", + "type": "string" + } + }, + "required": [ + "Ipv4Prefix" + ], + "type": "object" + }, + "AWS::EC2::NetworkInterface.Ipv6PrefixSpecification": { + "additionalProperties": false, + "properties": { + "Ipv6Prefix": { + "markdownDescription": "The IPv6 prefix. For information, see [Assigning prefixes to Amazon EC2 network interfaces](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-prefix-eni.html) in the *Amazon Elastic Compute Cloud User Guide* .", + "title": "Ipv6Prefix", "type": "string" + } + }, + "required": [ + "Ipv6Prefix" + ], + "type": "object" + }, + "AWS::EC2::NetworkInterface.PrivateIpAddressSpecification": { + "additionalProperties": false, + "properties": { + "Primary": { + "markdownDescription": "Sets the private IP address as the primary private address. You can set only one primary private IP address. If you don't specify a primary private IP address, Amazon EC2 automatically assigns a primary private IP address.", + "title": "Primary", + "type": "boolean" }, - "Value": { - "markdownDescription": "The value part of the identified key.", - "title": "Value", + "PrivateIpAddress": { + "markdownDescription": "The private IP address of the network interface.", + "title": "PrivateIpAddress", "type": "string" } }, + "required": [ + "Primary", + "PrivateIpAddress" + ], "type": "object" }, - "AWS::EMR::Studio": { + "AWS::EC2::NetworkInterfaceAttachment": { "additionalProperties": false, "properties": { "Condition": { @@ -89370,113 +95799,42 @@ "Properties": { "additionalProperties": false, "properties": { - "AuthMode": { - "markdownDescription": "Specifies whether the Studio authenticates users using IAM Identity Center or IAM.", - "title": "AuthMode", - "type": "string" - }, - "DefaultS3Location": { - "markdownDescription": "The Amazon S3 location to back up EMR Studio Workspaces and notebook files.", - "title": "DefaultS3Location", - "type": "string" - }, - "Description": { - "markdownDescription": "A detailed description of the Amazon EMR Studio.", - "title": "Description", - "type": "string" - }, - "EncryptionKeyArn": { - "markdownDescription": "The AWS KMS key identifier (ARN) used to encrypt Amazon EMR Studio workspace and notebook files when backed up to Amazon S3.", - "title": "EncryptionKeyArn", - "type": "string" - }, - "EngineSecurityGroupId": { - "markdownDescription": "The ID of the Amazon EMR Studio Engine security group. The Engine security group allows inbound network traffic from the Workspace security group, and it must be in the same VPC specified by `VpcId` .", - "title": "EngineSecurityGroupId", - "type": "string" - }, - "IdcInstanceArn": { - "markdownDescription": "The ARN of the IAM Identity Center instance the Studio application belongs to.", - "title": "IdcInstanceArn", - "type": "string" - }, - "IdcUserAssignment": { - "markdownDescription": "Indicates whether the Studio has `REQUIRED` or `OPTIONAL` IAM Identity Center user assignment. If the value is set to `REQUIRED` , users must be explicitly assigned to the Studio application to access the Studio.", - "title": "IdcUserAssignment", - "type": "string" + "DeleteOnTermination": { + "markdownDescription": "Whether to delete the network interface when the instance terminates. By default, this value is set to `true` .", + "title": "DeleteOnTermination", + "type": "boolean" }, - "IdpAuthUrl": { - "markdownDescription": "Your identity provider's authentication endpoint. Amazon EMR Studio redirects federated users to this endpoint for authentication when logging in to a Studio with the Studio URL.", - "title": "IdpAuthUrl", + "DeviceIndex": { + "markdownDescription": "The network interface's position in the attachment order. For example, the first attached network interface has a `DeviceIndex` of 0.", + "title": "DeviceIndex", "type": "string" }, - "IdpRelayStateParameterName": { - "markdownDescription": "The name of your identity provider's `RelayState` parameter.", - "title": "IdpRelayStateParameterName", - "type": "string" + "EnaSrdSpecification": { + "$ref": "#/definitions/AWS::EC2::NetworkInterfaceAttachment.EnaSrdSpecification", + "markdownDescription": "Configures ENA Express for the network interface that this action attaches to the instance.", + "title": "EnaSrdSpecification" }, - "Name": { - "markdownDescription": "A descriptive name for the Amazon EMR Studio.", - "title": "Name", + "InstanceId": { + "markdownDescription": "The ID of the instance to which you will attach the ENI.", + "title": "InstanceId", "type": "string" }, - "ServiceRole": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that will be assumed by the Amazon EMR Studio. The service role provides a way for Amazon EMR Studio to interoperate with other AWS services.", - "title": "ServiceRole", - "type": "string" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of subnet IDs to associate with the Amazon EMR Studio. A Studio can have a maximum of 5 subnets. The subnets must belong to the VPC specified by `VpcId` . Studio users can create a Workspace in any of the specified subnets.", - "title": "SubnetIds", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - }, - "TrustedIdentityPropagationEnabled": { - "markdownDescription": "Indicates whether the Studio has Trusted identity propagation enabled. The default value is `false` .", - "title": "TrustedIdentityPropagationEnabled", - "type": "boolean" - }, - "UserRole": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM user role that will be assumed by users and groups logged in to a Studio. The permissions attached to this IAM role can be scoped down for each user or group using session policies. You only need to specify `UserRole` when you set `AuthMode` to `SSO` .", - "title": "UserRole", - "type": "string" - }, - "VpcId": { - "markdownDescription": "The ID of the Amazon Virtual Private Cloud (Amazon VPC) to associate with the Studio.", - "title": "VpcId", - "type": "string" - }, - "WorkspaceSecurityGroupId": { - "markdownDescription": "The ID of the Workspace security group associated with the Amazon EMR Studio. The Workspace security group allows outbound network traffic to resources in the Engine security group and to the internet.", - "title": "WorkspaceSecurityGroupId", + "NetworkInterfaceId": { + "markdownDescription": "The ID of the ENI that you want to attach.", + "title": "NetworkInterfaceId", "type": "string" } }, "required": [ - "AuthMode", - "DefaultS3Location", - "EngineSecurityGroupId", - "Name", - "ServiceRole", - "SubnetIds", - "VpcId", - "WorkspaceSecurityGroupId" + "DeviceIndex", + "InstanceId", + "NetworkInterfaceId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EMR::Studio" + "AWS::EC2::NetworkInterfaceAttachment" ], "type": "string" }, @@ -89495,7 +95853,34 @@ ], "type": "object" }, - "AWS::EMR::StudioSessionMapping": { + "AWS::EC2::NetworkInterfaceAttachment.EnaSrdSpecification": { + "additionalProperties": false, + "properties": { + "EnaSrdEnabled": { + "markdownDescription": "Indicates whether ENA Express is enabled for the network interface.", + "title": "EnaSrdEnabled", + "type": "boolean" + }, + "EnaSrdUdpSpecification": { + "$ref": "#/definitions/AWS::EC2::NetworkInterfaceAttachment.EnaSrdUdpSpecification", + "markdownDescription": "Configures ENA Express for UDP network traffic.", + "title": "EnaSrdUdpSpecification" + } + }, + "type": "object" + }, + "AWS::EC2::NetworkInterfaceAttachment.EnaSrdUdpSpecification": { + "additionalProperties": false, + "properties": { + "EnaSrdUdpEnabled": { + "markdownDescription": "Indicates whether UDP traffic to and from the instance uses ENA Express. To specify this setting, you must first enable ENA Express.", + "title": "EnaSrdUdpEnabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EC2::NetworkInterfacePermission": { "additionalProperties": false, "properties": { "Condition": { @@ -89530,38 +95915,32 @@ "Properties": { "additionalProperties": false, "properties": { - "IdentityName": { - "markdownDescription": "The name of the user or group. For more information, see [UserName](https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_User.html#singlesignon-Type-User-UserName) and [DisplayName](https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_Group.html#singlesignon-Type-Group-DisplayName) in the *IAM Identity Center Identity Store API Reference* .", - "title": "IdentityName", - "type": "string" - }, - "IdentityType": { - "markdownDescription": "Specifies whether the identity to map to the Amazon EMR Studio is a user or a group.", - "title": "IdentityType", + "AwsAccountId": { + "markdownDescription": "The AWS account ID.", + "title": "AwsAccountId", "type": "string" }, - "SessionPolicyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the session policy that will be applied to the user or group. Session policies refine Studio user permissions without the need to use multiple IAM user roles. For more information, see [Create an EMR Studio user role with session policies](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-studio-user-role.html) in the *Amazon EMR Management Guide* .", - "title": "SessionPolicyArn", + "NetworkInterfaceId": { + "markdownDescription": "The ID of the network interface.", + "title": "NetworkInterfaceId", "type": "string" }, - "StudioId": { - "markdownDescription": "The ID of the Amazon EMR Studio to which the user or group will be mapped.", - "title": "StudioId", + "Permission": { + "markdownDescription": "The type of permission to grant: `INSTANCE-ATTACH` or `EIP-ASSOCIATE` .", + "title": "Permission", "type": "string" } }, "required": [ - "IdentityName", - "IdentityType", - "SessionPolicyArn", - "StudioId" + "AwsAccountId", + "NetworkInterfaceId", + "Permission" ], "type": "object" }, "Type": { "enum": [ - "AWS::EMR::StudioSessionMapping" + "AWS::EC2::NetworkInterfacePermission" ], "type": "string" }, @@ -89580,7 +95959,7 @@ ], "type": "object" }, - "AWS::EMR::WALWorkspace": { + "AWS::EC2::NetworkPerformanceMetricSubscription": { "additionalProperties": false, "properties": { "Condition": { @@ -89615,25 +95994,38 @@ "Properties": { "additionalProperties": false, "properties": { - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "", - "title": "Tags", - "type": "array" + "Destination": { + "markdownDescription": "The Region or Availability Zone that's the target for the subscription. For example, `eu-west-1` .", + "title": "Destination", + "type": "string" }, - "WALWorkspaceName": { - "markdownDescription": "", - "title": "WALWorkspaceName", + "Metric": { + "markdownDescription": "The metric used for the subscription.", + "title": "Metric", + "type": "string" + }, + "Source": { + "markdownDescription": "The Region or Availability Zone that's the source for the subscription. For example, `us-east-1` .", + "title": "Source", + "type": "string" + }, + "Statistic": { + "markdownDescription": "The statistic used for the subscription.", + "title": "Statistic", "type": "string" } }, + "required": [ + "Destination", + "Metric", + "Source", + "Statistic" + ], "type": "object" }, "Type": { "enum": [ - "AWS::EMR::WALWorkspace" + "AWS::EC2::NetworkPerformanceMetricSubscription" ], "type": "string" }, @@ -89647,11 +96039,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::EMRContainers::VirtualCluster": { + "AWS::EC2::PlacementGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -89686,34 +96079,35 @@ "Properties": { "additionalProperties": false, "properties": { - "ContainerProvider": { - "$ref": "#/definitions/AWS::EMRContainers::VirtualCluster.ContainerProvider", - "markdownDescription": "The container provider of the virtual cluster.", - "title": "ContainerProvider" + "PartitionCount": { + "markdownDescription": "The number of partitions. Valid only when *Strategy* is set to `partition` .", + "title": "PartitionCount", + "type": "number" }, - "Name": { - "markdownDescription": "The name of the virtual cluster.", - "title": "Name", + "SpreadLevel": { + "markdownDescription": "Determines how placement groups spread instances.\n\n- Host \u2013 You can use `host` only with Outpost placement groups.\n- Rack \u2013 No usage restrictions.", + "title": "SpreadLevel", + "type": "string" + }, + "Strategy": { + "markdownDescription": "The placement strategy.", + "title": "Strategy", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "The tags to apply to the new placement group.", "title": "Tags", "type": "array" } }, - "required": [ - "ContainerProvider", - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::EMRContainers::VirtualCluster" + "AWS::EC2::PlacementGroup" ], "type": "string" }, @@ -89727,66 +96121,11 @@ } }, "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::EMRContainers::VirtualCluster.ContainerInfo": { - "additionalProperties": false, - "properties": { - "EksInfo": { - "$ref": "#/definitions/AWS::EMRContainers::VirtualCluster.EksInfo", - "markdownDescription": "The information about the Amazon EKS cluster.", - "title": "EksInfo" - } - }, - "required": [ - "EksInfo" - ], - "type": "object" - }, - "AWS::EMRContainers::VirtualCluster.ContainerProvider": { - "additionalProperties": false, - "properties": { - "Id": { - "markdownDescription": "The ID of the container cluster.\n\n*Minimum* : 1\n\n*Maximum* : 100\n\n*Pattern* : `^[0-9A-Za-z][A-Za-z0-9\\-_]*`", - "title": "Id", - "type": "string" - }, - "Info": { - "$ref": "#/definitions/AWS::EMRContainers::VirtualCluster.ContainerInfo", - "markdownDescription": "The information about the container cluster.", - "title": "Info" - }, - "Type": { - "markdownDescription": "The type of the container provider. Amazon EKS is the only supported type as of now.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Id", - "Info", "Type" ], "type": "object" }, - "AWS::EMRContainers::VirtualCluster.EksInfo": { - "additionalProperties": false, - "properties": { - "Namespace": { - "markdownDescription": "The namespaces of the EKS cluster.\n\n*Minimum* : 1\n\n*Maximum* : 63\n\n*Pattern* : `[a-z0-9]([-a-z0-9]*[a-z0-9])?`", - "title": "Namespace", - "type": "string" - } - }, - "required": [ - "Namespace" - ], - "type": "object" - }, - "AWS::EMRServerless::Application": { + "AWS::EC2::PrefixList": { "additionalProperties": false, "properties": { "Condition": { @@ -89821,101 +96160,47 @@ "Properties": { "additionalProperties": false, "properties": { - "Architecture": { - "markdownDescription": "The CPU architecture of an application.", - "title": "Architecture", + "AddressFamily": { + "markdownDescription": "The IP address type.\n\nValid Values: `IPv4` | `IPv6`", + "title": "AddressFamily", "type": "string" }, - "AutoStartConfiguration": { - "$ref": "#/definitions/AWS::EMRServerless::Application.AutoStartConfiguration", - "markdownDescription": "The configuration for an application to automatically start on job submission.", - "title": "AutoStartConfiguration" - }, - "AutoStopConfiguration": { - "$ref": "#/definitions/AWS::EMRServerless::Application.AutoStopConfiguration", - "markdownDescription": "The configuration for an application to automatically stop after a certain amount of time being idle.", - "title": "AutoStopConfiguration" - }, - "ImageConfiguration": { - "$ref": "#/definitions/AWS::EMRServerless::Application.ImageConfigurationInput", - "markdownDescription": "The image configuration applied to all worker types.", - "title": "ImageConfiguration" - }, - "InitialCapacity": { + "Entries": { "items": { - "$ref": "#/definitions/AWS::EMRServerless::Application.InitialCapacityConfigKeyValuePair" + "$ref": "#/definitions/AWS::EC2::PrefixList.Entry" }, - "markdownDescription": "The initial capacity of the application.", - "title": "InitialCapacity", + "markdownDescription": "The entries for the prefix list.", + "title": "Entries", "type": "array" }, - "MaximumCapacity": { - "$ref": "#/definitions/AWS::EMRServerless::Application.MaximumAllowedResources", - "markdownDescription": "The maximum capacity of the application. This is cumulative across all workers at any given point in time during the lifespan of the application is created. No new resources will be created once any one of the defined limits is hit.", - "title": "MaximumCapacity" - }, - "MonitoringConfiguration": { - "$ref": "#/definitions/AWS::EMRServerless::Application.MonitoringConfiguration", - "markdownDescription": "A configuration specification to be used when provisioning an application. A configuration consists of a classification, properties, and optional nested configurations. A classification refers to an application-specific configuration file. Properties are the settings you want to change in that file.", - "title": "MonitoringConfiguration" - }, - "Name": { - "markdownDescription": "The name of the application.", - "title": "Name", - "type": "string" - }, - "NetworkConfiguration": { - "$ref": "#/definitions/AWS::EMRServerless::Application.NetworkConfiguration", - "markdownDescription": "The network configuration for customer VPC connectivity for the application.", - "title": "NetworkConfiguration" + "MaxEntries": { + "markdownDescription": "The maximum number of entries for the prefix list. You can't modify the entries and the size of a prefix list at the same time.\n\nThis property is required when you create a prefix list.", + "title": "MaxEntries", + "type": "number" }, - "ReleaseLabel": { - "markdownDescription": "The EMR release associated with the application.", - "title": "ReleaseLabel", + "PrefixListName": { + "markdownDescription": "A name for the prefix list.\n\nConstraints: Up to 255 characters in length. The name cannot start with `com.amazonaws` .", + "title": "PrefixListName", "type": "string" }, - "RuntimeConfiguration": { - "items": { - "$ref": "#/definitions/AWS::EMRServerless::Application.ConfigurationObject" - }, - "markdownDescription": "The [Configuration](https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_Configuration.html) specifications of an application. Each configuration consists of a classification and properties. You use this parameter when creating or updating an application. To see the runtimeConfiguration object of an application, run the [GetApplication](https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_GetApplication.html) API operation.", - "title": "RuntimeConfiguration", - "type": "array" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags assigned to the application.", + "markdownDescription": "The tags for the prefix list.", "title": "Tags", "type": "array" - }, - "Type": { - "markdownDescription": "The type of application, such as Spark or Hive.", - "title": "Type", - "type": "string" - }, - "WorkerTypeSpecifications": { - "additionalProperties": false, - "markdownDescription": "The specification applied to each worker type.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::EMRServerless::Application.WorkerTypeSpecificationInput" - } - }, - "title": "WorkerTypeSpecifications", - "type": "object" } }, "required": [ - "ReleaseLabel", - "Type" + "AddressFamily", + "PrefixListName" ], "type": "object" }, "Type": { "enum": [ - "AWS::EMRServerless::Application" + "AWS::EC2::PrefixList" ], "type": "string" }, @@ -89934,311 +96219,26 @@ ], "type": "object" }, - "AWS::EMRServerless::Application.AutoStartConfiguration": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Enables the application to automatically start on job submission.", - "title": "Enabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::EMRServerless::Application.AutoStopConfiguration": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Enables the application to automatically stop after a certain amount of time being idle. Defaults to true.", - "title": "Enabled", - "type": "boolean" - }, - "IdleTimeoutMinutes": { - "markdownDescription": "The amount of idle time in minutes after which your application will automatically stop. Defaults to 15 minutes.", - "title": "IdleTimeoutMinutes", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EMRServerless::Application.CloudWatchLoggingConfiguration": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Enables CloudWatch logging.", - "title": "Enabled", - "type": "boolean" - }, - "EncryptionKeyArn": { - "markdownDescription": "The AWS Key Management Service (KMS) key ARN to encrypt the logs that you store in CloudWatch Logs.", - "title": "EncryptionKeyArn", - "type": "string" - }, - "LogGroupName": { - "markdownDescription": "The name of the log group in Amazon CloudWatch Logs where you want to publish your logs.", - "title": "LogGroupName", - "type": "string" - }, - "LogStreamNamePrefix": { - "markdownDescription": "Prefix for the CloudWatch log stream name.", - "title": "LogStreamNamePrefix", - "type": "string" - }, - "LogTypeMap": { - "items": { - "$ref": "#/definitions/AWS::EMRServerless::Application.LogTypeMapKeyValuePair" - }, - "markdownDescription": "", - "title": "LogTypeMap", - "type": "array" - } - }, - "type": "object" - }, - "AWS::EMRServerless::Application.ConfigurationObject": { - "additionalProperties": false, - "properties": { - "Classification": { - "markdownDescription": "The classification within a configuration.", - "title": "Classification", - "type": "string" - }, - "Configurations": { - "items": { - "$ref": "#/definitions/AWS::EMRServerless::Application.ConfigurationObject" - }, - "markdownDescription": "A list of additional configurations to apply within a configuration object.", - "title": "Configurations", - "type": "array" - }, - "Properties": { - "additionalProperties": true, - "markdownDescription": "A set of properties specified within a configuration classification.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Properties", - "type": "object" - } - }, - "required": [ - "Classification" - ], - "type": "object" - }, - "AWS::EMRServerless::Application.ImageConfigurationInput": { - "additionalProperties": false, - "properties": { - "ImageUri": { - "markdownDescription": "The URI of an image in the Amazon ECR registry. This field is required when you create a new application. If you leave this field blank in an update, Amazon EMR will remove the image configuration.", - "title": "ImageUri", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EMRServerless::Application.InitialCapacityConfig": { - "additionalProperties": false, - "properties": { - "WorkerConfiguration": { - "$ref": "#/definitions/AWS::EMRServerless::Application.WorkerConfiguration", - "markdownDescription": "The resource configuration of the initial capacity configuration.", - "title": "WorkerConfiguration" - }, - "WorkerCount": { - "markdownDescription": "The number of workers in the initial capacity configuration.", - "title": "WorkerCount", - "type": "number" - } - }, - "required": [ - "WorkerConfiguration", - "WorkerCount" - ], - "type": "object" - }, - "AWS::EMRServerless::Application.InitialCapacityConfigKeyValuePair": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "", - "title": "Key", - "type": "string" - }, - "Value": { - "$ref": "#/definitions/AWS::EMRServerless::Application.InitialCapacityConfig", - "markdownDescription": "", - "title": "Value" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - }, - "AWS::EMRServerless::Application.LogTypeMapKeyValuePair": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "", - "title": "Key", - "type": "string" - }, - "Value": { - "items": { - "type": "string" - }, - "markdownDescription": "", - "title": "Value", - "type": "array" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - }, - "AWS::EMRServerless::Application.ManagedPersistenceMonitoringConfiguration": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Enables managed logging and defaults to true. If set to false, managed logging will be turned off.", - "title": "Enabled", - "type": "boolean" - }, - "EncryptionKeyArn": { - "markdownDescription": "The KMS key ARN to encrypt the logs stored in managed log persistence.", - "title": "EncryptionKeyArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EMRServerless::Application.MaximumAllowedResources": { - "additionalProperties": false, - "properties": { - "Cpu": { - "markdownDescription": "The maximum allowed CPU for an application.", - "title": "Cpu", - "type": "string" - }, - "Disk": { - "markdownDescription": "The maximum allowed disk for an application.", - "title": "Disk", - "type": "string" - }, - "Memory": { - "markdownDescription": "The maximum allowed resources for an application.", - "title": "Memory", - "type": "string" - } - }, - "required": [ - "Cpu", - "Memory" - ], - "type": "object" - }, - "AWS::EMRServerless::Application.MonitoringConfiguration": { - "additionalProperties": false, - "properties": { - "CloudWatchLoggingConfiguration": { - "$ref": "#/definitions/AWS::EMRServerless::Application.CloudWatchLoggingConfiguration", - "markdownDescription": "The Amazon CloudWatch configuration for monitoring logs. You can configure your jobs to send log information to CloudWatch.", - "title": "CloudWatchLoggingConfiguration" - }, - "ManagedPersistenceMonitoringConfiguration": { - "$ref": "#/definitions/AWS::EMRServerless::Application.ManagedPersistenceMonitoringConfiguration", - "markdownDescription": "The managed log persistence configuration for a job run.", - "title": "ManagedPersistenceMonitoringConfiguration" - }, - "S3MonitoringConfiguration": { - "$ref": "#/definitions/AWS::EMRServerless::Application.S3MonitoringConfiguration", - "markdownDescription": "The Amazon S3 configuration for monitoring log publishing.", - "title": "S3MonitoringConfiguration" - } - }, - "type": "object" - }, - "AWS::EMRServerless::Application.NetworkConfiguration": { - "additionalProperties": false, - "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The array of security group Ids for customer VPC connectivity.", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The array of subnet Ids for customer VPC connectivity.", - "title": "SubnetIds", - "type": "array" - } - }, - "type": "object" - }, - "AWS::EMRServerless::Application.S3MonitoringConfiguration": { - "additionalProperties": false, - "properties": { - "EncryptionKeyArn": { - "markdownDescription": "The KMS key ARN to encrypt the logs published to the given Amazon S3 destination.", - "title": "EncryptionKeyArn", - "type": "string" - }, - "LogUri": { - "markdownDescription": "The Amazon S3 destination URI for log publishing.", - "title": "LogUri", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EMRServerless::Application.WorkerConfiguration": { + "AWS::EC2::PrefixList.Entry": { "additionalProperties": false, "properties": { - "Cpu": { - "markdownDescription": "The CPU requirements of the worker configuration. Each worker can have 1, 2, 4, 8, or 16 vCPUs.", - "title": "Cpu", - "type": "string" - }, - "Disk": { - "markdownDescription": "The disk requirements of the worker configuration.", - "title": "Disk", + "Cidr": { + "markdownDescription": "The CIDR block.", + "title": "Cidr", "type": "string" }, - "Memory": { - "markdownDescription": "The memory requirements of the worker configuration.", - "title": "Memory", + "Description": { + "markdownDescription": "A description for the entry.\n\nConstraints: Up to 255 characters in length.", + "title": "Description", "type": "string" } }, "required": [ - "Cpu", - "Memory" + "Cidr" ], "type": "object" }, - "AWS::EMRServerless::Application.WorkerTypeSpecificationInput": { - "additionalProperties": false, - "properties": { - "ImageConfiguration": { - "$ref": "#/definitions/AWS::EMRServerless::Application.ImageConfigurationInput", - "markdownDescription": "The image configuration for a worker type.", - "title": "ImageConfiguration" - } - }, - "type": "object" - }, - "AWS::ElastiCache::CacheCluster": { + "AWS::EC2::Route": { "additionalProperties": false, "properties": { "Condition": { @@ -90273,160 +96273,90 @@ "Properties": { "additionalProperties": false, "properties": { - "AZMode": { - "markdownDescription": "Specifies whether the nodes in this Memcached cluster are created in a single Availability Zone or created across multiple Availability Zones in the cluster's region.\n\nThis parameter is only supported for Memcached clusters.\n\nIf the `AZMode` and `PreferredAvailabilityZones` are not specified, ElastiCache assumes `single-az` mode.", - "title": "AZMode", + "CarrierGatewayId": { + "markdownDescription": "The ID of the carrier gateway.\n\nYou can only use this option when the VPC contains a subnet which is associated with a Wavelength Zone.", + "title": "CarrierGatewayId", "type": "string" }, - "AutoMinorVersionUpgrade": { - "markdownDescription": "If you are running Valkey 7.2 or later, or Redis OSS engine version 6.0 or later, set this parameter to yes if you want to opt-in to the next minor version upgrade campaign. This parameter is disabled for previous versions.", - "title": "AutoMinorVersionUpgrade", - "type": "boolean" - }, - "CacheNodeType": { - "markdownDescription": "The compute and memory capacity of the nodes in the node group (shard).\n\nThe following node types are supported by ElastiCache. Generally speaking, the current generation types provide more memory and computational power at lower cost when compared to their equivalent previous generation counterparts. Changing the CacheNodeType of a Memcached instance is currently not supported. If you need to scale using Memcached, we recommend forcing a replacement update by changing the `LogicalResourceId` of the resource.\n\n- General purpose:\n\n- Current generation:\n\n*M6g node types:* `cache.m6g.large` , `cache.m6g.xlarge` , `cache.m6g.2xlarge` , `cache.m6g.4xlarge` , `cache.m6g.8xlarge` , `cache.m6g.12xlarge` , `cache.m6g.16xlarge` , `cache.m6g.24xlarge`\n\n*M5 node types:* `cache.m5.large` , `cache.m5.xlarge` , `cache.m5.2xlarge` , `cache.m5.4xlarge` , `cache.m5.12xlarge` , `cache.m5.24xlarge`\n\n*M4 node types:* `cache.m4.large` , `cache.m4.xlarge` , `cache.m4.2xlarge` , `cache.m4.4xlarge` , `cache.m4.10xlarge`\n\n*T4g node types:* `cache.t4g.micro` , `cache.t4g.small` , `cache.t4g.medium`\n\n*T3 node types:* `cache.t3.micro` , `cache.t3.small` , `cache.t3.medium`\n\n*T2 node types:* `cache.t2.micro` , `cache.t2.small` , `cache.t2.medium`\n- Previous generation: (not recommended)\n\n*T1 node types:* `cache.t1.micro`\n\n*M1 node types:* `cache.m1.small` , `cache.m1.medium` , `cache.m1.large` , `cache.m1.xlarge`\n\n*M3 node types:* `cache.m3.medium` , `cache.m3.large` , `cache.m3.xlarge` , `cache.m3.2xlarge`\n- Compute optimized:\n\n- Previous generation: (not recommended)\n\n*C1 node types:* `cache.c1.xlarge`\n- Memory optimized:\n\n- Current generation:\n\n*R6gd node types:* `cache.r6gd.xlarge` , `cache.r6gd.2xlarge` , `cache.r6gd.4xlarge` , `cache.r6gd.8xlarge` , `cache.r6gd.12xlarge` , `cache.r6gd.16xlarge`\n\n> The `r6gd` family is available in the following regions: `us-east-2` , `us-east-1` , `us-west-2` , `us-west-1` , `eu-west-1` , `eu-central-1` , `ap-northeast-1` , `ap-southeast-1` , `ap-southeast-2` . \n\n*R6g node types:* `cache.r6g.large` , `cache.r6g.xlarge` , `cache.r6g.2xlarge` , `cache.r6g.4xlarge` , `cache.r6g.8xlarge` , `cache.r6g.12xlarge` , `cache.r6g.16xlarge` , `cache.r6g.24xlarge`\n\n*R5 node types:* `cache.r5.large` , `cache.r5.xlarge` , `cache.r5.2xlarge` , `cache.r5.4xlarge` , `cache.r5.12xlarge` , `cache.r5.24xlarge`\n\n*R4 node types:* `cache.r4.large` , `cache.r4.xlarge` , `cache.r4.2xlarge` , `cache.r4.4xlarge` , `cache.r4.8xlarge` , `cache.r4.16xlarge`\n- Previous generation: (not recommended)\n\n*M2 node types:* `cache.m2.xlarge` , `cache.m2.2xlarge` , `cache.m2.4xlarge`\n\n*R3 node types:* `cache.r3.large` , `cache.r3.xlarge` , `cache.r3.2xlarge` , `cache.r3.4xlarge` , `cache.r3.8xlarge`\n\nFor region availability, see [Supported Node Types by Region](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/CacheNodes.SupportedTypes.html#CacheNodes.SupportedTypesByRegion)\n\n*Additional node type info*\n\n- All current generation instance types are created in Amazon VPC by default.\n- Valkey and Redis OSS append-only files (AOF) are not supported for T1 or T2 instances.\n- Valkey and Redis OSS Multi-AZ with automatic failover is not supported on T1 instances.\n- Redis OSS configuration variables `appendonly` and `appendfsync` are not supported on Redis OSS version 2.8.22 and later.", - "title": "CacheNodeType", + "CoreNetworkArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the core network.", + "title": "CoreNetworkArn", "type": "string" }, - "CacheParameterGroupName": { - "markdownDescription": "The name of the parameter group to associate with this cluster. If this argument is omitted, the default parameter group for the specified engine is used. You cannot use any parameter group which has `cluster-enabled='yes'` when creating a cluster.", - "title": "CacheParameterGroupName", + "DestinationCidrBlock": { + "markdownDescription": "The IPv4 CIDR address block used for the destination match. Routing decisions are based on the most specific match. We modify the specified CIDR block to its canonical form; for example, if you specify `100.68.0.18/18` , we modify it to `100.68.0.0/18` .", + "title": "DestinationCidrBlock", "type": "string" }, - "CacheSecurityGroupNames": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of security group names to associate with this cluster.\n\nUse this parameter only when you are creating a cluster outside of an Amazon Virtual Private Cloud (Amazon VPC).", - "title": "CacheSecurityGroupNames", - "type": "array" - }, - "CacheSubnetGroupName": { - "markdownDescription": "The name of the subnet group to be used for the cluster.\n\nUse this parameter only when you are creating a cluster in an Amazon Virtual Private Cloud (Amazon VPC).\n\n> If you're going to launch your cluster in an Amazon VPC, you need to create a subnet group before you start creating a cluster. For more information, see `[AWS::ElastiCache::SubnetGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticache-subnetgroup.html) .`", - "title": "CacheSubnetGroupName", + "DestinationIpv6CidrBlock": { + "markdownDescription": "The IPv6 CIDR block used for the destination match. Routing decisions are based on the most specific match.", + "title": "DestinationIpv6CidrBlock", "type": "string" }, - "ClusterName": { - "markdownDescription": "A name for the cache cluster. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the cache cluster. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nThe name must contain 1 to 50 alphanumeric characters or hyphens. The name must start with a letter and cannot end with a hyphen or contain two consecutive hyphens.", - "title": "ClusterName", + "DestinationPrefixListId": { + "markdownDescription": "The ID of a prefix list used for the destination match.", + "title": "DestinationPrefixListId", "type": "string" }, - "Engine": { - "markdownDescription": "The name of the cache engine to be used for this cluster.\n\nValid values for this parameter are: `memcached` | valkey | `redis`", - "title": "Engine", + "EgressOnlyInternetGatewayId": { + "markdownDescription": "[IPv6 traffic only] The ID of an egress-only internet gateway.", + "title": "EgressOnlyInternetGatewayId", "type": "string" }, - "EngineVersion": { - "markdownDescription": "The version number of the cache engine to be used for this cluster. To view the supported cache engine versions, use the DescribeCacheEngineVersions operation.\n\n*Important:* You can upgrade to a newer engine version (see [Selecting a Cache Engine and Version](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/SelectEngine.html#VersionManagement) ), but you cannot downgrade to an earlier engine version. If you want to use an earlier engine version, you must delete the existing cluster or replication group and create it anew with the earlier engine version.", - "title": "EngineVersion", + "GatewayId": { + "markdownDescription": "The ID of an internet gateway or virtual private gateway attached to your VPC.", + "title": "GatewayId", "type": "string" }, - "IpDiscovery": { - "markdownDescription": "The network type you choose when modifying a cluster, either `ipv4` | `ipv6` . IPv6 is supported for workloads using Valkey 7.2 and above, Redis OSS engine version 6.2 to 7.1 and Memcached engine version 1.6.6 and above on all instances built on the [Nitro system](https://docs.aws.amazon.com/ec2/nitro/) .", - "title": "IpDiscovery", + "InstanceId": { + "markdownDescription": "The ID of a NAT instance in your VPC. The operation fails if you specify an instance ID unless exactly one network interface is attached.", + "title": "InstanceId", "type": "string" }, - "LogDeliveryConfigurations": { - "items": { - "$ref": "#/definitions/AWS::ElastiCache::CacheCluster.LogDeliveryConfigurationRequest" - }, - "markdownDescription": "Specifies the destination, format and type of the logs.", - "title": "LogDeliveryConfigurations", - "type": "array" - }, - "NetworkType": { - "markdownDescription": "Must be either `ipv4` | `ipv6` | `dual_stack` . IPv6 is supported for workloads using Valkey 7.2 and above, Redis OSS engine version 6.2 to 7.1 and Memcached engine version 1.6.6 and above on all instances built on the [Nitro system](https://docs.aws.amazon.com/ec2/nitro/) .", - "title": "NetworkType", + "LocalGatewayId": { + "markdownDescription": "The ID of the local gateway.", + "title": "LocalGatewayId", "type": "string" }, - "NotificationTopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Simple Notification Service (SNS) topic to which notifications are sent.\n\n> The Amazon SNS topic owner must be the same as the cluster owner.", - "title": "NotificationTopicArn", + "NatGatewayId": { + "markdownDescription": "[IPv4 traffic only] The ID of a NAT gateway.", + "title": "NatGatewayId", "type": "string" }, - "NumCacheNodes": { - "markdownDescription": "The number of cache nodes that the cache cluster should have.\n\n> However, if the `PreferredAvailabilityZone` and `PreferredAvailabilityZones` properties were not previously specified and you don't specify any new values, an update requires [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "NumCacheNodes", - "type": "number" - }, - "Port": { - "markdownDescription": "The port number on which each of the cache nodes accepts connections.", - "title": "Port", - "type": "number" - }, - "PreferredAvailabilityZone": { - "markdownDescription": "The EC2 Availability Zone in which the cluster is created.\n\nAll nodes belonging to this cluster are placed in the preferred Availability Zone. If you want to create your nodes across multiple Availability Zones, use `PreferredAvailabilityZones` .\n\nDefault: System chosen Availability Zone.", - "title": "PreferredAvailabilityZone", + "NetworkInterfaceId": { + "markdownDescription": "The ID of a network interface.", + "title": "NetworkInterfaceId", "type": "string" }, - "PreferredAvailabilityZones": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the Availability Zones in which cache nodes are created. The order of the zones in the list is not important.\n\nThis option is only supported on Memcached.\n\n> If you are creating your cluster in an Amazon VPC (recommended) you can only locate nodes in Availability Zones that are associated with the subnets in the selected subnet group.\n> \n> The number of Availability Zones listed must equal the value of `NumCacheNodes` . \n\nIf you want all the nodes in the same Availability Zone, use `PreferredAvailabilityZone` instead, or repeat the Availability Zone multiple times in the list.\n\nDefault: System chosen Availability Zones.", - "title": "PreferredAvailabilityZones", - "type": "array" - }, - "PreferredMaintenanceWindow": { - "markdownDescription": "Specifies the weekly time range during which maintenance on the cluster is performed. It is specified as a range in the format ddd:hh24:mi-ddd:hh24:mi (24H Clock UTC). The minimum maintenance window is a 60 minute period.\n\nValid values for `ddd` are:\n\n- `sun`\n- `mon`\n- `tue`\n- `wed`\n- `thu`\n- `fri`\n- `sat`\n\nExample: `sun:23:00-mon:01:30`", - "title": "PreferredMaintenanceWindow", + "RouteTableId": { + "markdownDescription": "The ID of the route table for the route.", + "title": "RouteTableId", "type": "string" }, - "SnapshotArns": { - "items": { - "type": "string" - }, - "markdownDescription": "A single-element string list containing an Amazon Resource Name (ARN) that uniquely identifies a Valkey or Redis OSS RDB snapshot file stored in Amazon S3. The snapshot file is used to populate the node group (shard). The Amazon S3 object name in the ARN cannot contain any commas.\n\n> This parameter is only valid if the `Engine` parameter is `redis` . \n\nExample of an Amazon S3 ARN: `arn:aws:s3:::my_bucket/snapshot1.rdb`", - "title": "SnapshotArns", - "type": "array" - }, - "SnapshotName": { - "markdownDescription": "The name of a Valkey or Redis OSS snapshot from which to restore data into the new node group (shard). The snapshot status changes to `restoring` while the new node group (shard) is being created.\n\n> This parameter is only valid if the `Engine` parameter is `redis` .", - "title": "SnapshotName", + "TransitGatewayId": { + "markdownDescription": "The ID of a transit gateway.", + "title": "TransitGatewayId", "type": "string" }, - "SnapshotRetentionLimit": { - "markdownDescription": "The number of days for which ElastiCache retains automatic snapshots before deleting them. For example, if you set `SnapshotRetentionLimit` to 5, a snapshot taken today is retained for 5 days before being deleted.\n\n> This parameter is only valid if the `Engine` parameter is `redis` . \n\nDefault: 0 (i.e., automatic backups are disabled for this cache cluster).", - "title": "SnapshotRetentionLimit", - "type": "number" - }, - "SnapshotWindow": { - "markdownDescription": "The daily time range (in UTC) during which ElastiCache begins taking a daily snapshot of your node group (shard).\n\nExample: `05:00-09:00`\n\nIf you do not specify this parameter, ElastiCache automatically chooses an appropriate time range.\n\n> This parameter is only valid if the `Engine` parameter is `redis` .", - "title": "SnapshotWindow", + "VpcEndpointId": { + "markdownDescription": "The ID of a VPC endpoint. Supported for Gateway Load Balancer endpoints only.", + "title": "VpcEndpointId", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of tags to be added to this resource.", - "title": "Tags", - "type": "array" - }, - "TransitEncryptionEnabled": { - "markdownDescription": "A flag that enables in-transit encryption when set to true.", - "title": "TransitEncryptionEnabled", - "type": "boolean" - }, - "VpcSecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more VPC security groups associated with the cluster.\n\nUse this parameter only when you are creating a cluster in an Amazon Virtual Private Cloud (Amazon VPC).", - "title": "VpcSecurityGroupIds", - "type": "array" + "VpcPeeringConnectionId": { + "markdownDescription": "The ID of a VPC peering connection.", + "title": "VpcPeeringConnectionId", + "type": "string" } }, "required": [ - "CacheNodeType", - "Engine", - "NumCacheNodes" + "RouteTableId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElastiCache::CacheCluster" + "AWS::EC2::Route" ], "type": "string" }, @@ -90445,83 +96375,7 @@ ], "type": "object" }, - "AWS::ElastiCache::CacheCluster.CloudWatchLogsDestinationDetails": { - "additionalProperties": false, - "properties": { - "LogGroup": { - "markdownDescription": "The name of the CloudWatch Logs log group.", - "title": "LogGroup", - "type": "string" - } - }, - "required": [ - "LogGroup" - ], - "type": "object" - }, - "AWS::ElastiCache::CacheCluster.DestinationDetails": { - "additionalProperties": false, - "properties": { - "CloudWatchLogsDetails": { - "$ref": "#/definitions/AWS::ElastiCache::CacheCluster.CloudWatchLogsDestinationDetails", - "markdownDescription": "The configuration details of the CloudWatch Logs destination. Note that this field is marked as required but only if CloudWatch Logs was chosen as the destination.", - "title": "CloudWatchLogsDetails" - }, - "KinesisFirehoseDetails": { - "$ref": "#/definitions/AWS::ElastiCache::CacheCluster.KinesisFirehoseDestinationDetails", - "markdownDescription": "The configuration details of the Kinesis Data Firehose destination. Note that this field is marked as required but only if Kinesis Data Firehose was chosen as the destination.", - "title": "KinesisFirehoseDetails" - } - }, - "type": "object" - }, - "AWS::ElastiCache::CacheCluster.KinesisFirehoseDestinationDetails": { - "additionalProperties": false, - "properties": { - "DeliveryStream": { - "markdownDescription": "The name of the Kinesis Data Firehose delivery stream.", - "title": "DeliveryStream", - "type": "string" - } - }, - "required": [ - "DeliveryStream" - ], - "type": "object" - }, - "AWS::ElastiCache::CacheCluster.LogDeliveryConfigurationRequest": { - "additionalProperties": false, - "properties": { - "DestinationDetails": { - "$ref": "#/definitions/AWS::ElastiCache::CacheCluster.DestinationDetails", - "markdownDescription": "Configuration details of either a CloudWatch Logs destination or Kinesis Data Firehose destination.", - "title": "DestinationDetails" - }, - "DestinationType": { - "markdownDescription": "Specify either CloudWatch Logs or Kinesis Data Firehose as the destination type. Valid values are either `cloudwatch-logs` or `kinesis-firehose` .", - "title": "DestinationType", - "type": "string" - }, - "LogFormat": { - "markdownDescription": "Valid values are either `json` or `text` .", - "title": "LogFormat", - "type": "string" - }, - "LogType": { - "markdownDescription": "Valid value is either `slow-log` , which refers to [slow-log](https://docs.aws.amazon.com/https://redis.io/commands/slowlog) or `engine-log` .", - "title": "LogType", - "type": "string" - } - }, - "required": [ - "DestinationDetails", - "DestinationType", - "LogFormat", - "LogType" - ], - "type": "object" - }, - "AWS::ElastiCache::GlobalReplicationGroup": { + "AWS::EC2::RouteServer": { "additionalProperties": false, "properties": { "Condition": { @@ -90556,66 +96410,43 @@ "Properties": { "additionalProperties": false, "properties": { - "AutomaticFailoverEnabled": { - "markdownDescription": "Specifies whether a read-only replica is automatically promoted to read/write primary if the existing primary fails.\n\n`AutomaticFailoverEnabled` must be enabled for Valkey or Redis OSS (cluster mode enabled) replication groups.", - "title": "AutomaticFailoverEnabled", - "type": "boolean" - }, - "CacheNodeType": { - "markdownDescription": "The cache node type of the Global datastore", - "title": "CacheNodeType", - "type": "string" - }, - "CacheParameterGroupName": { - "markdownDescription": "The name of the cache parameter group to use with the Global datastore. It must be compatible with the major engine version used by the Global datastore.", - "title": "CacheParameterGroupName", - "type": "string" - }, - "EngineVersion": { - "markdownDescription": "The Elasticache Valkey or Redis OSS engine version.", - "title": "EngineVersion", - "type": "string" - }, - "GlobalNodeGroupCount": { - "markdownDescription": "The number of node groups that comprise the Global Datastore.", - "title": "GlobalNodeGroupCount", + "AmazonSideAsn": { + "markdownDescription": "The Border Gateway Protocol (BGP) Autonomous System Number (ASN) for the appliance. Valid values are from 1 to 4294967295. We recommend using a private ASN in the 64512\u201365534 (16-bit ASN) or 4200000000\u20134294967294 (32-bit ASN) range.", + "title": "AmazonSideAsn", "type": "number" }, - "GlobalReplicationGroupDescription": { - "markdownDescription": "The optional description of the Global datastore", - "title": "GlobalReplicationGroupDescription", + "PersistRoutes": { + "markdownDescription": "Indicates whether routes should be persisted after all BGP sessions are terminated.", + "title": "PersistRoutes", "type": "string" }, - "GlobalReplicationGroupIdSuffix": { - "markdownDescription": "The suffix name of a Global Datastore. The suffix guarantees uniqueness of the Global Datastore name across multiple regions.", - "title": "GlobalReplicationGroupIdSuffix", - "type": "string" + "PersistRoutesDuration": { + "markdownDescription": "The number of minutes a route server will wait after BGP is re-established to unpersist the routes in the FIB and RIB. Value must be in the range of 1-5. The default value is 1. Only valid if `persistRoutesState` is 'enabled'.\n\nIf you set the duration to 1 minute, then when your network appliance re-establishes BGP with route server, it has 1 minute to relearn it's adjacent network and advertise those routes to route server before route server resumes normal functionality. In most cases, 1 minute is probably sufficient. If, however, you have concerns that your BGP network may not be capable of fully re-establishing and re-learning everything in 1 minute, you can increase the duration up to 5 minutes.", + "title": "PersistRoutesDuration", + "type": "number" }, - "Members": { - "items": { - "$ref": "#/definitions/AWS::ElastiCache::GlobalReplicationGroup.GlobalReplicationGroupMember" - }, - "markdownDescription": "The replication groups that comprise the Global datastore.", - "title": "Members", - "type": "array" + "SnsNotificationsEnabled": { + "markdownDescription": "Indicates whether SNS notifications are enabled for the route server. Enabling SNS notifications persists BGP status changes to an SNS topic provisioned by AWS .", + "title": "SnsNotificationsEnabled", + "type": "boolean" }, - "RegionalConfigurations": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::ElastiCache::GlobalReplicationGroup.RegionalConfiguration" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The Regions that comprise the Global Datastore.", - "title": "RegionalConfigurations", + "markdownDescription": "Any tags assigned to the route server.", + "title": "Tags", "type": "array" } }, "required": [ - "Members" + "AmazonSideAsn" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElastiCache::GlobalReplicationGroup" + "AWS::EC2::RouteServer" ], "type": "string" }, @@ -90634,71 +96465,7 @@ ], "type": "object" }, - "AWS::ElastiCache::GlobalReplicationGroup.GlobalReplicationGroupMember": { - "additionalProperties": false, - "properties": { - "ReplicationGroupId": { - "markdownDescription": "The replication group id of the Global datastore member.", - "title": "ReplicationGroupId", - "type": "string" - }, - "ReplicationGroupRegion": { - "markdownDescription": "The Amazon region of the Global datastore member.", - "title": "ReplicationGroupRegion", - "type": "string" - }, - "Role": { - "markdownDescription": "Indicates the role of the replication group, `PRIMARY` or `SECONDARY` .", - "title": "Role", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ElastiCache::GlobalReplicationGroup.RegionalConfiguration": { - "additionalProperties": false, - "properties": { - "ReplicationGroupId": { - "markdownDescription": "The name of the secondary cluster", - "title": "ReplicationGroupId", - "type": "string" - }, - "ReplicationGroupRegion": { - "markdownDescription": "The Amazon region where the cluster is stored", - "title": "ReplicationGroupRegion", - "type": "string" - }, - "ReshardingConfigurations": { - "items": { - "$ref": "#/definitions/AWS::ElastiCache::GlobalReplicationGroup.ReshardingConfiguration" - }, - "markdownDescription": "A list of PreferredAvailabilityZones objects that specifies the configuration of a node group in the resharded cluster.", - "title": "ReshardingConfigurations", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ElastiCache::GlobalReplicationGroup.ReshardingConfiguration": { - "additionalProperties": false, - "properties": { - "NodeGroupId": { - "markdownDescription": "Either the ElastiCache supplied 4-digit id or a user supplied id for the node group these configuration values apply to.", - "title": "NodeGroupId", - "type": "string" - }, - "PreferredAvailabilityZones": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of preferred availability zones for the nodes in this cluster.", - "title": "PreferredAvailabilityZones", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ElastiCache::ParameterGroup": { + "AWS::EC2::RouteServerAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -90733,45 +96500,26 @@ "Properties": { "additionalProperties": false, "properties": { - "CacheParameterGroupFamily": { - "markdownDescription": "The name of the cache parameter group family that this cache parameter group is compatible with.\n\nValid values are: `valkey8` | `valkey7` | `memcached1.4` | `memcached1.5` | `memcached1.6` | `redis2.6` | `redis2.8` | `redis3.2` | `redis4.0` | `redis5.0` | `redis6.x` | `redis7`", - "title": "CacheParameterGroupFamily", + "RouteServerId": { + "markdownDescription": "The ID of the associated route server.", + "title": "RouteServerId", "type": "string" }, - "Description": { - "markdownDescription": "The description for this cache parameter group.", - "title": "Description", + "VpcId": { + "markdownDescription": "The ID of the associated VPC.", + "title": "VpcId", "type": "string" - }, - "Properties": { - "additionalProperties": true, - "markdownDescription": "A comma-delimited list of parameter name/value pairs.\n\nFor example:\n\n```\n\"Properties\" : { \"cas_disabled\" : \"1\", \"chunk_size_growth_factor\" : \"1.02\"\n}\n```", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Properties", - "type": "object" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A tag that can be added to an ElastiCache parameter group. Tags are composed of a Key/Value pair. You can use tags to categorize and track all your parameter groups. A tag with a null Value is permitted.", - "title": "Tags", - "type": "array" } }, "required": [ - "CacheParameterGroupFamily", - "Description" + "RouteServerId", + "VpcId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElastiCache::ParameterGroup" + "AWS::EC2::RouteServerAssociation" ], "type": "string" }, @@ -90790,7 +96538,7 @@ ], "type": "object" }, - "AWS::ElastiCache::ReplicationGroup": { + "AWS::EC2::RouteServerEndpoint": { "additionalProperties": false, "properties": { "Condition": { @@ -90825,234 +96573,34 @@ "Properties": { "additionalProperties": false, "properties": { - "AtRestEncryptionEnabled": { - "markdownDescription": "A flag that enables encryption at rest when set to `true` .\n\n*Required:* Only available when creating a replication group in an Amazon VPC using Redis OSS version `3.2.6` or `4.x` onward.\n\nDefault: `false`", - "title": "AtRestEncryptionEnabled", - "type": "boolean" + "RouteServerId": { + "markdownDescription": "The ID of the route server associated with this endpoint.", + "title": "RouteServerId", + "type": "string" }, - "AuthToken": { - "markdownDescription": "*Reserved parameter.* The password used to access a password protected server.\n\n`AuthToken` can be specified only on replication groups where `TransitEncryptionEnabled` is `true` . For more information, see [Authenticating Valkey or Redis OSS users with the AUTH Command](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/auth.html) .\n\n> For HIPAA compliance, you must specify `TransitEncryptionEnabled` as `true` , an `AuthToken` , and a `CacheSubnetGroup` . \n\nPassword constraints:\n\n- Must be only printable ASCII characters.\n- Must be at least 16 characters and no more than 128 characters in length.\n- Nonalphanumeric characters are restricted to (!, &, #, $, ^, <, >, -, ).\n\nFor more information, see [AUTH password](https://docs.aws.amazon.com/http://redis.io/commands/AUTH) at http://redis.io/commands/AUTH.\n\n> If ADDING the AuthToken, update requires [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "AuthToken", - "type": "string" - }, - "AutoMinorVersionUpgrade": { - "markdownDescription": "If you are running Valkey 7.2 or later, or Redis OSS 6.0 or later, set this parameter to yes if you want to opt-in to the next minor version upgrade campaign. This parameter is disabled for previous versions.", - "title": "AutoMinorVersionUpgrade", - "type": "boolean" - }, - "AutomaticFailoverEnabled": { - "markdownDescription": "Specifies whether a read-only replica is automatically promoted to read/write primary if the existing primary fails.\n\n`AutomaticFailoverEnabled` must be enabled for Valkey or Redis OSS (cluster mode enabled) replication groups.\n\nDefault: false", - "title": "AutomaticFailoverEnabled", - "type": "boolean" - }, - "CacheNodeType": { - "markdownDescription": "The compute and memory capacity of the nodes in the node group (shard).\n\nThe following node types are supported by ElastiCache. Generally speaking, the current generation types provide more memory and computational power at lower cost when compared to their equivalent previous generation counterparts.\n\n- General purpose:\n\n- Current generation:\n\n*M6g node types:* `cache.m6g.large` , `cache.m6g.xlarge` , `cache.m6g.2xlarge` , `cache.m6g.4xlarge` , `cache.m6g.12xlarge` , `cache.m6g.24xlarge`\n\n*M5 node types:* `cache.m5.large` , `cache.m5.xlarge` , `cache.m5.2xlarge` , `cache.m5.4xlarge` , `cache.m5.12xlarge` , `cache.m5.24xlarge`\n\n*M4 node types:* `cache.m4.large` , `cache.m4.xlarge` , `cache.m4.2xlarge` , `cache.m4.4xlarge` , `cache.m4.10xlarge`\n\n*T4g node types:* `cache.t4g.micro` , `cache.t4g.small` , `cache.t4g.medium`\n\n*T3 node types:* `cache.t3.micro` , `cache.t3.small` , `cache.t3.medium`\n\n*T2 node types:* `cache.t2.micro` , `cache.t2.small` , `cache.t2.medium`\n- Previous generation: (not recommended)\n\n*T1 node types:* `cache.t1.micro`\n\n*M1 node types:* `cache.m1.small` , `cache.m1.medium` , `cache.m1.large` , `cache.m1.xlarge`\n\n*M3 node types:* `cache.m3.medium` , `cache.m3.large` , `cache.m3.xlarge` , `cache.m3.2xlarge`\n- Compute optimized:\n\n- Previous generation: (not recommended)\n\n*C1 node types:* `cache.c1.xlarge`\n- Memory optimized:\n\n- Current generation:\n\n*R6gd node types:* `cache.r6gd.xlarge` , `cache.r6gd.2xlarge` , `cache.r6gd.4xlarge` , `cache.r6gd.8xlarge` , `cache.r6gd.12xlarge` , `cache.r6gd.16xlarge`\n\n> The `r6gd` family is available in the following regions: `us-east-2` , `us-east-1` , `us-west-2` , `us-west-1` , `eu-west-1` , `eu-central-1` , `ap-northeast-1` , `ap-southeast-1` , `ap-southeast-2` . \n\n*R6g node types:* `cache.r6g.large` , `cache.r6g.xlarge` , `cache.r6g.2xlarge` , `cache.r6g.4xlarge` , `cache.r6g.12xlarge` , `cache.r6g.24xlarge`\n\n*R5 node types:* `cache.r5.large` , `cache.r5.xlarge` , `cache.r5.2xlarge` , `cache.r5.4xlarge` , `cache.r5.12xlarge` , `cache.r5.24xlarge`\n\n*R4 node types:* `cache.r4.large` , `cache.r4.xlarge` , `cache.r4.2xlarge` , `cache.r4.4xlarge` , `cache.r4.8xlarge` , `cache.r4.16xlarge`\n- Previous generation: (not recommended)\n\n*M2 node types:* `cache.m2.xlarge` , `cache.m2.2xlarge` , `cache.m2.4xlarge`\n\n*R3 node types:* `cache.r3.large` , `cache.r3.xlarge` , `cache.r3.2xlarge` , `cache.r3.4xlarge` , `cache.r3.8xlarge`\n\nFor region availability, see [Supported Node Types by Amazon Region](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/CacheNodes.SupportedTypes.html#CacheNodes.SupportedTypesByRegion)", - "title": "CacheNodeType", - "type": "string" - }, - "CacheParameterGroupName": { - "markdownDescription": "The name of the parameter group to associate with this replication group. If this argument is omitted, the default cache parameter group for the specified engine is used.\n\nIf you are running Valkey or Redis OSS version 3.2.4 or later, only one node group (shard), and want to use a default parameter group, we recommend that you specify the parameter group by name.\n\n- To create a Valkey or Redis OSS (cluster mode disabled) replication group, use `CacheParameterGroupName=default.redis3.2` .\n- To create a Valkey or Redis OSS (cluster mode enabled) replication group, use `CacheParameterGroupName=default.redis3.2.cluster.on` .", - "title": "CacheParameterGroupName", - "type": "string" - }, - "CacheSecurityGroupNames": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of cache security group names to associate with this replication group.", - "title": "CacheSecurityGroupNames", - "type": "array" - }, - "CacheSubnetGroupName": { - "markdownDescription": "The name of the cache subnet group to be used for the replication group.\n\n> If you're going to launch your cluster in an Amazon VPC, you need to create a subnet group before you start creating a cluster. For more information, see [AWS::ElastiCache::SubnetGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticache-subnetgroup.html) .", - "title": "CacheSubnetGroupName", - "type": "string" - }, - "ClusterMode": { - "markdownDescription": "The mode can be enabled or disabled. To change the cluster mode from disabled to enabled, you must first set the cluster mode to compatible. The compatible mode allows your Valkey or Redis OSS clients to connect using both cluster mode enabled and cluster mode disabled. After you migrate all Valkey or Redis OSS clients to use cluster mode enabled, you can then complete cluster mode configuration and set the cluster mode to enabled. For more information, see [Modify cluster mode](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/modify-cluster-mode.html) .", - "title": "ClusterMode", - "type": "string" - }, - "DataTieringEnabled": { - "markdownDescription": "Enables data tiering. Data tiering is only supported for replication groups using the r6gd node type. This parameter must be set to true when using r6gd nodes. For more information, see [Data tiering](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/data-tiering.html) .", - "title": "DataTieringEnabled", - "type": "boolean" - }, - "Engine": { - "markdownDescription": "The name of the cache engine to be used for the clusters in this replication group. The value must be set to `valkey` or `redis` .\n\n> Upgrading an existing engine from redis to valkey is done through in-place migration, and requires a parameter group.", - "title": "Engine", - "type": "string" - }, - "EngineVersion": { - "markdownDescription": "The version number of the cache engine to be used for the clusters in this replication group. To view the supported cache engine versions, use the `DescribeCacheEngineVersions` operation.\n\n*Important:* You can upgrade to a newer engine version (see [Selecting a Cache Engine and Version](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/SelectEngine.html#VersionManagement) ) in the *ElastiCache User Guide* , but you cannot downgrade to an earlier engine version. If you want to use an earlier engine version, you must delete the existing cluster or replication group and create it anew with the earlier engine version.", - "title": "EngineVersion", - "type": "string" - }, - "GlobalReplicationGroupId": { - "markdownDescription": "The name of the Global datastore", - "title": "GlobalReplicationGroupId", - "type": "string" - }, - "IpDiscovery": { - "markdownDescription": "The network type you choose when creating a replication group, either `ipv4` | `ipv6` . IPv6 is supported for workloads using Valkey 7.2 and above, Redis OSS engine version 6.2 to 7.1 or Memcached engine version 1.6.6 and above on all instances built on the [Nitro system](https://docs.aws.amazon.com/ec2/nitro/) .", - "title": "IpDiscovery", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "The ID of the KMS key used to encrypt the disk on the cluster.", - "title": "KmsKeyId", - "type": "string" - }, - "LogDeliveryConfigurations": { - "items": { - "$ref": "#/definitions/AWS::ElastiCache::ReplicationGroup.LogDeliveryConfigurationRequest" - }, - "markdownDescription": "Specifies the destination, format and type of the logs.", - "title": "LogDeliveryConfigurations", - "type": "array" - }, - "MultiAZEnabled": { - "markdownDescription": "A flag indicating if you have Multi-AZ enabled to enhance fault tolerance. For more information, see [Minimizing Downtime: Multi-AZ](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/AutoFailover.html) .", - "title": "MultiAZEnabled", - "type": "boolean" - }, - "NetworkType": { - "markdownDescription": "Must be either `ipv4` | `ipv6` | `dual_stack` . IPv6 is supported for workloads using Valkey 7.2 and above, Redis OSS engine version 6.2 to 7.1 and Memcached engine version 1.6.6 and above on all instances built on the [Nitro system](https://docs.aws.amazon.com/ec2/nitro/) .", - "title": "NetworkType", - "type": "string" - }, - "NodeGroupConfiguration": { - "items": { - "$ref": "#/definitions/AWS::ElastiCache::ReplicationGroup.NodeGroupConfiguration" - }, - "markdownDescription": "`NodeGroupConfiguration` is a property of the `AWS::ElastiCache::ReplicationGroup` resource that configures an Amazon ElastiCache (ElastiCache) Valkey or Redis OSS cluster node group.\n\nIf you set [UseOnlineResharding](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-useonlineresharding) to `true` , you can update `NodeGroupConfiguration` without interruption. When `UseOnlineResharding` is set to `false` , or is not specified, updating `NodeGroupConfiguration` results in [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "NodeGroupConfiguration", - "type": "array" - }, - "NotificationTopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Simple Notification Service (SNS) topic to which notifications are sent.\n\n> The Amazon SNS topic owner must be the same as the cluster owner.", - "title": "NotificationTopicArn", - "type": "string" - }, - "NumCacheClusters": { - "markdownDescription": "The number of clusters this replication group initially has.\n\nThis parameter is not used if there is more than one node group (shard). You should use `ReplicasPerNodeGroup` instead.\n\nIf `AutomaticFailoverEnabled` is `true` , the value of this parameter must be at least 2. If `AutomaticFailoverEnabled` is `false` you can omit this parameter (it will default to 1), or you can explicitly set it to a value between 2 and 6.\n\nThe maximum permitted value for `NumCacheClusters` is 6 (1 primary plus 5 replicas).", - "title": "NumCacheClusters", - "type": "number" - }, - "NumNodeGroups": { - "markdownDescription": "An optional parameter that specifies the number of node groups (shards) for this Valkey or Redis OSS (cluster mode enabled) replication group. For Valkey or Redis OSS (cluster mode disabled) either omit this parameter or set it to 1.\n\nIf you set [UseOnlineResharding](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-useonlineresharding) to `true` , you can update `NumNodeGroups` without interruption. When `UseOnlineResharding` is set to `false` , or is not specified, updating `NumNodeGroups` results in [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .\n\nDefault: 1", - "title": "NumNodeGroups", - "type": "number" - }, - "Port": { - "markdownDescription": "The port number on which each member of the replication group accepts connections.", - "title": "Port", - "type": "number" - }, - "PreferredCacheClusterAZs": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of EC2 Availability Zones in which the replication group's clusters are created. The order of the Availability Zones in the list is the order in which clusters are allocated. The primary cluster is created in the first AZ in the list.\n\nThis parameter is not used if there is more than one node group (shard). You should use `NodeGroupConfiguration` instead.\n\n> If you are creating your replication group in an Amazon VPC (recommended), you can only locate clusters in Availability Zones associated with the subnets in the selected subnet group.\n> \n> The number of Availability Zones listed must equal the value of `NumCacheClusters` . \n\nDefault: system chosen Availability Zones.", - "title": "PreferredCacheClusterAZs", - "type": "array" - }, - "PreferredMaintenanceWindow": { - "markdownDescription": "Specifies the weekly time range during which maintenance on the cluster is performed. It is specified as a range in the format ddd:hh24:mi-ddd:hh24:mi (24H Clock UTC). The minimum maintenance window is a 60 minute period.\n\nValid values for `ddd` are:\n\n- `sun`\n- `mon`\n- `tue`\n- `wed`\n- `thu`\n- `fri`\n- `sat`\n\nExample: `sun:23:00-mon:01:30`", - "title": "PreferredMaintenanceWindow", - "type": "string" - }, - "PrimaryClusterId": { - "markdownDescription": "The identifier of the cluster that serves as the primary for this replication group. This cluster must already exist and have a status of `available` .\n\nThis parameter is not required if `NumCacheClusters` , `NumNodeGroups` , or `ReplicasPerNodeGroup` is specified.", - "title": "PrimaryClusterId", - "type": "string" - }, - "ReplicasPerNodeGroup": { - "markdownDescription": "An optional parameter that specifies the number of replica nodes in each node group (shard). Valid values are 0 to 5.", - "title": "ReplicasPerNodeGroup", - "type": "number" - }, - "ReplicationGroupDescription": { - "markdownDescription": "A user-created description for the replication group.", - "title": "ReplicationGroupDescription", - "type": "string" - }, - "ReplicationGroupId": { - "markdownDescription": "The replication group identifier. This parameter is stored as a lowercase string.\n\nConstraints:\n\n- A name must contain from 1 to 40 alphanumeric characters or hyphens.\n- The first character must be a letter.\n- A name cannot end with a hyphen or contain two consecutive hyphens.", - "title": "ReplicationGroupId", - "type": "string" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more Amazon VPC security groups associated with this replication group.\n\nUse this parameter only when you are creating a replication group in an Amazon Virtual Private Cloud (Amazon VPC).", - "title": "SecurityGroupIds", - "type": "array" - }, - "SnapshotArns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of Amazon Resource Names (ARN) that uniquely identify the Valkey or Redis OSS RDB snapshot files stored in Amazon S3. The snapshot files are used to populate the new replication group. The Amazon S3 object name in the ARN cannot contain any commas. The new replication group will have the number of node groups (console: shards) specified by the parameter *NumNodeGroups* or the number of node groups configured by *NodeGroupConfiguration* regardless of the number of ARNs specified here.\n\nExample of an Amazon S3 ARN: `arn:aws:s3:::my_bucket/snapshot1.rdb`", - "title": "SnapshotArns", - "type": "array" - }, - "SnapshotName": { - "markdownDescription": "The name of a snapshot from which to restore data into the new replication group. The snapshot status changes to `restoring` while the new replication group is being created.", - "title": "SnapshotName", - "type": "string" - }, - "SnapshotRetentionLimit": { - "markdownDescription": "The number of days for which ElastiCache retains automatic snapshots before deleting them. For example, if you set `SnapshotRetentionLimit` to 5, a snapshot that was taken today is retained for 5 days before being deleted.\n\nDefault: 0 (i.e., automatic backups are disabled for this cluster).", - "title": "SnapshotRetentionLimit", - "type": "number" - }, - "SnapshotWindow": { - "markdownDescription": "The daily time range (in UTC) during which ElastiCache begins taking a daily snapshot of your node group (shard).\n\nExample: `05:00-09:00`\n\nIf you do not specify this parameter, ElastiCache automatically chooses an appropriate time range.", - "title": "SnapshotWindow", - "type": "string" - }, - "SnapshottingClusterId": { - "markdownDescription": "The cluster ID that is used as the daily snapshot source for the replication group. This parameter cannot be set for Valkey or Redis OSS (cluster mode enabled) replication groups.", - "title": "SnapshottingClusterId", + "SubnetId": { + "markdownDescription": "The ID of the subnet to place the route server endpoint into.", + "title": "SubnetId", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tags to be added to this resource. Tags are comma-separated key,value pairs (e.g. Key= `myKey` , Value= `myKeyValue` . You can include multiple tags as shown following: Key= `myKey` , Value= `myKeyValue` Key= `mySecondKey` , Value= `mySecondKeyValue` . Tags on replication groups will be replicated to all nodes.", + "markdownDescription": "Any tags assigned to the route server endpoint.", "title": "Tags", "type": "array" - }, - "TransitEncryptionEnabled": { - "markdownDescription": "A flag that enables in-transit encryption when set to `true` .\n\nThis parameter is only available when creating a replication group in an Amazon VPC using Valkey version `7.2` and above, Redis OSS version `3.2.6` , or Redis OSS version `4.x` and above, and the cluster is being created in an Amazon VPC.\n\nIf you enable in-transit encryption, you must also specify a value for `CacheSubnetGroup` .\n\n> TransitEncryptionEnabled is required when creating a new valkey replication group. \n\nDefault: `false`\n\n> For HIPAA compliance, you must specify `TransitEncryptionEnabled` as `true` , an `AuthToken` , and a `CacheSubnetGroup` .", - "title": "TransitEncryptionEnabled", - "type": "boolean" - }, - "TransitEncryptionMode": { - "markdownDescription": "A setting that allows you to migrate your clients to use in-transit encryption, with no downtime.\n\nWhen setting `TransitEncryptionEnabled` to `true` , you can set your `TransitEncryptionMode` to `preferred` in the same request, to allow both encrypted and unencrypted connections at the same time. Once you migrate all your Valkey or Redis OSS clients to use encrypted connections you can modify the value to `required` to allow encrypted connections only.\n\nSetting `TransitEncryptionMode` to `required` is a two-step process that requires you to first set the `TransitEncryptionMode` to `preferred` , after that you can set `TransitEncryptionMode` to `required` .\n\nThis process will not trigger the replacement of the replication group.", - "title": "TransitEncryptionMode", - "type": "string" - }, - "UserGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The ID of user group to associate with the replication group.", - "title": "UserGroupIds", - "type": "array" } }, "required": [ - "ReplicationGroupDescription" + "RouteServerId", + "SubnetId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElastiCache::ReplicationGroup" + "AWS::EC2::RouteServerEndpoint" ], "type": "string" }, @@ -91071,117 +96619,110 @@ ], "type": "object" }, - "AWS::ElastiCache::ReplicationGroup.CloudWatchLogsDestinationDetails": { + "AWS::EC2::RouteServerPeer": { "additionalProperties": false, "properties": { - "LogGroup": { - "markdownDescription": "The name of the CloudWatch Logs log group.", - "title": "LogGroup", + "Condition": { "type": "string" - } - }, - "required": [ - "LogGroup" - ], - "type": "object" - }, - "AWS::ElastiCache::ReplicationGroup.DestinationDetails": { - "additionalProperties": false, - "properties": { - "CloudWatchLogsDetails": { - "$ref": "#/definitions/AWS::ElastiCache::ReplicationGroup.CloudWatchLogsDestinationDetails", - "markdownDescription": "The configuration details of the CloudWatch Logs destination. Note that this field is marked as required but only if CloudWatch Logs was chosen as the destination.", - "title": "CloudWatchLogsDetails" }, - "KinesisFirehoseDetails": { - "$ref": "#/definitions/AWS::ElastiCache::ReplicationGroup.KinesisFirehoseDestinationDetails", - "markdownDescription": "The configuration details of the Kinesis Data Firehose destination. Note that this field is marked as required but only if Kinesis Data Firehose was chosen as the destination.", - "title": "KinesisFirehoseDetails" - } - }, - "type": "object" - }, - "AWS::ElastiCache::ReplicationGroup.KinesisFirehoseDestinationDetails": { - "additionalProperties": false, - "properties": { - "DeliveryStream": { - "markdownDescription": "The name of the Kinesis Data Firehose delivery stream.", - "title": "DeliveryStream", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "required": [ - "DeliveryStream" - ], - "type": "object" - }, - "AWS::ElastiCache::ReplicationGroup.LogDeliveryConfigurationRequest": { - "additionalProperties": false, - "properties": { - "DestinationDetails": { - "$ref": "#/definitions/AWS::ElastiCache::ReplicationGroup.DestinationDetails", - "markdownDescription": "Configuration details of either a CloudWatch Logs destination or Kinesis Data Firehose destination.", - "title": "DestinationDetails" }, - "DestinationType": { - "markdownDescription": "Specify either CloudWatch Logs or Kinesis Data Firehose as the destination type. Valid values are either `cloudwatch-logs` or `kinesis-firehose` .", - "title": "DestinationType", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "LogFormat": { - "markdownDescription": "Valid values are either `json` or `text` .", - "title": "LogFormat", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "BgpOptions": { + "$ref": "#/definitions/AWS::EC2::RouteServerPeer.BgpOptions", + "markdownDescription": "The BGP configuration options for this peer, including ASN (Autonomous System Number) and BFD (Bidrectional Forwarding Detection) settings.", + "title": "BgpOptions" + }, + "PeerAddress": { + "markdownDescription": "The IPv4 address of the peer device.", + "title": "PeerAddress", + "type": "string" + }, + "RouteServerEndpointId": { + "markdownDescription": "The ID of the route server endpoint associated with this peer.", + "title": "RouteServerEndpointId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Any tags assigned to the route server peer.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "BgpOptions", + "PeerAddress", + "RouteServerEndpointId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::EC2::RouteServerPeer" + ], "type": "string" }, - "LogType": { - "markdownDescription": "Valid value is either `slow-log` , which refers to [slow-log](https://docs.aws.amazon.com/https://redis.io/commands/slowlog) or `engine-log` .", - "title": "LogType", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "DestinationDetails", - "DestinationType", - "LogFormat", - "LogType" + "Type", + "Properties" ], "type": "object" }, - "AWS::ElastiCache::ReplicationGroup.NodeGroupConfiguration": { + "AWS::EC2::RouteServerPeer.BgpOptions": { "additionalProperties": false, "properties": { - "NodeGroupId": { - "markdownDescription": "Either the ElastiCache supplied 4-digit id or a user supplied id for the node group these configuration values apply to.", - "title": "NodeGroupId", - "type": "string" - }, - "PrimaryAvailabilityZone": { - "markdownDescription": "The Availability Zone where the primary node of this node group (shard) is launched.", - "title": "PrimaryAvailabilityZone", - "type": "string" - }, - "ReplicaAvailabilityZones": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of Availability Zones to be used for the read replicas. The number of Availability Zones in this list must match the value of `ReplicaCount` or `ReplicasPerNodeGroup` if not specified.", - "title": "ReplicaAvailabilityZones", - "type": "array" - }, - "ReplicaCount": { - "markdownDescription": "The number of read replica nodes in this node group (shard).", - "title": "ReplicaCount", + "PeerAsn": { + "markdownDescription": "The Border Gateway Protocol (BGP) Autonomous System Number (ASN) for the appliance. Valid values are from 1 to 4294967295. We recommend using a private ASN in the 64512\u201365534 (16-bit ASN) or 4200000000\u20134294967294 (32-bit ASN) range.", + "title": "PeerAsn", "type": "number" }, - "Slots": { - "markdownDescription": "A string of comma-separated values where the first set of values are the slot numbers (zero based), and the second set of values are the keyspaces for each slot. The following example specifies three slots (numbered 0, 1, and 2): `0,1,2,0-4999,5000-9999,10000-16,383` .\n\nIf you don't specify a value, ElastiCache allocates keys equally among each slot.\n\nWhen you use an `UseOnlineResharding` update policy to update the number of node groups without interruption, ElastiCache evenly distributes the keyspaces between the specified number of slots. This cannot be updated later. Therefore, after updating the number of node groups in this way, you should remove the value specified for the `Slots` property of each `NodeGroupConfiguration` from the stack template, as it no longer reflects the actual values in each node group. For more information, see [UseOnlineResharding Policy](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-useonlineresharding) .", - "title": "Slots", + "PeerLivenessDetection": { + "markdownDescription": "The liveness detection protocol used for the BGP peer.\n\nThe requested liveness detection protocol for the BGP peer.\n\n- `bgp-keepalive` : The standard BGP keep alive mechanism ( [RFC4271](https://docs.aws.amazon.com/https://www.rfc-editor.org/rfc/rfc4271#page-21) ) that is stable but may take longer to fail-over in cases of network impact or router failure.\n- `bfd` : An additional Bidirectional Forwarding Detection (BFD) protocol ( [RFC5880](https://docs.aws.amazon.com/https://www.rfc-editor.org/rfc/rfc5880) ) that enables fast failover by using more sensitive liveness detection.\n\nDefaults to `bgp-keepalive` .", + "title": "PeerLivenessDetection", "type": "string" } }, "type": "object" }, - "AWS::ElastiCache::SecurityGroup": { + "AWS::EC2::RouteServerPropagation": { "additionalProperties": false, "properties": { "Condition": { @@ -91216,28 +96757,26 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description for the cache security group.", - "title": "Description", + "RouteServerId": { + "markdownDescription": "The ID of the route server configured for route propagation.", + "title": "RouteServerId", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A tag that can be added to an ElastiCache security group. Tags are composed of a Key/Value pair. You can use tags to categorize and track all your security groups. A tag with a null Value is permitted.", - "title": "Tags", - "type": "array" + "RouteTableId": { + "markdownDescription": "The ID of the route table configured for route server propagation.", + "title": "RouteTableId", + "type": "string" } }, "required": [ - "Description" + "RouteServerId", + "RouteTableId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElastiCache::SecurityGroup" + "AWS::EC2::RouteServerPropagation" ], "type": "string" }, @@ -91256,7 +96795,7 @@ ], "type": "object" }, - "AWS::ElastiCache::SecurityGroupIngress": { + "AWS::EC2::RouteTable": { "additionalProperties": false, "properties": { "Condition": { @@ -91291,31 +96830,28 @@ "Properties": { "additionalProperties": false, "properties": { - "CacheSecurityGroupName": { - "markdownDescription": "The name of the Cache Security Group to authorize.", - "title": "CacheSecurityGroupName", - "type": "string" - }, - "EC2SecurityGroupName": { - "markdownDescription": "Name of the EC2 Security Group to include in the authorization.", - "title": "EC2SecurityGroupName", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Any tags assigned to the route table.", + "title": "Tags", + "type": "array" }, - "EC2SecurityGroupOwnerId": { - "markdownDescription": "Specifies the Amazon Account ID of the owner of the EC2 security group specified in the EC2SecurityGroupName property. The Amazon access key ID is not an acceptable value.", - "title": "EC2SecurityGroupOwnerId", + "VpcId": { + "markdownDescription": "The ID of the VPC.", + "title": "VpcId", "type": "string" } }, "required": [ - "CacheSecurityGroupName", - "EC2SecurityGroupName" + "VpcId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElastiCache::SecurityGroupIngress" + "AWS::EC2::RouteTable" ], "type": "string" }, @@ -91334,7 +96870,7 @@ ], "type": "object" }, - "AWS::ElastiCache::ServerlessCache": { + "AWS::EC2::SecurityGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -91369,108 +96905,54 @@ "Properties": { "additionalProperties": false, "properties": { - "CacheUsageLimits": { - "$ref": "#/definitions/AWS::ElastiCache::ServerlessCache.CacheUsageLimits", - "markdownDescription": "The cache usage limit for the serverless cache.", - "title": "CacheUsageLimits" - }, - "DailySnapshotTime": { - "markdownDescription": "The daily time that a cache snapshot will be created. Default is NULL, i.e. snapshots will not be created at a specific time on a daily basis. Available for Valkey, Redis OSS and Serverless Memcached only.", - "title": "DailySnapshotTime", - "type": "string" - }, - "Description": { - "markdownDescription": "A description of the serverless cache.", - "title": "Description", - "type": "string" - }, - "Endpoint": { - "$ref": "#/definitions/AWS::ElastiCache::ServerlessCache.Endpoint", - "markdownDescription": "Represents the information required for client programs to connect to a cache node. This value is read-only.", - "title": "Endpoint" - }, - "Engine": { - "markdownDescription": "The engine the serverless cache is compatible with.", - "title": "Engine", - "type": "string" - }, - "FinalSnapshotName": { - "markdownDescription": "The name of the final snapshot taken of a cache before the cache is deleted.", - "title": "FinalSnapshotName", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "The ID of the AWS Key Management Service (KMS) key that is used to encrypt data at rest in the serverless cache.", - "title": "KmsKeyId", - "type": "string" - }, - "MajorEngineVersion": { - "markdownDescription": "The version number of the engine the serverless cache is compatible with.", - "title": "MajorEngineVersion", + "GroupDescription": { + "markdownDescription": "A description for the security group.\n\nConstraints: Up to 255 characters in length\n\nValid characters: a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*", + "title": "GroupDescription", "type": "string" }, - "ReaderEndpoint": { - "$ref": "#/definitions/AWS::ElastiCache::ServerlessCache.Endpoint", - "markdownDescription": "Represents the information required for client programs to connect to a cache node. This value is read-only.", - "title": "ReaderEndpoint" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the EC2 security groups associated with the serverless cache.", - "title": "SecurityGroupIds", - "type": "array" - }, - "ServerlessCacheName": { - "markdownDescription": "The unique identifier of the serverless cache.", - "title": "ServerlessCacheName", + "GroupName": { + "markdownDescription": "The name of the security group. Names are case-insensitive and must be unique within the VPC.\n\nConstraints: Up to 255 characters in length. Can't start with `sg-` .\n\nValid characters: a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*", + "title": "GroupName", "type": "string" }, - "SnapshotArnsToRestore": { + "SecurityGroupEgress": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EC2::SecurityGroup.Egress" }, - "markdownDescription": "The ARN of the snapshot from which to restore data into the new cache.", - "title": "SnapshotArnsToRestore", + "markdownDescription": "The outbound rules associated with the security group.", + "title": "SecurityGroupEgress", "type": "array" }, - "SnapshotRetentionLimit": { - "markdownDescription": "The current setting for the number of serverless cache snapshots the system will retain. Available for Valkey, Redis OSS and Serverless Memcached only.", - "title": "SnapshotRetentionLimit", - "type": "number" - }, - "SubnetIds": { + "SecurityGroupIngress": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EC2::SecurityGroup.Ingress" }, - "markdownDescription": "If no subnet IDs are given and your VPC is in us-west-1, then ElastiCache will select 2 default subnets across AZs in your VPC. For all other Regions, if no subnet IDs are given then ElastiCache will select 3 default subnets across AZs in your default VPC.", - "title": "SubnetIds", + "markdownDescription": "The inbound rules associated with the security group.", + "title": "SecurityGroupIngress", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tags to be added to this resource.", + "markdownDescription": "Any tags assigned to the security group.", "title": "Tags", "type": "array" }, - "UserGroupId": { - "markdownDescription": "The identifier of the user group associated with the serverless cache. Available for Valkey and Redis OSS only. Default is NULL.", - "title": "UserGroupId", + "VpcId": { + "markdownDescription": "The ID of the VPC for the security group. If you do not specify a VPC, the default is to use the default VPC for the Region. If there's no specified VPC and no default VPC, security group creation fails.", + "title": "VpcId", "type": "string" } }, "required": [ - "Engine", - "ServerlessCacheName" + "GroupDescription" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElastiCache::ServerlessCache" + "AWS::EC2::SecurityGroup" ], "type": "string" }, @@ -91489,79 +96971,115 @@ ], "type": "object" }, - "AWS::ElastiCache::ServerlessCache.CacheUsageLimits": { + "AWS::EC2::SecurityGroup.Egress": { "additionalProperties": false, "properties": { - "DataStorage": { - "$ref": "#/definitions/AWS::ElastiCache::ServerlessCache.DataStorage", - "markdownDescription": "The maximum data storage limit in the cache, expressed in Gigabytes.", - "title": "DataStorage" + "CidrIp": { + "markdownDescription": "The IPv4 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", + "title": "CidrIp", + "type": "string" }, - "ECPUPerSecond": { - "$ref": "#/definitions/AWS::ElastiCache::ServerlessCache.ECPUPerSecond", - "markdownDescription": "The number of ElastiCache Processing Units (ECPU) the cache can consume per second.", - "title": "ECPUPerSecond" - } - }, - "type": "object" - }, - "AWS::ElastiCache::ServerlessCache.DataStorage": { - "additionalProperties": false, - "properties": { - "Maximum": { - "markdownDescription": "The upper limit for data storage the cache is set to use.", - "title": "Maximum", - "type": "number" + "CidrIpv6": { + "markdownDescription": "The IPv6 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", + "title": "CidrIpv6", + "type": "string" }, - "Minimum": { - "markdownDescription": "The lower limit for data storage the cache is set to use.", - "title": "Minimum", + "Description": { + "markdownDescription": "A description for the security group rule.\n\nConstraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*", + "title": "Description", + "type": "string" + }, + "DestinationPrefixListId": { + "markdownDescription": "The prefix list IDs for the destination AWS service. This is the AWS service that you want to access through a VPC endpoint from instances associated with the security group.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .", + "title": "DestinationPrefixListId", + "type": "string" + }, + "DestinationSecurityGroupId": { + "markdownDescription": "The ID of the destination VPC security group.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .", + "title": "DestinationSecurityGroupId", + "type": "string" + }, + "FromPort": { + "markdownDescription": "If the protocol is TCP or UDP, this is the start of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP type or -1 (all ICMP types).", + "title": "FromPort", "type": "number" }, - "Unit": { - "markdownDescription": "The unit that the storage is measured in, in GB.", - "title": "Unit", + "IpProtocol": { + "markdownDescription": "The IP protocol name ( `tcp` , `udp` , `icmp` , `icmpv6` ) or number (see [Protocol Numbers](https://docs.aws.amazon.com/http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) ).\n\nUse `-1` to specify all protocols. When authorizing security group rules, specifying `-1` or a protocol number other than `tcp` , `udp` , `icmp` , or `icmpv6` allows traffic on all ports, regardless of any port range you specify. For `tcp` , `udp` , and `icmp` , you must specify a port range. For `icmpv6` , the port range is optional; if you omit the port range, traffic for all types and codes is allowed.", + "title": "IpProtocol", "type": "string" + }, + "ToPort": { + "markdownDescription": "If the protocol is TCP or UDP, this is the end of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP code or -1 (all ICMP codes). If the start port is -1 (all ICMP types), then the end port must be -1 (all ICMP codes).", + "title": "ToPort", + "type": "number" } }, "required": [ - "Unit" + "IpProtocol" ], "type": "object" }, - "AWS::ElastiCache::ServerlessCache.ECPUPerSecond": { + "AWS::EC2::SecurityGroup.Ingress": { "additionalProperties": false, "properties": { - "Maximum": { - "markdownDescription": "The configuration for the maximum number of ECPUs the cache can consume per second.", - "title": "Maximum", - "type": "number" + "CidrIp": { + "markdownDescription": "The IPv4 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `SourcePrefixListId` , or `SourceSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", + "title": "CidrIp", + "type": "string" }, - "Minimum": { - "markdownDescription": "The configuration for the minimum number of ECPUs the cache should be able consume per second.", - "title": "Minimum", + "CidrIpv6": { + "markdownDescription": "The IPv6 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `SourcePrefixListId` , or `SourceSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", + "title": "CidrIpv6", + "type": "string" + }, + "Description": { + "markdownDescription": "Updates the description of an ingress (inbound) security group rule. You can replace an existing description, or add a description to a rule that did not have one previously.\n\nConstraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*", + "title": "Description", + "type": "string" + }, + "FromPort": { + "markdownDescription": "If the protocol is TCP or UDP, this is the start of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP type or -1 (all ICMP types).", + "title": "FromPort", "type": "number" - } - }, - "type": "object" - }, - "AWS::ElastiCache::ServerlessCache.Endpoint": { - "additionalProperties": false, - "properties": { - "Address": { - "markdownDescription": "The DNS hostname of the cache node.", - "title": "Address", + }, + "IpProtocol": { + "markdownDescription": "The IP protocol name ( `tcp` , `udp` , `icmp` , `icmpv6` ) or number (see [Protocol Numbers](https://docs.aws.amazon.com/http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) ).\n\nUse `-1` to specify all protocols. When authorizing security group rules, specifying `-1` or a protocol number other than `tcp` , `udp` , `icmp` , or `icmpv6` allows traffic on all ports, regardless of any port range you specify. For `tcp` , `udp` , and `icmp` , you must specify a port range. For `icmpv6` , the port range is optional; if you omit the port range, traffic for all types and codes is allowed.", + "title": "IpProtocol", "type": "string" }, - "Port": { - "markdownDescription": "The port number that the cache engine is listening on.", - "title": "Port", + "SourcePrefixListId": { + "markdownDescription": "The ID of a prefix list.", + "title": "SourcePrefixListId", + "type": "string" + }, + "SourceSecurityGroupId": { + "markdownDescription": "The ID of the security group.", + "title": "SourceSecurityGroupId", + "type": "string" + }, + "SourceSecurityGroupName": { + "markdownDescription": "[Default VPC] The name of the source security group. You must specify either the security group ID or the security group name. You can't specify the group name in combination with an IP address range. Creates rules that grant full ICMP, UDP, and TCP access.\n\nFor security groups in a nondefault VPC, you must specify the group ID.", + "title": "SourceSecurityGroupName", "type": "string" + }, + "SourceSecurityGroupOwnerId": { + "markdownDescription": "[nondefault VPC] The AWS account ID for the source security group, if the source security group is in a different account. You can't specify this property with an IP address range. Creates rules that grant full ICMP, UDP, and TCP access.\n\nIf you specify `SourceSecurityGroupName` or `SourceSecurityGroupId` and that security group is owned by a different account than the account creating the stack, you must specify the `SourceSecurityGroupOwnerId` ; otherwise, this property is optional.", + "title": "SourceSecurityGroupOwnerId", + "type": "string" + }, + "ToPort": { + "markdownDescription": "If the protocol is TCP or UDP, this is the end of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP code or -1 (all ICMP codes). If the start port is -1 (all ICMP types), then the end port must be -1 (all ICMP codes).", + "title": "ToPort", + "type": "number" } }, + "required": [ + "IpProtocol" + ], "type": "object" }, - "AWS::ElastiCache::SubnetGroup": { + "AWS::EC2::SecurityGroupEgress": { "additionalProperties": false, "properties": { "Condition": { @@ -91596,42 +97114,61 @@ "Properties": { "additionalProperties": false, "properties": { - "CacheSubnetGroupName": { - "markdownDescription": "The name for the cache subnet group. This value is stored as a lowercase string.\n\nConstraints: Must contain no more than 255 alphanumeric characters or hyphens.\n\nExample: `mysubnetgroup`", - "title": "CacheSubnetGroupName", + "CidrIp": { + "markdownDescription": "The IPv4 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", + "title": "CidrIp", + "type": "string" + }, + "CidrIpv6": { + "markdownDescription": "The IPv6 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", + "title": "CidrIpv6", "type": "string" }, "Description": { - "markdownDescription": "The description for the cache subnet group.", + "markdownDescription": "The description of an egress (outbound) security group rule.\n\nConstraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*", "title": "Description", "type": "string" }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The EC2 subnet IDs for the cache subnet group.", - "title": "SubnetIds", - "type": "array" + "DestinationPrefixListId": { + "markdownDescription": "The prefix list IDs for an AWS service. This is the AWS service to access through a VPC endpoint from instances associated with the security group.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .", + "title": "DestinationPrefixListId", + "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A tag that can be added to an ElastiCache subnet group. Tags are composed of a Key/Value pair. You can use tags to categorize and track all your subnet groups. A tag with a null Value is permitted.", - "title": "Tags", - "type": "array" + "DestinationSecurityGroupId": { + "markdownDescription": "The ID of the security group.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .", + "title": "DestinationSecurityGroupId", + "type": "string" + }, + "FromPort": { + "markdownDescription": "If the protocol is TCP or UDP, this is the start of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP type or -1 (all ICMP types).", + "title": "FromPort", + "type": "number" + }, + "GroupId": { + "markdownDescription": "The ID of the security group. You must specify either the security group ID or the security group name in the request. For security groups in a nondefault VPC, you must specify the security group ID.", + "title": "GroupId", + "type": "string" + }, + "IpProtocol": { + "markdownDescription": "The IP protocol name ( `tcp` , `udp` , `icmp` , `icmpv6` ) or number (see [Protocol Numbers](https://docs.aws.amazon.com/http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) ).\n\nUse `-1` to specify all protocols. When authorizing security group rules, specifying `-1` or a protocol number other than `tcp` , `udp` , `icmp` , or `icmpv6` allows traffic on all ports, regardless of any port range you specify. For `tcp` , `udp` , and `icmp` , you must specify a port range. For `icmpv6` , the port range is optional; if you omit the port range, traffic for all types and codes is allowed.", + "title": "IpProtocol", + "type": "string" + }, + "ToPort": { + "markdownDescription": "If the protocol is TCP or UDP, this is the end of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP code or -1 (all ICMP codes). If the start port is -1 (all ICMP types), then the end port must be -1 (all ICMP codes).", + "title": "ToPort", + "type": "number" } }, "required": [ - "Description", - "SubnetIds" + "GroupId", + "IpProtocol" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElastiCache::SubnetGroup" + "AWS::EC2::SecurityGroupEgress" ], "type": "string" }, @@ -91650,7 +97187,7 @@ ], "type": "object" }, - "AWS::ElastiCache::User": { + "AWS::EC2::SecurityGroupIngress": { "additionalProperties": false, "properties": { "Condition": { @@ -91685,63 +97222,75 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessString": { - "markdownDescription": "Access permissions string used for this user.", - "title": "AccessString", + "CidrIp": { + "markdownDescription": "The IPv4 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `SourcePrefixListId` , or `SourceSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", + "title": "CidrIp", "type": "string" }, - "AuthenticationMode": { - "$ref": "#/definitions/AWS::ElastiCache::User.AuthenticationMode", - "markdownDescription": "Specifies the authentication mode to use. Below is an example of the possible JSON values:\n\n```\n{ Passwords: [\"*****\", \"******\"] // If Type is password.\n}\n```", - "title": "AuthenticationMode" + "CidrIpv6": { + "markdownDescription": "The IPv6 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `SourcePrefixListId` , or `SourceSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", + "title": "CidrIpv6", + "type": "string" }, - "Engine": { - "markdownDescription": "The current supported values are valkey and redis.", - "title": "Engine", + "Description": { + "markdownDescription": "Updates the description of an ingress (inbound) security group rule. You can replace an existing description, or add a description to a rule that did not have one previously.\n\nConstraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*", + "title": "Description", "type": "string" }, - "NoPasswordRequired": { - "markdownDescription": "Indicates a password is not required for this user.", - "title": "NoPasswordRequired", - "type": "boolean" + "FromPort": { + "markdownDescription": "The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type number. A value of `-1` indicates all ICMP/ICMPv6 types. If you specify all ICMP/ICMPv6 types, you must specify all codes.\n\nUse this for ICMP and any protocol that uses ports.", + "title": "FromPort", + "type": "number" }, - "Passwords": { - "items": { - "type": "string" - }, - "markdownDescription": "Passwords used for this user. You can create up to two passwords for each user.", - "title": "Passwords", - "type": "array" + "GroupId": { + "markdownDescription": "The ID of the security group.", + "title": "GroupId", + "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The list of tags.", - "title": "Tags", - "type": "array" + "GroupName": { + "markdownDescription": "[Default VPC] The name of the security group. For security groups for a default VPC you can specify either the ID or the name of the security group. For security groups for a nondefault VPC, you must specify the ID of the security group.", + "title": "GroupName", + "type": "string" }, - "UserId": { - "markdownDescription": "The ID of the user.", - "title": "UserId", + "IpProtocol": { + "markdownDescription": "The IP protocol name ( `tcp` , `udp` , `icmp` , `icmpv6` ) or number (see [Protocol Numbers](https://docs.aws.amazon.com/http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) ).\n\nUse `-1` to specify all protocols. When authorizing security group rules, specifying `-1` or a protocol number other than `tcp` , `udp` , `icmp` , or `icmpv6` allows traffic on all ports, regardless of any port range you specify. For `tcp` , `udp` , and `icmp` , you must specify a port range. For `icmpv6` , the port range is optional; if you omit the port range, traffic for all types and codes is allowed.", + "title": "IpProtocol", "type": "string" }, - "UserName": { - "markdownDescription": "The username of the user.", - "title": "UserName", + "SourcePrefixListId": { + "markdownDescription": "The ID of a prefix list.", + "title": "SourcePrefixListId", + "type": "string" + }, + "SourceSecurityGroupId": { + "markdownDescription": "The ID of the security group. You must specify either the security group ID or the security group name. For security groups in a nondefault VPC, you must specify the security group ID.", + "title": "SourceSecurityGroupId", + "type": "string" + }, + "SourceSecurityGroupName": { + "markdownDescription": "[Default VPC] The name of the source security group. You must specify either the security group ID or the security group name. You can't specify the group name in combination with an IP address range. Creates rules that grant full ICMP, UDP, and TCP access.\n\nFor security groups in a nondefault VPC, you must specify the group ID.", + "title": "SourceSecurityGroupName", + "type": "string" + }, + "SourceSecurityGroupOwnerId": { + "markdownDescription": "[nondefault VPC] The AWS account ID for the source security group, if the source security group is in a different account. You can't specify this property with an IP address range. Creates rules that grant full ICMP, UDP, and TCP access.\n\nIf you specify `SourceSecurityGroupName` or `SourceSecurityGroupId` and that security group is owned by a different account than the account creating the stack, you must specify `SourceSecurityGroupOwnerId` ; otherwise, this property is optional.", + "title": "SourceSecurityGroupOwnerId", "type": "string" + }, + "ToPort": { + "markdownDescription": "The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code. A value of `-1` indicates all ICMP/ICMPv6 codes for the specified ICMP type. If you specify all ICMP/ICMPv6 types, you must specify all codes.\n\nUse this for ICMP and any protocol that uses ports.", + "title": "ToPort", + "type": "number" } }, "required": [ - "Engine", - "UserId", - "UserName" + "IpProtocol" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElastiCache::User" + "AWS::EC2::SecurityGroupIngress" ], "type": "string" }, @@ -91760,29 +97309,7 @@ ], "type": "object" }, - "AWS::ElastiCache::User.AuthenticationMode": { - "additionalProperties": false, - "properties": { - "Passwords": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the passwords to use for authentication if `Type` is set to `password` .", - "title": "Passwords", - "type": "array" - }, - "Type": { - "markdownDescription": "Specifies the authentication type. Possible options are IAM authentication, password and no password.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::ElastiCache::UserGroup": { + "AWS::EC2::SecurityGroupVpcAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -91817,43 +97344,26 @@ "Properties": { "additionalProperties": false, "properties": { - "Engine": { - "markdownDescription": "The current supported values are valkey and redis.", - "title": "Engine", + "GroupId": { + "markdownDescription": "The association's security group ID.", + "title": "GroupId", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The list of tags.", - "title": "Tags", - "type": "array" - }, - "UserGroupId": { - "markdownDescription": "The ID of the user group.", - "title": "UserGroupId", + "VpcId": { + "markdownDescription": "The association's VPC ID.", + "title": "VpcId", "type": "string" - }, - "UserIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of user IDs that belong to the user group. A user named `default` must be included.", - "title": "UserIds", - "type": "array" } }, "required": [ - "Engine", - "UserGroupId", - "UserIds" + "GroupId", + "VpcId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElastiCache::UserGroup" + "AWS::EC2::SecurityGroupVpcAssociation" ], "type": "string" }, @@ -91872,7 +97382,7 @@ ], "type": "object" }, - "AWS::ElasticBeanstalk::Application": { + "AWS::EC2::SnapshotBlockPublicAccess": { "additionalProperties": false, "properties": { "Condition": { @@ -91907,27 +97417,20 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationName": { - "markdownDescription": "A name for the Elastic Beanstalk application. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the application name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "ApplicationName", - "type": "string" - }, - "Description": { - "markdownDescription": "Your description of the application.", - "title": "Description", + "State": { + "markdownDescription": "The mode in which to enable block public access for snapshots for the Region. Specify one of the following values:\n\n- `block-all-sharing` - Prevents all public sharing of snapshots in the Region. Users in the account will no longer be able to request new public sharing. Additionally, snapshots that are already publicly shared are treated as private and they are no longer publicly available.\n\n> If you enable block public access for snapshots in `block-all-sharing` mode, it does not change the permissions for snapshots that are already publicly shared. Instead, it prevents these snapshots from be publicly visible and publicly accessible. Therefore, the attributes for these snapshots still indicate that they are publicly shared, even though they are not publicly available.\n- `block-new-sharing` - Prevents only new public sharing of snapshots in the Region. Users in the account will no longer be able to request new public sharing. However, snapshots that are already publicly shared, remain publicly available.", + "title": "State", "type": "string" - }, - "ResourceLifecycleConfig": { - "$ref": "#/definitions/AWS::ElasticBeanstalk::Application.ApplicationResourceLifecycleConfig", - "markdownDescription": "Specifies an application resource lifecycle configuration to prevent your application from accumulating too many versions.", - "title": "ResourceLifecycleConfig" } }, + "required": [ + "State" + ], "type": "object" }, "Type": { "enum": [ - "AWS::ElasticBeanstalk::Application" + "AWS::EC2::SnapshotBlockPublicAccess" ], "type": "string" }, @@ -91941,85 +97444,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::ElasticBeanstalk::Application.ApplicationResourceLifecycleConfig": { - "additionalProperties": false, - "properties": { - "ServiceRole": { - "markdownDescription": "The ARN of an IAM service role that Elastic Beanstalk has permission to assume.\n\nThe `ServiceRole` property is required the first time that you provide a `ResourceLifecycleConfig` for the application. After you provide it once, Elastic Beanstalk persists the Service Role with the application, and you don't need to specify it again. You can, however, specify it in subsequent updates to change the Service Role to another value.", - "title": "ServiceRole", - "type": "string" - }, - "VersionLifecycleConfig": { - "$ref": "#/definitions/AWS::ElasticBeanstalk::Application.ApplicationVersionLifecycleConfig", - "markdownDescription": "Defines lifecycle settings for application versions.", - "title": "VersionLifecycleConfig" - } - }, - "type": "object" - }, - "AWS::ElasticBeanstalk::Application.ApplicationVersionLifecycleConfig": { - "additionalProperties": false, - "properties": { - "MaxAgeRule": { - "$ref": "#/definitions/AWS::ElasticBeanstalk::Application.MaxAgeRule", - "markdownDescription": "Specify a max age rule to restrict the length of time that application versions are retained for an application.", - "title": "MaxAgeRule" - }, - "MaxCountRule": { - "$ref": "#/definitions/AWS::ElasticBeanstalk::Application.MaxCountRule", - "markdownDescription": "Specify a max count rule to restrict the number of application versions that are retained for an application.", - "title": "MaxCountRule" - } - }, - "type": "object" - }, - "AWS::ElasticBeanstalk::Application.MaxAgeRule": { - "additionalProperties": false, - "properties": { - "DeleteSourceFromS3": { - "markdownDescription": "Set to `true` to delete a version's source bundle from Amazon S3 when Elastic Beanstalk deletes the application version.", - "title": "DeleteSourceFromS3", - "type": "boolean" - }, - "Enabled": { - "markdownDescription": "Specify `true` to apply the rule, or `false` to disable it.", - "title": "Enabled", - "type": "boolean" - }, - "MaxAgeInDays": { - "markdownDescription": "Specify the number of days to retain an application versions.", - "title": "MaxAgeInDays", - "type": "number" - } - }, - "type": "object" - }, - "AWS::ElasticBeanstalk::Application.MaxCountRule": { - "additionalProperties": false, - "properties": { - "DeleteSourceFromS3": { - "markdownDescription": "Set to `true` to delete a version's source bundle from Amazon S3 when Elastic Beanstalk deletes the application version.", - "title": "DeleteSourceFromS3", - "type": "boolean" - }, - "Enabled": { - "markdownDescription": "Specify `true` to apply the rule, or `false` to disable it.", - "title": "Enabled", - "type": "boolean" - }, - "MaxCount": { - "markdownDescription": "Specify the maximum number of application versions to retain.", - "title": "MaxCount", - "type": "number" - } - }, - "type": "object" - }, - "AWS::ElasticBeanstalk::ApplicationVersion": { + "AWS::EC2::SpotFleet": { "additionalProperties": false, "properties": { "Condition": { @@ -92054,31 +97484,20 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationName": { - "markdownDescription": "The name of the Elastic Beanstalk application that is associated with this application version.", - "title": "ApplicationName", - "type": "string" - }, - "Description": { - "markdownDescription": "A description of this application version.", - "title": "Description", - "type": "string" - }, - "SourceBundle": { - "$ref": "#/definitions/AWS::ElasticBeanstalk::ApplicationVersion.SourceBundle", - "markdownDescription": "The Amazon S3 bucket and key that identify the location of the source bundle for this version.\n\n> The Amazon S3 bucket must be in the same region as the environment.", - "title": "SourceBundle" + "SpotFleetRequestConfigData": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotFleetRequestConfigData", + "markdownDescription": "Describes the configuration of a Spot Fleet request.", + "title": "SpotFleetRequestConfigData" } }, "required": [ - "ApplicationName", - "SourceBundle" + "SpotFleetRequestConfigData" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElasticBeanstalk::ApplicationVersion" + "AWS::EC2::SpotFleet" ], "type": "string" }, @@ -92097,1194 +97516,1020 @@ ], "type": "object" }, - "AWS::ElasticBeanstalk::ApplicationVersion.SourceBundle": { + "AWS::EC2::SpotFleet.AcceleratorCountRequest": { "additionalProperties": false, "properties": { - "S3Bucket": { - "markdownDescription": "The Amazon S3 bucket where the data is located.", - "title": "S3Bucket", - "type": "string" + "Max": { + "markdownDescription": "The maximum number of accelerators. To specify no maximum limit, omit this parameter. To exclude accelerator-enabled instance types, set `Max` to `0` .", + "title": "Max", + "type": "number" }, - "S3Key": { - "markdownDescription": "The Amazon S3 key where the data is located.", - "title": "S3Key", - "type": "string" + "Min": { + "markdownDescription": "The minimum number of accelerators. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" } }, - "required": [ - "S3Bucket", - "S3Key" - ], "type": "object" }, - "AWS::ElasticBeanstalk::ConfigurationTemplate": { + "AWS::EC2::SpotFleet.AcceleratorTotalMemoryMiBRequest": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Max": { + "markdownDescription": "The maximum amount of accelerator memory, in MiB. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" }, - "Metadata": { - "type": "object" + "Min": { + "markdownDescription": "The minimum amount of accelerator memory, in MiB. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::SpotFleet.BaselineEbsBandwidthMbpsRequest": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum baseline bandwidth, in Mbps. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ApplicationName": { - "markdownDescription": "The name of the Elastic Beanstalk application to associate with this configuration template.", - "title": "ApplicationName", - "type": "string" - }, - "Description": { - "markdownDescription": "An optional description for this configuration.", - "title": "Description", - "type": "string" - }, - "EnvironmentId": { - "markdownDescription": "The ID of an environment whose settings you want to use to create the configuration template. You must specify `EnvironmentId` if you don't specify `PlatformArn` , `SolutionStackName` , or `SourceConfiguration` .", - "title": "EnvironmentId", - "type": "string" - }, - "OptionSettings": { - "items": { - "$ref": "#/definitions/AWS::ElasticBeanstalk::ConfigurationTemplate.ConfigurationOptionSetting" - }, - "markdownDescription": "Option values for the Elastic Beanstalk configuration, such as the instance type. If specified, these values override the values obtained from the solution stack or the source configuration template. For a complete list of Elastic Beanstalk configuration options, see [Option Values](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/command-options.html) in the *AWS Elastic Beanstalk Developer Guide* .", - "title": "OptionSettings", - "type": "array" - }, - "PlatformArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the custom platform. For more information, see [Custom Platforms](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/custom-platforms.html) in the *AWS Elastic Beanstalk Developer Guide* .\n\n> If you specify `PlatformArn` , then don't specify `SolutionStackName` .", - "title": "PlatformArn", - "type": "string" - }, - "SolutionStackName": { - "markdownDescription": "The name of an Elastic Beanstalk solution stack (platform version) that this configuration uses. For example, `64bit Amazon Linux 2013.09 running Tomcat 7 Java 7` . A solution stack specifies the operating system, runtime, and application server for a configuration template. It also determines the set of configuration options as well as the possible and default values. For more information, see [Supported Platforms](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/concepts.platforms.html) in the *AWS Elastic Beanstalk Developer Guide* .\n\nYou must specify `SolutionStackName` if you don't specify `PlatformArn` , `EnvironmentId` , or `SourceConfiguration` .\n\nUse the [`ListAvailableSolutionStacks`](https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_ListAvailableSolutionStacks.html) API to obtain a list of available solution stacks.", - "title": "SolutionStackName", - "type": "string" - }, - "SourceConfiguration": { - "$ref": "#/definitions/AWS::ElasticBeanstalk::ConfigurationTemplate.SourceConfiguration", - "markdownDescription": "An Elastic Beanstalk configuration template to base this one on. If specified, Elastic Beanstalk uses the configuration values from the specified configuration template to create a new configuration.\n\nValues specified in `OptionSettings` override any values obtained from the `SourceConfiguration` .\n\nYou must specify `SourceConfiguration` if you don't specify `PlatformArn` , `EnvironmentId` , or `SolutionStackName` .\n\nConstraint: If both solution stack name and source configuration are specified, the solution stack of the source configuration template must match the specified solution stack name.", - "title": "SourceConfiguration" - } - }, - "required": [ - "ApplicationName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::ElasticBeanstalk::ConfigurationTemplate" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Min": { + "markdownDescription": "The minimum baseline bandwidth, in Mbps. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::ElasticBeanstalk::ConfigurationTemplate.ConfigurationOptionSetting": { + "AWS::EC2::SpotFleet.BaselinePerformanceFactorsRequest": { "additionalProperties": false, "properties": { - "Namespace": { - "markdownDescription": "A unique namespace that identifies the option's associated AWS resource.", - "title": "Namespace", - "type": "string" - }, - "OptionName": { - "markdownDescription": "The name of the configuration option.", - "title": "OptionName", - "type": "string" - }, - "ResourceName": { - "markdownDescription": "A unique resource name for the option setting. Use it for a time\u2013based scaling configuration option.", - "title": "ResourceName", - "type": "string" - }, - "Value": { - "markdownDescription": "The current value for the configuration option.", - "title": "Value", - "type": "string" + "Cpu": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.CpuPerformanceFactorRequest", + "markdownDescription": "The CPU performance to consider, using an instance family as the baseline reference.", + "title": "Cpu" } }, - "required": [ - "Namespace", - "OptionName" - ], "type": "object" }, - "AWS::ElasticBeanstalk::ConfigurationTemplate.SourceConfiguration": { + "AWS::EC2::SpotFleet.BlockDeviceMapping": { "additionalProperties": false, "properties": { - "ApplicationName": { - "markdownDescription": "The name of the application associated with the configuration.", - "title": "ApplicationName", + "DeviceName": { + "markdownDescription": "The device name (for example, `/dev/sdh` or `xvdh` ).", + "title": "DeviceName", "type": "string" }, - "TemplateName": { - "markdownDescription": "The name of the configuration template.", - "title": "TemplateName", + "Ebs": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.EbsBlockDevice", + "markdownDescription": "Parameters used to automatically set up EBS volumes when the instance is launched.", + "title": "Ebs" + }, + "NoDevice": { + "markdownDescription": "To omit the device from the block device mapping, specify an empty string. When this property is specified, the device is removed from the block device mapping regardless of the assigned value.", + "title": "NoDevice", + "type": "string" + }, + "VirtualName": { + "markdownDescription": "The virtual device name ( `ephemeral` N). Instance store volumes are numbered starting from 0. An instance type with 2 available instance store volumes can specify mappings for `ephemeral0` and `ephemeral1` . The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume.\n\nNVMe instance store volumes are automatically enumerated and assigned a device name. Including them in your block device mapping has no effect.\n\nConstraints: For M3 instances, you must specify instance store volumes in the block device mapping for the instance. When you launch an M3 instance, we ignore any instance store volumes specified in the block device mapping for the AMI.", + "title": "VirtualName", "type": "string" } }, "required": [ - "ApplicationName", - "TemplateName" + "DeviceName" ], "type": "object" }, - "AWS::ElasticBeanstalk::Environment": { + "AWS::EC2::SpotFleet.ClassicLoadBalancer": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ApplicationName": { - "markdownDescription": "The name of the application that is associated with this environment.", - "title": "ApplicationName", - "type": "string" - }, - "CNAMEPrefix": { - "markdownDescription": "If specified, the environment attempts to use this value as the prefix for the CNAME in your Elastic Beanstalk environment URL. If not specified, the CNAME is generated automatically by appending a random alphanumeric string to the environment name.", - "title": "CNAMEPrefix", - "type": "string" - }, - "Description": { - "markdownDescription": "Your description for this environment.", - "title": "Description", - "type": "string" - }, - "EnvironmentName": { - "markdownDescription": "A unique name for the environment.\n\nConstraint: Must be from 4 to 40 characters in length. The name can contain only letters, numbers, and hyphens. It can't start or end with a hyphen. This name must be unique within a region in your account.\n\nIf you don't specify the `CNAMEPrefix` parameter, the environment name becomes part of the CNAME, and therefore part of the visible URL for your application.\n\nIf you don't specify an environment name, AWS CloudFormation generates a unique physical ID and uses that ID for the environment name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "EnvironmentName", - "type": "string" - }, - "OperationsRole": { - "markdownDescription": "> The operations role feature of AWS Elastic Beanstalk is in beta release and is subject to change. \n\nThe Amazon Resource Name (ARN) of an existing IAM role to be used as the environment's operations role. If specified, Elastic Beanstalk uses the operations role for permissions to downstream services during this call and during subsequent calls acting on this environment. To specify an operations role, you must have the `iam:PassRole` permission for the role.", - "title": "OperationsRole", - "type": "string" - }, - "OptionSettings": { - "items": { - "$ref": "#/definitions/AWS::ElasticBeanstalk::Environment.OptionSetting" - }, - "markdownDescription": "Key-value pairs defining configuration options for this environment, such as the instance type. These options override the values that are defined in the solution stack or the [configuration template](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-beanstalk-configurationtemplate.html) . If you remove any options during a stack update, the removed options retain their current values.", - "title": "OptionSettings", - "type": "array" - }, - "PlatformArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the custom platform to use with the environment. For more information, see [Custom Platforms](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/custom-platforms.html) in the *AWS Elastic Beanstalk Developer Guide* .\n\n> If you specify `PlatformArn` , don't specify `SolutionStackName` .", - "title": "PlatformArn", - "type": "string" - }, - "SolutionStackName": { - "markdownDescription": "The name of an Elastic Beanstalk solution stack (platform version) to use with the environment. If specified, Elastic Beanstalk sets the configuration values to the default values associated with the specified solution stack. For a list of current solution stacks, see [Elastic Beanstalk Supported Platforms](https://docs.aws.amazon.com/elasticbeanstalk/latest/platforms/platforms-supported.html) in the *AWS Elastic Beanstalk Platforms* guide.\n\n> If you specify `SolutionStackName` , don't specify `PlatformArn` or `TemplateName` .", - "title": "SolutionStackName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Specifies the tags applied to resources in the environment.", - "title": "Tags", - "type": "array" - }, - "TemplateName": { - "markdownDescription": "The name of the Elastic Beanstalk configuration template to use with the environment.\n\n> If you specify `TemplateName` , then don't specify `SolutionStackName` .", - "title": "TemplateName", - "type": "string" - }, - "Tier": { - "$ref": "#/definitions/AWS::ElasticBeanstalk::Environment.Tier", - "markdownDescription": "Specifies the tier to use in creating this environment. The environment tier that you choose determines whether Elastic Beanstalk provisions resources to support a web application that handles HTTP(S) requests or a web application that handles background-processing tasks.", - "title": "Tier" - }, - "VersionLabel": { - "markdownDescription": "The name of the application version to deploy.\n\nDefault: If not specified, Elastic Beanstalk attempts to deploy the sample application.", - "title": "VersionLabel", - "type": "string" - } - }, - "required": [ - "ApplicationName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::ElasticBeanstalk::Environment" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "The name of the load balancer.", + "title": "Name", "type": "string" } }, "required": [ - "Type", - "Properties" + "Name" ], "type": "object" }, - "AWS::ElasticBeanstalk::Environment.OptionSetting": { + "AWS::EC2::SpotFleet.ClassicLoadBalancersConfig": { "additionalProperties": false, "properties": { - "Namespace": { - "markdownDescription": "A unique namespace that identifies the option's associated AWS resource.", - "title": "Namespace", - "type": "string" - }, - "OptionName": { - "markdownDescription": "The name of the configuration option.", - "title": "OptionName", - "type": "string" - }, - "ResourceName": { - "markdownDescription": "A unique resource name for the option setting. Use it for a time\u2013based scaling configuration option.", - "title": "ResourceName", - "type": "string" - }, - "Value": { - "markdownDescription": "The current value for the configuration option.", - "title": "Value", - "type": "string" + "ClassicLoadBalancers": { + "items": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.ClassicLoadBalancer" + }, + "markdownDescription": "One or more Classic Load Balancers.", + "title": "ClassicLoadBalancers", + "type": "array" } }, "required": [ - "Namespace", - "OptionName" + "ClassicLoadBalancers" ], "type": "object" }, - "AWS::ElasticBeanstalk::Environment.Tier": { + "AWS::EC2::SpotFleet.CpuPerformanceFactorRequest": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of this environment tier.\n\nValid values:\n\n- For *Web server tier* \u2013 `WebServer`\n- For *Worker tier* \u2013 `Worker`", - "title": "Name", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of this environment tier.\n\nValid values:\n\n- For *Web server tier* \u2013 `Standard`\n- For *Worker tier* \u2013 `SQS/HTTP`", - "title": "Type", - "type": "string" - }, - "Version": { - "markdownDescription": "The version of this environment tier. When you don't set a value to it, Elastic Beanstalk uses the latest compatible worker tier version.\n\n> This member is deprecated. Any specific version that you set may become out of date. We recommend leaving it unspecified.", - "title": "Version", - "type": "string" + "References": { + "items": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.PerformanceFactorReferenceRequest" + }, + "markdownDescription": "Specify an instance family to use as the baseline reference for CPU performance. All instance types that match your specified attributes will be compared against the CPU performance of the referenced instance family, regardless of CPU manufacturer or architecture differences.\n\n> Currently, only one instance family can be specified in the list.", + "title": "References", + "type": "array" } }, "type": "object" }, - "AWS::ElasticLoadBalancing::LoadBalancer": { + "AWS::EC2::SpotFleet.EbsBlockDevice": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "DeleteOnTermination": { + "markdownDescription": "Indicates whether the EBS volume is deleted on instance termination. For more information, see [Preserving Amazon EBS volumes on instance termination](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#preserving-volumes-on-termination) in the *Amazon EC2 User Guide* .", + "title": "DeleteOnTermination", + "type": "boolean" }, - "Metadata": { - "type": "object" + "Encrypted": { + "markdownDescription": "Indicates whether the encryption state of an EBS volume is changed while being restored from a backing snapshot. The effect of setting the encryption state to `true` depends on the volume origin (new or from a snapshot), starting encryption state, ownership, and whether encryption by default is enabled. For more information, see [Amazon EBS Encryption](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#encryption-parameters) in the *Amazon EC2 User Guide* .\n\nIn no case can you remove encryption from an encrypted volume.\n\nEncrypted volumes can only be attached to instances that support Amazon EBS encryption. For more information, see [Supported Instance Types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#EBSEncryption_supported_instances) .\n\nThis parameter is not returned by [DescribeImageAttribute](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeImageAttribute.html) .", + "title": "Encrypted", + "type": "boolean" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AccessLoggingPolicy": { - "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.AccessLoggingPolicy", - "markdownDescription": "Information about where and how access logs are stored for the load balancer.", - "title": "AccessLoggingPolicy" - }, - "AppCookieStickinessPolicy": { - "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.AppCookieStickinessPolicy" - }, - "markdownDescription": "Information about a policy for application-controlled session stickiness.", - "title": "AppCookieStickinessPolicy", - "type": "array" - }, - "AvailabilityZones": { - "items": { - "type": "string" - }, - "markdownDescription": "The Availability Zones for a load balancer in a default VPC. For a load balancer in a nondefault VPC, specify `Subnets` instead.\n\nUpdate requires replacement if you did not previously specify an Availability Zone or if you are removing all Availability Zones. Otherwise, update requires no interruption.", - "title": "AvailabilityZones", - "type": "array" - }, - "ConnectionDrainingPolicy": { - "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.ConnectionDrainingPolicy", - "markdownDescription": "If enabled, the load balancer allows existing requests to complete before the load balancer shifts traffic away from a deregistered or unhealthy instance.\n\nFor more information, see [Configure connection draining](https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/config-conn-drain.html) in the *User Guide for Classic Load Balancers* .", - "title": "ConnectionDrainingPolicy" - }, - "ConnectionSettings": { - "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.ConnectionSettings", - "markdownDescription": "If enabled, the load balancer allows the connections to remain idle (no data is sent over the connection) for the specified duration.\n\nBy default, Elastic Load Balancing maintains a 60-second idle connection timeout for both front-end and back-end connections of your load balancer. For more information, see [Configure idle connection timeout](https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/config-idle-timeout.html) in the *User Guide for Classic Load Balancers* .", - "title": "ConnectionSettings" - }, - "CrossZone": { - "markdownDescription": "If enabled, the load balancer routes the request traffic evenly across all instances regardless of the Availability Zones.\n\nFor more information, see [Configure cross-zone load balancing](https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-disable-crosszone-lb.html) in the *User Guide for Classic Load Balancers* .", - "title": "CrossZone", - "type": "boolean" - }, - "HealthCheck": { - "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.HealthCheck", - "markdownDescription": "The health check settings to use when evaluating the health of your EC2 instances.\n\nUpdate requires replacement if you did not previously specify health check settings or if you are removing the health check settings. Otherwise, update requires no interruption.", - "title": "HealthCheck" - }, - "Instances": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the instances for the load balancer.", - "title": "Instances", - "type": "array" - }, - "LBCookieStickinessPolicy": { - "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.LBCookieStickinessPolicy" - }, - "markdownDescription": "Information about a policy for duration-based session stickiness.", - "title": "LBCookieStickinessPolicy", - "type": "array" - }, - "Listeners": { - "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.Listeners" - }, - "markdownDescription": "The listeners for the load balancer. You can specify at most one listener per port.\n\nIf you update the properties for a listener, AWS CloudFormation deletes the existing listener and creates a new one with the specified properties. While the new listener is being created, clients cannot connect to the load balancer.", - "title": "Listeners", - "type": "array" - }, - "LoadBalancerName": { - "markdownDescription": "The name of the load balancer. This name must be unique within your set of load balancers for the region.\n\nIf you don't specify a name, AWS CloudFormation generates a unique physical ID for the load balancer. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) . If you specify a name, you cannot perform updates that require replacement of this resource, but you can perform other updates. To replace the resource, specify a new name.", - "title": "LoadBalancerName", - "type": "string" - }, - "Policies": { - "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.Policies" - }, - "markdownDescription": "The policies defined for your Classic Load Balancer. Specify only back-end server policies.", - "title": "Policies", - "type": "array" - }, - "Scheme": { - "markdownDescription": "The type of load balancer. Valid only for load balancers in a VPC.\n\nIf `Scheme` is `internet-facing` , the load balancer has a public DNS name that resolves to a public IP address.\n\nIf `Scheme` is `internal` , the load balancer has a public DNS name that resolves to a private IP address.", - "title": "Scheme", - "type": "string" - }, - "SecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "The security groups for the load balancer. Valid only for load balancers in a VPC.", - "title": "SecurityGroups", - "type": "array" - }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the subnets for the load balancer. You can specify at most one subnet per Availability Zone.\n\nUpdate requires replacement if you did not previously specify a subnet or if you are removing all subnets. Otherwise, update requires no interruption. To update to a different subnet in the current Availability Zone, you must first update to a subnet in a different Availability Zone, then update to the new subnet in the original Availability Zone.", - "title": "Subnets", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags associated with a load balancer.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Listeners" - ], - "type": "object" + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS). For `gp3` , `io1` , and `io2` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n\nThe following are the supported values for each volume type:\n\n- `gp3` : 3,000 - 16,000 IOPS\n- `io1` : 100 - 64,000 IOPS\n- `io2` : 100 - 256,000 IOPS\n\nFor `io2` volumes, you can achieve up to 256,000 IOPS on [instances built on the Nitro System](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances) . On other instances, you can achieve performance up to 32,000 IOPS.\n\nThis parameter is required for `io1` and `io2` volumes. The default for `gp3` volumes is 3,000 IOPS.", + "title": "Iops", + "type": "number" }, - "Type": { - "enum": [ - "AWS::ElasticLoadBalancing::LoadBalancer" - ], + "SnapshotId": { + "markdownDescription": "The ID of the snapshot.", + "title": "SnapshotId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VolumeSize": { + "markdownDescription": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. If you specify a snapshot, the default is the snapshot size. You can specify a volume size that is equal to or larger than the snapshot size.\n\nThe following are the supported sizes for each volume type:\n\n- `gp2` and `gp3` : 1 - 16,384 GiB\n- `io1` : 4 - 16,384 GiB\n- `io2` : 4 - 65,536 GiB\n- `st1` and `sc1` : 125 - 16,384 GiB\n- `standard` : 1 - 1024 GiB", + "title": "VolumeSize", + "type": "number" + }, + "VolumeType": { + "markdownDescription": "The volume type. For more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volume-types.html) in the *Amazon EBS User Guide* .", + "title": "VolumeType", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::ElasticLoadBalancing::LoadBalancer.AccessLoggingPolicy": { + "AWS::EC2::SpotFleet.FleetLaunchTemplateSpecification": { "additionalProperties": false, "properties": { - "EmitInterval": { - "markdownDescription": "The interval for publishing the access logs. You can specify an interval of either 5 minutes or 60 minutes.\n\nDefault: 60 minutes", - "title": "EmitInterval", - "type": "number" - }, - "Enabled": { - "markdownDescription": "Specifies whether access logs are enabled for the load balancer.", - "title": "Enabled", - "type": "boolean" + "LaunchTemplateId": { + "markdownDescription": "The ID of the launch template.\n\nYou must specify the `LaunchTemplateId` or the `LaunchTemplateName` , but not both.", + "title": "LaunchTemplateId", + "type": "string" }, - "S3BucketName": { - "markdownDescription": "The name of the Amazon S3 bucket where the access logs are stored.", - "title": "S3BucketName", + "LaunchTemplateName": { + "markdownDescription": "The name of the launch template.\n\nYou must specify the `LaunchTemplateName` or the `LaunchTemplateId` , but not both.", + "title": "LaunchTemplateName", "type": "string" }, - "S3BucketPrefix": { - "markdownDescription": "The logical hierarchy you created for your Amazon S3 bucket, for example `my-bucket-prefix/prod` . If the prefix is not provided, the log is placed at the root level of the bucket.", - "title": "S3BucketPrefix", + "Version": { + "markdownDescription": "The version number of the launch template.\n\nSpecifying `$Latest` or `$Default` for the template version number is not supported. However, you can specify `LatestVersionNumber` or `DefaultVersionNumber` using the `Fn::GetAtt` intrinsic function. For more information, see [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html#aws-resource-ec2-launchtemplate-return-values-fn--getatt) .", + "title": "Version", "type": "string" } }, "required": [ - "Enabled", - "S3BucketName" + "Version" ], "type": "object" }, - "AWS::ElasticLoadBalancing::LoadBalancer.AppCookieStickinessPolicy": { + "AWS::EC2::SpotFleet.GroupIdentifier": { "additionalProperties": false, "properties": { - "CookieName": { - "markdownDescription": "The name of the application cookie used for stickiness.", - "title": "CookieName", - "type": "string" - }, - "PolicyName": { - "markdownDescription": "The mnemonic name for the policy being created. The name must be unique within a set of policies for this load balancer.", - "title": "PolicyName", + "GroupId": { + "markdownDescription": "The ID of the security group.", + "title": "GroupId", "type": "string" } }, "required": [ - "CookieName", - "PolicyName" + "GroupId" ], "type": "object" }, - "AWS::ElasticLoadBalancing::LoadBalancer.ConnectionDrainingPolicy": { + "AWS::EC2::SpotFleet.IamInstanceProfileSpecification": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Specifies whether connection draining is enabled for the load balancer.", - "title": "Enabled", - "type": "boolean" - }, - "Timeout": { - "markdownDescription": "The maximum time, in seconds, to keep the existing connections open before deregistering the instances.", - "title": "Timeout", - "type": "number" + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance profile.", + "title": "Arn", + "type": "string" } }, - "required": [ - "Enabled" - ], "type": "object" }, - "AWS::ElasticLoadBalancing::LoadBalancer.ConnectionSettings": { + "AWS::EC2::SpotFleet.InstanceIpv6Address": { "additionalProperties": false, "properties": { - "IdleTimeout": { - "markdownDescription": "The time, in seconds, that the connection is allowed to be idle (no data has been sent over the connection) before it is closed by the load balancer.", - "title": "IdleTimeout", - "type": "number" + "Ipv6Address": { + "markdownDescription": "The IPv6 address.", + "title": "Ipv6Address", + "type": "string" } }, "required": [ - "IdleTimeout" + "Ipv6Address" ], "type": "object" }, - "AWS::ElasticLoadBalancing::LoadBalancer.HealthCheck": { + "AWS::EC2::SpotFleet.InstanceNetworkInterfaceSpecification": { "additionalProperties": false, "properties": { - "HealthyThreshold": { - "markdownDescription": "The number of consecutive health checks successes required before moving the instance to the `Healthy` state.", - "title": "HealthyThreshold", - "type": "string" + "AssociatePublicIpAddress": { + "markdownDescription": "Indicates whether to assign a public IPv4 address to an instance you launch in a VPC. The public IP address can only be assigned to a network interface for eth0, and can only be assigned to a new network interface, not an existing one. You cannot specify more than one network interface in the request. If launching into a default subnet, the default value is `true` .\n\nAWS charges for all public IPv4 addresses, including public IPv4 addresses associated with running instances and Elastic IP addresses. For more information, see the *Public IPv4 Address* tab on the [Amazon VPC pricing page](https://docs.aws.amazon.com/vpc/pricing/) .", + "title": "AssociatePublicIpAddress", + "type": "boolean" }, - "Interval": { - "markdownDescription": "The approximate interval, in seconds, between health checks of an individual instance.", - "title": "Interval", - "type": "string" + "DeleteOnTermination": { + "markdownDescription": "Indicates whether the network interface is deleted when the instance is terminated.", + "title": "DeleteOnTermination", + "type": "boolean" }, - "Target": { - "markdownDescription": "The instance being checked. The protocol is either TCP, HTTP, HTTPS, or SSL. The range of valid ports is one (1) through 65535.\n\nTCP is the default, specified as a TCP: port pair, for example \"TCP:5000\". In this case, a health check simply attempts to open a TCP connection to the instance on the specified port. Failure to connect within the configured timeout is considered unhealthy.\n\nSSL is also specified as SSL: port pair, for example, SSL:5000.\n\nFor HTTP/HTTPS, you must include a ping path in the string. HTTP is specified as a HTTP:port;/;PathToPing; grouping, for example \"HTTP:80/weather/us/wa/seattle\". In this case, a HTTP GET request is issued to the instance on the given port and path. Any answer other than \"200 OK\" within the timeout period is considered unhealthy.\n\nThe total length of the HTTP ping target must be 1024 16-bit Unicode characters or less.", - "title": "Target", + "Description": { + "markdownDescription": "The description of the network interface. Applies only if creating a network interface when launching an instance.", + "title": "Description", "type": "string" }, - "Timeout": { - "markdownDescription": "The amount of time, in seconds, during which no response means a failed health check.\n\nThis value must be less than the `Interval` value.", - "title": "Timeout", - "type": "string" + "DeviceIndex": { + "markdownDescription": "The position of the network interface in the attachment order. A primary network interface has a device index of 0.\n\nIf you specify a network interface when launching an instance, you must specify the device index.", + "title": "DeviceIndex", + "type": "number" }, - "UnhealthyThreshold": { - "markdownDescription": "The number of consecutive health check failures required before moving the instance to the `Unhealthy` state.", - "title": "UnhealthyThreshold", - "type": "string" - } - }, - "required": [ - "HealthyThreshold", - "Interval", - "Target", - "Timeout", - "UnhealthyThreshold" - ], - "type": "object" - }, - "AWS::ElasticLoadBalancing::LoadBalancer.LBCookieStickinessPolicy": { - "additionalProperties": false, - "properties": { - "CookieExpirationPeriod": { - "markdownDescription": "The time period, in seconds, after which the cookie should be considered stale. If this parameter is not specified, the stickiness session lasts for the duration of the browser session.", - "title": "CookieExpirationPeriod", - "type": "string" + "Groups": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the security groups for the network interface. Applies only if creating a network interface when launching an instance.", + "title": "Groups", + "type": "array" }, - "PolicyName": { - "markdownDescription": "The name of the policy. This name must be unique within the set of policies for this load balancer.", - "title": "PolicyName", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancing::LoadBalancer.Listeners": { - "additionalProperties": false, - "properties": { - "InstancePort": { - "markdownDescription": "The port on which the instance is listening.", - "title": "InstancePort", - "type": "string" + "Ipv6AddressCount": { + "markdownDescription": "A number of IPv6 addresses to assign to the network interface. Amazon EC2 chooses the IPv6 addresses from the range of the subnet. You cannot specify this option and the option to assign specific IPv6 addresses in the same request. You can specify this option if you've specified a minimum number of instances to launch.", + "title": "Ipv6AddressCount", + "type": "number" }, - "InstanceProtocol": { - "markdownDescription": "The protocol to use for routing traffic to instances: HTTP, HTTPS, TCP, or SSL.\n\nIf the front-end protocol is TCP or SSL, the back-end protocol must be TCP or SSL. If the front-end protocol is HTTP or HTTPS, the back-end protocol must be HTTP or HTTPS.\n\nIf there is another listener with the same `InstancePort` whose `InstanceProtocol` is secure, (HTTPS or SSL), the listener's `InstanceProtocol` must also be secure.\n\nIf there is another listener with the same `InstancePort` whose `InstanceProtocol` is HTTP or TCP, the listener's `InstanceProtocol` must be HTTP or TCP.", - "title": "InstanceProtocol", - "type": "string" + "Ipv6Addresses": { + "items": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.InstanceIpv6Address" + }, + "markdownDescription": "The IPv6 addresses to assign to the network interface. You cannot specify this option and the option to assign a number of IPv6 addresses in the same request. You cannot specify this option if you've specified a minimum number of instances to launch.", + "title": "Ipv6Addresses", + "type": "array" }, - "LoadBalancerPort": { - "markdownDescription": "The port on which the load balancer is listening. On EC2-VPC, you can specify any port from the range 1-65535. On EC2-Classic, you can specify any port from the following list: 25, 80, 443, 465, 587, 1024-65535.", - "title": "LoadBalancerPort", + "NetworkInterfaceId": { + "markdownDescription": "The ID of the network interface.\n\nIf you are creating a Spot Fleet, omit this parameter because you can\u2019t specify a network interface ID in a launch specification.", + "title": "NetworkInterfaceId", "type": "string" }, - "PolicyNames": { + "PrivateIpAddresses": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EC2::SpotFleet.PrivateIpAddressSpecification" }, - "markdownDescription": "The names of the policies to associate with the listener.", - "title": "PolicyNames", + "markdownDescription": "The private IPv4 addresses to assign to the network interface. Only one private IPv4 address can be designated as primary. You cannot specify this option if you're launching more than one instance in a [RunInstances](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html) request.", + "title": "PrivateIpAddresses", "type": "array" }, - "Protocol": { - "markdownDescription": "The load balancer transport protocol to use for routing: HTTP, HTTPS, TCP, or SSL.", - "title": "Protocol", - "type": "string" + "SecondaryPrivateIpAddressCount": { + "markdownDescription": "The number of secondary private IPv4 addresses. You can\u2019t specify this parameter and also specify a secondary private IP address using the `PrivateIpAddress` parameter.", + "title": "SecondaryPrivateIpAddressCount", + "type": "number" }, - "SSLCertificateId": { - "markdownDescription": "The Amazon Resource Name (ARN) of the server certificate.", - "title": "SSLCertificateId", + "SubnetId": { + "markdownDescription": "The ID of the subnet associated with the network interface.", + "title": "SubnetId", "type": "string" } }, - "required": [ - "InstancePort", - "LoadBalancerPort", - "Protocol" - ], "type": "object" }, - "AWS::ElasticLoadBalancing::LoadBalancer.Policies": { + "AWS::EC2::SpotFleet.InstanceRequirementsRequest": { "additionalProperties": false, "properties": { - "Attributes": { + "AcceleratorCount": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.AcceleratorCountRequest", + "markdownDescription": "The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferentia chips) on an instance.\n\nTo exclude accelerator-enabled instance types, set `Max` to `0` .\n\nDefault: No minimum or maximum limits", + "title": "AcceleratorCount" + }, + "AcceleratorManufacturers": { "items": { - "type": "object" + "type": "string" }, - "markdownDescription": "The policy attributes.", - "title": "Attributes", + "markdownDescription": "Indicates whether instance types must have accelerators by specific manufacturers.\n\n- For instance types with AWS devices, specify `amazon-web-services` .\n- For instance types with AMD devices, specify `amd` .\n- For instance types with Habana devices, specify `habana` .\n- For instance types with NVIDIA devices, specify `nvidia` .\n- For instance types with Xilinx devices, specify `xilinx` .\n\nDefault: Any manufacturer", + "title": "AcceleratorManufacturers", "type": "array" }, - "InstancePorts": { + "AcceleratorNames": { "items": { "type": "string" }, - "markdownDescription": "The instance ports for the policy. Required only for some policy types.", - "title": "InstancePorts", + "markdownDescription": "The accelerators that must be on the instance type.\n\n- For instance types with NVIDIA A10G GPUs, specify `a10g` .\n- For instance types with NVIDIA A100 GPUs, specify `a100` .\n- For instance types with NVIDIA H100 GPUs, specify `h100` .\n- For instance types with AWS Inferentia chips, specify `inferentia` .\n- For instance types with NVIDIA GRID K520 GPUs, specify `k520` .\n- For instance types with NVIDIA K80 GPUs, specify `k80` .\n- For instance types with NVIDIA M60 GPUs, specify `m60` .\n- For instance types with AMD Radeon Pro V520 GPUs, specify `radeon-pro-v520` .\n- For instance types with NVIDIA T4 GPUs, specify `t4` .\n- For instance types with NVIDIA T4G GPUs, specify `t4g` .\n- For instance types with Xilinx VU9P FPGAs, specify `vu9p` .\n- For instance types with NVIDIA V100 GPUs, specify `v100` .\n\nDefault: Any accelerator", + "title": "AcceleratorNames", "type": "array" }, - "LoadBalancerPorts": { + "AcceleratorTotalMemoryMiB": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.AcceleratorTotalMemoryMiBRequest", + "markdownDescription": "The minimum and maximum amount of total accelerator memory, in MiB.\n\nDefault: No minimum or maximum limits", + "title": "AcceleratorTotalMemoryMiB" + }, + "AcceleratorTypes": { "items": { "type": "string" }, - "markdownDescription": "The load balancer ports for the policy. Required only for some policy types.", - "title": "LoadBalancerPorts", + "markdownDescription": "The accelerator types that must be on the instance type.\n\n- For instance types with FPGA accelerators, specify `fpga` .\n- For instance types with GPU accelerators, specify `gpu` .\n- For instance types with Inference accelerators, specify `inference` .\n\nDefault: Any accelerator type", + "title": "AcceleratorTypes", "type": "array" }, - "PolicyName": { - "markdownDescription": "The name of the policy.", - "title": "PolicyName", - "type": "string" + "AllowedInstanceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The instance types to apply your specified attributes against. All other instance types are ignored, even if they match your specified attributes.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to allow an instance type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will allow the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will allow all the M5a instance types, but not the M5n instance types.\n\n> If you specify `AllowedInstanceTypes` , you can't specify `ExcludedInstanceTypes` . \n\nDefault: All instance types", + "title": "AllowedInstanceTypes", + "type": "array" }, - "PolicyType": { - "markdownDescription": "The name of the policy type.", - "title": "PolicyType", - "type": "string" - } - }, - "required": [ - "Attributes", - "PolicyName", - "PolicyType" - ], - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::Listener": { - "additionalProperties": false, - "properties": { - "Condition": { + "BareMetal": { + "markdownDescription": "Indicates whether bare metal instance types must be included, excluded, or required.\n\n- To include bare metal instance types, specify `included` .\n- To require only bare metal instance types, specify `required` .\n- To exclude bare metal instance types, specify `excluded` .\n\nDefault: `excluded`", + "title": "BareMetal", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "BaselineEbsBandwidthMbps": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.BaselineEbsBandwidthMbpsRequest", + "markdownDescription": "The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps. For more information, see [Amazon EBS\u2013optimized instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-optimized.html) in the *Amazon EC2 User Guide* .\n\nDefault: No minimum or maximum limits", + "title": "BaselineEbsBandwidthMbps" + }, + "BaselinePerformanceFactors": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.BaselinePerformanceFactorsRequest", + "markdownDescription": "The baseline performance to consider, using an instance family as a baseline reference. The instance family establishes the lowest acceptable level of performance. Amazon EC2 uses this baseline to guide instance type selection, but there is no guarantee that the selected instance types will always exceed the baseline for every application. Currently, this parameter only supports CPU performance as a baseline performance factor. For more information, see [Performance protection](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-attribute-based-instance-type-selection.html#ec2fleet-abis-performance-protection) in the *Amazon EC2 User Guide* .", + "title": "BaselinePerformanceFactors" + }, + "BurstablePerformance": { + "markdownDescription": "Indicates whether burstable performance T instance types are included, excluded, or required. For more information, see [Burstable performance instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) .\n\n- To include burstable performance instance types, specify `included` .\n- To require only burstable performance instance types, specify `required` .\n- To exclude burstable performance instance types, specify `excluded` .\n\nDefault: `excluded`", + "title": "BurstablePerformance", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "CpuManufacturers": { + "items": { + "type": "string" + }, + "markdownDescription": "The CPU manufacturers to include.\n\n- For instance types with Intel CPUs, specify `intel` .\n- For instance types with AMD CPUs, specify `amd` .\n- For instance types with AWS CPUs, specify `amazon-web-services` .\n- For instance types with Apple CPUs, specify `apple` .\n\n> Don't confuse the CPU manufacturer with the CPU architecture. Instances will be launched with a compatible CPU architecture based on the Amazon Machine Image (AMI) that you specify in your launch template. \n\nDefault: Any manufacturer", + "title": "CpuManufacturers", + "type": "array" }, - "Metadata": { - "type": "object" + "ExcludedInstanceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The instance types to exclude.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to exclude an instance family, type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will exclude the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will exclude all the M5a instance types, but not the M5n instance types.\n\n> If you specify `ExcludedInstanceTypes` , you can't specify `AllowedInstanceTypes` . \n\nDefault: No excluded instance types", + "title": "ExcludedInstanceTypes", + "type": "array" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AlpnPolicy": { - "items": { - "type": "string" - }, - "markdownDescription": "[TLS listener] The name of the Application-Layer Protocol Negotiation (ALPN) policy.", - "title": "AlpnPolicy", - "type": "array" - }, - "Certificates": { - "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.Certificate" - }, - "markdownDescription": "The default SSL server certificate for a secure listener. You must provide exactly one certificate if the listener protocol is HTTPS or TLS.\n\nTo create a certificate list for a secure listener, use [AWS::ElasticLoadBalancingV2::ListenerCertificate](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-listenercertificate.html) .", - "title": "Certificates", - "type": "array" - }, - "DefaultActions": { - "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.Action" - }, - "markdownDescription": "The actions for the default rule. You cannot define a condition for a default rule.\n\nTo create additional rules for an Application Load Balancer, use [AWS::ElasticLoadBalancingV2::ListenerRule](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-listenerrule.html) .", - "title": "DefaultActions", - "type": "array" - }, - "LoadBalancerArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the load balancer.", - "title": "LoadBalancerArn", - "type": "string" - }, - "MutualAuthentication": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.MutualAuthentication", - "markdownDescription": "The mutual authentication configuration information.", - "title": "MutualAuthentication" - }, - "Port": { - "markdownDescription": "The port on which the load balancer is listening. You can't specify a port for a Gateway Load Balancer.", - "title": "Port", - "type": "number" - }, - "Protocol": { - "markdownDescription": "The protocol for connections from clients to the load balancer. For Application Load Balancers, the supported protocols are HTTP and HTTPS. For Network Load Balancers, the supported protocols are TCP, TLS, UDP, and TCP_UDP. You can\u2019t specify the UDP or TCP_UDP protocol if dual-stack mode is enabled. You can't specify a protocol for a Gateway Load Balancer.", - "title": "Protocol", - "type": "string" - }, - "SslPolicy": { - "markdownDescription": "[HTTPS and TLS listeners] The security policy that defines which protocols and ciphers are supported. For more information, see [Security policies](https://docs.aws.amazon.com/elasticloadbalancing/latest/application/describe-ssl-policies.html) in the *Application Load Balancers Guide* and [Security policies](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/describe-ssl-policies.html) in the *Network Load Balancers Guide* .\n\n[HTTPS listeners] Updating the security policy can result in interruptions if the load balancer is handling a high volume of traffic. To decrease the possibility of an interruption if your load balancer is handling a high volume of traffic, create an additional load balancer or request an LCU reservation.", - "title": "SslPolicy", - "type": "string" - } + "InstanceGenerations": { + "items": { + "type": "string" }, - "required": [ - "DefaultActions", - "LoadBalancerArn" - ], - "type": "object" + "markdownDescription": "Indicates whether current or previous generation instance types are included. The current generation instance types are recommended for use. Current generation instance types are typically the latest two to three generations in each instance family. For more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .\n\nFor current generation instance types, specify `current` .\n\nFor previous generation instance types, specify `previous` .\n\nDefault: Current and previous generation instance types", + "title": "InstanceGenerations", + "type": "array" }, - "Type": { - "enum": [ - "AWS::ElasticLoadBalancingV2::Listener" - ], + "LocalStorage": { + "markdownDescription": "Indicates whether instance types with instance store volumes are included, excluded, or required. For more information, [Amazon EC2 instance store](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html) in the *Amazon EC2 User Guide* .\n\n- To include instance types with instance store volumes, specify `included` .\n- To require only instance types with instance store volumes, specify `required` .\n- To exclude instance types with instance store volumes, specify `excluded` .\n\nDefault: `included`", + "title": "LocalStorage", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::Listener.Action": { - "additionalProperties": false, - "properties": { - "AuthenticateCognitoConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.AuthenticateCognitoConfig", - "markdownDescription": "[HTTPS listeners] Information for using Amazon Cognito to authenticate users. Specify only when `Type` is `authenticate-cognito` .", - "title": "AuthenticateCognitoConfig" + "LocalStorageTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The type of local storage that is required.\n\n- For instance types with hard disk drive (HDD) storage, specify `hdd` .\n- For instance types with solid state drive (SSD) storage, specify `ssd` .\n\nDefault: `hdd` and `ssd`", + "title": "LocalStorageTypes", + "type": "array" }, - "AuthenticateOidcConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.AuthenticateOidcConfig", - "markdownDescription": "[HTTPS listeners] Information about an identity provider that is compliant with OpenID Connect (OIDC). Specify only when `Type` is `authenticate-oidc` .", - "title": "AuthenticateOidcConfig" + "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice": { + "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage of an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is based on the per vCPU or per memory price instead of the per instance price.\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` .", + "title": "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice", + "type": "number" }, - "FixedResponseConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.FixedResponseConfig", - "markdownDescription": "[Application Load Balancer] Information for creating an action that returns a custom HTTP response. Specify only when `Type` is `fixed-response` .", - "title": "FixedResponseConfig" + "MemoryGiBPerVCpu": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.MemoryGiBPerVCpuRequest", + "markdownDescription": "The minimum and maximum amount of memory per vCPU, in GiB.\n\nDefault: No minimum or maximum limits", + "title": "MemoryGiBPerVCpu" }, - "ForwardConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.ForwardConfig", - "markdownDescription": "Information for creating an action that distributes requests among one or more target groups. For Network Load Balancers, you can specify a single target group. Specify only when `Type` is `forward` . If you specify both `ForwardConfig` and `TargetGroupArn` , you can specify only one target group using `ForwardConfig` and it must be the same target group specified in `TargetGroupArn` .", - "title": "ForwardConfig" + "MemoryMiB": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.MemoryMiBRequest", + "markdownDescription": "The minimum and maximum amount of memory, in MiB.", + "title": "MemoryMiB" }, - "Order": { - "markdownDescription": "The order for the action. This value is required for rules with multiple actions. The action with the lowest value for order is performed first.", - "title": "Order", + "NetworkBandwidthGbps": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.NetworkBandwidthGbpsRequest", + "markdownDescription": "The minimum and maximum amount of baseline network bandwidth, in gigabits per second (Gbps). For more information, see [Amazon EC2 instance network bandwidth](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-network-bandwidth.html) in the *Amazon EC2 User Guide* .\n\nDefault: No minimum or maximum limits", + "title": "NetworkBandwidthGbps" + }, + "NetworkInterfaceCount": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.NetworkInterfaceCountRequest", + "markdownDescription": "The minimum and maximum number of network interfaces.\n\nDefault: No minimum or maximum limits", + "title": "NetworkInterfaceCount" + }, + "OnDemandMaxPricePercentageOverLowestPrice": { + "markdownDescription": "[Price protection] The price protection threshold for On-Demand Instances, as a percentage higher than an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nTo indicate no price protection threshold, specify a high value, such as `999999` .\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n> If you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price. \n\nDefault: `20`", + "title": "OnDemandMaxPricePercentageOverLowestPrice", "type": "number" }, - "RedirectConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.RedirectConfig", - "markdownDescription": "[Application Load Balancer] Information for creating a redirect action. Specify only when `Type` is `redirect` .", - "title": "RedirectConfig" + "RequireHibernateSupport": { + "markdownDescription": "Indicates whether instance types must support hibernation for On-Demand Instances.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) .\n\nDefault: `false`", + "title": "RequireHibernateSupport", + "type": "boolean" }, - "TargetGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the target group. Specify only when `Type` is `forward` and you want to route to a single target group. To route to one or more target groups, use `ForwardConfig` instead.", - "title": "TargetGroupArn", - "type": "string" + "SpotMaxPricePercentageOverLowestPrice": { + "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage higher than an identified Spot price. The identified Spot price is the Spot price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified Spot price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose Spot price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` . \n\nDefault: `100`", + "title": "SpotMaxPricePercentageOverLowestPrice", + "type": "number" }, - "Type": { - "markdownDescription": "The type of action.", - "title": "Type", - "type": "string" + "TotalLocalStorageGB": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.TotalLocalStorageGBRequest", + "markdownDescription": "The minimum and maximum amount of total local storage, in GB.\n\nDefault: No minimum or maximum limits", + "title": "TotalLocalStorageGB" + }, + "VCpuCount": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.VCpuCountRangeRequest", + "markdownDescription": "The minimum and maximum number of vCPUs.", + "title": "VCpuCount" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::Listener.AuthenticateCognitoConfig": { + "AWS::EC2::SpotFleet.LaunchTemplateConfig": { "additionalProperties": false, "properties": { - "AuthenticationRequestExtraParams": { - "additionalProperties": true, - "markdownDescription": "The query parameters (up to 10) to include in the redirect request to the authorization endpoint.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "AuthenticationRequestExtraParams", - "type": "object" + "LaunchTemplateSpecification": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.FleetLaunchTemplateSpecification", + "markdownDescription": "The launch template to use. Make sure that the launch template does not contain the `NetworkInterfaceId` parameter because you can't specify a network interface ID in a Spot Fleet.", + "title": "LaunchTemplateSpecification" }, - "OnUnauthenticatedRequest": { - "markdownDescription": "The behavior if the user is not authenticated. The following are possible values:\n\n- deny `` - Return an HTTP 401 Unauthorized error.\n- allow `` - Allow the request to be forwarded to the target.\n- authenticate `` - Redirect the request to the IdP authorization endpoint. This is the default value.", - "title": "OnUnauthenticatedRequest", + "Overrides": { + "items": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.LaunchTemplateOverrides" + }, + "markdownDescription": "Any parameters that you specify override the same parameters in the launch template.", + "title": "Overrides", + "type": "array" + } + }, + "type": "object" + }, + "AWS::EC2::SpotFleet.LaunchTemplateOverrides": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "markdownDescription": "The Availability Zone in which to launch the instances.", + "title": "AvailabilityZone", "type": "string" }, - "Scope": { - "markdownDescription": "The set of user claims to be requested from the IdP. The default is `openid` .\n\nTo verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.", - "title": "Scope", - "type": "string" + "InstanceRequirements": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.InstanceRequirementsRequest", + "markdownDescription": "The instance requirements. When you specify instance requirements, Amazon EC2 will identify instance types with the provided requirements, and then use your On-Demand and Spot allocation strategies to launch instances from these instance types, in the same way as when you specify a list of instance types.\n\n> If you specify `InstanceRequirements` , you can't specify `InstanceType` .", + "title": "InstanceRequirements" }, - "SessionCookieName": { - "markdownDescription": "The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.", - "title": "SessionCookieName", + "InstanceType": { + "markdownDescription": "The instance type.", + "title": "InstanceType", "type": "string" }, - "SessionTimeout": { - "markdownDescription": "The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).", - "title": "SessionTimeout", - "type": "string" + "Priority": { + "markdownDescription": "The priority for the launch template override. The highest priority is launched first.\n\nIf `OnDemandAllocationStrategy` is set to `prioritized` , Spot Fleet uses priority to determine which launch template override to use first in fulfilling On-Demand capacity.\n\nIf the Spot `AllocationStrategy` is set to `capacityOptimizedPrioritized` , Spot Fleet uses priority on a best-effort basis to determine which launch template override to use in fulfilling Spot capacity, but optimizes for capacity first.\n\nValid values are whole numbers starting at `0` . The lower the number, the higher the priority. If no number is set, the launch template override has the lowest priority. You can set the same priority for different launch template overrides.", + "title": "Priority", + "type": "number" }, - "UserPoolArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Cognito user pool.", - "title": "UserPoolArn", + "SpotPrice": { + "markdownDescription": "The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.\n\n> If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.", + "title": "SpotPrice", "type": "string" }, - "UserPoolClientId": { - "markdownDescription": "The ID of the Amazon Cognito user pool client.", - "title": "UserPoolClientId", + "SubnetId": { + "markdownDescription": "The ID of the subnet in which to launch the instances.", + "title": "SubnetId", "type": "string" }, - "UserPoolDomain": { - "markdownDescription": "The domain prefix or fully-qualified domain name of the Amazon Cognito user pool.", - "title": "UserPoolDomain", + "WeightedCapacity": { + "markdownDescription": "The number of units provided by the specified instance type. These are the same units that you chose to set the target capacity in terms of instances, or a performance characteristic such as vCPUs, memory, or I/O.\n\nIf the target capacity divided by this value is not a whole number, Amazon EC2 rounds the number of instances to the next whole number. If this value is not specified, the default is 1.\n\n> When specifying weights, the price used in the `lowestPrice` and `priceCapacityOptimized` allocation strategies is per *unit* hour (where the instance price is divided by the specified weight). However, if all the specified weights are above the requested `TargetCapacity` , resulting in only 1 instance being launched, the price used is per *instance* hour.", + "title": "WeightedCapacity", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::SpotFleet.LoadBalancersConfig": { + "additionalProperties": false, + "properties": { + "ClassicLoadBalancersConfig": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.ClassicLoadBalancersConfig", + "markdownDescription": "The Classic Load Balancers.", + "title": "ClassicLoadBalancersConfig" + }, + "TargetGroupsConfig": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.TargetGroupsConfig", + "markdownDescription": "The target groups.", + "title": "TargetGroupsConfig" + } + }, + "type": "object" + }, + "AWS::EC2::SpotFleet.MemoryGiBPerVCpuRequest": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum amount of memory per vCPU, in GiB. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The minimum amount of memory per vCPU, in GiB. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::SpotFleet.MemoryMiBRequest": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum amount of memory, in MiB. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The minimum amount of memory, in MiB. To specify no minimum limit, specify `0` .", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::SpotFleet.NetworkBandwidthGbpsRequest": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum amount of network bandwidth, in Gbps. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The minimum amount of network bandwidth, in Gbps. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::SpotFleet.NetworkInterfaceCountRequest": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum number of network interfaces. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The minimum number of network interfaces. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::SpotFleet.PerformanceFactorReferenceRequest": { + "additionalProperties": false, + "properties": { + "InstanceFamily": { + "markdownDescription": "The instance family to use as a baseline reference.\n\n> Ensure that you specify the correct value for the instance family. The instance family is everything before the period ( `.` ) in the instance type name. For example, in the instance type `c6i.large` , the instance family is `c6i` , not `c6` . For more information, see [Amazon EC2 instance type naming conventions](https://docs.aws.amazon.com/ec2/latest/instancetypes/instance-type-names.html) in *Amazon EC2 Instance Types* . \n\nThe following instance families are *not supported* for performance protection:\n\n- `c1`\n- `g3` | `g3s`\n- `hpc7g`\n- `m1` | `m2`\n- `mac1` | `mac2` | `mac2-m1ultra` | `mac2-m2` | `mac2-m2pro`\n- `p3dn` | `p4d` | `p5`\n- `t1`\n- `u-12tb1` | `u-18tb1` | `u-24tb1` | `u-3tb1` | `u-6tb1` | `u-9tb1` | `u7i-12tb` | `u7in-16tb` | `u7in-24tb` | `u7in-32tb`\n\nIf you enable performance protection by specifying a supported instance family, the returned instance types will exclude the above unsupported instance families.\n\nIf you specify an unsupported instance family as a value for baseline performance, the API returns an empty response for [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) and an exception for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet.html) , [RequestSpotFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RequestSpotFleet.html) , [ModifyFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyFleet.html) , and [ModifySpotFleetRequest](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifySpotFleetRequest.html) .", + "title": "InstanceFamily", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::SpotFleet.PrivateIpAddressSpecification": { + "additionalProperties": false, + "properties": { + "Primary": { + "markdownDescription": "Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.", + "title": "Primary", + "type": "boolean" + }, + "PrivateIpAddress": { + "markdownDescription": "The private IPv4 address.", + "title": "PrivateIpAddress", "type": "string" } }, "required": [ - "UserPoolArn", - "UserPoolClientId", - "UserPoolDomain" + "PrivateIpAddress" ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::Listener.AuthenticateOidcConfig": { + "AWS::EC2::SpotFleet.SpotCapacityRebalance": { "additionalProperties": false, "properties": { - "AuthenticationRequestExtraParams": { - "additionalProperties": true, - "markdownDescription": "The query parameters (up to 10) to include in the redirect request to the authorization endpoint.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "ReplacementStrategy": { + "markdownDescription": "The replacement strategy to use. Only available for fleets of type `maintain` .\n\n`launch` - Spot Fleet launches a new replacement Spot Instance when a rebalance notification is emitted for an existing Spot Instance in the fleet. Spot Fleet does not terminate the instances that receive a rebalance notification. You can terminate the old instances, or you can leave them running. You are charged for all instances while they are running.\n\n`launch-before-terminate` - Spot Fleet launches a new replacement Spot Instance when a rebalance notification is emitted for an existing Spot Instance in the fleet, and then, after a delay that you specify (in `TerminationDelay` ), terminates the instances that received a rebalance notification.", + "title": "ReplacementStrategy", + "type": "string" + }, + "TerminationDelay": { + "markdownDescription": "The amount of time (in seconds) that Amazon EC2 waits before terminating the old Spot Instance after launching a new replacement Spot Instance.\n\nRequired when `ReplacementStrategy` is set to `launch-before-terminate` .\n\nNot valid when `ReplacementStrategy` is set to `launch` .\n\nValid values: Minimum value of `120` seconds. Maximum value of `7200` seconds.", + "title": "TerminationDelay", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::SpotFleet.SpotFleetLaunchSpecification": { + "additionalProperties": false, + "properties": { + "BlockDeviceMappings": { + "items": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.BlockDeviceMapping" }, - "title": "AuthenticationRequestExtraParams", - "type": "object" + "markdownDescription": "One or more block devices that are mapped to the Spot Instances. You can't specify both a snapshot ID and an encryption value. This is because only blank volumes can be encrypted on creation. If a snapshot is the basis for a volume, it is not blank and its encryption status is used for the volume encryption status.", + "title": "BlockDeviceMappings", + "type": "array" }, - "AuthorizationEndpoint": { - "markdownDescription": "The authorization endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", - "title": "AuthorizationEndpoint", - "type": "string" + "EbsOptimized": { + "markdownDescription": "Indicates whether the instances are optimized for EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS Optimized instance.\n\nDefault: `false`", + "title": "EbsOptimized", + "type": "boolean" }, - "ClientId": { - "markdownDescription": "The OAuth 2.0 client identifier.", - "title": "ClientId", - "type": "string" + "IamInstanceProfile": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.IamInstanceProfileSpecification", + "markdownDescription": "The IAM instance profile.", + "title": "IamInstanceProfile" }, - "ClientSecret": { - "markdownDescription": "The OAuth 2.0 client secret. This parameter is required if you are creating a rule. If you are modifying a rule, you can omit this parameter if you set `UseExistingClientSecret` to true.", - "title": "ClientSecret", + "ImageId": { + "markdownDescription": "The ID of the AMI.", + "title": "ImageId", "type": "string" }, - "Issuer": { - "markdownDescription": "The OIDC issuer identifier of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", - "title": "Issuer", + "InstanceRequirements": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.InstanceRequirementsRequest", + "markdownDescription": "The attributes for the instance types. When you specify instance attributes, Amazon EC2 will identify instance types with those attributes.\n\n> If you specify `InstanceRequirements` , you can't specify `InstanceType` .", + "title": "InstanceRequirements" + }, + "InstanceType": { + "markdownDescription": "The instance type.", + "title": "InstanceType", "type": "string" }, - "OnUnauthenticatedRequest": { - "markdownDescription": "The behavior if the user is not authenticated. The following are possible values:\n\n- deny `` - Return an HTTP 401 Unauthorized error.\n- allow `` - Allow the request to be forwarded to the target.\n- authenticate `` - Redirect the request to the IdP authorization endpoint. This is the default value.", - "title": "OnUnauthenticatedRequest", + "KernelId": { + "markdownDescription": "The ID of the kernel.", + "title": "KernelId", "type": "string" }, - "Scope": { - "markdownDescription": "The set of user claims to be requested from the IdP. The default is `openid` .\n\nTo verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.", - "title": "Scope", + "KeyName": { + "markdownDescription": "The name of the key pair.", + "title": "KeyName", "type": "string" }, - "SessionCookieName": { - "markdownDescription": "The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.", - "title": "SessionCookieName", + "Monitoring": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotFleetMonitoring", + "markdownDescription": "Enable or disable monitoring for the instances.", + "title": "Monitoring" + }, + "NetworkInterfaces": { + "items": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.InstanceNetworkInterfaceSpecification" + }, + "markdownDescription": "The network interfaces.", + "title": "NetworkInterfaces", + "type": "array" + }, + "Placement": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotPlacement", + "markdownDescription": "The placement information.", + "title": "Placement" + }, + "RamdiskId": { + "markdownDescription": "The ID of the RAM disk. Some kernels require additional drivers at launch. Check the kernel requirements for information about whether you need to specify a RAM disk. To find kernel requirements, refer to the AWS Resource Center and search for the kernel ID.", + "title": "RamdiskId", "type": "string" }, - "SessionTimeout": { - "markdownDescription": "The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).", - "title": "SessionTimeout", + "SecurityGroups": { + "items": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.GroupIdentifier" + }, + "markdownDescription": "The security groups.\n\nIf you specify a network interface, you must specify any security groups as part of the network interface instead of using this parameter.", + "title": "SecurityGroups", + "type": "array" + }, + "SpotPrice": { + "markdownDescription": "The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.\n\n> If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.", + "title": "SpotPrice", "type": "string" }, - "TokenEndpoint": { - "markdownDescription": "The token endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", - "title": "TokenEndpoint", + "SubnetId": { + "markdownDescription": "The IDs of the subnets in which to launch the instances. To specify multiple subnets, separate them using commas; for example, \"subnet-1234abcdeexample1, subnet-0987cdef6example2\".\n\nIf you specify a network interface, you must specify any subnets as part of the network interface instead of using this parameter.", + "title": "SubnetId", "type": "string" }, - "UseExistingClientSecret": { - "markdownDescription": "Indicates whether to use the existing client secret when modifying a rule. If you are creating a rule, you can omit this parameter or set it to false.", - "title": "UseExistingClientSecret", - "type": "boolean" + "TagSpecifications": { + "items": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotFleetTagSpecification" + }, + "markdownDescription": "The tags to apply during creation.", + "title": "TagSpecifications", + "type": "array" }, - "UserInfoEndpoint": { - "markdownDescription": "The user info endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", - "title": "UserInfoEndpoint", + "UserData": { + "markdownDescription": "The base64-encoded user data that instances use when starting up. User data is limited to 16 KB.", + "title": "UserData", "type": "string" + }, + "WeightedCapacity": { + "markdownDescription": "The number of units provided by the specified instance type. These are the same units that you chose to set the target capacity in terms of instances, or a performance characteristic such as vCPUs, memory, or I/O.\n\nIf the target capacity divided by this value is not a whole number, Amazon EC2 rounds the number of instances to the next whole number. If this value is not specified, the default is 1.\n\n> When specifying weights, the price used in the `lowestPrice` and `priceCapacityOptimized` allocation strategies is per *unit* hour (where the instance price is divided by the specified weight). However, if all the specified weights are above the requested `TargetCapacity` , resulting in only 1 instance being launched, the price used is per *instance* hour.", + "title": "WeightedCapacity", + "type": "number" } }, "required": [ - "AuthorizationEndpoint", - "ClientId", - "Issuer", - "TokenEndpoint", - "UserInfoEndpoint" + "ImageId" ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::Listener.Certificate": { + "AWS::EC2::SpotFleet.SpotFleetMonitoring": { "additionalProperties": false, "properties": { - "CertificateArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the certificate.", - "title": "CertificateArn", - "type": "string" + "Enabled": { + "markdownDescription": "Enables monitoring for the instance.\n\nDefault: `false`", + "title": "Enabled", + "type": "boolean" } }, "type": "object" }, - "AWS::ElasticLoadBalancingV2::Listener.FixedResponseConfig": { + "AWS::EC2::SpotFleet.SpotFleetRequestConfigData": { "additionalProperties": false, "properties": { - "ContentType": { - "markdownDescription": "The content type.\n\nValid Values: text/plain | text/css | text/html | application/javascript | application/json", - "title": "ContentType", + "AllocationStrategy": { + "markdownDescription": "The strategy that determines how to allocate the target Spot Instance capacity across the Spot Instance pools specified by the Spot Fleet launch configuration. For more information, see [Allocation strategies for Spot Instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-allocation-strategy.html) in the *Amazon EC2 User Guide* .\n\n- **priceCapacityOptimized (recommended)** - Spot Fleet identifies the pools with the highest capacity availability for the number of instances that are launching. This means that we will request Spot Instances from the pools that we believe have the lowest chance of interruption in the near term. Spot Fleet then requests Spot Instances from the lowest priced of these pools.\n- **capacityOptimized** - Spot Fleet identifies the pools with the highest capacity availability for the number of instances that are launching. This means that we will request Spot Instances from the pools that we believe have the lowest chance of interruption in the near term. To give certain instance types a higher chance of launching first, use `capacityOptimizedPrioritized` . Set a priority for each instance type by using the `Priority` parameter for `LaunchTemplateOverrides` . You can assign the same priority to different `LaunchTemplateOverrides` . EC2 implements the priorities on a best-effort basis, but optimizes for capacity first. `capacityOptimizedPrioritized` is supported only if your Spot Fleet uses a launch template. Note that if the `OnDemandAllocationStrategy` is set to `prioritized` , the same priority is applied when fulfilling On-Demand capacity.\n- **diversified** - Spot Fleet requests instances from all of the Spot Instance pools that you specify.\n- **lowestPrice (not recommended)** - > We don't recommend the `lowestPrice` allocation strategy because it has the highest risk of interruption for your Spot Instances. \n\nSpot Fleet requests instances from the lowest priced Spot Instance pool that has available capacity. If the lowest priced pool doesn't have available capacity, the Spot Instances come from the next lowest priced pool that has available capacity. If a pool runs out of capacity before fulfilling your desired capacity, Spot Fleet will continue to fulfill your request by drawing from the next lowest priced pool. To ensure that your desired capacity is met, you might receive Spot Instances from several pools. Because this strategy only considers instance price and not capacity availability, it might lead to high interruption rates.\n\nDefault: `lowestPrice`", + "title": "AllocationStrategy", "type": "string" }, - "MessageBody": { - "markdownDescription": "The message.", - "title": "MessageBody", + "Context": { + "markdownDescription": "Reserved.", + "title": "Context", "type": "string" }, - "StatusCode": { - "markdownDescription": "The HTTP response code (2XX, 4XX, or 5XX).", - "title": "StatusCode", + "ExcessCapacityTerminationPolicy": { + "markdownDescription": "Indicates whether running Spot Instances should be terminated if you decrease the target capacity of the Spot Fleet request below the current size of the Spot Fleet.\n\nSupported only for fleets of type `maintain` .", + "title": "ExcessCapacityTerminationPolicy", + "type": "string" + }, + "IamFleetRole": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Identity and Access Management (IAM) role that grants the Spot Fleet the permission to request, launch, terminate, and tag instances on your behalf. For more information, see [Spot Fleet Prerequisites](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-requests.html#spot-fleet-prerequisites) in the *Amazon EC2 User Guide* . Spot Fleet can terminate Spot Instances on your behalf when you cancel its Spot Fleet request or when the Spot Fleet request expires, if you set `TerminateInstancesWithExpiration` .", + "title": "IamFleetRole", + "type": "string" + }, + "InstanceInterruptionBehavior": { + "markdownDescription": "The behavior when a Spot Instance is interrupted. The default is `terminate` .", + "title": "InstanceInterruptionBehavior", + "type": "string" + }, + "InstancePoolsToUseCount": { + "markdownDescription": "The number of Spot pools across which to allocate your target Spot capacity. Valid only when Spot *AllocationStrategy* is set to `lowest-price` . Spot Fleet selects the cheapest Spot pools and evenly allocates your target Spot capacity across the number of Spot pools that you specify.\n\nNote that Spot Fleet attempts to draw Spot Instances from the number of pools that you specify on a best effort basis. If a pool runs out of Spot capacity before fulfilling your target capacity, Spot Fleet will continue to fulfill your request by drawing from the next cheapest pool. To ensure that your target capacity is met, you might receive Spot Instances from more than the number of pools that you specified. Similarly, if most of the pools have no Spot capacity, you might receive your full target capacity from fewer than the number of pools that you specified.", + "title": "InstancePoolsToUseCount", + "type": "number" + }, + "LaunchSpecifications": { + "items": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotFleetLaunchSpecification" + }, + "markdownDescription": "The launch specifications for the Spot Fleet request. If you specify `LaunchSpecifications` , you can't specify `LaunchTemplateConfigs` .", + "title": "LaunchSpecifications", + "type": "array" + }, + "LaunchTemplateConfigs": { + "items": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.LaunchTemplateConfig" + }, + "markdownDescription": "The launch template and overrides. If you specify `LaunchTemplateConfigs` , you can't specify `LaunchSpecifications` .", + "title": "LaunchTemplateConfigs", + "type": "array" + }, + "LoadBalancersConfig": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.LoadBalancersConfig", + "markdownDescription": "One or more Classic Load Balancers and target groups to attach to the Spot Fleet request. Spot Fleet registers the running Spot Instances with the specified Classic Load Balancers and target groups.\n\nWith Network Load Balancers, Spot Fleet cannot register instances that have the following instance types: C1, CC1, CC2, CG1, CG2, CR1, CS1, G1, G2, HI1, HS1, M1, M2, M3, and T1.", + "title": "LoadBalancersConfig" + }, + "OnDemandAllocationStrategy": { + "markdownDescription": "The order of the launch template overrides to use in fulfilling On-Demand capacity. If you specify `lowestPrice` , Spot Fleet uses price to determine the order, launching the lowest price first. If you specify `prioritized` , Spot Fleet uses the priority that you assign to each Spot Fleet launch template override, launching the highest priority first. If you do not specify a value, Spot Fleet defaults to `lowestPrice` .", + "title": "OnDemandAllocationStrategy", + "type": "string" + }, + "OnDemandMaxTotalPrice": { + "markdownDescription": "The maximum amount per hour for On-Demand Instances that you're willing to pay. You can use the `onDemandMaxTotalPrice` parameter, the `spotMaxTotalPrice` parameter, or both parameters to ensure that your fleet cost does not exceed your budget. If you set a maximum price per hour for the On-Demand Instances and Spot Instances in your request, Spot Fleet will launch instances until it reaches the maximum amount you're willing to pay. When the maximum amount you're willing to pay is reached, the fleet stops launching instances even if it hasn\u2019t met the target capacity.\n\n> If your fleet includes T instances that are configured as `unlimited` , and if their average CPU usage exceeds the baseline utilization, you will incur a charge for surplus credits. The `onDemandMaxTotalPrice` does not account for surplus credits, and, if you use surplus credits, your final cost might be higher than what you specified for `onDemandMaxTotalPrice` . For more information, see [Surplus credits can incur charges](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) in the *Amazon EC2 User Guide* .", + "title": "OnDemandMaxTotalPrice", + "type": "string" + }, + "OnDemandTargetCapacity": { + "markdownDescription": "The number of On-Demand units to request. You can choose to set the target capacity in terms of instances or a performance characteristic that is important to your application workload, such as vCPUs, memory, or I/O. If the request type is `maintain` , you can specify a target capacity of 0 and add capacity later.", + "title": "OnDemandTargetCapacity", + "type": "number" + }, + "ReplaceUnhealthyInstances": { + "markdownDescription": "Indicates whether Spot Fleet should replace unhealthy instances.", + "title": "ReplaceUnhealthyInstances", + "type": "boolean" + }, + "SpotMaintenanceStrategies": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotMaintenanceStrategies", + "markdownDescription": "The strategies for managing your Spot Instances that are at an elevated risk of being interrupted.", + "title": "SpotMaintenanceStrategies" + }, + "SpotMaxTotalPrice": { + "markdownDescription": "The maximum amount per hour for Spot Instances that you're willing to pay. You can use the `spotMaxTotalPrice` parameter, the `onDemandMaxTotalPrice` parameter, or both parameters to ensure that your fleet cost does not exceed your budget. If you set a maximum price per hour for the On-Demand Instances and Spot Instances in your request, Spot Fleet will launch instances until it reaches the maximum amount you're willing to pay. When the maximum amount you're willing to pay is reached, the fleet stops launching instances even if it hasn\u2019t met the target capacity.\n\n> If your fleet includes T instances that are configured as `unlimited` , and if their average CPU usage exceeds the baseline utilization, you will incur a charge for surplus credits. The `spotMaxTotalPrice` does not account for surplus credits, and, if you use surplus credits, your final cost might be higher than what you specified for `spotMaxTotalPrice` . For more information, see [Surplus credits can incur charges](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) in the *Amazon EC2 User Guide* .", + "title": "SpotMaxTotalPrice", + "type": "string" + }, + "SpotPrice": { + "markdownDescription": "The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.\n\n> If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.", + "title": "SpotPrice", + "type": "string" + }, + "TagSpecifications": { + "items": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotFleetTagSpecification" + }, + "markdownDescription": "The key-value pair for tagging the Spot Fleet request on creation. The value for `ResourceType` must be `spot-fleet-request` , otherwise the Spot Fleet request fails. To tag instances at launch, specify the tags in the [launch template](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html#create-launch-template) (valid only if you use `LaunchTemplateConfigs` ) or in the `[SpotFleetTagSpecification](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotFleetTagSpecification.html)` (valid only if you use `LaunchSpecifications` ). For information about tagging after launch, see [Tag your resources](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#tag-resources) .", + "title": "TagSpecifications", + "type": "array" + }, + "TargetCapacity": { + "markdownDescription": "The number of units to request for the Spot Fleet. You can choose to set the target capacity in terms of instances or a performance characteristic that is important to your application workload, such as vCPUs, memory, or I/O. If the request type is `maintain` , you can specify a target capacity of 0 and add capacity later.", + "title": "TargetCapacity", + "type": "number" + }, + "TargetCapacityUnitType": { + "markdownDescription": "The unit for the target capacity. You can specify this parameter only when using attribute-based instance type selection.\n\nDefault: `units` (the number of instances)", + "title": "TargetCapacityUnitType", + "type": "string" + }, + "TerminateInstancesWithExpiration": { + "markdownDescription": "Indicates whether running Spot Instances are terminated when the Spot Fleet request expires.", + "title": "TerminateInstancesWithExpiration", + "type": "boolean" + }, + "Type": { + "markdownDescription": "The type of request. Indicates whether the Spot Fleet only requests the target capacity or also attempts to maintain it. When this value is `request` , the Spot Fleet only places the required requests. It does not attempt to replenish Spot Instances if capacity is diminished, nor does it submit requests in alternative Spot pools if capacity is not available. When this value is `maintain` , the Spot Fleet maintains the target capacity. The Spot Fleet places the required requests to meet capacity and automatically replenishes any interrupted instances. Default: `maintain` . `instant` is listed but is not used by Spot Fleet.", + "title": "Type", + "type": "string" + }, + "ValidFrom": { + "markdownDescription": "The start date and time of the request, in UTC format ( *YYYY* - *MM* - *DD* T *HH* : *MM* : *SS* Z). By default, Amazon EC2 starts fulfilling the request immediately.", + "title": "ValidFrom", + "type": "string" + }, + "ValidUntil": { + "markdownDescription": "The end date and time of the request, in UTC format ( *YYYY* - *MM* - *DD* T *HH* : *MM* : *SS* Z). After the end date and time, no new Spot Instance requests are placed or able to fulfill the request. If no value is specified, the Spot Fleet request remains until you cancel it.", + "title": "ValidUntil", "type": "string" } }, "required": [ - "StatusCode" + "IamFleetRole", + "TargetCapacity" ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::Listener.ForwardConfig": { + "AWS::EC2::SpotFleet.SpotFleetTagSpecification": { "additionalProperties": false, "properties": { - "TargetGroupStickinessConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.TargetGroupStickinessConfig", - "markdownDescription": "Information about the target group stickiness for a rule.", - "title": "TargetGroupStickinessConfig" + "ResourceType": { + "markdownDescription": "The type of resource. Currently, the only resource type that is supported is `instance` . To tag the Spot Fleet request on creation, use the `TagSpecifications` parameter in `[SpotFleetRequestConfigData](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotFleetRequestConfigData.html)` .", + "title": "ResourceType", + "type": "string" }, - "TargetGroups": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.TargetGroupTuple" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "Information about how traffic will be distributed between multiple target groups in a forward rule.", - "title": "TargetGroups", + "markdownDescription": "The tags.", + "title": "Tags", "type": "array" } }, "type": "object" }, - "AWS::ElasticLoadBalancingV2::Listener.MutualAuthentication": { + "AWS::EC2::SpotFleet.SpotMaintenanceStrategies": { "additionalProperties": false, "properties": { - "IgnoreClientCertificateExpiry": { - "markdownDescription": "Indicates whether expired client certificates are ignored.", - "title": "IgnoreClientCertificateExpiry", - "type": "boolean" - }, - "Mode": { - "markdownDescription": "The client certificate handling method. Options are `off` , `passthrough` or `verify` . The default value is `off` .", - "title": "Mode", - "type": "string" - }, - "TrustStoreArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the trust store.", - "title": "TrustStoreArn", - "type": "string" + "CapacityRebalance": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotCapacityRebalance", + "markdownDescription": "The Spot Instance replacement strategy to use when Amazon EC2 emits a signal that your Spot Instance is at an elevated risk of being interrupted. For more information, see [Capacity rebalancing](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-capacity-rebalance.html) in the *Amazon EC2 User Guide* .", + "title": "CapacityRebalance" } }, "type": "object" }, - "AWS::ElasticLoadBalancingV2::Listener.RedirectConfig": { + "AWS::EC2::SpotFleet.SpotPlacement": { "additionalProperties": false, "properties": { - "Host": { - "markdownDescription": "The hostname. This component is not percent-encoded. The hostname can contain #{host}.", - "title": "Host", - "type": "string" - }, - "Path": { - "markdownDescription": "The absolute path, starting with the leading \"/\". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}.", - "title": "Path", - "type": "string" - }, - "Port": { - "markdownDescription": "The port. You can specify a value from 1 to 65535 or #{port}.", - "title": "Port", + "AvailabilityZone": { + "markdownDescription": "The Availability Zone.\n\nTo specify multiple Availability Zones, separate them using commas; for example, \"us-west-2a, us-west-2b\".", + "title": "AvailabilityZone", "type": "string" }, - "Protocol": { - "markdownDescription": "The protocol. You can specify HTTP, HTTPS, or #{protocol}. You can redirect HTTP to HTTP, HTTP to HTTPS, and HTTPS to HTTPS. You can't redirect HTTPS to HTTP.", - "title": "Protocol", + "GroupName": { + "markdownDescription": "The name of the placement group.", + "title": "GroupName", "type": "string" }, - "Query": { - "markdownDescription": "The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading \"?\", as it is automatically added. You can specify any of the reserved keywords.", - "title": "Query", + "Tenancy": { + "markdownDescription": "The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of `dedicated` runs on single-tenant hardware. The `host` tenancy is not supported for Spot Instances.", + "title": "Tenancy", "type": "string" - }, - "StatusCode": { - "markdownDescription": "The HTTP redirect code. The redirect is either permanent (HTTP 301) or temporary (HTTP 302).", - "title": "StatusCode", + } + }, + "type": "object" + }, + "AWS::EC2::SpotFleet.TargetGroup": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the target group.", + "title": "Arn", "type": "string" } }, "required": [ - "StatusCode" + "Arn" ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::Listener.TargetGroupStickinessConfig": { + "AWS::EC2::SpotFleet.TargetGroupsConfig": { "additionalProperties": false, "properties": { - "DurationSeconds": { - "markdownDescription": "The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days). You must specify this value when enabling target group stickiness.", - "title": "DurationSeconds", + "TargetGroups": { + "items": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.TargetGroup" + }, + "markdownDescription": "One or more target groups.", + "title": "TargetGroups", + "type": "array" + } + }, + "required": [ + "TargetGroups" + ], + "type": "object" + }, + "AWS::EC2::SpotFleet.TotalLocalStorageGBRequest": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum amount of total local storage, in GB. To specify no maximum limit, omit this parameter.", + "title": "Max", "type": "number" }, - "Enabled": { - "markdownDescription": "Indicates whether target group stickiness is enabled.", - "title": "Enabled", - "type": "boolean" + "Min": { + "markdownDescription": "The minimum amount of total local storage, in GB. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" } }, "type": "object" }, - "AWS::ElasticLoadBalancingV2::Listener.TargetGroupTuple": { + "AWS::EC2::SpotFleet.VCpuCountRangeRequest": { "additionalProperties": false, "properties": { - "TargetGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the target group.", - "title": "TargetGroupArn", - "type": "string" + "Max": { + "markdownDescription": "The maximum number of vCPUs. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" }, - "Weight": { - "markdownDescription": "The weight. The range is 0 to 999.", - "title": "Weight", + "Min": { + "markdownDescription": "The minimum number of vCPUs. To specify no minimum limit, specify `0` .", + "title": "Min", "type": "number" } }, "type": "object" }, - "AWS::ElasticLoadBalancingV2::ListenerCertificate": { + "AWS::EC2::Subnet": { "additionalProperties": false, "properties": { "Condition": { @@ -93319,29 +98564,103 @@ "Properties": { "additionalProperties": false, "properties": { - "Certificates": { + "AssignIpv6AddressOnCreation": { + "markdownDescription": "Indicates whether a network interface created in this subnet receives an IPv6 address. The default value is `false` .\n\nIf you specify `AssignIpv6AddressOnCreation` , you must also specify an IPv6 CIDR block.", + "title": "AssignIpv6AddressOnCreation", + "type": "boolean" + }, + "AvailabilityZone": { + "markdownDescription": "The Availability Zone of the subnet.\n\nIf you update this property, you must also update the `CidrBlock` property.", + "title": "AvailabilityZone", + "type": "string" + }, + "AvailabilityZoneId": { + "markdownDescription": "The AZ ID of the subnet.", + "title": "AvailabilityZoneId", + "type": "string" + }, + "CidrBlock": { + "markdownDescription": "The IPv4 CIDR block assigned to the subnet.\n\nIf you update this property, we create a new subnet, and then delete the existing one.", + "title": "CidrBlock", + "type": "string" + }, + "EnableDns64": { + "markdownDescription": "Indicates whether DNS queries made to the Amazon-provided DNS Resolver in this subnet should return synthetic IPv6 addresses for IPv4-only destinations.\n\n> You must first configure a NAT gateway in a public subnet (separate from the subnet containing the IPv6-only workloads). For example, the subnet containing the NAT gateway should have a `0.0.0.0/0` route pointing to the internet gateway. For more information, see [Configure DNS64 and NAT64](https://docs.aws.amazon.com/vpc/latest/userguide/nat-gateway-nat64-dns64.html#nat-gateway-nat64-dns64-walkthrough) in the *Amazon Virtual Private Cloud User Guide* .", + "title": "EnableDns64", + "type": "boolean" + }, + "EnableLniAtDeviceIndex": { + "markdownDescription": "Indicates the device position for local network interfaces in this subnet. For example, `1` indicates local network interfaces in this subnet are the secondary network interface (eth1).", + "title": "EnableLniAtDeviceIndex", + "type": "number" + }, + "Ipv4IpamPoolId": { + "markdownDescription": "An IPv4 IPAM pool ID for the subnet.", + "title": "Ipv4IpamPoolId", + "type": "string" + }, + "Ipv4NetmaskLength": { + "markdownDescription": "An IPv4 netmask length for the subnet.", + "title": "Ipv4NetmaskLength", + "type": "number" + }, + "Ipv6CidrBlock": { + "markdownDescription": "The IPv6 CIDR block.\n\nIf you specify `AssignIpv6AddressOnCreation` , you must also specify an IPv6 CIDR block.", + "title": "Ipv6CidrBlock", + "type": "string" + }, + "Ipv6IpamPoolId": { + "markdownDescription": "An IPv6 IPAM pool ID for the subnet.", + "title": "Ipv6IpamPoolId", + "type": "string" + }, + "Ipv6Native": { + "markdownDescription": "Indicates whether this is an IPv6 only subnet. For more information, see [Subnet basics](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html#subnet-basics) in the *Amazon Virtual Private Cloud User Guide* .", + "title": "Ipv6Native", + "type": "boolean" + }, + "Ipv6NetmaskLength": { + "markdownDescription": "An IPv6 netmask length for the subnet.", + "title": "Ipv6NetmaskLength", + "type": "number" + }, + "MapPublicIpOnLaunch": { + "markdownDescription": "Indicates whether instances launched in this subnet receive a public IPv4 address. The default value is `false` .\n\nAWS charges for all public IPv4 addresses, including public IPv4 addresses associated with running instances and Elastic IP addresses. For more information, see the *Public IPv4 Address* tab on the [VPC pricing page](https://docs.aws.amazon.com/vpc/pricing/) .", + "title": "MapPublicIpOnLaunch", + "type": "boolean" + }, + "OutpostArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Outpost.", + "title": "OutpostArn", + "type": "string" + }, + "PrivateDnsNameOptionsOnLaunch": { + "$ref": "#/definitions/AWS::EC2::Subnet.PrivateDnsNameOptionsOnLaunch", + "markdownDescription": "The hostname type for EC2 instances launched into this subnet and how DNS A and AAAA record queries to the instances should be handled. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .\n\nAvailable options:\n\n- EnableResourceNameDnsAAAARecord (true | false)\n- EnableResourceNameDnsARecord (true | false)\n- HostnameType (ip-name | resource-name)", + "title": "PrivateDnsNameOptionsOnLaunch" + }, + "Tags": { "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerCertificate.Certificate" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The certificate. You can specify one certificate per resource.", - "title": "Certificates", + "markdownDescription": "Any tags assigned to the subnet.", + "title": "Tags", "type": "array" }, - "ListenerArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the listener.", - "title": "ListenerArn", + "VpcId": { + "markdownDescription": "The ID of the VPC the subnet is in.\n\nIf you update this property, you must also update the `CidrBlock` property.", + "title": "VpcId", "type": "string" } }, "required": [ - "Certificates", - "ListenerArn" + "VpcId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElasticLoadBalancingV2::ListenerCertificate" + "AWS::EC2::Subnet" ], "type": "string" }, @@ -93360,18 +98679,39 @@ ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::ListenerCertificate.Certificate": { + "AWS::EC2::Subnet.BlockPublicAccessStates": { "additionalProperties": false, "properties": { - "CertificateArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the certificate.", - "title": "CertificateArn", + "InternetGatewayBlockMode": { + "markdownDescription": "The mode of VPC BPA.\n\n- `off` : VPC BPA is not enabled and traffic is allowed to and from internet gateways and egress-only internet gateways in this Region.\n- `block-bidirectional` : Block all traffic to and from internet gateways and egress-only internet gateways in this Region (except for excluded VPCs and subnets).\n- `block-ingress` : Block all internet traffic to the VPCs in this Region (except for VPCs or subnets which are excluded). Only traffic to and from NAT gateways and egress-only internet gateways is allowed because these gateways only allow outbound connections to be established.", + "title": "InternetGatewayBlockMode", "type": "string" } }, "type": "object" }, - "AWS::ElasticLoadBalancingV2::ListenerRule": { + "AWS::EC2::Subnet.PrivateDnsNameOptionsOnLaunch": { + "additionalProperties": false, + "properties": { + "EnableResourceNameDnsAAAARecord": { + "markdownDescription": "Indicates whether to respond to DNS queries for instance hostname with DNS AAAA records.", + "title": "EnableResourceNameDnsAAAARecord", + "type": "boolean" + }, + "EnableResourceNameDnsARecord": { + "markdownDescription": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records.", + "title": "EnableResourceNameDnsARecord", + "type": "boolean" + }, + "HostnameType": { + "markdownDescription": "The type of hostname for EC2 instances. For IPv4 only subnets, an instance DNS name must be based on the instance IPv4 address. For IPv6 only subnets, an instance DNS name must be based on the instance ID. For dual-stack subnets, you can specify whether DNS names use the instance IPv4 address or the instance ID.", + "title": "HostnameType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::SubnetCidrBlock": { "additionalProperties": false, "properties": { "Condition": { @@ -93406,43 +98746,35 @@ "Properties": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.Action" - }, - "markdownDescription": "The actions.\n\nThe rule must include exactly one of the following types of actions: `forward` , `fixed-response` , or `redirect` , and it must be the last action to be performed. If the rule is for an HTTPS listener, it can also optionally include an authentication action.", - "title": "Actions", - "type": "array" - }, - "Conditions": { - "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.RuleCondition" - }, - "markdownDescription": "The conditions.\n\nThe rule can optionally include up to one of each of the following conditions: `http-request-method` , `host-header` , `path-pattern` , and `source-ip` . A rule can also optionally include one or more of each of the following conditions: `http-header` and `query-string` .", - "title": "Conditions", - "type": "array" + "Ipv6CidrBlock": { + "markdownDescription": "The IPv6 network range for the subnet, in CIDR notation.", + "title": "Ipv6CidrBlock", + "type": "string" }, - "ListenerArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the listener.", - "title": "ListenerArn", + "Ipv6IpamPoolId": { + "markdownDescription": "An IPv6 IPAM pool ID for the subnet.", + "title": "Ipv6IpamPoolId", "type": "string" }, - "Priority": { - "markdownDescription": "The rule priority. A listener can't have multiple rules with the same priority.\n\nIf you try to reorder rules by updating their priorities, do not specify a new priority if an existing rule already uses this priority, as this can cause an error. If you need to reuse a priority with a different rule, you must remove it as a priority first, and then specify it in a subsequent update.", - "title": "Priority", + "Ipv6NetmaskLength": { + "markdownDescription": "An IPv6 netmask length for the subnet.", + "title": "Ipv6NetmaskLength", "type": "number" + }, + "SubnetId": { + "markdownDescription": "The ID of the subnet.", + "title": "SubnetId", + "type": "string" } }, "required": [ - "Actions", - "Conditions", - "Priority" + "SubnetId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElasticLoadBalancingV2::ListenerRule" + "AWS::EC2::SubnetCidrBlock" ], "type": "string" }, @@ -93461,460 +98793,377 @@ ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::ListenerRule.Action": { + "AWS::EC2::SubnetNetworkAclAssociation": { "additionalProperties": false, "properties": { - "AuthenticateCognitoConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.AuthenticateCognitoConfig", - "markdownDescription": "[HTTPS listeners] Information for using Amazon Cognito to authenticate users. Specify only when `Type` is `authenticate-cognito` .", - "title": "AuthenticateCognitoConfig" - }, - "AuthenticateOidcConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.AuthenticateOidcConfig", - "markdownDescription": "[HTTPS listeners] Information about an identity provider that is compliant with OpenID Connect (OIDC). Specify only when `Type` is `authenticate-oidc` .", - "title": "AuthenticateOidcConfig" + "Condition": { + "type": "string" }, - "FixedResponseConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.FixedResponseConfig", - "markdownDescription": "[Application Load Balancer] Information for creating an action that returns a custom HTTP response. Specify only when `Type` is `fixed-response` .", - "title": "FixedResponseConfig" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ForwardConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.ForwardConfig", - "markdownDescription": "Information for creating an action that distributes requests among one or more target groups. For Network Load Balancers, you can specify a single target group. Specify only when `Type` is `forward` . If you specify both `ForwardConfig` and `TargetGroupArn` , you can specify only one target group using `ForwardConfig` and it must be the same target group specified in `TargetGroupArn` .", - "title": "ForwardConfig" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Order": { - "markdownDescription": "The order for the action. This value is required for rules with multiple actions. The action with the lowest value for order is performed first.", - "title": "Order", - "type": "number" + "Metadata": { + "type": "object" }, - "RedirectConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.RedirectConfig", - "markdownDescription": "[Application Load Balancer] Information for creating a redirect action. Specify only when `Type` is `redirect` .", - "title": "RedirectConfig" + "Properties": { + "additionalProperties": false, + "properties": { + "NetworkAclId": { + "markdownDescription": "The ID of the network ACL.", + "title": "NetworkAclId", + "type": "string" + }, + "SubnetId": { + "markdownDescription": "The ID of the subnet.", + "title": "SubnetId", + "type": "string" + } + }, + "required": [ + "NetworkAclId", + "SubnetId" + ], + "type": "object" }, - "TargetGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the target group. Specify only when `Type` is `forward` and you want to route to a single target group. To route to one or more target groups, use `ForwardConfig` instead.", - "title": "TargetGroupArn", + "Type": { + "enum": [ + "AWS::EC2::SubnetNetworkAclAssociation" + ], "type": "string" }, - "Type": { - "markdownDescription": "The type of action.", - "title": "Type", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::ListenerRule.AuthenticateCognitoConfig": { + "AWS::EC2::SubnetRouteTableAssociation": { "additionalProperties": false, "properties": { - "AuthenticationRequestExtraParams": { - "additionalProperties": true, - "markdownDescription": "The query parameters (up to 10) to include in the redirect request to the authorization endpoint.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "AuthenticationRequestExtraParams", - "type": "object" - }, - "OnUnauthenticatedRequest": { - "markdownDescription": "The behavior if the user is not authenticated. The following are possible values:\n\n- deny `` - Return an HTTP 401 Unauthorized error.\n- allow `` - Allow the request to be forwarded to the target.\n- authenticate `` - Redirect the request to the IdP authorization endpoint. This is the default value.", - "title": "OnUnauthenticatedRequest", + "Condition": { "type": "string" }, - "Scope": { - "markdownDescription": "The set of user claims to be requested from the IdP. The default is `openid` .\n\nTo verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.", - "title": "Scope", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SessionCookieName": { - "markdownDescription": "The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.", - "title": "SessionCookieName", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SessionTimeout": { - "markdownDescription": "The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).", - "title": "SessionTimeout", - "type": "number" + "Metadata": { + "type": "object" }, - "UserPoolArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Cognito user pool.", - "title": "UserPoolArn", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "RouteTableId": { + "markdownDescription": "The ID of the route table.\n\nThe physical ID changes when the route table ID is changed.", + "title": "RouteTableId", + "type": "string" + }, + "SubnetId": { + "markdownDescription": "The ID of the subnet.", + "title": "SubnetId", + "type": "string" + } + }, + "required": [ + "RouteTableId", + "SubnetId" + ], + "type": "object" }, - "UserPoolClientId": { - "markdownDescription": "The ID of the Amazon Cognito user pool client.", - "title": "UserPoolClientId", + "Type": { + "enum": [ + "AWS::EC2::SubnetRouteTableAssociation" + ], "type": "string" }, - "UserPoolDomain": { - "markdownDescription": "The domain prefix or fully-qualified domain name of the Amazon Cognito user pool.", - "title": "UserPoolDomain", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "UserPoolArn", - "UserPoolClientId", - "UserPoolDomain" + "Type", + "Properties" ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::ListenerRule.AuthenticateOidcConfig": { + "AWS::EC2::TrafficMirrorFilter": { "additionalProperties": false, "properties": { - "AuthenticationRequestExtraParams": { - "additionalProperties": true, - "markdownDescription": "The query parameters (up to 10) to include in the redirect request to the authorization endpoint.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "AuthenticationRequestExtraParams", - "type": "object" - }, - "AuthorizationEndpoint": { - "markdownDescription": "The authorization endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", - "title": "AuthorizationEndpoint", - "type": "string" - }, - "ClientId": { - "markdownDescription": "The OAuth 2.0 client identifier.", - "title": "ClientId", - "type": "string" - }, - "ClientSecret": { - "markdownDescription": "The OAuth 2.0 client secret. This parameter is required if you are creating a rule. If you are modifying a rule, you can omit this parameter if you set `UseExistingClientSecret` to true.", - "title": "ClientSecret", - "type": "string" - }, - "Issuer": { - "markdownDescription": "The OIDC issuer identifier of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", - "title": "Issuer", + "Condition": { "type": "string" }, - "OnUnauthenticatedRequest": { - "markdownDescription": "The behavior if the user is not authenticated. The following are possible values:\n\n- deny `` - Return an HTTP 401 Unauthorized error.\n- allow `` - Allow the request to be forwarded to the target.\n- authenticate `` - Redirect the request to the IdP authorization endpoint. This is the default value.", - "title": "OnUnauthenticatedRequest", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Scope": { - "markdownDescription": "The set of user claims to be requested from the IdP. The default is `openid` .\n\nTo verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.", - "title": "Scope", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SessionCookieName": { - "markdownDescription": "The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.", - "title": "SessionCookieName", - "type": "string" + "Metadata": { + "type": "object" }, - "SessionTimeout": { - "markdownDescription": "The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).", - "title": "SessionTimeout", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the Traffic Mirror filter.", + "title": "Description", + "type": "string" + }, + "NetworkServices": { + "items": { + "type": "string" + }, + "markdownDescription": "The network service traffic that is associated with the Traffic Mirror filter.\n\nValid values are `amazon-dns` .", + "title": "NetworkServices", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to assign to a Traffic Mirror filter.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" }, - "TokenEndpoint": { - "markdownDescription": "The token endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", - "title": "TokenEndpoint", + "Type": { + "enum": [ + "AWS::EC2::TrafficMirrorFilter" + ], "type": "string" }, - "UseExistingClientSecret": { - "markdownDescription": "Indicates whether to use the existing client secret when modifying a rule. If you are creating a rule, you can omit this parameter or set it to false.", - "title": "UseExistingClientSecret", - "type": "boolean" - }, - "UserInfoEndpoint": { - "markdownDescription": "The user info endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", - "title": "UserInfoEndpoint", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "AuthorizationEndpoint", - "ClientId", - "Issuer", - "TokenEndpoint", - "UserInfoEndpoint" + "Type" ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::ListenerRule.FixedResponseConfig": { + "AWS::EC2::TrafficMirrorFilterRule": { "additionalProperties": false, "properties": { - "ContentType": { - "markdownDescription": "The content type.\n\nValid Values: text/plain | text/css | text/html | application/javascript | application/json", - "title": "ContentType", + "Condition": { "type": "string" }, - "MessageBody": { - "markdownDescription": "The message.", - "title": "MessageBody", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "StatusCode": { - "markdownDescription": "The HTTP response code (2XX, 4XX, or 5XX).", - "title": "StatusCode", - "type": "string" - } - }, - "required": [ - "StatusCode" - ], - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::ListenerRule.ForwardConfig": { - "additionalProperties": false, - "properties": { - "TargetGroupStickinessConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.TargetGroupStickinessConfig", - "markdownDescription": "Information about the target group stickiness for a rule.", - "title": "TargetGroupStickinessConfig" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "TargetGroups": { - "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.TargetGroupTuple" - }, - "markdownDescription": "Information about how traffic will be distributed between multiple target groups in a forward rule.", - "title": "TargetGroups", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::ListenerRule.HostHeaderConfig": { - "additionalProperties": false, - "properties": { - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The host names. The maximum size of each name is 128 characters. The comparison is case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character). You must include at least one \".\" character. You can include only alphabetical characters after the final \".\" character.\n\nIf you specify multiple strings, the condition is satisfied if one of the strings matches the host name.", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::ListenerRule.HttpHeaderConfig": { - "additionalProperties": false, - "properties": { - "HttpHeaderName": { - "markdownDescription": "The name of the HTTP header field. The maximum size is 40 characters. The header name is case insensitive. The allowed characters are specified by RFC 7230. Wildcards are not supported.", - "title": "HttpHeaderName", - "type": "string" + "Metadata": { + "type": "object" }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The strings to compare against the value of the HTTP header. The maximum size of each string is 128 characters. The comparison strings are case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character).\n\nIf the same header appears multiple times in the request, we search them in order until a match is found.\n\nIf you specify multiple strings, the condition is satisfied if one of the strings matches the value of the HTTP header. To require that all of the strings are a match, create one condition per string.", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::ListenerRule.HttpRequestMethodConfig": { - "additionalProperties": false, - "properties": { - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The name of the request method. The maximum size is 40 characters. The allowed characters are A-Z, hyphen (-), and underscore (_). The comparison is case sensitive. Wildcards are not supported; therefore, the method name must be an exact match.\n\nIf you specify multiple strings, the condition is satisfied if one of the strings matches the HTTP request method. We recommend that you route GET and HEAD requests in the same way, because the response to a HEAD request may be cached.", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::ListenerRule.PathPatternConfig": { - "additionalProperties": false, - "properties": { - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The path patterns to compare against the request URL. The maximum size of each string is 128 characters. The comparison is case sensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character).\n\nIf you specify multiple strings, the condition is satisfied if one of them matches the request URL. The path pattern is compared only to the path of the URL, not to its query string.", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::ListenerRule.QueryStringConfig": { - "additionalProperties": false, - "properties": { - "Values": { - "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.QueryStringKeyValue" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the Traffic Mirror rule.", + "title": "Description", + "type": "string" + }, + "DestinationCidrBlock": { + "markdownDescription": "The destination CIDR block to assign to the Traffic Mirror rule.", + "title": "DestinationCidrBlock", + "type": "string" + }, + "DestinationPortRange": { + "$ref": "#/definitions/AWS::EC2::TrafficMirrorFilterRule.TrafficMirrorPortRange", + "markdownDescription": "The destination port range.", + "title": "DestinationPortRange" + }, + "Protocol": { + "markdownDescription": "The protocol, for example UDP, to assign to the Traffic Mirror rule.\n\nFor information about the protocol value, see [Protocol Numbers](https://docs.aws.amazon.com/https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) on the Internet Assigned Numbers Authority (IANA) website.", + "title": "Protocol", + "type": "number" + }, + "RuleAction": { + "markdownDescription": "The action to take on the filtered traffic.", + "title": "RuleAction", + "type": "string" + }, + "RuleNumber": { + "markdownDescription": "The number of the Traffic Mirror rule. This number must be unique for each Traffic Mirror rule in a given direction. The rules are processed in ascending order by rule number.", + "title": "RuleNumber", + "type": "number" + }, + "SourceCidrBlock": { + "markdownDescription": "The source CIDR block to assign to the Traffic Mirror rule.", + "title": "SourceCidrBlock", + "type": "string" + }, + "SourcePortRange": { + "$ref": "#/definitions/AWS::EC2::TrafficMirrorFilterRule.TrafficMirrorPortRange", + "markdownDescription": "The source port range.", + "title": "SourcePortRange" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags on Traffic Mirroring filter rules.", + "title": "Tags", + "type": "array" + }, + "TrafficDirection": { + "markdownDescription": "The type of traffic.", + "title": "TrafficDirection", + "type": "string" + }, + "TrafficMirrorFilterId": { + "markdownDescription": "The ID of the filter that this rule is associated with.", + "title": "TrafficMirrorFilterId", + "type": "string" + } }, - "markdownDescription": "The key/value pairs or values to find in the query string. The maximum size of each string is 128 characters. The comparison is case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character). To search for a literal '*' or '?' character in a query string, you must escape these characters in `Values` using a '\\' character.\n\nIf you specify multiple key/value pairs or values, the condition is satisfied if one of them is found in the query string.", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::ListenerRule.QueryStringKeyValue": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "The key. You can omit the key.", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "The value.", - "title": "Value", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::ListenerRule.RedirectConfig": { - "additionalProperties": false, - "properties": { - "Host": { - "markdownDescription": "The hostname. This component is not percent-encoded. The hostname can contain #{host}.", - "title": "Host", - "type": "string" - }, - "Path": { - "markdownDescription": "The absolute path, starting with the leading \"/\". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}.", - "title": "Path", - "type": "string" - }, - "Port": { - "markdownDescription": "The port. You can specify a value from 1 to 65535 or #{port}.", - "title": "Port", - "type": "string" - }, - "Protocol": { - "markdownDescription": "The protocol. You can specify HTTP, HTTPS, or #{protocol}. You can redirect HTTP to HTTP, HTTP to HTTPS, and HTTPS to HTTPS. You can't redirect HTTPS to HTTP.", - "title": "Protocol", - "type": "string" + "required": [ + "DestinationCidrBlock", + "RuleAction", + "RuleNumber", + "SourceCidrBlock", + "TrafficDirection", + "TrafficMirrorFilterId" + ], + "type": "object" }, - "Query": { - "markdownDescription": "The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading \"?\", as it is automatically added. You can specify any of the reserved keywords.", - "title": "Query", + "Type": { + "enum": [ + "AWS::EC2::TrafficMirrorFilterRule" + ], "type": "string" }, - "StatusCode": { - "markdownDescription": "The HTTP redirect code. The redirect is either permanent (HTTP 301) or temporary (HTTP 302).", - "title": "StatusCode", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "StatusCode" + "Type", + "Properties" ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::ListenerRule.RuleCondition": { - "additionalProperties": false, - "properties": { - "Field": { - "markdownDescription": "The field in the HTTP request. The following are the possible values:\n\n- `http-header`\n- `http-request-method`\n- `host-header`\n- `path-pattern`\n- `query-string`\n- `source-ip`", - "title": "Field", - "type": "string" - }, - "HostHeaderConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.HostHeaderConfig", - "markdownDescription": "Information for a host header condition. Specify only when `Field` is `host-header` .", - "title": "HostHeaderConfig" - }, - "HttpHeaderConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.HttpHeaderConfig", - "markdownDescription": "Information for an HTTP header condition. Specify only when `Field` is `http-header` .", - "title": "HttpHeaderConfig" - }, - "HttpRequestMethodConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.HttpRequestMethodConfig", - "markdownDescription": "Information for an HTTP method condition. Specify only when `Field` is `http-request-method` .", - "title": "HttpRequestMethodConfig" - }, - "PathPatternConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.PathPatternConfig", - "markdownDescription": "Information for a path pattern condition. Specify only when `Field` is `path-pattern` .", - "title": "PathPatternConfig" - }, - "QueryStringConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.QueryStringConfig", - "markdownDescription": "Information for a query string condition. Specify only when `Field` is `query-string` .", - "title": "QueryStringConfig" - }, - "SourceIpConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.SourceIpConfig", - "markdownDescription": "Information for a source IP condition. Specify only when `Field` is `source-ip` .", - "title": "SourceIpConfig" - }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The condition value. Specify only when `Field` is `host-header` or `path-pattern` . Alternatively, to specify multiple host names or multiple path patterns, use `HostHeaderConfig` or `PathPatternConfig` .\n\nIf `Field` is `host-header` and you're not using `HostHeaderConfig` , you can specify a single host name (for example, my.example.com). A host name is case insensitive, can be up to 128 characters in length, and can contain any of the following characters.\n\n- A-Z, a-z, 0-9\n- - .\n- * (matches 0 or more characters)\n- ? (matches exactly 1 character)\n\nIf `Field` is `path-pattern` and you're not using `PathPatternConfig` , you can specify a single path pattern (for example, /img/*). A path pattern is case-sensitive, can be up to 128 characters in length, and can contain any of the following characters.\n\n- A-Z, a-z, 0-9\n- _ - . $ / ~ \" ' @ : +\n- & (using &)\n- * (matches 0 or more characters)\n- ? (matches exactly 1 character)", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::ListenerRule.SourceIpConfig": { - "additionalProperties": false, - "properties": { - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The source IP addresses, in CIDR format. You can use both IPv4 and IPv6 addresses. Wildcards are not supported.\n\nIf you specify multiple addresses, the condition is satisfied if the source IP address of the request matches one of the CIDR blocks. This condition is not satisfied by the addresses in the X-Forwarded-For header.", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::ListenerRule.TargetGroupStickinessConfig": { + "AWS::EC2::TrafficMirrorFilterRule.TrafficMirrorPortRange": { "additionalProperties": false, "properties": { - "DurationSeconds": { - "markdownDescription": "The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days). You must specify this value when enabling target group stickiness.", - "title": "DurationSeconds", + "FromPort": { + "markdownDescription": "The start of the Traffic Mirror port range. This applies to the TCP and UDP protocols.", + "title": "FromPort", "type": "number" }, - "Enabled": { - "markdownDescription": "Indicates whether target group stickiness is enabled.", - "title": "Enabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::ListenerRule.TargetGroupTuple": { - "additionalProperties": false, - "properties": { - "TargetGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the target group.", - "title": "TargetGroupArn", - "type": "string" - }, - "Weight": { - "markdownDescription": "The weight. The range is 0 to 999.", - "title": "Weight", + "ToPort": { + "markdownDescription": "The end of the Traffic Mirror port range. This applies to the TCP and UDP protocols.", + "title": "ToPort", "type": "number" } }, + "required": [ + "FromPort", + "ToPort" + ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::LoadBalancer": { + "AWS::EC2::TrafficMirrorSession": { "additionalProperties": false, "properties": { "Condition": { @@ -93949,77 +99198,66 @@ "Properties": { "additionalProperties": false, "properties": { - "EnforceSecurityGroupInboundRulesOnPrivateLinkTraffic": { - "markdownDescription": "Indicates whether to evaluate inbound security group rules for traffic sent to a Network Load Balancer through AWS PrivateLink . The default is `on` .\n\nYou can't configure this property on a Network Load Balancer unless you associated a security group with the load balancer when you created it.", - "title": "EnforceSecurityGroupInboundRulesOnPrivateLinkTraffic", - "type": "string" - }, - "IpAddressType": { - "markdownDescription": "The IP address type. Internal load balancers must use `ipv4` .\n\n[Application Load Balancers] The possible values are `ipv4` (IPv4 addresses), `dualstack` (IPv4 and IPv6 addresses), and `dualstack-without-public-ipv4` (public IPv6 addresses and private IPv4 and IPv6 addresses).\n\nApplication Load Balancer authentication supports IPv4 addresses only when connecting to an Identity Provider (IdP) or Amazon Cognito endpoint. Without a public IPv4 address the load balancer can't complete the authentication process, resulting in HTTP 500 errors.\n\n[Network Load Balancers and Gateway Load Balancers] The possible values are `ipv4` (IPv4 addresses) and `dualstack` (IPv4 and IPv6 addresses).", - "title": "IpAddressType", + "Description": { + "markdownDescription": "The description of the Traffic Mirror session.", + "title": "Description", "type": "string" }, - "LoadBalancerAttributes": { - "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::LoadBalancer.LoadBalancerAttribute" - }, - "markdownDescription": "The load balancer attributes. Attributes that you do not modify retain their current values.", - "title": "LoadBalancerAttributes", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the load balancer. This name must be unique per region per account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, must not begin or end with a hyphen, and must not begin with \"internal-\".\n\nIf you don't specify a name, AWS CloudFormation generates a unique physical ID for the load balancer. If you specify a name, you cannot perform updates that require replacement of this resource, but you can perform other updates. To replace the resource, specify a new name.", - "title": "Name", + "NetworkInterfaceId": { + "markdownDescription": "The ID of the source network interface.", + "title": "NetworkInterfaceId", "type": "string" }, - "Scheme": { - "markdownDescription": "The nodes of an Internet-facing load balancer have public IP addresses. The DNS name of an Internet-facing load balancer is publicly resolvable to the public IP addresses of the nodes. Therefore, Internet-facing load balancers can route requests from clients over the internet.\n\nThe nodes of an internal load balancer have only private IP addresses. The DNS name of an internal load balancer is publicly resolvable to the private IP addresses of the nodes. Therefore, internal load balancers can route requests only from clients with access to the VPC for the load balancer.\n\nThe default is an Internet-facing load balancer.\n\nYou can't specify a scheme for a Gateway Load Balancer.", - "title": "Scheme", + "OwnerId": { + "markdownDescription": "The ID of the account that owns the Traffic Mirror session.", + "title": "OwnerId", "type": "string" }, - "SecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "[Application Load Balancers and Network Load Balancers] The IDs of the security groups for the load balancer.", - "title": "SecurityGroups", - "type": "array" - }, - "SubnetMappings": { - "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::LoadBalancer.SubnetMapping" - }, - "markdownDescription": "The IDs of the subnets. You can specify only one subnet per Availability Zone. You must specify either subnets or subnet mappings, but not both.\n\n[Application Load Balancers] You must specify subnets from at least two Availability Zones. You can't specify Elastic IP addresses for your subnets.\n\n[Application Load Balancers on Outposts] You must specify one Outpost subnet.\n\n[Application Load Balancers on Local Zones] You can specify subnets from one or more Local Zones.\n\n[Network Load Balancers] You can specify subnets from one or more Availability Zones. You can specify one Elastic IP address per subnet if you need static IP addresses for your internet-facing load balancer. For internal load balancers, you can specify one private IP address per subnet from the IPv4 range of the subnet. For internet-facing load balancer, you can specify one IPv6 address per subnet.\n\n[Gateway Load Balancers] You can specify subnets from one or more Availability Zones. You can't specify Elastic IP addresses for your subnets.", - "title": "SubnetMappings", - "type": "array" + "PacketLength": { + "markdownDescription": "The number of bytes in each packet to mirror. These are bytes after the VXLAN header. Do not specify this parameter when you want to mirror the entire packet. To mirror a subset of the packet, set this to the length (in bytes) that you want to mirror. For example, if you set this value to 100, then the first 100 bytes that meet the filter criteria are copied to the target.\n\nIf you do not want to mirror the entire packet, use the `PacketLength` parameter to specify the number of bytes in each packet to mirror.\n\nFor sessions with Network Load Balancer (NLB) Traffic Mirror targets the default `PacketLength` will be set to 8500. Valid values are 1-8500. Setting a `PacketLength` greater than 8500 will result in an error response.", + "title": "PacketLength", + "type": "number" }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the subnets. You can specify only one subnet per Availability Zone. You must specify either subnets or subnet mappings, but not both. To specify an Elastic IP address, specify subnet mappings instead of subnets.\n\n[Application Load Balancers] You must specify subnets from at least two Availability Zones.\n\n[Application Load Balancers on Outposts] You must specify one Outpost subnet.\n\n[Application Load Balancers on Local Zones] You can specify subnets from one or more Local Zones.\n\n[Network Load Balancers and Gateway Load Balancers] You can specify subnets from one or more Availability Zones.", - "title": "Subnets", - "type": "array" + "SessionNumber": { + "markdownDescription": "The session number determines the order in which sessions are evaluated when an interface is used by multiple sessions. The first session with a matching filter is the one that mirrors the packets.\n\nValid values are 1-32766.", + "title": "SessionNumber", + "type": "number" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to assign to the load balancer.", + "markdownDescription": "The tags to assign to a Traffic Mirror session.", "title": "Tags", "type": "array" }, - "Type": { - "markdownDescription": "The type of load balancer. The default is `application` .", - "title": "Type", + "TrafficMirrorFilterId": { + "markdownDescription": "The ID of the Traffic Mirror filter.", + "title": "TrafficMirrorFilterId", + "type": "string" + }, + "TrafficMirrorTargetId": { + "markdownDescription": "The ID of the Traffic Mirror target.", + "title": "TrafficMirrorTargetId", "type": "string" + }, + "VirtualNetworkId": { + "markdownDescription": "The VXLAN ID for the Traffic Mirror session. For more information about the VXLAN protocol, see [RFC 7348](https://docs.aws.amazon.com/https://datatracker.ietf.org/doc/html/rfc7348) . If you do not specify a `VirtualNetworkId` , an account-wide unique ID is chosen at random.", + "title": "VirtualNetworkId", + "type": "number" } }, + "required": [ + "NetworkInterfaceId", + "SessionNumber", + "TrafficMirrorFilterId", + "TrafficMirrorTargetId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::ElasticLoadBalancingV2::LoadBalancer" + "AWS::EC2::TrafficMirrorSession" ], "type": "string" }, @@ -94033,56 +99271,98 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::LoadBalancer.LoadBalancerAttribute": { + "AWS::EC2::TrafficMirrorTarget": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The name of the attribute.\n\nThe following attributes are supported by all load balancers:\n\n- `deletion_protection.enabled` - Indicates whether deletion protection is enabled. The value is `true` or `false` . The default is `false` .\n- `load_balancing.cross_zone.enabled` - Indicates whether cross-zone load balancing is enabled. The possible values are `true` and `false` . The default for Network Load Balancers and Gateway Load Balancers is `false` . The default for Application Load Balancers is `true` , and can't be changed.\n\nThe following attributes are supported by both Application Load Balancers and Network Load Balancers:\n\n- `access_logs.s3.enabled` - Indicates whether access logs are enabled. The value is `true` or `false` . The default is `false` .\n- `access_logs.s3.bucket` - The name of the S3 bucket for the access logs. This attribute is required if access logs are enabled. The bucket must exist in the same region as the load balancer and have a bucket policy that grants Elastic Load Balancing permissions to write to the bucket.\n- `access_logs.s3.prefix` - The prefix for the location in the S3 bucket for the access logs.\n- `ipv6.deny_all_igw_traffic` - Blocks internet gateway (IGW) access to the load balancer. It is set to `false` for internet-facing load balancers and `true` for internal load balancers, preventing unintended access to your internal load balancer through an internet gateway.\n- `zonal_shift.config.enabled` - Indicates whether zonal shift is enabled. The possible values are `true` and `false` . The default is `false` .\n\nThe following attributes are supported by only Application Load Balancers:\n\n- `idle_timeout.timeout_seconds` - The idle timeout value, in seconds. The valid range is 1-4000 seconds. The default is 60 seconds.\n- `client_keep_alive.seconds` - The client keep alive value, in seconds. The valid range is 60-604800 seconds. The default is 3600 seconds.\n- `connection_logs.s3.enabled` - Indicates whether connection logs are enabled. The value is `true` or `false` . The default is `false` .\n- `connection_logs.s3.bucket` - The name of the S3 bucket for the connection logs. This attribute is required if connection logs are enabled. The bucket must exist in the same region as the load balancer and have a bucket policy that grants Elastic Load Balancing permissions to write to the bucket.\n- `connection_logs.s3.prefix` - The prefix for the location in the S3 bucket for the connection logs.\n- `routing.http.desync_mitigation_mode` - Determines how the load balancer handles requests that might pose a security risk to your application. The possible values are `monitor` , `defensive` , and `strictest` . The default is `defensive` .\n- `routing.http.drop_invalid_header_fields.enabled` - Indicates whether HTTP headers with invalid header fields are removed by the load balancer ( `true` ) or routed to targets ( `false` ). The default is `false` .\n- `routing.http.preserve_host_header.enabled` - Indicates whether the Application Load Balancer should preserve the `Host` header in the HTTP request and send it to the target without any change. The possible values are `true` and `false` . The default is `false` .\n- `routing.http.x_amzn_tls_version_and_cipher_suite.enabled` - Indicates whether the two headers ( `x-amzn-tls-version` and `x-amzn-tls-cipher-suite` ), which contain information about the negotiated TLS version and cipher suite, are added to the client request before sending it to the target. The `x-amzn-tls-version` header has information about the TLS protocol version negotiated with the client, and the `x-amzn-tls-cipher-suite` header has information about the cipher suite negotiated with the client. Both headers are in OpenSSL format. The possible values for the attribute are `true` and `false` . The default is `false` .\n- `routing.http.xff_client_port.enabled` - Indicates whether the `X-Forwarded-For` header should preserve the source port that the client used to connect to the load balancer. The possible values are `true` and `false` . The default is `false` .\n- `routing.http.xff_header_processing.mode` - Enables you to modify, preserve, or remove the `X-Forwarded-For` header in the HTTP request before the Application Load Balancer sends the request to the target. The possible values are `append` , `preserve` , and `remove` . The default is `append` .\n\n- If the value is `append` , the Application Load Balancer adds the client IP address (of the last hop) to the `X-Forwarded-For` header in the HTTP request before it sends it to targets.\n- If the value is `preserve` the Application Load Balancer preserves the `X-Forwarded-For` header in the HTTP request, and sends it to targets without any change.\n- If the value is `remove` , the Application Load Balancer removes the `X-Forwarded-For` header in the HTTP request before it sends it to targets.\n- `routing.http2.enabled` - Indicates whether HTTP/2 is enabled. The possible values are `true` and `false` . The default is `true` . Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens.\n- `waf.fail_open.enabled` - Indicates whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to AWS WAF. The possible values are `true` and `false` . The default is `false` .\n\nThe following attributes are supported by only Network Load Balancers:\n\n- `dns_record.client_routing_policy` - Indicates how traffic is distributed among the load balancer Availability Zones. The possible values are `availability_zone_affinity` with 100 percent zonal affinity, `partial_availability_zone_affinity` with 85 percent zonal affinity, and `any_availability_zone` with 0 percent zonal affinity.", - "title": "Key", + "Condition": { "type": "string" }, - "Value": { - "markdownDescription": "The value of the attribute.", - "title": "Value", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::LoadBalancer.SubnetMapping": { - "additionalProperties": false, - "properties": { - "AllocationId": { - "markdownDescription": "[Network Load Balancers] The allocation ID of the Elastic IP address for an internet-facing load balancer.", - "title": "AllocationId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "IPv6Address": { - "markdownDescription": "[Network Load Balancers] The IPv6 address.", - "title": "IPv6Address", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "PrivateIPv4Address": { - "markdownDescription": "[Network Load Balancers] The private IPv4 address for an internal load balancer.", - "title": "PrivateIPv4Address", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the Traffic Mirror target.", + "title": "Description", + "type": "string" + }, + "GatewayLoadBalancerEndpointId": { + "markdownDescription": "The ID of the Gateway Load Balancer endpoint.", + "title": "GatewayLoadBalancerEndpointId", + "type": "string" + }, + "NetworkInterfaceId": { + "markdownDescription": "The network interface ID that is associated with the target.", + "title": "NetworkInterfaceId", + "type": "string" + }, + "NetworkLoadBalancerArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Network Load Balancer that is associated with the target.", + "title": "NetworkLoadBalancerArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to assign to the Traffic Mirror target.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::EC2::TrafficMirrorTarget" + ], "type": "string" }, - "SubnetId": { - "markdownDescription": "The ID of the subnet.", - "title": "SubnetId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "SubnetId" + "Type" ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::TargetGroup": { + "AWS::EC2::TransitGateway": { "additionalProperties": false, "properties": { "Condition": { @@ -94117,108 +99397,75 @@ "Properties": { "additionalProperties": false, "properties": { - "HealthCheckEnabled": { - "markdownDescription": "Indicates whether health checks are enabled. If the target type is `lambda` , health checks are disabled by default but can be enabled. If the target type is `instance` , `ip` , or `alb` , health checks are always enabled and can't be disabled.", - "title": "HealthCheckEnabled", - "type": "boolean" - }, - "HealthCheckIntervalSeconds": { - "markdownDescription": "The approximate amount of time, in seconds, between health checks of an individual target. The range is 5-300. If the target group protocol is TCP, TLS, UDP, TCP_UDP, HTTP or HTTPS, the default is 30 seconds. If the target group protocol is GENEVE, the default is 10 seconds. If the target type is `lambda` , the default is 35 seconds.", - "title": "HealthCheckIntervalSeconds", + "AmazonSideAsn": { + "markdownDescription": "A private Autonomous System Number (ASN) for the Amazon side of a BGP session. The range is 64512 to 65534 for 16-bit ASNs. The default is 64512.", + "title": "AmazonSideAsn", "type": "number" }, - "HealthCheckPath": { - "markdownDescription": "[HTTP/HTTPS health checks] The destination for health checks on the targets.\n\n[HTTP1 or HTTP2 protocol version] The ping path. The default is /.\n\n[GRPC protocol version] The path of a custom health check method with the format /package.service/method. The default is / AWS .ALB/healthcheck.", - "title": "HealthCheckPath", + "AssociationDefaultRouteTableId": { + "markdownDescription": "The ID of the default association route table.", + "title": "AssociationDefaultRouteTableId", "type": "string" }, - "HealthCheckPort": { - "markdownDescription": "The port the load balancer uses when performing health checks on targets. If the protocol is HTTP, HTTPS, TCP, TLS, UDP, or TCP_UDP, the default is `traffic-port` , which is the port on which each target receives traffic from the load balancer. If the protocol is GENEVE, the default is port 80.", - "title": "HealthCheckPort", + "AutoAcceptSharedAttachments": { + "markdownDescription": "Enable or disable automatic acceptance of attachment requests. Disabled by default.", + "title": "AutoAcceptSharedAttachments", "type": "string" }, - "HealthCheckProtocol": { - "markdownDescription": "The protocol the load balancer uses when performing health checks on targets. For Application Load Balancers, the default is HTTP. For Network Load Balancers and Gateway Load Balancers, the default is TCP. The TCP protocol is not supported for health checks if the protocol of the target group is HTTP or HTTPS. The GENEVE, TLS, UDP, and TCP_UDP protocols are not supported for health checks.", - "title": "HealthCheckProtocol", + "DefaultRouteTableAssociation": { + "markdownDescription": "Enable or disable automatic association with the default association route table. Enabled by default. If `DefaultRouteTableAssociation` is set to enable, AWS Transit Gateway will create the default transit gateway route table.", + "title": "DefaultRouteTableAssociation", "type": "string" }, - "HealthCheckTimeoutSeconds": { - "markdownDescription": "The amount of time, in seconds, during which no response from a target means a failed health check. The range is 2\u2013120 seconds. For target groups with a protocol of HTTP, the default is 6 seconds. For target groups with a protocol of TCP, TLS or HTTPS, the default is 10 seconds. For target groups with a protocol of GENEVE, the default is 5 seconds. If the target type is `lambda` , the default is 30 seconds.", - "title": "HealthCheckTimeoutSeconds", - "type": "number" - }, - "HealthyThresholdCount": { - "markdownDescription": "The number of consecutive health check successes required before considering a target healthy. The range is 2-10. If the target group protocol is TCP, TCP_UDP, UDP, TLS, HTTP or HTTPS, the default is 5. For target groups with a protocol of GENEVE, the default is 5. If the target type is `lambda` , the default is 5.", - "title": "HealthyThresholdCount", - "type": "number" - }, - "IpAddressType": { - "markdownDescription": "The IP address type. The default value is `ipv4` .", - "title": "IpAddressType", + "DefaultRouteTablePropagation": { + "markdownDescription": "Enable or disable automatic propagation of routes to the default propagation route table. Enabled by default. If `DefaultRouteTablePropagation` is set to enable, AWS Transit Gateway will create the default transit gateway route table.", + "title": "DefaultRouteTablePropagation", "type": "string" }, - "Matcher": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::TargetGroup.Matcher", - "markdownDescription": "[HTTP/HTTPS health checks] The HTTP or gRPC codes to use when checking for a successful response from a target. For target groups with a protocol of TCP, TCP_UDP, UDP or TLS the range is 200-599. For target groups with a protocol of HTTP or HTTPS, the range is 200-499. For target groups with a protocol of GENEVE, the range is 200-399.", - "title": "Matcher" + "Description": { + "markdownDescription": "The description of the transit gateway.", + "title": "Description", + "type": "string" }, - "Name": { - "markdownDescription": "The name of the target group.\n\nThis name must be unique per region per account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen.", - "title": "Name", + "DnsSupport": { + "markdownDescription": "Enable or disable DNS support. Enabled by default.", + "title": "DnsSupport", "type": "string" }, - "Port": { - "markdownDescription": "The port on which the targets receive traffic. This port is used unless you specify a port override when registering the target. If the target is a Lambda function, this parameter does not apply. If the protocol is GENEVE, the supported port is 6081.", - "title": "Port", - "type": "number" + "MulticastSupport": { + "markdownDescription": "Indicates whether multicast is enabled on the transit gateway", + "title": "MulticastSupport", + "type": "string" }, - "Protocol": { - "markdownDescription": "The protocol to use for routing traffic to the targets. For Application Load Balancers, the supported protocols are HTTP and HTTPS. For Network Load Balancers, the supported protocols are TCP, TLS, UDP, or TCP_UDP. For Gateway Load Balancers, the supported protocol is GENEVE. A TCP_UDP listener must be associated with a TCP_UDP target group. If the target is a Lambda function, this parameter does not apply.", - "title": "Protocol", + "PropagationDefaultRouteTableId": { + "markdownDescription": "The ID of the default propagation route table.", + "title": "PropagationDefaultRouteTableId", "type": "string" }, - "ProtocolVersion": { - "markdownDescription": "[HTTP/HTTPS protocol] The protocol version. The possible values are `GRPC` , `HTTP1` , and `HTTP2` .", - "title": "ProtocolVersion", + "SecurityGroupReferencingSupport": { + "markdownDescription": "Enables you to reference a security group across VPCs attached to a transit gateway (TGW). Use this option to simplify security group management and control of instance-to-instance traffic across VPCs that are connected by transit gateway. You can also use this option to migrate from VPC peering (which was the only option that supported security group referencing) to transit gateways (which now also support security group referencing). This option is disabled by default and there are no additional costs to use this feature.\n\nFor important information about this feature, see [Create a transit gateway](https://docs.aws.amazon.com/vpc/latest/tgw/tgw-transit-gateways.html#create-tgw) in the *AWS Transit Gateway Guide* .", + "title": "SecurityGroupReferencingSupport", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags.", + "markdownDescription": "The tags for the transit gateway.", "title": "Tags", "type": "array" }, - "TargetGroupAttributes": { - "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::TargetGroup.TargetGroupAttribute" - }, - "markdownDescription": "The target group attributes. Attributes that you do not modify retain their current values.", - "title": "TargetGroupAttributes", - "type": "array" - }, - "TargetType": { - "markdownDescription": "The type of target that you must specify when registering targets with this target group. You can't specify targets for a target group using more than one target type.\n\n- `instance` - Register targets by instance ID. This is the default value.\n- `ip` - Register targets by IP address. You can specify IP addresses from the subnets of the virtual private cloud (VPC) for the target group, the RFC 1918 range (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16), and the RFC 6598 range (100.64.0.0/10). You can't specify publicly routable IP addresses.\n- `lambda` - Register a single Lambda function as a target.\n- `alb` - Register a single Application Load Balancer as a target.", - "title": "TargetType", - "type": "string" - }, - "Targets": { + "TransitGatewayCidrBlocks": { "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::TargetGroup.TargetDescription" + "type": "string" }, - "markdownDescription": "The targets.", - "title": "Targets", + "markdownDescription": "The transit gateway CIDR blocks.", + "title": "TransitGatewayCidrBlocks", "type": "array" }, - "UnhealthyThresholdCount": { - "markdownDescription": "The number of consecutive health check failures required before considering a target unhealthy. The range is 2-10. If the target group protocol is TCP, TCP_UDP, UDP, TLS, HTTP or HTTPS, the default is 2. For target groups with a protocol of GENEVE, the default is 2. If the target type is `lambda` , the default is 5.", - "title": "UnhealthyThresholdCount", - "type": "number" - }, - "VpcId": { - "markdownDescription": "The identifier of the virtual private cloud (VPC). If the target is a Lambda function, this parameter does not apply. Otherwise, this parameter is required.", - "title": "VpcId", + "VpnEcmpSupport": { + "markdownDescription": "Enable or disable Equal Cost Multipath Protocol support. Enabled by default.", + "title": "VpnEcmpSupport", "type": "string" } }, @@ -94226,7 +99473,7 @@ }, "Type": { "enum": [ - "AWS::ElasticLoadBalancingV2::TargetGroup" + "AWS::EC2::TransitGateway" ], "type": "string" }, @@ -94244,63 +99491,128 @@ ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::TargetGroup.Matcher": { + "AWS::EC2::TransitGatewayAttachment": { "additionalProperties": false, "properties": { - "GrpcCode": { - "markdownDescription": "You can specify values between 0 and 99. You can specify multiple values (for example, \"0,1\") or a range of values (for example, \"0-5\"). The default value is 12.", - "title": "GrpcCode", + "Condition": { "type": "string" }, - "HttpCode": { - "markdownDescription": "For Application Load Balancers, you can specify values between 200 and 499, with the default value being 200. You can specify multiple values (for example, \"200,202\") or a range of values (for example, \"200-299\").\n\nFor Network Load Balancers, you can specify values between 200 and 599, with the default value being 200-399. You can specify multiple values (for example, \"200,202\") or a range of values (for example, \"200-299\").\n\nFor Gateway Load Balancers, this must be \"200\u2013399\".\n\nNote that when using shorthand syntax, some values such as commas need to be escaped.", - "title": "HttpCode", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::TargetGroup.TargetDescription": { - "additionalProperties": false, - "properties": { - "AvailabilityZone": { - "markdownDescription": "An Availability Zone or `all` . This determines whether the target receives traffic from the load balancer nodes in the specified Availability Zone or from all enabled Availability Zones for the load balancer.\n\nFor Application Load Balancer target groups, the specified Availability Zone value is only applicable when cross-zone load balancing is off. Otherwise the parameter is ignored and treated as `all` .\n\nThis parameter is not supported if the target type of the target group is `instance` or `alb` .\n\nIf the target type is `ip` and the IP address is in a subnet of the VPC for the target group, the Availability Zone is automatically detected and this parameter is optional. If the IP address is outside the VPC, this parameter is required.\n\nFor Application Load Balancer target groups with cross-zone load balancing off, if the target type is `ip` and the IP address is outside of the VPC for the target group, this should be an Availability Zone inside the VPC for the target group.\n\nIf the target type is `lambda` , this parameter is optional and the only supported value is `all` .", - "title": "AvailabilityZone", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Id": { - "markdownDescription": "The ID of the target. If the target type of the target group is `instance` , specify an instance ID. If the target type is `ip` , specify an IP address. If the target type is `lambda` , specify the ARN of the Lambda function. If the target type is `alb` , specify the ARN of the Application Load Balancer target.", - "title": "Id", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Options": { + "$ref": "#/definitions/AWS::EC2::TransitGatewayAttachment.Options", + "markdownDescription": "The VPC attachment options.", + "title": "Options" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of one or more subnets. You can specify only one subnet per Availability Zone. You must specify at least one subnet, but we recommend that you specify two subnets for better availability. The transit gateway uses one IP address from each specified subnet.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the attachment.", + "title": "Tags", + "type": "array" + }, + "TransitGatewayId": { + "markdownDescription": "The ID of the transit gateway.", + "title": "TransitGatewayId", + "type": "string" + }, + "VpcId": { + "markdownDescription": "The ID of the VPC.", + "title": "VpcId", + "type": "string" + } + }, + "required": [ + "SubnetIds", + "TransitGatewayId", + "VpcId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::EC2::TransitGatewayAttachment" + ], "type": "string" }, - "Port": { - "markdownDescription": "The port on which the target is listening. If the target group protocol is GENEVE, the supported port is 6081. If the target type is `alb` , the targeted Application Load Balancer must have at least one listener whose port matches the target group port. This parameter is not used if the target is a Lambda function.", - "title": "Port", - "type": "number" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Id" + "Type", + "Properties" ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::TargetGroup.TargetGroupAttribute": { + "AWS::EC2::TransitGatewayAttachment.Options": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The name of the attribute.\n\nThe following attributes are supported by all load balancers:\n\n- `deregistration_delay.timeout_seconds` - The amount of time, in seconds, for Elastic Load Balancing to wait before changing the state of a deregistering target from `draining` to `unused` . The range is 0-3600 seconds. The default value is 300 seconds. If the target is a Lambda function, this attribute is not supported.\n- `stickiness.enabled` - Indicates whether target stickiness is enabled. The value is `true` or `false` . The default is `false` .\n- `stickiness.type` - Indicates the type of stickiness. The possible values are:\n\n- `lb_cookie` and `app_cookie` for Application Load Balancers.\n- `source_ip` for Network Load Balancers.\n- `source_ip_dest_ip` and `source_ip_dest_ip_proto` for Gateway Load Balancers.\n\nThe following attributes are supported by Application Load Balancers and Network Load Balancers:\n\n- `load_balancing.cross_zone.enabled` - Indicates whether cross zone load balancing is enabled. The value is `true` , `false` or `use_load_balancer_configuration` . The default is `use_load_balancer_configuration` .\n- `target_group_health.dns_failover.minimum_healthy_targets.count` - The minimum number of targets that must be healthy. If the number of healthy targets is below this value, mark the zone as unhealthy in DNS, so that traffic is routed only to healthy zones. The possible values are `off` or an integer from 1 to the maximum number of targets. The default is 1.\n- `target_group_health.dns_failover.minimum_healthy_targets.percentage` - The minimum percentage of targets that must be healthy. If the percentage of healthy targets is below this value, mark the zone as unhealthy in DNS, so that traffic is routed only to healthy zones. The possible values are `off` or an integer from 1 to 100. The default is `off` .\n- `target_group_health.unhealthy_state_routing.minimum_healthy_targets.count` - The minimum number of targets that must be healthy. If the number of healthy targets is below this value, send traffic to all targets, including unhealthy targets. The possible values are 1 to the maximum number of targets. The default is 1.\n- `target_group_health.unhealthy_state_routing.minimum_healthy_targets.percentage` - The minimum percentage of targets that must be healthy. If the percentage of healthy targets is below this value, send traffic to all targets, including unhealthy targets. The possible values are `off` or an integer from 1 to 100. The default is `off` .\n\nThe following attributes are supported only if the load balancer is an Application Load Balancer and the target is an instance or an IP address:\n\n- `load_balancing.algorithm.type` - The load balancing algorithm determines how the load balancer selects targets when routing requests. The value is `round_robin` , `least_outstanding_requests` , or `weighted_random` . The default is `round_robin` .\n- `load_balancing.algorithm.anomaly_mitigation` - Only available when `load_balancing.algorithm.type` is `weighted_random` . Indicates whether anomaly mitigation is enabled. The value is `on` or `off` . The default is `off` .\n- `slow_start.duration_seconds` - The time period, in seconds, during which a newly registered target receives an increasing share of the traffic to the target group. After this time period ends, the target receives its full share of traffic. The range is 30-900 seconds (15 minutes). The default is 0 seconds (disabled).\n- `stickiness.app_cookie.cookie_name` - Indicates the name of the application-based cookie. Names that start with the following prefixes are not allowed: `AWSALB` , `AWSALBAPP` , and `AWSALBTG` ; they're reserved for use by the load balancer.\n- `stickiness.app_cookie.duration_seconds` - The time period, in seconds, during which requests from a client should be routed to the same target. After this time period expires, the application-based cookie is considered stale. The range is 1 second to 1 week (604800 seconds). The default value is 1 day (86400 seconds).\n- `stickiness.lb_cookie.duration_seconds` - The time period, in seconds, during which requests from a client should be routed to the same target. After this time period expires, the load balancer-generated cookie is considered stale. The range is 1 second to 1 week (604800 seconds). The default value is 1 day (86400 seconds).\n\nThe following attribute is supported only if the load balancer is an Application Load Balancer and the target is a Lambda function:\n\n- `lambda.multi_value_headers.enabled` - Indicates whether the request and response headers that are exchanged between the load balancer and the Lambda function include arrays of values or strings. The value is `true` or `false` . The default is `false` . If the value is `false` and the request contains a duplicate header field name or query parameter key, the load balancer uses the last value sent by the client.\n\nThe following attributes are supported only by Network Load Balancers:\n\n- `deregistration_delay.connection_termination.enabled` - Indicates whether the load balancer terminates connections at the end of the deregistration timeout. The value is `true` or `false` . For new UDP/TCP_UDP target groups the default is `true` . Otherwise, the default is `false` .\n- `preserve_client_ip.enabled` - Indicates whether client IP preservation is enabled. The value is `true` or `false` . The default is disabled if the target group type is IP address and the target group protocol is TCP or TLS. Otherwise, the default is enabled. Client IP preservation can't be disabled for UDP and TCP_UDP target groups.\n- `proxy_protocol_v2.enabled` - Indicates whether Proxy Protocol version 2 is enabled. The value is `true` or `false` . The default is `false` .\n- `target_health_state.unhealthy.connection_termination.enabled` - Indicates whether the load balancer terminates connections to unhealthy targets. The value is `true` or `false` . The default is `true` . This attribute can't be enabled for UDP and TCP_UDP target groups.\n- `target_health_state.unhealthy.draining_interval_seconds` - The amount of time for Elastic Load Balancing to wait before changing the state of an unhealthy target from `unhealthy.draining` to `unhealthy` . The range is 0-360000 seconds. The default value is 0 seconds.\n\nNote: This attribute can only be configured when `target_health_state.unhealthy.connection_termination.enabled` is `false` .\n\nThe following attributes are supported only by Gateway Load Balancers:\n\n- `target_failover.on_deregistration` - Indicates how the Gateway Load Balancer handles existing flows when a target is deregistered. The possible values are `rebalance` and `no_rebalance` . The default is `no_rebalance` . The two attributes ( `target_failover.on_deregistration` and `target_failover.on_unhealthy` ) can't be set independently. The value you set for both attributes must be the same.\n- `target_failover.on_unhealthy` - Indicates how the Gateway Load Balancer handles existing flows when a target is unhealthy. The possible values are `rebalance` and `no_rebalance` . The default is `no_rebalance` . The two attributes ( `target_failover.on_deregistration` and `target_failover.on_unhealthy` ) can't be set independently. The value you set for both attributes must be the same.", - "title": "Key", + "ApplianceModeSupport": { + "markdownDescription": "Enable or disable appliance mode support. The default is `disable` .", + "title": "ApplianceModeSupport", "type": "string" }, - "Value": { - "markdownDescription": "The value of the attribute.", - "title": "Value", + "DnsSupport": { + "markdownDescription": "Enable or disable DNS support. The default is `disable` .", + "title": "DnsSupport", + "type": "string" + }, + "Ipv6Support": { + "markdownDescription": "Enable or disable IPv6 support. The default is `disable` .", + "title": "Ipv6Support", + "type": "string" + }, + "SecurityGroupReferencingSupport": { + "markdownDescription": "Enables you to reference a security group across VPCs attached to a transit gateway (TGW). Use this option to simplify security group management and control of instance-to-instance traffic across VPCs that are connected by transit gateway. You can also use this option to migrate from VPC peering (which was the only option that supported security group referencing) to transit gateways (which now also support security group referencing). This option is disabled by default and there are no additional costs to use this feature.\n\nFor important information about this feature, see [Create a transit gateway](https://docs.aws.amazon.com/vpc/latest/tgw/tgw-transit-gateways.html#create-tgw) in the *AWS Transit Gateway Guide* .", + "title": "SecurityGroupReferencingSupport", "type": "string" } }, "type": "object" }, - "AWS::ElasticLoadBalancingV2::TrustStore": { + "AWS::EC2::TransitGatewayConnect": { "additionalProperties": false, "properties": { "Condition": { @@ -94335,40 +99647,34 @@ "Properties": { "additionalProperties": false, "properties": { - "CaCertificatesBundleS3Bucket": { - "markdownDescription": "The Amazon S3 bucket for the ca certificates bundle.", - "title": "CaCertificatesBundleS3Bucket", - "type": "string" - }, - "CaCertificatesBundleS3Key": { - "markdownDescription": "The Amazon S3 path for the ca certificates bundle.", - "title": "CaCertificatesBundleS3Key", - "type": "string" - }, - "CaCertificatesBundleS3ObjectVersion": { - "markdownDescription": "The Amazon S3 object version for the ca certificates bundle. If undefined the current version is used.", - "title": "CaCertificatesBundleS3ObjectVersion", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the trust store.", - "title": "Name", - "type": "string" + "Options": { + "$ref": "#/definitions/AWS::EC2::TransitGatewayConnect.TransitGatewayConnectOptions", + "markdownDescription": "The Connect attachment options.\n\n- protocol (gre)", + "title": "Options" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to assign to the trust store.", + "markdownDescription": "The tags for the attachment.", "title": "Tags", "type": "array" + }, + "TransportTransitGatewayAttachmentId": { + "markdownDescription": "The ID of the attachment from which the Connect attachment was created.", + "title": "TransportTransitGatewayAttachmentId", + "type": "string" } }, + "required": [ + "Options", + "TransportTransitGatewayAttachmentId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::ElasticLoadBalancingV2::TrustStore" + "AWS::EC2::TransitGatewayConnect" ], "type": "string" }, @@ -94382,11 +99688,23 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::TrustStoreRevocation": { + "AWS::EC2::TransitGatewayConnect.TransitGatewayConnectOptions": { + "additionalProperties": false, + "properties": { + "Protocol": { + "markdownDescription": "The tunnel protocol.", + "title": "Protocol", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::TransitGatewayMulticastDomain": { "additionalProperties": false, "properties": { "Condition": { @@ -94421,25 +99739,33 @@ "Properties": { "additionalProperties": false, "properties": { - "RevocationContents": { + "Options": { + "$ref": "#/definitions/AWS::EC2::TransitGatewayMulticastDomain.Options", + "markdownDescription": "The options for the transit gateway multicast domain.\n\n- AutoAcceptSharedAssociations (enable | disable)\n- Igmpv2Support (enable | disable)\n- StaticSourcesSupport (enable | disable)", + "title": "Options" + }, + "Tags": { "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::TrustStoreRevocation.RevocationContent" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The revocation file to add.", - "title": "RevocationContents", + "markdownDescription": "The tags for the transit gateway multicast domain.", + "title": "Tags", "type": "array" }, - "TrustStoreArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the trust store.", - "title": "TrustStoreArn", + "TransitGatewayId": { + "markdownDescription": "The ID of the transit gateway.", + "title": "TransitGatewayId", "type": "string" } }, + "required": [ + "TransitGatewayId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::ElasticLoadBalancingV2::TrustStoreRevocation" + "AWS::EC2::TransitGatewayMulticastDomain" ], "type": "string" }, @@ -94453,63 +99779,33 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::TrustStoreRevocation.RevocationContent": { - "additionalProperties": false, - "properties": { - "RevocationType": { - "markdownDescription": "The type of revocation file.", - "title": "RevocationType", - "type": "string" - }, - "S3Bucket": { - "markdownDescription": "The Amazon S3 bucket for the revocation file.", - "title": "S3Bucket", - "type": "string" - }, - "S3Key": { - "markdownDescription": "The Amazon S3 path for the revocation file.", - "title": "S3Key", - "type": "string" - }, - "S3ObjectVersion": { - "markdownDescription": "The Amazon S3 object version of the revocation file.", - "title": "S3ObjectVersion", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::TrustStoreRevocation.TrustStoreRevocation": { + "AWS::EC2::TransitGatewayMulticastDomain.Options": { "additionalProperties": false, "properties": { - "NumberOfRevokedEntries": { - "markdownDescription": "The number of revoked certificates.", - "title": "NumberOfRevokedEntries", - "type": "number" - }, - "RevocationId": { - "markdownDescription": "The revocation ID of the revocation file.", - "title": "RevocationId", + "AutoAcceptSharedAssociations": { + "markdownDescription": "Indicates whether to automatically accept cross-account subnet associations that are associated with the transit gateway multicast domain.", + "title": "AutoAcceptSharedAssociations", "type": "string" }, - "RevocationType": { - "markdownDescription": "The type of revocation file.", - "title": "RevocationType", + "Igmpv2Support": { + "markdownDescription": "Specify whether to enable Internet Group Management Protocol (IGMP) version 2 for the transit gateway multicast domain.", + "title": "Igmpv2Support", "type": "string" }, - "TrustStoreArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the trust store.", - "title": "TrustStoreArn", + "StaticSourcesSupport": { + "markdownDescription": "Specify whether to enable support for statically configuring multicast group sources for a domain.", + "title": "StaticSourcesSupport", "type": "string" } }, "type": "object" }, - "AWS::Elasticsearch::Domain": { + "AWS::EC2::TransitGatewayMulticastDomainAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -94544,102 +99840,32 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessPolicies": { - "markdownDescription": "An AWS Identity and Access Management ( IAM ) policy document that specifies who can access the OpenSearch Service domain and their permissions. For more information, see [Configuring access policies](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ac.html#ac-creating) in the *Amazon OpenSearch Service Developer Guid* e.", - "title": "AccessPolicies", - "type": "object" - }, - "AdvancedOptions": { - "additionalProperties": true, - "markdownDescription": "Additional options to specify for the OpenSearch Service domain. For more information, see [Advanced cluster parameters](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/createupdatedomains.html#createdomain-configure-advanced-options) in the *Amazon OpenSearch Service Developer Guide* .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "AdvancedOptions", - "type": "object" - }, - "AdvancedSecurityOptions": { - "$ref": "#/definitions/AWS::Elasticsearch::Domain.AdvancedSecurityOptionsInput", - "markdownDescription": "Specifies options for fine-grained access control.", - "title": "AdvancedSecurityOptions" - }, - "CognitoOptions": { - "$ref": "#/definitions/AWS::Elasticsearch::Domain.CognitoOptions", - "markdownDescription": "Configures OpenSearch Service to use Amazon Cognito authentication for OpenSearch Dashboards.", - "title": "CognitoOptions" - }, - "DomainEndpointOptions": { - "$ref": "#/definitions/AWS::Elasticsearch::Domain.DomainEndpointOptions", - "markdownDescription": "Specifies additional options for the domain endpoint, such as whether to require HTTPS for all traffic or whether to use a custom endpoint rather than the default endpoint.", - "title": "DomainEndpointOptions" - }, - "DomainName": { - "markdownDescription": "A name for the OpenSearch Service domain. For valid values, see the [DomainName](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-datatypes-domainname) data type in the *Amazon OpenSearch Service Developer Guide* . If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the domain name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "DomainName", + "SubnetId": { + "markdownDescription": "The IDs of the subnets to associate with the transit gateway multicast domain.", + "title": "SubnetId", "type": "string" }, - "EBSOptions": { - "$ref": "#/definitions/AWS::Elasticsearch::Domain.EBSOptions", - "markdownDescription": "The configurations of Amazon Elastic Block Store (Amazon EBS) volumes that are attached to data nodes in the OpenSearch Service domain. For more information, see [EBS volume size limits](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/limits.html#ebsresource) in the *Amazon OpenSearch Service Developer Guide* .", - "title": "EBSOptions" - }, - "ElasticsearchClusterConfig": { - "$ref": "#/definitions/AWS::Elasticsearch::Domain.ElasticsearchClusterConfig", - "markdownDescription": "ElasticsearchClusterConfig is a property of the AWS::Elasticsearch::Domain resource that configures the cluster of an Amazon OpenSearch Service domain.", - "title": "ElasticsearchClusterConfig" - }, - "ElasticsearchVersion": { - "markdownDescription": "The version of Elasticsearch to use, such as 2.3. If not specified, 1.5 is used as the default. For information about the versions that OpenSearch Service supports, see [Supported versions of OpenSearch and Elasticsearch](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/what-is.html#choosing-version) in the *Amazon OpenSearch Service Developer Guide* .\n\nIf you set the [EnableVersionUpgrade](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-upgradeopensearchdomain) update policy to `true` , you can update `ElasticsearchVersion` without interruption. When `EnableVersionUpgrade` is set to `false` , or is not specified, updating `ElasticsearchVersion` results in [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "ElasticsearchVersion", + "TransitGatewayAttachmentId": { + "markdownDescription": "The ID of the transit gateway attachment.", + "title": "TransitGatewayAttachmentId", "type": "string" }, - "EncryptionAtRestOptions": { - "$ref": "#/definitions/AWS::Elasticsearch::Domain.EncryptionAtRestOptions", - "markdownDescription": "Whether the domain should encrypt data at rest, and if so, the AWS Key Management Service key to use. See [Encryption of data at rest for Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/encryption-at-rest.html) .", - "title": "EncryptionAtRestOptions" - }, - "LogPublishingOptions": { - "additionalProperties": false, - "markdownDescription": "An object with one or more of the following keys: `SEARCH_SLOW_LOGS` , `ES_APPLICATION_LOGS` , `INDEX_SLOW_LOGS` , `AUDIT_LOGS` , depending on the types of logs you want to publish. Each key needs a valid `LogPublishingOption` value.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::Elasticsearch::Domain.LogPublishingOption" - } - }, - "title": "LogPublishingOptions", - "type": "object" - }, - "NodeToNodeEncryptionOptions": { - "$ref": "#/definitions/AWS::Elasticsearch::Domain.NodeToNodeEncryptionOptions", - "markdownDescription": "Specifies whether node-to-node encryption is enabled. See [Node-to-node encryption for Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ntn.html) .", - "title": "NodeToNodeEncryptionOptions" - }, - "SnapshotOptions": { - "$ref": "#/definitions/AWS::Elasticsearch::Domain.SnapshotOptions", - "markdownDescription": "*DEPRECATED* . The automated snapshot configuration for the OpenSearch Service domain indices.", - "title": "SnapshotOptions" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An arbitrary set of tags (key\u2013value pairs) to associate with the OpenSearch Service domain.", - "title": "Tags", - "type": "array" - }, - "VPCOptions": { - "$ref": "#/definitions/AWS::Elasticsearch::Domain.VPCOptions", - "markdownDescription": "The virtual private cloud (VPC) configuration for the OpenSearch Service domain. For more information, see [Launching your Amazon OpenSearch Service domains within a VPC](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/vpc.html) in the *Amazon OpenSearch Service Developer Guide* .", - "title": "VPCOptions" + "TransitGatewayMulticastDomainId": { + "markdownDescription": "The ID of the transit gateway multicast domain.", + "title": "TransitGatewayMulticastDomainId", + "type": "string" } }, + "required": [ + "SubnetId", + "TransitGatewayAttachmentId", + "TransitGatewayMulticastDomainId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Elasticsearch::Domain" + "AWS::EC2::TransitGatewayMulticastDomainAssociation" ], "type": "string" }, @@ -94653,304 +99879,16 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Elasticsearch::Domain.AdvancedSecurityOptionsInput": { + "AWS::EC2::TransitGatewayMulticastGroupMember": { "additionalProperties": false, "properties": { - "AnonymousAuthEnabled": { - "markdownDescription": "", - "title": "AnonymousAuthEnabled", - "type": "boolean" - }, - "Enabled": { - "markdownDescription": "True to enable fine-grained access control. You must also enable encryption of data at rest and node-to-node encryption.", - "title": "Enabled", - "type": "boolean" - }, - "InternalUserDatabaseEnabled": { - "markdownDescription": "True to enable the internal user database.", - "title": "InternalUserDatabaseEnabled", - "type": "boolean" - }, - "MasterUserOptions": { - "$ref": "#/definitions/AWS::Elasticsearch::Domain.MasterUserOptions", - "markdownDescription": "Specifies information about the master user.", - "title": "MasterUserOptions" - } - }, - "type": "object" - }, - "AWS::Elasticsearch::Domain.CognitoOptions": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Whether to enable or disable Amazon Cognito authentication for OpenSearch Dashboards. See [Amazon Cognito authentication for OpenSearch Dashboards](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/cognito-auth.html) .", - "title": "Enabled", - "type": "boolean" - }, - "IdentityPoolId": { - "markdownDescription": "The Amazon Cognito identity pool ID that you want OpenSearch Service to use for OpenSearch Dashboards authentication. Required if you enable Cognito authentication.", - "title": "IdentityPoolId", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The `AmazonESCognitoAccess` role that allows OpenSearch Service to configure your user pool and identity pool. Required if you enable Cognito authentication.", - "title": "RoleArn", - "type": "string" - }, - "UserPoolId": { - "markdownDescription": "The Amazon Cognito user pool ID that you want OpenSearch Service to use for OpenSearch Dashboards authentication. Required if you enable Cognito authentication.", - "title": "UserPoolId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Elasticsearch::Domain.ColdStorageOptions": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Whether to enable or disable cold storage on the domain. You must enable UltraWarm storage in order to enable cold storage.", - "title": "Enabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::Elasticsearch::Domain.DomainEndpointOptions": { - "additionalProperties": false, - "properties": { - "CustomEndpoint": { - "markdownDescription": "The fully qualified URL for your custom endpoint. Required if you enabled a custom endpoint for the domain.", - "title": "CustomEndpoint", - "type": "string" - }, - "CustomEndpointCertificateArn": { - "markdownDescription": "The AWS Certificate Manager ARN for your domain's SSL/TLS certificate. Required if you enabled a custom endpoint for the domain.", - "title": "CustomEndpointCertificateArn", - "type": "string" - }, - "CustomEndpointEnabled": { - "markdownDescription": "True to enable a custom endpoint for the domain. If enabled, you must also provide values for `CustomEndpoint` and `CustomEndpointCertificateArn` .", - "title": "CustomEndpointEnabled", - "type": "boolean" - }, - "EnforceHTTPS": { - "markdownDescription": "True to require that all traffic to the domain arrive over HTTPS.", - "title": "EnforceHTTPS", - "type": "boolean" - }, - "TLSSecurityPolicy": { - "markdownDescription": "The minimum TLS version required for traffic to the domain. Valid values are TLS 1.3 (recommended) or 1.2:\n\n- `Policy-Min-TLS-1-0-2019-07`\n- `Policy-Min-TLS-1-2-2019-07`", - "title": "TLSSecurityPolicy", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Elasticsearch::Domain.EBSOptions": { - "additionalProperties": false, - "properties": { - "EBSEnabled": { - "markdownDescription": "Specifies whether Amazon EBS volumes are attached to data nodes in the OpenSearch Service domain.", - "title": "EBSEnabled", - "type": "boolean" - }, - "Iops": { - "markdownDescription": "The number of I/O operations per second (IOPS) that the volume supports. This property applies only to provisioned IOPS EBS volume types.", - "title": "Iops", - "type": "number" - }, - "VolumeSize": { - "markdownDescription": "The size (in GiB) of the EBS volume for each data node. The minimum and maximum size of an EBS volume depends on the EBS volume type and the instance type to which it is attached. For more information, see [EBS volume size limits](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/limits.html#ebsresource) in the *Amazon OpenSearch Service Developer Guide* .", - "title": "VolumeSize", - "type": "number" - }, - "VolumeType": { - "markdownDescription": "The EBS volume type to use with the OpenSearch Service domain, such as standard, gp2, or io1. For more information about each type, see [Amazon EBS volume types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) in the *Amazon EC2 User Guide for Linux Instances* .", - "title": "VolumeType", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Elasticsearch::Domain.ElasticsearchClusterConfig": { - "additionalProperties": false, - "properties": { - "ColdStorageOptions": { - "$ref": "#/definitions/AWS::Elasticsearch::Domain.ColdStorageOptions", - "markdownDescription": "Specifies cold storage options for the domain.", - "title": "ColdStorageOptions" - }, - "DedicatedMasterCount": { - "markdownDescription": "The number of instances to use for the master node. If you specify this property, you must specify true for the DedicatedMasterEnabled property.", - "title": "DedicatedMasterCount", - "type": "number" - }, - "DedicatedMasterEnabled": { - "markdownDescription": "Indicates whether to use a dedicated master node for the OpenSearch Service domain. A dedicated master node is a cluster node that performs cluster management tasks, but doesn't hold data or respond to data upload requests. Dedicated master nodes offload cluster management tasks to increase the stability of your search clusters. See [Dedicated master nodes in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-dedicatedmasternodes.html) .", - "title": "DedicatedMasterEnabled", - "type": "boolean" - }, - "DedicatedMasterType": { - "markdownDescription": "The hardware configuration of the computer that hosts the dedicated master node, such as `m3.medium.elasticsearch` . If you specify this property, you must specify true for the `DedicatedMasterEnabled` property. For valid values, see [Supported instance types in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/supported-instance-types.html) .", - "title": "DedicatedMasterType", - "type": "string" - }, - "InstanceCount": { - "markdownDescription": "The number of data nodes (instances) to use in the OpenSearch Service domain.", - "title": "InstanceCount", - "type": "number" - }, - "InstanceType": { - "markdownDescription": "The instance type for your data nodes, such as `m3.medium.elasticsearch` . For valid values, see [Supported instance types in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/supported-instance-types.html) .", - "title": "InstanceType", - "type": "string" - }, - "WarmCount": { - "markdownDescription": "The number of warm nodes in the cluster. Required if you enable warm storage.", - "title": "WarmCount", - "type": "number" - }, - "WarmEnabled": { - "markdownDescription": "Whether to enable warm storage for the cluster.", - "title": "WarmEnabled", - "type": "boolean" - }, - "WarmType": { - "markdownDescription": "The instance type for the cluster's warm nodes. Required if you enable warm storage.", - "title": "WarmType", - "type": "string" - }, - "ZoneAwarenessConfig": { - "$ref": "#/definitions/AWS::Elasticsearch::Domain.ZoneAwarenessConfig", - "markdownDescription": "Specifies zone awareness configuration options. Only use if `ZoneAwarenessEnabled` is `true` .", - "title": "ZoneAwarenessConfig" - }, - "ZoneAwarenessEnabled": { - "markdownDescription": "Indicates whether to enable zone awareness for the OpenSearch Service domain. When you enable zone awareness, OpenSearch Service allocates the nodes and replica index shards that belong to a cluster across two Availability Zones (AZs) in the same region to prevent data loss and minimize downtime in the event of node or data center failure. Don't enable zone awareness if your cluster has no replica index shards or is a single-node cluster. For more information, see [Configuring a multi-AZ domain in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-multiaz.html) .", - "title": "ZoneAwarenessEnabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::Elasticsearch::Domain.EncryptionAtRestOptions": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Specify `true` to enable encryption at rest.", - "title": "Enabled", - "type": "boolean" - }, - "KmsKeyId": { - "markdownDescription": "The KMS key ID. Takes the form `1a2a3a4-1a2a-3a4a-5a6a-1a2a3a4a5a6a` . Required if you enable encryption at rest.", - "title": "KmsKeyId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Elasticsearch::Domain.LogPublishingOption": { - "additionalProperties": false, - "properties": { - "CloudWatchLogsLogGroupArn": { - "markdownDescription": "Specifies the CloudWatch log group to publish to. Required if you enable log publishing for the domain.", - "title": "CloudWatchLogsLogGroupArn", - "type": "string" - }, - "Enabled": { - "markdownDescription": "If `true` , enables the publishing of logs to CloudWatch.\n\nDefault: `false` .", - "title": "Enabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::Elasticsearch::Domain.MasterUserOptions": { - "additionalProperties": false, - "properties": { - "MasterUserARN": { - "markdownDescription": "ARN for the master user. Only specify if `InternalUserDatabaseEnabled` is false in `AdvancedSecurityOptions` .", - "title": "MasterUserARN", - "type": "string" - }, - "MasterUserName": { - "markdownDescription": "Username for the master user. Only specify if `InternalUserDatabaseEnabled` is true in `AdvancedSecurityOptions` .", - "title": "MasterUserName", - "type": "string" - }, - "MasterUserPassword": { - "markdownDescription": "Password for the master user. Only specify if `InternalUserDatabaseEnabled` is true in `AdvancedSecurityOptions` .", - "title": "MasterUserPassword", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Elasticsearch::Domain.NodeToNodeEncryptionOptions": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Specifies whether node-to-node encryption is enabled, as a Boolean.", - "title": "Enabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::Elasticsearch::Domain.SnapshotOptions": { - "additionalProperties": false, - "properties": { - "AutomatedSnapshotStartHour": { - "markdownDescription": "The hour in UTC during which the service takes an automated daily snapshot of the indices in the OpenSearch Service domain. For example, if you specify 0, OpenSearch Service takes an automated snapshot everyday between midnight and 1 am. You can specify a value between 0 and 23.", - "title": "AutomatedSnapshotStartHour", - "type": "number" - } - }, - "type": "object" - }, - "AWS::Elasticsearch::Domain.VPCOptions": { - "additionalProperties": false, - "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of security group IDs that are associated with the VPC endpoints for the domain. If you don't provide a security group ID, OpenSearch Service uses the default security group for the VPC. To learn more, see [Security groups for your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) in the *Amazon VPC User Guide* .", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "Provide one subnet ID for each Availability Zone that your domain uses. For example, you must specify three subnet IDs for a three Availability Zone domain. To learn more, see [VPCs and subnets](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) in the *Amazon VPC User Guide* .\n\nRequired if you're creating your domain inside a VPC.", - "title": "SubnetIds", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Elasticsearch::Domain.ZoneAwarenessConfig": { - "additionalProperties": false, - "properties": { - "AvailabilityZoneCount": { - "markdownDescription": "If you enabled multiple Availability Zones (AZs), the number of AZs that you want the domain to use.\n\nValid values are `2` and `3` . Default is 2.", - "title": "AvailabilityZoneCount", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EntityResolution::IdMappingWorkflow": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" + "Condition": { + "type": "string" }, "DeletionPolicy": { "enum": [ @@ -94981,62 +99919,32 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the workflow.", - "title": "Description", + "GroupIpAddress": { + "markdownDescription": "The IP address assigned to the transit gateway multicast group.", + "title": "GroupIpAddress", "type": "string" }, - "IdMappingTechniques": { - "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow.IdMappingTechniques", - "markdownDescription": "An object which defines the ID mapping technique and any additional configurations.", - "title": "IdMappingTechniques" - }, - "InputSourceConfig": { - "items": { - "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow.IdMappingWorkflowInputSource" - }, - "markdownDescription": "A list of `InputSource` objects, which have the fields `InputSourceARN` and `SchemaName` .", - "title": "InputSourceConfig", - "type": "array" - }, - "OutputSourceConfig": { - "items": { - "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow.IdMappingWorkflowOutputSource" - }, - "markdownDescription": "A list of `IdMappingWorkflowOutputSource` objects, each of which contains fields `OutputS3Path` and `Output` .", - "title": "OutputSourceConfig", - "type": "array" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role. AWS Entity Resolution assumes this role to create resources on your behalf as part of workflow execution.", - "title": "RoleArn", + "NetworkInterfaceId": { + "markdownDescription": "The group members' network interface IDs to register with the transit gateway multicast group.", + "title": "NetworkInterfaceId", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags used to organize, track, or control access for this resource.", - "title": "Tags", - "type": "array" - }, - "WorkflowName": { - "markdownDescription": "The name of the workflow. There can't be multiple `IdMappingWorkflows` with the same name.", - "title": "WorkflowName", + "TransitGatewayMulticastDomainId": { + "markdownDescription": "The ID of the transit gateway multicast domain.", + "title": "TransitGatewayMulticastDomainId", "type": "string" } }, "required": [ - "IdMappingTechniques", - "InputSourceConfig", - "RoleArn", - "WorkflowName" + "GroupIpAddress", + "NetworkInterfaceId", + "TransitGatewayMulticastDomainId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EntityResolution::IdMappingWorkflow" + "AWS::EC2::TransitGatewayMulticastGroupMember" ], "type": "string" }, @@ -95055,110 +99963,7 @@ ], "type": "object" }, - "AWS::EntityResolution::IdMappingWorkflow.IdMappingTechniques": { - "additionalProperties": false, - "properties": { - "IdMappingType": { - "markdownDescription": "The type of ID mapping.", - "title": "IdMappingType", - "type": "string" - }, - "ProviderProperties": { - "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow.ProviderProperties", - "markdownDescription": "An object which defines any additional configurations required by the provider service.", - "title": "ProviderProperties" - } - }, - "type": "object" - }, - "AWS::EntityResolution::IdMappingWorkflow.IdMappingWorkflowInputSource": { - "additionalProperties": false, - "properties": { - "InputSourceARN": { - "markdownDescription": "An AWS Glue table Amazon Resource Name (ARN) or a matching workflow ARN for the input source table.", - "title": "InputSourceARN", - "type": "string" - }, - "SchemaArn": { - "markdownDescription": "The ARN (Amazon Resource Name) that AWS Entity Resolution generated for the `SchemaMapping` .", - "title": "SchemaArn", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of ID namespace. There are two types: `SOURCE` and `TARGET` .\n\nThe `SOURCE` contains configurations for `sourceId` data that will be processed in an ID mapping workflow.\n\nThe `TARGET` contains a configuration of `targetId` which all `sourceIds` will resolve to.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "InputSourceARN" - ], - "type": "object" - }, - "AWS::EntityResolution::IdMappingWorkflow.IdMappingWorkflowOutputSource": { - "additionalProperties": false, - "properties": { - "KMSArn": { - "markdownDescription": "Customer AWS KMS ARN for encryption at rest. If not provided, system will use an AWS Entity Resolution managed KMS key.", - "title": "KMSArn", - "type": "string" - }, - "OutputS3Path": { - "markdownDescription": "The S3 path to which AWS Entity Resolution will write the output table.", - "title": "OutputS3Path", - "type": "string" - } - }, - "required": [ - "OutputS3Path" - ], - "type": "object" - }, - "AWS::EntityResolution::IdMappingWorkflow.IntermediateSourceConfiguration": { - "additionalProperties": false, - "properties": { - "IntermediateS3Path": { - "markdownDescription": "The Amazon S3 location (bucket and prefix). For example: `s3://provider_bucket/DOC-EXAMPLE-BUCKET`", - "title": "IntermediateS3Path", - "type": "string" - } - }, - "required": [ - "IntermediateS3Path" - ], - "type": "object" - }, - "AWS::EntityResolution::IdMappingWorkflow.ProviderProperties": { - "additionalProperties": false, - "properties": { - "IntermediateSourceConfiguration": { - "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow.IntermediateSourceConfiguration", - "markdownDescription": "The Amazon S3 location that temporarily stores your data while it processes. Your information won't be saved permanently.", - "title": "IntermediateSourceConfiguration" - }, - "ProviderConfiguration": { - "additionalProperties": true, - "markdownDescription": "The required configuration fields to use with the provider service.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "ProviderConfiguration", - "type": "object" - }, - "ProviderServiceArn": { - "markdownDescription": "The ARN of the provider service.", - "title": "ProviderServiceArn", - "type": "string" - } - }, - "required": [ - "ProviderServiceArn" - ], - "type": "object" - }, - "AWS::EntityResolution::IdNamespace": { + "AWS::EC2::TransitGatewayMulticastGroupSource": { "additionalProperties": false, "properties": { "Condition": { @@ -95193,60 +99998,32 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the ID namespace.", - "title": "Description", - "type": "string" - }, - "IdMappingWorkflowProperties": { - "items": { - "$ref": "#/definitions/AWS::EntityResolution::IdNamespace.IdNamespaceIdMappingWorkflowProperties" - }, - "markdownDescription": "Determines the properties of `IdMappingWorflow` where this `IdNamespace` can be used as a `Source` or a `Target` .", - "title": "IdMappingWorkflowProperties", - "type": "array" - }, - "IdNamespaceName": { - "markdownDescription": "The name of the ID namespace.", - "title": "IdNamespaceName", + "GroupIpAddress": { + "markdownDescription": "The IP address assigned to the transit gateway multicast group.", + "title": "GroupIpAddress", "type": "string" }, - "InputSourceConfig": { - "items": { - "$ref": "#/definitions/AWS::EntityResolution::IdNamespace.IdNamespaceInputSource" - }, - "markdownDescription": "A list of `InputSource` objects, which have the fields `InputSourceARN` and `SchemaName` .", - "title": "InputSourceConfig", - "type": "array" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role. AWS Entity Resolution assumes this role to access the resources defined in this `IdNamespace` on your behalf as part of the workflow run.", - "title": "RoleArn", + "NetworkInterfaceId": { + "markdownDescription": "The group sources' network interface IDs to register with the transit gateway multicast group.", + "title": "NetworkInterfaceId", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags used to organize, track, or control access for this resource.", - "title": "Tags", - "type": "array" - }, - "Type": { - "markdownDescription": "The type of ID namespace. There are two types: `SOURCE` and `TARGET` .\n\nThe `SOURCE` contains configurations for `sourceId` data that will be processed in an ID mapping workflow.\n\nThe `TARGET` contains a configuration of `targetId` which all `sourceIds` will resolve to.", - "title": "Type", + "TransitGatewayMulticastDomainId": { + "markdownDescription": "The ID of the transit gateway multicast domain.", + "title": "TransitGatewayMulticastDomainId", "type": "string" } }, "required": [ - "IdNamespaceName", - "Type" + "GroupIpAddress", + "NetworkInterfaceId", + "TransitGatewayMulticastDomainId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EntityResolution::IdNamespace" + "AWS::EC2::TransitGatewayMulticastGroupSource" ], "type": "string" }, @@ -95265,70 +100042,7 @@ ], "type": "object" }, - "AWS::EntityResolution::IdNamespace.IdNamespaceIdMappingWorkflowProperties": { - "additionalProperties": false, - "properties": { - "IdMappingType": { - "markdownDescription": "The type of ID mapping.", - "title": "IdMappingType", - "type": "string" - }, - "ProviderProperties": { - "$ref": "#/definitions/AWS::EntityResolution::IdNamespace.NamespaceProviderProperties", - "markdownDescription": "An object which defines any additional configurations required by the provider service.", - "title": "ProviderProperties" - } - }, - "required": [ - "IdMappingType" - ], - "type": "object" - }, - "AWS::EntityResolution::IdNamespace.IdNamespaceInputSource": { - "additionalProperties": false, - "properties": { - "InputSourceARN": { - "markdownDescription": "An AWS Glue table Amazon Resource Name (ARN) or a matching workflow ARN for the input source table.", - "title": "InputSourceARN", - "type": "string" - }, - "SchemaName": { - "markdownDescription": "The name of the schema.", - "title": "SchemaName", - "type": "string" - } - }, - "required": [ - "InputSourceARN" - ], - "type": "object" - }, - "AWS::EntityResolution::IdNamespace.NamespaceProviderProperties": { - "additionalProperties": false, - "properties": { - "ProviderConfiguration": { - "additionalProperties": true, - "markdownDescription": "An object which defines any additional configurations required by the provider service.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "ProviderConfiguration", - "type": "object" - }, - "ProviderServiceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the provider service.", - "title": "ProviderServiceArn", - "type": "string" - } - }, - "required": [ - "ProviderServiceArn" - ], - "type": "object" - }, - "AWS::EntityResolution::MatchingWorkflow": { + "AWS::EC2::TransitGatewayPeeringAttachment": { "additionalProperties": false, "properties": { "Condition": { @@ -95363,63 +100077,46 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the workflow.", - "title": "Description", + "PeerAccountId": { + "markdownDescription": "The ID of the AWS account that owns the transit gateway.", + "title": "PeerAccountId", "type": "string" }, - "InputSourceConfig": { - "items": { - "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.InputSource" - }, - "markdownDescription": "A list of `InputSource` objects, which have the fields `InputSourceARN` and `SchemaName` .", - "title": "InputSourceConfig", - "type": "array" - }, - "OutputSourceConfig": { - "items": { - "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.OutputSource" - }, - "markdownDescription": "A list of `OutputSource` objects, each of which contains fields `OutputS3Path` , `ApplyNormalization` , and `Output` .", - "title": "OutputSourceConfig", - "type": "array" - }, - "ResolutionTechniques": { - "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.ResolutionTechniques", - "markdownDescription": "An object which defines the `resolutionType` and the `ruleBasedProperties` .", - "title": "ResolutionTechniques" + "PeerRegion": { + "markdownDescription": "The Region where the transit gateway that you want to create the peer for is located.", + "title": "PeerRegion", + "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role. AWS Entity Resolution assumes this role to create resources on your behalf as part of workflow execution.", - "title": "RoleArn", + "PeerTransitGatewayId": { + "markdownDescription": "The ID of the transit gateway in the PeerRegion.", + "title": "PeerTransitGatewayId", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "markdownDescription": "The tags for the transit gateway peering attachment.", "title": "Tags", "type": "array" }, - "WorkflowName": { - "markdownDescription": "The name of the workflow. There can't be multiple `MatchingWorkflows` with the same name.", - "title": "WorkflowName", + "TransitGatewayId": { + "markdownDescription": "The ID of the transit gateway peering attachment.", + "title": "TransitGatewayId", "type": "string" } }, "required": [ - "InputSourceConfig", - "OutputSourceConfig", - "ResolutionTechniques", - "RoleArn", - "WorkflowName" + "PeerAccountId", + "PeerRegion", + "PeerTransitGatewayId", + "TransitGatewayId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EntityResolution::MatchingWorkflow" + "AWS::EC2::TransitGatewayPeeringAttachment" ], "type": "string" }, @@ -95438,195 +100135,23 @@ ], "type": "object" }, - "AWS::EntityResolution::MatchingWorkflow.InputSource": { - "additionalProperties": false, - "properties": { - "ApplyNormalization": { - "markdownDescription": "Normalizes the attributes defined in the schema in the input data. For example, if an attribute has an `AttributeType` of `PHONE_NUMBER` , and the data in the input table is in a format of 1234567890, AWS Entity Resolution will normalize this field in the output to (123)-456-7890.", - "title": "ApplyNormalization", - "type": "boolean" - }, - "InputSourceARN": { - "markdownDescription": "An object containing `InputSourceARN` , `SchemaName` , and `ApplyNormalization` .", - "title": "InputSourceARN", - "type": "string" - }, - "SchemaArn": { - "markdownDescription": "The name of the schema.", - "title": "SchemaArn", - "type": "string" - } - }, - "required": [ - "InputSourceARN", - "SchemaArn" - ], - "type": "object" - }, - "AWS::EntityResolution::MatchingWorkflow.IntermediateSourceConfiguration": { - "additionalProperties": false, - "properties": { - "IntermediateS3Path": { - "markdownDescription": "The Amazon S3 location (bucket and prefix). For example: `s3://provider_bucket/DOC-EXAMPLE-BUCKET`", - "title": "IntermediateS3Path", - "type": "string" - } - }, - "required": [ - "IntermediateS3Path" - ], - "type": "object" - }, - "AWS::EntityResolution::MatchingWorkflow.OutputAttribute": { - "additionalProperties": false, - "properties": { - "Hashed": { - "markdownDescription": "Enables the ability to hash the column values in the output.", - "title": "Hashed", - "type": "boolean" - }, - "Name": { - "markdownDescription": "A name of a column to be written to the output. This must be an `InputField` name in the schema mapping.", - "title": "Name", - "type": "string" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "AWS::EntityResolution::MatchingWorkflow.OutputSource": { - "additionalProperties": false, - "properties": { - "ApplyNormalization": { - "markdownDescription": "Normalizes the attributes defined in the schema in the input data. For example, if an attribute has an `AttributeType` of `PHONE_NUMBER` , and the data in the input table is in a format of 1234567890, AWS Entity Resolution will normalize this field in the output to (123)-456-7890.", - "title": "ApplyNormalization", - "type": "boolean" - }, - "KMSArn": { - "markdownDescription": "Customer KMS ARN for encryption at rest. If not provided, system will use an AWS Entity Resolution managed KMS key.", - "title": "KMSArn", - "type": "string" - }, - "Output": { - "items": { - "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.OutputAttribute" - }, - "markdownDescription": "A list of `OutputAttribute` objects, each of which have the fields `Name` and `Hashed` . Each of these objects selects a column to be included in the output table, and whether the values of the column should be hashed.", - "title": "Output", - "type": "array" - }, - "OutputS3Path": { - "markdownDescription": "The S3 path to which AWS Entity Resolution will write the output table.", - "title": "OutputS3Path", - "type": "string" - } - }, - "required": [ - "Output", - "OutputS3Path" - ], - "type": "object" - }, - "AWS::EntityResolution::MatchingWorkflow.ProviderProperties": { - "additionalProperties": false, - "properties": { - "IntermediateSourceConfiguration": { - "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.IntermediateSourceConfiguration", - "markdownDescription": "The Amazon S3 location that temporarily stores your data while it processes. Your information won't be saved permanently.", - "title": "IntermediateSourceConfiguration" - }, - "ProviderConfiguration": { - "additionalProperties": true, - "markdownDescription": "The required configuration fields to use with the provider service.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "ProviderConfiguration", - "type": "object" - }, - "ProviderServiceArn": { - "markdownDescription": "The ARN of the provider service.", - "title": "ProviderServiceArn", - "type": "string" - } - }, - "required": [ - "ProviderServiceArn" - ], - "type": "object" - }, - "AWS::EntityResolution::MatchingWorkflow.ResolutionTechniques": { + "AWS::EC2::TransitGatewayPeeringAttachment.PeeringAttachmentStatus": { "additionalProperties": false, "properties": { - "ProviderProperties": { - "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.ProviderProperties", - "markdownDescription": "The properties of the provider service.", - "title": "ProviderProperties" - }, - "ResolutionType": { - "markdownDescription": "The type of matching. There are three types of matching: `RULE_MATCHING` , `ML_MATCHING` , and `PROVIDER` .", - "title": "ResolutionType", + "Code": { + "markdownDescription": "The status code.", + "title": "Code", "type": "string" }, - "RuleBasedProperties": { - "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.RuleBasedProperties", - "markdownDescription": "An object which defines the list of matching rules to run and has a field `Rules` , which is a list of rule objects.", - "title": "RuleBasedProperties" - } - }, - "type": "object" - }, - "AWS::EntityResolution::MatchingWorkflow.Rule": { - "additionalProperties": false, - "properties": { - "MatchingKeys": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of `MatchingKeys` . The `MatchingKeys` must have been defined in the `SchemaMapping` . Two records are considered to match according to this rule if all of the `MatchingKeys` match.", - "title": "MatchingKeys", - "type": "array" - }, - "RuleName": { - "markdownDescription": "A name for the matching rule.", - "title": "RuleName", - "type": "string" - } - }, - "required": [ - "MatchingKeys", - "RuleName" - ], - "type": "object" - }, - "AWS::EntityResolution::MatchingWorkflow.RuleBasedProperties": { - "additionalProperties": false, - "properties": { - "AttributeMatchingModel": { - "markdownDescription": "The comparison type. You can either choose `ONE_TO_ONE` or `MANY_TO_MANY` as the `attributeMatchingModel` .\n\nIf you choose `MANY_TO_MANY` , the system can match attributes across the sub-types of an attribute type. For example, if the value of the `Email` field of Profile A and the value of `BusinessEmail` field of Profile B matches, the two profiles are matched on the `Email` attribute type.\n\nIf you choose `ONE_TO_ONE` , the system can only match attributes if the sub-types are an exact match. For example, for the `Email` attribute type, the system will only consider it a match if the value of the `Email` field of Profile A matches the value of the `Email` field of Profile B.", - "title": "AttributeMatchingModel", + "Message": { + "markdownDescription": "The status message, if applicable.", + "title": "Message", "type": "string" - }, - "Rules": { - "items": { - "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.Rule" - }, - "markdownDescription": "A list of `Rule` objects, each of which have fields `RuleName` and `MatchingKeys` .", - "title": "Rules", - "type": "array" } }, - "required": [ - "AttributeMatchingModel", - "Rules" - ], "type": "object" }, - "AWS::EntityResolution::PolicyStatement": { + "AWS::EC2::TransitGatewayRoute": { "additionalProperties": false, "properties": { "Condition": { @@ -95661,52 +100186,36 @@ "Properties": { "additionalProperties": false, "properties": { - "Action": { - "items": { - "type": "string" - }, - "markdownDescription": "The action that the principal can use on the resource.\n\nFor example, `entityresolution:GetIdMappingJob` , `entityresolution:GetMatchingJob` .", - "title": "Action", - "type": "array" - }, - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource that will be accessed by the principal.", - "title": "Arn", - "type": "string" + "Blackhole": { + "markdownDescription": "Indicates whether to drop traffic that matches this route.", + "title": "Blackhole", + "type": "boolean" }, - "Condition": { - "markdownDescription": "A set of condition keys that you can use in key policies.", - "title": "Condition", + "DestinationCidrBlock": { + "markdownDescription": "The CIDR block used for destination matches.", + "title": "DestinationCidrBlock", "type": "string" }, - "Effect": { - "markdownDescription": "Determines whether the permissions specified in the policy are to be allowed ( `Allow` ) or denied ( `Deny` ).\n\n> If you set the value of the `effect` parameter to `Deny` for the `AddPolicyStatement` operation, you must also set the value of the `effect` parameter in the `policy` to `Deny` for the `PutPolicy` operation.", - "title": "Effect", + "TransitGatewayAttachmentId": { + "markdownDescription": "The ID of the attachment.", + "title": "TransitGatewayAttachmentId", "type": "string" }, - "Principal": { - "items": { - "type": "string" - }, - "markdownDescription": "The AWS service or AWS account that can access the resource defined as ARN.", - "title": "Principal", - "type": "array" - }, - "StatementId": { - "markdownDescription": "A statement identifier that differentiates the statement from others in the same policy.", - "title": "StatementId", + "TransitGatewayRouteTableId": { + "markdownDescription": "The ID of the transit gateway route table.", + "title": "TransitGatewayRouteTableId", "type": "string" } }, "required": [ - "Arn", - "StatementId" + "DestinationCidrBlock", + "TransitGatewayRouteTableId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EntityResolution::PolicyStatement" + "AWS::EC2::TransitGatewayRoute" ], "type": "string" }, @@ -95725,7 +100234,7 @@ ], "type": "object" }, - "AWS::EntityResolution::SchemaMapping": { + "AWS::EC2::TransitGatewayRouteTable": { "additionalProperties": false, "properties": { "Condition": { @@ -95760,42 +100269,28 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the schema.", - "title": "Description", - "type": "string" - }, - "MappedInputFields": { - "items": { - "$ref": "#/definitions/AWS::EntityResolution::SchemaMapping.SchemaInputAttribute" - }, - "markdownDescription": "A list of `MappedInputFields` . Each `MappedInputField` corresponds to a column the source data table, and contains column name plus additional information that AWS Entity Resolution uses for matching.", - "title": "MappedInputFields", - "type": "array" - }, - "SchemaName": { - "markdownDescription": "The name of the schema. There can't be multiple `SchemaMappings` with the same name.", - "title": "SchemaName", - "type": "string" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "markdownDescription": "Any tags assigned to the route table.", "title": "Tags", "type": "array" + }, + "TransitGatewayId": { + "markdownDescription": "The ID of the transit gateway.", + "title": "TransitGatewayId", + "type": "string" } }, "required": [ - "MappedInputFields", - "SchemaName" + "TransitGatewayId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EntityResolution::SchemaMapping" + "AWS::EC2::TransitGatewayRouteTable" ], "type": "string" }, @@ -95814,42 +100309,7 @@ ], "type": "object" }, - "AWS::EntityResolution::SchemaMapping.SchemaInputAttribute": { - "additionalProperties": false, - "properties": { - "FieldName": { - "markdownDescription": "A string containing the field name.", - "title": "FieldName", - "type": "string" - }, - "GroupName": { - "markdownDescription": "A string that instructs AWS Entity Resolution to combine several columns into a unified column with the identical attribute type.\n\nFor example, when working with columns such as `NAME_FIRST` , `NAME_MIDDLE` , and `NAME_LAST` , assigning them a common `groupName` will prompt AWS Entity Resolution to concatenate them into a single value.", - "title": "GroupName", - "type": "string" - }, - "MatchKey": { - "markdownDescription": "A key that allows grouping of multiple input attributes into a unified matching group.\n\nFor example, consider a scenario where the source table contains various addresses, such as `business_address` and `shipping_address` . By assigning a `matchKey` called `address` to both attributes, AWS Entity Resolution will match records across these fields to create a consolidated matching group.\n\nIf no `matchKey` is specified for a column, it won't be utilized for matching purposes but will still be included in the output table.", - "title": "MatchKey", - "type": "string" - }, - "SubType": { - "markdownDescription": "The subtype of the attribute, selected from a list of values.", - "title": "SubType", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of the attribute, selected from a list of values.\n\nLiveRamp supports: `NAME` | `NAME_FIRST` | `NAME_MIDDLE` | `NAME_LAST` | `ADDRESS` | `ADDRESS_STREET1` | `ADDRESS_STREET2` | `ADDRESS_STREET3` | `ADDRESS_CITY` | `ADDRESS_STATE` | `ADDRESS_COUNTRY` | `ADDRESS_POSTALCODE` | `PHONE` | `PHONE_NUMBER` | `EMAIL_ADDRESS` | `UNIQUE_ID` | `PROVIDER_ID`\n\nTransUnion supports: `NAME` | `NAME_FIRST` | `NAME_LAST` | `ADDRESS` | `ADDRESS_CITY` | `ADDRESS_STATE` | `ADDRESS_COUNTRY` | `ADDRESS_POSTALCODE` | `PHONE_NUMBER` | `EMAIL_ADDRESS` | `UNIQUE_ID` | `IPV4` | `IPV6` | `MAID`\n\nUnified ID 2.0 supports: `PHONE_NUMBER` | `EMAIL_ADDRESS` | `UNIQUE_ID`\n\n> Normalization is only supported for `NAME` , `ADDRESS` , `PHONE` , and `EMAIL_ADDRESS` .\n> \n> If you want to normalize `NAME_FIRST` , `NAME_MIDDLE` , and `NAME_LAST` , you must group them by assigning them to the `NAME` `groupName` .\n> \n> If you want to normalize `ADDRESS_STREET1` , `ADDRESS_STREET2` , `ADDRESS_STREET3` , `ADDRESS_CITY` , `ADDRESS_STATE` , `ADDRESS_COUNTRY` , and `ADDRESS_POSTALCODE` , you must group them by assigning them to the `ADDRESS` `groupName` .\n> \n> If you want to normalize `PHONE_NUMBER` and `PHONE_COUNTRYCODE` , you must group them by assigning them to the `PHONE` `groupName` .", - "title": "Type", - "type": "string" - } - }, - "required": [ - "FieldName", - "Type" - ], - "type": "object" - }, - "AWS::EventSchemas::Discoverer": { + "AWS::EC2::TransitGatewayRouteTableAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -95884,38 +100344,26 @@ "Properties": { "additionalProperties": false, "properties": { - "CrossAccount": { - "markdownDescription": "Allows for the discovery of the event schemas that are sent to the event bus from another account.", - "title": "CrossAccount", - "type": "boolean" - }, - "Description": { - "markdownDescription": "A description for the discoverer.", - "title": "Description", + "TransitGatewayAttachmentId": { + "markdownDescription": "The ID of the attachment.", + "title": "TransitGatewayAttachmentId", "type": "string" }, - "SourceArn": { - "markdownDescription": "The ARN of the event bus.", - "title": "SourceArn", + "TransitGatewayRouteTableId": { + "markdownDescription": "The ID of the route table for the transit gateway.", + "title": "TransitGatewayRouteTableId", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/AWS::EventSchemas::Discoverer.TagsEntry" - }, - "markdownDescription": "Tags associated with the resource.", - "title": "Tags", - "type": "array" } }, "required": [ - "SourceArn" + "TransitGatewayAttachmentId", + "TransitGatewayRouteTableId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EventSchemas::Discoverer" + "AWS::EC2::TransitGatewayRouteTableAssociation" ], "type": "string" }, @@ -95934,27 +100382,7 @@ ], "type": "object" }, - "AWS::EventSchemas::Discoverer.TagsEntry": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "The key of a key-value pair.", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "The value of a key-value pair.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - }, - "AWS::EventSchemas::Registry": { + "AWS::EC2::TransitGatewayRouteTablePropagation": { "additionalProperties": false, "properties": { "Condition": { @@ -95989,30 +100417,26 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the registry to be created.", - "title": "Description", + "TransitGatewayAttachmentId": { + "markdownDescription": "The ID of the attachment.", + "title": "TransitGatewayAttachmentId", "type": "string" }, - "RegistryName": { - "markdownDescription": "The name of the schema registry.", - "title": "RegistryName", + "TransitGatewayRouteTableId": { + "markdownDescription": "The ID of the propagation route table.", + "title": "TransitGatewayRouteTableId", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/AWS::EventSchemas::Registry.TagsEntry" - }, - "markdownDescription": "Tags to associate with the registry.", - "title": "Tags", - "type": "array" } }, + "required": [ + "TransitGatewayAttachmentId", + "TransitGatewayRouteTableId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::EventSchemas::Registry" + "AWS::EC2::TransitGatewayRouteTablePropagation" ], "type": "string" }, @@ -96026,31 +100450,149 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::EventSchemas::Registry.TagsEntry": { + "AWS::EC2::TransitGatewayVpcAttachment": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The key of a key-value pair.", - "title": "Key", + "Condition": { "type": "string" }, - "Value": { - "markdownDescription": "The value of a key-value pair.", - "title": "Value", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AddSubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of one or more subnets to add. You can specify at most one subnet per Availability Zone.", + "title": "AddSubnetIds", + "type": "array" + }, + "Options": { + "$ref": "#/definitions/AWS::EC2::TransitGatewayVpcAttachment.Options", + "markdownDescription": "The VPC attachment options.", + "title": "Options" + }, + "RemoveSubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of one or more subnets to remove.", + "title": "RemoveSubnetIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the subnets.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the VPC attachment.", + "title": "Tags", + "type": "array" + }, + "TransitGatewayId": { + "markdownDescription": "The ID of the transit gateway.", + "title": "TransitGatewayId", + "type": "string" + }, + "VpcId": { + "markdownDescription": "The ID of the VPC.", + "title": "VpcId", + "type": "string" + } + }, + "required": [ + "SubnetIds", + "TransitGatewayId", + "VpcId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::EC2::TransitGatewayVpcAttachment" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, "required": [ - "Key", - "Value" + "Type", + "Properties" ], "type": "object" }, - "AWS::EventSchemas::RegistryPolicy": { + "AWS::EC2::TransitGatewayVpcAttachment.Options": { + "additionalProperties": false, + "properties": { + "ApplianceModeSupport": { + "markdownDescription": "Enable or disable appliance mode support. The default is `disable` .", + "title": "ApplianceModeSupport", + "type": "string" + }, + "DnsSupport": { + "markdownDescription": "Enable or disable DNS support. The default is `disable` .", + "title": "DnsSupport", + "type": "string" + }, + "Ipv6Support": { + "markdownDescription": "Enable or disable IPv6 support. The default is `disable` .", + "title": "Ipv6Support", + "type": "string" + }, + "SecurityGroupReferencingSupport": { + "markdownDescription": "Enables you to reference a security group across VPCs attached to a transit gateway (TGW). Use this option to simplify security group management and control of instance-to-instance traffic across VPCs that are connected by transit gateway. You can also use this option to migrate from VPC peering (which was the only option that supported security group referencing) to transit gateways (which now also support security group referencing). This option is disabled by default and there are no additional costs to use this feature.\n\nFor important information about this feature, see [Create a transit gateway](https://docs.aws.amazon.com/vpc/latest/tgw/tgw-transit-gateways.html#create-tgw) in the *AWS Transit Gateway Guide* .", + "title": "SecurityGroupReferencingSupport", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::VPC": { "additionalProperties": false, "properties": { "Condition": { @@ -96085,31 +100627,50 @@ "Properties": { "additionalProperties": false, "properties": { - "Policy": { - "markdownDescription": "A resource-based policy.", - "title": "Policy", - "type": "object" + "CidrBlock": { + "markdownDescription": "The IPv4 network range for the VPC, in CIDR notation. For example, `10.0.0.0/16` . We modify the specified CIDR block to its canonical form; for example, if you specify `100.68.0.18/18` , we modify it to `100.68.0.0/18` .\n\nYou must specify either `CidrBlock` or `Ipv4IpamPoolId` .", + "title": "CidrBlock", + "type": "string" }, - "RegistryName": { - "markdownDescription": "The name of the registry.", - "title": "RegistryName", + "EnableDnsHostnames": { + "markdownDescription": "Indicates whether the instances launched in the VPC get DNS hostnames. If enabled, instances in the VPC get DNS hostnames; otherwise, they do not. Disabled by default for nondefault VPCs. For more information, see [DNS attributes in your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-dns.html#vpc-dns-support) .\n\nYou can only enable DNS hostnames if you've enabled DNS support.", + "title": "EnableDnsHostnames", + "type": "boolean" + }, + "EnableDnsSupport": { + "markdownDescription": "Indicates whether the DNS resolution is supported for the VPC. If enabled, queries to the Amazon provided DNS server at the 169.254.169.253 IP address, or the reserved IP address at the base of the VPC network range \"plus two\" succeed. If disabled, the Amazon provided DNS service in the VPC that resolves public DNS hostnames to IP addresses is not enabled. Enabled by default. For more information, see [DNS attributes in your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-dns.html#vpc-dns-support) .", + "title": "EnableDnsSupport", + "type": "boolean" + }, + "InstanceTenancy": { + "markdownDescription": "The allowed tenancy of instances launched into the VPC.\n\n- `default` : An instance launched into the VPC runs on shared hardware by default, unless you explicitly specify a different tenancy during instance launch.\n- `dedicated` : An instance launched into the VPC runs on dedicated hardware by default, unless you explicitly specify a tenancy of `host` during instance launch. You cannot specify a tenancy of `default` during instance launch.\n\nUpdating `InstanceTenancy` requires no replacement only if you are updating its value from `dedicated` to `default` . Updating `InstanceTenancy` from `default` to `dedicated` requires replacement.", + "title": "InstanceTenancy", "type": "string" }, - "RevisionId": { - "markdownDescription": "The revision ID of the policy.", - "title": "RevisionId", + "Ipv4IpamPoolId": { + "markdownDescription": "The ID of an IPv4 IPAM pool you want to use for allocating this VPC's CIDR. For more information, see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide* .\n\nYou must specify either `CidrBlock` or `Ipv4IpamPoolId` .", + "title": "Ipv4IpamPoolId", "type": "string" + }, + "Ipv4NetmaskLength": { + "markdownDescription": "The netmask length of the IPv4 CIDR you want to allocate to this VPC from an Amazon VPC IP Address Manager (IPAM) pool. For more information about IPAM, see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide* .", + "title": "Ipv4NetmaskLength", + "type": "number" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the VPC.", + "title": "Tags", + "type": "array" } }, - "required": [ - "Policy", - "RegistryName" - ], "type": "object" }, "Type": { "enum": [ - "AWS::EventSchemas::RegistryPolicy" + "AWS::EC2::VPC" ], "type": "string" }, @@ -96123,12 +100684,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::EventSchemas::Schema": { + "AWS::EC2::VPCBlockPublicAccessExclusion": { "additionalProperties": false, "properties": { "Condition": { @@ -96163,50 +100723,38 @@ "Properties": { "additionalProperties": false, "properties": { - "Content": { - "markdownDescription": "The source of the schema definition.", - "title": "Content", - "type": "string" - }, - "Description": { - "markdownDescription": "A description of the schema.", - "title": "Description", - "type": "string" - }, - "RegistryName": { - "markdownDescription": "The name of the schema registry.", - "title": "RegistryName", + "InternetGatewayExclusionMode": { + "markdownDescription": "The desired VPC Block Public Access mode for a specific VPC or subnet exclusion.\n\n- `allow-bidirectional` : Allow all internet traffic to and from the excluded VPCs and subnets.\n- `allow-egress` : Allow outbound internet traffic from the excluded VPCs and subnets. Block inbound internet traffic to the excluded VPCs and subnets. Only applies when VPC Block Public Access is set to `block-bidirectional` .", + "title": "InternetGatewayExclusionMode", "type": "string" }, - "SchemaName": { - "markdownDescription": "The name of the schema.", - "title": "SchemaName", + "SubnetId": { + "markdownDescription": "The ID of the subnet you want to exclude. Required only if you don't specify VpcId.", + "title": "SubnetId", "type": "string" }, "Tags": { "items": { - "$ref": "#/definitions/AWS::EventSchemas::Schema.TagsEntry" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "Tags associated with the schema.", + "markdownDescription": "An array of key-value pairs to apply to this resource.", "title": "Tags", "type": "array" }, - "Type": { - "markdownDescription": "The type of schema.\n\nValid types include `OpenApi3` and `JSONSchemaDraft4` .", - "title": "Type", + "VpcId": { + "markdownDescription": "The ID of the VPC you want to exclude. Required only if you don't specify SubnetId.", + "title": "VpcId", "type": "string" } }, "required": [ - "Content", - "RegistryName", - "Type" + "InternetGatewayExclusionMode" ], "type": "object" }, "Type": { "enum": [ - "AWS::EventSchemas::Schema" + "AWS::EC2::VPCBlockPublicAccessExclusion" ], "type": "string" }, @@ -96225,27 +100773,74 @@ ], "type": "object" }, - "AWS::EventSchemas::Schema.TagsEntry": { + "AWS::EC2::VPCBlockPublicAccessOptions": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The key of a key-value pair.", - "title": "Key", + "Condition": { "type": "string" }, - "Value": { - "markdownDescription": "The value of a key-value pair.", - "title": "Value", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "InternetGatewayBlockMode": { + "markdownDescription": "The desired VPC Block Public Access mode for internet gateways in your account. We do not allow you to create this resource type in an \"off\" mode since off is the default value.\n\n- `block-bidirectional` : Block all traffic to and from internet gateways and egress-only internet gateways in this Region (except for excluded VPCs and subnets).\n- `block-ingress` : Block all internet traffic to the VPCs in this Region (except for VPCs or subnets which are excluded). Only traffic to and from NAT gateways and egress-only internet gateways is allowed because these gateways only allow outbound connections to be established.", + "title": "InternetGatewayBlockMode", + "type": "string" + } + }, + "required": [ + "InternetGatewayBlockMode" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::EC2::VPCBlockPublicAccessOptions" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Key", - "Value" + "Type", + "Properties" ], "type": "object" }, - "AWS::Events::ApiDestination": { + "AWS::EC2::VPCCidrBlock": { "additionalProperties": false, "properties": { "Condition": { @@ -96280,47 +100875,65 @@ "Properties": { "additionalProperties": false, "properties": { - "ConnectionArn": { - "markdownDescription": "The ARN of the connection to use for the API destination. The destination endpoint must support the authorization type specified for the connection.", - "title": "ConnectionArn", + "AmazonProvidedIpv6CidrBlock": { + "markdownDescription": "Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC. You cannot specify the range of IPv6 addresses or the size of the CIDR block.", + "title": "AmazonProvidedIpv6CidrBlock", + "type": "boolean" + }, + "CidrBlock": { + "markdownDescription": "An IPv4 CIDR block to associate with the VPC.", + "title": "CidrBlock", "type": "string" }, - "Description": { - "markdownDescription": "A description for the API destination to create.", - "title": "Description", + "Ipv4IpamPoolId": { + "markdownDescription": "Associate a CIDR allocated from an IPv4 IPAM pool to a VPC. For more information about Amazon VPC IP Address Manager (IPAM), see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide* .", + "title": "Ipv4IpamPoolId", "type": "string" }, - "HttpMethod": { - "markdownDescription": "The method to use for the request to the HTTP invocation endpoint.", - "title": "HttpMethod", + "Ipv4NetmaskLength": { + "markdownDescription": "The netmask length of the IPv4 CIDR you would like to associate from an Amazon VPC IP Address Manager (IPAM) pool. For more information about IPAM, see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide* .", + "title": "Ipv4NetmaskLength", + "type": "number" + }, + "Ipv6CidrBlock": { + "markdownDescription": "An IPv6 CIDR block from the IPv6 address pool. You must also specify `Ipv6Pool` in the request.\n\nTo let Amazon choose the IPv6 CIDR block for you, omit this parameter.", + "title": "Ipv6CidrBlock", "type": "string" }, - "InvocationEndpoint": { - "markdownDescription": "The URL to the HTTP invocation endpoint for the API destination.", - "title": "InvocationEndpoint", + "Ipv6CidrBlockNetworkBorderGroup": { + "markdownDescription": "The name of the location from which we advertise the IPV6 CIDR block. Use this parameter to limit the CIDR block to this location.\n\nYou must set `AmazonProvidedIpv6CidrBlock` to `true` to use this parameter.\n\nYou can have one IPv6 CIDR block association per network border group.", + "title": "Ipv6CidrBlockNetworkBorderGroup", "type": "string" }, - "InvocationRateLimitPerSecond": { - "markdownDescription": "The maximum number of requests per second to send to the HTTP invocation endpoint.", - "title": "InvocationRateLimitPerSecond", + "Ipv6IpamPoolId": { + "markdownDescription": "Associates a CIDR allocated from an IPv6 IPAM pool to a VPC. For more information about Amazon VPC IP Address Manager (IPAM), see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide* .", + "title": "Ipv6IpamPoolId", + "type": "string" + }, + "Ipv6NetmaskLength": { + "markdownDescription": "The netmask length of the IPv6 CIDR you would like to associate from an Amazon VPC IP Address Manager (IPAM) pool. For more information about IPAM, see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide* .", + "title": "Ipv6NetmaskLength", "type": "number" }, - "Name": { - "markdownDescription": "The name for the API destination to create.", - "title": "Name", + "Ipv6Pool": { + "markdownDescription": "The ID of an IPv6 address pool from which to allocate the IPv6 CIDR block.", + "title": "Ipv6Pool", + "type": "string" + }, + "VpcId": { + "markdownDescription": "The ID of the VPC.", + "title": "VpcId", "type": "string" } }, "required": [ - "ConnectionArn", - "HttpMethod", - "InvocationEndpoint" + "VpcId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Events::ApiDestination" + "AWS::EC2::VPCCidrBlock" ], "type": "string" }, @@ -96339,7 +100952,7 @@ ], "type": "object" }, - "AWS::Events::Archive": { + "AWS::EC2::VPCDHCPOptionsAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -96374,40 +100987,26 @@ "Properties": { "additionalProperties": false, "properties": { - "ArchiveName": { - "markdownDescription": "The name for the archive to create.", - "title": "ArchiveName", - "type": "string" - }, - "Description": { - "markdownDescription": "A description for the archive.", - "title": "Description", + "DhcpOptionsId": { + "markdownDescription": "The ID of the DHCP options set, or `default` to associate no DHCP options with the VPC.", + "title": "DhcpOptionsId", "type": "string" }, - "EventPattern": { - "markdownDescription": "An event pattern to use to filter events sent to the archive.", - "title": "EventPattern", - "type": "object" - }, - "RetentionDays": { - "markdownDescription": "The number of days to retain events for. Default value is 0. If set to 0, events are retained indefinitely", - "title": "RetentionDays", - "type": "number" - }, - "SourceArn": { - "markdownDescription": "The ARN of the event bus that sends events to the archive.", - "title": "SourceArn", + "VpcId": { + "markdownDescription": "The ID of the VPC.", + "title": "VpcId", "type": "string" } }, "required": [ - "SourceArn" + "DhcpOptionsId", + "VpcId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Events::Archive" + "AWS::EC2::VPCDHCPOptionsAssociation" ], "type": "string" }, @@ -96426,7 +101025,7 @@ ], "type": "object" }, - "AWS::Events::Connection": { + "AWS::EC2::VPCEndpoint": { "additionalProperties": false, "properties": { "Condition": { @@ -96461,32 +101060,97 @@ "Properties": { "additionalProperties": false, "properties": { - "AuthParameters": { - "$ref": "#/definitions/AWS::Events::Connection.AuthParameters", - "markdownDescription": "The authorization parameters to use to authorize with the endpoint.\n\nYou must include only authorization parameters for the `AuthorizationType` you specify.", - "title": "AuthParameters" + "DnsOptions": { + "$ref": "#/definitions/AWS::EC2::VPCEndpoint.DnsOptionsSpecification", + "markdownDescription": "Describes the DNS options for an endpoint.", + "title": "DnsOptions" }, - "AuthorizationType": { - "markdownDescription": "The type of authorization to use for the connection.\n\n> OAUTH tokens are refreshed when a 401 or 407 response is returned.", - "title": "AuthorizationType", + "IpAddressType": { + "markdownDescription": "The supported IP address types.", + "title": "IpAddressType", "type": "string" }, - "Description": { - "markdownDescription": "A description for the connection to create.", - "title": "Description", + "PolicyDocument": { + "markdownDescription": "An endpoint policy, which controls access to the service from the VPC. The default endpoint policy allows full access to the service. Endpoint policies are supported only for gateway and interface endpoints.\n\nFor CloudFormation templates in YAML, you can provide the policy in JSON or YAML format. For example, if you have a JSON policy, you can convert it to YAML before including it in the YAML template, and AWS CloudFormation converts the policy to JSON format before calling the API actions for AWS PrivateLink . Alternatively, you can include the JSON directly in the YAML, as shown in the following `Properties` section:\n\n`Properties: VpcEndpointType: 'Interface' ServiceName: !Sub 'com.amazonaws.${AWS::Region}.logs' PolicyDocument: '{ \"Version\":\"2012-10-17\", \"Statement\": [{ \"Effect\":\"Allow\", \"Principal\":\"*\", \"Action\":[\"logs:Describe*\",\"logs:Get*\",\"logs:List*\",\"logs:FilterLogEvents\"], \"Resource\":\"*\" }] }'`", + "title": "PolicyDocument", + "type": "object" + }, + "PrivateDnsEnabled": { + "markdownDescription": "Indicate whether to associate a private hosted zone with the specified VPC. The private hosted zone contains a record set for the default public DNS name for the service for the Region (for example, `kinesis.us-east-1.amazonaws.com` ), which resolves to the private IP addresses of the endpoint network interfaces in the VPC. This enables you to make requests to the default public DNS name for the service instead of the public DNS names that are automatically generated by the VPC endpoint service.\n\nTo use a private hosted zone, you must set the following VPC attributes to `true` : `enableDnsHostnames` and `enableDnsSupport` .\n\nThis property is supported only for interface endpoints.\n\nDefault: `false`", + "title": "PrivateDnsEnabled", + "type": "boolean" + }, + "ResourceConfigurationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource configuration.", + "title": "ResourceConfigurationArn", "type": "string" }, - "Name": { - "markdownDescription": "The name for the connection to create.", - "title": "Name", + "RouteTableIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the route tables. Routing is supported only for gateway endpoints.", + "title": "RouteTableIds", + "type": "array" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the security groups to associate with the endpoint network interfaces. If this parameter is not specified, we use the default security group for the VPC. Security groups are supported only for interface endpoints.", + "title": "SecurityGroupIds", + "type": "array" + }, + "ServiceName": { + "markdownDescription": "The name of the endpoint service.", + "title": "ServiceName", + "type": "string" + }, + "ServiceNetworkArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the service network.", + "title": "ServiceNetworkArn", + "type": "string" + }, + "ServiceRegion": { + "markdownDescription": "Describes a Region.", + "title": "ServiceRegion", + "type": "string" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the subnets in which to create endpoint network interfaces. You must specify this property for an interface endpoint or a Gateway Load Balancer endpoint. You can't specify this property for a gateway endpoint. For a Gateway Load Balancer endpoint, you can specify only one subnet.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to associate with the endpoint.", + "title": "Tags", + "type": "array" + }, + "VpcEndpointType": { + "markdownDescription": "The type of endpoint.\n\nDefault: Gateway", + "title": "VpcEndpointType", + "type": "string" + }, + "VpcId": { + "markdownDescription": "The ID of the VPC.", + "title": "VpcId", "type": "string" } }, + "required": [ + "VpcId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Events::Connection" + "AWS::EC2::VPCEndpoint" ], "type": "string" }, @@ -96500,183 +101164,114 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Events::Connection.ApiKeyAuthParameters": { + "AWS::EC2::VPCEndpoint.DnsOptionsSpecification": { "additionalProperties": false, "properties": { - "ApiKeyName": { - "markdownDescription": "The name of the API key to use for authorization.", - "title": "ApiKeyName", + "DnsRecordIpType": { + "markdownDescription": "The DNS records created for the endpoint.", + "title": "DnsRecordIpType", "type": "string" }, - "ApiKeyValue": { - "markdownDescription": "The value for the API key to use for authorization.", - "title": "ApiKeyValue", + "PrivateDnsOnlyForInboundResolverEndpoint": { + "markdownDescription": "Indicates whether to enable private DNS only for inbound endpoints. This option is available only for services that support both gateway and interface endpoints. It routes traffic that originates from the VPC to the gateway endpoint and traffic that originates from on-premises to the interface endpoint.", + "title": "PrivateDnsOnlyForInboundResolverEndpoint", "type": "string" } }, - "required": [ - "ApiKeyName", - "ApiKeyValue" - ], - "type": "object" - }, - "AWS::Events::Connection.AuthParameters": { - "additionalProperties": false, - "properties": { - "ApiKeyAuthParameters": { - "$ref": "#/definitions/AWS::Events::Connection.ApiKeyAuthParameters", - "markdownDescription": "The API Key parameters to use for authorization.", - "title": "ApiKeyAuthParameters" - }, - "BasicAuthParameters": { - "$ref": "#/definitions/AWS::Events::Connection.BasicAuthParameters", - "markdownDescription": "The authorization parameters for Basic authorization.", - "title": "BasicAuthParameters" - }, - "InvocationHttpParameters": { - "$ref": "#/definitions/AWS::Events::Connection.ConnectionHttpParameters", - "markdownDescription": "Additional parameters for the connection that are passed through with every invocation to the HTTP endpoint.", - "title": "InvocationHttpParameters" - }, - "OAuthParameters": { - "$ref": "#/definitions/AWS::Events::Connection.OAuthParameters", - "markdownDescription": "The OAuth parameters to use for authorization.", - "title": "OAuthParameters" - } - }, "type": "object" }, - "AWS::Events::Connection.BasicAuthParameters": { + "AWS::EC2::VPCEndpointConnectionNotification": { "additionalProperties": false, "properties": { - "Password": { - "markdownDescription": "The password associated with the user name to use for Basic authorization.", - "title": "Password", + "Condition": { "type": "string" }, - "Username": { - "markdownDescription": "The user name to use for Basic authorization.", - "title": "Username", - "type": "string" - } - }, - "required": [ - "Password", - "Username" - ], - "type": "object" - }, - "AWS::Events::Connection.ClientParameters": { - "additionalProperties": false, - "properties": { - "ClientID": { - "markdownDescription": "The client ID to use for OAuth authorization.", - "title": "ClientID", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ClientSecret": { - "markdownDescription": "The client secret assciated with the client ID to use for OAuth authorization.", - "title": "ClientSecret", - "type": "string" - } - }, - "required": [ - "ClientID", - "ClientSecret" - ], - "type": "object" - }, - "AWS::Events::Connection.ConnectionHttpParameters": { - "additionalProperties": false, - "properties": { - "BodyParameters": { - "items": { - "$ref": "#/definitions/AWS::Events::Connection.Parameter" - }, - "markdownDescription": "Any additional body string parameters for the connection.", - "title": "BodyParameters", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "HeaderParameters": { - "items": { - "$ref": "#/definitions/AWS::Events::Connection.Parameter" - }, - "markdownDescription": "Any additional header parameters for the connection.", - "title": "HeaderParameters", - "type": "array" + "Metadata": { + "type": "object" }, - "QueryStringParameters": { - "items": { - "$ref": "#/definitions/AWS::Events::Connection.Parameter" + "Properties": { + "additionalProperties": false, + "properties": { + "ConnectionEvents": { + "items": { + "type": "string" + }, + "markdownDescription": "The endpoint events for which to receive notifications. Valid values are `Accept` , `Connect` , `Delete` , and `Reject` .", + "title": "ConnectionEvents", + "type": "array" + }, + "ConnectionNotificationArn": { + "markdownDescription": "The ARN of the SNS topic for the notifications.", + "title": "ConnectionNotificationArn", + "type": "string" + }, + "ServiceId": { + "markdownDescription": "The ID of the endpoint service.", + "title": "ServiceId", + "type": "string" + }, + "VPCEndpointId": { + "markdownDescription": "The ID of the endpoint.", + "title": "VPCEndpointId", + "type": "string" + } }, - "markdownDescription": "Any additional query string parameters for the connection.", - "title": "QueryStringParameters", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Events::Connection.OAuthParameters": { - "additionalProperties": false, - "properties": { - "AuthorizationEndpoint": { - "markdownDescription": "The URL to the authorization endpoint when OAuth is specified as the authorization type.", - "title": "AuthorizationEndpoint", - "type": "string" - }, - "ClientParameters": { - "$ref": "#/definitions/AWS::Events::Connection.ClientParameters", - "markdownDescription": "The client parameters for OAuth authorization.", - "title": "ClientParameters" - }, - "HttpMethod": { - "markdownDescription": "The method to use for the authorization request.", - "title": "HttpMethod", - "type": "string" - }, - "OAuthHttpParameters": { - "$ref": "#/definitions/AWS::Events::Connection.ConnectionHttpParameters", - "markdownDescription": "Details about the additional parameters to use for the connection.", - "title": "OAuthHttpParameters" - } - }, - "required": [ - "AuthorizationEndpoint", - "ClientParameters", - "HttpMethod" - ], - "type": "object" - }, - "AWS::Events::Connection.Parameter": { - "additionalProperties": false, - "properties": { - "IsValueSecret": { - "markdownDescription": "Specifies whether the value is secret.", - "title": "IsValueSecret", - "type": "boolean" + "required": [ + "ConnectionEvents", + "ConnectionNotificationArn" + ], + "type": "object" }, - "Key": { - "markdownDescription": "The key for a query string parameter.", - "title": "Key", + "Type": { + "enum": [ + "AWS::EC2::VPCEndpointConnectionNotification" + ], "type": "string" }, - "Value": { - "markdownDescription": "The value associated with the key for the query string parameter.", - "title": "Value", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Key", - "Value" + "Type", + "Properties" ], "type": "object" }, - "AWS::Events::Endpoint": { + "AWS::EC2::VPCEndpointService": { "additionalProperties": false, "properties": { "Condition": { @@ -96711,49 +101306,67 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description for the endpoint.", - "title": "Description", - "type": "string" + "AcceptanceRequired": { + "markdownDescription": "Indicates whether requests from service consumers to create an endpoint to your service must be accepted.", + "title": "AcceptanceRequired", + "type": "boolean" }, - "EventBuses": { + "ContributorInsightsEnabled": { + "markdownDescription": "Indicates whether to enable the built-in Contributor Insights rules provided by AWS PrivateLink .", + "title": "ContributorInsightsEnabled", + "type": "boolean" + }, + "GatewayLoadBalancerArns": { "items": { - "$ref": "#/definitions/AWS::Events::Endpoint.EndpointEventBus" + "type": "string" }, - "markdownDescription": "The event buses being used by the endpoint.\n\n*Exactly* : `2`", - "title": "EventBuses", + "markdownDescription": "The Amazon Resource Names (ARNs) of the Gateway Load Balancers.", + "title": "GatewayLoadBalancerArns", "type": "array" }, - "Name": { - "markdownDescription": "The name of the endpoint.", - "title": "Name", + "NetworkLoadBalancerArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Names (ARNs) of the Network Load Balancers.", + "title": "NetworkLoadBalancerArns", + "type": "array" + }, + "PayerResponsibility": { + "markdownDescription": "The entity that is responsible for the endpoint costs. The default is the endpoint owner. If you set the payer responsibility to the service owner, you cannot set it back to the endpoint owner.", + "title": "PayerResponsibility", "type": "string" }, - "ReplicationConfig": { - "$ref": "#/definitions/AWS::Events::Endpoint.ReplicationConfig", - "markdownDescription": "Whether event replication was enabled or disabled for this endpoint. The default state is `ENABLED` which means you must supply a `RoleArn` . If you don't have a `RoleArn` or you don't want event replication enabled, set the state to `DISABLED` .", - "title": "ReplicationConfig" + "SupportedIpAddressTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The supported IP address types. The possible values are `ipv4` and `ipv6` .", + "title": "SupportedIpAddressTypes", + "type": "array" }, - "RoleArn": { - "markdownDescription": "The ARN of the role used by event replication for the endpoint.", - "title": "RoleArn", - "type": "string" + "SupportedRegions": { + "items": { + "type": "string" + }, + "markdownDescription": "The Regions from which service consumers can access the service.", + "title": "SupportedRegions", + "type": "array" }, - "RoutingConfig": { - "$ref": "#/definitions/AWS::Events::Endpoint.RoutingConfig", - "markdownDescription": "The routing configuration of the endpoint.", - "title": "RoutingConfig" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to associate with the service.", + "title": "Tags", + "type": "array" } }, - "required": [ - "EventBuses", - "RoutingConfig" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Events::Endpoint" + "AWS::EC2::VPCEndpointService" ], "type": "string" }, @@ -96767,102 +101380,11 @@ } }, "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::Events::Endpoint.EndpointEventBus": { - "additionalProperties": false, - "properties": { - "EventBusArn": { - "markdownDescription": "The ARN of the event bus the endpoint is associated with.", - "title": "EventBusArn", - "type": "string" - } - }, - "required": [ - "EventBusArn" - ], - "type": "object" - }, - "AWS::Events::Endpoint.FailoverConfig": { - "additionalProperties": false, - "properties": { - "Primary": { - "$ref": "#/definitions/AWS::Events::Endpoint.Primary", - "markdownDescription": "The main Region of the endpoint.", - "title": "Primary" - }, - "Secondary": { - "$ref": "#/definitions/AWS::Events::Endpoint.Secondary", - "markdownDescription": "The Region that events are routed to when failover is triggered or event replication is enabled.", - "title": "Secondary" - } - }, - "required": [ - "Primary", - "Secondary" - ], - "type": "object" - }, - "AWS::Events::Endpoint.Primary": { - "additionalProperties": false, - "properties": { - "HealthCheck": { - "markdownDescription": "The ARN of the health check used by the endpoint to determine whether failover is triggered.", - "title": "HealthCheck", - "type": "string" - } - }, - "required": [ - "HealthCheck" - ], - "type": "object" - }, - "AWS::Events::Endpoint.ReplicationConfig": { - "additionalProperties": false, - "properties": { - "State": { - "markdownDescription": "The state of event replication.", - "title": "State", - "type": "string" - } - }, - "required": [ - "State" - ], - "type": "object" - }, - "AWS::Events::Endpoint.RoutingConfig": { - "additionalProperties": false, - "properties": { - "FailoverConfig": { - "$ref": "#/definitions/AWS::Events::Endpoint.FailoverConfig", - "markdownDescription": "The failover configuration for an endpoint. This includes what triggers failover and what happens when it's triggered.", - "title": "FailoverConfig" - } - }, - "required": [ - "FailoverConfig" - ], - "type": "object" - }, - "AWS::Events::Endpoint.Secondary": { - "additionalProperties": false, - "properties": { - "Route": { - "markdownDescription": "Defines the secondary Region.", - "title": "Route", - "type": "string" - } - }, - "required": [ - "Route" + "Type" ], "type": "object" }, - "AWS::Events::EventBus": { + "AWS::EC2::VPCEndpointServicePermissions": { "additionalProperties": false, "properties": { "Condition": { @@ -96897,38 +101419,28 @@ "Properties": { "additionalProperties": false, "properties": { - "EventSourceName": { - "markdownDescription": "If you are creating a partner event bus, this specifies the partner event source that the new event bus will be matched with.", - "title": "EventSourceName", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the new event bus.\n\nCustom event bus names can't contain the `/` character, but you can use the `/` character in partner event bus names. In addition, for partner event buses, the name must exactly match the name of the partner event source that this event bus is matched to.\n\nYou can't use the name `default` for a custom event bus, as this name is already used for your account's default event bus.", - "title": "Name", - "type": "string" - }, - "Policy": { - "markdownDescription": "The permissions policy of the event bus, describing which other AWS accounts can write events to this event bus.", - "title": "Policy", - "type": "object" - }, - "Tags": { + "AllowedPrincipals": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "Tags to associate with the event bus.", - "title": "Tags", + "markdownDescription": "The Amazon Resource Names (ARN) of one or more principals (for example, users, IAM roles, and AWS accounts ). Permissions are granted to the principals in this list. To grant permissions to all principals, specify an asterisk (*). Permissions are revoked for principals not in this list. If the list is empty, then all permissions are revoked.", + "title": "AllowedPrincipals", "type": "array" + }, + "ServiceId": { + "markdownDescription": "The ID of the service.", + "title": "ServiceId", + "type": "string" } }, "required": [ - "Name" + "ServiceId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Events::EventBus" + "AWS::EC2::VPCEndpointServicePermissions" ], "type": "string" }, @@ -96947,7 +101459,7 @@ ], "type": "object" }, - "AWS::Events::EventBusPolicy": { + "AWS::EC2::VPCGatewayAttachment": { "additionalProperties": false, "properties": { "Condition": { @@ -96982,45 +101494,30 @@ "Properties": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The action that you are enabling the other account to perform.", - "title": "Action", - "type": "string" - }, - "Condition": { - "$ref": "#/definitions/AWS::Events::EventBusPolicy.Condition", - "markdownDescription": "This parameter enables you to limit the permission to accounts that fulfill a certain condition, such as being a member of a certain AWS organization. For more information about AWS Organizations, see [What Is AWS Organizations](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_introduction.html) in the *AWS Organizations User Guide* .\n\nIf you specify `Condition` with an AWS organization ID, and specify \"*\" as the value for `Principal` , you grant permission to all the accounts in the named organization.\n\nThe `Condition` is a JSON string which must contain `Type` , `Key` , and `Value` fields.", - "title": "Condition" - }, - "EventBusName": { - "markdownDescription": "The name of the event bus associated with the rule. If you omit this, the default event bus is used.", - "title": "EventBusName", + "InternetGatewayId": { + "markdownDescription": "The ID of the internet gateway.\n\nYou must specify either `InternetGatewayId` or `VpnGatewayId` , but not both.", + "title": "InternetGatewayId", "type": "string" }, - "Principal": { - "markdownDescription": "The 12-digit AWS account ID that you are permitting to put events to your default event bus. Specify \"*\" to permit any account to put events to your default event bus.\n\nIf you specify \"*\" without specifying `Condition` , avoid creating rules that may match undesirable events. To create more secure rules, make sure that the event pattern for each rule contains an `account` field with a specific account ID from which to receive events. Rules with an account field do not match any events sent from other accounts.", - "title": "Principal", + "VpcId": { + "markdownDescription": "The ID of the VPC.", + "title": "VpcId", "type": "string" }, - "Statement": { - "markdownDescription": "A JSON string that describes the permission policy statement. You can include a `Policy` parameter in the request instead of using the `StatementId` , `Action` , `Principal` , or `Condition` parameters.", - "title": "Statement", - "type": "object" - }, - "StatementId": { - "markdownDescription": "An identifier string for the external account that you are granting permissions to. If you later want to revoke the permission for this external account, specify this `StatementId` when you run [RemovePermission](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_RemovePermission.html) .\n\n> Each `StatementId` must be unique.", - "title": "StatementId", + "VpnGatewayId": { + "markdownDescription": "The ID of the virtual private gateway.\n\nYou must specify either `InternetGatewayId` or `VpnGatewayId` , but not both.", + "title": "VpnGatewayId", "type": "string" } }, "required": [ - "StatementId" + "VpcId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Events::EventBusPolicy" + "AWS::EC2::VPCGatewayAttachment" ], "type": "string" }, @@ -97039,40 +101536,12 @@ ], "type": "object" }, - "AWS::Events::EventBusPolicy.Condition": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "Specifies the key for the condition. Currently the only supported key is `aws:PrincipalOrgID` .", - "title": "Key", - "type": "string" - }, - "Type": { - "markdownDescription": "Specifies the type of condition. Currently the only supported value is `StringEquals` .", - "title": "Type", - "type": "string" - }, - "Value": { - "markdownDescription": "Specifies the value for the key. Currently, this must be the ID of the organization.", - "title": "Value", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Events::Rule": { + "AWS::EC2::VPCPeeringConnection": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, - "Connectors": { - "additionalProperties": { - "$ref": "#/definitions/EmbeddedConnector" - }, - "title": "Connectors", - "type": "object" - }, "DeletionPolicy": { "enum": [ "Delete", @@ -97102,55 +101571,49 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the rule.", - "title": "Description", - "type": "string" - }, - "EventBusName": { - "markdownDescription": "The name or ARN of the event bus associated with the rule. If you omit this, the default event bus is used.", - "title": "EventBusName", - "type": "string" - }, - "EventPattern": { - "markdownDescription": "The event pattern of the rule. For more information, see [Events and Event Patterns](https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-and-event-patterns.html) in the **Amazon EventBridge User Guide** .", - "title": "EventPattern", - "type": "object" - }, - "Name": { - "markdownDescription": "The name of the rule.", - "title": "Name", + "PeerOwnerId": { + "markdownDescription": "The AWS account ID of the owner of the accepter VPC.\n\nDefault: Your AWS account ID", + "title": "PeerOwnerId", "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role that is used for target invocation.\n\nIf you're setting an event bus in another account as the target and that account granted permission to your account through an organization instead of directly by the account ID, you must specify a `RoleArn` with proper permissions in the `Target` structure, instead of here in this parameter.", - "title": "RoleArn", + "PeerRegion": { + "markdownDescription": "The Region code for the accepter VPC, if the accepter VPC is located in a Region other than the Region in which you make the request.\n\nDefault: The Region in which you make the request.", + "title": "PeerRegion", "type": "string" }, - "ScheduleExpression": { - "markdownDescription": "The scheduling expression. For example, \"cron(0 20 * * ? *)\", \"rate(5 minutes)\". For more information, see [Creating an Amazon EventBridge rule that runs on a schedule](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-create-rule-schedule.html) .", - "title": "ScheduleExpression", + "PeerRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the VPC peer role for the peering connection in another AWS account.\n\nThis is required when you are peering a VPC in a different AWS account.", + "title": "PeerRoleArn", "type": "string" }, - "State": { - "markdownDescription": "The state of the rule.\n\nValid values include:\n\n- `DISABLED` : The rule is disabled. EventBridge does not match any events against the rule.\n- `ENABLED` : The rule is enabled. EventBridge matches events against the rule, *except* for AWS management events delivered through CloudTrail.\n- `ENABLED_WITH_ALL_CLOUDTRAIL_MANAGEMENT_EVENTS` : The rule is enabled for all events, including AWS management events delivered through CloudTrail.\n\nManagement events provide visibility into management operations that are performed on resources in your AWS account. These are also known as control plane operations. For more information, see [Logging management events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-events-with-cloudtrail.html#logging-management-events) in the *CloudTrail User Guide* , and [Filtering management events from AWS services](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-service-event.html#eb-service-event-cloudtrail) in the **Amazon EventBridge User Guide** .\n\nThis value is only valid for rules on the [default](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-what-is-how-it-works-concepts.html#eb-bus-concepts-buses) event bus or [custom event buses](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-create-event-bus.html) . It does not apply to [partner event buses](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-saas.html) .", - "title": "State", + "PeerVpcId": { + "markdownDescription": "The ID of the VPC with which you are creating the VPC peering connection. You must specify this parameter in the request.", + "title": "PeerVpcId", "type": "string" }, - "Targets": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::Events::Rule.Target" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "Adds the specified targets to the specified rule, or updates the targets if they are already associated with the rule.\n\nTargets are the resources that are invoked when a rule is triggered.\n\nThe maximum number of entries per request is 10.\n\n> Each rule can have up to five (5) targets associated with it at one time. \n\nFor a list of services you can configure as targets for events, see [EventBridge targets](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-targets.html) in the **Amazon EventBridge User Guide** .\n\nCreating rules with built-in targets is supported only in the AWS Management Console . The built-in targets are:\n\n- `Amazon EBS CreateSnapshot API call`\n- `Amazon EC2 RebootInstances API call`\n- `Amazon EC2 StopInstances API call`\n- `Amazon EC2 TerminateInstances API call`\n\nFor some target types, `PutTargets` provides target-specific parameters. If the target is a Kinesis data stream, you can optionally specify which shard the event goes to by using the `KinesisParameters` argument. To invoke a command on multiple EC2 instances with one rule, you can use the `RunCommandParameters` field.\n\nTo be able to make API calls against the resources that you own, Amazon EventBridge needs the appropriate permissions:\n\n- For AWS Lambda and Amazon SNS resources, EventBridge relies on resource-based policies.\n- For EC2 instances, Kinesis Data Streams, AWS Step Functions state machines and API Gateway APIs, EventBridge relies on IAM roles that you specify in the `RoleARN` argument in `PutTargets` .\n\nFor more information, see [Authentication and Access Control](https://docs.aws.amazon.com/eventbridge/latest/userguide/auth-and-access-control-eventbridge.html) in the **Amazon EventBridge User Guide** .\n\nIf another AWS account is in the same region and has granted you permission (using `PutPermission` ), you can send events to that account. Set that account's event bus as a target of the rules in your account. To send the matched events to the other account, specify that account's event bus as the `Arn` value when you run `PutTargets` . If your account sends events to another account, your account is charged for each sent event. Each event sent to another account is charged as a custom event. The account receiving the event is not charged. For more information, see [Amazon EventBridge Pricing](https://docs.aws.amazon.com/eventbridge/pricing/) .\n\n> `Input` , `InputPath` , and `InputTransformer` are not available with `PutTarget` if the target is an event bus of a different AWS account. \n\nIf you are setting the event bus of another account as the target, and that account granted permission to your account through an organization instead of directly by the account ID, then you must specify a `RoleArn` with proper permissions in the `Target` structure. For more information, see [Sending and Receiving Events Between AWS Accounts](https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-cross-account-event-delivery.html) in the *Amazon EventBridge User Guide* .\n\n> If you have an IAM role on a cross-account event bus target, a `PutTargets` call without a role on the same target (same `Id` and `Arn` ) will not remove the role. \n\nFor more information about enabling cross-account events, see [PutPermission](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_PutPermission.html) .\n\n*Input* , *InputPath* , and *InputTransformer* are mutually exclusive and optional parameters of a target. When a rule is triggered due to a matched event:\n\n- If none of the following arguments are specified for a target, then the entire event is passed to the target in JSON format (unless the target is Amazon EC2 Run Command or Amazon ECS task, in which case nothing from the event is passed to the target).\n- If *Input* is specified in the form of valid JSON, then the matched event is overridden with this constant.\n- If *InputPath* is specified in the form of JSONPath (for example, `$.detail` ), then only the part of the event specified in the path is passed to the target (for example, only the detail part of the event is passed).\n- If *InputTransformer* is specified, then one or more specified JSONPaths are extracted from the event and used as values in a template that you specify as the input to the target.\n\nWhen you specify `InputPath` or `InputTransformer` , you must use JSON dot notation, not bracket notation.\n\nWhen you add targets to a rule and the associated rule triggers soon after, new or updated targets might not be immediately invoked. Allow a short period of time for changes to take effect.\n\nThis action can partially fail if too many requests are made at the same time. If that happens, `FailedEntryCount` is non-zero in the response and each entry in `FailedEntries` provides the ID of the failed target and the error code.", - "title": "Targets", + "markdownDescription": "Any tags assigned to the resource.", + "title": "Tags", "type": "array" + }, + "VpcId": { + "markdownDescription": "The ID of the VPC.", + "title": "VpcId", + "type": "string" } }, + "required": [ + "PeerVpcId", + "VpcId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Events::Rule" + "AWS::EC2::VPCPeeringConnection" ], "type": "string" }, @@ -97164,597 +101627,392 @@ } }, "required": [ - "Type" - ], - "type": "object" - }, - "AWS::Events::Rule.AppSyncParameters": { - "additionalProperties": false, - "properties": { - "GraphQLOperation": { - "markdownDescription": "The GraphQL operation; that is, the query, mutation, or subscription to be parsed and executed by the GraphQL service.\n\nFor more information, see [Operations](https://docs.aws.amazon.com/appsync/latest/devguide/graphql-architecture.html#graphql-operations) in the *AWS AppSync User Guide* .", - "title": "GraphQLOperation", - "type": "string" - } - }, - "required": [ - "GraphQLOperation" + "Type", + "Properties" ], "type": "object" }, - "AWS::Events::Rule.AwsVpcConfiguration": { + "AWS::EC2::VPNConnection": { "additionalProperties": false, "properties": { - "AssignPublicIp": { - "markdownDescription": "Specifies whether the task's elastic network interface receives a public IP address. You can specify `ENABLED` only when `LaunchType` in `EcsParameters` is set to `FARGATE` .", - "title": "AssignPublicIp", + "Condition": { "type": "string" }, - "SecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the security groups associated with the task. These security groups must all be in the same VPC. You can specify as many as five security groups. If you do not specify a security group, the default security group for the VPC is used.", - "title": "SecurityGroups", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the subnets associated with the task. These subnets must all be in the same VPC. You can specify as many as 16 subnets.", - "title": "Subnets", - "type": "array" - } - }, - "required": [ - "Subnets" - ], - "type": "object" - }, - "AWS::Events::Rule.BatchArrayProperties": { - "additionalProperties": false, - "properties": { - "Size": { - "markdownDescription": "The size of the array, if this is an array batch job. Valid values are integers between 2 and 10,000.", - "title": "Size", - "type": "number" - } - }, - "type": "object" - }, - "AWS::Events::Rule.BatchParameters": { - "additionalProperties": false, - "properties": { - "ArrayProperties": { - "$ref": "#/definitions/AWS::Events::Rule.BatchArrayProperties", - "markdownDescription": "The array properties for the submitted job, such as the size of the array. The array size can be between 2 and 10,000. If you specify array properties for a job, it becomes an array job. This parameter is used only if the target is an AWS Batch job.", - "title": "ArrayProperties" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "JobDefinition": { - "markdownDescription": "The ARN or name of the job definition to use if the event target is an AWS Batch job. This job definition must already exist.", - "title": "JobDefinition", - "type": "string" + "Metadata": { + "type": "object" }, - "JobName": { - "markdownDescription": "The name to use for this execution of the job, if the target is an AWS Batch job.", - "title": "JobName", + "Properties": { + "additionalProperties": false, + "properties": { + "CustomerGatewayId": { + "markdownDescription": "The ID of the customer gateway at your end of the VPN connection.", + "title": "CustomerGatewayId", + "type": "string" + }, + "EnableAcceleration": { + "markdownDescription": "Indicate whether to enable acceleration for the VPN connection.\n\nDefault: `false`", + "title": "EnableAcceleration", + "type": "boolean" + }, + "LocalIpv4NetworkCidr": { + "markdownDescription": "The IPv4 CIDR on the customer gateway (on-premises) side of the VPN connection.\n\nDefault: `0.0.0.0/0`", + "title": "LocalIpv4NetworkCidr", + "type": "string" + }, + "LocalIpv6NetworkCidr": { + "markdownDescription": "The IPv6 CIDR on the customer gateway (on-premises) side of the VPN connection.\n\nDefault: `::/0`", + "title": "LocalIpv6NetworkCidr", + "type": "string" + }, + "OutsideIpAddressType": { + "markdownDescription": "The type of IP address assigned to the outside interface of the customer gateway device.\n\nValid values: `PrivateIpv4` | `PublicIpv4` | `Ipv6`\n\nDefault: `PublicIpv4`", + "title": "OutsideIpAddressType", + "type": "string" + }, + "RemoteIpv4NetworkCidr": { + "markdownDescription": "The IPv4 CIDR on the AWS side of the VPN connection.\n\nDefault: `0.0.0.0/0`", + "title": "RemoteIpv4NetworkCidr", + "type": "string" + }, + "RemoteIpv6NetworkCidr": { + "markdownDescription": "The IPv6 CIDR on the AWS side of the VPN connection.\n\nDefault: `::/0`", + "title": "RemoteIpv6NetworkCidr", + "type": "string" + }, + "StaticRoutesOnly": { + "markdownDescription": "Indicates whether the VPN connection uses static routes only. Static routes must be used for devices that don't support BGP.\n\nIf you are creating a VPN connection for a device that does not support Border Gateway Protocol (BGP), you must specify `true` .", + "title": "StaticRoutesOnly", + "type": "boolean" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Any tags assigned to the VPN connection.", + "title": "Tags", + "type": "array" + }, + "TransitGatewayId": { + "markdownDescription": "The ID of the transit gateway associated with the VPN connection.\n\nYou must specify either `TransitGatewayId` or `VpnGatewayId` , but not both.", + "title": "TransitGatewayId", + "type": "string" + }, + "TransportTransitGatewayAttachmentId": { + "markdownDescription": "The transit gateway attachment ID to use for the VPN tunnel.\n\nRequired if `OutsideIpAddressType` is set to `PrivateIpv4` .", + "title": "TransportTransitGatewayAttachmentId", + "type": "string" + }, + "TunnelInsideIpVersion": { + "markdownDescription": "Indicate whether the VPN tunnels process IPv4 or IPv6 traffic.\n\nDefault: `ipv4`", + "title": "TunnelInsideIpVersion", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of VPN connection.", + "title": "Type", + "type": "string" + }, + "VpnGatewayId": { + "markdownDescription": "The ID of the virtual private gateway at the AWS side of the VPN connection.\n\nYou must specify either `TransitGatewayId` or `VpnGatewayId` , but not both.", + "title": "VpnGatewayId", + "type": "string" + }, + "VpnTunnelOptionsSpecifications": { + "items": { + "$ref": "#/definitions/AWS::EC2::VPNConnection.VpnTunnelOptionsSpecification" + }, + "markdownDescription": "The tunnel options for the VPN connection.", + "title": "VpnTunnelOptionsSpecifications", + "type": "array" + } + }, + "required": [ + "CustomerGatewayId", + "Type" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::EC2::VPNConnection" + ], "type": "string" }, - "RetryStrategy": { - "$ref": "#/definitions/AWS::Events::Rule.BatchRetryStrategy", - "markdownDescription": "The retry strategy to use for failed jobs, if the target is an AWS Batch job. The retry strategy is the number of times to retry the failed job execution. Valid values are 1\u201310. When you specify a retry strategy here, it overrides the retry strategy defined in the job definition.", - "title": "RetryStrategy" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "JobDefinition", - "JobName" + "Type", + "Properties" ], "type": "object" }, - "AWS::Events::Rule.BatchRetryStrategy": { - "additionalProperties": false, - "properties": { - "Attempts": { - "markdownDescription": "The number of times to attempt to retry, if the job fails. Valid values are 1\u201310.", - "title": "Attempts", - "type": "number" - } - }, - "type": "object" - }, - "AWS::Events::Rule.CapacityProviderStrategyItem": { + "AWS::EC2::VPNConnection.CloudwatchLogOptionsSpecification": { "additionalProperties": false, "properties": { - "Base": { - "markdownDescription": "The base value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined. If no value is specified, the default value of 0 is used.", - "title": "Base", - "type": "number" + "LogEnabled": { + "markdownDescription": "Enable or disable VPN tunnel logging feature. Default value is `False` .\n\nValid values: `True` | `False`", + "title": "LogEnabled", + "type": "boolean" }, - "CapacityProvider": { - "markdownDescription": "The short name of the capacity provider.", - "title": "CapacityProvider", + "LogGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the CloudWatch log group to send logs to.", + "title": "LogGroupArn", "type": "string" }, - "Weight": { - "markdownDescription": "The weight value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The weight value is taken into consideration after the base value, if defined, is satisfied.", - "title": "Weight", - "type": "number" + "LogOutputFormat": { + "markdownDescription": "Set log format. Default format is `json` .\n\nValid values: `json` | `text`", + "title": "LogOutputFormat", + "type": "string" } }, - "required": [ - "CapacityProvider" - ], "type": "object" }, - "AWS::Events::Rule.DeadLetterConfig": { + "AWS::EC2::VPNConnection.IKEVersionsRequestListValue": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The ARN of the SQS queue specified as the target for the dead-letter queue.", - "title": "Arn", + "Value": { + "markdownDescription": "The IKE version.", + "title": "Value", "type": "string" } }, "type": "object" }, - "AWS::Events::Rule.EcsParameters": { + "AWS::EC2::VPNConnection.Phase1DHGroupNumbersRequestListValue": { "additionalProperties": false, "properties": { - "CapacityProviderStrategy": { - "items": { - "$ref": "#/definitions/AWS::Events::Rule.CapacityProviderStrategyItem" - }, - "markdownDescription": "The capacity provider strategy to use for the task.\n\nIf a `capacityProviderStrategy` is specified, the `launchType` parameter must be omitted. If no `capacityProviderStrategy` or launchType is specified, the `defaultCapacityProviderStrategy` for the cluster is used.", - "title": "CapacityProviderStrategy", - "type": "array" - }, - "EnableECSManagedTags": { - "markdownDescription": "Specifies whether to enable Amazon ECS managed tags for the task. For more information, see [Tagging Your Amazon ECS Resources](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-using-tags.html) in the Amazon Elastic Container Service Developer Guide.", - "title": "EnableECSManagedTags", - "type": "boolean" - }, - "EnableExecuteCommand": { - "markdownDescription": "Whether or not to enable the execute command functionality for the containers in this task. If true, this enables execute command functionality on all containers in the task.", - "title": "EnableExecuteCommand", - "type": "boolean" - }, - "Group": { - "markdownDescription": "Specifies an ECS task group for the task. The maximum length is 255 characters.", - "title": "Group", - "type": "string" - }, - "LaunchType": { - "markdownDescription": "Specifies the launch type on which your task is running. The launch type that you specify here must match one of the launch type (compatibilities) of the target task. The `FARGATE` value is supported only in the Regions where AWS Fargate with Amazon ECS is supported. For more information, see [AWS Fargate on Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/AWS-Fargate.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "LaunchType", - "type": "string" - }, - "NetworkConfiguration": { - "$ref": "#/definitions/AWS::Events::Rule.NetworkConfiguration", - "markdownDescription": "Use this structure if the Amazon ECS task uses the `awsvpc` network mode. This structure specifies the VPC subnets and security groups associated with the task, and whether a public IP address is to be used. This structure is required if `LaunchType` is `FARGATE` because the `awsvpc` mode is required for Fargate tasks.\n\nIf you specify `NetworkConfiguration` when the target ECS task does not use the `awsvpc` network mode, the task fails.", - "title": "NetworkConfiguration" - }, - "PlacementConstraints": { - "items": { - "$ref": "#/definitions/AWS::Events::Rule.PlacementConstraint" - }, - "markdownDescription": "An array of placement constraint objects to use for the task. You can specify up to 10 constraints per task (including constraints in the task definition and those specified at runtime).", - "title": "PlacementConstraints", - "type": "array" - }, - "PlacementStrategies": { - "items": { - "$ref": "#/definitions/AWS::Events::Rule.PlacementStrategy" - }, - "markdownDescription": "The placement strategy objects to use for the task. You can specify a maximum of five strategy rules per task.", - "title": "PlacementStrategies", - "type": "array" - }, - "PlatformVersion": { - "markdownDescription": "Specifies the platform version for the task. Specify only the numeric portion of the platform version, such as `1.1.0` .\n\nThis structure is used only if `LaunchType` is `FARGATE` . For more information about valid platform versions, see [AWS Fargate Platform Versions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "PlatformVersion", - "type": "string" - }, - "PropagateTags": { - "markdownDescription": "Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags are not propagated. Tags can only be propagated to the task during task creation. To add tags to a task after task creation, use the TagResource API action.", - "title": "PropagateTags", - "type": "string" - }, - "ReferenceId": { - "markdownDescription": "The reference ID to use for the task.", - "title": "ReferenceId", - "type": "string" - }, - "TagList": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The metadata that you apply to the task to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define. To learn more, see [RunTask](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RunTask.html#ECS-RunTask-request-tags) in the Amazon ECS API Reference.", - "title": "TagList", - "type": "array" - }, - "TaskCount": { - "markdownDescription": "The number of tasks to create based on `TaskDefinition` . The default is 1.", - "title": "TaskCount", + "Value": { + "markdownDescription": "The Diffie-Hellmann group number.", + "title": "Value", "type": "number" - }, - "TaskDefinitionArn": { - "markdownDescription": "The ARN of the task definition to use if the event target is an Amazon ECS task.", - "title": "TaskDefinitionArn", - "type": "string" } }, - "required": [ - "TaskDefinitionArn" - ], "type": "object" }, - "AWS::Events::Rule.HttpParameters": { + "AWS::EC2::VPNConnection.Phase1EncryptionAlgorithmsRequestListValue": { "additionalProperties": false, "properties": { - "HeaderParameters": { - "additionalProperties": true, - "markdownDescription": "The headers that need to be sent as part of request invoking the API Gateway API or EventBridge ApiDestination.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "HeaderParameters", - "type": "object" - }, - "PathParameterValues": { - "items": { - "type": "string" - }, - "markdownDescription": "The path parameter values to be used to populate API Gateway API or EventBridge ApiDestination path wildcards (\"*\").", - "title": "PathParameterValues", - "type": "array" - }, - "QueryStringParameters": { - "additionalProperties": true, - "markdownDescription": "The query string keys/values that need to be sent as part of request invoking the API Gateway API or EventBridge ApiDestination.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "QueryStringParameters", - "type": "object" + "Value": { + "markdownDescription": "The value for the encryption algorithm.", + "title": "Value", + "type": "string" } }, "type": "object" }, - "AWS::Events::Rule.InputTransformer": { + "AWS::EC2::VPNConnection.Phase1IntegrityAlgorithmsRequestListValue": { "additionalProperties": false, "properties": { - "InputPathsMap": { - "additionalProperties": true, - "markdownDescription": "Map of JSON paths to be extracted from the event. You can then insert these in the template in `InputTemplate` to produce the output you want to be sent to the target.\n\n`InputPathsMap` is an array key-value pairs, where each value is a valid JSON path. You can have as many as 100 key-value pairs. You must use JSON dot notation, not bracket notation.\n\nThe keys cannot start with \" AWS .\"", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "InputPathsMap", - "type": "object" - }, - "InputTemplate": { - "markdownDescription": "Input template where you specify placeholders that will be filled with the values of the keys from `InputPathsMap` to customize the data sent to the target. Enclose each `InputPathsMaps` value in brackets: < *value* >\n\nIf `InputTemplate` is a JSON object (surrounded by curly braces), the following restrictions apply:\n\n- The placeholder cannot be used as an object key.\n\nThe following example shows the syntax for using `InputPathsMap` and `InputTemplate` .\n\n`\"InputTransformer\":`\n\n`{`\n\n`\"InputPathsMap\": {\"instance\": \"$.detail.instance\",\"status\": \"$.detail.status\"},`\n\n`\"InputTemplate\": \" is in state \"`\n\n`}`\n\nTo have the `InputTemplate` include quote marks within a JSON string, escape each quote marks with a slash, as in the following example:\n\n`\"InputTransformer\":`\n\n`{`\n\n`\"InputPathsMap\": {\"instance\": \"$.detail.instance\",\"status\": \"$.detail.status\"},`\n\n`\"InputTemplate\": \" is in state \\\"\\\"\"`\n\n`}`\n\nThe `InputTemplate` can also be valid JSON with varibles in quotes or out, as in the following example:\n\n`\"InputTransformer\":`\n\n`{`\n\n`\"InputPathsMap\": {\"instance\": \"$.detail.instance\",\"status\": \"$.detail.status\"},`\n\n`\"InputTemplate\": '{\"myInstance\": ,\"myStatus\": \" is in state \\\"\\\"\"}'`\n\n`}`", - "title": "InputTemplate", + "Value": { + "markdownDescription": "The value for the integrity algorithm.", + "title": "Value", "type": "string" } }, - "required": [ - "InputTemplate" - ], "type": "object" }, - "AWS::Events::Rule.KinesisParameters": { + "AWS::EC2::VPNConnection.Phase2DHGroupNumbersRequestListValue": { "additionalProperties": false, "properties": { - "PartitionKeyPath": { - "markdownDescription": "The JSON path to be extracted from the event and used as the partition key. For more information, see [Amazon Kinesis Streams Key Concepts](https://docs.aws.amazon.com/streams/latest/dev/key-concepts.html#partition-key) in the *Amazon Kinesis Streams Developer Guide* .", - "title": "PartitionKeyPath", - "type": "string" + "Value": { + "markdownDescription": "The Diffie-Hellmann group number.", + "title": "Value", + "type": "number" } }, - "required": [ - "PartitionKeyPath" - ], "type": "object" }, - "AWS::Events::Rule.NetworkConfiguration": { + "AWS::EC2::VPNConnection.Phase2EncryptionAlgorithmsRequestListValue": { "additionalProperties": false, "properties": { - "AwsVpcConfiguration": { - "$ref": "#/definitions/AWS::Events::Rule.AwsVpcConfiguration", - "markdownDescription": "Use this structure to specify the VPC subnets and security groups for the task, and whether a public IP address is to be used. This structure is relevant only for ECS tasks that use the `awsvpc` network mode.", - "title": "AwsVpcConfiguration" + "Value": { + "markdownDescription": "The encryption algorithm.", + "title": "Value", + "type": "string" } }, "type": "object" }, - "AWS::Events::Rule.PlacementConstraint": { + "AWS::EC2::VPNConnection.Phase2IntegrityAlgorithmsRequestListValue": { "additionalProperties": false, "properties": { - "Expression": { - "markdownDescription": "A cluster query language expression to apply to the constraint. You cannot specify an expression if the constraint type is `distinctInstance` . To learn more, see [Cluster Query Language](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html) in the Amazon Elastic Container Service Developer Guide.", - "title": "Expression", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of constraint. Use distinctInstance to ensure that each task in a particular group is running on a different container instance. Use memberOf to restrict the selection to a group of valid candidates.", - "title": "Type", + "Value": { + "markdownDescription": "The integrity algorithm.", + "title": "Value", "type": "string" } }, "type": "object" }, - "AWS::Events::Rule.PlacementStrategy": { + "AWS::EC2::VPNConnection.VpnTunnelLogOptionsSpecification": { "additionalProperties": false, "properties": { - "Field": { - "markdownDescription": "The field to apply the placement strategy against. For the spread placement strategy, valid values are instanceId (or host, which has the same effect), or any platform or custom attribute that is applied to a container instance, such as attribute:ecs.availability-zone. For the binpack placement strategy, valid values are cpu and memory. For the random placement strategy, this field is not used.", - "title": "Field", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of placement strategy. The random placement strategy randomly places tasks on available candidates. The spread placement strategy spreads placement across available candidates evenly based on the field parameter. The binpack strategy places tasks on available candidates that have the least available amount of the resource that is specified with the field parameter. For example, if you binpack on memory, a task is placed on the instance with the least amount of remaining memory (but still enough to run the task).", - "title": "Type", - "type": "string" + "CloudwatchLogOptions": { + "$ref": "#/definitions/AWS::EC2::VPNConnection.CloudwatchLogOptionsSpecification", + "markdownDescription": "Options for sending VPN tunnel logs to CloudWatch.", + "title": "CloudwatchLogOptions" } }, "type": "object" }, - "AWS::Events::Rule.RedshiftDataParameters": { + "AWS::EC2::VPNConnection.VpnTunnelOptionsSpecification": { "additionalProperties": false, "properties": { - "Database": { - "markdownDescription": "The name of the database. Required when authenticating using temporary credentials.", - "title": "Database", - "type": "string" - }, - "DbUser": { - "markdownDescription": "The database user name. Required when authenticating using temporary credentials.", - "title": "DbUser", + "DPDTimeoutAction": { + "markdownDescription": "The action to take after DPD timeout occurs. Specify `restart` to restart the IKE initiation. Specify `clear` to end the IKE session.\n\nValid Values: `clear` | `none` | `restart`\n\nDefault: `clear`", + "title": "DPDTimeoutAction", "type": "string" }, - "SecretManagerArn": { - "markdownDescription": "The name or ARN of the secret that enables access to the database. Required when authenticating using AWS Secrets Manager.", - "title": "SecretManagerArn", - "type": "string" + "DPDTimeoutSeconds": { + "markdownDescription": "The number of seconds after which a DPD timeout occurs.\n\nConstraints: A value greater than or equal to 30.\n\nDefault: `30`", + "title": "DPDTimeoutSeconds", + "type": "number" }, - "Sql": { - "markdownDescription": "The SQL statement text to run.", - "title": "Sql", - "type": "string" + "EnableTunnelLifecycleControl": { + "markdownDescription": "Turn on or off tunnel endpoint lifecycle control feature.", + "title": "EnableTunnelLifecycleControl", + "type": "boolean" }, - "Sqls": { + "IKEVersions": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EC2::VPNConnection.IKEVersionsRequestListValue" }, - "markdownDescription": "One or more SQL statements to run. The SQL statements are run as a single transaction. They run serially in the order of the array. Subsequent SQL statements don't start until the previous statement in the array completes. If any SQL statement fails, then because they are run as one transaction, all work is rolled back.", - "title": "Sqls", + "markdownDescription": "The IKE versions that are permitted for the VPN tunnel.\n\nValid values: `ikev1` | `ikev2`", + "title": "IKEVersions", "type": "array" }, - "StatementName": { - "markdownDescription": "The name of the SQL statement. You can name the SQL statement when you create it to identify the query.", - "title": "StatementName", - "type": "string" - }, - "WithEvent": { - "markdownDescription": "Indicates whether to send an event back to EventBridge after the SQL statement runs.", - "title": "WithEvent", - "type": "boolean" - } - }, - "required": [ - "Database" - ], - "type": "object" - }, - "AWS::Events::Rule.RetryPolicy": { - "additionalProperties": false, - "properties": { - "MaximumEventAgeInSeconds": { - "markdownDescription": "The maximum amount of time, in seconds, to continue to make retry attempts.", - "title": "MaximumEventAgeInSeconds", - "type": "number" + "LogOptions": { + "$ref": "#/definitions/AWS::EC2::VPNConnection.VpnTunnelLogOptionsSpecification", + "markdownDescription": "Options for logging VPN tunnel activity.", + "title": "LogOptions" }, - "MaximumRetryAttempts": { - "markdownDescription": "The maximum number of retry attempts to make before the request fails. Retry attempts continue until either the maximum number of attempts is made or until the duration of the `MaximumEventAgeInSeconds` is met.", - "title": "MaximumRetryAttempts", - "type": "number" - } - }, - "type": "object" - }, - "AWS::Events::Rule.RunCommandParameters": { - "additionalProperties": false, - "properties": { - "RunCommandTargets": { + "Phase1DHGroupNumbers": { "items": { - "$ref": "#/definitions/AWS::Events::Rule.RunCommandTarget" + "$ref": "#/definitions/AWS::EC2::VPNConnection.Phase1DHGroupNumbersRequestListValue" }, - "markdownDescription": "Currently, we support including only one RunCommandTarget block, which specifies either an array of InstanceIds or a tag.", - "title": "RunCommandTargets", + "markdownDescription": "One or more Diffie-Hellman group numbers that are permitted for the VPN tunnel for phase 1 IKE negotiations.\n\nValid values: `2` | `14` | `15` | `16` | `17` | `18` | `19` | `20` | `21` | `22` | `23` | `24`", + "title": "Phase1DHGroupNumbers", "type": "array" - } - }, - "required": [ - "RunCommandTargets" - ], - "type": "object" - }, - "AWS::Events::Rule.RunCommandTarget": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "Can be either `tag:` *tag-key* or `InstanceIds` .", - "title": "Key", - "type": "string" }, - "Values": { + "Phase1EncryptionAlgorithms": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EC2::VPNConnection.Phase1EncryptionAlgorithmsRequestListValue" }, - "markdownDescription": "If `Key` is `tag:` *tag-key* , `Values` is a list of tag values. If `Key` is `InstanceIds` , `Values` is a list of Amazon EC2 instance IDs.", - "title": "Values", + "markdownDescription": "One or more encryption algorithms that are permitted for the VPN tunnel for phase 1 IKE negotiations.\n\nValid values: `AES128` | `AES256` | `AES128-GCM-16` | `AES256-GCM-16`", + "title": "Phase1EncryptionAlgorithms", "type": "array" - } - }, - "required": [ - "Key", - "Values" - ], - "type": "object" - }, - "AWS::Events::Rule.SageMakerPipelineParameter": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "Name of parameter to start execution of a SageMaker AI Model Building Pipeline.", - "title": "Name", - "type": "string" }, - "Value": { - "markdownDescription": "Value of parameter to start execution of a SageMaker AI Model Building Pipeline.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Name", - "Value" - ], - "type": "object" - }, - "AWS::Events::Rule.SageMakerPipelineParameters": { - "additionalProperties": false, - "properties": { - "PipelineParameterList": { + "Phase1IntegrityAlgorithms": { "items": { - "$ref": "#/definitions/AWS::Events::Rule.SageMakerPipelineParameter" + "$ref": "#/definitions/AWS::EC2::VPNConnection.Phase1IntegrityAlgorithmsRequestListValue" }, - "markdownDescription": "List of Parameter names and values for SageMaker AI Model Building Pipeline execution.", - "title": "PipelineParameterList", + "markdownDescription": "One or more integrity algorithms that are permitted for the VPN tunnel for phase 1 IKE negotiations.\n\nValid values: `SHA1` | `SHA2-256` | `SHA2-384` | `SHA2-512`", + "title": "Phase1IntegrityAlgorithms", "type": "array" - } - }, - "type": "object" - }, - "AWS::Events::Rule.SqsParameters": { - "additionalProperties": false, - "properties": { - "MessageGroupId": { - "markdownDescription": "The FIFO message group ID to use as the target.", - "title": "MessageGroupId", - "type": "string" - } - }, - "required": [ - "MessageGroupId" - ], - "type": "object" - }, - "AWS::Events::Rule.Target": { - "additionalProperties": false, - "properties": { - "AppSyncParameters": { - "$ref": "#/definitions/AWS::Events::Rule.AppSyncParameters", - "markdownDescription": "Contains the GraphQL operation to be parsed and executed, if the event target is an AWS AppSync API.", - "title": "AppSyncParameters" - }, - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the target.", - "title": "Arn", - "type": "string" - }, - "BatchParameters": { - "$ref": "#/definitions/AWS::Events::Rule.BatchParameters", - "markdownDescription": "If the event target is an AWS Batch job, this contains the job definition, job name, and other parameters. For more information, see [Jobs](https://docs.aws.amazon.com/batch/latest/userguide/jobs.html) in the *AWS Batch User Guide* .", - "title": "BatchParameters" }, - "DeadLetterConfig": { - "$ref": "#/definitions/AWS::Events::Rule.DeadLetterConfig", - "markdownDescription": "The `DeadLetterConfig` that defines the target queue to send dead-letter queue events to.", - "title": "DeadLetterConfig" + "Phase1LifetimeSeconds": { + "markdownDescription": "The lifetime for phase 1 of the IKE negotiation, in seconds.\n\nConstraints: A value between 900 and 28,800.\n\nDefault: `28800`", + "title": "Phase1LifetimeSeconds", + "type": "number" }, - "EcsParameters": { - "$ref": "#/definitions/AWS::Events::Rule.EcsParameters", - "markdownDescription": "Contains the Amazon ECS task definition and task count to be used, if the event target is an Amazon ECS task. For more information about Amazon ECS tasks, see [Task Definitions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_defintions.html) in the *Amazon EC2 Container Service Developer Guide* .", - "title": "EcsParameters" + "Phase2DHGroupNumbers": { + "items": { + "$ref": "#/definitions/AWS::EC2::VPNConnection.Phase2DHGroupNumbersRequestListValue" + }, + "markdownDescription": "One or more Diffie-Hellman group numbers that are permitted for the VPN tunnel for phase 2 IKE negotiations.\n\nValid values: `2` | `5` | `14` | `15` | `16` | `17` | `18` | `19` | `20` | `21` | `22` | `23` | `24`", + "title": "Phase2DHGroupNumbers", + "type": "array" }, - "HttpParameters": { - "$ref": "#/definitions/AWS::Events::Rule.HttpParameters", - "markdownDescription": "Contains the HTTP parameters to use when the target is a API Gateway endpoint or EventBridge ApiDestination.\n\nIf you specify an API Gateway API or EventBridge ApiDestination as a target, you can use this parameter to specify headers, path parameters, and query string keys/values as part of your target invoking request. If you're using ApiDestinations, the corresponding Connection can also have these values configured. In case of any conflicting keys, values from the Connection take precedence.", - "title": "HttpParameters" + "Phase2EncryptionAlgorithms": { + "items": { + "$ref": "#/definitions/AWS::EC2::VPNConnection.Phase2EncryptionAlgorithmsRequestListValue" + }, + "markdownDescription": "One or more encryption algorithms that are permitted for the VPN tunnel for phase 2 IKE negotiations.\n\nValid values: `AES128` | `AES256` | `AES128-GCM-16` | `AES256-GCM-16`", + "title": "Phase2EncryptionAlgorithms", + "type": "array" }, - "Id": { - "markdownDescription": "The ID of the target within the specified rule. Use this ID to reference the target when updating the rule. We recommend using a memorable and unique string.", - "title": "Id", - "type": "string" + "Phase2IntegrityAlgorithms": { + "items": { + "$ref": "#/definitions/AWS::EC2::VPNConnection.Phase2IntegrityAlgorithmsRequestListValue" + }, + "markdownDescription": "One or more integrity algorithms that are permitted for the VPN tunnel for phase 2 IKE negotiations.\n\nValid values: `SHA1` | `SHA2-256` | `SHA2-384` | `SHA2-512`", + "title": "Phase2IntegrityAlgorithms", + "type": "array" }, - "Input": { - "markdownDescription": "Valid JSON text passed to the target. In this case, nothing from the event itself is passed to the target. For more information, see [The JavaScript Object Notation (JSON) Data Interchange Format](https://docs.aws.amazon.com/http://www.rfc-editor.org/rfc/rfc7159.txt) .", - "title": "Input", - "type": "string" + "Phase2LifetimeSeconds": { + "markdownDescription": "The lifetime for phase 2 of the IKE negotiation, in seconds.\n\nConstraints: A value between 900 and 3,600. The value must be less than the value for `Phase1LifetimeSeconds` .\n\nDefault: `3600`", + "title": "Phase2LifetimeSeconds", + "type": "number" }, - "InputPath": { - "markdownDescription": "The value of the JSONPath that is used for extracting part of the matched event when passing it to the target. You may use JSON dot notation or bracket notation. For more information about JSON paths, see [JSONPath](https://docs.aws.amazon.com/http://goessner.net/articles/JsonPath/) .", - "title": "InputPath", + "PreSharedKey": { + "markdownDescription": "The pre-shared key (PSK) to establish initial authentication between the virtual private gateway and customer gateway.\n\nConstraints: Allowed characters are alphanumeric characters, periods (.), and underscores (_). Must be between 8 and 64 characters in length and cannot start with zero (0).", + "title": "PreSharedKey", "type": "string" }, - "InputTransformer": { - "$ref": "#/definitions/AWS::Events::Rule.InputTransformer", - "markdownDescription": "Settings to enable you to provide custom input to a target based on certain event data. You can extract one or more key-value pairs from the event and then use that data to send customized input to the target.", - "title": "InputTransformer" - }, - "KinesisParameters": { - "$ref": "#/definitions/AWS::Events::Rule.KinesisParameters", - "markdownDescription": "The custom parameter you can use to control the shard assignment, when the target is a Kinesis data stream. If you do not include this parameter, the default is to use the `eventId` as the partition key.", - "title": "KinesisParameters" + "RekeyFuzzPercentage": { + "markdownDescription": "The percentage of the rekey window (determined by `RekeyMarginTimeSeconds` ) during which the rekey time is randomly selected.\n\nConstraints: A value between 0 and 100.\n\nDefault: `100`", + "title": "RekeyFuzzPercentage", + "type": "number" }, - "RedshiftDataParameters": { - "$ref": "#/definitions/AWS::Events::Rule.RedshiftDataParameters", - "markdownDescription": "Contains the Amazon Redshift Data API parameters to use when the target is a Amazon Redshift cluster.\n\nIf you specify a Amazon Redshift Cluster as a Target, you can use this to specify parameters to invoke the Amazon Redshift Data API ExecuteStatement based on EventBridge events.", - "title": "RedshiftDataParameters" + "RekeyMarginTimeSeconds": { + "markdownDescription": "The margin time, in seconds, before the phase 2 lifetime expires, during which the AWS side of the VPN connection performs an IKE rekey. The exact time of the rekey is randomly selected based on the value for `RekeyFuzzPercentage` .\n\nConstraints: A value between 60 and half of `Phase2LifetimeSeconds` .\n\nDefault: `270`", + "title": "RekeyMarginTimeSeconds", + "type": "number" }, - "RetryPolicy": { - "$ref": "#/definitions/AWS::Events::Rule.RetryPolicy", - "markdownDescription": "The retry policy configuration to use for the dead-letter queue.", - "title": "RetryPolicy" + "ReplayWindowSize": { + "markdownDescription": "The number of packets in an IKE replay window.\n\nConstraints: A value between 64 and 2048.\n\nDefault: `1024`", + "title": "ReplayWindowSize", + "type": "number" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to be used for this target when the rule is triggered. If one rule triggers multiple targets, you can use a different IAM role for each target.", - "title": "RoleArn", + "StartupAction": { + "markdownDescription": "The action to take when the establishing the tunnel for the VPN connection. By default, your customer gateway device must initiate the IKE negotiation and bring up the tunnel. Specify `start` for AWS to initiate the IKE negotiation.\n\nValid Values: `add` | `start`\n\nDefault: `add`", + "title": "StartupAction", "type": "string" }, - "RunCommandParameters": { - "$ref": "#/definitions/AWS::Events::Rule.RunCommandParameters", - "markdownDescription": "Parameters used when you are using the rule to invoke Amazon EC2 Run Command.", - "title": "RunCommandParameters" - }, - "SageMakerPipelineParameters": { - "$ref": "#/definitions/AWS::Events::Rule.SageMakerPipelineParameters", - "markdownDescription": "Contains the SageMaker AI Model Building Pipeline parameters to start execution of a SageMaker AI Model Building Pipeline.\n\nIf you specify a SageMaker AI Model Building Pipeline as a target, you can use this to specify parameters to start a pipeline execution based on EventBridge events.", - "title": "SageMakerPipelineParameters" + "TunnelInsideCidr": { + "markdownDescription": "The range of inside IP addresses for the tunnel. Any specified CIDR blocks must be unique across all VPN connections that use the same virtual private gateway.\n\nConstraints: A size /30 CIDR block from the `169.254.0.0/16` range. The following CIDR blocks are reserved and cannot be used:\n\n- `169.254.0.0/30`\n- `169.254.1.0/30`\n- `169.254.2.0/30`\n- `169.254.3.0/30`\n- `169.254.4.0/30`\n- `169.254.5.0/30`\n- `169.254.169.252/30`", + "title": "TunnelInsideCidr", + "type": "string" }, - "SqsParameters": { - "$ref": "#/definitions/AWS::Events::Rule.SqsParameters", - "markdownDescription": "Contains the message group ID to use when the target is a FIFO queue.\n\nIf you specify an SQS FIFO queue as a target, the queue must have content-based deduplication enabled.", - "title": "SqsParameters" + "TunnelInsideIpv6Cidr": { + "markdownDescription": "The range of inside IPv6 addresses for the tunnel. Any specified CIDR blocks must be unique across all VPN connections that use the same transit gateway.\n\nConstraints: A size /126 CIDR block from the local `fd00::/8` range.", + "title": "TunnelInsideIpv6Cidr", + "type": "string" } }, - "required": [ - "Arn", - "Id" - ], "type": "object" }, - "AWS::Evidently::Experiment": { + "AWS::EC2::VPNConnectionRoute": { "additionalProperties": false, "properties": { "Condition": { @@ -97789,88 +102047,26 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "An optional description of the experiment.", - "title": "Description", - "type": "string" - }, - "MetricGoals": { - "items": { - "$ref": "#/definitions/AWS::Evidently::Experiment.MetricGoalObject" - }, - "markdownDescription": "An array of structures that defines the metrics used for the experiment, and whether a higher or lower value for each metric is the goal. You can use up to three metrics in an experiment.", - "title": "MetricGoals", - "type": "array" - }, - "Name": { - "markdownDescription": "A name for the new experiment.", - "title": "Name", - "type": "string" - }, - "OnlineAbConfig": { - "$ref": "#/definitions/AWS::Evidently::Experiment.OnlineAbConfigObject", - "markdownDescription": "A structure that contains the configuration of which variation to use as the \"control\" version. The \"control\" version is used for comparison with other variations. This structure also specifies how much experiment traffic is allocated to each variation.", - "title": "OnlineAbConfig" - }, - "Project": { - "markdownDescription": "The name or the ARN of the project where this experiment is to be created.", - "title": "Project", - "type": "string" - }, - "RandomizationSalt": { - "markdownDescription": "When Evidently assigns a particular user session to an experiment, it must use a randomization ID to determine which variation the user session is served. This randomization ID is a combination of the entity ID and `randomizationSalt` . If you omit `randomizationSalt` , Evidently uses the experiment name as the `randomizationSalt` .", - "title": "RandomizationSalt", + "DestinationCidrBlock": { + "markdownDescription": "The CIDR block associated with the local subnet of the customer network.", + "title": "DestinationCidrBlock", "type": "string" }, - "RemoveSegment": { - "markdownDescription": "Set this to `true` to remove the segment that is associated with this experiment. You can't use this parameter if the experiment is currently running.", - "title": "RemoveSegment", - "type": "boolean" - }, - "RunningStatus": { - "$ref": "#/definitions/AWS::Evidently::Experiment.RunningStatusObject", - "markdownDescription": "A structure that you can use to start and stop the experiment.", - "title": "RunningStatus" - }, - "SamplingRate": { - "markdownDescription": "The portion of the available audience that you want to allocate to this experiment, in thousandths of a percent. The available audience is the total audience minus the audience that you have allocated to overrides or current launches of this feature.\n\nThis is represented in thousandths of a percent. For example, specify 10,000 to allocate 10% of the available audience.", - "title": "SamplingRate", - "type": "number" - }, - "Segment": { - "markdownDescription": "Specifies an audience *segment* to use in the experiment. When a segment is used in an experiment, only user sessions that match the segment pattern are used in the experiment.\n\nFor more information, see [Segment rule pattern syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Evidently-segments.html#CloudWatch-Evidently-segments-syntax) .", - "title": "Segment", + "VpnConnectionId": { + "markdownDescription": "The ID of the VPN connection.", + "title": "VpnConnectionId", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Assigns one or more tags (key-value pairs) to the experiment.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with an experiment.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .", - "title": "Tags", - "type": "array" - }, - "Treatments": { - "items": { - "$ref": "#/definitions/AWS::Evidently::Experiment.TreatmentObject" - }, - "markdownDescription": "An array of structures that describe the configuration of each feature variation used in the experiment.", - "title": "Treatments", - "type": "array" } }, "required": [ - "MetricGoals", - "Name", - "OnlineAbConfig", - "Project", - "Treatments" + "DestinationCidrBlock", + "VpnConnectionId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Evidently::Experiment" + "AWS::EC2::VPNConnectionRoute" ], "type": "string" }, @@ -97889,148 +102085,7 @@ ], "type": "object" }, - "AWS::Evidently::Experiment.MetricGoalObject": { - "additionalProperties": false, - "properties": { - "DesiredChange": { - "markdownDescription": "`INCREASE` means that a variation with a higher number for this metric is performing better.\n\n`DECREASE` means that a variation with a lower number for this metric is performing better.", - "title": "DesiredChange", - "type": "string" - }, - "EntityIdKey": { - "markdownDescription": "The entity, such as a user or session, that does an action that causes a metric value to be recorded. An example is `userDetails.userID` .", - "title": "EntityIdKey", - "type": "string" - }, - "EventPattern": { - "markdownDescription": "The EventBridge event pattern that defines how the metric is recorded.\n\nFor more information about EventBridge event patterns, see [Amazon EventBridge event patterns](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-event-patterns.html) .", - "title": "EventPattern", - "type": "string" - }, - "MetricName": { - "markdownDescription": "A name for the metric. It can include up to 255 characters.", - "title": "MetricName", - "type": "string" - }, - "UnitLabel": { - "markdownDescription": "A label for the units that the metric is measuring.", - "title": "UnitLabel", - "type": "string" - }, - "ValueKey": { - "markdownDescription": "The JSON path to reference the numerical metric value in the event.", - "title": "ValueKey", - "type": "string" - } - }, - "required": [ - "DesiredChange", - "EntityIdKey", - "MetricName", - "ValueKey" - ], - "type": "object" - }, - "AWS::Evidently::Experiment.OnlineAbConfigObject": { - "additionalProperties": false, - "properties": { - "ControlTreatmentName": { - "markdownDescription": "The name of the variation that is to be the default variation that the other variations are compared to.", - "title": "ControlTreatmentName", - "type": "string" - }, - "TreatmentWeights": { - "items": { - "$ref": "#/definitions/AWS::Evidently::Experiment.TreatmentToWeight" - }, - "markdownDescription": "A set of key-value pairs. The keys are treatment names, and the values are the portion of experiment traffic to be assigned to that treatment. Specify the traffic portion in thousandths of a percent, so 20,000 for a variation would allocate 20% of the experiment traffic to that variation.", - "title": "TreatmentWeights", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Evidently::Experiment.RunningStatusObject": { - "additionalProperties": false, - "properties": { - "AnalysisCompleteTime": { - "markdownDescription": "If you are using AWS CloudFormation to start the experiment, use this field to specify when the experiment is to end. The format is as a UNIX timestamp. For more information about this format, see [The Current Epoch Unix Timestamp](https://docs.aws.amazon.com/https://www.unixtimestamp.com/index.php) .", - "title": "AnalysisCompleteTime", - "type": "string" - }, - "DesiredState": { - "markdownDescription": "If you are using AWS CloudFormation to stop this experiment, specify either `COMPLETED` or `CANCELLED` here to indicate how to classify this experiment.", - "title": "DesiredState", - "type": "string" - }, - "Reason": { - "markdownDescription": "If you are using AWS CloudFormation to stop this experiment, this is an optional field that you can use to record why the experiment is being stopped or cancelled.", - "title": "Reason", - "type": "string" - }, - "Status": { - "markdownDescription": "To start the experiment now, specify `START` for this parameter. If this experiment is currently running and you want to stop it now, specify `STOP` .", - "title": "Status", - "type": "string" - } - }, - "required": [ - "Status" - ], - "type": "object" - }, - "AWS::Evidently::Experiment.TreatmentObject": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The description of the treatment.", - "title": "Description", - "type": "string" - }, - "Feature": { - "markdownDescription": "The name of the feature for this experiment.", - "title": "Feature", - "type": "string" - }, - "TreatmentName": { - "markdownDescription": "A name for this treatment. It can include up to 127 characters.", - "title": "TreatmentName", - "type": "string" - }, - "Variation": { - "markdownDescription": "The name of the variation to use for this treatment.", - "title": "Variation", - "type": "string" - } - }, - "required": [ - "Feature", - "TreatmentName", - "Variation" - ], - "type": "object" - }, - "AWS::Evidently::Experiment.TreatmentToWeight": { - "additionalProperties": false, - "properties": { - "SplitWeight": { - "markdownDescription": "The portion of experiment traffic to allocate to this treatment. Specify the traffic portion in thousandths of a percent, so 20,000 allocated to a treatment would allocate 20% of the experiment traffic to that treatment.", - "title": "SplitWeight", - "type": "number" - }, - "Treatment": { - "markdownDescription": "The name of the treatment.", - "title": "Treatment", - "type": "string" - } - }, - "required": [ - "SplitWeight", - "Treatment" - ], - "type": "object" - }, - "AWS::Evidently::Feature": { + "AWS::EC2::VPNGateway": { "additionalProperties": false, "properties": { "Condition": { @@ -98065,66 +102120,33 @@ "Properties": { "additionalProperties": false, "properties": { - "DefaultVariation": { - "markdownDescription": "The name of the variation to use as the default variation. The default variation is served to users who are not allocated to any ongoing launches or experiments of this feature.\n\nThis variation must also be listed in the `Variations` structure.\n\nIf you omit `DefaultVariation` , the first variation listed in the `Variations` structure is used as the default variation.", - "title": "DefaultVariation", - "type": "string" - }, - "Description": { - "markdownDescription": "An optional description of the feature.", - "title": "Description", - "type": "string" - }, - "EntityOverrides": { - "items": { - "$ref": "#/definitions/AWS::Evidently::Feature.EntityOverride" - }, - "markdownDescription": "Specify users that should always be served a specific variation of a feature. Each user is specified by a key-value pair . For each key, specify a user by entering their user ID, account ID, or some other identifier. For the value, specify the name of the variation that they are to be served.", - "title": "EntityOverrides", - "type": "array" - }, - "EvaluationStrategy": { - "markdownDescription": "Specify `ALL_RULES` to activate the traffic allocation specified by any ongoing launches or experiments. Specify `DEFAULT_VARIATION` to serve the default variation to all users instead.", - "title": "EvaluationStrategy", - "type": "string" - }, - "Name": { - "markdownDescription": "The name for the feature. It can include up to 127 characters.", - "title": "Name", - "type": "string" - }, - "Project": { - "markdownDescription": "The name or ARN of the project that is to contain the new feature.", - "title": "Project", - "type": "string" + "AmazonSideAsn": { + "markdownDescription": "The private Autonomous System Number (ASN) for the Amazon side of a BGP session.", + "title": "AmazonSideAsn", + "type": "number" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Assigns one or more tags (key-value pairs) to the feature.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with a feature.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .", + "markdownDescription": "Any tags assigned to the virtual private gateway.", "title": "Tags", "type": "array" }, - "Variations": { - "items": { - "$ref": "#/definitions/AWS::Evidently::Feature.VariationObject" - }, - "markdownDescription": "An array of structures that contain the configuration of the feature's different variations.\n\nEach `VariationObject` in the `Variations` array for a feature must have the same type of value ( `BooleanValue` , `DoubleValue` , `LongValue` or `StringValue` ).", - "title": "Variations", - "type": "array" + "Type": { + "markdownDescription": "The type of VPN connection the virtual private gateway supports.", + "title": "Type", + "type": "string" } }, "required": [ - "Name", - "Project", - "Variations" + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::Evidently::Feature" + "AWS::EC2::VPNGateway" ], "type": "string" }, @@ -98143,57 +102165,7 @@ ], "type": "object" }, - "AWS::Evidently::Feature.EntityOverride": { - "additionalProperties": false, - "properties": { - "EntityId": { - "markdownDescription": "The entity ID to be served the variation specified in `Variation` .", - "title": "EntityId", - "type": "string" - }, - "Variation": { - "markdownDescription": "The name of the variation to serve to the user session that matches the `EntityId` .", - "title": "Variation", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Evidently::Feature.VariationObject": { - "additionalProperties": false, - "properties": { - "BooleanValue": { - "markdownDescription": "The value assigned to this variation, if the variation type is boolean.", - "title": "BooleanValue", - "type": "boolean" - }, - "DoubleValue": { - "markdownDescription": "The value assigned to this variation, if the variation type is a double.", - "title": "DoubleValue", - "type": "number" - }, - "LongValue": { - "markdownDescription": "The value assigned to this variation, if the variation type is a long.", - "title": "LongValue", - "type": "number" - }, - "StringValue": { - "markdownDescription": "The value assigned to this variation, if the variation type is a string.", - "title": "StringValue", - "type": "string" - }, - "VariationName": { - "markdownDescription": "A name for the variation. It can include up to 127 characters.", - "title": "VariationName", - "type": "string" - } - }, - "required": [ - "VariationName" - ], - "type": "object" - }, - "AWS::Evidently::Launch": { + "AWS::EC2::VPNGatewayRoutePropagation": { "additionalProperties": false, "properties": { "Condition": { @@ -98228,75 +102200,29 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "An optional description for the launch.", - "title": "Description", - "type": "string" - }, - "ExecutionStatus": { - "$ref": "#/definitions/AWS::Evidently::Launch.ExecutionStatusObject", - "markdownDescription": "A structure that you can use to start and stop the launch.", - "title": "ExecutionStatus" - }, - "Groups": { - "items": { - "$ref": "#/definitions/AWS::Evidently::Launch.LaunchGroupObject" - }, - "markdownDescription": "An array of structures that contains the feature and variations that are to be used for the launch. You can up to five launch groups in a launch.", - "title": "Groups", - "type": "array" - }, - "MetricMonitors": { + "RouteTableIds": { "items": { - "$ref": "#/definitions/AWS::Evidently::Launch.MetricDefinitionObject" + "type": "string" }, - "markdownDescription": "An array of structures that define the metrics that will be used to monitor the launch performance. You can have up to three metric monitors in the array.", - "title": "MetricMonitors", + "markdownDescription": "The ID of the route table. The routing table must be associated with the same VPC that the virtual private gateway is attached to.", + "title": "RouteTableIds", "type": "array" }, - "Name": { - "markdownDescription": "The name for the launch. It can include up to 127 characters.", - "title": "Name", - "type": "string" - }, - "Project": { - "markdownDescription": "The name or ARN of the project that you want to create the launch in.", - "title": "Project", - "type": "string" - }, - "RandomizationSalt": { - "markdownDescription": "When Evidently assigns a particular user session to a launch, it must use a randomization ID to determine which variation the user session is served. This randomization ID is a combination of the entity ID and `randomizationSalt` . If you omit `randomizationSalt` , Evidently uses the launch name as the `randomizationsSalt` .", - "title": "RandomizationSalt", + "VpnGatewayId": { + "markdownDescription": "The ID of the virtual private gateway that is attached to a VPC. The virtual private gateway must be attached to the same VPC that the routing tables are associated with.", + "title": "VpnGatewayId", "type": "string" - }, - "ScheduledSplitsConfig": { - "items": { - "$ref": "#/definitions/AWS::Evidently::Launch.StepConfig" - }, - "markdownDescription": "An array of structures that define the traffic allocation percentages among the feature variations during each step of the launch.", - "title": "ScheduledSplitsConfig", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Assigns one or more tags (key-value pairs) to the launch.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with a launch.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .", - "title": "Tags", - "type": "array" } }, "required": [ - "Groups", - "Name", - "Project", - "ScheduledSplitsConfig" + "RouteTableIds", + "VpnGatewayId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Evidently::Launch" + "AWS::EC2::VPNGatewayRoutePropagation" ], "type": "string" }, @@ -98315,178 +102241,331 @@ ], "type": "object" }, - "AWS::Evidently::Launch.ExecutionStatusObject": { + "AWS::EC2::VerifiedAccessEndpoint": { "additionalProperties": false, "properties": { - "DesiredState": { - "markdownDescription": "If you are using AWS CloudFormation to stop this launch, specify either `COMPLETED` or `CANCELLED` here to indicate how to classify this experiment. If you omit this parameter, the default of `COMPLETED` is used.", - "title": "DesiredState", - "type": "string" - }, - "Reason": { - "markdownDescription": "If you are using AWS CloudFormation to stop this launch, this is an optional field that you can use to record why the launch is being stopped or cancelled.", - "title": "Reason", + "Condition": { "type": "string" }, - "Status": { - "markdownDescription": "To start the launch now, specify `START` for this parameter. If this launch is currently running and you want to stop it now, specify `STOP` .", - "title": "Status", - "type": "string" - } - }, - "required": [ - "Status" - ], - "type": "object" - }, - "AWS::Evidently::Launch.GroupToWeight": { - "additionalProperties": false, - "properties": { - "GroupName": { - "markdownDescription": "The name of the launch group. It can include up to 127 characters.", - "title": "GroupName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SplitWeight": { - "markdownDescription": "The portion of launch traffic to allocate to this launch group.\n\nThis is represented in thousandths of a percent. For example, specify 20,000 to allocate 20% of the launch audience to this launch group.", - "title": "SplitWeight", - "type": "number" - } - }, - "required": [ - "GroupName", - "SplitWeight" - ], - "type": "object" - }, - "AWS::Evidently::Launch.LaunchGroupObject": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description of the launch group.", - "title": "Description", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Feature": { - "markdownDescription": "The feature that this launch is using.", - "title": "Feature", - "type": "string" + "Metadata": { + "type": "object" }, - "GroupName": { - "markdownDescription": "A name for this launch group. It can include up to 127 characters.", - "title": "GroupName", + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationDomain": { + "markdownDescription": "The DNS name for users to reach your application.", + "title": "ApplicationDomain", + "type": "string" + }, + "AttachmentType": { + "markdownDescription": "The type of attachment used to provide connectivity between the AWS Verified Access endpoint and the application.", + "title": "AttachmentType", + "type": "string" + }, + "CidrOptions": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessEndpoint.CidrOptions", + "markdownDescription": "The options for a CIDR endpoint.", + "title": "CidrOptions" + }, + "Description": { + "markdownDescription": "A description for the AWS Verified Access endpoint.", + "title": "Description", + "type": "string" + }, + "DomainCertificateArn": { + "markdownDescription": "The ARN of a public TLS/SSL certificate imported into or created with ACM.", + "title": "DomainCertificateArn", + "type": "string" + }, + "EndpointDomainPrefix": { + "markdownDescription": "A custom identifier that is prepended to the DNS name that is generated for the endpoint.", + "title": "EndpointDomainPrefix", + "type": "string" + }, + "EndpointType": { + "markdownDescription": "The type of AWS Verified Access endpoint. Incoming application requests will be sent to an IP address, load balancer or a network interface depending on the endpoint type specified.", + "title": "EndpointType", + "type": "string" + }, + "LoadBalancerOptions": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessEndpoint.LoadBalancerOptions", + "markdownDescription": "The load balancer details if creating the AWS Verified Access endpoint as `load-balancer` type.", + "title": "LoadBalancerOptions" + }, + "NetworkInterfaceOptions": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessEndpoint.NetworkInterfaceOptions", + "markdownDescription": "The options for network-interface type endpoint.", + "title": "NetworkInterfaceOptions" + }, + "PolicyDocument": { + "markdownDescription": "The Verified Access policy document.", + "title": "PolicyDocument", + "type": "string" + }, + "PolicyEnabled": { + "markdownDescription": "The status of the Verified Access policy.", + "title": "PolicyEnabled", + "type": "boolean" + }, + "RdsOptions": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessEndpoint.RdsOptions", + "markdownDescription": "The options for an RDS endpoint.", + "title": "RdsOptions" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the security groups for the endpoint.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SseSpecification": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessEndpoint.SseSpecification", + "markdownDescription": "The options for additional server side encryption.", + "title": "SseSpecification" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags.", + "title": "Tags", + "type": "array" + }, + "VerifiedAccessGroupId": { + "markdownDescription": "The ID of the AWS Verified Access group.", + "title": "VerifiedAccessGroupId", + "type": "string" + } + }, + "required": [ + "AttachmentType", + "EndpointType", + "VerifiedAccessGroupId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::EC2::VerifiedAccessEndpoint" + ], "type": "string" }, - "Variation": { - "markdownDescription": "The feature variation to use for this launch group.", - "title": "Variation", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Feature", - "GroupName", - "Variation" + "Type", + "Properties" ], "type": "object" }, - "AWS::Evidently::Launch.MetricDefinitionObject": { + "AWS::EC2::VerifiedAccessEndpoint.CidrOptions": { "additionalProperties": false, "properties": { - "EntityIdKey": { - "markdownDescription": "The entity, such as a user or session, that does an action that causes a metric value to be recorded. An example is `userDetails.userID` .", - "title": "EntityIdKey", - "type": "string" - }, - "EventPattern": { - "markdownDescription": "The EventBridge event pattern that defines how the metric is recorded.\n\nFor more information about EventBridge event patterns, see [Amazon EventBridge event patterns](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-event-patterns.html) .", - "title": "EventPattern", + "Cidr": { + "markdownDescription": "The CIDR.", + "title": "Cidr", "type": "string" }, - "MetricName": { - "markdownDescription": "A name for the metric. It can include up to 255 characters.", - "title": "MetricName", - "type": "string" + "PortRanges": { + "items": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessEndpoint.PortRange" + }, + "markdownDescription": "The port ranges.", + "title": "PortRanges", + "type": "array" }, - "UnitLabel": { - "markdownDescription": "A label for the units that the metric is measuring.", - "title": "UnitLabel", + "Protocol": { + "markdownDescription": "The protocol.", + "title": "Protocol", "type": "string" }, - "ValueKey": { - "markdownDescription": "The value that is tracked to produce the metric.", - "title": "ValueKey", - "type": "string" + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the subnets.", + "title": "SubnetIds", + "type": "array" } }, - "required": [ - "EntityIdKey", - "MetricName", - "ValueKey" - ], "type": "object" }, - "AWS::Evidently::Launch.SegmentOverride": { + "AWS::EC2::VerifiedAccessEndpoint.LoadBalancerOptions": { "additionalProperties": false, "properties": { - "EvaluationOrder": { - "markdownDescription": "A number indicating the order to use to evaluate segment overrides, if there are more than one. Segment overrides with lower numbers are evaluated first.", - "title": "EvaluationOrder", + "LoadBalancerArn": { + "markdownDescription": "The ARN of the load balancer.", + "title": "LoadBalancerArn", + "type": "string" + }, + "Port": { + "markdownDescription": "The IP port number.", + "title": "Port", "type": "number" }, - "Segment": { - "markdownDescription": "The ARN of the segment to use for this override.", - "title": "Segment", + "PortRanges": { + "items": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessEndpoint.PortRange" + }, + "markdownDescription": "The port ranges.", + "title": "PortRanges", + "type": "array" + }, + "Protocol": { + "markdownDescription": "The IP protocol.", + "title": "Protocol", "type": "string" }, - "Weights": { + "SubnetIds": { "items": { - "$ref": "#/definitions/AWS::Evidently::Launch.GroupToWeight" + "type": "string" }, - "markdownDescription": "The traffic allocation percentages among the feature variations to assign to this segment. This is a set of key-value pairs. The keys are variation names. The values represent the amount of traffic to allocate to that variation for this segment. This is expressed in thousandths of a percent, so a weight of 50000 represents 50% of traffic.", - "title": "Weights", + "markdownDescription": "The IDs of the subnets. You can specify only one subnet per Availability Zone.", + "title": "SubnetIds", "type": "array" } }, - "required": [ - "EvaluationOrder", - "Segment", - "Weights" - ], "type": "object" }, - "AWS::Evidently::Launch.StepConfig": { + "AWS::EC2::VerifiedAccessEndpoint.NetworkInterfaceOptions": { "additionalProperties": false, "properties": { - "GroupWeights": { + "NetworkInterfaceId": { + "markdownDescription": "The ID of the network interface.", + "title": "NetworkInterfaceId", + "type": "string" + }, + "Port": { + "markdownDescription": "The IP port number.", + "title": "Port", + "type": "number" + }, + "PortRanges": { "items": { - "$ref": "#/definitions/AWS::Evidently::Launch.GroupToWeight" + "$ref": "#/definitions/AWS::EC2::VerifiedAccessEndpoint.PortRange" }, - "markdownDescription": "An array of structures that define how much launch traffic to allocate to each launch group during this step of the launch.", - "title": "GroupWeights", + "markdownDescription": "The port ranges.", + "title": "PortRanges", "type": "array" }, - "SegmentOverrides": { + "Protocol": { + "markdownDescription": "The IP protocol.", + "title": "Protocol", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::VerifiedAccessEndpoint.PortRange": { + "additionalProperties": false, + "properties": { + "FromPort": { + "markdownDescription": "The start of the port range.", + "title": "FromPort", + "type": "number" + }, + "ToPort": { + "markdownDescription": "The end of the port range.", + "title": "ToPort", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::VerifiedAccessEndpoint.RdsOptions": { + "additionalProperties": false, + "properties": { + "Port": { + "markdownDescription": "The port.", + "title": "Port", + "type": "number" + }, + "Protocol": { + "markdownDescription": "The protocol.", + "title": "Protocol", + "type": "string" + }, + "RdsDbClusterArn": { + "markdownDescription": "The ARN of the DB cluster.", + "title": "RdsDbClusterArn", + "type": "string" + }, + "RdsDbInstanceArn": { + "markdownDescription": "The ARN of the RDS instance.", + "title": "RdsDbInstanceArn", + "type": "string" + }, + "RdsDbProxyArn": { + "markdownDescription": "The ARN of the RDS proxy.", + "title": "RdsDbProxyArn", + "type": "string" + }, + "RdsEndpoint": { + "markdownDescription": "The RDS endpoint.", + "title": "RdsEndpoint", + "type": "string" + }, + "SubnetIds": { "items": { - "$ref": "#/definitions/AWS::Evidently::Launch.SegmentOverride" + "type": "string" }, - "markdownDescription": "An array of structures that you can use to specify different traffic splits for one or more audience *segments* . A segment is a portion of your audience that share one or more characteristics. Examples could be Chrome browser users, users in Europe, or Firefox browser users in Europe who also fit other criteria that your application collects, such as age.\n\nFor more information, see [Use segments to focus your audience](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Evidently-segments.html) .", - "title": "SegmentOverrides", + "markdownDescription": "The IDs of the subnets. You can specify only one subnet per Availability Zone.", + "title": "SubnetIds", "type": "array" + } + }, + "type": "object" + }, + "AWS::EC2::VerifiedAccessEndpoint.SseSpecification": { + "additionalProperties": false, + "properties": { + "CustomerManagedKeyEnabled": { + "markdownDescription": "Enable or disable the use of customer managed KMS keys for server side encryption.\n\nValid values: `True` | `False`", + "title": "CustomerManagedKeyEnabled", + "type": "boolean" }, - "StartTime": { - "markdownDescription": "The date and time to start this step of the launch. Use UTC format, `yyyy-MM-ddTHH:mm:ssZ` . For example, `2025-11-25T23:59:59Z`", - "title": "StartTime", + "KmsKeyArn": { + "markdownDescription": "The ARN of the KMS key.", + "title": "KmsKeyArn", "type": "string" } }, - "required": [ - "GroupWeights", - "StartTime" - ], "type": "object" }, - "AWS::Evidently::Project": { + "AWS::EC2::VerifiedAccessGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -98521,43 +102600,48 @@ "Properties": { "additionalProperties": false, "properties": { - "AppConfigResource": { - "$ref": "#/definitions/AWS::Evidently::Project.AppConfigResourceObject", - "markdownDescription": "Use this parameter if the project will use *client-side evaluation powered by AWS AppConfig* . Client-side evaluation allows your application to assign variations to user sessions locally instead of by calling the [EvaluateFeature](https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_EvaluateFeature.html) operation. This mitigates the latency and availability risks that come with an API call. For more information, see [Use client-side evaluation - powered by AWS AppConfig .](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Evidently-client-side-evaluation.html)\n\nThis parameter is a structure that contains information about the AWS AppConfig application that will be used as for client-side evaluation.\n\nTo create a project that uses client-side evaluation, you must have the `evidently:ExportProjectAsConfiguration` permission.", - "title": "AppConfigResource" - }, - "DataDelivery": { - "$ref": "#/definitions/AWS::Evidently::Project.DataDeliveryObject", - "markdownDescription": "A structure that contains information about where Evidently is to store evaluation events for longer term storage, if you choose to do so. If you choose not to store these events, Evidently deletes them after using them to produce metrics and other experiment results that you can view.\n\nYou can't specify both `CloudWatchLogs` and `S3Destination` in the same operation.", - "title": "DataDelivery" - }, "Description": { - "markdownDescription": "An optional description of the project.", + "markdownDescription": "A description for the AWS Verified Access group.", "title": "Description", "type": "string" }, - "Name": { - "markdownDescription": "The name for the project. It can include up to 127 characters.", - "title": "Name", + "PolicyDocument": { + "markdownDescription": "The Verified Access policy document.", + "title": "PolicyDocument", "type": "string" }, + "PolicyEnabled": { + "markdownDescription": "The status of the Verified Access policy.", + "title": "PolicyEnabled", + "type": "boolean" + }, + "SseSpecification": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessGroup.SseSpecification", + "markdownDescription": "The options for additional server side encryption.", + "title": "SseSpecification" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Assigns one or more tags (key-value pairs) to the project.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with a project.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .", + "markdownDescription": "The tags.", "title": "Tags", "type": "array" + }, + "VerifiedAccessInstanceId": { + "markdownDescription": "The ID of the AWS Verified Access instance.", + "title": "VerifiedAccessInstanceId", + "type": "string" } }, "required": [ - "Name" + "VerifiedAccessInstanceId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Evidently::Project" + "AWS::EC2::VerifiedAccessGroup" ], "type": "string" }, @@ -98576,62 +102660,23 @@ ], "type": "object" }, - "AWS::Evidently::Project.AppConfigResourceObject": { - "additionalProperties": false, - "properties": { - "ApplicationId": { - "markdownDescription": "The ID of the AWS AppConfig application to use for client-side evaluation.", - "title": "ApplicationId", - "type": "string" - }, - "EnvironmentId": { - "markdownDescription": "The ID of the AWS AppConfig environment to use for client-side evaluation.", - "title": "EnvironmentId", - "type": "string" - } - }, - "required": [ - "ApplicationId", - "EnvironmentId" - ], - "type": "object" - }, - "AWS::Evidently::Project.DataDeliveryObject": { - "additionalProperties": false, - "properties": { - "LogGroup": { - "markdownDescription": "If the project stores evaluation events in CloudWatch Logs , this structure stores the log group name.", - "title": "LogGroup", - "type": "string" - }, - "S3": { - "$ref": "#/definitions/AWS::Evidently::Project.S3Destination", - "markdownDescription": "If the project stores evaluation events in an Amazon S3 bucket, this structure stores the bucket name and bucket prefix.", - "title": "S3" - } - }, - "type": "object" - }, - "AWS::Evidently::Project.S3Destination": { + "AWS::EC2::VerifiedAccessGroup.SseSpecification": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "The name of the bucket in which Evidently stores evaluation events.", - "title": "BucketName", - "type": "string" + "CustomerManagedKeyEnabled": { + "markdownDescription": "Enable or disable the use of customer managed KMS keys for server side encryption.\n\nValid values: `True` | `False`", + "title": "CustomerManagedKeyEnabled", + "type": "boolean" }, - "Prefix": { - "markdownDescription": "The bucket prefix in which Evidently stores evaluation events.", - "title": "Prefix", + "KmsKeyArn": { + "markdownDescription": "The ARN of the KMS key.", + "title": "KmsKeyArn", "type": "string" } }, - "required": [ - "BucketName" - ], "type": "object" }, - "AWS::Evidently::Segment": { + "AWS::EC2::VerifiedAccessInstance": { "additionalProperties": false, "properties": { "Condition": { @@ -98666,38 +102711,56 @@ "Properties": { "additionalProperties": false, "properties": { + "CidrEndpointsCustomSubDomain": { + "markdownDescription": "The custom subdomain.", + "title": "CidrEndpointsCustomSubDomain", + "type": "string" + }, "Description": { - "markdownDescription": "An optional description for this segment.", + "markdownDescription": "A description for the AWS Verified Access instance.", "title": "Description", "type": "string" }, - "Name": { - "markdownDescription": "A name for the segment.", - "title": "Name", - "type": "string" + "FipsEnabled": { + "markdownDescription": "Indicates whether support for Federal Information Processing Standards (FIPS) is enabled on the instance.", + "title": "FipsEnabled", + "type": "boolean" }, - "Pattern": { - "markdownDescription": "The pattern to use for the segment. For more information about pattern syntax, see [Segment rule pattern syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Evidently-segments.html#CloudWatch-Evidently-segments-syntax) .", - "title": "Pattern", - "type": "string" + "LoggingConfigurations": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessInstance.VerifiedAccessLogs", + "markdownDescription": "The logging configuration for the Verified Access instances.", + "title": "LoggingConfigurations" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Assigns one or more tags (key-value pairs) to the feature.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with a feature.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .", + "markdownDescription": "The tags.", "title": "Tags", "type": "array" + }, + "VerifiedAccessTrustProviderIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the AWS Verified Access trust providers.", + "title": "VerifiedAccessTrustProviderIds", + "type": "array" + }, + "VerifiedAccessTrustProviders": { + "items": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessInstance.VerifiedAccessTrustProvider" + }, + "markdownDescription": "The IDs of the AWS Verified Access trust providers.", + "title": "VerifiedAccessTrustProviders", + "type": "array" } }, - "required": [ - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Evidently::Segment" + "AWS::EC2::VerifiedAccessInstance" ], "type": "string" }, @@ -98711,12 +102774,131 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::FIS::ExperimentTemplate": { + "AWS::EC2::VerifiedAccessInstance.CloudWatchLogs": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Indicates whether logging is enabled.", + "title": "Enabled", + "type": "boolean" + }, + "LogGroup": { + "markdownDescription": "The ID of the CloudWatch Logs log group.", + "title": "LogGroup", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::VerifiedAccessInstance.KinesisDataFirehose": { + "additionalProperties": false, + "properties": { + "DeliveryStream": { + "markdownDescription": "The ID of the delivery stream.", + "title": "DeliveryStream", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Indicates whether logging is enabled.", + "title": "Enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EC2::VerifiedAccessInstance.S3": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "The bucket name.", + "title": "BucketName", + "type": "string" + }, + "BucketOwner": { + "markdownDescription": "The AWS account number that owns the bucket.", + "title": "BucketOwner", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Indicates whether logging is enabled.", + "title": "Enabled", + "type": "boolean" + }, + "Prefix": { + "markdownDescription": "The bucket prefix.", + "title": "Prefix", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::VerifiedAccessInstance.VerifiedAccessLogs": { + "additionalProperties": false, + "properties": { + "CloudWatchLogs": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessInstance.CloudWatchLogs", + "markdownDescription": "CloudWatch Logs logging destination.", + "title": "CloudWatchLogs" + }, + "IncludeTrustContext": { + "markdownDescription": "Indicates whether to include trust data sent by trust providers in the logs.", + "title": "IncludeTrustContext", + "type": "boolean" + }, + "KinesisDataFirehose": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessInstance.KinesisDataFirehose", + "markdownDescription": "Kinesis logging destination.", + "title": "KinesisDataFirehose" + }, + "LogVersion": { + "markdownDescription": "The logging version.\n\nValid values: `ocsf-0.1` | `ocsf-1.0.0-rc.2`", + "title": "LogVersion", + "type": "string" + }, + "S3": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessInstance.S3", + "markdownDescription": "Amazon S3 logging options.", + "title": "S3" + } + }, + "type": "object" + }, + "AWS::EC2::VerifiedAccessInstance.VerifiedAccessTrustProvider": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description for the AWS Verified Access trust provider.", + "title": "Description", + "type": "string" + }, + "DeviceTrustProviderType": { + "markdownDescription": "The type of device-based trust provider.", + "title": "DeviceTrustProviderType", + "type": "string" + }, + "TrustProviderType": { + "markdownDescription": "The type of Verified Access trust provider.", + "title": "TrustProviderType", + "type": "string" + }, + "UserTrustProviderType": { + "markdownDescription": "The type of user-based trust provider.", + "title": "UserTrustProviderType", + "type": "string" + }, + "VerifiedAccessTrustProviderId": { + "markdownDescription": "The ID of the AWS Verified Access trust provider.", + "title": "VerifiedAccessTrustProviderId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::VerifiedAccessTrustProvider": { "additionalProperties": false, "properties": { "Condition": { @@ -98751,80 +102933,69 @@ "Properties": { "additionalProperties": false, "properties": { - "Actions": { - "additionalProperties": false, - "markdownDescription": "The actions for the experiment.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateAction" - } - }, - "title": "Actions", - "type": "object" - }, "Description": { - "markdownDescription": "The description for the experiment template.", + "markdownDescription": "A description for the AWS Verified Access trust provider.", "title": "Description", "type": "string" }, - "ExperimentOptions": { - "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateExperimentOptions", - "markdownDescription": "The experiment options for an experiment template.", - "title": "ExperimentOptions" + "DeviceOptions": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessTrustProvider.DeviceOptions", + "markdownDescription": "The options for device-identity trust provider.", + "title": "DeviceOptions" }, - "LogConfiguration": { - "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateLogConfiguration", - "markdownDescription": "The configuration for experiment logging.", - "title": "LogConfiguration" + "DeviceTrustProviderType": { + "markdownDescription": "The type of device-based trust provider.", + "title": "DeviceTrustProviderType", + "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role.", - "title": "RoleArn", + "NativeApplicationOidcOptions": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessTrustProvider.NativeApplicationOidcOptions", + "markdownDescription": "The OpenID Connect (OIDC) options.", + "title": "NativeApplicationOidcOptions" + }, + "OidcOptions": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessTrustProvider.OidcOptions", + "markdownDescription": "The options for an OpenID Connect-compatible user-identity trust provider.", + "title": "OidcOptions" + }, + "PolicyReferenceName": { + "markdownDescription": "The identifier to be used when working with policy rules.", + "title": "PolicyReferenceName", "type": "string" }, - "StopConditions": { - "items": { - "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateStopCondition" - }, - "markdownDescription": "The stop conditions for the experiment.", - "title": "StopConditions", - "type": "array" + "SseSpecification": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessTrustProvider.SseSpecification", + "markdownDescription": "The options for additional server side encryption.", + "title": "SseSpecification" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "The tags for the experiment template.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "The tags.", "title": "Tags", - "type": "object" + "type": "array" }, - "Targets": { - "additionalProperties": false, - "markdownDescription": "The targets for the experiment.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateTarget" - } - }, - "title": "Targets", - "type": "object" + "TrustProviderType": { + "markdownDescription": "The type of Verified Access trust provider.", + "title": "TrustProviderType", + "type": "string" + }, + "UserTrustProviderType": { + "markdownDescription": "The type of user-based trust provider.", + "title": "UserTrustProviderType", + "type": "string" } }, "required": [ - "Description", - "RoleArn", - "StopConditions", - "Tags", - "Targets" + "PolicyReferenceName", + "TrustProviderType" ], "type": "object" }, "Type": { "enum": [ - "AWS::FIS::ExperimentTemplate" + "AWS::EC2::VerifiedAccessTrustProvider" ], "type": "string" }, @@ -98843,229 +103014,126 @@ ], "type": "object" }, - "AWS::FIS::ExperimentTemplate.CloudWatchLogsConfiguration": { + "AWS::EC2::VerifiedAccessTrustProvider.DeviceOptions": { "additionalProperties": false, "properties": { - "LogGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the destination Amazon CloudWatch Logs log group.", - "title": "LogGroupArn", + "PublicSigningKeyUrl": { + "markdownDescription": "The URL AWS Verified Access will use to verify the authenticity of the device tokens.", + "title": "PublicSigningKeyUrl", + "type": "string" + }, + "TenantId": { + "markdownDescription": "The ID of the tenant application with the device-identity provider.", + "title": "TenantId", "type": "string" } }, - "required": [ - "LogGroupArn" - ], "type": "object" }, - "AWS::FIS::ExperimentTemplate.ExperimentTemplateAction": { + "AWS::EC2::VerifiedAccessTrustProvider.NativeApplicationOidcOptions": { "additionalProperties": false, "properties": { - "ActionId": { - "markdownDescription": "The ID of the action.", - "title": "ActionId", + "AuthorizationEndpoint": { + "markdownDescription": "The authorization endpoint of the IdP.", + "title": "AuthorizationEndpoint", "type": "string" }, - "Description": { - "markdownDescription": "A description for the action.", - "title": "Description", + "ClientId": { + "markdownDescription": "The OAuth 2.0 client identifier.", + "title": "ClientId", "type": "string" }, - "Parameters": { - "additionalProperties": true, - "markdownDescription": "The parameters for the action.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Parameters", - "type": "object" - }, - "StartAfter": { - "items": { - "type": "string" - }, - "markdownDescription": "The name of the action that must be completed before the current action starts.", - "title": "StartAfter", - "type": "array" + "ClientSecret": { + "markdownDescription": "The OAuth 2.0 client secret.", + "title": "ClientSecret", + "type": "string" }, - "Targets": { - "additionalProperties": true, - "markdownDescription": "The targets for the action.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Targets", - "type": "object" - } - }, - "required": [ - "ActionId" - ], - "type": "object" - }, - "AWS::FIS::ExperimentTemplate.ExperimentTemplateExperimentOptions": { - "additionalProperties": false, - "properties": { - "AccountTargeting": { - "markdownDescription": "The account targeting setting for an experiment template.", - "title": "AccountTargeting", + "Issuer": { + "markdownDescription": "The OIDC issuer identifier of the IdP.", + "title": "Issuer", "type": "string" }, - "EmptyTargetResolutionMode": { - "markdownDescription": "The empty target resolution mode for an experiment template.", - "title": "EmptyTargetResolutionMode", + "PublicSigningKeyEndpoint": { + "markdownDescription": "The public signing key endpoint.", + "title": "PublicSigningKeyEndpoint", "type": "string" - } - }, - "type": "object" - }, - "AWS::FIS::ExperimentTemplate.ExperimentTemplateLogConfiguration": { - "additionalProperties": false, - "properties": { - "CloudWatchLogsConfiguration": { - "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.CloudWatchLogsConfiguration", - "markdownDescription": "The configuration for experiment logging to CloudWatch Logs .", - "title": "CloudWatchLogsConfiguration" }, - "LogSchemaVersion": { - "markdownDescription": "The schema version.", - "title": "LogSchemaVersion", - "type": "number" + "Scope": { + "markdownDescription": "The set of user claims to be requested from the IdP.", + "title": "Scope", + "type": "string" }, - "S3Configuration": { - "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.S3Configuration", - "markdownDescription": "The configuration for experiment logging to Amazon S3 .", - "title": "S3Configuration" - } - }, - "required": [ - "LogSchemaVersion" - ], - "type": "object" - }, - "AWS::FIS::ExperimentTemplate.ExperimentTemplateStopCondition": { - "additionalProperties": false, - "properties": { - "Source": { - "markdownDescription": "The source for the stop condition.", - "title": "Source", + "TokenEndpoint": { + "markdownDescription": "The token endpoint of the IdP.", + "title": "TokenEndpoint", "type": "string" }, - "Value": { - "markdownDescription": "The Amazon Resource Name (ARN) of the CloudWatch alarm, if applicable.", - "title": "Value", + "UserInfoEndpoint": { + "markdownDescription": "The user info endpoint of the IdP.", + "title": "UserInfoEndpoint", "type": "string" } }, - "required": [ - "Source" - ], "type": "object" }, - "AWS::FIS::ExperimentTemplate.ExperimentTemplateTarget": { + "AWS::EC2::VerifiedAccessTrustProvider.OidcOptions": { "additionalProperties": false, "properties": { - "Filters": { - "items": { - "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateTargetFilter" - }, - "markdownDescription": "The filters to apply to identify target resources using specific attributes.", - "title": "Filters", - "type": "array" - }, - "Parameters": { - "additionalProperties": true, - "markdownDescription": "The parameters for the resource type.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Parameters", - "type": "object" + "AuthorizationEndpoint": { + "markdownDescription": "The OIDC authorization endpoint.", + "title": "AuthorizationEndpoint", + "type": "string" }, - "ResourceArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Names (ARNs) of the targets.", - "title": "ResourceArns", - "type": "array" + "ClientId": { + "markdownDescription": "The client identifier.", + "title": "ClientId", + "type": "string" }, - "ResourceTags": { - "additionalProperties": true, - "markdownDescription": "The tags for the target resources.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "ResourceTags", - "type": "object" + "ClientSecret": { + "markdownDescription": "The client secret.", + "title": "ClientSecret", + "type": "string" }, - "ResourceType": { - "markdownDescription": "The resource type.", - "title": "ResourceType", + "Issuer": { + "markdownDescription": "The OIDC issuer.", + "title": "Issuer", "type": "string" }, - "SelectionMode": { - "markdownDescription": "Scopes the identified resources to a specific count or percentage.", - "title": "SelectionMode", + "Scope": { + "markdownDescription": "The OpenID Connect (OIDC) scope specified.", + "title": "Scope", "type": "string" - } - }, - "required": [ - "ResourceType", - "SelectionMode" - ], - "type": "object" - }, - "AWS::FIS::ExperimentTemplate.ExperimentTemplateTargetFilter": { - "additionalProperties": false, - "properties": { - "Path": { - "markdownDescription": "The attribute path for the filter.", - "title": "Path", + }, + "TokenEndpoint": { + "markdownDescription": "The OIDC token endpoint.", + "title": "TokenEndpoint", "type": "string" }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The attribute values for the filter.", - "title": "Values", - "type": "array" + "UserInfoEndpoint": { + "markdownDescription": "The OIDC user info endpoint.", + "title": "UserInfoEndpoint", + "type": "string" } }, - "required": [ - "Path", - "Values" - ], "type": "object" }, - "AWS::FIS::ExperimentTemplate.S3Configuration": { + "AWS::EC2::VerifiedAccessTrustProvider.SseSpecification": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "The name of the destination bucket.", - "title": "BucketName", - "type": "string" + "CustomerManagedKeyEnabled": { + "markdownDescription": "Enable or disable the use of customer managed KMS keys for server side encryption.\n\nValid values: `True` | `False`", + "title": "CustomerManagedKeyEnabled", + "type": "boolean" }, - "Prefix": { - "markdownDescription": "The bucket prefix.", - "title": "Prefix", + "KmsKeyArn": { + "markdownDescription": "The ARN of the KMS key.", + "title": "KmsKeyArn", "type": "string" } }, - "required": [ - "BucketName" - ], "type": "object" }, - "AWS::FIS::TargetAccountConfiguration": { + "AWS::EC2::Volume": { "additionalProperties": false, "properties": { "Condition": { @@ -99100,37 +103168,83 @@ "Properties": { "additionalProperties": false, "properties": { - "AccountId": { - "markdownDescription": "The AWS account ID of the target account.", - "title": "AccountId", + "AutoEnableIO": { + "markdownDescription": "Indicates whether the volume is auto-enabled for I/O operations. By default, Amazon EBS disables I/O to the volume from attached EC2 instances when it determines that a volume's data is potentially inconsistent. If the consistency of the volume is not a concern, and you prefer that the volume be made available immediately if it's impaired, you can configure the volume to automatically enable I/O.", + "title": "AutoEnableIO", + "type": "boolean" + }, + "AvailabilityZone": { + "markdownDescription": "The ID of the Availability Zone in which to create the volume. For example, `us-east-1a` .", + "title": "AvailabilityZone", "type": "string" }, - "Description": { - "markdownDescription": "The description of the target account.", - "title": "Description", + "Encrypted": { + "markdownDescription": "Indicates whether the volume should be encrypted. The effect of setting the encryption state to `true` depends on the volume origin (new or from a snapshot), starting encryption state, ownership, and whether encryption by default is enabled. For more information, see [Encryption by default](https://docs.aws.amazon.com/ebs/latest/userguide/work-with-ebs-encr.html#encryption-by-default) in the *Amazon EBS User Guide* .\n\nEncrypted Amazon EBS volumes must be attached to instances that support Amazon EBS encryption. For more information, see [Supported instance types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption-requirements.html#ebs-encryption_supported_instances) .", + "title": "Encrypted", + "type": "boolean" + }, + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS). For `gp3` , `io1` , and `io2` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n\nThe following are the supported values for each volume type:\n\n- `gp3` : 3,000 - 16,000 IOPS\n- `io1` : 100 - 64,000 IOPS\n- `io2` : 100 - 256,000 IOPS\n\nFor `io2` volumes, you can achieve up to 256,000 IOPS on [instances built on the Nitro System](https://docs.aws.amazon.com/ec2/latest/instancetypes/ec2-nitro-instances.html) . On other instances, you can achieve performance up to 32,000 IOPS.\n\nThis parameter is required for `io1` and `io2` volumes. The default for `gp3` volumes is 3,000 IOPS. This parameter is not supported for `gp2` , `st1` , `sc1` , or `standard` volumes.", + "title": "Iops", + "type": "number" + }, + "KmsKeyId": { + "markdownDescription": "The identifier of the AWS KMS key to use for Amazon EBS encryption. If `KmsKeyId` is specified, the encrypted state must be `true` .\n\nIf you omit this property and your account is enabled for encryption by default, or *Encrypted* is set to `true` , then the volume is encrypted using the default key specified for your account. If your account does not have a default key, then the volume is encrypted using the AWS managed key .\n\nAlternatively, if you want to specify a different key, you can specify one of the following:\n\n- Key ID. For example, 1234abcd-12ab-34cd-56ef-1234567890ab.\n- Key alias. Specify the alias for the key, prefixed with `alias/` . For example, for a key with the alias `my_cmk` , use `alias/my_cmk` . Or to specify the AWS managed key , use `alias/aws/ebs` .\n- Key ARN. For example, arn:aws:kms:us-east-1:012345678910:key/1234abcd-12ab-34cd-56ef-1234567890ab.\n- Alias ARN. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias.", + "title": "KmsKeyId", "type": "string" }, - "ExperimentTemplateId": { - "markdownDescription": "The ID of the experiment template.", - "title": "ExperimentTemplateId", + "MultiAttachEnabled": { + "markdownDescription": "Indicates whether Amazon EBS Multi-Attach is enabled.\n\nAWS CloudFormation does not currently support updating a single-attach volume to be multi-attach enabled, updating a multi-attach enabled volume to be single-attach, or updating the size or number of I/O operations per second (IOPS) of a multi-attach enabled volume.", + "title": "MultiAttachEnabled", + "type": "boolean" + }, + "OutpostArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Outpost.", + "title": "OutpostArn", "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role for the target account.", - "title": "RoleArn", + "Size": { + "markdownDescription": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. If you specify a snapshot, the default is the snapshot size. You can specify a volume size that is equal to or larger than the snapshot size.\n\nThe following are the supported volumes sizes for each volume type:\n\n- `gp2` and `gp3` : 1 - 16,384 GiB\n- `io1` : 4 - 16,384 GiB\n- `io2` : 4 - 65,536 GiB\n- `st1` and `sc1` : 125 - 16,384 GiB\n- `standard` : 1 - 1024 GiB", + "title": "Size", + "type": "number" + }, + "SnapshotId": { + "markdownDescription": "The snapshot from which to create the volume. You must specify either a snapshot ID or a volume size.", + "title": "SnapshotId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to apply to the volume during creation.", + "title": "Tags", + "type": "array" + }, + "Throughput": { + "markdownDescription": "The throughput to provision for a volume, with a maximum of 1,000 MiB/s.\n\nThis parameter is valid only for `gp3` volumes. The default value is 125.\n\nValid Range: Minimum value of 125. Maximum value of 1000.", + "title": "Throughput", + "type": "number" + }, + "VolumeInitializationRate": { + "markdownDescription": "Specifies the Amazon EBS Provisioned Rate for Volume Initialization (volume initialization rate), in MiB/s, at which to download the snapshot blocks from Amazon S3 to the volume. This is also known as *volume initialization* . Specifying a volume initialization rate ensures that the volume is initialized at a predictable and consistent rate after creation.\n\nThis parameter is supported only for volumes created from snapshots. Omit this parameter if:\n\n- You want to create the volume using fast snapshot restore. You must specify a snapshot that is enabled for fast snapshot restore. In this case, the volume is fully initialized at creation.\n\n> If you specify a snapshot that is enabled for fast snapshot restore and a volume initialization rate, the volume will be initialized at the specified rate instead of fast snapshot restore.\n- You want to create a volume that is initialized at the default rate.\n\nFor more information, see [Initialize Amazon EBS volumes](https://docs.aws.amazon.com/ebs/latest/userguide/initalize-volume.html) in the *Amazon EC2 User Guide* .\n\nValid range: 100 - 300 MiB/s", + "title": "VolumeInitializationRate", + "type": "number" + }, + "VolumeType": { + "markdownDescription": "The volume type. This parameter can be one of the following values:\n\n- General Purpose SSD: `gp2` | `gp3`\n- Provisioned IOPS SSD: `io1` | `io2`\n- Throughput Optimized HDD: `st1`\n- Cold HDD: `sc1`\n- Magnetic: `standard`\n\nFor more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volume-types.html) .\n\nDefault: `gp2`", + "title": "VolumeType", "type": "string" } }, "required": [ - "AccountId", - "ExperimentTemplateId", - "RoleArn" + "AvailabilityZone" ], "type": "object" }, "Type": { "enum": [ - "AWS::FIS::TargetAccountConfiguration" + "AWS::EC2::Volume" ], "type": "string" }, @@ -99149,7 +103263,7 @@ ], "type": "object" }, - "AWS::FMS::NotificationChannel": { + "AWS::EC2::VolumeAttachment": { "additionalProperties": false, "properties": { "Condition": { @@ -99184,26 +103298,31 @@ "Properties": { "additionalProperties": false, "properties": { - "SnsRoleName": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that allows Amazon SNS to record AWS Firewall Manager activity.", - "title": "SnsRoleName", + "Device": { + "markdownDescription": "The device name (for example, `/dev/sdh` or `xvdh` ).", + "title": "Device", "type": "string" }, - "SnsTopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the SNS topic that collects notifications from AWS Firewall Manager .", - "title": "SnsTopicArn", + "InstanceId": { + "markdownDescription": "The ID of the instance to which the volume attaches. This value can be a reference to an [`AWS::EC2::Instance`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html) resource, or it can be the physical ID of an existing EC2 instance.", + "title": "InstanceId", + "type": "string" + }, + "VolumeId": { + "markdownDescription": "The ID of the Amazon EBS volume. The volume and instance must be within the same Availability Zone. This value can be a reference to an [`AWS::EC2::Volume`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-ebs-volume.html) resource, or it can be the volume ID of an existing Amazon EBS volume.", + "title": "VolumeId", "type": "string" } }, "required": [ - "SnsRoleName", - "SnsTopicArn" + "InstanceId", + "VolumeId" ], "type": "object" }, "Type": { "enum": [ - "AWS::FMS::NotificationChannel" + "AWS::EC2::VolumeAttachment" ], "type": "string" }, @@ -99222,7 +103341,7 @@ ], "type": "object" }, - "AWS::FMS::Policy": { + "AWS::ECR::PublicRepository": { "additionalProperties": false, "properties": { "Condition": { @@ -99257,100 +103376,35 @@ "Properties": { "additionalProperties": false, "properties": { - "DeleteAllPolicyResources": { - "markdownDescription": "Used when deleting a policy. If `true` , Firewall Manager performs cleanup according to the policy type.\n\nFor AWS WAF and Shield Advanced policies, Firewall Manager does the following:\n\n- Deletes rule groups created by Firewall Manager\n- Removes web ACLs from in-scope resources\n- Deletes web ACLs that contain no rules or rule groups\n\nFor security group policies, Firewall Manager does the following for each security group in the policy:\n\n- Disassociates the security group from in-scope resources\n- Deletes the security group if it was created through Firewall Manager and if it's no longer associated with any resources through another policy\n\nAfter the cleanup, in-scope resources are no longer protected by web ACLs in this policy. Protection of out-of-scope resources remains unchanged. Scope is determined by tags that you create and accounts that you associate with the policy. When creating the policy, if you specify that only resources in specific accounts or with specific tags are in scope of the policy, those accounts and resources are handled by the policy. All others are out of scope. If you don't specify tags or accounts, all resources are in scope.", - "title": "DeleteAllPolicyResources", - "type": "boolean" + "RepositoryCatalogData": { + "$ref": "#/definitions/AWS::ECR::PublicRepository.RepositoryCatalogData", + "markdownDescription": "The details about the repository that are publicly visible in the Amazon ECR Public Gallery. For more information, see [Amazon ECR Public repository catalog data](https://docs.aws.amazon.com/AmazonECR/latest/public/public-repository-catalog-data.html) in the *Amazon ECR Public User Guide* .", + "title": "RepositoryCatalogData" }, - "ExcludeMap": { - "$ref": "#/definitions/AWS::FMS::Policy.IEMap", - "markdownDescription": "Specifies the AWS account IDs and AWS Organizations organizational units (OUs) to exclude from the policy. Specifying an OU is the equivalent of specifying all accounts in the OU and in any of its child OUs, including any child OUs and accounts that are added at a later time.\n\nYou can specify inclusions or exclusions, but not both. If you specify an `IncludeMap` , AWS Firewall Manager applies the policy to all accounts specified by the `IncludeMap` , and does not evaluate any `ExcludeMap` specifications. If you do not specify an `IncludeMap` , then Firewall Manager applies the policy to all accounts except for those specified by the `ExcludeMap` .\n\nYou can specify account IDs, OUs, or a combination:\n\n- Specify account IDs by setting the key to `ACCOUNT` . For example, the following is a valid map: `{\u201cACCOUNT\u201d : [\u201caccountID1\u201d, \u201caccountID2\u201d]}` .\n- Specify OUs by setting the key to `ORGUNIT` . For example, the following is a valid map: `{\u201cORGUNIT\u201d : [\u201couid111\u201d, \u201couid112\u201d]}` .\n- Specify accounts and OUs together in a single map, separated with a comma. For example, the following is a valid map: `{\u201cACCOUNT\u201d : [\u201caccountID1\u201d, \u201caccountID2\u201d], \u201cORGUNIT\u201d : [\u201couid111\u201d, \u201couid112\u201d]}` .", - "title": "ExcludeMap" + "RepositoryName": { + "markdownDescription": "The name to use for the public repository. The repository name may be specified on its own (such as `nginx-web-app` ) or it can be prepended with a namespace to group the repository into a category (such as `project-a/nginx-web-app` ). If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the repository name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "RepositoryName", + "type": "string" }, - "ExcludeResourceTags": { - "markdownDescription": "Used only when tags are specified in the `ResourceTags` property. If this property is `True` , resources with the specified tags are not in scope of the policy. If it's `False` , only resources with the specified tags are in scope of the policy.", - "title": "ExcludeResourceTags", - "type": "boolean" - }, - "IncludeMap": { - "$ref": "#/definitions/AWS::FMS::Policy.IEMap", - "markdownDescription": "Specifies the AWS account IDs and AWS Organizations organizational units (OUs) to include in the policy. Specifying an OU is the equivalent of specifying all accounts in the OU and in any of its child OUs, including any child OUs and accounts that are added at a later time.\n\nYou can specify inclusions or exclusions, but not both. If you specify an `IncludeMap` , AWS Firewall Manager applies the policy to all accounts specified by the `IncludeMap` , and does not evaluate any `ExcludeMap` specifications. If you do not specify an `IncludeMap` , then Firewall Manager applies the policy to all accounts except for those specified by the `ExcludeMap` .\n\nYou can specify account IDs, OUs, or a combination:\n\n- Specify account IDs by setting the key to `ACCOUNT` . For example, the following is a valid map: `{\u201cACCOUNT\u201d : [\u201caccountID1\u201d, \u201caccountID2\u201d]}` .\n- Specify OUs by setting the key to `ORGUNIT` . For example, the following is a valid map: `{\u201cORGUNIT\u201d : [\u201couid111\u201d, \u201couid112\u201d]}` .\n- Specify accounts and OUs together in a single map, separated with a comma. For example, the following is a valid map: `{\u201cACCOUNT\u201d : [\u201caccountID1\u201d, \u201caccountID2\u201d], \u201cORGUNIT\u201d : [\u201couid111\u201d, \u201couid112\u201d]}` .", - "title": "IncludeMap" - }, - "PolicyDescription": { - "markdownDescription": "Your description of the AWS Firewall Manager policy.", - "title": "PolicyDescription", - "type": "string" - }, - "PolicyName": { - "markdownDescription": "The name of the AWS Firewall Manager policy.", - "title": "PolicyName", - "type": "string" - }, - "RemediationEnabled": { - "markdownDescription": "Indicates if the policy should be automatically applied to new resources.", - "title": "RemediationEnabled", - "type": "boolean" - }, - "ResourceSetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The unique identifiers of the resource sets used by the policy.", - "title": "ResourceSetIds", - "type": "array" - }, - "ResourceTags": { - "items": { - "$ref": "#/definitions/AWS::FMS::Policy.ResourceTag" - }, - "markdownDescription": "An array of `ResourceTag` objects, used to explicitly include resources in the policy scope or explicitly exclude them. If this isn't set, then tags aren't used to modify policy scope. See also `ExcludeResourceTags` .", - "title": "ResourceTags", - "type": "array" - }, - "ResourceType": { - "markdownDescription": "The type of resource protected by or in scope of the policy. This is in the format shown in the [AWS Resource Types Reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html) . To apply this policy to multiple resource types, specify a resource type of `ResourceTypeList` and then specify the resource types in a `ResourceTypeList` .\n\nThe following are valid resource types for each Firewall Manager policy type:\n\n- AWS WAF Classic - `AWS::ApiGateway::Stage` , `AWS::CloudFront::Distribution` , and `AWS::ElasticLoadBalancingV2::LoadBalancer` .\n- AWS WAF - `AWS::ApiGateway::Stage` , `AWS::ElasticLoadBalancingV2::LoadBalancer` , and `AWS::CloudFront::Distribution` .\n- Shield Advanced - `AWS::ElasticLoadBalancingV2::LoadBalancer` , `AWS::ElasticLoadBalancing::LoadBalancer` , `AWS::EC2::EIP` , and `AWS::CloudFront::Distribution` .\n- Network ACL - `AWS::EC2::Subnet` .\n- Security group usage audit - `AWS::EC2::SecurityGroup` .\n- Security group content audit - `AWS::EC2::SecurityGroup` , `AWS::EC2::NetworkInterface` , and `AWS::EC2::Instance` .\n- DNS Firewall, AWS Network Firewall , and third-party firewall - `AWS::EC2::VPC` .", - "title": "ResourceType", - "type": "string" - }, - "ResourceTypeList": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of `ResourceType` objects. Use this only to specify multiple resource types. To specify a single resource type, use `ResourceType` .", - "title": "ResourceTypeList", - "type": "array" - }, - "ResourcesCleanUp": { - "markdownDescription": "Indicates whether AWS Firewall Manager should automatically remove protections from resources that leave the policy scope and clean up resources that Firewall Manager is managing for accounts when those accounts leave policy scope. For example, Firewall Manager will disassociate a Firewall Manager managed web ACL from a protected customer resource when the customer resource leaves policy scope.\n\nBy default, Firewall Manager doesn't remove protections or delete Firewall Manager managed resources.\n\nThis option is not available for Shield Advanced or AWS WAF Classic policies.", - "title": "ResourcesCleanUp", - "type": "boolean" - }, - "SecurityServicePolicyData": { - "$ref": "#/definitions/AWS::FMS::Policy.SecurityServicePolicyData", - "markdownDescription": "Details about the security service that is being used to protect the resources.\n\nThis contains the following settings:\n\n- Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting .\n\nValid values: `DNS_FIREWALL` | `NETWORK_FIREWALL` | `SECURITY_GROUPS_COMMON` | `SECURITY_GROUPS_CONTENT_AUDIT` | `SECURITY_GROUPS_USAGE_AUDIT` | `SHIELD_ADVANCED` | `THIRD_PARTY_FIREWALL` | `WAFV2` | `WAF`\n- ManagedServiceData - Details about the service that are specific to the service type, in JSON format.\n\n- Example: `DNS_FIREWALL`\n\n`\"{\\\"type\\\":\\\"DNS_FIREWALL\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-1\\\",\\\"priority\\\":10}],\\\"postProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-2\\\",\\\"priority\\\":9911}]}\"`\n\n> Valid values for `preProcessRuleGroups` are between 1 and 99. Valid values for `postProcessRuleGroups` are between 9901 and 10000.\n- Example: `NETWORK_FIREWALL` - Centralized deployment model\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"awsNetworkFirewallConfig\\\":{\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}},\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"OFF\\\"},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nWith automatic Availbility Zone configuration, Firewall Manager chooses which Availability Zones to create the endpoints in. To use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"]},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\": \\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\", \\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{ \\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[ \\\"10.0.0.0/28\\\"]}]} },\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"OFF\\\",\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nWith custom Availability Zone configuration, you define which specific Availability Zones to create endpoints in by configuring `firewallCreationConfig` . To configure the Availability Zones in `firewallCreationConfig` , specify either the `availabilityZoneName` or `availabilityZoneId` parameter, not both parameters.\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"],\\\"routeManagementConfig\\\":{\\\"allowCrossAZTrafficIfNoEndpoint\\\":true}},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall centralized deployment model\n\n`\"{ \\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\", \\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\", \\\"thirdPartyFirewallConfig\\\":{ \\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `CENTRALIZED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall distributed deployment model\n\n`\"{\\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\",\\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\",\\\"thirdPartyFirewallConfig\\\":{\\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{ \\\"distributedFirewallDeploymentModel\\\":{ \\\"distributedFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{ \\\"availabilityZoneConfigList\\\":[ {\\\"availabilityZoneName\\\":\\\"${AvailabilityZone}\\\" } ] } }, \\\"allowedIPV4CidrList\\\":[ ] } } } }\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `DISTRIBUTED` .\n- Specification for `SHIELD_ADVANCED` for Amazon CloudFront distributions\n\n`\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED|IGNORED|DISABLED\\\", \\\"automaticResponseAction\\\":\\\"BLOCK|COUNT\\\"}, \\\"overrideCustomerWebaclClassic\\\":true|false}\"`\n\nFor example: `\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED\\\", \\\"automaticResponseAction\\\":\\\"COUNT\\\"}}\"`\n\nThe default value for `automaticResponseStatus` is `IGNORED` . The value for `automaticResponseAction` is only required when `automaticResponseStatus` is set to `ENABLED` . The default value for `overrideCustomerWebaclClassic` is `false` .\n\nFor other resource types that you can protect with a Shield Advanced policy, this `ManagedServiceData` configuration is an empty string.\n- Example: `WAFV2`\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"version\\\":null,\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesAmazonIpReputationList\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nIn the `loggingConfiguration` , you can specify one `logDestinationConfigs` , you can optionally provide up to 20 `redactedFields` , and the `RedactedFieldType` must be one of `URI` , `QUERY_STRING` , `HEADER` , or `METHOD` .\n- Example: `AWS WAF Classic`\n\n`\"{\\\"type\\\": \\\"WAF\\\", \\\"ruleGroups\\\": [{\\\"id\\\":\\\"12345678-1bcd-9012-efga-0987654321ab\\\", \\\"overrideAction\\\" : {\\\"type\\\": \\\"COUNT\\\"}}], \\\"defaultAction\\\": {\\\"type\\\": \\\"BLOCK\\\"}}\"`\n- Example: `WAFV2` - AWS Firewall Manager support for AWS WAF managed rule group versioning\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"versionEnabled\\\":true,\\\"version\\\":\\\"Version_2.0\\\",\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesCommonRuleSet\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nTo use a specific version of a AWS WAF managed rule group in your Firewall Manager policy, you must set `versionEnabled` to `true` , and set `version` to the version you'd like to use. If you don't set `versionEnabled` to `true` , or if you omit `versionEnabled` , then Firewall Manager uses the default version of the AWS WAF managed rule group.\n- Example: `SECURITY_GROUPS_COMMON`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: Shared VPCs. Apply the preceding policy to resources in shared VPCs as well as to those in VPCs that the account owns\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"includeSharedVPC\\\":true,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: `SECURITY_GROUPS_CONTENT_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_CONTENT_AUDIT\\\",\\\"securityGroups\\\":[{\\\"id\\\":\\\"sg-000e55995d61a06bd\\\"}],\\\"securityGroupAction\\\":{\\\"type\\\":\\\"ALLOW\\\"}}\"`\n\nThe security group action for content audit can be `ALLOW` or `DENY` . For `ALLOW` , all in-scope security group rules must be within the allowed range of the policy's security group rules. For `DENY` , all in-scope security group rules must not contain a value or a range that matches a rule value or range in the policy security group.\n- Example: `SECURITY_GROUPS_USAGE_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_USAGE_AUDIT\\\",\\\"deleteUnusedSecurityGroups\\\":true,\\\"coalesceRedundantSecurityGroups\\\":true}\"`", - "title": "SecurityServicePolicyData" + "RepositoryPolicyText": { + "markdownDescription": "The JSON repository policy text to apply to the public repository. For more information, see [Amazon ECR Public repository policies](https://docs.aws.amazon.com/AmazonECR/latest/public/public-repository-policies.html) in the *Amazon ECR Public User Guide* .", + "title": "RepositoryPolicyText", + "type": "object" }, "Tags": { "items": { - "$ref": "#/definitions/AWS::FMS::Policy.PolicyTag" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "A collection of key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.", + "markdownDescription": "An array of key-value pairs to apply to this resource.", "title": "Tags", "type": "array" } }, - "required": [ - "ExcludeResourceTags", - "PolicyName", - "RemediationEnabled", - "SecurityServicePolicyData" - ], "type": "object" }, "Type": { "enum": [ - "AWS::FMS::Policy" + "AWS::ECR::PublicRepository" ], "type": "string" }, @@ -99364,141 +103418,48 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::FMS::Policy.IEMap": { + "AWS::ECR::PublicRepository.RepositoryCatalogData": { "additionalProperties": false, "properties": { - "ACCOUNT": { + "AboutText": { + "markdownDescription": "The longform description of the contents of the repository. This text appears in the repository details on the Amazon ECR Public Gallery.", + "title": "AboutText", + "type": "string" + }, + "Architectures": { "items": { "type": "string" }, - "markdownDescription": "The account list for the map.", - "title": "ACCOUNT", + "markdownDescription": "The architecture tags that are associated with the repository.", + "title": "Architectures", "type": "array" }, - "ORGUNIT": { + "OperatingSystems": { "items": { "type": "string" }, - "markdownDescription": "The organizational unit list for the map.", - "title": "ORGUNIT", + "markdownDescription": "The operating system tags that are associated with the repository.", + "title": "OperatingSystems", "type": "array" - } - }, - "type": "object" - }, - "AWS::FMS::Policy.NetworkFirewallPolicy": { - "additionalProperties": false, - "properties": { - "FirewallDeploymentModel": { - "markdownDescription": "Defines the deployment model to use for the firewall policy. To use a distributed model, set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `DISTRIBUTED` .", - "title": "FirewallDeploymentModel", - "type": "string" - } - }, - "required": [ - "FirewallDeploymentModel" - ], - "type": "object" - }, - "AWS::FMS::Policy.PolicyOption": { - "additionalProperties": false, - "properties": { - "NetworkFirewallPolicy": { - "$ref": "#/definitions/AWS::FMS::Policy.NetworkFirewallPolicy", - "markdownDescription": "Defines the deployment model to use for the firewall policy.", - "title": "NetworkFirewallPolicy" - }, - "ThirdPartyFirewallPolicy": { - "$ref": "#/definitions/AWS::FMS::Policy.ThirdPartyFirewallPolicy", - "markdownDescription": "Defines the policy options for a third-party firewall policy.", - "title": "ThirdPartyFirewallPolicy" - } - }, - "type": "object" - }, - "AWS::FMS::Policy.PolicyTag": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "Part of the key:value pair that defines a tag. You can use a tag key to describe a category of information, such as \"customer.\" Tag keys are case-sensitive.", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "Part of the key:value pair that defines a tag. You can use a tag value to describe a specific value within a category, such as \"companyA\" or \"companyB.\" Tag values are case-sensitive.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - }, - "AWS::FMS::Policy.ResourceTag": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "The resource tag key.", - "title": "Key", - "type": "string" }, - "Value": { - "markdownDescription": "The resource tag value.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Key" - ], - "type": "object" - }, - "AWS::FMS::Policy.SecurityServicePolicyData": { - "additionalProperties": false, - "properties": { - "ManagedServiceData": { - "markdownDescription": "Details about the service that are specific to the service type, in JSON format.\n\n- Example: `DNS_FIREWALL`\n\n`\"{\\\"type\\\":\\\"DNS_FIREWALL\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-1\\\",\\\"priority\\\":10}],\\\"postProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-2\\\",\\\"priority\\\":9911}]}\"`\n\n> Valid values for `preProcessRuleGroups` are between 1 and 99. Valid values for `postProcessRuleGroups` are between 9901 and 10000.\n- Example: `NETWORK_FIREWALL` - Centralized deployment model\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"awsNetworkFirewallConfig\\\":{\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}},\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"OFF\\\"},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nWith automatic Availbility Zone configuration, Firewall Manager chooses which Availability Zones to create the endpoints in. To use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"]},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\": \\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\", \\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{ \\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[ \\\"10.0.0.0/28\\\"]}]} },\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"OFF\\\",\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nWith custom Availability Zone configuration, you define which specific Availability Zones to create endpoints in by configuring `firewallCreationConfig` . To configure the Availability Zones in `firewallCreationConfig` , specify either the `availabilityZoneName` or `availabilityZoneId` parameter, not both parameters.\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"],\\\"routeManagementConfig\\\":{\\\"allowCrossAZTrafficIfNoEndpoint\\\":true}},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall centralized deployment model\n\n`\"{ \\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\", \\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\", \\\"thirdPartyFirewallConfig\\\":{ \\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `CENTRALIZED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall distributed deployment model\n\n`\"{\\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\",\\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\",\\\"thirdPartyFirewallConfig\\\":{\\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{ \\\"distributedFirewallDeploymentModel\\\":{ \\\"distributedFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{ \\\"availabilityZoneConfigList\\\":[ {\\\"availabilityZoneName\\\":\\\"${AvailabilityZone}\\\" } ] } }, \\\"allowedIPV4CidrList\\\":[ ] } } } }\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `DISTRIBUTED` .\n- Specification for `SHIELD_ADVANCED` for Amazon CloudFront distributions\n\n`\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED|IGNORED|DISABLED\\\", \\\"automaticResponseAction\\\":\\\"BLOCK|COUNT\\\"}, \\\"overrideCustomerWebaclClassic\\\":true|false}\"`\n\nFor example: `\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED\\\", \\\"automaticResponseAction\\\":\\\"COUNT\\\"}}\"`\n\nThe default value for `automaticResponseStatus` is `IGNORED` . The value for `automaticResponseAction` is only required when `automaticResponseStatus` is set to `ENABLED` . The default value for `overrideCustomerWebaclClassic` is `false` .\n\nFor other resource types that you can protect with a Shield Advanced policy, this `ManagedServiceData` configuration is an empty string.\n- Example: `WAFV2`\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"version\\\":null,\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesAmazonIpReputationList\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nIn the `loggingConfiguration` , you can specify one `logDestinationConfigs` , you can optionally provide up to 20 `redactedFields` , and the `RedactedFieldType` must be one of `URI` , `QUERY_STRING` , `HEADER` , or `METHOD` .\n- Example: `AWS WAF Classic`\n\n`\"{\\\"type\\\": \\\"WAF\\\", \\\"ruleGroups\\\": [{\\\"id\\\":\\\"12345678-1bcd-9012-efga-0987654321ab\\\", \\\"overrideAction\\\" : {\\\"type\\\": \\\"COUNT\\\"}}], \\\"defaultAction\\\": {\\\"type\\\": \\\"BLOCK\\\"}}\"`\n- Example: `WAFV2` - AWS Firewall Manager support for AWS WAF managed rule group versioning\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"versionEnabled\\\":true,\\\"version\\\":\\\"Version_2.0\\\",\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesCommonRuleSet\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nTo use a specific version of a AWS WAF managed rule group in your Firewall Manager policy, you must set `versionEnabled` to `true` , and set `version` to the version you'd like to use. If you don't set `versionEnabled` to `true` , or if you omit `versionEnabled` , then Firewall Manager uses the default version of the AWS WAF managed rule group.\n- Example: `SECURITY_GROUPS_COMMON`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: Shared VPCs. Apply the preceding policy to resources in shared VPCs as well as to those in VPCs that the account owns\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"includeSharedVPC\\\":true,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: `SECURITY_GROUPS_CONTENT_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_CONTENT_AUDIT\\\",\\\"securityGroups\\\":[{\\\"id\\\":\\\"sg-000e55995d61a06bd\\\"}],\\\"securityGroupAction\\\":{\\\"type\\\":\\\"ALLOW\\\"}}\"`\n\nThe security group action for content audit can be `ALLOW` or `DENY` . For `ALLOW` , all in-scope security group rules must be within the allowed range of the policy's security group rules. For `DENY` , all in-scope security group rules must not contain a value or a range that matches a rule value or range in the policy security group.\n- Example: `SECURITY_GROUPS_USAGE_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_USAGE_AUDIT\\\",\\\"deleteUnusedSecurityGroups\\\":true,\\\"coalesceRedundantSecurityGroups\\\":true}\"`", - "title": "ManagedServiceData", + "RepositoryDescription": { + "markdownDescription": "The short description of the repository.", + "title": "RepositoryDescription", "type": "string" }, - "PolicyOption": { - "$ref": "#/definitions/AWS::FMS::Policy.PolicyOption", - "markdownDescription": "Contains the settings to configure a network ACL policy, a AWS Network Firewall firewall policy deployment model, or a third-party firewall policy.", - "title": "PolicyOption" - }, - "Type": { - "markdownDescription": "The service that the policy is using to protect the resources. This specifies the type of policy that is created, either an AWS WAF policy, a Shield Advanced policy, or a security group policy. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting SUPlong .", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::FMS::Policy.ThirdPartyFirewallPolicy": { - "additionalProperties": false, - "properties": { - "FirewallDeploymentModel": { - "markdownDescription": "Defines the deployment model to use for the third-party firewall policy.", - "title": "FirewallDeploymentModel", + "UsageText": { + "markdownDescription": "The longform usage details of the contents of the repository. The usage text provides context for users of the repository.", + "title": "UsageText", "type": "string" } }, - "required": [ - "FirewallDeploymentModel" - ], "type": "object" }, - "AWS::FMS::ResourceSet": { + "AWS::ECR::PullThroughCacheRule": { "additionalProperties": false, "properties": { "Condition": { @@ -99533,50 +103494,42 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the resource set.", - "title": "Description", + "CredentialArn": { + "markdownDescription": "The ARN of the Secrets Manager secret associated with the pull through cache rule.", + "title": "CredentialArn", "type": "string" }, - "Name": { - "markdownDescription": "The descriptive name of the resource set. You can't change the name of a resource set after you create it.", - "title": "Name", + "CustomRoleArn": { + "markdownDescription": "The ARN of the IAM role associated with the pull through cache rule.", + "title": "CustomRoleArn", "type": "string" }, - "ResourceTypeList": { - "items": { - "type": "string" - }, - "markdownDescription": "Determines the resources that can be associated to the resource set. Depending on your setting for max results and the number of resource sets, a single call might not return the full list.", - "title": "ResourceTypeList", - "type": "array" + "EcrRepositoryPrefix": { + "markdownDescription": "The Amazon ECR repository prefix associated with the pull through cache rule.", + "title": "EcrRepositoryPrefix", + "type": "string" }, - "Resources": { - "items": { - "type": "string" - }, - "markdownDescription": "", - "title": "Resources", - "type": "array" + "UpstreamRegistry": { + "markdownDescription": "The name of the upstream source registry associated with the pull through cache rule.", + "title": "UpstreamRegistry", + "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "", - "title": "Tags", - "type": "array" + "UpstreamRegistryUrl": { + "markdownDescription": "The upstream registry URL associated with the pull through cache rule.", + "title": "UpstreamRegistryUrl", + "type": "string" + }, + "UpstreamRepositoryPrefix": { + "markdownDescription": "The upstream repository prefix associated with the pull through cache rule.", + "title": "UpstreamRepositoryPrefix", + "type": "string" } }, - "required": [ - "Name", - "ResourceTypeList" - ], "type": "object" }, "Type": { "enum": [ - "AWS::FMS::ResourceSet" + "AWS::ECR::PullThroughCacheRule" ], "type": "string" }, @@ -99590,12 +103543,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::FSx::DataRepositoryAssociation": { + "AWS::ECR::RegistryPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -99630,55 +103582,20 @@ "Properties": { "additionalProperties": false, "properties": { - "BatchImportMetaDataOnCreate": { - "markdownDescription": "A boolean flag indicating whether an import data repository task to import metadata should run after the data repository association is created. The task runs if this flag is set to `true` .", - "title": "BatchImportMetaDataOnCreate", - "type": "boolean" - }, - "DataRepositoryPath": { - "markdownDescription": "The path to the Amazon S3 data repository that will be linked to the file system. The path can be an S3 bucket or prefix in the format `s3://myBucket/myPrefix/` . This path specifies where in the S3 data repository files will be imported from or exported to.", - "title": "DataRepositoryPath", - "type": "string" - }, - "FileSystemId": { - "markdownDescription": "The ID of the file system on which the data repository association is configured.", - "title": "FileSystemId", - "type": "string" - }, - "FileSystemPath": { - "markdownDescription": "A path on the Amazon FSx for Lustre file system that points to a high-level directory (such as `/ns1/` ) or subdirectory (such as `/ns1/subdir/` ) that will be mapped 1-1 with `DataRepositoryPath` . The leading forward slash in the name is required. Two data repository associations cannot have overlapping file system paths. For example, if a data repository is associated with file system path `/ns1/` , then you cannot link another data repository with file system path `/ns1/ns2` .\n\nThis path specifies where in your file system files will be exported from or imported to. This file system directory can be linked to only one Amazon S3 bucket, and no other S3 bucket can be linked to the directory.\n\n> If you specify only a forward slash ( `/` ) as the file system path, you can link only one data repository to the file system. You can only specify \"/\" as the file system path for the first data repository associated with a file system.", - "title": "FileSystemPath", - "type": "string" - }, - "ImportedFileChunkSize": { - "markdownDescription": "For files imported from a data repository, this value determines the stripe count and maximum amount of data per file (in MiB) stored on a single physical disk. The maximum number of disks that a single file can be striped across is limited by the total number of disks that make up the file system or cache.\n\nThe default chunk size is 1,024 MiB (1 GiB) and can go as high as 512,000 MiB (500 GiB). Amazon S3 objects have a maximum size of 5 TB.", - "title": "ImportedFileChunkSize", - "type": "number" - }, - "S3": { - "$ref": "#/definitions/AWS::FSx::DataRepositoryAssociation.S3", - "markdownDescription": "The configuration for an Amazon S3 data repository linked to an Amazon FSx Lustre file system with a data repository association. The configuration defines which file events (new, changed, or deleted files or directories) are automatically imported from the linked data repository to the file system or automatically exported from the file system to the data repository.", - "title": "S3" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of `Tag` values, with a maximum of 50 elements.", - "title": "Tags", - "type": "array" + "PolicyText": { + "markdownDescription": "The JSON policy text for your registry.", + "title": "PolicyText", + "type": "object" } }, "required": [ - "DataRepositoryPath", - "FileSystemId", - "FileSystemPath" + "PolicyText" ], "type": "object" }, "Type": { "enum": [ - "AWS::FSx::DataRepositoryAssociation" + "AWS::ECR::RegistryPolicy" ], "type": "string" }, @@ -99697,57 +103614,7 @@ ], "type": "object" }, - "AWS::FSx::DataRepositoryAssociation.AutoExportPolicy": { - "additionalProperties": false, - "properties": { - "Events": { - "items": { - "type": "string" - }, - "markdownDescription": "The `AutoExportPolicy` can have the following event values:\n\n- `NEW` - New files and directories are automatically exported to the data repository as they are added to the file system.\n- `CHANGED` - Changes to files and directories on the file system are automatically exported to the data repository.\n- `DELETED` - Files and directories are automatically deleted on the data repository when they are deleted on the file system.\n\nYou can define any combination of event types for your `AutoExportPolicy` .", - "title": "Events", - "type": "array" - } - }, - "required": [ - "Events" - ], - "type": "object" - }, - "AWS::FSx::DataRepositoryAssociation.AutoImportPolicy": { - "additionalProperties": false, - "properties": { - "Events": { - "items": { - "type": "string" - }, - "markdownDescription": "The `AutoImportPolicy` can have the following event values:\n\n- `NEW` - Amazon FSx automatically imports metadata of files added to the linked S3 bucket that do not currently exist in the FSx file system.\n- `CHANGED` - Amazon FSx automatically updates file metadata and invalidates existing file content on the file system as files change in the data repository.\n- `DELETED` - Amazon FSx automatically deletes files on the file system as corresponding files are deleted in the data repository.\n\nYou can define any combination of event types for your `AutoImportPolicy` .", - "title": "Events", - "type": "array" - } - }, - "required": [ - "Events" - ], - "type": "object" - }, - "AWS::FSx::DataRepositoryAssociation.S3": { - "additionalProperties": false, - "properties": { - "AutoExportPolicy": { - "$ref": "#/definitions/AWS::FSx::DataRepositoryAssociation.AutoExportPolicy", - "markdownDescription": "Describes a data repository association's automatic export policy. The `AutoExportPolicy` defines the types of updated objects on the file system that will be automatically exported to the data repository. As you create, modify, or delete files, Amazon FSx for Lustre automatically exports the defined changes asynchronously once your application finishes modifying the file.\n\nThe `AutoExportPolicy` is only supported on Amazon FSx for Lustre file systems with a data repository association.", - "title": "AutoExportPolicy" - }, - "AutoImportPolicy": { - "$ref": "#/definitions/AWS::FSx::DataRepositoryAssociation.AutoImportPolicy", - "markdownDescription": "Describes the data repository association's automatic import policy. The AutoImportPolicy defines how Amazon FSx keeps your file metadata and directory listings up to date by importing changes to your Amazon FSx for Lustre file system as you modify objects in a linked S3 bucket.\n\nThe `AutoImportPolicy` is only supported on Amazon FSx for Lustre file systems with a data repository association.", - "title": "AutoImportPolicy" - } - }, - "type": "object" - }, - "AWS::FSx::FileSystem": { + "AWS::ECR::RegistryScanningConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -99782,90 +103649,29 @@ "Properties": { "additionalProperties": false, "properties": { - "BackupId": { - "markdownDescription": "The ID of the file system backup that you are using to create a file system. For more information, see [CreateFileSystemFromBackup](https://docs.aws.amazon.com/fsx/latest/APIReference/API_CreateFileSystemFromBackup.html) .", - "title": "BackupId", - "type": "string" - }, - "FileSystemType": { - "markdownDescription": "The type of Amazon FSx file system, which can be `LUSTRE` , `WINDOWS` , `ONTAP` , or `OPENZFS` .", - "title": "FileSystemType", - "type": "string" - }, - "FileSystemTypeVersion": { - "markdownDescription": "For FSx for Lustre file systems, sets the Lustre version for the file system that you're creating. Valid values are `2.10` , `2.12` , and `2.15` :\n\n- `2.10` is supported by the Scratch and Persistent_1 Lustre deployment types.\n- `2.12` is supported by all Lustre deployment types, except for `PERSISTENT_2` with a metadata configuration mode.\n- `2.15` is supported by all Lustre deployment types and is recommended for all new file systems.\n\nDefault value is `2.10` , except for the following deployments:\n\n- Default value is `2.12` when `DeploymentType` is set to `PERSISTENT_2` without a metadata configuration mode.\n- Default value is `2.15` when `DeploymentType` is set to `PERSISTENT_2` with a metadata configuration mode.", - "title": "FileSystemTypeVersion", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "The ID of the AWS Key Management Service ( AWS KMS ) key used to encrypt Amazon FSx file system data. Used as follows with Amazon FSx file system types:\n\n- Amazon FSx for Lustre `PERSISTENT_1` and `PERSISTENT_2` deployment types only.\n\n`SCRATCH_1` and `SCRATCH_2` types are encrypted using the Amazon FSx service AWS KMS key for your account.\n- Amazon FSx for NetApp ONTAP\n- Amazon FSx for OpenZFS\n- Amazon FSx for Windows File Server", - "title": "KmsKeyId", - "type": "string" - }, - "LustreConfiguration": { - "$ref": "#/definitions/AWS::FSx::FileSystem.LustreConfiguration", - "markdownDescription": "The Lustre configuration for the file system being created.\n\n> The following parameters are not supported when creating Lustre file systems with a data repository association.\n> \n> - `AutoImportPolicy`\n> - `ExportPath`\n> - `ImportedChunkSize`\n> - `ImportPath`", - "title": "LustreConfiguration" - }, - "OntapConfiguration": { - "$ref": "#/definitions/AWS::FSx::FileSystem.OntapConfiguration", - "markdownDescription": "The ONTAP configuration properties of the FSx for ONTAP file system that you are creating.", - "title": "OntapConfiguration" - }, - "OpenZFSConfiguration": { - "$ref": "#/definitions/AWS::FSx::FileSystem.OpenZFSConfiguration", - "markdownDescription": "The Amazon FSx for OpenZFS configuration properties for the file system that you are creating.", - "title": "OpenZFSConfiguration" - }, - "SecurityGroupIds": { + "Rules": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::ECR::RegistryScanningConfiguration.ScanningRule" }, - "markdownDescription": "A list of IDs specifying the security groups to apply to all network interfaces created for file system access. This list isn't returned in later requests to describe the file system.\n\n> You must specify a security group if you are creating a Multi-AZ FSx for ONTAP file system in a VPC subnet that has been shared with you.", - "title": "SecurityGroupIds", + "markdownDescription": "The scanning rules associated with the registry.", + "title": "Rules", "type": "array" }, - "StorageCapacity": { - "markdownDescription": "Sets the storage capacity of the file system that you're creating.\n\n`StorageCapacity` is required if you are creating a new file system. It is not required if you are creating a file system by restoring a backup.\n\n*FSx for Lustre file systems* - The amount of storage capacity that you can configure depends on the value that you set for `StorageType` and the Lustre `DeploymentType` , as follows:\n\n- For `SCRATCH_2` , `PERSISTENT_2` and `PERSISTENT_1` deployment types using SSD storage type, the valid values are 1200 GiB, 2400 GiB, and increments of 2400 GiB.\n- For `PERSISTENT_1` HDD file systems, valid values are increments of 6000 GiB for 12 MB/s/TiB file systems and increments of 1800 GiB for 40 MB/s/TiB file systems.\n- For `SCRATCH_1` deployment type, valid values are 1200 GiB, 2400 GiB, and increments of 3600 GiB.\n\n*FSx for ONTAP file systems* - The amount of SSD storage capacity that you can configure depends on the value of the `HAPairs` property. The minimum value is calculated as 1,024 GiB * HAPairs and the maximum is calculated as 524,288 GiB * HAPairs, up to a maximum amount of SSD storage capacity of 1,048,576 GiB (1 pebibyte).\n\n*FSx for OpenZFS file systems* - The amount of storage capacity that you can configure is from 64 GiB up to 524,288 GiB (512 TiB). If you are creating a file system from a backup, you can specify a storage capacity equal to or greater than the original file system's storage capacity.\n\n*FSx for Windows File Server file systems* - The amount of storage capacity that you can configure depends on the value that you set for `StorageType` as follows:\n\n- For SSD storage, valid values are 32 GiB-65,536 GiB (64 TiB).\n- For HDD storage, valid values are 2000 GiB-65,536 GiB (64 TiB).", - "title": "StorageCapacity", - "type": "number" - }, - "StorageType": { - "markdownDescription": "Sets the storage class for the file system that you're creating. Valid values are `SSD` , `HDD` , and `INTELLIGENT_TIERING` .\n\n- Set to `SSD` to use solid state drive storage. SSD is supported on all Windows, Lustre, ONTAP, and OpenZFS deployment types.\n- Set to `HDD` to use hard disk drive storage, which is supported on `SINGLE_AZ_2` and `MULTI_AZ_1` Windows file system deployment types, and on `PERSISTENT_1` Lustre file system deployment types.\n- Set to `INTELLIGENT_TIERING` to use fully elastic, intelligently-tiered storage. Intelligent-Tiering is only available for OpenZFS file systems with the Multi-AZ deployment type and for Lustre file systems with the Persistent_2 deployment type.\n\nDefault value is `SSD` . For more information, see [Storage type options](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/optimize-fsx-costs.html#storage-type-options) in the *FSx for Windows File Server User Guide* , [FSx for Lustre storage classes](https://docs.aws.amazon.com/fsx/latest/LustreGuide/using-fsx-lustre.html#lustre-storage-classes) in the *FSx for Lustre User Guide* , and [Working with Intelligent-Tiering](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/performance-intelligent-tiering) in the *Amazon FSx for OpenZFS User Guide* .", - "title": "StorageType", + "ScanType": { + "markdownDescription": "The type of scanning configured for the registry.", + "title": "ScanType", "type": "string" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the IDs of the subnets that the file system will be accessible from. For Windows and ONTAP `MULTI_AZ_1` deployment types,provide exactly two subnet IDs, one for the preferred file server and one for the standby file server. You specify one of these subnets as the preferred subnet using the `WindowsConfiguration > PreferredSubnetID` or `OntapConfiguration > PreferredSubnetID` properties. For more information about Multi-AZ file system configuration, see [Availability and durability: Single-AZ and Multi-AZ file systems](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/high-availability-multiAZ.html) in the *Amazon FSx for Windows User Guide* and [Availability and durability](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/high-availability-multiAZ.html) in the *Amazon FSx for ONTAP User Guide* .\n\nFor Windows `SINGLE_AZ_1` and `SINGLE_AZ_2` and all Lustre deployment types, provide exactly one subnet ID. The file server is launched in that subnet's Availability Zone.", - "title": "SubnetIds", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to associate with the file system. For more information, see [Tagging your Amazon FSx resources](https://docs.aws.amazon.com/fsx/latest/LustreGuide/tag-resources.html) in the *Amazon FSx for Lustre User Guide* .", - "title": "Tags", - "type": "array" - }, - "WindowsConfiguration": { - "$ref": "#/definitions/AWS::FSx::FileSystem.WindowsConfiguration", - "markdownDescription": "The configuration object for the Microsoft Windows file system you are creating.\n\nThis value is required if `FileSystemType` is set to `WINDOWS` .", - "title": "WindowsConfiguration" } }, "required": [ - "FileSystemType", - "SubnetIds" + "Rules", + "ScanType" ], "type": "object" }, "Type": { "enum": [ - "AWS::FSx::FileSystem" + "AWS::ECR::RegistryScanningConfiguration" ], "type": "string" }, @@ -99884,473 +103690,199 @@ ], "type": "object" }, - "AWS::FSx::FileSystem.AuditLogConfiguration": { + "AWS::ECR::RegistryScanningConfiguration.RepositoryFilter": { "additionalProperties": false, "properties": { - "AuditLogDestination": { - "markdownDescription": "The Amazon Resource Name (ARN) for the destination of the audit logs. The destination can be any Amazon CloudWatch Logs log group ARN or Amazon Kinesis Data Firehose delivery stream ARN.\n\nThe name of the Amazon CloudWatch Logs log group must begin with the `/aws/fsx` prefix. The name of the Amazon Kinesis Data Firehose delivery stream must begin with the `aws-fsx` prefix.\n\nThe destination ARN (either CloudWatch Logs log group or Kinesis Data Firehose delivery stream) must be in the same AWS partition, AWS Region , and AWS account as your Amazon FSx file system.", - "title": "AuditLogDestination", - "type": "string" - }, - "FileAccessAuditLogLevel": { - "markdownDescription": "Sets which attempt type is logged by Amazon FSx for file and folder accesses.\n\n- `SUCCESS_ONLY` - only successful attempts to access files or folders are logged.\n- `FAILURE_ONLY` - only failed attempts to access files or folders are logged.\n- `SUCCESS_AND_FAILURE` - both successful attempts and failed attempts to access files or folders are logged.\n- `DISABLED` - access auditing of files and folders is turned off.", - "title": "FileAccessAuditLogLevel", + "Filter": { + "markdownDescription": "The filter to use when scanning.", + "title": "Filter", "type": "string" }, - "FileShareAccessAuditLogLevel": { - "markdownDescription": "Sets which attempt type is logged by Amazon FSx for file share accesses.\n\n- `SUCCESS_ONLY` - only successful attempts to access file shares are logged.\n- `FAILURE_ONLY` - only failed attempts to access file shares are logged.\n- `SUCCESS_AND_FAILURE` - both successful attempts and failed attempts to access file shares are logged.\n- `DISABLED` - access auditing of file shares is turned off.", - "title": "FileShareAccessAuditLogLevel", + "FilterType": { + "markdownDescription": "The type associated with the filter.", + "title": "FilterType", "type": "string" } }, "required": [ - "FileAccessAuditLogLevel", - "FileShareAccessAuditLogLevel" + "Filter", + "FilterType" ], "type": "object" }, - "AWS::FSx::FileSystem.ClientConfigurations": { + "AWS::ECR::RegistryScanningConfiguration.ScanningRule": { "additionalProperties": false, "properties": { - "Clients": { - "markdownDescription": "A value that specifies who can mount the file system. You can provide a wildcard character ( `*` ), an IP address ( `0.0.0.0` ), or a CIDR address ( `192.0.2.0/24` ). By default, Amazon FSx uses the wildcard character when specifying the client.", - "title": "Clients", - "type": "string" - }, - "Options": { + "RepositoryFilters": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::ECR::RegistryScanningConfiguration.RepositoryFilter" }, - "markdownDescription": "The options to use when mounting the file system. For a list of options that you can use with Network File System (NFS), see the [exports(5) - Linux man page](https://docs.aws.amazon.com/https://linux.die.net/man/5/exports) . When choosing your options, consider the following:\n\n- `crossmnt` is used by default. If you don't specify `crossmnt` when changing the client configuration, you won't be able to see or access snapshots in your file system's snapshot directory.\n- `sync` is used by default. If you instead specify `async` , the system acknowledges writes before writing to disk. If the system crashes before the writes are finished, you lose the unwritten data.", - "title": "Options", + "markdownDescription": "The details of a scanning repository filter. For more information on how to use filters, see [Using filters](https://docs.aws.amazon.com/AmazonECR/latest/userguide/image-scanning.html#image-scanning-filters) in the *Amazon Elastic Container Registry User Guide* .", + "title": "RepositoryFilters", "type": "array" - } - }, - "type": "object" - }, - "AWS::FSx::FileSystem.DiskIopsConfiguration": { - "additionalProperties": false, - "properties": { - "Iops": { - "markdownDescription": "The total number of SSD IOPS provisioned for the file system.\n\nThe minimum and maximum values for this property depend on the value of `HAPairs` and `StorageCapacity` . The minimum value is calculated as `StorageCapacity` * 3 * `HAPairs` (3 IOPS per GB of `StorageCapacity` ). The maximum value is calculated as 200,000 * `HAPairs` .\n\nAmazon FSx responds with an HTTP status code 400 (Bad Request) if the value of `Iops` is outside of the minimum or maximum values.", - "title": "Iops", - "type": "number" }, - "Mode": { - "markdownDescription": "Specifies whether the file system is using the `AUTOMATIC` setting of SSD IOPS of 3 IOPS per GB of storage capacity, or if it using a `USER_PROVISIONED` value.", - "title": "Mode", + "ScanFrequency": { + "markdownDescription": "The frequency that scans are performed at for a private registry. When the `ENHANCED` scan type is specified, the supported scan frequencies are `CONTINUOUS_SCAN` and `SCAN_ON_PUSH` . When the `BASIC` scan type is specified, the `SCAN_ON_PUSH` scan frequency is supported. If scan on push is not specified, then the `MANUAL` scan frequency is set by default.", + "title": "ScanFrequency", "type": "string" } }, + "required": [ + "RepositoryFilters", + "ScanFrequency" + ], "type": "object" }, - "AWS::FSx::FileSystem.LustreConfiguration": { + "AWS::ECR::ReplicationConfiguration": { "additionalProperties": false, "properties": { - "AutoImportPolicy": { - "markdownDescription": "(Optional) When you create your file system, your existing S3 objects appear as file and directory listings. Use this property to choose how Amazon FSx keeps your file and directory listings up to date as you add or modify objects in your linked S3 bucket. `AutoImportPolicy` can have the following values:\n\n- `NONE` - (Default) AutoImport is off. Amazon FSx only updates file and directory listings from the linked S3 bucket when the file system is created. FSx does not update file and directory listings for any new or changed objects after choosing this option.\n- `NEW` - AutoImport is on. Amazon FSx automatically imports directory listings of any new objects added to the linked S3 bucket that do not currently exist in the FSx file system.\n- `NEW_CHANGED` - AutoImport is on. Amazon FSx automatically imports file and directory listings of any new objects added to the S3 bucket and any existing objects that are changed in the S3 bucket after you choose this option.\n- `NEW_CHANGED_DELETED` - AutoImport is on. Amazon FSx automatically imports file and directory listings of any new objects added to the S3 bucket, any existing objects that are changed in the S3 bucket, and any objects that were deleted in the S3 bucket.\n\nFor more information, see [Automatically import updates from your S3 bucket](https://docs.aws.amazon.com/fsx/latest/LustreGuide/autoimport-data-repo.html) .\n\n> This parameter is not supported for Lustre file systems with a data repository association.", - "title": "AutoImportPolicy", - "type": "string" - }, - "AutomaticBackupRetentionDays": { - "markdownDescription": "The number of days to retain automatic backups. Setting this property to `0` disables automatic backups. You can retain automatic backups for a maximum of 90 days. The default is `0` .", - "title": "AutomaticBackupRetentionDays", - "type": "number" - }, - "CopyTagsToBackups": { - "markdownDescription": "(Optional) Not available for use with file systems that are linked to a data repository. A boolean flag indicating whether tags for the file system should be copied to backups. The default value is false. If `CopyTagsToBackups` is set to true, all file system tags are copied to all automatic and user-initiated backups when the user doesn't specify any backup-specific tags. If `CopyTagsToBackups` is set to true and you specify one or more backup tags, only the specified tags are copied to backups. If you specify one or more tags when creating a user-initiated backup, no tags are copied from the file system, regardless of this value.\n\n(Default = `false` )\n\nFor more information, see [Working with backups](https://docs.aws.amazon.com/fsx/latest/LustreGuide/using-backups-fsx.html) in the *Amazon FSx for Lustre User Guide* .", - "title": "CopyTagsToBackups", - "type": "boolean" - }, - "DailyAutomaticBackupStartTime": { - "markdownDescription": "A recurring daily time, in the format `HH:MM` . `HH` is the zero-padded hour of the day (0-23), and `MM` is the zero-padded minute of the hour. For example, `05:00` specifies 5 AM daily.", - "title": "DailyAutomaticBackupStartTime", + "Condition": { "type": "string" }, - "DataCompressionType": { - "markdownDescription": "Sets the data compression configuration for the file system. `DataCompressionType` can have the following values:\n\n- `NONE` - (Default) Data compression is turned off when the file system is created.\n- `LZ4` - Data compression is turned on with the LZ4 algorithm.\n\nFor more information, see [Lustre data compression](https://docs.aws.amazon.com/fsx/latest/LustreGuide/data-compression.html) in the *Amazon FSx for Lustre User Guide* .", - "title": "DataCompressionType", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "DeploymentType": { - "markdownDescription": "(Optional) Choose `SCRATCH_1` and `SCRATCH_2` deployment types when you need temporary storage and shorter-term processing of data. The `SCRATCH_2` deployment type provides in-transit encryption of data and higher burst throughput capacity than `SCRATCH_1` .\n\nChoose `PERSISTENT_1` for longer-term storage and for throughput-focused workloads that aren\u2019t latency-sensitive. `PERSISTENT_1` supports encryption of data in transit, and is available in all AWS Regions in which FSx for Lustre is available.\n\nChoose `PERSISTENT_2` for longer-term storage and for latency-sensitive workloads that require the highest levels of IOPS/throughput. `PERSISTENT_2` supports the SSD and Intelligent-Tiering storage classes. You can optionally specify a metadata configuration mode for `PERSISTENT_2` which supports increasing metadata performance. `PERSISTENT_2` is available in a limited number of AWS Regions . For more information, and an up-to-date list of AWS Regions in which `PERSISTENT_2` is available, see [Deployment and storage class options for FSx for Lustre file systems](https://docs.aws.amazon.com/fsx/latest/LustreGuide/using-fsx-lustre.html) in the *Amazon FSx for Lustre User Guide* .\n\n> If you choose `PERSISTENT_2` , and you set `FileSystemTypeVersion` to `2.10` , the `CreateFileSystem` operation fails. \n\nEncryption of data in transit is automatically turned on when you access `SCRATCH_2` , `PERSISTENT_1` , and `PERSISTENT_2` file systems from Amazon EC2 instances that support automatic encryption in the AWS Regions where they are available. For more information about encryption in transit for FSx for Lustre file systems, see [Encrypting data in transit](https://docs.aws.amazon.com/fsx/latest/LustreGuide/encryption-in-transit-fsxl.html) in the *Amazon FSx for Lustre User Guide* .\n\n(Default = `SCRATCH_1` )", - "title": "DeploymentType", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "DriveCacheType": { - "markdownDescription": "The type of drive cache used by `PERSISTENT_1` file systems that are provisioned with HDD storage devices. This parameter is required when storage type is HDD. Set this property to `READ` to improve the performance for frequently accessed files by caching up to 20% of the total storage capacity of the file system.\n\nThis parameter is required when `StorageType` is set to `HDD` and `DeploymentType` is `PERSISTENT_1` .", - "title": "DriveCacheType", - "type": "string" + "Metadata": { + "type": "object" }, - "ExportPath": { - "markdownDescription": "(Optional) Specifies the path in the Amazon S3 bucket where the root of your Amazon FSx file system is exported. The path must use the same Amazon S3 bucket as specified in ImportPath. You can provide an optional prefix to which new and changed data is to be exported from your Amazon FSx for Lustre file system. If an `ExportPath` value is not provided, Amazon FSx sets a default export path, `s3://import-bucket/FSxLustre[creation-timestamp]` . The timestamp is in UTC format, for example `s3://import-bucket/FSxLustre20181105T222312Z` .\n\nThe Amazon S3 export bucket must be the same as the import bucket specified by `ImportPath` . If you specify only a bucket name, such as `s3://import-bucket` , you get a 1:1 mapping of file system objects to S3 bucket objects. This mapping means that the input data in S3 is overwritten on export. If you provide a custom prefix in the export path, such as `s3://import-bucket/[custom-optional-prefix]` , Amazon FSx exports the contents of your file system to that export prefix in the Amazon S3 bucket.\n\n> This parameter is not supported for file systems with a data repository association.", - "title": "ExportPath", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "ReplicationConfiguration": { + "$ref": "#/definitions/AWS::ECR::ReplicationConfiguration.ReplicationConfiguration", + "markdownDescription": "The replication configuration for a registry.", + "title": "ReplicationConfiguration" + } + }, + "required": [ + "ReplicationConfiguration" + ], + "type": "object" }, - "ImportPath": { - "markdownDescription": "(Optional) The path to the Amazon S3 bucket (including the optional prefix) that you're using as the data repository for your Amazon FSx for Lustre file system. The root of your FSx for Lustre file system will be mapped to the root of the Amazon S3 bucket you select. An example is `s3://import-bucket/optional-prefix` . If you specify a prefix after the Amazon S3 bucket name, only object keys with that prefix are loaded into the file system.\n\n> This parameter is not supported for Lustre file systems with a data repository association.", - "title": "ImportPath", + "Type": { + "enum": [ + "AWS::ECR::ReplicationConfiguration" + ], "type": "string" }, - "ImportedFileChunkSize": { - "markdownDescription": "(Optional) For files imported from a data repository, this value determines the stripe count and maximum amount of data per file (in MiB) stored on a single physical disk. The maximum number of disks that a single file can be striped across is limited by the total number of disks that make up the file system.\n\nThe default chunk size is 1,024 MiB (1 GiB) and can go as high as 512,000 MiB (500 GiB). Amazon S3 objects have a maximum size of 5 TB.\n\n> This parameter is not supported for Lustre file systems with a data repository association.", - "title": "ImportedFileChunkSize", - "type": "number" - }, - "PerUnitStorageThroughput": { - "markdownDescription": "Required with `PERSISTENT_1` and `PERSISTENT_2` deployment types, provisions the amount of read and write throughput for each 1 tebibyte (TiB) of file system storage capacity, in MB/s/TiB. File system throughput capacity is calculated by multiplying \ufb01le system storage capacity (TiB) by the `PerUnitStorageThroughput` (MB/s/TiB). For a 2.4-TiB \ufb01le system, provisioning 50 MB/s/TiB of `PerUnitStorageThroughput` yields 120 MB/s of \ufb01le system throughput. You pay for the amount of throughput that you provision.\n\nValid values:\n\n- For `PERSISTENT_1` SSD storage: 50, 100, 200 MB/s/TiB.\n- For `PERSISTENT_1` HDD storage: 12, 40 MB/s/TiB.\n- For `PERSISTENT_2` SSD storage: 125, 250, 500, 1000 MB/s/TiB.", - "title": "PerUnitStorageThroughput", - "type": "number" - }, - "WeeklyMaintenanceStartTime": { - "markdownDescription": "The preferred start time to perform weekly maintenance, formatted d:HH:MM in the UTC time zone, where d is the weekday number, from 1 through 7, beginning with Monday and ending with Sunday.\n\nFor example, `1:05:00` specifies maintenance at 5 AM Monday.", - "title": "WeeklyMaintenanceStartTime", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::FSx::FileSystem.NfsExports": { - "additionalProperties": false, - "properties": { - "ClientConfigurations": { - "items": { - "$ref": "#/definitions/AWS::FSx::FileSystem.ClientConfigurations" - }, - "markdownDescription": "A list of configuration objects that contain the client and options for mounting the OpenZFS file system.", - "title": "ClientConfigurations", - "type": "array" - } - }, - "type": "object" - }, - "AWS::FSx::FileSystem.OntapConfiguration": { + "AWS::ECR::ReplicationConfiguration.ReplicationConfiguration": { "additionalProperties": false, "properties": { - "AutomaticBackupRetentionDays": { - "markdownDescription": "The number of days to retain automatic backups. Setting this property to `0` disables automatic backups. You can retain automatic backups for a maximum of 90 days. The default is `30` .", - "title": "AutomaticBackupRetentionDays", - "type": "number" - }, - "DailyAutomaticBackupStartTime": { - "markdownDescription": "A recurring daily time, in the format `HH:MM` . `HH` is the zero-padded hour of the day (0-23), and `MM` is the zero-padded minute of the hour. For example, `05:00` specifies 5 AM daily.", - "title": "DailyAutomaticBackupStartTime", - "type": "string" - }, - "DeploymentType": { - "markdownDescription": "Specifies the FSx for ONTAP file system deployment type to use in creating the file system.\n\n- `MULTI_AZ_1` - A high availability file system configured for Multi-AZ redundancy to tolerate temporary Availability Zone (AZ) unavailability. This is a first-generation FSx for ONTAP file system.\n- `MULTI_AZ_2` - A high availability file system configured for Multi-AZ redundancy to tolerate temporary AZ unavailability. This is a second-generation FSx for ONTAP file system.\n- `SINGLE_AZ_1` - A file system configured for Single-AZ redundancy. This is a first-generation FSx for ONTAP file system.\n- `SINGLE_AZ_2` - A file system configured with multiple high-availability (HA) pairs for Single-AZ redundancy. This is a second-generation FSx for ONTAP file system.\n\nFor information about the use cases for Multi-AZ and Single-AZ deployments, refer to [Choosing a file system deployment type](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/high-availability-AZ.html) .", - "title": "DeploymentType", - "type": "string" - }, - "DiskIopsConfiguration": { - "$ref": "#/definitions/AWS::FSx::FileSystem.DiskIopsConfiguration", - "markdownDescription": "The SSD IOPS configuration for the FSx for ONTAP file system.", - "title": "DiskIopsConfiguration" - }, - "EndpointIpAddressRange": { - "markdownDescription": "(Multi-AZ only) Specifies the IP address range in which the endpoints to access your file system will be created. By default in the Amazon FSx API, Amazon FSx selects an unused IP address range for you from the 198.19.* range. By default in the Amazon FSx console, Amazon FSx chooses the last 64 IP addresses from the VPC\u2019s primary CIDR range to use as the endpoint IP address range for the file system. You can have overlapping endpoint IP addresses for file systems deployed in the same VPC/route tables, as long as they don't overlap with any subnet.", - "title": "EndpointIpAddressRange", - "type": "string" - }, - "FsxAdminPassword": { - "markdownDescription": "The ONTAP administrative password for the `fsxadmin` user with which you administer your file system using the NetApp ONTAP CLI and REST API.", - "title": "FsxAdminPassword", - "type": "string" - }, - "HAPairs": { - "markdownDescription": "Specifies how many high-availability (HA) pairs of file servers will power your file system. First-generation file systems are powered by 1 HA pair. Second-generation multi-AZ file systems are powered by 1 HA pair. Second generation single-AZ file systems are powered by up to 12 HA pairs. The default value is 1. The value of this property affects the values of `StorageCapacity` , `Iops` , and `ThroughputCapacity` . For more information, see [High-availability (HA) pairs](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/administering-file-systems.html#HA-pairs) in the FSx for ONTAP user guide. Block storage protocol support (iSCSI and NVMe over TCP) is disabled on file systems with more than 6 HA pairs. For more information, see [Using block storage protocols](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/supported-fsx-clients.html#using-block-storage) .\n\nAmazon FSx responds with an HTTP status code 400 (Bad Request) for the following conditions:\n\n- The value of `HAPairs` is less than 1 or greater than 12.\n- The value of `HAPairs` is greater than 1 and the value of `DeploymentType` is `SINGLE_AZ_1` , `MULTI_AZ_1` , or `MULTI_AZ_2` .", - "title": "HAPairs", - "type": "number" - }, - "PreferredSubnetId": { - "markdownDescription": "Required when `DeploymentType` is set to `MULTI_AZ_1` or `MULTI_AZ_2` . This specifies the subnet in which you want the preferred file server to be located.", - "title": "PreferredSubnetId", - "type": "string" - }, - "RouteTableIds": { + "Rules": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::ECR::ReplicationConfiguration.ReplicationRule" }, - "markdownDescription": "(Multi-AZ only) Specifies the route tables in which Amazon FSx creates the rules for routing traffic to the correct file server. You should specify all virtual private cloud (VPC) route tables associated with the subnets in which your clients are located. By default, Amazon FSx selects your VPC's default route table.\n\n> Amazon FSx manages these route tables for Multi-AZ file systems using tag-based authentication. These route tables are tagged with `Key: AmazonFSx; Value: ManagedByAmazonFSx` . When creating FSx for ONTAP Multi-AZ file systems using AWS CloudFormation we recommend that you add the `Key: AmazonFSx; Value: ManagedByAmazonFSx` tag manually.", - "title": "RouteTableIds", + "markdownDescription": "An array of objects representing the replication destinations and repository filters for a replication configuration.", + "title": "Rules", "type": "array" - }, - "ThroughputCapacity": { - "markdownDescription": "Sets the throughput capacity for the file system that you're creating in megabytes per second (MBps). For more information, see [Managing throughput capacity](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-throughput-capacity.html) in the FSx for ONTAP User Guide.\n\nAmazon FSx responds with an HTTP status code 400 (Bad Request) for the following conditions:\n\n- The value of `ThroughputCapacity` and `ThroughputCapacityPerHAPair` are not the same value.\n- The value of `ThroughputCapacity` when divided by the value of `HAPairs` is outside of the valid range for `ThroughputCapacity` .", - "title": "ThroughputCapacity", - "type": "number" - }, - "ThroughputCapacityPerHAPair": { - "markdownDescription": "Use to choose the throughput capacity per HA pair, rather than the total throughput for the file system.\n\nYou can define either the `ThroughputCapacityPerHAPair` or the `ThroughputCapacity` when creating a file system, but not both.\n\nThis field and `ThroughputCapacity` are the same for file systems powered by one HA pair.\n\n- For `SINGLE_AZ_1` and `MULTI_AZ_1` file systems, valid values are 128, 256, 512, 1024, 2048, or 4096 MBps.\n- For `SINGLE_AZ_2` , valid values are 1536, 3072, or 6144 MBps.\n- For `MULTI_AZ_2` , valid values are 384, 768, 1536, 3072, or 6144 MBps.\n\nAmazon FSx responds with an HTTP status code 400 (Bad Request) for the following conditions:\n\n- The value of `ThroughputCapacity` and `ThroughputCapacityPerHAPair` are not the same value for file systems with one HA pair.\n- The value of deployment type is `SINGLE_AZ_2` and `ThroughputCapacity` / `ThroughputCapacityPerHAPair` is not a valid HA pair (a value between 1 and 12).\n- The value of `ThroughputCapacityPerHAPair` is not a valid value.", - "title": "ThroughputCapacityPerHAPair", - "type": "number" - }, - "WeeklyMaintenanceStartTime": { - "markdownDescription": "The preferred start time to perform weekly maintenance, formatted d:HH:MM in the UTC time zone, where d is the weekday number, from 1 through 7, beginning with Monday and ending with Sunday.\n\nFor example, `1:05:00` specifies maintenance at 5 AM Monday.", - "title": "WeeklyMaintenanceStartTime", - "type": "string" } }, "required": [ - "DeploymentType" + "Rules" ], "type": "object" }, - "AWS::FSx::FileSystem.OpenZFSConfiguration": { + "AWS::ECR::ReplicationConfiguration.ReplicationDestination": { "additionalProperties": false, "properties": { - "AutomaticBackupRetentionDays": { - "markdownDescription": "The number of days to retain automatic backups. Setting this property to `0` disables automatic backups. You can retain automatic backups for a maximum of 90 days. The default is `30` .", - "title": "AutomaticBackupRetentionDays", - "type": "number" - }, - "CopyTagsToBackups": { - "markdownDescription": "A Boolean value indicating whether tags for the file system should be copied to backups. This value defaults to `false` . If it's set to `true` , all tags for the file system are copied to all automatic and user-initiated backups where the user doesn't specify tags. If this value is `true` , and you specify one or more tags, only the specified tags are copied to backups. If you specify one or more tags when creating a user-initiated backup, no tags are copied from the file system, regardless of this value.", - "title": "CopyTagsToBackups", - "type": "boolean" - }, - "CopyTagsToVolumes": { - "markdownDescription": "A Boolean value indicating whether tags for the file system should be copied to volumes. This value defaults to `false` . If it's set to `true` , all tags for the file system are copied to volumes where the user doesn't specify tags. If this value is `true` , and you specify one or more tags, only the specified tags are copied to volumes. If you specify one or more tags when creating the volume, no tags are copied from the file system, regardless of this value.", - "title": "CopyTagsToVolumes", - "type": "boolean" - }, - "DailyAutomaticBackupStartTime": { - "markdownDescription": "A recurring daily time, in the format `HH:MM` . `HH` is the zero-padded hour of the day (0-23), and `MM` is the zero-padded minute of the hour. For example, `05:00` specifies 5 AM daily.", - "title": "DailyAutomaticBackupStartTime", - "type": "string" - }, - "DeploymentType": { - "markdownDescription": "Specifies the file system deployment type. Valid values are the following:\n\n- `MULTI_AZ_1` - Creates file systems with high availability and durability by replicating your data and supporting failover across multiple Availability Zones in the same AWS Region .\n- `SINGLE_AZ_HA_2` - Creates file systems with high availability and throughput capacities of 160 - 10,240 MB/s using an NVMe L2ARC cache by deploying a primary and standby file system within the same Availability Zone.\n- `SINGLE_AZ_HA_1` - Creates file systems with high availability and throughput capacities of 64 - 4,096 MB/s by deploying a primary and standby file system within the same Availability Zone.\n- `SINGLE_AZ_2` - Creates file systems with throughput capacities of 160 - 10,240 MB/s using an NVMe L2ARC cache that automatically recover within a single Availability Zone.\n- `SINGLE_AZ_1` - Creates file systems with throughput capacities of 64 - 4,096 MBs that automatically recover within a single Availability Zone.\n\nFor a list of which AWS Regions each deployment type is available in, see [Deployment type availability](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/availability-durability.html#available-aws-regions) . For more information on the differences in performance between deployment types, see [File system performance](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/performance.html#zfs-fs-performance) in the *Amazon FSx for OpenZFS User Guide* .", - "title": "DeploymentType", - "type": "string" - }, - "DiskIopsConfiguration": { - "$ref": "#/definitions/AWS::FSx::FileSystem.DiskIopsConfiguration", - "markdownDescription": "The SSD IOPS (input/output operations per second) configuration for an Amazon FSx for NetApp ONTAP, Amazon FSx for Windows File Server, or FSx for OpenZFS file system. By default, Amazon FSx automatically provisions 3 IOPS per GB of storage capacity. You can provision additional IOPS per GB of storage. The configuration consists of the total number of provisioned SSD IOPS and how it is was provisioned, or the mode (by the customer or by Amazon FSx).", - "title": "DiskIopsConfiguration" - }, - "EndpointIpAddressRange": { - "markdownDescription": "(Multi-AZ only) Specifies the IP address range in which the endpoints to access your file system will be created. By default in the Amazon FSx API and Amazon FSx console, Amazon FSx selects an available /28 IP address range for you from one of the VPC's CIDR ranges. You can have overlapping endpoint IP addresses for file systems deployed in the same VPC/route tables, as long as they don't overlap with any subnet.", - "title": "EndpointIpAddressRange", - "type": "string" - }, - "Options": { - "items": { - "type": "string" - }, - "markdownDescription": "To delete a file system if there are child volumes present below the root volume, use the string `DELETE_CHILD_VOLUMES_AND_SNAPSHOTS` . If your file system has child volumes and you don't use this option, the delete request will fail.", - "title": "Options", - "type": "array" - }, - "PreferredSubnetId": { - "markdownDescription": "Required when `DeploymentType` is set to `MULTI_AZ_1` . This specifies the subnet in which you want the preferred file server to be located.", - "title": "PreferredSubnetId", + "Region": { + "markdownDescription": "The Region to replicate to.", + "title": "Region", "type": "string" }, - "RootVolumeConfiguration": { - "$ref": "#/definitions/AWS::FSx::FileSystem.RootVolumeConfiguration", - "markdownDescription": "The configuration Amazon FSx uses when creating the root value of the Amazon FSx for OpenZFS file system. All volumes are children of the root volume.", - "title": "RootVolumeConfiguration" - }, - "RouteTableIds": { - "items": { - "type": "string" - }, - "markdownDescription": "(Multi-AZ only) Specifies the route tables in which Amazon FSx creates the rules for routing traffic to the correct file server. You should specify all virtual private cloud (VPC) route tables associated with the subnets in which your clients are located. By default, Amazon FSx selects your VPC's default route table.", - "title": "RouteTableIds", - "type": "array" - }, - "ThroughputCapacity": { - "markdownDescription": "Specifies the throughput of an Amazon FSx for OpenZFS file system, measured in megabytes per second (MBps). Valid values depend on the `DeploymentType` that you choose, as follows:\n\n- For `MULTI_AZ_1` and `SINGLE_AZ_2` , valid values are 160, 320, 640, 1280, 2560, 3840, 5120, 7680, or 10240 MBps.\n- For `SINGLE_AZ_1` , valid values are 64, 128, 256, 512, 1024, 2048, 3072, or 4096 MBps.\n\nYou pay for additional throughput capacity that you provision.", - "title": "ThroughputCapacity", - "type": "number" - }, - "WeeklyMaintenanceStartTime": { - "markdownDescription": "The preferred start time to perform weekly maintenance, formatted d:HH:MM in the UTC time zone, where d is the weekday number, from 1 through 7, beginning with Monday and ending with Sunday.\n\nFor example, `1:05:00` specifies maintenance at 5 AM Monday.", - "title": "WeeklyMaintenanceStartTime", + "RegistryId": { + "markdownDescription": "The AWS account ID of the Amazon ECR private registry to replicate to. When configuring cross-Region replication within your own registry, specify your own account ID.", + "title": "RegistryId", "type": "string" } }, "required": [ - "DeploymentType" + "Region", + "RegistryId" ], "type": "object" }, - "AWS::FSx::FileSystem.RootVolumeConfiguration": { + "AWS::ECR::ReplicationConfiguration.ReplicationRule": { "additionalProperties": false, "properties": { - "CopyTagsToSnapshots": { - "markdownDescription": "A Boolean value indicating whether tags for the volume should be copied to snapshots of the volume. This value defaults to `false` . If it's set to `true` , all tags for the volume are copied to snapshots where the user doesn't specify tags. If this value is `true` and you specify one or more tags, only the specified tags are copied to snapshots. If you specify one or more tags when creating the snapshot, no tags are copied from the volume, regardless of this value.", - "title": "CopyTagsToSnapshots", - "type": "boolean" - }, - "DataCompressionType": { - "markdownDescription": "Specifies the method used to compress the data on the volume. The compression type is `NONE` by default.\n\n- `NONE` - Doesn't compress the data on the volume. `NONE` is the default.\n- `ZSTD` - Compresses the data in the volume using the Zstandard (ZSTD) compression algorithm. Compared to LZ4, Z-Standard provides a better compression ratio to minimize on-disk storage utilization.\n- `LZ4` - Compresses the data in the volume using the LZ4 compression algorithm. Compared to Z-Standard, LZ4 is less compute-intensive and delivers higher write throughput speeds.", - "title": "DataCompressionType", - "type": "string" - }, - "NfsExports": { + "Destinations": { "items": { - "$ref": "#/definitions/AWS::FSx::FileSystem.NfsExports" + "$ref": "#/definitions/AWS::ECR::ReplicationConfiguration.ReplicationDestination" }, - "markdownDescription": "The configuration object for mounting a file system.", - "title": "NfsExports", + "markdownDescription": "An array of objects representing the destination for a replication rule.", + "title": "Destinations", "type": "array" }, - "ReadOnly": { - "markdownDescription": "A Boolean value indicating whether the volume is read-only. Setting this value to `true` can be useful after you have completed changes to a volume and no longer want changes to occur.", - "title": "ReadOnly", - "type": "boolean" - }, - "RecordSizeKiB": { - "markdownDescription": "Specifies the record size of an OpenZFS root volume, in kibibytes (KiB). Valid values are 4, 8, 16, 32, 64, 128, 256, 512, or 1024 KiB. The default is 128 KiB. Most workloads should use the default record size. Database workflows can benefit from a smaller record size, while streaming workflows can benefit from a larger record size. For additional guidance on setting a custom record size, see [Tips for maximizing performance](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/performance.html#performance-tips-zfs) in the *Amazon FSx for OpenZFS User Guide* .", - "title": "RecordSizeKiB", - "type": "number" - }, - "UserAndGroupQuotas": { - "items": { - "$ref": "#/definitions/AWS::FSx::FileSystem.UserAndGroupQuotas" - }, - "markdownDescription": "An object specifying how much storage users or groups can use on the volume.", - "title": "UserAndGroupQuotas", - "type": "array" - } - }, - "type": "object" - }, - "AWS::FSx::FileSystem.SelfManagedActiveDirectoryConfiguration": { - "additionalProperties": false, - "properties": { - "DnsIps": { + "RepositoryFilters": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::ECR::ReplicationConfiguration.RepositoryFilter" }, - "markdownDescription": "A list of up to three IP addresses of DNS servers or domain controllers in the self-managed AD directory.", - "title": "DnsIps", + "markdownDescription": "An array of objects representing the filters for a replication rule. Specifying a repository filter for a replication rule provides a method for controlling which repositories in a private registry are replicated.", + "title": "RepositoryFilters", "type": "array" - }, - "DomainName": { - "markdownDescription": "The fully qualified domain name of the self-managed AD directory, such as `corp.example.com` .", - "title": "DomainName", - "type": "string" - }, - "FileSystemAdministratorsGroup": { - "markdownDescription": "(Optional) The name of the domain group whose members are granted administrative privileges for the file system. Administrative privileges include taking ownership of files and folders, setting audit controls (audit ACLs) on files and folders, and administering the file system remotely by using the FSx Remote PowerShell. The group that you specify must already exist in your domain. If you don't provide one, your AD domain's Domain Admins group is used.", - "title": "FileSystemAdministratorsGroup", - "type": "string" - }, - "OrganizationalUnitDistinguishedName": { - "markdownDescription": "(Optional) The fully qualified distinguished name of the organizational unit within your self-managed AD directory. Amazon FSx only accepts OU as the direct parent of the file system. An example is `OU=FSx,DC=yourdomain,DC=corp,DC=com` . To learn more, see [RFC 2253](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc2253) . If none is provided, the FSx file system is created in the default location of your self-managed AD directory.\n\n> Only Organizational Unit (OU) objects can be the direct parent of the file system that you're creating.", - "title": "OrganizationalUnitDistinguishedName", - "type": "string" - }, - "Password": { - "markdownDescription": "The password for the service account on your self-managed AD domain that Amazon FSx will use to join to your AD domain.", - "title": "Password", - "type": "string" - }, - "UserName": { - "markdownDescription": "The user name for the service account on your self-managed AD domain that Amazon FSx will use to join to your AD domain. This account must have the permission to join computers to the domain in the organizational unit provided in `OrganizationalUnitDistinguishedName` , or in the default location of your AD domain.", - "title": "UserName", - "type": "string" - } - }, - "type": "object" - }, - "AWS::FSx::FileSystem.UserAndGroupQuotas": { - "additionalProperties": false, - "properties": { - "Id": { - "markdownDescription": "The ID of the user or group that the quota applies to.", - "title": "Id", - "type": "number" - }, - "StorageCapacityQuotaGiB": { - "markdownDescription": "The user or group's storage quota, in gibibytes (GiB).", - "title": "StorageCapacityQuotaGiB", - "type": "number" - }, - "Type": { - "markdownDescription": "Specifies whether the quota applies to a user or group.", - "title": "Type", - "type": "string" } }, + "required": [ + "Destinations" + ], "type": "object" }, - "AWS::FSx::FileSystem.WindowsConfiguration": { + "AWS::ECR::ReplicationConfiguration.RepositoryFilter": { "additionalProperties": false, "properties": { - "ActiveDirectoryId": { - "markdownDescription": "The ID for an existing AWS Managed Microsoft Active Directory (AD) instance that the file system should join when it's created. Required if you are joining the file system to an existing AWS Managed Microsoft AD.", - "title": "ActiveDirectoryId", - "type": "string" - }, - "Aliases": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of one or more DNS alias names that you want to associate with the Amazon FSx file system. Aliases allow you to use existing DNS names to access the data in your Amazon FSx file system. You can associate up to 50 aliases with a file system at any time.\n\nFor more information, see [Working with DNS Aliases](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/managing-dns-aliases.html) and [Walkthrough 5: Using DNS aliases to access your file system](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/walkthrough05-file-system-custom-CNAME.html) , including additional steps you must take to be able to access your file system using a DNS alias.\n\nAn alias name has to meet the following requirements:\n\n- Formatted as a fully-qualified domain name (FQDN), `hostname.domain` , for example, `accounting.example.com` .\n- Can contain alphanumeric characters, the underscore (_), and the hyphen (-).\n- Cannot start or end with a hyphen.\n- Can start with a numeric.\n\nFor DNS alias names, Amazon FSx stores alphabetical characters as lowercase letters (a-z), regardless of how you specify them: as uppercase letters, lowercase letters, or the corresponding letters in escape codes.", - "title": "Aliases", - "type": "array" - }, - "AuditLogConfiguration": { - "$ref": "#/definitions/AWS::FSx::FileSystem.AuditLogConfiguration", - "markdownDescription": "The configuration that Amazon FSx for Windows File Server uses to audit and log user accesses of files, folders, and file shares on the Amazon FSx for Windows File Server file system.", - "title": "AuditLogConfiguration" - }, - "AutomaticBackupRetentionDays": { - "markdownDescription": "The number of days to retain automatic backups. Setting this property to `0` disables automatic backups. You can retain automatic backups for a maximum of 90 days. The default is `30` .", - "title": "AutomaticBackupRetentionDays", - "type": "number" - }, - "CopyTagsToBackups": { - "markdownDescription": "A boolean flag indicating whether tags for the file system should be copied to backups. This value defaults to false. If it's set to true, all tags for the file system are copied to all automatic and user-initiated backups where the user doesn't specify tags. If this value is true, and you specify one or more tags, only the specified tags are copied to backups. If you specify one or more tags when creating a user-initiated backup, no tags are copied from the file system, regardless of this value.", - "title": "CopyTagsToBackups", - "type": "boolean" - }, - "DailyAutomaticBackupStartTime": { - "markdownDescription": "A recurring daily time, in the format `HH:MM` . `HH` is the zero-padded hour of the day (0-23), and `MM` is the zero-padded minute of the hour. For example, `05:00` specifies 5 AM daily.", - "title": "DailyAutomaticBackupStartTime", - "type": "string" - }, - "DeploymentType": { - "markdownDescription": "Specifies the file system deployment type, valid values are the following:\n\n- `MULTI_AZ_1` - Deploys a high availability file system that is configured for Multi-AZ redundancy to tolerate temporary Availability Zone (AZ) unavailability. You can only deploy a Multi-AZ file system in AWS Regions that have a minimum of three Availability Zones. Also supports HDD storage type\n- `SINGLE_AZ_1` - (Default) Choose to deploy a file system that is configured for single AZ redundancy.\n- `SINGLE_AZ_2` - The latest generation Single AZ file system. Specifies a file system that is configured for single AZ redundancy and supports HDD storage type.\n\nFor more information, see [Availability and Durability: Single-AZ and Multi-AZ File Systems](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/high-availability-multiAZ.html) .", - "title": "DeploymentType", - "type": "string" - }, - "DiskIopsConfiguration": { - "$ref": "#/definitions/AWS::FSx::FileSystem.DiskIopsConfiguration", - "markdownDescription": "The SSD IOPS (input/output operations per second) configuration for an Amazon FSx for Windows file system. By default, Amazon FSx automatically provisions 3 IOPS per GiB of storage capacity. You can provision additional IOPS per GiB of storage, up to the maximum limit associated with your chosen throughput capacity.", - "title": "DiskIopsConfiguration" - }, - "PreferredSubnetId": { - "markdownDescription": "Required when `DeploymentType` is set to `MULTI_AZ_1` . This specifies the subnet in which you want the preferred file server to be located. For in- AWS applications, we recommend that you launch your clients in the same availability zone as your preferred file server to reduce cross-availability zone data transfer costs and minimize latency.", - "title": "PreferredSubnetId", + "Filter": { + "markdownDescription": "The repository filter details. When the `PREFIX_MATCH` filter type is specified, this value is required and should be the repository name prefix to configure replication for.", + "title": "Filter", "type": "string" }, - "SelfManagedActiveDirectoryConfiguration": { - "$ref": "#/definitions/AWS::FSx::FileSystem.SelfManagedActiveDirectoryConfiguration", - "markdownDescription": "The configuration that Amazon FSx uses to join a FSx for Windows File Server file system or an FSx for ONTAP storage virtual machine (SVM) to a self-managed (including on-premises) Microsoft Active Directory (AD) directory. For more information, see [Using Amazon FSx for Windows with your self-managed Microsoft Active Directory](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/self-managed-AD.html) or [Managing FSx for ONTAP SVMs](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-svms.html) .", - "title": "SelfManagedActiveDirectoryConfiguration" - }, - "ThroughputCapacity": { - "markdownDescription": "Sets the throughput capacity of an Amazon FSx file system, measured in megabytes per second (MB/s), in 2 to the *n* th increments, between 2^3 (8) and 2^11 (2048).\n\n> To increase storage capacity, a file system must have a minimum throughput capacity of 16 MB/s.", - "title": "ThroughputCapacity", - "type": "number" - }, - "WeeklyMaintenanceStartTime": { - "markdownDescription": "The preferred start time to perform weekly maintenance, formatted d:HH:MM in the UTC time zone, where d is the weekday number, from 1 through 7, beginning with Monday and ending with Sunday.", - "title": "WeeklyMaintenanceStartTime", + "FilterType": { + "markdownDescription": "The repository filter type. The only supported value is `PREFIX_MATCH` , which is a repository name prefix specified with the `filter` parameter.", + "title": "FilterType", "type": "string" } }, "required": [ - "ThroughputCapacity" + "Filter", + "FilterType" ], "type": "object" }, - "AWS::FSx::Snapshot": { + "AWS::ECR::Repository": { "additionalProperties": false, "properties": { "Condition": { @@ -100385,34 +103917,55 @@ "Properties": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the snapshot.", - "title": "Name", + "EmptyOnDelete": { + "markdownDescription": "If true, deleting the repository force deletes the contents of the repository. If false, the repository must be empty before attempting to delete it.", + "title": "EmptyOnDelete", + "type": "boolean" + }, + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::ECR::Repository.EncryptionConfiguration", + "markdownDescription": "The encryption configuration for the repository. This determines how the contents of your repository are encrypted at rest.", + "title": "EncryptionConfiguration" + }, + "ImageScanningConfiguration": { + "$ref": "#/definitions/AWS::ECR::Repository.ImageScanningConfiguration", + "markdownDescription": "The image scanning configuration for the repository. This determines whether images are scanned for known vulnerabilities after being pushed to the repository.", + "title": "ImageScanningConfiguration" + }, + "ImageTagMutability": { + "markdownDescription": "The tag mutability setting for the repository. If this parameter is omitted, the default setting of `MUTABLE` will be used which will allow image tags to be overwritten. If `IMMUTABLE` is specified, all image tags within the repository will be immutable which will prevent them from being overwritten.", + "title": "ImageTagMutability", + "type": "string" + }, + "LifecyclePolicy": { + "$ref": "#/definitions/AWS::ECR::Repository.LifecyclePolicy", + "markdownDescription": "Creates or updates a lifecycle policy. For information about lifecycle policy syntax, see [Lifecycle policy template](https://docs.aws.amazon.com/AmazonECR/latest/userguide/LifecyclePolicies.html) .", + "title": "LifecyclePolicy" + }, + "RepositoryName": { + "markdownDescription": "The name to use for the repository. The repository name may be specified on its own (such as `nginx-web-app` ) or it can be prepended with a namespace to group the repository into a category (such as `project-a/nginx-web-app` ). If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the repository name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nThe repository name must start with a letter and can only contain lowercase letters, numbers, hyphens, underscores, and forward slashes.\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "RepositoryName", "type": "string" }, + "RepositoryPolicyText": { + "markdownDescription": "The JSON repository policy text to apply to the repository. For more information, see [Amazon ECR repository policies](https://docs.aws.amazon.com/AmazonECR/latest/userguide/repository-policy-examples.html) in the *Amazon Elastic Container Registry User Guide* .", + "title": "RepositoryPolicyText", + "type": "object" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of `Tag` values, with a maximum of 50 elements.", + "markdownDescription": "An array of key-value pairs to apply to this resource.", "title": "Tags", "type": "array" - }, - "VolumeId": { - "markdownDescription": "The ID of the volume that the snapshot is of.", - "title": "VolumeId", - "type": "string" } }, - "required": [ - "Name", - "VolumeId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::FSx::Snapshot" + "AWS::ECR::Repository" ], "type": "string" }, @@ -100426,12 +103979,57 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::FSx::StorageVirtualMachine": { + "AWS::ECR::Repository.EncryptionConfiguration": { + "additionalProperties": false, + "properties": { + "EncryptionType": { + "markdownDescription": "The encryption type to use.\n\nIf you use the `KMS` encryption type, the contents of the repository will be encrypted using server-side encryption with AWS Key Management Service key stored in AWS KMS . When you use AWS KMS to encrypt your data, you can either use the default AWS managed AWS KMS key for Amazon ECR, or specify your own AWS KMS key, which you already created.\n\nIf you use the `KMS_DSSE` encryption type, the contents of the repository will be encrypted with two layers of encryption using server-side encryption with the AWS KMS Management Service key stored in AWS KMS . Similar to the `KMS` encryption type, you can either use the default AWS managed AWS KMS key for Amazon ECR, or specify your own AWS KMS key, which you've already created.\n\nIf you use the `AES256` encryption type, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts the images in the repository using an AES256 encryption algorithm.\n\nFor more information, see [Amazon ECR encryption at rest](https://docs.aws.amazon.com/AmazonECR/latest/userguide/encryption-at-rest.html) in the *Amazon Elastic Container Registry User Guide* .", + "title": "EncryptionType", + "type": "string" + }, + "KmsKey": { + "markdownDescription": "If you use the `KMS` encryption type, specify the AWS KMS key to use for encryption. The alias, key ID, or full ARN of the AWS KMS key can be specified. The key must exist in the same Region as the repository. If no key is specified, the default AWS managed AWS KMS key for Amazon ECR will be used.", + "title": "KmsKey", + "type": "string" + } + }, + "required": [ + "EncryptionType" + ], + "type": "object" + }, + "AWS::ECR::Repository.ImageScanningConfiguration": { + "additionalProperties": false, + "properties": { + "ScanOnPush": { + "markdownDescription": "The setting that determines whether images are scanned after being pushed to a repository. If set to `true` , images will be scanned after being pushed. If this parameter is not specified, it will default to `false` and images will not be scanned unless a scan is manually started.", + "title": "ScanOnPush", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::ECR::Repository.LifecyclePolicy": { + "additionalProperties": false, + "properties": { + "LifecyclePolicyText": { + "markdownDescription": "The JSON repository policy text to apply to the repository.", + "title": "LifecyclePolicyText", + "type": "string" + }, + "RegistryId": { + "markdownDescription": "The AWS account ID associated with the registry that contains the repository. If you do not specify a registry, the default registry is assumed.", + "title": "RegistryId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ECR::RepositoryCreationTemplate": { "additionalProperties": false, "properties": { "Condition": { @@ -100466,49 +104064,67 @@ "Properties": { "additionalProperties": false, "properties": { - "ActiveDirectoryConfiguration": { - "$ref": "#/definitions/AWS::FSx::StorageVirtualMachine.ActiveDirectoryConfiguration", - "markdownDescription": "Describes the Microsoft Active Directory configuration to which the SVM is joined, if applicable.", - "title": "ActiveDirectoryConfiguration" + "AppliedFor": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of enumerable Strings representing the repository creation scenarios that this template will apply towards. The two supported scenarios are PULL_THROUGH_CACHE and REPLICATION", + "title": "AppliedFor", + "type": "array" }, - "FileSystemId": { - "markdownDescription": "Specifies the FSx for ONTAP file system on which to create the SVM.", - "title": "FileSystemId", + "CustomRoleArn": { + "markdownDescription": "The ARN of the role to be assumed by Amazon ECR. Amazon ECR will assume your supplied role when the customRoleArn is specified. When this field isn't specified, Amazon ECR will use the service-linked role for the repository creation template.", + "title": "CustomRoleArn", "type": "string" }, - "Name": { - "markdownDescription": "The name of the SVM.", - "title": "Name", + "Description": { + "markdownDescription": "The description associated with the repository creation template.", + "title": "Description", "type": "string" }, - "RootVolumeSecurityStyle": { - "markdownDescription": "The security style of the root volume of the SVM. Specify one of the following values:\n\n- `UNIX` if the file system is managed by a UNIX administrator, the majority of users are NFS clients, and an application accessing the data uses a UNIX user as the service account.\n- `NTFS` if the file system is managed by a Microsoft Windows administrator, the majority of users are SMB clients, and an application accessing the data uses a Microsoft Windows user as the service account.\n- `MIXED` This is an advanced setting. For more information, see [Volume security style](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/volume-security-style.html) in the Amazon FSx for NetApp ONTAP User Guide.", - "title": "RootVolumeSecurityStyle", + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::ECR::RepositoryCreationTemplate.EncryptionConfiguration", + "markdownDescription": "The encryption configuration associated with the repository creation template.", + "title": "EncryptionConfiguration" + }, + "ImageTagMutability": { + "markdownDescription": "The tag mutability setting for the repository. If this parameter is omitted, the default setting of `MUTABLE` will be used which will allow image tags to be overwritten. If `IMMUTABLE` is specified, all image tags within the repository will be immutable which will prevent them from being overwritten.", + "title": "ImageTagMutability", "type": "string" }, - "SvmAdminPassword": { - "markdownDescription": "Specifies the password to use when logging on to the SVM using a secure shell (SSH) connection to the SVM's management endpoint. Doing so enables you to manage the SVM using the NetApp ONTAP CLI or REST API. If you do not specify a password, you can still use the file system's `fsxadmin` user to manage the SVM. For more information, see [Managing SVMs using the NetApp ONTAP CLI](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-resources-ontap-apps.html#vsadmin-ontap-cli) in the *FSx for ONTAP User Guide* .", - "title": "SvmAdminPassword", + "LifecyclePolicy": { + "markdownDescription": "The lifecycle policy to use for repositories created using the template.", + "title": "LifecyclePolicy", "type": "string" }, - "Tags": { + "Prefix": { + "markdownDescription": "The repository namespace prefix associated with the repository creation template.", + "title": "Prefix", + "type": "string" + }, + "RepositoryPolicy": { + "markdownDescription": "The repository policy to apply to repositories created using the template. A repository policy is a permissions policy associated with a repository to control access permissions.", + "title": "RepositoryPolicy", + "type": "string" + }, + "ResourceTags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of `Tag` values, with a maximum of 50 elements.", - "title": "Tags", + "markdownDescription": "The metadata to apply to the repository to help you categorize and organize. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.", + "title": "ResourceTags", "type": "array" } }, "required": [ - "FileSystemId", - "Name" + "AppliedFor", + "Prefix" ], "type": "object" }, "Type": { "enum": [ - "AWS::FSx::StorageVirtualMachine" + "AWS::ECR::RepositoryCreationTemplate" ], "type": "string" }, @@ -100527,62 +104143,26 @@ ], "type": "object" }, - "AWS::FSx::StorageVirtualMachine.ActiveDirectoryConfiguration": { - "additionalProperties": false, - "properties": { - "NetBiosName": { - "markdownDescription": "The NetBIOS name of the Active Directory computer object that will be created for your SVM.", - "title": "NetBiosName", - "type": "string" - }, - "SelfManagedActiveDirectoryConfiguration": { - "$ref": "#/definitions/AWS::FSx::StorageVirtualMachine.SelfManagedActiveDirectoryConfiguration", - "markdownDescription": "The configuration that Amazon FSx uses to join the ONTAP storage virtual machine (SVM) to your self-managed (including on-premises) Microsoft Active Directory directory.", - "title": "SelfManagedActiveDirectoryConfiguration" - } - }, - "type": "object" - }, - "AWS::FSx::StorageVirtualMachine.SelfManagedActiveDirectoryConfiguration": { + "AWS::ECR::RepositoryCreationTemplate.EncryptionConfiguration": { "additionalProperties": false, "properties": { - "DnsIps": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of up to three IP addresses of DNS servers or domain controllers in the self-managed AD directory.", - "title": "DnsIps", - "type": "array" - }, - "DomainName": { - "markdownDescription": "The fully qualified domain name of the self-managed AD directory, such as `corp.example.com` .", - "title": "DomainName", - "type": "string" - }, - "FileSystemAdministratorsGroup": { - "markdownDescription": "(Optional) The name of the domain group whose members are granted administrative privileges for the file system. Administrative privileges include taking ownership of files and folders, setting audit controls (audit ACLs) on files and folders, and administering the file system remotely by using the FSx Remote PowerShell. The group that you specify must already exist in your domain. If you don't provide one, your AD domain's Domain Admins group is used.", - "title": "FileSystemAdministratorsGroup", - "type": "string" - }, - "OrganizationalUnitDistinguishedName": { - "markdownDescription": "(Optional) The fully qualified distinguished name of the organizational unit within your self-managed AD directory. Amazon FSx only accepts OU as the direct parent of the file system. An example is `OU=FSx,DC=yourdomain,DC=corp,DC=com` . To learn more, see [RFC 2253](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc2253) . If none is provided, the FSx file system is created in the default location of your self-managed AD directory.\n\n> Only Organizational Unit (OU) objects can be the direct parent of the file system that you're creating.", - "title": "OrganizationalUnitDistinguishedName", - "type": "string" - }, - "Password": { - "markdownDescription": "The password for the service account on your self-managed AD domain that Amazon FSx will use to join to your AD domain.", - "title": "Password", + "EncryptionType": { + "markdownDescription": "The encryption type to use.\n\nIf you use the `KMS` encryption type, the contents of the repository will be encrypted using server-side encryption with AWS Key Management Service key stored in AWS KMS . When you use AWS KMS to encrypt your data, you can either use the default AWS managed AWS KMS key for Amazon ECR, or specify your own AWS KMS key, which you already created.\n\nIf you use the `KMS_DSSE` encryption type, the contents of the repository will be encrypted with two layers of encryption using server-side encryption with the AWS KMS Management Service key stored in AWS KMS . Similar to the `KMS` encryption type, you can either use the default AWS managed AWS KMS key for Amazon ECR, or specify your own AWS KMS key, which you've already created.\n\nIf you use the `AES256` encryption type, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts the images in the repository using an AES256 encryption algorithm.\n\nFor more information, see [Amazon ECR encryption at rest](https://docs.aws.amazon.com/AmazonECR/latest/userguide/encryption-at-rest.html) in the *Amazon Elastic Container Registry User Guide* .", + "title": "EncryptionType", "type": "string" }, - "UserName": { - "markdownDescription": "The user name for the service account on your self-managed AD domain that Amazon FSx will use to join to your AD domain. This account must have the permission to join computers to the domain in the organizational unit provided in `OrganizationalUnitDistinguishedName` , or in the default location of your AD domain.", - "title": "UserName", + "KmsKey": { + "markdownDescription": "If you use the `KMS` encryption type, specify the AWS KMS key to use for encryption. The alias, key ID, or full ARN of the AWS KMS key can be specified. The key must exist in the same Region as the repository. If no key is specified, the default AWS managed AWS KMS key for Amazon ECR will be used.", + "title": "KmsKey", "type": "string" } }, + "required": [ + "EncryptionType" + ], "type": "object" }, - "AWS::FSx::Volume": { + "AWS::ECS::CapacityProvider": { "additionalProperties": false, "properties": { "Condition": { @@ -100617,48 +104197,30 @@ "Properties": { "additionalProperties": false, "properties": { - "BackupId": { - "markdownDescription": "Specifies the ID of the volume backup to use to create a new volume.", - "title": "BackupId", - "type": "string" + "AutoScalingGroupProvider": { + "$ref": "#/definitions/AWS::ECS::CapacityProvider.AutoScalingGroupProvider", + "markdownDescription": "The Auto Scaling group settings for the capacity provider.", + "title": "AutoScalingGroupProvider" }, "Name": { - "markdownDescription": "The name of the volume.", + "markdownDescription": "The name of the capacity provider. If a name is specified, it cannot start with `aws` , `ecs` , or `fargate` . If no name is specified, a default name in the `CFNStackName-CFNResourceName-RandomString` format is used.", "title": "Name", "type": "string" }, - "OntapConfiguration": { - "$ref": "#/definitions/AWS::FSx::Volume.OntapConfiguration", - "markdownDescription": "The configuration of an Amazon FSx for NetApp ONTAP volume.", - "title": "OntapConfiguration" - }, - "OpenZFSConfiguration": { - "$ref": "#/definitions/AWS::FSx::Volume.OpenZFSConfiguration", - "markdownDescription": "The configuration of an Amazon FSx for OpenZFS volume.", - "title": "OpenZFSConfiguration" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "The metadata that you apply to the capacity provider to help you categorize and organize it. Each tag consists of a key and an optional value. You define both.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8\n- Maximum value length - 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", "title": "Tags", "type": "array" - }, - "VolumeType": { - "markdownDescription": "The type of the volume.", - "title": "VolumeType", - "type": "string" } }, - "required": [ - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::FSx::Volume" + "AWS::ECS::CapacityProvider" ], "type": "string" }, @@ -100671,384 +104233,72 @@ "type": "string" } }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::FSx::Volume.AggregateConfiguration": { - "additionalProperties": false, - "properties": { - "Aggregates": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of aggregates that this volume resides on. Aggregates are storage pools which make up your primary storage tier. Each high-availability (HA) pair has one aggregate. The names of the aggregates map to the names of the aggregates in the ONTAP CLI and REST API. For FlexVols, there will always be a single entry.\n\nAmazon FSx responds with an HTTP status code 400 (Bad Request) for the following conditions:\n\n- The strings in the value of `Aggregates` are not are not formatted as `aggrX` , where X is a number between 1 and 12.\n- The value of `Aggregates` contains aggregates that are not present.\n- One or more of the aggregates supplied are too close to the volume limit to support adding more volumes.", - "title": "Aggregates", - "type": "array" - }, - "ConstituentsPerAggregate": { - "markdownDescription": "Used to explicitly set the number of constituents within the FlexGroup per storage aggregate. This field is optional when creating a FlexGroup volume. If unspecified, the default value will be 8. This field cannot be provided when creating a FlexVol volume.", - "title": "ConstituentsPerAggregate", - "type": "number" - } - }, - "type": "object" - }, - "AWS::FSx::Volume.AutocommitPeriod": { - "additionalProperties": false, - "properties": { - "Type": { - "markdownDescription": "Defines the type of time for the autocommit period of a file in an FSx for ONTAP SnapLock volume. Setting this value to `NONE` disables autocommit. The default value is `NONE` .", - "title": "Type", - "type": "string" - }, - "Value": { - "markdownDescription": "Defines the amount of time for the autocommit period of a file in an FSx for ONTAP SnapLock volume. The following ranges are valid:\n\n- `Minutes` : 5 - 65,535\n- `Hours` : 1 - 65,535\n- `Days` : 1 - 3,650\n- `Months` : 1 - 120\n- `Years` : 1 - 10", - "title": "Value", - "type": "number" - } - }, "required": [ "Type" ], "type": "object" }, - "AWS::FSx::Volume.ClientConfigurations": { - "additionalProperties": false, - "properties": { - "Clients": { - "markdownDescription": "A value that specifies who can mount the file system. You can provide a wildcard character ( `*` ), an IP address ( `0.0.0.0` ), or a CIDR address ( `192.0.2.0/24` ). By default, Amazon FSx uses the wildcard character when specifying the client.", - "title": "Clients", - "type": "string" - }, - "Options": { - "items": { - "type": "string" - }, - "markdownDescription": "The options to use when mounting the file system. For a list of options that you can use with Network File System (NFS), see the [exports(5) - Linux man page](https://docs.aws.amazon.com/https://linux.die.net/man/5/exports) . When choosing your options, consider the following:\n\n- `crossmnt` is used by default. If you don't specify `crossmnt` when changing the client configuration, you won't be able to see or access snapshots in your file system's snapshot directory.\n- `sync` is used by default. If you instead specify `async` , the system acknowledges writes before writing to disk. If the system crashes before the writes are finished, you lose the unwritten data.", - "title": "Options", - "type": "array" - } - }, - "required": [ - "Clients", - "Options" - ], - "type": "object" - }, - "AWS::FSx::Volume.NfsExports": { - "additionalProperties": false, - "properties": { - "ClientConfigurations": { - "items": { - "$ref": "#/definitions/AWS::FSx::Volume.ClientConfigurations" - }, - "markdownDescription": "A list of configuration objects that contain the client and options for mounting the OpenZFS file system.", - "title": "ClientConfigurations", - "type": "array" - } - }, - "required": [ - "ClientConfigurations" - ], - "type": "object" - }, - "AWS::FSx::Volume.OntapConfiguration": { + "AWS::ECS::CapacityProvider.AutoScalingGroupProvider": { "additionalProperties": false, "properties": { - "AggregateConfiguration": { - "$ref": "#/definitions/AWS::FSx::Volume.AggregateConfiguration", - "markdownDescription": "Used to specify the configuration options for an FSx for ONTAP volume's storage aggregate or aggregates.", - "title": "AggregateConfiguration" - }, - "CopyTagsToBackups": { - "markdownDescription": "A boolean flag indicating whether tags for the volume should be copied to backups. This value defaults to false. If it's set to true, all tags for the volume are copied to all automatic and user-initiated backups where the user doesn't specify tags. If this value is true, and you specify one or more tags, only the specified tags are copied to backups. If you specify one or more tags when creating a user-initiated backup, no tags are copied from the volume, regardless of this value.", - "title": "CopyTagsToBackups", - "type": "string" - }, - "JunctionPath": { - "markdownDescription": "Specifies the location in the SVM's namespace where the volume is mounted. This parameter is required. The `JunctionPath` must have a leading forward slash, such as `/vol3` .", - "title": "JunctionPath", - "type": "string" - }, - "OntapVolumeType": { - "markdownDescription": "Specifies the type of volume you are creating. Valid values are the following:\n\n- `RW` specifies a read/write volume. `RW` is the default.\n- `DP` specifies a data-protection volume. A `DP` volume is read-only and can be used as the destination of a NetApp SnapMirror relationship.\n\nFor more information, see [Volume types](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-volumes.html#volume-types) in the Amazon FSx for NetApp ONTAP User Guide.", - "title": "OntapVolumeType", - "type": "string" - }, - "SecurityStyle": { - "markdownDescription": "Specifies the security style for the volume. If a volume's security style is not specified, it is automatically set to the root volume's security style. The security style determines the type of permissions that FSx for ONTAP uses to control data access. Specify one of the following values:\n\n- `UNIX` if the file system is managed by a UNIX administrator, the majority of users are NFS clients, and an application accessing the data uses a UNIX user as the service account.\n- `NTFS` if the file system is managed by a Windows administrator, the majority of users are SMB clients, and an application accessing the data uses a Windows user as the service account.\n- `MIXED` This is an advanced setting. For more information, see the topic [What the security styles and their effects are](https://docs.aws.amazon.com/https://docs.netapp.com/us-en/ontap/nfs-admin/security-styles-their-effects-concept.html) in the NetApp Documentation Center.\n\nFor more information, see [Volume security style](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-volumes.html#volume-security-style) in the FSx for ONTAP User Guide.", - "title": "SecurityStyle", - "type": "string" - }, - "SizeInBytes": { - "markdownDescription": "Specifies the configured size of the volume, in bytes.", - "title": "SizeInBytes", - "type": "string" - }, - "SizeInMegabytes": { - "markdownDescription": "Use `SizeInBytes` instead. Specifies the size of the volume, in megabytes (MB), that you are creating.", - "title": "SizeInMegabytes", - "type": "string" - }, - "SnaplockConfiguration": { - "$ref": "#/definitions/AWS::FSx::Volume.SnaplockConfiguration", - "markdownDescription": "The SnapLock configuration object for an FSx for ONTAP SnapLock volume.", - "title": "SnaplockConfiguration" - }, - "SnapshotPolicy": { - "markdownDescription": "Specifies the snapshot policy for the volume. There are three built-in snapshot policies:\n\n- `default` : This is the default policy. A maximum of six hourly snapshots taken five minutes past the hour. A maximum of two daily snapshots taken Monday through Saturday at 10 minutes after midnight. A maximum of two weekly snapshots taken every Sunday at 15 minutes after midnight.\n- `default-1weekly` : This policy is the same as the `default` policy except that it only retains one snapshot from the weekly schedule.\n- `none` : This policy does not take any snapshots. This policy can be assigned to volumes to prevent automatic snapshots from being taken.\n\nYou can also provide the name of a custom policy that you created with the ONTAP CLI or REST API.\n\nFor more information, see [Snapshot policies](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/snapshots-ontap.html#snapshot-policies) in the Amazon FSx for NetApp ONTAP User Guide.", - "title": "SnapshotPolicy", - "type": "string" - }, - "StorageEfficiencyEnabled": { - "markdownDescription": "Set to true to enable deduplication, compression, and compaction storage efficiency features on the volume, or set to false to disable them.\n\n`StorageEfficiencyEnabled` is required when creating a `RW` volume ( `OntapVolumeType` set to `RW` ).", - "title": "StorageEfficiencyEnabled", + "AutoScalingGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that identifies the Auto Scaling group, or the Auto Scaling group name.", + "title": "AutoScalingGroupArn", "type": "string" }, - "StorageVirtualMachineId": { - "markdownDescription": "Specifies the ONTAP SVM in which to create the volume.", - "title": "StorageVirtualMachineId", + "ManagedDraining": { + "markdownDescription": "The managed draining option for the Auto Scaling group capacity provider. When you enable this, Amazon ECS manages and gracefully drains the EC2 container instances that are in the Auto Scaling group capacity provider.", + "title": "ManagedDraining", "type": "string" }, - "TieringPolicy": { - "$ref": "#/definitions/AWS::FSx::Volume.TieringPolicy", - "markdownDescription": "Describes the data tiering policy for an ONTAP volume. When enabled, Amazon FSx for ONTAP's intelligent tiering automatically transitions a volume's data between the file system's primary storage and capacity pool storage based on your access patterns.\n\nValid tiering policies are the following:\n\n- `SNAPSHOT_ONLY` - (Default value) moves cold snapshots to the capacity pool storage tier.\n\n- `AUTO` - moves cold user data and snapshots to the capacity pool storage tier based on your access patterns.\n\n- `ALL` - moves all user data blocks in both the active file system and Snapshot copies to the storage pool tier.\n\n- `NONE` - keeps a volume's data in the primary storage tier, preventing it from being moved to the capacity pool tier.", - "title": "TieringPolicy" + "ManagedScaling": { + "$ref": "#/definitions/AWS::ECS::CapacityProvider.ManagedScaling", + "markdownDescription": "The managed scaling settings for the Auto Scaling group capacity provider.", + "title": "ManagedScaling" }, - "VolumeStyle": { - "markdownDescription": "Use to specify the style of an ONTAP volume. FSx for ONTAP offers two styles of volumes that you can use for different purposes, FlexVol and FlexGroup volumes. For more information, see [Volume styles](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-volumes.html#volume-styles) in the Amazon FSx for NetApp ONTAP User Guide.", - "title": "VolumeStyle", + "ManagedTerminationProtection": { + "markdownDescription": "The managed termination protection setting to use for the Auto Scaling group capacity provider. This determines whether the Auto Scaling group has managed termination protection. The default is off.\n\n> When using managed termination protection, managed scaling must also be used otherwise managed termination protection doesn't work. \n\nWhen managed termination protection is on, Amazon ECS prevents the Amazon EC2 instances in an Auto Scaling group that contain tasks from being terminated during a scale-in action. The Auto Scaling group and each instance in the Auto Scaling group must have instance protection from scale-in actions on as well. For more information, see [Instance Protection](https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-instance-termination.html#instance-protection) in the *AWS Auto Scaling User Guide* .\n\nWhen managed termination protection is off, your Amazon EC2 instances aren't protected from termination when the Auto Scaling group scales in.", + "title": "ManagedTerminationProtection", "type": "string" } }, "required": [ - "StorageVirtualMachineId" + "AutoScalingGroupArn" ], "type": "object" }, - "AWS::FSx::Volume.OpenZFSConfiguration": { + "AWS::ECS::CapacityProvider.ManagedScaling": { "additionalProperties": false, "properties": { - "CopyTagsToSnapshots": { - "markdownDescription": "A Boolean value indicating whether tags for the volume should be copied to snapshots. This value defaults to `false` . If this value is set to `true` , and you do not specify any tags, all tags for the original volume are copied over to snapshots. If this value is\u00a0set to `true` , and you do specify one or more tags, only the specified tags for the original volume are copied over to snapshots. If you specify one or more tags when creating a new snapshot, no tags are copied over from the original volume, regardless of this value.", - "title": "CopyTagsToSnapshots", - "type": "boolean" - }, - "DataCompressionType": { - "markdownDescription": "Specifies the method used to compress the data on the volume. The compression type is `NONE` by default.\n\n- `NONE` - Doesn't compress the data on the volume. `NONE` is the default.\n- `ZSTD` - Compresses the data in the volume using the Zstandard (ZSTD) compression algorithm. Compared to LZ4, Z-Standard provides a better compression ratio to minimize on-disk storage utilization.\n- `LZ4` - Compresses the data in the volume using the LZ4 compression algorithm. Compared to Z-Standard, LZ4 is less compute-intensive and delivers higher write throughput speeds.", - "title": "DataCompressionType", - "type": "string" - }, - "NfsExports": { - "items": { - "$ref": "#/definitions/AWS::FSx::Volume.NfsExports" - }, - "markdownDescription": "The configuration object for mounting a Network File System (NFS) file system.", - "title": "NfsExports", - "type": "array" - }, - "Options": { - "items": { - "type": "string" - }, - "markdownDescription": "To delete the volume's child volumes, snapshots, and clones, use the string `DELETE_CHILD_VOLUMES_AND_SNAPSHOTS` .", - "title": "Options", - "type": "array" - }, - "OriginSnapshot": { - "$ref": "#/definitions/AWS::FSx::Volume.OriginSnapshot", - "markdownDescription": "The configuration object that specifies the snapshot to use as the origin of the data for the volume.", - "title": "OriginSnapshot" - }, - "ParentVolumeId": { - "markdownDescription": "The ID of the volume to use as the parent volume of the volume that you are creating.", - "title": "ParentVolumeId", - "type": "string" - }, - "ReadOnly": { - "markdownDescription": "A Boolean value indicating whether the volume is read-only.", - "title": "ReadOnly", - "type": "boolean" - }, - "RecordSizeKiB": { - "markdownDescription": "Specifies the suggested block size for a volume in a ZFS dataset, in kibibytes (KiB). For file systems using the Intelligent-Tiering storage class, valid values are 128, 256, 512, 1024, 2048, or 4096 KiB, with a default of 1024 KiB. For all other file systems, valid values are 4, 8, 16, 32, 64, 128, 256, 512, or 1024 KiB, with a default of 128 KiB. We recommend using the default setting for the majority of use cases. Generally, workloads that write in fixed small or large record sizes may benefit from setting a custom record size, like database workloads (small record size) or media streaming workloads (large record size). For additional guidance on when to set a custom record size, see [ZFS Record size](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/performance.html#record-size-performance) in the *Amazon FSx for OpenZFS User Guide* .", - "title": "RecordSizeKiB", - "type": "number" - }, - "StorageCapacityQuotaGiB": { - "markdownDescription": "Sets the maximum storage size in gibibytes (GiB) for the volume. You can specify a quota that is larger than the storage on the parent volume. A volume quota limits the amount of storage that the volume can consume to the configured amount, but does not guarantee the space will be available on the parent volume. To guarantee quota space, you must also set `StorageCapacityReservationGiB` . To *not* specify a storage capacity quota, set this to `-1` .\n\nFor more information, see [Volume properties](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/managing-volumes.html#volume-properties) in the *Amazon FSx for OpenZFS User Guide* .", - "title": "StorageCapacityQuotaGiB", - "type": "number" - }, - "StorageCapacityReservationGiB": { - "markdownDescription": "Specifies the amount of storage in gibibytes (GiB) to reserve from the parent volume. Setting `StorageCapacityReservationGiB` guarantees that the specified amount of storage space on the parent volume will always be available for the volume. You can't reserve more storage than the parent volume has. To *not* specify a storage capacity reservation, set this to `0` or `-1` . For more information, see [Volume properties](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/managing-volumes.html#volume-properties) in the *Amazon FSx for OpenZFS User Guide* .", - "title": "StorageCapacityReservationGiB", + "InstanceWarmupPeriod": { + "markdownDescription": "The period of time, in seconds, after a newly launched Amazon EC2 instance can contribute to CloudWatch metrics for Auto Scaling group. If this parameter is omitted, the default value of `300` seconds is used.", + "title": "InstanceWarmupPeriod", "type": "number" }, - "UserAndGroupQuotas": { - "items": { - "$ref": "#/definitions/AWS::FSx::Volume.UserAndGroupQuotas" - }, - "markdownDescription": "Configures how much storage users and groups can use on the volume.", - "title": "UserAndGroupQuotas", - "type": "array" - } - }, - "required": [ - "ParentVolumeId" - ], - "type": "object" - }, - "AWS::FSx::Volume.OriginSnapshot": { - "additionalProperties": false, - "properties": { - "CopyStrategy": { - "markdownDescription": "Specifies the strategy used when copying data from the snapshot to the new volume.\n\n- `CLONE` - The new volume references the data in the origin snapshot. Cloning a snapshot is faster than copying data from the snapshot to a new volume and doesn't consume disk throughput. However, the origin snapshot can't be deleted if there is a volume using its copied data.\n- `FULL_COPY` - Copies all data from the snapshot to the new volume.\n\nSpecify this option to create the volume from a snapshot on another FSx for OpenZFS file system.\n\n> The `INCREMENTAL_COPY` option is only for updating an existing volume by using a snapshot from another FSx for OpenZFS file system. For more information, see [CopySnapshotAndUpdateVolume](https://docs.aws.amazon.com/fsx/latest/APIReference/API_CopySnapshotAndUpdateVolume.html) .", - "title": "CopyStrategy", - "type": "string" - }, - "SnapshotARN": { - "markdownDescription": "Specifies the snapshot to use when creating an OpenZFS volume from a snapshot.", - "title": "SnapshotARN", - "type": "string" - } - }, - "required": [ - "CopyStrategy", - "SnapshotARN" - ], - "type": "object" - }, - "AWS::FSx::Volume.RetentionPeriod": { - "additionalProperties": false, - "properties": { - "Type": { - "markdownDescription": "Defines the type of time for the retention period of an FSx for ONTAP SnapLock volume. Set it to one of the valid types. If you set it to `INFINITE` , the files are retained forever. If you set it to `UNSPECIFIED` , the files are retained until you set an explicit retention period.", - "title": "Type", - "type": "string" - }, - "Value": { - "markdownDescription": "Defines the amount of time for the retention period of an FSx for ONTAP SnapLock volume. You can't set a value for `INFINITE` or `UNSPECIFIED` . For all other options, the following ranges are valid:\n\n- `Seconds` : 0 - 65,535\n- `Minutes` : 0 - 65,535\n- `Hours` : 0 - 24\n- `Days` : 0 - 365\n- `Months` : 0 - 12\n- `Years` : 0 - 100", - "title": "Value", + "MaximumScalingStepSize": { + "markdownDescription": "The maximum number of Amazon EC2 instances that Amazon ECS will scale out at one time. If this parameter is omitted, the default value of `10000` is used.", + "title": "MaximumScalingStepSize", "type": "number" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::FSx::Volume.SnaplockConfiguration": { - "additionalProperties": false, - "properties": { - "AuditLogVolume": { - "markdownDescription": "Enables or disables the audit log volume for an FSx for ONTAP SnapLock volume. The default value is `false` . If you set `AuditLogVolume` to `true` , the SnapLock volume is created as an audit log volume. The minimum retention period for an audit log volume is six months.\n\nFor more information, see [SnapLock audit log volumes](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/how-snaplock-works.html#snaplock-audit-log-volume) .", - "title": "AuditLogVolume", - "type": "string" - }, - "AutocommitPeriod": { - "$ref": "#/definitions/AWS::FSx::Volume.AutocommitPeriod", - "markdownDescription": "The configuration object for setting the autocommit period of files in an FSx for ONTAP SnapLock volume.", - "title": "AutocommitPeriod" - }, - "PrivilegedDelete": { - "markdownDescription": "Enables, disables, or permanently disables privileged delete on an FSx for ONTAP SnapLock Enterprise volume. Enabling privileged delete allows SnapLock administrators to delete write once, read many (WORM) files even if they have active retention periods. `PERMANENTLY_DISABLED` is a terminal state. If privileged delete is permanently disabled on a SnapLock volume, you can't re-enable it. The default value is `DISABLED` .\n\nFor more information, see [Privileged delete](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/snaplock-enterprise.html#privileged-delete) .", - "title": "PrivilegedDelete", - "type": "string" - }, - "RetentionPeriod": { - "$ref": "#/definitions/AWS::FSx::Volume.SnaplockRetentionPeriod", - "markdownDescription": "Specifies the retention period of an FSx for ONTAP SnapLock volume.", - "title": "RetentionPeriod" - }, - "SnaplockType": { - "markdownDescription": "Specifies the retention mode of an FSx for ONTAP SnapLock volume. After it is set, it can't be changed. You can choose one of the following retention modes:\n\n- `COMPLIANCE` : Files transitioned to write once, read many (WORM) on a Compliance volume can't be deleted until their retention periods expire. This retention mode is used to address government or industry-specific mandates or to protect against ransomware attacks. For more information, see [SnapLock Compliance](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/snaplock-compliance.html) .\n- `ENTERPRISE` : Files transitioned to WORM on an Enterprise volume can be deleted by authorized users before their retention periods expire using privileged delete. This retention mode is used to advance an organization's data integrity and internal compliance or to test retention settings before using SnapLock Compliance. For more information, see [SnapLock Enterprise](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/snaplock-enterprise.html) .", - "title": "SnaplockType", - "type": "string" - }, - "VolumeAppendModeEnabled": { - "markdownDescription": "Enables or disables volume-append mode on an FSx for ONTAP SnapLock volume. Volume-append mode allows you to create WORM-appendable files and write data to them incrementally. The default value is `false` .\n\nFor more information, see [Volume-append mode](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/worm-state.html#worm-state-append) .", - "title": "VolumeAppendModeEnabled", - "type": "string" - } - }, - "required": [ - "SnaplockType" - ], - "type": "object" - }, - "AWS::FSx::Volume.SnaplockRetentionPeriod": { - "additionalProperties": false, - "properties": { - "DefaultRetention": { - "$ref": "#/definitions/AWS::FSx::Volume.RetentionPeriod", - "markdownDescription": "The retention period assigned to a write once, read many (WORM) file by default if an explicit retention period is not set for an FSx for ONTAP SnapLock volume. The default retention period must be greater than or equal to the minimum retention period and less than or equal to the maximum retention period.", - "title": "DefaultRetention" - }, - "MaximumRetention": { - "$ref": "#/definitions/AWS::FSx::Volume.RetentionPeriod", - "markdownDescription": "The longest retention period that can be assigned to a WORM file on an FSx for ONTAP SnapLock volume.", - "title": "MaximumRetention" }, - "MinimumRetention": { - "$ref": "#/definitions/AWS::FSx::Volume.RetentionPeriod", - "markdownDescription": "The shortest retention period that can be assigned to a WORM file on an FSx for ONTAP SnapLock volume.", - "title": "MinimumRetention" - } - }, - "required": [ - "DefaultRetention", - "MaximumRetention", - "MinimumRetention" - ], - "type": "object" - }, - "AWS::FSx::Volume.TieringPolicy": { - "additionalProperties": false, - "properties": { - "CoolingPeriod": { - "markdownDescription": "Specifies the number of days that user data in a volume must remain inactive before it is considered \"cold\" and moved to the capacity pool. Used with the `AUTO` and `SNAPSHOT_ONLY` tiering policies. Enter a whole number between 2 and 183. Default values are 31 days for `AUTO` and 2 days for `SNAPSHOT_ONLY` .", - "title": "CoolingPeriod", + "MinimumScalingStepSize": { + "markdownDescription": "The minimum number of Amazon EC2 instances that Amazon ECS will scale out at one time. The scale in process is not affected by this parameter If this parameter is omitted, the default value of `1` is used.\n\nWhen additional capacity is required, Amazon ECS will scale up the minimum scaling step size even if the actual demand is less than the minimum scaling step size.\n\nIf you use a capacity provider with an Auto Scaling group configured with more than one Amazon EC2 instance type or Availability Zone, Amazon ECS will scale up by the exact minimum scaling step size value and will ignore both the maximum scaling step size as well as the capacity demand.", + "title": "MinimumScalingStepSize", "type": "number" }, - "Name": { - "markdownDescription": "Specifies the tiering policy used to transition data. Default value is `SNAPSHOT_ONLY` .\n\n- `SNAPSHOT_ONLY` - moves cold snapshots to the capacity pool storage tier.\n- `AUTO` - moves cold user data and snapshots to the capacity pool storage tier based on your access patterns.\n- `ALL` - moves all user data blocks in both the active file system and Snapshot copies to the storage pool tier.\n- `NONE` - keeps a volume's data in the primary storage tier, preventing it from being moved to the capacity pool tier.", - "title": "Name", + "Status": { + "markdownDescription": "Determines whether to use managed scaling for the capacity provider.", + "title": "Status", "type": "string" - } - }, - "type": "object" - }, - "AWS::FSx::Volume.UserAndGroupQuotas": { - "additionalProperties": false, - "properties": { - "Id": { - "markdownDescription": "The ID of the user or group that the quota applies to.", - "title": "Id", - "type": "number" }, - "StorageCapacityQuotaGiB": { - "markdownDescription": "The user or group's storage quota, in gibibytes (GiB).", - "title": "StorageCapacityQuotaGiB", + "TargetCapacity": { + "markdownDescription": "The target capacity utilization as a percentage for the capacity provider. The specified value must be greater than `0` and less than or equal to `100` . For example, if you want the capacity provider to maintain 10% spare capacity, then that means the utilization is 90%, so use a `targetCapacity` of `90` . The default value of `100` percent results in the Amazon EC2 instances in your Auto Scaling group being completely used.", + "title": "TargetCapacity", "type": "number" - }, - "Type": { - "markdownDescription": "Specifies whether the quota applies to a user or group.", - "title": "Type", - "type": "string" } }, - "required": [ - "Id", - "StorageCapacityQuotaGiB", - "Type" - ], "type": "object" }, - "AWS::FinSpace::Environment": { + "AWS::ECS::Cluster": { "additionalProperties": false, "properties": { "Condition": { @@ -101083,53 +104333,59 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the FinSpace environment.", - "title": "Description", - "type": "string" + "CapacityProviders": { + "items": { + "type": "string" + }, + "markdownDescription": "The short name of one or more capacity providers to associate with the cluster. A capacity provider must be associated with a cluster before it can be included as part of the default capacity provider strategy of the cluster or used in a capacity provider strategy when calling the [CreateService](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_CreateService.html) or [RunTask](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RunTask.html) actions.\n\nIf specifying a capacity provider that uses an Auto Scaling group, the capacity provider must be created but not associated with another cluster. New Auto Scaling group capacity providers can be created with the [CreateCapacityProvider](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_CreateCapacityProvider.html) API operation.\n\nTo use a AWS Fargate capacity provider, specify either the `FARGATE` or `FARGATE_SPOT` capacity providers. The AWS Fargate capacity providers are available to all accounts and only need to be associated with a cluster to be used.\n\nThe [PutCapacityProvider](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutCapacityProvider.html) API operation is used to update the list of available capacity providers for a cluster after the cluster is created.", + "title": "CapacityProviders", + "type": "array" }, - "FederationMode": { - "markdownDescription": "The authentication mode for the environment.", - "title": "FederationMode", + "ClusterName": { + "markdownDescription": "A user-generated string that you use to identify your cluster. If you don't specify a name, AWS CloudFormation generates a unique physical ID for the name.", + "title": "ClusterName", "type": "string" }, - "FederationParameters": { - "$ref": "#/definitions/AWS::FinSpace::Environment.FederationParameters", - "markdownDescription": "Configuration information when authentication mode is FEDERATED.", - "title": "FederationParameters" + "ClusterSettings": { + "items": { + "$ref": "#/definitions/AWS::ECS::Cluster.ClusterSettings" + }, + "markdownDescription": "The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights with enhanced observability or CloudWatch Container Insights for a cluster.\n\nContainer Insights with enhanced observability provides all the Container Insights metrics, plus additional task and container metrics. This version supports enhanced observability for Amazon ECS clusters using the Amazon EC2 and Fargate launch types. After you configure Container Insights with enhanced observability on Amazon ECS, Container Insights auto-collects detailed infrastructure telemetry from the cluster level down to the container level in your environment and displays these critical performance data in curated dashboards removing the heavy lifting in observability set-up.\n\nFor more information, see [Monitor Amazon ECS containers using Container Insights with enhanced observability](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cloudwatch-container-insights.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "ClusterSettings", + "type": "array" }, - "KmsKeyId": { - "markdownDescription": "The KMS key id used to encrypt in the FinSpace environment.", - "title": "KmsKeyId", - "type": "string" + "Configuration": { + "$ref": "#/definitions/AWS::ECS::Cluster.ClusterConfiguration", + "markdownDescription": "The execute command and managed storage configuration for the cluster.", + "title": "Configuration" }, - "Name": { - "markdownDescription": "The name of the FinSpace environment.", - "title": "Name", - "type": "string" + "DefaultCapacityProviderStrategy": { + "items": { + "$ref": "#/definitions/AWS::ECS::Cluster.CapacityProviderStrategyItem" + }, + "markdownDescription": "The default capacity provider strategy for the cluster. When services or tasks are run in the cluster with no launch type or capacity provider strategy specified, the default capacity provider strategy is used.", + "title": "DefaultCapacityProviderStrategy", + "type": "array" }, - "SuperuserParameters": { - "$ref": "#/definitions/AWS::FinSpace::Environment.SuperuserParameters", - "markdownDescription": "Configuration information for the superuser.", - "title": "SuperuserParameters" + "ServiceConnectDefaults": { + "$ref": "#/definitions/AWS::ECS::Cluster.ServiceConnectDefaults", + "markdownDescription": "Use this parameter to set a default Service Connect namespace. After you set a default Service Connect namespace, any new services with Service Connect turned on that are created in the cluster are added as client services in the namespace. This setting only applies to new services that set the `enabled` parameter to `true` in the `ServiceConnectConfiguration` . You can set the namespace of each service individually in the `ServiceConnectConfiguration` to override this default parameter.\n\nTasks that run in a namespace can use short names to connect to services in the namespace. Tasks can connect to services across all of the clusters in the namespace. Tasks connect through a managed proxy container that collects logs and metrics for increased visibility. Only the tasks that Amazon ECS services create are supported with Service Connect. For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "ServiceConnectDefaults" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "", + "markdownDescription": "The metadata that you apply to the cluster to help you categorize and organize them. Each tag consists of a key and an optional value. You define both.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8\n- Maximum value length - 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", "title": "Tags", "type": "array" } }, - "required": [ - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::FinSpace::Environment" + "AWS::ECS::Cluster" ], "type": "string" }, @@ -101143,88 +104399,143 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::FinSpace::Environment.AttributeMapItems": { + "AWS::ECS::Cluster.CapacityProviderStrategyItem": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "", - "title": "Key", + "Base": { + "markdownDescription": "The *base* value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a *base* defined. If no value is specified, the default value of `0` is used.", + "title": "Base", + "type": "number" + }, + "CapacityProvider": { + "markdownDescription": "The short name of the capacity provider.", + "title": "CapacityProvider", + "type": "string" + }, + "Weight": { + "markdownDescription": "The *weight* value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The `weight` value is taken into consideration after the `base` value, if defined, is satisfied.\n\nIf no `weight` value is specified, the default value of `0` is used. When multiple capacity providers are specified within a capacity provider strategy, at least one of the capacity providers must have a weight value greater than zero and any capacity providers with a weight of `0` can't be used to place tasks. If you specify multiple capacity providers in a strategy that all have a weight of `0` , any `RunTask` or `CreateService` actions using the capacity provider strategy will fail.\n\nAn example scenario for using weights is defining a strategy that contains two capacity providers and both have a weight of `1` , then when the `base` is satisfied, the tasks will be split evenly across the two capacity providers. Using that same logic, if you specify a weight of `1` for *capacityProviderA* and a weight of `4` for *capacityProviderB* , then for every one task that's run using *capacityProviderA* , four tasks would use *capacityProviderB* .", + "title": "Weight", + "type": "number" + } + }, + "type": "object" + }, + "AWS::ECS::Cluster.ClusterConfiguration": { + "additionalProperties": false, + "properties": { + "ExecuteCommandConfiguration": { + "$ref": "#/definitions/AWS::ECS::Cluster.ExecuteCommandConfiguration", + "markdownDescription": "The details of the execute command configuration.", + "title": "ExecuteCommandConfiguration" + }, + "ManagedStorageConfiguration": { + "$ref": "#/definitions/AWS::ECS::Cluster.ManagedStorageConfiguration", + "markdownDescription": "The details of the managed storage configuration.", + "title": "ManagedStorageConfiguration" + } + }, + "type": "object" + }, + "AWS::ECS::Cluster.ClusterSettings": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the cluster setting. The value is `containerInsights` .", + "title": "Name", "type": "string" }, "Value": { - "markdownDescription": "", + "markdownDescription": "The value to set for the cluster setting. The supported values are `enhanced` , `enabled` , and `disabled` .\n\nTo use Container Insights with enhanced observability, set the `containerInsights` account setting to `enhanced` .\n\nTo use Container Insights, set the `containerInsights` account setting to `enabled` .\n\nIf a cluster value is specified, it will override the `containerInsights` value set with [PutAccountSetting](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSetting.html) or [PutAccountSettingDefault](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSettingDefault.html) .", "title": "Value", "type": "string" } }, "type": "object" }, - "AWS::FinSpace::Environment.FederationParameters": { + "AWS::ECS::Cluster.ExecuteCommandConfiguration": { "additionalProperties": false, "properties": { - "ApplicationCallBackURL": { - "markdownDescription": "The redirect or sign-in URL that should be entered into the SAML 2.0 compliant identity provider configuration (IdP).", - "title": "ApplicationCallBackURL", + "KmsKeyId": { + "markdownDescription": "Specify an AWS Key Management Service key ID to encrypt the data between the local client and the container.", + "title": "KmsKeyId", "type": "string" }, - "AttributeMap": { - "items": { - "$ref": "#/definitions/AWS::FinSpace::Environment.AttributeMapItems" - }, - "markdownDescription": "SAML attribute name and value. The name must always be `Email` and the value should be set to the attribute definition in which user email is set. For example, name would be `Email` and value `http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress` . Please check your SAML 2.0 compliant identity provider (IdP) documentation for details.", - "title": "AttributeMap", - "type": "array" + "LogConfiguration": { + "$ref": "#/definitions/AWS::ECS::Cluster.ExecuteCommandLogConfiguration", + "markdownDescription": "The log configuration for the results of the execute command actions. The logs can be sent to CloudWatch Logs or an Amazon S3 bucket. When `logging=OVERRIDE` is specified, a `logConfiguration` must be provided.", + "title": "LogConfiguration" }, - "FederationProviderName": { - "markdownDescription": "Name of the identity provider (IdP).", - "title": "FederationProviderName", + "Logging": { + "markdownDescription": "The log setting to use for redirecting logs for your execute command results. The following log settings are available.\n\n- `NONE` : The execute command session is not logged.\n- `DEFAULT` : The `awslogs` configuration in the task definition is used. If no logging parameter is specified, it defaults to this value. If no `awslogs` log driver is configured in the task definition, the output won't be logged.\n- `OVERRIDE` : Specify the logging details as a part of `logConfiguration` . If the `OVERRIDE` logging option is specified, the `logConfiguration` is required.", + "title": "Logging", "type": "string" + } + }, + "type": "object" + }, + "AWS::ECS::Cluster.ExecuteCommandLogConfiguration": { + "additionalProperties": false, + "properties": { + "CloudWatchEncryptionEnabled": { + "markdownDescription": "Determines whether to use encryption on the CloudWatch logs. If not specified, encryption will be off.", + "title": "CloudWatchEncryptionEnabled", + "type": "boolean" }, - "FederationURN": { - "markdownDescription": "The Uniform Resource Name (URN). Also referred as Service Provider URN or Audience URI or Service Provider Entity ID.", - "title": "FederationURN", + "CloudWatchLogGroupName": { + "markdownDescription": "The name of the CloudWatch log group to send logs to.\n\n> The CloudWatch log group must already be created.", + "title": "CloudWatchLogGroupName", "type": "string" }, - "SamlMetadataDocument": { - "markdownDescription": "SAML 2.0 Metadata document from identity provider (IdP).", - "title": "SamlMetadataDocument", + "S3BucketName": { + "markdownDescription": "The name of the S3 bucket to send logs to.\n\n> The S3 bucket must already be created.", + "title": "S3BucketName", "type": "string" }, - "SamlMetadataURL": { - "markdownDescription": "Provide the metadata URL from your SAML 2.0 compliant identity provider (IdP).", - "title": "SamlMetadataURL", + "S3EncryptionEnabled": { + "markdownDescription": "Determines whether to use encryption on the S3 logs. If not specified, encryption is not used.", + "title": "S3EncryptionEnabled", + "type": "boolean" + }, + "S3KeyPrefix": { + "markdownDescription": "An optional folder in the S3 bucket to place logs in.", + "title": "S3KeyPrefix", "type": "string" } }, "type": "object" }, - "AWS::FinSpace::Environment.SuperuserParameters": { + "AWS::ECS::Cluster.ManagedStorageConfiguration": { "additionalProperties": false, "properties": { - "EmailAddress": { - "markdownDescription": "The email address of the superuser.", - "title": "EmailAddress", + "FargateEphemeralStorageKmsKeyId": { + "markdownDescription": "Specify the AWS Key Management Service key ID for Fargate ephemeral storage.\n\nWhen you specify a `fargateEphemeralStorageKmsKeyId` , AWS Fargate uses the key to encrypt data at rest in ephemeral storage. For more information about Fargate ephemeral storage encryption, see [Customer managed keys for AWS Fargate ephemeral storage for Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/fargate-storage-encryption.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nThe key must be a single Region key.", + "title": "FargateEphemeralStorageKmsKeyId", "type": "string" }, - "FirstName": { - "markdownDescription": "The first name of the superuser.", - "title": "FirstName", + "KmsKeyId": { + "markdownDescription": "Specify a AWS Key Management Service key ID to encrypt Amazon ECS managed storage.\n\nWhen you specify a `kmsKeyId` , Amazon ECS uses the key to encrypt data volumes managed by Amazon ECS that are attached to tasks in the cluster. The following data volumes are managed by Amazon ECS: Amazon EBS. For more information about encryption of Amazon EBS volumes attached to Amazon ECS tasks, see [Encrypt data stored in Amazon EBS volumes for Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ebs-kms-encryption.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nThe key must be a single Region key.", + "title": "KmsKeyId", "type": "string" - }, - "LastName": { - "markdownDescription": "The last name of the superuser.", - "title": "LastName", + } + }, + "type": "object" + }, + "AWS::ECS::Cluster.ServiceConnectDefaults": { + "additionalProperties": false, + "properties": { + "Namespace": { + "markdownDescription": "The namespace name or full Amazon Resource Name (ARN) of the AWS Cloud Map namespace that's used when you create a service and don't specify a Service Connect configuration. The namespace name can include up to 1024 characters. The name is case-sensitive. The name can't include greater than (>), less than (<), double quotation marks (\"), or slash (/).\n\nIf you enter an existing namespace name or ARN, then that namespace will be used. Any namespace type is supported. The namespace must be in this account and this AWS Region.\n\nIf you enter a new name, a AWS Cloud Map namespace will be created. Amazon ECS creates a AWS Cloud Map namespace with the \"API calls\" method of instance discovery only. This instance discovery method is the \"HTTP\" namespace type in the AWS Command Line Interface . Other types of instance discovery aren't used by Service Connect.\n\nIf you update the cluster with an empty string `\"\"` for the namespace name, the cluster configuration for Service Connect is removed. Note that the namespace will remain in AWS Cloud Map and must be deleted separately.\n\nFor more information about AWS Cloud Map , see [Working with Services](https://docs.aws.amazon.com/cloud-map/latest/dg/working-with-services.html) in the *AWS Cloud Map Developer Guide* .", + "title": "Namespace", "type": "string" } }, "type": "object" }, - "AWS::Forecast::Dataset": { + "AWS::ECS::ClusterCapacityProviderAssociations": { "additionalProperties": false, "properties": { "Condition": { @@ -101259,56 +104570,38 @@ "Properties": { "additionalProperties": false, "properties": { - "DataFrequency": { - "markdownDescription": "The frequency of data collection. This parameter is required for RELATED_TIME_SERIES datasets.\n\nValid intervals are an integer followed by Y (Year), M (Month), W (Week), D (Day), H (Hour), and min (Minute). For example, \"1D\" indicates every day and \"15min\" indicates every 15 minutes. You cannot specify a value that would overlap with the next larger frequency. That means, for example, you cannot specify a frequency of 60 minutes, because that is equivalent to 1 hour. The valid values for each frequency are the following:\n\n- Minute - 1-59\n- Hour - 1-23\n- Day - 1-6\n- Week - 1-4\n- Month - 1-11\n- Year - 1\n\nThus, if you want every other week forecasts, specify \"2W\". Or, if you want quarterly forecasts, you specify \"3M\".", - "title": "DataFrequency", - "type": "string" - }, - "DatasetName": { - "markdownDescription": "The name of the dataset.", - "title": "DatasetName", - "type": "string" - }, - "DatasetType": { - "markdownDescription": "The dataset type.", - "title": "DatasetType", - "type": "string" + "CapacityProviders": { + "items": { + "type": "string" + }, + "markdownDescription": "The capacity providers to associate with the cluster.", + "title": "CapacityProviders", + "type": "array" }, - "Domain": { - "markdownDescription": "The domain associated with the dataset.", - "title": "Domain", + "Cluster": { + "markdownDescription": "The cluster the capacity provider association is the target of.", + "title": "Cluster", "type": "string" }, - "EncryptionConfig": { - "$ref": "#/definitions/AWS::Forecast::Dataset.EncryptionConfig", - "markdownDescription": "A Key Management Service (KMS) key and the Identity and Access Management (IAM) role that Amazon Forecast can assume to access the key.", - "title": "EncryptionConfig" - }, - "Schema": { - "$ref": "#/definitions/AWS::Forecast::Dataset.Schema", - "markdownDescription": "The schema for the dataset. The schema attributes and their order must match the fields in your data. The dataset `Domain` and `DatasetType` that you choose determine the minimum required fields in your training data. For information about the required fields for a specific dataset domain and type, see [Dataset Domains and Dataset Types](https://docs.aws.amazon.com/forecast/latest/dg/howitworks-domains-ds-types.html) .", - "title": "Schema" - }, - "Tags": { + "DefaultCapacityProviderStrategy": { "items": { - "$ref": "#/definitions/AWS::Forecast::Dataset.TagsItems" + "$ref": "#/definitions/AWS::ECS::ClusterCapacityProviderAssociations.CapacityProviderStrategy" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", + "markdownDescription": "The default capacity provider strategy to associate with the cluster.", + "title": "DefaultCapacityProviderStrategy", "type": "array" } }, "required": [ - "DatasetName", - "DatasetType", - "Domain", - "Schema" + "CapacityProviders", + "Cluster", + "DefaultCapacityProviderStrategy" ], "type": "object" }, "Type": { "enum": [ - "AWS::Forecast::Dataset" + "AWS::ECS::ClusterCapacityProviderAssociations" ], "type": "string" }, @@ -101327,73 +104620,31 @@ ], "type": "object" }, - "AWS::Forecast::Dataset.AttributesItems": { - "additionalProperties": false, - "properties": { - "AttributeName": { - "markdownDescription": "", - "title": "AttributeName", - "type": "string" - }, - "AttributeType": { - "markdownDescription": "", - "title": "AttributeType", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Forecast::Dataset.EncryptionConfig": { + "AWS::ECS::ClusterCapacityProviderAssociations.CapacityProviderStrategy": { "additionalProperties": false, "properties": { - "KmsKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key.", - "title": "KmsKeyArn", - "type": "string" + "Base": { + "markdownDescription": "The *base* value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a *base* defined. If no value is specified, the default value of `0` is used.", + "title": "Base", + "type": "number" }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role that Amazon Forecast can assume to access the AWS KMS key.\n\nPassing a role across AWS accounts is not allowed. If you pass a role that isn't in your account, you get an `InvalidInputException` error.", - "title": "RoleArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Forecast::Dataset.Schema": { - "additionalProperties": false, - "properties": { - "Attributes": { - "items": { - "$ref": "#/definitions/AWS::Forecast::Dataset.AttributesItems" - }, - "markdownDescription": "An array of attributes specifying the name and type of each field in a dataset.", - "title": "Attributes", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Forecast::Dataset.TagsItems": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "", - "title": "Key", + "CapacityProvider": { + "markdownDescription": "The short name of the capacity provider.", + "title": "CapacityProvider", "type": "string" }, - "Value": { - "markdownDescription": "", - "title": "Value", - "type": "string" + "Weight": { + "markdownDescription": "The *weight* value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The `weight` value is taken into consideration after the `base` value, if defined, is satisfied.\n\nIf no `weight` value is specified, the default value of `0` is used. When multiple capacity providers are specified within a capacity provider strategy, at least one of the capacity providers must have a weight value greater than zero and any capacity providers with a weight of `0` can't be used to place tasks. If you specify multiple capacity providers in a strategy that all have a weight of `0` , any `RunTask` or `CreateService` actions using the capacity provider strategy will fail.\n\nAn example scenario for using weights is defining a strategy that contains two capacity providers and both have a weight of `1` , then when the `base` is satisfied, the tasks will be split evenly across the two capacity providers. Using that same logic, if you specify a weight of `1` for *capacityProviderA* and a weight of `4` for *capacityProviderB* , then for every one task that's run using *capacityProviderA* , four tasks would use *capacityProviderB* .", + "title": "Weight", + "type": "number" } }, "required": [ - "Key", - "Value" + "CapacityProvider" ], "type": "object" }, - "AWS::Forecast::DatasetGroup": { + "AWS::ECS::PrimaryTaskSet": { "additionalProperties": false, "properties": { "Condition": { @@ -101428,42 +104679,32 @@ "Properties": { "additionalProperties": false, "properties": { - "DatasetArns": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of Amazon Resource Names (ARNs) of the datasets that you want to include in the dataset group.", - "title": "DatasetArns", - "type": "array" - }, - "DatasetGroupName": { - "markdownDescription": "The name of the dataset group.", - "title": "DatasetGroupName", + "Cluster": { + "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the cluster that hosts the service that the task set exists in.", + "title": "Cluster", "type": "string" }, - "Domain": { - "markdownDescription": "The domain associated with the dataset group. When you add a dataset to a dataset group, this value and the value specified for the `Domain` parameter of the [CreateDataset](https://docs.aws.amazon.com/forecast/latest/dg/API_CreateDataset.html) operation must match.\n\nThe `Domain` and `DatasetType` that you choose determine the fields that must be present in training data that you import to a dataset. For example, if you choose the `RETAIL` domain and `TARGET_TIME_SERIES` as the `DatasetType` , Amazon Forecast requires that `item_id` , `timestamp` , and `demand` fields are present in your data. For more information, see [Dataset groups](https://docs.aws.amazon.com/forecast/latest/dg/howitworks-datasets-groups.html) .", - "title": "Domain", + "Service": { + "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the service that the task set exists in.", + "title": "Service", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" + "TaskSetId": { + "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the task set to set as the primary task set in the deployment.", + "title": "TaskSetId", + "type": "string" } }, "required": [ - "DatasetGroupName", - "Domain" + "Cluster", + "Service", + "TaskSetId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Forecast::DatasetGroup" + "AWS::ECS::PrimaryTaskSet" ], "type": "string" }, @@ -101482,7 +104723,7 @@ ], "type": "object" }, - "AWS::FraudDetector::Detector": { + "AWS::ECS::Service": { "additionalProperties": false, "properties": { "Condition": { @@ -101517,66 +104758,161 @@ "Properties": { "additionalProperties": false, "properties": { - "AssociatedModels": { + "AvailabilityZoneRebalancing": { + "markdownDescription": "Indicates whether to use Availability Zone rebalancing for the service.\n\nFor more information, see [Balancing an Amazon ECS service across Availability Zones](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-rebalancing.html) in the **Amazon Elastic Container Service Developer Guide** .", + "title": "AvailabilityZoneRebalancing", + "type": "string" + }, + "CapacityProviderStrategy": { "items": { - "$ref": "#/definitions/AWS::FraudDetector::Detector.Model" + "$ref": "#/definitions/AWS::ECS::Service.CapacityProviderStrategyItem" }, - "markdownDescription": "The models to associate with this detector. You must provide the ARNs of all the models you want to associate.", - "title": "AssociatedModels", + "markdownDescription": "The capacity provider strategy to use for the service.\n\nIf a `capacityProviderStrategy` is specified, the `launchType` parameter must be omitted. If no `capacityProviderStrategy` or `launchType` is specified, the `defaultCapacityProviderStrategy` for the cluster is used.\n\nA capacity provider strategy can contain a maximum of 20 capacity providers.\n\n> To remove this property from your service resource, specify an empty `CapacityProviderStrategyItem` array.", + "title": "CapacityProviderStrategy", "type": "array" }, - "Description": { - "markdownDescription": "The detector description.", - "title": "Description", + "Cluster": { + "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the cluster that you run your service on. If you do not specify a cluster, the default cluster is assumed.", + "title": "Cluster", "type": "string" }, - "DetectorId": { - "markdownDescription": "The name of the detector.", - "title": "DetectorId", + "DeploymentConfiguration": { + "$ref": "#/definitions/AWS::ECS::Service.DeploymentConfiguration", + "markdownDescription": "Optional deployment parameters that control how many tasks run during the deployment and the ordering of stopping and starting tasks.", + "title": "DeploymentConfiguration" + }, + "DeploymentController": { + "$ref": "#/definitions/AWS::ECS::Service.DeploymentController", + "markdownDescription": "The deployment controller to use for the service.", + "title": "DeploymentController" + }, + "DesiredCount": { + "markdownDescription": "The number of instantiations of the specified task definition to place and keep running in your service.\n\nFor new services, if a desired count is not specified, a default value of `1` is used. When using the `DAEMON` scheduling strategy, the desired count is not required.\n\nFor existing services, if a desired count is not specified, it is omitted from the operation.", + "title": "DesiredCount", + "type": "number" + }, + "EnableECSManagedTags": { + "markdownDescription": "Specifies whether to turn on Amazon ECS managed tags for the tasks within the service. For more information, see [Tagging your Amazon ECS resources](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-using-tags.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nWhen you use Amazon ECS managed tags, you must set the `propagateTags` request parameter.", + "title": "EnableECSManagedTags", + "type": "boolean" + }, + "EnableExecuteCommand": { + "markdownDescription": "Determines whether the execute command functionality is turned on for the service. If `true` , the execute command functionality is turned on for all containers in tasks as part of the service.", + "title": "EnableExecuteCommand", + "type": "boolean" + }, + "HealthCheckGracePeriodSeconds": { + "markdownDescription": "The period of time, in seconds, that the Amazon ECS service scheduler ignores unhealthy Elastic Load Balancing, VPC Lattice, and container health checks after a task has first started. If you don't specify a health check grace period value, the default value of `0` is used. If you don't use any of the health checks, then `healthCheckGracePeriodSeconds` is unused.\n\nIf your service's tasks take a while to start and respond to health checks, you can specify a health check grace period of up to 2,147,483,647 seconds (about 69 years). During that time, the Amazon ECS service scheduler ignores health check status. This grace period can prevent the service scheduler from marking tasks as unhealthy and stopping them before they have time to come up.", + "title": "HealthCheckGracePeriodSeconds", + "type": "number" + }, + "LaunchType": { + "markdownDescription": "The launch type on which to run your service. For more information, see [Amazon ECS Launch Types](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/launch_types.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "LaunchType", "type": "string" }, - "DetectorVersionStatus": { - "markdownDescription": "The status of the detector version. If a value is not provided for this property, AWS CloudFormation assumes `DRAFT` status.\n\nValid values: `ACTIVE | DRAFT`", - "title": "DetectorVersionStatus", + "LoadBalancers": { + "items": { + "$ref": "#/definitions/AWS::ECS::Service.LoadBalancer" + }, + "markdownDescription": "A list of load balancer objects to associate with the service. If you specify the `Role` property, `LoadBalancers` must be specified as well. For information about the number of load balancers that you can specify per service, see [Service Load Balancing](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-load-balancing.html) in the *Amazon Elastic Container Service Developer Guide* .\n\n> To remove this property from your service resource, specify an empty `LoadBalancer` array.", + "title": "LoadBalancers", + "type": "array" + }, + "NetworkConfiguration": { + "$ref": "#/definitions/AWS::ECS::Service.NetworkConfiguration", + "markdownDescription": "The network configuration for the service. This parameter is required for task definitions that use the `awsvpc` network mode to receive their own elastic network interface, and it is not supported for other network modes. For more information, see [Task Networking](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-networking.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "NetworkConfiguration" + }, + "PlacementConstraints": { + "items": { + "$ref": "#/definitions/AWS::ECS::Service.PlacementConstraint" + }, + "markdownDescription": "An array of placement constraint objects to use for tasks in your service. You can specify a maximum of 10 constraints for each task. This limit includes constraints in the task definition and those specified at runtime.\n\n> To remove this property from your service resource, specify an empty `PlacementConstraint` array.", + "title": "PlacementConstraints", + "type": "array" + }, + "PlacementStrategies": { + "items": { + "$ref": "#/definitions/AWS::ECS::Service.PlacementStrategy" + }, + "markdownDescription": "The placement strategy objects to use for tasks in your service. You can specify a maximum of 5 strategy rules for each service.\n\n> To remove this property from your service resource, specify an empty `PlacementStrategy` array.", + "title": "PlacementStrategies", + "type": "array" + }, + "PlatformVersion": { + "markdownDescription": "The platform version that your tasks in the service are running on. A platform version is specified only for tasks using the Fargate launch type. If one isn't specified, the `LATEST` platform version is used. For more information, see [AWS Fargate platform versions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "PlatformVersion", "type": "string" }, - "EventType": { - "$ref": "#/definitions/AWS::FraudDetector::Detector.EventType", - "markdownDescription": "The event type associated with this detector.", - "title": "EventType" + "PropagateTags": { + "markdownDescription": "Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags aren't propagated. Tags can only be propagated to the task during task creation. To add tags to a task after task creation, use the [TagResource](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_TagResource.html) API action.\n\nYou must set this to a value other than `NONE` when you use Cost Explorer. For more information, see [Amazon ECS usage reports](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/usage-reports.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nThe default is `NONE` .", + "title": "PropagateTags", + "type": "string" }, - "RuleExecutionMode": { - "markdownDescription": "The rule execution mode for the rules included in the detector version.\n\nValid values: `FIRST_MATCHED | ALL_MATCHED` Default value: `FIRST_MATCHED`\n\nYou can define and edit the rule mode at the detector version level, when it is in draft status.\n\nIf you specify `FIRST_MATCHED` , Amazon Fraud Detector evaluates rules sequentially, first to last, stopping at the first matched rule. Amazon Fraud dectector then provides the outcomes for that single rule.\n\nIf you specifiy `ALL_MATCHED` , Amazon Fraud Detector evaluates all rules and returns the outcomes for all matched rules.", - "title": "RuleExecutionMode", + "Role": { + "markdownDescription": "The name or full Amazon Resource Name (ARN) of the IAM role that allows Amazon ECS to make calls to your load balancer on your behalf. This parameter is only permitted if you are using a load balancer with your service and your task definition doesn't use the `awsvpc` network mode. If you specify the `role` parameter, you must also specify a load balancer object with the `loadBalancers` parameter.\n\n> If your account has already created the Amazon ECS service-linked role, that role is used for your service unless you specify a role here. The service-linked role is required if your task definition uses the `awsvpc` network mode or if the service is configured to use service discovery, an external deployment controller, multiple target groups, or Elastic Inference accelerators in which case you don't specify a role here. For more information, see [Using service-linked roles for Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using-service-linked-roles.html) in the *Amazon Elastic Container Service Developer Guide* . \n\nIf your specified role has a path other than `/` , then you must either specify the full role ARN (this is recommended) or prefix the role name with the path. For example, if a role with the name `bar` has a path of `/foo/` then you would specify `/foo/bar` as the role name. For more information, see [Friendly names and paths](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-friendly-names) in the *IAM User Guide* .", + "title": "Role", "type": "string" }, - "Rules": { + "SchedulingStrategy": { + "markdownDescription": "The scheduling strategy to use for the service. For more information, see [Services](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs_services.html) .\n\nThere are two service scheduler strategies available:\n\n- `REPLICA` -The replica scheduling strategy places and maintains the desired number of tasks across your cluster. By default, the service scheduler spreads tasks across Availability Zones. You can use task placement strategies and constraints to customize task placement decisions. This scheduler strategy is required if the service uses the `CODE_DEPLOY` or `EXTERNAL` deployment controller types.\n- `DAEMON` -The daemon scheduling strategy deploys exactly one task on each active container instance that meets all of the task placement constraints that you specify in your cluster. The service scheduler also evaluates the task placement constraints for running tasks and will stop tasks that don't meet the placement constraints. When you're using this strategy, you don't need to specify a desired number of tasks, a task placement strategy, or use Service Auto Scaling policies.\n\n> Tasks using the Fargate launch type or the `CODE_DEPLOY` or `EXTERNAL` deployment controller types don't support the `DAEMON` scheduling strategy.", + "title": "SchedulingStrategy", + "type": "string" + }, + "ServiceConnectConfiguration": { + "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectConfiguration", + "markdownDescription": "The configuration for this service to discover and connect to services, and be discovered by, and connected from, other services within a namespace.\n\nTasks that run in a namespace can use short names to connect to services in the namespace. Tasks can connect to services across all of the clusters in the namespace. Tasks connect through a managed proxy container that collects logs and metrics for increased visibility. Only the tasks that Amazon ECS services create are supported with Service Connect. For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "ServiceConnectConfiguration" + }, + "ServiceName": { + "markdownDescription": "The name of your service. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed. Service names must be unique within a cluster, but you can have similarly named services in multiple clusters within a Region or across multiple Regions.\n\n> The stack update fails if you change any properties that require replacement and the `ServiceName` is configured. This is because AWS CloudFormation creates the replacement service first, but each `ServiceName` must be unique in the cluster.", + "title": "ServiceName", + "type": "string" + }, + "ServiceRegistries": { "items": { - "$ref": "#/definitions/AWS::FraudDetector::Detector.Rule" + "$ref": "#/definitions/AWS::ECS::Service.ServiceRegistry" }, - "markdownDescription": "The rules to include in the detector version.", - "title": "Rules", + "markdownDescription": "The details of the service discovery registry to associate with this service. For more information, see [Service discovery](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-discovery.html) .\n\n> Each service may be associated with one service registry. Multiple service registries for each service isn't supported. > To remove this property from your service resource, specify an empty `ServiceRegistry` array.", + "title": "ServiceRegistries", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "The metadata that you apply to the service to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define. When a service is deleted, the tags are deleted as well.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8\n- Maximum value length - 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", "title": "Tags", "type": "array" + }, + "TaskDefinition": { + "markdownDescription": "The `family` and `revision` ( `family:revision` ) or full ARN of the task definition to run in your service. If a `revision` isn't specified, the latest `ACTIVE` revision is used.\n\nA task definition must be specified if the service uses either the `ECS` or `CODE_DEPLOY` deployment controllers.\n\nFor more information about deployment types, see [Amazon ECS deployment types](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-types.html) .", + "title": "TaskDefinition", + "type": "string" + }, + "VolumeConfigurations": { + "items": { + "$ref": "#/definitions/AWS::ECS::Service.ServiceVolumeConfiguration" + }, + "markdownDescription": "The configuration for a volume specified in the task definition as a volume that is configured at launch time. Currently, the only supported volume type is an Amazon EBS volume.\n\n> To remove this property from your service resource, specify an empty `ServiceVolumeConfiguration` array.", + "title": "VolumeConfigurations", + "type": "array" + }, + "VpcLatticeConfigurations": { + "items": { + "$ref": "#/definitions/AWS::ECS::Service.VpcLatticeConfiguration" + }, + "markdownDescription": "The VPC Lattice configuration for the service being created.", + "title": "VpcLatticeConfigurations", + "type": "array" } }, - "required": [ - "DetectorId", - "EventType", - "Rules" - ], "type": "object" }, "Type": { "enum": [ - "AWS::FraudDetector::Detector" + "AWS::ECS::Service" ], "type": "string" }, @@ -101590,434 +104926,712 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::FraudDetector::Detector.EntityType": { + "AWS::ECS::Service.AdvancedConfiguration": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The entity type ARN.", - "title": "Arn", + "AlternateTargetGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the alternate target group for Amazon ECS blue/green deployments.", + "title": "AlternateTargetGroupArn", "type": "string" }, - "CreatedTime": { - "markdownDescription": "Timestamp of when the entity type was created.", - "title": "CreatedTime", + "ProductionListenerRule": { + "markdownDescription": "The Amazon Resource Name (ARN) that that identifies the production listener rule (in the case of an Application Load Balancer) or listener (in the case for an Network Load Balancer) for routing production traffic.", + "title": "ProductionListenerRule", "type": "string" }, - "Description": { - "markdownDescription": "The entity type description.", - "title": "Description", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that grants Amazon ECS permission to call the Elastic Load Balancing APIs for you.", + "title": "RoleArn", "type": "string" }, - "Inline": { - "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these Variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables.", - "title": "Inline", - "type": "boolean" - }, - "LastUpdatedTime": { - "markdownDescription": "Timestamp of when the entity type was last updated.", - "title": "LastUpdatedTime", + "TestListenerRule": { + "markdownDescription": "The Amazon Resource Name (ARN) that identifies ) that identifies the test listener rule (in the case of an Application Load Balancer) or listener (in the case for an Network Load Balancer) for routing test traffic.", + "title": "TestListenerRule", "type": "string" - }, - "Name": { - "markdownDescription": "The entity type name.", - "title": "Name", + } + }, + "required": [ + "AlternateTargetGroupArn" + ], + "type": "object" + }, + "AWS::ECS::Service.AwsVpcConfiguration": { + "additionalProperties": false, + "properties": { + "AssignPublicIp": { + "markdownDescription": "Whether the task's elastic network interface receives a public IP address.\n\nConsider the following when you set this value:\n\n- When you use `create-service` or `update-service` , the default is `DISABLED` .\n- When the service `deploymentController` is `ECS` , the value must be `DISABLED` .", + "title": "AssignPublicIp", "type": "string" }, - "Tags": { + "SecurityGroups": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", + "markdownDescription": "The IDs of the security groups associated with the task or service. If you don't specify a security group, the default security group for the VPC is used. There's a limit of 5 security groups that can be specified.\n\n> All specified security groups must be from the same VPC.", + "title": "SecurityGroups", + "type": "array" + }, + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the subnets associated with the task or service. There's a limit of 16 subnets that can be specified.\n\n> All specified subnets must be from the same VPC.", + "title": "Subnets", "type": "array" } }, "type": "object" }, - "AWS::FraudDetector::Detector.EventType": { + "AWS::ECS::Service.CapacityProviderStrategyItem": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The entity type ARN.", - "title": "Arn", - "type": "string" - }, - "CreatedTime": { - "markdownDescription": "Timestamp of when the event type was created.", - "title": "CreatedTime", - "type": "string" + "Base": { + "markdownDescription": "The *base* value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a *base* defined. If no value is specified, the default value of `0` is used.", + "title": "Base", + "type": "number" }, - "Description": { - "markdownDescription": "The event type description.", - "title": "Description", + "CapacityProvider": { + "markdownDescription": "The short name of the capacity provider.", + "title": "CapacityProvider", "type": "string" }, - "EntityTypes": { + "Weight": { + "markdownDescription": "The *weight* value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The `weight` value is taken into consideration after the `base` value, if defined, is satisfied.\n\nIf no `weight` value is specified, the default value of `0` is used. When multiple capacity providers are specified within a capacity provider strategy, at least one of the capacity providers must have a weight value greater than zero and any capacity providers with a weight of `0` can't be used to place tasks. If you specify multiple capacity providers in a strategy that all have a weight of `0` , any `RunTask` or `CreateService` actions using the capacity provider strategy will fail.\n\nAn example scenario for using weights is defining a strategy that contains two capacity providers and both have a weight of `1` , then when the `base` is satisfied, the tasks will be split evenly across the two capacity providers. Using that same logic, if you specify a weight of `1` for *capacityProviderA* and a weight of `4` for *capacityProviderB* , then for every one task that's run using *capacityProviderA* , four tasks would use *capacityProviderB* .", + "title": "Weight", + "type": "number" + } + }, + "type": "object" + }, + "AWS::ECS::Service.DeploymentAlarms": { + "additionalProperties": false, + "properties": { + "AlarmNames": { "items": { - "$ref": "#/definitions/AWS::FraudDetector::Detector.EntityType" + "type": "string" }, - "markdownDescription": "The event type entity types.", - "title": "EntityTypes", + "markdownDescription": "One or more CloudWatch alarm names. Use a \",\" to separate the alarms.", + "title": "AlarmNames", "type": "array" }, - "EventVariables": { + "Enable": { + "markdownDescription": "Determines whether to use the CloudWatch alarm option in the service deployment process.", + "title": "Enable", + "type": "boolean" + }, + "Rollback": { + "markdownDescription": "Determines whether to configure Amazon ECS to roll back the service if a service deployment fails. If rollback is used, when a service deployment fails, the service is rolled back to the last deployment that completed successfully.", + "title": "Rollback", + "type": "boolean" + } + }, + "required": [ + "AlarmNames", + "Enable", + "Rollback" + ], + "type": "object" + }, + "AWS::ECS::Service.DeploymentCircuitBreaker": { + "additionalProperties": false, + "properties": { + "Enable": { + "markdownDescription": "Determines whether to use the deployment circuit breaker logic for the service.", + "title": "Enable", + "type": "boolean" + }, + "Rollback": { + "markdownDescription": "Determines whether to configure Amazon ECS to roll back the service if a service deployment fails. If rollback is on, when a service deployment fails, the service is rolled back to the last deployment that completed successfully.", + "title": "Rollback", + "type": "boolean" + } + }, + "required": [ + "Enable", + "Rollback" + ], + "type": "object" + }, + "AWS::ECS::Service.DeploymentConfiguration": { + "additionalProperties": false, + "properties": { + "Alarms": { + "$ref": "#/definitions/AWS::ECS::Service.DeploymentAlarms", + "markdownDescription": "Information about the CloudWatch alarms.", + "title": "Alarms" + }, + "BakeTimeInMinutes": { + "markdownDescription": "The duration when both blue and green service revisions are running simultaneously after the production traffic has shifted.\n\nThe following rules apply when you don't specify a value:\n\n- For rolling deployments, the value is set to 3 hours (180 minutes).\n- When you use an external deployment controller ( `EXTERNAL` ), or the CodeDeploy blue/green deployment controller ( `CODE_DEPLOY` ), the value is set to 3 hours (180 minutes).\n- For all other cases, the value is set to 36 hours (2160 minutes).", + "title": "BakeTimeInMinutes", + "type": "number" + }, + "DeploymentCircuitBreaker": { + "$ref": "#/definitions/AWS::ECS::Service.DeploymentCircuitBreaker", + "markdownDescription": "> The deployment circuit breaker can only be used for services using the rolling update ( `ECS` ) deployment type. \n\nThe *deployment circuit breaker* determines whether a service deployment will fail if the service can't reach a steady state. If you use the deployment circuit breaker, a service deployment will transition to a failed state and stop launching new tasks. If you use the rollback option, when a service deployment fails, the service is rolled back to the last deployment that completed successfully. For more information, see [Rolling update](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-type-ecs.html) in the *Amazon Elastic Container Service Developer Guide*", + "title": "DeploymentCircuitBreaker" + }, + "LifecycleHooks": { "items": { - "$ref": "#/definitions/AWS::FraudDetector::Detector.EventVariable" + "$ref": "#/definitions/AWS::ECS::Service.DeploymentLifecycleHook" }, - "markdownDescription": "The event type event variables.", - "title": "EventVariables", + "markdownDescription": "An array of deployment lifecycle hook objects to run custom logic at specific stages of the deployment lifecycle.", + "title": "LifecycleHooks", "type": "array" }, - "Inline": { - "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the Variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables.", - "title": "Inline", - "type": "boolean" + "MaximumPercent": { + "markdownDescription": "If a service is using the rolling update ( `ECS` ) deployment type, the `maximumPercent` parameter represents an upper limit on the number of your service's tasks that are allowed in the `RUNNING` or `PENDING` state during a deployment, as a percentage of the `desiredCount` (rounded down to the nearest integer). This parameter enables you to define the deployment batch size. For example, if your service is using the `REPLICA` service scheduler and has a `desiredCount` of four tasks and a `maximumPercent` value of 200%, the scheduler may start four new tasks before stopping the four older tasks (provided that the cluster resources required to do this are available). The default `maximumPercent` value for a service using the `REPLICA` service scheduler is 200%.\n\nThe Amazon ECS scheduler uses this parameter to replace unhealthy tasks by starting replacement tasks first and then stopping the unhealthy tasks, as long as cluster resources for starting replacement tasks are available. For more information about how the scheduler replaces unhealthy tasks, see [Amazon ECS services](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs_services.html) .\n\nIf a service is using either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types, and tasks in the service use the EC2 launch type, the *maximum percent* value is set to the default value. The *maximum percent* value is used to define the upper limit on the number of the tasks in the service that remain in the `RUNNING` state while the container instances are in the `DRAINING` state.\n\n> You can't specify a custom `maximumPercent` value for a service that uses either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types and has tasks that use the EC2 launch type. \n\nIf the service uses either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types, and the tasks in the service use the Fargate launch type, the maximum percent value is not used. The value is still returned when describing your service.", + "title": "MaximumPercent", + "type": "number" }, - "Labels": { + "MinimumHealthyPercent": { + "markdownDescription": "If a service is using the rolling update ( `ECS` ) deployment type, the `minimumHealthyPercent` represents a lower limit on the number of your service's tasks that must remain in the `RUNNING` state during a deployment, as a percentage of the `desiredCount` (rounded up to the nearest integer). This parameter enables you to deploy without using additional cluster capacity. For example, if your service has a `desiredCount` of four tasks and a `minimumHealthyPercent` of 50%, the service scheduler may stop two existing tasks to free up cluster capacity before starting two new tasks.\n\nIf any tasks are unhealthy and if `maximumPercent` doesn't allow the Amazon ECS scheduler to start replacement tasks, the scheduler stops the unhealthy tasks one-by-one \u2014 using the `minimumHealthyPercent` as a constraint \u2014 to clear up capacity to launch replacement tasks. For more information about how the scheduler replaces unhealthy tasks, see [Amazon ECS services](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs_services.html) .\n\nFor services that *do not* use a load balancer, the following should be noted:\n\n- A service is considered healthy if all essential containers within the tasks in the service pass their health checks.\n- If a task has no essential containers with a health check defined, the service scheduler will wait for 40 seconds after a task reaches a `RUNNING` state before the task is counted towards the minimum healthy percent total.\n- If a task has one or more essential containers with a health check defined, the service scheduler will wait for the task to reach a healthy status before counting it towards the minimum healthy percent total. A task is considered healthy when all essential containers within the task have passed their health checks. The amount of time the service scheduler can wait for is determined by the container health check settings.\n\nFor services that *do* use a load balancer, the following should be noted:\n\n- If a task has no essential containers with a health check defined, the service scheduler will wait for the load balancer target group health check to return a healthy status before counting the task towards the minimum healthy percent total.\n- If a task has an essential container with a health check defined, the service scheduler will wait for both the task to reach a healthy status and the load balancer target group health check to return a healthy status before counting the task towards the minimum healthy percent total.\n\nThe default value for a replica service for `minimumHealthyPercent` is 100%. The default `minimumHealthyPercent` value for a service using the `DAEMON` service schedule is 0% for the AWS CLI , the AWS SDKs, and the APIs and 50% for the AWS Management Console.\n\nThe minimum number of healthy tasks during a deployment is the `desiredCount` multiplied by the `minimumHealthyPercent` /100, rounded up to the nearest integer value.\n\nIf a service is using either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types and is running tasks that use the EC2 launch type, the *minimum healthy percent* value is set to the default value. The *minimum healthy percent* value is used to define the lower limit on the number of the tasks in the service that remain in the `RUNNING` state while the container instances are in the `DRAINING` state.\n\n> You can't specify a custom `minimumHealthyPercent` value for a service that uses either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types and has tasks that use the EC2 launch type. \n\nIf a service is using either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types and is running tasks that use the Fargate launch type, the minimum healthy percent value is not used, although it is returned when describing your service.", + "title": "MinimumHealthyPercent", + "type": "number" + }, + "Strategy": { + "markdownDescription": "The deployment strategy for the service. Choose from these valid values:\n\n- `ROLLING` - When you create a service which uses the rolling update ( `ROLLING` ) deployment strategy, the Amazon ECS service scheduler replaces the currently running tasks with new tasks. The number of tasks that Amazon ECS adds or removes from the service during a rolling update is controlled by the service deployment configuration.\n- `BLUE_GREEN` - A blue/green deployment strategy ( `BLUE_GREEN` ) is a release methodology that reduces downtime and risk by running two identical production environments called blue and green. With Amazon ECS blue/green deployments, you can validate new service revisions before directing production traffic to them. This approach provides a safer way to deploy changes with the ability to quickly roll back if needed.", + "title": "Strategy", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ECS::Service.DeploymentController": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "The deployment controller type to use.\n\nThe deployment controller is the mechanism that determines how tasks are deployed for your service. The valid options are:\n\n- ECS\n\nWhen you create a service which uses the `ECS` deployment controller, you can choose between the following deployment strategies:\n\n- `ROLLING` : When you create a service which uses the *rolling update* ( `ROLLING` ) deployment strategy, the Amazon ECS service scheduler replaces the currently running tasks with new tasks. The number of tasks that Amazon ECS adds or removes from the service during a rolling update is controlled by the service deployment configuration.\n\nRolling update deployments are best suited for the following scenarios:\n\n- Gradual service updates: You need to update your service incrementally without taking the entire service offline at once.\n- Limited resource requirements: You want to avoid the additional resource costs of running two complete environments simultaneously (as required by blue/green deployments).\n- Acceptable deployment time: Your application can tolerate a longer deployment process, as rolling updates replace tasks one by one.\n- No need for instant roll back: Your service can tolerate a rollback process that takes minutes rather than seconds.\n- Simple deployment process: You prefer a straightforward deployment approach without the complexity of managing multiple environments, target groups, and listeners.\n- No load balancer requirement: Your service doesn't use or require a load balancer, Application Load Balancer , Network Load Balancer , or Service Connect (which are required for blue/green deployments).\n- Stateful applications: Your application maintains state that makes it difficult to run two parallel environments.\n- Cost sensitivity: You want to minimize deployment costs by not running duplicate environments during deployment.\n\nRolling updates are the default deployment strategy for services and provide a balance between deployment safety and resource efficiency for many common application scenarios.\n- `BLUE_GREEN` : A *blue/green* deployment strategy ( `BLUE_GREEN` ) is a release methodology that reduces downtime and risk by running two identical production environments called blue and green. With Amazon ECS blue/green deployments, you can validate new service revisions before directing production traffic to them. This approach provides a safer way to deploy changes with the ability to quickly roll back if needed.\n\nAmazon ECS blue/green deployments are best suited for the following scenarios:\n\n- Service validation: When you need to validate new service revisions before directing production traffic to them\n- Zero downtime: When your service requires zero-downtime deployments\n- Instant roll back: When you need the ability to quickly roll back if issues are detected\n- Load balancer requirement: When your service uses Application Load Balancer , Network Load Balancer , or Service Connect\n- External\n\nUse a third-party deployment controller.\n- Blue/green deployment (powered by CodeDeploy )\n\nCodeDeploy installs an updated version of the application as a new replacement task set and reroutes production traffic from the original application task set to the replacement task set. The original task set is terminated after a successful deployment. Use this deployment controller to verify a new deployment of a service before sending production traffic to it.\n\nWhen updating the deployment controller for a service, consider the following depending on the type of migration you're performing.\n\n- If you have a template that contains the `EXTERNAL` deployment controller information as well as `TaskSet` and `PrimaryTaskSet` resources, and you remove the task set resources from the template when updating from `EXTERNAL` to `ECS` , the `DescribeTaskSet` and `DeleteTaskSet` API calls will return a 400 error after the deployment controller is updated to `ECS` . This results in a delete failure on the task set resources, even though the stack transitions to `UPDATE_COMPLETE` status. For more information, see [Resource removed from stack but not deleted](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/troubleshooting.html#troubleshooting-errors-resource-removed-not-deleted) in the AWS CloudFormation User Guide. To fix this issue, delete the task sets directly using the Amazon ECS `DeleteTaskSet` API. For more information about how to delete a task set, see [DeleteTaskSet](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DeleteTaskSet.html) in the Amazon Elastic Container Service API Reference.\n- If you're migrating from `CODE_DEPLOY` to `ECS` with a new task definition and AWS CloudFormation performs a rollback operation, the Amazon ECS `UpdateService` request fails with the following error:\n\nResource handler returned message: \"Invalid request provided: Unable to update task definition on services with a CODE_DEPLOY deployment controller.\n- After a successful migration from `ECS` to `EXTERNAL` deployment controller, you need to manually remove the `ACTIVE` task set, because Amazon ECS no longer manages the deployment. For information about how to delete a task set, see [DeleteTaskSet](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DeleteTaskSet.html) in the Amazon Elastic Container Service API Reference.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ECS::Service.DeploymentLifecycleHook": { + "additionalProperties": false, + "properties": { + "HookTargetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the hook target. Currently, only Lambda function ARNs are supported.\n\nYou must provide this parameter when configuring a deployment lifecycle hook.", + "title": "HookTargetArn", + "type": "string" + }, + "LifecycleStages": { "items": { - "$ref": "#/definitions/AWS::FraudDetector::Detector.Label" + "type": "string" }, - "markdownDescription": "The event type labels.", - "title": "Labels", + "markdownDescription": "The lifecycle stages at which to run the hook. Choose from these valid values:\n\n- RECONCILE_SERVICE\n\nThe reconciliation stage that only happens when you start a new service deployment with more than 1 service revision in an ACTIVE state.\n\nYou can use a lifecycle hook for this stage.\n- PRE_SCALE_UP\n\nThe green service revision has not started. The blue service revision is handling 100% of the production traffic. There is no test traffic.\n\nYou can use a lifecycle hook for this stage.\n- POST_SCALE_UP\n\nThe green service revision has started. The blue service revision is handling 100% of the production traffic. There is no test traffic.\n\nYou can use a lifecycle hook for this stage.\n- TEST_TRAFFIC_SHIFT\n\nThe blue and green service revisions are running. The blue service revision handles 100% of the production traffic. The green service revision is migrating from 0% to 100% of test traffic.\n\nYou can use a lifecycle hook for this stage.\n- POST_TEST_TRAFFIC_SHIFT\n\nThe test traffic shift is complete. The green service revision handles 100% of the test traffic.\n\nYou can use a lifecycle hook for this stage.\n- PRODUCTION_TRAFFIC_SHIFT\n\nProduction traffic is shifting to the green service revision. The green service revision is migrating from 0% to 100% of production traffic.\n\nYou can use a lifecycle hook for this stage.\n- POST_PRODUCTION_TRAFFIC_SHIFT\n\nThe production traffic shift is complete.\n\nYou can use a lifecycle hook for this stage.\n\nYou must provide this parameter when configuring a deployment lifecycle hook.", + "title": "LifecycleStages", "type": "array" }, - "LastUpdatedTime": { - "markdownDescription": "Timestamp of when the event type was last updated.", - "title": "LastUpdatedTime", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that grants Amazon ECS permission to call Lambda functions on your behalf.\n\nFor more information, see [Permissions required for Lambda functions in Amazon ECS blue/green deployments](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/blue-green-permissions.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "HookTargetArn", + "LifecycleStages", + "RoleArn" + ], + "type": "object" + }, + "AWS::ECS::Service.EBSTagSpecification": { + "additionalProperties": false, + "properties": { + "PropagateTags": { + "markdownDescription": "Determines whether to propagate the tags from the task definition to the Amazon EBS volume. Tags can only propagate to a `SERVICE` specified in `ServiceVolumeConfiguration` . If no value is specified, the tags aren't propagated.", + "title": "PropagateTags", "type": "string" }, - "Name": { - "markdownDescription": "The event type name.", - "title": "Name", + "ResourceType": { + "markdownDescription": "The type of volume resource.", + "title": "ResourceType", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "The tags applied to this Amazon EBS volume. `AmazonECSCreated` and `AmazonECSManaged` are reserved tags that can't be used.", "title": "Tags", "type": "array" } }, + "required": [ + "ResourceType" + ], "type": "object" }, - "AWS::FraudDetector::Detector.EventVariable": { + "AWS::ECS::Service.LoadBalancer": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The event variable ARN.", - "title": "Arn", - "type": "string" - }, - "CreatedTime": { - "markdownDescription": "Timestamp for when the event variable was created.", - "title": "CreatedTime", - "type": "string" + "AdvancedConfiguration": { + "$ref": "#/definitions/AWS::ECS::Service.AdvancedConfiguration", + "markdownDescription": "The advanced settings for the load balancer used in blue/green deployments. Specify the alternate target group, listener rules, and IAM role required for traffic shifting during blue/green deployments.", + "title": "AdvancedConfiguration" }, - "DataSource": { - "markdownDescription": "The data source of the event variable.\n\nValid values: `EVENT | EXTERNAL_MODEL_SCORE`\n\nWhen defining a variable within a detector, you can only use the `EVENT` value for DataSource when the *Inline* property is set to true. If the *Inline* property is set false, you can use either `EVENT` or `MODEL_SCORE` for DataSource.", - "title": "DataSource", + "ContainerName": { + "markdownDescription": "The name of the container (as it appears in a container definition) to associate with the load balancer.\n\nYou need to specify the container name when configuring the target group for an Amazon ECS load balancer.", + "title": "ContainerName", "type": "string" }, - "DataType": { - "markdownDescription": "The data type of the event variable.\n\nValid values: `STRING | INTEGER | BOOLEAN | FLOAT`", - "title": "DataType", - "type": "string" + "ContainerPort": { + "markdownDescription": "The port on the container to associate with the load balancer. This port must correspond to a `containerPort` in the task definition the tasks in the service are using. For tasks that use the EC2 launch type, the container instance they're launched on must allow ingress traffic on the `hostPort` of the port mapping.", + "title": "ContainerPort", + "type": "number" }, - "DefaultValue": { - "markdownDescription": "The default value of the event variable. This is required if you are providing the details of your variables instead of the ARN.", - "title": "DefaultValue", + "LoadBalancerName": { + "markdownDescription": "The name of the load balancer to associate with the Amazon ECS service or task set.\n\nIf you are using an Application Load Balancer or a Network Load Balancer the load balancer name parameter should be omitted.", + "title": "LoadBalancerName", "type": "string" }, - "Description": { - "markdownDescription": "The description of the event variable.", - "title": "Description", + "TargetGroupArn": { + "markdownDescription": "The full Amazon Resource Name (ARN) of the Elastic Load Balancing target group or groups associated with a service or task set.\n\nA target group ARN is only specified when using an Application Load Balancer or Network Load Balancer.\n\nFor services using the `ECS` deployment controller, you can specify one or multiple target groups. For more information, see [Registering multiple target groups with a service](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/register-multiple-targetgroups.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nFor services using the `CODE_DEPLOY` deployment controller, you're required to define two target groups for the load balancer. For more information, see [Blue/green deployment with CodeDeploy](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-type-bluegreen.html) in the *Amazon Elastic Container Service Developer Guide* .\n\n> If your service's task definition uses the `awsvpc` network mode, you must choose `ip` as the target type, not `instance` . Do this when creating your target groups because tasks that use the `awsvpc` network mode are associated with an elastic network interface, not an Amazon EC2 instance. This network mode is required for the Fargate launch type.", + "title": "TargetGroupArn", "type": "string" - }, - "Inline": { - "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables.", - "title": "Inline", - "type": "boolean" - }, - "LastUpdatedTime": { - "markdownDescription": "Timestamp for when the event variable was last updated.", - "title": "LastUpdatedTime", + } + }, + "type": "object" + }, + "AWS::ECS::Service.LogConfiguration": { + "additionalProperties": false, + "properties": { + "LogDriver": { + "markdownDescription": "The log driver to use for the container.\n\nFor tasks on AWS Fargate , the supported log drivers are `awslogs` , `splunk` , and `awsfirelens` .\n\nFor tasks hosted on Amazon EC2 instances, the supported log drivers are `awslogs` , `fluentd` , `gelf` , `json-file` , `journald` , `syslog` , `splunk` , and `awsfirelens` .\n\nFor more information about using the `awslogs` log driver, see [Send Amazon ECS logs to CloudWatch](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_awslogs.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nFor more information about using the `awsfirelens` log driver, see [Send Amazon ECS logs to an AWS service or AWS Partner](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html) .\n\n> If you have a custom driver that isn't listed, you can fork the Amazon ECS container agent project that's [available on GitHub](https://docs.aws.amazon.com/https://github.com/aws/amazon-ecs-agent) and customize it to work with that driver. We encourage you to submit pull requests for changes that you would like to have included. However, we don't currently provide support for running modified copies of this software.", + "title": "LogDriver", "type": "string" }, - "Name": { - "markdownDescription": "The name of the event variable.", - "title": "Name", - "type": "string" + "Options": { + "additionalProperties": true, + "markdownDescription": "The configuration options to send to the log driver.\n\nThe options you can specify depend on the log driver. Some of the options you can specify when you use the `awslogs` log driver to route logs to Amazon CloudWatch include the following:\n\n- **awslogs-create-group** - Required: No\n\nSpecify whether you want the log group to be created automatically. If this option isn't specified, it defaults to `false` .\n\n> Your IAM policy must include the `logs:CreateLogGroup` permission before you attempt to use `awslogs-create-group` .\n- **awslogs-region** - Required: Yes\n\nSpecify the AWS Region that the `awslogs` log driver is to send your Docker logs to. You can choose to send all of your logs from clusters in different Regions to a single region in CloudWatch Logs. This is so that they're all visible in one location. Otherwise, you can separate them by Region for more granularity. Make sure that the specified log group exists in the Region that you specify with this option.\n- **awslogs-group** - Required: Yes\n\nMake sure to specify a log group that the `awslogs` log driver sends its log streams to.\n- **awslogs-stream-prefix** - Required: Yes, when using Fargate.Optional when using EC2.\n\nUse the `awslogs-stream-prefix` option to associate a log stream with the specified prefix, the container name, and the ID of the Amazon ECS task that the container belongs to. If you specify a prefix with this option, then the log stream takes the format `prefix-name/container-name/ecs-task-id` .\n\nIf you don't specify a prefix with this option, then the log stream is named after the container ID that's assigned by the Docker daemon on the container instance. Because it's difficult to trace logs back to the container that sent them with just the Docker container ID (which is only available on the container instance), we recommend that you specify a prefix with this option.\n\nFor Amazon ECS services, you can use the service name as the prefix. Doing so, you can trace log streams to the service that the container belongs to, the name of the container that sent them, and the ID of the task that the container belongs to.\n\nYou must specify a stream-prefix for your logs to have your logs appear in the Log pane when using the Amazon ECS console.\n- **awslogs-datetime-format** - Required: No\n\nThis option defines a multiline start pattern in Python `strftime` format. A log message consists of a line that matches the pattern and any following lines that don\u2019t match the pattern. The matched line is the delimiter between log messages.\n\nOne example of a use case for using this format is for parsing output such as a stack dump, which might otherwise be logged in multiple entries. The correct pattern allows it to be captured in a single entry.\n\nFor more information, see [awslogs-datetime-format](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/awslogs/#awslogs-datetime-format) .\n\nYou cannot configure both the `awslogs-datetime-format` and `awslogs-multiline-pattern` options.\n\n> Multiline logging performs regular expression parsing and matching of all log messages. This might have a negative impact on logging performance.\n- **awslogs-multiline-pattern** - Required: No\n\nThis option defines a multiline start pattern that uses a regular expression. A log message consists of a line that matches the pattern and any following lines that don\u2019t match the pattern. The matched line is the delimiter between log messages.\n\nFor more information, see [awslogs-multiline-pattern](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/awslogs/#awslogs-multiline-pattern) .\n\nThis option is ignored if `awslogs-datetime-format` is also configured.\n\nYou cannot configure both the `awslogs-datetime-format` and `awslogs-multiline-pattern` options.\n\n> Multiline logging performs regular expression parsing and matching of all log messages. This might have a negative impact on logging performance.\n\nThe following options apply to all supported log drivers.\n\n- **mode** - Required: No\n\nValid values: `non-blocking` | `blocking`\n\nThis option defines the delivery mode of log messages from the container to the log driver specified using `logDriver` . The delivery mode you choose affects application availability when the flow of logs from container is interrupted.\n\nIf you use the `blocking` mode and the flow of logs is interrupted, calls from container code to write to the `stdout` and `stderr` streams will block. The logging thread of the application will block as a result. This may cause the application to become unresponsive and lead to container healthcheck failure.\n\nIf you use the `non-blocking` mode, the container's logs are instead stored in an in-memory intermediate buffer configured with the `max-buffer-size` option. This prevents the application from becoming unresponsive when logs cannot be sent. We recommend using this mode if you want to ensure service availability and are okay with some log loss. For more information, see [Preventing log loss with non-blocking mode in the `awslogs` container log driver](https://docs.aws.amazon.com/containers/preventing-log-loss-with-non-blocking-mode-in-the-awslogs-container-log-driver/) .\n\nYou can set a default `mode` for all containers in a specific AWS Region by using the `defaultLogDriverMode` account setting. If you don't specify the `mode` option or configure the account setting, Amazon ECS will default to the `non-blocking` mode. For more information about the account setting, see [Default log driver mode](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-account-settings.html#default-log-driver-mode) in the *Amazon Elastic Container Service Developer Guide* .\n\n> On June 25, 2025, Amazon ECS changed the default log driver mode from `blocking` to `non-blocking` to prioritize task availability over logging. To continue using the `blocking` mode after this change, do one of the following:\n> \n> - Set the `mode` option in your container definition's `logConfiguration` as `blocking` .\n> - Set the `defaultLogDriverMode` account setting to `blocking` .\n- **max-buffer-size** - Required: No\n\nDefault value: `1m`\n\nWhen `non-blocking` mode is used, the `max-buffer-size` log option controls the size of the buffer that's used for intermediate message storage. Make sure to specify an adequate buffer size based on your application. When the buffer fills up, further logs cannot be stored. Logs that cannot be stored are lost.\n\nTo route logs using the `splunk` log router, you need to specify a `splunk-token` and a `splunk-url` .\n\nWhen you use the `awsfirelens` log router to route logs to an AWS Service or AWS Partner Network destination for log storage and analytics, you can set the `log-driver-buffer-limit` option to limit the number of events that are buffered in memory, before being sent to the log router container. It can help to resolve potential log loss issue because high throughput might result in memory running out for the buffer inside of Docker.\n\nOther options you can specify when using `awsfirelens` to route logs depend on the destination. When you export logs to Amazon Data Firehose, you can specify the AWS Region with `region` and a name for the log stream with `delivery_stream` .\n\nWhen you export logs to Amazon Kinesis Data Streams, you can specify an AWS Region with `region` and a data stream name with `stream` .\n\nWhen you export logs to Amazon OpenSearch Service, you can specify options like `Name` , `Host` (OpenSearch Service endpoint without protocol), `Port` , `Index` , `Type` , `Aws_auth` , `Aws_region` , `Suppress_Type_Name` , and `tls` . For more information, see [Under the hood: FireLens for Amazon ECS Tasks](https://docs.aws.amazon.com/containers/under-the-hood-firelens-for-amazon-ecs-tasks/) .\n\nWhen you export logs to Amazon S3, you can specify the bucket using the `bucket` option. You can also specify `region` , `total_file_size` , `upload_timeout` , and `use_put_object` as options.\n\nThis parameter requires version 1.19 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Options", + "type": "object" }, - "Tags": { + "SecretOptions": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::ECS::Service.Secret" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", + "markdownDescription": "The secrets to pass to the log configuration. For more information, see [Specifying sensitive data](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "SecretOptions", "type": "array" - }, - "VariableType": { - "markdownDescription": "The type of event variable. For more information, see [Variable types](https://docs.aws.amazon.com/frauddetector/latest/ug/create-a-variable.html#variable-types) .", - "title": "VariableType", - "type": "string" } }, "type": "object" }, - "AWS::FraudDetector::Detector.Label": { + "AWS::ECS::Service.NetworkConfiguration": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The label ARN.", - "title": "Arn", + "AwsvpcConfiguration": { + "$ref": "#/definitions/AWS::ECS::Service.AwsVpcConfiguration", + "markdownDescription": "The VPC subnets and security groups that are associated with a task.\n\n> All specified subnets and security groups must be from the same VPC.", + "title": "AwsvpcConfiguration" + } + }, + "type": "object" + }, + "AWS::ECS::Service.PlacementConstraint": { + "additionalProperties": false, + "properties": { + "Expression": { + "markdownDescription": "A cluster query language expression to apply to the constraint. The expression can have a maximum length of 2000 characters. You can't specify an expression if the constraint type is `distinctInstance` . For more information, see [Cluster query language](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "Expression", "type": "string" }, - "CreatedTime": { - "markdownDescription": "Timestamp of when the event type was created.", - "title": "CreatedTime", + "Type": { + "markdownDescription": "The type of constraint. Use `distinctInstance` to ensure that each task in a particular group is running on a different container instance. Use `memberOf` to restrict the selection to a group of valid candidates.", + "title": "Type", "type": "string" - }, - "Description": { - "markdownDescription": "The label description.", - "title": "Description", + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::ECS::Service.PlacementStrategy": { + "additionalProperties": false, + "properties": { + "Field": { + "markdownDescription": "The field to apply the placement strategy against. For the `spread` placement strategy, valid values are `instanceId` (or `host` , which has the same effect), or any platform or custom attribute that's applied to a container instance, such as `attribute:ecs.availability-zone` . For the `binpack` placement strategy, valid values are `cpu` and `memory` . For the `random` placement strategy, this field is not used.", + "title": "Field", "type": "string" }, - "Inline": { - "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables.", - "title": "Inline", - "type": "boolean" - }, - "LastUpdatedTime": { - "markdownDescription": "Timestamp of when the label was last updated.", - "title": "LastUpdatedTime", + "Type": { + "markdownDescription": "The type of placement strategy. The `random` placement strategy randomly places tasks on available candidates. The `spread` placement strategy spreads placement across available candidates evenly based on the `field` parameter. The `binpack` strategy places tasks on available candidates that have the least available amount of the resource that's specified with the `field` parameter. For example, if you binpack on memory, a task is placed on the instance with the least amount of remaining memory but still enough to run the task.", + "title": "Type", "type": "string" - }, + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::ECS::Service.Secret": { + "additionalProperties": false, + "properties": { "Name": { - "markdownDescription": "The label name.", + "markdownDescription": "The name of the secret.", "title": "Name", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" + "ValueFrom": { + "markdownDescription": "The secret to expose to the container. The supported values are either the full ARN of the AWS Secrets Manager secret or the full ARN of the parameter in the SSM Parameter Store.\n\nFor information about the require AWS Identity and Access Management permissions, see [Required IAM permissions for Amazon ECS secrets](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data-secrets.html#secrets-iam) (for Secrets Manager) or [Required IAM permissions for Amazon ECS secrets](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data-parameters.html) (for Systems Manager Parameter store) in the *Amazon Elastic Container Service Developer Guide* .\n\n> If the SSM Parameter Store parameter exists in the same Region as the task you're launching, then you can use either the full ARN or name of the parameter. If the parameter exists in a different Region, then the full ARN must be specified.", + "title": "ValueFrom", + "type": "string" } }, + "required": [ + "Name", + "ValueFrom" + ], "type": "object" }, - "AWS::FraudDetector::Detector.Model": { + "AWS::ECS::Service.ServiceConnectClientAlias": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The ARN of the model.", - "title": "Arn", + "DnsName": { + "markdownDescription": "The `dnsName` is the name that you use in the applications of client tasks to connect to this service. The name must be a valid DNS name but doesn't need to be fully-qualified. The name can include up to 127 characters. The name can include lowercase letters, numbers, underscores (_), hyphens (-), and periods (.). The name can't start with a hyphen.\n\nIf this parameter isn't specified, the default value of `discoveryName.namespace` is used. If the `discoveryName` isn't specified, the port mapping name from the task definition is used in `portName.namespace` .\n\nTo avoid changing your applications in client Amazon ECS services, set this to the same name that the client application uses by default. For example, a few common names are `database` , `db` , or the lowercase name of a database, such as `mysql` or `redis` . For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "DnsName", "type": "string" + }, + "Port": { + "markdownDescription": "The listening port number for the Service Connect proxy. This port is available inside of all of the tasks within the same namespace.\n\nTo avoid changing your applications in client Amazon ECS services, set this to the same port that the client application uses by default. For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "Port", + "type": "number" + }, + "TestTrafficRules": { + "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectTestTrafficRules", + "markdownDescription": "The configuration for test traffic routing rules used during blue/green deployments with Amazon ECS Service Connect. This allows you to route a portion of traffic to the new service revision of your service for testing before shifting all production traffic.", + "title": "TestTrafficRules" } }, + "required": [ + "Port" + ], "type": "object" }, - "AWS::FraudDetector::Detector.Outcome": { + "AWS::ECS::Service.ServiceConnectConfiguration": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The outcome ARN.", - "title": "Arn", - "type": "string" + "Enabled": { + "markdownDescription": "Specifies whether to use Service Connect with this service.", + "title": "Enabled", + "type": "boolean" }, - "CreatedTime": { - "markdownDescription": "The timestamp when the outcome was created.", - "title": "CreatedTime", + "LogConfiguration": { + "$ref": "#/definitions/AWS::ECS::Service.LogConfiguration", + "markdownDescription": "The log configuration for the container. This parameter maps to `LogConfig` in the docker container create command and the `--log-driver` option to docker run.\n\nBy default, containers use the same logging driver that the Docker daemon uses. However, the container might use a different logging driver than the Docker daemon by specifying a log driver configuration in the container definition.\n\nUnderstand the following when specifying a log configuration for your containers.\n\n- Amazon ECS currently supports a subset of the logging drivers available to the Docker daemon. Additional log drivers may be available in future releases of the Amazon ECS container agent.\n\nFor tasks on AWS Fargate , the supported log drivers are `awslogs` , `splunk` , and `awsfirelens` .\n\nFor tasks hosted on Amazon EC2 instances, the supported log drivers are `awslogs` , `fluentd` , `gelf` , `json-file` , `journald` , `syslog` , `splunk` , and `awsfirelens` .\n- This parameter requires version 1.18 of the Docker Remote API or greater on your container instance.\n- For tasks that are hosted on Amazon EC2 instances, the Amazon ECS container agent must register the available logging drivers with the `ECS_AVAILABLE_LOGGING_DRIVERS` environment variable before containers placed on that instance can use these log configuration options. For more information, see [Amazon ECS container agent configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the *Amazon Elastic Container Service Developer Guide* .\n- For tasks that are on AWS Fargate , because you don't have access to the underlying infrastructure your tasks are hosted on, any additional software needed must be installed outside of the task. For example, the Fluentd output aggregators or a remote host running Logstash to send Gelf logs to.", + "title": "LogConfiguration" + }, + "Namespace": { + "markdownDescription": "The namespace name or full Amazon Resource Name (ARN) of the AWS Cloud Map namespace for use with Service Connect. The namespace must be in the same AWS Region as the Amazon ECS service and cluster. The type of namespace doesn't affect Service Connect. For more information about AWS Cloud Map , see [Working with Services](https://docs.aws.amazon.com/cloud-map/latest/dg/working-with-services.html) in the *AWS Cloud Map Developer Guide* .", + "title": "Namespace", "type": "string" }, - "Description": { - "markdownDescription": "The outcome description.", - "title": "Description", + "Services": { + "items": { + "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectService" + }, + "markdownDescription": "The list of Service Connect service objects. These are names and aliases (also known as endpoints) that are used by other Amazon ECS services to connect to this service.\n\nThis field is not required for a \"client\" Amazon ECS service that's a member of a namespace only to connect to other services within the namespace. An example of this would be a frontend application that accepts incoming requests from either a load balancer that's attached to the service or by other means.\n\nAn object selects a port from the task definition, assigns a name for the AWS Cloud Map service, and a list of aliases (endpoints) and ports for client applications to refer to this service.", + "title": "Services", + "type": "array" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::ECS::Service.ServiceConnectService": { + "additionalProperties": false, + "properties": { + "ClientAliases": { + "items": { + "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectClientAlias" + }, + "markdownDescription": "The list of client aliases for this Service Connect service. You use these to assign names that can be used by client applications. The maximum number of client aliases that you can have in this list is 1.\n\nEach alias (\"endpoint\") is a fully-qualified name and port number that other Amazon ECS tasks (\"clients\") can use to connect to this service.\n\nEach name and port mapping must be unique within the namespace.\n\nFor each `ServiceConnectService` , you must provide at least one `clientAlias` with one `port` .", + "title": "ClientAliases", + "type": "array" + }, + "DiscoveryName": { + "markdownDescription": "The `discoveryName` is the name of the new AWS Cloud Map service that Amazon ECS creates for this Amazon ECS service. This must be unique within the AWS Cloud Map namespace. The name can contain up to 64 characters. The name can include lowercase letters, numbers, underscores (_), and hyphens (-). The name can't start with a hyphen.\n\nIf the `discoveryName` isn't specified, the port mapping name from the task definition is used in `portName.namespace` .", + "title": "DiscoveryName", "type": "string" }, - "Inline": { - "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables.", - "title": "Inline", - "type": "boolean" + "IngressPortOverride": { + "markdownDescription": "The port number for the Service Connect proxy to listen on.\n\nUse the value of this field to bypass the proxy for traffic on the port number specified in the named `portMapping` in the task definition of this application, and then use it in your VPC security groups to allow traffic into the proxy for this Amazon ECS service.\n\nIn `awsvpc` mode and Fargate, the default value is the container port number. The container port number is in the `portMapping` in the task definition. In bridge mode, the default value is the ephemeral port of the Service Connect proxy.", + "title": "IngressPortOverride", + "type": "number" }, - "LastUpdatedTime": { - "markdownDescription": "The timestamp when the outcome was last updated.", - "title": "LastUpdatedTime", + "PortName": { + "markdownDescription": "The `portName` must match the name of one of the `portMappings` from all the containers in the task definition of this Amazon ECS service.", + "title": "PortName", "type": "string" }, + "Timeout": { + "$ref": "#/definitions/AWS::ECS::Service.TimeoutConfiguration", + "markdownDescription": "A reference to an object that represents the configured timeouts for Service Connect.", + "title": "Timeout" + }, + "Tls": { + "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectTlsConfiguration", + "markdownDescription": "A reference to an object that represents a Transport Layer Security (TLS) configuration.", + "title": "Tls" + } + }, + "required": [ + "PortName" + ], + "type": "object" + }, + "AWS::ECS::Service.ServiceConnectTestTrafficRules": { + "additionalProperties": false, + "properties": { + "Header": { + "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectTestTrafficRulesHeader", + "markdownDescription": "The HTTP header-based routing rules that determine which requests should be routed to the new service version during blue/green deployment testing. These rules provide fine-grained control over test traffic routing based on request headers.", + "title": "Header" + } + }, + "required": [ + "Header" + ], + "type": "object" + }, + "AWS::ECS::Service.ServiceConnectTestTrafficRulesHeader": { + "additionalProperties": false, + "properties": { "Name": { - "markdownDescription": "The outcome name.", + "markdownDescription": "", "title": "Name", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" + "Value": { + "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectTestTrafficRulesHeaderValue", + "markdownDescription": "", + "title": "Value" } }, + "required": [ + "Name" + ], "type": "object" }, - "AWS::FraudDetector::Detector.Rule": { + "AWS::ECS::Service.ServiceConnectTestTrafficRulesHeaderValue": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The rule ARN.", - "title": "Arn", + "Exact": { + "markdownDescription": "", + "title": "Exact", + "type": "string" + } + }, + "required": [ + "Exact" + ], + "type": "object" + }, + "AWS::ECS::Service.ServiceConnectTlsCertificateAuthority": { + "additionalProperties": false, + "properties": { + "AwsPcaAuthorityArn": { + "markdownDescription": "The ARN of the AWS Private Certificate Authority certificate.", + "title": "AwsPcaAuthorityArn", "type": "string" + } + }, + "type": "object" + }, + "AWS::ECS::Service.ServiceConnectTlsConfiguration": { + "additionalProperties": false, + "properties": { + "IssuerCertificateAuthority": { + "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectTlsCertificateAuthority", + "markdownDescription": "The signer certificate authority.", + "title": "IssuerCertificateAuthority" }, - "CreatedTime": { - "markdownDescription": "Timestamp for when the rule was created.", - "title": "CreatedTime", + "KmsKey": { + "markdownDescription": "The AWS Key Management Service key.", + "title": "KmsKey", "type": "string" }, - "Description": { - "markdownDescription": "The rule description.", - "title": "Description", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that's associated with the Service Connect TLS.", + "title": "RoleArn", "type": "string" + } + }, + "required": [ + "IssuerCertificateAuthority" + ], + "type": "object" + }, + "AWS::ECS::Service.ServiceManagedEBSVolumeConfiguration": { + "additionalProperties": false, + "properties": { + "Encrypted": { + "markdownDescription": "Indicates whether the volume should be encrypted. If you turn on Region-level Amazon EBS encryption by default but set this value as `false` , the setting is overridden and the volume is encrypted with the KMS key specified for Amazon EBS encryption by default. This parameter maps 1:1 with the `Encrypted` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .", + "title": "Encrypted", + "type": "boolean" }, - "DetectorId": { - "markdownDescription": "The detector for which the rule is associated.", - "title": "DetectorId", + "FilesystemType": { + "markdownDescription": "The filesystem type for the volume. For volumes created from a snapshot, you must specify the same filesystem type that the volume was using when the snapshot was created. If there is a filesystem type mismatch, the tasks will fail to start.\n\nThe available Linux filesystem types are `ext3` , `ext4` , and `xfs` . If no value is specified, the `xfs` filesystem type is used by default.\n\nThe available Windows filesystem types are `NTFS` .", + "title": "FilesystemType", "type": "string" }, - "Expression": { - "markdownDescription": "The rule expression. A rule expression captures the business logic. For more information, see [Rule language reference](https://docs.aws.amazon.com/frauddetector/latest/ug/rule-language-reference.html) .", - "title": "Expression", + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS). For `gp3` , `io1` , and `io2` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n\nThe following are the supported values for each volume type.\n\n- `gp3` : 3,000 - 16,000 IOPS\n- `io1` : 100 - 64,000 IOPS\n- `io2` : 100 - 256,000 IOPS\n\nThis parameter is required for `io1` and `io2` volume types. The default for `gp3` volumes is `3,000 IOPS` . This parameter is not supported for `st1` , `sc1` , or `standard` volume types.\n\nThis parameter maps 1:1 with the `Iops` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .", + "title": "Iops", + "type": "number" + }, + "KmsKeyId": { + "markdownDescription": "The Amazon Resource Name (ARN) identifier of the AWS Key Management Service key to use for Amazon EBS encryption. When a key is specified using this parameter, it overrides Amazon EBS default encryption or any KMS key that you specified for cluster-level managed storage encryption. This parameter maps 1:1 with the `KmsKeyId` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* . For more information about encrypting Amazon EBS volumes attached to tasks, see [Encrypt data stored in Amazon EBS volumes attached to Amazon ECS tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ebs-kms-encryption.html) .\n\n> AWS authenticates the AWS Key Management Service key asynchronously. Therefore, if you specify an ID, alias, or ARN that is invalid, the action can appear to complete, but eventually fails.", + "title": "KmsKeyId", "type": "string" }, - "Language": { - "markdownDescription": "The rule language.\n\nValid Value: DETECTORPL", - "title": "Language", + "RoleArn": { + "markdownDescription": "The ARN of the IAM role to associate with this volume. This is the Amazon ECS infrastructure IAM role that is used to manage your AWS infrastructure. We recommend using the Amazon ECS-managed `AmazonECSInfrastructureRolePolicyForVolumes` IAM policy with this role. For more information, see [Amazon ECS infrastructure IAM role](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/infrastructure_IAM_role.html) in the *Amazon ECS Developer Guide* .", + "title": "RoleArn", "type": "string" }, - "LastUpdatedTime": { - "markdownDescription": "Timestamp for when the rule was last updated.", - "title": "LastUpdatedTime", + "SizeInGiB": { + "markdownDescription": "The size of the volume in GiB. You must specify either a volume size or a snapshot ID. If you specify a snapshot ID, the snapshot size is used for the volume size by default. You can optionally specify a volume size greater than or equal to the snapshot size. This parameter maps 1:1 with the `Size` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .\n\nThe following are the supported volume size values for each volume type.\n\n- `gp2` and `gp3` : 1-16,384\n- `io1` and `io2` : 4-16,384\n- `st1` and `sc1` : 125-16,384\n- `standard` : 1-1,024", + "title": "SizeInGiB", + "type": "number" + }, + "SnapshotId": { + "markdownDescription": "The snapshot that Amazon ECS uses to create volumes for attachment to tasks maintained by the service. You must specify either `snapshotId` or `sizeInGiB` in your volume configuration. This parameter maps 1:1 with the `SnapshotId` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .", + "title": "SnapshotId", "type": "string" }, - "Outcomes": { + "TagSpecifications": { "items": { - "$ref": "#/definitions/AWS::FraudDetector::Detector.Outcome" + "$ref": "#/definitions/AWS::ECS::Service.EBSTagSpecification" }, - "markdownDescription": "The rule outcome.", - "title": "Outcomes", + "markdownDescription": "The tags to apply to the volume. Amazon ECS applies service-managed tags by default. This parameter maps 1:1 with the `TagSpecifications.N` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .", + "title": "TagSpecifications", "type": "array" }, - "RuleId": { - "markdownDescription": "The rule ID.", - "title": "RuleId", - "type": "string" + "Throughput": { + "markdownDescription": "The throughput to provision for a volume, in MiB/s, with a maximum of 1,000 MiB/s. This parameter maps 1:1 with the `Throughput` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .\n\n> This parameter is only supported for the `gp3` volume type.", + "title": "Throughput", + "type": "number" }, - "RuleVersion": { - "markdownDescription": "The rule version.", - "title": "RuleVersion", - "type": "string" + "VolumeInitializationRate": { + "markdownDescription": "The rate, in MiB/s, at which data is fetched from a snapshot of an existing EBS volume to create new volumes for attachment to the tasks maintained by the service. This property can be specified only if you specify a `snapshotId` . For more information, see [Initialize Amazon EBS volumes](https://docs.aws.amazon.com/ebs/latest/userguide/initalize-volume.html) in the *Amazon EBS User Guide* .", + "title": "VolumeInitializationRate", + "type": "number" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" + "VolumeType": { + "markdownDescription": "The volume type. This parameter maps 1:1 with the `VolumeType` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* . For more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-volume-types.html) in the *Amazon EC2 User Guide* .\n\nThe following are the supported volume types.\n\n- General Purpose SSD: `gp2` | `gp3`\n- Provisioned IOPS SSD: `io1` | `io2`\n- Throughput Optimized HDD: `st1`\n- Cold HDD: `sc1`\n- Magnetic: `standard`\n\n> The magnetic volume type is not supported on Fargate.", + "title": "VolumeType", + "type": "string" } }, + "required": [ + "RoleArn" + ], "type": "object" }, - "AWS::FraudDetector::EntityType": { + "AWS::ECS::Service.ServiceRegistry": { "additionalProperties": false, "properties": { - "Condition": { + "ContainerName": { + "markdownDescription": "The container name value to be used for your service discovery service. It's already specified in the task definition. If the task definition that your service task specifies uses the `bridge` or `host` network mode, you must specify a `containerName` and `containerPort` combination from the task definition. If the task definition that your service task specifies uses the `awsvpc` network mode and a type SRV DNS record is used, you must specify either a `containerName` and `containerPort` combination or a `port` value. However, you can't specify both.", + "title": "ContainerName", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "ContainerPort": { + "markdownDescription": "The port value to be used for your service discovery service. It's already specified in the task definition. If the task definition your service task specifies uses the `bridge` or `host` network mode, you must specify a `containerName` and `containerPort` combination from the task definition. If the task definition your service task specifies uses the `awsvpc` network mode and a type SRV DNS record is used, you must specify either a `containerName` and `containerPort` combination or a `port` value. However, you can't specify both.", + "title": "ContainerPort", + "type": "number" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Port": { + "markdownDescription": "The port value used if your service discovery service specified an SRV record. This field might be used if both the `awsvpc` network mode and SRV records are used.", + "title": "Port", + "type": "number" }, - "Metadata": { - "type": "object" + "RegistryArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the service registry. The currently supported service registry is AWS Cloud Map . For more information, see [CreateService](https://docs.aws.amazon.com/cloud-map/latest/api/API_CreateService.html) .", + "title": "RegistryArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ECS::Service.ServiceVolumeConfiguration": { + "additionalProperties": false, + "properties": { + "ManagedEBSVolume": { + "$ref": "#/definitions/AWS::ECS::Service.ServiceManagedEBSVolumeConfiguration", + "markdownDescription": "The configuration for the Amazon EBS volume that Amazon ECS creates and manages on your behalf. These settings are used to create each Amazon EBS volume, with one volume created for each task in the service. The Amazon EBS volumes are visible in your account in the Amazon EC2 console once they are created.", + "title": "ManagedEBSVolume" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The entity type description.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The entity type name.\n\nPattern: `^[0-9a-z_-]+$`", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A key and value pair.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Name" - ], - "type": "object" + "Name": { + "markdownDescription": "The name of the volume. This value must match the volume name from the `Volume` object in the task definition.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::ECS::Service.TimeoutConfiguration": { + "additionalProperties": false, + "properties": { + "IdleTimeoutSeconds": { + "markdownDescription": "The amount of time in seconds a connection will stay active while idle. A value of `0` can be set to disable `idleTimeout` .\n\nThe `idleTimeout` default for `HTTP` / `HTTP2` / `GRPC` is 5 minutes.\n\nThe `idleTimeout` default for `TCP` is 1 hour.", + "title": "IdleTimeoutSeconds", + "type": "number" }, - "Type": { - "enum": [ - "AWS::FraudDetector::EntityType" - ], + "PerRequestTimeoutSeconds": { + "markdownDescription": "The amount of time waiting for the upstream to respond with a complete response per request. A value of `0` can be set to disable `perRequestTimeout` . `perRequestTimeout` can only be set if Service Connect `appProtocol` isn't `TCP` . Only `idleTimeout` is allowed for `TCP` `appProtocol` .", + "title": "PerRequestTimeoutSeconds", + "type": "number" + } + }, + "type": "object" + }, + "AWS::ECS::Service.VpcLatticeConfiguration": { + "additionalProperties": false, + "properties": { + "PortName": { + "markdownDescription": "The name of the port mapping to register in the VPC Lattice target group. This is the name of the `portMapping` you defined in your task definition.", + "title": "PortName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "RoleArn": { + "markdownDescription": "The ARN of the IAM role to associate with this VPC Lattice configuration. This is the Amazon ECS infrastructure IAM role that is used to manage your VPC Lattice infrastructure.", + "title": "RoleArn", + "type": "string" + }, + "TargetGroupArn": { + "markdownDescription": "The full Amazon Resource Name (ARN) of the target group or groups associated with the VPC Lattice configuration that the Amazon ECS tasks will be registered to.", + "title": "TargetGroupArn", "type": "string" } }, "required": [ - "Type", - "Properties" + "PortName", + "RoleArn", + "TargetGroupArn" ], "type": "object" }, - "AWS::FraudDetector::EventType": { + "AWS::ECS::TaskDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -102052,60 +105666,112 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The event type description.", - "title": "Description", - "type": "string" - }, - "EntityTypes": { + "ContainerDefinitions": { "items": { - "$ref": "#/definitions/AWS::FraudDetector::EventType.EntityType" + "$ref": "#/definitions/AWS::ECS::TaskDefinition.ContainerDefinition" }, - "markdownDescription": "The event type entity types.", - "title": "EntityTypes", + "markdownDescription": "A list of container definitions in JSON format that describe the different containers that make up your task. For more information about container definition parameters and defaults, see [Amazon ECS Task Definitions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_defintions.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "ContainerDefinitions", "type": "array" }, - "EventVariables": { + "Cpu": { + "markdownDescription": "The number of `cpu` units used by the task. If you use the EC2 launch type, this field is optional. Any value can be used. If you use the Fargate launch type, this field is required. You must use one of the following values. The value that you choose determines your range of valid values for the `memory` parameter.\n\nIf you're using the EC2 launch type or the external launch type, this field is optional. Supported values are between `128` CPU units ( `0.125` vCPUs) and `196608` CPU units ( `192` vCPUs).\n\nThis field is required for Fargate. For information about the valid values, see [Task size](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html#task_size) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "Cpu", + "type": "string" + }, + "EnableFaultInjection": { + "markdownDescription": "Enables fault injection and allows for fault injection requests to be accepted from the task's containers. The default value is `false` .", + "title": "EnableFaultInjection", + "type": "boolean" + }, + "EphemeralStorage": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.EphemeralStorage", + "markdownDescription": "The ephemeral storage settings to use for tasks run with the task definition.", + "title": "EphemeralStorage" + }, + "ExecutionRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the task execution role that grants the Amazon ECS container agent permission to make AWS API calls on your behalf. For informationabout the required IAM roles for Amazon ECS, see [IAM roles for Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/security-ecs-iam-role-overview.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "ExecutionRoleArn", + "type": "string" + }, + "Family": { + "markdownDescription": "The name of a family that this task definition is registered to. Up to 255 letters (uppercase and lowercase), numbers, hyphens, and underscores are allowed.\n\nA family groups multiple versions of a task definition. Amazon ECS gives the first task definition that you registered to a family a revision number of 1. Amazon ECS gives sequential revision numbers to each task definition that you add.\n\n> To use revision numbers when you update a task definition, specify this property. If you don't specify a value, AWS CloudFormation generates a new task definition each time that you update it.", + "title": "Family", + "type": "string" + }, + "IpcMode": { + "markdownDescription": "The IPC resource namespace to use for the containers in the task. The valid values are `host` , `task` , or `none` . If `host` is specified, then all containers within the tasks that specified the `host` IPC mode on the same container instance share the same IPC resources with the host Amazon EC2 instance. If `task` is specified, all containers within the specified task share the same IPC resources. If `none` is specified, then IPC resources within the containers of a task are private and not shared with other containers in a task or on the container instance. If no value is specified, then the IPC resource namespace sharing depends on the Docker daemon setting on the container instance.\n\nIf the `host` IPC mode is used, be aware that there is a heightened risk of undesired IPC namespace expose.\n\nIf you are setting namespaced kernel parameters using `systemControls` for the containers in the task, the following will apply to your IPC resource namespace. For more information, see [System Controls](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html) in the *Amazon Elastic Container Service Developer Guide* .\n\n- For tasks that use the `host` IPC mode, IPC namespace related `systemControls` are not supported.\n- For tasks that use the `task` IPC mode, IPC namespace related `systemControls` will apply to all containers within a task.\n\n> This parameter is not supported for Windows containers or tasks run on AWS Fargate .", + "title": "IpcMode", + "type": "string" + }, + "Memory": { + "markdownDescription": "The amount (in MiB) of memory used by the task.\n\nIf your tasks runs on Amazon EC2 instances, you must specify either a task-level memory value or a container-level memory value. This field is optional and any value can be used. If a task-level memory value is specified, the container-level memory value is optional. For more information regarding container-level memory and memory reservation, see [ContainerDefinition](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ContainerDefinition.html) .\n\nIf your tasks runs on AWS Fargate , this field is required. You must use one of the following values. The value you choose determines your range of valid values for the `cpu` parameter.\n\n- 512 (0.5 GB), 1024 (1 GB), 2048 (2 GB) - Available `cpu` values: 256 (.25 vCPU)\n- 1024 (1 GB), 2048 (2 GB), 3072 (3 GB), 4096 (4 GB) - Available `cpu` values: 512 (.5 vCPU)\n- 2048 (2 GB), 3072 (3 GB), 4096 (4 GB), 5120 (5 GB), 6144 (6 GB), 7168 (7 GB), 8192 (8 GB) - Available `cpu` values: 1024 (1 vCPU)\n- Between 4096 (4 GB) and 16384 (16 GB) in increments of 1024 (1 GB) - Available `cpu` values: 2048 (2 vCPU)\n- Between 8192 (8 GB) and 30720 (30 GB) in increments of 1024 (1 GB) - Available `cpu` values: 4096 (4 vCPU)\n- Between 16 GB and 60 GB in 4 GB increments - Available `cpu` values: 8192 (8 vCPU)\n\nThis option requires Linux platform `1.4.0` or later.\n- Between 32GB and 120 GB in 8 GB increments - Available `cpu` values: 16384 (16 vCPU)\n\nThis option requires Linux platform `1.4.0` or later.", + "title": "Memory", + "type": "string" + }, + "NetworkMode": { + "markdownDescription": "The Docker networking mode to use for the containers in the task. The valid values are `none` , `bridge` , `awsvpc` , and `host` . If no network mode is specified, the default is `bridge` .\n\nFor Amazon ECS tasks on Fargate, the `awsvpc` network mode is required. For Amazon ECS tasks on Amazon EC2 Linux instances, any network mode can be used. For Amazon ECS tasks on Amazon EC2 Windows instances, `` or `awsvpc` can be used. If the network mode is set to `none` , you cannot specify port mappings in your container definitions, and the tasks containers do not have external connectivity. The `host` and `awsvpc` network modes offer the highest networking performance for containers because they use the EC2 network stack instead of the virtualized network stack provided by the `bridge` mode.\n\nWith the `host` and `awsvpc` network modes, exposed container ports are mapped directly to the corresponding host port (for the `host` network mode) or the attached elastic network interface port (for the `awsvpc` network mode), so you cannot take advantage of dynamic host port mappings.\n\n> When using the `host` network mode, you should not run containers using the root user (UID 0). It is considered best practice to use a non-root user. \n\nIf the network mode is `awsvpc` , the task is allocated an elastic network interface, and you must specify a [NetworkConfiguration](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_NetworkConfiguration.html) value when you create a service or run a task with the task definition. For more information, see [Task Networking](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-networking.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nIf the network mode is `host` , you cannot run multiple instantiations of the same task on a single container instance when port mappings are used.", + "title": "NetworkMode", + "type": "string" + }, + "PidMode": { + "markdownDescription": "The process namespace to use for the containers in the task. The valid values are `host` or `task` . On Fargate for Linux containers, the only valid value is `task` . For example, monitoring sidecars might need `pidMode` to access information about other containers running in the same task.\n\nIf `host` is specified, all containers within the tasks that specified the `host` PID mode on the same container instance share the same process namespace with the host Amazon EC2 instance.\n\nIf `task` is specified, all containers within the specified task share the same process namespace.\n\nIf no value is specified, the default is a private namespace for each container.\n\nIf the `host` PID mode is used, there's a heightened risk of undesired process namespace exposure.\n\n> This parameter is not supported for Windows containers. > This parameter is only supported for tasks that are hosted on AWS Fargate if the tasks are using platform version `1.4.0` or later (Linux). This isn't supported for Windows containers on Fargate.", + "title": "PidMode", + "type": "string" + }, + "PlacementConstraints": { "items": { - "$ref": "#/definitions/AWS::FraudDetector::EventType.EventVariable" + "$ref": "#/definitions/AWS::ECS::TaskDefinition.TaskDefinitionPlacementConstraint" }, - "markdownDescription": "The event type event variables.", - "title": "EventVariables", + "markdownDescription": "An array of placement constraint objects to use for tasks.\n\n> This parameter isn't supported for tasks run on AWS Fargate .", + "title": "PlacementConstraints", "type": "array" }, - "Labels": { + "ProxyConfiguration": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.ProxyConfiguration", + "markdownDescription": "The configuration details for the App Mesh proxy.\n\nYour Amazon ECS container instances require at least version 1.26.0 of the container agent and at least version 1.26.0-1 of the `ecs-init` package to use a proxy configuration. If your container instances are launched from the Amazon ECS optimized AMI version `20190301` or later, they contain the required versions of the container agent and `ecs-init` . For more information, see [Amazon ECS-optimized Linux AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "ProxyConfiguration" + }, + "RequiresCompatibilities": { "items": { - "$ref": "#/definitions/AWS::FraudDetector::EventType.Label" + "type": "string" }, - "markdownDescription": "The event type labels.", - "title": "Labels", + "markdownDescription": "The task launch types the task definition was validated against. The valid values are `EC2` , `FARGATE` , and `EXTERNAL` . For more information, see [Amazon ECS launch types](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/launch_types.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "RequiresCompatibilities", "type": "array" }, - "Name": { - "markdownDescription": "The event type name.\n\nPattern : `^[0-9a-z_-]+$`", - "title": "Name", - "type": "string" + "RuntimePlatform": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.RuntimePlatform", + "markdownDescription": "The operating system that your tasks definitions run on. A platform family is specified only for tasks using the Fargate launch type.", + "title": "RuntimePlatform" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "The metadata that you apply to the task definition to help you categorize and organize them. Each tag consists of a key and an optional value. You define both of them.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8\n- Maximum value length - 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", "title": "Tags", "type": "array" + }, + "TaskRoleArn": { + "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the AWS Identity and Access Management role that grants containers in the task permission to call AWS APIs on your behalf. For more information, see [Amazon ECS Task Role](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-iam-roles.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nIAM roles for tasks on Windows require that the `-EnableTaskIAMRole` option is set when you launch the Amazon ECS-optimized Windows AMI. Your containers must also run some configuration code to use the feature. For more information, see [Windows IAM roles for tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/windows_task_IAM_roles.html) in the *Amazon Elastic Container Service Developer Guide* .\n\n> String validation is done on the ECS side. If an invalid string value is given for `TaskRoleArn` , it may cause the Cloudformation job to hang.", + "title": "TaskRoleArn", + "type": "string" + }, + "Volumes": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.Volume" + }, + "markdownDescription": "The list of data volume definitions for the task. For more information, see [Using data volumes in tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_data_volumes.html) in the *Amazon Elastic Container Service Developer Guide* .\n\n> The `host` and `sourcePath` parameters aren't supported for tasks run on AWS Fargate .", + "title": "Volumes", + "type": "array" } }, - "required": [ - "EntityTypes", - "EventVariables", - "Labels", - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::FraudDetector::EventType" + "AWS::ECS::TaskDefinition" ], "type": "string" }, @@ -102119,1523 +105785,1012 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::FraudDetector::EventType.EntityType": { + "AWS::ECS::TaskDefinition.AuthorizationConfig": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The entity type ARN.", - "title": "Arn", - "type": "string" - }, - "CreatedTime": { - "markdownDescription": "Timestamp of when the entity type was created.", - "title": "CreatedTime", - "type": "string" - }, - "Description": { - "markdownDescription": "The entity type description.", - "title": "Description", - "type": "string" - }, - "Inline": { - "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::EventType` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your event type but not execute any changes to the variables.", - "title": "Inline", - "type": "boolean" - }, - "LastUpdatedTime": { - "markdownDescription": "Timestamp of when the entity type was last updated.", - "title": "LastUpdatedTime", + "AccessPointId": { + "markdownDescription": "The Amazon EFS access point ID to use. If an access point is specified, the root directory value specified in the `EFSVolumeConfiguration` must either be omitted or set to `/` which will enforce the path set on the EFS access point. If an access point is used, transit encryption must be on in the `EFSVolumeConfiguration` . For more information, see [Working with Amazon EFS access points](https://docs.aws.amazon.com/efs/latest/ug/efs-access-points.html) in the *Amazon Elastic File System User Guide* .", + "title": "AccessPointId", "type": "string" }, - "Name": { - "markdownDescription": "The entity type name.\n\n`^[0-9a-z_-]+$`", - "title": "Name", + "IAM": { + "markdownDescription": "Determines whether to use the Amazon ECS task role defined in a task definition when mounting the Amazon EFS file system. If it is turned on, transit encryption must be turned on in the `EFSVolumeConfiguration` . If this parameter is omitted, the default value of `DISABLED` is used. For more information, see [Using Amazon EFS access points](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/efs-volumes.html#efs-volume-accesspoints) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "IAM", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" } }, "type": "object" }, - "AWS::FraudDetector::EventType.EventVariable": { + "AWS::ECS::TaskDefinition.ContainerDefinition": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The event variable ARN.", - "title": "Arn", - "type": "string" + "Command": { + "items": { + "type": "string" + }, + "markdownDescription": "The command that's passed to the container. This parameter maps to `Cmd` in the docker container create command and the `COMMAND` parameter to docker run. If there are multiple arguments, each argument is a separated string in the array.", + "title": "Command", + "type": "array" }, - "CreatedTime": { - "markdownDescription": "Timestamp for when event variable was created.", - "title": "CreatedTime", - "type": "string" + "Cpu": { + "markdownDescription": "The number of `cpu` units reserved for the container. This parameter maps to `CpuShares` in the docker container create commandand the `--cpu-shares` option to docker run.\n\nThis field is optional for tasks using the Fargate launch type, and the only requirement is that the total amount of CPU reserved for all containers within a task be lower than the task-level `cpu` value.\n\n> You can determine the number of CPU units that are available per EC2 instance type by multiplying the vCPUs listed for that instance type on the [Amazon EC2 Instances](https://docs.aws.amazon.com/ec2/instance-types/) detail page by 1,024. \n\nLinux containers share unallocated CPU units with other containers on the container instance with the same ratio as their allocated amount. For example, if you run a single-container task on a single-core instance type with 512 CPU units specified for that container, and that's the only task running on the container instance, that container could use the full 1,024 CPU unit share at any given time. However, if you launched another copy of the same task on that container instance, each task is guaranteed a minimum of 512 CPU units when needed. Moreover, each container could float to higher CPU usage if the other container was not using it. If both tasks were 100% active all of the time, they would be limited to 512 CPU units.\n\nOn Linux container instances, the Docker daemon on the container instance uses the CPU value to calculate the relative CPU share ratios for running containers. The minimum valid CPU share value that the Linux kernel allows is 2, and the maximum valid CPU share value that the Linux kernel allows is 262144. However, the CPU parameter isn't required, and you can use CPU values below 2 or above 262144 in your container definitions. For CPU values below 2 (including null) or above 262144, the behavior varies based on your Amazon ECS container agent version:\n\n- *Agent versions less than or equal to 1.1.0:* Null and zero CPU values are passed to Docker as 0, which Docker then converts to 1,024 CPU shares. CPU values of 1 are passed to Docker as 1, which the Linux kernel converts to two CPU shares.\n- *Agent versions greater than or equal to 1.2.0:* Null, zero, and CPU values of 1 are passed to Docker as 2.\n- *Agent versions greater than or equal to 1.84.0:* CPU values greater than 256 vCPU are passed to Docker as 256, which is equivalent to 262144 CPU shares.\n\nOn Windows container instances, the CPU limit is enforced as an absolute limit, or a quota. Windows containers only have access to the specified amount of CPU that's described in the task definition. A null or zero CPU value is passed to Docker as `0` , which Windows interprets as 1% of one CPU.", + "title": "Cpu", + "type": "number" }, - "DataSource": { - "markdownDescription": "The source of the event variable.\n\nValid values: `EVENT | EXTERNAL_MODEL_SCORE`\n\nWhen defining a variable within a event type, you can only use the `EVENT` value for DataSource when the *Inline* property is set to true. If the *Inline* property is set false, you can use either `EVENT` or `MODEL_SCORE` for DataSource.", - "title": "DataSource", - "type": "string" + "CredentialSpecs": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of ARNs in SSM or Amazon S3 to a credential spec ( `CredSpec` ) file that configures the container for Active Directory authentication. We recommend that you use this parameter instead of the `dockerSecurityOptions` . The maximum number of ARNs is 1.\n\nThere are two formats for each ARN.\n\n- **credentialspecdomainless:MyARN** - You use `credentialspecdomainless:MyARN` to provide a `CredSpec` with an additional section for a secret in AWS Secrets Manager . You provide the login credentials to the domain in the secret.\n\nEach task that runs on any container instance can join different domains.\n\nYou can use this format without joining the container instance to a domain.\n- **credentialspec:MyARN** - You use `credentialspec:MyARN` to provide a `CredSpec` for a single domain.\n\nYou must join the container instance to the domain before you start any tasks that use this task definition.\n\nIn both formats, replace `MyARN` with the ARN in SSM or Amazon S3.\n\nIf you provide a `credentialspecdomainless:MyARN` , the `credspec` must provide a ARN in AWS Secrets Manager for a secret containing the username, password, and the domain to connect to. For better security, the instance isn't joined to the domain for domainless authentication. Other applications on the instance can't use the domainless credentials. You can use this parameter to run tasks on the same instance, even it the tasks need to join different domains. For more information, see [Using gMSAs for Windows Containers](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/windows-gmsa.html) and [Using gMSAs for Linux Containers](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/linux-gmsa.html) .", + "title": "CredentialSpecs", + "type": "array" }, - "DataType": { - "markdownDescription": "The data type of the event variable. For more information, see [Data types](https://docs.aws.amazon.com/frauddetector/latest/ug/variables.html#data-types) .", - "title": "DataType", - "type": "string" + "DependsOn": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.ContainerDependency" + }, + "markdownDescription": "The dependencies defined for container startup and shutdown. A container can contain multiple dependencies. When a dependency is defined for container startup, for container shutdown it is reversed.\n\nFor tasks using the EC2 launch type, the container instances require at least version 1.26.0 of the container agent to turn on container dependencies. However, we recommend using the latest container agent version. For information about checking your agent version and updating to the latest version, see [Updating the Amazon ECS Container Agent](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-update.html) in the *Amazon Elastic Container Service Developer Guide* . If you're using an Amazon ECS-optimized Linux AMI, your instance needs at least version 1.26.0-1 of the `ecs-init` package. If your container instances are launched from version `20190301` or later, then they contain the required versions of the container agent and `ecs-init` . For more information, see [Amazon ECS-optimized Linux AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nFor tasks using the Fargate launch type, the task or service requires the following platforms:\n\n- Linux platform version `1.3.0` or later.\n- Windows platform version `1.0.0` or later.\n\nIf the task definition is used in a blue/green deployment that uses [AWS::CodeDeploy::DeploymentGroup BlueGreenDeploymentConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-codedeploy-deploymentgroup-bluegreendeploymentconfiguration.html) , the `dependsOn` parameter is not supported.", + "title": "DependsOn", + "type": "array" }, - "DefaultValue": { - "markdownDescription": "The default value of the event variable", - "title": "DefaultValue", - "type": "string" + "DisableNetworking": { + "markdownDescription": "When this parameter is true, networking is off within the container. This parameter maps to `NetworkDisabled` in the docker container create command.\n\n> This parameter is not supported for Windows containers.", + "title": "DisableNetworking", + "type": "boolean" }, - "Description": { - "markdownDescription": "The event variable description.", - "title": "Description", - "type": "string" + "DnsSearchDomains": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of DNS search domains that are presented to the container. This parameter maps to `DnsSearch` in the docker container create command and the `--dns-search` option to docker run.\n\n> This parameter is not supported for Windows containers.", + "title": "DnsSearchDomains", + "type": "array" }, - "Inline": { - "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::EventType` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the Variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your event type but not execute any changes to the variables.", - "title": "Inline", - "type": "boolean" + "DnsServers": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of DNS servers that are presented to the container. This parameter maps to `Dns` in the docker container create command and the `--dns` option to docker run.\n\n> This parameter is not supported for Windows containers.", + "title": "DnsServers", + "type": "array" }, - "LastUpdatedTime": { - "markdownDescription": "Timestamp for when the event variable was last updated.", - "title": "LastUpdatedTime", - "type": "string" + "DockerLabels": { + "additionalProperties": true, + "markdownDescription": "A key/value map of labels to add to the container. This parameter maps to `Labels` in the docker container create command and the `--label` option to docker run. This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "DockerLabels", + "type": "object" }, - "Name": { - "markdownDescription": "The name of the event variable.", - "title": "Name", - "type": "string" + "DockerSecurityOptions": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of strings to provide custom configuration for multiple security systems. This field isn't valid for containers in tasks using the Fargate launch type.\n\nFor Linux tasks on EC2, this parameter can be used to reference custom labels for SELinux and AppArmor multi-level security systems.\n\nFor any tasks on EC2, this parameter can be used to reference a credential spec file that configures a container for Active Directory authentication. For more information, see [Using gMSAs for Windows Containers](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/windows-gmsa.html) and [Using gMSAs for Linux Containers](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/linux-gmsa.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nThis parameter maps to `SecurityOpt` in the docker container create command and the `--security-opt` option to docker run.\n\n> The Amazon ECS container agent running on a container instance must register with the `ECS_SELINUX_CAPABLE=true` or `ECS_APPARMOR_CAPABLE=true` environment variables before containers placed on that instance can use these security options. For more information, see [Amazon ECS Container Agent Configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the *Amazon Elastic Container Service Developer Guide* . \n\nValid values: \"no-new-privileges\" | \"apparmor:PROFILE\" | \"label:value\" | \"credentialspec:CredentialSpecFilePath\"", + "title": "DockerSecurityOptions", + "type": "array" }, - "Tags": { + "EntryPoint": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", + "markdownDescription": "> Early versions of the Amazon ECS container agent don't properly handle `entryPoint` parameters. If you have problems using `entryPoint` , update your container agent or enter your commands and arguments as `command` array items instead. \n\nThe entry point that's passed to the container. This parameter maps to `Entrypoint` in the docker container create command and the `--entrypoint` option to docker run.", + "title": "EntryPoint", "type": "array" }, - "VariableType": { - "markdownDescription": "The type of event variable. For more information, see [Variable types](https://docs.aws.amazon.com/frauddetector/latest/ug/variables.html#variable-types) .", - "title": "VariableType", - "type": "string" - } - }, - "type": "object" - }, - "AWS::FraudDetector::EventType.Label": { - "additionalProperties": false, - "properties": { - "Arn": { - "markdownDescription": "The label ARN.", - "title": "Arn", - "type": "string" - }, - "CreatedTime": { - "markdownDescription": "Timestamp of when the event type was created.", - "title": "CreatedTime", - "type": "string" + "Environment": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.KeyValuePair" + }, + "markdownDescription": "The environment variables to pass to a container. This parameter maps to `Env` in the docker container create command and the `--env` option to docker run.\n\n> We don't recommend that you use plaintext environment variables for sensitive information, such as credential data.", + "title": "Environment", + "type": "array" }, - "Description": { - "markdownDescription": "The label description.", - "title": "Description", - "type": "string" + "EnvironmentFiles": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.EnvironmentFile" + }, + "markdownDescription": "A list of files containing the environment variables to pass to a container. This parameter maps to the `--env-file` option to docker run.\n\nYou can specify up to ten environment files. The file must have a `.env` file extension. Each line in an environment file contains an environment variable in `VARIABLE=VALUE` format. Lines beginning with `#` are treated as comments and are ignored.\n\nIf there are environment variables specified using the `environment` parameter in a container definition, they take precedence over the variables contained within an environment file. If multiple environment files are specified that contain the same variable, they're processed from the top down. We recommend that you use unique variable names. For more information, see [Specifying Environment Variables](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/taskdef-envfiles.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "EnvironmentFiles", + "type": "array" }, - "Inline": { - "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::EventType` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your EventType but not execute any changes to the variables.", - "title": "Inline", + "Essential": { + "markdownDescription": "If the `essential` parameter of a container is marked as `true` , and that container fails or stops for any reason, all other containers that are part of the task are stopped. If the `essential` parameter of a container is marked as `false` , its failure doesn't affect the rest of the containers in a task. If this parameter is omitted, a container is assumed to be essential.\n\nAll tasks must have at least one essential container. If you have an application that's composed of multiple containers, group containers that are used for a common purpose into components, and separate the different components into multiple task definitions. For more information, see [Application Architecture](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/application_architecture.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "Essential", "type": "boolean" }, - "LastUpdatedTime": { - "markdownDescription": "Timestamp of when the label was last updated.", - "title": "LastUpdatedTime", + "ExtraHosts": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.HostEntry" + }, + "markdownDescription": "A list of hostnames and IP address mappings to append to the `/etc/hosts` file on the container. This parameter maps to `ExtraHosts` in the docker container create command and the `--add-host` option to docker run.\n\n> This parameter isn't supported for Windows containers or tasks that use the `awsvpc` network mode.", + "title": "ExtraHosts", + "type": "array" + }, + "FirelensConfiguration": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.FirelensConfiguration", + "markdownDescription": "The FireLens configuration for the container. This is used to specify and configure a log router for container logs. For more information, see [Custom Log Routing](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "FirelensConfiguration" + }, + "HealthCheck": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.HealthCheck", + "markdownDescription": "The container health check command and associated configuration parameters for the container. This parameter maps to `HealthCheck` in the docker container create command and the `HEALTHCHECK` parameter of docker run.", + "title": "HealthCheck" + }, + "Hostname": { + "markdownDescription": "The hostname to use for your container. This parameter maps to `Hostname` in the docker container create command and the `--hostname` option to docker run.\n\n> The `hostname` parameter is not supported if you're using the `awsvpc` network mode.", + "title": "Hostname", "type": "string" }, - "Name": { - "markdownDescription": "The label name.", - "title": "Name", + "Image": { + "markdownDescription": "The image used to start a container. This string is passed directly to the Docker daemon. By default, images in the Docker Hub registry are available. Other repositories are specified with either `*repository-url* / *image* : *tag*` or `*repository-url* / *image* @ *digest*` . For images using tags (repository-url/image:tag), up to 255 characters total are allowed, including letters (uppercase and lowercase), numbers, hyphens, underscores, colons, periods, forward slashes, and number signs (#). For images using digests (repository-url/image@digest), the 255 character limit applies only to the repository URL and image name (everything before the @ sign). The only supported hash function is sha256, and the hash value after sha256: must be exactly 64 characters (only letters A-F, a-f, and numbers 0-9 are allowed). This parameter maps to `Image` in the docker container create command and the `IMAGE` parameter of docker run.\n\n- When a new task starts, the Amazon ECS container agent pulls the latest version of the specified image and tag for the container to use. However, subsequent updates to a repository image aren't propagated to already running tasks.\n- Images in Amazon ECR repositories can be specified by either using the full `registry/repository:tag` or `registry/repository@digest` . For example, `012345678910.dkr.ecr..amazonaws.com/:latest` or `012345678910.dkr.ecr..amazonaws.com/@sha256:94afd1f2e64d908bc90dbca0035a5b567EXAMPLE` .\n- Images in official repositories on Docker Hub use a single name (for example, `ubuntu` or `mongo` ).\n- Images in other repositories on Docker Hub are qualified with an organization name (for example, `amazon/amazon-ecs-agent` ).\n- Images in other online repositories are qualified further by a domain name (for example, `quay.io/assemblyline/ubuntu` ).", + "title": "Image", "type": "string" }, - "Tags": { + "Interactive": { + "markdownDescription": "When this parameter is `true` , you can deploy containerized applications that require `stdin` or a `tty` to be allocated. This parameter maps to `OpenStdin` in the docker container create command and the `--interactive` option to docker run.", + "title": "Interactive", + "type": "boolean" + }, + "Links": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", + "markdownDescription": "The `links` parameter allows containers to communicate with each other without the need for port mappings. This parameter is only supported if the network mode of a task definition is `bridge` . The `name:internalName` construct is analogous to `name:alias` in Docker links. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed.. This parameter maps to `Links` in the docker container create command and the `--link` option to docker run.\n\n> This parameter is not supported for Windows containers. > Containers that are collocated on a single container instance may be able to communicate with each other without requiring links or host port mappings. Network isolation is achieved on the container instance using security groups and VPC settings.", + "title": "Links", "type": "array" - } - }, - "type": "object" - }, - "AWS::FraudDetector::Label": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "LinuxParameters": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.LinuxParameters", + "markdownDescription": "Linux-specific modifications that are applied to the container, such as Linux kernel capabilities. For more information see [KernelCapabilities](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_KernelCapabilities.html) .\n\n> This parameter is not supported for Windows containers.", + "title": "LinuxParameters" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "LogConfiguration": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.LogConfiguration", + "markdownDescription": "The log configuration specification for the container.\n\nThis parameter maps to `LogConfig` in the docker Create a container command and the `--log-driver` option to docker run. By default, containers use the same logging driver that the Docker daemon uses. However, the container may use a different logging driver than the Docker daemon by specifying a log driver with this parameter in the container definition. To use a different logging driver for a container, the log system must be configured properly on the container instance (or on a different log server for remote logging options). For more information on the options for different supported log drivers, see [Configure logging drivers](https://docs.aws.amazon.com/https://docs.docker.com/engine/admin/logging/overview/) in the Docker documentation.\n\n> Amazon ECS currently supports a subset of the logging drivers available to the Docker daemon (shown in the [LogConfiguration](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_LogConfiguration.html) data type). Additional log drivers may be available in future releases of the Amazon ECS container agent. \n\nThis parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`\n\n> The Amazon ECS container agent running on a container instance must register the logging drivers available on that instance with the `ECS_AVAILABLE_LOGGING_DRIVERS` environment variable before containers placed on that instance can use these log configuration options. For more information, see [Amazon ECS Container Agent Configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "LogConfiguration" }, - "Metadata": { - "type": "object" + "Memory": { + "markdownDescription": "The amount (in MiB) of memory to present to the container. If your container attempts to exceed the memory specified here, the container is killed. The total amount of memory reserved for all containers within a task must be lower than the task `memory` value, if one is specified. This parameter maps to `Memory` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--memory` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .\n\nIf using the Fargate launch type, this parameter is optional.\n\nIf using the EC2 launch type, you must specify either a task-level memory value or a container-level memory value. If you specify both a container-level `memory` and `memoryReservation` value, `memory` must be greater than `memoryReservation` . If you specify `memoryReservation` , then that value is subtracted from the available memory resources for the container instance where the container is placed. Otherwise, the value of `memory` is used.\n\nThe Docker 20.10.0 or later daemon reserves a minimum of 6 MiB of memory for a container, so you should not specify fewer than 6 MiB of memory for your containers.\n\nThe Docker 19.03.13-ce or earlier daemon reserves a minimum of 4 MiB of memory for a container, so you should not specify fewer than 4 MiB of memory for your containers.", + "title": "Memory", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The label description.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The label name.\n\nPattern: `^[0-9a-z_-]+$`", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } + "MemoryReservation": { + "markdownDescription": "The soft limit (in MiB) of memory to reserve for the container. When system memory is under heavy contention, Docker attempts to keep the container memory to this soft limit. However, your container can consume more memory when it needs to, up to either the hard limit specified with the `memory` parameter (if applicable), or all of the available memory on the container instance, whichever comes first. This parameter maps to `MemoryReservation` in the docker container create command and the `--memory-reservation` option to docker run.\n\nIf a task-level memory value is not specified, you must specify a non-zero integer for one or both of `memory` or `memoryReservation` in a container definition. If you specify both, `memory` must be greater than `memoryReservation` . If you specify `memoryReservation` , then that value is subtracted from the available memory resources for the container instance where the container is placed. Otherwise, the value of `memory` is used.\n\nFor example, if your container normally uses 128 MiB of memory, but occasionally bursts to 256 MiB of memory for short periods of time, you can set a `memoryReservation` of 128 MiB, and a `memory` hard limit of 300 MiB. This configuration would allow the container to only reserve 128 MiB of memory from the remaining resources on the container instance, but also allow the container to consume more memory resources when needed.\n\nThe Docker 20.10.0 or later daemon reserves a minimum of 6 MiB of memory for a container. So, don't specify less than 6 MiB of memory for your containers.\n\nThe Docker 19.03.13-ce or earlier daemon reserves a minimum of 4 MiB of memory for a container. So, don't specify less than 4 MiB of memory for your containers.", + "title": "MemoryReservation", + "type": "number" + }, + "MountPoints": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.MountPoint" }, - "required": [ - "Name" - ], - "type": "object" + "markdownDescription": "The mount points for data volumes in your container.\n\nThis parameter maps to `Volumes` in the docker container create command and the `--volume` option to docker run.\n\nWindows containers can mount whole directories on the same drive as `$env:ProgramData` . Windows containers can't mount directories on a different drive, and mount point can't be across drives.", + "title": "MountPoints", + "type": "array" }, - "Type": { - "enum": [ - "AWS::FraudDetector::Label" - ], + "Name": { + "markdownDescription": "The name of a container. If you're linking multiple containers together in a task definition, the `name` of one container can be entered in the `links` of another container to connect the containers. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed. This parameter maps to `name` in the docker container create command and the `--name` option to docker run.", + "title": "Name", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::FraudDetector::List": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" + "PortMappings": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.PortMapping" + }, + "markdownDescription": "The list of port mappings for the container. Port mappings allow containers to access ports on the host container instance to send or receive traffic.\n\nFor task definitions that use the `awsvpc` network mode, you should only specify the `containerPort` . The `hostPort` can be left blank or it must be the same value as the `containerPort` .\n\nPort mappings on Windows use the `NetNAT` gateway address rather than `localhost` . There is no loopback for port mappings on Windows, so you cannot access a container's mapped port from the host itself.\n\nThis parameter maps to `PortBindings` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--publish` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . If the network mode of a task definition is set to `none` , then you can't specify port mappings. If the network mode of a task definition is set to `host` , then host ports must either be undefined or they must match the container port in the port mapping.\n\n> After a task reaches the `RUNNING` status, manual and automatic host and container port assignments are visible in the *Network Bindings* section of a container description for a selected task in the Amazon ECS console. The assignments are also visible in the `networkBindings` section [DescribeTasks](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DescribeTasks.html) responses.", + "title": "PortMappings", + "type": "array" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Privileged": { + "markdownDescription": "When this parameter is true, the container is given elevated privileges on the host container instance (similar to the `root` user). This parameter maps to `Privileged` in the docker container create command and the `--privileged` option to docker run\n\n> This parameter is not supported for Windows containers or tasks run on AWS Fargate .", + "title": "Privileged", + "type": "boolean" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "PseudoTerminal": { + "markdownDescription": "When this parameter is `true` , a TTY is allocated. This parameter maps to `Tty` in the docker container create command and the `--tty` option to docker run.", + "title": "PseudoTerminal", + "type": "boolean" }, - "Metadata": { - "type": "object" + "ReadonlyRootFilesystem": { + "markdownDescription": "When this parameter is true, the container is given read-only access to its root file system. This parameter maps to `ReadonlyRootfs` in the docker container create command and the `--read-only` option to docker run.\n\n> This parameter is not supported for Windows containers.", + "title": "ReadonlyRootFilesystem", + "type": "boolean" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The description of the list.", - "title": "Description", - "type": "string" - }, - "Elements": { - "items": { - "type": "string" - }, - "markdownDescription": "The elements in the list.", - "title": "Elements", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the list.", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - }, - "VariableType": { - "markdownDescription": "The variable type of the list. For more information, see [Variable types](https://docs.aws.amazon.com/frauddetector/latest/ug/variables.html#variable-types)", - "title": "VariableType", - "type": "string" - } - }, - "required": [ - "Name" - ], - "type": "object" + "RepositoryCredentials": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.RepositoryCredentials", + "markdownDescription": "The private repository authentication credentials to use.", + "title": "RepositoryCredentials" }, - "Type": { - "enum": [ - "AWS::FraudDetector::List" - ], - "type": "string" + "ResourceRequirements": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.ResourceRequirement" + }, + "markdownDescription": "The type and amount of a resource to assign to a container. The only supported resource is a GPU.", + "title": "ResourceRequirements", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::FraudDetector::Outcome": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" + "RestartPolicy": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.RestartPolicy", + "markdownDescription": "The restart policy for a container. When you set up a restart policy, Amazon ECS can restart the container without needing to replace the task. For more information, see [Restart individual containers in Amazon ECS tasks with container restart policies](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/container-restart-policy.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "RestartPolicy" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Secrets": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.Secret" + }, + "markdownDescription": "The secrets to pass to the container. For more information, see [Specifying Sensitive Data](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "Secrets", + "type": "array" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "StartTimeout": { + "markdownDescription": "Time duration (in seconds) to wait before giving up on resolving dependencies for a container. For example, you specify two containers in a task definition with containerA having a dependency on containerB reaching a `COMPLETE` , `SUCCESS` , or `HEALTHY` status. If a `startTimeout` value is specified for containerB and it doesn't reach the desired status within that time then containerA gives up and not start. This results in the task transitioning to a `STOPPED` state.\n\n> When the `ECS_CONTAINER_START_TIMEOUT` container agent configuration variable is used, it's enforced independently from this start timeout value. \n\nFor tasks using the Fargate launch type, the task or service requires the following platforms:\n\n- Linux platform version `1.3.0` or later.\n- Windows platform version `1.0.0` or later.\n\nFor tasks using the EC2 launch type, your container instances require at least version `1.26.0` of the container agent to use a container start timeout value. However, we recommend using the latest container agent version. For information about checking your agent version and updating to the latest version, see [Updating the Amazon ECS Container Agent](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-update.html) in the *Amazon Elastic Container Service Developer Guide* . If you're using an Amazon ECS-optimized Linux AMI, your instance needs at least version `1.26.0-1` of the `ecs-init` package. If your container instances are launched from version `20190301` or later, then they contain the required versions of the container agent and `ecs-init` . For more information, see [Amazon ECS-optimized Linux AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nThe valid values for Fargate are 2-120 seconds.", + "title": "StartTimeout", + "type": "number" }, - "Metadata": { - "type": "object" + "StopTimeout": { + "markdownDescription": "Time duration (in seconds) to wait before the container is forcefully killed if it doesn't exit normally on its own.\n\nFor tasks using the Fargate launch type, the task or service requires the following platforms:\n\n- Linux platform version `1.3.0` or later.\n- Windows platform version `1.0.0` or later.\n\nFor tasks that use the Fargate launch type, the max stop timeout value is 120 seconds and if the parameter is not specified, the default value of 30 seconds is used.\n\nFor tasks that use the EC2 launch type, if the `stopTimeout` parameter isn't specified, the value set for the Amazon ECS container agent configuration variable `ECS_CONTAINER_STOP_TIMEOUT` is used. If neither the `stopTimeout` parameter or the `ECS_CONTAINER_STOP_TIMEOUT` agent configuration variable are set, then the default values of 30 seconds for Linux containers and 30 seconds on Windows containers are used. Your container instances require at least version 1.26.0 of the container agent to use a container stop timeout value. However, we recommend using the latest container agent version. For information about checking your agent version and updating to the latest version, see [Updating the Amazon ECS Container Agent](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-update.html) in the *Amazon Elastic Container Service Developer Guide* . If you're using an Amazon ECS-optimized Linux AMI, your instance needs at least version 1.26.0-1 of the `ecs-init` package. If your container instances are launched from version `20190301` or later, then they contain the required versions of the container agent and `ecs-init` . For more information, see [Amazon ECS-optimized Linux AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nThe valid values for Fargate are 2-120 seconds.", + "title": "StopTimeout", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The outcome description.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The outcome name.", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } + "SystemControls": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.SystemControl" }, - "required": [ - "Name" - ], - "type": "object" + "markdownDescription": "A list of namespaced kernel parameters to set in the container. This parameter maps to `Sysctls` in the docker container create command and the `--sysctl` option to docker run. For example, you can configure `net.ipv4.tcp_keepalive_time` setting to maintain longer lived connections.", + "title": "SystemControls", + "type": "array" }, - "Type": { - "enum": [ - "AWS::FraudDetector::Outcome" - ], - "type": "string" + "Ulimits": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.Ulimit" + }, + "markdownDescription": "A list of `ulimits` to set in the container. This parameter maps to `Ulimits` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--ulimit` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . Valid naming values are displayed in the [Ulimit](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_Ulimit.html) data type. This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`\n\n> This parameter is not supported for Windows containers.", + "title": "Ulimits", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::FraudDetector::Variable": { - "additionalProperties": false, - "properties": { - "Condition": { + "User": { + "markdownDescription": "The user to use inside the container. This parameter maps to `User` in the docker container create command and the `--user` option to docker run.\n\n> When running tasks using the `host` network mode, don't run containers using the root user (UID 0). We recommend using a non-root user for better security. \n\nYou can specify the `user` using the following formats. If specifying a UID or GID, you must specify it as a positive integer.\n\n- `user`\n- `user:group`\n- `uid`\n- `uid:gid`\n- `user:gid`\n- `uid:group`\n\n> This parameter is not supported for Windows containers.", + "title": "User", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VersionConsistency": { + "markdownDescription": "Specifies whether Amazon ECS will resolve the container image tag provided in the container definition to an image digest. By default, the value is `enabled` . If you set the value for a container as `disabled` , Amazon ECS will not resolve the provided container image tag to a digest and will use the original image URI specified in the container definition for deployment. For more information about container image resolution, see [Container image resolution](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-type-ecs.html#deployment-container-image-stability) in the *Amazon ECS Developer Guide* .", + "title": "VersionConsistency", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DataSource": { - "markdownDescription": "The data source of the variable.\n\nValid values: `EVENT | EXTERNAL_MODEL_SCORE`\n\nWhen defining a variable within a detector, you can only use the `EVENT` value for DataSource when the *Inline* property is set to true. If the *Inline* property is set false, you can use either `EVENT` or `MODEL_SCORE` for DataSource.", - "title": "DataSource", - "type": "string" - }, - "DataType": { - "markdownDescription": "The data type of the variable.\n\nValid data types: `STRING | INTEGER | BOOLEAN | FLOAT`", - "title": "DataType", - "type": "string" - }, - "DefaultValue": { - "markdownDescription": "The default value of the variable.", - "title": "DefaultValue", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the variable.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the variable.\n\nPattern: `^[0-9a-z_-]+$`", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - }, - "VariableType": { - "markdownDescription": "The type of the variable. For more information see [Variable types](https://docs.aws.amazon.com/frauddetector/latest/ug/create-a-variable.html#variable-types) .\n\nValid Values: `AUTH_CODE | AVS | BILLING_ADDRESS_L1 | BILLING_ADDRESS_L2 | BILLING_CITY | BILLING_COUNTRY | BILLING_NAME | BILLING_PHONE | BILLING_STATE | BILLING_ZIP | CARD_BIN | CATEGORICAL | CURRENCY_CODE | EMAIL_ADDRESS | FINGERPRINT | FRAUD_LABEL | FREE_FORM_TEXT | IP_ADDRESS | NUMERIC | ORDER_ID | PAYMENT_TYPE | PHONE_NUMBER | PRICE | PRODUCT_CATEGORY | SHIPPING_ADDRESS_L1 | SHIPPING_ADDRESS_L2 | SHIPPING_CITY | SHIPPING_COUNTRY | SHIPPING_NAME | SHIPPING_PHONE | SHIPPING_STATE | SHIPPING_ZIP | USERAGENT`", - "title": "VariableType", - "type": "string" - } + "VolumesFrom": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.VolumeFrom" }, - "required": [ - "DataSource", - "DataType", - "DefaultValue", - "Name" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::FraudDetector::Variable" - ], - "type": "string" + "markdownDescription": "Data volumes to mount from another container. This parameter maps to `VolumesFrom` in the docker container create command and the `--volumes-from` option to docker run.", + "title": "VolumesFrom", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "WorkingDirectory": { + "markdownDescription": "The working directory to run commands inside the container in. This parameter maps to `WorkingDir` in the docker container create command and the `--workdir` option to docker run.", + "title": "WorkingDirectory", "type": "string" } }, "required": [ - "Type", - "Properties" + "Image", + "Name" ], "type": "object" }, - "AWS::GameLift::Alias": { + "AWS::ECS::TaskDefinition.ContainerDependency": { "additionalProperties": false, "properties": { "Condition": { + "markdownDescription": "The dependency condition of the container. The following are the available conditions and their behavior:\n\n- `START` - This condition emulates the behavior of links and volumes today. It validates that a dependent container is started before permitting other containers to start.\n- `COMPLETE` - This condition validates that a dependent container runs to completion (exits) before permitting other containers to start. This can be useful for nonessential containers that run a script and then exit. This condition can't be set on an essential container.\n- `SUCCESS` - This condition is the same as `COMPLETE` , but it also requires that the container exits with a `zero` status. This condition can't be set on an essential container.\n- `HEALTHY` - This condition validates that the dependent container passes its Docker health check before permitting other containers to start. This requires that the dependent container has health checks configured. This condition is confirmed only at task startup.", + "title": "Condition", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A human-readable description of the alias.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "A descriptive label that is associated with an alias. Alias names do not need to be unique.", - "title": "Name", - "type": "string" - }, - "RoutingStrategy": { - "$ref": "#/definitions/AWS::GameLift::Alias.RoutingStrategy", - "markdownDescription": "The routing configuration, including routing type and fleet target, for the alias.", - "title": "RoutingStrategy" - } - }, - "required": [ - "Name", - "RoutingStrategy" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::GameLift::Alias" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ContainerName": { + "markdownDescription": "The name of a container.", + "title": "ContainerName", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::GameLift::Alias.RoutingStrategy": { + "AWS::ECS::TaskDefinition.Device": { "additionalProperties": false, "properties": { - "FleetId": { - "markdownDescription": "A unique identifier for a fleet that the alias points to. If you specify `SIMPLE` for the `Type` property, you must specify this property.", - "title": "FleetId", + "ContainerPath": { + "markdownDescription": "The path inside the container at which to expose the host device.", + "title": "ContainerPath", "type": "string" }, - "Message": { - "markdownDescription": "The message text to be used with a terminal routing strategy. If you specify `TERMINAL` for the `Type` property, you must specify this property.", - "title": "Message", + "HostPath": { + "markdownDescription": "The path for the device on the host container instance.", + "title": "HostPath", "type": "string" }, - "Type": { - "markdownDescription": "A type of routing strategy.\n\nPossible routing types include the following:\n\n- *SIMPLE* - The alias resolves to one specific fleet. Use this type when routing to active fleets.\n- *TERMINAL* - The alias does not resolve to a fleet but instead can be used to display a message to the user. A terminal alias throws a `TerminalRoutingStrategyException` with the message that you specified in the `Message` property.", - "title": "Type", - "type": "string" + "Permissions": { + "items": { + "type": "string" + }, + "markdownDescription": "The explicit permissions to provide to the container for the device. By default, the container has permissions for `read` , `write` , and `mknod` for the device.", + "title": "Permissions", + "type": "array" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::GameLift::Build": { + "AWS::ECS::TaskDefinition.DockerVolumeConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Autoprovision": { + "markdownDescription": "If this value is `true` , the Docker volume is created if it doesn't already exist.\n\n> This field is only used if the `scope` is `shared` .", + "title": "Autoprovision", + "type": "boolean" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Driver": { + "markdownDescription": "The Docker volume driver to use. The driver value must match the driver name provided by Docker because it is used for task placement. If the driver was installed using the Docker plugin CLI, use `docker plugin ls` to retrieve the driver name from your container instance. If the driver was installed using another method, use Docker plugin discovery to retrieve the driver name. This parameter maps to `Driver` in the docker container create command and the `xxdriver` option to docker volume create.", + "title": "Driver", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + "DriverOpts": { + "additionalProperties": true, + "markdownDescription": "A map of Docker driver-specific options passed through. This parameter maps to `DriverOpts` in the docker create-volume command and the `xxopt` option to docker volume create.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" } - ] - }, - "Metadata": { + }, + "title": "DriverOpts", "type": "object" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "A descriptive label that is associated with a build. Build names do not need to be unique.", - "title": "Name", - "type": "string" - }, - "OperatingSystem": { - "markdownDescription": "The operating system that your game server binaries run on. This value determines the type of fleet resources that you use for this build. If your game build contains multiple executables, they all must run on the same operating system. You must specify a valid operating system in this request. There is no default value. You can't change a build's operating system later.\n\n> Amazon Linux 2 (AL2) will reach end of support on 6/30/2025. See more details in the [Amazon Linux 2 FAQs](https://docs.aws.amazon.com/amazon-linux-2/faqs/) . For game servers that are hosted on AL2 and use server SDK version 4.x for Amazon GameLift Servers, first update the game server build to server SDK 5.x, and then deploy to AL2023 instances. See [Migrate to server SDK version 5.](https://docs.aws.amazon.com/gamelift/latest/developerguide/reference-serversdk5-migration.html)", - "title": "OperatingSystem", - "type": "string" - }, - "ServerSdkVersion": { - "markdownDescription": "A server SDK version you used when integrating your game server build with Amazon GameLift Servers. For more information see [Integrate games with custom game servers](https://docs.aws.amazon.com/gamelift/latest/developerguide/integration-custom-intro.html) . By default Amazon GameLift Servers sets this value to `4.0.2` .", - "title": "ServerSdkVersion", - "type": "string" - }, - "StorageLocation": { - "$ref": "#/definitions/AWS::GameLift::Build.StorageLocation", - "markdownDescription": "Information indicating where your game build files are stored. Use this parameter only when creating a build with files stored in an Amazon S3 bucket that you own. The storage location must specify an Amazon S3 bucket name and key. The location must also specify a role ARN that you set up to allow Amazon GameLift Servers to access your Amazon S3 bucket. The S3 bucket and your new build must be in the same Region.\n\nIf a `StorageLocation` is specified, the size of your file can be found in your Amazon S3 bucket. Amazon GameLift Servers will report a `SizeOnDisk` of 0.", - "title": "StorageLocation" - }, - "Version": { - "markdownDescription": "Version information that is associated with this build. Version strings do not need to be unique.", - "title": "Version", + "Labels": { + "additionalProperties": true, + "markdownDescription": "Custom metadata to add to your Docker volume. This parameter maps to `Labels` in the docker container create command and the `xxlabel` option to docker volume create.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { "type": "string" } }, + "title": "Labels", "type": "object" }, - "Type": { - "enum": [ - "AWS::GameLift::Build" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Scope": { + "markdownDescription": "The scope for the Docker volume that determines its lifecycle. Docker volumes that are scoped to a `task` are automatically provisioned when the task starts and destroyed when the task stops. Docker volumes that are scoped as `shared` persist after the task stops.", + "title": "Scope", "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::GameLift::Build.StorageLocation": { + "AWS::ECS::TaskDefinition.EFSVolumeConfiguration": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "An Amazon S3 bucket identifier. The name of the S3 bucket.\n\n> Amazon GameLift doesn't support uploading from Amazon S3 buckets with names that contain a dot (.).", - "title": "Bucket", - "type": "string" + "AuthorizationConfig": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.AuthorizationConfig", + "markdownDescription": "The authorization configuration details for the Amazon EFS file system.", + "title": "AuthorizationConfig" }, - "Key": { - "markdownDescription": "The name of the zip file that contains the build files or script files.", - "title": "Key", + "FilesystemId": { + "markdownDescription": "The Amazon EFS file system ID to use.", + "title": "FilesystemId", "type": "string" }, - "ObjectVersion": { - "markdownDescription": "A version of a stored file to retrieve, if the object versioning feature is turned on for the S3 bucket. Use this parameter to specify a specific version. If this parameter isn't set, Amazon GameLift Servers retrieves the latest version of the file.", - "title": "ObjectVersion", + "RootDirectory": { + "markdownDescription": "The directory within the Amazon EFS file system to mount as the root directory inside the host. If this parameter is omitted, the root of the Amazon EFS volume will be used. Specifying `/` will have the same effect as omitting this parameter.\n\n> If an EFS access point is specified in the `authorizationConfig` , the root directory parameter must either be omitted or set to `/` which will enforce the path set on the EFS access point.", + "title": "RootDirectory", "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARNfor an IAM role that allows Amazon GameLift to access the S3 bucket.", - "title": "RoleArn", + "TransitEncryption": { + "markdownDescription": "Determines whether to use encryption for Amazon EFS data in transit between the Amazon ECS host and the Amazon EFS server. Transit encryption must be turned on if Amazon EFS IAM authorization is used. If this parameter is omitted, the default value of `DISABLED` is used. For more information, see [Encrypting data in transit](https://docs.aws.amazon.com/efs/latest/ug/encryption-in-transit.html) in the *Amazon Elastic File System User Guide* .", + "title": "TransitEncryption", "type": "string" + }, + "TransitEncryptionPort": { + "markdownDescription": "The port to use when sending encrypted data between the Amazon ECS host and the Amazon EFS server. If you do not specify a transit encryption port, it will use the port selection strategy that the Amazon EFS mount helper uses. For more information, see [EFS mount helper](https://docs.aws.amazon.com/efs/latest/ug/efs-mount-helper.html) in the *Amazon Elastic File System User Guide* .", + "title": "TransitEncryptionPort", + "type": "number" } }, "required": [ - "Bucket", - "Key", - "RoleArn" + "FilesystemId" ], "type": "object" }, - "AWS::GameLift::ContainerGroupDefinition": { + "AWS::ECS::TaskDefinition.EnvironmentFile": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ContainerDefinitions": { - "items": { - "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerDefinition" - }, - "type": "array" - }, - "Name": { - "markdownDescription": "A descriptive identifier for the container group definition. The name value is unique in an AWS Region.", - "title": "Name", - "type": "string" - }, - "OperatingSystem": { - "markdownDescription": "The platform that all containers in the container group definition run on.\n\n> Amazon Linux 2 (AL2) will reach end of support on 6/30/2025. See more details in the [Amazon Linux 2 FAQs](https://docs.aws.amazon.com/amazon-linux-2/faqs/) . For game servers that are hosted on AL2 and use server SDK version 4.x for Amazon GameLift Servers, first update the game server build to server SDK 5.x, and then deploy to AL2023 instances. See [Migrate to server SDK version 5.](https://docs.aws.amazon.com/gamelift/latest/developerguide/reference-serversdk5-migration.html)", - "title": "OperatingSystem", - "type": "string" - }, - "SchedulingStrategy": { - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "", - "title": "Tags", - "type": "array" - }, - "TotalCpuLimit": { - "type": "number" - }, - "TotalMemoryLimit": { - "type": "number" - } - }, - "required": [ - "ContainerDefinitions", - "Name", - "OperatingSystem", - "TotalCpuLimit", - "TotalMemoryLimit" - ], - "type": "object" - }, "Type": { - "enum": [ - "AWS::GameLift::ContainerGroupDefinition" - ], + "markdownDescription": "The file type to use. Environment files are objects in Amazon S3. The only supported value is `s3` .", + "title": "Type", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Value": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon S3 object containing the environment variable file.", + "title": "Value", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::GameLift::ContainerGroupDefinition.ContainerDefinition": { + "AWS::ECS::TaskDefinition.EphemeralStorage": { "additionalProperties": false, "properties": { - "Command": { - "items": { - "type": "string" - }, - "type": "array" - }, - "ContainerName": { - "type": "string" - }, - "Cpu": { + "SizeInGiB": { + "markdownDescription": "The total amount, in GiB, of ephemeral storage to set for the task. The minimum supported value is `21` GiB and the maximum supported value is `200` GiB.", + "title": "SizeInGiB", "type": "number" - }, - "DependsOn": { - "items": { - "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerDependency" - }, - "type": "array" - }, - "EntryPoint": { - "items": { - "type": "string" - }, - "type": "array" - }, - "Environment": { - "items": { - "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerEnvironment" - }, - "type": "array" - }, - "Essential": { - "type": "boolean" - }, - "HealthCheck": { - "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerHealthCheck" - }, - "ImageUri": { - "type": "string" - }, - "MemoryLimits": { - "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.MemoryLimits" - }, - "PortConfiguration": { - "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.PortConfiguration" - }, - "ResolvedImageDigest": { + } + }, + "type": "object" + }, + "AWS::ECS::TaskDefinition.FSxAuthorizationConfig": { + "additionalProperties": false, + "properties": { + "CredentialsParameter": { + "markdownDescription": "The authorization credential option to use. The authorization credential options can be provided using either the Amazon Resource Name (ARN) of an AWS Secrets Manager secret or SSM Parameter Store parameter. The ARN refers to the stored credentials.", + "title": "CredentialsParameter", "type": "string" }, - "WorkingDirectory": { + "Domain": { + "markdownDescription": "A fully qualified domain name hosted by an [AWS Directory Service](https://docs.aws.amazon.com/directoryservice/latest/admin-guide/directory_microsoft_ad.html) Managed Microsoft AD (Active Directory) or self-hosted AD on Amazon EC2.", + "title": "Domain", "type": "string" } }, "required": [ - "ContainerName", - "ImageUri" + "CredentialsParameter", + "Domain" ], "type": "object" }, - "AWS::GameLift::ContainerGroupDefinition.ContainerDependency": { + "AWS::ECS::TaskDefinition.FSxWindowsFileServerVolumeConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "markdownDescription": "The condition that the dependency container must reach before the dependent container can start. Valid conditions include:\n\n- START - The dependency container must have started.\n- COMPLETE - The dependency container has run to completion (exits). Use this condition with nonessential containers, such as those that run a script and then exit. The dependency container can't be an essential container.\n- SUCCESS - The dependency container has run to completion and exited with a zero status. The dependency container can't be an essential container.\n- HEALTHY - The dependency container has passed its Docker health check. Use this condition with dependency containers that have health checks configured. This condition is confirmed at container group startup only.", - "title": "Condition", + "AuthorizationConfig": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.FSxAuthorizationConfig", + "markdownDescription": "The authorization configuration details for the Amazon FSx for Windows File Server file system.", + "title": "AuthorizationConfig" + }, + "FileSystemId": { + "markdownDescription": "The Amazon FSx for Windows File Server file system ID to use.", + "title": "FileSystemId", "type": "string" }, - "ContainerName": { - "markdownDescription": "A descriptive label for the container definition that this container depends on.", - "title": "ContainerName", + "RootDirectory": { + "markdownDescription": "The directory within the Amazon FSx for Windows File Server file system to mount as the root directory inside the host.", + "title": "RootDirectory", "type": "string" } }, "required": [ - "Condition", - "ContainerName" + "FileSystemId", + "RootDirectory" ], "type": "object" }, - "AWS::GameLift::ContainerGroupDefinition.ContainerEnvironment": { + "AWS::ECS::TaskDefinition.FirelensConfiguration": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The environment variable name.", - "title": "Name", - "type": "string" + "Options": { + "additionalProperties": true, + "markdownDescription": "The options to use when configuring the log router. This field is optional and can be used to add additional metadata, such as the task, task definition, cluster, and container instance details to the log event.\n\nIf specified, valid option keys are:\n\n- `enable-ecs-log-metadata` , which can be `true` or `false`\n- `config-file-type` , which can be `s3` or `file`\n- `config-file-value` , which is either an S3 ARN or a file path", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Options", + "type": "object" }, - "Value": { - "markdownDescription": "The environment variable value.", - "title": "Value", + "Type": { + "markdownDescription": "The log router to use. The valid values are `fluentd` or `fluentbit` .", + "title": "Type", "type": "string" } }, - "required": [ - "Name", - "Value" - ], "type": "object" }, - "AWS::GameLift::ContainerGroupDefinition.ContainerHealthCheck": { + "AWS::ECS::TaskDefinition.HealthCheck": { "additionalProperties": false, "properties": { "Command": { "items": { "type": "string" }, - "markdownDescription": "A string array that specifies the command that the container runs to determine if it's healthy.", + "markdownDescription": "A string array representing the command that the container runs to determine if it is healthy. The string array must start with `CMD` to run the command arguments directly, or `CMD-SHELL` to run the command with the container's default shell.\n\nWhen you use the AWS Management Console JSON panel, the AWS Command Line Interface , or the APIs, enclose the list of commands in double quotes and brackets.\n\n`[ \"CMD-SHELL\", \"curl -f http://localhost/ || exit 1\" ]`\n\nYou don't include the double quotes and brackets when you use the AWS Management Console.\n\n`CMD-SHELL, curl -f http://localhost/ || exit 1`\n\nAn exit code of 0 indicates success, and non-zero exit code indicates failure. For more information, see `HealthCheck` in the docker container create command.", "title": "Command", "type": "array" }, "Interval": { - "markdownDescription": "The time period (in seconds) between each health check.", + "markdownDescription": "The time period in seconds between each health check execution. You may specify between 5 and 300 seconds. The default value is 30 seconds. This value applies only when you specify a `command` .", "title": "Interval", "type": "number" }, "Retries": { - "markdownDescription": "The number of times to retry a failed health check before flagging the container unhealthy. The first run of the command does not count as a retry.", + "markdownDescription": "The number of times to retry a failed health check before the container is considered unhealthy. You may specify between 1 and 10 retries. The default value is 3. This value applies only when you specify a `command` .", "title": "Retries", "type": "number" }, "StartPeriod": { - "markdownDescription": "The optional grace period (in seconds) to give a container time to bootstrap before the first failed health check counts toward the number of retries.", + "markdownDescription": "The optional grace period to provide containers time to bootstrap before failed health checks count towards the maximum number of retries. You can specify between 0 and 300 seconds. By default, the `startPeriod` is off. This value applies only when you specify a `command` .\n\n> If a health check succeeds within the `startPeriod` , then the container is considered healthy and any subsequent failures count toward the maximum number of retries.", "title": "StartPeriod", "type": "number" }, "Timeout": { - "markdownDescription": "The time period (in seconds) to wait for a health check to succeed before counting a failed health check.", + "markdownDescription": "The time period in seconds to wait for a health check to succeed before it is considered a failure. You may specify between 2 and 60 seconds. The default value is 5. This value applies only when you specify a `command` .", "title": "Timeout", "type": "number" } }, - "required": [ - "Command" - ], "type": "object" }, - "AWS::GameLift::ContainerGroupDefinition.ContainerPortRange": { + "AWS::ECS::TaskDefinition.HostEntry": { "additionalProperties": false, "properties": { - "FromPort": { - "markdownDescription": "A starting value for the range of allowed port numbers.", - "title": "FromPort", - "type": "number" - }, - "Protocol": { - "markdownDescription": "The network protocol that these ports support.", - "title": "Protocol", + "Hostname": { + "markdownDescription": "The hostname to use in the `/etc/hosts` entry.", + "title": "Hostname", "type": "string" }, - "ToPort": { - "markdownDescription": "An ending value for the range of allowed port numbers. Port numbers are end-inclusive. This value must be equal to or greater than `FromPort` .", - "title": "ToPort", - "type": "number" + "IpAddress": { + "markdownDescription": "The IP address to use in the `/etc/hosts` entry.", + "title": "IpAddress", + "type": "string" } }, - "required": [ - "FromPort", - "Protocol", - "ToPort" - ], "type": "object" }, - "AWS::GameLift::ContainerGroupDefinition.MemoryLimits": { + "AWS::ECS::TaskDefinition.HostVolumeProperties": { "additionalProperties": false, "properties": { - "HardLimit": { - "type": "number" - }, - "SoftLimit": { - "type": "number" + "SourcePath": { + "markdownDescription": "When the `host` parameter is used, specify a `sourcePath` to declare the path on the host container instance that's presented to the container. If this parameter is empty, then the Docker daemon has assigned a host path for you. If the `host` parameter contains a `sourcePath` file location, then the data volume persists at the specified location on the host container instance until you delete it manually. If the `sourcePath` value doesn't exist on the host container instance, the Docker daemon creates it. If the location does exist, the contents of the source path folder are exported.\n\nIf you're using the Fargate launch type, the `sourcePath` parameter is not supported.", + "title": "SourcePath", + "type": "string" } }, "type": "object" }, - "AWS::GameLift::ContainerGroupDefinition.PortConfiguration": { + "AWS::ECS::TaskDefinition.KernelCapabilities": { "additionalProperties": false, "properties": { - "ContainerPortRanges": { + "Add": { "items": { - "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerPortRange" + "type": "string" }, - "markdownDescription": "", - "title": "ContainerPortRanges", + "markdownDescription": "The Linux capabilities for the container that have been added to the default configuration provided by Docker. This parameter maps to `CapAdd` in the docker container create command and the `--cap-add` option to docker run.\n\n> Tasks launched on AWS Fargate only support adding the `SYS_PTRACE` kernel capability. \n\nValid values: `\"ALL\" | \"AUDIT_CONTROL\" | \"AUDIT_WRITE\" | \"BLOCK_SUSPEND\" | \"CHOWN\" | \"DAC_OVERRIDE\" | \"DAC_READ_SEARCH\" | \"FOWNER\" | \"FSETID\" | \"IPC_LOCK\" | \"IPC_OWNER\" | \"KILL\" | \"LEASE\" | \"LINUX_IMMUTABLE\" | \"MAC_ADMIN\" | \"MAC_OVERRIDE\" | \"MKNOD\" | \"NET_ADMIN\" | \"NET_BIND_SERVICE\" | \"NET_BROADCAST\" | \"NET_RAW\" | \"SETFCAP\" | \"SETGID\" | \"SETPCAP\" | \"SETUID\" | \"SYS_ADMIN\" | \"SYS_BOOT\" | \"SYS_CHROOT\" | \"SYS_MODULE\" | \"SYS_NICE\" | \"SYS_PACCT\" | \"SYS_PTRACE\" | \"SYS_RAWIO\" | \"SYS_RESOURCE\" | \"SYS_TIME\" | \"SYS_TTY_CONFIG\" | \"SYSLOG\" | \"WAKE_ALARM\"`", + "title": "Add", + "type": "array" + }, + "Drop": { + "items": { + "type": "string" + }, + "markdownDescription": "The Linux capabilities for the container that have been removed from the default configuration provided by Docker. This parameter maps to `CapDrop` in the docker container create command and the `--cap-drop` option to docker run.\n\nValid values: `\"ALL\" | \"AUDIT_CONTROL\" | \"AUDIT_WRITE\" | \"BLOCK_SUSPEND\" | \"CHOWN\" | \"DAC_OVERRIDE\" | \"DAC_READ_SEARCH\" | \"FOWNER\" | \"FSETID\" | \"IPC_LOCK\" | \"IPC_OWNER\" | \"KILL\" | \"LEASE\" | \"LINUX_IMMUTABLE\" | \"MAC_ADMIN\" | \"MAC_OVERRIDE\" | \"MKNOD\" | \"NET_ADMIN\" | \"NET_BIND_SERVICE\" | \"NET_BROADCAST\" | \"NET_RAW\" | \"SETFCAP\" | \"SETGID\" | \"SETPCAP\" | \"SETUID\" | \"SYS_ADMIN\" | \"SYS_BOOT\" | \"SYS_CHROOT\" | \"SYS_MODULE\" | \"SYS_NICE\" | \"SYS_PACCT\" | \"SYS_PTRACE\" | \"SYS_RAWIO\" | \"SYS_RESOURCE\" | \"SYS_TIME\" | \"SYS_TTY_CONFIG\" | \"SYSLOG\" | \"WAKE_ALARM\"`", + "title": "Drop", "type": "array" } }, - "required": [ - "ContainerPortRanges" - ], "type": "object" }, - "AWS::GameLift::Fleet": { + "AWS::ECS::TaskDefinition.KeyValuePair": { "additionalProperties": false, "properties": { - "Condition": { + "Name": { + "markdownDescription": "The name of the key-value pair. For environment variables, this is the name of the environment variable.", + "title": "Name", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Value": { + "markdownDescription": "The value of the key-value pair. For environment variables, this is the value of the environment variable.", + "title": "Value", "type": "string" + } + }, + "type": "object" + }, + "AWS::ECS::TaskDefinition.LinuxParameters": { + "additionalProperties": false, + "properties": { + "Capabilities": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.KernelCapabilities", + "markdownDescription": "The Linux capabilities for the container that are added to or dropped from the default configuration provided by Docker.\n\n> For tasks that use the Fargate launch type, `capabilities` is supported for all platform versions but the `add` parameter is only supported if using platform version 1.4.0 or later.", + "title": "Capabilities" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AnywhereConfiguration": { - "$ref": "#/definitions/AWS::GameLift::Fleet.AnywhereConfiguration", - "markdownDescription": "Amazon GameLift Servers Anywhere configuration options.", - "title": "AnywhereConfiguration" - }, - "ApplyCapacity": { - "markdownDescription": "Current resource capacity settings for managed EC2 fleets and managed container fleets. For multi-location fleets, location values might refer to a fleet's remote location or its home Region.\n\n*Returned by:* [DescribeFleetCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetCapacity.html) , [DescribeFleetLocationCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetLocationCapacity.html) , [UpdateFleetCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateFleetCapacity.html)", - "title": "ApplyCapacity", - "type": "string" - }, - "BuildId": { - "markdownDescription": "A unique identifier for a build to be deployed on the new fleet. If you are deploying the fleet with a custom game build, you must specify this property. The build must have been successfully uploaded to Amazon GameLift and be in a `READY` status. This fleet setting cannot be changed once the fleet is created.", - "title": "BuildId", - "type": "string" - }, - "CertificateConfiguration": { - "$ref": "#/definitions/AWS::GameLift::Fleet.CertificateConfiguration", - "markdownDescription": "Prompts Amazon GameLift Servers to generate a TLS/SSL certificate for the fleet. Amazon GameLift Servers uses the certificates to encrypt traffic between game clients and the game servers running on Amazon GameLift Servers. By default, the `CertificateConfiguration` is `DISABLED` . You can't change this property after you create the fleet.\n\nAWS Certificate Manager (ACM) certificates expire after 13 months. Certificate expiration can cause fleets to fail, preventing players from connecting to instances in the fleet. We recommend you replace fleets before 13 months, consider using fleet aliases for a smooth transition.\n\n> ACM isn't available in all AWS regions. A fleet creation request with certificate generation enabled in an unsupported Region, fails with a 4xx error. For more information about the supported Regions, see [Supported Regions](https://docs.aws.amazon.com/acm/latest/userguide/acm-regions.html) in the *AWS Certificate Manager User Guide* .", - "title": "CertificateConfiguration" - }, - "ComputeType": { - "markdownDescription": "The type of compute resource used to host your game servers.\n\n- `EC2` \u2013 The game server build is deployed to Amazon EC2 instances for cloud hosting. This is the default setting.\n- `ANYWHERE` \u2013 Game servers and supporting software are deployed to compute resources that you provide and manage. With this compute type, you can also set the `AnywhereConfiguration` parameter.", - "title": "ComputeType", - "type": "string" - }, - "ContainerGroupsConfiguration": { - "$ref": "#/definitions/AWS::GameLift::Fleet.ContainerGroupsConfiguration" - }, - "Description": { - "markdownDescription": "A description for the fleet.", - "title": "Description", - "type": "string" - }, - "DesiredEC2Instances": { - "type": "number" - }, - "EC2InboundPermissions": { - "items": { - "$ref": "#/definitions/AWS::GameLift::Fleet.IpPermission" - }, - "markdownDescription": "The IP address ranges and port settings that allow inbound traffic to access game server processes and other processes on this fleet. Set this parameter for managed EC2 fleets. You can leave this parameter empty when creating the fleet, but you must call [](https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateFleetPortSettings) to set it before players can connect to game sessions. As a best practice, we recommend opening ports for remote access only when you need them and closing them when you're finished. For Amazon GameLift Servers Realtime fleets, Amazon GameLift Servers automatically sets TCP and UDP ranges.", - "title": "EC2InboundPermissions", - "type": "array" - }, - "EC2InstanceType": { - "markdownDescription": "The Amazon GameLift Servers-supported Amazon EC2 instance type to use with managed EC2 fleets. Instance type determines the computing resources that will be used to host your game servers, including CPU, memory, storage, and networking capacity. See [Amazon Elastic Compute Cloud Instance Types](https://docs.aws.amazon.com/ec2/instance-types/) for detailed descriptions of Amazon EC2 instance types.", - "title": "EC2InstanceType", - "type": "string" - }, - "FleetType": { - "markdownDescription": "Indicates whether to use On-Demand or Spot instances for this fleet. By default, this property is set to `ON_DEMAND` . Learn more about when to use [On-Demand versus Spot Instances](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-ec2-instances.html#gamelift-ec2-instances-spot) . This fleet property can't be changed after the fleet is created.", - "title": "FleetType", - "type": "string" - }, - "InstanceRoleARN": { - "markdownDescription": "A unique identifier for an IAM role that manages access to your AWS services. With an instance role ARN set, any application that runs on an instance in this fleet can assume the role, including install scripts, server processes, and daemons (background processes). Create a role or look up a role's ARN by using the [IAM dashboard](https://docs.aws.amazon.com/iam/) in the AWS Management Console . Learn more about using on-box credentials for your game servers at [Access external resources from a game server](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-sdk-server-resources.html) . This attribute is used with fleets where `ComputeType` is `EC2` .", - "title": "InstanceRoleARN", - "type": "string" - }, - "InstanceRoleCredentialsProvider": { - "markdownDescription": "Indicates that fleet instances maintain a shared credentials file for the IAM role defined in `InstanceRoleArn` . Shared credentials allow applications that are deployed with the game server executable to communicate with other AWS resources. This property is used only when the game server is integrated with the server SDK version 5.x. For more information about using shared credentials, see [Communicate with other AWS resources from your fleets](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-sdk-server-resources.html) . This attribute is used with fleets where `ComputeType` is `EC2` .", - "title": "InstanceRoleCredentialsProvider", - "type": "string" - }, - "Locations": { - "items": { - "$ref": "#/definitions/AWS::GameLift::Fleet.LocationConfiguration" - }, - "markdownDescription": "A set of remote locations to deploy additional instances to and manage as a multi-location fleet. Use this parameter when creating a fleet in AWS Regions that support multiple locations. You can add any AWS Region or Local Zone that's supported by Amazon GameLift Servers. Provide a list of one or more AWS Region codes, such as `us-west-2` , or Local Zone names. When using this parameter, Amazon GameLift Servers requires you to include your home location in the request. For a list of supported Regions and Local Zones, see [Amazon GameLift Servers service locations](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-regions.html) for managed hosting.", - "title": "Locations", - "type": "array" - }, - "MaxSize": { - "type": "number" - }, - "MetricGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "The name of an AWS CloudWatch metric group to add this fleet to. A metric group is used to aggregate the metrics for multiple fleets. You can specify an existing metric group name or set a new name to create a new metric group. A fleet can be included in only one metric group at a time.", - "title": "MetricGroups", - "type": "array" - }, - "MinSize": { - "type": "number" - }, - "Name": { - "markdownDescription": "A descriptive label that is associated with a fleet. Fleet names do not need to be unique.", - "title": "Name", - "type": "string" - }, - "NewGameSessionProtectionPolicy": { - "markdownDescription": "The status of termination protection for active game sessions on the fleet. By default, this property is set to `NoProtection` .\n\n- *NoProtection* - Game sessions can be terminated during active gameplay as a result of a scale-down event.\n- *FullProtection* - Game sessions in `ACTIVE` status cannot be terminated during a scale-down event.", - "title": "NewGameSessionProtectionPolicy", - "type": "string" - }, - "PeerVpcAwsAccountId": { - "markdownDescription": "Used when peering your Amazon GameLift Servers fleet with a VPC, the unique identifier for the AWS account that owns the VPC. You can find your account ID in the AWS Management Console under account settings.", - "title": "PeerVpcAwsAccountId", - "type": "string" - }, - "PeerVpcId": { - "markdownDescription": "A unique identifier for a VPC with resources to be accessed by your Amazon GameLift Servers fleet. The VPC must be in the same Region as your fleet. To look up a VPC ID, use the [VPC Dashboard](https://docs.aws.amazon.com/vpc/) in the AWS Management Console . Learn more about VPC peering in [VPC Peering with Amazon GameLift Servers Fleets](https://docs.aws.amazon.com/gamelift/latest/developerguide/vpc-peering.html) .", - "title": "PeerVpcId", - "type": "string" - }, - "ResourceCreationLimitPolicy": { - "$ref": "#/definitions/AWS::GameLift::Fleet.ResourceCreationLimitPolicy", - "markdownDescription": "A policy that limits the number of game sessions that an individual player can create on instances in this fleet within a specified span of time.", - "title": "ResourceCreationLimitPolicy" - }, - "RuntimeConfiguration": { - "$ref": "#/definitions/AWS::GameLift::Fleet.RuntimeConfiguration", - "markdownDescription": "Instructions for how to launch and maintain server processes on instances in the fleet. The runtime configuration defines one or more server process configurations, each identifying a build executable or Realtime script file and the number of processes of that type to run concurrently.\n\n> The `RuntimeConfiguration` parameter is required unless the fleet is being configured using the older parameters `ServerLaunchPath` and `ServerLaunchParameters` , which are still supported for backward compatibility.", - "title": "RuntimeConfiguration" - }, - "ScalingPolicies": { - "items": { - "$ref": "#/definitions/AWS::GameLift::Fleet.ScalingPolicy" - }, - "markdownDescription": "Rule that controls how a fleet is scaled. Scaling policies are uniquely identified by the combination of name and fleet ID.", - "title": "ScalingPolicies", - "type": "array" - }, - "ScriptId": { - "markdownDescription": "The unique identifier for a Realtime configuration script to be deployed on fleet instances. You can use either the script ID or ARN. Scripts must be uploaded to Amazon GameLift Servers prior to creating the fleet. This fleet property cannot be changed later.\n\n> You can't use the `!Ref` command to reference a script created with a CloudFormation template for the fleet property `ScriptId` . Instead, use `Fn::GetAtt Script.Arn` or `Fn::GetAtt Script.Id` to retrieve either of these properties as input for `ScriptId` . Alternatively, enter a `ScriptId` string manually.", - "title": "ScriptId", - "type": "string" - } + "Devices": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.Device" }, - "required": [ - "Name" - ], - "type": "object" + "markdownDescription": "Any host devices to expose to the container. This parameter maps to `Devices` in the docker container create command and the `--device` option to docker run.\n\n> If you're using tasks that use the Fargate launch type, the `devices` parameter isn't supported.", + "title": "Devices", + "type": "array" }, - "Type": { - "enum": [ - "AWS::GameLift::Fleet" - ], - "type": "string" + "InitProcessEnabled": { + "markdownDescription": "Run an `init` process inside the container that forwards signals and reaps processes. This parameter maps to the `--init` option to docker run. This parameter requires version 1.25 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`", + "title": "InitProcessEnabled", + "type": "boolean" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "MaxSwap": { + "markdownDescription": "The total amount of swap memory (in MiB) a container can use. This parameter will be translated to the `--memory-swap` option to docker run where the value would be the sum of the container memory plus the `maxSwap` value.\n\nIf a `maxSwap` value of `0` is specified, the container will not use swap. Accepted values are `0` or any positive integer. If the `maxSwap` parameter is omitted, the container will use the swap configuration for the container instance it is running on. A `maxSwap` value must be set for the `swappiness` parameter to be used.\n\n> If you're using tasks that use the Fargate launch type, the `maxSwap` parameter isn't supported.\n> \n> If you're using tasks on Amazon Linux 2023 the `swappiness` parameter isn't supported.", + "title": "MaxSwap", + "type": "number" + }, + "SharedMemorySize": { + "markdownDescription": "The value for the size (in MiB) of the `/dev/shm` volume. This parameter maps to the `--shm-size` option to docker run.\n\n> If you are using tasks that use the Fargate launch type, the `sharedMemorySize` parameter is not supported.", + "title": "SharedMemorySize", + "type": "number" + }, + "Swappiness": { + "markdownDescription": "This allows you to tune a container's memory swappiness behavior. A `swappiness` value of `0` will cause swapping to not happen unless absolutely necessary. A `swappiness` value of `100` will cause pages to be swapped very aggressively. Accepted values are whole numbers between `0` and `100` . If the `swappiness` parameter is not specified, a default value of `60` is used. If a value is not specified for `maxSwap` then this parameter is ignored. This parameter maps to the `--memory-swappiness` option to docker run.\n\n> If you're using tasks that use the Fargate launch type, the `swappiness` parameter isn't supported.\n> \n> If you're using tasks on Amazon Linux 2023 the `swappiness` parameter isn't supported.", + "title": "Swappiness", + "type": "number" + }, + "Tmpfs": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.Tmpfs" + }, + "markdownDescription": "The container path, mount options, and size (in MiB) of the tmpfs mount. This parameter maps to the `--tmpfs` option to docker run.\n\n> If you're using tasks that use the Fargate launch type, the `tmpfs` parameter isn't supported.", + "title": "Tmpfs", + "type": "array" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::GameLift::Fleet.AnywhereConfiguration": { + "AWS::ECS::TaskDefinition.LogConfiguration": { "additionalProperties": false, "properties": { - "Cost": { - "markdownDescription": "The cost to run your fleet per hour. Amazon GameLift Servers uses the provided cost of your fleet to balance usage in queues. For more information about queues, see [Setting up queues](https://docs.aws.amazon.com/gamelift/latest/developerguide/queues-intro.html) in the *Amazon GameLift Servers Developer Guide* .", - "title": "Cost", + "LogDriver": { + "markdownDescription": "The log driver to use for the container.\n\nFor tasks on AWS Fargate , the supported log drivers are `awslogs` , `splunk` , and `awsfirelens` .\n\nFor tasks hosted on Amazon EC2 instances, the supported log drivers are `awslogs` , `fluentd` , `gelf` , `json-file` , `journald` , `syslog` , `splunk` , and `awsfirelens` .\n\nFor more information about using the `awslogs` log driver, see [Send Amazon ECS logs to CloudWatch](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_awslogs.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nFor more information about using the `awsfirelens` log driver, see [Send Amazon ECS logs to an AWS service or AWS Partner](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html) .\n\n> If you have a custom driver that isn't listed, you can fork the Amazon ECS container agent project that's [available on GitHub](https://docs.aws.amazon.com/https://github.com/aws/amazon-ecs-agent) and customize it to work with that driver. We encourage you to submit pull requests for changes that you would like to have included. However, we don't currently provide support for running modified copies of this software.", + "title": "LogDriver", "type": "string" + }, + "Options": { + "additionalProperties": true, + "markdownDescription": "The configuration options to send to the log driver.\n\nThe options you can specify depend on the log driver. Some of the options you can specify when you use the `awslogs` log driver to route logs to Amazon CloudWatch include the following:\n\n- **awslogs-create-group** - Required: No\n\nSpecify whether you want the log group to be created automatically. If this option isn't specified, it defaults to `false` .\n\n> Your IAM policy must include the `logs:CreateLogGroup` permission before you attempt to use `awslogs-create-group` .\n- **awslogs-region** - Required: Yes\n\nSpecify the AWS Region that the `awslogs` log driver is to send your Docker logs to. You can choose to send all of your logs from clusters in different Regions to a single region in CloudWatch Logs. This is so that they're all visible in one location. Otherwise, you can separate them by Region for more granularity. Make sure that the specified log group exists in the Region that you specify with this option.\n- **awslogs-group** - Required: Yes\n\nMake sure to specify a log group that the `awslogs` log driver sends its log streams to.\n- **awslogs-stream-prefix** - Required: Yes, when using Fargate.Optional when using EC2.\n\nUse the `awslogs-stream-prefix` option to associate a log stream with the specified prefix, the container name, and the ID of the Amazon ECS task that the container belongs to. If you specify a prefix with this option, then the log stream takes the format `prefix-name/container-name/ecs-task-id` .\n\nIf you don't specify a prefix with this option, then the log stream is named after the container ID that's assigned by the Docker daemon on the container instance. Because it's difficult to trace logs back to the container that sent them with just the Docker container ID (which is only available on the container instance), we recommend that you specify a prefix with this option.\n\nFor Amazon ECS services, you can use the service name as the prefix. Doing so, you can trace log streams to the service that the container belongs to, the name of the container that sent them, and the ID of the task that the container belongs to.\n\nYou must specify a stream-prefix for your logs to have your logs appear in the Log pane when using the Amazon ECS console.\n- **awslogs-datetime-format** - Required: No\n\nThis option defines a multiline start pattern in Python `strftime` format. A log message consists of a line that matches the pattern and any following lines that don\u2019t match the pattern. The matched line is the delimiter between log messages.\n\nOne example of a use case for using this format is for parsing output such as a stack dump, which might otherwise be logged in multiple entries. The correct pattern allows it to be captured in a single entry.\n\nFor more information, see [awslogs-datetime-format](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/awslogs/#awslogs-datetime-format) .\n\nYou cannot configure both the `awslogs-datetime-format` and `awslogs-multiline-pattern` options.\n\n> Multiline logging performs regular expression parsing and matching of all log messages. This might have a negative impact on logging performance.\n- **awslogs-multiline-pattern** - Required: No\n\nThis option defines a multiline start pattern that uses a regular expression. A log message consists of a line that matches the pattern and any following lines that don\u2019t match the pattern. The matched line is the delimiter between log messages.\n\nFor more information, see [awslogs-multiline-pattern](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/awslogs/#awslogs-multiline-pattern) .\n\nThis option is ignored if `awslogs-datetime-format` is also configured.\n\nYou cannot configure both the `awslogs-datetime-format` and `awslogs-multiline-pattern` options.\n\n> Multiline logging performs regular expression parsing and matching of all log messages. This might have a negative impact on logging performance.\n\nThe following options apply to all supported log drivers.\n\n- **mode** - Required: No\n\nValid values: `non-blocking` | `blocking`\n\nThis option defines the delivery mode of log messages from the container to the log driver specified using `logDriver` . The delivery mode you choose affects application availability when the flow of logs from container is interrupted.\n\nIf you use the `blocking` mode and the flow of logs is interrupted, calls from container code to write to the `stdout` and `stderr` streams will block. The logging thread of the application will block as a result. This may cause the application to become unresponsive and lead to container healthcheck failure.\n\nIf you use the `non-blocking` mode, the container's logs are instead stored in an in-memory intermediate buffer configured with the `max-buffer-size` option. This prevents the application from becoming unresponsive when logs cannot be sent. We recommend using this mode if you want to ensure service availability and are okay with some log loss. For more information, see [Preventing log loss with non-blocking mode in the `awslogs` container log driver](https://docs.aws.amazon.com/containers/preventing-log-loss-with-non-blocking-mode-in-the-awslogs-container-log-driver/) .\n\nYou can set a default `mode` for all containers in a specific AWS Region by using the `defaultLogDriverMode` account setting. If you don't specify the `mode` option or configure the account setting, Amazon ECS will default to the `non-blocking` mode. For more information about the account setting, see [Default log driver mode](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-account-settings.html#default-log-driver-mode) in the *Amazon Elastic Container Service Developer Guide* .\n\n> On June 25, 2025, Amazon ECS changed the default log driver mode from `blocking` to `non-blocking` to prioritize task availability over logging. To continue using the `blocking` mode after this change, do one of the following:\n> \n> - Set the `mode` option in your container definition's `logConfiguration` as `blocking` .\n> - Set the `defaultLogDriverMode` account setting to `blocking` .\n- **max-buffer-size** - Required: No\n\nDefault value: `1m`\n\nWhen `non-blocking` mode is used, the `max-buffer-size` log option controls the size of the buffer that's used for intermediate message storage. Make sure to specify an adequate buffer size based on your application. When the buffer fills up, further logs cannot be stored. Logs that cannot be stored are lost.\n\nTo route logs using the `splunk` log router, you need to specify a `splunk-token` and a `splunk-url` .\n\nWhen you use the `awsfirelens` log router to route logs to an AWS Service or AWS Partner Network destination for log storage and analytics, you can set the `log-driver-buffer-limit` option to limit the number of events that are buffered in memory, before being sent to the log router container. It can help to resolve potential log loss issue because high throughput might result in memory running out for the buffer inside of Docker.\n\nOther options you can specify when using `awsfirelens` to route logs depend on the destination. When you export logs to Amazon Data Firehose, you can specify the AWS Region with `region` and a name for the log stream with `delivery_stream` .\n\nWhen you export logs to Amazon Kinesis Data Streams, you can specify an AWS Region with `region` and a data stream name with `stream` .\n\nWhen you export logs to Amazon OpenSearch Service, you can specify options like `Name` , `Host` (OpenSearch Service endpoint without protocol), `Port` , `Index` , `Type` , `Aws_auth` , `Aws_region` , `Suppress_Type_Name` , and `tls` . For more information, see [Under the hood: FireLens for Amazon ECS Tasks](https://docs.aws.amazon.com/containers/under-the-hood-firelens-for-amazon-ecs-tasks/) .\n\nWhen you export logs to Amazon S3, you can specify the bucket using the `bucket` option. You can also specify `region` , `total_file_size` , `upload_timeout` , and `use_put_object` as options.\n\nThis parameter requires version 1.19 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Options", + "type": "object" + }, + "SecretOptions": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.Secret" + }, + "markdownDescription": "The secrets to pass to the log configuration. For more information, see [Specifying sensitive data](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "SecretOptions", + "type": "array" } }, "required": [ - "Cost" + "LogDriver" ], "type": "object" }, - "AWS::GameLift::Fleet.CertificateConfiguration": { + "AWS::ECS::TaskDefinition.MountPoint": { "additionalProperties": false, "properties": { - "CertificateType": { - "markdownDescription": "Indicates whether a TLS/SSL certificate is generated for a fleet.\n\nValid values include:\n\n- *GENERATED* - Generate a TLS/SSL certificate for this fleet.\n- *DISABLED* - (default) Do not generate a TLS/SSL certificate for this fleet.", - "title": "CertificateType", + "ContainerPath": { + "markdownDescription": "The path on the container to mount the host volume at.", + "title": "ContainerPath", + "type": "string" + }, + "ReadOnly": { + "markdownDescription": "If this value is `true` , the container has read-only access to the volume. If this value is `false` , then the container can write to the volume. The default value is `false` .", + "title": "ReadOnly", + "type": "boolean" + }, + "SourceVolume": { + "markdownDescription": "The name of the volume to mount. Must be a volume name referenced in the `name` parameter of task definition `volume` .", + "title": "SourceVolume", "type": "string" } }, - "required": [ - "CertificateType" - ], "type": "object" }, - "AWS::GameLift::Fleet.ConnectionPortRange": { + "AWS::ECS::TaskDefinition.PortMapping": { "additionalProperties": false, "properties": { - "FromPort": { + "AppProtocol": { + "markdownDescription": "The application protocol that's used for the port mapping. This parameter only applies to Service Connect. We recommend that you set this parameter to be consistent with the protocol that your application uses. If you set this parameter, Amazon ECS adds protocol-specific connection handling to the Service Connect proxy. If you set this parameter, Amazon ECS adds protocol-specific telemetry in the Amazon ECS console and CloudWatch.\n\nIf you don't set a value for this parameter, then TCP is used. However, Amazon ECS doesn't add protocol-specific telemetry for TCP.\n\n`appProtocol` is immutable in a Service Connect service. Updating this field requires a service deletion and redeployment.\n\nTasks that run in a namespace can use short names to connect to services in the namespace. Tasks can connect to services across all of the clusters in the namespace. Tasks connect through a managed proxy container that collects logs and metrics for increased visibility. Only the tasks that Amazon ECS services create are supported with Service Connect. For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "AppProtocol", + "type": "string" + }, + "ContainerPort": { + "markdownDescription": "The port number on the container that's bound to the user-specified or automatically assigned host port.\n\nIf you use containers in a task with the `awsvpc` or `host` network mode, specify the exposed ports using `containerPort` .\n\nIf you use containers in a task with the `bridge` network mode and you specify a container port and not a host port, your container automatically receives a host port in the ephemeral port range. For more information, see `hostPort` . Port mappings that are automatically assigned in this way do not count toward the 100 reserved ports limit of a container instance.", + "title": "ContainerPort", "type": "number" }, - "ToPort": { + "ContainerPortRange": { + "markdownDescription": "The port number range on the container that's bound to the dynamically mapped host port range.\n\nThe following rules apply when you specify a `containerPortRange` :\n\n- You must use either the `bridge` network mode or the `awsvpc` network mode.\n- This parameter is available for both the EC2 and AWS Fargate launch types.\n- This parameter is available for both the Linux and Windows operating systems.\n- The container instance must have at least version 1.67.0 of the container agent and at least version 1.67.0-1 of the `ecs-init` package\n- You can specify a maximum of 100 port ranges per container.\n- You do not specify a `hostPortRange` . The value of the `hostPortRange` is set as follows:\n\n- For containers in a task with the `awsvpc` network mode, the `hostPortRange` is set to the same value as the `containerPortRange` . This is a static mapping strategy.\n- For containers in a task with the `bridge` network mode, the Amazon ECS agent finds open host ports from the default ephemeral range and passes it to docker to bind them to the container ports.\n- The `containerPortRange` valid values are between 1 and 65535.\n- A port can only be included in one port mapping per container.\n- You cannot specify overlapping port ranges.\n- The first port in the range must be less than last port in the range.\n- Docker recommends that you turn off the docker-proxy in the Docker daemon config file when you have a large number of ports.\n\nFor more information, see [Issue #11185](https://docs.aws.amazon.com/https://github.com/moby/moby/issues/11185) on the Github website.\n\nFor information about how to turn off the docker-proxy in the Docker daemon config file, see [Docker daemon](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/bootstrap_container_instance.html#bootstrap_docker_daemon) in the *Amazon ECS Developer Guide* .\n\nYou can call [`DescribeTasks`](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DescribeTasks.html) to view the `hostPortRange` which are the host ports that are bound to the container ports.", + "title": "ContainerPortRange", + "type": "string" + }, + "HostPort": { + "markdownDescription": "The port number on the container instance to reserve for your container.\n\nIf you specify a `containerPortRange` , leave this field empty and the value of the `hostPort` is set as follows:\n\n- For containers in a task with the `awsvpc` network mode, the `hostPort` is set to the same value as the `containerPort` . This is a static mapping strategy.\n- For containers in a task with the `bridge` network mode, the Amazon ECS agent finds open ports on the host and automatically binds them to the container ports. This is a dynamic mapping strategy.\n\nIf you use containers in a task with the `awsvpc` or `host` network mode, the `hostPort` can either be left blank or set to the same value as the `containerPort` .\n\nIf you use containers in a task with the `bridge` network mode, you can specify a non-reserved host port for your container port mapping, or you can omit the `hostPort` (or set it to `0` ) while specifying a `containerPort` and your container automatically receives a port in the ephemeral port range for your container instance operating system and Docker version.\n\nThe default ephemeral port range for Docker version 1.6.0 and later is listed on the instance under `/proc/sys/net/ipv4/ip_local_port_range` . If this kernel parameter is unavailable, the default ephemeral port range from 49153 through 65535 (Linux) or 49152 through 65535 (Windows) is used. Do not attempt to specify a host port in the ephemeral port range as these are reserved for automatic assignment. In general, ports below 32768 are outside of the ephemeral port range.\n\nThe default reserved ports are 22 for SSH, the Docker ports 2375 and 2376, and the Amazon ECS container agent ports 51678-51680. Any host port that was previously specified in a running task is also reserved while the task is running. That is, after a task stops, the host port is released. The current reserved ports are displayed in the `remainingResources` of [DescribeContainerInstances](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DescribeContainerInstances.html) output. A container instance can have up to 100 reserved ports at a time. This number includes the default reserved ports. Automatically assigned ports aren't included in the 100 reserved ports quota.", + "title": "HostPort", "type": "number" + }, + "Name": { + "markdownDescription": "The name that's used for the port mapping. This parameter is the name that you use in the `serviceConnectConfiguration` and the `vpcLatticeConfigurations` of a service. The name can include up to 64 characters. The characters can include lowercase letters, numbers, underscores (_), and hyphens (-). The name can't start with a hyphen.", + "title": "Name", + "type": "string" + }, + "Protocol": { + "markdownDescription": "The protocol used for the port mapping. Valid values are `tcp` and `udp` . The default is `tcp` . `protocol` is immutable in a Service Connect service. Updating this field requires a service deletion and redeployment.", + "title": "Protocol", + "type": "string" } }, - "required": [ - "FromPort", - "ToPort" - ], "type": "object" }, - "AWS::GameLift::Fleet.ContainerGroupsConfiguration": { + "AWS::ECS::TaskDefinition.ProxyConfiguration": { "additionalProperties": false, "properties": { - "ConnectionPortRange": { - "$ref": "#/definitions/AWS::GameLift::Fleet.ConnectionPortRange" + "ContainerName": { + "markdownDescription": "The name of the container that will serve as the App Mesh proxy.", + "title": "ContainerName", + "type": "string" }, - "ContainerGroupDefinitionNames": { + "ProxyConfigurationProperties": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::ECS::TaskDefinition.KeyValuePair" }, + "markdownDescription": "The set of network configuration parameters to provide the Container Network Interface (CNI) plugin, specified as key-value pairs.\n\n- `IgnoredUID` - (Required) The user ID (UID) of the proxy container as defined by the `user` parameter in a container definition. This is used to ensure the proxy ignores its own traffic. If `IgnoredGID` is specified, this field can be empty.\n- `IgnoredGID` - (Required) The group ID (GID) of the proxy container as defined by the `user` parameter in a container definition. This is used to ensure the proxy ignores its own traffic. If `IgnoredUID` is specified, this field can be empty.\n- `AppPorts` - (Required) The list of ports that the application uses. Network traffic to these ports is forwarded to the `ProxyIngressPort` and `ProxyEgressPort` .\n- `ProxyIngressPort` - (Required) Specifies the port that incoming traffic to the `AppPorts` is directed to.\n- `ProxyEgressPort` - (Required) Specifies the port that outgoing traffic from the `AppPorts` is directed to.\n- `EgressIgnoredPorts` - (Required) The egress traffic going to the specified ports is ignored and not redirected to the `ProxyEgressPort` . It can be an empty list.\n- `EgressIgnoredIPs` - (Required) The egress traffic going to the specified IP addresses is ignored and not redirected to the `ProxyEgressPort` . It can be an empty list.", + "title": "ProxyConfigurationProperties", "type": "array" }, - "ContainerGroupsPerInstance": { - "$ref": "#/definitions/AWS::GameLift::Fleet.ContainerGroupsPerInstance" + "Type": { + "markdownDescription": "The proxy type. The only supported value is `APPMESH` .", + "title": "Type", + "type": "string" } }, "required": [ - "ConnectionPortRange", - "ContainerGroupDefinitionNames" + "ContainerName" ], "type": "object" }, - "AWS::GameLift::Fleet.ContainerGroupsPerInstance": { + "AWS::ECS::TaskDefinition.RepositoryCredentials": { "additionalProperties": false, "properties": { - "DesiredReplicaContainerGroupsPerInstance": { - "type": "number" - }, - "MaxReplicaContainerGroupsPerInstance": { - "type": "number" + "CredentialsParameter": { + "markdownDescription": "The Amazon Resource Name (ARN) of the secret containing the private repository credentials.\n\n> When you use the Amazon ECS API, AWS CLI , or AWS SDK, if the secret exists in the same Region as the task that you're launching then you can use either the full ARN or the name of the secret. When you use the AWS Management Console, you must specify the full ARN of the secret.", + "title": "CredentialsParameter", + "type": "string" } }, "type": "object" }, - "AWS::GameLift::Fleet.IpPermission": { + "AWS::ECS::TaskDefinition.ResourceRequirement": { "additionalProperties": false, "properties": { - "FromPort": { - "markdownDescription": "A starting value for a range of allowed port numbers.\n\nFor fleets using Linux builds, only ports `22` and `1026-60000` are valid.\n\nFor fleets using Windows builds, only ports `1026-60000` are valid.", - "title": "FromPort", - "type": "number" - }, - "IpRange": { - "markdownDescription": "A range of allowed IP addresses. This value must be expressed in CIDR notation. Example: \" `000.000.000.000/[subnet mask]` \" or optionally the shortened version \" `0.0.0.0/[subnet mask]` \".", - "title": "IpRange", + "Type": { + "markdownDescription": "The type of resource to assign to a container.", + "title": "Type", "type": "string" }, - "Protocol": { - "markdownDescription": "The network communication protocol used by the fleet.", - "title": "Protocol", + "Value": { + "markdownDescription": "The value for the specified resource type.\n\nWhen the type is `GPU` , the value is the number of physical `GPUs` the Amazon ECS container agent reserves for the container. The number of GPUs that's reserved for all containers in a task can't exceed the number of available GPUs on the container instance that the task is launched on.\n\nWhen the type is `InferenceAccelerator` , the `value` matches the `deviceName` for an [InferenceAccelerator](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_InferenceAccelerator.html) specified in a task definition.", + "title": "Value", "type": "string" - }, - "ToPort": { - "markdownDescription": "An ending value for a range of allowed port numbers. Port numbers are end-inclusive. This value must be equal to or greater than `FromPort` .\n\nFor fleets using Linux builds, only ports `22` and `1026-60000` are valid.\n\nFor fleets using Windows builds, only ports `1026-60000` are valid.", - "title": "ToPort", - "type": "number" } }, "required": [ - "FromPort", - "IpRange", - "Protocol", - "ToPort" + "Type", + "Value" ], "type": "object" }, - "AWS::GameLift::Fleet.LocationCapacity": { + "AWS::ECS::TaskDefinition.RestartPolicy": { "additionalProperties": false, "properties": { - "DesiredEC2Instances": { - "markdownDescription": "The number of Amazon EC2 instances you want to maintain in the specified fleet location. This value must fall between the minimum and maximum size limits. Changes in desired instance value can take up to 1 minute to be reflected when viewing the fleet's capacity settings.", - "title": "DesiredEC2Instances", - "type": "number" + "Enabled": { + "markdownDescription": "Specifies whether a restart policy is enabled for the container.", + "title": "Enabled", + "type": "boolean" }, - "MaxSize": { - "markdownDescription": "The maximum number of instances that are allowed in the specified fleet location. If this parameter is not set, the default is 1.", - "title": "MaxSize", - "type": "number" + "IgnoredExitCodes": { + "items": { + "type": "number" + }, + "markdownDescription": "A list of exit codes that Amazon ECS will ignore and not attempt a restart on. You can specify a maximum of 50 container exit codes. By default, Amazon ECS does not ignore any exit codes.", + "title": "IgnoredExitCodes", + "type": "array" }, - "MinSize": { - "markdownDescription": "The minimum number of instances that are allowed in the specified fleet location. If this parameter is not set, the default is 0.", - "title": "MinSize", + "RestartAttemptPeriod": { + "markdownDescription": "A period of time (in seconds) that the container must run for before a restart can be attempted. A container can be restarted only once every `restartAttemptPeriod` seconds. If a container isn't able to run for this time period and exits early, it will not be restarted. You can set a minimum `restartAttemptPeriod` of 60 seconds and a maximum `restartAttemptPeriod` of 1800 seconds. By default, a container must run for 300 seconds before it can be restarted.", + "title": "RestartAttemptPeriod", "type": "number" } }, - "required": [ - "DesiredEC2Instances", - "MaxSize", - "MinSize" - ], "type": "object" }, - "AWS::GameLift::Fleet.LocationConfiguration": { + "AWS::ECS::TaskDefinition.RuntimePlatform": { "additionalProperties": false, "properties": { - "Location": { - "markdownDescription": "An AWS Region code, such as `us-west-2` . For a list of supported Regions and Local Zones, see [Amazon GameLift Servers service locations](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-regions.html) for managed hosting.", - "title": "Location", + "CpuArchitecture": { + "markdownDescription": "The CPU architecture.\n\nYou can run your Linux tasks on an ARM-based platform by setting the value to `ARM64` . This option is available for tasks that run on Linux Amazon EC2 instance or Linux containers on Fargate.", + "title": "CpuArchitecture", "type": "string" }, - "LocationCapacity": { - "$ref": "#/definitions/AWS::GameLift::Fleet.LocationCapacity", - "markdownDescription": "Current resource capacity settings for managed EC2 fleets and managed container fleets. For multi-location fleets, location values might refer to a fleet's remote location or its home Region.\n\n*Returned by:* [DescribeFleetCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetCapacity.html) , [DescribeFleetLocationCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetLocationCapacity.html) , [UpdateFleetCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateFleetCapacity.html)", - "title": "LocationCapacity" + "OperatingSystemFamily": { + "markdownDescription": "The operating system.", + "title": "OperatingSystemFamily", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ECS::TaskDefinition.Secret": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the secret.", + "title": "Name", + "type": "string" + }, + "ValueFrom": { + "markdownDescription": "The secret to expose to the container. The supported values are either the full ARN of the AWS Secrets Manager secret or the full ARN of the parameter in the SSM Parameter Store.\n\nFor information about the require AWS Identity and Access Management permissions, see [Required IAM permissions for Amazon ECS secrets](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data-secrets.html#secrets-iam) (for Secrets Manager) or [Required IAM permissions for Amazon ECS secrets](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data-parameters.html) (for Systems Manager Parameter store) in the *Amazon Elastic Container Service Developer Guide* .\n\n> If the SSM Parameter Store parameter exists in the same Region as the task you're launching, then you can use either the full ARN or name of the parameter. If the parameter exists in a different Region, then the full ARN must be specified.", + "title": "ValueFrom", + "type": "string" } }, "required": [ - "Location" + "Name", + "ValueFrom" ], "type": "object" }, - "AWS::GameLift::Fleet.ResourceCreationLimitPolicy": { + "AWS::ECS::TaskDefinition.SystemControl": { "additionalProperties": false, "properties": { - "NewGameSessionsPerCreator": { - "markdownDescription": "A policy that puts limits on the number of game sessions that a player can create within a specified span of time. With this policy, you can control players' ability to consume available resources.\n\nThe policy is evaluated when a player tries to create a new game session. On receiving a `CreateGameSession` request, Amazon GameLift Servers checks that the player (identified by `CreatorId` ) has created fewer than game session limit in the specified time period.", - "title": "NewGameSessionsPerCreator", - "type": "number" + "Namespace": { + "markdownDescription": "The namespaced kernel parameter to set a `value` for.", + "title": "Namespace", + "type": "string" }, - "PolicyPeriodInMinutes": { - "markdownDescription": "The time span used in evaluating the resource creation limit policy.", - "title": "PolicyPeriodInMinutes", - "type": "number" + "Value": { + "markdownDescription": "The namespaced kernel parameter to set a `value` for.\n\nValid IPC namespace values: `\"kernel.msgmax\" | \"kernel.msgmnb\" | \"kernel.msgmni\" | \"kernel.sem\" | \"kernel.shmall\" | \"kernel.shmmax\" | \"kernel.shmmni\" | \"kernel.shm_rmid_forced\"` , and `Sysctls` that start with `\"fs.mqueue.*\"`\n\nValid network namespace values: `Sysctls` that start with `\"net.*\"` . Only namespaced `Sysctls` that exist within the container starting with \"net.* are accepted.\n\nAll of these values are supported by Fargate.", + "title": "Value", + "type": "string" } }, "type": "object" }, - "AWS::GameLift::Fleet.RuntimeConfiguration": { + "AWS::ECS::TaskDefinition.TaskDefinitionPlacementConstraint": { "additionalProperties": false, "properties": { - "GameSessionActivationTimeoutSeconds": { - "markdownDescription": "The maximum amount of time (in seconds) allowed to launch a new game session and have it report ready to host players. During this time, the game session is in status `ACTIVATING` . If the game session does not become active before the timeout, it is ended and the game session status is changed to `TERMINATED` .", - "title": "GameSessionActivationTimeoutSeconds", - "type": "number" + "Expression": { + "markdownDescription": "A cluster query language expression to apply to the constraint. For more information, see [Cluster query language](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "Expression", + "type": "string" }, - "MaxConcurrentGameSessionActivations": { - "markdownDescription": "The number of game sessions in status `ACTIVATING` to allow on an instance or compute. This setting limits the instance resources that can be used for new game activations at any one time.", - "title": "MaxConcurrentGameSessionActivations", - "type": "number" + "Type": { + "markdownDescription": "The type of constraint. The `MemberOf` constraint restricts selection to be from a group of valid candidates.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::ECS::TaskDefinition.Tmpfs": { + "additionalProperties": false, + "properties": { + "ContainerPath": { + "markdownDescription": "The absolute file path where the tmpfs volume is to be mounted.", + "title": "ContainerPath", + "type": "string" }, - "ServerProcesses": { + "MountOptions": { "items": { - "$ref": "#/definitions/AWS::GameLift::Fleet.ServerProcess" + "type": "string" }, - "markdownDescription": "A collection of server process configurations that identify what server processes to run on fleet computes.", - "title": "ServerProcesses", + "markdownDescription": "The list of tmpfs volume mount options.\n\nValid values: `\"defaults\" | \"ro\" | \"rw\" | \"suid\" | \"nosuid\" | \"dev\" | \"nodev\" | \"exec\" | \"noexec\" | \"sync\" | \"async\" | \"dirsync\" | \"remount\" | \"mand\" | \"nomand\" | \"atime\" | \"noatime\" | \"diratime\" | \"nodiratime\" | \"bind\" | \"rbind\" | \"unbindable\" | \"runbindable\" | \"private\" | \"rprivate\" | \"shared\" | \"rshared\" | \"slave\" | \"rslave\" | \"relatime\" | \"norelatime\" | \"strictatime\" | \"nostrictatime\" | \"mode\" | \"uid\" | \"gid\" | \"nr_inodes\" | \"nr_blocks\" | \"mpol\"`", + "title": "MountOptions", "type": "array" + }, + "Size": { + "markdownDescription": "The maximum size (in MiB) of the tmpfs volume.", + "title": "Size", + "type": "number" } }, + "required": [ + "Size" + ], "type": "object" }, - "AWS::GameLift::Fleet.ScalingPolicy": { + "AWS::ECS::TaskDefinition.Ulimit": { "additionalProperties": false, "properties": { - "ComparisonOperator": { - "markdownDescription": "Comparison operator to use when measuring a metric against the threshold value.", - "title": "ComparisonOperator", - "type": "string" - }, - "EvaluationPeriods": { - "markdownDescription": "Length of time (in minutes) the metric must be at or beyond the threshold before a scaling event is triggered.", - "title": "EvaluationPeriods", + "HardLimit": { + "markdownDescription": "The hard limit for the `ulimit` type. The value can be specified in bytes, seconds, or as a count, depending on the `type` of the `ulimit` .", + "title": "HardLimit", "type": "number" }, - "Location": { - "markdownDescription": "The fleet location.", - "title": "Location", - "type": "string" - }, - "MetricName": { - "markdownDescription": "Name of the Amazon GameLift Servers-defined metric that is used to trigger a scaling adjustment. For detailed descriptions of fleet metrics, see [Monitor Amazon GameLift Servers with Amazon CloudWatch](https://docs.aws.amazon.com/gamelift/latest/developerguide/monitoring-cloudwatch.html) .\n\n- *ActivatingGameSessions* -- Game sessions in the process of being created.\n- *ActiveGameSessions* -- Game sessions that are currently running.\n- *ActiveInstances* -- Fleet instances that are currently running at least one game session.\n- *AvailableGameSessions* -- Additional game sessions that fleet could host simultaneously, given current capacity.\n- *AvailablePlayerSessions* -- Empty player slots in currently active game sessions. This includes game sessions that are not currently accepting players. Reserved player slots are not included.\n- *CurrentPlayerSessions* -- Player slots in active game sessions that are being used by a player or are reserved for a player.\n- *IdleInstances* -- Active instances that are currently hosting zero game sessions.\n- *PercentAvailableGameSessions* -- Unused percentage of the total number of game sessions that a fleet could host simultaneously, given current capacity. Use this metric for a target-based scaling policy.\n- *PercentIdleInstances* -- Percentage of the total number of active instances that are hosting zero game sessions.\n- *QueueDepth* -- Pending game session placement requests, in any queue, where the current fleet is the top-priority destination.\n- *WaitTime* -- Current wait time for pending game session placement requests, in any queue, where the current fleet is the top-priority destination.", - "title": "MetricName", - "type": "string" - }, "Name": { - "markdownDescription": "A descriptive label that is associated with a fleet's scaling policy. Policy names do not need to be unique.", + "markdownDescription": "The `type` of the `ulimit` .", "title": "Name", "type": "string" }, - "PolicyType": { - "markdownDescription": "The type of scaling policy to create. For a target-based policy, set the parameter *MetricName* to 'PercentAvailableGameSessions' and specify a *TargetConfiguration* . For a rule-based policy set the following parameters: *MetricName* , *ComparisonOperator* , *Threshold* , *EvaluationPeriods* , *ScalingAdjustmentType* , and *ScalingAdjustment* .", - "title": "PolicyType", - "type": "string" - }, - "ScalingAdjustment": { - "markdownDescription": "Amount of adjustment to make, based on the scaling adjustment type.", - "title": "ScalingAdjustment", - "type": "number" - }, - "ScalingAdjustmentType": { - "markdownDescription": "The type of adjustment to make to a fleet's instance count.\n\n- *ChangeInCapacity* -- add (or subtract) the scaling adjustment value from the current instance count. Positive values scale up while negative values scale down.\n- *ExactCapacity* -- set the instance count to the scaling adjustment value.\n- *PercentChangeInCapacity* -- increase or reduce the current instance count by the scaling adjustment, read as a percentage. Positive values scale up while negative values scale down.", - "title": "ScalingAdjustmentType", - "type": "string" - }, - "Status": { - "markdownDescription": "Current status of the scaling policy. The scaling policy can be in force only when in an `ACTIVE` status. Scaling policies can be suspended for individual fleets. If the policy is suspended for a fleet, the policy status does not change.\n\n- *ACTIVE* -- The scaling policy can be used for auto-scaling a fleet.\n- *UPDATE_REQUESTED* -- A request to update the scaling policy has been received.\n- *UPDATING* -- A change is being made to the scaling policy.\n- *DELETE_REQUESTED* -- A request to delete the scaling policy has been received.\n- *DELETING* -- The scaling policy is being deleted.\n- *DELETED* -- The scaling policy has been deleted.\n- *ERROR* -- An error occurred in creating the policy. It should be removed and recreated.", - "title": "Status", - "type": "string" - }, - "TargetConfiguration": { - "$ref": "#/definitions/AWS::GameLift::Fleet.TargetConfiguration", - "markdownDescription": "An object that contains settings for a target-based scaling policy.", - "title": "TargetConfiguration" - }, - "Threshold": { - "markdownDescription": "Metric value used to trigger a scaling event.", - "title": "Threshold", + "SoftLimit": { + "markdownDescription": "The soft limit for the `ulimit` type. The value can be specified in bytes, seconds, or as a count, depending on the `type` of the `ulimit` .", + "title": "SoftLimit", "type": "number" - }, - "UpdateStatus": { - "markdownDescription": "The current status of the fleet's scaling policies in a requested fleet location. The status `PENDING_UPDATE` indicates that an update was requested for the fleet but has not yet been completed for the location.", - "title": "UpdateStatus", - "type": "string" } }, "required": [ - "MetricName", - "Name" + "HardLimit", + "Name", + "SoftLimit" ], "type": "object" }, - "AWS::GameLift::Fleet.ServerProcess": { + "AWS::ECS::TaskDefinition.Volume": { "additionalProperties": false, "properties": { - "ConcurrentExecutions": { - "markdownDescription": "The number of server processes using this configuration that run concurrently on each instance or compute.", - "title": "ConcurrentExecutions", - "type": "number" + "ConfiguredAtLaunch": { + "markdownDescription": "Indicates whether the volume should be configured at launch time. This is used to create Amazon EBS volumes for standalone tasks or tasks created as part of a service. Each task definition revision may only have one volume configured at launch in the volume configuration.\n\nTo configure a volume at launch time, use this task definition revision and specify a `volumeConfigurations` object when calling the `CreateService` , `UpdateService` , `RunTask` or `StartTask` APIs.", + "title": "ConfiguredAtLaunch", + "type": "boolean" }, - "LaunchPath": { - "markdownDescription": "The location of a game build executable or Realtime script. Game builds and Realtime scripts are installed on instances at the root:\n\n- Windows (custom game builds only): `C:\\game` . Example: \" `C:\\game\\MyGame\\server.exe` \"\n- Linux: `/local/game` . Examples: \" `/local/game/MyGame/server.exe` \" or \" `/local/game/MyRealtimeScript.js` \"\n\n> Amazon GameLift Servers doesn't support the use of setup scripts that launch the game executable. For custom game builds, this parameter must indicate the executable that calls the server SDK operations `initSDK()` and `ProcessReady()` .", - "title": "LaunchPath", - "type": "string" + "DockerVolumeConfiguration": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.DockerVolumeConfiguration", + "markdownDescription": "This parameter is specified when you use Docker volumes.\n\nWindows containers only support the use of the `local` driver. To use bind mounts, specify the `host` parameter instead.\n\n> Docker volumes aren't supported by tasks run on AWS Fargate .", + "title": "DockerVolumeConfiguration" }, - "Parameters": { - "markdownDescription": "An optional list of parameters to pass to the server executable or Realtime script on launch.\n\nLength Constraints: Minimum length of 1. Maximum length of 1024.\n\nPattern: [A-Za-z0-9_:.+\\/\\\\\\- =@{},?'\\[\\]\"]+", - "title": "Parameters", + "EFSVolumeConfiguration": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.EFSVolumeConfiguration", + "markdownDescription": "This parameter is specified when you use an Amazon Elastic File System file system for task storage.", + "title": "EFSVolumeConfiguration" + }, + "FSxWindowsFileServerVolumeConfiguration": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.FSxWindowsFileServerVolumeConfiguration", + "markdownDescription": "This parameter is specified when you use Amazon FSx for Windows File Server file system for task storage.", + "title": "FSxWindowsFileServerVolumeConfiguration" + }, + "Host": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.HostVolumeProperties", + "markdownDescription": "This parameter is specified when you use bind mount host volumes. The contents of the `host` parameter determine whether your bind mount host volume persists on the host container instance and where it's stored. If the `host` parameter is empty, then the Docker daemon assigns a host path for your data volume. However, the data isn't guaranteed to persist after the containers that are associated with it stop running.\n\nWindows containers can mount whole directories on the same drive as `$env:ProgramData` . Windows containers can't mount directories on a different drive, and mount point can't be across drives. For example, you can mount `C:\\my\\path:C:\\my\\path` and `D:\\:D:\\` , but not `D:\\my\\path:C:\\my\\path` or `D:\\:C:\\my\\path` .", + "title": "Host" + }, + "Name": { + "markdownDescription": "The name of the volume. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed.\n\nWhen using a volume configured at launch, the `name` is required and must also be specified as the volume name in the `ServiceVolumeConfiguration` or `TaskVolumeConfiguration` parameter when creating your service or standalone task.\n\nFor all other types of volumes, this name is referenced in the `sourceVolume` parameter of the `mountPoints` object in the container definition.\n\nWhen a volume is using the `efsVolumeConfiguration` , the name is required.", + "title": "Name", "type": "string" } }, - "required": [ - "ConcurrentExecutions", - "LaunchPath" - ], "type": "object" }, - "AWS::GameLift::Fleet.TargetConfiguration": { + "AWS::ECS::TaskDefinition.VolumeFrom": { "additionalProperties": false, "properties": { - "TargetValue": { - "markdownDescription": "Desired value to use with a target-based scaling policy. The value must be relevant for whatever metric the scaling policy is using. For example, in a policy using the metric PercentAvailableGameSessions, the target value should be the preferred size of the fleet's buffer (the percent of capacity that should be idle and ready for new game sessions).", - "title": "TargetValue", - "type": "number" + "ReadOnly": { + "markdownDescription": "If this value is `true` , the container has read-only access to the volume. If this value is `false` , then the container can write to the volume. The default value is `false` .", + "title": "ReadOnly", + "type": "boolean" + }, + "SourceContainer": { + "markdownDescription": "The name of another container within the same task definition to mount volumes from.", + "title": "SourceContainer", + "type": "string" } }, - "required": [ - "TargetValue" - ], "type": "object" }, - "AWS::GameLift::GameServerGroup": { + "AWS::ECS::TaskSet": { "additionalProperties": false, "properties": { "Condition": { @@ -103670,86 +106825,89 @@ "Properties": { "additionalProperties": false, "properties": { - "AutoScalingPolicy": { - "$ref": "#/definitions/AWS::GameLift::GameServerGroup.AutoScalingPolicy", - "markdownDescription": "Configuration settings to define a scaling policy for the Auto Scaling group that is optimized for game hosting. The scaling policy uses the metric `\"PercentUtilizedGameServers\"` to maintain a buffer of idle game servers that can immediately accommodate new games and players. After the Auto Scaling group is created, update this value directly in the Auto Scaling group using the AWS console or APIs.", - "title": "AutoScalingPolicy" - }, - "BalancingStrategy": { - "markdownDescription": "Indicates how Amazon GameLift Servers FleetIQ balances the use of Spot Instances and On-Demand Instances in the game server group. Method options include the following:\n\n- `SPOT_ONLY` - Only Spot Instances are used in the game server group. If Spot Instances are unavailable or not viable for game hosting, the game server group provides no hosting capacity until Spot Instances can again be used. Until then, no new instances are started, and the existing nonviable Spot Instances are terminated (after current gameplay ends) and are not replaced.\n- `SPOT_PREFERRED` - (default value) Spot Instances are used whenever available in the game server group. If Spot Instances are unavailable, the game server group continues to provide hosting capacity by falling back to On-Demand Instances. Existing nonviable Spot Instances are terminated (after current gameplay ends) and are replaced with new On-Demand Instances.\n- `ON_DEMAND_ONLY` - Only On-Demand Instances are used in the game server group. No Spot Instances are used, even when available, while this balancing strategy is in force.", - "title": "BalancingStrategy", - "type": "string" + "CapacityProviderStrategy": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskSet.CapacityProviderStrategyItem" + }, + "markdownDescription": "The capacity provider strategy that are associated with the task set.", + "title": "CapacityProviderStrategy", + "type": "array" }, - "DeleteOption": { - "markdownDescription": "The type of delete to perform. To delete a game server group, specify the `DeleteOption` . Options include the following:\n\n- `SAFE_DELETE` \u2013 (default) Terminates the game server group and Amazon EC2 Auto Scaling group only when it has no game servers that are in `UTILIZED` status.\n- `FORCE_DELETE` \u2013 Terminates the game server group, including all active game servers regardless of their utilization status, and the Amazon EC2 Auto Scaling group.\n- `RETAIN` \u2013 Does a safe delete of the game server group but retains the Amazon EC2 Auto Scaling group as is.", - "title": "DeleteOption", + "Cluster": { + "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the cluster that hosts the service to create the task set in.", + "title": "Cluster", "type": "string" }, - "GameServerGroupName": { - "markdownDescription": "A developer-defined identifier for the game server group. The name is unique for each Region in each AWS account.", - "title": "GameServerGroupName", + "ExternalId": { + "markdownDescription": "An optional non-unique tag that identifies this task set in external systems. If the task set is associated with a service discovery registry, the tasks in this task set will have the `ECS_TASK_SET_EXTERNAL_ID` AWS Cloud Map attribute set to the provided value.", + "title": "ExternalId", "type": "string" }, - "GameServerProtectionPolicy": { - "markdownDescription": "A flag that indicates whether instances in the game server group are protected from early termination. Unprotected instances that have active game servers running might be terminated during a scale-down event, causing players to be dropped from the game. Protected instances cannot be terminated while there are active game servers running except in the event of a forced game server group deletion (see ). An exception to this is with Spot Instances, which can be terminated by AWS regardless of protection status.", - "title": "GameServerProtectionPolicy", + "LaunchType": { + "markdownDescription": "The launch type that new tasks in the task set uses. For more information, see [Amazon ECS launch types](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/launch_types.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nIf a `launchType` is specified, the `capacityProviderStrategy` parameter must be omitted.", + "title": "LaunchType", "type": "string" }, - "InstanceDefinitions": { + "LoadBalancers": { "items": { - "$ref": "#/definitions/AWS::GameLift::GameServerGroup.InstanceDefinition" + "$ref": "#/definitions/AWS::ECS::TaskSet.LoadBalancer" }, - "markdownDescription": "The set of Amazon EC2 instance types that Amazon GameLift Servers FleetIQ can use when balancing and automatically scaling instances in the corresponding Auto Scaling group.", - "title": "InstanceDefinitions", + "markdownDescription": "A load balancer object representing the load balancer to use with the task set. The supported load balancer types are either an Application Load Balancer or a Network Load Balancer.", + "title": "LoadBalancers", "type": "array" }, - "LaunchTemplate": { - "$ref": "#/definitions/AWS::GameLift::GameServerGroup.LaunchTemplate", - "markdownDescription": "The Amazon EC2 launch template that contains configuration settings and game server code to be deployed to all instances in the game server group. You can specify the template using either the template name or ID. For help with creating a launch template, see [Creating a Launch Template for an Auto Scaling Group](https://docs.aws.amazon.com/autoscaling/ec2/userguide/create-launch-template.html) in the *Amazon Elastic Compute Cloud Auto Scaling User Guide* . After the Auto Scaling group is created, update this value directly in the Auto Scaling group using the AWS console or APIs.\n\n> If you specify network interfaces in your launch template, you must explicitly set the property `AssociatePublicIpAddress` to \"true\". If no network interface is specified in the launch template, Amazon GameLift Servers FleetIQ uses your account's default VPC.", - "title": "LaunchTemplate" + "NetworkConfiguration": { + "$ref": "#/definitions/AWS::ECS::TaskSet.NetworkConfiguration", + "markdownDescription": "The network configuration for the task set.", + "title": "NetworkConfiguration" }, - "MaxSize": { - "markdownDescription": "The maximum number of instances allowed in the Amazon EC2 Auto Scaling group. During automatic scaling events, Amazon GameLift Servers FleetIQ and EC2 do not scale up the group above this maximum. After the Auto Scaling group is created, update this value directly in the Auto Scaling group using the AWS console or APIs.", - "title": "MaxSize", - "type": "number" + "PlatformVersion": { + "markdownDescription": "The platform version that the tasks in the task set uses. A platform version is specified only for tasks using the Fargate launch type. If one isn't specified, the `LATEST` platform version is used.", + "title": "PlatformVersion", + "type": "string" }, - "MinSize": { - "markdownDescription": "The minimum number of instances allowed in the Amazon EC2 Auto Scaling group. During automatic scaling events, Amazon GameLift Servers FleetIQ and Amazon EC2 do not scale down the group below this minimum. In production, this value should be set to at least 1. After the Auto Scaling group is created, update this value directly in the Auto Scaling group using the AWS console or APIs.", - "title": "MinSize", - "type": "number" + "Scale": { + "$ref": "#/definitions/AWS::ECS::TaskSet.Scale", + "markdownDescription": "A floating-point percentage of your desired number of tasks to place and keep running in the task set.", + "title": "Scale" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name ( [ARN](https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-arn-format.html) ) for an IAM role that allows Amazon GameLift Servers to access your Amazon EC2 Auto Scaling groups.", - "title": "RoleArn", + "Service": { + "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the service to create the task set in.", + "title": "Service", "type": "string" }, - "Tags": { + "ServiceRegistries": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::ECS::TaskSet.ServiceRegistry" }, - "markdownDescription": "A list of labels to assign to the new game server group resource. Tags are developer-defined key-value pairs. Tagging AWS resources is useful for resource management, access management, and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference* . Once the resource is created, you can use TagResource, UntagResource, and ListTagsForResource to add, remove, and view tags, respectively. The maximum tag limit may be lower than stated. See the AWS General Reference for actual tagging limits.", - "title": "Tags", + "markdownDescription": "The details of the service discovery registries to assign to this task set. For more information, see [Service discovery](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-discovery.html) .", + "title": "ServiceRegistries", "type": "array" }, - "VpcSubnets": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of virtual private cloud (VPC) subnets to use with instances in the game server group. By default, all Amazon GameLift Servers FleetIQ-supported Availability Zones are used. You can use this parameter to specify VPCs that you've set up. This property cannot be updated after the game server group is created, and the corresponding Auto Scaling group will always use the property value that is set with this request, even if the Auto Scaling group is updated directly.", - "title": "VpcSubnets", + "markdownDescription": "The metadata that you apply to the task set to help you categorize and organize them. Each tag consists of a key and an optional value. You define both.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8\n- Maximum value length - 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", + "title": "Tags", "type": "array" + }, + "TaskDefinition": { + "markdownDescription": "The task definition for the tasks in the task set to use. If a revision isn't specified, the latest `ACTIVE` revision is used.", + "title": "TaskDefinition", + "type": "string" } }, "required": [ - "GameServerGroupName", - "InstanceDefinitions", - "RoleArn" + "Cluster", + "Service", + "TaskDefinition" ], "type": "object" }, "Type": { "enum": [ - "AWS::GameLift::GameServerGroup" + "AWS::ECS::TaskSet" ], "type": "string" }, @@ -103768,80 +106926,132 @@ ], "type": "object" }, - "AWS::GameLift::GameServerGroup.AutoScalingPolicy": { + "AWS::ECS::TaskSet.AwsVpcConfiguration": { "additionalProperties": false, "properties": { - "EstimatedInstanceWarmup": { - "markdownDescription": "Length of time, in seconds, it takes for a new instance to start new game server processes and register with Amazon GameLift Servers FleetIQ. Specifying a warm-up time can be useful, particularly with game servers that take a long time to start up, because it avoids prematurely starting new instances.", - "title": "EstimatedInstanceWarmup", - "type": "number" + "AssignPublicIp": { + "markdownDescription": "Whether the task's elastic network interface receives a public IP address.\n\nConsider the following when you set this value:\n\n- When you use `create-service` or `update-service` , the default is `DISABLED` .\n- When the service `deploymentController` is `ECS` , the value must be `DISABLED` .", + "title": "AssignPublicIp", + "type": "string" }, - "TargetTrackingConfiguration": { - "$ref": "#/definitions/AWS::GameLift::GameServerGroup.TargetTrackingConfiguration", - "markdownDescription": "Settings for a target-based scaling policy applied to Auto Scaling group. These settings are used to create a target-based policy that tracks the GameLift FleetIQ metric `PercentUtilizedGameServers` and specifies a target value for the metric. As player usage changes, the policy triggers to adjust the game server group capacity so that the metric returns to the target value.", - "title": "TargetTrackingConfiguration" + "SecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the security groups associated with the task or service. If you don't specify a security group, the default security group for the VPC is used. There's a limit of 5 security groups that can be specified.\n\n> All specified security groups must be from the same VPC.", + "title": "SecurityGroups", + "type": "array" + }, + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the subnets associated with the task or service. There's a limit of 16 subnets that can be specified.\n\n> All specified subnets must be from the same VPC.", + "title": "Subnets", + "type": "array" } }, "required": [ - "TargetTrackingConfiguration" + "Subnets" ], "type": "object" }, - "AWS::GameLift::GameServerGroup.InstanceDefinition": { + "AWS::ECS::TaskSet.CapacityProviderStrategyItem": { "additionalProperties": false, "properties": { - "InstanceType": { - "markdownDescription": "An Amazon EC2 instance type designation.", - "title": "InstanceType", - "type": "string" + "Base": { + "markdownDescription": "The *base* value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a *base* defined. If no value is specified, the default value of `0` is used.", + "title": "Base", + "type": "number" }, - "WeightedCapacity": { - "markdownDescription": "Instance weighting that indicates how much this instance type contributes to the total capacity of a game server group. Instance weights are used by Amazon GameLift Servers FleetIQ to calculate the instance type's cost per unit hour and better identify the most cost-effective options. For detailed information on weighting instance capacity, see [Instance Weighting](https://docs.aws.amazon.com/autoscaling/ec2/userguide/asg-instance-weighting.html) in the *Amazon Elastic Compute Cloud Auto Scaling User Guide* . Default value is \"1\".", - "title": "WeightedCapacity", + "CapacityProvider": { + "markdownDescription": "The short name of the capacity provider.", + "title": "CapacityProvider", "type": "string" + }, + "Weight": { + "markdownDescription": "The *weight* value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The `weight` value is taken into consideration after the `base` value, if defined, is satisfied.\n\nIf no `weight` value is specified, the default value of `0` is used. When multiple capacity providers are specified within a capacity provider strategy, at least one of the capacity providers must have a weight value greater than zero and any capacity providers with a weight of `0` can't be used to place tasks. If you specify multiple capacity providers in a strategy that all have a weight of `0` , any `RunTask` or `CreateService` actions using the capacity provider strategy will fail.\n\nAn example scenario for using weights is defining a strategy that contains two capacity providers and both have a weight of `1` , then when the `base` is satisfied, the tasks will be split evenly across the two capacity providers. Using that same logic, if you specify a weight of `1` for *capacityProviderA* and a weight of `4` for *capacityProviderB* , then for every one task that's run using *capacityProviderA* , four tasks would use *capacityProviderB* .", + "title": "Weight", + "type": "number" } }, - "required": [ - "InstanceType" - ], "type": "object" }, - "AWS::GameLift::GameServerGroup.LaunchTemplate": { + "AWS::ECS::TaskSet.LoadBalancer": { "additionalProperties": false, "properties": { - "LaunchTemplateId": { - "markdownDescription": "A unique identifier for an existing Amazon EC2 launch template.", - "title": "LaunchTemplateId", + "ContainerName": { + "markdownDescription": "The name of the container (as it appears in a container definition) to associate with the load balancer.\n\nYou need to specify the container name when configuring the target group for an Amazon ECS load balancer.", + "title": "ContainerName", "type": "string" }, - "LaunchTemplateName": { - "markdownDescription": "A readable identifier for an existing Amazon EC2 launch template.", - "title": "LaunchTemplateName", - "type": "string" + "ContainerPort": { + "markdownDescription": "The port on the container to associate with the load balancer. This port must correspond to a `containerPort` in the task definition the tasks in the service are using. For tasks that use the EC2 launch type, the container instance they're launched on must allow ingress traffic on the `hostPort` of the port mapping.", + "title": "ContainerPort", + "type": "number" }, - "Version": { - "markdownDescription": "The version of the Amazon EC2 launch template to use. If no version is specified, the default version will be used. With Amazon EC2, you can specify a default version for a launch template. If none is set, the default is the first version created.", - "title": "Version", + "TargetGroupArn": { + "markdownDescription": "The full Amazon Resource Name (ARN) of the Elastic Load Balancing target group or groups associated with a service or task set.\n\nA target group ARN is only specified when using an Application Load Balancer or Network Load Balancer.\n\nFor services using the `ECS` deployment controller, you can specify one or multiple target groups. For more information, see [Registering multiple target groups with a service](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/register-multiple-targetgroups.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nFor services using the `CODE_DEPLOY` deployment controller, you're required to define two target groups for the load balancer. For more information, see [Blue/green deployment with CodeDeploy](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-type-bluegreen.html) in the *Amazon Elastic Container Service Developer Guide* .\n\n> If your service's task definition uses the `awsvpc` network mode, you must choose `ip` as the target type, not `instance` . Do this when creating your target groups because tasks that use the `awsvpc` network mode are associated with an elastic network interface, not an Amazon EC2 instance. This network mode is required for the Fargate launch type.", + "title": "TargetGroupArn", "type": "string" } }, "type": "object" }, - "AWS::GameLift::GameServerGroup.TargetTrackingConfiguration": { + "AWS::ECS::TaskSet.NetworkConfiguration": { "additionalProperties": false, "properties": { - "TargetValue": { - "markdownDescription": "Desired value to use with a game server group target-based scaling policy.", - "title": "TargetValue", + "AwsVpcConfiguration": { + "$ref": "#/definitions/AWS::ECS::TaskSet.AwsVpcConfiguration", + "markdownDescription": "The VPC subnets and security groups that are associated with a task.\n\n> All specified subnets and security groups must be from the same VPC.", + "title": "AwsVpcConfiguration" + } + }, + "type": "object" + }, + "AWS::ECS::TaskSet.Scale": { + "additionalProperties": false, + "properties": { + "Unit": { + "markdownDescription": "The unit of measure for the scale value.", + "title": "Unit", + "type": "string" + }, + "Value": { + "markdownDescription": "The value, specified as a percent total of a service's `desiredCount` , to scale the task set. Accepted values are numbers between 0 and 100.", + "title": "Value", "type": "number" } }, - "required": [ - "TargetValue" - ], "type": "object" }, - "AWS::GameLift::GameSessionQueue": { + "AWS::ECS::TaskSet.ServiceRegistry": { + "additionalProperties": false, + "properties": { + "ContainerName": { + "markdownDescription": "The container name value to be used for your service discovery service. It's already specified in the task definition. If the task definition that your service task specifies uses the `bridge` or `host` network mode, you must specify a `containerName` and `containerPort` combination from the task definition. If the task definition that your service task specifies uses the `awsvpc` network mode and a type SRV DNS record is used, you must specify either a `containerName` and `containerPort` combination or a `port` value. However, you can't specify both.", + "title": "ContainerName", + "type": "string" + }, + "ContainerPort": { + "markdownDescription": "The port value to be used for your service discovery service. It's already specified in the task definition. If the task definition your service task specifies uses the `bridge` or `host` network mode, you must specify a `containerName` and `containerPort` combination from the task definition. If the task definition your service task specifies uses the `awsvpc` network mode and a type SRV DNS record is used, you must specify either a `containerName` and `containerPort` combination or a `port` value. However, you can't specify both.", + "title": "ContainerPort", + "type": "number" + }, + "Port": { + "markdownDescription": "The port value used if your service discovery service specified an SRV record. This field might be used if both the `awsvpc` network mode and SRV records are used.", + "title": "Port", + "type": "number" + }, + "RegistryArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the service registry. The currently supported service registry is AWS Cloud Map . For more information, see [CreateService](https://docs.aws.amazon.com/cloud-map/latest/api/API_CreateService.html) .", + "title": "RegistryArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EFS::AccessPoint": { "additionalProperties": false, "properties": { "Condition": { @@ -103876,69 +107086,43 @@ "Properties": { "additionalProperties": false, "properties": { - "CustomEventData": { - "markdownDescription": "Information to be added to all events that are related to this game session queue.", - "title": "CustomEventData", - "type": "string" - }, - "Destinations": { + "AccessPointTags": { "items": { - "$ref": "#/definitions/AWS::GameLift::GameSessionQueue.GameSessionQueueDestination" + "$ref": "#/definitions/AWS::EFS::AccessPoint.AccessPointTag" }, - "markdownDescription": "A list of fleets and/or fleet aliases that can be used to fulfill game session placement requests in the queue. Destinations are identified by either a fleet ARN or a fleet alias ARN, and are listed in order of placement preference.", - "title": "Destinations", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "AccessPointTags", "type": "array" }, - "FilterConfiguration": { - "$ref": "#/definitions/AWS::GameLift::GameSessionQueue.FilterConfiguration", - "markdownDescription": "A list of locations where a queue is allowed to place new game sessions. Locations are specified in the form of AWS Region codes, such as `us-west-2` . If this parameter is not set, game sessions can be placed in any queue location.", - "title": "FilterConfiguration" - }, - "Name": { - "markdownDescription": "A descriptive label that is associated with game session queue. Queue names must be unique within each Region.", - "title": "Name", + "ClientToken": { + "markdownDescription": "The opaque string specified in the request to ensure idempotent creation.", + "title": "ClientToken", "type": "string" }, - "NotificationTarget": { - "markdownDescription": "An SNS topic ARN that is set up to receive game session placement notifications. See [Setting up notifications for game session placement](https://docs.aws.amazon.com/gamelift/latest/developerguide/queue-notification.html) .", - "title": "NotificationTarget", + "FileSystemId": { + "markdownDescription": "The ID of the EFS file system that the access point applies to. Accepts only the ID format for input when specifying a file system, for example `fs-0123456789abcedf2` .", + "title": "FileSystemId", "type": "string" }, - "PlayerLatencyPolicies": { - "items": { - "$ref": "#/definitions/AWS::GameLift::GameSessionQueue.PlayerLatencyPolicy" - }, - "markdownDescription": "A set of policies that enforce a sliding cap on player latency when processing game sessions placement requests. Use multiple policies to gradually relax the cap over time if Amazon GameLift Servers can't make a placement. Policies are evaluated in order starting with the lowest maximum latency value.", - "title": "PlayerLatencyPolicies", - "type": "array" - }, - "PriorityConfiguration": { - "$ref": "#/definitions/AWS::GameLift::GameSessionQueue.PriorityConfiguration", - "markdownDescription": "Custom settings to use when prioritizing destinations and locations for game session placements. This configuration replaces the FleetIQ default prioritization process. Priority types that are not explicitly named will be automatically applied at the end of the prioritization process.", - "title": "PriorityConfiguration" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of labels to assign to the new game session queue resource. Tags are developer-defined key-value pairs. Tagging AWS resources are useful for resource management, access management and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference* . Once the resource is created, you can use TagResource, UntagResource, and ListTagsForResource to add, remove, and view tags. The maximum tag limit may be lower than stated. See the AWS General Reference for actual tagging limits.", - "title": "Tags", - "type": "array" + "PosixUser": { + "$ref": "#/definitions/AWS::EFS::AccessPoint.PosixUser", + "markdownDescription": "The full POSIX identity, including the user ID, group ID, and secondary group IDs on the access point that is used for all file operations by NFS clients using the access point.", + "title": "PosixUser" }, - "TimeoutInSeconds": { - "markdownDescription": "The maximum time, in seconds, that a new game session placement request remains in the queue. When a request exceeds this time, the game session placement changes to a `TIMED_OUT` status. If you don't specify a request timeout, the queue uses a default value.", - "title": "TimeoutInSeconds", - "type": "number" + "RootDirectory": { + "$ref": "#/definitions/AWS::EFS::AccessPoint.RootDirectory", + "markdownDescription": "The directory on the EFS file system that the access point exposes as the root directory to NFS clients using the access point.", + "title": "RootDirectory" } }, "required": [ - "Name" + "FileSystemId" ], "type": "object" }, "Type": { "enum": [ - "AWS::GameLift::GameSessionQueue" + "AWS::EFS::AccessPoint" ], "type": "string" }, @@ -103957,70 +107141,93 @@ ], "type": "object" }, - "AWS::GameLift::GameSessionQueue.FilterConfiguration": { + "AWS::EFS::AccessPoint.AccessPointTag": { "additionalProperties": false, "properties": { - "AllowedLocations": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of locations to allow game session placement in, in the form of AWS Region codes such as `us-west-2` .", - "title": "AllowedLocations", - "type": "array" + "Key": { + "markdownDescription": "The tag key (String). The key can't start with `aws:` .", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the tag key.", + "title": "Value", + "type": "string" } }, "type": "object" }, - "AWS::GameLift::GameSessionQueue.GameSessionQueueDestination": { + "AWS::EFS::AccessPoint.CreationInfo": { "additionalProperties": false, "properties": { - "DestinationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) that is assigned to fleet or fleet alias. ARNs, which include a fleet ID or alias ID and a Region name, provide a unique identifier across all Regions.", - "title": "DestinationArn", + "OwnerGid": { + "markdownDescription": "Specifies the POSIX group ID to apply to the `RootDirectory` . Accepts values from 0 to 2^32 (4294967295).", + "title": "OwnerGid", + "type": "string" + }, + "OwnerUid": { + "markdownDescription": "Specifies the POSIX user ID to apply to the `RootDirectory` . Accepts values from 0 to 2^32 (4294967295).", + "title": "OwnerUid", + "type": "string" + }, + "Permissions": { + "markdownDescription": "Specifies the POSIX permissions to apply to the `RootDirectory` , in the format of an octal number representing the file's mode bits.", + "title": "Permissions", "type": "string" } }, + "required": [ + "OwnerGid", + "OwnerUid", + "Permissions" + ], "type": "object" }, - "AWS::GameLift::GameSessionQueue.PlayerLatencyPolicy": { + "AWS::EFS::AccessPoint.PosixUser": { "additionalProperties": false, "properties": { - "MaximumIndividualPlayerLatencyMilliseconds": { - "markdownDescription": "The maximum latency value that is allowed for any player, in milliseconds. All policies must have a value set for this property.", - "title": "MaximumIndividualPlayerLatencyMilliseconds", - "type": "number" + "Gid": { + "markdownDescription": "The POSIX group ID used for all file system operations using this access point.", + "title": "Gid", + "type": "string" }, - "PolicyDurationSeconds": { - "markdownDescription": "The length of time, in seconds, that the policy is enforced while placing a new game session. A null value for this property means that the policy is enforced until the queue times out.", - "title": "PolicyDurationSeconds", - "type": "number" + "SecondaryGids": { + "items": { + "type": "string" + }, + "markdownDescription": "Secondary POSIX group IDs used for all file system operations using this access point.", + "title": "SecondaryGids", + "type": "array" + }, + "Uid": { + "markdownDescription": "The POSIX user ID used for all file system operations using this access point.", + "title": "Uid", + "type": "string" } }, + "required": [ + "Gid", + "Uid" + ], "type": "object" }, - "AWS::GameLift::GameSessionQueue.PriorityConfiguration": { + "AWS::EFS::AccessPoint.RootDirectory": { "additionalProperties": false, "properties": { - "LocationOrder": { - "items": { - "type": "string" - }, - "markdownDescription": "The prioritization order to use for fleet locations, when the `PriorityOrder` property includes `LOCATION` . Locations can include AWS Region codes (such as `us-west-2` ), local zones, and custom locations (for Anywhere fleets). Each location must be listed only once. For details, see [Amazon GameLift Servers service locations.](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-regions.html)", - "title": "LocationOrder", - "type": "array" + "CreationInfo": { + "$ref": "#/definitions/AWS::EFS::AccessPoint.CreationInfo", + "markdownDescription": "(Optional) Specifies the POSIX IDs and permissions to apply to the access point's `RootDirectory` . If the `RootDirectory` > `Path` specified does not exist, EFS creates the root directory using the `CreationInfo` settings when a client connects to an access point. When specifying the `CreationInfo` , you must provide values for all properties.\n\n> If you do not provide `CreationInfo` and the specified `RootDirectory` > `Path` does not exist, attempts to mount the file system using the access point will fail.", + "title": "CreationInfo" }, - "PriorityOrder": { - "items": { - "type": "string" - }, - "markdownDescription": "A custom sequence to use when prioritizing where to place new game sessions. Each priority type is listed once.\n\n- `LATENCY` -- Amazon GameLift Servers prioritizes locations where the average player latency is lowest. Player latency data is provided in each game session placement request.\n- `COST` -- Amazon GameLift Servers prioritizes queue destinations with the lowest current hosting costs. Cost is evaluated based on the destination's location, instance type, and fleet type (Spot or On-Demand).\n- `DESTINATION` -- Amazon GameLift Servers prioritizes based on the list order of destinations in the queue configuration.\n- `LOCATION` -- Amazon GameLift Servers prioritizes based on the provided order of locations, as defined in `LocationOrder` .", - "title": "PriorityOrder", - "type": "array" + "Path": { + "markdownDescription": "Specifies the path on the EFS file system to expose as the root directory to NFS clients using the access point to access the EFS file system. A path can have up to four subdirectories. If the specified path does not exist, you are required to provide the `CreationInfo` .", + "title": "Path", + "type": "string" } }, "type": "object" }, - "AWS::GameLift::Location": { + "AWS::EFS::FileSystem": { "additionalProperties": false, "properties": { "Condition": { @@ -104055,187 +107262,83 @@ "Properties": { "additionalProperties": false, "properties": { - "LocationName": { - "markdownDescription": "A descriptive name for the custom location.", - "title": "LocationName", + "AvailabilityZoneName": { + "markdownDescription": "For One Zone file systems, specify the AWS Availability Zone in which to create the file system. Use the format `us-east-1a` to specify the Availability Zone. For more information about One Zone file systems, see [EFS file system types](https://docs.aws.amazon.com/efs/latest/ug/availability-durability.html#file-system-type) in the *Amazon EFS User Guide* .\n\n> One Zone file systems are not available in all Availability Zones in AWS Regions where Amazon EFS is available.", + "title": "AvailabilityZoneName", "type": "string" }, - "Tags": { + "BackupPolicy": { + "$ref": "#/definitions/AWS::EFS::FileSystem.BackupPolicy", + "markdownDescription": "Use the `BackupPolicy` to turn automatic backups on or off for the file system.", + "title": "BackupPolicy" + }, + "BypassPolicyLockoutSafetyCheck": { + "markdownDescription": "(Optional) A boolean that specifies whether or not to bypass the `FileSystemPolicy` lockout safety check. The lockout safety check determines whether the policy in the request will lock out, or prevent, the IAM principal that is making the request from making future `PutFileSystemPolicy` requests on this file system. Set `BypassPolicyLockoutSafetyCheck` to `True` only when you intend to prevent the IAM principal that is making the request from making subsequent `PutFileSystemPolicy` requests on this file system. The default value is `False` .", + "title": "BypassPolicyLockoutSafetyCheck", + "type": "boolean" + }, + "Encrypted": { + "markdownDescription": "A Boolean value that, if true, creates an encrypted file system. When creating an encrypted file system, you have the option of specifying a KmsKeyId for an existing AWS KMS key . If you don't specify a KMS key , then the default KMS key for Amazon EFS , `/aws/elasticfilesystem` , is used to protect the encrypted file system.", + "title": "Encrypted", + "type": "boolean" + }, + "FileSystemPolicy": { + "markdownDescription": "The `FileSystemPolicy` for the EFS file system. A file system policy is an IAM resource policy used to control NFS access to an EFS file system. For more information, see [Using IAM to control NFS access to Amazon EFS](https://docs.aws.amazon.com/efs/latest/ug/iam-access-control-nfs-efs.html) in the *Amazon EFS User Guide* .", + "title": "FileSystemPolicy", + "type": "object" + }, + "FileSystemProtection": { + "$ref": "#/definitions/AWS::EFS::FileSystem.FileSystemProtection", + "markdownDescription": "Describes the protection on the file system.", + "title": "FileSystemProtection" + }, + "FileSystemTags": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::EFS::FileSystem.ElasticFileSystemTag" }, - "markdownDescription": "A list of labels to assign to the new resource. Tags are developer-defined key-value pairs. Tagging AWS resources are useful for resource management, access management, and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Rareference* .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "LocationName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::GameLift::Location" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::GameLift::MatchmakingConfiguration": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AcceptanceRequired": { - "markdownDescription": "A flag that determines whether a match that was created with this configuration must be accepted by the matched players. To require acceptance, set to `TRUE` . With this option enabled, matchmaking tickets use the status `REQUIRES_ACCEPTANCE` to indicate when a completed potential match is waiting for player acceptance.", - "title": "AcceptanceRequired", - "type": "boolean" - }, - "AcceptanceTimeoutSeconds": { - "markdownDescription": "The length of time (in seconds) to wait for players to accept a proposed match, if acceptance is required.", - "title": "AcceptanceTimeoutSeconds", - "type": "number" - }, - "AdditionalPlayerCount": { - "markdownDescription": "The number of player slots in a match to keep open for future players. For example, if the configuration's rule set specifies a match for a single 12-person team, and the additional player count is set to 2, only 10 players are selected for the match. This parameter is not used if `FlexMatchMode` is set to `STANDALONE` .", - "title": "AdditionalPlayerCount", - "type": "number" - }, - "BackfillMode": { - "markdownDescription": "The method used to backfill game sessions that are created with this matchmaking configuration. Specify `MANUAL` when your game manages backfill requests manually or does not use the match backfill feature. Specify `AUTOMATIC` to have GameLift create a `StartMatchBackfill` request whenever a game session has one or more open slots. Learn more about manual and automatic backfill in [Backfill Existing Games with FlexMatch](https://docs.aws.amazon.com/gamelift/latest/flexmatchguide/match-backfill.html) . Automatic backfill is not available when `FlexMatchMode` is set to `STANDALONE` .", - "title": "BackfillMode", - "type": "string" - }, - "CreationTime": { - "markdownDescription": "A time stamp indicating when this data object was created. Format is a number expressed in Unix time as milliseconds (for example `\"1469498468.057\"` ).", - "title": "CreationTime", - "type": "string" - }, - "CustomEventData": { - "markdownDescription": "Information to add to all events related to the matchmaking configuration.", - "title": "CustomEventData", - "type": "string" - }, - "Description": { - "markdownDescription": "A description for the matchmaking configuration.", - "title": "Description", - "type": "string" - }, - "FlexMatchMode": { - "markdownDescription": "Indicates whether this matchmaking configuration is being used with Amazon GameLift Servers hosting or as a standalone matchmaking solution.\n\n- *STANDALONE* - FlexMatch forms matches and returns match information, including players and team assignments, in a [MatchmakingSucceeded](https://docs.aws.amazon.com/gamelift/latest/flexmatchguide/match-events.html#match-events-matchmakingsucceeded) event.\n- *WITH_QUEUE* - FlexMatch forms matches and uses the specified Amazon GameLift Servers queue to start a game session for the match.", - "title": "FlexMatchMode", - "type": "string" - }, - "GameProperties": { - "items": { - "$ref": "#/definitions/AWS::GameLift::MatchmakingConfiguration.GameProperty" - }, - "markdownDescription": "A set of custom properties for a game session, formatted as key-value pairs. These properties are passed to a game server process with a request to start a new game session. See [Start a Game Session](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-sdk-server-api.html#gamelift-sdk-server-startsession) . This parameter is not used if `FlexMatchMode` is set to `STANDALONE` .", - "title": "GameProperties", + "markdownDescription": "Use to create one or more tags associated with the file system. Each tag is a user-defined key-value pair. Name your file system on creation by including a `\"Key\":\"Name\",\"Value\":\"{value}\"` key-value pair. Each key must be unique. For more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference Guide* .", + "title": "FileSystemTags", "type": "array" }, - "GameSessionData": { - "markdownDescription": "A set of custom game session properties, formatted as a single string value. This data is passed to a game server process with a request to start a new game session. See [Start a Game Session](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-sdk-server-api.html#gamelift-sdk-server-startsession) . This parameter is not used if `FlexMatchMode` is set to `STANDALONE` .", - "title": "GameSessionData", + "KmsKeyId": { + "markdownDescription": "The ID of the AWS KMS key to be used to protect the encrypted file system. This parameter is only required if you want to use a nondefault KMS key . If this parameter is not specified, the default KMS key for Amazon EFS is used. This ID can be in one of the following formats:\n\n- Key ID - A unique identifier of the key, for example `1234abcd-12ab-34cd-56ef-1234567890ab` .\n- ARN - An Amazon Resource Name (ARN) for the key, for example `arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab` .\n- Key alias - A previously created display name for a key, for example `alias/projectKey1` .\n- Key alias ARN - An ARN for a key alias, for example `arn:aws:kms:us-west-2:444455556666:alias/projectKey1` .\n\nIf `KmsKeyId` is specified, the `Encrypted` parameter must be set to true.", + "title": "KmsKeyId", "type": "string" }, - "GameSessionQueueArns": { + "LifecyclePolicies": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EFS::FileSystem.LifecyclePolicy" }, - "markdownDescription": "The Amazon Resource Name ( [ARN](https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-arn-format.html) ) that is assigned to a Amazon GameLift Servers game session queue resource and uniquely identifies it. ARNs are unique across all Regions. Format is `arn:aws:gamelift:::gamesessionqueue/` . Queues can be located in any Region. Queues are used to start new Amazon GameLift Servers-hosted game sessions for matches that are created with this matchmaking configuration. If `FlexMatchMode` is set to `STANDALONE` , do not set this parameter.", - "title": "GameSessionQueueArns", + "markdownDescription": "An array of `LifecyclePolicy` objects that define the file system's `LifecycleConfiguration` object. A `LifecycleConfiguration` object informs Lifecycle management of the following:\n\n- When to move files in the file system from primary storage to IA storage.\n- When to move files in the file system from primary storage or IA storage to Archive storage.\n- When to move files that are in IA or Archive storage to primary storage.\n\n> Amazon EFS requires that each `LifecyclePolicy` object have only a single transition. This means that in a request body, `LifecyclePolicies` needs to be structured as an array of `LifecyclePolicy` objects, one object for each transition, `TransitionToIA` , `TransitionToArchive` `TransitionToPrimaryStorageClass` . See the example requests in the following section for more information.", + "title": "LifecyclePolicies", "type": "array" }, - "Name": { - "markdownDescription": "A unique identifier for the matchmaking configuration. This name is used to identify the configuration associated with a matchmaking request or ticket.", - "title": "Name", - "type": "string" - }, - "NotificationTarget": { - "markdownDescription": "An SNS topic ARN that is set up to receive matchmaking notifications. See [Setting up notifications for matchmaking](https://docs.aws.amazon.com/gamelift/latest/flexmatchguide/match-notification.html) for more information.", - "title": "NotificationTarget", + "PerformanceMode": { + "markdownDescription": "The performance mode of the file system. We recommend `generalPurpose` performance mode for all file systems. File systems using the `maxIO` performance mode can scale to higher levels of aggregate throughput and operations per second with a tradeoff of slightly higher latencies for most file operations. The performance mode can't be changed after the file system has been created. The `maxIO` mode is not supported on One Zone file systems.\n\n> Due to the higher per-operation latencies with Max I/O, we recommend using General Purpose performance mode for all file systems. \n\nDefault is `generalPurpose` .", + "title": "PerformanceMode", "type": "string" }, - "RequestTimeoutSeconds": { - "markdownDescription": "The maximum duration, in seconds, that a matchmaking ticket can remain in process before timing out. Requests that fail due to timing out can be resubmitted as needed.", - "title": "RequestTimeoutSeconds", + "ProvisionedThroughputInMibps": { + "markdownDescription": "The throughput, measured in mebibytes per second (MiBps), that you want to provision for a file system that you're creating. Required if `ThroughputMode` is set to `provisioned` . Valid values are 1-3414 MiBps, with the upper limit depending on Region. To increase this limit, contact Support . For more information, see [Amazon EFS quotas that you can increase](https://docs.aws.amazon.com/efs/latest/ug/limits.html#soft-limits) in the *Amazon EFS User Guide* .", + "title": "ProvisionedThroughputInMibps", "type": "number" }, - "RuleSetArn": { - "markdownDescription": "The Amazon Resource Name ( [ARN](https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-arn-format.html) ) associated with the GameLift matchmaking rule set resource that this configuration uses.", - "title": "RuleSetArn", - "type": "string" + "ReplicationConfiguration": { + "$ref": "#/definitions/AWS::EFS::FileSystem.ReplicationConfiguration", + "markdownDescription": "Describes the replication configuration for a specific file system.", + "title": "ReplicationConfiguration" }, - "RuleSetName": { - "markdownDescription": "A unique identifier for the matchmaking rule set to use with this configuration. You can use either the rule set name or ARN value. A matchmaking configuration can only use rule sets that are defined in the same Region.", - "title": "RuleSetName", + "ThroughputMode": { + "markdownDescription": "Specifies the throughput mode for the file system. The mode can be `bursting` , `provisioned` , or `elastic` . If you set `ThroughputMode` to `provisioned` , you must also set a value for `ProvisionedThroughputInMibps` . After you create the file system, you can decrease your file system's Provisioned throughput or change between the throughput modes, with certain time restrictions. For more information, see [Specifying throughput with provisioned mode](https://docs.aws.amazon.com/efs/latest/ug/performance.html#provisioned-throughput) in the *Amazon EFS User Guide* .\n\nDefault is `bursting` .", + "title": "ThroughputMode", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of labels to assign to the new matchmaking configuration resource. Tags are developer-defined key-value pairs. Tagging AWS resources are useful for resource management, access management and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference* . Once the resource is created, you can use TagResource, UntagResource, and ListTagsForResource to add, remove, and view tags. The maximum tag limit may be lower than stated. See the AWS General Reference for actual tagging limits.", - "title": "Tags", - "type": "array" } }, - "required": [ - "AcceptanceRequired", - "Name", - "RequestTimeoutSeconds", - "RuleSetName" - ], "type": "object" }, "Type": { "enum": [ - "AWS::GameLift::MatchmakingConfiguration" + "AWS::EFS::FileSystem" ], "type": "string" }, @@ -104249,21 +107352,34 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::GameLift::MatchmakingConfiguration.GameProperty": { + "AWS::EFS::FileSystem.BackupPolicy": { + "additionalProperties": false, + "properties": { + "Status": { + "markdownDescription": "Set the backup policy status for the file system.\n\n- *`ENABLED`* - Turns automatic backups on for the file system.\n- *`DISABLED`* - Turns automatic backups off for the file system.", + "title": "Status", + "type": "string" + } + }, + "required": [ + "Status" + ], + "type": "object" + }, + "AWS::EFS::FileSystem.ElasticFileSystemTag": { "additionalProperties": false, "properties": { "Key": { - "markdownDescription": "The game property identifier.", + "markdownDescription": "The tag key (String). The key can't start with `aws:` .", "title": "Key", "type": "string" }, "Value": { - "markdownDescription": "The game property value.", + "markdownDescription": "The value of the tag key.", "title": "Value", "type": "string" } @@ -104274,7 +107390,94 @@ ], "type": "object" }, - "AWS::GameLift::MatchmakingRuleSet": { + "AWS::EFS::FileSystem.FileSystemProtection": { + "additionalProperties": false, + "properties": { + "ReplicationOverwriteProtection": { + "markdownDescription": "The status of the file system's replication overwrite protection.\n\n- `ENABLED` \u2013 The file system cannot be used as the destination file system in a replication configuration. The file system is writeable. Replication overwrite protection is `ENABLED` by default.\n- `DISABLED` \u2013 The file system can be used as the destination file system in a replication configuration. The file system is read-only and can only be modified by EFS replication.\n- `REPLICATING` \u2013 The file system is being used as the destination file system in a replication configuration. The file system is read-only and is modified only by EFS replication.\n\nIf the replication configuration is deleted, the file system's replication overwrite protection is re-enabled, the file system becomes writeable.", + "title": "ReplicationOverwriteProtection", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EFS::FileSystem.LifecyclePolicy": { + "additionalProperties": false, + "properties": { + "TransitionToArchive": { + "markdownDescription": "The number of days after files were last accessed in primary storage (the Standard storage class) at which to move them to Archive storage. Metadata operations such as listing the contents of a directory don't count as file access events.", + "title": "TransitionToArchive", + "type": "string" + }, + "TransitionToIA": { + "markdownDescription": "The number of days after files were last accessed in primary storage (the Standard storage class) at which to move them to Infrequent Access (IA) storage. Metadata operations such as listing the contents of a directory don't count as file access events.", + "title": "TransitionToIA", + "type": "string" + }, + "TransitionToPrimaryStorageClass": { + "markdownDescription": "Whether to move files back to primary (Standard) storage after they are accessed in IA or Archive storage. Metadata operations such as listing the contents of a directory don't count as file access events.", + "title": "TransitionToPrimaryStorageClass", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EFS::FileSystem.ReplicationConfiguration": { + "additionalProperties": false, + "properties": { + "Destinations": { + "items": { + "$ref": "#/definitions/AWS::EFS::FileSystem.ReplicationDestination" + }, + "markdownDescription": "An array of destination objects. Only one destination object is supported.", + "title": "Destinations", + "type": "array" + } + }, + "type": "object" + }, + "AWS::EFS::FileSystem.ReplicationDestination": { + "additionalProperties": false, + "properties": { + "AvailabilityZoneName": { + "markdownDescription": "For One Zone file systems, the replication configuration must specify the Availability Zone in which the destination file system is located.\n\nUse the format `us-east-1a` to specify the Availability Zone. For more information about One Zone file systems, see [EFS file system types](https://docs.aws.amazon.com/efs/latest/ug/storage-classes.html) in the *Amazon EFS User Guide* .\n\n> One Zone file system type is not available in all Availability Zones in AWS Regions where Amazon EFS is available.", + "title": "AvailabilityZoneName", + "type": "string" + }, + "FileSystemId": { + "markdownDescription": "The ID of the destination Amazon EFS file system.", + "title": "FileSystemId", + "type": "string" + }, + "KmsKeyId": { + "markdownDescription": "The ID of an AWS KMS key used to protect the encrypted file system.", + "title": "KmsKeyId", + "type": "string" + }, + "Region": { + "markdownDescription": "The AWS Region in which the destination file system is located.\n\n> For One Zone file systems, the replication configuration must specify the AWS Region in which the destination file system is located.", + "title": "Region", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the current source file system in the replication configuration.", + "title": "RoleArn", + "type": "string" + }, + "Status": { + "markdownDescription": "Describes the status of the replication configuration. For more information about replication status, see [Viewing replication details](https://docs.aws.amazon.com//efs/latest/ug/awsbackup.html#restoring-backup-efsmonitoring-replication-status.html) in the *Amazon EFS User Guide* .", + "title": "Status", + "type": "string" + }, + "StatusMessage": { + "markdownDescription": "Message that provides details about the `PAUSED` or `ERRROR` state of the replication destination configuration. For more information about replication status messages, see [Viewing replication details](https://docs.aws.amazon.com//efs/latest/ug/awsbackup.html#restoring-backup-efsmonitoring-replication-status.html) in the *Amazon EFS User Guide* .", + "title": "StatusMessage", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EFS::MountTarget": { "additionalProperties": false, "properties": { "Condition": { @@ -104309,34 +107512,50 @@ "Properties": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "A unique identifier for the matchmaking rule set. A matchmaking configuration identifies the rule set it uses by this name value. Note that the rule set name is different from the optional `name` field in the rule set body.", - "title": "Name", + "FileSystemId": { + "markdownDescription": "The ID of the file system for which to create the mount target.", + "title": "FileSystemId", "type": "string" }, - "RuleSetBody": { - "markdownDescription": "A collection of matchmaking rules, formatted as a JSON string. Comments are not allowed in JSON, but most elements support a description field.", - "title": "RuleSetBody", + "IpAddress": { + "markdownDescription": "If the `IpAddressType` for the mount target is IPv4 ( `IPV4_ONLY` or `DUAL_STACK` ), then specify the IPv4 address to use. If you do not specify an `IpAddress` , then Amazon EFS selects an unused IP address from the subnet specified for `SubnetId` .", + "title": "IpAddress", "type": "string" }, - "Tags": { + "IpAddressType": { + "markdownDescription": "The IP address type for the mount target. The possible values are `IPV4_ONLY` (only IPv4 addresses), `IPV6_ONLY` (only IPv6 addresses), and `DUAL_STACK` (dual-stack, both IPv4 and IPv6 addresses). If you don\u2019t specify an `IpAddressType` , then `IPV4_ONLY` is used.\n\n> The `IPAddressType` must match the IP type of the subnet. Additionally, the `IPAddressType` parameter overrides the value set as the default IP address for the subnet in the VPC. For example, if the `IPAddressType` is `IPV4_ONLY` and `AssignIpv6AddressOnCreation` is `true` , then IPv4 is used for the mount target. For more information, see [Modify the IP addressing attributes of your subnet](https://docs.aws.amazon.com/vpc/latest/userguide/subnet-public-ip.html) .", + "title": "IpAddressType", + "type": "string" + }, + "Ipv6Address": { + "markdownDescription": "If the `IPAddressType` for the mount target is IPv6 ( `IPV6_ONLY` or `DUAL_STACK` ), then specify the IPv6 address to use. If you do not specify an `Ipv6Address` , then Amazon EFS selects an unused IP address from the subnet specified for `SubnetId` .", + "title": "Ipv6Address", + "type": "string" + }, + "SecurityGroups": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "A list of labels to assign to the new matchmaking rule set resource. Tags are developer-defined key-value pairs. Tagging AWS resources are useful for resource management, access management and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference* . Once the resource is created, you can use TagResource, UntagResource, and ListTagsForResource to add, remove, and view tags. The maximum tag limit may be lower than stated. See the AWS General Reference for actual tagging limits.", - "title": "Tags", + "markdownDescription": "VPC security group IDs, of the form `sg-xxxxxxxx` . These must be for the same VPC as the subnet specified. The maximum number of security groups depends on account quota. For more information, see [Amazon VPC Quotas](https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html) in the *Amazon VPC User Guide* (see the *Security Groups* table). If you don't specify a security group, then Amazon EFS uses the default security group for the subnet's VPC.", + "title": "SecurityGroups", "type": "array" + }, + "SubnetId": { + "markdownDescription": "The ID of the subnet to add the mount target in. For One Zone file systems, use the subnet that is associated with the file system's Availability Zone. The subnet type must be the same type as the `IpAddressType` .", + "title": "SubnetId", + "type": "string" } }, "required": [ - "Name", - "RuleSetBody" + "FileSystemId", + "SecurityGroups", + "SubnetId" ], "type": "object" }, "Type": { "enum": [ - "AWS::GameLift::MatchmakingRuleSet" + "AWS::EFS::MountTarget" ], "type": "string" }, @@ -104355,7 +107574,7 @@ ], "type": "object" }, - "AWS::GameLift::Script": { + "AWS::EKS::AccessEntry": { "additionalProperties": false, "properties": { "Condition": { @@ -104390,38 +107609,60 @@ "Properties": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "A descriptive label that is associated with a script. Script names do not need to be unique.", - "title": "Name", + "AccessPolicies": { + "items": { + "$ref": "#/definitions/AWS::EKS::AccessEntry.AccessPolicy" + }, + "markdownDescription": "The access policies to associate to the access entry.", + "title": "AccessPolicies", + "type": "array" + }, + "ClusterName": { + "markdownDescription": "The name of your cluster.", + "title": "ClusterName", "type": "string" }, - "StorageLocation": { - "$ref": "#/definitions/AWS::GameLift::Script.S3Location", - "markdownDescription": "The location of the Amazon S3 bucket where a zipped file containing your Realtime scripts is stored. The storage location must specify the Amazon S3 bucket name, the zip file name (the \"key\"), and a role ARN that allows Amazon GameLift Servers to access the Amazon S3 storage location. The S3 bucket must be in the same Region where you want to create a new script. By default, Amazon GameLift Servers uploads the latest version of the zip file; if you have S3 object versioning turned on, you can use the `ObjectVersion` parameter to specify an earlier version.", - "title": "StorageLocation" + "KubernetesGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The value for `name` that you've specified for `kind: Group` as a `subject` in a Kubernetes `RoleBinding` or `ClusterRoleBinding` object. Amazon EKS doesn't confirm that the value for `name` exists in any bindings on your cluster. You can specify one or more names.\n\nKubernetes authorizes the `principalArn` of the access entry to access any cluster objects that you've specified in a Kubernetes `Role` or `ClusterRole` object that is also specified in a binding's `roleRef` . For more information about creating Kubernetes `RoleBinding` , `ClusterRoleBinding` , `Role` , or `ClusterRole` objects, see [Using RBAC Authorization in the Kubernetes documentation](https://docs.aws.amazon.com/https://kubernetes.io/docs/reference/access-authn-authz/rbac/) .\n\nIf you want Amazon EKS to authorize the `principalArn` (instead of, or in addition to Kubernetes authorizing the `principalArn` ), you can associate one or more access policies to the access entry using `AssociateAccessPolicy` . If you associate any access policies, the `principalARN` has all permissions assigned in the associated access policies and all permissions in any Kubernetes `Role` or `ClusterRole` objects that the group names are bound to.", + "title": "KubernetesGroups", + "type": "array" + }, + "PrincipalArn": { + "markdownDescription": "The ARN of the IAM principal for the `AccessEntry` . You can specify one ARN for each access entry. You can't specify the same ARN in more than one access entry. This value can't be changed after access entry creation.\n\nThe valid principals differ depending on the type of the access entry in the `type` field. For `STANDARD` access entries, you can use every IAM principal type. For nodes ( `EC2` (for EKS Auto Mode), `EC2_LINUX` , `EC2_WINDOWS` , `FARGATE_LINUX` , and `HYBRID_LINUX` ), the only valid ARN is IAM roles. You can't use the STS session principal type with access entries because this is a temporary principal for each session and not a permanent identity that can be assigned permissions.\n\n[IAM best practices](https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#bp-users-federation-idp) recommend using IAM roles with temporary credentials, rather than IAM users with long-term credentials.", + "title": "PrincipalArn", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of labels to assign to the new script resource. Tags are developer-defined key-value pairs. Tagging AWS resources are useful for resource management, access management and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference* . Once the resource is created, you can use TagResource, UntagResource, and ListTagsForResource to add, remove, and view tags. The maximum tag limit may be lower than stated. See the AWS General Reference for actual tagging limits.", + "markdownDescription": "Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or AWS resources.", "title": "Tags", "type": "array" }, - "Version": { - "markdownDescription": "The version that is associated with a build or script. Version strings do not need to be unique.", - "title": "Version", + "Type": { + "markdownDescription": "The type of the new access entry. Valid values are `STANDARD` , `FARGATE_LINUX` , `EC2_LINUX` , `EC2_WINDOWS` , `EC2` (for EKS Auto Mode), `HYBRID_LINUX` , and `HYPERPOD_LINUX` .\n\nIf the `principalArn` is for an IAM role that's used for self-managed Amazon EC2 nodes, specify `EC2_LINUX` or `EC2_WINDOWS` . Amazon EKS grants the necessary permissions to the node for you. If the `principalArn` is for any other purpose, specify `STANDARD` . If you don't specify a value, Amazon EKS sets the value to `STANDARD` . If you have the access mode of the cluster set to `API_AND_CONFIG_MAP` , it's unnecessary to create access entries for IAM roles used with Fargate profiles or managed Amazon EC2 nodes, because Amazon EKS creates entries in the `aws-auth` `ConfigMap` for the roles. You can't change this value once you've created the access entry.\n\nIf you set the value to `EC2_LINUX` or `EC2_WINDOWS` , you can't specify values for `kubernetesGroups` , or associate an `AccessPolicy` to the access entry.", + "title": "Type", + "type": "string" + }, + "Username": { + "markdownDescription": "The username to authenticate to Kubernetes with. We recommend not specifying a username and letting Amazon EKS specify it for you. For more information about the value Amazon EKS specifies for you, or constraints before specifying your own username, see [Creating access entries](https://docs.aws.amazon.com/eks/latest/userguide/access-entries.html#creating-access-entries) in the *Amazon EKS User Guide* .", + "title": "Username", "type": "string" } }, "required": [ - "StorageLocation" + "ClusterName", + "PrincipalArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::GameLift::Script" + "AWS::EKS::AccessEntry" ], "type": "string" }, @@ -104440,38 +107681,49 @@ ], "type": "object" }, - "AWS::GameLift::Script.S3Location": { + "AWS::EKS::AccessEntry.AccessPolicy": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "An Amazon S3 bucket identifier. Thename of the S3 bucket.\n\n> Amazon GameLift Servers doesn't support uploading from Amazon S3 buckets with names that contain a dot (.).", - "title": "Bucket", - "type": "string" - }, - "Key": { - "markdownDescription": "The name of the zip file that contains the build files or script files.", - "title": "Key", - "type": "string" + "AccessScope": { + "$ref": "#/definitions/AWS::EKS::AccessEntry.AccessScope", + "markdownDescription": "The scope of an `AccessPolicy` that's associated to an `AccessEntry` .", + "title": "AccessScope" }, - "ObjectVersion": { - "markdownDescription": "The version of the file, if object versioning is turned on for the bucket. Amazon GameLift Servers uses this information when retrieving files from an S3 bucket that you own. Use this parameter to specify a specific version of the file. If not set, the latest version of the file is retrieved.", - "title": "ObjectVersion", + "PolicyArn": { + "markdownDescription": "The ARN of the access policy.", + "title": "PolicyArn", "type": "string" + } + }, + "required": [ + "AccessScope", + "PolicyArn" + ], + "type": "object" + }, + "AWS::EKS::AccessEntry.AccessScope": { + "additionalProperties": false, + "properties": { + "Namespaces": { + "items": { + "type": "string" + }, + "markdownDescription": "A Kubernetes `namespace` that an access policy is scoped to. A value is required if you specified `namespace` for `Type` .", + "title": "Namespaces", + "type": "array" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name ( [ARN](https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-arn-format.html) ) for an IAM role that allows Amazon GameLift Servers to access the S3 bucket.", - "title": "RoleArn", + "Type": { + "markdownDescription": "The scope type of an access policy.", + "title": "Type", "type": "string" } }, "required": [ - "Bucket", - "Key", - "RoleArn" + "Type" ], "type": "object" }, - "AWS::GlobalAccelerator::Accelerator": { + "AWS::EKS::Addon": { "additionalProperties": false, "properties": { "Condition": { @@ -104506,46 +107758,67 @@ "Properties": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Indicates whether the accelerator is enabled. The value is true or false. The default value is true.\n\nIf the value is set to true, the accelerator cannot be deleted. If set to false, accelerator can be deleted.", - "title": "Enabled", - "type": "boolean" + "AddonName": { + "markdownDescription": "The name of the add-on.", + "title": "AddonName", + "type": "string" }, - "IpAddressType": { - "markdownDescription": "The IP address type that an accelerator supports. For a standard accelerator, the value can be IPV4 or DUAL_STACK.", - "title": "IpAddressType", + "AddonVersion": { + "markdownDescription": "The version of the add-on.", + "title": "AddonVersion", "type": "string" }, - "IpAddresses": { + "ClusterName": { + "markdownDescription": "The name of your cluster.", + "title": "ClusterName", + "type": "string" + }, + "ConfigurationValues": { + "markdownDescription": "The configuration values that you provided.", + "title": "ConfigurationValues", + "type": "string" + }, + "PodIdentityAssociations": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EKS::Addon.PodIdentityAssociation" }, - "markdownDescription": "Optionally, if you've added your own IP address pool to Global Accelerator (BYOIP), you can choose IP addresses from your own pool to use for the accelerator's static IP addresses when you create an accelerator. You can specify one or two addresses, separated by a comma. Do not include the /32 suffix.\n\nOnly one IP address from each of your IP address ranges can be used for each accelerator. If you specify only one IP address from your IP address range, Global Accelerator assigns a second static IP address for the accelerator from the AWS IP address pool.\n\nNote that you can't update IP addresses for an existing accelerator. To change them, you must create a new accelerator with the new addresses.\n\nFor more information, see [Bring Your Own IP Addresses (BYOIP)](https://docs.aws.amazon.com/global-accelerator/latest/dg/using-byoip.html) in the *AWS Global Accelerator Developer Guide* .", - "title": "IpAddresses", + "markdownDescription": "An array of EKS Pod Identity associations owned by the add-on. Each association maps a role to a service account in a namespace in the cluster.\n\nFor more information, see [Attach an IAM Role to an Amazon EKS add-on using EKS Pod Identity](https://docs.aws.amazon.com/eks/latest/userguide/add-ons-iam.html) in the *Amazon EKS User Guide* .", + "title": "PodIdentityAssociations", "type": "array" }, - "Name": { - "markdownDescription": "The name of the accelerator. The name must contain only alphanumeric characters or hyphens (-), and must not begin or end with a hyphen.", - "title": "Name", + "PreserveOnDelete": { + "markdownDescription": "Specifying this option preserves the add-on software on your cluster but Amazon EKS stops managing any settings for the add-on. If an IAM account is associated with the add-on, it isn't removed.", + "title": "PreserveOnDelete", + "type": "boolean" + }, + "ResolveConflicts": { + "markdownDescription": "How to resolve field value conflicts for an Amazon EKS add-on. Conflicts are handled based on the value you choose:\n\n- *None* \u2013 If the self-managed version of the add-on is installed on your cluster, Amazon EKS doesn't change the value. Creation of the add-on might fail.\n- *Overwrite* \u2013 If the self-managed version of the add-on is installed on your cluster and the Amazon EKS default value is different than the existing value, Amazon EKS changes the value to the Amazon EKS default value.\n- *Preserve* \u2013 This is similar to the NONE option. If the self-managed version of the add-on is installed on your cluster Amazon EKS doesn't change the add-on resource properties. Creation of the add-on might fail if conflicts are detected. This option works differently during the update operation. For more information, see [`UpdateAddon`](https://docs.aws.amazon.com/eks/latest/APIReference/API_UpdateAddon.html) .\n\nIf you don't currently have the self-managed version of the add-on installed on your cluster, the Amazon EKS add-on is installed. Amazon EKS sets all values to default values, regardless of the option that you specify.", + "title": "ResolveConflicts", + "type": "string" + }, + "ServiceAccountRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an existing IAM role to bind to the add-on's service account. The role must be assigned the IAM permissions required by the add-on. If you don't specify an existing IAM role, then the add-on uses the permissions assigned to the node IAM role. For more information, see [Amazon EKS node IAM role](https://docs.aws.amazon.com/eks/latest/userguide/create-node-role.html) in the *Amazon EKS User Guide* .\n\n> To specify an existing IAM role, you must have an IAM OpenID Connect (OIDC) provider created for your cluster. For more information, see [Enabling IAM roles for service accounts on your cluster](https://docs.aws.amazon.com/eks/latest/userguide/enable-iam-roles-for-service-accounts.html) in the *Amazon EKS User Guide* .", + "title": "ServiceAccountRoleArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Create tags for an accelerator.\n\nFor more information, see [Tagging](https://docs.aws.amazon.com/global-accelerator/latest/dg/tagging-in-global-accelerator.html) in the *AWS Global Accelerator Developer Guide* .", + "markdownDescription": "The metadata that you apply to the add-on to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Add-on tags do not propagate to any other resources associated with the cluster.", "title": "Tags", "type": "array" } }, "required": [ - "Name" + "AddonName", + "ClusterName" ], "type": "object" }, "Type": { "enum": [ - "AWS::GlobalAccelerator::Accelerator" + "AWS::EKS::Addon" ], "type": "string" }, @@ -104564,7 +107837,27 @@ ], "type": "object" }, - "AWS::GlobalAccelerator::CrossAccountAttachment": { + "AWS::EKS::Addon.PodIdentityAssociation": { + "additionalProperties": false, + "properties": { + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to associate with the service account. The EKS Pod Identity agent manages credentials to assume this role for applications in the containers in the Pods that use this service account.", + "title": "RoleArn", + "type": "string" + }, + "ServiceAccount": { + "markdownDescription": "The name of the Kubernetes service account inside the cluster to associate the IAM credentials with.", + "title": "ServiceAccount", + "type": "string" + } + }, + "required": [ + "RoleArn", + "ServiceAccount" + ], + "type": "object" + }, + "AWS::EKS::Cluster": { "additionalProperties": false, "properties": { "Condition": { @@ -104599,44 +107892,107 @@ "Properties": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the cross-account attachment.", - "title": "Name", - "type": "string" + "AccessConfig": { + "$ref": "#/definitions/AWS::EKS::Cluster.AccessConfig", + "markdownDescription": "The access configuration for the cluster.", + "title": "AccessConfig" }, - "Principals": { - "items": { - "type": "string" - }, - "markdownDescription": "The principals included in the cross-account attachment.", - "title": "Principals", - "type": "array" + "BootstrapSelfManagedAddons": { + "markdownDescription": "If you set this value to `False` when creating a cluster, the default networking add-ons will not be installed.\n\nThe default networking add-ons include `vpc-cni` , `coredns` , and `kube-proxy` .\n\nUse this option when you plan to install third-party alternative add-ons or self-manage the default networking add-ons.", + "title": "BootstrapSelfManagedAddons", + "type": "boolean" }, - "Resources": { + "ComputeConfig": { + "$ref": "#/definitions/AWS::EKS::Cluster.ComputeConfig", + "markdownDescription": "Indicates the current configuration of the compute capability on your EKS Auto Mode cluster. For example, if the capability is enabled or disabled. If the compute capability is enabled, EKS Auto Mode will create and delete EC2 Managed Instances in your AWS account. For more information, see EKS Auto Mode compute capability in the *Amazon EKS User Guide* .", + "title": "ComputeConfig" + }, + "EncryptionConfig": { "items": { - "$ref": "#/definitions/AWS::GlobalAccelerator::CrossAccountAttachment.Resource" + "$ref": "#/definitions/AWS::EKS::Cluster.EncryptionConfig" }, - "markdownDescription": "The resources included in the cross-account attachment.", - "title": "Resources", + "markdownDescription": "The encryption configuration for the cluster.", + "title": "EncryptionConfig", "type": "array" }, + "Force": { + "markdownDescription": "Set this value to `true` to override upgrade-blocking readiness checks when updating a cluster.", + "title": "Force", + "type": "boolean" + }, + "KubernetesNetworkConfig": { + "$ref": "#/definitions/AWS::EKS::Cluster.KubernetesNetworkConfig", + "markdownDescription": "The Kubernetes network configuration for the cluster.", + "title": "KubernetesNetworkConfig" + }, + "Logging": { + "$ref": "#/definitions/AWS::EKS::Cluster.Logging", + "markdownDescription": "The logging configuration for your cluster.", + "title": "Logging" + }, + "Name": { + "markdownDescription": "The unique name to give to your cluster. The name can contain only alphanumeric characters (case-sensitive) and hyphens. It must start with an alphanumeric character and can't be longer than 100 characters. The name must be unique within the AWS Region and AWS account that you're creating the cluster in. Note that underscores can't be used in AWS CloudFormation .", + "title": "Name", + "type": "string" + }, + "OutpostConfig": { + "$ref": "#/definitions/AWS::EKS::Cluster.OutpostConfig", + "markdownDescription": "An object representing the configuration of your local Amazon EKS cluster on an AWS Outpost. This object isn't available for clusters on the AWS cloud.", + "title": "OutpostConfig" + }, + "RemoteNetworkConfig": { + "$ref": "#/definitions/AWS::EKS::Cluster.RemoteNetworkConfig", + "markdownDescription": "The configuration in the cluster for EKS Hybrid Nodes. You can add, change, or remove this configuration after the cluster is created.", + "title": "RemoteNetworkConfig" + }, + "ResourcesVpcConfig": { + "$ref": "#/definitions/AWS::EKS::Cluster.ResourcesVpcConfig", + "markdownDescription": "The VPC configuration that's used by the cluster control plane. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see [Cluster VPC Considerations](https://docs.aws.amazon.com/eks/latest/userguide/network_reqs.html) and [Cluster Security Group Considerations](https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html) in the *Amazon EKS User Guide* . You must specify at least two subnets. You can specify up to five security groups, but we recommend that you use a dedicated security group for your cluster control plane.", + "title": "ResourcesVpcConfig" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf. For more information, see [Amazon EKS Service IAM Role](https://docs.aws.amazon.com/eks/latest/userguide/service_IAM_role.html) in the **Amazon EKS User Guide** .", + "title": "RoleArn", + "type": "string" + }, + "StorageConfig": { + "$ref": "#/definitions/AWS::EKS::Cluster.StorageConfig", + "markdownDescription": "Indicates the current configuration of the block storage capability on your EKS Auto Mode cluster. For example, if the capability is enabled or disabled. If the block storage capability is enabled, EKS Auto Mode will create and delete EBS volumes in your AWS account. For more information, see EKS Auto Mode block storage capability in the *Amazon EKS User Guide* .", + "title": "StorageConfig" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Add tags for a cross-account attachment.\n\nFor more information, see [Tagging in AWS Global Accelerator](https://docs.aws.amazon.com/global-accelerator/latest/dg/tagging-in-global-accelerator.html) in the *AWS Global Accelerator Developer Guide* .", + "markdownDescription": "The metadata that you apply to the cluster to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Cluster tags don't propagate to any other resources associated with the cluster.\n\n> You must have the `eks:TagResource` and `eks:UntagResource` permissions for your [IAM principal](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html) to manage the AWS CloudFormation stack. If you don't have these permissions, there might be unexpected behavior with stack-level tags propagating to the resource during resource creation and update.", "title": "Tags", "type": "array" + }, + "UpgradePolicy": { + "$ref": "#/definitions/AWS::EKS::Cluster.UpgradePolicy", + "markdownDescription": "This value indicates if extended support is enabled or disabled for the cluster.\n\n[Learn more about EKS Extended Support in the *Amazon EKS User Guide* .](https://docs.aws.amazon.com/eks/latest/userguide/extended-support-control.html)", + "title": "UpgradePolicy" + }, + "Version": { + "markdownDescription": "The desired Kubernetes version for your cluster. If you don't specify a value here, the default version available in Amazon EKS is used.\n\n> The default version might not be the latest version available.", + "title": "Version", + "type": "string" + }, + "ZonalShiftConfig": { + "$ref": "#/definitions/AWS::EKS::Cluster.ZonalShiftConfig", + "markdownDescription": "The configuration for zonal shift for the cluster.", + "title": "ZonalShiftConfig" } }, "required": [ - "Name" + "ResourcesVpcConfig", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::GlobalAccelerator::CrossAccountAttachment" + "AWS::EKS::Cluster" ], "type": "string" }, @@ -104655,26 +108011,335 @@ ], "type": "object" }, - "AWS::GlobalAccelerator::CrossAccountAttachment.Resource": { + "AWS::EKS::Cluster.AccessConfig": { "additionalProperties": false, "properties": { - "EndpointId": { - "markdownDescription": "The endpoint ID for the endpoint that is specified as a AWS resource.\n\nAn endpoint ID for the cross-account feature is the ARN of an AWS resource, such as a Network Load Balancer, that Global Accelerator supports as an endpoint for an accelerator.", - "title": "EndpointId", + "AuthenticationMode": { + "markdownDescription": "The desired authentication mode for the cluster. If you create a cluster by using the EKS API, AWS SDKs, or AWS CloudFormation , the default is `CONFIG_MAP` . If you create the cluster by using the AWS Management Console , the default value is `API_AND_CONFIG_MAP` .", + "title": "AuthenticationMode", "type": "string" }, - "Region": { - "markdownDescription": "The AWS Region where a shared endpoint resource is located.", - "title": "Region", + "BootstrapClusterCreatorAdminPermissions": { + "markdownDescription": "Specifies whether or not the cluster creator IAM principal was set as a cluster admin access entry during cluster creation time. The default value is `true` .", + "title": "BootstrapClusterCreatorAdminPermissions", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EKS::Cluster.BlockStorage": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Indicates if the block storage capability is enabled on your EKS Auto Mode cluster. If the block storage capability is enabled, EKS Auto Mode will create and delete EBS volumes in your AWS account.", + "title": "Enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EKS::Cluster.ClusterLogging": { + "additionalProperties": false, + "properties": { + "EnabledTypes": { + "items": { + "$ref": "#/definitions/AWS::EKS::Cluster.LoggingTypeConfig" + }, + "markdownDescription": "The enabled control plane logs for your cluster. All log types are disabled if the array is empty.\n\n> When updating a resource, you must include this `EnabledTypes` property if the previous CloudFormation template of the resource had it.", + "title": "EnabledTypes", + "type": "array" + } + }, + "type": "object" + }, + "AWS::EKS::Cluster.ComputeConfig": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Request to enable or disable the compute capability on your EKS Auto Mode cluster. If the compute capability is enabled, EKS Auto Mode will create and delete EC2 Managed Instances in your AWS account.", + "title": "Enabled", + "type": "boolean" + }, + "NodePools": { + "items": { + "type": "string" + }, + "markdownDescription": "Configuration for node pools that defines the compute resources for your EKS Auto Mode cluster. For more information, see EKS Auto Mode Node Pools in the *Amazon EKS User Guide* .", + "title": "NodePools", + "type": "array" + }, + "NodeRoleArn": { + "markdownDescription": "The ARN of the IAM Role EKS will assign to EC2 Managed Instances in your EKS Auto Mode cluster. This value cannot be changed after the compute capability of EKS Auto Mode is enabled. For more information, see the IAM Reference in the *Amazon EKS User Guide* .", + "title": "NodeRoleArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EKS::Cluster.ControlPlanePlacement": { + "additionalProperties": false, + "properties": { + "GroupName": { + "markdownDescription": "The name of the placement group for the Kubernetes control plane instances. This property is only used for a local cluster on an AWS Outpost.", + "title": "GroupName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EKS::Cluster.ElasticLoadBalancing": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Indicates if the load balancing capability is enabled on your EKS Auto Mode cluster. If the load balancing capability is enabled, EKS Auto Mode will create and delete load balancers in your AWS account.", + "title": "Enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EKS::Cluster.EncryptionConfig": { + "additionalProperties": false, + "properties": { + "Provider": { + "$ref": "#/definitions/AWS::EKS::Cluster.Provider", + "markdownDescription": "The encryption provider for the cluster.", + "title": "Provider" + }, + "Resources": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the resources to be encrypted. The only supported value is `secrets` .", + "title": "Resources", + "type": "array" + } + }, + "type": "object" + }, + "AWS::EKS::Cluster.KubernetesNetworkConfig": { + "additionalProperties": false, + "properties": { + "ElasticLoadBalancing": { + "$ref": "#/definitions/AWS::EKS::Cluster.ElasticLoadBalancing", + "markdownDescription": "Request to enable or disable the load balancing capability on your EKS Auto Mode cluster. For more information, see EKS Auto Mode load balancing capability in the *Amazon EKS User Guide* .", + "title": "ElasticLoadBalancing" + }, + "IpFamily": { + "markdownDescription": "Specify which IP family is used to assign Kubernetes pod and service IP addresses. If you don't specify a value, `ipv4` is used by default. You can only specify an IP family when you create a cluster and can't change this value once the cluster is created. If you specify `ipv6` , the VPC and subnets that you specify for cluster creation must have both `IPv4` and `IPv6` CIDR blocks assigned to them. You can't specify `ipv6` for clusters in China Regions.\n\nYou can only specify `ipv6` for `1.21` and later clusters that use version `1.10.1` or later of the Amazon VPC CNI add-on. If you specify `ipv6` , then ensure that your VPC meets the requirements listed in the considerations listed in [Assigning IPv6 addresses to pods and services](https://docs.aws.amazon.com/eks/latest/userguide/cni-ipv6.html) in the *Amazon EKS User Guide* . Kubernetes assigns services `IPv6` addresses from the unique local address range `(fc00::/7)` . You can't specify a custom `IPv6` CIDR block. Pod addresses are assigned from the subnet's `IPv6` CIDR.", + "title": "IpFamily", + "type": "string" + }, + "ServiceIpv4Cidr": { + "markdownDescription": "Don't specify a value if you select `ipv6` for *ipFamily* . The CIDR block to assign Kubernetes service IP addresses from. If you don't specify a block, Kubernetes assigns addresses from either the `10.100.0.0/16` or `172.20.0.0/16` CIDR blocks. We recommend that you specify a block that does not overlap with resources in other networks that are peered or connected to your VPC. The block must meet the following requirements:\n\n- Within one of the following private IP address blocks: `10.0.0.0/8` , `172.16.0.0/12` , or `192.168.0.0/16` .\n- Doesn't overlap with any CIDR block assigned to the VPC that you selected for VPC.\n- Between `/24` and `/12` .\n\n> You can only specify a custom CIDR block when you create a cluster. You can't change this value after the cluster is created.", + "title": "ServiceIpv4Cidr", + "type": "string" + }, + "ServiceIpv6Cidr": { + "markdownDescription": "The CIDR block that Kubernetes pod and service IP addresses are assigned from if you created a 1.21 or later cluster with version 1.10.1 or later of the Amazon VPC CNI add-on and specified `ipv6` for *ipFamily* when you created the cluster. Kubernetes assigns service addresses from the unique local address range ( `fc00::/7` ) because you can't specify a custom IPv6 CIDR block when you create the cluster.", + "title": "ServiceIpv6Cidr", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EKS::Cluster.Logging": { + "additionalProperties": false, + "properties": { + "ClusterLogging": { + "$ref": "#/definitions/AWS::EKS::Cluster.ClusterLogging", + "markdownDescription": "The cluster control plane logging configuration for your cluster.", + "title": "ClusterLogging" + } + }, + "type": "object" + }, + "AWS::EKS::Cluster.LoggingTypeConfig": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "The name of the log type.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EKS::Cluster.OutpostConfig": { + "additionalProperties": false, + "properties": { + "ControlPlaneInstanceType": { + "markdownDescription": "The Amazon EC2 instance type that you want to use for your local Amazon EKS cluster on Outposts. Choose an instance type based on the number of nodes that your cluster will have. For more information, see [Capacity considerations](https://docs.aws.amazon.com/eks/latest/userguide/eks-outposts-capacity-considerations.html) in the *Amazon EKS User Guide* .\n\nThe instance type that you specify is used for all Kubernetes control plane instances. The instance type can't be changed after cluster creation. The control plane is not automatically scaled by Amazon EKS.", + "title": "ControlPlaneInstanceType", "type": "string" + }, + "ControlPlanePlacement": { + "$ref": "#/definitions/AWS::EKS::Cluster.ControlPlanePlacement", + "markdownDescription": "An object representing the placement configuration for all the control plane instances of your local Amazon EKS cluster on an AWS Outpost. For more information, see [Capacity considerations](https://docs.aws.amazon.com/eks/latest/userguide/eks-outposts-capacity-considerations.html) in the *Amazon EKS User Guide* .", + "title": "ControlPlanePlacement" + }, + "OutpostArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The ARN of the Outpost that you want to use for your local Amazon EKS cluster on Outposts. Only a single Outpost ARN is supported.", + "title": "OutpostArns", + "type": "array" } }, "required": [ - "EndpointId" + "ControlPlaneInstanceType", + "OutpostArns" ], "type": "object" }, - "AWS::GlobalAccelerator::EndpointGroup": { + "AWS::EKS::Cluster.Provider": { + "additionalProperties": false, + "properties": { + "KeyArn": { + "markdownDescription": "Amazon Resource Name (ARN) or alias of the KMS key. The KMS key must be symmetric and created in the same AWS Region as the cluster. If the KMS key was created in a different account, the [IAM principal](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html) must have access to the KMS key. For more information, see [Allowing users in other accounts to use a KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-policy-modifying-external-accounts.html) in the *AWS Key Management Service Developer Guide* .", + "title": "KeyArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EKS::Cluster.RemoteNetworkConfig": { + "additionalProperties": false, + "properties": { + "RemoteNodeNetworks": { + "items": { + "$ref": "#/definitions/AWS::EKS::Cluster.RemoteNodeNetwork" + }, + "markdownDescription": "The list of network CIDRs that can contain hybrid nodes.\n\nThese CIDR blocks define the expected IP address range of the hybrid nodes that join the cluster. These blocks are typically determined by your network administrator.\n\nEnter one or more IPv4 CIDR blocks in decimal dotted-quad notation (for example, `10.2.0.0/16` ).\n\nIt must satisfy the following requirements:\n\n- Each block must be within an `IPv4` RFC-1918 network range. Minimum allowed size is /32, maximum allowed size is /8. Publicly-routable addresses aren't supported.\n- Each block cannot overlap with the range of the VPC CIDR blocks for your EKS resources, or the block of the Kubernetes service IP range.\n- Each block must have a route to the VPC that uses the VPC CIDR blocks, not public IPs or Elastic IPs. There are many options including AWS Transit Gateway , AWS Site-to-Site VPN , or AWS Direct Connect .\n- Each host must allow outbound connection to the EKS cluster control plane on TCP ports `443` and `10250` .\n- Each host must allow inbound connection from the EKS cluster control plane on TCP port 10250 for logs, exec and port-forward operations.\n- Each host must allow TCP and UDP network connectivity to and from other hosts that are running `CoreDNS` on UDP port `53` for service and pod DNS names.", + "title": "RemoteNodeNetworks", + "type": "array" + }, + "RemotePodNetworks": { + "items": { + "$ref": "#/definitions/AWS::EKS::Cluster.RemotePodNetwork" + }, + "markdownDescription": "The list of network CIDRs that can contain pods that run Kubernetes webhooks on hybrid nodes.\n\nThese CIDR blocks are determined by configuring your Container Network Interface (CNI) plugin. We recommend the Calico CNI or Cilium CNI. Note that the Amazon VPC CNI plugin for Kubernetes isn't available for on-premises and edge locations.\n\nEnter one or more IPv4 CIDR blocks in decimal dotted-quad notation (for example, `10.2.0.0/16` ).\n\nIt must satisfy the following requirements:\n\n- Each block must be within an `IPv4` RFC-1918 network range. Minimum allowed size is /32, maximum allowed size is /8. Publicly-routable addresses aren't supported.\n- Each block cannot overlap with the range of the VPC CIDR blocks for your EKS resources, or the block of the Kubernetes service IP range.", + "title": "RemotePodNetworks", + "type": "array" + } + }, + "required": [ + "RemoteNodeNetworks" + ], + "type": "object" + }, + "AWS::EKS::Cluster.RemoteNodeNetwork": { + "additionalProperties": false, + "properties": { + "Cidrs": { + "items": { + "type": "string" + }, + "markdownDescription": "A network CIDR that can contain hybrid nodes.\n\nThese CIDR blocks define the expected IP address range of the hybrid nodes that join the cluster. These blocks are typically determined by your network administrator.\n\nEnter one or more IPv4 CIDR blocks in decimal dotted-quad notation (for example, `10.2.0.0/16` ).\n\nIt must satisfy the following requirements:\n\n- Each block must be within an `IPv4` RFC-1918 network range. Minimum allowed size is /32, maximum allowed size is /8. Publicly-routable addresses aren't supported.\n- Each block cannot overlap with the range of the VPC CIDR blocks for your EKS resources, or the block of the Kubernetes service IP range.\n- Each block must have a route to the VPC that uses the VPC CIDR blocks, not public IPs or Elastic IPs. There are many options including AWS Transit Gateway , AWS Site-to-Site VPN , or AWS Direct Connect .\n- Each host must allow outbound connection to the EKS cluster control plane on TCP ports `443` and `10250` .\n- Each host must allow inbound connection from the EKS cluster control plane on TCP port 10250 for logs, exec and port-forward operations.\n- Each host must allow TCP and UDP network connectivity to and from other hosts that are running `CoreDNS` on UDP port `53` for service and pod DNS names.", + "title": "Cidrs", + "type": "array" + } + }, + "required": [ + "Cidrs" + ], + "type": "object" + }, + "AWS::EKS::Cluster.RemotePodNetwork": { + "additionalProperties": false, + "properties": { + "Cidrs": { + "items": { + "type": "string" + }, + "markdownDescription": "A network CIDR that can contain pods that run Kubernetes webhooks on hybrid nodes.\n\nThese CIDR blocks are determined by configuring your Container Network Interface (CNI) plugin. We recommend the Calico CNI or Cilium CNI. Note that the Amazon VPC CNI plugin for Kubernetes isn't available for on-premises and edge locations.\n\nEnter one or more IPv4 CIDR blocks in decimal dotted-quad notation (for example, `10.2.0.0/16` ).\n\nIt must satisfy the following requirements:\n\n- Each block must be within an `IPv4` RFC-1918 network range. Minimum allowed size is /32, maximum allowed size is /8. Publicly-routable addresses aren't supported.\n- Each block cannot overlap with the range of the VPC CIDR blocks for your EKS resources, or the block of the Kubernetes service IP range.", + "title": "Cidrs", + "type": "array" + } + }, + "required": [ + "Cidrs" + ], + "type": "object" + }, + "AWS::EKS::Cluster.ResourcesVpcConfig": { + "additionalProperties": false, + "properties": { + "EndpointPrivateAccess": { + "markdownDescription": "Set this value to `true` to enable private access for your cluster's Kubernetes API server endpoint. If you enable private access, Kubernetes API requests from within your cluster's VPC use the private VPC endpoint. The default value for this parameter is `false` , which disables private access for your Kubernetes API server. If you disable private access and you have nodes or AWS Fargate pods in the cluster, then ensure that `publicAccessCidrs` includes the necessary CIDR blocks for communication with the nodes or Fargate pods. For more information, see [Cluster API server endpoint](https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html) in the **Amazon EKS User Guide** .", + "title": "EndpointPrivateAccess", + "type": "boolean" + }, + "EndpointPublicAccess": { + "markdownDescription": "Set this value to `false` to disable public access to your cluster's Kubernetes API server endpoint. If you disable public access, your cluster's Kubernetes API server can only receive requests from within the cluster VPC. The default value for this parameter is `true` , which enables public access for your Kubernetes API server. The endpoint domain name and IP address family depends on the value of the `ipFamily` for the cluster. For more information, see [Cluster API server endpoint](https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html) in the **Amazon EKS User Guide** .", + "title": "EndpointPublicAccess", + "type": "boolean" + }, + "PublicAccessCidrs": { + "items": { + "type": "string" + }, + "markdownDescription": "The CIDR blocks that are allowed access to your cluster's public Kubernetes API server endpoint. Communication to the endpoint from addresses outside of the CIDR blocks that you specify is denied. The default value is `0.0.0.0/0` and additionally `::/0` for dual-stack `IPv6` clusters. If you've disabled private endpoint access, make sure that you specify the necessary CIDR blocks for every node and AWS Fargate `Pod` in the cluster. For more information, see [Cluster API server endpoint](https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html) in the **Amazon EKS User Guide** .\n\nNote that the public endpoints are dual-stack for only `IPv6` clusters that are made after October 2024. You can't add `IPv6` CIDR blocks to `IPv4` clusters or `IPv6` clusters that were made before October 2024.", + "title": "PublicAccessCidrs", + "type": "array" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "Specify one or more security groups for the cross-account elastic network interfaces that Amazon EKS creates to use that allow communication between your nodes and the Kubernetes control plane. If you don't specify any security groups, then familiarize yourself with the difference between Amazon EKS defaults for clusters deployed with Kubernetes. For more information, see [Amazon EKS security group considerations](https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html) in the **Amazon EKS User Guide** .", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "Specify subnets for your Amazon EKS nodes. Amazon EKS creates cross-account elastic network interfaces in these subnets to allow communication between your nodes and the Kubernetes control plane.", + "title": "SubnetIds", + "type": "array" + } + }, + "required": [ + "SubnetIds" + ], + "type": "object" + }, + "AWS::EKS::Cluster.StorageConfig": { + "additionalProperties": false, + "properties": { + "BlockStorage": { + "$ref": "#/definitions/AWS::EKS::Cluster.BlockStorage", + "markdownDescription": "Request to configure EBS Block Storage settings for your EKS Auto Mode cluster.", + "title": "BlockStorage" + } + }, + "type": "object" + }, + "AWS::EKS::Cluster.UpgradePolicy": { + "additionalProperties": false, + "properties": { + "SupportType": { + "markdownDescription": "If the cluster is set to `EXTENDED` , it will enter extended support at the end of standard support. If the cluster is set to `STANDARD` , it will be automatically upgraded at the end of standard support.\n\n[Learn more about EKS Extended Support in the *Amazon EKS User Guide* .](https://docs.aws.amazon.com/eks/latest/userguide/extended-support-control.html)", + "title": "SupportType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EKS::Cluster.ZonalShiftConfig": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "If zonal shift is enabled, AWS configures zonal autoshift for the cluster.", + "title": "Enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EKS::FargateProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -104709,72 +108374,56 @@ "Properties": { "additionalProperties": false, "properties": { - "EndpointConfigurations": { - "items": { - "$ref": "#/definitions/AWS::GlobalAccelerator::EndpointGroup.EndpointConfiguration" - }, - "markdownDescription": "The list of endpoint objects.", - "title": "EndpointConfigurations", - "type": "array" - }, - "EndpointGroupRegion": { - "markdownDescription": "The AWS Regions where the endpoint group is located.", - "title": "EndpointGroupRegion", - "type": "string" - }, - "HealthCheckIntervalSeconds": { - "markdownDescription": "The time\u201410 seconds or 30 seconds\u2014between health checks for each endpoint. The default value is 30.", - "title": "HealthCheckIntervalSeconds", - "type": "number" - }, - "HealthCheckPath": { - "markdownDescription": "If the protocol is HTTP/S, then this value provides the ping path that Global Accelerator uses for the destination on the endpoints for health checks. The default is slash (/).", - "title": "HealthCheckPath", + "ClusterName": { + "markdownDescription": "The name of your cluster.", + "title": "ClusterName", "type": "string" }, - "HealthCheckPort": { - "markdownDescription": "The port that Global Accelerator uses to perform health checks on endpoints that are part of this endpoint group.\n\nThe default port is the port for the listener that this endpoint group is associated with. If the listener port is a list, Global Accelerator uses the first specified port in the list of ports.", - "title": "HealthCheckPort", - "type": "number" - }, - "HealthCheckProtocol": { - "markdownDescription": "The protocol that Global Accelerator uses to perform health checks on endpoints that are part of this endpoint group. The default value is TCP.", - "title": "HealthCheckProtocol", + "FargateProfileName": { + "markdownDescription": "The name of the Fargate profile.", + "title": "FargateProfileName", "type": "string" }, - "ListenerArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the listener.", - "title": "ListenerArn", + "PodExecutionRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the `Pod` execution role to use for a `Pod` that matches the selectors in the Fargate profile. The `Pod` execution role allows Fargate infrastructure to register with your cluster as a node, and it provides read access to Amazon ECR image repositories. For more information, see [`Pod` execution role](https://docs.aws.amazon.com/eks/latest/userguide/pod-execution-role.html) in the *Amazon EKS User Guide* .", + "title": "PodExecutionRoleArn", "type": "string" }, - "PortOverrides": { + "Selectors": { "items": { - "$ref": "#/definitions/AWS::GlobalAccelerator::EndpointGroup.PortOverride" + "$ref": "#/definitions/AWS::EKS::FargateProfile.Selector" }, - "markdownDescription": "Allows you to override the destination ports used to route traffic to an endpoint. Using a port override lets you map a list of external destination ports (that your users send traffic to) to a list of internal destination ports that you want an application endpoint to receive traffic on.", - "title": "PortOverrides", + "markdownDescription": "The selectors to match for a `Pod` to use this Fargate profile. Each selector must have an associated Kubernetes `namespace` . Optionally, you can also specify `labels` for a `namespace` . You may specify up to five selectors in a Fargate profile.", + "title": "Selectors", "type": "array" }, - "ThresholdCount": { - "markdownDescription": "The number of consecutive health checks required to set the state of a healthy endpoint to unhealthy, or to set an unhealthy endpoint to healthy. The default value is 3.", - "title": "ThresholdCount", - "type": "number" + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of subnets to launch a `Pod` into. A `Pod` running on Fargate isn't assigned a public IP address, so only private subnets (with no direct route to an Internet Gateway) are accepted for this parameter.", + "title": "Subnets", + "type": "array" }, - "TrafficDialPercentage": { - "markdownDescription": "The percentage of traffic to send to an AWS Regions . Additional traffic is distributed to other endpoint groups for this listener.\n\nUse this action to increase (dial up) or decrease (dial down) traffic to a specific Region. The percentage is applied to the traffic that would otherwise have been routed to the Region based on optimal routing.\n\nThe default value is 100.", - "title": "TrafficDialPercentage", - "type": "number" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or AWS resources.", + "title": "Tags", + "type": "array" } }, "required": [ - "EndpointGroupRegion", - "ListenerArn" + "ClusterName", + "PodExecutionRoleArn", + "Selectors" ], "type": "object" }, "Type": { "enum": [ - "AWS::GlobalAccelerator::EndpointGroup" + "AWS::EKS::FargateProfile" ], "type": "string" }, @@ -104793,56 +108442,49 @@ ], "type": "object" }, - "AWS::GlobalAccelerator::EndpointGroup.EndpointConfiguration": { + "AWS::EKS::FargateProfile.Label": { "additionalProperties": false, "properties": { - "AttachmentArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the cross-account attachment that specifies the endpoints (resources) that can be added to accelerators and principals that have permission to add the endpoints.", - "title": "AttachmentArn", + "Key": { + "markdownDescription": "Enter a key.", + "title": "Key", "type": "string" }, - "ClientIPPreservationEnabled": { - "markdownDescription": "Indicates whether client IP address preservation is enabled for an Application Load Balancer endpoint. The value is true or false. The default value is true for new accelerators.\n\nIf the value is set to true, the client's IP address is preserved in the `X-Forwarded-For` request header as traffic travels to applications on the Application Load Balancer endpoint fronted by the accelerator.\n\nFor more information, see [Preserve Client IP Addresses](https://docs.aws.amazon.com/global-accelerator/latest/dg/preserve-client-ip-address.html) in the *AWS Global Accelerator Developer Guide* .", - "title": "ClientIPPreservationEnabled", - "type": "boolean" - }, - "EndpointId": { - "markdownDescription": "An ID for the endpoint. If the endpoint is a Network Load Balancer or Application Load Balancer, this is the Amazon Resource Name (ARN) of the resource. If the endpoint is an Elastic IP address, this is the Elastic IP address allocation ID. For Amazon EC2 instances, this is the EC2 instance ID. A resource must be valid and active when you add it as an endpoint.\n\nFor cross-account endpoints, this must be the ARN of the resource.", - "title": "EndpointId", + "Value": { + "markdownDescription": "Enter a value.", + "title": "Value", "type": "string" - }, - "Weight": { - "markdownDescription": "The weight associated with the endpoint. When you add weights to endpoints, you configure Global Accelerator to route traffic based on proportions that you specify. For example, you might specify endpoint weights of 4, 5, 5, and 6 (sum=20). The result is that 4/20 of your traffic, on average, is routed to the first endpoint, 5/20 is routed both to the second and third endpoints, and 6/20 is routed to the last endpoint. For more information, see [Endpoint Weights](https://docs.aws.amazon.com/global-accelerator/latest/dg/about-endpoints-endpoint-weights.html) in the *AWS Global Accelerator Developer Guide* .", - "title": "Weight", - "type": "number" } }, "required": [ - "EndpointId" + "Key", + "Value" ], "type": "object" }, - "AWS::GlobalAccelerator::EndpointGroup.PortOverride": { + "AWS::EKS::FargateProfile.Selector": { "additionalProperties": false, "properties": { - "EndpointPort": { - "markdownDescription": "The endpoint port that you want a listener port to be mapped to. This is the port on the endpoint, such as the Application Load Balancer or Amazon EC2 instance.", - "title": "EndpointPort", - "type": "number" + "Labels": { + "items": { + "$ref": "#/definitions/AWS::EKS::FargateProfile.Label" + }, + "markdownDescription": "The Kubernetes labels that the selector should match. A pod must contain all of the labels that are specified in the selector for it to be considered a match.", + "title": "Labels", + "type": "array" }, - "ListenerPort": { - "markdownDescription": "The listener port that you want to map to a specific endpoint port. This is the port that user traffic arrives to the Global Accelerator on.", - "title": "ListenerPort", - "type": "number" + "Namespace": { + "markdownDescription": "The Kubernetes `namespace` that the selector should match.", + "title": "Namespace", + "type": "string" } }, "required": [ - "EndpointPort", - "ListenerPort" + "Namespace" ], "type": "object" }, - "AWS::GlobalAccelerator::Listener": { + "AWS::EKS::IdentityProviderConfig": { "additionalProperties": false, "properties": { "Condition": { @@ -104877,40 +108519,44 @@ "Properties": { "additionalProperties": false, "properties": { - "AcceleratorArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of your accelerator.", - "title": "AcceleratorArn", + "ClusterName": { + "markdownDescription": "The name of your cluster.", + "title": "ClusterName", "type": "string" }, - "ClientAffinity": { - "markdownDescription": "Client affinity lets you direct all requests from a user to the same endpoint, if you have stateful applications, regardless of the port and protocol of the client request. Client affinity gives you control over whether to always route each client to the same specific endpoint.\n\nAWS Global Accelerator uses a consistent-flow hashing algorithm to choose the optimal endpoint for a connection. If client affinity is `NONE` , Global Accelerator uses the \"five-tuple\" (5-tuple) properties\u2014source IP address, source port, destination IP address, destination port, and protocol\u2014to select the hash value, and then chooses the best endpoint. However, with this setting, if someone uses different ports to connect to Global Accelerator, their connections might not be always routed to the same endpoint because the hash value changes.\n\nIf you want a given client to always be routed to the same endpoint, set client affinity to `SOURCE_IP` instead. When you use the `SOURCE_IP` setting, Global Accelerator uses the \"two-tuple\" (2-tuple) properties\u2014 source (client) IP address and destination IP address\u2014to select the hash value.\n\nThe default value is `NONE` .", - "title": "ClientAffinity", + "IdentityProviderConfigName": { + "markdownDescription": "The name of the configuration.", + "title": "IdentityProviderConfigName", "type": "string" }, - "PortRanges": { + "Oidc": { + "$ref": "#/definitions/AWS::EKS::IdentityProviderConfig.OidcIdentityProviderConfig", + "markdownDescription": "An object representing an OpenID Connect (OIDC) identity provider configuration.", + "title": "Oidc" + }, + "Tags": { "items": { - "$ref": "#/definitions/AWS::GlobalAccelerator::Listener.PortRange" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The list of port ranges for the connections from clients to the accelerator.", - "title": "PortRanges", + "markdownDescription": "Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or AWS resources.", + "title": "Tags", "type": "array" }, - "Protocol": { - "markdownDescription": "The protocol for the connections from clients to the accelerator.", - "title": "Protocol", + "Type": { + "markdownDescription": "The type of the identity provider configuration. The only type available is `oidc` .", + "title": "Type", "type": "string" } }, "required": [ - "AcceleratorArn", - "PortRanges", - "Protocol" + "ClusterName", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::GlobalAccelerator::Listener" + "AWS::EKS::IdentityProviderConfig" ], "type": "string" }, @@ -104929,27 +108575,75 @@ ], "type": "object" }, - "AWS::GlobalAccelerator::Listener.PortRange": { + "AWS::EKS::IdentityProviderConfig.OidcIdentityProviderConfig": { "additionalProperties": false, "properties": { - "FromPort": { - "markdownDescription": "The first port in the range of ports, inclusive.", - "title": "FromPort", - "type": "number" + "ClientId": { + "markdownDescription": "This is also known as *audience* . The ID of the client application that makes authentication requests to the OIDC identity provider.", + "title": "ClientId", + "type": "string" }, - "ToPort": { - "markdownDescription": "The last port in the range of ports, inclusive.", - "title": "ToPort", - "type": "number" + "GroupsClaim": { + "markdownDescription": "The JSON web token (JWT) claim that the provider uses to return your groups.", + "title": "GroupsClaim", + "type": "string" + }, + "GroupsPrefix": { + "markdownDescription": "The prefix that is prepended to group claims to prevent clashes with existing names (such as `system:` groups). For example, the value `oidc:` creates group names like `oidc:engineering` and `oidc:infra` . The prefix can't contain `system:`", + "title": "GroupsPrefix", + "type": "string" + }, + "IssuerUrl": { + "markdownDescription": "The URL of the OIDC identity provider that allows the API server to discover public signing keys for verifying tokens.", + "title": "IssuerUrl", + "type": "string" + }, + "RequiredClaims": { + "items": { + "$ref": "#/definitions/AWS::EKS::IdentityProviderConfig.RequiredClaim" + }, + "markdownDescription": "The key-value pairs that describe required claims in the identity token. If set, each claim is verified to be present in the token with a matching value.", + "title": "RequiredClaims", + "type": "array" + }, + "UsernameClaim": { + "markdownDescription": "The JSON Web token (JWT) claim that is used as the username.", + "title": "UsernameClaim", + "type": "string" + }, + "UsernamePrefix": { + "markdownDescription": "The prefix that is prepended to username claims to prevent clashes with existing names. The prefix can't contain `system:`", + "title": "UsernamePrefix", + "type": "string" } }, "required": [ - "FromPort", - "ToPort" + "ClientId", + "IssuerUrl" ], "type": "object" }, - "AWS::Glue::Classifier": { + "AWS::EKS::IdentityProviderConfig.RequiredClaim": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The key to match from the token.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The value for the key from the token.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::EKS::Nodegroup": { "additionalProperties": false, "properties": { "Condition": { @@ -104984,32 +108678,133 @@ "Properties": { "additionalProperties": false, "properties": { - "CsvClassifier": { - "$ref": "#/definitions/AWS::Glue::Classifier.CsvClassifier", - "markdownDescription": "A classifier for comma-separated values (CSV).", - "title": "CsvClassifier" + "AmiType": { + "markdownDescription": "The AMI type for your node group. If you specify `launchTemplate` , and your launch template uses a custom AMI, then don't specify `amiType` , or the node group deployment will fail. If your launch template uses a Windows custom AMI, then add `eks:kube-proxy-windows` to your Windows nodes `rolearn` in the `aws-auth` `ConfigMap` . For more information about using launch templates with Amazon EKS, see [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", + "title": "AmiType", + "type": "string" }, - "GrokClassifier": { - "$ref": "#/definitions/AWS::Glue::Classifier.GrokClassifier", - "markdownDescription": "A classifier that uses `grok` .", - "title": "GrokClassifier" + "CapacityType": { + "markdownDescription": "The capacity type of your managed node group.", + "title": "CapacityType", + "type": "string" }, - "JsonClassifier": { - "$ref": "#/definitions/AWS::Glue::Classifier.JsonClassifier", - "markdownDescription": "A classifier for JSON content.", - "title": "JsonClassifier" + "ClusterName": { + "markdownDescription": "The name of your cluster.", + "title": "ClusterName", + "type": "string" }, - "XMLClassifier": { - "$ref": "#/definitions/AWS::Glue::Classifier.XMLClassifier", - "markdownDescription": "A classifier for XML content.", - "title": "XMLClassifier" + "DiskSize": { + "markdownDescription": "The root device disk size (in GiB) for your node group instances. The default disk size is 20 GiB for Linux and Bottlerocket. The default disk size is 50 GiB for Windows. If you specify `launchTemplate` , then don't specify `diskSize` , or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", + "title": "DiskSize", + "type": "number" + }, + "ForceUpdateEnabled": { + "markdownDescription": "Force the update if any `Pod` on the existing node group can't be drained due to a `Pod` disruption budget issue. If an update fails because all Pods can't be drained, you can force the update after it fails to terminate the old node whether or not any `Pod` is running on the node.", + "title": "ForceUpdateEnabled", + "type": "boolean" + }, + "InstanceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "Specify the instance types for a node group. If you specify a GPU instance type, make sure to also specify an applicable GPU AMI type with the `amiType` parameter. If you specify `launchTemplate` , then you can specify zero or one instance type in your launch template *or* you can specify 0-20 instance types for `instanceTypes` . If however, you specify an instance type in your launch template *and* specify any `instanceTypes` , the node group deployment will fail. If you don't specify an instance type in a launch template or for `instanceTypes` , then `t3.medium` is used, by default. If you specify `Spot` for `capacityType` , then we recommend specifying multiple values for `instanceTypes` . For more information, see [Managed node group capacity types](https://docs.aws.amazon.com/eks/latest/userguide/managed-node-groups.html#managed-node-group-capacity-types) and [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", + "title": "InstanceTypes", + "type": "array" + }, + "Labels": { + "additionalProperties": true, + "markdownDescription": "The Kubernetes `labels` applied to the nodes in the node group.\n\n> Only `labels` that are applied with the Amazon EKS API are shown here. There may be other Kubernetes `labels` applied to the nodes in this group.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Labels", + "type": "object" + }, + "LaunchTemplate": { + "$ref": "#/definitions/AWS::EKS::Nodegroup.LaunchTemplateSpecification", + "markdownDescription": "An object representing a node group's launch template specification. When using this object, don't directly specify `instanceTypes` , `diskSize` , or `remoteAccess` . You cannot later specify a different launch template ID or name than what was used to create the node group.\n\nMake sure that the launch template meets the requirements in `launchTemplateSpecification` . Also refer to [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", + "title": "LaunchTemplate" + }, + "NodeRepairConfig": { + "$ref": "#/definitions/AWS::EKS::Nodegroup.NodeRepairConfig", + "markdownDescription": "The node auto repair configuration for the node group.", + "title": "NodeRepairConfig" + }, + "NodeRole": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to associate with your node group. The Amazon EKS worker node `kubelet` daemon makes calls to AWS APIs on your behalf. Nodes receive permissions for these API calls through an IAM instance profile and associated policies. Before you can launch nodes and register them into a cluster, you must create an IAM role for those nodes to use when they are launched. For more information, see [Amazon EKS node IAM role](https://docs.aws.amazon.com/eks/latest/userguide/create-node-role.html) in the **Amazon EKS User Guide** . If you specify `launchTemplate` , then don't specify `[IamInstanceProfile](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_IamInstanceProfile.html)` in your launch template, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", + "title": "NodeRole", + "type": "string" + }, + "NodegroupName": { + "markdownDescription": "The unique name to give your node group.", + "title": "NodegroupName", + "type": "string" + }, + "ReleaseVersion": { + "markdownDescription": "The AMI version of the Amazon EKS optimized AMI to use with your node group (for example, `1.14.7- *YYYYMMDD*` ). By default, the latest available AMI version for the node group's current Kubernetes version is used. For more information, see [Amazon EKS optimized Linux AMI Versions](https://docs.aws.amazon.com/eks/latest/userguide/eks-linux-ami-versions.html) in the *Amazon EKS User Guide* .\n\n> Changing this value triggers an update of the node group if one is available. You can't update other properties at the same time as updating `Release Version` .", + "title": "ReleaseVersion", + "type": "string" + }, + "RemoteAccess": { + "$ref": "#/definitions/AWS::EKS::Nodegroup.RemoteAccess", + "markdownDescription": "The remote access configuration to use with your node group. For Linux, the protocol is SSH. For Windows, the protocol is RDP. If you specify `launchTemplate` , then don't specify `remoteAccess` , or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", + "title": "RemoteAccess" + }, + "ScalingConfig": { + "$ref": "#/definitions/AWS::EKS::Nodegroup.ScalingConfig", + "markdownDescription": "The scaling configuration details for the Auto Scaling group that is created for your node group.", + "title": "ScalingConfig" + }, + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The subnets to use for the Auto Scaling group that is created for your node group. If you specify `launchTemplate` , then don't specify `[SubnetId](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateNetworkInterface.html)` in your launch template, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", + "title": "Subnets", + "type": "array" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or AWS resources.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "Taints": { + "items": { + "$ref": "#/definitions/AWS::EKS::Nodegroup.Taint" + }, + "markdownDescription": "The Kubernetes taints to be applied to the nodes in the node group when they are created. Effect is one of `No_Schedule` , `Prefer_No_Schedule` , or `No_Execute` . Kubernetes taints can be used together with tolerations to control how workloads are scheduled to your nodes. For more information, see [Node taints on managed node groups](https://docs.aws.amazon.com/eks/latest/userguide/node-taints-managed-node-groups.html) .", + "title": "Taints", + "type": "array" + }, + "UpdateConfig": { + "$ref": "#/definitions/AWS::EKS::Nodegroup.UpdateConfig", + "markdownDescription": "The node group update configuration.", + "title": "UpdateConfig" + }, + "Version": { + "markdownDescription": "The Kubernetes version to use for your managed nodes. By default, the Kubernetes version of the cluster is used, and this is the only accepted specified value. If you specify `launchTemplate` , and your launch template uses a custom AMI, then don't specify `version` , or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see [Launch template support](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .\n\n> You can't update other properties at the same time as updating `Version` .", + "title": "Version", + "type": "string" } }, + "required": [ + "ClusterName", + "NodeRole", + "Subnets" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Glue::Classifier" + "AWS::EKS::Nodegroup" ], "type": "string" }, @@ -105023,142 +108818,129 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Glue::Classifier.CsvClassifier": { + "AWS::EKS::Nodegroup.LaunchTemplateSpecification": { "additionalProperties": false, "properties": { - "AllowSingleColumn": { - "markdownDescription": "Enables the processing of files that contain only one column.", - "title": "AllowSingleColumn", - "type": "boolean" - }, - "ContainsCustomDatatype": { - "items": { - "type": "string" - }, - "markdownDescription": "Indicates whether the CSV file contains custom data types.", - "title": "ContainsCustomDatatype", - "type": "array" - }, - "ContainsHeader": { - "markdownDescription": "Indicates whether the CSV file contains a header.\n\nA value of `UNKNOWN` specifies that the classifier will detect whether the CSV file contains headings.\n\nA value of `PRESENT` specifies that the CSV file contains headings.\n\nA value of `ABSENT` specifies that the CSV file does not contain headings.", - "title": "ContainsHeader", + "Id": { + "markdownDescription": "The ID of the launch template.\n\nYou must specify either the launch template ID or the launch template name in the request, but not both. After node group creation, you cannot use a different ID.", + "title": "Id", "type": "string" }, - "CustomDatatypeConfigured": { - "markdownDescription": "Enables the configuration of custom data types.", - "title": "CustomDatatypeConfigured", - "type": "boolean" - }, - "Delimiter": { - "markdownDescription": "A custom symbol to denote what separates each column entry in the row.", - "title": "Delimiter", + "Name": { + "markdownDescription": "The name of the launch template.\n\nYou must specify either the launch template name or the launch template ID in the request, but not both. After node group creation, you cannot use a different name.", + "title": "Name", "type": "string" }, - "DisableValueTrimming": { - "markdownDescription": "Specifies not to trim values before identifying the type of column values. The default value is `true` .", - "title": "DisableValueTrimming", + "Version": { + "markdownDescription": "The version number of the launch template to use. If no version is specified, then the template's default version is used. You can use a different version for node group updates.", + "title": "Version", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EKS::Nodegroup.NodeRepairConfig": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Specifies whether to enable node auto repair for the node group. Node auto repair is disabled by default.", + "title": "Enabled", "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EKS::Nodegroup.RemoteAccess": { + "additionalProperties": false, + "properties": { + "Ec2SshKey": { + "markdownDescription": "The Amazon EC2 SSH key name that provides access for SSH communication with the nodes in the managed node group. For more information, see [Amazon EC2 key pairs and Linux instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html) in the *Amazon Elastic Compute Cloud User Guide for Linux Instances* . For Windows, an Amazon EC2 SSH key is used to obtain the RDP password. For more information, see [Amazon EC2 key pairs and Windows instances](https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ec2-key-pairs.html) in the *Amazon Elastic Compute Cloud User Guide for Windows Instances* .", + "title": "Ec2SshKey", + "type": "string" }, - "Header": { + "SourceSecurityGroups": { "items": { "type": "string" }, - "markdownDescription": "A list of strings representing column names.", - "title": "Header", + "markdownDescription": "The security group IDs that are allowed SSH access (port 22) to the nodes. For Windows, the port is 3389. If you specify an Amazon EC2 SSH key but don't specify a source security group when you create a managed node group, then the port on the nodes is opened to the internet ( `0.0.0.0/0` ). For more information, see [Security Groups for Your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) in the *Amazon Virtual Private Cloud User Guide* .", + "title": "SourceSecurityGroups", "type": "array" - }, - "Name": { - "markdownDescription": "The name of the classifier.", - "title": "Name", - "type": "string" - }, - "QuoteSymbol": { - "markdownDescription": "A custom symbol to denote what combines content into a single column value. It must be different from the column delimiter.", - "title": "QuoteSymbol", - "type": "string" } }, + "required": [ + "Ec2SshKey" + ], "type": "object" }, - "AWS::Glue::Classifier.GrokClassifier": { + "AWS::EKS::Nodegroup.ScalingConfig": { "additionalProperties": false, "properties": { - "Classification": { - "markdownDescription": "An identifier of the data format that the classifier matches, such as Twitter, JSON, Omniture logs, and so on.", - "title": "Classification", - "type": "string" - }, - "CustomPatterns": { - "markdownDescription": "Optional custom grok patterns defined by this classifier. For more information, see custom patterns in [Writing Custom Classifiers](https://docs.aws.amazon.com/glue/latest/dg/custom-classifier.html) .", - "title": "CustomPatterns", - "type": "string" + "DesiredSize": { + "markdownDescription": "The current number of nodes that the managed node group should maintain.\n\n> If you use the Kubernetes [Cluster Autoscaler](https://docs.aws.amazon.com/https://github.com/kubernetes/autoscaler#kubernetes-autoscaler) , you shouldn't change the `desiredSize` value directly, as this can cause the Cluster Autoscaler to suddenly scale up or scale down. \n\nWhenever this parameter changes, the number of worker nodes in the node group is updated to the specified size. If this parameter is given a value that is smaller than the current number of running worker nodes, the necessary number of worker nodes are terminated to match the given value. When using CloudFormation, no action occurs if you remove this parameter from your CFN template.\n\nThis parameter can be different from `minSize` in some cases, such as when starting with extra hosts for testing. This parameter can also be different when you want to start with an estimated number of needed hosts, but let the Cluster Autoscaler reduce the number if there are too many. When the Cluster Autoscaler is used, the `desiredSize` parameter is altered by the Cluster Autoscaler (but can be out-of-date for short periods of time). the Cluster Autoscaler doesn't scale a managed node group lower than `minSize` or higher than `maxSize` .", + "title": "DesiredSize", + "type": "number" }, - "GrokPattern": { - "markdownDescription": "The grok pattern applied to a data store by this classifier. For more information, see built-in patterns in [Writing Custom Classifiers](https://docs.aws.amazon.com/glue/latest/dg/custom-classifier.html) .", - "title": "GrokPattern", - "type": "string" + "MaxSize": { + "markdownDescription": "The maximum number of nodes that the managed node group can scale out to. For information about the maximum number that you can specify, see [Amazon EKS service quotas](https://docs.aws.amazon.com/eks/latest/userguide/service-quotas.html) in the *Amazon EKS User Guide* .", + "title": "MaxSize", + "type": "number" }, - "Name": { - "markdownDescription": "The name of the classifier.", - "title": "Name", - "type": "string" + "MinSize": { + "markdownDescription": "The minimum number of nodes that the managed node group can scale in to.", + "title": "MinSize", + "type": "number" } }, - "required": [ - "Classification", - "GrokPattern" - ], "type": "object" }, - "AWS::Glue::Classifier.JsonClassifier": { + "AWS::EKS::Nodegroup.Taint": { "additionalProperties": false, "properties": { - "JsonPath": { - "markdownDescription": "A `JsonPath` string defining the JSON data for the classifier to classify. AWS Glue supports a subset of `JsonPath` , as described in [Writing JsonPath Custom Classifiers](https://docs.aws.amazon.com/glue/latest/dg/custom-classifier.html#custom-classifier-json) .", - "title": "JsonPath", + "Effect": { + "markdownDescription": "The effect of the taint.", + "title": "Effect", "type": "string" }, - "Name": { - "markdownDescription": "The name of the classifier.", - "title": "Name", + "Key": { + "markdownDescription": "The key of the taint.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the taint.", + "title": "Value", "type": "string" } }, - "required": [ - "JsonPath" - ], "type": "object" }, - "AWS::Glue::Classifier.XMLClassifier": { + "AWS::EKS::Nodegroup.UpdateConfig": { "additionalProperties": false, "properties": { - "Classification": { - "markdownDescription": "An identifier of the data format that the classifier matches.", - "title": "Classification", - "type": "string" + "MaxUnavailable": { + "markdownDescription": "The maximum number of nodes unavailable at once during a version update. Nodes are updated in parallel. This value or `maxUnavailablePercentage` is required to have a value.The maximum number is 100.", + "title": "MaxUnavailable", + "type": "number" }, - "Name": { - "markdownDescription": "The name of the classifier.", - "title": "Name", - "type": "string" + "MaxUnavailablePercentage": { + "markdownDescription": "The maximum percentage of nodes unavailable during a version update. This percentage of nodes are updated in parallel, up to 100 nodes at once. This value or `maxUnavailable` is required to have a value.", + "title": "MaxUnavailablePercentage", + "type": "number" }, - "RowTag": { - "markdownDescription": "The XML tag designating the element that contains each record in an XML document being parsed. This can't identify a self-closing element (closed by `/>` ). An empty row element that contains only attributes can be parsed as long as it ends with a closing tag (for example, `` is okay, but `` is not).", - "title": "RowTag", + "UpdateStrategy": { + "markdownDescription": "The configuration for the behavior to follow during a node group version update of this managed node group. You choose between two possible strategies for replacing nodes during an [`UpdateNodegroupVersion`](https://docs.aws.amazon.com/eks/latest/APIReference/API_UpdateNodegroupVersion.html) action.\n\nAn Amazon EKS managed node group updates by replacing nodes with new nodes of newer AMI versions in parallel. The *update strategy* changes the managed node update behavior of the managed node group for each quantity. The *default* strategy has guardrails to protect you from misconfiguration and launches the new instances first, before terminating the old instances. The *minimal* strategy removes the guardrails and terminates the old instances before launching the new instances. This minimal strategy is useful in scenarios where you are constrained to resources or costs (for example, with hardware accelerators such as GPUs).", + "title": "UpdateStrategy", "type": "string" } }, - "required": [ - "Classification", - "RowTag" - ], "type": "object" }, - "AWS::Glue::Connection": { + "AWS::EKS::PodIdentityAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -105193,26 +108975,56 @@ "Properties": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The ID of the data catalog to create the catalog object in. Currently, this should be the AWS account ID.\n\n> To specify the account ID, you can use the `Ref` intrinsic function with the `AWS::AccountId` pseudo parameter. For example: `!Ref AWS::AccountId` .", - "title": "CatalogId", + "ClusterName": { + "markdownDescription": "The name of the cluster that the association is in.", + "title": "ClusterName", "type": "string" }, - "ConnectionInput": { - "$ref": "#/definitions/AWS::Glue::Connection.ConnectionInput", - "markdownDescription": "The connection that you want to create.", - "title": "ConnectionInput" + "DisableSessionTags": { + "markdownDescription": "The state of the automatic sessions tags. The value of *true* disables these tags.\n\nEKS Pod Identity adds a pre-defined set of session tags when it assumes the role. You can use these tags to author a single role that can work across resources by allowing access to AWS resources based on matching tags. By default, EKS Pod Identity attaches six tags, including tags for cluster name, namespace, and service account name. For the list of tags added by EKS Pod Identity, see [List of session tags added by EKS Pod Identity](https://docs.aws.amazon.com/eks/latest/userguide/pod-id-abac.html#pod-id-abac-tags) in the *Amazon EKS User Guide* .", + "title": "DisableSessionTags", + "type": "boolean" + }, + "Namespace": { + "markdownDescription": "The name of the Kubernetes namespace inside the cluster to create the association in. The service account and the Pods that use the service account must be in this namespace.", + "title": "Namespace", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to associate with the service account. The EKS Pod Identity agent manages credentials to assume this role for applications in the containers in the Pods that use this service account.", + "title": "RoleArn", + "type": "string" + }, + "ServiceAccount": { + "markdownDescription": "The name of the Kubernetes service account inside the cluster to associate the IAM credentials with.", + "title": "ServiceAccount", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or AWS resources.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource \u2013 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length \u2013 128 Unicode characters in UTF-8\n- Maximum value length \u2013 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", + "title": "Tags", + "type": "array" + }, + "TargetRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the target IAM role to associate with the service account. This role is assumed by using the EKS Pod Identity association role, then the credentials for this role are injected into the Pod.", + "title": "TargetRoleArn", + "type": "string" } }, "required": [ - "CatalogId", - "ConnectionInput" + "ClusterName", + "Namespace", + "RoleArn", + "ServiceAccount" ], "type": "object" }, "Type": { "enum": [ - "AWS::Glue::Connection" + "AWS::EKS::PodIdentityAssociation" ], "type": "string" }, @@ -105231,73 +109043,7 @@ ], "type": "object" }, - "AWS::Glue::Connection.ConnectionInput": { - "additionalProperties": false, - "properties": { - "ConnectionProperties": { - "markdownDescription": "These key-value pairs define parameters for the connection.", - "title": "ConnectionProperties", - "type": "object" - }, - "ConnectionType": { - "markdownDescription": "The type of the connection. Currently, these types are supported:\n\n- `JDBC` - Designates a connection to a database through Java Database Connectivity (JDBC).\n\n`JDBC` Connections use the following ConnectionParameters.\n\n- Required: All of ( `HOST` , `PORT` , `JDBC_ENGINE` ) or `JDBC_CONNECTION_URL` .\n- Required: All of ( `USERNAME` , `PASSWORD` ) or `SECRET_ID` .\n- Optional: `JDBC_ENFORCE_SSL` , `CUSTOM_JDBC_CERT` , `CUSTOM_JDBC_CERT_STRING` , `SKIP_CUSTOM_JDBC_CERT_VALIDATION` . These parameters are used to configure SSL with JDBC.\n- `KAFKA` - Designates a connection to an Apache Kafka streaming platform.\n\n`KAFKA` Connections use the following ConnectionParameters.\n\n- Required: `KAFKA_BOOTSTRAP_SERVERS` .\n- Optional: `KAFKA_SSL_ENABLED` , `KAFKA_CUSTOM_CERT` , `KAFKA_SKIP_CUSTOM_CERT_VALIDATION` . These parameters are used to configure SSL with `KAFKA` .\n- Optional: `KAFKA_CLIENT_KEYSTORE` , `KAFKA_CLIENT_KEYSTORE_PASSWORD` , `KAFKA_CLIENT_KEY_PASSWORD` , `ENCRYPTED_KAFKA_CLIENT_KEYSTORE_PASSWORD` , `ENCRYPTED_KAFKA_CLIENT_KEY_PASSWORD` . These parameters are used to configure TLS client configuration with SSL in `KAFKA` .\n- Optional: `KAFKA_SASL_MECHANISM` . Can be specified as `SCRAM-SHA-512` , `GSSAPI` , or `AWS_MSK_IAM` .\n- Optional: `KAFKA_SASL_SCRAM_USERNAME` , `KAFKA_SASL_SCRAM_PASSWORD` , `ENCRYPTED_KAFKA_SASL_SCRAM_PASSWORD` . These parameters are used to configure SASL/SCRAM-SHA-512 authentication with `KAFKA` .\n- Optional: `KAFKA_SASL_GSSAPI_KEYTAB` , `KAFKA_SASL_GSSAPI_KRB5_CONF` , `KAFKA_SASL_GSSAPI_SERVICE` , `KAFKA_SASL_GSSAPI_PRINCIPAL` . These parameters are used to configure SASL/GSSAPI authentication with `KAFKA` .\n- `MONGODB` - Designates a connection to a MongoDB document database.\n\n`MONGODB` Connections use the following ConnectionParameters.\n\n- Required: `CONNECTION_URL` .\n- Required: All of ( `USERNAME` , `PASSWORD` ) or `SECRET_ID` .\n- `VIEW_VALIDATION_REDSHIFT` - Designates a connection used for view validation by Amazon Redshift.\n- `VIEW_VALIDATION_ATHENA` - Designates a connection used for view validation by Amazon Athena.\n- `NETWORK` - Designates a network connection to a data source within an Amazon Virtual Private Cloud environment (Amazon VPC).\n\n`NETWORK` Connections do not require ConnectionParameters. Instead, provide a PhysicalConnectionRequirements.\n- `MARKETPLACE` - Uses configuration settings contained in a connector purchased from AWS Marketplace to read from and write to data stores that are not natively supported by AWS Glue .\n\n`MARKETPLACE` Connections use the following ConnectionParameters.\n\n- Required: `CONNECTOR_TYPE` , `CONNECTOR_URL` , `CONNECTOR_CLASS_NAME` , `CONNECTION_URL` .\n- Required for `JDBC` `CONNECTOR_TYPE` connections: All of ( `USERNAME` , `PASSWORD` ) or `SECRET_ID` .\n- `CUSTOM` - Uses configuration settings contained in a custom connector to read from and write to data stores that are not natively supported by AWS Glue .\n\nAdditionally, a `ConnectionType` for the following SaaS connectors is supported:\n\n- `FACEBOOKADS` - Designates a connection to Facebook Ads.\n- `GOOGLEADS` - Designates a connection to Google Ads.\n- `GOOGLESHEETS` - Designates a connection to Google Sheets.\n- `GOOGLEANALYTICS4` - Designates a connection to Google Analytics 4.\n- `HUBSPOT` - Designates a connection to HubSpot.\n- `INSTAGRAMADS` - Designates a connection to Instagram Ads.\n- `INTERCOM` - Designates a connection to Intercom.\n- `JIRACLOUD` - Designates a connection to Jira Cloud.\n- `MARKETO` - Designates a connection to Adobe Marketo Engage.\n- `NETSUITEERP` - Designates a connection to Oracle NetSuite.\n- `SALESFORCE` - Designates a connection to Salesforce using OAuth authentication.\n- `SALESFORCEMARKETINGCLOUD` - Designates a connection to Salesforce Marketing Cloud.\n- `SALESFORCEPARDOT` - Designates a connection to Salesforce Marketing Cloud Account Engagement (MCAE).\n- `SAPODATA` - Designates a connection to SAP OData.\n- `SERVICENOW` - Designates a connection to ServiceNow.\n- `SLACK` - Designates a connection to Slack.\n- `SNAPCHATADS` - Designates a connection to Snapchat Ads.\n- `STRIPE` - Designates a connection to Stripe.\n- `ZENDESK` - Designates a connection to Zendesk.\n- `ZOHOCRM` - Designates a connection to Zoho CRM.\n\nFor more information on the connection parameters needed for a particular connector, see the documentation for the connector in [Adding an AWS Glue connection](https://docs.aws.amazon.com/glue/latest/dg/console-connections.html) in the AWS Glue User Guide.\n\n`SFTP` is not supported.\n\nFor more information about how optional ConnectionProperties are used to configure features in AWS Glue , consult [AWS Glue connection properties](https://docs.aws.amazon.com/glue/latest/dg/connection-defining.html) .\n\nFor more information about how optional ConnectionProperties are used to configure features in AWS Glue Studio, consult [Using connectors and connections](https://docs.aws.amazon.com/glue/latest/ug/connectors-chapter.html) .", - "title": "ConnectionType", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the connection.", - "title": "Description", - "type": "string" - }, - "MatchCriteria": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of criteria that can be used in selecting this connection.", - "title": "MatchCriteria", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the connection.", - "title": "Name", - "type": "string" - }, - "PhysicalConnectionRequirements": { - "$ref": "#/definitions/AWS::Glue::Connection.PhysicalConnectionRequirements", - "markdownDescription": "The physical connection requirements, such as virtual private cloud (VPC) and `SecurityGroup` , that are needed to successfully make this connection.", - "title": "PhysicalConnectionRequirements" - } - }, - "required": [ - "ConnectionType" - ], - "type": "object" - }, - "AWS::Glue::Connection.PhysicalConnectionRequirements": { - "additionalProperties": false, - "properties": { - "AvailabilityZone": { - "markdownDescription": "The connection's Availability Zone.", - "title": "AvailabilityZone", - "type": "string" - }, - "SecurityGroupIdList": { - "items": { - "type": "string" - }, - "markdownDescription": "The security group ID list used by the connection.", - "title": "SecurityGroupIdList", - "type": "array" - }, - "SubnetId": { - "markdownDescription": "The subnet ID used by the connection.", - "title": "SubnetId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Glue::Crawler": { + "AWS::EMR::Cluster": { "additionalProperties": false, "properties": { "Condition": { @@ -105332,89 +109078,171 @@ "Properties": { "additionalProperties": false, "properties": { - "Classifiers": { + "AdditionalInfo": { + "markdownDescription": "A JSON string for selecting additional features.", + "title": "AdditionalInfo", + "type": "object" + }, + "Applications": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EMR::Cluster.Application" }, - "markdownDescription": "A list of UTF-8 strings that specify the names of custom classifiers that are associated with the crawler.", - "title": "Classifiers", + "markdownDescription": "The applications to install on this cluster, for example, Spark, Flink, Oozie, Zeppelin, and so on.", + "title": "Applications", "type": "array" }, - "Configuration": { - "markdownDescription": "Crawler configuration information. This versioned JSON string allows users to specify aspects of a crawler's behavior. For more information, see [Configuring a Crawler](https://docs.aws.amazon.com/glue/latest/dg/crawler-configuration.html) .", - "title": "Configuration", + "AutoScalingRole": { + "markdownDescription": "An IAM role for automatic scaling policies. The default role is `EMR_AutoScaling_DefaultRole` . The IAM role provides permissions that the automatic scaling feature requires to launch and terminate Amazon EC2 instances in an instance group.", + "title": "AutoScalingRole", "type": "string" }, - "CrawlerSecurityConfiguration": { - "markdownDescription": "The name of the `SecurityConfiguration` structure to be used by this crawler.", - "title": "CrawlerSecurityConfiguration", + "AutoTerminationPolicy": { + "$ref": "#/definitions/AWS::EMR::Cluster.AutoTerminationPolicy", + "markdownDescription": "An auto-termination policy for an Amazon EMR cluster. An auto-termination policy defines the amount of idle time in seconds after which a cluster automatically terminates. For alternative cluster termination options, see [Control cluster termination](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-plan-termination.html) .", + "title": "AutoTerminationPolicy" + }, + "BootstrapActions": { + "items": { + "$ref": "#/definitions/AWS::EMR::Cluster.BootstrapActionConfig" + }, + "markdownDescription": "A list of bootstrap actions to run before Hadoop starts on the cluster nodes.", + "title": "BootstrapActions", + "type": "array" + }, + "Configurations": { + "items": { + "$ref": "#/definitions/AWS::EMR::Cluster.Configuration" + }, + "markdownDescription": "Applies only to Amazon EMR releases 4.x and later. The list of configurations that are supplied to the Amazon EMR cluster.", + "title": "Configurations", + "type": "array" + }, + "CustomAmiId": { + "markdownDescription": "Available only in Amazon EMR releases 5.7.0 and later. The ID of a custom Amazon EBS-backed Linux AMI if the cluster uses a custom AMI.", + "title": "CustomAmiId", "type": "string" }, - "DatabaseName": { - "markdownDescription": "The name of the database in which the crawler's output is stored.", - "title": "DatabaseName", + "EbsRootVolumeIops": { + "markdownDescription": "The IOPS, of the Amazon EBS root device volume of the Linux AMI that is used for each Amazon EC2 instance. Available in Amazon EMR releases 6.15.0 and later.", + "title": "EbsRootVolumeIops", + "type": "number" + }, + "EbsRootVolumeSize": { + "markdownDescription": "The size, in GiB, of the Amazon EBS root device volume of the Linux AMI that is used for each Amazon EC2 instance. Available in Amazon EMR releases 4.x and later.", + "title": "EbsRootVolumeSize", + "type": "number" + }, + "EbsRootVolumeThroughput": { + "markdownDescription": "The throughput, in MiB/s, of the Amazon EBS root device volume of the Linux AMI that is used for each Amazon EC2 instance. Available in Amazon EMR releases 6.15.0 and later.", + "title": "EbsRootVolumeThroughput", + "type": "number" + }, + "Instances": { + "$ref": "#/definitions/AWS::EMR::Cluster.JobFlowInstancesConfig", + "markdownDescription": "A specification of the number and type of Amazon EC2 instances.", + "title": "Instances" + }, + "JobFlowRole": { + "markdownDescription": "Also called instance profile and Amazon EC2 role. An IAM role for an Amazon EMR cluster. The Amazon EC2 instances of the cluster assume this role. The default role is `EMR_EC2_DefaultRole` . In order to use the default role, you must have already created it using the AWS CLI or console.", + "title": "JobFlowRole", "type": "string" }, - "Description": { - "markdownDescription": "A description of the crawler.", - "title": "Description", + "KerberosAttributes": { + "$ref": "#/definitions/AWS::EMR::Cluster.KerberosAttributes", + "markdownDescription": "Attributes for Kerberos configuration when Kerberos authentication is enabled using a security configuration. For more information see [Use Kerberos Authentication](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-kerberos.html) in the *Amazon EMR Management Guide* .", + "title": "KerberosAttributes" + }, + "LogEncryptionKmsKeyId": { + "markdownDescription": "The AWS KMS key used for encrypting log files. This attribute is only available with Amazon EMR 5.30.0 and later, excluding Amazon EMR 6.0.0.", + "title": "LogEncryptionKmsKeyId", "type": "string" }, - "LakeFormationConfiguration": { - "$ref": "#/definitions/AWS::Glue::Crawler.LakeFormationConfiguration", - "markdownDescription": "Specifies whether the crawler should use AWS Lake Formation credentials for the crawler instead of the IAM role credentials.", - "title": "LakeFormationConfiguration" + "LogUri": { + "markdownDescription": "The path to the Amazon S3 location where logs for this cluster are stored.", + "title": "LogUri", + "type": "string" + }, + "ManagedScalingPolicy": { + "$ref": "#/definitions/AWS::EMR::Cluster.ManagedScalingPolicy", + "markdownDescription": "Creates or updates a managed scaling policy for an Amazon EMR cluster. The managed scaling policy defines the limits for resources, such as Amazon EC2 instances that can be added or terminated from a cluster. The policy only applies to the core and task nodes. The master node cannot be scaled after initial configuration.", + "title": "ManagedScalingPolicy" }, "Name": { - "markdownDescription": "The name of the crawler.", + "markdownDescription": "The name of the cluster. This parameter can't contain the characters <, >, $, |, or ` (backtick).", "title": "Name", "type": "string" }, - "RecrawlPolicy": { - "$ref": "#/definitions/AWS::Glue::Crawler.RecrawlPolicy", - "markdownDescription": "A policy that specifies whether to crawl the entire dataset again, or to crawl only folders that were added since the last crawler run.", - "title": "RecrawlPolicy" + "OSReleaseLabel": { + "markdownDescription": "The Amazon Linux release specified in a cluster launch RunJobFlow request. If no Amazon Linux release was specified, the default Amazon Linux release is shown in the response.", + "title": "OSReleaseLabel", + "type": "string" }, - "Role": { - "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role that's used to access customer resources, such as Amazon Simple Storage Service (Amazon S3) data.", - "title": "Role", + "PlacementGroupConfigs": { + "items": { + "$ref": "#/definitions/AWS::EMR::Cluster.PlacementGroupConfig" + }, + "markdownDescription": "", + "title": "PlacementGroupConfigs", + "type": "array" + }, + "ReleaseLabel": { + "markdownDescription": "The Amazon EMR release label, which determines the version of open-source application packages installed on the cluster. Release labels are in the form `emr-x.x.x` , where x.x.x is an Amazon EMR release version such as `emr-5.14.0` . For more information about Amazon EMR release versions and included application versions and features, see [](https://docs.aws.amazon.com/emr/latest/ReleaseGuide/) . The release label applies only to Amazon EMR releases version 4.0 and later. Earlier versions use `AmiVersion` .", + "title": "ReleaseLabel", "type": "string" }, - "Schedule": { - "$ref": "#/definitions/AWS::Glue::Crawler.Schedule", - "markdownDescription": "For scheduled crawlers, the schedule when the crawler runs.", - "title": "Schedule" + "ScaleDownBehavior": { + "markdownDescription": "The way that individual Amazon EC2 instances terminate when an automatic scale-in activity occurs or an instance group is resized. `TERMINATE_AT_INSTANCE_HOUR` indicates that Amazon EMR terminates nodes at the instance-hour boundary, regardless of when the request to terminate the instance was submitted. This option is only available with Amazon EMR 5.1.0 and later and is the default for clusters created using that version. `TERMINATE_AT_TASK_COMPLETION` indicates that Amazon EMR adds nodes to a deny list and drains tasks from nodes before terminating the Amazon EC2 instances, regardless of the instance-hour boundary. With either behavior, Amazon EMR removes the least active nodes first and blocks instance termination if it could lead to HDFS corruption. `TERMINATE_AT_TASK_COMPLETION` is available only in Amazon EMR releases 4.1.0 and later, and is the default for versions of Amazon EMR earlier than 5.1.0.", + "title": "ScaleDownBehavior", + "type": "string" }, - "SchemaChangePolicy": { - "$ref": "#/definitions/AWS::Glue::Crawler.SchemaChangePolicy", - "markdownDescription": "The policy that specifies update and delete behaviors for the crawler. The policy tells the crawler what to do in the event that it detects a change in a table that already exists in the customer's database at the time of the crawl. The `SchemaChangePolicy` does not affect whether or how new tables and partitions are added. New tables and partitions are always created regardless of the `SchemaChangePolicy` on a crawler.\n\nThe SchemaChangePolicy consists of two components, `UpdateBehavior` and `DeleteBehavior` .", - "title": "SchemaChangePolicy" + "SecurityConfiguration": { + "markdownDescription": "The name of the security configuration applied to the cluster.", + "title": "SecurityConfiguration", + "type": "string" }, - "TablePrefix": { - "markdownDescription": "The prefix added to the names of tables that are created.", - "title": "TablePrefix", + "ServiceRole": { + "markdownDescription": "The IAM role that Amazon EMR assumes in order to access AWS resources on your behalf.", + "title": "ServiceRole", "type": "string" }, + "StepConcurrencyLevel": { + "markdownDescription": "Specifies the number of steps that can be executed concurrently. The default value is `1` . The maximum value is `256` .", + "title": "StepConcurrencyLevel", + "type": "number" + }, + "Steps": { + "items": { + "$ref": "#/definitions/AWS::EMR::Cluster.StepConfig" + }, + "markdownDescription": "A list of steps to run.", + "title": "Steps", + "type": "array" + }, "Tags": { - "markdownDescription": "The tags to use with this crawler.", + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags associated with a cluster.", "title": "Tags", - "type": "object" + "type": "array" }, - "Targets": { - "$ref": "#/definitions/AWS::Glue::Crawler.Targets", - "markdownDescription": "A collection of targets to crawl.", - "title": "Targets" + "VisibleToAllUsers": { + "markdownDescription": "Indicates whether the cluster is visible to all IAM users of the AWS account associated with the cluster. If this value is set to `true` , all IAM users of that AWS account can view and manage the cluster if they have the proper policy permissions set. If this value is `false` , only the IAM user that created the cluster can view and manage it. This value can be changed using the SetVisibleToAllUsers action.\n\n> When you create clusters directly through the EMR console or API, this value is set to `true` by default. However, for `AWS::EMR::Cluster` resources in CloudFormation, the default is `false` .", + "title": "VisibleToAllUsers", + "type": "boolean" } }, "required": [ - "Role", - "Targets" + "Instances", + "JobFlowRole", + "Name", + "ServiceRole" ], "type": "object" }, "Type": { "enum": [ - "AWS::Glue::Crawler" + "AWS::EMR::Cluster" ], "type": "string" }, @@ -105433,803 +109261,1009 @@ ], "type": "object" }, - "AWS::Glue::Crawler.CatalogTarget": { + "AWS::EMR::Cluster.Application": { "additionalProperties": false, "properties": { - "ConnectionName": { - "markdownDescription": "The name of the connection for an Amazon S3-backed Data Catalog table to be a target of the crawl when using a `Catalog` connection type paired with a `NETWORK` Connection type.", - "title": "ConnectionName", - "type": "string" - }, - "DatabaseName": { - "markdownDescription": "The name of the database to be synchronized.", - "title": "DatabaseName", - "type": "string" - }, - "DlqEventQueueArn": { - "markdownDescription": "A valid Amazon dead-letter SQS ARN. For example, `arn:aws:sqs:region:account:deadLetterQueue` .", - "title": "DlqEventQueueArn", - "type": "string" - }, - "EventQueueArn": { - "markdownDescription": "A valid Amazon SQS ARN. For example, `arn:aws:sqs:region:account:sqs` .", - "title": "EventQueueArn", - "type": "string" + "AdditionalInfo": { + "additionalProperties": true, + "markdownDescription": "This option is for advanced users only. This is meta information about clusters and applications that are used for testing and troubleshooting.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AdditionalInfo", + "type": "object" }, - "Tables": { + "Args": { "items": { "type": "string" }, - "markdownDescription": "A list of the tables to be synchronized.", - "title": "Tables", + "markdownDescription": "Arguments for Amazon EMR to pass to the application.", + "title": "Args", "type": "array" + }, + "Name": { + "markdownDescription": "The name of the application.", + "title": "Name", + "type": "string" + }, + "Version": { + "markdownDescription": "The version of the application.", + "title": "Version", + "type": "string" } }, "type": "object" }, - "AWS::Glue::Crawler.DeltaTarget": { + "AWS::EMR::Cluster.AutoScalingPolicy": { "additionalProperties": false, "properties": { - "ConnectionName": { - "markdownDescription": "The name of the connection to use to connect to the Delta table target.", - "title": "ConnectionName", - "type": "string" - }, - "CreateNativeDeltaTable": { - "markdownDescription": "Specifies whether the crawler will create native tables, to allow integration with query engines that support querying of the Delta transaction log directly.", - "title": "CreateNativeDeltaTable", - "type": "boolean" + "Constraints": { + "$ref": "#/definitions/AWS::EMR::Cluster.ScalingConstraints", + "markdownDescription": "The upper and lower Amazon EC2 instance limits for an automatic scaling policy. Automatic scaling activity will not cause an instance group to grow above or below these limits.", + "title": "Constraints" }, - "DeltaTables": { + "Rules": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EMR::Cluster.ScalingRule" }, - "markdownDescription": "A list of the Amazon S3 paths to the Delta tables.", - "title": "DeltaTables", + "markdownDescription": "The scale-in and scale-out rules that comprise the automatic scaling policy.", + "title": "Rules", "type": "array" - }, - "WriteManifest": { - "markdownDescription": "Specifies whether to write the manifest files to the Delta table path.", - "title": "WriteManifest", - "type": "boolean" } }, + "required": [ + "Constraints", + "Rules" + ], "type": "object" }, - "AWS::Glue::Crawler.DynamoDBTarget": { + "AWS::EMR::Cluster.AutoTerminationPolicy": { "additionalProperties": false, "properties": { - "Path": { - "markdownDescription": "The name of the DynamoDB table to crawl.", - "title": "Path", + "IdleTimeout": { + "markdownDescription": "Specifies the amount of idle time in seconds after which the cluster automatically terminates. You can specify a minimum of 60 seconds and a maximum of 604800 seconds (seven days).", + "title": "IdleTimeout", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EMR::Cluster.BootstrapActionConfig": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the bootstrap action.", + "title": "Name", "type": "string" + }, + "ScriptBootstrapAction": { + "$ref": "#/definitions/AWS::EMR::Cluster.ScriptBootstrapActionConfig", + "markdownDescription": "The script run by the bootstrap action.", + "title": "ScriptBootstrapAction" } }, + "required": [ + "Name", + "ScriptBootstrapAction" + ], "type": "object" }, - "AWS::Glue::Crawler.IcebergTarget": { + "AWS::EMR::Cluster.CloudWatchAlarmDefinition": { "additionalProperties": false, "properties": { - "ConnectionName": { - "markdownDescription": "The name of the connection to use to connect to the Iceberg target.", - "title": "ConnectionName", + "ComparisonOperator": { + "markdownDescription": "Determines how the metric specified by `MetricName` is compared to the value specified by `Threshold` .", + "title": "ComparisonOperator", "type": "string" }, - "Exclusions": { + "Dimensions": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EMR::Cluster.MetricDimension" }, - "markdownDescription": "A list of global patterns used to exclude from the crawl.", - "title": "Exclusions", + "markdownDescription": "A CloudWatch metric dimension.", + "title": "Dimensions", "type": "array" }, - "MaximumTraversalDepth": { - "markdownDescription": "The maximum depth of Amazon S3 paths that the crawler can traverse to discover the Iceberg metadata folder in your Amazon S3 path. Used to limit the crawler run time.", - "title": "MaximumTraversalDepth", + "EvaluationPeriods": { + "markdownDescription": "The number of periods, in five-minute increments, during which the alarm condition must exist before the alarm triggers automatic scaling activity. The default value is `1` .", + "title": "EvaluationPeriods", "type": "number" }, - "Paths": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more Amazon S3 paths that contains Iceberg metadata folders as s3://bucket/prefix .", - "title": "Paths", - "type": "array" + "MetricName": { + "markdownDescription": "The name of the CloudWatch metric that is watched to determine an alarm condition.", + "title": "MetricName", + "type": "string" + }, + "Namespace": { + "markdownDescription": "The namespace for the CloudWatch metric. The default is `AWS/ElasticMapReduce` .", + "title": "Namespace", + "type": "string" + }, + "Period": { + "markdownDescription": "The period, in seconds, over which the statistic is applied. CloudWatch metrics for Amazon EMR are emitted every five minutes (300 seconds), so if you specify a CloudWatch metric, specify `300` .", + "title": "Period", + "type": "number" + }, + "Statistic": { + "markdownDescription": "The statistic to apply to the metric associated with the alarm. The default is `AVERAGE` .", + "title": "Statistic", + "type": "string" + }, + "Threshold": { + "markdownDescription": "The value against which the specified statistic is compared.", + "title": "Threshold", + "type": "number" + }, + "Unit": { + "markdownDescription": "The unit of measure associated with the CloudWatch metric being watched. The value specified for `Unit` must correspond to the units specified in the CloudWatch metric.", + "title": "Unit", + "type": "string" } }, + "required": [ + "ComparisonOperator", + "MetricName", + "Period", + "Threshold" + ], "type": "object" }, - "AWS::Glue::Crawler.JdbcTarget": { + "AWS::EMR::Cluster.ComputeLimits": { "additionalProperties": false, "properties": { - "ConnectionName": { - "markdownDescription": "The name of the connection to use to connect to the JDBC target.", - "title": "ConnectionName", - "type": "string" + "MaximumCapacityUnits": { + "markdownDescription": "The upper boundary of Amazon EC2 units. It is measured through vCPU cores or instances for instance groups and measured through units for instance fleets. Managed scaling activities are not allowed beyond this boundary. The limit only applies to the core and task nodes. The master node cannot be scaled after initial configuration.", + "title": "MaximumCapacityUnits", + "type": "number" }, - "Exclusions": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of glob patterns used to exclude from the crawl. For more information, see [Catalog Tables with a Crawler](https://docs.aws.amazon.com/glue/latest/dg/add-crawler.html) .", - "title": "Exclusions", - "type": "array" + "MaximumCoreCapacityUnits": { + "markdownDescription": "The upper boundary of Amazon EC2 units for core node type in a cluster. It is measured through vCPU cores or instances for instance groups and measured through units for instance fleets. The core units are not allowed to scale beyond this boundary. The parameter is used to split capacity allocation between core and task nodes.", + "title": "MaximumCoreCapacityUnits", + "type": "number" }, - "Path": { - "markdownDescription": "The path of the JDBC target.", - "title": "Path", + "MaximumOnDemandCapacityUnits": { + "markdownDescription": "The upper boundary of On-Demand Amazon EC2 units. It is measured through vCPU cores or instances for instance groups and measured through units for instance fleets. The On-Demand units are not allowed to scale beyond this boundary. The parameter is used to split capacity allocation between On-Demand and Spot Instances.", + "title": "MaximumOnDemandCapacityUnits", + "type": "number" + }, + "MinimumCapacityUnits": { + "markdownDescription": "The lower boundary of Amazon EC2 units. It is measured through vCPU cores or instances for instance groups and measured through units for instance fleets. Managed scaling activities are not allowed beyond this boundary. The limit only applies to the core and task nodes. The master node cannot be scaled after initial configuration.", + "title": "MinimumCapacityUnits", + "type": "number" + }, + "UnitType": { + "markdownDescription": "The unit type used for specifying a managed scaling policy.", + "title": "UnitType", "type": "string" } }, + "required": [ + "MaximumCapacityUnits", + "MinimumCapacityUnits", + "UnitType" + ], "type": "object" }, - "AWS::Glue::Crawler.LakeFormationConfiguration": { + "AWS::EMR::Cluster.Configuration": { "additionalProperties": false, "properties": { - "AccountId": { - "markdownDescription": "Required for cross account crawls. For same account crawls as the target data, this can be left as null.", - "title": "AccountId", + "Classification": { + "markdownDescription": "The classification within a configuration.", + "title": "Classification", "type": "string" }, - "UseLakeFormationCredentials": { - "markdownDescription": "Specifies whether to use AWS Lake Formation credentials for the crawler instead of the IAM role credentials.", - "title": "UseLakeFormationCredentials", - "type": "boolean" + "ConfigurationProperties": { + "additionalProperties": true, + "markdownDescription": "A list of additional configurations to apply within a configuration object.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "ConfigurationProperties", + "type": "object" + }, + "Configurations": { + "items": { + "$ref": "#/definitions/AWS::EMR::Cluster.Configuration" + }, + "markdownDescription": "A list of additional configurations to apply within a configuration object.", + "title": "Configurations", + "type": "array" } }, "type": "object" }, - "AWS::Glue::Crawler.MongoDBTarget": { + "AWS::EMR::Cluster.EbsBlockDeviceConfig": { "additionalProperties": false, "properties": { - "ConnectionName": { - "markdownDescription": "The name of the connection to use to connect to the Amazon DocumentDB or MongoDB target.", - "title": "ConnectionName", - "type": "string" + "VolumeSpecification": { + "$ref": "#/definitions/AWS::EMR::Cluster.VolumeSpecification", + "markdownDescription": "EBS volume specifications such as volume type, IOPS, size (GiB) and throughput (MiB/s) that are requested for the EBS volume attached to an Amazon EC2 instance in the cluster.", + "title": "VolumeSpecification" }, - "Path": { - "markdownDescription": "The path of the Amazon DocumentDB or MongoDB target (database/collection).", - "title": "Path", - "type": "string" + "VolumesPerInstance": { + "markdownDescription": "Number of EBS volumes with a specific volume configuration that are associated with every instance in the instance group", + "title": "VolumesPerInstance", + "type": "number" } }, + "required": [ + "VolumeSpecification" + ], "type": "object" }, - "AWS::Glue::Crawler.RecrawlPolicy": { + "AWS::EMR::Cluster.EbsConfiguration": { "additionalProperties": false, "properties": { - "RecrawlBehavior": { - "markdownDescription": "Specifies whether to crawl the entire dataset again or to crawl only folders that were added since the last crawler run.\n\nA value of `CRAWL_EVERYTHING` specifies crawling the entire dataset again.\n\nA value of `CRAWL_NEW_FOLDERS_ONLY` specifies crawling only folders that were added since the last crawler run.\n\nA value of `CRAWL_EVENT_MODE` specifies crawling only the changes identified by Amazon S3 events.", - "title": "RecrawlBehavior", - "type": "string" + "EbsBlockDeviceConfigs": { + "items": { + "$ref": "#/definitions/AWS::EMR::Cluster.EbsBlockDeviceConfig" + }, + "markdownDescription": "An array of Amazon EBS volume specifications attached to a cluster instance.", + "title": "EbsBlockDeviceConfigs", + "type": "array" + }, + "EbsOptimized": { + "markdownDescription": "Indicates whether an Amazon EBS volume is EBS-optimized. The default is false. You should explicitly set this value to true to enable the Amazon EBS-optimized setting for an EC2 instance.", + "title": "EbsOptimized", + "type": "boolean" } }, "type": "object" }, - "AWS::Glue::Crawler.S3Target": { + "AWS::EMR::Cluster.HadoopJarStepConfig": { "additionalProperties": false, "properties": { - "ConnectionName": { - "markdownDescription": "The name of a connection which allows a job or crawler to access data in Amazon S3 within an Amazon Virtual Private Cloud environment (Amazon VPC).", - "title": "ConnectionName", - "type": "string" + "Args": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of command line arguments passed to the JAR file's main function when executed.", + "title": "Args", + "type": "array" }, - "DlqEventQueueArn": { - "markdownDescription": "A valid Amazon dead-letter SQS ARN. For example, `arn:aws:sqs:region:account:deadLetterQueue` .", - "title": "DlqEventQueueArn", + "Jar": { + "markdownDescription": "A path to a JAR file run during the step.", + "title": "Jar", "type": "string" }, - "EventQueueArn": { - "markdownDescription": "A valid Amazon SQS ARN. For example, `arn:aws:sqs:region:account:sqs` .", - "title": "EventQueueArn", + "MainClass": { + "markdownDescription": "The name of the main class in the specified Java file. If not specified, the JAR file should specify a Main-Class in its manifest file.", + "title": "MainClass", "type": "string" }, - "Exclusions": { + "StepProperties": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EMR::Cluster.KeyValue" }, - "markdownDescription": "A list of glob patterns used to exclude from the crawl. For more information, see [Catalog Tables with a Crawler](https://docs.aws.amazon.com/glue/latest/dg/add-crawler.html) .", - "title": "Exclusions", + "markdownDescription": "A list of Java properties that are set when the step runs. You can use these properties to pass key-value pairs to your main function.", + "title": "StepProperties", + "type": "array" + } + }, + "required": [ + "Jar" + ], + "type": "object" + }, + "AWS::EMR::Cluster.InstanceFleetConfig": { + "additionalProperties": false, + "properties": { + "InstanceTypeConfigs": { + "items": { + "$ref": "#/definitions/AWS::EMR::Cluster.InstanceTypeConfig" + }, + "markdownDescription": "The instance type configurations that define the Amazon EC2 instances in the instance fleet.", + "title": "InstanceTypeConfigs", "type": "array" }, - "Path": { - "markdownDescription": "The path to the Amazon S3 target.", - "title": "Path", + "LaunchSpecifications": { + "$ref": "#/definitions/AWS::EMR::Cluster.InstanceFleetProvisioningSpecifications", + "markdownDescription": "The launch specification for the instance fleet.", + "title": "LaunchSpecifications" + }, + "Name": { + "markdownDescription": "The friendly name of the instance fleet.", + "title": "Name", "type": "string" }, - "SampleSize": { - "markdownDescription": "Sets the number of files in each leaf folder to be crawled when crawling sample files in a dataset. If not set, all the files are crawled. A valid value is an integer between 1 and 249.", - "title": "SampleSize", + "ResizeSpecifications": { + "$ref": "#/definitions/AWS::EMR::Cluster.InstanceFleetResizingSpecifications", + "markdownDescription": "The resize specification for the instance fleet.", + "title": "ResizeSpecifications" + }, + "TargetOnDemandCapacity": { + "markdownDescription": "The target capacity of On-Demand units for the instance fleet, which determines how many On-Demand instances to provision. When the instance fleet launches, Amazon EMR tries to provision On-Demand instances as specified by `InstanceTypeConfig` . Each instance configuration has a specified `WeightedCapacity` . When an On-Demand instance is provisioned, the `WeightedCapacity` units count toward the target capacity. Amazon EMR provisions instances until the target capacity is totally fulfilled, even if this results in an overage. For example, if there are 2 units remaining to fulfill capacity, and Amazon EMR can only provision an instance with a `WeightedCapacity` of 5 units, the instance is provisioned, and the target capacity is exceeded by 3 units.\n\n> If not specified or set to 0, only Spot instances are provisioned for the instance fleet using `TargetSpotCapacity` . At least one of `TargetSpotCapacity` and `TargetOnDemandCapacity` should be greater than 0. For a master instance fleet, only one of `TargetSpotCapacity` and `TargetOnDemandCapacity` can be specified, and its value must be 1.", + "title": "TargetOnDemandCapacity", + "type": "number" + }, + "TargetSpotCapacity": { + "markdownDescription": "The target capacity of Spot units for the instance fleet, which determines how many Spot instances to provision. When the instance fleet launches, Amazon EMR tries to provision Spot instances as specified by `InstanceTypeConfig` . Each instance configuration has a specified `WeightedCapacity` . When a Spot instance is provisioned, the `WeightedCapacity` units count toward the target capacity. Amazon EMR provisions instances until the target capacity is totally fulfilled, even if this results in an overage. For example, if there are 2 units remaining to fulfill capacity, and Amazon EMR can only provision an instance with a `WeightedCapacity` of 5 units, the instance is provisioned, and the target capacity is exceeded by 3 units.\n\n> If not specified or set to 0, only On-Demand instances are provisioned for the instance fleet. At least one of `TargetSpotCapacity` and `TargetOnDemandCapacity` should be greater than 0. For a master instance fleet, only one of `TargetSpotCapacity` and `TargetOnDemandCapacity` can be specified, and its value must be 1.", + "title": "TargetSpotCapacity", "type": "number" } }, "type": "object" }, - "AWS::Glue::Crawler.Schedule": { + "AWS::EMR::Cluster.InstanceFleetProvisioningSpecifications": { "additionalProperties": false, "properties": { - "ScheduleExpression": { - "markdownDescription": "A `cron` expression used to specify the schedule. For more information, see [Time-Based Schedules for Jobs and Crawlers](https://docs.aws.amazon.com/glue/latest/dg/monitor-data-warehouse-schedule.html) . For example, to run something every day at 12:15 UTC, specify `cron(15 12 * * ? *)` .", - "title": "ScheduleExpression", - "type": "string" + "OnDemandSpecification": { + "$ref": "#/definitions/AWS::EMR::Cluster.OnDemandProvisioningSpecification", + "markdownDescription": "The launch specification for On-Demand Instances in the instance fleet, which determines the allocation strategy and capacity reservation options.\n\n> The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and later, excluding 5.0.x versions. On-Demand Instances allocation strategy is available in Amazon EMR releases 5.12.1 and later.", + "title": "OnDemandSpecification" + }, + "SpotSpecification": { + "$ref": "#/definitions/AWS::EMR::Cluster.SpotProvisioningSpecification", + "markdownDescription": "The launch specification for Spot instances in the fleet, which determines the allocation strategy, defined duration, and provisioning timeout behavior.", + "title": "SpotSpecification" } }, "type": "object" }, - "AWS::Glue::Crawler.SchemaChangePolicy": { + "AWS::EMR::Cluster.InstanceFleetResizingSpecifications": { "additionalProperties": false, "properties": { - "DeleteBehavior": { - "markdownDescription": "The deletion behavior when the crawler finds a deleted object.\n\nA value of `LOG` specifies that if a table or partition is found to no longer exist, do not delete it, only log that it was found to no longer exist.\n\nA value of `DELETE_FROM_DATABASE` specifies that if a table or partition is found to have been removed, delete it from the database.\n\nA value of `DEPRECATE_IN_DATABASE` specifies that if a table has been found to no longer exist, to add a property to the table that says \"DEPRECATED\" and includes a timestamp with the time of deprecation.", - "title": "DeleteBehavior", - "type": "string" + "OnDemandResizeSpecification": { + "$ref": "#/definitions/AWS::EMR::Cluster.OnDemandResizingSpecification", + "markdownDescription": "The resize specification for On-Demand Instances in the instance fleet, which contains the allocation strategy, capacity reservation options, and the resize timeout period.", + "title": "OnDemandResizeSpecification" }, - "UpdateBehavior": { - "markdownDescription": "The update behavior when the crawler finds a changed schema.\n\nA value of `LOG` specifies that if a table or a partition already exists, and a change is detected, do not update it, only log that a change was detected. Add new tables and new partitions (including on existing tables).\n\nA value of `UPDATE_IN_DATABASE` specifies that if a table or partition already exists, and a change is detected, update it. Add new tables and partitions.", - "title": "UpdateBehavior", - "type": "string" + "SpotResizeSpecification": { + "$ref": "#/definitions/AWS::EMR::Cluster.SpotResizingSpecification", + "markdownDescription": "The resize specification for Spot Instances in the instance fleet, which contains the allocation strategy and the resize timeout period.", + "title": "SpotResizeSpecification" } }, "type": "object" }, - "AWS::Glue::Crawler.Targets": { + "AWS::EMR::Cluster.InstanceGroupConfig": { "additionalProperties": false, "properties": { - "CatalogTargets": { + "AutoScalingPolicy": { + "$ref": "#/definitions/AWS::EMR::Cluster.AutoScalingPolicy", + "markdownDescription": "`AutoScalingPolicy` is a subproperty of the [InstanceGroupConfig](https://docs.aws.amazon.com//AWSCloudFormation/latest/UserGuide/aws-properties-emr-cluster-jobflowinstancesconfig-instancegroupconfig.html) property type that specifies the constraints and rules of an automatic scaling policy in Amazon EMR . The automatic scaling policy defines how an instance group dynamically adds and terminates EC2 instances in response to the value of a CloudWatch metric. Only core and task instance groups can use automatic scaling policies. For more information, see [Using Automatic Scaling in Amazon EMR](https://docs.aws.amazon.com//emr/latest/ManagementGuide/emr-automatic-scaling.html) .", + "title": "AutoScalingPolicy" + }, + "BidPrice": { + "markdownDescription": "If specified, indicates that the instance group uses Spot Instances. This is the maximum price you are willing to pay for Spot Instances. Specify `OnDemandPrice` to set the amount equal to the On-Demand price, or specify an amount in USD.", + "title": "BidPrice", + "type": "string" + }, + "Configurations": { "items": { - "$ref": "#/definitions/AWS::Glue::Crawler.CatalogTarget" + "$ref": "#/definitions/AWS::EMR::Cluster.Configuration" }, - "markdownDescription": "Specifies AWS Glue Data Catalog targets.", - "title": "CatalogTargets", + "markdownDescription": "> Amazon EMR releases 4.x or later. \n\nThe list of configurations supplied for an Amazon EMR cluster instance group. You can specify a separate configuration for each instance group (master, core, and task).", + "title": "Configurations", "type": "array" }, - "DeltaTargets": { + "CustomAmiId": { + "markdownDescription": "The custom AMI ID to use for the provisioned instance group.", + "title": "CustomAmiId", + "type": "string" + }, + "EbsConfiguration": { + "$ref": "#/definitions/AWS::EMR::Cluster.EbsConfiguration", + "markdownDescription": "EBS configurations that will be attached to each Amazon EC2 instance in the instance group.", + "title": "EbsConfiguration" + }, + "InstanceCount": { + "markdownDescription": "Target number of instances for the instance group.", + "title": "InstanceCount", + "type": "number" + }, + "InstanceType": { + "markdownDescription": "The Amazon EC2 instance type for all instances in the instance group.", + "title": "InstanceType", + "type": "string" + }, + "Market": { + "markdownDescription": "Market type of the Amazon EC2 instances used to create a cluster node.", + "title": "Market", + "type": "string" + }, + "Name": { + "markdownDescription": "Friendly name given to the instance group.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "InstanceCount", + "InstanceType" + ], + "type": "object" + }, + "AWS::EMR::Cluster.InstanceTypeConfig": { + "additionalProperties": false, + "properties": { + "BidPrice": { + "markdownDescription": "The bid price for each Amazon EC2 Spot Instance type as defined by `InstanceType` . Expressed in USD. If neither `BidPrice` nor `BidPriceAsPercentageOfOnDemandPrice` is provided, `BidPriceAsPercentageOfOnDemandPrice` defaults to 100%.", + "title": "BidPrice", + "type": "string" + }, + "BidPriceAsPercentageOfOnDemandPrice": { + "markdownDescription": "The bid price, as a percentage of On-Demand price, for each Amazon EC2 Spot Instance as defined by `InstanceType` . Expressed as a number (for example, 20 specifies 20%). If neither `BidPrice` nor `BidPriceAsPercentageOfOnDemandPrice` is provided, `BidPriceAsPercentageOfOnDemandPrice` defaults to 100%.", + "title": "BidPriceAsPercentageOfOnDemandPrice", + "type": "number" + }, + "Configurations": { "items": { - "$ref": "#/definitions/AWS::Glue::Crawler.DeltaTarget" + "$ref": "#/definitions/AWS::EMR::Cluster.Configuration" }, - "markdownDescription": "Specifies an array of Delta data store targets.", - "title": "DeltaTargets", + "markdownDescription": "A configuration classification that applies when provisioning cluster instances, which can include configurations for applications and software that run on the cluster.", + "title": "Configurations", "type": "array" }, - "DynamoDBTargets": { + "CustomAmiId": { + "markdownDescription": "The custom AMI ID to use for the instance type.", + "title": "CustomAmiId", + "type": "string" + }, + "EbsConfiguration": { + "$ref": "#/definitions/AWS::EMR::Cluster.EbsConfiguration", + "markdownDescription": "The configuration of Amazon Elastic Block Store (Amazon EBS) attached to each instance as defined by `InstanceType` .", + "title": "EbsConfiguration" + }, + "InstanceType": { + "markdownDescription": "An Amazon EC2 instance type, such as `m3.xlarge` .", + "title": "InstanceType", + "type": "string" + }, + "Priority": { + "markdownDescription": "The priority at which Amazon EMR launches the Amazon EC2 instances with this instance type. Priority starts at 0, which is the highest priority. Amazon EMR considers the highest priority first.", + "title": "Priority", + "type": "number" + }, + "WeightedCapacity": { + "markdownDescription": "The number of units that a provisioned instance of this type provides toward fulfilling the target capacities defined in `InstanceFleetConfig` . This value is 1 for a master instance fleet, and must be 1 or greater for core and task instance fleets. Defaults to 1 if not specified.", + "title": "WeightedCapacity", + "type": "number" + } + }, + "required": [ + "InstanceType" + ], + "type": "object" + }, + "AWS::EMR::Cluster.JobFlowInstancesConfig": { + "additionalProperties": false, + "properties": { + "AdditionalMasterSecurityGroups": { "items": { - "$ref": "#/definitions/AWS::Glue::Crawler.DynamoDBTarget" + "type": "string" }, - "markdownDescription": "Specifies Amazon DynamoDB targets.", - "title": "DynamoDBTargets", + "markdownDescription": "A list of additional Amazon EC2 security group IDs for the master node.", + "title": "AdditionalMasterSecurityGroups", "type": "array" }, - "IcebergTargets": { + "AdditionalSlaveSecurityGroups": { "items": { - "$ref": "#/definitions/AWS::Glue::Crawler.IcebergTarget" + "type": "string" }, - "markdownDescription": "Specifies Apache Iceberg data store targets.", - "title": "IcebergTargets", + "markdownDescription": "A list of additional Amazon EC2 security group IDs for the core and task nodes.", + "title": "AdditionalSlaveSecurityGroups", "type": "array" }, - "JdbcTargets": { + "CoreInstanceFleet": { + "$ref": "#/definitions/AWS::EMR::Cluster.InstanceFleetConfig", + "markdownDescription": "Describes the EC2 instances and instance configurations for the core instance fleet when using clusters with the instance fleet configuration.", + "title": "CoreInstanceFleet" + }, + "CoreInstanceGroup": { + "$ref": "#/definitions/AWS::EMR::Cluster.InstanceGroupConfig", + "markdownDescription": "Describes the EC2 instances and instance configurations for core instance groups when using clusters with the uniform instance group configuration.", + "title": "CoreInstanceGroup" + }, + "Ec2KeyName": { + "markdownDescription": "The name of the Amazon EC2 key pair that can be used to connect to the master node using SSH as the user called \"hadoop.\"", + "title": "Ec2KeyName", + "type": "string" + }, + "Ec2SubnetId": { + "markdownDescription": "Applies to clusters that use the uniform instance group configuration. To launch the cluster in Amazon Virtual Private Cloud (Amazon VPC), set this parameter to the identifier of the Amazon VPC subnet where you want the cluster to launch. If you do not specify this value and your account supports EC2-Classic, the cluster launches in EC2-Classic.", + "title": "Ec2SubnetId", + "type": "string" + }, + "Ec2SubnetIds": { "items": { - "$ref": "#/definitions/AWS::Glue::Crawler.JdbcTarget" + "type": "string" }, - "markdownDescription": "Specifies JDBC targets.", - "title": "JdbcTargets", + "markdownDescription": "Applies to clusters that use the instance fleet configuration. When multiple Amazon EC2 subnet IDs are specified, Amazon EMR evaluates them and launches instances in the optimal subnet.\n\n> The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and later, excluding 5.0.x versions.", + "title": "Ec2SubnetIds", "type": "array" }, - "MongoDBTargets": { + "EmrManagedMasterSecurityGroup": { + "markdownDescription": "The identifier of the Amazon EC2 security group for the master node. If you specify `EmrManagedMasterSecurityGroup` , you must also specify `EmrManagedSlaveSecurityGroup` .", + "title": "EmrManagedMasterSecurityGroup", + "type": "string" + }, + "EmrManagedSlaveSecurityGroup": { + "markdownDescription": "The identifier of the Amazon EC2 security group for the core and task nodes. If you specify `EmrManagedSlaveSecurityGroup` , you must also specify `EmrManagedMasterSecurityGroup` .", + "title": "EmrManagedSlaveSecurityGroup", + "type": "string" + }, + "HadoopVersion": { + "markdownDescription": "Applies only to Amazon EMR release versions earlier than 4.0. The Hadoop version for the cluster. Valid inputs are \"0.18\" (no longer maintained), \"0.20\" (no longer maintained), \"0.20.205\" (no longer maintained), \"1.0.3\", \"2.2.0\", or \"2.4.0\". If you do not set this value, the default of 0.18 is used, unless the `AmiVersion` parameter is set in the RunJobFlow call, in which case the default version of Hadoop for that AMI version is used.", + "title": "HadoopVersion", + "type": "string" + }, + "KeepJobFlowAliveWhenNoSteps": { + "markdownDescription": "Specifies whether the cluster should remain available after completing all steps. Defaults to `false` . For more information about configuring cluster termination, see [Control Cluster Termination](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-plan-termination.html) in the *EMR Management Guide* .", + "title": "KeepJobFlowAliveWhenNoSteps", + "type": "boolean" + }, + "MasterInstanceFleet": { + "$ref": "#/definitions/AWS::EMR::Cluster.InstanceFleetConfig", + "markdownDescription": "Describes the EC2 instances and instance configurations for the master instance fleet when using clusters with the instance fleet configuration.", + "title": "MasterInstanceFleet" + }, + "MasterInstanceGroup": { + "$ref": "#/definitions/AWS::EMR::Cluster.InstanceGroupConfig", + "markdownDescription": "Describes the EC2 instances and instance configurations for the master instance group when using clusters with the uniform instance group configuration.", + "title": "MasterInstanceGroup" + }, + "Placement": { + "$ref": "#/definitions/AWS::EMR::Cluster.PlacementType", + "markdownDescription": "The Availability Zone in which the cluster runs.", + "title": "Placement" + }, + "ServiceAccessSecurityGroup": { + "markdownDescription": "The identifier of the Amazon EC2 security group for the Amazon EMR service to access clusters in VPC private subnets.", + "title": "ServiceAccessSecurityGroup", + "type": "string" + }, + "TaskInstanceFleets": { "items": { - "$ref": "#/definitions/AWS::Glue::Crawler.MongoDBTarget" + "$ref": "#/definitions/AWS::EMR::Cluster.InstanceFleetConfig" }, - "markdownDescription": "A list of Mongo DB targets.", - "title": "MongoDBTargets", + "markdownDescription": "Describes the EC2 instances and instance configurations for the task instance fleets when using clusters with the instance fleet configuration. These task instance fleets are added to the cluster as part of the cluster launch. Each task instance fleet must have a unique name specified so that CloudFormation can differentiate between the task instance fleets.\n\n> You can currently specify only one task instance fleet for a cluster. After creating the cluster, you can only modify the mutable properties of `InstanceFleetConfig` , which are `TargetOnDemandCapacity` and `TargetSpotCapacity` . Modifying any other property results in cluster replacement. > To allow a maximum of 30 Amazon EC2 instance types per fleet, include `TaskInstanceFleets` when you create your cluster. If you create your cluster without `TaskInstanceFleets` , Amazon EMR uses its default allocation strategy, which allows for a maximum of five Amazon EC2 instance types.", + "title": "TaskInstanceFleets", "type": "array" }, - "S3Targets": { + "TaskInstanceGroups": { "items": { - "$ref": "#/definitions/AWS::Glue::Crawler.S3Target" + "$ref": "#/definitions/AWS::EMR::Cluster.InstanceGroupConfig" }, - "markdownDescription": "Specifies Amazon Simple Storage Service (Amazon S3) targets.", - "title": "S3Targets", + "markdownDescription": "Describes the EC2 instances and instance configurations for task instance groups when using clusters with the uniform instance group configuration. These task instance groups are added to the cluster as part of the cluster launch. Each task instance group must have a unique name specified so that CloudFormation can differentiate between the task instance groups.\n\n> After creating the cluster, you can only modify the mutable properties of `InstanceGroupConfig` , which are `AutoScalingPolicy` and `InstanceCount` . Modifying any other property results in cluster replacement.", + "title": "TaskInstanceGroups", "type": "array" + }, + "TerminationProtected": { + "markdownDescription": "Specifies whether to lock the cluster to prevent the Amazon EC2 instances from being terminated by API call, user intervention, or in the event of a job-flow error.", + "title": "TerminationProtected", + "type": "boolean" + }, + "UnhealthyNodeReplacement": { + "markdownDescription": "Indicates whether Amazon EMR should gracefully replace core nodes that have degraded within the cluster.", + "title": "UnhealthyNodeReplacement", + "type": "boolean" } }, "type": "object" }, - "AWS::Glue::CustomEntityType": { + "AWS::EMR::Cluster.KerberosAttributes": { "additionalProperties": false, "properties": { - "Condition": { + "ADDomainJoinPassword": { + "markdownDescription": "The Active Directory password for `ADDomainJoinUser` .", + "title": "ADDomainJoinPassword", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ADDomainJoinUser": { + "markdownDescription": "Required only when establishing a cross-realm trust with an Active Directory domain. A user with sufficient privileges to join resources to the domain.", + "title": "ADDomainJoinUser", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ContextWords": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of context words. If none of these context words are found within the vicinity of the regular expression the data will not be detected as sensitive data.\n\nIf no context words are passed only a regular expression is checked.", - "title": "ContextWords", - "type": "array" - }, - "Name": { - "markdownDescription": "A name for the custom pattern that allows it to be retrieved or deleted later. This name must be unique per AWS account.", - "title": "Name", - "type": "string" - }, - "RegexString": { - "markdownDescription": "A regular expression string that is used for detecting sensitive data in a custom pattern.", - "title": "RegexString", - "type": "string" - }, - "Tags": { - "markdownDescription": "AWS tags that contain a key value pair and may be searched by console, command line, or API.", - "title": "Tags", - "type": "object" - } - }, - "type": "object" + "CrossRealmTrustPrincipalPassword": { + "markdownDescription": "Required only when establishing a cross-realm trust with a KDC in a different realm. The cross-realm principal password, which must be identical across realms.", + "title": "CrossRealmTrustPrincipalPassword", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Glue::CustomEntityType" - ], + "KdcAdminPassword": { + "markdownDescription": "The password used within the cluster for the kadmin service on the cluster-dedicated KDC, which maintains Kerberos principals, password policies, and keytabs for the cluster.", + "title": "KdcAdminPassword", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Realm": { + "markdownDescription": "The name of the Kerberos realm to which all nodes in a cluster belong. For example, `EC2.INTERNAL` .", + "title": "Realm", "type": "string" } }, "required": [ - "Type" + "KdcAdminPassword", + "Realm" ], "type": "object" }, - "AWS::Glue::DataCatalogEncryptionSettings": { + "AWS::EMR::Cluster.KeyValue": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "CatalogId": { - "markdownDescription": "The ID of the Data Catalog in which the settings are created.", - "title": "CatalogId", - "type": "string" - }, - "DataCatalogEncryptionSettings": { - "$ref": "#/definitions/AWS::Glue::DataCatalogEncryptionSettings.DataCatalogEncryptionSettings", - "markdownDescription": "Contains configuration information for maintaining Data Catalog security.", - "title": "DataCatalogEncryptionSettings" - } - }, - "required": [ - "CatalogId", - "DataCatalogEncryptionSettings" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Glue::DataCatalogEncryptionSettings" - ], + "Key": { + "markdownDescription": "The unique identifier of a key-value pair.", + "title": "Key", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Value": { + "markdownDescription": "The value part of the identified key.", + "title": "Value", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Glue::DataCatalogEncryptionSettings.ConnectionPasswordEncryption": { + "AWS::EMR::Cluster.ManagedScalingPolicy": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "An AWS KMS key that is used to encrypt the connection password.\n\nIf connection password protection is enabled, the caller of `CreateConnection` and `UpdateConnection` needs at least `kms:Encrypt` permission on the specified AWS KMS key, to encrypt passwords before storing them in the Data Catalog. You can set the decrypt permission to enable or restrict access on the password key according to your security requirements.", - "title": "KmsKeyId", + "ComputeLimits": { + "$ref": "#/definitions/AWS::EMR::Cluster.ComputeLimits", + "markdownDescription": "The Amazon EC2 unit limits for a managed scaling policy. The managed scaling activity of a cluster is not allowed to go above or below these limits. The limit only applies to the core and task nodes. The master node cannot be scaled after initial configuration.", + "title": "ComputeLimits" + }, + "ScalingStrategy": { + "markdownDescription": "Determines whether a custom scaling utilization performance index can be set. Possible values include *ADVANCED* or *DEFAULT* .", + "title": "ScalingStrategy", "type": "string" }, - "ReturnConnectionPasswordEncrypted": { - "markdownDescription": "When the `ReturnConnectionPasswordEncrypted` flag is set to \"true\", passwords remain encrypted in the responses of `GetConnection` and `GetConnections` . This encryption takes effect independently from catalog encryption.", - "title": "ReturnConnectionPasswordEncrypted", - "type": "boolean" + "UtilizationPerformanceIndex": { + "markdownDescription": "An integer value that represents an advanced scaling strategy. Setting a higher value optimizes for performance. Setting a lower value optimizes for resource conservation. Setting the value to 50 balances performance and resource conservation. Possible values are 1, 25, 50, 75, and 100.", + "title": "UtilizationPerformanceIndex", + "type": "number" } }, "type": "object" }, - "AWS::Glue::DataCatalogEncryptionSettings.DataCatalogEncryptionSettings": { + "AWS::EMR::Cluster.MetricDimension": { "additionalProperties": false, "properties": { - "ConnectionPasswordEncryption": { - "$ref": "#/definitions/AWS::Glue::DataCatalogEncryptionSettings.ConnectionPasswordEncryption", - "markdownDescription": "When connection password protection is enabled, the Data Catalog uses a customer-provided key to encrypt the password as part of `CreateConnection` or `UpdateConnection` and store it in the `ENCRYPTED_PASSWORD` field in the connection properties. You can enable catalog encryption or only password encryption.", - "title": "ConnectionPasswordEncryption" + "Key": { + "markdownDescription": "The dimension name.", + "title": "Key", + "type": "string" }, - "EncryptionAtRest": { - "$ref": "#/definitions/AWS::Glue::DataCatalogEncryptionSettings.EncryptionAtRest", - "markdownDescription": "Specifies the encryption-at-rest configuration for the Data Catalog.", - "title": "EncryptionAtRest" + "Value": { + "markdownDescription": "The dimension value.", + "title": "Value", + "type": "string" } }, + "required": [ + "Key", + "Value" + ], "type": "object" }, - "AWS::Glue::DataCatalogEncryptionSettings.EncryptionAtRest": { + "AWS::EMR::Cluster.OnDemandCapacityReservationOptions": { "additionalProperties": false, "properties": { - "CatalogEncryptionMode": { - "markdownDescription": "The encryption-at-rest mode for encrypting Data Catalog data.", - "title": "CatalogEncryptionMode", + "CapacityReservationPreference": { + "markdownDescription": "Indicates the instance's Capacity Reservation preferences. Possible preferences include:\n\n- `open` - The instance can run in any open Capacity Reservation that has matching attributes (instance type, platform, Availability Zone).\n- `none` - The instance avoids running in a Capacity Reservation even if one is available. The instance runs as an On-Demand Instance.", + "title": "CapacityReservationPreference", "type": "string" }, - "CatalogEncryptionServiceRole": { - "markdownDescription": "The role that AWS Glue assumes to encrypt and decrypt the Data Catalog objects on the caller's behalf.", - "title": "CatalogEncryptionServiceRole", + "CapacityReservationResourceGroupArn": { + "markdownDescription": "The ARN of the Capacity Reservation resource group in which to run the instance.", + "title": "CapacityReservationResourceGroupArn", "type": "string" }, - "SseAwsKmsKeyId": { - "markdownDescription": "The ID of the AWS KMS key to use for encryption at rest.", - "title": "SseAwsKmsKeyId", + "UsageStrategy": { + "markdownDescription": "Indicates whether to use unused Capacity Reservations for fulfilling On-Demand capacity.\n\nIf you specify `use-capacity-reservations-first` , the fleet uses unused Capacity Reservations to fulfill On-Demand capacity up to the target On-Demand capacity. If multiple instance pools have unused Capacity Reservations, the On-Demand allocation strategy ( `lowest-price` ) is applied. If the number of unused Capacity Reservations is less than the On-Demand target capacity, the remaining On-Demand target capacity is launched according to the On-Demand allocation strategy ( `lowest-price` ).\n\nIf you do not specify a value, the fleet fulfills the On-Demand capacity according to the chosen On-Demand allocation strategy.", + "title": "UsageStrategy", "type": "string" } }, "type": "object" }, - "AWS::Glue::DataQualityRuleset": { + "AWS::EMR::Cluster.OnDemandProvisioningSpecification": { "additionalProperties": false, "properties": { - "Condition": { + "AllocationStrategy": { + "markdownDescription": "Specifies the strategy to use in launching On-Demand instance fleets. Available options are `lowest-price` and `prioritized` . `lowest-price` specifies to launch the instances with the lowest price first, and `prioritized` specifies that Amazon EMR should launch the instances with the highest priority first. The default is `lowest-price` .", + "title": "AllocationStrategy", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "CapacityReservationOptions": { + "$ref": "#/definitions/AWS::EMR::Cluster.OnDemandCapacityReservationOptions", + "markdownDescription": "The launch specification for On-Demand instances in the instance fleet, which determines the allocation strategy.", + "title": "CapacityReservationOptions" + } + }, + "required": [ + "AllocationStrategy" + ], + "type": "object" + }, + "AWS::EMR::Cluster.OnDemandResizingSpecification": { + "additionalProperties": false, + "properties": { + "AllocationStrategy": { + "markdownDescription": "Specifies the allocation strategy to use to launch On-Demand instances during a resize. The default is `lowest-price` .", + "title": "AllocationStrategy", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ClientToken": { - "markdownDescription": "Used for idempotency and is recommended to be set to a random ID (such as a UUID) to avoid creating or starting multiple instances of the same resource.", - "title": "ClientToken", - "type": "string" - }, - "Description": { - "markdownDescription": "A description of the data quality ruleset.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the data quality ruleset.", - "title": "Name", - "type": "string" - }, - "Ruleset": { - "markdownDescription": "A Data Quality Definition Language (DQDL) ruleset. For more information see the AWS Glue Developer Guide.", - "title": "Ruleset", - "type": "string" - }, - "Tags": { - "markdownDescription": "A list of tags applied to the data quality ruleset.", - "title": "Tags", - "type": "object" - }, - "TargetTable": { - "$ref": "#/definitions/AWS::Glue::DataQualityRuleset.DataQualityTargetTable", - "markdownDescription": "An object representing an AWS Glue table.", - "title": "TargetTable" - } - }, - "type": "object" + "CapacityReservationOptions": { + "$ref": "#/definitions/AWS::EMR::Cluster.OnDemandCapacityReservationOptions", + "markdownDescription": "", + "title": "CapacityReservationOptions" }, - "Type": { - "enum": [ - "AWS::Glue::DataQualityRuleset" - ], + "TimeoutDurationMinutes": { + "markdownDescription": "On-Demand resize timeout in minutes. If On-Demand Instances are not provisioned within this time, the resize workflow stops. The minimum value is 5 minutes, and the maximum value is 10,080 minutes (7 days). The timeout applies to all resize workflows on the Instance Fleet. The resize could be triggered by Amazon EMR Managed Scaling or by the customer (via Amazon EMR Console, Amazon EMR CLI modify-instance-fleet or Amazon EMR SDK ModifyInstanceFleet API) or by Amazon EMR due to Amazon EC2 Spot Reclamation.", + "title": "TimeoutDurationMinutes", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EMR::Cluster.PlacementGroupConfig": { + "additionalProperties": false, + "properties": { + "InstanceRole": { + "markdownDescription": "Role of the instance in the cluster.\n\nStarting with Amazon EMR release 5.23.0, the only supported instance role is `MASTER` .", + "title": "InstanceRole", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "PlacementStrategy": { + "markdownDescription": "Amazon EC2 Placement Group strategy associated with instance role.\n\nStarting with Amazon EMR release 5.23.0, the only supported placement strategy is `SPREAD` for the `MASTER` instance role.", + "title": "PlacementStrategy", "type": "string" } }, "required": [ - "Type" + "InstanceRole" ], "type": "object" }, - "AWS::Glue::DataQualityRuleset.DataQualityTargetTable": { + "AWS::EMR::Cluster.PlacementType": { "additionalProperties": false, "properties": { - "DatabaseName": { - "markdownDescription": "The name of the database where the AWS Glue table exists.", - "title": "DatabaseName", - "type": "string" - }, - "TableName": { - "markdownDescription": "The name of the AWS Glue table.", - "title": "TableName", + "AvailabilityZone": { + "markdownDescription": "The Amazon EC2 Availability Zone for the cluster. `AvailabilityZone` is used for uniform instance groups, while `AvailabilityZones` (plural) is used for instance fleets.", + "title": "AvailabilityZone", "type": "string" } }, + "required": [ + "AvailabilityZone" + ], "type": "object" }, - "AWS::Glue::Database": { + "AWS::EMR::Cluster.ScalingAction": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "CatalogId": { - "markdownDescription": "The AWS account ID for the account in which to create the catalog object.\n\n> To specify the account ID, you can use the `Ref` intrinsic function with the `AWS::AccountId` pseudo parameter. For example: `!Ref AWS::AccountId`", - "title": "CatalogId", - "type": "string" - }, - "DatabaseInput": { - "$ref": "#/definitions/AWS::Glue::Database.DatabaseInput", - "markdownDescription": "The metadata for the database.", - "title": "DatabaseInput" - } - }, - "required": [ - "CatalogId", - "DatabaseInput" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Glue::Database" - ], + "Market": { + "markdownDescription": "Not available for instance groups. Instance groups use the market type specified for the group.", + "title": "Market", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "SimpleScalingPolicyConfiguration": { + "$ref": "#/definitions/AWS::EMR::Cluster.SimpleScalingPolicyConfiguration", + "markdownDescription": "The type of adjustment the automatic scaling activity makes when triggered, and the periodicity of the adjustment.", + "title": "SimpleScalingPolicyConfiguration" } }, "required": [ - "Type", - "Properties" + "SimpleScalingPolicyConfiguration" ], "type": "object" }, - "AWS::Glue::Database.DataLakePrincipal": { + "AWS::EMR::Cluster.ScalingConstraints": { "additionalProperties": false, "properties": { - "DataLakePrincipalIdentifier": { - "markdownDescription": "An identifier for the AWS Lake Formation principal.", - "title": "DataLakePrincipalIdentifier", - "type": "string" + "MaxCapacity": { + "markdownDescription": "The upper boundary of Amazon EC2 instances in an instance group beyond which scaling activities are not allowed to grow. Scale-out activities will not add instances beyond this boundary.", + "title": "MaxCapacity", + "type": "number" + }, + "MinCapacity": { + "markdownDescription": "The lower boundary of Amazon EC2 instances in an instance group below which scaling activities are not allowed to shrink. Scale-in activities will not terminate instances below this boundary.", + "title": "MinCapacity", + "type": "number" } }, + "required": [ + "MaxCapacity", + "MinCapacity" + ], "type": "object" }, - "AWS::Glue::Database.DatabaseIdentifier": { + "AWS::EMR::Cluster.ScalingRule": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The ID of the Data Catalog in which the database resides.", - "title": "CatalogId", - "type": "string" + "Action": { + "$ref": "#/definitions/AWS::EMR::Cluster.ScalingAction", + "markdownDescription": "The conditions that trigger an automatic scaling activity.", + "title": "Action" }, - "DatabaseName": { - "markdownDescription": "The name of the catalog database.", - "title": "DatabaseName", + "Description": { + "markdownDescription": "A friendly, more verbose description of the automatic scaling rule.", + "title": "Description", "type": "string" }, - "Region": { - "markdownDescription": "The Region of the database.", - "title": "Region", + "Name": { + "markdownDescription": "The name used to identify an automatic scaling rule. Rule names must be unique within a scaling policy.", + "title": "Name", "type": "string" + }, + "Trigger": { + "$ref": "#/definitions/AWS::EMR::Cluster.ScalingTrigger", + "markdownDescription": "The CloudWatch alarm definition that determines when automatic scaling activity is triggered.", + "title": "Trigger" + } + }, + "required": [ + "Action", + "Name", + "Trigger" + ], + "type": "object" + }, + "AWS::EMR::Cluster.ScalingTrigger": { + "additionalProperties": false, + "properties": { + "CloudWatchAlarmDefinition": { + "$ref": "#/definitions/AWS::EMR::Cluster.CloudWatchAlarmDefinition", + "markdownDescription": "The definition of a CloudWatch metric alarm. When the defined alarm conditions are met along with other trigger parameters, scaling activity begins.", + "title": "CloudWatchAlarmDefinition" } }, + "required": [ + "CloudWatchAlarmDefinition" + ], "type": "object" }, - "AWS::Glue::Database.DatabaseInput": { + "AWS::EMR::Cluster.ScriptBootstrapActionConfig": { "additionalProperties": false, "properties": { - "CreateTableDefaultPermissions": { + "Args": { "items": { - "$ref": "#/definitions/AWS::Glue::Database.PrincipalPrivileges" + "type": "string" }, - "markdownDescription": "Creates a set of default permissions on the table for principals. Used by AWS Lake Formation . Not used in the normal course of AWS Glue operations.", - "title": "CreateTableDefaultPermissions", + "markdownDescription": "A list of command line arguments to pass to the bootstrap action script.", + "title": "Args", "type": "array" }, - "Description": { - "markdownDescription": "A description of the database.", - "title": "Description", + "Path": { + "markdownDescription": "Location in Amazon S3 of the script to run during a bootstrap action.", + "title": "Path", + "type": "string" + } + }, + "required": [ + "Path" + ], + "type": "object" + }, + "AWS::EMR::Cluster.SimpleScalingPolicyConfiguration": { + "additionalProperties": false, + "properties": { + "AdjustmentType": { + "markdownDescription": "The way in which Amazon EC2 instances are added (if `ScalingAdjustment` is a positive number) or terminated (if `ScalingAdjustment` is a negative number) each time the scaling activity is triggered. `CHANGE_IN_CAPACITY` is the default. `CHANGE_IN_CAPACITY` indicates that the Amazon EC2 instance count increments or decrements by `ScalingAdjustment` , which should be expressed as an integer. `PERCENT_CHANGE_IN_CAPACITY` indicates the instance count increments or decrements by the percentage specified by `ScalingAdjustment` , which should be expressed as an integer. For example, 20 indicates an increase in 20% increments of cluster capacity. `EXACT_CAPACITY` indicates the scaling activity results in an instance group with the number of Amazon EC2 instances specified by `ScalingAdjustment` , which should be expressed as a positive integer.", + "title": "AdjustmentType", "type": "string" }, - "FederatedDatabase": { - "$ref": "#/definitions/AWS::Glue::Database.FederatedDatabase", - "markdownDescription": "A `FederatedDatabase` structure that references an entity outside the AWS Glue Data Catalog .", - "title": "FederatedDatabase" + "CoolDown": { + "markdownDescription": "The amount of time, in seconds, after a scaling activity completes before any further trigger-related scaling activities can start. The default value is 0.", + "title": "CoolDown", + "type": "number" }, - "LocationUri": { - "markdownDescription": "The location of the database (for example, an HDFS path).", - "title": "LocationUri", + "ScalingAdjustment": { + "markdownDescription": "The amount by which to scale in or scale out, based on the specified `AdjustmentType` . A positive value adds to the instance group's Amazon EC2 instance count while a negative number removes instances. If `AdjustmentType` is set to `EXACT_CAPACITY` , the number should only be a positive integer. If `AdjustmentType` is set to `PERCENT_CHANGE_IN_CAPACITY` , the value should express the percentage as an integer. For example, -20 indicates a decrease in 20% increments of cluster capacity.", + "title": "ScalingAdjustment", + "type": "number" + } + }, + "required": [ + "ScalingAdjustment" + ], + "type": "object" + }, + "AWS::EMR::Cluster.SpotProvisioningSpecification": { + "additionalProperties": false, + "properties": { + "AllocationStrategy": { + "markdownDescription": "Specifies one of the following strategies to launch Spot Instance fleets: `capacity-optimized` , `price-capacity-optimized` , `lowest-price` , or `diversified` , and `capacity-optimized-prioritized` . For more information on the provisioning strategies, see [Allocation strategies for Spot Instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-allocation-strategy.html) in the *Amazon EC2 User Guide for Linux Instances* .\n\n> When you launch a Spot Instance fleet with the old console, it automatically launches with the `capacity-optimized` strategy. You can't change the allocation strategy from the old console.", + "title": "AllocationStrategy", "type": "string" }, - "Name": { - "markdownDescription": "The name of the database. For Hive compatibility, this is folded to lowercase when it is stored.", - "title": "Name", + "BlockDurationMinutes": { + "markdownDescription": "The defined duration for Spot Instances (also known as Spot blocks) in minutes. When specified, the Spot Instance does not terminate before the defined duration expires, and defined duration pricing for Spot Instances applies. Valid values are 60, 120, 180, 240, 300, or 360. The duration period starts as soon as a Spot Instance receives its instance ID. At the end of the duration, Amazon EC2 marks the Spot Instance for termination and provides a Spot Instance termination notice, which gives the instance a two-minute warning before it terminates.\n\n> Spot Instances with a defined duration (also known as Spot blocks) are no longer available to new customers from July 1, 2021. For customers who have previously used the feature, we will continue to support Spot Instances with a defined duration until December 31, 2022.", + "title": "BlockDurationMinutes", + "type": "number" + }, + "TimeoutAction": { + "markdownDescription": "The action to take when `TargetSpotCapacity` has not been fulfilled when the `TimeoutDurationMinutes` has expired; that is, when all Spot Instances could not be provisioned within the Spot provisioning timeout. Valid values are `TERMINATE_CLUSTER` and `SWITCH_TO_ON_DEMAND` . SWITCH_TO_ON_DEMAND specifies that if no Spot Instances are available, On-Demand Instances should be provisioned to fulfill any remaining Spot capacity.", + "title": "TimeoutAction", "type": "string" }, - "Parameters": { - "markdownDescription": "These key-value pairs define parameters and properties of the database.", - "title": "Parameters", - "type": "object" + "TimeoutDurationMinutes": { + "markdownDescription": "The Spot provisioning timeout period in minutes. If Spot Instances are not provisioned within this time period, the `TimeOutAction` is taken. Minimum value is 5 and maximum value is 1440. The timeout applies only during initial provisioning, when the cluster is first created.", + "title": "TimeoutDurationMinutes", + "type": "number" + } + }, + "required": [ + "TimeoutAction", + "TimeoutDurationMinutes" + ], + "type": "object" + }, + "AWS::EMR::Cluster.SpotResizingSpecification": { + "additionalProperties": false, + "properties": { + "AllocationStrategy": { + "markdownDescription": "Specifies the allocation strategy to use to launch Spot instances during a resize. If you run Amazon EMR releases 6.9.0 or higher, the default is `price-capacity-optimized` . If you run Amazon EMR releases 6.8.0 or lower, the default is `capacity-optimized` .", + "title": "AllocationStrategy", + "type": "string" }, - "TargetDatabase": { - "$ref": "#/definitions/AWS::Glue::Database.DatabaseIdentifier", - "markdownDescription": "A `DatabaseIdentifier` structure that describes a target database for resource linking.", - "title": "TargetDatabase" + "TimeoutDurationMinutes": { + "markdownDescription": "Spot resize timeout in minutes. If Spot Instances are not provisioned within this time, the resize workflow will stop provisioning of Spot instances. Minimum value is 5 minutes and maximum value is 10,080 minutes (7 days). The timeout applies to all resize workflows on the Instance Fleet. The resize could be triggered by Amazon EMR Managed Scaling or by the customer (via Amazon EMR Console, Amazon EMR CLI modify-instance-fleet or Amazon EMR SDK ModifyInstanceFleet API) or by Amazon EMR due to Amazon EC2 Spot Reclamation.", + "title": "TimeoutDurationMinutes", + "type": "number" } }, "type": "object" }, - "AWS::Glue::Database.FederatedDatabase": { + "AWS::EMR::Cluster.StepConfig": { "additionalProperties": false, "properties": { - "ConnectionName": { - "markdownDescription": "The name of the connection to the external metastore.", - "title": "ConnectionName", + "ActionOnFailure": { + "markdownDescription": "The action to take when the cluster step fails. Possible values are `CANCEL_AND_WAIT` and `CONTINUE` .", + "title": "ActionOnFailure", "type": "string" }, - "Identifier": { - "markdownDescription": "A unique identifier for the federated database.", - "title": "Identifier", + "HadoopJarStep": { + "$ref": "#/definitions/AWS::EMR::Cluster.HadoopJarStepConfig", + "markdownDescription": "The JAR file used for the step.", + "title": "HadoopJarStep" + }, + "Name": { + "markdownDescription": "The name of the step.", + "title": "Name", "type": "string" } }, + "required": [ + "HadoopJarStep", + "Name" + ], "type": "object" }, - "AWS::Glue::Database.PrincipalPrivileges": { + "AWS::EMR::Cluster.VolumeSpecification": { "additionalProperties": false, "properties": { - "Permissions": { - "items": { - "type": "string" - }, - "markdownDescription": "The permissions that are granted to the principal.", - "title": "Permissions", - "type": "array" + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS) that the volume supports.", + "title": "Iops", + "type": "number" }, - "Principal": { - "$ref": "#/definitions/AWS::Glue::Database.DataLakePrincipal", - "markdownDescription": "The principal who is granted permissions.", - "title": "Principal" + "SizeInGB": { + "markdownDescription": "The volume size, in gibibytes (GiB). This can be a number from 1 - 1024. If the volume type is EBS-optimized, the minimum value is 10.", + "title": "SizeInGB", + "type": "number" + }, + "Throughput": { + "markdownDescription": "The throughput, in mebibyte per second (MiB/s). This optional parameter can be a number from 125 - 1000 and is valid only for gp3 volumes.", + "title": "Throughput", + "type": "number" + }, + "VolumeType": { + "markdownDescription": "The volume type. Volume types supported are gp3, gp2, io1, st1, sc1, and standard.", + "title": "VolumeType", + "type": "string" } }, + "required": [ + "SizeInGB", + "VolumeType" + ], "type": "object" }, - "AWS::Glue::DevEndpoint": { + "AWS::EMR::InstanceFleetConfig": { "additionalProperties": false, "properties": { "Condition": { @@ -106264,96 +110298,59 @@ "Properties": { "additionalProperties": false, "properties": { - "Arguments": { - "markdownDescription": "A map of arguments used to configure the `DevEndpoint` .\n\nValid arguments are:\n\n- `\"--enable-glue-datacatalog\": \"\"`\n- `\"GLUE_PYTHON_VERSION\": \"3\"`\n- `\"GLUE_PYTHON_VERSION\": \"2\"`\n\nYou can specify a version of Python support for development endpoints by using the `Arguments` parameter in the `CreateDevEndpoint` or `UpdateDevEndpoint` APIs. If no arguments are provided, the version defaults to Python 2.", - "title": "Arguments", - "type": "object" - }, - "EndpointName": { - "markdownDescription": "The name of the `DevEndpoint` .", - "title": "EndpointName", - "type": "string" - }, - "ExtraJarsS3Path": { - "markdownDescription": "The path to one or more Java `.jar` files in an S3 bucket that should be loaded in your `DevEndpoint` .\n\n> You can only use pure Java/Scala libraries with a `DevEndpoint` .", - "title": "ExtraJarsS3Path", - "type": "string" - }, - "ExtraPythonLibsS3Path": { - "markdownDescription": "The paths to one or more Python libraries in an Amazon S3 bucket that should be loaded in your `DevEndpoint` . Multiple values must be complete paths separated by a comma.\n\n> You can only use pure Python libraries with a `DevEndpoint` . Libraries that rely on C extensions, such as the [pandas](https://docs.aws.amazon.com/http://pandas.pydata.org/) Python data analysis library, are not currently supported.", - "title": "ExtraPythonLibsS3Path", - "type": "string" - }, - "GlueVersion": { - "markdownDescription": "The AWS Glue version determines the versions of Apache Spark and Python that AWS Glue supports. The Python version indicates the version supported for running your ETL scripts on development endpoints.\n\nFor more information about the available AWS Glue versions and corresponding Spark and Python versions, see [Glue version](https://docs.aws.amazon.com/glue/latest/dg/add-job.html) in the developer guide.\n\nDevelopment endpoints that are created without specifying a Glue version default to Glue 0.9.\n\nYou can specify a version of Python support for development endpoints by using the `Arguments` parameter in the `CreateDevEndpoint` or `UpdateDevEndpoint` APIs. If no arguments are provided, the version defaults to Python 2.", - "title": "GlueVersion", + "ClusterId": { + "markdownDescription": "The unique identifier of the EMR cluster.", + "title": "ClusterId", "type": "string" }, - "NumberOfNodes": { - "markdownDescription": "The number of AWS Glue Data Processing Units (DPUs) allocated to this `DevEndpoint` .", - "title": "NumberOfNodes", - "type": "number" - }, - "NumberOfWorkers": { - "markdownDescription": "The number of workers of a defined `workerType` that are allocated to the development endpoint.\n\nThe maximum number of workers you can define are 299 for `G.1X` , and 149 for `G.2X` .", - "title": "NumberOfWorkers", - "type": "number" - }, - "PublicKey": { - "markdownDescription": "The public key to be used by this `DevEndpoint` for authentication. This attribute is provided for backward compatibility because the recommended attribute to use is public keys.", - "title": "PublicKey", + "InstanceFleetType": { + "markdownDescription": "The node type that the instance fleet hosts.\n\n*Allowed Values* : TASK", + "title": "InstanceFleetType", "type": "string" }, - "PublicKeys": { + "InstanceTypeConfigs": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.InstanceTypeConfig" }, - "markdownDescription": "A list of public keys to be used by the `DevEndpoints` for authentication. Using this attribute is preferred over a single public key because the public keys allow you to have a different private key per client.\n\n> If you previously created an endpoint with a public key, you must remove that key to be able to set a list of public keys. Call the `UpdateDevEndpoint` API operation with the public key content in the `deletePublicKeys` attribute, and the list of new keys in the `addPublicKeys` attribute.", - "title": "PublicKeys", + "markdownDescription": "`InstanceTypeConfigs` determine the EC2 instances that Amazon EMR attempts to provision to fulfill On-Demand and Spot target capacities.\n\n> The instance fleet configuration is available only in Amazon EMR versions 4.8.0 and later, excluding 5.0.x versions.", + "title": "InstanceTypeConfigs", "type": "array" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role used in this `DevEndpoint` .", - "title": "RoleArn", - "type": "string" + "LaunchSpecifications": { + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.InstanceFleetProvisioningSpecifications", + "markdownDescription": "The launch specification for the instance fleet.", + "title": "LaunchSpecifications" }, - "SecurityConfiguration": { - "markdownDescription": "The name of the `SecurityConfiguration` structure to be used with this `DevEndpoint` .", - "title": "SecurityConfiguration", + "Name": { + "markdownDescription": "The friendly name of the instance fleet.", + "title": "Name", "type": "string" }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of security group identifiers used in this `DevEndpoint` .", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetId": { - "markdownDescription": "The subnet ID for this `DevEndpoint` .", - "title": "SubnetId", - "type": "string" + "ResizeSpecifications": { + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.InstanceFleetResizingSpecifications", + "markdownDescription": "The resize specification for the instance fleet.", + "title": "ResizeSpecifications" }, - "Tags": { - "markdownDescription": "The tags to use with this DevEndpoint.", - "title": "Tags", - "type": "object" + "TargetOnDemandCapacity": { + "markdownDescription": "The target capacity of On-Demand units for the instance fleet, which determines how many On-Demand instances to provision. When the instance fleet launches, Amazon EMR tries to provision On-Demand instances as specified by `InstanceTypeConfig` . Each instance configuration has a specified `WeightedCapacity` . When an On-Demand instance is provisioned, the `WeightedCapacity` units count toward the target capacity. Amazon EMR provisions instances until the target capacity is totally fulfilled, even if this results in an overage. For example, if there are 2 units remaining to fulfill capacity, and Amazon EMR can only provision an instance with a `WeightedCapacity` of 5 units, the instance is provisioned, and the target capacity is exceeded by 3 units.\n\n> If not specified or set to 0, only Spot instances are provisioned for the instance fleet using `TargetSpotCapacity` . At least one of `TargetSpotCapacity` and `TargetOnDemandCapacity` should be greater than 0. For a master instance fleet, only one of `TargetSpotCapacity` and `TargetOnDemandCapacity` can be specified, and its value must be 1.", + "title": "TargetOnDemandCapacity", + "type": "number" }, - "WorkerType": { - "markdownDescription": "The type of predefined worker that is allocated to the development endpoint. Accepts a value of Standard, G.1X, or G.2X.\n\n- For the `Standard` worker type, each worker provides 4 vCPU, 16 GB of memory and a 50GB disk, and 2 executors per worker.\n- For the `G.1X` worker type, each worker maps to 1 DPU (4 vCPU, 16 GB of memory, 64 GB disk), and provides 1 executor per worker. We recommend this worker type for memory-intensive jobs.\n- For the `G.2X` worker type, each worker maps to 2 DPU (8 vCPU, 32 GB of memory, 128 GB disk), and provides 1 executor per worker. We recommend this worker type for memory-intensive jobs.\n\nKnown issue: when a development endpoint is created with the `G.2X` `WorkerType` configuration, the Spark drivers for the development endpoint will run on 4 vCPU, 16 GB of memory, and a 64 GB disk.", - "title": "WorkerType", - "type": "string" + "TargetSpotCapacity": { + "markdownDescription": "The target capacity of Spot units for the instance fleet, which determines how many Spot instances to provision. When the instance fleet launches, Amazon EMR tries to provision Spot instances as specified by `InstanceTypeConfig` . Each instance configuration has a specified `WeightedCapacity` . When a Spot instance is provisioned, the `WeightedCapacity` units count toward the target capacity. Amazon EMR provisions instances until the target capacity is totally fulfilled, even if this results in an overage. For example, if there are 2 units remaining to fulfill capacity, and Amazon EMR can only provision an instance with a `WeightedCapacity` of 5 units, the instance is provisioned, and the target capacity is exceeded by 3 units.\n\n> If not specified or set to 0, only On-Demand instances are provisioned for the instance fleet. At least one of `TargetSpotCapacity` and `TargetOnDemandCapacity` should be greater than 0. For a master instance fleet, only one of `TargetSpotCapacity` and `TargetOnDemandCapacity` can be specified, and its value must be 1.", + "title": "TargetSpotCapacity", + "type": "number" } }, "required": [ - "RoleArn" + "ClusterId", + "InstanceFleetType" ], "type": "object" }, "Type": { "enum": [ - "AWS::Glue::DevEndpoint" + "AWS::EMR::InstanceFleetConfig" ], "type": "string" }, @@ -106372,488 +110369,296 @@ ], "type": "object" }, - "AWS::Glue::Job": { + "AWS::EMR::InstanceFleetConfig.Configuration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Classification": { + "markdownDescription": "The classification within a configuration.", + "title": "Classification", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + "ConfigurationProperties": { + "additionalProperties": true, + "markdownDescription": "Within a configuration classification, a set of properties that represent the settings that you want to change in the configuration file. Duplicates not allowed.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" } - ] - }, - "Metadata": { + }, + "title": "ConfigurationProperties", "type": "object" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AllocatedCapacity": { - "markdownDescription": "This parameter is no longer supported. Use `MaxCapacity` instead.\n\nThe number of capacity units that are allocated to this job.", - "title": "AllocatedCapacity", - "type": "number" - }, - "Command": { - "$ref": "#/definitions/AWS::Glue::Job.JobCommand", - "markdownDescription": "The code that executes a job.", - "title": "Command" - }, - "Connections": { - "$ref": "#/definitions/AWS::Glue::Job.ConnectionsList", - "markdownDescription": "The connections used for this job.", - "title": "Connections" - }, - "DefaultArguments": { - "markdownDescription": "The default arguments for this job, specified as name-value pairs.\n\nYou can specify arguments here that your own job-execution script consumes, in addition to arguments that AWS Glue itself consumes.\n\nFor information about how to specify and consume your own job arguments, see [Calling AWS Glue APIs in Python](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-python-calling.html) in the *AWS Glue Developer Guide* .\n\nFor information about the key-value pairs that AWS Glue consumes to set up your job, see [Special Parameters Used by AWS Glue](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-etl-glue-arguments.html) in the *AWS Glue Developer Guide* .", - "title": "DefaultArguments", - "type": "object" - }, - "Description": { - "markdownDescription": "A description of the job.", - "title": "Description", - "type": "string" - }, - "ExecutionClass": { - "markdownDescription": "Indicates whether the job is run with a standard or flexible execution class. The standard execution class is ideal for time-sensitive workloads that require fast job startup and dedicated resources.\n\nThe flexible execution class is appropriate for time-insensitive jobs whose start and completion times may vary.\n\nOnly jobs with AWS Glue version 3.0 and above and command type `glueetl` will be allowed to set `ExecutionClass` to `FLEX` . The flexible execution class is available for Spark jobs.", - "title": "ExecutionClass", - "type": "string" - }, - "ExecutionProperty": { - "$ref": "#/definitions/AWS::Glue::Job.ExecutionProperty", - "markdownDescription": "The maximum number of concurrent runs that are allowed for this job.", - "title": "ExecutionProperty" - }, - "GlueVersion": { - "markdownDescription": "Glue version determines the versions of Apache Spark and Python that AWS Glue supports. The Python version indicates the version supported for jobs of type Spark.\n\nFor more information about the available AWS Glue versions and corresponding Spark and Python versions, see [Glue version](https://docs.aws.amazon.com/glue/latest/dg/add-job.html) in the developer guide.\n\nJobs that are created without specifying a Glue version default to the latest Glue version available.", - "title": "GlueVersion", - "type": "string" - }, - "LogUri": { - "markdownDescription": "This field is reserved for future use.", - "title": "LogUri", - "type": "string" - }, - "MaxCapacity": { - "markdownDescription": "The number of AWS Glue data processing units (DPUs) that can be allocated when this job runs. A DPU is a relative measure of processing power that consists of 4 vCPUs of compute capacity and 16 GB of memory.\n\nDo not set `Max Capacity` if using `WorkerType` and `NumberOfWorkers` .\n\nThe value that can be allocated for `MaxCapacity` depends on whether you are running a Python shell job or an Apache Spark ETL job:\n\n- When you specify a Python shell job ( `JobCommand.Name` =\"pythonshell\"), you can allocate either 0.0625 or 1 DPU. The default is 0.0625 DPU.\n- When you specify an Apache Spark ETL job ( `JobCommand.Name` =\"glueetl\"), you can allocate from 2 to 100 DPUs. The default is 10 DPUs. This job type cannot have a fractional DPU allocation.", - "title": "MaxCapacity", - "type": "number" - }, - "MaxRetries": { - "markdownDescription": "The maximum number of times to retry this job after a JobRun fails.", - "title": "MaxRetries", - "type": "number" - }, - "Name": { - "markdownDescription": "The name you assign to this job definition.", - "title": "Name", - "type": "string" - }, - "NonOverridableArguments": { - "markdownDescription": "Non-overridable arguments for this job, specified as name-value pairs.", - "title": "NonOverridableArguments", - "type": "object" - }, - "NotificationProperty": { - "$ref": "#/definitions/AWS::Glue::Job.NotificationProperty", - "markdownDescription": "Specifies configuration properties of a notification.", - "title": "NotificationProperty" - }, - "NumberOfWorkers": { - "markdownDescription": "The number of workers of a defined `workerType` that are allocated when a job runs.\n\nThe maximum number of workers you can define are 299 for `G.1X` , and 149 for `G.2X` .", - "title": "NumberOfWorkers", - "type": "number" - }, - "Role": { - "markdownDescription": "The name or Amazon Resource Name (ARN) of the IAM role associated with this job.", - "title": "Role", - "type": "string" - }, - "SecurityConfiguration": { - "markdownDescription": "The name of the `SecurityConfiguration` structure to be used with this job.", - "title": "SecurityConfiguration", - "type": "string" - }, - "Tags": { - "markdownDescription": "The tags to use with this job.", - "title": "Tags", - "type": "object" - }, - "Timeout": { - "markdownDescription": "The job timeout in minutes. This is the maximum time that a job run can consume resources before it is terminated and enters TIMEOUT status. The default is 2,880 minutes (48 hours).", - "title": "Timeout", - "type": "number" - }, - "WorkerType": { - "markdownDescription": "The type of predefined worker that is allocated when a job runs. Accepts a value of G.1X, G.2X, G.4X, G.8X or G.025X for Spark jobs. Accepts the value Z.2X for Ray jobs.\n\n- For the `G.1X` worker type, each worker maps to 1 DPU (4 vCPUs, 16 GB of memory) with 94GB disk, and provides 1 executor per worker. We recommend this worker type for workloads such as data transforms, joins, and queries, to offers a scalable and cost effective way to run most jobs.\n- For the `G.2X` worker type, each worker maps to 2 DPU (8 vCPUs, 32 GB of memory) with 138GB disk, and provides 1 executor per worker. We recommend this worker type for workloads such as data transforms, joins, and queries, to offers a scalable and cost effective way to run most jobs.\n- For the `G.4X` worker type, each worker maps to 4 DPU (16 vCPUs, 64 GB of memory) with 256GB disk, and provides 1 executor per worker. We recommend this worker type for jobs whose workloads contain your most demanding transforms, aggregations, joins, and queries. This worker type is available only for AWS Glue version 3.0 or later Spark ETL jobs in the following AWS Regions: US East (Ohio), US East (N. Virginia), US West (Oregon), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Canada (Central), Europe (Frankfurt), Europe (Ireland), and Europe (Stockholm).\n- For the `G.8X` worker type, each worker maps to 8 DPU (32 vCPUs, 128 GB of memory) with 512GB disk, and provides 1 executor per worker. We recommend this worker type for jobs whose workloads contain your most demanding transforms, aggregations, joins, and queries. This worker type is available only for AWS Glue version 3.0 or later Spark ETL jobs, in the same AWS Regions as supported for the `G.4X` worker type.\n- For the `G.025X` worker type, each worker maps to 0.25 DPU (2 vCPUs, 4 GB of memory) with 84GB disk, and provides 1 executor per worker. We recommend this worker type for low volume streaming jobs. This worker type is only available for AWS Glue version 3.0 or later streaming jobs.\n- For the `Z.2X` worker type, each worker maps to 2 M-DPU (8vCPUs, 64 GB of memory) with 128 GB disk, and provides up to 8 Ray workers based on the autoscaler.", - "title": "WorkerType", - "type": "string" - } + "Configurations": { + "items": { + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.Configuration" }, - "required": [ - "Command", - "Role" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Glue::Job" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "markdownDescription": "A list of additional configurations to apply within a configuration object.", + "title": "Configurations", + "type": "array" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Glue::Job.ConnectionsList": { + "AWS::EMR::InstanceFleetConfig.EbsBlockDeviceConfig": { "additionalProperties": false, "properties": { - "Connections": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of connections used by the job.", - "title": "Connections", - "type": "array" + "VolumeSpecification": { + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.VolumeSpecification", + "markdownDescription": "EBS volume specifications such as volume type, IOPS, size (GiB) and throughput (MiB/s) that are requested for the EBS volume attached to an Amazon EC2 instance in the cluster.", + "title": "VolumeSpecification" + }, + "VolumesPerInstance": { + "markdownDescription": "Number of EBS volumes with a specific volume configuration that are associated with every instance in the instance group", + "title": "VolumesPerInstance", + "type": "number" } }, + "required": [ + "VolumeSpecification" + ], "type": "object" }, - "AWS::Glue::Job.ExecutionProperty": { + "AWS::EMR::InstanceFleetConfig.EbsConfiguration": { "additionalProperties": false, "properties": { - "MaxConcurrentRuns": { - "markdownDescription": "The maximum number of concurrent runs allowed for the job. The default is 1. An error is returned when this threshold is reached. The maximum value you can specify is controlled by a service limit.", - "title": "MaxConcurrentRuns", - "type": "number" + "EbsBlockDeviceConfigs": { + "items": { + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.EbsBlockDeviceConfig" + }, + "markdownDescription": "An array of Amazon EBS volume specifications attached to a cluster instance.", + "title": "EbsBlockDeviceConfigs", + "type": "array" + }, + "EbsOptimized": { + "markdownDescription": "Indicates whether an Amazon EBS volume is EBS-optimized. The default is false. You should explicitly set this value to true to enable the Amazon EBS-optimized setting for an EC2 instance.", + "title": "EbsOptimized", + "type": "boolean" } }, "type": "object" }, - "AWS::Glue::Job.JobCommand": { + "AWS::EMR::InstanceFleetConfig.InstanceFleetProvisioningSpecifications": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the job command. For an Apache Spark ETL job, this must be `glueetl` . For a Python shell job, it must be `pythonshell` . For an Apache Spark streaming ETL job, this must be `gluestreaming` . For a Ray job, this must be `glueray` .", - "title": "Name", - "type": "string" - }, - "PythonVersion": { - "markdownDescription": "The Python version being used to execute a Python shell job. Allowed values are 3 or 3.9. Version 2 is deprecated.", - "title": "PythonVersion", - "type": "string" - }, - "Runtime": { - "markdownDescription": "In Ray jobs, Runtime is used to specify the versions of Ray, Python and additional libraries available in your environment. This field is not used in other job types. For supported runtime environment values, see [Working with Ray jobs](https://docs.aws.amazon.com/glue/latest/dg/ray-jobs-section.html) in the AWS Glue Developer Guide.", - "title": "Runtime", - "type": "string" + "OnDemandSpecification": { + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.OnDemandProvisioningSpecification", + "markdownDescription": "The launch specification for On-Demand Instances in the instance fleet, which determines the allocation strategy and capacity reservation options.\n\n> The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and later, excluding 5.0.x versions. On-Demand Instances allocation strategy is available in Amazon EMR releases 5.12.1 and later.", + "title": "OnDemandSpecification" }, - "ScriptLocation": { - "markdownDescription": "Specifies the Amazon Simple Storage Service (Amazon S3) path to a script that executes a job (required).", - "title": "ScriptLocation", - "type": "string" + "SpotSpecification": { + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.SpotProvisioningSpecification", + "markdownDescription": "The launch specification for Spot instances in the fleet, which determines the allocation strategy, defined duration, and provisioning timeout behavior.", + "title": "SpotSpecification" } }, "type": "object" }, - "AWS::Glue::Job.NotificationProperty": { + "AWS::EMR::InstanceFleetConfig.InstanceFleetResizingSpecifications": { "additionalProperties": false, "properties": { - "NotifyDelayAfter": { - "markdownDescription": "After a job run starts, the number of minutes to wait before sending a job run delay notification.", - "title": "NotifyDelayAfter", - "type": "number" + "OnDemandResizeSpecification": { + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.OnDemandResizingSpecification", + "markdownDescription": "The resize specification for On-Demand Instances in the instance fleet, which contains the allocation strategy, capacity reservation options, and the resize timeout period.", + "title": "OnDemandResizeSpecification" + }, + "SpotResizeSpecification": { + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.SpotResizingSpecification", + "markdownDescription": "The resize specification for Spot Instances in the instance fleet, which contains the allocation strategy and the resize timeout period.", + "title": "SpotResizeSpecification" } }, "type": "object" }, - "AWS::Glue::MLTransform": { + "AWS::EMR::InstanceFleetConfig.InstanceTypeConfig": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "BidPrice": { + "markdownDescription": "The bid price for each Amazon EC2 Spot Instance type as defined by `InstanceType` . Expressed in USD. If neither `BidPrice` nor `BidPriceAsPercentageOfOnDemandPrice` is provided, `BidPriceAsPercentageOfOnDemandPrice` defaults to 100%.", + "title": "BidPrice", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "BidPriceAsPercentageOfOnDemandPrice": { + "markdownDescription": "The bid price, as a percentage of On-Demand price, for each Amazon EC2 Spot Instance as defined by `InstanceType` . Expressed as a number (for example, 20 specifies 20%). If neither `BidPrice` nor `BidPriceAsPercentageOfOnDemandPrice` is provided, `BidPriceAsPercentageOfOnDemandPrice` defaults to 100%.", + "title": "BidPriceAsPercentageOfOnDemandPrice", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A user-defined, long-form description text for the machine learning transform.", - "title": "Description", - "type": "string" - }, - "GlueVersion": { - "markdownDescription": "This value determines which version of AWS Glue this machine learning transform is compatible with. Glue 1.0 is recommended for most customers. If the value is not set, the Glue compatibility defaults to Glue 0.9. For more information, see [AWS Glue Versions](https://docs.aws.amazon.com/glue/latest/dg/release-notes.html#release-notes-versions) in the developer guide.", - "title": "GlueVersion", - "type": "string" - }, - "InputRecordTables": { - "$ref": "#/definitions/AWS::Glue::MLTransform.InputRecordTables", - "markdownDescription": "A list of AWS Glue table definitions used by the transform.", - "title": "InputRecordTables" - }, - "MaxCapacity": { - "markdownDescription": "The number of AWS Glue data processing units (DPUs) that are allocated to task runs for this transform. You can allocate from 2 to 100 DPUs; the default is 10. A DPU is a relative measure of processing power that consists of 4 vCPUs of compute capacity and 16 GB of memory. For more information, see the [AWS Glue pricing page](https://docs.aws.amazon.com/glue/pricing/) .\n\n`MaxCapacity` is a mutually exclusive option with `NumberOfWorkers` and `WorkerType` .\n\n- If either `NumberOfWorkers` or `WorkerType` is set, then `MaxCapacity` cannot be set.\n- If `MaxCapacity` is set then neither `NumberOfWorkers` or `WorkerType` can be set.\n- If `WorkerType` is set, then `NumberOfWorkers` is required (and vice versa).\n- `MaxCapacity` and `NumberOfWorkers` must both be at least 1.\n\nWhen the `WorkerType` field is set to a value other than `Standard` , the `MaxCapacity` field is set automatically and becomes read-only.", - "title": "MaxCapacity", - "type": "number" - }, - "MaxRetries": { - "markdownDescription": "The maximum number of times to retry after an `MLTaskRun` of the machine learning transform fails.", - "title": "MaxRetries", - "type": "number" - }, - "Name": { - "markdownDescription": "A user-defined name for the machine learning transform. Names are required to be unique. `Name` is optional:\n\n- If you supply `Name` , the stack cannot be repeatedly created.\n- If `Name` is not provided, a randomly generated name will be used instead.", - "title": "Name", - "type": "string" - }, - "NumberOfWorkers": { - "markdownDescription": "The number of workers of a defined `workerType` that are allocated when a task of the transform runs.\n\nIf `WorkerType` is set, then `NumberOfWorkers` is required (and vice versa).", - "title": "NumberOfWorkers", - "type": "number" - }, - "Role": { - "markdownDescription": "The name or Amazon Resource Name (ARN) of the IAM role with the required permissions. The required permissions include both AWS Glue service role permissions to AWS Glue resources, and Amazon S3 permissions required by the transform.\n\n- This role needs AWS Glue service role permissions to allow access to resources in AWS Glue . See [Attach a Policy to IAM Users That Access AWS Glue](https://docs.aws.amazon.com/glue/latest/dg/attach-policy-iam-user.html) .\n- This role needs permission to your Amazon Simple Storage Service (Amazon S3) sources, targets, temporary directory, scripts, and any libraries used by the task run for this transform.", - "title": "Role", - "type": "string" - }, - "Tags": { - "markdownDescription": "The tags to use with this machine learning transform. You may use tags to limit access to the machine learning transform. For more information about tags in AWS Glue , see [AWS Tags in AWS Glue](https://docs.aws.amazon.com/glue/latest/dg/monitor-tags.html) in the developer guide.", - "title": "Tags", - "type": "object" - }, - "Timeout": { - "markdownDescription": "The timeout in minutes of the machine learning transform.", - "title": "Timeout", - "type": "number" - }, - "TransformEncryption": { - "$ref": "#/definitions/AWS::Glue::MLTransform.TransformEncryption", - "markdownDescription": "The encryption-at-rest settings of the transform that apply to accessing user data. Machine learning\ntransforms can access user data encrypted in Amazon S3 using KMS.\n\nAdditionally, imported labels and trained transforms can now be encrypted using a customer provided\nKMS key.", - "title": "TransformEncryption" - }, - "TransformParameters": { - "$ref": "#/definitions/AWS::Glue::MLTransform.TransformParameters", - "markdownDescription": "The algorithm-specific parameters that are associated with the machine learning transform.", - "title": "TransformParameters" - }, - "WorkerType": { - "markdownDescription": "The type of predefined worker that is allocated when a task of this transform runs. Accepts a value of Standard, G.1X, or G.2X.\n\n- For the `Standard` worker type, each worker provides 4 vCPU, 16 GB of memory and a 50GB disk, and 2 executors per worker.\n- For the `G.1X` worker type, each worker provides 4 vCPU, 16 GB of memory and a 64GB disk, and 1 executor per worker.\n- For the `G.2X` worker type, each worker provides 8 vCPU, 32 GB of memory and a 128GB disk, and 1 executor per worker.\n\n`MaxCapacity` is a mutually exclusive option with `NumberOfWorkers` and `WorkerType` .\n\n- If either `NumberOfWorkers` or `WorkerType` is set, then `MaxCapacity` cannot be set.\n- If `MaxCapacity` is set then neither `NumberOfWorkers` or `WorkerType` can be set.\n- If `WorkerType` is set, then `NumberOfWorkers` is required (and vice versa).\n- `MaxCapacity` and `NumberOfWorkers` must both be at least 1.", - "title": "WorkerType", - "type": "string" - } + "Configurations": { + "items": { + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.Configuration" }, - "required": [ - "InputRecordTables", - "Role", - "TransformParameters" - ], - "type": "object" + "markdownDescription": "> Amazon EMR releases 4.x or later. \n\nAn optional configuration specification to be used when provisioning cluster instances, which can include configurations for applications and software bundled with Amazon EMR. A configuration consists of a classification, properties, and optional nested configurations. A classification refers to an application-specific configuration file. Properties are the settings you want to change in that file. For more information, see [Configuring Applications](https://docs.aws.amazon.com/emr/latest/ReleaseGuide/emr-configure-apps.html) .", + "title": "Configurations", + "type": "array" }, - "Type": { - "enum": [ - "AWS::Glue::MLTransform" - ], + "CustomAmiId": { + "markdownDescription": "The custom AMI ID to use for the instance type.", + "title": "CustomAmiId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "EbsConfiguration": { + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.EbsConfiguration", + "markdownDescription": "The configuration of Amazon Elastic Block Store (Amazon EBS) attached to each instance as defined by `InstanceType` .", + "title": "EbsConfiguration" + }, + "InstanceType": { + "markdownDescription": "An Amazon EC2 instance type, such as `m3.xlarge` .", + "title": "InstanceType", "type": "string" + }, + "Priority": { + "markdownDescription": "The priority at which Amazon EMR launches the Amazon EC2 instances with this instance type. Priority starts at 0, which is the highest priority. Amazon EMR considers the highest priority first.", + "title": "Priority", + "type": "number" + }, + "WeightedCapacity": { + "markdownDescription": "The number of units that a provisioned instance of this type provides toward fulfilling the target capacities defined in `InstanceFleetConfig` . This value is 1 for a master instance fleet, and must be 1 or greater for core and task instance fleets. Defaults to 1 if not specified.", + "title": "WeightedCapacity", + "type": "number" } }, "required": [ - "Type", - "Properties" + "InstanceType" ], "type": "object" }, - "AWS::Glue::MLTransform.FindMatchesParameters": { + "AWS::EMR::InstanceFleetConfig.OnDemandCapacityReservationOptions": { "additionalProperties": false, "properties": { - "AccuracyCostTradeoff": { - "markdownDescription": "The value that is selected when tuning your transform for a balance between accuracy and cost. A value of 0.5 means that the system balances accuracy and cost concerns. A value of 1.0 means a bias purely for accuracy, which typically results in a higher cost, sometimes substantially higher. A value of 0.0 means a bias purely for cost, which results in a less accurate `FindMatches` transform, sometimes with unacceptable accuracy.\n\nAccuracy measures how well the transform finds true positives and true negatives. Increasing accuracy requires more machine resources and cost. But it also results in increased recall.\n\nCost measures how many compute resources, and thus money, are consumed to run the transform.", - "title": "AccuracyCostTradeoff", - "type": "number" - }, - "EnforceProvidedLabels": { - "markdownDescription": "The value to switch on or off to force the output to match the provided labels from users. If the value is `True` , the `find matches` transform forces the output to match the provided labels. The results override the normal conflation results. If the value is `False` , the `find matches` transform does not ensure all the labels provided are respected, and the results rely on the trained model.\n\nNote that setting this value to true may increase the conflation execution time.", - "title": "EnforceProvidedLabels", - "type": "boolean" + "CapacityReservationPreference": { + "markdownDescription": "Indicates the instance's Capacity Reservation preferences. Possible preferences include:\n\n- `open` - The instance can run in any open Capacity Reservation that has matching attributes (instance type, platform, Availability Zone).\n- `none` - The instance avoids running in a Capacity Reservation even if one is available. The instance runs as an On-Demand Instance.", + "title": "CapacityReservationPreference", + "type": "string" }, - "PrecisionRecallTradeoff": { - "markdownDescription": "The value selected when tuning your transform for a balance between precision and recall. A value of 0.5 means no preference; a value of 1.0 means a bias purely for precision, and a value of 0.0 means a bias for recall. Because this is a tradeoff, choosing values close to 1.0 means very low recall, and choosing values close to 0.0 results in very low precision.\n\nThe precision metric indicates how often your model is correct when it predicts a match.\n\nThe recall metric indicates that for an actual match, how often your model predicts the match.", - "title": "PrecisionRecallTradeoff", - "type": "number" + "CapacityReservationResourceGroupArn": { + "markdownDescription": "The ARN of the Capacity Reservation resource group in which to run the instance.", + "title": "CapacityReservationResourceGroupArn", + "type": "string" }, - "PrimaryKeyColumnName": { - "markdownDescription": "The name of a column that uniquely identifies rows in the source table. Used to help identify matching records.", - "title": "PrimaryKeyColumnName", + "UsageStrategy": { + "markdownDescription": "Indicates whether to use unused Capacity Reservations for fulfilling On-Demand capacity.\n\nIf you specify `use-capacity-reservations-first` , the fleet uses unused Capacity Reservations to fulfill On-Demand capacity up to the target On-Demand capacity. If multiple instance pools have unused Capacity Reservations, the On-Demand allocation strategy ( `lowest-price` ) is applied. If the number of unused Capacity Reservations is less than the On-Demand target capacity, the remaining On-Demand target capacity is launched according to the On-Demand allocation strategy ( `lowest-price` ).\n\nIf you do not specify a value, the fleet fulfills the On-Demand capacity according to the chosen On-Demand allocation strategy.", + "title": "UsageStrategy", "type": "string" } }, - "required": [ - "PrimaryKeyColumnName" - ], "type": "object" }, - "AWS::Glue::MLTransform.GlueTables": { + "AWS::EMR::InstanceFleetConfig.OnDemandProvisioningSpecification": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "A unique identifier for the AWS Glue Data Catalog .", - "title": "CatalogId", - "type": "string" - }, - "ConnectionName": { - "markdownDescription": "The name of the connection to the AWS Glue Data Catalog .", - "title": "ConnectionName", - "type": "string" - }, - "DatabaseName": { - "markdownDescription": "A database name in the AWS Glue Data Catalog .", - "title": "DatabaseName", + "AllocationStrategy": { + "markdownDescription": "Specifies the strategy to use in launching On-Demand instance fleets. Available options are `lowest-price` and `prioritized` . `lowest-price` specifies to launch the instances with the lowest price first, and `prioritized` specifies that Amazon EMR should launch the instances with the highest priority first. The default is `lowest-price` .", + "title": "AllocationStrategy", "type": "string" }, - "TableName": { - "markdownDescription": "A table name in the AWS Glue Data Catalog .", - "title": "TableName", - "type": "string" + "CapacityReservationOptions": { + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.OnDemandCapacityReservationOptions", + "markdownDescription": "The launch specification for On-Demand instances in the instance fleet, which determines the allocation strategy.", + "title": "CapacityReservationOptions" } }, "required": [ - "DatabaseName", - "TableName" + "AllocationStrategy" ], "type": "object" }, - "AWS::Glue::MLTransform.InputRecordTables": { + "AWS::EMR::InstanceFleetConfig.OnDemandResizingSpecification": { "additionalProperties": false, "properties": { - "GlueTables": { - "items": { - "$ref": "#/definitions/AWS::Glue::MLTransform.GlueTables" - }, - "markdownDescription": "The database and table in the AWS Glue Data Catalog that is used for input or output data.", - "title": "GlueTables", - "type": "array" + "AllocationStrategy": { + "markdownDescription": "Specifies the allocation strategy to use to launch On-Demand instances during a resize. The default is `lowest-price` .", + "title": "AllocationStrategy", + "type": "string" + }, + "CapacityReservationOptions": { + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.OnDemandCapacityReservationOptions", + "markdownDescription": "", + "title": "CapacityReservationOptions" + }, + "TimeoutDurationMinutes": { + "markdownDescription": "On-Demand resize timeout in minutes. If On-Demand Instances are not provisioned within this time, the resize workflow stops. The minimum value is 5 minutes, and the maximum value is 10,080 minutes (7 days). The timeout applies to all resize workflows on the Instance Fleet. The resize could be triggered by Amazon EMR Managed Scaling or by the customer (via Amazon EMR Console, Amazon EMR CLI modify-instance-fleet or Amazon EMR SDK ModifyInstanceFleet API) or by Amazon EMR due to Amazon EC2 Spot Reclamation.", + "title": "TimeoutDurationMinutes", + "type": "number" } }, "type": "object" }, - "AWS::Glue::MLTransform.MLUserDataEncryption": { + "AWS::EMR::InstanceFleetConfig.SpotProvisioningSpecification": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "The ID for the customer-provided KMS key.", - "title": "KmsKeyId", + "AllocationStrategy": { + "markdownDescription": "Specifies one of the following strategies to launch Spot Instance fleets: `capacity-optimized` , `price-capacity-optimized` , `lowest-price` , or `diversified` , and `capacity-optimized-prioritized` . For more information on the provisioning strategies, see [Allocation strategies for Spot Instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-allocation-strategy.html) in the *Amazon EC2 User Guide for Linux Instances* .\n\n> When you launch a Spot Instance fleet with the old console, it automatically launches with the `capacity-optimized` strategy. You can't change the allocation strategy from the old console.", + "title": "AllocationStrategy", "type": "string" }, - "MLUserDataEncryptionMode": { - "markdownDescription": "The encryption mode applied to user data. Valid values are:\n\n- DISABLED: encryption is disabled.\n- SSEKMS: use of server-side encryption with AWS Key Management Service (SSE-KMS) for user data\nstored in Amazon S3.", - "title": "MLUserDataEncryptionMode", + "BlockDurationMinutes": { + "markdownDescription": "The defined duration for Spot Instances (also known as Spot blocks) in minutes. When specified, the Spot Instance does not terminate before the defined duration expires, and defined duration pricing for Spot Instances applies. Valid values are 60, 120, 180, 240, 300, or 360. The duration period starts as soon as a Spot Instance receives its instance ID. At the end of the duration, Amazon EC2 marks the Spot Instance for termination and provides a Spot Instance termination notice, which gives the instance a two-minute warning before it terminates.\n\n> Spot Instances with a defined duration (also known as Spot blocks) are no longer available to new customers from July 1, 2021. For customers who have previously used the feature, we will continue to support Spot Instances with a defined duration until December 31, 2022.", + "title": "BlockDurationMinutes", + "type": "number" + }, + "TimeoutAction": { + "markdownDescription": "The action to take when `TargetSpotCapacity` has not been fulfilled when the `TimeoutDurationMinutes` has expired; that is, when all Spot Instances could not be provisioned within the Spot provisioning timeout. Valid values are `TERMINATE_CLUSTER` and `SWITCH_TO_ON_DEMAND` . SWITCH_TO_ON_DEMAND specifies that if no Spot Instances are available, On-Demand Instances should be provisioned to fulfill any remaining Spot capacity.", + "title": "TimeoutAction", "type": "string" + }, + "TimeoutDurationMinutes": { + "markdownDescription": "The Spot provisioning timeout period in minutes. If Spot Instances are not provisioned within this time period, the `TimeOutAction` is taken. Minimum value is 5 and maximum value is 1440. The timeout applies only during initial provisioning, when the cluster is first created.", + "title": "TimeoutDurationMinutes", + "type": "number" } }, "required": [ - "MLUserDataEncryptionMode" + "TimeoutAction", + "TimeoutDurationMinutes" ], "type": "object" }, - "AWS::Glue::MLTransform.TransformEncryption": { + "AWS::EMR::InstanceFleetConfig.SpotResizingSpecification": { "additionalProperties": false, "properties": { - "MLUserDataEncryption": { - "$ref": "#/definitions/AWS::Glue::MLTransform.MLUserDataEncryption", - "markdownDescription": "The encryption-at-rest settings of the transform that apply to accessing user data.", - "title": "MLUserDataEncryption" - }, - "TaskRunSecurityConfigurationName": { - "markdownDescription": "The name of the security configuration.", - "title": "TaskRunSecurityConfigurationName", + "AllocationStrategy": { + "markdownDescription": "Specifies the allocation strategy to use to launch Spot instances during a resize. If you run Amazon EMR releases 6.9.0 or higher, the default is `price-capacity-optimized` . If you run Amazon EMR releases 6.8.0 or lower, the default is `capacity-optimized` .", + "title": "AllocationStrategy", "type": "string" + }, + "TimeoutDurationMinutes": { + "markdownDescription": "Spot resize timeout in minutes. If Spot Instances are not provisioned within this time, the resize workflow will stop provisioning of Spot instances. Minimum value is 5 minutes and maximum value is 10,080 minutes (7 days). The timeout applies to all resize workflows on the Instance Fleet. The resize could be triggered by Amazon EMR Managed Scaling or by the customer (via Amazon EMR Console, Amazon EMR CLI modify-instance-fleet or Amazon EMR SDK ModifyInstanceFleet API) or by Amazon EMR due to Amazon EC2 Spot Reclamation.", + "title": "TimeoutDurationMinutes", + "type": "number" } }, "type": "object" }, - "AWS::Glue::MLTransform.TransformParameters": { + "AWS::EMR::InstanceFleetConfig.VolumeSpecification": { "additionalProperties": false, "properties": { - "FindMatchesParameters": { - "$ref": "#/definitions/AWS::Glue::MLTransform.FindMatchesParameters", - "markdownDescription": "The parameters for the find matches algorithm.", - "title": "FindMatchesParameters" + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS) that the volume supports.", + "title": "Iops", + "type": "number" }, - "TransformType": { - "markdownDescription": "The type of machine learning transform. `FIND_MATCHES` is the only option.\n\nFor information about the types of machine learning transforms, see [Working with machine learning transforms](https://docs.aws.amazon.com/glue/latest/dg/console-machine-learning-transforms.html) .", - "title": "TransformType", + "SizeInGB": { + "markdownDescription": "The volume size, in gibibytes (GiB). This can be a number from 1 - 1024. If the volume type is EBS-optimized, the minimum value is 10.", + "title": "SizeInGB", + "type": "number" + }, + "Throughput": { + "markdownDescription": "The throughput, in mebibyte per second (MiB/s). This optional parameter can be a number from 125 - 1000 and is valid only for gp3 volumes.", + "title": "Throughput", + "type": "number" + }, + "VolumeType": { + "markdownDescription": "The volume type. Volume types supported are gp3, gp2, io1, st1, sc1, and standard.", + "title": "VolumeType", "type": "string" } }, "required": [ - "TransformType" + "SizeInGB", + "VolumeType" ], "type": "object" }, - "AWS::Glue::Partition": { + "AWS::EMR::InstanceGroupConfig": { "additionalProperties": false, "properties": { "Condition": { @@ -106888,38 +110693,76 @@ "Properties": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The AWS account ID of the catalog in which the partion is to be created.\n\n> To specify the account ID, you can use the `Ref` intrinsic function with the `AWS::AccountId` pseudo parameter. For example: `!Ref AWS::AccountId`", - "title": "CatalogId", + "AutoScalingPolicy": { + "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.AutoScalingPolicy", + "markdownDescription": "`AutoScalingPolicy` is a subproperty of `InstanceGroupConfig` . `AutoScalingPolicy` defines how an instance group dynamically adds and terminates EC2 instances in response to the value of a CloudWatch metric. For more information, see [Using Automatic Scaling in Amazon EMR](https://docs.aws.amazon.com//emr/latest/ManagementGuide/emr-automatic-scaling.html) in the *Amazon EMR Management Guide* .", + "title": "AutoScalingPolicy" + }, + "BidPrice": { + "markdownDescription": "If specified, indicates that the instance group uses Spot Instances. This is the maximum price you are willing to pay for Spot Instances. Specify `OnDemandPrice` to set the amount equal to the On-Demand price, or specify an amount in USD.", + "title": "BidPrice", "type": "string" }, - "DatabaseName": { - "markdownDescription": "The name of the catalog database in which to create the partition.", - "title": "DatabaseName", + "Configurations": { + "items": { + "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.Configuration" + }, + "markdownDescription": "> Amazon EMR releases 4.x or later. \n\nThe list of configurations supplied for an Amazon EMR cluster instance group. You can specify a separate configuration for each instance group (master, core, and task).", + "title": "Configurations", + "type": "array" + }, + "CustomAmiId": { + "markdownDescription": "The custom AMI ID to use for the provisioned instance group.", + "title": "CustomAmiId", "type": "string" }, - "PartitionInput": { - "$ref": "#/definitions/AWS::Glue::Partition.PartitionInput", - "markdownDescription": "The structure used to create and update a partition.", - "title": "PartitionInput" + "EbsConfiguration": { + "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.EbsConfiguration", + "markdownDescription": "`EbsConfiguration` determines the EBS volumes to attach to EMR cluster instances.", + "title": "EbsConfiguration" }, - "TableName": { - "markdownDescription": "The name of the metadata table in which the partition is to be created.", - "title": "TableName", + "InstanceCount": { + "markdownDescription": "Target number of instances for the instance group.", + "title": "InstanceCount", + "type": "number" + }, + "InstanceRole": { + "markdownDescription": "The role of the instance group in the cluster.\n\n*Allowed Values* : TASK", + "title": "InstanceRole", + "type": "string" + }, + "InstanceType": { + "markdownDescription": "The Amazon EC2 instance type for all instances in the instance group.", + "title": "InstanceType", + "type": "string" + }, + "JobFlowId": { + "markdownDescription": "The ID of an Amazon EMR cluster that you want to associate this instance group with.", + "title": "JobFlowId", + "type": "string" + }, + "Market": { + "markdownDescription": "Market type of the Amazon EC2 instances used to create a cluster node.", + "title": "Market", + "type": "string" + }, + "Name": { + "markdownDescription": "Friendly name given to the instance group.", + "title": "Name", "type": "string" } }, "required": [ - "CatalogId", - "DatabaseName", - "PartitionInput", - "TableName" + "InstanceCount", + "InstanceRole", + "InstanceType", + "JobFlowId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Glue::Partition" + "AWS::EMR::InstanceGroupConfig" ], "type": "string" }, @@ -106938,247 +110781,316 @@ ], "type": "object" }, - "AWS::Glue::Partition.Column": { + "AWS::EMR::InstanceGroupConfig.AutoScalingPolicy": { "additionalProperties": false, "properties": { - "Comment": { - "markdownDescription": "A free-form text comment.", - "title": "Comment", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the `Column` .", - "title": "Name", - "type": "string" + "Constraints": { + "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.ScalingConstraints", + "markdownDescription": "The upper and lower Amazon EC2 instance limits for an automatic scaling policy. Automatic scaling activity will not cause an instance group to grow above or below these limits.", + "title": "Constraints" }, - "Type": { - "markdownDescription": "The data type of the `Column` .", - "title": "Type", - "type": "string" + "Rules": { + "items": { + "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.ScalingRule" + }, + "markdownDescription": "The scale-in and scale-out rules that comprise the automatic scaling policy.", + "title": "Rules", + "type": "array" } }, "required": [ - "Name" + "Constraints", + "Rules" ], "type": "object" }, - "AWS::Glue::Partition.Order": { + "AWS::EMR::InstanceGroupConfig.CloudWatchAlarmDefinition": { "additionalProperties": false, "properties": { - "Column": { - "markdownDescription": "The name of the column.", - "title": "Column", + "ComparisonOperator": { + "markdownDescription": "Determines how the metric specified by `MetricName` is compared to the value specified by `Threshold` .", + "title": "ComparisonOperator", "type": "string" }, - "SortOrder": { - "markdownDescription": "Indicates that the column is sorted in ascending order ( `== 1` ), or in descending order ( `==0` ).", - "title": "SortOrder", + "Dimensions": { + "items": { + "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.MetricDimension" + }, + "markdownDescription": "A CloudWatch metric dimension.", + "title": "Dimensions", + "type": "array" + }, + "EvaluationPeriods": { + "markdownDescription": "The number of periods, in five-minute increments, during which the alarm condition must exist before the alarm triggers automatic scaling activity. The default value is `1` .", + "title": "EvaluationPeriods", + "type": "number" + }, + "MetricName": { + "markdownDescription": "The name of the CloudWatch metric that is watched to determine an alarm condition.", + "title": "MetricName", + "type": "string" + }, + "Namespace": { + "markdownDescription": "The namespace for the CloudWatch metric. The default is `AWS/ElasticMapReduce` .", + "title": "Namespace", + "type": "string" + }, + "Period": { + "markdownDescription": "The period, in seconds, over which the statistic is applied. CloudWatch metrics for Amazon EMR are emitted every five minutes (300 seconds), so if you specify a CloudWatch metric, specify `300` .", + "title": "Period", + "type": "number" + }, + "Statistic": { + "markdownDescription": "The statistic to apply to the metric associated with the alarm. The default is `AVERAGE` .", + "title": "Statistic", + "type": "string" + }, + "Threshold": { + "markdownDescription": "The value against which the specified statistic is compared.", + "title": "Threshold", "type": "number" + }, + "Unit": { + "markdownDescription": "The unit of measure associated with the CloudWatch metric being watched. The value specified for `Unit` must correspond to the units specified in the CloudWatch metric.", + "title": "Unit", + "type": "string" } }, "required": [ - "Column" + "ComparisonOperator", + "MetricName", + "Period", + "Threshold" ], "type": "object" }, - "AWS::Glue::Partition.PartitionInput": { + "AWS::EMR::InstanceGroupConfig.Configuration": { "additionalProperties": false, "properties": { - "Parameters": { - "markdownDescription": "These key-value pairs define partition parameters.", - "title": "Parameters", - "type": "object" + "Classification": { + "markdownDescription": "The classification within a configuration.", + "title": "Classification", + "type": "string" }, - "StorageDescriptor": { - "$ref": "#/definitions/AWS::Glue::Partition.StorageDescriptor", - "markdownDescription": "Provides information about the physical location where the partition is stored.", - "title": "StorageDescriptor" + "ConfigurationProperties": { + "additionalProperties": true, + "markdownDescription": "Within a configuration classification, a set of properties that represent the settings that you want to change in the configuration file. Duplicates not allowed.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "ConfigurationProperties", + "type": "object" }, - "Values": { + "Configurations": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.Configuration" }, - "markdownDescription": "The values of the partition. Although this parameter is not required by the SDK, you must specify this parameter for a valid input.\n\nThe values for the keys for the new partition must be passed as an array of String objects that must be ordered in the same order as the partition keys appearing in the Amazon S3 prefix. Otherwise AWS Glue will add the values to the wrong keys.", - "title": "Values", + "markdownDescription": "A list of additional configurations to apply within a configuration object.", + "title": "Configurations", "type": "array" } }, + "type": "object" + }, + "AWS::EMR::InstanceGroupConfig.EbsBlockDeviceConfig": { + "additionalProperties": false, + "properties": { + "VolumeSpecification": { + "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.VolumeSpecification", + "markdownDescription": "EBS volume specifications such as volume type, IOPS, size (GiB) and throughput (MiB/s) that are requested for the EBS volume attached to an Amazon EC2 instance in the cluster.", + "title": "VolumeSpecification" + }, + "VolumesPerInstance": { + "markdownDescription": "Number of EBS volumes with a specific volume configuration that are associated with every instance in the instance group", + "title": "VolumesPerInstance", + "type": "number" + } + }, "required": [ - "Values" + "VolumeSpecification" ], "type": "object" }, - "AWS::Glue::Partition.SchemaId": { + "AWS::EMR::InstanceGroupConfig.EbsConfiguration": { "additionalProperties": false, "properties": { - "RegistryName": { - "markdownDescription": "The name of the schema registry that contains the schema.", - "title": "RegistryName", - "type": "string" + "EbsBlockDeviceConfigs": { + "items": { + "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.EbsBlockDeviceConfig" + }, + "markdownDescription": "An array of Amazon EBS volume specifications attached to a cluster instance.", + "title": "EbsBlockDeviceConfigs", + "type": "array" }, - "SchemaArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the schema. One of `SchemaArn` or `SchemaName` has to be\nprovided.", - "title": "SchemaArn", + "EbsOptimized": { + "markdownDescription": "Indicates whether an Amazon EBS volume is EBS-optimized. The default is false. You should explicitly set this value to true to enable the Amazon EBS-optimized setting for an EC2 instance.", + "title": "EbsOptimized", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EMR::InstanceGroupConfig.MetricDimension": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The dimension name.", + "title": "Key", "type": "string" }, - "SchemaName": { - "markdownDescription": "The name of the schema. One of `SchemaArn` or `SchemaName` has to be provided.", - "title": "SchemaName", + "Value": { + "markdownDescription": "The dimension value.", + "title": "Value", "type": "string" } }, + "required": [ + "Key", + "Value" + ], "type": "object" }, - "AWS::Glue::Partition.SchemaReference": { + "AWS::EMR::InstanceGroupConfig.ScalingAction": { "additionalProperties": false, "properties": { - "SchemaId": { - "$ref": "#/definitions/AWS::Glue::Partition.SchemaId", - "markdownDescription": "A structure that contains schema identity fields. Either this or the `SchemaVersionId` has to be\nprovided.", - "title": "SchemaId" - }, - "SchemaVersionId": { - "markdownDescription": "The unique ID assigned to a version of the schema. Either this or the `SchemaId` has to be provided.", - "title": "SchemaVersionId", + "Market": { + "markdownDescription": "Not available for instance groups. Instance groups use the market type specified for the group.", + "title": "Market", "type": "string" }, - "SchemaVersionNumber": { - "markdownDescription": "The version number of the schema.", - "title": "SchemaVersionNumber", + "SimpleScalingPolicyConfiguration": { + "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.SimpleScalingPolicyConfiguration", + "markdownDescription": "The type of adjustment the automatic scaling activity makes when triggered, and the periodicity of the adjustment.", + "title": "SimpleScalingPolicyConfiguration" + } + }, + "required": [ + "SimpleScalingPolicyConfiguration" + ], + "type": "object" + }, + "AWS::EMR::InstanceGroupConfig.ScalingConstraints": { + "additionalProperties": false, + "properties": { + "MaxCapacity": { + "markdownDescription": "The upper boundary of Amazon EC2 instances in an instance group beyond which scaling activities are not allowed to grow. Scale-out activities will not add instances beyond this boundary.", + "title": "MaxCapacity", + "type": "number" + }, + "MinCapacity": { + "markdownDescription": "The lower boundary of Amazon EC2 instances in an instance group below which scaling activities are not allowed to shrink. Scale-in activities will not terminate instances below this boundary.", + "title": "MinCapacity", "type": "number" } }, + "required": [ + "MaxCapacity", + "MinCapacity" + ], "type": "object" }, - "AWS::Glue::Partition.SerdeInfo": { + "AWS::EMR::InstanceGroupConfig.ScalingRule": { "additionalProperties": false, "properties": { + "Action": { + "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.ScalingAction", + "markdownDescription": "The conditions that trigger an automatic scaling activity.", + "title": "Action" + }, + "Description": { + "markdownDescription": "A friendly, more verbose description of the automatic scaling rule.", + "title": "Description", + "type": "string" + }, "Name": { - "markdownDescription": "Name of the SerDe.", + "markdownDescription": "The name used to identify an automatic scaling rule. Rule names must be unique within a scaling policy.", "title": "Name", "type": "string" }, - "Parameters": { - "markdownDescription": "These key-value pairs define initialization parameters for the SerDe.", - "title": "Parameters", - "type": "object" - }, - "SerializationLibrary": { - "markdownDescription": "Usually the class that implements the SerDe. An example is `org.apache.hadoop.hive.serde2.columnar.ColumnarSerDe` .", - "title": "SerializationLibrary", - "type": "string" + "Trigger": { + "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.ScalingTrigger", + "markdownDescription": "The CloudWatch alarm definition that determines when automatic scaling activity is triggered.", + "title": "Trigger" } }, + "required": [ + "Action", + "Name", + "Trigger" + ], "type": "object" }, - "AWS::Glue::Partition.SkewedInfo": { + "AWS::EMR::InstanceGroupConfig.ScalingTrigger": { "additionalProperties": false, "properties": { - "SkewedColumnNames": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of names of columns that contain skewed values.", - "title": "SkewedColumnNames", - "type": "array" - }, - "SkewedColumnValueLocationMaps": { - "markdownDescription": "A mapping of skewed values to the columns that contain them.", - "title": "SkewedColumnValueLocationMaps", - "type": "object" - }, - "SkewedColumnValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of values that appear so frequently as to be considered skewed.", - "title": "SkewedColumnValues", - "type": "array" + "CloudWatchAlarmDefinition": { + "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.CloudWatchAlarmDefinition", + "markdownDescription": "The definition of a CloudWatch metric alarm. When the defined alarm conditions are met along with other trigger parameters, scaling activity begins.", + "title": "CloudWatchAlarmDefinition" } }, + "required": [ + "CloudWatchAlarmDefinition" + ], "type": "object" }, - "AWS::Glue::Partition.StorageDescriptor": { + "AWS::EMR::InstanceGroupConfig.SimpleScalingPolicyConfiguration": { "additionalProperties": false, "properties": { - "BucketColumns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of reducer grouping columns, clustering columns, and bucketing columns in the table.", - "title": "BucketColumns", - "type": "array" - }, - "Columns": { - "items": { - "$ref": "#/definitions/AWS::Glue::Partition.Column" - }, - "markdownDescription": "A list of the `Columns` in the table.", - "title": "Columns", - "type": "array" - }, - "Compressed": { - "markdownDescription": "`True` if the data in the table is compressed, or `False` if not.", - "title": "Compressed", - "type": "boolean" - }, - "InputFormat": { - "markdownDescription": "The input format: `SequenceFileInputFormat` (binary), or `TextInputFormat` , or a custom format.", - "title": "InputFormat", - "type": "string" - }, - "Location": { - "markdownDescription": "The physical location of the table. By default, this takes the form of the warehouse location, followed by the database location in the warehouse, followed by the table name.", - "title": "Location", + "AdjustmentType": { + "markdownDescription": "The way in which Amazon EC2 instances are added (if `ScalingAdjustment` is a positive number) or terminated (if `ScalingAdjustment` is a negative number) each time the scaling activity is triggered. `CHANGE_IN_CAPACITY` is the default. `CHANGE_IN_CAPACITY` indicates that the Amazon EC2 instance count increments or decrements by `ScalingAdjustment` , which should be expressed as an integer. `PERCENT_CHANGE_IN_CAPACITY` indicates the instance count increments or decrements by the percentage specified by `ScalingAdjustment` , which should be expressed as an integer. For example, 20 indicates an increase in 20% increments of cluster capacity. `EXACT_CAPACITY` indicates the scaling activity results in an instance group with the number of Amazon EC2 instances specified by `ScalingAdjustment` , which should be expressed as a positive integer.", + "title": "AdjustmentType", "type": "string" }, - "NumberOfBuckets": { - "markdownDescription": "The number of buckets.\n\nYou must specify this property if the partition contains any dimension columns.", - "title": "NumberOfBuckets", + "CoolDown": { + "markdownDescription": "The amount of time, in seconds, after a scaling activity completes before any further trigger-related scaling activities can start. The default value is 0.", + "title": "CoolDown", "type": "number" }, - "OutputFormat": { - "markdownDescription": "The output format: `SequenceFileOutputFormat` (binary), or `IgnoreKeyTextOutputFormat` , or a custom format.", - "title": "OutputFormat", - "type": "string" - }, - "Parameters": { - "markdownDescription": "The user-supplied properties in key-value form.", - "title": "Parameters", - "type": "object" - }, - "SchemaReference": { - "$ref": "#/definitions/AWS::Glue::Partition.SchemaReference", - "markdownDescription": "An object that references a schema stored in the AWS Glue Schema Registry.", - "title": "SchemaReference" - }, - "SerdeInfo": { - "$ref": "#/definitions/AWS::Glue::Partition.SerdeInfo", - "markdownDescription": "The serialization/deserialization (SerDe) information.", - "title": "SerdeInfo" + "ScalingAdjustment": { + "markdownDescription": "The amount by which to scale in or scale out, based on the specified `AdjustmentType` . A positive value adds to the instance group's Amazon EC2 instance count while a negative number removes instances. If `AdjustmentType` is set to `EXACT_CAPACITY` , the number should only be a positive integer. If `AdjustmentType` is set to `PERCENT_CHANGE_IN_CAPACITY` , the value should express the percentage as an integer. For example, -20 indicates a decrease in 20% increments of cluster capacity.", + "title": "ScalingAdjustment", + "type": "number" + } + }, + "required": [ + "ScalingAdjustment" + ], + "type": "object" + }, + "AWS::EMR::InstanceGroupConfig.VolumeSpecification": { + "additionalProperties": false, + "properties": { + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS) that the volume supports.", + "title": "Iops", + "type": "number" }, - "SkewedInfo": { - "$ref": "#/definitions/AWS::Glue::Partition.SkewedInfo", - "markdownDescription": "The information about values that appear frequently in a column (skewed values).", - "title": "SkewedInfo" + "SizeInGB": { + "markdownDescription": "The volume size, in gibibytes (GiB). This can be a number from 1 - 1024. If the volume type is EBS-optimized, the minimum value is 10.", + "title": "SizeInGB", + "type": "number" }, - "SortColumns": { - "items": { - "$ref": "#/definitions/AWS::Glue::Partition.Order" - }, - "markdownDescription": "A list specifying the sort order of each bucket in the table.", - "title": "SortColumns", - "type": "array" + "Throughput": { + "markdownDescription": "The throughput, in mebibyte per second (MiB/s). This optional parameter can be a number from 125 - 1000 and is valid only for gp3 volumes.", + "title": "Throughput", + "type": "number" }, - "StoredAsSubDirectories": { - "markdownDescription": "`True` if the table data is stored in subdirectories, or `False` if not.", - "title": "StoredAsSubDirectories", - "type": "boolean" + "VolumeType": { + "markdownDescription": "The volume type. Volume types supported are gp3, gp2, io1, st1, sc1, and standard.", + "title": "VolumeType", + "type": "string" } }, + "required": [ + "SizeInGB", + "VolumeType" + ], "type": "object" }, - "AWS::Glue::Registry": { + "AWS::EMR::SecurityConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -107213,33 +111125,25 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the registry.", - "title": "Description", - "type": "string" - }, "Name": { - "markdownDescription": "The name of the registry.", + "markdownDescription": "The name of the security configuration.", "title": "Name", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "AWS tags that contain a key value pair and may be searched by console, command line, or API.", - "title": "Tags", - "type": "array" + "SecurityConfiguration": { + "markdownDescription": "The security configuration details in JSON format. For JSON parameters and examples, see [Use Security Configurations to Set Up Cluster Security](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-security-configurations.html) in the *Amazon EMR Management Guide* .", + "title": "SecurityConfiguration", + "type": "object" } }, "required": [ - "Name" + "SecurityConfiguration" ], "type": "object" }, "Type": { "enum": [ - "AWS::Glue::Registry" + "AWS::EMR::SecurityConfiguration" ], "type": "string" }, @@ -107258,7 +111162,7 @@ ], "type": "object" }, - "AWS::Glue::Schema": { + "AWS::EMR::Step": { "additionalProperties": false, "properties": { "Condition": { @@ -107293,61 +111197,38 @@ "Properties": { "additionalProperties": false, "properties": { - "CheckpointVersion": { - "$ref": "#/definitions/AWS::Glue::Schema.SchemaVersion", - "markdownDescription": "Specify the `VersionNumber` or the `IsLatest` for setting the checkpoint for the schema. This is only required for updating a checkpoint.", - "title": "CheckpointVersion" - }, - "Compatibility": { - "markdownDescription": "The compatibility mode of the schema.", - "title": "Compatibility", + "ActionOnFailure": { + "markdownDescription": "This specifies what action to take when the cluster step fails. Possible values are `CANCEL_AND_WAIT` and `CONTINUE` .", + "title": "ActionOnFailure", "type": "string" }, - "DataFormat": { - "markdownDescription": "The data format of the schema definition. Currently only `AVRO` is supported.", - "title": "DataFormat", - "type": "string" + "HadoopJarStep": { + "$ref": "#/definitions/AWS::EMR::Step.HadoopJarStepConfig", + "markdownDescription": "The `HadoopJarStepConfig` property type specifies a job flow step consisting of a JAR file whose main function will be executed. The main function submits a job for the cluster to execute as a step on the master node, and then waits for the job to finish or fail before executing subsequent steps.", + "title": "HadoopJarStep" }, - "Description": { - "markdownDescription": "A description of the schema if specified when created.", - "title": "Description", + "JobFlowId": { + "markdownDescription": "A string that uniquely identifies the cluster (job flow).", + "title": "JobFlowId", "type": "string" }, "Name": { - "markdownDescription": "Name of the schema to be created of max length of 255, and may only contain letters, numbers, hyphen, underscore, dollar sign, or hash mark. No whitespace.", + "markdownDescription": "The name of the cluster step.", "title": "Name", "type": "string" - }, - "Registry": { - "$ref": "#/definitions/AWS::Glue::Schema.Registry", - "markdownDescription": "The registry where a schema is stored.", - "title": "Registry" - }, - "SchemaDefinition": { - "markdownDescription": "The schema definition using the `DataFormat` setting for `SchemaName` .", - "title": "SchemaDefinition", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "AWS tags that contain a key value pair and may be searched by console, command line, or API.", - "title": "Tags", - "type": "array" } }, "required": [ - "Compatibility", - "DataFormat", - "Name", - "SchemaDefinition" + "ActionOnFailure", + "HadoopJarStep", + "JobFlowId", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Glue::Schema" + "AWS::EMR::Step" ], "type": "string" }, @@ -107366,39 +111247,58 @@ ], "type": "object" }, - "AWS::Glue::Schema.Registry": { + "AWS::EMR::Step.HadoopJarStepConfig": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the registry.", - "title": "Arn", + "Args": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of command line arguments passed to the JAR file's main function when executed.", + "title": "Args", + "type": "array" + }, + "Jar": { + "markdownDescription": "A path to a JAR file run during the step.", + "title": "Jar", "type": "string" }, - "Name": { - "markdownDescription": "The name of the registry.", - "title": "Name", + "MainClass": { + "markdownDescription": "The name of the main class in the specified Java file. If not specified, the JAR file should specify a Main-Class in its manifest file.", + "title": "MainClass", "type": "string" - } - }, - "type": "object" - }, - "AWS::Glue::Schema.SchemaVersion": { - "additionalProperties": false, + }, + "StepProperties": { + "items": { + "$ref": "#/definitions/AWS::EMR::Step.KeyValue" + }, + "markdownDescription": "A list of Java properties that are set when the step runs. You can use these properties to pass key value pairs to your main function.", + "title": "StepProperties", + "type": "array" + } + }, + "required": [ + "Jar" + ], + "type": "object" + }, + "AWS::EMR::Step.KeyValue": { + "additionalProperties": false, "properties": { - "IsLatest": { - "markdownDescription": "Indicates if this version is the latest version of the schema.", - "title": "IsLatest", - "type": "boolean" + "Key": { + "markdownDescription": "The unique identifier of a key-value pair.", + "title": "Key", + "type": "string" }, - "VersionNumber": { - "markdownDescription": "The version number of the schema.", - "title": "VersionNumber", - "type": "number" + "Value": { + "markdownDescription": "The value part of the identified key.", + "title": "Value", + "type": "string" } }, "type": "object" }, - "AWS::Glue::SchemaVersion": { + "AWS::EMR::Studio": { "additionalProperties": false, "properties": { "Condition": { @@ -107433,26 +111333,113 @@ "Properties": { "additionalProperties": false, "properties": { - "Schema": { - "$ref": "#/definitions/AWS::Glue::SchemaVersion.Schema", - "markdownDescription": "The schema that includes the schema version.", - "title": "Schema" + "AuthMode": { + "markdownDescription": "Specifies whether the Studio authenticates users using IAM Identity Center or IAM.", + "title": "AuthMode", + "type": "string" }, - "SchemaDefinition": { - "markdownDescription": "The schema definition for the schema version.", - "title": "SchemaDefinition", + "DefaultS3Location": { + "markdownDescription": "The Amazon S3 location to back up EMR Studio Workspaces and notebook files.", + "title": "DefaultS3Location", + "type": "string" + }, + "Description": { + "markdownDescription": "A detailed description of the Amazon EMR Studio.", + "title": "Description", + "type": "string" + }, + "EncryptionKeyArn": { + "markdownDescription": "The AWS KMS key identifier (ARN) used to encrypt Amazon EMR Studio workspace and notebook files when backed up to Amazon S3.", + "title": "EncryptionKeyArn", + "type": "string" + }, + "EngineSecurityGroupId": { + "markdownDescription": "The ID of the Amazon EMR Studio Engine security group. The Engine security group allows inbound network traffic from the Workspace security group, and it must be in the same VPC specified by `VpcId` .", + "title": "EngineSecurityGroupId", + "type": "string" + }, + "IdcInstanceArn": { + "markdownDescription": "The ARN of the IAM Identity Center instance the Studio application belongs to.", + "title": "IdcInstanceArn", + "type": "string" + }, + "IdcUserAssignment": { + "markdownDescription": "Indicates whether the Studio has `REQUIRED` or `OPTIONAL` IAM Identity Center user assignment. If the value is set to `REQUIRED` , users must be explicitly assigned to the Studio application to access the Studio.", + "title": "IdcUserAssignment", + "type": "string" + }, + "IdpAuthUrl": { + "markdownDescription": "Your identity provider's authentication endpoint. Amazon EMR Studio redirects federated users to this endpoint for authentication when logging in to a Studio with the Studio URL.", + "title": "IdpAuthUrl", + "type": "string" + }, + "IdpRelayStateParameterName": { + "markdownDescription": "The name of your identity provider's `RelayState` parameter.", + "title": "IdpRelayStateParameterName", + "type": "string" + }, + "Name": { + "markdownDescription": "A descriptive name for the Amazon EMR Studio.", + "title": "Name", + "type": "string" + }, + "ServiceRole": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that will be assumed by the Amazon EMR Studio. The service role provides a way for Amazon EMR Studio to interoperate with other AWS services.", + "title": "ServiceRole", + "type": "string" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of subnet IDs to associate with the Amazon EMR Studio. A Studio can have a maximum of 5 subnets. The subnets must belong to the VPC specified by `VpcId` . Studio users can create a Workspace in any of the specified subnets.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + }, + "TrustedIdentityPropagationEnabled": { + "markdownDescription": "Indicates whether the Studio has Trusted identity propagation enabled. The default value is `false` .", + "title": "TrustedIdentityPropagationEnabled", + "type": "boolean" + }, + "UserRole": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM user role that will be assumed by users and groups logged in to a Studio. The permissions attached to this IAM role can be scoped down for each user or group using session policies. You only need to specify `UserRole` when you set `AuthMode` to `SSO` .", + "title": "UserRole", + "type": "string" + }, + "VpcId": { + "markdownDescription": "The ID of the Amazon Virtual Private Cloud (Amazon VPC) to associate with the Studio.", + "title": "VpcId", + "type": "string" + }, + "WorkspaceSecurityGroupId": { + "markdownDescription": "The ID of the Workspace security group associated with the Amazon EMR Studio. The Workspace security group allows outbound network traffic to resources in the Engine security group and to the internet.", + "title": "WorkspaceSecurityGroupId", "type": "string" } }, "required": [ - "Schema", - "SchemaDefinition" + "AuthMode", + "DefaultS3Location", + "EngineSecurityGroupId", + "Name", + "ServiceRole", + "SubnetIds", + "VpcId", + "WorkspaceSecurityGroupId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Glue::SchemaVersion" + "AWS::EMR::Studio" ], "type": "string" }, @@ -107471,28 +111458,92 @@ ], "type": "object" }, - "AWS::Glue::SchemaVersion.Schema": { + "AWS::EMR::StudioSessionMapping": { "additionalProperties": false, "properties": { - "RegistryName": { - "markdownDescription": "The name of the registry where the schema is stored. Either `SchemaArn` , or `SchemaName` and `RegistryName` has to be provided.", - "title": "RegistryName", + "Condition": { "type": "string" }, - "SchemaArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the schema. Either `SchemaArn` , or `SchemaName` and `RegistryName` has to be provided.", - "title": "SchemaArn", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SchemaName": { - "markdownDescription": "The name of the schema. Either `SchemaArn` , or `SchemaName` and `RegistryName` has to be provided.", - "title": "SchemaName", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "IdentityName": { + "markdownDescription": "The name of the user or group. For more information, see [UserName](https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_User.html#singlesignon-Type-User-UserName) and [DisplayName](https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_Group.html#singlesignon-Type-Group-DisplayName) in the *IAM Identity Center Identity Store API Reference* .", + "title": "IdentityName", + "type": "string" + }, + "IdentityType": { + "markdownDescription": "Specifies whether the identity to map to the Amazon EMR Studio is a user or a group.", + "title": "IdentityType", + "type": "string" + }, + "SessionPolicyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the session policy that will be applied to the user or group. Session policies refine Studio user permissions without the need to use multiple IAM user roles. For more information, see [Create an EMR Studio user role with session policies](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-studio-user-role.html) in the *Amazon EMR Management Guide* .", + "title": "SessionPolicyArn", + "type": "string" + }, + "StudioId": { + "markdownDescription": "The ID of the Amazon EMR Studio to which the user or group will be mapped.", + "title": "StudioId", + "type": "string" + } + }, + "required": [ + "IdentityName", + "IdentityType", + "SessionPolicyArn", + "StudioId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::EMR::StudioSessionMapping" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::Glue::SchemaVersionMetadata": { + "AWS::EMR::WALWorkspace": { "additionalProperties": false, "properties": { "Condition": { @@ -107527,32 +111578,25 @@ "Properties": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "A metadata key in a key-value pair for metadata.", - "title": "Key", - "type": "string" - }, - "SchemaVersionId": { - "markdownDescription": "The version number of the schema.", - "title": "SchemaVersionId", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" }, - "Value": { - "markdownDescription": "A metadata key's corresponding value.", - "title": "Value", + "WALWorkspaceName": { + "markdownDescription": "", + "title": "WALWorkspaceName", "type": "string" } }, - "required": [ - "Key", - "SchemaVersionId", - "Value" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Glue::SchemaVersionMetadata" + "AWS::EMR::WALWorkspace" ], "type": "string" }, @@ -107566,12 +111610,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Glue::SecurityConfiguration": { + "AWS::EMRContainers::VirtualCluster": { "additionalProperties": false, "properties": { "Condition": { @@ -107606,26 +111649,39 @@ "Properties": { "additionalProperties": false, "properties": { - "EncryptionConfiguration": { - "$ref": "#/definitions/AWS::Glue::SecurityConfiguration.EncryptionConfiguration", - "markdownDescription": "The encryption configuration associated with this security configuration.", - "title": "EncryptionConfiguration" + "ContainerProvider": { + "$ref": "#/definitions/AWS::EMRContainers::VirtualCluster.ContainerProvider", + "markdownDescription": "The container provider of the virtual cluster.", + "title": "ContainerProvider" }, "Name": { - "markdownDescription": "The name of the security configuration.", + "markdownDescription": "The name of the virtual cluster.", "title": "Name", "type": "string" + }, + "SecurityConfigurationId": { + "markdownDescription": "The ID of the security configuration.", + "title": "SecurityConfigurationId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, "required": [ - "EncryptionConfiguration", + "ContainerProvider", "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Glue::SecurityConfiguration" + "AWS::EMRContainers::VirtualCluster" ], "type": "string" }, @@ -107644,81 +111700,61 @@ ], "type": "object" }, - "AWS::Glue::SecurityConfiguration.CloudWatchEncryption": { - "additionalProperties": false, - "properties": { - "CloudWatchEncryptionMode": { - "markdownDescription": "The encryption mode to use for CloudWatch data.", - "title": "CloudWatchEncryptionMode", - "type": "string" - }, - "KmsKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key to be used to encrypt the data.", - "title": "KmsKeyArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Glue::SecurityConfiguration.EncryptionConfiguration": { + "AWS::EMRContainers::VirtualCluster.ContainerInfo": { "additionalProperties": false, "properties": { - "CloudWatchEncryption": { - "$ref": "#/definitions/AWS::Glue::SecurityConfiguration.CloudWatchEncryption", - "markdownDescription": "The encryption configuration for Amazon CloudWatch.", - "title": "CloudWatchEncryption" - }, - "JobBookmarksEncryption": { - "$ref": "#/definitions/AWS::Glue::SecurityConfiguration.JobBookmarksEncryption", - "markdownDescription": "The encryption configuration for job bookmarks.", - "title": "JobBookmarksEncryption" - }, - "S3Encryptions": { - "$ref": "#/definitions/AWS::Glue::SecurityConfiguration.S3Encryptions", - "markdownDescription": "The encyption configuration for Amazon Simple Storage Service (Amazon S3) data.", - "title": "S3Encryptions" + "EksInfo": { + "$ref": "#/definitions/AWS::EMRContainers::VirtualCluster.EksInfo", + "markdownDescription": "The information about the Amazon EKS cluster.", + "title": "EksInfo" } }, + "required": [ + "EksInfo" + ], "type": "object" }, - "AWS::Glue::SecurityConfiguration.JobBookmarksEncryption": { + "AWS::EMRContainers::VirtualCluster.ContainerProvider": { "additionalProperties": false, "properties": { - "JobBookmarksEncryptionMode": { - "markdownDescription": "The encryption mode to use for job bookmarks data.", - "title": "JobBookmarksEncryptionMode", + "Id": { + "markdownDescription": "The ID of the container cluster.\n\n*Minimum* : 1\n\n*Maximum* : 100\n\n*Pattern* : `^[0-9A-Za-z][A-Za-z0-9\\-_]*`", + "title": "Id", "type": "string" }, - "KmsKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key to be used to encrypt the data.", - "title": "KmsKeyArn", + "Info": { + "$ref": "#/definitions/AWS::EMRContainers::VirtualCluster.ContainerInfo", + "markdownDescription": "The information about the container cluster.", + "title": "Info" + }, + "Type": { + "markdownDescription": "The type of the container provider. Amazon EKS is the only supported type as of now.", + "title": "Type", "type": "string" } }, + "required": [ + "Id", + "Info", + "Type" + ], "type": "object" }, - "AWS::Glue::SecurityConfiguration.S3Encryption": { + "AWS::EMRContainers::VirtualCluster.EksInfo": { "additionalProperties": false, "properties": { - "KmsKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key to be used to encrypt the data.", - "title": "KmsKeyArn", - "type": "string" - }, - "S3EncryptionMode": { - "markdownDescription": "The encryption mode to use for Amazon S3 data.", - "title": "S3EncryptionMode", + "Namespace": { + "markdownDescription": "The namespaces of the EKS cluster.\n\n*Minimum* : 1\n\n*Maximum* : 63\n\n*Pattern* : `[a-z0-9]([-a-z0-9]*[a-z0-9])?`", + "title": "Namespace", "type": "string" } }, + "required": [ + "Namespace" + ], "type": "object" }, - "AWS::Glue::SecurityConfiguration.S3Encryptions": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::Glue::Table": { + "AWS::EMRServerless::Application": { "additionalProperties": false, "properties": { "Condition": { @@ -107753,37 +111789,116 @@ "Properties": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The ID of the Data Catalog in which to create the `Table` .", - "title": "CatalogId", + "Architecture": { + "markdownDescription": "The CPU architecture of an application.", + "title": "Architecture", "type": "string" }, - "DatabaseName": { - "markdownDescription": "The name of the database where the table metadata resides. For Hive compatibility, this must be all lowercase.", - "title": "DatabaseName", + "AutoStartConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.AutoStartConfiguration", + "markdownDescription": "The configuration for an application to automatically start on job submission.", + "title": "AutoStartConfiguration" + }, + "AutoStopConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.AutoStopConfiguration", + "markdownDescription": "The configuration for an application to automatically stop after a certain amount of time being idle.", + "title": "AutoStopConfiguration" + }, + "IdentityCenterConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.IdentityCenterConfiguration", + "markdownDescription": "A configuration specification to be used when provisioning an application. A configuration consists of a classification, properties, and optional nested configurations. A classification refers to an application-specific configuration file. Properties are the settings you want to change in that file.", + "title": "IdentityCenterConfiguration" + }, + "ImageConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.ImageConfigurationInput", + "markdownDescription": "The image configuration applied to all worker types.", + "title": "ImageConfiguration" + }, + "InitialCapacity": { + "items": { + "$ref": "#/definitions/AWS::EMRServerless::Application.InitialCapacityConfigKeyValuePair" + }, + "markdownDescription": "The initial capacity of the application.", + "title": "InitialCapacity", + "type": "array" + }, + "InteractiveConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.InteractiveConfiguration", + "markdownDescription": "The interactive configuration object that enables the interactive use cases for an application.", + "title": "InteractiveConfiguration" + }, + "MaximumCapacity": { + "$ref": "#/definitions/AWS::EMRServerless::Application.MaximumAllowedResources", + "markdownDescription": "The maximum capacity of the application. This is cumulative across all workers at any given point in time during the lifespan of the application is created. No new resources will be created once any one of the defined limits is hit.", + "title": "MaximumCapacity" + }, + "MonitoringConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.MonitoringConfiguration", + "markdownDescription": "A configuration specification to be used when provisioning an application. A configuration consists of a classification, properties, and optional nested configurations. A classification refers to an application-specific configuration file. Properties are the settings you want to change in that file.", + "title": "MonitoringConfiguration" + }, + "Name": { + "markdownDescription": "The name of the application.", + "title": "Name", "type": "string" }, - "OpenTableFormatInput": { - "$ref": "#/definitions/AWS::Glue::Table.OpenTableFormatInput", - "markdownDescription": "Specifies an `OpenTableFormatInput` structure when creating an open format table.", - "title": "OpenTableFormatInput" + "NetworkConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.NetworkConfiguration", + "markdownDescription": "The network configuration for customer VPC connectivity for the application.", + "title": "NetworkConfiguration" }, - "TableInput": { - "$ref": "#/definitions/AWS::Glue::Table.TableInput", - "markdownDescription": "A structure used to define a table.", - "title": "TableInput" + "ReleaseLabel": { + "markdownDescription": "The EMR release associated with the application.", + "title": "ReleaseLabel", + "type": "string" + }, + "RuntimeConfiguration": { + "items": { + "$ref": "#/definitions/AWS::EMRServerless::Application.ConfigurationObject" + }, + "markdownDescription": "The [Configuration](https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_Configuration.html) specifications of an application. Each configuration consists of a classification and properties. You use this parameter when creating or updating an application. To see the runtimeConfiguration object of an application, run the [GetApplication](https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_GetApplication.html) API operation.", + "title": "RuntimeConfiguration", + "type": "array" + }, + "SchedulerConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.SchedulerConfiguration", + "markdownDescription": "The scheduler configuration for batch and streaming jobs running on this application. Supported with release labels emr-7.0.0 and above.", + "title": "SchedulerConfiguration" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags assigned to the application.", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of application, such as Spark or Hive.", + "title": "Type", + "type": "string" + }, + "WorkerTypeSpecifications": { + "additionalProperties": false, + "markdownDescription": "The specification applied to each worker type.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::EMRServerless::Application.WorkerTypeSpecificationInput" + } + }, + "title": "WorkerTypeSpecifications", + "type": "object" } }, "required": [ - "CatalogId", - "DatabaseName", - "TableInput" + "ReleaseLabel", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::Glue::Table" + "AWS::EMRServerless::Application" ], "type": "string" }, @@ -107802,343 +111917,375 @@ ], "type": "object" }, - "AWS::Glue::Table.Column": { + "AWS::EMRServerless::Application.AutoStartConfiguration": { "additionalProperties": false, "properties": { - "Comment": { - "markdownDescription": "A free-form text comment.", - "title": "Comment", + "Enabled": { + "markdownDescription": "Enables the application to automatically start on job submission.", + "title": "Enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EMRServerless::Application.AutoStopConfiguration": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Enables the application to automatically stop after a certain amount of time being idle. Defaults to true.", + "title": "Enabled", + "type": "boolean" + }, + "IdleTimeoutMinutes": { + "markdownDescription": "The amount of idle time in minutes after which your application will automatically stop. Defaults to 15 minutes.", + "title": "IdleTimeoutMinutes", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EMRServerless::Application.CloudWatchLoggingConfiguration": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Enables CloudWatch logging.", + "title": "Enabled", + "type": "boolean" + }, + "EncryptionKeyArn": { + "markdownDescription": "The AWS Key Management Service (KMS) key ARN to encrypt the logs that you store in CloudWatch Logs.", + "title": "EncryptionKeyArn", "type": "string" }, - "Name": { - "markdownDescription": "The name of the `Column` .", - "title": "Name", + "LogGroupName": { + "markdownDescription": "The name of the log group in Amazon CloudWatch Logs where you want to publish your logs.", + "title": "LogGroupName", "type": "string" }, - "Type": { - "markdownDescription": "The data type of the `Column` .", - "title": "Type", + "LogStreamNamePrefix": { + "markdownDescription": "Prefix for the CloudWatch log stream name.", + "title": "LogStreamNamePrefix", + "type": "string" + }, + "LogTypeMap": { + "items": { + "$ref": "#/definitions/AWS::EMRServerless::Application.LogTypeMapKeyValuePair" + }, + "markdownDescription": "", + "title": "LogTypeMap", + "type": "array" + } + }, + "type": "object" + }, + "AWS::EMRServerless::Application.ConfigurationObject": { + "additionalProperties": false, + "properties": { + "Classification": { + "markdownDescription": "The classification within a configuration.", + "title": "Classification", "type": "string" + }, + "Configurations": { + "items": { + "$ref": "#/definitions/AWS::EMRServerless::Application.ConfigurationObject" + }, + "markdownDescription": "A list of additional configurations to apply within a configuration object.", + "title": "Configurations", + "type": "array" + }, + "Properties": { + "additionalProperties": true, + "markdownDescription": "A set of properties specified within a configuration classification.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Properties", + "type": "object" } }, "required": [ - "Name" + "Classification" ], "type": "object" }, - "AWS::Glue::Table.IcebergInput": { + "AWS::EMRServerless::Application.IdentityCenterConfiguration": { "additionalProperties": false, "properties": { - "MetadataOperation": { - "$ref": "#/definitions/AWS::Glue::Table.MetadataOperation", - "markdownDescription": "A required metadata operation. Can only be set to CREATE.", - "title": "MetadataOperation" - }, - "Version": { - "markdownDescription": "The table version for the Iceberg table. Defaults to 2.", - "title": "Version", + "IdentityCenterInstanceArn": { + "markdownDescription": "", + "title": "IdentityCenterInstanceArn", "type": "string" } }, "type": "object" }, - "AWS::Glue::Table.MetadataOperation": { + "AWS::EMRServerless::Application.ImageConfigurationInput": { "additionalProperties": false, - "properties": {}, + "properties": { + "ImageUri": { + "markdownDescription": "The URI of an image in the Amazon ECR registry. This field is required when you create a new application. If you leave this field blank in an update, Amazon EMR will remove the image configuration.", + "title": "ImageUri", + "type": "string" + } + }, "type": "object" }, - "AWS::Glue::Table.OpenTableFormatInput": { + "AWS::EMRServerless::Application.InitialCapacityConfig": { "additionalProperties": false, "properties": { - "IcebergInput": { - "$ref": "#/definitions/AWS::Glue::Table.IcebergInput", - "markdownDescription": "Specifies an `IcebergInput` structure that defines an Apache Iceberg metadata table.", - "title": "IcebergInput" + "WorkerConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.WorkerConfiguration", + "markdownDescription": "The resource configuration of the initial capacity configuration.", + "title": "WorkerConfiguration" + }, + "WorkerCount": { + "markdownDescription": "The number of workers in the initial capacity configuration.", + "title": "WorkerCount", + "type": "number" } }, + "required": [ + "WorkerConfiguration", + "WorkerCount" + ], "type": "object" }, - "AWS::Glue::Table.Order": { + "AWS::EMRServerless::Application.InitialCapacityConfigKeyValuePair": { "additionalProperties": false, "properties": { - "Column": { - "markdownDescription": "The name of the column.", - "title": "Column", + "Key": { + "markdownDescription": "", + "title": "Key", "type": "string" }, - "SortOrder": { - "markdownDescription": "Indicates that the column is sorted in ascending order ( `== 1` ), or in descending order ( `==0` ).", - "title": "SortOrder", - "type": "number" + "Value": { + "$ref": "#/definitions/AWS::EMRServerless::Application.InitialCapacityConfig", + "markdownDescription": "", + "title": "Value" } }, "required": [ - "Column", - "SortOrder" + "Key", + "Value" ], "type": "object" }, - "AWS::Glue::Table.SchemaId": { + "AWS::EMRServerless::Application.InteractiveConfiguration": { "additionalProperties": false, "properties": { - "RegistryName": { - "markdownDescription": "The name of the schema registry that contains the schema.", - "title": "RegistryName", - "type": "string" + "LivyEndpointEnabled": { + "markdownDescription": "Enables an Apache Livy endpoint that you can connect to and run interactive jobs.", + "title": "LivyEndpointEnabled", + "type": "boolean" }, - "SchemaArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the schema. One of `SchemaArn` or `SchemaName` has to be\nprovided.", - "title": "SchemaArn", + "StudioEnabled": { + "markdownDescription": "Enables you to connect an application to Amazon EMR Studio to run interactive workloads in a notebook.", + "title": "StudioEnabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EMRServerless::Application.LogTypeMapKeyValuePair": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "", + "title": "Key", "type": "string" }, - "SchemaName": { - "markdownDescription": "The name of the schema. One of `SchemaArn` or `SchemaName` has to be provided.", - "title": "SchemaName", - "type": "string" + "Value": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "Value", + "type": "array" } }, + "required": [ + "Key", + "Value" + ], "type": "object" }, - "AWS::Glue::Table.SchemaReference": { + "AWS::EMRServerless::Application.ManagedPersistenceMonitoringConfiguration": { "additionalProperties": false, "properties": { - "SchemaId": { - "$ref": "#/definitions/AWS::Glue::Table.SchemaId", - "markdownDescription": "A structure that contains schema identity fields. Either this or the `SchemaVersionId` has to be\nprovided.", - "title": "SchemaId" + "Enabled": { + "markdownDescription": "Enables managed logging and defaults to true. If set to false, managed logging will be turned off.", + "title": "Enabled", + "type": "boolean" }, - "SchemaVersionId": { - "markdownDescription": "The unique ID assigned to a version of the schema. Either this or the `SchemaId` has to be provided.", - "title": "SchemaVersionId", + "EncryptionKeyArn": { + "markdownDescription": "The KMS key ARN to encrypt the logs stored in managed log persistence.", + "title": "EncryptionKeyArn", "type": "string" - }, - "SchemaVersionNumber": { - "markdownDescription": "The version number of the schema.", - "title": "SchemaVersionNumber", - "type": "number" } }, "type": "object" }, - "AWS::Glue::Table.SerdeInfo": { + "AWS::EMRServerless::Application.MaximumAllowedResources": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "Name of the SerDe.", - "title": "Name", + "Cpu": { + "markdownDescription": "The maximum allowed CPU for an application.", + "title": "Cpu", "type": "string" }, - "Parameters": { - "markdownDescription": "These key-value pairs define initialization parameters for the SerDe.", - "title": "Parameters", - "type": "object" + "Disk": { + "markdownDescription": "The maximum allowed disk for an application.", + "title": "Disk", + "type": "string" }, - "SerializationLibrary": { - "markdownDescription": "Usually the class that implements the SerDe. An example is `org.apache.hadoop.hive.serde2.columnar.ColumnarSerDe` .", - "title": "SerializationLibrary", + "Memory": { + "markdownDescription": "The maximum allowed resources for an application.", + "title": "Memory", "type": "string" } }, + "required": [ + "Cpu", + "Memory" + ], "type": "object" }, - "AWS::Glue::Table.SkewedInfo": { + "AWS::EMRServerless::Application.MonitoringConfiguration": { "additionalProperties": false, "properties": { - "SkewedColumnNames": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of names of columns that contain skewed values.", - "title": "SkewedColumnNames", - "type": "array" + "CloudWatchLoggingConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.CloudWatchLoggingConfiguration", + "markdownDescription": "The Amazon CloudWatch configuration for monitoring logs. You can configure your jobs to send log information to CloudWatch.", + "title": "CloudWatchLoggingConfiguration" }, - "SkewedColumnValueLocationMaps": { - "markdownDescription": "A mapping of skewed values to the columns that contain them.", - "title": "SkewedColumnValueLocationMaps", - "type": "object" + "ManagedPersistenceMonitoringConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.ManagedPersistenceMonitoringConfiguration", + "markdownDescription": "The managed log persistence configuration for a job run.", + "title": "ManagedPersistenceMonitoringConfiguration" }, - "SkewedColumnValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of values that appear so frequently as to be considered skewed.", - "title": "SkewedColumnValues", - "type": "array" + "PrometheusMonitoringConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.PrometheusMonitoringConfiguration", + "markdownDescription": "The monitoring configuration object you can configure to send metrics to Amazon Managed Service for Prometheus for a job run.", + "title": "PrometheusMonitoringConfiguration" + }, + "S3MonitoringConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.S3MonitoringConfiguration", + "markdownDescription": "The Amazon S3 configuration for monitoring log publishing.", + "title": "S3MonitoringConfiguration" } }, "type": "object" }, - "AWS::Glue::Table.StorageDescriptor": { + "AWS::EMRServerless::Application.NetworkConfiguration": { "additionalProperties": false, "properties": { - "BucketColumns": { + "SecurityGroupIds": { "items": { "type": "string" }, - "markdownDescription": "A list of reducer grouping columns, clustering columns, and bucketing columns in the table.", - "title": "BucketColumns", - "type": "array" - }, - "Columns": { - "items": { - "$ref": "#/definitions/AWS::Glue::Table.Column" - }, - "markdownDescription": "A list of the `Columns` in the table.", - "title": "Columns", + "markdownDescription": "The array of security group Ids for customer VPC connectivity.", + "title": "SecurityGroupIds", "type": "array" }, - "Compressed": { - "markdownDescription": "`True` if the data in the table is compressed, or `False` if not.", - "title": "Compressed", - "type": "boolean" - }, - "InputFormat": { - "markdownDescription": "The input format: `SequenceFileInputFormat` (binary), or `TextInputFormat` , or a custom format.", - "title": "InputFormat", - "type": "string" - }, - "Location": { - "markdownDescription": "The physical location of the table. By default, this takes the form of the warehouse location, followed by the database location in the warehouse, followed by the table name.", - "title": "Location", - "type": "string" - }, - "NumberOfBuckets": { - "markdownDescription": "Must be specified if the table contains any dimension columns.", - "title": "NumberOfBuckets", - "type": "number" - }, - "OutputFormat": { - "markdownDescription": "The output format: `SequenceFileOutputFormat` (binary), or `IgnoreKeyTextOutputFormat` , or a custom format.", - "title": "OutputFormat", - "type": "string" - }, - "Parameters": { - "markdownDescription": "The user-supplied properties in key-value form.", - "title": "Parameters", - "type": "object" - }, - "SchemaReference": { - "$ref": "#/definitions/AWS::Glue::Table.SchemaReference", - "markdownDescription": "An object that references a schema stored in the AWS Glue Schema Registry.", - "title": "SchemaReference" - }, - "SerdeInfo": { - "$ref": "#/definitions/AWS::Glue::Table.SerdeInfo", - "markdownDescription": "The serialization/deserialization (SerDe) information.", - "title": "SerdeInfo" - }, - "SkewedInfo": { - "$ref": "#/definitions/AWS::Glue::Table.SkewedInfo", - "markdownDescription": "The information about values that appear frequently in a column (skewed values).", - "title": "SkewedInfo" - }, - "SortColumns": { + "SubnetIds": { "items": { - "$ref": "#/definitions/AWS::Glue::Table.Order" + "type": "string" }, - "markdownDescription": "A list specifying the sort order of each bucket in the table.", - "title": "SortColumns", + "markdownDescription": "The array of subnet Ids for customer VPC connectivity.", + "title": "SubnetIds", "type": "array" - }, - "StoredAsSubDirectories": { - "markdownDescription": "`True` if the table data is stored in subdirectories, or `False` if not.", - "title": "StoredAsSubDirectories", - "type": "boolean" } }, "type": "object" }, - "AWS::Glue::Table.TableIdentifier": { + "AWS::EMRServerless::Application.PrometheusMonitoringConfiguration": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The ID of the Data Catalog in which the table resides.", - "title": "CatalogId", - "type": "string" - }, - "DatabaseName": { - "markdownDescription": "The name of the catalog database that contains the target table.", - "title": "DatabaseName", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the target table.", - "title": "Name", - "type": "string" - }, - "Region": { - "markdownDescription": "The Region of the table.", - "title": "Region", + "RemoteWriteUrl": { + "markdownDescription": "The remote write URL in the Amazon Managed Service for Prometheus workspace to send metrics to.", + "title": "RemoteWriteUrl", "type": "string" } }, "type": "object" }, - "AWS::Glue::Table.TableInput": { + "AWS::EMRServerless::Application.S3MonitoringConfiguration": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the table.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The table name. For Hive compatibility, this is folded to lowercase when it is stored.", - "title": "Name", + "EncryptionKeyArn": { + "markdownDescription": "The KMS key ARN to encrypt the logs published to the given Amazon S3 destination.", + "title": "EncryptionKeyArn", "type": "string" }, - "Owner": { - "markdownDescription": "The table owner. Included for Apache Hive compatibility. Not used in the normal course of AWS Glue operations.", - "title": "Owner", + "LogUri": { + "markdownDescription": "The Amazon S3 destination URI for log publishing.", + "title": "LogUri", "type": "string" - }, - "Parameters": { - "markdownDescription": "These key-value pairs define properties associated with the table.", - "title": "Parameters", - "type": "object" - }, - "PartitionKeys": { - "items": { - "$ref": "#/definitions/AWS::Glue::Table.Column" - }, - "markdownDescription": "A list of columns by which the table is partitioned. Only primitive types are supported as partition keys.\n\nWhen you create a table used by Amazon Athena, and you do not specify any `partitionKeys` , you must at least set the value of `partitionKeys` to an empty list. For example:\n\n`\"PartitionKeys\": []`", - "title": "PartitionKeys", - "type": "array" - }, - "Retention": { - "markdownDescription": "The retention time for this table.", - "title": "Retention", + } + }, + "type": "object" + }, + "AWS::EMRServerless::Application.SchedulerConfiguration": { + "additionalProperties": false, + "properties": { + "MaxConcurrentRuns": { + "markdownDescription": "The maximum concurrent job runs on this application. If scheduler configuration is enabled on your application, the default value is 15. The valid range is 1 to 1000.", + "title": "MaxConcurrentRuns", "type": "number" }, - "StorageDescriptor": { - "$ref": "#/definitions/AWS::Glue::Table.StorageDescriptor", - "markdownDescription": "A storage descriptor containing information about the physical storage of this table.", - "title": "StorageDescriptor" - }, - "TableType": { - "markdownDescription": "The type of this table. AWS Glue will create tables with the `EXTERNAL_TABLE` type. Other services, such as Athena, may create tables with additional table types.\n\nAWS Glue related table types:\n\n- **EXTERNAL_TABLE** - Hive compatible attribute - indicates a non-Hive managed table.\n- **GOVERNED** - Used by AWS Lake Formation . The AWS Glue Data Catalog understands `GOVERNED` .", - "title": "TableType", + "QueueTimeoutMinutes": { + "markdownDescription": "The maximum duration in minutes for the job in QUEUED state. If scheduler configuration is enabled on your application, the default value is 360 minutes (6 hours). The valid range is from 15 to 720.", + "title": "QueueTimeoutMinutes", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EMRServerless::Application.WorkerConfiguration": { + "additionalProperties": false, + "properties": { + "Cpu": { + "markdownDescription": "The CPU requirements of the worker configuration. Each worker can have 1, 2, 4, 8, or 16 vCPUs.", + "title": "Cpu", "type": "string" }, - "TargetTable": { - "$ref": "#/definitions/AWS::Glue::Table.TableIdentifier", - "markdownDescription": "A `TableIdentifier` structure that describes a target table for resource linking.", - "title": "TargetTable" + "Disk": { + "markdownDescription": "The disk requirements of the worker configuration.", + "title": "Disk", + "type": "string" }, - "ViewExpandedText": { - "markdownDescription": "Included for Apache Hive compatibility. Not used in the normal course of AWS Glue operations.", - "title": "ViewExpandedText", + "DiskType": { + "markdownDescription": "The disk type for every worker instance of the work type. Shuffle optimized disks have higher performance characteristics and are better for shuffle heavy workloads. Default is `STANDARD` .", + "title": "DiskType", "type": "string" }, - "ViewOriginalText": { - "markdownDescription": "Included for Apache Hive compatibility. Not used in the normal course of AWS Glue operations. If the table is a `VIRTUAL_VIEW` , certain Athena configuration encoded in base64.", - "title": "ViewOriginalText", + "Memory": { + "markdownDescription": "The memory requirements of the worker configuration.", + "title": "Memory", "type": "string" } }, + "required": [ + "Cpu", + "Memory" + ], "type": "object" }, - "AWS::Glue::TableOptimizer": { + "AWS::EMRServerless::Application.WorkerTypeSpecificationInput": { + "additionalProperties": false, + "properties": { + "ImageConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.ImageConfigurationInput", + "markdownDescription": "The image configuration for a worker type.", + "title": "ImageConfiguration" + } + }, + "type": "object" + }, + "AWS::EVS::Environment": { "additionalProperties": false, "properties": { "Condition": { @@ -108173,44 +112320,98 @@ "Properties": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The catalog ID of the table.", - "title": "CatalogId", + "ConnectivityInfo": { + "$ref": "#/definitions/AWS::EVS::Environment.ConnectivityInfo", + "markdownDescription": "The connectivity configuration for the environment. Amazon EVS requires that you specify two route server peer IDs. During environment creation, the route server endpoints peer with the NSX uplink VLAN for connectivity to the NSX overlay network.", + "title": "ConnectivityInfo" + }, + "EnvironmentName": { + "markdownDescription": "The name of the environment.", + "title": "EnvironmentName", "type": "string" }, - "DatabaseName": { - "markdownDescription": "The name of the database. For Hive compatibility, this is folded to lowercase when it is stored.", - "title": "DatabaseName", + "Hosts": { + "items": { + "$ref": "#/definitions/AWS::EVS::Environment.HostInfoForCreate" + }, + "markdownDescription": "Required for environment resource creation.", + "title": "Hosts", + "type": "array" + }, + "InitialVlans": { + "$ref": "#/definitions/AWS::EVS::Environment.InitialVlans", + "markdownDescription": "> Amazon EVS is in public preview release and is subject to change. \n\nThe initial VLAN subnets for the environment. Amazon EVS VLAN subnets have a minimum CIDR block size of /28 and a maximum size of /24. Amazon EVS VLAN subnet CIDR blocks must not overlap with other subnets in the VPC.\n\nRequired for environment resource creation.", + "title": "InitialVlans" + }, + "KmsKeyId": { + "markdownDescription": "The AWS KMS key ID that AWS Secrets Manager uses to encrypt secrets that are associated with the environment. These secrets contain the VCF credentials that are needed to install vCenter Server, NSX, and SDDC Manager.\n\nBy default, Amazon EVS use the AWS Secrets Manager managed key `aws/secretsmanager` . You can also specify a customer managed key.", + "title": "KmsKeyId", "type": "string" }, - "TableName": { - "markdownDescription": "The table name. For Hive compatibility, this must be entirely lowercase.", - "title": "TableName", + "LicenseInfo": { + "$ref": "#/definitions/AWS::EVS::Environment.LicenseInfo", + "markdownDescription": "The license information that Amazon EVS requires to create an environment. Amazon EVS requires two license keys: a VCF solution key and a vSAN license key. The VCF solution key must cover a minimum of 256 cores. The vSAN license key must provide at least 110 TiB of vSAN capacity.", + "title": "LicenseInfo" + }, + "ServiceAccessSecurityGroups": { + "$ref": "#/definitions/AWS::EVS::Environment.ServiceAccessSecurityGroups", + "markdownDescription": "The security groups that allow traffic between the Amazon EVS control plane and your VPC for service access. If a security group is not specified, Amazon EVS uses the default security group in your account for service access.", + "title": "ServiceAccessSecurityGroups" + }, + "ServiceAccessSubnetId": { + "markdownDescription": "The subnet that is used to establish connectivity between the Amazon EVS control plane and VPC. Amazon EVS uses this subnet to perform validations and create the environment.", + "title": "ServiceAccessSubnetId", "type": "string" }, - "TableOptimizerConfiguration": { - "$ref": "#/definitions/AWS::Glue::TableOptimizer.TableOptimizerConfiguration", - "markdownDescription": "Specifies configuration details of a table optimizer.", - "title": "TableOptimizerConfiguration" + "SiteId": { + "markdownDescription": "The Broadcom Site ID that is associated with your Amazon EVS environment. Amazon EVS uses the Broadcom Site ID that you provide to meet Broadcom VCF license usage reporting requirements for Amazon EVS.", + "title": "SiteId", + "type": "string" }, - "Type": { - "markdownDescription": "The type of table optimizer. The valid values are:\n\n- compaction - for managing compaction with a table optimizer.\n- retention - for managing the retention of snapshot with a table optimizer.\n- orphan_file_deletion - for managing the deletion of orphan files with a table optimizer.", - "title": "Type", + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or AWS resources.", + "title": "Tags", + "type": "array" + }, + "TermsAccepted": { + "markdownDescription": "Customer confirmation that the customer has purchased and will continue to maintain the required number of VCF software licenses to cover all physical processor cores in the Amazon EVS environment. Information about your VCF software in Amazon EVS will be shared with Broadcom to verify license compliance.", + "title": "TermsAccepted", + "type": "boolean" + }, + "VcfHostnames": { + "$ref": "#/definitions/AWS::EVS::Environment.VcfHostnames", + "markdownDescription": "The DNS hostnames to be used by the VCF management appliances in your environment.\n\nFor environment creation to be successful, each hostname entry must resolve to a domain name that you've registered in your DNS service of choice and configured in the DHCP option set of your VPC. DNS hostnames cannot be changed after environment creation has started.", + "title": "VcfHostnames" + }, + "VcfVersion": { + "markdownDescription": "The VCF version of the environment.", + "title": "VcfVersion", + "type": "string" + }, + "VpcId": { + "markdownDescription": "The VPC associated with the environment.", + "title": "VpcId", "type": "string" } }, "required": [ - "CatalogId", - "DatabaseName", - "TableName", - "TableOptimizerConfiguration", - "Type" + "ConnectivityInfo", + "LicenseInfo", + "ServiceAccessSubnetId", + "SiteId", + "TermsAccepted", + "VcfHostnames", + "VcfVersion", + "VpcId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Glue::TableOptimizer" + "AWS::EVS::Environment" ], "type": "string" }, @@ -108229,342 +112430,274 @@ ], "type": "object" }, - "AWS::Glue::TableOptimizer.TableOptimizerConfiguration": { + "AWS::EVS::Environment.Check": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Whether the table optimization is enabled.", - "title": "Enabled", - "type": "boolean" + "ImpairedSince": { + "markdownDescription": "The time when environment health began to be impaired.", + "title": "ImpairedSince", + "type": "string" }, - "RoleArn": { - "markdownDescription": "A role passed by the caller which gives the service permission to update the resources associated with the optimizer on the caller's behalf.", - "title": "RoleArn", + "Result": { + "markdownDescription": "The check result.", + "title": "Result", + "type": "string" + }, + "Type": { + "markdownDescription": "The check type. Amazon EVS performs the following checks.\n\n- `KEY_REUSE` : checks that the VCF license key is not used by another Amazon EVS environment. This check fails if a used license is added to the environment.\n- `KEY_COVERAGE` : checks that your VCF license key allocates sufficient vCPU cores for all deployed hosts. The check fails when any assigned hosts in the EVS environment are not covered by license keys, or when any unassigned hosts cannot be covered by available vCPU cores in keys.\n- `REACHABILITY` : checks that the Amazon EVS control plane has a persistent connection to SDDC Manager. If Amazon EVS cannot reach the environment, this check fails.\n- `HOST_COUNT` : Checks that your environment has a minimum of 4 hosts, which is a requirement for VCF 5.2.1.\n\nIf this check fails, you will need to add hosts so that your environment meets this minimum requirement. Amazon EVS only supports environments with 4-16 hosts.", + "title": "Type", "type": "string" } }, "required": [ - "Enabled", - "RoleArn" + "Result", + "Type" ], "type": "object" }, - "AWS::Glue::Trigger": { + "AWS::EVS::Environment.ConnectivityInfo": { "additionalProperties": false, "properties": { - "Condition": { + "PrivateRouteServerPeerings": { + "items": { + "type": "string" + }, + "markdownDescription": "The unique IDs for private route server peers.", + "title": "PrivateRouteServerPeerings", + "type": "array" + } + }, + "required": [ + "PrivateRouteServerPeerings" + ], + "type": "object" + }, + "AWS::EVS::Environment.HostInfoForCreate": { + "additionalProperties": false, + "properties": { + "DedicatedHostId": { + "markdownDescription": "The unique ID of the Amazon EC2 Dedicated Host.", + "title": "DedicatedHostId", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "HostName": { + "markdownDescription": "The DNS hostname of the host. DNS hostnames for hosts must be unique across Amazon EVS environments and within VCF.", + "title": "HostName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::Glue::Trigger.Action" - }, - "markdownDescription": "The actions initiated by this trigger.", - "title": "Actions", - "type": "array" - }, - "Description": { - "markdownDescription": "A description of this trigger.", - "title": "Description", - "type": "string" - }, - "EventBatchingCondition": { - "$ref": "#/definitions/AWS::Glue::Trigger.EventBatchingCondition", - "markdownDescription": "Batch condition that must be met (specified number of events received or batch time window expired) before EventBridge event trigger fires.", - "title": "EventBatchingCondition" - }, - "Name": { - "markdownDescription": "The name of the trigger.", - "title": "Name", - "type": "string" - }, - "Predicate": { - "$ref": "#/definitions/AWS::Glue::Trigger.Predicate", - "markdownDescription": "The predicate of this trigger, which defines when it will fire.", - "title": "Predicate" - }, - "Schedule": { - "markdownDescription": "A `cron` expression used to specify the schedule. For more information, see [Time-Based Schedules for Jobs and Crawlers](https://docs.aws.amazon.com/glue/latest/dg/monitor-data-warehouse-schedule.html) in the *AWS Glue Developer Guide* . For example, to run something every day at 12:15 UTC, specify `cron(15 12 * * ? *)` .", - "title": "Schedule", - "type": "string" - }, - "StartOnCreation": { - "markdownDescription": "Set to true to start `SCHEDULED` and `CONDITIONAL` triggers when created. True is not supported for `ON_DEMAND` triggers.", - "title": "StartOnCreation", - "type": "boolean" - }, - "Tags": { - "markdownDescription": "The tags to use with this trigger.", - "title": "Tags", - "type": "object" - }, - "Type": { - "markdownDescription": "The type of trigger that this is.", - "title": "Type", - "type": "string" - }, - "WorkflowName": { - "markdownDescription": "The name of the workflow associated with the trigger.", - "title": "WorkflowName", - "type": "string" - } - }, - "required": [ - "Actions", - "Type" - ], - "type": "object" + "InstanceType": { + "markdownDescription": "The EC2 instance type that represents the host.", + "title": "InstanceType", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Glue::Trigger" - ], + "KeyName": { + "markdownDescription": "The name of the SSH key that is used to access the host.", + "title": "KeyName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "PlacementGroupId": { + "markdownDescription": "The unique ID of the placement group where the host is placed.", + "title": "PlacementGroupId", "type": "string" } }, "required": [ - "Type", - "Properties" + "HostName", + "InstanceType", + "KeyName" ], "type": "object" }, - "AWS::Glue::Trigger.Action": { + "AWS::EVS::Environment.InitialVlanInfo": { "additionalProperties": false, "properties": { - "Arguments": { - "markdownDescription": "The job arguments used when this trigger fires. For this job run, they replace the default arguments set in the job definition itself.\n\nYou can specify arguments here that your own job-execution script consumes, in addition to arguments that AWS Glue itself consumes.\n\nFor information about how to specify and consume your own job arguments, see [Calling AWS Glue APIs in Python](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-python-calling.html) in the *AWS Glue Developer Guide* .\n\nFor information about the key-value pairs that AWS Glue consumes to set up your job, see the [Special Parameters Used by AWS Glue](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-etl-glue-arguments.html) topic in the developer guide.", - "title": "Arguments", - "type": "object" - }, - "CrawlerName": { - "markdownDescription": "The name of the crawler to be used with this action.", - "title": "CrawlerName", - "type": "string" - }, - "JobName": { - "markdownDescription": "The name of a job to be executed.", - "title": "JobName", - "type": "string" - }, - "NotificationProperty": { - "$ref": "#/definitions/AWS::Glue::Trigger.NotificationProperty", - "markdownDescription": "Specifies configuration properties of a job run notification.", - "title": "NotificationProperty" - }, - "SecurityConfiguration": { - "markdownDescription": "The name of the `SecurityConfiguration` structure to be used with this action.", - "title": "SecurityConfiguration", + "Cidr": { + "markdownDescription": "The CIDR block that you provide to create an Amazon EVS VLAN subnet. Amazon EVS VLAN subnets have a minimum CIDR block size of /28 and a maximum size of /24. Amazon EVS VLAN subnet CIDR blocks must not overlap with other subnets in the VPC.", + "title": "Cidr", "type": "string" - }, - "Timeout": { - "markdownDescription": "The `JobRun` timeout in minutes. This is the maximum time that a job run can consume resources before it is terminated and enters TIMEOUT status. The default is 2,880 minutes (48 hours). This overrides the timeout value set in the parent job.", - "title": "Timeout", - "type": "number" } }, + "required": [ + "Cidr" + ], "type": "object" }, - "AWS::Glue::Trigger.Condition": { + "AWS::EVS::Environment.InitialVlans": { "additionalProperties": false, "properties": { - "CrawlState": { - "markdownDescription": "The state of the crawler to which this condition applies.", - "title": "CrawlState", - "type": "string" + "EdgeVTep": { + "$ref": "#/definitions/AWS::EVS::Environment.InitialVlanInfo", + "markdownDescription": "The edge VTEP VLAN subnet. This VLAN subnet manages traffic flowing between the internal network and external networks, including internet access and other site connections.", + "title": "EdgeVTep" }, - "CrawlerName": { - "markdownDescription": "The name of the crawler to which this condition applies.", - "title": "CrawlerName", - "type": "string" + "ExpansionVlan1": { + "$ref": "#/definitions/AWS::EVS::Environment.InitialVlanInfo", + "markdownDescription": "An additional VLAN subnet that can be used to extend VCF capabilities once configured. For example, you can configure an expansion VLAN subnet to use NSX Federation for centralized management and synchronization of multiple NSX deployments across different locations.", + "title": "ExpansionVlan1" }, - "JobName": { - "markdownDescription": "The name of the job whose `JobRuns` this condition applies to, and on which this trigger waits.", - "title": "JobName", - "type": "string" + "ExpansionVlan2": { + "$ref": "#/definitions/AWS::EVS::Environment.InitialVlanInfo", + "markdownDescription": "An additional VLAN subnet that can be used to extend VCF capabilities once configured. For example, you can configure an expansion VLAN subnet to use NSX Federation for centralized management and synchronization of multiple NSX deployments across different locations.", + "title": "ExpansionVlan2" }, - "LogicalOperator": { - "markdownDescription": "A logical operator.", - "title": "LogicalOperator", - "type": "string" + "Hcx": { + "$ref": "#/definitions/AWS::EVS::Environment.InitialVlanInfo", + "markdownDescription": "The HCX VLAN subnet. This VLAN subnet allows the HCX Interconnnect (IX) and HCX Network Extension (NE) to reach their peers and enable HCX Service Mesh creation.", + "title": "Hcx" }, - "State": { - "markdownDescription": "The condition state. Currently, the values supported are `SUCCEEDED` , `STOPPED` , `TIMEOUT` , and `FAILED` .", - "title": "State", - "type": "string" + "NsxUpLink": { + "$ref": "#/definitions/AWS::EVS::Environment.InitialVlanInfo", + "markdownDescription": "The NSX uplink VLAN subnet. This VLAN subnet allows connectivity to the NSX overlay network.", + "title": "NsxUpLink" + }, + "VMotion": { + "$ref": "#/definitions/AWS::EVS::Environment.InitialVlanInfo", + "markdownDescription": "The vMotion VLAN subnet. This VLAN subnet carries traffic for vSphere vMotion.", + "title": "VMotion" + }, + "VSan": { + "$ref": "#/definitions/AWS::EVS::Environment.InitialVlanInfo", + "markdownDescription": "The vSAN VLAN subnet. This VLAN subnet carries the communication between ESXi hosts to implement a vSAN shared storage pool.", + "title": "VSan" + }, + "VTep": { + "$ref": "#/definitions/AWS::EVS::Environment.InitialVlanInfo", + "markdownDescription": "The VTEP VLAN subnet. This VLAN subnet handles internal network traffic between virtual machines within a VCF instance.", + "title": "VTep" + }, + "VmManagement": { + "$ref": "#/definitions/AWS::EVS::Environment.InitialVlanInfo", + "markdownDescription": "The VM management VLAN subnet. This VLAN subnet carries traffic for vSphere virtual machines.", + "title": "VmManagement" + }, + "VmkManagement": { + "$ref": "#/definitions/AWS::EVS::Environment.InitialVlanInfo", + "markdownDescription": "The host VMkernel management VLAN subnet. This VLAN subnet carries traffic for managing ESXi hosts and communicating with VMware vCenter Server.", + "title": "VmkManagement" } }, + "required": [ + "EdgeVTep", + "ExpansionVlan1", + "ExpansionVlan2", + "Hcx", + "NsxUpLink", + "VMotion", + "VSan", + "VTep", + "VmManagement", + "VmkManagement" + ], "type": "object" }, - "AWS::Glue::Trigger.EventBatchingCondition": { + "AWS::EVS::Environment.LicenseInfo": { "additionalProperties": false, "properties": { - "BatchSize": { - "markdownDescription": "Number of events that must be received from Amazon EventBridge before EventBridge event trigger fires.", - "title": "BatchSize", - "type": "number" + "SolutionKey": { + "markdownDescription": "The VCF solution key. This license unlocks VMware VCF product features, including vSphere, NSX, SDDC Manager, and vCenter Server. The VCF solution key must cover a minimum of 256 cores.", + "title": "SolutionKey", + "type": "string" }, - "BatchWindow": { - "markdownDescription": "Window of time in seconds after which EventBridge event trigger fires. Window starts when first event is received.", - "title": "BatchWindow", - "type": "number" + "VsanKey": { + "markdownDescription": "The VSAN license key. This license unlocks vSAN features. The vSAN license key must provide at least 110 TiB of vSAN capacity.", + "title": "VsanKey", + "type": "string" } }, "required": [ - "BatchSize" + "SolutionKey", + "VsanKey" ], "type": "object" }, - "AWS::Glue::Trigger.NotificationProperty": { + "AWS::EVS::Environment.Secret": { "additionalProperties": false, "properties": { - "NotifyDelayAfter": { - "markdownDescription": "After a job run starts, the number of minutes to wait before sending a job run delay notification", - "title": "NotifyDelayAfter", - "type": "number" + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the secret.", + "title": "SecretArn", + "type": "string" } }, "type": "object" }, - "AWS::Glue::Trigger.Predicate": { + "AWS::EVS::Environment.ServiceAccessSecurityGroups": { "additionalProperties": false, "properties": { - "Conditions": { + "SecurityGroups": { "items": { - "$ref": "#/definitions/AWS::Glue::Trigger.Condition" + "type": "string" }, - "markdownDescription": "A list of the conditions that determine when the trigger will fire.", - "title": "Conditions", + "markdownDescription": "The security groups that allow service access.", + "title": "SecurityGroups", "type": "array" - }, - "Logical": { - "markdownDescription": "An optional field if only one condition is listed. If multiple conditions are listed, then this field is required.", - "title": "Logical", - "type": "string" } }, "type": "object" }, - "AWS::Glue::Workflow": { + "AWS::EVS::Environment.VcfHostnames": { "additionalProperties": false, "properties": { - "Condition": { + "CloudBuilder": { + "markdownDescription": "The hostname for VMware Cloud Builder.", + "title": "CloudBuilder", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Nsx": { + "markdownDescription": "The VMware NSX hostname.", + "title": "Nsx", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "NsxEdge1": { + "markdownDescription": "The hostname for the first NSX Edge node.", + "title": "NsxEdge1", + "type": "string" }, - "Metadata": { - "type": "object" + "NsxEdge2": { + "markdownDescription": "The hostname for the second NSX Edge node.", + "title": "NsxEdge2", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DefaultRunProperties": { - "markdownDescription": "A collection of properties to be used as part of each execution of the workflow", - "title": "DefaultRunProperties", - "type": "object" - }, - "Description": { - "markdownDescription": "A description of the workflow", - "title": "Description", - "type": "string" - }, - "MaxConcurrentRuns": { - "markdownDescription": "You can use this parameter to prevent unwanted multiple updates to data, to control costs, or in some cases, to prevent exceeding the maximum number of concurrent runs of any of the component jobs. If you leave this parameter blank, there is no limit to the number of concurrent workflow runs.", - "title": "MaxConcurrentRuns", - "type": "number" - }, - "Name": { - "markdownDescription": "The name of the workflow representing the flow", - "title": "Name", - "type": "string" - }, - "Tags": { - "markdownDescription": "The tags to use with this workflow.", - "title": "Tags", - "type": "object" - } - }, - "type": "object" + "NsxManager1": { + "markdownDescription": "The hostname for the first VMware NSX Manager virtual machine (VM).", + "title": "NsxManager1", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Glue::Workflow" - ], + "NsxManager2": { + "markdownDescription": "The hostname for the second VMware NSX Manager virtual machine (VM).", + "title": "NsxManager2", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "NsxManager3": { + "markdownDescription": "The hostname for the third VMware NSX Manager virtual machine (VM).", + "title": "NsxManager3", + "type": "string" + }, + "SddcManager": { + "markdownDescription": "The hostname for SDDC Manager.", + "title": "SddcManager", + "type": "string" + }, + "VCenter": { + "markdownDescription": "The VMware vCenter hostname.", + "title": "VCenter", "type": "string" } }, "required": [ - "Type" + "CloudBuilder", + "Nsx", + "NsxEdge1", + "NsxEdge2", + "NsxManager1", + "NsxManager2", + "NsxManager3", + "SddcManager", + "VCenter" ], "type": "object" }, - "AWS::Grafana::Workspace": { + "AWS::ElastiCache::CacheCluster": { "additionalProperties": false, "properties": { "Condition": { @@ -108599,114 +112732,160 @@ "Properties": { "additionalProperties": false, "properties": { - "AccountAccessType": { - "markdownDescription": "Specifies whether the workspace can access AWS resources in this AWS account only, or whether it can also access AWS resources in other accounts in the same organization. If this is `ORGANIZATION` , the `OrganizationalUnits` parameter specifies which organizational units the workspace can access.", - "title": "AccountAccessType", + "AZMode": { + "markdownDescription": "Specifies whether the nodes in this Memcached cluster are created in a single Availability Zone or created across multiple Availability Zones in the cluster's region.\n\nThis parameter is only supported for Memcached clusters.\n\nIf the `AZMode` and `PreferredAvailabilityZones` are not specified, ElastiCache assumes `single-az` mode.", + "title": "AZMode", "type": "string" }, - "AuthenticationProviders": { + "AutoMinorVersionUpgrade": { + "markdownDescription": "If you are running Valkey 7.2 or later, or Redis OSS engine version 6.0 or later, set this parameter to yes if you want to opt-in to the next minor version upgrade campaign. This parameter is disabled for previous versions.", + "title": "AutoMinorVersionUpgrade", + "type": "boolean" + }, + "CacheNodeType": { + "markdownDescription": "The compute and memory capacity of the nodes in the node group (shard).\n\nThe following node types are supported by ElastiCache. Generally speaking, the current generation types provide more memory and computational power at lower cost when compared to their equivalent previous generation counterparts. Changing the CacheNodeType of a Memcached instance is currently not supported. If you need to scale using Memcached, we recommend forcing a replacement update by changing the `LogicalResourceId` of the resource.\n\n- General purpose:\n\n- Current generation:\n\n*M6g node types:* `cache.m6g.large` , `cache.m6g.xlarge` , `cache.m6g.2xlarge` , `cache.m6g.4xlarge` , `cache.m6g.8xlarge` , `cache.m6g.12xlarge` , `cache.m6g.16xlarge` , `cache.m6g.24xlarge`\n\n*M5 node types:* `cache.m5.large` , `cache.m5.xlarge` , `cache.m5.2xlarge` , `cache.m5.4xlarge` , `cache.m5.12xlarge` , `cache.m5.24xlarge`\n\n*M4 node types:* `cache.m4.large` , `cache.m4.xlarge` , `cache.m4.2xlarge` , `cache.m4.4xlarge` , `cache.m4.10xlarge`\n\n*T4g node types:* `cache.t4g.micro` , `cache.t4g.small` , `cache.t4g.medium`\n\n*T3 node types:* `cache.t3.micro` , `cache.t3.small` , `cache.t3.medium`\n\n*T2 node types:* `cache.t2.micro` , `cache.t2.small` , `cache.t2.medium`\n- Previous generation: (not recommended)\n\n*T1 node types:* `cache.t1.micro`\n\n*M1 node types:* `cache.m1.small` , `cache.m1.medium` , `cache.m1.large` , `cache.m1.xlarge`\n\n*M3 node types:* `cache.m3.medium` , `cache.m3.large` , `cache.m3.xlarge` , `cache.m3.2xlarge`\n- Compute optimized:\n\n- Previous generation: (not recommended)\n\n*C1 node types:* `cache.c1.xlarge`\n- Memory optimized:\n\n- Current generation:\n\n*R6gd node types:* `cache.r6gd.xlarge` , `cache.r6gd.2xlarge` , `cache.r6gd.4xlarge` , `cache.r6gd.8xlarge` , `cache.r6gd.12xlarge` , `cache.r6gd.16xlarge`\n\n> The `r6gd` family is available in the following regions: `us-east-2` , `us-east-1` , `us-west-2` , `us-west-1` , `eu-west-1` , `eu-central-1` , `ap-northeast-1` , `ap-southeast-1` , `ap-southeast-2` . \n\n*R6g node types:* `cache.r6g.large` , `cache.r6g.xlarge` , `cache.r6g.2xlarge` , `cache.r6g.4xlarge` , `cache.r6g.8xlarge` , `cache.r6g.12xlarge` , `cache.r6g.16xlarge` , `cache.r6g.24xlarge`\n\n*R5 node types:* `cache.r5.large` , `cache.r5.xlarge` , `cache.r5.2xlarge` , `cache.r5.4xlarge` , `cache.r5.12xlarge` , `cache.r5.24xlarge`\n\n*R4 node types:* `cache.r4.large` , `cache.r4.xlarge` , `cache.r4.2xlarge` , `cache.r4.4xlarge` , `cache.r4.8xlarge` , `cache.r4.16xlarge`\n- Previous generation: (not recommended)\n\n*M2 node types:* `cache.m2.xlarge` , `cache.m2.2xlarge` , `cache.m2.4xlarge`\n\n*R3 node types:* `cache.r3.large` , `cache.r3.xlarge` , `cache.r3.2xlarge` , `cache.r3.4xlarge` , `cache.r3.8xlarge`\n\nFor region availability, see [Supported Node Types by Region](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/CacheNodes.SupportedTypes.html#CacheNodes.SupportedTypesByRegion)\n\n*Additional node type info*\n\n- All current generation instance types are created in Amazon VPC by default.\n- Valkey and Redis OSS append-only files (AOF) are not supported for T1 or T2 instances.\n- Valkey and Redis OSS Multi-AZ with automatic failover is not supported on T1 instances.\n- Redis OSS configuration variables `appendonly` and `appendfsync` are not supported on Redis OSS version 2.8.22 and later.", + "title": "CacheNodeType", + "type": "string" + }, + "CacheParameterGroupName": { + "markdownDescription": "The name of the parameter group to associate with this cluster. If this argument is omitted, the default parameter group for the specified engine is used. You cannot use any parameter group which has `cluster-enabled='yes'` when creating a cluster.", + "title": "CacheParameterGroupName", + "type": "string" + }, + "CacheSecurityGroupNames": { "items": { "type": "string" }, - "markdownDescription": "Specifies whether this workspace uses SAML 2.0, AWS IAM Identity Center , or both to authenticate users for using the Grafana console within a workspace. For more information, see [User authentication in Amazon Managed Grafana](https://docs.aws.amazon.com/grafana/latest/userguide/authentication-in-AMG.html) .\n\n*Allowed Values* : `AWS_SSO | SAML`", - "title": "AuthenticationProviders", + "markdownDescription": "A list of security group names to associate with this cluster.\n\nUse this parameter only when you are creating a cluster outside of an Amazon Virtual Private Cloud (Amazon VPC).", + "title": "CacheSecurityGroupNames", "type": "array" }, - "ClientToken": { - "markdownDescription": "A unique, case-sensitive, user-provided identifier to ensure the idempotency of the request.", - "title": "ClientToken", + "CacheSubnetGroupName": { + "markdownDescription": "The name of the subnet group to be used for the cluster.\n\nUse this parameter only when you are creating a cluster in an Amazon Virtual Private Cloud (Amazon VPC).\n\n> If you're going to launch your cluster in an Amazon VPC, you need to create a subnet group before you start creating a cluster. For more information, see `[AWS::ElastiCache::SubnetGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticache-subnetgroup.html) .`", + "title": "CacheSubnetGroupName", "type": "string" }, - "DataSources": { + "ClusterName": { + "markdownDescription": "A name for the cache cluster. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the cache cluster. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nThe name must contain 1 to 50 alphanumeric characters or hyphens. The name must start with a letter and cannot end with a hyphen or contain two consecutive hyphens.", + "title": "ClusterName", + "type": "string" + }, + "Engine": { + "markdownDescription": "The name of the cache engine to be used for this cluster.\n\nValid values for this parameter are: `memcached` | valkey | `redis`", + "title": "Engine", + "type": "string" + }, + "EngineVersion": { + "markdownDescription": "The version number of the cache engine to be used for this cluster. To view the supported cache engine versions, use the DescribeCacheEngineVersions operation.\n\n*Important:* You can upgrade to a newer engine version (see [Selecting a Cache Engine and Version](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/SelectEngine.html#VersionManagement) ), but you cannot downgrade to an earlier engine version. If you want to use an earlier engine version, you must delete the existing cluster or replication group and create it anew with the earlier engine version.", + "title": "EngineVersion", + "type": "string" + }, + "IpDiscovery": { + "markdownDescription": "The network type you choose when modifying a cluster, either `ipv4` | `ipv6` . IPv6 is supported for workloads using Valkey 7.2 and above, Redis OSS engine version 6.2 to 7.1 and Memcached engine version 1.6.6 and above on all instances built on the [Nitro system](https://docs.aws.amazon.com/ec2/nitro/) .", + "title": "IpDiscovery", + "type": "string" + }, + "LogDeliveryConfigurations": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::ElastiCache::CacheCluster.LogDeliveryConfigurationRequest" }, - "markdownDescription": "Specifies the AWS data sources that have been configured to have IAM roles and permissions created to allow Amazon Managed Grafana to read data from these sources.\n\nThis list is only used when the workspace was created through the AWS console, and the `permissionType` is `SERVICE_MANAGED` .", - "title": "DataSources", + "markdownDescription": "Specifies the destination, format and type of the logs.", + "title": "LogDeliveryConfigurations", "type": "array" }, - "Description": { - "markdownDescription": "The user-defined description of the workspace.", - "title": "Description", + "NetworkType": { + "markdownDescription": "Must be either `ipv4` | `ipv6` | `dual_stack` . IPv6 is supported for workloads using Valkey 7.2 and above, Redis OSS engine version 6.2 to 7.1 and Memcached engine version 1.6.6 and above on all instances built on the [Nitro system](https://docs.aws.amazon.com/ec2/nitro/) .", + "title": "NetworkType", "type": "string" }, - "GrafanaVersion": { - "markdownDescription": "Specifies the version of Grafana to support in the workspace. Defaults to the latest version on create (for example, 9.4), or the current version of the workspace on update.\n\nCan only be used to upgrade (for example, from 8.4 to 9.4), not downgrade (for example, from 9.4 to 8.4).\n\nTo know what versions are available to upgrade to for a specific workspace, see the [ListVersions](https://docs.aws.amazon.com/grafana/latest/APIReference/API_ListVersions.html) operation.", - "title": "GrafanaVersion", + "NotificationTopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Simple Notification Service (SNS) topic to which notifications are sent.\n\n> The Amazon SNS topic owner must be the same as the cluster owner.", + "title": "NotificationTopicArn", "type": "string" }, - "Name": { - "markdownDescription": "The name of the workspace.", - "title": "Name", - "type": "string" + "NumCacheNodes": { + "markdownDescription": "The number of cache nodes that the cache cluster should have.\n\n> However, if the `PreferredAvailabilityZone` and `PreferredAvailabilityZones` properties were not previously specified and you don't specify any new values, an update requires [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", + "title": "NumCacheNodes", + "type": "number" }, - "NetworkAccessControl": { - "$ref": "#/definitions/AWS::Grafana::Workspace.NetworkAccessControl", - "markdownDescription": "The configuration settings for network access to your workspace.", - "title": "NetworkAccessControl" + "Port": { + "markdownDescription": "The port number on which each of the cache nodes accepts connections.", + "title": "Port", + "type": "number" }, - "NotificationDestinations": { + "PreferredAvailabilityZone": { + "markdownDescription": "The EC2 Availability Zone in which the cluster is created.\n\nAll nodes belonging to this cluster are placed in the preferred Availability Zone. If you want to create your nodes across multiple Availability Zones, use `PreferredAvailabilityZones` .\n\nDefault: System chosen Availability Zone.", + "title": "PreferredAvailabilityZone", + "type": "string" + }, + "PreferredAvailabilityZones": { "items": { "type": "string" }, - "markdownDescription": "The AWS notification channels that Amazon Managed Grafana can automatically create IAM roles and permissions for, to allow Amazon Managed Grafana to use these channels.\n\n*AllowedValues* : `SNS`", - "title": "NotificationDestinations", + "markdownDescription": "A list of the Availability Zones in which cache nodes are created. The order of the zones in the list is not important.\n\nThis option is only supported on Memcached.\n\n> If you are creating your cluster in an Amazon VPC (recommended) you can only locate nodes in Availability Zones that are associated with the subnets in the selected subnet group.\n> \n> The number of Availability Zones listed must equal the value of `NumCacheNodes` . \n\nIf you want all the nodes in the same Availability Zone, use `PreferredAvailabilityZone` instead, or repeat the Availability Zone multiple times in the list.\n\nDefault: System chosen Availability Zones.", + "title": "PreferredAvailabilityZones", "type": "array" }, - "OrganizationRoleName": { - "markdownDescription": "The name of the IAM role that is used to access resources through Organizations.", - "title": "OrganizationRoleName", + "PreferredMaintenanceWindow": { + "markdownDescription": "Specifies the weekly time range during which maintenance on the cluster is performed. It is specified as a range in the format ddd:hh24:mi-ddd:hh24:mi (24H Clock UTC). The minimum maintenance window is a 60 minute period.\n\nValid values for `ddd` are:\n\n- `sun`\n- `mon`\n- `tue`\n- `wed`\n- `thu`\n- `fri`\n- `sat`\n\nExample: `sun:23:00-mon:01:30`", + "title": "PreferredMaintenanceWindow", "type": "string" }, - "OrganizationalUnits": { + "SnapshotArns": { "items": { "type": "string" }, - "markdownDescription": "Specifies the organizational units that this workspace is allowed to use data sources from, if this workspace is in an account that is part of an organization.", - "title": "OrganizationalUnits", + "markdownDescription": "A single-element string list containing an Amazon Resource Name (ARN) that uniquely identifies a Valkey or Redis OSS RDB snapshot file stored in Amazon S3. The snapshot file is used to populate the node group (shard). The Amazon S3 object name in the ARN cannot contain any commas.\n\n> This parameter is only valid if the `Engine` parameter is `redis` . \n\nExample of an Amazon S3 ARN: `arn:aws:s3:::my_bucket/snapshot1.rdb`", + "title": "SnapshotArns", "type": "array" }, - "PermissionType": { - "markdownDescription": "If this is `SERVICE_MANAGED` , and the workplace was created through the Amazon Managed Grafana console, then Amazon Managed Grafana automatically creates the IAM roles and provisions the permissions that the workspace needs to use AWS data sources and notification channels.\n\nIf this is `CUSTOMER_MANAGED` , you must manage those roles and permissions yourself.\n\nIf you are working with a workspace in a member account of an organization and that account is not a delegated administrator account, and you want the workspace to access data sources in other AWS accounts in the organization, this parameter must be set to `CUSTOMER_MANAGED` .\n\nFor more information about converting between customer and service managed, see [Managing permissions for data sources and notification channels](https://docs.aws.amazon.com/grafana/latest/userguide/AMG-datasource-and-notification.html) . For more information about the roles and permissions that must be managed for customer managed workspaces, see [Amazon Managed Grafana permissions and policies for AWS data sources and notification channels](https://docs.aws.amazon.com/grafana/latest/userguide/AMG-manage-permissions.html)", - "title": "PermissionType", + "SnapshotName": { + "markdownDescription": "The name of a Valkey or Redis OSS snapshot from which to restore data into the new node group (shard). The snapshot status changes to `restoring` while the new node group (shard) is being created.\n\n> This parameter is only valid if the `Engine` parameter is `redis` .", + "title": "SnapshotName", "type": "string" }, - "PluginAdminEnabled": { - "markdownDescription": "Whether plugin administration is enabled in the workspace. Setting to `true` allows workspace admins to install, uninstall, and update plugins from within the Grafana workspace.\n\n> This option is only valid for workspaces that support Grafana version 9 or newer.", - "title": "PluginAdminEnabled", - "type": "boolean" + "SnapshotRetentionLimit": { + "markdownDescription": "The number of days for which ElastiCache retains automatic snapshots before deleting them. For example, if you set `SnapshotRetentionLimit` to 5, a snapshot taken today is retained for 5 days before being deleted.\n\n> This parameter is only valid if the `Engine` parameter is `redis` . \n\nDefault: 0 (i.e., automatic backups are disabled for this cache cluster).", + "title": "SnapshotRetentionLimit", + "type": "number" }, - "RoleArn": { - "markdownDescription": "The IAM role that grants permissions to the AWS resources that the workspace will view data from. This role must already exist.", - "title": "RoleArn", + "SnapshotWindow": { + "markdownDescription": "The daily time range (in UTC) during which ElastiCache begins taking a daily snapshot of your node group (shard).\n\nExample: `05:00-09:00`\n\nIf you do not specify this parameter, ElastiCache automatically chooses an appropriate time range.\n\n> This parameter is only valid if the `Engine` parameter is `redis` .", + "title": "SnapshotWindow", "type": "string" }, - "SamlConfiguration": { - "$ref": "#/definitions/AWS::Grafana::Workspace.SamlConfiguration", - "markdownDescription": "If the workspace uses SAML, use this structure to map SAML assertion attributes to workspace user information and define which groups in the assertion attribute are to have the `Admin` and `Editor` roles in the workspace.", - "title": "SamlConfiguration" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags to be added to this resource.", + "title": "Tags", + "type": "array" }, - "StackSetName": { - "markdownDescription": "The name of the AWS CloudFormation stack set that is used to generate IAM roles to be used for this workspace.", - "title": "StackSetName", - "type": "string" + "TransitEncryptionEnabled": { + "markdownDescription": "A flag that enables in-transit encryption when set to true.", + "title": "TransitEncryptionEnabled", + "type": "boolean" }, - "VpcConfiguration": { - "$ref": "#/definitions/AWS::Grafana::Workspace.VpcConfiguration", - "markdownDescription": "The configuration settings for an Amazon VPC that contains data sources for your Grafana workspace to connect to.\n\n> Connecting to a private VPC is not yet available in the Asia Pacific (Seoul) Region (ap-northeast-2).", - "title": "VpcConfiguration" + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more VPC security groups associated with the cluster.\n\nUse this parameter only when you are creating a cluster in an Amazon Virtual Private Cloud (Amazon VPC).", + "title": "VpcSecurityGroupIds", + "type": "array" } }, "required": [ - "AccountAccessType", - "AuthenticationProviders", - "PermissionType" + "CacheNodeType", + "Engine", + "NumCacheNodes" ], "type": "object" }, "Type": { "enum": [ - "AWS::Grafana::Workspace" + "AWS::ElastiCache::CacheCluster" ], "type": "string" }, @@ -108725,166 +112904,83 @@ ], "type": "object" }, - "AWS::Grafana::Workspace.AssertionAttributes": { - "additionalProperties": false, - "properties": { - "Email": { - "markdownDescription": "The name of the attribute within the SAML assertion to use as the email names for SAML users.", - "title": "Email", - "type": "string" - }, - "Groups": { - "markdownDescription": "The name of the attribute within the SAML assertion to use as the user full \"friendly\" names for user groups.", - "title": "Groups", - "type": "string" - }, - "Login": { - "markdownDescription": "The name of the attribute within the SAML assertion to use as the login names for SAML users.", - "title": "Login", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the attribute within the SAML assertion to use as the user full \"friendly\" names for SAML users.", - "title": "Name", - "type": "string" - }, - "Org": { - "markdownDescription": "The name of the attribute within the SAML assertion to use as the user full \"friendly\" names for the users' organizations.", - "title": "Org", - "type": "string" - }, - "Role": { - "markdownDescription": "The name of the attribute within the SAML assertion to use as the user roles.", - "title": "Role", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Grafana::Workspace.IdpMetadata": { + "AWS::ElastiCache::CacheCluster.CloudWatchLogsDestinationDetails": { "additionalProperties": false, "properties": { - "Url": { - "markdownDescription": "The URL of the location containing the IdP metadata.", - "title": "Url", - "type": "string" - }, - "Xml": { - "markdownDescription": "The full IdP metadata, in XML format.", - "title": "Xml", + "LogGroup": { + "markdownDescription": "The name of the CloudWatch Logs log group.", + "title": "LogGroup", "type": "string" } }, + "required": [ + "LogGroup" + ], "type": "object" }, - "AWS::Grafana::Workspace.NetworkAccessControl": { - "additionalProperties": false, - "properties": { - "PrefixListIds": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of prefix list IDs. A prefix list is a list of CIDR ranges of IP addresses. The IP addresses specified are allowed to access your workspace. If the list is not included in the configuration (passed an empty array) then no IP addresses are allowed to access the workspace. You create a prefix list using the Amazon VPC console.\n\nPrefix list IDs have the format `pl- *1a2b3c4d*` .\n\nFor more information about prefix lists, see [Group CIDR blocks using managed prefix lists](https://docs.aws.amazon.com/vpc/latest/userguide/managed-prefix-lists.html) in the *Amazon Virtual Private Cloud User Guide* .", - "title": "PrefixListIds", - "type": "array" - }, - "VpceIds": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of Amazon VPC endpoint IDs for the workspace. You can create VPC endpoints to your Amazon Managed Grafana workspace for access from within a VPC. If a `NetworkAccessConfiguration` is specified then only VPC endpoints specified here are allowed to access the workspace. If you pass in an empty array of strings, then no VPCs are allowed to access the workspace.\n\nVPC endpoint IDs have the format `vpce- *1a2b3c4d*` .\n\nFor more information about creating an interface VPC endpoint, see [Interface VPC endpoints](https://docs.aws.amazon.com/grafana/latest/userguide/VPC-endpoints) in the *Amazon Managed Grafana User Guide* .\n\n> The only VPC endpoints that can be specified here are interface VPC endpoints for Grafana workspaces (using the `com.amazonaws.[region].grafana-workspace` service endpoint). Other VPC endpoints are ignored.", - "title": "VpceIds", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Grafana::Workspace.RoleValues": { + "AWS::ElastiCache::CacheCluster.DestinationDetails": { "additionalProperties": false, "properties": { - "Admin": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of groups from the SAML assertion attribute to grant the Grafana `Admin` role to.", - "title": "Admin", - "type": "array" + "CloudWatchLogsDetails": { + "$ref": "#/definitions/AWS::ElastiCache::CacheCluster.CloudWatchLogsDestinationDetails", + "markdownDescription": "The configuration details of the CloudWatch Logs destination. Note that this field is marked as required but only if CloudWatch Logs was chosen as the destination.", + "title": "CloudWatchLogsDetails" }, - "Editor": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of groups from the SAML assertion attribute to grant the Grafana `Editor` role to.", - "title": "Editor", - "type": "array" + "KinesisFirehoseDetails": { + "$ref": "#/definitions/AWS::ElastiCache::CacheCluster.KinesisFirehoseDestinationDetails", + "markdownDescription": "The configuration details of the Kinesis Data Firehose destination. Note that this field is marked as required but only if Kinesis Data Firehose was chosen as the destination.", + "title": "KinesisFirehoseDetails" } }, "type": "object" }, - "AWS::Grafana::Workspace.SamlConfiguration": { + "AWS::ElastiCache::CacheCluster.KinesisFirehoseDestinationDetails": { "additionalProperties": false, "properties": { - "AllowedOrganizations": { - "items": { - "type": "string" - }, - "markdownDescription": "Lists which organizations defined in the SAML assertion are allowed to use the Amazon Managed Grafana workspace. If this is empty, all organizations in the assertion attribute have access.", - "title": "AllowedOrganizations", - "type": "array" - }, - "AssertionAttributes": { - "$ref": "#/definitions/AWS::Grafana::Workspace.AssertionAttributes", - "markdownDescription": "A structure that defines which attributes in the SAML assertion are to be used to define information about the users authenticated by that IdP to use the workspace.", - "title": "AssertionAttributes" - }, - "IdpMetadata": { - "$ref": "#/definitions/AWS::Grafana::Workspace.IdpMetadata", - "markdownDescription": "A structure containing the identity provider (IdP) metadata used to integrate the identity provider with this workspace.", - "title": "IdpMetadata" - }, - "LoginValidityDuration": { - "markdownDescription": "How long a sign-on session by a SAML user is valid, before the user has to sign on again.", - "title": "LoginValidityDuration", - "type": "number" - }, - "RoleValues": { - "$ref": "#/definitions/AWS::Grafana::Workspace.RoleValues", - "markdownDescription": "A structure containing arrays that map group names in the SAML assertion to the Grafana `Admin` and `Editor` roles in the workspace.", - "title": "RoleValues" + "DeliveryStream": { + "markdownDescription": "The name of the Kinesis Data Firehose delivery stream.", + "title": "DeliveryStream", + "type": "string" } }, "required": [ - "IdpMetadata" + "DeliveryStream" ], "type": "object" }, - "AWS::Grafana::Workspace.VpcConfiguration": { + "AWS::ElastiCache::CacheCluster.LogDeliveryConfigurationRequest": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of Amazon EC2 security group IDs attached to the Amazon VPC for your Grafana workspace to connect. Duplicates not allowed.\n\n*Array Members* : Minimum number of 1 items. Maximum number of 5 items.\n\n*Length* : Minimum length of 0. Maximum length of 255.", - "title": "SecurityGroupIds", - "type": "array" + "DestinationDetails": { + "$ref": "#/definitions/AWS::ElastiCache::CacheCluster.DestinationDetails", + "markdownDescription": "Configuration details of either a CloudWatch Logs destination or Kinesis Data Firehose destination.", + "title": "DestinationDetails" }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of Amazon EC2 subnet IDs created in the Amazon VPC for your Grafana workspace to connect. Duplicates not allowed.\n\n*Array Members* : Minimum number of 2 items. Maximum number of 6 items.\n\n*Length* : Minimum length of 0. Maximum length of 255.", - "title": "SubnetIds", - "type": "array" + "DestinationType": { + "markdownDescription": "Specify either CloudWatch Logs or Kinesis Data Firehose as the destination type. Valid values are either `cloudwatch-logs` or `kinesis-firehose` .", + "title": "DestinationType", + "type": "string" + }, + "LogFormat": { + "markdownDescription": "Valid values are either `json` or `text` .", + "title": "LogFormat", + "type": "string" + }, + "LogType": { + "markdownDescription": "Valid value is either `slow-log` , which refers to [slow-log](https://docs.aws.amazon.com/https://redis.io/commands/slowlog) or `engine-log` .", + "title": "LogType", + "type": "string" } }, "required": [ - "SecurityGroupIds", - "SubnetIds" + "DestinationDetails", + "DestinationType", + "LogFormat", + "LogType" ], "type": "object" }, - "AWS::Greengrass::ConnectorDefinition": { + "AWS::ElastiCache::GlobalReplicationGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -108919,148 +113015,71 @@ "Properties": { "additionalProperties": false, "properties": { - "InitialVersion": { - "$ref": "#/definitions/AWS::Greengrass::ConnectorDefinition.ConnectorDefinitionVersion", - "markdownDescription": "The connector definition version to include when the connector definition is created. A connector definition version contains a list of [`connector`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-connectordefinition-connector.html) property types.\n\n> To associate a connector definition version after the connector definition is created, create an [`AWS::Greengrass::ConnectorDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-connectordefinitionversion.html) resource and specify the ID of this connector definition.", - "title": "InitialVersion" + "AutomaticFailoverEnabled": { + "markdownDescription": "Specifies whether a read-only replica is automatically promoted to read/write primary if the existing primary fails.\n\n`AutomaticFailoverEnabled` must be enabled for Valkey or Redis OSS (cluster mode enabled) replication groups.", + "title": "AutomaticFailoverEnabled", + "type": "boolean" }, - "Name": { - "markdownDescription": "The name of the connector definition.", - "title": "Name", + "CacheNodeType": { + "markdownDescription": "The cache node type of the Global datastore", + "title": "CacheNodeType", "type": "string" }, - "Tags": { - "markdownDescription": "Application-specific metadata to attach to the connector definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", - "title": "Tags", - "type": "object" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Greengrass::ConnectorDefinition" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::Greengrass::ConnectorDefinition.Connector": { - "additionalProperties": false, - "properties": { - "ConnectorArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the connector.\n\nFor more information about connectors provided by AWS , see [Greengrass Connectors Provided by AWS](https://docs.aws.amazon.com/greengrass/v1/developerguide/connectors-list.html) .", - "title": "ConnectorArn", - "type": "string" - }, - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the connector. This value must be unique within the connector definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", - "type": "string" - }, - "Parameters": { - "markdownDescription": "The parameters or configuration used by the connector.\n\nFor more information about connectors provided by AWS , see [Greengrass Connectors Provided by AWS](https://docs.aws.amazon.com/greengrass/v1/developerguide/connectors-list.html) .", - "title": "Parameters", - "type": "object" - } - }, - "required": [ - "ConnectorArn", - "Id" - ], - "type": "object" - }, - "AWS::Greengrass::ConnectorDefinition.ConnectorDefinitionVersion": { - "additionalProperties": false, - "properties": { - "Connectors": { - "items": { - "$ref": "#/definitions/AWS::Greengrass::ConnectorDefinition.Connector" - }, - "markdownDescription": "The connectors in this version. Only one instance of a given connector can be added to a connector definition version at a time.", - "title": "Connectors", - "type": "array" - } - }, - "required": [ - "Connectors" - ], - "type": "object" - }, - "AWS::Greengrass::ConnectorDefinitionVersion": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + "CacheParameterGroupName": { + "markdownDescription": "The name of the cache parameter group to use with the Global datastore. It must be compatible with the major engine version used by the Global datastore.", + "title": "CacheParameterGroupName", "type": "string" }, - { + "Engine": { + "markdownDescription": "The ElastiCache engine. For Valkey or Redis OSS only.", + "title": "Engine", + "type": "string" + }, + "EngineVersion": { + "markdownDescription": "The Elasticache Valkey or Redis OSS engine version.", + "title": "EngineVersion", + "type": "string" + }, + "GlobalNodeGroupCount": { + "markdownDescription": "The number of node groups that comprise the Global Datastore.", + "title": "GlobalNodeGroupCount", + "type": "number" + }, + "GlobalReplicationGroupDescription": { + "markdownDescription": "The optional description of the Global datastore", + "title": "GlobalReplicationGroupDescription", + "type": "string" + }, + "GlobalReplicationGroupIdSuffix": { + "markdownDescription": "The suffix name of a Global Datastore. The suffix guarantees uniqueness of the Global Datastore name across multiple regions.", + "title": "GlobalReplicationGroupIdSuffix", + "type": "string" + }, + "Members": { "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" + "$ref": "#/definitions/AWS::ElastiCache::GlobalReplicationGroup.GlobalReplicationGroupMember" }, + "markdownDescription": "The replication groups that comprise the Global datastore.", + "title": "Members", "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ConnectorDefinitionId": { - "markdownDescription": "The ID of the connector definition associated with this version. This value is a GUID.", - "title": "ConnectorDefinitionId", - "type": "string" }, - "Connectors": { + "RegionalConfigurations": { "items": { - "$ref": "#/definitions/AWS::Greengrass::ConnectorDefinitionVersion.Connector" + "$ref": "#/definitions/AWS::ElastiCache::GlobalReplicationGroup.RegionalConfiguration" }, - "markdownDescription": "The connectors in this version. Only one instance of a given connector can be added to the connector definition version at a time.", - "title": "Connectors", + "markdownDescription": "The Regions that comprise the Global Datastore.", + "title": "RegionalConfigurations", "type": "array" } }, "required": [ - "ConnectorDefinitionId", - "Connectors" + "Members" ], "type": "object" }, "Type": { "enum": [ - "AWS::Greengrass::ConnectorDefinitionVersion" + "AWS::ElastiCache::GlobalReplicationGroup" ], "type": "string" }, @@ -109079,157 +113098,71 @@ ], "type": "object" }, - "AWS::Greengrass::ConnectorDefinitionVersion.Connector": { + "AWS::ElastiCache::GlobalReplicationGroup.GlobalReplicationGroupMember": { "additionalProperties": false, "properties": { - "ConnectorArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the connector.\n\nFor more information about connectors provided by AWS , see [Greengrass Connectors Provided by AWS](https://docs.aws.amazon.com/greengrass/v1/developerguide/connectors-list.html) .", - "title": "ConnectorArn", + "ReplicationGroupId": { + "markdownDescription": "The replication group id of the Global datastore member.", + "title": "ReplicationGroupId", "type": "string" }, - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the connector. This value must be unique within the connector definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", + "ReplicationGroupRegion": { + "markdownDescription": "The Amazon region of the Global datastore member.", + "title": "ReplicationGroupRegion", "type": "string" }, - "Parameters": { - "markdownDescription": "The parameters or configuration that the connector uses.\n\nFor more information about connectors provided by AWS , see [Greengrass Connectors Provided by AWS](https://docs.aws.amazon.com/greengrass/v1/developerguide/connectors-list.html) .", - "title": "Parameters", - "type": "object" + "Role": { + "markdownDescription": "Indicates the role of the replication group, `PRIMARY` or `SECONDARY` .", + "title": "Role", + "type": "string" } }, - "required": [ - "ConnectorArn", - "Id" - ], "type": "object" }, - "AWS::Greengrass::CoreDefinition": { + "AWS::ElastiCache::GlobalReplicationGroup.RegionalConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "ReplicationGroupId": { + "markdownDescription": "The name of the secondary cluster", + "title": "ReplicationGroupId", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ReplicationGroupRegion": { + "markdownDescription": "The Amazon region where the cluster is stored", + "title": "ReplicationGroupRegion", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "InitialVersion": { - "$ref": "#/definitions/AWS::Greengrass::CoreDefinition.CoreDefinitionVersion", - "markdownDescription": "The core definition version to include when the core definition is created. Currently, a core definition version can contain only one [`core`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-coredefinition-core.html) .\n\n> To associate a core definition version after the core definition is created, create an [`AWS::Greengrass::CoreDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-coredefinitionversion.html) resource and specify the ID of this core definition.", - "title": "InitialVersion" - }, - "Name": { - "markdownDescription": "The name of the core definition.", - "title": "Name", - "type": "string" - }, - "Tags": { - "markdownDescription": "Application-specific metadata to attach to the core definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", - "title": "Tags", - "type": "object" - } + "ReshardingConfigurations": { + "items": { + "$ref": "#/definitions/AWS::ElastiCache::GlobalReplicationGroup.ReshardingConfiguration" }, - "required": [ - "Name" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Greengrass::CoreDefinition" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "markdownDescription": "A list of PreferredAvailabilityZones objects that specifies the configuration of a node group in the resharded cluster.", + "title": "ReshardingConfigurations", + "type": "array" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Greengrass::CoreDefinition.Core": { + "AWS::ElastiCache::GlobalReplicationGroup.ReshardingConfiguration": { "additionalProperties": false, "properties": { - "CertificateArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the device certificate for the core. This X.509 certificate is used to authenticate the core with AWS IoT and AWS IoT Greengrass services.", - "title": "CertificateArn", - "type": "string" - }, - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the core. This value must be unique within the core definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", + "NodeGroupId": { + "markdownDescription": "Either the ElastiCache supplied 4-digit id or a user supplied id for the node group these configuration values apply to.", + "title": "NodeGroupId", "type": "string" }, - "SyncShadow": { - "markdownDescription": "Indicates whether the core's local shadow is synced with the cloud automatically. The default is false.", - "title": "SyncShadow", - "type": "boolean" - }, - "ThingArn": { - "markdownDescription": "The ARN of the core, which is an AWS IoT device (thing).", - "title": "ThingArn", - "type": "string" - } - }, - "required": [ - "CertificateArn", - "Id", - "ThingArn" - ], - "type": "object" - }, - "AWS::Greengrass::CoreDefinition.CoreDefinitionVersion": { - "additionalProperties": false, - "properties": { - "Cores": { + "PreferredAvailabilityZones": { "items": { - "$ref": "#/definitions/AWS::Greengrass::CoreDefinition.Core" + "type": "string" }, - "markdownDescription": "The Greengrass core in this version. Currently, the `Cores` property for a core definition version can contain only one core.", - "title": "Cores", + "markdownDescription": "A list of preferred availability zones for the nodes in this cluster.", + "title": "PreferredAvailabilityZones", "type": "array" } }, - "required": [ - "Cores" - ], "type": "object" }, - "AWS::Greengrass::CoreDefinitionVersion": { + "AWS::ElastiCache::ParameterGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -109264,29 +113197,45 @@ "Properties": { "additionalProperties": false, "properties": { - "CoreDefinitionId": { - "markdownDescription": "The ID of the core definition associated with this version. This value is a GUID.", - "title": "CoreDefinitionId", + "CacheParameterGroupFamily": { + "markdownDescription": "The name of the cache parameter group family that this cache parameter group is compatible with.\n\nValid values are: `valkey8` | `valkey7` | `memcached1.4` | `memcached1.5` | `memcached1.6` | `redis2.6` | `redis2.8` | `redis3.2` | `redis4.0` | `redis5.0` | `redis6.x` | `redis7`", + "title": "CacheParameterGroupFamily", "type": "string" }, - "Cores": { + "Description": { + "markdownDescription": "The description for this cache parameter group.", + "title": "Description", + "type": "string" + }, + "Properties": { + "additionalProperties": true, + "markdownDescription": "A comma-delimited list of parameter name/value pairs.\n\nFor example:\n\n```\n\"Properties\" : { \"cas_disabled\" : \"1\", \"chunk_size_growth_factor\" : \"1.02\"\n}\n```", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Properties", + "type": "object" + }, + "Tags": { "items": { - "$ref": "#/definitions/AWS::Greengrass::CoreDefinitionVersion.Core" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The Greengrass core in this version. Currently, the `Cores` property for a core definition version can contain only one core.", - "title": "Cores", + "markdownDescription": "A tag that can be added to an ElastiCache parameter group. Tags are composed of a Key/Value pair. You can use tags to categorize and track all your parameter groups. A tag with a null Value is permitted.", + "title": "Tags", "type": "array" } }, "required": [ - "CoreDefinitionId", - "Cores" + "CacheParameterGroupFamily", + "Description" ], "type": "object" }, "Type": { "enum": [ - "AWS::Greengrass::CoreDefinitionVersion" + "AWS::ElastiCache::ParameterGroup" ], "type": "string" }, @@ -109305,38 +113254,7 @@ ], "type": "object" }, - "AWS::Greengrass::CoreDefinitionVersion.Core": { - "additionalProperties": false, - "properties": { - "CertificateArn": { - "markdownDescription": "The ARN of the device certificate for the core. This X.509 certificate is used to authenticate the core with AWS IoT and AWS IoT Greengrass services.", - "title": "CertificateArn", - "type": "string" - }, - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the core. This value must be unique within the core definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", - "type": "string" - }, - "SyncShadow": { - "markdownDescription": "Indicates whether the core's local shadow is synced with the cloud automatically. The default is false.", - "title": "SyncShadow", - "type": "boolean" - }, - "ThingArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the core, which is an AWS IoT device (thing).", - "title": "ThingArn", - "type": "string" - } - }, - "required": [ - "CertificateArn", - "Id", - "ThingArn" - ], - "type": "object" - }, - "AWS::Greengrass::DeviceDefinition": { + "AWS::ElastiCache::ReplicationGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -109371,30 +113289,234 @@ "Properties": { "additionalProperties": false, "properties": { - "InitialVersion": { - "$ref": "#/definitions/AWS::Greengrass::DeviceDefinition.DeviceDefinitionVersion", - "markdownDescription": "The device definition version to include when the device definition is created. A device definition version contains a list of [`device`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-devicedefinition-device.html) property types.\n\n> To associate a device definition version after the device definition is created, create an [`AWS::Greengrass::DeviceDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-devicedefinitionversion.html) resource and specify the ID of this device definition.", - "title": "InitialVersion" + "AtRestEncryptionEnabled": { + "markdownDescription": "A flag that enables encryption at rest when set to `true` .\n\n*Required:* Only available when creating a replication group in an Amazon VPC using Redis OSS version `3.2.6` or `4.x` onward.\n\nDefault: `false`", + "title": "AtRestEncryptionEnabled", + "type": "boolean" }, - "Name": { - "markdownDescription": "The name of the device definition.", - "title": "Name", + "AuthToken": { + "markdownDescription": "*Reserved parameter.* The password used to access a password protected server.\n\n`AuthToken` can be specified only on replication groups where `TransitEncryptionEnabled` is `true` . For more information, see [Authenticating Valkey or Redis OSS users with the AUTH Command](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/auth.html) .\n\n> For HIPAA compliance, you must specify `TransitEncryptionEnabled` as `true` , an `AuthToken` , and a `CacheSubnetGroup` . \n\nPassword constraints:\n\n- Must be only printable ASCII characters.\n- Must be at least 16 characters and no more than 128 characters in length.\n- Nonalphanumeric characters are restricted to (!, &, #, $, ^, <, >, -, ).\n\nFor more information, see [AUTH password](https://docs.aws.amazon.com/http://redis.io/commands/AUTH) at http://redis.io/commands/AUTH.\n\n> If ADDING the AuthToken, update requires [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", + "title": "AuthToken", "type": "string" }, - "Tags": { - "markdownDescription": "Application-specific metadata to attach to the device definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", - "title": "Tags", - "type": "object" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, + "AutoMinorVersionUpgrade": { + "markdownDescription": "If you are running Valkey 7.2 or later, or Redis OSS 6.0 or later, set this parameter to yes if you want to opt-in to the next minor version upgrade campaign. This parameter is disabled for previous versions.", + "title": "AutoMinorVersionUpgrade", + "type": "boolean" + }, + "AutomaticFailoverEnabled": { + "markdownDescription": "Specifies whether a read-only replica is automatically promoted to read/write primary if the existing primary fails.\n\n`AutomaticFailoverEnabled` must be enabled for Valkey or Redis OSS (cluster mode enabled) replication groups.\n\nDefault: false", + "title": "AutomaticFailoverEnabled", + "type": "boolean" + }, + "CacheNodeType": { + "markdownDescription": "The compute and memory capacity of the nodes in the node group (shard).\n\nThe following node types are supported by ElastiCache. Generally speaking, the current generation types provide more memory and computational power at lower cost when compared to their equivalent previous generation counterparts.\n\n- General purpose:\n\n- Current generation:\n\n*M6g node types:* `cache.m6g.large` , `cache.m6g.xlarge` , `cache.m6g.2xlarge` , `cache.m6g.4xlarge` , `cache.m6g.12xlarge` , `cache.m6g.24xlarge`\n\n*M5 node types:* `cache.m5.large` , `cache.m5.xlarge` , `cache.m5.2xlarge` , `cache.m5.4xlarge` , `cache.m5.12xlarge` , `cache.m5.24xlarge`\n\n*M4 node types:* `cache.m4.large` , `cache.m4.xlarge` , `cache.m4.2xlarge` , `cache.m4.4xlarge` , `cache.m4.10xlarge`\n\n*T4g node types:* `cache.t4g.micro` , `cache.t4g.small` , `cache.t4g.medium`\n\n*T3 node types:* `cache.t3.micro` , `cache.t3.small` , `cache.t3.medium`\n\n*T2 node types:* `cache.t2.micro` , `cache.t2.small` , `cache.t2.medium`\n- Previous generation: (not recommended)\n\n*T1 node types:* `cache.t1.micro`\n\n*M1 node types:* `cache.m1.small` , `cache.m1.medium` , `cache.m1.large` , `cache.m1.xlarge`\n\n*M3 node types:* `cache.m3.medium` , `cache.m3.large` , `cache.m3.xlarge` , `cache.m3.2xlarge`\n- Compute optimized:\n\n- Previous generation: (not recommended)\n\n*C1 node types:* `cache.c1.xlarge`\n- Memory optimized:\n\n- Current generation:\n\n*R6gd node types:* `cache.r6gd.xlarge` , `cache.r6gd.2xlarge` , `cache.r6gd.4xlarge` , `cache.r6gd.8xlarge` , `cache.r6gd.12xlarge` , `cache.r6gd.16xlarge`\n\n> The `r6gd` family is available in the following regions: `us-east-2` , `us-east-1` , `us-west-2` , `us-west-1` , `eu-west-1` , `eu-central-1` , `ap-northeast-1` , `ap-southeast-1` , `ap-southeast-2` . \n\n*R6g node types:* `cache.r6g.large` , `cache.r6g.xlarge` , `cache.r6g.2xlarge` , `cache.r6g.4xlarge` , `cache.r6g.12xlarge` , `cache.r6g.24xlarge`\n\n*R5 node types:* `cache.r5.large` , `cache.r5.xlarge` , `cache.r5.2xlarge` , `cache.r5.4xlarge` , `cache.r5.12xlarge` , `cache.r5.24xlarge`\n\n*R4 node types:* `cache.r4.large` , `cache.r4.xlarge` , `cache.r4.2xlarge` , `cache.r4.4xlarge` , `cache.r4.8xlarge` , `cache.r4.16xlarge`\n- Previous generation: (not recommended)\n\n*M2 node types:* `cache.m2.xlarge` , `cache.m2.2xlarge` , `cache.m2.4xlarge`\n\n*R3 node types:* `cache.r3.large` , `cache.r3.xlarge` , `cache.r3.2xlarge` , `cache.r3.4xlarge` , `cache.r3.8xlarge`\n\nFor region availability, see [Supported Node Types by Amazon Region](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/CacheNodes.SupportedTypes.html#CacheNodes.SupportedTypesByRegion)", + "title": "CacheNodeType", + "type": "string" + }, + "CacheParameterGroupName": { + "markdownDescription": "The name of the parameter group to associate with this replication group. If this argument is omitted, the default cache parameter group for the specified engine is used.\n\nIf you are running Valkey or Redis OSS version 3.2.4 or later, only one node group (shard), and want to use a default parameter group, we recommend that you specify the parameter group by name.\n\n- To create a Valkey or Redis OSS (cluster mode disabled) replication group, use `CacheParameterGroupName=default.redis3.2` .\n- To create a Valkey or Redis OSS (cluster mode enabled) replication group, use `CacheParameterGroupName=default.redis3.2.cluster.on` .", + "title": "CacheParameterGroupName", + "type": "string" + }, + "CacheSecurityGroupNames": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of cache security group names to associate with this replication group.", + "title": "CacheSecurityGroupNames", + "type": "array" + }, + "CacheSubnetGroupName": { + "markdownDescription": "The name of the cache subnet group to be used for the replication group.\n\n> If you're going to launch your cluster in an Amazon VPC, you need to create a subnet group before you start creating a cluster. For more information, see [AWS::ElastiCache::SubnetGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticache-subnetgroup.html) .", + "title": "CacheSubnetGroupName", + "type": "string" + }, + "ClusterMode": { + "markdownDescription": "The mode can be enabled or disabled. To change the cluster mode from disabled to enabled, you must first set the cluster mode to compatible. The compatible mode allows your Valkey or Redis OSS clients to connect using both cluster mode enabled and cluster mode disabled. After you migrate all Valkey or Redis OSS clients to use cluster mode enabled, you can then complete cluster mode configuration and set the cluster mode to enabled. For more information, see [Modify cluster mode](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/modify-cluster-mode.html) .", + "title": "ClusterMode", + "type": "string" + }, + "DataTieringEnabled": { + "markdownDescription": "Enables data tiering. Data tiering is only supported for replication groups using the r6gd node type. This parameter must be set to true when using r6gd nodes. For more information, see [Data tiering](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/data-tiering.html) .", + "title": "DataTieringEnabled", + "type": "boolean" + }, + "Engine": { + "markdownDescription": "The name of the cache engine to be used for the clusters in this replication group. The value must be set to `valkey` or `redis` .\n\n> Upgrading an existing engine from redis to valkey is done through in-place migration, and requires a parameter group.", + "title": "Engine", + "type": "string" + }, + "EngineVersion": { + "markdownDescription": "The version number of the cache engine to be used for the clusters in this replication group. To view the supported cache engine versions, use the `DescribeCacheEngineVersions` operation.\n\n*Important:* You can upgrade to a newer engine version (see [Selecting a Cache Engine and Version](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/SelectEngine.html#VersionManagement) ) in the *ElastiCache User Guide* , but you cannot downgrade to an earlier engine version. If you want to use an earlier engine version, you must delete the existing cluster or replication group and create it anew with the earlier engine version.", + "title": "EngineVersion", + "type": "string" + }, + "GlobalReplicationGroupId": { + "markdownDescription": "The name of the Global datastore", + "title": "GlobalReplicationGroupId", + "type": "string" + }, + "IpDiscovery": { + "markdownDescription": "The network type you choose when creating a replication group, either `ipv4` | `ipv6` . IPv6 is supported for workloads using Valkey 7.2 and above, Redis OSS engine version 6.2 to 7.1 or Memcached engine version 1.6.6 and above on all instances built on the [Nitro system](https://docs.aws.amazon.com/ec2/nitro/) .", + "title": "IpDiscovery", + "type": "string" + }, + "KmsKeyId": { + "markdownDescription": "The ID of the KMS key used to encrypt the disk on the cluster.", + "title": "KmsKeyId", + "type": "string" + }, + "LogDeliveryConfigurations": { + "items": { + "$ref": "#/definitions/AWS::ElastiCache::ReplicationGroup.LogDeliveryConfigurationRequest" + }, + "markdownDescription": "Specifies the destination, format and type of the logs.", + "title": "LogDeliveryConfigurations", + "type": "array" + }, + "MultiAZEnabled": { + "markdownDescription": "A flag indicating if you have Multi-AZ enabled to enhance fault tolerance. For more information, see [Minimizing Downtime: Multi-AZ](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/AutoFailover.html) .", + "title": "MultiAZEnabled", + "type": "boolean" + }, + "NetworkType": { + "markdownDescription": "Must be either `ipv4` | `ipv6` | `dual_stack` . IPv6 is supported for workloads using Valkey 7.2 and above, Redis OSS engine version 6.2 to 7.1 and Memcached engine version 1.6.6 and above on all instances built on the [Nitro system](https://docs.aws.amazon.com/ec2/nitro/) .", + "title": "NetworkType", + "type": "string" + }, + "NodeGroupConfiguration": { + "items": { + "$ref": "#/definitions/AWS::ElastiCache::ReplicationGroup.NodeGroupConfiguration" + }, + "markdownDescription": "`NodeGroupConfiguration` is a property of the `AWS::ElastiCache::ReplicationGroup` resource that configures an Amazon ElastiCache (ElastiCache) Valkey or Redis OSS cluster node group.\n\nIf you set [UseOnlineResharding](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-useonlineresharding) to `true` , you can update `NodeGroupConfiguration` without interruption. When `UseOnlineResharding` is set to `false` , or is not specified, updating `NodeGroupConfiguration` results in [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", + "title": "NodeGroupConfiguration", + "type": "array" + }, + "NotificationTopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Simple Notification Service (SNS) topic to which notifications are sent.\n\n> The Amazon SNS topic owner must be the same as the cluster owner.", + "title": "NotificationTopicArn", + "type": "string" + }, + "NumCacheClusters": { + "markdownDescription": "The number of clusters this replication group initially has.\n\nThis parameter is not used if there is more than one node group (shard). You should use `ReplicasPerNodeGroup` instead.\n\nIf `AutomaticFailoverEnabled` is `true` , the value of this parameter must be at least 2. If `AutomaticFailoverEnabled` is `false` you can omit this parameter (it will default to 1), or you can explicitly set it to a value between 2 and 6.\n\nThe maximum permitted value for `NumCacheClusters` is 6 (1 primary plus 5 replicas).", + "title": "NumCacheClusters", + "type": "number" + }, + "NumNodeGroups": { + "markdownDescription": "An optional parameter that specifies the number of node groups (shards) for this Valkey or Redis OSS (cluster mode enabled) replication group. For Valkey or Redis OSS (cluster mode disabled) either omit this parameter or set it to 1.\n\nIf you set [UseOnlineResharding](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-useonlineresharding) to `true` , you can update `NumNodeGroups` without interruption. When `UseOnlineResharding` is set to `false` , or is not specified, updating `NumNodeGroups` results in [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .\n\nDefault: 1", + "title": "NumNodeGroups", + "type": "number" + }, + "Port": { + "markdownDescription": "The port number on which each member of the replication group accepts connections.", + "title": "Port", + "type": "number" + }, + "PreferredCacheClusterAZs": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of EC2 Availability Zones in which the replication group's clusters are created. The order of the Availability Zones in the list is the order in which clusters are allocated. The primary cluster is created in the first AZ in the list.\n\nThis parameter is not used if there is more than one node group (shard). You should use `NodeGroupConfiguration` instead.\n\n> If you are creating your replication group in an Amazon VPC (recommended), you can only locate clusters in Availability Zones associated with the subnets in the selected subnet group.\n> \n> The number of Availability Zones listed must equal the value of `NumCacheClusters` . \n\nDefault: system chosen Availability Zones.", + "title": "PreferredCacheClusterAZs", + "type": "array" + }, + "PreferredMaintenanceWindow": { + "markdownDescription": "Specifies the weekly time range during which maintenance on the cluster is performed. It is specified as a range in the format ddd:hh24:mi-ddd:hh24:mi (24H Clock UTC). The minimum maintenance window is a 60 minute period.\n\nValid values for `ddd` are:\n\n- `sun`\n- `mon`\n- `tue`\n- `wed`\n- `thu`\n- `fri`\n- `sat`\n\nExample: `sun:23:00-mon:01:30`", + "title": "PreferredMaintenanceWindow", + "type": "string" + }, + "PrimaryClusterId": { + "markdownDescription": "The identifier of the cluster that serves as the primary for this replication group. This cluster must already exist and have a status of `available` .\n\nThis parameter is not required if `NumCacheClusters` , `NumNodeGroups` , or `ReplicasPerNodeGroup` is specified.", + "title": "PrimaryClusterId", + "type": "string" + }, + "ReplicasPerNodeGroup": { + "markdownDescription": "An optional parameter that specifies the number of replica nodes in each node group (shard). Valid values are 0 to 5.", + "title": "ReplicasPerNodeGroup", + "type": "number" + }, + "ReplicationGroupDescription": { + "markdownDescription": "A user-created description for the replication group.", + "title": "ReplicationGroupDescription", + "type": "string" + }, + "ReplicationGroupId": { + "markdownDescription": "The replication group identifier. This parameter is stored as a lowercase string.\n\nConstraints:\n\n- A name must contain from 1 to 40 alphanumeric characters or hyphens.\n- The first character must be a letter.\n- A name cannot end with a hyphen or contain two consecutive hyphens.", + "title": "ReplicationGroupId", + "type": "string" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more Amazon VPC security groups associated with this replication group.\n\nUse this parameter only when you are creating a replication group in an Amazon Virtual Private Cloud (Amazon VPC).", + "title": "SecurityGroupIds", + "type": "array" + }, + "SnapshotArns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of Amazon Resource Names (ARN) that uniquely identify the Valkey or Redis OSS RDB snapshot files stored in Amazon S3. The snapshot files are used to populate the new replication group. The Amazon S3 object name in the ARN cannot contain any commas. The new replication group will have the number of node groups (console: shards) specified by the parameter *NumNodeGroups* or the number of node groups configured by *NodeGroupConfiguration* regardless of the number of ARNs specified here.\n\nExample of an Amazon S3 ARN: `arn:aws:s3:::my_bucket/snapshot1.rdb`", + "title": "SnapshotArns", + "type": "array" + }, + "SnapshotName": { + "markdownDescription": "The name of a snapshot from which to restore data into the new replication group. The snapshot status changes to `restoring` while the new replication group is being created.", + "title": "SnapshotName", + "type": "string" + }, + "SnapshotRetentionLimit": { + "markdownDescription": "The number of days for which ElastiCache retains automatic snapshots before deleting them. For example, if you set `SnapshotRetentionLimit` to 5, a snapshot that was taken today is retained for 5 days before being deleted.\n\nDefault: 0 (i.e., automatic backups are disabled for this cluster).", + "title": "SnapshotRetentionLimit", + "type": "number" + }, + "SnapshotWindow": { + "markdownDescription": "The daily time range (in UTC) during which ElastiCache begins taking a daily snapshot of your node group (shard).\n\nExample: `05:00-09:00`\n\nIf you do not specify this parameter, ElastiCache automatically chooses an appropriate time range.", + "title": "SnapshotWindow", + "type": "string" + }, + "SnapshottingClusterId": { + "markdownDescription": "The cluster ID that is used as the daily snapshot source for the replication group. This parameter cannot be set for Valkey or Redis OSS (cluster mode enabled) replication groups.", + "title": "SnapshottingClusterId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags to be added to this resource. Tags are comma-separated key,value pairs (e.g. Key= `myKey` , Value= `myKeyValue` . You can include multiple tags as shown following: Key= `myKey` , Value= `myKeyValue` Key= `mySecondKey` , Value= `mySecondKeyValue` . Tags on replication groups will be replicated to all nodes.", + "title": "Tags", + "type": "array" + }, + "TransitEncryptionEnabled": { + "markdownDescription": "A flag that enables in-transit encryption when set to `true` .\n\nThis parameter is only available when creating a replication group in an Amazon VPC using Valkey version `7.2` and above, Redis OSS version `3.2.6` , or Redis OSS version `4.x` and above, and the cluster is being created in an Amazon VPC.\n\nIf you enable in-transit encryption, you must also specify a value for `CacheSubnetGroup` .\n\n> TransitEncryptionEnabled is required when creating a new valkey replication group. \n\nDefault: `false`\n\n> For HIPAA compliance, you must specify `TransitEncryptionEnabled` as `true` , an `AuthToken` , and a `CacheSubnetGroup` .", + "title": "TransitEncryptionEnabled", + "type": "boolean" + }, + "TransitEncryptionMode": { + "markdownDescription": "A setting that allows you to migrate your clients to use in-transit encryption, with no downtime.\n\nWhen setting `TransitEncryptionEnabled` to `true` , you can set your `TransitEncryptionMode` to `preferred` in the same request, to allow both encrypted and unencrypted connections at the same time. Once you migrate all your Valkey or Redis OSS clients to use encrypted connections you can modify the value to `required` to allow encrypted connections only.\n\nSetting `TransitEncryptionMode` to `required` is a two-step process that requires you to first set the `TransitEncryptionMode` to `preferred` , after that you can set `TransitEncryptionMode` to `required` .\n\nThis process will not trigger the replacement of the replication group.", + "title": "TransitEncryptionMode", + "type": "string" + }, + "UserGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The ID of user group to associate with the replication group.", + "title": "UserGroupIds", + "type": "array" + } + }, + "required": [ + "ReplicationGroupDescription" + ], + "type": "object" + }, "Type": { "enum": [ - "AWS::Greengrass::DeviceDefinition" + "AWS::ElastiCache::ReplicationGroup" ], "type": "string" }, @@ -109413,55 +113535,117 @@ ], "type": "object" }, - "AWS::Greengrass::DeviceDefinition.Device": { + "AWS::ElastiCache::ReplicationGroup.CloudWatchLogsDestinationDetails": { "additionalProperties": false, "properties": { - "CertificateArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the device certificate for the device. This X.509 certificate is used to authenticate the device with AWS IoT and AWS IoT Greengrass services.", - "title": "CertificateArn", + "LogGroup": { + "markdownDescription": "The name of the CloudWatch Logs log group.", + "title": "LogGroup", "type": "string" + } + }, + "required": [ + "LogGroup" + ], + "type": "object" + }, + "AWS::ElastiCache::ReplicationGroup.DestinationDetails": { + "additionalProperties": false, + "properties": { + "CloudWatchLogsDetails": { + "$ref": "#/definitions/AWS::ElastiCache::ReplicationGroup.CloudWatchLogsDestinationDetails", + "markdownDescription": "The configuration details of the CloudWatch Logs destination. Note that this field is marked as required but only if CloudWatch Logs was chosen as the destination.", + "title": "CloudWatchLogsDetails" }, - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the device. This value must be unique within the device definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", + "KinesisFirehoseDetails": { + "$ref": "#/definitions/AWS::ElastiCache::ReplicationGroup.KinesisFirehoseDestinationDetails", + "markdownDescription": "The configuration details of the Kinesis Data Firehose destination. Note that this field is marked as required but only if Kinesis Data Firehose was chosen as the destination.", + "title": "KinesisFirehoseDetails" + } + }, + "type": "object" + }, + "AWS::ElastiCache::ReplicationGroup.KinesisFirehoseDestinationDetails": { + "additionalProperties": false, + "properties": { + "DeliveryStream": { + "markdownDescription": "The name of the Kinesis Data Firehose delivery stream.", + "title": "DeliveryStream", "type": "string" + } + }, + "required": [ + "DeliveryStream" + ], + "type": "object" + }, + "AWS::ElastiCache::ReplicationGroup.LogDeliveryConfigurationRequest": { + "additionalProperties": false, + "properties": { + "DestinationDetails": { + "$ref": "#/definitions/AWS::ElastiCache::ReplicationGroup.DestinationDetails", + "markdownDescription": "Configuration details of either a CloudWatch Logs destination or Kinesis Data Firehose destination.", + "title": "DestinationDetails" }, - "SyncShadow": { - "markdownDescription": "Indicates whether the device's local shadow is synced with the cloud automatically.", - "title": "SyncShadow", - "type": "boolean" + "DestinationType": { + "markdownDescription": "Specify either CloudWatch Logs or Kinesis Data Firehose as the destination type. Valid values are either `cloudwatch-logs` or `kinesis-firehose` .", + "title": "DestinationType", + "type": "string" }, - "ThingArn": { - "markdownDescription": "The ARN of the device, which is an AWS IoT device (thing).", - "title": "ThingArn", + "LogFormat": { + "markdownDescription": "Valid values are either `json` or `text` .", + "title": "LogFormat", + "type": "string" + }, + "LogType": { + "markdownDescription": "Valid value is either `slow-log` , which refers to [slow-log](https://docs.aws.amazon.com/https://redis.io/commands/slowlog) or `engine-log` .", + "title": "LogType", "type": "string" } }, "required": [ - "CertificateArn", - "Id", - "ThingArn" + "DestinationDetails", + "DestinationType", + "LogFormat", + "LogType" ], "type": "object" }, - "AWS::Greengrass::DeviceDefinition.DeviceDefinitionVersion": { + "AWS::ElastiCache::ReplicationGroup.NodeGroupConfiguration": { "additionalProperties": false, "properties": { - "Devices": { + "NodeGroupId": { + "markdownDescription": "Either the ElastiCache supplied 4-digit id or a user supplied id for the node group these configuration values apply to.", + "title": "NodeGroupId", + "type": "string" + }, + "PrimaryAvailabilityZone": { + "markdownDescription": "The Availability Zone where the primary node of this node group (shard) is launched.", + "title": "PrimaryAvailabilityZone", + "type": "string" + }, + "ReplicaAvailabilityZones": { "items": { - "$ref": "#/definitions/AWS::Greengrass::DeviceDefinition.Device" + "type": "string" }, - "markdownDescription": "The devices in this version.", - "title": "Devices", + "markdownDescription": "A list of Availability Zones to be used for the read replicas. The number of Availability Zones in this list must match the value of `ReplicaCount` or `ReplicasPerNodeGroup` if not specified.", + "title": "ReplicaAvailabilityZones", "type": "array" + }, + "ReplicaCount": { + "markdownDescription": "The number of read replica nodes in this node group (shard).", + "title": "ReplicaCount", + "type": "number" + }, + "Slots": { + "markdownDescription": "A string of comma-separated values where the first set of values are the slot numbers (zero based), and the second set of values are the keyspaces for each slot. The following example specifies three slots (numbered 0, 1, and 2): `0,1,2,0-4999,5000-9999,10000-16,383` .\n\nIf you don't specify a value, ElastiCache allocates keys equally among each slot.\n\nWhen you use an `UseOnlineResharding` update policy to update the number of node groups without interruption, ElastiCache evenly distributes the keyspaces between the specified number of slots. This cannot be updated later. Therefore, after updating the number of node groups in this way, you should remove the value specified for the `Slots` property of each `NodeGroupConfiguration` from the stack template, as it no longer reflects the actual values in each node group. For more information, see [UseOnlineResharding Policy](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-useonlineresharding) .", + "title": "Slots", + "type": "string" } }, - "required": [ - "Devices" - ], "type": "object" }, - "AWS::Greengrass::DeviceDefinitionVersion": { + "AWS::ElastiCache::SecurityGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -109496,29 +113680,28 @@ "Properties": { "additionalProperties": false, "properties": { - "DeviceDefinitionId": { - "markdownDescription": "The ID of the device definition associated with this version. This value is a GUID.", - "title": "DeviceDefinitionId", + "Description": { + "markdownDescription": "A description for the cache security group.", + "title": "Description", "type": "string" }, - "Devices": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::Greengrass::DeviceDefinitionVersion.Device" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The devices in this version.", - "title": "Devices", + "markdownDescription": "A tag that can be added to an ElastiCache security group. Tags are composed of a Key/Value pair. You can use tags to categorize and track all your security groups. A tag with a null Value is permitted.", + "title": "Tags", "type": "array" } }, "required": [ - "DeviceDefinitionId", - "Devices" + "Description" ], "type": "object" }, "Type": { "enum": [ - "AWS::Greengrass::DeviceDefinitionVersion" + "AWS::ElastiCache::SecurityGroup" ], "type": "string" }, @@ -109537,38 +113720,7 @@ ], "type": "object" }, - "AWS::Greengrass::DeviceDefinitionVersion.Device": { - "additionalProperties": false, - "properties": { - "CertificateArn": { - "markdownDescription": "The ARN of the device certificate for the device. This X.509 certificate is used to authenticate the device with AWS IoT and AWS IoT Greengrass services.", - "title": "CertificateArn", - "type": "string" - }, - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the device. This value must be unique within the device definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", - "type": "string" - }, - "SyncShadow": { - "markdownDescription": "Indicates whether the device's local shadow is synced with the cloud automatically.", - "title": "SyncShadow", - "type": "boolean" - }, - "ThingArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the device, which is an AWS IoT device (thing).", - "title": "ThingArn", - "type": "string" - } - }, - "required": [ - "CertificateArn", - "Id", - "ThingArn" - ], - "type": "object" - }, - "AWS::Greengrass::FunctionDefinition": { + "AWS::ElastiCache::SecurityGroupIngress": { "additionalProperties": false, "properties": { "Condition": { @@ -109603,30 +113755,31 @@ "Properties": { "additionalProperties": false, "properties": { - "InitialVersion": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.FunctionDefinitionVersion", - "markdownDescription": "The function definition version to include when the function definition is created. A function definition version contains a list of [`function`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinition-function.html) property types.\n\n> To associate a function definition version after the function definition is created, create an [`AWS::Greengrass::FunctionDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-functiondefinitionversion.html) resource and specify the ID of this function definition.", - "title": "InitialVersion" + "CacheSecurityGroupName": { + "markdownDescription": "The name of the Cache Security Group to authorize.", + "title": "CacheSecurityGroupName", + "type": "string" }, - "Name": { - "markdownDescription": "The name of the function definition.", - "title": "Name", + "EC2SecurityGroupName": { + "markdownDescription": "Name of the EC2 Security Group to include in the authorization.", + "title": "EC2SecurityGroupName", "type": "string" }, - "Tags": { - "markdownDescription": "Application-specific metadata to attach to the function definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", - "title": "Tags", - "type": "object" + "EC2SecurityGroupOwnerId": { + "markdownDescription": "Specifies the Amazon Account ID of the owner of the EC2 security group specified in the EC2SecurityGroupName property. The Amazon access key ID is not an acceptable value.", + "title": "EC2SecurityGroupOwnerId", + "type": "string" } }, "required": [ - "Name" + "CacheSecurityGroupName", + "EC2SecurityGroupName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Greengrass::FunctionDefinition" + "AWS::ElastiCache::SecurityGroupIngress" ], "type": "string" }, @@ -109645,190 +113798,7 @@ ], "type": "object" }, - "AWS::Greengrass::FunctionDefinition.DefaultConfig": { - "additionalProperties": false, - "properties": { - "Execution": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.Execution", - "markdownDescription": "Configuration settings for the Lambda execution environment on the AWS IoT Greengrass core.", - "title": "Execution" - } - }, - "required": [ - "Execution" - ], - "type": "object" - }, - "AWS::Greengrass::FunctionDefinition.Environment": { - "additionalProperties": false, - "properties": { - "AccessSysfs": { - "markdownDescription": "Indicates whether the function is allowed to access the `/sys` directory on the core device, which allows the read device information from `/sys` .\n\n> This property applies only to Lambda functions that run in a Greengrass container.", - "title": "AccessSysfs", - "type": "boolean" - }, - "Execution": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.Execution", - "markdownDescription": "Settings for the Lambda execution environment in AWS IoT Greengrass .", - "title": "Execution" - }, - "ResourceAccessPolicies": { - "items": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.ResourceAccessPolicy" - }, - "markdownDescription": "A list of the [resources](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-resourcedefinitionversion-resourceinstance.html) in the group that the function can access, with the corresponding read-only or read-write permissions. The maximum is 10 resources.\n\n> This property applies only for Lambda functions that run in a Greengrass container.", - "title": "ResourceAccessPolicies", - "type": "array" - }, - "Variables": { - "markdownDescription": "Environment variables for the Lambda function.", - "title": "Variables", - "type": "object" - } - }, - "type": "object" - }, - "AWS::Greengrass::FunctionDefinition.Execution": { - "additionalProperties": false, - "properties": { - "IsolationMode": { - "markdownDescription": "The containerization that the Lambda function runs in. Valid values are `GreengrassContainer` or `NoContainer` . Typically, this is `GreengrassContainer` . For more information, see [Containerization](https://docs.aws.amazon.com/greengrass/v1/developerguide/lambda-group-config.html#lambda-function-containerization) in the *Developer Guide* .\n\n- When set on the [`DefaultConfig`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-defaultconfig.html) property of a function definition version, this setting is used as the default containerization for all Lambda functions in the function definition version.\n- When set on the [`Environment`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-environment.html) property of a function, this setting applies to the individual function and overrides the default. Omit this value to run the function with the default containerization.\n\n> We recommend that you run in a Greengrass container unless your business case requires that you run without containerization.", - "title": "IsolationMode", - "type": "string" - }, - "RunAs": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.RunAs", - "markdownDescription": "The user and group permissions used to run the Lambda function. Typically, this is the ggc_user and ggc_group. For more information, see [Run as](https://docs.aws.amazon.com/greengrass/v1/developerguide/lambda-group-config.html#lambda-access-identity.html) in the *Developer Guide* .\n\n- When set on the [`DefaultConfig`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-defaultconfig.html) property of a function definition version, this setting is used as the default access identity for all Lambda functions in the function definition version.\n- When set on the [`Environment`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-environment.html) property of a function, this setting applies to the individual function and overrides the default. You can override the user, group, or both. Omit this value to run the function with the default permissions.\n\n> Running as the root user increases risks to your data and device. Do not run as root (UID/GID=0) unless your business case requires it. For more information and requirements, see [Running a Lambda Function as Root](https://docs.aws.amazon.com/greengrass/v1/developerguide/lambda-group-config.html#lambda-running-as-root) .", - "title": "RunAs" - } - }, - "type": "object" - }, - "AWS::Greengrass::FunctionDefinition.Function": { - "additionalProperties": false, - "properties": { - "FunctionArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the alias (recommended) or version of the referenced Lambda function.", - "title": "FunctionArn", - "type": "string" - }, - "FunctionConfiguration": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.FunctionConfiguration", - "markdownDescription": "The group-specific settings of the Lambda function. These settings configure the function's behavior in the Greengrass group.", - "title": "FunctionConfiguration" - }, - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the function. This value must be unique within the function definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", - "type": "string" - } - }, - "required": [ - "FunctionArn", - "FunctionConfiguration", - "Id" - ], - "type": "object" - }, - "AWS::Greengrass::FunctionDefinition.FunctionConfiguration": { - "additionalProperties": false, - "properties": { - "EncodingType": { - "markdownDescription": "The expected encoding type of the input payload for the function. Valid values are `json` (default) and `binary` .", - "title": "EncodingType", - "type": "string" - }, - "Environment": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.Environment", - "markdownDescription": "The environment configuration of the function.", - "title": "Environment" - }, - "ExecArgs": { - "markdownDescription": "The execution arguments.", - "title": "ExecArgs", - "type": "string" - }, - "Executable": { - "markdownDescription": "The name of the function executable.", - "title": "Executable", - "type": "string" - }, - "MemorySize": { - "markdownDescription": "The memory size (in KB) required by the function.\n\n> This property applies only to Lambda functions that run in a Greengrass container.", - "title": "MemorySize", - "type": "number" - }, - "Pinned": { - "markdownDescription": "Indicates whether the function is pinned (or *long-lived* ). Pinned functions start when the core starts and process all requests in the same container. The default value is false.", - "title": "Pinned", - "type": "boolean" - }, - "Timeout": { - "markdownDescription": "The allowed execution time (in seconds) after which the function should terminate. For pinned functions, this timeout applies for each request.", - "title": "Timeout", - "type": "number" - } - }, - "type": "object" - }, - "AWS::Greengrass::FunctionDefinition.FunctionDefinitionVersion": { - "additionalProperties": false, - "properties": { - "DefaultConfig": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.DefaultConfig", - "markdownDescription": "The default configuration that applies to all Lambda functions in the group. Individual Lambda functions can override these settings.", - "title": "DefaultConfig" - }, - "Functions": { - "items": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.Function" - }, - "markdownDescription": "The functions in this version.", - "title": "Functions", - "type": "array" - } - }, - "required": [ - "Functions" - ], - "type": "object" - }, - "AWS::Greengrass::FunctionDefinition.ResourceAccessPolicy": { - "additionalProperties": false, - "properties": { - "Permission": { - "markdownDescription": "The read-only or read-write access that the Lambda function has to the resource. Valid values are `ro` or `rw` .", - "title": "Permission", - "type": "string" - }, - "ResourceId": { - "markdownDescription": "The ID of the resource. This ID is assigned to the resource when you create the resource definition.", - "title": "ResourceId", - "type": "string" - } - }, - "required": [ - "ResourceId" - ], - "type": "object" - }, - "AWS::Greengrass::FunctionDefinition.RunAs": { - "additionalProperties": false, - "properties": { - "Gid": { - "markdownDescription": "The group ID whose permissions are used to run the Lambda function. You can use the `getent group` command on your core device to look up the group ID.", - "title": "Gid", - "type": "number" - }, - "Uid": { - "markdownDescription": "The user ID whose permissions are used to run the Lambda function. You can use the `getent passwd` command on your core device to look up the user ID.", - "title": "Uid", - "type": "number" - } - }, - "type": "object" - }, - "AWS::Greengrass::FunctionDefinitionVersion": { + "AWS::ElastiCache::ServerlessCache": { "additionalProperties": false, "properties": { "Condition": { @@ -109863,34 +113833,108 @@ "Properties": { "additionalProperties": false, "properties": { - "DefaultConfig": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.DefaultConfig", - "markdownDescription": "The default configuration that applies to all Lambda functions in the group. Individual Lambda functions can override these settings.", - "title": "DefaultConfig" + "CacheUsageLimits": { + "$ref": "#/definitions/AWS::ElastiCache::ServerlessCache.CacheUsageLimits", + "markdownDescription": "The cache usage limit for the serverless cache.", + "title": "CacheUsageLimits" }, - "FunctionDefinitionId": { - "markdownDescription": "The ID of the function definition associated with this version. This value is a GUID.", - "title": "FunctionDefinitionId", + "DailySnapshotTime": { + "markdownDescription": "The daily time that a cache snapshot will be created. Default is NULL, i.e. snapshots will not be created at a specific time on a daily basis. Available for Valkey, Redis OSS and Serverless Memcached only.", + "title": "DailySnapshotTime", "type": "string" }, - "Functions": { + "Description": { + "markdownDescription": "A description of the serverless cache.", + "title": "Description", + "type": "string" + }, + "Endpoint": { + "$ref": "#/definitions/AWS::ElastiCache::ServerlessCache.Endpoint", + "markdownDescription": "Represents the information required for client programs to connect to a cache node. This value is read-only.", + "title": "Endpoint" + }, + "Engine": { + "markdownDescription": "The engine the serverless cache is compatible with.", + "title": "Engine", + "type": "string" + }, + "FinalSnapshotName": { + "markdownDescription": "The name of the final snapshot taken of a cache before the cache is deleted.", + "title": "FinalSnapshotName", + "type": "string" + }, + "KmsKeyId": { + "markdownDescription": "The ID of the AWS Key Management Service (KMS) key that is used to encrypt data at rest in the serverless cache.", + "title": "KmsKeyId", + "type": "string" + }, + "MajorEngineVersion": { + "markdownDescription": "The version number of the engine the serverless cache is compatible with.", + "title": "MajorEngineVersion", + "type": "string" + }, + "ReaderEndpoint": { + "$ref": "#/definitions/AWS::ElastiCache::ServerlessCache.Endpoint", + "markdownDescription": "Represents the information required for client programs to connect to a cache node. This value is read-only.", + "title": "ReaderEndpoint" + }, + "SecurityGroupIds": { "items": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.Function" + "type": "string" }, - "markdownDescription": "The functions in this version.", - "title": "Functions", + "markdownDescription": "The IDs of the EC2 security groups associated with the serverless cache.", + "title": "SecurityGroupIds", + "type": "array" + }, + "ServerlessCacheName": { + "markdownDescription": "The unique identifier of the serverless cache.", + "title": "ServerlessCacheName", + "type": "string" + }, + "SnapshotArnsToRestore": { + "items": { + "type": "string" + }, + "markdownDescription": "The ARN of the snapshot from which to restore data into the new cache.", + "title": "SnapshotArnsToRestore", + "type": "array" + }, + "SnapshotRetentionLimit": { + "markdownDescription": "The current setting for the number of serverless cache snapshots the system will retain. Available for Valkey, Redis OSS and Serverless Memcached only.", + "title": "SnapshotRetentionLimit", + "type": "number" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "If no subnet IDs are given and your VPC is in us-west-1, then ElastiCache will select 2 default subnets across AZs in your VPC. For all other Regions, if no subnet IDs are given then ElastiCache will select 3 default subnets across AZs in your default VPC.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags to be added to this resource.", + "title": "Tags", "type": "array" + }, + "UserGroupId": { + "markdownDescription": "The identifier of the user group associated with the serverless cache. Available for Valkey and Redis OSS only. Default is NULL.", + "title": "UserGroupId", + "type": "string" } }, "required": [ - "FunctionDefinitionId", - "Functions" + "Engine", + "ServerlessCacheName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Greengrass::FunctionDefinitionVersion" + "AWS::ElastiCache::ServerlessCache" ], "type": "string" }, @@ -109909,168 +113953,79 @@ ], "type": "object" }, - "AWS::Greengrass::FunctionDefinitionVersion.DefaultConfig": { - "additionalProperties": false, - "properties": { - "Execution": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.Execution", - "markdownDescription": "Configuration settings for the Lambda execution environment on the AWS IoT Greengrass core.", - "title": "Execution" - } - }, - "required": [ - "Execution" - ], - "type": "object" - }, - "AWS::Greengrass::FunctionDefinitionVersion.Environment": { - "additionalProperties": false, - "properties": { - "AccessSysfs": { - "markdownDescription": "Indicates whether the function is allowed to access the `/sys` directory on the core device, which allows the read device information from `/sys` .\n\n> This property applies only to Lambda functions that run in a Greengrass container.", - "title": "AccessSysfs", - "type": "boolean" - }, - "Execution": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.Execution", - "markdownDescription": "Settings for the Lambda execution environment in AWS IoT Greengrass .", - "title": "Execution" - }, - "ResourceAccessPolicies": { - "items": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.ResourceAccessPolicy" - }, - "markdownDescription": "A list of the [resources](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-resourcedefinitionversion-resourceinstance.html) in the group that the function can access, with the corresponding read-only or read-write permissions. The maximum is 10 resources.\n\n> This property applies only to Lambda functions that run in a Greengrass container.", - "title": "ResourceAccessPolicies", - "type": "array" - }, - "Variables": { - "markdownDescription": "Environment variables for the Lambda function.", - "title": "Variables", - "type": "object" - } - }, - "type": "object" - }, - "AWS::Greengrass::FunctionDefinitionVersion.Execution": { + "AWS::ElastiCache::ServerlessCache.CacheUsageLimits": { "additionalProperties": false, "properties": { - "IsolationMode": { - "markdownDescription": "The containerization that the Lambda function runs in. Valid values are `GreengrassContainer` or `NoContainer` . Typically, this is `GreengrassContainer` . For more information, see [Containerization](https://docs.aws.amazon.com/greengrass/v1/developerguide/lambda-group-config.html#lambda-function-containerization) in the *Developer Guide* .\n\n- When set on the [`DefaultConfig`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-defaultconfig.html) property of a function definition version, this setting is used as the default containerization for all Lambda functions in the function definition version.\n- When set on the [`Environment`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-environment.html) property of a function, this setting applies to the individual function and overrides the default. Omit this value to run the function with the default containerization.\n\n> We recommend that you run in a Greengrass container unless your business case requires that you run without containerization.", - "title": "IsolationMode", - "type": "string" + "DataStorage": { + "$ref": "#/definitions/AWS::ElastiCache::ServerlessCache.DataStorage", + "markdownDescription": "The maximum data storage limit in the cache, expressed in Gigabytes.", + "title": "DataStorage" }, - "RunAs": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.RunAs", - "markdownDescription": "The user and group permissions used to run the Lambda function. Typically, this is the ggc_user and ggc_group. For more information, see [Run as](https://docs.aws.amazon.com/greengrass/v1/developerguide/lambda-group-config.html#lambda-access-identity.html) in the *Developer Guide* .\n\n- When set on the [`DefaultConfig`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-defaultconfig.html) property of a function definition version, this setting is used as the default access identity for all Lambda functions in the function definition version.\n- When set on the [`Environment`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-environment.html) property of a function, this setting applies to the individual function and overrides the default. You can override the user, group, or both. Omit this value to run the function with the default permissions.\n\n> Running as the root user increases risks to your data and device. Do not run as root (UID/GID=0) unless your business case requires it. For more information and requirements, see [Running a Lambda Function as Root](https://docs.aws.amazon.com/greengrass/v1/developerguide/lambda-group-config.html#lambda-running-as-root) .", - "title": "RunAs" + "ECPUPerSecond": { + "$ref": "#/definitions/AWS::ElastiCache::ServerlessCache.ECPUPerSecond", + "markdownDescription": "The number of ElastiCache Processing Units (ECPU) the cache can consume per second.", + "title": "ECPUPerSecond" } }, "type": "object" }, - "AWS::Greengrass::FunctionDefinitionVersion.Function": { + "AWS::ElastiCache::ServerlessCache.DataStorage": { "additionalProperties": false, "properties": { - "FunctionArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the alias (recommended) or version of the referenced Lambda function.", - "title": "FunctionArn", - "type": "string" + "Maximum": { + "markdownDescription": "The upper limit for data storage the cache is set to use.", + "title": "Maximum", + "type": "number" }, - "FunctionConfiguration": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.FunctionConfiguration", - "markdownDescription": "The group-specific settings of the Lambda function. These settings configure the function's behavior in the Greengrass group.", - "title": "FunctionConfiguration" + "Minimum": { + "markdownDescription": "The lower limit for data storage the cache is set to use.", + "title": "Minimum", + "type": "number" }, - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the function. This value must be unique within the function definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", + "Unit": { + "markdownDescription": "The unit that the storage is measured in, in GB.", + "title": "Unit", "type": "string" } }, "required": [ - "FunctionArn", - "FunctionConfiguration", - "Id" + "Unit" ], "type": "object" }, - "AWS::Greengrass::FunctionDefinitionVersion.FunctionConfiguration": { + "AWS::ElastiCache::ServerlessCache.ECPUPerSecond": { "additionalProperties": false, "properties": { - "EncodingType": { - "markdownDescription": "The expected encoding type of the input payload for the function. Valid values are `json` (default) and `binary` .", - "title": "EncodingType", - "type": "string" - }, - "Environment": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.Environment", - "markdownDescription": "The environment configuration of the function.", - "title": "Environment" - }, - "ExecArgs": { - "markdownDescription": "The execution arguments.", - "title": "ExecArgs", - "type": "string" - }, - "Executable": { - "markdownDescription": "The name of the function executable.", - "title": "Executable", - "type": "string" - }, - "MemorySize": { - "markdownDescription": "The memory size (in KB) required by the function.\n\n> This property applies only to Lambda functions that run in a Greengrass container.", - "title": "MemorySize", + "Maximum": { + "markdownDescription": "The configuration for the maximum number of ECPUs the cache can consume per second.", + "title": "Maximum", "type": "number" }, - "Pinned": { - "markdownDescription": "Indicates whether the function is pinned (or *long-lived* ). Pinned functions start when the core starts and process all requests in the same container. The default value is false.", - "title": "Pinned", - "type": "boolean" - }, - "Timeout": { - "markdownDescription": "The allowed execution time (in seconds) after which the function should terminate. For pinned functions, this timeout applies for each request.", - "title": "Timeout", + "Minimum": { + "markdownDescription": "The configuration for the minimum number of ECPUs the cache should be able consume per second.", + "title": "Minimum", "type": "number" } }, "type": "object" }, - "AWS::Greengrass::FunctionDefinitionVersion.ResourceAccessPolicy": { + "AWS::ElastiCache::ServerlessCache.Endpoint": { "additionalProperties": false, "properties": { - "Permission": { - "markdownDescription": "The read-only or read-write access that the Lambda function has to the resource. Valid values are `ro` or `rw` .", - "title": "Permission", + "Address": { + "markdownDescription": "The DNS hostname of the cache node.", + "title": "Address", "type": "string" }, - "ResourceId": { - "markdownDescription": "The ID of the resource. This ID is assigned to the resource when you create the resource definition.", - "title": "ResourceId", + "Port": { + "markdownDescription": "The port number that the cache engine is listening on.", + "title": "Port", "type": "string" } }, - "required": [ - "ResourceId" - ], - "type": "object" - }, - "AWS::Greengrass::FunctionDefinitionVersion.RunAs": { - "additionalProperties": false, - "properties": { - "Gid": { - "markdownDescription": "The group ID whose permissions are used to run the Lambda function. You can use the `getent group` command on your core device to look up the group ID.", - "title": "Gid", - "type": "number" - }, - "Uid": { - "markdownDescription": "The user ID whose permissions are used to run the Lambda function. You can use the `getent passwd` command on your core device to look up the user ID.", - "title": "Uid", - "type": "number" - } - }, "type": "object" }, - "AWS::Greengrass::Group": { + "AWS::ElastiCache::SubnetGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -110105,35 +114060,42 @@ "Properties": { "additionalProperties": false, "properties": { - "InitialVersion": { - "$ref": "#/definitions/AWS::Greengrass::Group.GroupVersion", - "markdownDescription": "The group version to include when the group is created. A group version references the Amazon Resource Name (ARN) of a core definition version, device definition version, subscription definition version, and other version types. The group version must reference a core definition version that contains one core. Other version types are optionally included, depending on your business need.\n\n> To associate a group version after the group is created, create an [`AWS::Greengrass::GroupVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-groupversion.html) resource and specify the ID of this group.", - "title": "InitialVersion" - }, - "Name": { - "markdownDescription": "The name of the group.", - "title": "Name", + "CacheSubnetGroupName": { + "markdownDescription": "The name for the cache subnet group. This value is stored as a lowercase string.\n\nConstraints: Must contain no more than 255 alphanumeric characters or hyphens.\n\nExample: `mysubnetgroup`", + "title": "CacheSubnetGroupName", "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role attached to the group. This role contains the permissions that Lambda functions and connectors use to interact with other AWS services.", - "title": "RoleArn", + "Description": { + "markdownDescription": "The description for the cache subnet group.", + "title": "Description", "type": "string" }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The EC2 subnet IDs for the cache subnet group.", + "title": "SubnetIds", + "type": "array" + }, "Tags": { - "markdownDescription": "Application-specific metadata to attach to the group. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A tag that can be added to an ElastiCache subnet group. Tags are composed of a Key/Value pair. You can use tags to categorize and track all your subnet groups. A tag with a null Value is permitted.", "title": "Tags", - "type": "object" + "type": "array" } }, "required": [ - "Name" + "Description", + "SubnetIds" ], "type": "object" }, "Type": { "enum": [ - "AWS::Greengrass::Group" + "AWS::ElastiCache::SubnetGroup" ], "type": "string" }, @@ -110152,48 +114114,7 @@ ], "type": "object" }, - "AWS::Greengrass::Group.GroupVersion": { - "additionalProperties": false, - "properties": { - "ConnectorDefinitionVersionArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the connector definition version that contains the connectors you want to deploy with the group version.", - "title": "ConnectorDefinitionVersionArn", - "type": "string" - }, - "CoreDefinitionVersionArn": { - "markdownDescription": "The ARN of the core definition version that contains the core you want to deploy with the group version. Currently, the core definition version can contain only one core.", - "title": "CoreDefinitionVersionArn", - "type": "string" - }, - "DeviceDefinitionVersionArn": { - "markdownDescription": "The ARN of the device definition version that contains the devices you want to deploy with the group version.", - "title": "DeviceDefinitionVersionArn", - "type": "string" - }, - "FunctionDefinitionVersionArn": { - "markdownDescription": "The ARN of the function definition version that contains the functions you want to deploy with the group version.", - "title": "FunctionDefinitionVersionArn", - "type": "string" - }, - "LoggerDefinitionVersionArn": { - "markdownDescription": "The ARN of the logger definition version that contains the loggers you want to deploy with the group version.", - "title": "LoggerDefinitionVersionArn", - "type": "string" - }, - "ResourceDefinitionVersionArn": { - "markdownDescription": "The ARN of the resource definition version that contains the resources you want to deploy with the group version.", - "title": "ResourceDefinitionVersionArn", - "type": "string" - }, - "SubscriptionDefinitionVersionArn": { - "markdownDescription": "The ARN of the subscription definition version that contains the subscriptions you want to deploy with the group version.", - "title": "SubscriptionDefinitionVersionArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Greengrass::GroupVersion": { + "AWS::ElastiCache::User": { "additionalProperties": false, "properties": { "Condition": { @@ -110228,55 +114149,63 @@ "Properties": { "additionalProperties": false, "properties": { - "ConnectorDefinitionVersionArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the connector definition version that contains the connectors you want to deploy with the group version.", - "title": "ConnectorDefinitionVersionArn", + "AccessString": { + "markdownDescription": "Access permissions string used for this user.", + "title": "AccessString", "type": "string" }, - "CoreDefinitionVersionArn": { - "markdownDescription": "The ARN of the core definition version that contains the core you want to deploy with the group version. Currently, the core definition version can contain only one core.", - "title": "CoreDefinitionVersionArn", - "type": "string" + "AuthenticationMode": { + "$ref": "#/definitions/AWS::ElastiCache::User.AuthenticationMode", + "markdownDescription": "Specifies the authentication mode to use. Below is an example of the possible JSON values:\n\n```\n{ Passwords: [\"*****\", \"******\"] // If Type is password.\n}\n```", + "title": "AuthenticationMode" }, - "DeviceDefinitionVersionArn": { - "markdownDescription": "The ARN of the device definition version that contains the devices you want to deploy with the group version.", - "title": "DeviceDefinitionVersionArn", + "Engine": { + "markdownDescription": "The current supported values are valkey and redis.", + "title": "Engine", "type": "string" }, - "FunctionDefinitionVersionArn": { - "markdownDescription": "The ARN of the function definition version that contains the functions you want to deploy with the group version.", - "title": "FunctionDefinitionVersionArn", - "type": "string" + "NoPasswordRequired": { + "markdownDescription": "Indicates a password is not required for this user.", + "title": "NoPasswordRequired", + "type": "boolean" }, - "GroupId": { - "markdownDescription": "The ID of the group associated with this version. This value is a GUID.", - "title": "GroupId", - "type": "string" + "Passwords": { + "items": { + "type": "string" + }, + "markdownDescription": "Passwords used for this user. You can create up to two passwords for each user.", + "title": "Passwords", + "type": "array" }, - "LoggerDefinitionVersionArn": { - "markdownDescription": "The ARN of the logger definition version that contains the loggers you want to deploy with the group version.", - "title": "LoggerDefinitionVersionArn", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of tags.", + "title": "Tags", + "type": "array" }, - "ResourceDefinitionVersionArn": { - "markdownDescription": "The ARN of the resource definition version that contains the resources you want to deploy with the group version.", - "title": "ResourceDefinitionVersionArn", + "UserId": { + "markdownDescription": "The ID of the user.", + "title": "UserId", "type": "string" }, - "SubscriptionDefinitionVersionArn": { - "markdownDescription": "The ARN of the subscription definition version that contains the subscriptions you want to deploy with the group version.", - "title": "SubscriptionDefinitionVersionArn", + "UserName": { + "markdownDescription": "The username of the user.", + "title": "UserName", "type": "string" } }, "required": [ - "GroupId" + "Engine", + "UserId", + "UserName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Greengrass::GroupVersion" + "AWS::ElastiCache::User" ], "type": "string" }, @@ -110295,17 +114224,39 @@ ], "type": "object" }, - "AWS::Greengrass::LoggerDefinition": { + "AWS::ElastiCache::User.AuthenticationMode": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Passwords": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the passwords to use for authentication if `Type` is set to `password` .", + "title": "Passwords", + "type": "array" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" + "Type": { + "markdownDescription": "Specifies the authentication type. Possible options are IAM authentication, password and no password.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::ElastiCache::UserGroup": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" ], "type": "string" }, @@ -110330,30 +114281,43 @@ "Properties": { "additionalProperties": false, "properties": { - "InitialVersion": { - "$ref": "#/definitions/AWS::Greengrass::LoggerDefinition.LoggerDefinitionVersion", - "markdownDescription": "The logger definition version to include when the logger definition is created. A logger definition version contains a list of [`logger`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-loggerdefinition-logger.html) property types.\n\n> To associate a logger definition version after the logger definition is created, create an [`AWS::Greengrass::LoggerDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-loggerdefinitionversion.html) resource and specify the ID of this logger definition.", - "title": "InitialVersion" - }, - "Name": { - "markdownDescription": "The name of the logger definition.", - "title": "Name", + "Engine": { + "markdownDescription": "The current supported values are valkey and redis.", + "title": "Engine", "type": "string" }, "Tags": { - "markdownDescription": "Application-specific metadata to attach to the logger definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of tags.", "title": "Tags", - "type": "object" + "type": "array" + }, + "UserGroupId": { + "markdownDescription": "The ID of the user group.", + "title": "UserGroupId", + "type": "string" + }, + "UserIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of user IDs that belong to the user group. A user named `default` must be included.", + "title": "UserIds", + "type": "array" } }, "required": [ - "Name" + "Engine", + "UserGroupId", + "UserIds" ], "type": "object" }, "Type": { "enum": [ - "AWS::Greengrass::LoggerDefinition" + "AWS::ElastiCache::UserGroup" ], "type": "string" }, @@ -110372,61 +114336,7 @@ ], "type": "object" }, - "AWS::Greengrass::LoggerDefinition.Logger": { - "additionalProperties": false, - "properties": { - "Component": { - "markdownDescription": "The source of the log event. Valid values are `GreengrassSystem` or `Lambda` . When `GreengrassSystem` is used, events from Greengrass system components are logged. When `Lambda` is used, events from user-defined Lambda functions are logged.", - "title": "Component", - "type": "string" - }, - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the logger. This value must be unique within the logger definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", - "type": "string" - }, - "Level": { - "markdownDescription": "The log-level threshold. Log events below this threshold are filtered out and aren't stored. Valid values are `DEBUG` , `INFO` (recommended), `WARN` , `ERROR` , or `FATAL` .", - "title": "Level", - "type": "string" - }, - "Space": { - "markdownDescription": "The amount of file space (in KB) to use when writing logs to the local file system. This property does not apply for CloudWatch Logs .", - "title": "Space", - "type": "number" - }, - "Type": { - "markdownDescription": "The storage mechanism for log events. Valid values are `FileSystem` or `AWSCloudWatch` . When `AWSCloudWatch` is used, log events are sent to CloudWatch Logs . When `FileSystem` is used, log events are stored on the local file system.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Component", - "Id", - "Level", - "Type" - ], - "type": "object" - }, - "AWS::Greengrass::LoggerDefinition.LoggerDefinitionVersion": { - "additionalProperties": false, - "properties": { - "Loggers": { - "items": { - "$ref": "#/definitions/AWS::Greengrass::LoggerDefinition.Logger" - }, - "markdownDescription": "The loggers in this version.", - "title": "Loggers", - "type": "array" - } - }, - "required": [ - "Loggers" - ], - "type": "object" - }, - "AWS::Greengrass::LoggerDefinitionVersion": { + "AWS::ElasticBeanstalk::Application": { "additionalProperties": false, "properties": { "Condition": { @@ -110461,29 +114371,27 @@ "Properties": { "additionalProperties": false, "properties": { - "LoggerDefinitionId": { - "markdownDescription": "The ID of the logger definition associated with this version. This value is a GUID.", - "title": "LoggerDefinitionId", + "ApplicationName": { + "markdownDescription": "A name for the Elastic Beanstalk application. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the application name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "ApplicationName", "type": "string" }, - "Loggers": { - "items": { - "$ref": "#/definitions/AWS::Greengrass::LoggerDefinitionVersion.Logger" - }, - "markdownDescription": "The loggers in this version.", - "title": "Loggers", - "type": "array" + "Description": { + "markdownDescription": "Your description of the application.", + "title": "Description", + "type": "string" + }, + "ResourceLifecycleConfig": { + "$ref": "#/definitions/AWS::ElasticBeanstalk::Application.ApplicationResourceLifecycleConfig", + "markdownDescription": "Specifies an application resource lifecycle configuration to prevent your application from accumulating too many versions.", + "title": "ResourceLifecycleConfig" } }, - "required": [ - "LoggerDefinitionId", - "Loggers" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Greengrass::LoggerDefinitionVersion" + "AWS::ElasticBeanstalk::Application" ], "type": "string" }, @@ -110497,49 +114405,85 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Greengrass::LoggerDefinitionVersion.Logger": { + "AWS::ElasticBeanstalk::Application.ApplicationResourceLifecycleConfig": { "additionalProperties": false, "properties": { - "Component": { - "markdownDescription": "The source of the log event. Valid values are `GreengrassSystem` or `Lambda` . When `GreengrassSystem` is used, events from Greengrass system components are logged. When `Lambda` is used, events from user-defined Lambda functions are logged.", - "title": "Component", + "ServiceRole": { + "markdownDescription": "The ARN of an IAM service role that Elastic Beanstalk has permission to assume.\n\nThe `ServiceRole` property is required the first time that you provide a `ResourceLifecycleConfig` for the application. After you provide it once, Elastic Beanstalk persists the Service Role with the application, and you don't need to specify it again. You can, however, specify it in subsequent updates to change the Service Role to another value.", + "title": "ServiceRole", "type": "string" }, - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the logger. This value must be unique within the logger definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", - "type": "string" + "VersionLifecycleConfig": { + "$ref": "#/definitions/AWS::ElasticBeanstalk::Application.ApplicationVersionLifecycleConfig", + "markdownDescription": "Defines lifecycle settings for application versions.", + "title": "VersionLifecycleConfig" + } + }, + "type": "object" + }, + "AWS::ElasticBeanstalk::Application.ApplicationVersionLifecycleConfig": { + "additionalProperties": false, + "properties": { + "MaxAgeRule": { + "$ref": "#/definitions/AWS::ElasticBeanstalk::Application.MaxAgeRule", + "markdownDescription": "Specify a max age rule to restrict the length of time that application versions are retained for an application.", + "title": "MaxAgeRule" }, - "Level": { - "markdownDescription": "The log-level threshold. Log events below this threshold are filtered out and aren't stored. Valid values are `DEBUG` , `INFO` (recommended), `WARN` , `ERROR` , or `FATAL` .", - "title": "Level", - "type": "string" + "MaxCountRule": { + "$ref": "#/definitions/AWS::ElasticBeanstalk::Application.MaxCountRule", + "markdownDescription": "Specify a max count rule to restrict the number of application versions that are retained for an application.", + "title": "MaxCountRule" + } + }, + "type": "object" + }, + "AWS::ElasticBeanstalk::Application.MaxAgeRule": { + "additionalProperties": false, + "properties": { + "DeleteSourceFromS3": { + "markdownDescription": "Set to `true` to delete a version's source bundle from Amazon S3 when Elastic Beanstalk deletes the application version.", + "title": "DeleteSourceFromS3", + "type": "boolean" }, - "Space": { - "markdownDescription": "The amount of file space (in KB) to use when writing logs to the local file system. This property does not apply for CloudWatch Logs .", - "title": "Space", + "Enabled": { + "markdownDescription": "Specify `true` to apply the rule, or `false` to disable it.", + "title": "Enabled", + "type": "boolean" + }, + "MaxAgeInDays": { + "markdownDescription": "Specify the number of days to retain an application versions.", + "title": "MaxAgeInDays", "type": "number" + } + }, + "type": "object" + }, + "AWS::ElasticBeanstalk::Application.MaxCountRule": { + "additionalProperties": false, + "properties": { + "DeleteSourceFromS3": { + "markdownDescription": "Set to `true` to delete a version's source bundle from Amazon S3 when Elastic Beanstalk deletes the application version.", + "title": "DeleteSourceFromS3", + "type": "boolean" }, - "Type": { - "markdownDescription": "The storage mechanism for log events. Valid values are `FileSystem` or `AWSCloudWatch` . When `AWSCloudWatch` is used, log events are sent to CloudWatch Logs . When `FileSystem` is used, log events are stored on the local file system.", - "title": "Type", - "type": "string" + "Enabled": { + "markdownDescription": "Specify `true` to apply the rule, or `false` to disable it.", + "title": "Enabled", + "type": "boolean" + }, + "MaxCount": { + "markdownDescription": "Specify the maximum number of application versions to retain.", + "title": "MaxCount", + "type": "number" } }, - "required": [ - "Component", - "Id", - "Level", - "Type" - ], "type": "object" }, - "AWS::Greengrass::ResourceDefinition": { + "AWS::ElasticBeanstalk::ApplicationVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -110574,30 +114518,31 @@ "Properties": { "additionalProperties": false, "properties": { - "InitialVersion": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.ResourceDefinitionVersion", - "markdownDescription": "The resource definition version to include when the resource definition is created. A resource definition version contains a list of [`resource instance`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-resourcedefinition-resourceinstance.html) property types.\n\n> To associate a resource definition version after the resource definition is created, create an [`AWS::Greengrass::ResourceDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-resourcedefinitionversion.html) resource and specify the ID of this resource definition.", - "title": "InitialVersion" + "ApplicationName": { + "markdownDescription": "The name of the Elastic Beanstalk application that is associated with this application version.", + "title": "ApplicationName", + "type": "string" }, - "Name": { - "markdownDescription": "The name of the resource definition.", - "title": "Name", + "Description": { + "markdownDescription": "A description of this application version.", + "title": "Description", "type": "string" }, - "Tags": { - "markdownDescription": "Application-specific metadata to attach to the resource definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", - "title": "Tags", - "type": "object" + "SourceBundle": { + "$ref": "#/definitions/AWS::ElasticBeanstalk::ApplicationVersion.SourceBundle", + "markdownDescription": "The Amazon S3 bucket and key that identify the location of the source bundle for this version.\n\n> The Amazon S3 bucket must be in the same region as the environment.", + "title": "SourceBundle" } }, "required": [ - "Name" + "ApplicationName", + "SourceBundle" ], "type": "object" }, "Type": { "enum": [ - "AWS::Greengrass::ResourceDefinition" + "AWS::ElasticBeanstalk::ApplicationVersion" ], "type": "string" }, @@ -110616,236 +114561,27 @@ ], "type": "object" }, - "AWS::Greengrass::ResourceDefinition.GroupOwnerSetting": { - "additionalProperties": false, - "properties": { - "AutoAddGroupOwner": { - "markdownDescription": "Indicates whether to give the privileges of the Linux group that owns the resource to the Lambda process. This gives the Lambda process the file access permissions of the Linux group.", - "title": "AutoAddGroupOwner", - "type": "boolean" - }, - "GroupOwner": { - "markdownDescription": "The name of the Linux group whose privileges you want to add to the Lambda process. This value is ignored if `AutoAddGroupOwner` is true.", - "title": "GroupOwner", - "type": "string" - } - }, - "required": [ - "AutoAddGroupOwner" - ], - "type": "object" - }, - "AWS::Greengrass::ResourceDefinition.LocalDeviceResourceData": { - "additionalProperties": false, - "properties": { - "GroupOwnerSetting": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.GroupOwnerSetting", - "markdownDescription": "Settings that define additional Linux OS group permissions to give to the Lambda function process.", - "title": "GroupOwnerSetting" - }, - "SourcePath": { - "markdownDescription": "The local absolute path of the device resource. The source path for a device resource can refer only to a character device or block device under `/dev` .", - "title": "SourcePath", - "type": "string" - } - }, - "required": [ - "SourcePath" - ], - "type": "object" - }, - "AWS::Greengrass::ResourceDefinition.LocalVolumeResourceData": { - "additionalProperties": false, - "properties": { - "DestinationPath": { - "markdownDescription": "The absolute local path of the resource in the Lambda environment.", - "title": "DestinationPath", - "type": "string" - }, - "GroupOwnerSetting": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.GroupOwnerSetting", - "markdownDescription": "Settings that define additional Linux OS group permissions to give to the Lambda function process.", - "title": "GroupOwnerSetting" - }, - "SourcePath": { - "markdownDescription": "The local absolute path of the volume resource on the host. The source path for a volume resource type cannot start with `/sys` .", - "title": "SourcePath", - "type": "string" - } - }, - "required": [ - "DestinationPath", - "SourcePath" - ], - "type": "object" - }, - "AWS::Greengrass::ResourceDefinition.ResourceDataContainer": { - "additionalProperties": false, - "properties": { - "LocalDeviceResourceData": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.LocalDeviceResourceData", - "markdownDescription": "Settings for a local device resource.", - "title": "LocalDeviceResourceData" - }, - "LocalVolumeResourceData": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.LocalVolumeResourceData", - "markdownDescription": "Settings for a local volume resource.", - "title": "LocalVolumeResourceData" - }, - "S3MachineLearningModelResourceData": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.S3MachineLearningModelResourceData", - "markdownDescription": "Settings for a machine learning resource stored in Amazon S3 .", - "title": "S3MachineLearningModelResourceData" - }, - "SageMakerMachineLearningModelResourceData": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.SageMakerMachineLearningModelResourceData", - "markdownDescription": "Settings for a machine learning resource saved as an SageMaker AI training job.", - "title": "SageMakerMachineLearningModelResourceData" - }, - "SecretsManagerSecretResourceData": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.SecretsManagerSecretResourceData", - "markdownDescription": "Settings for a secret resource.", - "title": "SecretsManagerSecretResourceData" - } - }, - "type": "object" - }, - "AWS::Greengrass::ResourceDefinition.ResourceDefinitionVersion": { - "additionalProperties": false, - "properties": { - "Resources": { - "items": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.ResourceInstance" - }, - "markdownDescription": "The resources in this version.", - "title": "Resources", - "type": "array" - } - }, - "required": [ - "Resources" - ], - "type": "object" - }, - "AWS::Greengrass::ResourceDefinition.ResourceDownloadOwnerSetting": { - "additionalProperties": false, - "properties": { - "GroupOwner": { - "markdownDescription": "The group owner of the machine learning resource. This is the group ID (GID) of an existing Linux OS group on the system. The group's permissions are added to the Lambda process.", - "title": "GroupOwner", - "type": "string" - }, - "GroupPermission": { - "markdownDescription": "The permissions that the group owner has to the machine learning resource. Valid values are `rw` (read-write) or `ro` (read-only).", - "title": "GroupPermission", - "type": "string" - } - }, - "required": [ - "GroupOwner", - "GroupPermission" - ], - "type": "object" - }, - "AWS::Greengrass::ResourceDefinition.ResourceInstance": { - "additionalProperties": false, - "properties": { - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the resource. This value must be unique within the resource definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", - "type": "string" - }, - "Name": { - "markdownDescription": "The descriptive resource name, which is displayed on the AWS IoT Greengrass console. Maximum length 128 characters with pattern [a-zA-Z0-9:_-]+. This must be unique within a Greengrass group.", - "title": "Name", - "type": "string" - }, - "ResourceDataContainer": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.ResourceDataContainer", - "markdownDescription": "A container for resource data. The container takes only one of the following supported resource data types: `LocalDeviceResourceData` , `LocalVolumeResourceData` , `SageMakerMachineLearningModelResourceData` , `S3MachineLearningModelResourceData` , or `SecretsManagerSecretResourceData` .\n\n> Only one resource type can be defined for a `ResourceDataContainer` instance.", - "title": "ResourceDataContainer" - } - }, - "required": [ - "Id", - "Name", - "ResourceDataContainer" - ], - "type": "object" - }, - "AWS::Greengrass::ResourceDefinition.S3MachineLearningModelResourceData": { - "additionalProperties": false, - "properties": { - "DestinationPath": { - "markdownDescription": "The absolute local path of the resource inside the Lambda environment.", - "title": "DestinationPath", - "type": "string" - }, - "OwnerSetting": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.ResourceDownloadOwnerSetting", - "markdownDescription": "The owner setting for the downloaded machine learning resource. For more information, see [Access Machine Learning Resources from Lambda Functions](https://docs.aws.amazon.com/greengrass/v1/developerguide/access-ml-resources.html) in the *Developer Guide* .", - "title": "OwnerSetting" - }, - "S3Uri": { - "markdownDescription": "The URI of the source model in an Amazon S3 bucket. The model package must be in `tar.gz` or `.zip` format.", - "title": "S3Uri", - "type": "string" - } - }, - "required": [ - "DestinationPath", - "S3Uri" - ], - "type": "object" - }, - "AWS::Greengrass::ResourceDefinition.SageMakerMachineLearningModelResourceData": { + "AWS::ElasticBeanstalk::ApplicationVersion.SourceBundle": { "additionalProperties": false, "properties": { - "DestinationPath": { - "markdownDescription": "The absolute local path of the resource inside the Lambda environment.", - "title": "DestinationPath", + "S3Bucket": { + "markdownDescription": "The Amazon S3 bucket where the data is located.", + "title": "S3Bucket", "type": "string" }, - "OwnerSetting": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.ResourceDownloadOwnerSetting", - "markdownDescription": "The owner setting for the downloaded machine learning resource. For more information, see [Access Machine Learning Resources from Lambda Functions](https://docs.aws.amazon.com/greengrass/v1/developerguide/access-ml-resources.html) in the *Developer Guide* .", - "title": "OwnerSetting" - }, - "SageMakerJobArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SageMaker AI training job that represents the source model.", - "title": "SageMakerJobArn", - "type": "string" - } - }, - "required": [ - "DestinationPath", - "SageMakerJobArn" - ], - "type": "object" - }, - "AWS::Greengrass::ResourceDefinition.SecretsManagerSecretResourceData": { - "additionalProperties": false, - "properties": { - "ARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Secrets Manager secret to make available on the core. The value of the secret's latest version (represented by the `AWSCURRENT` staging label) is included by default.", - "title": "ARN", + "S3Key": { + "markdownDescription": "The Amazon S3 key where the data is located.", + "title": "S3Key", "type": "string" - }, - "AdditionalStagingLabelsToDownload": { - "items": { - "type": "string" - }, - "markdownDescription": "The staging labels whose values you want to make available on the core, in addition to `AWSCURRENT` .", - "title": "AdditionalStagingLabelsToDownload", - "type": "array" } }, "required": [ - "ARN" + "S3Bucket", + "S3Key" ], "type": "object" }, - "AWS::Greengrass::ResourceDefinitionVersion": { + "AWS::ElasticBeanstalk::ConfigurationTemplate": { "additionalProperties": false, "properties": { "Condition": { @@ -110880,29 +114616,53 @@ "Properties": { "additionalProperties": false, "properties": { - "ResourceDefinitionId": { - "markdownDescription": "The ID of the resource definition associated with this version. This value is a GUID.", - "title": "ResourceDefinitionId", + "ApplicationName": { + "markdownDescription": "The name of the Elastic Beanstalk application to associate with this configuration template.", + "title": "ApplicationName", "type": "string" }, - "Resources": { + "Description": { + "markdownDescription": "An optional description for this configuration.", + "title": "Description", + "type": "string" + }, + "EnvironmentId": { + "markdownDescription": "The ID of an environment whose settings you want to use to create the configuration template. You must specify `EnvironmentId` if you don't specify `PlatformArn` , `SolutionStackName` , or `SourceConfiguration` .", + "title": "EnvironmentId", + "type": "string" + }, + "OptionSettings": { "items": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.ResourceInstance" + "$ref": "#/definitions/AWS::ElasticBeanstalk::ConfigurationTemplate.ConfigurationOptionSetting" }, - "markdownDescription": "The resources in this version.", - "title": "Resources", + "markdownDescription": "Option values for the Elastic Beanstalk configuration, such as the instance type. If specified, these values override the values obtained from the solution stack or the source configuration template. For a complete list of Elastic Beanstalk configuration options, see [Option Values](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/command-options.html) in the *AWS Elastic Beanstalk Developer Guide* .", + "title": "OptionSettings", "type": "array" + }, + "PlatformArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the custom platform. For more information, see [Custom Platforms](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/custom-platforms.html) in the *AWS Elastic Beanstalk Developer Guide* .\n\n> If you specify `PlatformArn` , then don't specify `SolutionStackName` .", + "title": "PlatformArn", + "type": "string" + }, + "SolutionStackName": { + "markdownDescription": "The name of an Elastic Beanstalk solution stack (platform version) that this configuration uses. For example, `64bit Amazon Linux 2013.09 running Tomcat 7 Java 7` . A solution stack specifies the operating system, runtime, and application server for a configuration template. It also determines the set of configuration options as well as the possible and default values. For more information, see [Supported Platforms](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/concepts.platforms.html) in the *AWS Elastic Beanstalk Developer Guide* .\n\nYou must specify `SolutionStackName` if you don't specify `PlatformArn` , `EnvironmentId` , or `SourceConfiguration` .\n\nUse the [`ListAvailableSolutionStacks`](https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_ListAvailableSolutionStacks.html) API to obtain a list of available solution stacks.", + "title": "SolutionStackName", + "type": "string" + }, + "SourceConfiguration": { + "$ref": "#/definitions/AWS::ElasticBeanstalk::ConfigurationTemplate.SourceConfiguration", + "markdownDescription": "An Elastic Beanstalk configuration template to base this one on. If specified, Elastic Beanstalk uses the configuration values from the specified configuration template to create a new configuration.\n\nValues specified in `OptionSettings` override any values obtained from the `SourceConfiguration` .\n\nYou must specify `SourceConfiguration` if you don't specify `PlatformArn` , `EnvironmentId` , or `SolutionStackName` .\n\nConstraint: If both solution stack name and source configuration are specified, the solution stack of the source configuration template must match the specified solution stack name.", + "title": "SourceConfiguration" } }, "required": [ - "ResourceDefinitionId", - "Resources" + "ApplicationName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Greengrass::ResourceDefinitionVersion" + "AWS::ElasticBeanstalk::ConfigurationTemplate" ], "type": "string" }, @@ -110921,219 +114681,57 @@ ], "type": "object" }, - "AWS::Greengrass::ResourceDefinitionVersion.GroupOwnerSetting": { - "additionalProperties": false, - "properties": { - "AutoAddGroupOwner": { - "markdownDescription": "Indicates whether to give the privileges of the Linux group that owns the resource to the Lambda process. This gives the Lambda process the file access permissions of the Linux group.", - "title": "AutoAddGroupOwner", - "type": "boolean" - }, - "GroupOwner": { - "markdownDescription": "The name of the Linux group whose privileges you want to add to the Lambda process. This value is ignored if `AutoAddGroupOwner` is true.", - "title": "GroupOwner", - "type": "string" - } - }, - "required": [ - "AutoAddGroupOwner" - ], - "type": "object" - }, - "AWS::Greengrass::ResourceDefinitionVersion.LocalDeviceResourceData": { - "additionalProperties": false, - "properties": { - "GroupOwnerSetting": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.GroupOwnerSetting", - "markdownDescription": "Settings that define additional Linux OS group permissions to give to the Lambda function process.", - "title": "GroupOwnerSetting" - }, - "SourcePath": { - "markdownDescription": "The local absolute path of the device resource. The source path for a device resource can refer only to a character device or block device under `/dev` .", - "title": "SourcePath", - "type": "string" - } - }, - "required": [ - "SourcePath" - ], - "type": "object" - }, - "AWS::Greengrass::ResourceDefinitionVersion.LocalVolumeResourceData": { - "additionalProperties": false, - "properties": { - "DestinationPath": { - "markdownDescription": "The absolute local path of the resource in the Lambda environment.", - "title": "DestinationPath", - "type": "string" - }, - "GroupOwnerSetting": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.GroupOwnerSetting", - "markdownDescription": "Settings that define additional Linux OS group permissions to give to the Lambda function process.", - "title": "GroupOwnerSetting" - }, - "SourcePath": { - "markdownDescription": "The local absolute path of the volume resource on the host. The source path for a volume resource type cannot start with `/sys` .", - "title": "SourcePath", - "type": "string" - } - }, - "required": [ - "DestinationPath", - "SourcePath" - ], - "type": "object" - }, - "AWS::Greengrass::ResourceDefinitionVersion.ResourceDataContainer": { - "additionalProperties": false, - "properties": { - "LocalDeviceResourceData": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.LocalDeviceResourceData", - "markdownDescription": "Settings for a local device resource.", - "title": "LocalDeviceResourceData" - }, - "LocalVolumeResourceData": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.LocalVolumeResourceData", - "markdownDescription": "Settings for a local volume resource.", - "title": "LocalVolumeResourceData" - }, - "S3MachineLearningModelResourceData": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.S3MachineLearningModelResourceData", - "markdownDescription": "Settings for a machine learning resource stored in Amazon S3 .", - "title": "S3MachineLearningModelResourceData" - }, - "SageMakerMachineLearningModelResourceData": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.SageMakerMachineLearningModelResourceData", - "markdownDescription": "Settings for a machine learning resource saved as an SageMaker AI training job.", - "title": "SageMakerMachineLearningModelResourceData" - }, - "SecretsManagerSecretResourceData": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.SecretsManagerSecretResourceData", - "markdownDescription": "Settings for a secret resource.", - "title": "SecretsManagerSecretResourceData" - } - }, - "type": "object" - }, - "AWS::Greengrass::ResourceDefinitionVersion.ResourceDownloadOwnerSetting": { - "additionalProperties": false, - "properties": { - "GroupOwner": { - "markdownDescription": "The group owner of the machine learning resource. This is the group ID (GID) of an existing Linux OS group on the system. The group's permissions are added to the Lambda process.", - "title": "GroupOwner", - "type": "string" - }, - "GroupPermission": { - "markdownDescription": "The permissions that the group owner has to the machine learning resource. Valid values are `rw` (read-write) or `ro` (read-only).", - "title": "GroupPermission", - "type": "string" - } - }, - "required": [ - "GroupOwner", - "GroupPermission" - ], - "type": "object" - }, - "AWS::Greengrass::ResourceDefinitionVersion.ResourceInstance": { + "AWS::ElasticBeanstalk::ConfigurationTemplate.ConfigurationOptionSetting": { "additionalProperties": false, "properties": { - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the resource. This value must be unique within the resource definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", + "Namespace": { + "markdownDescription": "A unique namespace that identifies the option's associated AWS resource.", + "title": "Namespace", "type": "string" }, - "Name": { - "markdownDescription": "The descriptive resource name, which is displayed on the AWS IoT Greengrass console. Maximum length 128 characters with pattern [a-zA-Z0-9:_-]+. This must be unique within a Greengrass group.", - "title": "Name", + "OptionName": { + "markdownDescription": "The name of the configuration option.", + "title": "OptionName", "type": "string" }, - "ResourceDataContainer": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.ResourceDataContainer", - "markdownDescription": "A container for resource data. The container takes only one of the following supported resource data types: `LocalDeviceResourceData` , `LocalVolumeResourceData` , `SageMakerMachineLearningModelResourceData` , `S3MachineLearningModelResourceData` , or `SecretsManagerSecretResourceData` .\n\n> Only one resource type can be defined for a `ResourceDataContainer` instance.", - "title": "ResourceDataContainer" - } - }, - "required": [ - "Id", - "Name", - "ResourceDataContainer" - ], - "type": "object" - }, - "AWS::Greengrass::ResourceDefinitionVersion.S3MachineLearningModelResourceData": { - "additionalProperties": false, - "properties": { - "DestinationPath": { - "markdownDescription": "The absolute local path of the resource inside the Lambda environment.", - "title": "DestinationPath", + "ResourceName": { + "markdownDescription": "A unique resource name for the option setting. Use it for a time\u2013based scaling configuration option.", + "title": "ResourceName", "type": "string" }, - "OwnerSetting": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.ResourceDownloadOwnerSetting", - "markdownDescription": "The owner setting for the downloaded machine learning resource. For more information, see [Access Machine Learning Resources from Lambda Functions](https://docs.aws.amazon.com/greengrass/v1/developerguide/access-ml-resources.html) in the *Developer Guide* .", - "title": "OwnerSetting" - }, - "S3Uri": { - "markdownDescription": "The URI of the source model in an Amazon S3 bucket. The model package must be in `tar.gz` or `.zip` format.", - "title": "S3Uri", + "Value": { + "markdownDescription": "The current value for the configuration option.", + "title": "Value", "type": "string" } }, "required": [ - "DestinationPath", - "S3Uri" + "Namespace", + "OptionName" ], "type": "object" }, - "AWS::Greengrass::ResourceDefinitionVersion.SageMakerMachineLearningModelResourceData": { + "AWS::ElasticBeanstalk::ConfigurationTemplate.SourceConfiguration": { "additionalProperties": false, "properties": { - "DestinationPath": { - "markdownDescription": "The absolute local path of the resource inside the Lambda environment.", - "title": "DestinationPath", + "ApplicationName": { + "markdownDescription": "The name of the application associated with the configuration.", + "title": "ApplicationName", "type": "string" }, - "OwnerSetting": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.ResourceDownloadOwnerSetting", - "markdownDescription": "The owner setting for the downloaded machine learning resource. For more information, see [Access Machine Learning Resources from Lambda Functions](https://docs.aws.amazon.com/greengrass/v1/developerguide/access-ml-resources.html) in the *Developer Guide* .", - "title": "OwnerSetting" - }, - "SageMakerJobArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SageMaker AI training job that represents the source model.", - "title": "SageMakerJobArn", - "type": "string" - } - }, - "required": [ - "DestinationPath", - "SageMakerJobArn" - ], - "type": "object" - }, - "AWS::Greengrass::ResourceDefinitionVersion.SecretsManagerSecretResourceData": { - "additionalProperties": false, - "properties": { - "ARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Secrets Manager secret to make available on the core. The value of the secret's latest version (represented by the `AWSCURRENT` staging label) is included by default.", - "title": "ARN", + "TemplateName": { + "markdownDescription": "The name of the configuration template.", + "title": "TemplateName", "type": "string" - }, - "AdditionalStagingLabelsToDownload": { - "items": { - "type": "string" - }, - "markdownDescription": "The staging labels whose values you want to make available on the core, in addition to `AWSCURRENT` .", - "title": "AdditionalStagingLabelsToDownload", - "type": "array" } }, "required": [ - "ARN" + "ApplicationName", + "TemplateName" ], "type": "object" }, - "AWS::Greengrass::SubscriptionDefinition": { + "AWS::ElasticBeanstalk::Environment": { "additionalProperties": false, "properties": { "Condition": { @@ -111168,30 +114766,81 @@ "Properties": { "additionalProperties": false, "properties": { - "InitialVersion": { - "$ref": "#/definitions/AWS::Greengrass::SubscriptionDefinition.SubscriptionDefinitionVersion", - "markdownDescription": "The subscription definition version to include when the subscription definition is created. A subscription definition version contains a list of [`subscription`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-subscriptiondefinition-subscription.html) property types.\n\n> To associate a subscription definition version after the subscription definition is created, create an [`AWS::Greengrass::SubscriptionDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-subscriptiondefinitionversion.html) resource and specify the ID of this subscription definition.", - "title": "InitialVersion" + "ApplicationName": { + "markdownDescription": "The name of the application that is associated with this environment.", + "title": "ApplicationName", + "type": "string" }, - "Name": { - "markdownDescription": "The name of the subscription definition.", - "title": "Name", + "CNAMEPrefix": { + "markdownDescription": "If specified, the environment attempts to use this value as the prefix for the CNAME in your Elastic Beanstalk environment URL. If not specified, the CNAME is generated automatically by appending a random alphanumeric string to the environment name.", + "title": "CNAMEPrefix", + "type": "string" + }, + "Description": { + "markdownDescription": "Your description for this environment.", + "title": "Description", + "type": "string" + }, + "EnvironmentName": { + "markdownDescription": "A unique name for the environment.\n\nConstraint: Must be from 4 to 40 characters in length. The name can contain only letters, numbers, and hyphens. It can't start or end with a hyphen. This name must be unique within a region in your account.\n\nIf you don't specify the `CNAMEPrefix` parameter, the environment name becomes part of the CNAME, and therefore part of the visible URL for your application.\n\nIf you don't specify an environment name, AWS CloudFormation generates a unique physical ID and uses that ID for the environment name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "EnvironmentName", + "type": "string" + }, + "OperationsRole": { + "markdownDescription": "> The operations role feature of AWS Elastic Beanstalk is in beta release and is subject to change. \n\nThe Amazon Resource Name (ARN) of an existing IAM role to be used as the environment's operations role. If specified, Elastic Beanstalk uses the operations role for permissions to downstream services during this call and during subsequent calls acting on this environment. To specify an operations role, you must have the `iam:PassRole` permission for the role.", + "title": "OperationsRole", + "type": "string" + }, + "OptionSettings": { + "items": { + "$ref": "#/definitions/AWS::ElasticBeanstalk::Environment.OptionSetting" + }, + "markdownDescription": "Key-value pairs defining configuration options for this environment, such as the instance type. These options override the values that are defined in the solution stack or the [configuration template](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-beanstalk-configurationtemplate.html) . If you remove any options during a stack update, the removed options retain their current values.", + "title": "OptionSettings", + "type": "array" + }, + "PlatformArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the custom platform to use with the environment. For more information, see [Custom Platforms](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/custom-platforms.html) in the *AWS Elastic Beanstalk Developer Guide* .\n\n> If you specify `PlatformArn` , don't specify `SolutionStackName` .", + "title": "PlatformArn", + "type": "string" + }, + "SolutionStackName": { + "markdownDescription": "The name of an Elastic Beanstalk solution stack (platform version) to use with the environment. If specified, Elastic Beanstalk sets the configuration values to the default values associated with the specified solution stack. For a list of current solution stacks, see [Elastic Beanstalk Supported Platforms](https://docs.aws.amazon.com/elasticbeanstalk/latest/platforms/platforms-supported.html) in the *AWS Elastic Beanstalk Platforms* guide.\n\n> If you specify `SolutionStackName` , don't specify `PlatformArn` or `TemplateName` .", + "title": "SolutionStackName", "type": "string" }, "Tags": { - "markdownDescription": "Application-specific metadata to attach to the subscription definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies the tags applied to resources in the environment.", "title": "Tags", - "type": "object" + "type": "array" + }, + "TemplateName": { + "markdownDescription": "The name of the Elastic Beanstalk configuration template to use with the environment.\n\n> If you specify `TemplateName` , then don't specify `SolutionStackName` .", + "title": "TemplateName", + "type": "string" + }, + "Tier": { + "$ref": "#/definitions/AWS::ElasticBeanstalk::Environment.Tier", + "markdownDescription": "Specifies the tier to use in creating this environment. The environment tier that you choose determines whether Elastic Beanstalk provisions resources to support a web application that handles HTTP(S) requests or a web application that handles background-processing tasks.", + "title": "Tier" + }, + "VersionLabel": { + "markdownDescription": "The name of the application version to deploy.\n\nDefault: If not specified, Elastic Beanstalk attempts to deploy the sample application.", + "title": "VersionLabel", + "type": "string" } }, "required": [ - "Name" + "ApplicationName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Greengrass::SubscriptionDefinition" + "AWS::ElasticBeanstalk::Environment" ], "type": "string" }, @@ -111210,56 +114859,58 @@ ], "type": "object" }, - "AWS::Greengrass::SubscriptionDefinition.Subscription": { + "AWS::ElasticBeanstalk::Environment.OptionSetting": { "additionalProperties": false, "properties": { - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the subscription. This value must be unique within the subscription definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", + "Namespace": { + "markdownDescription": "A unique namespace that identifies the option's associated AWS resource.", + "title": "Namespace", "type": "string" }, - "Source": { - "markdownDescription": "The originator of the message. The value can be a thing ARN, the ARN of a Lambda function alias (recommended) or version, a connector ARN, `cloud` (which represents the AWS IoT cloud), or `GGShadowService` .", - "title": "Source", + "OptionName": { + "markdownDescription": "The name of the configuration option.", + "title": "OptionName", "type": "string" }, - "Subject": { - "markdownDescription": "The MQTT topic used to route the message.", - "title": "Subject", + "ResourceName": { + "markdownDescription": "A unique resource name for the option setting. Use it for a time\u2013based scaling configuration option.", + "title": "ResourceName", "type": "string" }, - "Target": { - "markdownDescription": "The destination of the message. The value can be a thing ARN, the ARN of a Lambda function alias (recommended) or version, a connector ARN, `cloud` (which represents the AWS IoT cloud), or `GGShadowService` .", - "title": "Target", + "Value": { + "markdownDescription": "The current value for the configuration option.", + "title": "Value", "type": "string" } }, "required": [ - "Id", - "Source", - "Subject", - "Target" + "Namespace", + "OptionName" ], "type": "object" }, - "AWS::Greengrass::SubscriptionDefinition.SubscriptionDefinitionVersion": { + "AWS::ElasticBeanstalk::Environment.Tier": { "additionalProperties": false, "properties": { - "Subscriptions": { - "items": { - "$ref": "#/definitions/AWS::Greengrass::SubscriptionDefinition.Subscription" - }, - "markdownDescription": "The subscriptions in this version.", - "title": "Subscriptions", - "type": "array" + "Name": { + "markdownDescription": "The name of this environment tier.\n\nValid values:\n\n- For *Web server tier* \u2013 `WebServer`\n- For *Worker tier* \u2013 `Worker`", + "title": "Name", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of this environment tier.\n\nValid values:\n\n- For *Web server tier* \u2013 `Standard`\n- For *Worker tier* \u2013 `SQS/HTTP`", + "title": "Type", + "type": "string" + }, + "Version": { + "markdownDescription": "The version of this environment tier. When you don't set a value to it, Elastic Beanstalk uses the latest compatible worker tier version.\n\n> This member is deprecated. Any specific version that you set may become out of date. We recommend leaving it unspecified.", + "title": "Version", + "type": "string" } }, - "required": [ - "Subscriptions" - ], "type": "object" }, - "AWS::Greengrass::SubscriptionDefinitionVersion": { + "AWS::ElasticLoadBalancing::LoadBalancer": { "additionalProperties": false, "properties": { "Condition": { @@ -111294,29 +114945,122 @@ "Properties": { "additionalProperties": false, "properties": { - "SubscriptionDefinitionId": { - "markdownDescription": "The ID of the subscription definition associated with this version. This value is a GUID.", - "title": "SubscriptionDefinitionId", + "AccessLoggingPolicy": { + "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.AccessLoggingPolicy", + "markdownDescription": "Information about where and how access logs are stored for the load balancer.", + "title": "AccessLoggingPolicy" + }, + "AppCookieStickinessPolicy": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.AppCookieStickinessPolicy" + }, + "markdownDescription": "Information about a policy for application-controlled session stickiness.", + "title": "AppCookieStickinessPolicy", + "type": "array" + }, + "AvailabilityZones": { + "items": { + "type": "string" + }, + "markdownDescription": "The Availability Zones for a load balancer in a default VPC. For a load balancer in a nondefault VPC, specify `Subnets` instead.\n\nUpdate requires replacement if you did not previously specify an Availability Zone or if you are removing all Availability Zones. Otherwise, update requires no interruption.", + "title": "AvailabilityZones", + "type": "array" + }, + "ConnectionDrainingPolicy": { + "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.ConnectionDrainingPolicy", + "markdownDescription": "If enabled, the load balancer allows existing requests to complete before the load balancer shifts traffic away from a deregistered or unhealthy instance.\n\nFor more information, see [Configure connection draining](https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/config-conn-drain.html) in the *User Guide for Classic Load Balancers* .", + "title": "ConnectionDrainingPolicy" + }, + "ConnectionSettings": { + "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.ConnectionSettings", + "markdownDescription": "If enabled, the load balancer allows the connections to remain idle (no data is sent over the connection) for the specified duration.\n\nBy default, Elastic Load Balancing maintains a 60-second idle connection timeout for both front-end and back-end connections of your load balancer. For more information, see [Configure idle connection timeout](https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/config-idle-timeout.html) in the *User Guide for Classic Load Balancers* .", + "title": "ConnectionSettings" + }, + "CrossZone": { + "markdownDescription": "If enabled, the load balancer routes the request traffic evenly across all instances regardless of the Availability Zones.\n\nFor more information, see [Configure cross-zone load balancing](https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-disable-crosszone-lb.html) in the *User Guide for Classic Load Balancers* .", + "title": "CrossZone", + "type": "boolean" + }, + "HealthCheck": { + "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.HealthCheck", + "markdownDescription": "The health check settings to use when evaluating the health of your EC2 instances.\n\nUpdate requires replacement if you did not previously specify health check settings or if you are removing the health check settings. Otherwise, update requires no interruption.", + "title": "HealthCheck" + }, + "Instances": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the instances for the load balancer.", + "title": "Instances", + "type": "array" + }, + "LBCookieStickinessPolicy": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.LBCookieStickinessPolicy" + }, + "markdownDescription": "Information about a policy for duration-based session stickiness.", + "title": "LBCookieStickinessPolicy", + "type": "array" + }, + "Listeners": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.Listeners" + }, + "markdownDescription": "The listeners for the load balancer. You can specify at most one listener per port.\n\nIf you update the properties for a listener, AWS CloudFormation deletes the existing listener and creates a new one with the specified properties. While the new listener is being created, clients cannot connect to the load balancer.", + "title": "Listeners", + "type": "array" + }, + "LoadBalancerName": { + "markdownDescription": "The name of the load balancer. This name must be unique within your set of load balancers for the region.\n\nIf you don't specify a name, AWS CloudFormation generates a unique physical ID for the load balancer. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) . If you specify a name, you cannot perform updates that require replacement of this resource, but you can perform other updates. To replace the resource, specify a new name.", + "title": "LoadBalancerName", "type": "string" }, - "Subscriptions": { + "Policies": { "items": { - "$ref": "#/definitions/AWS::Greengrass::SubscriptionDefinitionVersion.Subscription" + "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.Policies" }, - "markdownDescription": "The subscriptions in this version.", - "title": "Subscriptions", + "markdownDescription": "The policies defined for your Classic Load Balancer. Specify only back-end server policies.", + "title": "Policies", + "type": "array" + }, + "Scheme": { + "markdownDescription": "The type of load balancer. Valid only for load balancers in a VPC.\n\nIf `Scheme` is `internet-facing` , the load balancer has a public DNS name that resolves to a public IP address.\n\nIf `Scheme` is `internal` , the load balancer has a public DNS name that resolves to a private IP address.", + "title": "Scheme", + "type": "string" + }, + "SecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The security groups for the load balancer. Valid only for load balancers in a VPC.", + "title": "SecurityGroups", + "type": "array" + }, + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the subnets for the load balancer. You can specify at most one subnet per Availability Zone.\n\nUpdate requires replacement if you did not previously specify a subnet or if you are removing all subnets. Otherwise, update requires no interruption. To update to a different subnet in the current Availability Zone, you must first update to a subnet in a different Availability Zone, then update to the new subnet in the original Availability Zone.", + "title": "Subnets", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags associated with a load balancer.", + "title": "Tags", "type": "array" } }, "required": [ - "SubscriptionDefinitionId", - "Subscriptions" + "Listeners" ], "type": "object" }, "Type": { "enum": [ - "AWS::Greengrass::SubscriptionDefinitionVersion" + "AWS::ElasticLoadBalancing::LoadBalancer" ], "type": "string" }, @@ -111335,385 +115079,233 @@ ], "type": "object" }, - "AWS::Greengrass::SubscriptionDefinitionVersion.Subscription": { + "AWS::ElasticLoadBalancing::LoadBalancer.AccessLoggingPolicy": { "additionalProperties": false, "properties": { - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the subscription. This value must be unique within the subscription definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", - "type": "string" + "EmitInterval": { + "markdownDescription": "The interval for publishing the access logs. You can specify an interval of either 5 minutes or 60 minutes.\n\nDefault: 60 minutes", + "title": "EmitInterval", + "type": "number" }, - "Source": { - "markdownDescription": "The originator of the message. The value can be a thing ARN, the ARN of a Lambda function alias (recommended) or version, a connector ARN, `cloud` (which represents the AWS IoT cloud), or `GGShadowService` .", - "title": "Source", - "type": "string" + "Enabled": { + "markdownDescription": "Specifies whether access logs are enabled for the load balancer.", + "title": "Enabled", + "type": "boolean" }, - "Subject": { - "markdownDescription": "The MQTT topic used to route the message.", - "title": "Subject", + "S3BucketName": { + "markdownDescription": "The name of the Amazon S3 bucket where the access logs are stored.", + "title": "S3BucketName", "type": "string" }, - "Target": { - "markdownDescription": "The destination of the message. The value can be a thing ARN, the ARN of a Lambda function alias (recommended) or version, a connector ARN, `cloud` (which represents the AWS IoT cloud), or `GGShadowService` .", - "title": "Target", + "S3BucketPrefix": { + "markdownDescription": "The logical hierarchy you created for your Amazon S3 bucket, for example `my-bucket-prefix/prod` . If the prefix is not provided, the log is placed at the root level of the bucket.", + "title": "S3BucketPrefix", "type": "string" } }, "required": [ - "Id", - "Source", - "Subject", - "Target" + "Enabled", + "S3BucketName" ], "type": "object" }, - "AWS::GreengrassV2::ComponentVersion": { + "AWS::ElasticLoadBalancing::LoadBalancer.AppCookieStickinessPolicy": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "InlineRecipe": { - "markdownDescription": "The recipe to use to create the component. The recipe defines the component's metadata, parameters, dependencies, lifecycle, artifacts, and platform compatibility.\n\nYou must specify either `InlineRecipe` or `LambdaFunction` .", - "title": "InlineRecipe", - "type": "string" - }, - "LambdaFunction": { - "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaFunctionRecipeSource", - "markdownDescription": "The parameters to create a component from a Lambda function.\n\nYou must specify either `InlineRecipe` or `LambdaFunction` .", - "title": "LambdaFunction" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Application-specific metadata to attach to the component version. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tag your AWS IoT Greengrass Version 2 resources](https://docs.aws.amazon.com/greengrass/v2/developerguide/tag-resources.html) in the *AWS IoT Greengrass V2 Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::GreengrassV2::ComponentVersion" - ], + "CookieName": { + "markdownDescription": "The name of the application cookie used for stickiness.", + "title": "CookieName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "PolicyName": { + "markdownDescription": "The mnemonic name for the policy being created. The name must be unique within a set of policies for this load balancer.", + "title": "PolicyName", "type": "string" } }, "required": [ - "Type" + "CookieName", + "PolicyName" ], "type": "object" }, - "AWS::GreengrassV2::ComponentVersion.ComponentDependencyRequirement": { + "AWS::ElasticLoadBalancing::LoadBalancer.ConnectionDrainingPolicy": { "additionalProperties": false, "properties": { - "DependencyType": { - "markdownDescription": "The type of this dependency. Choose from the following options:\n\n- `SOFT` \u2013 The component doesn't restart if the dependency changes state.\n- `HARD` \u2013 The component restarts if the dependency changes state.\n\nDefault: `HARD`", - "title": "DependencyType", - "type": "string" + "Enabled": { + "markdownDescription": "Specifies whether connection draining is enabled for the load balancer.", + "title": "Enabled", + "type": "boolean" }, - "VersionRequirement": { - "markdownDescription": "The component version requirement for the component dependency.\n\nAWS IoT Greengrass uses semantic version constraints. For more information, see [Semantic Versioning](https://docs.aws.amazon.com/https://semver.org/) .", - "title": "VersionRequirement", - "type": "string" + "Timeout": { + "markdownDescription": "The maximum time, in seconds, to keep the existing connections open before deregistering the instances.", + "title": "Timeout", + "type": "number" } }, + "required": [ + "Enabled" + ], "type": "object" }, - "AWS::GreengrassV2::ComponentVersion.ComponentPlatform": { + "AWS::ElasticLoadBalancing::LoadBalancer.ConnectionSettings": { "additionalProperties": false, "properties": { - "Attributes": { - "additionalProperties": true, - "markdownDescription": "A dictionary of attributes for the platform. The AWS IoT Greengrass Core software defines the `os` and `platform` by default. You can specify additional platform attributes for a core device when you deploy the AWS IoT Greengrass nucleus component. For more information, see the [AWS IoT Greengrass nucleus component](https://docs.aws.amazon.com/greengrass/v2/developerguide/greengrass-nucleus-component.html) in the *AWS IoT Greengrass V2 Developer Guide* .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Attributes", - "type": "object" - }, - "Name": { - "markdownDescription": "The friendly name of the platform. This name helps you identify the platform.\n\nIf you omit this parameter, AWS IoT Greengrass creates a friendly name from the `os` and `architecture` of the platform.", - "title": "Name", - "type": "string" + "IdleTimeout": { + "markdownDescription": "The time, in seconds, that the connection is allowed to be idle (no data has been sent over the connection) before it is closed by the load balancer.", + "title": "IdleTimeout", + "type": "number" } }, + "required": [ + "IdleTimeout" + ], "type": "object" }, - "AWS::GreengrassV2::ComponentVersion.LambdaContainerParams": { + "AWS::ElasticLoadBalancing::LoadBalancer.HealthCheck": { "additionalProperties": false, "properties": { - "Devices": { - "items": { - "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaDeviceMount" - }, - "markdownDescription": "The list of system devices that the container can access.", - "title": "Devices", - "type": "array" - }, - "MemorySizeInKB": { - "markdownDescription": "The memory size of the container, expressed in kilobytes.\n\nDefault: `16384` (16 MB)", - "title": "MemorySizeInKB", - "type": "number" + "HealthyThreshold": { + "markdownDescription": "The number of consecutive health checks successes required before moving the instance to the `Healthy` state.", + "title": "HealthyThreshold", + "type": "string" }, - "MountROSysfs": { - "markdownDescription": "Whether or not the container can read information from the device's `/sys` folder.\n\nDefault: `false`", - "title": "MountROSysfs", - "type": "boolean" + "Interval": { + "markdownDescription": "The approximate interval, in seconds, between health checks of an individual instance.", + "title": "Interval", + "type": "string" }, - "Volumes": { - "items": { - "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaVolumeMount" - }, - "markdownDescription": "The list of volumes that the container can access.", - "title": "Volumes", - "type": "array" - } - }, - "type": "object" - }, - "AWS::GreengrassV2::ComponentVersion.LambdaDeviceMount": { - "additionalProperties": false, - "properties": { - "AddGroupOwner": { - "markdownDescription": "Whether or not to add the component's system user as an owner of the device.\n\nDefault: `false`", - "title": "AddGroupOwner", - "type": "boolean" + "Target": { + "markdownDescription": "The instance being checked. The protocol is either TCP, HTTP, HTTPS, or SSL. The range of valid ports is one (1) through 65535.\n\nTCP is the default, specified as a TCP: port pair, for example \"TCP:5000\". In this case, a health check simply attempts to open a TCP connection to the instance on the specified port. Failure to connect within the configured timeout is considered unhealthy.\n\nSSL is also specified as SSL: port pair, for example, SSL:5000.\n\nFor HTTP/HTTPS, you must include a ping path in the string. HTTP is specified as a HTTP:port;/;PathToPing; grouping, for example \"HTTP:80/weather/us/wa/seattle\". In this case, a HTTP GET request is issued to the instance on the given port and path. Any answer other than \"200 OK\" within the timeout period is considered unhealthy.\n\nThe total length of the HTTP ping target must be 1024 16-bit Unicode characters or less.", + "title": "Target", + "type": "string" }, - "Path": { - "markdownDescription": "The mount path for the device in the file system.", - "title": "Path", + "Timeout": { + "markdownDescription": "The amount of time, in seconds, during which no response means a failed health check.\n\nThis value must be less than the `Interval` value.", + "title": "Timeout", "type": "string" }, - "Permission": { - "markdownDescription": "The permission to access the device: read/only ( `ro` ) or read/write ( `rw` ).\n\nDefault: `ro`", - "title": "Permission", + "UnhealthyThreshold": { + "markdownDescription": "The number of consecutive health check failures required before moving the instance to the `Unhealthy` state.", + "title": "UnhealthyThreshold", "type": "string" } }, + "required": [ + "HealthyThreshold", + "Interval", + "Target", + "Timeout", + "UnhealthyThreshold" + ], "type": "object" }, - "AWS::GreengrassV2::ComponentVersion.LambdaEventSource": { + "AWS::ElasticLoadBalancing::LoadBalancer.LBCookieStickinessPolicy": { "additionalProperties": false, "properties": { - "Topic": { - "markdownDescription": "The topic to which to subscribe to receive event messages.", - "title": "Topic", + "CookieExpirationPeriod": { + "markdownDescription": "The time period, in seconds, after which the cookie should be considered stale. If this parameter is not specified, the stickiness session lasts for the duration of the browser session.", + "title": "CookieExpirationPeriod", "type": "string" }, - "Type": { - "markdownDescription": "The type of event source. Choose from the following options:\n\n- `PUB_SUB` \u2013 Subscribe to local publish/subscribe messages. This event source type doesn't support MQTT wildcards ( `+` and `#` ) in the event source topic.\n- `IOT_CORE` \u2013 Subscribe to AWS IoT Core MQTT messages. This event source type supports MQTT wildcards ( `+` and `#` ) in the event source topic.", - "title": "Type", + "PolicyName": { + "markdownDescription": "The name of the policy. This name must be unique within the set of policies for this load balancer.", + "title": "PolicyName", "type": "string" } }, "type": "object" }, - "AWS::GreengrassV2::ComponentVersion.LambdaExecutionParameters": { + "AWS::ElasticLoadBalancing::LoadBalancer.Listeners": { "additionalProperties": false, "properties": { - "EnvironmentVariables": { - "additionalProperties": true, - "markdownDescription": "The map of environment variables that are available to the Lambda function when it runs.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "EnvironmentVariables", - "type": "object" + "InstancePort": { + "markdownDescription": "The port on which the instance is listening.", + "title": "InstancePort", + "type": "string" }, - "EventSources": { - "items": { - "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaEventSource" - }, - "markdownDescription": "The list of event sources to which to subscribe to receive work messages. The Lambda function runs when it receives a message from an event source. You can subscribe this function to local publish/subscribe messages and AWS IoT Core MQTT messages.", - "title": "EventSources", - "type": "array" + "InstanceProtocol": { + "markdownDescription": "The protocol to use for routing traffic to instances: HTTP, HTTPS, TCP, or SSL.\n\nIf the front-end protocol is TCP or SSL, the back-end protocol must be TCP or SSL. If the front-end protocol is HTTP or HTTPS, the back-end protocol must be HTTP or HTTPS.\n\nIf there is another listener with the same `InstancePort` whose `InstanceProtocol` is secure, (HTTPS or SSL), the listener's `InstanceProtocol` must also be secure.\n\nIf there is another listener with the same `InstancePort` whose `InstanceProtocol` is HTTP or TCP, the listener's `InstanceProtocol` must be HTTP or TCP.", + "title": "InstanceProtocol", + "type": "string" }, - "ExecArgs": { + "LoadBalancerPort": { + "markdownDescription": "The port on which the load balancer is listening. On EC2-VPC, you can specify any port from the range 1-65535. On EC2-Classic, you can specify any port from the following list: 25, 80, 443, 465, 587, 1024-65535.", + "title": "LoadBalancerPort", + "type": "string" + }, + "PolicyNames": { "items": { "type": "string" }, - "markdownDescription": "The list of arguments to pass to the Lambda function when it runs.", - "title": "ExecArgs", + "markdownDescription": "The names of the policies to associate with the listener.", + "title": "PolicyNames", "type": "array" }, - "InputPayloadEncodingType": { - "markdownDescription": "The encoding type that the Lambda function supports.\n\nDefault: `json`", - "title": "InputPayloadEncodingType", + "Protocol": { + "markdownDescription": "The load balancer transport protocol to use for routing: HTTP, HTTPS, TCP, or SSL.", + "title": "Protocol", "type": "string" }, - "LinuxProcessParams": { - "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaLinuxProcessParams", - "markdownDescription": "The parameters for the Linux process that contains the Lambda function.", - "title": "LinuxProcessParams" - }, - "MaxIdleTimeInSeconds": { - "markdownDescription": "The maximum amount of time in seconds that a non-pinned Lambda function can idle before the AWS IoT Greengrass Core software stops its process.", - "title": "MaxIdleTimeInSeconds", - "type": "number" - }, - "MaxInstancesCount": { - "markdownDescription": "The maximum number of instances that a non-pinned Lambda function can run at the same time.", - "title": "MaxInstancesCount", - "type": "number" - }, - "MaxQueueSize": { - "markdownDescription": "The maximum size of the message queue for the Lambda function component. The AWS IoT Greengrass core device stores messages in a FIFO (first-in-first-out) queue until it can run the Lambda function to consume each message.", - "title": "MaxQueueSize", - "type": "number" - }, - "Pinned": { - "markdownDescription": "Whether or not the Lambda function is pinned, or long-lived.\n\n- A pinned Lambda function starts when the AWS IoT Greengrass Core starts and keeps running in its own container.\n- A non-pinned Lambda function starts only when it receives a work item and exists after it idles for `maxIdleTimeInSeconds` . If the function has multiple work items, the AWS IoT Greengrass Core software creates multiple instances of the function.\n\nDefault: `true`", - "title": "Pinned", - "type": "boolean" - }, - "StatusTimeoutInSeconds": { - "markdownDescription": "The interval in seconds at which a pinned (also known as long-lived) Lambda function component sends status updates to the Lambda manager component.", - "title": "StatusTimeoutInSeconds", - "type": "number" - }, - "TimeoutInSeconds": { - "markdownDescription": "The maximum amount of time in seconds that the Lambda function can process a work item.", - "title": "TimeoutInSeconds", - "type": "number" + "SSLCertificateId": { + "markdownDescription": "The Amazon Resource Name (ARN) of the server certificate.", + "title": "SSLCertificateId", + "type": "string" } }, + "required": [ + "InstancePort", + "LoadBalancerPort", + "Protocol" + ], "type": "object" }, - "AWS::GreengrassV2::ComponentVersion.LambdaFunctionRecipeSource": { + "AWS::ElasticLoadBalancing::LoadBalancer.Policies": { "additionalProperties": false, "properties": { - "ComponentDependencies": { - "additionalProperties": false, - "markdownDescription": "The component versions on which this Lambda function component depends.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.ComponentDependencyRequirement" - } + "Attributes": { + "items": { + "type": "object" }, - "title": "ComponentDependencies", - "type": "object" - }, - "ComponentLambdaParameters": { - "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaExecutionParameters", - "markdownDescription": "The system and runtime parameters for the Lambda function as it runs on the AWS IoT Greengrass core device.", - "title": "ComponentLambdaParameters" - }, - "ComponentName": { - "markdownDescription": "The name of the component.\n\nDefaults to the name of the Lambda function.", - "title": "ComponentName", - "type": "string" + "markdownDescription": "The policy attributes.", + "title": "Attributes", + "type": "array" }, - "ComponentPlatforms": { + "InstancePorts": { "items": { - "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.ComponentPlatform" + "type": "string" }, - "markdownDescription": "The platforms that the component version supports.", - "title": "ComponentPlatforms", + "markdownDescription": "The instance ports for the policy. Required only for some policy types.", + "title": "InstancePorts", "type": "array" }, - "ComponentVersion": { - "markdownDescription": "The version of the component.\n\nDefaults to the version of the Lambda function as a semantic version. For example, if your function version is `3` , the component version becomes `3.0.0` .", - "title": "ComponentVersion", - "type": "string" - }, - "LambdaArn": { - "markdownDescription": "The ARN of the Lambda function. The ARN must include the version of the function to import. You can't use version aliases like `$LATEST` .", - "title": "LambdaArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::GreengrassV2::ComponentVersion.LambdaLinuxProcessParams": { - "additionalProperties": false, - "properties": { - "ContainerParams": { - "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaContainerParams", - "markdownDescription": "The parameters for the container in which the Lambda function runs.", - "title": "ContainerParams" - }, - "IsolationMode": { - "markdownDescription": "The isolation mode for the process that contains the Lambda function. The process can run in an isolated runtime environment inside the AWS IoT Greengrass container, or as a regular process outside any container.\n\nDefault: `GreengrassContainer`", - "title": "IsolationMode", - "type": "string" - } - }, - "type": "object" - }, - "AWS::GreengrassV2::ComponentVersion.LambdaVolumeMount": { - "additionalProperties": false, - "properties": { - "AddGroupOwner": { - "markdownDescription": "Whether or not to add the AWS IoT Greengrass user group as an owner of the volume.\n\nDefault: `false`", - "title": "AddGroupOwner", - "type": "boolean" - }, - "DestinationPath": { - "markdownDescription": "The path to the logical volume in the file system.", - "title": "DestinationPath", - "type": "string" + "LoadBalancerPorts": { + "items": { + "type": "string" + }, + "markdownDescription": "The load balancer ports for the policy. Required only for some policy types.", + "title": "LoadBalancerPorts", + "type": "array" }, - "Permission": { - "markdownDescription": "The permission to access the volume: read/only ( `ro` ) or read/write ( `rw` ).\n\nDefault: `ro`", - "title": "Permission", + "PolicyName": { + "markdownDescription": "The name of the policy.", + "title": "PolicyName", "type": "string" }, - "SourcePath": { - "markdownDescription": "The path to the physical volume in the file system.", - "title": "SourcePath", + "PolicyType": { + "markdownDescription": "The name of the policy type.", + "title": "PolicyType", "type": "string" } }, + "required": [ + "Attributes", + "PolicyName", + "PolicyType" + ], "type": "object" }, - "AWS::GreengrassV2::Deployment": { + "AWS::ElasticLoadBalancingV2::Listener": { "additionalProperties": false, "properties": { "Condition": { @@ -111748,62 +115340,73 @@ "Properties": { "additionalProperties": false, "properties": { - "Components": { - "additionalProperties": false, - "markdownDescription": "The components to deploy. This is a dictionary, where each key is the name of a component, and each key's value is the version and configuration to deploy for that component.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.ComponentDeploymentSpecification" - } + "AlpnPolicy": { + "items": { + "type": "string" }, - "title": "Components", - "type": "object" + "markdownDescription": "[TLS listener] The name of the Application-Layer Protocol Negotiation (ALPN) policy.", + "title": "AlpnPolicy", + "type": "array" }, - "DeploymentName": { - "markdownDescription": "The name of the deployment.", - "title": "DeploymentName", - "type": "string" + "Certificates": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.Certificate" + }, + "markdownDescription": "The default SSL server certificate for a secure listener. You must provide exactly one certificate if the listener protocol is HTTPS or TLS.\n\nFor an HTTPS listener, update requires some interruptions. For a TLS listener, update requires no interruption.\n\nTo create a certificate list for a secure listener, use [AWS::ElasticLoadBalancingV2::ListenerCertificate](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-listenercertificate.html) .", + "title": "Certificates", + "type": "array" }, - "DeploymentPolicies": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.DeploymentPolicies", - "markdownDescription": "The deployment policies for the deployment. These policies define how the deployment updates components and handles failure.", - "title": "DeploymentPolicies" + "DefaultActions": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.Action" + }, + "markdownDescription": "The actions for the default rule. You cannot define a condition for a default rule.\n\nTo create additional rules for an Application Load Balancer, use [AWS::ElasticLoadBalancingV2::ListenerRule](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-listenerrule.html) .", + "title": "DefaultActions", + "type": "array" }, - "IotJobConfiguration": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.DeploymentIoTJobConfiguration", - "markdownDescription": "The job configuration for the deployment configuration. The job configuration specifies the rollout, timeout, and stop configurations for the deployment configuration.", - "title": "IotJobConfiguration" + "ListenerAttributes": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.ListenerAttribute" + }, + "markdownDescription": "The listener attributes. Attributes that you do not modify retain their current values.", + "title": "ListenerAttributes", + "type": "array" }, - "ParentTargetArn": { - "markdownDescription": "The parent deployment's [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) for a subdeployment.", - "title": "ParentTargetArn", + "LoadBalancerArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the load balancer.", + "title": "LoadBalancerArn", "type": "string" }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Application-specific metadata to attach to the deployment. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tag your AWS IoT Greengrass Version 2 resources](https://docs.aws.amazon.com/greengrass/v2/developerguide/tag-resources.html) in the *AWS IoT Greengrass V2 Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" + "MutualAuthentication": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.MutualAuthentication", + "markdownDescription": "The mutual authentication configuration information.", + "title": "MutualAuthentication" }, - "TargetArn": { - "markdownDescription": "The ARN of the target AWS IoT thing or thing group.", - "title": "TargetArn", + "Port": { + "markdownDescription": "The port on which the load balancer is listening. You can't specify a port for a Gateway Load Balancer.", + "title": "Port", + "type": "number" + }, + "Protocol": { + "markdownDescription": "The protocol for connections from clients to the load balancer. For Application Load Balancers, the supported protocols are HTTP and HTTPS. For Network Load Balancers, the supported protocols are TCP, TLS, UDP, and TCP_UDP. You can\u2019t specify the UDP or TCP_UDP protocol if dual-stack mode is enabled. You can't specify a protocol for a Gateway Load Balancer.", + "title": "Protocol", + "type": "string" + }, + "SslPolicy": { + "markdownDescription": "[HTTPS and TLS listeners] The security policy that defines which protocols and ciphers are supported. For more information, see [Security policies](https://docs.aws.amazon.com/elasticloadbalancing/latest/application/describe-ssl-policies.html) in the *Application Load Balancers Guide* and [Security policies](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/describe-ssl-policies.html) in the *Network Load Balancers Guide* .\n\n[HTTPS listeners] Updating the security policy can result in interruptions if the load balancer is handling a high volume of traffic. To decrease the possibility of an interruption if your load balancer is handling a high volume of traffic, create an additional load balancer or request an LCU reservation.", + "title": "SslPolicy", "type": "string" } }, "required": [ - "TargetArn" + "DefaultActions", + "LoadBalancerArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::GreengrassV2::Deployment" + "AWS::ElasticLoadBalancingV2::Listener" ], "type": "string" }, @@ -111822,271 +115425,359 @@ ], "type": "object" }, - "AWS::GreengrassV2::Deployment.ComponentConfigurationUpdate": { + "AWS::ElasticLoadBalancingV2::Listener.Action": { "additionalProperties": false, "properties": { - "Merge": { - "markdownDescription": "A serialized JSON string that contains the configuration object to merge to target devices. The core device merges this configuration with the component's existing configuration. If this is the first time a component deploys on a device, the core device merges this configuration with the component's default configuration. This means that the core device keeps it's existing configuration for keys and values that you don't specify in this object. For more information, see [Merge configuration updates](https://docs.aws.amazon.com/greengrass/v2/developerguide/update-component-configurations.html#merge-configuration-update) in the *AWS IoT Greengrass V2 Developer Guide* .", - "title": "Merge", + "AuthenticateCognitoConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.AuthenticateCognitoConfig", + "markdownDescription": "[HTTPS listeners] Information for using Amazon Cognito to authenticate users. Specify only when `Type` is `authenticate-cognito` .", + "title": "AuthenticateCognitoConfig" + }, + "AuthenticateOidcConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.AuthenticateOidcConfig", + "markdownDescription": "[HTTPS listeners] Information about an identity provider that is compliant with OpenID Connect (OIDC). Specify only when `Type` is `authenticate-oidc` .", + "title": "AuthenticateOidcConfig" + }, + "FixedResponseConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.FixedResponseConfig", + "markdownDescription": "[Application Load Balancer] Information for creating an action that returns a custom HTTP response. Specify only when `Type` is `fixed-response` .", + "title": "FixedResponseConfig" + }, + "ForwardConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.ForwardConfig", + "markdownDescription": "Information for creating an action that distributes requests among one or more target groups. For Network Load Balancers, you can specify a single target group. Specify only when `Type` is `forward` . If you specify both `ForwardConfig` and `TargetGroupArn` , you can specify only one target group using `ForwardConfig` and it must be the same target group specified in `TargetGroupArn` .", + "title": "ForwardConfig" + }, + "Order": { + "markdownDescription": "The order for the action. This value is required for rules with multiple actions. The action with the lowest value for order is performed first.", + "title": "Order", + "type": "number" + }, + "RedirectConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.RedirectConfig", + "markdownDescription": "[Application Load Balancer] Information for creating a redirect action. Specify only when `Type` is `redirect` .", + "title": "RedirectConfig" + }, + "TargetGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the target group. Specify only when `Type` is `forward` and you want to route to a single target group. To route to one or more target groups, use `ForwardConfig` instead.", + "title": "TargetGroupArn", "type": "string" }, - "Reset": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of configuration nodes to reset to default values on target devices. Use JSON pointers to specify each node to reset. JSON pointers start with a forward slash ( `/` ) and use forward slashes to separate the key for each level in the object. For more information, see the [JSON pointer specification](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) and [Reset configuration updates](https://docs.aws.amazon.com/greengrass/v2/developerguide/update-component-configurations.html#reset-configuration-update) in the *AWS IoT Greengrass V2 Developer Guide* .", - "title": "Reset", - "type": "array" + "Type": { + "markdownDescription": "The type of action.", + "title": "Type", + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::GreengrassV2::Deployment.ComponentDeploymentSpecification": { + "AWS::ElasticLoadBalancingV2::Listener.AuthenticateCognitoConfig": { "additionalProperties": false, "properties": { - "ComponentVersion": { - "markdownDescription": "The version of the component.", - "title": "ComponentVersion", + "AuthenticationRequestExtraParams": { + "additionalProperties": true, + "markdownDescription": "The query parameters (up to 10) to include in the redirect request to the authorization endpoint.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AuthenticationRequestExtraParams", + "type": "object" + }, + "OnUnauthenticatedRequest": { + "markdownDescription": "The behavior if the user is not authenticated. The following are possible values:\n\n- deny `` - Return an HTTP 401 Unauthorized error.\n- allow `` - Allow the request to be forwarded to the target.\n- authenticate `` - Redirect the request to the IdP authorization endpoint. This is the default value.", + "title": "OnUnauthenticatedRequest", "type": "string" }, - "ConfigurationUpdate": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.ComponentConfigurationUpdate", - "markdownDescription": "The configuration updates to deploy for the component. You can define reset updates and merge updates. A reset updates the keys that you specify to the default configuration for the component. A merge updates the core device's component configuration with the keys and values that you specify. The AWS IoT Greengrass Core software applies reset updates before it applies merge updates. For more information, see [Update component configuration](https://docs.aws.amazon.com/greengrass/v2/developerguide/update-component-configurations.html) .", - "title": "ConfigurationUpdate" + "Scope": { + "markdownDescription": "The set of user claims to be requested from the IdP. The default is `openid` .\n\nTo verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.", + "title": "Scope", + "type": "string" }, - "RunWith": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.ComponentRunWith", - "markdownDescription": "The system user and group that the software uses to run component processes on the core device. If you omit this parameter, the software uses the system user and group that you configure for the core device. For more information, see [Configure the user and group that run components](https://docs.aws.amazon.com/greengrass/v2/developerguide/configure-greengrass-core-v2.html#configure-component-user) in the *AWS IoT Greengrass V2 Developer Guide* .", - "title": "RunWith" - } - }, - "type": "object" - }, - "AWS::GreengrassV2::Deployment.ComponentRunWith": { - "additionalProperties": false, - "properties": { - "PosixUser": { - "markdownDescription": "The POSIX system user and (optional) group to use to run this component. Specify the user and group separated by a colon ( `:` ) in the following format: `user:group` . The group is optional. If you don't specify a group, the AWS IoT Greengrass Core software uses the primary user for the group.", - "title": "PosixUser", + "SessionCookieName": { + "markdownDescription": "The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.", + "title": "SessionCookieName", "type": "string" }, - "SystemResourceLimits": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.SystemResourceLimits", - "markdownDescription": "The system resource limits to apply to this component's process on the core device. AWS IoT Greengrass supports this feature only on Linux core devices.\n\nIf you omit this parameter, the AWS IoT Greengrass Core software uses the default system resource limits that you configure on the AWS IoT Greengrass nucleus component. For more information, see [Configure system resource limits for components](https://docs.aws.amazon.com/greengrass/v2/developerguide/configure-greengrass-core-v2.html#configure-component-system-resource-limits) .", - "title": "SystemResourceLimits" + "SessionTimeout": { + "markdownDescription": "The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).", + "title": "SessionTimeout", + "type": "string" }, - "WindowsUser": { - "markdownDescription": "The Windows user to use to run this component on Windows core devices. The user must exist on each Windows core device, and its name and password must be in the LocalSystem account's Credentials Manager instance.\n\nIf you omit this parameter, the AWS IoT Greengrass Core software uses the default Windows user that you configure on the AWS IoT Greengrass nucleus component. For more information, see [Configure the user and group that run components](https://docs.aws.amazon.com/greengrass/v2/developerguide/configure-greengrass-core-v2.html#configure-component-user) .", - "title": "WindowsUser", + "UserPoolArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Cognito user pool.", + "title": "UserPoolArn", "type": "string" - } - }, - "type": "object" - }, - "AWS::GreengrassV2::Deployment.DeploymentComponentUpdatePolicy": { - "additionalProperties": false, - "properties": { - "Action": { - "markdownDescription": "Whether or not to notify components and wait for components to become safe to update. Choose from the following options:\n\n- `NOTIFY_COMPONENTS` \u2013 The deployment notifies each component before it stops and updates that component. Components can use the [SubscribeToComponentUpdates](https://docs.aws.amazon.com/greengrass/v2/developerguide/interprocess-communication.html#ipc-operation-subscribetocomponentupdates) IPC operation to receive these notifications. Then, components can respond with the [DeferComponentUpdate](https://docs.aws.amazon.com/greengrass/v2/developerguide/interprocess-communication.html#ipc-operation-defercomponentupdate) IPC operation. For more information, see the [Create deployments](https://docs.aws.amazon.com/greengrass/v2/developerguide/create-deployments.html) in the *AWS IoT Greengrass V2 Developer Guide* .\n- `SKIP_NOTIFY_COMPONENTS` \u2013 The deployment doesn't notify components or wait for them to be safe to update.\n\nDefault: `NOTIFY_COMPONENTS`", - "title": "Action", + }, + "UserPoolClientId": { + "markdownDescription": "The ID of the Amazon Cognito user pool client.", + "title": "UserPoolClientId", "type": "string" }, - "TimeoutInSeconds": { - "markdownDescription": "The amount of time in seconds that each component on a device has to report that it's safe to update. If the component waits for longer than this timeout, then the deployment proceeds on the device.\n\nDefault: `60`", - "title": "TimeoutInSeconds", - "type": "number" + "UserPoolDomain": { + "markdownDescription": "The domain prefix or fully-qualified domain name of the Amazon Cognito user pool.", + "title": "UserPoolDomain", + "type": "string" } }, + "required": [ + "UserPoolArn", + "UserPoolClientId", + "UserPoolDomain" + ], "type": "object" }, - "AWS::GreengrassV2::Deployment.DeploymentConfigurationValidationPolicy": { + "AWS::ElasticLoadBalancingV2::Listener.AuthenticateOidcConfig": { "additionalProperties": false, "properties": { - "TimeoutInSeconds": { - "markdownDescription": "The amount of time in seconds that a component can validate its configuration updates. If the validation time exceeds this timeout, then the deployment proceeds for the device.\n\nDefault: `30`", - "title": "TimeoutInSeconds", - "type": "number" + "AuthenticationRequestExtraParams": { + "additionalProperties": true, + "markdownDescription": "The query parameters (up to 10) to include in the redirect request to the authorization endpoint.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AuthenticationRequestExtraParams", + "type": "object" + }, + "AuthorizationEndpoint": { + "markdownDescription": "The authorization endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", + "title": "AuthorizationEndpoint", + "type": "string" + }, + "ClientId": { + "markdownDescription": "The OAuth 2.0 client identifier.", + "title": "ClientId", + "type": "string" + }, + "ClientSecret": { + "markdownDescription": "The OAuth 2.0 client secret. This parameter is required if you are creating a rule. If you are modifying a rule, you can omit this parameter if you set `UseExistingClientSecret` to true.", + "title": "ClientSecret", + "type": "string" + }, + "Issuer": { + "markdownDescription": "The OIDC issuer identifier of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", + "title": "Issuer", + "type": "string" + }, + "OnUnauthenticatedRequest": { + "markdownDescription": "The behavior if the user is not authenticated. The following are possible values:\n\n- deny `` - Return an HTTP 401 Unauthorized error.\n- allow `` - Allow the request to be forwarded to the target.\n- authenticate `` - Redirect the request to the IdP authorization endpoint. This is the default value.", + "title": "OnUnauthenticatedRequest", + "type": "string" + }, + "Scope": { + "markdownDescription": "The set of user claims to be requested from the IdP. The default is `openid` .\n\nTo verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.", + "title": "Scope", + "type": "string" + }, + "SessionCookieName": { + "markdownDescription": "The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.", + "title": "SessionCookieName", + "type": "string" + }, + "SessionTimeout": { + "markdownDescription": "The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).", + "title": "SessionTimeout", + "type": "string" + }, + "TokenEndpoint": { + "markdownDescription": "The token endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", + "title": "TokenEndpoint", + "type": "string" + }, + "UseExistingClientSecret": { + "markdownDescription": "Indicates whether to use the existing client secret when modifying a rule. If you are creating a rule, you can omit this parameter or set it to false.", + "title": "UseExistingClientSecret", + "type": "boolean" + }, + "UserInfoEndpoint": { + "markdownDescription": "The user info endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", + "title": "UserInfoEndpoint", + "type": "string" } }, + "required": [ + "AuthorizationEndpoint", + "ClientId", + "Issuer", + "TokenEndpoint", + "UserInfoEndpoint" + ], "type": "object" }, - "AWS::GreengrassV2::Deployment.DeploymentIoTJobConfiguration": { + "AWS::ElasticLoadBalancingV2::Listener.Certificate": { "additionalProperties": false, "properties": { - "AbortConfig": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.IoTJobAbortConfig", - "markdownDescription": "The stop configuration for the job. This configuration defines when and how to stop a job rollout.", - "title": "AbortConfig" - }, - "JobExecutionsRolloutConfig": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.IoTJobExecutionsRolloutConfig", - "markdownDescription": "The rollout configuration for the job. This configuration defines the rate at which the job rolls out to the fleet of target devices.", - "title": "JobExecutionsRolloutConfig" - }, - "TimeoutConfig": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.IoTJobTimeoutConfig", - "markdownDescription": "The timeout configuration for the job. This configuration defines the amount of time each device has to complete the job.", - "title": "TimeoutConfig" + "CertificateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the certificate.", + "title": "CertificateArn", + "type": "string" } }, "type": "object" }, - "AWS::GreengrassV2::Deployment.DeploymentPolicies": { + "AWS::ElasticLoadBalancingV2::Listener.FixedResponseConfig": { "additionalProperties": false, "properties": { - "ComponentUpdatePolicy": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.DeploymentComponentUpdatePolicy", - "markdownDescription": "The component update policy for the configuration deployment. This policy defines when it's safe to deploy the configuration to devices.", - "title": "ComponentUpdatePolicy" + "ContentType": { + "markdownDescription": "The content type.\n\nValid Values: text/plain | text/css | text/html | application/javascript | application/json", + "title": "ContentType", + "type": "string" }, - "ConfigurationValidationPolicy": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.DeploymentConfigurationValidationPolicy", - "markdownDescription": "The configuration validation policy for the configuration deployment. This policy defines how long each component has to validate its configure updates.", - "title": "ConfigurationValidationPolicy" + "MessageBody": { + "markdownDescription": "The message.", + "title": "MessageBody", + "type": "string" }, - "FailureHandlingPolicy": { - "markdownDescription": "The failure handling policy for the configuration deployment. This policy defines what to do if the deployment fails.\n\nDefault: `ROLLBACK`", - "title": "FailureHandlingPolicy", + "StatusCode": { + "markdownDescription": "The HTTP response code (2XX, 4XX, or 5XX).", + "title": "StatusCode", "type": "string" } }, + "required": [ + "StatusCode" + ], "type": "object" }, - "AWS::GreengrassV2::Deployment.IoTJobAbortConfig": { + "AWS::ElasticLoadBalancingV2::Listener.ForwardConfig": { "additionalProperties": false, "properties": { - "CriteriaList": { + "TargetGroupStickinessConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.TargetGroupStickinessConfig", + "markdownDescription": "Information about the target group stickiness for a rule.", + "title": "TargetGroupStickinessConfig" + }, + "TargetGroups": { "items": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.IoTJobAbortCriteria" + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.TargetGroupTuple" }, - "markdownDescription": "The list of criteria that define when and how to cancel the configuration deployment.", - "title": "CriteriaList", + "markdownDescription": "Information about how traffic will be distributed between multiple target groups in a forward rule.", + "title": "TargetGroups", "type": "array" } }, - "required": [ - "CriteriaList" - ], "type": "object" }, - "AWS::GreengrassV2::Deployment.IoTJobAbortCriteria": { + "AWS::ElasticLoadBalancingV2::Listener.ListenerAttribute": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The action to perform when the criteria are met.", - "title": "Action", + "Key": { + "markdownDescription": "The name of the attribute.\n\nThe following attribute is supported by Network Load Balancers, and Gateway Load Balancers.\n\n- `tcp.idle_timeout.seconds` - The tcp idle timeout value, in seconds. The valid range is 60-6000 seconds. The default is 350 seconds.\n\nThe following attributes are only supported by Application Load Balancers.\n\n- `routing.http.request.x_amzn_mtls_clientcert_serial_number.header_name` - Enables you to modify the header name of the *X-Amzn-Mtls-Clientcert-Serial-Number* HTTP request header.\n- `routing.http.request.x_amzn_mtls_clientcert_issuer.header_name` - Enables you to modify the header name of the *X-Amzn-Mtls-Clientcert-Issuer* HTTP request header.\n- `routing.http.request.x_amzn_mtls_clientcert_subject.header_name` - Enables you to modify the header name of the *X-Amzn-Mtls-Clientcert-Subject* HTTP request header.\n- `routing.http.request.x_amzn_mtls_clientcert_validity.header_name` - Enables you to modify the header name of the *X-Amzn-Mtls-Clientcert-Validity* HTTP request header.\n- `routing.http.request.x_amzn_mtls_clientcert_leaf.header_name` - Enables you to modify the header name of the *X-Amzn-Mtls-Clientcert-Leaf* HTTP request header.\n- `routing.http.request.x_amzn_mtls_clientcert.header_name` - Enables you to modify the header name of the *X-Amzn-Mtls-Clientcert* HTTP request header.\n- `routing.http.request.x_amzn_tls_version.header_name` - Enables you to modify the header name of the *X-Amzn-Tls-Version* HTTP request header.\n- `routing.http.request.x_amzn_tls_cipher_suite.header_name` - Enables you to modify the header name of the *X-Amzn-Tls-Cipher-Suite* HTTP request header.\n- `routing.http.response.server.enabled` - Enables you to allow or remove the HTTP response server header.\n- `routing.http.response.strict_transport_security.header_value` - Informs browsers that the site should only be accessed using HTTPS, and that any future attempts to access it using HTTP should automatically be converted to HTTPS.\n- `routing.http.response.access_control_allow_origin.header_value` - Specifies which origins are allowed to access the server.\n- `routing.http.response.access_control_allow_methods.header_value` - Returns which HTTP methods are allowed when accessing the server from a different origin.\n- `routing.http.response.access_control_allow_headers.header_value` - Specifies which headers can be used during the request.\n- `routing.http.response.access_control_allow_credentials.header_value` - Indicates whether the browser should include credentials such as cookies or authentication when making requests.\n- `routing.http.response.access_control_expose_headers.header_value` - Returns which headers the browser can expose to the requesting client.\n- `routing.http.response.access_control_max_age.header_value` - Specifies how long the results of a preflight request can be cached, in seconds.\n- `routing.http.response.content_security_policy.header_value` - Specifies restrictions enforced by the browser to help minimize the risk of certain types of security threats.\n- `routing.http.response.x_content_type_options.header_value` - Indicates whether the MIME types advertised in the *Content-Type* headers should be followed and not be changed.\n- `routing.http.response.x_frame_options.header_value` - Indicates whether the browser is allowed to render a page in a *frame* , *iframe* , *embed* or *object* .", + "title": "Key", "type": "string" }, - "FailureType": { - "markdownDescription": "The type of job deployment failure that can cancel a job.", - "title": "FailureType", + "Value": { + "markdownDescription": "The value of the attribute.", + "title": "Value", "type": "string" - }, - "MinNumberOfExecutedThings": { - "markdownDescription": "The minimum number of things that receive the configuration before the job can cancel.", - "title": "MinNumberOfExecutedThings", - "type": "number" - }, - "ThresholdPercentage": { - "markdownDescription": "The minimum percentage of `failureType` failures that occur before the job can cancel.\n\nThis parameter supports up to two digits after the decimal (for example, you can specify `10.9` or `10.99` , but not `10.999` ).", - "title": "ThresholdPercentage", - "type": "number" } }, - "required": [ - "Action", - "FailureType", - "MinNumberOfExecutedThings", - "ThresholdPercentage" - ], "type": "object" }, - "AWS::GreengrassV2::Deployment.IoTJobExecutionsRolloutConfig": { + "AWS::ElasticLoadBalancingV2::Listener.MutualAuthentication": { "additionalProperties": false, "properties": { - "ExponentialRate": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.IoTJobExponentialRolloutRate", - "markdownDescription": "The exponential rate to increase the job rollout rate.", - "title": "ExponentialRate" + "AdvertiseTrustStoreCaNames": { + "markdownDescription": "Indicates whether trust store CA certificate names are advertised.", + "title": "AdvertiseTrustStoreCaNames", + "type": "string" }, - "MaximumPerMinute": { - "markdownDescription": "The maximum number of devices that receive a pending job notification, per minute.", - "title": "MaximumPerMinute", - "type": "number" + "IgnoreClientCertificateExpiry": { + "markdownDescription": "Indicates whether expired client certificates are ignored.", + "title": "IgnoreClientCertificateExpiry", + "type": "boolean" + }, + "Mode": { + "markdownDescription": "The client certificate handling method. Options are `off` , `passthrough` or `verify` . The default value is `off` .", + "title": "Mode", + "type": "string" + }, + "TrustStoreArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the trust store.", + "title": "TrustStoreArn", + "type": "string" } }, "type": "object" }, - "AWS::GreengrassV2::Deployment.IoTJobExponentialRolloutRate": { + "AWS::ElasticLoadBalancingV2::Listener.RedirectConfig": { "additionalProperties": false, "properties": { - "BaseRatePerMinute": { - "markdownDescription": "The minimum number of devices that receive a pending job notification, per minute, when the job starts. This parameter defines the initial rollout rate of the job.", - "title": "BaseRatePerMinute", - "type": "number" + "Host": { + "markdownDescription": "The hostname. This component is not percent-encoded. The hostname can contain #{host}.", + "title": "Host", + "type": "string" }, - "IncrementFactor": { - "markdownDescription": "The exponential factor to increase the rollout rate for the job.\n\nThis parameter supports up to one digit after the decimal (for example, you can specify `1.5` , but not `1.55` ).", - "title": "IncrementFactor", - "type": "number" + "Path": { + "markdownDescription": "The absolute path, starting with the leading \"/\". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}.", + "title": "Path", + "type": "string" }, - "RateIncreaseCriteria": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.IoTJobRateIncreaseCriteria", - "markdownDescription": "The criteria to increase the rollout rate for the job.", - "title": "RateIncreaseCriteria" + "Port": { + "markdownDescription": "The port. You can specify a value from 1 to 65535 or #{port}.", + "title": "Port", + "type": "string" + }, + "Protocol": { + "markdownDescription": "The protocol. You can specify HTTP, HTTPS, or #{protocol}. You can redirect HTTP to HTTP, HTTP to HTTPS, and HTTPS to HTTPS. You can't redirect HTTPS to HTTP.", + "title": "Protocol", + "type": "string" + }, + "Query": { + "markdownDescription": "The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading \"?\", as it is automatically added. You can specify any of the reserved keywords.", + "title": "Query", + "type": "string" + }, + "StatusCode": { + "markdownDescription": "The HTTP redirect code. The redirect is either permanent (HTTP 301) or temporary (HTTP 302).", + "title": "StatusCode", + "type": "string" } }, "required": [ - "BaseRatePerMinute", - "IncrementFactor", - "RateIncreaseCriteria" + "StatusCode" ], "type": "object" }, - "AWS::GreengrassV2::Deployment.IoTJobRateIncreaseCriteria": { + "AWS::ElasticLoadBalancingV2::Listener.TargetGroupStickinessConfig": { "additionalProperties": false, "properties": { - "NumberOfNotifiedThings": { - "markdownDescription": "The number of devices to receive the job notification before the rollout rate increases.", - "title": "NumberOfNotifiedThings", + "DurationSeconds": { + "markdownDescription": "The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days). You must specify this value when enabling target group stickiness.", + "title": "DurationSeconds", "type": "number" }, - "NumberOfSucceededThings": { - "markdownDescription": "The number of devices to successfully run the configuration job before the rollout rate increases.", - "title": "NumberOfSucceededThings", - "type": "number" - } - }, - "type": "object" - }, - "AWS::GreengrassV2::Deployment.IoTJobTimeoutConfig": { - "additionalProperties": false, - "properties": { - "InProgressTimeoutInMinutes": { - "markdownDescription": "The amount of time, in minutes, that devices have to complete the job. The timer starts when the job status is set to `IN_PROGRESS` . If the job status doesn't change to a terminal state before the time expires, then the job status is set to `TIMED_OUT` .\n\nThe timeout interval must be between 1 minute and 7 days (10080 minutes).", - "title": "InProgressTimeoutInMinutes", - "type": "number" + "Enabled": { + "markdownDescription": "Indicates whether target group stickiness is enabled.", + "title": "Enabled", + "type": "boolean" } }, "type": "object" }, - "AWS::GreengrassV2::Deployment.SystemResourceLimits": { + "AWS::ElasticLoadBalancingV2::Listener.TargetGroupTuple": { "additionalProperties": false, "properties": { - "Cpus": { - "markdownDescription": "The maximum amount of CPU time that a component's processes can use on the core device. A core device's total CPU time is equivalent to the device's number of CPU cores. For example, on a core device with 4 CPU cores, you can set this value to 2 to limit the component's processes to 50 percent usage of each CPU core. On a device with 1 CPU core, you can set this value to 0.25 to limit the component's processes to 25 percent usage of the CPU. If you set this value to a number greater than the number of CPU cores, the AWS IoT Greengrass Core software doesn't limit the component's CPU usage.", - "title": "Cpus", - "type": "number" + "TargetGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the target group.", + "title": "TargetGroupArn", + "type": "string" }, - "Memory": { - "markdownDescription": "The maximum amount of RAM, expressed in kilobytes, that a component's processes can use on the core device. For more information, see [Configure system resource limits for components](https://docs.aws.amazon.com/greengrass/v2/developerguide/configure-greengrass-core-v2.html#configure-component-system-resource-limits) .", - "title": "Memory", + "Weight": { + "markdownDescription": "The weight. The range is 0 to 999.", + "title": "Weight", "type": "number" } }, "type": "object" }, - "AWS::GroundStation::Config": { + "AWS::ElasticLoadBalancingV2::ListenerCertificate": { "additionalProperties": false, "properties": { "Condition": { @@ -112121,34 +115812,29 @@ "Properties": { "additionalProperties": false, "properties": { - "ConfigData": { - "$ref": "#/definitions/AWS::GroundStation::Config.ConfigData", - "markdownDescription": "Object containing the parameters of a config. Only one subtype may be specified per config. See the subtype definitions for a description of each config subtype.", - "title": "ConfigData" - }, - "Name": { - "markdownDescription": "The name of the config object.", - "title": "Name", - "type": "string" - }, - "Tags": { + "Certificates": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerCertificate.Certificate" }, - "markdownDescription": "Tags assigned to a resource.", - "title": "Tags", + "markdownDescription": "The certificate. You can specify one certificate per resource.", + "title": "Certificates", "type": "array" + }, + "ListenerArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the listener.", + "title": "ListenerArn", + "type": "string" } }, "required": [ - "ConfigData", - "Name" + "Certificates", + "ListenerArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::GroundStation::Config" + "AWS::ElasticLoadBalancingV2::ListenerCertificate" ], "type": "string" }, @@ -112167,272 +115853,561 @@ ], "type": "object" }, - "AWS::GroundStation::Config.AntennaDownlinkConfig": { - "additionalProperties": false, - "properties": { - "SpectrumConfig": { - "$ref": "#/definitions/AWS::GroundStation::Config.SpectrumConfig", - "markdownDescription": "Defines the spectrum configuration.", - "title": "SpectrumConfig" - } - }, - "type": "object" - }, - "AWS::GroundStation::Config.AntennaDownlinkDemodDecodeConfig": { + "AWS::ElasticLoadBalancingV2::ListenerCertificate.Certificate": { "additionalProperties": false, "properties": { - "DecodeConfig": { - "$ref": "#/definitions/AWS::GroundStation::Config.DecodeConfig", - "markdownDescription": "Defines how the RF signal will be decoded.", - "title": "DecodeConfig" - }, - "DemodulationConfig": { - "$ref": "#/definitions/AWS::GroundStation::Config.DemodulationConfig", - "markdownDescription": "Defines how the RF signal will be demodulated.", - "title": "DemodulationConfig" - }, - "SpectrumConfig": { - "$ref": "#/definitions/AWS::GroundStation::Config.SpectrumConfig", - "markdownDescription": "Defines the spectrum configuration.", - "title": "SpectrumConfig" + "CertificateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the certificate.", + "title": "CertificateArn", + "type": "string" } }, "type": "object" }, - "AWS::GroundStation::Config.AntennaUplinkConfig": { + "AWS::ElasticLoadBalancingV2::ListenerRule": { "additionalProperties": false, "properties": { - "SpectrumConfig": { - "$ref": "#/definitions/AWS::GroundStation::Config.UplinkSpectrumConfig", - "markdownDescription": "Defines the spectrum configuration.", - "title": "SpectrumConfig" - }, - "TargetEirp": { - "$ref": "#/definitions/AWS::GroundStation::Config.Eirp", - "markdownDescription": "The equivalent isotropically radiated power (EIRP) to use for uplink transmissions. Valid values are between 20.0 to 50.0 dBW.", - "title": "TargetEirp" + "Condition": { + "type": "string" }, - "TransmitDisabled": { - "markdownDescription": "Whether or not uplink transmit is disabled.", - "title": "TransmitDisabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::GroundStation::Config.ConfigData": { - "additionalProperties": false, - "properties": { - "AntennaDownlinkConfig": { - "$ref": "#/definitions/AWS::GroundStation::Config.AntennaDownlinkConfig", - "markdownDescription": "Provides information for an antenna downlink config object. Antenna downlink config objects are used to provide parameters for downlinks where no demodulation or decoding is performed by Ground Station (RF over IP downlinks).", - "title": "AntennaDownlinkConfig" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "AntennaDownlinkDemodDecodeConfig": { - "$ref": "#/definitions/AWS::GroundStation::Config.AntennaDownlinkDemodDecodeConfig", - "markdownDescription": "Provides information for a downlink demod decode config object. Downlink demod decode config objects are used to provide parameters for downlinks where the Ground Station service will demodulate and decode the downlinked data.", - "title": "AntennaDownlinkDemodDecodeConfig" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "AntennaUplinkConfig": { - "$ref": "#/definitions/AWS::GroundStation::Config.AntennaUplinkConfig", - "markdownDescription": "Provides information for an uplink config object. Uplink config objects are used to provide parameters for uplink contacts.", - "title": "AntennaUplinkConfig" + "Metadata": { + "type": "object" }, - "DataflowEndpointConfig": { - "$ref": "#/definitions/AWS::GroundStation::Config.DataflowEndpointConfig", - "markdownDescription": "Provides information for a dataflow endpoint config object. Dataflow endpoint config objects are used to provide parameters about which IP endpoint(s) to use during a contact. Dataflow endpoints are where Ground Station sends data during a downlink contact and where Ground Station receives data to send to the satellite during an uplink contact.", - "title": "DataflowEndpointConfig" - }, - "S3RecordingConfig": { - "$ref": "#/definitions/AWS::GroundStation::Config.S3RecordingConfig", - "markdownDescription": "Provides information for an S3 recording config object. S3 recording config objects are used to provide parameters for S3 recording during downlink contacts.", - "title": "S3RecordingConfig" + "Properties": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.Action" + }, + "markdownDescription": "The actions.\n\nThe rule must include exactly one of the following types of actions: `forward` , `fixed-response` , or `redirect` , and it must be the last action to be performed. If the rule is for an HTTPS listener, it can also optionally include an authentication action.", + "title": "Actions", + "type": "array" + }, + "Conditions": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.RuleCondition" + }, + "markdownDescription": "The conditions.\n\nThe rule can optionally include up to one of each of the following conditions: `http-request-method` , `host-header` , `path-pattern` , and `source-ip` . A rule can also optionally include one or more of each of the following conditions: `http-header` and `query-string` .", + "title": "Conditions", + "type": "array" + }, + "ListenerArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the listener.", + "title": "ListenerArn", + "type": "string" + }, + "Priority": { + "markdownDescription": "The rule priority. A listener can't have multiple rules with the same priority.\n\nIf you try to reorder rules by updating their priorities, do not specify a new priority if an existing rule already uses this priority, as this can cause an error. If you need to reuse a priority with a different rule, you must remove it as a priority first, and then specify it in a subsequent update.", + "title": "Priority", + "type": "number" + } + }, + "required": [ + "Actions", + "Conditions", + "Priority" + ], + "type": "object" }, - "TrackingConfig": { - "$ref": "#/definitions/AWS::GroundStation::Config.TrackingConfig", - "markdownDescription": "Provides information for a tracking config object. Tracking config objects are used to provide parameters about how to track the satellite through the sky during a contact.", - "title": "TrackingConfig" + "Type": { + "enum": [ + "AWS::ElasticLoadBalancingV2::ListenerRule" + ], + "type": "string" }, - "UplinkEchoConfig": { - "$ref": "#/definitions/AWS::GroundStation::Config.UplinkEchoConfig", - "markdownDescription": "Provides information for an uplink echo config object. Uplink echo config objects are used to provide parameters for uplink echo during uplink contacts.", - "title": "UplinkEchoConfig" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::GroundStation::Config.DataflowEndpointConfig": { + "AWS::ElasticLoadBalancingV2::ListenerRule.Action": { "additionalProperties": false, "properties": { - "DataflowEndpointName": { - "markdownDescription": "The name of the dataflow endpoint to use during contacts.", - "title": "DataflowEndpointName", + "AuthenticateCognitoConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.AuthenticateCognitoConfig", + "markdownDescription": "[HTTPS listeners] Information for using Amazon Cognito to authenticate users. Specify only when `Type` is `authenticate-cognito` .", + "title": "AuthenticateCognitoConfig" + }, + "AuthenticateOidcConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.AuthenticateOidcConfig", + "markdownDescription": "[HTTPS listeners] Information about an identity provider that is compliant with OpenID Connect (OIDC). Specify only when `Type` is `authenticate-oidc` .", + "title": "AuthenticateOidcConfig" + }, + "FixedResponseConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.FixedResponseConfig", + "markdownDescription": "[Application Load Balancer] Information for creating an action that returns a custom HTTP response. Specify only when `Type` is `fixed-response` .", + "title": "FixedResponseConfig" + }, + "ForwardConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.ForwardConfig", + "markdownDescription": "Information for creating an action that distributes requests among one or more target groups. For Network Load Balancers, you can specify a single target group. Specify only when `Type` is `forward` . If you specify both `ForwardConfig` and `TargetGroupArn` , you can specify only one target group using `ForwardConfig` and it must be the same target group specified in `TargetGroupArn` .", + "title": "ForwardConfig" + }, + "Order": { + "markdownDescription": "The order for the action. This value is required for rules with multiple actions. The action with the lowest value for order is performed first.", + "title": "Order", + "type": "number" + }, + "RedirectConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.RedirectConfig", + "markdownDescription": "[Application Load Balancer] Information for creating a redirect action. Specify only when `Type` is `redirect` .", + "title": "RedirectConfig" + }, + "TargetGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the target group. Specify only when `Type` is `forward` and you want to route to a single target group. To route to one or more target groups, use `ForwardConfig` instead.", + "title": "TargetGroupArn", "type": "string" }, - "DataflowEndpointRegion": { - "markdownDescription": "The region of the dataflow endpoint to use during contacts. When omitted, Ground Station will use the region of the contact.", - "title": "DataflowEndpointRegion", + "Type": { + "markdownDescription": "The type of action.", + "title": "Type", "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::GroundStation::Config.DecodeConfig": { + "AWS::ElasticLoadBalancingV2::ListenerRule.AuthenticateCognitoConfig": { "additionalProperties": false, "properties": { - "UnvalidatedJSON": { - "markdownDescription": "The decoding settings are in JSON format and define a set of steps to perform to decode the data.", - "title": "UnvalidatedJSON", + "AuthenticationRequestExtraParams": { + "additionalProperties": true, + "markdownDescription": "The query parameters (up to 10) to include in the redirect request to the authorization endpoint.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AuthenticationRequestExtraParams", + "type": "object" + }, + "OnUnauthenticatedRequest": { + "markdownDescription": "The behavior if the user is not authenticated. The following are possible values:\n\n- deny `` - Return an HTTP 401 Unauthorized error.\n- allow `` - Allow the request to be forwarded to the target.\n- authenticate `` - Redirect the request to the IdP authorization endpoint. This is the default value.", + "title": "OnUnauthenticatedRequest", + "type": "string" + }, + "Scope": { + "markdownDescription": "The set of user claims to be requested from the IdP. The default is `openid` .\n\nTo verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.", + "title": "Scope", + "type": "string" + }, + "SessionCookieName": { + "markdownDescription": "The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.", + "title": "SessionCookieName", + "type": "string" + }, + "SessionTimeout": { + "markdownDescription": "The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).", + "title": "SessionTimeout", + "type": "number" + }, + "UserPoolArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Cognito user pool.", + "title": "UserPoolArn", + "type": "string" + }, + "UserPoolClientId": { + "markdownDescription": "The ID of the Amazon Cognito user pool client.", + "title": "UserPoolClientId", + "type": "string" + }, + "UserPoolDomain": { + "markdownDescription": "The domain prefix or fully-qualified domain name of the Amazon Cognito user pool.", + "title": "UserPoolDomain", "type": "string" } }, + "required": [ + "UserPoolArn", + "UserPoolClientId", + "UserPoolDomain" + ], "type": "object" }, - "AWS::GroundStation::Config.DemodulationConfig": { + "AWS::ElasticLoadBalancingV2::ListenerRule.AuthenticateOidcConfig": { "additionalProperties": false, "properties": { - "UnvalidatedJSON": { - "markdownDescription": "The demodulation settings are in JSON format and define parameters for demodulation, for example which modulation scheme (e.g. PSK, QPSK, etc.) and matched filter to use.", - "title": "UnvalidatedJSON", + "AuthenticationRequestExtraParams": { + "additionalProperties": true, + "markdownDescription": "The query parameters (up to 10) to include in the redirect request to the authorization endpoint.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AuthenticationRequestExtraParams", + "type": "object" + }, + "AuthorizationEndpoint": { + "markdownDescription": "The authorization endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", + "title": "AuthorizationEndpoint", + "type": "string" + }, + "ClientId": { + "markdownDescription": "The OAuth 2.0 client identifier.", + "title": "ClientId", + "type": "string" + }, + "ClientSecret": { + "markdownDescription": "The OAuth 2.0 client secret. This parameter is required if you are creating a rule. If you are modifying a rule, you can omit this parameter if you set `UseExistingClientSecret` to true.", + "title": "ClientSecret", + "type": "string" + }, + "Issuer": { + "markdownDescription": "The OIDC issuer identifier of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", + "title": "Issuer", + "type": "string" + }, + "OnUnauthenticatedRequest": { + "markdownDescription": "The behavior if the user is not authenticated. The following are possible values:\n\n- deny `` - Return an HTTP 401 Unauthorized error.\n- allow `` - Allow the request to be forwarded to the target.\n- authenticate `` - Redirect the request to the IdP authorization endpoint. This is the default value.", + "title": "OnUnauthenticatedRequest", + "type": "string" + }, + "Scope": { + "markdownDescription": "The set of user claims to be requested from the IdP. The default is `openid` .\n\nTo verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.", + "title": "Scope", + "type": "string" + }, + "SessionCookieName": { + "markdownDescription": "The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.", + "title": "SessionCookieName", + "type": "string" + }, + "SessionTimeout": { + "markdownDescription": "The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).", + "title": "SessionTimeout", + "type": "number" + }, + "TokenEndpoint": { + "markdownDescription": "The token endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", + "title": "TokenEndpoint", + "type": "string" + }, + "UseExistingClientSecret": { + "markdownDescription": "Indicates whether to use the existing client secret when modifying a rule. If you are creating a rule, you can omit this parameter or set it to false.", + "title": "UseExistingClientSecret", + "type": "boolean" + }, + "UserInfoEndpoint": { + "markdownDescription": "The user info endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", + "title": "UserInfoEndpoint", "type": "string" } }, + "required": [ + "AuthorizationEndpoint", + "ClientId", + "Issuer", + "TokenEndpoint", + "UserInfoEndpoint" + ], "type": "object" }, - "AWS::GroundStation::Config.Eirp": { + "AWS::ElasticLoadBalancingV2::ListenerRule.FixedResponseConfig": { "additionalProperties": false, "properties": { - "Units": { - "markdownDescription": "The units of the EIRP.", - "title": "Units", + "ContentType": { + "markdownDescription": "The content type.\n\nValid Values: text/plain | text/css | text/html | application/javascript | application/json", + "title": "ContentType", "type": "string" }, - "Value": { - "markdownDescription": "The value of the EIRP. Valid values are between 20.0 to 50.0 dBW.", - "title": "Value", - "type": "number" + "MessageBody": { + "markdownDescription": "The message.", + "title": "MessageBody", + "type": "string" + }, + "StatusCode": { + "markdownDescription": "The HTTP response code (2XX, 4XX, or 5XX).", + "title": "StatusCode", + "type": "string" } }, + "required": [ + "StatusCode" + ], "type": "object" }, - "AWS::GroundStation::Config.Frequency": { + "AWS::ElasticLoadBalancingV2::ListenerRule.ForwardConfig": { "additionalProperties": false, "properties": { - "Units": { - "markdownDescription": "The units of the frequency.", - "title": "Units", + "TargetGroupStickinessConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.TargetGroupStickinessConfig", + "markdownDescription": "Information about the target group stickiness for a rule.", + "title": "TargetGroupStickinessConfig" + }, + "TargetGroups": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.TargetGroupTuple" + }, + "markdownDescription": "Information about how traffic will be distributed between multiple target groups in a forward rule.", + "title": "TargetGroups", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ElasticLoadBalancingV2::ListenerRule.HostHeaderConfig": { + "additionalProperties": false, + "properties": { + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The host names. The maximum size of each name is 128 characters. The comparison is case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character). You must include at least one \".\" character. You can include only alphabetical characters after the final \".\" character.\n\nIf you specify multiple strings, the condition is satisfied if one of the strings matches the host name.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ElasticLoadBalancingV2::ListenerRule.HttpHeaderConfig": { + "additionalProperties": false, + "properties": { + "HttpHeaderName": { + "markdownDescription": "The name of the HTTP header field. The maximum size is 40 characters. The header name is case insensitive. The allowed characters are specified by RFC 7230. Wildcards are not supported.", + "title": "HttpHeaderName", "type": "string" }, - "Value": { - "markdownDescription": "The value of the frequency. Valid values are between 2200 to 2300 MHz and 7750 to 8400 MHz for downlink and 2025 to 2120 MHz for uplink.", - "title": "Value", - "type": "number" + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The strings to compare against the value of the HTTP header. The maximum size of each string is 128 characters. The comparison strings are case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character).\n\nIf the same header appears multiple times in the request, we search them in order until a match is found.\n\nIf you specify multiple strings, the condition is satisfied if one of the strings matches the value of the HTTP header. To require that all of the strings are a match, create one condition per string.", + "title": "Values", + "type": "array" } }, "type": "object" }, - "AWS::GroundStation::Config.FrequencyBandwidth": { + "AWS::ElasticLoadBalancingV2::ListenerRule.HttpRequestMethodConfig": { "additionalProperties": false, "properties": { - "Units": { - "markdownDescription": "The units of the bandwidth.", - "title": "Units", + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The name of the request method. The maximum size is 40 characters. The allowed characters are A-Z, hyphen (-), and underscore (_). The comparison is case sensitive. Wildcards are not supported; therefore, the method name must be an exact match.\n\nIf you specify multiple strings, the condition is satisfied if one of the strings matches the HTTP request method. We recommend that you route GET and HEAD requests in the same way, because the response to a HEAD request may be cached.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ElasticLoadBalancingV2::ListenerRule.PathPatternConfig": { + "additionalProperties": false, + "properties": { + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The path patterns to compare against the request URL. The maximum size of each string is 128 characters. The comparison is case sensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character).\n\nIf you specify multiple strings, the condition is satisfied if one of them matches the request URL. The path pattern is compared only to the path of the URL, not to its query string.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ElasticLoadBalancingV2::ListenerRule.QueryStringConfig": { + "additionalProperties": false, + "properties": { + "Values": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.QueryStringKeyValue" + }, + "markdownDescription": "The key/value pairs or values to find in the query string. The maximum size of each string is 128 characters. The comparison is case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character). To search for a literal '*' or '?' character in a query string, you must escape these characters in `Values` using a '\\' character.\n\nIf you specify multiple key/value pairs or values, the condition is satisfied if one of them is found in the query string.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ElasticLoadBalancingV2::ListenerRule.QueryStringKeyValue": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The key. You can omit the key.", + "title": "Key", "type": "string" }, "Value": { - "markdownDescription": "The value of the bandwidth. AWS Ground Station currently has the following bandwidth limitations: \n\n- For `AntennaDownlinkDemodDecodeconfig` , valid values are between 125 kHz to 650 MHz.\n- For `AntennaDownlinkconfig` , valid values are between 10 kHz to 54 MHz.\n- For `AntennaUplinkConfig` , valid values are between 10 kHz to 54 MHz.", + "markdownDescription": "The value.", "title": "Value", - "type": "number" + "type": "string" } }, "type": "object" }, - "AWS::GroundStation::Config.S3RecordingConfig": { + "AWS::ElasticLoadBalancingV2::ListenerRule.RedirectConfig": { "additionalProperties": false, "properties": { - "BucketArn": { - "markdownDescription": "S3 Bucket where the data is written. The name of the S3 Bucket provided must begin with `aws-groundstation` .", - "title": "BucketArn", + "Host": { + "markdownDescription": "The hostname. This component is not percent-encoded. The hostname can contain #{host}.", + "title": "Host", "type": "string" }, - "Prefix": { - "markdownDescription": "The prefix of the S3 data object. If you choose to use any optional keys for substitution, these values will be replaced with the corresponding information from your contact details. For example, a prefix of `{satellite_id}/{year}/{month}/{day}/` will replaced with `fake_satellite_id/2021/01/10/`\n\n*Optional keys for substitution* : `{satellite_id}` | `{config-name}` | `{config-id}` | `{year}` | `{month}` | `{day}`", - "title": "Prefix", + "Path": { + "markdownDescription": "The absolute path, starting with the leading \"/\". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}.", + "title": "Path", "type": "string" }, - "RoleArn": { - "markdownDescription": "Defines the ARN of the role assumed for putting archives to S3.", - "title": "RoleArn", + "Port": { + "markdownDescription": "The port. You can specify a value from 1 to 65535 or #{port}.", + "title": "Port", + "type": "string" + }, + "Protocol": { + "markdownDescription": "The protocol. You can specify HTTP, HTTPS, or #{protocol}. You can redirect HTTP to HTTP, HTTP to HTTPS, and HTTPS to HTTPS. You can't redirect HTTPS to HTTP.", + "title": "Protocol", + "type": "string" + }, + "Query": { + "markdownDescription": "The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading \"?\", as it is automatically added. You can specify any of the reserved keywords.", + "title": "Query", + "type": "string" + }, + "StatusCode": { + "markdownDescription": "The HTTP redirect code. The redirect is either permanent (HTTP 301) or temporary (HTTP 302).", + "title": "StatusCode", "type": "string" } }, + "required": [ + "StatusCode" + ], "type": "object" }, - "AWS::GroundStation::Config.SpectrumConfig": { + "AWS::ElasticLoadBalancingV2::ListenerRule.RuleCondition": { "additionalProperties": false, "properties": { - "Bandwidth": { - "$ref": "#/definitions/AWS::GroundStation::Config.FrequencyBandwidth", - "markdownDescription": "The bandwidth of the spectrum. AWS Ground Station currently has the following bandwidth limitations: \n\n- For `AntennaDownlinkDemodDecodeconfig` , valid values are between 125 kHz to 650 MHz.\n- For `AntennaDownlinkconfig` , valid values are between 10 kHz to 54 MHz.\n- For `AntennaUplinkConfig` , valid values are between 10 kHz to 54 MHz.", - "title": "Bandwidth" + "Field": { + "markdownDescription": "The field in the HTTP request. The following are the possible values:\n\n- `http-header`\n- `http-request-method`\n- `host-header`\n- `path-pattern`\n- `query-string`\n- `source-ip`", + "title": "Field", + "type": "string" }, - "CenterFrequency": { - "$ref": "#/definitions/AWS::GroundStation::Config.Frequency", - "markdownDescription": "The center frequency of the spectrum. Valid values are between 2200 to 2300 MHz and 7750 to 8400 MHz for downlink and 2025 to 2120 MHz for uplink.", - "title": "CenterFrequency" + "HostHeaderConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.HostHeaderConfig", + "markdownDescription": "Information for a host header condition. Specify only when `Field` is `host-header` .", + "title": "HostHeaderConfig" }, - "Polarization": { - "markdownDescription": "The polarization of the spectrum. Valid values are `\"RIGHT_HAND\"` and `\"LEFT_HAND\"` . Capturing both `\"RIGHT_HAND\"` and `\"LEFT_HAND\"` polarization requires two separate configs.", - "title": "Polarization", - "type": "string" + "HttpHeaderConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.HttpHeaderConfig", + "markdownDescription": "Information for an HTTP header condition. Specify only when `Field` is `http-header` .", + "title": "HttpHeaderConfig" + }, + "HttpRequestMethodConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.HttpRequestMethodConfig", + "markdownDescription": "Information for an HTTP method condition. Specify only when `Field` is `http-request-method` .", + "title": "HttpRequestMethodConfig" + }, + "PathPatternConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.PathPatternConfig", + "markdownDescription": "Information for a path pattern condition. Specify only when `Field` is `path-pattern` .", + "title": "PathPatternConfig" + }, + "QueryStringConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.QueryStringConfig", + "markdownDescription": "Information for a query string condition. Specify only when `Field` is `query-string` .", + "title": "QueryStringConfig" + }, + "SourceIpConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.SourceIpConfig", + "markdownDescription": "Information for a source IP condition. Specify only when `Field` is `source-ip` .", + "title": "SourceIpConfig" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The condition value. Specify only when `Field` is `host-header` or `path-pattern` . Alternatively, to specify multiple host names or multiple path patterns, use `HostHeaderConfig` or `PathPatternConfig` .\n\nIf `Field` is `host-header` and you're not using `HostHeaderConfig` , you can specify a single host name (for example, my.example.com). A host name is case insensitive, can be up to 128 characters in length, and can contain any of the following characters.\n\n- A-Z, a-z, 0-9\n- - .\n- * (matches 0 or more characters)\n- ? (matches exactly 1 character)\n\nIf `Field` is `path-pattern` and you're not using `PathPatternConfig` , you can specify a single path pattern (for example, /img/*). A path pattern is case-sensitive, can be up to 128 characters in length, and can contain any of the following characters.\n\n- A-Z, a-z, 0-9\n- _ - . $ / ~ \" ' @ : +\n- & (using &)\n- * (matches 0 or more characters)\n- ? (matches exactly 1 character)", + "title": "Values", + "type": "array" } }, "type": "object" }, - "AWS::GroundStation::Config.TrackingConfig": { + "AWS::ElasticLoadBalancingV2::ListenerRule.SourceIpConfig": { "additionalProperties": false, "properties": { - "Autotrack": { - "markdownDescription": "Specifies whether or not to use autotrack. `REMOVED` specifies that program track should only be used during the contact. `PREFERRED` specifies that autotracking is preferred during the contact but fallback to program track if the signal is lost. `REQUIRED` specifies that autotracking is required during the contact and not to use program track if the signal is lost.", - "title": "Autotrack", - "type": "string" + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The source IP addresses, in CIDR format. You can use both IPv4 and IPv6 addresses. Wildcards are not supported.\n\nIf you specify multiple addresses, the condition is satisfied if the source IP address of the request matches one of the CIDR blocks. This condition is not satisfied by the addresses in the X-Forwarded-For header.", + "title": "Values", + "type": "array" } }, "type": "object" }, - "AWS::GroundStation::Config.UplinkEchoConfig": { + "AWS::ElasticLoadBalancingV2::ListenerRule.TargetGroupStickinessConfig": { "additionalProperties": false, "properties": { - "AntennaUplinkConfigArn": { - "markdownDescription": "Defines the ARN of the uplink config to echo back to a dataflow endpoint.", - "title": "AntennaUplinkConfigArn", - "type": "string" + "DurationSeconds": { + "markdownDescription": "The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days). You must specify this value when enabling target group stickiness.", + "title": "DurationSeconds", + "type": "number" }, "Enabled": { - "markdownDescription": "Whether or not uplink echo is enabled.", + "markdownDescription": "Indicates whether target group stickiness is enabled.", "title": "Enabled", "type": "boolean" } }, "type": "object" }, - "AWS::GroundStation::Config.UplinkSpectrumConfig": { + "AWS::ElasticLoadBalancingV2::ListenerRule.TargetGroupTuple": { "additionalProperties": false, "properties": { - "CenterFrequency": { - "$ref": "#/definitions/AWS::GroundStation::Config.Frequency", - "markdownDescription": "The center frequency of the spectrum. Valid values are between 2200 to 2300 MHz and 7750 to 8400 MHz for downlink and 2025 to 2120 MHz for uplink.", - "title": "CenterFrequency" - }, - "Polarization": { - "markdownDescription": "The polarization of the spectrum. Valid values are `\"RIGHT_HAND\"` and `\"LEFT_HAND\"` .", - "title": "Polarization", + "TargetGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the target group.", + "title": "TargetGroupArn", "type": "string" + }, + "Weight": { + "markdownDescription": "The weight. The range is 0 to 999.", + "title": "Weight", + "type": "number" } }, "type": "object" }, - "AWS::GroundStation::DataflowEndpointGroup": { + "AWS::ElasticLoadBalancingV2::LoadBalancer": { "additionalProperties": false, "properties": { "Condition": { @@ -112467,41 +116442,92 @@ "Properties": { "additionalProperties": false, "properties": { - "ContactPostPassDurationSeconds": { - "markdownDescription": "Amount of time, in seconds, after a contact ends that the Ground Station Dataflow Endpoint Group will be in a `POSTPASS` state. A Ground Station Dataflow Endpoint Group State Change event will be emitted when the Dataflow Endpoint Group enters and exits the `POSTPASS` state.", - "title": "ContactPostPassDurationSeconds", - "type": "number" + "EnablePrefixForIpv6SourceNat": { + "markdownDescription": "[Network Load Balancers with UDP listeners] Indicates whether to use an IPv6 prefix from each subnet for source NAT. The IP address type must be `dualstack` . The default value is `off` .", + "title": "EnablePrefixForIpv6SourceNat", + "type": "string" }, - "ContactPrePassDurationSeconds": { - "markdownDescription": "Amount of time, in seconds, before a contact starts that the Ground Station Dataflow Endpoint Group will be in a `PREPASS` state. A Ground Station Dataflow Endpoint Group State Change event will be emitted when the Dataflow Endpoint Group enters and exits the `PREPASS` state.", - "title": "ContactPrePassDurationSeconds", - "type": "number" + "EnforceSecurityGroupInboundRulesOnPrivateLinkTraffic": { + "markdownDescription": "Indicates whether to evaluate inbound security group rules for traffic sent to a Network Load Balancer through AWS PrivateLink . The default is `on` .\n\nYou can't configure this property on a Network Load Balancer unless you associated a security group with the load balancer when you created it.", + "title": "EnforceSecurityGroupInboundRulesOnPrivateLinkTraffic", + "type": "string" }, - "EndpointDetails": { + "IpAddressType": { + "markdownDescription": "The IP address type. Internal load balancers must use `ipv4` .\n\n[Application Load Balancers] The possible values are `ipv4` (IPv4 addresses), `dualstack` (IPv4 and IPv6 addresses), and `dualstack-without-public-ipv4` (public IPv6 addresses and private IPv4 and IPv6 addresses).\n\nApplication Load Balancer authentication supports IPv4 addresses only when connecting to an Identity Provider (IdP) or Amazon Cognito endpoint. Without a public IPv4 address the load balancer can't complete the authentication process, resulting in HTTP 500 errors.\n\n[Network Load Balancers and Gateway Load Balancers] The possible values are `ipv4` (IPv4 addresses) and `dualstack` (IPv4 and IPv6 addresses).", + "title": "IpAddressType", + "type": "string" + }, + "Ipv4IpamPoolId": { + "markdownDescription": "The ID of the IPv4 IPAM pool.", + "title": "Ipv4IpamPoolId", + "type": "string" + }, + "LoadBalancerAttributes": { "items": { - "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.EndpointDetails" + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::LoadBalancer.LoadBalancerAttribute" }, - "markdownDescription": "List of Endpoint Details, containing address and port for each endpoint. All dataflow endpoints within a single dataflow endpoint group must be of the same type. You cannot mix AWS Ground Station Agent endpoints with Dataflow endpoints in the same group. If your use case requires both types of endpoints, you must create separate dataflow endpoint groups for each type.", - "title": "EndpointDetails", + "markdownDescription": "The load balancer attributes. Attributes that you do not modify retain their current values.", + "title": "LoadBalancerAttributes", + "type": "array" + }, + "MinimumLoadBalancerCapacity": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::LoadBalancer.MinimumLoadBalancerCapacity", + "markdownDescription": "The minimum capacity for a load balancer.", + "title": "MinimumLoadBalancerCapacity" + }, + "Name": { + "markdownDescription": "The name of the load balancer. This name must be unique per region per account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, must not begin or end with a hyphen, and must not begin with \"internal-\".\n\nIf you don't specify a name, AWS CloudFormation generates a unique physical ID for the load balancer. If you specify a name, you cannot perform updates that require replacement of this resource, but you can perform other updates. To replace the resource, specify a new name.", + "title": "Name", + "type": "string" + }, + "Scheme": { + "markdownDescription": "The nodes of an Internet-facing load balancer have public IP addresses. The DNS name of an Internet-facing load balancer is publicly resolvable to the public IP addresses of the nodes. Therefore, Internet-facing load balancers can route requests from clients over the internet.\n\nThe nodes of an internal load balancer have only private IP addresses. The DNS name of an internal load balancer is publicly resolvable to the private IP addresses of the nodes. Therefore, internal load balancers can route requests only from clients with access to the VPC for the load balancer.\n\nThe default is an Internet-facing load balancer.\n\nYou can't specify a scheme for a Gateway Load Balancer.", + "title": "Scheme", + "type": "string" + }, + "SecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "[Application Load Balancers and Network Load Balancers] The IDs of the security groups for the load balancer.", + "title": "SecurityGroups", + "type": "array" + }, + "SubnetMappings": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::LoadBalancer.SubnetMapping" + }, + "markdownDescription": "The IDs of the subnets. You can specify only one subnet per Availability Zone. You must specify either subnets or subnet mappings, but not both.\n\n[Application Load Balancers] You must specify subnets from at least two Availability Zones. You can't specify Elastic IP addresses for your subnets.\n\n[Application Load Balancers on Outposts] You must specify one Outpost subnet.\n\n[Application Load Balancers on Local Zones] You can specify subnets from one or more Local Zones.\n\n[Network Load Balancers] You can specify subnets from one or more Availability Zones. You can specify one Elastic IP address per subnet if you need static IP addresses for your internet-facing load balancer. For internal load balancers, you can specify one private IP address per subnet from the IPv4 range of the subnet. For internet-facing load balancer, you can specify one IPv6 address per subnet.\n\n[Gateway Load Balancers] You can specify subnets from one or more Availability Zones. You can't specify Elastic IP addresses for your subnets.", + "title": "SubnetMappings", + "type": "array" + }, + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the subnets. You can specify only one subnet per Availability Zone. You must specify either subnets or subnet mappings, but not both. To specify an Elastic IP address, specify subnet mappings instead of subnets.\n\n[Application Load Balancers] You must specify subnets from at least two Availability Zones.\n\n[Application Load Balancers on Outposts] You must specify one Outpost subnet.\n\n[Application Load Balancers on Local Zones] You can specify subnets from one or more Local Zones.\n\n[Network Load Balancers and Gateway Load Balancers] You can specify subnets from one or more Availability Zones.", + "title": "Subnets", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Tags assigned to a resource.", + "markdownDescription": "The tags to assign to the load balancer.", "title": "Tags", "type": "array" + }, + "Type": { + "markdownDescription": "The type of load balancer. The default is `application` .", + "title": "Type", + "type": "string" } }, - "required": [ - "EndpointDetails" - ], "type": "object" }, "Type": { "enum": [ - "AWS::GroundStation::DataflowEndpointGroup" + "AWS::ElasticLoadBalancingV2::LoadBalancer" ], "type": "string" }, @@ -112515,192 +116541,75 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::GroundStation::DataflowEndpointGroup.AwsGroundStationAgentEndpoint": { + "AWS::ElasticLoadBalancingV2::LoadBalancer.LoadBalancerAttribute": { "additionalProperties": false, "properties": { - "AgentStatus": { - "markdownDescription": "The status of AgentEndpoint.", - "title": "AgentStatus", - "type": "string" - }, - "AuditResults": { - "markdownDescription": "The results of the audit.", - "title": "AuditResults", + "Key": { + "markdownDescription": "The name of the attribute.\n\nThe following attributes are supported by all load balancers:\n\n- `deletion_protection.enabled` - Indicates whether deletion protection is enabled. The value is `true` or `false` . The default is `false` .\n- `load_balancing.cross_zone.enabled` - Indicates whether cross-zone load balancing is enabled. The possible values are `true` and `false` . The default for Network Load Balancers and Gateway Load Balancers is `false` . The default for Application Load Balancers is `true` , and can't be changed.\n\nThe following attributes are supported by both Application Load Balancers and Network Load Balancers:\n\n- `access_logs.s3.enabled` - Indicates whether access logs are enabled. The value is `true` or `false` . The default is `false` .\n- `access_logs.s3.bucket` - The name of the S3 bucket for the access logs. This attribute is required if access logs are enabled. The bucket must exist in the same region as the load balancer and have a bucket policy that grants Elastic Load Balancing permissions to write to the bucket.\n- `access_logs.s3.prefix` - The prefix for the location in the S3 bucket for the access logs.\n- `ipv6.deny_all_igw_traffic` - Blocks internet gateway (IGW) access to the load balancer. It is set to `false` for internet-facing load balancers and `true` for internal load balancers, preventing unintended access to your internal load balancer through an internet gateway.\n- `zonal_shift.config.enabled` - Indicates whether zonal shift is enabled. The possible values are `true` and `false` . The default is `false` .\n\nThe following attributes are supported by only Application Load Balancers:\n\n- `idle_timeout.timeout_seconds` - The idle timeout value, in seconds. The valid range is 1-4000 seconds. The default is 60 seconds.\n- `client_keep_alive.seconds` - The client keep alive value, in seconds. The valid range is 60-604800 seconds. The default is 3600 seconds.\n- `connection_logs.s3.enabled` - Indicates whether connection logs are enabled. The value is `true` or `false` . The default is `false` .\n- `connection_logs.s3.bucket` - The name of the S3 bucket for the connection logs. This attribute is required if connection logs are enabled. The bucket must exist in the same region as the load balancer and have a bucket policy that grants Elastic Load Balancing permissions to write to the bucket.\n- `connection_logs.s3.prefix` - The prefix for the location in the S3 bucket for the connection logs.\n- `routing.http.desync_mitigation_mode` - Determines how the load balancer handles requests that might pose a security risk to your application. The possible values are `monitor` , `defensive` , and `strictest` . The default is `defensive` .\n- `routing.http.drop_invalid_header_fields.enabled` - Indicates whether HTTP headers with invalid header fields are removed by the load balancer ( `true` ) or routed to targets ( `false` ). The default is `false` .\n- `routing.http.preserve_host_header.enabled` - Indicates whether the Application Load Balancer should preserve the `Host` header in the HTTP request and send it to the target without any change. The possible values are `true` and `false` . The default is `false` .\n- `routing.http.x_amzn_tls_version_and_cipher_suite.enabled` - Indicates whether the two headers ( `x-amzn-tls-version` and `x-amzn-tls-cipher-suite` ), which contain information about the negotiated TLS version and cipher suite, are added to the client request before sending it to the target. The `x-amzn-tls-version` header has information about the TLS protocol version negotiated with the client, and the `x-amzn-tls-cipher-suite` header has information about the cipher suite negotiated with the client. Both headers are in OpenSSL format. The possible values for the attribute are `true` and `false` . The default is `false` .\n- `routing.http.xff_client_port.enabled` - Indicates whether the `X-Forwarded-For` header should preserve the source port that the client used to connect to the load balancer. The possible values are `true` and `false` . The default is `false` .\n- `routing.http.xff_header_processing.mode` - Enables you to modify, preserve, or remove the `X-Forwarded-For` header in the HTTP request before the Application Load Balancer sends the request to the target. The possible values are `append` , `preserve` , and `remove` . The default is `append` .\n\n- If the value is `append` , the Application Load Balancer adds the client IP address (of the last hop) to the `X-Forwarded-For` header in the HTTP request before it sends it to targets.\n- If the value is `preserve` the Application Load Balancer preserves the `X-Forwarded-For` header in the HTTP request, and sends it to targets without any change.\n- If the value is `remove` , the Application Load Balancer removes the `X-Forwarded-For` header in the HTTP request before it sends it to targets.\n- `routing.http2.enabled` - Indicates whether HTTP/2 is enabled. The possible values are `true` and `false` . The default is `true` . Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens.\n- `waf.fail_open.enabled` - Indicates whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to AWS WAF. The possible values are `true` and `false` . The default is `false` .\n\nThe following attributes are supported by only Network Load Balancers:\n\n- `dns_record.client_routing_policy` - Indicates how traffic is distributed among the load balancer Availability Zones. The possible values are `availability_zone_affinity` with 100 percent zonal affinity, `partial_availability_zone_affinity` with 85 percent zonal affinity, and `any_availability_zone` with 0 percent zonal affinity.", + "title": "Key", "type": "string" }, - "EgressAddress": { - "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.ConnectionDetails", - "markdownDescription": "The egress address of AgentEndpoint.", - "title": "EgressAddress" - }, - "IngressAddress": { - "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.RangedConnectionDetails", - "markdownDescription": "The ingress address of AgentEndpoint.", - "title": "IngressAddress" - }, - "Name": { - "markdownDescription": "Name string associated with AgentEndpoint. Used as a human-readable identifier for AgentEndpoint.", - "title": "Name", + "Value": { + "markdownDescription": "The value of the attribute.", + "title": "Value", "type": "string" } }, "type": "object" }, - "AWS::GroundStation::DataflowEndpointGroup.ConnectionDetails": { + "AWS::ElasticLoadBalancingV2::LoadBalancer.MinimumLoadBalancerCapacity": { "additionalProperties": false, "properties": { - "Mtu": { - "markdownDescription": "Maximum transmission unit (MTU) size in bytes of a dataflow endpoint.", - "title": "Mtu", + "CapacityUnits": { + "markdownDescription": "The number of capacity units.", + "title": "CapacityUnits", "type": "number" - }, - "SocketAddress": { - "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.SocketAddress", - "markdownDescription": "A socket address.", - "title": "SocketAddress" } }, + "required": [ + "CapacityUnits" + ], "type": "object" }, - "AWS::GroundStation::DataflowEndpointGroup.DataflowEndpoint": { + "AWS::ElasticLoadBalancingV2::LoadBalancer.SubnetMapping": { "additionalProperties": false, "properties": { - "Address": { - "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.SocketAddress", - "markdownDescription": "The address and port of an endpoint.", - "title": "Address" - }, - "Mtu": { - "markdownDescription": "Maximum transmission unit (MTU) size in bytes of a dataflow endpoint. Valid values are between 1400 and 1500. A default value of 1500 is used if not set.", - "title": "Mtu", - "type": "number" - }, - "Name": { - "markdownDescription": "The endpoint name.\n\nWhen listing available contacts for a satellite, Ground Station searches for a dataflow endpoint whose name matches the value specified by the dataflow endpoint config of the selected mission profile. If no matching dataflow endpoints are found then Ground Station will not display any available contacts for the satellite.", - "title": "Name", + "AllocationId": { + "markdownDescription": "[Network Load Balancers] The allocation ID of the Elastic IP address for an internet-facing load balancer.", + "title": "AllocationId", "type": "string" - } - }, - "type": "object" - }, - "AWS::GroundStation::DataflowEndpointGroup.EndpointDetails": { - "additionalProperties": false, - "properties": { - "AwsGroundStationAgentEndpoint": { - "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.AwsGroundStationAgentEndpoint", - "markdownDescription": "An agent endpoint.", - "title": "AwsGroundStationAgentEndpoint" - }, - "Endpoint": { - "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.DataflowEndpoint", - "markdownDescription": "Information about the endpoint such as name and the endpoint address.", - "title": "Endpoint" - }, - "SecurityDetails": { - "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.SecurityDetails", - "markdownDescription": "The role ARN, and IDs for security groups and subnets.", - "title": "SecurityDetails" - } - }, - "type": "object" - }, - "AWS::GroundStation::DataflowEndpointGroup.IntegerRange": { - "additionalProperties": false, - "properties": { - "Maximum": { - "markdownDescription": "A maximum value.", - "title": "Maximum", - "type": "number" - }, - "Minimum": { - "markdownDescription": "A minimum value.", - "title": "Minimum", - "type": "number" - } - }, - "type": "object" - }, - "AWS::GroundStation::DataflowEndpointGroup.RangedConnectionDetails": { - "additionalProperties": false, - "properties": { - "Mtu": { - "markdownDescription": "Maximum transmission unit (MTU) size in bytes of a dataflow endpoint.", - "title": "Mtu", - "type": "number" }, - "SocketAddress": { - "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.RangedSocketAddress", - "markdownDescription": "A ranged socket address.", - "title": "SocketAddress" - } - }, - "type": "object" - }, - "AWS::GroundStation::DataflowEndpointGroup.RangedSocketAddress": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "IPv4 socket address.", - "title": "Name", + "IPv6Address": { + "markdownDescription": "[Network Load Balancers] The IPv6 address.", + "title": "IPv6Address", "type": "string" }, - "PortRange": { - "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.IntegerRange", - "markdownDescription": "Port range of a socket address.", - "title": "PortRange" - } - }, - "type": "object" - }, - "AWS::GroundStation::DataflowEndpointGroup.SecurityDetails": { - "additionalProperties": false, - "properties": { - "RoleArn": { - "markdownDescription": "The ARN of a role which Ground Station has permission to assume, such as `arn:aws:iam::1234567890:role/DataDeliveryServiceRole` .\n\nGround Station will assume this role and create an ENI in your VPC on the specified subnet upon creation of a dataflow endpoint group. This ENI is used as the ingress/egress point for data streamed during a satellite contact.", - "title": "RoleArn", + "PrivateIPv4Address": { + "markdownDescription": "[Network Load Balancers] The private IPv4 address for an internal load balancer.", + "title": "PrivateIPv4Address", "type": "string" }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The security group Ids of the security role, such as `sg-1234567890abcdef0` .", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The subnet Ids of the security details, such as `subnet-12345678` .", - "title": "SubnetIds", - "type": "array" - } - }, - "type": "object" - }, - "AWS::GroundStation::DataflowEndpointGroup.SocketAddress": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the endpoint, such as `Endpoint 1` .", - "title": "Name", + "SourceNatIpv6Prefix": { + "markdownDescription": "[Network Load Balancers with UDP listeners] The IPv6 prefix to use for source NAT. Specify an IPv6 prefix (/80 netmask) from the subnet CIDR block or `auto_assigned` to use an IPv6 prefix selected at random from the subnet CIDR block.", + "title": "SourceNatIpv6Prefix", "type": "string" }, - "Port": { - "markdownDescription": "The port of the endpoint, such as `55888` .", - "title": "Port", - "type": "number" + "SubnetId": { + "markdownDescription": "The ID of the subnet.", + "title": "SubnetId", + "type": "string" } }, + "required": [ + "SubnetId" + ], "type": "object" }, - "AWS::GroundStation::MissionProfile": { + "AWS::ElasticLoadBalancingV2::TargetGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -112735,69 +116644,116 @@ "Properties": { "additionalProperties": false, "properties": { - "ContactPostPassDurationSeconds": { - "markdownDescription": "Amount of time in seconds after a contact ends that you\u2019d like to receive a Ground Station Contact State Change indicating the pass has finished.", - "title": "ContactPostPassDurationSeconds", - "type": "number" + "HealthCheckEnabled": { + "markdownDescription": "Indicates whether health checks are enabled. If the target type is `lambda` , health checks are disabled by default but can be enabled. If the target type is `instance` , `ip` , or `alb` , health checks are always enabled and can't be disabled.", + "title": "HealthCheckEnabled", + "type": "boolean" }, - "ContactPrePassDurationSeconds": { - "markdownDescription": "Amount of time in seconds prior to contact start that you'd like to receive a Ground Station Contact State Change Event indicating an upcoming pass.", - "title": "ContactPrePassDurationSeconds", + "HealthCheckIntervalSeconds": { + "markdownDescription": "The approximate amount of time, in seconds, between health checks of an individual target. The range is 5-300. If the target group protocol is TCP, TLS, UDP, TCP_UDP, HTTP or HTTPS, the default is 30 seconds. If the target group protocol is GENEVE, the default is 10 seconds. If the target type is `lambda` , the default is 35 seconds.", + "title": "HealthCheckIntervalSeconds", "type": "number" }, - "DataflowEdges": { - "items": { - "$ref": "#/definitions/AWS::GroundStation::MissionProfile.DataflowEdge" - }, - "markdownDescription": "A list containing lists of config ARNs. Each list of config ARNs is an edge, with a \"from\" config and a \"to\" config.", - "title": "DataflowEdges", - "type": "array" + "HealthCheckPath": { + "markdownDescription": "[HTTP/HTTPS health checks] The destination for health checks on the targets.\n\n[HTTP1 or HTTP2 protocol version] The ping path. The default is /.\n\n[GRPC protocol version] The path of a custom health check method with the format /package.service/method. The default is / AWS .ALB/healthcheck.", + "title": "HealthCheckPath", + "type": "string" }, - "MinimumViableContactDurationSeconds": { - "markdownDescription": "Minimum length of a contact in seconds that Ground Station will return when listing contacts. Ground Station will not return contacts shorter than this duration.", - "title": "MinimumViableContactDurationSeconds", + "HealthCheckPort": { + "markdownDescription": "The port the load balancer uses when performing health checks on targets. If the protocol is HTTP, HTTPS, TCP, TLS, UDP, or TCP_UDP, the default is `traffic-port` , which is the port on which each target receives traffic from the load balancer. If the protocol is GENEVE, the default is port 80.", + "title": "HealthCheckPort", + "type": "string" + }, + "HealthCheckProtocol": { + "markdownDescription": "The protocol the load balancer uses when performing health checks on targets. For Application Load Balancers, the default is HTTP. For Network Load Balancers and Gateway Load Balancers, the default is TCP. The TCP protocol is not supported for health checks if the protocol of the target group is HTTP or HTTPS. The GENEVE, TLS, UDP, and TCP_UDP protocols are not supported for health checks.", + "title": "HealthCheckProtocol", + "type": "string" + }, + "HealthCheckTimeoutSeconds": { + "markdownDescription": "The amount of time, in seconds, during which no response from a target means a failed health check. The range is 2\u2013120 seconds. For target groups with a protocol of HTTP, the default is 6 seconds. For target groups with a protocol of TCP, TLS or HTTPS, the default is 10 seconds. For target groups with a protocol of GENEVE, the default is 5 seconds. If the target type is `lambda` , the default is 30 seconds.", + "title": "HealthCheckTimeoutSeconds", + "type": "number" + }, + "HealthyThresholdCount": { + "markdownDescription": "The number of consecutive health check successes required before considering a target healthy. The range is 2-10. If the target group protocol is TCP, TCP_UDP, UDP, TLS, HTTP or HTTPS, the default is 5. For target groups with a protocol of GENEVE, the default is 5. If the target type is `lambda` , the default is 5.", + "title": "HealthyThresholdCount", "type": "number" }, + "IpAddressType": { + "markdownDescription": "The IP address type. The default value is `ipv4` .", + "title": "IpAddressType", + "type": "string" + }, + "Matcher": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::TargetGroup.Matcher", + "markdownDescription": "[HTTP/HTTPS health checks] The HTTP or gRPC codes to use when checking for a successful response from a target. For target groups with a protocol of TCP, TCP_UDP, UDP or TLS the range is 200-599. For target groups with a protocol of HTTP or HTTPS, the range is 200-499. For target groups with a protocol of GENEVE, the range is 200-399.", + "title": "Matcher" + }, "Name": { - "markdownDescription": "The name of the mission profile.", + "markdownDescription": "The name of the target group.\n\nThis name must be unique per region per account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen.", "title": "Name", "type": "string" }, - "StreamsKmsKey": { - "$ref": "#/definitions/AWS::GroundStation::MissionProfile.StreamsKmsKey", - "markdownDescription": "KMS key to use for encrypting streams.", - "title": "StreamsKmsKey" + "Port": { + "markdownDescription": "The port on which the targets receive traffic. This port is used unless you specify a port override when registering the target. If the target is a Lambda function, this parameter does not apply. If the protocol is GENEVE, the supported port is 6081.", + "title": "Port", + "type": "number" }, - "StreamsKmsRole": { - "markdownDescription": "Role to use for encrypting streams with KMS key.", - "title": "StreamsKmsRole", + "Protocol": { + "markdownDescription": "The protocol to use for routing traffic to the targets. For Application Load Balancers, the supported protocols are HTTP and HTTPS. For Network Load Balancers, the supported protocols are TCP, TLS, UDP, or TCP_UDP. For Gateway Load Balancers, the supported protocol is GENEVE. A TCP_UDP listener must be associated with a TCP_UDP target group. If the target is a Lambda function, this parameter does not apply.", + "title": "Protocol", + "type": "string" + }, + "ProtocolVersion": { + "markdownDescription": "[HTTP/HTTPS protocol] The protocol version. The possible values are `GRPC` , `HTTP1` , and `HTTP2` .", + "title": "ProtocolVersion", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Tags assigned to the mission profile.", + "markdownDescription": "The tags.", "title": "Tags", "type": "array" }, - "TrackingConfigArn": { - "markdownDescription": "The ARN of a tracking config objects that defines how to track the satellite through the sky during a contact.", - "title": "TrackingConfigArn", + "TargetGroupAttributes": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::TargetGroup.TargetGroupAttribute" + }, + "markdownDescription": "The target group attributes. Attributes that you do not modify retain their current values.", + "title": "TargetGroupAttributes", + "type": "array" + }, + "TargetType": { + "markdownDescription": "The type of target that you must specify when registering targets with this target group. You can't specify targets for a target group using more than one target type.\n\n- `instance` - Register targets by instance ID. This is the default value.\n- `ip` - Register targets by IP address. You can specify IP addresses from the subnets of the virtual private cloud (VPC) for the target group, the RFC 1918 range (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16), and the RFC 6598 range (100.64.0.0/10). You can't specify publicly routable IP addresses.\n- `lambda` - Register a single Lambda function as a target.\n- `alb` - Register a single Application Load Balancer as a target.", + "title": "TargetType", + "type": "string" + }, + "Targets": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::TargetGroup.TargetDescription" + }, + "markdownDescription": "The targets.", + "title": "Targets", + "type": "array" + }, + "UnhealthyThresholdCount": { + "markdownDescription": "The number of consecutive health check failures required before considering a target unhealthy. The range is 2-10. If the target group protocol is TCP, TCP_UDP, UDP, TLS, HTTP or HTTPS, the default is 2. For target groups with a protocol of GENEVE, the default is 2. If the target type is `lambda` , the default is 5.", + "title": "UnhealthyThresholdCount", + "type": "number" + }, + "VpcId": { + "markdownDescription": "The identifier of the virtual private cloud (VPC). If the target is a Lambda function, this parameter does not apply. Otherwise, this parameter is required.", + "title": "VpcId", "type": "string" } }, - "required": [ - "DataflowEdges", - "MinimumViableContactDurationSeconds", - "Name", - "TrackingConfigArn" - ], "type": "object" }, "Type": { "enum": [ - "AWS::GroundStation::MissionProfile" + "AWS::ElasticLoadBalancingV2::TargetGroup" ], "type": "string" }, @@ -112811,44 +116767,67 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::GroundStation::MissionProfile.DataflowEdge": { + "AWS::ElasticLoadBalancingV2::TargetGroup.Matcher": { "additionalProperties": false, "properties": { - "Destination": { - "markdownDescription": "The ARN of the destination for this dataflow edge. For example, specify the ARN of a dataflow endpoint config for a downlink edge or an antenna uplink config for an uplink edge.", - "title": "Destination", + "GrpcCode": { + "markdownDescription": "You can specify values between 0 and 99. You can specify multiple values (for example, \"0,1\") or a range of values (for example, \"0-5\"). The default value is 12.", + "title": "GrpcCode", "type": "string" }, - "Source": { - "markdownDescription": "The ARN of the source for this dataflow edge. For example, specify the ARN of an antenna downlink config for a downlink edge or a dataflow endpoint config for an uplink edge.", - "title": "Source", + "HttpCode": { + "markdownDescription": "For Application Load Balancers, you can specify values between 200 and 499, with the default value being 200. You can specify multiple values (for example, \"200,202\") or a range of values (for example, \"200-299\").\n\nFor Network Load Balancers, you can specify values between 200 and 599, with the default value being 200-399. You can specify multiple values (for example, \"200,202\") or a range of values (for example, \"200-299\").\n\nFor Gateway Load Balancers, this must be \"200\u2013399\".\n\nNote that when using shorthand syntax, some values such as commas need to be escaped.", + "title": "HttpCode", "type": "string" } }, "type": "object" }, - "AWS::GroundStation::MissionProfile.StreamsKmsKey": { + "AWS::ElasticLoadBalancingV2::TargetGroup.TargetDescription": { "additionalProperties": false, "properties": { - "KmsAliasArn": { - "markdownDescription": "KMS Alias Arn.", - "title": "KmsAliasArn", + "AvailabilityZone": { + "markdownDescription": "An Availability Zone or `all` . This determines whether the target receives traffic from the load balancer nodes in the specified Availability Zone or from all enabled Availability Zones for the load balancer.\n\nFor Application Load Balancer target groups, the specified Availability Zone value is only applicable when cross-zone load balancing is off. Otherwise the parameter is ignored and treated as `all` .\n\nThis parameter is not supported if the target type of the target group is `instance` or `alb` .\n\nIf the target type is `ip` and the IP address is in a subnet of the VPC for the target group, the Availability Zone is automatically detected and this parameter is optional. If the IP address is outside the VPC, this parameter is required.\n\nFor Application Load Balancer target groups with cross-zone load balancing off, if the target type is `ip` and the IP address is outside of the VPC for the target group, this should be an Availability Zone inside the VPC for the target group.\n\nIf the target type is `lambda` , this parameter is optional and the only supported value is `all` .", + "title": "AvailabilityZone", "type": "string" }, - "KmsKeyArn": { - "markdownDescription": "KMS Key Arn.", - "title": "KmsKeyArn", + "Id": { + "markdownDescription": "The ID of the target. If the target type of the target group is `instance` , specify an instance ID. If the target type is `ip` , specify an IP address. If the target type is `lambda` , specify the ARN of the Lambda function. If the target type is `alb` , specify the ARN of the Application Load Balancer target.", + "title": "Id", + "type": "string" + }, + "Port": { + "markdownDescription": "The port on which the target is listening. If the target group protocol is GENEVE, the supported port is 6081. If the target type is `alb` , the targeted Application Load Balancer must have at least one listener whose port matches the target group port. This parameter is not used if the target is a Lambda function.", + "title": "Port", + "type": "number" + } + }, + "required": [ + "Id" + ], + "type": "object" + }, + "AWS::ElasticLoadBalancingV2::TargetGroup.TargetGroupAttribute": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The name of the attribute.\n\nThe following attributes are supported by all load balancers:\n\n- `deregistration_delay.timeout_seconds` - The amount of time, in seconds, for Elastic Load Balancing to wait before changing the state of a deregistering target from `draining` to `unused` . The range is 0-3600 seconds. The default value is 300 seconds. If the target is a Lambda function, this attribute is not supported.\n- `stickiness.enabled` - Indicates whether target stickiness is enabled. The value is `true` or `false` . The default is `false` .\n- `stickiness.type` - Indicates the type of stickiness. The possible values are:\n\n- `lb_cookie` and `app_cookie` for Application Load Balancers.\n- `source_ip` for Network Load Balancers.\n- `source_ip_dest_ip` and `source_ip_dest_ip_proto` for Gateway Load Balancers.\n\nThe following attributes are supported by Application Load Balancers and Network Load Balancers:\n\n- `load_balancing.cross_zone.enabled` - Indicates whether cross zone load balancing is enabled. The value is `true` , `false` or `use_load_balancer_configuration` . The default is `use_load_balancer_configuration` .\n- `target_group_health.dns_failover.minimum_healthy_targets.count` - The minimum number of targets that must be healthy. If the number of healthy targets is below this value, mark the zone as unhealthy in DNS, so that traffic is routed only to healthy zones. The possible values are `off` or an integer from 1 to the maximum number of targets. The default is 1.\n- `target_group_health.dns_failover.minimum_healthy_targets.percentage` - The minimum percentage of targets that must be healthy. If the percentage of healthy targets is below this value, mark the zone as unhealthy in DNS, so that traffic is routed only to healthy zones. The possible values are `off` or an integer from 1 to 100. The default is `off` .\n- `target_group_health.unhealthy_state_routing.minimum_healthy_targets.count` - The minimum number of targets that must be healthy. If the number of healthy targets is below this value, send traffic to all targets, including unhealthy targets. The possible values are 1 to the maximum number of targets. The default is 1.\n- `target_group_health.unhealthy_state_routing.minimum_healthy_targets.percentage` - The minimum percentage of targets that must be healthy. If the percentage of healthy targets is below this value, send traffic to all targets, including unhealthy targets. The possible values are `off` or an integer from 1 to 100. The default is `off` .\n\nThe following attributes are supported only if the load balancer is an Application Load Balancer and the target is an instance or an IP address:\n\n- `load_balancing.algorithm.type` - The load balancing algorithm determines how the load balancer selects targets when routing requests. The value is `round_robin` , `least_outstanding_requests` , or `weighted_random` . The default is `round_robin` .\n- `load_balancing.algorithm.anomaly_mitigation` - Only available when `load_balancing.algorithm.type` is `weighted_random` . Indicates whether anomaly mitigation is enabled. The value is `on` or `off` . The default is `off` .\n- `slow_start.duration_seconds` - The time period, in seconds, during which a newly registered target receives an increasing share of the traffic to the target group. After this time period ends, the target receives its full share of traffic. The range is 30-900 seconds (15 minutes). The default is 0 seconds (disabled).\n- `stickiness.app_cookie.cookie_name` - Indicates the name of the application-based cookie. Names that start with the following prefixes are not allowed: `AWSALB` , `AWSALBAPP` , and `AWSALBTG` ; they're reserved for use by the load balancer.\n- `stickiness.app_cookie.duration_seconds` - The time period, in seconds, during which requests from a client should be routed to the same target. After this time period expires, the application-based cookie is considered stale. The range is 1 second to 1 week (604800 seconds). The default value is 1 day (86400 seconds).\n- `stickiness.lb_cookie.duration_seconds` - The time period, in seconds, during which requests from a client should be routed to the same target. After this time period expires, the load balancer-generated cookie is considered stale. The range is 1 second to 1 week (604800 seconds). The default value is 1 day (86400 seconds).\n\nThe following attribute is supported only if the load balancer is an Application Load Balancer and the target is a Lambda function:\n\n- `lambda.multi_value_headers.enabled` - Indicates whether the request and response headers that are exchanged between the load balancer and the Lambda function include arrays of values or strings. The value is `true` or `false` . The default is `false` . If the value is `false` and the request contains a duplicate header field name or query parameter key, the load balancer uses the last value sent by the client.\n\nThe following attributes are supported only by Network Load Balancers:\n\n- `deregistration_delay.connection_termination.enabled` - Indicates whether the load balancer terminates connections at the end of the deregistration timeout. The value is `true` or `false` . For new UDP/TCP_UDP target groups the default is `true` . Otherwise, the default is `false` .\n- `preserve_client_ip.enabled` - Indicates whether client IP preservation is enabled. The value is `true` or `false` . The default is disabled if the target group type is IP address and the target group protocol is TCP or TLS. Otherwise, the default is enabled. Client IP preservation can't be disabled for UDP and TCP_UDP target groups.\n- `proxy_protocol_v2.enabled` - Indicates whether Proxy Protocol version 2 is enabled. The value is `true` or `false` . The default is `false` .\n- `target_health_state.unhealthy.connection_termination.enabled` - Indicates whether the load balancer terminates connections to unhealthy targets. The value is `true` or `false` . The default is `true` . This attribute can't be enabled for UDP and TCP_UDP target groups.\n- `target_health_state.unhealthy.draining_interval_seconds` - The amount of time for Elastic Load Balancing to wait before changing the state of an unhealthy target from `unhealthy.draining` to `unhealthy` . The range is 0-360000 seconds. The default value is 0 seconds.\n\nNote: This attribute can only be configured when `target_health_state.unhealthy.connection_termination.enabled` is `false` .\n\nThe following attributes are supported only by Gateway Load Balancers:\n\n- `target_failover.on_deregistration` - Indicates how the Gateway Load Balancer handles existing flows when a target is deregistered. The possible values are `rebalance` and `no_rebalance` . The default is `no_rebalance` . The two attributes ( `target_failover.on_deregistration` and `target_failover.on_unhealthy` ) can't be set independently. The value you set for both attributes must be the same.\n- `target_failover.on_unhealthy` - Indicates how the Gateway Load Balancer handles existing flows when a target is unhealthy. The possible values are `rebalance` and `no_rebalance` . The default is `no_rebalance` . The two attributes ( `target_failover.on_deregistration` and `target_failover.on_unhealthy` ) can't be set independently. The value you set for both attributes must be the same.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the attribute.", + "title": "Value", "type": "string" } }, "type": "object" }, - "AWS::GuardDuty::Detector": { + "AWS::ElasticLoadBalancingV2::TrustStore": { "additionalProperties": false, "properties": { "Condition": { @@ -112883,46 +116862,40 @@ "Properties": { "additionalProperties": false, "properties": { - "DataSources": { - "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNDataSourceConfigurations", - "markdownDescription": "Describes which data sources will be enabled for the detector.", - "title": "DataSources" + "CaCertificatesBundleS3Bucket": { + "markdownDescription": "The Amazon S3 bucket for the ca certificates bundle.", + "title": "CaCertificatesBundleS3Bucket", + "type": "string" }, - "Enable": { - "markdownDescription": "Specifies whether the detector is to be enabled on creation.", - "title": "Enable", - "type": "boolean" + "CaCertificatesBundleS3Key": { + "markdownDescription": "The Amazon S3 path for the ca certificates bundle.", + "title": "CaCertificatesBundleS3Key", + "type": "string" }, - "Features": { - "items": { - "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNFeatureConfiguration" - }, - "markdownDescription": "A list of features that will be configured for the detector.", - "title": "Features", - "type": "array" + "CaCertificatesBundleS3ObjectVersion": { + "markdownDescription": "The Amazon S3 object version for the ca certificates bundle. If undefined the current version is used.", + "title": "CaCertificatesBundleS3ObjectVersion", + "type": "string" }, - "FindingPublishingFrequency": { - "markdownDescription": "Specifies how frequently updated findings are exported.", - "title": "FindingPublishingFrequency", + "Name": { + "markdownDescription": "The name of the trust store.", + "title": "Name", "type": "string" }, "Tags": { "items": { - "$ref": "#/definitions/AWS::GuardDuty::Detector.TagItem" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "Specifies tags added to a new detector resource. Each tag consists of a key and an optional value, both of which you define.\n\nCurrently, support is available only for creating and deleting a tag. No support exists for updating the tags.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "The tags to assign to the trust store.", "title": "Tags", "type": "array" } }, - "required": [ - "Enable" - ], "type": "object" }, "Type": { "enum": [ - "AWS::GuardDuty::Detector" + "AWS::ElasticLoadBalancingV2::TrustStore" ], "type": "string" }, @@ -112936,161 +116909,134 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::GuardDuty::Detector.CFNDataSourceConfigurations": { + "AWS::ElasticLoadBalancingV2::TrustStoreRevocation": { "additionalProperties": false, "properties": { - "Kubernetes": { - "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNKubernetesConfiguration", - "markdownDescription": "Describes which Kubernetes data sources are enabled for a detector.", - "title": "Kubernetes" - }, - "MalwareProtection": { - "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNMalwareProtectionConfiguration", - "markdownDescription": "Describes whether Malware Protection will be enabled as a data source.", - "title": "MalwareProtection" + "Condition": { + "type": "string" }, - "S3Logs": { - "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNS3LogsConfiguration", - "markdownDescription": "Describes whether S3 data event logs are enabled as a data source.", - "title": "S3Logs" - } - }, - "type": "object" - }, - "AWS::GuardDuty::Detector.CFNFeatureAdditionalConfiguration": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "Name of the additional configuration.", - "title": "Name", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Status": { - "markdownDescription": "Status of the additional configuration.", - "title": "Status", - "type": "string" - } - }, - "type": "object" - }, - "AWS::GuardDuty::Detector.CFNFeatureConfiguration": { - "additionalProperties": false, - "properties": { - "AdditionalConfiguration": { - "items": { - "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNFeatureAdditionalConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "RevocationContents": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::TrustStoreRevocation.RevocationContent" + }, + "markdownDescription": "The revocation file to add.", + "title": "RevocationContents", + "type": "array" + }, + "TrustStoreArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the trust store.", + "title": "TrustStoreArn", + "type": "string" + } }, - "markdownDescription": "Information about the additional configuration of a feature in your account.", - "title": "AdditionalConfiguration", - "type": "array" + "type": "object" }, - "Name": { - "markdownDescription": "Name of the feature. For a list of allowed values, see [DetectorFeatureConfiguration](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DetectorFeatureConfiguration.html#guardduty-Type-DetectorFeatureConfiguration-name) in the *GuardDuty API Reference* .", - "title": "Name", + "Type": { + "enum": [ + "AWS::ElasticLoadBalancingV2::TrustStoreRevocation" + ], "type": "string" }, - "Status": { - "markdownDescription": "Status of the feature configuration.", - "title": "Status", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Name", - "Status" - ], - "type": "object" - }, - "AWS::GuardDuty::Detector.CFNKubernetesAuditLogsConfiguration": { - "additionalProperties": false, - "properties": { - "Enable": { - "markdownDescription": "Describes whether Kubernetes audit logs are enabled as a data source for the detector.", - "title": "Enable", - "type": "boolean" - } - }, - "required": [ - "Enable" - ], - "type": "object" - }, - "AWS::GuardDuty::Detector.CFNKubernetesConfiguration": { - "additionalProperties": false, - "properties": { - "AuditLogs": { - "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNKubernetesAuditLogsConfiguration", - "markdownDescription": "Describes whether Kubernetes audit logs are enabled as a data source for the detector.", - "title": "AuditLogs" - } - }, - "required": [ - "AuditLogs" - ], - "type": "object" - }, - "AWS::GuardDuty::Detector.CFNMalwareProtectionConfiguration": { - "additionalProperties": false, - "properties": { - "ScanEc2InstanceWithFindings": { - "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNScanEc2InstanceWithFindingsConfiguration", - "markdownDescription": "Describes the configuration of Malware Protection for EC2 instances with findings.", - "title": "ScanEc2InstanceWithFindings" - } - }, - "type": "object" - }, - "AWS::GuardDuty::Detector.CFNS3LogsConfiguration": { - "additionalProperties": false, - "properties": { - "Enable": { - "markdownDescription": "The status of S3 data event logs as a data source.", - "title": "Enable", - "type": "boolean" - } - }, - "required": [ - "Enable" + "Type" ], "type": "object" }, - "AWS::GuardDuty::Detector.CFNScanEc2InstanceWithFindingsConfiguration": { + "AWS::ElasticLoadBalancingV2::TrustStoreRevocation.RevocationContent": { "additionalProperties": false, "properties": { - "EbsVolumes": { - "markdownDescription": "Describes the configuration for scanning EBS volumes as data source.", - "title": "EbsVolumes", - "type": "boolean" + "RevocationType": { + "markdownDescription": "The type of revocation file.", + "title": "RevocationType", + "type": "string" + }, + "S3Bucket": { + "markdownDescription": "The Amazon S3 bucket for the revocation file.", + "title": "S3Bucket", + "type": "string" + }, + "S3Key": { + "markdownDescription": "The Amazon S3 path for the revocation file.", + "title": "S3Key", + "type": "string" + }, + "S3ObjectVersion": { + "markdownDescription": "The Amazon S3 object version of the revocation file.", + "title": "S3ObjectVersion", + "type": "string" } }, "type": "object" }, - "AWS::GuardDuty::Detector.TagItem": { + "AWS::ElasticLoadBalancingV2::TrustStoreRevocation.TrustStoreRevocation": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The tag key.", - "title": "Key", + "NumberOfRevokedEntries": { + "markdownDescription": "The number of revoked certificates.", + "title": "NumberOfRevokedEntries", + "type": "number" + }, + "RevocationId": { + "markdownDescription": "The revocation ID of the revocation file.", + "title": "RevocationId", "type": "string" }, - "Value": { - "markdownDescription": "The tag value.", - "title": "Value", + "RevocationType": { + "markdownDescription": "The type of revocation file.", + "title": "RevocationType", + "type": "string" + }, + "TrustStoreArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the trust store.", + "title": "TrustStoreArn", "type": "string" } }, - "required": [ - "Key", - "Value" - ], "type": "object" }, - "AWS::GuardDuty::Filter": { + "AWS::Elasticsearch::Domain": { "additionalProperties": false, "properties": { "Condition": { @@ -113125,53 +117071,102 @@ "Properties": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "Specifies the action that is to be applied to the findings that match the filter.", - "title": "Action", - "type": "string" + "AccessPolicies": { + "markdownDescription": "An AWS Identity and Access Management ( IAM ) policy document that specifies who can access the OpenSearch Service domain and their permissions. For more information, see [Configuring access policies](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ac.html#ac-creating) in the *Amazon OpenSearch Service Developer Guid* e.", + "title": "AccessPolicies", + "type": "object" }, - "Description": { - "markdownDescription": "The description of the filter. Valid characters include alphanumeric characters, and special characters such as hyphen, period, colon, underscore, parentheses ( `{ }` , `[ ]` , and `( )` ), forward slash, horizontal tab, vertical tab, newline, form feed, return, and whitespace.", - "title": "Description", - "type": "string" + "AdvancedOptions": { + "additionalProperties": true, + "markdownDescription": "Additional options to specify for the OpenSearch Service domain. For more information, see [Advanced cluster parameters](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/createupdatedomains.html#createdomain-configure-advanced-options) in the *Amazon OpenSearch Service Developer Guide* .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AdvancedOptions", + "type": "object" }, - "DetectorId": { - "markdownDescription": "The detector ID associated with the GuardDuty account for which you want to create a filter.\n\nTo find the `detectorId` in the current Region, see the\nSettings page in the GuardDuty console, or run the [ListDetectors](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListDetectors.html) API.", - "title": "DetectorId", + "AdvancedSecurityOptions": { + "$ref": "#/definitions/AWS::Elasticsearch::Domain.AdvancedSecurityOptionsInput", + "markdownDescription": "Specifies options for fine-grained access control.", + "title": "AdvancedSecurityOptions" + }, + "CognitoOptions": { + "$ref": "#/definitions/AWS::Elasticsearch::Domain.CognitoOptions", + "markdownDescription": "Configures OpenSearch Service to use Amazon Cognito authentication for OpenSearch Dashboards.", + "title": "CognitoOptions" + }, + "DomainEndpointOptions": { + "$ref": "#/definitions/AWS::Elasticsearch::Domain.DomainEndpointOptions", + "markdownDescription": "Specifies additional options for the domain endpoint, such as whether to require HTTPS for all traffic or whether to use a custom endpoint rather than the default endpoint.", + "title": "DomainEndpointOptions" + }, + "DomainName": { + "markdownDescription": "A name for the OpenSearch Service domain. For valid values, see the [DomainName](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-datatypes-domainname) data type in the *Amazon OpenSearch Service Developer Guide* . If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the domain name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "DomainName", "type": "string" }, - "FindingCriteria": { - "$ref": "#/definitions/AWS::GuardDuty::Filter.FindingCriteria", - "markdownDescription": "Represents the criteria to be used in the filter for querying findings.", - "title": "FindingCriteria" + "EBSOptions": { + "$ref": "#/definitions/AWS::Elasticsearch::Domain.EBSOptions", + "markdownDescription": "The configurations of Amazon Elastic Block Store (Amazon EBS) volumes that are attached to data nodes in the OpenSearch Service domain. For more information, see [EBS volume size limits](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/limits.html#ebsresource) in the *Amazon OpenSearch Service Developer Guide* .", + "title": "EBSOptions" }, - "Name": { - "markdownDescription": "The name of the filter. Valid characters include period (.), underscore (_), dash (-), and alphanumeric characters. A whitespace is considered to be an invalid character.", - "title": "Name", + "ElasticsearchClusterConfig": { + "$ref": "#/definitions/AWS::Elasticsearch::Domain.ElasticsearchClusterConfig", + "markdownDescription": "ElasticsearchClusterConfig is a property of the AWS::Elasticsearch::Domain resource that configures the cluster of an Amazon OpenSearch Service domain.", + "title": "ElasticsearchClusterConfig" + }, + "ElasticsearchVersion": { + "markdownDescription": "The version of Elasticsearch to use, such as 2.3. If not specified, 1.5 is used as the default. For information about the versions that OpenSearch Service supports, see [Supported versions of OpenSearch and Elasticsearch](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/what-is.html#choosing-version) in the *Amazon OpenSearch Service Developer Guide* .\n\nIf you set the [EnableVersionUpgrade](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-upgradeopensearchdomain) update policy to `true` , you can update `ElasticsearchVersion` without interruption. When `EnableVersionUpgrade` is set to `false` , or is not specified, updating `ElasticsearchVersion` results in [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", + "title": "ElasticsearchVersion", "type": "string" }, - "Rank": { - "markdownDescription": "Specifies the position of the filter in the list of current filters. Also specifies the order in which this filter is applied to the findings. The minimum value for this property is 1 and the maximum is 100.\n\nBy default, filters may not be created in the same order as they are ranked. To ensure that the filters are created in the expected order, you can use an optional attribute, [DependsOn](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) , with the following syntax: `\"DependsOn\":[ \"ObjectName\" ]` .", - "title": "Rank", - "type": "number" + "EncryptionAtRestOptions": { + "$ref": "#/definitions/AWS::Elasticsearch::Domain.EncryptionAtRestOptions", + "markdownDescription": "Whether the domain should encrypt data at rest, and if so, the AWS Key Management Service key to use. See [Encryption of data at rest for Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/encryption-at-rest.html) .", + "title": "EncryptionAtRestOptions" + }, + "LogPublishingOptions": { + "additionalProperties": false, + "markdownDescription": "An object with one or more of the following keys: `SEARCH_SLOW_LOGS` , `ES_APPLICATION_LOGS` , `INDEX_SLOW_LOGS` , `AUDIT_LOGS` , depending on the types of logs you want to publish. Each key needs a valid `LogPublishingOption` value.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::Elasticsearch::Domain.LogPublishingOption" + } + }, + "title": "LogPublishingOptions", + "type": "object" + }, + "NodeToNodeEncryptionOptions": { + "$ref": "#/definitions/AWS::Elasticsearch::Domain.NodeToNodeEncryptionOptions", + "markdownDescription": "Specifies whether node-to-node encryption is enabled. See [Node-to-node encryption for Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ntn.html) .", + "title": "NodeToNodeEncryptionOptions" + }, + "SnapshotOptions": { + "$ref": "#/definitions/AWS::Elasticsearch::Domain.SnapshotOptions", + "markdownDescription": "*DEPRECATED* . The automated snapshot configuration for the OpenSearch Service domain indices.", + "title": "SnapshotOptions" }, "Tags": { "items": { - "$ref": "#/definitions/AWS::GuardDuty::Filter.TagItem" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to be added to a new filter resource. Each tag consists of a key and an optional value, both of which you define.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "An arbitrary set of tags (key\u2013value pairs) to associate with the OpenSearch Service domain.", "title": "Tags", "type": "array" + }, + "VPCOptions": { + "$ref": "#/definitions/AWS::Elasticsearch::Domain.VPCOptions", + "markdownDescription": "The virtual private cloud (VPC) configuration for the OpenSearch Service domain. For more information, see [Launching your Amazon OpenSearch Service domains within a VPC](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/vpc.html) in the *Amazon OpenSearch Service Developer Guide* .", + "title": "VPCOptions" } }, - "required": [ - "FindingCriteria" - ], "type": "object" }, "Type": { "enum": [ - "AWS::GuardDuty::Filter" + "AWS::Elasticsearch::Domain" ], "type": "string" }, @@ -113185,127 +117180,300 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::GuardDuty::Filter.Condition": { + "AWS::Elasticsearch::Domain.AdvancedSecurityOptionsInput": { "additionalProperties": false, "properties": { - "Eq": { - "items": { - "type": "string" - }, - "markdownDescription": "Represents the equal condition to apply to a single field when querying for findings.", - "title": "Eq", - "type": "array" + "AnonymousAuthEnabled": { + "markdownDescription": "", + "title": "AnonymousAuthEnabled", + "type": "boolean" }, - "Equals": { - "items": { - "type": "string" - }, - "markdownDescription": "Represents an *equal* ** condition to be applied to a single field when querying for findings.", - "title": "Equals", - "type": "array" + "Enabled": { + "markdownDescription": "True to enable fine-grained access control. You must also enable encryption of data at rest and node-to-node encryption.", + "title": "Enabled", + "type": "boolean" }, - "GreaterThan": { - "markdownDescription": "Represents a *greater than* condition to be applied to a single field when querying for findings.", - "title": "GreaterThan", - "type": "number" + "InternalUserDatabaseEnabled": { + "markdownDescription": "True to enable the internal user database.", + "title": "InternalUserDatabaseEnabled", + "type": "boolean" }, - "GreaterThanOrEqual": { - "markdownDescription": "Represents a *greater than or equal* condition to be applied to a single field when querying for findings.", - "title": "GreaterThanOrEqual", - "type": "number" + "MasterUserOptions": { + "$ref": "#/definitions/AWS::Elasticsearch::Domain.MasterUserOptions", + "markdownDescription": "Specifies information about the master user.", + "title": "MasterUserOptions" + } + }, + "type": "object" + }, + "AWS::Elasticsearch::Domain.CognitoOptions": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Whether to enable or disable Amazon Cognito authentication for OpenSearch Dashboards. See [Amazon Cognito authentication for OpenSearch Dashboards](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/cognito-auth.html) .", + "title": "Enabled", + "type": "boolean" }, - "Gt": { - "markdownDescription": "Represents a *greater than* condition to be applied to a single field when querying for findings.", - "title": "Gt", - "type": "number" + "IdentityPoolId": { + "markdownDescription": "The Amazon Cognito identity pool ID that you want OpenSearch Service to use for OpenSearch Dashboards authentication. Required if you enable Cognito authentication.", + "title": "IdentityPoolId", + "type": "string" }, - "Gte": { - "markdownDescription": "Represents the greater than or equal condition to apply to a single field when querying for findings.", - "title": "Gte", + "RoleArn": { + "markdownDescription": "The `AmazonESCognitoAccess` role that allows OpenSearch Service to configure your user pool and identity pool. Required if you enable Cognito authentication.", + "title": "RoleArn", + "type": "string" + }, + "UserPoolId": { + "markdownDescription": "The Amazon Cognito user pool ID that you want OpenSearch Service to use for OpenSearch Dashboards authentication. Required if you enable Cognito authentication.", + "title": "UserPoolId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Elasticsearch::Domain.ColdStorageOptions": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Whether to enable or disable cold storage on the domain. You must enable UltraWarm storage in order to enable cold storage.", + "title": "Enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::Elasticsearch::Domain.DomainEndpointOptions": { + "additionalProperties": false, + "properties": { + "CustomEndpoint": { + "markdownDescription": "The fully qualified URL for your custom endpoint. Required if you enabled a custom endpoint for the domain.", + "title": "CustomEndpoint", + "type": "string" + }, + "CustomEndpointCertificateArn": { + "markdownDescription": "The AWS Certificate Manager ARN for your domain's SSL/TLS certificate. Required if you enabled a custom endpoint for the domain.", + "title": "CustomEndpointCertificateArn", + "type": "string" + }, + "CustomEndpointEnabled": { + "markdownDescription": "True to enable a custom endpoint for the domain. If enabled, you must also provide values for `CustomEndpoint` and `CustomEndpointCertificateArn` .", + "title": "CustomEndpointEnabled", + "type": "boolean" + }, + "EnforceHTTPS": { + "markdownDescription": "True to require that all traffic to the domain arrive over HTTPS.", + "title": "EnforceHTTPS", + "type": "boolean" + }, + "TLSSecurityPolicy": { + "markdownDescription": "The minimum TLS version required for traffic to the domain. Valid values are TLS 1.3 (recommended) or 1.2:\n\n- `Policy-Min-TLS-1-0-2019-07`\n- `Policy-Min-TLS-1-2-2019-07`", + "title": "TLSSecurityPolicy", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Elasticsearch::Domain.EBSOptions": { + "additionalProperties": false, + "properties": { + "EBSEnabled": { + "markdownDescription": "Specifies whether Amazon EBS volumes are attached to data nodes in the OpenSearch Service domain.", + "title": "EBSEnabled", + "type": "boolean" + }, + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS) that the volume supports. This property applies only to provisioned IOPS EBS volume types.", + "title": "Iops", "type": "number" }, - "LessThan": { - "markdownDescription": "Represents a *less than* condition to be applied to a single field when querying for findings.", - "title": "LessThan", + "VolumeSize": { + "markdownDescription": "The size (in GiB) of the EBS volume for each data node. The minimum and maximum size of an EBS volume depends on the EBS volume type and the instance type to which it is attached. For more information, see [EBS volume size limits](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/limits.html#ebsresource) in the *Amazon OpenSearch Service Developer Guide* .", + "title": "VolumeSize", "type": "number" }, - "LessThanOrEqual": { - "markdownDescription": "Represents a *less than or equal* condition to be applied to a single field when querying for findings.", - "title": "LessThanOrEqual", + "VolumeType": { + "markdownDescription": "The EBS volume type to use with the OpenSearch Service domain, such as standard, gp2, or io1. For more information about each type, see [Amazon EBS volume types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) in the *Amazon EC2 User Guide for Linux Instances* .", + "title": "VolumeType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Elasticsearch::Domain.ElasticsearchClusterConfig": { + "additionalProperties": false, + "properties": { + "ColdStorageOptions": { + "$ref": "#/definitions/AWS::Elasticsearch::Domain.ColdStorageOptions", + "markdownDescription": "Specifies cold storage options for the domain.", + "title": "ColdStorageOptions" + }, + "DedicatedMasterCount": { + "markdownDescription": "The number of instances to use for the master node. If you specify this property, you must specify true for the DedicatedMasterEnabled property.", + "title": "DedicatedMasterCount", "type": "number" }, - "Lt": { - "markdownDescription": "Represents the less than condition to apply to a single field when querying for findings.", - "title": "Lt", + "DedicatedMasterEnabled": { + "markdownDescription": "Indicates whether to use a dedicated master node for the OpenSearch Service domain. A dedicated master node is a cluster node that performs cluster management tasks, but doesn't hold data or respond to data upload requests. Dedicated master nodes offload cluster management tasks to increase the stability of your search clusters. See [Dedicated master nodes in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-dedicatedmasternodes.html) .", + "title": "DedicatedMasterEnabled", + "type": "boolean" + }, + "DedicatedMasterType": { + "markdownDescription": "The hardware configuration of the computer that hosts the dedicated master node, such as `m3.medium.elasticsearch` . If you specify this property, you must specify true for the `DedicatedMasterEnabled` property. For valid values, see [Supported instance types in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/supported-instance-types.html) .", + "title": "DedicatedMasterType", + "type": "string" + }, + "InstanceCount": { + "markdownDescription": "The number of data nodes (instances) to use in the OpenSearch Service domain.", + "title": "InstanceCount", "type": "number" }, - "Lte": { - "markdownDescription": "Represents the less than or equal condition to apply to a single field when querying for findings.", - "title": "Lte", + "InstanceType": { + "markdownDescription": "The instance type for your data nodes, such as `m3.medium.elasticsearch` . For valid values, see [Supported instance types in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/supported-instance-types.html) .", + "title": "InstanceType", + "type": "string" + }, + "WarmCount": { + "markdownDescription": "The number of warm nodes in the cluster. Required if you enable warm storage.", + "title": "WarmCount", "type": "number" }, - "Neq": { - "items": { - "type": "string" - }, - "markdownDescription": "Represents the not equal condition to apply to a single field when querying for findings.", - "title": "Neq", - "type": "array" + "WarmEnabled": { + "markdownDescription": "Whether to enable warm storage for the cluster.", + "title": "WarmEnabled", + "type": "boolean" }, - "NotEquals": { - "items": { - "type": "string" - }, - "markdownDescription": "Represents a *not equal* ** condition to be applied to a single field when querying for findings.", - "title": "NotEquals", - "type": "array" + "WarmType": { + "markdownDescription": "The instance type for the cluster's warm nodes. Required if you enable warm storage.", + "title": "WarmType", + "type": "string" + }, + "ZoneAwarenessConfig": { + "$ref": "#/definitions/AWS::Elasticsearch::Domain.ZoneAwarenessConfig", + "markdownDescription": "Specifies zone awareness configuration options. Only use if `ZoneAwarenessEnabled` is `true` .", + "title": "ZoneAwarenessConfig" + }, + "ZoneAwarenessEnabled": { + "markdownDescription": "Indicates whether to enable zone awareness for the OpenSearch Service domain. When you enable zone awareness, OpenSearch Service allocates the nodes and replica index shards that belong to a cluster across two Availability Zones (AZs) in the same region to prevent data loss and minimize downtime in the event of node or data center failure. Don't enable zone awareness if your cluster has no replica index shards or is a single-node cluster. For more information, see [Configuring a multi-AZ domain in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-multiaz.html) .", + "title": "ZoneAwarenessEnabled", + "type": "boolean" } }, "type": "object" }, - "AWS::GuardDuty::Filter.FindingCriteria": { + "AWS::Elasticsearch::Domain.EncryptionAtRestOptions": { "additionalProperties": false, "properties": { - "Criterion": { - "additionalProperties": false, - "markdownDescription": "Represents a map of finding properties that match specified conditions and values when querying findings.\n\nFor information about JSON criterion mapping to their console equivalent, see [Finding criteria](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_filter-findings.html#filter_criteria) . The following are the available criterion:\n\n- accountId\n- id\n- region\n- severity\n\nTo filter on the basis of severity, the API and AWS CLI use the following input list for the `FindingCriteria` condition:\n\n- *Low* : `[\"1\", \"2\", \"3\"]`\n- *Medium* : `[\"4\", \"5\", \"6\"]`\n- *High* : `[\"7\", \"8\", \"9\"]`\n\nFor more information, see [Severity levels for GuardDuty findings](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_findings.html#guardduty_findings-severity) in the *Amazon GuardDuty User Guide* .\n- type\n- updatedAt\n\nType: ISO 8601 string format: `YYYY-MM-DDTHH:MM:SS.SSSZ` or `YYYY-MM-DDTHH:MM:SSZ` depending on whether the value contains milliseconds.\n- resource.accessKeyDetails.accessKeyId\n- resource.accessKeyDetails.principalId\n- resource.accessKeyDetails.userName\n- resource.accessKeyDetails.userType\n- resource.instanceDetails.iamInstanceProfile.id\n- resource.instanceDetails.imageId\n- resource.instanceDetails.instanceId\n- resource.instanceDetails.tags.key\n- resource.instanceDetails.tags.value\n- resource.instanceDetails.networkInterfaces.ipv6Addresses\n- resource.instanceDetails.networkInterfaces.privateIpAddresses.privateIpAddress\n- resource.instanceDetails.networkInterfaces.publicDnsName\n- resource.instanceDetails.networkInterfaces.publicIp\n- resource.instanceDetails.networkInterfaces.securityGroups.groupId\n- resource.instanceDetails.networkInterfaces.securityGroups.groupName\n- resource.instanceDetails.networkInterfaces.subnetId\n- resource.instanceDetails.networkInterfaces.vpcId\n- resource.instanceDetails.outpostArn\n- resource.resourceType\n- resource.s3BucketDetails.publicAccess.effectivePermissions\n- resource.s3BucketDetails.name\n- resource.s3BucketDetails.tags.key\n- resource.s3BucketDetails.tags.value\n- resource.s3BucketDetails.type\n- service.action.actionType\n- service.action.awsApiCallAction.api\n- service.action.awsApiCallAction.callerType\n- service.action.awsApiCallAction.errorCode\n- service.action.awsApiCallAction.remoteIpDetails.city.cityName\n- service.action.awsApiCallAction.remoteIpDetails.country.countryName\n- service.action.awsApiCallAction.remoteIpDetails.ipAddressV4\n- service.action.awsApiCallAction.remoteIpDetails.ipAddressV6\n- service.action.awsApiCallAction.remoteIpDetails.organization.asn\n- service.action.awsApiCallAction.remoteIpDetails.organization.asnOrg\n- service.action.awsApiCallAction.serviceName\n- service.action.dnsRequestAction.domain\n- service.action.dnsRequestAction.domainWithSuffix\n- service.action.networkConnectionAction.blocked\n- service.action.networkConnectionAction.connectionDirection\n- service.action.networkConnectionAction.localPortDetails.port\n- service.action.networkConnectionAction.protocol\n- service.action.networkConnectionAction.remoteIpDetails.city.cityName\n- service.action.networkConnectionAction.remoteIpDetails.country.countryName\n- service.action.networkConnectionAction.remoteIpDetails.ipAddressV4\n- service.action.networkConnectionAction.remoteIpDetails.ipAddressV6\n- service.action.networkConnectionAction.remoteIpDetails.organization.asn\n- service.action.networkConnectionAction.remoteIpDetails.organization.asnOrg\n- service.action.networkConnectionAction.remotePortDetails.port\n- service.action.awsApiCallAction.remoteAccountDetails.affiliated\n- service.action.kubernetesApiCallAction.remoteIpDetails.ipAddressV4\n- service.action.kubernetesApiCallAction.remoteIpDetails.ipAddressV6\n- service.action.kubernetesApiCallAction.namespace\n- service.action.kubernetesApiCallAction.remoteIpDetails.organization.asn\n- service.action.kubernetesApiCallAction.requestUri\n- service.action.kubernetesApiCallAction.statusCode\n- service.action.networkConnectionAction.localIpDetails.ipAddressV4\n- service.action.networkConnectionAction.localIpDetails.ipAddressV6\n- service.action.networkConnectionAction.protocol\n- service.action.awsApiCallAction.serviceName\n- service.action.awsApiCallAction.remoteAccountDetails.accountId\n- service.additionalInfo.threatListName\n- service.resourceRole\n- resource.eksClusterDetails.name\n- resource.kubernetesDetails.kubernetesWorkloadDetails.name\n- resource.kubernetesDetails.kubernetesWorkloadDetails.namespace\n- resource.kubernetesDetails.kubernetesUserDetails.username\n- resource.kubernetesDetails.kubernetesWorkloadDetails.containers.image\n- resource.kubernetesDetails.kubernetesWorkloadDetails.containers.imagePrefix\n- service.ebsVolumeScanDetails.scanId\n- service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.name\n- service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.severity\n- service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.filePaths.hash\n- service.malwareScanDetails.threats.name\n- resource.ecsClusterDetails.name\n- resource.ecsClusterDetails.taskDetails.containers.image\n- resource.ecsClusterDetails.taskDetails.definitionArn\n- resource.containerDetails.image\n- resource.rdsDbInstanceDetails.dbInstanceIdentifier\n- resource.rdsDbInstanceDetails.dbClusterIdentifier\n- resource.rdsDbInstanceDetails.engine\n- resource.rdsDbUserDetails.user\n- resource.rdsDbInstanceDetails.tags.key\n- resource.rdsDbInstanceDetails.tags.value\n- service.runtimeDetails.process.executableSha256\n- service.runtimeDetails.process.name\n- service.runtimeDetails.process.name\n- resource.lambdaDetails.functionName\n- resource.lambdaDetails.functionArn\n- resource.lambdaDetails.tags.key\n- resource.lambdaDetails.tags.value", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::GuardDuty::Filter.Condition" - } - }, - "title": "Criterion", - "type": "object" + "Enabled": { + "markdownDescription": "Specify `true` to enable encryption at rest.", + "title": "Enabled", + "type": "boolean" + }, + "KmsKeyId": { + "markdownDescription": "The KMS key ID. Takes the form `1a2a3a4-1a2a-3a4a-5a6a-1a2a3a4a5a6a` . Required if you enable encryption at rest.", + "title": "KmsKeyId", + "type": "string" } }, "type": "object" }, - "AWS::GuardDuty::Filter.TagItem": { + "AWS::Elasticsearch::Domain.LogPublishingOption": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The tag key.", - "title": "Key", + "CloudWatchLogsLogGroupArn": { + "markdownDescription": "Specifies the CloudWatch log group to publish to. Required if you enable log publishing for the domain.", + "title": "CloudWatchLogsLogGroupArn", "type": "string" }, - "Value": { - "markdownDescription": "The tag value.", - "title": "Value", + "Enabled": { + "markdownDescription": "If `true` , enables the publishing of logs to CloudWatch.\n\nDefault: `false` .", + "title": "Enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::Elasticsearch::Domain.MasterUserOptions": { + "additionalProperties": false, + "properties": { + "MasterUserARN": { + "markdownDescription": "ARN for the master user. Only specify if `InternalUserDatabaseEnabled` is false in `AdvancedSecurityOptions` .", + "title": "MasterUserARN", + "type": "string" + }, + "MasterUserName": { + "markdownDescription": "Username for the master user. Only specify if `InternalUserDatabaseEnabled` is true in `AdvancedSecurityOptions` .", + "title": "MasterUserName", + "type": "string" + }, + "MasterUserPassword": { + "markdownDescription": "Password for the master user. Only specify if `InternalUserDatabaseEnabled` is true in `AdvancedSecurityOptions` .", + "title": "MasterUserPassword", "type": "string" } }, - "required": [ - "Key", - "Value" - ], "type": "object" }, - "AWS::GuardDuty::IPSet": { + "AWS::Elasticsearch::Domain.NodeToNodeEncryptionOptions": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Specifies whether node-to-node encryption is enabled, as a Boolean.", + "title": "Enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::Elasticsearch::Domain.SnapshotOptions": { + "additionalProperties": false, + "properties": { + "AutomatedSnapshotStartHour": { + "markdownDescription": "The hour in UTC during which the service takes an automated daily snapshot of the indices in the OpenSearch Service domain. For example, if you specify 0, OpenSearch Service takes an automated snapshot everyday between midnight and 1 am. You can specify a value between 0 and 23.", + "title": "AutomatedSnapshotStartHour", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Elasticsearch::Domain.VPCOptions": { + "additionalProperties": false, + "properties": { + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of security group IDs that are associated with the VPC endpoints for the domain. If you don't provide a security group ID, OpenSearch Service uses the default security group for the VPC. To learn more, see [Security groups for your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) in the *Amazon VPC User Guide* .", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "Provide one subnet ID for each Availability Zone that your domain uses. For example, you must specify three subnet IDs for a three Availability Zone domain. To learn more, see [VPCs and subnets](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) in the *Amazon VPC User Guide* .\n\nRequired if you're creating your domain inside a VPC.", + "title": "SubnetIds", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Elasticsearch::Domain.ZoneAwarenessConfig": { + "additionalProperties": false, + "properties": { + "AvailabilityZoneCount": { + "markdownDescription": "If you enabled multiple Availability Zones (AZs), the number of AZs that you want the domain to use.\n\nValid values are `2` and `3` . Default is 2.", + "title": "AvailabilityZoneCount", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EntityResolution::IdMappingWorkflow": { "additionalProperties": false, "properties": { "Condition": { @@ -113340,49 +117508,62 @@ "Properties": { "additionalProperties": false, "properties": { - "Activate": { - "markdownDescription": "Indicates whether or not GuardDuty uses the `IPSet` .", - "title": "Activate", - "type": "boolean" - }, - "DetectorId": { - "markdownDescription": "The unique ID of the detector of the GuardDuty account for which you want to create an IPSet.\n\nTo find the `detectorId` in the current Region, see the\nSettings page in the GuardDuty console, or run the [ListDetectors](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListDetectors.html) API.", - "title": "DetectorId", + "Description": { + "markdownDescription": "A description of the workflow.", + "title": "Description", "type": "string" }, - "Format": { - "markdownDescription": "The format of the file that contains the IPSet.", - "title": "Format", - "type": "string" + "IdMappingTechniques": { + "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow.IdMappingTechniques", + "markdownDescription": "An object which defines the ID mapping technique and any additional configurations.", + "title": "IdMappingTechniques" }, - "Location": { - "markdownDescription": "The URI of the file that contains the IPSet.", - "title": "Location", - "type": "string" + "InputSourceConfig": { + "items": { + "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow.IdMappingWorkflowInputSource" + }, + "markdownDescription": "A list of `InputSource` objects, which have the fields `InputSourceARN` and `SchemaName` .", + "title": "InputSourceConfig", + "type": "array" }, - "Name": { - "markdownDescription": "The user-friendly name to identify the IPSet.\n\nAllowed characters are alphanumeric, whitespace, dash (-), and underscores (_).", - "title": "Name", + "OutputSourceConfig": { + "items": { + "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow.IdMappingWorkflowOutputSource" + }, + "markdownDescription": "A list of `IdMappingWorkflowOutputSource` objects, each of which contains fields `OutputS3Path` and `Output` .", + "title": "OutputSourceConfig", + "type": "array" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role. AWS Entity Resolution assumes this role to create resources on your behalf as part of workflow execution.", + "title": "RoleArn", "type": "string" }, "Tags": { "items": { - "$ref": "#/definitions/AWS::GuardDuty::IPSet.TagItem" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to be added to a new IP set resource. Each tag consists of a key and an optional value, both of which you define.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "The tags used to organize, track, or control access for this resource.", "title": "Tags", "type": "array" + }, + "WorkflowName": { + "markdownDescription": "The name of the workflow. There can't be multiple `IdMappingWorkflows` with the same name.", + "title": "WorkflowName", + "type": "string" } }, "required": [ - "Format", - "Location" + "IdMappingTechniques", + "InputSourceConfig", + "RoleArn", + "WorkflowName" ], "type": "object" }, "Type": { "enum": [ - "AWS::GuardDuty::IPSet" + "AWS::EntityResolution::IdMappingWorkflow" ], "type": "string" }, @@ -113401,197 +117582,171 @@ ], "type": "object" }, - "AWS::GuardDuty::IPSet.TagItem": { + "AWS::EntityResolution::IdMappingWorkflow.IdMappingRuleBasedProperties": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The tag key.", - "title": "Key", + "AttributeMatchingModel": { + "markdownDescription": "The comparison type. You can either choose `ONE_TO_ONE` or `MANY_TO_MANY` as the `attributeMatchingModel` .\n\nIf you choose `MANY_TO_MANY` , the system can match attributes across the sub-types of an attribute type. For example, if the value of the `Email` field of Profile A matches the value of the `BusinessEmail` field of Profile B, the two profiles are matched on the `Email` attribute type.\n\nIf you choose `ONE_TO_ONE` , the system can only match attributes if the sub-types are an exact match. For example, for the `Email` attribute type, the system will only consider it a match if the value of the `Email` field of Profile A matches the value of the `Email` field of Profile B.", + "title": "AttributeMatchingModel", "type": "string" }, - "Value": { - "markdownDescription": "The tag value.", - "title": "Value", + "RecordMatchingModel": { + "markdownDescription": "The type of matching record that is allowed to be used in an ID mapping workflow.\n\nIf the value is set to `ONE_SOURCE_TO_ONE_TARGET` , only one record in the source can be matched to the same record in the target.\n\nIf the value is set to `MANY_SOURCE_TO_ONE_TARGET` , multiple records in the source can be matched to one record in the target.", + "title": "RecordMatchingModel", "type": "string" + }, + "RuleDefinitionType": { + "markdownDescription": "The set of rules you can use in an ID mapping workflow. The limitations specified for the source or target to define the match rules must be compatible.", + "title": "RuleDefinitionType", + "type": "string" + }, + "Rules": { + "items": { + "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow.Rule" + }, + "markdownDescription": "The rules that can be used for ID mapping.", + "title": "Rules", + "type": "array" } }, "required": [ - "Key", - "Value" + "AttributeMatchingModel", + "RecordMatchingModel" ], "type": "object" }, - "AWS::GuardDuty::Master": { + "AWS::EntityResolution::IdMappingWorkflow.IdMappingTechniques": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "IdMappingType": { + "markdownDescription": "The type of ID mapping.", + "title": "IdMappingType", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "ProviderProperties": { + "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow.ProviderProperties", + "markdownDescription": "An object which defines any additional configurations required by the provider service.", + "title": "ProviderProperties" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DetectorId": { - "markdownDescription": "The unique ID of the detector of the GuardDuty member account.\n\nTo find the `detectorId` in the current Region, see the\nSettings page in the GuardDuty console, or run the [ListDetectors](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListDetectors.html) API.", - "title": "DetectorId", - "type": "string" - }, - "InvitationId": { - "markdownDescription": "The ID of the invitation that is sent to the account designated as a member account. You can find the invitation ID by running the [ListInvitations](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListInvitations.html) in the *GuardDuty API Reference* .", - "title": "InvitationId", - "type": "string" - }, - "MasterId": { - "markdownDescription": "The AWS account ID of the account designated as the GuardDuty administrator account.", - "title": "MasterId", - "type": "string" - } - }, - "required": [ - "DetectorId", - "MasterId" - ], - "type": "object" + "RuleBasedProperties": { + "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow.IdMappingRuleBasedProperties", + "markdownDescription": "An object which defines any additional configurations required by rule-based matching.", + "title": "RuleBasedProperties" + } + }, + "type": "object" + }, + "AWS::EntityResolution::IdMappingWorkflow.IdMappingWorkflowInputSource": { + "additionalProperties": false, + "properties": { + "InputSourceARN": { + "markdownDescription": "An AWS Glue table Amazon Resource Name (ARN) or a matching workflow ARN for the input source table.", + "title": "InputSourceARN", + "type": "string" }, - "Type": { - "enum": [ - "AWS::GuardDuty::Master" - ], + "SchemaArn": { + "markdownDescription": "The ARN (Amazon Resource Name) that AWS Entity Resolution generated for the `SchemaMapping` .", + "title": "SchemaArn", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Type": { + "markdownDescription": "The type of ID namespace. There are two types: `SOURCE` and `TARGET` .\n\nThe `SOURCE` contains configurations for `sourceId` data that will be processed in an ID mapping workflow.\n\nThe `TARGET` contains a configuration of `targetId` which all `sourceIds` will resolve to.", + "title": "Type", "type": "string" } }, "required": [ - "Type", - "Properties" + "InputSourceARN" ], "type": "object" }, - "AWS::GuardDuty::Member": { + "AWS::EntityResolution::IdMappingWorkflow.IdMappingWorkflowOutputSource": { "additionalProperties": false, "properties": { - "Condition": { + "KMSArn": { + "markdownDescription": "Customer AWS KMS ARN for encryption at rest. If not provided, system will use an AWS Entity Resolution managed KMS key.", + "title": "KMSArn", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "OutputS3Path": { + "markdownDescription": "The S3 path to which AWS Entity Resolution will write the output table.", + "title": "OutputS3Path", "type": "string" + } + }, + "required": [ + "OutputS3Path" + ], + "type": "object" + }, + "AWS::EntityResolution::IdMappingWorkflow.IntermediateSourceConfiguration": { + "additionalProperties": false, + "properties": { + "IntermediateS3Path": { + "markdownDescription": "The Amazon S3 location (bucket and prefix). For example: `s3://provider_bucket/DOC-EXAMPLE-BUCKET`", + "title": "IntermediateS3Path", + "type": "string" + } + }, + "required": [ + "IntermediateS3Path" + ], + "type": "object" + }, + "AWS::EntityResolution::IdMappingWorkflow.ProviderProperties": { + "additionalProperties": false, + "properties": { + "IntermediateSourceConfiguration": { + "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow.IntermediateSourceConfiguration", + "markdownDescription": "The Amazon S3 location that temporarily stores your data while it processes. Your information won't be saved permanently.", + "title": "IntermediateSourceConfiguration" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DetectorId": { - "markdownDescription": "The ID of the detector associated with the GuardDuty service to add the member to.", - "title": "DetectorId", - "type": "string" - }, - "DisableEmailNotification": { - "markdownDescription": "Specifies whether or not to disable email notification for the member account that you invite.", - "title": "DisableEmailNotification", - "type": "boolean" - }, - "Email": { - "markdownDescription": "The email address associated with the member account.", - "title": "Email", - "type": "string" - }, - "MemberId": { - "markdownDescription": "The AWS account ID of the account to designate as a member.", - "title": "MemberId", - "type": "string" - }, - "Message": { - "markdownDescription": "The invitation message that you want to send to the accounts that you're inviting to GuardDuty as members.", - "title": "Message", - "type": "string" - }, - "Status": { - "markdownDescription": "You can use the `Status` property to update the status of the relationship between the member account and its administrator account. Valid values are `Created` and `Invited` when using an `AWS::GuardDuty::Member` resource. If the value for this property is not provided or set to `Created` , a member account is created but not invited. If the value of this property is set to `Invited` , a member account is created and invited.", - "title": "Status", + "ProviderConfiguration": { + "additionalProperties": true, + "markdownDescription": "The required configuration fields to use with the provider service.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { "type": "string" } }, - "required": [ - "Email" - ], + "title": "ProviderConfiguration", "type": "object" }, - "Type": { - "enum": [ - "AWS::GuardDuty::Member" - ], + "ProviderServiceArn": { + "markdownDescription": "The ARN of the provider service.", + "title": "ProviderServiceArn", "type": "string" + } + }, + "required": [ + "ProviderServiceArn" + ], + "type": "object" + }, + "AWS::EntityResolution::IdMappingWorkflow.Rule": { + "additionalProperties": false, + "properties": { + "MatchingKeys": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of `MatchingKeys` . The `MatchingKeys` must have been defined in the `SchemaMapping` . Two records are considered to match according to this rule if all of the `MatchingKeys` match.", + "title": "MatchingKeys", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "RuleName": { + "markdownDescription": "A name for the matching rule.", + "title": "RuleName", "type": "string" } }, "required": [ - "Type", - "Properties" + "MatchingKeys", + "RuleName" ], "type": "object" }, - "AWS::GuardDuty::ThreatIntelSet": { + "AWS::EntityResolution::IdNamespace": { "additionalProperties": false, "properties": { "Condition": { @@ -113626,49 +117781,60 @@ "Properties": { "additionalProperties": false, "properties": { - "Activate": { - "markdownDescription": "A Boolean value that indicates whether GuardDuty is to start using the uploaded ThreatIntelSet.", - "title": "Activate", - "type": "boolean" - }, - "DetectorId": { - "markdownDescription": "The unique ID of the detector of the GuardDuty account for which you want to create a `ThreatIntelSet` .\n\nTo find the `detectorId` in the current Region, see the\nSettings page in the GuardDuty console, or run the [ListDetectors](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListDetectors.html) API.", - "title": "DetectorId", + "Description": { + "markdownDescription": "The description of the ID namespace.", + "title": "Description", "type": "string" }, - "Format": { - "markdownDescription": "The format of the file that contains the ThreatIntelSet.", - "title": "Format", - "type": "string" + "IdMappingWorkflowProperties": { + "items": { + "$ref": "#/definitions/AWS::EntityResolution::IdNamespace.IdNamespaceIdMappingWorkflowProperties" + }, + "markdownDescription": "Determines the properties of `IdMappingWorflow` where this `IdNamespace` can be used as a `Source` or a `Target` .", + "title": "IdMappingWorkflowProperties", + "type": "array" }, - "Location": { - "markdownDescription": "The URI of the file that contains the ThreatIntelSet.", - "title": "Location", + "IdNamespaceName": { + "markdownDescription": "The name of the ID namespace.", + "title": "IdNamespaceName", "type": "string" }, - "Name": { - "markdownDescription": "A user-friendly ThreatIntelSet name displayed in all findings that are generated by activity that involves IP addresses included in this ThreatIntelSet.", - "title": "Name", + "InputSourceConfig": { + "items": { + "$ref": "#/definitions/AWS::EntityResolution::IdNamespace.IdNamespaceInputSource" + }, + "markdownDescription": "A list of `InputSource` objects, which have the fields `InputSourceARN` and `SchemaName` .", + "title": "InputSourceConfig", + "type": "array" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role. AWS Entity Resolution assumes this role to access the resources defined in this `IdNamespace` on your behalf as part of the workflow run.", + "title": "RoleArn", "type": "string" }, "Tags": { "items": { - "$ref": "#/definitions/AWS::GuardDuty::ThreatIntelSet.TagItem" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to be added to a new threat list resource. Each tag consists of a key and an optional value, both of which you define.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "The tags used to organize, track, or control access for this resource.", "title": "Tags", "type": "array" + }, + "Type": { + "markdownDescription": "The type of ID namespace. There are two types: `SOURCE` and `TARGET` .\n\nThe `SOURCE` contains configurations for `sourceId` data that will be processed in an ID mapping workflow.\n\nThe `TARGET` contains a configuration of `targetId` which all `sourceIds` will resolve to.", + "title": "Type", + "type": "string" } }, "required": [ - "Format", - "Location" + "IdNamespaceName", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::GuardDuty::ThreatIntelSet" + "AWS::EntityResolution::IdNamespace" ], "type": "string" }, @@ -113687,106 +117853,133 @@ ], "type": "object" }, - "AWS::GuardDuty::ThreatIntelSet.TagItem": { + "AWS::EntityResolution::IdNamespace.IdNamespaceIdMappingWorkflowProperties": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The tag key.", - "title": "Key", + "IdMappingType": { + "markdownDescription": "The type of ID mapping.", + "title": "IdMappingType", "type": "string" }, - "Value": { - "markdownDescription": "The tag value.", - "title": "Value", - "type": "string" + "ProviderProperties": { + "$ref": "#/definitions/AWS::EntityResolution::IdNamespace.NamespaceProviderProperties", + "markdownDescription": "An object which defines any additional configurations required by the provider service.", + "title": "ProviderProperties" + }, + "RuleBasedProperties": { + "$ref": "#/definitions/AWS::EntityResolution::IdNamespace.NamespaceRuleBasedProperties", + "markdownDescription": "An object which defines any additional configurations required by rule-based matching.", + "title": "RuleBasedProperties" } }, "required": [ - "Key", - "Value" + "IdMappingType" ], "type": "object" }, - "AWS::HealthImaging::Datastore": { + "AWS::EntityResolution::IdNamespace.IdNamespaceInputSource": { "additionalProperties": false, "properties": { - "Condition": { + "InputSourceARN": { + "markdownDescription": "An AWS Glue table Amazon Resource Name (ARN) or a matching workflow ARN for the input source table.", + "title": "InputSourceARN", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SchemaName": { + "markdownDescription": "The name of the schema.", + "title": "SchemaName", "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DatastoreName": { - "markdownDescription": "The data store name.", - "title": "DatastoreName", - "type": "string" - }, - "KmsKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) assigned to the Key Management Service (KMS) key for accessing encrypted data.", - "title": "KmsKeyArn", + } + }, + "required": [ + "InputSourceARN" + ], + "type": "object" + }, + "AWS::EntityResolution::IdNamespace.NamespaceProviderProperties": { + "additionalProperties": false, + "properties": { + "ProviderConfiguration": { + "additionalProperties": true, + "markdownDescription": "An object which defines any additional configurations required by the provider service.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { "type": "string" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "The tags provided when creating a data store.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" } }, + "title": "ProviderConfiguration", "type": "object" }, - "Type": { - "enum": [ - "AWS::HealthImaging::Datastore" - ], + "ProviderServiceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the provider service.", + "title": "ProviderServiceArn", + "type": "string" + } + }, + "required": [ + "ProviderServiceArn" + ], + "type": "object" + }, + "AWS::EntityResolution::IdNamespace.NamespaceRuleBasedProperties": { + "additionalProperties": false, + "properties": { + "AttributeMatchingModel": { + "markdownDescription": "The comparison type. You can either choose `ONE_TO_ONE` or `MANY_TO_MANY` as the `attributeMatchingModel` .\n\nIf you choose `MANY_TO_MANY` , the system can match attributes across the sub-types of an attribute type. For example, if the value of the `Email` field of Profile A matches the value of `BusinessEmail` field of Profile B, the two profiles are matched on the `Email` attribute type.\n\nIf you choose `ONE_TO_ONE` , the system can only match attributes if the sub-types are an exact match. For example, for the `Email` attribute type, the system will only consider it a match if the value of the `Email` field of Profile A matches the value of the `Email` field of Profile B.", + "title": "AttributeMatchingModel", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "RecordMatchingModels": { + "items": { + "type": "string" + }, + "markdownDescription": "The type of matching record that is allowed to be used in an ID mapping workflow.\n\nIf the value is set to `ONE_SOURCE_TO_ONE_TARGET` , only one record in the source is matched to one record in the target.\n\nIf the value is set to `MANY_SOURCE_TO_ONE_TARGET` , all matching records in the source are matched to one record in the target.", + "title": "RecordMatchingModels", + "type": "array" + }, + "RuleDefinitionTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The sets of rules you can use in an ID mapping workflow. The limitations specified for the source and target must be compatible.", + "title": "RuleDefinitionTypes", + "type": "array" + }, + "Rules": { + "items": { + "$ref": "#/definitions/AWS::EntityResolution::IdNamespace.Rule" + }, + "markdownDescription": "The rules for the ID namespace.", + "title": "Rules", + "type": "array" + } + }, + "type": "object" + }, + "AWS::EntityResolution::IdNamespace.Rule": { + "additionalProperties": false, + "properties": { + "MatchingKeys": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of `MatchingKeys` . The `MatchingKeys` must have been defined in the `SchemaMapping` . Two records are considered to match according to this rule if all of the `MatchingKeys` match.", + "title": "MatchingKeys", + "type": "array" + }, + "RuleName": { + "markdownDescription": "A name for the matching rule.", + "title": "RuleName", "type": "string" } }, "required": [ - "Type" + "MatchingKeys", + "RuleName" ], "type": "object" }, - "AWS::HealthLake::FHIRDatastore": { + "AWS::EntityResolution::MatchingWorkflow": { "additionalProperties": false, "properties": { "Condition": { @@ -113821,48 +118014,68 @@ "Properties": { "additionalProperties": false, "properties": { - "DatastoreName": { - "markdownDescription": "The data store name (user-generated).", - "title": "DatastoreName", + "Description": { + "markdownDescription": "A description of the workflow.", + "title": "Description", "type": "string" }, - "DatastoreTypeVersion": { - "markdownDescription": "The FHIR release version supported by the data store. Current support is for version `R4` .", - "title": "DatastoreTypeVersion", - "type": "string" + "IncrementalRunConfig": { + "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.IncrementalRunConfig", + "markdownDescription": "Optional. An object that defines the incremental run type. This object contains only the `incrementalRunType` field, which appears as \"Automatic\" in the console.\n\n> For workflows where `resolutionType` is `ML_MATCHING` , incremental processing is not supported.", + "title": "IncrementalRunConfig" }, - "IdentityProviderConfiguration": { - "$ref": "#/definitions/AWS::HealthLake::FHIRDatastore.IdentityProviderConfiguration", - "markdownDescription": "The identity provider configuration selected when the data store was created.", - "title": "IdentityProviderConfiguration" + "InputSourceConfig": { + "items": { + "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.InputSource" + }, + "markdownDescription": "A list of `InputSource` objects, which have the fields `InputSourceARN` and `SchemaName` .", + "title": "InputSourceConfig", + "type": "array" }, - "PreloadDataConfig": { - "$ref": "#/definitions/AWS::HealthLake::FHIRDatastore.PreloadDataConfig", - "markdownDescription": "The preloaded Synthea data configuration for the data store.", - "title": "PreloadDataConfig" + "OutputSourceConfig": { + "items": { + "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.OutputSource" + }, + "markdownDescription": "A list of `OutputSource` objects, each of which contains fields `OutputS3Path` , `ApplyNormalization` , and `Output` .", + "title": "OutputSourceConfig", + "type": "array" }, - "SseConfiguration": { - "$ref": "#/definitions/AWS::HealthLake::FHIRDatastore.SseConfiguration", - "markdownDescription": "The server-side encryption key configuration for a customer-provided encryption key specified for creating a data store.", - "title": "SseConfiguration" + "ResolutionTechniques": { + "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.ResolutionTechniques", + "markdownDescription": "An object which defines the `resolutionType` and the `ruleBasedProperties` .", + "title": "ResolutionTechniques" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role. AWS Entity Resolution assumes this role to create resources on your behalf as part of workflow execution.", + "title": "RoleArn", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "The tags used to organize, track, or control access for this resource.", "title": "Tags", "type": "array" + }, + "WorkflowName": { + "markdownDescription": "The name of the workflow. There can't be multiple `MatchingWorkflows` with the same name.", + "title": "WorkflowName", + "type": "string" } }, "required": [ - "DatastoreTypeVersion" + "InputSourceConfig", + "OutputSourceConfig", + "ResolutionTechniques", + "RoleArn", + "WorkflowName" ], "type": "object" }, "Type": { "enum": [ - "AWS::HealthLake::FHIRDatastore" + "AWS::EntityResolution::MatchingWorkflow" ], "type": "string" }, @@ -113881,284 +118094,214 @@ ], "type": "object" }, - "AWS::HealthLake::FHIRDatastore.CreatedAt": { + "AWS::EntityResolution::MatchingWorkflow.IncrementalRunConfig": { "additionalProperties": false, "properties": { - "Nanos": { - "markdownDescription": "", - "title": "Nanos", - "type": "number" - }, - "Seconds": { - "markdownDescription": "", - "title": "Seconds", + "IncrementalRunType": { + "markdownDescription": "The type of incremental run. The only valid value is `IMMEDIATE` . This appears as \"Automatic\" in the console.\n\n> For workflows where `resolutionType` is `ML_MATCHING` , incremental processing is not supported.", + "title": "IncrementalRunType", "type": "string" } }, "required": [ - "Nanos", - "Seconds" + "IncrementalRunType" ], "type": "object" }, - "AWS::HealthLake::FHIRDatastore.IdentityProviderConfiguration": { + "AWS::EntityResolution::MatchingWorkflow.InputSource": { "additionalProperties": false, "properties": { - "AuthorizationStrategy": { - "markdownDescription": "The authorization strategy selected when the HealthLake data store is created.\n\n> HealthLake provides support for both SMART on FHIR V1 and V2 as described below.\n> \n> - `SMART_ON_FHIR_V1` \u2013 Support for only SMART on FHIR V1, which includes `read` (read/search) and `write` (create/update/delete) permissions.\n> - `SMART_ON_FHIR` \u2013 Support for both SMART on FHIR V1 and V2, which includes `create` , `read` , `update` , `delete` , and `search` permissions.\n> - `AWS_AUTH` \u2013 The default HealthLake authorization strategy; not affiliated with SMART on FHIR.", - "title": "AuthorizationStrategy", - "type": "string" - }, - "FineGrainedAuthorizationEnabled": { - "markdownDescription": "The parameter to enable SMART on FHIR fine-grained authorization for the data store.", - "title": "FineGrainedAuthorizationEnabled", + "ApplyNormalization": { + "markdownDescription": "Normalizes the attributes defined in the schema in the input data. For example, if an attribute has an `AttributeType` of `PHONE_NUMBER` , and the data in the input table is in a format of 1234567890, AWS Entity Resolution will normalize this field in the output to (123)-456-7890.", + "title": "ApplyNormalization", "type": "boolean" }, - "IdpLambdaArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function to use to decode the access token created by the authorization server.", - "title": "IdpLambdaArn", + "InputSourceARN": { + "markdownDescription": "An object containing `InputSourceARN` , `SchemaName` , and `ApplyNormalization` .", + "title": "InputSourceARN", "type": "string" }, - "Metadata": { - "markdownDescription": "The JSON metadata elements to use in your identity provider configuration. Required elements are listed based on the launch specification of the SMART application. For more information on all possible elements, see [Metadata](https://docs.aws.amazon.com/https://build.fhir.org/ig/HL7/smart-app-launch/conformance.html#metadata) in SMART's App Launch specification.\n\n`authorization_endpoint` : The URL to the OAuth2 authorization endpoint.\n\n`grant_types_supported` : An array of grant types that are supported at the token endpoint. You must provide at least one grant type option. Valid options are `authorization_code` and `client_credentials` .\n\n`token_endpoint` : The URL to the OAuth2 token endpoint.\n\n`capabilities` : An array of strings of the SMART capabilities that the authorization server supports.\n\n`code_challenge_methods_supported` : An array of strings of supported PKCE code challenge methods. You must include the `S256` method in the array of PKCE code challenge methods.", - "title": "Metadata", + "SchemaArn": { + "markdownDescription": "The name of the schema.", + "title": "SchemaArn", "type": "string" } }, "required": [ - "AuthorizationStrategy" + "InputSourceARN", + "SchemaArn" ], "type": "object" }, - "AWS::HealthLake::FHIRDatastore.KmsEncryptionConfig": { + "AWS::EntityResolution::MatchingWorkflow.IntermediateSourceConfiguration": { "additionalProperties": false, "properties": { - "CmkType": { - "markdownDescription": "The type of customer-managed-key(CMK) used for encryption. The two types of supported CMKs are customer owned CMKs and Amazon owned CMKs. For more information on CMK types, see [KmsEncryptionConfig](https://docs.aws.amazon.com/healthlake/latest/APIReference/API_KmsEncryptionConfig.html#HealthLake-Type-KmsEncryptionConfig-CmkType) .", - "title": "CmkType", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "The Key Management Service (KMS) encryption key id/alias used to encrypt the data store contents at rest.", - "title": "KmsKeyId", + "IntermediateS3Path": { + "markdownDescription": "The Amazon S3 location (bucket and prefix). For example: `s3://provider_bucket/DOC-EXAMPLE-BUCKET`", + "title": "IntermediateS3Path", "type": "string" } }, "required": [ - "CmkType" + "IntermediateS3Path" ], "type": "object" }, - "AWS::HealthLake::FHIRDatastore.PreloadDataConfig": { + "AWS::EntityResolution::MatchingWorkflow.OutputAttribute": { "additionalProperties": false, "properties": { - "PreloadDataType": { - "markdownDescription": "The type of preloaded data. Only Synthea preloaded data is supported.", - "title": "PreloadDataType", + "Hashed": { + "markdownDescription": "Enables the ability to hash the column values in the output.", + "title": "Hashed", + "type": "boolean" + }, + "Name": { + "markdownDescription": "A name of a column to be written to the output. This must be an `InputField` name in the schema mapping.", + "title": "Name", "type": "string" } }, "required": [ - "PreloadDataType" + "Name" ], "type": "object" }, - "AWS::HealthLake::FHIRDatastore.SseConfiguration": { + "AWS::EntityResolution::MatchingWorkflow.OutputSource": { "additionalProperties": false, "properties": { - "KmsEncryptionConfig": { - "$ref": "#/definitions/AWS::HealthLake::FHIRDatastore.KmsEncryptionConfig", - "markdownDescription": "The server-side encryption key configuration for a customer provided encryption key.", - "title": "KmsEncryptionConfig" + "ApplyNormalization": { + "markdownDescription": "Normalizes the attributes defined in the schema in the input data. For example, if an attribute has an `AttributeType` of `PHONE_NUMBER` , and the data in the input table is in a format of 1234567890, AWS Entity Resolution will normalize this field in the output to (123)-456-7890.", + "title": "ApplyNormalization", + "type": "boolean" + }, + "KMSArn": { + "markdownDescription": "Customer KMS ARN for encryption at rest. If not provided, system will use an AWS Entity Resolution managed KMS key.", + "title": "KMSArn", + "type": "string" + }, + "Output": { + "items": { + "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.OutputAttribute" + }, + "markdownDescription": "A list of `OutputAttribute` objects, each of which have the fields `Name` and `Hashed` . Each of these objects selects a column to be included in the output table, and whether the values of the column should be hashed.", + "title": "Output", + "type": "array" + }, + "OutputS3Path": { + "markdownDescription": "The S3 path to which AWS Entity Resolution will write the output table.", + "title": "OutputS3Path", + "type": "string" } }, "required": [ - "KmsEncryptionConfig" + "Output", + "OutputS3Path" ], "type": "object" }, - "AWS::IAM::AccessKey": { + "AWS::EntityResolution::MatchingWorkflow.ProviderProperties": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "IntermediateSourceConfiguration": { + "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.IntermediateSourceConfiguration", + "markdownDescription": "The Amazon S3 location that temporarily stores your data while it processes. Your information won't be saved permanently.", + "title": "IntermediateSourceConfiguration" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Serial": { - "markdownDescription": "This value is specific to CloudFormation and can only be *incremented* . Incrementing this value notifies CloudFormation that you want to rotate your access key. When you update your stack, CloudFormation will replace the existing access key with a new key.", - "title": "Serial", - "type": "number" - }, - "Status": { - "markdownDescription": "The status of the access key. `Active` means that the key is valid for API calls, while `Inactive` means it is not.", - "title": "Status", - "type": "string" - }, - "UserName": { - "markdownDescription": "The name of the IAM user that the new key will belong to.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "UserName", + "ProviderConfiguration": { + "additionalProperties": true, + "markdownDescription": "The required configuration fields to use with the provider service.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { "type": "string" } }, - "required": [ - "UserName" - ], + "title": "ProviderConfiguration", "type": "object" }, - "Type": { - "enum": [ - "AWS::IAM::AccessKey" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ProviderServiceArn": { + "markdownDescription": "The ARN of the provider service.", + "title": "ProviderServiceArn", "type": "string" } }, "required": [ - "Type", - "Properties" + "ProviderServiceArn" ], "type": "object" }, - "AWS::IAM::Group": { + "AWS::EntityResolution::MatchingWorkflow.ResolutionTechniques": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "ProviderProperties": { + "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.ProviderProperties", + "markdownDescription": "The properties of the provider service.", + "title": "ProviderProperties" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ResolutionType": { + "markdownDescription": "The type of matching. There are three types of matching: `RULE_MATCHING` , `ML_MATCHING` , and `PROVIDER` .", + "title": "ResolutionType", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "GroupName": { - "markdownDescription": "The name of the group to create. Do not include the path in this value.\n\nThe group name must be unique within the account. Group names are not distinguished by case. For example, you cannot create groups named both \"ADMINS\" and \"admins\". If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the group name.\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name. \n\nIf you specify a name, you must specify the `CAPABILITY_NAMED_IAM` value to acknowledge your template's capabilities. For more information, see [Acknowledging IAM Resources in AWS CloudFormation Templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-template.html#using-iam-capabilities) .\n\n> Naming an IAM resource can cause an unrecoverable error if you reuse the same template in multiple Regions. To prevent this, we recommend using `Fn::Join` and `AWS::Region` to create a Region-specific name, as in the following example: `{\"Fn::Join\": [\"\", [{\"Ref\": \"AWS::Region\"}, {\"Ref\": \"MyResourceName\"}]]}` .", - "title": "GroupName", - "type": "string" - }, - "ManagedPolicyArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM policy you want to attach.\n\nFor more information about ARNs, see [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* .", - "title": "ManagedPolicyArns", - "type": "array" - }, - "Path": { - "markdownDescription": "The path to the group. For more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.", - "title": "Path", - "type": "string" - }, - "Policies": { - "items": { - "$ref": "#/definitions/AWS::IAM::Group.Policy" - }, - "markdownDescription": "Adds or updates an inline policy document that is embedded in the specified IAM group. To view AWS::IAM::Group snippets, see [Declaring an IAM Group Resource](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-iam.html#scenario-iam-group) .\n\n> The name of each inline policy for a role, user, or group must be unique. If you don't choose unique names, updates to the IAM identity will fail. \n\nFor information about limits on the number of inline policies that you can embed in a group, see [Limitations on IAM Entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the *IAM User Guide* .", - "title": "Policies", - "type": "array" - } + "RuleBasedProperties": { + "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.RuleBasedProperties", + "markdownDescription": "An object which defines the list of matching rules to run and has a field `Rules` , which is a list of rule objects.", + "title": "RuleBasedProperties" + } + }, + "type": "object" + }, + "AWS::EntityResolution::MatchingWorkflow.Rule": { + "additionalProperties": false, + "properties": { + "MatchingKeys": { + "items": { + "type": "string" }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::IAM::Group" - ], - "type": "string" + "markdownDescription": "A list of `MatchingKeys` . The `MatchingKeys` must have been defined in the `SchemaMapping` . Two records are considered to match according to this rule if all of the `MatchingKeys` match.", + "title": "MatchingKeys", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "RuleName": { + "markdownDescription": "A name for the matching rule.", + "title": "RuleName", "type": "string" } }, "required": [ - "Type" + "MatchingKeys", + "RuleName" ], "type": "object" }, - "AWS::IAM::Group.Policy": { + "AWS::EntityResolution::MatchingWorkflow.RuleBasedProperties": { "additionalProperties": false, "properties": { - "PolicyDocument": { - "markdownDescription": "The policy document.", - "title": "PolicyDocument", - "type": "object" + "AttributeMatchingModel": { + "markdownDescription": "The comparison type. You can either choose `ONE_TO_ONE` or `MANY_TO_MANY` as the `attributeMatchingModel` .\n\nIf you choose `MANY_TO_MANY` , the system can match attributes across the sub-types of an attribute type. For example, if the value of the `Email` field of Profile A and the value of `BusinessEmail` field of Profile B matches, the two profiles are matched on the `Email` attribute type.\n\nIf you choose `ONE_TO_ONE` , the system can only match attributes if the sub-types are an exact match. For example, for the `Email` attribute type, the system will only consider it a match if the value of the `Email` field of Profile A matches the value of the `Email` field of Profile B.", + "title": "AttributeMatchingModel", + "type": "string" }, - "PolicyName": { - "markdownDescription": "The friendly name (not ARN) identifying the policy.", - "title": "PolicyName", + "MatchPurpose": { + "markdownDescription": "An indicator of whether to generate IDs and index the data or not.\n\nIf you choose `IDENTIFIER_GENERATION` , the process generates IDs and indexes the data.\n\nIf you choose `INDEXING` , the process indexes the data without generating IDs.", + "title": "MatchPurpose", "type": "string" + }, + "Rules": { + "items": { + "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.Rule" + }, + "markdownDescription": "A list of `Rule` objects, each of which have fields `RuleName` and `MatchingKeys` .", + "title": "Rules", + "type": "array" } }, "required": [ - "PolicyDocument", - "PolicyName" + "AttributeMatchingModel", + "Rules" ], "type": "object" }, - "AWS::IAM::GroupPolicy": { + "AWS::EntityResolution::PolicyStatement": { "additionalProperties": false, "properties": { "Condition": { @@ -114193,31 +118336,52 @@ "Properties": { "additionalProperties": false, "properties": { - "GroupName": { - "markdownDescription": "The name of the group to associate the policy with.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-.", - "title": "GroupName", + "Action": { + "items": { + "type": "string" + }, + "markdownDescription": "The action that the principal can use on the resource.\n\nFor example, `entityresolution:GetIdMappingJob` , `entityresolution:GetMatchingJob` .", + "title": "Action", + "type": "array" + }, + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource that will be accessed by the principal.", + "title": "Arn", "type": "string" }, - "PolicyDocument": { - "markdownDescription": "The policy document.\n\nYou must provide policies in JSON format in IAM. However, for AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it to IAM.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", - "title": "PolicyDocument", - "type": "object" + "Condition": { + "markdownDescription": "A set of condition keys that you can use in key policies.", + "title": "Condition", + "type": "string" }, - "PolicyName": { - "markdownDescription": "The name of the policy document.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "PolicyName", + "Effect": { + "markdownDescription": "Determines whether the permissions specified in the policy are to be allowed ( `Allow` ) or denied ( `Deny` ).\n\n> If you set the value of the `effect` parameter to `Deny` for the `AddPolicyStatement` operation, you must also set the value of the `effect` parameter in the `policy` to `Deny` for the `PutPolicy` operation.", + "title": "Effect", + "type": "string" + }, + "Principal": { + "items": { + "type": "string" + }, + "markdownDescription": "The AWS service or AWS account that can access the resource defined as ARN.", + "title": "Principal", + "type": "array" + }, + "StatementId": { + "markdownDescription": "A statement identifier that differentiates the statement from others in the same policy.", + "title": "StatementId", "type": "string" } }, "required": [ - "GroupName", - "PolicyName" + "Arn", + "StatementId" ], "type": "object" }, "Type": { "enum": [ - "AWS::IAM::GroupPolicy" + "AWS::EntityResolution::PolicyStatement" ], "type": "string" }, @@ -114236,7 +118400,7 @@ ], "type": "object" }, - "AWS::IAM::InstanceProfile": { + "AWS::EntityResolution::SchemaMapping": { "additionalProperties": false, "properties": { "Condition": { @@ -114271,33 +118435,42 @@ "Properties": { "additionalProperties": false, "properties": { - "InstanceProfileName": { - "markdownDescription": "The name of the instance profile to create.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "InstanceProfileName", + "Description": { + "markdownDescription": "A description of the schema.", + "title": "Description", "type": "string" }, - "Path": { - "markdownDescription": "The path to the instance profile. For more information about paths, see [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.", - "title": "Path", + "MappedInputFields": { + "items": { + "$ref": "#/definitions/AWS::EntityResolution::SchemaMapping.SchemaInputAttribute" + }, + "markdownDescription": "A list of `MappedInputFields` . Each `MappedInputField` corresponds to a column the source data table, and contains column name plus additional information that AWS Entity Resolution uses for matching.", + "title": "MappedInputFields", + "type": "array" + }, + "SchemaName": { + "markdownDescription": "The name of the schema. There can't be multiple `SchemaMappings` with the same name.", + "title": "SchemaName", "type": "string" }, - "Roles": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The name of the role to associate with the instance profile. Only one role can be assigned to an EC2 instance at a time, and all applications on the instance share the same role and permissions.", - "title": "Roles", + "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "title": "Tags", "type": "array" } }, "required": [ - "Roles" + "MappedInputFields", + "SchemaName" ], "type": "object" }, "Type": { "enum": [ - "AWS::IAM::InstanceProfile" + "AWS::EntityResolution::SchemaMapping" ], "type": "string" }, @@ -114316,7 +118489,47 @@ ], "type": "object" }, - "AWS::IAM::ManagedPolicy": { + "AWS::EntityResolution::SchemaMapping.SchemaInputAttribute": { + "additionalProperties": false, + "properties": { + "FieldName": { + "markdownDescription": "A string containing the field name.", + "title": "FieldName", + "type": "string" + }, + "GroupName": { + "markdownDescription": "A string that instructs AWS Entity Resolution to combine several columns into a unified column with the identical attribute type.\n\nFor example, when working with columns such as `NAME_FIRST` , `NAME_MIDDLE` , and `NAME_LAST` , assigning them a common `groupName` will prompt AWS Entity Resolution to concatenate them into a single value.", + "title": "GroupName", + "type": "string" + }, + "Hashed": { + "markdownDescription": "Indicates if the column values are hashed in the schema input.\n\nIf the value is set to `TRUE` , the column values are hashed.\n\nIf the value is set to `FALSE` , the column values are cleartext.", + "title": "Hashed", + "type": "boolean" + }, + "MatchKey": { + "markdownDescription": "A key that allows grouping of multiple input attributes into a unified matching group.\n\nFor example, consider a scenario where the source table contains various addresses, such as `business_address` and `shipping_address` . By assigning a `matchKey` called `address` to both attributes, AWS Entity Resolution will match records across these fields to create a consolidated matching group.\n\nIf no `matchKey` is specified for a column, it won't be utilized for matching purposes but will still be included in the output table.", + "title": "MatchKey", + "type": "string" + }, + "SubType": { + "markdownDescription": "The subtype of the attribute, selected from a list of values.", + "title": "SubType", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the attribute, selected from a list of values.\n\nLiveRamp supports: `NAME` | `NAME_FIRST` | `NAME_MIDDLE` | `NAME_LAST` | `ADDRESS` | `ADDRESS_STREET1` | `ADDRESS_STREET2` | `ADDRESS_STREET3` | `ADDRESS_CITY` | `ADDRESS_STATE` | `ADDRESS_COUNTRY` | `ADDRESS_POSTALCODE` | `PHONE` | `PHONE_NUMBER` | `EMAIL_ADDRESS` | `UNIQUE_ID` | `PROVIDER_ID`\n\nTransUnion supports: `NAME` | `NAME_FIRST` | `NAME_LAST` | `ADDRESS` | `ADDRESS_CITY` | `ADDRESS_STATE` | `ADDRESS_COUNTRY` | `ADDRESS_POSTALCODE` | `PHONE_NUMBER` | `EMAIL_ADDRESS` | `UNIQUE_ID` | `IPV4` | `IPV6` | `MAID`\n\nUnified ID 2.0 supports: `PHONE_NUMBER` | `EMAIL_ADDRESS` | `UNIQUE_ID`\n\n> Normalization is only supported for `NAME` , `ADDRESS` , `PHONE` , and `EMAIL_ADDRESS` .\n> \n> If you want to normalize `NAME_FIRST` , `NAME_MIDDLE` , and `NAME_LAST` , you must group them by assigning them to the `NAME` `groupName` .\n> \n> If you want to normalize `ADDRESS_STREET1` , `ADDRESS_STREET2` , `ADDRESS_STREET3` , `ADDRESS_CITY` , `ADDRESS_STATE` , `ADDRESS_COUNTRY` , and `ADDRESS_POSTALCODE` , you must group them by assigning them to the `ADDRESS` `groupName` .\n> \n> If you want to normalize `PHONE_NUMBER` and `PHONE_COUNTRYCODE` , you must group them by assigning them to the `PHONE` `groupName` .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "FieldName", + "Type" + ], + "type": "object" + }, + "AWS::EventSchemas::Discoverer": { "additionalProperties": false, "properties": { "Condition": { @@ -114351,59 +118564,38 @@ "Properties": { "additionalProperties": false, "properties": { + "CrossAccount": { + "markdownDescription": "Allows for the discovery of the event schemas that are sent to the event bus from another account.", + "title": "CrossAccount", + "type": "boolean" + }, "Description": { - "markdownDescription": "A friendly description of the policy.\n\nTypically used to store information about the permissions defined in the policy. For example, \"Grants access to production DynamoDB tables.\"\n\nThe policy description is immutable. After a value is assigned, it cannot be changed.", + "markdownDescription": "A description for the discoverer.", "title": "Description", "type": "string" }, - "Groups": { - "items": { - "type": "string" - }, - "markdownDescription": "The name (friendly name, not ARN) of the group to attach the policy to.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "Groups", - "type": "array" - }, - "ManagedPolicyName": { - "markdownDescription": "The friendly name of the policy.\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name. \n\nIf you specify a name, you must specify the `CAPABILITY_NAMED_IAM` value to acknowledge your template's capabilities. For more information, see [Acknowledging IAM Resources in AWS CloudFormation Templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-template.html#using-iam-capabilities) .\n\n> Naming an IAM resource can cause an unrecoverable error if you reuse the same template in multiple Regions. To prevent this, we recommend using `Fn::Join` and `AWS::Region` to create a Region-specific name, as in the following example: `{\"Fn::Join\": [\"\", [{\"Ref\": \"AWS::Region\"}, {\"Ref\": \"MyResourceName\"}]]}` .", - "title": "ManagedPolicyName", - "type": "string" - }, - "Path": { - "markdownDescription": "The path for the policy.\n\nFor more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.\n\n> You cannot use an asterisk (*) in the path name.", - "title": "Path", + "SourceArn": { + "markdownDescription": "The ARN of the event bus.", + "title": "SourceArn", "type": "string" }, - "PolicyDocument": { - "markdownDescription": "The JSON policy document that you want to use as the content for the new policy.\n\nYou must provide policies in JSON format in IAM. However, for AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it to IAM.\n\nThe maximum length of the policy document that you can pass in this operation, including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see [IAM and AWS STS character quotas](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length) .\n\nTo learn more about JSON policy grammar, see [Grammar of the IAM JSON policy language](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_grammar.html) in the *IAM User Guide* .\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", - "title": "PolicyDocument", - "type": "object" - }, - "Roles": { - "items": { - "type": "string" - }, - "markdownDescription": "The name (friendly name, not ARN) of the role to attach the policy to.\n\nThis parameter allows (per its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-\n\n> If an external policy (such as `AWS::IAM::Policy` or `AWS::IAM::ManagedPolicy` ) has a `Ref` to a role and if a resource (such as `AWS::ECS::Service` ) also has a `Ref` to the same role, add a `DependsOn` attribute to the resource to make the resource depend on the external policy. This dependency ensures that the role's policy is available throughout the resource's lifecycle. For example, when you delete a stack with an `AWS::ECS::Service` resource, the `DependsOn` attribute ensures that AWS CloudFormation deletes the `AWS::ECS::Service` resource before deleting its role's policy.", - "title": "Roles", - "type": "array" - }, - "Users": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EventSchemas::Discoverer.TagsEntry" }, - "markdownDescription": "The name (friendly name, not ARN) of the IAM user to attach the policy to.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "Users", + "markdownDescription": "Tags associated with the resource.", + "title": "Tags", "type": "array" } }, "required": [ - "PolicyDocument" + "SourceArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::IAM::ManagedPolicy" + "AWS::EventSchemas::Discoverer" ], "type": "string" }, @@ -114422,7 +118614,27 @@ ], "type": "object" }, - "AWS::IAM::OIDCProvider": { + "AWS::EventSchemas::Discoverer.TagsEntry": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The key of a key-value pair.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of a key-value pair.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::EventSchemas::Registry": { "additionalProperties": false, "properties": { "Condition": { @@ -114457,44 +118669,30 @@ "Properties": { "additionalProperties": false, "properties": { - "ClientIdList": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of client IDs (also known as audiences) that are associated with the specified IAM OIDC provider resource object. For more information, see [CreateOpenIDConnectProvider](https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateOpenIDConnectProvider.html) .", - "title": "ClientIdList", - "type": "array" + "Description": { + "markdownDescription": "A description of the registry to be created.", + "title": "Description", + "type": "string" + }, + "RegistryName": { + "markdownDescription": "The name of the schema registry.", + "title": "RegistryName", + "type": "string" }, "Tags": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::EventSchemas::Registry.TagsEntry" }, - "markdownDescription": "A list of tags that are attached to the specified IAM OIDC provider. The returned list of tags is sorted by tag key. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .", + "markdownDescription": "Tags to associate with the registry.", "title": "Tags", "type": "array" - }, - "ThumbprintList": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of certificate thumbprints that are associated with the specified IAM OIDC provider resource object. For more information, see [CreateOpenIDConnectProvider](https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateOpenIDConnectProvider.html) .\n\nThis property is optional. If it is not included, IAM will retrieve and use the top intermediate certificate authority (CA) thumbprint of the OpenID Connect identity provider server certificate.", - "title": "ThumbprintList", - "type": "array" - }, - "Url": { - "markdownDescription": "The URL that the IAM OIDC provider resource object is associated with. For more information, see [CreateOpenIDConnectProvider](https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateOpenIDConnectProvider.html) .", - "title": "Url", - "type": "string" } }, - "required": [ - "ThumbprintList" - ], "type": "object" }, "Type": { "enum": [ - "AWS::IAM::OIDCProvider" + "AWS::EventSchemas::Registry" ], "type": "string" }, @@ -114508,12 +118706,31 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::IAM::Policy": { + "AWS::EventSchemas::Registry.TagsEntry": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The key of a key-value pair.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of a key-value pair.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::EventSchemas::RegistryPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -114548,50 +118765,31 @@ "Properties": { "additionalProperties": false, "properties": { - "Groups": { - "items": { - "type": "string" - }, - "markdownDescription": "The name of the group to associate the policy with.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-.", - "title": "Groups", - "type": "array" - }, - "PolicyDocument": { - "markdownDescription": "The policy document.\n\nYou must provide policies in JSON format in IAM. However, for AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it to IAM.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", - "title": "PolicyDocument", + "Policy": { + "markdownDescription": "A resource-based policy.", + "title": "Policy", "type": "object" }, - "PolicyName": { - "markdownDescription": "The name of the policy document.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "PolicyName", + "RegistryName": { + "markdownDescription": "The name of the registry.", + "title": "RegistryName", "type": "string" }, - "Roles": { - "items": { - "type": "string" - }, - "markdownDescription": "The name of the role to associate the policy with.\n\nThis parameter allows (per its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-\n\n> If an external policy (such as `AWS::IAM::Policy` or `AWS::IAM::ManagedPolicy` ) has a `Ref` to a role and if a resource (such as `AWS::ECS::Service` ) also has a `Ref` to the same role, add a `DependsOn` attribute to the resource to make the resource depend on the external policy. This dependency ensures that the role's policy is available throughout the resource's lifecycle. For example, when you delete a stack with an `AWS::ECS::Service` resource, the `DependsOn` attribute ensures that AWS CloudFormation deletes the `AWS::ECS::Service` resource before deleting its role's policy.", - "title": "Roles", - "type": "array" - }, - "Users": { - "items": { - "type": "string" - }, - "markdownDescription": "The name of the user to associate the policy with.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "Users", - "type": "array" + "RevisionId": { + "markdownDescription": "The revision ID of the policy.", + "title": "RevisionId", + "type": "string" } }, "required": [ - "PolicyDocument", - "PolicyName" + "Policy", + "RegistryName" ], "type": "object" }, "Type": { "enum": [ - "AWS::IAM::Policy" + "AWS::EventSchemas::RegistryPolicy" ], "type": "string" }, @@ -114610,7 +118808,7 @@ ], "type": "object" }, - "AWS::IAM::Role": { + "AWS::EventSchemas::Schema": { "additionalProperties": false, "properties": { "Condition": { @@ -114645,69 +118843,50 @@ "Properties": { "additionalProperties": false, "properties": { - "AssumeRolePolicyDocument": { - "markdownDescription": "The trust policy that is associated with this role. Trust policies define which entities can assume the role. You can associate only one trust policy with a role. For an example of a policy that can be used to assume a role, see [Template Examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html#aws-resource-iam-role--examples) . For more information about the elements that you can use in an IAM policy, see [IAM Policy Elements Reference](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements.html) in the *IAM User Guide* .", - "title": "AssumeRolePolicyDocument", - "type": "object" + "Content": { + "markdownDescription": "The source of the schema definition.", + "title": "Content", + "type": "string" }, "Description": { - "markdownDescription": "A description of the role that you provide.", + "markdownDescription": "A description of the schema.", "title": "Description", "type": "string" }, - "ManagedPolicyArns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of Amazon Resource Names (ARNs) of the IAM managed policies that you want to attach to the role.\n\nFor more information about ARNs, see [Amazon Resource Names (ARNs) and AWS Service Namespaces](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* .", - "title": "ManagedPolicyArns", - "type": "array" - }, - "MaxSessionDuration": { - "markdownDescription": "The maximum session duration (in seconds) that you want to set for the specified role. If you do not specify a value for this setting, the default value of one hour is applied. This setting can have a value from 1 hour to 12 hours.\n\nAnyone who assumes the role from the AWS CLI or API can use the `DurationSeconds` API parameter or the `duration-seconds` AWS CLI parameter to request a longer session. The `MaxSessionDuration` setting determines the maximum duration that can be requested using the `DurationSeconds` parameter. If users don't specify a value for the `DurationSeconds` parameter, their security credentials are valid for one hour by default. This applies when you use the `AssumeRole*` API operations or the `assume-role*` AWS CLI operations but does not apply when you use those operations to create a console URL. For more information, see [Using IAM roles](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html) in the *IAM User Guide* .", - "title": "MaxSessionDuration", - "type": "number" - }, - "Path": { - "markdownDescription": "The path to the role. For more information about paths, see [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.", - "title": "Path", - "type": "string" - }, - "PermissionsBoundary": { - "markdownDescription": "The ARN of the policy used to set the permissions boundary for the role.\n\nFor more information about permissions boundaries, see [Permissions boundaries for IAM identities](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) in the *IAM User Guide* .", - "title": "PermissionsBoundary", + "RegistryName": { + "markdownDescription": "The name of the schema registry.", + "title": "RegistryName", "type": "string" }, - "Policies": { - "items": { - "$ref": "#/definitions/AWS::IAM::Role.Policy" - }, - "markdownDescription": "Adds or updates an inline policy document that is embedded in the specified IAM role.\n\nWhen you embed an inline policy in a role, the inline policy is used as part of the role's access (permissions) policy. The role's trust policy is created at the same time as the role. You can update a role's trust policy later. For more information about IAM roles, go to [Using Roles to Delegate Permissions and Federate Identities](https://docs.aws.amazon.com/IAM/latest/UserGuide/roles-toplevel.html) .\n\nA role can also have an attached managed policy. For information about policies, see [Managed Policies and Inline Policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the *IAM User Guide* .\n\nFor information about limits on the number of inline policies that you can embed with a role, see [Limitations on IAM Entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the *IAM User Guide* .\n\n> If an external policy (such as `AWS::IAM::Policy` or `AWS::IAM::ManagedPolicy` ) has a `Ref` to a role and if a resource (such as `AWS::ECS::Service` ) also has a `Ref` to the same role, add a `DependsOn` attribute to the resource to make the resource depend on the external policy. This dependency ensures that the role's policy is available throughout the resource's lifecycle. For example, when you delete a stack with an `AWS::ECS::Service` resource, the `DependsOn` attribute ensures that AWS CloudFormation deletes the `AWS::ECS::Service` resource before deleting its role's policy.", - "title": "Policies", - "type": "array" - }, - "RoleName": { - "markdownDescription": "A name for the IAM role, up to 64 characters in length. For valid values, see the `RoleName` parameter for the [`CreateRole`](https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateRole.html) action in the *IAM User Guide* .\n\nThis parameter allows (per its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-. The role name must be unique within the account. Role names are not distinguished by case. For example, you cannot create roles named both \"Role1\" and \"role1\".\n\nIf you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the role name.\n\nIf you specify a name, you must specify the `CAPABILITY_NAMED_IAM` value to acknowledge your template's capabilities. For more information, see [Acknowledging IAM Resources in AWS CloudFormation Templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-template.html#using-iam-capabilities) .\n\n> Naming an IAM resource can cause an unrecoverable error if you reuse the same template in multiple Regions. To prevent this, we recommend using `Fn::Join` and `AWS::Region` to create a Region-specific name, as in the following example: `{\"Fn::Join\": [\"\", [{\"Ref\": \"AWS::Region\"}, {\"Ref\": \"MyResourceName\"}]]}` .", - "title": "RoleName", + "SchemaName": { + "markdownDescription": "The name of the schema.", + "title": "SchemaName", "type": "string" }, "Tags": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::EventSchemas::Schema.TagsEntry" }, - "markdownDescription": "A list of tags that are attached to the role. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .", + "markdownDescription": "Tags associated with the schema.", "title": "Tags", "type": "array" + }, + "Type": { + "markdownDescription": "The type of schema.\n\nValid types include `OpenApi3` and `JSONSchemaDraft4` .", + "title": "Type", + "type": "string" } }, "required": [ - "AssumeRolePolicyDocument" + "Content", + "RegistryName", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::IAM::Role" + "AWS::EventSchemas::Schema" ], "type": "string" }, @@ -114726,27 +118905,27 @@ ], "type": "object" }, - "AWS::IAM::Role.Policy": { + "AWS::EventSchemas::Schema.TagsEntry": { "additionalProperties": false, "properties": { - "PolicyDocument": { - "markdownDescription": "The entire contents of the policy that defines permissions. For more information, see [Overview of JSON policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policies-json) .", - "title": "PolicyDocument", - "type": "object" + "Key": { + "markdownDescription": "The key of a key-value pair.", + "title": "Key", + "type": "string" }, - "PolicyName": { - "markdownDescription": "The friendly name (not ARN) identifying the policy.", - "title": "PolicyName", + "Value": { + "markdownDescription": "The value of a key-value pair.", + "title": "Value", "type": "string" } }, "required": [ - "PolicyDocument", - "PolicyName" + "Key", + "Value" ], "type": "object" }, - "AWS::IAM::RolePolicy": { + "AWS::Events::ApiDestination": { "additionalProperties": false, "properties": { "Condition": { @@ -114781,31 +118960,47 @@ "Properties": { "additionalProperties": false, "properties": { - "PolicyDocument": { - "markdownDescription": "The policy document.\n\nYou must provide policies in JSON format in IAM. However, for AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it to IAM.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", - "title": "PolicyDocument", - "type": "object" + "ConnectionArn": { + "markdownDescription": "The ARN of the connection to use for the API destination. The destination endpoint must support the authorization type specified for the connection.", + "title": "ConnectionArn", + "type": "string" }, - "PolicyName": { - "markdownDescription": "The name of the policy document.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "PolicyName", + "Description": { + "markdownDescription": "A description for the API destination to create.", + "title": "Description", "type": "string" }, - "RoleName": { - "markdownDescription": "The name of the role to associate the policy with.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "RoleName", + "HttpMethod": { + "markdownDescription": "The method to use for the request to the HTTP invocation endpoint.", + "title": "HttpMethod", + "type": "string" + }, + "InvocationEndpoint": { + "markdownDescription": "The URL to the HTTP invocation endpoint for the API destination.", + "title": "InvocationEndpoint", + "type": "string" + }, + "InvocationRateLimitPerSecond": { + "markdownDescription": "The maximum number of requests per second to send to the HTTP invocation endpoint.", + "title": "InvocationRateLimitPerSecond", + "type": "number" + }, + "Name": { + "markdownDescription": "The name for the API destination to create.", + "title": "Name", "type": "string" } }, "required": [ - "PolicyName", - "RoleName" + "ConnectionArn", + "HttpMethod", + "InvocationEndpoint" ], "type": "object" }, "Type": { "enum": [ - "AWS::IAM::RolePolicy" + "AWS::Events::ApiDestination" ], "type": "string" }, @@ -114824,7 +119019,7 @@ ], "type": "object" }, - "AWS::IAM::SAMLProvider": { + "AWS::Events::Archive": { "additionalProperties": false, "properties": { "Condition": { @@ -114859,33 +119054,45 @@ "Properties": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the provider to create.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "Name", + "ArchiveName": { + "markdownDescription": "The name for the archive to create.", + "title": "ArchiveName", "type": "string" }, - "SamlMetadataDocument": { - "markdownDescription": "An XML document generated by an identity provider (IdP) that supports SAML 2.0. The document includes the issuer's name, expiration information, and keys that can be used to validate the SAML authentication response (assertions) that are received from the IdP. You must generate the metadata document using the identity management software that is used as your organization's IdP.\n\nFor more information, see [About SAML 2.0-based federation](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html) in the *IAM User Guide*", - "title": "SamlMetadataDocument", + "Description": { + "markdownDescription": "A description for the archive.", + "title": "Description", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of tags that you want to attach to the new IAM SAML provider. Each tag consists of a key name and an associated value. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .\n\n> If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request fails and the resource is not created.", - "title": "Tags", - "type": "array" + "EventPattern": { + "markdownDescription": "An event pattern to use to filter events sent to the archive.", + "title": "EventPattern", + "type": "object" + }, + "KmsKeyIdentifier": { + "markdownDescription": "The identifier of the AWS KMS customer managed key for EventBridge to use, if you choose to use a customer managed key to encrypt this archive. The identifier can be the key Amazon Resource Name (ARN), KeyId, key alias, or key alias ARN.\n\nIf you do not specify a customer managed key identifier, EventBridge uses an AWS owned key to encrypt the archive.\n\nFor more information, see [Identify and view keys](https://docs.aws.amazon.com/kms/latest/developerguide/viewing-keys.html) in the *AWS Key Management Service Developer Guide* .\n\n> If you have specified that EventBridge use a customer managed key for encrypting the source event bus, we strongly recommend you also specify a customer managed key for any archives for the event bus as well.\n> \n> For more information, see [Encrypting archives](https://docs.aws.amazon.com/eventbridge/latest/userguide/encryption-archives.html) in the *Amazon EventBridge User Guide* .", + "title": "KmsKeyIdentifier", + "type": "string" + }, + "RetentionDays": { + "markdownDescription": "The number of days to retain events for. Default value is 0. If set to 0, events are retained indefinitely", + "title": "RetentionDays", + "type": "number" + }, + "SourceArn": { + "markdownDescription": "The ARN of the event bus that sends events to the archive.", + "title": "SourceArn", + "type": "string" } }, "required": [ - "SamlMetadataDocument" + "SourceArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::IAM::SAMLProvider" + "AWS::Events::Archive" ], "type": "string" }, @@ -114904,7 +119111,7 @@ ], "type": "object" }, - "AWS::IAM::ServerCertificate": { + "AWS::Events::Connection": { "additionalProperties": false, "properties": { "Condition": { @@ -114939,45 +119146,42 @@ "Properties": { "additionalProperties": false, "properties": { - "CertificateBody": { - "markdownDescription": "The contents of the public key certificate.", - "title": "CertificateBody", - "type": "string" + "AuthParameters": { + "$ref": "#/definitions/AWS::Events::Connection.AuthParameters", + "markdownDescription": "The authorization parameters to use to authorize with the endpoint.\n\nYou must include only authorization parameters for the `AuthorizationType` you specify.", + "title": "AuthParameters" }, - "CertificateChain": { - "markdownDescription": "The contents of the public key certificate chain.", - "title": "CertificateChain", + "AuthorizationType": { + "markdownDescription": "The type of authorization to use for the connection.\n\n> OAUTH tokens are refreshed when a 401 or 407 response is returned.", + "title": "AuthorizationType", "type": "string" }, - "Path": { - "markdownDescription": "The path for the server certificate. For more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/). This parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.\n\n> If you are uploading a server certificate specifically for use with Amazon CloudFront distributions, you must specify a path using the `path` parameter. The path must begin with `/cloudfront` and must include a trailing slash (for example, `/cloudfront/test/` ).", - "title": "Path", + "Description": { + "markdownDescription": "A description for the connection to create.", + "title": "Description", "type": "string" }, - "PrivateKey": { - "markdownDescription": "The contents of the private key in PEM-encoded format.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", - "title": "PrivateKey", - "type": "string" + "InvocationConnectivityParameters": { + "$ref": "#/definitions/AWS::Events::Connection.InvocationConnectivityParameters", + "markdownDescription": "For connections to private APIs, the parameters to use for invoking the API.\n\nFor more information, see [Connecting to private APIs](https://docs.aws.amazon.com/eventbridge/latest/userguide/connection-private.html) in the **Amazon EventBridge User Guide** .", + "title": "InvocationConnectivityParameters" }, - "ServerCertificateName": { - "markdownDescription": "The name for the server certificate. Do not include the path in this value. The name of the certificate cannot contain any spaces.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "ServerCertificateName", + "KmsKeyIdentifier": { + "markdownDescription": "The identifier of the AWS KMS customer managed key for EventBridge to use, if you choose to use a customer managed key to encrypt this connection. The identifier can be the key Amazon Resource Name (ARN), KeyId, key alias, or key alias ARN.\n\nIf you do not specify a customer managed key identifier, EventBridge uses an AWS owned key to encrypt the connection.\n\nFor more information, see [Identify and view keys](https://docs.aws.amazon.com/kms/latest/developerguide/viewing-keys.html) in the *AWS Key Management Service Developer Guide* .", + "title": "KmsKeyIdentifier", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of tags that are attached to the server certificate. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .", - "title": "Tags", - "type": "array" + "Name": { + "markdownDescription": "The name for the connection to create.", + "title": "Name", + "type": "string" } }, "type": "object" }, "Type": { "enum": [ - "AWS::IAM::ServerCertificate" + "AWS::Events::Connection" ], "type": "string" }, @@ -114995,383 +119199,231 @@ ], "type": "object" }, - "AWS::IAM::ServiceLinkedRole": { + "AWS::Events::Connection.ApiKeyAuthParameters": { "additionalProperties": false, "properties": { - "Condition": { + "ApiKeyName": { + "markdownDescription": "The name of the API key to use for authorization.", + "title": "ApiKeyName", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AWSServiceName": { - "markdownDescription": "The service principal for the AWS service to which this role is attached. You use a string similar to a URL but without the http:// in front. For example: `elasticbeanstalk.amazonaws.com` .\n\nService principals are unique and case-sensitive. To find the exact service principal for your service-linked role, see [AWS services that work with IAM](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html) in the *IAM User Guide* . Look for the services that have *Yes* in the *Service-Linked Role* column. Choose the *Yes* link to view the service-linked role documentation for that service.", - "title": "AWSServiceName", - "type": "string" - }, - "CustomSuffix": { - "markdownDescription": "A string that you provide, which is combined with the service-provided prefix to form the complete role name. If you make multiple requests for the same service, then you must supply a different `CustomSuffix` for each request. Otherwise the request fails with a duplicate role name error. For example, you could add `-1` or `-debug` to the suffix.\n\nSome services do not support the `CustomSuffix` parameter. If you provide an optional suffix and the operation fails, try the operation again without the suffix.", - "title": "CustomSuffix", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the role.", - "title": "Description", - "type": "string" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::IAM::ServiceLinkedRole" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ApiKeyValue": { + "markdownDescription": "The value for the API key to use for authorization.", + "title": "ApiKeyValue", "type": "string" } }, "required": [ - "Type" + "ApiKeyName", + "ApiKeyValue" ], "type": "object" }, - "AWS::IAM::User": { + "AWS::Events::Connection.AuthParameters": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "ApiKeyAuthParameters": { + "$ref": "#/definitions/AWS::Events::Connection.ApiKeyAuthParameters", + "markdownDescription": "The API Key parameters to use for authorization.", + "title": "ApiKeyAuthParameters" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "BasicAuthParameters": { + "$ref": "#/definitions/AWS::Events::Connection.BasicAuthParameters", + "markdownDescription": "The authorization parameters for Basic authorization.", + "title": "BasicAuthParameters" }, - "Metadata": { - "type": "object" + "ConnectivityParameters": { + "$ref": "#/definitions/AWS::Events::Connection.ConnectivityParameters", + "markdownDescription": "For private OAuth authentication endpoints. The parameters EventBridge uses to authenticate against the endpoint.\n\nFor more information, see [Authorization methods for connections](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-target-connection-auth.html) in the **Amazon EventBridge User Guide** .", + "title": "ConnectivityParameters" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Groups": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of group names to which you want to add the user.", - "title": "Groups", - "type": "array" - }, - "LoginProfile": { - "$ref": "#/definitions/AWS::IAM::User.LoginProfile", - "markdownDescription": "Creates a password for the specified IAM user. A password allows an IAM user to access AWS services through the AWS Management Console .\n\nYou can use the AWS CLI , the AWS API, or the *Users* page in the IAM console to create a password for any IAM user. Use [ChangePassword](https://docs.aws.amazon.com/IAM/latest/APIReference/API_ChangePassword.html) to update your own existing password in the *My Security Credentials* page in the AWS Management Console .\n\nFor more information about managing passwords, see [Managing passwords](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingLogins.html) in the *IAM User Guide* .", - "title": "LoginProfile" - }, - "ManagedPolicyArns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of Amazon Resource Names (ARNs) of the IAM managed policies that you want to attach to the user.\n\nFor more information about ARNs, see [Amazon Resource Names (ARNs) and AWS Service Namespaces](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* .", - "title": "ManagedPolicyArns", - "type": "array" - }, - "Path": { - "markdownDescription": "The path for the user name. For more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.", - "title": "Path", - "type": "string" - }, - "PermissionsBoundary": { - "markdownDescription": "The ARN of the managed policy that is used to set the permissions boundary for the user.\n\nA permissions boundary policy defines the maximum permissions that identity-based policies can grant to an entity, but does not grant permissions. Permissions boundaries do not define the maximum permissions that a resource-based policy can grant to an entity. To learn more, see [Permissions boundaries for IAM entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) in the *IAM User Guide* .\n\nFor more information about policy types, see [Policy types](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policy-types) in the *IAM User Guide* .", - "title": "PermissionsBoundary", - "type": "string" - }, - "Policies": { - "items": { - "$ref": "#/definitions/AWS::IAM::User.Policy" - }, - "markdownDescription": "Adds or updates an inline policy document that is embedded in the specified IAM user. To view AWS::IAM::User snippets, see [Declaring an IAM User Resource](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-iam.html#scenario-iam-user) .\n\n> The name of each policy for a role, user, or group must be unique. If you don't choose unique names, updates to the IAM identity will fail. \n\nFor information about limits on the number of inline policies that you can embed in a user, see [Limitations on IAM Entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the *IAM User Guide* .", - "title": "Policies", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of tags that you want to attach to the new user. Each tag consists of a key name and an associated value. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .\n\n> If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request fails and the resource is not created.", - "title": "Tags", - "type": "array" - }, - "UserName": { - "markdownDescription": "The name of the user to create. Do not include the path in this value.\n\nThis parameter allows (per its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-. The user name must be unique within the account. User names are not distinguished by case. For example, you cannot create users named both \"John\" and \"john\".\n\nIf you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the user name.\n\nIf you specify a name, you must specify the `CAPABILITY_NAMED_IAM` value to acknowledge your template's capabilities. For more information, see [Acknowledging IAM Resources in AWS CloudFormation Templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-template.html#using-iam-capabilities) .\n\n> Naming an IAM resource can cause an unrecoverable error if you reuse the same template in multiple Regions. To prevent this, we recommend using `Fn::Join` and `AWS::Region` to create a Region-specific name, as in the following example: `{\"Fn::Join\": [\"\", [{\"Ref\": \"AWS::Region\"}, {\"Ref\": \"MyResourceName\"}]]}` .", - "title": "UserName", - "type": "string" - } - }, - "type": "object" + "InvocationHttpParameters": { + "$ref": "#/definitions/AWS::Events::Connection.ConnectionHttpParameters", + "markdownDescription": "Additional parameters for the connection that are passed through with every invocation to the HTTP endpoint.", + "title": "InvocationHttpParameters" }, - "Type": { - "enum": [ - "AWS::IAM::User" - ], + "OAuthParameters": { + "$ref": "#/definitions/AWS::Events::Connection.OAuthParameters", + "markdownDescription": "The OAuth parameters to use for authorization.", + "title": "OAuthParameters" + } + }, + "type": "object" + }, + "AWS::Events::Connection.BasicAuthParameters": { + "additionalProperties": false, + "properties": { + "Password": { + "markdownDescription": "The password associated with the user name to use for Basic authorization.", + "title": "Password", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Username": { + "markdownDescription": "The user name to use for Basic authorization.", + "title": "Username", "type": "string" } }, "required": [ - "Type" + "Password", + "Username" ], "type": "object" }, - "AWS::IAM::User.LoginProfile": { + "AWS::Events::Connection.ClientParameters": { "additionalProperties": false, "properties": { - "Password": { - "markdownDescription": "The user's password.", - "title": "Password", + "ClientID": { + "markdownDescription": "The client ID to use for OAuth authorization.", + "title": "ClientID", "type": "string" }, - "PasswordResetRequired": { - "markdownDescription": "Specifies whether the user is required to set a new password on next sign-in.", - "title": "PasswordResetRequired", - "type": "boolean" + "ClientSecret": { + "markdownDescription": "The client secret assciated with the client ID to use for OAuth authorization.", + "title": "ClientSecret", + "type": "string" } }, "required": [ - "Password" + "ClientID", + "ClientSecret" ], "type": "object" }, - "AWS::IAM::User.Policy": { + "AWS::Events::Connection.ConnectionHttpParameters": { "additionalProperties": false, "properties": { - "PolicyDocument": { - "markdownDescription": "The entire contents of the policy that defines permissions. For more information, see [Overview of JSON policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policies-json) .", - "title": "PolicyDocument", - "type": "object" + "BodyParameters": { + "items": { + "$ref": "#/definitions/AWS::Events::Connection.Parameter" + }, + "markdownDescription": "Any additional body string parameters for the connection.", + "title": "BodyParameters", + "type": "array" }, - "PolicyName": { - "markdownDescription": "The friendly name (not ARN) identifying the policy.", - "title": "PolicyName", - "type": "string" + "HeaderParameters": { + "items": { + "$ref": "#/definitions/AWS::Events::Connection.Parameter" + }, + "markdownDescription": "Any additional header parameters for the connection.", + "title": "HeaderParameters", + "type": "array" + }, + "QueryStringParameters": { + "items": { + "$ref": "#/definitions/AWS::Events::Connection.Parameter" + }, + "markdownDescription": "Any additional query string parameters for the connection.", + "title": "QueryStringParameters", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Events::Connection.ConnectivityParameters": { + "additionalProperties": false, + "properties": { + "ResourceParameters": { + "$ref": "#/definitions/AWS::Events::Connection.ResourceParameters", + "markdownDescription": "The parameters for EventBridge to use when invoking the resource endpoint.", + "title": "ResourceParameters" } }, "required": [ - "PolicyDocument", - "PolicyName" + "ResourceParameters" ], "type": "object" }, - "AWS::IAM::UserPolicy": { + "AWS::Events::Connection.InvocationConnectivityParameters": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ResourceParameters": { + "$ref": "#/definitions/AWS::Events::Connection.ResourceParameters", + "markdownDescription": "The parameters for EventBridge to use when invoking the resource endpoint.", + "title": "ResourceParameters" + } + }, + "required": [ + "ResourceParameters" + ], + "type": "object" + }, + "AWS::Events::Connection.OAuthParameters": { + "additionalProperties": false, + "properties": { + "AuthorizationEndpoint": { + "markdownDescription": "The URL to the authorization endpoint when OAuth is specified as the authorization type.", + "title": "AuthorizationEndpoint", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "PolicyDocument": { - "markdownDescription": "The policy document.\n\nYou must provide policies in JSON format in IAM. However, for AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it to IAM.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", - "title": "PolicyDocument", - "type": "object" - }, - "PolicyName": { - "markdownDescription": "The name of the policy document.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "PolicyName", - "type": "string" - }, - "UserName": { - "markdownDescription": "The name of the user to associate the policy with.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "UserName", - "type": "string" - } - }, - "required": [ - "PolicyName", - "UserName" - ], - "type": "object" + "ClientParameters": { + "$ref": "#/definitions/AWS::Events::Connection.ClientParameters", + "markdownDescription": "The client parameters for OAuth authorization.", + "title": "ClientParameters" }, - "Type": { - "enum": [ - "AWS::IAM::UserPolicy" - ], + "HttpMethod": { + "markdownDescription": "The method to use for the authorization request.", + "title": "HttpMethod", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "OAuthHttpParameters": { + "$ref": "#/definitions/AWS::Events::Connection.ConnectionHttpParameters", + "markdownDescription": "Details about the additional parameters to use for the connection.", + "title": "OAuthHttpParameters" } }, "required": [ - "Type", - "Properties" + "AuthorizationEndpoint", + "ClientParameters", + "HttpMethod" ], "type": "object" }, - "AWS::IAM::UserToGroupAddition": { + "AWS::Events::Connection.Parameter": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "IsValueSecret": { + "markdownDescription": "Specifies whether the value is secret.", + "title": "IsValueSecret", + "type": "boolean" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Key": { + "markdownDescription": "The key for a query string parameter.", + "title": "Key", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "GroupName": { - "markdownDescription": "The name of the group to update.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "GroupName", - "type": "string" - }, - "Users": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the names of the users that you want to add to the group.", - "title": "Users", - "type": "array" - } - }, - "required": [ - "GroupName", - "Users" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::IAM::UserToGroupAddition" - ], + "Value": { + "markdownDescription": "The value associated with the key for the query string parameter.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::Events::Connection.ResourceParameters": { + "additionalProperties": false, + "properties": { + "ResourceAssociationArn": { + "markdownDescription": "For connections to private APIs, the Amazon Resource Name (ARN) of the resource association EventBridge created between the connection and the private API's resource configuration.\n\n> The value of this property is set by EventBridge . Any value you specify in your template is ignored.", + "title": "ResourceAssociationArn", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ResourceConfigurationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon VPC Lattice resource configuration for the resource endpoint.", + "title": "ResourceConfigurationArn", "type": "string" } }, "required": [ - "Type", - "Properties" + "ResourceConfigurationArn" ], "type": "object" }, - "AWS::IAM::VirtualMFADevice": { + "AWS::Events::Endpoint": { "additionalProperties": false, "properties": { "Condition": { @@ -115406,41 +119458,49 @@ "Properties": { "additionalProperties": false, "properties": { - "Path": { - "markdownDescription": "The path for the virtual MFA device. For more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.", - "title": "Path", + "Description": { + "markdownDescription": "A description for the endpoint.", + "title": "Description", "type": "string" }, - "Tags": { + "EventBuses": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Events::Endpoint.EndpointEventBus" }, - "markdownDescription": "A list of tags that you want to attach to the new IAM virtual MFA device. Each tag consists of a key name and an associated value. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .\n\n> If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request fails and the resource is not created.", - "title": "Tags", + "markdownDescription": "The event buses being used by the endpoint.\n\n*Exactly* : `2`", + "title": "EventBuses", "type": "array" }, - "Users": { - "items": { - "type": "string" - }, - "markdownDescription": "The IAM user associated with this virtual MFA device.", - "title": "Users", - "type": "array" + "Name": { + "markdownDescription": "The name of the endpoint.", + "title": "Name", + "type": "string" }, - "VirtualMfaDeviceName": { - "markdownDescription": "The name of the virtual MFA device, which must be unique. Use with path to uniquely identify a virtual MFA device.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "VirtualMfaDeviceName", + "ReplicationConfig": { + "$ref": "#/definitions/AWS::Events::Endpoint.ReplicationConfig", + "markdownDescription": "Whether event replication was enabled or disabled for this endpoint. The default state is `ENABLED` which means you must supply a `RoleArn` . If you don't have a `RoleArn` or you don't want event replication enabled, set the state to `DISABLED` .", + "title": "ReplicationConfig" + }, + "RoleArn": { + "markdownDescription": "The ARN of the role used by event replication for the endpoint.", + "title": "RoleArn", "type": "string" + }, + "RoutingConfig": { + "$ref": "#/definitions/AWS::Events::Endpoint.RoutingConfig", + "markdownDescription": "The routing configuration of the endpoint.", + "title": "RoutingConfig" } }, "required": [ - "Users" + "EventBuses", + "RoutingConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::IAM::VirtualMFADevice" + "AWS::Events::Endpoint" ], "type": "string" }, @@ -115459,108 +119519,97 @@ ], "type": "object" }, - "AWS::IVS::Channel": { + "AWS::Events::Endpoint.EndpointEventBus": { "additionalProperties": false, "properties": { - "Condition": { + "EventBusArn": { + "markdownDescription": "The ARN of the event bus the endpoint is associated with.", + "title": "EventBusArn", "type": "string" + } + }, + "required": [ + "EventBusArn" + ], + "type": "object" + }, + "AWS::Events::Endpoint.FailoverConfig": { + "additionalProperties": false, + "properties": { + "Primary": { + "$ref": "#/definitions/AWS::Events::Endpoint.Primary", + "markdownDescription": "The main Region of the endpoint.", + "title": "Primary" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Secondary": { + "$ref": "#/definitions/AWS::Events::Endpoint.Secondary", + "markdownDescription": "The Region that events are routed to when failover is triggered or event replication is enabled.", + "title": "Secondary" + } + }, + "required": [ + "Primary", + "Secondary" + ], + "type": "object" + }, + "AWS::Events::Endpoint.Primary": { + "additionalProperties": false, + "properties": { + "HealthCheck": { + "markdownDescription": "The ARN of the health check used by the endpoint to determine whether failover is triggered.", + "title": "HealthCheck", "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Authorized": { - "markdownDescription": "Whether the channel is authorized.\n\n*Default* : `false`", - "title": "Authorized", - "type": "boolean" - }, - "InsecureIngest": { - "markdownDescription": "Whether the channel allows insecure RTMP ingest.\n\n*Default* : `false`", - "title": "InsecureIngest", - "type": "boolean" - }, - "LatencyMode": { - "markdownDescription": "Channel latency mode. Valid values:\n\n- `NORMAL` : Use NORMAL to broadcast and deliver live video up to Full HD.\n- `LOW` : Use LOW for near real-time interactions with viewers.\n\n> In the console, `LOW` and `NORMAL` correspond to `Ultra-low` and `Standard` , respectively. \n\n*Default* : `LOW`", - "title": "LatencyMode", - "type": "string" - }, - "Name": { - "markdownDescription": "Channel name.", - "title": "Name", - "type": "string" - }, - "Preset": { - "markdownDescription": "An optional transcode preset for the channel. This is selectable only for `ADVANCED_HD` and `ADVANCED_SD` channel types. For those channel types, the default preset is `HIGHER_BANDWIDTH_DELIVERY` . For other channel types ( `BASIC` and `STANDARD` ), `preset` is the empty string (\"\").", - "title": "Preset", - "type": "string" - }, - "RecordingConfigurationArn": { - "markdownDescription": "The ARN of a RecordingConfiguration resource. An empty string indicates that recording is disabled for the channel. A RecordingConfiguration ARN indicates that recording is enabled using the specified recording configuration. See the [RecordingConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ivs-recordingconfiguration.html) resource for more information and an example.\n\n*Default* : \"\" (empty string, recording is disabled)", - "title": "RecordingConfigurationArn", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-channel-tag.html) .", - "title": "Tags", - "type": "array" - }, - "Type": { - "markdownDescription": "The channel type, which determines the allowable resolution and bitrate. *If you exceed the allowable resolution or bitrate, the stream probably will disconnect immediately.* For details, see [Channel Types](https://docs.aws.amazon.com/ivs/latest/LowLatencyAPIReference/channel-types.html) .\n\n*Default* : `STANDARD`", - "title": "Type", - "type": "string" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::IVS::Channel" - ], + } + }, + "required": [ + "HealthCheck" + ], + "type": "object" + }, + "AWS::Events::Endpoint.ReplicationConfig": { + "additionalProperties": false, + "properties": { + "State": { + "markdownDescription": "The state of event replication.", + "title": "State", "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + } + }, + "required": [ + "State" + ], + "type": "object" + }, + "AWS::Events::Endpoint.RoutingConfig": { + "additionalProperties": false, + "properties": { + "FailoverConfig": { + "$ref": "#/definitions/AWS::Events::Endpoint.FailoverConfig", + "markdownDescription": "The failover configuration for an endpoint. This includes what triggers failover and what happens when it's triggered.", + "title": "FailoverConfig" + } + }, + "required": [ + "FailoverConfig" + ], + "type": "object" + }, + "AWS::Events::Endpoint.Secondary": { + "additionalProperties": false, + "properties": { + "Route": { + "markdownDescription": "Defines the secondary Region.", + "title": "Route", "type": "string" } }, "required": [ - "Type" + "Route" ], "type": "object" }, - "AWS::IVS::EncoderConfiguration": { + "AWS::Events::EventBus": { "additionalProperties": false, "properties": { "Condition": { @@ -115595,30 +119644,58 @@ "Properties": { "additionalProperties": false, "properties": { + "DeadLetterConfig": { + "$ref": "#/definitions/AWS::Events::EventBus.DeadLetterConfig", + "markdownDescription": "Configuration details of the Amazon SQS queue for EventBridge to use as a dead-letter queue (DLQ).\n\nFor more information, see [Using dead-letter queues to process undelivered events](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-rule-event-delivery.html#eb-rule-dlq) in the *EventBridge User Guide* .", + "title": "DeadLetterConfig" + }, + "Description": { + "markdownDescription": "The event bus description.", + "title": "Description", + "type": "string" + }, + "EventSourceName": { + "markdownDescription": "If you are creating a partner event bus, this specifies the partner event source that the new event bus will be matched with.", + "title": "EventSourceName", + "type": "string" + }, + "KmsKeyIdentifier": { + "markdownDescription": "The identifier of the AWS KMS customer managed key for EventBridge to use, if you choose to use a customer managed key to encrypt events on this event bus. The identifier can be the key Amazon Resource Name (ARN), KeyId, key alias, or key alias ARN.\n\nIf you do not specify a customer managed key identifier, EventBridge uses an AWS owned key to encrypt events on the event bus.\n\nFor more information, see [Identify and view keys](https://docs.aws.amazon.com/kms/latest/developerguide/viewing-keys.html) in the *AWS Key Management Service Developer Guide* .\n\n> Schema discovery is not supported for event buses encrypted using a customer managed key. EventBridge returns an error if:\n> \n> - You call `[CreateDiscoverer](https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-discoverers.html#CreateDiscoverer)` on an event bus set to use a customer managed key for encryption.\n> - You call `[UpdatedEventBus](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_UpdatedEventBus.html)` to set a customer managed key on an event bus with schema discovery enabled.\n> \n> To enable schema discovery on an event bus, choose to use an AWS owned key . For more information, see [Encrypting events](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-encryption-event-bus-cmkey.html) in the *Amazon EventBridge User Guide* . > If you have specified that EventBridge use a customer managed key for encrypting the source event bus, we strongly recommend you also specify a customer managed key for any archives for the event bus as well.\n> \n> For more information, see [Encrypting archives](https://docs.aws.amazon.com/eventbridge/latest/userguide/encryption-archives.html) in the *Amazon EventBridge User Guide* .", + "title": "KmsKeyIdentifier", + "type": "string" + }, + "LogConfig": { + "$ref": "#/definitions/AWS::Events::EventBus.LogConfig", + "markdownDescription": "The logging configuration settings for the event bus.\n\nFor more information, see [Configuring logs for event buses](https://docs.aws.amazon.com/eb-event-bus-logs.html) in the *EventBridge User Guide* .", + "title": "LogConfig" + }, "Name": { - "markdownDescription": "Encoder cnfiguration name.", + "markdownDescription": "The name of the new event bus.\n\nCustom event bus names can't contain the `/` character, but you can use the `/` character in partner event bus names. In addition, for partner event buses, the name must exactly match the name of the partner event source that this event bus is matched to.\n\nYou can't use the name `default` for a custom event bus, as this name is already used for your account's default event bus.", "title": "Name", "type": "string" }, + "Policy": { + "markdownDescription": "The permissions policy of the event bus, describing which other AWS accounts can write events to this event bus.", + "title": "Policy", + "type": "object" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-encoderconfiguration-tag.html) .", + "markdownDescription": "Tags to associate with the event bus.", "title": "Tags", "type": "array" - }, - "Video": { - "$ref": "#/definitions/AWS::IVS::EncoderConfiguration.Video", - "markdownDescription": "Video configuration. Default: video resolution 1280x720, bitrate 2500 kbps, 30 fps. See the [Video](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-encoderconfiguration-video.html) property type for more information.", - "title": "Video" } }, + "required": [ + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::IVS::EncoderConfiguration" + "AWS::Events::EventBus" ], "type": "string" }, @@ -115632,113 +119709,39 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::IVS::EncoderConfiguration.Video": { + "AWS::Events::EventBus.DeadLetterConfig": { "additionalProperties": false, "properties": { - "Bitrate": { - "markdownDescription": "Bitrate for generated output, in bps. Default: 2500000.", - "title": "Bitrate", - "type": "number" - }, - "Framerate": { - "markdownDescription": "Video frame rate, in fps. Default: 30.", - "title": "Framerate", - "type": "number" - }, - "Height": { - "markdownDescription": "Video-resolution height. Note that the maximum value is determined by width times height, such that the maximum total pixels is 2073600 (1920x1080 or 1080x1920). Default: 720.", - "title": "Height", - "type": "number" - }, - "Width": { - "markdownDescription": "Video-resolution width. Note that the maximum value is determined by width times height, such that the maximum total pixels is 2073600 (1920x1080 or 1080x1920). Default: 1280.", - "title": "Width", - "type": "number" + "Arn": { + "markdownDescription": "The ARN of the SQS queue specified as the target for the dead-letter queue.", + "title": "Arn", + "type": "string" } }, "type": "object" }, - "AWS::IVS::PlaybackKeyPair": { + "AWS::Events::EventBus.LogConfig": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "Playback-key-pair name. The value does not need to be unique.", - "title": "Name", - "type": "string" - }, - "PublicKeyMaterial": { - "markdownDescription": "The public portion of a customer-generated key pair. Note that this field is required to create the AWS::IVS::PlaybackKeyPair resource.", - "title": "PublicKeyMaterial", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-playbackkeypair-tag.html) .", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::IVS::PlaybackKeyPair" - ], + "IncludeDetail": { + "markdownDescription": "Whether EventBridge include detailed event information in the records it generates. Detailed data can be useful for troubleshooting and debugging. This information includes details of the event itself, as well as target details.\n\nFor more information, see [Including detail data in event bus logs](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-event-bus-logs.html#eb-event-logs-data) in the *EventBridge User Guide* .", + "title": "IncludeDetail", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Level": { + "markdownDescription": "The level of logging detail to include. This applies to all log destinations for the event bus.\n\nFor more information, see [Specifying event bus log level](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-event-bus-logs.html#eb-event-bus-logs-level) in the *EventBridge User Guide* .", + "title": "Level", "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::IVS::PlaybackRestrictionPolicy": { + "AWS::Events::EventBusPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -115773,50 +119776,45 @@ "Properties": { "additionalProperties": false, "properties": { - "AllowedCountries": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of country codes that control geoblocking restrictions. Allowed values are the officially assigned ISO 3166-1 alpha-2 codes. Default: All countries (an empty array).", - "title": "AllowedCountries", - "type": "array" + "Action": { + "markdownDescription": "The action that you are enabling the other account to perform.", + "title": "Action", + "type": "string" }, - "AllowedOrigins": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of origin sites that control CORS restriction. Allowed values are the same as valid values of the Origin header defined at [https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin\"](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin)", - "title": "AllowedOrigins", - "type": "array" + "Condition": { + "$ref": "#/definitions/AWS::Events::EventBusPolicy.Condition", + "markdownDescription": "This parameter enables you to limit the permission to accounts that fulfill a certain condition, such as being a member of a certain AWS organization. For more information about AWS Organizations, see [What Is AWS Organizations](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_introduction.html) in the *AWS Organizations User Guide* .\n\nIf you specify `Condition` with an AWS organization ID, and specify \"*\" as the value for `Principal` , you grant permission to all the accounts in the named organization.\n\nThe `Condition` is a JSON string which must contain `Type` , `Key` , and `Value` fields.", + "title": "Condition" }, - "EnableStrictOriginEnforcement": { - "markdownDescription": "Whether channel playback is constrained by the origin site.", - "title": "EnableStrictOriginEnforcement", - "type": "boolean" + "EventBusName": { + "markdownDescription": "The name of the event bus associated with the rule. If you omit this, the default event bus is used.", + "title": "EventBusName", + "type": "string" }, - "Name": { - "markdownDescription": "Playback-restriction-policy name.", - "title": "Name", + "Principal": { + "markdownDescription": "The 12-digit AWS account ID that you are permitting to put events to your default event bus. Specify \"*\" to permit any account to put events to your default event bus.\n\nIf you specify \"*\" without specifying `Condition` , avoid creating rules that may match undesirable events. To create more secure rules, make sure that the event pattern for each rule contains an `account` field with a specific account ID from which to receive events. Rules with an account field do not match any events sent from other accounts.", + "title": "Principal", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-playbackrestrictionpolicy-tag.html) .", - "title": "Tags", - "type": "array" + "Statement": { + "markdownDescription": "A JSON string that describes the permission policy statement. You can include a `Policy` parameter in the request instead of using the `StatementId` , `Action` , `Principal` , or `Condition` parameters.", + "title": "Statement", + "type": "object" + }, + "StatementId": { + "markdownDescription": "An identifier string for the external account that you are granting permissions to. If you later want to revoke the permission for this external account, specify this `StatementId` when you run [RemovePermission](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_RemovePermission.html) .\n\n> Each `StatementId` must be unique.", + "title": "StatementId", + "type": "string" } }, "required": [ - "AllowedCountries", - "AllowedOrigins" + "StatementId" ], "type": "object" }, "Type": { "enum": [ - "AWS::IVS::PlaybackRestrictionPolicy" + "AWS::Events::EventBusPolicy" ], "type": "string" }, @@ -115835,12 +119833,40 @@ ], "type": "object" }, - "AWS::IVS::RecordingConfiguration": { + "AWS::Events::EventBusPolicy.Condition": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "Specifies the key for the condition. Currently the only supported key is `aws:PrincipalOrgID` .", + "title": "Key", + "type": "string" + }, + "Type": { + "markdownDescription": "Specifies the type of condition. Currently the only supported value is `StringEquals` .", + "title": "Type", + "type": "string" + }, + "Value": { + "markdownDescription": "Specifies the value for the key. Currently, this must be the ID of the organization.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Events::Rule": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, + "Connectors": { + "additionalProperties": { + "$ref": "#/definitions/EmbeddedConnector" + }, + "title": "Connectors", + "type": "object" + }, "DeletionPolicy": { "enum": [ "Delete", @@ -115870,48 +119896,55 @@ "Properties": { "additionalProperties": false, "properties": { - "DestinationConfiguration": { - "$ref": "#/definitions/AWS::IVS::RecordingConfiguration.DestinationConfiguration", - "markdownDescription": "A destination configuration describes an S3 bucket where recorded video will be stored. See the DestinationConfiguration property type for more information.", - "title": "DestinationConfiguration" + "Description": { + "markdownDescription": "The description of the rule.", + "title": "Description", + "type": "string" + }, + "EventBusName": { + "markdownDescription": "The name or ARN of the event bus associated with the rule. If you omit this, the default event bus is used.", + "title": "EventBusName", + "type": "string" + }, + "EventPattern": { + "markdownDescription": "The event pattern of the rule. For more information, see [Events and Event Patterns](https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-and-event-patterns.html) in the **Amazon EventBridge User Guide** .", + "title": "EventPattern", + "type": "object" }, "Name": { - "markdownDescription": "Recording-configuration name. The value does not need to be unique.", + "markdownDescription": "The name of the rule.", "title": "Name", "type": "string" }, - "RecordingReconnectWindowSeconds": { - "markdownDescription": "If a broadcast disconnects and then reconnects within the specified interval, the multiple streams will be considered a single broadcast and merged together.\n\n*Default* : `0`", - "title": "RecordingReconnectWindowSeconds", - "type": "number" + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role that is used for target invocation.\n\nIf you're setting an event bus in another account as the target and that account granted permission to your account through an organization instead of directly by the account ID, you must specify a `RoleArn` with proper permissions in the `Target` structure, instead of here in this parameter.", + "title": "RoleArn", + "type": "string" }, - "RenditionConfiguration": { - "$ref": "#/definitions/AWS::IVS::RecordingConfiguration.RenditionConfiguration", - "markdownDescription": "A rendition configuration describes which renditions should be recorded for a stream. See the RenditionConfiguration property type for more information.", - "title": "RenditionConfiguration" + "ScheduleExpression": { + "markdownDescription": "The scheduling expression. For example, \"cron(0 20 * * ? *)\", \"rate(5 minutes)\". For more information, see [Creating an Amazon EventBridge rule that runs on a schedule](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-create-rule-schedule.html) .", + "title": "ScheduleExpression", + "type": "string" }, - "Tags": { + "State": { + "markdownDescription": "The state of the rule.\n\nValid values include:\n\n- `DISABLED` : The rule is disabled. EventBridge does not match any events against the rule.\n- `ENABLED` : The rule is enabled. EventBridge matches events against the rule, *except* for AWS management events delivered through CloudTrail.\n- `ENABLED_WITH_ALL_CLOUDTRAIL_MANAGEMENT_EVENTS` : The rule is enabled for all events, including AWS management events delivered through CloudTrail.\n\nManagement events provide visibility into management operations that are performed on resources in your AWS account. These are also known as control plane operations. For more information, see [Logging management events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-events-with-cloudtrail.html#logging-management-events) in the *CloudTrail User Guide* , and [Filtering management events from AWS services](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-service-event.html#eb-service-event-cloudtrail) in the **Amazon EventBridge User Guide** .\n\nThis value is only valid for rules on the [default](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-what-is-how-it-works-concepts.html#eb-bus-concepts-buses) event bus or [custom event buses](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-create-event-bus.html) . It does not apply to [partner event buses](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-saas.html) .", + "title": "State", + "type": "string" + }, + "Targets": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Events::Rule.Target" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-recordingconfiguration-tag.html) .", - "title": "Tags", + "markdownDescription": "Adds the specified targets to the specified rule, or updates the targets if they are already associated with the rule.\n\nTargets are the resources that are invoked when a rule is triggered.\n\nThe maximum number of entries per request is 10.\n\n> Each rule can have up to five (5) targets associated with it at one time. \n\nFor a list of services you can configure as targets for events, see [EventBridge targets](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-targets.html) in the **Amazon EventBridge User Guide** .\n\nCreating rules with built-in targets is supported only in the AWS Management Console . The built-in targets are:\n\n- `Amazon EBS CreateSnapshot API call`\n- `Amazon EC2 RebootInstances API call`\n- `Amazon EC2 StopInstances API call`\n- `Amazon EC2 TerminateInstances API call`\n\nFor some target types, `PutTargets` provides target-specific parameters. If the target is a Kinesis data stream, you can optionally specify which shard the event goes to by using the `KinesisParameters` argument. To invoke a command on multiple EC2 instances with one rule, you can use the `RunCommandParameters` field.\n\nTo be able to make API calls against the resources that you own, Amazon EventBridge needs the appropriate permissions:\n\n- For AWS Lambda and Amazon SNS resources, EventBridge relies on resource-based policies.\n- For EC2 instances, Kinesis Data Streams, AWS Step Functions state machines and API Gateway APIs, EventBridge relies on IAM roles that you specify in the `RoleARN` argument in `PutTargets` .\n\nFor more information, see [Authentication and Access Control](https://docs.aws.amazon.com/eventbridge/latest/userguide/auth-and-access-control-eventbridge.html) in the **Amazon EventBridge User Guide** .\n\nIf another AWS account is in the same region and has granted you permission (using `PutPermission` ), you can send events to that account. Set that account's event bus as a target of the rules in your account. To send the matched events to the other account, specify that account's event bus as the `Arn` value when you run `PutTargets` . If your account sends events to another account, your account is charged for each sent event. Each event sent to another account is charged as a custom event. The account receiving the event is not charged. For more information, see [Amazon EventBridge Pricing](https://docs.aws.amazon.com/eventbridge/pricing/) .\n\n> `Input` , `InputPath` , and `InputTransformer` are not available with `PutTarget` if the target is an event bus of a different AWS account. \n\nIf you are setting the event bus of another account as the target, and that account granted permission to your account through an organization instead of directly by the account ID, then you must specify a `RoleArn` with proper permissions in the `Target` structure. For more information, see [Sending and Receiving Events Between AWS Accounts](https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-cross-account-event-delivery.html) in the *Amazon EventBridge User Guide* .\n\n> If you have an IAM role on a cross-account event bus target, a `PutTargets` call without a role on the same target (same `Id` and `Arn` ) will not remove the role. \n\nFor more information about enabling cross-account events, see [PutPermission](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_PutPermission.html) .\n\n*Input* , *InputPath* , and *InputTransformer* are mutually exclusive and optional parameters of a target. When a rule is triggered due to a matched event:\n\n- If none of the following arguments are specified for a target, then the entire event is passed to the target in JSON format (unless the target is Amazon EC2 Run Command or Amazon ECS task, in which case nothing from the event is passed to the target).\n- If *Input* is specified in the form of valid JSON, then the matched event is overridden with this constant.\n- If *InputPath* is specified in the form of JSONPath (for example, `$.detail` ), then only the part of the event specified in the path is passed to the target (for example, only the detail part of the event is passed).\n- If *InputTransformer* is specified, then one or more specified JSONPaths are extracted from the event and used as values in a template that you specify as the input to the target.\n\nWhen you specify `InputPath` or `InputTransformer` , you must use JSON dot notation, not bracket notation.\n\nWhen you add targets to a rule and the associated rule triggers soon after, new or updated targets might not be immediately invoked. Allow a short period of time for changes to take effect.\n\nThis action can partially fail if too many requests are made at the same time. If that happens, `FailedEntryCount` is non-zero in the response and each entry in `FailedEntries` provides the ID of the failed target and the error code.", + "title": "Targets", "type": "array" - }, - "ThumbnailConfiguration": { - "$ref": "#/definitions/AWS::IVS::RecordingConfiguration.ThumbnailConfiguration", - "markdownDescription": "A thumbnail configuration enables/disables the recording of thumbnails for a live session and controls the interval at which thumbnails are generated for the live session. See the ThumbnailConfiguration property type for more information.", - "title": "ThumbnailConfiguration" } }, - "required": [ - "DestinationConfiguration" - ], "type": "object" }, "Type": { "enum": [ - "AWS::IVS::RecordingConfiguration" + "AWS::Events::Rule" ], "type": "string" }, @@ -115925,325 +119958,597 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::IVS::RecordingConfiguration.DestinationConfiguration": { + "AWS::Events::Rule.AppSyncParameters": { "additionalProperties": false, "properties": { - "S3": { - "$ref": "#/definitions/AWS::IVS::RecordingConfiguration.S3DestinationConfiguration", - "markdownDescription": "An S3 destination configuration where recorded videos will be stored. See the [S3DestinationConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-recordingconfiguration-s3destinationconfiguration.html) property type for more information.", - "title": "S3" + "GraphQLOperation": { + "markdownDescription": "The GraphQL operation; that is, the query, mutation, or subscription to be parsed and executed by the GraphQL service.\n\nFor more information, see [Operations](https://docs.aws.amazon.com/appsync/latest/devguide/graphql-architecture.html#graphql-operations) in the *AWS AppSync User Guide* .", + "title": "GraphQLOperation", + "type": "string" } }, + "required": [ + "GraphQLOperation" + ], "type": "object" }, - "AWS::IVS::RecordingConfiguration.RenditionConfiguration": { + "AWS::Events::Rule.AwsVpcConfiguration": { "additionalProperties": false, "properties": { - "RenditionSelection": { - "markdownDescription": "The set of renditions are recorded for a stream. For `BASIC` channels, the `CUSTOM` value has no effect. If `CUSTOM` is specified, a set of renditions can be specified in the `renditions` field. Default: `ALL` .", - "title": "RenditionSelection", + "AssignPublicIp": { + "markdownDescription": "Specifies whether the task's elastic network interface receives a public IP address. You can specify `ENABLED` only when `LaunchType` in `EcsParameters` is set to `FARGATE` .", + "title": "AssignPublicIp", "type": "string" }, - "Renditions": { + "SecurityGroups": { "items": { "type": "string" }, - "markdownDescription": "A list of which renditions are recorded for a stream, if `renditionSelection` is `CUSTOM` ; otherwise, this field is irrelevant. The selected renditions are recorded if they are available during the stream. If a selected rendition is unavailable, the best available rendition is recorded. For details on the resolution dimensions of each rendition, see [Auto-Record to Amazon S3](https://docs.aws.amazon.com//ivs/latest/LowLatencyUserGuide/record-to-s3.html) .", - "title": "Renditions", + "markdownDescription": "Specifies the security groups associated with the task. These security groups must all be in the same VPC. You can specify as many as five security groups. If you do not specify a security group, the default security group for the VPC is used.", + "title": "SecurityGroups", + "type": "array" + }, + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the subnets associated with the task. These subnets must all be in the same VPC. You can specify as many as 16 subnets.", + "title": "Subnets", "type": "array" } }, + "required": [ + "Subnets" + ], "type": "object" }, - "AWS::IVS::RecordingConfiguration.S3DestinationConfiguration": { + "AWS::Events::Rule.BatchArrayProperties": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "Location (S3 bucket name) where recorded videos will be stored.", - "title": "BucketName", - "type": "string" + "Size": { + "markdownDescription": "The size of the array, if this is an array batch job. Valid values are integers between 2 and 10,000.", + "title": "Size", + "type": "number" } }, - "required": [ - "BucketName" - ], "type": "object" }, - "AWS::IVS::RecordingConfiguration.ThumbnailConfiguration": { + "AWS::Events::Rule.BatchParameters": { "additionalProperties": false, "properties": { - "RecordingMode": { - "markdownDescription": "Thumbnail recording mode. Valid values:\n\n- `DISABLED` : Use DISABLED to disable the generation of thumbnails for recorded video.\n- `INTERVAL` : Use INTERVAL to enable the generation of thumbnails for recorded video at a time interval controlled by the [TargetIntervalSeconds](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-recordingconfiguration-thumbnailconfiguration.html#cfn-ivs-recordingconfiguration-thumbnailconfiguration-targetintervalseconds) property.\n\n*Default* : `INTERVAL`", - "title": "RecordingMode", - "type": "string" + "ArrayProperties": { + "$ref": "#/definitions/AWS::Events::Rule.BatchArrayProperties", + "markdownDescription": "The array properties for the submitted job, such as the size of the array. The array size can be between 2 and 10,000. If you specify array properties for a job, it becomes an array job. This parameter is used only if the target is an AWS Batch job.", + "title": "ArrayProperties" }, - "Resolution": { - "markdownDescription": "The desired resolution of recorded thumbnails for a stream. Thumbnails are recorded at the selected resolution if the corresponding rendition is available during the stream; otherwise, they are recorded at source resolution. For more information about resolution values and their corresponding height and width dimensions, see [Auto-Record to Amazon S3](https://docs.aws.amazon.com//ivs/latest/LowLatencyUserGuide/record-to-s3.html) .", - "title": "Resolution", + "JobDefinition": { + "markdownDescription": "The ARN or name of the job definition to use if the event target is an AWS Batch job. This job definition must already exist.", + "title": "JobDefinition", "type": "string" }, - "Storage": { - "items": { - "type": "string" - }, - "markdownDescription": "The format in which thumbnails are recorded for a stream. `SEQUENTIAL` records all generated thumbnails in a serial manner, to the media/thumbnails directory. `LATEST` saves the latest thumbnail in media/thumbnails/latest/thumb.jpg and overwrites it at the interval specified by `targetIntervalSeconds` . You can enable both `SEQUENTIAL` and `LATEST` . Default: `SEQUENTIAL` .", - "title": "Storage", - "type": "array" + "JobName": { + "markdownDescription": "The name to use for this execution of the job, if the target is an AWS Batch job.", + "title": "JobName", + "type": "string" }, - "TargetIntervalSeconds": { - "markdownDescription": "The targeted thumbnail-generation interval in seconds. This is configurable (and required) only if [RecordingMode](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-recordingconfiguration-thumbnailconfiguration.html#cfn-ivs-recordingconfiguration-thumbnailconfiguration-recordingmode) is `INTERVAL` .\n\n> Setting a value for `TargetIntervalSeconds` does not guarantee that thumbnails are generated at the specified interval. For thumbnails to be generated at the `TargetIntervalSeconds` interval, the `IDR/Keyframe` value for the input video must be less than the `TargetIntervalSeconds` value. See [Amazon IVS Streaming Configuration](https://docs.aws.amazon.com/ivs/latest/LowLatencyUserGuide/streaming-config.html) for information on setting `IDR/Keyframe` to the recommended value in video-encoder settings. \n\n*Default* : 60", - "title": "TargetIntervalSeconds", + "RetryStrategy": { + "$ref": "#/definitions/AWS::Events::Rule.BatchRetryStrategy", + "markdownDescription": "The retry strategy to use for failed jobs, if the target is an AWS Batch job. The retry strategy is the number of times to retry the failed job execution. Valid values are 1\u201310. When you specify a retry strategy here, it overrides the retry strategy defined in the job definition.", + "title": "RetryStrategy" + } + }, + "required": [ + "JobDefinition", + "JobName" + ], + "type": "object" + }, + "AWS::Events::Rule.BatchRetryStrategy": { + "additionalProperties": false, + "properties": { + "Attempts": { + "markdownDescription": "The number of times to attempt to retry, if the job fails. Valid values are 1\u201310.", + "title": "Attempts", "type": "number" } }, "type": "object" }, - "AWS::IVS::Stage": { + "AWS::Events::Rule.CapacityProviderStrategyItem": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Base": { + "markdownDescription": "The base value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined. If no value is specified, the default value of 0 is used.", + "title": "Base", + "type": "number" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "CapacityProvider": { + "markdownDescription": "The short name of the capacity provider.", + "title": "CapacityProvider", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + "Weight": { + "markdownDescription": "The weight value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The weight value is taken into consideration after the base value, if defined, is satisfied.", + "title": "Weight", + "type": "number" + } + }, + "required": [ + "CapacityProvider" + ], + "type": "object" + }, + "AWS::Events::Rule.DeadLetterConfig": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The ARN of the SQS queue specified as the target for the dead-letter queue.", + "title": "Arn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Events::Rule.EcsParameters": { + "additionalProperties": false, + "properties": { + "CapacityProviderStrategy": { + "items": { + "$ref": "#/definitions/AWS::Events::Rule.CapacityProviderStrategyItem" + }, + "markdownDescription": "The capacity provider strategy to use for the task.\n\nIf a `capacityProviderStrategy` is specified, the `launchType` parameter must be omitted. If no `capacityProviderStrategy` or launchType is specified, the `defaultCapacityProviderStrategy` for the cluster is used.", + "title": "CapacityProviderStrategy", + "type": "array" + }, + "EnableECSManagedTags": { + "markdownDescription": "Specifies whether to enable Amazon ECS managed tags for the task. For more information, see [Tagging Your Amazon ECS Resources](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-using-tags.html) in the Amazon Elastic Container Service Developer Guide.", + "title": "EnableECSManagedTags", + "type": "boolean" + }, + "EnableExecuteCommand": { + "markdownDescription": "Whether or not to enable the execute command functionality for the containers in this task. If true, this enables execute command functionality on all containers in the task.", + "title": "EnableExecuteCommand", + "type": "boolean" + }, + "Group": { + "markdownDescription": "Specifies an ECS task group for the task. The maximum length is 255 characters.", + "title": "Group", + "type": "string" + }, + "LaunchType": { + "markdownDescription": "Specifies the launch type on which your task is running. The launch type that you specify here must match one of the launch type (compatibilities) of the target task. The `FARGATE` value is supported only in the Regions where AWS Fargate with Amazon ECS is supported. For more information, see [AWS Fargate on Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/AWS-Fargate.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "LaunchType", + "type": "string" + }, + "NetworkConfiguration": { + "$ref": "#/definitions/AWS::Events::Rule.NetworkConfiguration", + "markdownDescription": "Use this structure if the Amazon ECS task uses the `awsvpc` network mode. This structure specifies the VPC subnets and security groups associated with the task, and whether a public IP address is to be used. This structure is required if `LaunchType` is `FARGATE` because the `awsvpc` mode is required for Fargate tasks.\n\nIf you specify `NetworkConfiguration` when the target ECS task does not use the `awsvpc` network mode, the task fails.", + "title": "NetworkConfiguration" + }, + "PlacementConstraints": { + "items": { + "$ref": "#/definitions/AWS::Events::Rule.PlacementConstraint" + }, + "markdownDescription": "An array of placement constraint objects to use for the task. You can specify up to 10 constraints per task (including constraints in the task definition and those specified at runtime).", + "title": "PlacementConstraints", + "type": "array" + }, + "PlacementStrategies": { + "items": { + "$ref": "#/definitions/AWS::Events::Rule.PlacementStrategy" + }, + "markdownDescription": "The placement strategy objects to use for the task. You can specify a maximum of five strategy rules per task.", + "title": "PlacementStrategies", + "type": "array" + }, + "PlatformVersion": { + "markdownDescription": "Specifies the platform version for the task. Specify only the numeric portion of the platform version, such as `1.1.0` .\n\nThis structure is used only if `LaunchType` is `FARGATE` . For more information about valid platform versions, see [AWS Fargate Platform Versions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "PlatformVersion", + "type": "string" + }, + "PropagateTags": { + "markdownDescription": "Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags are not propagated. Tags can only be propagated to the task during task creation. To add tags to a task after task creation, use the TagResource API action.", + "title": "PropagateTags", + "type": "string" + }, + "ReferenceId": { + "markdownDescription": "The reference ID to use for the task.", + "title": "ReferenceId", + "type": "string" + }, + "TagList": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The metadata that you apply to the task to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define. To learn more, see [RunTask](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RunTask.html#ECS-RunTask-request-tags) in the Amazon ECS API Reference.", + "title": "TagList", + "type": "array" + }, + "TaskCount": { + "markdownDescription": "The number of tasks to create based on `TaskDefinition` . The default is 1.", + "title": "TaskCount", + "type": "number" + }, + "TaskDefinitionArn": { + "markdownDescription": "The ARN of the task definition to use if the event target is an Amazon ECS task.", + "title": "TaskDefinitionArn", + "type": "string" + } + }, + "required": [ + "TaskDefinitionArn" + ], + "type": "object" + }, + "AWS::Events::Rule.HttpParameters": { + "additionalProperties": false, + "properties": { + "HeaderParameters": { + "additionalProperties": true, + "markdownDescription": "The headers that need to be sent as part of request invoking the API Gateway API or EventBridge ApiDestination.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" } - ] - }, - "Metadata": { + }, + "title": "HeaderParameters", "type": "object" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "Stage name.", - "title": "Name", + "PathParameterValues": { + "items": { + "type": "string" + }, + "markdownDescription": "The path parameter values to be used to populate API Gateway API or EventBridge ApiDestination path wildcards (\"*\").", + "title": "PathParameterValues", + "type": "array" + }, + "QueryStringParameters": { + "additionalProperties": true, + "markdownDescription": "The query string keys/values that need to be sent as part of request invoking the API Gateway API or EventBridge ApiDestination.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "QueryStringParameters", + "type": "object" + } + }, + "type": "object" + }, + "AWS::Events::Rule.InputTransformer": { + "additionalProperties": false, + "properties": { + "InputPathsMap": { + "additionalProperties": true, + "markdownDescription": "Map of JSON paths to be extracted from the event. You can then insert these in the template in `InputTemplate` to produce the output you want to be sent to the target.\n\n`InputPathsMap` is an array key-value pairs, where each value is a valid JSON path. You can have as many as 100 key-value pairs. You must use JSON dot notation, not bracket notation.\n\nThe keys cannot start with \" AWS .\"", + "patternProperties": { + "^[a-zA-Z0-9]+$": { "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-stage-tag.html) .", - "title": "Tags", - "type": "array" } }, + "title": "InputPathsMap", "type": "object" }, - "Type": { - "enum": [ - "AWS::IVS::Stage" - ], + "InputTemplate": { + "markdownDescription": "Input template where you specify placeholders that will be filled with the values of the keys from `InputPathsMap` to customize the data sent to the target. Enclose each `InputPathsMaps` value in brackets: < *value* >\n\nIf `InputTemplate` is a JSON object (surrounded by curly braces), the following restrictions apply:\n\n- The placeholder cannot be used as an object key.\n\nThe following example shows the syntax for using `InputPathsMap` and `InputTemplate` .\n\n`\"InputTransformer\":`\n\n`{`\n\n`\"InputPathsMap\": {\"instance\": \"$.detail.instance\",\"status\": \"$.detail.status\"},`\n\n`\"InputTemplate\": \" is in state \"`\n\n`}`\n\nTo have the `InputTemplate` include quote marks within a JSON string, escape each quote marks with a slash, as in the following example:\n\n`\"InputTransformer\":`\n\n`{`\n\n`\"InputPathsMap\": {\"instance\": \"$.detail.instance\",\"status\": \"$.detail.status\"},`\n\n`\"InputTemplate\": \" is in state \\\"\\\"\"`\n\n`}`\n\nThe `InputTemplate` can also be valid JSON with varibles in quotes or out, as in the following example:\n\n`\"InputTransformer\":`\n\n`{`\n\n`\"InputPathsMap\": {\"instance\": \"$.detail.instance\",\"status\": \"$.detail.status\"},`\n\n`\"InputTemplate\": '{\"myInstance\": ,\"myStatus\": \" is in state \\\"\\\"\"}'`\n\n`}`", + "title": "InputTemplate", "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + } + }, + "required": [ + "InputTemplate" + ], + "type": "object" + }, + "AWS::Events::Rule.KinesisParameters": { + "additionalProperties": false, + "properties": { + "PartitionKeyPath": { + "markdownDescription": "The JSON path to be extracted from the event and used as the partition key. For more information, see [Amazon Kinesis Streams Key Concepts](https://docs.aws.amazon.com/streams/latest/dev/key-concepts.html#partition-key) in the *Amazon Kinesis Streams Developer Guide* .", + "title": "PartitionKeyPath", "type": "string" } }, "required": [ - "Type" + "PartitionKeyPath" ], "type": "object" }, - "AWS::IVS::StorageConfiguration": { + "AWS::Events::Rule.NetworkConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "AwsVpcConfiguration": { + "$ref": "#/definitions/AWS::Events::Rule.AwsVpcConfiguration", + "markdownDescription": "Use this structure to specify the VPC subnets and security groups for the task, and whether a public IP address is to be used. This structure is relevant only for ECS tasks that use the `awsvpc` network mode.", + "title": "AwsVpcConfiguration" + } + }, + "type": "object" + }, + "AWS::Events::Rule.PlacementConstraint": { + "additionalProperties": false, + "properties": { + "Expression": { + "markdownDescription": "A cluster query language expression to apply to the constraint. You cannot specify an expression if the constraint type is `distinctInstance` . To learn more, see [Cluster Query Language](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html) in the Amazon Elastic Container Service Developer Guide.", + "title": "Expression", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Type": { + "markdownDescription": "The type of constraint. Use distinctInstance to ensure that each task in a particular group is running on a different container instance. Use memberOf to restrict the selection to a group of valid candidates.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Events::Rule.PlacementStrategy": { + "additionalProperties": false, + "properties": { + "Field": { + "markdownDescription": "The field to apply the placement strategy against. For the spread placement strategy, valid values are instanceId (or host, which has the same effect), or any platform or custom attribute that is applied to a container instance, such as attribute:ecs.availability-zone. For the binpack placement strategy, valid values are cpu and memory. For the random placement strategy, this field is not used.", + "title": "Field", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Type": { + "markdownDescription": "The type of placement strategy. The random placement strategy randomly places tasks on available candidates. The spread placement strategy spreads placement across available candidates evenly based on the field parameter. The binpack strategy places tasks on available candidates that have the least available amount of the resource that is specified with the field parameter. For example, if you binpack on memory, a task is placed on the instance with the least amount of remaining memory (but still enough to run the task).", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Events::Rule.RedshiftDataParameters": { + "additionalProperties": false, + "properties": { + "Database": { + "markdownDescription": "The name of the database. Required when authenticating using temporary credentials.", + "title": "Database", + "type": "string" }, - "Metadata": { - "type": "object" + "DbUser": { + "markdownDescription": "The database user name. Required when authenticating using temporary credentials.", + "title": "DbUser", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "Storage cnfiguration name.", - "title": "Name", - "type": "string" - }, - "S3": { - "$ref": "#/definitions/AWS::IVS::StorageConfiguration.S3StorageConfiguration", - "markdownDescription": "An S3 storage configuration contains information about where recorded video will be stored. See the [S3StorageConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-storageconfiguration-s3storageconfiguration.html) property type for more information.", - "title": "S3" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-storageconfiguration-tag.html) .", - "title": "Tags", - "type": "array" - } + "SecretManagerArn": { + "markdownDescription": "The name or ARN of the secret that enables access to the database. Required when authenticating using AWS Secrets Manager.", + "title": "SecretManagerArn", + "type": "string" + }, + "Sql": { + "markdownDescription": "The SQL statement text to run.", + "title": "Sql", + "type": "string" + }, + "Sqls": { + "items": { + "type": "string" }, - "required": [ - "S3" - ], - "type": "object" + "markdownDescription": "One or more SQL statements to run. The SQL statements are run as a single transaction. They run serially in the order of the array. Subsequent SQL statements don't start until the previous statement in the array completes. If any SQL statement fails, then because they are run as one transaction, all work is rolled back.", + "title": "Sqls", + "type": "array" }, - "Type": { - "enum": [ - "AWS::IVS::StorageConfiguration" - ], + "StatementName": { + "markdownDescription": "The name of the SQL statement. You can name the SQL statement when you create it to identify the query.", + "title": "StatementName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "WithEvent": { + "markdownDescription": "Indicates whether to send an event back to EventBridge after the SQL statement runs.", + "title": "WithEvent", + "type": "boolean" + } + }, + "required": [ + "Database" + ], + "type": "object" + }, + "AWS::Events::Rule.RetryPolicy": { + "additionalProperties": false, + "properties": { + "MaximumEventAgeInSeconds": { + "markdownDescription": "The maximum amount of time, in seconds, to continue to make retry attempts.", + "title": "MaximumEventAgeInSeconds", + "type": "number" + }, + "MaximumRetryAttempts": { + "markdownDescription": "The maximum number of retry attempts to make before the request fails. Retry attempts continue until either the maximum number of attempts is made or until the duration of the `MaximumEventAgeInSeconds` is met.", + "title": "MaximumRetryAttempts", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Events::Rule.RunCommandParameters": { + "additionalProperties": false, + "properties": { + "RunCommandTargets": { + "items": { + "$ref": "#/definitions/AWS::Events::Rule.RunCommandTarget" + }, + "markdownDescription": "Currently, we support including only one RunCommandTarget block, which specifies either an array of InstanceIds or a tag.", + "title": "RunCommandTargets", + "type": "array" + } + }, + "required": [ + "RunCommandTargets" + ], + "type": "object" + }, + "AWS::Events::Rule.RunCommandTarget": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "Can be either `tag:` *tag-key* or `InstanceIds` .", + "title": "Key", "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "If `Key` is `tag:` *tag-key* , `Values` is a list of tag values. If `Key` is `InstanceIds` , `Values` is a list of Amazon EC2 instance IDs.", + "title": "Values", + "type": "array" } }, "required": [ - "Type", - "Properties" + "Key", + "Values" ], "type": "object" }, - "AWS::IVS::StorageConfiguration.S3StorageConfiguration": { + "AWS::Events::Rule.SageMakerPipelineParameter": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "Name of the S3 bucket where recorded video will be stored.", - "title": "BucketName", + "Name": { + "markdownDescription": "Name of parameter to start execution of a SageMaker AI Model Building Pipeline.", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "Value of parameter to start execution of a SageMaker AI Model Building Pipeline.", + "title": "Value", "type": "string" } }, "required": [ - "BucketName" + "Name", + "Value" ], "type": "object" }, - "AWS::IVS::StreamKey": { + "AWS::Events::Rule.SageMakerPipelineParameters": { "additionalProperties": false, "properties": { - "Condition": { + "PipelineParameterList": { + "items": { + "$ref": "#/definitions/AWS::Events::Rule.SageMakerPipelineParameter" + }, + "markdownDescription": "List of Parameter names and values for SageMaker AI Model Building Pipeline execution.", + "title": "PipelineParameterList", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Events::Rule.SqsParameters": { + "additionalProperties": false, + "properties": { + "MessageGroupId": { + "markdownDescription": "The FIFO message group ID to use as the target.", + "title": "MessageGroupId", "type": "string" + } + }, + "required": [ + "MessageGroupId" + ], + "type": "object" + }, + "AWS::Events::Rule.Target": { + "additionalProperties": false, + "properties": { + "AppSyncParameters": { + "$ref": "#/definitions/AWS::Events::Rule.AppSyncParameters", + "markdownDescription": "Contains the GraphQL operation to be parsed and executed, if the event target is an AWS AppSync API.", + "title": "AppSyncParameters" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the target.", + "title": "Arn", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "BatchParameters": { + "$ref": "#/definitions/AWS::Events::Rule.BatchParameters", + "markdownDescription": "If the event target is an AWS Batch job, this contains the job definition, job name, and other parameters. For more information, see [Jobs](https://docs.aws.amazon.com/batch/latest/userguide/jobs.html) in the *AWS Batch User Guide* .", + "title": "BatchParameters" }, - "Metadata": { - "type": "object" + "DeadLetterConfig": { + "$ref": "#/definitions/AWS::Events::Rule.DeadLetterConfig", + "markdownDescription": "The `DeadLetterConfig` that defines the target queue to send dead-letter queue events to.", + "title": "DeadLetterConfig" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ChannelArn": { - "markdownDescription": "Channel ARN for the stream.", - "title": "ChannelArn", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-streamkey-tag.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "ChannelArn" - ], - "type": "object" + "EcsParameters": { + "$ref": "#/definitions/AWS::Events::Rule.EcsParameters", + "markdownDescription": "Contains the Amazon ECS task definition and task count to be used, if the event target is an Amazon ECS task. For more information about Amazon ECS tasks, see [Task Definitions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_defintions.html) in the *Amazon EC2 Container Service Developer Guide* .", + "title": "EcsParameters" }, - "Type": { - "enum": [ - "AWS::IVS::StreamKey" - ], + "HttpParameters": { + "$ref": "#/definitions/AWS::Events::Rule.HttpParameters", + "markdownDescription": "Contains the HTTP parameters to use when the target is a API Gateway endpoint or EventBridge ApiDestination.\n\nIf you specify an API Gateway API or EventBridge ApiDestination as a target, you can use this parameter to specify headers, path parameters, and query string keys/values as part of your target invoking request. If you're using ApiDestinations, the corresponding Connection can also have these values configured. In case of any conflicting keys, values from the Connection take precedence.", + "title": "HttpParameters" + }, + "Id": { + "markdownDescription": "The ID of the target within the specified rule. Use this ID to reference the target when updating the rule. We recommend using a memorable and unique string.", + "title": "Id", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Input": { + "markdownDescription": "Valid JSON text passed to the target. In this case, nothing from the event itself is passed to the target. For more information, see [The JavaScript Object Notation (JSON) Data Interchange Format](https://docs.aws.amazon.com/http://www.rfc-editor.org/rfc/rfc7159.txt) .", + "title": "Input", + "type": "string" + }, + "InputPath": { + "markdownDescription": "The value of the JSONPath that is used for extracting part of the matched event when passing it to the target. You may use JSON dot notation or bracket notation. For more information about JSON paths, see [JSONPath](https://docs.aws.amazon.com/http://goessner.net/articles/JsonPath/) .", + "title": "InputPath", + "type": "string" + }, + "InputTransformer": { + "$ref": "#/definitions/AWS::Events::Rule.InputTransformer", + "markdownDescription": "Settings to enable you to provide custom input to a target based on certain event data. You can extract one or more key-value pairs from the event and then use that data to send customized input to the target.", + "title": "InputTransformer" + }, + "KinesisParameters": { + "$ref": "#/definitions/AWS::Events::Rule.KinesisParameters", + "markdownDescription": "The custom parameter you can use to control the shard assignment, when the target is a Kinesis data stream. If you do not include this parameter, the default is to use the `eventId` as the partition key.", + "title": "KinesisParameters" + }, + "RedshiftDataParameters": { + "$ref": "#/definitions/AWS::Events::Rule.RedshiftDataParameters", + "markdownDescription": "Contains the Amazon Redshift Data API parameters to use when the target is a Amazon Redshift cluster.\n\nIf you specify a Amazon Redshift Cluster as a Target, you can use this to specify parameters to invoke the Amazon Redshift Data API ExecuteStatement based on EventBridge events.", + "title": "RedshiftDataParameters" + }, + "RetryPolicy": { + "$ref": "#/definitions/AWS::Events::Rule.RetryPolicy", + "markdownDescription": "The retry policy configuration to use for the dead-letter queue.", + "title": "RetryPolicy" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to be used for this target when the rule is triggered. If one rule triggers multiple targets, you can use a different IAM role for each target.", + "title": "RoleArn", "type": "string" + }, + "RunCommandParameters": { + "$ref": "#/definitions/AWS::Events::Rule.RunCommandParameters", + "markdownDescription": "Parameters used when you are using the rule to invoke Amazon EC2 Run Command.", + "title": "RunCommandParameters" + }, + "SageMakerPipelineParameters": { + "$ref": "#/definitions/AWS::Events::Rule.SageMakerPipelineParameters", + "markdownDescription": "Contains the SageMaker AI Model Building Pipeline parameters to start execution of a SageMaker AI Model Building Pipeline.\n\nIf you specify a SageMaker AI Model Building Pipeline as a target, you can use this to specify parameters to start a pipeline execution based on EventBridge events.", + "title": "SageMakerPipelineParameters" + }, + "SqsParameters": { + "$ref": "#/definitions/AWS::Events::Rule.SqsParameters", + "markdownDescription": "Contains the message group ID to use when the target is a FIFO queue.\n\nIf you specify an SQS FIFO queue as a target, the queue must have content-based deduplication enabled.", + "title": "SqsParameters" } }, "required": [ - "Type", - "Properties" + "Arn", + "Id" ], "type": "object" }, - "AWS::IVSChat::LoggingConfiguration": { + "AWS::Evidently::Experiment": { "additionalProperties": false, "properties": { "Condition": { @@ -116278,33 +120583,88 @@ "Properties": { "additionalProperties": false, "properties": { - "DestinationConfiguration": { - "$ref": "#/definitions/AWS::IVSChat::LoggingConfiguration.DestinationConfiguration", - "markdownDescription": "The DestinationConfiguration is a complex type that contains information about where chat content will be logged.", - "title": "DestinationConfiguration" + "Description": { + "markdownDescription": "An optional description of the experiment.", + "title": "Description", + "type": "string" + }, + "MetricGoals": { + "items": { + "$ref": "#/definitions/AWS::Evidently::Experiment.MetricGoalObject" + }, + "markdownDescription": "An array of structures that defines the metrics used for the experiment, and whether a higher or lower value for each metric is the goal. You can use up to three metrics in an experiment.", + "title": "MetricGoals", + "type": "array" }, "Name": { - "markdownDescription": "Logging-configuration name. The value does not need to be unique.", + "markdownDescription": "A name for the new experiment.", "title": "Name", "type": "string" }, + "OnlineAbConfig": { + "$ref": "#/definitions/AWS::Evidently::Experiment.OnlineAbConfigObject", + "markdownDescription": "A structure that contains the configuration of which variation to use as the \"control\" version. The \"control\" version is used for comparison with other variations. This structure also specifies how much experiment traffic is allocated to each variation.", + "title": "OnlineAbConfig" + }, + "Project": { + "markdownDescription": "The name or the ARN of the project where this experiment is to be created.", + "title": "Project", + "type": "string" + }, + "RandomizationSalt": { + "markdownDescription": "When Evidently assigns a particular user session to an experiment, it must use a randomization ID to determine which variation the user session is served. This randomization ID is a combination of the entity ID and `randomizationSalt` . If you omit `randomizationSalt` , Evidently uses the experiment name as the `randomizationSalt` .", + "title": "RandomizationSalt", + "type": "string" + }, + "RemoveSegment": { + "markdownDescription": "Set this to `true` to remove the segment that is associated with this experiment. You can't use this parameter if the experiment is currently running.", + "title": "RemoveSegment", + "type": "boolean" + }, + "RunningStatus": { + "$ref": "#/definitions/AWS::Evidently::Experiment.RunningStatusObject", + "markdownDescription": "A structure that you can use to start and stop the experiment.", + "title": "RunningStatus" + }, + "SamplingRate": { + "markdownDescription": "The portion of the available audience that you want to allocate to this experiment, in thousandths of a percent. The available audience is the total audience minus the audience that you have allocated to overrides or current launches of this feature.\n\nThis is represented in thousandths of a percent. For example, specify 10,000 to allocate 10% of the available audience.", + "title": "SamplingRate", + "type": "number" + }, + "Segment": { + "markdownDescription": "Specifies an audience *segment* to use in the experiment. When a segment is used in an experiment, only user sessions that match the segment pattern are used in the experiment.\n\nFor more information, see [Segment rule pattern syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Evidently-segments.html#CloudWatch-Evidently-segments-syntax) .", + "title": "Segment", + "type": "string" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivschat-loggingconfiguration-tag.html) .", + "markdownDescription": "Assigns one or more tags (key-value pairs) to the experiment.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with an experiment.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .", "title": "Tags", "type": "array" + }, + "Treatments": { + "items": { + "$ref": "#/definitions/AWS::Evidently::Experiment.TreatmentObject" + }, + "markdownDescription": "An array of structures that describe the configuration of each feature variation used in the experiment.", + "title": "Treatments", + "type": "array" } }, "required": [ - "DestinationConfiguration" + "MetricGoals", + "Name", + "OnlineAbConfig", + "Project", + "Treatments" ], "type": "object" }, "Type": { "enum": [ - "AWS::IVSChat::LoggingConfiguration" + "AWS::Evidently::Experiment" ], "type": "string" }, @@ -116323,70 +120683,148 @@ ], "type": "object" }, - "AWS::IVSChat::LoggingConfiguration.CloudWatchLogsDestinationConfiguration": { + "AWS::Evidently::Experiment.MetricGoalObject": { "additionalProperties": false, "properties": { - "LogGroupName": { - "markdownDescription": "Name of the Amazon Cloudwatch Logs destination where chat activity will be logged.", - "title": "LogGroupName", + "DesiredChange": { + "markdownDescription": "`INCREASE` means that a variation with a higher number for this metric is performing better.\n\n`DECREASE` means that a variation with a lower number for this metric is performing better.", + "title": "DesiredChange", + "type": "string" + }, + "EntityIdKey": { + "markdownDescription": "The entity, such as a user or session, that does an action that causes a metric value to be recorded. An example is `userDetails.userID` .", + "title": "EntityIdKey", + "type": "string" + }, + "EventPattern": { + "markdownDescription": "The EventBridge event pattern that defines how the metric is recorded.\n\nFor more information about EventBridge event patterns, see [Amazon EventBridge event patterns](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-event-patterns.html) .", + "title": "EventPattern", + "type": "string" + }, + "MetricName": { + "markdownDescription": "A name for the metric. It can include up to 255 characters.", + "title": "MetricName", + "type": "string" + }, + "UnitLabel": { + "markdownDescription": "A label for the units that the metric is measuring.", + "title": "UnitLabel", + "type": "string" + }, + "ValueKey": { + "markdownDescription": "The JSON path to reference the numerical metric value in the event.", + "title": "ValueKey", "type": "string" } }, "required": [ - "LogGroupName" + "DesiredChange", + "EntityIdKey", + "MetricName", + "ValueKey" ], "type": "object" }, - "AWS::IVSChat::LoggingConfiguration.DestinationConfiguration": { + "AWS::Evidently::Experiment.OnlineAbConfigObject": { "additionalProperties": false, "properties": { - "CloudWatchLogs": { - "$ref": "#/definitions/AWS::IVSChat::LoggingConfiguration.CloudWatchLogsDestinationConfiguration", - "markdownDescription": "An Amazon CloudWatch Logs destination configuration where chat activity will be logged.", - "title": "CloudWatchLogs" + "ControlTreatmentName": { + "markdownDescription": "The name of the variation that is to be the default variation that the other variations are compared to.", + "title": "ControlTreatmentName", + "type": "string" }, - "Firehose": { - "$ref": "#/definitions/AWS::IVSChat::LoggingConfiguration.FirehoseDestinationConfiguration", - "markdownDescription": "An Amazon Kinesis Data Firehose destination configuration where chat activity will be logged.", - "title": "Firehose" + "TreatmentWeights": { + "items": { + "$ref": "#/definitions/AWS::Evidently::Experiment.TreatmentToWeight" + }, + "markdownDescription": "A set of key-value pairs. The keys are treatment names, and the values are the portion of experiment traffic to be assigned to that treatment. Specify the traffic portion in thousandths of a percent, so 20,000 for a variation would allocate 20% of the experiment traffic to that variation.", + "title": "TreatmentWeights", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Evidently::Experiment.RunningStatusObject": { + "additionalProperties": false, + "properties": { + "AnalysisCompleteTime": { + "markdownDescription": "If you are using AWS CloudFormation to start the experiment, use this field to specify when the experiment is to end. The format is as a UNIX timestamp. For more information about this format, see [The Current Epoch Unix Timestamp](https://docs.aws.amazon.com/https://www.unixtimestamp.com/index.php) .", + "title": "AnalysisCompleteTime", + "type": "string" }, - "S3": { - "$ref": "#/definitions/AWS::IVSChat::LoggingConfiguration.S3DestinationConfiguration", - "markdownDescription": "An Amazon S3 destination configuration where chat activity will be logged.", - "title": "S3" + "DesiredState": { + "markdownDescription": "If you are using AWS CloudFormation to stop this experiment, specify either `COMPLETED` or `CANCELLED` here to indicate how to classify this experiment.", + "title": "DesiredState", + "type": "string" + }, + "Reason": { + "markdownDescription": "If you are using AWS CloudFormation to stop this experiment, this is an optional field that you can use to record why the experiment is being stopped or cancelled.", + "title": "Reason", + "type": "string" + }, + "Status": { + "markdownDescription": "To start the experiment now, specify `START` for this parameter. If this experiment is currently running and you want to stop it now, specify `STOP` .", + "title": "Status", + "type": "string" } }, + "required": [ + "Status" + ], "type": "object" }, - "AWS::IVSChat::LoggingConfiguration.FirehoseDestinationConfiguration": { + "AWS::Evidently::Experiment.TreatmentObject": { "additionalProperties": false, "properties": { - "DeliveryStreamName": { - "markdownDescription": "Name of the Amazon Kinesis Firehose delivery stream where chat activity will be logged.", - "title": "DeliveryStreamName", + "Description": { + "markdownDescription": "The description of the treatment.", + "title": "Description", + "type": "string" + }, + "Feature": { + "markdownDescription": "The name of the feature for this experiment.", + "title": "Feature", + "type": "string" + }, + "TreatmentName": { + "markdownDescription": "A name for this treatment. It can include up to 127 characters.", + "title": "TreatmentName", + "type": "string" + }, + "Variation": { + "markdownDescription": "The name of the variation to use for this treatment.", + "title": "Variation", "type": "string" } }, "required": [ - "DeliveryStreamName" + "Feature", + "TreatmentName", + "Variation" ], "type": "object" }, - "AWS::IVSChat::LoggingConfiguration.S3DestinationConfiguration": { + "AWS::Evidently::Experiment.TreatmentToWeight": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "Name of the Amazon S3 bucket where chat activity will be logged.", - "title": "BucketName", + "SplitWeight": { + "markdownDescription": "The portion of experiment traffic to allocate to this treatment. Specify the traffic portion in thousandths of a percent, so 20,000 allocated to a treatment would allocate 20% of the experiment traffic to that treatment.", + "title": "SplitWeight", + "type": "number" + }, + "Treatment": { + "markdownDescription": "The name of the treatment.", + "title": "Treatment", "type": "string" } }, "required": [ - "BucketName" + "SplitWeight", + "Treatment" ], "type": "object" }, - "AWS::IVSChat::Room": { + "AWS::Evidently::Feature": { "additionalProperties": false, "properties": { "Condition": { @@ -116421,48 +120859,66 @@ "Properties": { "additionalProperties": false, "properties": { - "LoggingConfigurationIdentifiers": { + "DefaultVariation": { + "markdownDescription": "The name of the variation to use as the default variation. The default variation is served to users who are not allocated to any ongoing launches or experiments of this feature.\n\nThis variation must also be listed in the `Variations` structure.\n\nIf you omit `DefaultVariation` , the first variation listed in the `Variations` structure is used as the default variation.", + "title": "DefaultVariation", + "type": "string" + }, + "Description": { + "markdownDescription": "An optional description of the feature.", + "title": "Description", + "type": "string" + }, + "EntityOverrides": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Evidently::Feature.EntityOverride" }, - "markdownDescription": "List of logging-configuration identifiers attached to the room.", - "title": "LoggingConfigurationIdentifiers", + "markdownDescription": "Specify users that should always be served a specific variation of a feature. Each user is specified by a key-value pair . For each key, specify a user by entering their user ID, account ID, or some other identifier. For the value, specify the name of the variation that they are to be served.", + "title": "EntityOverrides", "type": "array" }, - "MaximumMessageLength": { - "markdownDescription": "Maximum number of characters in a single message. Messages are expected to be UTF-8 encoded and this limit applies specifically to rune/code-point count, not number of bytes.", - "title": "MaximumMessageLength", - "type": "number" - }, - "MaximumMessageRatePerSecond": { - "markdownDescription": "Maximum number of messages per second that can be sent to the room (by all clients).", - "title": "MaximumMessageRatePerSecond", - "type": "number" - }, - "MessageReviewHandler": { - "$ref": "#/definitions/AWS::IVSChat::Room.MessageReviewHandler", - "markdownDescription": "Configuration information for optional review of messages.", - "title": "MessageReviewHandler" + "EvaluationStrategy": { + "markdownDescription": "Specify `ALL_RULES` to activate the traffic allocation specified by any ongoing launches or experiments. Specify `DEFAULT_VARIATION` to serve the default variation to all users instead.", + "title": "EvaluationStrategy", + "type": "string" }, "Name": { - "markdownDescription": "Room name. The value does not need to be unique.", + "markdownDescription": "The name for the feature. It can include up to 127 characters.", "title": "Name", "type": "string" }, + "Project": { + "markdownDescription": "The name or ARN of the project that is to contain the new feature.", + "title": "Project", + "type": "string" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivschat-room-tag.html) .", + "markdownDescription": "Assigns one or more tags (key-value pairs) to the feature.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with a feature.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .", "title": "Tags", "type": "array" + }, + "Variations": { + "items": { + "$ref": "#/definitions/AWS::Evidently::Feature.VariationObject" + }, + "markdownDescription": "An array of structures that contain the configuration of the feature's different variations.\n\nEach `VariationObject` in the `Variations` array for a feature must have the same type of value ( `BooleanValue` , `DoubleValue` , `LongValue` or `StringValue` ).", + "title": "Variations", + "type": "array" } }, + "required": [ + "Name", + "Project", + "Variations" + ], "type": "object" }, "Type": { "enum": [ - "AWS::IVSChat::Room" + "AWS::Evidently::Feature" ], "type": "string" }, @@ -116476,105 +120932,62 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::IVSChat::Room.MessageReviewHandler": { + "AWS::Evidently::Feature.EntityOverride": { "additionalProperties": false, "properties": { - "FallbackResult": { - "markdownDescription": "Specifies the fallback behavior (whether the message is allowed or denied) if the handler does not return a valid response, encounters an error, or times out. (For the timeout period, see [Service Quotas](https://docs.aws.amazon.com/ivs/latest/userguide/service-quotas.html) .) If allowed, the message is delivered with returned content to all users connected to the room. If denied, the message is not delivered to any user.\n\n*Default* : `ALLOW`", - "title": "FallbackResult", + "EntityId": { + "markdownDescription": "The entity ID to be served the variation specified in `Variation` .", + "title": "EntityId", "type": "string" }, - "Uri": { - "markdownDescription": "Identifier of the message review handler. Currently this must be an ARN of a lambda function.", - "title": "Uri", + "Variation": { + "markdownDescription": "The name of the variation to serve to the user session that matches the `EntityId` .", + "title": "Variation", "type": "string" } }, "type": "object" }, - "AWS::IdentityStore::Group": { + "AWS::Evidently::Feature.VariationObject": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "BooleanValue": { + "markdownDescription": "The value assigned to this variation, if the variation type is boolean.", + "title": "BooleanValue", + "type": "boolean" }, - "Metadata": { - "type": "object" + "DoubleValue": { + "markdownDescription": "The value assigned to this variation, if the variation type is a double.", + "title": "DoubleValue", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A string containing the description of the group.", - "title": "Description", - "type": "string" - }, - "DisplayName": { - "markdownDescription": "The display name value for the group. The length limit is 1,024 characters. This value can consist of letters, accented characters, symbols, numbers, punctuation, tab, new line, carriage return, space, and nonbreaking space in this attribute. This value is specified at the time the group is created and stored as an attribute of the group object in the identity store.\n\nPrefix search supports a maximum of 1,000 characters for the string.", - "title": "DisplayName", - "type": "string" - }, - "IdentityStoreId": { - "markdownDescription": "The globally unique identifier for the identity store.", - "title": "IdentityStoreId", - "type": "string" - } - }, - "required": [ - "DisplayName", - "IdentityStoreId" - ], - "type": "object" + "LongValue": { + "markdownDescription": "The value assigned to this variation, if the variation type is a long.", + "title": "LongValue", + "type": "number" }, - "Type": { - "enum": [ - "AWS::IdentityStore::Group" - ], + "StringValue": { + "markdownDescription": "The value assigned to this variation, if the variation type is a string.", + "title": "StringValue", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VariationName": { + "markdownDescription": "A name for the variation. It can include up to 127 characters.", + "title": "VariationName", "type": "string" } }, "required": [ - "Type", - "Properties" + "VariationName" ], "type": "object" }, - "AWS::IdentityStore::GroupMembership": { + "AWS::Evidently::Launch": { "additionalProperties": false, "properties": { "Condition": { @@ -116609,32 +121022,75 @@ "Properties": { "additionalProperties": false, "properties": { - "GroupId": { - "markdownDescription": "The identifier for a group in the identity store.", - "title": "GroupId", + "Description": { + "markdownDescription": "An optional description for the launch.", + "title": "Description", "type": "string" }, - "IdentityStoreId": { - "markdownDescription": "The globally unique identifier for the identity store.", - "title": "IdentityStoreId", + "ExecutionStatus": { + "$ref": "#/definitions/AWS::Evidently::Launch.ExecutionStatusObject", + "markdownDescription": "A structure that you can use to start and stop the launch.", + "title": "ExecutionStatus" + }, + "Groups": { + "items": { + "$ref": "#/definitions/AWS::Evidently::Launch.LaunchGroupObject" + }, + "markdownDescription": "An array of structures that contains the feature and variations that are to be used for the launch. You can up to five launch groups in a launch.", + "title": "Groups", + "type": "array" + }, + "MetricMonitors": { + "items": { + "$ref": "#/definitions/AWS::Evidently::Launch.MetricDefinitionObject" + }, + "markdownDescription": "An array of structures that define the metrics that will be used to monitor the launch performance. You can have up to three metric monitors in the array.", + "title": "MetricMonitors", + "type": "array" + }, + "Name": { + "markdownDescription": "The name for the launch. It can include up to 127 characters.", + "title": "Name", "type": "string" }, - "MemberId": { - "$ref": "#/definitions/AWS::IdentityStore::GroupMembership.MemberId", - "markdownDescription": "An object containing the identifier of a group member. Setting the `MemberId` 's `UserId` field to a specific User's ID indicates that user is a member of the group.", - "title": "MemberId" + "Project": { + "markdownDescription": "The name or ARN of the project that you want to create the launch in.", + "title": "Project", + "type": "string" + }, + "RandomizationSalt": { + "markdownDescription": "When Evidently assigns a particular user session to a launch, it must use a randomization ID to determine which variation the user session is served. This randomization ID is a combination of the entity ID and `randomizationSalt` . If you omit `randomizationSalt` , Evidently uses the launch name as the `randomizationsSalt` .", + "title": "RandomizationSalt", + "type": "string" + }, + "ScheduledSplitsConfig": { + "items": { + "$ref": "#/definitions/AWS::Evidently::Launch.StepConfig" + }, + "markdownDescription": "An array of structures that define the traffic allocation percentages among the feature variations during each step of the launch.", + "title": "ScheduledSplitsConfig", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Assigns one or more tags (key-value pairs) to the launch.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with a launch.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .", + "title": "Tags", + "type": "array" } }, "required": [ - "GroupId", - "IdentityStoreId", - "MemberId" + "Groups", + "Name", + "Project", + "ScheduledSplitsConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::IdentityStore::GroupMembership" + "AWS::Evidently::Launch" ], "type": "string" }, @@ -116653,21 +121109,178 @@ ], "type": "object" }, - "AWS::IdentityStore::GroupMembership.MemberId": { + "AWS::Evidently::Launch.ExecutionStatusObject": { "additionalProperties": false, "properties": { - "UserId": { - "markdownDescription": "An object containing the identifiers of resources that can be members.", - "title": "UserId", + "DesiredState": { + "markdownDescription": "If you are using AWS CloudFormation to stop this launch, specify either `COMPLETED` or `CANCELLED` here to indicate how to classify this experiment. If you omit this parameter, the default of `COMPLETED` is used.", + "title": "DesiredState", + "type": "string" + }, + "Reason": { + "markdownDescription": "If you are using AWS CloudFormation to stop this launch, this is an optional field that you can use to record why the launch is being stopped or cancelled.", + "title": "Reason", + "type": "string" + }, + "Status": { + "markdownDescription": "To start the launch now, specify `START` for this parameter. If this launch is currently running and you want to stop it now, specify `STOP` .", + "title": "Status", "type": "string" } }, "required": [ - "UserId" + "Status" ], "type": "object" }, - "AWS::ImageBuilder::Component": { + "AWS::Evidently::Launch.GroupToWeight": { + "additionalProperties": false, + "properties": { + "GroupName": { + "markdownDescription": "The name of the launch group. It can include up to 127 characters.", + "title": "GroupName", + "type": "string" + }, + "SplitWeight": { + "markdownDescription": "The portion of launch traffic to allocate to this launch group.\n\nThis is represented in thousandths of a percent. For example, specify 20,000 to allocate 20% of the launch audience to this launch group.", + "title": "SplitWeight", + "type": "number" + } + }, + "required": [ + "GroupName", + "SplitWeight" + ], + "type": "object" + }, + "AWS::Evidently::Launch.LaunchGroupObject": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the launch group.", + "title": "Description", + "type": "string" + }, + "Feature": { + "markdownDescription": "The feature that this launch is using.", + "title": "Feature", + "type": "string" + }, + "GroupName": { + "markdownDescription": "A name for this launch group. It can include up to 127 characters.", + "title": "GroupName", + "type": "string" + }, + "Variation": { + "markdownDescription": "The feature variation to use for this launch group.", + "title": "Variation", + "type": "string" + } + }, + "required": [ + "Feature", + "GroupName", + "Variation" + ], + "type": "object" + }, + "AWS::Evidently::Launch.MetricDefinitionObject": { + "additionalProperties": false, + "properties": { + "EntityIdKey": { + "markdownDescription": "The entity, such as a user or session, that does an action that causes a metric value to be recorded. An example is `userDetails.userID` .", + "title": "EntityIdKey", + "type": "string" + }, + "EventPattern": { + "markdownDescription": "The EventBridge event pattern that defines how the metric is recorded.\n\nFor more information about EventBridge event patterns, see [Amazon EventBridge event patterns](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-event-patterns.html) .", + "title": "EventPattern", + "type": "string" + }, + "MetricName": { + "markdownDescription": "A name for the metric. It can include up to 255 characters.", + "title": "MetricName", + "type": "string" + }, + "UnitLabel": { + "markdownDescription": "A label for the units that the metric is measuring.", + "title": "UnitLabel", + "type": "string" + }, + "ValueKey": { + "markdownDescription": "The value that is tracked to produce the metric.", + "title": "ValueKey", + "type": "string" + } + }, + "required": [ + "EntityIdKey", + "MetricName", + "ValueKey" + ], + "type": "object" + }, + "AWS::Evidently::Launch.SegmentOverride": { + "additionalProperties": false, + "properties": { + "EvaluationOrder": { + "markdownDescription": "A number indicating the order to use to evaluate segment overrides, if there are more than one. Segment overrides with lower numbers are evaluated first.", + "title": "EvaluationOrder", + "type": "number" + }, + "Segment": { + "markdownDescription": "The ARN of the segment to use for this override.", + "title": "Segment", + "type": "string" + }, + "Weights": { + "items": { + "$ref": "#/definitions/AWS::Evidently::Launch.GroupToWeight" + }, + "markdownDescription": "The traffic allocation percentages among the feature variations to assign to this segment. This is a set of key-value pairs. The keys are variation names. The values represent the amount of traffic to allocate to that variation for this segment. This is expressed in thousandths of a percent, so a weight of 50000 represents 50% of traffic.", + "title": "Weights", + "type": "array" + } + }, + "required": [ + "EvaluationOrder", + "Segment", + "Weights" + ], + "type": "object" + }, + "AWS::Evidently::Launch.StepConfig": { + "additionalProperties": false, + "properties": { + "GroupWeights": { + "items": { + "$ref": "#/definitions/AWS::Evidently::Launch.GroupToWeight" + }, + "markdownDescription": "An array of structures that define how much launch traffic to allocate to each launch group during this step of the launch.", + "title": "GroupWeights", + "type": "array" + }, + "SegmentOverrides": { + "items": { + "$ref": "#/definitions/AWS::Evidently::Launch.SegmentOverride" + }, + "markdownDescription": "An array of structures that you can use to specify different traffic splits for one or more audience *segments* . A segment is a portion of your audience that share one or more characteristics. Examples could be Chrome browser users, users in Europe, or Firefox browser users in Europe who also fit other criteria that your application collects, such as age.\n\nFor more information, see [Use segments to focus your audience](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Evidently-segments.html) .", + "title": "SegmentOverrides", + "type": "array" + }, + "StartTime": { + "markdownDescription": "The date and time to start this step of the launch. Use UTC format, `yyyy-MM-ddTHH:mm:ssZ` . For example, `2025-11-25T23:59:59Z`", + "title": "StartTime", + "type": "string" + } + }, + "required": [ + "GroupWeights", + "StartTime" + ], + "type": "object" + }, + "AWS::Evidently::Project": { "additionalProperties": false, "properties": { "Condition": { @@ -116702,76 +121315,43 @@ "Properties": { "additionalProperties": false, "properties": { - "ChangeDescription": { - "markdownDescription": "The change description of the component. Describes what change has been made in this version, or what makes this version different from other versions of the component.", - "title": "ChangeDescription", - "type": "string" + "AppConfigResource": { + "$ref": "#/definitions/AWS::Evidently::Project.AppConfigResourceObject", + "markdownDescription": "Use this parameter if the project will use *client-side evaluation powered by AWS AppConfig* . Client-side evaluation allows your application to assign variations to user sessions locally instead of by calling the [EvaluateFeature](https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_EvaluateFeature.html) operation. This mitigates the latency and availability risks that come with an API call. For more information, see [Use client-side evaluation - powered by AWS AppConfig .](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Evidently-client-side-evaluation.html)\n\nThis parameter is a structure that contains information about the AWS AppConfig application that will be used as for client-side evaluation.\n\nTo create a project that uses client-side evaluation, you must have the `evidently:ExportProjectAsConfiguration` permission.", + "title": "AppConfigResource" }, - "Data": { - "markdownDescription": "Component `data` contains inline YAML document content for the component. Alternatively, you can specify the `uri` of a YAML document file stored in Amazon S3. However, you cannot specify both properties.", - "title": "Data", - "type": "string" + "DataDelivery": { + "$ref": "#/definitions/AWS::Evidently::Project.DataDeliveryObject", + "markdownDescription": "A structure that contains information about where Evidently is to store evaluation events for longer term storage, if you choose to do so. If you choose not to store these events, Evidently deletes them after using them to produce metrics and other experiment results that you can view.\n\nYou can't specify both `CloudWatchLogs` and `S3Destination` in the same operation.", + "title": "DataDelivery" }, "Description": { - "markdownDescription": "Describes the contents of the component.", + "markdownDescription": "An optional description of the project.", "title": "Description", "type": "string" }, - "KmsKeyId": { - "markdownDescription": "The ID of the KMS key that is used to encrypt this component.", - "title": "KmsKeyId", - "type": "string" - }, "Name": { - "markdownDescription": "The name of the component.", + "markdownDescription": "The name for the project. It can include up to 127 characters.", "title": "Name", "type": "string" }, - "Platform": { - "markdownDescription": "The operating system platform of the component.", - "title": "Platform", - "type": "string" - }, - "SupportedOsVersions": { - "items": { - "type": "string" - }, - "markdownDescription": "The operating system (OS) version supported by the component. If the OS information is available, a prefix match is performed against the base image OS version during image recipe creation.", - "title": "SupportedOsVersions", - "type": "array" - }, "Tags": { - "additionalProperties": true, - "markdownDescription": "The tags that apply to the component.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "Assigns one or more tags (key-value pairs) to the project.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with a project.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .", "title": "Tags", - "type": "object" - }, - "Uri": { - "markdownDescription": "The `uri` of a YAML component document file. This must be an S3 URL ( `s3://bucket/key` ), and the requester must have permission to access the S3 bucket it points to. If you use Amazon S3, you can specify component content up to your service quota.\n\nAlternatively, you can specify the YAML document inline, using the component `data` property. You cannot specify both properties.", - "title": "Uri", - "type": "string" - }, - "Version": { - "markdownDescription": "The component version. For example, `1.0.0` .", - "title": "Version", - "type": "string" + "type": "array" } }, "required": [ - "Name", - "Platform", - "Version" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::ImageBuilder::Component" + "AWS::Evidently::Project" ], "type": "string" }, @@ -116790,7 +121370,62 @@ ], "type": "object" }, - "AWS::ImageBuilder::ContainerRecipe": { + "AWS::Evidently::Project.AppConfigResourceObject": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The ID of the AWS AppConfig application to use for client-side evaluation.", + "title": "ApplicationId", + "type": "string" + }, + "EnvironmentId": { + "markdownDescription": "The ID of the AWS AppConfig environment to use for client-side evaluation.", + "title": "EnvironmentId", + "type": "string" + } + }, + "required": [ + "ApplicationId", + "EnvironmentId" + ], + "type": "object" + }, + "AWS::Evidently::Project.DataDeliveryObject": { + "additionalProperties": false, + "properties": { + "LogGroup": { + "markdownDescription": "If the project stores evaluation events in CloudWatch Logs , this structure stores the log group name.", + "title": "LogGroup", + "type": "string" + }, + "S3": { + "$ref": "#/definitions/AWS::Evidently::Project.S3Destination", + "markdownDescription": "If the project stores evaluation events in an Amazon S3 bucket, this structure stores the bucket name and bucket prefix.", + "title": "S3" + } + }, + "type": "object" + }, + "AWS::Evidently::Project.S3Destination": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "The name of the bucket in which Evidently stores evaluation events.", + "title": "BucketName", + "type": "string" + }, + "Prefix": { + "markdownDescription": "The bucket prefix in which Evidently stores evaluation events.", + "title": "Prefix", + "type": "string" + } + }, + "required": [ + "BucketName" + ], + "type": "object" + }, + "AWS::Evidently::Segment": { "additionalProperties": false, "properties": { "Condition": { @@ -116825,104 +121460,38 @@ "Properties": { "additionalProperties": false, "properties": { - "Components": { - "items": { - "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe.ComponentConfiguration" - }, - "markdownDescription": "Build and test components that are included in the container recipe. Recipes require a minimum of one build component, and can have a maximum of 20 build and test components in any combination.", - "title": "Components", - "type": "array" - }, - "ContainerType": { - "markdownDescription": "Specifies the type of container, such as Docker.", - "title": "ContainerType", - "type": "string" - }, "Description": { - "markdownDescription": "The description of the container recipe.", + "markdownDescription": "An optional description for this segment.", "title": "Description", "type": "string" }, - "DockerfileTemplateData": { - "markdownDescription": "Dockerfiles are text documents that are used to build Docker containers, and ensure that they contain all of the elements required by the application running inside. The template data consists of contextual variables where Image Builder places build information or scripts, based on your container image recipe.", - "title": "DockerfileTemplateData", - "type": "string" - }, - "DockerfileTemplateUri": { - "markdownDescription": "The S3 URI for the Dockerfile that will be used to build your container image.", - "title": "DockerfileTemplateUri", - "type": "string" - }, - "ImageOsVersionOverride": { - "markdownDescription": "Specifies the operating system version for the base image.", - "title": "ImageOsVersionOverride", - "type": "string" - }, - "InstanceConfiguration": { - "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe.InstanceConfiguration", - "markdownDescription": "A group of options that can be used to configure an instance for building and testing container images.", - "title": "InstanceConfiguration" - }, - "KmsKeyId": { - "markdownDescription": "Identifies which KMS key is used to encrypt the container image for distribution to the target Region.", - "title": "KmsKeyId", - "type": "string" - }, "Name": { - "markdownDescription": "The name of the container recipe.", + "markdownDescription": "A name for the segment.", "title": "Name", "type": "string" }, - "ParentImage": { - "markdownDescription": "The base image for customizations specified in the container recipe. This can contain an Image Builder image resource ARN or a container image URI, for example `amazonlinux:latest` .", - "title": "ParentImage", - "type": "string" - }, - "PlatformOverride": { - "markdownDescription": "Specifies the operating system platform when you use a custom base image.", - "title": "PlatformOverride", + "Pattern": { + "markdownDescription": "The pattern to use for the segment. For more information about pattern syntax, see [Segment rule pattern syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Evidently-segments.html#CloudWatch-Evidently-segments-syntax) .", + "title": "Pattern", "type": "string" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "Tags that are attached to the container recipe.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "Assigns one or more tags (key-value pairs) to the feature.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with a feature.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .", "title": "Tags", - "type": "object" - }, - "TargetRepository": { - "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe.TargetContainerRepository", - "markdownDescription": "The destination repository for the container image.", - "title": "TargetRepository" - }, - "Version": { - "markdownDescription": "The semantic version of the container recipe.\n\n> The semantic version has four nodes: ../. You can assign values for the first three, and can filter on all of them.\n> \n> *Assignment:* For the first three nodes you can assign any positive integer value, including zero, with an upper limit of 2^30-1, or 1073741823 for each node. Image Builder automatically assigns the build number to the fourth node.\n> \n> *Patterns:* You can use any numeric pattern that adheres to the assignment requirements for the nodes that you can assign. For example, you might choose a software version pattern, such as 1.0.0, or a date, such as 2021.01.01.\n> \n> *Filtering:* With semantic versioning, you have the flexibility to use wildcards (x) to specify the most recent versions or nodes when selecting the base image or components for your recipe. When you use a wildcard in any node, all nodes to the right of the first wildcard must also be wildcards.", - "title": "Version", - "type": "string" - }, - "WorkingDirectory": { - "markdownDescription": "The working directory for use during build and test workflows.", - "title": "WorkingDirectory", - "type": "string" + "type": "array" } }, "required": [ - "Components", - "ContainerType", - "Name", - "ParentImage", - "TargetRepository", - "Version" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::ImageBuilder::ContainerRecipe" + "AWS::Evidently::Segment" ], "type": "string" }, @@ -116941,156 +121510,7 @@ ], "type": "object" }, - "AWS::ImageBuilder::ContainerRecipe.ComponentConfiguration": { - "additionalProperties": false, - "properties": { - "ComponentArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the component.", - "title": "ComponentArn", - "type": "string" - }, - "Parameters": { - "items": { - "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe.ComponentParameter" - }, - "markdownDescription": "A group of parameter settings that Image Builder uses to configure the component for a specific recipe.", - "title": "Parameters", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::ContainerRecipe.ComponentParameter": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the component parameter to set.", - "title": "Name", - "type": "string" - }, - "Value": { - "items": { - "type": "string" - }, - "markdownDescription": "Sets the value for the named component parameter.", - "title": "Value", - "type": "array" - } - }, - "required": [ - "Name", - "Value" - ], - "type": "object" - }, - "AWS::ImageBuilder::ContainerRecipe.EbsInstanceBlockDeviceSpecification": { - "additionalProperties": false, - "properties": { - "DeleteOnTermination": { - "markdownDescription": "Use to configure delete on termination of the associated device.", - "title": "DeleteOnTermination", - "type": "boolean" - }, - "Encrypted": { - "markdownDescription": "Use to configure device encryption.", - "title": "Encrypted", - "type": "boolean" - }, - "Iops": { - "markdownDescription": "Use to configure device IOPS.", - "title": "Iops", - "type": "number" - }, - "KmsKeyId": { - "markdownDescription": "Use to configure the KMS key to use when encrypting the device.", - "title": "KmsKeyId", - "type": "string" - }, - "SnapshotId": { - "markdownDescription": "The snapshot that defines the device contents.", - "title": "SnapshotId", - "type": "string" - }, - "Throughput": { - "markdownDescription": "*For GP3 volumes only* \u2013 The throughput in MiB/s that the volume supports.", - "title": "Throughput", - "type": "number" - }, - "VolumeSize": { - "markdownDescription": "Use to override the device's volume size.", - "title": "VolumeSize", - "type": "number" - }, - "VolumeType": { - "markdownDescription": "Use to override the device's volume type.", - "title": "VolumeType", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::ContainerRecipe.InstanceBlockDeviceMapping": { - "additionalProperties": false, - "properties": { - "DeviceName": { - "markdownDescription": "The device to which these mappings apply.", - "title": "DeviceName", - "type": "string" - }, - "Ebs": { - "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe.EbsInstanceBlockDeviceSpecification", - "markdownDescription": "Use to manage Amazon EBS-specific configuration for this mapping.", - "title": "Ebs" - }, - "NoDevice": { - "markdownDescription": "Use to remove a mapping from the base image.", - "title": "NoDevice", - "type": "string" - }, - "VirtualName": { - "markdownDescription": "Use to manage instance ephemeral devices.", - "title": "VirtualName", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::ContainerRecipe.InstanceConfiguration": { - "additionalProperties": false, - "properties": { - "BlockDeviceMappings": { - "items": { - "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe.InstanceBlockDeviceMapping" - }, - "markdownDescription": "Defines the block devices to attach for building an instance from this Image Builder AMI.", - "title": "BlockDeviceMappings", - "type": "array" - }, - "Image": { - "markdownDescription": "The base image for a container build and test instance. This can contain an AMI ID or it can specify an AWS Systems Manager (SSM) Parameter Store Parameter, prefixed by `ssm:` , followed by the parameter name or ARN.\n\nIf not specified, Image Builder uses the appropriate ECS-optimized AMI as a base image.", - "title": "Image", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::ContainerRecipe.TargetContainerRepository": { - "additionalProperties": false, - "properties": { - "RepositoryName": { - "markdownDescription": "The name of the container repository where the output container image is stored. This name is prefixed by the repository location. For example, `/repository_name` .", - "title": "RepositoryName", - "type": "string" - }, - "Service": { - "markdownDescription": "Specifies the service in which this image was registered.", - "title": "Service", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::DistributionConfiguration": { + "AWS::FIS::ExperimentTemplate": { "additionalProperties": false, "properties": { "Condition": { @@ -117125,27 +121545,53 @@ "Properties": { "additionalProperties": false, "properties": { + "Actions": { + "additionalProperties": false, + "markdownDescription": "The actions for the experiment.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateAction" + } + }, + "title": "Actions", + "type": "object" + }, "Description": { - "markdownDescription": "The description of this distribution configuration.", + "markdownDescription": "The description for the experiment template.", "title": "Description", "type": "string" }, - "Distributions": { + "ExperimentOptions": { + "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateExperimentOptions", + "markdownDescription": "The experiment options for an experiment template.", + "title": "ExperimentOptions" + }, + "ExperimentReportConfiguration": { + "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateExperimentReportConfiguration", + "markdownDescription": "Describes the report configuration for the experiment template.", + "title": "ExperimentReportConfiguration" + }, + "LogConfiguration": { + "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateLogConfiguration", + "markdownDescription": "The configuration for experiment logging.", + "title": "LogConfiguration" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role.", + "title": "RoleArn", + "type": "string" + }, + "StopConditions": { "items": { - "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.Distribution" + "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateStopCondition" }, - "markdownDescription": "The distributions of this distribution configuration formatted as an array of Distribution objects.", - "title": "Distributions", + "markdownDescription": "The stop conditions for the experiment.", + "title": "StopConditions", "type": "array" }, - "Name": { - "markdownDescription": "The name of this distribution configuration.", - "title": "Name", - "type": "string" - }, "Tags": { "additionalProperties": true, - "markdownDescription": "The tags of this distribution configuration.", + "markdownDescription": "The tags for the experiment template.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" @@ -117153,17 +121599,30 @@ }, "title": "Tags", "type": "object" + }, + "Targets": { + "additionalProperties": false, + "markdownDescription": "The targets for the experiment.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateTarget" + } + }, + "title": "Targets", + "type": "object" } }, "required": [ - "Distributions", - "Name" + "Description", + "RoleArn", + "StopConditions", + "Targets" ], "type": "object" }, "Type": { "enum": [ - "AWS::ImageBuilder::DistributionConfiguration" + "AWS::FIS::ExperimentTemplate" ], "type": "string" }, @@ -117182,262 +121641,319 @@ ], "type": "object" }, - "AWS::ImageBuilder::DistributionConfiguration.AmiDistributionConfiguration": { + "AWS::FIS::ExperimentTemplate.CloudWatchDashboard": { "additionalProperties": false, "properties": { - "AmiTags": { - "additionalProperties": true, - "markdownDescription": "The tags to apply to AMIs distributed to this Region.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "AmiTags", - "type": "object" - }, - "Description": { - "markdownDescription": "The description of the AMI distribution configuration. Minimum and maximum length are in characters.", - "title": "Description", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "The KMS key identifier used to encrypt the distributed image.", - "title": "KmsKeyId", + "DashboardIdentifier": { + "markdownDescription": "The Amazon Resource Name (ARN) of the CloudWatch dashboard to include in the experiment report.", + "title": "DashboardIdentifier", "type": "string" - }, - "LaunchPermissionConfiguration": { - "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.LaunchPermissionConfiguration", - "markdownDescription": "Launch permissions can be used to configure which AWS account s can use the AMI to launch instances.", - "title": "LaunchPermissionConfiguration" - }, - "Name": { - "markdownDescription": "The name of the output AMI.", - "title": "Name", + } + }, + "required": [ + "DashboardIdentifier" + ], + "type": "object" + }, + "AWS::FIS::ExperimentTemplate.CloudWatchLogsConfiguration": { + "additionalProperties": false, + "properties": { + "LogGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the destination Amazon CloudWatch Logs log group.", + "title": "LogGroupArn", "type": "string" - }, - "TargetAccountIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The ID of an account to which you want to distribute an image.", - "title": "TargetAccountIds", - "type": "array" } }, + "required": [ + "LogGroupArn" + ], "type": "object" }, - "AWS::ImageBuilder::DistributionConfiguration.ContainerDistributionConfiguration": { + "AWS::FIS::ExperimentTemplate.DataSources": { "additionalProperties": false, "properties": { - "ContainerTags": { + "CloudWatchDashboards": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.CloudWatchDashboard" }, - "markdownDescription": "Tags that are attached to the container distribution configuration.", - "title": "ContainerTags", + "markdownDescription": "The CloudWatch dashboards to include as data sources in the experiment report.", + "title": "CloudWatchDashboards", "type": "array" - }, - "Description": { - "markdownDescription": "The description of the container distribution configuration.", - "title": "Description", + } + }, + "type": "object" + }, + "AWS::FIS::ExperimentTemplate.ExperimentReportS3Configuration": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "The name of the S3 bucket where the experiment report will be stored.", + "title": "BucketName", "type": "string" }, - "TargetRepository": { - "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.TargetContainerRepository", - "markdownDescription": "The destination repository for the container distribution configuration.", - "title": "TargetRepository" + "Prefix": { + "markdownDescription": "The prefix of the S3 bucket where the experiment report will be stored.", + "title": "Prefix", + "type": "string" } }, + "required": [ + "BucketName" + ], "type": "object" }, - "AWS::ImageBuilder::DistributionConfiguration.Distribution": { + "AWS::FIS::ExperimentTemplate.ExperimentTemplateAction": { "additionalProperties": false, "properties": { - "AmiDistributionConfiguration": { - "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.AmiDistributionConfiguration", - "markdownDescription": "The specific AMI settings, such as launch permissions and AMI tags. For details, see example schema below.", - "title": "AmiDistributionConfiguration" - }, - "ContainerDistributionConfiguration": { - "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.ContainerDistributionConfiguration", - "markdownDescription": "Container distribution settings for encryption, licensing, and sharing in a specific Region. For details, see example schema below.", - "title": "ContainerDistributionConfiguration" + "ActionId": { + "markdownDescription": "The ID of the action.", + "title": "ActionId", + "type": "string" }, - "FastLaunchConfigurations": { - "items": { - "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.FastLaunchConfiguration" - }, - "markdownDescription": "The Windows faster-launching configurations to use for AMI distribution.", - "title": "FastLaunchConfigurations", - "type": "array" + "Description": { + "markdownDescription": "A description for the action.", + "title": "Description", + "type": "string" }, - "LaunchTemplateConfigurations": { - "items": { - "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.LaunchTemplateConfiguration" + "Parameters": { + "additionalProperties": true, + "markdownDescription": "The parameters for the action.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "A group of launchTemplateConfiguration settings that apply to image distribution for specified accounts.", - "title": "LaunchTemplateConfigurations", - "type": "array" + "title": "Parameters", + "type": "object" }, - "LicenseConfigurationArns": { + "StartAfter": { "items": { "type": "string" }, - "markdownDescription": "The License Manager Configuration to associate with the AMI in the specified Region. For more information, see the [LicenseConfiguration API](https://docs.aws.amazon.com/license-manager/latest/APIReference/API_LicenseConfiguration.html) .", - "title": "LicenseConfigurationArns", + "markdownDescription": "The name of the action that must be completed before the current action starts.", + "title": "StartAfter", "type": "array" }, - "Region": { - "markdownDescription": "The target Region for the Distribution Configuration. For example, `eu-west-1` .", - "title": "Region", - "type": "string" + "Targets": { + "additionalProperties": true, + "markdownDescription": "The targets for the action.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Targets", + "type": "object" } }, "required": [ - "Region" + "ActionId" ], "type": "object" }, - "AWS::ImageBuilder::DistributionConfiguration.FastLaunchConfiguration": { + "AWS::FIS::ExperimentTemplate.ExperimentTemplateExperimentOptions": { "additionalProperties": false, "properties": { - "AccountId": { - "markdownDescription": "The owner account ID for the fast-launch enabled Windows AMI.", - "title": "AccountId", + "AccountTargeting": { + "markdownDescription": "The account targeting setting for an experiment template.", + "title": "AccountTargeting", "type": "string" }, - "Enabled": { - "markdownDescription": "A Boolean that represents the current state of faster launching for the Windows AMI. Set to `true` to start using Windows faster launching, or `false` to stop using it.", - "title": "Enabled", - "type": "boolean" - }, - "LaunchTemplate": { - "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.FastLaunchLaunchTemplateSpecification", - "markdownDescription": "The launch template that the fast-launch enabled Windows AMI uses when it launches Windows instances to create pre-provisioned snapshots.", - "title": "LaunchTemplate" - }, - "MaxParallelLaunches": { - "markdownDescription": "The maximum number of parallel instances that are launched for creating resources.", - "title": "MaxParallelLaunches", - "type": "number" - }, - "SnapshotConfiguration": { - "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.FastLaunchSnapshotConfiguration", - "markdownDescription": "Configuration settings for managing the number of snapshots that are created from pre-provisioned instances for the Windows AMI when faster launching is enabled.", - "title": "SnapshotConfiguration" + "EmptyTargetResolutionMode": { + "markdownDescription": "The empty target resolution mode for an experiment template.", + "title": "EmptyTargetResolutionMode", + "type": "string" } }, "type": "object" }, - "AWS::ImageBuilder::DistributionConfiguration.FastLaunchLaunchTemplateSpecification": { + "AWS::FIS::ExperimentTemplate.ExperimentTemplateExperimentReportConfiguration": { "additionalProperties": false, "properties": { - "LaunchTemplateId": { - "markdownDescription": "The ID of the launch template to use for faster launching for a Windows AMI.", - "title": "LaunchTemplateId", - "type": "string" + "DataSources": { + "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.DataSources", + "markdownDescription": "The data sources for the experiment report.", + "title": "DataSources" }, - "LaunchTemplateName": { - "markdownDescription": "The name of the launch template to use for faster launching for a Windows AMI.", - "title": "LaunchTemplateName", + "Outputs": { + "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.Outputs", + "markdownDescription": "The output destinations of the experiment report.", + "title": "Outputs" + }, + "PostExperimentDuration": { + "markdownDescription": "The duration after the experiment end time for the data sources to include in the report.", + "title": "PostExperimentDuration", "type": "string" }, - "LaunchTemplateVersion": { - "markdownDescription": "The version of the launch template to use for faster launching for a Windows AMI.", - "title": "LaunchTemplateVersion", + "PreExperimentDuration": { + "markdownDescription": "The duration before the experiment start time for the data sources to include in the report.", + "title": "PreExperimentDuration", "type": "string" } }, + "required": [ + "Outputs" + ], "type": "object" }, - "AWS::ImageBuilder::DistributionConfiguration.FastLaunchSnapshotConfiguration": { + "AWS::FIS::ExperimentTemplate.ExperimentTemplateLogConfiguration": { "additionalProperties": false, "properties": { - "TargetResourceCount": { - "markdownDescription": "The number of pre-provisioned snapshots to keep on hand for a fast-launch enabled Windows AMI.", - "title": "TargetResourceCount", + "CloudWatchLogsConfiguration": { + "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.CloudWatchLogsConfiguration", + "markdownDescription": "The configuration for experiment logging to CloudWatch Logs .", + "title": "CloudWatchLogsConfiguration" + }, + "LogSchemaVersion": { + "markdownDescription": "The schema version.", + "title": "LogSchemaVersion", "type": "number" + }, + "S3Configuration": { + "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.S3Configuration", + "markdownDescription": "The configuration for experiment logging to Amazon S3 .", + "title": "S3Configuration" } }, + "required": [ + "LogSchemaVersion" + ], "type": "object" }, - "AWS::ImageBuilder::DistributionConfiguration.LaunchPermissionConfiguration": { + "AWS::FIS::ExperimentTemplate.ExperimentTemplateStopCondition": { "additionalProperties": false, "properties": { - "OrganizationArns": { + "Source": { + "markdownDescription": "The source for the stop condition.", + "title": "Source", + "type": "string" + }, + "Value": { + "markdownDescription": "The Amazon Resource Name (ARN) of the CloudWatch alarm, if applicable.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Source" + ], + "type": "object" + }, + "AWS::FIS::ExperimentTemplate.ExperimentTemplateTarget": { + "additionalProperties": false, + "properties": { + "Filters": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateTargetFilter" }, - "markdownDescription": "The ARN for an AWS Organization that you want to share your AMI with. For more information, see [What is AWS Organizations ?](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_introduction.html) .", - "title": "OrganizationArns", + "markdownDescription": "The filters to apply to identify target resources using specific attributes.", + "title": "Filters", "type": "array" }, - "OrganizationalUnitArns": { - "items": { - "type": "string" + "Parameters": { + "additionalProperties": true, + "markdownDescription": "The parameters for the resource type.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "The ARN for an AWS Organizations organizational unit (OU) that you want to share your AMI with. For more information about key concepts for AWS Organizations , see [AWS Organizations terminology and concepts](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html) .", - "title": "OrganizationalUnitArns", - "type": "array" + "title": "Parameters", + "type": "object" }, - "UserGroups": { + "ResourceArns": { "items": { "type": "string" }, - "markdownDescription": "The name of the group.", - "title": "UserGroups", + "markdownDescription": "The Amazon Resource Names (ARNs) of the targets.", + "title": "ResourceArns", "type": "array" }, - "UserIds": { + "ResourceTags": { + "additionalProperties": true, + "markdownDescription": "The tags for the target resources.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "ResourceTags", + "type": "object" + }, + "ResourceType": { + "markdownDescription": "The resource type.", + "title": "ResourceType", + "type": "string" + }, + "SelectionMode": { + "markdownDescription": "Scopes the identified resources to a specific count or percentage.", + "title": "SelectionMode", + "type": "string" + } + }, + "required": [ + "ResourceType", + "SelectionMode" + ], + "type": "object" + }, + "AWS::FIS::ExperimentTemplate.ExperimentTemplateTargetFilter": { + "additionalProperties": false, + "properties": { + "Path": { + "markdownDescription": "The attribute path for the filter.", + "title": "Path", + "type": "string" + }, + "Values": { "items": { "type": "string" }, - "markdownDescription": "The AWS account ID.", - "title": "UserIds", + "markdownDescription": "The attribute values for the filter.", + "title": "Values", "type": "array" } }, + "required": [ + "Path", + "Values" + ], "type": "object" }, - "AWS::ImageBuilder::DistributionConfiguration.LaunchTemplateConfiguration": { + "AWS::FIS::ExperimentTemplate.Outputs": { "additionalProperties": false, "properties": { - "AccountId": { - "markdownDescription": "The account ID that this configuration applies to.", - "title": "AccountId", - "type": "string" - }, - "LaunchTemplateId": { - "markdownDescription": "Identifies the Amazon EC2 launch template to use.", - "title": "LaunchTemplateId", - "type": "string" - }, - "SetDefaultVersion": { - "markdownDescription": "Set the specified Amazon EC2 launch template as the default launch template for the specified account.", - "title": "SetDefaultVersion", - "type": "boolean" + "ExperimentReportS3Configuration": { + "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentReportS3Configuration", + "markdownDescription": "The S3 destination for the experiment report.", + "title": "ExperimentReportS3Configuration" } }, + "required": [ + "ExperimentReportS3Configuration" + ], "type": "object" }, - "AWS::ImageBuilder::DistributionConfiguration.TargetContainerRepository": { + "AWS::FIS::ExperimentTemplate.S3Configuration": { "additionalProperties": false, "properties": { - "RepositoryName": { - "markdownDescription": "The name of the container repository where the output container image is stored. This name is prefixed by the repository location. For example, `/repository_name` .", - "title": "RepositoryName", + "BucketName": { + "markdownDescription": "The name of the destination bucket.", + "title": "BucketName", "type": "string" }, - "Service": { - "markdownDescription": "Specifies the service in which this image was registered.", - "title": "Service", + "Prefix": { + "markdownDescription": "The bucket prefix.", + "title": "Prefix", "type": "string" } }, + "required": [ + "BucketName" + ], "type": "object" }, - "AWS::ImageBuilder::Image": { + "AWS::FIS::TargetAccountConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -117472,74 +121988,37 @@ "Properties": { "additionalProperties": false, "properties": { - "ContainerRecipeArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the container recipe that defines how images are configured and tested.", - "title": "ContainerRecipeArn", - "type": "string" - }, - "DistributionConfigurationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the distribution configuration that defines and configures the outputs of your pipeline.", - "title": "DistributionConfigurationArn", + "AccountId": { + "markdownDescription": "The AWS account ID of the target account.", + "title": "AccountId", "type": "string" }, - "EnhancedImageMetadataEnabled": { - "markdownDescription": "Collects additional information about the image being created, including the operating system (OS) version and package list. This information is used to enhance the overall experience of using EC2 Image Builder. Enabled by default.", - "title": "EnhancedImageMetadataEnabled", - "type": "boolean" - }, - "ExecutionRole": { - "markdownDescription": "The name or Amazon Resource Name (ARN) for the IAM role you create that grants Image Builder access to perform workflow actions.", - "title": "ExecutionRole", + "Description": { + "markdownDescription": "The description of the target account.", + "title": "Description", "type": "string" }, - "ImageRecipeArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the image recipe that defines how images are configured, tested, and assessed.", - "title": "ImageRecipeArn", + "ExperimentTemplateId": { + "markdownDescription": "The ID of the experiment template.", + "title": "ExperimentTemplateId", "type": "string" }, - "ImageScanningConfiguration": { - "$ref": "#/definitions/AWS::ImageBuilder::Image.ImageScanningConfiguration", - "markdownDescription": "Contains settings for vulnerability scans.", - "title": "ImageScanningConfiguration" - }, - "ImageTestsConfiguration": { - "$ref": "#/definitions/AWS::ImageBuilder::Image.ImageTestsConfiguration", - "markdownDescription": "The image tests configuration of the image.", - "title": "ImageTestsConfiguration" - }, - "InfrastructureConfigurationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the infrastructure configuration that defines the environment in which your image will be built and tested.", - "title": "InfrastructureConfigurationArn", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role for the target account.", + "title": "RoleArn", "type": "string" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "The tags of the image.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - }, - "Workflows": { - "items": { - "$ref": "#/definitions/AWS::ImageBuilder::Image.WorkflowConfiguration" - }, - "markdownDescription": "Contains an array of workflow configuration objects.", - "title": "Workflows", - "type": "array" } }, "required": [ - "InfrastructureConfigurationArn" + "AccountId", + "ExperimentTemplateId", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::ImageBuilder::Image" + "AWS::FIS::TargetAccountConfiguration" ], "type": "string" }, @@ -117558,106 +122037,80 @@ ], "type": "object" }, - "AWS::ImageBuilder::Image.EcrConfiguration": { + "AWS::FMS::NotificationChannel": { "additionalProperties": false, "properties": { - "ContainerTags": { - "items": { - "type": "string" - }, - "markdownDescription": "Tags for Image Builder to apply to the output container image that Amazon Inspector scans. Tags can help you identify and manage your scanned images.", - "title": "ContainerTags", - "type": "array" - }, - "RepositoryName": { - "markdownDescription": "The name of the container repository that Amazon Inspector scans to identify findings for your container images. The name includes the path for the repository location. If you don\u2019t provide this information, Image Builder creates a repository in your account named `image-builder-image-scanning-repository` for vulnerability scans of your output container images.", - "title": "RepositoryName", + "Condition": { "type": "string" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::Image.ImageScanningConfiguration": { - "additionalProperties": false, - "properties": { - "EcrConfiguration": { - "$ref": "#/definitions/AWS::ImageBuilder::Image.EcrConfiguration", - "markdownDescription": "Contains Amazon ECR settings for vulnerability scans.", - "title": "EcrConfiguration" }, - "ImageScanningEnabled": { - "markdownDescription": "A setting that indicates whether Image Builder keeps a snapshot of the vulnerability scans that Amazon Inspector runs against the build instance when you create a new image.", - "title": "ImageScanningEnabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::Image.ImageTestsConfiguration": { - "additionalProperties": false, - "properties": { - "ImageTestsEnabled": { - "markdownDescription": "Determines if tests should run after building the image. Image Builder defaults to enable tests to run following the image build, before image distribution.", - "title": "ImageTestsEnabled", - "type": "boolean" - }, - "TimeoutMinutes": { - "markdownDescription": "The maximum time in minutes that tests are permitted to run.\n\n> The timeout property is not currently active. This value is ignored.", - "title": "TimeoutMinutes", - "type": "number" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::Image.WorkflowConfiguration": { - "additionalProperties": false, - "properties": { - "OnFailure": { - "markdownDescription": "The action to take if the workflow fails.", - "title": "OnFailure", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ParallelGroup": { - "markdownDescription": "Test workflows are defined within named runtime groups called parallel groups. The parallel group is the named group that contains this test workflow. Test workflows within a parallel group can run at the same time. Image Builder starts up to five test workflows in the group at the same time, and starts additional workflows as others complete, until all workflows in the group have completed. This field only applies for test workflows.", - "title": "ParallelGroup", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Parameters": { - "items": { - "$ref": "#/definitions/AWS::ImageBuilder::Image.WorkflowParameter" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "SnsRoleName": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that allows Amazon SNS to record AWS Firewall Manager activity.", + "title": "SnsRoleName", + "type": "string" + }, + "SnsTopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the SNS topic that collects notifications from AWS Firewall Manager .", + "title": "SnsTopicArn", + "type": "string" + } }, - "markdownDescription": "Contains parameter values for each of the parameters that the workflow document defined for the workflow resource.", - "title": "Parameters", - "type": "array" + "required": [ + "SnsRoleName", + "SnsTopicArn" + ], + "type": "object" }, - "WorkflowArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the workflow resource.", - "title": "WorkflowArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::Image.WorkflowParameter": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the workflow parameter to set.", - "title": "Name", + "Type": { + "enum": [ + "AWS::FMS::NotificationChannel" + ], "type": "string" }, - "Value": { - "items": { - "type": "string" - }, - "markdownDescription": "Sets the value for the named workflow parameter.", - "title": "Value", - "type": "array" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::ImageBuilder::ImagePipeline": { + "AWS::FMS::Policy": { "additionalProperties": false, "properties": { "Condition": { @@ -117692,95 +122145,105 @@ "Properties": { "additionalProperties": false, "properties": { - "ContainerRecipeArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the container recipe that is used for this pipeline.", - "title": "ContainerRecipeArn", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of this image pipeline.", - "title": "Description", - "type": "string" + "DeleteAllPolicyResources": { + "markdownDescription": "Used when deleting a policy. If `true` , Firewall Manager performs cleanup according to the policy type.\n\nFor AWS WAF and Shield Advanced policies, Firewall Manager does the following:\n\n- Deletes rule groups created by Firewall Manager\n- Removes web ACLs from in-scope resources\n- Deletes web ACLs that contain no rules or rule groups\n\nFor security group policies, Firewall Manager does the following for each security group in the policy:\n\n- Disassociates the security group from in-scope resources\n- Deletes the security group if it was created through Firewall Manager and if it's no longer associated with any resources through another policy\n\nAfter the cleanup, in-scope resources are no longer protected by web ACLs in this policy. Protection of out-of-scope resources remains unchanged. Scope is determined by tags that you create and accounts that you associate with the policy. When creating the policy, if you specify that only resources in specific accounts or with specific tags are in scope of the policy, those accounts and resources are handled by the policy. All others are out of scope. If you don't specify tags or accounts, all resources are in scope.", + "title": "DeleteAllPolicyResources", + "type": "boolean" }, - "DistributionConfigurationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the distribution configuration associated with this image pipeline.", - "title": "DistributionConfigurationArn", - "type": "string" + "ExcludeMap": { + "$ref": "#/definitions/AWS::FMS::Policy.IEMap", + "markdownDescription": "Specifies the AWS account IDs and AWS Organizations organizational units (OUs) to exclude from the policy. Specifying an OU is the equivalent of specifying all accounts in the OU and in any of its child OUs, including any child OUs and accounts that are added at a later time.\n\nYou can specify inclusions or exclusions, but not both. If you specify an `IncludeMap` , AWS Firewall Manager applies the policy to all accounts specified by the `IncludeMap` , and does not evaluate any `ExcludeMap` specifications. If you do not specify an `IncludeMap` , then Firewall Manager applies the policy to all accounts except for those specified by the `ExcludeMap` .\n\nYou can specify account IDs, OUs, or a combination:\n\n- Specify account IDs by setting the key to `ACCOUNT` . For example, the following is a valid map: `{\u201cACCOUNT\u201d : [\u201caccountID1\u201d, \u201caccountID2\u201d]}` .\n- Specify OUs by setting the key to `ORGUNIT` . For example, the following is a valid map: `{\u201cORGUNIT\u201d : [\u201couid111\u201d, \u201couid112\u201d]}` .\n- Specify accounts and OUs together in a single map, separated with a comma. For example, the following is a valid map: `{\u201cACCOUNT\u201d : [\u201caccountID1\u201d, \u201caccountID2\u201d], \u201cORGUNIT\u201d : [\u201couid111\u201d, \u201couid112\u201d]}` .", + "title": "ExcludeMap" }, - "EnhancedImageMetadataEnabled": { - "markdownDescription": "Collects additional information about the image being created, including the operating system (OS) version and package list. This information is used to enhance the overall experience of using EC2 Image Builder. Enabled by default.", - "title": "EnhancedImageMetadataEnabled", + "ExcludeResourceTags": { + "markdownDescription": "Used only when tags are specified in the `ResourceTags` property. If this property is `True` , resources with the specified tags are not in scope of the policy. If it's `False` , only resources with the specified tags are in scope of the policy.", + "title": "ExcludeResourceTags", "type": "boolean" }, - "ExecutionRole": { - "markdownDescription": "The name or Amazon Resource Name (ARN) for the IAM role you create that grants Image Builder access to perform workflow actions.", - "title": "ExecutionRole", - "type": "string" + "IncludeMap": { + "$ref": "#/definitions/AWS::FMS::Policy.IEMap", + "markdownDescription": "Specifies the AWS account IDs and AWS Organizations organizational units (OUs) to include in the policy. Specifying an OU is the equivalent of specifying all accounts in the OU and in any of its child OUs, including any child OUs and accounts that are added at a later time.\n\nYou can specify inclusions or exclusions, but not both. If you specify an `IncludeMap` , AWS Firewall Manager applies the policy to all accounts specified by the `IncludeMap` , and does not evaluate any `ExcludeMap` specifications. If you do not specify an `IncludeMap` , then Firewall Manager applies the policy to all accounts except for those specified by the `ExcludeMap` .\n\nYou can specify account IDs, OUs, or a combination:\n\n- Specify account IDs by setting the key to `ACCOUNT` . For example, the following is a valid map: `{\u201cACCOUNT\u201d : [\u201caccountID1\u201d, \u201caccountID2\u201d]}` .\n- Specify OUs by setting the key to `ORGUNIT` . For example, the following is a valid map: `{\u201cORGUNIT\u201d : [\u201couid111\u201d, \u201couid112\u201d]}` .\n- Specify accounts and OUs together in a single map, separated with a comma. For example, the following is a valid map: `{\u201cACCOUNT\u201d : [\u201caccountID1\u201d, \u201caccountID2\u201d], \u201cORGUNIT\u201d : [\u201couid111\u201d, \u201couid112\u201d]}` .", + "title": "IncludeMap" }, - "ImageRecipeArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the image recipe associated with this image pipeline.", - "title": "ImageRecipeArn", + "PolicyDescription": { + "markdownDescription": "Your description of the AWS Firewall Manager policy.", + "title": "PolicyDescription", "type": "string" }, - "ImageScanningConfiguration": { - "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline.ImageScanningConfiguration", - "markdownDescription": "Contains settings for vulnerability scans.", - "title": "ImageScanningConfiguration" + "PolicyName": { + "markdownDescription": "The name of the AWS Firewall Manager policy.", + "title": "PolicyName", + "type": "string" }, - "ImageTestsConfiguration": { - "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline.ImageTestsConfiguration", - "markdownDescription": "The configuration of the image tests that run after image creation to ensure the quality of the image that was created.", - "title": "ImageTestsConfiguration" + "RemediationEnabled": { + "markdownDescription": "Indicates if the policy should be automatically applied to new resources.", + "title": "RemediationEnabled", + "type": "boolean" }, - "InfrastructureConfigurationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the infrastructure configuration associated with this image pipeline.", - "title": "InfrastructureConfigurationArn", - "type": "string" + "ResourceSetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The unique identifiers of the resource sets used by the policy.", + "title": "ResourceSetIds", + "type": "array" }, - "Name": { - "markdownDescription": "The name of the image pipeline.", - "title": "Name", + "ResourceTagLogicalOperator": { + "markdownDescription": "Specifies whether to combine multiple resource tags with AND, so that a resource must have all tags to be included or excluded, or OR, so that a resource must have at least one tag.\n\nDefault: `AND`", + "title": "ResourceTagLogicalOperator", "type": "string" }, - "Schedule": { - "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline.Schedule", - "markdownDescription": "The schedule of the image pipeline. A schedule configures how often and when a pipeline automatically creates a new image.", - "title": "Schedule" + "ResourceTags": { + "items": { + "$ref": "#/definitions/AWS::FMS::Policy.ResourceTag" + }, + "markdownDescription": "An array of `ResourceTag` objects, used to explicitly include resources in the policy scope or explicitly exclude them. If this isn't set, then tags aren't used to modify policy scope. See also `ExcludeResourceTags` .", + "title": "ResourceTags", + "type": "array" }, - "Status": { - "markdownDescription": "The status of the image pipeline.", - "title": "Status", + "ResourceType": { + "markdownDescription": "The type of resource protected by or in scope of the policy. This is in the format shown in the [AWS Resource Types Reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html) . To apply this policy to multiple resource types, specify a resource type of `ResourceTypeList` and then specify the resource types in a `ResourceTypeList` .\n\nThe following are valid resource types for each Firewall Manager policy type:\n\n- AWS WAF Classic - `AWS::ApiGateway::Stage` , `AWS::CloudFront::Distribution` , and `AWS::ElasticLoadBalancingV2::LoadBalancer` .\n- AWS WAF - `AWS::ApiGateway::Stage` , `AWS::ElasticLoadBalancingV2::LoadBalancer` , and `AWS::CloudFront::Distribution` .\n- Shield Advanced - `AWS::ElasticLoadBalancingV2::LoadBalancer` , `AWS::ElasticLoadBalancing::LoadBalancer` , `AWS::EC2::EIP` , and `AWS::CloudFront::Distribution` .\n- Network ACL - `AWS::EC2::Subnet` .\n- Security group usage audit - `AWS::EC2::SecurityGroup` .\n- Security group content audit - `AWS::EC2::SecurityGroup` , `AWS::EC2::NetworkInterface` , and `AWS::EC2::Instance` .\n- DNS Firewall, AWS Network Firewall , and third-party firewall - `AWS::EC2::VPC` .", + "title": "ResourceType", "type": "string" }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "The tags of this image pipeline.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "ResourceTypeList": { + "items": { + "type": "string" }, - "title": "Tags", - "type": "object" + "markdownDescription": "An array of `ResourceType` objects. Use this only to specify multiple resource types. To specify a single resource type, use `ResourceType` .", + "title": "ResourceTypeList", + "type": "array" }, - "Workflows": { + "ResourcesCleanUp": { + "markdownDescription": "Indicates whether AWS Firewall Manager should automatically remove protections from resources that leave the policy scope and clean up resources that Firewall Manager is managing for accounts when those accounts leave policy scope. For example, Firewall Manager will disassociate a Firewall Manager managed web ACL from a protected customer resource when the customer resource leaves policy scope.\n\nBy default, Firewall Manager doesn't remove protections or delete Firewall Manager managed resources.\n\nThis option is not available for Shield Advanced or AWS WAF Classic policies.", + "title": "ResourcesCleanUp", + "type": "boolean" + }, + "SecurityServicePolicyData": { + "$ref": "#/definitions/AWS::FMS::Policy.SecurityServicePolicyData", + "markdownDescription": "Details about the security service that is being used to protect the resources.\n\nThis contains the following settings:\n\n- Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting .\n\nValid values: `DNS_FIREWALL` | `NETWORK_FIREWALL` | `SECURITY_GROUPS_COMMON` | `SECURITY_GROUPS_CONTENT_AUDIT` | `SECURITY_GROUPS_USAGE_AUDIT` | `SHIELD_ADVANCED` | `THIRD_PARTY_FIREWALL` | `WAFV2` | `WAF`\n- ManagedServiceData - Details about the service that are specific to the service type, in JSON format.\n\n- Example: `DNS_FIREWALL`\n\n`\"{\\\"type\\\":\\\"DNS_FIREWALL\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-1\\\",\\\"priority\\\":10}],\\\"postProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-2\\\",\\\"priority\\\":9911}]}\"`\n\n> Valid values for `preProcessRuleGroups` are between 1 and 99. Valid values for `postProcessRuleGroups` are between 9901 and 10000.\n- Example: `NETWORK_FIREWALL` - Centralized deployment model\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"awsNetworkFirewallConfig\\\":{\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}},\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"OFF\\\"},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nWith automatic Availbility Zone configuration, Firewall Manager chooses which Availability Zones to create the endpoints in. To use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"]},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\": \\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\", \\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{ \\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[ \\\"10.0.0.0/28\\\"]}]} },\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"OFF\\\",\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nWith custom Availability Zone configuration, you define which specific Availability Zones to create endpoints in by configuring `firewallCreationConfig` . To configure the Availability Zones in `firewallCreationConfig` , specify either the `availabilityZoneName` or `availabilityZoneId` parameter, not both parameters.\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"],\\\"routeManagementConfig\\\":{\\\"allowCrossAZTrafficIfNoEndpoint\\\":true}},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall centralized deployment model\n\n`\"{ \\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\", \\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\", \\\"thirdPartyFirewallConfig\\\":{ \\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `CENTRALIZED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall distributed deployment model\n\n`\"{\\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\",\\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\",\\\"thirdPartyFirewallConfig\\\":{\\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{ \\\"distributedFirewallDeploymentModel\\\":{ \\\"distributedFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{ \\\"availabilityZoneConfigList\\\":[ {\\\"availabilityZoneName\\\":\\\"${AvailabilityZone}\\\" } ] } }, \\\"allowedIPV4CidrList\\\":[ ] } } } }\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `DISTRIBUTED` .\n- Specification for `SHIELD_ADVANCED` for Amazon CloudFront distributions\n\n`\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED|IGNORED|DISABLED\\\", \\\"automaticResponseAction\\\":\\\"BLOCK|COUNT\\\"}, \\\"overrideCustomerWebaclClassic\\\":true|false}\"`\n\nFor example: `\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED\\\", \\\"automaticResponseAction\\\":\\\"COUNT\\\"}}\"`\n\nThe default value for `automaticResponseStatus` is `IGNORED` . The value for `automaticResponseAction` is only required when `automaticResponseStatus` is set to `ENABLED` . The default value for `overrideCustomerWebaclClassic` is `false` .\n\nFor other resource types that you can protect with a Shield Advanced policy, this `ManagedServiceData` configuration is an empty string.\n- Example: `WAFV2`\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"version\\\":null,\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesAmazonIpReputationList\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nIn the `loggingConfiguration` , you can specify one `logDestinationConfigs` , you can optionally provide up to 20 `redactedFields` , and the `RedactedFieldType` must be one of `URI` , `QUERY_STRING` , `HEADER` , or `METHOD` .\n- Example: `AWS WAF Classic`\n\n`\"{\\\"type\\\": \\\"WAF\\\", \\\"ruleGroups\\\": [{\\\"id\\\":\\\"12345678-1bcd-9012-efga-0987654321ab\\\", \\\"overrideAction\\\" : {\\\"type\\\": \\\"COUNT\\\"}}], \\\"defaultAction\\\": {\\\"type\\\": \\\"BLOCK\\\"}}\"`\n- Example: `WAFV2` - AWS Firewall Manager support for AWS WAF managed rule group versioning\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"versionEnabled\\\":true,\\\"version\\\":\\\"Version_2.0\\\",\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesCommonRuleSet\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nTo use a specific version of a AWS WAF managed rule group in your Firewall Manager policy, you must set `versionEnabled` to `true` , and set `version` to the version you'd like to use. If you don't set `versionEnabled` to `true` , or if you omit `versionEnabled` , then Firewall Manager uses the default version of the AWS WAF managed rule group.\n- Example: `SECURITY_GROUPS_COMMON`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: Shared VPCs. Apply the preceding policy to resources in shared VPCs as well as to those in VPCs that the account owns\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"includeSharedVPC\\\":true,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: `SECURITY_GROUPS_CONTENT_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_CONTENT_AUDIT\\\",\\\"securityGroups\\\":[{\\\"id\\\":\\\"sg-000e55995d61a06bd\\\"}],\\\"securityGroupAction\\\":{\\\"type\\\":\\\"ALLOW\\\"}}\"`\n\nThe security group action for content audit can be `ALLOW` or `DENY` . For `ALLOW` , all in-scope security group rules must be within the allowed range of the policy's security group rules. For `DENY` , all in-scope security group rules must not contain a value or a range that matches a rule value or range in the policy security group.\n- Example: `SECURITY_GROUPS_USAGE_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_USAGE_AUDIT\\\",\\\"deleteUnusedSecurityGroups\\\":true,\\\"coalesceRedundantSecurityGroups\\\":true}\"`", + "title": "SecurityServicePolicyData" + }, + "Tags": { "items": { - "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline.WorkflowConfiguration" + "$ref": "#/definitions/AWS::FMS::Policy.PolicyTag" }, - "markdownDescription": "Contains the workflows that run for the image pipeline.", - "title": "Workflows", + "markdownDescription": "A collection of key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.", + "title": "Tags", "type": "array" } }, "required": [ - "InfrastructureConfigurationArn", - "Name" + "ExcludeResourceTags", + "PolicyName", + "RemediationEnabled", + "SecurityServicePolicyData" ], "type": "object" }, "Type": { "enum": [ - "AWS::ImageBuilder::ImagePipeline" + "AWS::FMS::Policy" ], "type": "string" }, @@ -117799,122 +122262,277 @@ ], "type": "object" }, - "AWS::ImageBuilder::ImagePipeline.EcrConfiguration": { + "AWS::FMS::Policy.IEMap": { "additionalProperties": false, "properties": { - "ContainerTags": { + "ACCOUNT": { "items": { "type": "string" }, - "markdownDescription": "Tags for Image Builder to apply to the output container image that Amazon Inspector scans. Tags can help you identify and manage your scanned images.", - "title": "ContainerTags", + "markdownDescription": "The account list for the map.", + "title": "ACCOUNT", "type": "array" }, - "RepositoryName": { - "markdownDescription": "The name of the container repository that Amazon Inspector scans to identify findings for your container images. The name includes the path for the repository location. If you don\u2019t provide this information, Image Builder creates a repository in your account named `image-builder-image-scanning-repository` for vulnerability scans of your output container images.", - "title": "RepositoryName", - "type": "string" + "ORGUNIT": { + "items": { + "type": "string" + }, + "markdownDescription": "The organizational unit list for the map.", + "title": "ORGUNIT", + "type": "array" } }, "type": "object" }, - "AWS::ImageBuilder::ImagePipeline.ImageScanningConfiguration": { + "AWS::FMS::Policy.IcmpTypeCode": { "additionalProperties": false, "properties": { - "EcrConfiguration": { - "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline.EcrConfiguration", - "markdownDescription": "Contains Amazon ECR settings for vulnerability scans.", - "title": "EcrConfiguration" + "Code": { + "markdownDescription": "ICMP code.", + "title": "Code", + "type": "number" }, - "ImageScanningEnabled": { - "markdownDescription": "A setting that indicates whether Image Builder keeps a snapshot of the vulnerability scans that Amazon Inspector runs against the build instance when you create a new image.", - "title": "ImageScanningEnabled", - "type": "boolean" + "Type": { + "markdownDescription": "ICMP type.", + "title": "Type", + "type": "number" } }, + "required": [ + "Code", + "Type" + ], "type": "object" }, - "AWS::ImageBuilder::ImagePipeline.ImageTestsConfiguration": { + "AWS::FMS::Policy.NetworkAclCommonPolicy": { "additionalProperties": false, "properties": { - "ImageTestsEnabled": { - "markdownDescription": "Defines if tests should be executed when building this image. For example, `true` or `false` .", - "title": "ImageTestsEnabled", - "type": "boolean" - }, - "TimeoutMinutes": { - "markdownDescription": "The maximum time in minutes that tests are permitted to run.\n\n> The timeout property is not currently active. This value is ignored.", - "title": "TimeoutMinutes", - "type": "number" + "NetworkAclEntrySet": { + "$ref": "#/definitions/AWS::FMS::Policy.NetworkAclEntrySet", + "markdownDescription": "The definition of the first and last rules for the network ACL policy.", + "title": "NetworkAclEntrySet" } }, + "required": [ + "NetworkAclEntrySet" + ], "type": "object" }, - "AWS::ImageBuilder::ImagePipeline.Schedule": { + "AWS::FMS::Policy.NetworkAclEntry": { "additionalProperties": false, "properties": { - "PipelineExecutionStartCondition": { - "markdownDescription": "The condition configures when the pipeline should trigger a new image build. When the `pipelineExecutionStartCondition` is set to `EXPRESSION_MATCH_AND_DEPENDENCY_UPDATES_AVAILABLE` , and you use semantic version filters on the base image or components in your image recipe, Image Builder will build a new image only when there are new versions of the image or components in your recipe that match the semantic version filter. When it is set to `EXPRESSION_MATCH_ONLY` , it will build a new image every time the CRON expression matches the current time. For semantic version syntax, see [CreateComponent](https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_CreateComponent.html) in the *Image Builder API Reference* .", - "title": "PipelineExecutionStartCondition", + "CidrBlock": { + "markdownDescription": "The IPv4 network range to allow or deny, in CIDR notation.", + "title": "CidrBlock", "type": "string" }, - "ScheduleExpression": { - "markdownDescription": "The cron expression determines how often EC2 Image Builder evaluates your `pipelineExecutionStartCondition` .\n\nFor information on how to format a cron expression in Image Builder, see [Use cron expressions in EC2 Image Builder](https://docs.aws.amazon.com/imagebuilder/latest/userguide/image-builder-cron.html) .", - "title": "ScheduleExpression", + "Egress": { + "markdownDescription": "Indicates whether the rule is an egress, or outbound, rule (applied to traffic leaving the subnet). If it's not an egress rule, then it's an ingress, or inbound, rule.", + "title": "Egress", + "type": "boolean" + }, + "IcmpTypeCode": { + "$ref": "#/definitions/AWS::FMS::Policy.IcmpTypeCode", + "markdownDescription": "ICMP protocol: The ICMP type and code.", + "title": "IcmpTypeCode" + }, + "Ipv6CidrBlock": { + "markdownDescription": "The IPv6 network range to allow or deny, in CIDR notation.", + "title": "Ipv6CidrBlock", + "type": "string" + }, + "PortRange": { + "$ref": "#/definitions/AWS::FMS::Policy.PortRange", + "markdownDescription": "TCP or UDP protocols: The range of ports the rule applies to.", + "title": "PortRange" + }, + "Protocol": { + "markdownDescription": "The protocol number. A value of \"-1\" means all protocols.", + "title": "Protocol", + "type": "string" + }, + "RuleAction": { + "markdownDescription": "Indicates whether to allow or deny the traffic that matches the rule.", + "title": "RuleAction", "type": "string" } }, + "required": [ + "Egress", + "Protocol", + "RuleAction" + ], "type": "object" }, - "AWS::ImageBuilder::ImagePipeline.WorkflowConfiguration": { + "AWS::FMS::Policy.NetworkAclEntrySet": { "additionalProperties": false, "properties": { - "OnFailure": { - "markdownDescription": "The action to take if the workflow fails.", - "title": "OnFailure", - "type": "string" + "FirstEntries": { + "items": { + "$ref": "#/definitions/AWS::FMS::Policy.NetworkAclEntry" + }, + "markdownDescription": "The rules that you want to run first in the Firewall Manager managed network ACLs.\n\n> Provide these in the order in which you want them to run. Firewall Manager will assign the specific rule numbers for you, in the network ACLs that it creates. \n\nYou must specify at least one first entry or one last entry in any network ACL policy.", + "title": "FirstEntries", + "type": "array" }, - "ParallelGroup": { - "markdownDescription": "Test workflows are defined within named runtime groups called parallel groups. The parallel group is the named group that contains this test workflow. Test workflows within a parallel group can run at the same time. Image Builder starts up to five test workflows in the group at the same time, and starts additional workflows as others complete, until all workflows in the group have completed. This field only applies for test workflows.", - "title": "ParallelGroup", - "type": "string" + "ForceRemediateForFirstEntries": { + "markdownDescription": "Applies only when remediation is enabled for the policy as a whole. Firewall Manager uses this setting when it finds policy violations that involve conflicts between the custom entries and the policy entries.\n\nIf forced remediation is disabled, Firewall Manager marks the network ACL as noncompliant and does not try to remediate. For more information about the remediation behavior, see [Remediation for managed network ACLs](https://docs.aws.amazon.com/waf/latest/developerguide/network-acl-policies.html#network-acls-remediation) in the *AWS Firewall Manager Developer Guide* .", + "title": "ForceRemediateForFirstEntries", + "type": "boolean" }, - "Parameters": { + "ForceRemediateForLastEntries": { + "markdownDescription": "Applies only when remediation is enabled for the policy as a whole. Firewall Manager uses this setting when it finds policy violations that involve conflicts between the custom entries and the policy entries.\n\nIf forced remediation is disabled, Firewall Manager marks the network ACL as noncompliant and does not try to remediate. For more information about the remediation behavior, see [Remediation for managed network ACLs](https://docs.aws.amazon.com/waf/latest/developerguide/network-acl-policies.html#network-acls-remediation) in the *AWS Firewall Manager Developer Guide* .", + "title": "ForceRemediateForLastEntries", + "type": "boolean" + }, + "LastEntries": { "items": { - "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline.WorkflowParameter" + "$ref": "#/definitions/AWS::FMS::Policy.NetworkAclEntry" }, - "markdownDescription": "Contains parameter values for each of the parameters that the workflow document defined for the workflow resource.", - "title": "Parameters", + "markdownDescription": "The rules that you want to run last in the Firewall Manager managed network ACLs.\n\n> Provide these in the order in which you want them to run. Firewall Manager will assign the specific rule numbers for you, in the network ACLs that it creates. \n\nYou must specify at least one first entry or one last entry in any network ACL policy.", + "title": "LastEntries", "type": "array" + } + }, + "required": [ + "ForceRemediateForFirstEntries", + "ForceRemediateForLastEntries" + ], + "type": "object" + }, + "AWS::FMS::Policy.NetworkFirewallPolicy": { + "additionalProperties": false, + "properties": { + "FirewallDeploymentModel": { + "markdownDescription": "Defines the deployment model to use for the firewall policy. To use a distributed model, set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `DISTRIBUTED` .", + "title": "FirewallDeploymentModel", + "type": "string" + } + }, + "required": [ + "FirewallDeploymentModel" + ], + "type": "object" + }, + "AWS::FMS::Policy.PolicyOption": { + "additionalProperties": false, + "properties": { + "NetworkAclCommonPolicy": { + "$ref": "#/definitions/AWS::FMS::Policy.NetworkAclCommonPolicy", + "markdownDescription": "Defines a Firewall Manager network ACL policy.", + "title": "NetworkAclCommonPolicy" }, - "WorkflowArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the workflow resource.", - "title": "WorkflowArn", + "NetworkFirewallPolicy": { + "$ref": "#/definitions/AWS::FMS::Policy.NetworkFirewallPolicy", + "markdownDescription": "Defines the deployment model to use for the firewall policy.", + "title": "NetworkFirewallPolicy" + }, + "ThirdPartyFirewallPolicy": { + "$ref": "#/definitions/AWS::FMS::Policy.ThirdPartyFirewallPolicy", + "markdownDescription": "Defines the policy options for a third-party firewall policy.", + "title": "ThirdPartyFirewallPolicy" + } + }, + "type": "object" + }, + "AWS::FMS::Policy.PolicyTag": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "Part of the key:value pair that defines a tag. You can use a tag key to describe a category of information, such as \"customer.\" Tag keys are case-sensitive.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "Part of the key:value pair that defines a tag. You can use a tag value to describe a specific value within a category, such as \"companyA\" or \"companyB.\" Tag values are case-sensitive.", + "title": "Value", "type": "string" } }, + "required": [ + "Key", + "Value" + ], "type": "object" }, - "AWS::ImageBuilder::ImagePipeline.WorkflowParameter": { + "AWS::FMS::Policy.PortRange": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the workflow parameter to set.", - "title": "Name", + "From": { + "markdownDescription": "The beginning port number of the range.", + "title": "From", + "type": "number" + }, + "To": { + "markdownDescription": "The ending port number of the range.", + "title": "To", + "type": "number" + } + }, + "required": [ + "From", + "To" + ], + "type": "object" + }, + "AWS::FMS::Policy.ResourceTag": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The resource tag key.", + "title": "Key", "type": "string" }, "Value": { - "items": { - "type": "string" - }, - "markdownDescription": "Sets the value for the named workflow parameter.", + "markdownDescription": "The resource tag value.", "title": "Value", - "type": "array" + "type": "string" } }, + "required": [ + "Key" + ], "type": "object" }, - "AWS::ImageBuilder::ImageRecipe": { + "AWS::FMS::Policy.SecurityServicePolicyData": { + "additionalProperties": false, + "properties": { + "ManagedServiceData": { + "markdownDescription": "Details about the service that are specific to the service type, in JSON format.\n\n- Example: `DNS_FIREWALL`\n\n`\"{\\\"type\\\":\\\"DNS_FIREWALL\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-1\\\",\\\"priority\\\":10}],\\\"postProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-2\\\",\\\"priority\\\":9911}]}\"`\n\n> Valid values for `preProcessRuleGroups` are between 1 and 99. Valid values for `postProcessRuleGroups` are between 9901 and 10000.\n- Example: `NETWORK_FIREWALL` - Centralized deployment model\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"awsNetworkFirewallConfig\\\":{\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}},\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"OFF\\\"},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nWith automatic Availbility Zone configuration, Firewall Manager chooses which Availability Zones to create the endpoints in. To use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"]},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\": \\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\", \\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{ \\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[ \\\"10.0.0.0/28\\\"]}]} },\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"OFF\\\",\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nWith custom Availability Zone configuration, you define which specific Availability Zones to create endpoints in by configuring `firewallCreationConfig` . To configure the Availability Zones in `firewallCreationConfig` , specify either the `availabilityZoneName` or `availabilityZoneId` parameter, not both parameters.\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"],\\\"routeManagementConfig\\\":{\\\"allowCrossAZTrafficIfNoEndpoint\\\":true}},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall centralized deployment model\n\n`\"{ \\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\", \\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\", \\\"thirdPartyFirewallConfig\\\":{ \\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `CENTRALIZED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall distributed deployment model\n\n`\"{\\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\",\\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\",\\\"thirdPartyFirewallConfig\\\":{\\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{ \\\"distributedFirewallDeploymentModel\\\":{ \\\"distributedFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{ \\\"availabilityZoneConfigList\\\":[ {\\\"availabilityZoneName\\\":\\\"${AvailabilityZone}\\\" } ] } }, \\\"allowedIPV4CidrList\\\":[ ] } } } }\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `DISTRIBUTED` .\n- Specification for `SHIELD_ADVANCED` for Amazon CloudFront distributions\n\n`\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED|IGNORED|DISABLED\\\", \\\"automaticResponseAction\\\":\\\"BLOCK|COUNT\\\"}, \\\"overrideCustomerWebaclClassic\\\":true|false}\"`\n\nFor example: `\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED\\\", \\\"automaticResponseAction\\\":\\\"COUNT\\\"}}\"`\n\nThe default value for `automaticResponseStatus` is `IGNORED` . The value for `automaticResponseAction` is only required when `automaticResponseStatus` is set to `ENABLED` . The default value for `overrideCustomerWebaclClassic` is `false` .\n\nFor other resource types that you can protect with a Shield Advanced policy, this `ManagedServiceData` configuration is an empty string.\n- Example: `WAFV2`\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"version\\\":null,\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesAmazonIpReputationList\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nIn the `loggingConfiguration` , you can specify one `logDestinationConfigs` , you can optionally provide up to 20 `redactedFields` , and the `RedactedFieldType` must be one of `URI` , `QUERY_STRING` , `HEADER` , or `METHOD` .\n- Example: `AWS WAF Classic`\n\n`\"{\\\"type\\\": \\\"WAF\\\", \\\"ruleGroups\\\": [{\\\"id\\\":\\\"12345678-1bcd-9012-efga-0987654321ab\\\", \\\"overrideAction\\\" : {\\\"type\\\": \\\"COUNT\\\"}}], \\\"defaultAction\\\": {\\\"type\\\": \\\"BLOCK\\\"}}\"`\n- Example: `WAFV2` - AWS Firewall Manager support for AWS WAF managed rule group versioning\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"versionEnabled\\\":true,\\\"version\\\":\\\"Version_2.0\\\",\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesCommonRuleSet\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nTo use a specific version of a AWS WAF managed rule group in your Firewall Manager policy, you must set `versionEnabled` to `true` , and set `version` to the version you'd like to use. If you don't set `versionEnabled` to `true` , or if you omit `versionEnabled` , then Firewall Manager uses the default version of the AWS WAF managed rule group.\n- Example: `SECURITY_GROUPS_COMMON`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: Shared VPCs. Apply the preceding policy to resources in shared VPCs as well as to those in VPCs that the account owns\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"includeSharedVPC\\\":true,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: `SECURITY_GROUPS_CONTENT_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_CONTENT_AUDIT\\\",\\\"securityGroups\\\":[{\\\"id\\\":\\\"sg-000e55995d61a06bd\\\"}],\\\"securityGroupAction\\\":{\\\"type\\\":\\\"ALLOW\\\"}}\"`\n\nThe security group action for content audit can be `ALLOW` or `DENY` . For `ALLOW` , all in-scope security group rules must be within the allowed range of the policy's security group rules. For `DENY` , all in-scope security group rules must not contain a value or a range that matches a rule value or range in the policy security group.\n- Example: `SECURITY_GROUPS_USAGE_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_USAGE_AUDIT\\\",\\\"deleteUnusedSecurityGroups\\\":true,\\\"coalesceRedundantSecurityGroups\\\":true}\"`", + "title": "ManagedServiceData", + "type": "string" + }, + "PolicyOption": { + "$ref": "#/definitions/AWS::FMS::Policy.PolicyOption", + "markdownDescription": "Contains the settings to configure a network ACL policy, a AWS Network Firewall firewall policy deployment model, or a third-party firewall policy.", + "title": "PolicyOption" + }, + "Type": { + "markdownDescription": "The service that the policy is using to protect the resources. This specifies the type of policy that is created, either an AWS WAF policy, a Shield Advanced policy, or a security group policy. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting SUPlong .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::FMS::Policy.ThirdPartyFirewallPolicy": { + "additionalProperties": false, + "properties": { + "FirewallDeploymentModel": { + "markdownDescription": "Defines the deployment model to use for the third-party firewall policy.", + "title": "FirewallDeploymentModel", + "type": "string" + } + }, + "required": [ + "FirewallDeploymentModel" + ], + "type": "object" + }, + "AWS::FMS::ResourceSet": { "additionalProperties": false, "properties": { "Condition": { @@ -117949,75 +122567,50 @@ "Properties": { "additionalProperties": false, "properties": { - "AdditionalInstanceConfiguration": { - "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe.AdditionalInstanceConfiguration", - "markdownDescription": "Before you create a new AMI, Image Builder launches temporary Amazon EC2 instances to build and test your image configuration. Instance configuration adds a layer of control over those instances. You can define settings and add scripts to run when an instance is launched from your AMI.", - "title": "AdditionalInstanceConfiguration" - }, - "BlockDeviceMappings": { - "items": { - "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe.InstanceBlockDeviceMapping" - }, - "markdownDescription": "The block device mappings to apply when creating images from this recipe.", - "title": "BlockDeviceMappings", - "type": "array" - }, - "Components": { - "items": { - "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe.ComponentConfiguration" - }, - "markdownDescription": "The components that are included in the image recipe. Recipes require a minimum of one build component, and can have a maximum of 20 build and test components in any combination.", - "title": "Components", - "type": "array" - }, "Description": { - "markdownDescription": "The description of the image recipe.", + "markdownDescription": "A description of the resource set.", "title": "Description", "type": "string" }, "Name": { - "markdownDescription": "The name of the image recipe.", + "markdownDescription": "The descriptive name of the resource set. You can't change the name of a resource set after you create it.", "title": "Name", "type": "string" }, - "ParentImage": { - "markdownDescription": "The base image for customizations specified in the image recipe. You can specify the parent image using one of the following options:\n\n- AMI ID\n- Image Builder image Amazon Resource Name (ARN)\n- AWS Systems Manager (SSM) Parameter Store Parameter, prefixed by `ssm:` , followed by the parameter name or ARN.\n- AWS Marketplace product ID", - "title": "ParentImage", - "type": "string" + "ResourceTypeList": { + "items": { + "type": "string" + }, + "markdownDescription": "Determines the resources that can be associated to the resource set. Depending on your setting for max results and the number of resource sets, a single call might not return the full list.", + "title": "ResourceTypeList", + "type": "array" + }, + "Resources": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "Resources", + "type": "array" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "The tags of the image recipe.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "", "title": "Tags", - "type": "object" - }, - "Version": { - "markdownDescription": "The version of the image recipe.", - "title": "Version", - "type": "string" - }, - "WorkingDirectory": { - "markdownDescription": "The working directory to be used during build and test workflows.", - "title": "WorkingDirectory", - "type": "string" + "type": "array" } }, "required": [ - "Components", "Name", - "ParentImage", - "Version" + "ResourceTypeList" ], "type": "object" }, "Type": { "enum": [ - "AWS::ImageBuilder::ImageRecipe" + "AWS::FMS::ResourceSet" ], "type": "string" }, @@ -118036,148 +122629,7 @@ ], "type": "object" }, - "AWS::ImageBuilder::ImageRecipe.AdditionalInstanceConfiguration": { - "additionalProperties": false, - "properties": { - "SystemsManagerAgent": { - "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe.SystemsManagerAgent", - "markdownDescription": "Contains settings for the Systems Manager agent on your build instance.", - "title": "SystemsManagerAgent" - }, - "UserDataOverride": { - "markdownDescription": "Use this property to provide commands or a command script to run when you launch your build instance.\n\nThe userDataOverride property replaces any commands that Image Builder might have added to ensure that Systems Manager is installed on your Linux build instance. If you override the user data, make sure that you add commands to install Systems Manager, if it is not pre-installed on your base image.\n\n> The user data is always base 64 encoded. For example, the following commands are encoded as `IyEvYmluL2Jhc2gKbWtkaXIgLXAgL3Zhci9iYi8KdG91Y2ggL3Zhci$` :\n> \n> *#!/bin/bash*\n> \n> mkdir -p /var/bb/\n> \n> touch /var", - "title": "UserDataOverride", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::ImageRecipe.ComponentConfiguration": { - "additionalProperties": false, - "properties": { - "ComponentArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the component.", - "title": "ComponentArn", - "type": "string" - }, - "Parameters": { - "items": { - "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe.ComponentParameter" - }, - "markdownDescription": "A group of parameter settings that Image Builder uses to configure the component for a specific recipe.", - "title": "Parameters", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::ImageRecipe.ComponentParameter": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the component parameter to set.", - "title": "Name", - "type": "string" - }, - "Value": { - "items": { - "type": "string" - }, - "markdownDescription": "Sets the value for the named component parameter.", - "title": "Value", - "type": "array" - } - }, - "required": [ - "Name", - "Value" - ], - "type": "object" - }, - "AWS::ImageBuilder::ImageRecipe.EbsInstanceBlockDeviceSpecification": { - "additionalProperties": false, - "properties": { - "DeleteOnTermination": { - "markdownDescription": "Configures delete on termination of the associated device.", - "title": "DeleteOnTermination", - "type": "boolean" - }, - "Encrypted": { - "markdownDescription": "Use to configure device encryption.", - "title": "Encrypted", - "type": "boolean" - }, - "Iops": { - "markdownDescription": "Use to configure device IOPS.", - "title": "Iops", - "type": "number" - }, - "KmsKeyId": { - "markdownDescription": "Use to configure the KMS key to use when encrypting the device.", - "title": "KmsKeyId", - "type": "string" - }, - "SnapshotId": { - "markdownDescription": "The snapshot that defines the device contents.", - "title": "SnapshotId", - "type": "string" - }, - "Throughput": { - "markdownDescription": "*For GP3 volumes only* \u2013 The throughput in MiB/s that the volume supports.", - "title": "Throughput", - "type": "number" - }, - "VolumeSize": { - "markdownDescription": "Overrides the volume size of the device.", - "title": "VolumeSize", - "type": "number" - }, - "VolumeType": { - "markdownDescription": "Overrides the volume type of the device.", - "title": "VolumeType", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::ImageRecipe.InstanceBlockDeviceMapping": { - "additionalProperties": false, - "properties": { - "DeviceName": { - "markdownDescription": "The device to which these mappings apply.", - "title": "DeviceName", - "type": "string" - }, - "Ebs": { - "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe.EbsInstanceBlockDeviceSpecification", - "markdownDescription": "Use to manage Amazon EBS-specific configuration for this mapping.", - "title": "Ebs" - }, - "NoDevice": { - "markdownDescription": "Enter an empty string to remove a mapping from the parent image.\n\nThe following is an example of an empty string value in the `NoDevice` field.\n\n`NoDevice:\"\"`", - "title": "NoDevice", - "type": "string" - }, - "VirtualName": { - "markdownDescription": "Manages the instance ephemeral devices.", - "title": "VirtualName", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::ImageRecipe.SystemsManagerAgent": { - "additionalProperties": false, - "properties": { - "UninstallAfterBuild": { - "markdownDescription": "Controls whether the Systems Manager agent is removed from your final build image, prior to creating the new AMI. If this is set to true, then the agent is removed from the final image. If it's set to false, then the agent is left in, so that it is included in the new AMI. The default value is false.", - "title": "UninstallAfterBuild", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::InfrastructureConfiguration": { + "AWS::FSx::DataRepositoryAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -118212,99 +122664,55 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the infrastructure configuration.", - "title": "Description", - "type": "string" - }, - "InstanceMetadataOptions": { - "$ref": "#/definitions/AWS::ImageBuilder::InfrastructureConfiguration.InstanceMetadataOptions", - "markdownDescription": "The instance metadata options that you can set for the HTTP requests that pipeline builds use to launch EC2 build and test instances.", - "title": "InstanceMetadataOptions" + "BatchImportMetaDataOnCreate": { + "markdownDescription": "A boolean flag indicating whether an import data repository task to import metadata should run after the data repository association is created. The task runs if this flag is set to `true` .", + "title": "BatchImportMetaDataOnCreate", + "type": "boolean" }, - "InstanceProfileName": { - "markdownDescription": "The instance profile to associate with the instance used to customize your Amazon EC2 AMI.", - "title": "InstanceProfileName", + "DataRepositoryPath": { + "markdownDescription": "The path to the Amazon S3 data repository that will be linked to the file system. The path can be an S3 bucket or prefix in the format `s3://myBucket/myPrefix/` . This path specifies where in the S3 data repository files will be imported from or exported to.", + "title": "DataRepositoryPath", "type": "string" }, - "InstanceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The instance types of the infrastructure configuration. You can specify one or more instance types to use for this build. The service will pick one of these instance types based on availability.", - "title": "InstanceTypes", - "type": "array" - }, - "KeyPair": { - "markdownDescription": "The key pair of the infrastructure configuration. You can use this to log on to and debug the instance used to create your image.", - "title": "KeyPair", + "FileSystemId": { + "markdownDescription": "The ID of the file system on which the data repository association is configured.", + "title": "FileSystemId", "type": "string" }, - "Logging": { - "$ref": "#/definitions/AWS::ImageBuilder::InfrastructureConfiguration.Logging", - "markdownDescription": "The logging configuration of the infrastructure configuration.", - "title": "Logging" - }, - "Name": { - "markdownDescription": "The name of the infrastructure configuration.", - "title": "Name", + "FileSystemPath": { + "markdownDescription": "A path on the Amazon FSx for Lustre file system that points to a high-level directory (such as `/ns1/` ) or subdirectory (such as `/ns1/subdir/` ) that will be mapped 1-1 with `DataRepositoryPath` . The leading forward slash in the name is required. Two data repository associations cannot have overlapping file system paths. For example, if a data repository is associated with file system path `/ns1/` , then you cannot link another data repository with file system path `/ns1/ns2` .\n\nThis path specifies where in your file system files will be exported from or imported to. This file system directory can be linked to only one Amazon S3 bucket, and no other S3 bucket can be linked to the directory.\n\n> If you specify only a forward slash ( `/` ) as the file system path, you can link only one data repository to the file system. You can only specify \"/\" as the file system path for the first data repository associated with a file system.", + "title": "FileSystemPath", "type": "string" }, - "ResourceTags": { - "additionalProperties": true, - "markdownDescription": "The metadata tags to assign to the Amazon EC2 instance that Image Builder launches during the build process. Tags are formatted as key value pairs.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "ResourceTags", - "type": "object" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The security group IDs to associate with the instance used to customize your Amazon EC2 AMI.", - "title": "SecurityGroupIds", - "type": "array" - }, - "SnsTopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the SNS topic to which we send image build event notifications.\n\n> EC2 Image Builder is unable to send notifications to SNS topics that are encrypted using keys from other accounts. The key that is used to encrypt the SNS topic must reside in the account that the Image Builder service runs under.", - "title": "SnsTopicArn", - "type": "string" + "ImportedFileChunkSize": { + "markdownDescription": "For files imported from a data repository, this value determines the stripe count and maximum amount of data per file (in MiB) stored on a single physical disk. The maximum number of disks that a single file can be striped across is limited by the total number of disks that make up the file system or cache.\n\nThe default chunk size is 1,024 MiB (1 GiB) and can go as high as 512,000 MiB (500 GiB). Amazon S3 objects have a maximum size of 5 TB.", + "title": "ImportedFileChunkSize", + "type": "number" }, - "SubnetId": { - "markdownDescription": "The subnet ID in which to place the instance used to customize your Amazon EC2 AMI.", - "title": "SubnetId", - "type": "string" + "S3": { + "$ref": "#/definitions/AWS::FSx::DataRepositoryAssociation.S3", + "markdownDescription": "The configuration for an Amazon S3 data repository linked to an Amazon FSx Lustre file system with a data repository association. The configuration defines which file events (new, changed, or deleted files or directories) are automatically imported from the linked data repository to the file system or automatically exported from the file system to the data repository.", + "title": "S3" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "The metadata tags to assign to the infrastructure configuration resource that Image Builder creates as output. Tags are formatted as key value pairs.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "A list of `Tag` values, with a maximum of 50 elements.", "title": "Tags", - "type": "object" - }, - "TerminateInstanceOnFailure": { - "markdownDescription": "The terminate instance on failure setting of the infrastructure configuration. Set to false if you want Image Builder to retain the instance used to configure your AMI if the build or test phase of your workflow fails.", - "title": "TerminateInstanceOnFailure", - "type": "boolean" + "type": "array" } }, "required": [ - "InstanceProfileName", - "Name" + "DataRepositoryPath", + "FileSystemId", + "FileSystemPath" ], "type": "object" }, "Type": { "enum": [ - "AWS::ImageBuilder::InfrastructureConfiguration" + "AWS::FSx::DataRepositoryAssociation" ], "type": "string" }, @@ -118323,50 +122731,57 @@ ], "type": "object" }, - "AWS::ImageBuilder::InfrastructureConfiguration.InstanceMetadataOptions": { + "AWS::FSx::DataRepositoryAssociation.AutoExportPolicy": { "additionalProperties": false, "properties": { - "HttpPutResponseHopLimit": { - "markdownDescription": "Limit the number of hops that an instance metadata request can traverse to reach its destination. The default is one hop. However, if HTTP tokens are required, container image builds need a minimum of two hops.", - "title": "HttpPutResponseHopLimit", - "type": "number" - }, - "HttpTokens": { - "markdownDescription": "Indicates whether a signed token header is required for instance metadata retrieval requests. The values affect the response as follows:\n\n- *required* \u2013 When you retrieve the IAM role credentials, version 2.0 credentials are returned in all cases.\n- *optional* \u2013 You can include a signed token header in your request to retrieve instance metadata, or you can leave it out. If you include it, version 2.0 credentials are returned for the IAM role. Otherwise, version 1.0 credentials are returned.\n\nThe default setting is *optional* .", - "title": "HttpTokens", - "type": "string" + "Events": { + "items": { + "type": "string" + }, + "markdownDescription": "The `AutoExportPolicy` can have the following event values:\n\n- `NEW` - New files and directories are automatically exported to the data repository as they are added to the file system.\n- `CHANGED` - Changes to files and directories on the file system are automatically exported to the data repository.\n- `DELETED` - Files and directories are automatically deleted on the data repository when they are deleted on the file system.\n\nYou can define any combination of event types for your `AutoExportPolicy` .", + "title": "Events", + "type": "array" } }, + "required": [ + "Events" + ], "type": "object" }, - "AWS::ImageBuilder::InfrastructureConfiguration.Logging": { + "AWS::FSx::DataRepositoryAssociation.AutoImportPolicy": { "additionalProperties": false, "properties": { - "S3Logs": { - "$ref": "#/definitions/AWS::ImageBuilder::InfrastructureConfiguration.S3Logs", - "markdownDescription": "The Amazon S3 logging configuration.", - "title": "S3Logs" + "Events": { + "items": { + "type": "string" + }, + "markdownDescription": "The `AutoImportPolicy` can have the following event values:\n\n- `NEW` - Amazon FSx automatically imports metadata of files added to the linked S3 bucket that do not currently exist in the FSx file system.\n- `CHANGED` - Amazon FSx automatically updates file metadata and invalidates existing file content on the file system as files change in the data repository.\n- `DELETED` - Amazon FSx automatically deletes files on the file system as corresponding files are deleted in the data repository.\n\nYou can define any combination of event types for your `AutoImportPolicy` .", + "title": "Events", + "type": "array" } }, + "required": [ + "Events" + ], "type": "object" }, - "AWS::ImageBuilder::InfrastructureConfiguration.S3Logs": { + "AWS::FSx::DataRepositoryAssociation.S3": { "additionalProperties": false, "properties": { - "S3BucketName": { - "markdownDescription": "The S3 bucket in which to store the logs.", - "title": "S3BucketName", - "type": "string" + "AutoExportPolicy": { + "$ref": "#/definitions/AWS::FSx::DataRepositoryAssociation.AutoExportPolicy", + "markdownDescription": "Describes a data repository association's automatic export policy. The `AutoExportPolicy` defines the types of updated objects on the file system that will be automatically exported to the data repository. As you create, modify, or delete files, Amazon FSx for Lustre automatically exports the defined changes asynchronously once your application finishes modifying the file.\n\nThe `AutoExportPolicy` is only supported on Amazon FSx for Lustre file systems with a data repository association.", + "title": "AutoExportPolicy" }, - "S3KeyPrefix": { - "markdownDescription": "The Amazon S3 path to the bucket where the logs are stored.", - "title": "S3KeyPrefix", - "type": "string" + "AutoImportPolicy": { + "$ref": "#/definitions/AWS::FSx::DataRepositoryAssociation.AutoImportPolicy", + "markdownDescription": "Describes the data repository association's automatic import policy. The AutoImportPolicy defines how Amazon FSx keeps your file metadata and directory listings up to date by importing changes to your Amazon FSx for Lustre file system as you modify objects in a linked S3 bucket.\n\nThe `AutoImportPolicy` is only supported on Amazon FSx for Lustre file systems with a data repository association.", + "title": "AutoImportPolicy" } }, "type": "object" }, - "AWS::ImageBuilder::LifecyclePolicy": { + "AWS::FSx::FileSystem": { "additionalProperties": false, "properties": { "Condition": { @@ -118401,68 +122816,90 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "Optional description for the lifecycle policy.", - "title": "Description", + "BackupId": { + "markdownDescription": "The ID of the file system backup that you are using to create a file system. For more information, see [CreateFileSystemFromBackup](https://docs.aws.amazon.com/fsx/latest/APIReference/API_CreateFileSystemFromBackup.html) .", + "title": "BackupId", "type": "string" }, - "ExecutionRole": { - "markdownDescription": "The name or Amazon Resource Name (ARN) for the IAM role you create that grants Image Builder access to run lifecycle actions.", - "title": "ExecutionRole", + "FileSystemType": { + "markdownDescription": "The type of Amazon FSx file system, which can be `LUSTRE` , `WINDOWS` , `ONTAP` , or `OPENZFS` .", + "title": "FileSystemType", "type": "string" }, - "Name": { - "markdownDescription": "The name of the lifecycle policy to create.", - "title": "Name", + "FileSystemTypeVersion": { + "markdownDescription": "For FSx for Lustre file systems, sets the Lustre version for the file system that you're creating. Valid values are `2.10` , `2.12` , and `2.15` :\n\n- `2.10` is supported by the Scratch and Persistent_1 Lustre deployment types.\n- `2.12` is supported by all Lustre deployment types, except for `PERSISTENT_2` with a metadata configuration mode.\n- `2.15` is supported by all Lustre deployment types and is recommended for all new file systems.\n\nDefault value is `2.10` , except for the following deployments:\n\n- Default value is `2.12` when `DeploymentType` is set to `PERSISTENT_2` without a metadata configuration mode.\n- Default value is `2.15` when `DeploymentType` is set to `PERSISTENT_2` with a metadata configuration mode.", + "title": "FileSystemTypeVersion", "type": "string" }, - "PolicyDetails": { + "KmsKeyId": { + "markdownDescription": "The ID of the AWS Key Management Service ( AWS KMS ) key used to encrypt Amazon FSx file system data. Used as follows with Amazon FSx file system types:\n\n- Amazon FSx for Lustre `PERSISTENT_1` and `PERSISTENT_2` deployment types only.\n\n`SCRATCH_1` and `SCRATCH_2` types are encrypted using the Amazon FSx service AWS KMS key for your account.\n- Amazon FSx for NetApp ONTAP\n- Amazon FSx for OpenZFS\n- Amazon FSx for Windows File Server\n\nIf this ID isn't specified, the Amazon FSx-managed key for your account is used. For more information, see [Encrypt](https://docs.aws.amazon.com//kms/latest/APIReference/API_Encrypt.html) in the *AWS Key Management Service API Reference* .", + "title": "KmsKeyId", + "type": "string" + }, + "LustreConfiguration": { + "$ref": "#/definitions/AWS::FSx::FileSystem.LustreConfiguration", + "markdownDescription": "The Lustre configuration for the file system being created. This configuration is required if the `FileSystemType` is set to `LUSTRE` .\n\n> The following parameters are not supported when creating Lustre file systems with a data repository association.\n> \n> - `AutoImportPolicy`\n> - `ExportPath`\n> - `ImportedChunkSize`\n> - `ImportPath`", + "title": "LustreConfiguration" + }, + "OntapConfiguration": { + "$ref": "#/definitions/AWS::FSx::FileSystem.OntapConfiguration", + "markdownDescription": "The ONTAP configuration properties of the FSx for ONTAP file system that you are creating. This configuration is required if the `FileSystemType` is set to `ONTAP` .", + "title": "OntapConfiguration" + }, + "OpenZFSConfiguration": { + "$ref": "#/definitions/AWS::FSx::FileSystem.OpenZFSConfiguration", + "markdownDescription": "The Amazon FSx for OpenZFS configuration properties for the file system that you are creating. This configuration is required if the `FileSystemType` is set to `OPENZFS` .", + "title": "OpenZFSConfiguration" + }, + "SecurityGroupIds": { "items": { - "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.PolicyDetail" + "type": "string" }, - "markdownDescription": "Configuration details for the lifecycle policy rules.", - "title": "PolicyDetails", + "markdownDescription": "A list of IDs specifying the security groups to apply to all network interfaces created for file system access. This list isn't returned in later requests to describe the file system.\n\n> You must specify a security group if you are creating a Multi-AZ FSx for ONTAP file system in a VPC subnet that has been shared with you.", + "title": "SecurityGroupIds", "type": "array" }, - "ResourceSelection": { - "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.ResourceSelection", - "markdownDescription": "Selection criteria for the resources that the lifecycle policy applies to.", - "title": "ResourceSelection" + "StorageCapacity": { + "markdownDescription": "Sets the storage capacity of the file system that you're creating.\n\n`StorageCapacity` is required if you are creating a new file system. It is not required if you are creating a file system by restoring a backup.\n\n*FSx for Lustre file systems* - The amount of storage capacity that you can configure depends on the value that you set for `StorageType` and the Lustre `DeploymentType` , as follows:\n\n- For `SCRATCH_2` , `PERSISTENT_2` and `PERSISTENT_1` deployment types using SSD storage type, the valid values are 1200 GiB, 2400 GiB, and increments of 2400 GiB.\n- For `PERSISTENT_1` HDD file systems, valid values are increments of 6000 GiB for 12 MB/s/TiB file systems and increments of 1800 GiB for 40 MB/s/TiB file systems.\n- For `SCRATCH_1` deployment type, valid values are 1200 GiB, 2400 GiB, and increments of 3600 GiB.\n\n*FSx for ONTAP file systems* - The amount of SSD storage capacity that you can configure depends on the value of the `HAPairs` property. The minimum value is calculated as 1,024 GiB * HAPairs and the maximum is calculated as 524,288 GiB * HAPairs, up to a maximum amount of SSD storage capacity of 1,048,576 GiB (1 pebibyte).\n\n*FSx for OpenZFS file systems* - The amount of storage capacity that you can configure is from 64 GiB up to 524,288 GiB (512 TiB). If you are creating a file system from a backup, you can specify a storage capacity equal to or greater than the original file system's storage capacity.\n\n*FSx for Windows File Server file systems* - The amount of storage capacity that you can configure depends on the value that you set for `StorageType` as follows:\n\n- For SSD storage, valid values are 32 GiB-65,536 GiB (64 TiB).\n- For HDD storage, valid values are 2000 GiB-65,536 GiB (64 TiB).", + "title": "StorageCapacity", + "type": "number" }, - "ResourceType": { - "markdownDescription": "The type of Image Builder resource that the lifecycle policy applies to.", - "title": "ResourceType", + "StorageType": { + "markdownDescription": "Sets the storage class for the file system that you're creating. Valid values are `SSD` , `HDD` , and `INTELLIGENT_TIERING` .\n\n- Set to `SSD` to use solid state drive storage. SSD is supported on all Windows, Lustre, ONTAP, and OpenZFS deployment types.\n- Set to `HDD` to use hard disk drive storage, which is supported on `SINGLE_AZ_2` and `MULTI_AZ_1` Windows file system deployment types, and on `PERSISTENT_1` Lustre file system deployment types.\n- Set to `INTELLIGENT_TIERING` to use fully elastic, intelligently-tiered storage. Intelligent-Tiering is only available for OpenZFS file systems with the Multi-AZ deployment type and for Lustre file systems with the Persistent_2 deployment type.\n\nDefault value is `SSD` . For more information, see [Storage type options](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/optimize-fsx-costs.html#storage-type-options) in the *FSx for Windows File Server User Guide* , [FSx for Lustre storage classes](https://docs.aws.amazon.com/fsx/latest/LustreGuide/using-fsx-lustre.html#lustre-storage-classes) in the *FSx for Lustre User Guide* , and [Working with Intelligent-Tiering](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/performance-intelligent-tiering) in the *Amazon FSx for OpenZFS User Guide* .", + "title": "StorageType", "type": "string" }, - "Status": { - "markdownDescription": "Indicates whether the lifecycle policy resource is enabled.", - "title": "Status", - "type": "string" + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the IDs of the subnets that the file system will be accessible from. For Windows and ONTAP `MULTI_AZ_1` deployment types,provide exactly two subnet IDs, one for the preferred file server and one for the standby file server. You specify one of these subnets as the preferred subnet using the `WindowsConfiguration > PreferredSubnetID` or `OntapConfiguration > PreferredSubnetID` properties. For more information about Multi-AZ file system configuration, see [Availability and durability: Single-AZ and Multi-AZ file systems](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/high-availability-multiAZ.html) in the *Amazon FSx for Windows User Guide* and [Availability and durability](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/high-availability-multiAZ.html) in the *Amazon FSx for ONTAP User Guide* .\n\nFor Windows `SINGLE_AZ_1` and `SINGLE_AZ_2` and all Lustre deployment types, provide exactly one subnet ID. The file server is launched in that subnet's Availability Zone.", + "title": "SubnetIds", + "type": "array" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "Tags to apply to the lifecycle policy resource.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "The tags to associate with the file system. For more information, see [Tagging your Amazon FSx resources](https://docs.aws.amazon.com/fsx/latest/LustreGuide/tag-resources.html) in the *Amazon FSx for Lustre User Guide* .", "title": "Tags", - "type": "object" + "type": "array" + }, + "WindowsConfiguration": { + "$ref": "#/definitions/AWS::FSx::FileSystem.WindowsConfiguration", + "markdownDescription": "The configuration object for the Microsoft Windows file system you are creating. This configuration is required if `FileSystemType` is set to `WINDOWS` .", + "title": "WindowsConfiguration" } }, "required": [ - "ExecutionRole", - "Name", - "PolicyDetails", - "ResourceSelection", - "ResourceType" + "FileSystemType", + "SubnetIds" ], "type": "object" }, "Type": { "enum": [ - "AWS::ImageBuilder::LifecyclePolicy" + "AWS::FSx::FileSystem" ], "type": "string" }, @@ -118481,232 +122918,546 @@ ], "type": "object" }, - "AWS::ImageBuilder::LifecyclePolicy.Action": { + "AWS::FSx::FileSystem.AuditLogConfiguration": { "additionalProperties": false, "properties": { - "IncludeResources": { - "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.IncludeResources", - "markdownDescription": "Specifies the resources that the lifecycle policy applies to.", - "title": "IncludeResources" + "AuditLogDestination": { + "markdownDescription": "The Amazon Resource Name (ARN) for the destination of the audit logs. The destination can be any Amazon CloudWatch Logs log group ARN or Amazon Kinesis Data Firehose delivery stream ARN.\n\nThe name of the Amazon CloudWatch Logs log group must begin with the `/aws/fsx` prefix. The name of the Amazon Kinesis Data Firehose delivery stream must begin with the `aws-fsx` prefix.\n\nThe destination ARN (either CloudWatch Logs log group or Kinesis Data Firehose delivery stream) must be in the same AWS partition, AWS Region , and AWS account as your Amazon FSx file system.", + "title": "AuditLogDestination", + "type": "string" }, - "Type": { - "markdownDescription": "Specifies the lifecycle action to take.", - "title": "Type", + "FileAccessAuditLogLevel": { + "markdownDescription": "Sets which attempt type is logged by Amazon FSx for file and folder accesses.\n\n- `SUCCESS_ONLY` - only successful attempts to access files or folders are logged.\n- `FAILURE_ONLY` - only failed attempts to access files or folders are logged.\n- `SUCCESS_AND_FAILURE` - both successful attempts and failed attempts to access files or folders are logged.\n- `DISABLED` - access auditing of files and folders is turned off.", + "title": "FileAccessAuditLogLevel", + "type": "string" + }, + "FileShareAccessAuditLogLevel": { + "markdownDescription": "Sets which attempt type is logged by Amazon FSx for file share accesses.\n\n- `SUCCESS_ONLY` - only successful attempts to access file shares are logged.\n- `FAILURE_ONLY` - only failed attempts to access file shares are logged.\n- `SUCCESS_AND_FAILURE` - both successful attempts and failed attempts to access file shares are logged.\n- `DISABLED` - access auditing of file shares is turned off.", + "title": "FileShareAccessAuditLogLevel", "type": "string" } }, "required": [ - "Type" + "FileAccessAuditLogLevel", + "FileShareAccessAuditLogLevel" ], "type": "object" }, - "AWS::ImageBuilder::LifecyclePolicy.AmiExclusionRules": { + "AWS::FSx::FileSystem.ClientConfigurations": { "additionalProperties": false, "properties": { - "IsPublic": { - "markdownDescription": "Configures whether public AMIs are excluded from the lifecycle action.", - "title": "IsPublic", - "type": "boolean" - }, - "LastLaunched": { - "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.LastLaunched", - "markdownDescription": "Specifies configuration details for Image Builder to exclude the most recent resources from lifecycle actions.", - "title": "LastLaunched" - }, - "Regions": { - "items": { - "type": "string" - }, - "markdownDescription": "Configures AWS Region s that are excluded from the lifecycle action.", - "title": "Regions", - "type": "array" + "Clients": { + "markdownDescription": "A value that specifies who can mount the file system. You can provide a wildcard character ( `*` ), an IP address ( `0.0.0.0` ), or a CIDR address ( `192.0.2.0/24` ). By default, Amazon FSx uses the wildcard character when specifying the client.", + "title": "Clients", + "type": "string" }, - "SharedAccounts": { + "Options": { "items": { "type": "string" }, - "markdownDescription": "Specifies AWS account s whose resources are excluded from the lifecycle action.", - "title": "SharedAccounts", + "markdownDescription": "The options to use when mounting the file system. For a list of options that you can use with Network File System (NFS), see the [exports(5) - Linux man page](https://docs.aws.amazon.com/https://linux.die.net/man/5/exports) . When choosing your options, consider the following:\n\n- `crossmnt` is used by default. If you don't specify `crossmnt` when changing the client configuration, you won't be able to see or access snapshots in your file system's snapshot directory.\n- `sync` is used by default. If you instead specify `async` , the system acknowledges writes before writing to disk. If the system crashes before the writes are finished, you lose the unwritten data.", + "title": "Options", "type": "array" - }, - "TagMap": { - "additionalProperties": true, - "markdownDescription": "Lists tags that should be excluded from lifecycle actions for the AMIs that have them.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "TagMap", - "type": "object" } }, "type": "object" }, - "AWS::ImageBuilder::LifecyclePolicy.ExclusionRules": { + "AWS::FSx::FileSystem.DataReadCacheConfiguration": { "additionalProperties": false, "properties": { - "Amis": { - "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.AmiExclusionRules", - "markdownDescription": "Lists configuration values that apply to AMIs that Image Builder should exclude from the lifecycle action.", - "title": "Amis" + "SizeGiB": { + "markdownDescription": "Required if `SizingMode` is set to `USER_PROVISIONED` . Specifies the size of the file system's SSD read cache, in gibibytes (GiB).", + "title": "SizeGiB", + "type": "number" }, - "TagMap": { - "additionalProperties": true, - "markdownDescription": "Contains a list of tags that Image Builder uses to skip lifecycle actions for Image Builder image resources that have them.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "TagMap", - "type": "object" + "SizingMode": { + "markdownDescription": "Specifies how the provisioned SSD read cache is sized, as follows:\n\n- Set to `NO_CACHE` if you do not want to use an SSD read cache with your Intelligent-Tiering file system.\n- Set to `USER_PROVISIONED` to specify the exact size of your SSD read cache.\n- Set to `PROPORTIONAL_TO_THROUGHPUT_CAPACITY` to have your SSD read cache automatically sized based on your throughput capacity.", + "title": "SizingMode", + "type": "string" } }, "type": "object" }, - "AWS::ImageBuilder::LifecyclePolicy.Filter": { + "AWS::FSx::FileSystem.DiskIopsConfiguration": { "additionalProperties": false, "properties": { - "RetainAtLeast": { - "markdownDescription": "For age-based filters, this is the number of resources to keep on hand after the lifecycle `DELETE` action is applied. Impacted resources are only deleted if you have more than this number of resources. If you have fewer resources than this number, the impacted resource is not deleted.", - "title": "RetainAtLeast", - "type": "number" + "Iops": { + "markdownDescription": "The total number of SSD IOPS provisioned for the file system.\n\nThe minimum and maximum values for this property depend on the value of `HAPairs` and `StorageCapacity` . The minimum value is calculated as `StorageCapacity` * 3 * `HAPairs` (3 IOPS per GB of `StorageCapacity` ). The maximum value is calculated as 200,000 * `HAPairs` .\n\nAmazon FSx responds with an HTTP status code 400 (Bad Request) if the value of `Iops` is outside of the minimum or maximum values.", + "title": "Iops", + "type": "number" }, - "Type": { - "markdownDescription": "Filter resources based on either `age` or `count` .", - "title": "Type", + "Mode": { + "markdownDescription": "Specifies whether the file system is using the `AUTOMATIC` setting of SSD IOPS of 3 IOPS per GB of storage capacity, or if it using a `USER_PROVISIONED` value.", + "title": "Mode", + "type": "string" + } + }, + "type": "object" + }, + "AWS::FSx::FileSystem.LustreConfiguration": { + "additionalProperties": false, + "properties": { + "AutoImportPolicy": { + "markdownDescription": "(Optional) When you create your file system, your existing S3 objects appear as file and directory listings. Use this property to choose how Amazon FSx keeps your file and directory listings up to date as you add or modify objects in your linked S3 bucket. `AutoImportPolicy` can have the following values:\n\n- `NONE` - (Default) AutoImport is off. Amazon FSx only updates file and directory listings from the linked S3 bucket when the file system is created. FSx does not update file and directory listings for any new or changed objects after choosing this option.\n- `NEW` - AutoImport is on. Amazon FSx automatically imports directory listings of any new objects added to the linked S3 bucket that do not currently exist in the FSx file system.\n- `NEW_CHANGED` - AutoImport is on. Amazon FSx automatically imports file and directory listings of any new objects added to the S3 bucket and any existing objects that are changed in the S3 bucket after you choose this option.\n- `NEW_CHANGED_DELETED` - AutoImport is on. Amazon FSx automatically imports file and directory listings of any new objects added to the S3 bucket, any existing objects that are changed in the S3 bucket, and any objects that were deleted in the S3 bucket.\n\nFor more information, see [Automatically import updates from your S3 bucket](https://docs.aws.amazon.com/fsx/latest/LustreGuide/autoimport-data-repo.html) .\n\n> This parameter is not supported for Lustre file systems with a data repository association.", + "title": "AutoImportPolicy", "type": "string" }, - "Unit": { - "markdownDescription": "Defines the unit of time that the lifecycle policy uses to determine impacted resources. This is required for age-based rules.", - "title": "Unit", + "AutomaticBackupRetentionDays": { + "markdownDescription": "The number of days to retain automatic backups. Setting this property to `0` disables automatic backups. You can retain automatic backups for a maximum of 90 days. The default is `0` .", + "title": "AutomaticBackupRetentionDays", + "type": "number" + }, + "CopyTagsToBackups": { + "markdownDescription": "(Optional) Not available for use with file systems that are linked to a data repository. A boolean flag indicating whether tags for the file system should be copied to backups. The default value is false. If `CopyTagsToBackups` is set to true, all file system tags are copied to all automatic and user-initiated backups when the user doesn't specify any backup-specific tags. If `CopyTagsToBackups` is set to true and you specify one or more backup tags, only the specified tags are copied to backups. If you specify one or more tags when creating a user-initiated backup, no tags are copied from the file system, regardless of this value.\n\n(Default = `false` )\n\nFor more information, see [Working with backups](https://docs.aws.amazon.com/fsx/latest/LustreGuide/using-backups-fsx.html) in the *Amazon FSx for Lustre User Guide* .", + "title": "CopyTagsToBackups", + "type": "boolean" + }, + "DailyAutomaticBackupStartTime": { + "markdownDescription": "A recurring daily time, in the format `HH:MM` . `HH` is the zero-padded hour of the day (0-23), and `MM` is the zero-padded minute of the hour. For example, `05:00` specifies 5 AM daily.", + "title": "DailyAutomaticBackupStartTime", "type": "string" }, - "Value": { - "markdownDescription": "The number of units for the time period or for the count. For example, a value of `6` might refer to six months or six AMIs.\n\n> For count-based filters, this value represents the minimum number of resources to keep on hand. If you have fewer resources than this number, the resource is excluded from lifecycle actions.", - "title": "Value", + "DataCompressionType": { + "markdownDescription": "Sets the data compression configuration for the file system. `DataCompressionType` can have the following values:\n\n- `NONE` - (Default) Data compression is turned off when the file system is created.\n- `LZ4` - Data compression is turned on with the LZ4 algorithm.\n\nFor more information, see [Lustre data compression](https://docs.aws.amazon.com/fsx/latest/LustreGuide/data-compression.html) in the *Amazon FSx for Lustre User Guide* .", + "title": "DataCompressionType", + "type": "string" + }, + "DataReadCacheConfiguration": { + "$ref": "#/definitions/AWS::FSx::FileSystem.DataReadCacheConfiguration", + "markdownDescription": "Specifies the optional provisioned SSD read cache on FSx for Lustre file systems that use the Intelligent-Tiering storage class. Required when `StorageType` is set to `INTELLIGENT_TIERING` .", + "title": "DataReadCacheConfiguration" + }, + "DeploymentType": { + "markdownDescription": "(Optional) Choose `SCRATCH_1` and `SCRATCH_2` deployment types when you need temporary storage and shorter-term processing of data. The `SCRATCH_2` deployment type provides in-transit encryption of data and higher burst throughput capacity than `SCRATCH_1` .\n\nChoose `PERSISTENT_1` for longer-term storage and for throughput-focused workloads that aren\u2019t latency-sensitive. `PERSISTENT_1` supports encryption of data in transit, and is available in all AWS Regions in which FSx for Lustre is available.\n\nChoose `PERSISTENT_2` for longer-term storage and for latency-sensitive workloads that require the highest levels of IOPS/throughput. `PERSISTENT_2` supports the SSD and Intelligent-Tiering storage classes. You can optionally specify a metadata configuration mode for `PERSISTENT_2` which supports increasing metadata performance. `PERSISTENT_2` is available in a limited number of AWS Regions . For more information, and an up-to-date list of AWS Regions in which `PERSISTENT_2` is available, see [Deployment and storage class options for FSx for Lustre file systems](https://docs.aws.amazon.com/fsx/latest/LustreGuide/using-fsx-lustre.html) in the *Amazon FSx for Lustre User Guide* .\n\n> If you choose `PERSISTENT_2` , and you set `FileSystemTypeVersion` to `2.10` , the `CreateFileSystem` operation fails. \n\nEncryption of data in transit is automatically turned on when you access `SCRATCH_2` , `PERSISTENT_1` , and `PERSISTENT_2` file systems from Amazon EC2 instances that support automatic encryption in the AWS Regions where they are available. For more information about encryption in transit for FSx for Lustre file systems, see [Encrypting data in transit](https://docs.aws.amazon.com/fsx/latest/LustreGuide/encryption-in-transit-fsxl.html) in the *Amazon FSx for Lustre User Guide* .\n\n(Default = `SCRATCH_1` )", + "title": "DeploymentType", + "type": "string" + }, + "DriveCacheType": { + "markdownDescription": "The type of drive cache used by `PERSISTENT_1` file systems that are provisioned with HDD storage devices. This parameter is required when storage type is HDD. Set this property to `READ` to improve the performance for frequently accessed files by caching up to 20% of the total storage capacity of the file system.\n\nThis parameter is required when `StorageType` is set to `HDD` and `DeploymentType` is `PERSISTENT_1` .", + "title": "DriveCacheType", + "type": "string" + }, + "EfaEnabled": { + "markdownDescription": "(Optional) Specifies whether Elastic Fabric Adapter (EFA) and GPUDirect Storage (GDS) support is enabled for the Amazon FSx for Lustre file system.\n\n(Default = `false` )", + "title": "EfaEnabled", + "type": "boolean" + }, + "ExportPath": { + "markdownDescription": "(Optional) Specifies the path in the Amazon S3 bucket where the root of your Amazon FSx file system is exported. The path must use the same Amazon S3 bucket as specified in ImportPath. You can provide an optional prefix to which new and changed data is to be exported from your Amazon FSx for Lustre file system. If an `ExportPath` value is not provided, Amazon FSx sets a default export path, `s3://import-bucket/FSxLustre[creation-timestamp]` . The timestamp is in UTC format, for example `s3://import-bucket/FSxLustre20181105T222312Z` .\n\nThe Amazon S3 export bucket must be the same as the import bucket specified by `ImportPath` . If you specify only a bucket name, such as `s3://import-bucket` , you get a 1:1 mapping of file system objects to S3 bucket objects. This mapping means that the input data in S3 is overwritten on export. If you provide a custom prefix in the export path, such as `s3://import-bucket/[custom-optional-prefix]` , Amazon FSx exports the contents of your file system to that export prefix in the Amazon S3 bucket.\n\n> This parameter is not supported for file systems with a data repository association.", + "title": "ExportPath", + "type": "string" + }, + "ImportPath": { + "markdownDescription": "(Optional) The path to the Amazon S3 bucket (including the optional prefix) that you're using as the data repository for your Amazon FSx for Lustre file system. The root of your FSx for Lustre file system will be mapped to the root of the Amazon S3 bucket you select. An example is `s3://import-bucket/optional-prefix` . If you specify a prefix after the Amazon S3 bucket name, only object keys with that prefix are loaded into the file system.\n\n> This parameter is not supported for Lustre file systems with a data repository association.", + "title": "ImportPath", + "type": "string" + }, + "ImportedFileChunkSize": { + "markdownDescription": "(Optional) For files imported from a data repository, this value determines the stripe count and maximum amount of data per file (in MiB) stored on a single physical disk. The maximum number of disks that a single file can be striped across is limited by the total number of disks that make up the file system.\n\nThe default chunk size is 1,024 MiB (1 GiB) and can go as high as 512,000 MiB (500 GiB). Amazon S3 objects have a maximum size of 5 TB.\n\n> This parameter is not supported for Lustre file systems with a data repository association.", + "title": "ImportedFileChunkSize", + "type": "number" + }, + "MetadataConfiguration": { + "$ref": "#/definitions/AWS::FSx::FileSystem.MetadataConfiguration", + "markdownDescription": "The Lustre metadata performance configuration for the creation of an FSx for Lustre file system using a `PERSISTENT_2` deployment type.", + "title": "MetadataConfiguration" + }, + "PerUnitStorageThroughput": { + "markdownDescription": "Required with `PERSISTENT_1` and `PERSISTENT_2` deployment types, provisions the amount of read and write throughput for each 1 tebibyte (TiB) of file system storage capacity, in MB/s/TiB. File system throughput capacity is calculated by multiplying \ufb01le system storage capacity (TiB) by the `PerUnitStorageThroughput` (MB/s/TiB). For a 2.4-TiB \ufb01le system, provisioning 50 MB/s/TiB of `PerUnitStorageThroughput` yields 120 MB/s of \ufb01le system throughput. You pay for the amount of throughput that you provision.\n\nValid values:\n\n- For `PERSISTENT_1` SSD storage: 50, 100, 200 MB/s/TiB.\n- For `PERSISTENT_1` HDD storage: 12, 40 MB/s/TiB.\n- For `PERSISTENT_2` SSD storage: 125, 250, 500, 1000 MB/s/TiB.", + "title": "PerUnitStorageThroughput", + "type": "number" + }, + "ThroughputCapacity": { + "markdownDescription": "Specifies the throughput of an FSx for Lustre file system using the Intelligent-Tiering storage class, measured in megabytes per second (MBps). Valid values are 4000 MBps or multiples of 4000 MBps. You pay for the amount of throughput that you provision.", + "title": "ThroughputCapacity", "type": "number" + }, + "WeeklyMaintenanceStartTime": { + "markdownDescription": "The preferred start time to perform weekly maintenance, formatted d:HH:MM in the UTC time zone, where d is the weekday number, from 1 through 7, beginning with Monday and ending with Sunday.\n\nFor example, `1:05:00` specifies maintenance at 5 AM Monday.", + "title": "WeeklyMaintenanceStartTime", + "type": "string" } }, - "required": [ - "Type", - "Value" - ], "type": "object" }, - "AWS::ImageBuilder::LifecyclePolicy.IncludeResources": { + "AWS::FSx::FileSystem.MetadataConfiguration": { "additionalProperties": false, "properties": { - "Amis": { - "markdownDescription": "Specifies whether the lifecycle action should apply to distributed AMIs.", - "title": "Amis", - "type": "boolean" - }, - "Containers": { - "markdownDescription": "Specifies whether the lifecycle action should apply to distributed containers.", - "title": "Containers", - "type": "boolean" + "Iops": { + "markdownDescription": "The number of Metadata IOPS provisioned for the file system.", + "title": "Iops", + "type": "number" }, - "Snapshots": { - "markdownDescription": "Specifies whether the lifecycle action should apply to snapshots associated with distributed AMIs.", - "title": "Snapshots", - "type": "boolean" + "Mode": { + "markdownDescription": "Specifies whether the file system is using the AUTOMATIC setting of metadata IOPS or if it is using a USER_PROVISIONED value.", + "title": "Mode", + "type": "string" } }, "type": "object" }, - "AWS::ImageBuilder::LifecyclePolicy.LastLaunched": { + "AWS::FSx::FileSystem.NfsExports": { "additionalProperties": false, "properties": { - "Unit": { - "markdownDescription": "Defines the unit of time that the lifecycle policy uses to calculate elapsed time since the last instance launched from the AMI. For example: days, weeks, months, or years.", - "title": "Unit", + "ClientConfigurations": { + "items": { + "$ref": "#/definitions/AWS::FSx::FileSystem.ClientConfigurations" + }, + "markdownDescription": "A list of configuration objects that contain the client and options for mounting the OpenZFS file system.", + "title": "ClientConfigurations", + "type": "array" + } + }, + "type": "object" + }, + "AWS::FSx::FileSystem.OntapConfiguration": { + "additionalProperties": false, + "properties": { + "AutomaticBackupRetentionDays": { + "markdownDescription": "The number of days to retain automatic backups. Setting this property to `0` disables automatic backups. You can retain automatic backups for a maximum of 90 days. The default is `30` .", + "title": "AutomaticBackupRetentionDays", + "type": "number" + }, + "DailyAutomaticBackupStartTime": { + "markdownDescription": "A recurring daily time, in the format `HH:MM` . `HH` is the zero-padded hour of the day (0-23), and `MM` is the zero-padded minute of the hour. For example, `05:00` specifies 5 AM daily.", + "title": "DailyAutomaticBackupStartTime", "type": "string" }, - "Value": { - "markdownDescription": "The integer number of units for the time period. For example `6` (months).", - "title": "Value", + "DeploymentType": { + "markdownDescription": "Specifies the FSx for ONTAP file system deployment type to use in creating the file system.\n\n- `MULTI_AZ_1` - A high availability file system configured for Multi-AZ redundancy to tolerate temporary Availability Zone (AZ) unavailability. This is a first-generation FSx for ONTAP file system.\n- `MULTI_AZ_2` - A high availability file system configured for Multi-AZ redundancy to tolerate temporary AZ unavailability. This is a second-generation FSx for ONTAP file system.\n- `SINGLE_AZ_1` - A file system configured for Single-AZ redundancy. This is a first-generation FSx for ONTAP file system.\n- `SINGLE_AZ_2` - A file system configured with multiple high-availability (HA) pairs for Single-AZ redundancy. This is a second-generation FSx for ONTAP file system.\n\nFor information about the use cases for Multi-AZ and Single-AZ deployments, refer to [Choosing a file system deployment type](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/high-availability-AZ.html) .", + "title": "DeploymentType", + "type": "string" + }, + "DiskIopsConfiguration": { + "$ref": "#/definitions/AWS::FSx::FileSystem.DiskIopsConfiguration", + "markdownDescription": "The SSD IOPS configuration for the FSx for ONTAP file system.", + "title": "DiskIopsConfiguration" + }, + "EndpointIpAddressRange": { + "markdownDescription": "(Multi-AZ only) Specifies the IP address range in which the endpoints to access your file system will be created. By default in the Amazon FSx API, Amazon FSx selects an unused IP address range for you from the 198.19.* range. By default in the Amazon FSx console, Amazon FSx chooses the last 64 IP addresses from the VPC\u2019s primary CIDR range to use as the endpoint IP address range for the file system. You can have overlapping endpoint IP addresses for file systems deployed in the same VPC/route tables, as long as they don't overlap with any subnet.", + "title": "EndpointIpAddressRange", + "type": "string" + }, + "FsxAdminPassword": { + "markdownDescription": "The ONTAP administrative password for the `fsxadmin` user with which you administer your file system using the NetApp ONTAP CLI and REST API.", + "title": "FsxAdminPassword", + "type": "string" + }, + "HAPairs": { + "markdownDescription": "Specifies how many high-availability (HA) pairs of file servers will power your file system. First-generation file systems are powered by 1 HA pair. Second-generation multi-AZ file systems are powered by 1 HA pair. Second generation single-AZ file systems are powered by up to 12 HA pairs. The default value is 1. The value of this property affects the values of `StorageCapacity` , `Iops` , and `ThroughputCapacity` . For more information, see [High-availability (HA) pairs](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/administering-file-systems.html#HA-pairs) in the FSx for ONTAP user guide. Block storage protocol support (iSCSI and NVMe over TCP) is disabled on file systems with more than 6 HA pairs. For more information, see [Using block storage protocols](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/supported-fsx-clients.html#using-block-storage) .\n\nAmazon FSx responds with an HTTP status code 400 (Bad Request) for the following conditions:\n\n- The value of `HAPairs` is less than 1 or greater than 12.\n- The value of `HAPairs` is greater than 1 and the value of `DeploymentType` is `SINGLE_AZ_1` , `MULTI_AZ_1` , or `MULTI_AZ_2` .", + "title": "HAPairs", + "type": "number" + }, + "PreferredSubnetId": { + "markdownDescription": "Required when `DeploymentType` is set to `MULTI_AZ_1` or `MULTI_AZ_2` . This specifies the subnet in which you want the preferred file server to be located.", + "title": "PreferredSubnetId", + "type": "string" + }, + "RouteTableIds": { + "items": { + "type": "string" + }, + "markdownDescription": "(Multi-AZ only) Specifies the route tables in which Amazon FSx creates the rules for routing traffic to the correct file server. You should specify all virtual private cloud (VPC) route tables associated with the subnets in which your clients are located. By default, Amazon FSx selects your VPC's default route table.\n\n> Amazon FSx manages these route tables for Multi-AZ file systems using tag-based authentication. These route tables are tagged with `Key: AmazonFSx; Value: ManagedByAmazonFSx` . When creating FSx for ONTAP Multi-AZ file systems using AWS CloudFormation we recommend that you add the `Key: AmazonFSx; Value: ManagedByAmazonFSx` tag manually.", + "title": "RouteTableIds", + "type": "array" + }, + "ThroughputCapacity": { + "markdownDescription": "Sets the throughput capacity for the file system that you're creating in megabytes per second (MBps). For more information, see [Managing throughput capacity](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-throughput-capacity.html) in the FSx for ONTAP User Guide.\n\nAmazon FSx responds with an HTTP status code 400 (Bad Request) for the following conditions:\n\n- The value of `ThroughputCapacity` and `ThroughputCapacityPerHAPair` are not the same value.\n- The value of `ThroughputCapacity` when divided by the value of `HAPairs` is outside of the valid range for `ThroughputCapacity` .", + "title": "ThroughputCapacity", + "type": "number" + }, + "ThroughputCapacityPerHAPair": { + "markdownDescription": "Use to choose the throughput capacity per HA pair, rather than the total throughput for the file system.\n\nYou can define either the `ThroughputCapacityPerHAPair` or the `ThroughputCapacity` when creating a file system, but not both.\n\nThis field and `ThroughputCapacity` are the same for file systems powered by one HA pair.\n\n- For `SINGLE_AZ_1` and `MULTI_AZ_1` file systems, valid values are 128, 256, 512, 1024, 2048, or 4096 MBps.\n- For `SINGLE_AZ_2` , valid values are 1536, 3072, or 6144 MBps.\n- For `MULTI_AZ_2` , valid values are 384, 768, 1536, 3072, or 6144 MBps.\n\nAmazon FSx responds with an HTTP status code 400 (Bad Request) for the following conditions:\n\n- The value of `ThroughputCapacity` and `ThroughputCapacityPerHAPair` are not the same value for file systems with one HA pair.\n- The value of deployment type is `SINGLE_AZ_2` and `ThroughputCapacity` / `ThroughputCapacityPerHAPair` is not a valid HA pair (a value between 1 and 12).\n- The value of `ThroughputCapacityPerHAPair` is not a valid value.", + "title": "ThroughputCapacityPerHAPair", "type": "number" + }, + "WeeklyMaintenanceStartTime": { + "markdownDescription": "The preferred start time to perform weekly maintenance, formatted d:HH:MM in the UTC time zone, where d is the weekday number, from 1 through 7, beginning with Monday and ending with Sunday.\n\nFor example, `1:05:00` specifies maintenance at 5 AM Monday.", + "title": "WeeklyMaintenanceStartTime", + "type": "string" } }, "required": [ - "Unit", - "Value" + "DeploymentType" ], "type": "object" }, - "AWS::ImageBuilder::LifecyclePolicy.PolicyDetail": { + "AWS::FSx::FileSystem.OpenZFSConfiguration": { "additionalProperties": false, "properties": { - "Action": { - "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.Action", - "markdownDescription": "Configuration details for the policy action.", - "title": "Action" + "AutomaticBackupRetentionDays": { + "markdownDescription": "The number of days to retain automatic backups. Setting this property to `0` disables automatic backups. You can retain automatic backups for a maximum of 90 days. The default is `30` .", + "title": "AutomaticBackupRetentionDays", + "type": "number" }, - "ExclusionRules": { - "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.ExclusionRules", - "markdownDescription": "Additional rules to specify resources that should be exempt from policy actions.", - "title": "ExclusionRules" + "CopyTagsToBackups": { + "markdownDescription": "A Boolean value indicating whether tags for the file system should be copied to backups. This value defaults to `false` . If it's set to `true` , all tags for the file system are copied to all automatic and user-initiated backups where the user doesn't specify tags. If this value is `true` , and you specify one or more tags, only the specified tags are copied to backups. If you specify one or more tags when creating a user-initiated backup, no tags are copied from the file system, regardless of this value.", + "title": "CopyTagsToBackups", + "type": "boolean" }, - "Filter": { - "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.Filter", - "markdownDescription": "Specifies the resources that the lifecycle policy applies to.", - "title": "Filter" + "CopyTagsToVolumes": { + "markdownDescription": "A Boolean value indicating whether tags for the file system should be copied to volumes. This value defaults to `false` . If it's set to `true` , all tags for the file system are copied to volumes where the user doesn't specify tags. If this value is `true` , and you specify one or more tags, only the specified tags are copied to volumes. If you specify one or more tags when creating the volume, no tags are copied from the file system, regardless of this value.", + "title": "CopyTagsToVolumes", + "type": "boolean" + }, + "DailyAutomaticBackupStartTime": { + "markdownDescription": "A recurring daily time, in the format `HH:MM` . `HH` is the zero-padded hour of the day (0-23), and `MM` is the zero-padded minute of the hour. For example, `05:00` specifies 5 AM daily.", + "title": "DailyAutomaticBackupStartTime", + "type": "string" + }, + "DeploymentType": { + "markdownDescription": "Specifies the file system deployment type. Valid values are the following:\n\n- `MULTI_AZ_1` - Creates file systems with high availability and durability by replicating your data and supporting failover across multiple Availability Zones in the same AWS Region .\n- `SINGLE_AZ_HA_2` - Creates file systems with high availability and throughput capacities of 160 - 10,240 MB/s using an NVMe L2ARC cache by deploying a primary and standby file system within the same Availability Zone.\n- `SINGLE_AZ_HA_1` - Creates file systems with high availability and throughput capacities of 64 - 4,096 MB/s by deploying a primary and standby file system within the same Availability Zone.\n- `SINGLE_AZ_2` - Creates file systems with throughput capacities of 160 - 10,240 MB/s using an NVMe L2ARC cache that automatically recover within a single Availability Zone.\n- `SINGLE_AZ_1` - Creates file systems with throughput capacities of 64 - 4,096 MBs that automatically recover within a single Availability Zone.\n\nFor a list of which AWS Regions each deployment type is available in, see [Deployment type availability](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/availability-durability.html#available-aws-regions) . For more information on the differences in performance between deployment types, see [File system performance](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/performance.html#zfs-fs-performance) in the *Amazon FSx for OpenZFS User Guide* .", + "title": "DeploymentType", + "type": "string" + }, + "DiskIopsConfiguration": { + "$ref": "#/definitions/AWS::FSx::FileSystem.DiskIopsConfiguration", + "markdownDescription": "The SSD IOPS (input/output operations per second) configuration for an Amazon FSx for NetApp ONTAP, Amazon FSx for Windows File Server, or FSx for OpenZFS file system. By default, Amazon FSx automatically provisions 3 IOPS per GB of storage capacity. You can provision additional IOPS per GB of storage. The configuration consists of the total number of provisioned SSD IOPS and how it is was provisioned, or the mode (by the customer or by Amazon FSx).", + "title": "DiskIopsConfiguration" + }, + "EndpointIpAddressRange": { + "markdownDescription": "(Multi-AZ only) Specifies the IP address range in which the endpoints to access your file system will be created. By default in the Amazon FSx API and Amazon FSx console, Amazon FSx selects an available /28 IP address range for you from one of the VPC's CIDR ranges. You can have overlapping endpoint IP addresses for file systems deployed in the same VPC/route tables, as long as they don't overlap with any subnet.", + "title": "EndpointIpAddressRange", + "type": "string" + }, + "Options": { + "items": { + "type": "string" + }, + "markdownDescription": "To delete a file system if there are child volumes present below the root volume, use the string `DELETE_CHILD_VOLUMES_AND_SNAPSHOTS` . If your file system has child volumes and you don't use this option, the delete request will fail.", + "title": "Options", + "type": "array" + }, + "PreferredSubnetId": { + "markdownDescription": "Required when `DeploymentType` is set to `MULTI_AZ_1` . This specifies the subnet in which you want the preferred file server to be located.", + "title": "PreferredSubnetId", + "type": "string" + }, + "ReadCacheConfiguration": { + "$ref": "#/definitions/AWS::FSx::FileSystem.ReadCacheConfiguration", + "markdownDescription": "Specifies the optional provisioned SSD read cache on file systems that use the Intelligent-Tiering storage class.", + "title": "ReadCacheConfiguration" + }, + "RootVolumeConfiguration": { + "$ref": "#/definitions/AWS::FSx::FileSystem.RootVolumeConfiguration", + "markdownDescription": "The configuration Amazon FSx uses when creating the root value of the Amazon FSx for OpenZFS file system. All volumes are children of the root volume.", + "title": "RootVolumeConfiguration" + }, + "RouteTableIds": { + "items": { + "type": "string" + }, + "markdownDescription": "(Multi-AZ only) Specifies the route tables in which Amazon FSx creates the rules for routing traffic to the correct file server. You should specify all virtual private cloud (VPC) route tables associated with the subnets in which your clients are located. By default, Amazon FSx selects your VPC's default route table.", + "title": "RouteTableIds", + "type": "array" + }, + "ThroughputCapacity": { + "markdownDescription": "Specifies the throughput of an Amazon FSx for OpenZFS file system, measured in megabytes per second (MBps). Required if you are creating a new file system.\n\nValid values depend on the `DeploymentType` that you choose, as follows:\n\n- For `MULTI_AZ_1` and `SINGLE_AZ_2` , valid values are 160, 320, 640, 1280, 2560, 3840, 5120, 7680, or 10240 MBps.\n- For `SINGLE_AZ_1` , valid values are 64, 128, 256, 512, 1024, 2048, 3072, or 4096 MBps.\n\nYou pay for additional throughput capacity that you provision.", + "title": "ThroughputCapacity", + "type": "number" + }, + "WeeklyMaintenanceStartTime": { + "markdownDescription": "The preferred start time to perform weekly maintenance, formatted d:HH:MM in the UTC time zone, where d is the weekday number, from 1 through 7, beginning with Monday and ending with Sunday.\n\nFor example, `1:05:00` specifies maintenance at 5 AM Monday.", + "title": "WeeklyMaintenanceStartTime", + "type": "string" } }, "required": [ - "Action", - "Filter" + "DeploymentType" ], "type": "object" }, - "AWS::ImageBuilder::LifecyclePolicy.RecipeSelection": { + "AWS::FSx::FileSystem.ReadCacheConfiguration": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of an Image Builder recipe that the lifecycle policy uses for resource selection.", - "title": "Name", + "SizeGiB": { + "markdownDescription": "Required if `SizingMode` is set to `USER_PROVISIONED` . Specifies the size of the file system's SSD read cache, in gibibytes (GiB).", + "title": "SizeGiB", + "type": "number" + }, + "SizingMode": { + "markdownDescription": "Specifies how the provisioned SSD read cache is sized, as follows:\n\n- Set to `NO_CACHE` if you do not want to use an SSD read cache with your Intelligent-Tiering file system.\n- Set to `USER_PROVISIONED` to specify the exact size of your SSD read cache.\n- Set to `PROPORTIONAL_TO_THROUGHPUT_CAPACITY` to have your SSD read cache automatically sized based on your throughput capacity.", + "title": "SizingMode", "type": "string" + } + }, + "type": "object" + }, + "AWS::FSx::FileSystem.RootVolumeConfiguration": { + "additionalProperties": false, + "properties": { + "CopyTagsToSnapshots": { + "markdownDescription": "A Boolean value indicating whether tags for the volume should be copied to snapshots of the volume. This value defaults to `false` . If it's set to `true` , all tags for the volume are copied to snapshots where the user doesn't specify tags. If this value is `true` and you specify one or more tags, only the specified tags are copied to snapshots. If you specify one or more tags when creating the snapshot, no tags are copied from the volume, regardless of this value.", + "title": "CopyTagsToSnapshots", + "type": "boolean" }, - "SemanticVersion": { - "markdownDescription": "The version of the Image Builder recipe specified by the `name` field.", - "title": "SemanticVersion", + "DataCompressionType": { + "markdownDescription": "Specifies the method used to compress the data on the volume. The compression type is `NONE` by default.\n\n- `NONE` - Doesn't compress the data on the volume. `NONE` is the default.\n- `ZSTD` - Compresses the data in the volume using the Zstandard (ZSTD) compression algorithm. Compared to LZ4, Z-Standard provides a better compression ratio to minimize on-disk storage utilization.\n- `LZ4` - Compresses the data in the volume using the LZ4 compression algorithm. Compared to Z-Standard, LZ4 is less compute-intensive and delivers higher write throughput speeds.", + "title": "DataCompressionType", "type": "string" + }, + "NfsExports": { + "items": { + "$ref": "#/definitions/AWS::FSx::FileSystem.NfsExports" + }, + "markdownDescription": "The configuration object for mounting a file system.", + "title": "NfsExports", + "type": "array" + }, + "ReadOnly": { + "markdownDescription": "A Boolean value indicating whether the volume is read-only. Setting this value to `true` can be useful after you have completed changes to a volume and no longer want changes to occur.", + "title": "ReadOnly", + "type": "boolean" + }, + "RecordSizeKiB": { + "markdownDescription": "Specifies the record size of an OpenZFS root volume, in kibibytes (KiB). Valid values are 4, 8, 16, 32, 64, 128, 256, 512, or 1024 KiB. The default is 128 KiB. Most workloads should use the default record size. Database workflows can benefit from a smaller record size, while streaming workflows can benefit from a larger record size. For additional guidance on setting a custom record size, see [Tips for maximizing performance](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/performance.html#performance-tips-zfs) in the *Amazon FSx for OpenZFS User Guide* .", + "title": "RecordSizeKiB", + "type": "number" + }, + "UserAndGroupQuotas": { + "items": { + "$ref": "#/definitions/AWS::FSx::FileSystem.UserAndGroupQuotas" + }, + "markdownDescription": "An object specifying how much storage users or groups can use on the volume.", + "title": "UserAndGroupQuotas", + "type": "array" } }, - "required": [ - "Name", - "SemanticVersion" - ], "type": "object" }, - "AWS::ImageBuilder::LifecyclePolicy.ResourceSelection": { + "AWS::FSx::FileSystem.SelfManagedActiveDirectoryConfiguration": { "additionalProperties": false, "properties": { - "Recipes": { + "DnsIps": { "items": { - "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.RecipeSelection" + "type": "string" }, - "markdownDescription": "A list of recipes that are used as selection criteria for the output images that the lifecycle policy applies to.", - "title": "Recipes", + "markdownDescription": "A list of up to three IP addresses of DNS servers or domain controllers in the self-managed AD directory.", + "title": "DnsIps", "type": "array" }, - "TagMap": { - "additionalProperties": true, - "markdownDescription": "A list of tags that are used as selection criteria for the Image Builder image resources that the lifecycle policy applies to.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "DomainName": { + "markdownDescription": "The fully qualified domain name of the self-managed AD directory, such as `corp.example.com` .", + "title": "DomainName", + "type": "string" + }, + "FileSystemAdministratorsGroup": { + "markdownDescription": "(Optional) The name of the domain group whose members are granted administrative privileges for the file system. Administrative privileges include taking ownership of files and folders, setting audit controls (audit ACLs) on files and folders, and administering the file system remotely by using the FSx Remote PowerShell. The group that you specify must already exist in your domain. If you don't provide one, your AD domain's Domain Admins group is used.", + "title": "FileSystemAdministratorsGroup", + "type": "string" + }, + "OrganizationalUnitDistinguishedName": { + "markdownDescription": "(Optional) The fully qualified distinguished name of the organizational unit within your self-managed AD directory. Amazon FSx only accepts OU as the direct parent of the file system. An example is `OU=FSx,DC=yourdomain,DC=corp,DC=com` . To learn more, see [RFC 2253](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc2253) . If none is provided, the FSx file system is created in the default location of your self-managed AD directory.\n\n> Only Organizational Unit (OU) objects can be the direct parent of the file system that you're creating.", + "title": "OrganizationalUnitDistinguishedName", + "type": "string" + }, + "Password": { + "markdownDescription": "The password for the service account on your self-managed AD domain that Amazon FSx will use to join to your AD domain.", + "title": "Password", + "type": "string" + }, + "UserName": { + "markdownDescription": "The user name for the service account on your self-managed AD domain that Amazon FSx will use to join to your AD domain. This account must have the permission to join computers to the domain in the organizational unit provided in `OrganizationalUnitDistinguishedName` , or in the default location of your AD domain.", + "title": "UserName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::FSx::FileSystem.UserAndGroupQuotas": { + "additionalProperties": false, + "properties": { + "Id": { + "markdownDescription": "The ID of the user or group that the quota applies to.", + "title": "Id", + "type": "number" + }, + "StorageCapacityQuotaGiB": { + "markdownDescription": "The user or group's storage quota, in gibibytes (GiB).", + "title": "StorageCapacityQuotaGiB", + "type": "number" + }, + "Type": { + "markdownDescription": "Specifies whether the quota applies to a user or group.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::FSx::FileSystem.WindowsConfiguration": { + "additionalProperties": false, + "properties": { + "ActiveDirectoryId": { + "markdownDescription": "The ID for an existing AWS Managed Microsoft Active Directory (AD) instance that the file system should join when it's created. Required if you are joining the file system to an existing AWS Managed Microsoft AD.", + "title": "ActiveDirectoryId", + "type": "string" + }, + "Aliases": { + "items": { + "type": "string" }, - "title": "TagMap", - "type": "object" + "markdownDescription": "An array of one or more DNS alias names that you want to associate with the Amazon FSx file system. Aliases allow you to use existing DNS names to access the data in your Amazon FSx file system. You can associate up to 50 aliases with a file system at any time.\n\nFor more information, see [Working with DNS Aliases](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/managing-dns-aliases.html) and [Walkthrough 5: Using DNS aliases to access your file system](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/walkthrough05-file-system-custom-CNAME.html) , including additional steps you must take to be able to access your file system using a DNS alias.\n\nAn alias name has to meet the following requirements:\n\n- Formatted as a fully-qualified domain name (FQDN), `hostname.domain` , for example, `accounting.example.com` .\n- Can contain alphanumeric characters, the underscore (_), and the hyphen (-).\n- Cannot start or end with a hyphen.\n- Can start with a numeric.\n\nFor DNS alias names, Amazon FSx stores alphabetical characters as lowercase letters (a-z), regardless of how you specify them: as uppercase letters, lowercase letters, or the corresponding letters in escape codes.", + "title": "Aliases", + "type": "array" + }, + "AuditLogConfiguration": { + "$ref": "#/definitions/AWS::FSx::FileSystem.AuditLogConfiguration", + "markdownDescription": "The configuration that Amazon FSx for Windows File Server uses to audit and log user accesses of files, folders, and file shares on the Amazon FSx for Windows File Server file system.", + "title": "AuditLogConfiguration" + }, + "AutomaticBackupRetentionDays": { + "markdownDescription": "The number of days to retain automatic backups. Setting this property to `0` disables automatic backups. You can retain automatic backups for a maximum of 90 days. The default is `30` .", + "title": "AutomaticBackupRetentionDays", + "type": "number" + }, + "CopyTagsToBackups": { + "markdownDescription": "A boolean flag indicating whether tags for the file system should be copied to backups. This value defaults to false. If it's set to true, all tags for the file system are copied to all automatic and user-initiated backups where the user doesn't specify tags. If this value is true, and you specify one or more tags, only the specified tags are copied to backups. If you specify one or more tags when creating a user-initiated backup, no tags are copied from the file system, regardless of this value.", + "title": "CopyTagsToBackups", + "type": "boolean" + }, + "DailyAutomaticBackupStartTime": { + "markdownDescription": "A recurring daily time, in the format `HH:MM` . `HH` is the zero-padded hour of the day (0-23), and `MM` is the zero-padded minute of the hour. For example, `05:00` specifies 5 AM daily.", + "title": "DailyAutomaticBackupStartTime", + "type": "string" + }, + "DeploymentType": { + "markdownDescription": "Specifies the file system deployment type, valid values are the following:\n\n- `MULTI_AZ_1` - Deploys a high availability file system that is configured for Multi-AZ redundancy to tolerate temporary Availability Zone (AZ) unavailability. You can only deploy a Multi-AZ file system in AWS Regions that have a minimum of three Availability Zones. Also supports HDD storage type\n- `SINGLE_AZ_1` - (Default) Choose to deploy a file system that is configured for single AZ redundancy.\n- `SINGLE_AZ_2` - The latest generation Single AZ file system. Specifies a file system that is configured for single AZ redundancy and supports HDD storage type.\n\nFor more information, see [Availability and Durability: Single-AZ and Multi-AZ File Systems](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/high-availability-multiAZ.html) .", + "title": "DeploymentType", + "type": "string" + }, + "DiskIopsConfiguration": { + "$ref": "#/definitions/AWS::FSx::FileSystem.DiskIopsConfiguration", + "markdownDescription": "The SSD IOPS (input/output operations per second) configuration for an Amazon FSx for Windows file system. By default, Amazon FSx automatically provisions 3 IOPS per GiB of storage capacity. You can provision additional IOPS per GiB of storage, up to the maximum limit associated with your chosen throughput capacity.", + "title": "DiskIopsConfiguration" + }, + "PreferredSubnetId": { + "markdownDescription": "Required when `DeploymentType` is set to `MULTI_AZ_1` . This specifies the subnet in which you want the preferred file server to be located. For in- AWS applications, we recommend that you launch your clients in the same availability zone as your preferred file server to reduce cross-availability zone data transfer costs and minimize latency.", + "title": "PreferredSubnetId", + "type": "string" + }, + "SelfManagedActiveDirectoryConfiguration": { + "$ref": "#/definitions/AWS::FSx::FileSystem.SelfManagedActiveDirectoryConfiguration", + "markdownDescription": "The configuration that Amazon FSx uses to join a FSx for Windows File Server file system or an FSx for ONTAP storage virtual machine (SVM) to a self-managed (including on-premises) Microsoft Active Directory (AD) directory. For more information, see [Using Amazon FSx for Windows with your self-managed Microsoft Active Directory](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/self-managed-AD.html) or [Managing FSx for ONTAP SVMs](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-svms.html) .", + "title": "SelfManagedActiveDirectoryConfiguration" + }, + "ThroughputCapacity": { + "markdownDescription": "Sets the throughput capacity of an Amazon FSx file system, measured in megabytes per second (MB/s), in 2 to the *n* th increments, between 2^3 (8) and 2^11 (2048).\n\n> To increase storage capacity, a file system must have a minimum throughput capacity of 16 MB/s.", + "title": "ThroughputCapacity", + "type": "number" + }, + "WeeklyMaintenanceStartTime": { + "markdownDescription": "The preferred start time to perform weekly maintenance, formatted d:HH:MM in the UTC time zone, where d is the weekday number, from 1 through 7, beginning with Monday and ending with Sunday.", + "title": "WeeklyMaintenanceStartTime", + "type": "string" } }, + "required": [ + "ThroughputCapacity" + ], "type": "object" }, - "AWS::ImageBuilder::Workflow": { + "AWS::FSx::S3AccessPointAttachment": { "additionalProperties": false, "properties": { "Condition": { @@ -118741,68 +123492,37 @@ "Properties": { "additionalProperties": false, "properties": { - "ChangeDescription": { - "markdownDescription": "Describes what change has been made in this version of the workflow, or what makes this version different from other versions of the workflow.", - "title": "ChangeDescription", - "type": "string" - }, - "Data": { - "markdownDescription": "Contains the UTF-8 encoded YAML document content for the workflow. Alternatively, you can specify the `uri` of a YAML document file stored in Amazon S3. However, you cannot specify both properties.", - "title": "Data", - "type": "string" - }, - "Description": { - "markdownDescription": "Describes the workflow.", - "title": "Description", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "The ID of the KMS key that is used to encrypt this workflow resource.", - "title": "KmsKeyId", - "type": "string" - }, "Name": { - "markdownDescription": "The name of the workflow to create.", + "markdownDescription": "The name of the S3 access point attachment; also used for the name of the S3 access point.", "title": "Name", "type": "string" }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Tags that apply to the workflow resource.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" + "OpenZFSConfiguration": { + "$ref": "#/definitions/AWS::FSx::S3AccessPointAttachment.S3AccessPointOpenZFSConfiguration", + "markdownDescription": "The OpenZFSConfiguration of the S3 access point attachment.", + "title": "OpenZFSConfiguration" + }, + "S3AccessPoint": { + "$ref": "#/definitions/AWS::FSx::S3AccessPointAttachment.S3AccessPoint", + "markdownDescription": "The S3 access point configuration of the S3 access point attachment.", + "title": "S3AccessPoint" }, "Type": { - "markdownDescription": "The phase in the image build process for which the workflow resource is responsible.", + "markdownDescription": "The type of Amazon FSx volume that the S3 access point is attached to.", "title": "Type", "type": "string" - }, - "Uri": { - "markdownDescription": "The `uri` of a YAML component document file. This must be an S3 URL ( `s3://bucket/key` ), and the requester must have permission to access the S3 bucket it points to. If you use Amazon S3, you can specify component content up to your service quota.\n\nAlternatively, you can specify the YAML document inline, using the component `data` property. You cannot specify both properties.", - "title": "Uri", - "type": "string" - }, - "Version": { - "markdownDescription": "The semantic version of this workflow resource. The semantic version syntax adheres to the following rules.\n\n> The semantic version has four nodes: ../. You can assign values for the first three, and can filter on all of them.\n> \n> *Assignment:* For the first three nodes you can assign any positive integer value, including zero, with an upper limit of 2^30-1, or 1073741823 for each node. Image Builder automatically assigns the build number to the fourth node.\n> \n> *Patterns:* You can use any numeric pattern that adheres to the assignment requirements for the nodes that you can assign. For example, you might choose a software version pattern, such as 1.0.0, or a date, such as 2021.01.01.", - "title": "Version", - "type": "string" } }, "required": [ "Name", - "Type", - "Version" + "OpenZFSConfiguration", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::ImageBuilder::Workflow" + "AWS::FSx::S3AccessPointAttachment" ], "type": "string" }, @@ -118821,75 +123541,129 @@ ], "type": "object" }, - "AWS::Inspector::AssessmentTarget": { + "AWS::FSx::S3AccessPointAttachment.FileSystemGID": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Gid": { + "markdownDescription": "The GID of the file system user.", + "title": "Gid", + "type": "number" + } + }, + "required": [ + "Gid" + ], + "type": "object" + }, + "AWS::FSx::S3AccessPointAttachment.OpenZFSFileSystemIdentity": { + "additionalProperties": false, + "properties": { + "PosixUser": { + "$ref": "#/definitions/AWS::FSx::S3AccessPointAttachment.OpenZFSPosixFileSystemUser", + "markdownDescription": "Specifies the UID and GIDs of the file system POSIX user.", + "title": "PosixUser" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Type": { + "markdownDescription": "Specifies the FSx for OpenZFS user identity type, accepts only `POSIX` .", + "title": "Type", "type": "string" + } + }, + "required": [ + "PosixUser", + "Type" + ], + "type": "object" + }, + "AWS::FSx::S3AccessPointAttachment.OpenZFSPosixFileSystemUser": { + "additionalProperties": false, + "properties": { + "Gid": { + "markdownDescription": "The GID of the file system user.", + "title": "Gid", + "type": "number" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "SecondaryGids": { + "items": { + "$ref": "#/definitions/AWS::FSx::S3AccessPointAttachment.FileSystemGID" + }, + "markdownDescription": "The list of secondary GIDs for the file system user.", + "title": "SecondaryGids", + "type": "array" }, - "Metadata": { - "type": "object" + "Uid": { + "markdownDescription": "The UID of the file system user.", + "title": "Uid", + "type": "number" + } + }, + "required": [ + "Gid", + "Uid" + ], + "type": "object" + }, + "AWS::FSx::S3AccessPointAttachment.S3AccessPoint": { + "additionalProperties": false, + "properties": { + "Alias": { + "markdownDescription": "The S3 access point's alias.", + "title": "Alias", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AssessmentTargetName": { - "markdownDescription": "The name of the Amazon Inspector assessment target. The name must be unique within the AWS account .", - "title": "AssessmentTargetName", - "type": "string" - }, - "ResourceGroupArn": { - "markdownDescription": "The ARN that specifies the resource group that is used to create the assessment target. If `resourceGroupArn` is not specified, all EC2 instances in the current AWS account and Region are included in the assessment target.", - "title": "ResourceGroupArn", - "type": "string" - } - }, + "Policy": { + "markdownDescription": "The S3 access point's policy.", + "title": "Policy", "type": "object" }, - "Type": { - "enum": [ - "AWS::Inspector::AssessmentTarget" - ], + "ResourceARN": { + "markdownDescription": "The S3 access point's ARN.", + "title": "ResourceARN", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VpcConfiguration": { + "$ref": "#/definitions/AWS::FSx::S3AccessPointAttachment.S3AccessPointVpcConfiguration", + "markdownDescription": "The S3 access point's virtual private cloud (VPC) configuration.", + "title": "VpcConfiguration" + } + }, + "type": "object" + }, + "AWS::FSx::S3AccessPointAttachment.S3AccessPointOpenZFSConfiguration": { + "additionalProperties": false, + "properties": { + "FileSystemIdentity": { + "$ref": "#/definitions/AWS::FSx::S3AccessPointAttachment.OpenZFSFileSystemIdentity", + "markdownDescription": "The file system identity used to authorize file access requests made using the S3 access point.", + "title": "FileSystemIdentity" + }, + "VolumeId": { + "markdownDescription": "The ID of the FSx for OpenZFS volume that the S3 access point is attached to.", + "title": "VolumeId", "type": "string" } }, "required": [ - "Type" + "FileSystemIdentity", + "VolumeId" ], "type": "object" }, - "AWS::Inspector::AssessmentTemplate": { + "AWS::FSx::S3AccessPointAttachment.S3AccessPointVpcConfiguration": { + "additionalProperties": false, + "properties": { + "VpcId": { + "markdownDescription": "Specifies the virtual private cloud (VPC) for the S3 access point VPC configuration, if one exists.", + "title": "VpcId", + "type": "string" + } + }, + "required": [ + "VpcId" + ], + "type": "object" + }, + "AWS::FSx::Snapshot": { "additionalProperties": false, "properties": { "Condition": { @@ -118924,48 +123698,34 @@ "Properties": { "additionalProperties": false, "properties": { - "AssessmentTargetArn": { - "markdownDescription": "The ARN of the assessment target to be included in the assessment template.", - "title": "AssessmentTargetArn", - "type": "string" - }, - "AssessmentTemplateName": { - "markdownDescription": "The user-defined name that identifies the assessment template that you want to create. You can create several assessment templates for the same assessment target. The names of the assessment templates that correspond to a particular assessment target must be unique.", - "title": "AssessmentTemplateName", + "Name": { + "markdownDescription": "The name of the snapshot.", + "title": "Name", "type": "string" }, - "DurationInSeconds": { - "markdownDescription": "The duration of the assessment run in seconds.", - "title": "DurationInSeconds", - "type": "number" - }, - "RulesPackageArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The ARNs of the rules packages that you want to use in the assessment template.", - "title": "RulesPackageArns", - "type": "array" - }, - "UserAttributesForFindings": { + "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The user-defined attributes that are assigned to every finding that is generated by the assessment run that uses this assessment template. Within an assessment template, each key must be unique.", - "title": "UserAttributesForFindings", + "markdownDescription": "A list of `Tag` values, with a maximum of 50 elements.", + "title": "Tags", "type": "array" + }, + "VolumeId": { + "markdownDescription": "The ID of the volume that the snapshot is of.", + "title": "VolumeId", + "type": "string" } }, "required": [ - "AssessmentTargetArn", - "DurationInSeconds", - "RulesPackageArns" + "Name", + "VolumeId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Inspector::AssessmentTemplate" + "AWS::FSx::Snapshot" ], "type": "string" }, @@ -118984,7 +123744,7 @@ ], "type": "object" }, - "AWS::Inspector::ResourceGroup": { + "AWS::FSx::StorageVirtualMachine": { "additionalProperties": false, "properties": { "Condition": { @@ -119019,23 +123779,49 @@ "Properties": { "additionalProperties": false, "properties": { - "ResourceGroupTags": { + "ActiveDirectoryConfiguration": { + "$ref": "#/definitions/AWS::FSx::StorageVirtualMachine.ActiveDirectoryConfiguration", + "markdownDescription": "Describes the Microsoft Active Directory configuration to which the SVM is joined, if applicable.", + "title": "ActiveDirectoryConfiguration" + }, + "FileSystemId": { + "markdownDescription": "Specifies the FSx for ONTAP file system on which to create the SVM.", + "title": "FileSystemId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the SVM.", + "title": "Name", + "type": "string" + }, + "RootVolumeSecurityStyle": { + "markdownDescription": "The security style of the root volume of the SVM. Specify one of the following values:\n\n- `UNIX` if the file system is managed by a UNIX administrator, the majority of users are NFS clients, and an application accessing the data uses a UNIX user as the service account.\n- `NTFS` if the file system is managed by a Microsoft Windows administrator, the majority of users are SMB clients, and an application accessing the data uses a Microsoft Windows user as the service account.\n- `MIXED` This is an advanced setting. For more information, see [Volume security style](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/volume-security-style.html) in the Amazon FSx for NetApp ONTAP User Guide.", + "title": "RootVolumeSecurityStyle", + "type": "string" + }, + "SvmAdminPassword": { + "markdownDescription": "Specifies the password to use when logging on to the SVM using a secure shell (SSH) connection to the SVM's management endpoint. Doing so enables you to manage the SVM using the NetApp ONTAP CLI or REST API. If you do not specify a password, you can still use the file system's `fsxadmin` user to manage the SVM. For more information, see [Managing SVMs using the NetApp ONTAP CLI](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-resources-ontap-apps.html#vsadmin-ontap-cli) in the *FSx for ONTAP User Guide* .", + "title": "SvmAdminPassword", + "type": "string" + }, + "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags (key and value pairs) that will be associated with the resource group.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "ResourceGroupTags", + "markdownDescription": "A list of `Tag` values, with a maximum of 50 elements.", + "title": "Tags", "type": "array" } }, "required": [ - "ResourceGroupTags" + "FileSystemId", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Inspector::ResourceGroup" + "AWS::FSx::StorageVirtualMachine" ], "type": "string" }, @@ -119054,7 +123840,62 @@ ], "type": "object" }, - "AWS::InspectorV2::CisScanConfiguration": { + "AWS::FSx::StorageVirtualMachine.ActiveDirectoryConfiguration": { + "additionalProperties": false, + "properties": { + "NetBiosName": { + "markdownDescription": "The NetBIOS name of the Active Directory computer object that will be created for your SVM.", + "title": "NetBiosName", + "type": "string" + }, + "SelfManagedActiveDirectoryConfiguration": { + "$ref": "#/definitions/AWS::FSx::StorageVirtualMachine.SelfManagedActiveDirectoryConfiguration", + "markdownDescription": "The configuration that Amazon FSx uses to join the ONTAP storage virtual machine (SVM) to your self-managed (including on-premises) Microsoft Active Directory directory.", + "title": "SelfManagedActiveDirectoryConfiguration" + } + }, + "type": "object" + }, + "AWS::FSx::StorageVirtualMachine.SelfManagedActiveDirectoryConfiguration": { + "additionalProperties": false, + "properties": { + "DnsIps": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of up to three IP addresses of DNS servers or domain controllers in the self-managed AD directory.", + "title": "DnsIps", + "type": "array" + }, + "DomainName": { + "markdownDescription": "The fully qualified domain name of the self-managed AD directory, such as `corp.example.com` .", + "title": "DomainName", + "type": "string" + }, + "FileSystemAdministratorsGroup": { + "markdownDescription": "(Optional) The name of the domain group whose members are granted administrative privileges for the file system. Administrative privileges include taking ownership of files and folders, setting audit controls (audit ACLs) on files and folders, and administering the file system remotely by using the FSx Remote PowerShell. The group that you specify must already exist in your domain. If you don't provide one, your AD domain's Domain Admins group is used.", + "title": "FileSystemAdministratorsGroup", + "type": "string" + }, + "OrganizationalUnitDistinguishedName": { + "markdownDescription": "(Optional) The fully qualified distinguished name of the organizational unit within your self-managed AD directory. Amazon FSx only accepts OU as the direct parent of the file system. An example is `OU=FSx,DC=yourdomain,DC=corp,DC=com` . To learn more, see [RFC 2253](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc2253) . If none is provided, the FSx file system is created in the default location of your self-managed AD directory.\n\n> Only Organizational Unit (OU) objects can be the direct parent of the file system that you're creating.", + "title": "OrganizationalUnitDistinguishedName", + "type": "string" + }, + "Password": { + "markdownDescription": "The password for the service account on your self-managed AD domain that Amazon FSx will use to join to your AD domain.", + "title": "Password", + "type": "string" + }, + "UserName": { + "markdownDescription": "The user name for the service account on your self-managed AD domain that Amazon FSx will use to join to your AD domain. This account must have the permission to join computers to the domain in the organizational unit provided in `OrganizationalUnitDistinguishedName` , or in the default location of your AD domain.", + "title": "UserName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::FSx::Volume": { "additionalProperties": false, "properties": { "Condition": { @@ -119089,43 +123930,48 @@ "Properties": { "additionalProperties": false, "properties": { - "ScanName": { - "markdownDescription": "The name of the CIS scan configuration.", - "title": "ScanName", + "BackupId": { + "markdownDescription": "Specifies the ID of the volume backup to use to create a new volume.", + "title": "BackupId", "type": "string" }, - "Schedule": { - "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.Schedule", - "markdownDescription": "The CIS scan configuration's schedule.", - "title": "Schedule" - }, - "SecurityLevel": { - "markdownDescription": "The CIS scan configuration's CIS Benchmark level.", - "title": "SecurityLevel", + "Name": { + "markdownDescription": "The name of the volume.", + "title": "Name", "type": "string" }, + "OntapConfiguration": { + "$ref": "#/definitions/AWS::FSx::Volume.OntapConfiguration", + "markdownDescription": "The configuration of an Amazon FSx for NetApp ONTAP volume.", + "title": "OntapConfiguration" + }, + "OpenZFSConfiguration": { + "$ref": "#/definitions/AWS::FSx::Volume.OpenZFSConfiguration", + "markdownDescription": "The configuration of an Amazon FSx for OpenZFS volume.", + "title": "OpenZFSConfiguration" + }, "Tags": { - "additionalProperties": true, - "markdownDescription": "The CIS scan configuration's tags.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", - "type": "object" + "type": "array" }, - "Targets": { - "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.CisTargets", - "markdownDescription": "The CIS scan configuration's targets.", - "title": "Targets" + "VolumeType": { + "markdownDescription": "The type of the volume.", + "title": "VolumeType", + "type": "string" } }, + "required": [ + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::InspectorV2::CisScanConfiguration" + "AWS::FSx::Volume" ], "type": "string" }, @@ -119139,602 +123985,383 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::InspectorV2::CisScanConfiguration.CisTargets": { + "AWS::FSx::Volume.AggregateConfiguration": { "additionalProperties": false, "properties": { - "AccountIds": { + "Aggregates": { "items": { "type": "string" }, - "markdownDescription": "The CIS target account ids.", - "title": "AccountIds", + "markdownDescription": "The list of aggregates that this volume resides on. Aggregates are storage pools which make up your primary storage tier. Each high-availability (HA) pair has one aggregate. The names of the aggregates map to the names of the aggregates in the ONTAP CLI and REST API. For FlexVols, there will always be a single entry.\n\nAmazon FSx responds with an HTTP status code 400 (Bad Request) for the following conditions:\n\n- The strings in the value of `Aggregates` are not are not formatted as `aggrX` , where X is a number between 1 and 12.\n- The value of `Aggregates` contains aggregates that are not present.\n- One or more of the aggregates supplied are too close to the volume limit to support adding more volumes.", + "title": "Aggregates", "type": "array" }, - "TargetResourceTags": { - "markdownDescription": "The CIS target resource tags.", - "title": "TargetResourceTags", - "type": "object" + "ConstituentsPerAggregate": { + "markdownDescription": "Used to explicitly set the number of constituents within the FlexGroup per storage aggregate. This field is optional when creating a FlexGroup volume. If unspecified, the default value will be 8. This field cannot be provided when creating a FlexVol volume.", + "title": "ConstituentsPerAggregate", + "type": "number" } }, - "required": [ - "AccountIds" - ], "type": "object" }, - "AWS::InspectorV2::CisScanConfiguration.DailySchedule": { + "AWS::FSx::Volume.AutocommitPeriod": { "additionalProperties": false, "properties": { - "StartTime": { - "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.Time", - "markdownDescription": "The schedule start time.", - "title": "StartTime" + "Type": { + "markdownDescription": "Defines the type of time for the autocommit period of a file in an FSx for ONTAP SnapLock volume. Setting this value to `NONE` disables autocommit. The default value is `NONE` .", + "title": "Type", + "type": "string" + }, + "Value": { + "markdownDescription": "Defines the amount of time for the autocommit period of a file in an FSx for ONTAP SnapLock volume. The following ranges are valid:\n\n- `Minutes` : 5 - 65,535\n- `Hours` : 1 - 65,535\n- `Days` : 1 - 3,650\n- `Months` : 1 - 120\n- `Years` : 1 - 10", + "title": "Value", + "type": "number" } }, "required": [ - "StartTime" + "Type" ], "type": "object" }, - "AWS::InspectorV2::CisScanConfiguration.MonthlySchedule": { + "AWS::FSx::Volume.ClientConfigurations": { "additionalProperties": false, "properties": { - "Day": { - "markdownDescription": "The monthly schedule's day.", - "title": "Day", + "Clients": { + "markdownDescription": "A value that specifies who can mount the file system. You can provide a wildcard character ( `*` ), an IP address ( `0.0.0.0` ), or a CIDR address ( `192.0.2.0/24` ). By default, Amazon FSx uses the wildcard character when specifying the client.", + "title": "Clients", "type": "string" }, - "StartTime": { - "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.Time", - "markdownDescription": "The monthly schedule's start time.", - "title": "StartTime" + "Options": { + "items": { + "type": "string" + }, + "markdownDescription": "The options to use when mounting the file system. For a list of options that you can use with Network File System (NFS), see the [exports(5) - Linux man page](https://docs.aws.amazon.com/https://linux.die.net/man/5/exports) . When choosing your options, consider the following:\n\n- `crossmnt` is used by default. If you don't specify `crossmnt` when changing the client configuration, you won't be able to see or access snapshots in your file system's snapshot directory.\n- `sync` is used by default. If you instead specify `async` , the system acknowledges writes before writing to disk. If the system crashes before the writes are finished, you lose the unwritten data.", + "title": "Options", + "type": "array" } }, "required": [ - "Day", - "StartTime" + "Clients", + "Options" ], "type": "object" }, - "AWS::InspectorV2::CisScanConfiguration.Schedule": { + "AWS::FSx::Volume.NfsExports": { "additionalProperties": false, "properties": { - "Daily": { - "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.DailySchedule", - "markdownDescription": "A daily schedule.", - "title": "Daily" - }, - "Monthly": { - "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.MonthlySchedule", - "markdownDescription": "A monthly schedule.", - "title": "Monthly" - }, - "OneTime": { - "markdownDescription": "A one time schedule.", - "title": "OneTime", - "type": "object" - }, - "Weekly": { - "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.WeeklySchedule", - "markdownDescription": "A weekly schedule.", - "title": "Weekly" + "ClientConfigurations": { + "items": { + "$ref": "#/definitions/AWS::FSx::Volume.ClientConfigurations" + }, + "markdownDescription": "A list of configuration objects that contain the client and options for mounting the OpenZFS file system.", + "title": "ClientConfigurations", + "type": "array" } }, + "required": [ + "ClientConfigurations" + ], "type": "object" }, - "AWS::InspectorV2::CisScanConfiguration.Time": { + "AWS::FSx::Volume.OntapConfiguration": { "additionalProperties": false, "properties": { - "TimeOfDay": { - "markdownDescription": "The time of day in 24-hour format (00:00).", - "title": "TimeOfDay", + "AggregateConfiguration": { + "$ref": "#/definitions/AWS::FSx::Volume.AggregateConfiguration", + "markdownDescription": "Used to specify the configuration options for an FSx for ONTAP volume's storage aggregate or aggregates.", + "title": "AggregateConfiguration" + }, + "CopyTagsToBackups": { + "markdownDescription": "A boolean flag indicating whether tags for the volume should be copied to backups. This value defaults to false. If it's set to true, all tags for the volume are copied to all automatic and user-initiated backups where the user doesn't specify tags. If this value is true, and you specify one or more tags, only the specified tags are copied to backups. If you specify one or more tags when creating a user-initiated backup, no tags are copied from the volume, regardless of this value.", + "title": "CopyTagsToBackups", "type": "string" }, - "TimeZone": { - "markdownDescription": "The timezone.", - "title": "TimeZone", + "JunctionPath": { + "markdownDescription": "Specifies the location in the SVM's namespace where the volume is mounted. This parameter is required. The `JunctionPath` must have a leading forward slash, such as `/vol3` .", + "title": "JunctionPath", + "type": "string" + }, + "OntapVolumeType": { + "markdownDescription": "Specifies the type of volume you are creating. Valid values are the following:\n\n- `RW` specifies a read/write volume. `RW` is the default.\n- `DP` specifies a data-protection volume. A `DP` volume is read-only and can be used as the destination of a NetApp SnapMirror relationship.\n\nFor more information, see [Volume types](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-volumes.html#volume-types) in the Amazon FSx for NetApp ONTAP User Guide.", + "title": "OntapVolumeType", + "type": "string" + }, + "SecurityStyle": { + "markdownDescription": "Specifies the security style for the volume. If a volume's security style is not specified, it is automatically set to the root volume's security style. The security style determines the type of permissions that FSx for ONTAP uses to control data access. Specify one of the following values:\n\n- `UNIX` if the file system is managed by a UNIX administrator, the majority of users are NFS clients, and an application accessing the data uses a UNIX user as the service account.\n- `NTFS` if the file system is managed by a Windows administrator, the majority of users are SMB clients, and an application accessing the data uses a Windows user as the service account.\n- `MIXED` This is an advanced setting. For more information, see the topic [What the security styles and their effects are](https://docs.aws.amazon.com/https://docs.netapp.com/us-en/ontap/nfs-admin/security-styles-their-effects-concept.html) in the NetApp Documentation Center.\n\nFor more information, see [Volume security style](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-volumes.html#volume-security-style) in the FSx for ONTAP User Guide.", + "title": "SecurityStyle", + "type": "string" + }, + "SizeInBytes": { + "markdownDescription": "Specifies the configured size of the volume, in bytes.", + "title": "SizeInBytes", + "type": "string" + }, + "SizeInMegabytes": { + "markdownDescription": "Use `SizeInBytes` instead. Specifies the size of the volume, in megabytes (MB), that you are creating.", + "title": "SizeInMegabytes", + "type": "string" + }, + "SnaplockConfiguration": { + "$ref": "#/definitions/AWS::FSx::Volume.SnaplockConfiguration", + "markdownDescription": "The SnapLock configuration object for an FSx for ONTAP SnapLock volume.", + "title": "SnaplockConfiguration" + }, + "SnapshotPolicy": { + "markdownDescription": "Specifies the snapshot policy for the volume. There are three built-in snapshot policies:\n\n- `default` : This is the default policy. A maximum of six hourly snapshots taken five minutes past the hour. A maximum of two daily snapshots taken Monday through Saturday at 10 minutes after midnight. A maximum of two weekly snapshots taken every Sunday at 15 minutes after midnight.\n- `default-1weekly` : This policy is the same as the `default` policy except that it only retains one snapshot from the weekly schedule.\n- `none` : This policy does not take any snapshots. This policy can be assigned to volumes to prevent automatic snapshots from being taken.\n\nYou can also provide the name of a custom policy that you created with the ONTAP CLI or REST API.\n\nFor more information, see [Snapshot policies](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/snapshots-ontap.html#snapshot-policies) in the Amazon FSx for NetApp ONTAP User Guide.", + "title": "SnapshotPolicy", + "type": "string" + }, + "StorageEfficiencyEnabled": { + "markdownDescription": "Set to true to enable deduplication, compression, and compaction storage efficiency features on the volume, or set to false to disable them.\n\n`StorageEfficiencyEnabled` is required when creating a `RW` volume ( `OntapVolumeType` set to `RW` ).", + "title": "StorageEfficiencyEnabled", + "type": "string" + }, + "StorageVirtualMachineId": { + "markdownDescription": "Specifies the ONTAP SVM in which to create the volume.", + "title": "StorageVirtualMachineId", + "type": "string" + }, + "TieringPolicy": { + "$ref": "#/definitions/AWS::FSx::Volume.TieringPolicy", + "markdownDescription": "Describes the data tiering policy for an ONTAP volume. When enabled, Amazon FSx for ONTAP's intelligent tiering automatically transitions a volume's data between the file system's primary storage and capacity pool storage based on your access patterns.\n\nValid tiering policies are the following:\n\n- `SNAPSHOT_ONLY` - (Default value) moves cold snapshots to the capacity pool storage tier.\n\n- `AUTO` - moves cold user data and snapshots to the capacity pool storage tier based on your access patterns.\n\n- `ALL` - moves all user data blocks in both the active file system and Snapshot copies to the storage pool tier.\n\n- `NONE` - keeps a volume's data in the primary storage tier, preventing it from being moved to the capacity pool tier.", + "title": "TieringPolicy" + }, + "VolumeStyle": { + "markdownDescription": "Use to specify the style of an ONTAP volume. FSx for ONTAP offers two styles of volumes that you can use for different purposes, FlexVol and FlexGroup volumes. For more information, see [Volume styles](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-volumes.html#volume-styles) in the Amazon FSx for NetApp ONTAP User Guide.", + "title": "VolumeStyle", "type": "string" } }, "required": [ - "TimeOfDay", - "TimeZone" + "StorageVirtualMachineId" ], "type": "object" }, - "AWS::InspectorV2::CisScanConfiguration.WeeklySchedule": { + "AWS::FSx::Volume.OpenZFSConfiguration": { "additionalProperties": false, "properties": { - "Days": { + "CopyTagsToSnapshots": { + "markdownDescription": "A Boolean value indicating whether tags for the volume should be copied to snapshots. This value defaults to `false` . If this value is set to `true` , and you do not specify any tags, all tags for the original volume are copied over to snapshots. If this value is\u00a0set to `true` , and you do specify one or more tags, only the specified tags for the original volume are copied over to snapshots. If you specify one or more tags when creating a new snapshot, no tags are copied over from the original volume, regardless of this value.", + "title": "CopyTagsToSnapshots", + "type": "boolean" + }, + "DataCompressionType": { + "markdownDescription": "Specifies the method used to compress the data on the volume. The compression type is `NONE` by default.\n\n- `NONE` - Doesn't compress the data on the volume. `NONE` is the default.\n- `ZSTD` - Compresses the data in the volume using the Zstandard (ZSTD) compression algorithm. Compared to LZ4, Z-Standard provides a better compression ratio to minimize on-disk storage utilization.\n- `LZ4` - Compresses the data in the volume using the LZ4 compression algorithm. Compared to Z-Standard, LZ4 is less compute-intensive and delivers higher write throughput speeds.", + "title": "DataCompressionType", + "type": "string" + }, + "NfsExports": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::FSx::Volume.NfsExports" }, - "markdownDescription": "The weekly schedule's days.", - "title": "Days", + "markdownDescription": "The configuration object for mounting a Network File System (NFS) file system.", + "title": "NfsExports", "type": "array" }, - "StartTime": { - "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.Time", - "markdownDescription": "The weekly schedule's start time.", - "title": "StartTime" - } - }, - "required": [ - "Days", - "StartTime" - ], - "type": "object" - }, - "AWS::InspectorV2::Filter": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" + "Options": { + "items": { + "type": "string" + }, + "markdownDescription": "To delete the volume's child volumes, snapshots, and clones, use the string `DELETE_CHILD_VOLUMES_AND_SNAPSHOTS` .", + "title": "Options", + "type": "array" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "OriginSnapshot": { + "$ref": "#/definitions/AWS::FSx::Volume.OriginSnapshot", + "markdownDescription": "The configuration object that specifies the snapshot to use as the origin of the data for the volume.", + "title": "OriginSnapshot" + }, + "ParentVolumeId": { + "markdownDescription": "The ID of the volume to use as the parent volume of the volume that you are creating.", + "title": "ParentVolumeId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ReadOnly": { + "markdownDescription": "A Boolean value indicating whether the volume is read-only.", + "title": "ReadOnly", + "type": "boolean" }, - "Metadata": { - "type": "object" + "RecordSizeKiB": { + "markdownDescription": "Specifies the suggested block size for a volume in a ZFS dataset, in kibibytes (KiB). For file systems using the Intelligent-Tiering storage class, valid values are 128, 256, 512, 1024, 2048, or 4096 KiB, with a default of 1024 KiB. For all other file systems, valid values are 4, 8, 16, 32, 64, 128, 256, 512, or 1024 KiB, with a default of 128 KiB. We recommend using the default setting for the majority of use cases. Generally, workloads that write in fixed small or large record sizes may benefit from setting a custom record size, like database workloads (small record size) or media streaming workloads (large record size). For additional guidance on when to set a custom record size, see [ZFS Record size](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/performance.html#record-size-performance) in the *Amazon FSx for OpenZFS User Guide* .", + "title": "RecordSizeKiB", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description of the filter.", - "title": "Description", - "type": "string" - }, - "FilterAction": { - "markdownDescription": "The action that is to be applied to the findings that match the filter.", - "title": "FilterAction", - "type": "string" - }, - "FilterCriteria": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.FilterCriteria", - "markdownDescription": "Details on the filter criteria associated with this filter.", - "title": "FilterCriteria" - }, - "Name": { - "markdownDescription": "The name of the filter.", - "title": "Name", - "type": "string" - } - }, - "required": [ - "FilterAction", - "FilterCriteria", - "Name" - ], - "type": "object" + "StorageCapacityQuotaGiB": { + "markdownDescription": "Sets the maximum storage size in gibibytes (GiB) for the volume. You can specify a quota that is larger than the storage on the parent volume. A volume quota limits the amount of storage that the volume can consume to the configured amount, but does not guarantee the space will be available on the parent volume. To guarantee quota space, you must also set `StorageCapacityReservationGiB` . To *not* specify a storage capacity quota, set this to `-1` .\n\nFor more information, see [Volume properties](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/managing-volumes.html#volume-properties) in the *Amazon FSx for OpenZFS User Guide* .", + "title": "StorageCapacityQuotaGiB", + "type": "number" }, - "Type": { - "enum": [ - "AWS::InspectorV2::Filter" - ], - "type": "string" + "StorageCapacityReservationGiB": { + "markdownDescription": "Specifies the amount of storage in gibibytes (GiB) to reserve from the parent volume. Setting `StorageCapacityReservationGiB` guarantees that the specified amount of storage space on the parent volume will always be available for the volume. You can't reserve more storage than the parent volume has. To *not* specify a storage capacity reservation, set this to `0` or `-1` . For more information, see [Volume properties](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/managing-volumes.html#volume-properties) in the *Amazon FSx for OpenZFS User Guide* .", + "title": "StorageCapacityReservationGiB", + "type": "number" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "UserAndGroupQuotas": { + "items": { + "$ref": "#/definitions/AWS::FSx::Volume.UserAndGroupQuotas" + }, + "markdownDescription": "Configures how much storage users and groups can use on the volume.", + "title": "UserAndGroupQuotas", + "type": "array" } }, "required": [ - "Type", - "Properties" + "ParentVolumeId" ], "type": "object" }, - "AWS::InspectorV2::Filter.DateFilter": { + "AWS::FSx::Volume.OriginSnapshot": { "additionalProperties": false, "properties": { - "EndInclusive": { - "markdownDescription": "A timestamp representing the end of the time period filtered on.", - "title": "EndInclusive", - "type": "number" + "CopyStrategy": { + "markdownDescription": "Specifies the strategy used when copying data from the snapshot to the new volume.\n\n- `CLONE` - The new volume references the data in the origin snapshot. Cloning a snapshot is faster than copying data from the snapshot to a new volume and doesn't consume disk throughput. However, the origin snapshot can't be deleted if there is a volume using its copied data.\n- `FULL_COPY` - Copies all data from the snapshot to the new volume.\n\nSpecify this option to create the volume from a snapshot on another FSx for OpenZFS file system.\n\n> The `INCREMENTAL_COPY` option is only for updating an existing volume by using a snapshot from another FSx for OpenZFS file system. For more information, see [CopySnapshotAndUpdateVolume](https://docs.aws.amazon.com/fsx/latest/APIReference/API_CopySnapshotAndUpdateVolume.html) .", + "title": "CopyStrategy", + "type": "string" }, - "StartInclusive": { - "markdownDescription": "A timestamp representing the start of the time period filtered on.", - "title": "StartInclusive", - "type": "number" + "SnapshotARN": { + "markdownDescription": "Specifies the snapshot to use when creating an OpenZFS volume from a snapshot.", + "title": "SnapshotARN", + "type": "string" } }, + "required": [ + "CopyStrategy", + "SnapshotARN" + ], "type": "object" }, - "AWS::InspectorV2::Filter.FilterCriteria": { + "AWS::FSx::Volume.RetentionPeriod": { "additionalProperties": false, "properties": { - "AwsAccountId": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details of the AWS account IDs used to filter findings.", - "title": "AwsAccountId", - "type": "array" - }, - "ComponentId": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details of the component IDs used to filter findings.", - "title": "ComponentId", - "type": "array" - }, - "ComponentType": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details of the component types used to filter findings.", - "title": "ComponentType", - "type": "array" - }, - "Ec2InstanceImageId": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details of the Amazon EC2 instance image IDs used to filter findings.", - "title": "Ec2InstanceImageId", - "type": "array" - }, - "Ec2InstanceSubnetId": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details of the Amazon EC2 instance subnet IDs used to filter findings.", - "title": "Ec2InstanceSubnetId", - "type": "array" - }, - "Ec2InstanceVpcId": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details of the Amazon EC2 instance VPC IDs used to filter findings.", - "title": "Ec2InstanceVpcId", - "type": "array" - }, - "EcrImageArchitecture": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details of the Amazon ECR image architecture types used to filter findings.", - "title": "EcrImageArchitecture", - "type": "array" - }, - "EcrImageHash": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details of the Amazon ECR image hashes used to filter findings.", - "title": "EcrImageHash", - "type": "array" - }, - "EcrImagePushedAt": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.DateFilter" - }, - "markdownDescription": "Details on the Amazon ECR image push date and time used to filter findings.", - "title": "EcrImagePushedAt", - "type": "array" - }, - "EcrImageRegistry": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on the Amazon ECR registry used to filter findings.", - "title": "EcrImageRegistry", - "type": "array" - }, - "EcrImageRepositoryName": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on the name of the Amazon ECR repository used to filter findings.", - "title": "EcrImageRepositoryName", - "type": "array" - }, - "EcrImageTags": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "The tags attached to the Amazon ECR container image.", - "title": "EcrImageTags", - "type": "array" - }, - "FindingArn": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on the finding ARNs used to filter findings.", - "title": "FindingArn", - "type": "array" - }, - "FindingStatus": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on the finding status types used to filter findings.", - "title": "FindingStatus", - "type": "array" - }, - "FindingType": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on the finding types used to filter findings.", - "title": "FindingType", - "type": "array" - }, - "FirstObservedAt": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.DateFilter" - }, - "markdownDescription": "Details on the date and time a finding was first seen used to filter findings.", - "title": "FirstObservedAt", - "type": "array" - }, - "InspectorScore": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.NumberFilter" - }, - "markdownDescription": "The Amazon Inspector score to filter on.", - "title": "InspectorScore", - "type": "array" - }, - "LastObservedAt": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.DateFilter" - }, - "markdownDescription": "Details on the date and time a finding was last seen used to filter findings.", - "title": "LastObservedAt", - "type": "array" - }, - "NetworkProtocol": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on network protocol used to filter findings.", - "title": "NetworkProtocol", - "type": "array" - }, - "PortRange": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.PortRangeFilter" - }, - "markdownDescription": "Details on the port ranges used to filter findings.", - "title": "PortRange", - "type": "array" - }, - "RelatedVulnerabilities": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on the related vulnerabilities used to filter findings.", - "title": "RelatedVulnerabilities", - "type": "array" - }, - "ResourceId": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on the resource IDs used to filter findings.", - "title": "ResourceId", - "type": "array" - }, - "ResourceTags": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.MapFilter" - }, - "markdownDescription": "Details on the resource tags used to filter findings.", - "title": "ResourceTags", - "type": "array" - }, - "ResourceType": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on the resource types used to filter findings.", - "title": "ResourceType", - "type": "array" - }, - "Severity": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on the severity used to filter findings.", - "title": "Severity", - "type": "array" - }, - "Title": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on the finding title used to filter findings.", - "title": "Title", - "type": "array" - }, - "UpdatedAt": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.DateFilter" - }, - "markdownDescription": "Details on the date and time a finding was last updated at used to filter findings.", - "title": "UpdatedAt", - "type": "array" - }, - "VendorSeverity": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on the vendor severity used to filter findings.", - "title": "VendorSeverity", - "type": "array" - }, - "VulnerabilityId": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on the vulnerability ID used to filter findings.", - "title": "VulnerabilityId", - "type": "array" - }, - "VulnerabilitySource": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on the vulnerability score to filter findings by.", - "title": "VulnerabilitySource", - "type": "array" + "Type": { + "markdownDescription": "Defines the type of time for the retention period of an FSx for ONTAP SnapLock volume. Set it to one of the valid types. If you set it to `INFINITE` , the files are retained forever. If you set it to `UNSPECIFIED` , the files are retained until you set an explicit retention period.", + "title": "Type", + "type": "string" }, - "VulnerablePackages": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.PackageFilter" - }, - "markdownDescription": "Details on the vulnerable packages used to filter findings.", - "title": "VulnerablePackages", - "type": "array" + "Value": { + "markdownDescription": "Defines the amount of time for the retention period of an FSx for ONTAP SnapLock volume. You can't set a value for `INFINITE` or `UNSPECIFIED` . For all other options, the following ranges are valid:\n\n- `Seconds` : 0 - 65,535\n- `Minutes` : 0 - 65,535\n- `Hours` : 0 - 24\n- `Days` : 0 - 365\n- `Months` : 0 - 12\n- `Years` : 0 - 100", + "title": "Value", + "type": "number" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::InspectorV2::Filter.MapFilter": { + "AWS::FSx::Volume.SnaplockConfiguration": { "additionalProperties": false, "properties": { - "Comparison": { - "markdownDescription": "The operator to use when comparing values in the filter.", - "title": "Comparison", + "AuditLogVolume": { + "markdownDescription": "Enables or disables the audit log volume for an FSx for ONTAP SnapLock volume. The default value is `false` . If you set `AuditLogVolume` to `true` , the SnapLock volume is created as an audit log volume. The minimum retention period for an audit log volume is six months.\n\nFor more information, see [SnapLock audit log volumes](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/how-snaplock-works.html#snaplock-audit-log-volume) .", + "title": "AuditLogVolume", "type": "string" }, - "Key": { - "markdownDescription": "The tag key used in the filter.", - "title": "Key", + "AutocommitPeriod": { + "$ref": "#/definitions/AWS::FSx::Volume.AutocommitPeriod", + "markdownDescription": "The configuration object for setting the autocommit period of files in an FSx for ONTAP SnapLock volume.", + "title": "AutocommitPeriod" + }, + "PrivilegedDelete": { + "markdownDescription": "Enables, disables, or permanently disables privileged delete on an FSx for ONTAP SnapLock Enterprise volume. Enabling privileged delete allows SnapLock administrators to delete write once, read many (WORM) files even if they have active retention periods. `PERMANENTLY_DISABLED` is a terminal state. If privileged delete is permanently disabled on a SnapLock volume, you can't re-enable it. The default value is `DISABLED` .\n\nFor more information, see [Privileged delete](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/snaplock-enterprise.html#privileged-delete) .", + "title": "PrivilegedDelete", "type": "string" }, - "Value": { - "markdownDescription": "The tag value used in the filter.", - "title": "Value", + "RetentionPeriod": { + "$ref": "#/definitions/AWS::FSx::Volume.SnaplockRetentionPeriod", + "markdownDescription": "Specifies the retention period of an FSx for ONTAP SnapLock volume.", + "title": "RetentionPeriod" + }, + "SnaplockType": { + "markdownDescription": "Specifies the retention mode of an FSx for ONTAP SnapLock volume. After it is set, it can't be changed. You can choose one of the following retention modes:\n\n- `COMPLIANCE` : Files transitioned to write once, read many (WORM) on a Compliance volume can't be deleted until their retention periods expire. This retention mode is used to address government or industry-specific mandates or to protect against ransomware attacks. For more information, see [SnapLock Compliance](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/snaplock-compliance.html) .\n- `ENTERPRISE` : Files transitioned to WORM on an Enterprise volume can be deleted by authorized users before their retention periods expire using privileged delete. This retention mode is used to advance an organization's data integrity and internal compliance or to test retention settings before using SnapLock Compliance. For more information, see [SnapLock Enterprise](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/snaplock-enterprise.html) .", + "title": "SnaplockType", + "type": "string" + }, + "VolumeAppendModeEnabled": { + "markdownDescription": "Enables or disables volume-append mode on an FSx for ONTAP SnapLock volume. Volume-append mode allows you to create WORM-appendable files and write data to them incrementally. The default value is `false` .\n\nFor more information, see [Volume-append mode](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/worm-state.html#worm-state-append) .", + "title": "VolumeAppendModeEnabled", "type": "string" } }, "required": [ - "Comparison" + "SnaplockType" ], "type": "object" }, - "AWS::InspectorV2::Filter.NumberFilter": { + "AWS::FSx::Volume.SnaplockRetentionPeriod": { "additionalProperties": false, "properties": { - "LowerInclusive": { - "markdownDescription": "The lowest number to be included in the filter.", - "title": "LowerInclusive", - "type": "number" + "DefaultRetention": { + "$ref": "#/definitions/AWS::FSx::Volume.RetentionPeriod", + "markdownDescription": "The retention period assigned to a write once, read many (WORM) file by default if an explicit retention period is not set for an FSx for ONTAP SnapLock volume. The default retention period must be greater than or equal to the minimum retention period and less than or equal to the maximum retention period.", + "title": "DefaultRetention" }, - "UpperInclusive": { - "markdownDescription": "The highest number to be included in the filter.", - "title": "UpperInclusive", - "type": "number" + "MaximumRetention": { + "$ref": "#/definitions/AWS::FSx::Volume.RetentionPeriod", + "markdownDescription": "The longest retention period that can be assigned to a WORM file on an FSx for ONTAP SnapLock volume.", + "title": "MaximumRetention" + }, + "MinimumRetention": { + "$ref": "#/definitions/AWS::FSx::Volume.RetentionPeriod", + "markdownDescription": "The shortest retention period that can be assigned to a WORM file on an FSx for ONTAP SnapLock volume.", + "title": "MinimumRetention" } }, + "required": [ + "DefaultRetention", + "MaximumRetention", + "MinimumRetention" + ], "type": "object" }, - "AWS::InspectorV2::Filter.PackageFilter": { + "AWS::FSx::Volume.TieringPolicy": { "additionalProperties": false, "properties": { - "Architecture": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter", - "markdownDescription": "An object that contains details on the package architecture type to filter on.", - "title": "Architecture" - }, - "Epoch": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.NumberFilter", - "markdownDescription": "An object that contains details on the package epoch to filter on.", - "title": "Epoch" + "CoolingPeriod": { + "markdownDescription": "Specifies the number of days that user data in a volume must remain inactive before it is considered \"cold\" and moved to the capacity pool. Used with the `AUTO` and `SNAPSHOT_ONLY` tiering policies. Enter a whole number between 2 and 183. Default values are 31 days for `AUTO` and 2 days for `SNAPSHOT_ONLY` .", + "title": "CoolingPeriod", + "type": "number" }, "Name": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter", - "markdownDescription": "An object that contains details on the name of the package to filter on.", - "title": "Name" - }, - "Release": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter", - "markdownDescription": "An object that contains details on the package release to filter on.", - "title": "Release" - }, - "SourceLayerHash": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter", - "markdownDescription": "An object that contains details on the source layer hash to filter on.", - "title": "SourceLayerHash" - }, - "Version": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter", - "markdownDescription": "The package version to filter on.", - "title": "Version" + "markdownDescription": "Specifies the tiering policy used to transition data. Default value is `SNAPSHOT_ONLY` .\n\n- `SNAPSHOT_ONLY` - moves cold snapshots to the capacity pool storage tier.\n- `AUTO` - moves cold user data and snapshots to the capacity pool storage tier based on your access patterns.\n- `ALL` - moves all user data blocks in both the active file system and Snapshot copies to the storage pool tier.\n- `NONE` - keeps a volume's data in the primary storage tier, preventing it from being moved to the capacity pool tier.", + "title": "Name", + "type": "string" } }, "type": "object" }, - "AWS::InspectorV2::Filter.PortRangeFilter": { + "AWS::FSx::Volume.UserAndGroupQuotas": { "additionalProperties": false, "properties": { - "BeginInclusive": { - "markdownDescription": "The port number the port range begins at.", - "title": "BeginInclusive", + "Id": { + "markdownDescription": "The ID of the user or group that the quota applies to.", + "title": "Id", "type": "number" }, - "EndInclusive": { - "markdownDescription": "The port number the port range ends at.", - "title": "EndInclusive", + "StorageCapacityQuotaGiB": { + "markdownDescription": "The user or group's storage quota, in gibibytes (GiB).", + "title": "StorageCapacityQuotaGiB", "type": "number" - } - }, - "type": "object" - }, - "AWS::InspectorV2::Filter.StringFilter": { - "additionalProperties": false, - "properties": { - "Comparison": { - "markdownDescription": "The operator to use when comparing values in the filter.", - "title": "Comparison", - "type": "string" }, - "Value": { - "markdownDescription": "The value to filter on.", - "title": "Value", + "Type": { + "markdownDescription": "Specifies whether the quota applies to a user or group.", + "title": "Type", "type": "string" } }, "required": [ - "Comparison", - "Value" + "Id", + "StorageCapacityQuotaGiB", + "Type" ], "type": "object" }, - "AWS::InternetMonitor::Monitor": { + "AWS::FinSpace::Environment": { "additionalProperties": false, "properties": { "Condition": { @@ -119769,87 +124396,53 @@ "Properties": { "additionalProperties": false, "properties": { - "HealthEventsConfig": { - "$ref": "#/definitions/AWS::InternetMonitor::Monitor.HealthEventsConfig", - "markdownDescription": "A complex type with the configuration information that determines the threshold and other conditions for when Internet Monitor creates a health event for an overall performance or availability issue, across an application's geographies.\n\nDefines the percentages, for overall performance scores and availability scores for an application, that are the thresholds for when Internet Monitor creates a health event. You can override the defaults to set a custom threshold for overall performance or availability scores, or both.\n\nYou can also set thresholds for local health scores,, where Internet Monitor creates a health event when scores cross a threshold for one or more city-networks, in addition to creating an event when an overall score crosses a threshold.\n\nIf you don't set a health event threshold, the default value is 95%.\n\nFor local thresholds, you also set a minimum percentage of overall traffic that is impacted by an issue before Internet Monitor creates an event. In addition, you can disable local thresholds, for performance scores, availability scores, or both.\n\nFor more information, see [Change health event thresholds](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-IM-overview.html#IMUpdateThresholdFromOverview) in the Internet Monitor section of the *CloudWatch User Guide* .", - "title": "HealthEventsConfig" - }, - "IncludeLinkedAccounts": { - "markdownDescription": "A boolean option that you can set to `TRUE` to include monitors for linked accounts in a list of monitors, when you've set up cross-account sharing in Internet Monitor. You configure cross-account sharing by using Amazon CloudWatch Observability Access Manager. For more information, see [Internet Monitor cross-account observability](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cwim-cross-account.html) in the Amazon CloudWatch User Guide.", - "title": "IncludeLinkedAccounts", - "type": "boolean" - }, - "InternetMeasurementsLogDelivery": { - "$ref": "#/definitions/AWS::InternetMonitor::Monitor.InternetMeasurementsLogDelivery", - "markdownDescription": "Publish internet measurements for a monitor for all city-networks (up to the 500,000 service limit) to another location, such as an Amazon S3 bucket. Measurements are also published to Amazon CloudWatch Logs for the first 500 (by traffic volume) city-networks (client locations and ASNs, typically internet service providers or ISPs).", - "title": "InternetMeasurementsLogDelivery" - }, - "LinkedAccountId": { - "markdownDescription": "The account ID for an account that you've set up cross-account sharing for in Internet Monitor. You configure cross-account sharing by using Amazon CloudWatch Observability Access Manager. For more information, see [Internet Monitor cross-account observability](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cwim-cross-account.html) in the Amazon CloudWatch User Guide.", - "title": "LinkedAccountId", + "Description": { + "markdownDescription": "The description of the FinSpace environment.", + "title": "Description", "type": "string" }, - "MaxCityNetworksToMonitor": { - "markdownDescription": "The maximum number of city-networks to monitor for your resources. A city-network is the location (city) where clients access your application resources from and the network, such as an internet service provider, that clients access the resources through.\n\nFor more information, see [Choosing a city-network maximum value](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/IMCityNetworksMaximum.html) in *Using Amazon CloudWatch Internet Monitor* .", - "title": "MaxCityNetworksToMonitor", - "type": "number" - }, - "MonitorName": { - "markdownDescription": "The name of the monitor. A monitor name can contain only alphanumeric characters, dashes (-), periods (.), and underscores (_).", - "title": "MonitorName", + "FederationMode": { + "markdownDescription": "The authentication mode for the environment.", + "title": "FederationMode", "type": "string" }, - "Resources": { - "items": { - "type": "string" - }, - "markdownDescription": "The resources that have been added for the monitor, listed by their Amazon Resource Names (ARNs). Use this option to add or remove resources when making an update.\n\n> Be aware that if you include content in the `Resources` field when you update a monitor, the `ResourcesToAdd` and `ResourcesToRemove` fields must be empty.", - "title": "Resources", - "type": "array" - }, - "ResourcesToAdd": { - "items": { - "type": "string" - }, - "markdownDescription": "The resources to include in a monitor, which you provide as a set of Amazon Resource Names (ARNs). Resources can be Amazon Virtual Private Cloud VPCs, Network Load Balancers (NLBs), Amazon CloudFront distributions, or Amazon WorkSpaces directories.\n\nYou can add a combination of VPCs and CloudFront distributions, or you can add WorkSpaces directories, or you can add NLBs. You can't add NLBs or WorkSpaces directories together with any other resources.\n\nIf you add only VPC resources, at least one VPC must have an Internet Gateway attached to it, to make sure that it has internet connectivity.\n\n> You can specify this field for a monitor update only if the `Resources` field is empty.", - "title": "ResourcesToAdd", - "type": "array" + "FederationParameters": { + "$ref": "#/definitions/AWS::FinSpace::Environment.FederationParameters", + "markdownDescription": "Configuration information when authentication mode is FEDERATED.", + "title": "FederationParameters" }, - "ResourcesToRemove": { - "items": { - "type": "string" - }, - "markdownDescription": "The resources to remove from a monitor, which you provide as a set of Amazon Resource Names (ARNs)\n\n> You can specify this field for a monitor update only if the `Resources` field is empty.", - "title": "ResourcesToRemove", - "type": "array" + "KmsKeyId": { + "markdownDescription": "The KMS key id used to encrypt in the FinSpace environment.", + "title": "KmsKeyId", + "type": "string" }, - "Status": { - "markdownDescription": "The status of a monitor. The accepted values that you can specify for `Status` are `ACTIVE` and `INACTIVE` .", - "title": "Status", + "Name": { + "markdownDescription": "The name of the FinSpace environment.", + "title": "Name", "type": "string" }, + "SuperuserParameters": { + "$ref": "#/definitions/AWS::FinSpace::Environment.SuperuserParameters", + "markdownDescription": "Configuration information for the superuser.", + "title": "SuperuserParameters" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags for a monitor, listed as a set of *key:value* pairs.", + "markdownDescription": "", "title": "Tags", "type": "array" - }, - "TrafficPercentageToMonitor": { - "markdownDescription": "The percentage of the internet-facing traffic for your application that you want to monitor. You can also, optionally, set a limit for the number of city-networks (client locations and ASNs, typically internet service providers) that Internet Monitor will monitor traffic for. The city-networks maximum limit caps the number of city-networks that Internet Monitor monitors for your application, regardless of the percentage of traffic that you choose to monitor.", - "title": "TrafficPercentageToMonitor", - "type": "number" } }, "required": [ - "MonitorName" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::InternetMonitor::Monitor" + "AWS::FinSpace::Environment" ], "type": "string" }, @@ -119868,86 +124461,83 @@ ], "type": "object" }, - "AWS::InternetMonitor::Monitor.HealthEventsConfig": { + "AWS::FinSpace::Environment.AttributeMapItems": { "additionalProperties": false, "properties": { - "AvailabilityLocalHealthEventsConfig": { - "$ref": "#/definitions/AWS::InternetMonitor::Monitor.LocalHealthEventsConfig", - "markdownDescription": "The configuration that determines the threshold and other conditions for when Internet Monitor creates a health event for a local availability issue.", - "title": "AvailabilityLocalHealthEventsConfig" - }, - "AvailabilityScoreThreshold": { - "markdownDescription": "The health event threshold percentage set for availability scores. When the overall availability score is at or below this percentage, Internet Monitor creates a health event.", - "title": "AvailabilityScoreThreshold", - "type": "number" - }, - "PerformanceLocalHealthEventsConfig": { - "$ref": "#/definitions/AWS::InternetMonitor::Monitor.LocalHealthEventsConfig", - "markdownDescription": "The configuration that determines the threshold and other conditions for when Internet Monitor creates a health event for a local performance issue.", - "title": "PerformanceLocalHealthEventsConfig" + "Key": { + "markdownDescription": "", + "title": "Key", + "type": "string" }, - "PerformanceScoreThreshold": { - "markdownDescription": "The health event threshold percentage set for performance scores. When the overall performance score is at or below this percentage, Internet Monitor creates a health event.", - "title": "PerformanceScoreThreshold", - "type": "number" - } - }, - "type": "object" - }, - "AWS::InternetMonitor::Monitor.InternetMeasurementsLogDelivery": { - "additionalProperties": false, - "properties": { - "S3Config": { - "$ref": "#/definitions/AWS::InternetMonitor::Monitor.S3Config", - "markdownDescription": "The configuration for publishing Amazon CloudWatch Internet Monitor internet measurements to Amazon S3.", - "title": "S3Config" + "Value": { + "markdownDescription": "", + "title": "Value", + "type": "string" } }, "type": "object" }, - "AWS::InternetMonitor::Monitor.LocalHealthEventsConfig": { + "AWS::FinSpace::Environment.FederationParameters": { "additionalProperties": false, "properties": { - "HealthScoreThreshold": { - "markdownDescription": "The health event threshold percentage set for a local health score.", - "title": "HealthScoreThreshold", - "type": "number" + "ApplicationCallBackURL": { + "markdownDescription": "The redirect or sign-in URL that should be entered into the SAML 2.0 compliant identity provider configuration (IdP).", + "title": "ApplicationCallBackURL", + "type": "string" }, - "MinTrafficImpact": { - "markdownDescription": "The minimum percentage of overall traffic for an application that must be impacted by an issue before Internet Monitor creates an event when a threshold is crossed for a local health score.\n\nIf you don't set a minimum traffic impact threshold, the default value is 0.01%.", - "title": "MinTrafficImpact", - "type": "number" + "AttributeMap": { + "items": { + "$ref": "#/definitions/AWS::FinSpace::Environment.AttributeMapItems" + }, + "markdownDescription": "SAML attribute name and value. The name must always be `Email` and the value should be set to the attribute definition in which user email is set. For example, name would be `Email` and value `http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress` . Please check your SAML 2.0 compliant identity provider (IdP) documentation for details.", + "title": "AttributeMap", + "type": "array" }, - "Status": { - "markdownDescription": "The status of whether Internet Monitor creates a health event based on a threshold percentage set for a local health score. The status can be `ENABLED` or `DISABLED` .", - "title": "Status", + "FederationProviderName": { + "markdownDescription": "Name of the identity provider (IdP).", + "title": "FederationProviderName", + "type": "string" + }, + "FederationURN": { + "markdownDescription": "The Uniform Resource Name (URN). Also referred as Service Provider URN or Audience URI or Service Provider Entity ID.", + "title": "FederationURN", + "type": "string" + }, + "SamlMetadataDocument": { + "markdownDescription": "SAML 2.0 Metadata document from identity provider (IdP).", + "title": "SamlMetadataDocument", + "type": "string" + }, + "SamlMetadataURL": { + "markdownDescription": "Provide the metadata URL from your SAML 2.0 compliant identity provider (IdP).", + "title": "SamlMetadataURL", "type": "string" } }, "type": "object" }, - "AWS::InternetMonitor::Monitor.S3Config": { + "AWS::FinSpace::Environment.SuperuserParameters": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "The Amazon S3 bucket name for internet measurements publishing.", - "title": "BucketName", + "EmailAddress": { + "markdownDescription": "The email address of the superuser.", + "title": "EmailAddress", "type": "string" }, - "BucketPrefix": { - "markdownDescription": "An optional Amazon S3 bucket prefix for internet measurements publishing.", - "title": "BucketPrefix", + "FirstName": { + "markdownDescription": "The first name of the superuser.", + "title": "FirstName", "type": "string" }, - "LogDeliveryStatus": { - "markdownDescription": "The status of publishing Internet Monitor internet measurements to an Amazon S3 bucket. The delivery status is `ENABLED` if you choose to deliver internet measurements to an S3 bucket, and `DISABLED` otherwise.", - "title": "LogDeliveryStatus", + "LastName": { + "markdownDescription": "The last name of the superuser.", + "title": "LastName", "type": "string" } }, "type": "object" }, - "AWS::IoT1Click::Device": { + "AWS::Forecast::Dataset": { "additionalProperties": false, "properties": { "Condition": { @@ -119982,22 +124572,56 @@ "Properties": { "additionalProperties": false, "properties": { - "DeviceId": { + "DataFrequency": { + "markdownDescription": "The frequency of data collection. This parameter is required for RELATED_TIME_SERIES datasets.\n\nValid intervals are an integer followed by Y (Year), M (Month), W (Week), D (Day), H (Hour), and min (Minute). For example, \"1D\" indicates every day and \"15min\" indicates every 15 minutes. You cannot specify a value that would overlap with the next larger frequency. That means, for example, you cannot specify a frequency of 60 minutes, because that is equivalent to 1 hour. The valid values for each frequency are the following:\n\n- Minute - 1-59\n- Hour - 1-23\n- Day - 1-6\n- Week - 1-4\n- Month - 1-11\n- Year - 1\n\nThus, if you want every other week forecasts, specify \"2W\". Or, if you want quarterly forecasts, you specify \"3M\".", + "title": "DataFrequency", "type": "string" }, - "Enabled": { - "type": "boolean" + "DatasetName": { + "markdownDescription": "The name of the dataset.", + "title": "DatasetName", + "type": "string" + }, + "DatasetType": { + "markdownDescription": "The dataset type.", + "title": "DatasetType", + "type": "string" + }, + "Domain": { + "markdownDescription": "The domain associated with the dataset.", + "title": "Domain", + "type": "string" + }, + "EncryptionConfig": { + "$ref": "#/definitions/AWS::Forecast::Dataset.EncryptionConfig", + "markdownDescription": "A Key Management Service (KMS) key and the Identity and Access Management (IAM) role that Amazon Forecast can assume to access the key.", + "title": "EncryptionConfig" + }, + "Schema": { + "$ref": "#/definitions/AWS::Forecast::Dataset.Schema", + "markdownDescription": "The schema for the dataset. The schema attributes and their order must match the fields in your data. The dataset `Domain` and `DatasetType` that you choose determine the minimum required fields in your training data. For information about the required fields for a specific dataset domain and type, see [Dataset Domains and Dataset Types](https://docs.aws.amazon.com/forecast/latest/dg/howitworks-domains-ds-types.html) .", + "title": "Schema" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::Forecast::Dataset.TagsItems" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, "required": [ - "DeviceId", - "Enabled" + "DatasetName", + "DatasetType", + "Domain", + "Schema" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT1Click::Device" + "AWS::Forecast::Dataset" ], "type": "string" }, @@ -120016,81 +124640,73 @@ ], "type": "object" }, - "AWS::IoT1Click::Placement": { + "AWS::Forecast::Dataset.AttributesItems": { "additionalProperties": false, "properties": { - "Condition": { + "AttributeName": { + "markdownDescription": "", + "title": "AttributeName", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "AttributeType": { + "markdownDescription": "", + "title": "AttributeType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Forecast::Dataset.EncryptionConfig": { + "additionalProperties": false, + "properties": { + "KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key.", + "title": "KmsKeyArn", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AssociatedDevices": { - "type": "object" - }, - "Attributes": { - "type": "object" - }, - "PlacementName": { - "type": "string" - }, - "ProjectName": { - "type": "string" - } + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that Amazon Forecast can assume to access the AWS KMS key.\n\nPassing a role across AWS accounts is not allowed. If you pass a role that isn't in your account, you get an `InvalidInputException` error.", + "title": "RoleArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Forecast::Dataset.Schema": { + "additionalProperties": false, + "properties": { + "Attributes": { + "items": { + "$ref": "#/definitions/AWS::Forecast::Dataset.AttributesItems" }, - "required": [ - "ProjectName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::IoT1Click::Placement" - ], + "markdownDescription": "An array of attributes specifying the name and type of each field in a dataset.", + "title": "Attributes", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Forecast::Dataset.TagsItems": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "", + "title": "Key", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Value": { + "markdownDescription": "", + "title": "Value", "type": "string" } }, "required": [ - "Type", - "Properties" + "Key", + "Value" ], "type": "object" }, - "AWS::IoT1Click::Project": { + "AWS::Forecast::DatasetGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -120125,24 +124741,42 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "type": "string" + "DatasetArns": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of Amazon Resource Names (ARNs) of the datasets that you want to include in the dataset group.", + "title": "DatasetArns", + "type": "array" }, - "PlacementTemplate": { - "$ref": "#/definitions/AWS::IoT1Click::Project.PlacementTemplate" + "DatasetGroupName": { + "markdownDescription": "The name of the dataset group.", + "title": "DatasetGroupName", + "type": "string" }, - "ProjectName": { + "Domain": { + "markdownDescription": "The domain associated with the dataset group. When you add a dataset to a dataset group, this value and the value specified for the `Domain` parameter of the [CreateDataset](https://docs.aws.amazon.com/forecast/latest/dg/API_CreateDataset.html) operation must match.\n\nThe `Domain` and `DatasetType` that you choose determine the fields that must be present in training data that you import to a dataset. For example, if you choose the `RETAIL` domain and `TARGET_TIME_SERIES` as the `DatasetType` , Amazon Forecast requires that `item_id` , `timestamp` , and `demand` fields are present in your data. For more information, see [Dataset groups](https://docs.aws.amazon.com/forecast/latest/dg/howitworks-datasets-groups.html) .", + "title": "Domain", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, "required": [ - "PlacementTemplate" + "DatasetGroupName", + "Domain" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT1Click::Project" + "AWS::Forecast::DatasetGroup" ], "type": "string" }, @@ -120161,31 +124795,7 @@ ], "type": "object" }, - "AWS::IoT1Click::Project.DeviceTemplate": { - "additionalProperties": false, - "properties": { - "CallbackOverrides": { - "type": "object" - }, - "DeviceType": { - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoT1Click::Project.PlacementTemplate": { - "additionalProperties": false, - "properties": { - "DefaultAttributes": { - "type": "object" - }, - "DeviceTemplates": { - "type": "object" - } - }, - "type": "object" - }, - "AWS::IoT::AccountAuditConfiguration": { + "AWS::FraudDetector::Detector": { "additionalProperties": false, "properties": { "Condition": { @@ -120220,37 +124830,66 @@ "Properties": { "additionalProperties": false, "properties": { - "AccountId": { - "markdownDescription": "The ID of the account. You can use the expression `!Sub \"${AWS::AccountId}\"` to use your account ID.", - "title": "AccountId", + "AssociatedModels": { + "items": { + "$ref": "#/definitions/AWS::FraudDetector::Detector.Model" + }, + "markdownDescription": "The models to associate with this detector. You must provide the ARNs of all the models you want to associate.", + "title": "AssociatedModels", + "type": "array" + }, + "Description": { + "markdownDescription": "The detector description.", + "title": "Description", "type": "string" }, - "AuditCheckConfigurations": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfigurations", - "markdownDescription": "Specifies which audit checks are enabled and disabled for this account.\n\nSome data collection might start immediately when certain checks are enabled. When a check is disabled, any data collected so far in relation to the check is deleted. To disable a check, set the value of the `Enabled:` key to `false` .\n\nIf an enabled check is removed from the template, it will also be disabled.\n\nYou can't disable a check if it's used by any scheduled audit. You must delete the check from the scheduled audit or delete the scheduled audit itself to disable the check.\n\nFor more information on available audit checks see [AWS::IoT::AccountAuditConfiguration AuditCheckConfigurations](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iot-accountauditconfiguration-auditcheckconfigurations.html)", - "title": "AuditCheckConfigurations" + "DetectorId": { + "markdownDescription": "The name of the detector.", + "title": "DetectorId", + "type": "string" }, - "AuditNotificationTargetConfigurations": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditNotificationTargetConfigurations", - "markdownDescription": "Information about the targets to which audit notifications are sent.", - "title": "AuditNotificationTargetConfigurations" + "DetectorVersionStatus": { + "markdownDescription": "The status of the detector version. If a value is not provided for this property, AWS CloudFormation assumes `DRAFT` status.\n\nValid values: `ACTIVE | DRAFT`", + "title": "DetectorVersionStatus", + "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role that grants permission to AWS IoT to access information about your devices, policies, certificates, and other items as required when performing an audit.", - "title": "RoleArn", + "EventType": { + "$ref": "#/definitions/AWS::FraudDetector::Detector.EventType", + "markdownDescription": "The event type associated with this detector.", + "title": "EventType" + }, + "RuleExecutionMode": { + "markdownDescription": "The rule execution mode for the rules included in the detector version.\n\nValid values: `FIRST_MATCHED | ALL_MATCHED` Default value: `FIRST_MATCHED`\n\nYou can define and edit the rule mode at the detector version level, when it is in draft status.\n\nIf you specify `FIRST_MATCHED` , Amazon Fraud Detector evaluates rules sequentially, first to last, stopping at the first matched rule. Amazon Fraud dectector then provides the outcomes for that single rule.\n\nIf you specifiy `ALL_MATCHED` , Amazon Fraud Detector evaluates all rules and returns the outcomes for all matched rules.", + "title": "RuleExecutionMode", "type": "string" + }, + "Rules": { + "items": { + "$ref": "#/definitions/AWS::FraudDetector::Detector.Rule" + }, + "markdownDescription": "The rules to include in the detector version.", + "title": "Rules", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, "required": [ - "AccountId", - "AuditCheckConfigurations", - "RoleArn" + "DetectorId", + "EventType", + "Rules" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::AccountAuditConfiguration" + "AWS::FraudDetector::Detector" ], "type": "string" }, @@ -120269,136 +124908,349 @@ ], "type": "object" }, - "AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "True if this audit check is enabled for this account.", - "title": "Enabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::IoT::AccountAuditConfiguration.AuditCheckConfigurations": { + "AWS::FraudDetector::Detector.EntityType": { "additionalProperties": false, "properties": { - "AuthenticatedCognitoRoleOverlyPermissiveCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks the permissiveness of an authenticated Amazon Cognito identity pool role. For this check, AWS IoT Device Defender audits all Amazon Cognito identity pools that have been used to connect to the AWS IoT message broker during the 31 days before the audit is performed.", - "title": "AuthenticatedCognitoRoleOverlyPermissiveCheck" + "Arn": { + "markdownDescription": "The entity type ARN.", + "title": "Arn", + "type": "string" }, - "CaCertificateExpiringCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks if a CA certificate is expiring. This check applies to CA certificates expiring within 30 days or that have expired.", - "title": "CaCertificateExpiringCheck" + "CreatedTime": { + "markdownDescription": "Timestamp of when the entity type was created.", + "title": "CreatedTime", + "type": "string" }, - "CaCertificateKeyQualityCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks the quality of the CA certificate key. The quality checks if the key is in a valid format, not expired, and if the key meets a minimum required size. This check applies to CA certificates that are `ACTIVE` or `PENDING_TRANSFER` .", - "title": "CaCertificateKeyQualityCheck" + "Description": { + "markdownDescription": "The entity type description.", + "title": "Description", + "type": "string" }, - "ConflictingClientIdsCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks if multiple devices connect using the same client ID.", - "title": "ConflictingClientIdsCheck" + "Inline": { + "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these Variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables.", + "title": "Inline", + "type": "boolean" }, - "DeviceCertificateExpiringCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks if a device certificate is expiring. By default, this check applies to device certificates expiring within 30 days or that have expired. You can modify this threshold by configuring the DeviceCertExpirationAuditCheckConfiguration.", - "title": "DeviceCertificateExpiringCheck" + "LastUpdatedTime": { + "markdownDescription": "Timestamp of when the entity type was last updated.", + "title": "LastUpdatedTime", + "type": "string" }, - "DeviceCertificateKeyQualityCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks the quality of the device certificate key. The quality checks if the key is in a valid format, not expired, signed by a registered certificate authority, and if the key meets a minimum required size.", - "title": "DeviceCertificateKeyQualityCheck" + "Name": { + "markdownDescription": "The entity type name.", + "title": "Name", + "type": "string" }, - "DeviceCertificateSharedCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks if multiple concurrent connections use the same X.509 certificate to authenticate with AWS IoT .", - "title": "DeviceCertificateSharedCheck" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "AWS::FraudDetector::Detector.EventType": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The entity type ARN.", + "title": "Arn", + "type": "string" }, - "IntermediateCaRevokedForActiveDeviceCertificatesCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks if device certificates are still active despite being revoked by an intermediate CA.", - "title": "IntermediateCaRevokedForActiveDeviceCertificatesCheck" + "CreatedTime": { + "markdownDescription": "Timestamp of when the event type was created.", + "title": "CreatedTime", + "type": "string" }, - "IoTPolicyPotentialMisConfigurationCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks if an AWS IoT policy is potentially misconfigured. Misconfigured policies, including overly permissive policies, can cause security incidents like allowing devices access to unintended resources. This check is a warning for you to make sure that only intended actions are allowed before updating the policy.", - "title": "IoTPolicyPotentialMisConfigurationCheck" + "Description": { + "markdownDescription": "The event type description.", + "title": "Description", + "type": "string" }, - "IotPolicyOverlyPermissiveCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks the permissiveness of a policy attached to an authenticated Amazon Cognito identity pool role.", - "title": "IotPolicyOverlyPermissiveCheck" + "EntityTypes": { + "items": { + "$ref": "#/definitions/AWS::FraudDetector::Detector.EntityType" + }, + "markdownDescription": "The event type entity types.", + "title": "EntityTypes", + "type": "array" }, - "IotRoleAliasAllowsAccessToUnusedServicesCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks if a role alias has access to services that haven't been used for the AWS IoT device in the last year.", - "title": "IotRoleAliasAllowsAccessToUnusedServicesCheck" + "EventVariables": { + "items": { + "$ref": "#/definitions/AWS::FraudDetector::Detector.EventVariable" + }, + "markdownDescription": "The event type event variables.", + "title": "EventVariables", + "type": "array" }, - "IotRoleAliasOverlyPermissiveCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks if the temporary credentials provided by AWS IoT role aliases are overly permissive.", - "title": "IotRoleAliasOverlyPermissiveCheck" + "Inline": { + "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the Variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables.", + "title": "Inline", + "type": "boolean" }, - "LoggingDisabledCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks if AWS IoT logs are disabled.", - "title": "LoggingDisabledCheck" + "Labels": { + "items": { + "$ref": "#/definitions/AWS::FraudDetector::Detector.Label" + }, + "markdownDescription": "The event type labels.", + "title": "Labels", + "type": "array" }, - "RevokedCaCertificateStillActiveCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks if a revoked CA certificate is still active.", - "title": "RevokedCaCertificateStillActiveCheck" + "LastUpdatedTime": { + "markdownDescription": "Timestamp of when the event type was last updated.", + "title": "LastUpdatedTime", + "type": "string" }, - "RevokedDeviceCertificateStillActiveCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks if a revoked device certificate is still active.", - "title": "RevokedDeviceCertificateStillActiveCheck" + "Name": { + "markdownDescription": "The event type name.", + "title": "Name", + "type": "string" }, - "UnauthenticatedCognitoRoleOverlyPermissiveCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks if policy attached to an unauthenticated Amazon Cognito identity pool role is too permissive.", - "title": "UnauthenticatedCognitoRoleOverlyPermissiveCheck" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, "type": "object" }, - "AWS::IoT::AccountAuditConfiguration.AuditNotificationTarget": { + "AWS::FraudDetector::Detector.EventVariable": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "True if notifications to the target are enabled.", - "title": "Enabled", + "Arn": { + "markdownDescription": "The event variable ARN.", + "title": "Arn", + "type": "string" + }, + "CreatedTime": { + "markdownDescription": "Timestamp for when the event variable was created.", + "title": "CreatedTime", + "type": "string" + }, + "DataSource": { + "markdownDescription": "The data source of the event variable.\n\nValid values: `EVENT | EXTERNAL_MODEL_SCORE`\n\nWhen defining a variable within a detector, you can only use the `EVENT` value for DataSource when the *Inline* property is set to true. If the *Inline* property is set false, you can use either `EVENT` or `MODEL_SCORE` for DataSource.", + "title": "DataSource", + "type": "string" + }, + "DataType": { + "markdownDescription": "The data type of the event variable.\n\nValid values: `STRING | INTEGER | BOOLEAN | FLOAT`", + "title": "DataType", + "type": "string" + }, + "DefaultValue": { + "markdownDescription": "The default value of the event variable. This is required if you are providing the details of your variables instead of the ARN.", + "title": "DefaultValue", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the event variable.", + "title": "Description", + "type": "string" + }, + "Inline": { + "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables.", + "title": "Inline", "type": "boolean" }, - "RoleArn": { - "markdownDescription": "The ARN of the role that grants permission to send notifications to the target.", - "title": "RoleArn", + "LastUpdatedTime": { + "markdownDescription": "Timestamp for when the event variable was last updated.", + "title": "LastUpdatedTime", "type": "string" }, - "TargetArn": { - "markdownDescription": "The ARN of the target (SNS topic) to which audit notifications are sent.", - "title": "TargetArn", + "Name": { + "markdownDescription": "The name of the event variable.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + }, + "VariableType": { + "markdownDescription": "The type of event variable. For more information, see [Variable types](https://docs.aws.amazon.com/frauddetector/latest/ug/create-a-variable.html#variable-types) .", + "title": "VariableType", "type": "string" } }, "type": "object" }, - "AWS::IoT::AccountAuditConfiguration.AuditNotificationTargetConfigurations": { + "AWS::FraudDetector::Detector.Label": { "additionalProperties": false, "properties": { - "Sns": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditNotificationTarget", - "markdownDescription": "The `Sns` notification target.", - "title": "Sns" + "Arn": { + "markdownDescription": "The label ARN.", + "title": "Arn", + "type": "string" + }, + "CreatedTime": { + "markdownDescription": "Timestamp of when the event type was created.", + "title": "CreatedTime", + "type": "string" + }, + "Description": { + "markdownDescription": "The label description.", + "title": "Description", + "type": "string" + }, + "Inline": { + "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables.", + "title": "Inline", + "type": "boolean" + }, + "LastUpdatedTime": { + "markdownDescription": "Timestamp of when the label was last updated.", + "title": "LastUpdatedTime", + "type": "string" + }, + "Name": { + "markdownDescription": "The label name.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, "type": "object" }, - "AWS::IoT::Authorizer": { + "AWS::FraudDetector::Detector.Model": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The ARN of the model.", + "title": "Arn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::FraudDetector::Detector.Outcome": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The outcome ARN.", + "title": "Arn", + "type": "string" + }, + "CreatedTime": { + "markdownDescription": "The timestamp when the outcome was created.", + "title": "CreatedTime", + "type": "string" + }, + "Description": { + "markdownDescription": "The outcome description.", + "title": "Description", + "type": "string" + }, + "Inline": { + "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables.", + "title": "Inline", + "type": "boolean" + }, + "LastUpdatedTime": { + "markdownDescription": "The timestamp when the outcome was last updated.", + "title": "LastUpdatedTime", + "type": "string" + }, + "Name": { + "markdownDescription": "The outcome name.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "AWS::FraudDetector::Detector.Rule": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The rule ARN.", + "title": "Arn", + "type": "string" + }, + "CreatedTime": { + "markdownDescription": "Timestamp for when the rule was created.", + "title": "CreatedTime", + "type": "string" + }, + "Description": { + "markdownDescription": "The rule description.", + "title": "Description", + "type": "string" + }, + "DetectorId": { + "markdownDescription": "The detector for which the rule is associated.", + "title": "DetectorId", + "type": "string" + }, + "Expression": { + "markdownDescription": "The rule expression. A rule expression captures the business logic. For more information, see [Rule language reference](https://docs.aws.amazon.com/frauddetector/latest/ug/rule-language-reference.html) .", + "title": "Expression", + "type": "string" + }, + "Language": { + "markdownDescription": "The rule language.\n\nValid Value: DETECTORPL", + "title": "Language", + "type": "string" + }, + "LastUpdatedTime": { + "markdownDescription": "Timestamp for when the rule was last updated.", + "title": "LastUpdatedTime", + "type": "string" + }, + "Outcomes": { + "items": { + "$ref": "#/definitions/AWS::FraudDetector::Detector.Outcome" + }, + "markdownDescription": "The rule outcome.", + "title": "Outcomes", + "type": "array" + }, + "RuleId": { + "markdownDescription": "The rule ID.", + "title": "RuleId", + "type": "string" + }, + "RuleVersion": { + "markdownDescription": "The rule version.", + "title": "RuleVersion", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "AWS::FraudDetector::EntityType": { "additionalProperties": false, "properties": { "Condition": { @@ -120433,64 +125285,33 @@ "Properties": { "additionalProperties": false, "properties": { - "AuthorizerFunctionArn": { - "markdownDescription": "The authorizer's Lambda function ARN.", - "title": "AuthorizerFunctionArn", - "type": "string" - }, - "AuthorizerName": { - "markdownDescription": "The authorizer name.", - "title": "AuthorizerName", + "Description": { + "markdownDescription": "The entity type description.", + "title": "Description", "type": "string" }, - "EnableCachingForHttp": { - "markdownDescription": "When `true` , the result from the authorizer's Lambda function is cached for clients that use persistent HTTP connections. The results are cached for the time specified by the Lambda function in `refreshAfterInSeconds` . This value doesn't affect authorization of clients that use MQTT connections.", - "title": "EnableCachingForHttp", - "type": "boolean" - }, - "SigningDisabled": { - "markdownDescription": "Specifies whether AWS IoT validates the token signature in an authorization request.", - "title": "SigningDisabled", - "type": "boolean" - }, - "Status": { - "markdownDescription": "The status of the authorizer.\n\nValid values: `ACTIVE` | `INACTIVE`", - "title": "Status", + "Name": { + "markdownDescription": "The entity type name.\n\nPattern: `^[0-9a-z_-]+$`", + "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata which can be used to manage the custom authorizer.\n\n> For URI Request parameters use format: ...key1=value1&key2=value2...\n> \n> For the CLI command-line parameter use format: &&tags \"key1=value1&key2=value2...\"\n> \n> For the cli-input-json file use format: \"tags\": \"key1=value1&key2=value2...\"", + "markdownDescription": "A key and value pair.", "title": "Tags", "type": "array" - }, - "TokenKeyName": { - "markdownDescription": "The key used to extract the token from the HTTP headers.", - "title": "TokenKeyName", - "type": "string" - }, - "TokenSigningPublicKeys": { - "additionalProperties": true, - "markdownDescription": "The public keys used to validate the token signature returned by your custom authentication service.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "TokenSigningPublicKeys", - "type": "object" } }, "required": [ - "AuthorizerFunctionArn" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::Authorizer" + "AWS::FraudDetector::EntityType" ], "type": "string" }, @@ -120509,7 +125330,7 @@ ], "type": "object" }, - "AWS::IoT::BillingGroup": { + "AWS::FraudDetector::EventType": { "additionalProperties": false, "properties": { "Condition": { @@ -120544,30 +125365,60 @@ "Properties": { "additionalProperties": false, "properties": { - "BillingGroupName": { - "markdownDescription": "The name of the billing group.", - "title": "BillingGroupName", + "Description": { + "markdownDescription": "The event type description.", + "title": "Description", "type": "string" }, - "BillingGroupProperties": { - "$ref": "#/definitions/AWS::IoT::BillingGroup.BillingGroupProperties", - "markdownDescription": "The properties of the billing group.", - "title": "BillingGroupProperties" + "EntityTypes": { + "items": { + "$ref": "#/definitions/AWS::FraudDetector::EventType.EntityType" + }, + "markdownDescription": "The event type entity types.", + "title": "EntityTypes", + "type": "array" + }, + "EventVariables": { + "items": { + "$ref": "#/definitions/AWS::FraudDetector::EventType.EventVariable" + }, + "markdownDescription": "The event type event variables.", + "title": "EventVariables", + "type": "array" + }, + "Labels": { + "items": { + "$ref": "#/definitions/AWS::FraudDetector::EventType.Label" + }, + "markdownDescription": "The event type labels.", + "title": "Labels", + "type": "array" + }, + "Name": { + "markdownDescription": "The event type name.\n\nPattern : `^[0-9a-z_-]+$`", + "title": "Name", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata which can be used to manage the billing group.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, + "required": [ + "EntityTypes", + "EventVariables", + "Labels", + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::BillingGroup" + "AWS::FraudDetector::EventType" ], "type": "string" }, @@ -120581,22 +125432,164 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoT::BillingGroup.BillingGroupProperties": { + "AWS::FraudDetector::EventType.EntityType": { "additionalProperties": false, "properties": { - "BillingGroupDescription": { - "markdownDescription": "The description of the billing group.", - "title": "BillingGroupDescription", + "Arn": { + "markdownDescription": "The entity type ARN.", + "title": "Arn", + "type": "string" + }, + "CreatedTime": { + "markdownDescription": "Timestamp of when the entity type was created.", + "title": "CreatedTime", + "type": "string" + }, + "Description": { + "markdownDescription": "The entity type description.", + "title": "Description", + "type": "string" + }, + "Inline": { + "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::EventType` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your event type but not execute any changes to the variables.", + "title": "Inline", + "type": "boolean" + }, + "LastUpdatedTime": { + "markdownDescription": "Timestamp of when the entity type was last updated.", + "title": "LastUpdatedTime", + "type": "string" + }, + "Name": { + "markdownDescription": "The entity type name.\n\n`^[0-9a-z_-]+$`", + "title": "Name", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, "type": "object" }, - "AWS::IoT::CACertificate": { + "AWS::FraudDetector::EventType.EventVariable": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The event variable ARN.", + "title": "Arn", + "type": "string" + }, + "CreatedTime": { + "markdownDescription": "Timestamp for when event variable was created.", + "title": "CreatedTime", + "type": "string" + }, + "DataSource": { + "markdownDescription": "The source of the event variable.\n\nValid values: `EVENT | EXTERNAL_MODEL_SCORE`\n\nWhen defining a variable within a event type, you can only use the `EVENT` value for DataSource when the *Inline* property is set to true. If the *Inline* property is set false, you can use either `EVENT` or `MODEL_SCORE` for DataSource.", + "title": "DataSource", + "type": "string" + }, + "DataType": { + "markdownDescription": "The data type of the event variable. For more information, see [Data types](https://docs.aws.amazon.com/frauddetector/latest/ug/variables.html#data-types) .", + "title": "DataType", + "type": "string" + }, + "DefaultValue": { + "markdownDescription": "The default value of the event variable", + "title": "DefaultValue", + "type": "string" + }, + "Description": { + "markdownDescription": "The event variable description.", + "title": "Description", + "type": "string" + }, + "Inline": { + "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::EventType` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the Variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your event type but not execute any changes to the variables.", + "title": "Inline", + "type": "boolean" + }, + "LastUpdatedTime": { + "markdownDescription": "Timestamp for when the event variable was last updated.", + "title": "LastUpdatedTime", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the event variable.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + }, + "VariableType": { + "markdownDescription": "The type of event variable. For more information, see [Variable types](https://docs.aws.amazon.com/frauddetector/latest/ug/variables.html#variable-types) .", + "title": "VariableType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::FraudDetector::EventType.Label": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The label ARN.", + "title": "Arn", + "type": "string" + }, + "CreatedTime": { + "markdownDescription": "Timestamp of when the event type was created.", + "title": "CreatedTime", + "type": "string" + }, + "Description": { + "markdownDescription": "The label description.", + "title": "Description", + "type": "string" + }, + "Inline": { + "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::EventType` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your EventType but not execute any changes to the variables.", + "title": "Inline", + "type": "boolean" + }, + "LastUpdatedTime": { + "markdownDescription": "Timestamp of when the label was last updated.", + "title": "LastUpdatedTime", + "type": "string" + }, + "Name": { + "markdownDescription": "The label name.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "AWS::FraudDetector::Label": { "additionalProperties": false, "properties": { "Condition": { @@ -120631,34 +125624,14 @@ "Properties": { "additionalProperties": false, "properties": { - "AutoRegistrationStatus": { - "markdownDescription": "Whether the CA certificate is configured for auto registration of device certificates. Valid values are \"ENABLE\" and \"DISABLE\".", - "title": "AutoRegistrationStatus", - "type": "string" - }, - "CACertificatePem": { - "markdownDescription": "The certificate data in PEM format.", - "title": "CACertificatePem", - "type": "string" - }, - "CertificateMode": { - "markdownDescription": "The mode of the CA.\n\nAll the device certificates that are registered using this CA will be registered in the same mode as the CA. For more information about certificate mode for device certificates, see [certificate mode](https://docs.aws.amazon.com//iot/latest/apireference/API_CertificateDescription.html#iot-Type-CertificateDescription-certificateMode) .\n\nValid values are \"DEFAULT\" and \"SNI_ONLY\".", - "title": "CertificateMode", + "Description": { + "markdownDescription": "The label description.", + "title": "Description", "type": "string" }, - "RegistrationConfig": { - "$ref": "#/definitions/AWS::IoT::CACertificate.RegistrationConfig", - "markdownDescription": "Information about the registration configuration.", - "title": "RegistrationConfig" - }, - "RemoveAutoRegistration": { - "markdownDescription": "If true, removes auto registration.", - "title": "RemoveAutoRegistration", - "type": "boolean" - }, - "Status": { - "markdownDescription": "The status of the CA certificate.\n\nValid values are \"ACTIVE\" and \"INACTIVE\".", - "title": "Status", + "Name": { + "markdownDescription": "The label name.\n\nPattern: `^[0-9a-z_-]+$`", + "title": "Name", "type": "string" }, "Tags": { @@ -120668,22 +125641,16 @@ "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" - }, - "VerificationCertificatePem": { - "markdownDescription": "The private key verification certificate.", - "title": "VerificationCertificatePem", - "type": "string" } }, "required": [ - "CACertificatePem", - "Status" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::CACertificate" + "AWS::FraudDetector::Label" ], "type": "string" }, @@ -120702,28 +125669,7 @@ ], "type": "object" }, - "AWS::IoT::CACertificate.RegistrationConfig": { - "additionalProperties": false, - "properties": { - "RoleArn": { - "markdownDescription": "The ARN of the role.", - "title": "RoleArn", - "type": "string" - }, - "TemplateBody": { - "markdownDescription": "The template body.", - "title": "TemplateBody", - "type": "string" - }, - "TemplateName": { - "markdownDescription": "The name of the provisioning template.", - "title": "TemplateName", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoT::Certificate": { + "AWS::FraudDetector::List": { "additionalProperties": false, "properties": { "Condition": { @@ -120758,40 +125704,46 @@ "Properties": { "additionalProperties": false, "properties": { - "CACertificatePem": { - "markdownDescription": "The CA certificate used to sign the device certificate being registered, not available when CertificateMode is SNI_ONLY.", - "title": "CACertificatePem", + "Description": { + "markdownDescription": "The description of the list.", + "title": "Description", "type": "string" }, - "CertificateMode": { - "markdownDescription": "Specifies which mode of certificate registration to use with this resource. Valid options are DEFAULT with CaCertificatePem and CertificatePem, SNI_ONLY with CertificatePem, and Default with CertificateSigningRequest.\n\n`DEFAULT` : A certificate in `DEFAULT` mode is either generated by AWS IoT Core or registered with an issuer certificate authority (CA). Devices with certificates in `DEFAULT` mode aren't required to send the Server Name Indication (SNI) extension when connecting to AWS IoT Core . However, to use features such as custom domains and VPC endpoints, we recommend that you use the SNI extension when connecting to AWS IoT Core .\n\n`SNI_ONLY` : A certificate in `SNI_ONLY` mode is registered without an issuer CA. Devices with certificates in `SNI_ONLY` mode must send the SNI extension when connecting to AWS IoT Core .", - "title": "CertificateMode", - "type": "string" + "Elements": { + "items": { + "type": "string" + }, + "markdownDescription": "The elements in the list.", + "title": "Elements", + "type": "array" }, - "CertificatePem": { - "markdownDescription": "The certificate data in PEM format. Requires SNI_ONLY for the certificate mode or the accompanying CACertificatePem for registration.", - "title": "CertificatePem", + "Name": { + "markdownDescription": "The name of the list.", + "title": "Name", "type": "string" }, - "CertificateSigningRequest": { - "markdownDescription": "The certificate signing request (CSR).", - "title": "CertificateSigningRequest", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" }, - "Status": { - "markdownDescription": "The status of the certificate.\n\nValid values are ACTIVE, INACTIVE, REVOKED, PENDING_TRANSFER, and PENDING_ACTIVATION.\n\nThe status value REGISTER_INACTIVE is deprecated and should not be used.", - "title": "Status", + "VariableType": { + "markdownDescription": "The variable type of the list. For more information, see [Variable types](https://docs.aws.amazon.com/frauddetector/latest/ug/variables.html#variable-types)", + "title": "VariableType", "type": "string" } }, "required": [ - "Status" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::Certificate" + "AWS::FraudDetector::List" ], "type": "string" }, @@ -120810,7 +125762,7 @@ ], "type": "object" }, - "AWS::IoT::CertificateProvider": { + "AWS::FraudDetector::Outcome": { "additionalProperties": false, "properties": { "Condition": { @@ -120845,42 +125797,33 @@ "Properties": { "additionalProperties": false, "properties": { - "AccountDefaultForOperations": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the operations that the certificate provider will use to generate certificates. Valid value: `CreateCertificateFromCsr` .", - "title": "AccountDefaultForOperations", - "type": "array" - }, - "CertificateProviderName": { - "markdownDescription": "The name of the certificate provider.", - "title": "CertificateProviderName", + "Description": { + "markdownDescription": "The outcome description.", + "title": "Description", "type": "string" }, - "LambdaFunctionArn": { - "markdownDescription": "The ARN of the Lambda function.", - "title": "LambdaFunctionArn", + "Name": { + "markdownDescription": "The outcome name.", + "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata that can be used to manage the certificate provider.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ - "AccountDefaultForOperations", - "LambdaFunctionArn" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::CertificateProvider" + "AWS::FraudDetector::Outcome" ], "type": "string" }, @@ -120899,7 +125842,7 @@ ], "type": "object" }, - "AWS::IoT::CustomMetric": { + "AWS::FraudDetector::Variable": { "additionalProperties": false, "properties": { "Condition": { @@ -120934,38 +125877,56 @@ "Properties": { "additionalProperties": false, "properties": { - "DisplayName": { - "markdownDescription": "The friendly name in the console for the custom metric. This name doesn't have to be unique. Don't use this name as the metric identifier in the device metric report. You can update the friendly name after you define it.", - "title": "DisplayName", + "DataSource": { + "markdownDescription": "The data source of the variable.\n\nValid values: `EVENT | EXTERNAL_MODEL_SCORE`\n\nWhen defining a variable within a detector, you can only use the `EVENT` value for DataSource when the *Inline* property is set to true. If the *Inline* property is set false, you can use either `EVENT` or `MODEL_SCORE` for DataSource.", + "title": "DataSource", "type": "string" }, - "MetricName": { - "markdownDescription": "The name of the custom metric. This will be used in the metric report submitted from the device/thing. The name can't begin with `aws:` . You can\u2019t change the name after you define it.", - "title": "MetricName", + "DataType": { + "markdownDescription": "The data type of the variable.\n\nValid data types: `STRING | INTEGER | BOOLEAN | FLOAT`", + "title": "DataType", "type": "string" }, - "MetricType": { - "markdownDescription": "The type of the custom metric. Types include `string-list` , `ip-address-list` , `number-list` , and `number` .\n\n> The type `number` only takes a single metric value as an input, but when you submit the metrics value in the DeviceMetrics report, you must pass it as an array with a single value.", - "title": "MetricType", + "DefaultValue": { + "markdownDescription": "The default value of the variable.", + "title": "DefaultValue", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the variable.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the variable.\n\nPattern: `^[0-9a-z_-]+$`", + "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata that can be used to manage the custom metric.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" + }, + "VariableType": { + "markdownDescription": "The type of the variable. For more information see [Variable types](https://docs.aws.amazon.com/frauddetector/latest/ug/create-a-variable.html#variable-types) .\n\nValid Values: `AUTH_CODE | AVS | BILLING_ADDRESS_L1 | BILLING_ADDRESS_L2 | BILLING_CITY | BILLING_COUNTRY | BILLING_NAME | BILLING_PHONE | BILLING_STATE | BILLING_ZIP | CARD_BIN | CATEGORICAL | CURRENCY_CODE | EMAIL_ADDRESS | FINGERPRINT | FRAUD_LABEL | FREE_FORM_TEXT | IP_ADDRESS | NUMERIC | ORDER_ID | PAYMENT_TYPE | PHONE_NUMBER | PRICE | PRODUCT_CATEGORY | SHIPPING_ADDRESS_L1 | SHIPPING_ADDRESS_L2 | SHIPPING_CITY | SHIPPING_COUNTRY | SHIPPING_NAME | SHIPPING_PHONE | SHIPPING_STATE | SHIPPING_ZIP | USERAGENT`", + "title": "VariableType", + "type": "string" } }, "required": [ - "MetricType" + "DataSource", + "DataType", + "DefaultValue", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::CustomMetric" + "AWS::FraudDetector::Variable" ], "type": "string" }, @@ -120984,7 +125945,7 @@ ], "type": "object" }, - "AWS::IoT::Dimension": { + "AWS::GameLift::Alias": { "additionalProperties": false, "properties": { "Condition": { @@ -121019,42 +125980,39 @@ "Properties": { "additionalProperties": false, "properties": { + "Description": { + "markdownDescription": "A human-readable description of the alias.", + "title": "Description", + "type": "string" + }, "Name": { - "markdownDescription": "A unique identifier for the dimension.", + "markdownDescription": "A descriptive label that is associated with an alias. Alias names do not need to be unique.", "title": "Name", "type": "string" }, - "StringValues": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the value or list of values for the dimension. For `TOPIC_FILTER` dimensions, this is a pattern used to match the MQTT topic (for example, \"admin/#\").", - "title": "StringValues", - "type": "array" + "RoutingStrategy": { + "$ref": "#/definitions/AWS::GameLift::Alias.RoutingStrategy", + "markdownDescription": "The routing configuration, including routing type and fleet target, for the alias.", + "title": "RoutingStrategy" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata that can be used to manage the dimension.", + "markdownDescription": "", "title": "Tags", "type": "array" - }, - "Type": { - "markdownDescription": "Specifies the type of dimension. Supported types: `TOPIC_FILTER.`", - "title": "Type", - "type": "string" } }, "required": [ - "StringValues", - "Type" + "Name", + "RoutingStrategy" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::Dimension" + "AWS::GameLift::Alias" ], "type": "string" }, @@ -121073,7 +126031,31 @@ ], "type": "object" }, - "AWS::IoT::DomainConfiguration": { + "AWS::GameLift::Alias.RoutingStrategy": { + "additionalProperties": false, + "properties": { + "FleetId": { + "markdownDescription": "A unique identifier for a fleet that the alias points to. If you specify `SIMPLE` for the `Type` property, you must specify this property.", + "title": "FleetId", + "type": "string" + }, + "Message": { + "markdownDescription": "The message text to be used with a terminal routing strategy. If you specify `TERMINAL` for the `Type` property, you must specify this property.", + "title": "Message", + "type": "string" + }, + "Type": { + "markdownDescription": "A type of routing strategy.\n\nPossible routing types include the following:\n\n- *SIMPLE* - The alias resolves to one specific fleet. Use this type when routing to active fleets.\n- *TERMINAL* - The alias does not resolve to a fleet but instead can be used to display a message to the user. A terminal alias throws a `TerminalRoutingStrategyException` with the message that you specified in the `Message` property.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::GameLift::Build": { "additionalProperties": false, "properties": { "Condition": { @@ -121108,60 +126090,37 @@ "Properties": { "additionalProperties": false, "properties": { - "AuthorizerConfig": { - "$ref": "#/definitions/AWS::IoT::DomainConfiguration.AuthorizerConfig", - "markdownDescription": "An object that specifies the authorization service for a domain.", - "title": "AuthorizerConfig" - }, - "DomainConfigurationName": { - "markdownDescription": "The name of the domain configuration. This value must be unique to a region.", - "title": "DomainConfigurationName", + "Name": { + "markdownDescription": "A descriptive label that is associated with a build. Build names do not need to be unique.", + "title": "Name", "type": "string" }, - "DomainConfigurationStatus": { - "markdownDescription": "The status to which the domain configuration should be updated.\n\nValid values: `ENABLED` | `DISABLED`", - "title": "DomainConfigurationStatus", + "OperatingSystem": { + "markdownDescription": "The operating system that your game server binaries run on. This value determines the type of fleet resources that you use for this build. If your game build contains multiple executables, they all must run on the same operating system. You must specify a valid operating system in this request. There is no default value. You can't change a build's operating system later.\n\n> Amazon Linux 2 (AL2) will reach end of support on 6/30/2025. See more details in the [Amazon Linux 2 FAQs](https://docs.aws.amazon.com/amazon-linux-2/faqs/) . For game servers that are hosted on AL2 and use server SDK version 4.x for Amazon GameLift Servers, first update the game server build to server SDK 5.x, and then deploy to AL2023 instances. See [Migrate to server SDK version 5.](https://docs.aws.amazon.com/gamelift/latest/developerguide/reference-serversdk5-migration.html)", + "title": "OperatingSystem", "type": "string" }, - "DomainName": { - "markdownDescription": "The name of the domain.", - "title": "DomainName", + "ServerSdkVersion": { + "markdownDescription": "A server SDK version you used when integrating your game server build with Amazon GameLift Servers. For more information see [Integrate games with custom game servers](https://docs.aws.amazon.com/gamelift/latest/developerguide/integration-custom-intro.html) . By default Amazon GameLift Servers sets this value to `4.0.2` .", + "title": "ServerSdkVersion", "type": "string" }, - "ServerCertificateArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The ARNs of the certificates that AWS IoT passes to the device during the TLS handshake. Currently you can specify only one certificate ARN. This value is not required for AWS -managed domains.", - "title": "ServerCertificateArns", - "type": "array" - }, - "ServerCertificateConfig": { - "$ref": "#/definitions/AWS::IoT::DomainConfiguration.ServerCertificateConfig", - "markdownDescription": "The server certificate configuration.\n\nFor more information, see [Configurable endpoints](https://docs.aws.amazon.com//iot/latest/developerguide/iot-custom-endpoints-configurable.html) from the AWS IoT Core Developer Guide.", - "title": "ServerCertificateConfig" - }, - "ServiceType": { - "markdownDescription": "The type of service delivered by the endpoint.\n\n> AWS IoT Core currently supports only the `DATA` service type.", - "title": "ServiceType", - "type": "string" + "StorageLocation": { + "$ref": "#/definitions/AWS::GameLift::Build.StorageLocation", + "markdownDescription": "Information indicating where your game build files are stored. Use this parameter only when creating a build with files stored in an Amazon S3 bucket that you own. The storage location must specify an Amazon S3 bucket name and key. The location must also specify a role ARN that you set up to allow Amazon GameLift Servers to access your Amazon S3 bucket. The S3 bucket and your new build must be in the same Region.\n\nIf a `StorageLocation` is specified, the size of your file can be found in your Amazon S3 bucket. Amazon GameLift Servers will report a `SizeOnDisk` of 0.", + "title": "StorageLocation" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata which can be used to manage the domain configuration.\n\n> For URI Request parameters use format: ...key1=value1&key2=value2...\n> \n> For the CLI command-line parameter use format: &&tags \"key1=value1&key2=value2...\"\n> \n> For the cli-input-json file use format: \"tags\": \"key1=value1&key2=value2...\"", + "markdownDescription": "", "title": "Tags", "type": "array" }, - "TlsConfig": { - "$ref": "#/definitions/AWS::IoT::DomainConfiguration.TlsConfig", - "markdownDescription": "An object that specifies the TLS configuration for a domain.", - "title": "TlsConfig" - }, - "ValidationCertificateArn": { - "markdownDescription": "The certificate used to validate the server certificate and prove domain name ownership. This certificate must be signed by a public certificate authority. This value is not required for AWS -managed domains.", - "title": "ValidationCertificateArn", + "Version": { + "markdownDescription": "Version information that is associated with this build. Version strings do not need to be unique.", + "title": "Version", "type": "string" } }, @@ -121169,7 +126128,7 @@ }, "Type": { "enum": [ - "AWS::IoT::DomainConfiguration" + "AWS::GameLift::Build" ], "type": "string" }, @@ -121187,66 +126146,38 @@ ], "type": "object" }, - "AWS::IoT::DomainConfiguration.AuthorizerConfig": { - "additionalProperties": false, - "properties": { - "AllowAuthorizerOverride": { - "markdownDescription": "A Boolean that specifies whether the domain configuration's authorization service can be overridden.", - "title": "AllowAuthorizerOverride", - "type": "boolean" - }, - "DefaultAuthorizerName": { - "markdownDescription": "The name of the authorization service for a domain configuration.", - "title": "DefaultAuthorizerName", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoT::DomainConfiguration.ServerCertificateConfig": { - "additionalProperties": false, - "properties": { - "EnableOCSPCheck": { - "markdownDescription": "A Boolean value that indicates whether Online Certificate Status Protocol (OCSP) server certificate check is enabled or not. For more information, see [Configurable endpoints](https://docs.aws.amazon.com//iot/latest/developerguide/iot-custom-endpoints-configurable.html) from the AWS IoT Core Developer Guide.", - "title": "EnableOCSPCheck", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::IoT::DomainConfiguration.ServerCertificateSummary": { + "AWS::GameLift::Build.StorageLocation": { "additionalProperties": false, "properties": { - "ServerCertificateArn": { - "markdownDescription": "The ARN of the server certificate.", - "title": "ServerCertificateArn", + "Bucket": { + "markdownDescription": "An Amazon S3 bucket identifier. The name of the S3 bucket.\n\n> Amazon GameLift doesn't support uploading from Amazon S3 buckets with names that contain a dot (.).", + "title": "Bucket", "type": "string" }, - "ServerCertificateStatus": { - "markdownDescription": "The status of the server certificate.", - "title": "ServerCertificateStatus", + "Key": { + "markdownDescription": "The name of the zip file that contains the build files or script files.", + "title": "Key", "type": "string" }, - "ServerCertificateStatusDetail": { - "markdownDescription": "Details that explain the status of the server certificate.", - "title": "ServerCertificateStatusDetail", + "ObjectVersion": { + "markdownDescription": "A version of a stored file to retrieve, if the object versioning feature is turned on for the S3 bucket. Use this parameter to specify a specific version. If this parameter isn't set, Amazon GameLift Servers retrieves the latest version of the file.", + "title": "ObjectVersion", "type": "string" - } - }, - "type": "object" - }, - "AWS::IoT::DomainConfiguration.TlsConfig": { - "additionalProperties": false, - "properties": { - "SecurityPolicy": { - "markdownDescription": "The security policy for a domain configuration. For more information, see [Security policies](https://docs.aws.amazon.com/iot/latest/developerguide/transport-security.html#tls-policy-table) in the *AWS IoT Core developer guide* .", - "title": "SecurityPolicy", + }, + "RoleArn": { + "markdownDescription": "The ARNfor an IAM role that allows Amazon GameLift to access the S3 bucket.", + "title": "RoleArn", "type": "string" } }, + "required": [ + "Bucket", + "Key", + "RoleArn" + ], "type": "object" }, - "AWS::IoT::FleetMetric": { + "AWS::GameLift::ContainerFleet": { "additionalProperties": false, "properties": { "Condition": { @@ -121281,228 +126212,115 @@ "Properties": { "additionalProperties": false, "properties": { - "AggregationField": { - "markdownDescription": "The field to aggregate.", - "title": "AggregationField", + "BillingType": { + "markdownDescription": "Indicates whether the fleet uses On-Demand or Spot instances for this fleet. Learn more about when to use [On-Demand versus Spot Instances](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-ec2-instances.html#gamelift-ec2-instances-spot) . You can't update this fleet property.\n\nBy default, this property is set to `ON_DEMAND` .", + "title": "BillingType", "type": "string" }, - "AggregationType": { - "$ref": "#/definitions/AWS::IoT::FleetMetric.AggregationType", - "markdownDescription": "The type of the aggregation query.", - "title": "AggregationType" + "DeploymentConfiguration": { + "$ref": "#/definitions/AWS::GameLift::ContainerFleet.DeploymentConfiguration", + "markdownDescription": "Set of rules for processing a deployment for a container fleet update.", + "title": "DeploymentConfiguration" }, "Description": { - "markdownDescription": "The fleet metric description.", + "markdownDescription": "A meaningful description of the container fleet.", "title": "Description", "type": "string" }, - "IndexName": { - "markdownDescription": "The name of the index to search.", - "title": "IndexName", + "FleetRoleArn": { + "markdownDescription": "The unique identifier for an AWS Identity and Access Management (IAM) role with permissions to run your containers on resources that are managed by Amazon GameLift Servers. See [Set up an IAM service role](https://docs.aws.amazon.com/gamelift/latest/developerguide/setting-up-role.html) . This fleet property can't be changed.", + "title": "FleetRoleArn", "type": "string" }, - "MetricName": { - "markdownDescription": "The name of the fleet metric to create.", - "title": "MetricName", + "GameServerContainerGroupDefinitionName": { + "markdownDescription": "The name of the fleet's game server container group definition, which describes how to deploy containers with your game server build and support software onto each fleet instance.", + "title": "GameServerContainerGroupDefinitionName", "type": "string" }, - "Period": { - "markdownDescription": "The time in seconds between fleet metric emissions. Range [60(1 min), 86400(1 day)] and must be multiple of 60.", - "title": "Period", + "GameServerContainerGroupsPerInstance": { + "markdownDescription": "The number of times to replicate the game server container group on each fleet instance.", + "title": "GameServerContainerGroupsPerInstance", "type": "number" }, - "QueryString": { - "markdownDescription": "The search query string.", - "title": "QueryString", - "type": "string" + "GameSessionCreationLimitPolicy": { + "$ref": "#/definitions/AWS::GameLift::ContainerFleet.GameSessionCreationLimitPolicy", + "markdownDescription": "A policy that limits the number of game sessions that each individual player can create on instances in this fleet. The limit applies for a specified span of time.", + "title": "GameSessionCreationLimitPolicy" }, - "QueryVersion": { - "markdownDescription": "The query version.", - "title": "QueryVersion", - "type": "string" + "InstanceConnectionPortRange": { + "$ref": "#/definitions/AWS::GameLift::ContainerFleet.ConnectionPortRange", + "markdownDescription": "The set of port numbers to open on each instance in a container fleet. Connection ports are used by inbound traffic to connect with processes that are running in containers on the fleet.", + "title": "InstanceConnectionPortRange" }, - "Tags": { + "InstanceInboundPermissions": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::GameLift::ContainerFleet.IpPermission" }, - "markdownDescription": "Metadata which can be used to manage the fleet metric.", - "title": "Tags", + "markdownDescription": "The IP address ranges and port settings that allow inbound traffic to access game server processes and other processes on this fleet.", + "title": "InstanceInboundPermissions", "type": "array" }, - "Unit": { - "markdownDescription": "Used to support unit transformation such as milliseconds to seconds. Must be a unit supported by CW metric. Default to null.", - "title": "Unit", - "type": "string" - } - }, - "required": [ - "MetricName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::IoT::FleetMetric" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::IoT::FleetMetric.AggregationType": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the aggregation type.", - "title": "Name", - "type": "string" - }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the values of aggregation types.", - "title": "Values", - "type": "array" - } - }, - "required": [ - "Name", - "Values" - ], - "type": "object" - }, - "AWS::IoT::JobTemplate": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + "InstanceType": { + "markdownDescription": "The Amazon EC2 instance type to use for all instances in the fleet. Instance type determines the computing resources and processing power that's available to host your game servers. This includes including CPU, memory, storage, and networking capacity. You can't update this fleet property.", + "title": "InstanceType", "type": "string" }, - { + "Locations": { "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" + "$ref": "#/definitions/AWS::GameLift::ContainerFleet.LocationConfiguration" }, + "markdownDescription": "", + "title": "Locations", "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AbortConfig": { - "$ref": "#/definitions/AWS::IoT::JobTemplate.AbortConfig", - "markdownDescription": "The criteria that determine when and how a job abort takes place.", - "title": "AbortConfig" }, - "Description": { - "markdownDescription": "A description of the job template.", - "title": "Description", - "type": "string" + "LogConfiguration": { + "$ref": "#/definitions/AWS::GameLift::ContainerFleet.LogConfiguration", + "markdownDescription": "The method that is used to collect container logs for the fleet. Amazon GameLift Servers saves all standard output for each container in logs, including game session logs.\n\n- `CLOUDWATCH` -- Send logs to an Amazon CloudWatch log group that you define. Each container emits a log stream, which is organized in the log group.\n- `S3` -- Store logs in an Amazon S3 bucket that you define.\n- `NONE` -- Don't collect container logs.", + "title": "LogConfiguration" }, - "DestinationPackageVersions": { + "MetricGroups": { "items": { "type": "string" }, - "markdownDescription": "The package version Amazon Resource Names (ARNs) that are installed on the device\u2019s reserved named shadow ( `$package` ) when the job successfully completes.\n\n*Note:* Up to 25 package version ARNS are allowed.", - "title": "DestinationPackageVersions", + "markdownDescription": "The name of an AWS CloudWatch metric group to add this fleet to. Metric groups aggregate metrics for multiple fleets.", + "title": "MetricGroups", "type": "array" }, - "Document": { - "markdownDescription": "The job document.\n\nRequired if you don't specify a value for `documentSource` .", - "title": "Document", - "type": "string" - }, - "DocumentSource": { - "markdownDescription": "An S3 link, or S3 object URL, to the job document. The link is an Amazon S3 object URL and is required if you don't specify a value for `document` .\n\nFor example, `--document-source https://s3. *region-code* .amazonaws.com/example-firmware/device-firmware.1.0`\n\nFor more information, see [Methods for accessing a bucket](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-bucket-intro.html) .", - "title": "DocumentSource", - "type": "string" - }, - "JobArn": { - "markdownDescription": "The ARN of the job to use as the basis for the job template.", - "title": "JobArn", + "NewGameSessionProtectionPolicy": { + "markdownDescription": "Determines whether Amazon GameLift Servers can shut down game sessions on the fleet that are actively running and hosting players. Amazon GameLift Servers might prompt an instance shutdown when scaling down fleet capacity or when retiring unhealthy instances. You can also set game session protection for individual game sessions using [UpdateGameSession](https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateGameSession.html) .\n\n- *NoProtection* -- Game sessions can be shut down during active gameplay.\n- *FullProtection* -- Game sessions in `ACTIVE` status can't be shut down.", + "title": "NewGameSessionProtectionPolicy", "type": "string" }, - "JobExecutionsRetryConfig": { - "$ref": "#/definitions/AWS::IoT::JobTemplate.JobExecutionsRetryConfig", - "markdownDescription": "Allows you to create the criteria to retry a job.", - "title": "JobExecutionsRetryConfig" - }, - "JobExecutionsRolloutConfig": { - "$ref": "#/definitions/AWS::IoT::JobTemplate.JobExecutionsRolloutConfig", - "markdownDescription": "Allows you to create a staged rollout of a job.", - "title": "JobExecutionsRolloutConfig" - }, - "JobTemplateId": { - "markdownDescription": "A unique identifier for the job template. We recommend using a UUID. Alpha-numeric characters, \"-\", and \"_\" are valid for use here.", - "title": "JobTemplateId", + "PerInstanceContainerGroupDefinitionName": { + "markdownDescription": "The name of the fleet's per-instance container group definition.", + "title": "PerInstanceContainerGroupDefinitionName", "type": "string" }, - "MaintenanceWindows": { + "ScalingPolicies": { "items": { - "$ref": "#/definitions/AWS::IoT::JobTemplate.MaintenanceWindow" + "$ref": "#/definitions/AWS::GameLift::ContainerFleet.ScalingPolicy" }, - "markdownDescription": "An optional configuration within the SchedulingConfig to setup a recurring maintenance window with a predetermined start time and duration for the rollout of a job document to all devices in a target group for a job.", - "title": "MaintenanceWindows", + "markdownDescription": "", + "title": "ScalingPolicies", "type": "array" }, - "PresignedUrlConfig": { - "$ref": "#/definitions/AWS::IoT::JobTemplate.PresignedUrlConfig", - "markdownDescription": "Configuration for pre-signed S3 URLs.", - "title": "PresignedUrlConfig" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata that can be used to manage the job template.", + "markdownDescription": "", "title": "Tags", "type": "array" - }, - "TimeoutConfig": { - "$ref": "#/definitions/AWS::IoT::JobTemplate.TimeoutConfig", - "markdownDescription": "Specifies the amount of time each device has to finish its execution of the job. A timer is started when the job execution status is set to `IN_PROGRESS` . If the job execution status is not set to another terminal state before the timer expires, it will be automatically set to `TIMED_OUT` .", - "title": "TimeoutConfig" } }, "required": [ - "Description", - "JobTemplateId" + "FleetRoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::JobTemplate" + "AWS::GameLift::ContainerFleet" ], "type": "string" }, @@ -121521,272 +126339,250 @@ ], "type": "object" }, - "AWS::IoT::JobTemplate.AbortConfig": { - "additionalProperties": false, - "properties": { - "CriteriaList": { - "items": { - "$ref": "#/definitions/AWS::IoT::JobTemplate.AbortCriteria" - }, - "markdownDescription": "The list of criteria that determine when and how to abort the job.", - "title": "CriteriaList", - "type": "array" - } - }, - "required": [ - "CriteriaList" - ], - "type": "object" - }, - "AWS::IoT::JobTemplate.AbortCriteria": { + "AWS::GameLift::ContainerFleet.ConnectionPortRange": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The type of job action to take to initiate the job abort.", - "title": "Action", - "type": "string" - }, - "FailureType": { - "markdownDescription": "The type of job execution failures that can initiate a job abort.", - "title": "FailureType", - "type": "string" - }, - "MinNumberOfExecutedThings": { - "markdownDescription": "The minimum number of things which must receive job execution notifications before the job can be aborted.", - "title": "MinNumberOfExecutedThings", + "FromPort": { + "markdownDescription": "Starting value for the port range.", + "title": "FromPort", "type": "number" }, - "ThresholdPercentage": { - "markdownDescription": "The minimum percentage of job execution failures that must occur to initiate the job abort.\n\nAWS IoT Core supports up to two digits after the decimal (for example, 10.9 and 10.99, but not 10.999).", - "title": "ThresholdPercentage", + "ToPort": { + "markdownDescription": "Ending value for the port. Port numbers are end-inclusive. This value must be equal to or greater than `FromPort` .", + "title": "ToPort", "type": "number" } }, "required": [ - "Action", - "FailureType", - "MinNumberOfExecutedThings", - "ThresholdPercentage" + "FromPort", + "ToPort" ], "type": "object" }, - "AWS::IoT::JobTemplate.ExponentialRolloutRate": { + "AWS::GameLift::ContainerFleet.DeploymentConfiguration": { "additionalProperties": false, "properties": { - "BaseRatePerMinute": { - "markdownDescription": "The minimum number of things that will be notified of a pending job, per minute at the start of job rollout. This parameter allows you to define the initial rate of rollout.", - "title": "BaseRatePerMinute", - "type": "number" + "ImpairmentStrategy": { + "markdownDescription": "Determines what actions to take if a deployment fails. If the fleet is multi-location, this strategy applies across all fleet locations. With a rollback strategy, updated fleet instances are rolled back to the last successful deployment. Alternatively, you can maintain a few impaired containers for the purpose of debugging, while all other tasks return to the last successful deployment.", + "title": "ImpairmentStrategy", + "type": "string" }, - "IncrementFactor": { - "markdownDescription": "The exponential factor to increase the rate of rollout for a job.\n\nAWS IoT Core supports up to one digit after the decimal (for example, 1.5, but not 1.55).", - "title": "IncrementFactor", + "MinimumHealthyPercentage": { + "markdownDescription": "Sets a minimum level of healthy tasks to maintain during deployment activity.", + "title": "MinimumHealthyPercentage", "type": "number" }, - "RateIncreaseCriteria": { - "$ref": "#/definitions/AWS::IoT::JobTemplate.RateIncreaseCriteria", - "markdownDescription": "The criteria to initiate the increase in rate of rollout for a job.", - "title": "RateIncreaseCriteria" + "ProtectionStrategy": { + "markdownDescription": "Determines how fleet deployment activity affects active game sessions on the fleet. With protection, a deployment honors game session protection, and delays actions that would interrupt a protected active game session until the game session ends. Without protection, deployment activity can shut down all running tasks, including active game sessions, regardless of game session protection.", + "title": "ProtectionStrategy", + "type": "string" } }, - "required": [ - "BaseRatePerMinute", - "IncrementFactor", - "RateIncreaseCriteria" - ], "type": "object" }, - "AWS::IoT::JobTemplate.JobExecutionsRetryConfig": { + "AWS::GameLift::ContainerFleet.DeploymentDetails": { "additionalProperties": false, "properties": { - "RetryCriteriaList": { - "items": { - "$ref": "#/definitions/AWS::IoT::JobTemplate.RetryCriteria" - }, - "markdownDescription": "The list of criteria that determines how many retries are allowed for each failure type for a job.", - "title": "RetryCriteriaList", - "type": "array" + "LatestDeploymentId": { + "markdownDescription": "A unique identifier for a fleet deployment.", + "title": "LatestDeploymentId", + "type": "string" } }, "type": "object" }, - "AWS::IoT::JobTemplate.JobExecutionsRolloutConfig": { + "AWS::GameLift::ContainerFleet.GameSessionCreationLimitPolicy": { "additionalProperties": false, "properties": { - "ExponentialRolloutRate": { - "$ref": "#/definitions/AWS::IoT::JobTemplate.ExponentialRolloutRate", - "markdownDescription": "The rate of increase for a job rollout. This parameter allows you to define an exponential rate for a job rollout.", - "title": "ExponentialRolloutRate" + "NewGameSessionsPerCreator": { + "markdownDescription": "A policy that puts limits on the number of game sessions that a player can create within a specified span of time. With this policy, you can control players' ability to consume available resources.\n\nThe policy evaluates when a player tries to create a new game session. On receiving a `CreateGameSession` request, Amazon GameLift Servers checks that the player (identified by `CreatorId` ) has created fewer than game session limit in the specified time period.", + "title": "NewGameSessionsPerCreator", + "type": "number" }, - "MaximumPerMinute": { - "markdownDescription": "The maximum number of things that will be notified of a pending job, per minute. This parameter allows you to create a staged rollout.", - "title": "MaximumPerMinute", + "PolicyPeriodInMinutes": { + "markdownDescription": "The time span used in evaluating the resource creation limit policy.", + "title": "PolicyPeriodInMinutes", "type": "number" } }, "type": "object" }, - "AWS::IoT::JobTemplate.MaintenanceWindow": { + "AWS::GameLift::ContainerFleet.IpPermission": { "additionalProperties": false, "properties": { - "DurationInMinutes": { - "markdownDescription": "Displays the duration of the next maintenance window.", - "title": "DurationInMinutes", + "FromPort": { + "markdownDescription": "A starting value for a range of allowed port numbers.\n\nFor fleets using Linux builds, only ports `22` and `1026-60000` are valid.\n\nFor fleets using Windows builds, only ports `1026-60000` are valid.", + "title": "FromPort", "type": "number" }, - "StartTime": { - "markdownDescription": "Displays the start time of the next maintenance window.", - "title": "StartTime", + "IpRange": { + "markdownDescription": "A range of allowed IP addresses. This value must be expressed in CIDR notation. Example: \" `000.000.000.000/[subnet mask]` \" or optionally the shortened version \" `0.0.0.0/[subnet mask]` \".", + "title": "IpRange", "type": "string" - } - }, - "type": "object" - }, - "AWS::IoT::JobTemplate.PresignedUrlConfig": { - "additionalProperties": false, - "properties": { - "ExpiresInSec": { - "markdownDescription": "How long (in seconds) pre-signed URLs are valid. Valid values are 60 - 3600, the default value is 3600 seconds. Pre-signed URLs are generated when Jobs receives an MQTT request for the job document.", - "title": "ExpiresInSec", - "type": "number" }, - "RoleArn": { - "markdownDescription": "The ARN of an IAM role that grants grants permission to download files from the S3 bucket where the job data/updates are stored. The role must also grant permission for IoT to download the files.\n\n> For information about addressing the confused deputy problem, see [cross-service confused deputy prevention](https://docs.aws.amazon.com/iot/latest/developerguide/cross-service-confused-deputy-prevention.html) in the *AWS IoT Core developer guide* .", - "title": "RoleArn", + "Protocol": { + "markdownDescription": "The network communication protocol used by the fleet.", + "title": "Protocol", "type": "string" + }, + "ToPort": { + "markdownDescription": "An ending value for a range of allowed port numbers. Port numbers are end-inclusive. This value must be equal to or greater than `FromPort` .\n\nFor fleets using Linux builds, only ports `22` and `1026-60000` are valid.\n\nFor fleets using Windows builds, only ports `1026-60000` are valid.", + "title": "ToPort", + "type": "number" } }, "required": [ - "RoleArn" + "FromPort", + "IpRange", + "Protocol", + "ToPort" ], "type": "object" }, - "AWS::IoT::JobTemplate.RateIncreaseCriteria": { + "AWS::GameLift::ContainerFleet.LocationCapacity": { "additionalProperties": false, "properties": { - "NumberOfNotifiedThings": { - "markdownDescription": "The threshold for number of notified things that will initiate the increase in rate of rollout.", - "title": "NumberOfNotifiedThings", + "DesiredEC2Instances": { + "markdownDescription": "", + "title": "DesiredEC2Instances", "type": "number" }, - "NumberOfSucceededThings": { - "markdownDescription": "The threshold for number of succeeded things that will initiate the increase in rate of rollout.", - "title": "NumberOfSucceededThings", + "MaxSize": { + "markdownDescription": "", + "title": "MaxSize", + "type": "number" + }, + "MinSize": { + "markdownDescription": "", + "title": "MinSize", "type": "number" } }, + "required": [ + "DesiredEC2Instances", + "MaxSize", + "MinSize" + ], "type": "object" }, - "AWS::IoT::JobTemplate.RetryCriteria": { + "AWS::GameLift::ContainerFleet.LocationConfiguration": { "additionalProperties": false, "properties": { - "FailureType": { - "markdownDescription": "The type of job execution failures that can initiate a job retry.", - "title": "FailureType", + "Location": { + "markdownDescription": "An AWS Region code, such as `us-west-2` . For a list of supported Regions and Local Zones, see [Amazon GameLift Servers service locations](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-regions.html) for managed hosting.", + "title": "Location", "type": "string" }, - "NumberOfRetries": { - "markdownDescription": "The number of retries allowed for a failure type for the job.", - "title": "NumberOfRetries", - "type": "number" + "LocationCapacity": { + "$ref": "#/definitions/AWS::GameLift::ContainerFleet.LocationCapacity", + "markdownDescription": "", + "title": "LocationCapacity" + }, + "StoppedActions": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "StoppedActions", + "type": "array" } }, + "required": [ + "Location" + ], "type": "object" }, - "AWS::IoT::JobTemplate.TimeoutConfig": { + "AWS::GameLift::ContainerFleet.LogConfiguration": { "additionalProperties": false, "properties": { - "InProgressTimeoutInMinutes": { - "markdownDescription": "Specifies the amount of time, in minutes, this device has to finish execution of this job. The timeout interval can be anywhere between 1 minute and 7 days (1 to 10080 minutes). The in progress timer can't be updated and will apply to all job executions for the job. Whenever a job execution remains in the IN_PROGRESS status for longer than this interval, the job execution will fail and switch to the terminal `TIMED_OUT` status.", - "title": "InProgressTimeoutInMinutes", - "type": "number" + "LogDestination": { + "markdownDescription": "The type of log collection to use for a fleet.\n\n- `CLOUDWATCH` -- (default value) Send logs to an Amazon CloudWatch log group that you define. Each container emits a log stream, which is organized in the log group.\n- `S3` -- Store logs in an Amazon S3 bucket that you define. This bucket must reside in the fleet's home AWS Region.\n- `NONE` -- Don't collect container logs.", + "title": "LogDestination", + "type": "string" + }, + "LogGroupArn": { + "markdownDescription": "If log destination is `CLOUDWATCH` , logs are sent to the specified log group in Amazon CloudWatch.", + "title": "LogGroupArn", + "type": "string" + }, + "S3BucketName": { + "markdownDescription": "If log destination is `S3` , logs are sent to the specified Amazon S3 bucket name.", + "title": "S3BucketName", + "type": "string" } }, - "required": [ - "InProgressTimeoutInMinutes" - ], "type": "object" }, - "AWS::IoT::Logging": { + "AWS::GameLift::ContainerFleet.ScalingPolicy": { "additionalProperties": false, "properties": { - "Condition": { + "ComparisonOperator": { + "markdownDescription": "Comparison operator to use when measuring a metric against the threshold value.", + "title": "ComparisonOperator", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "EvaluationPeriods": { + "markdownDescription": "Length of time (in minutes) the metric must be at or beyond the threshold before a scaling event is triggered.", + "title": "EvaluationPeriods", + "type": "number" + }, + "MetricName": { + "markdownDescription": "Name of the Amazon GameLift Servers-defined metric that is used to trigger a scaling adjustment. For detailed descriptions of fleet metrics, see [Monitor Amazon GameLift Servers with Amazon CloudWatch](https://docs.aws.amazon.com/gamelift/latest/developerguide/monitoring-cloudwatch.html) .\n\n- *ActivatingGameSessions* -- Game sessions in the process of being created.\n- *ActiveGameSessions* -- Game sessions that are currently running.\n- *ActiveInstances* -- Fleet instances that are currently running at least one game session.\n- *AvailableGameSessions* -- Additional game sessions that fleet could host simultaneously, given current capacity.\n- *AvailablePlayerSessions* -- Empty player slots in currently active game sessions. This includes game sessions that are not currently accepting players. Reserved player slots are not included.\n- *CurrentPlayerSessions* -- Player slots in active game sessions that are being used by a player or are reserved for a player.\n- *IdleInstances* -- Active instances that are currently hosting zero game sessions.\n- *PercentAvailableGameSessions* -- Unused percentage of the total number of game sessions that a fleet could host simultaneously, given current capacity. Use this metric for a target-based scaling policy.\n- *PercentIdleInstances* -- Percentage of the total number of active instances that are hosting zero game sessions.\n- *QueueDepth* -- Pending game session placement requests, in any queue, where the current fleet is the top-priority destination.\n- *WaitTime* -- Current wait time for pending game session placement requests, in any queue, where the current fleet is the top-priority destination.", + "title": "MetricName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Name": { + "markdownDescription": "A descriptive label that is associated with a fleet's scaling policy. Policy names do not need to be unique.", + "title": "Name", + "type": "string" }, - "Metadata": { - "type": "object" + "PolicyType": { + "markdownDescription": "The type of scaling policy to create. For a target-based policy, set the parameter *MetricName* to 'PercentAvailableGameSessions' and specify a *TargetConfiguration* . For a rule-based policy set the following parameters: *MetricName* , *ComparisonOperator* , *Threshold* , *EvaluationPeriods* , *ScalingAdjustmentType* , and *ScalingAdjustment* .", + "title": "PolicyType", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AccountId": { - "markdownDescription": "The account ID.", - "title": "AccountId", - "type": "string" - }, - "DefaultLogLevel": { - "markdownDescription": "The default log level. Valid Values: `DEBUG | INFO | ERROR | WARN | DISABLED`", - "title": "DefaultLogLevel", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The role ARN used for the log.", - "title": "RoleArn", - "type": "string" - } - }, - "required": [ - "AccountId", - "DefaultLogLevel", - "RoleArn" - ], - "type": "object" + "ScalingAdjustment": { + "markdownDescription": "Amount of adjustment to make, based on the scaling adjustment type.", + "title": "ScalingAdjustment", + "type": "number" }, - "Type": { - "enum": [ - "AWS::IoT::Logging" - ], + "ScalingAdjustmentType": { + "markdownDescription": "The type of adjustment to make to a fleet's instance count.\n\n- *ChangeInCapacity* -- add (or subtract) the scaling adjustment value from the current instance count. Positive values scale up while negative values scale down.\n- *ExactCapacity* -- set the instance count to the scaling adjustment value.\n- *PercentChangeInCapacity* -- increase or reduce the current instance count by the scaling adjustment, read as a percentage. Positive values scale up while negative values scale down.", + "title": "ScalingAdjustmentType", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "TargetConfiguration": { + "$ref": "#/definitions/AWS::GameLift::ContainerFleet.TargetConfiguration", + "markdownDescription": "An object that contains settings for a target-based scaling policy.", + "title": "TargetConfiguration" + }, + "Threshold": { + "markdownDescription": "Metric value used to trigger a scaling event.", + "title": "Threshold", + "type": "number" } }, "required": [ - "Type", - "Properties" + "MetricName", + "Name" ], "type": "object" }, - "AWS::IoT::MitigationAction": { + "AWS::GameLift::ContainerFleet.TargetConfiguration": { + "additionalProperties": false, + "properties": { + "TargetValue": { + "markdownDescription": "Desired value to use with a target-based scaling policy. The value must be relevant for whatever metric the scaling policy is using. For example, in a policy using the metric PercentAvailableGameSessions, the target value should be the preferred size of the fleet's buffer (the percent of capacity that should be idle and ready for new game sessions).", + "title": "TargetValue", + "type": "number" + } + }, + "required": [ + "TargetValue" + ], + "type": "object" + }, + "AWS::GameLift::ContainerGroupDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -121821,39 +126617,74 @@ "Properties": { "additionalProperties": false, "properties": { - "ActionName": { - "markdownDescription": "The friendly name of the mitigation action.", - "title": "ActionName", + "ContainerGroupType": { + "markdownDescription": "The type of container group. Container group type determines how Amazon GameLift Servers deploys the container group on each fleet instance.", + "title": "ContainerGroupType", "type": "string" }, - "ActionParams": { - "$ref": "#/definitions/AWS::IoT::MitigationAction.ActionParams", - "markdownDescription": "The set of parameters for this mitigation action. The parameters vary, depending on the kind of action you apply.", - "title": "ActionParams" + "GameServerContainerDefinition": { + "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.GameServerContainerDefinition", + "markdownDescription": "The definition for the game server container in this group. This property is used only when the container group type is `GAME_SERVER` . This container definition specifies a container image with the game server build.", + "title": "GameServerContainerDefinition" }, - "RoleArn": { - "markdownDescription": "The IAM role ARN used to apply this mitigation action.", - "title": "RoleArn", + "Name": { + "markdownDescription": "A descriptive identifier for the container group definition. The name value is unique in an AWS Region.", + "title": "Name", + "type": "string" + }, + "OperatingSystem": { + "markdownDescription": "The platform that all containers in the container group definition run on.\n\n> Amazon Linux 2 (AL2) will reach end of support on 6/30/2025. See more details in the [Amazon Linux 2 FAQs](https://docs.aws.amazon.com/amazon-linux-2/faqs/) . For game servers that are hosted on AL2 and use server SDK version 4.x for Amazon GameLift Servers, first update the game server build to server SDK 5.x, and then deploy to AL2023 instances. See [Migrate to server SDK version 5.](https://docs.aws.amazon.com/gamelift/latest/developerguide/reference-serversdk5-migration.html)", + "title": "OperatingSystem", "type": "string" }, + "SourceVersionNumber": { + "markdownDescription": "", + "title": "SourceVersionNumber", + "type": "number" + }, + "SupportContainerDefinitions": { + "items": { + "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.SupportContainerDefinition" + }, + "markdownDescription": "The set of definitions for support containers in this group. A container group definition might have zero support container definitions. Support container can be used in any type of container group.", + "title": "SupportContainerDefinitions", + "type": "array" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata that can be used to manage the mitigation action.", + "markdownDescription": "", "title": "Tags", "type": "array" + }, + "TotalMemoryLimitMebibytes": { + "markdownDescription": "The amount of memory (in MiB) on a fleet instance to allocate for the container group. All containers in the group share these resources.\n\nYou can set a limit for each container definition in the group. If individual containers have limits, this total value must be greater than any individual container's memory limit.", + "title": "TotalMemoryLimitMebibytes", + "type": "number" + }, + "TotalVcpuLimit": { + "markdownDescription": "The amount of vCPU units on a fleet instance to allocate for the container group (1 vCPU is equal to 1024 CPU units). All containers in the group share these resources. You can set a limit for each container definition in the group. If individual containers have limits, this total value must be equal to or greater than the sum of the limits for each container in the group.", + "title": "TotalVcpuLimit", + "type": "number" + }, + "VersionDescription": { + "markdownDescription": "An optional description that was provided for a container group definition update. Each version can have a unique description.", + "title": "VersionDescription", + "type": "string" } }, "required": [ - "ActionParams", - "RoleArn" + "Name", + "OperatingSystem", + "TotalMemoryLimitMebibytes", + "TotalVcpuLimit" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::MitigationAction" + "AWS::GameLift::ContainerGroupDefinition" ], "type": "string" }, @@ -121872,294 +126703,285 @@ ], "type": "object" }, - "AWS::IoT::MitigationAction.ActionParams": { + "AWS::GameLift::ContainerGroupDefinition.ContainerDependency": { "additionalProperties": false, "properties": { - "AddThingsToThingGroupParams": { - "$ref": "#/definitions/AWS::IoT::MitigationAction.AddThingsToThingGroupParams", - "markdownDescription": "Specifies the group to which you want to add the devices.", - "title": "AddThingsToThingGroupParams" - }, - "EnableIoTLoggingParams": { - "$ref": "#/definitions/AWS::IoT::MitigationAction.EnableIoTLoggingParams", - "markdownDescription": "Specifies the logging level and the role with permissions for logging. You cannot specify a logging level of `DISABLED` .", - "title": "EnableIoTLoggingParams" - }, - "PublishFindingToSnsParams": { - "$ref": "#/definitions/AWS::IoT::MitigationAction.PublishFindingToSnsParams", - "markdownDescription": "Specifies the topic to which the finding should be published.", - "title": "PublishFindingToSnsParams" - }, - "ReplaceDefaultPolicyVersionParams": { - "$ref": "#/definitions/AWS::IoT::MitigationAction.ReplaceDefaultPolicyVersionParams", - "markdownDescription": "Replaces the policy version with a default or blank policy. You specify the template name. Only a value of `BLANK_POLICY` is currently supported.", - "title": "ReplaceDefaultPolicyVersionParams" - }, - "UpdateCACertificateParams": { - "$ref": "#/definitions/AWS::IoT::MitigationAction.UpdateCACertificateParams", - "markdownDescription": "Specifies the new state for the CA certificate. Only a value of `DEACTIVATE` is currently supported.", - "title": "UpdateCACertificateParams" + "Condition": { + "markdownDescription": "The condition that the dependency container must reach before the dependent container can start. Valid conditions include:\n\n- START - The dependency container must have started.\n- COMPLETE - The dependency container has run to completion (exits). Use this condition with nonessential containers, such as those that run a script and then exit. The dependency container can't be an essential container.\n- SUCCESS - The dependency container has run to completion and exited with a zero status. The dependency container can't be an essential container.\n- HEALTHY - The dependency container has passed its Docker health check. Use this condition with dependency containers that have health checks configured. This condition is confirmed at container group startup only.", + "title": "Condition", + "type": "string" }, - "UpdateDeviceCertificateParams": { - "$ref": "#/definitions/AWS::IoT::MitigationAction.UpdateDeviceCertificateParams", - "markdownDescription": "Specifies the new state for a device certificate. Only a value of `DEACTIVATE` is currently supported.", - "title": "UpdateDeviceCertificateParams" + "ContainerName": { + "markdownDescription": "A descriptive label for the container definition that this container depends on.", + "title": "ContainerName", + "type": "string" } }, + "required": [ + "Condition", + "ContainerName" + ], "type": "object" }, - "AWS::IoT::MitigationAction.AddThingsToThingGroupParams": { + "AWS::GameLift::ContainerGroupDefinition.ContainerEnvironment": { "additionalProperties": false, "properties": { - "OverrideDynamicGroups": { - "markdownDescription": "Specifies if this mitigation action can move the things that triggered the mitigation action even if they are part of one or more dynamic thing groups.", - "title": "OverrideDynamicGroups", - "type": "boolean" + "Name": { + "markdownDescription": "The environment variable name.", + "title": "Name", + "type": "string" }, - "ThingGroupNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of groups to which you want to add the things that triggered the mitigation action. You can add a thing to a maximum of 10 groups, but you can't add a thing to more than one group in the same hierarchy.", - "title": "ThingGroupNames", - "type": "array" + "Value": { + "markdownDescription": "The environment variable value.", + "title": "Value", + "type": "string" } }, "required": [ - "ThingGroupNames" + "Name", + "Value" ], "type": "object" }, - "AWS::IoT::MitigationAction.EnableIoTLoggingParams": { + "AWS::GameLift::ContainerGroupDefinition.ContainerHealthCheck": { "additionalProperties": false, "properties": { - "LogLevel": { - "markdownDescription": "Specifies the type of information to be logged.", - "title": "LogLevel", - "type": "string" + "Command": { + "items": { + "type": "string" + }, + "markdownDescription": "A string array that specifies the command that the container runs to determine if it's healthy.", + "title": "Command", + "type": "array" }, - "RoleArnForLogging": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role used for logging.", - "title": "RoleArnForLogging", - "type": "string" + "Interval": { + "markdownDescription": "The time period (in seconds) between each health check.", + "title": "Interval", + "type": "number" + }, + "Retries": { + "markdownDescription": "The number of times to retry a failed health check before flagging the container unhealthy. The first run of the command does not count as a retry.", + "title": "Retries", + "type": "number" + }, + "StartPeriod": { + "markdownDescription": "The optional grace period (in seconds) to give a container time to bootstrap before the first failed health check counts toward the number of retries.", + "title": "StartPeriod", + "type": "number" + }, + "Timeout": { + "markdownDescription": "The time period (in seconds) to wait for a health check to succeed before counting a failed health check.", + "title": "Timeout", + "type": "number" } }, "required": [ - "LogLevel", - "RoleArnForLogging" + "Command" ], "type": "object" }, - "AWS::IoT::MitigationAction.PublishFindingToSnsParams": { + "AWS::GameLift::ContainerGroupDefinition.ContainerMountPoint": { "additionalProperties": false, "properties": { - "TopicArn": { - "markdownDescription": "The ARN of the topic to which you want to publish the findings.", - "title": "TopicArn", + "AccessLevel": { + "markdownDescription": "The type of access for the container.", + "title": "AccessLevel", + "type": "string" + }, + "ContainerPath": { + "markdownDescription": "The mount path on the container. If this property isn't set, the instance path is used.", + "title": "ContainerPath", + "type": "string" + }, + "InstancePath": { + "markdownDescription": "The path to the source file or directory.", + "title": "InstancePath", "type": "string" } }, "required": [ - "TopicArn" + "InstancePath" ], "type": "object" }, - "AWS::IoT::MitigationAction.ReplaceDefaultPolicyVersionParams": { + "AWS::GameLift::ContainerGroupDefinition.ContainerPortRange": { "additionalProperties": false, "properties": { - "TemplateName": { - "markdownDescription": "The name of the template to be applied. The only supported value is `BLANK_POLICY` .", - "title": "TemplateName", + "FromPort": { + "markdownDescription": "A starting value for the range of allowed port numbers.", + "title": "FromPort", + "type": "number" + }, + "Protocol": { + "markdownDescription": "The network protocol that these ports support.", + "title": "Protocol", "type": "string" + }, + "ToPort": { + "markdownDescription": "An ending value for the range of allowed port numbers. Port numbers are end-inclusive. This value must be equal to or greater than `FromPort` .", + "title": "ToPort", + "type": "number" } }, "required": [ - "TemplateName" + "FromPort", + "Protocol", + "ToPort" ], "type": "object" }, - "AWS::IoT::MitigationAction.UpdateCACertificateParams": { + "AWS::GameLift::ContainerGroupDefinition.GameServerContainerDefinition": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The action that you want to apply to the CA certificate. The only supported value is `DEACTIVATE` .", - "title": "Action", + "ContainerName": { + "markdownDescription": "The container definition identifier. Container names are unique within a container group definition.", + "title": "ContainerName", + "type": "string" + }, + "DependsOn": { + "items": { + "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerDependency" + }, + "markdownDescription": "Indicates that the container relies on the status of other containers in the same container group during startup and shutdown sequences. A container might have dependencies on multiple containers.", + "title": "DependsOn", + "type": "array" + }, + "EnvironmentOverride": { + "items": { + "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerEnvironment" + }, + "markdownDescription": "A set of environment variables that's passed to the container on startup. See the [ContainerDefinition::environment](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ContainerDefinition.html#ECS-Type-ContainerDefinition-environment) parameter in the *Amazon Elastic Container Service API Reference* .", + "title": "EnvironmentOverride", + "type": "array" + }, + "ImageUri": { + "markdownDescription": "The URI to the image that Amazon GameLift Servers uses when deploying this container to a container fleet. For a more specific identifier, see `ResolvedImageDigest` .", + "title": "ImageUri", + "type": "string" + }, + "MountPoints": { + "items": { + "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerMountPoint" + }, + "markdownDescription": "A mount point that binds a path inside the container to a file or directory on the host system and lets it access the file or directory.", + "title": "MountPoints", + "type": "array" + }, + "PortConfiguration": { + "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.PortConfiguration", + "markdownDescription": "The set of ports that are available to bind to processes in the container. For example, a game server process requires a container port to allow game clients to connect to it. Container ports aren't directly accessed by inbound traffic. Amazon GameLift Servers maps these container ports to externally accessible connection ports, which are assigned as needed from the container fleet's `ConnectionPortRange` .", + "title": "PortConfiguration" + }, + "ResolvedImageDigest": { + "markdownDescription": "A unique and immutable identifier for the container image. The digest is a SHA 256 hash of the container image manifest.", + "title": "ResolvedImageDigest", + "type": "string" + }, + "ServerSdkVersion": { + "markdownDescription": "The Amazon GameLift Servers server SDK version that the game server is integrated with. Only game servers using 5.2.0 or higher are compatible with container fleets.", + "title": "ServerSdkVersion", "type": "string" } }, "required": [ - "Action" + "ContainerName", + "ImageUri", + "ServerSdkVersion" ], "type": "object" }, - "AWS::IoT::MitigationAction.UpdateDeviceCertificateParams": { + "AWS::GameLift::ContainerGroupDefinition.PortConfiguration": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The action that you want to apply to the device certificate. The only supported value is `DEACTIVATE` .", - "title": "Action", - "type": "string" + "ContainerPortRanges": { + "items": { + "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerPortRange" + }, + "markdownDescription": "", + "title": "ContainerPortRanges", + "type": "array" } }, "required": [ - "Action" + "ContainerPortRanges" ], "type": "object" }, - "AWS::IoT::Policy": { + "AWS::GameLift::ContainerGroupDefinition.SupportContainerDefinition": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ContainerName": { + "markdownDescription": "The container definition identifier. Container names are unique within a container group definition.", + "title": "ContainerName", "type": "string" }, "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "items": { + "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerDependency" + }, + "markdownDescription": "Indicates that the container relies on the status of other containers in the same container group during its startup and shutdown sequences. A container might have dependencies on multiple containers.", + "title": "DependsOn", + "type": "array" }, - "Properties": { - "additionalProperties": false, - "properties": { - "PolicyDocument": { - "markdownDescription": "The JSON document that describes the policy.", - "title": "PolicyDocument", - "type": "object" - }, - "PolicyName": { - "markdownDescription": "The policy name.", - "title": "PolicyName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "", - "title": "Tags", - "type": "array" - } + "EnvironmentOverride": { + "items": { + "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerEnvironment" }, - "required": [ - "PolicyDocument" - ], - "type": "object" + "markdownDescription": "A set of environment variables that's passed to the container on startup. See the [ContainerDefinition::environment](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ContainerDefinition.html#ECS-Type-ContainerDefinition-environment) parameter in the *Amazon Elastic Container Service API Reference* .", + "title": "EnvironmentOverride", + "type": "array" }, - "Type": { - "enum": [ - "AWS::IoT::Policy" - ], - "type": "string" + "Essential": { + "markdownDescription": "Indicates whether the container is vital to the container group. If an essential container fails, the entire container group restarts.", + "title": "Essential", + "type": "boolean" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::IoT::PolicyPrincipalAttachment": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" + "HealthCheck": { + "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerHealthCheck", + "markdownDescription": "A configuration for a non-terminal health check. A support container automatically restarts if it stops functioning or if it fails this health check.", + "title": "HealthCheck" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ImageUri": { + "markdownDescription": "The URI to the image that Amazon GameLift Servers deploys to a container fleet. For a more specific identifier, see `ResolvedImageDigest` .", + "title": "ImageUri", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "MemoryHardLimitMebibytes": { + "markdownDescription": "The amount of memory that Amazon GameLift Servers makes available to the container. If memory limits aren't set for an individual container, the container shares the container group's total memory allocation.\n\n*Related data type:* [ContainerGroupDefinition TotalMemoryLimitMebibytes](https://docs.aws.amazon.com/gamelift/latest/apireference/API_ContainerGroupDefinition.html)", + "title": "MemoryHardLimitMebibytes", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "PolicyName": { - "markdownDescription": "The name of the AWS IoT policy.", - "title": "PolicyName", - "type": "string" - }, - "Principal": { - "markdownDescription": "The principal, which can be a certificate ARN (as returned from the `CreateCertificate` operation) or an Amazon Cognito ID.", - "title": "Principal", - "type": "string" - } + "MountPoints": { + "items": { + "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerMountPoint" }, - "required": [ - "PolicyName", - "Principal" - ], - "type": "object" + "markdownDescription": "A mount point that binds a path inside the container to a file or directory on the host system and lets it access the file or directory.", + "title": "MountPoints", + "type": "array" }, - "Type": { - "enum": [ - "AWS::IoT::PolicyPrincipalAttachment" - ], - "type": "string" + "PortConfiguration": { + "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.PortConfiguration", + "markdownDescription": "A set of ports that allow access to the container from external users. Processes running in the container can bind to a one of these ports. Container ports aren't directly accessed by inbound traffic. Amazon GameLift Servers maps these container ports to externally accessible connection ports, which are assigned as needed from the container fleet's `ConnectionPortRange` .", + "title": "PortConfiguration" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ResolvedImageDigest": { + "markdownDescription": "A unique and immutable identifier for the container image. The digest is a SHA 256 hash of the container image manifest.", + "title": "ResolvedImageDigest", "type": "string" + }, + "Vcpu": { + "markdownDescription": "The number of vCPU units that are reserved for the container. If no resources are reserved, the container shares the total vCPU limit for the container group.\n\n*Related data type:* [ContainerGroupDefinition TotalVcpuLimit](https://docs.aws.amazon.com/gamelift/latest/apireference/API_ContainerGroupDefinition.html)", + "title": "Vcpu", + "type": "number" } }, "required": [ - "Type", - "Properties" + "ContainerName", + "ImageUri" ], "type": "object" }, - "AWS::IoT::ProvisioningTemplate": { + "AWS::GameLift::Fleet": { "additionalProperties": false, "properties": { "Condition": { @@ -122194,59 +127016,140 @@ "Properties": { "additionalProperties": false, "properties": { + "AnywhereConfiguration": { + "$ref": "#/definitions/AWS::GameLift::Fleet.AnywhereConfiguration", + "markdownDescription": "Amazon GameLift Servers Anywhere configuration options.", + "title": "AnywhereConfiguration" + }, + "ApplyCapacity": { + "markdownDescription": "Current resource capacity settings for managed EC2 fleets and managed container fleets. For multi-location fleets, location values might refer to a fleet's remote location or its home Region.\n\n*Returned by:* [DescribeFleetCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetCapacity.html) , [DescribeFleetLocationCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetLocationCapacity.html) , [UpdateFleetCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateFleetCapacity.html)", + "title": "ApplyCapacity", + "type": "string" + }, + "BuildId": { + "markdownDescription": "A unique identifier for a build to be deployed on the new fleet. If you are deploying the fleet with a custom game build, you must specify this property. The build must have been successfully uploaded to Amazon GameLift and be in a `READY` status. This fleet setting cannot be changed once the fleet is created.", + "title": "BuildId", + "type": "string" + }, + "CertificateConfiguration": { + "$ref": "#/definitions/AWS::GameLift::Fleet.CertificateConfiguration", + "markdownDescription": "Prompts Amazon GameLift Servers to generate a TLS/SSL certificate for the fleet. Amazon GameLift Servers uses the certificates to encrypt traffic between game clients and the game servers running on Amazon GameLift Servers. By default, the `CertificateConfiguration` is `DISABLED` . You can't change this property after you create the fleet.\n\nAWS Certificate Manager (ACM) certificates expire after 13 months. Certificate expiration can cause fleets to fail, preventing players from connecting to instances in the fleet. We recommend you replace fleets before 13 months, consider using fleet aliases for a smooth transition.\n\n> ACM isn't available in all AWS regions. A fleet creation request with certificate generation enabled in an unsupported Region, fails with a 4xx error. For more information about the supported Regions, see [Supported Regions](https://docs.aws.amazon.com/acm/latest/userguide/acm-regions.html) in the *AWS Certificate Manager User Guide* .", + "title": "CertificateConfiguration" + }, + "ComputeType": { + "markdownDescription": "The type of compute resource used to host your game servers.\n\n- `EC2` \u2013 The game server build is deployed to Amazon EC2 instances for cloud hosting. This is the default setting.\n- `ANYWHERE` \u2013 Game servers and supporting software are deployed to compute resources that you provide and manage. With this compute type, you can also set the `AnywhereConfiguration` parameter.", + "title": "ComputeType", + "type": "string" + }, "Description": { - "markdownDescription": "The description of the fleet provisioning template.", + "markdownDescription": "A description for the fleet.", "title": "Description", "type": "string" }, - "Enabled": { - "markdownDescription": "True to enable the fleet provisioning template, otherwise false.", - "title": "Enabled", - "type": "boolean" + "EC2InboundPermissions": { + "items": { + "$ref": "#/definitions/AWS::GameLift::Fleet.IpPermission" + }, + "markdownDescription": "The IP address ranges and port settings that allow inbound traffic to access game server processes and other processes on this fleet. Set this parameter for managed EC2 fleets. You can leave this parameter empty when creating the fleet, but you must call [](https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateFleetPortSettings) to set it before players can connect to game sessions. As a best practice, we recommend opening ports for remote access only when you need them and closing them when you're finished. For Amazon GameLift Servers Realtime fleets, Amazon GameLift Servers automatically sets TCP and UDP ranges.", + "title": "EC2InboundPermissions", + "type": "array" }, - "PreProvisioningHook": { - "$ref": "#/definitions/AWS::IoT::ProvisioningTemplate.ProvisioningHook", - "markdownDescription": "Creates a pre-provisioning hook template.", - "title": "PreProvisioningHook" + "EC2InstanceType": { + "markdownDescription": "The Amazon GameLift Servers-supported Amazon EC2 instance type to use with managed EC2 fleets. Instance type determines the computing resources that will be used to host your game servers, including CPU, memory, storage, and networking capacity. See [Amazon Elastic Compute Cloud Instance Types](https://docs.aws.amazon.com/ec2/instance-types/) for detailed descriptions of Amazon EC2 instance types.", + "title": "EC2InstanceType", + "type": "string" }, - "ProvisioningRoleArn": { - "markdownDescription": "The role ARN for the role associated with the fleet provisioning template. This IoT role grants permission to provision a device.", - "title": "ProvisioningRoleArn", + "FleetType": { + "markdownDescription": "Indicates whether to use On-Demand or Spot instances for this fleet. By default, this property is set to `ON_DEMAND` . Learn more about when to use [On-Demand versus Spot Instances](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-ec2-instances.html#gamelift-ec2-instances-spot) . This fleet property can't be changed after the fleet is created.", + "title": "FleetType", "type": "string" }, - "Tags": { + "InstanceRoleARN": { + "markdownDescription": "A unique identifier for an IAM role that manages access to your AWS services. With an instance role ARN set, any application that runs on an instance in this fleet can assume the role, including install scripts, server processes, and daemons (background processes). Create a role or look up a role's ARN by using the [IAM dashboard](https://docs.aws.amazon.com/iam/) in the AWS Management Console . Learn more about using on-box credentials for your game servers at [Access external resources from a game server](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-sdk-server-resources.html) . This attribute is used with fleets where `ComputeType` is `EC2` .", + "title": "InstanceRoleARN", + "type": "string" + }, + "InstanceRoleCredentialsProvider": { + "markdownDescription": "Indicates that fleet instances maintain a shared credentials file for the IAM role defined in `InstanceRoleArn` . Shared credentials allow applications that are deployed with the game server executable to communicate with other AWS resources. This property is used only when the game server is integrated with the server SDK version 5.x. For more information about using shared credentials, see [Communicate with other AWS resources from your fleets](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-sdk-server-resources.html) . This attribute is used with fleets where `ComputeType` is `EC2` .", + "title": "InstanceRoleCredentialsProvider", + "type": "string" + }, + "Locations": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::GameLift::Fleet.LocationConfiguration" }, - "markdownDescription": "Metadata that can be used to manage the fleet provisioning template.", - "title": "Tags", + "markdownDescription": "A set of remote locations to deploy additional instances to and manage as a multi-location fleet. Use this parameter when creating a fleet in AWS Regions that support multiple locations. You can add any AWS Region or Local Zone that's supported by Amazon GameLift Servers. Provide a list of one or more AWS Region codes, such as `us-west-2` , or Local Zone names. When using this parameter, Amazon GameLift Servers requires you to include your home location in the request. For a list of supported Regions and Local Zones, see [Amazon GameLift Servers service locations](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-regions.html) for managed hosting.", + "title": "Locations", "type": "array" }, - "TemplateBody": { - "markdownDescription": "The JSON formatted contents of the fleet provisioning template version.", - "title": "TemplateBody", + "MetricGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The name of an AWS CloudWatch metric group to add this fleet to. A metric group is used to aggregate the metrics for multiple fleets. You can specify an existing metric group name or set a new name to create a new metric group. A fleet can be included in only one metric group at a time.", + "title": "MetricGroups", + "type": "array" + }, + "Name": { + "markdownDescription": "A descriptive label that is associated with a fleet. Fleet names do not need to be unique.", + "title": "Name", "type": "string" }, - "TemplateName": { - "markdownDescription": "The name of the fleet provisioning template.", - "title": "TemplateName", + "NewGameSessionProtectionPolicy": { + "markdownDescription": "The status of termination protection for active game sessions on the fleet. By default, this property is set to `NoProtection` .\n\n- *NoProtection* - Game sessions can be terminated during active gameplay as a result of a scale-down event.\n- *FullProtection* - Game sessions in `ACTIVE` status cannot be terminated during a scale-down event.", + "title": "NewGameSessionProtectionPolicy", "type": "string" }, - "TemplateType": { - "markdownDescription": "The type of the provisioning template.", - "title": "TemplateType", + "PeerVpcAwsAccountId": { + "markdownDescription": "Used when peering your Amazon GameLift Servers fleet with a VPC, the unique identifier for the AWS account that owns the VPC. You can find your account ID in the AWS Management Console under account settings.", + "title": "PeerVpcAwsAccountId", + "type": "string" + }, + "PeerVpcId": { + "markdownDescription": "A unique identifier for a VPC with resources to be accessed by your Amazon GameLift Servers fleet. The VPC must be in the same Region as your fleet. To look up a VPC ID, use the [VPC Dashboard](https://docs.aws.amazon.com/vpc/) in the AWS Management Console . Learn more about VPC peering in [VPC Peering with Amazon GameLift Servers Fleets](https://docs.aws.amazon.com/gamelift/latest/developerguide/vpc-peering.html) .", + "title": "PeerVpcId", + "type": "string" + }, + "ResourceCreationLimitPolicy": { + "$ref": "#/definitions/AWS::GameLift::Fleet.ResourceCreationLimitPolicy", + "markdownDescription": "A policy that limits the number of game sessions that an individual player can create on instances in this fleet within a specified span of time.", + "title": "ResourceCreationLimitPolicy" + }, + "RuntimeConfiguration": { + "$ref": "#/definitions/AWS::GameLift::Fleet.RuntimeConfiguration", + "markdownDescription": "Instructions for how to launch and maintain server processes on instances in the fleet. The runtime configuration defines one or more server process configurations, each identifying a build executable or Realtime script file and the number of processes of that type to run concurrently.\n\n> The `RuntimeConfiguration` parameter is required unless the fleet is being configured using the older parameters `ServerLaunchPath` and `ServerLaunchParameters` , which are still supported for backward compatibility.", + "title": "RuntimeConfiguration" + }, + "ScalingPolicies": { + "items": { + "$ref": "#/definitions/AWS::GameLift::Fleet.ScalingPolicy" + }, + "markdownDescription": "Rule that controls how a fleet is scaled. Scaling policies are uniquely identified by the combination of name and fleet ID.", + "title": "ScalingPolicies", + "type": "array" + }, + "ScriptId": { + "markdownDescription": "The unique identifier for a Realtime configuration script to be deployed on fleet instances. You can use either the script ID or ARN. Scripts must be uploaded to Amazon GameLift Servers prior to creating the fleet. This fleet property cannot be changed later.\n\n> You can't use the `!Ref` command to reference a script created with a CloudFormation template for the fleet property `ScriptId` . Instead, use `Fn::GetAtt Script.Arn` or `Fn::GetAtt Script.Id` to retrieve either of these properties as input for `ScriptId` . Alternatively, enter a `ScriptId` string manually.", + "title": "ScriptId", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" } }, "required": [ - "ProvisioningRoleArn", - "TemplateBody" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::ProvisioningTemplate" + "AWS::GameLift::Fleet" ], "type": "string" }, @@ -122265,187 +127168,261 @@ ], "type": "object" }, - "AWS::IoT::ProvisioningTemplate.ProvisioningHook": { + "AWS::GameLift::Fleet.AnywhereConfiguration": { "additionalProperties": false, "properties": { - "PayloadVersion": { - "markdownDescription": "The payload that was sent to the target function. The valid payload is `\"2020-04-01\"` .", - "title": "PayloadVersion", + "Cost": { + "markdownDescription": "The cost to run your fleet per hour. Amazon GameLift Servers uses the provided cost of your fleet to balance usage in queues. For more information about queues, see [Setting up queues](https://docs.aws.amazon.com/gamelift/latest/developerguide/queues-intro.html) in the *Amazon GameLift Servers Developer Guide* .", + "title": "Cost", "type": "string" - }, - "TargetArn": { - "markdownDescription": "The ARN of the target function.", - "title": "TargetArn", + } + }, + "required": [ + "Cost" + ], + "type": "object" + }, + "AWS::GameLift::Fleet.CertificateConfiguration": { + "additionalProperties": false, + "properties": { + "CertificateType": { + "markdownDescription": "Indicates whether a TLS/SSL certificate is generated for a fleet.\n\nValid values include:\n\n- *GENERATED* - Generate a TLS/SSL certificate for this fleet.\n- *DISABLED* - (default) Do not generate a TLS/SSL certificate for this fleet.", + "title": "CertificateType", "type": "string" } }, + "required": [ + "CertificateType" + ], "type": "object" }, - "AWS::IoT::ResourceSpecificLogging": { + "AWS::GameLift::Fleet.IpPermission": { "additionalProperties": false, "properties": { - "Condition": { + "FromPort": { + "markdownDescription": "A starting value for a range of allowed port numbers.\n\nFor fleets using Linux builds, only ports `22` and `1026-60000` are valid.\n\nFor fleets using Windows builds, only ports `1026-60000` are valid.", + "title": "FromPort", + "type": "number" + }, + "IpRange": { + "markdownDescription": "A range of allowed IP addresses. This value must be expressed in CIDR notation. Example: \" `000.000.000.000/[subnet mask]` \" or optionally the shortened version \" `0.0.0.0/[subnet mask]` \".", + "title": "IpRange", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Protocol": { + "markdownDescription": "The network communication protocol used by the fleet.", + "title": "Protocol", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "ToPort": { + "markdownDescription": "An ending value for a range of allowed port numbers. Port numbers are end-inclusive. This value must be equal to or greater than `FromPort` .\n\nFor fleets using Linux builds, only ports `22` and `1026-60000` are valid.\n\nFor fleets using Windows builds, only ports `1026-60000` are valid.", + "title": "ToPort", + "type": "number" + } + }, + "required": [ + "FromPort", + "IpRange", + "Protocol", + "ToPort" + ], + "type": "object" + }, + "AWS::GameLift::Fleet.LocationCapacity": { + "additionalProperties": false, + "properties": { + "DesiredEC2Instances": { + "markdownDescription": "The number of Amazon EC2 instances you want to maintain in the specified fleet location. This value must fall between the minimum and maximum size limits. Changes in desired instance value can take up to 1 minute to be reflected when viewing the fleet's capacity settings.", + "title": "DesiredEC2Instances", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "LogLevel": { - "markdownDescription": "The default log level.Valid Values: `DEBUG | INFO | ERROR | WARN | DISABLED`", - "title": "LogLevel", - "type": "string" - }, - "TargetName": { - "markdownDescription": "The target name.", - "title": "TargetName", - "type": "string" - }, - "TargetType": { - "markdownDescription": "The target type. Valid Values: `DEFAULT | THING_GROUP`", - "title": "TargetType", - "type": "string" - } - }, - "required": [ - "LogLevel", - "TargetName", - "TargetType" - ], - "type": "object" + "MaxSize": { + "markdownDescription": "The maximum number of instances that are allowed in the specified fleet location. If this parameter is not set, the default is 1.", + "title": "MaxSize", + "type": "number" }, - "Type": { - "enum": [ - "AWS::IoT::ResourceSpecificLogging" - ], + "MinSize": { + "markdownDescription": "The minimum number of instances that are allowed in the specified fleet location. If this parameter is not set, the default is 0.", + "title": "MinSize", + "type": "number" + } + }, + "required": [ + "DesiredEC2Instances", + "MaxSize", + "MinSize" + ], + "type": "object" + }, + "AWS::GameLift::Fleet.LocationConfiguration": { + "additionalProperties": false, + "properties": { + "Location": { + "markdownDescription": "An AWS Region code, such as `us-west-2` . For a list of supported Regions and Local Zones, see [Amazon GameLift Servers service locations](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-regions.html) for managed hosting.", + "title": "Location", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "LocationCapacity": { + "$ref": "#/definitions/AWS::GameLift::Fleet.LocationCapacity", + "markdownDescription": "Current resource capacity settings for managed EC2 fleets and managed container fleets. For multi-location fleets, location values might refer to a fleet's remote location or its home Region.\n\n*Returned by:* [DescribeFleetCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetCapacity.html) , [DescribeFleetLocationCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetLocationCapacity.html) , [UpdateFleetCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateFleetCapacity.html)", + "title": "LocationCapacity" } }, "required": [ - "Type", - "Properties" + "Location" ], "type": "object" }, - "AWS::IoT::RoleAlias": { + "AWS::GameLift::Fleet.ResourceCreationLimitPolicy": { "additionalProperties": false, "properties": { - "Condition": { + "NewGameSessionsPerCreator": { + "markdownDescription": "A policy that puts limits on the number of game sessions that a player can create within a specified span of time. With this policy, you can control players' ability to consume available resources.\n\nThe policy is evaluated when a player tries to create a new game session. On receiving a `CreateGameSession` request, Amazon GameLift Servers checks that the player (identified by `CreatorId` ) has created fewer than game session limit in the specified time period.", + "title": "NewGameSessionsPerCreator", + "type": "number" + }, + "PolicyPeriodInMinutes": { + "markdownDescription": "The time span used in evaluating the resource creation limit policy.", + "title": "PolicyPeriodInMinutes", + "type": "number" + } + }, + "type": "object" + }, + "AWS::GameLift::Fleet.RuntimeConfiguration": { + "additionalProperties": false, + "properties": { + "GameSessionActivationTimeoutSeconds": { + "markdownDescription": "The maximum amount of time (in seconds) allowed to launch a new game session and have it report ready to host players. During this time, the game session is in status `ACTIVATING` . If the game session does not become active before the timeout, it is ended and the game session status is changed to `TERMINATED` .", + "title": "GameSessionActivationTimeoutSeconds", + "type": "number" + }, + "MaxConcurrentGameSessionActivations": { + "markdownDescription": "The number of game sessions in status `ACTIVATING` to allow on an instance or compute. This setting limits the instance resources that can be used for new game activations at any one time.", + "title": "MaxConcurrentGameSessionActivations", + "type": "number" + }, + "ServerProcesses": { + "items": { + "$ref": "#/definitions/AWS::GameLift::Fleet.ServerProcess" + }, + "markdownDescription": "A collection of server process configurations that identify what server processes to run on fleet computes.", + "title": "ServerProcesses", + "type": "array" + } + }, + "type": "object" + }, + "AWS::GameLift::Fleet.ScalingPolicy": { + "additionalProperties": false, + "properties": { + "ComparisonOperator": { + "markdownDescription": "Comparison operator to use when measuring a metric against the threshold value.", + "title": "ComparisonOperator", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "EvaluationPeriods": { + "markdownDescription": "Length of time (in minutes) the metric must be at or beyond the threshold before a scaling event is triggered.", + "title": "EvaluationPeriods", + "type": "number" + }, + "Location": { + "markdownDescription": "The fleet location.", + "title": "Location", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "MetricName": { + "markdownDescription": "Name of the Amazon GameLift Servers-defined metric that is used to trigger a scaling adjustment. For detailed descriptions of fleet metrics, see [Monitor Amazon GameLift Servers with Amazon CloudWatch](https://docs.aws.amazon.com/gamelift/latest/developerguide/monitoring-cloudwatch.html) .\n\n- *ActivatingGameSessions* -- Game sessions in the process of being created.\n- *ActiveGameSessions* -- Game sessions that are currently running.\n- *ActiveInstances* -- Fleet instances that are currently running at least one game session.\n- *AvailableGameSessions* -- Additional game sessions that fleet could host simultaneously, given current capacity.\n- *AvailablePlayerSessions* -- Empty player slots in currently active game sessions. This includes game sessions that are not currently accepting players. Reserved player slots are not included.\n- *CurrentPlayerSessions* -- Player slots in active game sessions that are being used by a player or are reserved for a player.\n- *IdleInstances* -- Active instances that are currently hosting zero game sessions.\n- *PercentAvailableGameSessions* -- Unused percentage of the total number of game sessions that a fleet could host simultaneously, given current capacity. Use this metric for a target-based scaling policy.\n- *PercentIdleInstances* -- Percentage of the total number of active instances that are hosting zero game sessions.\n- *QueueDepth* -- Pending game session placement requests, in any queue, where the current fleet is the top-priority destination.\n- *WaitTime* -- Current wait time for pending game session placement requests, in any queue, where the current fleet is the top-priority destination.", + "title": "MetricName", + "type": "string" }, - "Metadata": { - "type": "object" + "Name": { + "markdownDescription": "A descriptive label that is associated with a fleet's scaling policy. Policy names do not need to be unique.", + "title": "Name", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "CredentialDurationSeconds": { - "markdownDescription": "The number of seconds for which the credential is valid.", - "title": "CredentialDurationSeconds", - "type": "number" - }, - "RoleAlias": { - "markdownDescription": "The role alias.", - "title": "RoleAlias", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The role ARN.", - "title": "RoleArn", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "RoleArn" - ], - "type": "object" + "PolicyType": { + "markdownDescription": "The type of scaling policy to create. For a target-based policy, set the parameter *MetricName* to 'PercentAvailableGameSessions' and specify a *TargetConfiguration* . For a rule-based policy set the following parameters: *MetricName* , *ComparisonOperator* , *Threshold* , *EvaluationPeriods* , *ScalingAdjustmentType* , and *ScalingAdjustment* .", + "title": "PolicyType", + "type": "string" }, - "Type": { - "enum": [ - "AWS::IoT::RoleAlias" - ], + "ScalingAdjustment": { + "markdownDescription": "Amount of adjustment to make, based on the scaling adjustment type.", + "title": "ScalingAdjustment", + "type": "number" + }, + "ScalingAdjustmentType": { + "markdownDescription": "The type of adjustment to make to a fleet's instance count.\n\n- *ChangeInCapacity* -- add (or subtract) the scaling adjustment value from the current instance count. Positive values scale up while negative values scale down.\n- *ExactCapacity* -- set the instance count to the scaling adjustment value.\n- *PercentChangeInCapacity* -- increase or reduce the current instance count by the scaling adjustment, read as a percentage. Positive values scale up while negative values scale down.", + "title": "ScalingAdjustmentType", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Status": { + "markdownDescription": "Current status of the scaling policy. The scaling policy can be in force only when in an `ACTIVE` status. Scaling policies can be suspended for individual fleets. If the policy is suspended for a fleet, the policy status does not change.\n\n- *ACTIVE* -- The scaling policy can be used for auto-scaling a fleet.\n- *UPDATE_REQUESTED* -- A request to update the scaling policy has been received.\n- *UPDATING* -- A change is being made to the scaling policy.\n- *DELETE_REQUESTED* -- A request to delete the scaling policy has been received.\n- *DELETING* -- The scaling policy is being deleted.\n- *DELETED* -- The scaling policy has been deleted.\n- *ERROR* -- An error occurred in creating the policy. It should be removed and recreated.", + "title": "Status", + "type": "string" + }, + "TargetConfiguration": { + "$ref": "#/definitions/AWS::GameLift::Fleet.TargetConfiguration", + "markdownDescription": "An object that contains settings for a target-based scaling policy.", + "title": "TargetConfiguration" + }, + "Threshold": { + "markdownDescription": "Metric value used to trigger a scaling event.", + "title": "Threshold", + "type": "number" + }, + "UpdateStatus": { + "markdownDescription": "The current status of the fleet's scaling policies in a requested fleet location. The status `PENDING_UPDATE` indicates that an update was requested for the fleet but has not yet been completed for the location.", + "title": "UpdateStatus", "type": "string" } }, "required": [ - "Type", - "Properties" + "MetricName", + "Name" ], "type": "object" }, - "AWS::IoT::ScheduledAudit": { + "AWS::GameLift::Fleet.ServerProcess": { + "additionalProperties": false, + "properties": { + "ConcurrentExecutions": { + "markdownDescription": "The number of server processes using this configuration that run concurrently on each instance or compute.", + "title": "ConcurrentExecutions", + "type": "number" + }, + "LaunchPath": { + "markdownDescription": "The location of a game build executable or Realtime script. Game builds and Realtime scripts are installed on instances at the root:\n\n- Windows (custom game builds only): `C:\\game` . Example: \" `C:\\game\\MyGame\\server.exe` \"\n- Linux: `/local/game` . Examples: \" `/local/game/MyGame/server.exe` \" or \" `/local/game/MyRealtimeScript.js` \"\n\n> Amazon GameLift Servers doesn't support the use of setup scripts that launch the game executable. For custom game builds, this parameter must indicate the executable that calls the server SDK operations `initSDK()` and `ProcessReady()` .", + "title": "LaunchPath", + "type": "string" + }, + "Parameters": { + "markdownDescription": "An optional list of parameters to pass to the server executable or Realtime script on launch.\n\nLength Constraints: Minimum length of 1. Maximum length of 1024.\n\nPattern: [A-Za-z0-9_:.+\\/\\\\\\- =@{},?'\\[\\]\"]+", + "title": "Parameters", + "type": "string" + } + }, + "required": [ + "ConcurrentExecutions", + "LaunchPath" + ], + "type": "object" + }, + "AWS::GameLift::Fleet.TargetConfiguration": { + "additionalProperties": false, + "properties": { + "TargetValue": { + "markdownDescription": "Desired value to use with a target-based scaling policy. The value must be relevant for whatever metric the scaling policy is using. For example, in a policy using the metric PercentAvailableGameSessions, the target value should be the preferred size of the fleet's buffer (the percent of capacity that should be idle and ready for new game sessions).", + "title": "TargetValue", + "type": "number" + } + }, + "required": [ + "TargetValue" + ], + "type": "object" + }, + "AWS::GameLift::GameServerGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -122480,52 +127457,86 @@ "Properties": { "additionalProperties": false, "properties": { - "DayOfMonth": { - "markdownDescription": "The day of the month on which the scheduled audit is run (if the `frequency` is \"MONTHLY\"). If days 29-31 are specified, and the month does not have that many days, the audit takes place on the \"LAST\" day of the month.", - "title": "DayOfMonth", + "AutoScalingPolicy": { + "$ref": "#/definitions/AWS::GameLift::GameServerGroup.AutoScalingPolicy", + "markdownDescription": "Configuration settings to define a scaling policy for the Auto Scaling group that is optimized for game hosting. The scaling policy uses the metric `\"PercentUtilizedGameServers\"` to maintain a buffer of idle game servers that can immediately accommodate new games and players. After the Auto Scaling group is created, update this value directly in the Auto Scaling group using the AWS console or APIs.", + "title": "AutoScalingPolicy" + }, + "BalancingStrategy": { + "markdownDescription": "Indicates how Amazon GameLift Servers FleetIQ balances the use of Spot Instances and On-Demand Instances in the game server group. Method options include the following:\n\n- `SPOT_ONLY` - Only Spot Instances are used in the game server group. If Spot Instances are unavailable or not viable for game hosting, the game server group provides no hosting capacity until Spot Instances can again be used. Until then, no new instances are started, and the existing nonviable Spot Instances are terminated (after current gameplay ends) and are not replaced.\n- `SPOT_PREFERRED` - (default value) Spot Instances are used whenever available in the game server group. If Spot Instances are unavailable, the game server group continues to provide hosting capacity by falling back to On-Demand Instances. Existing nonviable Spot Instances are terminated (after current gameplay ends) and are replaced with new On-Demand Instances.\n- `ON_DEMAND_ONLY` - Only On-Demand Instances are used in the game server group. No Spot Instances are used, even when available, while this balancing strategy is in force.", + "title": "BalancingStrategy", "type": "string" }, - "DayOfWeek": { - "markdownDescription": "The day of the week on which the scheduled audit is run (if the `frequency` is \"WEEKLY\" or \"BIWEEKLY\").", - "title": "DayOfWeek", + "DeleteOption": { + "markdownDescription": "The type of delete to perform. To delete a game server group, specify the `DeleteOption` . Options include the following:\n\n- `SAFE_DELETE` \u2013 (default) Terminates the game server group and Amazon EC2 Auto Scaling group only when it has no game servers that are in `UTILIZED` status.\n- `FORCE_DELETE` \u2013 Terminates the game server group, including all active game servers regardless of their utilization status, and the Amazon EC2 Auto Scaling group.\n- `RETAIN` \u2013 Does a safe delete of the game server group but retains the Amazon EC2 Auto Scaling group as is.", + "title": "DeleteOption", "type": "string" }, - "Frequency": { - "markdownDescription": "How often the scheduled audit occurs.", - "title": "Frequency", + "GameServerGroupName": { + "markdownDescription": "A developer-defined identifier for the game server group. The name is unique for each Region in each AWS account.", + "title": "GameServerGroupName", "type": "string" }, - "ScheduledAuditName": { - "markdownDescription": "The name of the scheduled audit.", - "title": "ScheduledAuditName", + "GameServerProtectionPolicy": { + "markdownDescription": "A flag that indicates whether instances in the game server group are protected from early termination. Unprotected instances that have active game servers running might be terminated during a scale-down event, causing players to be dropped from the game. Protected instances cannot be terminated while there are active game servers running except in the event of a forced game server group deletion (see ). An exception to this is with Spot Instances, which can be terminated by AWS regardless of protection status.", + "title": "GameServerProtectionPolicy", + "type": "string" + }, + "InstanceDefinitions": { + "items": { + "$ref": "#/definitions/AWS::GameLift::GameServerGroup.InstanceDefinition" + }, + "markdownDescription": "The set of Amazon EC2 instance types that Amazon GameLift Servers FleetIQ can use when balancing and automatically scaling instances in the corresponding Auto Scaling group.", + "title": "InstanceDefinitions", + "type": "array" + }, + "LaunchTemplate": { + "$ref": "#/definitions/AWS::GameLift::GameServerGroup.LaunchTemplate", + "markdownDescription": "The Amazon EC2 launch template that contains configuration settings and game server code to be deployed to all instances in the game server group. You can specify the template using either the template name or ID. For help with creating a launch template, see [Creating a Launch Template for an Auto Scaling Group](https://docs.aws.amazon.com/autoscaling/ec2/userguide/create-launch-template.html) in the *Amazon Elastic Compute Cloud Auto Scaling User Guide* . After the Auto Scaling group is created, update this value directly in the Auto Scaling group using the AWS console or APIs.\n\n> If you specify network interfaces in your launch template, you must explicitly set the property `AssociatePublicIpAddress` to \"true\". If no network interface is specified in the launch template, Amazon GameLift Servers FleetIQ uses your account's default VPC.", + "title": "LaunchTemplate" + }, + "MaxSize": { + "markdownDescription": "The maximum number of instances allowed in the Amazon EC2 Auto Scaling group. During automatic scaling events, Amazon GameLift Servers FleetIQ and EC2 do not scale up the group above this maximum. After the Auto Scaling group is created, update this value directly in the Auto Scaling group using the AWS console or APIs.", + "title": "MaxSize", + "type": "number" + }, + "MinSize": { + "markdownDescription": "The minimum number of instances allowed in the Amazon EC2 Auto Scaling group. During automatic scaling events, Amazon GameLift Servers FleetIQ and Amazon EC2 do not scale down the group below this minimum. In production, this value should be set to at least 1. After the Auto Scaling group is created, update this value directly in the Auto Scaling group using the AWS console or APIs.", + "title": "MinSize", + "type": "number" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name ( [ARN](https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-arn-format.html) ) for an IAM role that allows Amazon GameLift Servers to access your Amazon EC2 Auto Scaling groups.", + "title": "RoleArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata that can be used to manage the scheduled audit.", + "markdownDescription": "A list of labels to assign to the new game server group resource. Tags are developer-defined key-value pairs. Tagging AWS resources is useful for resource management, access management, and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference* . Once the resource is created, you can use TagResource, UntagResource, and ListTagsForResource to add, remove, and view tags, respectively. The maximum tag limit may be lower than stated. See the AWS General Reference for actual tagging limits.", "title": "Tags", "type": "array" }, - "TargetCheckNames": { + "VpcSubnets": { "items": { "type": "string" }, - "markdownDescription": "Which checks are performed during the scheduled audit. Checks must be enabled for your account. (Use `DescribeAccountAuditConfiguration` to see the list of all checks, including those that are enabled or use `UpdateAccountAuditConfiguration` to select which checks are enabled.)\n\nThe following checks are currently available:\n\n- `AUTHENTICATED_COGNITO_ROLE_OVERLY_PERMISSIVE_CHECK`\n- `CA_CERTIFICATE_EXPIRING_CHECK`\n- `CA_CERTIFICATE_KEY_QUALITY_CHECK`\n- `CONFLICTING_CLIENT_IDS_CHECK`\n- `DEVICE_CERTIFICATE_EXPIRING_CHECK`\n- `DEVICE_CERTIFICATE_KEY_QUALITY_CHECK`\n- `DEVICE_CERTIFICATE_SHARED_CHECK`\n- `IOT_POLICY_OVERLY_PERMISSIVE_CHECK`\n- `IOT_ROLE_ALIAS_ALLOWS_ACCESS_TO_UNUSED_SERVICES_CHECK`\n- `IOT_ROLE_ALIAS_OVERLY_PERMISSIVE_CHECK`\n- `LOGGING_DISABLED_CHECK`\n- `REVOKED_CA_CERTIFICATE_STILL_ACTIVE_CHECK`\n- `REVOKED_DEVICE_CERTIFICATE_STILL_ACTIVE_CHECK`\n- `UNAUTHENTICATED_COGNITO_ROLE_OVERLY_PERMISSIVE_CHECK`", - "title": "TargetCheckNames", + "markdownDescription": "A list of virtual private cloud (VPC) subnets to use with instances in the game server group. By default, all Amazon GameLift Servers FleetIQ-supported Availability Zones are used. You can use this parameter to specify VPCs that you've set up. This property cannot be updated after the game server group is created, and the corresponding Auto Scaling group will always use the property value that is set with this request, even if the Auto Scaling group is updated directly.", + "title": "VpcSubnets", "type": "array" } }, "required": [ - "Frequency", - "TargetCheckNames" + "GameServerGroupName", + "InstanceDefinitions", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::ScheduledAudit" + "AWS::GameLift::GameServerGroup" ], "type": "string" }, @@ -122544,7 +127555,80 @@ ], "type": "object" }, - "AWS::IoT::SecurityProfile": { + "AWS::GameLift::GameServerGroup.AutoScalingPolicy": { + "additionalProperties": false, + "properties": { + "EstimatedInstanceWarmup": { + "markdownDescription": "Length of time, in seconds, it takes for a new instance to start new game server processes and register with Amazon GameLift Servers FleetIQ. Specifying a warm-up time can be useful, particularly with game servers that take a long time to start up, because it avoids prematurely starting new instances.", + "title": "EstimatedInstanceWarmup", + "type": "number" + }, + "TargetTrackingConfiguration": { + "$ref": "#/definitions/AWS::GameLift::GameServerGroup.TargetTrackingConfiguration", + "markdownDescription": "Settings for a target-based scaling policy applied to Auto Scaling group. These settings are used to create a target-based policy that tracks the GameLift FleetIQ metric `PercentUtilizedGameServers` and specifies a target value for the metric. As player usage changes, the policy triggers to adjust the game server group capacity so that the metric returns to the target value.", + "title": "TargetTrackingConfiguration" + } + }, + "required": [ + "TargetTrackingConfiguration" + ], + "type": "object" + }, + "AWS::GameLift::GameServerGroup.InstanceDefinition": { + "additionalProperties": false, + "properties": { + "InstanceType": { + "markdownDescription": "An Amazon EC2 instance type designation.", + "title": "InstanceType", + "type": "string" + }, + "WeightedCapacity": { + "markdownDescription": "Instance weighting that indicates how much this instance type contributes to the total capacity of a game server group. Instance weights are used by Amazon GameLift Servers FleetIQ to calculate the instance type's cost per unit hour and better identify the most cost-effective options. For detailed information on weighting instance capacity, see [Instance Weighting](https://docs.aws.amazon.com/autoscaling/ec2/userguide/asg-instance-weighting.html) in the *Amazon Elastic Compute Cloud Auto Scaling User Guide* . Default value is \"1\".", + "title": "WeightedCapacity", + "type": "string" + } + }, + "required": [ + "InstanceType" + ], + "type": "object" + }, + "AWS::GameLift::GameServerGroup.LaunchTemplate": { + "additionalProperties": false, + "properties": { + "LaunchTemplateId": { + "markdownDescription": "A unique identifier for an existing Amazon EC2 launch template.", + "title": "LaunchTemplateId", + "type": "string" + }, + "LaunchTemplateName": { + "markdownDescription": "A readable identifier for an existing Amazon EC2 launch template.", + "title": "LaunchTemplateName", + "type": "string" + }, + "Version": { + "markdownDescription": "The version of the Amazon EC2 launch template to use. If no version is specified, the default version will be used. With Amazon EC2, you can specify a default version for a launch template. If none is set, the default is the first version created.", + "title": "Version", + "type": "string" + } + }, + "type": "object" + }, + "AWS::GameLift::GameServerGroup.TargetTrackingConfiguration": { + "additionalProperties": false, + "properties": { + "TargetValue": { + "markdownDescription": "Desired value to use with a game server group target-based scaling policy.", + "title": "TargetValue", + "type": "number" + } + }, + "required": [ + "TargetValue" + ], + "type": "object" + }, + "AWS::GameLift::GameSessionQueue": { "additionalProperties": false, "properties": { "Condition": { @@ -122579,70 +127663,69 @@ "Properties": { "additionalProperties": false, "properties": { - "AdditionalMetricsToRetainV2": { - "items": { - "$ref": "#/definitions/AWS::IoT::SecurityProfile.MetricToRetain" - }, - "markdownDescription": "A list of metrics whose data is retained (stored). By default, data is retained for any metric used in the profile's `behaviors` , but it's also retained for any metric specified here. Can be used with custom metrics; can't be used with dimensions.", - "title": "AdditionalMetricsToRetainV2", - "type": "array" - }, - "AlertTargets": { - "additionalProperties": false, - "markdownDescription": "Specifies the destinations to which alerts are sent. (Alerts are always sent to the console.) Alerts are generated when a device (thing) violates a behavior.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::IoT::SecurityProfile.AlertTarget" - } - }, - "title": "AlertTargets", - "type": "object" + "CustomEventData": { + "markdownDescription": "Information to be added to all events that are related to this game session queue.", + "title": "CustomEventData", + "type": "string" }, - "Behaviors": { + "Destinations": { "items": { - "$ref": "#/definitions/AWS::IoT::SecurityProfile.Behavior" + "$ref": "#/definitions/AWS::GameLift::GameSessionQueue.GameSessionQueueDestination" }, - "markdownDescription": "Specifies the behaviors that, when violated by a device (thing), cause an alert.", - "title": "Behaviors", + "markdownDescription": "A list of fleets and/or fleet aliases that can be used to fulfill game session placement requests in the queue. Destinations are identified by either a fleet ARN or a fleet alias ARN, and are listed in order of placement preference.", + "title": "Destinations", "type": "array" }, - "MetricsExportConfig": { - "$ref": "#/definitions/AWS::IoT::SecurityProfile.MetricsExportConfig", - "markdownDescription": "Specifies the MQTT topic and role ARN required for metric export.", - "title": "MetricsExportConfig" + "FilterConfiguration": { + "$ref": "#/definitions/AWS::GameLift::GameSessionQueue.FilterConfiguration", + "markdownDescription": "A list of locations where a queue is allowed to place new game sessions. Locations are specified in the form of AWS Region codes, such as `us-west-2` . If this parameter is not set, game sessions can be placed in any queue location.", + "title": "FilterConfiguration" }, - "SecurityProfileDescription": { - "markdownDescription": "A description of the security profile.", - "title": "SecurityProfileDescription", + "Name": { + "markdownDescription": "A descriptive label that is associated with game session queue. Queue names must be unique within each Region.", + "title": "Name", "type": "string" }, - "SecurityProfileName": { - "markdownDescription": "The name you gave to the security profile.", - "title": "SecurityProfileName", + "NotificationTarget": { + "markdownDescription": "An SNS topic ARN that is set up to receive game session placement notifications. See [Setting up notifications for game session placement](https://docs.aws.amazon.com/gamelift/latest/developerguide/queue-notification.html) .", + "title": "NotificationTarget", "type": "string" }, - "Tags": { + "PlayerLatencyPolicies": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::GameLift::GameSessionQueue.PlayerLatencyPolicy" }, - "markdownDescription": "Metadata that can be used to manage the security profile.", - "title": "Tags", + "markdownDescription": "A set of policies that enforce a sliding cap on player latency when processing game sessions placement requests. Use multiple policies to gradually relax the cap over time if Amazon GameLift Servers can't make a placement. Policies are evaluated in order starting with the lowest maximum latency value.", + "title": "PlayerLatencyPolicies", "type": "array" }, - "TargetArns": { + "PriorityConfiguration": { + "$ref": "#/definitions/AWS::GameLift::GameSessionQueue.PriorityConfiguration", + "markdownDescription": "Custom settings to use when prioritizing destinations and locations for game session placements. This configuration replaces the FleetIQ default prioritization process. Priority types that are not explicitly named will be automatically applied at the end of the prioritization process.", + "title": "PriorityConfiguration" + }, + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The ARN of the target (thing group) to which the security profile is attached.", - "title": "TargetArns", + "markdownDescription": "A list of labels to assign to the new game session queue resource. Tags are developer-defined key-value pairs. Tagging AWS resources are useful for resource management, access management and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference* . Once the resource is created, you can use TagResource, UntagResource, and ListTagsForResource to add, remove, and view tags. The maximum tag limit may be lower than stated. See the AWS General Reference for actual tagging limits.", + "title": "Tags", "type": "array" + }, + "TimeoutInSeconds": { + "markdownDescription": "The maximum time, in seconds, that a new game session placement request remains in the queue. When a request exceeds this time, the game session placement changes to a `TIMED_OUT` status. If you don't specify a request timeout, the queue uses a default value.", + "title": "TimeoutInSeconds", + "type": "number" } }, + "required": [ + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::SecurityProfile" + "AWS::GameLift::GameSessionQueue" ], "type": "string" }, @@ -122656,244 +127739,75 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoT::SecurityProfile.AlertTarget": { + "AWS::GameLift::GameSessionQueue.FilterConfiguration": { "additionalProperties": false, "properties": { - "AlertTargetArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the notification target to which alerts are sent.", - "title": "AlertTargetArn", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN of the role that grants permission to send alerts to the notification target.", - "title": "RoleArn", - "type": "string" + "AllowedLocations": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of locations to allow game session placement in, in the form of AWS Region codes such as `us-west-2` .", + "title": "AllowedLocations", + "type": "array" } }, - "required": [ - "AlertTargetArn", - "RoleArn" - ], "type": "object" }, - "AWS::IoT::SecurityProfile.Behavior": { + "AWS::GameLift::GameSessionQueue.GameSessionQueueDestination": { "additionalProperties": false, "properties": { - "Criteria": { - "$ref": "#/definitions/AWS::IoT::SecurityProfile.BehaviorCriteria", - "markdownDescription": "The criteria that determine if a device is behaving normally in regard to the `metric` .\n\n> In the AWS IoT console, you can choose to be sent an alert through Amazon SNS when AWS IoT Device Defender detects that a device is behaving anomalously.", - "title": "Criteria" - }, - "ExportMetric": { - "markdownDescription": "Value indicates exporting metrics related to the behavior when it is true.", - "title": "ExportMetric", - "type": "boolean" - }, - "Metric": { - "markdownDescription": "What is measured by the behavior.", - "title": "Metric", - "type": "string" - }, - "MetricDimension": { - "$ref": "#/definitions/AWS::IoT::SecurityProfile.MetricDimension", - "markdownDescription": "The dimension of the metric.", - "title": "MetricDimension" - }, - "Name": { - "markdownDescription": "The name you've given to the behavior.", - "title": "Name", + "DestinationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that is assigned to fleet or fleet alias. ARNs, which include a fleet ID or alias ID and a Region name, provide a unique identifier across all Regions.", + "title": "DestinationArn", "type": "string" - }, - "SuppressAlerts": { - "markdownDescription": "The alert status. If you set the value to `true` , alerts will be suppressed.", - "title": "SuppressAlerts", - "type": "boolean" } }, - "required": [ - "Name" - ], "type": "object" }, - "AWS::IoT::SecurityProfile.BehaviorCriteria": { + "AWS::GameLift::GameSessionQueue.PlayerLatencyPolicy": { "additionalProperties": false, "properties": { - "ComparisonOperator": { - "markdownDescription": "The operator that relates the thing measured ( `metric` ) to the criteria (containing a `value` or `statisticalThreshold` ). Valid operators include:\n\n- `string-list` : `in-set` and `not-in-set`\n- `number-list` : `in-set` and `not-in-set`\n- `ip-address-list` : `in-cidr-set` and `not-in-cidr-set`\n- `number` : `less-than` , `less-than-equals` , `greater-than` , and `greater-than-equals`", - "title": "ComparisonOperator", - "type": "string" - }, - "ConsecutiveDatapointsToAlarm": { - "markdownDescription": "If a device is in violation of the behavior for the specified number of consecutive datapoints, an alarm occurs. If not specified, the default is 1.", - "title": "ConsecutiveDatapointsToAlarm", - "type": "number" - }, - "ConsecutiveDatapointsToClear": { - "markdownDescription": "If an alarm has occurred and the offending device is no longer in violation of the behavior for the specified number of consecutive datapoints, the alarm is cleared. If not specified, the default is 1.", - "title": "ConsecutiveDatapointsToClear", + "MaximumIndividualPlayerLatencyMilliseconds": { + "markdownDescription": "The maximum latency value that is allowed for any player, in milliseconds. All policies must have a value set for this property.", + "title": "MaximumIndividualPlayerLatencyMilliseconds", "type": "number" }, - "DurationSeconds": { - "markdownDescription": "Use this to specify the time duration over which the behavior is evaluated, for those criteria that have a time dimension (for example, `NUM_MESSAGES_SENT` ). For a `statisticalThreshhold` metric comparison, measurements from all devices are accumulated over this time duration before being used to calculate percentiles, and later, measurements from an individual device are also accumulated over this time duration before being given a percentile rank. Cannot be used with list-based metric datatypes.", - "title": "DurationSeconds", + "PolicyDurationSeconds": { + "markdownDescription": "The length of time, in seconds, that the policy is enforced while placing a new game session. A null value for this property means that the policy is enforced until the queue times out.", + "title": "PolicyDurationSeconds", "type": "number" - }, - "MlDetectionConfig": { - "$ref": "#/definitions/AWS::IoT::SecurityProfile.MachineLearningDetectionConfig", - "markdownDescription": "The confidence level of the detection model.", - "title": "MlDetectionConfig" - }, - "StatisticalThreshold": { - "$ref": "#/definitions/AWS::IoT::SecurityProfile.StatisticalThreshold", - "markdownDescription": "A statistical ranking (percentile)that indicates a threshold value by which a behavior is determined to be in compliance or in violation of the behavior.", - "title": "StatisticalThreshold" - }, - "Value": { - "$ref": "#/definitions/AWS::IoT::SecurityProfile.MetricValue", - "markdownDescription": "The value to be compared with the `metric` .", - "title": "Value" - } - }, - "type": "object" - }, - "AWS::IoT::SecurityProfile.MachineLearningDetectionConfig": { - "additionalProperties": false, - "properties": { - "ConfidenceLevel": { - "markdownDescription": "The model confidence level.\n\nThere are three levels of confidence, `\"high\"` , `\"medium\"` , and `\"low\"` .\n\nThe higher the confidence level, the lower the sensitivity, and the lower the alarm frequency will be.", - "title": "ConfidenceLevel", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoT::SecurityProfile.MetricDimension": { - "additionalProperties": false, - "properties": { - "DimensionName": { - "markdownDescription": "The name of the dimension.", - "title": "DimensionName", - "type": "string" - }, - "Operator": { - "markdownDescription": "Operators are constructs that perform logical operations. Valid values are `IN` and `NOT_IN` .", - "title": "Operator", - "type": "string" - } - }, - "required": [ - "DimensionName" - ], - "type": "object" - }, - "AWS::IoT::SecurityProfile.MetricToRetain": { - "additionalProperties": false, - "properties": { - "ExportMetric": { - "markdownDescription": "The value indicates exporting metrics related to the `MetricToRetain` when it's true.", - "title": "ExportMetric", - "type": "boolean" - }, - "Metric": { - "markdownDescription": "A standard of measurement.", - "title": "Metric", - "type": "string" - }, - "MetricDimension": { - "$ref": "#/definitions/AWS::IoT::SecurityProfile.MetricDimension", - "markdownDescription": "The dimension of the metric.", - "title": "MetricDimension" } }, - "required": [ - "Metric" - ], "type": "object" }, - "AWS::IoT::SecurityProfile.MetricValue": { + "AWS::GameLift::GameSessionQueue.PriorityConfiguration": { "additionalProperties": false, "properties": { - "Cidrs": { + "LocationOrder": { "items": { "type": "string" }, - "markdownDescription": "If the `comparisonOperator` calls for a set of CIDRs, use this to specify that set to be compared with the `metric` .", - "title": "Cidrs", - "type": "array" - }, - "Count": { - "markdownDescription": "If the `comparisonOperator` calls for a numeric value, use this to specify that numeric value to be compared with the `metric` .", - "title": "Count", - "type": "string" - }, - "Number": { - "markdownDescription": "The numeric values of a metric.", - "title": "Number", - "type": "number" - }, - "Numbers": { - "items": { - "type": "number" - }, - "markdownDescription": "The numeric value of a metric.", - "title": "Numbers", - "type": "array" - }, - "Ports": { - "items": { - "type": "number" - }, - "markdownDescription": "If the `comparisonOperator` calls for a set of ports, use this to specify that set to be compared with the `metric` .", - "title": "Ports", + "markdownDescription": "The prioritization order to use for fleet locations, when the `PriorityOrder` property includes `LOCATION` . Locations can include AWS Region codes (such as `us-west-2` ), local zones, and custom locations (for Anywhere fleets). Each location must be listed only once. For details, see [Amazon GameLift Servers service locations.](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-regions.html)", + "title": "LocationOrder", "type": "array" }, - "Strings": { + "PriorityOrder": { "items": { "type": "string" }, - "markdownDescription": "The string values of a metric.", - "title": "Strings", + "markdownDescription": "A custom sequence to use when prioritizing where to place new game sessions. Each priority type is listed once.\n\n- `LATENCY` -- Amazon GameLift Servers prioritizes locations where the average player latency is lowest. Player latency data is provided in each game session placement request.\n- `COST` -- Amazon GameLift Servers prioritizes queue destinations with the lowest current hosting costs. Cost is evaluated based on the destination's location, instance type, and fleet type (Spot or On-Demand).\n- `DESTINATION` -- Amazon GameLift Servers prioritizes based on the list order of destinations in the queue configuration.\n- `LOCATION` -- Amazon GameLift Servers prioritizes based on the provided order of locations, as defined in `LocationOrder` .", + "title": "PriorityOrder", "type": "array" } }, "type": "object" }, - "AWS::IoT::SecurityProfile.MetricsExportConfig": { - "additionalProperties": false, - "properties": { - "MqttTopic": { - "markdownDescription": "The MQTT topic that Device Defender Detect should publish messages to for metrics export.", - "title": "MqttTopic", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "This role ARN has permission to publish MQTT messages, after which Device Defender Detect can assume the role and publish messages on your behalf.", - "title": "RoleArn", - "type": "string" - } - }, - "required": [ - "MqttTopic", - "RoleArn" - ], - "type": "object" - }, - "AWS::IoT::SecurityProfile.StatisticalThreshold": { - "additionalProperties": false, - "properties": { - "Statistic": { - "markdownDescription": "The percentile that resolves to a threshold value by which compliance with a behavior is determined. Metrics are collected over the specified period ( `durationSeconds` ) from all reporting devices in your account and statistical ranks are calculated. Then, the measurements from a device are collected over the same period. If the accumulated measurements from the device fall above or below ( `comparisonOperator` ) the value associated with the percentile specified, then the device is considered to be in compliance with the behavior, otherwise a violation occurs.", - "title": "Statistic", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoT::SoftwarePackage": { + "AWS::GameLift::Location": { "additionalProperties": false, "properties": { "Condition": { @@ -122928,30 +127842,28 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A summary of the package being created. This can be used to outline the package's contents or purpose.", - "title": "Description", - "type": "string" - }, - "PackageName": { - "markdownDescription": "The name of the new software package.", - "title": "PackageName", + "LocationName": { + "markdownDescription": "A descriptive name for the custom location.", + "title": "LocationName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata that can be used to manage the package.", + "markdownDescription": "A list of labels to assign to the new resource. Tags are developer-defined key-value pairs. Tagging AWS resources are useful for resource management, access management, and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Rareference* .", "title": "Tags", "type": "array" } }, + "required": [ + "LocationName" + ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::SoftwarePackage" + "AWS::GameLift::Location" ], "type": "string" }, @@ -122965,11 +127877,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoT::SoftwarePackageVersion": { + "AWS::GameLift::MatchmakingConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -123004,49 +127917,112 @@ "Properties": { "additionalProperties": false, "properties": { - "Attributes": { - "additionalProperties": true, - "markdownDescription": "Metadata that can be used to define a package version\u2019s configuration. For example, the S3 file location, configuration options that are being sent to the device or fleet.\n\nThe combined size of all the attributes on a package version is limited to 3KB.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Attributes", - "type": "object" + "AcceptanceRequired": { + "markdownDescription": "A flag that determines whether a match that was created with this configuration must be accepted by the matched players. To require acceptance, set to `TRUE` . With this option enabled, matchmaking tickets use the status `REQUIRES_ACCEPTANCE` to indicate when a completed potential match is waiting for player acceptance.", + "title": "AcceptanceRequired", + "type": "boolean" + }, + "AcceptanceTimeoutSeconds": { + "markdownDescription": "The length of time (in seconds) to wait for players to accept a proposed match, if acceptance is required.", + "title": "AcceptanceTimeoutSeconds", + "type": "number" + }, + "AdditionalPlayerCount": { + "markdownDescription": "The number of player slots in a match to keep open for future players. For example, if the configuration's rule set specifies a match for a single 12-person team, and the additional player count is set to 2, only 10 players are selected for the match. This parameter is not used if `FlexMatchMode` is set to `STANDALONE` .", + "title": "AdditionalPlayerCount", + "type": "number" + }, + "BackfillMode": { + "markdownDescription": "The method used to backfill game sessions that are created with this matchmaking configuration. Specify `MANUAL` when your game manages backfill requests manually or does not use the match backfill feature. Specify `AUTOMATIC` to have GameLift create a `StartMatchBackfill` request whenever a game session has one or more open slots. Learn more about manual and automatic backfill in [Backfill Existing Games with FlexMatch](https://docs.aws.amazon.com/gamelift/latest/flexmatchguide/match-backfill.html) . Automatic backfill is not available when `FlexMatchMode` is set to `STANDALONE` .", + "title": "BackfillMode", + "type": "string" + }, + "CreationTime": { + "markdownDescription": "A time stamp indicating when this data object was created. Format is a number expressed in Unix time as milliseconds (for example `\"1469498468.057\"` ).", + "title": "CreationTime", + "type": "string" + }, + "CustomEventData": { + "markdownDescription": "Information to add to all events related to the matchmaking configuration.", + "title": "CustomEventData", + "type": "string" }, "Description": { - "markdownDescription": "A summary of the package version being created. This can be used to outline the package's contents or purpose.", + "markdownDescription": "A description for the matchmaking configuration.", "title": "Description", "type": "string" }, - "PackageName": { - "markdownDescription": "The name of the associated software package.", - "title": "PackageName", + "FlexMatchMode": { + "markdownDescription": "Indicates whether this matchmaking configuration is being used with Amazon GameLift Servers hosting or as a standalone matchmaking solution.\n\n- *STANDALONE* - FlexMatch forms matches and returns match information, including players and team assignments, in a [MatchmakingSucceeded](https://docs.aws.amazon.com/gamelift/latest/flexmatchguide/match-events.html#match-events-matchmakingsucceeded) event.\n- *WITH_QUEUE* - FlexMatch forms matches and uses the specified Amazon GameLift Servers queue to start a game session for the match.", + "title": "FlexMatchMode", + "type": "string" + }, + "GameProperties": { + "items": { + "$ref": "#/definitions/AWS::GameLift::MatchmakingConfiguration.GameProperty" + }, + "markdownDescription": "A set of custom properties for a game session, formatted as key-value pairs. These properties are passed to a game server process with a request to start a new game session. See [Start a Game Session](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-sdk-server-api.html#gamelift-sdk-server-startsession) . This parameter is not used if `FlexMatchMode` is set to `STANDALONE` .", + "title": "GameProperties", + "type": "array" + }, + "GameSessionData": { + "markdownDescription": "A set of custom game session properties, formatted as a single string value. This data is passed to a game server process with a request to start a new game session. See [Start a Game Session](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-sdk-server-api.html#gamelift-sdk-server-startsession) . This parameter is not used if `FlexMatchMode` is set to `STANDALONE` .", + "title": "GameSessionData", + "type": "string" + }, + "GameSessionQueueArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Name ( [ARN](https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-arn-format.html) ) that is assigned to a Amazon GameLift Servers game session queue resource and uniquely identifies it. ARNs are unique across all Regions. Format is `arn:aws:gamelift:::gamesessionqueue/` . Queues can be located in any Region. Queues are used to start new Amazon GameLift Servers-hosted game sessions for matches that are created with this matchmaking configuration. If `FlexMatchMode` is set to `STANDALONE` , do not set this parameter.", + "title": "GameSessionQueueArns", + "type": "array" + }, + "Name": { + "markdownDescription": "A unique identifier for the matchmaking configuration. This name is used to identify the configuration associated with a matchmaking request or ticket.", + "title": "Name", + "type": "string" + }, + "NotificationTarget": { + "markdownDescription": "An SNS topic ARN that is set up to receive matchmaking notifications. See [Setting up notifications for matchmaking](https://docs.aws.amazon.com/gamelift/latest/flexmatchguide/match-notification.html) for more information.", + "title": "NotificationTarget", + "type": "string" + }, + "RequestTimeoutSeconds": { + "markdownDescription": "The maximum duration, in seconds, that a matchmaking ticket can remain in process before timing out. Requests that fail due to timing out can be resubmitted as needed.", + "title": "RequestTimeoutSeconds", + "type": "number" + }, + "RuleSetArn": { + "markdownDescription": "The Amazon Resource Name ( [ARN](https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-arn-format.html) ) associated with the GameLift matchmaking rule set resource that this configuration uses.", + "title": "RuleSetArn", + "type": "string" + }, + "RuleSetName": { + "markdownDescription": "A unique identifier for the matchmaking rule set to use with this configuration. You can use either the rule set name or ARN value. A matchmaking configuration can only use rule sets that are defined in the same Region.", + "title": "RuleSetName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata that can be used to manage the package version.", + "markdownDescription": "A list of labels to assign to the new matchmaking configuration resource. Tags are developer-defined key-value pairs. Tagging AWS resources are useful for resource management, access management and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference* . Once the resource is created, you can use TagResource, UntagResource, and ListTagsForResource to add, remove, and view tags. The maximum tag limit may be lower than stated. See the AWS General Reference for actual tagging limits.", "title": "Tags", "type": "array" - }, - "VersionName": { - "markdownDescription": "The name of the new package version.", - "title": "VersionName", - "type": "string" } }, "required": [ - "PackageName" + "AcceptanceRequired", + "Name", + "RequestTimeoutSeconds", + "RuleSetName" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::SoftwarePackageVersion" + "AWS::GameLift::MatchmakingConfiguration" ], "type": "string" }, @@ -123065,7 +128041,27 @@ ], "type": "object" }, - "AWS::IoT::Thing": { + "AWS::GameLift::MatchmakingConfiguration.GameProperty": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The game property identifier.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The game property value.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::GameLift::MatchmakingRuleSet": { "additionalProperties": false, "properties": { "Condition": { @@ -123100,22 +128096,34 @@ "Properties": { "additionalProperties": false, "properties": { - "AttributePayload": { - "$ref": "#/definitions/AWS::IoT::Thing.AttributePayload", - "markdownDescription": "A string that contains up to three key value pairs. Maximum length of 800. Duplicates not allowed.", - "title": "AttributePayload" + "Name": { + "markdownDescription": "A unique identifier for the matchmaking rule set. A matchmaking configuration identifies the rule set it uses by this name value. Note that the rule set name is different from the optional `name` field in the rule set body.", + "title": "Name", + "type": "string" }, - "ThingName": { - "markdownDescription": "The name of the thing to update.\n\nYou can't change a thing's name. To change a thing's name, you must create a new thing, give it the new name, and then delete the old thing.", - "title": "ThingName", + "RuleSetBody": { + "markdownDescription": "A collection of matchmaking rules, formatted as a JSON string. Comments are not allowed in JSON, but most elements support a description field.", + "title": "RuleSetBody", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of labels to assign to the new matchmaking rule set resource. Tags are developer-defined key-value pairs. Tagging AWS resources are useful for resource management, access management and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference* . Once the resource is created, you can use TagResource, UntagResource, and ListTagsForResource to add, remove, and view tags. The maximum tag limit may be lower than stated. See the AWS General Reference for actual tagging limits.", + "title": "Tags", + "type": "array" } }, + "required": [ + "Name", + "RuleSetBody" + ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::Thing" + "AWS::GameLift::MatchmakingRuleSet" ], "type": "string" }, @@ -123129,28 +128137,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoT::Thing.AttributePayload": { - "additionalProperties": false, - "properties": { - "Attributes": { - "additionalProperties": true, - "markdownDescription": "A JSON string containing up to three key-value pair in JSON format. For example:\n\n`{\\\"attributes\\\":{\\\"string1\\\":\\\"string2\\\"}}`", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Attributes", - "type": "object" - } - }, - "type": "object" - }, - "AWS::IoT::ThingGroup": { + "AWS::GameLift::Script": { "additionalProperties": false, "properties": { "Condition": { @@ -123185,40 +128177,38 @@ "Properties": { "additionalProperties": false, "properties": { - "ParentGroupName": { - "markdownDescription": "The parent thing group name.\n\nA Dynamic Thing Group does not have `parentGroupName` defined.", - "title": "ParentGroupName", + "Name": { + "markdownDescription": "A descriptive label that is associated with a script. Script names do not need to be unique.", + "title": "Name", "type": "string" }, - "QueryString": { - "markdownDescription": "The dynamic thing group search query string.\n\nThe `queryString` attribute *is* required for `CreateDynamicThingGroup` . The `queryString` attribute *is not* required for `CreateThingGroup` .", - "title": "QueryString", - "type": "string" + "StorageLocation": { + "$ref": "#/definitions/AWS::GameLift::Script.S3Location", + "markdownDescription": "The location of the Amazon S3 bucket where a zipped file containing your Realtime scripts is stored. The storage location must specify the Amazon S3 bucket name, the zip file name (the \"key\"), and a role ARN that allows Amazon GameLift Servers to access the Amazon S3 storage location. The S3 bucket must be in the same Region where you want to create a new script. By default, Amazon GameLift Servers uploads the latest version of the zip file; if you have S3 object versioning turned on, you can use the `ObjectVersion` parameter to specify an earlier version.", + "title": "StorageLocation" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata which can be used to manage the thing group or dynamic thing group.", + "markdownDescription": "A list of labels to assign to the new script resource. Tags are developer-defined key-value pairs. Tagging AWS resources are useful for resource management, access management and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference* . Once the resource is created, you can use TagResource, UntagResource, and ListTagsForResource to add, remove, and view tags. The maximum tag limit may be lower than stated. See the AWS General Reference for actual tagging limits.", "title": "Tags", "type": "array" }, - "ThingGroupName": { - "markdownDescription": "The thing group name.", - "title": "ThingGroupName", + "Version": { + "markdownDescription": "The version that is associated with a build or script. Version strings do not need to be unique.", + "title": "Version", "type": "string" - }, - "ThingGroupProperties": { - "$ref": "#/definitions/AWS::IoT::ThingGroup.ThingGroupProperties", - "markdownDescription": "Thing group properties.", - "title": "ThingGroupProperties" } }, + "required": [ + "StorageLocation" + ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::ThingGroup" + "AWS::GameLift::Script" ], "type": "string" }, @@ -123232,44 +128222,43 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoT::ThingGroup.AttributePayload": { - "additionalProperties": false, - "properties": { - "Attributes": { - "additionalProperties": true, - "markdownDescription": "A JSON string containing up to three key-value pair in JSON format. For example:\n\n`{\\\"attributes\\\":{\\\"string1\\\":\\\"string2\\\"}}`", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Attributes", - "type": "object" - } - }, - "type": "object" - }, - "AWS::IoT::ThingGroup.ThingGroupProperties": { + "AWS::GameLift::Script.S3Location": { "additionalProperties": false, "properties": { - "AttributePayload": { - "$ref": "#/definitions/AWS::IoT::ThingGroup.AttributePayload", - "markdownDescription": "The thing group attributes in JSON format.", - "title": "AttributePayload" + "Bucket": { + "markdownDescription": "An Amazon S3 bucket identifier. Thename of the S3 bucket.\n\n> Amazon GameLift Servers doesn't support uploading from Amazon S3 buckets with names that contain a dot (.).", + "title": "Bucket", + "type": "string" }, - "ThingGroupDescription": { - "markdownDescription": "The thing group description.", - "title": "ThingGroupDescription", + "Key": { + "markdownDescription": "The name of the zip file that contains the build files or script files.", + "title": "Key", + "type": "string" + }, + "ObjectVersion": { + "markdownDescription": "The version of the file, if object versioning is turned on for the bucket. Amazon GameLift Servers uses this information when retrieving files from an S3 bucket that you own. Use this parameter to specify a specific version of the file. If not set, the latest version of the file is retrieved.", + "title": "ObjectVersion", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name ( [ARN](https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-arn-format.html) ) for an IAM role that allows Amazon GameLift Servers to access the S3 bucket.", + "title": "RoleArn", "type": "string" } }, + "required": [ + "Bucket", + "Key", + "RoleArn" + ], "type": "object" }, - "AWS::IoT::ThingPrincipalAttachment": { + "AWS::GlobalAccelerator::Accelerator": { "additionalProperties": false, "properties": { "Condition": { @@ -123304,26 +128293,46 @@ "Properties": { "additionalProperties": false, "properties": { - "Principal": { - "markdownDescription": "The principal, which can be a certificate ARN (as returned from the `CreateCertificate` operation) or an Amazon Cognito ID.", - "title": "Principal", + "Enabled": { + "markdownDescription": "Indicates whether the accelerator is enabled. The value is true or false. The default value is true.\n\nIf the value is set to true, the accelerator cannot be deleted. If set to false, accelerator can be deleted.", + "title": "Enabled", + "type": "boolean" + }, + "IpAddressType": { + "markdownDescription": "The IP address type that an accelerator supports. For a standard accelerator, the value can be IPV4 or DUAL_STACK.", + "title": "IpAddressType", "type": "string" }, - "ThingName": { - "markdownDescription": "The name of the AWS IoT thing.", - "title": "ThingName", + "IpAddresses": { + "items": { + "type": "string" + }, + "markdownDescription": "Optionally, if you've added your own IP address pool to Global Accelerator (BYOIP), you can choose IP addresses from your own pool to use for the accelerator's static IP addresses when you create an accelerator. You can specify one or two addresses, separated by a comma. Do not include the /32 suffix.\n\nOnly one IP address from each of your IP address ranges can be used for each accelerator. If you specify only one IP address from your IP address range, Global Accelerator assigns a second static IP address for the accelerator from the AWS IP address pool.\n\nNote that you can't update IP addresses for an existing accelerator. To change them, you must create a new accelerator with the new addresses.\n\nFor more information, see [Bring Your Own IP Addresses (BYOIP)](https://docs.aws.amazon.com/global-accelerator/latest/dg/using-byoip.html) in the *AWS Global Accelerator Developer Guide* .", + "title": "IpAddresses", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the accelerator. The name must contain only alphanumeric characters or hyphens (-), and must not begin or end with a hyphen.", + "title": "Name", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Create tags for an accelerator.\n\nFor more information, see [Tagging](https://docs.aws.amazon.com/global-accelerator/latest/dg/tagging-in-global-accelerator.html) in the *AWS Global Accelerator Developer Guide* .", + "title": "Tags", + "type": "array" } }, "required": [ - "Principal", - "ThingName" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::ThingPrincipalAttachment" + "AWS::GlobalAccelerator::Accelerator" ], "type": "string" }, @@ -123342,7 +128351,7 @@ ], "type": "object" }, - "AWS::IoT::ThingType": { + "AWS::GlobalAccelerator::CrossAccountAttachment": { "additionalProperties": false, "properties": { "Condition": { @@ -123377,35 +128386,44 @@ "Properties": { "additionalProperties": false, "properties": { - "DeprecateThingType": { - "markdownDescription": "Deprecates a thing type. You can not associate new things with deprecated thing type.\n\nRequires permission to access the [DeprecateThingType](https://docs.aws.amazon.com//service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions) action.", - "title": "DeprecateThingType", - "type": "boolean" + "Name": { + "markdownDescription": "The name of the cross-account attachment.", + "title": "Name", + "type": "string" + }, + "Principals": { + "items": { + "type": "string" + }, + "markdownDescription": "The principals included in the cross-account attachment.", + "title": "Principals", + "type": "array" + }, + "Resources": { + "items": { + "$ref": "#/definitions/AWS::GlobalAccelerator::CrossAccountAttachment.Resource" + }, + "markdownDescription": "The resources included in the cross-account attachment.", + "title": "Resources", + "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata which can be used to manage the thing type.", + "markdownDescription": "Add tags for a cross-account attachment.\n\nFor more information, see [Tagging in AWS Global Accelerator](https://docs.aws.amazon.com/global-accelerator/latest/dg/tagging-in-global-accelerator.html) in the *AWS Global Accelerator Developer Guide* .", "title": "Tags", "type": "array" - }, - "ThingTypeName": { - "markdownDescription": "The name of the thing type.", - "title": "ThingTypeName", - "type": "string" - }, - "ThingTypeProperties": { - "$ref": "#/definitions/AWS::IoT::ThingType.ThingTypeProperties", - "markdownDescription": "The thing type properties for the thing type to create. It contains information about the new thing type including a description, a list of searchable thing attribute names, and a list of propagating attributes. After a thing type is created, you can only update `Mqtt5Configuration` .", - "title": "ThingTypeProperties" } }, + "required": [ + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::ThingType" + "AWS::GlobalAccelerator::CrossAccountAttachment" ], "type": "string" }, @@ -123419,30 +128437,33 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoT::ThingType.ThingTypeProperties": { + "AWS::GlobalAccelerator::CrossAccountAttachment.Resource": { "additionalProperties": false, "properties": { - "SearchableAttributes": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of searchable thing attribute names.", - "title": "SearchableAttributes", - "type": "array" + "Cidr": { + "markdownDescription": "An IP address range, in CIDR format, that is specified as resource. The address must be provisioned and advertised in AWS Global Accelerator by following the bring your own IP address (BYOIP) process for Global Accelerator\n\nFor more information, see [Bring your own IP addresses (BYOIP)](https://docs.aws.amazon.com/global-accelerator/latest/dg/using-byoip.html) in the AWS Global Accelerator Developer Guide.", + "title": "Cidr", + "type": "string" }, - "ThingTypeDescription": { - "markdownDescription": "The description of the thing type.", - "title": "ThingTypeDescription", + "EndpointId": { + "markdownDescription": "The endpoint ID for the endpoint that is specified as a AWS resource.\n\nAn endpoint ID for the cross-account feature is the ARN of an AWS resource, such as a Network Load Balancer, that Global Accelerator supports as an endpoint for an accelerator.", + "title": "EndpointId", + "type": "string" + }, + "Region": { + "markdownDescription": "The AWS Region where a shared endpoint resource is located.", + "title": "Region", "type": "string" } }, "type": "object" }, - "AWS::IoT::TopicRule": { + "AWS::GlobalAccelerator::EndpointGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -123477,33 +128498,72 @@ "Properties": { "additionalProperties": false, "properties": { - "RuleName": { - "markdownDescription": "The name of the rule.", - "title": "RuleName", + "EndpointConfigurations": { + "items": { + "$ref": "#/definitions/AWS::GlobalAccelerator::EndpointGroup.EndpointConfiguration" + }, + "markdownDescription": "The list of endpoint objects.", + "title": "EndpointConfigurations", + "type": "array" + }, + "EndpointGroupRegion": { + "markdownDescription": "The AWS Regions where the endpoint group is located.", + "title": "EndpointGroupRegion", "type": "string" }, - "Tags": { + "HealthCheckIntervalSeconds": { + "markdownDescription": "The time\u201410 seconds or 30 seconds\u2014between health checks for each endpoint. The default value is 30.", + "title": "HealthCheckIntervalSeconds", + "type": "number" + }, + "HealthCheckPath": { + "markdownDescription": "If the protocol is HTTP/S, then this value provides the ping path that Global Accelerator uses for the destination on the endpoints for health checks. The default is slash (/).", + "title": "HealthCheckPath", + "type": "string" + }, + "HealthCheckPort": { + "markdownDescription": "The port that Global Accelerator uses to perform health checks on endpoints that are part of this endpoint group.\n\nThe default port is the port for the listener that this endpoint group is associated with. If the listener port is a list, Global Accelerator uses the first specified port in the list of ports.", + "title": "HealthCheckPort", + "type": "number" + }, + "HealthCheckProtocol": { + "markdownDescription": "The protocol that Global Accelerator uses to perform health checks on endpoints that are part of this endpoint group. The default value is TCP.", + "title": "HealthCheckProtocol", + "type": "string" + }, + "ListenerArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the listener.", + "title": "ListenerArn", + "type": "string" + }, + "PortOverrides": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::GlobalAccelerator::EndpointGroup.PortOverride" }, - "markdownDescription": "Metadata which can be used to manage the topic rule.\n\n> For URI Request parameters use format: ...key1=value1&key2=value2...\n> \n> For the CLI command-line parameter use format: --tags \"key1=value1&key2=value2...\"\n> \n> For the cli-input-json file use format: \"tags\": \"key1=value1&key2=value2...\"", - "title": "Tags", + "markdownDescription": "Allows you to override the destination ports used to route traffic to an endpoint. Using a port override lets you map a list of external destination ports (that your users send traffic to) to a list of internal destination ports that you want an application endpoint to receive traffic on.", + "title": "PortOverrides", "type": "array" }, - "TopicRulePayload": { - "$ref": "#/definitions/AWS::IoT::TopicRule.TopicRulePayload", - "markdownDescription": "The rule payload.", - "title": "TopicRulePayload" + "ThresholdCount": { + "markdownDescription": "The number of consecutive health checks required to set the state of a healthy endpoint to unhealthy, or to set an unhealthy endpoint to healthy. The default value is 3.", + "title": "ThresholdCount", + "type": "number" + }, + "TrafficDialPercentage": { + "markdownDescription": "The percentage of traffic to send to an AWS Regions . Additional traffic is distributed to other endpoint groups for this listener.\n\nUse this action to increase (dial up) or decrease (dial down) traffic to a specific Region. The percentage is applied to the traffic that would otherwise have been routed to the Region based on optimal routing.\n\nThe default value is 100.", + "title": "TrafficDialPercentage", + "type": "number" } }, "required": [ - "TopicRulePayload" + "EndpointGroupRegion", + "ListenerArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::TopicRule" + "AWS::GlobalAccelerator::EndpointGroup" ], "type": "string" }, @@ -123522,1176 +128582,1259 @@ ], "type": "object" }, - "AWS::IoT::TopicRule.Action": { + "AWS::GlobalAccelerator::EndpointGroup.EndpointConfiguration": { "additionalProperties": false, "properties": { - "CloudwatchAlarm": { - "$ref": "#/definitions/AWS::IoT::TopicRule.CloudwatchAlarmAction", - "markdownDescription": "Change the state of a CloudWatch alarm.", - "title": "CloudwatchAlarm" - }, - "CloudwatchLogs": { - "$ref": "#/definitions/AWS::IoT::TopicRule.CloudwatchLogsAction", - "markdownDescription": "Sends data to CloudWatch.", - "title": "CloudwatchLogs" - }, - "CloudwatchMetric": { - "$ref": "#/definitions/AWS::IoT::TopicRule.CloudwatchMetricAction", - "markdownDescription": "Capture a CloudWatch metric.", - "title": "CloudwatchMetric" - }, - "DynamoDB": { - "$ref": "#/definitions/AWS::IoT::TopicRule.DynamoDBAction", - "markdownDescription": "Write to a DynamoDB table.", - "title": "DynamoDB" - }, - "DynamoDBv2": { - "$ref": "#/definitions/AWS::IoT::TopicRule.DynamoDBv2Action", - "markdownDescription": "Write to a DynamoDB table. This is a new version of the DynamoDB action. It allows you to write each attribute in an MQTT message payload into a separate DynamoDB column.", - "title": "DynamoDBv2" - }, - "Elasticsearch": { - "$ref": "#/definitions/AWS::IoT::TopicRule.ElasticsearchAction", - "markdownDescription": "Write data to an Amazon OpenSearch Service domain.\n\n> The `Elasticsearch` action can only be used by existing rule actions. To create a new rule action or to update an existing rule action, use the `OpenSearch` rule action instead. For more information, see [OpenSearchAction](https://docs.aws.amazon.com//iot/latest/apireference/API_OpenSearchAction.html) .", - "title": "Elasticsearch" - }, - "Firehose": { - "$ref": "#/definitions/AWS::IoT::TopicRule.FirehoseAction", - "markdownDescription": "Write to an Amazon Kinesis Firehose stream.", - "title": "Firehose" - }, - "Http": { - "$ref": "#/definitions/AWS::IoT::TopicRule.HttpAction", - "markdownDescription": "Send data to an HTTPS endpoint.", - "title": "Http" - }, - "IotAnalytics": { - "$ref": "#/definitions/AWS::IoT::TopicRule.IotAnalyticsAction", - "markdownDescription": "Sends message data to an AWS IoT Analytics channel.", - "title": "IotAnalytics" - }, - "IotEvents": { - "$ref": "#/definitions/AWS::IoT::TopicRule.IotEventsAction", - "markdownDescription": "Sends an input to an AWS IoT Events detector.", - "title": "IotEvents" - }, - "IotSiteWise": { - "$ref": "#/definitions/AWS::IoT::TopicRule.IotSiteWiseAction", - "markdownDescription": "Sends data from the MQTT message that triggered the rule to AWS IoT SiteWise asset properties.", - "title": "IotSiteWise" - }, - "Kafka": { - "$ref": "#/definitions/AWS::IoT::TopicRule.KafkaAction", - "markdownDescription": "Send messages to an Amazon Managed Streaming for Apache Kafka (Amazon MSK) or self-managed Apache Kafka cluster.", - "title": "Kafka" - }, - "Kinesis": { - "$ref": "#/definitions/AWS::IoT::TopicRule.KinesisAction", - "markdownDescription": "Write data to an Amazon Kinesis stream.", - "title": "Kinesis" - }, - "Lambda": { - "$ref": "#/definitions/AWS::IoT::TopicRule.LambdaAction", - "markdownDescription": "Invoke a Lambda function.", - "title": "Lambda" - }, - "Location": { - "$ref": "#/definitions/AWS::IoT::TopicRule.LocationAction", - "markdownDescription": "Sends device location data to [Amazon Location Service](https://docs.aws.amazon.com//location/latest/developerguide/welcome.html) .", - "title": "Location" - }, - "OpenSearch": { - "$ref": "#/definitions/AWS::IoT::TopicRule.OpenSearchAction", - "markdownDescription": "Write data to an Amazon OpenSearch Service domain.", - "title": "OpenSearch" - }, - "Republish": { - "$ref": "#/definitions/AWS::IoT::TopicRule.RepublishAction", - "markdownDescription": "Publish to another MQTT topic.", - "title": "Republish" - }, - "S3": { - "$ref": "#/definitions/AWS::IoT::TopicRule.S3Action", - "markdownDescription": "Write to an Amazon S3 bucket.", - "title": "S3" - }, - "Sns": { - "$ref": "#/definitions/AWS::IoT::TopicRule.SnsAction", - "markdownDescription": "Publish to an Amazon SNS topic.", - "title": "Sns" - }, - "Sqs": { - "$ref": "#/definitions/AWS::IoT::TopicRule.SqsAction", - "markdownDescription": "Publish to an Amazon SQS queue.", - "title": "Sqs" + "AttachmentArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the cross-account attachment that specifies the endpoints (resources) that can be added to accelerators and principals that have permission to add the endpoints.", + "title": "AttachmentArn", + "type": "string" }, - "StepFunctions": { - "$ref": "#/definitions/AWS::IoT::TopicRule.StepFunctionsAction", - "markdownDescription": "Starts execution of a Step Functions state machine.", - "title": "StepFunctions" + "ClientIPPreservationEnabled": { + "markdownDescription": "Indicates whether client IP address preservation is enabled for an Application Load Balancer endpoint. The value is true or false. The default value is true for new accelerators.\n\nIf the value is set to true, the client's IP address is preserved in the `X-Forwarded-For` request header as traffic travels to applications on the Application Load Balancer endpoint fronted by the accelerator.\n\nFor more information, see [Preserve Client IP Addresses](https://docs.aws.amazon.com/global-accelerator/latest/dg/preserve-client-ip-address.html) in the *AWS Global Accelerator Developer Guide* .", + "title": "ClientIPPreservationEnabled", + "type": "boolean" }, - "Timestream": { - "$ref": "#/definitions/AWS::IoT::TopicRule.TimestreamAction", - "markdownDescription": "Writes attributes from an MQTT message.", - "title": "Timestream" - } - }, - "type": "object" - }, - "AWS::IoT::TopicRule.AssetPropertyTimestamp": { - "additionalProperties": false, - "properties": { - "OffsetInNanos": { - "markdownDescription": "Optional. A string that contains the nanosecond time offset. Accepts substitution templates.", - "title": "OffsetInNanos", + "EndpointId": { + "markdownDescription": "An ID for the endpoint. If the endpoint is a Network Load Balancer or Application Load Balancer, this is the Amazon Resource Name (ARN) of the resource. If the endpoint is an Elastic IP address, this is the Elastic IP address allocation ID. For Amazon EC2 instances, this is the EC2 instance ID. A resource must be valid and active when you add it as an endpoint.\n\nFor cross-account endpoints, this must be the ARN of the resource.", + "title": "EndpointId", "type": "string" }, - "TimeInSeconds": { - "markdownDescription": "A string that contains the time in seconds since epoch. Accepts substitution templates.", - "title": "TimeInSeconds", - "type": "string" + "Weight": { + "markdownDescription": "The weight associated with the endpoint. When you add weights to endpoints, you configure Global Accelerator to route traffic based on proportions that you specify. For example, you might specify endpoint weights of 4, 5, 5, and 6 (sum=20). The result is that 4/20 of your traffic, on average, is routed to the first endpoint, 5/20 is routed both to the second and third endpoints, and 6/20 is routed to the last endpoint. For more information, see [Endpoint Weights](https://docs.aws.amazon.com/global-accelerator/latest/dg/about-endpoints-endpoint-weights.html) in the *AWS Global Accelerator Developer Guide* .", + "title": "Weight", + "type": "number" } }, "required": [ - "TimeInSeconds" + "EndpointId" ], "type": "object" }, - "AWS::IoT::TopicRule.AssetPropertyValue": { + "AWS::GlobalAccelerator::EndpointGroup.PortOverride": { "additionalProperties": false, "properties": { - "Quality": { - "markdownDescription": "Optional. A string that describes the quality of the value. Accepts substitution templates. Must be `GOOD` , `BAD` , or `UNCERTAIN` .", - "title": "Quality", - "type": "string" - }, - "Timestamp": { - "$ref": "#/definitions/AWS::IoT::TopicRule.AssetPropertyTimestamp", - "markdownDescription": "The asset property value timestamp.", - "title": "Timestamp" + "EndpointPort": { + "markdownDescription": "The endpoint port that you want a listener port to be mapped to. This is the port on the endpoint, such as the Application Load Balancer or Amazon EC2 instance.", + "title": "EndpointPort", + "type": "number" }, - "Value": { - "$ref": "#/definitions/AWS::IoT::TopicRule.AssetPropertyVariant", - "markdownDescription": "The value of the asset property.", - "title": "Value" + "ListenerPort": { + "markdownDescription": "The listener port that you want to map to a specific endpoint port. This is the port that user traffic arrives to the Global Accelerator on.", + "title": "ListenerPort", + "type": "number" } }, "required": [ - "Timestamp", - "Value" + "EndpointPort", + "ListenerPort" ], "type": "object" }, - "AWS::IoT::TopicRule.AssetPropertyVariant": { + "AWS::GlobalAccelerator::Listener": { "additionalProperties": false, "properties": { - "BooleanValue": { - "markdownDescription": "Optional. A string that contains the boolean value ( `true` or `false` ) of the value entry. Accepts substitution templates.", - "title": "BooleanValue", + "Condition": { "type": "string" }, - "DoubleValue": { - "markdownDescription": "Optional. A string that contains the double value of the value entry. Accepts substitution templates.", - "title": "DoubleValue", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "IntegerValue": { - "markdownDescription": "Optional. A string that contains the integer value of the value entry. Accepts substitution templates.", - "title": "IntegerValue", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "StringValue": { - "markdownDescription": "Optional. The string value of the value entry. Accepts substitution templates.", - "title": "StringValue", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoT::TopicRule.CloudwatchAlarmAction": { - "additionalProperties": false, - "properties": { - "AlarmName": { - "markdownDescription": "The CloudWatch alarm name.", - "title": "AlarmName", - "type": "string" + "Metadata": { + "type": "object" }, - "RoleArn": { - "markdownDescription": "The IAM role that allows access to the CloudWatch alarm.", - "title": "RoleArn", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "AcceleratorArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of your accelerator.", + "title": "AcceleratorArn", + "type": "string" + }, + "ClientAffinity": { + "markdownDescription": "Client affinity lets you direct all requests from a user to the same endpoint, if you have stateful applications, regardless of the port and protocol of the client request. Client affinity gives you control over whether to always route each client to the same specific endpoint.\n\nAWS Global Accelerator uses a consistent-flow hashing algorithm to choose the optimal endpoint for a connection. If client affinity is `NONE` , Global Accelerator uses the \"five-tuple\" (5-tuple) properties\u2014source IP address, source port, destination IP address, destination port, and protocol\u2014to select the hash value, and then chooses the best endpoint. However, with this setting, if someone uses different ports to connect to Global Accelerator, their connections might not be always routed to the same endpoint because the hash value changes.\n\nIf you want a given client to always be routed to the same endpoint, set client affinity to `SOURCE_IP` instead. When you use the `SOURCE_IP` setting, Global Accelerator uses the \"two-tuple\" (2-tuple) properties\u2014 source (client) IP address and destination IP address\u2014to select the hash value.\n\nThe default value is `NONE` .", + "title": "ClientAffinity", + "type": "string" + }, + "PortRanges": { + "items": { + "$ref": "#/definitions/AWS::GlobalAccelerator::Listener.PortRange" + }, + "markdownDescription": "The list of port ranges for the connections from clients to the accelerator.", + "title": "PortRanges", + "type": "array" + }, + "Protocol": { + "markdownDescription": "The protocol for the connections from clients to the accelerator.", + "title": "Protocol", + "type": "string" + } + }, + "required": [ + "AcceleratorArn", + "PortRanges", + "Protocol" + ], + "type": "object" }, - "StateReason": { - "markdownDescription": "The reason for the alarm change.", - "title": "StateReason", + "Type": { + "enum": [ + "AWS::GlobalAccelerator::Listener" + ], "type": "string" }, - "StateValue": { - "markdownDescription": "The value of the alarm state. Acceptable values are: OK, ALARM, INSUFFICIENT_DATA.", - "title": "StateValue", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "AlarmName", - "RoleArn", - "StateReason", - "StateValue" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoT::TopicRule.CloudwatchLogsAction": { + "AWS::GlobalAccelerator::Listener.PortRange": { "additionalProperties": false, "properties": { - "BatchMode": { - "markdownDescription": "Indicates whether batches of log records will be extracted and uploaded into CloudWatch.", - "title": "BatchMode", - "type": "boolean" - }, - "LogGroupName": { - "markdownDescription": "The CloudWatch log name.", - "title": "LogGroupName", - "type": "string" + "FromPort": { + "markdownDescription": "The first port in the range of ports, inclusive.", + "title": "FromPort", + "type": "number" }, - "RoleArn": { - "markdownDescription": "The IAM role that allows access to the CloudWatch log.", - "title": "RoleArn", - "type": "string" + "ToPort": { + "markdownDescription": "The last port in the range of ports, inclusive.", + "title": "ToPort", + "type": "number" } }, "required": [ - "LogGroupName", - "RoleArn" + "FromPort", + "ToPort" ], "type": "object" }, - "AWS::IoT::TopicRule.CloudwatchMetricAction": { + "AWS::Glue::Classifier": { "additionalProperties": false, "properties": { - "MetricName": { - "markdownDescription": "The CloudWatch metric name.", - "title": "MetricName", + "Condition": { "type": "string" }, - "MetricNamespace": { - "markdownDescription": "The CloudWatch metric namespace name.", - "title": "MetricNamespace", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "MetricTimestamp": { - "markdownDescription": "An optional [Unix timestamp](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/cloudwatch_concepts.html#about_timestamp) .", - "title": "MetricTimestamp", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "MetricUnit": { - "markdownDescription": "The [metric unit](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/cloudwatch_concepts.html#Unit) supported by CloudWatch.", - "title": "MetricUnit", - "type": "string" + "Metadata": { + "type": "object" }, - "MetricValue": { - "markdownDescription": "The CloudWatch metric value.", - "title": "MetricValue", + "Properties": { + "additionalProperties": false, + "properties": { + "CsvClassifier": { + "$ref": "#/definitions/AWS::Glue::Classifier.CsvClassifier", + "markdownDescription": "A classifier for comma-separated values (CSV).", + "title": "CsvClassifier" + }, + "GrokClassifier": { + "$ref": "#/definitions/AWS::Glue::Classifier.GrokClassifier", + "markdownDescription": "A classifier that uses `grok` .", + "title": "GrokClassifier" + }, + "JsonClassifier": { + "$ref": "#/definitions/AWS::Glue::Classifier.JsonClassifier", + "markdownDescription": "A classifier for JSON content.", + "title": "JsonClassifier" + }, + "XMLClassifier": { + "$ref": "#/definitions/AWS::Glue::Classifier.XMLClassifier", + "markdownDescription": "A classifier for XML content.", + "title": "XMLClassifier" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Glue::Classifier" + ], "type": "string" }, - "RoleArn": { - "markdownDescription": "The IAM role that allows access to the CloudWatch metric.", - "title": "RoleArn", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "MetricName", - "MetricNamespace", - "MetricUnit", - "MetricValue", - "RoleArn" + "Type" ], "type": "object" }, - "AWS::IoT::TopicRule.DynamoDBAction": { + "AWS::Glue::Classifier.CsvClassifier": { "additionalProperties": false, "properties": { - "HashKeyField": { - "markdownDescription": "The hash key name.", - "title": "HashKeyField", - "type": "string" - }, - "HashKeyType": { - "markdownDescription": "The hash key type. Valid values are \"STRING\" or \"NUMBER\"", - "title": "HashKeyType", - "type": "string" + "AllowSingleColumn": { + "markdownDescription": "Enables the processing of files that contain only one column.", + "title": "AllowSingleColumn", + "type": "boolean" }, - "HashKeyValue": { - "markdownDescription": "The hash key value.", - "title": "HashKeyValue", - "type": "string" + "ContainsCustomDatatype": { + "items": { + "type": "string" + }, + "markdownDescription": "Indicates whether the CSV file contains custom data types.", + "title": "ContainsCustomDatatype", + "type": "array" }, - "PayloadField": { - "markdownDescription": "The action payload. This name can be customized.", - "title": "PayloadField", + "ContainsHeader": { + "markdownDescription": "Indicates whether the CSV file contains a header.\n\nA value of `UNKNOWN` specifies that the classifier will detect whether the CSV file contains headings.\n\nA value of `PRESENT` specifies that the CSV file contains headings.\n\nA value of `ABSENT` specifies that the CSV file does not contain headings.", + "title": "ContainsHeader", "type": "string" }, - "RangeKeyField": { - "markdownDescription": "The range key name.", - "title": "RangeKeyField", - "type": "string" + "CustomDatatypeConfigured": { + "markdownDescription": "Enables the configuration of custom data types.", + "title": "CustomDatatypeConfigured", + "type": "boolean" }, - "RangeKeyType": { - "markdownDescription": "The range key type. Valid values are \"STRING\" or \"NUMBER\"", - "title": "RangeKeyType", + "Delimiter": { + "markdownDescription": "A custom symbol to denote what separates each column entry in the row.", + "title": "Delimiter", "type": "string" }, - "RangeKeyValue": { - "markdownDescription": "The range key value.", - "title": "RangeKeyValue", - "type": "string" + "DisableValueTrimming": { + "markdownDescription": "Specifies not to trim values before identifying the type of column values. The default value is `true` .", + "title": "DisableValueTrimming", + "type": "boolean" }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role that grants access to the DynamoDB table.", - "title": "RoleArn", - "type": "string" + "Header": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of strings representing column names.", + "title": "Header", + "type": "array" }, - "TableName": { - "markdownDescription": "The name of the DynamoDB table.", - "title": "TableName", + "Name": { + "markdownDescription": "The name of the classifier.", + "title": "Name", "type": "string" - } - }, - "required": [ - "HashKeyField", - "HashKeyValue", - "RoleArn", - "TableName" - ], - "type": "object" - }, - "AWS::IoT::TopicRule.DynamoDBv2Action": { - "additionalProperties": false, - "properties": { - "PutItem": { - "$ref": "#/definitions/AWS::IoT::TopicRule.PutItemInput", - "markdownDescription": "Specifies the DynamoDB table to which the message data will be written. For example:\n\n`{ \"dynamoDBv2\": { \"roleArn\": \"aws:iam:12341251:my-role\" \"putItem\": { \"tableName\": \"my-table\" } } }`\n\nEach attribute in the message payload will be written to a separate column in the DynamoDB database.", - "title": "PutItem" }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role that grants access to the DynamoDB table.", - "title": "RoleArn", + "QuoteSymbol": { + "markdownDescription": "A custom symbol to denote what combines content into a single column value. It must be different from the column delimiter.", + "title": "QuoteSymbol", "type": "string" } }, "type": "object" }, - "AWS::IoT::TopicRule.ElasticsearchAction": { + "AWS::Glue::Classifier.GrokClassifier": { "additionalProperties": false, "properties": { - "Endpoint": { - "markdownDescription": "The endpoint of your OpenSearch domain.", - "title": "Endpoint", - "type": "string" - }, - "Id": { - "markdownDescription": "The unique identifier for the document you are storing.", - "title": "Id", + "Classification": { + "markdownDescription": "An identifier of the data format that the classifier matches, such as Twitter, JSON, Omniture logs, and so on.", + "title": "Classification", "type": "string" }, - "Index": { - "markdownDescription": "The index where you want to store your data.", - "title": "Index", + "CustomPatterns": { + "markdownDescription": "Optional custom grok patterns defined by this classifier. For more information, see custom patterns in [Writing Custom Classifiers](https://docs.aws.amazon.com/glue/latest/dg/custom-classifier.html) .", + "title": "CustomPatterns", "type": "string" }, - "RoleArn": { - "markdownDescription": "The IAM role ARN that has access to OpenSearch.", - "title": "RoleArn", + "GrokPattern": { + "markdownDescription": "The grok pattern applied to a data store by this classifier. For more information, see built-in patterns in [Writing Custom Classifiers](https://docs.aws.amazon.com/glue/latest/dg/custom-classifier.html) .", + "title": "GrokPattern", "type": "string" }, - "Type": { - "markdownDescription": "The type of document you are storing.", - "title": "Type", + "Name": { + "markdownDescription": "The name of the classifier.", + "title": "Name", "type": "string" } }, "required": [ - "Endpoint", - "Id", - "Index", - "RoleArn", - "Type" + "Classification", + "GrokPattern" ], "type": "object" }, - "AWS::IoT::TopicRule.FirehoseAction": { + "AWS::Glue::Classifier.JsonClassifier": { "additionalProperties": false, "properties": { - "BatchMode": { - "markdownDescription": "Whether to deliver the Kinesis Data Firehose stream as a batch by using [`PutRecordBatch`](https://docs.aws.amazon.com/firehose/latest/APIReference/API_PutRecordBatch.html) . The default value is `false` .\n\nWhen `batchMode` is `true` and the rule's SQL statement evaluates to an Array, each Array element forms one record in the [`PutRecordBatch`](https://docs.aws.amazon.com/firehose/latest/APIReference/API_PutRecordBatch.html) request. The resulting array can't have more than 500 records.", - "title": "BatchMode", - "type": "boolean" - }, - "DeliveryStreamName": { - "markdownDescription": "The delivery stream name.", - "title": "DeliveryStreamName", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The IAM role that grants access to the Amazon Kinesis Firehose stream.", - "title": "RoleArn", + "JsonPath": { + "markdownDescription": "A `JsonPath` string defining the JSON data for the classifier to classify. AWS Glue supports a subset of `JsonPath` , as described in [Writing JsonPath Custom Classifiers](https://docs.aws.amazon.com/glue/latest/dg/custom-classifier.html#custom-classifier-json) .", + "title": "JsonPath", "type": "string" }, - "Separator": { - "markdownDescription": "A character separator that will be used to separate records written to the Firehose stream. Valid values are: '\\n' (newline), '\\t' (tab), '\\r\\n' (Windows newline), ',' (comma).", - "title": "Separator", + "Name": { + "markdownDescription": "The name of the classifier.", + "title": "Name", "type": "string" } }, "required": [ - "DeliveryStreamName", - "RoleArn" + "JsonPath" ], "type": "object" }, - "AWS::IoT::TopicRule.HttpAction": { + "AWS::Glue::Classifier.XMLClassifier": { "additionalProperties": false, "properties": { - "Auth": { - "$ref": "#/definitions/AWS::IoT::TopicRule.HttpAuthorization", - "markdownDescription": "The authentication method to use when sending data to an HTTPS endpoint.", - "title": "Auth" - }, - "ConfirmationUrl": { - "markdownDescription": "The URL to which AWS IoT sends a confirmation message. The value of the confirmation URL must be a prefix of the endpoint URL. If you do not specify a confirmation URL AWS IoT uses the endpoint URL as the confirmation URL. If you use substitution templates in the confirmationUrl, you must create and enable topic rule destinations that match each possible value of the substitution template before traffic is allowed to your endpoint URL.", - "title": "ConfirmationUrl", + "Classification": { + "markdownDescription": "An identifier of the data format that the classifier matches.", + "title": "Classification", "type": "string" }, - "Headers": { - "items": { - "$ref": "#/definitions/AWS::IoT::TopicRule.HttpActionHeader" - }, - "markdownDescription": "The HTTP headers to send with the message data.", - "title": "Headers", - "type": "array" + "Name": { + "markdownDescription": "The name of the classifier.", + "title": "Name", + "type": "string" }, - "Url": { - "markdownDescription": "The endpoint URL. If substitution templates are used in the URL, you must also specify a `confirmationUrl` . If this is a new destination, a new `TopicRuleDestination` is created if possible.", - "title": "Url", + "RowTag": { + "markdownDescription": "The XML tag designating the element that contains each record in an XML document being parsed. This can't identify a self-closing element (closed by `/>` ). An empty row element that contains only attributes can be parsed as long as it ends with a closing tag (for example, `` is okay, but `` is not).", + "title": "RowTag", "type": "string" } }, "required": [ - "Url" + "Classification", + "RowTag" ], "type": "object" }, - "AWS::IoT::TopicRule.HttpActionHeader": { + "AWS::Glue::Connection": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The HTTP header key.", - "title": "Key", + "Condition": { "type": "string" }, - "Value": { - "markdownDescription": "The HTTP header value. Substitution templates are supported.", - "title": "Value", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CatalogId": { + "markdownDescription": "The ID of the data catalog to create the catalog object in. Currently, this should be the AWS account ID.\n\n> To specify the account ID, you can use the `Ref` intrinsic function with the `AWS::AccountId` pseudo parameter. For example: `!Ref AWS::AccountId` .", + "title": "CatalogId", + "type": "string" + }, + "ConnectionInput": { + "$ref": "#/definitions/AWS::Glue::Connection.ConnectionInput", + "markdownDescription": "The connection that you want to create.", + "title": "ConnectionInput" + } + }, + "required": [ + "CatalogId", + "ConnectionInput" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Glue::Connection" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Key", - "Value" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoT::TopicRule.HttpAuthorization": { - "additionalProperties": false, - "properties": { - "Sigv4": { - "$ref": "#/definitions/AWS::IoT::TopicRule.SigV4Authorization", - "markdownDescription": "Use Sig V4 authorization. For more information, see [Signature Version 4 Signing Process](https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) .", - "title": "Sigv4" - } - }, - "type": "object" - }, - "AWS::IoT::TopicRule.IotAnalyticsAction": { + "AWS::Glue::Connection.AuthenticationConfigurationInput": { "additionalProperties": false, "properties": { - "BatchMode": { - "markdownDescription": "Whether to process the action as a batch. The default value is `false` .\n\nWhen `batchMode` is `true` and the rule SQL statement evaluates to an Array, each Array element is delivered as a separate message when passed by [`BatchPutMessage`](https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_BatchPutMessage.html) The resulting array can't have more than 100 messages.", - "title": "BatchMode", - "type": "boolean" + "AuthenticationType": { + "markdownDescription": "A structure containing the authentication configuration in the CreateConnection request.", + "title": "AuthenticationType", + "type": "string" }, - "ChannelName": { - "markdownDescription": "The name of the IoT Analytics channel to which message data will be sent.", - "title": "ChannelName", + "BasicAuthenticationCredentials": { + "$ref": "#/definitions/AWS::Glue::Connection.BasicAuthenticationCredentials", + "markdownDescription": "The credentials used when the authentication type is basic authentication.", + "title": "BasicAuthenticationCredentials" + }, + "CustomAuthenticationCredentials": { + "markdownDescription": "The credentials used when the authentication type is custom authentication.", + "title": "CustomAuthenticationCredentials", + "type": "object" + }, + "KmsKeyArn": { + "markdownDescription": "The ARN of the KMS key used to encrypt the connection. Only taken an as input in the request and stored in the Secret Manager.", + "title": "KmsKeyArn", "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the role which has a policy that grants IoT Analytics permission to send message data via IoT Analytics (iotanalytics:BatchPutMessage).", - "title": "RoleArn", + "OAuth2Properties": { + "$ref": "#/definitions/AWS::Glue::Connection.OAuth2PropertiesInput", + "markdownDescription": "The properties for OAuth2 authentication in the CreateConnection request.", + "title": "OAuth2Properties" + }, + "SecretArn": { + "markdownDescription": "The secret manager ARN to store credentials in the CreateConnection request.", + "title": "SecretArn", "type": "string" } }, "required": [ - "ChannelName", - "RoleArn" + "AuthenticationType" ], "type": "object" }, - "AWS::IoT::TopicRule.IotEventsAction": { + "AWS::Glue::Connection.AuthorizationCodeProperties": { "additionalProperties": false, "properties": { - "BatchMode": { - "markdownDescription": "Whether to process the event actions as a batch. The default value is `false` .\n\nWhen `batchMode` is `true` , you can't specify a `messageId` .\n\nWhen `batchMode` is `true` and the rule SQL statement evaluates to an Array, each Array element is treated as a separate message when Events by calling [`BatchPutMessage`](https://docs.aws.amazon.com/iotevents/latest/apireference/API_iotevents-data_BatchPutMessage.html) . The resulting array can't have more than 10 messages.", - "title": "BatchMode", - "type": "boolean" - }, - "InputName": { - "markdownDescription": "The name of the AWS IoT Events input.", - "title": "InputName", + "AuthorizationCode": { + "markdownDescription": "An authorization code to be used in the third leg of the `AUTHORIZATION_CODE` grant workflow. This is a single-use code which becomes invalid once exchanged for an access token, thus it is acceptable to have this value as a request parameter.", + "title": "AuthorizationCode", "type": "string" }, - "MessageId": { - "markdownDescription": "The ID of the message. The default `messageId` is a new UUID value.\n\nWhen `batchMode` is `true` , you can't specify a `messageId` --a new UUID value will be assigned.\n\nAssign a value to this property to ensure that only one input (message) with a given `messageId` will be processed by an AWS IoT Events detector.", - "title": "MessageId", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN of the role that grants AWS IoT permission to send an input to an AWS IoT Events detector. (\"Action\":\"iotevents:BatchPutMessage\").", - "title": "RoleArn", + "RedirectUri": { + "markdownDescription": "The redirect URI where the user gets redirected to by authorization server when issuing an authorization code. The URI is subsequently used when the authorization code is exchanged for an access token.", + "title": "RedirectUri", "type": "string" } }, - "required": [ - "InputName", - "RoleArn" - ], "type": "object" }, - "AWS::IoT::TopicRule.IotSiteWiseAction": { + "AWS::Glue::Connection.BasicAuthenticationCredentials": { "additionalProperties": false, "properties": { - "PutAssetPropertyValueEntries": { - "items": { - "$ref": "#/definitions/AWS::IoT::TopicRule.PutAssetPropertyValueEntry" - }, - "markdownDescription": "A list of asset property value entries.", - "title": "PutAssetPropertyValueEntries", - "type": "array" + "Password": { + "markdownDescription": "The password to connect to the data source.", + "title": "Password", + "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the role that grants AWS IoT permission to send an asset property value to AWS IoT SiteWise. ( `\"Action\": \"iotsitewise:BatchPutAssetPropertyValue\"` ). The trust policy can restrict access to specific asset hierarchy paths.", - "title": "RoleArn", + "Username": { + "markdownDescription": "The username to connect to the data source.", + "title": "Username", "type": "string" } }, - "required": [ - "PutAssetPropertyValueEntries", - "RoleArn" - ], "type": "object" }, - "AWS::IoT::TopicRule.KafkaAction": { + "AWS::Glue::Connection.ConnectionInput": { "additionalProperties": false, "properties": { - "ClientProperties": { - "additionalProperties": true, - "markdownDescription": "Properties of the Apache Kafka producer client.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "ClientProperties", + "AthenaProperties": { + "markdownDescription": "Connection properties specific to the Athena compute environment.", + "title": "AthenaProperties", "type": "object" }, - "DestinationArn": { - "markdownDescription": "The ARN of Kafka action's VPC `TopicRuleDestination` .", - "title": "DestinationArn", + "AuthenticationConfiguration": { + "$ref": "#/definitions/AWS::Glue::Connection.AuthenticationConfigurationInput", + "markdownDescription": "The authentication properties of the connection.", + "title": "AuthenticationConfiguration" + }, + "ConnectionProperties": { + "markdownDescription": "These key-value pairs define parameters for the connection.", + "title": "ConnectionProperties", + "type": "object" + }, + "ConnectionType": { + "markdownDescription": "The type of the connection. Currently, these types are supported:\n\n- `JDBC` - Designates a connection to a database through Java Database Connectivity (JDBC).\n\n`JDBC` Connections use the following ConnectionParameters.\n\n- Required: All of ( `HOST` , `PORT` , `JDBC_ENGINE` ) or `JDBC_CONNECTION_URL` .\n- Required: All of ( `USERNAME` , `PASSWORD` ) or `SECRET_ID` .\n- Optional: `JDBC_ENFORCE_SSL` , `CUSTOM_JDBC_CERT` , `CUSTOM_JDBC_CERT_STRING` , `SKIP_CUSTOM_JDBC_CERT_VALIDATION` . These parameters are used to configure SSL with JDBC.\n- `KAFKA` - Designates a connection to an Apache Kafka streaming platform.\n\n`KAFKA` Connections use the following ConnectionParameters.\n\n- Required: `KAFKA_BOOTSTRAP_SERVERS` .\n- Optional: `KAFKA_SSL_ENABLED` , `KAFKA_CUSTOM_CERT` , `KAFKA_SKIP_CUSTOM_CERT_VALIDATION` . These parameters are used to configure SSL with `KAFKA` .\n- Optional: `KAFKA_CLIENT_KEYSTORE` , `KAFKA_CLIENT_KEYSTORE_PASSWORD` , `KAFKA_CLIENT_KEY_PASSWORD` , `ENCRYPTED_KAFKA_CLIENT_KEYSTORE_PASSWORD` , `ENCRYPTED_KAFKA_CLIENT_KEY_PASSWORD` . These parameters are used to configure TLS client configuration with SSL in `KAFKA` .\n- Optional: `KAFKA_SASL_MECHANISM` . Can be specified as `SCRAM-SHA-512` , `GSSAPI` , or `AWS_MSK_IAM` .\n- Optional: `KAFKA_SASL_SCRAM_USERNAME` , `KAFKA_SASL_SCRAM_PASSWORD` , `ENCRYPTED_KAFKA_SASL_SCRAM_PASSWORD` . These parameters are used to configure SASL/SCRAM-SHA-512 authentication with `KAFKA` .\n- Optional: `KAFKA_SASL_GSSAPI_KEYTAB` , `KAFKA_SASL_GSSAPI_KRB5_CONF` , `KAFKA_SASL_GSSAPI_SERVICE` , `KAFKA_SASL_GSSAPI_PRINCIPAL` . These parameters are used to configure SASL/GSSAPI authentication with `KAFKA` .\n- `MONGODB` - Designates a connection to a MongoDB document database.\n\n`MONGODB` Connections use the following ConnectionParameters.\n\n- Required: `CONNECTION_URL` .\n- Required: All of ( `USERNAME` , `PASSWORD` ) or `SECRET_ID` .\n- `VIEW_VALIDATION_REDSHIFT` - Designates a connection used for view validation by Amazon Redshift.\n- `VIEW_VALIDATION_ATHENA` - Designates a connection used for view validation by Amazon Athena.\n- `NETWORK` - Designates a network connection to a data source within an Amazon Virtual Private Cloud environment (Amazon VPC).\n\n`NETWORK` Connections do not require ConnectionParameters. Instead, provide a PhysicalConnectionRequirements.\n- `MARKETPLACE` - Uses configuration settings contained in a connector purchased from AWS Marketplace to read from and write to data stores that are not natively supported by AWS Glue .\n\n`MARKETPLACE` Connections use the following ConnectionParameters.\n\n- Required: `CONNECTOR_TYPE` , `CONNECTOR_URL` , `CONNECTOR_CLASS_NAME` , `CONNECTION_URL` .\n- Required for `JDBC` `CONNECTOR_TYPE` connections: All of ( `USERNAME` , `PASSWORD` ) or `SECRET_ID` .\n- `CUSTOM` - Uses configuration settings contained in a custom connector to read from and write to data stores that are not natively supported by AWS Glue .\n\nAdditionally, a `ConnectionType` for the following SaaS connectors is supported:\n\n- `FACEBOOKADS` - Designates a connection to Facebook Ads.\n- `GOOGLEADS` - Designates a connection to Google Ads.\n- `GOOGLESHEETS` - Designates a connection to Google Sheets.\n- `GOOGLEANALYTICS4` - Designates a connection to Google Analytics 4.\n- `HUBSPOT` - Designates a connection to HubSpot.\n- `INSTAGRAMADS` - Designates a connection to Instagram Ads.\n- `INTERCOM` - Designates a connection to Intercom.\n- `JIRACLOUD` - Designates a connection to Jira Cloud.\n- `MARKETO` - Designates a connection to Adobe Marketo Engage.\n- `NETSUITEERP` - Designates a connection to Oracle NetSuite.\n- `SALESFORCE` - Designates a connection to Salesforce using OAuth authentication.\n- `SALESFORCEMARKETINGCLOUD` - Designates a connection to Salesforce Marketing Cloud.\n- `SALESFORCEPARDOT` - Designates a connection to Salesforce Marketing Cloud Account Engagement (MCAE).\n- `SAPODATA` - Designates a connection to SAP OData.\n- `SERVICENOW` - Designates a connection to ServiceNow.\n- `SLACK` - Designates a connection to Slack.\n- `SNAPCHATADS` - Designates a connection to Snapchat Ads.\n- `STRIPE` - Designates a connection to Stripe.\n- `ZENDESK` - Designates a connection to Zendesk.\n- `ZOHOCRM` - Designates a connection to Zoho CRM.\n\nFor more information on the connection parameters needed for a particular connector, see the documentation for the connector in [Adding an AWS Glue connection](https://docs.aws.amazon.com/glue/latest/dg/console-connections.html) in the AWS Glue User Guide.\n\n`SFTP` is not supported.\n\nFor more information about how optional ConnectionProperties are used to configure features in AWS Glue , consult [AWS Glue connection properties](https://docs.aws.amazon.com/glue/latest/dg/connection-defining.html) .\n\nFor more information about how optional ConnectionProperties are used to configure features in AWS Glue Studio, consult [Using connectors and connections](https://docs.aws.amazon.com/glue/latest/ug/connectors-chapter.html) .", + "title": "ConnectionType", "type": "string" }, - "Headers": { + "Description": { + "markdownDescription": "The description of the connection.", + "title": "Description", + "type": "string" + }, + "MatchCriteria": { "items": { - "$ref": "#/definitions/AWS::IoT::TopicRule.KafkaActionHeader" + "type": "string" }, - "markdownDescription": "The list of Kafka headers that you specify.", - "title": "Headers", + "markdownDescription": "A list of criteria that can be used in selecting this connection.", + "title": "MatchCriteria", "type": "array" }, - "Key": { - "markdownDescription": "The Kafka message key.", - "title": "Key", + "Name": { + "markdownDescription": "The name of the connection.", + "title": "Name", "type": "string" }, - "Partition": { - "markdownDescription": "The Kafka message partition.", - "title": "Partition", - "type": "string" + "PhysicalConnectionRequirements": { + "$ref": "#/definitions/AWS::Glue::Connection.PhysicalConnectionRequirements", + "markdownDescription": "The physical connection requirements, such as virtual private cloud (VPC) and `SecurityGroup` , that are needed to successfully make this connection.", + "title": "PhysicalConnectionRequirements" }, - "Topic": { - "markdownDescription": "The Kafka topic for messages to be sent to the Kafka broker.", - "title": "Topic", - "type": "string" + "PythonProperties": { + "markdownDescription": "Connection properties specific to the Python compute environment.", + "title": "PythonProperties", + "type": "object" + }, + "SparkProperties": { + "markdownDescription": "Connection properties specific to the Spark compute environment.", + "title": "SparkProperties", + "type": "object" + }, + "ValidateCredentials": { + "markdownDescription": "A flag to validate the credentials during create connection. Default is true.", + "title": "ValidateCredentials", + "type": "boolean" + }, + "ValidateForComputeEnvironments": { + "items": { + "type": "string" + }, + "markdownDescription": "The compute environments that the specified connection properties are validated against.", + "title": "ValidateForComputeEnvironments", + "type": "array" } }, "required": [ - "ClientProperties", - "DestinationArn", - "Topic" + "ConnectionType" ], "type": "object" }, - "AWS::IoT::TopicRule.KafkaActionHeader": { + "AWS::Glue::Connection.OAuth2ClientApplication": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The key of the Kafka header.", - "title": "Key", + "AWSManagedClientApplicationReference": { + "markdownDescription": "The reference to the SaaS-side client app that is AWS managed.", + "title": "AWSManagedClientApplicationReference", "type": "string" }, - "Value": { - "markdownDescription": "The value of the Kafka header.", - "title": "Value", + "UserManagedClientApplicationClientId": { + "markdownDescription": "The client application clientID if the ClientAppType is `USER_MANAGED` .", + "title": "UserManagedClientApplicationClientId", "type": "string" } }, - "required": [ - "Key", - "Value" - ], "type": "object" }, - "AWS::IoT::TopicRule.KinesisAction": { + "AWS::Glue::Connection.OAuth2Credentials": { "additionalProperties": false, "properties": { - "PartitionKey": { - "markdownDescription": "The partition key.", - "title": "PartitionKey", + "AccessToken": { + "markdownDescription": "The access token used when the authentication type is OAuth2.", + "title": "AccessToken", "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role that grants access to the Amazon Kinesis stream.", - "title": "RoleArn", + "JwtToken": { + "markdownDescription": "The JSON Web Token (JWT) used when the authentication type is OAuth2.", + "title": "JwtToken", "type": "string" }, - "StreamName": { - "markdownDescription": "The name of the Amazon Kinesis stream.", - "title": "StreamName", + "RefreshToken": { + "markdownDescription": "The refresh token used when the authentication type is OAuth2.", + "title": "RefreshToken", + "type": "string" + }, + "UserManagedClientApplicationClientSecret": { + "markdownDescription": "The client application client secret if the client application is user managed.", + "title": "UserManagedClientApplicationClientSecret", "type": "string" } }, - "required": [ - "RoleArn", - "StreamName" - ], "type": "object" }, - "AWS::IoT::TopicRule.LambdaAction": { + "AWS::Glue::Connection.OAuth2PropertiesInput": { "additionalProperties": false, "properties": { - "FunctionArn": { - "markdownDescription": "The ARN of the Lambda function.", - "title": "FunctionArn", + "AuthorizationCodeProperties": { + "$ref": "#/definitions/AWS::Glue::Connection.AuthorizationCodeProperties", + "markdownDescription": "The set of properties required for the the OAuth2 `AUTHORIZATION_CODE` grant type.", + "title": "AuthorizationCodeProperties" + }, + "OAuth2ClientApplication": { + "$ref": "#/definitions/AWS::Glue::Connection.OAuth2ClientApplication", + "markdownDescription": "The client application type in the CreateConnection request. For example, `AWS_MANAGED` or `USER_MANAGED` .", + "title": "OAuth2ClientApplication" + }, + "OAuth2Credentials": { + "$ref": "#/definitions/AWS::Glue::Connection.OAuth2Credentials", + "markdownDescription": "The credentials used when the authentication type is OAuth2 authentication.", + "title": "OAuth2Credentials" + }, + "OAuth2GrantType": { + "markdownDescription": "The OAuth2 grant type in the CreateConnection request. For example, `AUTHORIZATION_CODE` , `JWT_BEARER` , or `CLIENT_CREDENTIALS` .", + "title": "OAuth2GrantType", + "type": "string" + }, + "TokenUrl": { + "markdownDescription": "The URL of the provider's authentication server, to exchange an authorization code for an access token.", + "title": "TokenUrl", "type": "string" + }, + "TokenUrlParametersMap": { + "markdownDescription": "A map of parameters that are added to the token `GET` request.", + "title": "TokenUrlParametersMap", + "type": "object" } }, "type": "object" }, - "AWS::IoT::TopicRule.LocationAction": { + "AWS::Glue::Connection.PhysicalConnectionRequirements": { "additionalProperties": false, "properties": { - "DeviceId": { - "markdownDescription": "The unique ID of the device providing the location data.", - "title": "DeviceId", - "type": "string" - }, - "Latitude": { - "markdownDescription": "A string that evaluates to a double value that represents the latitude of the device's location.", - "title": "Latitude", - "type": "string" - }, - "Longitude": { - "markdownDescription": "A string that evaluates to a double value that represents the longitude of the device's location.", - "title": "Longitude", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The IAM role that grants permission to write to the Amazon Location resource.", - "title": "RoleArn", + "AvailabilityZone": { + "markdownDescription": "The connection's Availability Zone.", + "title": "AvailabilityZone", "type": "string" }, - "Timestamp": { - "$ref": "#/definitions/AWS::IoT::TopicRule.Timestamp", - "markdownDescription": "The time that the location data was sampled. The default value is the time the MQTT message was processed.", - "title": "Timestamp" + "SecurityGroupIdList": { + "items": { + "type": "string" + }, + "markdownDescription": "The security group ID list used by the connection.", + "title": "SecurityGroupIdList", + "type": "array" }, - "TrackerName": { - "markdownDescription": "The name of the tracker resource in Amazon Location in which the location is updated.", - "title": "TrackerName", + "SubnetId": { + "markdownDescription": "The subnet ID used by the connection.", + "title": "SubnetId", "type": "string" } }, - "required": [ - "DeviceId", - "Latitude", - "Longitude", - "RoleArn", - "TrackerName" - ], "type": "object" }, - "AWS::IoT::TopicRule.OpenSearchAction": { + "AWS::Glue::Crawler": { "additionalProperties": false, "properties": { - "Endpoint": { - "markdownDescription": "The endpoint of your OpenSearch domain.", - "title": "Endpoint", + "Condition": { "type": "string" }, - "Id": { - "markdownDescription": "The unique identifier for the document you are storing.", - "title": "Id", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Index": { - "markdownDescription": "The OpenSearch index where you want to store your data.", - "title": "Index", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "RoleArn": { - "markdownDescription": "The IAM role ARN that has access to OpenSearch.", - "title": "RoleArn", - "type": "string" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Classifiers": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of UTF-8 strings that specify the names of custom classifiers that are associated with the crawler.", + "title": "Classifiers", + "type": "array" + }, + "Configuration": { + "markdownDescription": "Crawler configuration information. This versioned JSON string allows users to specify aspects of a crawler's behavior. For more information, see [Configuring a Crawler](https://docs.aws.amazon.com/glue/latest/dg/crawler-configuration.html) .", + "title": "Configuration", + "type": "string" + }, + "CrawlerSecurityConfiguration": { + "markdownDescription": "The name of the `SecurityConfiguration` structure to be used by this crawler.", + "title": "CrawlerSecurityConfiguration", + "type": "string" + }, + "DatabaseName": { + "markdownDescription": "The name of the database in which the crawler's output is stored.", + "title": "DatabaseName", + "type": "string" + }, + "Description": { + "markdownDescription": "A description of the crawler.", + "title": "Description", + "type": "string" + }, + "LakeFormationConfiguration": { + "$ref": "#/definitions/AWS::Glue::Crawler.LakeFormationConfiguration", + "markdownDescription": "Specifies whether the crawler should use AWS Lake Formation credentials for the crawler instead of the IAM role credentials.", + "title": "LakeFormationConfiguration" + }, + "Name": { + "markdownDescription": "The name of the crawler.", + "title": "Name", + "type": "string" + }, + "RecrawlPolicy": { + "$ref": "#/definitions/AWS::Glue::Crawler.RecrawlPolicy", + "markdownDescription": "A policy that specifies whether to crawl the entire dataset again, or to crawl only folders that were added since the last crawler run.", + "title": "RecrawlPolicy" + }, + "Role": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role that's used to access customer resources, such as Amazon Simple Storage Service (Amazon S3) data.", + "title": "Role", + "type": "string" + }, + "Schedule": { + "$ref": "#/definitions/AWS::Glue::Crawler.Schedule", + "markdownDescription": "For scheduled crawlers, the schedule when the crawler runs.", + "title": "Schedule" + }, + "SchemaChangePolicy": { + "$ref": "#/definitions/AWS::Glue::Crawler.SchemaChangePolicy", + "markdownDescription": "The policy that specifies update and delete behaviors for the crawler. The policy tells the crawler what to do in the event that it detects a change in a table that already exists in the customer's database at the time of the crawl. The `SchemaChangePolicy` does not affect whether or how new tables and partitions are added. New tables and partitions are always created regardless of the `SchemaChangePolicy` on a crawler.\n\nThe SchemaChangePolicy consists of two components, `UpdateBehavior` and `DeleteBehavior` .", + "title": "SchemaChangePolicy" + }, + "TablePrefix": { + "markdownDescription": "The prefix added to the names of tables that are created.", + "title": "TablePrefix", + "type": "string" + }, + "Tags": { + "markdownDescription": "The tags to use with this crawler.", + "title": "Tags", + "type": "object" + }, + "Targets": { + "$ref": "#/definitions/AWS::Glue::Crawler.Targets", + "markdownDescription": "A collection of targets to crawl.", + "title": "Targets" + } + }, + "required": [ + "Role", + "Targets" + ], + "type": "object" }, "Type": { - "markdownDescription": "The type of document you are storing.", - "title": "Type", + "enum": [ + "AWS::Glue::Crawler" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Endpoint", - "Id", - "Index", - "RoleArn", - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoT::TopicRule.PutAssetPropertyValueEntry": { + "AWS::Glue::Crawler.CatalogTarget": { "additionalProperties": false, "properties": { - "AssetId": { - "markdownDescription": "The ID of the AWS IoT SiteWise asset. You must specify either a `propertyAlias` or both an `aliasId` and a `propertyId` . Accepts substitution templates.", - "title": "AssetId", + "ConnectionName": { + "markdownDescription": "The name of the connection for an Amazon S3-backed Data Catalog table to be a target of the crawl when using a `Catalog` connection type paired with a `NETWORK` Connection type.", + "title": "ConnectionName", "type": "string" }, - "EntryId": { - "markdownDescription": "Optional. A unique identifier for this entry that you can define to better track which message caused an error in case of failure. Accepts substitution templates. Defaults to a new UUID.", - "title": "EntryId", + "DatabaseName": { + "markdownDescription": "The name of the database to be synchronized.", + "title": "DatabaseName", "type": "string" }, - "PropertyAlias": { - "markdownDescription": "The name of the property alias associated with your asset property. You must specify either a `propertyAlias` or both an `aliasId` and a `propertyId` . Accepts substitution templates.", - "title": "PropertyAlias", + "DlqEventQueueArn": { + "markdownDescription": "A valid Amazon dead-letter SQS ARN. For example, `arn:aws:sqs:region:account:deadLetterQueue` .", + "title": "DlqEventQueueArn", "type": "string" }, - "PropertyId": { - "markdownDescription": "The ID of the asset's property. You must specify either a `propertyAlias` or both an `aliasId` and a `propertyId` . Accepts substitution templates.", - "title": "PropertyId", + "EventQueueArn": { + "markdownDescription": "A valid Amazon SQS ARN. For example, `arn:aws:sqs:region:account:sqs` .", + "title": "EventQueueArn", "type": "string" }, - "PropertyValues": { + "Tables": { "items": { - "$ref": "#/definitions/AWS::IoT::TopicRule.AssetPropertyValue" + "type": "string" }, - "markdownDescription": "A list of property values to insert that each contain timestamp, quality, and value (TQV) information.", - "title": "PropertyValues", + "markdownDescription": "A list of the tables to be synchronized.", + "title": "Tables", "type": "array" } }, - "required": [ - "PropertyValues" - ], "type": "object" }, - "AWS::IoT::TopicRule.PutItemInput": { + "AWS::Glue::Crawler.DeltaTarget": { "additionalProperties": false, "properties": { - "TableName": { - "markdownDescription": "The table where the message data will be written.", - "title": "TableName", + "ConnectionName": { + "markdownDescription": "The name of the connection to use to connect to the Delta table target.", + "title": "ConnectionName", "type": "string" + }, + "CreateNativeDeltaTable": { + "markdownDescription": "Specifies whether the crawler will create native tables, to allow integration with query engines that support querying of the Delta transaction log directly.", + "title": "CreateNativeDeltaTable", + "type": "boolean" + }, + "DeltaTables": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the Amazon S3 paths to the Delta tables.", + "title": "DeltaTables", + "type": "array" + }, + "WriteManifest": { + "markdownDescription": "Specifies whether to write the manifest files to the Delta table path.", + "title": "WriteManifest", + "type": "boolean" } }, - "required": [ - "TableName" - ], "type": "object" }, - "AWS::IoT::TopicRule.RepublishAction": { + "AWS::Glue::Crawler.DynamoDBTarget": { "additionalProperties": false, "properties": { - "Headers": { - "$ref": "#/definitions/AWS::IoT::TopicRule.RepublishActionHeaders", - "markdownDescription": "MQTT Version 5.0 headers information. For more information, see [MQTT](https://docs.aws.amazon.com//iot/latest/developerguide/mqtt.html) in the IoT Core Developer Guide.", - "title": "Headers" - }, - "Qos": { - "markdownDescription": "The Quality of Service (QoS) level to use when republishing messages. The default value is 0.", - "title": "Qos", - "type": "number" - }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role that grants access.", - "title": "RoleArn", - "type": "string" - }, - "Topic": { - "markdownDescription": "The name of the MQTT topic.", - "title": "Topic", + "Path": { + "markdownDescription": "The name of the DynamoDB table to crawl.", + "title": "Path", "type": "string" } }, - "required": [ - "RoleArn", - "Topic" - ], "type": "object" }, - "AWS::IoT::TopicRule.RepublishActionHeaders": { + "AWS::Glue::Crawler.HudiTarget": { "additionalProperties": false, "properties": { - "ContentType": { - "markdownDescription": "A UTF-8 encoded string that describes the content of the publishing message.\n\nFor more information, see [Content Type](https://docs.aws.amazon.com/https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901118) in the MQTT Version 5.0 specification.\n\nSupports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) .", - "title": "ContentType", - "type": "string" - }, - "CorrelationData": { - "markdownDescription": "The base64-encoded binary data used by the sender of the request message to identify which request the response message is for.\n\nFor more information, see [Correlation Data](https://docs.aws.amazon.com/https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901115) in the MQTT Version 5.0 specification.\n\nSupports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) .\n\n> This binary data must be base64-encoded.", - "title": "CorrelationData", - "type": "string" - }, - "MessageExpiry": { - "markdownDescription": "A user-defined integer value that represents the message expiry interval at the broker. If the messages haven't been sent to the subscribers within that interval, the message expires and is removed. The value of `messageExpiry` represents the number of seconds before it expires. For more information about the limits of `messageExpiry` , see [Message broker and protocol limits and quotas](https://docs.aws.amazon.com//general/latest/gr/iot-core.html#limits_iot) in the IoT Core Reference Guide.\n\nSupports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) .", - "title": "MessageExpiry", + "ConnectionName": { + "markdownDescription": "The name of the connection to use to connect to the Hudi target. If your Hudi files are stored in buckets that require VPC authorization, you can set their connection properties here.", + "title": "ConnectionName", "type": "string" }, - "PayloadFormatIndicator": { - "markdownDescription": "An `Enum` string value that indicates whether the payload is formatted as UTF-8.\n\nValid values are `UNSPECIFIED_BYTES` and `UTF8_DATA` .\n\nFor more information, see [Payload Format Indicator](https://docs.aws.amazon.com/https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901111) from the MQTT Version 5.0 specification.\n\nSupports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) .", - "title": "PayloadFormatIndicator", - "type": "string" + "Exclusions": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of glob patterns used to exclude from the crawl. For more information, see [Catalog Tables with a Crawler](https://docs.aws.amazon.com/glue/latest/dg/add-crawler.html) .", + "title": "Exclusions", + "type": "array" }, - "ResponseTopic": { - "markdownDescription": "A UTF-8 encoded string that's used as the topic name for a response message. The response topic is used to describe the topic to which the receiver should publish as part of the request-response flow. The topic must not contain wildcard characters.\n\nFor more information, see [Response Topic](https://docs.aws.amazon.com/https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901114) in the MQTT Version 5.0 specification.\n\nSupports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) .", - "title": "ResponseTopic", - "type": "string" + "MaximumTraversalDepth": { + "markdownDescription": "The maximum depth of Amazon S3 paths that the crawler can traverse to discover the Hudi metadata folder in your Amazon S3 path. Used to limit the crawler run time.", + "title": "MaximumTraversalDepth", + "type": "number" }, - "UserProperties": { + "Paths": { "items": { - "$ref": "#/definitions/AWS::IoT::TopicRule.UserProperty" + "type": "string" }, - "markdownDescription": "An array of key-value pairs that you define in the MQTT5 header.", - "title": "UserProperties", + "markdownDescription": "An array of Amazon S3 location strings for Hudi, each indicating the root folder with which the metadata files for a Hudi table resides. The Hudi folder may be located in a child folder of the root folder.\n\nThe crawler will scan all folders underneath a path for a Hudi folder.", + "title": "Paths", "type": "array" } }, "type": "object" }, - "AWS::IoT::TopicRule.S3Action": { + "AWS::Glue::Crawler.IcebergTarget": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "The Amazon S3 bucket.", - "title": "BucketName", + "ConnectionName": { + "markdownDescription": "The name of the connection to use to connect to the Iceberg target.", + "title": "ConnectionName", "type": "string" }, - "CannedAcl": { - "markdownDescription": "The Amazon S3 canned ACL that controls access to the object identified by the object key. For more information, see [S3 canned ACLs](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) .", - "title": "CannedAcl", - "type": "string" + "Exclusions": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of global patterns used to exclude from the crawl.", + "title": "Exclusions", + "type": "array" }, - "Key": { - "markdownDescription": "The object key. For more information, see [Actions, resources, and condition keys for Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/dev/list_amazons3.html) .", - "title": "Key", - "type": "string" + "MaximumTraversalDepth": { + "markdownDescription": "The maximum depth of Amazon S3 paths that the crawler can traverse to discover the Iceberg metadata folder in your Amazon S3 path. Used to limit the crawler run time.", + "title": "MaximumTraversalDepth", + "type": "number" }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role that grants access.", - "title": "RoleArn", - "type": "string" + "Paths": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more Amazon S3 paths that contains Iceberg metadata folders as s3://bucket/prefix .", + "title": "Paths", + "type": "array" } }, - "required": [ - "BucketName", - "Key", - "RoleArn" - ], "type": "object" }, - "AWS::IoT::TopicRule.SigV4Authorization": { + "AWS::Glue::Crawler.JdbcTarget": { "additionalProperties": false, "properties": { - "RoleArn": { - "markdownDescription": "The ARN of the signing role.", - "title": "RoleArn", + "ConnectionName": { + "markdownDescription": "The name of the connection to use to connect to the JDBC target.", + "title": "ConnectionName", "type": "string" }, - "ServiceName": { - "markdownDescription": "The service name to use while signing with Sig V4.", - "title": "ServiceName", - "type": "string" + "EnableAdditionalMetadata": { + "items": { + "type": "string" + }, + "markdownDescription": "Specify a value of `RAWTYPES` or `COMMENTS` to enable additional metadata in table responses. `RAWTYPES` provides the native-level datatype. `COMMENTS` provides comments associated with a column or table in the database.\n\nIf you do not need additional metadata, keep the field empty.", + "title": "EnableAdditionalMetadata", + "type": "array" }, - "SigningRegion": { - "markdownDescription": "The signing region.", - "title": "SigningRegion", + "Exclusions": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of glob patterns used to exclude from the crawl. For more information, see [Catalog Tables with a Crawler](https://docs.aws.amazon.com/glue/latest/dg/add-crawler.html) .", + "title": "Exclusions", + "type": "array" + }, + "Path": { + "markdownDescription": "The path of the JDBC target.", + "title": "Path", "type": "string" } }, - "required": [ - "RoleArn", - "ServiceName", - "SigningRegion" - ], "type": "object" }, - "AWS::IoT::TopicRule.SnsAction": { + "AWS::Glue::Crawler.LakeFormationConfiguration": { "additionalProperties": false, "properties": { - "MessageFormat": { - "markdownDescription": "(Optional) The message format of the message to publish. Accepted values are \"JSON\" and \"RAW\". The default value of the attribute is \"RAW\". SNS uses this setting to determine if the payload should be parsed and relevant platform-specific bits of the payload should be extracted. For more information, see [Amazon SNS Message and JSON Formats](https://docs.aws.amazon.com/sns/latest/dg/json-formats.html) in the *Amazon Simple Notification Service Developer Guide* .", - "title": "MessageFormat", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role that grants access.", - "title": "RoleArn", + "AccountId": { + "markdownDescription": "Required for cross account crawls. For same account crawls as the target data, this can be left as null.", + "title": "AccountId", "type": "string" }, - "TargetArn": { - "markdownDescription": "The ARN of the SNS topic.", - "title": "TargetArn", - "type": "string" + "UseLakeFormationCredentials": { + "markdownDescription": "Specifies whether to use AWS Lake Formation credentials for the crawler instead of the IAM role credentials.", + "title": "UseLakeFormationCredentials", + "type": "boolean" } }, - "required": [ - "RoleArn", - "TargetArn" - ], "type": "object" }, - "AWS::IoT::TopicRule.SqsAction": { + "AWS::Glue::Crawler.MongoDBTarget": { "additionalProperties": false, "properties": { - "QueueUrl": { - "markdownDescription": "The URL of the Amazon SQS queue.", - "title": "QueueUrl", + "ConnectionName": { + "markdownDescription": "The name of the connection to use to connect to the Amazon DocumentDB or MongoDB target.", + "title": "ConnectionName", "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role that grants access.", - "title": "RoleArn", + "Path": { + "markdownDescription": "The path of the Amazon DocumentDB or MongoDB target (database/collection).", + "title": "Path", "type": "string" - }, - "UseBase64": { - "markdownDescription": "Specifies whether to use Base64 encoding.", - "title": "UseBase64", - "type": "boolean" } }, - "required": [ - "QueueUrl", - "RoleArn" - ], "type": "object" }, - "AWS::IoT::TopicRule.StepFunctionsAction": { + "AWS::Glue::Crawler.RecrawlPolicy": { "additionalProperties": false, "properties": { - "ExecutionNamePrefix": { - "markdownDescription": "(Optional) A name will be given to the state machine execution consisting of this prefix followed by a UUID. Step Functions automatically creates a unique name for each state machine execution if one is not provided.", - "title": "ExecutionNamePrefix", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN of the role that grants IoT permission to start execution of a state machine (\"Action\":\"states:StartExecution\").", - "title": "RoleArn", - "type": "string" - }, - "StateMachineName": { - "markdownDescription": "The name of the Step Functions state machine whose execution will be started.", - "title": "StateMachineName", + "RecrawlBehavior": { + "markdownDescription": "Specifies whether to crawl the entire dataset again or to crawl only folders that were added since the last crawler run.\n\nA value of `CRAWL_EVERYTHING` specifies crawling the entire dataset again.\n\nA value of `CRAWL_NEW_FOLDERS_ONLY` specifies crawling only folders that were added since the last crawler run.\n\nA value of `CRAWL_EVENT_MODE` specifies crawling only the changes identified by Amazon S3 events.", + "title": "RecrawlBehavior", "type": "string" } }, - "required": [ - "RoleArn", - "StateMachineName" - ], "type": "object" }, - "AWS::IoT::TopicRule.Timestamp": { + "AWS::Glue::Crawler.S3Target": { "additionalProperties": false, "properties": { - "Unit": { - "markdownDescription": "The precision of the timestamp value that results from the expression described in `value` .", - "title": "Unit", + "ConnectionName": { + "markdownDescription": "The name of a connection which allows a job or crawler to access data in Amazon S3 within an Amazon Virtual Private Cloud environment (Amazon VPC).", + "title": "ConnectionName", "type": "string" }, - "Value": { - "markdownDescription": "An expression that returns a long epoch time value.", - "title": "Value", + "DlqEventQueueArn": { + "markdownDescription": "A valid Amazon dead-letter SQS ARN. For example, `arn:aws:sqs:region:account:deadLetterQueue` .", + "title": "DlqEventQueueArn", "type": "string" - } - }, - "required": [ - "Value" - ], - "type": "object" - }, - "AWS::IoT::TopicRule.TimestreamAction": { - "additionalProperties": false, - "properties": { - "DatabaseName": { - "markdownDescription": "The name of an Amazon Timestream database that has the table to write records into.", - "title": "DatabaseName", + }, + "EventQueueArn": { + "markdownDescription": "A valid Amazon SQS ARN. For example, `arn:aws:sqs:region:account:sqs` .", + "title": "EventQueueArn", "type": "string" }, - "Dimensions": { + "Exclusions": { "items": { - "$ref": "#/definitions/AWS::IoT::TopicRule.TimestreamDimension" + "type": "string" }, - "markdownDescription": "Metadata attributes of the time series that are written in each measure record.", - "title": "Dimensions", + "markdownDescription": "A list of glob patterns used to exclude from the crawl. For more information, see [Catalog Tables with a Crawler](https://docs.aws.amazon.com/glue/latest/dg/add-crawler.html) .", + "title": "Exclusions", "type": "array" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role that grants AWS IoT permission to write to the Timestream database table.", - "title": "RoleArn", - "type": "string" - }, - "TableName": { - "markdownDescription": "The table where the message data will be written.", - "title": "TableName", + "Path": { + "markdownDescription": "The path to the Amazon S3 target.", + "title": "Path", "type": "string" }, - "Timestamp": { - "$ref": "#/definitions/AWS::IoT::TopicRule.TimestreamTimestamp", - "markdownDescription": "The value to use for the entry's timestamp. If blank, the time that the entry was processed is used.", - "title": "Timestamp" + "SampleSize": { + "markdownDescription": "Sets the number of files in each leaf folder to be crawled when crawling sample files in a dataset. If not set, all the files are crawled. A valid value is an integer between 1 and 249.", + "title": "SampleSize", + "type": "number" } }, - "required": [ - "DatabaseName", - "Dimensions", - "RoleArn", - "TableName" - ], "type": "object" }, - "AWS::IoT::TopicRule.TimestreamDimension": { + "AWS::Glue::Crawler.Schedule": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The metadata dimension name. This is the name of the column in the Amazon Timestream database table record.", - "title": "Name", - "type": "string" - }, - "Value": { - "markdownDescription": "The value to write in this column of the database record.", - "title": "Value", + "ScheduleExpression": { + "markdownDescription": "A `cron` expression used to specify the schedule. For more information, see [Time-Based Schedules for Jobs and Crawlers](https://docs.aws.amazon.com/glue/latest/dg/monitor-data-warehouse-schedule.html) . For example, to run something every day at 12:15 UTC, specify `cron(15 12 * * ? *)` .", + "title": "ScheduleExpression", "type": "string" } }, - "required": [ - "Name", - "Value" - ], "type": "object" }, - "AWS::IoT::TopicRule.TimestreamTimestamp": { + "AWS::Glue::Crawler.SchemaChangePolicy": { "additionalProperties": false, "properties": { - "Unit": { - "markdownDescription": "The precision of the timestamp value that results from the expression described in `value` .", - "title": "Unit", + "DeleteBehavior": { + "markdownDescription": "The deletion behavior when the crawler finds a deleted object.\n\nA value of `LOG` specifies that if a table or partition is found to no longer exist, do not delete it, only log that it was found to no longer exist.\n\nA value of `DELETE_FROM_DATABASE` specifies that if a table or partition is found to have been removed, delete it from the database.\n\nA value of `DEPRECATE_IN_DATABASE` specifies that if a table has been found to no longer exist, to add a property to the table that says \"DEPRECATED\" and includes a timestamp with the time of deprecation.", + "title": "DeleteBehavior", "type": "string" }, - "Value": { - "markdownDescription": "An expression that returns a long epoch time value.", - "title": "Value", + "UpdateBehavior": { + "markdownDescription": "The update behavior when the crawler finds a changed schema.\n\nA value of `LOG` specifies that if a table or a partition already exists, and a change is detected, do not update it, only log that a change was detected. Add new tables and new partitions (including on existing tables).\n\nA value of `UPDATE_IN_DATABASE` specifies that if a table or partition already exists, and a change is detected, update it. Add new tables and partitions.", + "title": "UpdateBehavior", "type": "string" } }, - "required": [ - "Unit", - "Value" - ], "type": "object" }, - "AWS::IoT::TopicRule.TopicRulePayload": { + "AWS::Glue::Crawler.Targets": { "additionalProperties": false, "properties": { - "Actions": { + "CatalogTargets": { "items": { - "$ref": "#/definitions/AWS::IoT::TopicRule.Action" + "$ref": "#/definitions/AWS::Glue::Crawler.CatalogTarget" }, - "markdownDescription": "The actions associated with the rule.", - "title": "Actions", + "markdownDescription": "Specifies AWS Glue Data Catalog targets.", + "title": "CatalogTargets", "type": "array" }, - "AwsIotSqlVersion": { - "markdownDescription": "The version of the SQL rules engine to use when evaluating the rule.\n\nThe default value is 2015-10-08.", - "title": "AwsIotSqlVersion", - "type": "string" + "DeltaTargets": { + "items": { + "$ref": "#/definitions/AWS::Glue::Crawler.DeltaTarget" + }, + "markdownDescription": "Specifies an array of Delta data store targets.", + "title": "DeltaTargets", + "type": "array" }, - "Description": { - "markdownDescription": "The description of the rule.", - "title": "Description", - "type": "string" + "DynamoDBTargets": { + "items": { + "$ref": "#/definitions/AWS::Glue::Crawler.DynamoDBTarget" + }, + "markdownDescription": "Specifies Amazon DynamoDB targets.", + "title": "DynamoDBTargets", + "type": "array" }, - "ErrorAction": { - "$ref": "#/definitions/AWS::IoT::TopicRule.Action", - "markdownDescription": "The action to take when an error occurs.", - "title": "ErrorAction" + "HudiTargets": { + "items": { + "$ref": "#/definitions/AWS::Glue::Crawler.HudiTarget" + }, + "markdownDescription": "", + "title": "HudiTargets", + "type": "array" }, - "RuleDisabled": { - "markdownDescription": "Specifies whether the rule is disabled.", - "title": "RuleDisabled", - "type": "boolean" + "IcebergTargets": { + "items": { + "$ref": "#/definitions/AWS::Glue::Crawler.IcebergTarget" + }, + "markdownDescription": "Specifies Apache Iceberg data store targets.", + "title": "IcebergTargets", + "type": "array" }, - "Sql": { - "markdownDescription": "The SQL statement used to query the topic. For more information, see [AWS IoT SQL Reference](https://docs.aws.amazon.com/iot/latest/developerguide/iot-sql-reference.html) in the *AWS IoT Developer Guide* .", - "title": "Sql", - "type": "string" + "JdbcTargets": { + "items": { + "$ref": "#/definitions/AWS::Glue::Crawler.JdbcTarget" + }, + "markdownDescription": "Specifies JDBC targets.", + "title": "JdbcTargets", + "type": "array" + }, + "MongoDBTargets": { + "items": { + "$ref": "#/definitions/AWS::Glue::Crawler.MongoDBTarget" + }, + "markdownDescription": "A list of Mongo DB targets.", + "title": "MongoDBTargets", + "type": "array" + }, + "S3Targets": { + "items": { + "$ref": "#/definitions/AWS::Glue::Crawler.S3Target" + }, + "markdownDescription": "Specifies Amazon Simple Storage Service (Amazon S3) targets.", + "title": "S3Targets", + "type": "array" } }, - "required": [ - "Actions", - "Sql" - ], "type": "object" }, - "AWS::IoT::TopicRule.UserProperty": { + "AWS::Glue::CustomEntityType": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "A key to be specified in `UserProperty` .", - "title": "Key", + "Condition": { "type": "string" }, - "Value": { - "markdownDescription": "A value to be specified in `UserProperty` .", - "title": "Value", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ContextWords": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of context words. If none of these context words are found within the vicinity of the regular expression the data will not be detected as sensitive data.\n\nIf no context words are passed only a regular expression is checked.", + "title": "ContextWords", + "type": "array" + }, + "Name": { + "markdownDescription": "A name for the custom pattern that allows it to be retrieved or deleted later. This name must be unique per AWS account.", + "title": "Name", + "type": "string" + }, + "RegexString": { + "markdownDescription": "A regular expression string that is used for detecting sensitive data in a custom pattern.", + "title": "RegexString", + "type": "string" + }, + "Tags": { + "markdownDescription": "AWS tags that contain a key value pair and may be searched by console, command line, or API.", + "title": "Tags", + "type": "object" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Glue::CustomEntityType" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Key", - "Value" + "Type" ], "type": "object" }, - "AWS::IoT::TopicRuleDestination": { + "AWS::Glue::DataCatalogEncryptionSettings": { "additionalProperties": false, "properties": { "Condition": { @@ -124726,27 +129869,26 @@ "Properties": { "additionalProperties": false, "properties": { - "HttpUrlProperties": { - "$ref": "#/definitions/AWS::IoT::TopicRuleDestination.HttpUrlDestinationSummary", - "markdownDescription": "Properties of the HTTP URL.", - "title": "HttpUrlProperties" - }, - "Status": { - "markdownDescription": "- **IN_PROGRESS** - A topic rule destination was created but has not been confirmed. You can set status to `IN_PROGRESS` by calling `UpdateTopicRuleDestination` . Calling `UpdateTopicRuleDestination` causes a new confirmation challenge to be sent to your confirmation endpoint.\n- **ENABLED** - Confirmation was completed, and traffic to this destination is allowed. You can set status to `DISABLED` by calling `UpdateTopicRuleDestination` .\n- **DISABLED** - Confirmation was completed, and traffic to this destination is not allowed. You can set status to `ENABLED` by calling `UpdateTopicRuleDestination` .\n- **ERROR** - Confirmation could not be completed; for example, if the confirmation timed out. You can call `GetTopicRuleDestination` for details about the error. You can set status to `IN_PROGRESS` by calling `UpdateTopicRuleDestination` . Calling `UpdateTopicRuleDestination` causes a new confirmation challenge to be sent to your confirmation endpoint.", - "title": "Status", + "CatalogId": { + "markdownDescription": "The ID of the Data Catalog in which the settings are created.", + "title": "CatalogId", "type": "string" }, - "VpcProperties": { - "$ref": "#/definitions/AWS::IoT::TopicRuleDestination.VpcDestinationProperties", - "markdownDescription": "Properties of the virtual private cloud (VPC) connection.", - "title": "VpcProperties" + "DataCatalogEncryptionSettings": { + "$ref": "#/definitions/AWS::Glue::DataCatalogEncryptionSettings.DataCatalogEncryptionSettings", + "markdownDescription": "Contains configuration information for maintaining Data Catalog security.", + "title": "DataCatalogEncryptionSettings" } }, + "required": [ + "CatalogId", + "DataCatalogEncryptionSettings" + ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::TopicRuleDestination" + "AWS::Glue::DataCatalogEncryptionSettings" ], "type": "string" }, @@ -124760,54 +129902,65 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoT::TopicRuleDestination.HttpUrlDestinationSummary": { + "AWS::Glue::DataCatalogEncryptionSettings.ConnectionPasswordEncryption": { "additionalProperties": false, "properties": { - "ConfirmationUrl": { - "markdownDescription": "The URL used to confirm the HTTP topic rule destination URL.", - "title": "ConfirmationUrl", + "KmsKeyId": { + "markdownDescription": "An AWS KMS key that is used to encrypt the connection password.\n\nIf connection password protection is enabled, the caller of `CreateConnection` and `UpdateConnection` needs at least `kms:Encrypt` permission on the specified AWS KMS key, to encrypt passwords before storing them in the Data Catalog. You can set the decrypt permission to enable or restrict access on the password key according to your security requirements.", + "title": "KmsKeyId", "type": "string" + }, + "ReturnConnectionPasswordEncrypted": { + "markdownDescription": "When the `ReturnConnectionPasswordEncrypted` flag is set to \"true\", passwords remain encrypted in the responses of `GetConnection` and `GetConnections` . This encryption takes effect independently from catalog encryption.", + "title": "ReturnConnectionPasswordEncrypted", + "type": "boolean" } }, "type": "object" }, - "AWS::IoT::TopicRuleDestination.VpcDestinationProperties": { + "AWS::Glue::DataCatalogEncryptionSettings.DataCatalogEncryptionSettings": { "additionalProperties": false, "properties": { - "RoleArn": { - "markdownDescription": "The ARN of a role that has permission to create and attach to elastic network interfaces (ENIs).", - "title": "RoleArn", - "type": "string" + "ConnectionPasswordEncryption": { + "$ref": "#/definitions/AWS::Glue::DataCatalogEncryptionSettings.ConnectionPasswordEncryption", + "markdownDescription": "When connection password protection is enabled, the Data Catalog uses a customer-provided key to encrypt the password as part of `CreateConnection` or `UpdateConnection` and store it in the `ENCRYPTED_PASSWORD` field in the connection properties. You can enable catalog encryption or only password encryption.", + "title": "ConnectionPasswordEncryption" }, - "SecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "The security groups of the VPC destination.", - "title": "SecurityGroups", - "type": "array" + "EncryptionAtRest": { + "$ref": "#/definitions/AWS::Glue::DataCatalogEncryptionSettings.EncryptionAtRest", + "markdownDescription": "Specifies the encryption-at-rest configuration for the Data Catalog.", + "title": "EncryptionAtRest" + } + }, + "type": "object" + }, + "AWS::Glue::DataCatalogEncryptionSettings.EncryptionAtRest": { + "additionalProperties": false, + "properties": { + "CatalogEncryptionMode": { + "markdownDescription": "The encryption-at-rest mode for encrypting Data Catalog data.", + "title": "CatalogEncryptionMode", + "type": "string" }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The subnet IDs of the VPC destination.", - "title": "SubnetIds", - "type": "array" + "CatalogEncryptionServiceRole": { + "markdownDescription": "The role that AWS Glue assumes to encrypt and decrypt the Data Catalog objects on the caller's behalf.", + "title": "CatalogEncryptionServiceRole", + "type": "string" }, - "VpcId": { - "markdownDescription": "The ID of the VPC.", - "title": "VpcId", + "SseAwsKmsKeyId": { + "markdownDescription": "The ID of the AWS KMS key to use for encryption at rest.", + "title": "SseAwsKmsKeyId", "type": "string" } }, "type": "object" }, - "AWS::IoTAnalytics::Channel": { + "AWS::Glue::DataQualityRuleset": { "additionalProperties": false, "properties": { "Condition": { @@ -124842,35 +129995,42 @@ "Properties": { "additionalProperties": false, "properties": { - "ChannelName": { - "markdownDescription": "The name of the channel.", - "title": "ChannelName", + "ClientToken": { + "markdownDescription": "Used for idempotency and is recommended to be set to a random ID (such as a UUID) to avoid creating or starting multiple instances of the same resource.", + "title": "ClientToken", "type": "string" }, - "ChannelStorage": { - "$ref": "#/definitions/AWS::IoTAnalytics::Channel.ChannelStorage", - "markdownDescription": "Where channel data is stored.", - "title": "ChannelStorage" + "Description": { + "markdownDescription": "A description of the data quality ruleset.", + "title": "Description", + "type": "string" }, - "RetentionPeriod": { - "$ref": "#/definitions/AWS::IoTAnalytics::Channel.RetentionPeriod", - "markdownDescription": "How long, in days, message data is kept for the channel.", - "title": "RetentionPeriod" + "Name": { + "markdownDescription": "The name of the data quality ruleset.", + "title": "Name", + "type": "string" + }, + "Ruleset": { + "markdownDescription": "A Data Quality Definition Language (DQDL) ruleset. For more information see the AWS Glue Developer Guide.", + "title": "Ruleset", + "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata which can be used to manage the channel.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "A list of tags applied to the data quality ruleset.", "title": "Tags", - "type": "array" + "type": "object" + }, + "TargetTable": { + "$ref": "#/definitions/AWS::Glue::DataQualityRuleset.DataQualityTargetTable", + "markdownDescription": "An object representing an AWS Glue table.", + "title": "TargetTable" } }, "type": "object" }, "Type": { "enum": [ - "AWS::IoTAnalytics::Channel" + "AWS::Glue::DataQualityRuleset" ], "type": "string" }, @@ -124888,64 +130048,23 @@ ], "type": "object" }, - "AWS::IoTAnalytics::Channel.ChannelStorage": { - "additionalProperties": false, - "properties": { - "CustomerManagedS3": { - "$ref": "#/definitions/AWS::IoTAnalytics::Channel.CustomerManagedS3", - "markdownDescription": "Used to store channel data in an S3 bucket that you manage. If customer managed storage is selected, the `retentionPeriod` parameter is ignored. You can't change the choice of S3 storage after the data store is created.", - "title": "CustomerManagedS3" - }, - "ServiceManagedS3": { - "markdownDescription": "Used to store channel data in an S3 bucket managed by AWS IoT Analytics . You can't change the choice of S3 storage after the data store is created.", - "title": "ServiceManagedS3", - "type": "object" - } - }, - "type": "object" - }, - "AWS::IoTAnalytics::Channel.CustomerManagedS3": { + "AWS::Glue::DataQualityRuleset.DataQualityTargetTable": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The name of the S3 bucket in which channel data is stored.", - "title": "Bucket", - "type": "string" - }, - "KeyPrefix": { - "markdownDescription": "(Optional) The prefix used to create the keys of the channel data objects. Each object in an S3 bucket has a key that is its unique identifier within the bucket (each object in a bucket has exactly one key). The prefix must end with a forward slash (/).", - "title": "KeyPrefix", + "DatabaseName": { + "markdownDescription": "The name of the database where the AWS Glue table exists.", + "title": "DatabaseName", "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the role that grants AWS IoT Analytics permission to interact with your Amazon S3 resources.", - "title": "RoleArn", + "TableName": { + "markdownDescription": "The name of the AWS Glue table.", + "title": "TableName", "type": "string" } }, - "required": [ - "Bucket", - "RoleArn" - ], - "type": "object" - }, - "AWS::IoTAnalytics::Channel.RetentionPeriod": { - "additionalProperties": false, - "properties": { - "NumberOfDays": { - "markdownDescription": "The number of days that message data is kept. The `unlimited` parameter must be false.", - "title": "NumberOfDays", - "type": "number" - }, - "Unlimited": { - "markdownDescription": "If true, message data is kept indefinitely.", - "title": "Unlimited", - "type": "boolean" - } - }, "type": "object" }, - "AWS::IoTAnalytics::Dataset": { + "AWS::Glue::Database": { "additionalProperties": false, "properties": { "Condition": { @@ -124980,70 +130099,31 @@ "Properties": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.Action" - }, - "markdownDescription": "The `DatasetAction` objects that automatically create the dataset contents.", - "title": "Actions", - "type": "array" - }, - "ContentDeliveryRules": { - "items": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.DatasetContentDeliveryRule" - }, - "markdownDescription": "When dataset contents are created they are delivered to destinations specified here.", - "title": "ContentDeliveryRules", - "type": "array" - }, - "DatasetName": { - "markdownDescription": "The name of the dataset.", - "title": "DatasetName", + "CatalogId": { + "markdownDescription": "The AWS account ID for the account in which to create the catalog object.\n\n> To specify the account ID, you can use the `Ref` intrinsic function with the `AWS::AccountId` pseudo parameter. For example: `!Ref AWS::AccountId`", + "title": "CatalogId", "type": "string" }, - "LateDataRules": { - "items": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.LateDataRule" - }, - "markdownDescription": "A list of data rules that send notifications to CloudWatch, when data arrives late. To specify `lateDataRules` , the dataset must use a [DeltaTimer](https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_DeltaTime.html) filter.", - "title": "LateDataRules", - "type": "array" - }, - "RetentionPeriod": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.RetentionPeriod", - "markdownDescription": "Optional. How long, in days, message data is kept for the dataset.", - "title": "RetentionPeriod" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata which can be used to manage the data set.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - }, - "Triggers": { - "items": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.Trigger" - }, - "markdownDescription": "The `DatasetTrigger` objects that specify when the dataset is automatically updated.", - "title": "Triggers", - "type": "array" + "DatabaseInput": { + "$ref": "#/definitions/AWS::Glue::Database.DatabaseInput", + "markdownDescription": "The metadata for the database.", + "title": "DatabaseInput" }, - "VersioningConfiguration": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.VersioningConfiguration", - "markdownDescription": "Optional. How many versions of dataset contents are kept. If not specified or set to null, only the latest version plus the latest succeeded version (if they are different) are kept for the time period specified by the `retentionPeriod` parameter. For more information, see [Keeping Multiple Versions of AWS IoT Analytics datasets](https://docs.aws.amazon.com/iotanalytics/latest/userguide/getting-started.html#aws-iot-analytics-dataset-versions) in the *AWS IoT Analytics User Guide* .", - "title": "VersioningConfiguration" + "DatabaseName": { + "markdownDescription": "The name of the catalog database.", + "title": "DatabaseName", + "type": "string" } }, "required": [ - "Actions" + "CatalogId", + "DatabaseInput" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTAnalytics::Dataset" + "AWS::Glue::Database" ], "type": "string" }, @@ -125062,426 +130142,501 @@ ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.Action": { + "AWS::Glue::Database.DataLakePrincipal": { "additionalProperties": false, "properties": { - "ActionName": { - "markdownDescription": "The name of the data set action by which data set contents are automatically created.", - "title": "ActionName", + "DataLakePrincipalIdentifier": { + "markdownDescription": "An identifier for the AWS Lake Formation principal.", + "title": "DataLakePrincipalIdentifier", "type": "string" - }, - "ContainerAction": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.ContainerAction", - "markdownDescription": "Information which allows the system to run a containerized application in order to create the data set contents. The application must be in a Docker container along with any needed support libraries.", - "title": "ContainerAction" - }, - "QueryAction": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.QueryAction", - "markdownDescription": "An \"SqlQueryDatasetAction\" object that uses an SQL query to automatically create data set contents.", - "title": "QueryAction" } }, - "required": [ - "ActionName" - ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.ContainerAction": { + "AWS::Glue::Database.DatabaseIdentifier": { "additionalProperties": false, "properties": { - "ExecutionRoleArn": { - "markdownDescription": "The ARN of the role which gives permission to the system to access needed resources in order to run the \"containerAction\". This includes, at minimum, permission to retrieve the data set contents which are the input to the containerized application.", - "title": "ExecutionRoleArn", + "CatalogId": { + "markdownDescription": "The ID of the Data Catalog in which the database resides.", + "title": "CatalogId", "type": "string" }, - "Image": { - "markdownDescription": "The ARN of the Docker container stored in your account. The Docker container contains an application and needed support libraries and is used to generate data set contents.", - "title": "Image", + "DatabaseName": { + "markdownDescription": "The name of the catalog database.", + "title": "DatabaseName", "type": "string" }, - "ResourceConfiguration": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.ResourceConfiguration", - "markdownDescription": "Configuration of the resource which executes the \"containerAction\".", - "title": "ResourceConfiguration" - }, - "Variables": { - "items": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.Variable" - }, - "markdownDescription": "The values of variables used within the context of the execution of the containerized application (basically, parameters passed to the application). Each variable must have a name and a value given by one of \"stringValue\", \"datasetContentVersionValue\", or \"outputFileUriValue\".", - "title": "Variables", - "type": "array" - } - }, - "required": [ - "ExecutionRoleArn", - "Image", - "ResourceConfiguration" - ], - "type": "object" - }, - "AWS::IoTAnalytics::Dataset.DatasetContentDeliveryRule": { - "additionalProperties": false, - "properties": { - "Destination": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.DatasetContentDeliveryRuleDestination", - "markdownDescription": "The destination to which dataset contents are delivered.", - "title": "Destination" - }, - "EntryName": { - "markdownDescription": "The name of the dataset content delivery rules entry.", - "title": "EntryName", + "Region": { + "markdownDescription": "The Region of the database.", + "title": "Region", "type": "string" } }, - "required": [ - "Destination" - ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.DatasetContentDeliveryRuleDestination": { + "AWS::Glue::Database.DatabaseInput": { "additionalProperties": false, "properties": { - "IotEventsDestinationConfiguration": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.IotEventsDestinationConfiguration", - "markdownDescription": "Configuration information for delivery of dataset contents to AWS IoT Events .", - "title": "IotEventsDestinationConfiguration" + "CreateTableDefaultPermissions": { + "items": { + "$ref": "#/definitions/AWS::Glue::Database.PrincipalPrivileges" + }, + "markdownDescription": "Creates a set of default permissions on the table for principals. Used by AWS Lake Formation . Not used in the normal course of AWS Glue operations.", + "title": "CreateTableDefaultPermissions", + "type": "array" }, - "S3DestinationConfiguration": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.S3DestinationConfiguration", - "markdownDescription": "Configuration information for delivery of dataset contents to Amazon S3.", - "title": "S3DestinationConfiguration" - } - }, - "type": "object" - }, - "AWS::IoTAnalytics::Dataset.DatasetContentVersionValue": { - "additionalProperties": false, - "properties": { - "DatasetName": { - "markdownDescription": "The name of the dataset whose latest contents are used as input to the notebook or application.", - "title": "DatasetName", + "Description": { + "markdownDescription": "A description of the database.", + "title": "Description", "type": "string" - } - }, - "required": [ - "DatasetName" - ], - "type": "object" - }, - "AWS::IoTAnalytics::Dataset.DeltaTime": { - "additionalProperties": false, - "properties": { - "OffsetSeconds": { - "markdownDescription": "The number of seconds of estimated in-flight lag time of message data. When you create dataset contents using message data from a specified timeframe, some message data might still be in flight when processing begins, and so do not arrive in time to be processed. Use this field to make allowances for the in flight time of your message data, so that data not processed from a previous timeframe is included with the next timeframe. Otherwise, missed message data would be excluded from processing during the next timeframe too, because its timestamp places it within the previous timeframe.", - "title": "OffsetSeconds", - "type": "number" }, - "TimeExpression": { - "markdownDescription": "An expression by which the time of the message data might be determined. This can be the name of a timestamp field or a SQL expression that is used to derive the time the message data was generated.", - "title": "TimeExpression", - "type": "string" - } - }, - "required": [ - "OffsetSeconds", - "TimeExpression" - ], - "type": "object" - }, - "AWS::IoTAnalytics::Dataset.DeltaTimeSessionWindowConfiguration": { - "additionalProperties": false, - "properties": { - "TimeoutInMinutes": { - "markdownDescription": "A time interval. You can use `timeoutInMinutes` so that AWS IoT Analytics can batch up late data notifications that have been generated since the last execution. AWS IoT Analytics sends one batch of notifications to Amazon CloudWatch Events at one time.\n\nFor more information about how to write a timestamp expression, see [Date and Time Functions and Operators](https://docs.aws.amazon.com/https://prestodb.io/docs/current/functions/datetime.html) , in the *Presto 0.172 Documentation* .", - "title": "TimeoutInMinutes", - "type": "number" - } - }, - "required": [ - "TimeoutInMinutes" - ], - "type": "object" - }, - "AWS::IoTAnalytics::Dataset.Filter": { - "additionalProperties": false, - "properties": { - "DeltaTime": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.DeltaTime", - "markdownDescription": "Used to limit data to that which has arrived since the last execution of the action.", - "title": "DeltaTime" - } - }, - "type": "object" - }, - "AWS::IoTAnalytics::Dataset.GlueConfiguration": { - "additionalProperties": false, - "properties": { - "DatabaseName": { - "markdownDescription": "The name of the database in your AWS Glue Data Catalog in which the table is located. An AWS Glue Data Catalog database contains metadata tables.", - "title": "DatabaseName", - "type": "string" + "FederatedDatabase": { + "$ref": "#/definitions/AWS::Glue::Database.FederatedDatabase", + "markdownDescription": "A `FederatedDatabase` structure that references an entity outside the AWS Glue Data Catalog .", + "title": "FederatedDatabase" }, - "TableName": { - "markdownDescription": "The name of the table in your AWS Glue Data Catalog that is used to perform the ETL operations. An AWS Glue Data Catalog table contains partitioned data and descriptions of data sources and targets.", - "title": "TableName", - "type": "string" - } - }, - "required": [ - "DatabaseName", - "TableName" - ], - "type": "object" - }, - "AWS::IoTAnalytics::Dataset.IotEventsDestinationConfiguration": { - "additionalProperties": false, - "properties": { - "InputName": { - "markdownDescription": "The name of the AWS IoT Events input to which dataset contents are delivered.", - "title": "InputName", + "LocationUri": { + "markdownDescription": "The location of the database (for example, an HDFS path).", + "title": "LocationUri", "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the role that grants AWS IoT Analytics permission to deliver dataset contents to an AWS IoT Events input.", - "title": "RoleArn", + "Name": { + "markdownDescription": "The name of the database. For Hive compatibility, this is folded to lowercase when it is stored.", + "title": "Name", "type": "string" - } - }, - "required": [ - "InputName", - "RoleArn" - ], - "type": "object" - }, - "AWS::IoTAnalytics::Dataset.LateDataRule": { - "additionalProperties": false, - "properties": { - "RuleConfiguration": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.LateDataRuleConfiguration", - "markdownDescription": "The information needed to configure the late data rule.", - "title": "RuleConfiguration" }, - "RuleName": { - "markdownDescription": "The name of the late data rule.", - "title": "RuleName", - "type": "string" - } - }, - "required": [ - "RuleConfiguration" - ], - "type": "object" - }, - "AWS::IoTAnalytics::Dataset.LateDataRuleConfiguration": { - "additionalProperties": false, - "properties": { - "DeltaTimeSessionWindowConfiguration": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.DeltaTimeSessionWindowConfiguration", - "markdownDescription": "The information needed to configure a delta time session window.", - "title": "DeltaTimeSessionWindowConfiguration" + "Parameters": { + "markdownDescription": "These key-value pairs define parameters and properties of the database.", + "title": "Parameters", + "type": "object" + }, + "TargetDatabase": { + "$ref": "#/definitions/AWS::Glue::Database.DatabaseIdentifier", + "markdownDescription": "A `DatabaseIdentifier` structure that describes a target database for resource linking.", + "title": "TargetDatabase" } }, "type": "object" }, - "AWS::IoTAnalytics::Dataset.OutputFileUriValue": { + "AWS::Glue::Database.FederatedDatabase": { "additionalProperties": false, "properties": { - "FileName": { - "markdownDescription": "The URI of the location where dataset contents are stored, usually the URI of a file in an S3 bucket.", - "title": "FileName", + "ConnectionName": { + "markdownDescription": "The name of the connection to the external metastore.", + "title": "ConnectionName", + "type": "string" + }, + "Identifier": { + "markdownDescription": "A unique identifier for the federated database.", + "title": "Identifier", "type": "string" } }, - "required": [ - "FileName" - ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.QueryAction": { + "AWS::Glue::Database.PrincipalPrivileges": { "additionalProperties": false, "properties": { - "Filters": { + "Permissions": { "items": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.Filter" + "type": "string" }, - "markdownDescription": "Pre-filters applied to message data.", - "title": "Filters", + "markdownDescription": "The permissions that are granted to the principal.", + "title": "Permissions", "type": "array" }, - "SqlQuery": { - "markdownDescription": "An \"SqlQueryDatasetAction\" object that uses an SQL query to automatically create data set contents.", - "title": "SqlQuery", - "type": "string" + "Principal": { + "$ref": "#/definitions/AWS::Glue::Database.DataLakePrincipal", + "markdownDescription": "The principal who is granted permissions.", + "title": "Principal" } }, - "required": [ - "SqlQuery" - ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.ResourceConfiguration": { + "AWS::Glue::DevEndpoint": { "additionalProperties": false, "properties": { - "ComputeType": { - "markdownDescription": "The type of the compute resource used to execute the `containerAction` . Possible values are: `ACU_1` (vCPU=4, memory=16 GiB) or `ACU_2` (vCPU=8, memory=32 GiB).", - "title": "ComputeType", + "Condition": { "type": "string" }, - "VolumeSizeInGB": { - "markdownDescription": "The size, in GB, of the persistent storage available to the resource instance used to execute the `containerAction` (min: 1, max: 50).", - "title": "VolumeSizeInGB", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Arguments": { + "markdownDescription": "A map of arguments used to configure the `DevEndpoint` .\n\nValid arguments are:\n\n- `\"--enable-glue-datacatalog\": \"\"`\n- `\"GLUE_PYTHON_VERSION\": \"3\"`\n- `\"GLUE_PYTHON_VERSION\": \"2\"`\n\nYou can specify a version of Python support for development endpoints by using the `Arguments` parameter in the `CreateDevEndpoint` or `UpdateDevEndpoint` APIs. If no arguments are provided, the version defaults to Python 2.", + "title": "Arguments", + "type": "object" + }, + "EndpointName": { + "markdownDescription": "The name of the `DevEndpoint` .", + "title": "EndpointName", + "type": "string" + }, + "ExtraJarsS3Path": { + "markdownDescription": "The path to one or more Java `.jar` files in an S3 bucket that should be loaded in your `DevEndpoint` .\n\n> You can only use pure Java/Scala libraries with a `DevEndpoint` .", + "title": "ExtraJarsS3Path", + "type": "string" + }, + "ExtraPythonLibsS3Path": { + "markdownDescription": "The paths to one or more Python libraries in an Amazon S3 bucket that should be loaded in your `DevEndpoint` . Multiple values must be complete paths separated by a comma.\n\n> You can only use pure Python libraries with a `DevEndpoint` . Libraries that rely on C extensions, such as the [pandas](https://docs.aws.amazon.com/http://pandas.pydata.org/) Python data analysis library, are not currently supported.", + "title": "ExtraPythonLibsS3Path", + "type": "string" + }, + "GlueVersion": { + "markdownDescription": "The AWS Glue version determines the versions of Apache Spark and Python that AWS Glue supports. The Python version indicates the version supported for running your ETL scripts on development endpoints.\n\nFor more information about the available AWS Glue versions and corresponding Spark and Python versions, see [Glue version](https://docs.aws.amazon.com/glue/latest/dg/add-job.html) in the developer guide.\n\nDevelopment endpoints that are created without specifying a Glue version default to Glue 0.9.\n\nYou can specify a version of Python support for development endpoints by using the `Arguments` parameter in the `CreateDevEndpoint` or `UpdateDevEndpoint` APIs. If no arguments are provided, the version defaults to Python 2.", + "title": "GlueVersion", + "type": "string" + }, + "NumberOfNodes": { + "markdownDescription": "The number of AWS Glue Data Processing Units (DPUs) allocated to this `DevEndpoint` .", + "title": "NumberOfNodes", + "type": "number" + }, + "NumberOfWorkers": { + "markdownDescription": "The number of workers of a defined `workerType` that are allocated to the development endpoint.\n\nThe maximum number of workers you can define are 299 for `G.1X` , and 149 for `G.2X` .", + "title": "NumberOfWorkers", + "type": "number" + }, + "PublicKey": { + "markdownDescription": "The public key to be used by this `DevEndpoint` for authentication. This attribute is provided for backward compatibility because the recommended attribute to use is public keys.", + "title": "PublicKey", + "type": "string" + }, + "PublicKeys": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of public keys to be used by the `DevEndpoints` for authentication. Using this attribute is preferred over a single public key because the public keys allow you to have a different private key per client.\n\n> If you previously created an endpoint with a public key, you must remove that key to be able to set a list of public keys. Call the `UpdateDevEndpoint` API operation with the public key content in the `deletePublicKeys` attribute, and the list of new keys in the `addPublicKeys` attribute.", + "title": "PublicKeys", + "type": "array" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role used in this `DevEndpoint` .", + "title": "RoleArn", + "type": "string" + }, + "SecurityConfiguration": { + "markdownDescription": "The name of the `SecurityConfiguration` structure to be used with this `DevEndpoint` .", + "title": "SecurityConfiguration", + "type": "string" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of security group identifiers used in this `DevEndpoint` .", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetId": { + "markdownDescription": "The subnet ID for this `DevEndpoint` .", + "title": "SubnetId", + "type": "string" + }, + "Tags": { + "markdownDescription": "The tags to use with this DevEndpoint.", + "title": "Tags", + "type": "object" + }, + "WorkerType": { + "markdownDescription": "The type of predefined worker that is allocated to the development endpoint. Accepts a value of Standard, G.1X, or G.2X.\n\n- For the `Standard` worker type, each worker provides 4 vCPU, 16 GB of memory and a 50GB disk, and 2 executors per worker.\n- For the `G.1X` worker type, each worker maps to 1 DPU (4 vCPU, 16 GB of memory, 64 GB disk), and provides 1 executor per worker. We recommend this worker type for memory-intensive jobs.\n- For the `G.2X` worker type, each worker maps to 2 DPU (8 vCPU, 32 GB of memory, 128 GB disk), and provides 1 executor per worker. We recommend this worker type for memory-intensive jobs.\n\nKnown issue: when a development endpoint is created with the `G.2X` `WorkerType` configuration, the Spark drivers for the development endpoint will run on 4 vCPU, 16 GB of memory, and a 64 GB disk.", + "title": "WorkerType", + "type": "string" + } + }, + "required": [ + "RoleArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Glue::DevEndpoint" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "ComputeType", - "VolumeSizeInGB" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.RetentionPeriod": { + "AWS::Glue::Job": { "additionalProperties": false, "properties": { - "NumberOfDays": { - "markdownDescription": "The number of days that message data is kept. The `unlimited` parameter must be false.", - "title": "NumberOfDays", - "type": "number" + "Condition": { + "type": "string" }, - "Unlimited": { - "markdownDescription": "If true, message data is kept indefinitely.", - "title": "Unlimited", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::IoTAnalytics::Dataset.S3DestinationConfiguration": { - "additionalProperties": false, - "properties": { - "Bucket": { - "markdownDescription": "The name of the S3 bucket to which dataset contents are delivered.", - "title": "Bucket", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "GlueConfiguration": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.GlueConfiguration", - "markdownDescription": "Configuration information for coordination with AWS Glue , a fully managed extract, transform and load (ETL) service.", - "title": "GlueConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Key": { - "markdownDescription": "The key of the dataset contents object in an S3 bucket. Each object has a key that is a unique identifier. Each object has exactly one key.\n\nYou can create a unique key with the following options:\n\n- Use `!{iotanalytics:scheduleTime}` to insert the time of a scheduled SQL query run.\n- Use `!{iotanalytics:versionId}` to insert a unique hash that identifies a dataset content.\n- Use `!{iotanalytics:creationTime}` to insert the creation time of a dataset content.\n\nThe following example creates a unique key for a CSV file: `dataset/mydataset/!{iotanalytics:scheduleTime}/!{iotanalytics:versionId}.csv`\n\n> If you don't use `!{iotanalytics:versionId}` to specify the key, you might get duplicate keys. For example, you might have two dataset contents with the same `scheduleTime` but different `versionId` s. This means that one dataset content overwrites the other.", - "title": "Key", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AllocatedCapacity": { + "markdownDescription": "This parameter is no longer supported. Use `MaxCapacity` instead.\n\nThe number of capacity units that are allocated to this job.", + "title": "AllocatedCapacity", + "type": "number" + }, + "Command": { + "$ref": "#/definitions/AWS::Glue::Job.JobCommand", + "markdownDescription": "The code that executes a job.", + "title": "Command" + }, + "Connections": { + "$ref": "#/definitions/AWS::Glue::Job.ConnectionsList", + "markdownDescription": "The connections used for this job.", + "title": "Connections" + }, + "DefaultArguments": { + "markdownDescription": "The default arguments for this job, specified as name-value pairs.\n\nYou can specify arguments here that your own job-execution script consumes, in addition to arguments that AWS Glue itself consumes.\n\nFor information about how to specify and consume your own job arguments, see [Calling AWS Glue APIs in Python](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-python-calling.html) in the *AWS Glue Developer Guide* .\n\nFor information about the key-value pairs that AWS Glue consumes to set up your job, see [Special Parameters Used by AWS Glue](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-etl-glue-arguments.html) in the *AWS Glue Developer Guide* .", + "title": "DefaultArguments", + "type": "object" + }, + "Description": { + "markdownDescription": "A description of the job.", + "title": "Description", + "type": "string" + }, + "ExecutionClass": { + "markdownDescription": "Indicates whether the job is run with a standard or flexible execution class. The standard execution class is ideal for time-sensitive workloads that require fast job startup and dedicated resources.\n\nThe flexible execution class is appropriate for time-insensitive jobs whose start and completion times may vary.\n\nOnly jobs with AWS Glue version 3.0 and above and command type `glueetl` will be allowed to set `ExecutionClass` to `FLEX` . The flexible execution class is available for Spark jobs.", + "title": "ExecutionClass", + "type": "string" + }, + "ExecutionProperty": { + "$ref": "#/definitions/AWS::Glue::Job.ExecutionProperty", + "markdownDescription": "The maximum number of concurrent runs that are allowed for this job.", + "title": "ExecutionProperty" + }, + "GlueVersion": { + "markdownDescription": "Glue version determines the versions of Apache Spark and Python that AWS Glue supports. The Python version indicates the version supported for jobs of type Spark.\n\nFor more information about the available AWS Glue versions and corresponding Spark and Python versions, see [Glue version](https://docs.aws.amazon.com/glue/latest/dg/add-job.html) in the developer guide.\n\nJobs that are created without specifying a Glue version default to the latest Glue version available.", + "title": "GlueVersion", + "type": "string" + }, + "JobMode": { + "markdownDescription": "A mode that describes how a job was created. Valid values are:\n\n- `SCRIPT` - The job was created using the AWS Glue Studio script editor.\n- `VISUAL` - The job was created using the AWS Glue Studio visual editor.\n- `NOTEBOOK` - The job was created using an interactive sessions notebook.\n\nWhen the `JobMode` field is missing or null, `SCRIPT` is assigned as the default value.", + "title": "JobMode", + "type": "string" + }, + "JobRunQueuingEnabled": { + "markdownDescription": "Specifies whether job run queuing is enabled for the job runs for this job.\n\nA value of true means job run queuing is enabled for the job runs. If false or not populated, the job runs will not be considered for queueing.\n\nIf this field does not match the value set in the job run, then the value from the job run field will be used.", + "title": "JobRunQueuingEnabled", + "type": "boolean" + }, + "LogUri": { + "markdownDescription": "This field is reserved for future use.", + "title": "LogUri", + "type": "string" + }, + "MaintenanceWindow": { + "markdownDescription": "This field specifies a day of the week and hour for a maintenance window for streaming jobs. AWS Glue periodically performs maintenance activities. During these maintenance windows, AWS Glue will need to restart your streaming jobs.\n\nAWS Glue will restart the job within 3 hours of the specified maintenance window. For instance, if you set up the maintenance window for Monday at 10:00AM GMT, your jobs will be restarted between 10:00AM GMT to 1:00PM GMT.", + "title": "MaintenanceWindow", + "type": "string" + }, + "MaxCapacity": { + "markdownDescription": "The number of AWS Glue data processing units (DPUs) that can be allocated when this job runs. A DPU is a relative measure of processing power that consists of 4 vCPUs of compute capacity and 16 GB of memory.\n\nDo not set `Max Capacity` if using `WorkerType` and `NumberOfWorkers` .\n\nThe value that can be allocated for `MaxCapacity` depends on whether you are running a Python shell job or an Apache Spark ETL job:\n\n- When you specify a Python shell job ( `JobCommand.Name` =\"pythonshell\"), you can allocate either 0.0625 or 1 DPU. The default is 0.0625 DPU.\n- When you specify an Apache Spark ETL job ( `JobCommand.Name` =\"glueetl\"), you can allocate from 2 to 100 DPUs. The default is 10 DPUs. This job type cannot have a fractional DPU allocation.", + "title": "MaxCapacity", + "type": "number" + }, + "MaxRetries": { + "markdownDescription": "The maximum number of times to retry this job after a JobRun fails.", + "title": "MaxRetries", + "type": "number" + }, + "Name": { + "markdownDescription": "The name you assign to this job definition.", + "title": "Name", + "type": "string" + }, + "NonOverridableArguments": { + "markdownDescription": "Non-overridable arguments for this job, specified as name-value pairs.", + "title": "NonOverridableArguments", + "type": "object" + }, + "NotificationProperty": { + "$ref": "#/definitions/AWS::Glue::Job.NotificationProperty", + "markdownDescription": "Specifies configuration properties of a notification.", + "title": "NotificationProperty" + }, + "NumberOfWorkers": { + "markdownDescription": "The number of workers of a defined `workerType` that are allocated when a job runs.\n\nThe maximum number of workers you can define are 299 for `G.1X` , and 149 for `G.2X` .", + "title": "NumberOfWorkers", + "type": "number" + }, + "Role": { + "markdownDescription": "The name or Amazon Resource Name (ARN) of the IAM role associated with this job.", + "title": "Role", + "type": "string" + }, + "SecurityConfiguration": { + "markdownDescription": "The name of the `SecurityConfiguration` structure to be used with this job.", + "title": "SecurityConfiguration", + "type": "string" + }, + "Tags": { + "markdownDescription": "The tags to use with this job.", + "title": "Tags", + "type": "object" + }, + "Timeout": { + "markdownDescription": "The job timeout in minutes. This is the maximum time that a job run can consume resources before it is terminated and enters TIMEOUT status. The default is 2,880 minutes (48 hours).", + "title": "Timeout", + "type": "number" + }, + "WorkerType": { + "markdownDescription": "The type of predefined worker that is allocated when a job runs. Accepts a value of G.1X, G.2X, G.4X, G.8X or G.025X for Spark jobs. Accepts the value Z.2X for Ray jobs.\n\n- For the `G.1X` worker type, each worker maps to 1 DPU (4 vCPUs, 16 GB of memory) with 94GB disk, and provides 1 executor per worker. We recommend this worker type for workloads such as data transforms, joins, and queries, to offers a scalable and cost effective way to run most jobs.\n- For the `G.2X` worker type, each worker maps to 2 DPU (8 vCPUs, 32 GB of memory) with 138GB disk, and provides 1 executor per worker. We recommend this worker type for workloads such as data transforms, joins, and queries, to offers a scalable and cost effective way to run most jobs.\n- For the `G.4X` worker type, each worker maps to 4 DPU (16 vCPUs, 64 GB of memory) with 256GB disk, and provides 1 executor per worker. We recommend this worker type for jobs whose workloads contain your most demanding transforms, aggregations, joins, and queries. This worker type is available only for AWS Glue version 3.0 or later Spark ETL jobs in the following AWS Regions: US East (Ohio), US East (N. Virginia), US West (N. California), US West (Oregon), Asia Pacific (Mumbai), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Canada (Central), Europe (Frankfurt), Europe (Ireland), Europe (London), Europe (Spain), Europe (Stockholm), and South America (S\u00e3o Paulo).\n- For the `G.8X` worker type, each worker maps to 8 DPU (32 vCPUs, 128 GB of memory) with 512GB disk, and provides 1 executor per worker. We recommend this worker type for jobs whose workloads contain your most demanding transforms, aggregations, joins, and queries. This worker type is available only for AWS Glue version 3.0 or later Spark ETL jobs, in the same AWS Regions as supported for the `G.4X` worker type.\n- For the `G.025X` worker type, each worker maps to 0.25 DPU (2 vCPUs, 4 GB of memory) with 84GB disk, and provides 1 executor per worker. We recommend this worker type for low volume streaming jobs. This worker type is only available for AWS Glue version 3.0 or later streaming jobs.\n- For the `Z.2X` worker type, each worker maps to 2 M-DPU (8vCPUs, 64 GB of memory) with 128 GB disk, and provides up to 8 Ray workers based on the autoscaler.", + "title": "WorkerType", + "type": "string" + } + }, + "required": [ + "Command", + "Role" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Glue::Job" + ], "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the role that grants AWS IoT Analytics permission to interact with your Amazon S3 and AWS Glue resources.", - "title": "RoleArn", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Bucket", - "Key", - "RoleArn" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.Schedule": { + "AWS::Glue::Job.ConnectionsList": { "additionalProperties": false, "properties": { - "ScheduleExpression": { - "markdownDescription": "The expression that defines when to trigger an update. For more information, see [Schedule Expressions for Rules](https://docs.aws.amazon.com/AmazonCloudWatch/latest/events/ScheduledEvents.html) in the Amazon CloudWatch documentation.", - "title": "ScheduleExpression", - "type": "string" + "Connections": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of connections used by the job.", + "title": "Connections", + "type": "array" } }, - "required": [ - "ScheduleExpression" - ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.Trigger": { + "AWS::Glue::Job.ExecutionProperty": { "additionalProperties": false, "properties": { - "Schedule": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.Schedule", - "markdownDescription": "The \"Schedule\" when the trigger is initiated.", - "title": "Schedule" - }, - "TriggeringDataset": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.TriggeringDataset", - "markdownDescription": "Information about the data set whose content generation triggers the new data set content generation.", - "title": "TriggeringDataset" + "MaxConcurrentRuns": { + "markdownDescription": "The maximum number of concurrent runs allowed for the job. The default is 1. An error is returned when this threshold is reached. The maximum value you can specify is controlled by a service limit.", + "title": "MaxConcurrentRuns", + "type": "number" } }, "type": "object" }, - "AWS::IoTAnalytics::Dataset.TriggeringDataset": { + "AWS::Glue::Job.JobCommand": { "additionalProperties": false, "properties": { - "DatasetName": { - "markdownDescription": "The name of the data set whose content generation triggers the new data set content generation.", - "title": "DatasetName", + "Name": { + "markdownDescription": "The name of the job command. For an Apache Spark ETL job, this must be `glueetl` . For a Python shell job, it must be `pythonshell` . For an Apache Spark streaming ETL job, this must be `gluestreaming` . For a Ray job, this must be `glueray` .", + "title": "Name", "type": "string" - } - }, - "required": [ - "DatasetName" - ], - "type": "object" - }, - "AWS::IoTAnalytics::Dataset.Variable": { - "additionalProperties": false, - "properties": { - "DatasetContentVersionValue": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.DatasetContentVersionValue", - "markdownDescription": "The value of the variable as a structure that specifies a dataset content version.", - "title": "DatasetContentVersionValue" - }, - "DoubleValue": { - "markdownDescription": "The value of the variable as a double (numeric).", - "title": "DoubleValue", - "type": "number" }, - "OutputFileUriValue": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.OutputFileUriValue", - "markdownDescription": "The value of the variable as a structure that specifies an output file URI.", - "title": "OutputFileUriValue" + "PythonVersion": { + "markdownDescription": "The Python version being used to execute a Python shell job. Allowed values are 3 or 3.9. Version 2 is deprecated.", + "title": "PythonVersion", + "type": "string" }, - "StringValue": { - "markdownDescription": "The value of the variable as a string.", - "title": "StringValue", + "Runtime": { + "markdownDescription": "In Ray jobs, Runtime is used to specify the versions of Ray, Python and additional libraries available in your environment. This field is not used in other job types. For supported runtime environment values, see [Working with Ray jobs](https://docs.aws.amazon.com/glue/latest/dg/ray-jobs-section.html) in the AWS Glue Developer Guide.", + "title": "Runtime", "type": "string" }, - "VariableName": { - "markdownDescription": "The name of the variable.", - "title": "VariableName", + "ScriptLocation": { + "markdownDescription": "Specifies the Amazon Simple Storage Service (Amazon S3) path to a script that executes a job (required).", + "title": "ScriptLocation", "type": "string" } }, - "required": [ - "VariableName" - ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.VersioningConfiguration": { + "AWS::Glue::Job.NotificationProperty": { "additionalProperties": false, "properties": { - "MaxVersions": { - "markdownDescription": "How many versions of dataset contents are kept. The `unlimited` parameter must be `false` .", - "title": "MaxVersions", + "NotifyDelayAfter": { + "markdownDescription": "After a job run starts, the number of minutes to wait before sending a job run delay notification.", + "title": "NotifyDelayAfter", "type": "number" - }, - "Unlimited": { - "markdownDescription": "If true, unlimited versions of dataset contents are kept.", - "title": "Unlimited", - "type": "boolean" } }, "type": "object" }, - "AWS::IoTAnalytics::Datastore": { + "AWS::Glue::MLTransform": { "additionalProperties": false, "properties": { "Condition": { @@ -125516,45 +130671,82 @@ "Properties": { "additionalProperties": false, "properties": { - "DatastoreName": { - "markdownDescription": "The name of the data store.", - "title": "DatastoreName", + "Description": { + "markdownDescription": "A user-defined, long-form description text for the machine learning transform.", + "title": "Description", "type": "string" }, - "DatastorePartitions": { - "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.DatastorePartitions", - "markdownDescription": "Information about the partition dimensions in a data store.", - "title": "DatastorePartitions" + "GlueVersion": { + "markdownDescription": "This value determines which version of AWS Glue this machine learning transform is compatible with. Glue 1.0 is recommended for most customers. If the value is not set, the Glue compatibility defaults to Glue 0.9. For more information, see [AWS Glue Versions](https://docs.aws.amazon.com/glue/latest/dg/release-notes.html#release-notes-versions) in the developer guide.", + "title": "GlueVersion", + "type": "string" }, - "DatastoreStorage": { - "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.DatastoreStorage", - "markdownDescription": "Where data store data is stored.", - "title": "DatastoreStorage" + "InputRecordTables": { + "$ref": "#/definitions/AWS::Glue::MLTransform.InputRecordTables", + "markdownDescription": "A list of AWS Glue table definitions used by the transform.", + "title": "InputRecordTables" }, - "FileFormatConfiguration": { - "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.FileFormatConfiguration", - "markdownDescription": "Contains the configuration information of file formats. AWS IoT Analytics data stores support JSON and [Parquet](https://docs.aws.amazon.com/https://parquet.apache.org/) .\n\nThe default file format is JSON. You can specify only one format.\n\nYou can't change the file format after you create the data store.", - "title": "FileFormatConfiguration" + "MaxCapacity": { + "markdownDescription": "The number of AWS Glue data processing units (DPUs) that are allocated to task runs for this transform. You can allocate from 2 to 100 DPUs; the default is 10. A DPU is a relative measure of processing power that consists of 4 vCPUs of compute capacity and 16 GB of memory. For more information, see the [AWS Glue pricing page](https://docs.aws.amazon.com/glue/pricing/) .\n\n`MaxCapacity` is a mutually exclusive option with `NumberOfWorkers` and `WorkerType` .\n\n- If either `NumberOfWorkers` or `WorkerType` is set, then `MaxCapacity` cannot be set.\n- If `MaxCapacity` is set then neither `NumberOfWorkers` or `WorkerType` can be set.\n- If `WorkerType` is set, then `NumberOfWorkers` is required (and vice versa).\n- `MaxCapacity` and `NumberOfWorkers` must both be at least 1.\n\nWhen the `WorkerType` field is set to a value other than `Standard` , the `MaxCapacity` field is set automatically and becomes read-only.", + "title": "MaxCapacity", + "type": "number" }, - "RetentionPeriod": { - "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.RetentionPeriod", - "markdownDescription": "How long, in days, message data is kept for the data store. When `customerManagedS3` storage is selected, this parameter is ignored.", - "title": "RetentionPeriod" + "MaxRetries": { + "markdownDescription": "The maximum number of times to retry after an `MLTaskRun` of the machine learning transform fails.", + "title": "MaxRetries", + "type": "number" + }, + "Name": { + "markdownDescription": "A user-defined name for the machine learning transform. Names are required to be unique. `Name` is optional:\n\n- If you supply `Name` , the stack cannot be repeatedly created.\n- If `Name` is not provided, a randomly generated name will be used instead.", + "title": "Name", + "type": "string" + }, + "NumberOfWorkers": { + "markdownDescription": "The number of workers of a defined `workerType` that are allocated when a task of the transform runs.\n\nIf `WorkerType` is set, then `NumberOfWorkers` is required (and vice versa).", + "title": "NumberOfWorkers", + "type": "number" + }, + "Role": { + "markdownDescription": "The name or Amazon Resource Name (ARN) of the IAM role with the required permissions. The required permissions include both AWS Glue service role permissions to AWS Glue resources, and Amazon S3 permissions required by the transform.\n\n- This role needs AWS Glue service role permissions to allow access to resources in AWS Glue . See [Attach a Policy to IAM Users That Access AWS Glue](https://docs.aws.amazon.com/glue/latest/dg/attach-policy-iam-user.html) .\n- This role needs permission to your Amazon Simple Storage Service (Amazon S3) sources, targets, temporary directory, scripts, and any libraries used by the task run for this transform.", + "title": "Role", + "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata which can be used to manage the data store.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "The tags to use with this machine learning transform. You may use tags to limit access to the machine learning transform. For more information about tags in AWS Glue , see [AWS Tags in AWS Glue](https://docs.aws.amazon.com/glue/latest/dg/monitor-tags.html) in the developer guide.", "title": "Tags", - "type": "array" + "type": "object" + }, + "Timeout": { + "markdownDescription": "The timeout in minutes of the machine learning transform.", + "title": "Timeout", + "type": "number" + }, + "TransformEncryption": { + "$ref": "#/definitions/AWS::Glue::MLTransform.TransformEncryption", + "markdownDescription": "The encryption-at-rest settings of the transform that apply to accessing user data. Machine learning\ntransforms can access user data encrypted in Amazon S3 using KMS.\n\nAdditionally, imported labels and trained transforms can now be encrypted using a customer provided\nKMS key.", + "title": "TransformEncryption" + }, + "TransformParameters": { + "$ref": "#/definitions/AWS::Glue::MLTransform.TransformParameters", + "markdownDescription": "The algorithm-specific parameters that are associated with the machine learning transform.", + "title": "TransformParameters" + }, + "WorkerType": { + "markdownDescription": "The type of predefined worker that is allocated when a task of this transform runs. Accepts a value of Standard, G.1X, or G.2X.\n\n- For the `Standard` worker type, each worker provides 4 vCPU, 16 GB of memory and a 50GB disk, and 2 executors per worker.\n- For the `G.1X` worker type, each worker provides 4 vCPU, 16 GB of memory and a 64GB disk, and 1 executor per worker.\n- For the `G.2X` worker type, each worker provides 8 vCPU, 32 GB of memory and a 128GB disk, and 1 executor per worker.\n\n`MaxCapacity` is a mutually exclusive option with `NumberOfWorkers` and `WorkerType` .\n\n- If either `NumberOfWorkers` or `WorkerType` is set, then `MaxCapacity` cannot be set.\n- If `MaxCapacity` is set then neither `NumberOfWorkers` or `WorkerType` can be set.\n- If `WorkerType` is set, then `NumberOfWorkers` is required (and vice versa).\n- `MaxCapacity` and `NumberOfWorkers` must both be at least 1.", + "title": "WorkerType", + "type": "string" } }, + "required": [ + "InputRecordTables", + "Role", + "TransformParameters" + ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTAnalytics::Datastore" + "AWS::Glue::MLTransform" ], "type": "string" }, @@ -125568,227 +130760,139 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoTAnalytics::Datastore.Column": { + "AWS::Glue::MLTransform.FindMatchesParameters": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the column.", - "title": "Name", - "type": "string" + "AccuracyCostTradeoff": { + "markdownDescription": "The value that is selected when tuning your transform for a balance between accuracy and cost. A value of 0.5 means that the system balances accuracy and cost concerns. A value of 1.0 means a bias purely for accuracy, which typically results in a higher cost, sometimes substantially higher. A value of 0.0 means a bias purely for cost, which results in a less accurate `FindMatches` transform, sometimes with unacceptable accuracy.\n\nAccuracy measures how well the transform finds true positives and true negatives. Increasing accuracy requires more machine resources and cost. But it also results in increased recall.\n\nCost measures how many compute resources, and thus money, are consumed to run the transform.", + "title": "AccuracyCostTradeoff", + "type": "number" }, - "Type": { - "markdownDescription": "The type of data. For more information about the supported data types, see [Common data types](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-common.html) in the *AWS Glue Developer Guide* .", - "title": "Type", + "EnforceProvidedLabels": { + "markdownDescription": "The value to switch on or off to force the output to match the provided labels from users. If the value is `True` , the `find matches` transform forces the output to match the provided labels. The results override the normal conflation results. If the value is `False` , the `find matches` transform does not ensure all the labels provided are respected, and the results rely on the trained model.\n\nNote that setting this value to true may increase the conflation execution time.", + "title": "EnforceProvidedLabels", + "type": "boolean" + }, + "PrecisionRecallTradeoff": { + "markdownDescription": "The value selected when tuning your transform for a balance between precision and recall. A value of 0.5 means no preference; a value of 1.0 means a bias purely for precision, and a value of 0.0 means a bias for recall. Because this is a tradeoff, choosing values close to 1.0 means very low recall, and choosing values close to 0.0 results in very low precision.\n\nThe precision metric indicates how often your model is correct when it predicts a match.\n\nThe recall metric indicates that for an actual match, how often your model predicts the match.", + "title": "PrecisionRecallTradeoff", + "type": "number" + }, + "PrimaryKeyColumnName": { + "markdownDescription": "The name of a column that uniquely identifies rows in the source table. Used to help identify matching records.", + "title": "PrimaryKeyColumnName", "type": "string" } }, "required": [ - "Name", - "Type" + "PrimaryKeyColumnName" ], "type": "object" }, - "AWS::IoTAnalytics::Datastore.CustomerManagedS3": { + "AWS::Glue::MLTransform.GlueTables": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The name of the Amazon S3 bucket where your data is stored.", - "title": "Bucket", + "CatalogId": { + "markdownDescription": "A unique identifier for the AWS Glue Data Catalog .", + "title": "CatalogId", "type": "string" }, - "KeyPrefix": { - "markdownDescription": "(Optional) The prefix used to create the keys of the data store data objects. Each object in an Amazon S3 bucket has a key that is its unique identifier in the bucket. Each object in a bucket has exactly one key. The prefix must end with a forward slash (/).", - "title": "KeyPrefix", + "ConnectionName": { + "markdownDescription": "The name of the connection to the AWS Glue Data Catalog .", + "title": "ConnectionName", "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the role that grants AWS IoT Analytics permission to interact with your Amazon S3 resources.", - "title": "RoleArn", - "type": "string" - } - }, - "required": [ - "Bucket", - "RoleArn" - ], - "type": "object" - }, - "AWS::IoTAnalytics::Datastore.CustomerManagedS3Storage": { - "additionalProperties": false, - "properties": { - "Bucket": { - "markdownDescription": "The name of the Amazon S3 bucket where your data is stored.", - "title": "Bucket", + "DatabaseName": { + "markdownDescription": "A database name in the AWS Glue Data Catalog .", + "title": "DatabaseName", "type": "string" }, - "KeyPrefix": { - "markdownDescription": "(Optional) The prefix used to create the keys of the data store data objects. Each object in an Amazon S3 bucket has a key that is its unique identifier in the bucket. Each object in a bucket has exactly one key. The prefix must end with a forward slash (/).", - "title": "KeyPrefix", + "TableName": { + "markdownDescription": "A table name in the AWS Glue Data Catalog .", + "title": "TableName", "type": "string" } }, "required": [ - "Bucket" + "DatabaseName", + "TableName" ], "type": "object" }, - "AWS::IoTAnalytics::Datastore.DatastorePartition": { - "additionalProperties": false, - "properties": { - "Partition": { - "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.Partition", - "markdownDescription": "A partition dimension defined by an attribute.", - "title": "Partition" - }, - "TimestampPartition": { - "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.TimestampPartition", - "markdownDescription": "A partition dimension defined by a timestamp attribute.", - "title": "TimestampPartition" - } - }, - "type": "object" - }, - "AWS::IoTAnalytics::Datastore.DatastorePartitions": { + "AWS::Glue::MLTransform.InputRecordTables": { "additionalProperties": false, "properties": { - "Partitions": { + "GlueTables": { "items": { - "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.DatastorePartition" + "$ref": "#/definitions/AWS::Glue::MLTransform.GlueTables" }, - "markdownDescription": "A list of partition dimensions in a data store.", - "title": "Partitions", + "markdownDescription": "The database and table in the AWS Glue Data Catalog that is used for input or output data.", + "title": "GlueTables", "type": "array" } }, "type": "object" }, - "AWS::IoTAnalytics::Datastore.DatastoreStorage": { - "additionalProperties": false, - "properties": { - "CustomerManagedS3": { - "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.CustomerManagedS3", - "markdownDescription": "Use this to store data store data in an S3 bucket that you manage. The choice of service-managed or customer-managed S3 storage cannot be changed after creation of the data store.", - "title": "CustomerManagedS3" - }, - "IotSiteWiseMultiLayerStorage": { - "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.IotSiteWiseMultiLayerStorage", - "markdownDescription": "Use this to store data used by AWS IoT SiteWise in an Amazon S3 bucket that you manage. You can't change the choice of Amazon S3 storage after your data store is created.", - "title": "IotSiteWiseMultiLayerStorage" - }, - "ServiceManagedS3": { - "markdownDescription": "Use this to store data store data in an S3 bucket managed by the AWS IoT Analytics service. The choice of service-managed or customer-managed S3 storage cannot be changed after creation of the data store.", - "title": "ServiceManagedS3", - "type": "object" - } - }, - "type": "object" - }, - "AWS::IoTAnalytics::Datastore.FileFormatConfiguration": { + "AWS::Glue::MLTransform.MLUserDataEncryption": { "additionalProperties": false, "properties": { - "JsonConfiguration": { - "markdownDescription": "Contains the configuration information of the JSON format.", - "title": "JsonConfiguration", - "type": "object" + "KmsKeyId": { + "markdownDescription": "The ID for the customer-provided KMS key.", + "title": "KmsKeyId", + "type": "string" }, - "ParquetConfiguration": { - "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.ParquetConfiguration", - "markdownDescription": "Contains the configuration information of the Parquet format.", - "title": "ParquetConfiguration" - } - }, - "type": "object" - }, - "AWS::IoTAnalytics::Datastore.IotSiteWiseMultiLayerStorage": { - "additionalProperties": false, - "properties": { - "CustomerManagedS3Storage": { - "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.CustomerManagedS3Storage", - "markdownDescription": "Stores data used by AWS IoT SiteWise in an Amazon S3 bucket that you manage.", - "title": "CustomerManagedS3Storage" - } - }, - "type": "object" - }, - "AWS::IoTAnalytics::Datastore.ParquetConfiguration": { - "additionalProperties": false, - "properties": { - "SchemaDefinition": { - "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.SchemaDefinition", - "markdownDescription": "Information needed to define a schema.", - "title": "SchemaDefinition" - } - }, - "type": "object" - }, - "AWS::IoTAnalytics::Datastore.Partition": { - "additionalProperties": false, - "properties": { - "AttributeName": { - "markdownDescription": "The name of the attribute that defines a partition dimension.", - "title": "AttributeName", + "MLUserDataEncryptionMode": { + "markdownDescription": "The encryption mode applied to user data. Valid values are:\n\n- DISABLED: encryption is disabled.\n- SSEKMS: use of server-side encryption with AWS Key Management Service (SSE-KMS) for user data\nstored in Amazon S3.", + "title": "MLUserDataEncryptionMode", "type": "string" } }, "required": [ - "AttributeName" + "MLUserDataEncryptionMode" ], "type": "object" }, - "AWS::IoTAnalytics::Datastore.RetentionPeriod": { + "AWS::Glue::MLTransform.TransformEncryption": { "additionalProperties": false, "properties": { - "NumberOfDays": { - "markdownDescription": "The number of days that message data is kept. The `unlimited` parameter must be false.", - "title": "NumberOfDays", - "type": "number" + "MLUserDataEncryption": { + "$ref": "#/definitions/AWS::Glue::MLTransform.MLUserDataEncryption", + "markdownDescription": "The encryption-at-rest settings of the transform that apply to accessing user data.", + "title": "MLUserDataEncryption" }, - "Unlimited": { - "markdownDescription": "If true, message data is kept indefinitely.", - "title": "Unlimited", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::IoTAnalytics::Datastore.SchemaDefinition": { - "additionalProperties": false, - "properties": { - "Columns": { - "items": { - "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.Column" - }, - "markdownDescription": "Specifies one or more columns that store your data.\n\nEach schema can have up to 100 columns. Each column can have up to 100 nested types.", - "title": "Columns", - "type": "array" + "TaskRunSecurityConfigurationName": { + "markdownDescription": "The name of the security configuration.", + "title": "TaskRunSecurityConfigurationName", + "type": "string" } }, "type": "object" }, - "AWS::IoTAnalytics::Datastore.TimestampPartition": { + "AWS::Glue::MLTransform.TransformParameters": { "additionalProperties": false, "properties": { - "AttributeName": { - "markdownDescription": "The attribute name of the partition defined by a timestamp.", - "title": "AttributeName", - "type": "string" + "FindMatchesParameters": { + "$ref": "#/definitions/AWS::Glue::MLTransform.FindMatchesParameters", + "markdownDescription": "The parameters for the find matches algorithm.", + "title": "FindMatchesParameters" }, - "TimestampFormat": { - "markdownDescription": "The timestamp format of a partition defined by a timestamp. The default format is seconds since epoch (January 1, 1970 at midnight UTC time).", - "title": "TimestampFormat", + "TransformType": { + "markdownDescription": "The type of machine learning transform. `FIND_MATCHES` is the only option.\n\nFor information about the types of machine learning transforms, see [Working with machine learning transforms](https://docs.aws.amazon.com/glue/latest/dg/console-machine-learning-transforms.html) .", + "title": "TransformType", "type": "string" } }, "required": [ - "AttributeName" + "TransformType" ], "type": "object" }, - "AWS::IoTAnalytics::Pipeline": { + "AWS::Glue::Partition": { "additionalProperties": false, "properties": { "Condition": { @@ -125823,36 +130927,38 @@ "Properties": { "additionalProperties": false, "properties": { - "PipelineActivities": { - "items": { - "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.Activity" - }, - "markdownDescription": "A list of \"PipelineActivity\" objects. Activities perform transformations on your messages, such as removing, renaming or adding message attributes; filtering messages based on attribute values; invoking your Lambda functions on messages for advanced processing; or performing mathematical transformations to normalize device data.\n\nThe list can be 2-25 *PipelineActivity* objects and must contain both a `channel` and a `datastore` activity. Each entry in the list must contain only one activity, for example:\n\n`pipelineActivities = [ { \"channel\": { ... } }, { \"lambda\": { ... } }, ... ]`", - "title": "PipelineActivities", - "type": "array" + "CatalogId": { + "markdownDescription": "The AWS account ID of the catalog in which the partion is to be created.\n\n> To specify the account ID, you can use the `Ref` intrinsic function with the `AWS::AccountId` pseudo parameter. For example: `!Ref AWS::AccountId`", + "title": "CatalogId", + "type": "string" }, - "PipelineName": { - "markdownDescription": "The name of the pipeline.", - "title": "PipelineName", + "DatabaseName": { + "markdownDescription": "The name of the catalog database in which to create the partition.", + "title": "DatabaseName", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata which can be used to manage the pipeline.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" + "PartitionInput": { + "$ref": "#/definitions/AWS::Glue::Partition.PartitionInput", + "markdownDescription": "The structure used to create and update a partition.", + "title": "PartitionInput" + }, + "TableName": { + "markdownDescription": "The name of the metadata table in which the partition is to be created.", + "title": "TableName", + "type": "string" } }, "required": [ - "PipelineActivities" + "CatalogId", + "DatabaseName", + "PartitionInput", + "TableName" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTAnalytics::Pipeline" + "AWS::Glue::Partition" ], "type": "string" }, @@ -125871,356 +130977,247 @@ ], "type": "object" }, - "AWS::IoTAnalytics::Pipeline.Activity": { - "additionalProperties": false, - "properties": { - "AddAttributes": { - "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.AddAttributes", - "markdownDescription": "Adds other attributes based on existing attributes in the message.", - "title": "AddAttributes" - }, - "Channel": { - "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.Channel", - "markdownDescription": "Determines the source of the messages to be processed.", - "title": "Channel" - }, - "Datastore": { - "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.Datastore", - "markdownDescription": "Specifies where to store the processed message data.", - "title": "Datastore" - }, - "DeviceRegistryEnrich": { - "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.DeviceRegistryEnrich", - "markdownDescription": "Adds data from the AWS IoT device registry to your message.", - "title": "DeviceRegistryEnrich" - }, - "DeviceShadowEnrich": { - "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.DeviceShadowEnrich", - "markdownDescription": "Adds information from the AWS IoT Device Shadows service to a message.", - "title": "DeviceShadowEnrich" - }, - "Filter": { - "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.Filter", - "markdownDescription": "Filters a message based on its attributes.", - "title": "Filter" - }, - "Lambda": { - "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.Lambda", - "markdownDescription": "Runs a Lambda function to modify the message.", - "title": "Lambda" - }, - "Math": { - "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.Math", - "markdownDescription": "Computes an arithmetic expression using the message's attributes and adds it to the message.", - "title": "Math" - }, - "RemoveAttributes": { - "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.RemoveAttributes", - "markdownDescription": "Removes attributes from a message.", - "title": "RemoveAttributes" - }, - "SelectAttributes": { - "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.SelectAttributes", - "markdownDescription": "Creates a new message using only the specified attributes from the original message.", - "title": "SelectAttributes" - } - }, - "type": "object" - }, - "AWS::IoTAnalytics::Pipeline.AddAttributes": { - "additionalProperties": false, - "properties": { - "Attributes": { - "additionalProperties": true, - "markdownDescription": "A list of 1-50 \"AttributeNameMapping\" objects that map an existing attribute to a new attribute.\n\n> The existing attributes remain in the message, so if you want to remove the originals, use \"RemoveAttributeActivity\".", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Attributes", - "type": "object" - }, - "Name": { - "markdownDescription": "The name of the 'addAttributes' activity.", - "title": "Name", - "type": "string" - }, - "Next": { - "markdownDescription": "The next activity in the pipeline.", - "title": "Next", - "type": "string" - } - }, - "required": [ - "Attributes", - "Name" - ], - "type": "object" - }, - "AWS::IoTAnalytics::Pipeline.Channel": { + "AWS::Glue::Partition.Column": { "additionalProperties": false, "properties": { - "ChannelName": { - "markdownDescription": "The name of the channel from which the messages are processed.", - "title": "ChannelName", + "Comment": { + "markdownDescription": "A free-form text comment.", + "title": "Comment", "type": "string" }, "Name": { - "markdownDescription": "The name of the 'channel' activity.", + "markdownDescription": "The name of the `Column` .", "title": "Name", "type": "string" }, - "Next": { - "markdownDescription": "The next activity in the pipeline.", - "title": "Next", + "Type": { + "markdownDescription": "The data type of the `Column` .", + "title": "Type", "type": "string" } }, "required": [ - "ChannelName", "Name" ], "type": "object" }, - "AWS::IoTAnalytics::Pipeline.Datastore": { + "AWS::Glue::Partition.Order": { "additionalProperties": false, "properties": { - "DatastoreName": { - "markdownDescription": "The name of the data store where processed messages are stored.", - "title": "DatastoreName", + "Column": { + "markdownDescription": "The name of the column.", + "title": "Column", "type": "string" }, - "Name": { - "markdownDescription": "The name of the datastore activity.", - "title": "Name", - "type": "string" + "SortOrder": { + "markdownDescription": "Indicates that the column is sorted in ascending order ( `== 1` ), or in descending order ( `==0` ).", + "title": "SortOrder", + "type": "number" } }, "required": [ - "DatastoreName", - "Name" + "Column" ], "type": "object" }, - "AWS::IoTAnalytics::Pipeline.DeviceRegistryEnrich": { + "AWS::Glue::Partition.PartitionInput": { "additionalProperties": false, "properties": { - "Attribute": { - "markdownDescription": "The name of the attribute that is added to the message.", - "title": "Attribute", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the 'deviceRegistryEnrich' activity.", - "title": "Name", - "type": "string" - }, - "Next": { - "markdownDescription": "The next activity in the pipeline.", - "title": "Next", - "type": "string" + "Parameters": { + "markdownDescription": "These key-value pairs define partition parameters.", + "title": "Parameters", + "type": "object" }, - "RoleArn": { - "markdownDescription": "The ARN of the role that allows access to the device's registry information.", - "title": "RoleArn", - "type": "string" + "StorageDescriptor": { + "$ref": "#/definitions/AWS::Glue::Partition.StorageDescriptor", + "markdownDescription": "Provides information about the physical location where the partition is stored.", + "title": "StorageDescriptor" }, - "ThingName": { - "markdownDescription": "The name of the IoT device whose registry information is added to the message.", - "title": "ThingName", - "type": "string" + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The values of the partition. Although this parameter is not required by the SDK, you must specify this parameter for a valid input.\n\nThe values for the keys for the new partition must be passed as an array of String objects that must be ordered in the same order as the partition keys appearing in the Amazon S3 prefix. Otherwise AWS Glue will add the values to the wrong keys.", + "title": "Values", + "type": "array" } }, "required": [ - "Attribute", - "Name", - "RoleArn", - "ThingName" + "Values" ], "type": "object" }, - "AWS::IoTAnalytics::Pipeline.DeviceShadowEnrich": { + "AWS::Glue::Partition.SchemaId": { "additionalProperties": false, "properties": { - "Attribute": { - "markdownDescription": "The name of the attribute that is added to the message.", - "title": "Attribute", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the 'deviceShadowEnrich' activity.", - "title": "Name", - "type": "string" - }, - "Next": { - "markdownDescription": "The next activity in the pipeline.", - "title": "Next", + "RegistryName": { + "markdownDescription": "The name of the schema registry that contains the schema.", + "title": "RegistryName", "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the role that allows access to the device's shadow.", - "title": "RoleArn", + "SchemaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the schema. One of `SchemaArn` or `SchemaName` has to be\nprovided.", + "title": "SchemaArn", "type": "string" }, - "ThingName": { - "markdownDescription": "The name of the IoT device whose shadow information is added to the message.", - "title": "ThingName", + "SchemaName": { + "markdownDescription": "The name of the schema. One of `SchemaArn` or `SchemaName` has to be provided.", + "title": "SchemaName", "type": "string" } }, - "required": [ - "Attribute", - "Name", - "RoleArn", - "ThingName" - ], "type": "object" }, - "AWS::IoTAnalytics::Pipeline.Filter": { + "AWS::Glue::Partition.SchemaReference": { "additionalProperties": false, "properties": { - "Filter": { - "markdownDescription": "An expression that looks like an SQL WHERE clause that must return a Boolean value.", - "title": "Filter", - "type": "string" + "SchemaId": { + "$ref": "#/definitions/AWS::Glue::Partition.SchemaId", + "markdownDescription": "A structure that contains schema identity fields. Either this or the `SchemaVersionId` has to be\nprovided.", + "title": "SchemaId" }, - "Name": { - "markdownDescription": "The name of the 'filter' activity.", - "title": "Name", + "SchemaVersionId": { + "markdownDescription": "The unique ID assigned to a version of the schema. Either this or the `SchemaId` has to be provided.", + "title": "SchemaVersionId", "type": "string" }, - "Next": { - "markdownDescription": "The next activity in the pipeline.", - "title": "Next", - "type": "string" - } - }, - "required": [ - "Filter", - "Name" - ], - "type": "object" - }, - "AWS::IoTAnalytics::Pipeline.Lambda": { - "additionalProperties": false, - "properties": { - "BatchSize": { - "markdownDescription": "The number of messages passed to the Lambda function for processing.\n\nThe AWS Lambda function must be able to process all of these messages within five minutes, which is the maximum timeout duration for Lambda functions.", - "title": "BatchSize", + "SchemaVersionNumber": { + "markdownDescription": "The version number of the schema.", + "title": "SchemaVersionNumber", "type": "number" - }, - "LambdaName": { - "markdownDescription": "The name of the Lambda function that is run on the message.", - "title": "LambdaName", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the 'lambda' activity.", - "title": "Name", - "type": "string" - }, - "Next": { - "markdownDescription": "The next activity in the pipeline.", - "title": "Next", - "type": "string" } }, - "required": [ - "BatchSize", - "LambdaName", - "Name" - ], "type": "object" }, - "AWS::IoTAnalytics::Pipeline.Math": { + "AWS::Glue::Partition.SerdeInfo": { "additionalProperties": false, "properties": { - "Attribute": { - "markdownDescription": "The name of the attribute that contains the result of the math operation.", - "title": "Attribute", - "type": "string" - }, - "Math": { - "markdownDescription": "An expression that uses one or more existing attributes and must return an integer value.", - "title": "Math", - "type": "string" - }, "Name": { - "markdownDescription": "The name of the 'math' activity.", + "markdownDescription": "Name of the SerDe.", "title": "Name", "type": "string" }, - "Next": { - "markdownDescription": "The next activity in the pipeline.", - "title": "Next", + "Parameters": { + "markdownDescription": "These key-value pairs define initialization parameters for the SerDe.", + "title": "Parameters", + "type": "object" + }, + "SerializationLibrary": { + "markdownDescription": "Usually the class that implements the SerDe. An example is `org.apache.hadoop.hive.serde2.columnar.ColumnarSerDe` .", + "title": "SerializationLibrary", "type": "string" } }, - "required": [ - "Attribute", - "Math", - "Name" - ], "type": "object" }, - "AWS::IoTAnalytics::Pipeline.RemoveAttributes": { + "AWS::Glue::Partition.SkewedInfo": { "additionalProperties": false, "properties": { - "Attributes": { + "SkewedColumnNames": { "items": { "type": "string" }, - "markdownDescription": "A list of 1-50 attributes to remove from the message.", - "title": "Attributes", + "markdownDescription": "A list of names of columns that contain skewed values.", + "title": "SkewedColumnNames", "type": "array" }, - "Name": { - "markdownDescription": "The name of the 'removeAttributes' activity.", - "title": "Name", - "type": "string" + "SkewedColumnValueLocationMaps": { + "markdownDescription": "A mapping of skewed values to the columns that contain them.", + "title": "SkewedColumnValueLocationMaps", + "type": "object" }, - "Next": { - "markdownDescription": "The next activity in the pipeline.", - "title": "Next", - "type": "string" + "SkewedColumnValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of values that appear so frequently as to be considered skewed.", + "title": "SkewedColumnValues", + "type": "array" } }, - "required": [ - "Attributes", - "Name" - ], "type": "object" }, - "AWS::IoTAnalytics::Pipeline.SelectAttributes": { + "AWS::Glue::Partition.StorageDescriptor": { "additionalProperties": false, "properties": { - "Attributes": { + "BucketColumns": { "items": { "type": "string" }, - "markdownDescription": "A list of the attributes to select from the message.", - "title": "Attributes", + "markdownDescription": "A list of reducer grouping columns, clustering columns, and bucketing columns in the table.", + "title": "BucketColumns", "type": "array" }, - "Name": { - "markdownDescription": "The name of the 'selectAttributes' activity.", - "title": "Name", + "Columns": { + "items": { + "$ref": "#/definitions/AWS::Glue::Partition.Column" + }, + "markdownDescription": "A list of the `Columns` in the table.", + "title": "Columns", + "type": "array" + }, + "Compressed": { + "markdownDescription": "`True` if the data in the table is compressed, or `False` if not.", + "title": "Compressed", + "type": "boolean" + }, + "InputFormat": { + "markdownDescription": "The input format: `SequenceFileInputFormat` (binary), or `TextInputFormat` , or a custom format.", + "title": "InputFormat", "type": "string" }, - "Next": { - "markdownDescription": "The next activity in the pipeline.", - "title": "Next", + "Location": { + "markdownDescription": "The physical location of the table. By default, this takes the form of the warehouse location, followed by the database location in the warehouse, followed by the table name.", + "title": "Location", + "type": "string" + }, + "NumberOfBuckets": { + "markdownDescription": "The number of buckets.\n\nYou must specify this property if the partition contains any dimension columns.", + "title": "NumberOfBuckets", + "type": "number" + }, + "OutputFormat": { + "markdownDescription": "The output format: `SequenceFileOutputFormat` (binary), or `IgnoreKeyTextOutputFormat` , or a custom format.", + "title": "OutputFormat", "type": "string" + }, + "Parameters": { + "markdownDescription": "The user-supplied properties in key-value form.", + "title": "Parameters", + "type": "object" + }, + "SchemaReference": { + "$ref": "#/definitions/AWS::Glue::Partition.SchemaReference", + "markdownDescription": "An object that references a schema stored in the AWS Glue Schema Registry.", + "title": "SchemaReference" + }, + "SerdeInfo": { + "$ref": "#/definitions/AWS::Glue::Partition.SerdeInfo", + "markdownDescription": "The serialization/deserialization (SerDe) information.", + "title": "SerdeInfo" + }, + "SkewedInfo": { + "$ref": "#/definitions/AWS::Glue::Partition.SkewedInfo", + "markdownDescription": "The information about values that appear frequently in a column (skewed values).", + "title": "SkewedInfo" + }, + "SortColumns": { + "items": { + "$ref": "#/definitions/AWS::Glue::Partition.Order" + }, + "markdownDescription": "A list specifying the sort order of each bucket in the table.", + "title": "SortColumns", + "type": "array" + }, + "StoredAsSubDirectories": { + "markdownDescription": "`True` if the table data is stored in subdirectories, or `False` if not.", + "title": "StoredAsSubDirectories", + "type": "boolean" } }, - "required": [ - "Attributes", - "Name" - ], "type": "object" }, - "AWS::IoTCoreDeviceAdvisor::SuiteDefinition": { + "AWS::Glue::Registry": { "additionalProperties": false, "properties": { "Condition": { @@ -126255,28 +131252,33 @@ "Properties": { "additionalProperties": false, "properties": { - "SuiteDefinitionConfiguration": { - "$ref": "#/definitions/AWS::IoTCoreDeviceAdvisor::SuiteDefinition.SuiteDefinitionConfiguration", - "markdownDescription": "The configuration of the Suite Definition. Listed below are the required elements of the `SuiteDefinitionConfiguration` .\n\n- ***devicePermissionRoleArn*** - The device permission arn.\n\nThis is a required element.\n\n*Type:* String\n- ***devices*** - The list of configured devices under test. For more information on devices under test, see [DeviceUnderTest](https://docs.aws.amazon.com/iot/latest/apireference/API_iotdeviceadvisor_DeviceUnderTest.html)\n\nNot a required element.\n\n*Type:* List of devices under test\n- ***intendedForQualification*** - The tests intended for qualification in a suite.\n\nNot a required element.\n\n*Type:* Boolean\n- ***rootGroup*** - The test suite root group. For more information on creating and using root groups see the [Device Advisor workflow](https://docs.aws.amazon.com/iot/latest/developerguide/device-advisor-workflow.html) .\n\nThis is a required element.\n\n*Type:* String\n- ***suiteDefinitionName*** - The Suite Definition Configuration name.\n\nThis is a required element.\n\n*Type:* String", - "title": "SuiteDefinitionConfiguration" + "Description": { + "markdownDescription": "A description of the registry.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the registry.", + "title": "Name", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata that can be used to manage the the Suite Definition.", + "markdownDescription": "AWS tags that contain a key value pair and may be searched by console, command line, or API.", "title": "Tags", "type": "array" } }, "required": [ - "SuiteDefinitionConfiguration" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTCoreDeviceAdvisor::SuiteDefinition" + "AWS::Glue::Registry" ], "type": "string" }, @@ -126295,61 +131297,7 @@ ], "type": "object" }, - "AWS::IoTCoreDeviceAdvisor::SuiteDefinition.DeviceUnderTest": { - "additionalProperties": false, - "properties": { - "CertificateArn": { - "markdownDescription": "Lists device's certificate ARN.", - "title": "CertificateArn", - "type": "string" - }, - "ThingArn": { - "markdownDescription": "Lists device's thing ARN.", - "title": "ThingArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoTCoreDeviceAdvisor::SuiteDefinition.SuiteDefinitionConfiguration": { - "additionalProperties": false, - "properties": { - "DevicePermissionRoleArn": { - "markdownDescription": "Gets the device permission ARN. This is a required parameter.", - "title": "DevicePermissionRoleArn", - "type": "string" - }, - "Devices": { - "items": { - "$ref": "#/definitions/AWS::IoTCoreDeviceAdvisor::SuiteDefinition.DeviceUnderTest" - }, - "markdownDescription": "Gets the devices configured.", - "title": "Devices", - "type": "array" - }, - "IntendedForQualification": { - "markdownDescription": "Gets the tests intended for qualification in a suite.", - "title": "IntendedForQualification", - "type": "boolean" - }, - "RootGroup": { - "markdownDescription": "Gets the test suite root group. This is a required parameter. For updating or creating the latest qualification suite, if `intendedForQualification` is set to true, `rootGroup` can be an empty string. If `intendedForQualification` is false, `rootGroup` cannot be an empty string. If `rootGroup` is empty, and `intendedForQualification` is set to true, all the qualification tests are included, and the configuration is default.\n\nFor a qualification suite, the minimum length is 0, and the maximum is 2048. For a non-qualification suite, the minimum length is 1, and the maximum is 2048.", - "title": "RootGroup", - "type": "string" - }, - "SuiteDefinitionName": { - "markdownDescription": "Gets the suite definition name. This is a required parameter.", - "title": "SuiteDefinitionName", - "type": "string" - } - }, - "required": [ - "DevicePermissionRoleArn", - "RootGroup" - ], - "type": "object" - }, - "AWS::IoTEvents::AlarmModel": { + "AWS::Glue::Schema": { "additionalProperties": false, "properties": { "Condition": { @@ -126384,64 +131332,60 @@ "Properties": { "additionalProperties": false, "properties": { - "AlarmCapabilities": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AlarmCapabilities", - "markdownDescription": "Contains the configuration information of alarm state changes.", - "title": "AlarmCapabilities" - }, - "AlarmEventActions": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AlarmEventActions", - "markdownDescription": "Contains information about one or more alarm actions.", - "title": "AlarmEventActions" + "CheckpointVersion": { + "$ref": "#/definitions/AWS::Glue::Schema.SchemaVersion", + "markdownDescription": "Specify the `VersionNumber` or the `IsLatest` for setting the checkpoint for the schema. This is only required for updating a checkpoint.", + "title": "CheckpointVersion" }, - "AlarmModelDescription": { - "markdownDescription": "The description of the alarm model.", - "title": "AlarmModelDescription", + "Compatibility": { + "markdownDescription": "The compatibility mode of the schema.", + "title": "Compatibility", "type": "string" }, - "AlarmModelName": { - "markdownDescription": "The name of the alarm model.", - "title": "AlarmModelName", + "DataFormat": { + "markdownDescription": "The data format of the schema definition. Currently only `AVRO` is supported.", + "title": "DataFormat", "type": "string" }, - "AlarmRule": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AlarmRule", - "markdownDescription": "Defines when your alarm is invoked.", - "title": "AlarmRule" - }, - "Key": { - "markdownDescription": "An input attribute used as a key to create an alarm. AWS IoT Events routes [inputs](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Input.html) associated with this key to the alarm.", - "title": "Key", + "Description": { + "markdownDescription": "A description of the schema if specified when created.", + "title": "Description", "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role that allows the alarm to perform actions and access AWS resources. For more information, see [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* .", - "title": "RoleArn", + "Name": { + "markdownDescription": "Name of the schema to be created of max length of 255, and may only contain letters, numbers, hyphen, underscore, dollar sign, or hash mark. No whitespace.", + "title": "Name", "type": "string" }, - "Severity": { - "markdownDescription": "A non-negative integer that reflects the severity level of the alarm.", - "title": "Severity", - "type": "number" + "Registry": { + "$ref": "#/definitions/AWS::Glue::Schema.Registry", + "markdownDescription": "The registry where a schema is stored.", + "title": "Registry" + }, + "SchemaDefinition": { + "markdownDescription": "The schema definition using the `DataFormat` setting for `SchemaName` .", + "title": "SchemaDefinition", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of key-value pairs that contain metadata for the alarm model. The tags help you manage the alarm model. For more information, see [Tagging your AWS IoT Events resources](https://docs.aws.amazon.com/iotevents/latest/developerguide/tagging-iotevents.html) in the *AWS IoT Events Developer Guide* .\n\nYou can create up to 50 tags for one alarm model.", + "markdownDescription": "AWS tags that contain a key value pair and may be searched by console, command line, or API.", "title": "Tags", "type": "array" } }, "required": [ - "AlarmRule", - "RoleArn" + "Compatibility", + "DataFormat", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTEvents::AlarmModel" + "AWS::Glue::Schema" ], "type": "string" }, @@ -126460,474 +131404,359 @@ ], "type": "object" }, - "AWS::IoTEvents::AlarmModel.AcknowledgeFlow": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "The value must be `TRUE` or `FALSE` . If `TRUE` , you receive a notification when the alarm state changes. You must choose to acknowledge the notification before the alarm state can return to `NORMAL` . If `FALSE` , you won't receive notifications. The alarm automatically changes to the `NORMAL` state when the input property value returns to the specified range.", - "title": "Enabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::IoTEvents::AlarmModel.AlarmAction": { + "AWS::Glue::Schema.Registry": { "additionalProperties": false, "properties": { - "DynamoDB": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.DynamoDB", - "markdownDescription": "Defines an action to write to the Amazon DynamoDB table that you created. The standard action payload contains all the information about the detector model instance and the event that triggered the action. You can customize the [payload](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Payload.html) . One column of the DynamoDB table receives all attribute-value pairs in the payload that you specify.\n\nYou must use expressions for all parameters in `DynamoDBAction` . The expressions accept literals, operators, functions, references, and substitution templates.\n\n**Examples** - For literal values, the expressions must contain single quotes. For example, the value for the `hashKeyType` parameter can be `'STRING'` .\n- For references, you must specify either variables or input values. For example, the value for the `hashKeyField` parameter can be `$input.GreenhouseInput.name` .\n- For a substitution template, you must use `${}` , and the template must be in single quotes. A substitution template can also contain a combination of literals, operators, functions, references, and substitution templates.\n\nIn the following example, the value for the `hashKeyValue` parameter uses a substitution template.\n\n`'${$input.GreenhouseInput.temperature * 6 / 5 + 32} in Fahrenheit'`\n- For a string concatenation, you must use `+` . A string concatenation can also contain a combination of literals, operators, functions, references, and substitution templates.\n\nIn the following example, the value for the `tableName` parameter uses a string concatenation.\n\n`'GreenhouseTemperatureTable ' + $input.GreenhouseInput.date`\n\nFor more information, see [Expressions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-expressions.html) in the *AWS IoT Events Developer Guide* .\n\nIf the defined payload type is a string, `DynamoDBAction` writes non-JSON data to the DynamoDB table as binary data. The DynamoDB console displays the data as Base64-encoded text. The value for the `payloadField` parameter is `_raw` .", - "title": "DynamoDB" - }, - "DynamoDBv2": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.DynamoDBv2", - "markdownDescription": "Defines an action to write to the Amazon DynamoDB table that you created. The default action payload contains all the information about the detector model instance and the event that triggered the action. You can customize the [payload](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Payload.html) . A separate column of the DynamoDB table receives one attribute-value pair in the payload that you specify.\n\nYou must use expressions for all parameters in `DynamoDBv2Action` . The expressions accept literals, operators, functions, references, and substitution templates.\n\n**Examples** - For literal values, the expressions must contain single quotes. For example, the value for the `tableName` parameter can be `'GreenhouseTemperatureTable'` .\n- For references, you must specify either variables or input values. For example, the value for the `tableName` parameter can be `$variable.ddbtableName` .\n- For a substitution template, you must use `${}` , and the template must be in single quotes. A substitution template can also contain a combination of literals, operators, functions, references, and substitution templates.\n\nIn the following example, the value for the `contentExpression` parameter in `Payload` uses a substitution template.\n\n`'{\\\"sensorID\\\": \\\"${$input.GreenhouseInput.sensor_id}\\\", \\\"temperature\\\": \\\"${$input.GreenhouseInput.temperature * 9 / 5 + 32}\\\"}'`\n- For a string concatenation, you must use `+` . A string concatenation can also contain a combination of literals, operators, functions, references, and substitution templates.\n\nIn the following example, the value for the `tableName` parameter uses a string concatenation.\n\n`'GreenhouseTemperatureTable ' + $input.GreenhouseInput.date`\n\nFor more information, see [Expressions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-expressions.html) in the *AWS IoT Events Developer Guide* .\n\nThe value for the `type` parameter in `Payload` must be `JSON` .", - "title": "DynamoDBv2" - }, - "Firehose": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Firehose", - "markdownDescription": "Sends information about the detector model instance and the event that triggered the action to an Amazon Kinesis Data Firehose delivery stream.", - "title": "Firehose" - }, - "IotEvents": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.IotEvents", - "markdownDescription": "Sends an AWS IoT Events input, passing in information about the detector model instance and the event that triggered the action.", - "title": "IotEvents" - }, - "IotSiteWise": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.IotSiteWise", - "markdownDescription": "Sends information about the detector model instance and the event that triggered the action to a specified asset property in AWS IoT SiteWise .\n\nYou must use expressions for all parameters in `IotSiteWiseAction` . The expressions accept literals, operators, functions, references, and substitutions templates.\n\n**Examples** - For literal values, the expressions must contain single quotes. For example, the value for the `propertyAlias` parameter can be `'/company/windfarm/3/turbine/7/temperature'` .\n- For references, you must specify either variables or input values. For example, the value for the `assetId` parameter can be `$input.TurbineInput.assetId1` .\n- For a substitution template, you must use `${}` , and the template must be in single quotes. A substitution template can also contain a combination of literals, operators, functions, references, and substitution templates.\n\nIn the following example, the value for the `propertyAlias` parameter uses a substitution template.\n\n`'company/windfarm/${$input.TemperatureInput.sensorData.windfarmID}/turbine/ ${$input.TemperatureInput.sensorData.turbineID}/temperature'`\n\nYou must specify either `propertyAlias` or both `assetId` and `propertyId` to identify the target asset property in AWS IoT SiteWise .\n\nFor more information, see [Expressions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-expressions.html) in the *AWS IoT Events Developer Guide* .", - "title": "IotSiteWise" - }, - "IotTopicPublish": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.IotTopicPublish", - "markdownDescription": "Information required to publish the MQTT message through the AWS IoT message broker.", - "title": "IotTopicPublish" - }, - "Lambda": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Lambda", - "markdownDescription": "Calls a Lambda function, passing in information about the detector model instance and the event that triggered the action.", - "title": "Lambda" - }, - "Sns": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Sns", - "markdownDescription": "Information required to publish the Amazon SNS message.", - "title": "Sns" + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the registry.", + "title": "Arn", + "type": "string" }, - "Sqs": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Sqs", - "markdownDescription": "Sends information about the detector model instance and the event that triggered the action to an Amazon SQS queue.", - "title": "Sqs" + "Name": { + "markdownDescription": "The name of the registry.", + "title": "Name", + "type": "string" } }, "type": "object" }, - "AWS::IoTEvents::AlarmModel.AlarmCapabilities": { + "AWS::Glue::Schema.SchemaVersion": { "additionalProperties": false, "properties": { - "AcknowledgeFlow": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AcknowledgeFlow", - "markdownDescription": "Specifies whether to get notified for alarm state changes.", - "title": "AcknowledgeFlow" + "IsLatest": { + "markdownDescription": "Indicates if this version is the latest version of the schema.", + "title": "IsLatest", + "type": "boolean" }, - "InitializationConfiguration": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.InitializationConfiguration", - "markdownDescription": "Specifies the default alarm state. The configuration applies to all alarms that were created based on this alarm model.", - "title": "InitializationConfiguration" + "VersionNumber": { + "markdownDescription": "The version number of the schema.", + "title": "VersionNumber", + "type": "number" } }, "type": "object" }, - "AWS::IoTEvents::AlarmModel.AlarmEventActions": { + "AWS::Glue::SchemaVersion": { "additionalProperties": false, "properties": { - "AlarmActions": { - "items": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AlarmAction" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Schema": { + "$ref": "#/definitions/AWS::Glue::SchemaVersion.Schema", + "markdownDescription": "The schema that includes the schema version.", + "title": "Schema" + }, + "SchemaDefinition": { + "markdownDescription": "The schema definition for the schema version.", + "title": "SchemaDefinition", + "type": "string" + } }, - "markdownDescription": "Specifies one or more supported actions to receive notifications when the alarm state changes.", - "title": "AlarmActions", - "type": "array" - } - }, - "type": "object" - }, - "AWS::IoTEvents::AlarmModel.AlarmRule": { - "additionalProperties": false, - "properties": { - "SimpleRule": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.SimpleRule", - "markdownDescription": "A rule that compares an input property value to a threshold value with a comparison operator.", - "title": "SimpleRule" - } - }, - "type": "object" - }, - "AWS::IoTEvents::AlarmModel.AssetPropertyTimestamp": { - "additionalProperties": false, - "properties": { - "OffsetInNanos": { - "markdownDescription": "The nanosecond offset converted from `timeInSeconds` . The valid range is between 0-999999999.", - "title": "OffsetInNanos", + "required": [ + "Schema", + "SchemaDefinition" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Glue::SchemaVersion" + ], "type": "string" }, - "TimeInSeconds": { - "markdownDescription": "The timestamp, in seconds, in the Unix epoch format. The valid range is between 1-31556889864403199.", - "title": "TimeInSeconds", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "TimeInSeconds" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoTEvents::AlarmModel.AssetPropertyValue": { + "AWS::Glue::SchemaVersion.Schema": { "additionalProperties": false, "properties": { - "Quality": { - "markdownDescription": "The quality of the asset property value. The value must be `'GOOD'` , `'BAD'` , or `'UNCERTAIN'` .", - "title": "Quality", + "RegistryName": { + "markdownDescription": "The name of the registry where the schema is stored. Either `SchemaArn` , or `SchemaName` and `RegistryName` has to be provided.", + "title": "RegistryName", "type": "string" }, - "Timestamp": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AssetPropertyTimestamp", - "markdownDescription": "The timestamp associated with the asset property value. The default is the current event time.", - "title": "Timestamp" + "SchemaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the schema. Either `SchemaArn` , or `SchemaName` and `RegistryName` has to be provided.", + "title": "SchemaArn", + "type": "string" }, - "Value": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AssetPropertyVariant", - "markdownDescription": "The value to send to an asset property.", - "title": "Value" + "SchemaName": { + "markdownDescription": "The name of the schema. Either `SchemaArn` , or `SchemaName` and `RegistryName` has to be provided.", + "title": "SchemaName", + "type": "string" } }, - "required": [ - "Value" - ], "type": "object" }, - "AWS::IoTEvents::AlarmModel.AssetPropertyVariant": { + "AWS::Glue::SchemaVersionMetadata": { "additionalProperties": false, "properties": { - "BooleanValue": { - "markdownDescription": "The asset property value is a Boolean value that must be `'TRUE'` or `'FALSE'` . You must use an expression, and the evaluated result should be a Boolean value.", - "title": "BooleanValue", + "Condition": { "type": "string" }, - "DoubleValue": { - "markdownDescription": "The asset property value is a double. You must use an expression, and the evaluated result should be a double.", - "title": "DoubleValue", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "IntegerValue": { - "markdownDescription": "The asset property value is an integer. You must use an expression, and the evaluated result should be an integer.", - "title": "IntegerValue", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "A metadata key in a key-value pair for metadata.", + "title": "Key", + "type": "string" + }, + "SchemaVersionId": { + "markdownDescription": "The version number of the schema.", + "title": "SchemaVersionId", + "type": "string" + }, + "Value": { + "markdownDescription": "A metadata key's corresponding value.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "SchemaVersionId", + "Value" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Glue::SchemaVersionMetadata" + ], "type": "string" }, - "StringValue": { - "markdownDescription": "The asset property value is a string. You must use an expression, and the evaluated result should be a string.", - "title": "StringValue", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::IoTEvents::AlarmModel.DynamoDB": { + "AWS::Glue::SecurityConfiguration": { "additionalProperties": false, "properties": { - "HashKeyField": { - "markdownDescription": "The name of the hash key (also called the partition key). The `hashKeyField` value must match the partition key of the target DynamoDB table.", - "title": "HashKeyField", - "type": "string" - }, - "HashKeyType": { - "markdownDescription": "The data type for the hash key (also called the partition key). You can specify the following values:\n\n- `'STRING'` - The hash key is a string.\n- `'NUMBER'` - The hash key is a number.\n\nIf you don't specify `hashKeyType` , the default value is `'STRING'` .", - "title": "HashKeyType", - "type": "string" - }, - "HashKeyValue": { - "markdownDescription": "The value of the hash key (also called the partition key).", - "title": "HashKeyValue", + "Condition": { "type": "string" }, - "Operation": { - "markdownDescription": "The type of operation to perform. You can specify the following values:\n\n- `'INSERT'` - Insert data as a new item into the DynamoDB table. This item uses the specified hash key as a partition key. If you specified a range key, the item uses the range key as a sort key.\n- `'UPDATE'` - Update an existing item of the DynamoDB table with new data. This item's partition key must match the specified hash key. If you specified a range key, the range key must match the item's sort key.\n- `'DELETE'` - Delete an existing item of the DynamoDB table. This item's partition key must match the specified hash key. If you specified a range key, the range key must match the item's sort key.\n\nIf you don't specify this parameter, AWS IoT Events triggers the `'INSERT'` operation.", - "title": "Operation", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", - "markdownDescription": "Information needed to configure the payload.\n\nBy default, AWS IoT Events generates a standard payload in JSON for any action. This action payload contains all attribute-value pairs that have the information about the detector model instance and the event triggered the action. To configure the action payload, you can use `contentExpression` .", - "title": "Payload" - }, - "PayloadField": { - "markdownDescription": "The name of the DynamoDB column that receives the action payload.\n\nIf you don't specify this parameter, the name of the DynamoDB column is `payload` .", - "title": "PayloadField", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "RangeKeyField": { - "markdownDescription": "The name of the range key (also called the sort key). The `rangeKeyField` value must match the sort key of the target DynamoDB table.", - "title": "RangeKeyField", - "type": "string" + "Metadata": { + "type": "object" }, - "RangeKeyType": { - "markdownDescription": "The data type for the range key (also called the sort key), You can specify the following values:\n\n- `'STRING'` - The range key is a string.\n- `'NUMBER'` - The range key is number.\n\nIf you don't specify `rangeKeyField` , the default value is `'STRING'` .", - "title": "RangeKeyType", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::Glue::SecurityConfiguration.EncryptionConfiguration", + "markdownDescription": "The encryption configuration associated with this security configuration.", + "title": "EncryptionConfiguration" + }, + "Name": { + "markdownDescription": "The name of the security configuration.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "EncryptionConfiguration", + "Name" + ], + "type": "object" }, - "RangeKeyValue": { - "markdownDescription": "The value of the range key (also called the sort key).", - "title": "RangeKeyValue", + "Type": { + "enum": [ + "AWS::Glue::SecurityConfiguration" + ], "type": "string" }, - "TableName": { - "markdownDescription": "The name of the DynamoDB table. The `tableName` value must match the table name of the target DynamoDB table.", - "title": "TableName", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "HashKeyField", - "HashKeyValue", - "TableName" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoTEvents::AlarmModel.DynamoDBv2": { + "AWS::Glue::SecurityConfiguration.CloudWatchEncryption": { "additionalProperties": false, "properties": { - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", - "markdownDescription": "Information needed to configure the payload.\n\nBy default, AWS IoT Events generates a standard payload in JSON for any action. This action payload contains all attribute-value pairs that have the information about the detector model instance and the event triggered the action. To configure the action payload, you can use `contentExpression` .", - "title": "Payload" + "CloudWatchEncryptionMode": { + "markdownDescription": "The encryption mode to use for CloudWatch data.", + "title": "CloudWatchEncryptionMode", + "type": "string" }, - "TableName": { - "markdownDescription": "The name of the DynamoDB table.", - "title": "TableName", + "KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key to be used to encrypt the data.", + "title": "KmsKeyArn", "type": "string" } }, - "required": [ - "TableName" - ], "type": "object" }, - "AWS::IoTEvents::AlarmModel.Firehose": { + "AWS::Glue::SecurityConfiguration.EncryptionConfiguration": { "additionalProperties": false, "properties": { - "DeliveryStreamName": { - "markdownDescription": "The name of the Kinesis Data Firehose delivery stream where the data is written.", - "title": "DeliveryStreamName", - "type": "string" + "CloudWatchEncryption": { + "$ref": "#/definitions/AWS::Glue::SecurityConfiguration.CloudWatchEncryption", + "markdownDescription": "The encryption configuration for Amazon CloudWatch.", + "title": "CloudWatchEncryption" }, - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", - "markdownDescription": "You can configure the action payload when you send a message to an Amazon Data Firehose delivery stream.", - "title": "Payload" + "JobBookmarksEncryption": { + "$ref": "#/definitions/AWS::Glue::SecurityConfiguration.JobBookmarksEncryption", + "markdownDescription": "The encryption configuration for job bookmarks.", + "title": "JobBookmarksEncryption" }, - "Separator": { - "markdownDescription": "A character separator that is used to separate records written to the Kinesis Data Firehose delivery stream. Valid values are: '\\n' (newline), '\\t' (tab), '\\r\\n' (Windows newline), ',' (comma).", - "title": "Separator", - "type": "string" + "S3Encryptions": { + "$ref": "#/definitions/AWS::Glue::SecurityConfiguration.S3Encryptions", + "markdownDescription": "The encyption configuration for Amazon Simple Storage Service (Amazon S3) data.", + "title": "S3Encryptions" } }, - "required": [ - "DeliveryStreamName" - ], "type": "object" }, - "AWS::IoTEvents::AlarmModel.InitializationConfiguration": { + "AWS::Glue::SecurityConfiguration.JobBookmarksEncryption": { "additionalProperties": false, "properties": { - "DisabledOnInitialization": { - "markdownDescription": "The value must be `TRUE` or `FALSE` . If `FALSE` , all alarm instances created based on the alarm model are activated. The default value is `TRUE` .", - "title": "DisabledOnInitialization", - "type": "boolean" + "JobBookmarksEncryptionMode": { + "markdownDescription": "The encryption mode to use for job bookmarks data.", + "title": "JobBookmarksEncryptionMode", + "type": "string" + }, + "KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key to be used to encrypt the data.", + "title": "KmsKeyArn", + "type": "string" } }, - "required": [ - "DisabledOnInitialization" - ], "type": "object" }, - "AWS::IoTEvents::AlarmModel.IotEvents": { + "AWS::Glue::SecurityConfiguration.S3Encryption": { "additionalProperties": false, "properties": { - "InputName": { - "markdownDescription": "The name of the AWS IoT Events input where the data is sent.", - "title": "InputName", + "KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key to be used to encrypt the data.", + "title": "KmsKeyArn", "type": "string" }, - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", - "markdownDescription": "You can configure the action payload when you send a message to an AWS IoT Events input.", - "title": "Payload" + "S3EncryptionMode": { + "markdownDescription": "The encryption mode to use for Amazon S3 data.", + "title": "S3EncryptionMode", + "type": "string" } }, - "required": [ - "InputName" - ], "type": "object" }, - "AWS::IoTEvents::AlarmModel.IotSiteWise": { - "additionalProperties": false, - "properties": { - "AssetId": { - "markdownDescription": "The ID of the asset that has the specified property.", - "title": "AssetId", - "type": "string" - }, - "EntryId": { - "markdownDescription": "A unique identifier for this entry. You can use the entry ID to track which data entry causes an error in case of failure. The default is a new unique identifier.", - "title": "EntryId", - "type": "string" - }, - "PropertyAlias": { - "markdownDescription": "The alias of the asset property.", - "title": "PropertyAlias", - "type": "string" - }, - "PropertyId": { - "markdownDescription": "The ID of the asset property.", - "title": "PropertyId", - "type": "string" - }, - "PropertyValue": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AssetPropertyValue", - "markdownDescription": "The value to send to the asset property. This value contains timestamp, quality, and value (TQV) information.", - "title": "PropertyValue" - } - }, - "type": "object" - }, - "AWS::IoTEvents::AlarmModel.IotTopicPublish": { - "additionalProperties": false, - "properties": { - "MqttTopic": { - "markdownDescription": "The MQTT topic of the message. You can use a string expression that includes variables ( `$variable.` ) and input values ( `$input..` ) as the topic string.", - "title": "MqttTopic", - "type": "string" - }, - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", - "markdownDescription": "You can configure the action payload when you publish a message to an AWS IoT Core topic.", - "title": "Payload" - } - }, - "required": [ - "MqttTopic" - ], - "type": "object" - }, - "AWS::IoTEvents::AlarmModel.Lambda": { - "additionalProperties": false, - "properties": { - "FunctionArn": { - "markdownDescription": "The ARN of the Lambda function that is executed.", - "title": "FunctionArn", - "type": "string" - }, - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", - "markdownDescription": "You can configure the action payload when you send a message to a Lambda function.", - "title": "Payload" - } - }, - "required": [ - "FunctionArn" - ], - "type": "object" - }, - "AWS::IoTEvents::AlarmModel.Payload": { - "additionalProperties": false, - "properties": { - "ContentExpression": { - "markdownDescription": "The content of the payload. You can use a string expression that includes quoted strings ( `''` ), variables ( `$variable.` ), input values ( `$input..` ), string concatenations, and quoted strings that contain `${}` as the content. The recommended maximum size of a content expression is 1 KB.", - "title": "ContentExpression", - "type": "string" - }, - "Type": { - "markdownDescription": "The value of the payload type can be either `STRING` or `JSON` .", - "title": "Type", - "type": "string" - } - }, - "required": [ - "ContentExpression", - "Type" - ], - "type": "object" - }, - "AWS::IoTEvents::AlarmModel.SimpleRule": { - "additionalProperties": false, - "properties": { - "ComparisonOperator": { - "markdownDescription": "The comparison operator.", - "title": "ComparisonOperator", - "type": "string" - }, - "InputProperty": { - "markdownDescription": "The value on the left side of the comparison operator. You can specify an AWS IoT Events input attribute as an input property.", - "title": "InputProperty", - "type": "string" - }, - "Threshold": { - "markdownDescription": "The value on the right side of the comparison operator. You can enter a number or specify an AWS IoT Events input attribute.", - "title": "Threshold", - "type": "string" - } - }, - "required": [ - "ComparisonOperator", - "InputProperty", - "Threshold" - ], - "type": "object" - }, - "AWS::IoTEvents::AlarmModel.Sns": { - "additionalProperties": false, - "properties": { - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", - "markdownDescription": "You can configure the action payload when you send a message as an Amazon SNS push notification.", - "title": "Payload" - }, - "TargetArn": { - "markdownDescription": "The ARN of the Amazon SNS target where the message is sent.", - "title": "TargetArn", - "type": "string" - } - }, - "required": [ - "TargetArn" - ], - "type": "object" - }, - "AWS::IoTEvents::AlarmModel.Sqs": { + "AWS::Glue::SecurityConfiguration.S3Encryptions": { "additionalProperties": false, - "properties": { - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", - "markdownDescription": "You can configure the action payload when you send a message to an Amazon SQS queue.", - "title": "Payload" - }, - "QueueUrl": { - "markdownDescription": "The URL of the SQS queue where the data is written.", - "title": "QueueUrl", - "type": "string" - }, - "UseBase64": { - "markdownDescription": "Set this to TRUE if you want the data to be base-64 encoded before it is written to the queue. Otherwise, set this to FALSE.", - "title": "UseBase64", - "type": "boolean" - } - }, - "required": [ - "QueueUrl" - ], + "properties": {}, "type": "object" }, - "AWS::IoTEvents::DetectorModel": { + "AWS::Glue::Table": { "additionalProperties": false, "properties": { "Condition": { @@ -126962,54 +131791,37 @@ "Properties": { "additionalProperties": false, "properties": { - "DetectorModelDefinition": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.DetectorModelDefinition", - "markdownDescription": "Information that defines how a detector operates.", - "title": "DetectorModelDefinition" - }, - "DetectorModelDescription": { - "markdownDescription": "A brief description of the detector model.", - "title": "DetectorModelDescription", - "type": "string" - }, - "DetectorModelName": { - "markdownDescription": "The name of the detector model.", - "title": "DetectorModelName", - "type": "string" - }, - "EvaluationMethod": { - "markdownDescription": "Information about the order in which events are evaluated and how actions are executed.", - "title": "EvaluationMethod", + "CatalogId": { + "markdownDescription": "The ID of the Data Catalog in which to create the `Table` .", + "title": "CatalogId", "type": "string" }, - "Key": { - "markdownDescription": "The value used to identify a detector instance. When a device or system sends input, a new detector instance with a unique key value is created. AWS IoT Events can continue to route input to its corresponding detector instance based on this identifying information.\n\nThis parameter uses a JSON-path expression to select the attribute-value pair in the message payload that is used for identification. To route the message to the correct detector instance, the device must send a message payload that contains the same attribute-value.", - "title": "Key", + "DatabaseName": { + "markdownDescription": "The name of the database where the table metadata resides. For Hive compatibility, this must be all lowercase.", + "title": "DatabaseName", "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the role that grants permission to AWS IoT Events to perform its operations.", - "title": "RoleArn", - "type": "string" + "OpenTableFormatInput": { + "$ref": "#/definitions/AWS::Glue::Table.OpenTableFormatInput", + "markdownDescription": "Specifies an `OpenTableFormatInput` structure when creating an open format table.", + "title": "OpenTableFormatInput" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" + "TableInput": { + "$ref": "#/definitions/AWS::Glue::Table.TableInput", + "markdownDescription": "A structure used to define a table.", + "title": "TableInput" } }, "required": [ - "DetectorModelDefinition", - "RoleArn" + "CatalogId", + "DatabaseName", + "TableInput" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTEvents::DetectorModel" + "AWS::Glue::Table" ], "type": "string" }, @@ -127028,640 +131840,343 @@ ], "type": "object" }, - "AWS::IoTEvents::DetectorModel.Action": { - "additionalProperties": false, - "properties": { - "ClearTimer": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.ClearTimer", - "markdownDescription": "Information needed to clear the timer.", - "title": "ClearTimer" - }, - "DynamoDB": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.DynamoDB", - "markdownDescription": "Writes to the DynamoDB table that you created. The default action payload contains all attribute-value pairs that have the information about the detector model instance and the event that triggered the action. You can customize the [payload](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Payload.html) . One column of the DynamoDB table receives all attribute-value pairs in the payload that you specify. For more information, see [Actions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-event-actions.html) in *AWS IoT Events Developer Guide* .", - "title": "DynamoDB" - }, - "DynamoDBv2": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.DynamoDBv2", - "markdownDescription": "Writes to the DynamoDB table that you created. The default action payload contains all attribute-value pairs that have the information about the detector model instance and the event that triggered the action. You can customize the [payload](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Payload.html) . A separate column of the DynamoDB table receives one attribute-value pair in the payload that you specify. For more information, see [Actions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-event-actions.html) in *AWS IoT Events Developer Guide* .", - "title": "DynamoDBv2" - }, - "Firehose": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Firehose", - "markdownDescription": "Sends information about the detector model instance and the event that triggered the action to an Amazon Kinesis Data Firehose delivery stream.", - "title": "Firehose" - }, - "IotEvents": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.IotEvents", - "markdownDescription": "Sends AWS IoT Events input, which passes information about the detector model instance and the event that triggered the action.", - "title": "IotEvents" - }, - "IotSiteWise": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.IotSiteWise", - "markdownDescription": "Sends information about the detector model instance and the event that triggered the action to an asset property in AWS IoT SiteWise .", - "title": "IotSiteWise" - }, - "IotTopicPublish": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.IotTopicPublish", - "markdownDescription": "Publishes an MQTT message with the given topic to the AWS IoT message broker.", - "title": "IotTopicPublish" - }, - "Lambda": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Lambda", - "markdownDescription": "Calls a Lambda function, passing in information about the detector model instance and the event that triggered the action.", - "title": "Lambda" - }, - "ResetTimer": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.ResetTimer", - "markdownDescription": "Information needed to reset the timer.", - "title": "ResetTimer" - }, - "SetTimer": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.SetTimer", - "markdownDescription": "Information needed to set the timer.", - "title": "SetTimer" - }, - "SetVariable": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.SetVariable", - "markdownDescription": "Sets a variable to a specified value.", - "title": "SetVariable" - }, - "Sns": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Sns", - "markdownDescription": "Sends an Amazon SNS message.", - "title": "Sns" - }, - "Sqs": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Sqs", - "markdownDescription": "Sends an Amazon SNS message.", - "title": "Sqs" - } - }, - "type": "object" - }, - "AWS::IoTEvents::DetectorModel.AssetPropertyTimestamp": { + "AWS::Glue::Table.Column": { "additionalProperties": false, "properties": { - "OffsetInNanos": { - "markdownDescription": "The nanosecond offset converted from `timeInSeconds` . The valid range is between 0-999999999.", - "title": "OffsetInNanos", + "Comment": { + "markdownDescription": "A free-form text comment.", + "title": "Comment", "type": "string" }, - "TimeInSeconds": { - "markdownDescription": "The timestamp, in seconds, in the Unix epoch format. The valid range is between 1-31556889864403199.", - "title": "TimeInSeconds", - "type": "string" - } - }, - "required": [ - "TimeInSeconds" - ], - "type": "object" - }, - "AWS::IoTEvents::DetectorModel.AssetPropertyValue": { - "additionalProperties": false, - "properties": { - "Quality": { - "markdownDescription": "The quality of the asset property value. The value must be `'GOOD'` , `'BAD'` , or `'UNCERTAIN'` .", - "title": "Quality", + "Name": { + "markdownDescription": "The name of the `Column` .", + "title": "Name", "type": "string" }, - "Timestamp": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.AssetPropertyTimestamp", - "markdownDescription": "The timestamp associated with the asset property value. The default is the current event time.", - "title": "Timestamp" - }, - "Value": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.AssetPropertyVariant", - "markdownDescription": "The value to send to an asset property.", - "title": "Value" + "Type": { + "markdownDescription": "The data type of the `Column` .", + "title": "Type", + "type": "string" } }, "required": [ - "Value" + "Name" ], "type": "object" }, - "AWS::IoTEvents::DetectorModel.AssetPropertyVariant": { + "AWS::Glue::Table.IcebergInput": { "additionalProperties": false, "properties": { - "BooleanValue": { - "markdownDescription": "The asset property value is a Boolean value that must be `'TRUE'` or `'FALSE'` . You must use an expression, and the evaluated result should be a Boolean value.", - "title": "BooleanValue", - "type": "string" - }, - "DoubleValue": { - "markdownDescription": "The asset property value is a double. You must use an expression, and the evaluated result should be a double.", - "title": "DoubleValue", - "type": "string" - }, - "IntegerValue": { - "markdownDescription": "The asset property value is an integer. You must use an expression, and the evaluated result should be an integer.", - "title": "IntegerValue", - "type": "string" + "MetadataOperation": { + "$ref": "#/definitions/AWS::Glue::Table.MetadataOperation", + "markdownDescription": "A required metadata operation. Can only be set to CREATE.", + "title": "MetadataOperation" }, - "StringValue": { - "markdownDescription": "The asset property value is a string. You must use an expression, and the evaluated result should be a string.", - "title": "StringValue", + "Version": { + "markdownDescription": "The table version for the Iceberg table. Defaults to 2.", + "title": "Version", "type": "string" } }, "type": "object" }, - "AWS::IoTEvents::DetectorModel.ClearTimer": { + "AWS::Glue::Table.MetadataOperation": { "additionalProperties": false, - "properties": { - "TimerName": { - "markdownDescription": "The name of the timer to clear.", - "title": "TimerName", - "type": "string" - } - }, - "required": [ - "TimerName" - ], + "properties": {}, "type": "object" }, - "AWS::IoTEvents::DetectorModel.DetectorModelDefinition": { + "AWS::Glue::Table.OpenTableFormatInput": { "additionalProperties": false, "properties": { - "InitialStateName": { - "markdownDescription": "The state that is entered at the creation of each detector (instance).", - "title": "InitialStateName", - "type": "string" - }, - "States": { - "items": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.State" - }, - "markdownDescription": "Information about the states of the detector.", - "title": "States", - "type": "array" + "IcebergInput": { + "$ref": "#/definitions/AWS::Glue::Table.IcebergInput", + "markdownDescription": "Specifies an `IcebergInput` structure that defines an Apache Iceberg metadata table.", + "title": "IcebergInput" } }, - "required": [ - "InitialStateName", - "States" - ], "type": "object" }, - "AWS::IoTEvents::DetectorModel.DynamoDB": { + "AWS::Glue::Table.Order": { "additionalProperties": false, "properties": { - "HashKeyField": { - "markdownDescription": "The name of the hash key (also called the partition key). The `hashKeyField` value must match the partition key of the target DynamoDB table.", - "title": "HashKeyField", - "type": "string" - }, - "HashKeyType": { - "markdownDescription": "The data type for the hash key (also called the partition key). You can specify the following values:\n\n- `'STRING'` - The hash key is a string.\n- `'NUMBER'` - The hash key is a number.\n\nIf you don't specify `hashKeyType` , the default value is `'STRING'` .", - "title": "HashKeyType", - "type": "string" - }, - "HashKeyValue": { - "markdownDescription": "The value of the hash key (also called the partition key).", - "title": "HashKeyValue", - "type": "string" - }, - "Operation": { - "markdownDescription": "The type of operation to perform. You can specify the following values:\n\n- `'INSERT'` - Insert data as a new item into the DynamoDB table. This item uses the specified hash key as a partition key. If you specified a range key, the item uses the range key as a sort key.\n- `'UPDATE'` - Update an existing item of the DynamoDB table with new data. This item's partition key must match the specified hash key. If you specified a range key, the range key must match the item's sort key.\n- `'DELETE'` - Delete an existing item of the DynamoDB table. This item's partition key must match the specified hash key. If you specified a range key, the range key must match the item's sort key.\n\nIf you don't specify this parameter, AWS IoT Events triggers the `'INSERT'` operation.", - "title": "Operation", - "type": "string" - }, - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", - "markdownDescription": "Information needed to configure the payload.\n\nBy default, AWS IoT Events generates a standard payload in JSON for any action. This action payload contains all attribute-value pairs that have the information about the detector model instance and the event triggered the action. To configure the action payload, you can use `contentExpression` .", - "title": "Payload" - }, - "PayloadField": { - "markdownDescription": "The name of the DynamoDB column that receives the action payload.\n\nIf you don't specify this parameter, the name of the DynamoDB column is `payload` .", - "title": "PayloadField", - "type": "string" - }, - "RangeKeyField": { - "markdownDescription": "The name of the range key (also called the sort key). The `rangeKeyField` value must match the sort key of the target DynamoDB table.", - "title": "RangeKeyField", - "type": "string" - }, - "RangeKeyType": { - "markdownDescription": "The data type for the range key (also called the sort key), You can specify the following values:\n\n- `'STRING'` - The range key is a string.\n- `'NUMBER'` - The range key is number.\n\nIf you don't specify `rangeKeyField` , the default value is `'STRING'` .", - "title": "RangeKeyType", - "type": "string" - }, - "RangeKeyValue": { - "markdownDescription": "The value of the range key (also called the sort key).", - "title": "RangeKeyValue", + "Column": { + "markdownDescription": "The name of the column.", + "title": "Column", "type": "string" }, - "TableName": { - "markdownDescription": "The name of the DynamoDB table. The `tableName` value must match the table name of the target DynamoDB table.", - "title": "TableName", - "type": "string" + "SortOrder": { + "markdownDescription": "Indicates that the column is sorted in ascending order ( `== 1` ), or in descending order ( `==0` ).", + "title": "SortOrder", + "type": "number" } }, "required": [ - "HashKeyField", - "HashKeyValue", - "TableName" + "Column", + "SortOrder" ], "type": "object" }, - "AWS::IoTEvents::DetectorModel.DynamoDBv2": { + "AWS::Glue::Table.SchemaId": { "additionalProperties": false, "properties": { - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", - "markdownDescription": "Information needed to configure the payload.\n\nBy default, AWS IoT Events generates a standard payload in JSON for any action. This action payload contains all attribute-value pairs that have the information about the detector model instance and the event triggered the action. To configure the action payload, you can use `contentExpression` .", - "title": "Payload" - }, - "TableName": { - "markdownDescription": "The name of the DynamoDB table.", - "title": "TableName", + "RegistryName": { + "markdownDescription": "The name of the schema registry that contains the schema.", + "title": "RegistryName", "type": "string" - } - }, - "required": [ - "TableName" - ], - "type": "object" - }, - "AWS::IoTEvents::DetectorModel.Event": { - "additionalProperties": false, - "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Action" - }, - "markdownDescription": "The actions to be performed.", - "title": "Actions", - "type": "array" }, - "Condition": { - "markdownDescription": "Optional. The Boolean expression that, when TRUE, causes the `actions` to be performed. If not present, the actions are performed (=TRUE). If the expression result is not a Boolean value, the actions are not performed (=FALSE).", - "title": "Condition", + "SchemaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the schema. One of `SchemaArn` or `SchemaName` has to be\nprovided.", + "title": "SchemaArn", "type": "string" }, - "EventName": { - "markdownDescription": "The name of the event.", - "title": "EventName", + "SchemaName": { + "markdownDescription": "The name of the schema. One of `SchemaArn` or `SchemaName` has to be provided.", + "title": "SchemaName", "type": "string" } }, - "required": [ - "EventName" - ], "type": "object" }, - "AWS::IoTEvents::DetectorModel.Firehose": { + "AWS::Glue::Table.SchemaReference": { "additionalProperties": false, "properties": { - "DeliveryStreamName": { - "markdownDescription": "The name of the Kinesis Data Firehose delivery stream where the data is written.", - "title": "DeliveryStreamName", - "type": "string" - }, - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", - "markdownDescription": "You can configure the action payload when you send a message to an Amazon Data Firehose delivery stream.", - "title": "Payload" + "SchemaId": { + "$ref": "#/definitions/AWS::Glue::Table.SchemaId", + "markdownDescription": "A structure that contains schema identity fields. Either this or the `SchemaVersionId` has to be\nprovided.", + "title": "SchemaId" }, - "Separator": { - "markdownDescription": "A character separator that is used to separate records written to the Kinesis Data Firehose delivery stream. Valid values are: '\\n' (newline), '\\t' (tab), '\\r\\n' (Windows newline), ',' (comma).", - "title": "Separator", - "type": "string" - } - }, - "required": [ - "DeliveryStreamName" - ], - "type": "object" - }, - "AWS::IoTEvents::DetectorModel.IotEvents": { - "additionalProperties": false, - "properties": { - "InputName": { - "markdownDescription": "The name of the AWS IoT Events input where the data is sent.", - "title": "InputName", + "SchemaVersionId": { + "markdownDescription": "The unique ID assigned to a version of the schema. Either this or the `SchemaId` has to be provided.", + "title": "SchemaVersionId", "type": "string" }, - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", - "markdownDescription": "You can configure the action payload when you send a message to an AWS IoT Events input.", - "title": "Payload" + "SchemaVersionNumber": { + "markdownDescription": "The version number of the schema.", + "title": "SchemaVersionNumber", + "type": "number" } }, - "required": [ - "InputName" - ], "type": "object" }, - "AWS::IoTEvents::DetectorModel.IotSiteWise": { + "AWS::Glue::Table.SerdeInfo": { "additionalProperties": false, "properties": { - "AssetId": { - "markdownDescription": "The ID of the asset that has the specified property.", - "title": "AssetId", - "type": "string" - }, - "EntryId": { - "markdownDescription": "A unique identifier for this entry. You can use the entry ID to track which data entry causes an error in case of failure. The default is a new unique identifier.", - "title": "EntryId", - "type": "string" - }, - "PropertyAlias": { - "markdownDescription": "The alias of the asset property.", - "title": "PropertyAlias", - "type": "string" - }, - "PropertyId": { - "markdownDescription": "The ID of the asset property.", - "title": "PropertyId", + "Name": { + "markdownDescription": "Name of the SerDe.", + "title": "Name", "type": "string" }, - "PropertyValue": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.AssetPropertyValue", - "markdownDescription": "The value to send to the asset property. This value contains timestamp, quality, and value (TQV) information.", - "title": "PropertyValue" - } - }, - "required": [ - "PropertyValue" - ], - "type": "object" - }, - "AWS::IoTEvents::DetectorModel.IotTopicPublish": { - "additionalProperties": false, - "properties": { - "MqttTopic": { - "markdownDescription": "The MQTT topic of the message. You can use a string expression that includes variables ( `$variable.` ) and input values ( `$input..` ) as the topic string.", - "title": "MqttTopic", - "type": "string" + "Parameters": { + "markdownDescription": "These key-value pairs define initialization parameters for the SerDe.", + "title": "Parameters", + "type": "object" }, - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", - "markdownDescription": "You can configure the action payload when you publish a message to an AWS IoT Core topic.", - "title": "Payload" - } - }, - "required": [ - "MqttTopic" - ], - "type": "object" - }, - "AWS::IoTEvents::DetectorModel.Lambda": { - "additionalProperties": false, - "properties": { - "FunctionArn": { - "markdownDescription": "The ARN of the Lambda function that is executed.", - "title": "FunctionArn", + "SerializationLibrary": { + "markdownDescription": "Usually the class that implements the SerDe. An example is `org.apache.hadoop.hive.serde2.columnar.ColumnarSerDe` .", + "title": "SerializationLibrary", "type": "string" - }, - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", - "markdownDescription": "You can configure the action payload when you send a message to a Lambda function.", - "title": "Payload" } }, - "required": [ - "FunctionArn" - ], "type": "object" }, - "AWS::IoTEvents::DetectorModel.OnEnter": { + "AWS::Glue::Table.SkewedInfo": { "additionalProperties": false, "properties": { - "Events": { + "SkewedColumnNames": { "items": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Event" + "type": "string" }, - "markdownDescription": "Specifies the actions that are performed when the state is entered and the `condition` is `TRUE` .", - "title": "Events", + "markdownDescription": "A list of names of columns that contain skewed values.", + "title": "SkewedColumnNames", "type": "array" - } - }, - "type": "object" - }, - "AWS::IoTEvents::DetectorModel.OnExit": { - "additionalProperties": false, - "properties": { - "Events": { + }, + "SkewedColumnValueLocationMaps": { + "markdownDescription": "A mapping of skewed values to the columns that contain them.", + "title": "SkewedColumnValueLocationMaps", + "type": "object" + }, + "SkewedColumnValues": { "items": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Event" + "type": "string" }, - "markdownDescription": "Specifies the `actions` that are performed when the state is exited and the `condition` is `TRUE` .", - "title": "Events", + "markdownDescription": "A list of values that appear so frequently as to be considered skewed.", + "title": "SkewedColumnValues", "type": "array" } }, "type": "object" }, - "AWS::IoTEvents::DetectorModel.OnInput": { + "AWS::Glue::Table.StorageDescriptor": { "additionalProperties": false, "properties": { - "Events": { + "BucketColumns": { "items": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Event" + "type": "string" }, - "markdownDescription": "Specifies the actions performed when the `condition` evaluates to TRUE.", - "title": "Events", + "markdownDescription": "A list of reducer grouping columns, clustering columns, and bucketing columns in the table.", + "title": "BucketColumns", "type": "array" }, - "TransitionEvents": { + "Columns": { "items": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.TransitionEvent" + "$ref": "#/definitions/AWS::Glue::Table.Column" }, - "markdownDescription": "Specifies the actions performed, and the next state entered, when a `condition` evaluates to TRUE.", - "title": "TransitionEvents", + "markdownDescription": "A list of the `Columns` in the table.", + "title": "Columns", "type": "array" - } - }, - "type": "object" - }, - "AWS::IoTEvents::DetectorModel.Payload": { - "additionalProperties": false, - "properties": { - "ContentExpression": { - "markdownDescription": "The content of the payload. You can use a string expression that includes quoted strings ( `''` ), variables ( `$variable.` ), input values ( `$input..` ), string concatenations, and quoted strings that contain `${}` as the content. The recommended maximum size of a content expression is 1 KB.", - "title": "ContentExpression", - "type": "string" }, - "Type": { - "markdownDescription": "The value of the payload type can be either `STRING` or `JSON` .", - "title": "Type", - "type": "string" - } - }, - "required": [ - "ContentExpression", - "Type" - ], - "type": "object" - }, - "AWS::IoTEvents::DetectorModel.ResetTimer": { - "additionalProperties": false, - "properties": { - "TimerName": { - "markdownDescription": "The name of the timer to reset.", - "title": "TimerName", + "Compressed": { + "markdownDescription": "`True` if the data in the table is compressed, or `False` if not.", + "title": "Compressed", + "type": "boolean" + }, + "InputFormat": { + "markdownDescription": "The input format: `SequenceFileInputFormat` (binary), or `TextInputFormat` , or a custom format.", + "title": "InputFormat", "type": "string" - } - }, - "required": [ - "TimerName" - ], - "type": "object" - }, - "AWS::IoTEvents::DetectorModel.SetTimer": { - "additionalProperties": false, - "properties": { - "DurationExpression": { - "markdownDescription": "The duration of the timer, in seconds. You can use a string expression that includes numbers, variables ( `$variable.` ), and input values ( `$input..` ) as the duration. The range of the duration is 1-31622400 seconds. To ensure accuracy, the minimum duration is 60 seconds. The evaluated result of the duration is rounded down to the nearest whole number.", - "title": "DurationExpression", + }, + "Location": { + "markdownDescription": "The physical location of the table. By default, this takes the form of the warehouse location, followed by the database location in the warehouse, followed by the table name.", + "title": "Location", "type": "string" }, - "Seconds": { - "markdownDescription": "The number of seconds until the timer expires. The minimum value is 60 seconds to ensure accuracy. The maximum value is 31622400 seconds.", - "title": "Seconds", + "NumberOfBuckets": { + "markdownDescription": "Must be specified if the table contains any dimension columns.", + "title": "NumberOfBuckets", "type": "number" }, - "TimerName": { - "markdownDescription": "The name of the timer.", - "title": "TimerName", + "OutputFormat": { + "markdownDescription": "The output format: `SequenceFileOutputFormat` (binary), or `IgnoreKeyTextOutputFormat` , or a custom format.", + "title": "OutputFormat", "type": "string" + }, + "Parameters": { + "markdownDescription": "The user-supplied properties in key-value form.", + "title": "Parameters", + "type": "object" + }, + "SchemaReference": { + "$ref": "#/definitions/AWS::Glue::Table.SchemaReference", + "markdownDescription": "An object that references a schema stored in the AWS Glue Schema Registry.", + "title": "SchemaReference" + }, + "SerdeInfo": { + "$ref": "#/definitions/AWS::Glue::Table.SerdeInfo", + "markdownDescription": "The serialization/deserialization (SerDe) information.", + "title": "SerdeInfo" + }, + "SkewedInfo": { + "$ref": "#/definitions/AWS::Glue::Table.SkewedInfo", + "markdownDescription": "The information about values that appear frequently in a column (skewed values).", + "title": "SkewedInfo" + }, + "SortColumns": { + "items": { + "$ref": "#/definitions/AWS::Glue::Table.Order" + }, + "markdownDescription": "A list specifying the sort order of each bucket in the table.", + "title": "SortColumns", + "type": "array" + }, + "StoredAsSubDirectories": { + "markdownDescription": "`True` if the table data is stored in subdirectories, or `False` if not.", + "title": "StoredAsSubDirectories", + "type": "boolean" } }, - "required": [ - "TimerName" - ], "type": "object" }, - "AWS::IoTEvents::DetectorModel.SetVariable": { + "AWS::Glue::Table.TableIdentifier": { "additionalProperties": false, "properties": { - "Value": { - "markdownDescription": "The new value of the variable.", - "title": "Value", + "CatalogId": { + "markdownDescription": "The ID of the Data Catalog in which the table resides.", + "title": "CatalogId", "type": "string" }, - "VariableName": { - "markdownDescription": "The name of the variable.", - "title": "VariableName", + "DatabaseName": { + "markdownDescription": "The name of the catalog database that contains the target table.", + "title": "DatabaseName", "type": "string" - } - }, - "required": [ - "Value", - "VariableName" - ], - "type": "object" - }, - "AWS::IoTEvents::DetectorModel.Sns": { - "additionalProperties": false, - "properties": { - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", - "markdownDescription": "You can configure the action payload when you send a message as an Amazon SNS push notification.", - "title": "Payload" }, - "TargetArn": { - "markdownDescription": "The ARN of the Amazon SNS target where the message is sent.", - "title": "TargetArn", + "Name": { + "markdownDescription": "The name of the target table.", + "title": "Name", "type": "string" - } - }, - "required": [ - "TargetArn" - ], - "type": "object" - }, - "AWS::IoTEvents::DetectorModel.Sqs": { - "additionalProperties": false, - "properties": { - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", - "markdownDescription": "You can configure the action payload when you send a message to an Amazon SQS queue.", - "title": "Payload" }, - "QueueUrl": { - "markdownDescription": "The URL of the SQS queue where the data is written.", - "title": "QueueUrl", + "Region": { + "markdownDescription": "The Region of the table.", + "title": "Region", "type": "string" - }, - "UseBase64": { - "markdownDescription": "Set this to TRUE if you want the data to be base-64 encoded before it is written to the queue. Otherwise, set this to FALSE.", - "title": "UseBase64", - "type": "boolean" } }, - "required": [ - "QueueUrl" - ], "type": "object" }, - "AWS::IoTEvents::DetectorModel.State": { + "AWS::Glue::Table.TableInput": { "additionalProperties": false, "properties": { - "OnEnter": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.OnEnter", - "markdownDescription": "When entering this state, perform these `actions` if the `condition` is TRUE.", - "title": "OnEnter" - }, - "OnExit": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.OnExit", - "markdownDescription": "When exiting this state, perform these `actions` if the specified `condition` is `TRUE` .", - "title": "OnExit" + "Description": { + "markdownDescription": "A description of the table.", + "title": "Description", + "type": "string" }, - "OnInput": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.OnInput", - "markdownDescription": "When an input is received and the `condition` is TRUE, perform the specified `actions` .", - "title": "OnInput" + "Name": { + "markdownDescription": "The table name. For Hive compatibility, this is folded to lowercase when it is stored.", + "title": "Name", + "type": "string" }, - "StateName": { - "markdownDescription": "The name of the state.", - "title": "StateName", + "Owner": { + "markdownDescription": "The table owner. Included for Apache Hive compatibility. Not used in the normal course of AWS Glue operations.", + "title": "Owner", "type": "string" - } - }, - "required": [ - "StateName" - ], - "type": "object" - }, - "AWS::IoTEvents::DetectorModel.TransitionEvent": { - "additionalProperties": false, - "properties": { - "Actions": { + }, + "Parameters": { + "markdownDescription": "These key-value pairs define properties associated with the table.", + "title": "Parameters", + "type": "object" + }, + "PartitionKeys": { "items": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Action" + "$ref": "#/definitions/AWS::Glue::Table.Column" }, - "markdownDescription": "The actions to be performed.", - "title": "Actions", + "markdownDescription": "A list of columns by which the table is partitioned. Only primitive types are supported as partition keys.\n\nWhen you create a table used by Amazon Athena, and you do not specify any `partitionKeys` , you must at least set the value of `partitionKeys` to an empty list. For example:\n\n`\"PartitionKeys\": []`", + "title": "PartitionKeys", "type": "array" }, - "Condition": { - "markdownDescription": "Required. A Boolean expression that when TRUE causes the actions to be performed and the `nextState` to be entered.", - "title": "Condition", + "Retention": { + "markdownDescription": "The retention time for this table.", + "title": "Retention", + "type": "number" + }, + "StorageDescriptor": { + "$ref": "#/definitions/AWS::Glue::Table.StorageDescriptor", + "markdownDescription": "A storage descriptor containing information about the physical storage of this table.", + "title": "StorageDescriptor" + }, + "TableType": { + "markdownDescription": "The type of this table. AWS Glue will create tables with the `EXTERNAL_TABLE` type. Other services, such as Athena, may create tables with additional table types.\n\nAWS Glue related table types:\n\n- **EXTERNAL_TABLE** - Hive compatible attribute - indicates a non-Hive managed table.\n- **GOVERNED** - Used by AWS Lake Formation . The AWS Glue Data Catalog understands `GOVERNED` .", + "title": "TableType", "type": "string" }, - "EventName": { - "markdownDescription": "The name of the transition event.", - "title": "EventName", + "TargetTable": { + "$ref": "#/definitions/AWS::Glue::Table.TableIdentifier", + "markdownDescription": "A `TableIdentifier` structure that describes a target table for resource linking.", + "title": "TargetTable" + }, + "ViewExpandedText": { + "markdownDescription": "Included for Apache Hive compatibility. Not used in the normal course of AWS Glue operations.", + "title": "ViewExpandedText", "type": "string" }, - "NextState": { - "markdownDescription": "The next state to enter.", - "title": "NextState", + "ViewOriginalText": { + "markdownDescription": "Included for Apache Hive compatibility. Not used in the normal course of AWS Glue operations. If the table is a `VIRTUAL_VIEW` , certain Athena configuration encoded in base64.", + "title": "ViewOriginalText", "type": "string" } }, - "required": [ - "Condition", - "EventName", - "NextState" - ], "type": "object" }, - "AWS::IoTEvents::Input": { + "AWS::Glue::TableOptimizer": { "additionalProperties": false, "properties": { "Condition": { @@ -127696,38 +132211,44 @@ "Properties": { "additionalProperties": false, "properties": { - "InputDefinition": { - "$ref": "#/definitions/AWS::IoTEvents::Input.InputDefinition", - "markdownDescription": "The definition of the input.", - "title": "InputDefinition" + "CatalogId": { + "markdownDescription": "The catalog ID of the table.", + "title": "CatalogId", + "type": "string" }, - "InputDescription": { - "markdownDescription": "A brief description of the input.", - "title": "InputDescription", + "DatabaseName": { + "markdownDescription": "The name of the database. For Hive compatibility, this is folded to lowercase when it is stored.", + "title": "DatabaseName", "type": "string" }, - "InputName": { - "markdownDescription": "The name of the input.", - "title": "InputName", + "TableName": { + "markdownDescription": "The table name. For Hive compatibility, this must be entirely lowercase.", + "title": "TableName", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" + "TableOptimizerConfiguration": { + "$ref": "#/definitions/AWS::Glue::TableOptimizer.TableOptimizerConfiguration", + "markdownDescription": "Specifies configuration details of a table optimizer.", + "title": "TableOptimizerConfiguration" + }, + "Type": { + "markdownDescription": "The type of table optimizer. The valid values are:\n\n- compaction - for managing compaction with a table optimizer.\n- retention - for managing the retention of snapshot with a table optimizer.\n- orphan_file_deletion - for managing the deletion of orphan files with a table optimizer.", + "title": "Type", + "type": "string" } }, "required": [ - "InputDefinition" + "CatalogId", + "DatabaseName", + "TableName", + "TableOptimizerConfiguration", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTEvents::Input" + "AWS::Glue::TableOptimizer" ], "type": "string" }, @@ -127746,38 +132267,91 @@ ], "type": "object" }, - "AWS::IoTEvents::Input.Attribute": { + "AWS::Glue::TableOptimizer.IcebergConfiguration": { "additionalProperties": false, "properties": { - "JsonPath": { - "markdownDescription": "An expression that specifies an attribute-value pair in a JSON structure. Use this to specify an attribute from the JSON payload that is made available by the input. Inputs are derived from messages sent to AWS IoT Events ( `BatchPutMessage` ). Each such message contains a JSON payload. The attribute (and its paired value) specified here are available for use in the `condition` expressions used by detectors.\n\nSyntax: `....`", - "title": "JsonPath", + "Location": { + "markdownDescription": "Specifies a directory in which to look for orphan files (defaults to the table's location). You may choose a sub-directory rather than the top-level table location.", + "title": "Location", "type": "string" + }, + "OrphanFileRetentionPeriodInDays": { + "markdownDescription": "The specific number of days you want to keep the orphan files.", + "title": "OrphanFileRetentionPeriodInDays", + "type": "number" } }, - "required": [ - "JsonPath" - ], "type": "object" }, - "AWS::IoTEvents::Input.InputDefinition": { + "AWS::Glue::TableOptimizer.OrphanFileDeletionConfiguration": { "additionalProperties": false, "properties": { - "Attributes": { - "items": { - "$ref": "#/definitions/AWS::IoTEvents::Input.Attribute" - }, - "markdownDescription": "The attributes from the JSON payload that are made available by the input. Inputs are derived from messages sent to the AWS IoT Events system using `BatchPutMessage` . Each such message contains a JSON payload, and those attributes (and their paired values) specified here are available for use in the `condition` expressions used by detectors that monitor this input.", - "title": "Attributes", - "type": "array" + "IcebergConfiguration": { + "$ref": "#/definitions/AWS::Glue::TableOptimizer.IcebergConfiguration", + "markdownDescription": "The `IcebergConfiguration` property helps optimize your Iceberg tables in AWS Glue by allowing you to specify format-specific settings that control how data is stored, compressed, and managed.", + "title": "IcebergConfiguration" + } + }, + "type": "object" + }, + "AWS::Glue::TableOptimizer.RetentionConfiguration": { + "additionalProperties": false, + "properties": { + "IcebergConfiguration": { + "$ref": "#/definitions/AWS::Glue::TableOptimizer.IcebergConfiguration", + "markdownDescription": "The configuration for an Iceberg snapshot retention optimizer.", + "title": "IcebergConfiguration" + } + }, + "type": "object" + }, + "AWS::Glue::TableOptimizer.TableOptimizerConfiguration": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Whether the table optimization is enabled.", + "title": "Enabled", + "type": "boolean" + }, + "OrphanFileDeletionConfiguration": { + "$ref": "#/definitions/AWS::Glue::TableOptimizer.OrphanFileDeletionConfiguration", + "markdownDescription": "`OrphanFileDeletionConfiguration` is a property that can be included within the TableOptimizer resource. It controls the automatic deletion of orphaned files - files that are not tracked by the table metadata, and older than the configured age limit.", + "title": "OrphanFileDeletionConfiguration" + }, + "RetentionConfiguration": { + "$ref": "#/definitions/AWS::Glue::TableOptimizer.RetentionConfiguration", + "markdownDescription": "The configuration for a snapshot retention optimizer for Apache Iceberg tables.", + "title": "RetentionConfiguration" + }, + "RoleArn": { + "markdownDescription": "A role passed by the caller which gives the service permission to update the resources associated with the optimizer on the caller's behalf.", + "title": "RoleArn", + "type": "string" + }, + "VpcConfiguration": { + "$ref": "#/definitions/AWS::Glue::TableOptimizer.VpcConfiguration", + "markdownDescription": "An object that describes the VPC configuration for a table optimizer. This configuration is necessary to perform optimization on tables that are in a customer VPC.", + "title": "VpcConfiguration" } }, "required": [ - "Attributes" + "Enabled", + "RoleArn" ], "type": "object" }, - "AWS::IoTFleetHub::Application": { + "AWS::Glue::TableOptimizer.VpcConfiguration": { + "additionalProperties": false, + "properties": { + "GlueConnectionName": { + "markdownDescription": "The name of the AWS Glue connection used for the VPC for the table optimizer.", + "title": "GlueConnectionName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Glue::Trigger": { "additionalProperties": false, "properties": { "Condition": { @@ -127812,39 +132386,69 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationDescription": { - "markdownDescription": "An optional description of the web application.", - "title": "ApplicationDescription", + "Actions": { + "items": { + "$ref": "#/definitions/AWS::Glue::Trigger.Action" + }, + "markdownDescription": "The actions initiated by this trigger.", + "title": "Actions", + "type": "array" + }, + "Description": { + "markdownDescription": "A description of this trigger.", + "title": "Description", "type": "string" }, - "ApplicationName": { - "markdownDescription": "The name of the web application.", - "title": "ApplicationName", + "EventBatchingCondition": { + "$ref": "#/definitions/AWS::Glue::Trigger.EventBatchingCondition", + "markdownDescription": "Batch condition that must be met (specified number of events received or batch time window expired) before EventBridge event trigger fires.", + "title": "EventBatchingCondition" + }, + "Name": { + "markdownDescription": "The name of the trigger.", + "title": "Name", "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the role that the web application assumes when it interacts with AWS IoT Core .\n\n> The name of the role must be in the form `FleetHub_random_string` . \n\nPattern: `^arn:[!-~]+$`", - "title": "RoleArn", + "Predicate": { + "$ref": "#/definitions/AWS::Glue::Trigger.Predicate", + "markdownDescription": "The predicate of this trigger, which defines when it will fire.", + "title": "Predicate" + }, + "Schedule": { + "markdownDescription": "A `cron` expression used to specify the schedule. For more information, see [Time-Based Schedules for Jobs and Crawlers](https://docs.aws.amazon.com/glue/latest/dg/monitor-data-warehouse-schedule.html) in the *AWS Glue Developer Guide* . For example, to run something every day at 12:15 UTC, specify `cron(15 12 * * ? *)` .", + "title": "Schedule", "type": "string" }, + "StartOnCreation": { + "markdownDescription": "Set to true to start `SCHEDULED` and `CONDITIONAL` triggers when created. True is not supported for `ON_DEMAND` triggers.", + "title": "StartOnCreation", + "type": "boolean" + }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A set of key/value pairs that you can use to manage the web application resource.", + "markdownDescription": "The tags to use with this trigger.", "title": "Tags", - "type": "array" + "type": "object" + }, + "Type": { + "markdownDescription": "The type of trigger that this is.", + "title": "Type", + "type": "string" + }, + "WorkflowName": { + "markdownDescription": "The name of the workflow associated with the trigger.", + "title": "WorkflowName", + "type": "string" } }, "required": [ - "ApplicationName", - "RoleArn" + "Actions", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTFleetHub::Application" + "AWS::Glue::Trigger" ], "type": "string" }, @@ -127863,7 +132467,123 @@ ], "type": "object" }, - "AWS::IoTFleetWise::Campaign": { + "AWS::Glue::Trigger.Action": { + "additionalProperties": false, + "properties": { + "Arguments": { + "markdownDescription": "The job arguments used when this trigger fires. For this job run, they replace the default arguments set in the job definition itself.\n\nYou can specify arguments here that your own job-execution script consumes, in addition to arguments that AWS Glue itself consumes.\n\nFor information about how to specify and consume your own job arguments, see [Calling AWS Glue APIs in Python](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-python-calling.html) in the *AWS Glue Developer Guide* .\n\nFor information about the key-value pairs that AWS Glue consumes to set up your job, see the [Special Parameters Used by AWS Glue](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-etl-glue-arguments.html) topic in the developer guide.", + "title": "Arguments", + "type": "object" + }, + "CrawlerName": { + "markdownDescription": "The name of the crawler to be used with this action.", + "title": "CrawlerName", + "type": "string" + }, + "JobName": { + "markdownDescription": "The name of a job to be executed.", + "title": "JobName", + "type": "string" + }, + "NotificationProperty": { + "$ref": "#/definitions/AWS::Glue::Trigger.NotificationProperty", + "markdownDescription": "Specifies configuration properties of a job run notification.", + "title": "NotificationProperty" + }, + "SecurityConfiguration": { + "markdownDescription": "The name of the `SecurityConfiguration` structure to be used with this action.", + "title": "SecurityConfiguration", + "type": "string" + }, + "Timeout": { + "markdownDescription": "The `JobRun` timeout in minutes. This is the maximum time that a job run can consume resources before it is terminated and enters TIMEOUT status. The default is 2,880 minutes (48 hours). This overrides the timeout value set in the parent job.", + "title": "Timeout", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Glue::Trigger.Condition": { + "additionalProperties": false, + "properties": { + "CrawlState": { + "markdownDescription": "The state of the crawler to which this condition applies.", + "title": "CrawlState", + "type": "string" + }, + "CrawlerName": { + "markdownDescription": "The name of the crawler to which this condition applies.", + "title": "CrawlerName", + "type": "string" + }, + "JobName": { + "markdownDescription": "The name of the job whose `JobRuns` this condition applies to, and on which this trigger waits.", + "title": "JobName", + "type": "string" + }, + "LogicalOperator": { + "markdownDescription": "A logical operator.", + "title": "LogicalOperator", + "type": "string" + }, + "State": { + "markdownDescription": "The condition state. Currently, the values supported are `SUCCEEDED` , `STOPPED` , `TIMEOUT` , and `FAILED` .", + "title": "State", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Glue::Trigger.EventBatchingCondition": { + "additionalProperties": false, + "properties": { + "BatchSize": { + "markdownDescription": "Number of events that must be received from Amazon EventBridge before EventBridge event trigger fires.", + "title": "BatchSize", + "type": "number" + }, + "BatchWindow": { + "markdownDescription": "Window of time in seconds after which EventBridge event trigger fires. Window starts when first event is received.", + "title": "BatchWindow", + "type": "number" + } + }, + "required": [ + "BatchSize" + ], + "type": "object" + }, + "AWS::Glue::Trigger.NotificationProperty": { + "additionalProperties": false, + "properties": { + "NotifyDelayAfter": { + "markdownDescription": "After a job run starts, the number of minutes to wait before sending a job run delay notification", + "title": "NotifyDelayAfter", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Glue::Trigger.Predicate": { + "additionalProperties": false, + "properties": { + "Conditions": { + "items": { + "$ref": "#/definitions/AWS::Glue::Trigger.Condition" + }, + "markdownDescription": "A list of the conditions that determine when the trigger will fire.", + "title": "Conditions", + "type": "array" + }, + "Logical": { + "markdownDescription": "An optional field if only one condition is listed. If multiple conditions are listed, then this field is required.", + "title": "Logical", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Glue::UsageProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -127898,116 +132618,38 @@ "Properties": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "Specifies how to update a campaign. The action can be one of the following:\n\n- `APPROVE` - To approve delivering a data collection scheme to vehicles.\n- `SUSPEND` - To suspend collecting signal data. The campaign is deleted from vehicles and all vehicles in the suspended campaign will stop sending data.\n- `RESUME` - To reactivate the `SUSPEND` campaign. The campaign is redeployed to all vehicles and the vehicles will resume sending data.\n- `UPDATE` - To update a campaign.", - "title": "Action", - "type": "string" - }, - "CollectionScheme": { - "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.CollectionScheme", - "markdownDescription": "The data collection scheme associated with the campaign. You can specify a scheme that collects data based on time or an event.", - "title": "CollectionScheme" - }, - "Compression": { - "markdownDescription": "Whether to compress signals before transmitting data to AWS IoT FleetWise . If you don't want to compress the signals, use `OFF` . If it's not specified, `SNAPPY` is used.\n\nDefault: `SNAPPY`", - "title": "Compression", - "type": "string" - }, - "DataDestinationConfigs": { - "items": { - "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.DataDestinationConfig" - }, - "markdownDescription": "The destination where the campaign sends data. You can choose to send data to be stored in Amazon S3 or Amazon Timestream .\n\nAmazon S3 optimizes the cost of data storage and provides additional mechanisms to use vehicle data, such as data lakes, centralized data storage, data processing pipelines, and analytics. AWS IoT FleetWise supports at-least-once file delivery to S3. Your vehicle data is stored on multiple AWS IoT FleetWise servers for redundancy and high availability.\n\nYou can use Amazon Timestream to access and analyze time series data, and Timestream to query vehicle data so that you can identify trends and patterns.", - "title": "DataDestinationConfigs", - "type": "array" - }, - "DataExtraDimensions": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of vehicle attributes to associate with a campaign.\n\nEnrich the data with specified vehicle attributes. For example, add `make` and `model` to the campaign, and AWS IoT FleetWise will associate the data with those attributes as dimensions in Amazon Timestream . You can then query the data against `make` and `model` .\n\nDefault: An empty array", - "title": "DataExtraDimensions", - "type": "array" + "Configuration": { + "$ref": "#/definitions/AWS::Glue::UsageProfile.ProfileConfiguration", + "markdownDescription": "", + "title": "Configuration" }, "Description": { - "markdownDescription": "The description of the campaign.", + "markdownDescription": "A description of the usage profile.", "title": "Description", "type": "string" }, - "DiagnosticsMode": { - "markdownDescription": "Option for a vehicle to send diagnostic trouble codes to AWS IoT FleetWise . If you want to send diagnostic trouble codes, use `SEND_ACTIVE_DTCS` . If it's not specified, `OFF` is used.\n\nDefault: `OFF`", - "title": "DiagnosticsMode", - "type": "string" - }, - "ExpiryTime": { - "markdownDescription": "The time the campaign expires, in seconds since epoch (January 1, 1970 at midnight UTC time). Vehicle data isn't collected after the campaign expires.\n\nDefault: 253402214400 (December 31, 9999, 00:00:00 UTC)", - "title": "ExpiryTime", - "type": "string" - }, "Name": { - "markdownDescription": "The name of a campaign.", + "markdownDescription": "The name of the usage profile.", "title": "Name", "type": "string" }, - "PostTriggerCollectionDuration": { - "markdownDescription": "How long (in milliseconds) to collect raw data after a triggering event initiates the collection. If it's not specified, `0` is used.\n\nDefault: `0`", - "title": "PostTriggerCollectionDuration", - "type": "number" - }, - "Priority": { - "markdownDescription": "A number indicating the priority of one campaign over another campaign for a certain vehicle or fleet. A campaign with the lowest value is deployed to vehicles before any other campaigns. If it's not specified, `0` is used.\n\nDefault: `0`", - "title": "Priority", - "type": "number" - }, - "SignalCatalogArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the signal catalog associated with the campaign.", - "title": "SignalCatalogArn", - "type": "string" - }, - "SignalsToCollect": { - "items": { - "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.SignalInformation" - }, - "markdownDescription": "A list of information about signals to collect.", - "title": "SignalsToCollect", - "type": "array" - }, - "SpoolingMode": { - "markdownDescription": "Whether to store collected data after a vehicle lost a connection with the cloud. After a connection is re-established, the data is automatically forwarded to AWS IoT FleetWise . If you want to store collected data when a vehicle loses connection with the cloud, use `TO_DISK` . If it's not specified, `OFF` is used.\n\nDefault: `OFF`", - "title": "SpoolingMode", - "type": "string" - }, - "StartTime": { - "markdownDescription": "The time, in milliseconds, to deliver a campaign after it was approved. If it's not specified, `0` is used.\n\nDefault: `0`", - "title": "StartTime", - "type": "string" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata that can be used to manage the campaign.", + "markdownDescription": "", "title": "Tags", "type": "array" - }, - "TargetArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of a vehicle or fleet to which the campaign is deployed.", - "title": "TargetArn", - "type": "string" } }, "required": [ - "Action", - "CollectionScheme", - "Name", - "SignalCatalogArn", - "TargetArn" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTFleetWise::Campaign" + "AWS::Glue::UsageProfile" ], "type": "string" }, @@ -128026,155 +132668,147 @@ ], "type": "object" }, - "AWS::IoTFleetWise::Campaign.CollectionScheme": { - "additionalProperties": false, - "properties": { - "ConditionBasedCollectionScheme": { - "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.ConditionBasedCollectionScheme", - "markdownDescription": "Information about a collection scheme that uses a simple logical expression to recognize what data to collect.", - "title": "ConditionBasedCollectionScheme" - }, - "TimeBasedCollectionScheme": { - "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.TimeBasedCollectionScheme", - "markdownDescription": "Information about a collection scheme that uses a time period to decide how often to collect data.", - "title": "TimeBasedCollectionScheme" - } - }, - "type": "object" - }, - "AWS::IoTFleetWise::Campaign.ConditionBasedCollectionScheme": { + "AWS::Glue::UsageProfile.ConfigurationObject": { "additionalProperties": false, "properties": { - "ConditionLanguageVersion": { - "markdownDescription": "Specifies the version of the conditional expression language.", - "title": "ConditionLanguageVersion", - "type": "number" + "AllowedValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of allowed values for the parameter.", + "title": "AllowedValues", + "type": "array" }, - "Expression": { - "markdownDescription": "The logical expression used to recognize what data to collect. For example, `$variable.Vehicle.OutsideAirTemperature >= 105.0` .", - "title": "Expression", + "DefaultValue": { + "markdownDescription": "A default value for the parameter.", + "title": "DefaultValue", "type": "string" }, - "MinimumTriggerIntervalMs": { - "markdownDescription": "The minimum duration of time between two triggering events to collect data, in milliseconds.\n\n> If a signal changes often, you might want to collect data at a slower rate.", - "title": "MinimumTriggerIntervalMs", - "type": "number" + "MaxValue": { + "markdownDescription": "A maximum allowed value for the parameter.", + "title": "MaxValue", + "type": "string" }, - "TriggerMode": { - "markdownDescription": "Whether to collect data for all triggering events ( `ALWAYS` ). Specify ( `RISING_EDGE` ), or specify only when the condition first evaluates to false. For example, triggering on \"AirbagDeployed\"; Users aren't interested on triggering when the airbag is already exploded; they only care about the change from not deployed => deployed.", - "title": "TriggerMode", + "MinValue": { + "markdownDescription": "A minimum allowed value for the parameter.", + "title": "MinValue", "type": "string" } }, - "required": [ - "Expression" - ], "type": "object" }, - "AWS::IoTFleetWise::Campaign.DataDestinationConfig": { + "AWS::Glue::UsageProfile.ProfileConfiguration": { "additionalProperties": false, "properties": { - "S3Config": { - "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.S3Config", - "markdownDescription": "The Amazon S3 bucket where the AWS IoT FleetWise campaign sends data.", - "title": "S3Config" + "JobConfiguration": { + "additionalProperties": false, + "markdownDescription": "A key-value map of configuration parameters for AWS Glue jobs.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::Glue::UsageProfile.ConfigurationObject" + } + }, + "title": "JobConfiguration", + "type": "object" }, - "TimestreamConfig": { - "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.TimestreamConfig", - "markdownDescription": "The Amazon Timestream table where the campaign sends data.", - "title": "TimestreamConfig" + "SessionConfiguration": { + "additionalProperties": false, + "markdownDescription": "A key-value map of configuration parameters for AWS Glue sessions.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::Glue::UsageProfile.ConfigurationObject" + } + }, + "title": "SessionConfiguration", + "type": "object" } }, "type": "object" }, - "AWS::IoTFleetWise::Campaign.S3Config": { + "AWS::Glue::Workflow": { "additionalProperties": false, "properties": { - "BucketArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon S3 bucket.", - "title": "BucketArn", + "Condition": { "type": "string" }, - "DataFormat": { - "markdownDescription": "Specify the format that files are saved in the Amazon S3 bucket. You can save files in an Apache Parquet or JSON format.\n\n- Parquet - Store data in a columnar storage file format. Parquet is optimal for fast data retrieval and can reduce costs. This option is selected by default.\n- JSON - Store data in a standard text-based JSON file format.", - "title": "DataFormat", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Prefix": { - "markdownDescription": "Enter an S3 bucket prefix. The prefix is the string of characters after the bucket name and before the object name. You can use the prefix to organize data stored in Amazon S3 buckets. For more information, see [Organizing objects using prefixes](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-prefixes.html) in the *Amazon Simple Storage Service User Guide* .\n\nBy default, AWS IoT FleetWise sets the prefix `processed-data/year=YY/month=MM/date=DD/hour=HH/` (in UTC) to data it delivers to Amazon S3 . You can enter a prefix to append it to this default prefix. For example, if you enter the prefix `vehicles` , the prefix will be `vehicles/processed-data/year=YY/month=MM/date=DD/hour=HH/` .", - "title": "Prefix", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "StorageCompressionFormat": { - "markdownDescription": "By default, stored data is compressed as a .gzip file. Compressed files have a reduced file size, which can optimize the cost of data storage.", - "title": "StorageCompressionFormat", - "type": "string" - } - }, - "required": [ - "BucketArn" - ], - "type": "object" - }, - "AWS::IoTFleetWise::Campaign.SignalInformation": { - "additionalProperties": false, - "properties": { - "MaxSampleCount": { - "markdownDescription": "The maximum number of samples to collect.", - "title": "MaxSampleCount", - "type": "number" + "Metadata": { + "type": "object" }, - "MinimumSamplingIntervalMs": { - "markdownDescription": "The minimum duration of time (in milliseconds) between two triggering events to collect data.\n\n> If a signal changes often, you might want to collect data at a slower rate.", - "title": "MinimumSamplingIntervalMs", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "DefaultRunProperties": { + "markdownDescription": "A collection of properties to be used as part of each execution of the workflow", + "title": "DefaultRunProperties", + "type": "object" + }, + "Description": { + "markdownDescription": "A description of the workflow", + "title": "Description", + "type": "string" + }, + "MaxConcurrentRuns": { + "markdownDescription": "You can use this parameter to prevent unwanted multiple updates to data, to control costs, or in some cases, to prevent exceeding the maximum number of concurrent runs of any of the component jobs. If you leave this parameter blank, there is no limit to the number of concurrent workflow runs.", + "title": "MaxConcurrentRuns", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of the workflow representing the flow", + "title": "Name", + "type": "string" + }, + "Tags": { + "markdownDescription": "The tags to use with this workflow.", + "title": "Tags", + "type": "object" + } + }, + "type": "object" }, - "Name": { - "markdownDescription": "The name of the signal.", - "title": "Name", - "type": "string" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "AWS::IoTFleetWise::Campaign.TimeBasedCollectionScheme": { - "additionalProperties": false, - "properties": { - "PeriodMs": { - "markdownDescription": "The time period (in milliseconds) to decide how often to collect data. For example, if the time period is `60000` , the Edge Agent software collects data once every minute.", - "title": "PeriodMs", - "type": "number" - } - }, - "required": [ - "PeriodMs" - ], - "type": "object" - }, - "AWS::IoTFleetWise::Campaign.TimestreamConfig": { - "additionalProperties": false, - "properties": { - "ExecutionRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the task execution role that grants AWS IoT FleetWise permission to deliver data to the Amazon Timestream table.", - "title": "ExecutionRoleArn", + "Type": { + "enum": [ + "AWS::Glue::Workflow" + ], "type": "string" }, - "TimestreamTableArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Timestream table.", - "title": "TimestreamTableArn", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ExecutionRoleArn", - "TimestreamTableArn" + "Type" ], "type": "object" }, - "AWS::IoTFleetWise::DecoderManifest": { + "AWS::Grafana::Workspace": { "additionalProperties": false, "properties": { "Condition": { @@ -128209,60 +132843,114 @@ "Properties": { "additionalProperties": false, "properties": { + "AccountAccessType": { + "markdownDescription": "Specifies whether the workspace can access AWS resources in this AWS account only, or whether it can also access AWS resources in other accounts in the same organization. If this is `ORGANIZATION` , the `OrganizationalUnits` parameter specifies which organizational units the workspace can access.", + "title": "AccountAccessType", + "type": "string" + }, + "AuthenticationProviders": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies whether this workspace uses SAML 2.0, AWS IAM Identity Center , or both to authenticate users for using the Grafana console within a workspace. For more information, see [User authentication in Amazon Managed Grafana](https://docs.aws.amazon.com/grafana/latest/userguide/authentication-in-AMG.html) .\n\n*Allowed Values* : `AWS_SSO | SAML`", + "title": "AuthenticationProviders", + "type": "array" + }, + "ClientToken": { + "markdownDescription": "A unique, case-sensitive, user-provided identifier to ensure the idempotency of the request.", + "title": "ClientToken", + "type": "string" + }, + "DataSources": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the AWS data sources that have been configured to have IAM roles and permissions created to allow Amazon Managed Grafana to read data from these sources.\n\nThis list is only used when the workspace was created through the AWS console, and the `permissionType` is `SERVICE_MANAGED` .", + "title": "DataSources", + "type": "array" + }, "Description": { - "markdownDescription": "A brief description of the decoder manifest.", + "markdownDescription": "The user-defined description of the workspace.", "title": "Description", "type": "string" }, - "ModelManifestArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of a vehicle model (model manifest) associated with the decoder manifest.", - "title": "ModelManifestArn", + "GrafanaVersion": { + "markdownDescription": "Specifies the version of Grafana to support in the workspace. Defaults to the latest version on create (for example, 9.4), or the current version of the workspace on update.\n\nCan only be used to upgrade (for example, from 8.4 to 9.4), not downgrade (for example, from 9.4 to 8.4).\n\nTo know what versions are available to upgrade to for a specific workspace, see the [ListVersions](https://docs.aws.amazon.com/grafana/latest/APIReference/API_ListVersions.html) operation.", + "title": "GrafanaVersion", "type": "string" }, "Name": { - "markdownDescription": "The name of the decoder manifest.", + "markdownDescription": "The name of the workspace.", "title": "Name", "type": "string" }, - "NetworkInterfaces": { - "items": { - "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.NetworkInterfacesItems" - }, - "markdownDescription": "A list of information about available network interfaces.", - "title": "NetworkInterfaces", - "type": "array" + "NetworkAccessControl": { + "$ref": "#/definitions/AWS::Grafana::Workspace.NetworkAccessControl", + "markdownDescription": "The configuration settings for network access to your workspace.", + "title": "NetworkAccessControl" }, - "SignalDecoders": { + "NotificationDestinations": { "items": { - "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.SignalDecodersItems" + "type": "string" }, - "markdownDescription": "A list of information about signal decoders.", - "title": "SignalDecoders", + "markdownDescription": "The AWS notification channels that Amazon Managed Grafana can automatically create IAM roles and permissions for, to allow Amazon Managed Grafana to use these channels.\n\n*AllowedValues* : `SNS`", + "title": "NotificationDestinations", "type": "array" }, - "Status": { - "markdownDescription": "The state of the decoder manifest. If the status is `ACTIVE` , the decoder manifest can't be edited. If the status is marked `DRAFT` , you can edit the decoder manifest.", - "title": "Status", + "OrganizationRoleName": { + "markdownDescription": "The name of the IAM role that is used to access resources through Organizations.", + "title": "OrganizationRoleName", "type": "string" }, - "Tags": { + "OrganizationalUnits": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "Metadata that can be used to manage the decoder manifest.", - "title": "Tags", + "markdownDescription": "Specifies the organizational units that this workspace is allowed to use data sources from, if this workspace is in an account that is part of an organization.", + "title": "OrganizationalUnits", "type": "array" + }, + "PermissionType": { + "markdownDescription": "If this is `SERVICE_MANAGED` , and the workplace was created through the Amazon Managed Grafana console, then Amazon Managed Grafana automatically creates the IAM roles and provisions the permissions that the workspace needs to use AWS data sources and notification channels.\n\nIf this is `CUSTOMER_MANAGED` , you must manage those roles and permissions yourself.\n\nIf you are working with a workspace in a member account of an organization and that account is not a delegated administrator account, and you want the workspace to access data sources in other AWS accounts in the organization, this parameter must be set to `CUSTOMER_MANAGED` .\n\nFor more information about converting between customer and service managed, see [Managing permissions for data sources and notification channels](https://docs.aws.amazon.com/grafana/latest/userguide/AMG-datasource-and-notification.html) . For more information about the roles and permissions that must be managed for customer managed workspaces, see [Amazon Managed Grafana permissions and policies for AWS data sources and notification channels](https://docs.aws.amazon.com/grafana/latest/userguide/AMG-manage-permissions.html)", + "title": "PermissionType", + "type": "string" + }, + "PluginAdminEnabled": { + "markdownDescription": "Whether plugin administration is enabled in the workspace. Setting to `true` allows workspace admins to install, uninstall, and update plugins from within the Grafana workspace.\n\n> This option is only valid for workspaces that support Grafana version 9 or newer.", + "title": "PluginAdminEnabled", + "type": "boolean" + }, + "RoleArn": { + "markdownDescription": "The IAM role that grants permissions to the AWS resources that the workspace will view data from. This role must already exist.", + "title": "RoleArn", + "type": "string" + }, + "SamlConfiguration": { + "$ref": "#/definitions/AWS::Grafana::Workspace.SamlConfiguration", + "markdownDescription": "If the workspace uses SAML, use this structure to map SAML assertion attributes to workspace user information and define which groups in the assertion attribute are to have the `Admin` and `Editor` roles in the workspace.", + "title": "SamlConfiguration" + }, + "StackSetName": { + "markdownDescription": "The name of the AWS CloudFormation stack set that is used to generate IAM roles to be used for this workspace.", + "title": "StackSetName", + "type": "string" + }, + "VpcConfiguration": { + "$ref": "#/definitions/AWS::Grafana::Workspace.VpcConfiguration", + "markdownDescription": "The configuration settings for an Amazon VPC that contains data sources for your Grafana workspace to connect to.\n\n> Connecting to a private VPC is not yet available in the Asia Pacific (Seoul) Region (ap-northeast-2).", + "title": "VpcConfiguration" } }, "required": [ - "ModelManifestArn", - "Name" + "AccountAccessType", + "AuthenticationProviders", + "PermissionType" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTFleetWise::DecoderManifest" + "AWS::Grafana::Workspace" ], "type": "string" }, @@ -128281,239 +132969,166 @@ ], "type": "object" }, - "AWS::IoTFleetWise::DecoderManifest.CanInterface": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The unique name of the interface.", - "title": "Name", - "type": "string" - }, - "ProtocolName": { - "markdownDescription": "The name of the communication protocol for the interface.", - "title": "ProtocolName", - "type": "string" - }, - "ProtocolVersion": { - "markdownDescription": "The version of the communication protocol for the interface.", - "title": "ProtocolVersion", - "type": "string" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "AWS::IoTFleetWise::DecoderManifest.CanSignal": { + "AWS::Grafana::Workspace.AssertionAttributes": { "additionalProperties": false, "properties": { - "Factor": { - "markdownDescription": "A multiplier used to decode the CAN message.", - "title": "Factor", - "type": "string" - }, - "IsBigEndian": { - "markdownDescription": "Whether the byte ordering of a CAN message is big-endian.", - "title": "IsBigEndian", - "type": "string" - }, - "IsSigned": { - "markdownDescription": "Whether the message data is specified as a signed value.", - "title": "IsSigned", + "Email": { + "markdownDescription": "The name of the attribute within the SAML assertion to use as the email names for SAML users.", + "title": "Email", "type": "string" }, - "Length": { - "markdownDescription": "How many bytes of data are in the message.", - "title": "Length", + "Groups": { + "markdownDescription": "The name of the attribute within the SAML assertion to use as the user full \"friendly\" names for user groups.", + "title": "Groups", "type": "string" }, - "MessageId": { - "markdownDescription": "The ID of the message.", - "title": "MessageId", + "Login": { + "markdownDescription": "The name of the attribute within the SAML assertion to use as the login names for SAML users.", + "title": "Login", "type": "string" }, "Name": { - "markdownDescription": "The name of the signal.", + "markdownDescription": "The name of the attribute within the SAML assertion to use as the user full \"friendly\" names for SAML users.", "title": "Name", "type": "string" }, - "Offset": { - "markdownDescription": "The offset used to calculate the signal value. Combined with factor, the calculation is `value = raw_value * factor + offset` .", - "title": "Offset", + "Org": { + "markdownDescription": "The name of the attribute within the SAML assertion to use as the user full \"friendly\" names for the users' organizations.", + "title": "Org", "type": "string" }, - "StartBit": { - "markdownDescription": "Indicates the beginning of the CAN message.", - "title": "StartBit", + "Role": { + "markdownDescription": "The name of the attribute within the SAML assertion to use as the user roles.", + "title": "Role", "type": "string" } }, - "required": [ - "Factor", - "IsBigEndian", - "IsSigned", - "Length", - "MessageId", - "Offset", - "StartBit" - ], "type": "object" }, - "AWS::IoTFleetWise::DecoderManifest.NetworkInterfacesItems": { + "AWS::Grafana::Workspace.IdpMetadata": { "additionalProperties": false, "properties": { - "CanInterface": { - "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.CanInterface" - }, - "InterfaceId": { + "Url": { + "markdownDescription": "The URL of the location containing the IdP metadata.", + "title": "Url", "type": "string" }, - "ObdInterface": { - "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.ObdInterface" - }, - "Type": { + "Xml": { + "markdownDescription": "The full IdP metadata, in XML format.", + "title": "Xml", "type": "string" } }, - "required": [ - "InterfaceId", - "Type" - ], "type": "object" }, - "AWS::IoTFleetWise::DecoderManifest.ObdInterface": { + "AWS::Grafana::Workspace.NetworkAccessControl": { "additionalProperties": false, "properties": { - "DtcRequestIntervalSeconds": { - "markdownDescription": "The maximum number message requests per diagnostic trouble code per second.", - "title": "DtcRequestIntervalSeconds", - "type": "string" - }, - "HasTransmissionEcu": { - "markdownDescription": "Whether the vehicle has a transmission control module (TCM).", - "title": "HasTransmissionEcu", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the interface.", - "title": "Name", - "type": "string" - }, - "ObdStandard": { - "markdownDescription": "The standard OBD II PID.", - "title": "ObdStandard", - "type": "string" - }, - "PidRequestIntervalSeconds": { - "markdownDescription": "The maximum number message requests per second.", - "title": "PidRequestIntervalSeconds", - "type": "string" - }, - "RequestMessageId": { - "markdownDescription": "The ID of the message requesting vehicle data.", - "title": "RequestMessageId", - "type": "string" + "PrefixListIds": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of prefix list IDs. A prefix list is a list of CIDR ranges of IP addresses. The IP addresses specified are allowed to access your workspace. If the list is not included in the configuration (passed an empty array) then no IP addresses are allowed to access the workspace. You create a prefix list using the Amazon VPC console.\n\nPrefix list IDs have the format `pl- *1a2b3c4d*` .\n\nFor more information about prefix lists, see [Group CIDR blocks using managed prefix lists](https://docs.aws.amazon.com/vpc/latest/userguide/managed-prefix-lists.html) in the *Amazon Virtual Private Cloud User Guide* .", + "title": "PrefixListIds", + "type": "array" }, - "UseExtendedIds": { - "markdownDescription": "Whether to use extended IDs in the message.", - "title": "UseExtendedIds", - "type": "string" + "VpceIds": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of Amazon VPC endpoint IDs for the workspace. You can create VPC endpoints to your Amazon Managed Grafana workspace for access from within a VPC. If a `NetworkAccessConfiguration` is specified then only VPC endpoints specified here are allowed to access the workspace. If you pass in an empty array of strings, then no VPCs are allowed to access the workspace.\n\nVPC endpoint IDs have the format `vpce- *1a2b3c4d*` .\n\nFor more information about creating an interface VPC endpoint, see [Interface VPC endpoints](https://docs.aws.amazon.com/grafana/latest/userguide/VPC-endpoints) in the *Amazon Managed Grafana User Guide* .\n\n> The only VPC endpoints that can be specified here are interface VPC endpoints for Grafana workspaces (using the `com.amazonaws.[region].grafana-workspace` service endpoint). Other VPC endpoints are ignored.", + "title": "VpceIds", + "type": "array" } }, - "required": [ - "Name", - "RequestMessageId" - ], "type": "object" }, - "AWS::IoTFleetWise::DecoderManifest.ObdSignal": { + "AWS::Grafana::Workspace.RoleValues": { "additionalProperties": false, "properties": { - "BitMaskLength": { - "markdownDescription": "The number of bits to mask in a message.", - "title": "BitMaskLength", - "type": "string" - }, - "BitRightShift": { - "markdownDescription": "The number of positions to shift bits in the message.", - "title": "BitRightShift", - "type": "string" - }, - "ByteLength": { - "markdownDescription": "The length of a message.", - "title": "ByteLength", - "type": "string" - }, - "Offset": { - "markdownDescription": "The offset used to calculate the signal value. Combined with scaling, the calculation is `value = raw_value * scaling + offset` .", - "title": "Offset", - "type": "string" + "Admin": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of groups from the SAML assertion attribute to grant the Grafana `Admin` role to.", + "title": "Admin", + "type": "array" }, - "Pid": { - "markdownDescription": "The diagnostic code used to request data from a vehicle for this signal.", - "title": "Pid", - "type": "string" + "Editor": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of groups from the SAML assertion attribute to grant the Grafana `Editor` role to.", + "title": "Editor", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Grafana::Workspace.SamlConfiguration": { + "additionalProperties": false, + "properties": { + "AllowedOrganizations": { + "items": { + "type": "string" + }, + "markdownDescription": "Lists which organizations defined in the SAML assertion are allowed to use the Amazon Managed Grafana workspace. If this is empty, all organizations in the assertion attribute have access.", + "title": "AllowedOrganizations", + "type": "array" }, - "PidResponseLength": { - "markdownDescription": "The length of the requested data.", - "title": "PidResponseLength", - "type": "string" + "AssertionAttributes": { + "$ref": "#/definitions/AWS::Grafana::Workspace.AssertionAttributes", + "markdownDescription": "A structure that defines which attributes in the SAML assertion are to be used to define information about the users authenticated by that IdP to use the workspace.", + "title": "AssertionAttributes" }, - "Scaling": { - "markdownDescription": "A multiplier used to decode the message.", - "title": "Scaling", - "type": "string" + "IdpMetadata": { + "$ref": "#/definitions/AWS::Grafana::Workspace.IdpMetadata", + "markdownDescription": "A structure containing the identity provider (IdP) metadata used to integrate the identity provider with this workspace.", + "title": "IdpMetadata" }, - "ServiceMode": { - "markdownDescription": "The mode of operation (diagnostic service) in a message.", - "title": "ServiceMode", - "type": "string" + "LoginValidityDuration": { + "markdownDescription": "How long a sign-on session by a SAML user is valid, before the user has to sign on again.", + "title": "LoginValidityDuration", + "type": "number" }, - "StartByte": { - "markdownDescription": "Indicates the beginning of the message.", - "title": "StartByte", - "type": "string" + "RoleValues": { + "$ref": "#/definitions/AWS::Grafana::Workspace.RoleValues", + "markdownDescription": "A structure containing arrays that map group names in the SAML assertion to the Grafana `Admin` and `Editor` roles in the workspace.", + "title": "RoleValues" } }, "required": [ - "ByteLength", - "Offset", - "Pid", - "PidResponseLength", - "Scaling", - "ServiceMode", - "StartByte" + "IdpMetadata" ], "type": "object" }, - "AWS::IoTFleetWise::DecoderManifest.SignalDecodersItems": { + "AWS::Grafana::Workspace.VpcConfiguration": { "additionalProperties": false, "properties": { - "CanSignal": { - "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.CanSignal" - }, - "FullyQualifiedName": { - "type": "string" - }, - "InterfaceId": { - "type": "string" - }, - "ObdSignal": { - "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.ObdSignal" + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of Amazon EC2 security group IDs attached to the Amazon VPC for your Grafana workspace to connect. Duplicates not allowed.\n\n*Array Members* : Minimum number of 1 items. Maximum number of 5 items.\n\n*Length* : Minimum length of 0. Maximum length of 255.", + "title": "SecurityGroupIds", + "type": "array" }, - "Type": { - "type": "string" + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of Amazon EC2 subnet IDs created in the Amazon VPC for your Grafana workspace to connect. Duplicates not allowed.\n\n*Array Members* : Minimum number of 2 items. Maximum number of 6 items.\n\n*Length* : Minimum length of 0. Maximum length of 255.", + "title": "SubnetIds", + "type": "array" } }, "required": [ - "FullyQualifiedName", - "InterfaceId", - "Type" + "SecurityGroupIds", + "SubnetIds" ], "type": "object" }, - "AWS::IoTFleetWise::Fleet": { + "AWS::Greengrass::ConnectorDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -128548,39 +133163,30 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A brief description of the fleet.", - "title": "Description", - "type": "string" - }, - "Id": { - "markdownDescription": "The unique ID of the fleet.", - "title": "Id", - "type": "string" + "InitialVersion": { + "$ref": "#/definitions/AWS::Greengrass::ConnectorDefinition.ConnectorDefinitionVersion", + "markdownDescription": "The connector definition version to include when the connector definition is created. A connector definition version contains a list of [`connector`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-connectordefinition-connector.html) property types.\n\n> To associate a connector definition version after the connector definition is created, create an [`AWS::Greengrass::ConnectorDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-connectordefinitionversion.html) resource and specify the ID of this connector definition.", + "title": "InitialVersion" }, - "SignalCatalogArn": { - "markdownDescription": "The ARN of the signal catalog associated with the fleet.", - "title": "SignalCatalogArn", + "Name": { + "markdownDescription": "The name of the connector definition.", + "title": "Name", "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata that can be used to manage the fleet.", + "markdownDescription": "Application-specific metadata to attach to the connector definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", "title": "Tags", - "type": "array" + "type": "object" } }, "required": [ - "Id", - "SignalCatalogArn" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTFleetWise::Fleet" + "AWS::Greengrass::ConnectorDefinition" ], "type": "string" }, @@ -128599,7 +133205,49 @@ ], "type": "object" }, - "AWS::IoTFleetWise::ModelManifest": { + "AWS::Greengrass::ConnectorDefinition.Connector": { + "additionalProperties": false, + "properties": { + "ConnectorArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the connector.\n\nFor more information about connectors provided by AWS , see [Greengrass Connectors Provided by AWS](https://docs.aws.amazon.com/greengrass/v1/developerguide/connectors-list.html) .", + "title": "ConnectorArn", + "type": "string" + }, + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the connector. This value must be unique within the connector definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", + "type": "string" + }, + "Parameters": { + "markdownDescription": "The parameters or configuration used by the connector.\n\nFor more information about connectors provided by AWS , see [Greengrass Connectors Provided by AWS](https://docs.aws.amazon.com/greengrass/v1/developerguide/connectors-list.html) .", + "title": "Parameters", + "type": "object" + } + }, + "required": [ + "ConnectorArn", + "Id" + ], + "type": "object" + }, + "AWS::Greengrass::ConnectorDefinition.ConnectorDefinitionVersion": { + "additionalProperties": false, + "properties": { + "Connectors": { + "items": { + "$ref": "#/definitions/AWS::Greengrass::ConnectorDefinition.Connector" + }, + "markdownDescription": "The connectors in this version. Only one instance of a given connector can be added to a connector definition version at a time.", + "title": "Connectors", + "type": "array" + } + }, + "required": [ + "Connectors" + ], + "type": "object" + }, + "AWS::Greengrass::ConnectorDefinitionVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -128634,52 +133282,29 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A brief description of the vehicle model.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the vehicle model.", - "title": "Name", - "type": "string" - }, - "Nodes": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of nodes, which are a general abstraction of signals.", - "title": "Nodes", - "type": "array" - }, - "SignalCatalogArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the signal catalog associated with the vehicle model.", - "title": "SignalCatalogArn", - "type": "string" - }, - "Status": { - "markdownDescription": "The state of the vehicle model. If the status is `ACTIVE` , the vehicle model can't be edited. If the status is `DRAFT` , you can edit the vehicle model.", - "title": "Status", + "ConnectorDefinitionId": { + "markdownDescription": "The ID of the connector definition associated with this version. This value is a GUID.", + "title": "ConnectorDefinitionId", "type": "string" }, - "Tags": { + "Connectors": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Greengrass::ConnectorDefinitionVersion.Connector" }, - "markdownDescription": "Metadata that can be used to manage the vehicle model.", - "title": "Tags", + "markdownDescription": "The connectors in this version. Only one instance of a given connector can be added to the connector definition version at a time.", + "title": "Connectors", "type": "array" } }, "required": [ - "Name", - "SignalCatalogArn" + "ConnectorDefinitionId", + "Connectors" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTFleetWise::ModelManifest" + "AWS::Greengrass::ConnectorDefinitionVersion" ], "type": "string" }, @@ -128698,7 +133323,32 @@ ], "type": "object" }, - "AWS::IoTFleetWise::SignalCatalog": { + "AWS::Greengrass::ConnectorDefinitionVersion.Connector": { + "additionalProperties": false, + "properties": { + "ConnectorArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the connector.\n\nFor more information about connectors provided by AWS , see [Greengrass Connectors Provided by AWS](https://docs.aws.amazon.com/greengrass/v1/developerguide/connectors-list.html) .", + "title": "ConnectorArn", + "type": "string" + }, + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the connector. This value must be unique within the connector definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", + "type": "string" + }, + "Parameters": { + "markdownDescription": "The parameters or configuration that the connector uses.\n\nFor more information about connectors provided by AWS , see [Greengrass Connectors Provided by AWS](https://docs.aws.amazon.com/greengrass/v1/developerguide/connectors-list.html) .", + "title": "Parameters", + "type": "object" + } + }, + "required": [ + "ConnectorArn", + "Id" + ], + "type": "object" + }, + "AWS::Greengrass::CoreDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -128733,43 +133383,30 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A brief description of the signal catalog.", - "title": "Description", - "type": "string" + "InitialVersion": { + "$ref": "#/definitions/AWS::Greengrass::CoreDefinition.CoreDefinitionVersion", + "markdownDescription": "The core definition version to include when the core definition is created. Currently, a core definition version can contain only one [`core`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-coredefinition-core.html) .\n\n> To associate a core definition version after the core definition is created, create an [`AWS::Greengrass::CoreDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-coredefinitionversion.html) resource and specify the ID of this core definition.", + "title": "InitialVersion" }, "Name": { - "markdownDescription": "The name of the signal catalog.", + "markdownDescription": "The name of the core definition.", "title": "Name", "type": "string" }, - "NodeCounts": { - "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog.NodeCounts", - "markdownDescription": "Information about the number of nodes and node types in a vehicle network.", - "title": "NodeCounts" - }, - "Nodes": { - "items": { - "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog.Node" - }, - "markdownDescription": "A list of information about nodes, which are a general abstraction of signals.", - "title": "Nodes", - "type": "array" - }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata that can be used to manage the signal catalog.", + "markdownDescription": "Application-specific metadata to attach to the core definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", "title": "Tags", - "type": "array" + "type": "object" } }, + "required": [ + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTFleetWise::SignalCatalog" + "AWS::Greengrass::CoreDefinition" ], "type": "string" }, @@ -128783,246 +133420,292 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoTFleetWise::SignalCatalog.Actuator": { + "AWS::Greengrass::CoreDefinition.Core": { "additionalProperties": false, "properties": { - "AllowedValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of possible values an actuator can take.", - "title": "AllowedValues", - "type": "array" - }, - "AssignedValue": { - "markdownDescription": "A specified value for the actuator.", - "title": "AssignedValue", - "type": "string" - }, - "DataType": { - "markdownDescription": "The specified data type of the actuator.", - "title": "DataType", - "type": "string" - }, - "Description": { - "markdownDescription": "A brief description of the actuator.", - "title": "Description", + "CertificateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the device certificate for the core. This X.509 certificate is used to authenticate the core with AWS IoT and AWS IoT Greengrass services.", + "title": "CertificateArn", "type": "string" }, - "FullyQualifiedName": { - "markdownDescription": "The fully qualified name of the actuator. For example, the fully qualified name of an actuator might be `Vehicle.Front.Left.Door.Lock` .", - "title": "FullyQualifiedName", + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the core. This value must be unique within the core definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", "type": "string" }, - "Max": { - "markdownDescription": "The specified possible maximum value of an actuator.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The specified possible minimum value of an actuator.", - "title": "Min", - "type": "number" + "SyncShadow": { + "markdownDescription": "Indicates whether the core's local shadow is synced with the cloud automatically. The default is false.", + "title": "SyncShadow", + "type": "boolean" }, - "Unit": { - "markdownDescription": "The scientific unit for the actuator.", - "title": "Unit", + "ThingArn": { + "markdownDescription": "The ARN of the core, which is an AWS IoT device (thing).", + "title": "ThingArn", "type": "string" } }, "required": [ - "DataType", - "FullyQualifiedName" + "CertificateArn", + "Id", + "ThingArn" ], "type": "object" }, - "AWS::IoTFleetWise::SignalCatalog.Attribute": { + "AWS::Greengrass::CoreDefinition.CoreDefinitionVersion": { "additionalProperties": false, "properties": { - "AllowedValues": { + "Cores": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Greengrass::CoreDefinition.Core" }, - "markdownDescription": "A list of possible values an attribute can be assigned.", - "title": "AllowedValues", + "markdownDescription": "The Greengrass core in this version. Currently, the `Cores` property for a core definition version can contain only one core.", + "title": "Cores", "type": "array" - }, - "AssignedValue": { - "markdownDescription": "A specified value for the attribute.", - "title": "AssignedValue", - "type": "string" - }, - "DataType": { - "markdownDescription": "The specified data type of the attribute.", - "title": "DataType", + } + }, + "required": [ + "Cores" + ], + "type": "object" + }, + "AWS::Greengrass::CoreDefinitionVersion": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "DefaultValue": { - "markdownDescription": "The default value of the attribute.", - "title": "DefaultValue", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Description": { - "markdownDescription": "A brief description of the attribute.", - "title": "Description", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "FullyQualifiedName": { - "markdownDescription": "The fully qualified name of the attribute. For example, the fully qualified name of an attribute might be `Vehicle.Body.Engine.Type` .", - "title": "FullyQualifiedName", - "type": "string" + "Metadata": { + "type": "object" }, - "Max": { - "markdownDescription": "The specified possible maximum value of the attribute.", - "title": "Max", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "CoreDefinitionId": { + "markdownDescription": "The ID of the core definition associated with this version. This value is a GUID.", + "title": "CoreDefinitionId", + "type": "string" + }, + "Cores": { + "items": { + "$ref": "#/definitions/AWS::Greengrass::CoreDefinitionVersion.Core" + }, + "markdownDescription": "The Greengrass core in this version. Currently, the `Cores` property for a core definition version can contain only one core.", + "title": "Cores", + "type": "array" + } + }, + "required": [ + "CoreDefinitionId", + "Cores" + ], + "type": "object" }, - "Min": { - "markdownDescription": "The specified possible minimum value of the attribute.", - "title": "Min", - "type": "number" + "Type": { + "enum": [ + "AWS::Greengrass::CoreDefinitionVersion" + ], + "type": "string" }, - "Unit": { - "markdownDescription": "The scientific unit for the attribute.", - "title": "Unit", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "DataType", - "FullyQualifiedName" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoTFleetWise::SignalCatalog.Branch": { + "AWS::Greengrass::CoreDefinitionVersion.Core": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A brief description of the branch.", - "title": "Description", + "CertificateArn": { + "markdownDescription": "The ARN of the device certificate for the core. This X.509 certificate is used to authenticate the core with AWS IoT and AWS IoT Greengrass services.", + "title": "CertificateArn", "type": "string" }, - "FullyQualifiedName": { - "markdownDescription": "The fully qualified name of the branch. For example, the fully qualified name of a branch might be `Vehicle.Body.Engine` .", - "title": "FullyQualifiedName", + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the core. This value must be unique within the core definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", + "type": "string" + }, + "SyncShadow": { + "markdownDescription": "Indicates whether the core's local shadow is synced with the cloud automatically. The default is false.", + "title": "SyncShadow", + "type": "boolean" + }, + "ThingArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the core, which is an AWS IoT device (thing).", + "title": "ThingArn", "type": "string" } }, "required": [ - "FullyQualifiedName" + "CertificateArn", + "Id", + "ThingArn" ], "type": "object" }, - "AWS::IoTFleetWise::SignalCatalog.Node": { + "AWS::Greengrass::DeviceDefinition": { "additionalProperties": false, "properties": { - "Actuator": { - "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog.Actuator", - "markdownDescription": "Information about a node specified as an actuator.\n\n> An actuator is a digital representation of a vehicle device.", - "title": "Actuator" + "Condition": { + "type": "string" }, - "Attribute": { - "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog.Attribute", - "markdownDescription": "Information about a node specified as an attribute.\n\n> An attribute represents static information about a vehicle.", - "title": "Attribute" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Branch": { - "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog.Branch", - "markdownDescription": "Information about a node specified as a branch.\n\n> A group of signals that are defined in a hierarchical structure.", - "title": "Branch" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Sensor": { - "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog.Sensor", - "markdownDescription": "An input component that reports the environmental condition of a vehicle.\n\n> You can collect data about fluid levels, temperatures, vibrations, or battery voltage from sensors.", - "title": "Sensor" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "InitialVersion": { + "$ref": "#/definitions/AWS::Greengrass::DeviceDefinition.DeviceDefinitionVersion", + "markdownDescription": "The device definition version to include when the device definition is created. A device definition version contains a list of [`device`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-devicedefinition-device.html) property types.\n\n> To associate a device definition version after the device definition is created, create an [`AWS::Greengrass::DeviceDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-devicedefinitionversion.html) resource and specify the ID of this device definition.", + "title": "InitialVersion" + }, + "Name": { + "markdownDescription": "The name of the device definition.", + "title": "Name", + "type": "string" + }, + "Tags": { + "markdownDescription": "Application-specific metadata to attach to the device definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", + "title": "Tags", + "type": "object" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Greengrass::DeviceDefinition" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::IoTFleetWise::SignalCatalog.NodeCounts": { + "AWS::Greengrass::DeviceDefinition.Device": { "additionalProperties": false, "properties": { - "TotalActuators": { - "markdownDescription": "The total number of nodes in a vehicle network that represent actuators.", - "title": "TotalActuators", - "type": "number" - }, - "TotalAttributes": { - "markdownDescription": "The total number of nodes in a vehicle network that represent attributes.", - "title": "TotalAttributes", - "type": "number" + "CertificateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the device certificate for the device. This X.509 certificate is used to authenticate the device with AWS IoT and AWS IoT Greengrass services.", + "title": "CertificateArn", + "type": "string" }, - "TotalBranches": { - "markdownDescription": "The total number of nodes in a vehicle network that represent branches.", - "title": "TotalBranches", - "type": "number" + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the device. This value must be unique within the device definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", + "type": "string" }, - "TotalNodes": { - "markdownDescription": "The total number of nodes in a vehicle network.", - "title": "TotalNodes", - "type": "number" + "SyncShadow": { + "markdownDescription": "Indicates whether the device's local shadow is synced with the cloud automatically.", + "title": "SyncShadow", + "type": "boolean" }, - "TotalSensors": { - "markdownDescription": "The total number of nodes in a vehicle network that represent sensors.", - "title": "TotalSensors", - "type": "number" + "ThingArn": { + "markdownDescription": "The ARN of the device, which is an AWS IoT device (thing).", + "title": "ThingArn", + "type": "string" } }, + "required": [ + "CertificateArn", + "Id", + "ThingArn" + ], "type": "object" }, - "AWS::IoTFleetWise::SignalCatalog.Sensor": { + "AWS::Greengrass::DeviceDefinition.DeviceDefinitionVersion": { "additionalProperties": false, "properties": { - "AllowedValues": { + "Devices": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Greengrass::DeviceDefinition.Device" }, - "markdownDescription": "A list of possible values a sensor can take.", - "title": "AllowedValues", + "markdownDescription": "The devices in this version.", + "title": "Devices", "type": "array" - }, - "DataType": { - "markdownDescription": "The specified data type of the sensor.", - "title": "DataType", - "type": "string" - }, - "Description": { - "markdownDescription": "A brief description of a sensor.", - "title": "Description", - "type": "string" - }, - "FullyQualifiedName": { - "markdownDescription": "The fully qualified name of the sensor. For example, the fully qualified name of a sensor might be `Vehicle.Body.Engine.Battery` .", - "title": "FullyQualifiedName", - "type": "string" - }, - "Max": { - "markdownDescription": "The specified possible maximum value of the sensor.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The specified possible minimum value of the sensor.", - "title": "Min", - "type": "number" - }, - "Unit": { - "markdownDescription": "The scientific unit of measurement for data collected by the sensor.", - "title": "Unit", - "type": "string" } }, "required": [ - "DataType", - "FullyQualifiedName" + "Devices" ], "type": "object" }, - "AWS::IoTFleetWise::Vehicle": { + "AWS::Greengrass::DeviceDefinitionVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -129057,56 +133740,29 @@ "Properties": { "additionalProperties": false, "properties": { - "AssociationBehavior": { - "markdownDescription": "An option to create a new AWS IoT thing when creating a vehicle, or to validate an existing thing as a vehicle.", - "title": "AssociationBehavior", - "type": "string" - }, - "Attributes": { - "additionalProperties": true, - "markdownDescription": "Static information about a vehicle in a key-value pair. For example: `\"engine Type\"` : `\"v6\"`", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Attributes", - "type": "object" - }, - "DecoderManifestArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of a decoder manifest associated with the vehicle to create.", - "title": "DecoderManifestArn", - "type": "string" - }, - "ModelManifestArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the vehicle model (model manifest) to create the vehicle from.", - "title": "ModelManifestArn", - "type": "string" - }, - "Name": { - "markdownDescription": "The unique ID of the vehicle.", - "title": "Name", + "DeviceDefinitionId": { + "markdownDescription": "The ID of the device definition associated with this version. This value is a GUID.", + "title": "DeviceDefinitionId", "type": "string" }, - "Tags": { + "Devices": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Greengrass::DeviceDefinitionVersion.Device" }, - "markdownDescription": "Metadata which can be used to manage the vehicle.", - "title": "Tags", + "markdownDescription": "The devices in this version.", + "title": "Devices", "type": "array" } }, "required": [ - "DecoderManifestArn", - "ModelManifestArn", - "Name" + "DeviceDefinitionId", + "Devices" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTFleetWise::Vehicle" + "AWS::Greengrass::DeviceDefinitionVersion" ], "type": "string" }, @@ -129125,7 +133781,38 @@ ], "type": "object" }, - "AWS::IoTSiteWise::AccessPolicy": { + "AWS::Greengrass::DeviceDefinitionVersion.Device": { + "additionalProperties": false, + "properties": { + "CertificateArn": { + "markdownDescription": "The ARN of the device certificate for the device. This X.509 certificate is used to authenticate the device with AWS IoT and AWS IoT Greengrass services.", + "title": "CertificateArn", + "type": "string" + }, + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the device. This value must be unique within the device definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", + "type": "string" + }, + "SyncShadow": { + "markdownDescription": "Indicates whether the device's local shadow is synced with the cloud automatically.", + "title": "SyncShadow", + "type": "boolean" + }, + "ThingArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the device, which is an AWS IoT device (thing).", + "title": "ThingArn", + "type": "string" + } + }, + "required": [ + "CertificateArn", + "Id", + "ThingArn" + ], + "type": "object" + }, + "AWS::Greengrass::FunctionDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -129160,32 +133847,30 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessPolicyIdentity": { - "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.AccessPolicyIdentity", - "markdownDescription": "The identity for this access policy. Choose an IAM Identity Center user, an IAM Identity Center group, or an IAM user.", - "title": "AccessPolicyIdentity" + "InitialVersion": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.FunctionDefinitionVersion", + "markdownDescription": "The function definition version to include when the function definition is created. A function definition version contains a list of [`function`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinition-function.html) property types.\n\n> To associate a function definition version after the function definition is created, create an [`AWS::Greengrass::FunctionDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-functiondefinitionversion.html) resource and specify the ID of this function definition.", + "title": "InitialVersion" }, - "AccessPolicyPermission": { - "markdownDescription": "The permission level for this access policy. Note that a project `ADMINISTRATOR` is also known as a project owner.", - "title": "AccessPolicyPermission", + "Name": { + "markdownDescription": "The name of the function definition.", + "title": "Name", "type": "string" }, - "AccessPolicyResource": { - "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.AccessPolicyResource", - "markdownDescription": "The AWS IoT SiteWise Monitor resource for this access policy. Choose either a portal or a project.", - "title": "AccessPolicyResource" + "Tags": { + "markdownDescription": "Application-specific metadata to attach to the function definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", + "title": "Tags", + "type": "object" } }, "required": [ - "AccessPolicyIdentity", - "AccessPolicyPermission", - "AccessPolicyResource" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTSiteWise::AccessPolicy" + "AWS::Greengrass::FunctionDefinition" ], "type": "string" }, @@ -129204,99 +133889,190 @@ ], "type": "object" }, - "AWS::IoTSiteWise::AccessPolicy.AccessPolicyIdentity": { + "AWS::Greengrass::FunctionDefinition.DefaultConfig": { "additionalProperties": false, "properties": { - "IamRole": { - "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.IamRole", - "markdownDescription": "An IAM role identity.", - "title": "IamRole" + "Execution": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.Execution", + "markdownDescription": "Configuration settings for the Lambda execution environment on the AWS IoT Greengrass core.", + "title": "Execution" + } + }, + "required": [ + "Execution" + ], + "type": "object" + }, + "AWS::Greengrass::FunctionDefinition.Environment": { + "additionalProperties": false, + "properties": { + "AccessSysfs": { + "markdownDescription": "Indicates whether the function is allowed to access the `/sys` directory on the core device, which allows the read device information from `/sys` .\n\n> This property applies only to Lambda functions that run in a Greengrass container.", + "title": "AccessSysfs", + "type": "boolean" }, - "IamUser": { - "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.IamUser", - "markdownDescription": "An IAM user identity.", - "title": "IamUser" + "Execution": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.Execution", + "markdownDescription": "Settings for the Lambda execution environment in AWS IoT Greengrass .", + "title": "Execution" }, - "User": { - "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.User", - "markdownDescription": "An IAM Identity Center user identity.", - "title": "User" + "ResourceAccessPolicies": { + "items": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.ResourceAccessPolicy" + }, + "markdownDescription": "A list of the [resources](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-resourcedefinitionversion-resourceinstance.html) in the group that the function can access, with the corresponding read-only or read-write permissions. The maximum is 10 resources.\n\n> This property applies only for Lambda functions that run in a Greengrass container.", + "title": "ResourceAccessPolicies", + "type": "array" + }, + "Variables": { + "markdownDescription": "Environment variables for the Lambda function.", + "title": "Variables", + "type": "object" } }, "type": "object" }, - "AWS::IoTSiteWise::AccessPolicy.AccessPolicyResource": { + "AWS::Greengrass::FunctionDefinition.Execution": { "additionalProperties": false, "properties": { - "Portal": { - "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.Portal", - "markdownDescription": "Identifies an AWS IoT SiteWise Monitor portal.", - "title": "Portal" + "IsolationMode": { + "markdownDescription": "The containerization that the Lambda function runs in. Valid values are `GreengrassContainer` or `NoContainer` . Typically, this is `GreengrassContainer` . For more information, see [Containerization](https://docs.aws.amazon.com/greengrass/v1/developerguide/lambda-group-config.html#lambda-function-containerization) in the *Developer Guide* .\n\n- When set on the [`DefaultConfig`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-defaultconfig.html) property of a function definition version, this setting is used as the default containerization for all Lambda functions in the function definition version.\n- When set on the [`Environment`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-environment.html) property of a function, this setting applies to the individual function and overrides the default. Omit this value to run the function with the default containerization.\n\n> We recommend that you run in a Greengrass container unless your business case requires that you run without containerization.", + "title": "IsolationMode", + "type": "string" }, - "Project": { - "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.Project", - "markdownDescription": "Identifies a specific AWS IoT SiteWise Monitor project.", - "title": "Project" + "RunAs": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.RunAs", + "markdownDescription": "The user and group permissions used to run the Lambda function. Typically, this is the ggc_user and ggc_group. For more information, see [Run as](https://docs.aws.amazon.com/greengrass/v1/developerguide/lambda-group-config.html#lambda-access-identity.html) in the *Developer Guide* .\n\n- When set on the [`DefaultConfig`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-defaultconfig.html) property of a function definition version, this setting is used as the default access identity for all Lambda functions in the function definition version.\n- When set on the [`Environment`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-environment.html) property of a function, this setting applies to the individual function and overrides the default. You can override the user, group, or both. Omit this value to run the function with the default permissions.\n\n> Running as the root user increases risks to your data and device. Do not run as root (UID/GID=0) unless your business case requires it. For more information and requirements, see [Running a Lambda Function as Root](https://docs.aws.amazon.com/greengrass/v1/developerguide/lambda-group-config.html#lambda-running-as-root) .", + "title": "RunAs" } }, "type": "object" }, - "AWS::IoTSiteWise::AccessPolicy.IamRole": { + "AWS::Greengrass::FunctionDefinition.Function": { "additionalProperties": false, "properties": { - "arn": { - "markdownDescription": "The ARN of the IAM role. For more information, see [IAM ARNs](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html) in the *IAM User Guide* .", - "title": "arn", + "FunctionArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the alias (recommended) or version of the referenced Lambda function.", + "title": "FunctionArn", + "type": "string" + }, + "FunctionConfiguration": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.FunctionConfiguration", + "markdownDescription": "The group-specific settings of the Lambda function. These settings configure the function's behavior in the Greengrass group.", + "title": "FunctionConfiguration" + }, + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the function. This value must be unique within the function definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", "type": "string" } }, + "required": [ + "FunctionArn", + "FunctionConfiguration", + "Id" + ], "type": "object" }, - "AWS::IoTSiteWise::AccessPolicy.IamUser": { + "AWS::Greengrass::FunctionDefinition.FunctionConfiguration": { "additionalProperties": false, "properties": { - "arn": { - "markdownDescription": "The ARN of the IAM user. For more information, see [IAM ARNs](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html) in the *IAM User Guide* .\n\n> If you delete the IAM user, access policies that contain this identity include an empty `arn` . You can delete the access policy for the IAM user that no longer exists.", - "title": "arn", + "EncodingType": { + "markdownDescription": "The expected encoding type of the input payload for the function. Valid values are `json` (default) and `binary` .", + "title": "EncodingType", + "type": "string" + }, + "Environment": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.Environment", + "markdownDescription": "The environment configuration of the function.", + "title": "Environment" + }, + "ExecArgs": { + "markdownDescription": "The execution arguments.", + "title": "ExecArgs", + "type": "string" + }, + "Executable": { + "markdownDescription": "The name of the function executable.", + "title": "Executable", "type": "string" + }, + "MemorySize": { + "markdownDescription": "The memory size (in KB) required by the function.\n\n> This property applies only to Lambda functions that run in a Greengrass container.", + "title": "MemorySize", + "type": "number" + }, + "Pinned": { + "markdownDescription": "Indicates whether the function is pinned (or *long-lived* ). Pinned functions start when the core starts and process all requests in the same container. The default value is false.", + "title": "Pinned", + "type": "boolean" + }, + "Timeout": { + "markdownDescription": "The allowed execution time (in seconds) after which the function should terminate. For pinned functions, this timeout applies for each request.", + "title": "Timeout", + "type": "number" } }, "type": "object" }, - "AWS::IoTSiteWise::AccessPolicy.Portal": { + "AWS::Greengrass::FunctionDefinition.FunctionDefinitionVersion": { "additionalProperties": false, "properties": { - "id": { - "markdownDescription": "The ID of the portal.", - "title": "id", - "type": "string" + "DefaultConfig": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.DefaultConfig", + "markdownDescription": "The default configuration that applies to all Lambda functions in the group. Individual Lambda functions can override these settings.", + "title": "DefaultConfig" + }, + "Functions": { + "items": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.Function" + }, + "markdownDescription": "The functions in this version.", + "title": "Functions", + "type": "array" } }, + "required": [ + "Functions" + ], "type": "object" }, - "AWS::IoTSiteWise::AccessPolicy.Project": { + "AWS::Greengrass::FunctionDefinition.ResourceAccessPolicy": { "additionalProperties": false, "properties": { - "id": { - "markdownDescription": "The ID of the project.", - "title": "id", + "Permission": { + "markdownDescription": "The read-only or read-write access that the Lambda function has to the resource. Valid values are `ro` or `rw` .", + "title": "Permission", + "type": "string" + }, + "ResourceId": { + "markdownDescription": "The ID of the resource. This ID is assigned to the resource when you create the resource definition.", + "title": "ResourceId", "type": "string" } }, + "required": [ + "ResourceId" + ], "type": "object" }, - "AWS::IoTSiteWise::AccessPolicy.User": { + "AWS::Greengrass::FunctionDefinition.RunAs": { "additionalProperties": false, "properties": { - "id": { - "markdownDescription": "The IAM Identity Center ID of the user.", - "title": "id", - "type": "string" + "Gid": { + "markdownDescription": "The group ID whose permissions are used to run the Lambda function. You can use the `getent group` command on your core device to look up the group ID.", + "title": "Gid", + "type": "number" + }, + "Uid": { + "markdownDescription": "The user ID whose permissions are used to run the Lambda function. You can use the `getent passwd` command on your core device to look up the user ID.", + "title": "Uid", + "type": "number" } }, "type": "object" }, - "AWS::IoTSiteWise::Asset": { + "AWS::Greengrass::FunctionDefinitionVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -129331,60 +134107,34 @@ "Properties": { "additionalProperties": false, "properties": { - "AssetDescription": { - "markdownDescription": "The ID of the asset, in UUID format.", - "title": "AssetDescription", - "type": "string" - }, - "AssetExternalId": { - "markdownDescription": "The external ID of the asset model composite model. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", - "title": "AssetExternalId", - "type": "string" - }, - "AssetHierarchies": { - "items": { - "$ref": "#/definitions/AWS::IoTSiteWise::Asset.AssetHierarchy" - }, - "markdownDescription": "A list of asset hierarchies that each contain a `hierarchyId` . A hierarchy specifies allowed parent/child asset relationships.", - "title": "AssetHierarchies", - "type": "array" - }, - "AssetModelId": { - "markdownDescription": "The ID of the asset model from which to create the asset. This can be either the actual ID in UUID format, or else `externalId:` followed by the external ID, if it has one. For more information, see [Referencing objects with external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-id-references) in the *AWS IoT SiteWise User Guide* .", - "title": "AssetModelId", - "type": "string" + "DefaultConfig": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.DefaultConfig", + "markdownDescription": "The default configuration that applies to all Lambda functions in the group. Individual Lambda functions can override these settings.", + "title": "DefaultConfig" }, - "AssetName": { - "markdownDescription": "A friendly name for the asset.", - "title": "AssetName", + "FunctionDefinitionId": { + "markdownDescription": "The ID of the function definition associated with this version. This value is a GUID.", + "title": "FunctionDefinitionId", "type": "string" }, - "AssetProperties": { - "items": { - "$ref": "#/definitions/AWS::IoTSiteWise::Asset.AssetProperty" - }, - "markdownDescription": "The list of asset properties for the asset.\n\nThis object doesn't include properties that you define in composite models. You can find composite model properties in the `assetCompositeModels` object.", - "title": "AssetProperties", - "type": "array" - }, - "Tags": { + "Functions": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.Function" }, - "markdownDescription": "A list of key-value pairs that contain metadata for the asset. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* .", - "title": "Tags", + "markdownDescription": "The functions in this version.", + "title": "Functions", "type": "array" } }, "required": [ - "AssetModelId", - "AssetName" + "FunctionDefinitionId", + "Functions" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTSiteWise::Asset" + "AWS::Greengrass::FunctionDefinitionVersion" ], "type": "string" }, @@ -129403,72 +134153,168 @@ ], "type": "object" }, - "AWS::IoTSiteWise::Asset.AssetHierarchy": { + "AWS::Greengrass::FunctionDefinitionVersion.DefaultConfig": { "additionalProperties": false, "properties": { - "ChildAssetId": { - "markdownDescription": "The Id of the child asset.", - "title": "ChildAssetId", + "Execution": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.Execution", + "markdownDescription": "Configuration settings for the Lambda execution environment on the AWS IoT Greengrass core.", + "title": "Execution" + } + }, + "required": [ + "Execution" + ], + "type": "object" + }, + "AWS::Greengrass::FunctionDefinitionVersion.Environment": { + "additionalProperties": false, + "properties": { + "AccessSysfs": { + "markdownDescription": "Indicates whether the function is allowed to access the `/sys` directory on the core device, which allows the read device information from `/sys` .\n\n> This property applies only to Lambda functions that run in a Greengrass container.", + "title": "AccessSysfs", + "type": "boolean" + }, + "Execution": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.Execution", + "markdownDescription": "Settings for the Lambda execution environment in AWS IoT Greengrass .", + "title": "Execution" + }, + "ResourceAccessPolicies": { + "items": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.ResourceAccessPolicy" + }, + "markdownDescription": "A list of the [resources](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-resourcedefinitionversion-resourceinstance.html) in the group that the function can access, with the corresponding read-only or read-write permissions. The maximum is 10 resources.\n\n> This property applies only to Lambda functions that run in a Greengrass container.", + "title": "ResourceAccessPolicies", + "type": "array" + }, + "Variables": { + "markdownDescription": "Environment variables for the Lambda function.", + "title": "Variables", + "type": "object" + } + }, + "type": "object" + }, + "AWS::Greengrass::FunctionDefinitionVersion.Execution": { + "additionalProperties": false, + "properties": { + "IsolationMode": { + "markdownDescription": "The containerization that the Lambda function runs in. Valid values are `GreengrassContainer` or `NoContainer` . Typically, this is `GreengrassContainer` . For more information, see [Containerization](https://docs.aws.amazon.com/greengrass/v1/developerguide/lambda-group-config.html#lambda-function-containerization) in the *Developer Guide* .\n\n- When set on the [`DefaultConfig`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-defaultconfig.html) property of a function definition version, this setting is used as the default containerization for all Lambda functions in the function definition version.\n- When set on the [`Environment`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-environment.html) property of a function, this setting applies to the individual function and overrides the default. Omit this value to run the function with the default containerization.\n\n> We recommend that you run in a Greengrass container unless your business case requires that you run without containerization.", + "title": "IsolationMode", "type": "string" }, - "ExternalId": { - "markdownDescription": "The external ID of the hierarchy, if it has one. When you update an asset hierarchy, you may assign an external ID if it doesn't already have one. You can't change the external ID of an asset hierarchy that already has one. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", - "title": "ExternalId", + "RunAs": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.RunAs", + "markdownDescription": "The user and group permissions used to run the Lambda function. Typically, this is the ggc_user and ggc_group. For more information, see [Run as](https://docs.aws.amazon.com/greengrass/v1/developerguide/lambda-group-config.html#lambda-access-identity.html) in the *Developer Guide* .\n\n- When set on the [`DefaultConfig`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-defaultconfig.html) property of a function definition version, this setting is used as the default access identity for all Lambda functions in the function definition version.\n- When set on the [`Environment`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-environment.html) property of a function, this setting applies to the individual function and overrides the default. You can override the user, group, or both. Omit this value to run the function with the default permissions.\n\n> Running as the root user increases risks to your data and device. Do not run as root (UID/GID=0) unless your business case requires it. For more information and requirements, see [Running a Lambda Function as Root](https://docs.aws.amazon.com/greengrass/v1/developerguide/lambda-group-config.html#lambda-running-as-root) .", + "title": "RunAs" + } + }, + "type": "object" + }, + "AWS::Greengrass::FunctionDefinitionVersion.Function": { + "additionalProperties": false, + "properties": { + "FunctionArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the alias (recommended) or version of the referenced Lambda function.", + "title": "FunctionArn", "type": "string" }, + "FunctionConfiguration": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.FunctionConfiguration", + "markdownDescription": "The group-specific settings of the Lambda function. These settings configure the function's behavior in the Greengrass group.", + "title": "FunctionConfiguration" + }, "Id": { - "markdownDescription": "The ID of the hierarchy. This ID is a `hierarchyId` .\n\n> This is a return value and can't be set.", + "markdownDescription": "A descriptive or arbitrary ID for the function. This value must be unique within the function definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", "title": "Id", "type": "string" - }, - "LogicalId": { - "markdownDescription": "The ID of the hierarchy. This ID is a `hierarchyId` .", - "title": "LogicalId", - "type": "string" } }, "required": [ - "ChildAssetId" + "FunctionArn", + "FunctionConfiguration", + "Id" ], "type": "object" }, - "AWS::IoTSiteWise::Asset.AssetProperty": { + "AWS::Greengrass::FunctionDefinitionVersion.FunctionConfiguration": { "additionalProperties": false, "properties": { - "Alias": { - "markdownDescription": "The alias that identifies the property, such as an OPC-UA server data stream path (for example, `/company/windfarm/3/turbine/7/temperature` ). For more information, see [Mapping industrial data streams to asset properties](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/connect-data-streams.html) in the *AWS IoT SiteWise User Guide* .", - "title": "Alias", + "EncodingType": { + "markdownDescription": "The expected encoding type of the input payload for the function. Valid values are `json` (default) and `binary` .", + "title": "EncodingType", "type": "string" }, - "ExternalId": { - "markdownDescription": "The external ID of the property. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", - "title": "ExternalId", - "type": "string" + "Environment": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.Environment", + "markdownDescription": "The environment configuration of the function.", + "title": "Environment" }, - "Id": { - "markdownDescription": "The ID of the asset property.\n\n> This is a return value and can't be set.", - "title": "Id", + "ExecArgs": { + "markdownDescription": "The execution arguments.", + "title": "ExecArgs", "type": "string" }, - "LogicalId": { - "markdownDescription": "The `LogicalID` of the asset property.", - "title": "LogicalId", + "Executable": { + "markdownDescription": "The name of the function executable.", + "title": "Executable", "type": "string" }, - "NotificationState": { - "markdownDescription": "The MQTT notification state (enabled or disabled) for this asset property. When the notification state is enabled, AWS IoT SiteWise publishes property value updates to a unique MQTT topic. For more information, see [Interacting with other services](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/interact-with-other-services.html) in the *AWS IoT SiteWise User Guide* .\n\nIf you omit this parameter, the notification state is set to `DISABLED` .", - "title": "NotificationState", + "MemorySize": { + "markdownDescription": "The memory size (in KB) required by the function.\n\n> This property applies only to Lambda functions that run in a Greengrass container.", + "title": "MemorySize", + "type": "number" + }, + "Pinned": { + "markdownDescription": "Indicates whether the function is pinned (or *long-lived* ). Pinned functions start when the core starts and process all requests in the same container. The default value is false.", + "title": "Pinned", + "type": "boolean" + }, + "Timeout": { + "markdownDescription": "The allowed execution time (in seconds) after which the function should terminate. For pinned functions, this timeout applies for each request.", + "title": "Timeout", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Greengrass::FunctionDefinitionVersion.ResourceAccessPolicy": { + "additionalProperties": false, + "properties": { + "Permission": { + "markdownDescription": "The read-only or read-write access that the Lambda function has to the resource. Valid values are `ro` or `rw` .", + "title": "Permission", "type": "string" }, - "Unit": { - "markdownDescription": "The unit (such as `Newtons` or `RPM` ) of the asset property.", - "title": "Unit", + "ResourceId": { + "markdownDescription": "The ID of the resource. This ID is assigned to the resource when you create the resource definition.", + "title": "ResourceId", "type": "string" } }, + "required": [ + "ResourceId" + ], "type": "object" }, - "AWS::IoTSiteWise::AssetModel": { + "AWS::Greengrass::FunctionDefinitionVersion.RunAs": { + "additionalProperties": false, + "properties": { + "Gid": { + "markdownDescription": "The group ID whose permissions are used to run the Lambda function. You can use the `getent group` command on your core device to look up the group ID.", + "title": "Gid", + "type": "number" + }, + "Uid": { + "markdownDescription": "The user ID whose permissions are used to run the Lambda function. You can use the `getent passwd` command on your core device to look up the user ID.", + "title": "Uid", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Greengrass::Group": { "additionalProperties": false, "properties": { "Condition": { @@ -129503,67 +134349,35 @@ "Properties": { "additionalProperties": false, "properties": { - "AssetModelCompositeModels": { - "items": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.AssetModelCompositeModel" - }, - "markdownDescription": "The composite models that are part of this asset model. It groups properties (such as attributes, measurements, transforms, and metrics) and child composite models that model parts of your industrial equipment. Each composite model has a type that defines the properties that the composite model supports. Use composite models to define alarms on this asset model.\n\n> When creating custom composite models, you need to use [CreateAssetModelCompositeModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_CreateAssetModelCompositeModel.html) . For more information, see [Creating custom composite models (Components)](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/create-custom-composite-models.html) in the *AWS IoT SiteWise User Guide* .", - "title": "AssetModelCompositeModels", - "type": "array" - }, - "AssetModelDescription": { - "markdownDescription": "A description for the asset model.", - "title": "AssetModelDescription", - "type": "string" - }, - "AssetModelExternalId": { - "markdownDescription": "The external ID of the asset model. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", - "title": "AssetModelExternalId", - "type": "string" - }, - "AssetModelHierarchies": { - "items": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.AssetModelHierarchy" - }, - "markdownDescription": "The hierarchy definitions of the asset model. Each hierarchy specifies an asset model whose assets can be children of any other assets created from this asset model. For more information, see [Asset hierarchies](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/asset-hierarchies.html) in the *AWS IoT SiteWise User Guide* .\n\nYou can specify up to 10 hierarchies per asset model. For more information, see [Quotas](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/quotas.html) in the *AWS IoT SiteWise User Guide* .", - "title": "AssetModelHierarchies", - "type": "array" + "InitialVersion": { + "$ref": "#/definitions/AWS::Greengrass::Group.GroupVersion", + "markdownDescription": "The group version to include when the group is created. A group version references the Amazon Resource Name (ARN) of a core definition version, device definition version, subscription definition version, and other version types. The group version must reference a core definition version that contains one core. Other version types are optionally included, depending on your business need.\n\n> To associate a group version after the group is created, create an [`AWS::Greengrass::GroupVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-groupversion.html) resource and specify the ID of this group.", + "title": "InitialVersion" }, - "AssetModelName": { - "markdownDescription": "A unique name for the asset model.", - "title": "AssetModelName", + "Name": { + "markdownDescription": "The name of the group.", + "title": "Name", "type": "string" }, - "AssetModelProperties": { - "items": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.AssetModelProperty" - }, - "markdownDescription": "The property definitions of the asset model. For more information, see [Asset properties](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/asset-properties.html) in the *AWS IoT SiteWise User Guide* .\n\nYou can specify up to 200 properties per asset model. For more information, see [Quotas](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/quotas.html) in the *AWS IoT SiteWise User Guide* .", - "title": "AssetModelProperties", - "type": "array" - }, - "AssetModelType": { - "markdownDescription": "The type of asset model.\n\n- *ASSET_MODEL* \u2013 (default) An asset model that you can use to create assets. Can't be included as a component in another asset model.\n- *COMPONENT_MODEL* \u2013 A reusable component that you can include in the composite models of other asset models. You can't create assets directly from this type of asset model.", - "title": "AssetModelType", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role attached to the group. This role contains the permissions that Lambda functions and connectors use to interact with other AWS services.", + "title": "RoleArn", "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of key-value pairs that contain metadata for the asset. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* .", + "markdownDescription": "Application-specific metadata to attach to the group. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", "title": "Tags", - "type": "array" + "type": "object" } }, "required": [ - "AssetModelName" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTSiteWise::AssetModel" + "AWS::Greengrass::Group" ], "type": "string" }, @@ -129582,354 +134396,48 @@ ], "type": "object" }, - "AWS::IoTSiteWise::AssetModel.AssetModelCompositeModel": { + "AWS::Greengrass::Group.GroupVersion": { "additionalProperties": false, "properties": { - "ComposedAssetModelId": { - "markdownDescription": "The ID of a component model which is reused to create this composite model.", - "title": "ComposedAssetModelId", + "ConnectorDefinitionVersionArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the connector definition version that contains the connectors you want to deploy with the group version.", + "title": "ConnectorDefinitionVersionArn", "type": "string" }, - "CompositeModelProperties": { - "items": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.AssetModelProperty" - }, - "markdownDescription": "The asset property definitions for this composite model.", - "title": "CompositeModelProperties", - "type": "array" - }, - "Description": { - "markdownDescription": "The description of the composite model.\n\n> If the composite model is a `component-model-based` composite model, the description is inherited from the `COMPONENT_MODEL` asset model and cannot be changed.", - "title": "Description", + "CoreDefinitionVersionArn": { + "markdownDescription": "The ARN of the core definition version that contains the core you want to deploy with the group version. Currently, the core definition version can contain only one core.", + "title": "CoreDefinitionVersionArn", "type": "string" }, - "ExternalId": { - "markdownDescription": "The external ID of a composite model on this asset model. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .\n\n> One of `ExternalId` or `Path` must be specified.", - "title": "ExternalId", + "DeviceDefinitionVersionArn": { + "markdownDescription": "The ARN of the device definition version that contains the devices you want to deploy with the group version.", + "title": "DeviceDefinitionVersionArn", "type": "string" }, - "Id": { - "markdownDescription": "The ID of the asset model composite model.\n\n> This is a return value and can't be set.", - "title": "Id", + "FunctionDefinitionVersionArn": { + "markdownDescription": "The ARN of the function definition version that contains the functions you want to deploy with the group version.", + "title": "FunctionDefinitionVersionArn", "type": "string" }, - "Name": { - "markdownDescription": "The name of the composite model.", - "title": "Name", + "LoggerDefinitionVersionArn": { + "markdownDescription": "The ARN of the logger definition version that contains the loggers you want to deploy with the group version.", + "title": "LoggerDefinitionVersionArn", "type": "string" }, - "ParentAssetModelCompositeModelExternalId": { - "markdownDescription": "The external ID of the parent composite model. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", - "title": "ParentAssetModelCompositeModelExternalId", + "ResourceDefinitionVersionArn": { + "markdownDescription": "The ARN of the resource definition version that contains the resources you want to deploy with the group version.", + "title": "ResourceDefinitionVersionArn", "type": "string" }, - "Path": { - "items": { - "type": "string" - }, - "markdownDescription": "The structured path to the property from the root of the asset using property names. Path is used as the ID if the asset model is a derived composite model.\n\n> One of `ExternalId` or `Path` must be specified.", - "title": "Path", - "type": "array" - }, - "Type": { - "markdownDescription": "The type of the composite model. For alarm composite models, this type is `AWS/ALARM` .", - "title": "Type", + "SubscriptionDefinitionVersionArn": { + "markdownDescription": "The ARN of the subscription definition version that contains the subscriptions you want to deploy with the group version.", + "title": "SubscriptionDefinitionVersionArn", "type": "string" } }, - "required": [ - "Name", - "Type" - ], "type": "object" }, - "AWS::IoTSiteWise::AssetModel.AssetModelHierarchy": { - "additionalProperties": false, - "properties": { - "ChildAssetModelId": { - "markdownDescription": "The ID of the asset model, in UUID format. All assets in this hierarchy must be instances of the `childAssetModelId` asset model. AWS IoT SiteWise will always return the actual asset model ID for this value. However, when you are specifying this value as part of a call to [UpdateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateAssetModel.html) , you may provide either the asset model ID or else `externalId:` followed by the asset model's external ID. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", - "title": "ChildAssetModelId", - "type": "string" - }, - "ExternalId": { - "markdownDescription": "The external ID (if any) provided in the [CreateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_CreateAssetModel.html) or [UpdateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateAssetModel.html) operation. You can assign an external ID by specifying this value as part of a call to [UpdateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateAssetModel.html) . However, you can't change the external ID if one is already assigned. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .\n\n> One of `ExternalId` or `LogicalId` must be specified.", - "title": "ExternalId", - "type": "string" - }, - "Id": { - "markdownDescription": "The ID of the asset model hierarchy. This ID is a `hierarchyId` .\n\n> This is a return value and can't be set. \n\n- If you are callling [UpdateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateAssetModel.html) to create a *new* hierarchy: You can specify its ID here, if desired. AWS IoT SiteWise automatically generates a unique ID for you, so this parameter is never required. However, if you prefer to supply your own ID instead, you can specify it here in UUID format. If you specify your own ID, it must be globally unique.\n- If you are calling UpdateAssetModel to modify an *existing* hierarchy: This can be either the actual ID in UUID format, or else `externalId:` followed by the external ID, if it has one. For more information, see [Referencing objects with external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-id-references) in the *AWS IoT SiteWise User Guide* .", - "title": "Id", - "type": "string" - }, - "LogicalId": { - "markdownDescription": "The `LogicalID` of the asset model hierarchy. This ID is a `hierarchyLogicalId` .\n\n> One of `ExternalId` or `LogicalId` must be specified.", - "title": "LogicalId", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the asset model hierarchy that you specify by using the [CreateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_CreateAssetModel.html) or [UpdateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateAssetModel.html) API operation.", - "title": "Name", - "type": "string" - } - }, - "required": [ - "ChildAssetModelId", - "Name" - ], - "type": "object" - }, - "AWS::IoTSiteWise::AssetModel.AssetModelProperty": { - "additionalProperties": false, - "properties": { - "DataType": { - "markdownDescription": "The data type of the asset model property.\n\nIf you specify `STRUCT` , you must also specify `dataTypeSpec` to identify the type of the structure for this property.", - "title": "DataType", - "type": "string" - }, - "DataTypeSpec": { - "markdownDescription": "The data type of the structure for this property. This parameter exists on properties that have the `STRUCT` data type.", - "title": "DataTypeSpec", - "type": "string" - }, - "ExternalId": { - "markdownDescription": "The external ID of the asset property. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .\n\n> One of `ExternalId` or `LogicalId` must be specified.", - "title": "ExternalId", - "type": "string" - }, - "Id": { - "markdownDescription": "The ID of the property.\n\n> This is a return value and can't be set.", - "title": "Id", - "type": "string" - }, - "LogicalId": { - "markdownDescription": "The `LogicalID` of the asset model property.\n\n> One of `ExternalId` or `LogicalId` must be specified.", - "title": "LogicalId", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the asset model property.", - "title": "Name", - "type": "string" - }, - "Type": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.PropertyType", - "markdownDescription": "Contains a property type, which can be one of `attribute` , `measurement` , `metric` , or `transform` .", - "title": "Type" - }, - "Unit": { - "markdownDescription": "The unit of the asset model property, such as `Newtons` or `RPM` .", - "title": "Unit", - "type": "string" - } - }, - "required": [ - "DataType", - "Name", - "Type" - ], - "type": "object" - }, - "AWS::IoTSiteWise::AssetModel.Attribute": { - "additionalProperties": false, - "properties": { - "DefaultValue": { - "markdownDescription": "The default value of the asset model property attribute. All assets that you create from the asset model contain this attribute value. You can update an attribute's value after you create an asset. For more information, see [Updating attribute values](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/update-attribute-values.html) in the *AWS IoT SiteWise User Guide* .", - "title": "DefaultValue", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoTSiteWise::AssetModel.ExpressionVariable": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The friendly name of the variable to be used in the expression.", - "title": "Name", - "type": "string" - }, - "Value": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.VariableValue", - "markdownDescription": "The variable that identifies an asset property from which to use values.", - "title": "Value" - } - }, - "required": [ - "Name", - "Value" - ], - "type": "object" - }, - "AWS::IoTSiteWise::AssetModel.Metric": { - "additionalProperties": false, - "properties": { - "Expression": { - "markdownDescription": "The mathematical expression that defines the metric aggregation function. You can specify up to 10 variables per expression. You can specify up to 10 functions per expression.\n\nFor more information, see [Quotas](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/quotas.html) in the *AWS IoT SiteWise User Guide* .", - "title": "Expression", - "type": "string" - }, - "Variables": { - "items": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.ExpressionVariable" - }, - "markdownDescription": "The list of variables used in the expression.", - "title": "Variables", - "type": "array" - }, - "Window": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.MetricWindow", - "markdownDescription": "The window (time interval) over which AWS IoT SiteWise computes the metric's aggregation expression. AWS IoT SiteWise computes one data point per `window` .", - "title": "Window" - } - }, - "required": [ - "Expression", - "Variables", - "Window" - ], - "type": "object" - }, - "AWS::IoTSiteWise::AssetModel.MetricWindow": { - "additionalProperties": false, - "properties": { - "Tumbling": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.TumblingWindow", - "markdownDescription": "The tumbling time interval window.", - "title": "Tumbling" - } - }, - "type": "object" - }, - "AWS::IoTSiteWise::AssetModel.PropertyPathDefinition": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the path segment.", - "title": "Name", - "type": "string" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "AWS::IoTSiteWise::AssetModel.PropertyType": { - "additionalProperties": false, - "properties": { - "Attribute": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.Attribute", - "markdownDescription": "Specifies an asset attribute property. An attribute generally contains static information, such as the serial number of an [IIoT](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Internet_of_things#Industrial_applications) wind turbine.", - "title": "Attribute" - }, - "Metric": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.Metric", - "markdownDescription": "Specifies an asset metric property. A metric contains a mathematical expression that uses aggregate functions to process all input data points over a time interval and output a single data point, such as to calculate the average hourly temperature.", - "title": "Metric" - }, - "Transform": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.Transform", - "markdownDescription": "Specifies an asset transform property. A transform contains a mathematical expression that maps a property's data points from one form to another, such as a unit conversion from Celsius to Fahrenheit.", - "title": "Transform" - }, - "TypeName": { - "markdownDescription": "The type of property type, which can be one of `Attribute` , `Measurement` , `Metric` , or `Transform` .", - "title": "TypeName", - "type": "string" - } - }, - "required": [ - "TypeName" - ], - "type": "object" - }, - "AWS::IoTSiteWise::AssetModel.Transform": { - "additionalProperties": false, - "properties": { - "Expression": { - "markdownDescription": "The mathematical expression that defines the transformation function. You can specify up to 10 variables per expression. You can specify up to 10 functions per expression.\n\nFor more information, see [Quotas](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/quotas.html) in the *AWS IoT SiteWise User Guide* .", - "title": "Expression", - "type": "string" - }, - "Variables": { - "items": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.ExpressionVariable" - }, - "markdownDescription": "The list of variables used in the expression.", - "title": "Variables", - "type": "array" - } - }, - "required": [ - "Expression", - "Variables" - ], - "type": "object" - }, - "AWS::IoTSiteWise::AssetModel.TumblingWindow": { - "additionalProperties": false, - "properties": { - "Interval": { - "markdownDescription": "The time interval for the tumbling window. The interval time must be between 1 minute and 1 week.\n\nAWS IoT SiteWise computes the `1w` interval the end of Sunday at midnight each week (UTC), the `1d` interval at the end of each day at midnight (UTC), the `1h` interval at the end of each hour, and so on.\n\nWhen AWS IoT SiteWise aggregates data points for metric computations, the start of each interval is exclusive and the end of each interval is inclusive. AWS IoT SiteWise places the computed data point at the end of the interval.", - "title": "Interval", - "type": "string" - }, - "Offset": { - "markdownDescription": "The offset for the tumbling window. The `offset` parameter accepts the following:\n\n- The offset time.\n\nFor example, if you specify `18h` for `offset` and `1d` for `interval` , AWS IoT SiteWise aggregates data in one of the following ways:\n\n- If you create the metric before or at 6 PM (UTC), you get the first aggregation result at 6 PM (UTC) on the day when you create the metric.\n- If you create the metric after 6 PM (UTC), you get the first aggregation result at 6 PM (UTC) the next day.\n- The ISO 8601 format.\n\nFor example, if you specify `PT18H` for `offset` and `1d` for `interval` , AWS IoT SiteWise aggregates data in one of the following ways:\n\n- If you create the metric before or at 6 PM (UTC), you get the first aggregation result at 6 PM (UTC) on the day when you create the metric.\n- If you create the metric after 6 PM (UTC), you get the first aggregation result at 6 PM (UTC) the next day.\n- The 24-hour clock.\n\nFor example, if you specify `00:03:00` for `offset` , `5m` for `interval` , and you create the metric at 2 PM (UTC), you get the first aggregation result at 2:03 PM (UTC). You get the second aggregation result at 2:08 PM (UTC).\n- The offset time zone.\n\nFor example, if you specify `2021-07-23T18:00-08` for `offset` and `1d` for `interval` , AWS IoT SiteWise aggregates data in one of the following ways:\n\n- If you create the metric before or at 6 PM (PST), you get the first aggregation result at 6 PM (PST) on the day when you create the metric.\n- If you create the metric after 6 PM (PST), you get the first aggregation result at 6 PM (PST) the next day.", - "title": "Offset", - "type": "string" - } - }, - "required": [ - "Interval" - ], - "type": "object" - }, - "AWS::IoTSiteWise::AssetModel.VariableValue": { - "additionalProperties": false, - "properties": { - "HierarchyExternalId": { - "markdownDescription": "The external ID of the hierarchy being referenced. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", - "title": "HierarchyExternalId", - "type": "string" - }, - "HierarchyId": { - "markdownDescription": "The ID of the hierarchy to query for the property ID. You can use the hierarchy's name instead of the hierarchy's ID. If the hierarchy has an external ID, you can specify `externalId:` followed by the external ID. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .\n\nYou use a hierarchy ID instead of a model ID because you can have several hierarchies using the same model and therefore the same `propertyId` . For example, you might have separately grouped assets that come from the same asset model. For more information, see [Asset hierarchies](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/asset-hierarchies.html) in the *AWS IoT SiteWise User Guide* .", - "title": "HierarchyId", - "type": "string" - }, - "HierarchyLogicalId": { - "markdownDescription": "The `LogicalID` of the hierarchy to query for the `PropertyLogicalID` .\n\nYou use a `hierarchyLogicalID` instead of a model ID because you can have several hierarchies using the same model and therefore the same property. For example, you might have separately grouped assets that come from the same asset model. For more information, see [Defining relationships between asset models (hierarchies)](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/asset-hierarchies.html) in the *AWS IoT SiteWise User Guide* .", - "title": "HierarchyLogicalId", - "type": "string" - }, - "PropertyExternalId": { - "markdownDescription": "The external ID of the property being referenced. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", - "title": "PropertyExternalId", - "type": "string" - }, - "PropertyId": { - "markdownDescription": "The ID of the property to use as the variable. You can use the property `name` if it's from the same asset model. If the property has an external ID, you can specify `externalId:` followed by the external ID. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .\n\n> This is a return value and can't be set.", - "title": "PropertyId", - "type": "string" - }, - "PropertyLogicalId": { - "markdownDescription": "The `LogicalID` of the property that is being referenced.", - "title": "PropertyLogicalId", - "type": "string" - }, - "PropertyPath": { - "items": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.PropertyPathDefinition" - }, - "markdownDescription": "The path of the property. Each step of the path is the name of the step. See the following example:\n\n`PropertyPath: Name: AssetModelName Name: Composite1 Name: NestedComposite`", - "title": "PropertyPath", - "type": "array" - } - }, - "type": "object" - }, - "AWS::IoTSiteWise::Dashboard": { + "AWS::Greengrass::GroupVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -129964,45 +134472,55 @@ "Properties": { "additionalProperties": false, "properties": { - "DashboardDefinition": { - "markdownDescription": "The dashboard definition specified in a JSON literal.\n\n- AWS IoT SiteWise Monitor (Classic) see [Create dashboards ( AWS CLI )](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/create-dashboards-using-aws-cli.html)\n- AWS IoT SiteWise Monitor (AI-aware) see [Create dashboards ( AWS CLI )](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/create-dashboards-ai-dashboard-cli.html)\n\nin the *AWS IoT SiteWise User Guide*", - "title": "DashboardDefinition", + "ConnectorDefinitionVersionArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the connector definition version that contains the connectors you want to deploy with the group version.", + "title": "ConnectorDefinitionVersionArn", "type": "string" }, - "DashboardDescription": { - "markdownDescription": "A description for the dashboard.", - "title": "DashboardDescription", + "CoreDefinitionVersionArn": { + "markdownDescription": "The ARN of the core definition version that contains the core you want to deploy with the group version. Currently, the core definition version can contain only one core.", + "title": "CoreDefinitionVersionArn", "type": "string" }, - "DashboardName": { - "markdownDescription": "A friendly name for the dashboard.", - "title": "DashboardName", + "DeviceDefinitionVersionArn": { + "markdownDescription": "The ARN of the device definition version that contains the devices you want to deploy with the group version.", + "title": "DeviceDefinitionVersionArn", "type": "string" }, - "ProjectId": { - "markdownDescription": "The ID of the project in which to create the dashboard.", - "title": "ProjectId", + "FunctionDefinitionVersionArn": { + "markdownDescription": "The ARN of the function definition version that contains the functions you want to deploy with the group version.", + "title": "FunctionDefinitionVersionArn", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of key-value pairs that contain metadata for the dashboard. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* .", - "title": "Tags", - "type": "array" + "GroupId": { + "markdownDescription": "The ID of the group associated with this version. This value is a GUID.", + "title": "GroupId", + "type": "string" + }, + "LoggerDefinitionVersionArn": { + "markdownDescription": "The ARN of the logger definition version that contains the loggers you want to deploy with the group version.", + "title": "LoggerDefinitionVersionArn", + "type": "string" + }, + "ResourceDefinitionVersionArn": { + "markdownDescription": "The ARN of the resource definition version that contains the resources you want to deploy with the group version.", + "title": "ResourceDefinitionVersionArn", + "type": "string" + }, + "SubscriptionDefinitionVersionArn": { + "markdownDescription": "The ARN of the subscription definition version that contains the subscriptions you want to deploy with the group version.", + "title": "SubscriptionDefinitionVersionArn", + "type": "string" } }, "required": [ - "DashboardDefinition", - "DashboardDescription", - "DashboardName" + "GroupId" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTSiteWise::Dashboard" + "AWS::Greengrass::GroupVersion" ], "type": "string" }, @@ -130021,7 +134539,7 @@ ], "type": "object" }, - "AWS::IoTSiteWise::Gateway": { + "AWS::Greengrass::LoggerDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -130056,42 +134574,30 @@ "Properties": { "additionalProperties": false, "properties": { - "GatewayCapabilitySummaries": { - "items": { - "$ref": "#/definitions/AWS::IoTSiteWise::Gateway.GatewayCapabilitySummary" - }, - "markdownDescription": "A list of gateway capability summaries that each contain a namespace and status. Each gateway capability defines data sources for the gateway. To retrieve a capability configuration's definition, use [DescribeGatewayCapabilityConfiguration](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DescribeGatewayCapabilityConfiguration.html) .", - "title": "GatewayCapabilitySummaries", - "type": "array" + "InitialVersion": { + "$ref": "#/definitions/AWS::Greengrass::LoggerDefinition.LoggerDefinitionVersion", + "markdownDescription": "The logger definition version to include when the logger definition is created. A logger definition version contains a list of [`logger`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-loggerdefinition-logger.html) property types.\n\n> To associate a logger definition version after the logger definition is created, create an [`AWS::Greengrass::LoggerDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-loggerdefinitionversion.html) resource and specify the ID of this logger definition.", + "title": "InitialVersion" }, - "GatewayName": { - "markdownDescription": "A unique name for the gateway.", - "title": "GatewayName", + "Name": { + "markdownDescription": "The name of the logger definition.", + "title": "Name", "type": "string" }, - "GatewayPlatform": { - "$ref": "#/definitions/AWS::IoTSiteWise::Gateway.GatewayPlatform", - "markdownDescription": "The gateway's platform. You can only specify one platform in a gateway.", - "title": "GatewayPlatform" - }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of key-value pairs that contain metadata for the gateway. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* .", + "markdownDescription": "Application-specific metadata to attach to the logger definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", "title": "Tags", - "type": "array" + "type": "object" } }, "required": [ - "GatewayName", - "GatewayPlatform" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTSiteWise::Gateway" + "AWS::Greengrass::LoggerDefinition" ], "type": "string" }, @@ -130110,85 +134616,61 @@ ], "type": "object" }, - "AWS::IoTSiteWise::Gateway.GatewayCapabilitySummary": { + "AWS::Greengrass::LoggerDefinition.Logger": { "additionalProperties": false, "properties": { - "CapabilityConfiguration": { - "markdownDescription": "The JSON document that defines the configuration for the gateway capability. For more information, see [Configuring data sources (CLI)](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/configure-sources.html#configure-source-cli) in the *AWS IoT SiteWise User Guide* .", - "title": "CapabilityConfiguration", + "Component": { + "markdownDescription": "The source of the log event. Valid values are `GreengrassSystem` or `Lambda` . When `GreengrassSystem` is used, events from Greengrass system components are logged. When `Lambda` is used, events from user-defined Lambda functions are logged.", + "title": "Component", "type": "string" }, - "CapabilityNamespace": { - "markdownDescription": "The namespace of the capability configuration. For example, if you configure OPC-UA sources from the AWS IoT SiteWise console, your OPC-UA capability configuration has the namespace `iotsitewise:opcuacollector:version` , where `version` is a number such as `1` .", - "title": "CapabilityNamespace", + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the logger. This value must be unique within the logger definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", "type": "string" - } - }, - "required": [ - "CapabilityNamespace" - ], - "type": "object" - }, - "AWS::IoTSiteWise::Gateway.GatewayPlatform": { - "additionalProperties": false, - "properties": { - "Greengrass": { - "$ref": "#/definitions/AWS::IoTSiteWise::Gateway.Greengrass" }, - "GreengrassV2": { - "$ref": "#/definitions/AWS::IoTSiteWise::Gateway.GreengrassV2", - "markdownDescription": "A gateway that runs on AWS IoT Greengrass V2 .", - "title": "GreengrassV2" - }, - "SiemensIE": { - "$ref": "#/definitions/AWS::IoTSiteWise::Gateway.SiemensIE", - "markdownDescription": "An AWS IoT SiteWise Edge gateway that runs on a Siemens Industrial Edge Device.", - "title": "SiemensIE" - } - }, - "type": "object" - }, - "AWS::IoTSiteWise::Gateway.Greengrass": { - "additionalProperties": false, - "properties": { - "GroupArn": { + "Level": { + "markdownDescription": "The log-level threshold. Log events below this threshold are filtered out and aren't stored. Valid values are `DEBUG` , `INFO` (recommended), `WARN` , `ERROR` , or `FATAL` .", + "title": "Level", "type": "string" - } - }, - "required": [ - "GroupArn" - ], - "type": "object" - }, - "AWS::IoTSiteWise::Gateway.GreengrassV2": { - "additionalProperties": false, - "properties": { - "CoreDeviceThingName": { - "markdownDescription": "The name of the AWS IoT thing for your AWS IoT Greengrass V2 core device.", - "title": "CoreDeviceThingName", + }, + "Space": { + "markdownDescription": "The amount of file space (in KB) to use when writing logs to the local file system. This property does not apply for CloudWatch Logs .", + "title": "Space", + "type": "number" + }, + "Type": { + "markdownDescription": "The storage mechanism for log events. Valid values are `FileSystem` or `AWSCloudWatch` . When `AWSCloudWatch` is used, log events are sent to CloudWatch Logs . When `FileSystem` is used, log events are stored on the local file system.", + "title": "Type", "type": "string" } }, "required": [ - "CoreDeviceThingName" + "Component", + "Id", + "Level", + "Type" ], "type": "object" }, - "AWS::IoTSiteWise::Gateway.SiemensIE": { + "AWS::Greengrass::LoggerDefinition.LoggerDefinitionVersion": { "additionalProperties": false, "properties": { - "IotCoreThingName": { - "markdownDescription": "The name of the AWS IoT Thing for your AWS IoT SiteWise Edge gateway.", - "title": "IotCoreThingName", - "type": "string" + "Loggers": { + "items": { + "$ref": "#/definitions/AWS::Greengrass::LoggerDefinition.Logger" + }, + "markdownDescription": "The loggers in this version.", + "title": "Loggers", + "type": "array" } }, "required": [ - "IotCoreThingName" + "Loggers" ], "type": "object" }, - "AWS::IoTSiteWise::Portal": { + "AWS::Greengrass::LoggerDefinitionVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -130223,60 +134705,29 @@ "Properties": { "additionalProperties": false, "properties": { - "Alarms": { - "$ref": "#/definitions/AWS::IoTSiteWise::Portal.Alarms", - "markdownDescription": "Contains the configuration information of an alarm created in an AWS IoT SiteWise Monitor portal. You can use the alarm to monitor an asset property and get notified when the asset property value is outside a specified range. For more information, see [Monitoring with alarms](https://docs.aws.amazon.com/iot-sitewise/latest/appguide/monitor-alarms.html) in the *AWS IoT SiteWise Application Guide* .", - "title": "Alarms" - }, - "NotificationSenderEmail": { - "markdownDescription": "The email address that sends alarm notifications.\n\n> If you use the [AWS IoT Events managed Lambda function](https://docs.aws.amazon.com/iotevents/latest/developerguide/lambda-support.html) to manage your emails, you must [verify the sender email address in Amazon SES](https://docs.aws.amazon.com/ses/latest/DeveloperGuide/verify-email-addresses.html) .", - "title": "NotificationSenderEmail", - "type": "string" - }, - "PortalAuthMode": { - "markdownDescription": "The service to use to authenticate users to the portal. Choose from the following options:\n\n- `SSO` \u2013 The portal uses AWS IAM Identity Center to authenticate users and manage user permissions. Before you can create a portal that uses IAM Identity Center, you must enable IAM Identity Center. For more information, see [Enabling IAM Identity Center](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/monitor-get-started.html#mon-gs-sso) in the *AWS IoT SiteWise User Guide* . This option is only available in AWS Regions other than the China Regions.\n- `IAM` \u2013 The portal uses AWS Identity and Access Management to authenticate users and manage user permissions.\n\nYou can't change this value after you create a portal.\n\nDefault: `SSO`", - "title": "PortalAuthMode", - "type": "string" - }, - "PortalContactEmail": { - "markdownDescription": "The AWS administrator's contact email address.", - "title": "PortalContactEmail", - "type": "string" - }, - "PortalDescription": { - "markdownDescription": "A description for the portal.", - "title": "PortalDescription", - "type": "string" - }, - "PortalName": { - "markdownDescription": "A friendly name for the portal.", - "title": "PortalName", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) of a service role that allows the portal's users to access your AWS IoT SiteWise resources on your behalf. For more information, see [Using service roles for AWS IoT SiteWise Monitor](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/monitor-service-role.html) in the *AWS IoT SiteWise User Guide* .", - "title": "RoleArn", + "LoggerDefinitionId": { + "markdownDescription": "The ID of the logger definition associated with this version. This value is a GUID.", + "title": "LoggerDefinitionId", "type": "string" }, - "Tags": { + "Loggers": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Greengrass::LoggerDefinitionVersion.Logger" }, - "markdownDescription": "A list of key-value pairs that contain metadata for the portal. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* .", - "title": "Tags", + "markdownDescription": "The loggers in this version.", + "title": "Loggers", "type": "array" } }, "required": [ - "PortalContactEmail", - "PortalName", - "RoleArn" + "LoggerDefinitionId", + "Loggers" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTSiteWise::Portal" + "AWS::Greengrass::LoggerDefinitionVersion" ], "type": "string" }, @@ -130295,23 +134746,44 @@ ], "type": "object" }, - "AWS::IoTSiteWise::Portal.Alarms": { + "AWS::Greengrass::LoggerDefinitionVersion.Logger": { "additionalProperties": false, "properties": { - "AlarmRoleArn": { - "markdownDescription": "The [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) of the IAM role that allows the alarm to perform actions and access AWS resources and services, such as AWS IoT Events .", - "title": "AlarmRoleArn", + "Component": { + "markdownDescription": "The source of the log event. Valid values are `GreengrassSystem` or `Lambda` . When `GreengrassSystem` is used, events from Greengrass system components are logged. When `Lambda` is used, events from user-defined Lambda functions are logged.", + "title": "Component", "type": "string" }, - "NotificationLambdaArn": { - "markdownDescription": "The [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) of the Lambda function that manages alarm notifications. For more information, see [Managing alarm notifications](https://docs.aws.amazon.com/iotevents/latest/developerguide/lambda-support.html) in the *AWS IoT Events Developer Guide* .", - "title": "NotificationLambdaArn", + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the logger. This value must be unique within the logger definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", + "type": "string" + }, + "Level": { + "markdownDescription": "The log-level threshold. Log events below this threshold are filtered out and aren't stored. Valid values are `DEBUG` , `INFO` (recommended), `WARN` , `ERROR` , or `FATAL` .", + "title": "Level", + "type": "string" + }, + "Space": { + "markdownDescription": "The amount of file space (in KB) to use when writing logs to the local file system. This property does not apply for CloudWatch Logs .", + "title": "Space", + "type": "number" + }, + "Type": { + "markdownDescription": "The storage mechanism for log events. Valid values are `FileSystem` or `AWSCloudWatch` . When `AWSCloudWatch` is used, log events are sent to CloudWatch Logs . When `FileSystem` is used, log events are stored on the local file system.", + "title": "Type", "type": "string" } }, + "required": [ + "Component", + "Id", + "Level", + "Type" + ], "type": "object" }, - "AWS::IoTSiteWise::Project": { + "AWS::Greengrass::ResourceDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -130346,47 +134818,30 @@ "Properties": { "additionalProperties": false, "properties": { - "AssetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list that contains the IDs of each asset associated with the project.", - "title": "AssetIds", - "type": "array" - }, - "PortalId": { - "markdownDescription": "The ID of the portal in which to create the project.", - "title": "PortalId", - "type": "string" - }, - "ProjectDescription": { - "markdownDescription": "A description for the project.", - "title": "ProjectDescription", - "type": "string" + "InitialVersion": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.ResourceDefinitionVersion", + "markdownDescription": "The resource definition version to include when the resource definition is created. A resource definition version contains a list of [`resource instance`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-resourcedefinition-resourceinstance.html) property types.\n\n> To associate a resource definition version after the resource definition is created, create an [`AWS::Greengrass::ResourceDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-resourcedefinitionversion.html) resource and specify the ID of this resource definition.", + "title": "InitialVersion" }, - "ProjectName": { - "markdownDescription": "A friendly name for the project.", - "title": "ProjectName", + "Name": { + "markdownDescription": "The name of the resource definition.", + "title": "Name", "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of key-value pairs that contain metadata for the project. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* .", + "markdownDescription": "Application-specific metadata to attach to the resource definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", "title": "Tags", - "type": "array" + "type": "object" } }, "required": [ - "PortalId", - "ProjectName" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTSiteWise::Project" + "AWS::Greengrass::ResourceDefinition" ], "type": "string" }, @@ -130405,91 +134860,236 @@ ], "type": "object" }, - "AWS::IoTThingsGraph::FlowTemplate": { + "AWS::Greengrass::ResourceDefinition.GroupOwnerSetting": { "additionalProperties": false, "properties": { - "Condition": { + "AutoAddGroupOwner": { + "markdownDescription": "Indicates whether to give the privileges of the Linux group that owns the resource to the Lambda process. This gives the Lambda process the file access permissions of the Linux group.", + "title": "AutoAddGroupOwner", + "type": "boolean" + }, + "GroupOwner": { + "markdownDescription": "The name of the Linux group whose privileges you want to add to the Lambda process. This value is ignored if `AutoAddGroupOwner` is true.", + "title": "GroupOwner", "type": "string" + } + }, + "required": [ + "AutoAddGroupOwner" + ], + "type": "object" + }, + "AWS::Greengrass::ResourceDefinition.LocalDeviceResourceData": { + "additionalProperties": false, + "properties": { + "GroupOwnerSetting": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.GroupOwnerSetting", + "markdownDescription": "Settings that define additional Linux OS group permissions to give to the Lambda function process.", + "title": "GroupOwnerSetting" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SourcePath": { + "markdownDescription": "The local absolute path of the device resource. The source path for a device resource can refer only to a character device or block device under `/dev` .", + "title": "SourcePath", + "type": "string" + } + }, + "required": [ + "SourcePath" + ], + "type": "object" + }, + "AWS::Greengrass::ResourceDefinition.LocalVolumeResourceData": { + "additionalProperties": false, + "properties": { + "DestinationPath": { + "markdownDescription": "The absolute local path of the resource in the Lambda environment.", + "title": "DestinationPath", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "GroupOwnerSetting": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.GroupOwnerSetting", + "markdownDescription": "Settings that define additional Linux OS group permissions to give to the Lambda function process.", + "title": "GroupOwnerSetting" }, - "Metadata": { - "type": "object" + "SourcePath": { + "markdownDescription": "The local absolute path of the volume resource on the host. The source path for a volume resource type cannot start with `/sys` .", + "title": "SourcePath", + "type": "string" + } + }, + "required": [ + "DestinationPath", + "SourcePath" + ], + "type": "object" + }, + "AWS::Greengrass::ResourceDefinition.ResourceDataContainer": { + "additionalProperties": false, + "properties": { + "LocalDeviceResourceData": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.LocalDeviceResourceData", + "markdownDescription": "Settings for a local device resource.", + "title": "LocalDeviceResourceData" }, - "Properties": { - "additionalProperties": false, - "properties": { - "CompatibleNamespaceVersion": { - "type": "number" - }, - "Definition": { - "$ref": "#/definitions/AWS::IoTThingsGraph::FlowTemplate.DefinitionDocument" - } + "LocalVolumeResourceData": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.LocalVolumeResourceData", + "markdownDescription": "Settings for a local volume resource.", + "title": "LocalVolumeResourceData" + }, + "S3MachineLearningModelResourceData": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.S3MachineLearningModelResourceData", + "markdownDescription": "Settings for a machine learning resource stored in Amazon S3 .", + "title": "S3MachineLearningModelResourceData" + }, + "SageMakerMachineLearningModelResourceData": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.SageMakerMachineLearningModelResourceData", + "markdownDescription": "Settings for a machine learning resource saved as an SageMaker AI training job.", + "title": "SageMakerMachineLearningModelResourceData" + }, + "SecretsManagerSecretResourceData": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.SecretsManagerSecretResourceData", + "markdownDescription": "Settings for a secret resource.", + "title": "SecretsManagerSecretResourceData" + } + }, + "type": "object" + }, + "AWS::Greengrass::ResourceDefinition.ResourceDefinitionVersion": { + "additionalProperties": false, + "properties": { + "Resources": { + "items": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.ResourceInstance" }, - "required": [ - "Definition" - ], - "type": "object" + "markdownDescription": "The resources in this version.", + "title": "Resources", + "type": "array" + } + }, + "required": [ + "Resources" + ], + "type": "object" + }, + "AWS::Greengrass::ResourceDefinition.ResourceDownloadOwnerSetting": { + "additionalProperties": false, + "properties": { + "GroupOwner": { + "markdownDescription": "The group owner of the machine learning resource. This is the group ID (GID) of an existing Linux OS group on the system. The group's permissions are added to the Lambda process.", + "title": "GroupOwner", + "type": "string" }, - "Type": { - "enum": [ - "AWS::IoTThingsGraph::FlowTemplate" - ], + "GroupPermission": { + "markdownDescription": "The permissions that the group owner has to the machine learning resource. Valid values are `rw` (read-write) or `ro` (read-only).", + "title": "GroupPermission", + "type": "string" + } + }, + "required": [ + "GroupOwner", + "GroupPermission" + ], + "type": "object" + }, + "AWS::Greengrass::ResourceDefinition.ResourceInstance": { + "additionalProperties": false, + "properties": { + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the resource. This value must be unique within the resource definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "The descriptive resource name, which is displayed on the AWS IoT Greengrass console. Maximum length 128 characters with pattern [a-zA-Z0-9:_-]+. This must be unique within a Greengrass group.", + "title": "Name", + "type": "string" + }, + "ResourceDataContainer": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.ResourceDataContainer", + "markdownDescription": "A container for resource data. The container takes only one of the following supported resource data types: `LocalDeviceResourceData` , `LocalVolumeResourceData` , `SageMakerMachineLearningModelResourceData` , `S3MachineLearningModelResourceData` , or `SecretsManagerSecretResourceData` .\n\n> Only one resource type can be defined for a `ResourceDataContainer` instance.", + "title": "ResourceDataContainer" + } + }, + "required": [ + "Id", + "Name", + "ResourceDataContainer" + ], + "type": "object" + }, + "AWS::Greengrass::ResourceDefinition.S3MachineLearningModelResourceData": { + "additionalProperties": false, + "properties": { + "DestinationPath": { + "markdownDescription": "The absolute local path of the resource inside the Lambda environment.", + "title": "DestinationPath", + "type": "string" + }, + "OwnerSetting": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.ResourceDownloadOwnerSetting", + "markdownDescription": "The owner setting for the downloaded machine learning resource. For more information, see [Access Machine Learning Resources from Lambda Functions](https://docs.aws.amazon.com/greengrass/v1/developerguide/access-ml-resources.html) in the *Developer Guide* .", + "title": "OwnerSetting" + }, + "S3Uri": { + "markdownDescription": "The URI of the source model in an Amazon S3 bucket. The model package must be in `tar.gz` or `.zip` format.", + "title": "S3Uri", "type": "string" } }, "required": [ - "Type", - "Properties" + "DestinationPath", + "S3Uri" ], "type": "object" }, - "AWS::IoTThingsGraph::FlowTemplate.DefinitionDocument": { + "AWS::Greengrass::ResourceDefinition.SageMakerMachineLearningModelResourceData": { "additionalProperties": false, "properties": { - "Language": { + "DestinationPath": { + "markdownDescription": "The absolute local path of the resource inside the Lambda environment.", + "title": "DestinationPath", "type": "string" }, - "Text": { + "OwnerSetting": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.ResourceDownloadOwnerSetting", + "markdownDescription": "The owner setting for the downloaded machine learning resource. For more information, see [Access Machine Learning Resources from Lambda Functions](https://docs.aws.amazon.com/greengrass/v1/developerguide/access-ml-resources.html) in the *Developer Guide* .", + "title": "OwnerSetting" + }, + "SageMakerJobArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SageMaker AI training job that represents the source model.", + "title": "SageMakerJobArn", "type": "string" } }, "required": [ - "Language", - "Text" + "DestinationPath", + "SageMakerJobArn" ], "type": "object" }, - "AWS::IoTTwinMaker::ComponentType": { + "AWS::Greengrass::ResourceDefinition.SecretsManagerSecretResourceData": { + "additionalProperties": false, + "properties": { + "ARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Secrets Manager secret to make available on the core. The value of the secret's latest version (represented by the `AWSCURRENT` staging label) is included by default.", + "title": "ARN", + "type": "string" + }, + "AdditionalStagingLabelsToDownload": { + "items": { + "type": "string" + }, + "markdownDescription": "The staging labels whose values you want to make available on the core, in addition to `AWSCURRENT` .", + "title": "AdditionalStagingLabelsToDownload", + "type": "array" + } + }, + "required": [ + "ARN" + ], + "type": "object" + }, + "AWS::Greengrass::ResourceDefinitionVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -130524,99 +135124,29 @@ "Properties": { "additionalProperties": false, "properties": { - "ComponentTypeId": { - "markdownDescription": "The ID of the component type.", - "title": "ComponentTypeId", - "type": "string" - }, - "CompositeComponentTypes": { - "additionalProperties": false, - "markdownDescription": "Maps strings to `compositeComponentTypes` of the `componentType` . `CompositeComponentType` is referenced by `componentTypeId` .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.CompositeComponentType" - } - }, - "title": "CompositeComponentTypes", - "type": "object" - }, - "Description": { - "markdownDescription": "The description of the component type.", - "title": "Description", + "ResourceDefinitionId": { + "markdownDescription": "The ID of the resource definition associated with this version. This value is a GUID.", + "title": "ResourceDefinitionId", "type": "string" }, - "ExtendsFrom": { + "Resources": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.ResourceInstance" }, - "markdownDescription": "The name of the parent component type that this component type extends.", - "title": "ExtendsFrom", + "markdownDescription": "The resources in this version.", + "title": "Resources", "type": "array" - }, - "Functions": { - "additionalProperties": false, - "markdownDescription": "An object that maps strings to the functions in the component type. Each string in the mapping must be unique to this object.\n\nFor information on the FunctionResponse object see the [FunctionResponse](https://docs.aws.amazon.com//iot-twinmaker/latest/apireference/API_FunctionResponse.html) API reference.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.Function" - } - }, - "title": "Functions", - "type": "object" - }, - "IsSingleton": { - "markdownDescription": "A boolean value that specifies whether an entity can have more than one component of this type.", - "title": "IsSingleton", - "type": "boolean" - }, - "PropertyDefinitions": { - "additionalProperties": false, - "markdownDescription": "An object that maps strings to the property definitions in the component type. Each string in the mapping must be unique to this object.\n\nFor information about the PropertyDefinitionResponse object, see the [PropertyDefinitionResponse](https://docs.aws.amazon.com//iot-twinmaker/latest/apireference/API_PropertyDefinitionResponse.html) API reference.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.PropertyDefinition" - } - }, - "title": "PropertyDefinitions", - "type": "object" - }, - "PropertyGroups": { - "additionalProperties": false, - "markdownDescription": "An object that maps strings to the property groups in the component type. Each string in the mapping must be unique to this object.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.PropertyGroup" - } - }, - "title": "PropertyGroups", - "type": "object" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "The ComponentType tags.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - }, - "WorkspaceId": { - "markdownDescription": "The ID of the workspace that contains the component type.", - "title": "WorkspaceId", - "type": "string" } }, "required": [ - "ComponentTypeId", - "WorkspaceId" + "ResourceDefinitionId", + "Resources" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTTwinMaker::ComponentType" + "AWS::Greengrass::ResourceDefinitionVersion" ], "type": "string" }, @@ -130635,299 +135165,345 @@ ], "type": "object" }, - "AWS::IoTTwinMaker::ComponentType.CompositeComponentType": { + "AWS::Greengrass::ResourceDefinitionVersion.GroupOwnerSetting": { "additionalProperties": false, "properties": { - "ComponentTypeId": { - "markdownDescription": "The ID of the component type.", - "title": "ComponentTypeId", + "AutoAddGroupOwner": { + "markdownDescription": "Indicates whether to give the privileges of the Linux group that owns the resource to the Lambda process. This gives the Lambda process the file access permissions of the Linux group.", + "title": "AutoAddGroupOwner", + "type": "boolean" + }, + "GroupOwner": { + "markdownDescription": "The name of the Linux group whose privileges you want to add to the Lambda process. This value is ignored if `AutoAddGroupOwner` is true.", + "title": "GroupOwner", "type": "string" } }, + "required": [ + "AutoAddGroupOwner" + ], "type": "object" }, - "AWS::IoTTwinMaker::ComponentType.DataConnector": { + "AWS::Greengrass::ResourceDefinitionVersion.LocalDeviceResourceData": { "additionalProperties": false, "properties": { - "IsNative": { - "markdownDescription": "A boolean value that specifies whether the data connector is native to IoT TwinMaker.", - "title": "IsNative", - "type": "boolean" + "GroupOwnerSetting": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.GroupOwnerSetting", + "markdownDescription": "Settings that define additional Linux OS group permissions to give to the Lambda function process.", + "title": "GroupOwnerSetting" }, - "Lambda": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.LambdaFunction", - "markdownDescription": "The Lambda function associated with the data connector.", - "title": "Lambda" + "SourcePath": { + "markdownDescription": "The local absolute path of the device resource. The source path for a device resource can refer only to a character device or block device under `/dev` .", + "title": "SourcePath", + "type": "string" } }, + "required": [ + "SourcePath" + ], "type": "object" }, - "AWS::IoTTwinMaker::ComponentType.DataType": { + "AWS::Greengrass::ResourceDefinitionVersion.LocalVolumeResourceData": { "additionalProperties": false, "properties": { - "AllowedValues": { - "items": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataValue" - }, - "markdownDescription": "The allowed values for this data type.", - "title": "AllowedValues", - "type": "array" - }, - "NestedType": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataType", - "markdownDescription": "The nested type in the data type.", - "title": "NestedType" - }, - "Relationship": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.Relationship", - "markdownDescription": "A relationship that associates a component with another component.", - "title": "Relationship" - }, - "Type": { - "markdownDescription": "The underlying type of the data type.\n\nValid Values: `RELATIONSHIP | STRING | LONG | BOOLEAN | INTEGER | DOUBLE | LIST | MAP`", - "title": "Type", + "DestinationPath": { + "markdownDescription": "The absolute local path of the resource in the Lambda environment.", + "title": "DestinationPath", "type": "string" }, - "UnitOfMeasure": { - "markdownDescription": "The unit of measure used in this data type.", - "title": "UnitOfMeasure", + "GroupOwnerSetting": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.GroupOwnerSetting", + "markdownDescription": "Settings that define additional Linux OS group permissions to give to the Lambda function process.", + "title": "GroupOwnerSetting" + }, + "SourcePath": { + "markdownDescription": "The local absolute path of the volume resource on the host. The source path for a volume resource type cannot start with `/sys` .", + "title": "SourcePath", "type": "string" } }, "required": [ - "Type" + "DestinationPath", + "SourcePath" ], "type": "object" }, - "AWS::IoTTwinMaker::ComponentType.DataValue": { + "AWS::Greengrass::ResourceDefinitionVersion.ResourceDataContainer": { "additionalProperties": false, "properties": { - "BooleanValue": { - "markdownDescription": "A boolean value.", - "title": "BooleanValue", - "type": "boolean" + "LocalDeviceResourceData": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.LocalDeviceResourceData", + "markdownDescription": "Settings for a local device resource.", + "title": "LocalDeviceResourceData" }, - "DoubleValue": { - "markdownDescription": "A double value.", - "title": "DoubleValue", - "type": "number" - }, - "Expression": { - "markdownDescription": "An expression that produces the value.", - "title": "Expression", - "type": "string" - }, - "IntegerValue": { - "markdownDescription": "An integer value.", - "title": "IntegerValue", - "type": "number" - }, - "ListValue": { - "items": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataValue" - }, - "markdownDescription": "A list of multiple values.", - "title": "ListValue", - "type": "array" - }, - "LongValue": { - "markdownDescription": "A long value.", - "title": "LongValue", - "type": "number" + "LocalVolumeResourceData": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.LocalVolumeResourceData", + "markdownDescription": "Settings for a local volume resource.", + "title": "LocalVolumeResourceData" }, - "MapValue": { - "additionalProperties": false, - "markdownDescription": "An object that maps strings to multiple `DataValue` objects.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataValue" - } - }, - "title": "MapValue", - "type": "object" + "S3MachineLearningModelResourceData": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.S3MachineLearningModelResourceData", + "markdownDescription": "Settings for a machine learning resource stored in Amazon S3 .", + "title": "S3MachineLearningModelResourceData" }, - "RelationshipValue": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.RelationshipValue", - "markdownDescription": "A value that relates a component to another component.", - "title": "RelationshipValue" + "SageMakerMachineLearningModelResourceData": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.SageMakerMachineLearningModelResourceData", + "markdownDescription": "Settings for a machine learning resource saved as an SageMaker AI training job.", + "title": "SageMakerMachineLearningModelResourceData" }, - "StringValue": { - "markdownDescription": "A string value.", - "title": "StringValue", - "type": "string" + "SecretsManagerSecretResourceData": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.SecretsManagerSecretResourceData", + "markdownDescription": "Settings for a secret resource.", + "title": "SecretsManagerSecretResourceData" } }, "type": "object" }, - "AWS::IoTTwinMaker::ComponentType.Error": { + "AWS::Greengrass::ResourceDefinitionVersion.ResourceDownloadOwnerSetting": { "additionalProperties": false, "properties": { - "Code": { - "markdownDescription": "The component type error code.", - "title": "Code", + "GroupOwner": { + "markdownDescription": "The group owner of the machine learning resource. This is the group ID (GID) of an existing Linux OS group on the system. The group's permissions are added to the Lambda process.", + "title": "GroupOwner", "type": "string" }, - "Message": { - "markdownDescription": "The component type error message.", - "title": "Message", + "GroupPermission": { + "markdownDescription": "The permissions that the group owner has to the machine learning resource. Valid values are `rw` (read-write) or `ro` (read-only).", + "title": "GroupPermission", "type": "string" } }, + "required": [ + "GroupOwner", + "GroupPermission" + ], "type": "object" }, - "AWS::IoTTwinMaker::ComponentType.Function": { + "AWS::Greengrass::ResourceDefinitionVersion.ResourceInstance": { "additionalProperties": false, "properties": { - "ImplementedBy": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataConnector", - "markdownDescription": "The data connector.", - "title": "ImplementedBy" - }, - "RequiredProperties": { - "items": { - "type": "string" - }, - "markdownDescription": "The required properties of the function.", - "title": "RequiredProperties", - "type": "array" + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the resource. This value must be unique within the resource definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", + "type": "string" }, - "Scope": { - "markdownDescription": "The scope of the function.", - "title": "Scope", + "Name": { + "markdownDescription": "The descriptive resource name, which is displayed on the AWS IoT Greengrass console. Maximum length 128 characters with pattern [a-zA-Z0-9:_-]+. This must be unique within a Greengrass group.", + "title": "Name", "type": "string" + }, + "ResourceDataContainer": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.ResourceDataContainer", + "markdownDescription": "A container for resource data. The container takes only one of the following supported resource data types: `LocalDeviceResourceData` , `LocalVolumeResourceData` , `SageMakerMachineLearningModelResourceData` , `S3MachineLearningModelResourceData` , or `SecretsManagerSecretResourceData` .\n\n> Only one resource type can be defined for a `ResourceDataContainer` instance.", + "title": "ResourceDataContainer" } }, + "required": [ + "Id", + "Name", + "ResourceDataContainer" + ], "type": "object" }, - "AWS::IoTTwinMaker::ComponentType.LambdaFunction": { + "AWS::Greengrass::ResourceDefinitionVersion.S3MachineLearningModelResourceData": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Lambda function ARN.", - "title": "Arn", + "DestinationPath": { + "markdownDescription": "The absolute local path of the resource inside the Lambda environment.", + "title": "DestinationPath", + "type": "string" + }, + "OwnerSetting": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.ResourceDownloadOwnerSetting", + "markdownDescription": "The owner setting for the downloaded machine learning resource. For more information, see [Access Machine Learning Resources from Lambda Functions](https://docs.aws.amazon.com/greengrass/v1/developerguide/access-ml-resources.html) in the *Developer Guide* .", + "title": "OwnerSetting" + }, + "S3Uri": { + "markdownDescription": "The URI of the source model in an Amazon S3 bucket. The model package must be in `tar.gz` or `.zip` format.", + "title": "S3Uri", "type": "string" } }, "required": [ - "Arn" + "DestinationPath", + "S3Uri" ], "type": "object" }, - "AWS::IoTTwinMaker::ComponentType.PropertyDefinition": { + "AWS::Greengrass::ResourceDefinitionVersion.SageMakerMachineLearningModelResourceData": { "additionalProperties": false, "properties": { - "Configurations": { - "additionalProperties": true, - "markdownDescription": "A mapping that specifies configuration information about the property.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Configurations", - "type": "object" - }, - "DataType": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataType", - "markdownDescription": "", - "title": "DataType" - }, - "DefaultValue": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataValue", - "markdownDescription": "A boolean value that specifies whether the property ID comes from an external data store.", - "title": "DefaultValue" - }, - "IsExternalId": { - "markdownDescription": "A Boolean value that specifies whether the property ID comes from an external data source.", - "title": "IsExternalId", - "type": "boolean" - }, - "IsRequiredInEntity": { - "markdownDescription": "A boolean value that specifies whether the property is required in an entity.", - "title": "IsRequiredInEntity", - "type": "boolean" + "DestinationPath": { + "markdownDescription": "The absolute local path of the resource inside the Lambda environment.", + "title": "DestinationPath", + "type": "string" }, - "IsStoredExternally": { - "markdownDescription": "A boolean value that specifies whether the property is stored externally.", - "title": "IsStoredExternally", - "type": "boolean" + "OwnerSetting": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.ResourceDownloadOwnerSetting", + "markdownDescription": "The owner setting for the downloaded machine learning resource. For more information, see [Access Machine Learning Resources from Lambda Functions](https://docs.aws.amazon.com/greengrass/v1/developerguide/access-ml-resources.html) in the *Developer Guide* .", + "title": "OwnerSetting" }, - "IsTimeSeries": { - "markdownDescription": "A boolean value that specifies whether the property consists of time series data.", - "title": "IsTimeSeries", - "type": "boolean" + "SageMakerJobArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SageMaker AI training job that represents the source model.", + "title": "SageMakerJobArn", + "type": "string" } }, + "required": [ + "DestinationPath", + "SageMakerJobArn" + ], "type": "object" }, - "AWS::IoTTwinMaker::ComponentType.PropertyGroup": { + "AWS::Greengrass::ResourceDefinitionVersion.SecretsManagerSecretResourceData": { "additionalProperties": false, "properties": { - "GroupType": { - "markdownDescription": "The group type.", - "title": "GroupType", + "ARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Secrets Manager secret to make available on the core. The value of the secret's latest version (represented by the `AWSCURRENT` staging label) is included by default.", + "title": "ARN", "type": "string" }, - "PropertyNames": { + "AdditionalStagingLabelsToDownload": { "items": { "type": "string" }, - "markdownDescription": "The property names.", - "title": "PropertyNames", + "markdownDescription": "The staging labels whose values you want to make available on the core, in addition to `AWSCURRENT` .", + "title": "AdditionalStagingLabelsToDownload", "type": "array" } }, + "required": [ + "ARN" + ], "type": "object" }, - "AWS::IoTTwinMaker::ComponentType.Relationship": { + "AWS::Greengrass::SubscriptionDefinition": { "additionalProperties": false, "properties": { - "RelationshipType": { - "markdownDescription": "The type of the relationship.", - "title": "RelationshipType", + "Condition": { "type": "string" }, - "TargetComponentTypeId": { - "markdownDescription": "The ID of the target component type associated with this relationship.", - "title": "TargetComponentTypeId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "InitialVersion": { + "$ref": "#/definitions/AWS::Greengrass::SubscriptionDefinition.SubscriptionDefinitionVersion", + "markdownDescription": "The subscription definition version to include when the subscription definition is created. A subscription definition version contains a list of [`subscription`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-subscriptiondefinition-subscription.html) property types.\n\n> To associate a subscription definition version after the subscription definition is created, create an [`AWS::Greengrass::SubscriptionDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-subscriptiondefinitionversion.html) resource and specify the ID of this subscription definition.", + "title": "InitialVersion" + }, + "Name": { + "markdownDescription": "The name of the subscription definition.", + "title": "Name", + "type": "string" + }, + "Tags": { + "markdownDescription": "Application-specific metadata to attach to the subscription definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", + "title": "Tags", + "type": "object" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Greengrass::SubscriptionDefinition" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::IoTTwinMaker::ComponentType.RelationshipValue": { + "AWS::Greengrass::SubscriptionDefinition.Subscription": { "additionalProperties": false, "properties": { - "TargetComponentName": { - "markdownDescription": "The target component name.", - "title": "TargetComponentName", + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the subscription. This value must be unique within the subscription definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", "type": "string" }, - "TargetEntityId": { - "markdownDescription": "The target entity Id.", - "title": "TargetEntityId", + "Source": { + "markdownDescription": "The originator of the message. The value can be a thing ARN, the ARN of a Lambda function alias (recommended) or version, a connector ARN, `cloud` (which represents the AWS IoT cloud), or `GGShadowService` .", + "title": "Source", + "type": "string" + }, + "Subject": { + "markdownDescription": "The MQTT topic used to route the message.", + "title": "Subject", + "type": "string" + }, + "Target": { + "markdownDescription": "The destination of the message. The value can be a thing ARN, the ARN of a Lambda function alias (recommended) or version, a connector ARN, `cloud` (which represents the AWS IoT cloud), or `GGShadowService` .", + "title": "Target", "type": "string" } }, + "required": [ + "Id", + "Source", + "Subject", + "Target" + ], "type": "object" }, - "AWS::IoTTwinMaker::ComponentType.Status": { + "AWS::Greengrass::SubscriptionDefinition.SubscriptionDefinitionVersion": { "additionalProperties": false, "properties": { - "Error": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.Error", - "markdownDescription": "The component type error.", - "title": "Error" - }, - "State": { - "markdownDescription": "The component type status state.", - "title": "State", - "type": "string" + "Subscriptions": { + "items": { + "$ref": "#/definitions/AWS::Greengrass::SubscriptionDefinition.Subscription" + }, + "markdownDescription": "The subscriptions in this version.", + "title": "Subscriptions", + "type": "array" } }, + "required": [ + "Subscriptions" + ], "type": "object" }, - "AWS::IoTTwinMaker::Entity": { + "AWS::Greengrass::SubscriptionDefinitionVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -130962,74 +135538,29 @@ "Properties": { "additionalProperties": false, "properties": { - "Components": { - "additionalProperties": false, - "markdownDescription": "An object that maps strings to the components in the entity. Each string in the mapping must be unique to this object.\n\nFor information on the component object see the [component](https://docs.aws.amazon.com//iot-twinmaker/latest/apireference/API_ComponentResponse.html) API reference.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Component" - } - }, - "title": "Components", - "type": "object" - }, - "CompositeComponents": { - "additionalProperties": false, - "markdownDescription": "Maps string to `compositeComponent` updates in the request. Each key of the map represents the `componentPath` of the `compositeComponent` .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.CompositeComponent" - } - }, - "title": "CompositeComponents", - "type": "object" - }, - "Description": { - "markdownDescription": "The description of the entity.", - "title": "Description", - "type": "string" - }, - "EntityId": { - "markdownDescription": "The ID of the entity.", - "title": "EntityId", - "type": "string" - }, - "EntityName": { - "markdownDescription": "The entity name.", - "title": "EntityName", - "type": "string" - }, - "ParentEntityId": { - "markdownDescription": "The ID of the parent entity.", - "title": "ParentEntityId", + "SubscriptionDefinitionId": { + "markdownDescription": "The ID of the subscription definition associated with this version. This value is a GUID.", + "title": "SubscriptionDefinitionId", "type": "string" }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Metadata that you can use to manage the entity.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "Subscriptions": { + "items": { + "$ref": "#/definitions/AWS::Greengrass::SubscriptionDefinitionVersion.Subscription" }, - "title": "Tags", - "type": "object" - }, - "WorkspaceId": { - "markdownDescription": "The ID of the workspace that contains the entity.", - "title": "WorkspaceId", - "type": "string" + "markdownDescription": "The subscriptions in this version.", + "title": "Subscriptions", + "type": "array" } }, "required": [ - "EntityName", - "WorkspaceId" + "SubscriptionDefinitionId", + "Subscriptions" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTTwinMaker::Entity" + "AWS::Greengrass::SubscriptionDefinitionVersion" ], "type": "string" }, @@ -131048,368 +135579,385 @@ ], "type": "object" }, - "AWS::IoTTwinMaker::Entity.Component": { + "AWS::Greengrass::SubscriptionDefinitionVersion.Subscription": { "additionalProperties": false, "properties": { - "ComponentName": { - "markdownDescription": "The name of the component.", - "title": "ComponentName", + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the subscription. This value must be unique within the subscription definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", "type": "string" }, - "ComponentTypeId": { - "markdownDescription": "The ID of the component type.", - "title": "ComponentTypeId", + "Source": { + "markdownDescription": "The originator of the message. The value can be a thing ARN, the ARN of a Lambda function alias (recommended) or version, a connector ARN, `cloud` (which represents the AWS IoT cloud), or `GGShadowService` .", + "title": "Source", "type": "string" }, - "DefinedIn": { - "markdownDescription": "The name of the property definition set in the request.", - "title": "DefinedIn", + "Subject": { + "markdownDescription": "The MQTT topic used to route the message.", + "title": "Subject", "type": "string" }, - "Description": { - "markdownDescription": "The description of the component.", - "title": "Description", + "Target": { + "markdownDescription": "The destination of the message. The value can be a thing ARN, the ARN of a Lambda function alias (recommended) or version, a connector ARN, `cloud` (which represents the AWS IoT cloud), or `GGShadowService` .", + "title": "Target", "type": "string" - }, - "Properties": { - "additionalProperties": false, - "markdownDescription": "An object that maps strings to the properties to set in the component type. Each string in the mapping must be unique to this object.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Property" - } - }, - "title": "Properties", - "type": "object" - }, - "PropertyGroups": { - "additionalProperties": false, - "markdownDescription": "An object that maps strings to the property groups in the component type. Each string in the mapping must be unique to this object.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.PropertyGroup" - } - }, - "title": "PropertyGroups", - "type": "object" - }, - "Status": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Status", - "markdownDescription": "The status of the component.", - "title": "Status" } }, + "required": [ + "Id", + "Source", + "Subject", + "Target" + ], "type": "object" }, - "AWS::IoTTwinMaker::Entity.CompositeComponent": { + "AWS::GreengrassV2::ComponentVersion": { "additionalProperties": false, "properties": { - "ComponentName": { - "markdownDescription": "The name of the component.", - "title": "ComponentName", + "Condition": { "type": "string" }, - "ComponentPath": { - "markdownDescription": "The path to the composite component, starting from the top-level component.", - "title": "ComponentPath", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ComponentTypeId": { - "markdownDescription": "The ID of the composite component type.", - "title": "ComponentTypeId", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Description": { - "markdownDescription": "The description of the component type.", - "title": "Description", - "type": "string" + "Metadata": { + "type": "object" }, "Properties": { "additionalProperties": false, - "markdownDescription": "Map of strings to the properties in the component type. Each string in the mapping must be unique to this component.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Property" + "properties": { + "InlineRecipe": { + "markdownDescription": "The recipe to use to create the component. The recipe defines the component's metadata, parameters, dependencies, lifecycle, artifacts, and platform compatibility.\n\nYou must specify either `InlineRecipe` or `LambdaFunction` .", + "title": "InlineRecipe", + "type": "string" + }, + "LambdaFunction": { + "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaFunctionRecipeSource", + "markdownDescription": "The parameters to create a component from a Lambda function.\n\nYou must specify either `InlineRecipe` or `LambdaFunction` .", + "title": "LambdaFunction" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Application-specific metadata to attach to the component version. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tag your AWS IoT Greengrass Version 2 resources](https://docs.aws.amazon.com/greengrass/v2/developerguide/tag-resources.html) in the *AWS IoT Greengrass V2 Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" } }, - "title": "Properties", "type": "object" }, - "PropertyGroups": { - "additionalProperties": false, - "markdownDescription": "The property groups.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.PropertyGroup" - } - }, - "title": "PropertyGroups", - "type": "object" + "Type": { + "enum": [ + "AWS::GreengrassV2::ComponentVersion" + ], + "type": "string" }, - "Status": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Status", - "markdownDescription": "The current status of the composite component.", - "title": "Status" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::IoTTwinMaker::Entity.DataType": { + "AWS::GreengrassV2::ComponentVersion.ComponentDependencyRequirement": { "additionalProperties": false, "properties": { - "AllowedValues": { - "items": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataValue" - }, - "markdownDescription": "The allowed values.", - "title": "AllowedValues", - "type": "array" - }, - "NestedType": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataType", - "markdownDescription": "The nested type.", - "title": "NestedType" - }, - "Relationship": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Relationship", - "markdownDescription": "The relationship.", - "title": "Relationship" - }, - "Type": { - "markdownDescription": "The entity type.", - "title": "Type", + "DependencyType": { + "markdownDescription": "The type of this dependency. Choose from the following options:\n\n- `SOFT` \u2013 The component doesn't restart if the dependency changes state.\n- `HARD` \u2013 The component restarts if the dependency changes state.\n\nDefault: `HARD`", + "title": "DependencyType", "type": "string" }, - "UnitOfMeasure": { - "markdownDescription": "The unit of measure.", - "title": "UnitOfMeasure", + "VersionRequirement": { + "markdownDescription": "The component version requirement for the component dependency.\n\nAWS IoT Greengrass uses semantic version constraints. For more information, see [Semantic Versioning](https://docs.aws.amazon.com/https://semver.org/) .", + "title": "VersionRequirement", "type": "string" } }, "type": "object" }, - "AWS::IoTTwinMaker::Entity.DataValue": { + "AWS::GreengrassV2::ComponentVersion.ComponentPlatform": { "additionalProperties": false, "properties": { - "BooleanValue": { - "markdownDescription": "A boolean value.", - "title": "BooleanValue", - "type": "boolean" - }, - "DoubleValue": { - "markdownDescription": "A double value.", - "title": "DoubleValue", - "type": "number" - }, - "Expression": { - "markdownDescription": "An expression that produces the value.", - "title": "Expression", - "type": "string" - }, - "IntegerValue": { - "markdownDescription": "An integer value.", - "title": "IntegerValue", - "type": "number" - }, - "ListValue": { - "items": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataValue" - }, - "markdownDescription": "A list of multiple values.", - "title": "ListValue", - "type": "array" - }, - "LongValue": { - "markdownDescription": "A long value.", - "title": "LongValue", - "type": "number" - }, - "MapValue": { - "additionalProperties": false, - "markdownDescription": "An object that maps strings to multiple DataValue objects.", + "Attributes": { + "additionalProperties": true, + "markdownDescription": "A dictionary of attributes for the platform. The AWS IoT Greengrass Core software defines the `os` and `platform` by default. You can specify additional platform attributes for a core device when you deploy the AWS IoT Greengrass nucleus component. For more information, see the [AWS IoT Greengrass nucleus component](https://docs.aws.amazon.com/greengrass/v2/developerguide/greengrass-nucleus-component.html) in the *AWS IoT Greengrass V2 Developer Guide* .", "patternProperties": { "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataValue" + "type": "string" } }, - "title": "MapValue", + "title": "Attributes", "type": "object" }, - "RelationshipValue": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.RelationshipValue", - "markdownDescription": "A value that relates a component to another component.", - "title": "RelationshipValue" - }, - "StringValue": { - "markdownDescription": "A string value.", - "title": "StringValue", + "Name": { + "markdownDescription": "The friendly name of the platform. This name helps you identify the platform.\n\nIf you omit this parameter, AWS IoT Greengrass creates a friendly name from the `os` and `architecture` of the platform.", + "title": "Name", "type": "string" } }, "type": "object" }, - "AWS::IoTTwinMaker::Entity.Definition": { + "AWS::GreengrassV2::ComponentVersion.LambdaContainerParams": { "additionalProperties": false, "properties": { - "Configuration": { - "additionalProperties": true, - "markdownDescription": "The configuration.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "Devices": { + "items": { + "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaDeviceMount" }, - "title": "Configuration", - "type": "object" - }, - "DataType": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataType", - "markdownDescription": "The data type", - "title": "DataType" - }, - "DefaultValue": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataValue", - "markdownDescription": "The default value.", - "title": "DefaultValue" - }, - "IsExternalId": { - "markdownDescription": "Displays if the entity has a external Id.", - "title": "IsExternalId", - "type": "boolean" - }, - "IsFinal": { - "markdownDescription": "Displays if the entity is final.", - "title": "IsFinal", - "type": "boolean" - }, - "IsImported": { - "markdownDescription": "Displays if the entity is imported.", - "title": "IsImported", - "type": "boolean" - }, - "IsInherited": { - "markdownDescription": "Displays if the entity is inherited.", - "title": "IsInherited", - "type": "boolean" + "markdownDescription": "The list of system devices that the container can access.", + "title": "Devices", + "type": "array" }, - "IsRequiredInEntity": { - "markdownDescription": "Displays if the entity is a required entity.", - "title": "IsRequiredInEntity", - "type": "boolean" + "MemorySizeInKB": { + "markdownDescription": "The memory size of the container, expressed in kilobytes.\n\nDefault: `16384` (16 MB)", + "title": "MemorySizeInKB", + "type": "number" }, - "IsStoredExternally": { - "markdownDescription": "Displays if the entity is tored externally.", - "title": "IsStoredExternally", + "MountROSysfs": { + "markdownDescription": "Whether or not the container can read information from the device's `/sys` folder.\n\nDefault: `false`", + "title": "MountROSysfs", "type": "boolean" }, - "IsTimeSeries": { - "markdownDescription": "Displays if the entity", - "title": "IsTimeSeries", - "type": "boolean" + "Volumes": { + "items": { + "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaVolumeMount" + }, + "markdownDescription": "The list of volumes that the container can access.", + "title": "Volumes", + "type": "array" } }, "type": "object" }, - "AWS::IoTTwinMaker::Entity.Error": { + "AWS::GreengrassV2::ComponentVersion.LambdaDeviceMount": { "additionalProperties": false, "properties": { - "Code": { - "markdownDescription": "The entity error code.", - "title": "Code", + "AddGroupOwner": { + "markdownDescription": "Whether or not to add the component's system user as an owner of the device.\n\nDefault: `false`", + "title": "AddGroupOwner", + "type": "boolean" + }, + "Path": { + "markdownDescription": "The mount path for the device in the file system.", + "title": "Path", "type": "string" }, - "Message": { - "markdownDescription": "The entity error message.", - "title": "Message", + "Permission": { + "markdownDescription": "The permission to access the device: read/only ( `ro` ) or read/write ( `rw` ).\n\nDefault: `ro`", + "title": "Permission", "type": "string" } }, "type": "object" }, - "AWS::IoTTwinMaker::Entity.Property": { + "AWS::GreengrassV2::ComponentVersion.LambdaEventSource": { "additionalProperties": false, "properties": { - "Definition": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Definition", - "markdownDescription": "An object that specifies information about a property.", - "title": "Definition" + "Topic": { + "markdownDescription": "The topic to which to subscribe to receive event messages.", + "title": "Topic", + "type": "string" }, - "Value": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataValue", - "markdownDescription": "An object that contains information about a value for a time series property.", - "title": "Value" + "Type": { + "markdownDescription": "The type of event source. Choose from the following options:\n\n- `PUB_SUB` \u2013 Subscribe to local publish/subscribe messages. This event source type doesn't support MQTT wildcards ( `+` and `#` ) in the event source topic.\n- `IOT_CORE` \u2013 Subscribe to AWS IoT Core MQTT messages. This event source type supports MQTT wildcards ( `+` and `#` ) in the event source topic.", + "title": "Type", + "type": "string" } }, "type": "object" }, - "AWS::IoTTwinMaker::Entity.PropertyGroup": { + "AWS::GreengrassV2::ComponentVersion.LambdaExecutionParameters": { "additionalProperties": false, "properties": { - "GroupType": { - "markdownDescription": "The group type.", - "title": "GroupType", - "type": "string" + "EnvironmentVariables": { + "additionalProperties": true, + "markdownDescription": "The map of environment variables that are available to the Lambda function when it runs.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "EnvironmentVariables", + "type": "object" }, - "PropertyNames": { + "EventSources": { + "items": { + "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaEventSource" + }, + "markdownDescription": "The list of event sources to which to subscribe to receive work messages. The Lambda function runs when it receives a message from an event source. You can subscribe this function to local publish/subscribe messages and AWS IoT Core MQTT messages.", + "title": "EventSources", + "type": "array" + }, + "ExecArgs": { "items": { "type": "string" }, - "markdownDescription": "The property names.", - "title": "PropertyNames", + "markdownDescription": "The list of arguments to pass to the Lambda function when it runs.", + "title": "ExecArgs", "type": "array" + }, + "InputPayloadEncodingType": { + "markdownDescription": "The encoding type that the Lambda function supports.\n\nDefault: `json`", + "title": "InputPayloadEncodingType", + "type": "string" + }, + "LinuxProcessParams": { + "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaLinuxProcessParams", + "markdownDescription": "The parameters for the Linux process that contains the Lambda function.", + "title": "LinuxProcessParams" + }, + "MaxIdleTimeInSeconds": { + "markdownDescription": "The maximum amount of time in seconds that a non-pinned Lambda function can idle before the AWS IoT Greengrass Core software stops its process.", + "title": "MaxIdleTimeInSeconds", + "type": "number" + }, + "MaxInstancesCount": { + "markdownDescription": "The maximum number of instances that a non-pinned Lambda function can run at the same time.", + "title": "MaxInstancesCount", + "type": "number" + }, + "MaxQueueSize": { + "markdownDescription": "The maximum size of the message queue for the Lambda function component. The AWS IoT Greengrass core device stores messages in a FIFO (first-in-first-out) queue until it can run the Lambda function to consume each message.", + "title": "MaxQueueSize", + "type": "number" + }, + "Pinned": { + "markdownDescription": "Whether or not the Lambda function is pinned, or long-lived.\n\n- A pinned Lambda function starts when the AWS IoT Greengrass Core starts and keeps running in its own container.\n- A non-pinned Lambda function starts only when it receives a work item and exists after it idles for `maxIdleTimeInSeconds` . If the function has multiple work items, the AWS IoT Greengrass Core software creates multiple instances of the function.\n\nDefault: `true`", + "title": "Pinned", + "type": "boolean" + }, + "StatusTimeoutInSeconds": { + "markdownDescription": "The interval in seconds at which a pinned (also known as long-lived) Lambda function component sends status updates to the Lambda manager component.", + "title": "StatusTimeoutInSeconds", + "type": "number" + }, + "TimeoutInSeconds": { + "markdownDescription": "The maximum amount of time in seconds that the Lambda function can process a work item.", + "title": "TimeoutInSeconds", + "type": "number" } }, "type": "object" }, - "AWS::IoTTwinMaker::Entity.Relationship": { + "AWS::GreengrassV2::ComponentVersion.LambdaFunctionRecipeSource": { "additionalProperties": false, "properties": { - "RelationshipType": { - "markdownDescription": "The relationship type.", - "title": "RelationshipType", + "ComponentDependencies": { + "additionalProperties": false, + "markdownDescription": "The component versions on which this Lambda function component depends.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.ComponentDependencyRequirement" + } + }, + "title": "ComponentDependencies", + "type": "object" + }, + "ComponentLambdaParameters": { + "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaExecutionParameters", + "markdownDescription": "The system and runtime parameters for the Lambda function as it runs on the AWS IoT Greengrass core device.", + "title": "ComponentLambdaParameters" + }, + "ComponentName": { + "markdownDescription": "The name of the component.\n\nDefaults to the name of the Lambda function.", + "title": "ComponentName", "type": "string" }, - "TargetComponentTypeId": { - "markdownDescription": "the component type Id target.", - "title": "TargetComponentTypeId", + "ComponentPlatforms": { + "items": { + "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.ComponentPlatform" + }, + "markdownDescription": "The platforms that the component version supports.", + "title": "ComponentPlatforms", + "type": "array" + }, + "ComponentVersion": { + "markdownDescription": "The version of the component.\n\nDefaults to the version of the Lambda function as a semantic version. For example, if your function version is `3` , the component version becomes `3.0.0` .", + "title": "ComponentVersion", + "type": "string" + }, + "LambdaArn": { + "markdownDescription": "The ARN of the Lambda function. The ARN must include the version of the function to import. You can't use version aliases like `$LATEST` .", + "title": "LambdaArn", "type": "string" } }, "type": "object" }, - "AWS::IoTTwinMaker::Entity.RelationshipValue": { + "AWS::GreengrassV2::ComponentVersion.LambdaLinuxProcessParams": { "additionalProperties": false, "properties": { - "TargetComponentName": { - "markdownDescription": "The target component name.", - "title": "TargetComponentName", - "type": "string" + "ContainerParams": { + "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaContainerParams", + "markdownDescription": "The parameters for the container in which the Lambda function runs.", + "title": "ContainerParams" }, - "TargetEntityId": { - "markdownDescription": "The target entity Id.", - "title": "TargetEntityId", + "IsolationMode": { + "markdownDescription": "The isolation mode for the process that contains the Lambda function. The process can run in an isolated runtime environment inside the AWS IoT Greengrass container, or as a regular process outside any container.\n\nDefault: `GreengrassContainer`", + "title": "IsolationMode", "type": "string" } }, "type": "object" }, - "AWS::IoTTwinMaker::Entity.Status": { + "AWS::GreengrassV2::ComponentVersion.LambdaVolumeMount": { "additionalProperties": false, "properties": { - "Error": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Error", - "markdownDescription": "The error message.", - "title": "Error" + "AddGroupOwner": { + "markdownDescription": "Whether or not to add the AWS IoT Greengrass user group as an owner of the volume.\n\nDefault: `false`", + "title": "AddGroupOwner", + "type": "boolean" }, - "State": { - "markdownDescription": "The current state of the entity, component, component type, or workspace.\n\nValid Values: `CREATING | UPDATING | DELETING | ACTIVE | ERROR`", - "title": "State", + "DestinationPath": { + "markdownDescription": "The path to the logical volume in the file system.", + "title": "DestinationPath", + "type": "string" + }, + "Permission": { + "markdownDescription": "The permission to access the volume: read/only ( `ro` ) or read/write ( `rw` ).\n\nDefault: `ro`", + "title": "Permission", + "type": "string" + }, + "SourcePath": { + "markdownDescription": "The path to the physical volume in the file system.", + "title": "SourcePath", "type": "string" } }, "type": "object" }, - "AWS::IoTTwinMaker::Scene": { + "AWS::GreengrassV2::Deployment": { "additionalProperties": false, "properties": { "Condition": { @@ -131444,43 +135992,40 @@ "Properties": { "additionalProperties": false, "properties": { - "Capabilities": { - "items": { - "type": "string" + "Components": { + "additionalProperties": false, + "markdownDescription": "The components to deploy. This is a dictionary, where each key is the name of a component, and each key's value is the version and configuration to deploy for that component.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.ComponentDeploymentSpecification" + } }, - "markdownDescription": "A list of capabilities that the scene uses to render.", - "title": "Capabilities", - "type": "array" + "title": "Components", + "type": "object" }, - "ContentLocation": { - "markdownDescription": "The relative path that specifies the location of the content definition file.", - "title": "ContentLocation", + "DeploymentName": { + "markdownDescription": "The name of the deployment.", + "title": "DeploymentName", "type": "string" }, - "Description": { - "markdownDescription": "The description of this scene.", - "title": "Description", - "type": "string" + "DeploymentPolicies": { + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.DeploymentPolicies", + "markdownDescription": "The deployment policies for the deployment. These policies define how the deployment updates components and handles failure.", + "title": "DeploymentPolicies" }, - "SceneId": { - "markdownDescription": "The ID of the scene.", - "title": "SceneId", - "type": "string" + "IotJobConfiguration": { + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.DeploymentIoTJobConfiguration", + "markdownDescription": "The job configuration for the deployment configuration. The job configuration specifies the rollout, timeout, and stop configurations for the deployment configuration.", + "title": "IotJobConfiguration" }, - "SceneMetadata": { - "additionalProperties": true, - "markdownDescription": "The scene metadata.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "SceneMetadata", - "type": "object" + "ParentTargetArn": { + "markdownDescription": "The parent deployment's [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) for a subdeployment.", + "title": "ParentTargetArn", + "type": "string" }, "Tags": { "additionalProperties": true, - "markdownDescription": "The ComponentType tags.", + "markdownDescription": "Application-specific metadata to attach to the deployment. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tag your AWS IoT Greengrass Version 2 resources](https://docs.aws.amazon.com/greengrass/v2/developerguide/tag-resources.html) in the *AWS IoT Greengrass V2 Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" @@ -131489,22 +136034,20 @@ "title": "Tags", "type": "object" }, - "WorkspaceId": { - "markdownDescription": "The ID of the workspace.", - "title": "WorkspaceId", + "TargetArn": { + "markdownDescription": "The ARN of the target AWS IoT thing or thing group.", + "title": "TargetArn", "type": "string" } }, "required": [ - "ContentLocation", - "SceneId", - "WorkspaceId" + "TargetArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTTwinMaker::Scene" + "AWS::GreengrassV2::Deployment" ], "type": "string" }, @@ -131523,192 +136066,271 @@ ], "type": "object" }, - "AWS::IoTTwinMaker::SyncJob": { + "AWS::GreengrassV2::Deployment.ComponentConfigurationUpdate": { "additionalProperties": false, "properties": { - "Condition": { + "Merge": { + "markdownDescription": "A serialized JSON string that contains the configuration object to merge to target devices. The core device merges this configuration with the component's existing configuration. If this is the first time a component deploys on a device, the core device merges this configuration with the component's default configuration. This means that the core device keeps it's existing configuration for keys and values that you don't specify in this object. For more information, see [Merge configuration updates](https://docs.aws.amazon.com/greengrass/v2/developerguide/update-component-configurations.html#merge-configuration-update) in the *AWS IoT Greengrass V2 Developer Guide* .", + "title": "Merge", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Reset": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of configuration nodes to reset to default values on target devices. Use JSON pointers to specify each node to reset. JSON pointers start with a forward slash ( `/` ) and use forward slashes to separate the key for each level in the object. For more information, see the [JSON pointer specification](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) and [Reset configuration updates](https://docs.aws.amazon.com/greengrass/v2/developerguide/update-component-configurations.html#reset-configuration-update) in the *AWS IoT Greengrass V2 Developer Guide* .", + "title": "Reset", + "type": "array" + } + }, + "type": "object" + }, + "AWS::GreengrassV2::Deployment.ComponentDeploymentSpecification": { + "additionalProperties": false, + "properties": { + "ComponentVersion": { + "markdownDescription": "The version of the component.", + "title": "ComponentVersion", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "ConfigurationUpdate": { + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.ComponentConfigurationUpdate", + "markdownDescription": "The configuration updates to deploy for the component. You can define reset updates and merge updates. A reset updates the keys that you specify to the default configuration for the component. A merge updates the core device's component configuration with the keys and values that you specify. The AWS IoT Greengrass Core software applies reset updates before it applies merge updates. For more information, see [Update component configuration](https://docs.aws.amazon.com/greengrass/v2/developerguide/update-component-configurations.html) .", + "title": "ConfigurationUpdate" }, - "Properties": { - "additionalProperties": false, - "properties": { - "SyncRole": { - "markdownDescription": "The SyncJob IAM role. This IAM role is used by the sync job to read from the syncSource, and create, update or delete the corresponding resources.", - "title": "SyncRole", - "type": "string" - }, - "SyncSource": { - "markdownDescription": "The sync source.\n\n> Currently the only supported syncSoucre is `SITEWISE` .", - "title": "SyncSource", - "type": "string" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Metadata you can use to manage the SyncJob.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - }, - "WorkspaceId": { - "markdownDescription": "The ID of the workspace that contains the sync job.", - "title": "WorkspaceId", - "type": "string" - } - }, - "required": [ - "SyncRole", - "SyncSource", - "WorkspaceId" - ], - "type": "object" + "RunWith": { + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.ComponentRunWith", + "markdownDescription": "The system user and group that the software uses to run component processes on the core device. If you omit this parameter, the software uses the system user and group that you configure for the core device. For more information, see [Configure the user and group that run components](https://docs.aws.amazon.com/greengrass/v2/developerguide/configure-greengrass-core-v2.html#configure-component-user) in the *AWS IoT Greengrass V2 Developer Guide* .", + "title": "RunWith" + } + }, + "type": "object" + }, + "AWS::GreengrassV2::Deployment.ComponentRunWith": { + "additionalProperties": false, + "properties": { + "PosixUser": { + "markdownDescription": "The POSIX system user and (optional) group to use to run this component. Specify the user and group separated by a colon ( `:` ) in the following format: `user:group` . The group is optional. If you don't specify a group, the AWS IoT Greengrass Core software uses the primary user for the group.", + "title": "PosixUser", + "type": "string" }, - "Type": { - "enum": [ - "AWS::IoTTwinMaker::SyncJob" - ], + "SystemResourceLimits": { + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.SystemResourceLimits", + "markdownDescription": "The system resource limits to apply to this component's process on the core device. AWS IoT Greengrass supports this feature only on Linux core devices.\n\nIf you omit this parameter, the AWS IoT Greengrass Core software uses the default system resource limits that you configure on the AWS IoT Greengrass nucleus component. For more information, see [Configure system resource limits for components](https://docs.aws.amazon.com/greengrass/v2/developerguide/configure-greengrass-core-v2.html#configure-component-system-resource-limits) .", + "title": "SystemResourceLimits" + }, + "WindowsUser": { + "markdownDescription": "The Windows user to use to run this component on Windows core devices. The user must exist on each Windows core device, and its name and password must be in the LocalSystem account's Credentials Manager instance.\n\nIf you omit this parameter, the AWS IoT Greengrass Core software uses the default Windows user that you configure on the AWS IoT Greengrass nucleus component. For more information, see [Configure the user and group that run components](https://docs.aws.amazon.com/greengrass/v2/developerguide/configure-greengrass-core-v2.html#configure-component-user) .", + "title": "WindowsUser", + "type": "string" + } + }, + "type": "object" + }, + "AWS::GreengrassV2::Deployment.DeploymentComponentUpdatePolicy": { + "additionalProperties": false, + "properties": { + "Action": { + "markdownDescription": "Whether or not to notify components and wait for components to become safe to update. Choose from the following options:\n\n- `NOTIFY_COMPONENTS` \u2013 The deployment notifies each component before it stops and updates that component. Components can use the [SubscribeToComponentUpdates](https://docs.aws.amazon.com/greengrass/v2/developerguide/interprocess-communication.html#ipc-operation-subscribetocomponentupdates) IPC operation to receive these notifications. Then, components can respond with the [DeferComponentUpdate](https://docs.aws.amazon.com/greengrass/v2/developerguide/interprocess-communication.html#ipc-operation-defercomponentupdate) IPC operation. For more information, see the [Create deployments](https://docs.aws.amazon.com/greengrass/v2/developerguide/create-deployments.html) in the *AWS IoT Greengrass V2 Developer Guide* .\n- `SKIP_NOTIFY_COMPONENTS` \u2013 The deployment doesn't notify components or wait for them to be safe to update.\n\nDefault: `NOTIFY_COMPONENTS`", + "title": "Action", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TimeoutInSeconds": { + "markdownDescription": "The amount of time in seconds that each component on a device has to report that it's safe to update. If the component waits for longer than this timeout, then the deployment proceeds on the device.\n\nDefault: `60`", + "title": "TimeoutInSeconds", + "type": "number" + } + }, + "type": "object" + }, + "AWS::GreengrassV2::Deployment.DeploymentConfigurationValidationPolicy": { + "additionalProperties": false, + "properties": { + "TimeoutInSeconds": { + "markdownDescription": "The amount of time in seconds that a component can validate its configuration updates. If the validation time exceeds this timeout, then the deployment proceeds for the device.\n\nDefault: `30`", + "title": "TimeoutInSeconds", + "type": "number" + } + }, + "type": "object" + }, + "AWS::GreengrassV2::Deployment.DeploymentIoTJobConfiguration": { + "additionalProperties": false, + "properties": { + "AbortConfig": { + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.IoTJobAbortConfig", + "markdownDescription": "The stop configuration for the job. This configuration defines when and how to stop a job rollout.", + "title": "AbortConfig" + }, + "JobExecutionsRolloutConfig": { + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.IoTJobExecutionsRolloutConfig", + "markdownDescription": "The rollout configuration for the job. This configuration defines the rate at which the job rolls out to the fleet of target devices.", + "title": "JobExecutionsRolloutConfig" + }, + "TimeoutConfig": { + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.IoTJobTimeoutConfig", + "markdownDescription": "The timeout configuration for the job. This configuration defines the amount of time each device has to complete the job.", + "title": "TimeoutConfig" + } + }, + "type": "object" + }, + "AWS::GreengrassV2::Deployment.DeploymentPolicies": { + "additionalProperties": false, + "properties": { + "ComponentUpdatePolicy": { + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.DeploymentComponentUpdatePolicy", + "markdownDescription": "The component update policy for the configuration deployment. This policy defines when it's safe to deploy the configuration to devices.", + "title": "ComponentUpdatePolicy" + }, + "ConfigurationValidationPolicy": { + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.DeploymentConfigurationValidationPolicy", + "markdownDescription": "The configuration validation policy for the configuration deployment. This policy defines how long each component has to validate its configure updates.", + "title": "ConfigurationValidationPolicy" + }, + "FailureHandlingPolicy": { + "markdownDescription": "The failure handling policy for the configuration deployment. This policy defines what to do if the deployment fails.\n\nDefault: `ROLLBACK`", + "title": "FailureHandlingPolicy", "type": "string" } }, + "type": "object" + }, + "AWS::GreengrassV2::Deployment.IoTJobAbortConfig": { + "additionalProperties": false, + "properties": { + "CriteriaList": { + "items": { + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.IoTJobAbortCriteria" + }, + "markdownDescription": "The list of criteria that define when and how to cancel the configuration deployment.", + "title": "CriteriaList", + "type": "array" + } + }, "required": [ - "Type", - "Properties" + "CriteriaList" ], "type": "object" }, - "AWS::IoTTwinMaker::Workspace": { + "AWS::GreengrassV2::Deployment.IoTJobAbortCriteria": { "additionalProperties": false, "properties": { - "Condition": { + "Action": { + "markdownDescription": "The action to perform when the criteria are met.", + "title": "Action", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FailureType": { + "markdownDescription": "The type of job deployment failure that can cancel a job.", + "title": "FailureType", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "MinNumberOfExecutedThings": { + "markdownDescription": "The minimum number of things that receive the configuration before the job can cancel.", + "title": "MinNumberOfExecutedThings", + "type": "number" }, - "Metadata": { - "type": "object" + "ThresholdPercentage": { + "markdownDescription": "The minimum percentage of `failureType` failures that occur before the job can cancel.\n\nThis parameter supports up to two digits after the decimal (for example, you can specify `10.9` or `10.99` , but not `10.999` ).", + "title": "ThresholdPercentage", + "type": "number" + } + }, + "required": [ + "Action", + "FailureType", + "MinNumberOfExecutedThings", + "ThresholdPercentage" + ], + "type": "object" + }, + "AWS::GreengrassV2::Deployment.IoTJobExecutionsRolloutConfig": { + "additionalProperties": false, + "properties": { + "ExponentialRate": { + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.IoTJobExponentialRolloutRate", + "markdownDescription": "The exponential rate to increase the job rollout rate.", + "title": "ExponentialRate" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The description of the workspace.", - "title": "Description", - "type": "string" - }, - "Role": { - "markdownDescription": "The ARN of the execution role associated with the workspace.", - "title": "Role", - "type": "string" - }, - "S3Location": { - "markdownDescription": "The ARN of the S3 bucket where resources associated with the workspace are stored.", - "title": "S3Location", - "type": "string" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Metadata that you can use to manage the workspace.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - }, - "WorkspaceId": { - "markdownDescription": "The ID of the workspace.", - "title": "WorkspaceId", - "type": "string" - } - }, - "required": [ - "Role", - "S3Location", - "WorkspaceId" - ], - "type": "object" + "MaximumPerMinute": { + "markdownDescription": "The maximum number of devices that receive a pending job notification, per minute.", + "title": "MaximumPerMinute", + "type": "number" + } + }, + "type": "object" + }, + "AWS::GreengrassV2::Deployment.IoTJobExponentialRolloutRate": { + "additionalProperties": false, + "properties": { + "BaseRatePerMinute": { + "markdownDescription": "The minimum number of devices that receive a pending job notification, per minute, when the job starts. This parameter defines the initial rollout rate of the job.", + "title": "BaseRatePerMinute", + "type": "number" }, - "Type": { - "enum": [ - "AWS::IoTTwinMaker::Workspace" - ], - "type": "string" + "IncrementFactor": { + "markdownDescription": "The exponential factor to increase the rollout rate for the job.\n\nThis parameter supports up to one digit after the decimal (for example, you can specify `1.5` , but not `1.55` ).", + "title": "IncrementFactor", + "type": "number" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "RateIncreaseCriteria": { + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.IoTJobRateIncreaseCriteria", + "markdownDescription": "The criteria to increase the rollout rate for the job.", + "title": "RateIncreaseCriteria" } }, "required": [ - "Type", - "Properties" + "BaseRatePerMinute", + "IncrementFactor", + "RateIncreaseCriteria" ], "type": "object" }, - "AWS::IoTWireless::Destination": { + "AWS::GreengrassV2::Deployment.IoTJobRateIncreaseCriteria": { + "additionalProperties": false, + "properties": { + "NumberOfNotifiedThings": { + "markdownDescription": "The number of devices to receive the job notification before the rollout rate increases.", + "title": "NumberOfNotifiedThings", + "type": "number" + }, + "NumberOfSucceededThings": { + "markdownDescription": "The number of devices to successfully run the configuration job before the rollout rate increases.", + "title": "NumberOfSucceededThings", + "type": "number" + } + }, + "type": "object" + }, + "AWS::GreengrassV2::Deployment.IoTJobTimeoutConfig": { + "additionalProperties": false, + "properties": { + "InProgressTimeoutInMinutes": { + "markdownDescription": "The amount of time, in minutes, that devices have to complete the job. The timer starts when the job status is set to `IN_PROGRESS` . If the job status doesn't change to a terminal state before the time expires, then the job status is set to `TIMED_OUT` .\n\nThe timeout interval must be between 1 minute and 7 days (10080 minutes).", + "title": "InProgressTimeoutInMinutes", + "type": "number" + } + }, + "type": "object" + }, + "AWS::GreengrassV2::Deployment.SystemResourceLimits": { + "additionalProperties": false, + "properties": { + "Cpus": { + "markdownDescription": "The maximum amount of CPU time that a component's processes can use on the core device. A core device's total CPU time is equivalent to the device's number of CPU cores. For example, on a core device with 4 CPU cores, you can set this value to 2 to limit the component's processes to 50 percent usage of each CPU core. On a device with 1 CPU core, you can set this value to 0.25 to limit the component's processes to 25 percent usage of the CPU. If you set this value to a number greater than the number of CPU cores, the AWS IoT Greengrass Core software doesn't limit the component's CPU usage.", + "title": "Cpus", + "type": "number" + }, + "Memory": { + "markdownDescription": "The maximum amount of RAM, expressed in kilobytes, that a component's processes can use on the core device. For more information, see [Configure system resource limits for components](https://docs.aws.amazon.com/greengrass/v2/developerguide/configure-greengrass-core-v2.html#configure-component-system-resource-limits) .", + "title": "Memory", + "type": "number" + } + }, + "type": "object" + }, + "AWS::GroundStation::Config": { "additionalProperties": false, "properties": { "Condition": { @@ -131743,50 +136365,34 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the new resource. Maximum length is 2048 characters.", - "title": "Description", - "type": "string" - }, - "Expression": { - "markdownDescription": "The rule name to send messages to.", - "title": "Expression", - "type": "string" - }, - "ExpressionType": { - "markdownDescription": "The type of value in `Expression` .", - "title": "ExpressionType", - "type": "string" + "ConfigData": { + "$ref": "#/definitions/AWS::GroundStation::Config.ConfigData", + "markdownDescription": "Object containing the parameters of a config. Only one subtype may be specified per config. See the subtype definitions for a description of each config subtype.", + "title": "ConfigData" }, "Name": { - "markdownDescription": "The name of the new resource.", + "markdownDescription": "The name of the config object.", "title": "Name", "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM Role that authorizes the destination.", - "title": "RoleArn", - "type": "string" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", + "markdownDescription": "Tags assigned to a resource.", "title": "Tags", "type": "array" } }, "required": [ - "Expression", - "ExpressionType", + "ConfigData", "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTWireless::Destination" + "AWS::GroundStation::Config" ], "type": "string" }, @@ -131805,7 +136411,272 @@ ], "type": "object" }, - "AWS::IoTWireless::DeviceProfile": { + "AWS::GroundStation::Config.AntennaDownlinkConfig": { + "additionalProperties": false, + "properties": { + "SpectrumConfig": { + "$ref": "#/definitions/AWS::GroundStation::Config.SpectrumConfig", + "markdownDescription": "Defines the spectrum configuration.", + "title": "SpectrumConfig" + } + }, + "type": "object" + }, + "AWS::GroundStation::Config.AntennaDownlinkDemodDecodeConfig": { + "additionalProperties": false, + "properties": { + "DecodeConfig": { + "$ref": "#/definitions/AWS::GroundStation::Config.DecodeConfig", + "markdownDescription": "Defines how the RF signal will be decoded.", + "title": "DecodeConfig" + }, + "DemodulationConfig": { + "$ref": "#/definitions/AWS::GroundStation::Config.DemodulationConfig", + "markdownDescription": "Defines how the RF signal will be demodulated.", + "title": "DemodulationConfig" + }, + "SpectrumConfig": { + "$ref": "#/definitions/AWS::GroundStation::Config.SpectrumConfig", + "markdownDescription": "Defines the spectrum configuration.", + "title": "SpectrumConfig" + } + }, + "type": "object" + }, + "AWS::GroundStation::Config.AntennaUplinkConfig": { + "additionalProperties": false, + "properties": { + "SpectrumConfig": { + "$ref": "#/definitions/AWS::GroundStation::Config.UplinkSpectrumConfig", + "markdownDescription": "Defines the spectrum configuration.", + "title": "SpectrumConfig" + }, + "TargetEirp": { + "$ref": "#/definitions/AWS::GroundStation::Config.Eirp", + "markdownDescription": "The equivalent isotropically radiated power (EIRP) to use for uplink transmissions. Valid values are between 20.0 to 50.0 dBW.", + "title": "TargetEirp" + }, + "TransmitDisabled": { + "markdownDescription": "Whether or not uplink transmit is disabled.", + "title": "TransmitDisabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::GroundStation::Config.ConfigData": { + "additionalProperties": false, + "properties": { + "AntennaDownlinkConfig": { + "$ref": "#/definitions/AWS::GroundStation::Config.AntennaDownlinkConfig", + "markdownDescription": "Provides information for an antenna downlink config object. Antenna downlink config objects are used to provide parameters for downlinks where no demodulation or decoding is performed by Ground Station (RF over IP downlinks).", + "title": "AntennaDownlinkConfig" + }, + "AntennaDownlinkDemodDecodeConfig": { + "$ref": "#/definitions/AWS::GroundStation::Config.AntennaDownlinkDemodDecodeConfig", + "markdownDescription": "Provides information for a downlink demod decode config object. Downlink demod decode config objects are used to provide parameters for downlinks where the Ground Station service will demodulate and decode the downlinked data.", + "title": "AntennaDownlinkDemodDecodeConfig" + }, + "AntennaUplinkConfig": { + "$ref": "#/definitions/AWS::GroundStation::Config.AntennaUplinkConfig", + "markdownDescription": "Provides information for an uplink config object. Uplink config objects are used to provide parameters for uplink contacts.", + "title": "AntennaUplinkConfig" + }, + "DataflowEndpointConfig": { + "$ref": "#/definitions/AWS::GroundStation::Config.DataflowEndpointConfig", + "markdownDescription": "Provides information for a dataflow endpoint config object. Dataflow endpoint config objects are used to provide parameters about which IP endpoint(s) to use during a contact. Dataflow endpoints are where Ground Station sends data during a downlink contact and where Ground Station receives data to send to the satellite during an uplink contact.", + "title": "DataflowEndpointConfig" + }, + "S3RecordingConfig": { + "$ref": "#/definitions/AWS::GroundStation::Config.S3RecordingConfig", + "markdownDescription": "Provides information for an S3 recording config object. S3 recording config objects are used to provide parameters for S3 recording during downlink contacts.", + "title": "S3RecordingConfig" + }, + "TrackingConfig": { + "$ref": "#/definitions/AWS::GroundStation::Config.TrackingConfig", + "markdownDescription": "Provides information for a tracking config object. Tracking config objects are used to provide parameters about how to track the satellite through the sky during a contact.", + "title": "TrackingConfig" + }, + "UplinkEchoConfig": { + "$ref": "#/definitions/AWS::GroundStation::Config.UplinkEchoConfig", + "markdownDescription": "Provides information for an uplink echo config object. Uplink echo config objects are used to provide parameters for uplink echo during uplink contacts.", + "title": "UplinkEchoConfig" + } + }, + "type": "object" + }, + "AWS::GroundStation::Config.DataflowEndpointConfig": { + "additionalProperties": false, + "properties": { + "DataflowEndpointName": { + "markdownDescription": "The name of the dataflow endpoint to use during contacts.", + "title": "DataflowEndpointName", + "type": "string" + }, + "DataflowEndpointRegion": { + "markdownDescription": "The region of the dataflow endpoint to use during contacts. When omitted, Ground Station will use the region of the contact.", + "title": "DataflowEndpointRegion", + "type": "string" + } + }, + "type": "object" + }, + "AWS::GroundStation::Config.DecodeConfig": { + "additionalProperties": false, + "properties": { + "UnvalidatedJSON": { + "markdownDescription": "The decoding settings are in JSON format and define a set of steps to perform to decode the data.", + "title": "UnvalidatedJSON", + "type": "string" + } + }, + "type": "object" + }, + "AWS::GroundStation::Config.DemodulationConfig": { + "additionalProperties": false, + "properties": { + "UnvalidatedJSON": { + "markdownDescription": "The demodulation settings are in JSON format and define parameters for demodulation, for example which modulation scheme (e.g. PSK, QPSK, etc.) and matched filter to use.", + "title": "UnvalidatedJSON", + "type": "string" + } + }, + "type": "object" + }, + "AWS::GroundStation::Config.Eirp": { + "additionalProperties": false, + "properties": { + "Units": { + "markdownDescription": "The units of the EIRP.", + "title": "Units", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the EIRP. Valid values are between 20.0 to 50.0 dBW.", + "title": "Value", + "type": "number" + } + }, + "type": "object" + }, + "AWS::GroundStation::Config.Frequency": { + "additionalProperties": false, + "properties": { + "Units": { + "markdownDescription": "The units of the frequency.", + "title": "Units", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the frequency. Valid values are between 2200 to 2300 MHz and 7750 to 8400 MHz for downlink and 2025 to 2120 MHz for uplink.", + "title": "Value", + "type": "number" + } + }, + "type": "object" + }, + "AWS::GroundStation::Config.FrequencyBandwidth": { + "additionalProperties": false, + "properties": { + "Units": { + "markdownDescription": "The units of the bandwidth.", + "title": "Units", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the bandwidth. AWS Ground Station currently has the following bandwidth limitations: \n\n- For `AntennaDownlinkDemodDecodeconfig` , valid values are between 125 kHz to 650 MHz.\n- For `AntennaDownlinkconfig` , valid values are between 10 kHz to 54 MHz.\n- For `AntennaUplinkConfig` , valid values are between 10 kHz to 54 MHz.", + "title": "Value", + "type": "number" + } + }, + "type": "object" + }, + "AWS::GroundStation::Config.S3RecordingConfig": { + "additionalProperties": false, + "properties": { + "BucketArn": { + "markdownDescription": "S3 Bucket where the data is written. The name of the S3 Bucket provided must begin with `aws-groundstation` .", + "title": "BucketArn", + "type": "string" + }, + "Prefix": { + "markdownDescription": "The prefix of the S3 data object. If you choose to use any optional keys for substitution, these values will be replaced with the corresponding information from your contact details. For example, a prefix of `{satellite_id}/{year}/{month}/{day}/` will replaced with `fake_satellite_id/2021/01/10/`\n\n*Optional keys for substitution* : `{satellite_id}` | `{config-name}` | `{config-id}` | `{year}` | `{month}` | `{day}`", + "title": "Prefix", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "Defines the ARN of the role assumed for putting archives to S3.", + "title": "RoleArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::GroundStation::Config.SpectrumConfig": { + "additionalProperties": false, + "properties": { + "Bandwidth": { + "$ref": "#/definitions/AWS::GroundStation::Config.FrequencyBandwidth", + "markdownDescription": "The bandwidth of the spectrum. AWS Ground Station currently has the following bandwidth limitations: \n\n- For `AntennaDownlinkDemodDecodeconfig` , valid values are between 125 kHz to 650 MHz.\n- For `AntennaDownlinkconfig` , valid values are between 10 kHz to 54 MHz.\n- For `AntennaUplinkConfig` , valid values are between 10 kHz to 54 MHz.", + "title": "Bandwidth" + }, + "CenterFrequency": { + "$ref": "#/definitions/AWS::GroundStation::Config.Frequency", + "markdownDescription": "The center frequency of the spectrum. Valid values are between 2200 to 2300 MHz and 7750 to 8400 MHz for downlink and 2025 to 2120 MHz for uplink.", + "title": "CenterFrequency" + }, + "Polarization": { + "markdownDescription": "The polarization of the spectrum. Valid values are `\"RIGHT_HAND\"` and `\"LEFT_HAND\"` . Capturing both `\"RIGHT_HAND\"` and `\"LEFT_HAND\"` polarization requires two separate configs.", + "title": "Polarization", + "type": "string" + } + }, + "type": "object" + }, + "AWS::GroundStation::Config.TrackingConfig": { + "additionalProperties": false, + "properties": { + "Autotrack": { + "markdownDescription": "Specifies whether or not to use autotrack. `REMOVED` specifies that program track should only be used during the contact. `PREFERRED` specifies that autotracking is preferred during the contact but fallback to program track if the signal is lost. `REQUIRED` specifies that autotracking is required during the contact and not to use program track if the signal is lost.", + "title": "Autotrack", + "type": "string" + } + }, + "type": "object" + }, + "AWS::GroundStation::Config.UplinkEchoConfig": { + "additionalProperties": false, + "properties": { + "AntennaUplinkConfigArn": { + "markdownDescription": "Defines the ARN of the uplink config to echo back to a dataflow endpoint.", + "title": "AntennaUplinkConfigArn", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Whether or not uplink echo is enabled.", + "title": "Enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::GroundStation::Config.UplinkSpectrumConfig": { + "additionalProperties": false, + "properties": { + "CenterFrequency": { + "$ref": "#/definitions/AWS::GroundStation::Config.Frequency", + "markdownDescription": "The center frequency of the spectrum. Valid values are between 2200 to 2300 MHz and 7750 to 8400 MHz for downlink and 2025 to 2120 MHz for uplink.", + "title": "CenterFrequency" + }, + "Polarization": { + "markdownDescription": "The polarization of the spectrum. Valid values are `\"RIGHT_HAND\"` and `\"LEFT_HAND\"` .", + "title": "Polarization", + "type": "string" + } + }, + "type": "object" + }, + "AWS::GroundStation::DataflowEndpointGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -131840,30 +136711,41 @@ "Properties": { "additionalProperties": false, "properties": { - "LoRaWAN": { - "$ref": "#/definitions/AWS::IoTWireless::DeviceProfile.LoRaWANDeviceProfile", - "markdownDescription": "LoRaWAN device profile object.", - "title": "LoRaWAN" + "ContactPostPassDurationSeconds": { + "markdownDescription": "Amount of time, in seconds, after a contact ends that the Ground Station Dataflow Endpoint Group will be in a `POSTPASS` state. A Ground Station Dataflow Endpoint Group State Change event will be emitted when the Dataflow Endpoint Group enters and exits the `POSTPASS` state.", + "title": "ContactPostPassDurationSeconds", + "type": "number" }, - "Name": { - "markdownDescription": "The name of the new resource.", - "title": "Name", - "type": "string" + "ContactPrePassDurationSeconds": { + "markdownDescription": "Amount of time, in seconds, before a contact starts that the Ground Station Dataflow Endpoint Group will be in a `PREPASS` state. A Ground Station Dataflow Endpoint Group State Change event will be emitted when the Dataflow Endpoint Group enters and exits the `PREPASS` state.", + "title": "ContactPrePassDurationSeconds", + "type": "number" + }, + "EndpointDetails": { + "items": { + "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.EndpointDetails" + }, + "markdownDescription": "List of Endpoint Details, containing address and port for each endpoint. All dataflow endpoints within a single dataflow endpoint group must be of the same type. You cannot mix AWS Ground Station Agent endpoints with Dataflow endpoints in the same group. If your use case requires both types of endpoints, you must create separate dataflow endpoint groups for each type.", + "title": "EndpointDetails", + "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", + "markdownDescription": "Tags assigned to a resource.", "title": "Tags", "type": "array" } }, + "required": [ + "EndpointDetails" + ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTWireless::DeviceProfile" + "AWS::GroundStation::DataflowEndpointGroup" ], "type": "string" }, @@ -131877,115 +136759,192 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoTWireless::DeviceProfile.LoRaWANDeviceProfile": { + "AWS::GroundStation::DataflowEndpointGroup.AwsGroundStationAgentEndpoint": { "additionalProperties": false, "properties": { - "ClassBTimeout": { - "markdownDescription": "The ClassBTimeout value.", - "title": "ClassBTimeout", - "type": "number" - }, - "ClassCTimeout": { - "markdownDescription": "The ClassCTimeout value.", - "title": "ClassCTimeout", - "type": "number" - }, - "FactoryPresetFreqsList": { - "items": { - "type": "number" - }, - "markdownDescription": "The list of values that make up the FactoryPresetFreqs value. Valid range of values include a minimum value of 1000000 and a maximum value of 16700000.", - "title": "FactoryPresetFreqsList", - "type": "array" + "AgentStatus": { + "markdownDescription": "The status of AgentEndpoint.", + "title": "AgentStatus", + "type": "string" }, - "MacVersion": { - "markdownDescription": "The MAC version (such as OTAA 1.1 or OTAA 1.0.3) to use with this device profile.", - "title": "MacVersion", + "AuditResults": { + "markdownDescription": "The results of the audit.", + "title": "AuditResults", "type": "string" }, - "MaxDutyCycle": { - "markdownDescription": "The MaxDutyCycle value.", - "title": "MaxDutyCycle", - "type": "number" + "EgressAddress": { + "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.ConnectionDetails", + "markdownDescription": "The egress address of AgentEndpoint.", + "title": "EgressAddress" }, - "MaxEirp": { - "markdownDescription": "The MaxEIRP value.", - "title": "MaxEirp", - "type": "number" + "IngressAddress": { + "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.RangedConnectionDetails", + "markdownDescription": "The ingress address of AgentEndpoint.", + "title": "IngressAddress" }, - "PingSlotDr": { - "markdownDescription": "The PingSlotDR value.", - "title": "PingSlotDr", + "Name": { + "markdownDescription": "Name string associated with AgentEndpoint. Used as a human-readable identifier for AgentEndpoint.", + "title": "Name", + "type": "string" + } + }, + "type": "object" + }, + "AWS::GroundStation::DataflowEndpointGroup.ConnectionDetails": { + "additionalProperties": false, + "properties": { + "Mtu": { + "markdownDescription": "Maximum transmission unit (MTU) size in bytes of a dataflow endpoint.", + "title": "Mtu", "type": "number" }, - "PingSlotFreq": { - "markdownDescription": "The PingSlotFreq value.", - "title": "PingSlotFreq", - "type": "number" + "SocketAddress": { + "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.SocketAddress", + "markdownDescription": "A socket address.", + "title": "SocketAddress" + } + }, + "type": "object" + }, + "AWS::GroundStation::DataflowEndpointGroup.DataflowEndpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.SocketAddress", + "markdownDescription": "The address and port of an endpoint.", + "title": "Address" }, - "PingSlotPeriod": { - "markdownDescription": "The PingSlotPeriod value.", - "title": "PingSlotPeriod", + "Mtu": { + "markdownDescription": "Maximum transmission unit (MTU) size in bytes of a dataflow endpoint. Valid values are between 1400 and 1500. A default value of 1500 is used if not set.", + "title": "Mtu", "type": "number" }, - "RegParamsRevision": { - "markdownDescription": "The version of regional parameters.", - "title": "RegParamsRevision", + "Name": { + "markdownDescription": "The endpoint name.\n\nWhen listing available contacts for a satellite, Ground Station searches for a dataflow endpoint whose name matches the value specified by the dataflow endpoint config of the selected mission profile. If no matching dataflow endpoints are found then Ground Station will not display any available contacts for the satellite.", + "title": "Name", "type": "string" + } + }, + "type": "object" + }, + "AWS::GroundStation::DataflowEndpointGroup.EndpointDetails": { + "additionalProperties": false, + "properties": { + "AwsGroundStationAgentEndpoint": { + "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.AwsGroundStationAgentEndpoint", + "markdownDescription": "An agent endpoint.", + "title": "AwsGroundStationAgentEndpoint" }, - "RfRegion": { - "markdownDescription": "The frequency band (RFRegion) value.", - "title": "RfRegion", - "type": "string" + "Endpoint": { + "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.DataflowEndpoint", + "markdownDescription": "Information about the endpoint such as name and the endpoint address.", + "title": "Endpoint" }, - "RxDataRate2": { - "markdownDescription": "The RXDataRate2 value.", - "title": "RxDataRate2", + "SecurityDetails": { + "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.SecurityDetails", + "markdownDescription": "The role ARN, and IDs for security groups and subnets.", + "title": "SecurityDetails" + } + }, + "type": "object" + }, + "AWS::GroundStation::DataflowEndpointGroup.IntegerRange": { + "additionalProperties": false, + "properties": { + "Maximum": { + "markdownDescription": "A maximum value.", + "title": "Maximum", "type": "number" }, - "RxDelay1": { - "markdownDescription": "The RXDelay1 value.", - "title": "RxDelay1", + "Minimum": { + "markdownDescription": "A minimum value.", + "title": "Minimum", "type": "number" - }, - "RxDrOffset1": { - "markdownDescription": "The RXDROffset1 value.", - "title": "RxDrOffset1", + } + }, + "type": "object" + }, + "AWS::GroundStation::DataflowEndpointGroup.RangedConnectionDetails": { + "additionalProperties": false, + "properties": { + "Mtu": { + "markdownDescription": "Maximum transmission unit (MTU) size in bytes of a dataflow endpoint.", + "title": "Mtu", "type": "number" }, - "RxFreq2": { - "markdownDescription": "The RXFreq2 value.", - "title": "RxFreq2", - "type": "number" + "SocketAddress": { + "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.RangedSocketAddress", + "markdownDescription": "A ranged socket address.", + "title": "SocketAddress" + } + }, + "type": "object" + }, + "AWS::GroundStation::DataflowEndpointGroup.RangedSocketAddress": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "IPv4 socket address.", + "title": "Name", + "type": "string" }, - "Supports32BitFCnt": { - "markdownDescription": "The Supports32BitFCnt value.", - "title": "Supports32BitFCnt", - "type": "boolean" + "PortRange": { + "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.IntegerRange", + "markdownDescription": "Port range of a socket address.", + "title": "PortRange" + } + }, + "type": "object" + }, + "AWS::GroundStation::DataflowEndpointGroup.SecurityDetails": { + "additionalProperties": false, + "properties": { + "RoleArn": { + "markdownDescription": "The ARN of a role which Ground Station has permission to assume, such as `arn:aws:iam::1234567890:role/DataDeliveryServiceRole` .\n\nGround Station will assume this role and create an ENI in your VPC on the specified subnet upon creation of a dataflow endpoint group. This ENI is used as the ingress/egress point for data streamed during a satellite contact.", + "title": "RoleArn", + "type": "string" }, - "SupportsClassB": { - "markdownDescription": "The SupportsClassB value.", - "title": "SupportsClassB", - "type": "boolean" + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The security group Ids of the security role, such as `sg-1234567890abcdef0` .", + "title": "SecurityGroupIds", + "type": "array" }, - "SupportsClassC": { - "markdownDescription": "The SupportsClassC value.", - "title": "SupportsClassC", - "type": "boolean" + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The subnet Ids of the security details, such as `subnet-12345678` .", + "title": "SubnetIds", + "type": "array" + } + }, + "type": "object" + }, + "AWS::GroundStation::DataflowEndpointGroup.SocketAddress": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the endpoint, such as `Endpoint 1` .", + "title": "Name", + "type": "string" }, - "SupportsJoin": { - "markdownDescription": "The SupportsJoin value.", - "title": "SupportsJoin", - "type": "boolean" + "Port": { + "markdownDescription": "The port of the endpoint, such as `55888` .", + "title": "Port", + "type": "number" } }, "type": "object" }, - "AWS::IoTWireless::FuotaTask": { + "AWS::GroundStation::MissionProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -132020,70 +136979,69 @@ "Properties": { "additionalProperties": false, "properties": { - "AssociateMulticastGroup": { - "markdownDescription": "The ID of the multicast group to associate with a FUOTA task.", - "title": "AssociateMulticastGroup", - "type": "string" - }, - "AssociateWirelessDevice": { - "markdownDescription": "The ID of the wireless device to associate with a multicast group.", - "title": "AssociateWirelessDevice", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the new resource.", - "title": "Description", - "type": "string" + "ContactPostPassDurationSeconds": { + "markdownDescription": "Amount of time in seconds after a contact ends that you\u2019d like to receive a Ground Station Contact State Change indicating the pass has finished.", + "title": "ContactPostPassDurationSeconds", + "type": "number" }, - "DisassociateMulticastGroup": { - "markdownDescription": "The ID of the multicast group to disassociate from a FUOTA task.", - "title": "DisassociateMulticastGroup", - "type": "string" + "ContactPrePassDurationSeconds": { + "markdownDescription": "Amount of time in seconds prior to contact start that you'd like to receive a Ground Station Contact State Change Event indicating an upcoming pass.", + "title": "ContactPrePassDurationSeconds", + "type": "number" }, - "DisassociateWirelessDevice": { - "markdownDescription": "The ID of the wireless device to disassociate from a FUOTA task.", - "title": "DisassociateWirelessDevice", - "type": "string" + "DataflowEdges": { + "items": { + "$ref": "#/definitions/AWS::GroundStation::MissionProfile.DataflowEdge" + }, + "markdownDescription": "A list containing lists of config ARNs. Each list of config ARNs is an edge, with a \"from\" config and a \"to\" config.", + "title": "DataflowEdges", + "type": "array" }, - "FirmwareUpdateImage": { - "markdownDescription": "The S3 URI points to a firmware update image that is to be used with a FUOTA task.", - "title": "FirmwareUpdateImage", - "type": "string" + "MinimumViableContactDurationSeconds": { + "markdownDescription": "Minimum length of a contact in seconds that Ground Station will return when listing contacts. Ground Station will not return contacts shorter than this duration.", + "title": "MinimumViableContactDurationSeconds", + "type": "number" }, - "FirmwareUpdateRole": { - "markdownDescription": "The firmware update role that is to be used with a FUOTA task.", - "title": "FirmwareUpdateRole", + "Name": { + "markdownDescription": "The name of the mission profile.", + "title": "Name", "type": "string" }, - "LoRaWAN": { - "$ref": "#/definitions/AWS::IoTWireless::FuotaTask.LoRaWAN", - "markdownDescription": "The LoRaWAN information used with a FUOTA task.", - "title": "LoRaWAN" + "StreamsKmsKey": { + "$ref": "#/definitions/AWS::GroundStation::MissionProfile.StreamsKmsKey", + "markdownDescription": "KMS key to use for encrypting streams.", + "title": "StreamsKmsKey" }, - "Name": { - "markdownDescription": "The name of a FUOTA task.", - "title": "Name", + "StreamsKmsRole": { + "markdownDescription": "Role to use for encrypting streams with KMS key.", + "title": "StreamsKmsRole", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", + "markdownDescription": "Tags assigned to the mission profile.", "title": "Tags", "type": "array" + }, + "TrackingConfigArn": { + "markdownDescription": "The ARN of a tracking config objects that defines how to track the satellite through the sky during a contact.", + "title": "TrackingConfigArn", + "type": "string" } }, "required": [ - "FirmwareUpdateImage", - "FirmwareUpdateRole", - "LoRaWAN" + "DataflowEdges", + "MinimumViableContactDurationSeconds", + "Name", + "TrackingConfigArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTWireless::FuotaTask" + "AWS::GroundStation::MissionProfile" ], "type": "string" }, @@ -132102,26 +137060,44 @@ ], "type": "object" }, - "AWS::IoTWireless::FuotaTask.LoRaWAN": { + "AWS::GroundStation::MissionProfile.DataflowEdge": { "additionalProperties": false, "properties": { - "RfRegion": { - "markdownDescription": "The frequency band (RFRegion) value.", - "title": "RfRegion", + "Destination": { + "markdownDescription": "The ARN of the destination for this dataflow edge. For example, specify the ARN of a dataflow endpoint config for a downlink edge or an antenna uplink config for an uplink edge.", + "title": "Destination", "type": "string" }, - "StartTime": { - "markdownDescription": "Start time of a FUOTA task.", - "title": "StartTime", + "Source": { + "markdownDescription": "The ARN of the source for this dataflow edge. For example, specify the ARN of an antenna downlink config for a downlink edge or a dataflow endpoint config for an uplink edge.", + "title": "Source", "type": "string" } }, - "required": [ - "RfRegion" - ], "type": "object" }, - "AWS::IoTWireless::MulticastGroup": { + "AWS::GroundStation::MissionProfile.StreamsKmsKey": { + "additionalProperties": false, + "properties": { + "KmsAliasArn": { + "markdownDescription": "KMS Alias Arn.", + "title": "KmsAliasArn", + "type": "string" + }, + "KmsAliasName": { + "markdownDescription": "KMS Alias Name.", + "title": "KmsAliasName", + "type": "string" + }, + "KmsKeyArn": { + "markdownDescription": "KMS Key Arn.", + "title": "KmsKeyArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::GuardDuty::Detector": { "additionalProperties": false, "properties": { "Condition": { @@ -132156,48 +137132,46 @@ "Properties": { "additionalProperties": false, "properties": { - "AssociateWirelessDevice": { - "markdownDescription": "The ID of the wireless device to associate with a multicast group.", - "title": "AssociateWirelessDevice", - "type": "string" + "DataSources": { + "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNDataSourceConfigurations", + "markdownDescription": "Describes which data sources will be enabled for the detector.", + "title": "DataSources" }, - "Description": { - "markdownDescription": "The description of the multicast group.", - "title": "Description", - "type": "string" - }, - "DisassociateWirelessDevice": { - "markdownDescription": "The ID of the wireless device to disassociate from a multicast group.", - "title": "DisassociateWirelessDevice", - "type": "string" + "Enable": { + "markdownDescription": "Specifies whether the detector is to be enabled on creation.", + "title": "Enable", + "type": "boolean" }, - "LoRaWAN": { - "$ref": "#/definitions/AWS::IoTWireless::MulticastGroup.LoRaWAN", - "markdownDescription": "The LoRaWAN information that is to be used with the multicast group.", - "title": "LoRaWAN" + "Features": { + "items": { + "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNFeatureConfiguration" + }, + "markdownDescription": "A list of features that will be configured for the detector.", + "title": "Features", + "type": "array" }, - "Name": { - "markdownDescription": "The name of the multicast group.", - "title": "Name", + "FindingPublishingFrequency": { + "markdownDescription": "Specifies how frequently updated findings are exported.", + "title": "FindingPublishingFrequency", "type": "string" }, "Tags": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::GuardDuty::Detector.TagItem" }, - "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", + "markdownDescription": "Specifies tags added to a new detector resource. Each tag consists of a key and an optional value, both of which you define.\n\nCurrently, support is available only for creating and deleting a tag. No support exists for updating the tags.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ - "LoRaWAN" + "Enable" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTWireless::MulticastGroup" + "AWS::GuardDuty::Detector" ], "type": "string" }, @@ -132216,296 +137190,156 @@ ], "type": "object" }, - "AWS::IoTWireless::MulticastGroup.LoRaWAN": { + "AWS::GuardDuty::Detector.CFNDataSourceConfigurations": { "additionalProperties": false, "properties": { - "DlClass": { - "markdownDescription": "DlClass for LoRaWAN. Valid values are ClassB and ClassC.", - "title": "DlClass", - "type": "string" - }, - "NumberOfDevicesInGroup": { - "markdownDescription": "Number of devices that are associated to the multicast group.", - "title": "NumberOfDevicesInGroup", - "type": "number" + "Kubernetes": { + "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNKubernetesConfiguration", + "markdownDescription": "Describes which Kubernetes data sources are enabled for a detector.", + "title": "Kubernetes" }, - "NumberOfDevicesRequested": { - "markdownDescription": "Number of devices that are requested to be associated with the multicast group.", - "title": "NumberOfDevicesRequested", - "type": "number" + "MalwareProtection": { + "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNMalwareProtectionConfiguration", + "markdownDescription": "Describes whether Malware Protection will be enabled as a data source.", + "title": "MalwareProtection" }, - "RfRegion": { - "markdownDescription": "The frequency band (RFRegion) value.", - "title": "RfRegion", - "type": "string" + "S3Logs": { + "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNS3LogsConfiguration", + "markdownDescription": "Describes whether S3 data event logs are enabled as a data source.", + "title": "S3Logs" } }, - "required": [ - "DlClass", - "RfRegion" - ], "type": "object" }, - "AWS::IoTWireless::NetworkAnalyzerConfiguration": { + "AWS::GuardDuty::Detector.CFNFeatureAdditionalConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "Name": { + "markdownDescription": "Name of the additional configuration.", + "title": "Name", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Status": { + "markdownDescription": "Status of the additional configuration.", + "title": "Status", "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The description of the resource.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "Name of the network analyzer configuration.", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to attach to the specified resource. Tags are metadata that you can use to manage a resource.", - "title": "Tags", - "type": "array" - }, - "TraceContent": { - "$ref": "#/definitions/AWS::IoTWireless::NetworkAnalyzerConfiguration.TraceContent", - "markdownDescription": "Trace content for your wireless gateway and wireless device resources.", - "title": "TraceContent" - }, - "WirelessDevices": { - "items": { - "type": "string" - }, - "markdownDescription": "Wireless device resources to add to the network analyzer configuration. Provide the `WirelessDeviceId` of the resource to add in the input array.", - "title": "WirelessDevices", - "type": "array" - }, - "WirelessGateways": { - "items": { - "type": "string" - }, - "markdownDescription": "Wireless gateway resources to add to the network analyzer configuration. Provide the `WirelessGatewayId` of the resource to add in the input array.", - "title": "WirelessGateways", - "type": "array" - } + } + }, + "type": "object" + }, + "AWS::GuardDuty::Detector.CFNFeatureConfiguration": { + "additionalProperties": false, + "properties": { + "AdditionalConfiguration": { + "items": { + "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNFeatureAdditionalConfiguration" }, - "required": [ - "Name" - ], - "type": "object" + "markdownDescription": "Information about the additional configuration of a feature in your account.", + "title": "AdditionalConfiguration", + "type": "array" }, - "Type": { - "enum": [ - "AWS::IoTWireless::NetworkAnalyzerConfiguration" - ], + "Name": { + "markdownDescription": "Name of the feature. For a list of allowed values, see [DetectorFeatureConfiguration](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DetectorFeatureConfiguration.html#guardduty-Type-DetectorFeatureConfiguration-name) in the *GuardDuty API Reference* .", + "title": "Name", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Status": { + "markdownDescription": "Status of the feature configuration.", + "title": "Status", "type": "string" } }, "required": [ - "Type", - "Properties" + "Name", + "Status" ], "type": "object" }, - "AWS::IoTWireless::NetworkAnalyzerConfiguration.TraceContent": { + "AWS::GuardDuty::Detector.CFNKubernetesAuditLogsConfiguration": { "additionalProperties": false, "properties": { - "LogLevel": { - "markdownDescription": "The log level for a log message. The log levels can be disabled, or set to `ERROR` to display less verbose logs containing only error information, or to `INFO` for more detailed logs", - "title": "LogLevel", - "type": "string" - }, - "WirelessDeviceFrameInfo": { - "markdownDescription": "`FrameInfo` of your wireless device resources for the trace content. Use FrameInfo to debug the communication between your LoRaWAN end devices and the network server.", - "title": "WirelessDeviceFrameInfo", - "type": "string" + "Enable": { + "markdownDescription": "Describes whether Kubernetes audit logs are enabled as a data source for the detector.", + "title": "Enable", + "type": "boolean" } }, + "required": [ + "Enable" + ], "type": "object" }, - "AWS::IoTWireless::PartnerAccount": { + "AWS::GuardDuty::Detector.CFNKubernetesConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AccountLinked": { - "markdownDescription": "Whether the partner account is linked to the AWS account.", - "title": "AccountLinked", - "type": "boolean" - }, - "PartnerAccountId": { - "markdownDescription": "The ID of the partner account to update.", - "title": "PartnerAccountId", - "type": "string" - }, - "PartnerType": { - "markdownDescription": "The partner type.", - "title": "PartnerType", - "type": "string" - }, - "Sidewalk": { - "$ref": "#/definitions/AWS::IoTWireless::PartnerAccount.SidewalkAccountInfo", - "markdownDescription": "The Sidewalk account credentials.", - "title": "Sidewalk" - }, - "SidewalkResponse": { - "$ref": "#/definitions/AWS::IoTWireless::PartnerAccount.SidewalkAccountInfoWithFingerprint", - "markdownDescription": "Information about a Sidewalk account.", - "title": "SidewalkResponse" - }, - "SidewalkUpdate": { - "$ref": "#/definitions/AWS::IoTWireless::PartnerAccount.SidewalkUpdateAccount", - "markdownDescription": "Sidewalk update.", - "title": "SidewalkUpdate" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::IoTWireless::PartnerAccount" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "AuditLogs": { + "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNKubernetesAuditLogsConfiguration", + "markdownDescription": "Describes whether Kubernetes audit logs are enabled as a data source for the detector.", + "title": "AuditLogs" } }, "required": [ - "Type" + "AuditLogs" ], "type": "object" }, - "AWS::IoTWireless::PartnerAccount.SidewalkAccountInfo": { + "AWS::GuardDuty::Detector.CFNMalwareProtectionConfiguration": { "additionalProperties": false, "properties": { - "AppServerPrivateKey": { - "markdownDescription": "The Sidewalk application server private key. The application server private key is a secret key, which you should handle in a similar way as you would an application password. You can protect the application server private key by storing the value in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", - "title": "AppServerPrivateKey", - "type": "string" + "ScanEc2InstanceWithFindings": { + "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNScanEc2InstanceWithFindingsConfiguration", + "markdownDescription": "Describes the configuration of Malware Protection for EC2 instances with findings.", + "title": "ScanEc2InstanceWithFindings" + } + }, + "type": "object" + }, + "AWS::GuardDuty::Detector.CFNS3LogsConfiguration": { + "additionalProperties": false, + "properties": { + "Enable": { + "markdownDescription": "The status of S3 data event logs as a data source.", + "title": "Enable", + "type": "boolean" } }, "required": [ - "AppServerPrivateKey" + "Enable" ], "type": "object" }, - "AWS::IoTWireless::PartnerAccount.SidewalkAccountInfoWithFingerprint": { + "AWS::GuardDuty::Detector.CFNScanEc2InstanceWithFindingsConfiguration": { "additionalProperties": false, "properties": { - "AmazonId": { - "markdownDescription": "The Sidewalk Amazon ID.", - "title": "AmazonId", - "type": "string" - }, - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", - "title": "Arn", - "type": "string" - }, - "Fingerprint": { - "markdownDescription": "The fingerprint of the Sidewalk application server private key.", - "title": "Fingerprint", - "type": "string" + "EbsVolumes": { + "markdownDescription": "Describes the configuration for scanning EBS volumes as data source.", + "title": "EbsVolumes", + "type": "boolean" } }, "type": "object" }, - "AWS::IoTWireless::PartnerAccount.SidewalkUpdateAccount": { + "AWS::GuardDuty::Detector.TagItem": { "additionalProperties": false, "properties": { - "AppServerPrivateKey": { - "markdownDescription": "The new Sidewalk application server private key.", - "title": "AppServerPrivateKey", + "Key": { + "markdownDescription": "The tag key.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The tag value.", + "title": "Value", "type": "string" } }, + "required": [ + "Key", + "Value" + ], "type": "object" }, - "AWS::IoTWireless::ServiceProfile": { + "AWS::GuardDuty::Filter": { "additionalProperties": false, "properties": { "Condition": { @@ -132540,30 +137374,55 @@ "Properties": { "additionalProperties": false, "properties": { - "LoRaWAN": { - "$ref": "#/definitions/AWS::IoTWireless::ServiceProfile.LoRaWANServiceProfile", - "markdownDescription": "LoRaWAN service profile object.", - "title": "LoRaWAN" + "Action": { + "markdownDescription": "Specifies the action that is to be applied to the findings that match the filter.", + "title": "Action", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the filter. Valid characters include alphanumeric characters, and special characters such as hyphen, period, colon, underscore, parentheses ( `{ }` , `[ ]` , and `( )` ), forward slash, horizontal tab, vertical tab, newline, form feed, return, and whitespace.", + "title": "Description", + "type": "string" + }, + "DetectorId": { + "markdownDescription": "The detector ID associated with the GuardDuty account for which you want to create a filter.\n\nTo find the `detectorId` in the current Region, see the\nSettings page in the GuardDuty console, or run the [ListDetectors](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListDetectors.html) API.", + "title": "DetectorId", + "type": "string" + }, + "FindingCriteria": { + "$ref": "#/definitions/AWS::GuardDuty::Filter.FindingCriteria", + "markdownDescription": "Represents the criteria to be used in the filter for querying findings.", + "title": "FindingCriteria" }, "Name": { - "markdownDescription": "The name of the new resource.", + "markdownDescription": "The name of the filter. Valid characters include period (.), underscore (_), dash (-), and alphanumeric characters. A whitespace is considered to be an invalid character.", "title": "Name", "type": "string" }, + "Rank": { + "markdownDescription": "Specifies the position of the filter in the list of current filters. Also specifies the order in which this filter is applied to the findings. The minimum value for this property is 1 and the maximum is 100.\n\nBy default, filters may not be created in the same order as they are ranked. To ensure that the filters are created in the expected order, you can use an optional attribute, [DependsOn](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) , with the following syntax: `\"DependsOn\":[ \"ObjectName\" ]` .", + "title": "Rank", + "type": "number" + }, "Tags": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::GuardDuty::Filter.TagItem" }, - "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", + "markdownDescription": "The tags to be added to a new filter resource. Each tag consists of a key and an optional value, both of which you define.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, + "required": [ + "DetectorId", + "FindingCriteria", + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTWireless::ServiceProfile" + "AWS::GuardDuty::Filter" ], "type": "string" }, @@ -132577,112 +137436,127 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoTWireless::ServiceProfile.LoRaWANServiceProfile": { + "AWS::GuardDuty::Filter.Condition": { "additionalProperties": false, "properties": { - "AddGwMetadata": { - "markdownDescription": "The AddGWMetaData value.", - "title": "AddGwMetadata", - "type": "boolean" + "Eq": { + "items": { + "type": "string" + }, + "markdownDescription": "Represents the equal condition to apply to a single field when querying for findings.", + "title": "Eq", + "type": "array" }, - "ChannelMask": { - "markdownDescription": "The ChannelMask value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "ChannelMask", - "type": "string" + "Equals": { + "items": { + "type": "string" + }, + "markdownDescription": "Represents an *equal* ** condition to be applied to a single field when querying for findings.", + "title": "Equals", + "type": "array" }, - "DevStatusReqFreq": { - "markdownDescription": "The DevStatusReqFreq value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "DevStatusReqFreq", + "GreaterThan": { + "markdownDescription": "Represents a *greater than* condition to be applied to a single field when querying for findings.", + "title": "GreaterThan", "type": "number" }, - "DlBucketSize": { - "markdownDescription": "The DLBucketSize value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "DlBucketSize", + "GreaterThanOrEqual": { + "markdownDescription": "Represents a *greater than or equal* condition to be applied to a single field when querying for findings.", + "title": "GreaterThanOrEqual", "type": "number" }, - "DlRate": { - "markdownDescription": "The DLRate value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "DlRate", + "Gt": { + "markdownDescription": "Represents a *greater than* condition to be applied to a single field when querying for findings.", + "title": "Gt", "type": "number" }, - "DlRatePolicy": { - "markdownDescription": "The DLRatePolicy value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "DlRatePolicy", - "type": "string" - }, - "DrMax": { - "markdownDescription": "The DRMax value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "DrMax", + "Gte": { + "markdownDescription": "Represents the greater than or equal condition to apply to a single field when querying for findings.", + "title": "Gte", "type": "number" }, - "DrMin": { - "markdownDescription": "The DRMin value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "DrMin", + "LessThan": { + "markdownDescription": "Represents a *less than* condition to be applied to a single field when querying for findings.", + "title": "LessThan", "type": "number" }, - "HrAllowed": { - "markdownDescription": "The HRAllowed value that describes whether handover roaming is allowed.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "HrAllowed", - "type": "boolean" - }, - "MinGwDiversity": { - "markdownDescription": "The MinGwDiversity value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "MinGwDiversity", + "LessThanOrEqual": { + "markdownDescription": "Represents a *less than or equal* condition to be applied to a single field when querying for findings.", + "title": "LessThanOrEqual", "type": "number" }, - "NwkGeoLoc": { - "markdownDescription": "The NwkGeoLoc value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "NwkGeoLoc", - "type": "boolean" - }, - "PrAllowed": { - "markdownDescription": "The PRAllowed value that describes whether passive roaming is allowed.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "PrAllowed", - "type": "boolean" - }, - "RaAllowed": { - "markdownDescription": "The RAAllowed value that describes whether roaming activation is allowed.", - "title": "RaAllowed", - "type": "boolean" - }, - "ReportDevStatusBattery": { - "markdownDescription": "The ReportDevStatusBattery value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "ReportDevStatusBattery", - "type": "boolean" - }, - "ReportDevStatusMargin": { - "markdownDescription": "The ReportDevStatusMargin value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "ReportDevStatusMargin", - "type": "boolean" - }, - "TargetPer": { - "markdownDescription": "The TargetPer value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "TargetPer", + "Lt": { + "markdownDescription": "Represents the less than condition to apply to a single field when querying for findings.", + "title": "Lt", "type": "number" }, - "UlBucketSize": { - "markdownDescription": "The UlBucketSize value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "UlBucketSize", + "Lte": { + "markdownDescription": "Represents the less than or equal condition to apply to a single field when querying for findings.", + "title": "Lte", "type": "number" }, - "UlRate": { - "markdownDescription": "The ULRate value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "UlRate", - "type": "number" + "Neq": { + "items": { + "type": "string" + }, + "markdownDescription": "Represents the not equal condition to apply to a single field when querying for findings.", + "title": "Neq", + "type": "array" }, - "UlRatePolicy": { - "markdownDescription": "The ULRatePolicy value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "UlRatePolicy", + "NotEquals": { + "items": { + "type": "string" + }, + "markdownDescription": "Represents a *not equal* ** condition to be applied to a single field when querying for findings.", + "title": "NotEquals", + "type": "array" + } + }, + "type": "object" + }, + "AWS::GuardDuty::Filter.FindingCriteria": { + "additionalProperties": false, + "properties": { + "Criterion": { + "additionalProperties": false, + "markdownDescription": "Represents a map of finding properties that match specified conditions and values when querying findings.\n\nFor information about JSON criterion mapping to their console equivalent, see [Finding criteria](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_filter-findings.html#filter_criteria) . The following are the available criterion:\n\n- accountId\n- id\n- region\n- severity\n\nTo filter on the basis of severity, the API and AWS CLI use the following input list for the `FindingCriteria` condition:\n\n- *Low* : `[\"1\", \"2\", \"3\"]`\n- *Medium* : `[\"4\", \"5\", \"6\"]`\n- *High* : `[\"7\", \"8\", \"9\"]`\n\nFor more information, see [Severity levels for GuardDuty findings](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_findings.html#guardduty_findings-severity) in the *Amazon GuardDuty User Guide* .\n- type\n- updatedAt\n\nType: ISO 8601 string format: `YYYY-MM-DDTHH:MM:SS.SSSZ` or `YYYY-MM-DDTHH:MM:SSZ` depending on whether the value contains milliseconds.\n- resource.accessKeyDetails.accessKeyId\n- resource.accessKeyDetails.principalId\n- resource.accessKeyDetails.userName\n- resource.accessKeyDetails.userType\n- resource.instanceDetails.iamInstanceProfile.id\n- resource.instanceDetails.imageId\n- resource.instanceDetails.instanceId\n- resource.instanceDetails.tags.key\n- resource.instanceDetails.tags.value\n- resource.instanceDetails.networkInterfaces.ipv6Addresses\n- resource.instanceDetails.networkInterfaces.privateIpAddresses.privateIpAddress\n- resource.instanceDetails.networkInterfaces.publicDnsName\n- resource.instanceDetails.networkInterfaces.publicIp\n- resource.instanceDetails.networkInterfaces.securityGroups.groupId\n- resource.instanceDetails.networkInterfaces.securityGroups.groupName\n- resource.instanceDetails.networkInterfaces.subnetId\n- resource.instanceDetails.networkInterfaces.vpcId\n- resource.instanceDetails.outpostArn\n- resource.resourceType\n- resource.s3BucketDetails.publicAccess.effectivePermissions\n- resource.s3BucketDetails.name\n- resource.s3BucketDetails.tags.key\n- resource.s3BucketDetails.tags.value\n- resource.s3BucketDetails.type\n- service.action.actionType\n- service.action.awsApiCallAction.api\n- service.action.awsApiCallAction.callerType\n- service.action.awsApiCallAction.errorCode\n- service.action.awsApiCallAction.remoteIpDetails.city.cityName\n- service.action.awsApiCallAction.remoteIpDetails.country.countryName\n- service.action.awsApiCallAction.remoteIpDetails.ipAddressV4\n- service.action.awsApiCallAction.remoteIpDetails.ipAddressV6\n- service.action.awsApiCallAction.remoteIpDetails.organization.asn\n- service.action.awsApiCallAction.remoteIpDetails.organization.asnOrg\n- service.action.awsApiCallAction.serviceName\n- service.action.dnsRequestAction.domain\n- service.action.dnsRequestAction.domainWithSuffix\n- service.action.networkConnectionAction.blocked\n- service.action.networkConnectionAction.connectionDirection\n- service.action.networkConnectionAction.localPortDetails.port\n- service.action.networkConnectionAction.protocol\n- service.action.networkConnectionAction.remoteIpDetails.city.cityName\n- service.action.networkConnectionAction.remoteIpDetails.country.countryName\n- service.action.networkConnectionAction.remoteIpDetails.ipAddressV4\n- service.action.networkConnectionAction.remoteIpDetails.ipAddressV6\n- service.action.networkConnectionAction.remoteIpDetails.organization.asn\n- service.action.networkConnectionAction.remoteIpDetails.organization.asnOrg\n- service.action.networkConnectionAction.remotePortDetails.port\n- service.action.awsApiCallAction.remoteAccountDetails.affiliated\n- service.action.kubernetesApiCallAction.remoteIpDetails.ipAddressV4\n- service.action.kubernetesApiCallAction.remoteIpDetails.ipAddressV6\n- service.action.kubernetesApiCallAction.namespace\n- service.action.kubernetesApiCallAction.remoteIpDetails.organization.asn\n- service.action.kubernetesApiCallAction.requestUri\n- service.action.kubernetesApiCallAction.statusCode\n- service.action.networkConnectionAction.localIpDetails.ipAddressV4\n- service.action.networkConnectionAction.localIpDetails.ipAddressV6\n- service.action.networkConnectionAction.protocol\n- service.action.awsApiCallAction.serviceName\n- service.action.awsApiCallAction.remoteAccountDetails.accountId\n- service.additionalInfo.threatListName\n- service.resourceRole\n- resource.eksClusterDetails.name\n- resource.kubernetesDetails.kubernetesWorkloadDetails.name\n- resource.kubernetesDetails.kubernetesWorkloadDetails.namespace\n- resource.kubernetesDetails.kubernetesUserDetails.username\n- resource.kubernetesDetails.kubernetesWorkloadDetails.containers.image\n- resource.kubernetesDetails.kubernetesWorkloadDetails.containers.imagePrefix\n- service.ebsVolumeScanDetails.scanId\n- service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.name\n- service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.severity\n- service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.filePaths.hash\n- service.malwareScanDetails.threats.name\n- resource.ecsClusterDetails.name\n- resource.ecsClusterDetails.taskDetails.containers.image\n- resource.ecsClusterDetails.taskDetails.definitionArn\n- resource.containerDetails.image\n- resource.rdsDbInstanceDetails.dbInstanceIdentifier\n- resource.rdsDbInstanceDetails.dbClusterIdentifier\n- resource.rdsDbInstanceDetails.engine\n- resource.rdsDbUserDetails.user\n- resource.rdsDbInstanceDetails.tags.key\n- resource.rdsDbInstanceDetails.tags.value\n- service.runtimeDetails.process.executableSha256\n- service.runtimeDetails.process.name\n- service.runtimeDetails.process.name\n- resource.lambdaDetails.functionName\n- resource.lambdaDetails.functionArn\n- resource.lambdaDetails.tags.key\n- resource.lambdaDetails.tags.value", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::GuardDuty::Filter.Condition" + } + }, + "title": "Criterion", + "type": "object" + } + }, + "type": "object" + }, + "AWS::GuardDuty::Filter.TagItem": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The tag key.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The tag value.", + "title": "Value", "type": "string" } }, + "required": [ + "Key", + "Value" + ], "type": "object" }, - "AWS::IoTWireless::TaskDefinition": { + "AWS::GuardDuty::IPSet": { "additionalProperties": false, "properties": { "Condition": { @@ -132717,48 +137591,54 @@ "Properties": { "additionalProperties": false, "properties": { - "AutoCreateTasks": { - "markdownDescription": "Whether to automatically create tasks using this task definition for all gateways with the specified current version. If `false` , the task must be created by calling `CreateWirelessGatewayTask` .", - "title": "AutoCreateTasks", + "Activate": { + "markdownDescription": "Indicates whether or not GuardDuty uses the `IPSet` .", + "title": "Activate", "type": "boolean" }, - "LoRaWANUpdateGatewayTaskEntry": { - "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.LoRaWANUpdateGatewayTaskEntry", - "markdownDescription": "LoRaWANUpdateGatewayTaskEntry object.", - "title": "LoRaWANUpdateGatewayTaskEntry" + "DetectorId": { + "markdownDescription": "The unique ID of the detector of the GuardDuty account for which you want to create an IPSet.\n\nTo find the `detectorId` in the current Region, see the\nSettings page in the GuardDuty console, or run the [ListDetectors](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListDetectors.html) API.", + "title": "DetectorId", + "type": "string" + }, + "ExpectedBucketOwner": { + "markdownDescription": "The AWS account ID that owns the Amazon S3 bucket specified in the *Location* field.\n\nWhen you provide this account ID, GuardDuty will validate that the S3 bucket belongs to this account. If you don't specify an account ID owner, GuardDuty doesn't perform any validation.", + "title": "ExpectedBucketOwner", + "type": "string" + }, + "Format": { + "markdownDescription": "The format of the file that contains the IPSet.", + "title": "Format", + "type": "string" + }, + "Location": { + "markdownDescription": "The URI of the file that contains the IPSet.", + "title": "Location", + "type": "string" }, "Name": { - "markdownDescription": "The name of the new resource.", + "markdownDescription": "The user-friendly name to identify the IPSet.\n\nAllowed characters are alphanumeric, whitespace, dash (-), and underscores (_).", "title": "Name", "type": "string" }, "Tags": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::GuardDuty::IPSet.TagItem" }, - "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", + "markdownDescription": "The tags to be added to a new IP set resource. Each tag consists of a key and an optional value, both of which you define.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" - }, - "TaskDefinitionType": { - "markdownDescription": "A filter to list only the wireless gateway task definitions that use this task definition type.", - "title": "TaskDefinitionType", - "type": "string" - }, - "Update": { - "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.UpdateWirelessGatewayTaskCreate", - "markdownDescription": "Information about the gateways to update.", - "title": "Update" } }, "required": [ - "AutoCreateTasks" + "Format", + "Location" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTWireless::TaskDefinition" + "AWS::GuardDuty::IPSet" ], "type": "string" }, @@ -132777,91 +137657,27 @@ ], "type": "object" }, - "AWS::IoTWireless::TaskDefinition.LoRaWANGatewayVersion": { - "additionalProperties": false, - "properties": { - "Model": { - "markdownDescription": "The model number of the wireless gateway.", - "title": "Model", - "type": "string" - }, - "PackageVersion": { - "markdownDescription": "The version of the wireless gateway firmware.", - "title": "PackageVersion", - "type": "string" - }, - "Station": { - "markdownDescription": "The basic station version of the wireless gateway.", - "title": "Station", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoTWireless::TaskDefinition.LoRaWANUpdateGatewayTaskCreate": { - "additionalProperties": false, - "properties": { - "CurrentVersion": { - "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.LoRaWANGatewayVersion", - "markdownDescription": "The version of the gateways that should receive the update.", - "title": "CurrentVersion" - }, - "SigKeyCrc": { - "markdownDescription": "The CRC of the signature private key to check.", - "title": "SigKeyCrc", - "type": "number" - }, - "UpdateSignature": { - "markdownDescription": "The signature used to verify the update firmware.", - "title": "UpdateSignature", - "type": "string" - }, - "UpdateVersion": { - "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.LoRaWANGatewayVersion", - "markdownDescription": "The firmware version to update the gateway to.", - "title": "UpdateVersion" - } - }, - "type": "object" - }, - "AWS::IoTWireless::TaskDefinition.LoRaWANUpdateGatewayTaskEntry": { - "additionalProperties": false, - "properties": { - "CurrentVersion": { - "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.LoRaWANGatewayVersion", - "markdownDescription": "The version of the gateways that should receive the update.", - "title": "CurrentVersion" - }, - "UpdateVersion": { - "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.LoRaWANGatewayVersion", - "markdownDescription": "The firmware version to update the gateway to.", - "title": "UpdateVersion" - } - }, - "type": "object" - }, - "AWS::IoTWireless::TaskDefinition.UpdateWirelessGatewayTaskCreate": { + "AWS::GuardDuty::IPSet.TagItem": { "additionalProperties": false, "properties": { - "LoRaWAN": { - "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.LoRaWANUpdateGatewayTaskCreate", - "markdownDescription": "The properties that relate to the LoRaWAN wireless gateway.", - "title": "LoRaWAN" - }, - "UpdateDataRole": { - "markdownDescription": "The IAM role used to read data from the S3 bucket.", - "title": "UpdateDataRole", + "Key": { + "markdownDescription": "The tag key.", + "title": "Key", "type": "string" }, - "UpdateDataSource": { - "markdownDescription": "The link to the S3 bucket.", - "title": "UpdateDataSource", + "Value": { + "markdownDescription": "The tag value.", + "title": "Value", "type": "string" } }, + "required": [ + "Key", + "Value" + ], "type": "object" }, - "AWS::IoTWireless::WirelessDevice": { + "AWS::GuardDuty::MalwareProtectionPlan": { "additionalProperties": false, "properties": { "Condition": { @@ -132896,64 +137712,39 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the new resource. Maximum length is 2048.", - "title": "Description", - "type": "string" - }, - "DestinationName": { - "markdownDescription": "The name of the destination to assign to the new wireless device. Can have only have alphanumeric, - (hyphen) and _ (underscore) characters and it can't have any spaces.", - "title": "DestinationName", - "type": "string" - }, - "LastUplinkReceivedAt": { - "markdownDescription": "The date and time when the most recent uplink was received.", - "title": "LastUplinkReceivedAt", - "type": "string" - }, - "LoRaWAN": { - "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.LoRaWANDevice", - "markdownDescription": "The device configuration information to use to create the wireless device. Must be at least one of OtaaV10x, OtaaV11, AbpV11, or AbpV10x.", - "title": "LoRaWAN" + "Actions": { + "$ref": "#/definitions/AWS::GuardDuty::MalwareProtectionPlan.CFNActions", + "markdownDescription": "Specifies the action that is to be applied to the Malware Protection plan resource.", + "title": "Actions" }, - "Name": { - "markdownDescription": "The name of the new resource.", - "title": "Name", - "type": "string" + "ProtectedResource": { + "$ref": "#/definitions/AWS::GuardDuty::MalwareProtectionPlan.CFNProtectedResource", + "markdownDescription": "Information about the protected resource. Presently, `S3Bucket` is the only supported protected resource.", + "title": "ProtectedResource" }, - "Positioning": { - "markdownDescription": "FPort values for the GNSS, Stream, and ClockSync functions of the positioning information.", - "title": "Positioning", + "Role": { + "markdownDescription": "Amazon Resource Name (ARN) of the IAM role that includes the permissions required to scan and (optionally) add tags to the associated protected resource.\n\nTo find the ARN of your IAM role, go to the IAM console, and select the role name for details.", + "title": "Role", "type": "string" }, "Tags": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::GuardDuty::MalwareProtectionPlan.TagItem" }, - "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", + "markdownDescription": "The tags to be added to the created Malware Protection plan resource. Each tag consists of a key and an optional value, both of which you need to specify.", "title": "Tags", "type": "array" - }, - "ThingArn": { - "markdownDescription": "The ARN of the thing to associate with the wireless device.", - "title": "ThingArn", - "type": "string" - }, - "Type": { - "markdownDescription": "The wireless device type.", - "title": "Type", - "type": "string" } }, "required": [ - "DestinationName", - "Type" + "ProtectedResource", + "Role" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTWireless::WirelessDevice" + "AWS::GuardDuty::MalwareProtectionPlan" ], "type": "string" }, @@ -132972,226 +137763,98 @@ ], "type": "object" }, - "AWS::IoTWireless::WirelessDevice.AbpV10x": { + "AWS::GuardDuty::MalwareProtectionPlan.CFNActions": { "additionalProperties": false, "properties": { - "DevAddr": { - "markdownDescription": "The DevAddr value.", - "title": "DevAddr", - "type": "string" - }, - "SessionKeys": { - "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.SessionKeysAbpV10x", - "markdownDescription": "Session keys for ABP v1.0.x.", - "title": "SessionKeys" + "Tagging": { + "$ref": "#/definitions/AWS::GuardDuty::MalwareProtectionPlan.CFNTagging", + "markdownDescription": "Contains information about tagging status of the Malware Protection plan resource.", + "title": "Tagging" } }, - "required": [ - "DevAddr", - "SessionKeys" - ], "type": "object" }, - "AWS::IoTWireless::WirelessDevice.AbpV11": { + "AWS::GuardDuty::MalwareProtectionPlan.CFNProtectedResource": { "additionalProperties": false, "properties": { - "DevAddr": { - "markdownDescription": "The DevAddr value.", - "title": "DevAddr", - "type": "string" - }, - "SessionKeys": { - "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.SessionKeysAbpV11", - "markdownDescription": "Session keys for ABP v1.1.", - "title": "SessionKeys" + "S3Bucket": { + "$ref": "#/definitions/AWS::GuardDuty::MalwareProtectionPlan.S3Bucket", + "markdownDescription": "Information about the protected S3 bucket resource.", + "title": "S3Bucket" } }, "required": [ - "DevAddr", - "SessionKeys" + "S3Bucket" ], "type": "object" }, - "AWS::IoTWireless::WirelessDevice.Application": { - "additionalProperties": false, - "properties": { - "DestinationName": { - "markdownDescription": "The name of the position data destination that describes the IoT rule that processes the device's position data.", - "title": "DestinationName", - "type": "string" - }, - "FPort": { - "markdownDescription": "The name of the new destination for the device.", - "title": "FPort", - "type": "number" - }, - "Type": { - "markdownDescription": "Application type, which can be specified to obtain real-time position information of your LoRaWAN device.", - "title": "Type", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoTWireless::WirelessDevice.FPorts": { - "additionalProperties": false, - "properties": { - "Applications": { - "items": { - "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.Application" - }, - "markdownDescription": "LoRaWAN application configuration, which can be used to perform geolocation.", - "title": "Applications", - "type": "array" - } - }, - "type": "object" - }, - "AWS::IoTWireless::WirelessDevice.LoRaWANDevice": { - "additionalProperties": false, - "properties": { - "AbpV10x": { - "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.AbpV10x", - "markdownDescription": "ABP device object for LoRaWAN specification v1.0.x.", - "title": "AbpV10x" - }, - "AbpV11": { - "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.AbpV11", - "markdownDescription": "ABP device object for create APIs for v1.1.", - "title": "AbpV11" - }, - "DevEui": { - "markdownDescription": "The DevEUI value.", - "title": "DevEui", - "type": "string" - }, - "DeviceProfileId": { - "markdownDescription": "The ID of the device profile for the new wireless device.", - "title": "DeviceProfileId", - "type": "string" - }, - "FPorts": { - "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.FPorts", - "markdownDescription": "List of FPort assigned for different LoRaWAN application packages to use.", - "title": "FPorts" - }, - "OtaaV10x": { - "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.OtaaV10x", - "markdownDescription": "OTAA device object for create APIs for v1.0.x", - "title": "OtaaV10x" - }, - "OtaaV11": { - "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.OtaaV11", - "markdownDescription": "OTAA device object for v1.1 for create APIs.", - "title": "OtaaV11" - }, - "ServiceProfileId": { - "markdownDescription": "The ID of the service profile.", - "title": "ServiceProfileId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoTWireless::WirelessDevice.OtaaV10x": { + "AWS::GuardDuty::MalwareProtectionPlan.CFNStatusReasons": { "additionalProperties": false, "properties": { - "AppEui": { - "markdownDescription": "The AppEUI value. You specify this value when using LoRaWAN versions v1.0.2 or v1.0.3.", - "title": "AppEui", + "Code": { + "markdownDescription": "The status code of the Malware Protection plan. For more information, see [Malware Protection plan resource status](https://docs.aws.amazon.com/guardduty/latest/ug/malware-protection-s3-bucket-status-gdu.html) in the *GuardDuty User Guide* .", + "title": "Code", "type": "string" }, - "AppKey": { - "markdownDescription": "The AppKey value.", - "title": "AppKey", + "Message": { + "markdownDescription": "Issue message that specifies the reason. For information about potential troubleshooting steps, see [Troubleshooting Malware Protection for S3 status issues](https://docs.aws.amazon.com/guardduty/latest/ug/troubleshoot-s3-malware-protection-status-errors.html) in the *Amazon GuardDuty User Guide* .", + "title": "Message", "type": "string" } }, - "required": [ - "AppEui", - "AppKey" - ], "type": "object" }, - "AWS::IoTWireless::WirelessDevice.OtaaV11": { + "AWS::GuardDuty::MalwareProtectionPlan.CFNTagging": { "additionalProperties": false, "properties": { - "AppKey": { - "markdownDescription": "The AppKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the AppKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", - "title": "AppKey", - "type": "string" - }, - "JoinEui": { - "markdownDescription": "The JoinEUI value.", - "title": "JoinEui", - "type": "string" - }, - "NwkKey": { - "markdownDescription": "The NwkKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the NwkKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", - "title": "NwkKey", + "Status": { + "markdownDescription": "Indicates whether or not you chose GuardDuty to add a predefined tag to the scanned S3 object.\n\nPotential values include `ENABLED` and `DISABLED` . These values are case-sensitive.", + "title": "Status", "type": "string" } }, - "required": [ - "AppKey", - "JoinEui", - "NwkKey" - ], "type": "object" }, - "AWS::IoTWireless::WirelessDevice.SessionKeysAbpV10x": { + "AWS::GuardDuty::MalwareProtectionPlan.S3Bucket": { "additionalProperties": false, "properties": { - "AppSKey": { - "markdownDescription": "The AppSKey value.", - "title": "AppSKey", + "BucketName": { + "markdownDescription": "Name of the S3 bucket.", + "title": "BucketName", "type": "string" }, - "NwkSKey": { - "markdownDescription": "The NwkKey value.", - "title": "NwkSKey", - "type": "string" + "ObjectPrefixes": { + "items": { + "type": "string" + }, + "markdownDescription": "Information about the specified object prefixes. An S3 object will be scanned only if it belongs to any of the specified object prefixes.", + "title": "ObjectPrefixes", + "type": "array" } }, - "required": [ - "AppSKey", - "NwkSKey" - ], "type": "object" }, - "AWS::IoTWireless::WirelessDevice.SessionKeysAbpV11": { + "AWS::GuardDuty::MalwareProtectionPlan.TagItem": { "additionalProperties": false, "properties": { - "AppSKey": { - "markdownDescription": "The AppSKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the AppSKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", - "title": "AppSKey", - "type": "string" - }, - "FNwkSIntKey": { - "markdownDescription": "The FNwkSIntKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the FNwkSIntKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", - "title": "FNwkSIntKey", - "type": "string" - }, - "NwkSEncKey": { - "markdownDescription": "The NwkSEncKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the NwkSEncKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", - "title": "NwkSEncKey", + "Key": { + "markdownDescription": "The tag key.", + "title": "Key", "type": "string" }, - "SNwkSIntKey": { - "markdownDescription": "The SNwkSIntKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the SNwkSIntKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", - "title": "SNwkSIntKey", + "Value": { + "markdownDescription": "The tag value.", + "title": "Value", "type": "string" } }, "required": [ - "AppSKey", - "FNwkSIntKey", - "NwkSEncKey", - "SNwkSIntKey" + "Key", + "Value" ], "type": "object" }, - "AWS::IoTWireless::WirelessDeviceImportTask": { + "AWS::GuardDuty::Master": { "additionalProperties": false, "properties": { "Condition": { @@ -133226,34 +137889,31 @@ "Properties": { "additionalProperties": false, "properties": { - "DestinationName": { - "markdownDescription": "The name of the destination that describes the IoT rule to route messages from the Sidewalk devices in the import task to other applications.", - "title": "DestinationName", + "DetectorId": { + "markdownDescription": "The unique ID of the detector of the GuardDuty member account.\n\nTo find the `detectorId` in the current Region, see the\nSettings page in the GuardDuty console, or run the [ListDetectors](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListDetectors.html) API.", + "title": "DetectorId", "type": "string" }, - "Sidewalk": { - "$ref": "#/definitions/AWS::IoTWireless::WirelessDeviceImportTask.Sidewalk", - "markdownDescription": "The Sidewalk-related information of the wireless device import task.", - "title": "Sidewalk" + "InvitationId": { + "markdownDescription": "The ID of the invitation that is sent to the account designated as a member account. You can find the invitation ID by running the [ListInvitations](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListInvitations.html) in the *GuardDuty API Reference* .", + "title": "InvitationId", + "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Adds to or modifies the tags of the given resource. Tags are metadata that you can use to manage a resource.", - "title": "Tags", - "type": "array" + "MasterId": { + "markdownDescription": "The AWS account ID of the account designated as the GuardDuty administrator account.", + "title": "MasterId", + "type": "string" } }, "required": [ - "DestinationName", - "Sidewalk" + "DetectorId", + "MasterId" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTWireless::WirelessDeviceImportTask" + "AWS::GuardDuty::Master" ], "type": "string" }, @@ -133272,36 +137932,7 @@ ], "type": "object" }, - "AWS::IoTWireless::WirelessDeviceImportTask.Sidewalk": { - "additionalProperties": false, - "properties": { - "DeviceCreationFile": { - "markdownDescription": "The CSV file contained in an S3 bucket that's used for adding devices to an import task.", - "title": "DeviceCreationFile", - "type": "string" - }, - "DeviceCreationFileList": { - "items": { - "type": "string" - }, - "markdownDescription": "List of Sidewalk devices that are added to the import task.", - "title": "DeviceCreationFileList", - "type": "array" - }, - "Role": { - "markdownDescription": "The IAM role that allows to access the CSV file in the S3 bucket.", - "title": "Role", - "type": "string" - }, - "SidewalkManufacturingSn": { - "markdownDescription": "The Sidewalk manufacturing serial number (SMSN) of the Sidewalk device.", - "title": "SidewalkManufacturingSn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoTWireless::WirelessGateway": { + "AWS::GuardDuty::Member": { "additionalProperties": false, "properties": { "Condition": { @@ -133336,53 +137967,45 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the new resource. The maximum length is 2048 characters.", - "title": "Description", + "DetectorId": { + "markdownDescription": "The ID of the detector associated with the GuardDuty service to add the member to.", + "title": "DetectorId", "type": "string" }, - "LastUplinkReceivedAt": { - "markdownDescription": "The date and time when the most recent uplink was received.", - "title": "LastUplinkReceivedAt", + "DisableEmailNotification": { + "markdownDescription": "Specifies whether or not to disable email notification for the member account that you invite.", + "title": "DisableEmailNotification", + "type": "boolean" + }, + "Email": { + "markdownDescription": "The email address associated with the member account.", + "title": "Email", "type": "string" }, - "LoRaWAN": { - "$ref": "#/definitions/AWS::IoTWireless::WirelessGateway.LoRaWANGateway", - "markdownDescription": "The gateway configuration information to use to create the wireless gateway.", - "title": "LoRaWAN" - }, - "Name": { - "markdownDescription": "The name of the new resource.", - "title": "Name", + "MemberId": { + "markdownDescription": "The AWS account ID of the account to designate as a member.", + "title": "MemberId", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", - "title": "Tags", - "type": "array" - }, - "ThingArn": { - "markdownDescription": "The ARN of the thing to associate with the wireless gateway.", - "title": "ThingArn", + "Message": { + "markdownDescription": "The invitation message that you want to send to the accounts that you're inviting to GuardDuty as members.", + "title": "Message", "type": "string" }, - "ThingName": { - "markdownDescription": "The name of the thing associated with the wireless gateway. The value is empty if a thing isn't associated with the gateway.", - "title": "ThingName", + "Status": { + "markdownDescription": "You can use the `Status` property to update the status of the relationship between the member account and its administrator account. Valid values are `Created` and `Invited` when using an `AWS::GuardDuty::Member` resource. If the value for this property is not provided or set to `Created` , a member account is created but not invited. If the value of this property is set to `Invited` , a member account is created and invited.", + "title": "Status", "type": "string" } }, "required": [ - "LoRaWAN" + "Email" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTWireless::WirelessGateway" + "AWS::GuardDuty::Member" ], "type": "string" }, @@ -133401,27 +138024,7 @@ ], "type": "object" }, - "AWS::IoTWireless::WirelessGateway.LoRaWANGateway": { - "additionalProperties": false, - "properties": { - "GatewayEui": { - "markdownDescription": "The gateway's EUI value.", - "title": "GatewayEui", - "type": "string" - }, - "RfRegion": { - "markdownDescription": "The frequency band (RFRegion) value.", - "title": "RfRegion", - "type": "string" - } - }, - "required": [ - "GatewayEui", - "RfRegion" - ], - "type": "object" - }, - "AWS::KMS::Alias": { + "AWS::GuardDuty::PublishingDestination": { "additionalProperties": false, "properties": { "Condition": { @@ -133456,26 +138059,40 @@ "Properties": { "additionalProperties": false, "properties": { - "AliasName": { - "markdownDescription": "Specifies the alias name. This value must begin with `alias/` followed by a name, such as `alias/ExampleAlias` .\n\n> If you change the value of the `AliasName` property, the existing alias is deleted and a new alias is created for the specified KMS key. This change can disrupt applications that use the alias. It can also allow or deny access to a KMS key affected by attribute-based access control (ABAC). \n\nThe alias must be string of 1-256 characters. It can contain only alphanumeric characters, forward slashes (/), underscores (_), and dashes (-). The alias name cannot begin with `alias/aws/` . The `alias/aws/` prefix is reserved for [AWS managed keys](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk) .", - "title": "AliasName", + "DestinationProperties": { + "$ref": "#/definitions/AWS::GuardDuty::PublishingDestination.CFNDestinationProperties", + "markdownDescription": "Contains the Amazon Resource Name (ARN) of the resource to publish to, such as an S3 bucket, and the ARN of the KMS key to use to encrypt published findings.", + "title": "DestinationProperties" + }, + "DestinationType": { + "markdownDescription": "The type of publishing destination. GuardDuty supports Amazon S3 buckets as a publishing destination.", + "title": "DestinationType", "type": "string" }, - "TargetKeyId": { - "markdownDescription": "Associates the alias with the specified [customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk) . The KMS key must be in the same AWS account and Region.\n\nA valid key ID is required. If you supply a null or empty string value, this operation returns an error.\n\nFor help finding the key ID and ARN, see [Finding the key ID and ARN](https://docs.aws.amazon.com/kms/latest/developerguide/viewing-keys.html#find-cmk-id-arn) in the *AWS Key Management Service Developer Guide* .\n\nSpecify the key ID or the key ARN of the KMS key.\n\nFor example:\n\n- Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key ARN: `arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n\nTo get the key ID and key ARN for a KMS key, use [ListKeys](https://docs.aws.amazon.com/kms/latest/APIReference/API_ListKeys.html) or [DescribeKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_DescribeKey.html) .", - "title": "TargetKeyId", + "DetectorId": { + "markdownDescription": "The ID of the GuardDuty detector where the publishing destination exists.", + "title": "DetectorId", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::GuardDuty::PublishingDestination.TagItem" + }, + "markdownDescription": "Describes a tag.", + "title": "Tags", + "type": "array" } }, "required": [ - "AliasName", - "TargetKeyId" + "DestinationProperties", + "DestinationType", + "DetectorId" ], "type": "object" }, "Type": { "enum": [ - "AWS::KMS::Alias" + "AWS::GuardDuty::PublishingDestination" ], "type": "string" }, @@ -133494,7 +138111,43 @@ ], "type": "object" }, - "AWS::KMS::Key": { + "AWS::GuardDuty::PublishingDestination.CFNDestinationProperties": { + "additionalProperties": false, + "properties": { + "DestinationArn": { + "markdownDescription": "The ARN of the resource where the findings are published.", + "title": "DestinationArn", + "type": "string" + }, + "KmsKeyArn": { + "markdownDescription": "The ARN of the KMS key to use for encryption.", + "title": "KmsKeyArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::GuardDuty::PublishingDestination.TagItem": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The tag key.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The tag value.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::GuardDuty::ThreatIntelSet": { "additionalProperties": false, "properties": { "Condition": { @@ -133529,75 +138182,54 @@ "Properties": { "additionalProperties": false, "properties": { - "BypassPolicyLockoutSafetyCheck": { - "markdownDescription": "Skips (\"bypasses\") the key policy lockout safety check. The default value is false.\n\n> Setting this value to true increases the risk that the KMS key becomes unmanageable. Do not set this value to true indiscriminately.\n> \n> For more information, see [Default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policy-default.html#prevent-unmanageable-key) in the *AWS Key Management Service Developer Guide* . \n\nUse this parameter only when you intend to prevent the principal that is making the request from making a subsequent [PutKeyPolicy](https://docs.aws.amazon.com/kms/latest/APIReference/API_PutKeyPolicy.html) request on the KMS key.", - "title": "BypassPolicyLockoutSafetyCheck", + "Activate": { + "markdownDescription": "A Boolean value that indicates whether GuardDuty is to start using the uploaded ThreatIntelSet.", + "title": "Activate", "type": "boolean" }, - "Description": { - "markdownDescription": "A description of the KMS key. Use a description that helps you to distinguish this KMS key from others in the account, such as its intended use.", - "title": "Description", + "DetectorId": { + "markdownDescription": "The unique ID of the detector of the GuardDuty account for which you want to create a `ThreatIntelSet` .\n\nTo find the `detectorId` in the current Region, see the\nSettings page in the GuardDuty console, or run the [ListDetectors](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListDetectors.html) API.", + "title": "DetectorId", "type": "string" }, - "EnableKeyRotation": { - "markdownDescription": "Enables automatic rotation of the key material for the specified KMS key. By default, automatic key rotation is not enabled.\n\nAWS KMS supports automatic rotation only for symmetric encryption KMS keys ( `KeySpec` = `SYMMETRIC_DEFAULT` ). For asymmetric KMS keys, HMAC KMS keys, and KMS keys with Origin `EXTERNAL` , omit the `EnableKeyRotation` property or set it to `false` .\n\nTo enable automatic key rotation of the key material for a multi-Region KMS key, set `EnableKeyRotation` to `true` on the primary key (created by using `AWS::KMS::Key` ). AWS KMS copies the rotation status to all replica keys. For details, see [Rotating multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-manage.html#multi-region-rotate) in the *AWS Key Management Service Developer Guide* .\n\nWhen you enable automatic rotation, AWS KMS automatically creates new key material for the KMS key one year after the enable date and every year thereafter. AWS KMS retains all key material until you delete the KMS key. For detailed information about automatic key rotation, see [Rotating KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html) in the *AWS Key Management Service Developer Guide* .", - "title": "EnableKeyRotation", - "type": "boolean" - }, - "Enabled": { - "markdownDescription": "Specifies whether the KMS key is enabled. Disabled KMS keys cannot be used in cryptographic operations.\n\nWhen `Enabled` is `true` , the *key state* of the KMS key is `Enabled` . When `Enabled` is `false` , the key state of the KMS key is `Disabled` . The default value is `true` .\n\nThe actual key state of the KMS key might be affected by actions taken outside of CloudFormation, such as running the [EnableKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_EnableKey.html) , [DisableKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_DisableKey.html) , or [ScheduleKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_ScheduleKeyDeletion.html) operations.\n\nFor information about the key states of a KMS key, see [Key state: Effect on your KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) in the *AWS Key Management Service Developer Guide* .", - "title": "Enabled", - "type": "boolean" - }, - "KeyPolicy": { - "markdownDescription": "The key policy to attach to the KMS key.\n\nIf you provide a key policy, it must meet the following criteria:\n\n- The key policy must allow the caller to make a subsequent [PutKeyPolicy](https://docs.aws.amazon.com/kms/latest/APIReference/API_PutKeyPolicy.html) request on the KMS key. This reduces the risk that the KMS key becomes unmanageable. For more information, see [Default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) in the *AWS Key Management Service Developer Guide* . (To omit this condition, set `BypassPolicyLockoutSafetyCheck` to true.)\n- Each statement in the key policy must contain one or more principals. The principals in the key policy must exist and be visible to AWS KMS . When you create a new AWS principal (for example, an IAM user or role), you might need to enforce a delay before including the new principal in a key policy because the new principal might not be immediately visible to AWS KMS . For more information, see [Changes that I make are not always immediately visible](https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency) in the *AWS Identity and Access Management User Guide* .\n\nIf you do not provide a key policy, AWS KMS attaches a default key policy to the KMS key. For more information, see [Default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default) in the *AWS Key Management Service Developer Guide* .\n\nA key policy document can include only the following characters:\n\n- Printable ASCII characters\n- Printable characters in the Basic Latin and Latin-1 Supplement character set\n- The tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` ) special characters\n\n*Minimum* : `1`\n\n*Maximum* : `32768`", - "title": "KeyPolicy", - "type": "object" - }, - "KeySpec": { - "markdownDescription": "Specifies the type of KMS key to create. The default value, `SYMMETRIC_DEFAULT` , creates a KMS key with a 256-bit symmetric key for encryption and decryption. In China Regions, `SYMMETRIC_DEFAULT` creates a 128-bit symmetric key that uses SM4 encryption. You can't change the `KeySpec` value after the KMS key is created. For help choosing a key spec for your KMS key, see [Choosing a KMS key type](https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-choose.html) in the *AWS Key Management Service Developer Guide* .\n\nThe `KeySpec` property determines the type of key material in the KMS key and the algorithms that the KMS key supports. To further restrict the algorithms that can be used with the KMS key, use a condition key in its key policy or IAM policy. For more information, see [AWS KMS condition keys](https://docs.aws.amazon.com/kms/latest/developerguide/policy-conditions.html#conditions-kms) in the *AWS Key Management Service Developer Guide* .\n\n> If you change the value of the `KeySpec` property on an existing KMS key, the update request fails, regardless of the value of the [`UpdateReplacePolicy` attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html) . This prevents you from accidentally deleting a KMS key by changing an immutable property value. > [AWS services that are integrated with AWS KMS](https://docs.aws.amazon.com/kms/features/#AWS_Service_Integration) use symmetric encryption KMS keys to protect your data. These services do not support encryption with asymmetric KMS keys. For help determining whether a KMS key is asymmetric, see [Identifying asymmetric KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/find-symm-asymm.html) in the *AWS Key Management Service Developer Guide* . \n\nAWS KMS supports the following key specs for KMS keys:\n\n- Symmetric encryption key (default)\n\n- `SYMMETRIC_DEFAULT` (AES-256-GCM)\n- HMAC keys (symmetric)\n\n- `HMAC_224`\n- `HMAC_256`\n- `HMAC_384`\n- `HMAC_512`\n- Asymmetric RSA key pairs (encryption and decryption *or* signing and verification)\n\n- `RSA_2048`\n- `RSA_3072`\n- `RSA_4096`\n- Asymmetric NIST-recommended elliptic curve key pairs (signing and verification *or* deriving shared secrets)\n\n- `ECC_NIST_P256` (secp256r1)\n- `ECC_NIST_P384` (secp384r1)\n- `ECC_NIST_P521` (secp521r1)\n- Other asymmetric elliptic curve key pairs (signing and verification)\n\n- `ECC_SECG_P256K1` (secp256k1), commonly used for cryptocurrencies.\n- SM2 key pairs (encryption and decryption *or* signing and verification *or* deriving shared secrets)\n\n- `SM2` (China Regions only)", - "title": "KeySpec", + "ExpectedBucketOwner": { + "markdownDescription": "The AWS account ID that owns the Amazon S3 bucket specified in the *Location* field.\n\nWhen you provide this account ID, GuardDuty will validate that the S3 bucket belongs to this account. If you don't specify an account ID owner, GuardDuty doesn't perform any validation.", + "title": "ExpectedBucketOwner", "type": "string" }, - "KeyUsage": { - "markdownDescription": "Determines the [cryptographic operations](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations) for which you can use the KMS key. The default value is `ENCRYPT_DECRYPT` . This property is required for asymmetric KMS keys and HMAC KMS keys. You can't change the `KeyUsage` value after the KMS key is created.\n\n> If you change the value of the `KeyUsage` property on an existing KMS key, the update request fails, regardless of the value of the [`UpdateReplacePolicy` attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html) . This prevents you from accidentally deleting a KMS key by changing an immutable property value. \n\nSelect only one valid value.\n\n- For symmetric encryption KMS keys, omit the parameter or specify `ENCRYPT_DECRYPT` .\n- For HMAC KMS keys (symmetric), specify `GENERATE_VERIFY_MAC` .\n- For asymmetric KMS keys with RSA key pairs, specify `ENCRYPT_DECRYPT` or `SIGN_VERIFY` .\n- For asymmetric KMS keys with NIST-recommended elliptic curve key pairs, specify `SIGN_VERIFY` or `KEY_AGREEMENT` .\n- For asymmetric KMS keys with `ECC_SECG_P256K1` key pairs specify `SIGN_VERIFY` .\n- For asymmetric KMS keys with SM2 key pairs (China Regions only), specify `ENCRYPT_DECRYPT` , `SIGN_VERIFY` , or `KEY_AGREEMENT` .", - "title": "KeyUsage", + "Format": { + "markdownDescription": "The format of the file that contains the ThreatIntelSet.", + "title": "Format", "type": "string" }, - "MultiRegion": { - "markdownDescription": "Creates a multi-Region primary key that you can replicate in other AWS Regions . You can't change the `MultiRegion` value after the KMS key is created.\n\nFor a list of AWS Regions in which multi-Region keys are supported, see [Multi-Region keys in AWS KMS](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the ** .\n\n> If you change the value of the `MultiRegion` property on an existing KMS key, the update request fails, regardless of the value of the [`UpdateReplacePolicy` attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html) . This prevents you from accidentally deleting a KMS key by changing an immutable property value. \n\nFor a multi-Region key, set to this property to `true` . For a single-Region key, omit this property or set it to `false` . The default value is `false` .\n\n*Multi-Region keys* are an AWS KMS feature that lets you create multiple interoperable KMS keys in different AWS Regions . Because these KMS keys have the same key ID, key material, and other metadata, you can use them to encrypt data in one AWS Region and decrypt it in a different AWS Region without making a cross-Region call or exposing the plaintext data. For more information, see [Multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the *AWS Key Management Service Developer Guide* .\n\nYou can create a symmetric encryption, HMAC, or asymmetric multi-Region KMS key, and you can create a multi-Region key with imported key material. However, you cannot create a multi-Region key in a custom key store.\n\nTo create a replica of this primary key in a different AWS Region , create an [AWS::KMS::ReplicaKey](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kms-replicakey.html) resource in a CloudFormation stack in the replica Region. Specify the key ARN of this primary key.", - "title": "MultiRegion", - "type": "boolean" - }, - "Origin": { - "markdownDescription": "The source of the key material for the KMS key. You cannot change the origin after you create the KMS key. The default is `AWS_KMS` , which means that AWS KMS creates the key material.\n\nTo [create a KMS key with no key material](https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys-create-cmk.html) (for imported key material), set this value to `EXTERNAL` . For more information about importing key material into AWS KMS , see [Importing Key Material](https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html) in the *AWS Key Management Service Developer Guide* .\n\nYou can ignore `ENABLED` when Origin is `EXTERNAL` . When a KMS key with Origin `EXTERNAL` is created, the key state is `PENDING_IMPORT` and `ENABLED` is `false` . After you import the key material, `ENABLED` updated to `true` . The KMS key can then be used for Cryptographic Operations.\n\n> AWS CloudFormation doesn't support creating an `Origin` parameter of the `AWS_CLOUDHSM` or `EXTERNAL_KEY_STORE` values.", - "title": "Origin", + "Location": { + "markdownDescription": "The URI of the file that contains the ThreatIntelSet.", + "title": "Location", "type": "string" }, - "PendingWindowInDays": { - "markdownDescription": "Specifies the number of days in the waiting period before AWS KMS deletes a KMS key that has been removed from a CloudFormation stack. Enter a value between 7 and 30 days. The default value is 30 days.\n\nWhen you remove a KMS key from a CloudFormation stack, AWS KMS schedules the KMS key for deletion and starts the mandatory waiting period. The `PendingWindowInDays` property determines the length of waiting period. During the waiting period, the key state of KMS key is `Pending Deletion` or `Pending Replica Deletion` , which prevents the KMS key from being used in cryptographic operations. When the waiting period expires, AWS KMS permanently deletes the KMS key.\n\nAWS KMS will not delete a [multi-Region primary key](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) that has replica keys. If you remove a multi-Region primary key from a CloudFormation stack, its key state changes to `PendingReplicaDeletion` so it cannot be replicated or used in cryptographic operations. This state can persist indefinitely. When the last of its replica keys is deleted, the key state of the primary key changes to `PendingDeletion` and the waiting period specified by `PendingWindowInDays` begins. When this waiting period expires, AWS KMS deletes the primary key. For details, see [Deleting multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-delete.html) in the *AWS Key Management Service Developer Guide* .\n\nYou cannot use a CloudFormation template to cancel deletion of the KMS key after you remove it from the stack, regardless of the waiting period. If you specify a KMS key in your template, even one with the same name, CloudFormation creates a new KMS key. To cancel deletion of a KMS key, use the AWS KMS console or the [CancelKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_CancelKeyDeletion.html) operation.\n\nFor information about the `Pending Deletion` and `Pending Replica Deletion` key states, see [Key state: Effect on your KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) in the *AWS Key Management Service Developer Guide* . For more information about deleting KMS keys, see the [ScheduleKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_ScheduleKeyDeletion.html) operation in the *AWS Key Management Service API Reference* and [Deleting KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/deleting-keys.html) in the *AWS Key Management Service Developer Guide* .", - "title": "PendingWindowInDays", - "type": "number" - }, - "RotationPeriodInDays": { - "markdownDescription": "Specifies a custom period of time between each rotation date. If no value is specified, the default value is 365 days.\n\nThe rotation period defines the number of days after you enable automatic key rotation that AWS KMS will rotate your key material, and the number of days between each automatic rotation thereafter.\n\nYou can use the [`kms:RotationPeriodInDays`](https://docs.aws.amazon.com/kms/latest/developerguide/conditions-kms.html#conditions-kms-rotation-period-in-days) condition key to further constrain the values that principals can specify in the `RotationPeriodInDays` parameter.\n\nFor more information about rotating KMS keys and automatic rotation, see [Rotating keys](https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html) in the *AWS Key Management Service Developer Guide* .", - "title": "RotationPeriodInDays", - "type": "number" + "Name": { + "markdownDescription": "A user-friendly ThreatIntelSet name displayed in all findings that are generated by activity that involves IP addresses included in this ThreatIntelSet.", + "title": "Name", + "type": "string" }, "Tags": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::GuardDuty::ThreatIntelSet.TagItem" }, - "markdownDescription": "Assigns one or more tags to the replica key.\n\n> Tagging or untagging a KMS key can allow or deny permission to the KMS key. For details, see [ABAC for AWS KMS](https://docs.aws.amazon.com/kms/latest/developerguide/abac.html) in the *AWS Key Management Service Developer Guide* . \n\nFor information about tags in AWS KMS , see [Tagging keys](https://docs.aws.amazon.com/kms/latest/developerguide/tagging-keys.html) in the *AWS Key Management Service Developer Guide* . For information about tags in CloudFormation, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "The tags to be added to a new threat list resource. Each tag consists of a key and an optional value, both of which you define.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, + "required": [ + "Format", + "Location" + ], "type": "object" }, "Type": { "enum": [ - "AWS::KMS::Key" + "AWS::GuardDuty::ThreatIntelSet" ], "type": "string" }, @@ -133611,11 +138243,32 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::KMS::ReplicaKey": { + "AWS::GuardDuty::ThreatIntelSet.TagItem": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The tag key.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The tag value.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::HealthImaging::Datastore": { "additionalProperties": false, "properties": { "Condition": { @@ -133650,49 +138303,33 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the KMS key.\n\nThe default value is an empty string (no description).\n\nThe description is not a shared property of multi-Region keys. You can specify the same description or a different description for each key in a set of related multi-Region keys. AWS Key Management Service does not synchronize this property.", - "title": "Description", + "DatastoreName": { + "markdownDescription": "The data store name.", + "title": "DatastoreName", "type": "string" }, - "Enabled": { - "markdownDescription": "Specifies whether the replica key is enabled. Disabled KMS keys cannot be used in cryptographic operations.\n\nWhen `Enabled` is `true` , the *key state* of the KMS key is `Enabled` . When `Enabled` is `false` , the key state of the KMS key is `Disabled` . The default value is `true` .\n\nThe actual key state of the replica might be affected by actions taken outside of CloudFormation, such as running the [EnableKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_EnableKey.html) , [DisableKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_DisableKey.html) , or [ScheduleKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_ScheduleKeyDeletion.html) operations. Also, while the replica key is being created, its key state is `Creating` . When the process is complete, the key state of the replica key changes to `Enabled` .\n\nFor information about the key states of a KMS key, see [Key state: Effect on your KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) in the *AWS Key Management Service Developer Guide* .", - "title": "Enabled", - "type": "boolean" - }, - "KeyPolicy": { - "markdownDescription": "The key policy that authorizes use of the replica key.\n\nThe key policy is not a shared property of multi-Region keys. You can specify the same key policy or a different key policy for each key in a set of related multi-Region keys. AWS KMS does not synchronize this property.\n\nThe key policy must conform to the following rules.\n\n- The key policy must give the caller [PutKeyPolicy](https://docs.aws.amazon.com/kms/latest/APIReference/API_PutKeyPolicy.html) permission on the KMS key. This reduces the risk that the KMS key becomes unmanageable. For more information, refer to the scenario in the [Default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) section of the **AWS Key Management Service Developer Guide** .\n- Each statement in the key policy must contain one or more principals. The principals in the key policy must exist and be visible to AWS KMS . When you create a new AWS principal (for example, an IAM user or role), you might need to enforce a delay before including the new principal in a key policy because the new principal might not be immediately visible to AWS KMS . For more information, see [Changes that I make are not always immediately visible](https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency) in the *AWS Identity and Access Management User Guide* .\n\nA key policy document can include only the following characters:\n\n- Printable ASCII characters from the space character ( `\\u0020` ) through the end of the ASCII character range.\n- Printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` ).\n- The tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` ) special characters\n\n*Minimum* : `1`\n\n*Maximum* : `32768`", - "title": "KeyPolicy", - "type": "object" - }, - "PendingWindowInDays": { - "markdownDescription": "Specifies the number of days in the waiting period before AWS KMS deletes a replica key that has been removed from a CloudFormation stack. Enter a value between 7 and 30 days. The default value is 30 days.\n\nWhen you remove a replica key from a CloudFormation stack, AWS KMS schedules the replica key for deletion and starts the mandatory waiting period. The `PendingWindowInDays` property determines the length of waiting period. During the waiting period, the key state of replica key is `Pending Deletion` , which prevents it from being used in cryptographic operations. When the waiting period expires, AWS KMS permanently deletes the replica key.\n\nIf the KMS key is a multi-Region primary key with replica keys, the waiting period begins when the last of its replica keys is deleted. Otherwise, the waiting period begins immediately.\n\nYou cannot use a CloudFormation template to cancel deletion of the replica after you remove it from the stack, regardless of the waiting period. However, if you specify a replica key in your template that is based on the same primary key as the original replica key, CloudFormation creates a new replica key with the same key ID, key material, and other shared properties of the original replica key. This new replica key can decrypt ciphertext that was encrypted under the original replica key, or any related multi-Region key.\n\nFor detailed information about deleting multi-Region keys, see [Deleting multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-delete.html) in the *AWS Key Management Service Developer Guide* .\n\nFor information about the `PendingDeletion` key state, see [Key state: Effect on your KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) in the *AWS Key Management Service Developer Guide* . For more information about deleting KMS keys, see the [ScheduleKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_ScheduleKeyDeletion.html) operation in the *AWS Key Management Service API Reference* and [Deleting KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/deleting-keys.html) in the *AWS Key Management Service Developer Guide* .", - "title": "PendingWindowInDays", - "type": "number" - }, - "PrimaryKeyArn": { - "markdownDescription": "Specifies the multi-Region primary key to replicate. The primary key must be in a different AWS Region of the same AWS partition. You can create only one replica of a given primary key in each AWS Region .\n\n> If you change the `PrimaryKeyArn` value of a replica key, the existing replica key is scheduled for deletion and a new replica key is created based on the specified primary key. While it is scheduled for deletion, the existing replica key becomes unusable. You can cancel the scheduled deletion of the key outside of CloudFormation.\n> \n> However, if you inadvertently delete a replica key, you can decrypt ciphertext encrypted by that replica key by using any related multi-Region key. If necessary, you can recreate the replica in the same Region after the previous one is completely deleted. For details, see [Deleting multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-delete.html) in the *AWS Key Management Service Developer Guide* \n\nSpecify the key ARN of an existing multi-Region primary key. For example, `arn:aws:kms:us-east-2:111122223333:key/mrk-1234abcd12ab34cd56ef1234567890ab` .", - "title": "PrimaryKeyArn", + "KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) assigned to the Key Management Service (KMS) key for accessing encrypted data.", + "title": "KmsKeyArn", "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "The tags provided when creating a data store.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "Assigns one or more tags to the replica key.\n\n> Tagging or untagging a KMS key can allow or deny permission to the KMS key. For details, see [ABAC for AWS KMS](https://docs.aws.amazon.com/kms/latest/developerguide/abac.html) in the *AWS Key Management Service Developer Guide* . \n\nTags are not a shared property of multi-Region keys. You can specify the same tags or different tags for each key in a set of related multi-Region keys. AWS KMS does not synchronize this property.\n\nEach tag consists of a tag key and a tag value. Both the tag key and the tag value are required, but the tag value can be an empty (null) string. You cannot have more than one tag on a KMS key with the same tag key. If you specify an existing tag key with a different tag value, AWS KMS replaces the current tag value with the specified one.\n\nWhen you assign tags to an AWS resource, AWS generates a cost allocation report with usage and costs aggregated by tags. Tags can also be used to control access to a KMS key. For details, see [Tagging keys](https://docs.aws.amazon.com/kms/latest/developerguide/tagging-keys.html) .", "title": "Tags", - "type": "array" + "type": "object" } }, - "required": [ - "KeyPolicy", - "PrimaryKeyArn" - ], "type": "object" }, "Type": { "enum": [ - "AWS::KMS::ReplicaKey" + "AWS::HealthImaging::Datastore" ], "type": "string" }, @@ -133706,12 +138343,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::KafkaConnect::Connector": { + "AWS::HealthLake::FHIRDatastore": { "additionalProperties": false, "properties": { "Condition": { @@ -133746,100 +138382,48 @@ "Properties": { "additionalProperties": false, "properties": { - "Capacity": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.Capacity", - "markdownDescription": "The connector's compute capacity settings.", - "title": "Capacity" - }, - "ConnectorConfiguration": { - "additionalProperties": true, - "markdownDescription": "The configuration of the connector.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "ConnectorConfiguration", - "type": "object" - }, - "ConnectorDescription": { - "markdownDescription": "The description of the connector.", - "title": "ConnectorDescription", - "type": "string" - }, - "ConnectorName": { - "markdownDescription": "The name of the connector.\n\nThe connector name must be unique and can include up to 128 characters. Valid characters you can include in a connector name are: a-z, A-Z, 0-9, and -.", - "title": "ConnectorName", + "DatastoreName": { + "markdownDescription": "The data store name (user-generated).", + "title": "DatastoreName", "type": "string" }, - "KafkaCluster": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.KafkaCluster", - "markdownDescription": "The details of the Apache Kafka cluster to which the connector is connected.", - "title": "KafkaCluster" - }, - "KafkaClusterClientAuthentication": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.KafkaClusterClientAuthentication", - "markdownDescription": "The type of client authentication used to connect to the Apache Kafka cluster. The value is NONE when no client authentication is used.", - "title": "KafkaClusterClientAuthentication" - }, - "KafkaClusterEncryptionInTransit": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.KafkaClusterEncryptionInTransit", - "markdownDescription": "Details of encryption in transit to the Apache Kafka cluster.", - "title": "KafkaClusterEncryptionInTransit" - }, - "KafkaConnectVersion": { - "markdownDescription": "The version of Kafka Connect. It has to be compatible with both the Apache Kafka cluster's version and the plugins.", - "title": "KafkaConnectVersion", + "DatastoreTypeVersion": { + "markdownDescription": "The FHIR release version supported by the data store. Current support is for version `R4` .", + "title": "DatastoreTypeVersion", "type": "string" }, - "LogDelivery": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.LogDelivery", - "markdownDescription": "The settings for delivering connector logs to Amazon CloudWatch Logs.", - "title": "LogDelivery" + "IdentityProviderConfiguration": { + "$ref": "#/definitions/AWS::HealthLake::FHIRDatastore.IdentityProviderConfiguration", + "markdownDescription": "The identity provider configuration selected when the data store was created.", + "title": "IdentityProviderConfiguration" }, - "Plugins": { - "items": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.Plugin" - }, - "markdownDescription": "Specifies which plugin to use for the connector. You must specify a single-element list. Amazon MSK Connect does not currently support specifying multiple plugins.", - "title": "Plugins", - "type": "array" + "PreloadDataConfig": { + "$ref": "#/definitions/AWS::HealthLake::FHIRDatastore.PreloadDataConfig", + "markdownDescription": "The preloaded Synthea data configuration for the data store.", + "title": "PreloadDataConfig" }, - "ServiceExecutionRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role used by the connector to access Amazon Web Services resources.", - "title": "ServiceExecutionRoleArn", - "type": "string" + "SseConfiguration": { + "$ref": "#/definitions/AWS::HealthLake::FHIRDatastore.SseConfiguration", + "markdownDescription": "The server-side encryption key configuration for a customer-provided encryption key specified for creating a data store.", + "title": "SseConfiguration" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" - }, - "WorkerConfiguration": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.WorkerConfiguration", - "markdownDescription": "The worker configurations that are in use with the connector.", - "title": "WorkerConfiguration" } }, "required": [ - "Capacity", - "ConnectorConfiguration", - "ConnectorName", - "KafkaCluster", - "KafkaClusterClientAuthentication", - "KafkaClusterEncryptionInTransit", - "KafkaConnectVersion", - "Plugins", - "ServiceExecutionRoleArn" + "DatastoreTypeVersion" ], "type": "object" }, "Type": { "enum": [ - "AWS::KafkaConnect::Connector" + "AWS::HealthLake::FHIRDatastore" ], "type": "string" }, @@ -133858,347 +138442,180 @@ ], "type": "object" }, - "AWS::KafkaConnect::Connector.ApacheKafkaCluster": { - "additionalProperties": false, - "properties": { - "BootstrapServers": { - "markdownDescription": "The bootstrap servers of the cluster.", - "title": "BootstrapServers", - "type": "string" - }, - "Vpc": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.Vpc", - "markdownDescription": "Details of an Amazon VPC which has network connectivity to the Apache Kafka cluster.", - "title": "Vpc" - } - }, - "required": [ - "BootstrapServers", - "Vpc" - ], - "type": "object" - }, - "AWS::KafkaConnect::Connector.AutoScaling": { + "AWS::HealthLake::FHIRDatastore.CreatedAt": { "additionalProperties": false, "properties": { - "MaxWorkerCount": { - "markdownDescription": "The maximum number of workers allocated to the connector.", - "title": "MaxWorkerCount", - "type": "number" - }, - "McuCount": { - "markdownDescription": "The number of microcontroller units (MCUs) allocated to each connector worker. The valid values are 1,2,4,8.", - "title": "McuCount", - "type": "number" - }, - "MinWorkerCount": { - "markdownDescription": "The minimum number of workers allocated to the connector.", - "title": "MinWorkerCount", + "Nanos": { + "markdownDescription": "", + "title": "Nanos", "type": "number" }, - "ScaleInPolicy": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.ScaleInPolicy", - "markdownDescription": "The sacle-in policy for the connector.", - "title": "ScaleInPolicy" - }, - "ScaleOutPolicy": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.ScaleOutPolicy", - "markdownDescription": "The sacle-out policy for the connector.", - "title": "ScaleOutPolicy" + "Seconds": { + "markdownDescription": "", + "title": "Seconds", + "type": "string" } }, "required": [ - "MaxWorkerCount", - "McuCount", - "MinWorkerCount", - "ScaleInPolicy", - "ScaleOutPolicy" + "Nanos", + "Seconds" ], "type": "object" }, - "AWS::KafkaConnect::Connector.Capacity": { + "AWS::HealthLake::FHIRDatastore.IdentityProviderConfiguration": { "additionalProperties": false, "properties": { - "AutoScaling": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.AutoScaling", - "markdownDescription": "Information about the auto scaling parameters for the connector.", - "title": "AutoScaling" + "AuthorizationStrategy": { + "markdownDescription": "The authorization strategy selected when the HealthLake data store is created.\n\n> HealthLake provides support for both SMART on FHIR V1 and V2 as described below.\n> \n> - `SMART_ON_FHIR_V1` \u2013 Support for only SMART on FHIR V1, which includes `read` (read/search) and `write` (create/update/delete) permissions.\n> - `SMART_ON_FHIR` \u2013 Support for both SMART on FHIR V1 and V2, which includes `create` , `read` , `update` , `delete` , and `search` permissions.\n> - `AWS_AUTH` \u2013 The default HealthLake authorization strategy; not affiliated with SMART on FHIR.", + "title": "AuthorizationStrategy", + "type": "string" }, - "ProvisionedCapacity": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.ProvisionedCapacity", - "markdownDescription": "Details about a fixed capacity allocated to a connector.", - "title": "ProvisionedCapacity" - } - }, - "type": "object" - }, - "AWS::KafkaConnect::Connector.CloudWatchLogsLogDelivery": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Whether log delivery to Amazon CloudWatch Logs is enabled.", - "title": "Enabled", + "FineGrainedAuthorizationEnabled": { + "markdownDescription": "The parameter to enable SMART on FHIR fine-grained authorization for the data store.", + "title": "FineGrainedAuthorizationEnabled", "type": "boolean" }, - "LogGroup": { - "markdownDescription": "The name of the CloudWatch log group that is the destination for log delivery.", - "title": "LogGroup", - "type": "string" - } - }, - "required": [ - "Enabled" - ], - "type": "object" - }, - "AWS::KafkaConnect::Connector.CustomPlugin": { - "additionalProperties": false, - "properties": { - "CustomPluginArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the custom plugin.", - "title": "CustomPluginArn", + "IdpLambdaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function to use to decode the access token created by the authorization server.", + "title": "IdpLambdaArn", "type": "string" }, - "Revision": { - "markdownDescription": "The revision of the custom plugin.", - "title": "Revision", - "type": "number" + "Metadata": { + "markdownDescription": "The JSON metadata elements to use in your identity provider configuration. Required elements are listed based on the launch specification of the SMART application. For more information on all possible elements, see [Metadata](https://docs.aws.amazon.com/https://build.fhir.org/ig/HL7/smart-app-launch/conformance.html#metadata) in SMART's App Launch specification.\n\n`authorization_endpoint` : The URL to the OAuth2 authorization endpoint.\n\n`grant_types_supported` : An array of grant types that are supported at the token endpoint. You must provide at least one grant type option. Valid options are `authorization_code` and `client_credentials` .\n\n`token_endpoint` : The URL to the OAuth2 token endpoint.\n\n`capabilities` : An array of strings of the SMART capabilities that the authorization server supports.\n\n`code_challenge_methods_supported` : An array of strings of supported PKCE code challenge methods. You must include the `S256` method in the array of PKCE code challenge methods.", + "title": "Metadata", + "type": "string" } }, "required": [ - "CustomPluginArn", - "Revision" + "AuthorizationStrategy" ], "type": "object" }, - "AWS::KafkaConnect::Connector.FirehoseLogDelivery": { + "AWS::HealthLake::FHIRDatastore.KmsEncryptionConfig": { "additionalProperties": false, "properties": { - "DeliveryStream": { - "markdownDescription": "The name of the Kinesis Data Firehose delivery stream that is the destination for log delivery.", - "title": "DeliveryStream", + "CmkType": { + "markdownDescription": "The type of customer-managed-key(CMK) used for encryption. The two types of supported CMKs are customer owned CMKs and Amazon owned CMKs. For more information on CMK types, see [KmsEncryptionConfig](https://docs.aws.amazon.com/healthlake/latest/APIReference/API_KmsEncryptionConfig.html#HealthLake-Type-KmsEncryptionConfig-CmkType) .", + "title": "CmkType", "type": "string" }, - "Enabled": { - "markdownDescription": "Specifies whether connector logs get delivered to Amazon Kinesis Data Firehose.", - "title": "Enabled", - "type": "boolean" - } - }, - "required": [ - "Enabled" - ], - "type": "object" - }, - "AWS::KafkaConnect::Connector.KafkaCluster": { - "additionalProperties": false, - "properties": { - "ApacheKafkaCluster": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.ApacheKafkaCluster", - "markdownDescription": "The Apache Kafka cluster to which the connector is connected.", - "title": "ApacheKafkaCluster" - } - }, - "required": [ - "ApacheKafkaCluster" - ], - "type": "object" - }, - "AWS::KafkaConnect::Connector.KafkaClusterClientAuthentication": { - "additionalProperties": false, - "properties": { - "AuthenticationType": { - "markdownDescription": "The type of client authentication used to connect to the Apache Kafka cluster. Value NONE means that no client authentication is used.", - "title": "AuthenticationType", + "KmsKeyId": { + "markdownDescription": "The Key Management Service (KMS) encryption key id/alias used to encrypt the data store contents at rest.", + "title": "KmsKeyId", "type": "string" } }, "required": [ - "AuthenticationType" + "CmkType" ], "type": "object" }, - "AWS::KafkaConnect::Connector.KafkaClusterEncryptionInTransit": { + "AWS::HealthLake::FHIRDatastore.PreloadDataConfig": { "additionalProperties": false, "properties": { - "EncryptionType": { - "markdownDescription": "The type of encryption in transit to the Apache Kafka cluster.", - "title": "EncryptionType", + "PreloadDataType": { + "markdownDescription": "The type of preloaded data. Only Synthea preloaded data is supported.", + "title": "PreloadDataType", "type": "string" } }, "required": [ - "EncryptionType" - ], - "type": "object" - }, - "AWS::KafkaConnect::Connector.LogDelivery": { - "additionalProperties": false, - "properties": { - "WorkerLogDelivery": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.WorkerLogDelivery", - "markdownDescription": "The workers can send worker logs to different destination types. This configuration specifies the details of these destinations.", - "title": "WorkerLogDelivery" - } - }, - "required": [ - "WorkerLogDelivery" + "PreloadDataType" ], "type": "object" }, - "AWS::KafkaConnect::Connector.Plugin": { + "AWS::HealthLake::FHIRDatastore.SseConfiguration": { "additionalProperties": false, "properties": { - "CustomPlugin": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.CustomPlugin", - "markdownDescription": "Details about a custom plugin.", - "title": "CustomPlugin" + "KmsEncryptionConfig": { + "$ref": "#/definitions/AWS::HealthLake::FHIRDatastore.KmsEncryptionConfig", + "markdownDescription": "The server-side encryption key configuration for a customer provided encryption key.", + "title": "KmsEncryptionConfig" } }, "required": [ - "CustomPlugin" + "KmsEncryptionConfig" ], "type": "object" }, - "AWS::KafkaConnect::Connector.ProvisionedCapacity": { + "AWS::IAM::AccessKey": { "additionalProperties": false, "properties": { - "McuCount": { - "markdownDescription": "The number of microcontroller units (MCUs) allocated to each connector worker. The valid values are 1,2,4,8.", - "title": "McuCount", - "type": "number" + "Condition": { + "type": "string" }, - "WorkerCount": { - "markdownDescription": "The number of workers that are allocated to the connector.", - "title": "WorkerCount", - "type": "number" - } - }, - "required": [ - "WorkerCount" - ], - "type": "object" - }, - "AWS::KafkaConnect::Connector.S3LogDelivery": { - "additionalProperties": false, - "properties": { - "Bucket": { - "markdownDescription": "The name of the S3 bucket that is the destination for log delivery.", - "title": "Bucket", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Enabled": { - "markdownDescription": "Specifies whether connector logs get sent to the specified Amazon S3 destination.", - "title": "Enabled", - "type": "boolean" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Prefix": { - "markdownDescription": "The S3 prefix that is the destination for log delivery.", - "title": "Prefix", - "type": "string" - } - }, - "required": [ - "Enabled" - ], - "type": "object" - }, - "AWS::KafkaConnect::Connector.ScaleInPolicy": { - "additionalProperties": false, - "properties": { - "CpuUtilizationPercentage": { - "markdownDescription": "Specifies the CPU utilization percentage threshold at which you want connector scale in to be triggered.", - "title": "CpuUtilizationPercentage", - "type": "number" - } - }, - "required": [ - "CpuUtilizationPercentage" - ], - "type": "object" - }, - "AWS::KafkaConnect::Connector.ScaleOutPolicy": { - "additionalProperties": false, - "properties": { - "CpuUtilizationPercentage": { - "markdownDescription": "The CPU utilization percentage threshold at which you want connector scale out to be triggered.", - "title": "CpuUtilizationPercentage", - "type": "number" - } - }, - "required": [ - "CpuUtilizationPercentage" - ], - "type": "object" - }, - "AWS::KafkaConnect::Connector.Vpc": { - "additionalProperties": false, - "properties": { - "SecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "The security group IDs for the connector.", - "title": "SecurityGroups", - "type": "array" + "Metadata": { + "type": "object" }, - "Subnets": { - "items": { - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Serial": { + "markdownDescription": "This value is specific to CloudFormation and can only be *incremented* . Incrementing this value notifies CloudFormation that you want to rotate your access key. When you update your stack, CloudFormation will replace the existing access key with a new key.", + "title": "Serial", + "type": "number" + }, + "Status": { + "markdownDescription": "The status of the access key. `Active` means that the key is valid for API calls, while `Inactive` means it is not.", + "title": "Status", + "type": "string" + }, + "UserName": { + "markdownDescription": "The name of the IAM user that the new key will belong to.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "UserName", + "type": "string" + } }, - "markdownDescription": "The subnets for the connector.", - "title": "Subnets", - "type": "array" - } - }, - "required": [ - "SecurityGroups", - "Subnets" - ], - "type": "object" - }, - "AWS::KafkaConnect::Connector.WorkerConfiguration": { - "additionalProperties": false, - "properties": { - "Revision": { - "markdownDescription": "The revision of the worker configuration.", - "title": "Revision", - "type": "number" + "required": [ + "UserName" + ], + "type": "object" }, - "WorkerConfigurationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the worker configuration.", - "title": "WorkerConfigurationArn", + "Type": { + "enum": [ + "AWS::IAM::AccessKey" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Revision", - "WorkerConfigurationArn" + "Type", + "Properties" ], "type": "object" }, - "AWS::KafkaConnect::Connector.WorkerLogDelivery": { - "additionalProperties": false, - "properties": { - "CloudWatchLogs": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.CloudWatchLogsLogDelivery", - "markdownDescription": "Details about delivering logs to Amazon CloudWatch Logs.", - "title": "CloudWatchLogs" - }, - "Firehose": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.FirehoseLogDelivery", - "markdownDescription": "Details about delivering logs to Amazon Kinesis Data Firehose.", - "title": "Firehose" - }, - "S3": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.S3LogDelivery", - "markdownDescription": "Details about delivering logs to Amazon S3.", - "title": "S3" - } - }, - "type": "object" - }, - "AWS::KafkaConnect::CustomPlugin": { + "AWS::IAM::Group": { "additionalProperties": false, "properties": { "Condition": { @@ -134233,45 +138650,38 @@ "Properties": { "additionalProperties": false, "properties": { - "ContentType": { - "markdownDescription": "The format of the plugin file.", - "title": "ContentType", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the custom plugin.", - "title": "Description", + "GroupName": { + "markdownDescription": "The name of the group to create. Do not include the path in this value.\n\nThe group name must be unique within the account. Group names are not distinguished by case. For example, you cannot create groups named both \"ADMINS\" and \"admins\". If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the group name.\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name. \n\nIf you specify a name, you must specify the `CAPABILITY_NAMED_IAM` value to acknowledge your template's capabilities. For more information, see [Acknowledging IAM Resources in AWS CloudFormation Templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-template.html#using-iam-capabilities) .\n\n> Naming an IAM resource can cause an unrecoverable error if you reuse the same template in multiple Regions. To prevent this, we recommend using `Fn::Join` and `AWS::Region` to create a Region-specific name, as in the following example: `{\"Fn::Join\": [\"\", [{\"Ref\": \"AWS::Region\"}, {\"Ref\": \"MyResourceName\"}]]}` .", + "title": "GroupName", "type": "string" }, - "Location": { - "$ref": "#/definitions/AWS::KafkaConnect::CustomPlugin.CustomPluginLocation", - "markdownDescription": "Information about the location of the custom plugin.", - "title": "Location" + "ManagedPolicyArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM policy you want to attach.\n\nFor more information about ARNs, see [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* .", + "title": "ManagedPolicyArns", + "type": "array" }, - "Name": { - "markdownDescription": "The name of the custom plugin.", - "title": "Name", + "Path": { + "markdownDescription": "The path to the group. For more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.", + "title": "Path", "type": "string" }, - "Tags": { + "Policies": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::IAM::Group.Policy" }, - "markdownDescription": "", - "title": "Tags", + "markdownDescription": "Adds or updates an inline policy document that is embedded in the specified IAM group. To view AWS::IAM::Group snippets, see [Declaring an IAM Group Resource](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-iam.html#scenario-iam-group) .\n\n> The name of each inline policy for a role, user, or group must be unique. If you don't choose unique names, updates to the IAM identity will fail. \n\nFor information about limits on the number of inline policies that you can embed in a group, see [Limitations on IAM Entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the *IAM User Guide* .", + "title": "Policies", "type": "array" } }, - "required": [ - "ContentType", - "Location", - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::KafkaConnect::CustomPlugin" + "AWS::IAM::Group" ], "type": "string" }, @@ -134285,67 +138695,109 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::KafkaConnect::CustomPlugin.CustomPluginFileDescription": { + "AWS::IAM::Group.Policy": { "additionalProperties": false, "properties": { - "FileMd5": { - "markdownDescription": "The hex-encoded MD5 checksum of the custom plugin file. You can use it to validate the file.", - "title": "FileMd5", - "type": "string" + "PolicyDocument": { + "markdownDescription": "The policy document.", + "title": "PolicyDocument", + "type": "object" }, - "FileSize": { - "markdownDescription": "The size in bytes of the custom plugin file. You can use it to validate the file.", - "title": "FileSize", - "type": "number" - } - }, - "type": "object" - }, - "AWS::KafkaConnect::CustomPlugin.CustomPluginLocation": { - "additionalProperties": false, - "properties": { - "S3Location": { - "$ref": "#/definitions/AWS::KafkaConnect::CustomPlugin.S3Location", - "markdownDescription": "The S3 bucket Amazon Resource Name (ARN), file key, and object version of the plugin file stored in Amazon S3.", - "title": "S3Location" + "PolicyName": { + "markdownDescription": "The friendly name (not ARN) identifying the policy.", + "title": "PolicyName", + "type": "string" } }, "required": [ - "S3Location" + "PolicyDocument", + "PolicyName" ], "type": "object" }, - "AWS::KafkaConnect::CustomPlugin.S3Location": { + "AWS::IAM::GroupPolicy": { "additionalProperties": false, "properties": { - "BucketArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an S3 bucket.", - "title": "BucketArn", + "Condition": { "type": "string" }, - "FileKey": { - "markdownDescription": "The file key for an object in an S3 bucket.", - "title": "FileKey", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ObjectVersion": { - "markdownDescription": "The version of an object in an S3 bucket.", - "title": "ObjectVersion", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "GroupName": { + "markdownDescription": "The name of the group to associate the policy with.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-.", + "title": "GroupName", + "type": "string" + }, + "PolicyDocument": { + "markdownDescription": "The policy document.\n\nYou must provide policies in JSON format in IAM. However, for AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it to IAM.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", + "title": "PolicyDocument", + "type": "object" + }, + "PolicyName": { + "markdownDescription": "The name of the policy document.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "PolicyName", + "type": "string" + } + }, + "required": [ + "GroupName", + "PolicyName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IAM::GroupPolicy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "BucketArn", - "FileKey" + "Type", + "Properties" ], "type": "object" }, - "AWS::KafkaConnect::WorkerConfiguration": { + "AWS::IAM::InstanceProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -134380,39 +138832,33 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of a worker configuration.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the worker configuration.", - "title": "Name", + "InstanceProfileName": { + "markdownDescription": "The name of the instance profile to create.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "InstanceProfileName", "type": "string" }, - "PropertiesFileContent": { - "markdownDescription": "Base64 encoded contents of the connect-distributed.properties file.", - "title": "PropertiesFileContent", + "Path": { + "markdownDescription": "The path to the instance profile. For more information about paths, see [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.", + "title": "Path", "type": "string" }, - "Tags": { + "Roles": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "", - "title": "Tags", + "markdownDescription": "The name of the role to associate with the instance profile. Only one role can be assigned to an EC2 instance at a time, and all applications on the instance share the same role and permissions.", + "title": "Roles", "type": "array" } }, "required": [ - "Name", - "PropertiesFileContent" + "Roles" ], "type": "object" }, "Type": { "enum": [ - "AWS::KafkaConnect::WorkerConfiguration" + "AWS::IAM::InstanceProfile" ], "type": "string" }, @@ -134431,7 +138877,7 @@ ], "type": "object" }, - "AWS::Kendra::DataSource": { + "AWS::IAM::ManagedPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -134466,70 +138912,59 @@ "Properties": { "additionalProperties": false, "properties": { - "CustomDocumentEnrichmentConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.CustomDocumentEnrichmentConfiguration", - "markdownDescription": "Configuration information for altering document metadata and content during the document ingestion process.", - "title": "CustomDocumentEnrichmentConfiguration" - }, - "DataSourceConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceConfiguration", - "markdownDescription": "Configuration information for an Amazon Kendra data source. The contents of the configuration depend on the type of data source. You can only specify one type of data source in the configuration.\n\nYou can't specify the `Configuration` parameter when the `Type` parameter is set to `CUSTOM` .\n\nThe `Configuration` parameter is required for all other data sources.", - "title": "DataSourceConfiguration" - }, "Description": { - "markdownDescription": "A description for the data source connector.", + "markdownDescription": "A friendly description of the policy.\n\nTypically used to store information about the permissions defined in the policy. For example, \"Grants access to production DynamoDB tables.\"\n\nThe policy description is immutable. After a value is assigned, it cannot be changed.", "title": "Description", "type": "string" }, - "IndexId": { - "markdownDescription": "The identifier of the index you want to use with the data source connector.", - "title": "IndexId", - "type": "string" - }, - "LanguageCode": { - "markdownDescription": "The code for a language. This shows a supported language for all documents in the data source. English is supported by default. For more information on supported languages, including their codes, see [Adding documents in languages other than English](https://docs.aws.amazon.com/kendra/latest/dg/in-adding-languages.html) .", - "title": "LanguageCode", - "type": "string" + "Groups": { + "items": { + "type": "string" + }, + "markdownDescription": "The name (friendly name, not ARN) of the group to attach the policy to.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "Groups", + "type": "array" }, - "Name": { - "markdownDescription": "The name of the data source.", - "title": "Name", + "ManagedPolicyName": { + "markdownDescription": "The friendly name of the policy.\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name. \n\nIf you specify a name, you must specify the `CAPABILITY_NAMED_IAM` value to acknowledge your template's capabilities. For more information, see [Acknowledging IAM Resources in AWS CloudFormation Templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-template.html#using-iam-capabilities) .\n\n> Naming an IAM resource can cause an unrecoverable error if you reuse the same template in multiple Regions. To prevent this, we recommend using `Fn::Join` and `AWS::Region` to create a Region-specific name, as in the following example: `{\"Fn::Join\": [\"\", [{\"Ref\": \"AWS::Region\"}, {\"Ref\": \"MyResourceName\"}]]}` .", + "title": "ManagedPolicyName", "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of a role with permission to access the data source.\n\nYou can't specify the `RoleArn` parameter when the `Type` parameter is set to `CUSTOM` .\n\nThe `RoleArn` parameter is required for all other data sources.", - "title": "RoleArn", + "Path": { + "markdownDescription": "The path for the policy.\n\nFor more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.\n\n> You cannot use an asterisk (*) in the path name.", + "title": "Path", "type": "string" }, - "Schedule": { - "markdownDescription": "Sets the frequency that Amazon Kendra checks the documents in your data source and updates the index. If you don't set a schedule, Amazon Kendra doesn't periodically update the index.", - "title": "Schedule", - "type": "string" + "PolicyDocument": { + "markdownDescription": "The JSON policy document that you want to use as the content for the new policy.\n\nYou must provide policies in JSON format in IAM. However, for AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it to IAM.\n\nThe maximum length of the policy document that you can pass in this operation, including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see [IAM and AWS STS character quotas](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length) .\n\nTo learn more about JSON policy grammar, see [Grammar of the IAM JSON policy language](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_grammar.html) in the *IAM User Guide* .\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", + "title": "PolicyDocument", + "type": "object" }, - "Tags": { + "Roles": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "An array of key-value pairs to apply to this resource\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", + "markdownDescription": "The name (friendly name, not ARN) of the role to attach the policy to.\n\nThis parameter allows (per its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-\n\n> If an external policy (such as `AWS::IAM::Policy` or `AWS::IAM::ManagedPolicy` ) has a `Ref` to a role and if a resource (such as `AWS::ECS::Service` ) also has a `Ref` to the same role, add a `DependsOn` attribute to the resource to make the resource depend on the external policy. This dependency ensures that the role's policy is available throughout the resource's lifecycle. For example, when you delete a stack with an `AWS::ECS::Service` resource, the `DependsOn` attribute ensures that AWS CloudFormation deletes the `AWS::ECS::Service` resource before deleting its role's policy.", + "title": "Roles", "type": "array" }, - "Type": { - "markdownDescription": "The type of the data source.", - "title": "Type", - "type": "string" + "Users": { + "items": { + "type": "string" + }, + "markdownDescription": "The name (friendly name, not ARN) of the IAM user to attach the policy to.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "Users", + "type": "array" } }, "required": [ - "IndexId", - "Name", - "Type" + "PolicyDocument" ], "type": "object" }, "Type": { "enum": [ - "AWS::Kendra::DataSource" + "AWS::IAM::ManagedPolicy" ], "type": "string" }, @@ -134548,1587 +138983,1821 @@ ], "type": "object" }, - "AWS::Kendra::DataSource.AccessControlListConfiguration": { + "AWS::IAM::OIDCProvider": { "additionalProperties": false, "properties": { - "KeyPath": { - "markdownDescription": "Path to the AWS S3 bucket that contains the access control list files.", - "title": "KeyPath", + "Condition": { "type": "string" - } - }, - "type": "object" - }, - "AWS::Kendra::DataSource.AclConfiguration": { - "additionalProperties": false, - "properties": { - "AllowedGroupsColumnName": { - "markdownDescription": "A list of groups, separated by semi-colons, that filters a query response based on user context. The document is only returned to users that are in one of the groups specified in the `UserContext` field of the [Query](https://docs.aws.amazon.com/kendra/latest/dg/API_Query.html) operation.", - "title": "AllowedGroupsColumnName", + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "required": [ - "AllowedGroupsColumnName" - ], - "type": "object" - }, - "AWS::Kendra::DataSource.ColumnConfiguration": { - "additionalProperties": false, - "properties": { - "ChangeDetectingColumns": { - "items": { - "type": "string" - }, - "markdownDescription": "One to five columns that indicate when a document in the database has changed.", - "title": "ChangeDetectingColumns", - "type": "array" }, - "DocumentDataColumnName": { - "markdownDescription": "The column that contains the contents of the document.", - "title": "DocumentDataColumnName", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "DocumentIdColumnName": { - "markdownDescription": "The column that provides the document's identifier.", - "title": "DocumentIdColumnName", - "type": "string" + "Metadata": { + "type": "object" }, - "DocumentTitleColumnName": { - "markdownDescription": "The column that contains the title of the document.", - "title": "DocumentTitleColumnName", + "Properties": { + "additionalProperties": false, + "properties": { + "ClientIdList": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of client IDs (also known as audiences) that are associated with the specified IAM OIDC provider resource object. For more information, see [CreateOpenIDConnectProvider](https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateOpenIDConnectProvider.html) .", + "title": "ClientIdList", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags that are attached to the specified IAM OIDC provider. The returned list of tags is sorted by tag key. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .", + "title": "Tags", + "type": "array" + }, + "ThumbprintList": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of certificate thumbprints that are associated with the specified IAM OIDC provider resource object. For more information, see [CreateOpenIDConnectProvider](https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateOpenIDConnectProvider.html) .\n\nThis property is optional. If it is not included, IAM will retrieve and use the top intermediate certificate authority (CA) thumbprint of the OpenID Connect identity provider server certificate.", + "title": "ThumbprintList", + "type": "array" + }, + "Url": { + "markdownDescription": "The URL that the IAM OIDC provider resource object is associated with. For more information, see [CreateOpenIDConnectProvider](https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateOpenIDConnectProvider.html) .", + "title": "Url", + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IAM::OIDCProvider" + ], "type": "string" }, - "FieldMappings": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" - }, - "markdownDescription": "An array of objects that map database column names to the corresponding fields in an index. You must first create the fields in the index using the [UpdateIndex](https://docs.aws.amazon.com/kendra/latest/dg/API_UpdateIndex.html) operation.", - "title": "FieldMappings", - "type": "array" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "ChangeDetectingColumns", - "DocumentDataColumnName", - "DocumentIdColumnName" + "Type" ], "type": "object" }, - "AWS::Kendra::DataSource.ConfluenceAttachmentConfiguration": { + "AWS::IAM::Policy": { "additionalProperties": false, "properties": { - "AttachmentFieldMappings": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceAttachmentToIndexFieldMapping" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Groups": { + "items": { + "type": "string" + }, + "markdownDescription": "The name of the group to associate the policy with.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-.", + "title": "Groups", + "type": "array" + }, + "PolicyDocument": { + "markdownDescription": "The policy document.\n\nYou must provide policies in JSON format in IAM. However, for AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it to IAM.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", + "title": "PolicyDocument", + "type": "object" + }, + "PolicyName": { + "markdownDescription": "The name of the policy document.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "PolicyName", + "type": "string" + }, + "Roles": { + "items": { + "type": "string" + }, + "markdownDescription": "The name of the role to associate the policy with.\n\nThis parameter allows (per its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-\n\n> If an external policy (such as `AWS::IAM::Policy` or `AWS::IAM::ManagedPolicy` ) has a `Ref` to a role and if a resource (such as `AWS::ECS::Service` ) also has a `Ref` to the same role, add a `DependsOn` attribute to the resource to make the resource depend on the external policy. This dependency ensures that the role's policy is available throughout the resource's lifecycle. For example, when you delete a stack with an `AWS::ECS::Service` resource, the `DependsOn` attribute ensures that AWS CloudFormation deletes the `AWS::ECS::Service` resource before deleting its role's policy.", + "title": "Roles", + "type": "array" + }, + "Users": { + "items": { + "type": "string" + }, + "markdownDescription": "The name of the user to associate the policy with.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "Users", + "type": "array" + } }, - "markdownDescription": "Maps attributes or field names of Confluence attachments to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Confluence fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Confluence data source field names must exist in your Confluence custom metadata.\n\nIf you specify the `AttachentFieldMappings` parameter, you must specify at least one field mapping.", - "title": "AttachmentFieldMappings", - "type": "array" + "required": [ + "PolicyDocument", + "PolicyName" + ], + "type": "object" }, - "CrawlAttachments": { - "markdownDescription": "`TRUE` to index attachments of pages and blogs in Confluence.", - "title": "CrawlAttachments", - "type": "boolean" + "Type": { + "enum": [ + "AWS::IAM::Policy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::Kendra::DataSource.ConfluenceAttachmentToIndexFieldMapping": { + "AWS::IAM::Role": { "additionalProperties": false, "properties": { - "DataSourceFieldName": { - "markdownDescription": "The name of the field in the data source.\n\nYou must first create the index field using the `UpdateIndex` API.", - "title": "DataSourceFieldName", + "Condition": { "type": "string" }, - "DateFieldFormat": { - "markdownDescription": "The format for date fields in the data source. If the field specified in `DataSourceFieldName` is a date field you must specify the date format. If the field is not a date field, an exception is thrown.", - "title": "DateFieldFormat", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "IndexFieldName": { - "markdownDescription": "The name of the index field to map to the Confluence data source field. The index field type must match the Confluence field type.", - "title": "IndexFieldName", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AssumeRolePolicyDocument": { + "markdownDescription": "The trust policy that is associated with this role. Trust policies define which entities can assume the role. You can associate only one trust policy with a role. For an example of a policy that can be used to assume a role, see [Template Examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html#aws-resource-iam-role--examples) . For more information about the elements that you can use in an IAM policy, see [IAM Policy Elements Reference](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements.html) in the *IAM User Guide* .", + "title": "AssumeRolePolicyDocument", + "type": "object" + }, + "Description": { + "markdownDescription": "A description of the role that you provide.", + "title": "Description", + "type": "string" + }, + "ManagedPolicyArns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of Amazon Resource Names (ARNs) of the IAM managed policies that you want to attach to the role.\n\nFor more information about ARNs, see [Amazon Resource Names (ARNs) and AWS Service Namespaces](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* .", + "title": "ManagedPolicyArns", + "type": "array" + }, + "MaxSessionDuration": { + "markdownDescription": "The maximum session duration (in seconds) that you want to set for the specified role. If you do not specify a value for this setting, the default value of one hour is applied. This setting can have a value from 1 hour to 12 hours.\n\nAnyone who assumes the role from the AWS CLI or API can use the `DurationSeconds` API parameter or the `duration-seconds` AWS CLI parameter to request a longer session. The `MaxSessionDuration` setting determines the maximum duration that can be requested using the `DurationSeconds` parameter. If users don't specify a value for the `DurationSeconds` parameter, their security credentials are valid for one hour by default. This applies when you use the `AssumeRole*` API operations or the `assume-role*` AWS CLI operations but does not apply when you use those operations to create a console URL. For more information, see [Using IAM roles](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html) in the *IAM User Guide* .", + "title": "MaxSessionDuration", + "type": "number" + }, + "Path": { + "markdownDescription": "The path to the role. For more information about paths, see [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.", + "title": "Path", + "type": "string" + }, + "PermissionsBoundary": { + "markdownDescription": "The ARN of the policy used to set the permissions boundary for the role.\n\nFor more information about permissions boundaries, see [Permissions boundaries for IAM identities](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) in the *IAM User Guide* .", + "title": "PermissionsBoundary", + "type": "string" + }, + "Policies": { + "items": { + "$ref": "#/definitions/AWS::IAM::Role.Policy" + }, + "markdownDescription": "Adds or updates an inline policy document that is embedded in the specified IAM role.\n\nWhen you embed an inline policy in a role, the inline policy is used as part of the role's access (permissions) policy. The role's trust policy is created at the same time as the role. You can update a role's trust policy later. For more information about IAM roles, go to [Using Roles to Delegate Permissions and Federate Identities](https://docs.aws.amazon.com/IAM/latest/UserGuide/roles-toplevel.html) .\n\nA role can also have an attached managed policy. For information about policies, see [Managed Policies and Inline Policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the *IAM User Guide* .\n\nFor information about limits on the number of inline policies that you can embed with a role, see [Limitations on IAM Entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the *IAM User Guide* .\n\n> If an external policy (such as `AWS::IAM::Policy` or `AWS::IAM::ManagedPolicy` ) has a `Ref` to a role and if a resource (such as `AWS::ECS::Service` ) also has a `Ref` to the same role, add a `DependsOn` attribute to the resource to make the resource depend on the external policy. This dependency ensures that the role's policy is available throughout the resource's lifecycle. For example, when you delete a stack with an `AWS::ECS::Service` resource, the `DependsOn` attribute ensures that AWS CloudFormation deletes the `AWS::ECS::Service` resource before deleting its role's policy.", + "title": "Policies", + "type": "array" + }, + "RoleName": { + "markdownDescription": "A name for the IAM role, up to 64 characters in length. For valid values, see the `RoleName` parameter for the [`CreateRole`](https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateRole.html) action in the *IAM User Guide* .\n\nThis parameter allows (per its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-. The role name must be unique within the account. Role names are not distinguished by case. For example, you cannot create roles named both \"Role1\" and \"role1\".\n\nIf you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the role name.\n\nIf you specify a name, you must specify the `CAPABILITY_NAMED_IAM` value to acknowledge your template's capabilities. For more information, see [Acknowledging IAM Resources in AWS CloudFormation Templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-template.html#using-iam-capabilities) .\n\n> Naming an IAM resource can cause an unrecoverable error if you reuse the same template in multiple Regions. To prevent this, we recommend using `Fn::Join` and `AWS::Region` to create a Region-specific name, as in the following example: `{\"Fn::Join\": [\"\", [{\"Ref\": \"AWS::Region\"}, {\"Ref\": \"MyResourceName\"}]]}` .", + "title": "RoleName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags that are attached to the role. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "AssumeRolePolicyDocument" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IAM::Role" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "DataSourceFieldName", - "IndexFieldName" + "Type", + "Properties" ], "type": "object" }, - "AWS::Kendra::DataSource.ConfluenceBlogConfiguration": { + "AWS::IAM::Role.Policy": { "additionalProperties": false, "properties": { - "BlogFieldMappings": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceBlogToIndexFieldMapping" - }, - "markdownDescription": "Maps attributes or field names of Confluence blogs to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Confluence fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Confluence data source field names must exist in your Confluence custom metadata.\n\nIf you specify the `BlogFieldMappings` parameter, you must specify at least one field mapping.", - "title": "BlogFieldMappings", - "type": "array" + "PolicyDocument": { + "markdownDescription": "The entire contents of the policy that defines permissions. For more information, see [Overview of JSON policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policies-json) .", + "title": "PolicyDocument", + "type": "object" + }, + "PolicyName": { + "markdownDescription": "The friendly name (not ARN) identifying the policy.", + "title": "PolicyName", + "type": "string" } }, + "required": [ + "PolicyDocument", + "PolicyName" + ], "type": "object" }, - "AWS::Kendra::DataSource.ConfluenceBlogToIndexFieldMapping": { + "AWS::IAM::RolePolicy": { "additionalProperties": false, "properties": { - "DataSourceFieldName": { - "markdownDescription": "The name of the field in the data source.", - "title": "DataSourceFieldName", + "Condition": { "type": "string" }, - "DateFieldFormat": { - "markdownDescription": "The format for date fields in the data source. If the field specified in `DataSourceFieldName` is a date field you must specify the date format. If the field is not a date field, an exception is thrown.", - "title": "DateFieldFormat", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "IndexFieldName": { - "markdownDescription": "The name of the index field to map to the Confluence data source field. The index field type must match the Confluence field type.", - "title": "IndexFieldName", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "PolicyDocument": { + "markdownDescription": "The policy document.\n\nYou must provide policies in JSON format in IAM. However, for AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it to IAM.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", + "title": "PolicyDocument", + "type": "object" + }, + "PolicyName": { + "markdownDescription": "The name of the policy document.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "PolicyName", + "type": "string" + }, + "RoleName": { + "markdownDescription": "The name of the role to associate the policy with.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "RoleName", + "type": "string" + } + }, + "required": [ + "PolicyName", + "RoleName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IAM::RolePolicy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "DataSourceFieldName", - "IndexFieldName" + "Type", + "Properties" ], "type": "object" }, - "AWS::Kendra::DataSource.ConfluenceConfiguration": { + "AWS::IAM::SAMLProvider": { "additionalProperties": false, "properties": { - "AttachmentConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceAttachmentConfiguration", - "markdownDescription": "Configuration information for indexing attachments to Confluence blogs and pages.", - "title": "AttachmentConfiguration" - }, - "BlogConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceBlogConfiguration", - "markdownDescription": "Configuration information for indexing Confluence blogs.", - "title": "BlogConfiguration" + "Condition": { + "type": "string" }, - "ExclusionPatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of regular expression patterns to exclude certain blog posts, pages, spaces, or attachments in your Confluence. Content that matches the patterns are excluded from the index. Content that doesn't match the patterns is included in the index. If content matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the content isn't included in the index.", - "title": "ExclusionPatterns", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "InclusionPatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of regular expression patterns to include certain blog posts, pages, spaces, or attachments in your Confluence. Content that matches the patterns are included in the index. Content that doesn't match the patterns is excluded from the index. If content matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the content isn't included in the index.", - "title": "InclusionPatterns", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "PageConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluencePageConfiguration", - "markdownDescription": "Configuration information for indexing Confluence pages.", - "title": "PageConfiguration" + "Metadata": { + "type": "object" }, - "SecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that contains the user name and password required to connect to the Confluence instance. If you use Confluence Cloud, you use a generated API token as the password.\n\nYou can also provide authentication credentials in the form of a personal access token. For more information, see [Using a Confluence data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-confluence.html) .", - "title": "SecretArn", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "AddPrivateKey": { + "markdownDescription": "Specifies the new private key from your external identity provider. The private key must be a .pem file that uses AES-GCM or AES-CBC encryption algorithm to decrypt SAML assertions.", + "title": "AddPrivateKey", + "type": "string" + }, + "AssertionEncryptionMode": { + "markdownDescription": "Specifies the encryption setting for the SAML provider.", + "title": "AssertionEncryptionMode", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the provider to create.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "Name", + "type": "string" + }, + "PrivateKeyList": { + "items": { + "$ref": "#/definitions/AWS::IAM::SAMLProvider.SAMLPrivateKey" + }, + "markdownDescription": "The private key metadata for the SAML provider.", + "title": "PrivateKeyList", + "type": "array" + }, + "RemovePrivateKey": { + "markdownDescription": "The Key ID of the private key to remove.", + "title": "RemovePrivateKey", + "type": "string" + }, + "SamlMetadataDocument": { + "markdownDescription": "An XML document generated by an identity provider (IdP) that supports SAML 2.0. The document includes the issuer's name, expiration information, and keys that can be used to validate the SAML authentication response (assertions) that are received from the IdP. You must generate the metadata document using the identity management software that is used as your organization's IdP.\n\nFor more information, see [About SAML 2.0-based federation](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html) in the *IAM User Guide*", + "title": "SamlMetadataDocument", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags that you want to attach to the new IAM SAML provider. Each tag consists of a key name and an associated value. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .\n\n> If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request fails and the resource is not created.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" }, - "ServerUrl": { - "markdownDescription": "The URL of your Confluence instance. Use the full URL of the server. For example, *https://server.example.com:port/* . You can also use an IP address, for example, *https://192.168.1.113/* .", - "title": "ServerUrl", + "Type": { + "enum": [ + "AWS::IAM::SAMLProvider" + ], "type": "string" }, - "SpaceConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceSpaceConfiguration", - "markdownDescription": "Configuration information for indexing Confluence spaces.", - "title": "SpaceConfiguration" - }, - "Version": { - "markdownDescription": "The version or the type of Confluence installation to connect to.", - "title": "Version", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "VpcConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceVpcConfiguration", - "markdownDescription": "Configuration information for an Amazon Virtual Private Cloud to connect to your Confluence. For more information, see [Configuring a VPC](https://docs.aws.amazon.com/kendra/latest/dg/vpc-configuration.html) .", - "title": "VpcConfiguration" } }, "required": [ - "SecretArn", - "ServerUrl", - "Version" + "Type" ], "type": "object" }, - "AWS::Kendra::DataSource.ConfluencePageConfiguration": { - "additionalProperties": false, - "properties": { - "PageFieldMappings": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluencePageToIndexFieldMapping" - }, - "markdownDescription": "Maps attributes or field names of Confluence pages to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Confluence fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Confluence data source field names must exist in your Confluence custom metadata.\n\nIf you specify the `PageFieldMappings` parameter, you must specify at least one field mapping.", - "title": "PageFieldMappings", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Kendra::DataSource.ConfluencePageToIndexFieldMapping": { + "AWS::IAM::SAMLProvider.SAMLPrivateKey": { "additionalProperties": false, "properties": { - "DataSourceFieldName": { - "markdownDescription": "The name of the field in the data source.", - "title": "DataSourceFieldName", - "type": "string" - }, - "DateFieldFormat": { - "markdownDescription": "The format for date fields in the data source. If the field specified in `DataSourceFieldName` is a date field you must specify the date format. If the field is not a date field, an exception is thrown.", - "title": "DateFieldFormat", + "KeyId": { + "markdownDescription": "The unique identifier for the SAML private key.", + "title": "KeyId", "type": "string" }, - "IndexFieldName": { - "markdownDescription": "The name of the index field to map to the Confluence data source field. The index field type must match the Confluence field type.", - "title": "IndexFieldName", + "Timestamp": { + "markdownDescription": "The date and time, in [ISO 8601 date-time](https://docs.aws.amazon.com/http://www.iso.org/iso/iso8601) format, when the private key was uploaded.", + "title": "Timestamp", "type": "string" } }, "required": [ - "DataSourceFieldName", - "IndexFieldName" + "KeyId", + "Timestamp" ], "type": "object" }, - "AWS::Kendra::DataSource.ConfluenceSpaceConfiguration": { + "AWS::IAM::ServerCertificate": { "additionalProperties": false, "properties": { - "CrawlArchivedSpaces": { - "markdownDescription": "`TRUE` to index archived spaces.", - "title": "CrawlArchivedSpaces", - "type": "boolean" + "Condition": { + "type": "string" }, - "CrawlPersonalSpaces": { - "markdownDescription": "`TRUE` to index personal spaces. You can add restrictions to items in personal spaces. If personal spaces are indexed, queries without user context information may return restricted items from a personal space in their results. For more information, see [Filtering on user context](https://docs.aws.amazon.com/kendra/latest/dg/user-context-filter.html) .", - "title": "CrawlPersonalSpaces", - "type": "boolean" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ExcludeSpaces": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of space keys of Confluence spaces. If you include a key, the blogs, documents, and attachments in the space are not indexed. If a space is in both the `ExcludeSpaces` and the `IncludeSpaces` list, the space is excluded.", - "title": "ExcludeSpaces", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "IncludeSpaces": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of space keys for Confluence spaces. If you include a key, the blogs, documents, and attachments in the space are indexed. Spaces that aren't in the list aren't indexed. A space in the list must exist. Otherwise, Amazon Kendra logs an error when the data source is synchronized. If a space is in both the `IncludeSpaces` and the `ExcludeSpaces` list, the space is excluded.", - "title": "IncludeSpaces", - "type": "array" + "Metadata": { + "type": "object" }, - "SpaceFieldMappings": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceSpaceToIndexFieldMapping" + "Properties": { + "additionalProperties": false, + "properties": { + "CertificateBody": { + "markdownDescription": "The contents of the public key certificate.", + "title": "CertificateBody", + "type": "string" + }, + "CertificateChain": { + "markdownDescription": "The contents of the public key certificate chain.", + "title": "CertificateChain", + "type": "string" + }, + "Path": { + "markdownDescription": "The path for the server certificate. For more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/). This parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.\n\n> If you are uploading a server certificate specifically for use with Amazon CloudFront distributions, you must specify a path using the `path` parameter. The path must begin with `/cloudfront` and must include a trailing slash (for example, `/cloudfront/test/` ).", + "title": "Path", + "type": "string" + }, + "PrivateKey": { + "markdownDescription": "The contents of the private key in PEM-encoded format.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", + "title": "PrivateKey", + "type": "string" + }, + "ServerCertificateName": { + "markdownDescription": "The name for the server certificate. Do not include the path in this value. The name of the certificate cannot contain any spaces.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "ServerCertificateName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags that are attached to the server certificate. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "Maps attributes or field names of Confluence spaces to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Confluence fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Confluence data source field names must exist in your Confluence custom metadata.\n\nIf you specify the `SpaceFieldMappings` parameter, you must specify at least one field mapping.", - "title": "SpaceFieldMappings", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Kendra::DataSource.ConfluenceSpaceToIndexFieldMapping": { - "additionalProperties": false, - "properties": { - "DataSourceFieldName": { - "markdownDescription": "The name of the field in the data source.", - "title": "DataSourceFieldName", - "type": "string" + "type": "object" }, - "DateFieldFormat": { - "markdownDescription": "The format for date fields in the data source. If the field specified in `DataSourceFieldName` is a date field you must specify the date format. If the field is not a date field, an exception is thrown.", - "title": "DateFieldFormat", + "Type": { + "enum": [ + "AWS::IAM::ServerCertificate" + ], "type": "string" }, - "IndexFieldName": { - "markdownDescription": "The name of the index field to map to the Confluence data source field. The index field type must match the Confluence field type.", - "title": "IndexFieldName", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "DataSourceFieldName", - "IndexFieldName" + "Type" ], "type": "object" }, - "AWS::Kendra::DataSource.ConnectionConfiguration": { + "AWS::IAM::ServiceLinkedRole": { "additionalProperties": false, "properties": { - "DatabaseHost": { - "markdownDescription": "The name of the host for the database. Can be either a string (host.subdomain.domain.tld) or an IPv4 or IPv6 address.", - "title": "DatabaseHost", + "Condition": { "type": "string" }, - "DatabaseName": { - "markdownDescription": "The name of the database containing the document data.", - "title": "DatabaseName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "DatabasePort": { - "markdownDescription": "The port that the database uses for connections.", - "title": "DatabasePort", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that stores the credentials. The credentials should be a user-password pair. For more information, see [Using a Database Data Source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-database.html) . For more information about AWS Secrets Manager , see [What Is AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html) in the *AWS Secrets Manager* user guide.", - "title": "SecretArn", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AWSServiceName": { + "markdownDescription": "The service principal for the AWS service to which this role is attached. You use a string similar to a URL but without the http:// in front. For example: `elasticbeanstalk.amazonaws.com` .\n\nService principals are unique and case-sensitive. To find the exact service principal for your service-linked role, see [AWS services that work with IAM](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html) in the *IAM User Guide* . Look for the services that have *Yes* in the *Service-Linked Role* column. Choose the *Yes* link to view the service-linked role documentation for that service.", + "title": "AWSServiceName", + "type": "string" + }, + "CustomSuffix": { + "markdownDescription": "A string that you provide, which is combined with the service-provided prefix to form the complete role name. If you make multiple requests for the same service, then you must supply a different `CustomSuffix` for each request. Otherwise the request fails with a duplicate role name error. For example, you could add `-1` or `-debug` to the suffix.\n\nSome services do not support the `CustomSuffix` parameter. If you provide an optional suffix and the operation fails, try the operation again without the suffix.", + "title": "CustomSuffix", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the role.", + "title": "Description", + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IAM::ServiceLinkedRole" + ], "type": "string" }, - "TableName": { - "markdownDescription": "The name of the table that contains the document data.", - "title": "TableName", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "DatabaseHost", - "DatabaseName", - "DatabasePort", - "SecretArn", - "TableName" + "Type" ], "type": "object" }, - "AWS::Kendra::DataSource.CustomDocumentEnrichmentConfiguration": { + "AWS::IAM::User": { "additionalProperties": false, "properties": { - "InlineConfigurations": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.InlineCustomDocumentEnrichmentConfiguration" - }, - "markdownDescription": "Configuration information to alter document attributes or metadata fields and content when ingesting documents into Amazon Kendra.", - "title": "InlineConfigurations", - "type": "array" - }, - "PostExtractionHookConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.HookConfiguration", - "markdownDescription": "Configuration information for invoking a Lambda function in AWS Lambda on the structured documents with their metadata and text extracted. You can use a Lambda function to apply advanced logic for creating, modifying, or deleting document metadata and content. For more information, see [Advanced data manipulation](https://docs.aws.amazon.com/kendra/latest/dg/custom-document-enrichment.html#advanced-data-manipulation) .", - "title": "PostExtractionHookConfiguration" - }, - "PreExtractionHookConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.HookConfiguration", - "markdownDescription": "Configuration information for invoking a Lambda function in AWS Lambda on the original or raw documents before extracting their metadata and text. You can use a Lambda function to apply advanced logic for creating, modifying, or deleting document metadata and content. For more information, see [Advanced data manipulation](https://docs.aws.amazon.com/kendra/latest/dg/custom-document-enrichment.html#advanced-data-manipulation) .", - "title": "PreExtractionHookConfiguration" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role with permission to run `PreExtractionHookConfiguration` and `PostExtractionHookConfiguration` for altering document metadata and content during the document ingestion process. For more information, see [an IAM roles for Amazon Kendra](https://docs.aws.amazon.com/kendra/latest/dg/iam-roles.html) .", - "title": "RoleArn", + "Condition": { "type": "string" - } - }, - "type": "object" - }, - "AWS::Kendra::DataSource.DataSourceConfiguration": { - "additionalProperties": false, - "properties": { - "ConfluenceConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceConfiguration", - "markdownDescription": "Provides the configuration information to connect to Confluence as your data source.", - "title": "ConfluenceConfiguration" - }, - "DatabaseConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DatabaseConfiguration", - "markdownDescription": "Provides the configuration information to connect to a database as your data source.", - "title": "DatabaseConfiguration" - }, - "GoogleDriveConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.GoogleDriveConfiguration", - "markdownDescription": "Provides the configuration information to connect to Google Drive as your data source.", - "title": "GoogleDriveConfiguration" - }, - "OneDriveConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.OneDriveConfiguration", - "markdownDescription": "Provides the configuration information to connect to Microsoft OneDrive as your data source.", - "title": "OneDriveConfiguration" - }, - "S3Configuration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.S3DataSourceConfiguration", - "markdownDescription": "Provides the configuration information to connect to an Amazon S3 bucket as your data source.\n\n> Amazon Kendra now supports an upgraded Amazon S3 connector.\n> \n> You must now use the [TemplateConfiguration](https://docs.aws.amazon.com/kendra/latest/APIReference/API_TemplateConfiguration.html) object instead of the `S3DataSourceConfiguration` object to configure your connector.\n> \n> Connectors configured using the older console and API architecture will continue to function as configured. However, you won't be able to edit or update them. If you want to edit or update your connector configuration, you must create a new connector.\n> \n> We recommended migrating your connector workflow to the upgraded version. Support for connectors configured using the older architecture is scheduled to end by June 2024.", - "title": "S3Configuration" - }, - "SalesforceConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceConfiguration", - "markdownDescription": "Provides the configuration information to connect to Salesforce as your data source.", - "title": "SalesforceConfiguration" }, - "ServiceNowConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ServiceNowConfiguration", - "markdownDescription": "Provides the configuration information to connect to ServiceNow as your data source.", - "title": "ServiceNowConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "SharePointConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.SharePointConfiguration", - "markdownDescription": "Provides the configuration information to connect to Microsoft SharePoint as your data source.", - "title": "SharePointConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "WebCrawlerConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.WebCrawlerConfiguration", - "markdownDescription": "Provides the configuration information required for Amazon Kendra Web Crawler.", - "title": "WebCrawlerConfiguration" + "Metadata": { + "type": "object" }, - "WorkDocsConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.WorkDocsConfiguration", - "markdownDescription": "Provides the configuration information to connect to Amazon WorkDocs as your data source.", - "title": "WorkDocsConfiguration" - } - }, - "type": "object" - }, - "AWS::Kendra::DataSource.DataSourceToIndexFieldMapping": { - "additionalProperties": false, - "properties": { - "DataSourceFieldName": { - "markdownDescription": "The name of the field in the data source. You must first create the index field using the `UpdateIndex` API.", - "title": "DataSourceFieldName", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Groups": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of group names to which you want to add the user.", + "title": "Groups", + "type": "array" + }, + "LoginProfile": { + "$ref": "#/definitions/AWS::IAM::User.LoginProfile", + "markdownDescription": "Creates a password for the specified IAM user. A password allows an IAM user to access AWS services through the AWS Management Console .\n\nYou can use the AWS CLI , the AWS API, or the *Users* page in the IAM console to create a password for any IAM user. Use [ChangePassword](https://docs.aws.amazon.com/IAM/latest/APIReference/API_ChangePassword.html) to update your own existing password in the *My Security Credentials* page in the AWS Management Console .\n\nFor more information about managing passwords, see [Managing passwords](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingLogins.html) in the *IAM User Guide* .", + "title": "LoginProfile" + }, + "ManagedPolicyArns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of Amazon Resource Names (ARNs) of the IAM managed policies that you want to attach to the user.\n\nFor more information about ARNs, see [Amazon Resource Names (ARNs) and AWS Service Namespaces](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* .", + "title": "ManagedPolicyArns", + "type": "array" + }, + "Path": { + "markdownDescription": "The path for the user name. For more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.", + "title": "Path", + "type": "string" + }, + "PermissionsBoundary": { + "markdownDescription": "The ARN of the managed policy that is used to set the permissions boundary for the user.\n\nA permissions boundary policy defines the maximum permissions that identity-based policies can grant to an entity, but does not grant permissions. Permissions boundaries do not define the maximum permissions that a resource-based policy can grant to an entity. To learn more, see [Permissions boundaries for IAM entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) in the *IAM User Guide* .\n\nFor more information about policy types, see [Policy types](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policy-types) in the *IAM User Guide* .", + "title": "PermissionsBoundary", + "type": "string" + }, + "Policies": { + "items": { + "$ref": "#/definitions/AWS::IAM::User.Policy" + }, + "markdownDescription": "Adds or updates an inline policy document that is embedded in the specified IAM user. To view AWS::IAM::User snippets, see [Declaring an IAM User Resource](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-iam.html#scenario-iam-user) .\n\n> The name of each policy for a role, user, or group must be unique. If you don't choose unique names, updates to the IAM identity will fail. \n\nFor information about limits on the number of inline policies that you can embed in a user, see [Limitations on IAM Entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the *IAM User Guide* .", + "title": "Policies", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags that you want to attach to the new user. Each tag consists of a key name and an associated value. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .\n\n> If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request fails and the resource is not created.", + "title": "Tags", + "type": "array" + }, + "UserName": { + "markdownDescription": "The name of the user to create. Do not include the path in this value.\n\nThis parameter allows (per its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-. The user name must be unique within the account. User names are not distinguished by case. For example, you cannot create users named both \"John\" and \"john\".\n\nIf you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the user name.\n\nIf you specify a name, you must specify the `CAPABILITY_NAMED_IAM` value to acknowledge your template's capabilities. For more information, see [Acknowledging IAM Resources in AWS CloudFormation Templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-template.html#using-iam-capabilities) .\n\n> Naming an IAM resource can cause an unrecoverable error if you reuse the same template in multiple Regions. To prevent this, we recommend using `Fn::Join` and `AWS::Region` to create a Region-specific name, as in the following example: `{\"Fn::Join\": [\"\", [{\"Ref\": \"AWS::Region\"}, {\"Ref\": \"MyResourceName\"}]]}` .", + "title": "UserName", + "type": "string" + } + }, + "type": "object" }, - "DateFieldFormat": { - "markdownDescription": "The format for date fields in the data source. If the field specified in `DataSourceFieldName` is a date field, you must specify the date format. If the field is not a date field, an exception is thrown.", - "title": "DateFieldFormat", + "Type": { + "enum": [ + "AWS::IAM::User" + ], "type": "string" }, - "IndexFieldName": { - "markdownDescription": "The name of the index field to map to the data source field. The index field type must match the data source field type.", - "title": "IndexFieldName", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "DataSourceFieldName", - "IndexFieldName" + "Type" ], "type": "object" }, - "AWS::Kendra::DataSource.DataSourceVpcConfiguration": { + "AWS::IAM::User.LoginProfile": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of identifiers of security groups within your Amazon VPC. The security groups should enable Amazon Kendra to connect to the data source.", - "title": "SecurityGroupIds", - "type": "array" + "Password": { + "markdownDescription": "The user's password.", + "title": "Password", + "type": "string" }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of identifiers for subnets within your Amazon VPC. The subnets should be able to connect to each other in the VPC, and they should have outgoing access to the Internet through a NAT device.", - "title": "SubnetIds", - "type": "array" + "PasswordResetRequired": { + "markdownDescription": "Specifies whether the user is required to set a new password on next sign-in.", + "title": "PasswordResetRequired", + "type": "boolean" } }, "required": [ - "SecurityGroupIds", - "SubnetIds" + "Password" ], "type": "object" }, - "AWS::Kendra::DataSource.DatabaseConfiguration": { + "AWS::IAM::User.Policy": { "additionalProperties": false, "properties": { - "AclConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.AclConfiguration", - "markdownDescription": "Information about the database column that provides information for user context filtering.", - "title": "AclConfiguration" - }, - "ColumnConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ColumnConfiguration", - "markdownDescription": "Information about where the index should get the document information from the database.", - "title": "ColumnConfiguration" - }, - "ConnectionConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ConnectionConfiguration", - "markdownDescription": "Configuration information that's required to connect to a database.", - "title": "ConnectionConfiguration" + "PolicyDocument": { + "markdownDescription": "The entire contents of the policy that defines permissions. For more information, see [Overview of JSON policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policies-json) .", + "title": "PolicyDocument", + "type": "object" }, - "DatabaseEngineType": { - "markdownDescription": "The type of database engine that runs the database.", - "title": "DatabaseEngineType", + "PolicyName": { + "markdownDescription": "The friendly name (not ARN) identifying the policy.", + "title": "PolicyName", "type": "string" - }, - "SqlConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.SqlConfiguration", - "markdownDescription": "Provides information about how Amazon Kendra uses quote marks around SQL identifiers when querying a database data source.", - "title": "SqlConfiguration" - }, - "VpcConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceVpcConfiguration", - "markdownDescription": "Provides information for connecting to an Amazon VPC.", - "title": "VpcConfiguration" } }, "required": [ - "ColumnConfiguration", - "ConnectionConfiguration", - "DatabaseEngineType" + "PolicyDocument", + "PolicyName" ], "type": "object" }, - "AWS::Kendra::DataSource.DocumentAttributeCondition": { + "AWS::IAM::UserPolicy": { "additionalProperties": false, "properties": { - "ConditionDocumentAttributeKey": { - "markdownDescription": "The identifier of the document attribute used for the condition.\n\nFor example, 'Source_URI' could be an identifier for the attribute or metadata field that contains source URIs associated with the documents.\n\nAmazon Kendra currently does not support `_document_body` as an attribute key used for the condition.", - "title": "ConditionDocumentAttributeKey", + "Condition": { "type": "string" }, - "ConditionOnValue": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DocumentAttributeValue", - "markdownDescription": "The value used by the operator.\n\nFor example, you can specify the value 'financial' for strings in the 'Source_URI' field that partially match or contain this value.", - "title": "ConditionOnValue" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Operator": { - "markdownDescription": "The condition operator.\n\nFor example, you can use 'Contains' to partially match a string.", - "title": "Operator", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "PolicyDocument": { + "markdownDescription": "The policy document.\n\nYou must provide policies in JSON format in IAM. However, for AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it to IAM.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", + "title": "PolicyDocument", + "type": "object" + }, + "PolicyName": { + "markdownDescription": "The name of the policy document.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "PolicyName", + "type": "string" + }, + "UserName": { + "markdownDescription": "The name of the user to associate the policy with.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "UserName", + "type": "string" + } + }, + "required": [ + "PolicyName", + "UserName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IAM::UserPolicy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ConditionDocumentAttributeKey", - "Operator" + "Type", + "Properties" ], "type": "object" }, - "AWS::Kendra::DataSource.DocumentAttributeTarget": { + "AWS::IAM::UserToGroupAddition": { "additionalProperties": false, "properties": { - "TargetDocumentAttributeKey": { - "markdownDescription": "The identifier of the target document attribute or metadata field.\n\nFor example, 'Department' could be an identifier for the target attribute or metadata field that includes the department names associated with the documents.", - "title": "TargetDocumentAttributeKey", + "Condition": { "type": "string" }, - "TargetDocumentAttributeValue": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DocumentAttributeValue", - "markdownDescription": "The target value you want to create for the target attribute.\n\nFor example, 'Finance' could be the target value for the target attribute key 'Department'.", - "title": "TargetDocumentAttributeValue" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "TargetDocumentAttributeValueDeletion": { - "markdownDescription": "`TRUE` to delete the existing target value for your specified target attribute key. You cannot create a target value and set this to `TRUE` . To create a target value ( `TargetDocumentAttributeValue` ), set this to `FALSE` .", - "title": "TargetDocumentAttributeValueDeletion", - "type": "boolean" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "GroupName": { + "markdownDescription": "The name of the group to update.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "GroupName", + "type": "string" + }, + "Users": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the names of the users that you want to add to the group.", + "title": "Users", + "type": "array" + } + }, + "required": [ + "GroupName", + "Users" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IAM::UserToGroupAddition" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "TargetDocumentAttributeKey" + "Type", + "Properties" ], "type": "object" }, - "AWS::Kendra::DataSource.DocumentAttributeValue": { + "AWS::IAM::VirtualMFADevice": { "additionalProperties": false, "properties": { - "DateValue": { - "markdownDescription": "A date expressed as an ISO 8601 string.\n\nIt is important for the time zone to be included in the ISO 8601 date-time format. For example, 2012-03-25T12:30:10+01:00 is the ISO 8601 date-time format for March 25th 2012 at 12:30PM (plus 10 seconds) in Central European Time.", - "title": "DateValue", + "Condition": { "type": "string" }, - "LongValue": { - "markdownDescription": "A long integer value.", - "title": "LongValue", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "StringListValue": { - "items": { - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Path": { + "markdownDescription": "The path for the virtual MFA device. For more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.", + "title": "Path", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags that you want to attach to the new IAM virtual MFA device. Each tag consists of a key name and an associated value. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .\n\n> If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request fails and the resource is not created.", + "title": "Tags", + "type": "array" + }, + "Users": { + "items": { + "type": "string" + }, + "markdownDescription": "The IAM user associated with this virtual MFA device.", + "title": "Users", + "type": "array" + }, + "VirtualMfaDeviceName": { + "markdownDescription": "The name of the virtual MFA device, which must be unique. Use with path to uniquely identify a virtual MFA device.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "VirtualMfaDeviceName", + "type": "string" + } }, - "markdownDescription": "A list of strings. The default maximum length or number of strings is 10.", - "title": "StringListValue", - "type": "array" + "required": [ + "Users" + ], + "type": "object" }, - "StringValue": { - "markdownDescription": "A string, such as \"department\".", - "title": "StringValue", + "Type": { + "enum": [ + "AWS::IAM::VirtualMFADevice" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::Kendra::DataSource.DocumentsMetadataConfiguration": { - "additionalProperties": false, - "properties": { - "S3Prefix": { - "markdownDescription": "A prefix used to filter metadata configuration files in the AWS S3 bucket. The S3 bucket might contain multiple metadata files. Use `S3Prefix` to include only the desired metadata files.", - "title": "S3Prefix", + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::Kendra::DataSource.GoogleDriveConfiguration": { + "AWS::IVS::Channel": { "additionalProperties": false, "properties": { - "ExcludeMimeTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of MIME types to exclude from the index. All documents matching the specified MIME type are excluded.\n\nFor a list of MIME types, see [Using a Google Workspace Drive data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-google-drive.html) .", - "title": "ExcludeMimeTypes", - "type": "array" + "Condition": { + "type": "string" }, - "ExcludeSharedDrives": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of identifiers or shared drives to exclude from the index. All files and folders stored on the shared drive are excluded.", - "title": "ExcludeSharedDrives", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ExcludeUserAccounts": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of email addresses of the users. Documents owned by these users are excluded from the index. Documents shared with excluded users are indexed unless they are excluded in another way.", - "title": "ExcludeUserAccounts", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ExclusionPatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of regular expression patterns to exclude certain items in your Google Drive, including shared drives and users' My Drives. Items that match the patterns are excluded from the index. Items that don't match the patterns are included in the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.", - "title": "ExclusionPatterns", - "type": "array" + "Metadata": { + "type": "object" }, - "FieldMappings": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + "Properties": { + "additionalProperties": false, + "properties": { + "Authorized": { + "markdownDescription": "Whether the channel is authorized.\n\n*Default* : `false`", + "title": "Authorized", + "type": "boolean" + }, + "ContainerFormat": { + "markdownDescription": "Indicates which content-packaging format is used (MPEG-TS or fMP4). If `multitrackInputConfiguration` is specified and `enabled` is `true` , then `containerFormat` is required and must be set to `FRAGMENTED_MP4` . Otherwise, `containerFormat` may be set to `TS` or `FRAGMENTED_MP4` . Default: `TS` .", + "title": "ContainerFormat", + "type": "string" + }, + "InsecureIngest": { + "markdownDescription": "Whether the channel allows insecure RTMP ingest.\n\n*Default* : `false`", + "title": "InsecureIngest", + "type": "boolean" + }, + "LatencyMode": { + "markdownDescription": "Channel latency mode. Valid values:\n\n- `NORMAL` : Use NORMAL to broadcast and deliver live video up to Full HD.\n- `LOW` : Use LOW for near real-time interactions with viewers.\n\n> In the console, `LOW` and `NORMAL` correspond to `Ultra-low` and `Standard` , respectively. \n\n*Default* : `LOW`", + "title": "LatencyMode", + "type": "string" + }, + "MultitrackInputConfiguration": { + "$ref": "#/definitions/AWS::IVS::Channel.MultitrackInputConfiguration", + "markdownDescription": "Object specifying multitrack input configuration. Default: no multitrack input configuration is specified.", + "title": "MultitrackInputConfiguration" + }, + "Name": { + "markdownDescription": "Channel name.", + "title": "Name", + "type": "string" + }, + "Preset": { + "markdownDescription": "An optional transcode preset for the channel. This is selectable only for `ADVANCED_HD` and `ADVANCED_SD` channel types. For those channel types, the default preset is `HIGHER_BANDWIDTH_DELIVERY` . For other channel types ( `BASIC` and `STANDARD` ), `preset` is the empty string (\"\").", + "title": "Preset", + "type": "string" + }, + "RecordingConfigurationArn": { + "markdownDescription": "The ARN of a RecordingConfiguration resource. An empty string indicates that recording is disabled for the channel. A RecordingConfiguration ARN indicates that recording is enabled using the specified recording configuration. See the [RecordingConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ivs-recordingconfiguration.html) resource for more information and an example.\n\n*Default* : \"\" (empty string, recording is disabled)", + "title": "RecordingConfigurationArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-channel-tag.html) .", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "The channel type, which determines the allowable resolution and bitrate. *If you exceed the allowable resolution or bitrate, the stream probably will disconnect immediately.* For details, see [Channel Types](https://docs.aws.amazon.com/ivs/latest/LowLatencyAPIReference/channel-types.html) .\n\n*Default* : `STANDARD`", + "title": "Type", + "type": "string" + } }, - "markdownDescription": "Maps Google Drive data source attributes or field names to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Google Drive fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Google Drive data source field names must exist in your Google Drive custom metadata.", - "title": "FieldMappings", - "type": "array" + "type": "object" }, - "InclusionPatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of regular expression patterns to include certain items in your Google Drive, including shared drives and users' My Drives. Items that match the patterns are included in the index. Items that don't match the patterns are excluded from the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.", - "title": "InclusionPatterns", - "type": "array" + "Type": { + "enum": [ + "AWS::IVS::Channel" + ], + "type": "string" }, - "SecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of a AWS Secrets Manager secret that contains the credentials required to connect to Google Drive. For more information, see [Using a Google Workspace Drive data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-google-drive.html) .", - "title": "SecretArn", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "SecretArn" + "Type" ], "type": "object" }, - "AWS::Kendra::DataSource.HookConfiguration": { + "AWS::IVS::Channel.MultitrackInputConfiguration": { "additionalProperties": false, "properties": { - "InvocationCondition": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DocumentAttributeCondition", - "markdownDescription": "The condition used for when a Lambda function should be invoked.\n\nFor example, you can specify a condition that if there are empty date-time values, then Amazon Kendra should invoke a function that inserts the current date-time.", - "title": "InvocationCondition" + "Enabled": { + "markdownDescription": "Indicates whether multitrack input is enabled. Can be set to `true` only if channel type is `STANDARD` . Setting `enabled` to `true` with any other channel type will cause an exception. If `true` , then `policy` , `maximumResolution` , and `containerFormat` are required, and `containerFormat` must be set to `FRAGMENTED_MP4` . Default: `false` .", + "title": "Enabled", + "type": "boolean" }, - "LambdaArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role with permission to run a Lambda function during ingestion. For more information, see [an IAM roles for Amazon Kendra](https://docs.aws.amazon.com/kendra/latest/dg/iam-roles.html) .", - "title": "LambdaArn", + "MaximumResolution": { + "markdownDescription": "Maximum resolution for multitrack input. Required if `enabled` is `true` .", + "title": "MaximumResolution", "type": "string" }, - "S3Bucket": { - "markdownDescription": "Stores the original, raw documents or the structured, parsed documents before and after altering them. For more information, see [Data contracts for Lambda functions](https://docs.aws.amazon.com/kendra/latest/dg/custom-document-enrichment.html#cde-data-contracts-lambda) .", - "title": "S3Bucket", + "Policy": { + "markdownDescription": "Indicates whether multitrack input is allowed or required. Required if `enabled` is `true` .", + "title": "Policy", "type": "string" } }, - "required": [ - "LambdaArn", - "S3Bucket" - ], "type": "object" }, - "AWS::Kendra::DataSource.InlineCustomDocumentEnrichmentConfiguration": { + "AWS::IVS::EncoderConfiguration": { "additionalProperties": false, "properties": { "Condition": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DocumentAttributeCondition", - "markdownDescription": "Configuration of the condition used for the target document attribute or metadata field when ingesting documents into Amazon Kendra.", - "title": "Condition" - }, - "DocumentContentDeletion": { - "markdownDescription": "`TRUE` to delete content if the condition used for the target attribute is met.", - "title": "DocumentContentDeletion", - "type": "boolean" + "type": "string" }, - "Target": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DocumentAttributeTarget", - "markdownDescription": "Configuration of the target document attribute or metadata field when ingesting documents into Amazon Kendra. You can also include a value.", - "title": "Target" - } - }, - "type": "object" - }, - "AWS::Kendra::DataSource.OneDriveConfiguration": { - "additionalProperties": false, - "properties": { - "DisableLocalGroups": { - "markdownDescription": "`TRUE` to disable local groups information.", - "title": "DisableLocalGroups", - "type": "boolean" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ExclusionPatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of regular expression patterns to exclude certain documents in your OneDrive. Documents that match the patterns are excluded from the index. Documents that don't match the patterns are included in the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index.\n\nThe pattern is applied to the file name.", - "title": "ExclusionPatterns", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "FieldMappings": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" - }, - "markdownDescription": "A list of `DataSourceToIndexFieldMapping` objects that map OneDrive data source attributes or field names to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to OneDrive fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The OneDrive data source field names must exist in your OneDrive custom metadata.", - "title": "FieldMappings", - "type": "array" + "Metadata": { + "type": "object" }, - "InclusionPatterns": { - "items": { - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "Encoder cnfiguration name.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-encoderconfiguration-tag.html) .", + "title": "Tags", + "type": "array" + }, + "Video": { + "$ref": "#/definitions/AWS::IVS::EncoderConfiguration.Video", + "markdownDescription": "Video configuration. Default: video resolution 1280x720, bitrate 2500 kbps, 30 fps. See the [Video](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-encoderconfiguration-video.html) property type for more information.", + "title": "Video" + } }, - "markdownDescription": "A list of regular expression patterns to include certain documents in your OneDrive. Documents that match the patterns are included in the index. Documents that don't match the patterns are excluded from the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index.\n\nThe pattern is applied to the file name.", - "title": "InclusionPatterns", - "type": "array" - }, - "OneDriveUsers": { - "$ref": "#/definitions/AWS::Kendra::DataSource.OneDriveUsers", - "markdownDescription": "A list of user accounts whose documents should be indexed.", - "title": "OneDriveUsers" + "type": "object" }, - "SecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that contains the user name and password to connect to OneDrive. The user name should be the application ID for the OneDrive application, and the password is the application key for the OneDrive application.", - "title": "SecretArn", + "Type": { + "enum": [ + "AWS::IVS::EncoderConfiguration" + ], "type": "string" }, - "TenantDomain": { - "markdownDescription": "The Azure Active Directory domain of the organization.", - "title": "TenantDomain", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "OneDriveUsers", - "SecretArn", - "TenantDomain" + "Type" ], "type": "object" }, - "AWS::Kendra::DataSource.OneDriveUsers": { + "AWS::IVS::EncoderConfiguration.Video": { "additionalProperties": false, "properties": { - "OneDriveUserList": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of users whose documents should be indexed. Specify the user names in email format, for example, `username@tenantdomain` . If you need to index the documents of more than 10 users, use the `OneDriveUserS3Path` field to specify the location of a file containing a list of users.", - "title": "OneDriveUserList", - "type": "array" + "Bitrate": { + "markdownDescription": "Bitrate for generated output, in bps. Default: 2500000.", + "title": "Bitrate", + "type": "number" }, - "OneDriveUserS3Path": { - "$ref": "#/definitions/AWS::Kendra::DataSource.S3Path", - "markdownDescription": "The S3 bucket location of a file containing a list of users whose documents should be indexed.", - "title": "OneDriveUserS3Path" - } - }, - "type": "object" - }, - "AWS::Kendra::DataSource.ProxyConfiguration": { - "additionalProperties": false, - "properties": { - "Credentials": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret. You create a secret to store your credentials in [AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html)\n\nThe credentials are optional. You use a secret if web proxy credentials are required to connect to a website host. Amazon Kendra currently support basic authentication to connect to a web proxy server. The secret stores your credentials.", - "title": "Credentials", - "type": "string" + "Framerate": { + "markdownDescription": "Video frame rate, in fps. Default: 30.", + "title": "Framerate", + "type": "number" }, - "Host": { - "markdownDescription": "The name of the website host you want to connect to via a web proxy server.\n\nFor example, the host name of https://a.example.com/page1.html is \"a.example.com\".", - "title": "Host", - "type": "string" + "Height": { + "markdownDescription": "Video-resolution height. Note that the maximum value is determined by width times height, such that the maximum total pixels is 2073600 (1920x1080 or 1080x1920). Default: 720.", + "title": "Height", + "type": "number" }, - "Port": { - "markdownDescription": "The port number of the website host you want to connect to via a web proxy server.\n\nFor example, the port for https://a.example.com/page1.html is 443, the standard port for HTTPS.", - "title": "Port", + "Width": { + "markdownDescription": "Video-resolution width. Note that the maximum value is determined by width times height, such that the maximum total pixels is 2073600 (1920x1080 or 1080x1920). Default: 1280.", + "title": "Width", "type": "number" } }, - "required": [ - "Host", - "Port" - ], "type": "object" }, - "AWS::Kendra::DataSource.S3DataSourceConfiguration": { + "AWS::IVS::IngestConfiguration": { "additionalProperties": false, "properties": { - "AccessControlListConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.AccessControlListConfiguration", - "markdownDescription": "Provides the path to the S3 bucket that contains the user context filtering files for the data source. For the format of the file, see [Access control for S3 data sources](https://docs.aws.amazon.com/kendra/latest/dg/s3-acl.html) .", - "title": "AccessControlListConfiguration" + "Condition": { + "type": "string" }, - "BucketName": { - "markdownDescription": "The name of the bucket that contains the documents.", - "title": "BucketName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "DocumentsMetadataConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DocumentsMetadataConfiguration", - "markdownDescription": "Specifies document metadata files that contain information such as the document access control information, source URI, document author, and custom attributes. Each metadata file contains metadata about a single document.", - "title": "DocumentsMetadataConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ExclusionPatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of glob patterns (patterns that can expand a wildcard pattern into a list of path names that match the given pattern) for certain file names and file types to exclude from your index. If a document matches both an inclusion and exclusion prefix or pattern, the exclusion prefix takes precendence and the document is not indexed. Examples of glob patterns include:\n\n- */myapp/config/** \u2014All files inside config directory.\n- ***/*.png* \u2014All .png files in all directories.\n- ***/*.{png, ico, md}* \u2014All .png, .ico or .md files in all directories.\n- */myapp/src/**/*.ts* \u2014All .ts files inside src directory (and all its subdirectories).\n- ***/!(*.module).ts* \u2014All .ts files but not .module.ts\n- **.png , *.jpg* \u2014All PNG and JPEG image files in a directory (files with the extensions .png and .jpg).\n- **internal** \u2014All files in a directory that contain 'internal' in the file name, such as 'internal', 'internal_only', 'company_internal'.\n- ***/*internal** \u2014All internal-related files in a directory and its subdirectories.\n\nFor more examples, see [Use of Exclude and Include Filters](https://docs.aws.amazon.com/cli/latest/reference/s3/#use-of-exclude-and-include-filters) in the AWS CLI Command Reference.", - "title": "ExclusionPatterns", - "type": "array" + "Metadata": { + "type": "object" }, - "InclusionPatterns": { - "items": { - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "IngestProtocol": { + "markdownDescription": "Type of ingest protocol that the user employs for broadcasting.", + "title": "IngestProtocol", + "type": "string" + }, + "InsecureIngest": { + "markdownDescription": "Whether the channel allows insecure RTMP ingest. Default: `false` .", + "title": "InsecureIngest", + "type": "boolean" + }, + "Name": { + "markdownDescription": "Ingest name.", + "title": "Name", + "type": "string" + }, + "StageArn": { + "markdownDescription": "ARN of the stage with which the IngestConfiguration is associated.", + "title": "StageArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.", + "title": "Tags", + "type": "array" + }, + "UserId": { + "markdownDescription": "Customer-assigned name to help identify the participant using the IngestConfiguration; this can be used to link a participant to a user in the customer\u2019s own systems. This can be any UTF-8 encoded text. *This field is exposed to all stage participants and should not be used for personally identifying, confidential, or sensitive information.*", + "title": "UserId", + "type": "string" + } }, - "markdownDescription": "A list of glob patterns (patterns that can expand a wildcard pattern into a list of path names that match the given pattern) for certain file names and file types to include in your index. If a document matches both an inclusion and exclusion prefix or pattern, the exclusion prefix takes precendence and the document is not indexed. Examples of glob patterns include:\n\n- */myapp/config/** \u2014All files inside config directory.\n- ***/*.png* \u2014All .png files in all directories.\n- ***/*.{png, ico, md}* \u2014All .png, .ico or .md files in all directories.\n- */myapp/src/**/*.ts* \u2014All .ts files inside src directory (and all its subdirectories).\n- ***/!(*.module).ts* \u2014All .ts files but not .module.ts\n- **.png , *.jpg* \u2014All PNG and JPEG image files in a directory (files with the extensions .png and .jpg).\n- **internal** \u2014All files in a directory that contain 'internal' in the file name, such as 'internal', 'internal_only', 'company_internal'.\n- ***/*internal** \u2014All internal-related files in a directory and its subdirectories.\n\nFor more examples, see [Use of Exclude and Include Filters](https://docs.aws.amazon.com/cli/latest/reference/s3/#use-of-exclude-and-include-filters) in the AWS CLI Command Reference.", - "title": "InclusionPatterns", - "type": "array" + "type": "object" }, - "InclusionPrefixes": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of S3 prefixes for the documents that should be included in the index.", - "title": "InclusionPrefixes", - "type": "array" - } - }, - "required": [ - "BucketName" - ], - "type": "object" - }, - "AWS::Kendra::DataSource.S3Path": { - "additionalProperties": false, - "properties": { - "Bucket": { - "markdownDescription": "The name of the S3 bucket that contains the file.", - "title": "Bucket", + "Type": { + "enum": [ + "AWS::IVS::IngestConfiguration" + ], "type": "string" }, - "Key": { - "markdownDescription": "The name of the file.", - "title": "Key", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Bucket", - "Key" + "Type" ], "type": "object" }, - "AWS::Kendra::DataSource.SalesforceChatterFeedConfiguration": { + "AWS::IVS::PlaybackKeyPair": { "additionalProperties": false, "properties": { - "DocumentDataFieldName": { - "markdownDescription": "The name of the column in the Salesforce FeedItem table that contains the content to index. Typically this is the `Body` column.", - "title": "DocumentDataFieldName", + "Condition": { "type": "string" }, - "DocumentTitleFieldName": { - "markdownDescription": "The name of the column in the Salesforce FeedItem table that contains the title of the document. This is typically the `Title` column.", - "title": "DocumentTitleFieldName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "FieldMappings": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" - }, - "markdownDescription": "Maps fields from a Salesforce chatter feed into Amazon Kendra index fields.", - "title": "FieldMappings", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "IncludeFilterTypes": { - "items": { - "type": "string" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "Playback-key-pair name. The value does not need to be unique.", + "title": "Name", + "type": "string" + }, + "PublicKeyMaterial": { + "markdownDescription": "The public portion of a customer-generated key pair. Note that this field is required to create the AWS::IVS::PlaybackKeyPair resource.", + "title": "PublicKeyMaterial", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-playbackkeypair-tag.html) .", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "Filters the documents in the feed based on status of the user. When you specify `ACTIVE_USERS` only documents from users who have an active account are indexed. When you specify `STANDARD_USER` only documents for Salesforce standard users are documented. You can specify both.", - "title": "IncludeFilterTypes", - "type": "array" + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IVS::PlaybackKeyPair" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "DocumentDataFieldName" + "Type" ], "type": "object" }, - "AWS::Kendra::DataSource.SalesforceConfiguration": { + "AWS::IVS::PlaybackRestrictionPolicy": { "additionalProperties": false, "properties": { - "ChatterFeedConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceChatterFeedConfiguration", - "markdownDescription": "Configuration information for Salesforce chatter feeds.", - "title": "ChatterFeedConfiguration" + "Condition": { + "type": "string" }, - "CrawlAttachments": { - "markdownDescription": "Indicates whether Amazon Kendra should index attachments to Salesforce objects.", - "title": "CrawlAttachments", - "type": "boolean" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ExcludeAttachmentFilePatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of regular expression patterns to exclude certain documents in your Salesforce. Documents that match the patterns are excluded from the index. Documents that don't match the patterns are included in the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index.\n\nThe pattern is applied to the name of the attached file.", - "title": "ExcludeAttachmentFilePatterns", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "IncludeAttachmentFilePatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of regular expression patterns to include certain documents in your Salesforce. Documents that match the patterns are included in the index. Documents that don't match the patterns are excluded from the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index.\n\nThe pattern is applied to the name of the attached file.", - "title": "IncludeAttachmentFilePatterns", - "type": "array" + "Metadata": { + "type": "object" }, - "KnowledgeArticleConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceKnowledgeArticleConfiguration", - "markdownDescription": "Configuration information for the knowledge article types that Amazon Kendra indexes. Amazon Kendra indexes standard knowledge articles and the standard fields of knowledge articles, or the custom fields of custom knowledge articles, but not both.", - "title": "KnowledgeArticleConfiguration" + "Properties": { + "additionalProperties": false, + "properties": { + "AllowedCountries": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of country codes that control geoblocking restrictions. Allowed values are the officially assigned ISO 3166-1 alpha-2 codes. Default: All countries (an empty array).", + "title": "AllowedCountries", + "type": "array" + }, + "AllowedOrigins": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of origin sites that control CORS restriction. Allowed values are the same as valid values of the Origin header defined at [https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin\"](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin)", + "title": "AllowedOrigins", + "type": "array" + }, + "EnableStrictOriginEnforcement": { + "markdownDescription": "Whether channel playback is constrained by the origin site.", + "title": "EnableStrictOriginEnforcement", + "type": "boolean" + }, + "Name": { + "markdownDescription": "Playback-restriction-policy name.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-playbackrestrictionpolicy-tag.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "AllowedCountries", + "AllowedOrigins" + ], + "type": "object" }, - "SecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that contains the key/value pairs required to connect to your Salesforce instance. The secret must contain a JSON structure with the following keys:\n\n- authenticationUrl - The OAUTH endpoint that Amazon Kendra connects to get an OAUTH token.\n- consumerKey - The application public key generated when you created your Salesforce application.\n- consumerSecret - The application private key generated when you created your Salesforce application.\n- password - The password associated with the user logging in to the Salesforce instance.\n- securityToken - The token associated with the user logging in to the Salesforce instance.\n- username - The user name of the user logging in to the Salesforce instance.", - "title": "SecretArn", + "Type": { + "enum": [ + "AWS::IVS::PlaybackRestrictionPolicy" + ], "type": "string" }, - "ServerUrl": { - "markdownDescription": "The instance URL for the Salesforce site that you want to index.", - "title": "ServerUrl", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "StandardObjectAttachmentConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceStandardObjectAttachmentConfiguration", - "markdownDescription": "Configuration information for processing attachments to Salesforce standard objects.", - "title": "StandardObjectAttachmentConfiguration" - }, - "StandardObjectConfigurations": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceStandardObjectConfiguration" - }, - "markdownDescription": "Configuration of the Salesforce standard objects that Amazon Kendra indexes.", - "title": "StandardObjectConfigurations", - "type": "array" } }, "required": [ - "SecretArn", - "ServerUrl" + "Type", + "Properties" ], "type": "object" }, - "AWS::Kendra::DataSource.SalesforceCustomKnowledgeArticleTypeConfiguration": { + "AWS::IVS::PublicKey": { "additionalProperties": false, "properties": { - "DocumentDataFieldName": { - "markdownDescription": "The name of the field in the custom knowledge article that contains the document data to index.", - "title": "DocumentDataFieldName", + "Condition": { "type": "string" }, - "DocumentTitleFieldName": { - "markdownDescription": "The name of the field in the custom knowledge article that contains the document title.", - "title": "DocumentTitleFieldName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "FieldMappings": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" - }, - "markdownDescription": "Maps attributes or field names of the custom knowledge article to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Salesforce fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Salesforce data source field names must exist in your Salesforce custom metadata.", - "title": "FieldMappings", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Name": { - "markdownDescription": "The name of the configuration.", - "title": "Name", - "type": "string" - } - }, - "required": [ - "DocumentDataFieldName", - "Name" - ], - "type": "object" - }, - "AWS::Kendra::DataSource.SalesforceKnowledgeArticleConfiguration": { - "additionalProperties": false, - "properties": { - "CustomKnowledgeArticleTypeConfigurations": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceCustomKnowledgeArticleTypeConfiguration" - }, - "markdownDescription": "Configuration information for custom Salesforce knowledge articles.", - "title": "CustomKnowledgeArticleTypeConfigurations", - "type": "array" + "Metadata": { + "type": "object" }, - "IncludedStates": { - "items": { - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "Public key name. The value does not need to be unique.", + "title": "Name", + "type": "string" + }, + "PublicKeyMaterial": { + "markdownDescription": "The public portion of a customer-generated key pair. Note that this field is required to create the AWS::IVS::PublicKey resource.", + "title": "PublicKeyMaterial", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "Specifies the document states that should be included when Amazon Kendra indexes knowledge articles. You must specify at least one state.", - "title": "IncludedStates", - "type": "array" + "type": "object" }, - "StandardKnowledgeArticleTypeConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceStandardKnowledgeArticleTypeConfiguration", - "markdownDescription": "Configuration information for standard Salesforce knowledge articles.", - "title": "StandardKnowledgeArticleTypeConfiguration" - } - }, - "required": [ - "IncludedStates" - ], - "type": "object" - }, - "AWS::Kendra::DataSource.SalesforceStandardKnowledgeArticleTypeConfiguration": { - "additionalProperties": false, - "properties": { - "DocumentDataFieldName": { - "markdownDescription": "The name of the field that contains the document data to index.", - "title": "DocumentDataFieldName", + "Type": { + "enum": [ + "AWS::IVS::PublicKey" + ], "type": "string" }, - "DocumentTitleFieldName": { - "markdownDescription": "The name of the field that contains the document title.", - "title": "DocumentTitleFieldName", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "FieldMappings": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" - }, - "markdownDescription": "Maps attributes or field names of the knowledge article to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Salesforce fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Salesforce data source field names must exist in your Salesforce custom metadata.", - "title": "FieldMappings", - "type": "array" } }, "required": [ - "DocumentDataFieldName" + "Type" ], "type": "object" }, - "AWS::Kendra::DataSource.SalesforceStandardObjectAttachmentConfiguration": { + "AWS::IVS::RecordingConfiguration": { "additionalProperties": false, "properties": { - "DocumentTitleFieldName": { - "markdownDescription": "The name of the field used for the document title.", - "title": "DocumentTitleFieldName", + "Condition": { "type": "string" }, - "FieldMappings": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" - }, - "markdownDescription": "One or more objects that map fields in attachments to Amazon Kendra index fields.", - "title": "FieldMappings", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Kendra::DataSource.SalesforceStandardObjectConfiguration": { - "additionalProperties": false, - "properties": { - "DocumentDataFieldName": { - "markdownDescription": "The name of the field in the standard object table that contains the document contents.", - "title": "DocumentDataFieldName", - "type": "string" - }, - "DocumentTitleFieldName": { - "markdownDescription": "The name of the field in the standard object table that contains the document title.", - "title": "DocumentTitleFieldName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "FieldMappings": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" - }, - "markdownDescription": "Maps attributes or field names of the standard object to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Salesforce fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Salesforce data source field names must exist in your Salesforce custom metadata.", - "title": "FieldMappings", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the standard object.", - "title": "Name", - "type": "string" - } - }, - "required": [ - "DocumentDataFieldName", - "Name" - ], - "type": "object" - }, - "AWS::Kendra::DataSource.ServiceNowConfiguration": { - "additionalProperties": false, - "properties": { - "AuthenticationType": { - "markdownDescription": "The type of authentication used to connect to the ServiceNow instance. If you choose `HTTP_BASIC` , Amazon Kendra is authenticated using the user name and password provided in the AWS Secrets Manager secret in the `SecretArn` field. If you choose `OAUTH2` , Amazon Kendra is authenticated using the credentials of client ID, client secret, user name and password.\n\nWhen you use `OAUTH2` authentication, you must generate a token and a client secret using the ServiceNow console. For more information, see [Using a ServiceNow data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-servicenow.html) .", - "title": "AuthenticationType", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "HostUrl": { - "markdownDescription": "The ServiceNow instance that the data source connects to. The host endpoint should look like the following: *{instance}.service-now.com.*", - "title": "HostUrl", - "type": "string" + "Metadata": { + "type": "object" }, - "KnowledgeArticleConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ServiceNowKnowledgeArticleConfiguration", - "markdownDescription": "Configuration information for crawling knowledge articles in the ServiceNow site.", - "title": "KnowledgeArticleConfiguration" + "Properties": { + "additionalProperties": false, + "properties": { + "DestinationConfiguration": { + "$ref": "#/definitions/AWS::IVS::RecordingConfiguration.DestinationConfiguration", + "markdownDescription": "A destination configuration describes an S3 bucket where recorded video will be stored. See the DestinationConfiguration property type for more information.", + "title": "DestinationConfiguration" + }, + "Name": { + "markdownDescription": "Recording-configuration name. The value does not need to be unique.", + "title": "Name", + "type": "string" + }, + "RecordingReconnectWindowSeconds": { + "markdownDescription": "If a broadcast disconnects and then reconnects within the specified interval, the multiple streams will be considered a single broadcast and merged together.\n\n*Default* : `0`", + "title": "RecordingReconnectWindowSeconds", + "type": "number" + }, + "RenditionConfiguration": { + "$ref": "#/definitions/AWS::IVS::RecordingConfiguration.RenditionConfiguration", + "markdownDescription": "A rendition configuration describes which renditions should be recorded for a stream. See the RenditionConfiguration property type for more information.", + "title": "RenditionConfiguration" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-recordingconfiguration-tag.html) .", + "title": "Tags", + "type": "array" + }, + "ThumbnailConfiguration": { + "$ref": "#/definitions/AWS::IVS::RecordingConfiguration.ThumbnailConfiguration", + "markdownDescription": "A thumbnail configuration enables/disables the recording of thumbnails for a live session and controls the interval at which thumbnails are generated for the live session. See the ThumbnailConfiguration property type for more information.", + "title": "ThumbnailConfiguration" + } + }, + "required": [ + "DestinationConfiguration" + ], + "type": "object" }, - "SecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Secrets Manager secret that contains the user name and password required to connect to the ServiceNow instance. You can also provide OAuth authentication credentials of user name, password, client ID, and client secret. For more information, see [Using a ServiceNow data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-servicenow.html) .", - "title": "SecretArn", + "Type": { + "enum": [ + "AWS::IVS::RecordingConfiguration" + ], "type": "string" }, - "ServiceCatalogConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ServiceNowServiceCatalogConfiguration", - "markdownDescription": "Configuration information for crawling service catalogs in the ServiceNow site.", - "title": "ServiceCatalogConfiguration" - }, - "ServiceNowBuildVersion": { - "markdownDescription": "The identifier of the release that the ServiceNow host is running. If the host is not running the `LONDON` release, use `OTHERS` .", - "title": "ServiceNowBuildVersion", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "HostUrl", - "SecretArn", - "ServiceNowBuildVersion" + "Type", + "Properties" ], "type": "object" }, - "AWS::Kendra::DataSource.ServiceNowKnowledgeArticleConfiguration": { + "AWS::IVS::RecordingConfiguration.DestinationConfiguration": { "additionalProperties": false, "properties": { - "CrawlAttachments": { - "markdownDescription": "`TRUE` to index attachments to knowledge articles.", - "title": "CrawlAttachments", - "type": "boolean" - }, - "DocumentDataFieldName": { - "markdownDescription": "The name of the ServiceNow field that is mapped to the index document contents field in the Amazon Kendra index.", - "title": "DocumentDataFieldName", - "type": "string" - }, - "DocumentTitleFieldName": { - "markdownDescription": "The name of the ServiceNow field that is mapped to the index document title field.", - "title": "DocumentTitleFieldName", - "type": "string" - }, - "ExcludeAttachmentFilePatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of regular expression patterns applied to exclude certain knowledge article attachments. Attachments that match the patterns are excluded from the index. Items that don't match the patterns are included in the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.", - "title": "ExcludeAttachmentFilePatterns", - "type": "array" - }, - "FieldMappings": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" - }, - "markdownDescription": "Maps attributes or field names of knoweldge articles to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to ServiceNow fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The ServiceNow data source field names must exist in your ServiceNow custom metadata.", - "title": "FieldMappings", - "type": "array" - }, - "FilterQuery": { - "markdownDescription": "A query that selects the knowledge articles to index. The query can return articles from multiple knowledge bases, and the knowledge bases can be public or private.\n\nThe query string must be one generated by the ServiceNow console. For more information, see [Specifying documents to index with a query](https://docs.aws.amazon.com/kendra/latest/dg/servicenow-query.html) .", - "title": "FilterQuery", - "type": "string" - }, - "IncludeAttachmentFilePatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of regular expression patterns applied to include knowledge article attachments. Attachments that match the patterns are included in the index. Items that don't match the patterns are excluded from the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.", - "title": "IncludeAttachmentFilePatterns", - "type": "array" + "S3": { + "$ref": "#/definitions/AWS::IVS::RecordingConfiguration.S3DestinationConfiguration", + "markdownDescription": "An S3 destination configuration where recorded videos will be stored. See the [S3DestinationConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-recordingconfiguration-s3destinationconfiguration.html) property type for more information.", + "title": "S3" } }, - "required": [ - "DocumentDataFieldName" - ], "type": "object" }, - "AWS::Kendra::DataSource.ServiceNowServiceCatalogConfiguration": { + "AWS::IVS::RecordingConfiguration.RenditionConfiguration": { "additionalProperties": false, "properties": { - "CrawlAttachments": { - "markdownDescription": "`TRUE` to index attachments to service catalog items.", - "title": "CrawlAttachments", - "type": "boolean" - }, - "DocumentDataFieldName": { - "markdownDescription": "The name of the ServiceNow field that is mapped to the index document contents field in the Amazon Kendra index.", - "title": "DocumentDataFieldName", - "type": "string" - }, - "DocumentTitleFieldName": { - "markdownDescription": "The name of the ServiceNow field that is mapped to the index document title field.", - "title": "DocumentTitleFieldName", + "RenditionSelection": { + "markdownDescription": "The set of renditions are recorded for a stream. For `BASIC` channels, the `CUSTOM` value has no effect. If `CUSTOM` is specified, a set of renditions can be specified in the `renditions` field. Default: `ALL` .", + "title": "RenditionSelection", "type": "string" }, - "ExcludeAttachmentFilePatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of regular expression patterns to exclude certain attachments of catalogs in your ServiceNow. Item that match the patterns are excluded from the index. Items that don't match the patterns are included in the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.\n\nThe regex is applied to the file name of the attachment.", - "title": "ExcludeAttachmentFilePatterns", - "type": "array" - }, - "FieldMappings": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" - }, - "markdownDescription": "Maps attributes or field names of catalogs to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to ServiceNow fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The ServiceNow data source field names must exist in your ServiceNow custom metadata.", - "title": "FieldMappings", - "type": "array" - }, - "IncludeAttachmentFilePatterns": { + "Renditions": { "items": { "type": "string" }, - "markdownDescription": "A list of regular expression patterns to include certain attachments of catalogs in your ServiceNow. Item that match the patterns are included in the index. Items that don't match the patterns are excluded from the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.\n\nThe regex is applied to the file name of the attachment.", - "title": "IncludeAttachmentFilePatterns", + "markdownDescription": "A list of which renditions are recorded for a stream, if `renditionSelection` is `CUSTOM` ; otherwise, this field is irrelevant. The selected renditions are recorded if they are available during the stream. If a selected rendition is unavailable, the best available rendition is recorded. For details on the resolution dimensions of each rendition, see [Auto-Record to Amazon S3](https://docs.aws.amazon.com//ivs/latest/LowLatencyUserGuide/record-to-s3.html) .", + "title": "Renditions", "type": "array" } }, - "required": [ - "DocumentDataFieldName" - ], "type": "object" }, - "AWS::Kendra::DataSource.SharePointConfiguration": { + "AWS::IVS::RecordingConfiguration.S3DestinationConfiguration": { "additionalProperties": false, "properties": { - "CrawlAttachments": { - "markdownDescription": "`TRUE` to index document attachments.", - "title": "CrawlAttachments", - "type": "boolean" - }, - "DisableLocalGroups": { - "markdownDescription": "`TRUE` to disable local groups information.", - "title": "DisableLocalGroups", - "type": "boolean" - }, - "DocumentTitleFieldName": { - "markdownDescription": "The Microsoft SharePoint attribute field that contains the title of the document.", - "title": "DocumentTitleFieldName", - "type": "string" - }, - "ExclusionPatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of regular expression patterns. Documents that match the patterns are excluded from the index. Documents that don't match the patterns are included in the index. If a document matches both an exclusion pattern and an inclusion pattern, the document is not included in the index.\n\nThe regex is applied to the display URL of the SharePoint document.", - "title": "ExclusionPatterns", - "type": "array" - }, - "FieldMappings": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" - }, - "markdownDescription": "A list of `DataSourceToIndexFieldMapping` objects that map Microsoft SharePoint attributes or fields to Amazon Kendra index fields. You must first create the index fields using the [UpdateIndex](https://docs.aws.amazon.com/kendra/latest/dg/API_UpdateIndex.html) operation before you map SharePoint attributes. For more information, see [Mapping Data Source Fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) .", - "title": "FieldMappings", - "type": "array" - }, - "InclusionPatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of regular expression patterns to include certain documents in your SharePoint. Documents that match the patterns are included in the index. Documents that don't match the patterns are excluded from the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index.\n\nThe regex applies to the display URL of the SharePoint document.", - "title": "InclusionPatterns", - "type": "array" - }, - "SecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that contains the user name and password required to connect to the SharePoint instance. For more information, see [Microsoft SharePoint](https://docs.aws.amazon.com/kendra/latest/dg/data-source-sharepoint.html) .", - "title": "SecretArn", - "type": "string" - }, - "SharePointVersion": { - "markdownDescription": "The version of Microsoft SharePoint that you use.", - "title": "SharePointVersion", + "BucketName": { + "markdownDescription": "Location (S3 bucket name) where recorded videos will be stored.", + "title": "BucketName", "type": "string" - }, - "SslCertificateS3Path": { - "$ref": "#/definitions/AWS::Kendra::DataSource.S3Path", - "markdownDescription": "Information required to find a specific file in an Amazon S3 bucket.", - "title": "SslCertificateS3Path" - }, - "Urls": { - "items": { - "type": "string" - }, - "markdownDescription": "The Microsoft SharePoint site URLs for the documents you want to index.", - "title": "Urls", - "type": "array" - }, - "UseChangeLog": { - "markdownDescription": "`TRUE` to use the SharePoint change log to determine which documents require updating in the index. Depending on the change log's size, it may take longer for Amazon Kendra to use the change log than to scan all of your documents in SharePoint.", - "title": "UseChangeLog", - "type": "boolean" - }, - "VpcConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceVpcConfiguration", - "markdownDescription": "Provides information for connecting to an Amazon VPC.", - "title": "VpcConfiguration" } }, "required": [ - "SecretArn", - "SharePointVersion", - "Urls" + "BucketName" ], "type": "object" }, - "AWS::Kendra::DataSource.SqlConfiguration": { - "additionalProperties": false, - "properties": { - "QueryIdentifiersEnclosingOption": { - "markdownDescription": "Determines whether Amazon Kendra encloses SQL identifiers for tables and column names in double quotes (\") when making a database query. You can set the value to `DOUBLE_QUOTES` or `NONE` .\n\nBy default, Amazon Kendra passes SQL identifiers the way that they are entered into the data source configuration. It does not change the case of identifiers or enclose them in quotes.\n\nPostgreSQL internally converts uppercase characters to lower case characters in identifiers unless they are quoted. Choosing this option encloses identifiers in quotes so that PostgreSQL does not convert the character's case.\n\nFor MySQL databases, you must enable the ansi_quotes option when you set this field to `DOUBLE_QUOTES` .", - "title": "QueryIdentifiersEnclosingOption", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Kendra::DataSource.WebCrawlerAuthenticationConfiguration": { - "additionalProperties": false, - "properties": { - "BasicAuthentication": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.WebCrawlerBasicAuthentication" - }, - "markdownDescription": "The list of configuration information that's required to connect to and crawl a website host using basic authentication credentials.\n\nThe list includes the name and port number of the website host.", - "title": "BasicAuthentication", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Kendra::DataSource.WebCrawlerBasicAuthentication": { + "AWS::IVS::RecordingConfiguration.ThumbnailConfiguration": { "additionalProperties": false, "properties": { - "Credentials": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret. You create a secret to store your credentials in [AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html)\n\nYou use a secret if basic authentication credentials are required to connect to a website. The secret stores your credentials of user name and password.", - "title": "Credentials", - "type": "string" - }, - "Host": { - "markdownDescription": "The name of the website host you want to connect to using authentication credentials.\n\nFor example, the host name of https://a.example.com/page1.html is \"a.example.com\".", - "title": "Host", + "RecordingMode": { + "markdownDescription": "Thumbnail recording mode. Valid values:\n\n- `DISABLED` : Use DISABLED to disable the generation of thumbnails for recorded video.\n- `INTERVAL` : Use INTERVAL to enable the generation of thumbnails for recorded video at a time interval controlled by the [TargetIntervalSeconds](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-recordingconfiguration-thumbnailconfiguration.html#cfn-ivs-recordingconfiguration-thumbnailconfiguration-targetintervalseconds) property.\n\n*Default* : `INTERVAL`", + "title": "RecordingMode", "type": "string" }, - "Port": { - "markdownDescription": "The port number of the website host you want to connect to using authentication credentials.\n\nFor example, the port for https://a.example.com/page1.html is 443, the standard port for HTTPS.", - "title": "Port", - "type": "number" - } - }, - "required": [ - "Credentials", - "Host", - "Port" - ], - "type": "object" - }, - "AWS::Kendra::DataSource.WebCrawlerConfiguration": { - "additionalProperties": false, - "properties": { - "AuthenticationConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.WebCrawlerAuthenticationConfiguration", - "markdownDescription": "Configuration information required to connect to websites using authentication.\n\nYou can connect to websites using basic authentication of user name and password. You use a secret in [AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html) to store your authentication credentials.\n\nYou must provide the website host name and port number. For example, the host name of https://a.example.com/page1.html is \"a.example.com\" and the port is 443, the standard port for HTTPS.", - "title": "AuthenticationConfiguration" - }, - "CrawlDepth": { - "markdownDescription": "The 'depth' or number of levels from the seed level to crawl. For example, the seed URL page is depth 1 and any hyperlinks on this page that are also crawled are depth 2.", - "title": "CrawlDepth", - "type": "number" - }, - "MaxContentSizePerPageInMegaBytes": { - "markdownDescription": "The maximum size (in MB) of a web page or attachment to crawl.\n\nFiles larger than this size (in MB) are skipped/not crawled.\n\nThe default maximum size of a web page or attachment is set to 50 MB.", - "title": "MaxContentSizePerPageInMegaBytes", - "type": "number" - }, - "MaxLinksPerPage": { - "markdownDescription": "The maximum number of URLs on a web page to include when crawling a website. This number is per web page.\n\nAs a website\u2019s web pages are crawled, any URLs the web pages link to are also crawled. URLs on a web page are crawled in order of appearance.\n\nThe default maximum links per page is 100.", - "title": "MaxLinksPerPage", - "type": "number" - }, - "MaxUrlsPerMinuteCrawlRate": { - "markdownDescription": "The maximum number of URLs crawled per website host per minute.\n\nA minimum of one URL is required.\n\nThe default maximum number of URLs crawled per website host per minute is 300.", - "title": "MaxUrlsPerMinuteCrawlRate", - "type": "number" - }, - "ProxyConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ProxyConfiguration", - "markdownDescription": "Configuration information required to connect to your internal websites via a web proxy.\n\nYou must provide the website host name and port number. For example, the host name of https://a.example.com/page1.html is \"a.example.com\" and the port is 443, the standard port for HTTPS.\n\nWeb proxy credentials are optional and you can use them to connect to a web proxy server that requires basic authentication. To store web proxy credentials, you use a secret in [AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html) .", - "title": "ProxyConfiguration" - }, - "UrlExclusionPatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of regular expression patterns to exclude certain URLs to crawl. URLs that match the patterns are excluded from the index. URLs that don't match the patterns are included in the index. If a URL matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the URL file isn't included in the index.", - "title": "UrlExclusionPatterns", - "type": "array" - }, - "UrlInclusionPatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of regular expression patterns to include certain URLs to crawl. URLs that match the patterns are included in the index. URLs that don't match the patterns are excluded from the index. If a URL matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the URL file isn't included in the index.", - "title": "UrlInclusionPatterns", - "type": "array" - }, - "Urls": { - "$ref": "#/definitions/AWS::Kendra::DataSource.WebCrawlerUrls", - "markdownDescription": "Specifies the seed or starting point URLs of the websites or the sitemap URLs of the websites you want to crawl.\n\nYou can include website subdomains. You can list up to 100 seed URLs and up to three sitemap URLs.\n\nYou can only crawl websites that use the secure communication protocol, Hypertext Transfer Protocol Secure (HTTPS). If you receive an error when crawling a website, it could be that the website is blocked from crawling.\n\n*When selecting websites to index, you must adhere to the [Amazon Acceptable Use Policy](https://docs.aws.amazon.com/aup/) and all other Amazon terms. Remember that you must only use Amazon Kendra Web Crawler to index your own webpages, or webpages that you have authorization to index.*", - "title": "Urls" - } - }, - "required": [ - "Urls" - ], - "type": "object" - }, - "AWS::Kendra::DataSource.WebCrawlerSeedUrlConfiguration": { - "additionalProperties": false, - "properties": { - "SeedUrls": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of seed or starting point URLs of the websites you want to crawl.\n\nThe list can include a maximum of 100 seed URLs.", - "title": "SeedUrls", - "type": "array" - }, - "WebCrawlerMode": { - "markdownDescription": "You can choose one of the following modes:\n\n- `HOST_ONLY` \u2014crawl only the website host names. For example, if the seed URL is \"abc.example.com\", then only URLs with host name \"abc.example.com\" are crawled.\n- `SUBDOMAINS` \u2014crawl the website host names with subdomains. For example, if the seed URL is \"abc.example.com\", then \"a.abc.example.com\" and \"b.abc.example.com\" are also crawled.\n- `EVERYTHING` \u2014crawl the website host names with subdomains and other domains that the web pages link to.\n\nThe default mode is set to `HOST_ONLY` .", - "title": "WebCrawlerMode", + "Resolution": { + "markdownDescription": "The desired resolution of recorded thumbnails for a stream. Thumbnails are recorded at the selected resolution if the corresponding rendition is available during the stream; otherwise, they are recorded at source resolution. For more information about resolution values and their corresponding height and width dimensions, see [Auto-Record to Amazon S3](https://docs.aws.amazon.com//ivs/latest/LowLatencyUserGuide/record-to-s3.html) .", + "title": "Resolution", "type": "string" - } - }, - "required": [ - "SeedUrls" - ], - "type": "object" - }, - "AWS::Kendra::DataSource.WebCrawlerSiteMapsConfiguration": { - "additionalProperties": false, - "properties": { - "SiteMaps": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of sitemap URLs of the websites you want to crawl.\n\nThe list can include a maximum of three sitemap URLs.", - "title": "SiteMaps", - "type": "array" - } - }, - "required": [ - "SiteMaps" - ], - "type": "object" - }, - "AWS::Kendra::DataSource.WebCrawlerUrls": { - "additionalProperties": false, - "properties": { - "SeedUrlConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.WebCrawlerSeedUrlConfiguration", - "markdownDescription": "Configuration of the seed or starting point URLs of the websites you want to crawl.\n\nYou can choose to crawl only the website host names, or the website host names with subdomains, or the website host names with subdomains and other domains that the web pages link to.\n\nYou can list up to 100 seed URLs.", - "title": "SeedUrlConfiguration" - }, - "SiteMapsConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.WebCrawlerSiteMapsConfiguration", - "markdownDescription": "Configuration of the sitemap URLs of the websites you want to crawl.\n\nOnly URLs belonging to the same website host names are crawled. You can list up to three sitemap URLs.", - "title": "SiteMapsConfiguration" - } - }, - "type": "object" - }, - "AWS::Kendra::DataSource.WorkDocsConfiguration": { - "additionalProperties": false, - "properties": { - "CrawlComments": { - "markdownDescription": "`TRUE` to include comments on documents in your index. Including comments in your index means each comment is a document that can be searched on.\n\nThe default is set to `FALSE` .", - "title": "CrawlComments", - "type": "boolean" - }, - "ExclusionPatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of regular expression patterns to exclude certain files in your Amazon WorkDocs site repository. Files that match the patterns are excluded from the index. Files that don\u2019t match the patterns are included in the index. If a file matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the file isn't included in the index.", - "title": "ExclusionPatterns", - "type": "array" - }, - "FieldMappings": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" - }, - "markdownDescription": "A list of `DataSourceToIndexFieldMapping` objects that map Amazon WorkDocs data source attributes or field names to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Amazon WorkDocs fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Amazon WorkDocs data source field names must exist in your Amazon WorkDocs custom metadata.", - "title": "FieldMappings", - "type": "array" }, - "InclusionPatterns": { + "Storage": { "items": { "type": "string" }, - "markdownDescription": "A list of regular expression patterns to include certain files in your Amazon WorkDocs site repository. Files that match the patterns are included in the index. Files that don't match the patterns are excluded from the index. If a file matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the file isn't included in the index.", - "title": "InclusionPatterns", + "markdownDescription": "The format in which thumbnails are recorded for a stream. `SEQUENTIAL` records all generated thumbnails in a serial manner, to the media/thumbnails directory. `LATEST` saves the latest thumbnail in media/thumbnails/latest/thumb.jpg and overwrites it at the interval specified by `targetIntervalSeconds` . You can enable both `SEQUENTIAL` and `LATEST` . Default: `SEQUENTIAL` .", + "title": "Storage", "type": "array" }, - "OrganizationId": { - "markdownDescription": "The identifier of the directory corresponding to your Amazon WorkDocs site repository.\n\nYou can find the organization ID in the [AWS Directory Service](https://docs.aws.amazon.com/directoryservicev2/) by going to *Active Directory* , then *Directories* . Your Amazon WorkDocs site directory has an ID, which is the organization ID. You can also set up a new Amazon WorkDocs directory in the AWS Directory Service console and enable a Amazon WorkDocs site for the directory in the Amazon WorkDocs console.", - "title": "OrganizationId", - "type": "string" - }, - "UseChangeLog": { - "markdownDescription": "`TRUE` to use the Amazon WorkDocs change log to determine which documents require updating in the index. Depending on the change log's size, it may take longer for Amazon Kendra to use the change log than to scan all of your documents in Amazon WorkDocs.", - "title": "UseChangeLog", - "type": "boolean" + "TargetIntervalSeconds": { + "markdownDescription": "The targeted thumbnail-generation interval in seconds. This is configurable (and required) only if [RecordingMode](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-recordingconfiguration-thumbnailconfiguration.html#cfn-ivs-recordingconfiguration-thumbnailconfiguration-recordingmode) is `INTERVAL` .\n\n> Setting a value for `TargetIntervalSeconds` does not guarantee that thumbnails are generated at the specified interval. For thumbnails to be generated at the `TargetIntervalSeconds` interval, the `IDR/Keyframe` value for the input video must be less than the `TargetIntervalSeconds` value. See [Amazon IVS Streaming Configuration](https://docs.aws.amazon.com/ivs/latest/LowLatencyUserGuide/streaming-config.html) for information on setting `IDR/Keyframe` to the recommended value in video-encoder settings. \n\n*Default* : 60", + "title": "TargetIntervalSeconds", + "type": "number" } }, - "required": [ - "OrganizationId" - ], "type": "object" }, - "AWS::Kendra::Faq": { + "AWS::IVS::Stage": { "additionalProperties": false, "properties": { "Condition": { @@ -136163,61 +140832,30 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description for the FAQ.", - "title": "Description", - "type": "string" - }, - "FileFormat": { - "markdownDescription": "The format of the input file. You can choose between a basic CSV format, a CSV format that includes customs attributes in a header, and a JSON format that includes custom attributes.\n\nThe format must match the format of the file stored in the S3 bucket identified in the S3Path parameter.\n\nValid values are:\n\n- `CSV`\n- `CSV_WITH_HEADER`\n- `JSON`", - "title": "FileFormat", - "type": "string" - }, - "IndexId": { - "markdownDescription": "The identifier of the index that contains the FAQ.", - "title": "IndexId", - "type": "string" - }, - "LanguageCode": { - "markdownDescription": "The code for a language. This shows a supported language for the FAQ document as part of the summary information for FAQs. English is supported by default. For more information on supported languages, including their codes, see [Adding documents in languages other than English](https://docs.aws.amazon.com/kendra/latest/dg/in-adding-languages.html) .", - "title": "LanguageCode", - "type": "string" + "AutoParticipantRecordingConfiguration": { + "$ref": "#/definitions/AWS::IVS::Stage.AutoParticipantRecordingConfiguration", + "markdownDescription": "", + "title": "AutoParticipantRecordingConfiguration" }, "Name": { - "markdownDescription": "The name that you assigned the FAQ when you created or updated the FAQ.", + "markdownDescription": "Stage name.", "title": "Name", "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of a role with permission to access the S3 bucket that contains the FAQ.", - "title": "RoleArn", - "type": "string" - }, - "S3Path": { - "$ref": "#/definitions/AWS::Kendra::Faq.S3Path", - "markdownDescription": "The Amazon Simple Storage Service (Amazon S3) location of the FAQ input data.", - "title": "S3Path" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-stage-tag.html) .", "title": "Tags", "type": "array" } }, - "required": [ - "IndexId", - "Name", - "RoleArn", - "S3Path" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Kendra::Faq" + "AWS::IVS::Stage" ], "type": "string" }, @@ -136231,32 +140869,33 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Kendra::Faq.S3Path": { + "AWS::IVS::Stage.AutoParticipantRecordingConfiguration": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The name of the S3 bucket that contains the file.", - "title": "Bucket", - "type": "string" + "MediaTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "Types of media to be recorded. Default: `AUDIO_VIDEO` .", + "title": "MediaTypes", + "type": "array" }, - "Key": { - "markdownDescription": "The name of the file.", - "title": "Key", + "StorageConfigurationArn": { + "markdownDescription": "ARN of the StorageConfiguration resource to use for individual participant recording. Default: \"\" (empty string, no storage configuration is specified). Individual participant recording cannot be started unless a storage configuration is specified, when a Stage is created or updated.", + "title": "StorageConfigurationArn", "type": "string" } }, "required": [ - "Bucket", - "Key" + "StorageConfigurationArn" ], "type": "object" }, - "AWS::Kendra::Index": { + "AWS::IVS::StorageConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -136291,76 +140930,33 @@ "Properties": { "additionalProperties": false, "properties": { - "CapacityUnits": { - "$ref": "#/definitions/AWS::Kendra::Index.CapacityUnitsConfiguration", - "markdownDescription": "Specifies additional capacity units configured for your Enterprise Edition index. You can add and remove capacity units to fit your usage requirements.", - "title": "CapacityUnits" - }, - "Description": { - "markdownDescription": "A description for the index.", - "title": "Description", - "type": "string" - }, - "DocumentMetadataConfigurations": { - "items": { - "$ref": "#/definitions/AWS::Kendra::Index.DocumentMetadataConfiguration" - }, - "markdownDescription": "Specifies the properties of an index field. You can add either a custom or a built-in field. You can add and remove built-in fields at any time. When a built-in field is removed it's configuration reverts to the default for the field. Custom fields can't be removed from an index after they are added.", - "title": "DocumentMetadataConfigurations", - "type": "array" - }, - "Edition": { - "markdownDescription": "Indicates whether the index is a Enterprise Edition index, a Developer Edition index, or a GenAI Enterprise Edition index.", - "title": "Edition", - "type": "string" - }, "Name": { - "markdownDescription": "The name of the index.", + "markdownDescription": "Storage cnfiguration name.", "title": "Name", "type": "string" }, - "RoleArn": { - "markdownDescription": "An IAM role that gives Amazon Kendra permissions to access your Amazon CloudWatch logs and metrics. This is also the role used when you use the [BatchPutDocument](https://docs.aws.amazon.com/kendra/latest/dg/BatchPutDocument.html) operation to index documents from an Amazon S3 bucket.", - "title": "RoleArn", - "type": "string" - }, - "ServerSideEncryptionConfiguration": { - "$ref": "#/definitions/AWS::Kendra::Index.ServerSideEncryptionConfiguration", - "markdownDescription": "The identifier of the AWS KMS customer managed key (CMK) to use to encrypt data indexed by Amazon Kendra. Amazon Kendra doesn't support asymmetric CMKs.", - "title": "ServerSideEncryptionConfiguration" + "S3": { + "$ref": "#/definitions/AWS::IVS::StorageConfiguration.S3StorageConfiguration", + "markdownDescription": "An S3 storage configuration contains information about where recorded video will be stored. See the [S3StorageConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-storageconfiguration-s3storageconfiguration.html) property type for more information.", + "title": "S3" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-storageconfiguration-tag.html) .", "title": "Tags", "type": "array" - }, - "UserContextPolicy": { - "markdownDescription": "The user context policy.\n\nATTRIBUTE_FILTER\n\n- All indexed content is searchable and displayable for all users. If you want to filter search results on user context, you can use the attribute filters of `_user_id` and `_group_ids` or you can provide user and group information in `UserContext` .\n\nUSER_TOKEN\n\n- Enables token-based user access control to filter search results on user context. All documents with no access control and all documents accessible to the user will be searchable and displayable.", - "title": "UserContextPolicy", - "type": "string" - }, - "UserTokenConfigurations": { - "items": { - "$ref": "#/definitions/AWS::Kendra::Index.UserTokenConfiguration" - }, - "markdownDescription": "Defines the type of user token used for the index.", - "title": "UserTokenConfigurations", - "type": "array" } }, "required": [ - "Edition", - "Name", - "RoleArn" + "S3" ], "type": "object" }, "Type": { "enum": [ - "AWS::Kendra::Index" + "AWS::IVS::StorageConfiguration" ], "type": "string" }, @@ -136379,224 +140975,21 @@ ], "type": "object" }, - "AWS::Kendra::Index.CapacityUnitsConfiguration": { - "additionalProperties": false, - "properties": { - "QueryCapacityUnits": { - "markdownDescription": "The amount of extra query capacity for an index and [GetQuerySuggestions](https://docs.aws.amazon.com/kendra/latest/dg/API_GetQuerySuggestions.html) capacity.\n\nA single extra capacity unit for an index provides 0.1 queries per second or approximately 8,000 queries per day. You can add up to 100 extra capacity units.\n\n`GetQuerySuggestions` capacity is five times the provisioned query capacity for an index, or the base capacity of 2.5 calls per second, whichever is higher. For example, the base capacity for an index is 0.1 queries per second, and `GetQuerySuggestions` capacity has a base of 2.5 calls per second. If you add another 0.1 queries per second to total 0.2 queries per second for an index, the `GetQuerySuggestions` capacity is 2.5 calls per second (higher than five times 0.2 queries per second).", - "title": "QueryCapacityUnits", - "type": "number" - }, - "StorageCapacityUnits": { - "markdownDescription": "The amount of extra storage capacity for an index. A single capacity unit provides 30 GB of storage space or 100,000 documents, whichever is reached first. You can add up to 100 extra capacity units.", - "title": "StorageCapacityUnits", - "type": "number" - } - }, - "required": [ - "QueryCapacityUnits", - "StorageCapacityUnits" - ], - "type": "object" - }, - "AWS::Kendra::Index.DocumentMetadataConfiguration": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the index field.", - "title": "Name", - "type": "string" - }, - "Relevance": { - "$ref": "#/definitions/AWS::Kendra::Index.Relevance", - "markdownDescription": "Provides tuning parameters to determine how the field affects the search results.", - "title": "Relevance" - }, - "Search": { - "$ref": "#/definitions/AWS::Kendra::Index.Search", - "markdownDescription": "Provides information about how the field is used during a search.", - "title": "Search" - }, - "Type": { - "markdownDescription": "The data type of the index field.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Name", - "Type" - ], - "type": "object" - }, - "AWS::Kendra::Index.JsonTokenTypeConfiguration": { - "additionalProperties": false, - "properties": { - "GroupAttributeField": { - "markdownDescription": "The group attribute field.", - "title": "GroupAttributeField", - "type": "string" - }, - "UserNameAttributeField": { - "markdownDescription": "The user name attribute field.", - "title": "UserNameAttributeField", - "type": "string" - } - }, - "required": [ - "GroupAttributeField", - "UserNameAttributeField" - ], - "type": "object" - }, - "AWS::Kendra::Index.JwtTokenTypeConfiguration": { + "AWS::IVS::StorageConfiguration.S3StorageConfiguration": { "additionalProperties": false, "properties": { - "ClaimRegex": { - "markdownDescription": "The regular expression that identifies the claim.", - "title": "ClaimRegex", - "type": "string" - }, - "GroupAttributeField": { - "markdownDescription": "The group attribute field.", - "title": "GroupAttributeField", - "type": "string" - }, - "Issuer": { - "markdownDescription": "The issuer of the token.", - "title": "Issuer", - "type": "string" - }, - "KeyLocation": { - "markdownDescription": "The location of the key.", - "title": "KeyLocation", - "type": "string" - }, - "SecretManagerArn": { - "markdownDescription": "The Amazon Resource Name (arn) of the secret.", - "title": "SecretManagerArn", - "type": "string" - }, - "URL": { - "markdownDescription": "The signing key URL.", - "title": "URL", - "type": "string" - }, - "UserNameAttributeField": { - "markdownDescription": "The user name attribute field.", - "title": "UserNameAttributeField", + "BucketName": { + "markdownDescription": "Name of the S3 bucket where recorded video will be stored.", + "title": "BucketName", "type": "string" } }, "required": [ - "KeyLocation" + "BucketName" ], "type": "object" }, - "AWS::Kendra::Index.Relevance": { - "additionalProperties": false, - "properties": { - "Duration": { - "markdownDescription": "Specifies the time period that the boost applies to. For example, to make the boost apply to documents with the field value within the last month, you would use \"2628000s\". Once the field value is beyond the specified range, the effect of the boost drops off. The higher the importance, the faster the effect drops off. If you don't specify a value, the default is 3 months. The value of the field is a numeric string followed by the character \"s\", for example \"86400s\" for one day, or \"604800s\" for one week.\n\nOnly applies to `DATE` fields.", - "title": "Duration", - "type": "string" - }, - "Freshness": { - "markdownDescription": "Indicates that this field determines how \"fresh\" a document is. For example, if document 1 was created on November 5, and document 2 was created on October 31, document 1 is \"fresher\" than document 2. Only applies to `DATE` fields.", - "title": "Freshness", - "type": "boolean" - }, - "Importance": { - "markdownDescription": "The relative importance of the field in the search. Larger numbers provide more of a boost than smaller numbers.", - "title": "Importance", - "type": "number" - }, - "RankOrder": { - "markdownDescription": "Determines how values should be interpreted.\n\nWhen the `RankOrder` field is `ASCENDING` , higher numbers are better. For example, a document with a rating score of 10 is higher ranking than a document with a rating score of 1.\n\nWhen the `RankOrder` field is `DESCENDING` , lower numbers are better. For example, in a task tracking application, a priority 1 task is more important than a priority 5 task.\n\nOnly applies to `LONG` fields.", - "title": "RankOrder", - "type": "string" - }, - "ValueImportanceItems": { - "items": { - "$ref": "#/definitions/AWS::Kendra::Index.ValueImportanceItem" - }, - "markdownDescription": "An array of key-value pairs for different boosts when they appear in the search result list. For example, if you want to boost query terms that match the \"department\" field in the result, query terms that match this field are boosted in the result. You can add entries from the department field to boost documents with those values higher.\n\nFor example, you can add entries to the map with names of departments. If you add \"HR\", 5 and \"Legal\",3 those departments are given special attention when they appear in the metadata of a document.", - "title": "ValueImportanceItems", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Kendra::Index.Search": { - "additionalProperties": false, - "properties": { - "Displayable": { - "markdownDescription": "Determines whether the field is returned in the query response. The default is `true` .", - "title": "Displayable", - "type": "boolean" - }, - "Facetable": { - "markdownDescription": "Indicates that the field can be used to create search facets, a count of results for each value in the field. The default is `false` .", - "title": "Facetable", - "type": "boolean" - }, - "Searchable": { - "markdownDescription": "Determines whether the field is used in the search. If the `Searchable` field is `true` , you can use relevance tuning to manually tune how Amazon Kendra weights the field in the search. The default is `true` for string fields and `false` for number and date fields.", - "title": "Searchable", - "type": "boolean" - }, - "Sortable": { - "markdownDescription": "Determines whether the field can be used to sort the results of a query. The default is `false` .", - "title": "Sortable", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::Kendra::Index.ServerSideEncryptionConfiguration": { - "additionalProperties": false, - "properties": { - "KmsKeyId": { - "markdownDescription": "The identifier of the AWS KMS key . Amazon Kendra doesn't support asymmetric keys.", - "title": "KmsKeyId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Kendra::Index.UserTokenConfiguration": { - "additionalProperties": false, - "properties": { - "JsonTokenTypeConfiguration": { - "$ref": "#/definitions/AWS::Kendra::Index.JsonTokenTypeConfiguration", - "markdownDescription": "Information about the JSON token type configuration.", - "title": "JsonTokenTypeConfiguration" - }, - "JwtTokenTypeConfiguration": { - "$ref": "#/definitions/AWS::Kendra::Index.JwtTokenTypeConfiguration", - "markdownDescription": "Information about the JWT token type configuration.", - "title": "JwtTokenTypeConfiguration" - } - }, - "type": "object" - }, - "AWS::Kendra::Index.ValueImportanceItem": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "The document metadata value used for the search boost.", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "The boost value for a document when the key is part of the metadata of a document.", - "title": "Value", - "type": "number" - } - }, - "type": "object" - }, - "AWS::KendraRanking::ExecutionPlan": { + "AWS::IVS::StreamKey": { "additionalProperties": false, "properties": { "Condition": { @@ -136631,38 +141024,28 @@ "Properties": { "additionalProperties": false, "properties": { - "CapacityUnits": { - "$ref": "#/definitions/AWS::KendraRanking::ExecutionPlan.CapacityUnitsConfiguration", - "markdownDescription": "You can set additional capacity units to meet the needs of your rescore execution plan. You are given a single capacity unit by default. If you want to use the default capacity, you don't set additional capacity units. For more information on the default capacity and additional capacity units, see [Adjusting capacity](https://docs.aws.amazon.com/kendra/latest/dg/adjusting-capacity.html) .", - "title": "CapacityUnits" - }, - "Description": { - "markdownDescription": "A description for the rescore execution plan.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "A name for the rescore execution plan.", - "title": "Name", + "ChannelArn": { + "markdownDescription": "Channel ARN for the stream.", + "title": "ChannelArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of key-value pairs that identify or categorize your rescore execution plan. You can also use tags to help control access to the rescore execution plan. Tag keys and values can consist of Unicode letters, digits, white space. They can also consist of underscore, period, colon, equal, plus, and asperand.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-streamkey-tag.html) .", "title": "Tags", "type": "array" } }, "required": [ - "Name" + "ChannelArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::KendraRanking::ExecutionPlan" + "AWS::IVS::StreamKey" ], "type": "string" }, @@ -136681,21 +141064,7 @@ ], "type": "object" }, - "AWS::KendraRanking::ExecutionPlan.CapacityUnitsConfiguration": { - "additionalProperties": false, - "properties": { - "RescoreCapacityUnits": { - "markdownDescription": "The amount of extra capacity for your rescore execution plan.\n\nA single extra capacity unit for a rescore execution plan provides 0.01 rescore requests per second. You can add up to 1000 extra capacity units.", - "title": "RescoreCapacityUnits", - "type": "number" - } - }, - "required": [ - "RescoreCapacityUnits" - ], - "type": "object" - }, - "AWS::Kinesis::Stream": { + "AWS::IVSChat::LoggingConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -136730,45 +141099,33 @@ "Properties": { "additionalProperties": false, "properties": { + "DestinationConfiguration": { + "$ref": "#/definitions/AWS::IVSChat::LoggingConfiguration.DestinationConfiguration", + "markdownDescription": "The DestinationConfiguration is a complex type that contains information about where chat content will be logged.", + "title": "DestinationConfiguration" + }, "Name": { - "markdownDescription": "The name of the Kinesis stream. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the stream name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nIf you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "markdownDescription": "Logging-configuration name. The value does not need to be unique.", "title": "Name", "type": "string" }, - "RetentionPeriodHours": { - "markdownDescription": "The number of hours for the data records that are stored in shards to remain accessible. The default value is 24. For more information about the stream retention period, see [Changing the Data Retention Period](https://docs.aws.amazon.com/streams/latest/dev/kinesis-extended-retention.html) in the Amazon Kinesis Developer Guide.", - "title": "RetentionPeriodHours", - "type": "number" - }, - "ShardCount": { - "markdownDescription": "The number of shards that the stream uses. For greater provisioned throughput, increase the number of shards.", - "title": "ShardCount", - "type": "number" - }, - "StreamEncryption": { - "$ref": "#/definitions/AWS::Kinesis::Stream.StreamEncryption", - "markdownDescription": "When specified, enables or updates server-side encryption using an AWS KMS key for a specified stream. Removing this property from your stack template and updating your stack disables encryption.", - "title": "StreamEncryption" - }, - "StreamModeDetails": { - "$ref": "#/definitions/AWS::Kinesis::Stream.StreamModeDetails", - "markdownDescription": "Specifies the capacity mode to which you want to set your data stream. Currently, in Kinesis Data Streams, you can choose between an *on-demand* capacity mode and a *provisioned* capacity mode for your data streams.", - "title": "StreamModeDetails" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An arbitrary set of tags (key\u2013value pairs) to associate with the Kinesis stream. For information about constraints for this property, see [Tag Restrictions](https://docs.aws.amazon.com/streams/latest/dev/tagging.html#tagging-restrictions) in the *Amazon Kinesis Developer Guide* .", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivschat-loggingconfiguration-tag.html) .", "title": "Tags", "type": "array" } }, + "required": [ + "DestinationConfiguration" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Kinesis::Stream" + "AWS::IVSChat::LoggingConfiguration" ], "type": "string" }, @@ -136782,45 +141139,75 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Kinesis::Stream.StreamEncryption": { + "AWS::IVSChat::LoggingConfiguration.CloudWatchLogsDestinationConfiguration": { "additionalProperties": false, "properties": { - "EncryptionType": { - "markdownDescription": "The encryption type to use. The only valid value is `KMS` .", - "title": "EncryptionType", + "LogGroupName": { + "markdownDescription": "Name of the Amazon Cloudwatch Logs destination where chat activity will be logged.", + "title": "LogGroupName", "type": "string" + } + }, + "required": [ + "LogGroupName" + ], + "type": "object" + }, + "AWS::IVSChat::LoggingConfiguration.DestinationConfiguration": { + "additionalProperties": false, + "properties": { + "CloudWatchLogs": { + "$ref": "#/definitions/AWS::IVSChat::LoggingConfiguration.CloudWatchLogsDestinationConfiguration", + "markdownDescription": "An Amazon CloudWatch Logs destination configuration where chat activity will be logged.", + "title": "CloudWatchLogs" }, - "KeyId": { - "markdownDescription": "The GUID for the customer-managed AWS KMS key to use for encryption. This value can be a globally unique identifier, a fully specified Amazon Resource Name (ARN) to either an alias or a key, or an alias name prefixed by \"alias/\".You can also use a master key owned by Kinesis Data Streams by specifying the alias `aws/kinesis` .\n\n- Key ARN example: `arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012`\n- Alias ARN example: `arn:aws:kms:us-east-1:123456789012:alias/MyAliasName`\n- Globally unique key ID example: `12345678-1234-1234-1234-123456789012`\n- Alias name example: `alias/MyAliasName`\n- Master key owned by Kinesis Data Streams: `alias/aws/kinesis`", - "title": "KeyId", + "Firehose": { + "$ref": "#/definitions/AWS::IVSChat::LoggingConfiguration.FirehoseDestinationConfiguration", + "markdownDescription": "An Amazon Kinesis Data Firehose destination configuration where chat activity will be logged.", + "title": "Firehose" + }, + "S3": { + "$ref": "#/definitions/AWS::IVSChat::LoggingConfiguration.S3DestinationConfiguration", + "markdownDescription": "An Amazon S3 destination configuration where chat activity will be logged.", + "title": "S3" + } + }, + "type": "object" + }, + "AWS::IVSChat::LoggingConfiguration.FirehoseDestinationConfiguration": { + "additionalProperties": false, + "properties": { + "DeliveryStreamName": { + "markdownDescription": "Name of the Amazon Kinesis Firehose delivery stream where chat activity will be logged.", + "title": "DeliveryStreamName", "type": "string" } }, "required": [ - "EncryptionType", - "KeyId" + "DeliveryStreamName" ], "type": "object" }, - "AWS::Kinesis::Stream.StreamModeDetails": { + "AWS::IVSChat::LoggingConfiguration.S3DestinationConfiguration": { "additionalProperties": false, "properties": { - "StreamMode": { - "markdownDescription": "Specifies the capacity mode to which you want to set your data stream. Currently, in Kinesis Data Streams, you can choose between an *on-demand* capacity mode and a *provisioned* capacity mode for your data streams.", - "title": "StreamMode", + "BucketName": { + "markdownDescription": "Name of the Amazon S3 bucket where chat activity will be logged.", + "title": "BucketName", "type": "string" } }, "required": [ - "StreamMode" + "BucketName" ], "type": "object" }, - "AWS::Kinesis::StreamConsumer": { + "AWS::IVSChat::Room": { "additionalProperties": false, "properties": { "Condition": { @@ -136855,26 +141242,48 @@ "Properties": { "additionalProperties": false, "properties": { - "ConsumerName": { - "markdownDescription": "The name of the consumer is something you choose when you register the consumer.", - "title": "ConsumerName", + "LoggingConfigurationIdentifiers": { + "items": { + "type": "string" + }, + "markdownDescription": "List of logging-configuration identifiers attached to the room.", + "title": "LoggingConfigurationIdentifiers", + "type": "array" + }, + "MaximumMessageLength": { + "markdownDescription": "Maximum number of characters in a single message. Messages are expected to be UTF-8 encoded and this limit applies specifically to rune/code-point count, not number of bytes.", + "title": "MaximumMessageLength", + "type": "number" + }, + "MaximumMessageRatePerSecond": { + "markdownDescription": "Maximum number of messages per second that can be sent to the room (by all clients).", + "title": "MaximumMessageRatePerSecond", + "type": "number" + }, + "MessageReviewHandler": { + "$ref": "#/definitions/AWS::IVSChat::Room.MessageReviewHandler", + "markdownDescription": "Configuration information for optional review of messages.", + "title": "MessageReviewHandler" + }, + "Name": { + "markdownDescription": "Room name. The value does not need to be unique.", + "title": "Name", "type": "string" }, - "StreamARN": { - "markdownDescription": "The ARN of the stream with which you registered the consumer.", - "title": "StreamARN", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivschat-room-tag.html) .", + "title": "Tags", + "type": "array" } }, - "required": [ - "ConsumerName", - "StreamARN" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Kinesis::StreamConsumer" + "AWS::IVSChat::Room" ], "type": "string" }, @@ -136888,12 +141297,27 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::KinesisAnalytics::Application": { + "AWS::IVSChat::Room.MessageReviewHandler": { + "additionalProperties": false, + "properties": { + "FallbackResult": { + "markdownDescription": "Specifies the fallback behavior (whether the message is allowed or denied) if the handler does not return a valid response, encounters an error, or times out. (For the timeout period, see [Service Quotas](https://docs.aws.amazon.com/ivs/latest/userguide/service-quotas.html) .) If allowed, the message is delivered with returned content to all users connected to the room. If denied, the message is not delivered to any user.\n\n*Default* : `ALLOW`", + "title": "FallbackResult", + "type": "string" + }, + "Uri": { + "markdownDescription": "Identifier of the message review handler. Currently this must be an ARN of a lambda function.", + "title": "Uri", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IdentityStore::Group": { "additionalProperties": false, "properties": { "Condition": { @@ -136928,38 +141352,31 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationCode": { - "markdownDescription": "One or more SQL statements that read input data, transform it, and generate output. For example, you can write a SQL statement that reads data from one in-application stream, generates a running average of the number of advertisement clicks by vendor, and insert resulting rows in another in-application stream using pumps. For more information about the typical pattern, see [Application Code](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/how-it-works-app-code.html) .\n\nYou can provide such series of SQL statements, where output of one statement can be used as the input for the next statement. You store intermediate results by creating in-application streams and pumps.\n\nNote that the application code must create the streams with names specified in the `Outputs` . For example, if your `Outputs` defines output streams named `ExampleOutputStream1` and `ExampleOutputStream2` , then your application code must create these streams.", - "title": "ApplicationCode", + "Description": { + "markdownDescription": "A string containing the description of the group.", + "title": "Description", "type": "string" }, - "ApplicationDescription": { - "markdownDescription": "Summary description of the application.", - "title": "ApplicationDescription", + "DisplayName": { + "markdownDescription": "The display name value for the group. The length limit is 1,024 characters. This value can consist of letters, accented characters, symbols, numbers, punctuation, tab, new line, carriage return, space, and nonbreaking space in this attribute. This value is specified at the time the group is created and stored as an attribute of the group object in the identity store.\n\nPrefix search supports a maximum of 1,000 characters for the string.", + "title": "DisplayName", "type": "string" }, - "ApplicationName": { - "markdownDescription": "Name of your Amazon Kinesis Analytics application (for example, `sample-app` ).", - "title": "ApplicationName", + "IdentityStoreId": { + "markdownDescription": "The globally unique identifier for the identity store.", + "title": "IdentityStoreId", "type": "string" - }, - "Inputs": { - "items": { - "$ref": "#/definitions/AWS::KinesisAnalytics::Application.Input" - }, - "markdownDescription": "Use this parameter to configure the application input.\n\nYou can configure your application to receive input from a single streaming source. In this configuration, you map this streaming source to an in-application stream that is created. Your application code can then query the in-application stream like a table (you can think of it as a constantly updating table).\n\nFor the streaming source, you provide its Amazon Resource Name (ARN) and format of data on the stream (for example, JSON, CSV, etc.). You also must provide an IAM role that Amazon Kinesis Analytics can assume to read this stream on your behalf.\n\nTo create the in-application stream, you need to specify a schema to transform your data into a schematized version used in SQL. In the schema, you provide the necessary mapping of the data elements in the streaming source to record columns in the in-app stream.", - "title": "Inputs", - "type": "array" } }, "required": [ - "Inputs" + "DisplayName", + "IdentityStoreId" ], "type": "object" }, "Type": { "enum": [ - "AWS::KinesisAnalytics::Application" + "AWS::IdentityStore::Group" ], "type": "string" }, @@ -136978,251 +141395,100 @@ ], "type": "object" }, - "AWS::KinesisAnalytics::Application.CSVMappingParameters": { + "AWS::IdentityStore::GroupMembership": { "additionalProperties": false, "properties": { - "RecordColumnDelimiter": { - "markdownDescription": "Column delimiter. For example, in a CSV format, a comma (\",\") is the typical column delimiter.", - "title": "RecordColumnDelimiter", + "Condition": { "type": "string" }, - "RecordRowDelimiter": { - "markdownDescription": "Row delimiter. For example, in a CSV format, *'\\n'* is the typical row delimiter.", - "title": "RecordRowDelimiter", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "required": [ - "RecordColumnDelimiter", - "RecordRowDelimiter" - ], - "type": "object" - }, - "AWS::KinesisAnalytics::Application.Input": { - "additionalProperties": false, - "properties": { - "InputParallelism": { - "$ref": "#/definitions/AWS::KinesisAnalytics::Application.InputParallelism", - "markdownDescription": "Describes the number of in-application streams to create.\n\nData from your source is routed to these in-application input streams.\n\nSee [Configuring Application Input](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/how-it-works-input.html) .", - "title": "InputParallelism" - }, - "InputProcessingConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalytics::Application.InputProcessingConfiguration", - "markdownDescription": "The [InputProcessingConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisanalytics-application-inputprocessingconfiguration.html) for the input. An input processor transforms records as they are received from the stream, before the application's SQL code executes. Currently, the only input processing configuration available is [InputLambdaProcessor](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisanalytics-application-inputlambdaprocessor.html) .", - "title": "InputProcessingConfiguration" - }, - "InputSchema": { - "$ref": "#/definitions/AWS::KinesisAnalytics::Application.InputSchema", - "markdownDescription": "Describes the format of the data in the streaming source, and how each data element maps to corresponding columns in the in-application stream that is being created.\n\nAlso used to describe the format of the reference data source.", - "title": "InputSchema" - }, - "KinesisFirehoseInput": { - "$ref": "#/definitions/AWS::KinesisAnalytics::Application.KinesisFirehoseInput", - "markdownDescription": "If the streaming source is an Amazon Kinesis Firehose delivery stream, identifies the delivery stream's ARN and an IAM role that enables Amazon Kinesis Analytics to access the stream on your behalf.\n\nNote: Either `KinesisStreamsInput` or `KinesisFirehoseInput` is required.", - "title": "KinesisFirehoseInput" }, - "KinesisStreamsInput": { - "$ref": "#/definitions/AWS::KinesisAnalytics::Application.KinesisStreamsInput", - "markdownDescription": "If the streaming source is an Amazon Kinesis stream, identifies the stream's Amazon Resource Name (ARN) and an IAM role that enables Amazon Kinesis Analytics to access the stream on your behalf.\n\nNote: Either `KinesisStreamsInput` or `KinesisFirehoseInput` is required.", - "title": "KinesisStreamsInput" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "NamePrefix": { - "markdownDescription": "Name prefix to use when creating an in-application stream. Suppose that you specify a prefix \"MyInApplicationStream.\" Amazon Kinesis Analytics then creates one or more (as per the `InputParallelism` count you specified) in-application streams with names \"MyInApplicationStream_001,\" \"MyInApplicationStream_002,\" and so on.", - "title": "NamePrefix", - "type": "string" - } - }, - "required": [ - "InputSchema", - "NamePrefix" - ], - "type": "object" - }, - "AWS::KinesisAnalytics::Application.InputLambdaProcessor": { - "additionalProperties": false, - "properties": { - "ResourceARN": { - "markdownDescription": "The ARN of the [AWS Lambda](https://docs.aws.amazon.com/lambda/) function that operates on records in the stream.\n\n> To specify an earlier version of the Lambda function than the latest, include the Lambda function version in the Lambda function ARN. For more information about Lambda ARNs, see [Example ARNs: AWS Lambda](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-lambda)", - "title": "ResourceARN", - "type": "string" + "Metadata": { + "type": "object" }, - "RoleARN": { - "markdownDescription": "The ARN of the IAM role that is used to access the AWS Lambda function.", - "title": "RoleARN", - "type": "string" - } - }, - "required": [ - "ResourceARN", - "RoleARN" - ], - "type": "object" - }, - "AWS::KinesisAnalytics::Application.InputParallelism": { - "additionalProperties": false, - "properties": { - "Count": { - "markdownDescription": "Number of in-application streams to create. For more information, see [Limits](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/limits.html) .", - "title": "Count", - "type": "number" - } - }, - "type": "object" - }, - "AWS::KinesisAnalytics::Application.InputProcessingConfiguration": { - "additionalProperties": false, - "properties": { - "InputLambdaProcessor": { - "$ref": "#/definitions/AWS::KinesisAnalytics::Application.InputLambdaProcessor", - "markdownDescription": "The [InputLambdaProcessor](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisanalytics-application-inputlambdaprocessor.html) that is used to preprocess the records in the stream before being processed by your application code.", - "title": "InputLambdaProcessor" - } - }, - "type": "object" - }, - "AWS::KinesisAnalytics::Application.InputSchema": { - "additionalProperties": false, - "properties": { - "RecordColumns": { - "items": { - "$ref": "#/definitions/AWS::KinesisAnalytics::Application.RecordColumn" + "Properties": { + "additionalProperties": false, + "properties": { + "GroupId": { + "markdownDescription": "The identifier for a group in the identity store.", + "title": "GroupId", + "type": "string" + }, + "IdentityStoreId": { + "markdownDescription": "The globally unique identifier for the identity store.", + "title": "IdentityStoreId", + "type": "string" + }, + "MemberId": { + "$ref": "#/definitions/AWS::IdentityStore::GroupMembership.MemberId", + "markdownDescription": "An object containing the identifier of a group member. Setting the `MemberId` 's `UserId` field to a specific User's ID indicates that user is a member of the group.", + "title": "MemberId" + } }, - "markdownDescription": "A list of `RecordColumn` objects.", - "title": "RecordColumns", - "type": "array" - }, - "RecordEncoding": { - "markdownDescription": "Specifies the encoding of the records in the streaming source. For example, UTF-8.", - "title": "RecordEncoding", - "type": "string" - }, - "RecordFormat": { - "$ref": "#/definitions/AWS::KinesisAnalytics::Application.RecordFormat", - "markdownDescription": "Specifies the format of the records on the streaming source.", - "title": "RecordFormat" - } - }, - "required": [ - "RecordColumns", - "RecordFormat" - ], - "type": "object" - }, - "AWS::KinesisAnalytics::Application.JSONMappingParameters": { - "additionalProperties": false, - "properties": { - "RecordRowPath": { - "markdownDescription": "Path to the top-level parent that contains the records.", - "title": "RecordRowPath", - "type": "string" - } - }, - "required": [ - "RecordRowPath" - ], - "type": "object" - }, - "AWS::KinesisAnalytics::Application.KinesisFirehoseInput": { - "additionalProperties": false, - "properties": { - "ResourceARN": { - "markdownDescription": "ARN of the input delivery stream.", - "title": "ResourceARN", - "type": "string" - }, - "RoleARN": { - "markdownDescription": "ARN of the IAM role that Amazon Kinesis Analytics can assume to access the stream on your behalf. You need to make sure that the role has the necessary permissions to access the stream.", - "title": "RoleARN", - "type": "string" - } - }, - "required": [ - "ResourceARN", - "RoleARN" - ], - "type": "object" - }, - "AWS::KinesisAnalytics::Application.KinesisStreamsInput": { - "additionalProperties": false, - "properties": { - "ResourceARN": { - "markdownDescription": "ARN of the input Amazon Kinesis stream to read.", - "title": "ResourceARN", - "type": "string" - }, - "RoleARN": { - "markdownDescription": "ARN of the IAM role that Amazon Kinesis Analytics can assume to access the stream on your behalf. You need to grant the necessary permissions to this role.", - "title": "RoleARN", - "type": "string" - } - }, - "required": [ - "ResourceARN", - "RoleARN" - ], - "type": "object" - }, - "AWS::KinesisAnalytics::Application.MappingParameters": { - "additionalProperties": false, - "properties": { - "CSVMappingParameters": { - "$ref": "#/definitions/AWS::KinesisAnalytics::Application.CSVMappingParameters", - "markdownDescription": "Provides additional mapping information when the record format uses delimiters (for example, CSV).", - "title": "CSVMappingParameters" - }, - "JSONMappingParameters": { - "$ref": "#/definitions/AWS::KinesisAnalytics::Application.JSONMappingParameters", - "markdownDescription": "Provides additional mapping information when JSON is the record format on the streaming source.", - "title": "JSONMappingParameters" - } - }, - "type": "object" - }, - "AWS::KinesisAnalytics::Application.RecordColumn": { - "additionalProperties": false, - "properties": { - "Mapping": { - "markdownDescription": "Reference to the data element in the streaming input or the reference data source. This element is required if the [RecordFormatType](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/API_RecordFormat.html#analytics-Type-RecordFormat-RecordFormatTypel) is `JSON` .", - "title": "Mapping", - "type": "string" + "required": [ + "GroupId", + "IdentityStoreId", + "MemberId" + ], + "type": "object" }, - "Name": { - "markdownDescription": "Name of the column created in the in-application input stream or reference table.", - "title": "Name", + "Type": { + "enum": [ + "AWS::IdentityStore::GroupMembership" + ], "type": "string" }, - "SqlType": { - "markdownDescription": "Type of column created in the in-application input stream or reference table.", - "title": "SqlType", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Name", - "SqlType" + "Type", + "Properties" ], "type": "object" }, - "AWS::KinesisAnalytics::Application.RecordFormat": { + "AWS::IdentityStore::GroupMembership.MemberId": { "additionalProperties": false, "properties": { - "MappingParameters": { - "$ref": "#/definitions/AWS::KinesisAnalytics::Application.MappingParameters", - "markdownDescription": "When configuring application input at the time of creating or updating an application, provides additional mapping information specific to the record format (such as JSON, CSV, or record fields delimited by some delimiter) on the streaming source.", - "title": "MappingParameters" - }, - "RecordFormatType": { - "markdownDescription": "The type of record format.", - "title": "RecordFormatType", + "UserId": { + "markdownDescription": "An object containing the identifiers of resources that can be members.", + "title": "UserId", "type": "string" } }, "required": [ - "RecordFormatType" + "UserId" ], "type": "object" }, - "AWS::KinesisAnalytics::ApplicationOutput": { + "AWS::ImageBuilder::Component": { "additionalProperties": false, "properties": { "Condition": { @@ -137257,26 +141523,76 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationName": { - "markdownDescription": "Name of the application to which you want to add the output configuration.", - "title": "ApplicationName", + "ChangeDescription": { + "markdownDescription": "The change description of the component. Describes what change has been made in this version, or what makes this version different from other versions of the component.", + "title": "ChangeDescription", "type": "string" }, - "Output": { - "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationOutput.Output", - "markdownDescription": "An array of objects, each describing one output configuration. In the output configuration, you specify the name of an in-application stream, a destination (that is, an Amazon Kinesis stream, an Amazon Kinesis Firehose delivery stream, or an AWS Lambda function), and record the formation to use when writing to the destination.", - "title": "Output" + "Data": { + "markdownDescription": "Component `data` contains inline YAML document content for the component. Alternatively, you can specify the `uri` of a YAML document file stored in Amazon S3. However, you cannot specify both properties.", + "title": "Data", + "type": "string" + }, + "Description": { + "markdownDescription": "Describes the contents of the component.", + "title": "Description", + "type": "string" + }, + "KmsKeyId": { + "markdownDescription": "The ID of the KMS key that is used to encrypt this component.", + "title": "KmsKeyId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the component.", + "title": "Name", + "type": "string" + }, + "Platform": { + "markdownDescription": "The operating system platform of the component.", + "title": "Platform", + "type": "string" + }, + "SupportedOsVersions": { + "items": { + "type": "string" + }, + "markdownDescription": "The operating system (OS) version supported by the component. If the OS information is available, a prefix match is performed against the base image OS version during image recipe creation.", + "title": "SupportedOsVersions", + "type": "array" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The tags that apply to the component.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "Uri": { + "markdownDescription": "The `uri` of a YAML component document file. This must be an S3 URL ( `s3://bucket/key` ), and the requester must have permission to access the S3 bucket it points to. If you use Amazon S3, you can specify component content up to your service quota.\n\nAlternatively, you can specify the YAML document inline, using the component `data` property. You cannot specify both properties.", + "title": "Uri", + "type": "string" + }, + "Version": { + "markdownDescription": "The component version. For example, `1.0.0` .", + "title": "Version", + "type": "string" } }, "required": [ - "ApplicationName", - "Output" + "Name", + "Platform", + "Version" ], "type": "object" }, "Type": { "enum": [ - "AWS::KinesisAnalytics::ApplicationOutput" + "AWS::ImageBuilder::Component" ], "type": "string" }, @@ -137295,112 +141611,7 @@ ], "type": "object" }, - "AWS::KinesisAnalytics::ApplicationOutput.DestinationSchema": { - "additionalProperties": false, - "properties": { - "RecordFormatType": { - "markdownDescription": "Specifies the format of the records on the output stream.", - "title": "RecordFormatType", - "type": "string" - } - }, - "type": "object" - }, - "AWS::KinesisAnalytics::ApplicationOutput.KinesisFirehoseOutput": { - "additionalProperties": false, - "properties": { - "ResourceARN": { - "markdownDescription": "ARN of the destination Amazon Kinesis Firehose delivery stream to write to.", - "title": "ResourceARN", - "type": "string" - }, - "RoleARN": { - "markdownDescription": "ARN of the IAM role that Amazon Kinesis Analytics can assume to write to the destination stream on your behalf. You need to grant the necessary permissions to this role.", - "title": "RoleARN", - "type": "string" - } - }, - "required": [ - "ResourceARN", - "RoleARN" - ], - "type": "object" - }, - "AWS::KinesisAnalytics::ApplicationOutput.KinesisStreamsOutput": { - "additionalProperties": false, - "properties": { - "ResourceARN": { - "markdownDescription": "ARN of the destination Amazon Kinesis stream to write to.", - "title": "ResourceARN", - "type": "string" - }, - "RoleARN": { - "markdownDescription": "ARN of the IAM role that Amazon Kinesis Analytics can assume to write to the destination stream on your behalf. You need to grant the necessary permissions to this role.", - "title": "RoleARN", - "type": "string" - } - }, - "required": [ - "ResourceARN", - "RoleARN" - ], - "type": "object" - }, - "AWS::KinesisAnalytics::ApplicationOutput.LambdaOutput": { - "additionalProperties": false, - "properties": { - "ResourceARN": { - "markdownDescription": "Amazon Resource Name (ARN) of the destination Lambda function to write to.\n\n> To specify an earlier version of the Lambda function than the latest, include the Lambda function version in the Lambda function ARN. For more information about Lambda ARNs, see [Example ARNs: AWS Lambda](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-lambda)", - "title": "ResourceARN", - "type": "string" - }, - "RoleARN": { - "markdownDescription": "ARN of the IAM role that Amazon Kinesis Analytics can assume to write to the destination function on your behalf. You need to grant the necessary permissions to this role.", - "title": "RoleARN", - "type": "string" - } - }, - "required": [ - "ResourceARN", - "RoleARN" - ], - "type": "object" - }, - "AWS::KinesisAnalytics::ApplicationOutput.Output": { - "additionalProperties": false, - "properties": { - "DestinationSchema": { - "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationOutput.DestinationSchema", - "markdownDescription": "Describes the data format when records are written to the destination. For more information, see [Configuring Application Output](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/how-it-works-output.html) .", - "title": "DestinationSchema" - }, - "KinesisFirehoseOutput": { - "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationOutput.KinesisFirehoseOutput", - "markdownDescription": "Identifies an Amazon Kinesis Firehose delivery stream as the destination.", - "title": "KinesisFirehoseOutput" - }, - "KinesisStreamsOutput": { - "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationOutput.KinesisStreamsOutput", - "markdownDescription": "Identifies an Amazon Kinesis stream as the destination.", - "title": "KinesisStreamsOutput" - }, - "LambdaOutput": { - "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationOutput.LambdaOutput", - "markdownDescription": "Identifies an AWS Lambda function as the destination.", - "title": "LambdaOutput" - }, - "Name": { - "markdownDescription": "Name of the in-application stream.", - "title": "Name", - "type": "string" - } - }, - "required": [ - "DestinationSchema" - ], - "type": "object" - }, - "AWS::KinesisAnalytics::ApplicationReferenceDataSource": { + "AWS::ImageBuilder::ContainerRecipe": { "additionalProperties": false, "properties": { "Condition": { @@ -137435,26 +141646,104 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationName": { - "markdownDescription": "Name of an existing application.", - "title": "ApplicationName", + "Components": { + "items": { + "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe.ComponentConfiguration" + }, + "markdownDescription": "Build and test components that are included in the container recipe. Recipes require a minimum of one build component, and can have a maximum of 20 build and test components in any combination.", + "title": "Components", + "type": "array" + }, + "ContainerType": { + "markdownDescription": "Specifies the type of container, such as Docker.", + "title": "ContainerType", "type": "string" }, - "ReferenceDataSource": { - "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.ReferenceDataSource", - "markdownDescription": "The reference data source can be an object in your Amazon S3 bucket. Amazon Kinesis Analytics reads the object and copies the data into the in-application table that is created. You provide an S3 bucket, object key name, and the resulting in-application table that is created. You must also provide an IAM role with the necessary permissions that Amazon Kinesis Analytics can assume to read the object from your S3 bucket on your behalf.", - "title": "ReferenceDataSource" + "Description": { + "markdownDescription": "The description of the container recipe.", + "title": "Description", + "type": "string" + }, + "DockerfileTemplateData": { + "markdownDescription": "Dockerfiles are text documents that are used to build Docker containers, and ensure that they contain all of the elements required by the application running inside. The template data consists of contextual variables where Image Builder places build information or scripts, based on your container image recipe.", + "title": "DockerfileTemplateData", + "type": "string" + }, + "DockerfileTemplateUri": { + "markdownDescription": "The S3 URI for the Dockerfile that will be used to build your container image.", + "title": "DockerfileTemplateUri", + "type": "string" + }, + "ImageOsVersionOverride": { + "markdownDescription": "Specifies the operating system version for the base image.", + "title": "ImageOsVersionOverride", + "type": "string" + }, + "InstanceConfiguration": { + "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe.InstanceConfiguration", + "markdownDescription": "A group of options that can be used to configure an instance for building and testing container images.", + "title": "InstanceConfiguration" + }, + "KmsKeyId": { + "markdownDescription": "Identifies which KMS key is used to encrypt the container image for distribution to the target Region.", + "title": "KmsKeyId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the container recipe.", + "title": "Name", + "type": "string" + }, + "ParentImage": { + "markdownDescription": "The base image for customizations specified in the container recipe. This can contain an Image Builder image resource ARN or a container image URI, for example `amazonlinux:latest` .", + "title": "ParentImage", + "type": "string" + }, + "PlatformOverride": { + "markdownDescription": "Specifies the operating system platform when you use a custom base image.", + "title": "PlatformOverride", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Tags that are attached to the container recipe.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "TargetRepository": { + "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe.TargetContainerRepository", + "markdownDescription": "The destination repository for the container image.", + "title": "TargetRepository" + }, + "Version": { + "markdownDescription": "The semantic version of the container recipe.\n\n> The semantic version has four nodes: ../. You can assign values for the first three, and can filter on all of them.\n> \n> *Assignment:* For the first three nodes you can assign any positive integer value, including zero, with an upper limit of 2^30-1, or 1073741823 for each node. Image Builder automatically assigns the build number to the fourth node.\n> \n> *Patterns:* You can use any numeric pattern that adheres to the assignment requirements for the nodes that you can assign. For example, you might choose a software version pattern, such as 1.0.0, or a date, such as 2021.01.01.\n> \n> *Filtering:* With semantic versioning, you have the flexibility to use wildcards (x) to specify the most recent versions or nodes when selecting the base image or components for your recipe. When you use a wildcard in any node, all nodes to the right of the first wildcard must also be wildcards.", + "title": "Version", + "type": "string" + }, + "WorkingDirectory": { + "markdownDescription": "The working directory for use during build and test workflows.", + "title": "WorkingDirectory", + "type": "string" } }, "required": [ - "ApplicationName", - "ReferenceDataSource" + "Components", + "ContainerType", + "Name", + "ParentImage", + "TargetRepository", + "Version" ], "type": "object" }, "Type": { "enum": [ - "AWS::KinesisAnalytics::ApplicationReferenceDataSource" + "AWS::ImageBuilder::ContainerRecipe" ], "type": "string" }, @@ -137473,179 +141762,156 @@ ], "type": "object" }, - "AWS::KinesisAnalytics::ApplicationReferenceDataSource.CSVMappingParameters": { + "AWS::ImageBuilder::ContainerRecipe.ComponentConfiguration": { "additionalProperties": false, "properties": { - "RecordColumnDelimiter": { - "markdownDescription": "Column delimiter. For example, in a CSV format, a comma (\",\") is the typical column delimiter.", - "title": "RecordColumnDelimiter", + "ComponentArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the component.", + "title": "ComponentArn", "type": "string" }, - "RecordRowDelimiter": { - "markdownDescription": "Row delimiter. For example, in a CSV format, *'\\n'* is the typical row delimiter.", - "title": "RecordRowDelimiter", - "type": "string" + "Parameters": { + "items": { + "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe.ComponentParameter" + }, + "markdownDescription": "A group of parameter settings that Image Builder uses to configure the component for a specific recipe.", + "title": "Parameters", + "type": "array" } }, - "required": [ - "RecordColumnDelimiter", - "RecordRowDelimiter" - ], "type": "object" }, - "AWS::KinesisAnalytics::ApplicationReferenceDataSource.JSONMappingParameters": { + "AWS::ImageBuilder::ContainerRecipe.ComponentParameter": { "additionalProperties": false, "properties": { - "RecordRowPath": { - "markdownDescription": "Path to the top-level parent that contains the records.", - "title": "RecordRowPath", + "Name": { + "markdownDescription": "The name of the component parameter to set.", + "title": "Name", "type": "string" + }, + "Value": { + "items": { + "type": "string" + }, + "markdownDescription": "Sets the value for the named component parameter.", + "title": "Value", + "type": "array" } }, "required": [ - "RecordRowPath" + "Name", + "Value" ], "type": "object" }, - "AWS::KinesisAnalytics::ApplicationReferenceDataSource.MappingParameters": { + "AWS::ImageBuilder::ContainerRecipe.EbsInstanceBlockDeviceSpecification": { "additionalProperties": false, "properties": { - "CSVMappingParameters": { - "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.CSVMappingParameters", - "markdownDescription": "Provides additional mapping information when the record format uses delimiters (for example, CSV).", - "title": "CSVMappingParameters" + "DeleteOnTermination": { + "markdownDescription": "Use to configure delete on termination of the associated device.", + "title": "DeleteOnTermination", + "type": "boolean" }, - "JSONMappingParameters": { - "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.JSONMappingParameters", - "markdownDescription": "Provides additional mapping information when JSON is the record format on the streaming source.", - "title": "JSONMappingParameters" - } - }, - "type": "object" - }, - "AWS::KinesisAnalytics::ApplicationReferenceDataSource.RecordColumn": { - "additionalProperties": false, - "properties": { - "Mapping": { - "markdownDescription": "Reference to the data element in the streaming input or the reference data source. This element is required if the [RecordFormatType](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/API_RecordFormat.html#analytics-Type-RecordFormat-RecordFormatTypel) is `JSON` .", - "title": "Mapping", - "type": "string" + "Encrypted": { + "markdownDescription": "Use to configure device encryption.", + "title": "Encrypted", + "type": "boolean" }, - "Name": { - "markdownDescription": "Name of the column created in the in-application input stream or reference table.", - "title": "Name", + "Iops": { + "markdownDescription": "Use to configure device IOPS.", + "title": "Iops", + "type": "number" + }, + "KmsKeyId": { + "markdownDescription": "Use to configure the KMS key to use when encrypting the device.", + "title": "KmsKeyId", "type": "string" }, - "SqlType": { - "markdownDescription": "Type of column created in the in-application input stream or reference table.", - "title": "SqlType", + "SnapshotId": { + "markdownDescription": "The snapshot that defines the device contents.", + "title": "SnapshotId", "type": "string" - } - }, - "required": [ - "Name", - "SqlType" - ], - "type": "object" - }, - "AWS::KinesisAnalytics::ApplicationReferenceDataSource.RecordFormat": { - "additionalProperties": false, - "properties": { - "MappingParameters": { - "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.MappingParameters", - "markdownDescription": "When configuring application input at the time of creating or updating an application, provides additional mapping information specific to the record format (such as JSON, CSV, or record fields delimited by some delimiter) on the streaming source.", - "title": "MappingParameters" }, - "RecordFormatType": { - "markdownDescription": "The type of record format.", - "title": "RecordFormatType", + "Throughput": { + "markdownDescription": "*For GP3 volumes only* \u2013 The throughput in MiB/s that the volume supports.", + "title": "Throughput", + "type": "number" + }, + "VolumeSize": { + "markdownDescription": "Use to override the device's volume size.", + "title": "VolumeSize", + "type": "number" + }, + "VolumeType": { + "markdownDescription": "Use to override the device's volume type.", + "title": "VolumeType", "type": "string" } }, - "required": [ - "RecordFormatType" - ], "type": "object" }, - "AWS::KinesisAnalytics::ApplicationReferenceDataSource.ReferenceDataSource": { + "AWS::ImageBuilder::ContainerRecipe.InstanceBlockDeviceMapping": { "additionalProperties": false, "properties": { - "ReferenceSchema": { - "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.ReferenceSchema", - "markdownDescription": "Describes the format of the data in the streaming source, and how each data element maps to corresponding columns created in the in-application stream.", - "title": "ReferenceSchema" + "DeviceName": { + "markdownDescription": "The device to which these mappings apply.", + "title": "DeviceName", + "type": "string" }, - "S3ReferenceDataSource": { - "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.S3ReferenceDataSource", - "markdownDescription": "Identifies the S3 bucket and object that contains the reference data. Also identifies the IAM role Amazon Kinesis Analytics can assume to read this object on your behalf. An Amazon Kinesis Analytics application loads reference data only once. If the data changes, you call the `UpdateApplication` operation to trigger reloading of data into your application.", - "title": "S3ReferenceDataSource" + "Ebs": { + "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe.EbsInstanceBlockDeviceSpecification", + "markdownDescription": "Use to manage Amazon EBS-specific configuration for this mapping.", + "title": "Ebs" }, - "TableName": { - "markdownDescription": "Name of the in-application table to create.", - "title": "TableName", + "NoDevice": { + "markdownDescription": "Use to remove a mapping from the base image.", + "title": "NoDevice", + "type": "string" + }, + "VirtualName": { + "markdownDescription": "Use to manage instance ephemeral devices.", + "title": "VirtualName", "type": "string" } }, - "required": [ - "ReferenceSchema" - ], "type": "object" }, - "AWS::KinesisAnalytics::ApplicationReferenceDataSource.ReferenceSchema": { + "AWS::ImageBuilder::ContainerRecipe.InstanceConfiguration": { "additionalProperties": false, "properties": { - "RecordColumns": { + "BlockDeviceMappings": { "items": { - "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.RecordColumn" + "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe.InstanceBlockDeviceMapping" }, - "markdownDescription": "A list of RecordColumn objects.", - "title": "RecordColumns", + "markdownDescription": "Defines the block devices to attach for building an instance from this Image Builder AMI.", + "title": "BlockDeviceMappings", "type": "array" }, - "RecordEncoding": { - "markdownDescription": "Specifies the encoding of the records in the reference source. For example, UTF-8.", - "title": "RecordEncoding", + "Image": { + "markdownDescription": "The base image for a container build and test instance. This can contain an AMI ID or it can specify an AWS Systems Manager (SSM) Parameter Store Parameter, prefixed by `ssm:` , followed by the parameter name or ARN.\n\nIf not specified, Image Builder uses the appropriate ECS-optimized AMI as a base image.", + "title": "Image", "type": "string" - }, - "RecordFormat": { - "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.RecordFormat", - "markdownDescription": "Specifies the format of the records on the reference source.", - "title": "RecordFormat" } }, - "required": [ - "RecordColumns", - "RecordFormat" - ], "type": "object" }, - "AWS::KinesisAnalytics::ApplicationReferenceDataSource.S3ReferenceDataSource": { + "AWS::ImageBuilder::ContainerRecipe.TargetContainerRepository": { "additionalProperties": false, "properties": { - "BucketARN": { - "markdownDescription": "Amazon Resource Name (ARN) of the S3 bucket.", - "title": "BucketARN", - "type": "string" - }, - "FileKey": { - "markdownDescription": "Object key name containing reference data.", - "title": "FileKey", + "RepositoryName": { + "markdownDescription": "The name of the container repository where the output container image is stored. This name is prefixed by the repository location. For example, `/repository_name` .", + "title": "RepositoryName", "type": "string" }, - "ReferenceRoleARN": { - "markdownDescription": "ARN of the IAM role that the service can assume to read data on your behalf. This role must have permission for the `s3:GetObject` action on the object and trust policy that allows Amazon Kinesis Analytics service principal to assume this role.", - "title": "ReferenceRoleARN", + "Service": { + "markdownDescription": "Specifies the service in which this image was registered.", + "title": "Service", "type": "string" } }, - "required": [ - "BucketARN", - "FileKey", - "ReferenceRoleARN" - ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application": { + "AWS::ImageBuilder::DistributionConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -137680,64 +141946,45 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ApplicationConfiguration", - "markdownDescription": "Use this parameter to configure the application.", - "title": "ApplicationConfiguration" - }, - "ApplicationDescription": { - "markdownDescription": "The description of the application.", - "title": "ApplicationDescription", - "type": "string" - }, - "ApplicationMaintenanceConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ApplicationMaintenanceConfiguration", - "markdownDescription": "Specifies the maintenance window parameters for a Kinesis Data Analytics application.", - "title": "ApplicationMaintenanceConfiguration" - }, - "ApplicationMode": { - "markdownDescription": "To create a Kinesis Data Analytics Studio notebook, you must set the mode to `INTERACTIVE` . However, for a Kinesis Data Analytics for Apache Flink application, the mode is optional.", - "title": "ApplicationMode", - "type": "string" - }, - "ApplicationName": { - "markdownDescription": "The name of the application.", - "title": "ApplicationName", + "Description": { + "markdownDescription": "The description of this distribution configuration.", + "title": "Description", "type": "string" }, - "RunConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.RunConfiguration", - "markdownDescription": "Describes the starting parameters for an Managed Service for Apache Flink application.", - "title": "RunConfiguration" - }, - "RuntimeEnvironment": { - "markdownDescription": "The runtime environment for the application.", - "title": "RuntimeEnvironment", - "type": "string" + "Distributions": { + "items": { + "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.Distribution" + }, + "markdownDescription": "The distributions of this distribution configuration formatted as an array of Distribution objects.", + "title": "Distributions", + "type": "array" }, - "ServiceExecutionRole": { - "markdownDescription": "Specifies the IAM role that the application uses to access external resources.", - "title": "ServiceExecutionRole", + "Name": { + "markdownDescription": "The name of this distribution configuration.", + "title": "Name", "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "The tags of this distribution configuration.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "A list of one or more tags to assign to the application. A tag is a key-value pair that identifies an application. Note that the maximum number of application tags includes system tags. The maximum number of user-defined application tags is 50.", "title": "Tags", - "type": "array" + "type": "object" } }, "required": [ - "RuntimeEnvironment", - "ServiceExecutionRole" + "Distributions", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::KinesisAnalyticsV2::Application" + "AWS::ImageBuilder::DistributionConfiguration" ], "type": "string" }, @@ -137756,741 +142003,767 @@ ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.ApplicationCodeConfiguration": { + "AWS::ImageBuilder::DistributionConfiguration.AmiDistributionConfiguration": { "additionalProperties": false, "properties": { - "CodeContent": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.CodeContent", - "markdownDescription": "The location and type of the application code.", - "title": "CodeContent" + "AmiTags": { + "additionalProperties": true, + "markdownDescription": "The tags to apply to AMIs distributed to this Region.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AmiTags", + "type": "object" }, - "CodeContentType": { - "markdownDescription": "Specifies whether the code content is in text or zip format.", - "title": "CodeContentType", + "Description": { + "markdownDescription": "The description of the AMI distribution configuration. Minimum and maximum length are in characters.", + "title": "Description", "type": "string" - } - }, - "required": [ - "CodeContent", - "CodeContentType" - ], - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.ApplicationConfiguration": { - "additionalProperties": false, - "properties": { - "ApplicationCodeConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ApplicationCodeConfiguration", - "markdownDescription": "The code location and type parameters for a Managed Service for Apache Flink application.", - "title": "ApplicationCodeConfiguration" - }, - "ApplicationSnapshotConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ApplicationSnapshotConfiguration", - "markdownDescription": "Describes whether snapshots are enabled for a Managed Service for Apache Flink application.", - "title": "ApplicationSnapshotConfiguration" }, - "EnvironmentProperties": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.EnvironmentProperties", - "markdownDescription": "Describes execution properties for a Managed Service for Apache Flink application.", - "title": "EnvironmentProperties" + "KmsKeyId": { + "markdownDescription": "The KMS key identifier used to encrypt the distributed image.", + "title": "KmsKeyId", + "type": "string" }, - "FlinkApplicationConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.FlinkApplicationConfiguration", - "markdownDescription": "The creation and update parameters for a Managed Service for Apache Flink application.", - "title": "FlinkApplicationConfiguration" + "LaunchPermissionConfiguration": { + "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.LaunchPermissionConfiguration", + "markdownDescription": "Launch permissions can be used to configure which AWS account s can use the AMI to launch instances.", + "title": "LaunchPermissionConfiguration" }, - "SqlApplicationConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.SqlApplicationConfiguration", - "markdownDescription": "The creation and update parameters for a SQL-based Kinesis Data Analytics application.", - "title": "SqlApplicationConfiguration" + "Name": { + "markdownDescription": "The name of the output AMI.", + "title": "Name", + "type": "string" }, - "VpcConfigurations": { + "TargetAccountIds": { "items": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.VpcConfiguration" + "type": "string" }, - "markdownDescription": "The array of descriptions of VPC configurations available to the application.", - "title": "VpcConfigurations", + "markdownDescription": "The ID of an account to which you want to distribute an image.", + "title": "TargetAccountIds", "type": "array" - }, - "ZeppelinApplicationConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ZeppelinApplicationConfiguration", - "markdownDescription": "The configuration parameters for a Kinesis Data Analytics Studio notebook.", - "title": "ZeppelinApplicationConfiguration" } }, "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.ApplicationMaintenanceConfiguration": { - "additionalProperties": false, - "properties": { - "ApplicationMaintenanceWindowStartTime": { - "markdownDescription": "", - "title": "ApplicationMaintenanceWindowStartTime", - "type": "string" - } - }, - "required": [ - "ApplicationMaintenanceWindowStartTime" - ], - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.ApplicationRestoreConfiguration": { + "AWS::ImageBuilder::DistributionConfiguration.ContainerDistributionConfiguration": { "additionalProperties": false, "properties": { - "ApplicationRestoreType": { - "markdownDescription": "Specifies how the application should be restored.", - "title": "ApplicationRestoreType", - "type": "string" + "ContainerTags": { + "items": { + "type": "string" + }, + "markdownDescription": "Tags that are attached to the container distribution configuration.", + "title": "ContainerTags", + "type": "array" }, - "SnapshotName": { - "markdownDescription": "The identifier of an existing snapshot of application state to use to restart an application. The application uses this value if `RESTORE_FROM_CUSTOM_SNAPSHOT` is specified for the `ApplicationRestoreType` .", - "title": "SnapshotName", + "Description": { + "markdownDescription": "The description of the container distribution configuration.", + "title": "Description", "type": "string" + }, + "TargetRepository": { + "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.TargetContainerRepository", + "markdownDescription": "The destination repository for the container distribution configuration.", + "title": "TargetRepository" } }, - "required": [ - "ApplicationRestoreType" - ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.ApplicationSnapshotConfiguration": { + "AWS::ImageBuilder::DistributionConfiguration.Distribution": { "additionalProperties": false, "properties": { - "SnapshotsEnabled": { - "markdownDescription": "Describes whether snapshots are enabled for a Managed Service for Apache Flink application.", - "title": "SnapshotsEnabled", - "type": "boolean" - } - }, - "required": [ - "SnapshotsEnabled" - ], - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.CSVMappingParameters": { - "additionalProperties": false, - "properties": { - "RecordColumnDelimiter": { - "markdownDescription": "The column delimiter. For example, in a CSV format, a comma (\",\") is the typical column delimiter.", - "title": "RecordColumnDelimiter", - "type": "string" + "AmiDistributionConfiguration": { + "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.AmiDistributionConfiguration", + "markdownDescription": "The specific AMI settings, such as launch permissions and AMI tags. For details, see example schema below.", + "title": "AmiDistributionConfiguration" }, - "RecordRowDelimiter": { - "markdownDescription": "The row delimiter. For example, in a CSV format, *'\\n'* is the typical row delimiter.", - "title": "RecordRowDelimiter", + "ContainerDistributionConfiguration": { + "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.ContainerDistributionConfiguration", + "markdownDescription": "Container distribution settings for encryption, licensing, and sharing in a specific Region. For details, see example schema below.", + "title": "ContainerDistributionConfiguration" + }, + "FastLaunchConfigurations": { + "items": { + "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.FastLaunchConfiguration" + }, + "markdownDescription": "The Windows faster-launching configurations to use for AMI distribution.", + "title": "FastLaunchConfigurations", + "type": "array" + }, + "LaunchTemplateConfigurations": { + "items": { + "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.LaunchTemplateConfiguration" + }, + "markdownDescription": "A group of launchTemplateConfiguration settings that apply to image distribution for specified accounts.", + "title": "LaunchTemplateConfigurations", + "type": "array" + }, + "LicenseConfigurationArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The License Manager Configuration to associate with the AMI in the specified Region. For more information, see the [LicenseConfiguration API](https://docs.aws.amazon.com/license-manager/latest/APIReference/API_LicenseConfiguration.html) .", + "title": "LicenseConfigurationArns", + "type": "array" + }, + "Region": { + "markdownDescription": "The target Region for the Distribution Configuration. For example, `eu-west-1` .", + "title": "Region", "type": "string" + }, + "SsmParameterConfigurations": { + "items": { + "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.SsmParameterConfiguration" + }, + "markdownDescription": "Contains settings to update AWS Systems Manager (SSM) Parameter Store Parameters with output AMI IDs from the build by target Region.", + "title": "SsmParameterConfigurations", + "type": "array" } }, "required": [ - "RecordColumnDelimiter", - "RecordRowDelimiter" + "Region" ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.CatalogConfiguration": { - "additionalProperties": false, - "properties": { - "GlueDataCatalogConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.GlueDataCatalogConfiguration", - "markdownDescription": "The configuration parameters for the default Amazon Glue database. You use this database for Apache Flink SQL queries and table API transforms that you write in a Kinesis Data Analytics Studio notebook.", - "title": "GlueDataCatalogConfiguration" - } - }, - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.CheckpointConfiguration": { + "AWS::ImageBuilder::DistributionConfiguration.FastLaunchConfiguration": { "additionalProperties": false, "properties": { - "CheckpointInterval": { - "markdownDescription": "Describes the interval in milliseconds between checkpoint operations.\n\n> If `CheckpointConfiguration.ConfigurationType` is `DEFAULT` , the application will use a `CheckpointInterval` value of 60000, even if this value is set to another value using this API or in application code.", - "title": "CheckpointInterval", - "type": "number" + "AccountId": { + "markdownDescription": "The owner account ID for the fast-launch enabled Windows AMI.", + "title": "AccountId", + "type": "string" }, - "CheckpointingEnabled": { - "markdownDescription": "Describes whether checkpointing is enabled for a Managed Service for Apache Flink application.\n\n> If `CheckpointConfiguration.ConfigurationType` is `DEFAULT` , the application will use a `CheckpointingEnabled` value of `true` , even if this value is set to another value using this API or in application code.", - "title": "CheckpointingEnabled", + "Enabled": { + "markdownDescription": "A Boolean that represents the current state of faster launching for the Windows AMI. Set to `true` to start using Windows faster launching, or `false` to stop using it.", + "title": "Enabled", "type": "boolean" }, - "ConfigurationType": { - "markdownDescription": "Describes whether the application uses Managed Service for Apache Flink' default checkpointing behavior. You must set this property to `CUSTOM` in order to set the `CheckpointingEnabled` , `CheckpointInterval` , or `MinPauseBetweenCheckpoints` parameters.\n\n> If this value is set to `DEFAULT` , the application will use the following values, even if they are set to other values using APIs or application code:\n> \n> - *CheckpointingEnabled:* true\n> - *CheckpointInterval:* 60000\n> - *MinPauseBetweenCheckpoints:* 5000", - "title": "ConfigurationType", - "type": "string" + "LaunchTemplate": { + "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.FastLaunchLaunchTemplateSpecification", + "markdownDescription": "The launch template that the fast-launch enabled Windows AMI uses when it launches Windows instances to create pre-provisioned snapshots.", + "title": "LaunchTemplate" }, - "MinPauseBetweenCheckpoints": { - "markdownDescription": "Describes the minimum time in milliseconds after a checkpoint operation completes that a new checkpoint operation can start. If a checkpoint operation takes longer than the `CheckpointInterval` , the application otherwise performs continual checkpoint operations. For more information, see [Tuning Checkpointing](https://docs.aws.amazon.com/https://nightlies.apache.org/flink/flink-docs-master/docs/ops/state/large_state_tuning/#tuning-checkpointing) in the [Apache Flink Documentation](https://docs.aws.amazon.com/https://nightlies.apache.org/flink/flink-docs-master) .\n\n> If `CheckpointConfiguration.ConfigurationType` is `DEFAULT` , the application will use a `MinPauseBetweenCheckpoints` value of 5000, even if this value is set using this API or in application code.", - "title": "MinPauseBetweenCheckpoints", + "MaxParallelLaunches": { + "markdownDescription": "The maximum number of parallel instances that are launched for creating resources.", + "title": "MaxParallelLaunches", "type": "number" - } - }, - "required": [ - "ConfigurationType" - ], - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.CodeContent": { - "additionalProperties": false, - "properties": { - "S3ContentLocation": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.S3ContentLocation", - "markdownDescription": "Information about the Amazon S3 bucket that contains the application code.", - "title": "S3ContentLocation" - }, - "TextContent": { - "markdownDescription": "The text-format code for a Managed Service for Apache Flink application.", - "title": "TextContent", - "type": "string" }, - "ZipFileContent": { - "markdownDescription": "The zip-format code for a Managed Service for Apache Flink application.", - "title": "ZipFileContent", - "type": "string" + "SnapshotConfiguration": { + "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.FastLaunchSnapshotConfiguration", + "markdownDescription": "Configuration settings for managing the number of snapshots that are created from pre-provisioned instances for the Windows AMI when faster launching is enabled.", + "title": "SnapshotConfiguration" } }, "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.CustomArtifactConfiguration": { + "AWS::ImageBuilder::DistributionConfiguration.FastLaunchLaunchTemplateSpecification": { "additionalProperties": false, "properties": { - "ArtifactType": { - "markdownDescription": "Set this to either `UDF` or `DEPENDENCY_JAR` . `UDF` stands for user-defined functions. This type of artifact must be in an S3 bucket. A `DEPENDENCY_JAR` can be in either Maven or an S3 bucket.", - "title": "ArtifactType", + "LaunchTemplateId": { + "markdownDescription": "The ID of the launch template to use for faster launching for a Windows AMI.", + "title": "LaunchTemplateId", "type": "string" }, - "MavenReference": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.MavenReference", - "markdownDescription": "The parameters required to fully specify a Maven reference.", - "title": "MavenReference" + "LaunchTemplateName": { + "markdownDescription": "The name of the launch template to use for faster launching for a Windows AMI.", + "title": "LaunchTemplateName", + "type": "string" }, - "S3ContentLocation": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.S3ContentLocation", - "markdownDescription": "The location of the custom artifacts.", - "title": "S3ContentLocation" + "LaunchTemplateVersion": { + "markdownDescription": "The version of the launch template to use for faster launching for a Windows AMI.", + "title": "LaunchTemplateVersion", + "type": "string" } }, - "required": [ - "ArtifactType" - ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.DeployAsApplicationConfiguration": { + "AWS::ImageBuilder::DistributionConfiguration.FastLaunchSnapshotConfiguration": { "additionalProperties": false, "properties": { - "S3ContentLocation": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.S3ContentBaseLocation", - "markdownDescription": "The description of an Amazon S3 object that contains the Amazon Data Analytics application, including the Amazon Resource Name (ARN) of the S3 bucket, the name of the Amazon S3 object that contains the data, and the version number of the Amazon S3 object that contains the data.", - "title": "S3ContentLocation" + "TargetResourceCount": { + "markdownDescription": "The number of pre-provisioned snapshots to keep on hand for a fast-launch enabled Windows AMI.", + "title": "TargetResourceCount", + "type": "number" } }, - "required": [ - "S3ContentLocation" - ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.EnvironmentProperties": { + "AWS::ImageBuilder::DistributionConfiguration.LaunchPermissionConfiguration": { "additionalProperties": false, "properties": { - "PropertyGroups": { + "OrganizationArns": { "items": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.PropertyGroup" + "type": "string" }, - "markdownDescription": "Describes the execution property groups.", - "title": "PropertyGroups", + "markdownDescription": "The ARN for an AWS Organization that you want to share your AMI with. For more information, see [What is AWS Organizations ?](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_introduction.html) .", + "title": "OrganizationArns", "type": "array" - } - }, - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.FlinkApplicationConfiguration": { - "additionalProperties": false, - "properties": { - "CheckpointConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.CheckpointConfiguration", - "markdownDescription": "Describes an application's checkpointing configuration. Checkpointing is the process of persisting application state for fault tolerance. For more information, see [Checkpoints for Fault Tolerance](https://docs.aws.amazon.com/https://ci.apache.org/projects/flink/flink-docs-release-1.8/concepts/programming-model.html#checkpoints-for-fault-tolerance) in the [Apache Flink Documentation](https://docs.aws.amazon.com/https://ci.apache.org/projects/flink/flink-docs-release-1.8/) .", - "title": "CheckpointConfiguration" }, - "MonitoringConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.MonitoringConfiguration", - "markdownDescription": "Describes configuration parameters for Amazon CloudWatch logging for an application.", - "title": "MonitoringConfiguration" + "OrganizationalUnitArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The ARN for an AWS Organizations organizational unit (OU) that you want to share your AMI with. For more information about key concepts for AWS Organizations , see [AWS Organizations terminology and concepts](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html) .", + "title": "OrganizationalUnitArns", + "type": "array" }, - "ParallelismConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ParallelismConfiguration", - "markdownDescription": "Describes parameters for how an application executes multiple tasks simultaneously.", - "title": "ParallelismConfiguration" + "UserGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The name of the group.", + "title": "UserGroups", + "type": "array" + }, + "UserIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The AWS account ID.", + "title": "UserIds", + "type": "array" } }, "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.FlinkRunConfiguration": { + "AWS::ImageBuilder::DistributionConfiguration.LaunchTemplateConfiguration": { "additionalProperties": false, "properties": { - "AllowNonRestoredState": { - "markdownDescription": "When restoring from a snapshot, specifies whether the runtime is allowed to skip a state that cannot be mapped to the new program. This will happen if the program is updated between snapshots to remove stateful parameters, and state data in the snapshot no longer corresponds to valid application data. For more information, see [Allowing Non-Restored State](https://docs.aws.amazon.com/https://nightlies.apache.org/flink/flink-docs-master/docs/ops/state/savepoints/#allowing-non-restored-state) in the [Apache Flink documentation](https://docs.aws.amazon.com/https://nightlies.apache.org/flink/flink-docs-master) .\n\n> This value defaults to `false` . If you update your application without specifying this parameter, `AllowNonRestoredState` will be set to `false` , even if it was previously set to `true` .", - "title": "AllowNonRestoredState", + "AccountId": { + "markdownDescription": "The account ID that this configuration applies to.", + "title": "AccountId", + "type": "string" + }, + "LaunchTemplateId": { + "markdownDescription": "Identifies the Amazon EC2 launch template to use.", + "title": "LaunchTemplateId", + "type": "string" + }, + "SetDefaultVersion": { + "markdownDescription": "Set the specified Amazon EC2 launch template as the default launch template for the specified account.", + "title": "SetDefaultVersion", "type": "boolean" } }, "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.GlueDataCatalogConfiguration": { + "AWS::ImageBuilder::DistributionConfiguration.SsmParameterConfiguration": { "additionalProperties": false, "properties": { - "DatabaseARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the database.", - "title": "DatabaseARN", + "AmiAccountId": { + "markdownDescription": "Specify the account that will own the Parameter in a given Region. During distribution, this account must be specified in distribution settings as a target account for the Region.", + "title": "AmiAccountId", "type": "string" - } - }, - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.Input": { - "additionalProperties": false, - "properties": { - "InputParallelism": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.InputParallelism", - "markdownDescription": "Describes the number of in-application streams to create.", - "title": "InputParallelism" - }, - "InputProcessingConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.InputProcessingConfiguration", - "markdownDescription": "The [InputProcessingConfiguration](https://docs.aws.amazon.com/managed-flink/latest/apiv2/API_InputProcessingConfiguration.html) for the input. An input processor transforms records as they are received from the stream, before the application's SQL code executes. Currently, the only input processing configuration available is [InputLambdaProcessor](https://docs.aws.amazon.com/managed-flink/latest/apiv2/API_InputLambdaProcessor.html) .", - "title": "InputProcessingConfiguration" }, - "InputSchema": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.InputSchema", - "markdownDescription": "Describes the format of the data in the streaming source, and how each data element maps to corresponding columns in the in-application stream that is being created.\n\nAlso used to describe the format of the reference data source.", - "title": "InputSchema" - }, - "KinesisFirehoseInput": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.KinesisFirehoseInput", - "markdownDescription": "If the streaming source is an Amazon Kinesis Data Firehose delivery stream, identifies the delivery stream's ARN.", - "title": "KinesisFirehoseInput" - }, - "KinesisStreamsInput": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.KinesisStreamsInput", - "markdownDescription": "If the streaming source is an Amazon Kinesis data stream, identifies the stream's Amazon Resource Name (ARN).", - "title": "KinesisStreamsInput" + "DataType": { + "markdownDescription": "The data type specifies what type of value the Parameter contains. We recommend that you use data type `aws:ec2:image` .", + "title": "DataType", + "type": "string" }, - "NamePrefix": { - "markdownDescription": "The name prefix to use when creating an in-application stream. Suppose that you specify a prefix \" `MyInApplicationStream` .\" Kinesis Data Analytics then creates one or more (as per the `InputParallelism` count you specified) in-application streams with the names \" `MyInApplicationStream_001` ,\" \" `MyInApplicationStream_002` ,\" and so on.", - "title": "NamePrefix", + "ParameterName": { + "markdownDescription": "This is the name of the Parameter in the target Region or account. The image distribution creates the Parameter if it doesn't already exist. Otherwise, it updates the parameter.", + "title": "ParameterName", "type": "string" } }, "required": [ - "InputSchema", - "NamePrefix" + "ParameterName" ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.InputLambdaProcessor": { + "AWS::ImageBuilder::DistributionConfiguration.TargetContainerRepository": { "additionalProperties": false, "properties": { - "ResourceARN": { - "markdownDescription": "The ARN of the Amazon Lambda function that operates on records in the stream.\n\n> To specify an earlier version of the Lambda function than the latest, include the Lambda function version in the Lambda function ARN. For more information about Lambda ARNs, see [Example ARNs: Amazon Lambda](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-lambda)", - "title": "ResourceARN", + "RepositoryName": { + "markdownDescription": "The name of the container repository where the output container image is stored. This name is prefixed by the repository location. For example, `/repository_name` .", + "title": "RepositoryName", + "type": "string" + }, + "Service": { + "markdownDescription": "Specifies the service in which this image was registered.", + "title": "Service", "type": "string" - } - }, - "required": [ - "ResourceARN" - ], - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.InputParallelism": { - "additionalProperties": false, - "properties": { - "Count": { - "markdownDescription": "The number of in-application streams to create.", - "title": "Count", - "type": "number" - } - }, - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.InputProcessingConfiguration": { - "additionalProperties": false, - "properties": { - "InputLambdaProcessor": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.InputLambdaProcessor", - "markdownDescription": "The [InputLambdaProcessor](https://docs.aws.amazon.com/managed-flink/latest/apiv2/API_InputLambdaProcessor.html) that is used to preprocess the records in the stream before being processed by your application code.", - "title": "InputLambdaProcessor" } }, "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.InputSchema": { + "AWS::ImageBuilder::Image": { "additionalProperties": false, "properties": { - "RecordColumns": { - "items": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.RecordColumn" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ContainerRecipeArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the container recipe that defines how images are configured and tested.", + "title": "ContainerRecipeArn", + "type": "string" + }, + "DistributionConfigurationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the distribution configuration that defines and configures the outputs of your pipeline.", + "title": "DistributionConfigurationArn", + "type": "string" + }, + "EnhancedImageMetadataEnabled": { + "markdownDescription": "Collects additional information about the image being created, including the operating system (OS) version and package list. This information is used to enhance the overall experience of using EC2 Image Builder. Enabled by default.", + "title": "EnhancedImageMetadataEnabled", + "type": "boolean" + }, + "ExecutionRole": { + "markdownDescription": "The name or Amazon Resource Name (ARN) for the IAM role you create that grants Image Builder access to perform workflow actions.", + "title": "ExecutionRole", + "type": "string" + }, + "ImageRecipeArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the image recipe that defines how images are configured, tested, and assessed.", + "title": "ImageRecipeArn", + "type": "string" + }, + "ImageScanningConfiguration": { + "$ref": "#/definitions/AWS::ImageBuilder::Image.ImageScanningConfiguration", + "markdownDescription": "Contains settings for vulnerability scans.", + "title": "ImageScanningConfiguration" + }, + "ImageTestsConfiguration": { + "$ref": "#/definitions/AWS::ImageBuilder::Image.ImageTestsConfiguration", + "markdownDescription": "The image tests configuration of the image.", + "title": "ImageTestsConfiguration" + }, + "InfrastructureConfigurationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the infrastructure configuration that defines the environment in which your image will be built and tested.", + "title": "InfrastructureConfigurationArn", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The tags of the image.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "Workflows": { + "items": { + "$ref": "#/definitions/AWS::ImageBuilder::Image.WorkflowConfiguration" + }, + "markdownDescription": "Contains an array of workflow configuration objects.", + "title": "Workflows", + "type": "array" + } }, - "markdownDescription": "A list of `RecordColumn` objects.", - "title": "RecordColumns", - "type": "array" + "type": "object" }, - "RecordEncoding": { - "markdownDescription": "Specifies the encoding of the records in the streaming source. For example, UTF-8.", - "title": "RecordEncoding", + "Type": { + "enum": [ + "AWS::ImageBuilder::Image" + ], "type": "string" }, - "RecordFormat": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.RecordFormat", - "markdownDescription": "Specifies the format of the records on the streaming source.", - "title": "RecordFormat" - } - }, - "required": [ - "RecordColumns", - "RecordFormat" - ], - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.JSONMappingParameters": { - "additionalProperties": false, - "properties": { - "RecordRowPath": { - "markdownDescription": "The path to the top-level parent that contains the records.", - "title": "RecordRowPath", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "RecordRowPath" + "Type" ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.KinesisFirehoseInput": { + "AWS::ImageBuilder::Image.EcrConfiguration": { "additionalProperties": false, "properties": { - "ResourceARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the delivery stream.", - "title": "ResourceARN", + "ContainerTags": { + "items": { + "type": "string" + }, + "markdownDescription": "Tags for Image Builder to apply to the output container image that Amazon Inspector scans. Tags can help you identify and manage your scanned images.", + "title": "ContainerTags", + "type": "array" + }, + "RepositoryName": { + "markdownDescription": "The name of the container repository that Amazon Inspector scans to identify findings for your container images. The name includes the path for the repository location. If you don\u2019t provide this information, Image Builder creates a repository in your account named `image-builder-image-scanning-repository` for vulnerability scans of your output container images.", + "title": "RepositoryName", "type": "string" } }, - "required": [ - "ResourceARN" - ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.KinesisStreamsInput": { + "AWS::ImageBuilder::Image.ImageScanningConfiguration": { "additionalProperties": false, "properties": { - "ResourceARN": { - "markdownDescription": "The ARN of the input Kinesis data stream to read.", - "title": "ResourceARN", - "type": "string" + "EcrConfiguration": { + "$ref": "#/definitions/AWS::ImageBuilder::Image.EcrConfiguration", + "markdownDescription": "Contains Amazon ECR settings for vulnerability scans.", + "title": "EcrConfiguration" + }, + "ImageScanningEnabled": { + "markdownDescription": "A setting that indicates whether Image Builder keeps a snapshot of the vulnerability scans that Amazon Inspector runs against the build instance when you create a new image.", + "title": "ImageScanningEnabled", + "type": "boolean" } }, - "required": [ - "ResourceARN" - ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.MappingParameters": { + "AWS::ImageBuilder::Image.ImageTestsConfiguration": { "additionalProperties": false, "properties": { - "CSVMappingParameters": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.CSVMappingParameters", - "markdownDescription": "Provides additional mapping information when the record format uses delimiters (for example, CSV).", - "title": "CSVMappingParameters" + "ImageTestsEnabled": { + "markdownDescription": "Determines if tests should run after building the image. Image Builder defaults to enable tests to run following the image build, before image distribution.", + "title": "ImageTestsEnabled", + "type": "boolean" }, - "JSONMappingParameters": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.JSONMappingParameters", - "markdownDescription": "Provides additional mapping information when JSON is the record format on the streaming source.", - "title": "JSONMappingParameters" + "TimeoutMinutes": { + "markdownDescription": "The maximum time in minutes that tests are permitted to run.\n\n> The timeout property is not currently active. This value is ignored.", + "title": "TimeoutMinutes", + "type": "number" } }, "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.MavenReference": { + "AWS::ImageBuilder::Image.WorkflowConfiguration": { "additionalProperties": false, "properties": { - "ArtifactId": { - "markdownDescription": "The artifact ID of the Maven reference.", - "title": "ArtifactId", + "OnFailure": { + "markdownDescription": "The action to take if the workflow fails.", + "title": "OnFailure", "type": "string" }, - "GroupId": { - "markdownDescription": "The group ID of the Maven reference.", - "title": "GroupId", + "ParallelGroup": { + "markdownDescription": "Test workflows are defined within named runtime groups called parallel groups. The parallel group is the named group that contains this test workflow. Test workflows within a parallel group can run at the same time. Image Builder starts up to five test workflows in the group at the same time, and starts additional workflows as others complete, until all workflows in the group have completed. This field only applies for test workflows.", + "title": "ParallelGroup", "type": "string" }, - "Version": { - "markdownDescription": "The version of the Maven reference.", - "title": "Version", + "Parameters": { + "items": { + "$ref": "#/definitions/AWS::ImageBuilder::Image.WorkflowParameter" + }, + "markdownDescription": "Contains parameter values for each of the parameters that the workflow document defined for the workflow resource.", + "title": "Parameters", + "type": "array" + }, + "WorkflowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the workflow resource.", + "title": "WorkflowArn", "type": "string" } }, - "required": [ - "ArtifactId", - "GroupId", - "Version" - ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.MonitoringConfiguration": { + "AWS::ImageBuilder::Image.WorkflowParameter": { "additionalProperties": false, "properties": { - "ConfigurationType": { - "markdownDescription": "Describes whether to use the default CloudWatch logging configuration for an application. You must set this property to `CUSTOM` in order to set the `LogLevel` or `MetricsLevel` parameters.", - "title": "ConfigurationType", - "type": "string" - }, - "LogLevel": { - "markdownDescription": "Describes the verbosity of the CloudWatch Logs for an application.", - "title": "LogLevel", + "Name": { + "markdownDescription": "The name of the workflow parameter to set.", + "title": "Name", "type": "string" }, - "MetricsLevel": { - "markdownDescription": "Describes the granularity of the CloudWatch Logs for an application. The `Parallelism` level is not recommended for applications with a Parallelism over 64 due to excessive costs.", - "title": "MetricsLevel", - "type": "string" + "Value": { + "items": { + "type": "string" + }, + "markdownDescription": "Sets the value for the named workflow parameter.", + "title": "Value", + "type": "array" } }, - "required": [ - "ConfigurationType" - ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.ParallelismConfiguration": { + "AWS::ImageBuilder::ImagePipeline": { "additionalProperties": false, "properties": { - "AutoScalingEnabled": { - "markdownDescription": "Describes whether the Managed Service for Apache Flink service can increase the parallelism of the application in response to increased throughput.", - "title": "AutoScalingEnabled", - "type": "boolean" + "Condition": { + "type": "string" }, - "ConfigurationType": { - "markdownDescription": "Describes whether the application uses the default parallelism for the Managed Service for Apache Flink service. You must set this property to `CUSTOM` in order to change your application's `AutoScalingEnabled` , `Parallelism` , or `ParallelismPerKPU` properties.", - "title": "ConfigurationType", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Parallelism": { - "markdownDescription": "Describes the initial number of parallel tasks that a Java-based Kinesis Data Analytics application can perform. The Kinesis Data Analytics service can increase this number automatically if [ParallelismConfiguration:AutoScalingEnabled](https://docs.aws.amazon.com/managed-flink/latest/apiv2/API_ParallelismConfiguration.html#kinesisanalytics-Type-ParallelismConfiguration-AutoScalingEnabled.html) is set to `true` .", - "title": "Parallelism", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ParallelismPerKPU": { - "markdownDescription": "Describes the number of parallel tasks that a Java-based Kinesis Data Analytics application can perform per Kinesis Processing Unit (KPU) used by the application. For more information about KPUs, see [Amazon Kinesis Data Analytics Pricing](https://docs.aws.amazon.com/kinesis/data-analytics/pricing/) .", - "title": "ParallelismPerKPU", - "type": "number" - } - }, - "required": [ - "ConfigurationType" - ], - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.PropertyGroup": { - "additionalProperties": false, - "properties": { - "PropertyGroupId": { - "markdownDescription": "Describes the key of an application execution property key-value pair.", - "title": "PropertyGroupId", - "type": "string" + "Metadata": { + "type": "object" }, - "PropertyMap": { - "additionalProperties": true, - "markdownDescription": "Describes the value of an application execution property key-value pair.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { + "Properties": { + "additionalProperties": false, + "properties": { + "ContainerRecipeArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the container recipe that is used for this pipeline.", + "title": "ContainerRecipeArn", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of this image pipeline.", + "title": "Description", + "type": "string" + }, + "DistributionConfigurationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the distribution configuration associated with this image pipeline.", + "title": "DistributionConfigurationArn", + "type": "string" + }, + "EnhancedImageMetadataEnabled": { + "markdownDescription": "Collects additional information about the image being created, including the operating system (OS) version and package list. This information is used to enhance the overall experience of using EC2 Image Builder. Enabled by default.", + "title": "EnhancedImageMetadataEnabled", + "type": "boolean" + }, + "ExecutionRole": { + "markdownDescription": "The name or Amazon Resource Name (ARN) for the IAM role you create that grants Image Builder access to perform workflow actions.", + "title": "ExecutionRole", + "type": "string" + }, + "ImageRecipeArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the image recipe associated with this image pipeline.", + "title": "ImageRecipeArn", + "type": "string" + }, + "ImageScanningConfiguration": { + "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline.ImageScanningConfiguration", + "markdownDescription": "Contains settings for vulnerability scans.", + "title": "ImageScanningConfiguration" + }, + "ImageTestsConfiguration": { + "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline.ImageTestsConfiguration", + "markdownDescription": "The configuration of the image tests that run after image creation to ensure the quality of the image that was created.", + "title": "ImageTestsConfiguration" + }, + "InfrastructureConfigurationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the infrastructure configuration associated with this image pipeline.", + "title": "InfrastructureConfigurationArn", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the image pipeline.", + "title": "Name", + "type": "string" + }, + "Schedule": { + "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline.Schedule", + "markdownDescription": "The schedule of the image pipeline. A schedule configures how often and when a pipeline automatically creates a new image.", + "title": "Schedule" + }, + "Status": { + "markdownDescription": "The status of the image pipeline.", + "title": "Status", "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The tags of this image pipeline.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "Workflows": { + "items": { + "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline.WorkflowConfiguration" + }, + "markdownDescription": "Contains the workflows that run for the image pipeline.", + "title": "Workflows", + "type": "array" } }, - "title": "PropertyMap", + "required": [ + "InfrastructureConfigurationArn", + "Name" + ], "type": "object" - } - }, - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.RecordColumn": { - "additionalProperties": false, - "properties": { - "Mapping": { - "markdownDescription": "A reference to the data element in the streaming input or the reference data source.", - "title": "Mapping", - "type": "string" }, - "Name": { - "markdownDescription": "The name of the column that is created in the in-application input stream or reference table.", - "title": "Name", + "Type": { + "enum": [ + "AWS::ImageBuilder::ImagePipeline" + ], "type": "string" }, - "SqlType": { - "markdownDescription": "The type of column created in the in-application input stream or reference table.", - "title": "SqlType", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Name", - "SqlType" + "Type", + "Properties" ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.RecordFormat": { + "AWS::ImageBuilder::ImagePipeline.EcrConfiguration": { "additionalProperties": false, "properties": { - "MappingParameters": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.MappingParameters", - "markdownDescription": "When you configure application input at the time of creating or updating an application, provides additional mapping information specific to the record format (such as JSON, CSV, or record fields delimited by some delimiter) on the streaming source.", - "title": "MappingParameters" + "ContainerTags": { + "items": { + "type": "string" + }, + "markdownDescription": "Tags for Image Builder to apply to the output container image that Amazon Inspector scans. Tags can help you identify and manage your scanned images.", + "title": "ContainerTags", + "type": "array" }, - "RecordFormatType": { - "markdownDescription": "The type of record format.", - "title": "RecordFormatType", + "RepositoryName": { + "markdownDescription": "The name of the container repository that Amazon Inspector scans to identify findings for your container images. The name includes the path for the repository location. If you don\u2019t provide this information, Image Builder creates a repository in your account named `image-builder-image-scanning-repository` for vulnerability scans of your output container images.", + "title": "RepositoryName", "type": "string" } }, - "required": [ - "RecordFormatType" - ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.RunConfiguration": { + "AWS::ImageBuilder::ImagePipeline.ImageScanningConfiguration": { "additionalProperties": false, "properties": { - "ApplicationRestoreConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ApplicationRestoreConfiguration", - "markdownDescription": "Describes the restore behavior of a restarting application.", - "title": "ApplicationRestoreConfiguration" + "EcrConfiguration": { + "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline.EcrConfiguration", + "markdownDescription": "Contains Amazon ECR settings for vulnerability scans.", + "title": "EcrConfiguration" }, - "FlinkRunConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.FlinkRunConfiguration", - "markdownDescription": "Describes the starting parameters for a Managed Service for Apache Flink application.", - "title": "FlinkRunConfiguration" + "ImageScanningEnabled": { + "markdownDescription": "A setting that indicates whether Image Builder keeps a snapshot of the vulnerability scans that Amazon Inspector runs against the build instance when you create a new image.", + "title": "ImageScanningEnabled", + "type": "boolean" } }, "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.S3ContentBaseLocation": { + "AWS::ImageBuilder::ImagePipeline.ImageTestsConfiguration": { "additionalProperties": false, "properties": { - "BasePath": { - "markdownDescription": "The base path for the S3 bucket.", - "title": "BasePath", - "type": "string" + "ImageTestsEnabled": { + "markdownDescription": "Defines if tests should be executed when building this image. For example, `true` or `false` .", + "title": "ImageTestsEnabled", + "type": "boolean" }, - "BucketARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the S3 bucket.", - "title": "BucketARN", - "type": "string" + "TimeoutMinutes": { + "markdownDescription": "The maximum time in minutes that tests are permitted to run.\n\n> The timeout property is not currently active. This value is ignored.", + "title": "TimeoutMinutes", + "type": "number" } }, - "required": [ - "BucketARN" - ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.S3ContentLocation": { + "AWS::ImageBuilder::ImagePipeline.Schedule": { "additionalProperties": false, "properties": { - "BucketARN": { - "markdownDescription": "The Amazon Resource Name (ARN) for the S3 bucket containing the application code.", - "title": "BucketARN", - "type": "string" - }, - "FileKey": { - "markdownDescription": "The file key for the object containing the application code.", - "title": "FileKey", + "PipelineExecutionStartCondition": { + "markdownDescription": "The condition configures when the pipeline should trigger a new image build. When the `pipelineExecutionStartCondition` is set to `EXPRESSION_MATCH_AND_DEPENDENCY_UPDATES_AVAILABLE` , and you use semantic version filters on the base image or components in your image recipe, Image Builder will build a new image only when there are new versions of the image or components in your recipe that match the semantic version filter. When it is set to `EXPRESSION_MATCH_ONLY` , it will build a new image every time the CRON expression matches the current time. For semantic version syntax, see [CreateComponent](https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_CreateComponent.html) in the *Image Builder API Reference* .", + "title": "PipelineExecutionStartCondition", "type": "string" }, - "ObjectVersion": { - "markdownDescription": "The version of the object containing the application code.", - "title": "ObjectVersion", + "ScheduleExpression": { + "markdownDescription": "The cron expression determines how often EC2 Image Builder evaluates your `pipelineExecutionStartCondition` .\n\nFor information on how to format a cron expression in Image Builder, see [Use cron expressions in EC2 Image Builder](https://docs.aws.amazon.com/imagebuilder/latest/userguide/image-builder-cron.html) .", + "title": "ScheduleExpression", "type": "string" } }, - "required": [ - "BucketARN", - "FileKey" - ], - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.SqlApplicationConfiguration": { - "additionalProperties": false, - "properties": { - "Inputs": { - "items": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.Input" - }, - "markdownDescription": "The array of [Input](https://docs.aws.amazon.com/managed-flink/latest/apiv2/API_Input.html) objects describing the input streams used by the application.", - "title": "Inputs", - "type": "array" - } - }, "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.VpcConfiguration": { + "AWS::ImageBuilder::ImagePipeline.WorkflowConfiguration": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The array of [SecurityGroup](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SecurityGroup.html) IDs used by the VPC configuration.", - "title": "SecurityGroupIds", - "type": "array" + "OnFailure": { + "markdownDescription": "The action to take if the workflow fails.", + "title": "OnFailure", + "type": "string" }, - "SubnetIds": { + "ParallelGroup": { + "markdownDescription": "Test workflows are defined within named runtime groups called parallel groups. The parallel group is the named group that contains this test workflow. Test workflows within a parallel group can run at the same time. Image Builder starts up to five test workflows in the group at the same time, and starts additional workflows as others complete, until all workflows in the group have completed. This field only applies for test workflows.", + "title": "ParallelGroup", + "type": "string" + }, + "Parameters": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline.WorkflowParameter" }, - "markdownDescription": "The array of [Subnet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_Subnet.html) IDs used by the VPC configuration.", - "title": "SubnetIds", + "markdownDescription": "Contains parameter values for each of the parameters that the workflow document defined for the workflow resource.", + "title": "Parameters", "type": "array" + }, + "WorkflowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the workflow resource.", + "title": "WorkflowArn", + "type": "string" } }, - "required": [ - "SecurityGroupIds", - "SubnetIds" - ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.ZeppelinApplicationConfiguration": { + "AWS::ImageBuilder::ImagePipeline.WorkflowParameter": { "additionalProperties": false, "properties": { - "CatalogConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.CatalogConfiguration", - "markdownDescription": "The Amazon Glue Data Catalog that you use in queries in a Kinesis Data Analytics Studio notebook.", - "title": "CatalogConfiguration" + "Name": { + "markdownDescription": "The name of the workflow parameter to set.", + "title": "Name", + "type": "string" }, - "CustomArtifactsConfiguration": { + "Value": { "items": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.CustomArtifactConfiguration" + "type": "string" }, - "markdownDescription": "A list of `CustomArtifactConfiguration` objects.", - "title": "CustomArtifactsConfiguration", + "markdownDescription": "Sets the value for the named workflow parameter.", + "title": "Value", "type": "array" - }, - "DeployAsApplicationConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.DeployAsApplicationConfiguration", - "markdownDescription": "The information required to deploy a Kinesis Data Analytics Studio notebook as an application with durable state.", - "title": "DeployAsApplicationConfiguration" - }, - "MonitoringConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ZeppelinMonitoringConfiguration", - "markdownDescription": "The monitoring configuration of a Kinesis Data Analytics Studio notebook.", - "title": "MonitoringConfiguration" - } - }, - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.ZeppelinMonitoringConfiguration": { - "additionalProperties": false, - "properties": { - "LogLevel": { - "markdownDescription": "The verbosity of the CloudWatch Logs for an application. You can set it to `INFO` , `WARN` , `ERROR` , or `DEBUG` .", - "title": "LogLevel", - "type": "string" } }, "type": "object" }, - "AWS::KinesisAnalyticsV2::ApplicationCloudWatchLoggingOption": { + "AWS::ImageBuilder::ImageRecipe": { "additionalProperties": false, "properties": { "Condition": { @@ -138525,26 +142798,75 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationName": { - "markdownDescription": "The name of the application.", - "title": "ApplicationName", + "AdditionalInstanceConfiguration": { + "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe.AdditionalInstanceConfiguration", + "markdownDescription": "Before you create a new AMI, Image Builder launches temporary Amazon EC2 instances to build and test your image configuration. Instance configuration adds a layer of control over those instances. You can define settings and add scripts to run when an instance is launched from your AMI.", + "title": "AdditionalInstanceConfiguration" + }, + "BlockDeviceMappings": { + "items": { + "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe.InstanceBlockDeviceMapping" + }, + "markdownDescription": "The block device mappings to apply when creating images from this recipe.", + "title": "BlockDeviceMappings", + "type": "array" + }, + "Components": { + "items": { + "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe.ComponentConfiguration" + }, + "markdownDescription": "The components that are included in the image recipe. Recipes require a minimum of one build component, and can have a maximum of 20 build and test components in any combination.", + "title": "Components", + "type": "array" + }, + "Description": { + "markdownDescription": "The description of the image recipe.", + "title": "Description", "type": "string" }, - "CloudWatchLoggingOption": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationCloudWatchLoggingOption.CloudWatchLoggingOption", - "markdownDescription": "Provides a description of Amazon CloudWatch logging options, including the log stream Amazon Resource Name (ARN).", - "title": "CloudWatchLoggingOption" + "Name": { + "markdownDescription": "The name of the image recipe.", + "title": "Name", + "type": "string" + }, + "ParentImage": { + "markdownDescription": "The base image for customizations specified in the image recipe. You can specify the parent image using one of the following options:\n\n- AMI ID\n- Image Builder image Amazon Resource Name (ARN)\n- AWS Systems Manager (SSM) Parameter Store Parameter, prefixed by `ssm:` , followed by the parameter name or ARN.\n- AWS Marketplace product ID", + "title": "ParentImage", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The tags of the image recipe.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "Version": { + "markdownDescription": "The version of the image recipe.", + "title": "Version", + "type": "string" + }, + "WorkingDirectory": { + "markdownDescription": "The working directory to be used during build and test workflows.", + "title": "WorkingDirectory", + "type": "string" } }, "required": [ - "ApplicationName", - "CloudWatchLoggingOption" + "Components", + "Name", + "ParentImage", + "Version" ], "type": "object" }, "Type": { "enum": [ - "AWS::KinesisAnalyticsV2::ApplicationCloudWatchLoggingOption" + "AWS::ImageBuilder::ImageRecipe" ], "type": "string" }, @@ -138563,42 +142885,169 @@ ], "type": "object" }, - "AWS::KinesisAnalyticsV2::ApplicationCloudWatchLoggingOption.CloudWatchLoggingOption": { + "AWS::ImageBuilder::ImageRecipe.AdditionalInstanceConfiguration": { "additionalProperties": false, "properties": { - "LogStreamARN": { - "markdownDescription": "The ARN of the CloudWatch log to receive application messages.", - "title": "LogStreamARN", + "SystemsManagerAgent": { + "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe.SystemsManagerAgent", + "markdownDescription": "Contains settings for the Systems Manager agent on your build instance.", + "title": "SystemsManagerAgent" + }, + "UserDataOverride": { + "markdownDescription": "Use this property to provide commands or a command script to run when you launch your build instance.\n\nThe userDataOverride property replaces any commands that Image Builder might have added to ensure that Systems Manager is installed on your Linux build instance. If you override the user data, make sure that you add commands to install Systems Manager, if it is not pre-installed on your base image.\n\n> The user data is always base 64 encoded. For example, the following commands are encoded as `IyEvYmluL2Jhc2gKbWtkaXIgLXAgL3Zhci9iYi8KdG91Y2ggL3Zhci$` :\n> \n> *#!/bin/bash*\n> \n> mkdir -p /var/bb/\n> \n> touch /var", + "title": "UserDataOverride", "type": "string" } }, - "required": [ - "LogStreamARN" - ], "type": "object" }, - "AWS::KinesisAnalyticsV2::ApplicationOutput": { + "AWS::ImageBuilder::ImageRecipe.ComponentConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ComponentArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the component.", + "title": "ComponentArn", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { + "Parameters": { + "items": { + "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe.ComponentParameter" + }, + "markdownDescription": "A group of parameter settings that Image Builder uses to configure the component for a specific recipe.", + "title": "Parameters", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ImageBuilder::ImageRecipe.ComponentParameter": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the component parameter to set.", + "title": "Name", + "type": "string" + }, + "Value": { + "items": { + "type": "string" + }, + "markdownDescription": "Sets the value for the named component parameter.", + "title": "Value", + "type": "array" + } + }, + "required": [ + "Name", + "Value" + ], + "type": "object" + }, + "AWS::ImageBuilder::ImageRecipe.EbsInstanceBlockDeviceSpecification": { + "additionalProperties": false, + "properties": { + "DeleteOnTermination": { + "markdownDescription": "Configures delete on termination of the associated device.", + "title": "DeleteOnTermination", + "type": "boolean" + }, + "Encrypted": { + "markdownDescription": "Use to configure device encryption.", + "title": "Encrypted", + "type": "boolean" + }, + "Iops": { + "markdownDescription": "Use to configure device IOPS.", + "title": "Iops", + "type": "number" + }, + "KmsKeyId": { + "markdownDescription": "Use to configure the KMS key to use when encrypting the device.", + "title": "KmsKeyId", + "type": "string" + }, + "SnapshotId": { + "markdownDescription": "The snapshot that defines the device contents.", + "title": "SnapshotId", + "type": "string" + }, + "Throughput": { + "markdownDescription": "*For GP3 volumes only* \u2013 The throughput in MiB/s that the volume supports.", + "title": "Throughput", + "type": "number" + }, + "VolumeSize": { + "markdownDescription": "Overrides the volume size of the device.", + "title": "VolumeSize", + "type": "number" + }, + "VolumeType": { + "markdownDescription": "Overrides the volume type of the device.", + "title": "VolumeType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ImageBuilder::ImageRecipe.InstanceBlockDeviceMapping": { + "additionalProperties": false, + "properties": { + "DeviceName": { + "markdownDescription": "The device to which these mappings apply.", + "title": "DeviceName", + "type": "string" + }, + "Ebs": { + "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe.EbsInstanceBlockDeviceSpecification", + "markdownDescription": "Use to manage Amazon EBS-specific configuration for this mapping.", + "title": "Ebs" + }, + "NoDevice": { + "markdownDescription": "Enter an empty string to remove a mapping from the parent image.\n\nThe following is an example of an empty string value in the `NoDevice` field.\n\n`NoDevice:\"\"`", + "title": "NoDevice", + "type": "string" + }, + "VirtualName": { + "markdownDescription": "Manages the instance ephemeral devices.", + "title": "VirtualName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ImageBuilder::ImageRecipe.SystemsManagerAgent": { + "additionalProperties": false, + "properties": { + "UninstallAfterBuild": { + "markdownDescription": "Controls whether the Systems Manager agent is removed from your final build image, prior to creating the new AMI. If this is set to true, then the agent is removed from the final image. If it's set to false, then the agent is left in, so that it is included in the new AMI. The default value is false.", + "title": "UninstallAfterBuild", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::ImageBuilder::InfrastructureConfiguration": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, @@ -138612,26 +143061,104 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationName": { - "markdownDescription": "The name of the application.", - "title": "ApplicationName", + "Description": { + "markdownDescription": "The description of the infrastructure configuration.", + "title": "Description", "type": "string" }, - "Output": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationOutput.Output", - "markdownDescription": "Describes a SQL-based Kinesis Data Analytics application's output configuration, in which you identify an in-application stream and a destination where you want the in-application stream data to be written. The destination can be a Kinesis data stream or a Kinesis Data Firehose delivery stream.", - "title": "Output" + "InstanceMetadataOptions": { + "$ref": "#/definitions/AWS::ImageBuilder::InfrastructureConfiguration.InstanceMetadataOptions", + "markdownDescription": "The instance metadata options that you can set for the HTTP requests that pipeline builds use to launch EC2 build and test instances.", + "title": "InstanceMetadataOptions" + }, + "InstanceProfileName": { + "markdownDescription": "The instance profile to associate with the instance used to customize your Amazon EC2 AMI.", + "title": "InstanceProfileName", + "type": "string" + }, + "InstanceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The instance types of the infrastructure configuration. You can specify one or more instance types to use for this build. The service will pick one of these instance types based on availability.", + "title": "InstanceTypes", + "type": "array" + }, + "KeyPair": { + "markdownDescription": "The key pair of the infrastructure configuration. You can use this to log on to and debug the instance used to create your image.", + "title": "KeyPair", + "type": "string" + }, + "Logging": { + "$ref": "#/definitions/AWS::ImageBuilder::InfrastructureConfiguration.Logging", + "markdownDescription": "The logging configuration of the infrastructure configuration.", + "title": "Logging" + }, + "Name": { + "markdownDescription": "The name of the infrastructure configuration.", + "title": "Name", + "type": "string" + }, + "Placement": { + "$ref": "#/definitions/AWS::ImageBuilder::InfrastructureConfiguration.Placement", + "markdownDescription": "The instance placement settings that define where the instances that are launched from your image will run.", + "title": "Placement" + }, + "ResourceTags": { + "additionalProperties": true, + "markdownDescription": "The metadata tags to assign to the Amazon EC2 instance that Image Builder launches during the build process. Tags are formatted as key value pairs.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "ResourceTags", + "type": "object" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The security group IDs to associate with the instance used to customize your Amazon EC2 AMI.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SnsTopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the SNS topic to which we send image build event notifications.\n\n> EC2 Image Builder is unable to send notifications to SNS topics that are encrypted using keys from other accounts. The key that is used to encrypt the SNS topic must reside in the account that the Image Builder service runs under.", + "title": "SnsTopicArn", + "type": "string" + }, + "SubnetId": { + "markdownDescription": "The subnet ID in which to place the instance used to customize your Amazon EC2 AMI.", + "title": "SubnetId", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The metadata tags to assign to the infrastructure configuration resource that Image Builder creates as output. Tags are formatted as key value pairs.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "TerminateInstanceOnFailure": { + "markdownDescription": "The terminate instance on failure setting of the infrastructure configuration. Set to false if you want Image Builder to retain the instance used to configure your AMI if the build or test phase of your workflow fails.", + "title": "TerminateInstanceOnFailure", + "type": "boolean" } }, "required": [ - "ApplicationName", - "Output" + "InstanceProfileName", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::KinesisAnalyticsV2::ApplicationOutput" + "AWS::ImageBuilder::InfrastructureConfiguration" ], "type": "string" }, @@ -138650,94 +143177,76 @@ ], "type": "object" }, - "AWS::KinesisAnalyticsV2::ApplicationOutput.DestinationSchema": { + "AWS::ImageBuilder::InfrastructureConfiguration.InstanceMetadataOptions": { "additionalProperties": false, "properties": { - "RecordFormatType": { - "markdownDescription": "Specifies the format of the records on the output stream.", - "title": "RecordFormatType", + "HttpPutResponseHopLimit": { + "markdownDescription": "Limit the number of hops that an instance metadata request can traverse to reach its destination. The default is one hop. However, if HTTP tokens are required, container image builds need a minimum of two hops.", + "title": "HttpPutResponseHopLimit", + "type": "number" + }, + "HttpTokens": { + "markdownDescription": "Indicates whether a signed token header is required for instance metadata retrieval requests. The values affect the response as follows:\n\n- *required* \u2013 When you retrieve the IAM role credentials, version 2.0 credentials are returned in all cases.\n- *optional* \u2013 You can include a signed token header in your request to retrieve instance metadata, or you can leave it out. If you include it, version 2.0 credentials are returned for the IAM role. Otherwise, version 1.0 credentials are returned.\n\nThe default setting is *optional* .", + "title": "HttpTokens", "type": "string" } }, "type": "object" }, - "AWS::KinesisAnalyticsV2::ApplicationOutput.KinesisFirehoseOutput": { + "AWS::ImageBuilder::InfrastructureConfiguration.Logging": { "additionalProperties": false, "properties": { - "ResourceARN": { - "markdownDescription": "The ARN of the destination delivery stream to write to.", - "title": "ResourceARN", - "type": "string" + "S3Logs": { + "$ref": "#/definitions/AWS::ImageBuilder::InfrastructureConfiguration.S3Logs", + "markdownDescription": "The Amazon S3 logging configuration.", + "title": "S3Logs" } }, - "required": [ - "ResourceARN" - ], "type": "object" }, - "AWS::KinesisAnalyticsV2::ApplicationOutput.KinesisStreamsOutput": { + "AWS::ImageBuilder::InfrastructureConfiguration.Placement": { "additionalProperties": false, "properties": { - "ResourceARN": { - "markdownDescription": "The ARN of the destination Kinesis data stream to write to.", - "title": "ResourceARN", + "AvailabilityZone": { + "markdownDescription": "The Availability Zone where your build and test instances will launch.", + "title": "AvailabilityZone", "type": "string" - } - }, - "required": [ - "ResourceARN" - ], - "type": "object" - }, - "AWS::KinesisAnalyticsV2::ApplicationOutput.LambdaOutput": { - "additionalProperties": false, - "properties": { - "ResourceARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the destination Lambda function to write to.\n\n> To specify an earlier version of the Lambda function than the latest, include the Lambda function version in the Lambda function ARN. For more information about Lambda ARNs, see [Example ARNs: Amazon Lambda](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-lambda)", - "title": "ResourceARN", + }, + "HostId": { + "markdownDescription": "The ID of the Dedicated Host on which build and test instances run. This only applies if `tenancy` is `host` . If you specify the host ID, you must not specify the resource group ARN. If you specify both, Image Builder returns an error.", + "title": "HostId", + "type": "string" + }, + "HostResourceGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the host resource group in which to launch build and test instances. This only applies if `tenancy` is `host` . If you specify the resource group ARN, you must not specify the host ID. If you specify both, Image Builder returns an error.", + "title": "HostResourceGroupArn", + "type": "string" + }, + "Tenancy": { + "markdownDescription": "The tenancy of the instance. An instance with a tenancy of `dedicated` runs on single-tenant hardware. An instance with a tenancy of `host` runs on a Dedicated Host.\n\nIf tenancy is set to `host` , then you can optionally specify one target for placement \u2013 either host ID or host resource group ARN. If automatic placement is enabled for your host, and you don't specify any placement target, Amazon EC2 will try to find an available host for your build and test instances.", + "title": "Tenancy", "type": "string" } }, - "required": [ - "ResourceARN" - ], "type": "object" }, - "AWS::KinesisAnalyticsV2::ApplicationOutput.Output": { + "AWS::ImageBuilder::InfrastructureConfiguration.S3Logs": { "additionalProperties": false, "properties": { - "DestinationSchema": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationOutput.DestinationSchema", - "markdownDescription": "Describes the data format when records are written to the destination.", - "title": "DestinationSchema" - }, - "KinesisFirehoseOutput": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationOutput.KinesisFirehoseOutput", - "markdownDescription": "Identifies a Kinesis Data Firehose delivery stream as the destination.", - "title": "KinesisFirehoseOutput" - }, - "KinesisStreamsOutput": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationOutput.KinesisStreamsOutput", - "markdownDescription": "Identifies a Kinesis data stream as the destination.", - "title": "KinesisStreamsOutput" - }, - "LambdaOutput": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationOutput.LambdaOutput", - "markdownDescription": "Identifies an Amazon Lambda function as the destination.", - "title": "LambdaOutput" + "S3BucketName": { + "markdownDescription": "The S3 bucket in which to store the logs.", + "title": "S3BucketName", + "type": "string" }, - "Name": { - "markdownDescription": "The name of the in-application stream.", - "title": "Name", + "S3KeyPrefix": { + "markdownDescription": "The Amazon S3 path to the bucket where the logs are stored.", + "title": "S3KeyPrefix", "type": "string" } }, - "required": [ - "DestinationSchema" - ], "type": "object" }, - "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource": { + "AWS::ImageBuilder::LifecyclePolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -138772,26 +143281,68 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationName": { - "markdownDescription": "The name of the application.", - "title": "ApplicationName", + "Description": { + "markdownDescription": "Optional description for the lifecycle policy.", + "title": "Description", "type": "string" }, - "ReferenceDataSource": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.ReferenceDataSource", - "markdownDescription": "For a SQL-based Kinesis Data Analytics application, describes the reference data source by providing the source information (Amazon S3 bucket name and object key name), the resulting in-application table name that is created, and the necessary schema to map the data elements in the Amazon S3 object to the in-application table.", - "title": "ReferenceDataSource" + "ExecutionRole": { + "markdownDescription": "The name or Amazon Resource Name (ARN) for the IAM role you create that grants Image Builder access to run lifecycle actions.", + "title": "ExecutionRole", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the lifecycle policy to create.", + "title": "Name", + "type": "string" + }, + "PolicyDetails": { + "items": { + "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.PolicyDetail" + }, + "markdownDescription": "Configuration details for the lifecycle policy rules.", + "title": "PolicyDetails", + "type": "array" + }, + "ResourceSelection": { + "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.ResourceSelection", + "markdownDescription": "Selection criteria for the resources that the lifecycle policy applies to.", + "title": "ResourceSelection" + }, + "ResourceType": { + "markdownDescription": "The type of Image Builder resource that the lifecycle policy applies to.", + "title": "ResourceType", + "type": "string" + }, + "Status": { + "markdownDescription": "Indicates whether the lifecycle policy resource is enabled.", + "title": "Status", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Tags to apply to the lifecycle policy resource.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" } }, "required": [ - "ApplicationName", - "ReferenceDataSource" + "ExecutionRole", + "Name", + "PolicyDetails", + "ResourceSelection", + "ResourceType" ], "type": "object" }, "Type": { "enum": [ - "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource" + "AWS::ImageBuilder::LifecyclePolicy" ], "type": "string" }, @@ -138810,173 +143361,232 @@ ], "type": "object" }, - "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.CSVMappingParameters": { + "AWS::ImageBuilder::LifecyclePolicy.Action": { "additionalProperties": false, "properties": { - "RecordColumnDelimiter": { - "markdownDescription": "The column delimiter. For example, in a CSV format, a comma (\",\") is the typical column delimiter.", - "title": "RecordColumnDelimiter", - "type": "string" + "IncludeResources": { + "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.IncludeResources", + "markdownDescription": "Specifies the resources that the lifecycle policy applies to.", + "title": "IncludeResources" }, - "RecordRowDelimiter": { - "markdownDescription": "The row delimiter. For example, in a CSV format, *'\\n'* is the typical row delimiter.", - "title": "RecordRowDelimiter", + "Type": { + "markdownDescription": "Specifies the lifecycle action to take.", + "title": "Type", "type": "string" } }, "required": [ - "RecordColumnDelimiter", - "RecordRowDelimiter" + "Type" ], "type": "object" }, - "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.JSONMappingParameters": { + "AWS::ImageBuilder::LifecyclePolicy.AmiExclusionRules": { "additionalProperties": false, "properties": { - "RecordRowPath": { - "markdownDescription": "The path to the top-level parent that contains the records.", - "title": "RecordRowPath", - "type": "string" + "IsPublic": { + "markdownDescription": "Configures whether public AMIs are excluded from the lifecycle action.", + "title": "IsPublic", + "type": "boolean" + }, + "LastLaunched": { + "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.LastLaunched", + "markdownDescription": "Specifies configuration details for Image Builder to exclude the most recent resources from lifecycle actions.", + "title": "LastLaunched" + }, + "Regions": { + "items": { + "type": "string" + }, + "markdownDescription": "Configures AWS Region s that are excluded from the lifecycle action.", + "title": "Regions", + "type": "array" + }, + "SharedAccounts": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies AWS account s whose resources are excluded from the lifecycle action.", + "title": "SharedAccounts", + "type": "array" + }, + "TagMap": { + "additionalProperties": true, + "markdownDescription": "Lists tags that should be excluded from lifecycle actions for the AMIs that have them.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "TagMap", + "type": "object" } }, - "required": [ - "RecordRowPath" - ], "type": "object" }, - "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.MappingParameters": { + "AWS::ImageBuilder::LifecyclePolicy.ExclusionRules": { "additionalProperties": false, "properties": { - "CSVMappingParameters": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.CSVMappingParameters", - "markdownDescription": "Provides additional mapping information when the record format uses delimiters (for example, CSV).", - "title": "CSVMappingParameters" + "Amis": { + "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.AmiExclusionRules", + "markdownDescription": "Lists configuration values that apply to AMIs that Image Builder should exclude from the lifecycle action.", + "title": "Amis" }, - "JSONMappingParameters": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.JSONMappingParameters", - "markdownDescription": "Provides additional mapping information when JSON is the record format on the streaming source.", - "title": "JSONMappingParameters" + "TagMap": { + "additionalProperties": true, + "markdownDescription": "Contains a list of tags that Image Builder uses to skip lifecycle actions for Image Builder image resources that have them.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "TagMap", + "type": "object" } }, "type": "object" }, - "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.RecordColumn": { + "AWS::ImageBuilder::LifecyclePolicy.Filter": { "additionalProperties": false, "properties": { - "Mapping": { - "markdownDescription": "A reference to the data element in the streaming input or the reference data source.", - "title": "Mapping", - "type": "string" + "RetainAtLeast": { + "markdownDescription": "For age-based filters, this is the number of resources to keep on hand after the lifecycle `DELETE` action is applied. Impacted resources are only deleted if you have more than this number of resources. If you have fewer resources than this number, the impacted resource is not deleted.", + "title": "RetainAtLeast", + "type": "number" }, - "Name": { - "markdownDescription": "The name of the column that is created in the in-application input stream or reference table.", - "title": "Name", + "Type": { + "markdownDescription": "Filter resources based on either `age` or `count` .", + "title": "Type", "type": "string" }, - "SqlType": { - "markdownDescription": "The type of column created in the in-application input stream or reference table.", - "title": "SqlType", + "Unit": { + "markdownDescription": "Defines the unit of time that the lifecycle policy uses to determine impacted resources. This is required for age-based rules.", + "title": "Unit", "type": "string" + }, + "Value": { + "markdownDescription": "The number of units for the time period or for the count. For example, a value of `6` might refer to six months or six AMIs.\n\n> For count-based filters, this value represents the minimum number of resources to keep on hand. If you have fewer resources than this number, the resource is excluded from lifecycle actions.", + "title": "Value", + "type": "number" } }, "required": [ - "Name", - "SqlType" + "Type", + "Value" ], "type": "object" }, - "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.RecordFormat": { + "AWS::ImageBuilder::LifecyclePolicy.IncludeResources": { "additionalProperties": false, "properties": { - "MappingParameters": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.MappingParameters", - "markdownDescription": "When you configure application input at the time of creating or updating an application, provides additional mapping information specific to the record format (such as JSON, CSV, or record fields delimited by some delimiter) on the streaming source.", - "title": "MappingParameters" + "Amis": { + "markdownDescription": "Specifies whether the lifecycle action should apply to distributed AMIs.", + "title": "Amis", + "type": "boolean" }, - "RecordFormatType": { - "markdownDescription": "The type of record format.", - "title": "RecordFormatType", - "type": "string" + "Containers": { + "markdownDescription": "Specifies whether the lifecycle action should apply to distributed containers.", + "title": "Containers", + "type": "boolean" + }, + "Snapshots": { + "markdownDescription": "Specifies whether the lifecycle action should apply to snapshots associated with distributed AMIs.", + "title": "Snapshots", + "type": "boolean" } }, - "required": [ - "RecordFormatType" - ], "type": "object" }, - "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.ReferenceDataSource": { + "AWS::ImageBuilder::LifecyclePolicy.LastLaunched": { "additionalProperties": false, "properties": { - "ReferenceSchema": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.ReferenceSchema", - "markdownDescription": "Describes the format of the data in the streaming source, and how each data element maps to corresponding columns created in the in-application stream.", - "title": "ReferenceSchema" - }, - "S3ReferenceDataSource": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.S3ReferenceDataSource", - "markdownDescription": "Identifies the S3 bucket and object that contains the reference data. A Kinesis Data Analytics application loads reference data only once. If the data changes, you call the [UpdateApplication](https://docs.aws.amazon.com/managed-flink/latest/apiv2/API_UpdateApplication.html) operation to trigger reloading of data into your application.", - "title": "S3ReferenceDataSource" - }, - "TableName": { - "markdownDescription": "The name of the in-application table to create.", - "title": "TableName", + "Unit": { + "markdownDescription": "Defines the unit of time that the lifecycle policy uses to calculate elapsed time since the last instance launched from the AMI. For example: days, weeks, months, or years.", + "title": "Unit", "type": "string" + }, + "Value": { + "markdownDescription": "The integer number of units for the time period. For example `6` (months).", + "title": "Value", + "type": "number" } }, "required": [ - "ReferenceSchema" + "Unit", + "Value" ], "type": "object" }, - "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.ReferenceSchema": { + "AWS::ImageBuilder::LifecyclePolicy.PolicyDetail": { "additionalProperties": false, "properties": { - "RecordColumns": { - "items": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.RecordColumn" - }, - "markdownDescription": "A list of `RecordColumn` objects.", - "title": "RecordColumns", - "type": "array" + "Action": { + "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.Action", + "markdownDescription": "Configuration details for the policy action.", + "title": "Action" }, - "RecordEncoding": { - "markdownDescription": "Specifies the encoding of the records in the streaming source. For example, UTF-8.", - "title": "RecordEncoding", - "type": "string" + "ExclusionRules": { + "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.ExclusionRules", + "markdownDescription": "Additional rules to specify resources that should be exempt from policy actions.", + "title": "ExclusionRules" }, - "RecordFormat": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.RecordFormat", - "markdownDescription": "Specifies the format of the records on the streaming source.", - "title": "RecordFormat" + "Filter": { + "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.Filter", + "markdownDescription": "Specifies the resources that the lifecycle policy applies to.", + "title": "Filter" } }, "required": [ - "RecordColumns", - "RecordFormat" + "Action", + "Filter" ], "type": "object" }, - "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.S3ReferenceDataSource": { + "AWS::ImageBuilder::LifecyclePolicy.RecipeSelection": { "additionalProperties": false, "properties": { - "BucketARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the S3 bucket.", - "title": "BucketARN", + "Name": { + "markdownDescription": "The name of an Image Builder recipe that the lifecycle policy uses for resource selection.", + "title": "Name", "type": "string" }, - "FileKey": { - "markdownDescription": "The object key name containing the reference data.", - "title": "FileKey", + "SemanticVersion": { + "markdownDescription": "The version of the Image Builder recipe specified by the `name` field.", + "title": "SemanticVersion", "type": "string" } }, "required": [ - "BucketARN", - "FileKey" + "Name", + "SemanticVersion" ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream": { + "AWS::ImageBuilder::LifecyclePolicy.ResourceSelection": { + "additionalProperties": false, + "properties": { + "Recipes": { + "items": { + "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.RecipeSelection" + }, + "markdownDescription": "A list of recipes that are used as selection criteria for the output images that the lifecycle policy applies to.", + "title": "Recipes", + "type": "array" + }, + "TagMap": { + "additionalProperties": true, + "markdownDescription": "A list of tags that are used as selection criteria for the Image Builder image resources that the lifecycle policy applies to.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "TagMap", + "type": "object" + } + }, + "type": "object" + }, + "AWS::ImageBuilder::Workflow": { "additionalProperties": false, "properties": { "Condition": { @@ -139011,90 +143621,68 @@ "Properties": { "additionalProperties": false, "properties": { - "AmazonOpenSearchServerlessDestinationConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessDestinationConfiguration", - "markdownDescription": "Describes the configuration of a destination in the Serverless offering for Amazon OpenSearch Service.", - "title": "AmazonOpenSearchServerlessDestinationConfiguration" - }, - "AmazonopensearchserviceDestinationConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceDestinationConfiguration", - "markdownDescription": "The destination in Amazon OpenSearch Service. You can specify only one destination.", - "title": "AmazonopensearchserviceDestinationConfiguration" - }, - "DeliveryStreamEncryptionConfigurationInput": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DeliveryStreamEncryptionConfigurationInput", - "markdownDescription": "Specifies the type and Amazon Resource Name (ARN) of the CMK to use for Server-Side Encryption (SSE).", - "title": "DeliveryStreamEncryptionConfigurationInput" - }, - "DeliveryStreamName": { - "markdownDescription": "The name of the Firehose stream.", - "title": "DeliveryStreamName", + "ChangeDescription": { + "markdownDescription": "Describes what change has been made in this version of the workflow, or what makes this version different from other versions of the workflow.", + "title": "ChangeDescription", "type": "string" }, - "DeliveryStreamType": { - "markdownDescription": "The Firehose stream type. This can be one of the following values:\n\n- `DirectPut` : Provider applications access the Firehose stream directly.\n- `KinesisStreamAsSource` : The Firehose stream uses a Kinesis data stream as a source.", - "title": "DeliveryStreamType", + "Data": { + "markdownDescription": "Contains the UTF-8 encoded YAML document content for the workflow. Alternatively, you can specify the `uri` of a YAML document file stored in Amazon S3. However, you cannot specify both properties.", + "title": "Data", "type": "string" }, - "ElasticsearchDestinationConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ElasticsearchDestinationConfiguration", - "markdownDescription": "An Amazon ES destination for the delivery stream.\n\nConditional. You must specify only one destination configuration.\n\nIf you change the delivery stream destination from an Amazon ES destination to an Amazon S3 or Amazon Redshift destination, update requires [some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt) .", - "title": "ElasticsearchDestinationConfiguration" - }, - "ExtendedS3DestinationConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ExtendedS3DestinationConfiguration", - "markdownDescription": "An Amazon S3 destination for the delivery stream.\n\nConditional. You must specify only one destination configuration.\n\nIf you change the delivery stream destination from an Amazon Extended S3 destination to an Amazon ES destination, update requires [some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt) .", - "title": "ExtendedS3DestinationConfiguration" - }, - "HttpEndpointDestinationConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.HttpEndpointDestinationConfiguration", - "markdownDescription": "Enables configuring Kinesis Firehose to deliver data to any HTTP endpoint destination. You can specify only one destination.", - "title": "HttpEndpointDestinationConfiguration" - }, - "KinesisStreamSourceConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.KinesisStreamSourceConfiguration", - "markdownDescription": "When a Kinesis stream is used as the source for the delivery stream, a [KinesisStreamSourceConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisfirehose-deliverystream-kinesisstreamsourceconfiguration.html) containing the Kinesis stream ARN and the role ARN for the source stream.", - "title": "KinesisStreamSourceConfiguration" - }, - "MSKSourceConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.MSKSourceConfiguration", - "markdownDescription": "The configuration for the Amazon MSK cluster to be used as the source for a delivery stream.", - "title": "MSKSourceConfiguration" - }, - "RedshiftDestinationConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.RedshiftDestinationConfiguration", - "markdownDescription": "An Amazon Redshift destination for the delivery stream.\n\nConditional. You must specify only one destination configuration.\n\nIf you change the delivery stream destination from an Amazon Redshift destination to an Amazon ES destination, update requires [some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt) .", - "title": "RedshiftDestinationConfiguration" - }, - "S3DestinationConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", - "markdownDescription": "The `S3DestinationConfiguration` property type specifies an Amazon Simple Storage Service (Amazon S3) destination to which Amazon Kinesis Data Firehose (Kinesis Data Firehose) delivers data.\n\nConditional. You must specify only one destination configuration.\n\nIf you change the delivery stream destination from an Amazon S3 destination to an Amazon ES destination, update requires [some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt) .", - "title": "S3DestinationConfiguration" + "Description": { + "markdownDescription": "Describes the workflow.", + "title": "Description", + "type": "string" }, - "SnowflakeDestinationConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SnowflakeDestinationConfiguration", - "markdownDescription": "Configure Snowflake destination", - "title": "SnowflakeDestinationConfiguration" + "KmsKeyId": { + "markdownDescription": "The ID of the KMS key that is used to encrypt this workflow resource.", + "title": "KmsKeyId", + "type": "string" }, - "SplunkDestinationConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SplunkDestinationConfiguration", - "markdownDescription": "The configuration of a destination in Splunk for the delivery stream.", - "title": "SplunkDestinationConfiguration" + "Name": { + "markdownDescription": "The name of the workflow to create.", + "title": "Name", + "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "Tags that apply to the workflow resource.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "A set of tags to assign to the Firehose stream. A tag is a key-value pair that you can define and assign to AWS resources. Tags are metadata. For example, you can add friendly names and descriptions or other types of information that can help you distinguish the Firehose stream. For more information about tags, see [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html) in the AWS Billing and Cost Management User Guide.\n\nYou can specify up to 50 tags when creating a Firehose stream.\n\nIf you specify tags in the `CreateDeliveryStream` action, Amazon Data Firehose performs an additional authorization on the `firehose:TagDeliveryStream` action to verify if users have permissions to create tags. If you do not provide this permission, requests to create new Firehose streams with IAM resource tags will fail with an `AccessDeniedException` such as following.\n\n*AccessDeniedException*\n\nUser: arn:aws:sts::x:assumed-role/x/x is not authorized to perform: firehose:TagDeliveryStream on resource: arn:aws:firehose:us-east-1:x:deliverystream/x with an explicit deny in an identity-based policy.\n\nFor an example IAM policy, see [Tag example.](https://docs.aws.amazon.com/firehose/latest/APIReference/API_CreateDeliveryStream.html#API_CreateDeliveryStream_Examples)", "title": "Tags", - "type": "array" + "type": "object" + }, + "Type": { + "markdownDescription": "The phase in the image build process for which the workflow resource is responsible.", + "title": "Type", + "type": "string" + }, + "Uri": { + "markdownDescription": "The `uri` of a YAML component document file. This must be an S3 URL ( `s3://bucket/key` ), and the requester must have permission to access the S3 bucket it points to. If you use Amazon S3, you can specify component content up to your service quota.\n\nAlternatively, you can specify the YAML document inline, using the component `data` property. You cannot specify both properties.", + "title": "Uri", + "type": "string" + }, + "Version": { + "markdownDescription": "The semantic version of this workflow resource. The semantic version syntax adheres to the following rules.\n\n> The semantic version has four nodes: ../. You can assign values for the first three, and can filter on all of them.\n> \n> *Assignment:* For the first three nodes you can assign any positive integer value, including zero, with an upper limit of 2^30-1, or 1073741823 for each node. Image Builder automatically assigns the build number to the fourth node.\n> \n> *Patterns:* You can use any numeric pattern that adheres to the assignment requirements for the nodes that you can assign. For example, you might choose a software version pattern, such as 1.0.0, or a date, such as 2021.01.01.", + "title": "Version", + "type": "string" } }, + "required": [ + "Name", + "Type", + "Version" + ], "type": "object" }, "Type": { "enum": [ - "AWS::KinesisFirehose::DeliveryStream" + "AWS::ImageBuilder::Workflow" ], "type": "string" }, @@ -139108,1446 +143696,1661 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessBufferingHints": { + "AWS::Inspector::AssessmentTarget": { "additionalProperties": false, "properties": { - "IntervalInSeconds": { - "markdownDescription": "Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 300 (5 minutes).", - "title": "IntervalInSeconds", - "type": "number" + "Condition": { + "type": "string" }, - "SizeInMBs": { - "markdownDescription": "Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 5.\n\nWe recommend setting this parameter to a value greater than the amount of data you typically ingest into the Firehose stream in 10 seconds. For example, if you typically ingest data at 1 MB/sec, the value should be 10 MB or higher.", - "title": "SizeInMBs", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AssessmentTargetName": { + "markdownDescription": "The name of the Amazon Inspector assessment target. The name must be unique within the AWS account .", + "title": "AssessmentTargetName", + "type": "string" + }, + "ResourceGroupArn": { + "markdownDescription": "The ARN that specifies the resource group that is used to create the assessment target. If `resourceGroupArn` is not specified, all EC2 instances in the current AWS account and Region are included in the assessment target.", + "title": "ResourceGroupArn", + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Inspector::AssessmentTarget" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessDestinationConfiguration": { + "AWS::Inspector::AssessmentTemplate": { "additionalProperties": false, "properties": { - "BufferingHints": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessBufferingHints", - "markdownDescription": "The buffering options. If no value is specified, the default values for AmazonopensearchserviceBufferingHints are used.", - "title": "BufferingHints" - }, - "CloudWatchLoggingOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", - "markdownDescription": "", - "title": "CloudWatchLoggingOptions" - }, - "CollectionEndpoint": { - "markdownDescription": "The endpoint to use when communicating with the collection in the Serverless offering for Amazon OpenSearch Service.", - "title": "CollectionEndpoint", + "Condition": { "type": "string" }, - "IndexName": { - "markdownDescription": "The Serverless offering for Amazon OpenSearch Service index name.", - "title": "IndexName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ProcessingConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", - "markdownDescription": "", - "title": "ProcessingConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "RetryOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessRetryOptions", - "markdownDescription": "The retry behavior in case Firehose is unable to deliver documents to the Serverless offering for Amazon OpenSearch Service. The default value is 300 (5 minutes).", - "title": "RetryOptions" + "Metadata": { + "type": "object" }, - "RoleARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to be assumed by Firehose for calling the Serverless offering for Amazon OpenSearch Service Configuration API and for indexing documents.", - "title": "RoleARN", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "AssessmentTargetArn": { + "markdownDescription": "The ARN of the assessment target to be included in the assessment template.", + "title": "AssessmentTargetArn", + "type": "string" + }, + "AssessmentTemplateName": { + "markdownDescription": "The user-defined name that identifies the assessment template that you want to create. You can create several assessment templates for the same assessment target. The names of the assessment templates that correspond to a particular assessment target must be unique.", + "title": "AssessmentTemplateName", + "type": "string" + }, + "DurationInSeconds": { + "markdownDescription": "The duration of the assessment run in seconds.", + "title": "DurationInSeconds", + "type": "number" + }, + "RulesPackageArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The ARNs of the rules packages that you want to use in the assessment template.", + "title": "RulesPackageArns", + "type": "array" + }, + "UserAttributesForFindings": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The user-defined attributes that are assigned to every finding that is generated by the assessment run that uses this assessment template. Within an assessment template, each key must be unique.", + "title": "UserAttributesForFindings", + "type": "array" + } + }, + "required": [ + "AssessmentTargetArn", + "DurationInSeconds", + "RulesPackageArns" + ], + "type": "object" }, - "S3BackupMode": { - "markdownDescription": "Defines how documents should be delivered to Amazon S3. When it is set to FailedDocumentsOnly, Firehose writes any documents that could not be indexed to the configured Amazon S3 destination, with AmazonOpenSearchService-failed/ appended to the key prefix. When set to AllDocuments, Firehose delivers all incoming records to Amazon S3, and also writes failed documents with AmazonOpenSearchService-failed/ appended to the prefix.", - "title": "S3BackupMode", + "Type": { + "enum": [ + "AWS::Inspector::AssessmentTemplate" + ], "type": "string" }, - "S3Configuration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", - "markdownDescription": "", - "title": "S3Configuration" - }, - "VpcConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.VpcConfiguration", - "markdownDescription": "", - "title": "VpcConfiguration" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "IndexName", - "RoleARN", - "S3Configuration" + "Type", + "Properties" ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessRetryOptions": { + "AWS::Inspector::ResourceGroup": { "additionalProperties": false, "properties": { - "DurationInSeconds": { - "markdownDescription": "After an initial failure to deliver to the Serverless offering for Amazon OpenSearch Service, the total amount of time during which Firehose retries delivery (including the first attempt). After this time has elapsed, the failed documents are written to Amazon S3. Default value is 300 seconds (5 minutes). A value of 0 (zero) results in no retries.", - "title": "DurationInSeconds", - "type": "number" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ResourceGroupTags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags (key and value pairs) that will be associated with the resource group.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "ResourceGroupTags", + "type": "array" + } + }, + "required": [ + "ResourceGroupTags" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Inspector::ResourceGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceBufferingHints": { + "AWS::InspectorV2::CisScanConfiguration": { "additionalProperties": false, "properties": { - "IntervalInSeconds": { - "markdownDescription": "Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 300 (5 minutes).", - "title": "IntervalInSeconds", - "type": "number" - }, - "SizeInMBs": { - "markdownDescription": "Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 5. We recommend setting this parameter to a value greater than the amount of data you typically ingest into the delivery stream in 10 seconds. For example, if you typically ingest data at 1 MB/sec, the value should be 10 MB or higher.", - "title": "SizeInMBs", - "type": "number" - } - }, - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceDestinationConfiguration": { - "additionalProperties": false, - "properties": { - "BufferingHints": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceBufferingHints", - "markdownDescription": "The buffering options. If no value is specified, the default values for AmazonopensearchserviceBufferingHints are used.", - "title": "BufferingHints" - }, - "CloudWatchLoggingOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", - "markdownDescription": "Describes the Amazon CloudWatch logging options for your delivery stream.", - "title": "CloudWatchLoggingOptions" - }, - "ClusterEndpoint": { - "markdownDescription": "The endpoint to use when communicating with the cluster. Specify either this ClusterEndpoint or the DomainARN field.", - "title": "ClusterEndpoint", - "type": "string" - }, - "DocumentIdOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DocumentIdOptions", - "markdownDescription": "Indicates the method for setting up document ID. The supported methods are Firehose generated document ID and OpenSearch Service generated document ID.", - "title": "DocumentIdOptions" - }, - "DomainARN": { - "markdownDescription": "The ARN of the Amazon OpenSearch Service domain.", - "title": "DomainARN", - "type": "string" - }, - "IndexName": { - "markdownDescription": "The Amazon OpenSearch Service index name.", - "title": "IndexName", + "Condition": { "type": "string" }, - "IndexRotationPeriod": { - "markdownDescription": "The Amazon OpenSearch Service index rotation period. Index rotation appends a timestamp to the IndexName to facilitate the expiration of old data.", - "title": "IndexRotationPeriod", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ProcessingConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", - "markdownDescription": "Describes a data processing configuration.", - "title": "ProcessingConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "RetryOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceRetryOptions", - "markdownDescription": "The retry behavior in case Kinesis Data Firehose is unable to deliver documents to Amazon OpenSearch Service. The default value is 300 (5 minutes).", - "title": "RetryOptions" + "Metadata": { + "type": "object" }, - "RoleARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to be assumed by Kinesis Data Firehose for calling the Amazon OpenSearch Service Configuration API and for indexing documents.", - "title": "RoleARN", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "ScanName": { + "markdownDescription": "The name of the CIS scan configuration.", + "title": "ScanName", + "type": "string" + }, + "Schedule": { + "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.Schedule", + "markdownDescription": "The CIS scan configuration's schedule.", + "title": "Schedule" + }, + "SecurityLevel": { + "markdownDescription": "The CIS scan configuration's CIS Benchmark level.", + "title": "SecurityLevel", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The CIS scan configuration's tags.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "Targets": { + "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.CisTargets", + "markdownDescription": "The CIS scan configuration's targets.", + "title": "Targets" + } + }, + "required": [ + "ScanName", + "Schedule", + "SecurityLevel", + "Targets" + ], + "type": "object" }, - "S3BackupMode": { - "markdownDescription": "Defines how documents should be delivered to Amazon S3.", - "title": "S3BackupMode", + "Type": { + "enum": [ + "AWS::InspectorV2::CisScanConfiguration" + ], "type": "string" }, - "S3Configuration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", - "markdownDescription": "Describes the configuration of a destination in Amazon S3.", - "title": "S3Configuration" - }, - "TypeName": { - "markdownDescription": "The Amazon OpenSearch Service type name.", - "title": "TypeName", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "VpcConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.VpcConfiguration", - "markdownDescription": "The details of the VPC of the Amazon OpenSearch Service destination.", - "title": "VpcConfiguration" } }, "required": [ - "IndexName", - "RoleARN", - "S3Configuration" + "Type", + "Properties" ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceRetryOptions": { - "additionalProperties": false, - "properties": { - "DurationInSeconds": { - "markdownDescription": "After an initial failure to deliver to Amazon OpenSearch Service, the total amount of time during which Kinesis Data Firehose retries delivery (including the first attempt). After this time has elapsed, the failed documents are written to Amazon S3. Default value is 300 seconds (5 minutes). A value of 0 (zero) results in no retries.", - "title": "DurationInSeconds", - "type": "number" - } - }, - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.AuthenticationConfiguration": { + "AWS::InspectorV2::CisScanConfiguration.CisTargets": { "additionalProperties": false, "properties": { - "Connectivity": { - "markdownDescription": "The type of connectivity used to access the Amazon MSK cluster.", - "title": "Connectivity", - "type": "string" + "AccountIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The CIS target account ids.", + "title": "AccountIds", + "type": "array" }, - "RoleARN": { - "markdownDescription": "The ARN of the role used to access the Amazon MSK cluster.", - "title": "RoleARN", - "type": "string" + "TargetResourceTags": { + "markdownDescription": "The CIS target resource tags.", + "title": "TargetResourceTags", + "type": "object" } }, "required": [ - "Connectivity", - "RoleARN" + "AccountIds", + "TargetResourceTags" ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.BufferingHints": { - "additionalProperties": false, - "properties": { - "IntervalInSeconds": { - "markdownDescription": "The length of time, in seconds, that Kinesis Data Firehose buffers incoming data before delivering it to the destination. For valid values, see the `IntervalInSeconds` content for the [BufferingHints](https://docs.aws.amazon.com/firehose/latest/APIReference/API_BufferingHints.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", - "title": "IntervalInSeconds", - "type": "number" - }, - "SizeInMBs": { - "markdownDescription": "The size of the buffer, in MBs, that Kinesis Data Firehose uses for incoming data before delivering it to the destination. For valid values, see the `SizeInMBs` content for the [BufferingHints](https://docs.aws.amazon.com/firehose/latest/APIReference/API_BufferingHints.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", - "title": "SizeInMBs", - "type": "number" - } - }, - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions": { + "AWS::InspectorV2::CisScanConfiguration.DailySchedule": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Indicates whether CloudWatch Logs logging is enabled.", - "title": "Enabled", - "type": "boolean" - }, - "LogGroupName": { - "markdownDescription": "The name of the CloudWatch Logs log group that contains the log stream that Kinesis Data Firehose will use.\n\nConditional. If you enable logging, you must specify this property.", - "title": "LogGroupName", - "type": "string" - }, - "LogStreamName": { - "markdownDescription": "The name of the CloudWatch Logs log stream that Kinesis Data Firehose uses to send logs about data delivery.\n\nConditional. If you enable logging, you must specify this property.", - "title": "LogStreamName", - "type": "string" + "StartTime": { + "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.Time", + "markdownDescription": "The schedule start time.", + "title": "StartTime" } }, + "required": [ + "StartTime" + ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.CopyCommand": { + "AWS::InspectorV2::CisScanConfiguration.MonthlySchedule": { "additionalProperties": false, "properties": { - "CopyOptions": { - "markdownDescription": "Parameters to use with the Amazon Redshift `COPY` command. For examples, see the `CopyOptions` content for the [CopyCommand](https://docs.aws.amazon.com/firehose/latest/APIReference/API_CopyCommand.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", - "title": "CopyOptions", - "type": "string" - }, - "DataTableColumns": { - "markdownDescription": "A comma-separated list of column names.", - "title": "DataTableColumns", + "Day": { + "markdownDescription": "The monthly schedule's day.", + "title": "Day", "type": "string" }, - "DataTableName": { - "markdownDescription": "The name of the target table. The table must already exist in the database.", - "title": "DataTableName", - "type": "string" + "StartTime": { + "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.Time", + "markdownDescription": "The monthly schedule's start time.", + "title": "StartTime" } }, "required": [ - "DataTableName" + "Day", + "StartTime" ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.DataFormatConversionConfiguration": { + "AWS::InspectorV2::CisScanConfiguration.Schedule": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Defaults to `true` . Set it to `false` if you want to disable format conversion while preserving the configuration details.", - "title": "Enabled", - "type": "boolean" + "Daily": { + "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.DailySchedule", + "markdownDescription": "A daily schedule.", + "title": "Daily" }, - "InputFormatConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.InputFormatConfiguration", - "markdownDescription": "Specifies the deserializer that you want Firehose to use to convert the format of your data from JSON. This parameter is required if `Enabled` is set to true.", - "title": "InputFormatConfiguration" + "Monthly": { + "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.MonthlySchedule", + "markdownDescription": "A monthly schedule.", + "title": "Monthly" }, - "OutputFormatConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.OutputFormatConfiguration", - "markdownDescription": "Specifies the serializer that you want Firehose to use to convert the format of your data to the Parquet or ORC format. This parameter is required if `Enabled` is set to true.", - "title": "OutputFormatConfiguration" + "OneTime": { + "markdownDescription": "A one time schedule.", + "title": "OneTime", + "type": "object" }, - "SchemaConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SchemaConfiguration", - "markdownDescription": "Specifies the AWS Glue Data Catalog table that contains the column information. This parameter is required if `Enabled` is set to true.", - "title": "SchemaConfiguration" + "Weekly": { + "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.WeeklySchedule", + "markdownDescription": "A weekly schedule.", + "title": "Weekly" } }, "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.DeliveryStreamEncryptionConfigurationInput": { + "AWS::InspectorV2::CisScanConfiguration.Time": { "additionalProperties": false, "properties": { - "KeyARN": { - "markdownDescription": "If you set `KeyType` to `CUSTOMER_MANAGED_CMK` , you must specify the Amazon Resource Name (ARN) of the CMK. If you set `KeyType` to `AWS _OWNED_CMK` , Firehose uses a service-account CMK.", - "title": "KeyARN", + "TimeOfDay": { + "markdownDescription": "The time of day in 24-hour format (00:00).", + "title": "TimeOfDay", "type": "string" }, - "KeyType": { - "markdownDescription": "Indicates the type of customer master key (CMK) to use for encryption. The default setting is `AWS_OWNED_CMK` . For more information about CMKs, see [Customer Master Keys (CMKs)](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#master_keys) .\n\nYou can use a CMK of type CUSTOMER_MANAGED_CMK to encrypt up to 500 delivery streams.\n\n> To encrypt your delivery stream, use symmetric CMKs. Kinesis Data Firehose doesn't support asymmetric CMKs. For information about symmetric and asymmetric CMKs, see [About Symmetric and Asymmetric CMKs](https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-concepts.html) in the AWS Key Management Service developer guide.", - "title": "KeyType", + "TimeZone": { + "markdownDescription": "The timezone.", + "title": "TimeZone", "type": "string" } }, "required": [ - "KeyType" + "TimeOfDay", + "TimeZone" ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.Deserializer": { + "AWS::InspectorV2::CisScanConfiguration.WeeklySchedule": { "additionalProperties": false, "properties": { - "HiveJsonSerDe": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.HiveJsonSerDe", - "markdownDescription": "The native Hive / HCatalog JsonSerDe. Used by Firehose for deserializing data, which means converting it from the JSON format in preparation for serializing it to the Parquet or ORC format. This is one of two deserializers you can choose, depending on which one offers the functionality you need. The other option is the OpenX SerDe.", - "title": "HiveJsonSerDe" + "Days": { + "items": { + "type": "string" + }, + "markdownDescription": "The weekly schedule's days.", + "title": "Days", + "type": "array" }, - "OpenXJsonSerDe": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.OpenXJsonSerDe", - "markdownDescription": "The OpenX SerDe. Used by Firehose for deserializing data, which means converting it from the JSON format in preparation for serializing it to the Parquet or ORC format. This is one of two deserializers you can choose, depending on which one offers the functionality you need. The other option is the native Hive / HCatalog JsonSerDe.", - "title": "OpenXJsonSerDe" - } - }, - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.DocumentIdOptions": { - "additionalProperties": false, - "properties": { - "DefaultDocumentIdFormat": { - "markdownDescription": "When the `FIREHOSE_DEFAULT` option is chosen, Firehose generates a unique document ID for each record based on a unique internal identifier. The generated document ID is stable across multiple delivery attempts, which helps prevent the same record from being indexed multiple times with different document IDs.\n\nWhen the `NO_DOCUMENT_ID` option is chosen, Firehose does not include any document IDs in the requests it sends to the Amazon OpenSearch Service. This causes the Amazon OpenSearch Service domain to generate document IDs. In case of multiple delivery attempts, this may cause the same record to be indexed more than once with different document IDs. This option enables write-heavy operations, such as the ingestion of logs and observability data, to consume less resources in the Amazon OpenSearch Service domain, resulting in improved performance.", - "title": "DefaultDocumentIdFormat", - "type": "string" + "StartTime": { + "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.Time", + "markdownDescription": "The weekly schedule's start time.", + "title": "StartTime" } }, "required": [ - "DefaultDocumentIdFormat" + "Days", + "StartTime" ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.DynamicPartitioningConfiguration": { + "AWS::InspectorV2::Filter": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Specifies whether dynamic partitioning is enabled for this Kinesis Data Firehose delivery stream.", - "title": "Enabled", - "type": "boolean" + "Condition": { + "type": "string" }, - "RetryOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.RetryOptions", - "markdownDescription": "Specifies the retry behavior in case Kinesis Data Firehose is unable to deliver data to an Amazon S3 prefix.", - "title": "RetryOptions" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the filter.", + "title": "Description", + "type": "string" + }, + "FilterAction": { + "markdownDescription": "The action that is to be applied to the findings that match the filter.", + "title": "FilterAction", + "type": "string" + }, + "FilterCriteria": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.FilterCriteria", + "markdownDescription": "Details on the filter criteria associated with this filter.", + "title": "FilterCriteria" + }, + "Name": { + "markdownDescription": "The name of the filter.", + "title": "Name", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The tags attached to the filter.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "FilterAction", + "FilterCriteria", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::InspectorV2::Filter" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.ElasticsearchBufferingHints": { + "AWS::InspectorV2::Filter.DateFilter": { "additionalProperties": false, "properties": { - "IntervalInSeconds": { - "markdownDescription": "The length of time, in seconds, that Kinesis Data Firehose buffers incoming data before delivering it to the destination. For valid values, see the `IntervalInSeconds` content for the [BufferingHints](https://docs.aws.amazon.com/firehose/latest/APIReference/API_BufferingHints.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", - "title": "IntervalInSeconds", + "EndInclusive": { + "markdownDescription": "A timestamp representing the end of the time period filtered on.", + "title": "EndInclusive", "type": "number" }, - "SizeInMBs": { - "markdownDescription": "The size of the buffer, in MBs, that Kinesis Data Firehose uses for incoming data before delivering it to the destination. For valid values, see the `SizeInMBs` content for the [BufferingHints](https://docs.aws.amazon.com/firehose/latest/APIReference/API_BufferingHints.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", - "title": "SizeInMBs", + "StartInclusive": { + "markdownDescription": "A timestamp representing the start of the time period filtered on.", + "title": "StartInclusive", "type": "number" } }, "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.ElasticsearchDestinationConfiguration": { + "AWS::InspectorV2::Filter.FilterCriteria": { "additionalProperties": false, "properties": { - "BufferingHints": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ElasticsearchBufferingHints", - "markdownDescription": "Configures how Kinesis Data Firehose buffers incoming data while delivering it to the Amazon ES domain.", - "title": "BufferingHints" + "AwsAccountId": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details of the AWS account IDs used to filter findings.", + "title": "AwsAccountId", + "type": "array" }, - "CloudWatchLoggingOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", - "markdownDescription": "The Amazon CloudWatch Logs logging options for the delivery stream.", - "title": "CloudWatchLoggingOptions" + "CodeVulnerabilityDetectorName": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "", + "title": "CodeVulnerabilityDetectorName", + "type": "array" }, - "ClusterEndpoint": { - "markdownDescription": "The endpoint to use when communicating with the cluster. Specify either this `ClusterEndpoint` or the `DomainARN` field.", - "title": "ClusterEndpoint", - "type": "string" + "CodeVulnerabilityDetectorTags": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "", + "title": "CodeVulnerabilityDetectorTags", + "type": "array" }, - "DocumentIdOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DocumentIdOptions", - "markdownDescription": "Indicates the method for setting up document ID. The supported methods are Firehose generated document ID and OpenSearch Service generated document ID.", - "title": "DocumentIdOptions" + "CodeVulnerabilityFilePath": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "", + "title": "CodeVulnerabilityFilePath", + "type": "array" }, - "DomainARN": { - "markdownDescription": "The ARN of the Amazon ES domain. The IAM role must have permissions for `DescribeElasticsearchDomain` , `DescribeElasticsearchDomains` , and `DescribeElasticsearchDomainConfig` after assuming the role specified in *RoleARN* .\n\nSpecify either `ClusterEndpoint` or `DomainARN` .", - "title": "DomainARN", - "type": "string" + "ComponentId": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details of the component IDs used to filter findings.", + "title": "ComponentId", + "type": "array" }, - "IndexName": { - "markdownDescription": "The name of the Elasticsearch index to which Kinesis Data Firehose adds data for indexing.", - "title": "IndexName", - "type": "string" + "ComponentType": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details of the component types used to filter findings.", + "title": "ComponentType", + "type": "array" }, - "IndexRotationPeriod": { - "markdownDescription": "The frequency of Elasticsearch index rotation. If you enable index rotation, Kinesis Data Firehose appends a portion of the UTC arrival timestamp to the specified index name, and rotates the appended timestamp accordingly. For more information, see [Index Rotation for the Amazon ES Destination](https://docs.aws.amazon.com/firehose/latest/dev/basic-deliver.html#es-index-rotation) in the *Amazon Kinesis Data Firehose Developer Guide* .", - "title": "IndexRotationPeriod", - "type": "string" + "Ec2InstanceImageId": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details of the Amazon EC2 instance image IDs used to filter findings.", + "title": "Ec2InstanceImageId", + "type": "array" }, - "ProcessingConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", - "markdownDescription": "The data processing configuration for the Kinesis Data Firehose delivery stream.", - "title": "ProcessingConfiguration" + "Ec2InstanceSubnetId": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details of the Amazon EC2 instance subnet IDs used to filter findings.", + "title": "Ec2InstanceSubnetId", + "type": "array" }, - "RetryOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ElasticsearchRetryOptions", - "markdownDescription": "The retry behavior when Kinesis Data Firehose is unable to deliver data to Amazon ES.", - "title": "RetryOptions" + "Ec2InstanceVpcId": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details of the Amazon EC2 instance VPC IDs used to filter findings.", + "title": "Ec2InstanceVpcId", + "type": "array" }, - "RoleARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to be assumed by Kinesis Data Firehose for calling the Amazon ES Configuration API and for indexing documents. For more information, see [Controlling Access with Amazon Kinesis Data Firehose](https://docs.aws.amazon.com/firehose/latest/dev/controlling-access.html) .", - "title": "RoleARN", - "type": "string" + "EcrImageArchitecture": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details of the Amazon ECR image architecture types used to filter findings.", + "title": "EcrImageArchitecture", + "type": "array" }, - "S3BackupMode": { - "markdownDescription": "The condition under which Kinesis Data Firehose delivers data to Amazon Simple Storage Service (Amazon S3). You can send Amazon S3 all documents (all data) or only the documents that Kinesis Data Firehose could not deliver to the Amazon ES destination. For more information and valid values, see the `S3BackupMode` content for the [ElasticsearchDestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ElasticsearchDestinationConfiguration.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", - "title": "S3BackupMode", - "type": "string" + "EcrImageHash": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details of the Amazon ECR image hashes used to filter findings.", + "title": "EcrImageHash", + "type": "array" }, - "S3Configuration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", - "markdownDescription": "The S3 bucket where Kinesis Data Firehose backs up incoming data.", - "title": "S3Configuration" + "EcrImagePushedAt": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.DateFilter" + }, + "markdownDescription": "Details on the Amazon ECR image push date and time used to filter findings.", + "title": "EcrImagePushedAt", + "type": "array" }, - "TypeName": { - "markdownDescription": "The Elasticsearch type name that Amazon ES adds to documents when indexing data.", - "title": "TypeName", - "type": "string" + "EcrImageRegistry": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details on the Amazon ECR registry used to filter findings.", + "title": "EcrImageRegistry", + "type": "array" }, - "VpcConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.VpcConfiguration", - "markdownDescription": "The details of the VPC of the Amazon ES destination.", - "title": "VpcConfiguration" - } - }, - "required": [ - "IndexName", - "RoleARN", - "S3Configuration" - ], - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.ElasticsearchRetryOptions": { - "additionalProperties": false, - "properties": { - "DurationInSeconds": { - "markdownDescription": "After an initial failure to deliver to Amazon ES, the total amount of time during which Kinesis Data Firehose re-attempts delivery (including the first attempt). If Kinesis Data Firehose can't deliver the data within the specified time, it writes the data to the backup S3 bucket. For valid values, see the `DurationInSeconds` content for the [ElasticsearchRetryOptions](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ElasticsearchRetryOptions.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", - "title": "DurationInSeconds", - "type": "number" - } - }, - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.EncryptionConfiguration": { - "additionalProperties": false, - "properties": { - "KMSEncryptionConfig": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.KMSEncryptionConfig", - "markdownDescription": "The AWS Key Management Service ( AWS KMS) encryption key that Amazon S3 uses to encrypt your data.", - "title": "KMSEncryptionConfig" + "EcrImageRepositoryName": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details on the name of the Amazon ECR repository used to filter findings.", + "title": "EcrImageRepositoryName", + "type": "array" }, - "NoEncryptionConfig": { - "markdownDescription": "Disables encryption. For valid values, see the `NoEncryptionConfig` content for the [EncryptionConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_EncryptionConfiguration.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", - "title": "NoEncryptionConfig", - "type": "string" - } - }, - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.ExtendedS3DestinationConfiguration": { - "additionalProperties": false, - "properties": { - "BucketARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon S3 bucket. For constraints, see [ExtendedS3DestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ExtendedS3DestinationConfiguration.html) in the *Amazon Kinesis Data Firehose API Reference* .", - "title": "BucketARN", - "type": "string" + "EcrImageTags": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "The tags attached to the Amazon ECR container image.", + "title": "EcrImageTags", + "type": "array" }, - "BufferingHints": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.BufferingHints", - "markdownDescription": "The buffering option.", - "title": "BufferingHints" + "EpssScore": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.NumberFilter" + }, + "markdownDescription": "", + "title": "EpssScore", + "type": "array" }, - "CloudWatchLoggingOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", - "markdownDescription": "The Amazon CloudWatch logging options for your Firehose stream.", - "title": "CloudWatchLoggingOptions" + "ExploitAvailable": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "", + "title": "ExploitAvailable", + "type": "array" }, - "CompressionFormat": { - "markdownDescription": "The compression format. If no value is specified, the default is `UNCOMPRESSED` .", - "title": "CompressionFormat", - "type": "string" + "FindingArn": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details on the finding ARNs used to filter findings.", + "title": "FindingArn", + "type": "array" }, - "CustomTimeZone": { - "markdownDescription": "The time zone you prefer. UTC is the default.", - "title": "CustomTimeZone", - "type": "string" + "FindingStatus": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details on the finding status types used to filter findings.", + "title": "FindingStatus", + "type": "array" }, - "DataFormatConversionConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DataFormatConversionConfiguration", - "markdownDescription": "The serializer, deserializer, and schema for converting data from the JSON format to the Parquet or ORC format before writing it to Amazon S3.", - "title": "DataFormatConversionConfiguration" + "FindingType": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details on the finding types used to filter findings.", + "title": "FindingType", + "type": "array" }, - "DynamicPartitioningConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DynamicPartitioningConfiguration", - "markdownDescription": "The configuration of the dynamic partitioning mechanism that creates targeted data sets from the streaming data by partitioning it based on partition keys.", - "title": "DynamicPartitioningConfiguration" + "FirstObservedAt": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.DateFilter" + }, + "markdownDescription": "Details on the date and time a finding was first seen used to filter findings.", + "title": "FirstObservedAt", + "type": "array" }, - "EncryptionConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.EncryptionConfiguration", - "markdownDescription": "The encryption configuration for the Kinesis Data Firehose delivery stream. The default value is `NoEncryption` .", - "title": "EncryptionConfiguration" + "FixAvailable": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "", + "title": "FixAvailable", + "type": "array" }, - "ErrorOutputPrefix": { - "markdownDescription": "A prefix that Kinesis Data Firehose evaluates and adds to failed records before writing them to S3. This prefix appears immediately following the bucket name. For information about how to specify this prefix, see [Custom Prefixes for Amazon S3 Objects](https://docs.aws.amazon.com/firehose/latest/dev/s3-prefixes.html) .", - "title": "ErrorOutputPrefix", - "type": "string" + "InspectorScore": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.NumberFilter" + }, + "markdownDescription": "The Amazon Inspector score to filter on.", + "title": "InspectorScore", + "type": "array" }, - "FileExtension": { - "markdownDescription": "Specify a file extension. It will override the default file extension", - "title": "FileExtension", - "type": "string" + "LambdaFunctionExecutionRoleArn": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "", + "title": "LambdaFunctionExecutionRoleArn", + "type": "array" }, - "Prefix": { - "markdownDescription": "The `YYYY/MM/DD/HH` time format prefix is automatically used for delivered Amazon S3 files. For more information, see [ExtendedS3DestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ExtendedS3DestinationConfiguration.html) in the *Amazon Kinesis Data Firehose API Reference* .", - "title": "Prefix", - "type": "string" + "LambdaFunctionLastModifiedAt": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.DateFilter" + }, + "markdownDescription": "", + "title": "LambdaFunctionLastModifiedAt", + "type": "array" }, - "ProcessingConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", - "markdownDescription": "The data processing configuration for the Kinesis Data Firehose delivery stream.", - "title": "ProcessingConfiguration" + "LambdaFunctionLayers": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "", + "title": "LambdaFunctionLayers", + "type": "array" }, - "RoleARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS credentials. For constraints, see [ExtendedS3DestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ExtendedS3DestinationConfiguration.html) in the *Amazon Kinesis Data Firehose API Reference* .", - "title": "RoleARN", - "type": "string" + "LambdaFunctionName": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "", + "title": "LambdaFunctionName", + "type": "array" }, - "S3BackupConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", - "markdownDescription": "The configuration for backup in Amazon S3.", - "title": "S3BackupConfiguration" + "LambdaFunctionRuntime": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "", + "title": "LambdaFunctionRuntime", + "type": "array" }, - "S3BackupMode": { - "markdownDescription": "The Amazon S3 backup mode. After you create a Firehose stream, you can update it to enable Amazon S3 backup if it is disabled. If backup is enabled, you can't update the Firehose stream to disable it.", - "title": "S3BackupMode", - "type": "string" - } - }, - "required": [ - "BucketARN", - "RoleARN" - ], - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.HiveJsonSerDe": { - "additionalProperties": false, - "properties": { - "TimestampFormats": { + "LastObservedAt": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::InspectorV2::Filter.DateFilter" }, - "markdownDescription": "Indicates how you want Firehose to parse the date and timestamps that may be present in your input data JSON. To specify these format strings, follow the pattern syntax of JodaTime's DateTimeFormat format strings. For more information, see [Class DateTimeFormat](https://docs.aws.amazon.com/https://www.joda.org/joda-time/apidocs/org/joda/time/format/DateTimeFormat.html) . You can also use the special value `millis` to parse timestamps in epoch milliseconds. If you don't specify a format, Firehose uses `java.sql.Timestamp::valueOf` by default.", - "title": "TimestampFormats", + "markdownDescription": "Details on the date and time a finding was last seen used to filter findings.", + "title": "LastObservedAt", + "type": "array" + }, + "NetworkProtocol": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details on network protocol used to filter findings.", + "title": "NetworkProtocol", + "type": "array" + }, + "PortRange": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.PortRangeFilter" + }, + "markdownDescription": "Details on the port ranges used to filter findings.", + "title": "PortRange", + "type": "array" + }, + "RelatedVulnerabilities": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details on the related vulnerabilities used to filter findings.", + "title": "RelatedVulnerabilities", + "type": "array" + }, + "ResourceId": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details on the resource IDs used to filter findings.", + "title": "ResourceId", + "type": "array" + }, + "ResourceTags": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.MapFilter" + }, + "markdownDescription": "Details on the resource tags used to filter findings.", + "title": "ResourceTags", + "type": "array" + }, + "ResourceType": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details on the resource types used to filter findings.", + "title": "ResourceType", + "type": "array" + }, + "Severity": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details on the severity used to filter findings.", + "title": "Severity", + "type": "array" + }, + "Title": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details on the finding title used to filter findings.", + "title": "Title", + "type": "array" + }, + "UpdatedAt": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.DateFilter" + }, + "markdownDescription": "Details on the date and time a finding was last updated at used to filter findings.", + "title": "UpdatedAt", + "type": "array" + }, + "VendorSeverity": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details on the vendor severity used to filter findings.", + "title": "VendorSeverity", + "type": "array" + }, + "VulnerabilityId": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details on the vulnerability ID used to filter findings.", + "title": "VulnerabilityId", + "type": "array" + }, + "VulnerabilitySource": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details on the vulnerability score to filter findings by.", + "title": "VulnerabilitySource", + "type": "array" + }, + "VulnerablePackages": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.PackageFilter" + }, + "markdownDescription": "Details on the vulnerable packages used to filter findings.", + "title": "VulnerablePackages", "type": "array" } }, "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.HttpEndpointCommonAttribute": { + "AWS::InspectorV2::Filter.MapFilter": { "additionalProperties": false, "properties": { - "AttributeName": { - "markdownDescription": "The name of the HTTP endpoint common attribute.", - "title": "AttributeName", + "Comparison": { + "markdownDescription": "The operator to use when comparing values in the filter.", + "title": "Comparison", "type": "string" }, - "AttributeValue": { - "markdownDescription": "The value of the HTTP endpoint common attribute.", - "title": "AttributeValue", + "Key": { + "markdownDescription": "The tag key used in the filter.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The tag value used in the filter.", + "title": "Value", "type": "string" } }, "required": [ - "AttributeName", - "AttributeValue" + "Comparison" ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.HttpEndpointConfiguration": { + "AWS::InspectorV2::Filter.NumberFilter": { "additionalProperties": false, "properties": { - "AccessKey": { - "markdownDescription": "The access key required for Kinesis Firehose to authenticate with the HTTP endpoint selected as the destination.", - "title": "AccessKey", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the HTTP endpoint selected as the destination.", - "title": "Name", - "type": "string" + "LowerInclusive": { + "markdownDescription": "The lowest number to be included in the filter.", + "title": "LowerInclusive", + "type": "number" }, - "Url": { - "markdownDescription": "The URL of the HTTP endpoint selected as the destination.", - "title": "Url", - "type": "string" + "UpperInclusive": { + "markdownDescription": "The highest number to be included in the filter.", + "title": "UpperInclusive", + "type": "number" } }, - "required": [ - "Url" - ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.HttpEndpointDestinationConfiguration": { + "AWS::InspectorV2::Filter.PackageFilter": { "additionalProperties": false, "properties": { - "BufferingHints": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.BufferingHints", - "markdownDescription": "The buffering options that can be used before data is delivered to the specified destination. Kinesis Data Firehose treats these options as hints, and it might choose to use more optimal values. The SizeInMBs and IntervalInSeconds parameters are optional. However, if you specify a value for one of them, you must also provide a value for the other.", - "title": "BufferingHints" - }, - "CloudWatchLoggingOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", - "markdownDescription": "Describes the Amazon CloudWatch logging options for your delivery stream.", - "title": "CloudWatchLoggingOptions" + "Architecture": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter", + "markdownDescription": "An object that contains details on the package architecture type to filter on.", + "title": "Architecture" }, - "EndpointConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.HttpEndpointConfiguration", - "markdownDescription": "The configuration of the HTTP endpoint selected as the destination.", - "title": "EndpointConfiguration" + "Epoch": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.NumberFilter", + "markdownDescription": "An object that contains details on the package epoch to filter on.", + "title": "Epoch" }, - "ProcessingConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", - "markdownDescription": "Describes the data processing configuration.", - "title": "ProcessingConfiguration" + "FilePath": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter", + "markdownDescription": "", + "title": "FilePath" }, - "RequestConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.HttpEndpointRequestConfiguration", - "markdownDescription": "The configuration of the request sent to the HTTP endpoint specified as the destination.", - "title": "RequestConfiguration" + "Name": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter", + "markdownDescription": "An object that contains details on the name of the package to filter on.", + "title": "Name" }, - "RetryOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.RetryOptions", - "markdownDescription": "Describes the retry behavior in case Kinesis Data Firehose is unable to deliver data to the specified HTTP endpoint destination, or if it doesn't receive a valid acknowledgment of receipt from the specified HTTP endpoint destination.", - "title": "RetryOptions" + "Release": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter", + "markdownDescription": "An object that contains details on the package release to filter on.", + "title": "Release" }, - "RoleARN": { - "markdownDescription": "Kinesis Data Firehose uses this IAM role for all the permissions that the delivery stream needs.", - "title": "RoleARN", - "type": "string" + "SourceLambdaLayerArn": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter", + "markdownDescription": "", + "title": "SourceLambdaLayerArn" }, - "S3BackupMode": { - "markdownDescription": "Describes the S3 bucket backup options for the data that Kinesis Data Firehose delivers to the HTTP endpoint destination. You can back up all documents (AllData) or only the documents that Kinesis Data Firehose could not deliver to the specified HTTP endpoint destination (FailedDataOnly).", - "title": "S3BackupMode", - "type": "string" + "SourceLayerHash": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter", + "markdownDescription": "An object that contains details on the source layer hash to filter on.", + "title": "SourceLayerHash" }, - "S3Configuration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", - "markdownDescription": "Describes the configuration of a destination in Amazon S3.", - "title": "S3Configuration" + "Version": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter", + "markdownDescription": "The package version to filter on.", + "title": "Version" } }, - "required": [ - "EndpointConfiguration", - "S3Configuration" - ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.HttpEndpointRequestConfiguration": { + "AWS::InspectorV2::Filter.PortRangeFilter": { "additionalProperties": false, "properties": { - "CommonAttributes": { - "items": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.HttpEndpointCommonAttribute" - }, - "markdownDescription": "Describes the metadata sent to the HTTP endpoint destination.", - "title": "CommonAttributes", - "type": "array" + "BeginInclusive": { + "markdownDescription": "The port number the port range begins at.", + "title": "BeginInclusive", + "type": "number" }, - "ContentEncoding": { - "markdownDescription": "Kinesis Data Firehose uses the content encoding to compress the body of a request before sending the request to the destination. For more information, see Content-Encoding in MDN Web Docs, the official Mozilla documentation.", - "title": "ContentEncoding", - "type": "string" - } - }, - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.InputFormatConfiguration": { - "additionalProperties": false, - "properties": { - "Deserializer": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.Deserializer", - "markdownDescription": "Specifies which deserializer to use. You can choose either the Apache Hive JSON SerDe or the OpenX JSON SerDe. If both are non-null, the server rejects the request.", - "title": "Deserializer" - } - }, - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.KMSEncryptionConfig": { - "additionalProperties": false, - "properties": { - "AWSKMSKeyARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS encryption key that Amazon S3 uses to encrypt data delivered by the Kinesis Data Firehose stream. The key must belong to the same region as the destination S3 bucket.", - "title": "AWSKMSKeyARN", - "type": "string" + "EndInclusive": { + "markdownDescription": "The port number the port range ends at.", + "title": "EndInclusive", + "type": "number" } }, - "required": [ - "AWSKMSKeyARN" - ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.KinesisStreamSourceConfiguration": { + "AWS::InspectorV2::Filter.StringFilter": { "additionalProperties": false, "properties": { - "KinesisStreamARN": { - "markdownDescription": "The ARN of the source Kinesis data stream.", - "title": "KinesisStreamARN", + "Comparison": { + "markdownDescription": "The operator to use when comparing values in the filter.", + "title": "Comparison", "type": "string" }, - "RoleARN": { - "markdownDescription": "The ARN of the role that provides access to the source Kinesis data stream.", - "title": "RoleARN", + "Value": { + "markdownDescription": "The value to filter on.", + "title": "Value", "type": "string" } }, "required": [ - "KinesisStreamARN", - "RoleARN" + "Comparison", + "Value" ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.MSKSourceConfiguration": { + "AWS::InternetMonitor::Monitor": { "additionalProperties": false, "properties": { - "AuthenticationConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AuthenticationConfiguration", - "markdownDescription": "The authentication configuration of the Amazon MSK cluster.", - "title": "AuthenticationConfiguration" - }, - "MSKClusterARN": { - "markdownDescription": "The ARN of the Amazon MSK cluster.", - "title": "MSKClusterARN", + "Condition": { "type": "string" }, - "TopicName": { - "markdownDescription": "The topic name within the Amazon MSK cluster.", - "title": "TopicName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "required": [ - "AuthenticationConfiguration", - "MSKClusterARN", - "TopicName" - ], - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.OpenXJsonSerDe": { - "additionalProperties": false, - "properties": { - "CaseInsensitive": { - "markdownDescription": "When set to `true` , which is the default, Firehose converts JSON keys to lowercase before deserializing them.", - "title": "CaseInsensitive", - "type": "boolean" }, - "ColumnToJsonKeyMappings": { - "additionalProperties": true, - "markdownDescription": "Maps column names to JSON keys that aren't identical to the column names. This is useful when the JSON contains keys that are Hive keywords. For example, `timestamp` is a Hive keyword. If you have a JSON key named `timestamp` , set this parameter to `{\"ts\": \"timestamp\"}` to map this key to a column named `ts` .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "HealthEventsConfig": { + "$ref": "#/definitions/AWS::InternetMonitor::Monitor.HealthEventsConfig", + "markdownDescription": "A complex type with the configuration information that determines the threshold and other conditions for when Internet Monitor creates a health event for an overall performance or availability issue, across an application's geographies.\n\nDefines the percentages, for overall performance scores and availability scores for an application, that are the thresholds for when Internet Monitor creates a health event. You can override the defaults to set a custom threshold for overall performance or availability scores, or both.\n\nYou can also set thresholds for local health scores,, where Internet Monitor creates a health event when scores cross a threshold for one or more city-networks, in addition to creating an event when an overall score crosses a threshold.\n\nIf you don't set a health event threshold, the default value is 95%.\n\nFor local thresholds, you also set a minimum percentage of overall traffic that is impacted by an issue before Internet Monitor creates an event. In addition, you can disable local thresholds, for performance scores, availability scores, or both.\n\nFor more information, see [Change health event thresholds](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-IM-overview.html#IMUpdateThresholdFromOverview) in the Internet Monitor section of the *CloudWatch User Guide* .", + "title": "HealthEventsConfig" + }, + "IncludeLinkedAccounts": { + "markdownDescription": "A boolean option that you can set to `TRUE` to include monitors for linked accounts in a list of monitors, when you've set up cross-account sharing in Internet Monitor. You configure cross-account sharing by using Amazon CloudWatch Observability Access Manager. For more information, see [Internet Monitor cross-account observability](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cwim-cross-account.html) in the Amazon CloudWatch User Guide.", + "title": "IncludeLinkedAccounts", + "type": "boolean" + }, + "InternetMeasurementsLogDelivery": { + "$ref": "#/definitions/AWS::InternetMonitor::Monitor.InternetMeasurementsLogDelivery", + "markdownDescription": "Publish internet measurements for a monitor for all city-networks (up to the 500,000 service limit) to another location, such as an Amazon S3 bucket. Measurements are also published to Amazon CloudWatch Logs for the first 500 (by traffic volume) city-networks (client locations and ASNs, typically internet service providers or ISPs).", + "title": "InternetMeasurementsLogDelivery" + }, + "LinkedAccountId": { + "markdownDescription": "The account ID for an account that you've set up cross-account sharing for in Internet Monitor. You configure cross-account sharing by using Amazon CloudWatch Observability Access Manager. For more information, see [Internet Monitor cross-account observability](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cwim-cross-account.html) in the Amazon CloudWatch User Guide.", + "title": "LinkedAccountId", + "type": "string" + }, + "MaxCityNetworksToMonitor": { + "markdownDescription": "The maximum number of city-networks to monitor for your resources. A city-network is the location (city) where clients access your application resources from and the network, such as an internet service provider, that clients access the resources through.\n\nFor more information, see [Choosing a city-network maximum value](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/IMCityNetworksMaximum.html) in *Using Amazon CloudWatch Internet Monitor* .", + "title": "MaxCityNetworksToMonitor", + "type": "number" + }, + "MonitorName": { + "markdownDescription": "The name of the monitor. A monitor name can contain only alphanumeric characters, dashes (-), periods (.), and underscores (_).", + "title": "MonitorName", + "type": "string" + }, + "Resources": { + "items": { + "type": "string" + }, + "markdownDescription": "The resources that have been added for the monitor, listed by their Amazon Resource Names (ARNs). Use this option to add or remove resources when making an update.\n\n> Be aware that if you include content in the `Resources` field when you update a monitor, the `ResourcesToAdd` and `ResourcesToRemove` fields must be empty.", + "title": "Resources", + "type": "array" + }, + "ResourcesToAdd": { + "items": { + "type": "string" + }, + "markdownDescription": "The resources to include in a monitor, which you provide as a set of Amazon Resource Names (ARNs). Resources can be Amazon Virtual Private Cloud VPCs, Network Load Balancers (NLBs), Amazon CloudFront distributions, or Amazon WorkSpaces directories.\n\nYou can add a combination of VPCs and CloudFront distributions, or you can add WorkSpaces directories, or you can add NLBs. You can't add NLBs or WorkSpaces directories together with any other resources.\n\nIf you add only VPC resources, at least one VPC must have an Internet Gateway attached to it, to make sure that it has internet connectivity.\n\n> You can specify this field for a monitor update only if the `Resources` field is empty.", + "title": "ResourcesToAdd", + "type": "array" + }, + "ResourcesToRemove": { + "items": { + "type": "string" + }, + "markdownDescription": "The resources to remove from a monitor, which you provide as a set of Amazon Resource Names (ARNs)\n\n> You can specify this field for a monitor update only if the `Resources` field is empty.", + "title": "ResourcesToRemove", + "type": "array" + }, + "Status": { + "markdownDescription": "The status of a monitor. The accepted values that you can specify for `Status` are `ACTIVE` and `INACTIVE` .", + "title": "Status", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for a monitor, listed as a set of *key:value* pairs.", + "title": "Tags", + "type": "array" + }, + "TrafficPercentageToMonitor": { + "markdownDescription": "The percentage of the internet-facing traffic for your application that you want to monitor. You can also, optionally, set a limit for the number of city-networks (client locations and ASNs, typically internet service providers) that Internet Monitor will monitor traffic for. The city-networks maximum limit caps the number of city-networks that Internet Monitor monitors for your application, regardless of the percentage of traffic that you choose to monitor.", + "title": "TrafficPercentageToMonitor", + "type": "number" } }, - "title": "ColumnToJsonKeyMappings", + "required": [ + "MonitorName" + ], "type": "object" }, - "ConvertDotsInJsonKeysToUnderscores": { - "markdownDescription": "When set to `true` , specifies that the names of the keys include dots and that you want Firehose to replace them with underscores. This is useful because Apache Hive does not allow dots in column names. For example, if the JSON contains a key whose name is \"a.b\", you can define the column name to be \"a_b\" when using this option.\n\nThe default is `false` .", - "title": "ConvertDotsInJsonKeysToUnderscores", - "type": "boolean" + "Type": { + "enum": [ + "AWS::InternetMonitor::Monitor" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.OrcSerDe": { + "AWS::InternetMonitor::Monitor.HealthEventsConfig": { "additionalProperties": false, "properties": { - "BlockSizeBytes": { - "markdownDescription": "The Hadoop Distributed File System (HDFS) block size. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is 256 MiB and the minimum is 64 MiB. Firehose uses this value for padding calculations.", - "title": "BlockSizeBytes", - "type": "number" - }, - "BloomFilterColumns": { - "items": { - "type": "string" - }, - "markdownDescription": "The column names for which you want Firehose to create bloom filters. The default is `null` .", - "title": "BloomFilterColumns", - "type": "array" - }, - "BloomFilterFalsePositiveProbability": { - "markdownDescription": "The Bloom filter false positive probability (FPP). The lower the FPP, the bigger the Bloom filter. The default value is 0.05, the minimum is 0, and the maximum is 1.", - "title": "BloomFilterFalsePositiveProbability", - "type": "number" - }, - "Compression": { - "markdownDescription": "The compression code to use over data blocks. The default is `SNAPPY` .", - "title": "Compression", - "type": "string" - }, - "DictionaryKeyThreshold": { - "markdownDescription": "Represents the fraction of the total number of non-null rows. To turn off dictionary encoding, set this fraction to a number that is less than the number of distinct keys in a dictionary. To always use dictionary encoding, set this threshold to 1.", - "title": "DictionaryKeyThreshold", - "type": "number" - }, - "EnablePadding": { - "markdownDescription": "Set this to `true` to indicate that you want stripes to be padded to the HDFS block boundaries. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is `false` .", - "title": "EnablePadding", - "type": "boolean" - }, - "FormatVersion": { - "markdownDescription": "The version of the file to write. The possible values are `V0_11` and `V0_12` . The default is `V0_12` .", - "title": "FormatVersion", - "type": "string" + "AvailabilityLocalHealthEventsConfig": { + "$ref": "#/definitions/AWS::InternetMonitor::Monitor.LocalHealthEventsConfig", + "markdownDescription": "The configuration that determines the threshold and other conditions for when Internet Monitor creates a health event for a local availability issue.", + "title": "AvailabilityLocalHealthEventsConfig" }, - "PaddingTolerance": { - "markdownDescription": "A number between 0 and 1 that defines the tolerance for block padding as a decimal fraction of stripe size. The default value is 0.05, which means 5 percent of stripe size.\n\nFor the default values of 64 MiB ORC stripes and 256 MiB HDFS blocks, the default block padding tolerance of 5 percent reserves a maximum of 3.2 MiB for padding within the 256 MiB block. In such a case, if the available size within the block is more than 3.2 MiB, a new, smaller stripe is inserted to fit within that space. This ensures that no stripe crosses block boundaries and causes remote reads within a node-local task.\n\nKinesis Data Firehose ignores this parameter when `EnablePadding` is `false` .", - "title": "PaddingTolerance", + "AvailabilityScoreThreshold": { + "markdownDescription": "The health event threshold percentage set for availability scores. When the overall availability score is at or below this percentage, Internet Monitor creates a health event.", + "title": "AvailabilityScoreThreshold", "type": "number" }, - "RowIndexStride": { - "markdownDescription": "The number of rows between index entries. The default is 10,000 and the minimum is 1,000.", - "title": "RowIndexStride", - "type": "number" + "PerformanceLocalHealthEventsConfig": { + "$ref": "#/definitions/AWS::InternetMonitor::Monitor.LocalHealthEventsConfig", + "markdownDescription": "The configuration that determines the threshold and other conditions for when Internet Monitor creates a health event for a local performance issue.", + "title": "PerformanceLocalHealthEventsConfig" }, - "StripeSizeBytes": { - "markdownDescription": "The number of bytes in each stripe. The default is 64 MiB and the minimum is 8 MiB.", - "title": "StripeSizeBytes", + "PerformanceScoreThreshold": { + "markdownDescription": "The health event threshold percentage set for performance scores. When the overall performance score is at or below this percentage, Internet Monitor creates a health event.", + "title": "PerformanceScoreThreshold", "type": "number" } }, "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.OutputFormatConfiguration": { + "AWS::InternetMonitor::Monitor.InternetMeasurementsLogDelivery": { "additionalProperties": false, "properties": { - "Serializer": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.Serializer", - "markdownDescription": "Specifies which serializer to use. You can choose either the ORC SerDe or the Parquet SerDe. If both are non-null, the server rejects the request.", - "title": "Serializer" + "S3Config": { + "$ref": "#/definitions/AWS::InternetMonitor::Monitor.S3Config", + "markdownDescription": "The configuration for publishing Amazon CloudWatch Internet Monitor internet measurements to Amazon S3.", + "title": "S3Config" } }, "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.ParquetSerDe": { + "AWS::InternetMonitor::Monitor.LocalHealthEventsConfig": { "additionalProperties": false, "properties": { - "BlockSizeBytes": { - "markdownDescription": "The Hadoop Distributed File System (HDFS) block size. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is 256 MiB and the minimum is 64 MiB. Firehose uses this value for padding calculations.", - "title": "BlockSizeBytes", - "type": "number" - }, - "Compression": { - "markdownDescription": "The compression code to use over data blocks. The possible values are `UNCOMPRESSED` , `SNAPPY` , and `GZIP` , with the default being `SNAPPY` . Use `SNAPPY` for higher decompression speed. Use `GZIP` if the compression ratio is more important than speed.", - "title": "Compression", - "type": "string" - }, - "EnableDictionaryCompression": { - "markdownDescription": "Indicates whether to enable dictionary compression.", - "title": "EnableDictionaryCompression", - "type": "boolean" - }, - "MaxPaddingBytes": { - "markdownDescription": "The maximum amount of padding to apply. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is 0.", - "title": "MaxPaddingBytes", + "HealthScoreThreshold": { + "markdownDescription": "The health event threshold percentage set for a local health score.", + "title": "HealthScoreThreshold", "type": "number" }, - "PageSizeBytes": { - "markdownDescription": "The Parquet page size. Column chunks are divided into pages. A page is conceptually an indivisible unit (in terms of compression and encoding). The minimum value is 64 KiB and the default is 1 MiB.", - "title": "PageSizeBytes", + "MinTrafficImpact": { + "markdownDescription": "The minimum percentage of overall traffic for an application that must be impacted by an issue before Internet Monitor creates an event when a threshold is crossed for a local health score.\n\nIf you don't set a minimum traffic impact threshold, the default value is 0.01%.", + "title": "MinTrafficImpact", "type": "number" }, - "WriterVersion": { - "markdownDescription": "Indicates the version of row format to output. The possible values are `V1` and `V2` . The default is `V1` .", - "title": "WriterVersion", + "Status": { + "markdownDescription": "The status of whether Internet Monitor creates a health event based on a threshold percentage set for a local health score. The status can be `ENABLED` or `DISABLED` .", + "title": "Status", "type": "string" } }, "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Indicates whether data processing is enabled (true) or disabled (false).", - "title": "Enabled", - "type": "boolean" - }, - "Processors": { - "items": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.Processor" - }, - "markdownDescription": "The data processors.", - "title": "Processors", - "type": "array" - } - }, - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.Processor": { + "AWS::InternetMonitor::Monitor.S3Config": { "additionalProperties": false, "properties": { - "Parameters": { - "items": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessorParameter" - }, - "markdownDescription": "The processor parameters.", - "title": "Parameters", - "type": "array" - }, - "Type": { - "markdownDescription": "The type of processor. Valid values: `Lambda` .", - "title": "Type", + "BucketName": { + "markdownDescription": "The Amazon S3 bucket name for internet measurements publishing.", + "title": "BucketName", "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.ProcessorParameter": { - "additionalProperties": false, - "properties": { - "ParameterName": { - "markdownDescription": "The name of the parameter. Currently the following default values are supported: 3 for `NumberOfRetries` and 60 for the `BufferIntervalInSeconds` . The `BufferSizeInMBs` ranges between 0.2 MB and up to 3MB. The default buffering hint is 1MB for all destinations, except Splunk. For Splunk, the default buffering hint is 256 KB.", - "title": "ParameterName", + }, + "BucketPrefix": { + "markdownDescription": "An optional Amazon S3 bucket prefix for internet measurements publishing.", + "title": "BucketPrefix", "type": "string" }, - "ParameterValue": { - "markdownDescription": "The parameter value.", - "title": "ParameterValue", + "LogDeliveryStatus": { + "markdownDescription": "The status of publishing Internet Monitor internet measurements to an Amazon S3 bucket. The delivery status is `ENABLED` if you choose to deliver internet measurements to an S3 bucket, and `DISABLED` otherwise.", + "title": "LogDeliveryStatus", "type": "string" } }, - "required": [ - "ParameterName", - "ParameterValue" - ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.RedshiftDestinationConfiguration": { + "AWS::Invoicing::InvoiceUnit": { "additionalProperties": false, "properties": { - "CloudWatchLoggingOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", - "markdownDescription": "The CloudWatch logging options for your Firehose stream.", - "title": "CloudWatchLoggingOptions" - }, - "ClusterJDBCURL": { - "markdownDescription": "The connection string that Kinesis Data Firehose uses to connect to the Amazon Redshift cluster.", - "title": "ClusterJDBCURL", + "Condition": { "type": "string" }, - "CopyCommand": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CopyCommand", - "markdownDescription": "Configures the Amazon Redshift `COPY` command that Kinesis Data Firehose uses to load data into the cluster from the Amazon S3 bucket.", - "title": "CopyCommand" - }, - "Password": { - "markdownDescription": "The password for the Amazon Redshift user that you specified in the `Username` property.", - "title": "Password", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ProcessingConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", - "markdownDescription": "The data processing configuration for the Kinesis Data Firehose delivery stream.", - "title": "ProcessingConfiguration" - }, - "RetryOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.RedshiftRetryOptions", - "markdownDescription": "The retry behavior in case Firehose is unable to deliver documents to Amazon Redshift. Default value is 3600 (60 minutes).", - "title": "RetryOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "RoleARN": { - "markdownDescription": "The ARN of the AWS Identity and Access Management (IAM) role that grants Kinesis Data Firehose access to your Amazon S3 bucket and AWS KMS (if you enable data encryption). For more information, see [Grant Kinesis Data Firehose Access to an Amazon Redshift Destination](https://docs.aws.amazon.com/firehose/latest/dev/controlling-access.html#using-iam-rs) in the *Amazon Kinesis Data Firehose Developer Guide* .", - "title": "RoleARN", - "type": "string" + "Metadata": { + "type": "object" }, - "S3BackupConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", - "markdownDescription": "The configuration for backup in Amazon S3.", - "title": "S3BackupConfiguration" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The assigned description for an invoice unit. This information can't be modified or deleted.", + "title": "Description", + "type": "string" + }, + "InvoiceReceiver": { + "markdownDescription": "The account that receives invoices related to the invoice unit.", + "title": "InvoiceReceiver", + "type": "string" + }, + "Name": { + "markdownDescription": "A unique name that is distinctive within your AWS .", + "title": "Name", + "type": "string" + }, + "ResourceTags": { + "items": { + "$ref": "#/definitions/AWS::Invoicing::InvoiceUnit.ResourceTag" + }, + "markdownDescription": "The tag structure that contains a tag key and value.", + "title": "ResourceTags", + "type": "array" + }, + "Rule": { + "$ref": "#/definitions/AWS::Invoicing::InvoiceUnit.Rule", + "markdownDescription": "An `InvoiceUnitRule` object used the categorize invoice units.", + "title": "Rule" + }, + "TaxInheritanceDisabled": { + "markdownDescription": "Whether the invoice unit based tax inheritance is/ should be enabled or disabled.", + "title": "TaxInheritanceDisabled", + "type": "boolean" + } + }, + "required": [ + "InvoiceReceiver", + "Name", + "Rule" + ], + "type": "object" }, - "S3BackupMode": { - "markdownDescription": "The Amazon S3 backup mode. After you create a Firehose stream, you can update it to enable Amazon S3 backup if it is disabled. If backup is enabled, you can't update the Firehose stream to disable it.", - "title": "S3BackupMode", + "Type": { + "enum": [ + "AWS::Invoicing::InvoiceUnit" + ], "type": "string" }, - "S3Configuration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", - "markdownDescription": "The S3 bucket where Kinesis Data Firehose first delivers data. After the data is in the bucket, Kinesis Data Firehose uses the `COPY` command to load the data into the Amazon Redshift cluster. For the Amazon S3 bucket's compression format, don't specify `SNAPPY` or `ZIP` because the Amazon Redshift `COPY` command doesn't support them.", - "title": "S3Configuration" - }, - "Username": { - "markdownDescription": "The Amazon Redshift user that has permission to access the Amazon Redshift cluster. This user must have `INSERT` privileges for copying data from the Amazon S3 bucket to the cluster.", - "title": "Username", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ClusterJDBCURL", - "CopyCommand", - "Password", - "RoleARN", - "S3Configuration", - "Username" + "Type", + "Properties" ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.RedshiftRetryOptions": { - "additionalProperties": false, - "properties": { - "DurationInSeconds": { - "markdownDescription": "The length of time during which Firehose retries delivery after a failure, starting from the initial request and including the first attempt. The default value is 3600 seconds (60 minutes). Firehose does not retry if the value of `DurationInSeconds` is 0 (zero) or if the first delivery attempt takes longer than the current value.", - "title": "DurationInSeconds", - "type": "number" - } - }, - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.RetryOptions": { + "AWS::Invoicing::InvoiceUnit.ResourceTag": { "additionalProperties": false, "properties": { - "DurationInSeconds": { - "markdownDescription": "The total amount of time that Kinesis Data Firehose spends on retries. This duration starts after the initial attempt to send data to the custom destination via HTTPS endpoint fails. It doesn't include the periods during which Kinesis Data Firehose waits for acknowledgment from the specified destination after each attempt.", - "title": "DurationInSeconds", - "type": "number" + "Key": { + "markdownDescription": "The object key of your of your resource tag.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The specific value of the resource tag.", + "title": "Value", + "type": "string" } }, + "required": [ + "Key", + "Value" + ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration": { + "AWS::Invoicing::InvoiceUnit.Rule": { "additionalProperties": false, "properties": { - "BucketARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon S3 bucket to send data to.", - "title": "BucketARN", - "type": "string" - }, - "BufferingHints": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.BufferingHints", - "markdownDescription": "Configures how Kinesis Data Firehose buffers incoming data while delivering it to the Amazon S3 bucket.", - "title": "BufferingHints" - }, - "CloudWatchLoggingOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", - "markdownDescription": "The CloudWatch logging options for your Firehose stream.", - "title": "CloudWatchLoggingOptions" - }, - "CompressionFormat": { - "markdownDescription": "The type of compression that Kinesis Data Firehose uses to compress the data that it delivers to the Amazon S3 bucket. For valid values, see the `CompressionFormat` content for the [S3DestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_S3DestinationConfiguration.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", - "title": "CompressionFormat", - "type": "string" - }, - "EncryptionConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.EncryptionConfiguration", - "markdownDescription": "Configures Amazon Simple Storage Service (Amazon S3) server-side encryption. Kinesis Data Firehose uses AWS Key Management Service ( AWS KMS) to encrypt the data that it delivers to your Amazon S3 bucket.", - "title": "EncryptionConfiguration" - }, - "ErrorOutputPrefix": { - "markdownDescription": "A prefix that Kinesis Data Firehose evaluates and adds to failed records before writing them to S3. This prefix appears immediately following the bucket name. For information about how to specify this prefix, see [Custom Prefixes for Amazon S3 Objects](https://docs.aws.amazon.com/firehose/latest/dev/s3-prefixes.html) .", - "title": "ErrorOutputPrefix", - "type": "string" - }, - "Prefix": { - "markdownDescription": "A prefix that Kinesis Data Firehose adds to the files that it delivers to the Amazon S3 bucket. The prefix helps you identify the files that Kinesis Data Firehose delivered.", - "title": "Prefix", - "type": "string" - }, - "RoleARN": { - "markdownDescription": "The ARN of an AWS Identity and Access Management (IAM) role that grants Kinesis Data Firehose access to your Amazon S3 bucket and AWS KMS (if you enable data encryption). For more information, see [Grant Kinesis Data Firehose Access to an Amazon S3 Destination](https://docs.aws.amazon.com/firehose/latest/dev/controlling-access.html#using-iam-s3) in the *Amazon Kinesis Data Firehose Developer Guide* .", - "title": "RoleARN", - "type": "string" + "LinkedAccounts": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of `LINKED_ACCOUNT` IDs where charges are included within the invoice unit.", + "title": "LinkedAccounts", + "type": "array" } }, "required": [ - "BucketARN", - "RoleARN" + "LinkedAccounts" ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.SchemaConfiguration": { + "AWS::IoT::AccountAuditConfiguration": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The ID of the AWS Glue Data Catalog. If you don't supply this, the AWS account ID is used by default.", - "title": "CatalogId", + "Condition": { "type": "string" }, - "DatabaseName": { - "markdownDescription": "Specifies the name of the AWS Glue database that contains the schema for the output data.\n\n> If the `SchemaConfiguration` request parameter is used as part of invoking the `CreateDeliveryStream` API, then the `DatabaseName` property is required and its value must be specified.", - "title": "DatabaseName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Region": { - "markdownDescription": "If you don't specify an AWS Region, the default is the current Region.", - "title": "Region", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "RoleARN": { - "markdownDescription": "The role that Firehose can use to access AWS Glue. This role must be in the same account you use for Firehose. Cross-account roles aren't allowed.\n\n> If the `SchemaConfiguration` request parameter is used as part of invoking the `CreateDeliveryStream` API, then the `RoleARN` property is required and its value must be specified.", - "title": "RoleARN", - "type": "string" + "Metadata": { + "type": "object" }, - "TableName": { - "markdownDescription": "Specifies the AWS Glue table that contains the column information that constitutes your data schema.\n\n> If the `SchemaConfiguration` request parameter is used as part of invoking the `CreateDeliveryStream` API, then the `TableName` property is required and its value must be specified.", - "title": "TableName", + "Properties": { + "additionalProperties": false, + "properties": { + "AccountId": { + "markdownDescription": "The ID of the account. You can use the expression `!Sub \"${AWS::AccountId}\"` to use your account ID.", + "title": "AccountId", + "type": "string" + }, + "AuditCheckConfigurations": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfigurations", + "markdownDescription": "Specifies which audit checks are enabled and disabled for this account.\n\nSome data collection might start immediately when certain checks are enabled. When a check is disabled, any data collected so far in relation to the check is deleted. To disable a check, set the value of the `Enabled:` key to `false` .\n\nIf an enabled check is removed from the template, it will also be disabled.\n\nYou can't disable a check if it's used by any scheduled audit. You must delete the check from the scheduled audit or delete the scheduled audit itself to disable the check.\n\nFor more information on available audit checks see [AWS::IoT::AccountAuditConfiguration AuditCheckConfigurations](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iot-accountauditconfiguration-auditcheckconfigurations.html)", + "title": "AuditCheckConfigurations" + }, + "AuditNotificationTargetConfigurations": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditNotificationTargetConfigurations", + "markdownDescription": "Information about the targets to which audit notifications are sent.", + "title": "AuditNotificationTargetConfigurations" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role that grants permission to AWS IoT to access information about your devices, policies, certificates, and other items as required when performing an audit.", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "AccountId", + "AuditCheckConfigurations", + "RoleArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IoT::AccountAuditConfiguration" + ], "type": "string" }, - "VersionId": { - "markdownDescription": "Specifies the table version for the output data schema. If you don't specify this version ID, or if you set it to `LATEST` , Firehose uses the most recent version. This means that any updates to the table are automatically picked up.", - "title": "VersionId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.Serializer": { + "AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration": { "additionalProperties": false, "properties": { - "OrcSerDe": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.OrcSerDe", - "markdownDescription": "A serializer to use for converting data to the ORC format before storing it in Amazon S3. For more information, see [Apache ORC](https://docs.aws.amazon.com/https://orc.apache.org/docs/) .", - "title": "OrcSerDe" - }, - "ParquetSerDe": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ParquetSerDe", - "markdownDescription": "A serializer to use for converting data to the Parquet format before storing it in Amazon S3. For more information, see [Apache Parquet](https://docs.aws.amazon.com/https://parquet.apache.org/docs/contribution-guidelines/) .", - "title": "ParquetSerDe" + "Enabled": { + "markdownDescription": "True if this audit check is enabled for this account.", + "title": "Enabled", + "type": "boolean" } }, "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.SnowflakeDestinationConfiguration": { + "AWS::IoT::AccountAuditConfiguration.AuditCheckConfigurations": { "additionalProperties": false, "properties": { - "AccountUrl": { - "markdownDescription": "URL for accessing your Snowflake account. This URL must include your [account identifier](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/admin-account-identifier) . Note that the protocol (https://) and port number are optional.", - "title": "AccountUrl", - "type": "string" - }, - "CloudWatchLoggingOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", - "markdownDescription": "", - "title": "CloudWatchLoggingOptions" + "AuthenticatedCognitoRoleOverlyPermissiveCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks the permissiveness of an authenticated Amazon Cognito identity pool role. For this check, AWS IoT Device Defender audits all Amazon Cognito identity pools that have been used to connect to the AWS IoT message broker during the 31 days before the audit is performed.", + "title": "AuthenticatedCognitoRoleOverlyPermissiveCheck" }, - "ContentColumnName": { - "markdownDescription": "The name of the record content column.", - "title": "ContentColumnName", - "type": "string" + "CaCertificateExpiringCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks if a CA certificate is expiring. This check applies to CA certificates expiring within 30 days or that have expired.", + "title": "CaCertificateExpiringCheck" }, - "DataLoadingOption": { - "markdownDescription": "Choose to load JSON keys mapped to table column names or choose to split the JSON payload where content is mapped to a record content column and source metadata is mapped to a record metadata column.", - "title": "DataLoadingOption", - "type": "string" + "CaCertificateKeyQualityCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks the quality of the CA certificate key. The quality checks if the key is in a valid format, not expired, and if the key meets a minimum required size. This check applies to CA certificates that are `ACTIVE` or `PENDING_TRANSFER` .", + "title": "CaCertificateKeyQualityCheck" }, - "Database": { - "markdownDescription": "All data in Snowflake is maintained in databases.", - "title": "Database", - "type": "string" + "ConflictingClientIdsCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks if multiple devices connect using the same client ID.", + "title": "ConflictingClientIdsCheck" }, - "KeyPassphrase": { - "markdownDescription": "Passphrase to decrypt the private key when the key is encrypted. For information, see [Using Key Pair Authentication & Key Rotation](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/data-load-snowpipe-streaming-configuration#using-key-pair-authentication-key-rotation) .", - "title": "KeyPassphrase", - "type": "string" + "DeviceCertificateAgeCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.DeviceCertAgeAuditCheckConfiguration", + "markdownDescription": "Checks when a device certificate has been active for a number of days greater than or equal to the number you specify.", + "title": "DeviceCertificateAgeCheck" }, - "MetaDataColumnName": { - "markdownDescription": "Specify a column name in the table, where the metadata information has to be loaded. When you enable this field, you will see the following column in the snowflake table, which differs based on the source type.\n\nFor Direct PUT as source\n\n`{ \"firehoseDeliveryStreamName\" : \"streamname\", \"IngestionTime\" : \"timestamp\" }`\n\nFor Kinesis Data Stream as source\n\n`\"kinesisStreamName\" : \"streamname\", \"kinesisShardId\" : \"Id\", \"kinesisPartitionKey\" : \"key\", \"kinesisSequenceNumber\" : \"1234\", \"subsequenceNumber\" : \"2334\", \"IngestionTime\" : \"timestamp\" }`", - "title": "MetaDataColumnName", - "type": "string" + "DeviceCertificateExpiringCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.DeviceCertExpirationAuditCheckConfiguration", + "markdownDescription": "Checks if a device certificate is expiring. By default, this check applies to device certificates expiring within 30 days or that have expired. You can modify this threshold by configuring the DeviceCertExpirationAuditCheckConfiguration.", + "title": "DeviceCertificateExpiringCheck" }, - "PrivateKey": { - "markdownDescription": "The private key used to encrypt your Snowflake client. For information, see [Using Key Pair Authentication & Key Rotation](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/data-load-snowpipe-streaming-configuration#using-key-pair-authentication-key-rotation) .", - "title": "PrivateKey", - "type": "string" + "DeviceCertificateKeyQualityCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks the quality of the device certificate key. The quality checks if the key is in a valid format, not expired, signed by a registered certificate authority, and if the key meets a minimum required size.", + "title": "DeviceCertificateKeyQualityCheck" }, - "ProcessingConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", - "markdownDescription": "", - "title": "ProcessingConfiguration" + "DeviceCertificateSharedCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks if multiple concurrent connections use the same X.509 certificate to authenticate with AWS IoT .", + "title": "DeviceCertificateSharedCheck" }, - "RetryOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SnowflakeRetryOptions", - "markdownDescription": "The time period where Firehose will retry sending data to the chosen HTTP endpoint.", - "title": "RetryOptions" + "IntermediateCaRevokedForActiveDeviceCertificatesCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks if device certificates are still active despite being revoked by an intermediate CA.", + "title": "IntermediateCaRevokedForActiveDeviceCertificatesCheck" }, - "RoleARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Snowflake role", - "title": "RoleARN", - "type": "string" + "IoTPolicyPotentialMisConfigurationCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks if an AWS IoT policy is potentially misconfigured. Misconfigured policies, including overly permissive policies, can cause security incidents like allowing devices access to unintended resources. This check is a warning for you to make sure that only intended actions are allowed before updating the policy.", + "title": "IoTPolicyPotentialMisConfigurationCheck" }, - "S3BackupMode": { - "markdownDescription": "Choose an S3 backup mode", - "title": "S3BackupMode", - "type": "string" + "IotPolicyOverlyPermissiveCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks the permissiveness of a policy attached to an authenticated Amazon Cognito identity pool role.", + "title": "IotPolicyOverlyPermissiveCheck" }, - "S3Configuration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", - "markdownDescription": "", - "title": "S3Configuration" + "IotRoleAliasAllowsAccessToUnusedServicesCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks if a role alias has access to services that haven't been used for the AWS IoT device in the last year.", + "title": "IotRoleAliasAllowsAccessToUnusedServicesCheck" }, - "Schema": { - "markdownDescription": "Each database consists of one or more schemas, which are logical groupings of database objects, such as tables and views", - "title": "Schema", - "type": "string" + "IotRoleAliasOverlyPermissiveCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks if the temporary credentials provided by AWS IoT role aliases are overly permissive.", + "title": "IotRoleAliasOverlyPermissiveCheck" }, - "SnowflakeRoleConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SnowflakeRoleConfiguration", - "markdownDescription": "Optionally configure a Snowflake role. Otherwise the default user role will be used.", - "title": "SnowflakeRoleConfiguration" + "LoggingDisabledCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks if AWS IoT logs are disabled.", + "title": "LoggingDisabledCheck" }, - "SnowflakeVpcConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SnowflakeVpcConfiguration", - "markdownDescription": "The VPCE ID for Firehose to privately connect with Snowflake. The ID format is com.amazonaws.vpce.[region].vpce-svc-<[id]>. For more information, see [Amazon PrivateLink & Snowflake](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/admin-security-privatelink)", - "title": "SnowflakeVpcConfiguration" + "RevokedCaCertificateStillActiveCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks if a revoked CA certificate is still active.", + "title": "RevokedCaCertificateStillActiveCheck" }, - "Table": { - "markdownDescription": "All data in Snowflake is stored in database tables, logically structured as collections of columns and rows.", - "title": "Table", - "type": "string" + "RevokedDeviceCertificateStillActiveCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks if a revoked device certificate is still active.", + "title": "RevokedDeviceCertificateStillActiveCheck" }, - "User": { - "markdownDescription": "User login name for the Snowflake account.", - "title": "User", - "type": "string" - } - }, - "required": [ - "AccountUrl", - "Database", - "PrivateKey", - "RoleARN", - "S3Configuration", - "Schema", - "Table", - "User" - ], - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.SnowflakeRetryOptions": { - "additionalProperties": false, - "properties": { - "DurationInSeconds": { - "markdownDescription": "the time period where Firehose will retry sending data to the chosen HTTP endpoint.", - "title": "DurationInSeconds", - "type": "number" + "UnauthenticatedCognitoRoleOverlyPermissiveCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks if policy attached to an unauthenticated Amazon Cognito identity pool role is too permissive.", + "title": "UnauthenticatedCognitoRoleOverlyPermissiveCheck" } }, "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.SnowflakeRoleConfiguration": { + "AWS::IoT::AccountAuditConfiguration.AuditNotificationTarget": { "additionalProperties": false, "properties": { "Enabled": { - "markdownDescription": "Enable Snowflake role", + "markdownDescription": "True if notifications to the target are enabled.", "title": "Enabled", "type": "boolean" }, - "SnowflakeRole": { - "markdownDescription": "The Snowflake role you wish to configure", - "title": "SnowflakeRole", + "RoleArn": { + "markdownDescription": "The ARN of the role that grants permission to send notifications to the target.", + "title": "RoleArn", + "type": "string" + }, + "TargetArn": { + "markdownDescription": "The ARN of the target (SNS topic) to which audit notifications are sent.", + "title": "TargetArn", "type": "string" } }, "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.SnowflakeVpcConfiguration": { + "AWS::IoT::AccountAuditConfiguration.AuditNotificationTargetConfigurations": { "additionalProperties": false, "properties": { - "PrivateLinkVpceId": { - "markdownDescription": "The VPCE ID for Firehose to privately connect with Snowflake. The ID format is com.amazonaws.vpce.[region].vpce-svc-<[id]>. For more information, see [Amazon PrivateLink & Snowflake](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/admin-security-privatelink)", - "title": "PrivateLinkVpceId", - "type": "string" + "Sns": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditNotificationTarget", + "markdownDescription": "The `Sns` notification target.", + "title": "Sns" } }, - "required": [ - "PrivateLinkVpceId" - ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.SplunkBufferingHints": { + "AWS::IoT::AccountAuditConfiguration.CertAgeCheckCustomConfiguration": { "additionalProperties": false, "properties": { - "IntervalInSeconds": { - "markdownDescription": "Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 60 (1 minute).", - "title": "IntervalInSeconds", - "type": "number" - }, - "SizeInMBs": { - "markdownDescription": "Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 5.", - "title": "SizeInMBs", - "type": "number" + "CertAgeThresholdInDays": { + "markdownDescription": "The number of days that defines when a device certificate is considered to have aged. The check will report a finding if a certificate has been active for a number of days greater than or equal to this threshold value.", + "title": "CertAgeThresholdInDays", + "type": "string" } }, "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.SplunkDestinationConfiguration": { + "AWS::IoT::AccountAuditConfiguration.CertExpirationCheckCustomConfiguration": { "additionalProperties": false, "properties": { - "BufferingHints": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SplunkBufferingHints", - "markdownDescription": "The buffering options. If no value is specified, the default values for Splunk are used.", - "title": "BufferingHints" - }, - "CloudWatchLoggingOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", - "markdownDescription": "The Amazon CloudWatch logging options for your Firehose stream.", - "title": "CloudWatchLoggingOptions" - }, - "HECAcknowledgmentTimeoutInSeconds": { - "markdownDescription": "The amount of time that Firehose waits to receive an acknowledgment from Splunk after it sends it data. At the end of the timeout period, Firehose either tries to send the data again or considers it an error, based on your retry settings.", - "title": "HECAcknowledgmentTimeoutInSeconds", - "type": "number" - }, - "HECEndpoint": { - "markdownDescription": "The HTTP Event Collector (HEC) endpoint to which Firehose sends your data.", - "title": "HECEndpoint", - "type": "string" - }, - "HECEndpointType": { - "markdownDescription": "This type can be either `Raw` or `Event` .", - "title": "HECEndpointType", - "type": "string" - }, - "HECToken": { - "markdownDescription": "This is a GUID that you obtain from your Splunk cluster when you create a new HEC endpoint.", - "title": "HECToken", - "type": "string" - }, - "ProcessingConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", - "markdownDescription": "The data processing configuration.", - "title": "ProcessingConfiguration" - }, - "RetryOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SplunkRetryOptions", - "markdownDescription": "The retry behavior in case Firehose is unable to deliver data to Splunk, or if it doesn't receive an acknowledgment of receipt from Splunk.", - "title": "RetryOptions" - }, - "S3BackupMode": { - "markdownDescription": "Defines how documents should be delivered to Amazon S3. When set to `FailedEventsOnly` , Firehose writes any data that could not be indexed to the configured Amazon S3 destination. When set to `AllEvents` , Firehose delivers all incoming records to Amazon S3, and also writes failed documents to Amazon S3. The default value is `FailedEventsOnly` .\n\nYou can update this backup mode from `FailedEventsOnly` to `AllEvents` . You can't update it from `AllEvents` to `FailedEventsOnly` .", - "title": "S3BackupMode", + "CertExpirationThresholdInDays": { + "markdownDescription": "The number of days before expiration that defines when a device certificate is considered to be approaching expiration. The check will report a finding if a certificate will expire within this number of days.", + "title": "CertExpirationThresholdInDays", "type": "string" - }, - "S3Configuration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", - "markdownDescription": "The configuration for the backup Amazon S3 location.", - "title": "S3Configuration" } }, - "required": [ - "HECEndpoint", - "HECEndpointType", - "HECToken", - "S3Configuration" - ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.SplunkRetryOptions": { + "AWS::IoT::AccountAuditConfiguration.DeviceCertAgeAuditCheckConfiguration": { "additionalProperties": false, "properties": { - "DurationInSeconds": { - "markdownDescription": "The total amount of time that Firehose spends on retries. This duration starts after the initial attempt to send data to Splunk fails. It doesn't include the periods during which Firehose waits for acknowledgment from Splunk after each attempt.", - "title": "DurationInSeconds", - "type": "number" + "Configuration": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.CertAgeCheckCustomConfiguration", + "markdownDescription": "Configuration settings for the device certificate age check, including the threshold in days for certificate age. This configuration is of type `CertAgeCheckCustomConfiguration` .", + "title": "Configuration" + }, + "Enabled": { + "markdownDescription": "True if this audit check is enabled for this account.", + "title": "Enabled", + "type": "boolean" } }, "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.VpcConfiguration": { + "AWS::IoT::AccountAuditConfiguration.DeviceCertExpirationAuditCheckConfiguration": { "additionalProperties": false, "properties": { - "RoleARN": { - "markdownDescription": "The ARN of the IAM role that you want the delivery stream to use to create endpoints in the destination VPC. You can use your existing Kinesis Data Firehose delivery role or you can specify a new role. In either case, make sure that the role trusts the Kinesis Data Firehose service principal and that it grants the following permissions:\n\n- `ec2:DescribeVpcs`\n- `ec2:DescribeVpcAttribute`\n- `ec2:DescribeSubnets`\n- `ec2:DescribeSecurityGroups`\n- `ec2:DescribeNetworkInterfaces`\n- `ec2:CreateNetworkInterface`\n- `ec2:CreateNetworkInterfacePermission`\n- `ec2:DeleteNetworkInterface`\n\nIf you revoke these permissions after you create the delivery stream, Kinesis Data Firehose can't scale out by creating more ENIs when necessary. You might therefore see a degradation in performance.", - "title": "RoleARN", - "type": "string" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the security groups that you want Kinesis Data Firehose to use when it creates ENIs in the VPC of the Amazon ES destination. You can use the same security group that the Amazon ES domain uses or different ones. If you specify different security groups here, ensure that they allow outbound HTTPS traffic to the Amazon ES domain's security group. Also ensure that the Amazon ES domain's security group allows HTTPS traffic from the security groups specified here. If you use the same security group for both your delivery stream and the Amazon ES domain, make sure the security group inbound rule allows HTTPS traffic.", - "title": "SecurityGroupIds", - "type": "array" + "Configuration": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.CertExpirationCheckCustomConfiguration", + "markdownDescription": "Configuration settings for the device certificate expiration check, including the threshold in days before expiration. This configuration is of type `CertExpirationCheckCustomConfiguration`", + "title": "Configuration" }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the subnets that Kinesis Data Firehose uses to create ENIs in the VPC of the Amazon ES destination. Make sure that the routing tables and inbound and outbound rules allow traffic to flow from the subnets whose IDs are specified here to the subnets that have the destination Amazon ES endpoints. Kinesis Data Firehose creates at least one ENI in each of the subnets that are specified here. Do not delete or modify these ENIs.\n\nThe number of ENIs that Kinesis Data Firehose creates in the subnets specified here scales up and down automatically based on throughput. To enable Kinesis Data Firehose to scale up the number of ENIs to match throughput, ensure that you have sufficient quota. To help you calculate the quota you need, assume that Kinesis Data Firehose can create up to three ENIs for this delivery stream for each of the subnets specified here.", - "title": "SubnetIds", - "type": "array" + "Enabled": { + "markdownDescription": "True if this audit check is enabled for this account.", + "title": "Enabled", + "type": "boolean" } }, - "required": [ - "RoleARN", - "SecurityGroupIds", - "SubnetIds" - ], "type": "object" }, - "AWS::KinesisVideo::SignalingChannel": { + "AWS::IoT::Authorizer": { "additionalProperties": false, "properties": { "Condition": { @@ -140582,35 +145385,64 @@ "Properties": { "additionalProperties": false, "properties": { - "MessageTtlSeconds": { - "markdownDescription": "The period of time (in seconds) a signaling channel retains undelivered messages before they are discarded. Use `API_UpdateSignalingChannel` to update this value.", - "title": "MessageTtlSeconds", - "type": "number" + "AuthorizerFunctionArn": { + "markdownDescription": "The authorizer's Lambda function ARN.", + "title": "AuthorizerFunctionArn", + "type": "string" }, - "Name": { - "markdownDescription": "A name for the signaling channel that you are creating. It must be unique for each AWS account and AWS Region .", - "title": "Name", + "AuthorizerName": { + "markdownDescription": "The authorizer name.", + "title": "AuthorizerName", + "type": "string" + }, + "EnableCachingForHttp": { + "markdownDescription": "When `true` , the result from the authorizer's Lambda function is cached for clients that use persistent HTTP connections. The results are cached for the time specified by the Lambda function in `refreshAfterInSeconds` . This value doesn't affect authorization of clients that use MQTT connections.", + "title": "EnableCachingForHttp", + "type": "boolean" + }, + "SigningDisabled": { + "markdownDescription": "Specifies whether AWS IoT validates the token signature in an authorization request.", + "title": "SigningDisabled", + "type": "boolean" + }, + "Status": { + "markdownDescription": "The status of the authorizer.\n\nValid values: `ACTIVE` | `INACTIVE`", + "title": "Status", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "Metadata which can be used to manage the custom authorizer.\n\n> For URI Request parameters use format: ...key1=value1&key2=value2...\n> \n> For the CLI command-line parameter use format: &&tags \"key1=value1&key2=value2...\"\n> \n> For the cli-input-json file use format: \"tags\": \"key1=value1&key2=value2...\"", "title": "Tags", "type": "array" }, - "Type": { - "markdownDescription": "A type of the signaling channel that you are creating. Currently, `SINGLE_MASTER` is the only supported channel type.", - "title": "Type", + "TokenKeyName": { + "markdownDescription": "The key used to extract the token from the HTTP headers.", + "title": "TokenKeyName", "type": "string" + }, + "TokenSigningPublicKeys": { + "additionalProperties": true, + "markdownDescription": "The public keys used to validate the token signature returned by your custom authentication service.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "TokenSigningPublicKeys", + "type": "object" } }, + "required": [ + "AuthorizerFunctionArn" + ], "type": "object" }, "Type": { "enum": [ - "AWS::KinesisVideo::SignalingChannel" + "AWS::IoT::Authorizer" ], "type": "string" }, @@ -140624,11 +145456,12 @@ } }, "required": [ - "Type" - ], + "Type", + "Properties" + ], "type": "object" }, - "AWS::KinesisVideo::Stream": { + "AWS::IoT::BillingGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -140663,36 +145496,21 @@ "Properties": { "additionalProperties": false, "properties": { - "DataRetentionInHours": { - "markdownDescription": "How long the stream retains data, in hours.", - "title": "DataRetentionInHours", - "type": "number" - }, - "DeviceName": { - "markdownDescription": "The name of the device that is associated with the stream.", - "title": "DeviceName", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "The ID of the AWS Key Management Service ( AWS KMS ) key that Kinesis Video Streams uses to encrypt data on the stream.", - "title": "KmsKeyId", - "type": "string" - }, - "MediaType": { - "markdownDescription": "The `MediaType` of the stream.", - "title": "MediaType", + "BillingGroupName": { + "markdownDescription": "The name of the billing group.", + "title": "BillingGroupName", "type": "string" }, - "Name": { - "markdownDescription": "The name of the stream.", - "title": "Name", - "type": "string" + "BillingGroupProperties": { + "$ref": "#/definitions/AWS::IoT::BillingGroup.BillingGroupProperties", + "markdownDescription": "The properties of the billing group.", + "title": "BillingGroupProperties" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "Metadata which can be used to manage the billing group.", "title": "Tags", "type": "array" } @@ -140701,7 +145519,7 @@ }, "Type": { "enum": [ - "AWS::KinesisVideo::Stream" + "AWS::IoT::BillingGroup" ], "type": "string" }, @@ -140719,7 +145537,18 @@ ], "type": "object" }, - "AWS::LakeFormation::DataCellsFilter": { + "AWS::IoT::BillingGroup.BillingGroupProperties": { + "additionalProperties": false, + "properties": { + "BillingGroupDescription": { + "markdownDescription": "The description of the billing group.", + "title": "BillingGroupDescription", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoT::CACertificate": { "additionalProperties": false, "properties": { "Condition": { @@ -140754,56 +145583,59 @@ "Properties": { "additionalProperties": false, "properties": { - "ColumnNames": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of UTF-8 strings. A list of column names.", - "title": "ColumnNames", - "type": "array" - }, - "ColumnWildcard": { - "$ref": "#/definitions/AWS::LakeFormation::DataCellsFilter.ColumnWildcard", - "markdownDescription": "A wildcard with exclusions. You must specify either a `ColumnNames` list or the `ColumnWildCard` .", - "title": "ColumnWildcard" + "AutoRegistrationStatus": { + "markdownDescription": "Whether the CA certificate is configured for auto registration of device certificates. Valid values are \"ENABLE\" and \"DISABLE\".", + "title": "AutoRegistrationStatus", + "type": "string" }, - "DatabaseName": { - "markdownDescription": "UTF-8 string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html) .\n\nA database in the Data Catalog .", - "title": "DatabaseName", + "CACertificatePem": { + "markdownDescription": "The certificate data in PEM format.", + "title": "CACertificatePem", "type": "string" }, - "Name": { - "markdownDescription": "UTF-8 string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html) .\n\nThe name given by the user to the data filter cell.", - "title": "Name", + "CertificateMode": { + "markdownDescription": "The mode of the CA.\n\nAll the device certificates that are registered using this CA will be registered in the same mode as the CA. For more information about certificate mode for device certificates, see [certificate mode](https://docs.aws.amazon.com//iot/latest/apireference/API_CertificateDescription.html#iot-Type-CertificateDescription-certificateMode) .\n\nValid values are \"DEFAULT\" and \"SNI_ONLY\".", + "title": "CertificateMode", "type": "string" }, - "RowFilter": { - "$ref": "#/definitions/AWS::LakeFormation::DataCellsFilter.RowFilter", - "markdownDescription": "A PartiQL predicate.", - "title": "RowFilter" + "RegistrationConfig": { + "$ref": "#/definitions/AWS::IoT::CACertificate.RegistrationConfig", + "markdownDescription": "Information about the registration configuration.", + "title": "RegistrationConfig" }, - "TableCatalogId": { - "markdownDescription": "Catalog id string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html) .\n\nThe ID of the catalog to which the table belongs.", - "title": "TableCatalogId", + "RemoveAutoRegistration": { + "markdownDescription": "If true, removes auto registration.", + "title": "RemoveAutoRegistration", + "type": "boolean" + }, + "Status": { + "markdownDescription": "The status of the CA certificate.\n\nValid values are \"ACTIVE\" and \"INACTIVE\".", + "title": "Status", "type": "string" }, - "TableName": { - "markdownDescription": "UTF-8 string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html) .\n\nA table in the database.", - "title": "TableName", + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + }, + "VerificationCertificatePem": { + "markdownDescription": "The private key verification certificate.", + "title": "VerificationCertificatePem", "type": "string" } }, "required": [ - "DatabaseName", - "Name", - "TableCatalogId", - "TableName" + "CACertificatePem", + "Status" ], "type": "object" }, "Type": { "enum": [ - "AWS::LakeFormation::DataCellsFilter" + "AWS::IoT::CACertificate" ], "type": "string" }, @@ -140822,37 +145654,28 @@ ], "type": "object" }, - "AWS::LakeFormation::DataCellsFilter.ColumnWildcard": { - "additionalProperties": false, - "properties": { - "ExcludedColumnNames": { - "items": { - "type": "string" - }, - "markdownDescription": "Excludes column names. Any column with this name will be excluded.", - "title": "ExcludedColumnNames", - "type": "array" - } - }, - "type": "object" - }, - "AWS::LakeFormation::DataCellsFilter.RowFilter": { + "AWS::IoT::CACertificate.RegistrationConfig": { "additionalProperties": false, "properties": { - "AllRowsWildcard": { - "markdownDescription": "A wildcard for all rows.", - "title": "AllRowsWildcard", - "type": "object" + "RoleArn": { + "markdownDescription": "The ARN of the role.", + "title": "RoleArn", + "type": "string" }, - "FilterExpression": { - "markdownDescription": "A filter expression.", - "title": "FilterExpression", + "TemplateBody": { + "markdownDescription": "The template body.", + "title": "TemplateBody", + "type": "string" + }, + "TemplateName": { + "markdownDescription": "The name of the provisioning template.", + "title": "TemplateName", "type": "string" } }, "type": "object" }, - "AWS::LakeFormation::DataLakeSettings": { + "AWS::IoT::Certificate": { "additionalProperties": false, "properties": { "Condition": { @@ -140887,68 +145710,40 @@ "Properties": { "additionalProperties": false, "properties": { - "Admins": { - "$ref": "#/definitions/AWS::LakeFormation::DataLakeSettings.Admins", - "markdownDescription": "A list of AWS Lake Formation principals.", - "title": "Admins" - }, - "AllowExternalDataFiltering": { - "markdownDescription": "Whether to allow Amazon EMR clusters or other third-party query engines to access data managed by Lake Formation .\n\nIf set to true, you allow Amazon EMR clusters or other third-party engines to access data in Amazon S3 locations that are registered with Lake Formation .\n\nIf false or null, no third-party query engines will be able to access data in Amazon S3 locations that are registered with Lake Formation.\n\nFor more information, see [External data filtering setting](https://docs.aws.amazon.com/lake-formation/latest/dg/initial-LF-setup.html#external-data-filter) .", - "title": "AllowExternalDataFiltering", - "type": "boolean" - }, - "AllowFullTableExternalDataAccess": { - "markdownDescription": "Specifies whether query engines and applications can get credentials without IAM session tags if the user has full table access. It provides query engines and applications performance benefits as well as simplifies data access. Amazon EMR on Amazon EC2 is able to leverage this setting.\n\nFor more information, see [](https://docs.aws.amazon.com/lake-formation/latest/dg/using-cred-vending.html)", - "title": "AllowFullTableExternalDataAccess", - "type": "boolean" - }, - "AuthorizedSessionTagValueList": { - "items": { - "type": "string" - }, - "markdownDescription": "Lake Formation relies on a privileged process secured by Amazon EMR or the third party integrator to tag the user's role while assuming it. Lake Formation will publish the acceptable key-value pair, for example key = \"LakeFormationTrustedCaller\" and value = \"TRUE\" and the third party integrator must properly tag the temporary security credentials that will be used to call Lake Formation 's administrative API operations.", - "title": "AuthorizedSessionTagValueList", - "type": "array" - }, - "CreateDatabaseDefaultPermissions": { - "$ref": "#/definitions/AWS::LakeFormation::DataLakeSettings.CreateDatabaseDefaultPermissions", - "markdownDescription": "Specifies whether access control on a newly created database is managed by Lake Formation permissions or exclusively by IAM permissions.\n\nA null value indicates that the access is controlled by Lake Formation permissions. `ALL` permissions assigned to `IAM_ALLOWED_PRINCIPALS` group indicates that the user's IAM permissions determine the access to the database. This is referred to as the setting \"Use only IAM access control,\" and is to support backward compatibility with the AWS Glue permission model implemented by IAM permissions.\n\nThe only permitted values are an empty array or an array that contains a single JSON object that grants `ALL` to `IAM_ALLOWED_PRINCIPALS` .\n\nFor more information, see [Changing the default security settings for your data lake](https://docs.aws.amazon.com/lake-formation/latest/dg/change-settings.html) .", - "title": "CreateDatabaseDefaultPermissions" - }, - "CreateTableDefaultPermissions": { - "$ref": "#/definitions/AWS::LakeFormation::DataLakeSettings.CreateTableDefaultPermissions", - "markdownDescription": "Specifies whether access control on a newly created table is managed by Lake Formation permissions or exclusively by IAM permissions.\n\nA null value indicates that the access is controlled by Lake Formation permissions. `ALL` permissions assigned to `IAM_ALLOWED_PRINCIPALS` group indicate that the user's IAM permissions determine the access to the table. This is referred to as the setting \"Use only IAM access control,\" and is to support the backward compatibility with the AWS Glue permission model implemented by IAM permissions.\n\nThe only permitted values are an empty array or an array that contains a single JSON object that grants `ALL` permissions to `IAM_ALLOWED_PRINCIPALS` .\n\nFor more information, see [Changing the default security settings for your data lake](https://docs.aws.amazon.com/lake-formation/latest/dg/change-settings.html) .", - "title": "CreateTableDefaultPermissions" + "CACertificatePem": { + "markdownDescription": "The CA certificate used to sign the device certificate being registered, not available when CertificateMode is SNI_ONLY.", + "title": "CACertificatePem", + "type": "string" }, - "ExternalDataFilteringAllowList": { - "$ref": "#/definitions/AWS::LakeFormation::DataLakeSettings.ExternalDataFilteringAllowList", - "markdownDescription": "A list of the account IDs of AWS accounts with Amazon EMR clusters or third-party engines that are allwed to perform data filtering.", - "title": "ExternalDataFilteringAllowList" + "CertificateMode": { + "markdownDescription": "Specifies which mode of certificate registration to use with this resource. Valid options are DEFAULT with CaCertificatePem and CertificatePem, SNI_ONLY with CertificatePem, and Default with CertificateSigningRequest.\n\n`DEFAULT` : A certificate in `DEFAULT` mode is either generated by AWS IoT Core or registered with an issuer certificate authority (CA). Devices with certificates in `DEFAULT` mode aren't required to send the Server Name Indication (SNI) extension when connecting to AWS IoT Core . However, to use features such as custom domains and VPC endpoints, we recommend that you use the SNI extension when connecting to AWS IoT Core .\n\n`SNI_ONLY` : A certificate in `SNI_ONLY` mode is registered without an issuer CA. Devices with certificates in `SNI_ONLY` mode must send the SNI extension when connecting to AWS IoT Core .", + "title": "CertificateMode", + "type": "string" }, - "MutationType": { - "markdownDescription": "Specifies whether the data lake settings are updated by adding new values to the current settings ( `APPEND` ) or by replacing the current settings with new settings ( `REPLACE` ).\n\n> If you choose `REPLACE` , your current data lake settings will be replaced with the new values in your template.", - "title": "MutationType", + "CertificatePem": { + "markdownDescription": "The certificate data in PEM format. Requires SNI_ONLY for the certificate mode or the accompanying CACertificatePem for registration.", + "title": "CertificatePem", "type": "string" }, - "Parameters": { - "markdownDescription": "A key-value map that provides an additional configuration on your data lake. `CrossAccountVersion` is the key you can configure in the `Parameters` field. Accepted values for the `CrossAccountVersion` key are 1, 2, 3, and 4.", - "title": "Parameters", - "type": "object" + "CertificateSigningRequest": { + "markdownDescription": "The certificate signing request (CSR).", + "title": "CertificateSigningRequest", + "type": "string" }, - "TrustedResourceOwners": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of UTF-8 strings.\n\nA list of the resource-owning account IDs that the caller's account can use to share their user access details (user ARNs). The user ARNs can be logged in the resource owner's CloudTrail log. You may want to specify this property when you are in a high-trust boundary, such as the same team or company.", - "title": "TrustedResourceOwners", - "type": "array" + "Status": { + "markdownDescription": "The status of the certificate.\n\nValid values are ACTIVE, INACTIVE, REVOKED, PENDING_TRANSFER, and PENDING_ACTIVATION.\n\nThe status value REGISTER_INACTIVE is deprecated and should not be used.", + "title": "Status", + "type": "string" } }, + "required": [ + "Status" + ], "type": "object" }, "Type": { "enum": [ - "AWS::LakeFormation::DataLakeSettings" + "AWS::IoT::Certificate" ], "type": "string" }, @@ -140962,68 +145757,12 @@ } }, "required": [ - "Type" - ], - "type": "object" - }, - "AWS::LakeFormation::DataLakeSettings.Admins": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::LakeFormation::DataLakeSettings.CreateDatabaseDefaultPermissions": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::LakeFormation::DataLakeSettings.CreateTableDefaultPermissions": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::LakeFormation::DataLakeSettings.DataLakePrincipal": { - "additionalProperties": false, - "properties": { - "DataLakePrincipalIdentifier": { - "markdownDescription": "An identifier for the Lake Formation principal.", - "title": "DataLakePrincipalIdentifier", - "type": "string" - } - }, - "required": [ - "DataLakePrincipalIdentifier" - ], - "type": "object" - }, - "AWS::LakeFormation::DataLakeSettings.ExternalDataFilteringAllowList": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::LakeFormation::DataLakeSettings.PrincipalPermissions": { - "additionalProperties": false, - "properties": { - "Permissions": { - "items": { - "type": "string" - }, - "markdownDescription": "The permissions that are granted to the principal.", - "title": "Permissions", - "type": "array" - }, - "Principal": { - "$ref": "#/definitions/AWS::LakeFormation::DataLakeSettings.DataLakePrincipal", - "markdownDescription": "The principal who is granted permissions.", - "title": "Principal" - } - }, - "required": [ - "Permissions", - "Principal" + "Type", + "Properties" ], "type": "object" }, - "AWS::LakeFormation::Permissions": { + "AWS::IoT::CertificateProvider": { "additionalProperties": false, "properties": { "Condition": { @@ -141058,42 +145797,42 @@ "Properties": { "additionalProperties": false, "properties": { - "DataLakePrincipal": { - "$ref": "#/definitions/AWS::LakeFormation::Permissions.DataLakePrincipal", - "markdownDescription": "The AWS Lake Formation principal.", - "title": "DataLakePrincipal" - }, - "Permissions": { + "AccountDefaultForOperations": { "items": { "type": "string" }, - "markdownDescription": "The permissions granted or revoked.", - "title": "Permissions", + "markdownDescription": "A list of the operations that the certificate provider will use to generate certificates. Valid value: `CreateCertificateFromCsr` .", + "title": "AccountDefaultForOperations", "type": "array" }, - "PermissionsWithGrantOption": { + "CertificateProviderName": { + "markdownDescription": "The name of the certificate provider.", + "title": "CertificateProviderName", + "type": "string" + }, + "LambdaFunctionArn": { + "markdownDescription": "The ARN of the Lambda function.", + "title": "LambdaFunctionArn", + "type": "string" + }, + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "Indicates the ability to grant permissions (as a subset of permissions granted).", - "title": "PermissionsWithGrantOption", + "markdownDescription": "Metadata that can be used to manage the certificate provider.", + "title": "Tags", "type": "array" - }, - "Resource": { - "$ref": "#/definitions/AWS::LakeFormation::Permissions.Resource", - "markdownDescription": "A structure for the resource.", - "title": "Resource" } }, "required": [ - "DataLakePrincipal", - "Resource" + "AccountDefaultForOperations", + "LambdaFunctionArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::LakeFormation::Permissions" + "AWS::IoT::CertificateProvider" ], "type": "string" }, @@ -141112,155 +145851,7 @@ ], "type": "object" }, - "AWS::LakeFormation::Permissions.ColumnWildcard": { - "additionalProperties": false, - "properties": { - "ExcludedColumnNames": { - "items": { - "type": "string" - }, - "markdownDescription": "Excludes column names. Any column with this name will be excluded.", - "title": "ExcludedColumnNames", - "type": "array" - } - }, - "type": "object" - }, - "AWS::LakeFormation::Permissions.DataLakePrincipal": { - "additionalProperties": false, - "properties": { - "DataLakePrincipalIdentifier": { - "markdownDescription": "An identifier for the Lake Formation principal.", - "title": "DataLakePrincipalIdentifier", - "type": "string" - } - }, - "type": "object" - }, - "AWS::LakeFormation::Permissions.DataLocationResource": { - "additionalProperties": false, - "properties": { - "CatalogId": { - "markdownDescription": "The identifier for the Data Catalog . By default, it is the account ID of the caller.", - "title": "CatalogId", - "type": "string" - }, - "S3Resource": { - "markdownDescription": "The Amazon Resource Name (ARN) that uniquely identifies the data location resource.", - "title": "S3Resource", - "type": "string" - } - }, - "type": "object" - }, - "AWS::LakeFormation::Permissions.DatabaseResource": { - "additionalProperties": false, - "properties": { - "CatalogId": { - "markdownDescription": "The identifier for the Data Catalog . By default, it is the account ID of the caller.", - "title": "CatalogId", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the database resource. Unique to the Data Catalog.", - "title": "Name", - "type": "string" - } - }, - "type": "object" - }, - "AWS::LakeFormation::Permissions.Resource": { - "additionalProperties": false, - "properties": { - "DataLocationResource": { - "$ref": "#/definitions/AWS::LakeFormation::Permissions.DataLocationResource", - "markdownDescription": "A structure for a data location object where permissions are granted or revoked.", - "title": "DataLocationResource" - }, - "DatabaseResource": { - "$ref": "#/definitions/AWS::LakeFormation::Permissions.DatabaseResource", - "markdownDescription": "A structure for the database object.", - "title": "DatabaseResource" - }, - "TableResource": { - "$ref": "#/definitions/AWS::LakeFormation::Permissions.TableResource", - "markdownDescription": "A structure for the table object. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.", - "title": "TableResource" - }, - "TableWithColumnsResource": { - "$ref": "#/definitions/AWS::LakeFormation::Permissions.TableWithColumnsResource", - "markdownDescription": "A structure for a table with columns object. This object is only used when granting a SELECT permission.", - "title": "TableWithColumnsResource" - } - }, - "type": "object" - }, - "AWS::LakeFormation::Permissions.TableResource": { - "additionalProperties": false, - "properties": { - "CatalogId": { - "markdownDescription": "The identifier for the Data Catalog . By default, it is the account ID of the caller.", - "title": "CatalogId", - "type": "string" - }, - "DatabaseName": { - "markdownDescription": "The name of the database for the table. Unique to a Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.", - "title": "DatabaseName", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the table.", - "title": "Name", - "type": "string" - }, - "TableWildcard": { - "$ref": "#/definitions/AWS::LakeFormation::Permissions.TableWildcard", - "markdownDescription": "An empty object representing all tables under a database. If this field is specified instead of the `Name` field, all tables under `DatabaseName` will have permission changes applied.", - "title": "TableWildcard" - } - }, - "type": "object" - }, - "AWS::LakeFormation::Permissions.TableWildcard": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::LakeFormation::Permissions.TableWithColumnsResource": { - "additionalProperties": false, - "properties": { - "CatalogId": { - "markdownDescription": "The identifier for the Data Catalog . By default, it is the account ID of the caller.", - "title": "CatalogId", - "type": "string" - }, - "ColumnNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of column names for the table. At least one of `ColumnNames` or `ColumnWildcard` is required.", - "title": "ColumnNames", - "type": "array" - }, - "ColumnWildcard": { - "$ref": "#/definitions/AWS::LakeFormation::Permissions.ColumnWildcard", - "markdownDescription": "A wildcard specified by a `ColumnWildcard` object. At least one of `ColumnNames` or `ColumnWildcard` is required.", - "title": "ColumnWildcard" - }, - "DatabaseName": { - "markdownDescription": "The name of the database for the table with columns resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.", - "title": "DatabaseName", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the table resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.", - "title": "Name", - "type": "string" - } - }, - "type": "object" - }, - "AWS::LakeFormation::PrincipalPermissions": { + "AWS::IoT::Command": { "additionalProperties": false, "properties": { "Condition": { @@ -141295,49 +145886,81 @@ "Properties": { "additionalProperties": false, "properties": { - "Catalog": { - "markdownDescription": "The identifier for the Data Catalog . By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your Lake Formation environment.", - "title": "Catalog", + "CommandId": { + "markdownDescription": "The unique identifier of the command.", + "title": "CommandId", "type": "string" }, - "Permissions": { + "CreatedAt": { + "markdownDescription": "The timestamp, when the command was created.", + "title": "CreatedAt", + "type": "string" + }, + "Deprecated": { + "markdownDescription": "Indicates whether the command has been deprecated.", + "title": "Deprecated", + "type": "boolean" + }, + "Description": { + "markdownDescription": "The description of the command parameter.", + "title": "Description", + "type": "string" + }, + "DisplayName": { + "markdownDescription": "The display name of the command.", + "title": "DisplayName", + "type": "string" + }, + "LastUpdatedAt": { + "markdownDescription": "The timestamp, when the command was last updated.", + "title": "LastUpdatedAt", + "type": "string" + }, + "MandatoryParameters": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::IoT::Command.CommandParameter" }, - "markdownDescription": "The permissions granted or revoked.", - "title": "Permissions", + "markdownDescription": "", + "title": "MandatoryParameters", "type": "array" }, - "PermissionsWithGrantOption": { + "Namespace": { + "markdownDescription": "", + "title": "Namespace", + "type": "string" + }, + "Payload": { + "$ref": "#/definitions/AWS::IoT::Command.CommandPayload", + "markdownDescription": "", + "title": "Payload" + }, + "PendingDeletion": { + "markdownDescription": "Indicates whether the command is pending deletion.", + "title": "PendingDeletion", + "type": "boolean" + }, + "RoleArn": { + "markdownDescription": "", + "title": "RoleArn", + "type": "string" + }, + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "Indicates the ability to grant permissions (as a subset of permissions granted).", - "title": "PermissionsWithGrantOption", + "markdownDescription": "", + "title": "Tags", "type": "array" - }, - "Principal": { - "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.DataLakePrincipal", - "markdownDescription": "The principal to be granted a permission.", - "title": "Principal" - }, - "Resource": { - "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.Resource", - "markdownDescription": "The resource to be granted or revoked permissions.", - "title": "Resource" } }, "required": [ - "Permissions", - "PermissionsWithGrantOption", - "Principal", - "Resource" + "CommandId" ], "type": "object" }, "Type": { "enum": [ - "AWS::LakeFormation::PrincipalPermissions" + "AWS::IoT::Command" ], "type": "string" }, @@ -141356,296 +145979,93 @@ ], "type": "object" }, - "AWS::LakeFormation::PrincipalPermissions.ColumnWildcard": { - "additionalProperties": false, - "properties": { - "ExcludedColumnNames": { - "items": { - "type": "string" - }, - "markdownDescription": "Excludes column names. Any column with this name will be excluded.", - "title": "ExcludedColumnNames", - "type": "array" - } - }, - "type": "object" - }, - "AWS::LakeFormation::PrincipalPermissions.DataCellsFilterResource": { - "additionalProperties": false, - "properties": { - "DatabaseName": { - "markdownDescription": "A database in the Data Catalog .", - "title": "DatabaseName", - "type": "string" - }, - "Name": { - "markdownDescription": "The name given by the user to the data filter cell.", - "title": "Name", - "type": "string" - }, - "TableCatalogId": { - "markdownDescription": "The ID of the catalog to which the table belongs.", - "title": "TableCatalogId", - "type": "string" - }, - "TableName": { - "markdownDescription": "The name of the table.", - "title": "TableName", - "type": "string" - } - }, - "required": [ - "DatabaseName", - "Name", - "TableCatalogId", - "TableName" - ], - "type": "object" - }, - "AWS::LakeFormation::PrincipalPermissions.DataLakePrincipal": { - "additionalProperties": false, - "properties": { - "DataLakePrincipalIdentifier": { - "markdownDescription": "An identifier for the AWS Lake Formation principal.", - "title": "DataLakePrincipalIdentifier", - "type": "string" - } - }, - "type": "object" - }, - "AWS::LakeFormation::PrincipalPermissions.DataLocationResource": { + "AWS::IoT::Command.CommandParameter": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The identifier for the Data Catalog where the location is registered with AWS Lake Formation .", - "title": "CatalogId", - "type": "string" + "DefaultValue": { + "$ref": "#/definitions/AWS::IoT::Command.CommandParameterValue", + "markdownDescription": "", + "title": "DefaultValue" }, - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) that uniquely identifies the data location resource.", - "title": "ResourceArn", - "type": "string" - } - }, - "required": [ - "CatalogId", - "ResourceArn" - ], - "type": "object" - }, - "AWS::LakeFormation::PrincipalPermissions.DatabaseResource": { - "additionalProperties": false, - "properties": { - "CatalogId": { - "markdownDescription": "The identifier for the Data Catalog. By default, it is the account ID of the caller.", - "title": "CatalogId", + "Description": { + "markdownDescription": "", + "title": "Description", "type": "string" }, "Name": { - "markdownDescription": "The name of the database resource. Unique to the Data Catalog.", + "markdownDescription": "", "title": "Name", "type": "string" - } - }, - "required": [ - "CatalogId", - "Name" - ], - "type": "object" - }, - "AWS::LakeFormation::PrincipalPermissions.LFTag": { - "additionalProperties": false, - "properties": { - "TagKey": { - "markdownDescription": "The key-name for the LF-tag.", - "title": "TagKey", - "type": "string" - }, - "TagValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of possible values of the corresponding `TagKey` of an LF-tag key-value pair.", - "title": "TagValues", - "type": "array" - } - }, - "type": "object" - }, - "AWS::LakeFormation::PrincipalPermissions.LFTagKeyResource": { - "additionalProperties": false, - "properties": { - "CatalogId": { - "markdownDescription": "The identifier for the Data Catalog where the location is registered with Data Catalog .", - "title": "CatalogId", - "type": "string" - }, - "TagKey": { - "markdownDescription": "The key-name for the LF-tag.", - "title": "TagKey", - "type": "string" }, - "TagValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of possible values for the corresponding `TagKey` of an LF-tag key-value pair.", - "title": "TagValues", - "type": "array" + "Value": { + "$ref": "#/definitions/AWS::IoT::Command.CommandParameterValue", + "markdownDescription": "", + "title": "Value" } }, "required": [ - "CatalogId", - "TagKey", - "TagValues" + "Name" ], "type": "object" }, - "AWS::LakeFormation::PrincipalPermissions.LFTagPolicyResource": { + "AWS::IoT::Command.CommandParameterValue": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The identifier for the Data Catalog . The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your AWS Lake Formation environment.", - "title": "CatalogId", - "type": "string" - }, - "Expression": { - "items": { - "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.LFTag" - }, - "markdownDescription": "A list of LF-tag conditions that apply to the resource's LF-tag policy.", - "title": "Expression", - "type": "array" + "B": { + "markdownDescription": "", + "title": "B", + "type": "boolean" }, - "ResourceType": { - "markdownDescription": "The resource type for which the LF-tag policy applies.", - "title": "ResourceType", + "BIN": { + "markdownDescription": "", + "title": "BIN", "type": "string" - } - }, - "required": [ - "CatalogId", - "Expression", - "ResourceType" - ], - "type": "object" - }, - "AWS::LakeFormation::PrincipalPermissions.Resource": { - "additionalProperties": false, - "properties": { - "Catalog": { - "markdownDescription": "The identifier for the Data Catalog. By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your AWS Lake Formation environment.", - "title": "Catalog", - "type": "object" - }, - "DataCellsFilter": { - "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.DataCellsFilterResource", - "markdownDescription": "A data cell filter.", - "title": "DataCellsFilter" - }, - "DataLocation": { - "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.DataLocationResource", - "markdownDescription": "The location of an Amazon S3 path where permissions are granted or revoked.", - "title": "DataLocation" - }, - "Database": { - "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.DatabaseResource", - "markdownDescription": "The database for the resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database permissions to a principal.", - "title": "Database" - }, - "LFTag": { - "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.LFTagKeyResource", - "markdownDescription": "The LF-tag key and values attached to a resource.", - "title": "LFTag" }, - "LFTagPolicy": { - "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.LFTagPolicyResource", - "markdownDescription": "A list of LF-tag conditions that define a resource's LF-tag policy.", - "title": "LFTagPolicy" + "D": { + "markdownDescription": "", + "title": "D", + "type": "number" }, - "Table": { - "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.TableResource", - "markdownDescription": "The table for the resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.", - "title": "Table" + "I": { + "markdownDescription": "", + "title": "I", + "type": "number" }, - "TableWithColumns": { - "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.TableWithColumnsResource", - "markdownDescription": "The table with columns for the resource. A principal with permissions to this resource can select metadata from the columns of a table in the Data Catalog and the underlying data in Amazon S3.", - "title": "TableWithColumns" - } - }, - "type": "object" - }, - "AWS::LakeFormation::PrincipalPermissions.TableResource": { - "additionalProperties": false, - "properties": { - "CatalogId": { - "markdownDescription": "The identifier for the Data Catalog. By default, it is the account ID of the caller.", - "title": "CatalogId", + "L": { + "markdownDescription": "", + "title": "L", "type": "string" }, - "DatabaseName": { - "markdownDescription": "The name of the database for the table. Unique to a Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.", - "title": "DatabaseName", + "S": { + "markdownDescription": "", + "title": "S", "type": "string" }, - "Name": { - "markdownDescription": "The name of the table.", - "title": "Name", + "UL": { + "markdownDescription": "", + "title": "UL", "type": "string" - }, - "TableWildcard": { - "markdownDescription": "A wildcard object representing every table under a database.\n\nAt least one of `TableResource$Name` or `TableResource$TableWildcard` is required.", - "title": "TableWildcard", - "type": "object" } }, - "required": [ - "CatalogId", - "DatabaseName" - ], "type": "object" }, - "AWS::LakeFormation::PrincipalPermissions.TableWithColumnsResource": { + "AWS::IoT::Command.CommandPayload": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The identifier for the Data Catalog where the location is registered with AWS Lake Formation .", - "title": "CatalogId", - "type": "string" - }, - "ColumnNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of column names for the table. At least one of `ColumnNames` or `ColumnWildcard` is required.", - "title": "ColumnNames", - "type": "array" - }, - "ColumnWildcard": { - "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.ColumnWildcard", - "markdownDescription": "A wildcard specified by a `ColumnWildcard` object. At least one of `ColumnNames` or `ColumnWildcard` is required.", - "title": "ColumnWildcard" - }, - "DatabaseName": { - "markdownDescription": "The name of the database for the table with columns resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.", - "title": "DatabaseName", + "Content": { + "markdownDescription": "", + "title": "Content", "type": "string" }, - "Name": { - "markdownDescription": "The name of the table resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.", - "title": "Name", + "ContentType": { + "markdownDescription": "", + "title": "ContentType", "type": "string" } }, - "required": [ - "CatalogId", - "DatabaseName", - "Name" - ], "type": "object" }, - "AWS::LakeFormation::Resource": { + "AWS::IoT::CustomMetric": { "additionalProperties": false, "properties": { "Condition": { @@ -141680,41 +146100,38 @@ "Properties": { "additionalProperties": false, "properties": { - "HybridAccessEnabled": { - "markdownDescription": "Indicates whether the data access of tables pointing to the location can be managed by both Lake Formation permissions as well as Amazon S3 bucket policies.", - "title": "HybridAccessEnabled", - "type": "boolean" - }, - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", - "title": "ResourceArn", + "DisplayName": { + "markdownDescription": "The friendly name in the console for the custom metric. This name doesn't have to be unique. Don't use this name as the metric identifier in the device metric report. You can update the friendly name after you define it.", + "title": "DisplayName", "type": "string" }, - "RoleArn": { - "markdownDescription": "The IAM role that registered a resource.", - "title": "RoleArn", + "MetricName": { + "markdownDescription": "The name of the custom metric. This will be used in the metric report submitted from the device/thing. The name can't begin with `aws:` . You can\u2019t change the name after you define it.", + "title": "MetricName", "type": "string" }, - "UseServiceLinkedRole": { - "markdownDescription": "Designates a trusted caller, an IAM principal, by registering this caller with the Data Catalog .", - "title": "UseServiceLinkedRole", - "type": "boolean" + "MetricType": { + "markdownDescription": "The type of the custom metric. Types include `string-list` , `ip-address-list` , `number-list` , and `number` .\n\n> The type `number` only takes a single metric value as an input, but when you submit the metrics value in the DeviceMetrics report, you must pass it as an array with a single value.", + "title": "MetricType", + "type": "string" }, - "WithFederation": { - "markdownDescription": "Allows Lake Formation to assume a role to access tables in a federated database.", - "title": "WithFederation", - "type": "boolean" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata that can be used to manage the custom metric.", + "title": "Tags", + "type": "array" } }, "required": [ - "ResourceArn", - "UseServiceLinkedRole" + "MetricType" ], "type": "object" }, "Type": { "enum": [ - "AWS::LakeFormation::Resource" + "AWS::IoT::CustomMetric" ], "type": "string" }, @@ -141733,7 +146150,7 @@ ], "type": "object" }, - "AWS::LakeFormation::Tag": { + "AWS::IoT::Dimension": { "additionalProperties": false, "properties": { "Condition": { @@ -141768,34 +146185,42 @@ "Properties": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "Catalog id string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html) .\n\nThe identifier for the Data Catalog . By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your AWS Lake Formation environment.", - "title": "CatalogId", - "type": "string" - }, - "TagKey": { - "markdownDescription": "UTF-8 string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html) .\n\nThe key-name for the LF-tag.", - "title": "TagKey", + "Name": { + "markdownDescription": "A unique identifier for the dimension.", + "title": "Name", "type": "string" }, - "TagValues": { + "StringValues": { "items": { "type": "string" }, - "markdownDescription": "An array of UTF-8 strings, not less than 1 or more than 50 strings.\n\nA list of possible values of the corresponding `TagKey` of an LF-tag key-value pair.", - "title": "TagValues", + "markdownDescription": "Specifies the value or list of values for the dimension. For `TOPIC_FILTER` dimensions, this is a pattern used to match the MQTT topic (for example, \"admin/#\").", + "title": "StringValues", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata that can be used to manage the dimension.", + "title": "Tags", "type": "array" + }, + "Type": { + "markdownDescription": "Specifies the type of dimension. Supported types: `TOPIC_FILTER.`", + "title": "Type", + "type": "string" } }, "required": [ - "TagKey", - "TagValues" + "StringValues", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::LakeFormation::Tag" + "AWS::IoT::Dimension" ], "type": "string" }, @@ -141814,7 +146239,7 @@ ], "type": "object" }, - "AWS::LakeFormation::TagAssociation": { + "AWS::IoT::DomainConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -141849,29 +146274,83 @@ "Properties": { "additionalProperties": false, "properties": { - "LFTags": { + "ApplicationProtocol": { + "markdownDescription": "An enumerated string that speci\ufb01es the application-layer protocol.", + "title": "ApplicationProtocol", + "type": "string" + }, + "AuthenticationType": { + "markdownDescription": "An enumerated string that speci\ufb01es the authentication type.", + "title": "AuthenticationType", + "type": "string" + }, + "AuthorizerConfig": { + "$ref": "#/definitions/AWS::IoT::DomainConfiguration.AuthorizerConfig", + "markdownDescription": "An object that specifies the authorization service for a domain.", + "title": "AuthorizerConfig" + }, + "ClientCertificateConfig": { + "$ref": "#/definitions/AWS::IoT::DomainConfiguration.ClientCertificateConfig", + "markdownDescription": "An object that speci\ufb01es the client certificate con\ufb01guration for a domain.", + "title": "ClientCertificateConfig" + }, + "DomainConfigurationName": { + "markdownDescription": "The name of the domain configuration. This value must be unique to a region.", + "title": "DomainConfigurationName", + "type": "string" + }, + "DomainConfigurationStatus": { + "markdownDescription": "The status to which the domain configuration should be updated.\n\nValid values: `ENABLED` | `DISABLED`", + "title": "DomainConfigurationStatus", + "type": "string" + }, + "DomainName": { + "markdownDescription": "The name of the domain.", + "title": "DomainName", + "type": "string" + }, + "ServerCertificateArns": { "items": { - "$ref": "#/definitions/AWS::LakeFormation::TagAssociation.LFTagPair" + "type": "string" }, - "markdownDescription": "A structure containing an LF-tag key-value pair.", - "title": "LFTags", + "markdownDescription": "The ARNs of the certificates that AWS IoT passes to the device during the TLS handshake. Currently you can specify only one certificate ARN. This value is not required for AWS -managed domains.", + "title": "ServerCertificateArns", "type": "array" }, - "Resource": { - "$ref": "#/definitions/AWS::LakeFormation::TagAssociation.Resource", - "markdownDescription": "UTF-8 string (valid values: `DATABASE | TABLE` ).\n\nThe resource for which the LF-tag policy applies.", - "title": "Resource" + "ServerCertificateConfig": { + "$ref": "#/definitions/AWS::IoT::DomainConfiguration.ServerCertificateConfig", + "markdownDescription": "The server certificate configuration.\n\nFor more information, see [Configurable endpoints](https://docs.aws.amazon.com//iot/latest/developerguide/iot-custom-endpoints-configurable.html) from the AWS IoT Core Developer Guide.", + "title": "ServerCertificateConfig" + }, + "ServiceType": { + "markdownDescription": "The type of service delivered by the endpoint.\n\n> AWS IoT Core currently supports only the `DATA` service type.", + "title": "ServiceType", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata which can be used to manage the domain configuration.\n\n> For URI Request parameters use format: ...key1=value1&key2=value2...\n> \n> For the CLI command-line parameter use format: &&tags \"key1=value1&key2=value2...\"\n> \n> For the cli-input-json file use format: \"tags\": \"key1=value1&key2=value2...\"", + "title": "Tags", + "type": "array" + }, + "TlsConfig": { + "$ref": "#/definitions/AWS::IoT::DomainConfiguration.TlsConfig", + "markdownDescription": "An object that specifies the TLS configuration for a domain.", + "title": "TlsConfig" + }, + "ValidationCertificateArn": { + "markdownDescription": "The certificate used to validate the server certificate and prove domain name ownership. This certificate must be signed by a public certificate authority. This value is not required for AWS -managed domains.", + "title": "ValidationCertificateArn", + "type": "string" } }, - "required": [ - "LFTags", - "Resource" - ], "type": "object" }, "Type": { "enum": [ - "AWS::LakeFormation::TagAssociation" + "AWS::IoT::DomainConfiguration" ], "type": "string" }, @@ -141885,152 +146364,91 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::LakeFormation::TagAssociation.DatabaseResource": { + "AWS::IoT::DomainConfiguration.AuthorizerConfig": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The identifier for the Data Catalog . By default, it should be the account ID of the caller.", - "title": "CatalogId", - "type": "string" + "AllowAuthorizerOverride": { + "markdownDescription": "A Boolean that specifies whether the domain configuration's authorization service can be overridden.", + "title": "AllowAuthorizerOverride", + "type": "boolean" }, - "Name": { - "markdownDescription": "The name of the database resource. Unique to the Data Catalog.", - "title": "Name", + "DefaultAuthorizerName": { + "markdownDescription": "The name of the authorization service for a domain configuration.", + "title": "DefaultAuthorizerName", "type": "string" } }, - "required": [ - "CatalogId", - "Name" - ], "type": "object" }, - "AWS::LakeFormation::TagAssociation.LFTagPair": { + "AWS::IoT::DomainConfiguration.ClientCertificateConfig": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The identifier for the Data Catalog . By default, it is the account ID of the caller.", - "title": "CatalogId", - "type": "string" - }, - "TagKey": { - "markdownDescription": "The key-name for the LF-tag.", - "title": "TagKey", + "ClientCertificateCallbackArn": { + "markdownDescription": "The ARN of the Lambda function that IoT invokes after mutual TLS authentication during the connection.", + "title": "ClientCertificateCallbackArn", "type": "string" - }, - "TagValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of possible values of the corresponding `TagKey` of an LF-tag key-value pair.", - "title": "TagValues", - "type": "array" } }, - "required": [ - "CatalogId", - "TagKey", - "TagValues" - ], "type": "object" }, - "AWS::LakeFormation::TagAssociation.Resource": { + "AWS::IoT::DomainConfiguration.ServerCertificateConfig": { "additionalProperties": false, "properties": { - "Catalog": { - "markdownDescription": "The identifier for the Data Catalog. By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your AWS Lake Formation environment.", - "title": "Catalog", - "type": "object" - }, - "Database": { - "$ref": "#/definitions/AWS::LakeFormation::TagAssociation.DatabaseResource", - "markdownDescription": "The database for the resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database permissions to a principal.", - "title": "Database" + "EnableOCSPCheck": { + "markdownDescription": "A Boolean value that indicates whether Online Certificate Status Protocol (OCSP) server certificate check is enabled or not. For more information, see [Configurable endpoints](https://docs.aws.amazon.com//iot/latest/developerguide/iot-custom-endpoints-configurable.html) from the AWS IoT Core Developer Guide.", + "title": "EnableOCSPCheck", + "type": "boolean" }, - "Table": { - "$ref": "#/definitions/AWS::LakeFormation::TagAssociation.TableResource", - "markdownDescription": "The table for the resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.", - "title": "Table" + "OcspAuthorizedResponderArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for an X.509 certificate stored in ACM. If provided, AWS IoT Core will use this certificate to validate the signature of the received OCSP response. The OCSP responder must sign responses using either this authorized responder certificate or the issuing certificate, depending on whether the ARN is provided or not. The certificate must be in the same account and region as the domain configuration.", + "title": "OcspAuthorizedResponderArn", + "type": "string" }, - "TableWithColumns": { - "$ref": "#/definitions/AWS::LakeFormation::TagAssociation.TableWithColumnsResource", - "markdownDescription": "The table with columns for the resource. A principal with permissions to this resource can select metadata from the columns of a table in the Data Catalog and the underlying data in Amazon S3.", - "title": "TableWithColumns" + "OcspLambdaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for a Lambda function that acts as a Request for Comments (RFC) 6960-compliant Online Certificate Status Protocol (OCSP) responder, supporting basic OCSP responses. The Lambda function accepts a base64-encoding of the OCSP request in the Distinguished Encoding Rules (DER) format. The Lambda function's response is also a base64-encoded OCSP response in the DER format. The response size must not exceed 4 kilobytes (KiB). The Lambda function must be in the same account and region as the domain configuration.", + "title": "OcspLambdaArn", + "type": "string" } }, "type": "object" }, - "AWS::LakeFormation::TagAssociation.TableResource": { + "AWS::IoT::DomainConfiguration.ServerCertificateSummary": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The identifier for the Data Catalog . By default, it is the account ID of the caller.", - "title": "CatalogId", + "ServerCertificateArn": { + "markdownDescription": "The ARN of the server certificate.", + "title": "ServerCertificateArn", "type": "string" }, - "DatabaseName": { - "markdownDescription": "The name of the database for the table. Unique to a Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.", - "title": "DatabaseName", + "ServerCertificateStatus": { + "markdownDescription": "The status of the server certificate.", + "title": "ServerCertificateStatus", "type": "string" }, - "Name": { - "markdownDescription": "The name of the table.", - "title": "Name", + "ServerCertificateStatusDetail": { + "markdownDescription": "Details that explain the status of the server certificate.", + "title": "ServerCertificateStatusDetail", "type": "string" - }, - "TableWildcard": { - "markdownDescription": "A wildcard object representing every table under a database.This is an object with no properties that effectively behaves as a true or false depending on whether not it is passed as a parameter. The valid inputs for a property with this type in either yaml or json is null or {}.\n\nAt least one of `TableResource$Name` or `TableResource$TableWildcard` is required.", - "title": "TableWildcard", - "type": "object" } }, - "required": [ - "CatalogId", - "DatabaseName" - ], "type": "object" }, - "AWS::LakeFormation::TagAssociation.TableWithColumnsResource": { + "AWS::IoT::DomainConfiguration.TlsConfig": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "A wildcard object representing every table under a database.\n\nAt least one of TableResource$Name or TableResource$TableWildcard is required.", - "title": "CatalogId", - "type": "string" - }, - "ColumnNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of column names for the table. At least one of `ColumnNames` or `ColumnWildcard` is required.", - "title": "ColumnNames", - "type": "array" - }, - "DatabaseName": { - "markdownDescription": "The name of the database for the table with columns resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.", - "title": "DatabaseName", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the table resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.", - "title": "Name", + "SecurityPolicy": { + "markdownDescription": "The security policy for a domain configuration. For more information, see [Security policies](https://docs.aws.amazon.com/iot/latest/developerguide/transport-security.html#tls-policy-table) in the *AWS IoT Core developer guide* .", + "title": "SecurityPolicy", "type": "string" } }, - "required": [ - "CatalogId", - "ColumnNames", - "DatabaseName", - "Name" - ], "type": "object" }, - "AWS::Lambda::Alias": { + "AWS::IoT::FleetMetric": { "additionalProperties": false, "properties": { "Condition": { @@ -142065,47 +146483,68 @@ "Properties": { "additionalProperties": false, "properties": { + "AggregationField": { + "markdownDescription": "The field to aggregate.", + "title": "AggregationField", + "type": "string" + }, + "AggregationType": { + "$ref": "#/definitions/AWS::IoT::FleetMetric.AggregationType", + "markdownDescription": "The type of the aggregation query.", + "title": "AggregationType" + }, "Description": { - "markdownDescription": "A description of the alias.", + "markdownDescription": "The fleet metric description.", "title": "Description", "type": "string" }, - "FunctionName": { - "markdownDescription": "The name or ARN of the Lambda function.\n\n**Name formats** - *Function name* - `MyFunction` .\n- *Function ARN* - `arn:aws:lambda:us-west-2:123456789012:function:MyFunction` .\n- *Partial ARN* - `123456789012:function:MyFunction` .\n\nThe length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length.", - "title": "FunctionName", + "IndexName": { + "markdownDescription": "The name of the index to search.", + "title": "IndexName", "type": "string" }, - "FunctionVersion": { - "markdownDescription": "The function version that the alias invokes.", - "title": "FunctionVersion", + "MetricName": { + "markdownDescription": "The name of the fleet metric to create.", + "title": "MetricName", "type": "string" }, - "Name": { - "markdownDescription": "The name of the alias.", - "title": "Name", + "Period": { + "markdownDescription": "The time in seconds between fleet metric emissions. Range [60(1 min), 86400(1 day)] and must be multiple of 60.", + "title": "Period", + "type": "number" + }, + "QueryString": { + "markdownDescription": "The search query string.", + "title": "QueryString", "type": "string" }, - "ProvisionedConcurrencyConfig": { - "$ref": "#/definitions/AWS::Lambda::Alias.ProvisionedConcurrencyConfiguration", - "markdownDescription": "Specifies a [provisioned concurrency](https://docs.aws.amazon.com/lambda/latest/dg/configuration-concurrency.html) configuration for a function's alias.", - "title": "ProvisionedConcurrencyConfig" + "QueryVersion": { + "markdownDescription": "The query version.", + "title": "QueryVersion", + "type": "string" }, - "RoutingConfig": { - "$ref": "#/definitions/AWS::Lambda::Alias.AliasRoutingConfiguration", - "markdownDescription": "The [routing configuration](https://docs.aws.amazon.com/lambda/latest/dg/lambda-traffic-shifting-using-aliases.html) of the alias.", - "title": "RoutingConfig" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata which can be used to manage the fleet metric.", + "title": "Tags", + "type": "array" + }, + "Unit": { + "markdownDescription": "Used to support unit transformation such as milliseconds to seconds. Must be a unit supported by CW metric. Default to null.", + "title": "Unit", + "type": "string" } }, "required": [ - "FunctionName", - "FunctionVersion", - "Name" + "MetricName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lambda::Alias" + "AWS::IoT::FleetMetric" ], "type": "string" }, @@ -142124,58 +146563,30 @@ ], "type": "object" }, - "AWS::Lambda::Alias.AliasRoutingConfiguration": { + "AWS::IoT::FleetMetric.AggregationType": { "additionalProperties": false, "properties": { - "AdditionalVersionWeights": { + "Name": { + "markdownDescription": "The name of the aggregation type.", + "title": "Name", + "type": "string" + }, + "Values": { "items": { - "$ref": "#/definitions/AWS::Lambda::Alias.VersionWeight" + "type": "string" }, - "markdownDescription": "The second version, and the percentage of traffic that's routed to it.", - "title": "AdditionalVersionWeights", + "markdownDescription": "A list of the values of aggregation types.", + "title": "Values", "type": "array" } }, "required": [ - "AdditionalVersionWeights" - ], - "type": "object" - }, - "AWS::Lambda::Alias.ProvisionedConcurrencyConfiguration": { - "additionalProperties": false, - "properties": { - "ProvisionedConcurrentExecutions": { - "markdownDescription": "The amount of provisioned concurrency to allocate for the alias.", - "title": "ProvisionedConcurrentExecutions", - "type": "number" - } - }, - "required": [ - "ProvisionedConcurrentExecutions" - ], - "type": "object" - }, - "AWS::Lambda::Alias.VersionWeight": { - "additionalProperties": false, - "properties": { - "FunctionVersion": { - "markdownDescription": "The qualifier of the second version.", - "title": "FunctionVersion", - "type": "string" - }, - "FunctionWeight": { - "markdownDescription": "The percentage of traffic that the alias routes to the second version.", - "title": "FunctionWeight", - "type": "number" - } - }, - "required": [ - "FunctionVersion", - "FunctionWeight" + "Name", + "Values" ], "type": "object" }, - "AWS::Lambda::CodeSigningConfig": { + "AWS::IoT::JobTemplate": { "additionalProperties": false, "properties": { "Condition": { @@ -142210,30 +146621,90 @@ "Properties": { "additionalProperties": false, "properties": { - "AllowedPublishers": { - "$ref": "#/definitions/AWS::Lambda::CodeSigningConfig.AllowedPublishers", - "markdownDescription": "List of allowed publishers.", - "title": "AllowedPublishers" - }, - "CodeSigningPolicies": { - "$ref": "#/definitions/AWS::Lambda::CodeSigningConfig.CodeSigningPolicies", - "markdownDescription": "The code signing policy controls the validation failure action for signature mismatch or expiry.", - "title": "CodeSigningPolicies" + "AbortConfig": { + "$ref": "#/definitions/AWS::IoT::JobTemplate.AbortConfig", + "markdownDescription": "The criteria that determine when and how a job abort takes place.", + "title": "AbortConfig" }, "Description": { - "markdownDescription": "Code signing configuration description.", + "markdownDescription": "A description of the job template.", "title": "Description", "type": "string" + }, + "DestinationPackageVersions": { + "items": { + "type": "string" + }, + "markdownDescription": "The package version Amazon Resource Names (ARNs) that are installed on the device\u2019s reserved named shadow ( `$package` ) when the job successfully completes.\n\n*Note:* Up to 25 package version ARNS are allowed.", + "title": "DestinationPackageVersions", + "type": "array" + }, + "Document": { + "markdownDescription": "The job document.\n\nRequired if you don't specify a value for `documentSource` .", + "title": "Document", + "type": "string" + }, + "DocumentSource": { + "markdownDescription": "An S3 link, or S3 object URL, to the job document. The link is an Amazon S3 object URL and is required if you don't specify a value for `document` .\n\nFor example, `--document-source https://s3. *region-code* .amazonaws.com/example-firmware/device-firmware.1.0`\n\nFor more information, see [Methods for accessing a bucket](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-bucket-intro.html) .", + "title": "DocumentSource", + "type": "string" + }, + "JobArn": { + "markdownDescription": "The ARN of the job to use as the basis for the job template.", + "title": "JobArn", + "type": "string" + }, + "JobExecutionsRetryConfig": { + "$ref": "#/definitions/AWS::IoT::JobTemplate.JobExecutionsRetryConfig", + "markdownDescription": "Allows you to create the criteria to retry a job.", + "title": "JobExecutionsRetryConfig" + }, + "JobExecutionsRolloutConfig": { + "$ref": "#/definitions/AWS::IoT::JobTemplate.JobExecutionsRolloutConfig", + "markdownDescription": "Allows you to create a staged rollout of a job.", + "title": "JobExecutionsRolloutConfig" + }, + "JobTemplateId": { + "markdownDescription": "A unique identifier for the job template. We recommend using a UUID. Alpha-numeric characters, \"-\", and \"_\" are valid for use here.", + "title": "JobTemplateId", + "type": "string" + }, + "MaintenanceWindows": { + "items": { + "$ref": "#/definitions/AWS::IoT::JobTemplate.MaintenanceWindow" + }, + "markdownDescription": "An optional configuration within the SchedulingConfig to setup a recurring maintenance window with a predetermined start time and duration for the rollout of a job document to all devices in a target group for a job.", + "title": "MaintenanceWindows", + "type": "array" + }, + "PresignedUrlConfig": { + "$ref": "#/definitions/AWS::IoT::JobTemplate.PresignedUrlConfig", + "markdownDescription": "Configuration for pre-signed S3 URLs.", + "title": "PresignedUrlConfig" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata that can be used to manage the job template.", + "title": "Tags", + "type": "array" + }, + "TimeoutConfig": { + "$ref": "#/definitions/AWS::IoT::JobTemplate.TimeoutConfig", + "markdownDescription": "Specifies the amount of time each device has to finish its execution of the job. A timer is started when the job execution status is set to `IN_PROGRESS` . If the job execution status is not set to another terminal state before the timer expires, it will be automatically set to `TIMED_OUT` .", + "title": "TimeoutConfig" } }, "required": [ - "AllowedPublishers" + "Description", + "JobTemplateId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lambda::CodeSigningConfig" + "AWS::IoT::JobTemplate" ], "type": "string" }, @@ -142252,38 +146723,193 @@ ], "type": "object" }, - "AWS::Lambda::CodeSigningConfig.AllowedPublishers": { + "AWS::IoT::JobTemplate.AbortConfig": { "additionalProperties": false, "properties": { - "SigningProfileVersionArns": { + "CriteriaList": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::IoT::JobTemplate.AbortCriteria" }, - "markdownDescription": "The Amazon Resource Name (ARN) for each of the signing profiles. A signing profile defines a trusted user who can sign a code package.", - "title": "SigningProfileVersionArns", + "markdownDescription": "The list of criteria that determine when and how to abort the job.", + "title": "CriteriaList", "type": "array" } }, "required": [ - "SigningProfileVersionArns" + "CriteriaList" ], "type": "object" }, - "AWS::Lambda::CodeSigningConfig.CodeSigningPolicies": { + "AWS::IoT::JobTemplate.AbortCriteria": { "additionalProperties": false, "properties": { - "UntrustedArtifactOnDeployment": { - "markdownDescription": "Code signing configuration policy for deployment validation failure. If you set the policy to `Enforce` , Lambda blocks the deployment request if signature validation checks fail. If you set the policy to `Warn` , Lambda allows the deployment and creates a CloudWatch log.\n\nDefault value: `Warn`", - "title": "UntrustedArtifactOnDeployment", + "Action": { + "markdownDescription": "The type of job action to take to initiate the job abort.", + "title": "Action", + "type": "string" + }, + "FailureType": { + "markdownDescription": "The type of job execution failures that can initiate a job abort.", + "title": "FailureType", "type": "string" + }, + "MinNumberOfExecutedThings": { + "markdownDescription": "The minimum number of things which must receive job execution notifications before the job can be aborted.", + "title": "MinNumberOfExecutedThings", + "type": "number" + }, + "ThresholdPercentage": { + "markdownDescription": "The minimum percentage of job execution failures that must occur to initiate the job abort.\n\nAWS IoT Core supports up to two digits after the decimal (for example, 10.9 and 10.99, but not 10.999).", + "title": "ThresholdPercentage", + "type": "number" } }, "required": [ - "UntrustedArtifactOnDeployment" + "Action", + "FailureType", + "MinNumberOfExecutedThings", + "ThresholdPercentage" ], "type": "object" }, - "AWS::Lambda::EventInvokeConfig": { + "AWS::IoT::JobTemplate.ExponentialRolloutRate": { + "additionalProperties": false, + "properties": { + "BaseRatePerMinute": { + "markdownDescription": "The minimum number of things that will be notified of a pending job, per minute at the start of job rollout. This parameter allows you to define the initial rate of rollout.", + "title": "BaseRatePerMinute", + "type": "number" + }, + "IncrementFactor": { + "markdownDescription": "The exponential factor to increase the rate of rollout for a job.\n\nAWS IoT Core supports up to one digit after the decimal (for example, 1.5, but not 1.55).", + "title": "IncrementFactor", + "type": "number" + }, + "RateIncreaseCriteria": { + "$ref": "#/definitions/AWS::IoT::JobTemplate.RateIncreaseCriteria", + "markdownDescription": "The criteria to initiate the increase in rate of rollout for a job.", + "title": "RateIncreaseCriteria" + } + }, + "required": [ + "BaseRatePerMinute", + "IncrementFactor", + "RateIncreaseCriteria" + ], + "type": "object" + }, + "AWS::IoT::JobTemplate.JobExecutionsRetryConfig": { + "additionalProperties": false, + "properties": { + "RetryCriteriaList": { + "items": { + "$ref": "#/definitions/AWS::IoT::JobTemplate.RetryCriteria" + }, + "markdownDescription": "The list of criteria that determines how many retries are allowed for each failure type for a job.", + "title": "RetryCriteriaList", + "type": "array" + } + }, + "type": "object" + }, + "AWS::IoT::JobTemplate.JobExecutionsRolloutConfig": { + "additionalProperties": false, + "properties": { + "ExponentialRolloutRate": { + "$ref": "#/definitions/AWS::IoT::JobTemplate.ExponentialRolloutRate", + "markdownDescription": "The rate of increase for a job rollout. This parameter allows you to define an exponential rate for a job rollout.", + "title": "ExponentialRolloutRate" + }, + "MaximumPerMinute": { + "markdownDescription": "The maximum number of things that will be notified of a pending job, per minute. This parameter allows you to create a staged rollout.", + "title": "MaximumPerMinute", + "type": "number" + } + }, + "type": "object" + }, + "AWS::IoT::JobTemplate.MaintenanceWindow": { + "additionalProperties": false, + "properties": { + "DurationInMinutes": { + "markdownDescription": "Displays the duration of the next maintenance window.", + "title": "DurationInMinutes", + "type": "number" + }, + "StartTime": { + "markdownDescription": "Displays the start time of the next maintenance window.", + "title": "StartTime", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoT::JobTemplate.PresignedUrlConfig": { + "additionalProperties": false, + "properties": { + "ExpiresInSec": { + "markdownDescription": "How long (in seconds) pre-signed URLs are valid. Valid values are 60 - 3600, the default value is 3600 seconds. Pre-signed URLs are generated when Jobs receives an MQTT request for the job document.", + "title": "ExpiresInSec", + "type": "number" + }, + "RoleArn": { + "markdownDescription": "The ARN of an IAM role that grants grants permission to download files from the S3 bucket where the job data/updates are stored. The role must also grant permission for IoT to download the files.\n\n> For information about addressing the confused deputy problem, see [cross-service confused deputy prevention](https://docs.aws.amazon.com/iot/latest/developerguide/cross-service-confused-deputy-prevention.html) in the *AWS IoT Core developer guide* .", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "RoleArn" + ], + "type": "object" + }, + "AWS::IoT::JobTemplate.RateIncreaseCriteria": { + "additionalProperties": false, + "properties": { + "NumberOfNotifiedThings": { + "markdownDescription": "The threshold for number of notified things that will initiate the increase in rate of rollout.", + "title": "NumberOfNotifiedThings", + "type": "number" + }, + "NumberOfSucceededThings": { + "markdownDescription": "The threshold for number of succeeded things that will initiate the increase in rate of rollout.", + "title": "NumberOfSucceededThings", + "type": "number" + } + }, + "type": "object" + }, + "AWS::IoT::JobTemplate.RetryCriteria": { + "additionalProperties": false, + "properties": { + "FailureType": { + "markdownDescription": "The type of job execution failures that can initiate a job retry.", + "title": "FailureType", + "type": "string" + }, + "NumberOfRetries": { + "markdownDescription": "The number of retries allowed for a failure type for the job.", + "title": "NumberOfRetries", + "type": "number" + } + }, + "type": "object" + }, + "AWS::IoT::JobTemplate.TimeoutConfig": { + "additionalProperties": false, + "properties": { + "InProgressTimeoutInMinutes": { + "markdownDescription": "Specifies the amount of time, in minutes, this device has to finish execution of this job. The timeout interval can be anywhere between 1 minute and 7 days (1 to 10080 minutes). The in progress timer can't be updated and will apply to all job executions for the job. Whenever a job execution remains in the IN_PROGRESS status for longer than this interval, the job execution will fail and switch to the terminal `TIMED_OUT` status.", + "title": "InProgressTimeoutInMinutes", + "type": "number" + } + }, + "required": [ + "InProgressTimeoutInMinutes" + ], + "type": "object" + }, + "AWS::IoT::Logging": { "additionalProperties": false, "properties": { "Condition": { @@ -142318,41 +146944,32 @@ "Properties": { "additionalProperties": false, "properties": { - "DestinationConfig": { - "$ref": "#/definitions/AWS::Lambda::EventInvokeConfig.DestinationConfig", - "markdownDescription": "A destination for events after they have been sent to a function for processing.\n\n**Destinations** - *Function* - The Amazon Resource Name (ARN) of a Lambda function.\n- *Queue* - The ARN of a standard SQS queue.\n- *Bucket* - The ARN of an Amazon S3 bucket.\n- *Topic* - The ARN of a standard SNS topic.\n- *Event Bus* - The ARN of an Amazon EventBridge event bus.\n\n> S3 buckets are supported only for on-failure destinations. To retain records of successful invocations, use another destination type.", - "title": "DestinationConfig" - }, - "FunctionName": { - "markdownDescription": "The name of the Lambda function.\n\n*Minimum* : `1`\n\n*Maximum* : `64`\n\n*Pattern* : `([a-zA-Z0-9-_]+)`", - "title": "FunctionName", + "AccountId": { + "markdownDescription": "The account ID.", + "title": "AccountId", "type": "string" }, - "MaximumEventAgeInSeconds": { - "markdownDescription": "The maximum age of a request that Lambda sends to a function for processing.", - "title": "MaximumEventAgeInSeconds", - "type": "number" - }, - "MaximumRetryAttempts": { - "markdownDescription": "The maximum number of times to retry when the function returns an error.", - "title": "MaximumRetryAttempts", - "type": "number" + "DefaultLogLevel": { + "markdownDescription": "The default log level. Valid Values: `DEBUG | INFO | ERROR | WARN | DISABLED`", + "title": "DefaultLogLevel", + "type": "string" }, - "Qualifier": { - "markdownDescription": "The identifier of a version or alias.\n\n- *Version* - A version number.\n- *Alias* - An alias name.\n- *Latest* - To specify the unpublished version, use `$LATEST` .", - "title": "Qualifier", + "RoleArn": { + "markdownDescription": "The role ARN used for the log.", + "title": "RoleArn", "type": "string" } }, "required": [ - "FunctionName", - "Qualifier" + "AccountId", + "DefaultLogLevel", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lambda::EventInvokeConfig" + "AWS::IoT::Logging" ], "type": "string" }, @@ -142371,51 +146988,7 @@ ], "type": "object" }, - "AWS::Lambda::EventInvokeConfig.DestinationConfig": { - "additionalProperties": false, - "properties": { - "OnFailure": { - "$ref": "#/definitions/AWS::Lambda::EventInvokeConfig.OnFailure", - "markdownDescription": "The destination configuration for failed invocations.\n\n> When using an Amazon SQS queue as a destination, FIFO queues cannot be used.", - "title": "OnFailure" - }, - "OnSuccess": { - "$ref": "#/definitions/AWS::Lambda::EventInvokeConfig.OnSuccess", - "markdownDescription": "The destination configuration for successful invocations.\n\n> When using an Amazon SQS queue as a destination, FIFO queues cannot be used.", - "title": "OnSuccess" - } - }, - "type": "object" - }, - "AWS::Lambda::EventInvokeConfig.OnFailure": { - "additionalProperties": false, - "properties": { - "Destination": { - "markdownDescription": "The Amazon Resource Name (ARN) of the destination resource.\n\nTo retain records of unsuccessful [asynchronous invocations](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-async-destinations) , you can configure an Amazon SNS topic, Amazon SQS queue, Amazon S3 bucket, Lambda function, or Amazon EventBridge event bus as the destination.\n\nTo retain records of failed invocations from [Kinesis](https://docs.aws.amazon.com/lambda/latest/dg/with-kinesis.html) , [DynamoDB](https://docs.aws.amazon.com/lambda/latest/dg/with-ddb.html) , [self-managed Kafka](https://docs.aws.amazon.com/lambda/latest/dg/with-kafka.html#services-smaa-onfailure-destination) or [Amazon MSK](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#services-msk-onfailure-destination) , you can configure an Amazon SNS topic, Amazon SQS queue, or Amazon S3 bucket as the destination.", - "title": "Destination", - "type": "string" - } - }, - "required": [ - "Destination" - ], - "type": "object" - }, - "AWS::Lambda::EventInvokeConfig.OnSuccess": { - "additionalProperties": false, - "properties": { - "Destination": { - "markdownDescription": "The Amazon Resource Name (ARN) of the destination resource.", - "title": "Destination", - "type": "string" - } - }, - "required": [ - "Destination" - ], - "type": "object" - }, - "AWS::Lambda::EventSourceMapping": { + "AWS::IoT::MitigationAction": { "additionalProperties": false, "properties": { "Condition": { @@ -142450,142 +147023,39 @@ "Properties": { "additionalProperties": false, "properties": { - "AmazonManagedKafkaEventSourceConfig": { - "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.AmazonManagedKafkaEventSourceConfig", - "markdownDescription": "Specific configuration settings for an Amazon Managed Streaming for Apache Kafka (Amazon MSK) event source.", - "title": "AmazonManagedKafkaEventSourceConfig" - }, - "BatchSize": { - "markdownDescription": "The maximum number of records in each batch that Lambda pulls from your stream or queue and sends to your function. Lambda passes all of the records in the batch to the function in a single call, up to the payload limit for synchronous invocation (6 MB).\n\n- *Amazon Kinesis* \u2013 Default 100. Max 10,000.\n- *Amazon DynamoDB Streams* \u2013 Default 100. Max 10,000.\n- *Amazon Simple Queue Service* \u2013 Default 10. For standard queues the max is 10,000. For FIFO queues the max is 10.\n- *Amazon Managed Streaming for Apache Kafka* \u2013 Default 100. Max 10,000.\n- *Self-managed Apache Kafka* \u2013 Default 100. Max 10,000.\n- *Amazon MQ (ActiveMQ and RabbitMQ)* \u2013 Default 100. Max 10,000.\n- *DocumentDB* \u2013 Default 100. Max 10,000.", - "title": "BatchSize", - "type": "number" - }, - "BisectBatchOnFunctionError": { - "markdownDescription": "(Kinesis and DynamoDB Streams only) If the function returns an error, split the batch in two and retry. The default value is false.\n\n> When using `BisectBatchOnFunctionError` , check the `BatchSize` parameter in the `OnFailure` destination message's metadata. The `BatchSize` could be greater than 1 since Lambda consolidates failed messages metadata when writing to the `OnFailure` destination.", - "title": "BisectBatchOnFunctionError", - "type": "boolean" - }, - "DestinationConfig": { - "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.DestinationConfig", - "markdownDescription": "(Kinesis, DynamoDB Streams, Amazon MSK, and self-managed Apache Kafka event sources only) A configuration object that specifies the destination of an event after Lambda processes it.", - "title": "DestinationConfig" - }, - "DocumentDBEventSourceConfig": { - "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.DocumentDBEventSourceConfig", - "markdownDescription": "Specific configuration settings for a DocumentDB event source.", - "title": "DocumentDBEventSourceConfig" - }, - "Enabled": { - "markdownDescription": "When true, the event source mapping is active. When false, Lambda pauses polling and invocation.\n\nDefault: True", - "title": "Enabled", - "type": "boolean" - }, - "EventSourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the event source.\n\n- *Amazon Kinesis* \u2013 The ARN of the data stream or a stream consumer.\n- *Amazon DynamoDB Streams* \u2013 The ARN of the stream.\n- *Amazon Simple Queue Service* \u2013 The ARN of the queue.\n- *Amazon Managed Streaming for Apache Kafka* \u2013 The ARN of the cluster or the ARN of the VPC connection (for [cross-account event source mappings](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#msk-multi-vpc) ).\n- *Amazon MQ* \u2013 The ARN of the broker.\n- *Amazon DocumentDB* \u2013 The ARN of the DocumentDB change stream.", - "title": "EventSourceArn", - "type": "string" - }, - "FilterCriteria": { - "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.FilterCriteria", - "markdownDescription": "An object that defines the filter criteria that determine whether Lambda should process an event. For more information, see [Lambda event filtering](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html) .", - "title": "FilterCriteria" - }, - "FunctionName": { - "markdownDescription": "The name or ARN of the Lambda function.\n\n**Name formats** - *Function name* \u2013 `MyFunction` .\n- *Function ARN* \u2013 `arn:aws:lambda:us-west-2:123456789012:function:MyFunction` .\n- *Version or Alias ARN* \u2013 `arn:aws:lambda:us-west-2:123456789012:function:MyFunction:PROD` .\n- *Partial ARN* \u2013 `123456789012:function:MyFunction` .\n\nThe length constraint applies only to the full ARN. If you specify only the function name, it's limited to 64 characters in length.", - "title": "FunctionName", + "ActionName": { + "markdownDescription": "The friendly name of the mitigation action.", + "title": "ActionName", "type": "string" }, - "FunctionResponseTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "(Kinesis, DynamoDB Streams, and SQS) A list of current response type enums applied to the event source mapping.\n\nValid Values: `ReportBatchItemFailures`", - "title": "FunctionResponseTypes", - "type": "array" - }, - "MaximumBatchingWindowInSeconds": { - "markdownDescription": "The maximum amount of time, in seconds, that Lambda spends gathering records before invoking the function.\n\n*Default ( Kinesis , DynamoDB , Amazon SQS event sources)* : 0\n\n*Default ( Amazon MSK , Kafka, Amazon MQ , Amazon DocumentDB event sources)* : 500 ms\n\n*Related setting:* For Amazon SQS event sources, when you set `BatchSize` to a value greater than 10, you must set `MaximumBatchingWindowInSeconds` to at least 1.", - "title": "MaximumBatchingWindowInSeconds", - "type": "number" - }, - "MaximumRecordAgeInSeconds": { - "markdownDescription": "(Kinesis and DynamoDB Streams only) Discard records older than the specified age. The default value is -1,\nwhich sets the maximum age to infinite. When the value is set to infinite, Lambda never discards old records.\n\n> The minimum valid value for maximum record age is 60s. Although values less than 60 and greater than -1 fall within the parameter's absolute range, they are not allowed", - "title": "MaximumRecordAgeInSeconds", - "type": "number" - }, - "MaximumRetryAttempts": { - "markdownDescription": "(Kinesis and DynamoDB Streams only) Discard records after the specified number of retries. The default value is -1,\nwhich sets the maximum number of retries to infinite. When MaximumRetryAttempts is infinite, Lambda retries failed records until the record expires in the event source.", - "title": "MaximumRetryAttempts", - "type": "number" - }, - "ParallelizationFactor": { - "markdownDescription": "(Kinesis and DynamoDB Streams only) The number of batches to process concurrently from each shard. The default value is 1.", - "title": "ParallelizationFactor", - "type": "number" - }, - "Queues": { - "items": { - "type": "string" - }, - "markdownDescription": "(Amazon MQ) The name of the Amazon MQ broker destination queue to consume.", - "title": "Queues", - "type": "array" - }, - "ScalingConfig": { - "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.ScalingConfig", - "markdownDescription": "(Amazon SQS only) The scaling configuration for the event source. For more information, see [Configuring maximum concurrency for Amazon SQS event sources](https://docs.aws.amazon.com/lambda/latest/dg/with-sqs.html#events-sqs-max-concurrency) .", - "title": "ScalingConfig" - }, - "SelfManagedEventSource": { - "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.SelfManagedEventSource", - "markdownDescription": "The self-managed Apache Kafka cluster for your event source.", - "title": "SelfManagedEventSource" - }, - "SelfManagedKafkaEventSourceConfig": { - "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.SelfManagedKafkaEventSourceConfig", - "markdownDescription": "Specific configuration settings for a self-managed Apache Kafka event source.", - "title": "SelfManagedKafkaEventSourceConfig" - }, - "SourceAccessConfigurations": { - "items": { - "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.SourceAccessConfiguration" - }, - "markdownDescription": "An array of the authentication protocol, VPC components, or virtual host to secure and define your event source.", - "title": "SourceAccessConfigurations", - "type": "array" + "ActionParams": { + "$ref": "#/definitions/AWS::IoT::MitigationAction.ActionParams", + "markdownDescription": "The set of parameters for this mitigation action. The parameters vary, depending on the kind of action you apply.", + "title": "ActionParams" }, - "StartingPosition": { - "markdownDescription": "The position in a stream from which to start reading. Required for Amazon Kinesis and Amazon DynamoDB.\n\n- *LATEST* - Read only new records.\n- *TRIM_HORIZON* - Process all available records.\n- *AT_TIMESTAMP* - Specify a time from which to start reading records.", - "title": "StartingPosition", + "RoleArn": { + "markdownDescription": "The IAM role ARN used to apply this mitigation action.", + "title": "RoleArn", "type": "string" }, - "StartingPositionTimestamp": { - "markdownDescription": "With `StartingPosition` set to `AT_TIMESTAMP` , the time from which to start reading, in Unix time seconds. `StartingPositionTimestamp` cannot be in the future.", - "title": "StartingPositionTimestamp", - "type": "number" - }, - "Topics": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The name of the Kafka topic.", - "title": "Topics", + "markdownDescription": "Metadata that can be used to manage the mitigation action.", + "title": "Tags", "type": "array" - }, - "TumblingWindowInSeconds": { - "markdownDescription": "(Kinesis and DynamoDB Streams only) The duration in seconds of a processing window for DynamoDB and Kinesis Streams event sources. A value of 0 seconds indicates no tumbling window.", - "title": "TumblingWindowInSeconds", - "type": "number" } }, "required": [ - "FunctionName" + "ActionParams", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lambda::EventSourceMapping" + "AWS::IoT::MitigationAction" ], "type": "string" }, @@ -142604,230 +147074,226 @@ ], "type": "object" }, - "AWS::Lambda::EventSourceMapping.AmazonManagedKafkaEventSourceConfig": { + "AWS::IoT::MitigationAction.ActionParams": { "additionalProperties": false, "properties": { - "ConsumerGroupId": { - "markdownDescription": "The identifier for the Kafka consumer group to join. The consumer group ID must be unique among all your Kafka event sources. After creating a Kafka event source mapping with the consumer group ID specified, you cannot update this value. For more information, see [Customizable consumer group ID](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#services-msk-consumer-group-id) .", - "title": "ConsumerGroupId", - "type": "string" + "AddThingsToThingGroupParams": { + "$ref": "#/definitions/AWS::IoT::MitigationAction.AddThingsToThingGroupParams", + "markdownDescription": "Specifies the group to which you want to add the devices.", + "title": "AddThingsToThingGroupParams" }, - "SchemaRegistryConfig": { - "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.SchemaRegistryConfig", - "markdownDescription": "Specific configuration settings for a Kafka schema registry.", - "title": "SchemaRegistryConfig" - } - }, - "type": "object" - }, - "AWS::Lambda::EventSourceMapping.DestinationConfig": { - "additionalProperties": false, - "properties": { - "OnFailure": { - "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.OnFailure", - "markdownDescription": "The destination configuration for failed invocations.", - "title": "OnFailure" - } - }, - "type": "object" - }, - "AWS::Lambda::EventSourceMapping.DocumentDBEventSourceConfig": { - "additionalProperties": false, - "properties": { - "CollectionName": { - "markdownDescription": "The name of the collection to consume within the database. If you do not specify a collection, Lambda consumes all collections.", - "title": "CollectionName", - "type": "string" + "EnableIoTLoggingParams": { + "$ref": "#/definitions/AWS::IoT::MitigationAction.EnableIoTLoggingParams", + "markdownDescription": "Specifies the logging level and the role with permissions for logging. You cannot specify a logging level of `DISABLED` .", + "title": "EnableIoTLoggingParams" }, - "DatabaseName": { - "markdownDescription": "The name of the database to consume within the DocumentDB cluster.", - "title": "DatabaseName", - "type": "string" + "PublishFindingToSnsParams": { + "$ref": "#/definitions/AWS::IoT::MitigationAction.PublishFindingToSnsParams", + "markdownDescription": "Specifies the topic to which the finding should be published.", + "title": "PublishFindingToSnsParams" }, - "FullDocument": { - "markdownDescription": "Determines what DocumentDB sends to your event stream during document update operations. If set to UpdateLookup, DocumentDB sends a delta describing the changes, along with a copy of the entire document. Otherwise, DocumentDB sends only a partial document that contains the changes.", - "title": "FullDocument", - "type": "string" + "ReplaceDefaultPolicyVersionParams": { + "$ref": "#/definitions/AWS::IoT::MitigationAction.ReplaceDefaultPolicyVersionParams", + "markdownDescription": "Replaces the policy version with a default or blank policy. You specify the template name. Only a value of `BLANK_POLICY` is currently supported.", + "title": "ReplaceDefaultPolicyVersionParams" + }, + "UpdateCACertificateParams": { + "$ref": "#/definitions/AWS::IoT::MitigationAction.UpdateCACertificateParams", + "markdownDescription": "Specifies the new state for the CA certificate. Only a value of `DEACTIVATE` is currently supported.", + "title": "UpdateCACertificateParams" + }, + "UpdateDeviceCertificateParams": { + "$ref": "#/definitions/AWS::IoT::MitigationAction.UpdateDeviceCertificateParams", + "markdownDescription": "Specifies the new state for a device certificate. Only a value of `DEACTIVATE` is currently supported.", + "title": "UpdateDeviceCertificateParams" } }, "type": "object" }, - "AWS::Lambda::EventSourceMapping.Endpoints": { + "AWS::IoT::MitigationAction.AddThingsToThingGroupParams": { "additionalProperties": false, "properties": { - "KafkaBootstrapServers": { + "OverrideDynamicGroups": { + "markdownDescription": "Specifies if this mitigation action can move the things that triggered the mitigation action even if they are part of one or more dynamic thing groups.", + "title": "OverrideDynamicGroups", + "type": "boolean" + }, + "ThingGroupNames": { "items": { "type": "string" }, - "markdownDescription": "The list of bootstrap servers for your Kafka brokers in the following format: `\"KafkaBootstrapServers\": [\"abc.xyz.com:xxxx\",\"abc2.xyz.com:xxxx\"]` .", - "title": "KafkaBootstrapServers", + "markdownDescription": "The list of groups to which you want to add the things that triggered the mitigation action. You can add a thing to a maximum of 10 groups, but you can't add a thing to more than one group in the same hierarchy.", + "title": "ThingGroupNames", "type": "array" } }, + "required": [ + "ThingGroupNames" + ], "type": "object" }, - "AWS::Lambda::EventSourceMapping.Filter": { + "AWS::IoT::MitigationAction.EnableIoTLoggingParams": { "additionalProperties": false, "properties": { - "Pattern": { - "markdownDescription": "A filter pattern. For more information on the syntax of a filter pattern, see [Filter rule syntax](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html#filtering-syntax) .", - "title": "Pattern", + "LogLevel": { + "markdownDescription": "Specifies the type of information to be logged.", + "title": "LogLevel", + "type": "string" + }, + "RoleArnForLogging": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role used for logging.", + "title": "RoleArnForLogging", "type": "string" } }, + "required": [ + "LogLevel", + "RoleArnForLogging" + ], "type": "object" }, - "AWS::Lambda::EventSourceMapping.FilterCriteria": { + "AWS::IoT::MitigationAction.PublishFindingToSnsParams": { "additionalProperties": false, "properties": { - "Filters": { - "items": { - "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.Filter" - }, - "markdownDescription": "A list of filters.", - "title": "Filters", - "type": "array" + "TopicArn": { + "markdownDescription": "The ARN of the topic to which you want to publish the findings.", + "title": "TopicArn", + "type": "string" } }, + "required": [ + "TopicArn" + ], "type": "object" }, - "AWS::Lambda::EventSourceMapping.OnFailure": { + "AWS::IoT::MitigationAction.ReplaceDefaultPolicyVersionParams": { "additionalProperties": false, "properties": { - "Destination": { - "markdownDescription": "The Amazon Resource Name (ARN) of the destination resource.\n\nTo retain records of unsuccessful [asynchronous invocations](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-async-destinations) , you can configure an Amazon SNS topic, Amazon SQS queue, Amazon S3 bucket, Lambda function, or Amazon EventBridge event bus as the destination.\n\nTo retain records of failed invocations from [Kinesis](https://docs.aws.amazon.com/lambda/latest/dg/with-kinesis.html) , [DynamoDB](https://docs.aws.amazon.com/lambda/latest/dg/with-ddb.html) , [self-managed Kafka](https://docs.aws.amazon.com/lambda/latest/dg/with-kafka.html#services-smaa-onfailure-destination) or [Amazon MSK](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#services-msk-onfailure-destination) , you can configure an Amazon SNS topic, Amazon SQS queue, or Amazon S3 bucket as the destination.", - "title": "Destination", + "TemplateName": { + "markdownDescription": "The name of the template to be applied. The only supported value is `BLANK_POLICY` .", + "title": "TemplateName", "type": "string" } }, + "required": [ + "TemplateName" + ], "type": "object" }, - "AWS::Lambda::EventSourceMapping.ScalingConfig": { + "AWS::IoT::MitigationAction.UpdateCACertificateParams": { "additionalProperties": false, "properties": { - "MaximumConcurrency": { - "markdownDescription": "Limits the number of concurrent instances that the Amazon SQS event source can invoke.", - "title": "MaximumConcurrency", - "type": "number" + "Action": { + "markdownDescription": "The action that you want to apply to the CA certificate. The only supported value is `DEACTIVATE` .", + "title": "Action", + "type": "string" } }, + "required": [ + "Action" + ], "type": "object" }, - "AWS::Lambda::EventSourceMapping.SchemaRegistryAccessConfig": { + "AWS::IoT::MitigationAction.UpdateDeviceCertificateParams": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The type of authentication Lambda uses to access your schema registry.", - "title": "Type", - "type": "string" - }, - "URI": { - "markdownDescription": "The URI of the secret (Secrets Manager secret ARN) to authenticate with your schema registry.", - "title": "URI", + "Action": { + "markdownDescription": "The action that you want to apply to the device certificate. The only supported value is `DEACTIVATE` .", + "title": "Action", "type": "string" } }, + "required": [ + "Action" + ], "type": "object" }, - "AWS::Lambda::EventSourceMapping.SchemaRegistryConfig": { + "AWS::IoT::Policy": { "additionalProperties": false, "properties": { - "AccessConfigs": { - "items": { - "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.SchemaRegistryAccessConfig" - }, - "markdownDescription": "An array of access configuration objects that tell Lambda how to authenticate with your schema registry.", - "title": "AccessConfigs", - "type": "array" - }, - "EventRecordFormat": { - "markdownDescription": "The record format that Lambda delivers to your function after schema validation.", - "title": "EventRecordFormat", + "Condition": { "type": "string" }, - "SchemaRegistryURI": { - "markdownDescription": "The URI for your schema registry. The correct URI format depends on the type of schema registry you're using.", - "title": "SchemaRegistryURI", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SchemaValidationConfigs": { - "items": { - "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.SchemaValidationConfig" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "PolicyDocument": { + "markdownDescription": "The JSON document that describes the policy.", + "title": "PolicyDocument", + "type": "object" + }, + "PolicyName": { + "markdownDescription": "The policy name.", + "title": "PolicyName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "An array of schema validation configuration objects, which tell Lambda the message attributes you want to validate and filter using your schema registry.", - "title": "SchemaValidationConfigs", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Lambda::EventSourceMapping.SchemaValidationConfig": { - "additionalProperties": false, - "properties": { - "Attribute": { - "markdownDescription": "The attribute you want your schema registry to validate and filter for.", - "title": "Attribute", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Lambda::EventSourceMapping.SelfManagedEventSource": { - "additionalProperties": false, - "properties": { - "Endpoints": { - "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.Endpoints", - "markdownDescription": "The list of bootstrap servers for your Kafka brokers in the following format: `\"KafkaBootstrapServers\": [\"abc.xyz.com:xxxx\",\"abc2.xyz.com:xxxx\"]` .", - "title": "Endpoints" - } - }, - "type": "object" - }, - "AWS::Lambda::EventSourceMapping.SelfManagedKafkaEventSourceConfig": { - "additionalProperties": false, - "properties": { - "ConsumerGroupId": { - "markdownDescription": "The identifier for the Kafka consumer group to join. The consumer group ID must be unique among all your Kafka event sources. After creating a Kafka event source mapping with the consumer group ID specified, you cannot update this value. For more information, see [Customizable consumer group ID](https://docs.aws.amazon.com/lambda/latest/dg/with-kafka-process.html#services-smaa-topic-add) .", - "title": "ConsumerGroupId", - "type": "string" + "required": [ + "PolicyDocument" + ], + "type": "object" }, - "SchemaRegistryConfig": { - "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.SchemaRegistryConfig", - "markdownDescription": "Specific configuration settings for a Kafka schema registry.", - "title": "SchemaRegistryConfig" - } - }, - "type": "object" - }, - "AWS::Lambda::EventSourceMapping.SourceAccessConfiguration": { - "additionalProperties": false, - "properties": { "Type": { - "markdownDescription": "The type of authentication protocol, VPC components, or virtual host for your event source. For example: `\"Type\":\"SASL_SCRAM_512_AUTH\"` .\n\n- `BASIC_AUTH` \u2013 (Amazon MQ) The AWS Secrets Manager secret that stores your broker credentials.\n- `BASIC_AUTH` \u2013 (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL/PLAIN authentication of your Apache Kafka brokers.\n- `VPC_SUBNET` \u2013 (Self-managed Apache Kafka) The subnets associated with your VPC. Lambda connects to these subnets to fetch data from your self-managed Apache Kafka cluster.\n- `VPC_SECURITY_GROUP` \u2013 (Self-managed Apache Kafka) The VPC security group used to manage access to your self-managed Apache Kafka brokers.\n- `SASL_SCRAM_256_AUTH` \u2013 (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-256 authentication of your self-managed Apache Kafka brokers.\n- `SASL_SCRAM_512_AUTH` \u2013 (Amazon MSK, Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-512 authentication of your self-managed Apache Kafka brokers.\n- `VIRTUAL_HOST` \u2013- (RabbitMQ) The name of the virtual host in your RabbitMQ broker. Lambda uses this RabbitMQ host as the event source. This property cannot be specified in an UpdateEventSourceMapping API call.\n- `CLIENT_CERTIFICATE_TLS_AUTH` \u2013 (Amazon MSK, self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the certificate chain (X.509 PEM), private key (PKCS#8 PEM), and private key password (optional) used for mutual TLS authentication of your MSK/Apache Kafka brokers.\n- `SERVER_ROOT_CA_CERTIFICATE` \u2013 (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the root CA certificate (X.509 PEM) used for TLS encryption of your Apache Kafka brokers.", - "title": "Type", + "enum": [ + "AWS::IoT::Policy" + ], "type": "string" }, - "URI": { - "markdownDescription": "The value for your chosen configuration in `Type` . For example: `\"URI\": \"arn:aws:secretsmanager:us-east-1:01234567890:secret:MyBrokerSecretName\"` .", - "title": "URI", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::Lambda::Function": { + "AWS::IoT::PolicyPrincipalAttachment": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, - "Connectors": { - "additionalProperties": { - "$ref": "#/definitions/EmbeddedConnector" - }, - "title": "Connectors", - "type": "object" - }, "DeletionPolicy": { "enum": [ "Delete", @@ -142857,153 +147323,132 @@ "Properties": { "additionalProperties": false, "properties": { - "Architectures": { - "items": { - "type": "string" - }, - "markdownDescription": "The instruction set architecture that the function supports. Enter a string array with one of the valid values (arm64 or x86_64). The default value is `x86_64` .", - "title": "Architectures", - "type": "array" - }, - "Code": { - "$ref": "#/definitions/AWS::Lambda::Function.Code", - "markdownDescription": "The code for the function. You can define your function code in multiple ways:\n\n- For .zip deployment packages, you can specify the Amazon S3 location of the .zip file in the `S3Bucket` , `S3Key` , and `S3ObjectVersion` properties.\n- For .zip deployment packages, you can alternatively define the function code inline in the `ZipFile` property. This method works only for Node.js and Python functions.\n- For container images, specify the URI of your container image in the Amazon ECR registry in the `ImageUri` property.", - "title": "Code" - }, - "CodeSigningConfigArn": { - "markdownDescription": "To enable code signing for this function, specify the ARN of a code-signing configuration. A code-signing configuration\nincludes a set of signing profiles, which define the trusted publishers for this function.", - "title": "CodeSigningConfigArn", + "PolicyName": { + "markdownDescription": "The name of the AWS IoT policy.", + "title": "PolicyName", "type": "string" }, - "DeadLetterConfig": { - "$ref": "#/definitions/AWS::Lambda::Function.DeadLetterConfig", - "markdownDescription": "A dead-letter queue configuration that specifies the queue or topic where Lambda sends asynchronous events when they fail processing. For more information, see [Dead-letter queues](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-dlq) .", - "title": "DeadLetterConfig" - }, - "Description": { - "markdownDescription": "A description of the function.", - "title": "Description", + "Principal": { + "markdownDescription": "The principal, which can be a certificate ARN (as returned from the `CreateCertificate` operation) or an Amazon Cognito ID.", + "title": "Principal", "type": "string" - }, - "Environment": { - "$ref": "#/definitions/AWS::Lambda::Function.Environment", - "markdownDescription": "Environment variables that are accessible from function code during execution.", - "title": "Environment" - }, - "EphemeralStorage": { - "$ref": "#/definitions/AWS::Lambda::Function.EphemeralStorage", - "markdownDescription": "The size of the function's `/tmp` directory in MB. The default value is 512, but it can be any whole number between 512 and 10,240 MB.", - "title": "EphemeralStorage" - }, - "FileSystemConfigs": { - "items": { - "$ref": "#/definitions/AWS::Lambda::Function.FileSystemConfig" - }, - "markdownDescription": "Connection settings for an Amazon EFS file system. To connect a function to a file system, a mount target must be available in every Availability Zone that your function connects to. If your template contains an [AWS::EFS::MountTarget](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-efs-mounttarget.html) resource, you must also specify a `DependsOn` attribute to ensure that the mount target is created or updated before the function.\n\nFor more information about using the `DependsOn` attribute, see [DependsOn Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) .", - "title": "FileSystemConfigs", - "type": "array" - }, - "FunctionName": { - "markdownDescription": "The name of the Lambda function, up to 64 characters in length. If you don't specify a name, AWS CloudFormation generates one.\n\nIf you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "FunctionName", - "type": "string" - }, - "Handler": { - "markdownDescription": "The name of the method within your code that Lambda calls to run your function. Handler is required if the deployment package is a .zip file archive. The format includes the file name. It can also include namespaces and other qualifiers, depending on the runtime. For more information, see [Lambda programming model](https://docs.aws.amazon.com/lambda/latest/dg/foundation-progmodel.html) .", - "title": "Handler", - "type": "string" - }, - "ImageConfig": { - "$ref": "#/definitions/AWS::Lambda::Function.ImageConfig", - "markdownDescription": "Configuration values that override the container image Dockerfile settings. For more information, see [Container image settings](https://docs.aws.amazon.com/lambda/latest/dg/images-create.html#images-parms) .", - "title": "ImageConfig" - }, - "KmsKeyArn": { - "markdownDescription": "The ARN of the AWS Key Management Service ( AWS KMS ) customer managed key that's used to encrypt the following resources:\n\n- The function's [environment variables](https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html#configuration-envvars-encryption) .\n- The function's [Lambda SnapStart](https://docs.aws.amazon.com/lambda/latest/dg/snapstart-security.html) snapshots.\n- When used with `SourceKMSKeyArn` , the unzipped version of the .zip deployment package that's used for function invocations. For more information, see [Specifying a customer managed key for Lambda](https://docs.aws.amazon.com/lambda/latest/dg/encrypt-zip-package.html#enable-zip-custom-encryption) .\n- The optimized version of the container image that's used for function invocations. Note that this is not the same key that's used to protect your container image in the Amazon Elastic Container Registry (Amazon ECR). For more information, see [Function lifecycle](https://docs.aws.amazon.com/lambda/latest/dg/images-create.html#images-lifecycle) .\n\nIf you don't provide a customer managed key, Lambda uses an [AWS owned key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-owned-cmk) or an [AWS managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk) .", - "title": "KmsKeyArn", + } + }, + "required": [ + "PolicyName", + "Principal" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IoT::PolicyPrincipalAttachment" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::IoT::ProvisioningTemplate": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, - "Layers": { + { "items": { + "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, - "markdownDescription": "A list of [function layers](https://docs.aws.amazon.com/lambda/latest/dg/configuration-layers.html) to add to the function's execution environment. Specify each layer by its ARN, including the version.", - "title": "Layers", "type": "array" - }, - "LoggingConfig": { - "$ref": "#/definitions/AWS::Lambda::Function.LoggingConfig", - "markdownDescription": "The function's Amazon CloudWatch Logs configuration settings.", - "title": "LoggingConfig" - }, - "MemorySize": { - "markdownDescription": "The amount of [memory available to the function](https://docs.aws.amazon.com/lambda/latest/dg/configuration-function-common.html#configuration-memory-console) at runtime. Increasing the function memory also increases its CPU allocation. The default value is 128 MB. The value can be any multiple of 1 MB. Note that new AWS accounts have reduced concurrency and memory quotas. AWS raises these quotas automatically based on your usage. You can also request a quota increase.", - "title": "MemorySize", - "type": "number" - }, - "PackageType": { - "markdownDescription": "The type of deployment package. Set to `Image` for container image and set `Zip` for .zip file archive.", - "title": "PackageType", + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the fleet provisioning template.", + "title": "Description", "type": "string" }, - "ReservedConcurrentExecutions": { - "markdownDescription": "The number of simultaneous executions to reserve for the function.", - "title": "ReservedConcurrentExecutions", - "type": "number" + "Enabled": { + "markdownDescription": "True to enable the fleet provisioning template, otherwise false.", + "title": "Enabled", + "type": "boolean" }, - "Role": { - "markdownDescription": "The Amazon Resource Name (ARN) of the function's execution role.", - "title": "Role", - "type": "string" + "PreProvisioningHook": { + "$ref": "#/definitions/AWS::IoT::ProvisioningTemplate.ProvisioningHook", + "markdownDescription": "Creates a pre-provisioning hook template.", + "title": "PreProvisioningHook" }, - "Runtime": { - "markdownDescription": "The identifier of the function's [runtime](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html) . Runtime is required if the deployment package is a .zip file archive. Specifying a runtime results in an error if you're deploying a function using a container image.\n\nThe following list includes deprecated runtimes. Lambda blocks creating new functions and updating existing functions shortly after each runtime is deprecated. For more information, see [Runtime use after deprecation](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html#runtime-deprecation-levels) .\n\nFor a list of all currently supported runtimes, see [Supported runtimes](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html#runtimes-supported) .", - "title": "Runtime", + "ProvisioningRoleArn": { + "markdownDescription": "The role ARN for the role associated with the fleet provisioning template. This IoT role grants permission to provision a device.", + "title": "ProvisioningRoleArn", "type": "string" }, - "RuntimeManagementConfig": { - "$ref": "#/definitions/AWS::Lambda::Function.RuntimeManagementConfig", - "markdownDescription": "Sets the runtime management configuration for a function's version. For more information, see [Runtime updates](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html) .", - "title": "RuntimeManagementConfig" - }, - "SnapStart": { - "$ref": "#/definitions/AWS::Lambda::Function.SnapStart", - "markdownDescription": "The function's [AWS Lambda SnapStart](https://docs.aws.amazon.com/lambda/latest/dg/snapstart.html) setting.", - "title": "SnapStart" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of [tags](https://docs.aws.amazon.com/lambda/latest/dg/tagging.html) to apply to the function.\n\n> You must have the `lambda:TagResource` , `lambda:UntagResource` , and `lambda:ListTags` permissions for your [IAM principal](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html) to manage the AWS CloudFormation stack. If you don't have these permissions, there might be unexpected behavior with stack-level tags propagating to the resource during resource creation and update.", + "markdownDescription": "Metadata that can be used to manage the fleet provisioning template.", "title": "Tags", "type": "array" }, - "Timeout": { - "markdownDescription": "The amount of time (in seconds) that Lambda allows a function to run before stopping it. The default is 3 seconds. The maximum allowed value is 900 seconds. For more information, see [Lambda execution environment](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-context.html) .", - "title": "Timeout", - "type": "number" + "TemplateBody": { + "markdownDescription": "The JSON formatted contents of the fleet provisioning template version.", + "title": "TemplateBody", + "type": "string" }, - "TracingConfig": { - "$ref": "#/definitions/AWS::Lambda::Function.TracingConfig", - "markdownDescription": "Set `Mode` to `Active` to sample and trace a subset of incoming requests with [X-Ray](https://docs.aws.amazon.com/lambda/latest/dg/services-xray.html) .", - "title": "TracingConfig" + "TemplateName": { + "markdownDescription": "The name of the fleet provisioning template.", + "title": "TemplateName", + "type": "string" }, - "VpcConfig": { - "$ref": "#/definitions/AWS::Lambda::Function.VpcConfig", - "markdownDescription": "For network connectivity to AWS resources in a VPC, specify a list of security groups and subnets in the VPC. When you connect a function to a VPC, it can access resources and the internet only through that VPC. For more information, see [Configuring a Lambda function to access resources in a VPC](https://docs.aws.amazon.com/lambda/latest/dg/configuration-vpc.html) .", - "title": "VpcConfig" + "TemplateType": { + "markdownDescription": "The type of the provisioning template.", + "title": "TemplateType", + "type": "string" } }, "required": [ - "Code", - "Role" + "ProvisioningRoleArn", + "TemplateBody" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lambda::Function" + "AWS::IoT::ProvisioningTemplate" ], "type": "string" }, @@ -143022,240 +147467,23 @@ ], "type": "object" }, - "AWS::Lambda::Function.Code": { + "AWS::IoT::ProvisioningTemplate.ProvisioningHook": { "additionalProperties": false, "properties": { - "ImageUri": { - "markdownDescription": "URI of a [container image](https://docs.aws.amazon.com/lambda/latest/dg/lambda-images.html) in the Amazon ECR registry.", - "title": "ImageUri", - "type": "string" - }, - "S3Bucket": { - "markdownDescription": "An Amazon S3 bucket in the same AWS Region as your function. The bucket can be in a different AWS account .", - "title": "S3Bucket", - "type": "string" - }, - "S3Key": { - "markdownDescription": "The Amazon S3 key of the deployment package.", - "title": "S3Key", - "type": "string" - }, - "S3ObjectVersion": { - "markdownDescription": "For versioned objects, the version of the deployment package object to use.", - "title": "S3ObjectVersion", + "PayloadVersion": { + "markdownDescription": "The payload that was sent to the target function. The valid payload is `\"2020-04-01\"` .", + "title": "PayloadVersion", "type": "string" }, - "ZipFile": { - "markdownDescription": "(Node.js and Python) The source code of your Lambda function. If you include your function source inline with this parameter, AWS CloudFormation places it in a file named `index` and zips it to create a [deployment package](https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-package.html) . This zip file cannot exceed 4MB. For the `Handler` property, the first part of the handler identifier must be `index` . For example, `index.handler` .\n\n> When you specify source code inline for a Node.js function, the `index` file that AWS CloudFormation creates uses the extension `.js` . This means that Lambda treats the file as a CommonJS module. ES modules aren't supported for inline functions. \n\nFor JSON, you must escape quotes and special characters such as newline ( `\\n` ) with a backslash.\n\nIf you specify a function that interacts with an AWS CloudFormation custom resource, you don't have to write your own functions to send responses to the custom resource that invoked the function. AWS CloudFormation provides a response module ( [cfn-response](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cfn-lambda-function-code-cfnresponsemodule.html) ) that simplifies sending responses. See [Using AWS Lambda with AWS CloudFormation](https://docs.aws.amazon.com/lambda/latest/dg/services-cloudformation.html) for details.", - "title": "ZipFile", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Lambda::Function.DeadLetterConfig": { - "additionalProperties": false, - "properties": { "TargetArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an Amazon SQS queue or Amazon SNS topic.", + "markdownDescription": "The ARN of the target function.", "title": "TargetArn", "type": "string" } }, "type": "object" }, - "AWS::Lambda::Function.Environment": { - "additionalProperties": false, - "properties": { - "Variables": { - "additionalProperties": true, - "markdownDescription": "Environment variable key-value pairs. For more information, see [Using Lambda environment variables](https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html) .\n\nIf the value of the environment variable is a time or a duration, enclose the value in quotes.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Variables", - "type": "object" - } - }, - "type": "object" - }, - "AWS::Lambda::Function.EphemeralStorage": { - "additionalProperties": false, - "properties": { - "Size": { - "markdownDescription": "The size of the function's `/tmp` directory.", - "title": "Size", - "type": "number" - } - }, - "required": [ - "Size" - ], - "type": "object" - }, - "AWS::Lambda::Function.FileSystemConfig": { - "additionalProperties": false, - "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon EFS access point that provides access to the file system.", - "title": "Arn", - "type": "string" - }, - "LocalMountPath": { - "markdownDescription": "The path where the function can access the file system, starting with `/mnt/` .", - "title": "LocalMountPath", - "type": "string" - } - }, - "required": [ - "Arn", - "LocalMountPath" - ], - "type": "object" - }, - "AWS::Lambda::Function.ImageConfig": { - "additionalProperties": false, - "properties": { - "Command": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies parameters that you want to pass in with ENTRYPOINT. You can specify a maximum of 1,500 parameters in the list.", - "title": "Command", - "type": "array" - }, - "EntryPoint": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the entry point to their application, which is typically the location of the runtime executable. You can specify a maximum of 1,500 string entries in the list.", - "title": "EntryPoint", - "type": "array" - }, - "WorkingDirectory": { - "markdownDescription": "Specifies the working directory. The length of the directory string cannot exceed 1,000 characters.", - "title": "WorkingDirectory", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Lambda::Function.LoggingConfig": { - "additionalProperties": false, - "properties": { - "ApplicationLogLevel": { - "markdownDescription": "Set this property to filter the application logs for your function that Lambda sends to CloudWatch. Lambda only sends application logs at the selected level of detail and lower, where `TRACE` is the highest level and `FATAL` is the lowest.", - "title": "ApplicationLogLevel", - "type": "string" - }, - "LogFormat": { - "markdownDescription": "The format in which Lambda sends your function's application and system logs to CloudWatch. Select between plain text and structured JSON.", - "title": "LogFormat", - "type": "string" - }, - "LogGroup": { - "markdownDescription": "The name of the Amazon CloudWatch log group the function sends logs to. By default, Lambda functions send logs to a default log group named `/aws/lambda/` . To use a different log group, enter an existing log group or enter a new log group name.", - "title": "LogGroup", - "type": "string" - }, - "SystemLogLevel": { - "markdownDescription": "Set this property to filter the system logs for your function that Lambda sends to CloudWatch. Lambda only sends system logs at the selected level of detail and lower, where `DEBUG` is the highest level and `WARN` is the lowest.", - "title": "SystemLogLevel", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Lambda::Function.RuntimeManagementConfig": { - "additionalProperties": false, - "properties": { - "RuntimeVersionArn": { - "markdownDescription": "The ARN of the runtime version you want the function to use.\n\n> This is only required if you're using the *Manual* runtime update mode.", - "title": "RuntimeVersionArn", - "type": "string" - }, - "UpdateRuntimeOn": { - "markdownDescription": "Specify the runtime update mode.\n\n- *Auto (default)* - Automatically update to the most recent and secure runtime version using a [Two-phase runtime version rollout](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html#runtime-management-two-phase) . This is the best choice for most customers to ensure they always benefit from runtime updates.\n- *FunctionUpdate* - Lambda updates the runtime of you function to the most recent and secure runtime version when you update your function. This approach synchronizes runtime updates with function deployments, giving you control over when runtime updates are applied and allowing you to detect and mitigate rare runtime update incompatibilities early. When using this setting, you need to regularly update your functions to keep their runtime up-to-date.\n- *Manual* - You specify a runtime version in your function configuration. The function will use this runtime version indefinitely. In the rare case where a new runtime version is incompatible with an existing function, this allows you to roll back your function to an earlier runtime version. For more information, see [Roll back a runtime version](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html#runtime-management-rollback) .\n\n*Valid Values* : `Auto` | `FunctionUpdate` | `Manual`", - "title": "UpdateRuntimeOn", - "type": "string" - } - }, - "required": [ - "UpdateRuntimeOn" - ], - "type": "object" - }, - "AWS::Lambda::Function.SnapStart": { - "additionalProperties": false, - "properties": { - "ApplyOn": { - "markdownDescription": "Set `ApplyOn` to `PublishedVersions` to create a snapshot of the initialized execution environment when you publish a function version.", - "title": "ApplyOn", - "type": "string" - } - }, - "required": [ - "ApplyOn" - ], - "type": "object" - }, - "AWS::Lambda::Function.SnapStartResponse": { - "additionalProperties": false, - "properties": { - "ApplyOn": { - "markdownDescription": "When set to `PublishedVersions` , Lambda creates a snapshot of the execution environment when you publish a function version.", - "title": "ApplyOn", - "type": "string" - }, - "OptimizationStatus": { - "markdownDescription": "When you provide a [qualified Amazon Resource Name (ARN)](https://docs.aws.amazon.com/lambda/latest/dg/configuration-versions.html#versioning-versions-using) , this response element indicates whether SnapStart is activated for the specified function version.", - "title": "OptimizationStatus", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Lambda::Function.TracingConfig": { - "additionalProperties": false, - "properties": { - "Mode": { - "markdownDescription": "The tracing mode.", - "title": "Mode", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Lambda::Function.VpcConfig": { - "additionalProperties": false, - "properties": { - "Ipv6AllowedForDualStack": { - "markdownDescription": "Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.", - "title": "Ipv6AllowedForDualStack", - "type": "boolean" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of VPC security group IDs.", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of VPC subnet IDs.", - "title": "SubnetIds", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Lambda::LayerVersion": { + "AWS::IoT::ResourceSpecificLogging": { "additionalProperties": false, "properties": { "Condition": { @@ -143290,51 +147518,32 @@ "Properties": { "additionalProperties": false, "properties": { - "CompatibleArchitectures": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of compatible [instruction set architectures](https://docs.aws.amazon.com/lambda/latest/dg/foundation-arch.html) .", - "title": "CompatibleArchitectures", - "type": "array" - }, - "CompatibleRuntimes": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of compatible [function runtimes](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html) . Used for filtering with [ListLayers](https://docs.aws.amazon.com/lambda/latest/dg/API_ListLayers.html) and [ListLayerVersions](https://docs.aws.amazon.com/lambda/latest/dg/API_ListLayerVersions.html) .", - "title": "CompatibleRuntimes", - "type": "array" - }, - "Content": { - "$ref": "#/definitions/AWS::Lambda::LayerVersion.Content", - "markdownDescription": "The function layer archive.", - "title": "Content" - }, - "Description": { - "markdownDescription": "The description of the version.", - "title": "Description", + "LogLevel": { + "markdownDescription": "The default log level.Valid Values: `DEBUG | INFO | ERROR | WARN | DISABLED`", + "title": "LogLevel", "type": "string" }, - "LayerName": { - "markdownDescription": "The name or Amazon Resource Name (ARN) of the layer.", - "title": "LayerName", + "TargetName": { + "markdownDescription": "The target name.", + "title": "TargetName", "type": "string" }, - "LicenseInfo": { - "markdownDescription": "The layer's software license. It can be any of the following:\n\n- An [SPDX license identifier](https://docs.aws.amazon.com/https://spdx.org/licenses/) . For example, `MIT` .\n- The URL of a license hosted on the internet. For example, `https://opensource.org/licenses/MIT` .\n- The full text of the license.", - "title": "LicenseInfo", + "TargetType": { + "markdownDescription": "The target type. Valid Values: `DEFAULT | THING_GROUP`", + "title": "TargetType", "type": "string" } }, "required": [ - "Content" + "LogLevel", + "TargetName", + "TargetType" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lambda::LayerVersion" + "AWS::IoT::ResourceSpecificLogging" ], "type": "string" }, @@ -143353,32 +147562,7 @@ ], "type": "object" }, - "AWS::Lambda::LayerVersion.Content": { - "additionalProperties": false, - "properties": { - "S3Bucket": { - "markdownDescription": "The Amazon S3 bucket of the layer archive.", - "title": "S3Bucket", - "type": "string" - }, - "S3Key": { - "markdownDescription": "The Amazon S3 key of the layer archive.", - "title": "S3Key", - "type": "string" - }, - "S3ObjectVersion": { - "markdownDescription": "For versioned objects, the version of the layer archive object to use.", - "title": "S3ObjectVersion", - "type": "string" - } - }, - "required": [ - "S3Bucket", - "S3Key" - ], - "type": "object" - }, - "AWS::Lambda::LayerVersionPermission": { + "AWS::IoT::RoleAlias": { "additionalProperties": false, "properties": { "Condition": { @@ -143413,37 +147597,38 @@ "Properties": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The API action that grants access to the layer. For example, `lambda:GetLayerVersion` .", - "title": "Action", - "type": "string" + "CredentialDurationSeconds": { + "markdownDescription": "The number of seconds for which the credential is valid.", + "title": "CredentialDurationSeconds", + "type": "number" }, - "LayerVersionArn": { - "markdownDescription": "The name or Amazon Resource Name (ARN) of the layer.", - "title": "LayerVersionArn", + "RoleAlias": { + "markdownDescription": "The role alias.", + "title": "RoleAlias", "type": "string" }, - "OrganizationId": { - "markdownDescription": "With the principal set to `*` , grant permission to all accounts in the specified organization.", - "title": "OrganizationId", + "RoleArn": { + "markdownDescription": "The role ARN.", + "title": "RoleArn", "type": "string" }, - "Principal": { - "markdownDescription": "An account ID, or `*` to grant layer usage permission to all accounts in an organization, or all AWS accounts (if `organizationId` is not specified). For the last case, make sure that you really do want all AWS accounts to have usage permission to this layer.", - "title": "Principal", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, "required": [ - "Action", - "LayerVersionArn", - "Principal" + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lambda::LayerVersionPermission" + "AWS::IoT::RoleAlias" ], "type": "string" }, @@ -143462,7 +147647,7 @@ ], "type": "object" }, - "AWS::Lambda::Permission": { + "AWS::IoT::ScheduledAudit": { "additionalProperties": false, "properties": { "Condition": { @@ -143497,57 +147682,52 @@ "Properties": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The action that the principal can use on the function. For example, `lambda:InvokeFunction` or `lambda:GetFunction` .", - "title": "Action", - "type": "string" - }, - "EventSourceToken": { - "markdownDescription": "For Alexa Smart Home functions, a token that the invoker must supply.", - "title": "EventSourceToken", - "type": "string" - }, - "FunctionName": { - "markdownDescription": "The name or ARN of the Lambda function, version, or alias.\n\n**Name formats** - *Function name* \u2013 `my-function` (name-only), `my-function:v1` (with alias).\n- *Function ARN* \u2013 `arn:aws:lambda:us-west-2:123456789012:function:my-function` .\n- *Partial ARN* \u2013 `123456789012:function:my-function` .\n\nYou can append a version number or alias to any of the formats. The length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length.", - "title": "FunctionName", + "DayOfMonth": { + "markdownDescription": "The day of the month on which the scheduled audit is run (if the `frequency` is \"MONTHLY\"). If days 29-31 are specified, and the month does not have that many days, the audit takes place on the \"LAST\" day of the month.", + "title": "DayOfMonth", "type": "string" }, - "FunctionUrlAuthType": { - "markdownDescription": "The type of authentication that your function URL uses. Set to `AWS_IAM` if you want to restrict access to authenticated users only. Set to `NONE` if you want to bypass IAM authentication to create a public endpoint. For more information, see [Security and auth model for Lambda function URLs](https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html) .", - "title": "FunctionUrlAuthType", + "DayOfWeek": { + "markdownDescription": "The day of the week on which the scheduled audit is run (if the `frequency` is \"WEEKLY\" or \"BIWEEKLY\").", + "title": "DayOfWeek", "type": "string" }, - "Principal": { - "markdownDescription": "The AWS service , AWS account , IAM user, or IAM role that invokes the function. If you specify a service, use `SourceArn` or `SourceAccount` to limit who can invoke the function through that service.", - "title": "Principal", + "Frequency": { + "markdownDescription": "How often the scheduled audit occurs.", + "title": "Frequency", "type": "string" }, - "PrincipalOrgID": { - "markdownDescription": "The identifier for your organization in AWS Organizations . Use this to grant permissions to all the AWS accounts under this organization.", - "title": "PrincipalOrgID", + "ScheduledAuditName": { + "markdownDescription": "The name of the scheduled audit.", + "title": "ScheduledAuditName", "type": "string" }, - "SourceAccount": { - "markdownDescription": "For AWS service , the ID of the AWS account that owns the resource. Use this together with `SourceArn` to ensure that the specified account owns the resource. It is possible for an Amazon S3 bucket to be deleted by its owner and recreated by another account.", - "title": "SourceAccount", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata that can be used to manage the scheduled audit.", + "title": "Tags", + "type": "array" }, - "SourceArn": { - "markdownDescription": "For AWS services , the ARN of the AWS resource that invokes the function. For example, an Amazon S3 bucket or Amazon SNS topic.\n\nNote that Lambda configures the comparison using the `StringLike` operator.", - "title": "SourceArn", - "type": "string" + "TargetCheckNames": { + "items": { + "type": "string" + }, + "markdownDescription": "Which checks are performed during the scheduled audit. Checks must be enabled for your account. (Use `DescribeAccountAuditConfiguration` to see the list of all checks, including those that are enabled or use `UpdateAccountAuditConfiguration` to select which checks are enabled.)\n\nThe following checks are currently available:\n\n- `AUTHENTICATED_COGNITO_ROLE_OVERLY_PERMISSIVE_CHECK`\n- `CA_CERTIFICATE_EXPIRING_CHECK`\n- `CA_CERTIFICATE_KEY_QUALITY_CHECK`\n- `CONFLICTING_CLIENT_IDS_CHECK`\n- `DEVICE_CERTIFICATE_EXPIRING_CHECK`\n- `DEVICE_CERTIFICATE_KEY_QUALITY_CHECK`\n- `DEVICE_CERTIFICATE_SHARED_CHECK`\n- `IOT_POLICY_OVERLY_PERMISSIVE_CHECK`\n- `IOT_ROLE_ALIAS_ALLOWS_ACCESS_TO_UNUSED_SERVICES_CHECK`\n- `IOT_ROLE_ALIAS_OVERLY_PERMISSIVE_CHECK`\n- `LOGGING_DISABLED_CHECK`\n- `REVOKED_CA_CERTIFICATE_STILL_ACTIVE_CHECK`\n- `REVOKED_DEVICE_CERTIFICATE_STILL_ACTIVE_CHECK`\n- `UNAUTHENTICATED_COGNITO_ROLE_OVERLY_PERMISSIVE_CHECK`", + "title": "TargetCheckNames", + "type": "array" } }, "required": [ - "Action", - "FunctionName", - "Principal" + "Frequency", + "TargetCheckNames" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lambda::Permission" + "AWS::IoT::ScheduledAudit" ], "type": "string" }, @@ -143566,7 +147746,7 @@ ], "type": "object" }, - "AWS::Lambda::Url": { + "AWS::IoT::SecurityProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -143601,41 +147781,70 @@ "Properties": { "additionalProperties": false, "properties": { - "AuthType": { - "markdownDescription": "The type of authentication that your function URL uses. Set to `AWS_IAM` if you want to restrict access to authenticated users only. Set to `NONE` if you want to bypass IAM authentication to create a public endpoint. For more information, see [Security and auth model for Lambda function URLs](https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html) .", - "title": "AuthType", - "type": "string" + "AdditionalMetricsToRetainV2": { + "items": { + "$ref": "#/definitions/AWS::IoT::SecurityProfile.MetricToRetain" + }, + "markdownDescription": "A list of metrics whose data is retained (stored). By default, data is retained for any metric used in the profile's `behaviors` , but it's also retained for any metric specified here. Can be used with custom metrics; can't be used with dimensions.", + "title": "AdditionalMetricsToRetainV2", + "type": "array" }, - "Cors": { - "$ref": "#/definitions/AWS::Lambda::Url.Cors", - "markdownDescription": "The [Cross-Origin Resource Sharing (CORS)](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) settings for your function URL.", - "title": "Cors" + "AlertTargets": { + "additionalProperties": false, + "markdownDescription": "Specifies the destinations to which alerts are sent. (Alerts are always sent to the console.) Alerts are generated when a device (thing) violates a behavior.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoT::SecurityProfile.AlertTarget" + } + }, + "title": "AlertTargets", + "type": "object" }, - "InvokeMode": { - "markdownDescription": "Use one of the following options:\n\n- `BUFFERED` \u2013 This is the default option. Lambda invokes your function using the `Invoke` API operation. Invocation results are available when the payload is complete. The maximum payload size is 6 MB.\n- `RESPONSE_STREAM` \u2013 Your function streams payload results as they become available. Lambda invokes your function using the `InvokeWithResponseStream` API operation. The maximum response payload size is 20 MB, however, you can [request a quota increase](https://docs.aws.amazon.com/servicequotas/latest/userguide/request-quota-increase.html) .", - "title": "InvokeMode", - "type": "string" + "Behaviors": { + "items": { + "$ref": "#/definitions/AWS::IoT::SecurityProfile.Behavior" + }, + "markdownDescription": "Specifies the behaviors that, when violated by a device (thing), cause an alert.", + "title": "Behaviors", + "type": "array" }, - "Qualifier": { - "markdownDescription": "The alias name.", - "title": "Qualifier", + "MetricsExportConfig": { + "$ref": "#/definitions/AWS::IoT::SecurityProfile.MetricsExportConfig", + "markdownDescription": "Specifies the MQTT topic and role ARN required for metric export.", + "title": "MetricsExportConfig" + }, + "SecurityProfileDescription": { + "markdownDescription": "A description of the security profile.", + "title": "SecurityProfileDescription", "type": "string" }, - "TargetFunctionArn": { - "markdownDescription": "The name of the Lambda function.\n\n**Name formats** - *Function name* - `my-function` .\n- *Function ARN* - `lambda: : :function:my-function` .\n- *Partial ARN* - `:function:my-function` .\n\nThe length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length.", - "title": "TargetFunctionArn", + "SecurityProfileName": { + "markdownDescription": "The name you gave to the security profile.", + "title": "SecurityProfileName", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata that can be used to manage the security profile.", + "title": "Tags", + "type": "array" + }, + "TargetArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The ARN of the target (thing group) to which the security profile is attached.", + "title": "TargetArns", + "type": "array" } }, - "required": [ - "AuthType", - "TargetFunctionArn" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Lambda::Url" + "AWS::IoT::SecurityProfile" ], "type": "string" }, @@ -143649,60 +147858,244 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Lambda::Url.Cors": { + "AWS::IoT::SecurityProfile.AlertTarget": { "additionalProperties": false, "properties": { - "AllowCredentials": { - "markdownDescription": "Whether you want to allow cookies or other credentials in requests to your function URL. The default is `false` .", - "title": "AllowCredentials", + "AlertTargetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the notification target to which alerts are sent.", + "title": "AlertTargetArn", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the role that grants permission to send alerts to the notification target.", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "AlertTargetArn", + "RoleArn" + ], + "type": "object" + }, + "AWS::IoT::SecurityProfile.Behavior": { + "additionalProperties": false, + "properties": { + "Criteria": { + "$ref": "#/definitions/AWS::IoT::SecurityProfile.BehaviorCriteria", + "markdownDescription": "The criteria that determine if a device is behaving normally in regard to the `metric` .\n\n> In the AWS IoT console, you can choose to be sent an alert through Amazon SNS when AWS IoT Device Defender detects that a device is behaving anomalously.", + "title": "Criteria" + }, + "ExportMetric": { + "markdownDescription": "Value indicates exporting metrics related to the behavior when it is true.", + "title": "ExportMetric", "type": "boolean" }, - "AllowHeaders": { + "Metric": { + "markdownDescription": "What is measured by the behavior.", + "title": "Metric", + "type": "string" + }, + "MetricDimension": { + "$ref": "#/definitions/AWS::IoT::SecurityProfile.MetricDimension", + "markdownDescription": "The dimension of the metric.", + "title": "MetricDimension" + }, + "Name": { + "markdownDescription": "The name you've given to the behavior.", + "title": "Name", + "type": "string" + }, + "SuppressAlerts": { + "markdownDescription": "The alert status. If you set the value to `true` , alerts will be suppressed.", + "title": "SuppressAlerts", + "type": "boolean" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::IoT::SecurityProfile.BehaviorCriteria": { + "additionalProperties": false, + "properties": { + "ComparisonOperator": { + "markdownDescription": "The operator that relates the thing measured ( `metric` ) to the criteria (containing a `value` or `statisticalThreshold` ). Valid operators include:\n\n- `string-list` : `in-set` and `not-in-set`\n- `number-list` : `in-set` and `not-in-set`\n- `ip-address-list` : `in-cidr-set` and `not-in-cidr-set`\n- `number` : `less-than` , `less-than-equals` , `greater-than` , and `greater-than-equals`", + "title": "ComparisonOperator", + "type": "string" + }, + "ConsecutiveDatapointsToAlarm": { + "markdownDescription": "If a device is in violation of the behavior for the specified number of consecutive datapoints, an alarm occurs. If not specified, the default is 1.", + "title": "ConsecutiveDatapointsToAlarm", + "type": "number" + }, + "ConsecutiveDatapointsToClear": { + "markdownDescription": "If an alarm has occurred and the offending device is no longer in violation of the behavior for the specified number of consecutive datapoints, the alarm is cleared. If not specified, the default is 1.", + "title": "ConsecutiveDatapointsToClear", + "type": "number" + }, + "DurationSeconds": { + "markdownDescription": "Use this to specify the time duration over which the behavior is evaluated, for those criteria that have a time dimension (for example, `NUM_MESSAGES_SENT` ). For a `statisticalThreshhold` metric comparison, measurements from all devices are accumulated over this time duration before being used to calculate percentiles, and later, measurements from an individual device are also accumulated over this time duration before being given a percentile rank. Cannot be used with list-based metric datatypes.", + "title": "DurationSeconds", + "type": "number" + }, + "MlDetectionConfig": { + "$ref": "#/definitions/AWS::IoT::SecurityProfile.MachineLearningDetectionConfig", + "markdownDescription": "The confidence level of the detection model.", + "title": "MlDetectionConfig" + }, + "StatisticalThreshold": { + "$ref": "#/definitions/AWS::IoT::SecurityProfile.StatisticalThreshold", + "markdownDescription": "A statistical ranking (percentile)that indicates a threshold value by which a behavior is determined to be in compliance or in violation of the behavior.", + "title": "StatisticalThreshold" + }, + "Value": { + "$ref": "#/definitions/AWS::IoT::SecurityProfile.MetricValue", + "markdownDescription": "The value to be compared with the `metric` .", + "title": "Value" + } + }, + "type": "object" + }, + "AWS::IoT::SecurityProfile.MachineLearningDetectionConfig": { + "additionalProperties": false, + "properties": { + "ConfidenceLevel": { + "markdownDescription": "The model confidence level.\n\nThere are three levels of confidence, `\"high\"` , `\"medium\"` , and `\"low\"` .\n\nThe higher the confidence level, the lower the sensitivity, and the lower the alarm frequency will be.", + "title": "ConfidenceLevel", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoT::SecurityProfile.MetricDimension": { + "additionalProperties": false, + "properties": { + "DimensionName": { + "markdownDescription": "The name of the dimension.", + "title": "DimensionName", + "type": "string" + }, + "Operator": { + "markdownDescription": "Operators are constructs that perform logical operations. Valid values are `IN` and `NOT_IN` .", + "title": "Operator", + "type": "string" + } + }, + "required": [ + "DimensionName" + ], + "type": "object" + }, + "AWS::IoT::SecurityProfile.MetricToRetain": { + "additionalProperties": false, + "properties": { + "ExportMetric": { + "markdownDescription": "The value indicates exporting metrics related to the `MetricToRetain` when it's true.", + "title": "ExportMetric", + "type": "boolean" + }, + "Metric": { + "markdownDescription": "A standard of measurement.", + "title": "Metric", + "type": "string" + }, + "MetricDimension": { + "$ref": "#/definitions/AWS::IoT::SecurityProfile.MetricDimension", + "markdownDescription": "The dimension of the metric.", + "title": "MetricDimension" + } + }, + "required": [ + "Metric" + ], + "type": "object" + }, + "AWS::IoT::SecurityProfile.MetricValue": { + "additionalProperties": false, + "properties": { + "Cidrs": { "items": { "type": "string" }, - "markdownDescription": "The HTTP headers that origins can include in requests to your function URL. For example: `Date` , `Keep-Alive` , `X-Custom-Header` .", - "title": "AllowHeaders", + "markdownDescription": "If the `comparisonOperator` calls for a set of CIDRs, use this to specify that set to be compared with the `metric` .", + "title": "Cidrs", "type": "array" }, - "AllowMethods": { + "Count": { + "markdownDescription": "If the `comparisonOperator` calls for a numeric value, use this to specify that numeric value to be compared with the `metric` .", + "title": "Count", + "type": "string" + }, + "Number": { + "markdownDescription": "The numeric values of a metric.", + "title": "Number", + "type": "number" + }, + "Numbers": { "items": { - "type": "string" + "type": "number" }, - "markdownDescription": "The HTTP methods that are allowed when calling your function URL. For example: `GET` , `POST` , `DELETE` , or the wildcard character ( `*` ).", - "title": "AllowMethods", + "markdownDescription": "The numeric value of a metric.", + "title": "Numbers", "type": "array" }, - "AllowOrigins": { + "Ports": { "items": { - "type": "string" + "type": "number" }, - "markdownDescription": "The origins that can access your function URL. You can list any number of specific origins, separated by a comma. For example: `https://www.example.com` , `http://localhost:60905` .\n\nAlternatively, you can grant access to all origins with the wildcard character ( `*` ).", - "title": "AllowOrigins", + "markdownDescription": "If the `comparisonOperator` calls for a set of ports, use this to specify that set to be compared with the `metric` .", + "title": "Ports", "type": "array" }, - "ExposeHeaders": { + "Strings": { "items": { "type": "string" }, - "markdownDescription": "The HTTP headers in your function response that you want to expose to origins that call your function URL. For example: `Date` , `Keep-Alive` , `X-Custom-Header` .", - "title": "ExposeHeaders", + "markdownDescription": "The string values of a metric.", + "title": "Strings", "type": "array" + } + }, + "type": "object" + }, + "AWS::IoT::SecurityProfile.MetricsExportConfig": { + "additionalProperties": false, + "properties": { + "MqttTopic": { + "markdownDescription": "The MQTT topic that Device Defender Detect should publish messages to for metrics export.", + "title": "MqttTopic", + "type": "string" }, - "MaxAge": { - "markdownDescription": "The maximum amount of time, in seconds, that browsers can cache results of a preflight request. By default, this is set to `0` , which means the browser will not cache results.", - "title": "MaxAge", - "type": "number" + "RoleArn": { + "markdownDescription": "This role ARN has permission to publish MQTT messages, after which Device Defender Detect can assume the role and publish messages on your behalf.", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "MqttTopic", + "RoleArn" + ], + "type": "object" + }, + "AWS::IoT::SecurityProfile.StatisticalThreshold": { + "additionalProperties": false, + "properties": { + "Statistic": { + "markdownDescription": "The percentile that resolves to a threshold value by which compliance with a behavior is determined. Metrics are collected over the specified period ( `durationSeconds` ) from all reporting devices in your account and statistical ranks are calculated. Then, the measurements from a device are collected over the same period. If the accumulated measurements from the device fall above or below ( `comparisonOperator` ) the value associated with the percentile specified, then the device is considered to be in compliance with the behavior, otherwise a violation occurs.", + "title": "Statistic", + "type": "string" } }, "type": "object" }, - "AWS::Lambda::Version": { + "AWS::IoT::SoftwarePackage": { "additionalProperties": false, "properties": { "Condition": { @@ -143737,40 +148130,30 @@ "Properties": { "additionalProperties": false, "properties": { - "CodeSha256": { - "markdownDescription": "Only publish a version if the hash value matches the value that's specified. Use this option to avoid publishing a version if the function code has changed since you last updated it. Updates are not supported for this property.", - "title": "CodeSha256", - "type": "string" - }, "Description": { - "markdownDescription": "A description for the version to override the description in the function configuration. Updates are not supported for this property.", + "markdownDescription": "A summary of the package being created. This can be used to outline the package's contents or purpose.", "title": "Description", "type": "string" }, - "FunctionName": { - "markdownDescription": "The name or ARN of the Lambda function.\n\n**Name formats** - *Function name* - `MyFunction` .\n- *Function ARN* - `arn:aws:lambda:us-west-2:123456789012:function:MyFunction` .\n- *Partial ARN* - `123456789012:function:MyFunction` .\n\nThe length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length.", - "title": "FunctionName", + "PackageName": { + "markdownDescription": "The name of the new software package.", + "title": "PackageName", "type": "string" }, - "ProvisionedConcurrencyConfig": { - "$ref": "#/definitions/AWS::Lambda::Version.ProvisionedConcurrencyConfiguration", - "markdownDescription": "Specifies a provisioned concurrency configuration for a function's version. Updates are not supported for this property.", - "title": "ProvisionedConcurrencyConfig" - }, - "RuntimePolicy": { - "$ref": "#/definitions/AWS::Lambda::Version.RuntimePolicy", - "markdownDescription": "", - "title": "RuntimePolicy" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata that can be used to manage the package.", + "title": "Tags", + "type": "array" } }, - "required": [ - "FunctionName" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Lambda::Version" + "AWS::IoT::SoftwarePackage" ], "type": "string" }, @@ -143784,45 +148167,11 @@ } }, "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::Lambda::Version.ProvisionedConcurrencyConfiguration": { - "additionalProperties": false, - "properties": { - "ProvisionedConcurrentExecutions": { - "markdownDescription": "The amount of provisioned concurrency to allocate for the version.", - "title": "ProvisionedConcurrentExecutions", - "type": "number" - } - }, - "required": [ - "ProvisionedConcurrentExecutions" - ], - "type": "object" - }, - "AWS::Lambda::Version.RuntimePolicy": { - "additionalProperties": false, - "properties": { - "RuntimeVersionArn": { - "markdownDescription": "The ARN of the runtime version you want the function to use.\n\n> This is only required if you're using the *Manual* runtime update mode.", - "title": "RuntimeVersionArn", - "type": "string" - }, - "UpdateRuntimeOn": { - "markdownDescription": "Specify the runtime update mode.\n\n- *Auto (default)* - Automatically update to the most recent and secure runtime version using a [Two-phase runtime version rollout](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html#runtime-management-two-phase) . This is the best choice for most customers to ensure they always benefit from runtime updates.\n- *FunctionUpdate* - Lambda updates the runtime of you function to the most recent and secure runtime version when you update your function. This approach synchronizes runtime updates with function deployments, giving you control over when runtime updates are applied and allowing you to detect and mitigate rare runtime update incompatibilities early. When using this setting, you need to regularly update your functions to keep their runtime up-to-date.\n- *Manual* - You specify a runtime version in your function configuration. The function will use this runtime version indefinitely. In the rare case where a new runtime version is incompatible with an existing function, this allows you to roll back your function to an earlier runtime version. For more information, see [Roll back a runtime version](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html#runtime-management-rollback) .\n\n*Valid Values* : `Auto` | `FunctionUpdate` | `Manual`", - "title": "UpdateRuntimeOn", - "type": "string" - } - }, - "required": [ - "UpdateRuntimeOn" + "Type" ], "type": "object" }, - "AWS::Lex::Bot": { + "AWS::IoT::SoftwarePackageVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -143857,82 +148206,64 @@ "Properties": { "additionalProperties": false, "properties": { - "AutoBuildBotLocales": { - "markdownDescription": "Indicates whether Amazon Lex V2 should automatically build the locales for the bot after a change.", - "title": "AutoBuildBotLocales", - "type": "boolean" - }, - "BotFileS3Location": { - "$ref": "#/definitions/AWS::Lex::Bot.S3Location", - "markdownDescription": "The Amazon S3 location of files used to import a bot. The files must be in the import format specified in [JSON format for importing and exporting](https://docs.aws.amazon.com/lexv2/latest/dg/import-export-format.html) in the *Amazon Lex developer guide.*", - "title": "BotFileS3Location" - }, - "BotLocales": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.BotLocale" - }, - "markdownDescription": "A list of locales for the bot.", - "title": "BotLocales", - "type": "array" + "Artifact": { + "$ref": "#/definitions/AWS::IoT::SoftwarePackageVersion.PackageVersionArtifact", + "markdownDescription": "", + "title": "Artifact" }, - "BotTags": { - "items": { - "$ref": "#/definitions/Tag" + "Attributes": { + "additionalProperties": true, + "markdownDescription": "Metadata that can be used to define a package version\u2019s configuration. For example, the S3 file location, configuration options that are being sent to the device or fleet.\n\nThe combined size of all the attributes on a package version is limited to 3KB.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "A list of tags to add to the bot. You can only add tags when you import a bot. You can't use the `UpdateBot` operation to update tags. To update tags, use the `TagResource` operation.", - "title": "BotTags", - "type": "array" - }, - "DataPrivacy": { - "$ref": "#/definitions/AWS::Lex::Bot.DataPrivacy", - "markdownDescription": "By default, data stored by Amazon Lex is encrypted. The `DataPrivacy` structure provides settings that determine how Amazon Lex handles special cases of securing the data for your bot.", - "title": "DataPrivacy" + "title": "Attributes", + "type": "object" }, "Description": { - "markdownDescription": "The description of the version.", + "markdownDescription": "A summary of the package version being created. This can be used to outline the package's contents or purpose.", "title": "Description", "type": "string" }, - "IdleSessionTTLInSeconds": { - "markdownDescription": "The time, in seconds, that Amazon Lex should keep information about a user's conversation with the bot.\n\nA user interaction remains active for the amount of time specified. If no conversation occurs during this time, the session expires and Amazon Lex deletes any data provided before the timeout.\n\nYou can specify between 60 (1 minute) and 86,400 (24 hours) seconds.", - "title": "IdleSessionTTLInSeconds", - "type": "number" - }, - "Name": { - "markdownDescription": "The name of the bot locale.", - "title": "Name", + "PackageName": { + "markdownDescription": "The name of the associated software package.", + "title": "PackageName", "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role used to build and run the bot.", - "title": "RoleArn", + "Recipe": { + "markdownDescription": "", + "title": "Recipe", "type": "string" }, - "TestBotAliasSettings": { - "$ref": "#/definitions/AWS::Lex::Bot.TestBotAliasSettings", - "markdownDescription": "Specifies configuration settings for the alias used to test the bot. If the `TestBotAliasSettings` property is not specified, the settings are configured with default values.", - "title": "TestBotAliasSettings" + "Sbom": { + "$ref": "#/definitions/AWS::IoT::SoftwarePackageVersion.Sbom", + "markdownDescription": "", + "title": "Sbom" }, - "TestBotAliasTags": { + "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tags to add to the test alias for a bot. You can only add tags when you import a bot. You can't use the `UpdateAlias` operation to update tags. To update tags on the test alias, use the `TagResource` operation.", - "title": "TestBotAliasTags", + "markdownDescription": "Metadata that can be used to manage the package version.", + "title": "Tags", "type": "array" + }, + "VersionName": { + "markdownDescription": "The name of the new package version.", + "title": "VersionName", + "type": "string" } }, "required": [ - "DataPrivacy", - "IdleSessionTTLInSeconds", - "Name", - "RoleArn" + "PackageName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lex::Bot" + "AWS::IoT::SoftwarePackageVersion" ], "type": "string" }, @@ -143951,1439 +148282,1582 @@ ], "type": "object" }, - "AWS::Lex::Bot.AdvancedRecognitionSetting": { + "AWS::IoT::SoftwarePackageVersion.PackageVersionArtifact": { "additionalProperties": false, "properties": { - "AudioRecognitionStrategy": { - "markdownDescription": "Enables using the slot values as a custom vocabulary for recognizing user utterances.", - "title": "AudioRecognitionStrategy", - "type": "string" + "S3Location": { + "$ref": "#/definitions/AWS::IoT::SoftwarePackageVersion.S3Location", + "markdownDescription": "", + "title": "S3Location" } }, + "required": [ + "S3Location" + ], "type": "object" }, - "AWS::Lex::Bot.AllowedInputTypes": { + "AWS::IoT::SoftwarePackageVersion.S3Location": { "additionalProperties": false, "properties": { - "AllowAudioInput": { - "markdownDescription": "Indicates whether audio input is allowed.", - "title": "AllowAudioInput", - "type": "boolean" + "Bucket": { + "markdownDescription": "", + "title": "Bucket", + "type": "string" }, - "AllowDTMFInput": { - "markdownDescription": "Indicates whether DTMF input is allowed.", - "title": "AllowDTMFInput", - "type": "boolean" + "Key": { + "markdownDescription": "", + "title": "Key", + "type": "string" + }, + "Version": { + "markdownDescription": "", + "title": "Version", + "type": "string" } }, "required": [ - "AllowAudioInput", - "AllowDTMFInput" + "Bucket", + "Key", + "Version" ], "type": "object" }, - "AWS::Lex::Bot.AudioAndDTMFInputSpecification": { + "AWS::IoT::SoftwarePackageVersion.Sbom": { "additionalProperties": false, "properties": { - "AudioSpecification": { - "$ref": "#/definitions/AWS::Lex::Bot.AudioSpecification", - "markdownDescription": "Specifies the settings on audio input.", - "title": "AudioSpecification" - }, - "DTMFSpecification": { - "$ref": "#/definitions/AWS::Lex::Bot.DTMFSpecification", - "markdownDescription": "Specifies the settings on DTMF input.", - "title": "DTMFSpecification" - }, - "StartTimeoutMs": { - "markdownDescription": "Time for which a bot waits before assuming that the customer isn't going to speak or press a key. This timeout is shared between Audio and DTMF inputs.", - "title": "StartTimeoutMs", - "type": "number" + "S3Location": { + "$ref": "#/definitions/AWS::IoT::SoftwarePackageVersion.S3Location", + "markdownDescription": "", + "title": "S3Location" } }, "required": [ - "StartTimeoutMs" + "S3Location" ], "type": "object" }, - "AWS::Lex::Bot.AudioLogDestination": { + "AWS::IoT::Thing": { "additionalProperties": false, "properties": { - "S3Bucket": { - "$ref": "#/definitions/AWS::Lex::Bot.S3BucketLogDestination", - "markdownDescription": "Specifies the Amazon S3 bucket where the audio files are stored.", - "title": "S3Bucket" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AttributePayload": { + "$ref": "#/definitions/AWS::IoT::Thing.AttributePayload", + "markdownDescription": "A string that contains up to three key value pairs. Maximum length of 800. Duplicates not allowed.", + "title": "AttributePayload" + }, + "ThingName": { + "markdownDescription": "The name of the thing to update.\n\nYou can't change a thing's name. To change a thing's name, you must create a new thing, give it the new name, and then delete the old thing.", + "title": "ThingName", + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IoT::Thing" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "S3Bucket" + "Type" ], "type": "object" }, - "AWS::Lex::Bot.AudioLogSetting": { + "AWS::IoT::Thing.AttributePayload": { "additionalProperties": false, "properties": { - "Destination": { - "$ref": "#/definitions/AWS::Lex::Bot.AudioLogDestination", - "markdownDescription": "Specifies the location of the audio log files collected when conversation logging is enabled for a bot.", - "title": "Destination" - }, - "Enabled": { - "markdownDescription": "Determines whether audio logging in enabled for the bot.", - "title": "Enabled", - "type": "boolean" + "Attributes": { + "additionalProperties": true, + "markdownDescription": "A JSON string containing up to three key-value pair in JSON format. For example:\n\n`{\\\"attributes\\\":{\\\"string1\\\":\\\"string2\\\"}}`", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Attributes", + "type": "object" } }, - "required": [ - "Destination", - "Enabled" - ], "type": "object" }, - "AWS::Lex::Bot.AudioSpecification": { + "AWS::IoT::ThingGroup": { "additionalProperties": false, "properties": { - "EndTimeoutMs": { - "markdownDescription": "Time for which a bot waits after the customer stops speaking to assume the utterance is finished.", - "title": "EndTimeoutMs", - "type": "number" + "Condition": { + "type": "string" }, - "MaxLengthMs": { - "markdownDescription": "Time for how long Amazon Lex waits before speech input is truncated and the speech is returned to application.", - "title": "MaxLengthMs", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ParentGroupName": { + "markdownDescription": "The parent thing group name.\n\nA Dynamic Thing Group does not have `parentGroupName` defined.", + "title": "ParentGroupName", + "type": "string" + }, + "QueryString": { + "markdownDescription": "The dynamic thing group search query string.\n\nThe `queryString` attribute *is* required for `CreateDynamicThingGroup` . The `queryString` attribute *is not* required for `CreateThingGroup` .", + "title": "QueryString", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata which can be used to manage the thing group or dynamic thing group.", + "title": "Tags", + "type": "array" + }, + "ThingGroupName": { + "markdownDescription": "The thing group name.", + "title": "ThingGroupName", + "type": "string" + }, + "ThingGroupProperties": { + "$ref": "#/definitions/AWS::IoT::ThingGroup.ThingGroupProperties", + "markdownDescription": "Thing group properties.", + "title": "ThingGroupProperties" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IoT::ThingGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "EndTimeoutMs", - "MaxLengthMs" + "Type" ], "type": "object" }, - "AWS::Lex::Bot.BotAliasLocaleSettings": { + "AWS::IoT::ThingGroup.AttributePayload": { "additionalProperties": false, "properties": { - "CodeHookSpecification": { - "$ref": "#/definitions/AWS::Lex::Bot.CodeHookSpecification", - "markdownDescription": "Specifies the Lambda function that should be used in the locale.", - "title": "CodeHookSpecification" - }, - "Enabled": { - "markdownDescription": "Determines whether the locale is enabled for the bot. If the value is `false` , the locale isn't available for use.", - "title": "Enabled", - "type": "boolean" + "Attributes": { + "additionalProperties": true, + "markdownDescription": "A JSON string containing up to three key-value pair in JSON format. For example:\n\n`{\\\"attributes\\\":{\\\"string1\\\":\\\"string2\\\"}}`", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Attributes", + "type": "object" } }, - "required": [ - "Enabled" - ], "type": "object" }, - "AWS::Lex::Bot.BotAliasLocaleSettingsItem": { + "AWS::IoT::ThingGroup.ThingGroupProperties": { "additionalProperties": false, "properties": { - "BotAliasLocaleSetting": { - "$ref": "#/definitions/AWS::Lex::Bot.BotAliasLocaleSettings", - "markdownDescription": "Specifies locale settings for a locale.", - "title": "BotAliasLocaleSetting" + "AttributePayload": { + "$ref": "#/definitions/AWS::IoT::ThingGroup.AttributePayload", + "markdownDescription": "The thing group attributes in JSON format.", + "title": "AttributePayload" }, - "LocaleId": { - "markdownDescription": "Specifies the locale that the settings apply to.", - "title": "LocaleId", + "ThingGroupDescription": { + "markdownDescription": "The thing group description.", + "title": "ThingGroupDescription", "type": "string" } }, - "required": [ - "BotAliasLocaleSetting", - "LocaleId" - ], "type": "object" }, - "AWS::Lex::Bot.BotLocale": { + "AWS::IoT::ThingPrincipalAttachment": { "additionalProperties": false, "properties": { - "CustomVocabulary": { - "$ref": "#/definitions/AWS::Lex::Bot.CustomVocabulary", - "markdownDescription": "Specifies a custom vocabulary to use with a specific locale.", - "title": "CustomVocabulary" - }, - "Description": { - "markdownDescription": "A description of the bot locale. Use this to help identify the bot locale in lists.", - "title": "Description", + "Condition": { "type": "string" }, - "Intents": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.Intent" - }, - "markdownDescription": "One or more intents defined for the locale.", - "title": "Intents", - "type": "array" - }, - "LocaleId": { - "markdownDescription": "The identifier of the language and locale that the bot will be used in. The string must match one of the supported locales.", - "title": "LocaleId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "NluConfidenceThreshold": { - "markdownDescription": "Determines the threshold where Amazon Lex will insert the `AMAZON.FallbackIntent` , `AMAZON.KendraSearchIntent` , or both when returning alternative intents. You must configure an `AMAZON.FallbackIntent` . `AMAZON.KendraSearchIntent` is only inserted if it is configured for the bot.", - "title": "NluConfidenceThreshold", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SlotTypes": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.SlotType" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Principal": { + "markdownDescription": "The principal, which can be a certificate ARN (as returned from the `CreateCertificate` operation) or an Amazon Cognito ID.", + "title": "Principal", + "type": "string" + }, + "ThingName": { + "markdownDescription": "The name of the AWS IoT thing.", + "title": "ThingName", + "type": "string" + }, + "ThingPrincipalType": { + "markdownDescription": "", + "title": "ThingPrincipalType", + "type": "string" + } }, - "markdownDescription": "One or more slot types defined for the locale.", - "title": "SlotTypes", - "type": "array" + "required": [ + "Principal", + "ThingName" + ], + "type": "object" }, - "VoiceSettings": { - "$ref": "#/definitions/AWS::Lex::Bot.VoiceSettings", - "markdownDescription": "Defines settings for using an Amazon Polly voice to communicate with a user.\n\nValid values include:\n\n- `standard`\n- `neural`\n- `long-form`\n- `generative`", - "title": "VoiceSettings" - } - }, - "required": [ - "LocaleId", - "NluConfidenceThreshold" - ], - "type": "object" - }, - "AWS::Lex::Bot.Button": { - "additionalProperties": false, - "properties": { - "Text": { - "markdownDescription": "The text that appears on the button. Use this to tell the user what value is returned when they choose this button.", - "title": "Text", + "Type": { + "enum": [ + "AWS::IoT::ThingPrincipalAttachment" + ], "type": "string" }, - "Value": { - "markdownDescription": "The value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.", - "title": "Value", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Text", - "Value" + "Type", + "Properties" ], "type": "object" }, - "AWS::Lex::Bot.CloudWatchLogGroupLogDestination": { + "AWS::IoT::ThingType": { "additionalProperties": false, "properties": { - "CloudWatchLogGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the log group where text and metadata logs are delivered.", - "title": "CloudWatchLogGroupArn", + "Condition": { "type": "string" }, - "LogPrefix": { - "markdownDescription": "The prefix of the log stream name within the log group that you specified", - "title": "LogPrefix", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DeprecateThingType": { + "markdownDescription": "Deprecates a thing type. You can not associate new things with deprecated thing type.\n\nRequires permission to access the [DeprecateThingType](https://docs.aws.amazon.com//service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions) action.", + "title": "DeprecateThingType", + "type": "boolean" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata which can be used to manage the thing type.", + "title": "Tags", + "type": "array" + }, + "ThingTypeName": { + "markdownDescription": "The name of the thing type.", + "title": "ThingTypeName", + "type": "string" + }, + "ThingTypeProperties": { + "$ref": "#/definitions/AWS::IoT::ThingType.ThingTypeProperties", + "markdownDescription": "The thing type properties for the thing type to create. It contains information about the new thing type including a description, a list of searchable thing attribute names, and a list of propagating attributes. After a thing type is created, you can only update `Mqtt5Configuration` .", + "title": "ThingTypeProperties" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IoT::ThingType" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "CloudWatchLogGroupArn", - "LogPrefix" + "Type" ], "type": "object" }, - "AWS::Lex::Bot.CodeHookSpecification": { + "AWS::IoT::ThingType.Mqtt5Configuration": { "additionalProperties": false, "properties": { - "LambdaCodeHook": { - "$ref": "#/definitions/AWS::Lex::Bot.LambdaCodeHook", - "markdownDescription": "Specifies a Lambda function that verifies requests to a bot or fulfills the user's request to a bot.", - "title": "LambdaCodeHook" + "PropagatingAttributes": { + "items": { + "$ref": "#/definitions/AWS::IoT::ThingType.PropagatingAttribute" + }, + "markdownDescription": "An object that represents the connection attribute, the thing attribute, and the MQTT 5 user property key.", + "title": "PropagatingAttributes", + "type": "array" } }, - "required": [ - "LambdaCodeHook" - ], "type": "object" }, - "AWS::Lex::Bot.Condition": { + "AWS::IoT::ThingType.PropagatingAttribute": { "additionalProperties": false, "properties": { - "ExpressionString": { - "markdownDescription": "The expression string that is evaluated.", - "title": "ExpressionString", + "ConnectionAttribute": { + "markdownDescription": "The attribute associated with the connection details.", + "title": "ConnectionAttribute", + "type": "string" + }, + "ThingAttribute": { + "markdownDescription": "The thing attribute that is propagating for MQTT 5 message enrichment.", + "title": "ThingAttribute", + "type": "string" + }, + "UserPropertyKey": { + "markdownDescription": "The key of the MQTT 5 user property, which is a key-value pair.", + "title": "UserPropertyKey", "type": "string" } }, "required": [ - "ExpressionString" + "UserPropertyKey" ], "type": "object" }, - "AWS::Lex::Bot.ConditionalBranch": { + "AWS::IoT::ThingType.ThingTypeProperties": { "additionalProperties": false, "properties": { - "Condition": { - "$ref": "#/definitions/AWS::Lex::Bot.Condition", - "markdownDescription": "Contains the expression to evaluate. If the condition is true, the branch's actions are taken.", - "title": "Condition" - }, - "Name": { - "markdownDescription": "The name of the branch.", - "title": "Name", - "type": "string" + "Mqtt5Configuration": { + "$ref": "#/definitions/AWS::IoT::ThingType.Mqtt5Configuration", + "markdownDescription": "The configuration to add user-defined properties to enrich MQTT 5 messages.", + "title": "Mqtt5Configuration" }, - "NextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "The next step in the conversation.", - "title": "NextStep" + "SearchableAttributes": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of searchable thing attribute names.", + "title": "SearchableAttributes", + "type": "array" }, - "Response": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input.", - "title": "Response" + "ThingTypeDescription": { + "markdownDescription": "The description of the thing type.", + "title": "ThingTypeDescription", + "type": "string" } }, - "required": [ - "Condition", - "Name", - "NextStep" - ], "type": "object" }, - "AWS::Lex::Bot.ConditionalSpecification": { + "AWS::IoT::TopicRule": { "additionalProperties": false, "properties": { - "ConditionalBranches": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalBranch" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "RuleName": { + "markdownDescription": "The name of the rule.", + "title": "RuleName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata which can be used to manage the topic rule.\n\n> For URI Request parameters use format: ...key1=value1&key2=value2...\n> \n> For the CLI command-line parameter use format: --tags \"key1=value1&key2=value2...\"\n> \n> For the cli-input-json file use format: \"tags\": \"key1=value1&key2=value2...\"", + "title": "Tags", + "type": "array" + }, + "TopicRulePayload": { + "$ref": "#/definitions/AWS::IoT::TopicRule.TopicRulePayload", + "markdownDescription": "The rule payload.", + "title": "TopicRulePayload" + } }, - "markdownDescription": "A list of conditional branches. A conditional branch is made up of a condition, a response and a next step. The response and next step are executed when the condition is true.", - "title": "ConditionalBranches", - "type": "array" + "required": [ + "TopicRulePayload" + ], + "type": "object" }, - "DefaultBranch": { - "$ref": "#/definitions/AWS::Lex::Bot.DefaultConditionalBranch", - "markdownDescription": "The conditional branch that should be followed when the conditions for other branches are not satisfied. A conditional branch is made up of a condition, a response and a next step.", - "title": "DefaultBranch" + "Type": { + "enum": [ + "AWS::IoT::TopicRule" + ], + "type": "string" }, - "IsActive": { - "markdownDescription": "Determines whether a conditional branch is active. When `IsActive` is false, the conditions are not evaluated.", - "title": "IsActive", - "type": "boolean" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "ConditionalBranches", - "DefaultBranch", - "IsActive" + "Type", + "Properties" ], "type": "object" }, - "AWS::Lex::Bot.ConversationLogSettings": { + "AWS::IoT::TopicRule.Action": { "additionalProperties": false, "properties": { - "AudioLogSettings": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.AudioLogSetting" - }, - "markdownDescription": "The Amazon S3 settings for logging audio to an S3 bucket.", - "title": "AudioLogSettings", - "type": "array" + "CloudwatchAlarm": { + "$ref": "#/definitions/AWS::IoT::TopicRule.CloudwatchAlarmAction", + "markdownDescription": "Change the state of a CloudWatch alarm.", + "title": "CloudwatchAlarm" }, - "TextLogSettings": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.TextLogSetting" - }, - "markdownDescription": "The Amazon CloudWatch Logs settings for logging text and metadata.", - "title": "TextLogSettings", - "type": "array" + "CloudwatchLogs": { + "$ref": "#/definitions/AWS::IoT::TopicRule.CloudwatchLogsAction", + "markdownDescription": "Sends data to CloudWatch.", + "title": "CloudwatchLogs" + }, + "CloudwatchMetric": { + "$ref": "#/definitions/AWS::IoT::TopicRule.CloudwatchMetricAction", + "markdownDescription": "Capture a CloudWatch metric.", + "title": "CloudwatchMetric" + }, + "DynamoDB": { + "$ref": "#/definitions/AWS::IoT::TopicRule.DynamoDBAction", + "markdownDescription": "Write to a DynamoDB table.", + "title": "DynamoDB" + }, + "DynamoDBv2": { + "$ref": "#/definitions/AWS::IoT::TopicRule.DynamoDBv2Action", + "markdownDescription": "Write to a DynamoDB table. This is a new version of the DynamoDB action. It allows you to write each attribute in an MQTT message payload into a separate DynamoDB column.", + "title": "DynamoDBv2" + }, + "Elasticsearch": { + "$ref": "#/definitions/AWS::IoT::TopicRule.ElasticsearchAction", + "markdownDescription": "Write data to an Amazon OpenSearch Service domain.\n\n> The `Elasticsearch` action can only be used by existing rule actions. To create a new rule action or to update an existing rule action, use the `OpenSearch` rule action instead. For more information, see [OpenSearchAction](https://docs.aws.amazon.com//iot/latest/apireference/API_OpenSearchAction.html) .", + "title": "Elasticsearch" + }, + "Firehose": { + "$ref": "#/definitions/AWS::IoT::TopicRule.FirehoseAction", + "markdownDescription": "Write to an Amazon Kinesis Firehose stream.", + "title": "Firehose" + }, + "Http": { + "$ref": "#/definitions/AWS::IoT::TopicRule.HttpAction", + "markdownDescription": "Send data to an HTTPS endpoint.", + "title": "Http" + }, + "IotAnalytics": { + "$ref": "#/definitions/AWS::IoT::TopicRule.IotAnalyticsAction", + "markdownDescription": "Sends message data to an AWS IoT Analytics channel.", + "title": "IotAnalytics" + }, + "IotEvents": { + "$ref": "#/definitions/AWS::IoT::TopicRule.IotEventsAction", + "markdownDescription": "Sends an input to an AWS IoT Events detector.", + "title": "IotEvents" + }, + "IotSiteWise": { + "$ref": "#/definitions/AWS::IoT::TopicRule.IotSiteWiseAction", + "markdownDescription": "Sends data from the MQTT message that triggered the rule to AWS IoT SiteWise asset properties.", + "title": "IotSiteWise" + }, + "Kafka": { + "$ref": "#/definitions/AWS::IoT::TopicRule.KafkaAction", + "markdownDescription": "Send messages to an Amazon Managed Streaming for Apache Kafka (Amazon MSK) or self-managed Apache Kafka cluster.", + "title": "Kafka" + }, + "Kinesis": { + "$ref": "#/definitions/AWS::IoT::TopicRule.KinesisAction", + "markdownDescription": "Write data to an Amazon Kinesis stream.", + "title": "Kinesis" + }, + "Lambda": { + "$ref": "#/definitions/AWS::IoT::TopicRule.LambdaAction", + "markdownDescription": "Invoke a Lambda function.", + "title": "Lambda" + }, + "Location": { + "$ref": "#/definitions/AWS::IoT::TopicRule.LocationAction", + "markdownDescription": "Sends device location data to [Amazon Location Service](https://docs.aws.amazon.com//location/latest/developerguide/welcome.html) .", + "title": "Location" + }, + "OpenSearch": { + "$ref": "#/definitions/AWS::IoT::TopicRule.OpenSearchAction", + "markdownDescription": "Write data to an Amazon OpenSearch Service domain.", + "title": "OpenSearch" + }, + "Republish": { + "$ref": "#/definitions/AWS::IoT::TopicRule.RepublishAction", + "markdownDescription": "Publish to another MQTT topic.", + "title": "Republish" + }, + "S3": { + "$ref": "#/definitions/AWS::IoT::TopicRule.S3Action", + "markdownDescription": "Write to an Amazon S3 bucket.", + "title": "S3" + }, + "Sns": { + "$ref": "#/definitions/AWS::IoT::TopicRule.SnsAction", + "markdownDescription": "Publish to an Amazon SNS topic.", + "title": "Sns" + }, + "Sqs": { + "$ref": "#/definitions/AWS::IoT::TopicRule.SqsAction", + "markdownDescription": "Publish to an Amazon SQS queue.", + "title": "Sqs" + }, + "StepFunctions": { + "$ref": "#/definitions/AWS::IoT::TopicRule.StepFunctionsAction", + "markdownDescription": "Starts execution of a Step Functions state machine.", + "title": "StepFunctions" + }, + "Timestream": { + "$ref": "#/definitions/AWS::IoT::TopicRule.TimestreamAction", + "markdownDescription": "Writes attributes from an MQTT message.", + "title": "Timestream" } }, "type": "object" }, - "AWS::Lex::Bot.CustomPayload": { + "AWS::IoT::TopicRule.AssetPropertyTimestamp": { "additionalProperties": false, "properties": { - "Value": { - "markdownDescription": "The string that is sent to your application.", - "title": "Value", + "OffsetInNanos": { + "markdownDescription": "Optional. A string that contains the nanosecond time offset. Accepts substitution templates.", + "title": "OffsetInNanos", + "type": "string" + }, + "TimeInSeconds": { + "markdownDescription": "A string that contains the time in seconds since epoch. Accepts substitution templates.", + "title": "TimeInSeconds", "type": "string" } }, "required": [ - "Value" + "TimeInSeconds" ], "type": "object" }, - "AWS::Lex::Bot.CustomVocabulary": { + "AWS::IoT::TopicRule.AssetPropertyValue": { "additionalProperties": false, "properties": { - "CustomVocabularyItems": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.CustomVocabularyItem" - }, - "markdownDescription": "Specifies a list of words that you expect to be used during a conversation with your bot.", - "title": "CustomVocabularyItems", - "type": "array" + "Quality": { + "markdownDescription": "Optional. A string that describes the quality of the value. Accepts substitution templates. Must be `GOOD` , `BAD` , or `UNCERTAIN` .", + "title": "Quality", + "type": "string" + }, + "Timestamp": { + "$ref": "#/definitions/AWS::IoT::TopicRule.AssetPropertyTimestamp", + "markdownDescription": "The asset property value timestamp.", + "title": "Timestamp" + }, + "Value": { + "$ref": "#/definitions/AWS::IoT::TopicRule.AssetPropertyVariant", + "markdownDescription": "The value of the asset property.", + "title": "Value" } }, "required": [ - "CustomVocabularyItems" + "Timestamp", + "Value" ], "type": "object" }, - "AWS::Lex::Bot.CustomVocabularyItem": { + "AWS::IoT::TopicRule.AssetPropertyVariant": { "additionalProperties": false, "properties": { - "DisplayAs": { - "markdownDescription": "The DisplayAs value for the custom vocabulary item from the custom vocabulary list.", - "title": "DisplayAs", + "BooleanValue": { + "markdownDescription": "Optional. A string that contains the boolean value ( `true` or `false` ) of the value entry. Accepts substitution templates.", + "title": "BooleanValue", "type": "string" }, - "Phrase": { - "markdownDescription": "Specifies 1 - 4 words that should be recognized.", - "title": "Phrase", + "DoubleValue": { + "markdownDescription": "Optional. A string that contains the double value of the value entry. Accepts substitution templates.", + "title": "DoubleValue", "type": "string" }, - "Weight": { - "markdownDescription": "Specifies the degree to which the phrase recognition is boosted. The default value is 1.", - "title": "Weight", - "type": "number" + "IntegerValue": { + "markdownDescription": "Optional. A string that contains the integer value of the value entry. Accepts substitution templates.", + "title": "IntegerValue", + "type": "string" + }, + "StringValue": { + "markdownDescription": "Optional. The string value of the value entry. Accepts substitution templates.", + "title": "StringValue", + "type": "string" } }, - "required": [ - "Phrase" - ], "type": "object" }, - "AWS::Lex::Bot.DTMFSpecification": { + "AWS::IoT::TopicRule.CloudwatchAlarmAction": { "additionalProperties": false, "properties": { - "DeletionCharacter": { - "markdownDescription": "The DTMF character that clears the accumulated DTMF digits and immediately ends the input.", - "title": "DeletionCharacter", + "AlarmName": { + "markdownDescription": "The CloudWatch alarm name.", + "title": "AlarmName", "type": "string" }, - "EndCharacter": { - "markdownDescription": "The DTMF character that immediately ends input. If the user does not press this character, the input ends after the end timeout.", - "title": "EndCharacter", + "RoleArn": { + "markdownDescription": "The IAM role that allows access to the CloudWatch alarm.", + "title": "RoleArn", "type": "string" }, - "EndTimeoutMs": { - "markdownDescription": "How long the bot should wait after the last DTMF character input before assuming that the input has concluded.", - "title": "EndTimeoutMs", - "type": "number" + "StateReason": { + "markdownDescription": "The reason for the alarm change.", + "title": "StateReason", + "type": "string" }, - "MaxLength": { - "markdownDescription": "The maximum number of DTMF digits allowed in an utterance.", - "title": "MaxLength", - "type": "number" + "StateValue": { + "markdownDescription": "The value of the alarm state. Acceptable values are: OK, ALARM, INSUFFICIENT_DATA.", + "title": "StateValue", + "type": "string" } }, "required": [ - "DeletionCharacter", - "EndCharacter", - "EndTimeoutMs", - "MaxLength" + "AlarmName", + "RoleArn", + "StateReason", + "StateValue" ], "type": "object" }, - "AWS::Lex::Bot.DataPrivacy": { + "AWS::IoT::TopicRule.CloudwatchLogsAction": { "additionalProperties": false, "properties": { - "ChildDirected": { - "markdownDescription": "For each Amazon Lex bot created with the Amazon Lex Model Building Service, you must specify whether your use of Amazon Lex is related to a website, program, or other application that is directed or targeted, in whole or in part, to children under age 13 and subject to the Children's Online Privacy Protection Act (COPPA) by specifying `true` or `false` in the `childDirected` field. By specifying `true` in the `childDirected` field, you confirm that your use of Amazon Lex *is* related to a website, program, or other application that is directed or targeted, in whole or in part, to children under age 13 and subject to COPPA. By specifying `false` in the `childDirected` field, you confirm that your use of Amazon Lex *is not* related to a website, program, or other application that is directed or targeted, in whole or in part, to children under age 13 and subject to COPPA. You may not specify a default value for the `childDirected` field that does not accurately reflect whether your use of Amazon Lex is related to a website, program, or other application that is directed or targeted, in whole or in part, to children under age 13 and subject to COPPA. If your use of Amazon Lex relates to a website, program, or other application that is directed in whole or in part, to children under age 13, you must obtain any required verifiable parental consent under COPPA. For information regarding the use of Amazon Lex in connection with websites, programs, or other applications that are directed or targeted, in whole or in part, to children under age 13, see the [Amazon Lex FAQ](https://docs.aws.amazon.com/lex/faqs#data-security) .", - "title": "ChildDirected", + "BatchMode": { + "markdownDescription": "Indicates whether batches of log records will be extracted and uploaded into CloudWatch.", + "title": "BatchMode", "type": "boolean" + }, + "LogGroupName": { + "markdownDescription": "The CloudWatch log name.", + "title": "LogGroupName", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The IAM role that allows access to the CloudWatch log.", + "title": "RoleArn", + "type": "string" } }, "required": [ - "ChildDirected" + "LogGroupName", + "RoleArn" ], "type": "object" }, - "AWS::Lex::Bot.DefaultConditionalBranch": { + "AWS::IoT::TopicRule.CloudwatchMetricAction": { "additionalProperties": false, "properties": { - "NextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "The next step in the conversation.", - "title": "NextStep" + "MetricName": { + "markdownDescription": "The CloudWatch metric name.", + "title": "MetricName", + "type": "string" }, - "Response": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input.", - "title": "Response" - } - }, - "type": "object" - }, - "AWS::Lex::Bot.DialogAction": { - "additionalProperties": false, - "properties": { - "SlotToElicit": { - "markdownDescription": "If the dialog action is `ElicitSlot` , defines the slot to elicit from the user.", - "title": "SlotToElicit", + "MetricNamespace": { + "markdownDescription": "The CloudWatch metric namespace name.", + "title": "MetricNamespace", "type": "string" }, - "SuppressNextMessage": { - "markdownDescription": "When true the next message for the intent is not used.", - "title": "SuppressNextMessage", - "type": "boolean" + "MetricTimestamp": { + "markdownDescription": "An optional [Unix timestamp](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/cloudwatch_concepts.html#about_timestamp) .", + "title": "MetricTimestamp", + "type": "string" }, - "Type": { - "markdownDescription": "The action that the bot should execute.", - "title": "Type", + "MetricUnit": { + "markdownDescription": "The [metric unit](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/cloudwatch_concepts.html#Unit) supported by CloudWatch.", + "title": "MetricUnit", + "type": "string" + }, + "MetricValue": { + "markdownDescription": "The CloudWatch metric value.", + "title": "MetricValue", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The IAM role that allows access to the CloudWatch metric.", + "title": "RoleArn", "type": "string" } }, "required": [ - "Type" + "MetricName", + "MetricNamespace", + "MetricUnit", + "MetricValue", + "RoleArn" ], "type": "object" }, - "AWS::Lex::Bot.DialogCodeHookInvocationSetting": { + "AWS::IoT::TopicRule.DynamoDBAction": { "additionalProperties": false, "properties": { - "EnableCodeHookInvocation": { - "markdownDescription": "Indicates whether a Lambda function should be invoked for the dialog.", - "title": "EnableCodeHookInvocation", - "type": "boolean" + "HashKeyField": { + "markdownDescription": "The hash key name.", + "title": "HashKeyField", + "type": "string" }, - "InvocationLabel": { - "markdownDescription": "A label that indicates the dialog step from which the dialog code hook is happening.", - "title": "InvocationLabel", + "HashKeyType": { + "markdownDescription": "The hash key type. Valid values are \"STRING\" or \"NUMBER\"", + "title": "HashKeyType", "type": "string" }, - "IsActive": { - "markdownDescription": "Determines whether a dialog code hook is used when the intent is activated.", - "title": "IsActive", - "type": "boolean" + "HashKeyValue": { + "markdownDescription": "The hash key value.", + "title": "HashKeyValue", + "type": "string" }, - "PostCodeHookSpecification": { - "$ref": "#/definitions/AWS::Lex::Bot.PostDialogCodeHookInvocationSpecification", - "markdownDescription": "Contains the responses and actions that Amazon Lex takes after the Lambda function is complete.", - "title": "PostCodeHookSpecification" + "PayloadField": { + "markdownDescription": "The action payload. This name can be customized.", + "title": "PayloadField", + "type": "string" + }, + "RangeKeyField": { + "markdownDescription": "The range key name.", + "title": "RangeKeyField", + "type": "string" + }, + "RangeKeyType": { + "markdownDescription": "The range key type. Valid values are \"STRING\" or \"NUMBER\"", + "title": "RangeKeyType", + "type": "string" + }, + "RangeKeyValue": { + "markdownDescription": "The range key value.", + "title": "RangeKeyValue", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that grants access to the DynamoDB table.", + "title": "RoleArn", + "type": "string" + }, + "TableName": { + "markdownDescription": "The name of the DynamoDB table.", + "title": "TableName", + "type": "string" } }, "required": [ - "EnableCodeHookInvocation", - "IsActive", - "PostCodeHookSpecification" + "HashKeyField", + "HashKeyValue", + "RoleArn", + "TableName" ], "type": "object" }, - "AWS::Lex::Bot.DialogCodeHookSetting": { + "AWS::IoT::TopicRule.DynamoDBv2Action": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Enables the dialog code hook so that it processes user requests.", - "title": "Enabled", - "type": "boolean" + "PutItem": { + "$ref": "#/definitions/AWS::IoT::TopicRule.PutItemInput", + "markdownDescription": "Specifies the DynamoDB table to which the message data will be written. For example:\n\n`{ \"dynamoDBv2\": { \"roleArn\": \"aws:iam:12341251:my-role\" \"putItem\": { \"tableName\": \"my-table\" } } }`\n\nEach attribute in the message payload will be written to a separate column in the DynamoDB database.", + "title": "PutItem" + }, + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that grants access to the DynamoDB table.", + "title": "RoleArn", + "type": "string" } }, - "required": [ - "Enabled" - ], "type": "object" }, - "AWS::Lex::Bot.DialogState": { + "AWS::IoT::TopicRule.ElasticsearchAction": { "additionalProperties": false, "properties": { - "DialogAction": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogAction", - "markdownDescription": "Defines the action that the bot executes at runtime when the conversation reaches this step.", - "title": "DialogAction" + "Endpoint": { + "markdownDescription": "The endpoint of your OpenSearch domain.", + "title": "Endpoint", + "type": "string" }, - "Intent": { - "$ref": "#/definitions/AWS::Lex::Bot.IntentOverride", - "markdownDescription": "Override settings to configure the intent state.", - "title": "Intent" + "Id": { + "markdownDescription": "The unique identifier for the document you are storing.", + "title": "Id", + "type": "string" }, - "SessionAttributes": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.SessionAttribute" - }, - "markdownDescription": "Map of key/value pairs representing session-specific context information. It contains application information passed between Amazon Lex and a client application.", - "title": "SessionAttributes", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Lex::Bot.ElicitationCodeHookInvocationSetting": { - "additionalProperties": false, - "properties": { - "EnableCodeHookInvocation": { - "markdownDescription": "Indicates whether a Lambda function should be invoked for the dialog.", - "title": "EnableCodeHookInvocation", - "type": "boolean" + "Index": { + "markdownDescription": "The index where you want to store your data.", + "title": "Index", + "type": "string" }, - "InvocationLabel": { - "markdownDescription": "A label that indicates the dialog step from which the dialog code hook is happening.", - "title": "InvocationLabel", + "RoleArn": { + "markdownDescription": "The IAM role ARN that has access to OpenSearch.", + "title": "RoleArn", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of document you are storing.", + "title": "Type", "type": "string" } }, "required": [ - "EnableCodeHookInvocation" + "Endpoint", + "Id", + "Index", + "RoleArn", + "Type" ], "type": "object" }, - "AWS::Lex::Bot.ExternalSourceSetting": { - "additionalProperties": false, - "properties": { - "GrammarSlotTypeSetting": { - "$ref": "#/definitions/AWS::Lex::Bot.GrammarSlotTypeSetting", - "markdownDescription": "Settings required for a slot type based on a grammar that you provide.", - "title": "GrammarSlotTypeSetting" - } - }, - "type": "object" - }, - "AWS::Lex::Bot.FulfillmentCodeHookSetting": { + "AWS::IoT::TopicRule.FirehoseAction": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Indicates whether a Lambda function should be invoked to fulfill a specific intent.", - "title": "Enabled", + "BatchMode": { + "markdownDescription": "Whether to deliver the Kinesis Data Firehose stream as a batch by using [`PutRecordBatch`](https://docs.aws.amazon.com/firehose/latest/APIReference/API_PutRecordBatch.html) . The default value is `false` .\n\nWhen `batchMode` is `true` and the rule's SQL statement evaluates to an Array, each Array element forms one record in the [`PutRecordBatch`](https://docs.aws.amazon.com/firehose/latest/APIReference/API_PutRecordBatch.html) request. The resulting array can't have more than 500 records.", + "title": "BatchMode", "type": "boolean" }, - "FulfillmentUpdatesSpecification": { - "$ref": "#/definitions/AWS::Lex::Bot.FulfillmentUpdatesSpecification", - "markdownDescription": "Provides settings for update messages sent to the user for long-running Lambda fulfillment functions. Fulfillment updates can be used only with streaming conversations.", - "title": "FulfillmentUpdatesSpecification" + "DeliveryStreamName": { + "markdownDescription": "The delivery stream name.", + "title": "DeliveryStreamName", + "type": "string" }, - "IsActive": { - "markdownDescription": "Determines whether the fulfillment code hook is used. When `active` is false, the code hook doesn't run.", - "title": "IsActive", - "type": "boolean" + "RoleArn": { + "markdownDescription": "The IAM role that grants access to the Amazon Kinesis Firehose stream.", + "title": "RoleArn", + "type": "string" }, - "PostFulfillmentStatusSpecification": { - "$ref": "#/definitions/AWS::Lex::Bot.PostFulfillmentStatusSpecification", - "markdownDescription": "Provides settings for messages sent to the user for after the Lambda fulfillment function completes. Post-fulfillment messages can be sent for both streaming and non-streaming conversations.", - "title": "PostFulfillmentStatusSpecification" + "Separator": { + "markdownDescription": "A character separator that will be used to separate records written to the Firehose stream. Valid values are: '\\n' (newline), '\\t' (tab), '\\r\\n' (Windows newline), ',' (comma).", + "title": "Separator", + "type": "string" } }, "required": [ - "Enabled" + "DeliveryStreamName", + "RoleArn" ], "type": "object" }, - "AWS::Lex::Bot.FulfillmentStartResponseSpecification": { + "AWS::IoT::TopicRule.HttpAction": { "additionalProperties": false, "properties": { - "AllowInterrupt": { - "markdownDescription": "Determines whether the user can interrupt the start message while it is playing.", - "title": "AllowInterrupt", - "type": "boolean" + "Auth": { + "$ref": "#/definitions/AWS::IoT::TopicRule.HttpAuthorization", + "markdownDescription": "The authentication method to use when sending data to an HTTPS endpoint.", + "title": "Auth" }, - "DelayInSeconds": { - "markdownDescription": "The delay between when the Lambda fulfillment function starts running and the start message is played. If the Lambda function returns before the delay is over, the start message isn't played.", - "title": "DelayInSeconds", - "type": "number" + "ConfirmationUrl": { + "markdownDescription": "The URL to which AWS IoT sends a confirmation message. The value of the confirmation URL must be a prefix of the endpoint URL. If you do not specify a confirmation URL AWS IoT uses the endpoint URL as the confirmation URL. If you use substitution templates in the confirmationUrl, you must create and enable topic rule destinations that match each possible value of the substitution template before traffic is allowed to your endpoint URL.", + "title": "ConfirmationUrl", + "type": "string" }, - "MessageGroups": { + "Headers": { "items": { - "$ref": "#/definitions/AWS::Lex::Bot.MessageGroup" + "$ref": "#/definitions/AWS::IoT::TopicRule.HttpActionHeader" }, - "markdownDescription": "1 - 5 message groups that contain start messages. Amazon Lex chooses one of the messages to play to the user.", - "title": "MessageGroups", + "markdownDescription": "The HTTP headers to send with the message data.", + "title": "Headers", "type": "array" - } - }, - "required": [ - "DelayInSeconds", - "MessageGroups" - ], - "type": "object" - }, - "AWS::Lex::Bot.FulfillmentUpdateResponseSpecification": { - "additionalProperties": false, - "properties": { - "AllowInterrupt": { - "markdownDescription": "Determines whether the user can interrupt an update message while it is playing.", - "title": "AllowInterrupt", - "type": "boolean" - }, - "FrequencyInSeconds": { - "markdownDescription": "The frequency that a message is sent to the user. When the period ends, Amazon Lex chooses a message from the message groups and plays it to the user. If the fulfillment Lambda returns before the first period ends, an update message is not played to the user.", - "title": "FrequencyInSeconds", - "type": "number" }, - "MessageGroups": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.MessageGroup" - }, - "markdownDescription": "1 - 5 message groups that contain update messages. Amazon Lex chooses one of the messages to play to the user.", - "title": "MessageGroups", - "type": "array" + "Url": { + "markdownDescription": "The endpoint URL. If substitution templates are used in the URL, you must also specify a `confirmationUrl` . If this is a new destination, a new `TopicRuleDestination` is created if possible.", + "title": "Url", + "type": "string" } }, "required": [ - "FrequencyInSeconds", - "MessageGroups" + "Url" ], "type": "object" }, - "AWS::Lex::Bot.FulfillmentUpdatesSpecification": { + "AWS::IoT::TopicRule.HttpActionHeader": { "additionalProperties": false, "properties": { - "Active": { - "markdownDescription": "Determines whether fulfillment updates are sent to the user. When this field is true, updates are sent.\n\nIf the `active` field is set to true, the `startResponse` , `updateResponse` , and `timeoutInSeconds` fields are required.", - "title": "Active", - "type": "boolean" - }, - "StartResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.FulfillmentStartResponseSpecification", - "markdownDescription": "Provides configuration information for the message sent to users when the fulfillment Lambda functions starts running.", - "title": "StartResponse" - }, - "TimeoutInSeconds": { - "markdownDescription": "The length of time that the fulfillment Lambda function should run before it times out.", - "title": "TimeoutInSeconds", - "type": "number" + "Key": { + "markdownDescription": "The HTTP header key.", + "title": "Key", + "type": "string" }, - "UpdateResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.FulfillmentUpdateResponseSpecification", - "markdownDescription": "Provides configuration information for messages sent periodically to the user while the fulfillment Lambda function is running.", - "title": "UpdateResponse" + "Value": { + "markdownDescription": "The HTTP header value. Substitution templates are supported.", + "title": "Value", + "type": "string" } }, "required": [ - "Active" + "Key", + "Value" ], "type": "object" }, - "AWS::Lex::Bot.GrammarSlotTypeSetting": { + "AWS::IoT::TopicRule.HttpAuthorization": { "additionalProperties": false, "properties": { - "Source": { - "$ref": "#/definitions/AWS::Lex::Bot.GrammarSlotTypeSource", - "markdownDescription": "The source of the grammar used to create the slot type.", - "title": "Source" + "Sigv4": { + "$ref": "#/definitions/AWS::IoT::TopicRule.SigV4Authorization", + "markdownDescription": "Use Sig V4 authorization. For more information, see [Signature Version 4 Signing Process](https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) .", + "title": "Sigv4" } }, "type": "object" }, - "AWS::Lex::Bot.GrammarSlotTypeSource": { + "AWS::IoT::TopicRule.IotAnalyticsAction": { "additionalProperties": false, "properties": { - "KmsKeyArn": { - "markdownDescription": "The AWS KMS key required to decrypt the contents of the grammar, if any.", - "title": "KmsKeyArn", - "type": "string" + "BatchMode": { + "markdownDescription": "Whether to process the action as a batch. The default value is `false` .\n\nWhen `batchMode` is `true` and the rule SQL statement evaluates to an Array, each Array element is delivered as a separate message when passed by [`BatchPutMessage`](https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_BatchPutMessage.html) The resulting array can't have more than 100 messages.", + "title": "BatchMode", + "type": "boolean" }, - "S3BucketName": { - "markdownDescription": "The name of the Amazon S3 bucket that contains the grammar source.", - "title": "S3BucketName", + "ChannelName": { + "markdownDescription": "The name of the IoT Analytics channel to which message data will be sent.", + "title": "ChannelName", "type": "string" }, - "S3ObjectKey": { - "markdownDescription": "The path to the grammar in the Amazon S3 bucket.", - "title": "S3ObjectKey", + "RoleArn": { + "markdownDescription": "The ARN of the role which has a policy that grants IoT Analytics permission to send message data via IoT Analytics (iotanalytics:BatchPutMessage).", + "title": "RoleArn", "type": "string" } }, "required": [ - "S3BucketName", - "S3ObjectKey" + "ChannelName", + "RoleArn" ], "type": "object" }, - "AWS::Lex::Bot.ImageResponseCard": { + "AWS::IoT::TopicRule.IotEventsAction": { "additionalProperties": false, "properties": { - "Buttons": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.Button" - }, - "markdownDescription": "A list of buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button.", - "title": "Buttons", - "type": "array" + "BatchMode": { + "markdownDescription": "Whether to process the event actions as a batch. The default value is `false` .\n\nWhen `batchMode` is `true` , you can't specify a `messageId` .\n\nWhen `batchMode` is `true` and the rule SQL statement evaluates to an Array, each Array element is treated as a separate message when Events by calling [`BatchPutMessage`](https://docs.aws.amazon.com/iotevents/latest/apireference/API_iotevents-data_BatchPutMessage.html) . The resulting array can't have more than 10 messages.", + "title": "BatchMode", + "type": "boolean" }, - "ImageUrl": { - "markdownDescription": "The URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.", - "title": "ImageUrl", + "InputName": { + "markdownDescription": "The name of the AWS IoT Events input.", + "title": "InputName", "type": "string" }, - "Subtitle": { - "markdownDescription": "The subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.", - "title": "Subtitle", + "MessageId": { + "markdownDescription": "The ID of the message. The default `messageId` is a new UUID value.\n\nWhen `batchMode` is `true` , you can't specify a `messageId` --a new UUID value will be assigned.\n\nAssign a value to this property to ensure that only one input (message) with a given `messageId` will be processed by an AWS IoT Events detector.", + "title": "MessageId", "type": "string" }, - "Title": { - "markdownDescription": "The title to display on the response card. The format of the title is determined by the platform displaying the response card.", - "title": "Title", + "RoleArn": { + "markdownDescription": "The ARN of the role that grants AWS IoT permission to send an input to an AWS IoT Events detector. (\"Action\":\"iotevents:BatchPutMessage\").", + "title": "RoleArn", "type": "string" } }, "required": [ - "Title" + "InputName", + "RoleArn" ], "type": "object" }, - "AWS::Lex::Bot.InitialResponseSetting": { + "AWS::IoT::TopicRule.IotSiteWiseAction": { "additionalProperties": false, "properties": { - "CodeHook": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogCodeHookInvocationSetting", - "markdownDescription": "Settings that specify the dialog code hook that is called by Amazon Lex at a step of the conversation.", - "title": "CodeHook" - }, - "Conditional": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", - "markdownDescription": "Provides a list of conditional branches. Branches are evaluated in the order that they are entered in the list. The first branch with a condition that evaluates to true is executed. The last branch in the list is the default branch. The default branch should not have any condition expression. The default branch is executed if no other branch has a matching condition.", - "title": "Conditional" - }, - "InitialResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input.", - "title": "InitialResponse" + "PutAssetPropertyValueEntries": { + "items": { + "$ref": "#/definitions/AWS::IoT::TopicRule.PutAssetPropertyValueEntry" + }, + "markdownDescription": "A list of asset property value entries.", + "title": "PutAssetPropertyValueEntries", + "type": "array" }, - "NextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "The next step in the conversation.", - "title": "NextStep" - } - }, - "type": "object" - }, - "AWS::Lex::Bot.InputContext": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the context.", - "title": "Name", + "RoleArn": { + "markdownDescription": "The ARN of the role that grants AWS IoT permission to send an asset property value to AWS IoT SiteWise. ( `\"Action\": \"iotsitewise:BatchPutAssetPropertyValue\"` ). The trust policy can restrict access to specific asset hierarchy paths.", + "title": "RoleArn", "type": "string" } }, "required": [ - "Name" + "PutAssetPropertyValueEntries", + "RoleArn" ], "type": "object" }, - "AWS::Lex::Bot.Intent": { + "AWS::IoT::TopicRule.KafkaAction": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the intent. Use the description to help identify the intent in lists.", - "title": "Description", - "type": "string" - }, - "DialogCodeHook": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogCodeHookSetting", - "markdownDescription": "Specifies that Amazon Lex invokes the alias Lambda function for each user input. You can invoke this Lambda function to personalize user interaction.", - "title": "DialogCodeHook" - }, - "FulfillmentCodeHook": { - "$ref": "#/definitions/AWS::Lex::Bot.FulfillmentCodeHookSetting", - "markdownDescription": "Specifies that Amazon Lex invokes the alias Lambda function when the intent is ready for fulfillment. You can invoke this function to complete the bot's transaction with the user.", - "title": "FulfillmentCodeHook" - }, - "InitialResponseSetting": { - "$ref": "#/definitions/AWS::Lex::Bot.InitialResponseSetting", - "markdownDescription": "Configuration setting for a response sent to the user before Amazon Lex starts eliciting slots.", - "title": "InitialResponseSetting" - }, - "InputContexts": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.InputContext" + "ClientProperties": { + "additionalProperties": true, + "markdownDescription": "Properties of the Apache Kafka producer client.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "A list of contexts that must be active for this intent to be considered by Amazon Lex .", - "title": "InputContexts", - "type": "array" - }, - "IntentClosingSetting": { - "$ref": "#/definitions/AWS::Lex::Bot.IntentClosingSetting", - "markdownDescription": "Sets the response that Amazon Lex sends to the user when the intent is closed.", - "title": "IntentClosingSetting" - }, - "IntentConfirmationSetting": { - "$ref": "#/definitions/AWS::Lex::Bot.IntentConfirmationSetting", - "markdownDescription": "Provides prompts that Amazon Lex sends to the user to confirm the completion of an intent. If the user answers \"no,\" the settings contain a statement that is sent to the user to end the intent.", - "title": "IntentConfirmationSetting" - }, - "KendraConfiguration": { - "$ref": "#/definitions/AWS::Lex::Bot.KendraConfiguration", - "markdownDescription": "Provides configuration information for the `AMAZON.KendraSearchIntent` intent. When you use this intent, Amazon Lex searches the specified Amazon Kendra index and returns documents from the index that match the user's utterance.", - "title": "KendraConfiguration" + "title": "ClientProperties", + "type": "object" }, - "Name": { - "markdownDescription": "The name of the intent. Intent names must be unique within the locale that contains the intent and can't match the name of any built-in intent.", - "title": "Name", + "DestinationArn": { + "markdownDescription": "The ARN of Kafka action's VPC `TopicRuleDestination` .", + "title": "DestinationArn", "type": "string" }, - "OutputContexts": { + "Headers": { "items": { - "$ref": "#/definitions/AWS::Lex::Bot.OutputContext" + "$ref": "#/definitions/AWS::IoT::TopicRule.KafkaActionHeader" }, - "markdownDescription": "A list of contexts that the intent activates when it is fulfilled.", - "title": "OutputContexts", + "markdownDescription": "The list of Kafka headers that you specify.", + "title": "Headers", "type": "array" }, - "ParentIntentSignature": { - "markdownDescription": "A unique identifier for the built-in intent to base this intent on.", - "title": "ParentIntentSignature", + "Key": { + "markdownDescription": "The Kafka message key.", + "title": "Key", "type": "string" }, - "SampleUtterances": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.SampleUtterance" - }, - "markdownDescription": "A list of utterances that a user might say to signal the intent.", - "title": "SampleUtterances", - "type": "array" - }, - "SlotPriorities": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.SlotPriority" - }, - "markdownDescription": "Indicates the priority for slots. Amazon Lex prompts the user for slot values in priority order.", - "title": "SlotPriorities", - "type": "array" + "Partition": { + "markdownDescription": "The Kafka message partition.", + "title": "Partition", + "type": "string" }, - "Slots": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.Slot" - }, - "markdownDescription": "A list of slots that the intent requires for fulfillment.", - "title": "Slots", - "type": "array" + "Topic": { + "markdownDescription": "The Kafka topic for messages to be sent to the Kafka broker.", + "title": "Topic", + "type": "string" } }, "required": [ - "Name" + "ClientProperties", + "DestinationArn", + "Topic" ], "type": "object" }, - "AWS::Lex::Bot.IntentClosingSetting": { + "AWS::IoT::TopicRule.KafkaActionHeader": { "additionalProperties": false, "properties": { - "ClosingResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "The response that Amazon Lex sends to the user when the intent is complete.", - "title": "ClosingResponse" - }, - "Conditional": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", - "markdownDescription": "A list of conditional branches associated with the intent's closing response. These branches are executed when the `nextStep` attribute is set to `EvalutateConditional` .", - "title": "Conditional" - }, - "IsActive": { - "markdownDescription": "Specifies whether an intent's closing response is used. When this field is false, the closing response isn't sent to the user. If the `IsActive` field isn't specified, the default is true.", - "title": "IsActive", - "type": "boolean" + "Key": { + "markdownDescription": "The key of the Kafka header.", + "title": "Key", + "type": "string" }, - "NextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "Specifies the next step that the bot executes after playing the intent's closing response.", - "title": "NextStep" + "Value": { + "markdownDescription": "The value of the Kafka header.", + "title": "Value", + "type": "string" } }, + "required": [ + "Key", + "Value" + ], "type": "object" }, - "AWS::Lex::Bot.IntentConfirmationSetting": { + "AWS::IoT::TopicRule.KinesisAction": { "additionalProperties": false, "properties": { - "CodeHook": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogCodeHookInvocationSetting", - "markdownDescription": "The `DialogCodeHookInvocationSetting` object associated with intent's confirmation step. The dialog code hook is triggered based on these invocation settings when the confirmation next step or declination next step or failure next step is `InvokeDialogCodeHook` .", - "title": "CodeHook" - }, - "ConfirmationConditional": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", - "markdownDescription": "A list of conditional branches to evaluate after the intent is closed.", - "title": "ConfirmationConditional" - }, - "ConfirmationNextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "Specifies the next step that the bot executes when the customer confirms the intent.", - "title": "ConfirmationNextStep" - }, - "ConfirmationResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input.", - "title": "ConfirmationResponse" - }, - "DeclinationConditional": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", - "markdownDescription": "A list of conditional branches to evaluate after the intent is declined.", - "title": "DeclinationConditional" - }, - "DeclinationNextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "Specifies the next step that the bot executes when the customer declines the intent.", - "title": "DeclinationNextStep" - }, - "DeclinationResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "When the user answers \"no\" to the question defined in `promptSpecification` , Amazon Lex responds with this response to acknowledge that the intent was canceled.", - "title": "DeclinationResponse" - }, - "ElicitationCodeHook": { - "$ref": "#/definitions/AWS::Lex::Bot.ElicitationCodeHookInvocationSetting", - "markdownDescription": "The `DialogCodeHookInvocationSetting` used when the code hook is invoked during confirmation prompt retries.", - "title": "ElicitationCodeHook" - }, - "FailureConditional": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", - "markdownDescription": "Provides a list of conditional branches. Branches are evaluated in the order that they are entered in the list. The first branch with a condition that evaluates to true is executed. The last branch in the list is the default branch. The default branch should not have any condition expression. The default branch is executed if no other branch has a matching condition.", - "title": "FailureConditional" - }, - "FailureNextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "The next step to take in the conversation if the confirmation step fails.", - "title": "FailureNextStep" - }, - "FailureResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input when the intent confirmation fails.", - "title": "FailureResponse" + "PartitionKey": { + "markdownDescription": "The partition key.", + "title": "PartitionKey", + "type": "string" }, - "IsActive": { - "markdownDescription": "Specifies whether the intent's confirmation is sent to the user. When this field is false, confirmation and declination responses aren't sent. If the `IsActive` field isn't specified, the default is true.", - "title": "IsActive", - "type": "boolean" + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that grants access to the Amazon Kinesis stream.", + "title": "RoleArn", + "type": "string" }, - "PromptSpecification": { - "$ref": "#/definitions/AWS::Lex::Bot.PromptSpecification", - "markdownDescription": "Prompts the user to confirm the intent. This question should have a yes or no answer.\n\nAmazon Lex uses this prompt to ensure that the user acknowledges that the intent is ready for fulfillment. For example, with the `OrderPizza` intent, you might want to confirm that the order is correct before placing it. For other intents, such as intents that simply respond to user questions, you might not need to ask the user for confirmation before providing the information.", - "title": "PromptSpecification" + "StreamName": { + "markdownDescription": "The name of the Amazon Kinesis stream.", + "title": "StreamName", + "type": "string" } }, "required": [ - "PromptSpecification" + "RoleArn", + "StreamName" ], "type": "object" }, - "AWS::Lex::Bot.IntentOverride": { + "AWS::IoT::TopicRule.LambdaAction": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the intent. Only required when you're switching intents.", - "title": "Name", + "FunctionArn": { + "markdownDescription": "The ARN of the Lambda function.", + "title": "FunctionArn", "type": "string" - }, - "Slots": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.SlotValueOverrideMap" - }, - "markdownDescription": "A map of all of the slot value overrides for the intent. The name of the slot maps to the value of the slot. Slots that are not included in the map aren't overridden.", - "title": "Slots", - "type": "array" } }, "type": "object" }, - "AWS::Lex::Bot.KendraConfiguration": { + "AWS::IoT::TopicRule.LocationAction": { "additionalProperties": false, "properties": { - "KendraIndex": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Kendra index that you want the `AMAZON.KendraSearchIntent` intent to search. The index must be in the same account and Region as the Amazon Lex bot.", - "title": "KendraIndex", + "DeviceId": { + "markdownDescription": "The unique ID of the device providing the location data.", + "title": "DeviceId", "type": "string" }, - "QueryFilterString": { - "markdownDescription": "A query filter that Amazon Lex sends to Amazon Kendra to filter the response from a query. The filter is in the format defined by Amazon Kendra. For more information, see [Filtering queries](https://docs.aws.amazon.com/kendra/latest/dg/filtering.html) .", - "title": "QueryFilterString", + "Latitude": { + "markdownDescription": "A string that evaluates to a double value that represents the latitude of the device's location.", + "title": "Latitude", "type": "string" }, - "QueryFilterStringEnabled": { - "markdownDescription": "Determines whether the `AMAZON.KendraSearchIntent` intent uses a custom query string to query the Amazon Kendra index.", - "title": "QueryFilterStringEnabled", - "type": "boolean" + "Longitude": { + "markdownDescription": "A string that evaluates to a double value that represents the longitude of the device's location.", + "title": "Longitude", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The IAM role that grants permission to write to the Amazon Location resource.", + "title": "RoleArn", + "type": "string" + }, + "Timestamp": { + "$ref": "#/definitions/AWS::IoT::TopicRule.Timestamp", + "markdownDescription": "The time that the location data was sampled. The default value is the time the MQTT message was processed.", + "title": "Timestamp" + }, + "TrackerName": { + "markdownDescription": "The name of the tracker resource in Amazon Location in which the location is updated.", + "title": "TrackerName", + "type": "string" } }, "required": [ - "KendraIndex" + "DeviceId", + "Latitude", + "Longitude", + "RoleArn", + "TrackerName" ], "type": "object" }, - "AWS::Lex::Bot.LambdaCodeHook": { + "AWS::IoT::TopicRule.OpenSearchAction": { "additionalProperties": false, "properties": { - "CodeHookInterfaceVersion": { - "markdownDescription": "The version of the request-response that you want Amazon Lex to use to invoke your Lambda function.", - "title": "CodeHookInterfaceVersion", + "Endpoint": { + "markdownDescription": "The endpoint of your OpenSearch domain.", + "title": "Endpoint", "type": "string" }, - "LambdaArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function.", - "title": "LambdaArn", + "Id": { + "markdownDescription": "The unique identifier for the document you are storing.", + "title": "Id", + "type": "string" + }, + "Index": { + "markdownDescription": "The OpenSearch index where you want to store your data.", + "title": "Index", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The IAM role ARN that has access to OpenSearch.", + "title": "RoleArn", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of document you are storing.", + "title": "Type", "type": "string" } }, "required": [ - "CodeHookInterfaceVersion", - "LambdaArn" + "Endpoint", + "Id", + "Index", + "RoleArn", + "Type" ], "type": "object" }, - "AWS::Lex::Bot.Message": { + "AWS::IoT::TopicRule.PutAssetPropertyValueEntry": { "additionalProperties": false, "properties": { - "CustomPayload": { - "$ref": "#/definitions/AWS::Lex::Bot.CustomPayload", - "markdownDescription": "A message in a custom format defined by the client application.", - "title": "CustomPayload" + "AssetId": { + "markdownDescription": "The ID of the AWS IoT SiteWise asset. You must specify either a `propertyAlias` or both an `aliasId` and a `propertyId` . Accepts substitution templates.", + "title": "AssetId", + "type": "string" }, - "ImageResponseCard": { - "$ref": "#/definitions/AWS::Lex::Bot.ImageResponseCard", - "markdownDescription": "A message that defines a response card that the client application can show to the user.", - "title": "ImageResponseCard" + "EntryId": { + "markdownDescription": "Optional. A unique identifier for this entry that you can define to better track which message caused an error in case of failure. Accepts substitution templates. Defaults to a new UUID.", + "title": "EntryId", + "type": "string" }, - "PlainTextMessage": { - "$ref": "#/definitions/AWS::Lex::Bot.PlainTextMessage", - "markdownDescription": "A message in plain text format.", - "title": "PlainTextMessage" + "PropertyAlias": { + "markdownDescription": "The name of the property alias associated with your asset property. You must specify either a `propertyAlias` or both an `aliasId` and a `propertyId` . Accepts substitution templates.", + "title": "PropertyAlias", + "type": "string" }, - "SSMLMessage": { - "$ref": "#/definitions/AWS::Lex::Bot.SSMLMessage", - "markdownDescription": "A message in Speech Synthesis Markup Language (SSML).", - "title": "SSMLMessage" - } - }, - "type": "object" - }, - "AWS::Lex::Bot.MessageGroup": { - "additionalProperties": false, - "properties": { - "Message": { - "$ref": "#/definitions/AWS::Lex::Bot.Message", - "markdownDescription": "The primary message that Amazon Lex should send to the user.", - "title": "Message" + "PropertyId": { + "markdownDescription": "The ID of the asset's property. You must specify either a `propertyAlias` or both an `aliasId` and a `propertyId` . Accepts substitution templates.", + "title": "PropertyId", + "type": "string" }, - "Variations": { + "PropertyValues": { "items": { - "$ref": "#/definitions/AWS::Lex::Bot.Message" + "$ref": "#/definitions/AWS::IoT::TopicRule.AssetPropertyValue" }, - "markdownDescription": "Message variations to send to the user. When variations are defined, Amazon Lex chooses the primary message or one of the variations to send to the user.", - "title": "Variations", + "markdownDescription": "A list of property values to insert that each contain timestamp, quality, and value (TQV) information.", + "title": "PropertyValues", "type": "array" } }, "required": [ - "Message" + "PropertyValues" ], "type": "object" }, - "AWS::Lex::Bot.MultipleValuesSetting": { - "additionalProperties": false, - "properties": { - "AllowMultipleValues": { - "markdownDescription": "Indicates whether a slot can return multiple values. When `true` , the slot may return more than one value in a response. When `false` , the slot returns only a single value.\n\nMulti-value slots are only available in the en-US locale. If you set this value to `true` in any other locale, Amazon Lex throws a `ValidationException` .\n\nIf the `allowMutlipleValues` is not set, the default value is `false` .", - "title": "AllowMultipleValues", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::Lex::Bot.ObfuscationSetting": { + "AWS::IoT::TopicRule.PutItemInput": { "additionalProperties": false, "properties": { - "ObfuscationSettingType": { - "markdownDescription": "Value that determines whether Amazon Lex obscures slot values in conversation logs. The default is to obscure the values.", - "title": "ObfuscationSettingType", + "TableName": { + "markdownDescription": "The table where the message data will be written.", + "title": "TableName", "type": "string" } }, "required": [ - "ObfuscationSettingType" + "TableName" ], "type": "object" }, - "AWS::Lex::Bot.OutputContext": { + "AWS::IoT::TopicRule.RepublishAction": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the output context.", - "title": "Name", - "type": "string" + "Headers": { + "$ref": "#/definitions/AWS::IoT::TopicRule.RepublishActionHeaders", + "markdownDescription": "MQTT Version 5.0 headers information. For more information, see [MQTT](https://docs.aws.amazon.com//iot/latest/developerguide/mqtt.html) in the IoT Core Developer Guide.", + "title": "Headers" }, - "TimeToLiveInSeconds": { - "markdownDescription": "The amount of time, in seconds, that the output context should remain active. The time is figured from the first time the context is sent to the user.", - "title": "TimeToLiveInSeconds", + "Qos": { + "markdownDescription": "The Quality of Service (QoS) level to use when republishing messages. The default value is 0.", + "title": "Qos", "type": "number" }, - "TurnsToLive": { - "markdownDescription": "The number of conversation turns that the output context should remain active. The number of turns is counted from the first time that the context is sent to the user.", - "title": "TurnsToLive", - "type": "number" - } - }, - "required": [ - "Name", - "TimeToLiveInSeconds", - "TurnsToLive" - ], - "type": "object" - }, - "AWS::Lex::Bot.PlainTextMessage": { - "additionalProperties": false, - "properties": { - "Value": { - "markdownDescription": "The message to send to the user.", - "title": "Value", + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that grants access.", + "title": "RoleArn", + "type": "string" + }, + "Topic": { + "markdownDescription": "The name of the MQTT topic.", + "title": "Topic", "type": "string" } }, "required": [ - "Value" + "RoleArn", + "Topic" ], "type": "object" }, - "AWS::Lex::Bot.PostDialogCodeHookInvocationSpecification": { - "additionalProperties": false, - "properties": { - "FailureConditional": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", - "markdownDescription": "A list of conditional branches to evaluate after the dialog code hook throws an exception or returns with the `State` field of the `Intent` object set to `Failed` .", - "title": "FailureConditional" - }, - "FailureNextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "Specifies the next step the bot runs after the dialog code hook throws an exception or returns with the `State` field of the `Intent` object set to `Failed` .", - "title": "FailureNextStep" - }, - "FailureResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input when the code hook fails.", - "title": "FailureResponse" - }, - "SuccessConditional": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", - "markdownDescription": "A list of conditional branches to evaluate after the dialog code hook finishes successfully.", - "title": "SuccessConditional" - }, - "SuccessNextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "Specifics the next step the bot runs after the dialog code hook finishes successfully.", - "title": "SuccessNextStep" - }, - "SuccessResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond when the code hook succeeds.", - "title": "SuccessResponse" - }, - "TimeoutConditional": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", - "markdownDescription": "A list of conditional branches to evaluate if the code hook times out.", - "title": "TimeoutConditional" - }, - "TimeoutNextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "Specifies the next step that the bot runs when the code hook times out.", - "title": "TimeoutNextStep" - }, - "TimeoutResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond to the user input when the code hook times out.", - "title": "TimeoutResponse" - } - }, - "type": "object" - }, - "AWS::Lex::Bot.PostFulfillmentStatusSpecification": { + "AWS::IoT::TopicRule.RepublishActionHeaders": { "additionalProperties": false, "properties": { - "FailureConditional": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", - "markdownDescription": "A list of conditional branches to evaluate after the fulfillment code hook throws an exception or returns with the `State` field of the `Intent` object set to `Failed` .", - "title": "FailureConditional" - }, - "FailureNextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "Specifies the next step the bot runs after the fulfillment code hook throws an exception or returns with the `State` field of the `Intent` object set to `Failed` .", - "title": "FailureNextStep" - }, - "FailureResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond when fulfillment isn't successful.", - "title": "FailureResponse" - }, - "SuccessConditional": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", - "markdownDescription": "A list of conditional branches to evaluate after the fulfillment code hook finishes successfully.", - "title": "SuccessConditional" + "ContentType": { + "markdownDescription": "A UTF-8 encoded string that describes the content of the publishing message.\n\nFor more information, see [Content Type](https://docs.aws.amazon.com/https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901118) in the MQTT Version 5.0 specification.\n\nSupports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) .", + "title": "ContentType", + "type": "string" }, - "SuccessNextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "Specifies the next step in the conversation that Amazon Lex invokes when the fulfillment code hook completes successfully.", - "title": "SuccessNextStep" + "CorrelationData": { + "markdownDescription": "The base64-encoded binary data used by the sender of the request message to identify which request the response message is for.\n\nFor more information, see [Correlation Data](https://docs.aws.amazon.com/https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901115) in the MQTT Version 5.0 specification.\n\nSupports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) .\n\n> This binary data must be base64-encoded.", + "title": "CorrelationData", + "type": "string" }, - "SuccessResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond when the fulfillment is successful.", - "title": "SuccessResponse" + "MessageExpiry": { + "markdownDescription": "A user-defined integer value that represents the message expiry interval at the broker. If the messages haven't been sent to the subscribers within that interval, the message expires and is removed. The value of `messageExpiry` represents the number of seconds before it expires. For more information about the limits of `messageExpiry` , see [Message broker and protocol limits and quotas](https://docs.aws.amazon.com//general/latest/gr/iot-core.html#limits_iot) in the IoT Core Reference Guide.\n\nSupports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) .", + "title": "MessageExpiry", + "type": "string" }, - "TimeoutConditional": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", - "markdownDescription": "A list of conditional branches to evaluate if the fulfillment code hook times out.", - "title": "TimeoutConditional" + "PayloadFormatIndicator": { + "markdownDescription": "An `Enum` string value that indicates whether the payload is formatted as UTF-8.\n\nValid values are `UNSPECIFIED_BYTES` and `UTF8_DATA` .\n\nFor more information, see [Payload Format Indicator](https://docs.aws.amazon.com/https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901111) from the MQTT Version 5.0 specification.\n\nSupports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) .", + "title": "PayloadFormatIndicator", + "type": "string" }, - "TimeoutNextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "Specifies the next step that the bot runs when the fulfillment code hook times out.", - "title": "TimeoutNextStep" + "ResponseTopic": { + "markdownDescription": "A UTF-8 encoded string that's used as the topic name for a response message. The response topic is used to describe the topic to which the receiver should publish as part of the request-response flow. The topic must not contain wildcard characters.\n\nFor more information, see [Response Topic](https://docs.aws.amazon.com/https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901114) in the MQTT Version 5.0 specification.\n\nSupports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) .", + "title": "ResponseTopic", + "type": "string" }, - "TimeoutResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond when fulfillment isn't completed within the timeout period.", - "title": "TimeoutResponse" + "UserProperties": { + "items": { + "$ref": "#/definitions/AWS::IoT::TopicRule.UserProperty" + }, + "markdownDescription": "An array of key-value pairs that you define in the MQTT5 header.", + "title": "UserProperties", + "type": "array" } }, "type": "object" }, - "AWS::Lex::Bot.PromptAttemptSpecification": { + "AWS::IoT::TopicRule.S3Action": { "additionalProperties": false, "properties": { - "AllowInterrupt": { - "markdownDescription": "Indicates whether the user can interrupt a speech prompt attempt from the bot.", - "title": "AllowInterrupt", - "type": "boolean" + "BucketName": { + "markdownDescription": "The Amazon S3 bucket.", + "title": "BucketName", + "type": "string" }, - "AllowedInputTypes": { - "$ref": "#/definitions/AWS::Lex::Bot.AllowedInputTypes", - "markdownDescription": "Indicates the allowed input types of the prompt attempt.", - "title": "AllowedInputTypes" + "CannedAcl": { + "markdownDescription": "The Amazon S3 canned ACL that controls access to the object identified by the object key. For more information, see [S3 canned ACLs](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) .", + "title": "CannedAcl", + "type": "string" }, - "AudioAndDTMFInputSpecification": { - "$ref": "#/definitions/AWS::Lex::Bot.AudioAndDTMFInputSpecification", - "markdownDescription": "Specifies the settings on audio and DTMF input.", - "title": "AudioAndDTMFInputSpecification" + "Key": { + "markdownDescription": "The object key. For more information, see [Actions, resources, and condition keys for Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/dev/list_amazons3.html) .", + "title": "Key", + "type": "string" }, - "TextInputSpecification": { - "$ref": "#/definitions/AWS::Lex::Bot.TextInputSpecification", - "markdownDescription": "Specifies the settings on text input.", - "title": "TextInputSpecification" + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that grants access.", + "title": "RoleArn", + "type": "string" } }, "required": [ - "AllowedInputTypes" + "BucketName", + "Key", + "RoleArn" ], "type": "object" }, - "AWS::Lex::Bot.PromptSpecification": { + "AWS::IoT::TopicRule.SigV4Authorization": { "additionalProperties": false, "properties": { - "AllowInterrupt": { - "markdownDescription": "Indicates whether the user can interrupt a speech prompt from the bot.", - "title": "AllowInterrupt", - "type": "boolean" - }, - "MaxRetries": { - "markdownDescription": "The maximum number of times the bot tries to elicit a response from the user using this prompt.", - "title": "MaxRetries", - "type": "number" - }, - "MessageGroupsList": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.MessageGroup" - }, - "markdownDescription": "A collection of messages that Amazon Lex can send to the user. Amazon Lex chooses the actual message to send at runtime.", - "title": "MessageGroupsList", - "type": "array" + "RoleArn": { + "markdownDescription": "The ARN of the signing role.", + "title": "RoleArn", + "type": "string" }, - "MessageSelectionStrategy": { - "markdownDescription": "Indicates how a message is selected from a message group among retries.", - "title": "MessageSelectionStrategy", + "ServiceName": { + "markdownDescription": "The service name to use while signing with Sig V4.", + "title": "ServiceName", "type": "string" }, - "PromptAttemptsSpecification": { - "additionalProperties": false, - "markdownDescription": "Specifies the advanced settings on each attempt of the prompt.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::Lex::Bot.PromptAttemptSpecification" - } - }, - "title": "PromptAttemptsSpecification", - "type": "object" + "SigningRegion": { + "markdownDescription": "The signing region.", + "title": "SigningRegion", + "type": "string" } }, "required": [ - "MaxRetries", - "MessageGroupsList" + "RoleArn", + "ServiceName", + "SigningRegion" ], "type": "object" }, - "AWS::Lex::Bot.ResponseSpecification": { + "AWS::IoT::TopicRule.SnsAction": { "additionalProperties": false, "properties": { - "AllowInterrupt": { - "markdownDescription": "Indicates whether the user can interrupt a speech response from Amazon Lex.", - "title": "AllowInterrupt", - "type": "boolean" + "MessageFormat": { + "markdownDescription": "(Optional) The message format of the message to publish. Accepted values are \"JSON\" and \"RAW\". The default value of the attribute is \"RAW\". SNS uses this setting to determine if the payload should be parsed and relevant platform-specific bits of the payload should be extracted. For more information, see [Amazon SNS Message and JSON Formats](https://docs.aws.amazon.com/sns/latest/dg/json-formats.html) in the *Amazon Simple Notification Service Developer Guide* .", + "title": "MessageFormat", + "type": "string" }, - "MessageGroupsList": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.MessageGroup" - }, - "markdownDescription": "A collection of responses that Amazon Lex can send to the user. Amazon Lex chooses the actual response to send at runtime.", - "title": "MessageGroupsList", - "type": "array" + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that grants access.", + "title": "RoleArn", + "type": "string" + }, + "TargetArn": { + "markdownDescription": "The ARN of the SNS topic.", + "title": "TargetArn", + "type": "string" } }, "required": [ - "MessageGroupsList" + "RoleArn", + "TargetArn" ], "type": "object" }, - "AWS::Lex::Bot.S3BucketLogDestination": { + "AWS::IoT::TopicRule.SqsAction": { "additionalProperties": false, "properties": { - "KmsKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Key Management Service (KMS) key for encrypting audio log files stored in an Amazon S3 bucket.", - "title": "KmsKeyArn", + "QueueUrl": { + "markdownDescription": "The URL of the Amazon SQS queue.", + "title": "QueueUrl", "type": "string" }, - "LogPrefix": { - "markdownDescription": "The S3 prefix to assign to audio log files.", - "title": "LogPrefix", + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that grants access.", + "title": "RoleArn", "type": "string" }, - "S3BucketArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an Amazon S3 bucket where audio log files are stored.", - "title": "S3BucketArn", - "type": "string" + "UseBase64": { + "markdownDescription": "Specifies whether to use Base64 encoding.", + "title": "UseBase64", + "type": "boolean" } }, "required": [ - "LogPrefix", - "S3BucketArn" + "QueueUrl", + "RoleArn" ], "type": "object" }, - "AWS::Lex::Bot.S3Location": { + "AWS::IoT::TopicRule.StepFunctionsAction": { "additionalProperties": false, "properties": { - "S3Bucket": { - "markdownDescription": "The S3 bucket name.", - "title": "S3Bucket", + "ExecutionNamePrefix": { + "markdownDescription": "(Optional) A name will be given to the state machine execution consisting of this prefix followed by a UUID. Step Functions automatically creates a unique name for each state machine execution if one is not provided.", + "title": "ExecutionNamePrefix", "type": "string" }, - "S3ObjectKey": { - "markdownDescription": "The path and file name to the object in the S3 bucket.", - "title": "S3ObjectKey", + "RoleArn": { + "markdownDescription": "The ARN of the role that grants IoT permission to start execution of a state machine (\"Action\":\"states:StartExecution\").", + "title": "RoleArn", "type": "string" }, - "S3ObjectVersion": { - "markdownDescription": "The version of the object in the S3 bucket.", - "title": "S3ObjectVersion", + "StateMachineName": { + "markdownDescription": "The name of the Step Functions state machine whose execution will be started.", + "title": "StateMachineName", "type": "string" } }, "required": [ - "S3Bucket", - "S3ObjectKey" + "RoleArn", + "StateMachineName" ], "type": "object" }, - "AWS::Lex::Bot.SSMLMessage": { + "AWS::IoT::TopicRule.Timestamp": { "additionalProperties": false, "properties": { + "Unit": { + "markdownDescription": "The precision of the timestamp value that results from the expression described in `value` .", + "title": "Unit", + "type": "string" + }, "Value": { - "markdownDescription": "The SSML text that defines the prompt.", + "markdownDescription": "An expression that returns a long epoch time value.", "title": "Value", "type": "string" } @@ -145393,561 +149867,404 @@ ], "type": "object" }, - "AWS::Lex::Bot.SampleUtterance": { + "AWS::IoT::TopicRule.TimestreamAction": { "additionalProperties": false, "properties": { - "Utterance": { - "markdownDescription": "A sample utterance that invokes an intent or respond to a slot elicitation prompt.", - "title": "Utterance", + "DatabaseName": { + "markdownDescription": "The name of an Amazon Timestream database that has the table to write records into.", + "title": "DatabaseName", + "type": "string" + }, + "Dimensions": { + "items": { + "$ref": "#/definitions/AWS::IoT::TopicRule.TimestreamDimension" + }, + "markdownDescription": "Metadata attributes of the time series that are written in each measure record.", + "title": "Dimensions", + "type": "array" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role that grants AWS IoT permission to write to the Timestream database table.", + "title": "RoleArn", + "type": "string" + }, + "TableName": { + "markdownDescription": "The table where the message data will be written.", + "title": "TableName", "type": "string" + }, + "Timestamp": { + "$ref": "#/definitions/AWS::IoT::TopicRule.TimestreamTimestamp", + "markdownDescription": "The value to use for the entry's timestamp. If blank, the time that the entry was processed is used.", + "title": "Timestamp" } }, "required": [ - "Utterance" + "DatabaseName", + "Dimensions", + "RoleArn", + "TableName" ], "type": "object" }, - "AWS::Lex::Bot.SampleValue": { + "AWS::IoT::TopicRule.TimestreamDimension": { "additionalProperties": false, "properties": { + "Name": { + "markdownDescription": "The metadata dimension name. This is the name of the column in the Amazon Timestream database table record.", + "title": "Name", + "type": "string" + }, "Value": { - "markdownDescription": "The value that can be used for a slot type.", + "markdownDescription": "The value to write in this column of the database record.", "title": "Value", "type": "string" } }, "required": [ + "Name", "Value" ], "type": "object" }, - "AWS::Lex::Bot.SentimentAnalysisSettings": { - "additionalProperties": false, - "properties": { - "DetectSentiment": { - "markdownDescription": "Sets whether Amazon Lex uses Amazon Comprehend to detect the sentiment of user utterances.", - "title": "DetectSentiment", - "type": "boolean" - } - }, - "required": [ - "DetectSentiment" - ], - "type": "object" - }, - "AWS::Lex::Bot.SessionAttribute": { + "AWS::IoT::TopicRule.TimestreamTimestamp": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The name of the session attribute.", - "title": "Key", + "Unit": { + "markdownDescription": "The precision of the timestamp value that results from the expression described in `value` .", + "title": "Unit", "type": "string" }, "Value": { - "markdownDescription": "The session-specific context information for the session attribute.", + "markdownDescription": "An expression that returns a long epoch time value.", "title": "Value", "type": "string" } }, "required": [ - "Key" + "Unit", + "Value" ], "type": "object" }, - "AWS::Lex::Bot.Slot": { + "AWS::IoT::TopicRule.TopicRulePayload": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the slot.", - "title": "Description", - "type": "string" - }, - "MultipleValuesSetting": { - "$ref": "#/definitions/AWS::Lex::Bot.MultipleValuesSetting", - "markdownDescription": "Indicates whether a slot can return multiple values.", - "title": "MultipleValuesSetting" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::IoT::TopicRule.Action" + }, + "markdownDescription": "The actions associated with the rule.", + "title": "Actions", + "type": "array" }, - "Name": { - "markdownDescription": "The name given to the slot.", - "title": "Name", + "AwsIotSqlVersion": { + "markdownDescription": "The version of the SQL rules engine to use when evaluating the rule.\n\nThe default value is 2015-10-08.", + "title": "AwsIotSqlVersion", "type": "string" }, - "ObfuscationSetting": { - "$ref": "#/definitions/AWS::Lex::Bot.ObfuscationSetting", - "markdownDescription": "Determines whether the contents of the slot are obfuscated in Amazon CloudWatch Logs logs. Use obfuscated slots to protect information such as personally identifiable information (PII) in logs.", - "title": "ObfuscationSetting" - }, - "SlotTypeName": { - "markdownDescription": "The name of the slot type that this slot is based on. The slot type defines the acceptable values for the slot.", - "title": "SlotTypeName", + "Description": { + "markdownDescription": "The description of the rule.", + "title": "Description", "type": "string" }, - "ValueElicitationSetting": { - "$ref": "#/definitions/AWS::Lex::Bot.SlotValueElicitationSetting", - "markdownDescription": "Determines the slot resolution strategy that Amazon Lex uses to return slot type values. The field can be set to one of the following values:\n\n- ORIGINAL_VALUE - Returns the value entered by the user, if the user value is similar to a slot value.\n- TOP_RESOLUTION - If there is a resolution list for the slot, return the first value in the resolution list as the slot type value. If there is no resolution list, null is returned.\n\nIf you don't specify the `valueSelectionStrategy` , the default is `ORIGINAL_VALUE` .", - "title": "ValueElicitationSetting" - } - }, - "required": [ - "Name", - "SlotTypeName", - "ValueElicitationSetting" - ], - "type": "object" - }, - "AWS::Lex::Bot.SlotCaptureSetting": { - "additionalProperties": false, - "properties": { - "CaptureConditional": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", - "markdownDescription": "A list of conditional branches to evaluate after the slot value is captured.", - "title": "CaptureConditional" - }, - "CaptureNextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "Specifies the next step that the bot runs when the slot value is captured before the code hook times out.", - "title": "CaptureNextStep" - }, - "CaptureResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input.", - "title": "CaptureResponse" - }, - "CodeHook": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogCodeHookInvocationSetting", - "markdownDescription": "Code hook called after Amazon Lex successfully captures a slot value.", - "title": "CodeHook" - }, - "ElicitationCodeHook": { - "$ref": "#/definitions/AWS::Lex::Bot.ElicitationCodeHookInvocationSetting", - "markdownDescription": "Code hook called when Amazon Lex doesn't capture a slot value.", - "title": "ElicitationCodeHook" - }, - "FailureConditional": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", - "markdownDescription": "A list of conditional branches to evaluate when the slot value isn't captured.", - "title": "FailureConditional" + "ErrorAction": { + "$ref": "#/definitions/AWS::IoT::TopicRule.Action", + "markdownDescription": "The action to take when an error occurs.", + "title": "ErrorAction" }, - "FailureNextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "Specifies the next step that the bot runs when the slot value code is not recognized.", - "title": "FailureNextStep" + "RuleDisabled": { + "markdownDescription": "Specifies whether the rule is disabled.", + "title": "RuleDisabled", + "type": "boolean" }, - "FailureResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input when the slot fails to be captured.", - "title": "FailureResponse" - } - }, - "type": "object" - }, - "AWS::Lex::Bot.SlotDefaultValue": { - "additionalProperties": false, - "properties": { - "DefaultValue": { - "markdownDescription": "The default value to use when a user doesn't provide a value for a slot.", - "title": "DefaultValue", + "Sql": { + "markdownDescription": "The SQL statement used to query the topic. For more information, see [AWS IoT SQL Reference](https://docs.aws.amazon.com/iot/latest/developerguide/iot-sql-reference.html) in the *AWS IoT Developer Guide* .", + "title": "Sql", "type": "string" } }, "required": [ - "DefaultValue" - ], - "type": "object" - }, - "AWS::Lex::Bot.SlotDefaultValueSpecification": { - "additionalProperties": false, - "properties": { - "DefaultValueList": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.SlotDefaultValue" - }, - "markdownDescription": "A list of default values. Amazon Lex chooses the default value to use in the order that they are presented in the list.", - "title": "DefaultValueList", - "type": "array" - } - }, - "required": [ - "DefaultValueList" + "Actions", + "Sql" ], "type": "object" }, - "AWS::Lex::Bot.SlotPriority": { + "AWS::IoT::TopicRule.UserProperty": { "additionalProperties": false, "properties": { - "Priority": { - "markdownDescription": "The priority that Amazon Lex should apply to the slot.", - "title": "Priority", - "type": "number" + "Key": { + "markdownDescription": "A key to be specified in `UserProperty` .", + "title": "Key", + "type": "string" }, - "SlotName": { - "markdownDescription": "The name of the slot.", - "title": "SlotName", + "Value": { + "markdownDescription": "A value to be specified in `UserProperty` .", + "title": "Value", "type": "string" } }, "required": [ - "Priority", - "SlotName" + "Key", + "Value" ], "type": "object" }, - "AWS::Lex::Bot.SlotType": { + "AWS::IoT::TopicRuleDestination": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the slot type. Use the description to help identify the slot type in lists.", - "title": "Description", + "Condition": { "type": "string" }, - "ExternalSourceSetting": { - "$ref": "#/definitions/AWS::Lex::Bot.ExternalSourceSetting", - "markdownDescription": "Sets the type of external information used to create the slot type.", - "title": "ExternalSourceSetting" - }, - "Name": { - "markdownDescription": "The name of the slot type. A slot type name must be unique withing the account.", - "title": "Name", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ParentSlotTypeSignature": { - "markdownDescription": "The built-in slot type used as a parent of this slot type. When you define a parent slot type, the new slot type has the configuration of the parent lot type.\n\nOnly `AMAZON.AlphaNumeric` is supported.", - "title": "ParentSlotTypeSignature", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SlotTypeValues": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.SlotTypeValue" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "HttpUrlProperties": { + "$ref": "#/definitions/AWS::IoT::TopicRuleDestination.HttpUrlDestinationSummary", + "markdownDescription": "Properties of the HTTP URL.", + "title": "HttpUrlProperties" + }, + "Status": { + "markdownDescription": "- **IN_PROGRESS** - A topic rule destination was created but has not been confirmed. You can set status to `IN_PROGRESS` by calling `UpdateTopicRuleDestination` . Calling `UpdateTopicRuleDestination` causes a new confirmation challenge to be sent to your confirmation endpoint.\n- **ENABLED** - Confirmation was completed, and traffic to this destination is allowed. You can set status to `DISABLED` by calling `UpdateTopicRuleDestination` .\n- **DISABLED** - Confirmation was completed, and traffic to this destination is not allowed. You can set status to `ENABLED` by calling `UpdateTopicRuleDestination` .\n- **ERROR** - Confirmation could not be completed; for example, if the confirmation timed out. You can call `GetTopicRuleDestination` for details about the error. You can set status to `IN_PROGRESS` by calling `UpdateTopicRuleDestination` . Calling `UpdateTopicRuleDestination` causes a new confirmation challenge to be sent to your confirmation endpoint.", + "title": "Status", + "type": "string" + }, + "VpcProperties": { + "$ref": "#/definitions/AWS::IoT::TopicRuleDestination.VpcDestinationProperties", + "markdownDescription": "Properties of the virtual private cloud (VPC) connection.", + "title": "VpcProperties" + } }, - "markdownDescription": "A list of SlotTypeValue objects that defines the values that the slot type can take. Each value can have a list of synonyms, additional values that help train the machine learning model about the values that it resolves for the slot.", - "title": "SlotTypeValues", - "type": "array" + "type": "object" }, - "ValueSelectionSetting": { - "$ref": "#/definitions/AWS::Lex::Bot.SlotValueSelectionSetting", - "markdownDescription": "Determines the slot resolution strategy that Amazon Lex uses to return slot type values. The field can be set to one of the following values:\n\n- `ORIGINAL_VALUE` - Returns the value entered by the user, if the user value is similar to the slot value.\n- `TOP_RESOLUTION` - If there is a resolution list for the slot, return the first value in the resolution list as the slot type value. If there is no resolution list, null is returned.\n\nIf you don't specify the `valueSelectionStrategy` , the default is `ORIGINAL_VALUE` .", - "title": "ValueSelectionSetting" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "AWS::Lex::Bot.SlotTypeValue": { - "additionalProperties": false, - "properties": { - "SampleValue": { - "$ref": "#/definitions/AWS::Lex::Bot.SampleValue", - "markdownDescription": "The value of the slot type entry.", - "title": "SampleValue" + "Type": { + "enum": [ + "AWS::IoT::TopicRuleDestination" + ], + "type": "string" }, - "Synonyms": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.SampleValue" - }, - "markdownDescription": "Additional values related to the slot type entry.", - "title": "Synonyms", - "type": "array" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "SampleValue" + "Type" ], "type": "object" }, - "AWS::Lex::Bot.SlotValue": { + "AWS::IoT::TopicRuleDestination.HttpUrlDestinationSummary": { "additionalProperties": false, "properties": { - "InterpretedValue": { - "markdownDescription": "The value that Amazon Lex determines for the slot. The actual value depends on the setting of the value selection strategy for the bot. You can choose to use the value entered by the user, or you can have Amazon Lex choose the first value in the `resolvedValues` list.", - "title": "InterpretedValue", + "ConfirmationUrl": { + "markdownDescription": "The URL used to confirm the HTTP topic rule destination URL.", + "title": "ConfirmationUrl", "type": "string" } }, "type": "object" }, - "AWS::Lex::Bot.SlotValueElicitationSetting": { + "AWS::IoT::TopicRuleDestination.VpcDestinationProperties": { "additionalProperties": false, "properties": { - "DefaultValueSpecification": { - "$ref": "#/definitions/AWS::Lex::Bot.SlotDefaultValueSpecification", - "markdownDescription": "A list of default values for a slot. Default values are used when Amazon Lex hasn't determined a value for a slot. You can specify default values from context variables, session attributes, and defined values.", - "title": "DefaultValueSpecification" - }, - "PromptSpecification": { - "$ref": "#/definitions/AWS::Lex::Bot.PromptSpecification", - "markdownDescription": "The prompt that Amazon Lex uses to elicit the slot value from the user.", - "title": "PromptSpecification" + "RoleArn": { + "markdownDescription": "The ARN of a role that has permission to create and attach to elastic network interfaces (ENIs).", + "title": "RoleArn", + "type": "string" }, - "SampleUtterances": { + "SecurityGroups": { "items": { - "$ref": "#/definitions/AWS::Lex::Bot.SampleUtterance" + "type": "string" }, - "markdownDescription": "If you know a specific pattern that users might respond to an Amazon Lex request for a slot value, you can provide those utterances to improve accuracy. This is optional. In most cases, Amazon Lex is capable of understanding user utterances.", - "title": "SampleUtterances", + "markdownDescription": "The security groups of the VPC destination.", + "title": "SecurityGroups", "type": "array" }, - "SlotCaptureSetting": { - "$ref": "#/definitions/AWS::Lex::Bot.SlotCaptureSetting", - "markdownDescription": "Specifies the settings that Amazon Lex uses when a slot value is successfully entered by a user.", - "title": "SlotCaptureSetting" - }, - "SlotConstraint": { - "markdownDescription": "Specifies whether the slot is required or optional.", - "title": "SlotConstraint", - "type": "string" - }, - "WaitAndContinueSpecification": { - "$ref": "#/definitions/AWS::Lex::Bot.WaitAndContinueSpecification", - "markdownDescription": "Specifies the prompts that Amazon Lex uses while a bot is waiting for customer input.", - "title": "WaitAndContinueSpecification" - } - }, - "required": [ - "SlotConstraint" - ], - "type": "object" - }, - "AWS::Lex::Bot.SlotValueOverride": { - "additionalProperties": false, - "properties": { - "Shape": { - "markdownDescription": "When the shape value is `List` , it indicates that the `values` field contains a list of slot values. When the value is `Scalar` , it indicates that the `value` field contains a single value.", - "title": "Shape", - "type": "string" - }, - "Value": { - "$ref": "#/definitions/AWS::Lex::Bot.SlotValue", - "markdownDescription": "The current value of the slot.", - "title": "Value" - }, - "Values": { + "SubnetIds": { "items": { - "$ref": "#/definitions/AWS::Lex::Bot.SlotValueOverride" + "type": "string" }, - "markdownDescription": "A list of one or more values that the user provided for the slot. For example, for a slot that elicits pizza toppings, the values might be \"pepperoni\" and \"pineapple.\"", - "title": "Values", + "markdownDescription": "The subnet IDs of the VPC destination.", + "title": "SubnetIds", "type": "array" - } - }, - "type": "object" - }, - "AWS::Lex::Bot.SlotValueOverrideMap": { - "additionalProperties": false, - "properties": { - "SlotName": { - "markdownDescription": "The name of the slot.", - "title": "SlotName", - "type": "string" }, - "SlotValueOverride": { - "$ref": "#/definitions/AWS::Lex::Bot.SlotValueOverride", - "markdownDescription": "The SlotValueOverride object to which the slot name will be mapped.", - "title": "SlotValueOverride" - } - }, - "type": "object" - }, - "AWS::Lex::Bot.SlotValueRegexFilter": { - "additionalProperties": false, - "properties": { - "Pattern": { - "markdownDescription": "A regular expression used to validate the value of a slot.\n\nUse a standard regular expression. Amazon Lex supports the following characters in the regular expression:\n\n- A-Z, a-z\n- 0-9\n- Unicode characters (\"\\\u2060u\")\n\nRepresent Unicode characters with four digits, for example \"\\\u2060u0041\" or \"\\\u2060u005A\".\n\nThe following regular expression operators are not supported:\n\n- Infinite repeaters: *, +, or {x,} with no upper bound.\n- Wild card (.)", - "title": "Pattern", + "VpcId": { + "markdownDescription": "The ID of the VPC.", + "title": "VpcId", "type": "string" } }, - "required": [ - "Pattern" - ], "type": "object" }, - "AWS::Lex::Bot.SlotValueSelectionSetting": { + "AWS::IoTAnalytics::Channel": { "additionalProperties": false, "properties": { - "AdvancedRecognitionSetting": { - "$ref": "#/definitions/AWS::Lex::Bot.AdvancedRecognitionSetting", - "markdownDescription": "Provides settings that enable advanced recognition settings for slot values. You can use this to enable using slot values as a custom vocabulary for recognizing user utterances.", - "title": "AdvancedRecognitionSetting" - }, - "RegexFilter": { - "$ref": "#/definitions/AWS::Lex::Bot.SlotValueRegexFilter", - "markdownDescription": "A regular expression used to validate the value of a slot.", - "title": "RegexFilter" + "Condition": { + "type": "string" }, - "ResolutionStrategy": { - "markdownDescription": "Determines the slot resolution strategy that Amazon Lex uses to return slot type values. The field can be set to one of the following values:\n\n- `ORIGINAL_VALUE` - Returns the value entered by the user, if the user value is similar to the slot value.\n- `TOP_RESOLUTION` - If there is a resolution list for the slot, return the first value in the resolution list as the slot type value. If there is no resolution list, null is returned.\n\nIf you don't specify the `valueSelectionStrategy` , the default is `ORIGINAL_VALUE` .", - "title": "ResolutionStrategy", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "required": [ - "ResolutionStrategy" - ], - "type": "object" - }, - "AWS::Lex::Bot.StillWaitingResponseSpecification": { - "additionalProperties": false, - "properties": { - "AllowInterrupt": { - "markdownDescription": "Indicates that the user can interrupt the response by speaking while the message is being played.", - "title": "AllowInterrupt", - "type": "boolean" }, - "FrequencyInSeconds": { - "markdownDescription": "How often a message should be sent to the user. Minimum of 1 second, maximum of 5 minutes.", - "title": "FrequencyInSeconds", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "MessageGroupsList": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.MessageGroup" - }, - "markdownDescription": "One or more message groups, each containing one or more messages, that define the prompts that Amazon Lex sends to the user.", - "title": "MessageGroupsList", - "type": "array" + "Metadata": { + "type": "object" }, - "TimeoutInSeconds": { - "markdownDescription": "If Amazon Lex waits longer than this length of time for a response, it will stop sending messages.", - "title": "TimeoutInSeconds", - "type": "number" - } - }, - "required": [ - "FrequencyInSeconds", - "MessageGroupsList", - "TimeoutInSeconds" - ], - "type": "object" - }, - "AWS::Lex::Bot.TestBotAliasSettings": { - "additionalProperties": false, - "properties": { - "BotAliasLocaleSettings": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.BotAliasLocaleSettingsItem" + "Properties": { + "additionalProperties": false, + "properties": { + "ChannelName": { + "markdownDescription": "The name of the channel.", + "title": "ChannelName", + "type": "string" + }, + "ChannelStorage": { + "$ref": "#/definitions/AWS::IoTAnalytics::Channel.ChannelStorage", + "markdownDescription": "Where channel data is stored.", + "title": "ChannelStorage" + }, + "RetentionPeriod": { + "$ref": "#/definitions/AWS::IoTAnalytics::Channel.RetentionPeriod", + "markdownDescription": "How long, in days, message data is kept for the channel.", + "title": "RetentionPeriod" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata which can be used to manage the channel.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "Specifies settings that are unique to a locale. For example, you can use a different Lambda function depending on the bot's locale.", - "title": "BotAliasLocaleSettings", - "type": "array" - }, - "ConversationLogSettings": { - "$ref": "#/definitions/AWS::Lex::Bot.ConversationLogSettings", - "markdownDescription": "Specifies settings for conversation logs that save audio, text, and metadata information for conversations with your users.", - "title": "ConversationLogSettings" + "type": "object" }, - "Description": { - "markdownDescription": "Specifies a description for the test bot alias.", - "title": "Description", + "Type": { + "enum": [ + "AWS::IoTAnalytics::Channel" + ], "type": "string" }, - "SentimentAnalysisSettings": { - "$ref": "#/definitions/AWS::Lex::Bot.SentimentAnalysisSettings", - "markdownDescription": "Specifies whether Amazon Lex will use Amazon Comprehend to detect the sentiment of user utterances.", - "title": "SentimentAnalysisSettings" - } - }, - "type": "object" - }, - "AWS::Lex::Bot.TextInputSpecification": { - "additionalProperties": false, - "properties": { - "StartTimeoutMs": { - "markdownDescription": "Time for which a bot waits before re-prompting a customer for text input.", - "title": "StartTimeoutMs", - "type": "number" - } - }, - "required": [ - "StartTimeoutMs" - ], - "type": "object" - }, - "AWS::Lex::Bot.TextLogDestination": { - "additionalProperties": false, - "properties": { - "CloudWatch": { - "$ref": "#/definitions/AWS::Lex::Bot.CloudWatchLogGroupLogDestination", - "markdownDescription": "Defines the Amazon CloudWatch Logs log group where text and metadata logs are delivered.", - "title": "CloudWatch" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "CloudWatch" + "Type" ], "type": "object" }, - "AWS::Lex::Bot.TextLogSetting": { + "AWS::IoTAnalytics::Channel.ChannelStorage": { "additionalProperties": false, "properties": { - "Destination": { - "$ref": "#/definitions/AWS::Lex::Bot.TextLogDestination", - "markdownDescription": "Specifies the Amazon CloudWatch Logs destination log group for conversation text logs.", - "title": "Destination" + "CustomerManagedS3": { + "$ref": "#/definitions/AWS::IoTAnalytics::Channel.CustomerManagedS3", + "markdownDescription": "Used to store channel data in an S3 bucket that you manage. If customer managed storage is selected, the `retentionPeriod` parameter is ignored. You can't change the choice of S3 storage after the data store is created.", + "title": "CustomerManagedS3" }, - "Enabled": { - "markdownDescription": "Determines whether conversation logs should be stored for an alias.", - "title": "Enabled", - "type": "boolean" + "ServiceManagedS3": { + "markdownDescription": "Used to store channel data in an S3 bucket managed by AWS IoT Analytics . You can't change the choice of S3 storage after the data store is created.", + "title": "ServiceManagedS3", + "type": "object" } }, - "required": [ - "Destination", - "Enabled" - ], "type": "object" }, - "AWS::Lex::Bot.VoiceSettings": { + "AWS::IoTAnalytics::Channel.CustomerManagedS3": { "additionalProperties": false, "properties": { - "Engine": { - "markdownDescription": "Indicates the type of Amazon Polly voice that Amazon Lex should use for voice interaction with the user. For more information, see the [`engine` parameter of the `SynthesizeSpeech` operation](https://docs.aws.amazon.com/polly/latest/dg/API_SynthesizeSpeech.html#polly-SynthesizeSpeech-request-Engine) in the *Amazon Polly developer guide* .\n\nIf you do not specify a value, the default is `standard` .", - "title": "Engine", + "Bucket": { + "markdownDescription": "The name of the S3 bucket in which channel data is stored.", + "title": "Bucket", "type": "string" }, - "VoiceId": { - "markdownDescription": "The identifier of the Amazon Polly voice to use.", - "title": "VoiceId", + "KeyPrefix": { + "markdownDescription": "(Optional) The prefix used to create the keys of the channel data objects. Each object in an S3 bucket has a key that is its unique identifier within the bucket (each object in a bucket has exactly one key). The prefix must end with a forward slash (/).", + "title": "KeyPrefix", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the role that grants AWS IoT Analytics permission to interact with your Amazon S3 resources.", + "title": "RoleArn", "type": "string" } }, "required": [ - "VoiceId" + "Bucket", + "RoleArn" ], "type": "object" }, - "AWS::Lex::Bot.WaitAndContinueSpecification": { + "AWS::IoTAnalytics::Channel.RetentionPeriod": { "additionalProperties": false, "properties": { - "ContinueResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "The response that Amazon Lex sends to indicate that the bot is ready to continue the conversation.", - "title": "ContinueResponse" + "NumberOfDays": { + "markdownDescription": "The number of days that message data is kept. The `unlimited` parameter must be false.", + "title": "NumberOfDays", + "type": "number" }, - "IsActive": { - "markdownDescription": "Specifies whether the bot will wait for a user to respond. When this field is false, wait and continue responses for a slot aren't used. If the `IsActive` field isn't specified, the default is true.", - "title": "IsActive", + "Unlimited": { + "markdownDescription": "If true, message data is kept indefinitely.", + "title": "Unlimited", "type": "boolean" - }, - "StillWaitingResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.StillWaitingResponseSpecification", - "markdownDescription": "A response that Amazon Lex sends periodically to the user to indicate that the bot is still waiting for input from the user.", - "title": "StillWaitingResponse" - }, - "WaitingResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "The response that Amazon Lex sends to indicate that the bot is waiting for the conversation to continue.", - "title": "WaitingResponse" } }, - "required": [ - "ContinueResponse", - "WaitingResponse" - ], "type": "object" }, - "AWS::Lex::BotAlias": { + "AWS::IoTAnalytics::Dataset": { "additionalProperties": false, "properties": { "Condition": { @@ -145982,62 +150299,70 @@ "Properties": { "additionalProperties": false, "properties": { - "BotAliasLocaleSettings": { + "Actions": { "items": { - "$ref": "#/definitions/AWS::Lex::BotAlias.BotAliasLocaleSettingsItem" + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.Action" }, - "markdownDescription": "Specifies settings that are unique to a locale. For example, you can use different Lambda function depending on the bot's locale.", - "title": "BotAliasLocaleSettings", + "markdownDescription": "The `DatasetAction` objects that automatically create the dataset contents.", + "title": "Actions", "type": "array" }, - "BotAliasName": { - "markdownDescription": "The name of the bot alias.", - "title": "BotAliasName", - "type": "string" - }, - "BotAliasTags": { + "ContentDeliveryRules": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.DatasetContentDeliveryRule" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nYou can only add tags when you specify an alias.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "BotAliasTags", + "markdownDescription": "When dataset contents are created they are delivered to destinations specified here.", + "title": "ContentDeliveryRules", "type": "array" }, - "BotId": { - "markdownDescription": "The unique identifier of the bot.", - "title": "BotId", + "DatasetName": { + "markdownDescription": "The name of the dataset.", + "title": "DatasetName", "type": "string" }, - "BotVersion": { - "markdownDescription": "The version of the bot that the bot alias references.", - "title": "BotVersion", - "type": "string" + "LateDataRules": { + "items": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.LateDataRule" + }, + "markdownDescription": "A list of data rules that send notifications to CloudWatch, when data arrives late. To specify `lateDataRules` , the dataset must use a [DeltaTimer](https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_DeltaTime.html) filter.", + "title": "LateDataRules", + "type": "array" }, - "ConversationLogSettings": { - "$ref": "#/definitions/AWS::Lex::BotAlias.ConversationLogSettings", - "markdownDescription": "Specifies whether Amazon Lex logs text and audio for conversations with the bot. When you enable conversation logs, text logs store text input, transcripts of audio input, and associated metadata in Amazon CloudWatch logs. Audio logs store input in Amazon S3 .", - "title": "ConversationLogSettings" + "RetentionPeriod": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.RetentionPeriod", + "markdownDescription": "Optional. How long, in days, message data is kept for the dataset.", + "title": "RetentionPeriod" }, - "Description": { - "markdownDescription": "The description of the bot alias.", - "title": "Description", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata which can be used to manage the data set.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" }, - "SentimentAnalysisSettings": { - "$ref": "#/definitions/AWS::Lex::BotAlias.SentimentAnalysisSettings", - "markdownDescription": "Determines whether Amazon Lex will use Amazon Comprehend to detect the sentiment of user utterances.", - "title": "SentimentAnalysisSettings" + "Triggers": { + "items": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.Trigger" + }, + "markdownDescription": "The `DatasetTrigger` objects that specify when the dataset is automatically updated.", + "title": "Triggers", + "type": "array" + }, + "VersioningConfiguration": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.VersioningConfiguration", + "markdownDescription": "Optional. How many versions of dataset contents are kept. If not specified or set to null, only the latest version plus the latest succeeded version (if they are different) are kept for the time period specified by the `retentionPeriod` parameter. For more information, see [Keeping Multiple Versions of AWS IoT Analytics datasets](https://docs.aws.amazon.com/iotanalytics/latest/userguide/getting-started.html#aws-iot-analytics-dataset-versions) in the *AWS IoT Analytics User Guide* .", + "title": "VersioningConfiguration" } }, "required": [ - "BotAliasName", - "BotId" + "Actions" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lex::BotAlias" + "AWS::IoTAnalytics::Dataset" ], "type": "string" }, @@ -146056,417 +150381,426 @@ ], "type": "object" }, - "AWS::Lex::BotAlias.AudioLogDestination": { + "AWS::IoTAnalytics::Dataset.Action": { "additionalProperties": false, "properties": { - "S3Bucket": { - "$ref": "#/definitions/AWS::Lex::BotAlias.S3BucketLogDestination", - "markdownDescription": "The S3 bucket location where audio logs are stored.", - "title": "S3Bucket" + "ActionName": { + "markdownDescription": "The name of the data set action by which data set contents are automatically created.", + "title": "ActionName", + "type": "string" + }, + "ContainerAction": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.ContainerAction", + "markdownDescription": "Information which allows the system to run a containerized application in order to create the data set contents. The application must be in a Docker container along with any needed support libraries.", + "title": "ContainerAction" + }, + "QueryAction": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.QueryAction", + "markdownDescription": "An \"SqlQueryDatasetAction\" object that uses an SQL query to automatically create data set contents.", + "title": "QueryAction" } }, "required": [ - "S3Bucket" + "ActionName" ], "type": "object" }, - "AWS::Lex::BotAlias.AudioLogSetting": { + "AWS::IoTAnalytics::Dataset.ContainerAction": { "additionalProperties": false, "properties": { - "Destination": { - "$ref": "#/definitions/AWS::Lex::BotAlias.AudioLogDestination", - "markdownDescription": "The location of audio log files collected when conversation logging is enabled for a bot.", - "title": "Destination" + "ExecutionRoleArn": { + "markdownDescription": "The ARN of the role which gives permission to the system to access needed resources in order to run the \"containerAction\". This includes, at minimum, permission to retrieve the data set contents which are the input to the containerized application.", + "title": "ExecutionRoleArn", + "type": "string" }, - "Enabled": { - "markdownDescription": "Determines whether audio logging in enabled for the bot.", - "title": "Enabled", - "type": "boolean" + "Image": { + "markdownDescription": "The ARN of the Docker container stored in your account. The Docker container contains an application and needed support libraries and is used to generate data set contents.", + "title": "Image", + "type": "string" + }, + "ResourceConfiguration": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.ResourceConfiguration", + "markdownDescription": "Configuration of the resource which executes the \"containerAction\".", + "title": "ResourceConfiguration" + }, + "Variables": { + "items": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.Variable" + }, + "markdownDescription": "The values of variables used within the context of the execution of the containerized application (basically, parameters passed to the application). Each variable must have a name and a value given by one of \"stringValue\", \"datasetContentVersionValue\", or \"outputFileUriValue\".", + "title": "Variables", + "type": "array" } }, "required": [ - "Destination", - "Enabled" + "ExecutionRoleArn", + "Image", + "ResourceConfiguration" ], "type": "object" }, - "AWS::Lex::BotAlias.BotAliasLocaleSettings": { + "AWS::IoTAnalytics::Dataset.DatasetContentDeliveryRule": { "additionalProperties": false, "properties": { - "CodeHookSpecification": { - "$ref": "#/definitions/AWS::Lex::BotAlias.CodeHookSpecification", - "markdownDescription": "Specifies the Lambda function that should be used in the locale.", - "title": "CodeHookSpecification" + "Destination": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.DatasetContentDeliveryRuleDestination", + "markdownDescription": "The destination to which dataset contents are delivered.", + "title": "Destination" }, - "Enabled": { - "markdownDescription": "Determines whether the locale is enabled for the bot. If the value is `false` , the locale isn't available for use.", - "title": "Enabled", - "type": "boolean" + "EntryName": { + "markdownDescription": "The name of the dataset content delivery rules entry.", + "title": "EntryName", + "type": "string" } }, "required": [ - "Enabled" + "Destination" ], "type": "object" }, - "AWS::Lex::BotAlias.BotAliasLocaleSettingsItem": { + "AWS::IoTAnalytics::Dataset.DatasetContentDeliveryRuleDestination": { "additionalProperties": false, "properties": { - "BotAliasLocaleSetting": { - "$ref": "#/definitions/AWS::Lex::BotAlias.BotAliasLocaleSettings", - "markdownDescription": "Specifies settings that are unique to a locale.", - "title": "BotAliasLocaleSetting" + "IotEventsDestinationConfiguration": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.IotEventsDestinationConfiguration", + "markdownDescription": "Configuration information for delivery of dataset contents to AWS IoT Events .", + "title": "IotEventsDestinationConfiguration" }, - "LocaleId": { - "markdownDescription": "The unique identifier of the locale.", - "title": "LocaleId", + "S3DestinationConfiguration": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.S3DestinationConfiguration", + "markdownDescription": "Configuration information for delivery of dataset contents to Amazon S3.", + "title": "S3DestinationConfiguration" + } + }, + "type": "object" + }, + "AWS::IoTAnalytics::Dataset.DatasetContentVersionValue": { + "additionalProperties": false, + "properties": { + "DatasetName": { + "markdownDescription": "The name of the dataset whose latest contents are used as input to the notebook or application.", + "title": "DatasetName", "type": "string" } }, "required": [ - "BotAliasLocaleSetting", - "LocaleId" + "DatasetName" ], "type": "object" }, - "AWS::Lex::BotAlias.CloudWatchLogGroupLogDestination": { + "AWS::IoTAnalytics::Dataset.DeltaTime": { "additionalProperties": false, "properties": { - "CloudWatchLogGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the log group where text and metadata logs are delivered.", - "title": "CloudWatchLogGroupArn", - "type": "string" + "OffsetSeconds": { + "markdownDescription": "The number of seconds of estimated in-flight lag time of message data. When you create dataset contents using message data from a specified timeframe, some message data might still be in flight when processing begins, and so do not arrive in time to be processed. Use this field to make allowances for the in flight time of your message data, so that data not processed from a previous timeframe is included with the next timeframe. Otherwise, missed message data would be excluded from processing during the next timeframe too, because its timestamp places it within the previous timeframe.", + "title": "OffsetSeconds", + "type": "number" }, - "LogPrefix": { - "markdownDescription": "The prefix of the log stream name within the log group that you specified", - "title": "LogPrefix", + "TimeExpression": { + "markdownDescription": "An expression by which the time of the message data might be determined. This can be the name of a timestamp field or a SQL expression that is used to derive the time the message data was generated.", + "title": "TimeExpression", "type": "string" } }, "required": [ - "CloudWatchLogGroupArn", - "LogPrefix" + "OffsetSeconds", + "TimeExpression" ], "type": "object" }, - "AWS::Lex::BotAlias.CodeHookSpecification": { + "AWS::IoTAnalytics::Dataset.DeltaTimeSessionWindowConfiguration": { "additionalProperties": false, "properties": { - "LambdaCodeHook": { - "$ref": "#/definitions/AWS::Lex::BotAlias.LambdaCodeHook", - "markdownDescription": "Specifies a Lambda function that verifies requests to a bot or fulfills the user's request to a bot.", - "title": "LambdaCodeHook" + "TimeoutInMinutes": { + "markdownDescription": "A time interval. You can use `timeoutInMinutes` so that AWS IoT Analytics can batch up late data notifications that have been generated since the last execution. AWS IoT Analytics sends one batch of notifications to Amazon CloudWatch Events at one time.\n\nFor more information about how to write a timestamp expression, see [Date and Time Functions and Operators](https://docs.aws.amazon.com/https://prestodb.io/docs/current/functions/datetime.html) , in the *Presto 0.172 Documentation* .", + "title": "TimeoutInMinutes", + "type": "number" } }, "required": [ - "LambdaCodeHook" + "TimeoutInMinutes" ], "type": "object" }, - "AWS::Lex::BotAlias.ConversationLogSettings": { + "AWS::IoTAnalytics::Dataset.Filter": { "additionalProperties": false, "properties": { - "AudioLogSettings": { - "items": { - "$ref": "#/definitions/AWS::Lex::BotAlias.AudioLogSetting" - }, - "markdownDescription": "The Amazon S3 settings for logging audio to an S3 bucket.", - "title": "AudioLogSettings", - "type": "array" - }, - "TextLogSettings": { - "items": { - "$ref": "#/definitions/AWS::Lex::BotAlias.TextLogSetting" - }, - "markdownDescription": "The Amazon CloudWatch Logs settings for logging text and metadata.", - "title": "TextLogSettings", - "type": "array" + "DeltaTime": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.DeltaTime", + "markdownDescription": "Used to limit data to that which has arrived since the last execution of the action.", + "title": "DeltaTime" } }, "type": "object" }, - "AWS::Lex::BotAlias.LambdaCodeHook": { + "AWS::IoTAnalytics::Dataset.GlueConfiguration": { "additionalProperties": false, "properties": { - "CodeHookInterfaceVersion": { - "markdownDescription": "The version of the request-response that you want Amazon Lex to use to invoke your Lambda function.", - "title": "CodeHookInterfaceVersion", + "DatabaseName": { + "markdownDescription": "The name of the database in your AWS Glue Data Catalog in which the table is located. An AWS Glue Data Catalog database contains metadata tables.", + "title": "DatabaseName", "type": "string" }, - "LambdaArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function.", - "title": "LambdaArn", + "TableName": { + "markdownDescription": "The name of the table in your AWS Glue Data Catalog that is used to perform the ETL operations. An AWS Glue Data Catalog table contains partitioned data and descriptions of data sources and targets.", + "title": "TableName", "type": "string" } }, "required": [ - "CodeHookInterfaceVersion", - "LambdaArn" + "DatabaseName", + "TableName" ], "type": "object" }, - "AWS::Lex::BotAlias.S3BucketLogDestination": { + "AWS::IoTAnalytics::Dataset.IotEventsDestinationConfiguration": { "additionalProperties": false, "properties": { - "KmsKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Key Management Service (KMS) key for encrypting audio log files stored in an Amazon S3 bucket.", - "title": "KmsKeyArn", - "type": "string" - }, - "LogPrefix": { - "markdownDescription": "The S3 prefix to assign to audio log files.", - "title": "LogPrefix", + "InputName": { + "markdownDescription": "The name of the AWS IoT Events input to which dataset contents are delivered.", + "title": "InputName", "type": "string" }, - "S3BucketArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an Amazon S3 bucket where audio log files are stored.", - "title": "S3BucketArn", + "RoleArn": { + "markdownDescription": "The ARN of the role that grants AWS IoT Analytics permission to deliver dataset contents to an AWS IoT Events input.", + "title": "RoleArn", "type": "string" } }, "required": [ - "LogPrefix", - "S3BucketArn" + "InputName", + "RoleArn" ], "type": "object" }, - "AWS::Lex::BotAlias.SentimentAnalysisSettings": { + "AWS::IoTAnalytics::Dataset.LateDataRule": { "additionalProperties": false, "properties": { - "DetectSentiment": { - "markdownDescription": "Sets whether Amazon Lex uses Amazon Comprehend to detect the sentiment of user utterances.", - "title": "DetectSentiment", - "type": "boolean" + "RuleConfiguration": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.LateDataRuleConfiguration", + "markdownDescription": "The information needed to configure the late data rule.", + "title": "RuleConfiguration" + }, + "RuleName": { + "markdownDescription": "The name of the late data rule.", + "title": "RuleName", + "type": "string" } }, "required": [ - "DetectSentiment" + "RuleConfiguration" ], "type": "object" }, - "AWS::Lex::BotAlias.TextLogDestination": { + "AWS::IoTAnalytics::Dataset.LateDataRuleConfiguration": { "additionalProperties": false, "properties": { - "CloudWatch": { - "$ref": "#/definitions/AWS::Lex::BotAlias.CloudWatchLogGroupLogDestination", - "markdownDescription": "Defines the Amazon CloudWatch Logs log group where text and metadata logs are delivered.", - "title": "CloudWatch" + "DeltaTimeSessionWindowConfiguration": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.DeltaTimeSessionWindowConfiguration", + "markdownDescription": "The information needed to configure a delta time session window.", + "title": "DeltaTimeSessionWindowConfiguration" + } + }, + "type": "object" + }, + "AWS::IoTAnalytics::Dataset.OutputFileUriValue": { + "additionalProperties": false, + "properties": { + "FileName": { + "markdownDescription": "The URI of the location where dataset contents are stored, usually the URI of a file in an S3 bucket.", + "title": "FileName", + "type": "string" } }, "required": [ - "CloudWatch" + "FileName" ], "type": "object" }, - "AWS::Lex::BotAlias.TextLogSetting": { + "AWS::IoTAnalytics::Dataset.QueryAction": { "additionalProperties": false, "properties": { - "Destination": { - "$ref": "#/definitions/AWS::Lex::BotAlias.TextLogDestination", - "markdownDescription": "Defines the Amazon CloudWatch Logs destination log group for conversation text logs.", - "title": "Destination" + "Filters": { + "items": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.Filter" + }, + "markdownDescription": "Pre-filters applied to message data.", + "title": "Filters", + "type": "array" }, - "Enabled": { - "markdownDescription": "Determines whether conversation logs should be stored for an alias.", - "title": "Enabled", - "type": "boolean" + "SqlQuery": { + "markdownDescription": "An \"SqlQueryDatasetAction\" object that uses an SQL query to automatically create data set contents.", + "title": "SqlQuery", + "type": "string" } }, "required": [ - "Destination", - "Enabled" + "SqlQuery" ], "type": "object" }, - "AWS::Lex::BotVersion": { + "AWS::IoTAnalytics::Dataset.ResourceConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ComputeType": { + "markdownDescription": "The type of the compute resource used to execute the `containerAction` . Possible values are: `ACU_1` (vCPU=4, memory=16 GiB) or `ACU_2` (vCPU=8, memory=32 GiB).", + "title": "ComputeType", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "VolumeSizeInGB": { + "markdownDescription": "The size, in GB, of the persistent storage available to the resource instance used to execute the `containerAction` (min: 1, max: 50).", + "title": "VolumeSizeInGB", + "type": "number" + } + }, + "required": [ + "ComputeType", + "VolumeSizeInGB" + ], + "type": "object" + }, + "AWS::IoTAnalytics::Dataset.RetentionPeriod": { + "additionalProperties": false, + "properties": { + "NumberOfDays": { + "markdownDescription": "The number of days that message data is kept. The `unlimited` parameter must be false.", + "title": "NumberOfDays", + "type": "number" }, - "Metadata": { - "type": "object" + "Unlimited": { + "markdownDescription": "If true, message data is kept indefinitely.", + "title": "Unlimited", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::IoTAnalytics::Dataset.S3DestinationConfiguration": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The name of the S3 bucket to which dataset contents are delivered.", + "title": "Bucket", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "BotId": { - "markdownDescription": "The unique identifier of the bot.", - "title": "BotId", - "type": "string" - }, - "BotVersionLocaleSpecification": { - "items": { - "$ref": "#/definitions/AWS::Lex::BotVersion.BotVersionLocaleSpecification" - }, - "markdownDescription": "Specifies the locales that Amazon Lex adds to this version. You can choose the Draft version or any other previously published version for each locale. When you specify a source version, the locale data is copied from the source version to the new version.", - "title": "BotVersionLocaleSpecification", - "type": "array" - }, - "Description": { - "markdownDescription": "The description of the version.", - "title": "Description", - "type": "string" - } - }, - "required": [ - "BotId", - "BotVersionLocaleSpecification" - ], - "type": "object" + "GlueConfiguration": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.GlueConfiguration", + "markdownDescription": "Configuration information for coordination with AWS Glue , a fully managed extract, transform and load (ETL) service.", + "title": "GlueConfiguration" }, - "Type": { - "enum": [ - "AWS::Lex::BotVersion" - ], + "Key": { + "markdownDescription": "The key of the dataset contents object in an S3 bucket. Each object has a key that is a unique identifier. Each object has exactly one key.\n\nYou can create a unique key with the following options:\n\n- Use `!{iotanalytics:scheduleTime}` to insert the time of a scheduled SQL query run.\n- Use `!{iotanalytics:versionId}` to insert a unique hash that identifies a dataset content.\n- Use `!{iotanalytics:creationTime}` to insert the creation time of a dataset content.\n\nThe following example creates a unique key for a CSV file: `dataset/mydataset/!{iotanalytics:scheduleTime}/!{iotanalytics:versionId}.csv`\n\n> If you don't use `!{iotanalytics:versionId}` to specify the key, you might get duplicate keys. For example, you might have two dataset contents with the same `scheduleTime` but different `versionId` s. This means that one dataset content overwrites the other.", + "title": "Key", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "RoleArn": { + "markdownDescription": "The ARN of the role that grants AWS IoT Analytics permission to interact with your Amazon S3 and AWS Glue resources.", + "title": "RoleArn", "type": "string" } }, "required": [ - "Type", - "Properties" + "Bucket", + "Key", + "RoleArn" ], "type": "object" }, - "AWS::Lex::BotVersion.BotVersionLocaleDetails": { + "AWS::IoTAnalytics::Dataset.Schedule": { "additionalProperties": false, "properties": { - "SourceBotVersion": { - "markdownDescription": "The version of a bot used for a bot locale.", - "title": "SourceBotVersion", + "ScheduleExpression": { + "markdownDescription": "The expression that defines when to trigger an update. For more information, see [Schedule Expressions for Rules](https://docs.aws.amazon.com/AmazonCloudWatch/latest/events/ScheduledEvents.html) in the Amazon CloudWatch documentation.", + "title": "ScheduleExpression", "type": "string" } }, "required": [ - "SourceBotVersion" + "ScheduleExpression" ], "type": "object" }, - "AWS::Lex::BotVersion.BotVersionLocaleSpecification": { + "AWS::IoTAnalytics::Dataset.Trigger": { "additionalProperties": false, "properties": { - "BotVersionLocaleDetails": { - "$ref": "#/definitions/AWS::Lex::BotVersion.BotVersionLocaleDetails", - "markdownDescription": "The version of a bot used for a bot locale.", - "title": "BotVersionLocaleDetails" + "Schedule": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.Schedule", + "markdownDescription": "The \"Schedule\" when the trigger is initiated.", + "title": "Schedule" }, - "LocaleId": { - "markdownDescription": "The identifier of the locale to add to the version.", - "title": "LocaleId", + "TriggeringDataset": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.TriggeringDataset", + "markdownDescription": "Information about the data set whose content generation triggers the new data set content generation.", + "title": "TriggeringDataset" + } + }, + "type": "object" + }, + "AWS::IoTAnalytics::Dataset.TriggeringDataset": { + "additionalProperties": false, + "properties": { + "DatasetName": { + "markdownDescription": "The name of the data set whose content generation triggers the new data set content generation.", + "title": "DatasetName", "type": "string" } }, "required": [ - "BotVersionLocaleDetails", - "LocaleId" + "DatasetName" ], "type": "object" }, - "AWS::Lex::ResourcePolicy": { + "AWS::IoTAnalytics::Dataset.Variable": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "DatasetContentVersionValue": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.DatasetContentVersionValue", + "markdownDescription": "The value of the variable as a structure that specifies a dataset content version.", + "title": "DatasetContentVersionValue" }, - "Metadata": { - "type": "object" + "DoubleValue": { + "markdownDescription": "The value of the variable as a double (numeric).", + "title": "DoubleValue", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Policy": { - "markdownDescription": "A resource policy to add to the resource. The policy is a JSON structure that contains one or more statements that define the policy. The policy must follow IAM syntax. If the policy isn't valid, Amazon Lex returns a validation exception.", - "title": "Policy", - "type": "object" - }, - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the bot or bot alias that the resource policy is attached to.", - "title": "ResourceArn", - "type": "string" - } - }, - "required": [ - "Policy", - "ResourceArn" - ], - "type": "object" + "OutputFileUriValue": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.OutputFileUriValue", + "markdownDescription": "The value of the variable as a structure that specifies an output file URI.", + "title": "OutputFileUriValue" }, - "Type": { - "enum": [ - "AWS::Lex::ResourcePolicy" - ], + "StringValue": { + "markdownDescription": "The value of the variable as a string.", + "title": "StringValue", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VariableName": { + "markdownDescription": "The name of the variable.", + "title": "VariableName", "type": "string" } }, "required": [ - "Type", - "Properties" + "VariableName" ], "type": "object" }, - "AWS::LicenseManager::Grant": { + "AWS::IoTAnalytics::Dataset.VersioningConfiguration": { + "additionalProperties": false, + "properties": { + "MaxVersions": { + "markdownDescription": "How many versions of dataset contents are kept. The `unlimited` parameter must be `false` .", + "title": "MaxVersions", + "type": "number" + }, + "Unlimited": { + "markdownDescription": "If true, unlimited versions of dataset contents are kept.", + "title": "Unlimited", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::IoTAnalytics::Datastore": { "additionalProperties": false, "properties": { "Condition": { @@ -146501,48 +150835,45 @@ "Properties": { "additionalProperties": false, "properties": { - "AllowedOperations": { - "items": { - "type": "string" - }, - "markdownDescription": "Allowed operations for the grant.", - "title": "AllowedOperations", - "type": "array" - }, - "GrantName": { - "markdownDescription": "Grant name.", - "title": "GrantName", + "DatastoreName": { + "markdownDescription": "The name of the data store.", + "title": "DatastoreName", "type": "string" }, - "HomeRegion": { - "markdownDescription": "Home Region of the grant.", - "title": "HomeRegion", - "type": "string" + "DatastorePartitions": { + "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.DatastorePartitions", + "markdownDescription": "Information about the partition dimensions in a data store.", + "title": "DatastorePartitions" }, - "LicenseArn": { - "markdownDescription": "License ARN.", - "title": "LicenseArn", - "type": "string" + "DatastoreStorage": { + "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.DatastoreStorage", + "markdownDescription": "Where data store data is stored.", + "title": "DatastoreStorage" }, - "Principals": { + "FileFormatConfiguration": { + "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.FileFormatConfiguration", + "markdownDescription": "Contains the configuration information of file formats. AWS IoT Analytics data stores support JSON and [Parquet](https://docs.aws.amazon.com/https://parquet.apache.org/) .\n\nThe default file format is JSON. You can specify only one format.\n\nYou can't change the file format after you create the data store.", + "title": "FileFormatConfiguration" + }, + "RetentionPeriod": { + "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.RetentionPeriod", + "markdownDescription": "How long, in days, message data is kept for the data store. When `customerManagedS3` storage is selected, this parameter is ignored.", + "title": "RetentionPeriod" + }, + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The grant principals. You can specify one of the following as an Amazon Resource Name (ARN):\n\n- An AWS account, which includes only the account specified.\n\n- An organizational unit (OU), which includes all accounts in the OU.\n\n- An organization, which will include all accounts across your organization.", - "title": "Principals", + "markdownDescription": "Metadata which can be used to manage the data store.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", "type": "array" - }, - "Status": { - "markdownDescription": "Granted license status.", - "title": "Status", - "type": "string" } }, "type": "object" }, "Type": { "enum": [ - "AWS::LicenseManager::Grant" + "AWS::IoTAnalytics::Datastore" ], "type": "string" }, @@ -146560,7 +150891,223 @@ ], "type": "object" }, - "AWS::LicenseManager::License": { + "AWS::IoTAnalytics::Datastore.Column": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the column.", + "title": "Name", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of data. For more information about the supported data types, see [Common data types](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-common.html) in the *AWS Glue Developer Guide* .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Name", + "Type" + ], + "type": "object" + }, + "AWS::IoTAnalytics::Datastore.CustomerManagedS3": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The name of the Amazon S3 bucket where your data is stored.", + "title": "Bucket", + "type": "string" + }, + "KeyPrefix": { + "markdownDescription": "(Optional) The prefix used to create the keys of the data store data objects. Each object in an Amazon S3 bucket has a key that is its unique identifier in the bucket. Each object in a bucket has exactly one key. The prefix must end with a forward slash (/).", + "title": "KeyPrefix", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the role that grants AWS IoT Analytics permission to interact with your Amazon S3 resources.", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "Bucket", + "RoleArn" + ], + "type": "object" + }, + "AWS::IoTAnalytics::Datastore.CustomerManagedS3Storage": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The name of the Amazon S3 bucket where your data is stored.", + "title": "Bucket", + "type": "string" + }, + "KeyPrefix": { + "markdownDescription": "(Optional) The prefix used to create the keys of the data store data objects. Each object in an Amazon S3 bucket has a key that is its unique identifier in the bucket. Each object in a bucket has exactly one key. The prefix must end with a forward slash (/).", + "title": "KeyPrefix", + "type": "string" + } + }, + "required": [ + "Bucket" + ], + "type": "object" + }, + "AWS::IoTAnalytics::Datastore.DatastorePartition": { + "additionalProperties": false, + "properties": { + "Partition": { + "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.Partition", + "markdownDescription": "A partition dimension defined by an attribute.", + "title": "Partition" + }, + "TimestampPartition": { + "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.TimestampPartition", + "markdownDescription": "A partition dimension defined by a timestamp attribute.", + "title": "TimestampPartition" + } + }, + "type": "object" + }, + "AWS::IoTAnalytics::Datastore.DatastorePartitions": { + "additionalProperties": false, + "properties": { + "Partitions": { + "items": { + "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.DatastorePartition" + }, + "markdownDescription": "A list of partition dimensions in a data store.", + "title": "Partitions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::IoTAnalytics::Datastore.DatastoreStorage": { + "additionalProperties": false, + "properties": { + "CustomerManagedS3": { + "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.CustomerManagedS3", + "markdownDescription": "Use this to store data store data in an S3 bucket that you manage. The choice of service-managed or customer-managed S3 storage cannot be changed after creation of the data store.", + "title": "CustomerManagedS3" + }, + "IotSiteWiseMultiLayerStorage": { + "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.IotSiteWiseMultiLayerStorage", + "markdownDescription": "Use this to store data used by AWS IoT SiteWise in an Amazon S3 bucket that you manage. You can't change the choice of Amazon S3 storage after your data store is created.", + "title": "IotSiteWiseMultiLayerStorage" + }, + "ServiceManagedS3": { + "markdownDescription": "Use this to store data store data in an S3 bucket managed by the AWS IoT Analytics service. The choice of service-managed or customer-managed S3 storage cannot be changed after creation of the data store.", + "title": "ServiceManagedS3", + "type": "object" + } + }, + "type": "object" + }, + "AWS::IoTAnalytics::Datastore.FileFormatConfiguration": { + "additionalProperties": false, + "properties": { + "JsonConfiguration": { + "markdownDescription": "Contains the configuration information of the JSON format.", + "title": "JsonConfiguration", + "type": "object" + }, + "ParquetConfiguration": { + "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.ParquetConfiguration", + "markdownDescription": "Contains the configuration information of the Parquet format.", + "title": "ParquetConfiguration" + } + }, + "type": "object" + }, + "AWS::IoTAnalytics::Datastore.IotSiteWiseMultiLayerStorage": { + "additionalProperties": false, + "properties": { + "CustomerManagedS3Storage": { + "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.CustomerManagedS3Storage", + "markdownDescription": "Stores data used by AWS IoT SiteWise in an Amazon S3 bucket that you manage.", + "title": "CustomerManagedS3Storage" + } + }, + "type": "object" + }, + "AWS::IoTAnalytics::Datastore.ParquetConfiguration": { + "additionalProperties": false, + "properties": { + "SchemaDefinition": { + "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.SchemaDefinition", + "markdownDescription": "Information needed to define a schema.", + "title": "SchemaDefinition" + } + }, + "type": "object" + }, + "AWS::IoTAnalytics::Datastore.Partition": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "markdownDescription": "The name of the attribute that defines a partition dimension.", + "title": "AttributeName", + "type": "string" + } + }, + "required": [ + "AttributeName" + ], + "type": "object" + }, + "AWS::IoTAnalytics::Datastore.RetentionPeriod": { + "additionalProperties": false, + "properties": { + "NumberOfDays": { + "markdownDescription": "The number of days that message data is kept. The `unlimited` parameter must be false.", + "title": "NumberOfDays", + "type": "number" + }, + "Unlimited": { + "markdownDescription": "If true, message data is kept indefinitely.", + "title": "Unlimited", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::IoTAnalytics::Datastore.SchemaDefinition": { + "additionalProperties": false, + "properties": { + "Columns": { + "items": { + "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.Column" + }, + "markdownDescription": "Specifies one or more columns that store your data.\n\nEach schema can have up to 100 columns. Each column can have up to 100 nested types.", + "title": "Columns", + "type": "array" + } + }, + "type": "object" + }, + "AWS::IoTAnalytics::Datastore.TimestampPartition": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "markdownDescription": "The attribute name of the partition defined by a timestamp.", + "title": "AttributeName", + "type": "string" + }, + "TimestampFormat": { + "markdownDescription": "The timestamp format of a partition defined by a timestamp. The default format is seconds since epoch (January 1, 1970 at midnight UTC time).", + "title": "TimestampFormat", + "type": "string" + } + }, + "required": [ + "AttributeName" + ], + "type": "object" + }, + "AWS::IoTAnalytics::Pipeline": { "additionalProperties": false, "properties": { "Condition": { @@ -146595,82 +151142,36 @@ "Properties": { "additionalProperties": false, "properties": { - "Beneficiary": { - "markdownDescription": "License beneficiary.", - "title": "Beneficiary", - "type": "string" - }, - "ConsumptionConfiguration": { - "$ref": "#/definitions/AWS::LicenseManager::License.ConsumptionConfiguration", - "markdownDescription": "Configuration for consumption of the license.", - "title": "ConsumptionConfiguration" - }, - "Entitlements": { + "PipelineActivities": { "items": { - "$ref": "#/definitions/AWS::LicenseManager::License.Entitlement" + "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.Activity" }, - "markdownDescription": "License entitlements.", - "title": "Entitlements", + "markdownDescription": "A list of \"PipelineActivity\" objects. Activities perform transformations on your messages, such as removing, renaming or adding message attributes; filtering messages based on attribute values; invoking your Lambda functions on messages for advanced processing; or performing mathematical transformations to normalize device data.\n\nThe list can be 2-25 *PipelineActivity* objects and must contain both a `channel` and a `datastore` activity. Each entry in the list must contain only one activity, for example:\n\n`pipelineActivities = [ { \"channel\": { ... } }, { \"lambda\": { ... } }, ... ]`", + "title": "PipelineActivities", "type": "array" }, - "HomeRegion": { - "markdownDescription": "Home Region of the license.", - "title": "HomeRegion", + "PipelineName": { + "markdownDescription": "The name of the pipeline.", + "title": "PipelineName", "type": "string" }, - "Issuer": { - "$ref": "#/definitions/AWS::LicenseManager::License.IssuerData", - "markdownDescription": "License issuer.", - "title": "Issuer" - }, - "LicenseMetadata": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::LicenseManager::License.Metadata" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "License metadata.", - "title": "LicenseMetadata", + "markdownDescription": "Metadata which can be used to manage the pipeline.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", "type": "array" - }, - "LicenseName": { - "markdownDescription": "License name.", - "title": "LicenseName", - "type": "string" - }, - "ProductName": { - "markdownDescription": "Product name.", - "title": "ProductName", - "type": "string" - }, - "ProductSKU": { - "markdownDescription": "Product SKU.", - "title": "ProductSKU", - "type": "string" - }, - "Status": { - "markdownDescription": "License status.", - "title": "Status", - "type": "string" - }, - "Validity": { - "$ref": "#/definitions/AWS::LicenseManager::License.ValidityDateFormat", - "markdownDescription": "Date and time range during which the license is valid, in ISO8601-UTC format.", - "title": "Validity" } }, "required": [ - "ConsumptionConfiguration", - "Entitlements", - "HomeRegion", - "Issuer", - "LicenseName", - "ProductName", - "Validity" + "PipelineActivities" ], "type": "object" }, "Type": { "enum": [ - "AWS::LicenseManager::License" + "AWS::IoTAnalytics::Pipeline" ], "type": "string" }, @@ -146689,161 +151190,356 @@ ], "type": "object" }, - "AWS::LicenseManager::License.BorrowConfiguration": { + "AWS::IoTAnalytics::Pipeline.Activity": { "additionalProperties": false, "properties": { - "AllowEarlyCheckIn": { - "markdownDescription": "Indicates whether early check-ins are allowed.", - "title": "AllowEarlyCheckIn", - "type": "boolean" + "AddAttributes": { + "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.AddAttributes", + "markdownDescription": "Adds other attributes based on existing attributes in the message.", + "title": "AddAttributes" }, - "MaxTimeToLiveInMinutes": { - "markdownDescription": "Maximum time for the borrow configuration, in minutes.", - "title": "MaxTimeToLiveInMinutes", - "type": "number" + "Channel": { + "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.Channel", + "markdownDescription": "Determines the source of the messages to be processed.", + "title": "Channel" + }, + "Datastore": { + "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.Datastore", + "markdownDescription": "Specifies where to store the processed message data.", + "title": "Datastore" + }, + "DeviceRegistryEnrich": { + "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.DeviceRegistryEnrich", + "markdownDescription": "Adds data from the AWS IoT device registry to your message.", + "title": "DeviceRegistryEnrich" + }, + "DeviceShadowEnrich": { + "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.DeviceShadowEnrich", + "markdownDescription": "Adds information from the AWS IoT Device Shadows service to a message.", + "title": "DeviceShadowEnrich" + }, + "Filter": { + "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.Filter", + "markdownDescription": "Filters a message based on its attributes.", + "title": "Filter" + }, + "Lambda": { + "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.Lambda", + "markdownDescription": "Runs a Lambda function to modify the message.", + "title": "Lambda" + }, + "Math": { + "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.Math", + "markdownDescription": "Computes an arithmetic expression using the message's attributes and adds it to the message.", + "title": "Math" + }, + "RemoveAttributes": { + "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.RemoveAttributes", + "markdownDescription": "Removes attributes from a message.", + "title": "RemoveAttributes" + }, + "SelectAttributes": { + "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.SelectAttributes", + "markdownDescription": "Creates a new message using only the specified attributes from the original message.", + "title": "SelectAttributes" + } + }, + "type": "object" + }, + "AWS::IoTAnalytics::Pipeline.AddAttributes": { + "additionalProperties": false, + "properties": { + "Attributes": { + "additionalProperties": true, + "markdownDescription": "A list of 1-50 \"AttributeNameMapping\" objects that map an existing attribute to a new attribute.\n\n> The existing attributes remain in the message, so if you want to remove the originals, use \"RemoveAttributeActivity\".", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Attributes", + "type": "object" + }, + "Name": { + "markdownDescription": "The name of the 'addAttributes' activity.", + "title": "Name", + "type": "string" + }, + "Next": { + "markdownDescription": "The next activity in the pipeline.", + "title": "Next", + "type": "string" } }, "required": [ - "AllowEarlyCheckIn", - "MaxTimeToLiveInMinutes" + "Attributes", + "Name" ], "type": "object" }, - "AWS::LicenseManager::License.ConsumptionConfiguration": { + "AWS::IoTAnalytics::Pipeline.Channel": { "additionalProperties": false, "properties": { - "BorrowConfiguration": { - "$ref": "#/definitions/AWS::LicenseManager::License.BorrowConfiguration", - "markdownDescription": "Details about a borrow configuration.", - "title": "BorrowConfiguration" + "ChannelName": { + "markdownDescription": "The name of the channel from which the messages are processed.", + "title": "ChannelName", + "type": "string" }, - "ProvisionalConfiguration": { - "$ref": "#/definitions/AWS::LicenseManager::License.ProvisionalConfiguration", - "markdownDescription": "Details about a provisional configuration.", - "title": "ProvisionalConfiguration" + "Name": { + "markdownDescription": "The name of the 'channel' activity.", + "title": "Name", + "type": "string" }, - "RenewType": { - "markdownDescription": "Renewal frequency.", - "title": "RenewType", + "Next": { + "markdownDescription": "The next activity in the pipeline.", + "title": "Next", "type": "string" } }, + "required": [ + "ChannelName", + "Name" + ], "type": "object" }, - "AWS::LicenseManager::License.Entitlement": { + "AWS::IoTAnalytics::Pipeline.Datastore": { "additionalProperties": false, "properties": { - "AllowCheckIn": { - "markdownDescription": "Indicates whether check-ins are allowed.", - "title": "AllowCheckIn", - "type": "boolean" + "DatastoreName": { + "markdownDescription": "The name of the data store where processed messages are stored.", + "title": "DatastoreName", + "type": "string" }, - "MaxCount": { - "markdownDescription": "Maximum entitlement count. Use if the unit is not None.", - "title": "MaxCount", - "type": "number" + "Name": { + "markdownDescription": "The name of the datastore activity.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "DatastoreName", + "Name" + ], + "type": "object" + }, + "AWS::IoTAnalytics::Pipeline.DeviceRegistryEnrich": { + "additionalProperties": false, + "properties": { + "Attribute": { + "markdownDescription": "The name of the attribute that is added to the message.", + "title": "Attribute", + "type": "string" }, "Name": { - "markdownDescription": "Entitlement name.", + "markdownDescription": "The name of the 'deviceRegistryEnrich' activity.", "title": "Name", "type": "string" }, - "Overage": { - "markdownDescription": "Indicates whether overages are allowed.", - "title": "Overage", - "type": "boolean" + "Next": { + "markdownDescription": "The next activity in the pipeline.", + "title": "Next", + "type": "string" }, - "Unit": { - "markdownDescription": "Entitlement unit.", - "title": "Unit", + "RoleArn": { + "markdownDescription": "The ARN of the role that allows access to the device's registry information.", + "title": "RoleArn", "type": "string" }, - "Value": { - "markdownDescription": "Entitlement resource. Use only if the unit is None.", - "title": "Value", + "ThingName": { + "markdownDescription": "The name of the IoT device whose registry information is added to the message.", + "title": "ThingName", "type": "string" } }, "required": [ + "Attribute", "Name", - "Unit" + "RoleArn", + "ThingName" ], "type": "object" }, - "AWS::LicenseManager::License.IssuerData": { + "AWS::IoTAnalytics::Pipeline.DeviceShadowEnrich": { "additionalProperties": false, "properties": { + "Attribute": { + "markdownDescription": "The name of the attribute that is added to the message.", + "title": "Attribute", + "type": "string" + }, "Name": { - "markdownDescription": "Issuer name.", + "markdownDescription": "The name of the 'deviceShadowEnrich' activity.", "title": "Name", "type": "string" }, - "SignKey": { - "markdownDescription": "Asymmetric KMS key from AWS Key Management Service . The KMS key must have a key usage of sign and verify, and support the RSASSA-PSS SHA-256 signing algorithm.", - "title": "SignKey", + "Next": { + "markdownDescription": "The next activity in the pipeline.", + "title": "Next", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the role that allows access to the device's shadow.", + "title": "RoleArn", + "type": "string" + }, + "ThingName": { + "markdownDescription": "The name of the IoT device whose shadow information is added to the message.", + "title": "ThingName", "type": "string" } }, "required": [ - "Name" + "Attribute", + "Name", + "RoleArn", + "ThingName" ], "type": "object" }, - "AWS::LicenseManager::License.Metadata": { + "AWS::IoTAnalytics::Pipeline.Filter": { "additionalProperties": false, "properties": { + "Filter": { + "markdownDescription": "An expression that looks like an SQL WHERE clause that must return a Boolean value.", + "title": "Filter", + "type": "string" + }, "Name": { - "markdownDescription": "The key name.", + "markdownDescription": "The name of the 'filter' activity.", "title": "Name", "type": "string" }, - "Value": { - "markdownDescription": "The value.", - "title": "Value", + "Next": { + "markdownDescription": "The next activity in the pipeline.", + "title": "Next", "type": "string" } }, "required": [ - "Name", - "Value" + "Filter", + "Name" ], "type": "object" }, - "AWS::LicenseManager::License.ProvisionalConfiguration": { + "AWS::IoTAnalytics::Pipeline.Lambda": { "additionalProperties": false, "properties": { - "MaxTimeToLiveInMinutes": { - "markdownDescription": "Maximum time for the provisional configuration, in minutes.", - "title": "MaxTimeToLiveInMinutes", + "BatchSize": { + "markdownDescription": "The number of messages passed to the Lambda function for processing.\n\nThe AWS Lambda function must be able to process all of these messages within five minutes, which is the maximum timeout duration for Lambda functions.", + "title": "BatchSize", "type": "number" + }, + "LambdaName": { + "markdownDescription": "The name of the Lambda function that is run on the message.", + "title": "LambdaName", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the 'lambda' activity.", + "title": "Name", + "type": "string" + }, + "Next": { + "markdownDescription": "The next activity in the pipeline.", + "title": "Next", + "type": "string" } }, "required": [ - "MaxTimeToLiveInMinutes" + "BatchSize", + "LambdaName", + "Name" ], "type": "object" }, - "AWS::LicenseManager::License.ValidityDateFormat": { + "AWS::IoTAnalytics::Pipeline.Math": { "additionalProperties": false, "properties": { - "Begin": { - "markdownDescription": "Start of the time range.", - "title": "Begin", + "Attribute": { + "markdownDescription": "The name of the attribute that contains the result of the math operation.", + "title": "Attribute", "type": "string" }, - "End": { - "markdownDescription": "End of the time range.", - "title": "End", + "Math": { + "markdownDescription": "An expression that uses one or more existing attributes and must return an integer value.", + "title": "Math", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the 'math' activity.", + "title": "Name", + "type": "string" + }, + "Next": { + "markdownDescription": "The next activity in the pipeline.", + "title": "Next", "type": "string" } }, "required": [ - "Begin", - "End" + "Attribute", + "Math", + "Name" ], "type": "object" }, - "AWS::Lightsail::Alarm": { + "AWS::IoTAnalytics::Pipeline.RemoveAttributes": { + "additionalProperties": false, + "properties": { + "Attributes": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of 1-50 attributes to remove from the message.", + "title": "Attributes", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the 'removeAttributes' activity.", + "title": "Name", + "type": "string" + }, + "Next": { + "markdownDescription": "The next activity in the pipeline.", + "title": "Next", + "type": "string" + } + }, + "required": [ + "Attributes", + "Name" + ], + "type": "object" + }, + "AWS::IoTAnalytics::Pipeline.SelectAttributes": { + "additionalProperties": false, + "properties": { + "Attributes": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the attributes to select from the message.", + "title": "Attributes", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the 'selectAttributes' activity.", + "title": "Name", + "type": "string" + }, + "Next": { + "markdownDescription": "The next activity in the pipeline.", + "title": "Next", + "type": "string" + } + }, + "required": [ + "Attributes", + "Name" + ], + "type": "object" + }, + "AWS::IoTCoreDeviceAdvisor::SuiteDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -146878,81 +151574,28 @@ "Properties": { "additionalProperties": false, "properties": { - "AlarmName": { - "markdownDescription": "The name of the alarm.", - "title": "AlarmName", - "type": "string" - }, - "ComparisonOperator": { - "markdownDescription": "The arithmetic operation to use when comparing the specified statistic and threshold.", - "title": "ComparisonOperator", - "type": "string" - }, - "ContactProtocols": { - "items": { - "type": "string" - }, - "markdownDescription": "The contact protocols for the alarm, such as `Email` , `SMS` (text messaging), or both.\n\n*Allowed Values* : `Email` | `SMS`", - "title": "ContactProtocols", - "type": "array" - }, - "DatapointsToAlarm": { - "markdownDescription": "The number of data points within the evaluation periods that must be breaching to cause the alarm to go to the `ALARM` state.", - "title": "DatapointsToAlarm", - "type": "number" - }, - "EvaluationPeriods": { - "markdownDescription": "The number of periods over which data is compared to the specified threshold.", - "title": "EvaluationPeriods", - "type": "number" - }, - "MetricName": { - "markdownDescription": "The name of the metric associated with the alarm.", - "title": "MetricName", - "type": "string" - }, - "MonitoredResourceName": { - "markdownDescription": "The name of the Lightsail resource that the alarm monitors.", - "title": "MonitoredResourceName", - "type": "string" - }, - "NotificationEnabled": { - "markdownDescription": "A Boolean value indicating whether the alarm is enabled.", - "title": "NotificationEnabled", - "type": "boolean" + "SuiteDefinitionConfiguration": { + "$ref": "#/definitions/AWS::IoTCoreDeviceAdvisor::SuiteDefinition.SuiteDefinitionConfiguration", + "markdownDescription": "The configuration of the Suite Definition. Listed below are the required elements of the `SuiteDefinitionConfiguration` .\n\n- ***devicePermissionRoleArn*** - The device permission arn.\n\nThis is a required element.\n\n*Type:* String\n- ***devices*** - The list of configured devices under test. For more information on devices under test, see [DeviceUnderTest](https://docs.aws.amazon.com/iot/latest/apireference/API_iotdeviceadvisor_DeviceUnderTest.html)\n\nNot a required element.\n\n*Type:* List of devices under test\n- ***intendedForQualification*** - The tests intended for qualification in a suite.\n\nNot a required element.\n\n*Type:* Boolean\n- ***rootGroup*** - The test suite root group. For more information on creating and using root groups see the [Device Advisor workflow](https://docs.aws.amazon.com/iot/latest/developerguide/device-advisor-workflow.html) .\n\nThis is a required element.\n\n*Type:* String\n- ***suiteDefinitionName*** - The Suite Definition Configuration name.\n\nThis is a required element.\n\n*Type:* String", + "title": "SuiteDefinitionConfiguration" }, - "NotificationTriggers": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The alarm states that trigger a notification.\n\n> To specify the `OK` and `INSUFFICIENT_DATA` values, you must also specify `ContactProtocols` values. Otherwise, the `OK` and `INSUFFICIENT_DATA` values will not take effect and the stack will drift. \n\n*Allowed Values* : `OK` | `ALARM` | `INSUFFICIENT_DATA`", - "title": "NotificationTriggers", + "markdownDescription": "Metadata that can be used to manage the the Suite Definition.", + "title": "Tags", "type": "array" - }, - "Threshold": { - "markdownDescription": "The value against which the specified statistic is compared.", - "title": "Threshold", - "type": "number" - }, - "TreatMissingData": { - "markdownDescription": "Specifies how the alarm handles missing data points.\n\nAn alarm can treat missing data in the following ways:\n\n- `breaching` - Assumes the missing data is not within the threshold. Missing data counts towards the number of times that the metric is not within the threshold.\n- `notBreaching` - Assumes the missing data is within the threshold. Missing data does not count towards the number of times that the metric is not within the threshold.\n- `ignore` - Ignores the missing data. Maintains the current alarm state.\n- `missing` - Missing data is treated as missing.", - "title": "TreatMissingData", - "type": "string" } }, "required": [ - "AlarmName", - "ComparisonOperator", - "EvaluationPeriods", - "MetricName", - "MonitoredResourceName", - "Threshold" + "SuiteDefinitionConfiguration" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lightsail::Alarm" + "AWS::IoTCoreDeviceAdvisor::SuiteDefinition" ], "type": "string" }, @@ -146971,130 +151614,61 @@ ], "type": "object" }, - "AWS::Lightsail::Bucket": { + "AWS::IoTCoreDeviceAdvisor::SuiteDefinition.DeviceUnderTest": { "additionalProperties": false, "properties": { - "Condition": { + "CertificateArn": { + "markdownDescription": "Lists device's certificate ARN.", + "title": "CertificateArn", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ThingArn": { + "markdownDescription": "Lists device's thing ARN.", + "title": "ThingArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoTCoreDeviceAdvisor::SuiteDefinition.SuiteDefinitionConfiguration": { + "additionalProperties": false, + "properties": { + "DevicePermissionRoleArn": { + "markdownDescription": "Gets the device permission ARN. This is a required parameter.", + "title": "DevicePermissionRoleArn", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AccessRules": { - "$ref": "#/definitions/AWS::Lightsail::Bucket.AccessRules", - "markdownDescription": "An object that describes the access rules for the bucket.", - "title": "AccessRules" - }, - "BucketName": { - "markdownDescription": "The name of the bucket.", - "title": "BucketName", - "type": "string" - }, - "BundleId": { - "markdownDescription": "The bundle ID for the bucket (for example, `small_1_0` ).\n\nA bucket bundle specifies the monthly cost, storage space, and data transfer quota for a bucket.", - "title": "BundleId", - "type": "string" - }, - "ObjectVersioning": { - "markdownDescription": "Indicates whether object versioning is enabled for the bucket.\n\nThe following options can be configured:\n\n- `Enabled` - Object versioning is enabled.\n- `Suspended` - Object versioning was previously enabled but is currently suspended. Existing object versions are retained.\n- `NeverEnabled` - Object versioning has never been enabled.", - "title": "ObjectVersioning", - "type": "boolean" - }, - "ReadOnlyAccessAccounts": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of AWS account IDs that have read-only access to the bucket.", - "title": "ReadOnlyAccessAccounts", - "type": "array" - }, - "ResourcesReceivingAccess": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of Lightsail instances that have access to the bucket.", - "title": "ResourcesReceivingAccess", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", - "title": "Tags", - "type": "array" - } + "Devices": { + "items": { + "$ref": "#/definitions/AWS::IoTCoreDeviceAdvisor::SuiteDefinition.DeviceUnderTest" }, - "required": [ - "BucketName", - "BundleId" - ], - "type": "object" + "markdownDescription": "Gets the devices configured.", + "title": "Devices", + "type": "array" }, - "Type": { - "enum": [ - "AWS::Lightsail::Bucket" - ], + "IntendedForQualification": { + "markdownDescription": "Gets the tests intended for qualification in a suite.", + "title": "IntendedForQualification", + "type": "boolean" + }, + "RootGroup": { + "markdownDescription": "Gets the test suite root group. This is a required parameter. For updating or creating the latest qualification suite, if `intendedForQualification` is set to true, `rootGroup` can be an empty string. If `intendedForQualification` is false, `rootGroup` cannot be an empty string. If `rootGroup` is empty, and `intendedForQualification` is set to true, all the qualification tests are included, and the configuration is default.\n\nFor a qualification suite, the minimum length is 0, and the maximum is 2048. For a non-qualification suite, the minimum length is 1, and the maximum is 2048.", + "title": "RootGroup", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SuiteDefinitionName": { + "markdownDescription": "Gets the suite definition name. This is a required parameter.", + "title": "SuiteDefinitionName", "type": "string" } }, "required": [ - "Type", - "Properties" + "DevicePermissionRoleArn", + "RootGroup" ], "type": "object" }, - "AWS::Lightsail::Bucket.AccessRules": { - "additionalProperties": false, - "properties": { - "AllowPublicOverrides": { - "markdownDescription": "A Boolean value indicating whether the access control list (ACL) permissions that are applied to individual objects override the `GetObject` option that is currently specified.\n\nWhen this is true, you can use the [PutObjectAcl](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectAcl.html) Amazon S3 API operation to set individual objects to public (read-only) or private, using either the `public-read` ACL or the `private` ACL.", - "title": "AllowPublicOverrides", - "type": "boolean" - }, - "GetObject": { - "markdownDescription": "Specifies the anonymous access to all objects in a bucket.\n\nThe following options can be specified:\n\n- `public` - Sets all objects in the bucket to public (read-only), making them readable by everyone on the internet.\n\nIf the `GetObject` value is set to `public` , then all objects in the bucket default to public regardless of the `allowPublicOverrides` value.\n- `private` - Sets all objects in the bucket to private, making them readable only by you and anyone that you grant access to.\n\nIf the `GetObject` value is set to `private` , and the `allowPublicOverrides` value is set to `true` , then all objects in the bucket default to private unless they are configured with a `public-read` ACL. Individual objects with a `public-read` ACL are readable by everyone on the internet.", - "title": "GetObject", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Lightsail::Certificate": { + "AWS::IoTEvents::AlarmModel": { "additionalProperties": false, "properties": { "Condition": { @@ -147129,42 +151703,64 @@ "Properties": { "additionalProperties": false, "properties": { - "CertificateName": { - "markdownDescription": "The name of the certificate.", - "title": "CertificateName", + "AlarmCapabilities": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AlarmCapabilities", + "markdownDescription": "Contains the configuration information of alarm state changes.", + "title": "AlarmCapabilities" + }, + "AlarmEventActions": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AlarmEventActions", + "markdownDescription": "Contains information about one or more alarm actions.", + "title": "AlarmEventActions" + }, + "AlarmModelDescription": { + "markdownDescription": "The description of the alarm model.", + "title": "AlarmModelDescription", "type": "string" }, - "DomainName": { - "markdownDescription": "The domain name of the certificate.", - "title": "DomainName", + "AlarmModelName": { + "markdownDescription": "The name of the alarm model.", + "title": "AlarmModelName", "type": "string" }, - "SubjectAlternativeNames": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of strings that specify the alternate domains (such as `example.org` ) and subdomains (such as `blog.example.com` ) of the certificate.", - "title": "SubjectAlternativeNames", - "type": "array" + "AlarmRule": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AlarmRule", + "markdownDescription": "Defines when your alarm is invoked.", + "title": "AlarmRule" + }, + "Key": { + "markdownDescription": "An input attribute used as a key to create an alarm. AWS IoT Events routes [inputs](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Input.html) associated with this key to the alarm.", + "title": "Key", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that allows the alarm to perform actions and access AWS resources. For more information, see [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* .", + "title": "RoleArn", + "type": "string" + }, + "Severity": { + "markdownDescription": "A non-negative integer that reflects the severity level of the alarm.", + "title": "Severity", + "type": "number" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", + "markdownDescription": "A list of key-value pairs that contain metadata for the alarm model. The tags help you manage the alarm model. For more information, see [Tagging your AWS IoT Events resources](https://docs.aws.amazon.com/iotevents/latest/developerguide/tagging-iotevents.html) in the *AWS IoT Events Developer Guide* .\n\nYou can create up to 50 tags for one alarm model.", "title": "Tags", "type": "array" } }, "required": [ - "CertificateName", - "DomainName" + "AlarmRule", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lightsail::Certificate" + "AWS::IoTEvents::AlarmModel" ], "type": "string" }, @@ -147183,504 +151779,474 @@ ], "type": "object" }, - "AWS::Lightsail::Container": { + "AWS::IoTEvents::AlarmModel.AcknowledgeFlow": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Enabled": { + "markdownDescription": "The value must be `TRUE` or `FALSE` . If `TRUE` , you receive a notification when the alarm state changes. You must choose to acknowledge the notification before the alarm state can return to `NORMAL` . If `FALSE` , you won't receive notifications. The alarm automatically changes to the `NORMAL` state when the input property value returns to the specified range.", + "title": "Enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::IoTEvents::AlarmModel.AlarmAction": { + "additionalProperties": false, + "properties": { + "DynamoDB": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.DynamoDB", + "markdownDescription": "Defines an action to write to the Amazon DynamoDB table that you created. The standard action payload contains all the information about the detector model instance and the event that triggered the action. You can customize the [payload](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Payload.html) . One column of the DynamoDB table receives all attribute-value pairs in the payload that you specify.\n\nYou must use expressions for all parameters in `DynamoDBAction` . The expressions accept literals, operators, functions, references, and substitution templates.\n\n**Examples** - For literal values, the expressions must contain single quotes. For example, the value for the `hashKeyType` parameter can be `'STRING'` .\n- For references, you must specify either variables or input values. For example, the value for the `hashKeyField` parameter can be `$input.GreenhouseInput.name` .\n- For a substitution template, you must use `${}` , and the template must be in single quotes. A substitution template can also contain a combination of literals, operators, functions, references, and substitution templates.\n\nIn the following example, the value for the `hashKeyValue` parameter uses a substitution template.\n\n`'${$input.GreenhouseInput.temperature * 6 / 5 + 32} in Fahrenheit'`\n- For a string concatenation, you must use `+` . A string concatenation can also contain a combination of literals, operators, functions, references, and substitution templates.\n\nIn the following example, the value for the `tableName` parameter uses a string concatenation.\n\n`'GreenhouseTemperatureTable ' + $input.GreenhouseInput.date`\n\nFor more information, see [Expressions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-expressions.html) in the *AWS IoT Events Developer Guide* .\n\nIf the defined payload type is a string, `DynamoDBAction` writes non-JSON data to the DynamoDB table as binary data. The DynamoDB console displays the data as Base64-encoded text. The value for the `payloadField` parameter is `_raw` .", + "title": "DynamoDB" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "DynamoDBv2": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.DynamoDBv2", + "markdownDescription": "Defines an action to write to the Amazon DynamoDB table that you created. The default action payload contains all the information about the detector model instance and the event that triggered the action. You can customize the [payload](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Payload.html) . A separate column of the DynamoDB table receives one attribute-value pair in the payload that you specify.\n\nYou must use expressions for all parameters in `DynamoDBv2Action` . The expressions accept literals, operators, functions, references, and substitution templates.\n\n**Examples** - For literal values, the expressions must contain single quotes. For example, the value for the `tableName` parameter can be `'GreenhouseTemperatureTable'` .\n- For references, you must specify either variables or input values. For example, the value for the `tableName` parameter can be `$variable.ddbtableName` .\n- For a substitution template, you must use `${}` , and the template must be in single quotes. A substitution template can also contain a combination of literals, operators, functions, references, and substitution templates.\n\nIn the following example, the value for the `contentExpression` parameter in `Payload` uses a substitution template.\n\n`'{\\\"sensorID\\\": \\\"${$input.GreenhouseInput.sensor_id}\\\", \\\"temperature\\\": \\\"${$input.GreenhouseInput.temperature * 9 / 5 + 32}\\\"}'`\n- For a string concatenation, you must use `+` . A string concatenation can also contain a combination of literals, operators, functions, references, and substitution templates.\n\nIn the following example, the value for the `tableName` parameter uses a string concatenation.\n\n`'GreenhouseTemperatureTable ' + $input.GreenhouseInput.date`\n\nFor more information, see [Expressions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-expressions.html) in the *AWS IoT Events Developer Guide* .\n\nThe value for the `type` parameter in `Payload` must be `JSON` .", + "title": "DynamoDBv2" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Firehose": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Firehose", + "markdownDescription": "Sends information about the detector model instance and the event that triggered the action to an Amazon Kinesis Data Firehose delivery stream.", + "title": "Firehose" }, - "Metadata": { - "type": "object" + "IotEvents": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.IotEvents", + "markdownDescription": "Sends an AWS IoT Events input, passing in information about the detector model instance and the event that triggered the action.", + "title": "IotEvents" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ContainerServiceDeployment": { - "$ref": "#/definitions/AWS::Lightsail::Container.ContainerServiceDeployment", - "markdownDescription": "An object that describes the current container deployment of the container service.", - "title": "ContainerServiceDeployment" - }, - "IsDisabled": { - "markdownDescription": "A Boolean value indicating whether the container service is disabled.", - "title": "IsDisabled", - "type": "boolean" - }, - "Power": { - "markdownDescription": "The power specification of the container service.\n\nThe power specifies the amount of RAM, the number of vCPUs, and the base price of the container service.", - "title": "Power", - "type": "string" - }, - "PrivateRegistryAccess": { - "$ref": "#/definitions/AWS::Lightsail::Container.PrivateRegistryAccess", - "markdownDescription": "An object that describes the configuration for the container service to access private container image repositories, such as Amazon Elastic Container Registry ( Amazon ECR ) private repositories.\n\nFor more information, see [Configuring access to an Amazon ECR private repository for an Amazon Lightsail container service](https://docs.aws.amazon.com/lightsail/latest/userguide/amazon-lightsail-container-service-ecr-private-repo-access) in the *Amazon Lightsail Developer Guide* .", - "title": "PrivateRegistryAccess" - }, - "PublicDomainNames": { - "items": { - "$ref": "#/definitions/AWS::Lightsail::Container.PublicDomainName" - }, - "markdownDescription": "The public domain name of the container service, such as `example.com` and `www.example.com` .\n\nYou can specify up to four public domain names for a container service. The domain names that you specify are used when you create a deployment with a container that is configured as the public endpoint of your container service.\n\nIf you don't specify public domain names, then you can use the default domain of the container service.\n\n> You must create and validate an SSL/TLS certificate before you can use public domain names with your container service. Use the [AWS::Lightsail::Certificate](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lightsail-certificate.html) resource to create a certificate for the public domain names that you want to use with your container service.", - "title": "PublicDomainNames", - "type": "array" - }, - "Scale": { - "markdownDescription": "The scale specification of the container service.\n\nThe scale specifies the allocated compute nodes of the container service.", - "title": "Scale", - "type": "number" - }, - "ServiceName": { - "markdownDescription": "The name of the container service.", - "title": "ServiceName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Power", - "Scale", - "ServiceName" - ], - "type": "object" + "IotSiteWise": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.IotSiteWise", + "markdownDescription": "Sends information about the detector model instance and the event that triggered the action to a specified asset property in AWS IoT SiteWise .\n\nYou must use expressions for all parameters in `IotSiteWiseAction` . The expressions accept literals, operators, functions, references, and substitutions templates.\n\n**Examples** - For literal values, the expressions must contain single quotes. For example, the value for the `propertyAlias` parameter can be `'/company/windfarm/3/turbine/7/temperature'` .\n- For references, you must specify either variables or input values. For example, the value for the `assetId` parameter can be `$input.TurbineInput.assetId1` .\n- For a substitution template, you must use `${}` , and the template must be in single quotes. A substitution template can also contain a combination of literals, operators, functions, references, and substitution templates.\n\nIn the following example, the value for the `propertyAlias` parameter uses a substitution template.\n\n`'company/windfarm/${$input.TemperatureInput.sensorData.windfarmID}/turbine/ ${$input.TemperatureInput.sensorData.turbineID}/temperature'`\n\nYou must specify either `propertyAlias` or both `assetId` and `propertyId` to identify the target asset property in AWS IoT SiteWise .\n\nFor more information, see [Expressions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-expressions.html) in the *AWS IoT Events Developer Guide* .", + "title": "IotSiteWise" }, - "Type": { - "enum": [ - "AWS::Lightsail::Container" - ], - "type": "string" + "IotTopicPublish": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.IotTopicPublish", + "markdownDescription": "Information required to publish the MQTT message through the AWS IoT message broker.", + "title": "IotTopicPublish" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Lambda": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Lambda", + "markdownDescription": "Calls a Lambda function, passing in information about the detector model instance and the event that triggered the action.", + "title": "Lambda" + }, + "Sns": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Sns", + "markdownDescription": "Information required to publish the Amazon SNS message.", + "title": "Sns" + }, + "Sqs": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Sqs", + "markdownDescription": "Sends information about the detector model instance and the event that triggered the action to an Amazon SQS queue.", + "title": "Sqs" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Lightsail::Container.Container": { + "AWS::IoTEvents::AlarmModel.AlarmCapabilities": { "additionalProperties": false, "properties": { - "Command": { - "items": { - "type": "string" - }, - "markdownDescription": "The launch command for the container.", - "title": "Command", - "type": "array" - }, - "ContainerName": { - "markdownDescription": "The name of the container.", - "title": "ContainerName", - "type": "string" - }, - "Environment": { - "items": { - "$ref": "#/definitions/AWS::Lightsail::Container.EnvironmentVariable" - }, - "markdownDescription": "The environment variables of the container.", - "title": "Environment", - "type": "array" - }, - "Image": { - "markdownDescription": "The name of the image used for the container.\n\nContainer images that are sourced from (registered and stored on) your container service start with a colon ( `:` ). For example, if your container service name is `container-service-1` , the container image label is `mystaticsite` , and you want to use the third version ( `3` ) of the registered container image, then you should specify `:container-service-1.mystaticsite.3` . To use the latest version of a container image, specify `latest` instead of a version number (for example, `:container-service-1.mystaticsite.latest` ). Your container service will automatically use the highest numbered version of the registered container image.\n\nContainer images that are sourced from a public registry like Docker Hub don\u2019t start with a colon. For example, `nginx:latest` or `nginx` .", - "title": "Image", - "type": "string" + "AcknowledgeFlow": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AcknowledgeFlow", + "markdownDescription": "Specifies whether to get notified for alarm state changes.", + "title": "AcknowledgeFlow" }, - "Ports": { - "items": { - "$ref": "#/definitions/AWS::Lightsail::Container.PortInfo" - }, - "markdownDescription": "An object that describes the open firewall ports and protocols of the container.", - "title": "Ports", - "type": "array" + "InitializationConfiguration": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.InitializationConfiguration", + "markdownDescription": "Specifies the default alarm state. The configuration applies to all alarms that were created based on this alarm model.", + "title": "InitializationConfiguration" } }, "type": "object" }, - "AWS::Lightsail::Container.ContainerServiceDeployment": { + "AWS::IoTEvents::AlarmModel.AlarmEventActions": { "additionalProperties": false, "properties": { - "Containers": { + "AlarmActions": { "items": { - "$ref": "#/definitions/AWS::Lightsail::Container.Container" + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AlarmAction" }, - "markdownDescription": "An object that describes the configuration for the containers of the deployment.", - "title": "Containers", + "markdownDescription": "Specifies one or more supported actions to receive notifications when the alarm state changes.", + "title": "AlarmActions", "type": "array" - }, - "PublicEndpoint": { - "$ref": "#/definitions/AWS::Lightsail::Container.PublicEndpoint", - "markdownDescription": "An object that describes the endpoint of the deployment.", - "title": "PublicEndpoint" } }, "type": "object" }, - "AWS::Lightsail::Container.EcrImagePullerRole": { + "AWS::IoTEvents::AlarmModel.AlarmRule": { "additionalProperties": false, "properties": { - "IsActive": { - "markdownDescription": "A boolean value that indicates whether the `ECRImagePullerRole` is active.", - "title": "IsActive", - "type": "boolean" + "SimpleRule": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.SimpleRule", + "markdownDescription": "A rule that compares an input property value to a threshold value with a comparison operator.", + "title": "SimpleRule" + } + }, + "type": "object" + }, + "AWS::IoTEvents::AlarmModel.AssetPropertyTimestamp": { + "additionalProperties": false, + "properties": { + "OffsetInNanos": { + "markdownDescription": "The nanosecond offset converted from `timeInSeconds` . The valid range is between 0-999999999.", + "title": "OffsetInNanos", + "type": "string" }, - "PrincipalArn": { - "markdownDescription": "The principle Amazon Resource Name (ARN) of the role. This property is read-only.", - "title": "PrincipalArn", + "TimeInSeconds": { + "markdownDescription": "The timestamp, in seconds, in the Unix epoch format. The valid range is between 1-31556889864403199.", + "title": "TimeInSeconds", "type": "string" } }, + "required": [ + "TimeInSeconds" + ], "type": "object" }, - "AWS::Lightsail::Container.EnvironmentVariable": { + "AWS::IoTEvents::AlarmModel.AssetPropertyValue": { "additionalProperties": false, "properties": { + "Quality": { + "markdownDescription": "The quality of the asset property value. The value must be `'GOOD'` , `'BAD'` , or `'UNCERTAIN'` .", + "title": "Quality", + "type": "string" + }, + "Timestamp": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AssetPropertyTimestamp", + "markdownDescription": "The timestamp associated with the asset property value. The default is the current event time.", + "title": "Timestamp" + }, "Value": { - "markdownDescription": "The environment variable value.", - "title": "Value", + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AssetPropertyVariant", + "markdownDescription": "The value to send to an asset property.", + "title": "Value" + } + }, + "required": [ + "Value" + ], + "type": "object" + }, + "AWS::IoTEvents::AlarmModel.AssetPropertyVariant": { + "additionalProperties": false, + "properties": { + "BooleanValue": { + "markdownDescription": "The asset property value is a Boolean value that must be `'TRUE'` or `'FALSE'` . You must use an expression, and the evaluated result should be a Boolean value.", + "title": "BooleanValue", "type": "string" }, - "Variable": { - "markdownDescription": "The environment variable key.", - "title": "Variable", + "DoubleValue": { + "markdownDescription": "The asset property value is a double. You must use an expression, and the evaluated result should be a double.", + "title": "DoubleValue", + "type": "string" + }, + "IntegerValue": { + "markdownDescription": "The asset property value is an integer. You must use an expression, and the evaluated result should be an integer.", + "title": "IntegerValue", + "type": "string" + }, + "StringValue": { + "markdownDescription": "The asset property value is a string. You must use an expression, and the evaluated result should be a string.", + "title": "StringValue", "type": "string" } }, "type": "object" }, - "AWS::Lightsail::Container.HealthCheckConfig": { + "AWS::IoTEvents::AlarmModel.DynamoDB": { "additionalProperties": false, "properties": { - "HealthyThreshold": { - "markdownDescription": "The number of consecutive health check successes required before moving the container to the `Healthy` state. The default value is `2` .", - "title": "HealthyThreshold", - "type": "number" + "HashKeyField": { + "markdownDescription": "The name of the hash key (also called the partition key). The `hashKeyField` value must match the partition key of the target DynamoDB table.", + "title": "HashKeyField", + "type": "string" }, - "IntervalSeconds": { - "markdownDescription": "The approximate interval, in seconds, between health checks of an individual container. You can specify between `5` and `300` seconds. The default value is `5` .", - "title": "IntervalSeconds", - "type": "number" + "HashKeyType": { + "markdownDescription": "The data type for the hash key (also called the partition key). You can specify the following values:\n\n- `'STRING'` - The hash key is a string.\n- `'NUMBER'` - The hash key is a number.\n\nIf you don't specify `hashKeyType` , the default value is `'STRING'` .", + "title": "HashKeyType", + "type": "string" }, - "Path": { - "markdownDescription": "The path on the container on which to perform the health check. The default value is `/` .", - "title": "Path", + "HashKeyValue": { + "markdownDescription": "The value of the hash key (also called the partition key).", + "title": "HashKeyValue", "type": "string" }, - "SuccessCodes": { - "markdownDescription": "The HTTP codes to use when checking for a successful response from a container. You can specify values between `200` and `499` . You can specify multiple values (for example, `200,202` ) or a range of values (for example, `200-299` ).", - "title": "SuccessCodes", + "Operation": { + "markdownDescription": "The type of operation to perform. You can specify the following values:\n\n- `'INSERT'` - Insert data as a new item into the DynamoDB table. This item uses the specified hash key as a partition key. If you specified a range key, the item uses the range key as a sort key.\n- `'UPDATE'` - Update an existing item of the DynamoDB table with new data. This item's partition key must match the specified hash key. If you specified a range key, the range key must match the item's sort key.\n- `'DELETE'` - Delete an existing item of the DynamoDB table. This item's partition key must match the specified hash key. If you specified a range key, the range key must match the item's sort key.\n\nIf you don't specify this parameter, AWS IoT Events triggers the `'INSERT'` operation.", + "title": "Operation", "type": "string" }, - "TimeoutSeconds": { - "markdownDescription": "The amount of time, in seconds, during which no response means a failed health check. You can specify between `2` and `60` seconds. The default value is `2` .", - "title": "TimeoutSeconds", - "type": "number" + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", + "markdownDescription": "Information needed to configure the payload.\n\nBy default, AWS IoT Events generates a standard payload in JSON for any action. This action payload contains all attribute-value pairs that have the information about the detector model instance and the event triggered the action. To configure the action payload, you can use `contentExpression` .", + "title": "Payload" }, - "UnhealthyThreshold": { - "markdownDescription": "The number of consecutive health check failures required before moving the container to the `Unhealthy` state. The default value is `2` .", - "title": "UnhealthyThreshold", - "type": "number" + "PayloadField": { + "markdownDescription": "The name of the DynamoDB column that receives the action payload.\n\nIf you don't specify this parameter, the name of the DynamoDB column is `payload` .", + "title": "PayloadField", + "type": "string" + }, + "RangeKeyField": { + "markdownDescription": "The name of the range key (also called the sort key). The `rangeKeyField` value must match the sort key of the target DynamoDB table.", + "title": "RangeKeyField", + "type": "string" + }, + "RangeKeyType": { + "markdownDescription": "The data type for the range key (also called the sort key), You can specify the following values:\n\n- `'STRING'` - The range key is a string.\n- `'NUMBER'` - The range key is number.\n\nIf you don't specify `rangeKeyField` , the default value is `'STRING'` .", + "title": "RangeKeyType", + "type": "string" + }, + "RangeKeyValue": { + "markdownDescription": "The value of the range key (also called the sort key).", + "title": "RangeKeyValue", + "type": "string" + }, + "TableName": { + "markdownDescription": "The name of the DynamoDB table. The `tableName` value must match the table name of the target DynamoDB table.", + "title": "TableName", + "type": "string" } }, + "required": [ + "HashKeyField", + "HashKeyValue", + "TableName" + ], "type": "object" }, - "AWS::Lightsail::Container.PortInfo": { + "AWS::IoTEvents::AlarmModel.DynamoDBv2": { "additionalProperties": false, "properties": { - "Port": { - "markdownDescription": "The open firewall ports of the container.", - "title": "Port", + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", + "markdownDescription": "Information needed to configure the payload.\n\nBy default, AWS IoT Events generates a standard payload in JSON for any action. This action payload contains all attribute-value pairs that have the information about the detector model instance and the event triggered the action. To configure the action payload, you can use `contentExpression` .", + "title": "Payload" + }, + "TableName": { + "markdownDescription": "The name of the DynamoDB table.", + "title": "TableName", + "type": "string" + } + }, + "required": [ + "TableName" + ], + "type": "object" + }, + "AWS::IoTEvents::AlarmModel.Firehose": { + "additionalProperties": false, + "properties": { + "DeliveryStreamName": { + "markdownDescription": "The name of the Kinesis Data Firehose delivery stream where the data is written.", + "title": "DeliveryStreamName", "type": "string" }, - "Protocol": { - "markdownDescription": "The protocol name for the open ports.\n\n*Allowed values* : `HTTP` | `HTTPS` | `TCP` | `UDP`", - "title": "Protocol", + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", + "markdownDescription": "You can configure the action payload when you send a message to an Amazon Data Firehose delivery stream.", + "title": "Payload" + }, + "Separator": { + "markdownDescription": "A character separator that is used to separate records written to the Kinesis Data Firehose delivery stream. Valid values are: '\\n' (newline), '\\t' (tab), '\\r\\n' (Windows newline), ',' (comma).", + "title": "Separator", "type": "string" } }, + "required": [ + "DeliveryStreamName" + ], "type": "object" }, - "AWS::Lightsail::Container.PrivateRegistryAccess": { + "AWS::IoTEvents::AlarmModel.InitializationConfiguration": { "additionalProperties": false, "properties": { - "EcrImagePullerRole": { - "$ref": "#/definitions/AWS::Lightsail::Container.EcrImagePullerRole", - "markdownDescription": "An object that describes the activation status of the role that you can use to grant a Lightsail container service access to Amazon ECR private repositories. If the role is activated, the Amazon Resource Name (ARN) of the role is also listed.", - "title": "EcrImagePullerRole" + "DisabledOnInitialization": { + "markdownDescription": "The value must be `TRUE` or `FALSE` . If `FALSE` , all alarm instances created based on the alarm model are activated. The default value is `TRUE` .", + "title": "DisabledOnInitialization", + "type": "boolean" } }, + "required": [ + "DisabledOnInitialization" + ], "type": "object" }, - "AWS::Lightsail::Container.PublicDomainName": { + "AWS::IoTEvents::AlarmModel.IotEvents": { "additionalProperties": false, "properties": { - "CertificateName": { - "markdownDescription": "The name of the certificate for the public domains.", - "title": "CertificateName", + "InputName": { + "markdownDescription": "The name of the AWS IoT Events input where the data is sent.", + "title": "InputName", "type": "string" }, - "DomainNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The public domain names to use with the container service.", - "title": "DomainNames", - "type": "array" + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", + "markdownDescription": "You can configure the action payload when you send a message to an AWS IoT Events input.", + "title": "Payload" } }, + "required": [ + "InputName" + ], "type": "object" }, - "AWS::Lightsail::Container.PublicEndpoint": { + "AWS::IoTEvents::AlarmModel.IotSiteWise": { "additionalProperties": false, "properties": { - "ContainerName": { - "markdownDescription": "The name of the container entry of the deployment that the endpoint configuration applies to.", - "title": "ContainerName", + "AssetId": { + "markdownDescription": "The ID of the asset that has the specified property.", + "title": "AssetId", "type": "string" }, - "ContainerPort": { - "markdownDescription": "The port of the specified container to which traffic is forwarded to.", - "title": "ContainerPort", - "type": "number" + "EntryId": { + "markdownDescription": "A unique identifier for this entry. You can use the entry ID to track which data entry causes an error in case of failure. The default is a new unique identifier.", + "title": "EntryId", + "type": "string" }, - "HealthCheckConfig": { - "$ref": "#/definitions/AWS::Lightsail::Container.HealthCheckConfig", - "markdownDescription": "An object that describes the health check configuration of the container.", - "title": "HealthCheckConfig" + "PropertyAlias": { + "markdownDescription": "The alias of the asset property.", + "title": "PropertyAlias", + "type": "string" + }, + "PropertyId": { + "markdownDescription": "The ID of the asset property.", + "title": "PropertyId", + "type": "string" + }, + "PropertyValue": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AssetPropertyValue", + "markdownDescription": "The value to send to the asset property. This value contains timestamp, quality, and value (TQV) information.", + "title": "PropertyValue" } }, "type": "object" }, - "AWS::Lightsail::Database": { + "AWS::IoTEvents::AlarmModel.IotTopicPublish": { "additionalProperties": false, "properties": { - "Condition": { + "MqttTopic": { + "markdownDescription": "The MQTT topic of the message. You can use a string expression that includes variables ( `$variable.` ) and input values ( `$input..` ) as the topic string.", + "title": "MqttTopic", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", + "markdownDescription": "You can configure the action payload when you publish a message to an AWS IoT Core topic.", + "title": "Payload" + } + }, + "required": [ + "MqttTopic" + ], + "type": "object" + }, + "AWS::IoTEvents::AlarmModel.Lambda": { + "additionalProperties": false, + "properties": { + "FunctionArn": { + "markdownDescription": "The ARN of the Lambda function that is executed.", + "title": "FunctionArn", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AvailabilityZone": { - "markdownDescription": "The Availability Zone for the database.", - "title": "AvailabilityZone", - "type": "string" - }, - "BackupRetention": { - "markdownDescription": "A Boolean value indicating whether automated backup retention is enabled for the database. Data Import Mode is enabled when `BackupRetention` is set to `false` , and is disabled when `BackupRetention` is set to `true` .", - "title": "BackupRetention", - "type": "boolean" - }, - "CaCertificateIdentifier": { - "markdownDescription": "The certificate associated with the database.", - "title": "CaCertificateIdentifier", - "type": "string" - }, - "MasterDatabaseName": { - "markdownDescription": "The meaning of this parameter differs according to the database engine you use.\n\n*MySQL*\n\nThe name of the database to create when the Lightsail database resource is created. If this parameter isn't specified, no database is created in the database resource.\n\nConstraints:\n\n- Must contain 1-64 letters or numbers.\n- Must begin with a letter. Subsequent characters can be letters, underscores, or numbers (0-9).\n- Can't be a word reserved by the specified database engine.\n\nFor more information about reserved words in MySQL, see the Keywords and Reserved Words articles for [MySQL 5.6](https://docs.aws.amazon.com/https://dev.mysql.com/doc/refman/5.6/en/keywords.html) , [MySQL 5.7](https://docs.aws.amazon.com/https://dev.mysql.com/doc/refman/5.7/en/keywords.html) , and [MySQL 8.0](https://docs.aws.amazon.com/https://dev.mysql.com/doc/refman/8.0/en/keywords.html) .\n\n*PostgreSQL*\n\nThe name of the database to create when the Lightsail database resource is created. If this parameter isn't specified, a database named `postgres` is created in the database resource.\n\nConstraints:\n\n- Must contain 1-63 letters or numbers.\n- Must begin with a letter. Subsequent characters can be letters, underscores, or numbers (0-9).\n- Can't be a word reserved by the specified database engine.\n\nFor more information about reserved words in PostgreSQL, see the SQL Key Words articles for [PostgreSQL 9.6](https://docs.aws.amazon.com/https://www.postgresql.org/docs/9.6/sql-keywords-appendix.html) , [PostgreSQL 10](https://docs.aws.amazon.com/https://www.postgresql.org/docs/10/sql-keywords-appendix.html) , [PostgreSQL 11](https://docs.aws.amazon.com/https://www.postgresql.org/docs/11/sql-keywords-appendix.html) , and [PostgreSQL 12](https://docs.aws.amazon.com/https://www.postgresql.org/docs/12/sql-keywords-appendix.html) .", - "title": "MasterDatabaseName", - "type": "string" - }, - "MasterUserPassword": { - "markdownDescription": "The password for the primary user of the database. The password can include any printable ASCII character except the following: /, \", or @. It cannot contain spaces.\n\n> The `MasterUserPassword` and `RotateMasterUserPassword` parameters cannot be used together in the same template. \n\n*MySQL*\n\nConstraints: Must contain 8-41 characters.\n\n*PostgreSQL*\n\nConstraints: Must contain 8-128 characters.", - "title": "MasterUserPassword", - "type": "string" - }, - "MasterUsername": { - "markdownDescription": "The name for the primary user.\n\n*MySQL*\n\nConstraints:\n\n- Required for MySQL.\n- Must be 1-16 letters or numbers. Can contain underscores.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.\n\nFor more information about reserved words in MySQL 5.6 or 5.7, see the Keywords and Reserved Words articles for [MySQL 5.6](https://docs.aws.amazon.com/https://dev.mysql.com/doc/refman/5.6/en/keywords.html) , [MySQL 5.7](https://docs.aws.amazon.com/https://dev.mysql.com/doc/refman/5.7/en/keywords.html) , or [MySQL 8.0](https://docs.aws.amazon.com/https://dev.mysql.com/doc/refman/8.0/en/keywords.html) .\n\n*PostgreSQL*\n\nConstraints:\n\n- Required for PostgreSQL.\n- Must be 1-63 letters or numbers. Can contain underscores.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.\n\nFor more information about reserved words in MySQL 5.6 or 5.7, see the Keywords and Reserved Words articles for [PostgreSQL 9.6](https://docs.aws.amazon.com/https://www.postgresql.org/docs/9.6/sql-keywords-appendix.html) , [PostgreSQL 10](https://docs.aws.amazon.com/https://www.postgresql.org/docs/10/sql-keywords-appendix.html) , [PostgreSQL 11](https://docs.aws.amazon.com/https://www.postgresql.org/docs/11/sql-keywords-appendix.html) , and [PostgreSQL 12](https://docs.aws.amazon.com/https://www.postgresql.org/docs/12/sql-keywords-appendix.html) .", - "title": "MasterUsername", - "type": "string" - }, - "PreferredBackupWindow": { - "markdownDescription": "The daily time range during which automated backups are created for the database (for example, `16:00-16:30` ).", - "title": "PreferredBackupWindow", - "type": "string" - }, - "PreferredMaintenanceWindow": { - "markdownDescription": "The weekly time range during which system maintenance can occur for the database, formatted as follows: `ddd:hh24:mi-ddd:hh24:mi` . For example, `Tue:17:00-Tue:17:30` .", - "title": "PreferredMaintenanceWindow", - "type": "string" - }, - "PubliclyAccessible": { - "markdownDescription": "A Boolean value indicating whether the database is accessible to anyone on the internet.", - "title": "PubliclyAccessible", - "type": "boolean" - }, - "RelationalDatabaseBlueprintId": { - "markdownDescription": "The blueprint ID for the database (for example, `mysql_8_0` ).", - "title": "RelationalDatabaseBlueprintId", - "type": "string" - }, - "RelationalDatabaseBundleId": { - "markdownDescription": "The bundle ID for the database (for example, `medium_1_0` ).", - "title": "RelationalDatabaseBundleId", - "type": "string" - }, - "RelationalDatabaseName": { - "markdownDescription": "The name of the instance.", - "title": "RelationalDatabaseName", - "type": "string" - }, - "RelationalDatabaseParameters": { - "items": { - "$ref": "#/definitions/AWS::Lightsail::Database.RelationalDatabaseParameter" - }, - "markdownDescription": "An array of parameters for the database.", - "title": "RelationalDatabaseParameters", - "type": "array" - }, - "RotateMasterUserPassword": { - "markdownDescription": "A Boolean value indicating whether to change the primary user password to a new, strong password generated by Lightsail .\n\n> The `RotateMasterUserPassword` and `MasterUserPassword` parameters cannot be used together in the same template.", - "title": "RotateMasterUserPassword", - "type": "boolean" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "MasterDatabaseName", - "MasterUsername", - "RelationalDatabaseBlueprintId", - "RelationalDatabaseBundleId", - "RelationalDatabaseName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Lightsail::Database" - ], + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", + "markdownDescription": "You can configure the action payload when you send a message to a Lambda function.", + "title": "Payload" + } + }, + "required": [ + "FunctionArn" + ], + "type": "object" + }, + "AWS::IoTEvents::AlarmModel.Payload": { + "additionalProperties": false, + "properties": { + "ContentExpression": { + "markdownDescription": "The content of the payload. You can use a string expression that includes quoted strings ( `''` ), variables ( `$variable.` ), input values ( `$input..` ), string concatenations, and quoted strings that contain `${}` as the content. The recommended maximum size of a content expression is 1 KB.", + "title": "ContentExpression", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Type": { + "markdownDescription": "The value of the payload type can be either `STRING` or `JSON` .", + "title": "Type", "type": "string" } }, "required": [ - "Type", - "Properties" + "ContentExpression", + "Type" ], "type": "object" }, - "AWS::Lightsail::Database.RelationalDatabaseParameter": { + "AWS::IoTEvents::AlarmModel.SimpleRule": { "additionalProperties": false, "properties": { - "AllowedValues": { - "markdownDescription": "The valid range of values for the parameter.", - "title": "AllowedValues", + "ComparisonOperator": { + "markdownDescription": "The comparison operator.", + "title": "ComparisonOperator", "type": "string" }, - "ApplyMethod": { - "markdownDescription": "Indicates when parameter updates are applied.\n\nCan be `immediate` or `pending-reboot` .", - "title": "ApplyMethod", + "InputProperty": { + "markdownDescription": "The value on the left side of the comparison operator. You can specify an AWS IoT Events input attribute as an input property.", + "title": "InputProperty", "type": "string" }, - "ApplyType": { - "markdownDescription": "Specifies the engine-specific parameter type.", - "title": "ApplyType", + "Threshold": { + "markdownDescription": "The value on the right side of the comparison operator. You can enter a number or specify an AWS IoT Events input attribute.", + "title": "Threshold", "type": "string" + } + }, + "required": [ + "ComparisonOperator", + "InputProperty", + "Threshold" + ], + "type": "object" + }, + "AWS::IoTEvents::AlarmModel.Sns": { + "additionalProperties": false, + "properties": { + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", + "markdownDescription": "You can configure the action payload when you send a message as an Amazon SNS push notification.", + "title": "Payload" }, - "DataType": { - "markdownDescription": "The valid data type of the parameter.", - "title": "DataType", + "TargetArn": { + "markdownDescription": "The ARN of the Amazon SNS target where the message is sent.", + "title": "TargetArn", "type": "string" + } + }, + "required": [ + "TargetArn" + ], + "type": "object" + }, + "AWS::IoTEvents::AlarmModel.Sqs": { + "additionalProperties": false, + "properties": { + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", + "markdownDescription": "You can configure the action payload when you send a message to an Amazon SQS queue.", + "title": "Payload" }, - "Description": { - "markdownDescription": "A description of the parameter.", - "title": "Description", + "QueueUrl": { + "markdownDescription": "The URL of the SQS queue where the data is written.", + "title": "QueueUrl", "type": "string" }, - "IsModifiable": { - "markdownDescription": "A Boolean value indicating whether the parameter can be modified.", - "title": "IsModifiable", + "UseBase64": { + "markdownDescription": "Set this to TRUE if you want the data to be base-64 encoded before it is written to the queue. Otherwise, set this to FALSE.", + "title": "UseBase64", "type": "boolean" - }, - "ParameterName": { - "markdownDescription": "The name of the parameter.", - "title": "ParameterName", - "type": "string" - }, - "ParameterValue": { - "markdownDescription": "The value for the parameter.", - "title": "ParameterValue", - "type": "string" } }, + "required": [ + "QueueUrl" + ], "type": "object" }, - "AWS::Lightsail::Disk": { + "AWS::IoTEvents::DetectorModel": { "additionalProperties": false, "properties": { "Condition": { @@ -147715,52 +152281,54 @@ "Properties": { "additionalProperties": false, "properties": { - "AddOns": { - "items": { - "$ref": "#/definitions/AWS::Lightsail::Disk.AddOn" - }, - "markdownDescription": "An array of add-ons for the disk.\n\n> If the disk has an add-on enabled when performing a delete disk request, the add-on is automatically disabled before the disk is deleted.", - "title": "AddOns", - "type": "array" + "DetectorModelDefinition": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.DetectorModelDefinition", + "markdownDescription": "Information that defines how a detector operates.", + "title": "DetectorModelDefinition" }, - "AvailabilityZone": { - "markdownDescription": "The AWS Region and Availability Zone location for the disk (for example, `us-east-1a` ).", - "title": "AvailabilityZone", + "DetectorModelDescription": { + "markdownDescription": "A brief description of the detector model.", + "title": "DetectorModelDescription", "type": "string" }, - "DiskName": { - "markdownDescription": "The name of the disk.", - "title": "DiskName", + "DetectorModelName": { + "markdownDescription": "The name of the detector model.", + "title": "DetectorModelName", "type": "string" }, - "Location": { - "$ref": "#/definitions/AWS::Lightsail::Disk.Location", - "markdownDescription": "The AWS Region and Availability Zone where the disk is located.", - "title": "Location" + "EvaluationMethod": { + "markdownDescription": "Information about the order in which events are evaluated and how actions are executed.", + "title": "EvaluationMethod", + "type": "string" }, - "SizeInGb": { - "markdownDescription": "The size of the disk in GB.", - "title": "SizeInGb", - "type": "number" + "Key": { + "markdownDescription": "The value used to identify a detector instance. When a device or system sends input, a new detector instance with a unique key value is created. AWS IoT Events can continue to route input to its corresponding detector instance based on this identifying information.\n\nThis parameter uses a JSON-path expression to select the attribute-value pair in the message payload that is used for identification. To route the message to the correct detector instance, the device must send a message payload that contains the same attribute-value.", + "title": "Key", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the role that grants permission to AWS IoT Events to perform its operations.", + "title": "RoleArn", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ - "DiskName", - "SizeInGb" + "DetectorModelDefinition", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lightsail::Disk" + "AWS::IoTEvents::DetectorModel" ], "type": "string" }, @@ -147779,694 +152347,640 @@ ], "type": "object" }, - "AWS::Lightsail::Disk.AddOn": { + "AWS::IoTEvents::DetectorModel.Action": { "additionalProperties": false, "properties": { - "AddOnType": { - "markdownDescription": "The add-on type (for example, `AutoSnapshot` ).\n\n> `AutoSnapshot` is the only add-on that can be enabled for a disk.", - "title": "AddOnType", - "type": "string" + "ClearTimer": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.ClearTimer", + "markdownDescription": "Information needed to clear the timer.", + "title": "ClearTimer" }, - "AutoSnapshotAddOnRequest": { - "$ref": "#/definitions/AWS::Lightsail::Disk.AutoSnapshotAddOn", - "markdownDescription": "The parameters for the automatic snapshot add-on, such as the daily time when an automatic snapshot will be created.", - "title": "AutoSnapshotAddOnRequest" + "DynamoDB": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.DynamoDB", + "markdownDescription": "Writes to the DynamoDB table that you created. The default action payload contains all attribute-value pairs that have the information about the detector model instance and the event that triggered the action. You can customize the [payload](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Payload.html) . One column of the DynamoDB table receives all attribute-value pairs in the payload that you specify. For more information, see [Actions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-event-actions.html) in *AWS IoT Events Developer Guide* .", + "title": "DynamoDB" }, - "Status": { - "markdownDescription": "The status of the add-on.\n\nValid Values: `Enabled` | `Disabled`", - "title": "Status", - "type": "string" + "DynamoDBv2": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.DynamoDBv2", + "markdownDescription": "Writes to the DynamoDB table that you created. The default action payload contains all attribute-value pairs that have the information about the detector model instance and the event that triggered the action. You can customize the [payload](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Payload.html) . A separate column of the DynamoDB table receives one attribute-value pair in the payload that you specify. For more information, see [Actions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-event-actions.html) in *AWS IoT Events Developer Guide* .", + "title": "DynamoDBv2" + }, + "Firehose": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Firehose", + "markdownDescription": "Sends information about the detector model instance and the event that triggered the action to an Amazon Kinesis Data Firehose delivery stream.", + "title": "Firehose" + }, + "IotEvents": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.IotEvents", + "markdownDescription": "Sends AWS IoT Events input, which passes information about the detector model instance and the event that triggered the action.", + "title": "IotEvents" + }, + "IotSiteWise": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.IotSiteWise", + "markdownDescription": "Sends information about the detector model instance and the event that triggered the action to an asset property in AWS IoT SiteWise .", + "title": "IotSiteWise" + }, + "IotTopicPublish": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.IotTopicPublish", + "markdownDescription": "Publishes an MQTT message with the given topic to the AWS IoT message broker.", + "title": "IotTopicPublish" + }, + "Lambda": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Lambda", + "markdownDescription": "Calls a Lambda function, passing in information about the detector model instance and the event that triggered the action.", + "title": "Lambda" + }, + "ResetTimer": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.ResetTimer", + "markdownDescription": "Information needed to reset the timer.", + "title": "ResetTimer" + }, + "SetTimer": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.SetTimer", + "markdownDescription": "Information needed to set the timer.", + "title": "SetTimer" + }, + "SetVariable": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.SetVariable", + "markdownDescription": "Sets a variable to a specified value.", + "title": "SetVariable" + }, + "Sns": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Sns", + "markdownDescription": "Sends an Amazon SNS message.", + "title": "Sns" + }, + "Sqs": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Sqs", + "markdownDescription": "Sends an Amazon SNS message.", + "title": "Sqs" } }, - "required": [ - "AddOnType" - ], "type": "object" }, - "AWS::Lightsail::Disk.AutoSnapshotAddOn": { + "AWS::IoTEvents::DetectorModel.AssetPropertyTimestamp": { "additionalProperties": false, "properties": { - "SnapshotTimeOfDay": { - "markdownDescription": "The daily time when an automatic snapshot will be created.\n\nConstraints:\n\n- Must be in `HH:00` format, and in an hourly increment.\n- Specified in Coordinated Universal Time (UTC).\n- The snapshot will be automatically created between the time specified and up to 45 minutes after.", - "title": "SnapshotTimeOfDay", + "OffsetInNanos": { + "markdownDescription": "The nanosecond offset converted from `timeInSeconds` . The valid range is between 0-999999999.", + "title": "OffsetInNanos", + "type": "string" + }, + "TimeInSeconds": { + "markdownDescription": "The timestamp, in seconds, in the Unix epoch format. The valid range is between 1-31556889864403199.", + "title": "TimeInSeconds", "type": "string" } }, + "required": [ + "TimeInSeconds" + ], "type": "object" }, - "AWS::Lightsail::Disk.Location": { + "AWS::IoTEvents::DetectorModel.AssetPropertyValue": { "additionalProperties": false, "properties": { - "AvailabilityZone": { - "markdownDescription": "The Availability Zone where the disk is located.", - "title": "AvailabilityZone", + "Quality": { + "markdownDescription": "The quality of the asset property value. The value must be `'GOOD'` , `'BAD'` , or `'UNCERTAIN'` .", + "title": "Quality", "type": "string" }, - "RegionName": { - "markdownDescription": "The AWS Region where the disk is located.", - "title": "RegionName", - "type": "string" + "Timestamp": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.AssetPropertyTimestamp", + "markdownDescription": "The timestamp associated with the asset property value. The default is the current event time.", + "title": "Timestamp" + }, + "Value": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.AssetPropertyVariant", + "markdownDescription": "The value to send to an asset property.", + "title": "Value" } }, + "required": [ + "Value" + ], "type": "object" }, - "AWS::Lightsail::Distribution": { + "AWS::IoTEvents::DetectorModel.AssetPropertyVariant": { "additionalProperties": false, "properties": { - "Condition": { + "BooleanValue": { + "markdownDescription": "The asset property value is a Boolean value that must be `'TRUE'` or `'FALSE'` . You must use an expression, and the evaluated result should be a Boolean value.", + "title": "BooleanValue", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DoubleValue": { + "markdownDescription": "The asset property value is a double. You must use an expression, and the evaluated result should be a double.", + "title": "DoubleValue", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "BundleId": { - "markdownDescription": "The ID of the bundle applied to the distribution.", - "title": "BundleId", - "type": "string" - }, - "CacheBehaviorSettings": { - "$ref": "#/definitions/AWS::Lightsail::Distribution.CacheSettings", - "markdownDescription": "An object that describes the cache behavior settings of the distribution.", - "title": "CacheBehaviorSettings" - }, - "CacheBehaviors": { - "items": { - "$ref": "#/definitions/AWS::Lightsail::Distribution.CacheBehaviorPerPath" - }, - "markdownDescription": "An array of objects that describe the per-path cache behavior of the distribution.", - "title": "CacheBehaviors", - "type": "array" - }, - "CertificateName": { - "markdownDescription": "The name of the SSL/TLS certificate attached to the distribution.", - "title": "CertificateName", - "type": "string" - }, - "DefaultCacheBehavior": { - "$ref": "#/definitions/AWS::Lightsail::Distribution.CacheBehavior", - "markdownDescription": "An object that describes the default cache behavior of the distribution.", - "title": "DefaultCacheBehavior" - }, - "DistributionName": { - "markdownDescription": "The name of the distribution", - "title": "DistributionName", - "type": "string" - }, - "IpAddressType": { - "markdownDescription": "The IP address type of the distribution.\n\nThe possible values are `ipv4` for IPv4 only, and `dualstack` for IPv4 and IPv6.", - "title": "IpAddressType", - "type": "string" - }, - "IsEnabled": { - "markdownDescription": "A Boolean value indicating whether the distribution is enabled.", - "title": "IsEnabled", - "type": "boolean" - }, - "Origin": { - "$ref": "#/definitions/AWS::Lightsail::Distribution.InputOrigin", - "markdownDescription": "An object that describes the origin resource of the distribution, such as a Lightsail instance, bucket, or load balancer.\n\nThe distribution pulls, caches, and serves content from the origin.", - "title": "Origin" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "BundleId", - "DefaultCacheBehavior", - "DistributionName", - "Origin" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Lightsail::Distribution" - ], + "IntegerValue": { + "markdownDescription": "The asset property value is an integer. You must use an expression, and the evaluated result should be an integer.", + "title": "IntegerValue", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "StringValue": { + "markdownDescription": "The asset property value is a string. You must use an expression, and the evaluated result should be a string.", + "title": "StringValue", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Lightsail::Distribution.CacheBehavior": { + "AWS::IoTEvents::DetectorModel.ClearTimer": { "additionalProperties": false, "properties": { - "Behavior": { - "markdownDescription": "The cache behavior of the distribution.\n\nThe following cache behaviors can be specified:\n\n- *`cache`* - This option is best for static sites. When specified, your distribution caches and serves your entire website as static content. This behavior is ideal for websites with static content that doesn't change depending on who views it, or for websites that don't use cookies, headers, or query strings to personalize content.\n- *`dont-cache`* - This option is best for sites that serve a mix of static and dynamic content. When specified, your distribution caches and serves only the content that is specified in the distribution\u2019s `CacheBehaviorPerPath` parameter. This behavior is ideal for websites or web applications that use cookies, headers, and query strings to personalize content for individual users.", - "title": "Behavior", + "TimerName": { + "markdownDescription": "The name of the timer to clear.", + "title": "TimerName", "type": "string" } }, + "required": [ + "TimerName" + ], "type": "object" }, - "AWS::Lightsail::Distribution.CacheBehaviorPerPath": { + "AWS::IoTEvents::DetectorModel.DetectorModelDefinition": { "additionalProperties": false, "properties": { - "Behavior": { - "markdownDescription": "The cache behavior for the specified path.\n\nYou can specify one of the following per-path cache behaviors:\n\n- *`cache`* - This behavior caches the specified path.\n- *`dont-cache`* - This behavior doesn't cache the specified path.", - "title": "Behavior", + "InitialStateName": { + "markdownDescription": "The state that is entered at the creation of each detector (instance).", + "title": "InitialStateName", "type": "string" }, - "Path": { - "markdownDescription": "The path to a directory or file to cache, or not cache. Use an asterisk symbol to specify wildcard directories ( `path/to/assets/*` ), and file types ( `*.html` , `*jpg` , `*js` ). Directories and file paths are case-sensitive.\n\nExamples:\n\n- Specify the following to cache all files in the document root of an Apache web server running on a instance.\n\n`var/www/html/`\n- Specify the following file to cache only the index page in the document root of an Apache web server.\n\n`var/www/html/index.html`\n- Specify the following to cache only the .html files in the document root of an Apache web server.\n\n`var/www/html/*.html`\n- Specify the following to cache only the .jpg, .png, and .gif files in the images sub-directory of the document root of an Apache web server.\n\n`var/www/html/images/*.jpg`\n\n`var/www/html/images/*.png`\n\n`var/www/html/images/*.gif`\n\nSpecify the following to cache all files in the images subdirectory of the document root of an Apache web server.\n\n`var/www/html/images/`", - "title": "Path", - "type": "string" + "States": { + "items": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.State" + }, + "markdownDescription": "Information about the states of the detector.", + "title": "States", + "type": "array" } }, + "required": [ + "InitialStateName", + "States" + ], "type": "object" }, - "AWS::Lightsail::Distribution.CacheSettings": { + "AWS::IoTEvents::DetectorModel.DynamoDB": { "additionalProperties": false, "properties": { - "AllowedHTTPMethods": { - "markdownDescription": "The HTTP methods that are processed and forwarded to the distribution's origin.\n\nYou can specify the following options:\n\n- `GET,HEAD` - The distribution forwards the `GET` and `HEAD` methods.\n- `GET,HEAD,OPTIONS` - The distribution forwards the `GET` , `HEAD` , and `OPTIONS` methods.\n- `GET,HEAD,OPTIONS,PUT,PATCH,POST,DELETE` - The distribution forwards the `GET` , `HEAD` , `OPTIONS` , `PUT` , `PATCH` , `POST` , and `DELETE` methods.\n\nIf you specify `GET,HEAD,OPTIONS,PUT,PATCH,POST,DELETE` , you might need to restrict access to your distribution's origin so users can't perform operations that you don't want them to. For example, you might not want users to have permission to delete objects from your origin.", - "title": "AllowedHTTPMethods", + "HashKeyField": { + "markdownDescription": "The name of the hash key (also called the partition key). The `hashKeyField` value must match the partition key of the target DynamoDB table.", + "title": "HashKeyField", "type": "string" }, - "CachedHTTPMethods": { - "markdownDescription": "The HTTP method responses that are cached by your distribution.\n\nYou can specify the following options:\n\n- `GET,HEAD` - The distribution caches responses to the `GET` and `HEAD` methods.\n- `GET,HEAD,OPTIONS` - The distribution caches responses to the `GET` , `HEAD` , and `OPTIONS` methods.", - "title": "CachedHTTPMethods", + "HashKeyType": { + "markdownDescription": "The data type for the hash key (also called the partition key). You can specify the following values:\n\n- `'STRING'` - The hash key is a string.\n- `'NUMBER'` - The hash key is a number.\n\nIf you don't specify `hashKeyType` , the default value is `'STRING'` .", + "title": "HashKeyType", "type": "string" }, - "DefaultTTL": { - "markdownDescription": "The default amount of time that objects stay in the distribution's cache before the distribution forwards another request to the origin to determine whether the content has been updated.\n\n> The value specified applies only when the origin does not add HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects.", - "title": "DefaultTTL", - "type": "number" + "HashKeyValue": { + "markdownDescription": "The value of the hash key (also called the partition key).", + "title": "HashKeyValue", + "type": "string" }, - "ForwardedCookies": { - "$ref": "#/definitions/AWS::Lightsail::Distribution.CookieObject", - "markdownDescription": "An object that describes the cookies that are forwarded to the origin. Your content is cached based on the cookies that are forwarded.", - "title": "ForwardedCookies" + "Operation": { + "markdownDescription": "The type of operation to perform. You can specify the following values:\n\n- `'INSERT'` - Insert data as a new item into the DynamoDB table. This item uses the specified hash key as a partition key. If you specified a range key, the item uses the range key as a sort key.\n- `'UPDATE'` - Update an existing item of the DynamoDB table with new data. This item's partition key must match the specified hash key. If you specified a range key, the range key must match the item's sort key.\n- `'DELETE'` - Delete an existing item of the DynamoDB table. This item's partition key must match the specified hash key. If you specified a range key, the range key must match the item's sort key.\n\nIf you don't specify this parameter, AWS IoT Events triggers the `'INSERT'` operation.", + "title": "Operation", + "type": "string" }, - "ForwardedHeaders": { - "$ref": "#/definitions/AWS::Lightsail::Distribution.HeaderObject", - "markdownDescription": "An object that describes the headers that are forwarded to the origin. Your content is cached based on the headers that are forwarded.", - "title": "ForwardedHeaders" + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", + "markdownDescription": "Information needed to configure the payload.\n\nBy default, AWS IoT Events generates a standard payload in JSON for any action. This action payload contains all attribute-value pairs that have the information about the detector model instance and the event triggered the action. To configure the action payload, you can use `contentExpression` .", + "title": "Payload" }, - "ForwardedQueryStrings": { - "$ref": "#/definitions/AWS::Lightsail::Distribution.QueryStringObject", - "markdownDescription": "An object that describes the query strings that are forwarded to the origin. Your content is cached based on the query strings that are forwarded.", - "title": "ForwardedQueryStrings" + "PayloadField": { + "markdownDescription": "The name of the DynamoDB column that receives the action payload.\n\nIf you don't specify this parameter, the name of the DynamoDB column is `payload` .", + "title": "PayloadField", + "type": "string" }, - "MaximumTTL": { - "markdownDescription": "The maximum amount of time that objects stay in the distribution's cache before the distribution forwards another request to the origin to determine whether the object has been updated.\n\nThe value specified applies only when the origin adds HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects.", - "title": "MaximumTTL", - "type": "number" + "RangeKeyField": { + "markdownDescription": "The name of the range key (also called the sort key). The `rangeKeyField` value must match the sort key of the target DynamoDB table.", + "title": "RangeKeyField", + "type": "string" }, - "MinimumTTL": { - "markdownDescription": "The minimum amount of time that objects stay in the distribution's cache before the distribution forwards another request to the origin to determine whether the object has been updated.\n\nA value of `0` must be specified for `minimumTTL` if the distribution is configured to forward all headers to the origin.", - "title": "MinimumTTL", - "type": "number" + "RangeKeyType": { + "markdownDescription": "The data type for the range key (also called the sort key), You can specify the following values:\n\n- `'STRING'` - The range key is a string.\n- `'NUMBER'` - The range key is number.\n\nIf you don't specify `rangeKeyField` , the default value is `'STRING'` .", + "title": "RangeKeyType", + "type": "string" + }, + "RangeKeyValue": { + "markdownDescription": "The value of the range key (also called the sort key).", + "title": "RangeKeyValue", + "type": "string" + }, + "TableName": { + "markdownDescription": "The name of the DynamoDB table. The `tableName` value must match the table name of the target DynamoDB table.", + "title": "TableName", + "type": "string" } }, + "required": [ + "HashKeyField", + "HashKeyValue", + "TableName" + ], "type": "object" }, - "AWS::Lightsail::Distribution.CookieObject": { + "AWS::IoTEvents::DetectorModel.DynamoDBv2": { "additionalProperties": false, "properties": { - "CookiesAllowList": { - "items": { - "type": "string" - }, - "markdownDescription": "The specific cookies to forward to your distribution's origin.", - "title": "CookiesAllowList", - "type": "array" + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", + "markdownDescription": "Information needed to configure the payload.\n\nBy default, AWS IoT Events generates a standard payload in JSON for any action. This action payload contains all attribute-value pairs that have the information about the detector model instance and the event triggered the action. To configure the action payload, you can use `contentExpression` .", + "title": "Payload" }, - "Option": { - "markdownDescription": "Specifies which cookies to forward to the distribution's origin for a cache behavior.\n\nUse one of the following configurations for your distribution:\n\n- *`all`* - Forwards all cookies to your origin.\n- *`none`* - Doesn\u2019t forward cookies to your origin.\n- *`allow-list`* - Forwards only the cookies that you specify using the `CookiesAllowList` parameter.", - "title": "Option", + "TableName": { + "markdownDescription": "The name of the DynamoDB table.", + "title": "TableName", "type": "string" } }, + "required": [ + "TableName" + ], "type": "object" }, - "AWS::Lightsail::Distribution.HeaderObject": { + "AWS::IoTEvents::DetectorModel.Event": { "additionalProperties": false, "properties": { - "HeadersAllowList": { + "Actions": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Action" }, - "markdownDescription": "The specific headers to forward to your distribution's origin.", - "title": "HeadersAllowList", + "markdownDescription": "The actions to be performed.", + "title": "Actions", "type": "array" }, - "Option": { - "markdownDescription": "The headers that you want your distribution to forward to your origin. Your distribution caches your content based on these headers.\n\nUse one of the following configurations for your distribution:\n\n- *`all`* - Forwards all headers to your origin..\n- *`none`* - Forwards only the default headers.\n- *`allow-list`* - Forwards only the headers that you specify using the `HeadersAllowList` parameter.", - "title": "Option", + "Condition": { + "markdownDescription": "Optional. The Boolean expression that, when TRUE, causes the `actions` to be performed. If not present, the actions are performed (=TRUE). If the expression result is not a Boolean value, the actions are not performed (=FALSE).", + "title": "Condition", + "type": "string" + }, + "EventName": { + "markdownDescription": "The name of the event.", + "title": "EventName", "type": "string" } }, + "required": [ + "EventName" + ], "type": "object" }, - "AWS::Lightsail::Distribution.InputOrigin": { + "AWS::IoTEvents::DetectorModel.Firehose": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the origin resource.", - "title": "Name", + "DeliveryStreamName": { + "markdownDescription": "The name of the Kinesis Data Firehose delivery stream where the data is written.", + "title": "DeliveryStreamName", "type": "string" }, - "ProtocolPolicy": { - "markdownDescription": "The protocol that your Amazon Lightsail distribution uses when establishing a connection with your origin to pull content.", - "title": "ProtocolPolicy", - "type": "string" + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", + "markdownDescription": "You can configure the action payload when you send a message to an Amazon Data Firehose delivery stream.", + "title": "Payload" }, - "RegionName": { - "markdownDescription": "The AWS Region name of the origin resource.", - "title": "RegionName", + "Separator": { + "markdownDescription": "A character separator that is used to separate records written to the Kinesis Data Firehose delivery stream. Valid values are: '\\n' (newline), '\\t' (tab), '\\r\\n' (Windows newline), ',' (comma).", + "title": "Separator", "type": "string" } }, + "required": [ + "DeliveryStreamName" + ], "type": "object" }, - "AWS::Lightsail::Distribution.QueryStringObject": { + "AWS::IoTEvents::DetectorModel.IotEvents": { "additionalProperties": false, "properties": { - "Option": { - "markdownDescription": "Indicates whether the distribution forwards and caches based on query strings.", - "title": "Option", - "type": "boolean" + "InputName": { + "markdownDescription": "The name of the AWS IoT Events input where the data is sent.", + "title": "InputName", + "type": "string" }, - "QueryStringsAllowList": { - "items": { - "type": "string" - }, - "markdownDescription": "The specific query strings that the distribution forwards to the origin.\n\nYour distribution caches content based on the specified query strings.\n\nIf the `option` parameter is true, then your distribution forwards all query strings, regardless of what you specify using the `QueryStringsAllowList` parameter.", - "title": "QueryStringsAllowList", - "type": "array" + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", + "markdownDescription": "You can configure the action payload when you send a message to an AWS IoT Events input.", + "title": "Payload" } }, + "required": [ + "InputName" + ], "type": "object" }, - "AWS::Lightsail::Instance": { + "AWS::IoTEvents::DetectorModel.IotSiteWise": { "additionalProperties": false, "properties": { - "Condition": { + "AssetId": { + "markdownDescription": "The ID of the asset that has the specified property.", + "title": "AssetId", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "EntryId": { + "markdownDescription": "A unique identifier for this entry. You can use the entry ID to track which data entry causes an error in case of failure. The default is a new unique identifier.", + "title": "EntryId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AddOns": { - "items": { - "$ref": "#/definitions/AWS::Lightsail::Instance.AddOn" - }, - "markdownDescription": "An array of add-ons for the instance.\n\n> If the instance has an add-on enabled when performing a delete instance request, the add-on is automatically disabled before the instance is deleted.", - "title": "AddOns", - "type": "array" - }, - "AvailabilityZone": { - "markdownDescription": "The Availability Zone for the instance.", - "title": "AvailabilityZone", - "type": "string" - }, - "BlueprintId": { - "markdownDescription": "The blueprint ID for the instance (for example, `os_amlinux_2016_03` ).", - "title": "BlueprintId", - "type": "string" - }, - "BundleId": { - "markdownDescription": "The bundle ID for the instance (for example, `micro_1_0` ).", - "title": "BundleId", - "type": "string" - }, - "Hardware": { - "$ref": "#/definitions/AWS::Lightsail::Instance.Hardware", - "markdownDescription": "The hardware properties for the instance, such as the vCPU count, attached disks, and amount of RAM.\n\n> The instance restarts when performing an attach disk or detach disk request. This resets the public IP address of your instance if a static IP isn't attached to it.", - "title": "Hardware" - }, - "InstanceName": { - "markdownDescription": "The name of the instance.", - "title": "InstanceName", - "type": "string" - }, - "KeyPairName": { - "markdownDescription": "The name of the key pair to use for the instance.\n\nIf no key pair name is specified, the Regional Lightsail default key pair is used.", - "title": "KeyPairName", - "type": "string" - }, - "Location": { - "$ref": "#/definitions/AWS::Lightsail::Instance.Location", - "markdownDescription": "The location for the instance, such as the AWS Region and Availability Zone.\n\n> The `Location` property is read-only and should not be specified in a create instance or update instance request.", - "title": "Location" - }, - "Networking": { - "$ref": "#/definitions/AWS::Lightsail::Instance.Networking", - "markdownDescription": "The public ports and the monthly amount of data transfer allocated for the instance.", - "title": "Networking" - }, - "State": { - "$ref": "#/definitions/AWS::Lightsail::Instance.State", - "markdownDescription": "The status code and the state (for example, `running` ) of the instance.\n\n> The `State` property is read-only and should not be specified in a create instance or update instance request.", - "title": "State" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", - "title": "Tags", - "type": "array" - }, - "UserData": { - "markdownDescription": "The optional launch script for the instance.\n\nSpecify a launch script to configure an instance with additional user data. For example, you might want to specify `apt-get -y update` as a launch script.\n\n> Depending on the blueprint of your instance, the command to get software on your instance varies. Amazon Linux and CentOS use `yum` , Debian and Ubuntu use `apt-get` , and FreeBSD uses `pkg` .", - "title": "UserData", - "type": "string" - } - }, - "required": [ - "BlueprintId", - "BundleId", - "InstanceName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Lightsail::Instance" - ], + "PropertyAlias": { + "markdownDescription": "The alias of the asset property.", + "title": "PropertyAlias", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "PropertyId": { + "markdownDescription": "The ID of the asset property.", + "title": "PropertyId", "type": "string" + }, + "PropertyValue": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.AssetPropertyValue", + "markdownDescription": "The value to send to the asset property. This value contains timestamp, quality, and value (TQV) information.", + "title": "PropertyValue" } }, "required": [ - "Type", - "Properties" + "PropertyValue" ], "type": "object" }, - "AWS::Lightsail::Instance.AddOn": { + "AWS::IoTEvents::DetectorModel.IotTopicPublish": { "additionalProperties": false, "properties": { - "AddOnType": { - "markdownDescription": "The add-on type (for example, `AutoSnapshot` ).\n\n> `AutoSnapshot` is the only add-on that can be enabled for an instance.", - "title": "AddOnType", + "MqttTopic": { + "markdownDescription": "The MQTT topic of the message. You can use a string expression that includes variables ( `$variable.` ) and input values ( `$input..` ) as the topic string.", + "title": "MqttTopic", "type": "string" }, - "AutoSnapshotAddOnRequest": { - "$ref": "#/definitions/AWS::Lightsail::Instance.AutoSnapshotAddOn", - "markdownDescription": "The parameters for the automatic snapshot add-on, such as the daily time when an automatic snapshot will be created.", - "title": "AutoSnapshotAddOnRequest" - }, - "Status": { - "markdownDescription": "The status of the add-on.\n\nValid Values: `Enabled` | `Disabled`", - "title": "Status", - "type": "string" + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", + "markdownDescription": "You can configure the action payload when you publish a message to an AWS IoT Core topic.", + "title": "Payload" } }, "required": [ - "AddOnType" + "MqttTopic" ], "type": "object" }, - "AWS::Lightsail::Instance.AutoSnapshotAddOn": { + "AWS::IoTEvents::DetectorModel.Lambda": { "additionalProperties": false, "properties": { - "SnapshotTimeOfDay": { - "markdownDescription": "The daily time when an automatic snapshot will be created.\n\nConstraints:\n\n- Must be in `HH:00` format, and in an hourly increment.\n- Specified in Coordinated Universal Time (UTC).\n- The snapshot will be automatically created between the time specified and up to 45 minutes after.", - "title": "SnapshotTimeOfDay", + "FunctionArn": { + "markdownDescription": "The ARN of the Lambda function that is executed.", + "title": "FunctionArn", "type": "string" + }, + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", + "markdownDescription": "You can configure the action payload when you send a message to a Lambda function.", + "title": "Payload" } }, + "required": [ + "FunctionArn" + ], "type": "object" }, - "AWS::Lightsail::Instance.Disk": { + "AWS::IoTEvents::DetectorModel.OnEnter": { "additionalProperties": false, "properties": { - "AttachedTo": { - "markdownDescription": "The resources to which the disk is attached.", - "title": "AttachedTo", - "type": "string" - }, - "AttachmentState": { - "markdownDescription": "(Deprecated) The attachment state of the disk.\n\n> In releases prior to November 14, 2017, this parameter returned `attached` for system disks in the API response. It is now deprecated, but still included in the response. Use `isAttached` instead.", - "title": "AttachmentState", - "type": "string" - }, - "DiskName": { - "markdownDescription": "The unique name of the disk.", - "title": "DiskName", - "type": "string" - }, - "IOPS": { - "markdownDescription": "The input/output operations per second (IOPS) of the disk.", - "title": "IOPS", - "type": "number" - }, - "IsSystemDisk": { - "markdownDescription": "A Boolean value indicating whether this disk is a system disk (has an operating system loaded on it).", - "title": "IsSystemDisk", - "type": "boolean" - }, - "Path": { - "markdownDescription": "The disk path.", - "title": "Path", - "type": "string" - }, - "SizeInGb": { - "markdownDescription": "The size of the disk in GB.", - "title": "SizeInGb", - "type": "string" + "Events": { + "items": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Event" + }, + "markdownDescription": "Specifies the actions that are performed when the state is entered and the `condition` is `TRUE` .", + "title": "Events", + "type": "array" } }, - "required": [ - "DiskName", - "Path" - ], "type": "object" }, - "AWS::Lightsail::Instance.Hardware": { + "AWS::IoTEvents::DetectorModel.OnExit": { "additionalProperties": false, "properties": { - "CpuCount": { - "markdownDescription": "The number of vCPUs the instance has.\n\n> The `CpuCount` property is read-only and should not be specified in a create instance or update instance request.", - "title": "CpuCount", - "type": "number" - }, - "Disks": { + "Events": { "items": { - "$ref": "#/definitions/AWS::Lightsail::Instance.Disk" + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Event" }, - "markdownDescription": "The disks attached to the instance.\n\nThe instance restarts when performing an attach disk or detach disk request. This resets the public IP address of your instance if a static IP isn't attached to it.", - "title": "Disks", + "markdownDescription": "Specifies the `actions` that are performed when the state is exited and the `condition` is `TRUE` .", + "title": "Events", + "type": "array" + } + }, + "type": "object" + }, + "AWS::IoTEvents::DetectorModel.OnInput": { + "additionalProperties": false, + "properties": { + "Events": { + "items": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Event" + }, + "markdownDescription": "Specifies the actions performed when the `condition` evaluates to TRUE.", + "title": "Events", "type": "array" }, - "RamSizeInGb": { - "markdownDescription": "The amount of RAM in GB on the instance (for example, `1.0` ).\n\n> The `RamSizeInGb` property is read-only and should not be specified in a create instance or update instance request.", - "title": "RamSizeInGb", - "type": "number" + "TransitionEvents": { + "items": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.TransitionEvent" + }, + "markdownDescription": "Specifies the actions performed, and the next state entered, when a `condition` evaluates to TRUE.", + "title": "TransitionEvents", + "type": "array" } }, "type": "object" }, - "AWS::Lightsail::Instance.Location": { + "AWS::IoTEvents::DetectorModel.Payload": { "additionalProperties": false, "properties": { - "AvailabilityZone": { - "markdownDescription": "The Availability Zone for the instance.", - "title": "AvailabilityZone", + "ContentExpression": { + "markdownDescription": "The content of the payload. You can use a string expression that includes quoted strings ( `''` ), variables ( `$variable.` ), input values ( `$input..` ), string concatenations, and quoted strings that contain `${}` as the content. The recommended maximum size of a content expression is 1 KB.", + "title": "ContentExpression", "type": "string" }, - "RegionName": { - "markdownDescription": "The name of the AWS Region for the instance.", - "title": "RegionName", + "Type": { + "markdownDescription": "The value of the payload type can be either `STRING` or `JSON` .", + "title": "Type", "type": "string" } }, + "required": [ + "ContentExpression", + "Type" + ], "type": "object" }, - "AWS::Lightsail::Instance.MonthlyTransfer": { + "AWS::IoTEvents::DetectorModel.ResetTimer": { "additionalProperties": false, "properties": { - "GbPerMonthAllocated": { - "markdownDescription": "The amount of allocated monthly data transfer (in GB) for an instance.", - "title": "GbPerMonthAllocated", + "TimerName": { + "markdownDescription": "The name of the timer to reset.", + "title": "TimerName", "type": "string" } }, + "required": [ + "TimerName" + ], "type": "object" }, - "AWS::Lightsail::Instance.Networking": { + "AWS::IoTEvents::DetectorModel.SetTimer": { "additionalProperties": false, "properties": { - "MonthlyTransfer": { - "$ref": "#/definitions/AWS::Lightsail::Instance.MonthlyTransfer", - "markdownDescription": "The monthly amount of data transfer, in GB, allocated for the instance", - "title": "MonthlyTransfer" + "DurationExpression": { + "markdownDescription": "The duration of the timer, in seconds. You can use a string expression that includes numbers, variables ( `$variable.` ), and input values ( `$input..` ) as the duration. The range of the duration is 1-31622400 seconds. To ensure accuracy, the minimum duration is 60 seconds. The evaluated result of the duration is rounded down to the nearest whole number.", + "title": "DurationExpression", + "type": "string" }, - "Ports": { - "items": { - "$ref": "#/definitions/AWS::Lightsail::Instance.Port" - }, - "markdownDescription": "An array of ports to open on the instance.", - "title": "Ports", - "type": "array" + "Seconds": { + "markdownDescription": "The number of seconds until the timer expires. The minimum value is 60 seconds to ensure accuracy. The maximum value is 31622400 seconds.", + "title": "Seconds", + "type": "number" + }, + "TimerName": { + "markdownDescription": "The name of the timer.", + "title": "TimerName", + "type": "string" } }, "required": [ - "Ports" + "TimerName" ], "type": "object" }, - "AWS::Lightsail::Instance.Port": { + "AWS::IoTEvents::DetectorModel.SetVariable": { "additionalProperties": false, "properties": { - "AccessDirection": { - "markdownDescription": "The access direction ( `inbound` or `outbound` ).\n\n> Lightsail currently supports only `inbound` access direction.", - "title": "AccessDirection", + "Value": { + "markdownDescription": "The new value of the variable.", + "title": "Value", "type": "string" }, - "AccessFrom": { - "markdownDescription": "The location from which access is allowed. For example, `Anywhere (0.0.0.0/0)` , or `Custom` if a specific IP address or range of IP addresses is allowed.", - "title": "AccessFrom", + "VariableName": { + "markdownDescription": "The name of the variable.", + "title": "VariableName", "type": "string" + } + }, + "required": [ + "Value", + "VariableName" + ], + "type": "object" + }, + "AWS::IoTEvents::DetectorModel.Sns": { + "additionalProperties": false, + "properties": { + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", + "markdownDescription": "You can configure the action payload when you send a message as an Amazon SNS push notification.", + "title": "Payload" }, - "AccessType": { - "markdownDescription": "The type of access ( `Public` or `Private` ).", - "title": "AccessType", + "TargetArn": { + "markdownDescription": "The ARN of the Amazon SNS target where the message is sent.", + "title": "TargetArn", "type": "string" + } + }, + "required": [ + "TargetArn" + ], + "type": "object" + }, + "AWS::IoTEvents::DetectorModel.Sqs": { + "additionalProperties": false, + "properties": { + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", + "markdownDescription": "You can configure the action payload when you send a message to an Amazon SQS queue.", + "title": "Payload" }, - "CidrListAliases": { - "items": { - "type": "string" - }, - "markdownDescription": "An alias that defines access for a preconfigured range of IP addresses.\n\nThe only alias currently supported is `lightsail-connect` , which allows IP addresses of the browser-based RDP/SSH client in the Lightsail console to connect to your instance.", - "title": "CidrListAliases", - "type": "array" - }, - "Cidrs": { - "items": { - "type": "string" - }, - "markdownDescription": "The IPv4 address, or range of IPv4 addresses (in CIDR notation) that are allowed to connect to an instance through the ports, and the protocol.\n\n> The `ipv6Cidrs` parameter lists the IPv6 addresses that are allowed to connect to an instance. \n\nExamples:\n\n- To allow the IP address `192.0.2.44` , specify `192.0.2.44` or `192.0.2.44/32` .\n- To allow the IP addresses `192.0.2.0` to `192.0.2.255` , specify `192.0.2.0/24` .", - "title": "Cidrs", - "type": "array" - }, - "CommonName": { - "markdownDescription": "The common name of the port information.", - "title": "CommonName", + "QueueUrl": { + "markdownDescription": "The URL of the SQS queue where the data is written.", + "title": "QueueUrl", "type": "string" }, - "FromPort": { - "markdownDescription": "The first port in a range of open ports on an instance.\n\nAllowed ports:\n\n- TCP and UDP - `0` to `65535`\n- ICMP - The ICMP type for IPv4 addresses. For example, specify `8` as the `fromPort` (ICMP type), and `-1` as the `toPort` (ICMP code), to enable ICMP Ping.\n- ICMPv6 - The ICMP type for IPv6 addresses. For example, specify `128` as the `fromPort` (ICMPv6 type), and `0` as `toPort` (ICMPv6 code).", - "title": "FromPort", - "type": "number" + "UseBase64": { + "markdownDescription": "Set this to TRUE if you want the data to be base-64 encoded before it is written to the queue. Otherwise, set this to FALSE.", + "title": "UseBase64", + "type": "boolean" + } + }, + "required": [ + "QueueUrl" + ], + "type": "object" + }, + "AWS::IoTEvents::DetectorModel.State": { + "additionalProperties": false, + "properties": { + "OnEnter": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.OnEnter", + "markdownDescription": "When entering this state, perform these `actions` if the `condition` is TRUE.", + "title": "OnEnter" }, - "Ipv6Cidrs": { - "items": { - "type": "string" - }, - "markdownDescription": "The IPv6 address, or range of IPv6 addresses (in CIDR notation) that are allowed to connect to an instance through the ports, and the protocol. Only devices with an IPv6 address can connect to an instance through IPv6; otherwise, IPv4 should be used.\n\n> The `cidrs` parameter lists the IPv4 addresses that are allowed to connect to an instance.", - "title": "Ipv6Cidrs", - "type": "array" + "OnExit": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.OnExit", + "markdownDescription": "When exiting this state, perform these `actions` if the specified `condition` is `TRUE` .", + "title": "OnExit" }, - "Protocol": { - "markdownDescription": "The IP protocol name.\n\nThe name can be one of the following:\n\n- `tcp` - Transmission Control Protocol (TCP) provides reliable, ordered, and error-checked delivery of streamed data between applications running on hosts communicating by an IP network. If you have an application that doesn't require reliable data stream service, use UDP instead.\n- `all` - All transport layer protocol types.\n- `udp` - With User Datagram Protocol (UDP), computer applications can send messages (or datagrams) to other hosts on an Internet Protocol (IP) network. Prior communications are not required to set up transmission channels or data paths. Applications that don't require reliable data stream service can use UDP, which provides a connectionless datagram service that emphasizes reduced latency over reliability. If you do require reliable data stream service, use TCP instead.\n- `icmp` - Internet Control Message Protocol (ICMP) is used to send error messages and operational information indicating success or failure when communicating with an instance. For example, an error is indicated when an instance could not be reached. When you specify `icmp` as the `protocol` , you must specify the ICMP type using the `fromPort` parameter, and ICMP code using the `toPort` parameter.", - "title": "Protocol", - "type": "string" + "OnInput": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.OnInput", + "markdownDescription": "When an input is received and the `condition` is TRUE, perform the specified `actions` .", + "title": "OnInput" }, - "ToPort": { - "markdownDescription": "The last port in a range of open ports on an instance.\n\nAllowed ports:\n\n- TCP and UDP - `0` to `65535`\n- ICMP - The ICMP code for IPv4 addresses. For example, specify `8` as the `fromPort` (ICMP type), and `-1` as the `toPort` (ICMP code), to enable ICMP Ping.\n- ICMPv6 - The ICMP code for IPv6 addresses. For example, specify `128` as the `fromPort` (ICMPv6 type), and `0` as `toPort` (ICMPv6 code).", - "title": "ToPort", - "type": "number" + "StateName": { + "markdownDescription": "The name of the state.", + "title": "StateName", + "type": "string" } }, + "required": [ + "StateName" + ], "type": "object" }, - "AWS::Lightsail::Instance.State": { + "AWS::IoTEvents::DetectorModel.TransitionEvent": { "additionalProperties": false, "properties": { - "Code": { - "markdownDescription": "The status code of the instance.", - "title": "Code", - "type": "number" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Action" + }, + "markdownDescription": "The actions to be performed.", + "title": "Actions", + "type": "array" }, - "Name": { - "markdownDescription": "The state of the instance (for example, `running` or `pending` ).", - "title": "Name", + "Condition": { + "markdownDescription": "Required. A Boolean expression that when TRUE causes the actions to be performed and the `nextState` to be entered.", + "title": "Condition", + "type": "string" + }, + "EventName": { + "markdownDescription": "The name of the transition event.", + "title": "EventName", + "type": "string" + }, + "NextState": { + "markdownDescription": "The next state to enter.", + "title": "NextState", "type": "string" } }, + "required": [ + "Condition", + "EventName", + "NextState" + ], "type": "object" }, - "AWS::Lightsail::LoadBalancer": { + "AWS::IoTEvents::Input": { "additionalProperties": false, "properties": { "Condition": { @@ -148501,67 +153015,38 @@ "Properties": { "additionalProperties": false, "properties": { - "AttachedInstances": { - "items": { - "type": "string" - }, - "markdownDescription": "The Lightsail instances to attach to the load balancer.", - "title": "AttachedInstances", - "type": "array" - }, - "HealthCheckPath": { - "markdownDescription": "The path on the attached instance where the health check will be performed. If no path is specified, the load balancer tries to make a request to the default (root) page ( `/index.html` ).", - "title": "HealthCheckPath", - "type": "string" - }, - "InstancePort": { - "markdownDescription": "The port that the load balancer uses to direct traffic to your Lightsail instances. For HTTP traffic, specify port `80` . For HTTPS traffic, specify port `443` .", - "title": "InstancePort", - "type": "number" - }, - "IpAddressType": { - "markdownDescription": "The IP address type of the load balancer.\n\nThe possible values are `ipv4` for IPv4 only, and `dualstack` for both IPv4 and IPv6.", - "title": "IpAddressType", - "type": "string" + "InputDefinition": { + "$ref": "#/definitions/AWS::IoTEvents::Input.InputDefinition", + "markdownDescription": "The definition of the input.", + "title": "InputDefinition" }, - "LoadBalancerName": { - "markdownDescription": "The name of the load balancer.", - "title": "LoadBalancerName", + "InputDescription": { + "markdownDescription": "A brief description of the input.", + "title": "InputDescription", "type": "string" }, - "SessionStickinessEnabled": { - "markdownDescription": "A Boolean value indicating whether session stickiness is enabled.\n\nEnable session stickiness (also known as *session affinity* ) to bind a user's session to a specific instance. This ensures that all requests from the user during the session are sent to the same instance.", - "title": "SessionStickinessEnabled", - "type": "boolean" - }, - "SessionStickinessLBCookieDurationSeconds": { - "markdownDescription": "The time period, in seconds, after which the load balancer session stickiness cookie should be considered stale. If you do not specify this parameter, the default value is 0, which indicates that the sticky session should last for the duration of the browser session.", - "title": "SessionStickinessLBCookieDurationSeconds", + "InputName": { + "markdownDescription": "The name of the input.", + "title": "InputName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" - }, - "TlsPolicyName": { - "markdownDescription": "The name of the TLS security policy for the load balancer.", - "title": "TlsPolicyName", - "type": "string" } }, "required": [ - "InstancePort", - "LoadBalancerName" + "InputDefinition" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lightsail::LoadBalancer" + "AWS::IoTEvents::Input" ], "type": "string" }, @@ -148580,7 +153065,38 @@ ], "type": "object" }, - "AWS::Lightsail::LoadBalancerTlsCertificate": { + "AWS::IoTEvents::Input.Attribute": { + "additionalProperties": false, + "properties": { + "JsonPath": { + "markdownDescription": "An expression that specifies an attribute-value pair in a JSON structure. Use this to specify an attribute from the JSON payload that is made available by the input. Inputs are derived from messages sent to AWS IoT Events ( `BatchPutMessage` ). Each such message contains a JSON payload. The attribute (and its paired value) specified here are available for use in the `condition` expressions used by detectors.\n\nSyntax: `....`", + "title": "JsonPath", + "type": "string" + } + }, + "required": [ + "JsonPath" + ], + "type": "object" + }, + "AWS::IoTEvents::Input.InputDefinition": { + "additionalProperties": false, + "properties": { + "Attributes": { + "items": { + "$ref": "#/definitions/AWS::IoTEvents::Input.Attribute" + }, + "markdownDescription": "The attributes from the JSON payload that are made available by the input. Inputs are derived from messages sent to the AWS IoT Events system using `BatchPutMessage` . Each such message contains a JSON payload, and those attributes (and their paired values) specified here are available for use in the `condition` expressions used by detectors that monitor this input.", + "title": "Attributes", + "type": "array" + } + }, + "required": [ + "Attributes" + ], + "type": "object" + }, + "AWS::IoTFleetHub::Application": { "additionalProperties": false, "properties": { "Condition": { @@ -148615,50 +153131,39 @@ "Properties": { "additionalProperties": false, "properties": { - "CertificateAlternativeNames": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of alternative domain names and subdomain names for your SSL/TLS certificate.\n\nIn addition to the primary domain name, you can have up to nine alternative domain names. Wildcards (such as `*.example.com` ) are not supported.", - "title": "CertificateAlternativeNames", - "type": "array" - }, - "CertificateDomainName": { - "markdownDescription": "The domain name for the SSL/TLS certificate. For example, `example.com` or `www.example.com` .", - "title": "CertificateDomainName", + "ApplicationDescription": { + "markdownDescription": "An optional description of the web application.", + "title": "ApplicationDescription", "type": "string" }, - "CertificateName": { - "markdownDescription": "The name of the SSL/TLS certificate.", - "title": "CertificateName", + "ApplicationName": { + "markdownDescription": "The name of the web application.", + "title": "ApplicationName", "type": "string" }, - "HttpsRedirectionEnabled": { - "markdownDescription": "A Boolean value indicating whether HTTPS redirection is enabled for the load balancer that the TLS certificate is attached to.", - "title": "HttpsRedirectionEnabled", - "type": "boolean" - }, - "IsAttached": { - "markdownDescription": "A Boolean value indicating whether the SSL/TLS certificate is attached to a Lightsail load balancer.", - "title": "IsAttached", - "type": "boolean" - }, - "LoadBalancerName": { - "markdownDescription": "The name of the load balancer that the SSL/TLS certificate is attached to.", - "title": "LoadBalancerName", + "RoleArn": { + "markdownDescription": "The ARN of the role that the web application assumes when it interacts with AWS IoT Core .\n\n> The name of the role must be in the form `FleetHub_random_string` . \n\nPattern: `^arn:[!-~]+$`", + "title": "RoleArn", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A set of key/value pairs that you can use to manage the web application resource.", + "title": "Tags", + "type": "array" } }, "required": [ - "CertificateDomainName", - "CertificateName", - "LoadBalancerName" + "ApplicationName", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lightsail::LoadBalancerTlsCertificate" + "AWS::IoTFleetHub::Application" ], "type": "string" }, @@ -148677,7 +153182,7 @@ ], "type": "object" }, - "AWS::Lightsail::StaticIp": { + "AWS::IoTFleetWise::Campaign": { "additionalProperties": false, "properties": { "Condition": { @@ -148712,131 +153217,131 @@ "Properties": { "additionalProperties": false, "properties": { - "AttachedTo": { - "markdownDescription": "The instance that the static IP is attached to.", - "title": "AttachedTo", + "Action": { + "markdownDescription": "Specifies how to update a campaign. The action can be one of the following:\n\n- `APPROVE` - To approve delivering a data collection scheme to vehicles.\n- `SUSPEND` - To suspend collecting signal data. The campaign is deleted from vehicles and all vehicles in the suspended campaign will stop sending data.\n- `RESUME` - To reactivate the `SUSPEND` campaign. The campaign is redeployed to all vehicles and the vehicles will resume sending data.\n- `UPDATE` - To update a campaign.", + "title": "Action", "type": "string" }, - "StaticIpName": { - "markdownDescription": "The name of the static IP.", - "title": "StaticIpName", - "type": "string" - } - }, - "required": [ - "StaticIpName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Lightsail::StaticIp" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::Location::APIKey": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + "CollectionScheme": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.CollectionScheme", + "markdownDescription": "The data collection scheme associated with the campaign. You can specify a scheme that collects data based on time or an event.", + "title": "CollectionScheme" + }, + "Compression": { + "markdownDescription": "Whether to compress signals before transmitting data to AWS IoT FleetWise . If you don't want to compress the signals, use `OFF` . If it's not specified, `SNAPPY` is used.\n\nDefault: `SNAPPY`", + "title": "Compression", "type": "string" }, - { + "DataDestinationConfigs": { + "items": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.DataDestinationConfig" + }, + "markdownDescription": "The destination where the campaign sends data. You can choose to send data to be stored in Amazon S3 or Amazon Timestream .\n\nAmazon S3 optimizes the cost of data storage and provides additional mechanisms to use vehicle data, such as data lakes, centralized data storage, data processing pipelines, and analytics. AWS IoT FleetWise supports at-least-once file delivery to S3. Your vehicle data is stored on multiple AWS IoT FleetWise servers for redundancy and high availability.\n\nYou can use Amazon Timestream to access and analyze time series data, and Timestream to query vehicle data so that you can identify trends and patterns.", + "title": "DataDestinationConfigs", + "type": "array" + }, + "DataExtraDimensions": { "items": { - "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, + "markdownDescription": "A list of vehicle attributes to associate with a campaign.\n\nEnrich the data with specified vehicle attributes. For example, add `make` and `model` to the campaign, and AWS IoT FleetWise will associate the data with those attributes as dimensions in Amazon Timestream . You can then query the data against `make` and `model` .\n\nDefault: An empty array", + "title": "DataExtraDimensions", "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { + }, + "DataPartitions": { + "items": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.DataPartition" + }, + "markdownDescription": "The data partitions associated with the signals collected from the vehicle.", + "title": "DataPartitions", + "type": "array" + }, "Description": { - "markdownDescription": "Updates the description for the API key resource.", + "markdownDescription": "The description of the campaign.", "title": "Description", "type": "string" }, - "ExpireTime": { - "markdownDescription": "The optional timestamp for when the API key resource will expire in [ISO 8601 format](https://docs.aws.amazon.com/https://www.iso.org/iso-8601-date-and-time-format.html) .", - "title": "ExpireTime", + "DiagnosticsMode": { + "markdownDescription": "Option for a vehicle to send diagnostic trouble codes to AWS IoT FleetWise . If you want to send diagnostic trouble codes, use `SEND_ACTIVE_DTCS` . If it's not specified, `OFF` is used.\n\nDefault: `OFF`", + "title": "DiagnosticsMode", "type": "string" }, - "ForceDelete": { - "markdownDescription": "ForceDelete bypasses an API key's expiry conditions and deletes the key. Set the parameter `true` to delete the key or to `false` to not preemptively delete the API key.\n\nValid values: `true` , or `false` .\n\n> This action is irreversible. Only use ForceDelete if you are certain the key is no longer in use.", - "title": "ForceDelete", - "type": "boolean" + "ExpiryTime": { + "markdownDescription": "The time the campaign expires, in seconds since epoch (January 1, 1970 at midnight UTC time). Vehicle data isn't collected after the campaign expires.\n\nDefault: 253402214400 (December 31, 9999, 00:00:00 UTC)", + "title": "ExpiryTime", + "type": "string" }, - "ForceUpdate": { - "markdownDescription": "The boolean flag to be included for updating `ExpireTime` or Restrictions details.\nMust be set to `true` to update an API key resource that has been used in the past 7 days. `False` if force update is not preferred.", - "title": "ForceUpdate", - "type": "boolean" + "Name": { + "markdownDescription": "The name of a campaign.", + "title": "Name", + "type": "string" }, - "KeyName": { - "markdownDescription": "A custom name for the API key resource.\n\nRequirements:\n\n- Contain only alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139), hyphens (-), periods (.), and underscores (_).\n- Must be a unique API key name.\n- No spaces allowed. For example, `ExampleAPIKey` .", - "title": "KeyName", + "PostTriggerCollectionDuration": { + "markdownDescription": "How long (in milliseconds) to collect raw data after a triggering event initiates the collection. If it's not specified, `0` is used.\n\nDefault: `0`", + "title": "PostTriggerCollectionDuration", + "type": "number" + }, + "Priority": { + "markdownDescription": "A number indicating the priority of one campaign over another campaign for a certain vehicle or fleet. A campaign with the lowest value is deployed to vehicles before any other campaigns. If it's not specified, `0` is used.\n\nDefault: `0`", + "title": "Priority", + "type": "number" + }, + "SignalCatalogArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the signal catalog associated with the campaign.", + "title": "SignalCatalogArn", "type": "string" }, - "NoExpiry": { - "markdownDescription": "Whether the API key should expire. Set to `true` to set the API key to have no expiration time.", - "title": "NoExpiry", - "type": "boolean" + "SignalsToCollect": { + "items": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.SignalInformation" + }, + "markdownDescription": "A list of information about signals to collect.", + "title": "SignalsToCollect", + "type": "array" }, - "Restrictions": { - "$ref": "#/definitions/AWS::Location::APIKey.ApiKeyRestrictions", - "markdownDescription": "The API key restrictions for the API key resource.", - "title": "Restrictions" + "SignalsToFetch": { + "items": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.SignalFetchInformation" + }, + "markdownDescription": "A list of information about signals to fetch.", + "title": "SignalsToFetch", + "type": "array" + }, + "SpoolingMode": { + "markdownDescription": "Whether to store collected data after a vehicle lost a connection with the cloud. After a connection is re-established, the data is automatically forwarded to AWS IoT FleetWise . If you want to store collected data when a vehicle loses connection with the cloud, use `TO_DISK` . If it's not specified, `OFF` is used.\n\nDefault: `OFF`", + "title": "SpoolingMode", + "type": "string" + }, + "StartTime": { + "markdownDescription": "The time, in milliseconds, to deliver a campaign after it was approved. If it's not specified, `0` is used.\n\nDefault: `0`", + "title": "StartTime", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Applies one or more tags to the map resource. A tag is a key-value pair that helps manage, identify, search, and filter your resources by labelling them.", + "markdownDescription": "Metadata that can be used to manage the campaign.", "title": "Tags", "type": "array" + }, + "TargetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of a vehicle or fleet to which the campaign is deployed.", + "title": "TargetArn", + "type": "string" } }, "required": [ - "KeyName", - "Restrictions" + "CollectionScheme", + "Name", + "SignalCatalogArn", + "TargetArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Location::APIKey" + "AWS::IoTFleetWise::Campaign" ], "type": "string" }, @@ -148855,126 +153360,379 @@ ], "type": "object" }, - "AWS::Location::APIKey.ApiKeyRestrictions": { + "AWS::IoTFleetWise::Campaign.CollectionScheme": { "additionalProperties": false, "properties": { - "AllowActions": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of allowed actions that an API key resource grants permissions to perform. You must have at least one action for each type of resource. For example, if you have a place resource, you must include at least one place action.\n\nThe following are valid values for the actions.\n\n- *Map actions*\n\n- `geo:GetMap*` - Allows all actions needed for map rendering.\n- *Enhanced Maps actions*\n\n- `geo-maps:GetTile` - Allows getting map tiles for rendering.\n- `geo-maps:GetStaticMap` - Allows getting static map images.\n- *Place actions*\n\n- `geo:SearchPlaceIndexForText` - Allows finding geo coordinates of a known place.\n- `geo:SearchPlaceIndexForPosition` - Allows getting nearest address to geo coordinates.\n- `geo:SearchPlaceIndexForSuggestions` - Allows suggestions based on an incomplete or misspelled query.\n- `geo:GetPlace` - Allows getting details of a place.\n- *Enhanced Places actions*\n\n- `geo-places:Autcomplete` - Allows auto-completion of search text.\n- `geo-places:Geocode` - Allows finding geo coordinates of a known place.\n- `geo-places:GetPlace` - Allows getting details of a place.\n- `geo-places:ReverseGeocode` - Allows getting nearest address to geo coordinates.\n- `geo-places:SearchNearby` - Allows category based places search around geo coordinates.\n- `geo-places:SearchText` - Allows place or address search based on free-form text.\n- `geo-places:Suggest` - Allows suggestions based on an incomplete or misspelled query.\n- *Route actions*\n\n- `geo:CalculateRoute` - Allows point to point routing.\n- `geo:CalculateRouteMatrix` - Allows matrix routing.\n- *Enhanced Routes actions*\n\n- `geo-routes:CalculateIsolines` - Allows isoline calculation.\n- `geo-routes:CalculateRoutes` - Allows point to point routing.\n- `geo-routes:CalculateRouteMatrix` - Allows matrix routing.\n- `geo-routes:OptimizeWaypoints` - Allows computing the best sequence of waypoints.\n- `geo-routes:SnapToRoads` - Allows snapping GPS points to a likely route.\n\n> You must use these strings exactly. For example, to provide access to map rendering, the only valid action is `geo:GetMap*` as an input to the list. `[\"geo:GetMap*\"]` is valid but `[\"geo:GetTile\"]` is not. Similarly, you cannot use `[\"geo:SearchPlaceIndexFor*\"]` - you must list each of the Place actions separately.", - "title": "AllowActions", - "type": "array" + "ConditionBasedCollectionScheme": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.ConditionBasedCollectionScheme", + "markdownDescription": "Information about a collection scheme that uses a simple logical expression to recognize what data to collect.", + "title": "ConditionBasedCollectionScheme" }, - "AllowReferers": { - "items": { - "type": "string" - }, - "markdownDescription": "An optional list of allowed HTTP referers for which requests must originate from. Requests using this API key from other domains will not be allowed.\n\nRequirements:\n\n- Contain only alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139) or any symbols in this list `$\\-._+!*`(),;/?:@=&`\n- May contain a percent (%) if followed by 2 hexadecimal digits (A-F, a-f, 0-9); this is used for URL encoding purposes.\n- May contain wildcard characters question mark (?) and asterisk (*).\n\nQuestion mark (?) will replace any single character (including hexadecimal digits).\n\nAsterisk (*) will replace any multiple characters (including multiple hexadecimal digits).\n- No spaces allowed. For example, `https://example.com` .", - "title": "AllowReferers", - "type": "array" + "TimeBasedCollectionScheme": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.TimeBasedCollectionScheme", + "markdownDescription": "Information about a collection scheme that uses a time period to decide how often to collect data.", + "title": "TimeBasedCollectionScheme" + } + }, + "type": "object" + }, + "AWS::IoTFleetWise::Campaign.ConditionBasedCollectionScheme": { + "additionalProperties": false, + "properties": { + "ConditionLanguageVersion": { + "markdownDescription": "Specifies the version of the conditional expression language.", + "title": "ConditionLanguageVersion", + "type": "number" }, - "AllowResources": { + "Expression": { + "markdownDescription": "The logical expression used to recognize what data to collect. For example, `$variable.Vehicle.OutsideAirTemperature >= 105.0` .", + "title": "Expression", + "type": "string" + }, + "MinimumTriggerIntervalMs": { + "markdownDescription": "The minimum duration of time between two triggering events to collect data, in milliseconds.\n\n> If a signal changes often, you might want to collect data at a slower rate.", + "title": "MinimumTriggerIntervalMs", + "type": "number" + }, + "TriggerMode": { + "markdownDescription": "Whether to collect data for all triggering events ( `ALWAYS` ). Specify ( `RISING_EDGE` ), or specify only when the condition first evaluates to false. For example, triggering on \"AirbagDeployed\"; Users aren't interested on triggering when the airbag is already exploded; they only care about the change from not deployed => deployed.", + "title": "TriggerMode", + "type": "string" + } + }, + "required": [ + "Expression" + ], + "type": "object" + }, + "AWS::IoTFleetWise::Campaign.ConditionBasedSignalFetchConfig": { + "additionalProperties": false, + "properties": { + "ConditionExpression": { + "markdownDescription": "The condition that must be satisfied to trigger a signal fetch.", + "title": "ConditionExpression", + "type": "string" + }, + "TriggerMode": { + "markdownDescription": "Indicates the mode in which the signal fetch is triggered.", + "title": "TriggerMode", + "type": "string" + } + }, + "required": [ + "ConditionExpression", + "TriggerMode" + ], + "type": "object" + }, + "AWS::IoTFleetWise::Campaign.DataDestinationConfig": { + "additionalProperties": false, + "properties": { + "MqttTopicConfig": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.MqttTopicConfig", + "markdownDescription": "The MQTT topic to which the AWS IoT FleetWise campaign routes data.\n\n> Access to certain AWS IoT FleetWise features is currently gated. For more information, see [AWS Region and feature availability](https://docs.aws.amazon.com/iot-fleetwise/latest/developerguide/fleetwise-regions.html) in the *AWS IoT FleetWise Developer Guide* .", + "title": "MqttTopicConfig" + }, + "S3Config": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.S3Config", + "markdownDescription": "The Amazon S3 bucket where the AWS IoT FleetWise campaign sends data.", + "title": "S3Config" + }, + "TimestreamConfig": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.TimestreamConfig", + "markdownDescription": "The Amazon Timestream table where the campaign sends data.", + "title": "TimestreamConfig" + } + }, + "type": "object" + }, + "AWS::IoTFleetWise::Campaign.DataPartition": { + "additionalProperties": false, + "properties": { + "Id": { + "markdownDescription": "The ID of the data partition. The data partition ID must be unique within a campaign. You can establish a data partition as the default partition for a campaign by using `default` as the ID.", + "title": "Id", + "type": "string" + }, + "StorageOptions": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.DataPartitionStorageOptions", + "markdownDescription": "The storage options for a data partition.", + "title": "StorageOptions" + }, + "UploadOptions": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.DataPartitionUploadOptions", + "markdownDescription": "The upload options for the data partition.", + "title": "UploadOptions" + } + }, + "required": [ + "Id", + "StorageOptions" + ], + "type": "object" + }, + "AWS::IoTFleetWise::Campaign.DataPartitionStorageOptions": { + "additionalProperties": false, + "properties": { + "MaximumSize": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.StorageMaximumSize", + "markdownDescription": "The maximum storage size of the data stored in the data partition.\n\n> Newer data overwrites older data when the partition reaches the maximum size.", + "title": "MaximumSize" + }, + "MinimumTimeToLive": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.StorageMinimumTimeToLive", + "markdownDescription": "The amount of time that data in this partition will be kept on disk.\n\n- After the designated amount of time passes, the data can be removed, but it's not guaranteed to be removed.\n- Before the time expires, data in this partition can still be deleted if the partition reaches its configured maximum size.\n- Newer data will overwrite older data when the partition reaches the maximum size.", + "title": "MinimumTimeToLive" + }, + "StorageLocation": { + "markdownDescription": "The folder name for the data partition under the campaign storage folder.", + "title": "StorageLocation", + "type": "string" + } + }, + "required": [ + "MaximumSize", + "MinimumTimeToLive", + "StorageLocation" + ], + "type": "object" + }, + "AWS::IoTFleetWise::Campaign.DataPartitionUploadOptions": { + "additionalProperties": false, + "properties": { + "ConditionLanguageVersion": { + "markdownDescription": "The version of the condition language. Defaults to the most recent condition language version.", + "title": "ConditionLanguageVersion", + "type": "number" + }, + "Expression": { + "markdownDescription": "The logical expression used to recognize what data to collect. For example, `$variable.`Vehicle.OutsideAirTemperature` >= 105.0` .", + "title": "Expression", + "type": "string" + } + }, + "required": [ + "Expression" + ], + "type": "object" + }, + "AWS::IoTFleetWise::Campaign.MqttTopicConfig": { + "additionalProperties": false, + "properties": { + "ExecutionRoleArn": { + "markdownDescription": "The ARN of the role that grants AWS IoT FleetWise permission to access and act on messages sent to the MQTT topic.", + "title": "ExecutionRoleArn", + "type": "string" + }, + "MqttTopicArn": { + "markdownDescription": "The ARN of the MQTT topic.", + "title": "MqttTopicArn", + "type": "string" + } + }, + "required": [ + "ExecutionRoleArn", + "MqttTopicArn" + ], + "type": "object" + }, + "AWS::IoTFleetWise::Campaign.S3Config": { + "additionalProperties": false, + "properties": { + "BucketArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon S3 bucket.", + "title": "BucketArn", + "type": "string" + }, + "DataFormat": { + "markdownDescription": "Specify the format that files are saved in the Amazon S3 bucket. You can save files in an Apache Parquet or JSON format.\n\n- Parquet - Store data in a columnar storage file format. Parquet is optimal for fast data retrieval and can reduce costs. This option is selected by default.\n- JSON - Store data in a standard text-based JSON file format.", + "title": "DataFormat", + "type": "string" + }, + "Prefix": { + "markdownDescription": "Enter an S3 bucket prefix. The prefix is the string of characters after the bucket name and before the object name. You can use the prefix to organize data stored in Amazon S3 buckets. For more information, see [Organizing objects using prefixes](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-prefixes.html) in the *Amazon Simple Storage Service User Guide* .\n\nBy default, AWS IoT FleetWise sets the prefix `processed-data/year=YY/month=MM/date=DD/hour=HH/` (in UTC) to data it delivers to Amazon S3 . You can enter a prefix to append it to this default prefix. For example, if you enter the prefix `vehicles` , the prefix will be `vehicles/processed-data/year=YY/month=MM/date=DD/hour=HH/` .", + "title": "Prefix", + "type": "string" + }, + "StorageCompressionFormat": { + "markdownDescription": "By default, stored data is compressed as a .gzip file. Compressed files have a reduced file size, which can optimize the cost of data storage.", + "title": "StorageCompressionFormat", + "type": "string" + } + }, + "required": [ + "BucketArn" + ], + "type": "object" + }, + "AWS::IoTFleetWise::Campaign.SignalFetchConfig": { + "additionalProperties": false, + "properties": { + "ConditionBased": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.ConditionBasedSignalFetchConfig", + "markdownDescription": "The configuration of a condition-based signal fetch operation.", + "title": "ConditionBased" + }, + "TimeBased": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.TimeBasedSignalFetchConfig", + "markdownDescription": "The configuration of a time-based signal fetch operation.", + "title": "TimeBased" + } + }, + "type": "object" + }, + "AWS::IoTFleetWise::Campaign.SignalFetchInformation": { + "additionalProperties": false, + "properties": { + "Actions": { "items": { "type": "string" }, - "markdownDescription": "A list of allowed resource ARNs that a API key bearer can perform actions on.\n\n- The ARN must be the correct ARN for a map, place, or route ARN. You may include wildcards in the resource-id to match multiple resources of the same type.\n- The resources must be in the same `partition` , `region` , and `account-id` as the key that is being created.\n- Other than wildcards, you must include the full ARN, including the `arn` , `partition` , `service` , `region` , `account-id` and `resource-id` delimited by colons (:).\n- No spaces allowed, even with wildcards. For example, `arn:aws:geo:region: *account-id* :map/ExampleMap*` .\n\nFor more information about ARN format, see [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) .", - "title": "AllowResources", + "markdownDescription": "The actions to be performed by the signal fetch.", + "title": "Actions", "type": "array" + }, + "ConditionLanguageVersion": { + "markdownDescription": "The version of the condition language used.", + "title": "ConditionLanguageVersion", + "type": "number" + }, + "FullyQualifiedName": { + "markdownDescription": "The fully qualified name of the signal to be fetched.", + "title": "FullyQualifiedName", + "type": "string" + }, + "SignalFetchConfig": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.SignalFetchConfig", + "markdownDescription": "The configuration of the signal fetch operation.", + "title": "SignalFetchConfig" } }, "required": [ - "AllowActions", - "AllowResources" + "Actions", + "FullyQualifiedName", + "SignalFetchConfig" ], "type": "object" }, - "AWS::Location::GeofenceCollection": { + "AWS::IoTFleetWise::Campaign.SignalInformation": { "additionalProperties": false, "properties": { - "Condition": { + "DataPartitionId": { + "markdownDescription": "The ID of the data partition this signal is associated with.\n\nThe ID must match one of the IDs provided in `dataPartitions` . This is accomplished either by specifying a particular data partition ID or by using `default` for an established default partition. You can establish a default partition in the `DataPartition` data type.\n\n> If you upload a signal as a condition for a campaign's data partition, the same signal must be included in `signalsToCollect` . > Access to certain AWS IoT FleetWise features is currently gated. For more information, see [AWS Region and feature availability](https://docs.aws.amazon.com/iot-fleetwise/latest/developerguide/fleetwise-regions.html) in the *AWS IoT FleetWise Developer Guide* .", + "title": "DataPartitionId", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "MaxSampleCount": { + "markdownDescription": "The maximum number of samples to collect.", + "title": "MaxSampleCount", + "type": "number" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "MinimumSamplingIntervalMs": { + "markdownDescription": "The minimum duration of time (in milliseconds) between two triggering events to collect data.\n\n> If a signal changes often, you might want to collect data at a slower rate.", + "title": "MinimumSamplingIntervalMs", + "type": "number" }, - "Metadata": { - "type": "object" + "Name": { + "markdownDescription": "The name of the signal.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::IoTFleetWise::Campaign.StorageMaximumSize": { + "additionalProperties": false, + "properties": { + "Unit": { + "markdownDescription": "The data type of the data to store.", + "title": "Unit", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "CollectionName": { - "markdownDescription": "A custom name for the geofence collection.\n\nRequirements:\n\n- Contain only alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139), hyphens (-), periods (.), and underscores (_).\n- Must be a unique geofence collection name.\n- No spaces allowed. For example, `ExampleGeofenceCollection` .", - "title": "CollectionName", - "type": "string" - }, - "Description": { - "markdownDescription": "An optional description for the geofence collection.", - "title": "Description", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "A key identifier for an [AWS KMS customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/create-keys.html) . Enter a key ID, key ARN, alias name, or alias ARN.", - "title": "KmsKeyId", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Applies one or more tags to the geofence collection. A tag is a key-value pair helps manage, identify, search, and filter your resources by labelling them.\n\nFormat: `\"key\" : \"value\"`\n\nRestrictions:\n\n- Maximum 50 tags per resource\n- Each resource tag must be unique with a maximum of one value.\n- Maximum key length: 128 Unicode characters in UTF-8\n- Maximum value length: 256 Unicode characters in UTF-8\n- Can use alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139), and the following characters: + - = . _ : / @.\n- Cannot use \"aws:\" as a prefix for a key.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "CollectionName" - ], - "type": "object" + "Value": { + "markdownDescription": "The maximum amount of time to store data.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "Unit", + "Value" + ], + "type": "object" + }, + "AWS::IoTFleetWise::Campaign.StorageMinimumTimeToLive": { + "additionalProperties": false, + "properties": { + "Unit": { + "markdownDescription": "The time increment type.", + "title": "Unit", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Location::GeofenceCollection" - ], + "Value": { + "markdownDescription": "The minimum amount of time to store the data.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "Unit", + "Value" + ], + "type": "object" + }, + "AWS::IoTFleetWise::Campaign.TimeBasedCollectionScheme": { + "additionalProperties": false, + "properties": { + "PeriodMs": { + "markdownDescription": "The time period (in milliseconds) to decide how often to collect data. For example, if the time period is `60000` , the Edge Agent software collects data once every minute.", + "title": "PeriodMs", + "type": "number" + } + }, + "required": [ + "PeriodMs" + ], + "type": "object" + }, + "AWS::IoTFleetWise::Campaign.TimeBasedSignalFetchConfig": { + "additionalProperties": false, + "properties": { + "ExecutionFrequencyMs": { + "markdownDescription": "The frequency with which the signal fetch will be executed.", + "title": "ExecutionFrequencyMs", + "type": "number" + } + }, + "required": [ + "ExecutionFrequencyMs" + ], + "type": "object" + }, + "AWS::IoTFleetWise::Campaign.TimestreamConfig": { + "additionalProperties": false, + "properties": { + "ExecutionRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the task execution role that grants AWS IoT FleetWise permission to deliver data to the Amazon Timestream table.", + "title": "ExecutionRoleArn", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TimestreamTableArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Timestream table.", + "title": "TimestreamTableArn", "type": "string" } }, "required": [ - "Type", - "Properties" + "ExecutionRoleArn", + "TimestreamTableArn" ], "type": "object" }, - "AWS::Location::Map": { + "AWS::IoTFleetWise::DecoderManifest": { "additionalProperties": false, "properties": { "Condition": { @@ -149009,44 +153767,65 @@ "Properties": { "additionalProperties": false, "properties": { - "Configuration": { - "$ref": "#/definitions/AWS::Location::Map.MapConfiguration", - "markdownDescription": "Specifies the `MapConfiguration` , including the map style, for the map resource that you create. The map style defines the look of maps and the data provider for your map resource.", - "title": "Configuration" + "DefaultForUnmappedSignals": { + "markdownDescription": "Use default decoders for all unmapped signals in the model. You don't need to provide any detailed decoding information.", + "title": "DefaultForUnmappedSignals", + "type": "string" }, "Description": { - "markdownDescription": "An optional description for the map resource.", + "markdownDescription": "A brief description of the decoder manifest.", "title": "Description", "type": "string" }, - "MapName": { - "markdownDescription": "The name for the map resource.\n\nRequirements:\n\n- Must contain only alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139), hyphens (-), periods (.), and underscores (_).\n- Must be a unique map resource name.\n- No spaces allowed. For example, `ExampleMap` .", - "title": "MapName", + "ModelManifestArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of a vehicle model (model manifest) associated with the decoder manifest.", + "title": "ModelManifestArn", "type": "string" }, - "PricingPlan": { - "markdownDescription": "No longer used. If included, the only allowed value is `RequestBasedUsage` .\n\n*Allowed Values* : `RequestBasedUsage`", - "title": "PricingPlan", + "Name": { + "markdownDescription": "The name of the decoder manifest.", + "title": "Name", + "type": "string" + }, + "NetworkInterfaces": { + "items": { + "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.NetworkInterfacesItems" + }, + "markdownDescription": "A list of information about available network interfaces.", + "title": "NetworkInterfaces", + "type": "array" + }, + "SignalDecoders": { + "items": { + "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.SignalDecodersItems" + }, + "markdownDescription": "A list of information about signal decoders.", + "title": "SignalDecoders", + "type": "array" + }, + "Status": { + "markdownDescription": "The state of the decoder manifest. If the status is `ACTIVE` , the decoder manifest can't be edited. If the status is marked `DRAFT` , you can edit the decoder manifest.", + "title": "Status", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Applies one or more tags to the map resource. A tag is a key-value pair helps manage, identify, search, and filter your resources by labelling them.\n\nFormat: `\"key\" : \"value\"`\n\nRestrictions:\n\n- Maximum 50 tags per resource\n- Each resource tag must be unique with a maximum of one value.\n- Maximum key length: 128 Unicode characters in UTF-8\n- Maximum value length: 256 Unicode characters in UTF-8\n- Can use alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139), and the following characters: + - = . _ : / @.\n- Cannot use \"aws:\" as a prefix for a key.", + "markdownDescription": "Metadata that can be used to manage the decoder manifest.", "title": "Tags", "type": "array" } }, "required": [ - "Configuration", - "MapName" + "ModelManifestArn", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Location::Map" + "AWS::IoTFleetWise::DecoderManifest" ], "type": "string" }, @@ -149065,141 +153844,288 @@ ], "type": "object" }, - "AWS::Location::Map.MapConfiguration": { + "AWS::IoTFleetWise::DecoderManifest.CanInterface": { "additionalProperties": false, "properties": { - "CustomLayers": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the custom layers for the style. Leave unset to not enable any custom layer, or, for styles that support custom layers, you can enable layer(s), such as the `POI` layer for the VectorEsriNavigation style.\n\n> Currenlty only `VectorEsriNavigation` supports CustomLayers. For more information, see [Custom Layers](https://docs.aws.amazon.com//location/latest/developerguide/map-concepts.html#map-custom-layers) .", - "title": "CustomLayers", - "type": "array" + "Name": { + "markdownDescription": "The unique name of the interface.", + "title": "Name", + "type": "string" }, - "PoliticalView": { - "markdownDescription": "Specifies the map political view selected from an available data provider.", - "title": "PoliticalView", + "ProtocolName": { + "markdownDescription": "The name of the communication protocol for the interface.", + "title": "ProtocolName", "type": "string" }, - "Style": { - "markdownDescription": "Specifies the map style selected from an available data provider.\n\nValid [Esri map styles](https://docs.aws.amazon.com/location/previous/developerguide/esri.html) :\n\n- `VectorEsriDarkGrayCanvas` \u2013 The Esri Dark Gray Canvas map style. A vector basemap with a dark gray, neutral background with minimal colors, labels, and features that's designed to draw attention to your thematic content.\n- `RasterEsriImagery` \u2013 The Esri Imagery map style. A raster basemap that provides one meter or better satellite and aerial imagery in many parts of the world and lower resolution satellite imagery worldwide.\n- `VectorEsriLightGrayCanvas` \u2013 The Esri Light Gray Canvas map style, which provides a detailed vector basemap with a light gray, neutral background style with minimal colors, labels, and features that's designed to draw attention to your thematic content.\n- `VectorEsriTopographic` \u2013 The Esri Light map style, which provides a detailed vector basemap with a classic Esri map style.\n- `VectorEsriStreets` \u2013 The Esri Street Map style, which provides a detailed vector basemap for the world symbolized with a classic Esri street map style. The vector tile layer is similar in content and style to the World Street Map raster map.\n- `VectorEsriNavigation` \u2013 The Esri Navigation map style, which provides a detailed basemap for the world symbolized with a custom navigation map style that's designed for use during the day in mobile devices.\n\nValid [HERE Technologies map styles](https://docs.aws.amazon.com/location/previous/developerguide/HERE.html) :\n\n- `VectorHereContrast` \u2013 The HERE Contrast (Berlin) map style is a high contrast detailed base map of the world that blends 3D and 2D rendering.\n\n> The `VectorHereContrast` style has been renamed from `VectorHereBerlin` . `VectorHereBerlin` has been deprecated, but will continue to work in applications that use it.\n- `VectorHereExplore` \u2013 A default HERE map style containing a neutral, global map and its features including roads, buildings, landmarks, and water features. It also now includes a fully designed map of Japan.\n- `VectorHereExploreTruck` \u2013 A global map containing truck restrictions and attributes (e.g. width / height / HAZMAT) symbolized with highlighted segments and icons on top of HERE Explore to support use cases within transport and logistics.\n- `RasterHereExploreSatellite` \u2013 A global map containing high resolution satellite imagery.\n- `HybridHereExploreSatellite` \u2013 A global map displaying the road network, street names, and city labels over satellite imagery. This style will automatically retrieve both raster and vector tiles, and your charges will be based on total tiles retrieved.\n\n> Hybrid styles use both vector and raster tiles when rendering the map that you see. This means that more tiles are retrieved than when using either vector or raster tiles alone. Your charges will include all tiles retrieved.\n\nValid [GrabMaps map styles](https://docs.aws.amazon.com/location/previous/developerguide/grab.html) :\n\n- `VectorGrabStandardLight` \u2013 The Grab Standard Light map style provides a basemap with detailed land use coloring, area names, roads, landmarks, and points of interest covering Southeast Asia.\n- `VectorGrabStandardDark` \u2013 The Grab Standard Dark map style provides a dark variation of the standard basemap covering Southeast Asia.\n\n> Grab provides maps only for countries in Southeast Asia, and is only available in the Asia Pacific (Singapore) Region ( `ap-southeast-1` ). For more information, see [GrabMaps countries and area covered](https://docs.aws.amazon.com/location/previous/developerguide/grab.html#grab-coverage-area) . \n\nValid [Open Data map styles](https://docs.aws.amazon.com/location/previous/developerguide/open-data.html) :\n\n- `VectorOpenDataStandardLight` \u2013 The Open Data Standard Light map style provides a detailed basemap for the world suitable for website and mobile application use. The map includes highways major roads, minor roads, railways, water features, cities, parks, landmarks, building footprints, and administrative boundaries.\n- `VectorOpenDataStandardDark` \u2013 Open Data Standard Dark is a dark-themed map style that provides a detailed basemap for the world suitable for website and mobile application use. The map includes highways major roads, minor roads, railways, water features, cities, parks, landmarks, building footprints, and administrative boundaries.\n- `VectorOpenDataVisualizationLight` \u2013 The Open Data Visualization Light map style is a light-themed style with muted colors and fewer features that aids in understanding overlaid data.\n- `VectorOpenDataVisualizationDark` \u2013 The Open Data Visualization Dark map style is a dark-themed style with muted colors and fewer features that aids in understanding overlaid data.", - "title": "Style", + "ProtocolVersion": { + "markdownDescription": "The version of the communication protocol for the interface.", + "title": "ProtocolVersion", "type": "string" } }, "required": [ - "Style" + "Name" ], "type": "object" }, - "AWS::Location::PlaceIndex": { + "AWS::IoTFleetWise::DecoderManifest.CanSignal": { "additionalProperties": false, "properties": { - "Condition": { + "Factor": { + "markdownDescription": "A multiplier used to decode the CAN message.", + "title": "Factor", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "IsBigEndian": { + "markdownDescription": "Whether the byte ordering of a CAN message is big-endian.", + "title": "IsBigEndian", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "IsSigned": { + "markdownDescription": "Whether the message data is specified as a signed value.", + "title": "IsSigned", + "type": "string" }, - "Metadata": { - "type": "object" + "Length": { + "markdownDescription": "How many bytes of data are in the message.", + "title": "Length", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DataSource": { - "markdownDescription": "Specifies the geospatial data provider for the new place index.\n\n> This field is case-sensitive. Enter the valid values as shown. For example, entering `HERE` returns an error. \n\nValid values include:\n\n- `Esri` \u2013 For additional information about [Esri](https://docs.aws.amazon.com/location/previous/developerguide/esri.html) 's coverage in your region of interest, see [Esri details on geocoding coverage](https://docs.aws.amazon.com/https://developers.arcgis.com/rest/geocode/api-reference/geocode-coverage.htm) .\n- `Grab` \u2013 Grab provides place index functionality for Southeast Asia. For additional information about [GrabMaps](https://docs.aws.amazon.com/location/previous/developerguide/grab.html) ' coverage, see [GrabMaps countries and areas covered](https://docs.aws.amazon.com/location/previous/developerguide/grab.html#grab-coverage-area) .\n- `Here` \u2013 For additional information about [HERE Technologies](https://docs.aws.amazon.com/location/previous/developerguide/HERE.html) ' coverage in your region of interest, see [HERE details on goecoding coverage](https://docs.aws.amazon.com/https://developer.here.com/documentation/geocoder/dev_guide/topics/coverage-geocoder.html) .\n\n> If you specify HERE Technologies ( `Here` ) as the data provider, you may not [store results](https://docs.aws.amazon.com//location-places/latest/APIReference/API_DataSourceConfiguration.html) for locations in Japan. For more information, see the [AWS service terms](https://docs.aws.amazon.com/service-terms/) for Amazon Location Service.\n\nFor additional information , see [Data providers](https://docs.aws.amazon.com/location/previous/developerguide/what-is-data-provider.html) on the *Amazon Location Service developer guide* .", - "title": "DataSource", - "type": "string" - }, - "DataSourceConfiguration": { - "$ref": "#/definitions/AWS::Location::PlaceIndex.DataSourceConfiguration", - "markdownDescription": "Specifies the data storage option requesting Places.", - "title": "DataSourceConfiguration" - }, - "Description": { - "markdownDescription": "The optional description for the place index resource.", - "title": "Description", - "type": "string" - }, - "IndexName": { - "markdownDescription": "The name of the place index resource.\n\nRequirements:\n\n- Contain only alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139), hyphens (-), periods (.), and underscores (_).\n- Must be a unique place index resource name.\n- No spaces allowed. For example, `ExamplePlaceIndex` .", - "title": "IndexName", - "type": "string" - }, - "PricingPlan": { - "markdownDescription": "No longer used. If included, the only allowed value is `RequestBasedUsage` .\n\n*Allowed Values* : `RequestBasedUsage`", - "title": "PricingPlan", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "DataSource", - "IndexName" - ], - "type": "object" + "MessageId": { + "markdownDescription": "The ID of the message.", + "title": "MessageId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the signal.", + "title": "Name", + "type": "string" + }, + "Offset": { + "markdownDescription": "The offset used to calculate the signal value. Combined with factor, the calculation is `value = raw_value * factor + offset` .", + "title": "Offset", + "type": "string" + }, + "SignalValueType": { + "markdownDescription": "The value type of the signal. The default value is `INTEGER` .", + "title": "SignalValueType", + "type": "string" + }, + "StartBit": { + "markdownDescription": "Indicates the beginning of the CAN message.", + "title": "StartBit", + "type": "string" + } + }, + "required": [ + "Factor", + "IsBigEndian", + "IsSigned", + "Length", + "MessageId", + "Offset", + "StartBit" + ], + "type": "object" + }, + "AWS::IoTFleetWise::DecoderManifest.CustomDecodingInterface": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the interface.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::IoTFleetWise::DecoderManifest.CustomDecodingSignal": { + "additionalProperties": false, + "properties": { + "Id": { + "markdownDescription": "The ID of the signal.", + "title": "Id", + "type": "string" + } + }, + "required": [ + "Id" + ], + "type": "object" + }, + "AWS::IoTFleetWise::DecoderManifest.NetworkInterfacesItems": { + "additionalProperties": false, + "properties": { + "CanInterface": { + "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.CanInterface" + }, + "CustomDecodingInterface": { + "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.CustomDecodingInterface" + }, + "InterfaceId": { + "type": "string" + }, + "ObdInterface": { + "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.ObdInterface" }, "Type": { - "enum": [ - "AWS::Location::PlaceIndex" - ], + "type": "string" + } + }, + "required": [ + "InterfaceId", + "Type" + ], + "type": "object" + }, + "AWS::IoTFleetWise::DecoderManifest.ObdInterface": { + "additionalProperties": false, + "properties": { + "DtcRequestIntervalSeconds": { + "markdownDescription": "The maximum number message requests per diagnostic trouble code per second.", + "title": "DtcRequestIntervalSeconds", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "HasTransmissionEcu": { + "markdownDescription": "Whether the vehicle has a transmission control module (TCM).", + "title": "HasTransmissionEcu", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the interface.", + "title": "Name", + "type": "string" + }, + "ObdStandard": { + "markdownDescription": "The standard OBD II PID.", + "title": "ObdStandard", + "type": "string" + }, + "PidRequestIntervalSeconds": { + "markdownDescription": "The maximum number message requests per second.", + "title": "PidRequestIntervalSeconds", + "type": "string" + }, + "RequestMessageId": { + "markdownDescription": "The ID of the message requesting vehicle data.", + "title": "RequestMessageId", + "type": "string" + }, + "UseExtendedIds": { + "markdownDescription": "Whether to use extended IDs in the message.", + "title": "UseExtendedIds", "type": "string" } }, "required": [ - "Type", - "Properties" + "Name", + "RequestMessageId" ], "type": "object" }, - "AWS::Location::PlaceIndex.DataSourceConfiguration": { + "AWS::IoTFleetWise::DecoderManifest.ObdSignal": { "additionalProperties": false, "properties": { - "IntendedUse": { - "markdownDescription": "Specifies how the results of an operation will be stored by the caller.\n\nValid values include:\n\n- `SingleUse` specifies that the results won't be stored.\n- `Storage` specifies that the result can be cached or stored in a database.\n\nDefault value: `SingleUse`", - "title": "IntendedUse", + "BitMaskLength": { + "markdownDescription": "The number of bits to mask in a message.", + "title": "BitMaskLength", + "type": "string" + }, + "BitRightShift": { + "markdownDescription": "The number of positions to shift bits in the message.", + "title": "BitRightShift", + "type": "string" + }, + "ByteLength": { + "markdownDescription": "The length of a message.", + "title": "ByteLength", + "type": "string" + }, + "IsSigned": { + "markdownDescription": "Determines whether the message is signed ( `true` ) or not ( `false` ). If it's signed, the message can represent both positive and negative numbers. The `isSigned` parameter only applies to the `INTEGER` raw signal type, and it doesn't affect the `FLOATING_POINT` raw signal type. The default value is `false` .", + "title": "IsSigned", + "type": "string" + }, + "Offset": { + "markdownDescription": "The offset used to calculate the signal value. Combined with scaling, the calculation is `value = raw_value * scaling + offset` .", + "title": "Offset", + "type": "string" + }, + "Pid": { + "markdownDescription": "The diagnostic code used to request data from a vehicle for this signal.", + "title": "Pid", + "type": "string" + }, + "PidResponseLength": { + "markdownDescription": "The length of the requested data.", + "title": "PidResponseLength", + "type": "string" + }, + "Scaling": { + "markdownDescription": "A multiplier used to decode the message.", + "title": "Scaling", + "type": "string" + }, + "ServiceMode": { + "markdownDescription": "The mode of operation (diagnostic service) in a message.", + "title": "ServiceMode", + "type": "string" + }, + "SignalValueType": { + "markdownDescription": "The value type of the signal. The default value is `INTEGER` .", + "title": "SignalValueType", + "type": "string" + }, + "StartByte": { + "markdownDescription": "Indicates the beginning of the message.", + "title": "StartByte", + "type": "string" + } + }, + "required": [ + "ByteLength", + "Offset", + "Pid", + "PidResponseLength", + "Scaling", + "ServiceMode", + "StartByte" + ], + "type": "object" + }, + "AWS::IoTFleetWise::DecoderManifest.SignalDecodersItems": { + "additionalProperties": false, + "properties": { + "CanSignal": { + "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.CanSignal" + }, + "CustomDecodingSignal": { + "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.CustomDecodingSignal" + }, + "FullyQualifiedName": { + "type": "string" + }, + "InterfaceId": { + "type": "string" + }, + "ObdSignal": { + "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.ObdSignal" + }, + "Type": { "type": "string" } }, + "required": [ + "FullyQualifiedName", + "InterfaceId", + "Type" + ], "type": "object" }, - "AWS::Location::RouteCalculator": { + "AWS::IoTFleetWise::Fleet": { "additionalProperties": false, "properties": { "Condition": { @@ -149234,44 +154160,39 @@ "Properties": { "additionalProperties": false, "properties": { - "CalculatorName": { - "markdownDescription": "The name of the route calculator resource.\n\nRequirements:\n\n- Can use alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139) , hyphens (-), periods (.), and underscores (_).\n- Must be a unique Route calculator resource name.\n- No spaces allowed. For example, `ExampleRouteCalculator` .", - "title": "CalculatorName", - "type": "string" - }, - "DataSource": { - "markdownDescription": "Specifies the data provider of traffic and road network data.\n\n> This field is case-sensitive. Enter the valid values as shown. For example, entering `HERE` returns an error. \n\nValid values include:\n\n- `Esri` \u2013 For additional information about [Esri](https://docs.aws.amazon.com/location/previous/developerguide/esri.html) 's coverage in your region of interest, see [Esri details on street networks and traffic coverage](https://docs.aws.amazon.com/https://doc.arcgis.com/en/arcgis-online/reference/network-coverage.htm) .\n\nRoute calculators that use Esri as a data source only calculate routes that are shorter than 400 km.\n- `Grab` \u2013 Grab provides routing functionality for Southeast Asia. For additional information about [GrabMaps](https://docs.aws.amazon.com/location/previous/developerguide/grab.html) ' coverage, see [GrabMaps countries and areas covered](https://docs.aws.amazon.com/location/previous/developerguide/grab.html#grab-coverage-area) .\n- `Here` \u2013 For additional information about [HERE Technologies](https://docs.aws.amazon.com/location/previous/developerguide/HERE.html) ' coverage in your region of interest, see [HERE car routing coverage](https://docs.aws.amazon.com/https://developer.here.com/documentation/routing-api/dev_guide/topics/coverage/car-routing.html) and [HERE truck routing coverage](https://docs.aws.amazon.com/https://developer.here.com/documentation/routing-api/dev_guide/topics/coverage/truck-routing.html) .\n\nFor additional information , see [Data providers](https://docs.aws.amazon.com/location/previous/developerguide/what-is-data-provider.html) on the *Amazon Location Service Developer Guide* .", - "title": "DataSource", - "type": "string" - }, "Description": { - "markdownDescription": "The optional description for the route calculator resource.", + "markdownDescription": "A brief description of the fleet.", "title": "Description", "type": "string" }, - "PricingPlan": { - "markdownDescription": "No longer used. If included, the only allowed value is `RequestBasedUsage` .\n\n*Allowed Values* : `RequestBasedUsage`", - "title": "PricingPlan", + "Id": { + "markdownDescription": "The unique ID of the fleet.", + "title": "Id", + "type": "string" + }, + "SignalCatalogArn": { + "markdownDescription": "The ARN of the signal catalog associated with the fleet.", + "title": "SignalCatalogArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "", + "markdownDescription": "Metadata that can be used to manage the fleet.", "title": "Tags", "type": "array" } }, "required": [ - "CalculatorName", - "DataSource" + "Id", + "SignalCatalogArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Location::RouteCalculator" + "AWS::IoTFleetWise::Fleet" ], "type": "string" }, @@ -149290,7 +154211,7 @@ ], "type": "object" }, - "AWS::Location::Tracker": { + "AWS::IoTFleetWise::ModelManifest": { "additionalProperties": false, "properties": { "Condition": { @@ -149326,52 +154247,51 @@ "additionalProperties": false, "properties": { "Description": { - "markdownDescription": "An optional description for the tracker resource.", + "markdownDescription": "A brief description of the vehicle model.", "title": "Description", "type": "string" }, - "EventBridgeEnabled": { - "markdownDescription": "", - "title": "EventBridgeEnabled", - "type": "boolean" + "Name": { + "markdownDescription": "The name of the vehicle model.", + "title": "Name", + "type": "string" }, - "KmsKeyEnableGeospatialQueries": { - "markdownDescription": "", - "title": "KmsKeyEnableGeospatialQueries", - "type": "boolean" + "Nodes": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of nodes, which are a general abstraction of signals.", + "title": "Nodes", + "type": "array" }, - "KmsKeyId": { - "markdownDescription": "A key identifier for an [AWS KMS customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/create-keys.html) . Enter a key ID, key ARN, alias name, or alias ARN.", - "title": "KmsKeyId", + "SignalCatalogArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the signal catalog associated with the vehicle model.", + "title": "SignalCatalogArn", "type": "string" }, - "PositionFiltering": { - "markdownDescription": "Specifies the position filtering for the tracker resource.\n\nValid values:\n\n- `TimeBased` - Location updates are evaluated against linked geofence collections, but not every location update is stored. If your update frequency is more often than 30 seconds, only one update per 30 seconds is stored for each unique device ID.\n- `DistanceBased` - If the device has moved less than 30 m (98.4 ft), location updates are ignored. Location updates within this area are neither evaluated against linked geofence collections, nor stored. This helps control costs by reducing the number of geofence evaluations and historical device positions to paginate through. Distance-based filtering can also reduce the effects of GPS noise when displaying device trajectories on a map.\n- `AccuracyBased` - If the device has moved less than the measured accuracy, location updates are ignored. For example, if two consecutive updates from a device have a horizontal accuracy of 5 m and 10 m, the second update is ignored if the device has moved less than 15 m. Ignored location updates are neither evaluated against linked geofence collections, nor stored. This can reduce the effects of GPS noise when displaying device trajectories on a map, and can help control your costs by reducing the number of geofence evaluations.\n\nThis field is optional. If not specified, the default value is `TimeBased` .", - "title": "PositionFiltering", + "Status": { + "markdownDescription": "The state of the vehicle model. If the status is `ACTIVE` , the vehicle model can't be edited. If the status is `DRAFT` , you can edit the vehicle model.", + "title": "Status", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "", + "markdownDescription": "Metadata that can be used to manage the vehicle model.", "title": "Tags", "type": "array" - }, - "TrackerName": { - "markdownDescription": "The name for the tracker resource.\n\nRequirements:\n\n- Contain only alphanumeric characters (A-Z, a-z, 0-9) , hyphens (-), periods (.), and underscores (_).\n- Must be a unique tracker resource name.\n- No spaces allowed. For example, `ExampleTracker` .", - "title": "TrackerName", - "type": "string" } }, "required": [ - "TrackerName" + "Name", + "SignalCatalogArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Location::Tracker" + "AWS::IoTFleetWise::ModelManifest" ], "type": "string" }, @@ -149390,7 +154310,7 @@ ], "type": "object" }, - "AWS::Location::TrackerConsumer": { + "AWS::IoTFleetWise::SignalCatalog": { "additionalProperties": false, "properties": { "Condition": { @@ -149425,26 +154345,43 @@ "Properties": { "additionalProperties": false, "properties": { - "ConsumerArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the geofence collection to be associated to tracker resource. Used when you need to specify a resource across all AWS .\n\n- Format example: `arn:aws:geo:region:account-id:geofence-collection/ExampleGeofenceCollectionConsumer`", - "title": "ConsumerArn", + "Description": { + "markdownDescription": "A brief description of the signal catalog.", + "title": "Description", "type": "string" }, - "TrackerName": { - "markdownDescription": "The name for the tracker resource.\n\nRequirements:\n\n- Contain only alphanumeric characters (A-Z, a-z, 0-9) , hyphens (-), periods (.), and underscores (_).\n- Must be a unique tracker resource name.\n- No spaces allowed. For example, `ExampleTracker` .", - "title": "TrackerName", + "Name": { + "markdownDescription": "The name of the signal catalog.", + "title": "Name", "type": "string" + }, + "NodeCounts": { + "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog.NodeCounts", + "markdownDescription": "Information about the number of nodes and node types in a vehicle network.", + "title": "NodeCounts" + }, + "Nodes": { + "items": { + "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog.Node" + }, + "markdownDescription": "A list of information about nodes, which are a general abstraction of signals.", + "title": "Nodes", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata that can be used to manage the signal catalog.", + "title": "Tags", + "type": "array" } }, - "required": [ - "ConsumerArn", - "TrackerName" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Location::TrackerConsumer" + "AWS::IoTFleetWise::SignalCatalog" ], "type": "string" }, @@ -149458,182 +154395,246 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Logs::AccountPolicy": { + "AWS::IoTFleetWise::SignalCatalog.Actuator": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "AllowedValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of possible values an actuator can take.", + "title": "AllowedValues", + "type": "array" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "AssignedValue": { + "markdownDescription": "A specified value for the actuator.", + "title": "AssignedValue", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "DataType": { + "markdownDescription": "The specified data type of the actuator.", + "title": "DataType", + "type": "string" }, - "Metadata": { - "type": "object" + "Description": { + "markdownDescription": "A brief description of the actuator.", + "title": "Description", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "PolicyDocument": { - "markdownDescription": "Specify the policy, in JSON.\n\n*Data protection policy*\n\nA data protection policy must include two JSON blocks:\n\n- The first block must include both a `DataIdentifer` array and an `Operation` property with an `Audit` action. The `DataIdentifer` array lists the types of sensitive data that you want to mask. For more information about the available options, see [Types of data that you can mask](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/mask-sensitive-log-data-types.html) .\n\nThe `Operation` property with an `Audit` action is required to find the sensitive data terms. This `Audit` action must contain a `FindingsDestination` object. You can optionally use that `FindingsDestination` object to list one or more destinations to send audit findings to. If you specify destinations such as log groups, Firehose streams, and S3 buckets, they must already exist.\n- The second block must include both a `DataIdentifer` array and an `Operation` property with an `Deidentify` action. The `DataIdentifer` array must exactly match the `DataIdentifer` array in the first block of the policy.\n\nThe `Operation` property with the `Deidentify` action is what actually masks the data, and it must contain the `\"MaskConfig\": {}` object. The `\"MaskConfig\": {}` object must be empty.\n\n> The contents of the two `DataIdentifer` arrays must match exactly. \n\nIn addition to the two JSON blocks, the `policyDocument` can also include `Name` , `Description` , and `Version` fields. The `Name` is different than the operation's `policyName` parameter, and is used as a dimension when CloudWatch Logs reports audit findings metrics to CloudWatch .\n\nThe JSON specified in `policyDocument` can be up to 30,720 characters long.\n\n*Subscription filter policy*\n\nA subscription filter policy can include the following attributes in a JSON block:\n\n- *DestinationArn* The ARN of the destination to deliver log events to. Supported destinations are:\n\n- An Kinesis Data Streams data stream in the same account as the subscription policy, for same-account delivery.\n- An Firehose data stream in the same account as the subscription policy, for same-account delivery.\n- A Lambda function in the same account as the subscription policy, for same-account delivery.\n- A logical destination in a different account created with [PutDestination](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDestination.html) , for cross-account delivery. Kinesis Data Streams and Firehose are supported as logical destinations.\n- *RoleArn* The ARN of an IAM role that grants CloudWatch Logs permissions to deliver ingested log events to the destination stream. You don't need to provide the ARN when you are working with a logical destination for cross-account delivery.\n- *FilterPattern* A filter pattern for subscribing to a filtered stream of log events.\n- *Distribution* The method used to distribute log data to the destination. By default, log data is grouped by log stream, but the grouping can be set to `Random` for a more even distribution. This property is only applicable when the destination is an Kinesis Data Streams data stream.\n\n*Field index policy*\n\nA field index filter policy can include the following attribute in a JSON block:\n\n- *Fields* The array of field indexes to create.\n\nThe following is an example of an index policy document that creates two indexes, `RequestId` and `TransactionId` .\n\n`\"policyDocument\": \"{ \\\"Fields\\\": [ \\\"RequestId\\\", \\\"TransactionId\\\" ] }\"`\n\n*Transformer policy*\n\nA transformer policy must include one JSON block with the array of processors and their configurations. For more information about available processors, see [Processors that you can use](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-Processors) .", - "title": "PolicyDocument", - "type": "string" - }, - "PolicyName": { - "markdownDescription": "A name for the policy. This must be unique within the account.", - "title": "PolicyName", - "type": "string" - }, - "PolicyType": { - "markdownDescription": "The type of policy that you're creating or updating.", - "title": "PolicyType", - "type": "string" - }, - "Scope": { - "markdownDescription": "Currently the only valid value for this parameter is `ALL` , which specifies that the policy applies to all log groups in the account. If you omit this parameter, the default of `ALL` is used. To scope down a subscription filter policy to a subset of log groups, use the `SelectionCriteria` parameter.", - "title": "Scope", - "type": "string" - }, - "SelectionCriteria": { - "markdownDescription": "Use this parameter to apply the new policy to a subset of log groups in the account.\n\nYou need to specify `SelectionCriteria` only when you specify `SUBSCRIPTION_FILTER_POLICY` , `FIELD_INDEX_POLICY` or `TRANSFORMER_POLICY` for `PolicyType` .\n\nIf `PolicyType` is `SUBSCRIPTION_FILTER_POLICY` , the only supported `SelectionCriteria` filter is `LogGroupName NOT IN []`\n\nIf `PolicyType` is `FIELD_INDEX_POLICY` or `TRANSFORMER_POLICY` , the only supported `SelectionCriteria` filter is `LogGroupNamePrefix`\n\nThe `SelectionCriteria` string can be up to 25KB in length. The length is determined by using its UTF-8 bytes.\n\nUsing the `SelectionCriteria` parameter with `SUBSCRIPTION_FILTER_POLICY` is useful to help prevent infinite loops. For more information, see [Log recursion prevention](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/Subscriptions-recursion-prevention.html) .", - "title": "SelectionCriteria", - "type": "string" - } + "FullyQualifiedName": { + "markdownDescription": "The fully qualified name of the actuator. For example, the fully qualified name of an actuator might be `Vehicle.Front.Left.Door.Lock` .", + "title": "FullyQualifiedName", + "type": "string" + }, + "Max": { + "markdownDescription": "The specified possible maximum value of an actuator.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The specified possible minimum value of an actuator.", + "title": "Min", + "type": "number" + }, + "Unit": { + "markdownDescription": "The scientific unit for the actuator.", + "title": "Unit", + "type": "string" + } + }, + "required": [ + "DataType", + "FullyQualifiedName" + ], + "type": "object" + }, + "AWS::IoTFleetWise::SignalCatalog.Attribute": { + "additionalProperties": false, + "properties": { + "AllowedValues": { + "items": { + "type": "string" }, - "required": [ - "PolicyDocument", - "PolicyName", - "PolicyType" - ], - "type": "object" + "markdownDescription": "A list of possible values an attribute can be assigned.", + "title": "AllowedValues", + "type": "array" }, - "Type": { - "enum": [ - "AWS::Logs::AccountPolicy" - ], + "AssignedValue": { + "markdownDescription": "A specified value for the attribute.", + "title": "AssignedValue", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DataType": { + "markdownDescription": "The specified data type of the attribute.", + "title": "DataType", + "type": "string" + }, + "DefaultValue": { + "markdownDescription": "The default value of the attribute.", + "title": "DefaultValue", + "type": "string" + }, + "Description": { + "markdownDescription": "A brief description of the attribute.", + "title": "Description", + "type": "string" + }, + "FullyQualifiedName": { + "markdownDescription": "The fully qualified name of the attribute. For example, the fully qualified name of an attribute might be `Vehicle.Body.Engine.Type` .", + "title": "FullyQualifiedName", + "type": "string" + }, + "Max": { + "markdownDescription": "The specified possible maximum value of the attribute.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The specified possible minimum value of the attribute.", + "title": "Min", + "type": "number" + }, + "Unit": { + "markdownDescription": "The scientific unit for the attribute.", + "title": "Unit", "type": "string" } }, "required": [ - "Type", - "Properties" + "DataType", + "FullyQualifiedName" ], "type": "object" }, - "AWS::Logs::Delivery": { + "AWS::IoTFleetWise::SignalCatalog.Branch": { "additionalProperties": false, "properties": { - "Condition": { + "Description": { + "markdownDescription": "A brief description of the branch.", + "title": "Description", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FullyQualifiedName": { + "markdownDescription": "The fully qualified name of the branch. For example, the fully qualified name of a branch might be `Vehicle.Body.Engine` .", + "title": "FullyQualifiedName", "type": "string" + } + }, + "required": [ + "FullyQualifiedName" + ], + "type": "object" + }, + "AWS::IoTFleetWise::SignalCatalog.Node": { + "additionalProperties": false, + "properties": { + "Actuator": { + "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog.Actuator", + "markdownDescription": "Information about a node specified as an actuator.\n\n> An actuator is a digital representation of a vehicle device.", + "title": "Actuator" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Attribute": { + "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog.Attribute", + "markdownDescription": "Information about a node specified as an attribute.\n\n> An attribute represents static information about a vehicle.", + "title": "Attribute" }, - "Metadata": { - "type": "object" + "Branch": { + "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog.Branch", + "markdownDescription": "Information about a node specified as a branch.\n\n> A group of signals that are defined in a hierarchical structure.", + "title": "Branch" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DeliveryDestinationArn": { - "markdownDescription": "The ARN of the delivery destination that is associated with this delivery.", - "title": "DeliveryDestinationArn", - "type": "string" - }, - "DeliverySourceName": { - "markdownDescription": "The name of the delivery source that is associated with this delivery.", - "title": "DeliverySourceName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to the delivery.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } + "Sensor": { + "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog.Sensor", + "markdownDescription": "An input component that reports the environmental condition of a vehicle.\n\n> You can collect data about fluid levels, temperatures, vibrations, or battery voltage from sensors.", + "title": "Sensor" + } + }, + "type": "object" + }, + "AWS::IoTFleetWise::SignalCatalog.NodeCounts": { + "additionalProperties": false, + "properties": { + "TotalActuators": { + "markdownDescription": "The total number of nodes in a vehicle network that represent actuators.", + "title": "TotalActuators", + "type": "number" + }, + "TotalAttributes": { + "markdownDescription": "The total number of nodes in a vehicle network that represent attributes.", + "title": "TotalAttributes", + "type": "number" + }, + "TotalBranches": { + "markdownDescription": "The total number of nodes in a vehicle network that represent branches.", + "title": "TotalBranches", + "type": "number" + }, + "TotalNodes": { + "markdownDescription": "The total number of nodes in a vehicle network.", + "title": "TotalNodes", + "type": "number" + }, + "TotalSensors": { + "markdownDescription": "The total number of nodes in a vehicle network that represent sensors.", + "title": "TotalSensors", + "type": "number" + } + }, + "type": "object" + }, + "AWS::IoTFleetWise::SignalCatalog.Sensor": { + "additionalProperties": false, + "properties": { + "AllowedValues": { + "items": { + "type": "string" }, - "required": [ - "DeliveryDestinationArn", - "DeliverySourceName" - ], - "type": "object" + "markdownDescription": "A list of possible values a sensor can take.", + "title": "AllowedValues", + "type": "array" }, - "Type": { - "enum": [ - "AWS::Logs::Delivery" - ], + "DataType": { + "markdownDescription": "The specified data type of the sensor.", + "title": "DataType", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Description": { + "markdownDescription": "A brief description of a sensor.", + "title": "Description", + "type": "string" + }, + "FullyQualifiedName": { + "markdownDescription": "The fully qualified name of the sensor. For example, the fully qualified name of a sensor might be `Vehicle.Body.Engine.Battery` .", + "title": "FullyQualifiedName", + "type": "string" + }, + "Max": { + "markdownDescription": "The specified possible maximum value of the sensor.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The specified possible minimum value of the sensor.", + "title": "Min", + "type": "number" + }, + "Unit": { + "markdownDescription": "The scientific unit of measurement for data collected by the sensor.", + "title": "Unit", "type": "string" } }, "required": [ - "Type", - "Properties" + "DataType", + "FullyQualifiedName" ], "type": "object" }, - "AWS::Logs::DeliveryDestination": { + "AWS::IoTFleetWise::StateTemplate": { "additionalProperties": false, "properties": { "Condition": { @@ -149668,38 +154669,64 @@ "Properties": { "additionalProperties": false, "properties": { - "DeliveryDestinationPolicy": { - "markdownDescription": "An IAM policy that grants permissions to CloudWatch Logs to deliver logs cross-account to a specified destination in this account. For examples of this policy, see [Examples](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDeliveryDestinationPolicy.html#API_PutDeliveryDestinationPolicy_Examples) in the CloudWatch Logs API Reference.", - "title": "DeliveryDestinationPolicy", - "type": "object" + "DataExtraDimensions": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of vehicle attributes associated with the payload published on the state template's MQTT topic.", + "title": "DataExtraDimensions", + "type": "array" }, - "DestinationResourceArn": { - "markdownDescription": "The ARN of the AWS destination that this delivery destination represents. That AWS destination can be a log group in CloudWatch Logs , an Amazon S3 bucket, or a Firehose stream.", - "title": "DestinationResourceArn", + "Description": { + "markdownDescription": "A brief description of the state template.", + "title": "Description", "type": "string" }, + "MetadataExtraDimensions": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of vehicle attributes to associate with the user properties of the messages published on the state template's MQTT topic. For example, if you add `Vehicle.Attributes.Make` and `Vehicle.Attributes.Model` attributes, these attributes are included as user properties with the MQTT message.", + "title": "MetadataExtraDimensions", + "type": "array" + }, "Name": { - "markdownDescription": "The name of this delivery destination.", + "markdownDescription": "The unique alias of the state template.", "title": "Name", "type": "string" }, + "SignalCatalogArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the signal catalog associated with the state template.", + "title": "SignalCatalogArn", + "type": "string" + }, + "StateTemplateProperties": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of signals from which data is collected. The state template properties contain the fully qualified names of the signals.", + "title": "StateTemplateProperties", + "type": "array" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to the delivery destination.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "Metadata that can be used to manage the state template.", "title": "Tags", "type": "array" } }, "required": [ - "Name" + "Name", + "SignalCatalogArn", + "StateTemplateProperties" ], "type": "object" }, "Type": { "enum": [ - "AWS::Logs::DeliveryDestination" + "AWS::IoTFleetWise::StateTemplate" ], "type": "string" }, @@ -149718,7 +154745,7 @@ ], "type": "object" }, - "AWS::Logs::DeliverySource": { + "AWS::IoTFleetWise::Vehicle": { "additionalProperties": false, "properties": { "Condition": { @@ -149753,38 +154780,64 @@ "Properties": { "additionalProperties": false, "properties": { - "LogType": { - "markdownDescription": "The type of log that the source is sending. For valid values for this parameter, see the documentation for the source service.", - "title": "LogType", + "AssociationBehavior": { + "markdownDescription": "An option to create a new AWS IoT thing when creating a vehicle, or to validate an existing thing as a vehicle.", + "title": "AssociationBehavior", + "type": "string" + }, + "Attributes": { + "additionalProperties": true, + "markdownDescription": "Static information about a vehicle in a key-value pair. For example: `\"engine Type\"` : `\"v6\"`", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Attributes", + "type": "object" + }, + "DecoderManifestArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of a decoder manifest associated with the vehicle to create.", + "title": "DecoderManifestArn", + "type": "string" + }, + "ModelManifestArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the vehicle model (model manifest) to create the vehicle from.", + "title": "ModelManifestArn", "type": "string" }, "Name": { - "markdownDescription": "The unique name of the delivery source.", + "markdownDescription": "The unique ID of the vehicle.", "title": "Name", "type": "string" }, - "ResourceArn": { - "markdownDescription": "The ARN of the AWS resource that is generating and sending logs. For example, `arn:aws:workmail:us-east-1:123456789012:organization/m-1234EXAMPLEabcd1234abcd1234abcd1234`", - "title": "ResourceArn", - "type": "string" + "StateTemplates": { + "items": { + "$ref": "#/definitions/AWS::IoTFleetWise::Vehicle.StateTemplateAssociation" + }, + "markdownDescription": "Associate state templates to track the state of the vehicle. State templates determine which signal updates the vehicle sends to the cloud.", + "title": "StateTemplates", + "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to the delivery source.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "Metadata which can be used to manage the vehicle.", "title": "Tags", "type": "array" } }, "required": [ + "DecoderManifestArn", + "ModelManifestArn", "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Logs::DeliverySource" + "AWS::IoTFleetWise::Vehicle" ], "type": "string" }, @@ -149803,7 +154856,77 @@ ], "type": "object" }, - "AWS::Logs::Destination": { + "AWS::IoTFleetWise::Vehicle.PeriodicStateTemplateUpdateStrategy": { + "additionalProperties": false, + "properties": { + "StateTemplateUpdateRate": { + "$ref": "#/definitions/AWS::IoTFleetWise::Vehicle.TimePeriod", + "markdownDescription": "", + "title": "StateTemplateUpdateRate" + } + }, + "required": [ + "StateTemplateUpdateRate" + ], + "type": "object" + }, + "AWS::IoTFleetWise::Vehicle.StateTemplateAssociation": { + "additionalProperties": false, + "properties": { + "Identifier": { + "markdownDescription": "The unique ID of the state template.", + "title": "Identifier", + "type": "string" + }, + "StateTemplateUpdateStrategy": { + "$ref": "#/definitions/AWS::IoTFleetWise::Vehicle.StateTemplateUpdateStrategy", + "markdownDescription": "", + "title": "StateTemplateUpdateStrategy" + } + }, + "required": [ + "Identifier", + "StateTemplateUpdateStrategy" + ], + "type": "object" + }, + "AWS::IoTFleetWise::Vehicle.StateTemplateUpdateStrategy": { + "additionalProperties": false, + "properties": { + "OnChange": { + "markdownDescription": "", + "title": "OnChange", + "type": "object" + }, + "Periodic": { + "$ref": "#/definitions/AWS::IoTFleetWise::Vehicle.PeriodicStateTemplateUpdateStrategy", + "markdownDescription": "", + "title": "Periodic" + } + }, + "type": "object" + }, + "AWS::IoTFleetWise::Vehicle.TimePeriod": { + "additionalProperties": false, + "properties": { + "Unit": { + "markdownDescription": "A unit of time.", + "title": "Unit", + "type": "string" + }, + "Value": { + "markdownDescription": "A number of time units.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "Unit", + "Value" + ], + "type": "object" + }, + "AWS::IoTSiteWise::AccessPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -149838,37 +154961,32 @@ "Properties": { "additionalProperties": false, "properties": { - "DestinationName": { - "markdownDescription": "The name of the destination.", - "title": "DestinationName", - "type": "string" - }, - "DestinationPolicy": { - "markdownDescription": "An IAM policy document that governs which AWS accounts can create subscription filters against this destination.", - "title": "DestinationPolicy", - "type": "string" + "AccessPolicyIdentity": { + "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.AccessPolicyIdentity", + "markdownDescription": "The identity for this access policy. Choose an IAM Identity Center user, an IAM Identity Center group, or an IAM user.", + "title": "AccessPolicyIdentity" }, - "RoleArn": { - "markdownDescription": "The ARN of an IAM role that permits CloudWatch Logs to send data to the specified AWS resource.", - "title": "RoleArn", + "AccessPolicyPermission": { + "markdownDescription": "The permission level for this access policy. Note that a project `ADMINISTRATOR` is also known as a project owner.", + "title": "AccessPolicyPermission", "type": "string" }, - "TargetArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the physical target where the log events are delivered (for example, a Kinesis stream).", - "title": "TargetArn", - "type": "string" + "AccessPolicyResource": { + "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.AccessPolicyResource", + "markdownDescription": "The AWS IoT SiteWise Monitor resource for this access policy. Choose either a portal or a project.", + "title": "AccessPolicyResource" } }, "required": [ - "DestinationName", - "RoleArn", - "TargetArn" + "AccessPolicyIdentity", + "AccessPolicyPermission", + "AccessPolicyResource" ], "type": "object" }, "Type": { "enum": [ - "AWS::Logs::Destination" + "AWS::IoTSiteWise::AccessPolicy" ], "type": "string" }, @@ -149887,7 +155005,99 @@ ], "type": "object" }, - "AWS::Logs::LogAnomalyDetector": { + "AWS::IoTSiteWise::AccessPolicy.AccessPolicyIdentity": { + "additionalProperties": false, + "properties": { + "IamRole": { + "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.IamRole", + "markdownDescription": "An IAM role identity.", + "title": "IamRole" + }, + "IamUser": { + "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.IamUser", + "markdownDescription": "An IAM user identity.", + "title": "IamUser" + }, + "User": { + "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.User", + "markdownDescription": "An IAM Identity Center user identity.", + "title": "User" + } + }, + "type": "object" + }, + "AWS::IoTSiteWise::AccessPolicy.AccessPolicyResource": { + "additionalProperties": false, + "properties": { + "Portal": { + "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.Portal", + "markdownDescription": "Identifies an AWS IoT SiteWise Monitor portal.", + "title": "Portal" + }, + "Project": { + "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.Project", + "markdownDescription": "Identifies a specific AWS IoT SiteWise Monitor project.", + "title": "Project" + } + }, + "type": "object" + }, + "AWS::IoTSiteWise::AccessPolicy.IamRole": { + "additionalProperties": false, + "properties": { + "arn": { + "markdownDescription": "The ARN of the IAM role. For more information, see [IAM ARNs](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html) in the *IAM User Guide* .", + "title": "arn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoTSiteWise::AccessPolicy.IamUser": { + "additionalProperties": false, + "properties": { + "arn": { + "markdownDescription": "The ARN of the IAM user. For more information, see [IAM ARNs](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html) in the *IAM User Guide* .\n\n> If you delete the IAM user, access policies that contain this identity include an empty `arn` . You can delete the access policy for the IAM user that no longer exists.", + "title": "arn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoTSiteWise::AccessPolicy.Portal": { + "additionalProperties": false, + "properties": { + "id": { + "markdownDescription": "The ID of the portal.", + "title": "id", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoTSiteWise::AccessPolicy.Project": { + "additionalProperties": false, + "properties": { + "id": { + "markdownDescription": "The ID of the project.", + "title": "id", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoTSiteWise::AccessPolicy.User": { + "additionalProperties": false, + "properties": { + "id": { + "markdownDescription": "The IAM Identity Center ID of the user.", + "title": "id", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoTSiteWise::Asset": { "additionalProperties": false, "properties": { "Condition": { @@ -149922,50 +155132,60 @@ "Properties": { "additionalProperties": false, "properties": { - "AccountId": { - "markdownDescription": "The ID of the account to create the anomaly detector in.", - "title": "AccountId", + "AssetDescription": { + "markdownDescription": "The ID of the asset, in UUID format.", + "title": "AssetDescription", "type": "string" }, - "AnomalyVisibilityTime": { - "markdownDescription": "The number of days to have visibility on an anomaly. After this time period has elapsed for an anomaly, it will be automatically baselined and the anomaly detector will treat new occurrences of a similar anomaly as normal. Therefore, if you do not correct the cause of an anomaly during the time period specified in `AnomalyVisibilityTime` , it will be considered normal going forward and will not be detected as an anomaly.", - "title": "AnomalyVisibilityTime", - "type": "number" - }, - "DetectorName": { - "markdownDescription": "A name for this anomaly detector.", - "title": "DetectorName", + "AssetExternalId": { + "markdownDescription": "The external ID of the asset model composite model. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", + "title": "AssetExternalId", "type": "string" }, - "EvaluationFrequency": { - "markdownDescription": "Specifies how often the anomaly detector is to run and look for anomalies. Set this value according to the frequency that the log group receives new logs. For example, if the log group receives new log events every 10 minutes, then 15 minutes might be a good setting for `EvaluationFrequency` .", - "title": "EvaluationFrequency", - "type": "string" + "AssetHierarchies": { + "items": { + "$ref": "#/definitions/AWS::IoTSiteWise::Asset.AssetHierarchy" + }, + "markdownDescription": "A list of asset hierarchies that each contain a `hierarchyId` . A hierarchy specifies allowed parent/child asset relationships.", + "title": "AssetHierarchies", + "type": "array" }, - "FilterPattern": { - "markdownDescription": "You can use this parameter to limit the anomaly detection model to examine only log events that match the pattern you specify here. For more information, see [Filter and Pattern Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html) .", - "title": "FilterPattern", + "AssetModelId": { + "markdownDescription": "The ID of the asset model from which to create the asset. This can be either the actual ID in UUID format, or else `externalId:` followed by the external ID, if it has one. For more information, see [Referencing objects with external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-id-references) in the *AWS IoT SiteWise User Guide* .", + "title": "AssetModelId", "type": "string" }, - "KmsKeyId": { - "markdownDescription": "Optionally assigns a AWS KMS key to secure this anomaly detector and its findings. If a key is assigned, the anomalies found and the model used by this detector are encrypted at rest with the key. If a key is assigned to an anomaly detector, a user must have permissions for both this key and for the anomaly detector to retrieve information about the anomalies that it finds.\n\nFor more information about using a AWS KMS key and to see the required IAM policy, see [Use a AWS KMS key with an anomaly detector](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/LogsAnomalyDetection-KMS.html) .", - "title": "KmsKeyId", + "AssetName": { + "markdownDescription": "A friendly name for the asset.", + "title": "AssetName", "type": "string" }, - "LogGroupArnList": { + "AssetProperties": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::IoTSiteWise::Asset.AssetProperty" }, - "markdownDescription": "The ARN of the log group that is associated with this anomaly detector. You can specify only one log group ARN.", - "title": "LogGroupArnList", + "markdownDescription": "The list of asset properties for the asset.\n\nThis object doesn't include properties that you define in composite models. You can find composite model properties in the `assetCompositeModels` object.", + "title": "AssetProperties", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs that contain metadata for the asset. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* .", + "title": "Tags", "type": "array" } }, + "required": [ + "AssetModelId", + "AssetName" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Logs::LogAnomalyDetector" + "AWS::IoTSiteWise::Asset" ], "type": "string" }, @@ -149979,174 +155199,77 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Logs::LogGroup": { + "AWS::IoTSiteWise::Asset.AssetHierarchy": { "additionalProperties": false, "properties": { - "Condition": { + "ChildAssetId": { + "markdownDescription": "The Id of the child asset.", + "title": "ChildAssetId", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ExternalId": { + "markdownDescription": "The external ID of the hierarchy, if it has one. When you update an asset hierarchy, you may assign an external ID if it doesn't already have one. You can't change the external ID of an asset hierarchy that already has one. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", + "title": "ExternalId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DataProtectionPolicy": { - "markdownDescription": "Creates a data protection policy and assigns it to the log group. A data protection policy can help safeguard sensitive data that's ingested by the log group by auditing and masking the sensitive log data. When a user who does not have permission to view masked data views a log event that includes masked data, the sensitive data is replaced by asterisks.\n\nFor more information, including a list of types of data that can be audited and masked, see [Protect sensitive log data with masking](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/mask-sensitive-log-data.html) .", - "title": "DataProtectionPolicy", - "type": "object" - }, - "KmsKeyId": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key to use when encrypting log data.\n\nTo associate an AWS KMS key with the log group, specify the ARN of that KMS key here. If you do so, ingested data is encrypted using this key. This association is stored as long as the data encrypted with the KMS key is still within CloudWatch Logs . This enables CloudWatch Logs to decrypt this data whenever it is requested.\n\nIf you attempt to associate a KMS key with the log group but the KMS key doesn't exist or is deactivated, you will receive an `InvalidParameterException` error.\n\nLog group data is always encrypted in CloudWatch Logs . If you omit this key, the encryption does not use AWS KMS . For more information, see [Encrypt log data in CloudWatch Logs using AWS Key Management Service](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/encrypt-log-data-kms.html)", - "title": "KmsKeyId", - "type": "string" - }, - "LogGroupClass": { - "markdownDescription": "Specifies the log group class for this log group. There are two classes:\n\n- The `Standard` log class supports all CloudWatch Logs features.\n- The `Infrequent Access` log class supports a subset of CloudWatch Logs features and incurs lower costs.\n\nFor details about the features supported by each class, see [Log classes](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch_Logs_Log_Classes.html)", - "title": "LogGroupClass", - "type": "string" - }, - "LogGroupName": { - "markdownDescription": "The name of the log group. If you don't specify a name, AWS CloudFormation generates a unique ID for the log group.", - "title": "LogGroupName", - "type": "string" - }, - "RetentionInDays": { - "markdownDescription": "The number of days to retain the log events in the specified log group. Possible values are: 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1096, 1827, 2192, 2557, 2922, 3288, and 3653.\n\nTo set a log group so that its log events do not expire, use [DeleteRetentionPolicy](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DeleteRetentionPolicy.html) .", - "title": "RetentionInDays", - "type": "number" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to the log group.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Logs::LogGroup" - ], + "Id": { + "markdownDescription": "The ID of the hierarchy. This ID is a `hierarchyId` .\n\n> This is a return value and can't be set.", + "title": "Id", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "LogicalId": { + "markdownDescription": "The ID of the hierarchy. This ID is a `hierarchyId` .", + "title": "LogicalId", "type": "string" } }, "required": [ - "Type" + "ChildAssetId" ], "type": "object" }, - "AWS::Logs::LogStream": { + "AWS::IoTSiteWise::Asset.AssetProperty": { "additionalProperties": false, "properties": { - "Condition": { + "Alias": { + "markdownDescription": "The alias that identifies the property, such as an OPC-UA server data stream path (for example, `/company/windfarm/3/turbine/7/temperature` ). For more information, see [Mapping industrial data streams to asset properties](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/connect-data-streams.html) in the *AWS IoT SiteWise User Guide* .", + "title": "Alias", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ExternalId": { + "markdownDescription": "The external ID of the property. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", + "title": "ExternalId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "Id": { + "markdownDescription": "The ID of the asset property.\n\n> This is a return value and can't be set.", + "title": "Id", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "LogGroupName": { - "markdownDescription": "The name of the log group where the log stream is created.", - "title": "LogGroupName", - "type": "string" - }, - "LogStreamName": { - "markdownDescription": "The name of the log stream. The name must be unique within the log group.", - "title": "LogStreamName", - "type": "string" - } - }, - "required": [ - "LogGroupName" - ], - "type": "object" + "LogicalId": { + "markdownDescription": "The `LogicalID` of the asset property.", + "title": "LogicalId", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Logs::LogStream" - ], + "NotificationState": { + "markdownDescription": "The MQTT notification state (enabled or disabled) for this asset property. When the notification state is enabled, AWS IoT SiteWise publishes property value updates to a unique MQTT topic. For more information, see [Interacting with other services](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/interact-with-other-services.html) in the *AWS IoT SiteWise User Guide* .\n\nIf you omit this parameter, the notification state is set to `DISABLED` .", + "title": "NotificationState", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Unit": { + "markdownDescription": "The unit (such as `Newtons` or `RPM` ) of the asset property.", + "title": "Unit", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Logs::MetricFilter": { + "AWS::IoTSiteWise::AssetModel": { "additionalProperties": false, "properties": { "Condition": { @@ -150181,40 +155304,67 @@ "Properties": { "additionalProperties": false, "properties": { - "FilterName": { - "markdownDescription": "The name of the metric filter.", - "title": "FilterName", + "AssetModelCompositeModels": { + "items": { + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.AssetModelCompositeModel" + }, + "markdownDescription": "The composite models that are part of this asset model. It groups properties (such as attributes, measurements, transforms, and metrics) and child composite models that model parts of your industrial equipment. Each composite model has a type that defines the properties that the composite model supports. Use composite models to define alarms on this asset model.\n\n> When creating custom composite models, you need to use [CreateAssetModelCompositeModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_CreateAssetModelCompositeModel.html) . For more information, see [Creating custom composite models (Components)](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/create-custom-composite-models.html) in the *AWS IoT SiteWise User Guide* .", + "title": "AssetModelCompositeModels", + "type": "array" + }, + "AssetModelDescription": { + "markdownDescription": "A description for the asset model.", + "title": "AssetModelDescription", "type": "string" }, - "FilterPattern": { - "markdownDescription": "A filter pattern for extracting metric data out of ingested log events. For more information, see [Filter and Pattern Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html) .", - "title": "FilterPattern", + "AssetModelExternalId": { + "markdownDescription": "The external ID of the asset model. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", + "title": "AssetModelExternalId", "type": "string" }, - "LogGroupName": { - "markdownDescription": "The name of an existing log group that you want to associate with this metric filter.", - "title": "LogGroupName", + "AssetModelHierarchies": { + "items": { + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.AssetModelHierarchy" + }, + "markdownDescription": "The hierarchy definitions of the asset model. Each hierarchy specifies an asset model whose assets can be children of any other assets created from this asset model. For more information, see [Asset hierarchies](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/asset-hierarchies.html) in the *AWS IoT SiteWise User Guide* .\n\nYou can specify up to 10 hierarchies per asset model. For more information, see [Quotas](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/quotas.html) in the *AWS IoT SiteWise User Guide* .", + "title": "AssetModelHierarchies", + "type": "array" + }, + "AssetModelName": { + "markdownDescription": "A unique name for the asset model.", + "title": "AssetModelName", "type": "string" }, - "MetricTransformations": { + "AssetModelProperties": { "items": { - "$ref": "#/definitions/AWS::Logs::MetricFilter.MetricTransformation" + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.AssetModelProperty" }, - "markdownDescription": "The metric transformations.", - "title": "MetricTransformations", + "markdownDescription": "The property definitions of the asset model. For more information, see [Asset properties](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/asset-properties.html) in the *AWS IoT SiteWise User Guide* .\n\nYou can specify up to 200 properties per asset model. For more information, see [Quotas](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/quotas.html) in the *AWS IoT SiteWise User Guide* .", + "title": "AssetModelProperties", + "type": "array" + }, + "AssetModelType": { + "markdownDescription": "The type of asset model.\n\n- *ASSET_MODEL* \u2013 (default) An asset model that you can use to create assets. Can't be included as a component in another asset model.\n- *COMPONENT_MODEL* \u2013 A reusable component that you can include in the composite models of other asset models. You can't create assets directly from this type of asset model.", + "title": "AssetModelType", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs that contain metadata for the asset. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* .", + "title": "Tags", "type": "array" } }, "required": [ - "FilterPattern", - "LogGroupName", - "MetricTransformations" + "AssetModelName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Logs::MetricFilter" + "AWS::IoTSiteWise::AssetModel" ], "type": "string" }, @@ -150233,155 +155383,357 @@ ], "type": "object" }, - "AWS::Logs::MetricFilter.Dimension": { + "AWS::IoTSiteWise::AssetModel.AssetModelCompositeModel": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The name for the CloudWatch metric dimension that the metric filter creates.\n\nDimension names must contain only ASCII characters, must include at least one non-whitespace character, and cannot start with a colon (:).", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "The log event field that will contain the value for this dimension. This dimension will only be published for a metric if the value is found in the log event. For example, `$.eventType` for JSON log events, or `$server` for space-delimited log events.", - "title": "Value", + "ComposedAssetModelId": { + "markdownDescription": "The ID of a component model which is reused to create this composite model.", + "title": "ComposedAssetModelId", "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - }, - "AWS::Logs::MetricFilter.MetricTransformation": { - "additionalProperties": false, - "properties": { - "DefaultValue": { - "markdownDescription": "(Optional) The value to emit when a filter pattern does not match a log event. This value can be null.", - "title": "DefaultValue", - "type": "number" }, - "Dimensions": { + "CompositeModelProperties": { "items": { - "$ref": "#/definitions/AWS::Logs::MetricFilter.Dimension" + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.AssetModelProperty" }, - "markdownDescription": "The fields to use as dimensions for the metric. One metric filter can include as many as three dimensions.\n\n> Metrics extracted from log events are charged as custom metrics. To prevent unexpected high charges, do not specify high-cardinality fields such as `IPAddress` or `requestID` as dimensions. Each different value found for a dimension is treated as a separate metric and accrues charges as a separate custom metric.\n> \n> CloudWatch Logs disables a metric filter if it generates 1000 different name/value pairs for your specified dimensions within a certain amount of time. This helps to prevent accidental high charges.\n> \n> You can also set up a billing alarm to alert you if your charges are higher than expected. For more information, see [Creating a Billing Alarm to Monitor Your Estimated AWS Charges](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/monitor_estimated_charges_with_cloudwatch.html) .", - "title": "Dimensions", + "markdownDescription": "The asset property definitions for this composite model.", + "title": "CompositeModelProperties", "type": "array" }, - "MetricName": { - "markdownDescription": "The name of the CloudWatch metric.", - "title": "MetricName", + "Description": { + "markdownDescription": "The description of the composite model.\n\n> If the composite model is a `component-model-based` composite model, the description is inherited from the `COMPONENT_MODEL` asset model and cannot be changed.", + "title": "Description", "type": "string" }, - "MetricNamespace": { - "markdownDescription": "A custom namespace to contain your metric in CloudWatch. Use namespaces to group together metrics that are similar. For more information, see [Namespaces](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html#Namespace) .", - "title": "MetricNamespace", + "ExternalId": { + "markdownDescription": "The external ID of a composite model on this asset model. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .\n\n> One of `ExternalId` or `Path` must be specified.", + "title": "ExternalId", "type": "string" }, - "MetricValue": { - "markdownDescription": "The value that is published to the CloudWatch metric. For example, if you're counting the occurrences of a particular term like `Error` , specify 1 for the metric value. If you're counting the number of bytes transferred, reference the value that is in the log event by using $. followed by the name of the field that you specified in the filter pattern, such as `$.size` .", - "title": "MetricValue", + "Id": { + "markdownDescription": "The ID of the asset model composite model.\n\n> This is a return value and can't be set.", + "title": "Id", "type": "string" }, - "Unit": { - "markdownDescription": "The unit to assign to the metric. If you omit this, the unit is set as `None` .", - "title": "Unit", + "Name": { + "markdownDescription": "The name of the composite model.", + "title": "Name", + "type": "string" + }, + "ParentAssetModelCompositeModelExternalId": { + "markdownDescription": "The external ID of the parent composite model. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", + "title": "ParentAssetModelCompositeModelExternalId", + "type": "string" + }, + "Path": { + "items": { + "type": "string" + }, + "markdownDescription": "The structured path to the property from the root of the asset using property names. Path is used as the ID if the asset model is a derived composite model.\n\n> One of `ExternalId` or `Path` must be specified.", + "title": "Path", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of the composite model. For alarm composite models, this type is `AWS/ALARM` .", + "title": "Type", "type": "string" } }, "required": [ - "MetricName", - "MetricNamespace", - "MetricValue" + "Name", + "Type" ], "type": "object" }, - "AWS::Logs::QueryDefinition": { + "AWS::IoTSiteWise::AssetModel.AssetModelHierarchy": { "additionalProperties": false, "properties": { - "Condition": { + "ChildAssetModelId": { + "markdownDescription": "The ID of the asset model, in UUID format. All assets in this hierarchy must be instances of the `childAssetModelId` asset model. AWS IoT SiteWise will always return the actual asset model ID for this value. However, when you are specifying this value as part of a call to [UpdateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateAssetModel.html) , you may provide either the asset model ID or else `externalId:` followed by the asset model's external ID. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", + "title": "ChildAssetModelId", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ExternalId": { + "markdownDescription": "The external ID (if any) provided in the [CreateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_CreateAssetModel.html) or [UpdateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateAssetModel.html) operation. You can assign an external ID by specifying this value as part of a call to [UpdateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateAssetModel.html) . However, you can't change the external ID if one is already assigned. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .\n\n> One of `ExternalId` or `LogicalId` must be specified.", + "title": "ExternalId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "LogGroupNames": { - "items": { - "type": "string" - }, - "markdownDescription": "Use this parameter if you want the query to query only certain log groups.", - "title": "LogGroupNames", - "type": "array" - }, - "Name": { - "markdownDescription": "A name for the query definition.\n\n> You can use the name to create a folder structure for your queries. To create a folder, use a forward slash (/) to prefix your desired query name with your desired folder name. For example, `*folder-name* / *query-name*` .", - "title": "Name", - "type": "string" - }, - "QueryString": { - "markdownDescription": "The query string to use for this query definition. For more information, see [CloudWatch Logs Insights Query Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_QuerySyntax.html) .", - "title": "QueryString", - "type": "string" - } - }, - "required": [ - "Name", - "QueryString" - ], - "type": "object" + "Id": { + "markdownDescription": "The ID of the asset model hierarchy. This ID is a `hierarchyId` .\n\n> This is a return value and can't be set. \n\n- If you are callling [UpdateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateAssetModel.html) to create a *new* hierarchy: You can specify its ID here, if desired. AWS IoT SiteWise automatically generates a unique ID for you, so this parameter is never required. However, if you prefer to supply your own ID instead, you can specify it here in UUID format. If you specify your own ID, it must be globally unique.\n- If you are calling UpdateAssetModel to modify an *existing* hierarchy: This can be either the actual ID in UUID format, or else `externalId:` followed by the external ID, if it has one. For more information, see [Referencing objects with external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-id-references) in the *AWS IoT SiteWise User Guide* .", + "title": "Id", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Logs::QueryDefinition" - ], + "LogicalId": { + "markdownDescription": "The `LogicalID` of the asset model hierarchy. This ID is a `hierarchyLogicalId` .\n\n> One of `ExternalId` or `LogicalId` must be specified.", + "title": "LogicalId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "The name of the asset model hierarchy that you specify by using the [CreateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_CreateAssetModel.html) or [UpdateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateAssetModel.html) API operation.", + "title": "Name", "type": "string" } }, "required": [ - "Type", - "Properties" + "ChildAssetModelId", + "Name" ], "type": "object" }, - "AWS::Logs::ResourcePolicy": { + "AWS::IoTSiteWise::AssetModel.AssetModelProperty": { "additionalProperties": false, "properties": { - "Condition": { + "DataType": { + "markdownDescription": "The data type of the asset model property.\n\nIf you specify `STRUCT` , you must also specify `dataTypeSpec` to identify the type of the structure for this property.", + "title": "DataType", + "type": "string" + }, + "DataTypeSpec": { + "markdownDescription": "The data type of the structure for this property. This parameter exists on properties that have the `STRUCT` data type.", + "title": "DataTypeSpec", + "type": "string" + }, + "ExternalId": { + "markdownDescription": "The external ID of the asset property. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .\n\n> One of `ExternalId` or `LogicalId` must be specified.", + "title": "ExternalId", + "type": "string" + }, + "Id": { + "markdownDescription": "The ID of the property.\n\n> This is a return value and can't be set.", + "title": "Id", + "type": "string" + }, + "LogicalId": { + "markdownDescription": "The `LogicalID` of the asset model property.\n\n> One of `ExternalId` or `LogicalId` must be specified.", + "title": "LogicalId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the asset model property.", + "title": "Name", + "type": "string" + }, + "Type": { + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.PropertyType", + "markdownDescription": "Contains a property type, which can be one of `attribute` , `measurement` , `metric` , or `transform` .", + "title": "Type" + }, + "Unit": { + "markdownDescription": "The unit of the asset model property, such as `Newtons` or `RPM` .", + "title": "Unit", + "type": "string" + } + }, + "required": [ + "DataType", + "Name", + "Type" + ], + "type": "object" + }, + "AWS::IoTSiteWise::AssetModel.Attribute": { + "additionalProperties": false, + "properties": { + "DefaultValue": { + "markdownDescription": "The default value of the asset model property attribute. All assets that you create from the asset model contain this attribute value. You can update an attribute's value after you create an asset. For more information, see [Updating attribute values](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/update-attribute-values.html) in the *AWS IoT SiteWise User Guide* .", + "title": "DefaultValue", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoTSiteWise::AssetModel.ExpressionVariable": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The friendly name of the variable to be used in the expression.", + "title": "Name", + "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.VariableValue", + "markdownDescription": "The variable that identifies an asset property from which to use values.", + "title": "Value" + } + }, + "required": [ + "Name", + "Value" + ], + "type": "object" + }, + "AWS::IoTSiteWise::AssetModel.Metric": { + "additionalProperties": false, + "properties": { + "Expression": { + "markdownDescription": "The mathematical expression that defines the metric aggregation function. You can specify up to 10 variables per expression. You can specify up to 10 functions per expression.\n\nFor more information, see [Quotas](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/quotas.html) in the *AWS IoT SiteWise User Guide* .", + "title": "Expression", + "type": "string" + }, + "Variables": { + "items": { + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.ExpressionVariable" + }, + "markdownDescription": "The list of variables used in the expression.", + "title": "Variables", + "type": "array" + }, + "Window": { + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.MetricWindow", + "markdownDescription": "The window (time interval) over which AWS IoT SiteWise computes the metric's aggregation expression. AWS IoT SiteWise computes one data point per `window` .", + "title": "Window" + } + }, + "required": [ + "Expression", + "Variables", + "Window" + ], + "type": "object" + }, + "AWS::IoTSiteWise::AssetModel.MetricWindow": { + "additionalProperties": false, + "properties": { + "Tumbling": { + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.TumblingWindow", + "markdownDescription": "The tumbling time interval window.", + "title": "Tumbling" + } + }, + "type": "object" + }, + "AWS::IoTSiteWise::AssetModel.PropertyPathDefinition": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the path segment.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::IoTSiteWise::AssetModel.PropertyType": { + "additionalProperties": false, + "properties": { + "Attribute": { + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.Attribute", + "markdownDescription": "Specifies an asset attribute property. An attribute generally contains static information, such as the serial number of an [IIoT](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Internet_of_things#Industrial_applications) wind turbine.", + "title": "Attribute" + }, + "Metric": { + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.Metric", + "markdownDescription": "Specifies an asset metric property. A metric contains a mathematical expression that uses aggregate functions to process all input data points over a time interval and output a single data point, such as to calculate the average hourly temperature.", + "title": "Metric" + }, + "Transform": { + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.Transform", + "markdownDescription": "Specifies an asset transform property. A transform contains a mathematical expression that maps a property's data points from one form to another, such as a unit conversion from Celsius to Fahrenheit.", + "title": "Transform" + }, + "TypeName": { + "markdownDescription": "The type of property type, which can be one of `Attribute` , `Measurement` , `Metric` , or `Transform` .", + "title": "TypeName", + "type": "string" + } + }, + "required": [ + "TypeName" + ], + "type": "object" + }, + "AWS::IoTSiteWise::AssetModel.Transform": { + "additionalProperties": false, + "properties": { + "Expression": { + "markdownDescription": "The mathematical expression that defines the transformation function. You can specify up to 10 variables per expression. You can specify up to 10 functions per expression.\n\nFor more information, see [Quotas](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/quotas.html) in the *AWS IoT SiteWise User Guide* .", + "title": "Expression", + "type": "string" + }, + "Variables": { + "items": { + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.ExpressionVariable" + }, + "markdownDescription": "The list of variables used in the expression.", + "title": "Variables", + "type": "array" + } + }, + "required": [ + "Expression", + "Variables" + ], + "type": "object" + }, + "AWS::IoTSiteWise::AssetModel.TumblingWindow": { + "additionalProperties": false, + "properties": { + "Interval": { + "markdownDescription": "The time interval for the tumbling window. The interval time must be between 1 minute and 1 week.\n\nAWS IoT SiteWise computes the `1w` interval the end of Sunday at midnight each week (UTC), the `1d` interval at the end of each day at midnight (UTC), the `1h` interval at the end of each hour, and so on.\n\nWhen AWS IoT SiteWise aggregates data points for metric computations, the start of each interval is exclusive and the end of each interval is inclusive. AWS IoT SiteWise places the computed data point at the end of the interval.", + "title": "Interval", + "type": "string" + }, + "Offset": { + "markdownDescription": "The offset for the tumbling window. The `offset` parameter accepts the following:\n\n- The offset time.\n\nFor example, if you specify `18h` for `offset` and `1d` for `interval` , AWS IoT SiteWise aggregates data in one of the following ways:\n\n- If you create the metric before or at 6 PM (UTC), you get the first aggregation result at 6 PM (UTC) on the day when you create the metric.\n- If you create the metric after 6 PM (UTC), you get the first aggregation result at 6 PM (UTC) the next day.\n- The ISO 8601 format.\n\nFor example, if you specify `PT18H` for `offset` and `1d` for `interval` , AWS IoT SiteWise aggregates data in one of the following ways:\n\n- If you create the metric before or at 6 PM (UTC), you get the first aggregation result at 6 PM (UTC) on the day when you create the metric.\n- If you create the metric after 6 PM (UTC), you get the first aggregation result at 6 PM (UTC) the next day.\n- The 24-hour clock.\n\nFor example, if you specify `00:03:00` for `offset` , `5m` for `interval` , and you create the metric at 2 PM (UTC), you get the first aggregation result at 2:03 PM (UTC). You get the second aggregation result at 2:08 PM (UTC).\n- The offset time zone.\n\nFor example, if you specify `2021-07-23T18:00-08` for `offset` and `1d` for `interval` , AWS IoT SiteWise aggregates data in one of the following ways:\n\n- If you create the metric before or at 6 PM (PST), you get the first aggregation result at 6 PM (PST) on the day when you create the metric.\n- If you create the metric after 6 PM (PST), you get the first aggregation result at 6 PM (PST) the next day.", + "title": "Offset", + "type": "string" + } + }, + "required": [ + "Interval" + ], + "type": "object" + }, + "AWS::IoTSiteWise::AssetModel.VariableValue": { + "additionalProperties": false, + "properties": { + "HierarchyExternalId": { + "markdownDescription": "The external ID of the hierarchy being referenced. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", + "title": "HierarchyExternalId", + "type": "string" + }, + "HierarchyId": { + "markdownDescription": "The ID of the hierarchy to query for the property ID. You can use the hierarchy's name instead of the hierarchy's ID. If the hierarchy has an external ID, you can specify `externalId:` followed by the external ID. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .\n\nYou use a hierarchy ID instead of a model ID because you can have several hierarchies using the same model and therefore the same `propertyId` . For example, you might have separately grouped assets that come from the same asset model. For more information, see [Asset hierarchies](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/asset-hierarchies.html) in the *AWS IoT SiteWise User Guide* .", + "title": "HierarchyId", + "type": "string" + }, + "HierarchyLogicalId": { + "markdownDescription": "The `LogicalID` of the hierarchy to query for the `PropertyLogicalID` .\n\nYou use a `hierarchyLogicalID` instead of a model ID because you can have several hierarchies using the same model and therefore the same property. For example, you might have separately grouped assets that come from the same asset model. For more information, see [Defining relationships between asset models (hierarchies)](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/asset-hierarchies.html) in the *AWS IoT SiteWise User Guide* .", + "title": "HierarchyLogicalId", + "type": "string" + }, + "PropertyExternalId": { + "markdownDescription": "The external ID of the property being referenced. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", + "title": "PropertyExternalId", + "type": "string" + }, + "PropertyId": { + "markdownDescription": "The ID of the property to use as the variable. You can use the property `name` if it's from the same asset model. If the property has an external ID, you can specify `externalId:` followed by the external ID. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .\n\n> This is a return value and can't be set.", + "title": "PropertyId", + "type": "string" + }, + "PropertyLogicalId": { + "markdownDescription": "The `LogicalID` of the property that is being referenced.", + "title": "PropertyLogicalId", + "type": "string" + }, + "PropertyPath": { + "items": { + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.PropertyPathDefinition" + }, + "markdownDescription": "The path of the property. Each step of the path is the name of the step. See the following example:\n\n`PropertyPath: Name: AssetModelName Name: Composite1 Name: NestedComposite`", + "title": "PropertyPath", + "type": "array" + } + }, + "type": "object" + }, + "AWS::IoTSiteWise::Dashboard": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, "DeletionPolicy": { @@ -150413,26 +155765,45 @@ "Properties": { "additionalProperties": false, "properties": { - "PolicyDocument": { - "markdownDescription": "The details of the policy. It must be formatted in JSON, and you must use backslashes to escape characters that need to be escaped in JSON strings, such as double quote marks.", - "title": "PolicyDocument", + "DashboardDefinition": { + "markdownDescription": "The dashboard definition specified in a JSON literal.\n\n- AWS IoT SiteWise Monitor (Classic) see [Create dashboards ( AWS CLI )](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/create-dashboards-using-aws-cli.html)\n- AWS IoT SiteWise Monitor (AI-aware) see [Create dashboards ( AWS CLI )](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/create-dashboards-ai-dashboard-cli.html)\n\nin the *AWS IoT SiteWise User Guide*", + "title": "DashboardDefinition", "type": "string" }, - "PolicyName": { - "markdownDescription": "The name of the resource policy.", - "title": "PolicyName", + "DashboardDescription": { + "markdownDescription": "A description for the dashboard.", + "title": "DashboardDescription", + "type": "string" + }, + "DashboardName": { + "markdownDescription": "A friendly name for the dashboard.", + "title": "DashboardName", + "type": "string" + }, + "ProjectId": { + "markdownDescription": "The ID of the project in which to create the dashboard.", + "title": "ProjectId", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs that contain metadata for the dashboard. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* .", + "title": "Tags", + "type": "array" } }, "required": [ - "PolicyDocument", - "PolicyName" + "DashboardDefinition", + "DashboardDescription", + "DashboardName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Logs::ResourcePolicy" + "AWS::IoTSiteWise::Dashboard" ], "type": "string" }, @@ -150451,7 +155822,7 @@ ], "type": "object" }, - "AWS::Logs::SubscriptionFilter": { + "AWS::IoTSiteWise::Dataset": { "additionalProperties": false, "properties": { "Condition": { @@ -150486,47 +155857,39 @@ "Properties": { "additionalProperties": false, "properties": { - "DestinationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the destination.", - "title": "DestinationArn", - "type": "string" - }, - "Distribution": { - "markdownDescription": "The method used to distribute log data to the destination, which can be either random or grouped by log stream.", - "title": "Distribution", - "type": "string" - }, - "FilterName": { - "markdownDescription": "The name of the subscription filter.", - "title": "FilterName", + "DatasetDescription": { + "markdownDescription": "", + "title": "DatasetDescription", "type": "string" }, - "FilterPattern": { - "markdownDescription": "The filtering expressions that restrict what gets delivered to the destination AWS resource. For more information about the filter pattern syntax, see [Filter and Pattern Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html) .", - "title": "FilterPattern", + "DatasetName": { + "markdownDescription": "", + "title": "DatasetName", "type": "string" }, - "LogGroupName": { - "markdownDescription": "The log group to associate with the subscription filter. All log events that are uploaded to this log group are filtered and delivered to the specified AWS resource if the filter pattern matches the log events.", - "title": "LogGroupName", - "type": "string" + "DatasetSource": { + "$ref": "#/definitions/AWS::IoTSiteWise::Dataset.DatasetSource", + "markdownDescription": "", + "title": "DatasetSource" }, - "RoleArn": { - "markdownDescription": "The ARN of an IAM role that grants CloudWatch Logs permissions to deliver ingested log events to the destination stream. You don't need to provide the ARN when you are working with a logical destination for cross-account delivery.", - "title": "RoleArn", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" } }, "required": [ - "DestinationArn", - "FilterPattern", - "LogGroupName" + "DatasetName", + "DatasetSource" ], "type": "object" }, "Type": { "enum": [ - "AWS::Logs::SubscriptionFilter" + "AWS::IoTSiteWise::Dataset" ], "type": "string" }, @@ -150545,7 +155908,63 @@ ], "type": "object" }, - "AWS::LookoutEquipment::InferenceScheduler": { + "AWS::IoTSiteWise::Dataset.DatasetSource": { + "additionalProperties": false, + "properties": { + "SourceDetail": { + "$ref": "#/definitions/AWS::IoTSiteWise::Dataset.SourceDetail", + "markdownDescription": "", + "title": "SourceDetail" + }, + "SourceFormat": { + "markdownDescription": "", + "title": "SourceFormat", + "type": "string" + }, + "SourceType": { + "markdownDescription": "", + "title": "SourceType", + "type": "string" + } + }, + "required": [ + "SourceFormat", + "SourceType" + ], + "type": "object" + }, + "AWS::IoTSiteWise::Dataset.KendraSourceDetail": { + "additionalProperties": false, + "properties": { + "KnowledgeBaseArn": { + "markdownDescription": "", + "title": "KnowledgeBaseArn", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "KnowledgeBaseArn", + "RoleArn" + ], + "type": "object" + }, + "AWS::IoTSiteWise::Dataset.SourceDetail": { + "additionalProperties": false, + "properties": { + "Kendra": { + "$ref": "#/definitions/AWS::IoTSiteWise::Dataset.KendraSourceDetail", + "markdownDescription": "", + "title": "Kendra" + } + }, + "type": "object" + }, + "AWS::IoTSiteWise::Gateway": { "additionalProperties": false, "properties": { "Condition": { @@ -150580,67 +155999,47 @@ "Properties": { "additionalProperties": false, "properties": { - "DataDelayOffsetInMinutes": { - "markdownDescription": "A period of time (in minutes) by which inference on the data is delayed after the data starts. For instance, if an offset delay time of five minutes was selected, inference will not begin on the data until the first data measurement after the five minute mark. For example, if five minutes is selected, the inference scheduler will wake up at the configured frequency with the additional five minute delay time to check the customer S3 bucket. The customer can upload data at the same frequency and they don't need to stop and restart the scheduler when uploading new data.", - "title": "DataDelayOffsetInMinutes", - "type": "number" - }, - "DataInputConfiguration": { - "$ref": "#/definitions/AWS::LookoutEquipment::InferenceScheduler.DataInputConfiguration", - "markdownDescription": "Specifies configuration information for the input data for the inference scheduler, including delimiter, format, and dataset location.", - "title": "DataInputConfiguration" - }, - "DataOutputConfiguration": { - "$ref": "#/definitions/AWS::LookoutEquipment::InferenceScheduler.DataOutputConfiguration", - "markdownDescription": "Specifies configuration information for the output results for the inference scheduler, including the Amazon S3 location for the output.", - "title": "DataOutputConfiguration" - }, - "DataUploadFrequency": { - "markdownDescription": "How often data is uploaded to the source S3 bucket for the input data. This value is the length of time between data uploads. For instance, if you select 5 minutes, Amazon Lookout for Equipment will upload the real-time data to the source bucket once every 5 minutes. This frequency also determines how often Amazon Lookout for Equipment starts a scheduled inference on your data. In this example, it starts once every 5 minutes.", - "title": "DataUploadFrequency", - "type": "string" - }, - "InferenceSchedulerName": { - "markdownDescription": "The name of the inference scheduler.", - "title": "InferenceSchedulerName", - "type": "string" + "GatewayCapabilitySummaries": { + "items": { + "$ref": "#/definitions/AWS::IoTSiteWise::Gateway.GatewayCapabilitySummary" + }, + "markdownDescription": "A list of gateway capability summaries that each contain a namespace and status. Each gateway capability defines data sources for the gateway. To retrieve a capability configuration's definition, use [DescribeGatewayCapabilityConfiguration](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DescribeGatewayCapabilityConfiguration.html) .", + "title": "GatewayCapabilitySummaries", + "type": "array" }, - "ModelName": { - "markdownDescription": "The name of the machine learning model used for the inference scheduler.", - "title": "ModelName", + "GatewayName": { + "markdownDescription": "A unique name for the gateway.", + "title": "GatewayName", "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of a role with permission to access the data source being used for the inference.", - "title": "RoleArn", - "type": "string" + "GatewayPlatform": { + "$ref": "#/definitions/AWS::IoTSiteWise::Gateway.GatewayPlatform", + "markdownDescription": "The gateway's platform. You can only specify one platform in a gateway.", + "title": "GatewayPlatform" }, - "ServerSideKmsKeyId": { - "markdownDescription": "Provides the identifier of the AWS KMS key used to encrypt inference scheduler data by Amazon Lookout for Equipment .", - "title": "ServerSideKmsKeyId", + "GatewayVersion": { + "markdownDescription": "", + "title": "GatewayVersion", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Any tags associated with the inference scheduler.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "A list of key-value pairs that contain metadata for the gateway. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* .", "title": "Tags", "type": "array" } }, "required": [ - "DataInputConfiguration", - "DataOutputConfiguration", - "DataUploadFrequency", - "ModelName", - "RoleArn" + "GatewayName", + "GatewayPlatform" ], "type": "object" }, "Type": { "enum": [ - "AWS::LookoutEquipment::InferenceScheduler" + "AWS::IoTSiteWise::Gateway" ], "type": "string" }, @@ -150659,104 +156058,75 @@ ], "type": "object" }, - "AWS::LookoutEquipment::InferenceScheduler.DataInputConfiguration": { + "AWS::IoTSiteWise::Gateway.GatewayCapabilitySummary": { "additionalProperties": false, "properties": { - "InferenceInputNameConfiguration": { - "$ref": "#/definitions/AWS::LookoutEquipment::InferenceScheduler.InputNameConfiguration", - "markdownDescription": "", - "title": "InferenceInputNameConfiguration" - }, - "InputTimeZoneOffset": { - "markdownDescription": "", - "title": "InputTimeZoneOffset", + "CapabilityConfiguration": { + "markdownDescription": "The JSON document that defines the configuration for the gateway capability. For more information, see [Configuring data sources (CLI)](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/configure-sources.html#configure-source-cli) in the *AWS IoT SiteWise User Guide* .", + "title": "CapabilityConfiguration", "type": "string" }, - "S3InputConfiguration": { - "$ref": "#/definitions/AWS::LookoutEquipment::InferenceScheduler.S3InputConfiguration", - "markdownDescription": "", - "title": "S3InputConfiguration" - } - }, - "required": [ - "S3InputConfiguration" - ], - "type": "object" - }, - "AWS::LookoutEquipment::InferenceScheduler.DataOutputConfiguration": { - "additionalProperties": false, - "properties": { - "KmsKeyId": { - "markdownDescription": "", - "title": "KmsKeyId", + "CapabilityNamespace": { + "markdownDescription": "The namespace of the capability configuration. For example, if you configure OPC UA sources for an MQTT-enabled gateway, your OPC-UA capability configuration has the namespace `iotsitewise:opcuacollector:3` .", + "title": "CapabilityNamespace", "type": "string" - }, - "S3OutputConfiguration": { - "$ref": "#/definitions/AWS::LookoutEquipment::InferenceScheduler.S3OutputConfiguration", - "markdownDescription": "", - "title": "S3OutputConfiguration" } }, "required": [ - "S3OutputConfiguration" + "CapabilityNamespace" ], "type": "object" }, - "AWS::LookoutEquipment::InferenceScheduler.InputNameConfiguration": { + "AWS::IoTSiteWise::Gateway.GatewayPlatform": { "additionalProperties": false, "properties": { - "ComponentTimestampDelimiter": { - "markdownDescription": "", - "title": "ComponentTimestampDelimiter", - "type": "string" + "GreengrassV2": { + "$ref": "#/definitions/AWS::IoTSiteWise::Gateway.GreengrassV2", + "markdownDescription": "A gateway that runs on AWS IoT Greengrass V2 .", + "title": "GreengrassV2" }, - "TimestampFormat": { - "markdownDescription": "", - "title": "TimestampFormat", - "type": "string" + "SiemensIE": { + "$ref": "#/definitions/AWS::IoTSiteWise::Gateway.SiemensIE", + "markdownDescription": "An AWS IoT SiteWise Edge gateway that runs on a Siemens Industrial Edge Device.", + "title": "SiemensIE" } }, "type": "object" }, - "AWS::LookoutEquipment::InferenceScheduler.S3InputConfiguration": { + "AWS::IoTSiteWise::Gateway.GreengrassV2": { "additionalProperties": false, "properties": { - "Bucket": { + "CoreDeviceOperatingSystem": { "markdownDescription": "", - "title": "Bucket", + "title": "CoreDeviceOperatingSystem", "type": "string" }, - "Prefix": { - "markdownDescription": "", - "title": "Prefix", + "CoreDeviceThingName": { + "markdownDescription": "The name of the AWS IoT thing for your AWS IoT Greengrass V2 core device.", + "title": "CoreDeviceThingName", "type": "string" } }, "required": [ - "Bucket" + "CoreDeviceThingName" ], "type": "object" }, - "AWS::LookoutEquipment::InferenceScheduler.S3OutputConfiguration": { + "AWS::IoTSiteWise::Gateway.SiemensIE": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "", - "title": "Bucket", - "type": "string" - }, - "Prefix": { - "markdownDescription": "", - "title": "Prefix", + "IotCoreThingName": { + "markdownDescription": "The name of the AWS IoT Thing for your AWS IoT SiteWise Edge gateway.", + "title": "IotCoreThingName", "type": "string" } }, "required": [ - "Bucket" + "IotCoreThingName" ], "type": "object" }, - "AWS::LookoutMetrics::Alert": { + "AWS::IoTSiteWise::Portal": { "additionalProperties": false, "properties": { "Condition": { @@ -150791,42 +156161,76 @@ "Properties": { "additionalProperties": false, "properties": { - "Action": { - "$ref": "#/definitions/AWS::LookoutMetrics::Alert.Action", - "markdownDescription": "Action that will be triggered when there is an alert.", - "title": "Action" + "Alarms": { + "$ref": "#/definitions/AWS::IoTSiteWise::Portal.Alarms", + "markdownDescription": "Contains the configuration information of an alarm created in an AWS IoT SiteWise Monitor portal. You can use the alarm to monitor an asset property and get notified when the asset property value is outside a specified range. For more information, see [Monitoring with alarms](https://docs.aws.amazon.com/iot-sitewise/latest/appguide/monitor-alarms.html) in the *AWS IoT SiteWise Application Guide* .", + "title": "Alarms" }, - "AlertDescription": { - "markdownDescription": "A description of the alert.", - "title": "AlertDescription", + "NotificationSenderEmail": { + "markdownDescription": "The email address that sends alarm notifications.\n\n> If you use the [AWS IoT Events managed Lambda function](https://docs.aws.amazon.com/iotevents/latest/developerguide/lambda-support.html) to manage your emails, you must [verify the sender email address in Amazon SES](https://docs.aws.amazon.com/ses/latest/DeveloperGuide/verify-email-addresses.html) .", + "title": "NotificationSenderEmail", "type": "string" }, - "AlertName": { - "markdownDescription": "The name of the alert.", - "title": "AlertName", + "PortalAuthMode": { + "markdownDescription": "The service to use to authenticate users to the portal. Choose from the following options:\n\n- `SSO` \u2013 The portal uses AWS IAM Identity Center to authenticate users and manage user permissions. Before you can create a portal that uses IAM Identity Center, you must enable IAM Identity Center. For more information, see [Enabling IAM Identity Center](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/monitor-get-started.html#mon-gs-sso) in the *AWS IoT SiteWise User Guide* . This option is only available in AWS Regions other than the China Regions.\n- `IAM` \u2013 The portal uses AWS Identity and Access Management to authenticate users and manage user permissions.\n\nYou can't change this value after you create a portal.\n\nDefault: `SSO`", + "title": "PortalAuthMode", "type": "string" }, - "AlertSensitivityThreshold": { - "markdownDescription": "An integer from 0 to 100 specifying the alert sensitivity threshold.", - "title": "AlertSensitivityThreshold", - "type": "number" + "PortalContactEmail": { + "markdownDescription": "The AWS administrator's contact email address.", + "title": "PortalContactEmail", + "type": "string" }, - "AnomalyDetectorArn": { - "markdownDescription": "The ARN of the detector to which the alert is attached.", - "title": "AnomalyDetectorArn", + "PortalDescription": { + "markdownDescription": "A description for the portal.", + "title": "PortalDescription", + "type": "string" + }, + "PortalName": { + "markdownDescription": "A friendly name for the portal.", + "title": "PortalName", + "type": "string" + }, + "PortalType": { + "markdownDescription": "Define the type of portal. The value for AWS IoT SiteWise Monitor (Classic) is `SITEWISE_PORTAL_V1` . The value for AWS IoT SiteWise Monitor (AI-aware) is `SITEWISE_PORTAL_V2` .", + "title": "PortalType", + "type": "string" + }, + "PortalTypeConfiguration": { + "additionalProperties": false, + "markdownDescription": "", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoTSiteWise::Portal.PortalTypeEntry" + } + }, + "title": "PortalTypeConfiguration", + "type": "object" + }, + "RoleArn": { + "markdownDescription": "The [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) of a service role that allows the portal's users to access your AWS IoT SiteWise resources on your behalf. For more information, see [Using service roles for AWS IoT SiteWise Monitor](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/monitor-service-role.html) in the *AWS IoT SiteWise User Guide* .", + "title": "RoleArn", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs that contain metadata for the portal. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* .", + "title": "Tags", + "type": "array" } }, "required": [ - "Action", - "AlertSensitivityThreshold", - "AnomalyDetectorArn" + "PortalContactEmail", + "PortalName", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::LookoutMetrics::Alert" + "AWS::IoTSiteWise::Portal" ], "type": "string" }, @@ -150845,63 +156249,40 @@ ], "type": "object" }, - "AWS::LookoutMetrics::Alert.Action": { - "additionalProperties": false, - "properties": { - "LambdaConfiguration": { - "$ref": "#/definitions/AWS::LookoutMetrics::Alert.LambdaConfiguration", - "markdownDescription": "A configuration for an AWS Lambda channel.", - "title": "LambdaConfiguration" - }, - "SNSConfiguration": { - "$ref": "#/definitions/AWS::LookoutMetrics::Alert.SNSConfiguration", - "markdownDescription": "A configuration for an Amazon SNS channel.", - "title": "SNSConfiguration" - } - }, - "type": "object" - }, - "AWS::LookoutMetrics::Alert.LambdaConfiguration": { + "AWS::IoTSiteWise::Portal.Alarms": { "additionalProperties": false, "properties": { - "LambdaArn": { - "markdownDescription": "The ARN of the Lambda function.", - "title": "LambdaArn", + "AlarmRoleArn": { + "markdownDescription": "The [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) of the IAM role that allows the alarm to perform actions and access AWS resources and services, such as AWS IoT Events .", + "title": "AlarmRoleArn", "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of an IAM role that has permission to invoke the Lambda function.", - "title": "RoleArn", + "NotificationLambdaArn": { + "markdownDescription": "The [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) of the Lambda function that manages alarm notifications. For more information, see [Managing alarm notifications](https://docs.aws.amazon.com/iotevents/latest/developerguide/lambda-support.html) in the *AWS IoT Events Developer Guide* .", + "title": "NotificationLambdaArn", "type": "string" } }, - "required": [ - "LambdaArn", - "RoleArn" - ], "type": "object" }, - "AWS::LookoutMetrics::Alert.SNSConfiguration": { + "AWS::IoTSiteWise::Portal.PortalTypeEntry": { "additionalProperties": false, "properties": { - "RoleArn": { - "markdownDescription": "The ARN of the IAM role that has access to the target SNS topic.", - "title": "RoleArn", - "type": "string" - }, - "SnsTopicArn": { - "markdownDescription": "The ARN of the target SNS topic.", - "title": "SnsTopicArn", - "type": "string" + "PortalTools": { + "items": { + "type": "string" + }, + "markdownDescription": "The array of tools associated with the specified portal type. The possible values are `ASSISTANT` and `DASHBOARD` .", + "title": "PortalTools", + "type": "array" } }, "required": [ - "RoleArn", - "SnsTopicArn" + "PortalTools" ], "type": "object" }, - "AWS::LookoutMetrics::AnomalyDetector": { + "AWS::IoTSiteWise::Project": { "additionalProperties": false, "properties": { "Condition": { @@ -150936,44 +156317,47 @@ "Properties": { "additionalProperties": false, "properties": { - "AnomalyDetectorConfig": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.AnomalyDetectorConfig", - "markdownDescription": "Contains information about the configuration of the anomaly detector.", - "title": "AnomalyDetectorConfig" + "AssetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list that contains the IDs of each asset associated with the project.", + "title": "AssetIds", + "type": "array" }, - "AnomalyDetectorDescription": { - "markdownDescription": "A description of the detector.", - "title": "AnomalyDetectorDescription", + "PortalId": { + "markdownDescription": "The ID of the portal in which to create the project.", + "title": "PortalId", "type": "string" }, - "AnomalyDetectorName": { - "markdownDescription": "The name of the detector.", - "title": "AnomalyDetectorName", + "ProjectDescription": { + "markdownDescription": "A description for the project.", + "title": "ProjectDescription", "type": "string" }, - "KmsKeyArn": { - "markdownDescription": "The ARN of the KMS key to use to encrypt your data.", - "title": "KmsKeyArn", + "ProjectName": { + "markdownDescription": "A friendly name for the project.", + "title": "ProjectName", "type": "string" }, - "MetricSetList": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.MetricSet" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The detector's dataset.", - "title": "MetricSetList", + "markdownDescription": "A list of key-value pairs that contain metadata for the project. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* .", + "title": "Tags", "type": "array" } }, "required": [ - "AnomalyDetectorConfig", - "MetricSetList" + "PortalId", + "ProjectName" ], "type": "object" }, "Type": { "enum": [ - "AWS::LookoutMetrics::AnomalyDetector" + "AWS::IoTSiteWise::Project" ], "type": "string" }, @@ -150992,501 +156376,529 @@ ], "type": "object" }, - "AWS::LookoutMetrics::AnomalyDetector.AnomalyDetectorConfig": { + "AWS::IoTThingsGraph::FlowTemplate": { "additionalProperties": false, "properties": { - "AnomalyDetectorFrequency": { - "markdownDescription": "The frequency at which the detector analyzes its source data.", - "title": "AnomalyDetectorFrequency", + "Condition": { "type": "string" - } - }, - "required": [ - "AnomalyDetectorFrequency" - ], - "type": "object" - }, - "AWS::LookoutMetrics::AnomalyDetector.AppFlowConfig": { - "additionalProperties": false, - "properties": { - "FlowName": { - "markdownDescription": "name of the flow.", - "title": "FlowName", + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "RoleArn": { - "markdownDescription": "An IAM role that gives Amazon Lookout for Metrics permission to access the flow.", - "title": "RoleArn", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CompatibleNamespaceVersion": { + "type": "number" + }, + "Definition": { + "$ref": "#/definitions/AWS::IoTThingsGraph::FlowTemplate.DefinitionDocument" + } + }, + "required": [ + "Definition" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IoTThingsGraph::FlowTemplate" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "FlowName", - "RoleArn" + "Type", + "Properties" ], "type": "object" }, - "AWS::LookoutMetrics::AnomalyDetector.CloudwatchConfig": { + "AWS::IoTThingsGraph::FlowTemplate.DefinitionDocument": { "additionalProperties": false, "properties": { - "RoleArn": { - "markdownDescription": "An IAM role that gives Amazon Lookout for Metrics permission to access data in Amazon CloudWatch.", - "title": "RoleArn", + "Language": { + "type": "string" + }, + "Text": { "type": "string" } }, "required": [ - "RoleArn" + "Language", + "Text" ], "type": "object" }, - "AWS::LookoutMetrics::AnomalyDetector.CsvFormatDescriptor": { + "AWS::IoTTwinMaker::ComponentType": { "additionalProperties": false, "properties": { - "Charset": { - "markdownDescription": "The character set in which the source CSV file is written.", - "title": "Charset", + "Condition": { "type": "string" }, - "ContainsHeader": { - "markdownDescription": "Whether or not the source CSV file contains a header.", - "title": "ContainsHeader", - "type": "boolean" - }, - "Delimiter": { - "markdownDescription": "The character used to delimit the source CSV file.", - "title": "Delimiter", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "FileCompression": { - "markdownDescription": "The level of compression of the source CSV file.", - "title": "FileCompression", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "HeaderList": { - "items": { - "type": "string" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ComponentTypeId": { + "markdownDescription": "The ID of the component type.", + "title": "ComponentTypeId", + "type": "string" + }, + "CompositeComponentTypes": { + "additionalProperties": false, + "markdownDescription": "Maps strings to `compositeComponentTypes` of the `componentType` . `CompositeComponentType` is referenced by `componentTypeId` .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.CompositeComponentType" + } + }, + "title": "CompositeComponentTypes", + "type": "object" + }, + "Description": { + "markdownDescription": "The description of the component type.", + "title": "Description", + "type": "string" + }, + "ExtendsFrom": { + "items": { + "type": "string" + }, + "markdownDescription": "The name of the parent component type that this component type extends.", + "title": "ExtendsFrom", + "type": "array" + }, + "Functions": { + "additionalProperties": false, + "markdownDescription": "An object that maps strings to the functions in the component type. Each string in the mapping must be unique to this object.\n\nFor information on the FunctionResponse object see the [FunctionResponse](https://docs.aws.amazon.com//iot-twinmaker/latest/apireference/API_FunctionResponse.html) API reference.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.Function" + } + }, + "title": "Functions", + "type": "object" + }, + "IsSingleton": { + "markdownDescription": "A boolean value that specifies whether an entity can have more than one component of this type.", + "title": "IsSingleton", + "type": "boolean" + }, + "PropertyDefinitions": { + "additionalProperties": false, + "markdownDescription": "An object that maps strings to the property definitions in the component type. Each string in the mapping must be unique to this object.\n\nFor information about the PropertyDefinitionResponse object, see the [PropertyDefinitionResponse](https://docs.aws.amazon.com//iot-twinmaker/latest/apireference/API_PropertyDefinitionResponse.html) API reference.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.PropertyDefinition" + } + }, + "title": "PropertyDefinitions", + "type": "object" + }, + "PropertyGroups": { + "additionalProperties": false, + "markdownDescription": "An object that maps strings to the property groups in the component type. Each string in the mapping must be unique to this object.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.PropertyGroup" + } + }, + "title": "PropertyGroups", + "type": "object" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The ComponentType tags.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "WorkspaceId": { + "markdownDescription": "The ID of the workspace that contains the component type.", + "title": "WorkspaceId", + "type": "string" + } }, - "markdownDescription": "A list of the source CSV file's headers, if any.", - "title": "HeaderList", - "type": "array" + "required": [ + "ComponentTypeId", + "WorkspaceId" + ], + "type": "object" }, - "QuoteSymbol": { - "markdownDescription": "The character used as a quote character.", - "title": "QuoteSymbol", + "Type": { + "enum": [ + "AWS::IoTTwinMaker::ComponentType" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::LookoutMetrics::AnomalyDetector.FileFormatDescriptor": { + "AWS::IoTTwinMaker::ComponentType.CompositeComponentType": { "additionalProperties": false, "properties": { - "CsvFormatDescriptor": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.CsvFormatDescriptor", - "markdownDescription": "Contains information about how a source CSV data file should be analyzed.", - "title": "CsvFormatDescriptor" - }, - "JsonFormatDescriptor": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.JsonFormatDescriptor", - "markdownDescription": "Contains information about how a source JSON data file should be analyzed.", - "title": "JsonFormatDescriptor" + "ComponentTypeId": { + "markdownDescription": "The ID of the component type.", + "title": "ComponentTypeId", + "type": "string" } }, "type": "object" }, - "AWS::LookoutMetrics::AnomalyDetector.JsonFormatDescriptor": { + "AWS::IoTTwinMaker::ComponentType.DataConnector": { "additionalProperties": false, "properties": { - "Charset": { - "markdownDescription": "The character set in which the source JSON file is written.", - "title": "Charset", - "type": "string" + "IsNative": { + "markdownDescription": "A boolean value that specifies whether the data connector is native to IoT TwinMaker.", + "title": "IsNative", + "type": "boolean" }, - "FileCompression": { - "markdownDescription": "The level of compression of the source CSV file.", - "title": "FileCompression", - "type": "string" + "Lambda": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.LambdaFunction", + "markdownDescription": "The Lambda function associated with the data connector.", + "title": "Lambda" } }, "type": "object" }, - "AWS::LookoutMetrics::AnomalyDetector.Metric": { + "AWS::IoTTwinMaker::ComponentType.DataType": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "markdownDescription": "The function with which the metric is calculated.", - "title": "AggregationFunction", - "type": "string" + "AllowedValues": { + "items": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataValue" + }, + "markdownDescription": "The allowed values for this data type.", + "title": "AllowedValues", + "type": "array" }, - "MetricName": { - "markdownDescription": "The name of the metric.", - "title": "MetricName", + "NestedType": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataType", + "markdownDescription": "The nested type in the data type.", + "title": "NestedType" + }, + "Relationship": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.Relationship", + "markdownDescription": "A relationship that associates a component with another component.", + "title": "Relationship" + }, + "Type": { + "markdownDescription": "The underlying type of the data type.\n\nValid Values: `RELATIONSHIP | STRING | LONG | BOOLEAN | INTEGER | DOUBLE | LIST | MAP`", + "title": "Type", "type": "string" }, - "Namespace": { - "markdownDescription": "The namespace for the metric.", - "title": "Namespace", + "UnitOfMeasure": { + "markdownDescription": "The unit of measure used in this data type.", + "title": "UnitOfMeasure", "type": "string" } }, "required": [ - "AggregationFunction", - "MetricName" + "Type" ], "type": "object" }, - "AWS::LookoutMetrics::AnomalyDetector.MetricSet": { + "AWS::IoTTwinMaker::ComponentType.DataValue": { "additionalProperties": false, "properties": { - "DimensionList": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the fields you want to treat as dimensions.", - "title": "DimensionList", - "type": "array" + "BooleanValue": { + "markdownDescription": "A boolean value.", + "title": "BooleanValue", + "type": "boolean" }, - "MetricList": { - "items": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.Metric" - }, - "markdownDescription": "A list of metrics that the dataset will contain.", - "title": "MetricList", - "type": "array" + "DoubleValue": { + "markdownDescription": "A double value.", + "title": "DoubleValue", + "type": "number" }, - "MetricSetDescription": { - "markdownDescription": "A description of the dataset you are creating.", - "title": "MetricSetDescription", - "type": "string" - }, - "MetricSetFrequency": { - "markdownDescription": "The frequency with which the source data will be analyzed for anomalies.", - "title": "MetricSetFrequency", + "Expression": { + "markdownDescription": "An expression that produces the value.", + "title": "Expression", "type": "string" }, - "MetricSetName": { - "markdownDescription": "The name of the dataset.", - "title": "MetricSetName", - "type": "string" + "IntegerValue": { + "markdownDescription": "An integer value.", + "title": "IntegerValue", + "type": "number" }, - "MetricSource": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.MetricSource", - "markdownDescription": "Contains information about how the source data should be interpreted.", - "title": "MetricSource" + "ListValue": { + "items": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataValue" + }, + "markdownDescription": "A list of multiple values.", + "title": "ListValue", + "type": "array" }, - "Offset": { - "markdownDescription": "After an interval ends, the amount of seconds that the detector waits before importing data. Offset is only supported for S3, Redshift, Athena and datasources.", - "title": "Offset", + "LongValue": { + "markdownDescription": "A long value.", + "title": "LongValue", "type": "number" }, - "TimestampColumn": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.TimestampColumn", - "markdownDescription": "Contains information about the column used for tracking time in your source data.", - "title": "TimestampColumn" + "MapValue": { + "additionalProperties": false, + "markdownDescription": "An object that maps strings to multiple `DataValue` objects.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataValue" + } + }, + "title": "MapValue", + "type": "object" }, - "Timezone": { - "markdownDescription": "The time zone in which your source data was recorded.", - "title": "Timezone", + "RelationshipValue": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.RelationshipValue", + "markdownDescription": "A value that relates a component to another component.", + "title": "RelationshipValue" + }, + "StringValue": { + "markdownDescription": "A string value.", + "title": "StringValue", "type": "string" } }, - "required": [ - "MetricList", - "MetricSetName", - "MetricSource" - ], "type": "object" }, - "AWS::LookoutMetrics::AnomalyDetector.MetricSource": { + "AWS::IoTTwinMaker::ComponentType.Error": { "additionalProperties": false, "properties": { - "AppFlowConfig": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.AppFlowConfig", - "markdownDescription": "Details about an AppFlow datasource.", - "title": "AppFlowConfig" - }, - "CloudwatchConfig": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.CloudwatchConfig", - "markdownDescription": "Details about an Amazon CloudWatch monitoring datasource.", - "title": "CloudwatchConfig" - }, - "RDSSourceConfig": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.RDSSourceConfig", - "markdownDescription": "Details about an Amazon Relational Database Service (RDS) datasource.", - "title": "RDSSourceConfig" - }, - "RedshiftSourceConfig": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.RedshiftSourceConfig", - "markdownDescription": "Details about an Amazon Redshift database datasource.", - "title": "RedshiftSourceConfig" + "Code": { + "markdownDescription": "The component type error code.", + "title": "Code", + "type": "string" }, - "S3SourceConfig": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.S3SourceConfig", - "markdownDescription": "Contains information about the configuration of the S3 bucket that contains source files.", - "title": "S3SourceConfig" + "Message": { + "markdownDescription": "The component type error message.", + "title": "Message", + "type": "string" } }, "type": "object" }, - "AWS::LookoutMetrics::AnomalyDetector.RDSSourceConfig": { + "AWS::IoTTwinMaker::ComponentType.Function": { "additionalProperties": false, "properties": { - "DBInstanceIdentifier": { - "markdownDescription": "A string identifying the database instance.", - "title": "DBInstanceIdentifier", - "type": "string" - }, - "DatabaseHost": { - "markdownDescription": "The host name of the database.", - "title": "DatabaseHost", - "type": "string" - }, - "DatabaseName": { - "markdownDescription": "The name of the RDS database.", - "title": "DatabaseName", - "type": "string" - }, - "DatabasePort": { - "markdownDescription": "The port number where the database can be accessed.", - "title": "DatabasePort", - "type": "number" + "ImplementedBy": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataConnector", + "markdownDescription": "The data connector.", + "title": "ImplementedBy" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role.", - "title": "RoleArn", - "type": "string" + "RequiredProperties": { + "items": { + "type": "string" + }, + "markdownDescription": "The required properties of the function.", + "title": "RequiredProperties", + "type": "array" }, - "SecretManagerArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Secrets Manager role.", - "title": "SecretManagerArn", + "Scope": { + "markdownDescription": "The scope of the function.", + "title": "Scope", "type": "string" - }, - "TableName": { - "markdownDescription": "The name of the table in the database.", - "title": "TableName", + } + }, + "type": "object" + }, + "AWS::IoTTwinMaker::ComponentType.LambdaFunction": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Lambda function ARN.", + "title": "Arn", "type": "string" - }, - "VpcConfiguration": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.VpcConfiguration", - "markdownDescription": "An object containing information about the Amazon Virtual Private Cloud (VPC) configuration.", - "title": "VpcConfiguration" } }, "required": [ - "DBInstanceIdentifier", - "DatabaseHost", - "DatabaseName", - "DatabasePort", - "RoleArn", - "SecretManagerArn", - "TableName", - "VpcConfiguration" + "Arn" ], "type": "object" }, - "AWS::LookoutMetrics::AnomalyDetector.RedshiftSourceConfig": { + "AWS::IoTTwinMaker::ComponentType.PropertyDefinition": { "additionalProperties": false, "properties": { - "ClusterIdentifier": { - "markdownDescription": "A string identifying the Redshift cluster.", - "title": "ClusterIdentifier", - "type": "string" - }, - "DatabaseHost": { - "markdownDescription": "The name of the database host.", - "title": "DatabaseHost", - "type": "string" + "Configurations": { + "additionalProperties": true, + "markdownDescription": "A mapping that specifies configuration information about the property.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Configurations", + "type": "object" }, - "DatabaseName": { - "markdownDescription": "The Redshift database name.", - "title": "DatabaseName", - "type": "string" + "DataType": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataType", + "markdownDescription": "", + "title": "DataType" }, - "DatabasePort": { - "markdownDescription": "The port number where the database can be accessed.", - "title": "DatabasePort", - "type": "number" + "DefaultValue": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataValue", + "markdownDescription": "A boolean value that specifies whether the property ID comes from an external data store.", + "title": "DefaultValue" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role providing access to the database.", - "title": "RoleArn", - "type": "string" + "IsExternalId": { + "markdownDescription": "A Boolean value that specifies whether the property ID comes from an external data source.", + "title": "IsExternalId", + "type": "boolean" }, - "SecretManagerArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Secrets Manager role.", - "title": "SecretManagerArn", - "type": "string" + "IsRequiredInEntity": { + "markdownDescription": "A boolean value that specifies whether the property is required in an entity.", + "title": "IsRequiredInEntity", + "type": "boolean" }, - "TableName": { - "markdownDescription": "The table name of the Redshift database.", - "title": "TableName", - "type": "string" + "IsStoredExternally": { + "markdownDescription": "A boolean value that specifies whether the property is stored externally.", + "title": "IsStoredExternally", + "type": "boolean" }, - "VpcConfiguration": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.VpcConfiguration", - "markdownDescription": "Contains information about the Amazon Virtual Private Cloud (VPC) configuration.", - "title": "VpcConfiguration" + "IsTimeSeries": { + "markdownDescription": "A boolean value that specifies whether the property consists of time series data.", + "title": "IsTimeSeries", + "type": "boolean" } }, - "required": [ - "ClusterIdentifier", - "DatabaseHost", - "DatabaseName", - "DatabasePort", - "RoleArn", - "SecretManagerArn", - "TableName", - "VpcConfiguration" - ], "type": "object" }, - "AWS::LookoutMetrics::AnomalyDetector.S3SourceConfig": { + "AWS::IoTTwinMaker::ComponentType.PropertyGroup": { "additionalProperties": false, "properties": { - "FileFormatDescriptor": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.FileFormatDescriptor", - "markdownDescription": "Contains information about a source file's formatting.", - "title": "FileFormatDescriptor" - }, - "HistoricalDataPathList": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of paths to the historical data files.", - "title": "HistoricalDataPathList", - "type": "array" - }, - "RoleArn": { - "markdownDescription": "The ARN of an IAM role that has read and write access permissions to the source S3 bucket.", - "title": "RoleArn", + "GroupType": { + "markdownDescription": "The group type.", + "title": "GroupType", "type": "string" }, - "TemplatedPathList": { + "PropertyNames": { "items": { "type": "string" }, - "markdownDescription": "A list of templated paths to the source files.", - "title": "TemplatedPathList", + "markdownDescription": "The property names.", + "title": "PropertyNames", "type": "array" } }, - "required": [ - "FileFormatDescriptor", - "RoleArn" - ], "type": "object" }, - "AWS::LookoutMetrics::AnomalyDetector.TimestampColumn": { + "AWS::IoTTwinMaker::ComponentType.Relationship": { "additionalProperties": false, "properties": { - "ColumnFormat": { - "markdownDescription": "The format of the timestamp column.", - "title": "ColumnFormat", + "RelationshipType": { + "markdownDescription": "The type of the relationship.", + "title": "RelationshipType", "type": "string" }, - "ColumnName": { - "markdownDescription": "The name of the timestamp column.", - "title": "ColumnName", + "TargetComponentTypeId": { + "markdownDescription": "The ID of the target component type associated with this relationship.", + "title": "TargetComponentTypeId", "type": "string" } }, "type": "object" }, - "AWS::LookoutMetrics::AnomalyDetector.VpcConfiguration": { + "AWS::IoTTwinMaker::ComponentType.RelationshipValue": { "additionalProperties": false, "properties": { - "SecurityGroupIdList": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of strings containing the list of security groups.", - "title": "SecurityGroupIdList", - "type": "array" + "TargetComponentName": { + "markdownDescription": "The target component name.", + "title": "TargetComponentName", + "type": "string" }, - "SubnetIdList": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of strings containing the Amazon VPC subnet IDs (e.g., `subnet-0bb1c79de3EXAMPLE` .", - "title": "SubnetIdList", - "type": "array" + "TargetEntityId": { + "markdownDescription": "The target entity Id.", + "title": "TargetEntityId", + "type": "string" } }, - "required": [ - "SecurityGroupIdList", - "SubnetIdList" - ], "type": "object" }, - "AWS::LookoutVision::Project": { + "AWS::IoTTwinMaker::ComponentType.Status": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ProjectName": { - "markdownDescription": "The name of the project.", - "title": "ProjectName", - "type": "string" - } - }, - "required": [ - "ProjectName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::LookoutVision::Project" - ], - "type": "string" + "Error": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.Error", + "markdownDescription": "The component type error.", + "title": "Error" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "State": { + "markdownDescription": "The component type status state.", + "title": "State", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::M2::Application": { + "AWS::IoTTwinMaker::Entity": { "additionalProperties": false, "properties": { "Condition": { @@ -151521,39 +156933,51 @@ "Properties": { "additionalProperties": false, "properties": { - "Definition": { - "$ref": "#/definitions/AWS::M2::Application.Definition", - "markdownDescription": "The application definition for a particular application. You can specify either inline JSON or an Amazon S3 bucket location.\n\nFor information about application definitions, see the [AWS Mainframe Modernization User Guide](https://docs.aws.amazon.com/m2/latest/userguide/applications-m2-definition.html) .", - "title": "Definition" + "Components": { + "additionalProperties": false, + "markdownDescription": "An object that maps strings to the components in the entity. Each string in the mapping must be unique to this object.\n\nFor information on the component object see the [component](https://docs.aws.amazon.com//iot-twinmaker/latest/apireference/API_ComponentResponse.html) API reference.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Component" + } + }, + "title": "Components", + "type": "object" + }, + "CompositeComponents": { + "additionalProperties": false, + "markdownDescription": "Maps string to `compositeComponent` updates in the request. Each key of the map represents the `componentPath` of the `compositeComponent` .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.CompositeComponent" + } + }, + "title": "CompositeComponents", + "type": "object" }, "Description": { - "markdownDescription": "The description of the application.", + "markdownDescription": "The description of the entity.", "title": "Description", "type": "string" }, - "EngineType": { - "markdownDescription": "The type of the target platform for this application.", - "title": "EngineType", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "The identifier of a customer managed key.", - "title": "KmsKeyId", + "EntityId": { + "markdownDescription": "The ID of the entity.", + "title": "EntityId", "type": "string" }, - "Name": { - "markdownDescription": "The name of the application.", - "title": "Name", + "EntityName": { + "markdownDescription": "The entity name.", + "title": "EntityName", "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role associated with the application.", - "title": "RoleArn", + "ParentEntityId": { + "markdownDescription": "The ID of the parent entity.", + "title": "ParentEntityId", "type": "string" }, "Tags": { "additionalProperties": true, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "Metadata that you can use to manage the entity.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" @@ -151561,18 +156985,22 @@ }, "title": "Tags", "type": "object" + }, + "WorkspaceId": { + "markdownDescription": "The ID of the workspace that contains the entity.", + "title": "WorkspaceId", + "type": "string" } }, "required": [ - "Definition", - "EngineType", - "Name" + "EntityName", + "WorkspaceId" ], "type": "object" }, "Type": { "enum": [ - "AWS::M2::Application" + "AWS::IoTTwinMaker::Entity" ], "type": "string" }, @@ -151591,237 +157019,368 @@ ], "type": "object" }, - "AWS::M2::Application.Definition": { + "AWS::IoTTwinMaker::Entity.Component": { "additionalProperties": false, "properties": { - "Content": { - "markdownDescription": "The content of the application definition. This is a JSON object that contains the resource configuration/definitions that identify an application.", - "title": "Content", + "ComponentName": { + "markdownDescription": "The name of the component.", + "title": "ComponentName", "type": "string" }, - "S3Location": { - "markdownDescription": "The S3 bucket that contains the application definition.", - "title": "S3Location", + "ComponentTypeId": { + "markdownDescription": "The ID of the component type.", + "title": "ComponentTypeId", + "type": "string" + }, + "DefinedIn": { + "markdownDescription": "The name of the property definition set in the request.", + "title": "DefinedIn", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the component.", + "title": "Description", "type": "string" + }, + "Properties": { + "additionalProperties": false, + "markdownDescription": "An object that maps strings to the properties to set in the component type. Each string in the mapping must be unique to this object.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Property" + } + }, + "title": "Properties", + "type": "object" + }, + "PropertyGroups": { + "additionalProperties": false, + "markdownDescription": "An object that maps strings to the property groups in the component type. Each string in the mapping must be unique to this object.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.PropertyGroup" + } + }, + "title": "PropertyGroups", + "type": "object" + }, + "Status": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Status", + "markdownDescription": "The status of the component.", + "title": "Status" } }, "type": "object" }, - "AWS::M2::Environment": { + "AWS::IoTTwinMaker::Entity.CompositeComponent": { "additionalProperties": false, "properties": { - "Condition": { + "ComponentName": { + "markdownDescription": "The name of the component.", + "title": "ComponentName", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ComponentPath": { + "markdownDescription": "The path to the composite component, starting from the top-level component.", + "title": "ComponentPath", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ComponentTypeId": { + "markdownDescription": "The ID of the composite component type.", + "title": "ComponentTypeId", + "type": "string" }, - "Metadata": { - "type": "object" + "Description": { + "markdownDescription": "The description of the component type.", + "title": "Description", + "type": "string" }, "Properties": { "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The description of the runtime environment.", - "title": "Description", - "type": "string" - }, - "EngineType": { - "markdownDescription": "The target platform for the runtime environment.", - "title": "EngineType", - "type": "string" - }, - "EngineVersion": { - "markdownDescription": "The version of the runtime engine.", - "title": "EngineVersion", - "type": "string" - }, - "HighAvailabilityConfig": { - "$ref": "#/definitions/AWS::M2::Environment.HighAvailabilityConfig", - "markdownDescription": "Defines the details of a high availability configuration.", - "title": "HighAvailabilityConfig" - }, - "InstanceType": { - "markdownDescription": "The instance type of the runtime environment.", - "title": "InstanceType", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "The identifier of a customer managed key.", - "title": "KmsKeyId", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the runtime environment.", - "title": "Name", - "type": "string" - }, - "PreferredMaintenanceWindow": { - "markdownDescription": "Configures the maintenance window that you want for the runtime environment. The maintenance window must have the format `ddd:hh24:mi-ddd:hh24:mi` and must be less than 24 hours. The following two examples are valid maintenance windows: `sun:23:45-mon:00:15` or `sat:01:00-sat:03:00` .\n\nIf you do not provide a value, a random system-generated value will be assigned.", - "title": "PreferredMaintenanceWindow", - "type": "string" - }, - "PubliclyAccessible": { - "markdownDescription": "Specifies whether the runtime environment is publicly accessible.", - "title": "PubliclyAccessible", - "type": "boolean" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of security groups for the VPC associated with this runtime environment.", - "title": "SecurityGroupIds", - "type": "array" - }, - "StorageConfigurations": { - "items": { - "$ref": "#/definitions/AWS::M2::Environment.StorageConfiguration" - }, - "markdownDescription": "Defines the storage configuration for a runtime environment.", - "title": "StorageConfigurations", - "type": "array" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of subnets associated with the VPC for this runtime environment.", - "title": "SubnetIds", - "type": "array" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" + "markdownDescription": "Map of strings to the properties in the component type. Each string in the mapping must be unique to this component.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Property" } }, - "required": [ - "EngineType", - "InstanceType", - "Name" - ], + "title": "Properties", + "type": "object" + }, + "PropertyGroups": { + "additionalProperties": false, + "markdownDescription": "The property groups.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.PropertyGroup" + } + }, + "title": "PropertyGroups", "type": "object" }, + "Status": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Status", + "markdownDescription": "The current status of the composite component.", + "title": "Status" + } + }, + "type": "object" + }, + "AWS::IoTTwinMaker::Entity.DataType": { + "additionalProperties": false, + "properties": { + "AllowedValues": { + "items": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataValue" + }, + "markdownDescription": "The allowed values.", + "title": "AllowedValues", + "type": "array" + }, + "NestedType": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataType", + "markdownDescription": "The nested type.", + "title": "NestedType" + }, + "Relationship": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Relationship", + "markdownDescription": "The relationship.", + "title": "Relationship" + }, "Type": { - "enum": [ - "AWS::M2::Environment" - ], + "markdownDescription": "The entity type.", + "title": "Type", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "UnitOfMeasure": { + "markdownDescription": "The unit of measure.", + "title": "UnitOfMeasure", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::M2::Environment.EfsStorageConfiguration": { + "AWS::IoTTwinMaker::Entity.DataValue": { "additionalProperties": false, "properties": { - "FileSystemId": { - "markdownDescription": "The file system identifier.", - "title": "FileSystemId", + "BooleanValue": { + "markdownDescription": "A boolean value.", + "title": "BooleanValue", + "type": "boolean" + }, + "DoubleValue": { + "markdownDescription": "A double value.", + "title": "DoubleValue", + "type": "number" + }, + "Expression": { + "markdownDescription": "An expression that produces the value.", + "title": "Expression", "type": "string" }, - "MountPoint": { - "markdownDescription": "The mount point for the file system.", - "title": "MountPoint", + "IntegerValue": { + "markdownDescription": "An integer value.", + "title": "IntegerValue", + "type": "number" + }, + "ListValue": { + "items": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataValue" + }, + "markdownDescription": "A list of multiple values.", + "title": "ListValue", + "type": "array" + }, + "LongValue": { + "markdownDescription": "A long value.", + "title": "LongValue", + "type": "number" + }, + "MapValue": { + "additionalProperties": false, + "markdownDescription": "An object that maps strings to multiple DataValue objects.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataValue" + } + }, + "title": "MapValue", + "type": "object" + }, + "RelationshipValue": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.RelationshipValue", + "markdownDescription": "A value that relates a component to another component.", + "title": "RelationshipValue" + }, + "StringValue": { + "markdownDescription": "A string value.", + "title": "StringValue", "type": "string" } }, - "required": [ - "FileSystemId", - "MountPoint" - ], "type": "object" }, - "AWS::M2::Environment.FsxStorageConfiguration": { + "AWS::IoTTwinMaker::Entity.Definition": { "additionalProperties": false, "properties": { - "FileSystemId": { - "markdownDescription": "The file system identifier.", - "title": "FileSystemId", + "Configuration": { + "additionalProperties": true, + "markdownDescription": "The configuration.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Configuration", + "type": "object" + }, + "DataType": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataType", + "markdownDescription": "The data type", + "title": "DataType" + }, + "DefaultValue": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataValue", + "markdownDescription": "The default value.", + "title": "DefaultValue" + }, + "IsExternalId": { + "markdownDescription": "Displays if the entity has a external Id.", + "title": "IsExternalId", + "type": "boolean" + }, + "IsFinal": { + "markdownDescription": "Displays if the entity is final.", + "title": "IsFinal", + "type": "boolean" + }, + "IsImported": { + "markdownDescription": "Displays if the entity is imported.", + "title": "IsImported", + "type": "boolean" + }, + "IsInherited": { + "markdownDescription": "Displays if the entity is inherited.", + "title": "IsInherited", + "type": "boolean" + }, + "IsRequiredInEntity": { + "markdownDescription": "Displays if the entity is a required entity.", + "title": "IsRequiredInEntity", + "type": "boolean" + }, + "IsStoredExternally": { + "markdownDescription": "Displays if the entity is tored externally.", + "title": "IsStoredExternally", + "type": "boolean" + }, + "IsTimeSeries": { + "markdownDescription": "Displays if the entity", + "title": "IsTimeSeries", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::IoTTwinMaker::Entity.Error": { + "additionalProperties": false, + "properties": { + "Code": { + "markdownDescription": "The entity error code.", + "title": "Code", "type": "string" }, - "MountPoint": { - "markdownDescription": "The mount point for the file system.", - "title": "MountPoint", + "Message": { + "markdownDescription": "The entity error message.", + "title": "Message", "type": "string" } }, - "required": [ - "FileSystemId", - "MountPoint" - ], "type": "object" }, - "AWS::M2::Environment.HighAvailabilityConfig": { + "AWS::IoTTwinMaker::Entity.Property": { "additionalProperties": false, "properties": { - "DesiredCapacity": { - "markdownDescription": "The number of instances in a high availability configuration. The minimum possible value is 1 and the maximum is 100.", - "title": "DesiredCapacity", - "type": "number" + "Definition": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Definition", + "markdownDescription": "An object that specifies information about a property.", + "title": "Definition" + }, + "Value": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataValue", + "markdownDescription": "An object that contains information about a value for a time series property.", + "title": "Value" } }, - "required": [ - "DesiredCapacity" - ], "type": "object" }, - "AWS::M2::Environment.StorageConfiguration": { + "AWS::IoTTwinMaker::Entity.PropertyGroup": { "additionalProperties": false, "properties": { - "Efs": { - "$ref": "#/definitions/AWS::M2::Environment.EfsStorageConfiguration", - "markdownDescription": "Defines the storage configuration for an Amazon EFS file system.", - "title": "Efs" + "GroupType": { + "markdownDescription": "The group type.", + "title": "GroupType", + "type": "string" }, - "Fsx": { - "$ref": "#/definitions/AWS::M2::Environment.FsxStorageConfiguration", - "markdownDescription": "Defines the storage configuration for an Amazon FSx file system.", - "title": "Fsx" + "PropertyNames": { + "items": { + "type": "string" + }, + "markdownDescription": "The property names.", + "title": "PropertyNames", + "type": "array" } }, "type": "object" }, - "AWS::MSK::BatchScramSecret": { + "AWS::IoTTwinMaker::Entity.Relationship": { + "additionalProperties": false, + "properties": { + "RelationshipType": { + "markdownDescription": "The relationship type.", + "title": "RelationshipType", + "type": "string" + }, + "TargetComponentTypeId": { + "markdownDescription": "the component type Id target.", + "title": "TargetComponentTypeId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoTTwinMaker::Entity.RelationshipValue": { + "additionalProperties": false, + "properties": { + "TargetComponentName": { + "markdownDescription": "The target component name.", + "title": "TargetComponentName", + "type": "string" + }, + "TargetEntityId": { + "markdownDescription": "The target entity Id.", + "title": "TargetEntityId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoTTwinMaker::Entity.Status": { + "additionalProperties": false, + "properties": { + "Error": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Error", + "markdownDescription": "The error message.", + "title": "Error" + }, + "State": { + "markdownDescription": "The current state of the entity, component, component type, or workspace.\n\nValid Values: `CREATING | UPDATING | DELETING | ACTIVE | ERROR`", + "title": "State", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoTTwinMaker::Scene": { "additionalProperties": false, "properties": { "Condition": { @@ -151856,28 +157415,67 @@ "Properties": { "additionalProperties": false, "properties": { - "ClusterArn": { - "markdownDescription": "The Amazon Resource Name (ARN) that uniquely identifies the cluster.", - "title": "ClusterArn", - "type": "string" - }, - "SecretArnList": { + "Capabilities": { "items": { "type": "string" }, - "markdownDescription": "List of Amazon Resource Name (ARN)s of Secrets Manager secrets.", - "title": "SecretArnList", + "markdownDescription": "A list of capabilities that the scene uses to render.", + "title": "Capabilities", "type": "array" + }, + "ContentLocation": { + "markdownDescription": "The relative path that specifies the location of the content definition file.", + "title": "ContentLocation", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of this scene.", + "title": "Description", + "type": "string" + }, + "SceneId": { + "markdownDescription": "The ID of the scene.", + "title": "SceneId", + "type": "string" + }, + "SceneMetadata": { + "additionalProperties": true, + "markdownDescription": "The scene metadata.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "SceneMetadata", + "type": "object" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The ComponentType tags.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "WorkspaceId": { + "markdownDescription": "The ID of the workspace.", + "title": "WorkspaceId", + "type": "string" } }, "required": [ - "ClusterArn" + "ContentLocation", + "SceneId", + "WorkspaceId" ], "type": "object" }, "Type": { "enum": [ - "AWS::MSK::BatchScramSecret" + "AWS::IoTTwinMaker::Scene" ], "type": "string" }, @@ -151896,7 +157494,7 @@ ], "type": "object" }, - "AWS::MSK::Cluster": { + "AWS::IoTTwinMaker::SyncJob": { "additionalProperties": false, "properties": { "Condition": { @@ -151931,69 +157529,114 @@ "Properties": { "additionalProperties": false, "properties": { - "BrokerNodeGroupInfo": { - "$ref": "#/definitions/AWS::MSK::Cluster.BrokerNodeGroupInfo", - "markdownDescription": "Information about the broker nodes in the cluster.", - "title": "BrokerNodeGroupInfo" - }, - "ClientAuthentication": { - "$ref": "#/definitions/AWS::MSK::Cluster.ClientAuthentication", - "markdownDescription": "Includes all client authentication related information.", - "title": "ClientAuthentication" + "SyncRole": { + "markdownDescription": "The SyncJob IAM role. This IAM role is used by the sync job to read from the syncSource, and create, update or delete the corresponding resources.", + "title": "SyncRole", + "type": "string" }, - "ClusterName": { - "markdownDescription": "The name of the cluster.", - "title": "ClusterName", + "SyncSource": { + "markdownDescription": "The sync source.\n\n> Currently the only supported syncSoucre is `SITEWISE` .", + "title": "SyncSource", "type": "string" }, - "ConfigurationInfo": { - "$ref": "#/definitions/AWS::MSK::Cluster.ConfigurationInfo", - "markdownDescription": "Represents the configuration that you want MSK to use for the cluster.", - "title": "ConfigurationInfo" + "Tags": { + "additionalProperties": true, + "markdownDescription": "Metadata you can use to manage the SyncJob.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" }, - "CurrentVersion": { - "markdownDescription": "The version of the cluster that you want to update.", - "title": "CurrentVersion", + "WorkspaceId": { + "markdownDescription": "The ID of the workspace that contains the sync job.", + "title": "WorkspaceId", "type": "string" - }, - "EncryptionInfo": { - "$ref": "#/definitions/AWS::MSK::Cluster.EncryptionInfo", - "markdownDescription": "Includes all encryption-related information.", - "title": "EncryptionInfo" - }, - "EnhancedMonitoring": { - "markdownDescription": "Specifies the level of monitoring for the MSK cluster.", - "title": "EnhancedMonitoring", + } + }, + "required": [ + "SyncRole", + "SyncSource", + "WorkspaceId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IoTTwinMaker::SyncJob" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::IoTTwinMaker::Workspace": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, - "KafkaVersion": { - "markdownDescription": "The version of Apache Kafka. You can use Amazon MSK to create clusters that use [supported Apache Kafka versions](https://docs.aws.amazon.com/msk/latest/developerguide/supported-kafka-versions.html) .", - "title": "KafkaVersion", + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the workspace.", + "title": "Description", "type": "string" }, - "LoggingInfo": { - "$ref": "#/definitions/AWS::MSK::Cluster.LoggingInfo", - "markdownDescription": "Logging info details for the cluster.", - "title": "LoggingInfo" - }, - "NumberOfBrokerNodes": { - "markdownDescription": "The number of broker nodes in the cluster.", - "title": "NumberOfBrokerNodes", - "type": "number" - }, - "OpenMonitoring": { - "$ref": "#/definitions/AWS::MSK::Cluster.OpenMonitoring", - "markdownDescription": "The settings for open monitoring.", - "title": "OpenMonitoring" + "Role": { + "markdownDescription": "The ARN of the execution role associated with the workspace.", + "title": "Role", + "type": "string" }, - "StorageMode": { - "markdownDescription": "This controls storage mode for supported storage tiers.", - "title": "StorageMode", + "S3Location": { + "markdownDescription": "The ARN of the S3 bucket where resources associated with the workspace are stored.", + "title": "S3Location", "type": "string" }, "Tags": { "additionalProperties": true, - "markdownDescription": "An arbitrary set of tags (key-value pairs) for the cluster.", + "markdownDescription": "Metadata that you can use to manage the workspace.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" @@ -152001,19 +157644,23 @@ }, "title": "Tags", "type": "object" + }, + "WorkspaceId": { + "markdownDescription": "The ID of the workspace.", + "title": "WorkspaceId", + "type": "string" } }, "required": [ - "BrokerNodeGroupInfo", - "ClusterName", - "KafkaVersion", - "NumberOfBrokerNodes" + "Role", + "S3Location", + "WorkspaceId" ], "type": "object" }, "Type": { "enum": [ - "AWS::MSK::Cluster" + "AWS::IoTTwinMaker::Workspace" ], "type": "string" }, @@ -152032,527 +157679,284 @@ ], "type": "object" }, - "AWS::MSK::Cluster.BrokerLogs": { - "additionalProperties": false, - "properties": { - "CloudWatchLogs": { - "$ref": "#/definitions/AWS::MSK::Cluster.CloudWatchLogs", - "markdownDescription": "", - "title": "CloudWatchLogs" - }, - "Firehose": { - "$ref": "#/definitions/AWS::MSK::Cluster.Firehose", - "markdownDescription": "Details of the Kinesis Data Firehose delivery stream that is the destination for broker logs.", - "title": "Firehose" - }, - "S3": { - "$ref": "#/definitions/AWS::MSK::Cluster.S3", - "markdownDescription": "Details of the Amazon S3 destination for broker logs.", - "title": "S3" - } - }, - "type": "object" - }, - "AWS::MSK::Cluster.BrokerNodeGroupInfo": { + "AWS::IoTWireless::Destination": { "additionalProperties": false, "properties": { - "BrokerAZDistribution": { - "markdownDescription": "This parameter is currently not in use.", - "title": "BrokerAZDistribution", + "Condition": { "type": "string" }, - "ClientSubnets": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of subnets to connect to in the client virtual private cloud (VPC). Amazon creates elastic network interfaces (ENIs) inside these subnets. Client applications use ENIs to produce and consume data.\n\nIf you use the US West (N. California) Region, specify exactly two subnets. For other Regions where Amazon MSK is available, you can specify either two or three subnets. The subnets that you specify must be in distinct Availability Zones. When you create a cluster, Amazon MSK distributes the broker nodes evenly across the subnets that you specify.\n\nClient subnets can't occupy the Availability Zone with ID `use1-az3` .", - "title": "ClientSubnets", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ConnectivityInfo": { - "$ref": "#/definitions/AWS::MSK::Cluster.ConnectivityInfo", - "markdownDescription": "Information about the cluster's connectivity setting.", - "title": "ConnectivityInfo" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "InstanceType": { - "markdownDescription": "The type of Amazon EC2 instances to use for brokers. The following instance types are allowed: kafka.m5.large, kafka.m5.xlarge, kafka.m5.2xlarge, kafka.m5.4xlarge, kafka.m5.8xlarge, kafka.m5.12xlarge, kafka.m5.16xlarge, kafka.m5.24xlarge, and kafka.t3.small.", - "title": "InstanceType", - "type": "string" + "Metadata": { + "type": "object" }, - "SecurityGroups": { - "items": { - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the new resource. Maximum length is 2048 characters.", + "title": "Description", + "type": "string" + }, + "Expression": { + "markdownDescription": "The rule name to send messages to.", + "title": "Expression", + "type": "string" + }, + "ExpressionType": { + "markdownDescription": "The type of value in `Expression` .", + "title": "ExpressionType", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the new resource.", + "title": "Name", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the IAM Role that authorizes the destination.", + "title": "RoleArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The security groups to associate with the ENIs in order to specify who can connect to and communicate with the Amazon MSK cluster. If you don't specify a security group, Amazon MSK uses the default security group associated with the VPC. If you specify security groups that were shared with you, you must ensure that you have permissions to them. Specifically, you need the `ec2:DescribeSecurityGroups` permission.", - "title": "SecurityGroups", - "type": "array" + "required": [ + "Expression", + "ExpressionType", + "Name" + ], + "type": "object" }, - "StorageInfo": { - "$ref": "#/definitions/AWS::MSK::Cluster.StorageInfo", - "markdownDescription": "Contains information about storage volumes attached to Amazon MSK broker nodes.", - "title": "StorageInfo" + "Type": { + "enum": [ + "AWS::IoTWireless::Destination" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "ClientSubnets", - "InstanceType" + "Type", + "Properties" ], "type": "object" }, - "AWS::MSK::Cluster.ClientAuthentication": { + "AWS::IoTWireless::DeviceProfile": { "additionalProperties": false, "properties": { - "Sasl": { - "$ref": "#/definitions/AWS::MSK::Cluster.Sasl", - "markdownDescription": "Details for client authentication using SASL. To turn on SASL, you must also turn on `EncryptionInTransit` by setting `inCluster` to true. You must set `clientBroker` to either `TLS` or `TLS_PLAINTEXT` . If you choose `TLS_PLAINTEXT` , then you must also set `unauthenticated` to true.", - "title": "Sasl" + "Condition": { + "type": "string" }, - "Tls": { - "$ref": "#/definitions/AWS::MSK::Cluster.Tls", - "markdownDescription": "Details for ClientAuthentication using TLS. To turn on TLS access control, you must also turn on `EncryptionInTransit` by setting `inCluster` to true and `clientBroker` to `TLS` .", - "title": "Tls" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Unauthenticated": { - "$ref": "#/definitions/AWS::MSK::Cluster.Unauthenticated", - "markdownDescription": "Details for ClientAuthentication using no authentication.", - "title": "Unauthenticated" - } - }, - "type": "object" - }, - "AWS::MSK::Cluster.CloudWatchLogs": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Specifies whether broker logs get sent to the specified CloudWatch Logs destination.", - "title": "Enabled", - "type": "boolean" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "LogGroup": { - "markdownDescription": "The CloudWatch log group that is the destination for broker logs.", - "title": "LogGroup", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "LoRaWAN": { + "$ref": "#/definitions/AWS::IoTWireless::DeviceProfile.LoRaWANDeviceProfile", + "markdownDescription": "LoRaWAN device profile object.", + "title": "LoRaWAN" + }, + "Name": { + "markdownDescription": "The name of the new resource.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IoTWireless::DeviceProfile" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Enabled" + "Type" ], "type": "object" }, - "AWS::MSK::Cluster.ConfigurationInfo": { + "AWS::IoTWireless::DeviceProfile.LoRaWANDeviceProfile": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "ARN of the configuration to use.", - "title": "Arn", - "type": "string" + "ClassBTimeout": { + "markdownDescription": "The ClassBTimeout value.", + "title": "ClassBTimeout", + "type": "number" }, - "Revision": { - "markdownDescription": "The revision of the configuration to use.", - "title": "Revision", + "ClassCTimeout": { + "markdownDescription": "The ClassCTimeout value.", + "title": "ClassCTimeout", "type": "number" - } - }, - "required": [ - "Arn", - "Revision" - ], - "type": "object" - }, - "AWS::MSK::Cluster.ConnectivityInfo": { - "additionalProperties": false, - "properties": { - "PublicAccess": { - "$ref": "#/definitions/AWS::MSK::Cluster.PublicAccess", - "markdownDescription": "Access control settings for the cluster's brokers.", - "title": "PublicAccess" }, - "VpcConnectivity": { - "$ref": "#/definitions/AWS::MSK::Cluster.VpcConnectivity", - "markdownDescription": "VPC connection control settings for brokers.", - "title": "VpcConnectivity" - } - }, - "type": "object" - }, - "AWS::MSK::Cluster.EBSStorageInfo": { - "additionalProperties": false, - "properties": { - "ProvisionedThroughput": { - "$ref": "#/definitions/AWS::MSK::Cluster.ProvisionedThroughput", - "markdownDescription": "EBS volume provisioned throughput information.", - "title": "ProvisionedThroughput" + "FactoryPresetFreqsList": { + "items": { + "type": "number" + }, + "markdownDescription": "The list of values that make up the FactoryPresetFreqs value. Valid range of values include a minimum value of 1000000 and a maximum value of 16700000.", + "title": "FactoryPresetFreqsList", + "type": "array" }, - "VolumeSize": { - "markdownDescription": "The size in GiB of the EBS volume for the data drive on each broker node.", - "title": "VolumeSize", - "type": "number" - } - }, - "type": "object" - }, - "AWS::MSK::Cluster.EncryptionAtRest": { - "additionalProperties": false, - "properties": { - "DataVolumeKMSKeyId": { - "markdownDescription": "The ARN of the Amazon KMS key for encrypting data at rest. If you don't specify a KMS key, MSK creates one for you and uses it.", - "title": "DataVolumeKMSKeyId", - "type": "string" - } - }, - "required": [ - "DataVolumeKMSKeyId" - ], - "type": "object" - }, - "AWS::MSK::Cluster.EncryptionInTransit": { - "additionalProperties": false, - "properties": { - "ClientBroker": { - "markdownDescription": "Indicates the encryption setting for data in transit between clients and brokers. You must set it to one of the following values.\n\n- `TLS` : Indicates that client-broker communication is enabled with TLS only.\n- `TLS_PLAINTEXT` : Indicates that client-broker communication is enabled for both TLS-encrypted, as well as plaintext data.\n- `PLAINTEXT` : Indicates that client-broker communication is enabled in plaintext only.\n\nThe default value is `TLS` .", - "title": "ClientBroker", + "MacVersion": { + "markdownDescription": "The MAC version (such as OTAA 1.1 or OTAA 1.0.3) to use with this device profile.", + "title": "MacVersion", "type": "string" }, - "InCluster": { - "markdownDescription": "When set to true, it indicates that data communication among the broker nodes of the cluster is encrypted. When set to false, the communication happens in plaintext.\n\nThe default value is true.", - "title": "InCluster", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::MSK::Cluster.EncryptionInfo": { - "additionalProperties": false, - "properties": { - "EncryptionAtRest": { - "$ref": "#/definitions/AWS::MSK::Cluster.EncryptionAtRest", - "markdownDescription": "The data-volume encryption details.", - "title": "EncryptionAtRest" + "MaxDutyCycle": { + "markdownDescription": "The MaxDutyCycle value.", + "title": "MaxDutyCycle", + "type": "number" }, - "EncryptionInTransit": { - "$ref": "#/definitions/AWS::MSK::Cluster.EncryptionInTransit", - "markdownDescription": "The details for encryption in transit.", - "title": "EncryptionInTransit" - } - }, - "type": "object" - }, - "AWS::MSK::Cluster.Firehose": { - "additionalProperties": false, - "properties": { - "DeliveryStream": { - "markdownDescription": "The Kinesis Data Firehose delivery stream that is the destination for broker logs.", - "title": "DeliveryStream", - "type": "string" + "MaxEirp": { + "markdownDescription": "The MaxEIRP value.", + "title": "MaxEirp", + "type": "number" }, - "Enabled": { - "markdownDescription": "Specifies whether broker logs get send to the specified Kinesis Data Firehose delivery stream.", - "title": "Enabled", - "type": "boolean" - } - }, - "required": [ - "Enabled" - ], - "type": "object" - }, - "AWS::MSK::Cluster.Iam": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "SASL/IAM authentication is enabled or not.", - "title": "Enabled", - "type": "boolean" - } - }, - "required": [ - "Enabled" - ], - "type": "object" - }, - "AWS::MSK::Cluster.JmxExporter": { - "additionalProperties": false, - "properties": { - "EnabledInBroker": { - "markdownDescription": "Indicates whether you want to enable or disable the JMX Exporter.", - "title": "EnabledInBroker", - "type": "boolean" - } - }, - "required": [ - "EnabledInBroker" - ], - "type": "object" - }, - "AWS::MSK::Cluster.LoggingInfo": { - "additionalProperties": false, - "properties": { - "BrokerLogs": { - "$ref": "#/definitions/AWS::MSK::Cluster.BrokerLogs", - "markdownDescription": "You can configure your MSK cluster to send broker logs to different destination types. This configuration specifies the details of these destinations.", - "title": "BrokerLogs" - } - }, - "required": [ - "BrokerLogs" - ], - "type": "object" - }, - "AWS::MSK::Cluster.NodeExporter": { - "additionalProperties": false, - "properties": { - "EnabledInBroker": { - "markdownDescription": "Indicates whether you want to enable or disable the Node Exporter.", - "title": "EnabledInBroker", - "type": "boolean" - } - }, - "required": [ - "EnabledInBroker" - ], - "type": "object" - }, - "AWS::MSK::Cluster.OpenMonitoring": { - "additionalProperties": false, - "properties": { - "Prometheus": { - "$ref": "#/definitions/AWS::MSK::Cluster.Prometheus", - "markdownDescription": "Prometheus exporter settings.", - "title": "Prometheus" - } - }, - "required": [ - "Prometheus" - ], - "type": "object" - }, - "AWS::MSK::Cluster.Prometheus": { - "additionalProperties": false, - "properties": { - "JmxExporter": { - "$ref": "#/definitions/AWS::MSK::Cluster.JmxExporter", - "markdownDescription": "Indicates whether you want to enable or disable the JMX Exporter.", - "title": "JmxExporter" + "PingSlotDr": { + "markdownDescription": "The PingSlotDR value.", + "title": "PingSlotDr", + "type": "number" }, - "NodeExporter": { - "$ref": "#/definitions/AWS::MSK::Cluster.NodeExporter", - "markdownDescription": "Indicates whether you want to enable or disable the Node Exporter.", - "title": "NodeExporter" - } - }, - "type": "object" - }, - "AWS::MSK::Cluster.ProvisionedThroughput": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Provisioned throughput is on or off.", - "title": "Enabled", - "type": "boolean" + "PingSlotFreq": { + "markdownDescription": "The PingSlotFreq value.", + "title": "PingSlotFreq", + "type": "number" }, - "VolumeThroughput": { - "markdownDescription": "Throughput value of the EBS volumes for the data drive on each kafka broker node in MiB per second.", - "title": "VolumeThroughput", + "PingSlotPeriod": { + "markdownDescription": "The PingSlotPeriod value.", + "title": "PingSlotPeriod", "type": "number" - } - }, - "type": "object" - }, - "AWS::MSK::Cluster.PublicAccess": { - "additionalProperties": false, - "properties": { - "Type": { - "markdownDescription": "DISABLED means that public access is turned off. SERVICE_PROVIDED_EIPS means that public access is turned on.", - "title": "Type", + }, + "RegParamsRevision": { + "markdownDescription": "The version of regional parameters.", + "title": "RegParamsRevision", "type": "string" - } - }, - "type": "object" - }, - "AWS::MSK::Cluster.S3": { - "additionalProperties": false, - "properties": { - "Bucket": { - "markdownDescription": "The name of the S3 bucket that is the destination for broker logs.", - "title": "Bucket", + }, + "RfRegion": { + "markdownDescription": "The frequency band (RFRegion) value.", + "title": "RfRegion", "type": "string" }, - "Enabled": { - "markdownDescription": "Specifies whether broker logs get sent to the specified Amazon S3 destination.", - "title": "Enabled", - "type": "boolean" + "RxDataRate2": { + "markdownDescription": "The RXDataRate2 value.", + "title": "RxDataRate2", + "type": "number" }, - "Prefix": { - "markdownDescription": "The S3 prefix that is the destination for broker logs.", - "title": "Prefix", - "type": "string" - } - }, - "required": [ - "Enabled" - ], - "type": "object" - }, - "AWS::MSK::Cluster.Sasl": { - "additionalProperties": false, - "properties": { - "Iam": { - "$ref": "#/definitions/AWS::MSK::Cluster.Iam", - "markdownDescription": "Details for ClientAuthentication using IAM.", - "title": "Iam" + "RxDelay1": { + "markdownDescription": "The RXDelay1 value.", + "title": "RxDelay1", + "type": "number" }, - "Scram": { - "$ref": "#/definitions/AWS::MSK::Cluster.Scram", - "markdownDescription": "Details for SASL/SCRAM client authentication.", - "title": "Scram" - } - }, - "type": "object" - }, - "AWS::MSK::Cluster.Scram": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "SASL/SCRAM authentication is enabled or not.", - "title": "Enabled", - "type": "boolean" - } - }, - "required": [ - "Enabled" - ], - "type": "object" - }, - "AWS::MSK::Cluster.StorageInfo": { - "additionalProperties": false, - "properties": { - "EBSStorageInfo": { - "$ref": "#/definitions/AWS::MSK::Cluster.EBSStorageInfo", - "markdownDescription": "EBS volume information.", - "title": "EBSStorageInfo" - } - }, - "type": "object" - }, - "AWS::MSK::Cluster.Tls": { - "additionalProperties": false, - "properties": { - "CertificateAuthorityArnList": { - "items": { - "type": "string" - }, - "markdownDescription": "List of AWS Private CA ARNs.", - "title": "CertificateAuthorityArnList", - "type": "array" + "RxDrOffset1": { + "markdownDescription": "The RXDROffset1 value.", + "title": "RxDrOffset1", + "type": "number" }, - "Enabled": { - "markdownDescription": "TLS authentication is enabled or not.", - "title": "Enabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::MSK::Cluster.Unauthenticated": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Unauthenticated is enabled or not.", - "title": "Enabled", + "RxFreq2": { + "markdownDescription": "The RXFreq2 value.", + "title": "RxFreq2", + "type": "number" + }, + "Supports32BitFCnt": { + "markdownDescription": "The Supports32BitFCnt value.", + "title": "Supports32BitFCnt", "type": "boolean" - } - }, - "required": [ - "Enabled" - ], - "type": "object" - }, - "AWS::MSK::Cluster.VpcConnectivity": { - "additionalProperties": false, - "properties": { - "ClientAuthentication": { - "$ref": "#/definitions/AWS::MSK::Cluster.VpcConnectivityClientAuthentication", - "markdownDescription": "VPC connection control settings for brokers.", - "title": "ClientAuthentication" - } - }, - "type": "object" - }, - "AWS::MSK::Cluster.VpcConnectivityClientAuthentication": { - "additionalProperties": false, - "properties": { - "Sasl": { - "$ref": "#/definitions/AWS::MSK::Cluster.VpcConnectivitySasl", - "markdownDescription": "Details for VpcConnectivity ClientAuthentication using SASL.", - "title": "Sasl" }, - "Tls": { - "$ref": "#/definitions/AWS::MSK::Cluster.VpcConnectivityTls", - "markdownDescription": "Details for VpcConnectivity ClientAuthentication using TLS.", - "title": "Tls" - } - }, - "type": "object" - }, - "AWS::MSK::Cluster.VpcConnectivityIam": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "SASL/IAM authentication is enabled or not.", - "title": "Enabled", + "SupportsClassB": { + "markdownDescription": "The SupportsClassB value.", + "title": "SupportsClassB", "type": "boolean" - } - }, - "required": [ - "Enabled" - ], - "type": "object" - }, - "AWS::MSK::Cluster.VpcConnectivitySasl": { - "additionalProperties": false, - "properties": { - "Iam": { - "$ref": "#/definitions/AWS::MSK::Cluster.VpcConnectivityIam", - "markdownDescription": "Details for ClientAuthentication using IAM for VpcConnectivity.", - "title": "Iam" }, - "Scram": { - "$ref": "#/definitions/AWS::MSK::Cluster.VpcConnectivityScram", - "markdownDescription": "Details for SASL/SCRAM client authentication for VpcConnectivity.", - "title": "Scram" - } - }, - "type": "object" - }, - "AWS::MSK::Cluster.VpcConnectivityScram": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "SASL/SCRAM authentication is enabled or not.", - "title": "Enabled", + "SupportsClassC": { + "markdownDescription": "The SupportsClassC value.", + "title": "SupportsClassC", "type": "boolean" - } - }, - "required": [ - "Enabled" - ], - "type": "object" - }, - "AWS::MSK::Cluster.VpcConnectivityTls": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "TLS authentication is enabled or not.", - "title": "Enabled", + }, + "SupportsJoin": { + "markdownDescription": "The SupportsJoin value.", + "title": "SupportsJoin", "type": "boolean" } }, - "required": [ - "Enabled" - ], "type": "object" }, - "AWS::MSK::ClusterPolicy": { + "AWS::IoTWireless::FuotaTask": { "additionalProperties": false, "properties": { "Condition": { @@ -152587,26 +157991,70 @@ "Properties": { "additionalProperties": false, "properties": { - "ClusterArn": { - "markdownDescription": "The Amazon Resource Name (ARN) that uniquely identifies the cluster.", - "title": "ClusterArn", + "AssociateMulticastGroup": { + "markdownDescription": "The ID of the multicast group to associate with a FUOTA task.", + "title": "AssociateMulticastGroup", "type": "string" }, - "Policy": { - "markdownDescription": "Resource policy for the cluster.", - "title": "Policy", - "type": "object" + "AssociateWirelessDevice": { + "markdownDescription": "The ID of the wireless device to associate with a multicast group.", + "title": "AssociateWirelessDevice", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the new resource.", + "title": "Description", + "type": "string" + }, + "DisassociateMulticastGroup": { + "markdownDescription": "The ID of the multicast group to disassociate from a FUOTA task.", + "title": "DisassociateMulticastGroup", + "type": "string" + }, + "DisassociateWirelessDevice": { + "markdownDescription": "The ID of the wireless device to disassociate from a FUOTA task.", + "title": "DisassociateWirelessDevice", + "type": "string" + }, + "FirmwareUpdateImage": { + "markdownDescription": "The S3 URI points to a firmware update image that is to be used with a FUOTA task.", + "title": "FirmwareUpdateImage", + "type": "string" + }, + "FirmwareUpdateRole": { + "markdownDescription": "The firmware update role that is to be used with a FUOTA task.", + "title": "FirmwareUpdateRole", + "type": "string" + }, + "LoRaWAN": { + "$ref": "#/definitions/AWS::IoTWireless::FuotaTask.LoRaWAN", + "markdownDescription": "The LoRaWAN information used with a FUOTA task.", + "title": "LoRaWAN" + }, + "Name": { + "markdownDescription": "The name of a FUOTA task.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", + "title": "Tags", + "type": "array" } }, "required": [ - "ClusterArn", - "Policy" + "FirmwareUpdateImage", + "FirmwareUpdateRole", + "LoRaWAN" ], "type": "object" }, "Type": { "enum": [ - "AWS::MSK::ClusterPolicy" + "AWS::IoTWireless::FuotaTask" ], "type": "string" }, @@ -152625,7 +158073,26 @@ ], "type": "object" }, - "AWS::MSK::Configuration": { + "AWS::IoTWireless::FuotaTask.LoRaWAN": { + "additionalProperties": false, + "properties": { + "RfRegion": { + "markdownDescription": "The frequency band (RFRegion) value.", + "title": "RfRegion", + "type": "string" + }, + "StartTime": { + "markdownDescription": "Start time of a FUOTA task.", + "title": "StartTime", + "type": "string" + } + }, + "required": [ + "RfRegion" + ], + "type": "object" + }, + "AWS::IoTWireless::MulticastGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -152660,44 +158127,48 @@ "Properties": { "additionalProperties": false, "properties": { + "AssociateWirelessDevice": { + "markdownDescription": "The ID of the wireless device to associate with a multicast group.", + "title": "AssociateWirelessDevice", + "type": "string" + }, "Description": { - "markdownDescription": "The description of the configuration.", + "markdownDescription": "The description of the multicast group.", "title": "Description", "type": "string" }, - "KafkaVersionsList": { - "items": { - "type": "string" - }, - "markdownDescription": "The [versions of Apache Kafka](https://docs.aws.amazon.com/msk/latest/developerguide/supported-kafka-versions.html) with which you can use this MSK configuration.\n\nWhen you update the `KafkaVersionsList` property, AWS CloudFormation recreates a new configuration with the updated property before deleting the old configuration. Such an update requires a [resource replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) . To successfully update `KafkaVersionsList` , you must also update the `Name` property in the same operation.\n\nIf your configuration is attached with any clusters created using the AWS Management Console or AWS CLI , you'll need to manually delete the old configuration from the console after the update completes.\n\nFor more information, see [Can\u2019t update KafkaVersionsList in MSK configuration](https://docs.aws.amazon.com/msk/latest/developerguide/troubleshooting.html#troubleshoot-kafkaversionslist-cfn-update-failure) in the *Amazon MSK Developer Guide* .", - "title": "KafkaVersionsList", - "type": "array" + "DisassociateWirelessDevice": { + "markdownDescription": "The ID of the wireless device to disassociate from a multicast group.", + "title": "DisassociateWirelessDevice", + "type": "string" }, - "LatestRevision": { - "$ref": "#/definitions/AWS::MSK::Configuration.LatestRevision", - "markdownDescription": "Latest revision of the MSK configuration.", - "title": "LatestRevision" + "LoRaWAN": { + "$ref": "#/definitions/AWS::IoTWireless::MulticastGroup.LoRaWAN", + "markdownDescription": "The LoRaWAN information that is to be used with the multicast group.", + "title": "LoRaWAN" }, "Name": { - "markdownDescription": "The name of the configuration. Configuration names are strings that match the regex \"^[0-9A-Za-z][0-9A-Za-z-]{0,}$\".", + "markdownDescription": "The name of the multicast group.", "title": "Name", "type": "string" }, - "ServerProperties": { - "markdownDescription": "Contents of the `server.properties` file. When using the console, the SDK, or the AWS CLI , the contents of `server.properties` can be in plaintext.", - "title": "ServerProperties", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", + "title": "Tags", + "type": "array" } }, "required": [ - "Name", - "ServerProperties" + "LoRaWAN" ], "type": "object" }, "Type": { "enum": [ - "AWS::MSK::Configuration" + "AWS::IoTWireless::MulticastGroup" ], "type": "string" }, @@ -152716,28 +158187,37 @@ ], "type": "object" }, - "AWS::MSK::Configuration.LatestRevision": { + "AWS::IoTWireless::MulticastGroup.LoRaWAN": { "additionalProperties": false, "properties": { - "CreationTime": { - "markdownDescription": "The time when the configuration revision was created.", - "title": "CreationTime", + "DlClass": { + "markdownDescription": "DlClass for LoRaWAN. Valid values are ClassB and ClassC.", + "title": "DlClass", "type": "string" }, - "Description": { - "markdownDescription": "The description of the configuration revision.", - "title": "Description", - "type": "string" + "NumberOfDevicesInGroup": { + "markdownDescription": "Number of devices that are associated to the multicast group.", + "title": "NumberOfDevicesInGroup", + "type": "number" }, - "Revision": { - "markdownDescription": "The revision number.", - "title": "Revision", + "NumberOfDevicesRequested": { + "markdownDescription": "Number of devices that are requested to be associated with the multicast group.", + "title": "NumberOfDevicesRequested", "type": "number" + }, + "RfRegion": { + "markdownDescription": "The frequency band (RFRegion) value.", + "title": "RfRegion", + "type": "string" } }, + "required": [ + "DlClass", + "RfRegion" + ], "type": "object" }, - "AWS::MSK::Replicator": { + "AWS::IoTWireless::NetworkAnalyzerConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -152772,60 +158252,54 @@ "Properties": { "additionalProperties": false, "properties": { - "CurrentVersion": { - "type": "string" - }, "Description": { - "markdownDescription": "A summary description of the replicator.", + "markdownDescription": "The description of the resource.", "title": "Description", "type": "string" }, - "KafkaClusters": { + "Name": { + "markdownDescription": "Name of the network analyzer configuration.", + "title": "Name", + "type": "string" + }, + "Tags": { "items": { - "$ref": "#/definitions/AWS::MSK::Replicator.KafkaCluster" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "Kafka Clusters to use in setting up sources / targets for replication.", - "title": "KafkaClusters", + "markdownDescription": "The tags to attach to the specified resource. Tags are metadata that you can use to manage a resource.", + "title": "Tags", "type": "array" }, - "ReplicationInfoList": { + "TraceContent": { + "$ref": "#/definitions/AWS::IoTWireless::NetworkAnalyzerConfiguration.TraceContent", + "markdownDescription": "Trace content for your wireless gateway and wireless device resources.", + "title": "TraceContent" + }, + "WirelessDevices": { "items": { - "$ref": "#/definitions/AWS::MSK::Replicator.ReplicationInfo" + "type": "string" }, - "markdownDescription": "A list of replication configurations, where each configuration targets a given source cluster to target cluster replication flow.", - "title": "ReplicationInfoList", + "markdownDescription": "Wireless device resources to add to the network analyzer configuration. Provide the `WirelessDeviceId` of the resource to add in the input array.", + "title": "WirelessDevices", "type": "array" }, - "ReplicatorName": { - "markdownDescription": "The name of the replicator. Alpha-numeric characters with '-' are allowed.", - "title": "ReplicatorName", - "type": "string" - }, - "ServiceExecutionRoleArn": { - "markdownDescription": "The ARN of the IAM role used by the replicator to access resources in the customer's account (e.g source and target clusters)", - "title": "ServiceExecutionRoleArn", - "type": "string" - }, - "Tags": { + "WirelessGateways": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "List of tags to attach to created Replicator.", - "title": "Tags", + "markdownDescription": "Wireless gateway resources to add to the network analyzer configuration. Provide the `WirelessGatewayId` of the resource to add in the input array.", + "title": "WirelessGateways", "type": "array" } }, "required": [ - "KafkaClusters", - "ReplicationInfoList", - "ReplicatorName", - "ServiceExecutionRoleArn" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::MSK::Replicator" + "AWS::IoTWireless::NetworkAnalyzerConfiguration" ], "type": "string" }, @@ -152844,195 +158318,23 @@ ], "type": "object" }, - "AWS::MSK::Replicator.AmazonMskCluster": { + "AWS::IoTWireless::NetworkAnalyzerConfiguration.TraceContent": { "additionalProperties": false, "properties": { - "MskClusterArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an Amazon MSK cluster.", - "title": "MskClusterArn", - "type": "string" - } - }, - "required": [ - "MskClusterArn" - ], - "type": "object" - }, - "AWS::MSK::Replicator.ConsumerGroupReplication": { - "additionalProperties": false, - "properties": { - "ConsumerGroupsToExclude": { - "items": { - "type": "string" - }, - "markdownDescription": "List of regular expression patterns indicating the consumer groups that should not be replicated.", - "title": "ConsumerGroupsToExclude", - "type": "array" - }, - "ConsumerGroupsToReplicate": { - "items": { - "type": "string" - }, - "markdownDescription": "List of regular expression patterns indicating the consumer groups to copy.", - "title": "ConsumerGroupsToReplicate", - "type": "array" - }, - "DetectAndCopyNewConsumerGroups": { - "markdownDescription": "Enables synchronization of consumer groups to target cluster.", - "title": "DetectAndCopyNewConsumerGroups", - "type": "boolean" - }, - "SynchroniseConsumerGroupOffsets": { - "markdownDescription": "Enables synchronization of consumer group offsets to target cluster. The translated offsets will be written to topic __consumer_offsets.", - "title": "SynchroniseConsumerGroupOffsets", - "type": "boolean" - } - }, - "required": [ - "ConsumerGroupsToReplicate" - ], - "type": "object" - }, - "AWS::MSK::Replicator.KafkaCluster": { - "additionalProperties": false, - "properties": { - "AmazonMskCluster": { - "$ref": "#/definitions/AWS::MSK::Replicator.AmazonMskCluster", - "markdownDescription": "Details of an Amazon MSK Cluster.", - "title": "AmazonMskCluster" - }, - "VpcConfig": { - "$ref": "#/definitions/AWS::MSK::Replicator.KafkaClusterClientVpcConfig", - "markdownDescription": "Details of an Amazon VPC which has network connectivity to the Apache Kafka cluster.", - "title": "VpcConfig" - } - }, - "required": [ - "AmazonMskCluster", - "VpcConfig" - ], - "type": "object" - }, - "AWS::MSK::Replicator.KafkaClusterClientVpcConfig": { - "additionalProperties": false, - "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The security groups to attach to the ENIs for the broker nodes.", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of subnets in the client VPC to connect to.", - "title": "SubnetIds", - "type": "array" - } - }, - "required": [ - "SubnetIds" - ], - "type": "object" - }, - "AWS::MSK::Replicator.ReplicationInfo": { - "additionalProperties": false, - "properties": { - "ConsumerGroupReplication": { - "$ref": "#/definitions/AWS::MSK::Replicator.ConsumerGroupReplication", - "markdownDescription": "Configuration relating to consumer group replication.", - "title": "ConsumerGroupReplication" - }, - "SourceKafkaClusterArn": { - "markdownDescription": "The ARN of the source Kafka cluster.", - "title": "SourceKafkaClusterArn", - "type": "string" - }, - "TargetCompressionType": { - "markdownDescription": "The compression type to use when producing records to target cluster.", - "title": "TargetCompressionType", - "type": "string" - }, - "TargetKafkaClusterArn": { - "markdownDescription": "The ARN of the target Kafka cluster.", - "title": "TargetKafkaClusterArn", + "LogLevel": { + "markdownDescription": "The log level for a log message. The log levels can be disabled, or set to `ERROR` to display less verbose logs containing only error information, or to `INFO` for more detailed logs", + "title": "LogLevel", "type": "string" }, - "TopicReplication": { - "$ref": "#/definitions/AWS::MSK::Replicator.TopicReplication", - "markdownDescription": "Configuration relating to topic replication.", - "title": "TopicReplication" - } - }, - "required": [ - "ConsumerGroupReplication", - "SourceKafkaClusterArn", - "TargetCompressionType", - "TargetKafkaClusterArn", - "TopicReplication" - ], - "type": "object" - }, - "AWS::MSK::Replicator.ReplicationStartingPosition": { - "additionalProperties": false, - "properties": { - "Type": { - "markdownDescription": "The type of replication starting position.", - "title": "Type", + "WirelessDeviceFrameInfo": { + "markdownDescription": "`FrameInfo` of your wireless device resources for the trace content. Use FrameInfo to debug the communication between your LoRaWAN end devices and the network server.", + "title": "WirelessDeviceFrameInfo", "type": "string" } }, "type": "object" }, - "AWS::MSK::Replicator.TopicReplication": { - "additionalProperties": false, - "properties": { - "CopyAccessControlListsForTopics": { - "markdownDescription": "Whether to periodically configure remote topic ACLs to match their corresponding upstream topics.", - "title": "CopyAccessControlListsForTopics", - "type": "boolean" - }, - "CopyTopicConfigurations": { - "markdownDescription": "Whether to periodically configure remote topics to match their corresponding upstream topics.", - "title": "CopyTopicConfigurations", - "type": "boolean" - }, - "DetectAndCopyNewTopics": { - "markdownDescription": "Whether to periodically check for new topics and partitions.", - "title": "DetectAndCopyNewTopics", - "type": "boolean" - }, - "StartingPosition": { - "$ref": "#/definitions/AWS::MSK::Replicator.ReplicationStartingPosition", - "markdownDescription": "Specifies the position in the topics to start replicating from.", - "title": "StartingPosition" - }, - "TopicsToExclude": { - "items": { - "type": "string" - }, - "markdownDescription": "List of regular expression patterns indicating the topics that should not be replicated.", - "title": "TopicsToExclude", - "type": "array" - }, - "TopicsToReplicate": { - "items": { - "type": "string" - }, - "markdownDescription": "List of regular expression patterns indicating the topics to copy.", - "title": "TopicsToReplicate", - "type": "array" - } - }, - "required": [ - "TopicsToReplicate" - ], - "type": "object" - }, - "AWS::MSK::ServerlessCluster": { + "AWS::IoTWireless::PartnerAccount": { "additionalProperties": false, "properties": { "Condition": { @@ -153067,46 +158369,50 @@ "Properties": { "additionalProperties": false, "properties": { - "ClientAuthentication": { - "$ref": "#/definitions/AWS::MSK::ServerlessCluster.ClientAuthentication", - "markdownDescription": "Includes all client authentication related information.", - "title": "ClientAuthentication" + "AccountLinked": { + "markdownDescription": "Whether the partner account is linked to the AWS account.", + "title": "AccountLinked", + "type": "boolean" }, - "ClusterName": { - "markdownDescription": "The name of the cluster.", - "title": "ClusterName", + "PartnerAccountId": { + "markdownDescription": "The ID of the partner account to update.", + "title": "PartnerAccountId", "type": "string" }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "An arbitrary set of tags (key-value pairs) for the cluster.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" + "PartnerType": { + "markdownDescription": "The partner type.", + "title": "PartnerType", + "type": "string" }, - "VpcConfigs": { + "Sidewalk": { + "$ref": "#/definitions/AWS::IoTWireless::PartnerAccount.SidewalkAccountInfo", + "markdownDescription": "The Sidewalk account credentials.", + "title": "Sidewalk" + }, + "SidewalkResponse": { + "$ref": "#/definitions/AWS::IoTWireless::PartnerAccount.SidewalkAccountInfoWithFingerprint", + "markdownDescription": "Information about a Sidewalk account.", + "title": "SidewalkResponse" + }, + "SidewalkUpdate": { + "$ref": "#/definitions/AWS::IoTWireless::PartnerAccount.SidewalkUpdateAccount", + "markdownDescription": "Sidewalk update.", + "title": "SidewalkUpdate" + }, + "Tags": { "items": { - "$ref": "#/definitions/AWS::MSK::ServerlessCluster.VpcConfig" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "VPC configuration information for the serverless cluster.", - "title": "VpcConfigs", + "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", + "title": "Tags", "type": "array" } }, - "required": [ - "ClientAuthentication", - "ClusterName", - "VpcConfigs" - ], "type": "object" }, "Type": { "enum": [ - "AWS::MSK::ServerlessCluster" + "AWS::IoTWireless::PartnerAccount" ], "type": "string" }, @@ -153120,79 +158426,57 @@ } }, "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::MSK::ServerlessCluster.ClientAuthentication": { - "additionalProperties": false, - "properties": { - "Sasl": { - "$ref": "#/definitions/AWS::MSK::ServerlessCluster.Sasl", - "markdownDescription": "Details for client authentication using SASL. To turn on SASL, you must also turn on `EncryptionInTransit` by setting `inCluster` to true. You must set `clientBroker` to either `TLS` or `TLS_PLAINTEXT` . If you choose `TLS_PLAINTEXT` , then you must also set `unauthenticated` to true.", - "title": "Sasl" - } - }, - "required": [ - "Sasl" + "Type" ], "type": "object" }, - "AWS::MSK::ServerlessCluster.Iam": { + "AWS::IoTWireless::PartnerAccount.SidewalkAccountInfo": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "SASL/IAM authentication is enabled or not.", - "title": "Enabled", - "type": "boolean" + "AppServerPrivateKey": { + "markdownDescription": "The Sidewalk application server private key. The application server private key is a secret key, which you should handle in a similar way as you would an application password. You can protect the application server private key by storing the value in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", + "title": "AppServerPrivateKey", + "type": "string" } }, "required": [ - "Enabled" + "AppServerPrivateKey" ], "type": "object" }, - "AWS::MSK::ServerlessCluster.Sasl": { + "AWS::IoTWireless::PartnerAccount.SidewalkAccountInfoWithFingerprint": { "additionalProperties": false, "properties": { - "Iam": { - "$ref": "#/definitions/AWS::MSK::ServerlessCluster.Iam", - "markdownDescription": "Details for ClientAuthentication using IAM.", - "title": "Iam" + "AmazonId": { + "markdownDescription": "The Sidewalk Amazon ID.", + "title": "AmazonId", + "type": "string" + }, + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", + "title": "Arn", + "type": "string" + }, + "Fingerprint": { + "markdownDescription": "The fingerprint of the Sidewalk application server private key.", + "title": "Fingerprint", + "type": "string" } }, - "required": [ - "Iam" - ], "type": "object" }, - "AWS::MSK::ServerlessCluster.VpcConfig": { + "AWS::IoTWireless::PartnerAccount.SidewalkUpdateAccount": { "additionalProperties": false, "properties": { - "SecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "", - "title": "SecurityGroups", - "type": "array" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "", - "title": "SubnetIds", - "type": "array" + "AppServerPrivateKey": { + "markdownDescription": "The new Sidewalk application server private key.", + "title": "AppServerPrivateKey", + "type": "string" } }, - "required": [ - "SubnetIds" - ], "type": "object" }, - "AWS::MSK::VpcConnection": { + "AWS::IoTWireless::ServiceProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -153227,61 +158511,30 @@ "Properties": { "additionalProperties": false, "properties": { - "Authentication": { - "markdownDescription": "The type of private link authentication.", - "title": "Authentication", - "type": "string" - }, - "ClientSubnets": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of subnets in the client VPC to connect to.", - "title": "ClientSubnets", - "type": "array" + "LoRaWAN": { + "$ref": "#/definitions/AWS::IoTWireless::ServiceProfile.LoRaWANServiceProfile", + "markdownDescription": "LoRaWAN service profile object.", + "title": "LoRaWAN" }, - "SecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "The security groups to attach to the ENIs for the broker nodes.", - "title": "SecurityGroups", - "type": "array" + "Name": { + "markdownDescription": "The name of the new resource.", + "title": "Name", + "type": "string" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "An arbitrary set of tags (key-value pairs) you specify while creating the VPC connection.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", "title": "Tags", - "type": "object" - }, - "TargetClusterArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the cluster.", - "title": "TargetClusterArn", - "type": "string" - }, - "VpcId": { - "markdownDescription": "The VPC ID of the remote client.", - "title": "VpcId", - "type": "string" + "type": "array" } }, - "required": [ - "Authentication", - "ClientSubnets", - "SecurityGroups", - "TargetClusterArn", - "VpcId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::MSK::VpcConnection" + "AWS::IoTWireless::ServiceProfile" ], "type": "string" }, @@ -153295,12 +158548,112 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::MWAA::Environment": { + "AWS::IoTWireless::ServiceProfile.LoRaWANServiceProfile": { + "additionalProperties": false, + "properties": { + "AddGwMetadata": { + "markdownDescription": "The AddGWMetaData value.", + "title": "AddGwMetadata", + "type": "boolean" + }, + "ChannelMask": { + "markdownDescription": "The ChannelMask value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "ChannelMask", + "type": "string" + }, + "DevStatusReqFreq": { + "markdownDescription": "The DevStatusReqFreq value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "DevStatusReqFreq", + "type": "number" + }, + "DlBucketSize": { + "markdownDescription": "The DLBucketSize value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "DlBucketSize", + "type": "number" + }, + "DlRate": { + "markdownDescription": "The DLRate value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "DlRate", + "type": "number" + }, + "DlRatePolicy": { + "markdownDescription": "The DLRatePolicy value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "DlRatePolicy", + "type": "string" + }, + "DrMax": { + "markdownDescription": "The DRMax value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "DrMax", + "type": "number" + }, + "DrMin": { + "markdownDescription": "The DRMin value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "DrMin", + "type": "number" + }, + "HrAllowed": { + "markdownDescription": "The HRAllowed value that describes whether handover roaming is allowed.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "HrAllowed", + "type": "boolean" + }, + "MinGwDiversity": { + "markdownDescription": "The MinGwDiversity value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "MinGwDiversity", + "type": "number" + }, + "NwkGeoLoc": { + "markdownDescription": "The NwkGeoLoc value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "NwkGeoLoc", + "type": "boolean" + }, + "PrAllowed": { + "markdownDescription": "The PRAllowed value that describes whether passive roaming is allowed.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "PrAllowed", + "type": "boolean" + }, + "RaAllowed": { + "markdownDescription": "The RAAllowed value that describes whether roaming activation is allowed.", + "title": "RaAllowed", + "type": "boolean" + }, + "ReportDevStatusBattery": { + "markdownDescription": "The ReportDevStatusBattery value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "ReportDevStatusBattery", + "type": "boolean" + }, + "ReportDevStatusMargin": { + "markdownDescription": "The ReportDevStatusMargin value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "ReportDevStatusMargin", + "type": "boolean" + }, + "TargetPer": { + "markdownDescription": "The TargetPer value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "TargetPer", + "type": "number" + }, + "UlBucketSize": { + "markdownDescription": "The UlBucketSize value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "UlBucketSize", + "type": "number" + }, + "UlRate": { + "markdownDescription": "The ULRate value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "UlRate", + "type": "number" + }, + "UlRatePolicy": { + "markdownDescription": "The ULRatePolicy value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "UlRatePolicy", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoTWireless::TaskDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -153335,130 +158688,48 @@ "Properties": { "additionalProperties": false, "properties": { - "AirflowConfigurationOptions": { - "markdownDescription": "A list of key-value pairs containing the Airflow configuration options for your environment. For example, `core.default_timezone: utc` . To learn more, see [Apache Airflow configuration options](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-env-variables.html) .", - "title": "AirflowConfigurationOptions", - "type": "object" - }, - "AirflowVersion": { - "markdownDescription": "The version of Apache Airflow to use for the environment. If no value is specified, defaults to the latest version.\n\nIf you specify a newer version number for an existing environment, the version update requires some service interruption before taking effect.\n\n*Allowed Values* : `1.10.12` | `2.0.2` | `2.2.2` | `2.4.3` | `2.5.1` | `2.6.3` | `2.7.2` | `2.8.1` | `2.9.2` | `2.10.1` (latest)", - "title": "AirflowVersion", - "type": "string" - }, - "DagS3Path": { - "markdownDescription": "The relative path to the DAGs folder on your Amazon S3 bucket. For example, `dags` . To learn more, see [Adding or updating DAGs](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-dag-folder.html) .", - "title": "DagS3Path", - "type": "string" - }, - "EndpointManagement": { - "markdownDescription": "Defines whether the VPC endpoints configured for the environment are created, and managed, by the customer or by Amazon MWAA. If set to `SERVICE` , Amazon MWAA will create and manage the required VPC endpoints in your VPC. If set to `CUSTOMER` , you must create, and manage, the VPC endpoints in your VPC.", - "title": "EndpointManagement", - "type": "string" - }, - "EnvironmentClass": { - "markdownDescription": "The environment class type. Valid values: `mw1.micro` , `mw1.small` , `mw1.medium` , `mw1.large` , `mw1.1large` , and `mw1.2large` . To learn more, see [Amazon MWAA environment class](https://docs.aws.amazon.com/mwaa/latest/userguide/environment-class.html) .", - "title": "EnvironmentClass", - "type": "string" - }, - "ExecutionRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the execution role in IAM that allows MWAA to access AWS resources in your environment. For example, `arn:aws:iam::123456789:role/my-execution-role` . To learn more, see [Amazon MWAA Execution role](https://docs.aws.amazon.com/mwaa/latest/userguide/mwaa-create-role.html) .", - "title": "ExecutionRoleArn", - "type": "string" - }, - "KmsKey": { - "markdownDescription": "The AWS Key Management Service (KMS) key to encrypt and decrypt the data in your environment. You can use an AWS KMS key managed by MWAA, or a customer-managed KMS key (advanced).", - "title": "KmsKey", - "type": "string" - }, - "LoggingConfiguration": { - "$ref": "#/definitions/AWS::MWAA::Environment.LoggingConfiguration", - "markdownDescription": "The Apache Airflow logs being sent to CloudWatch Logs: `DagProcessingLogs` , `SchedulerLogs` , `TaskLogs` , `WebserverLogs` , `WorkerLogs` .", - "title": "LoggingConfiguration" - }, - "MaxWorkers": { - "markdownDescription": "The maximum number of workers that you want to run in your environment. MWAA scales the number of Apache Airflow workers up to the number you specify in the `MaxWorkers` field. For example, `20` . When there are no more tasks running, and no more in the queue, MWAA disposes of the extra workers leaving the one worker that is included with your environment, or the number you specify in `MinWorkers` .", - "title": "MaxWorkers", - "type": "number" + "AutoCreateTasks": { + "markdownDescription": "Whether to automatically create tasks using this task definition for all gateways with the specified current version. If `false` , the task must be created by calling `CreateWirelessGatewayTask` .", + "title": "AutoCreateTasks", + "type": "boolean" }, - "MinWorkers": { - "markdownDescription": "The minimum number of workers that you want to run in your environment. MWAA scales the number of Apache Airflow workers up to the number you specify in the `MaxWorkers` field. When there are no more tasks running, and no more in the queue, MWAA disposes of the extra workers leaving the worker count you specify in the `MinWorkers` field. For example, `2` .", - "title": "MinWorkers", - "type": "number" + "LoRaWANUpdateGatewayTaskEntry": { + "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.LoRaWANUpdateGatewayTaskEntry", + "markdownDescription": "LoRaWANUpdateGatewayTaskEntry object.", + "title": "LoRaWANUpdateGatewayTaskEntry" }, "Name": { - "markdownDescription": "The name of your Amazon MWAA environment.", + "markdownDescription": "The name of the new resource.", "title": "Name", "type": "string" }, - "NetworkConfiguration": { - "$ref": "#/definitions/AWS::MWAA::Environment.NetworkConfiguration", - "markdownDescription": "The VPC networking components used to secure and enable network traffic between the AWS resources for your environment. To learn more, see [About networking on Amazon MWAA](https://docs.aws.amazon.com/mwaa/latest/userguide/networking-about.html) .", - "title": "NetworkConfiguration" - }, - "PluginsS3ObjectVersion": { - "markdownDescription": "The version of the plugins.zip file on your Amazon S3 bucket. To learn more, see [Installing custom plugins](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-dag-import-plugins.html) .", - "title": "PluginsS3ObjectVersion", - "type": "string" - }, - "PluginsS3Path": { - "markdownDescription": "The relative path to the `plugins.zip` file on your Amazon S3 bucket. For example, `plugins.zip` . To learn more, see [Installing custom plugins](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-dag-import-plugins.html) .", - "title": "PluginsS3Path", - "type": "string" - }, - "RequirementsS3ObjectVersion": { - "markdownDescription": "The version of the requirements.txt file on your Amazon S3 bucket. To learn more, see [Installing Python dependencies](https://docs.aws.amazon.com/mwaa/latest/userguide/working-dags-dependencies.html) .", - "title": "RequirementsS3ObjectVersion", - "type": "string" - }, - "RequirementsS3Path": { - "markdownDescription": "The relative path to the `requirements.txt` file on your Amazon S3 bucket. For example, `requirements.txt` . To learn more, see [Installing Python dependencies](https://docs.aws.amazon.com/mwaa/latest/userguide/working-dags-dependencies.html) .", - "title": "RequirementsS3Path", - "type": "string" - }, - "Schedulers": { - "markdownDescription": "The number of schedulers that you want to run in your environment. Valid values:\n\n- *v2* - For environments larger than mw1.micro, accepts values from 2 to 5. Defaults to 2 for all environment sizes except mw1.micro, which defaults to 1.\n- *v1* - Accepts 1.", - "title": "Schedulers", - "type": "number" - }, - "SourceBucketArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon S3 bucket where your DAG code and supporting files are stored. For example, `arn:aws:s3:::my-airflow-bucket-unique-name` . To learn more, see [Create an Amazon S3 bucket for Amazon MWAA](https://docs.aws.amazon.com/mwaa/latest/userguide/mwaa-s3-bucket.html) .", - "title": "SourceBucketArn", - "type": "string" - }, - "StartupScriptS3ObjectVersion": { - "markdownDescription": "The version of the startup shell script in your Amazon S3 bucket. You must specify the [version ID](https://docs.aws.amazon.com/AmazonS3/latest/userguide/versioning-workflows.html) that Amazon S3 assigns to the file every time you update the script.\n\nVersion IDs are Unicode, UTF-8 encoded, URL-ready, opaque strings that are no more than 1,024 bytes long. The following is an example:\n\n`3sL4kqtJlcpXroDTDmJ+rmSpXd3dIbrHY+MTRCxf3vjVBH40Nr8X8gdRQBpUMLUo`\n\nFor more information, see [Using a startup script](https://docs.aws.amazon.com/mwaa/latest/userguide/using-startup-script.html) .", - "title": "StartupScriptS3ObjectVersion", - "type": "string" - }, - "StartupScriptS3Path": { - "markdownDescription": "The relative path to the startup shell script in your Amazon S3 bucket. For example, `s3://mwaa-environment/startup.sh` .\n\nAmazon MWAA runs the script as your environment starts, and before running the Apache Airflow process. You can use this script to install dependencies, modify Apache Airflow configuration options, and set environment variables. For more information, see [Using a startup script](https://docs.aws.amazon.com/mwaa/latest/userguide/using-startup-script.html) .", - "title": "StartupScriptS3Path", - "type": "string" - }, "Tags": { - "markdownDescription": "The key-value tag pairs associated to your environment. For example, `\"Environment\": \"Staging\"` . To learn more, see [Tagging](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .\n\nIf you specify new tags for an existing environment, the update requires service interruption before taking effect.", + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", "title": "Tags", - "type": "object" + "type": "array" }, - "WebserverAccessMode": { - "markdownDescription": "The Apache Airflow *Web server* access mode. To learn more, see [Apache Airflow access modes](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-networking.html) . Valid values: `PRIVATE_ONLY` or `PUBLIC_ONLY` .", - "title": "WebserverAccessMode", + "TaskDefinitionType": { + "markdownDescription": "A filter to list only the wireless gateway task definitions that use this task definition type.", + "title": "TaskDefinitionType", "type": "string" }, - "WeeklyMaintenanceWindowStart": { - "markdownDescription": "The day and time of the week to start weekly maintenance updates of your environment in the following format: `DAY:HH:MM` . For example: `TUE:03:30` . You can specify a start time in 30 minute increments only. Supported input includes the following:\n\n- MON|TUE|WED|THU|FRI|SAT|SUN:([01]\\\\d|2[0-3]):(00|30)", - "title": "WeeklyMaintenanceWindowStart", - "type": "string" + "Update": { + "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.UpdateWirelessGatewayTaskCreate", + "markdownDescription": "Information about the gateways to update.", + "title": "Update" } }, "required": [ - "Name" + "AutoCreateTasks" ], "type": "object" }, "Type": { "enum": [ - "AWS::MWAA::Environment" + "AWS::IoTWireless::TaskDefinition" ], "type": "string" }, @@ -153477,81 +158748,91 @@ ], "type": "object" }, - "AWS::MWAA::Environment.LoggingConfiguration": { + "AWS::IoTWireless::TaskDefinition.LoRaWANGatewayVersion": { "additionalProperties": false, "properties": { - "DagProcessingLogs": { - "$ref": "#/definitions/AWS::MWAA::Environment.ModuleLoggingConfiguration", - "markdownDescription": "Defines the processing logs sent to CloudWatch Logs and the logging level to send.", - "title": "DagProcessingLogs" - }, - "SchedulerLogs": { - "$ref": "#/definitions/AWS::MWAA::Environment.ModuleLoggingConfiguration", - "markdownDescription": "Defines the scheduler logs sent to CloudWatch Logs and the logging level to send.", - "title": "SchedulerLogs" - }, - "TaskLogs": { - "$ref": "#/definitions/AWS::MWAA::Environment.ModuleLoggingConfiguration", - "markdownDescription": "Defines the task logs sent to CloudWatch Logs and the logging level to send.", - "title": "TaskLogs" + "Model": { + "markdownDescription": "The model number of the wireless gateway.", + "title": "Model", + "type": "string" }, - "WebserverLogs": { - "$ref": "#/definitions/AWS::MWAA::Environment.ModuleLoggingConfiguration", - "markdownDescription": "Defines the web server logs sent to CloudWatch Logs and the logging level to send.", - "title": "WebserverLogs" + "PackageVersion": { + "markdownDescription": "The version of the wireless gateway firmware.", + "title": "PackageVersion", + "type": "string" }, - "WorkerLogs": { - "$ref": "#/definitions/AWS::MWAA::Environment.ModuleLoggingConfiguration", - "markdownDescription": "Defines the worker logs sent to CloudWatch Logs and the logging level to send.", - "title": "WorkerLogs" + "Station": { + "markdownDescription": "The basic station version of the wireless gateway.", + "title": "Station", + "type": "string" } }, "type": "object" }, - "AWS::MWAA::Environment.ModuleLoggingConfiguration": { + "AWS::IoTWireless::TaskDefinition.LoRaWANUpdateGatewayTaskCreate": { "additionalProperties": false, "properties": { - "CloudWatchLogGroupArn": { - "markdownDescription": "The ARN of the CloudWatch Logs log group for each type of Apache Airflow log type that you have enabled.\n\n> `CloudWatchLogGroupArn` is available only as a return value, accessible when specified as an attribute in the [`Fn:GetAtt`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mwaa-environment.html#aws-resource-mwaa-environment-return-values) intrinsic function. Any value you provide for `CloudWatchLogGroupArn` is discarded by Amazon MWAA.", - "title": "CloudWatchLogGroupArn", - "type": "string" + "CurrentVersion": { + "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.LoRaWANGatewayVersion", + "markdownDescription": "The version of the gateways that should receive the update.", + "title": "CurrentVersion" }, - "Enabled": { - "markdownDescription": "Indicates whether to enable the Apache Airflow log type (e.g. `DagProcessingLogs` ) in CloudWatch Logs.", - "title": "Enabled", - "type": "boolean" + "SigKeyCrc": { + "markdownDescription": "The CRC of the signature private key to check.", + "title": "SigKeyCrc", + "type": "number" }, - "LogLevel": { - "markdownDescription": "Defines the Apache Airflow logs to send for the log type (e.g. `DagProcessingLogs` ) to CloudWatch Logs. Valid values: `CRITICAL` , `ERROR` , `WARNING` , `INFO` .", - "title": "LogLevel", + "UpdateSignature": { + "markdownDescription": "The signature used to verify the update firmware.", + "title": "UpdateSignature", "type": "string" + }, + "UpdateVersion": { + "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.LoRaWANGatewayVersion", + "markdownDescription": "The firmware version to update the gateway to.", + "title": "UpdateVersion" } }, "type": "object" }, - "AWS::MWAA::Environment.NetworkConfiguration": { + "AWS::IoTWireless::TaskDefinition.LoRaWANUpdateGatewayTaskEntry": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of one or more security group IDs. Accepts up to 5 security group IDs. A security group must be attached to the same VPC as the subnets. To learn more, see [Security in your VPC on Amazon MWAA](https://docs.aws.amazon.com/mwaa/latest/userguide/vpc-security.html) .", - "title": "SecurityGroupIds", - "type": "array" + "CurrentVersion": { + "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.LoRaWANGatewayVersion", + "markdownDescription": "The version of the gateways that should receive the update.", + "title": "CurrentVersion" }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of subnet IDs. *Required* to create an environment. Must be private subnets in two different availability zones. A subnet must be attached to the same VPC as the security group. To learn more, see [About networking on Amazon MWAA](https://docs.aws.amazon.com/mwaa/latest/userguide/networking-about.html) .", - "title": "SubnetIds", - "type": "array" + "UpdateVersion": { + "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.LoRaWANGatewayVersion", + "markdownDescription": "The firmware version to update the gateway to.", + "title": "UpdateVersion" } }, "type": "object" }, - "AWS::Macie::AllowList": { + "AWS::IoTWireless::TaskDefinition.UpdateWirelessGatewayTaskCreate": { + "additionalProperties": false, + "properties": { + "LoRaWAN": { + "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.LoRaWANUpdateGatewayTaskCreate", + "markdownDescription": "The properties that relate to the LoRaWAN wireless gateway.", + "title": "LoRaWAN" + }, + "UpdateDataRole": { + "markdownDescription": "The IAM role used to read data from the S3 bucket.", + "title": "UpdateDataRole", + "type": "string" + }, + "UpdateDataSource": { + "markdownDescription": "The link to the S3 bucket.", + "title": "UpdateDataSource", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoTWireless::WirelessDevice": { "additionalProperties": false, "properties": { "Condition": { @@ -153586,39 +158867,64 @@ "Properties": { "additionalProperties": false, "properties": { - "Criteria": { - "$ref": "#/definitions/AWS::Macie::AllowList.Criteria", - "markdownDescription": "The criteria that specify the text or text pattern to ignore. The criteria can be the location and name of an Amazon S3 object that lists specific text to ignore ( `S3WordsList` ), or a regular expression ( `Regex` ) that defines a text pattern to ignore.", - "title": "Criteria" - }, "Description": { - "markdownDescription": "A custom description of the allow list. The description can contain 1-512 characters.", + "markdownDescription": "The description of the new resource. Maximum length is 2048.", "title": "Description", "type": "string" }, + "DestinationName": { + "markdownDescription": "The name of the destination to assign to the new wireless device. Can have only have alphanumeric, - (hyphen) and _ (underscore) characters and it can't have any spaces.", + "title": "DestinationName", + "type": "string" + }, + "LastUplinkReceivedAt": { + "markdownDescription": "The date and time when the most recent uplink was received.", + "title": "LastUplinkReceivedAt", + "type": "string" + }, + "LoRaWAN": { + "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.LoRaWANDevice", + "markdownDescription": "The device configuration information to use to create the wireless device. Must be at least one of OtaaV10x, OtaaV11, AbpV11, or AbpV10x.", + "title": "LoRaWAN" + }, "Name": { - "markdownDescription": "A custom name for the allow list. The name can contain 1-128 characters.", + "markdownDescription": "The name of the new resource.", "title": "Name", "type": "string" }, + "Positioning": { + "markdownDescription": "FPort values for the GNSS, Stream, and ClockSync functions of the positioning information.", + "title": "Positioning", + "type": "string" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to the allow list.\n\nFor more information, see [Resource tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", "title": "Tags", "type": "array" + }, + "ThingArn": { + "markdownDescription": "The ARN of the thing to associate with the wireless device.", + "title": "ThingArn", + "type": "string" + }, + "Type": { + "markdownDescription": "The wireless device type.", + "title": "Type", + "type": "string" } }, "required": [ - "Criteria", - "Name" + "DestinationName", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::Macie::AllowList" + "AWS::IoTWireless::WirelessDevice" ], "type": "string" }, @@ -153637,43 +158943,226 @@ ], "type": "object" }, - "AWS::Macie::AllowList.Criteria": { + "AWS::IoTWireless::WirelessDevice.AbpV10x": { "additionalProperties": false, "properties": { - "Regex": { - "markdownDescription": "The regular expression ( *regex* ) that defines the text pattern to ignore. The expression can contain 1-512 characters.", - "title": "Regex", + "DevAddr": { + "markdownDescription": "The DevAddr value.", + "title": "DevAddr", "type": "string" }, - "S3WordsList": { - "$ref": "#/definitions/AWS::Macie::AllowList.S3WordsList", - "markdownDescription": "The location and name of an Amazon S3 object that lists specific text to ignore.", - "title": "S3WordsList" + "SessionKeys": { + "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.SessionKeysAbpV10x", + "markdownDescription": "Session keys for ABP v1.0.x.", + "title": "SessionKeys" } }, + "required": [ + "DevAddr", + "SessionKeys" + ], "type": "object" }, - "AWS::Macie::AllowList.S3WordsList": { + "AWS::IoTWireless::WirelessDevice.AbpV11": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "The full name of the S3 bucket that contains the object. This value correlates to the `Name` field of a bucket's properties in Amazon S3 .\n\nThis value is case sensitive. In addition, don't use wildcard characters or specify partial values for the name.", - "title": "BucketName", + "DevAddr": { + "markdownDescription": "The DevAddr value.", + "title": "DevAddr", "type": "string" }, - "ObjectKey": { - "markdownDescription": "The full name of the S3 object. This value correlates to the `Key` field of an object's properties in Amazon S3 . If the name includes a path, include the complete path. For example, `AllowLists/Macie/MyList.txt` .\n\nThis value is case sensitive. In addition, don't use wildcard characters or specify partial values for the name.", - "title": "ObjectKey", + "SessionKeys": { + "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.SessionKeysAbpV11", + "markdownDescription": "Session keys for ABP v1.1.", + "title": "SessionKeys" + } + }, + "required": [ + "DevAddr", + "SessionKeys" + ], + "type": "object" + }, + "AWS::IoTWireless::WirelessDevice.Application": { + "additionalProperties": false, + "properties": { + "DestinationName": { + "markdownDescription": "The name of the position data destination that describes the IoT rule that processes the device's position data.", + "title": "DestinationName", + "type": "string" + }, + "FPort": { + "markdownDescription": "The name of the new destination for the device.", + "title": "FPort", + "type": "number" + }, + "Type": { + "markdownDescription": "Application type, which can be specified to obtain real-time position information of your LoRaWAN device.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoTWireless::WirelessDevice.FPorts": { + "additionalProperties": false, + "properties": { + "Applications": { + "items": { + "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.Application" + }, + "markdownDescription": "LoRaWAN application configuration, which can be used to perform geolocation.", + "title": "Applications", + "type": "array" + } + }, + "type": "object" + }, + "AWS::IoTWireless::WirelessDevice.LoRaWANDevice": { + "additionalProperties": false, + "properties": { + "AbpV10x": { + "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.AbpV10x", + "markdownDescription": "ABP device object for LoRaWAN specification v1.0.x.", + "title": "AbpV10x" + }, + "AbpV11": { + "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.AbpV11", + "markdownDescription": "ABP device object for create APIs for v1.1.", + "title": "AbpV11" + }, + "DevEui": { + "markdownDescription": "The DevEUI value.", + "title": "DevEui", + "type": "string" + }, + "DeviceProfileId": { + "markdownDescription": "The ID of the device profile for the new wireless device.", + "title": "DeviceProfileId", + "type": "string" + }, + "FPorts": { + "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.FPorts", + "markdownDescription": "List of FPort assigned for different LoRaWAN application packages to use.", + "title": "FPorts" + }, + "OtaaV10x": { + "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.OtaaV10x", + "markdownDescription": "OTAA device object for create APIs for v1.0.x", + "title": "OtaaV10x" + }, + "OtaaV11": { + "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.OtaaV11", + "markdownDescription": "OTAA device object for v1.1 for create APIs.", + "title": "OtaaV11" + }, + "ServiceProfileId": { + "markdownDescription": "The ID of the service profile.", + "title": "ServiceProfileId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoTWireless::WirelessDevice.OtaaV10x": { + "additionalProperties": false, + "properties": { + "AppEui": { + "markdownDescription": "The AppEUI value. You specify this value when using LoRaWAN versions v1.0.2 or v1.0.3.", + "title": "AppEui", + "type": "string" + }, + "AppKey": { + "markdownDescription": "The AppKey value.", + "title": "AppKey", "type": "string" } }, "required": [ - "BucketName", - "ObjectKey" + "AppEui", + "AppKey" ], "type": "object" }, - "AWS::Macie::CustomDataIdentifier": { + "AWS::IoTWireless::WirelessDevice.OtaaV11": { + "additionalProperties": false, + "properties": { + "AppKey": { + "markdownDescription": "The AppKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the AppKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", + "title": "AppKey", + "type": "string" + }, + "JoinEui": { + "markdownDescription": "The JoinEUI value.", + "title": "JoinEui", + "type": "string" + }, + "NwkKey": { + "markdownDescription": "The NwkKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the NwkKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", + "title": "NwkKey", + "type": "string" + } + }, + "required": [ + "AppKey", + "JoinEui", + "NwkKey" + ], + "type": "object" + }, + "AWS::IoTWireless::WirelessDevice.SessionKeysAbpV10x": { + "additionalProperties": false, + "properties": { + "AppSKey": { + "markdownDescription": "The AppSKey value.", + "title": "AppSKey", + "type": "string" + }, + "NwkSKey": { + "markdownDescription": "The NwkKey value.", + "title": "NwkSKey", + "type": "string" + } + }, + "required": [ + "AppSKey", + "NwkSKey" + ], + "type": "object" + }, + "AWS::IoTWireless::WirelessDevice.SessionKeysAbpV11": { + "additionalProperties": false, + "properties": { + "AppSKey": { + "markdownDescription": "The AppSKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the AppSKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", + "title": "AppSKey", + "type": "string" + }, + "FNwkSIntKey": { + "markdownDescription": "The FNwkSIntKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the FNwkSIntKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", + "title": "FNwkSIntKey", + "type": "string" + }, + "NwkSEncKey": { + "markdownDescription": "The NwkSEncKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the NwkSEncKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", + "title": "NwkSEncKey", + "type": "string" + }, + "SNwkSIntKey": { + "markdownDescription": "The SNwkSIntKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the SNwkSIntKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", + "title": "SNwkSIntKey", + "type": "string" + } + }, + "required": [ + "AppSKey", + "FNwkSIntKey", + "NwkSEncKey", + "SNwkSIntKey" + ], + "type": "object" + }, + "AWS::IoTWireless::WirelessDeviceImportTask": { "additionalProperties": false, "properties": { "Condition": { @@ -153708,60 +159197,34 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A custom description of the custom data identifier. The description can contain 1-512 characters.\n\nAvoid including sensitive data in the description. Users of the account might be able to see the description, depending on the actions that they're allowed to perform in Amazon Macie .", - "title": "Description", + "DestinationName": { + "markdownDescription": "The name of the destination that describes the IoT rule to route messages from the Sidewalk devices in the import task to other applications.", + "title": "DestinationName", "type": "string" }, - "IgnoreWords": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of character sequences ( *ignore words* ) to exclude from the results. If text matches the regular expression ( `Regex` ) but it contains a string in this array, Amazon Macie ignores the text and doesn't include it in the results.\n\nThe array can contain 1-10 ignore words. Each ignore word can contain 4-90 UTF-8 characters. Ignore words are case sensitive.", - "title": "IgnoreWords", - "type": "array" + "Sidewalk": { + "$ref": "#/definitions/AWS::IoTWireless::WirelessDeviceImportTask.Sidewalk", + "markdownDescription": "The Sidewalk-related information of the wireless device import task.", + "title": "Sidewalk" }, - "Keywords": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of character sequences ( *keywords* ), one of which must precede and be in proximity ( `MaximumMatchDistance` ) of the regular expression ( `Regex` ) to match.\n\nThe array can contain 1-50 keywords. Each keyword can contain 3-90 UTF-8 characters. Keywords aren't case sensitive.", - "title": "Keywords", - "type": "array" - }, - "MaximumMatchDistance": { - "markdownDescription": "The maximum number of characters that can exist between the end of at least one complete character sequence specified by the `Keywords` array and the end of text that matches the regular expression ( `Regex` ). If a complete keyword precedes all the text that matches the regular expression and the keyword is within the specified distance, Amazon Macie includes the result.\n\nThe distance can be 1-300 characters. The default value is 50.", - "title": "MaximumMatchDistance", - "type": "number" - }, - "Name": { - "markdownDescription": "A custom name for the custom data identifier. The name can contain 1-128 characters.\n\nAvoid including sensitive data in the name of a custom data identifier. Users of the account might be able to see the name, depending on the actions that they're allowed to perform in Amazon Macie .", - "title": "Name", - "type": "string" - }, - "Regex": { - "markdownDescription": "The regular expression ( *regex* ) that defines the text pattern to match. The expression can contain 1-512 characters.", - "title": "Regex", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to the custom data identifier.\n\nFor more information, see [Resource tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", + "markdownDescription": "Adds to or modifies the tags of the given resource. Tags are metadata that you can use to manage a resource.", + "title": "Tags", "type": "array" } }, "required": [ - "Name", - "Regex" + "DestinationName", + "Sidewalk" ], "type": "object" }, "Type": { "enum": [ - "AWS::Macie::CustomDataIdentifier" + "AWS::IoTWireless::WirelessDeviceImportTask" ], "type": "string" }, @@ -153780,7 +159243,36 @@ ], "type": "object" }, - "AWS::Macie::FindingsFilter": { + "AWS::IoTWireless::WirelessDeviceImportTask.Sidewalk": { + "additionalProperties": false, + "properties": { + "DeviceCreationFile": { + "markdownDescription": "The CSV file contained in an S3 bucket that's used for adding devices to an import task.", + "title": "DeviceCreationFile", + "type": "string" + }, + "DeviceCreationFileList": { + "items": { + "type": "string" + }, + "markdownDescription": "List of Sidewalk devices that are added to the import task.", + "title": "DeviceCreationFileList", + "type": "array" + }, + "Role": { + "markdownDescription": "The IAM role that allows to access the CSV file in the S3 bucket.", + "title": "Role", + "type": "string" + }, + "SidewalkManufacturingSn": { + "markdownDescription": "The Sidewalk manufacturing serial number (SMSN) of the Sidewalk device.", + "title": "SidewalkManufacturingSn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoTWireless::WirelessGateway": { "additionalProperties": false, "properties": { "Condition": { @@ -153815,49 +159307,53 @@ "Properties": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The action to perform on findings that match the filter criteria ( `FindingCriteria` ). Valid values are:\n\n- `ARCHIVE` - Suppress (automatically archive) the findings.\n- `NOOP` - Don't perform any action on the findings.", - "title": "Action", - "type": "string" - }, "Description": { - "markdownDescription": "A custom description of the findings filter. The description can contain 1-512 characters.\n\nAvoid including sensitive data in the description. Users of the account might be able to see the description, depending on the actions that they're allowed to perform in Amazon Macie .", + "markdownDescription": "The description of the new resource. The maximum length is 2048 characters.", "title": "Description", "type": "string" }, - "FindingCriteria": { - "$ref": "#/definitions/AWS::Macie::FindingsFilter.FindingCriteria", - "markdownDescription": "The criteria to use to filter findings.", - "title": "FindingCriteria" + "LastUplinkReceivedAt": { + "markdownDescription": "The date and time when the most recent uplink was received.", + "title": "LastUplinkReceivedAt", + "type": "string" + }, + "LoRaWAN": { + "$ref": "#/definitions/AWS::IoTWireless::WirelessGateway.LoRaWANGateway", + "markdownDescription": "The gateway configuration information to use to create the wireless gateway.", + "title": "LoRaWAN" }, "Name": { - "markdownDescription": "A custom name for the findings filter. The name can contain 3-64 characters.\n\nAvoid including sensitive data in the name. Users of the account might be able to see the name, depending on the actions that they're allowed to perform in Amazon Macie .", + "markdownDescription": "The name of the new resource.", "title": "Name", "type": "string" }, - "Position": { - "markdownDescription": "The position of the findings filter in the list of saved filter rules on the Amazon Macie console. This value also determines the order in which the filter is applied to findings, relative to other filters that are also applied to findings.", - "title": "Position", - "type": "number" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to the findings filter.\n\nFor more information, see [Resource tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", "title": "Tags", "type": "array" + }, + "ThingArn": { + "markdownDescription": "The ARN of the thing to associate with the wireless gateway.", + "title": "ThingArn", + "type": "string" + }, + "ThingName": { + "markdownDescription": "The name of the thing associated with the wireless gateway. The value is empty if a thing isn't associated with the gateway.", + "title": "ThingName", + "type": "string" } }, "required": [ - "FindingCriteria", - "Name" + "LoRaWAN" ], "type": "object" }, "Type": { "enum": [ - "AWS::Macie::FindingsFilter" + "AWS::IoTWireless::WirelessGateway" ], "type": "string" }, @@ -153876,66 +159372,100 @@ ], "type": "object" }, - "AWS::Macie::FindingsFilter.CriterionAdditionalProperties": { + "AWS::IoTWireless::WirelessGateway.LoRaWANGateway": { "additionalProperties": false, "properties": { - "eq": { - "items": { - "type": "string" - }, - "markdownDescription": "The value for the specified property matches (equals) the specified value. If you specify multiple values, Amazon Macie uses OR logic to join the values.", - "title": "eq", - "type": "array" - }, - "gt": { - "markdownDescription": "The value for the specified property is greater than the specified value.", - "title": "gt", - "type": "number" - }, - "gte": { - "markdownDescription": "The value for the specified property is greater than or equal to the specified value.", - "title": "gte", - "type": "number" - }, - "lt": { - "markdownDescription": "The value for the specified property is less than the specified value.", - "title": "lt", - "type": "number" - }, - "lte": { - "markdownDescription": "The value for the specified property is less than or equal to the specified value.", - "title": "lte", - "type": "number" + "GatewayEui": { + "markdownDescription": "The gateway's EUI value.", + "title": "GatewayEui", + "type": "string" }, - "neq": { - "items": { - "type": "string" - }, - "markdownDescription": "The value for the specified property doesn't match (doesn't equal) the specified value. If you specify multiple values, Amazon Macie uses OR logic to join the values.", - "title": "neq", - "type": "array" + "RfRegion": { + "markdownDescription": "The frequency band (RFRegion) value.", + "title": "RfRegion", + "type": "string" } }, + "required": [ + "GatewayEui", + "RfRegion" + ], "type": "object" }, - "AWS::Macie::FindingsFilter.FindingCriteria": { + "AWS::KMS::Alias": { "additionalProperties": false, "properties": { - "Criterion": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { "additionalProperties": false, - "markdownDescription": "Specifies a condition that defines the property, operator, and one or more values to use to filter the results.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::Macie::FindingsFilter.CriterionAdditionalProperties" + "properties": { + "AliasName": { + "markdownDescription": "Specifies the alias name. This value must begin with `alias/` followed by a name, such as `alias/ExampleAlias` .\n\n> If you change the value of the `AliasName` property, the existing alias is deleted and a new alias is created for the specified KMS key. This change can disrupt applications that use the alias. It can also allow or deny access to a KMS key affected by attribute-based access control (ABAC). \n\nThe alias must be string of 1-256 characters. It can contain only alphanumeric characters, forward slashes (/), underscores (_), and dashes (-). The alias name cannot begin with `alias/aws/` . The `alias/aws/` prefix is reserved for [AWS managed keys](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk) .", + "title": "AliasName", + "type": "string" + }, + "TargetKeyId": { + "markdownDescription": "Associates the alias with the specified [customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk) . The KMS key must be in the same AWS account and Region.\n\nA valid key ID is required. If you supply a null or empty string value, this operation returns an error.\n\nFor help finding the key ID and ARN, see [Finding the key ID and ARN](https://docs.aws.amazon.com/kms/latest/developerguide/viewing-keys.html#find-cmk-id-arn) in the *AWS Key Management Service Developer Guide* .\n\nSpecify the key ID or the key ARN of the KMS key.\n\nFor example:\n\n- Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key ARN: `arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n\nTo get the key ID and key ARN for a KMS key, use [ListKeys](https://docs.aws.amazon.com/kms/latest/APIReference/API_ListKeys.html) or [DescribeKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_DescribeKey.html) .", + "title": "TargetKeyId", + "type": "string" } }, - "title": "Criterion", + "required": [ + "AliasName", + "TargetKeyId" + ], "type": "object" + }, + "Type": { + "enum": [ + "AWS::KMS::Alias" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::Macie::Session": { + "AWS::KMS::Key": { "additionalProperties": false, "properties": { "Condition": { @@ -153970,22 +159500,75 @@ "Properties": { "additionalProperties": false, "properties": { - "FindingPublishingFrequency": { - "markdownDescription": "Specifies how often Amazon Macie publishes updates to policy findings for the account. This includes publishing updates to AWS Security Hub and Amazon EventBridge (formerly Amazon CloudWatch Events ). Valid values are:\n\n- FIFTEEN_MINUTES\n- ONE_HOUR\n- SIX_HOURS", - "title": "FindingPublishingFrequency", + "BypassPolicyLockoutSafetyCheck": { + "markdownDescription": "Skips (\"bypasses\") the key policy lockout safety check. The default value is false.\n\n> Setting this value to true increases the risk that the KMS key becomes unmanageable. Do not set this value to true indiscriminately.\n> \n> For more information, see [Default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policy-default.html#prevent-unmanageable-key) in the *AWS Key Management Service Developer Guide* . \n\nUse this parameter only when you intend to prevent the principal that is making the request from making a subsequent [PutKeyPolicy](https://docs.aws.amazon.com/kms/latest/APIReference/API_PutKeyPolicy.html) request on the KMS key.", + "title": "BypassPolicyLockoutSafetyCheck", + "type": "boolean" + }, + "Description": { + "markdownDescription": "A description of the KMS key. Use a description that helps you to distinguish this KMS key from others in the account, such as its intended use.", + "title": "Description", "type": "string" }, - "Status": { - "markdownDescription": "The status of Amazon Macie for the account. Valid values are: `ENABLED` , start or resume Macie activities for the account; and, `PAUSED` , suspend Macie activities for the account.", - "title": "Status", + "EnableKeyRotation": { + "markdownDescription": "Enables automatic rotation of the key material for the specified KMS key. By default, automatic key rotation is not enabled.\n\nAWS KMS supports automatic rotation only for symmetric encryption KMS keys ( `KeySpec` = `SYMMETRIC_DEFAULT` ). For asymmetric KMS keys, HMAC KMS keys, and KMS keys with Origin `EXTERNAL` , omit the `EnableKeyRotation` property or set it to `false` .\n\nTo enable automatic key rotation of the key material for a multi-Region KMS key, set `EnableKeyRotation` to `true` on the primary key (created by using `AWS::KMS::Key` ). AWS KMS copies the rotation status to all replica keys. For details, see [Rotating multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-manage.html#multi-region-rotate) in the *AWS Key Management Service Developer Guide* .\n\nWhen you enable automatic rotation, AWS KMS automatically creates new key material for the KMS key one year after the enable date and every year thereafter. AWS KMS retains all key material until you delete the KMS key. For detailed information about automatic key rotation, see [Rotating KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html) in the *AWS Key Management Service Developer Guide* .", + "title": "EnableKeyRotation", + "type": "boolean" + }, + "Enabled": { + "markdownDescription": "Specifies whether the KMS key is enabled. Disabled KMS keys cannot be used in cryptographic operations.\n\nWhen `Enabled` is `true` , the *key state* of the KMS key is `Enabled` . When `Enabled` is `false` , the key state of the KMS key is `Disabled` . The default value is `true` .\n\nThe actual key state of the KMS key might be affected by actions taken outside of CloudFormation, such as running the [EnableKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_EnableKey.html) , [DisableKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_DisableKey.html) , or [ScheduleKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_ScheduleKeyDeletion.html) operations.\n\nFor information about the key states of a KMS key, see [Key state: Effect on your KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) in the *AWS Key Management Service Developer Guide* .", + "title": "Enabled", + "type": "boolean" + }, + "KeyPolicy": { + "markdownDescription": "The key policy to attach to the KMS key.\n\nIf you provide a key policy, it must meet the following criteria:\n\n- The key policy must allow the caller to make a subsequent [PutKeyPolicy](https://docs.aws.amazon.com/kms/latest/APIReference/API_PutKeyPolicy.html) request on the KMS key. This reduces the risk that the KMS key becomes unmanageable. For more information, see [Default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) in the *AWS Key Management Service Developer Guide* . (To omit this condition, set `BypassPolicyLockoutSafetyCheck` to true.)\n- Each statement in the key policy must contain one or more principals. The principals in the key policy must exist and be visible to AWS KMS . When you create a new AWS principal (for example, an IAM user or role), you might need to enforce a delay before including the new principal in a key policy because the new principal might not be immediately visible to AWS KMS . For more information, see [Changes that I make are not always immediately visible](https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency) in the *AWS Identity and Access Management User Guide* .\n\nIf you do not provide a key policy, AWS KMS attaches a default key policy to the KMS key. For more information, see [Default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default) in the *AWS Key Management Service Developer Guide* .\n\nA key policy document can include only the following characters:\n\n- Printable ASCII characters\n- Printable characters in the Basic Latin and Latin-1 Supplement character set\n- The tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` ) special characters\n\n*Minimum* : `1`\n\n*Maximum* : `32768`", + "title": "KeyPolicy", + "type": "object" + }, + "KeySpec": { + "markdownDescription": "Specifies the type of KMS key to create. The default value, `SYMMETRIC_DEFAULT` , creates a KMS key with a 256-bit symmetric key for encryption and decryption. In China Regions, `SYMMETRIC_DEFAULT` creates a 128-bit symmetric key that uses SM4 encryption. You can't change the `KeySpec` value after the KMS key is created. For help choosing a key spec for your KMS key, see [Choosing a KMS key type](https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-choose.html) in the *AWS Key Management Service Developer Guide* .\n\nThe `KeySpec` property determines the type of key material in the KMS key and the algorithms that the KMS key supports. To further restrict the algorithms that can be used with the KMS key, use a condition key in its key policy or IAM policy. For more information, see [AWS KMS condition keys](https://docs.aws.amazon.com/kms/latest/developerguide/policy-conditions.html#conditions-kms) in the *AWS Key Management Service Developer Guide* .\n\n> If you change the value of the `KeySpec` property on an existing KMS key, the update request fails, regardless of the value of the [`UpdateReplacePolicy` attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html) . This prevents you from accidentally deleting a KMS key by changing an immutable property value. > [AWS services that are integrated with AWS KMS](https://docs.aws.amazon.com/kms/features/#AWS_Service_Integration) use symmetric encryption KMS keys to protect your data. These services do not support encryption with asymmetric KMS keys. For help determining whether a KMS key is asymmetric, see [Identifying asymmetric KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/find-symm-asymm.html) in the *AWS Key Management Service Developer Guide* . \n\nAWS KMS supports the following key specs for KMS keys:\n\n- Symmetric encryption key (default)\n\n- `SYMMETRIC_DEFAULT` (AES-256-GCM)\n- HMAC keys (symmetric)\n\n- `HMAC_224`\n- `HMAC_256`\n- `HMAC_384`\n- `HMAC_512`\n- Asymmetric RSA key pairs (encryption and decryption *or* signing and verification)\n\n- `RSA_2048`\n- `RSA_3072`\n- `RSA_4096`\n- Asymmetric NIST-recommended elliptic curve key pairs (signing and verification *or* deriving shared secrets)\n\n- `ECC_NIST_P256` (secp256r1)\n- `ECC_NIST_P384` (secp384r1)\n- `ECC_NIST_P521` (secp521r1)\n- Other asymmetric elliptic curve key pairs (signing and verification)\n\n- `ECC_SECG_P256K1` (secp256k1), commonly used for cryptocurrencies.\n- Asymmetric ML-DSA key pairs (signing and verification)\n\n- `ML_DSA_44`\n- `ML_DSA_65`\n- `ML_DSA_87`\n- SM2 key pairs (encryption and decryption *or* signing and verification *or* deriving shared secrets)\n\n- `SM2` (China Regions only)", + "title": "KeySpec", + "type": "string" + }, + "KeyUsage": { + "markdownDescription": "Determines the [cryptographic operations](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations) for which you can use the KMS key. The default value is `ENCRYPT_DECRYPT` . This property is required for asymmetric KMS keys and HMAC KMS keys. You can't change the `KeyUsage` value after the KMS key is created.\n\n> If you change the value of the `KeyUsage` property on an existing KMS key, the update request fails, regardless of the value of the [`UpdateReplacePolicy` attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html) . This prevents you from accidentally deleting a KMS key by changing an immutable property value. \n\nSelect only one valid value.\n\n- For symmetric encryption KMS keys, omit the parameter or specify `ENCRYPT_DECRYPT` .\n- For HMAC KMS keys (symmetric), specify `GENERATE_VERIFY_MAC` .\n- For asymmetric KMS keys with RSA key pairs, specify `ENCRYPT_DECRYPT` or `SIGN_VERIFY` .\n- For asymmetric KMS keys with NIST-recommended elliptic curve key pairs, specify `SIGN_VERIFY` or `KEY_AGREEMENT` .\n- For asymmetric KMS keys with `ECC_SECG_P256K1` key pairs, specify `SIGN_VERIFY` .\n- For asymmetric KMS keys with ML-DSA key pairs, specify `SIGN_VERIFY` .\n- For asymmetric KMS keys with SM2 key pairs (China Regions only), specify `ENCRYPT_DECRYPT` , `SIGN_VERIFY` , or `KEY_AGREEMENT` .", + "title": "KeyUsage", + "type": "string" + }, + "MultiRegion": { + "markdownDescription": "Creates a multi-Region primary key that you can replicate in other AWS Regions . You can't change the `MultiRegion` value after the KMS key is created.\n\nFor a list of AWS Regions in which multi-Region keys are supported, see [Multi-Region keys in AWS KMS](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the ** .\n\n> If you change the value of the `MultiRegion` property on an existing KMS key, the update request fails, regardless of the value of the [`UpdateReplacePolicy` attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html) . This prevents you from accidentally deleting a KMS key by changing an immutable property value. \n\nFor a multi-Region key, set to this property to `true` . For a single-Region key, omit this property or set it to `false` . The default value is `false` .\n\n*Multi-Region keys* are an AWS KMS feature that lets you create multiple interoperable KMS keys in different AWS Regions . Because these KMS keys have the same key ID, key material, and other metadata, you can use them to encrypt data in one AWS Region and decrypt it in a different AWS Region without making a cross-Region call or exposing the plaintext data. For more information, see [Multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the *AWS Key Management Service Developer Guide* .\n\nYou can create a symmetric encryption, HMAC, or asymmetric multi-Region KMS key, and you can create a multi-Region key with imported key material. However, you cannot create a multi-Region key in a custom key store.\n\nTo create a replica of this primary key in a different AWS Region , create an [AWS::KMS::ReplicaKey](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kms-replicakey.html) resource in a CloudFormation stack in the replica Region. Specify the key ARN of this primary key.", + "title": "MultiRegion", + "type": "boolean" + }, + "Origin": { + "markdownDescription": "The source of the key material for the KMS key. You cannot change the origin after you create the KMS key. The default is `AWS_KMS` , which means that AWS KMS creates the key material.\n\nTo [create a KMS key with no key material](https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys-create-cmk.html) (for imported key material), set this value to `EXTERNAL` . For more information about importing key material into AWS KMS , see [Importing Key Material](https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html) in the *AWS Key Management Service Developer Guide* .\n\nYou can ignore `ENABLED` when Origin is `EXTERNAL` . When a KMS key with Origin `EXTERNAL` is created, the key state is `PENDING_IMPORT` and `ENABLED` is `false` . After you import the key material, `ENABLED` updated to `true` . The KMS key can then be used for Cryptographic Operations.\n\n> - AWS CloudFormation doesn't support creating an `Origin` parameter of the `AWS_CLOUDHSM` or `EXTERNAL_KEY_STORE` values.\n> - `EXTERNAL` is not supported for ML-DSA keys.", + "title": "Origin", "type": "string" + }, + "PendingWindowInDays": { + "markdownDescription": "Specifies the number of days in the waiting period before AWS KMS deletes a KMS key that has been removed from a CloudFormation stack. Enter a value between 7 and 30 days. The default value is 30 days.\n\nWhen you remove a KMS key from a CloudFormation stack, AWS KMS schedules the KMS key for deletion and starts the mandatory waiting period. The `PendingWindowInDays` property determines the length of waiting period. During the waiting period, the key state of KMS key is `Pending Deletion` or `Pending Replica Deletion` , which prevents the KMS key from being used in cryptographic operations. When the waiting period expires, AWS KMS permanently deletes the KMS key.\n\nAWS KMS will not delete a [multi-Region primary key](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) that has replica keys. If you remove a multi-Region primary key from a CloudFormation stack, its key state changes to `PendingReplicaDeletion` so it cannot be replicated or used in cryptographic operations. This state can persist indefinitely. When the last of its replica keys is deleted, the key state of the primary key changes to `PendingDeletion` and the waiting period specified by `PendingWindowInDays` begins. When this waiting period expires, AWS KMS deletes the primary key. For details, see [Deleting multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-delete.html) in the *AWS Key Management Service Developer Guide* .\n\nYou cannot use a CloudFormation template to cancel deletion of the KMS key after you remove it from the stack, regardless of the waiting period. If you specify a KMS key in your template, even one with the same name, CloudFormation creates a new KMS key. To cancel deletion of a KMS key, use the AWS KMS console or the [CancelKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_CancelKeyDeletion.html) operation.\n\nFor information about the `Pending Deletion` and `Pending Replica Deletion` key states, see [Key state: Effect on your KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) in the *AWS Key Management Service Developer Guide* . For more information about deleting KMS keys, see the [ScheduleKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_ScheduleKeyDeletion.html) operation in the *AWS Key Management Service API Reference* and [Deleting KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/deleting-keys.html) in the *AWS Key Management Service Developer Guide* .", + "title": "PendingWindowInDays", + "type": "number" + }, + "RotationPeriodInDays": { + "markdownDescription": "Specifies a custom period of time between each rotation date. If no value is specified, the default value is 365 days.\n\nThe rotation period defines the number of days after you enable automatic key rotation that AWS KMS will rotate your key material, and the number of days between each automatic rotation thereafter.\n\nYou can use the [`kms:RotationPeriodInDays`](https://docs.aws.amazon.com/kms/latest/developerguide/conditions-kms.html#conditions-kms-rotation-period-in-days) condition key to further constrain the values that principals can specify in the `RotationPeriodInDays` parameter.\n\nFor more information about rotating KMS keys and automatic rotation, see [Rotating keys](https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html) in the *AWS Key Management Service Developer Guide* .", + "title": "RotationPeriodInDays", + "type": "number" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Assigns one or more tags to the replica key.\n\n> Tagging or untagging a KMS key can allow or deny permission to the KMS key. For details, see [ABAC for AWS KMS](https://docs.aws.amazon.com/kms/latest/developerguide/abac.html) in the *AWS Key Management Service Developer Guide* . \n\nFor information about tags in AWS KMS , see [Tagging keys](https://docs.aws.amazon.com/kms/latest/developerguide/tagging-keys.html) in the *AWS Key Management Service Developer Guide* . For information about tags in CloudFormation, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, "type": "object" }, "Type": { "enum": [ - "AWS::Macie::Session" + "AWS::KMS::Key" ], "type": "string" }, @@ -154003,7 +159586,7 @@ ], "type": "object" }, - "AWS::ManagedBlockchain::Accessor": { + "AWS::KMS::ReplicaKey": { "additionalProperties": false, "properties": { "Condition": { @@ -154038,33 +159621,49 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessorType": { - "markdownDescription": "The type of the accessor.\n\n> Currently, accessor type is restricted to `BILLING_TOKEN` .", - "title": "AccessorType", + "Description": { + "markdownDescription": "A description of the KMS key.\n\nThe default value is an empty string (no description).\n\nThe description is not a shared property of multi-Region keys. You can specify the same description or a different description for each key in a set of related multi-Region keys. AWS Key Management Service does not synchronize this property.", + "title": "Description", "type": "string" }, - "NetworkType": { - "markdownDescription": "The blockchain network that the `Accessor` token is created for.\n\n> We recommend using the appropriate `networkType` value for the blockchain network that you are creating the `Accessor` token for. You cannot use the value `ETHEREUM_MAINNET_AND_GOERLI` to specify a `networkType` for your Accessor token.\n> \n> The default value of `ETHEREUM_MAINNET_AND_GOERLI` is only applied:\n> \n> - when the `CreateAccessor` action does not set a `networkType` .\n> - to all existing `Accessor` tokens that were created before the `networkType` property was introduced.", - "title": "NetworkType", + "Enabled": { + "markdownDescription": "Specifies whether the replica key is enabled. Disabled KMS keys cannot be used in cryptographic operations.\n\nWhen `Enabled` is `true` , the *key state* of the KMS key is `Enabled` . When `Enabled` is `false` , the key state of the KMS key is `Disabled` . The default value is `true` .\n\nThe actual key state of the replica might be affected by actions taken outside of CloudFormation, such as running the [EnableKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_EnableKey.html) , [DisableKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_DisableKey.html) , or [ScheduleKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_ScheduleKeyDeletion.html) operations. Also, while the replica key is being created, its key state is `Creating` . When the process is complete, the key state of the replica key changes to `Enabled` .\n\nFor information about the key states of a KMS key, see [Key state: Effect on your KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) in the *AWS Key Management Service Developer Guide* .", + "title": "Enabled", + "type": "boolean" + }, + "KeyPolicy": { + "markdownDescription": "The key policy that authorizes use of the replica key.\n\nThe key policy is not a shared property of multi-Region keys. You can specify the same key policy or a different key policy for each key in a set of related multi-Region keys. AWS KMS does not synchronize this property.\n\nThe key policy must conform to the following rules.\n\n- The key policy must give the caller [PutKeyPolicy](https://docs.aws.amazon.com/kms/latest/APIReference/API_PutKeyPolicy.html) permission on the KMS key. This reduces the risk that the KMS key becomes unmanageable. For more information, refer to the scenario in the [Default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) section of the **AWS Key Management Service Developer Guide** .\n- Each statement in the key policy must contain one or more principals. The principals in the key policy must exist and be visible to AWS KMS . When you create a new AWS principal (for example, an IAM user or role), you might need to enforce a delay before including the new principal in a key policy because the new principal might not be immediately visible to AWS KMS . For more information, see [Changes that I make are not always immediately visible](https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency) in the *AWS Identity and Access Management User Guide* .\n\nA key policy document can include only the following characters:\n\n- Printable ASCII characters from the space character ( `\\u0020` ) through the end of the ASCII character range.\n- Printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` ).\n- The tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` ) special characters\n\n*Minimum* : `1`\n\n*Maximum* : `32768`", + "title": "KeyPolicy", + "type": "object" + }, + "PendingWindowInDays": { + "markdownDescription": "Specifies the number of days in the waiting period before AWS KMS deletes a replica key that has been removed from a CloudFormation stack. Enter a value between 7 and 30 days. The default value is 30 days.\n\nWhen you remove a replica key from a CloudFormation stack, AWS KMS schedules the replica key for deletion and starts the mandatory waiting period. The `PendingWindowInDays` property determines the length of waiting period. During the waiting period, the key state of replica key is `Pending Deletion` , which prevents it from being used in cryptographic operations. When the waiting period expires, AWS KMS permanently deletes the replica key.\n\nIf the KMS key is a multi-Region primary key with replica keys, the waiting period begins when the last of its replica keys is deleted. Otherwise, the waiting period begins immediately.\n\nYou cannot use a CloudFormation template to cancel deletion of the replica after you remove it from the stack, regardless of the waiting period. However, if you specify a replica key in your template that is based on the same primary key as the original replica key, CloudFormation creates a new replica key with the same key ID, key material, and other shared properties of the original replica key. This new replica key can decrypt ciphertext that was encrypted under the original replica key, or any related multi-Region key.\n\nFor detailed information about deleting multi-Region keys, see [Deleting multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-delete.html) in the *AWS Key Management Service Developer Guide* .\n\nFor information about the `PendingDeletion` key state, see [Key state: Effect on your KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) in the *AWS Key Management Service Developer Guide* . For more information about deleting KMS keys, see the [ScheduleKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_ScheduleKeyDeletion.html) operation in the *AWS Key Management Service API Reference* and [Deleting KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/deleting-keys.html) in the *AWS Key Management Service Developer Guide* .", + "title": "PendingWindowInDays", + "type": "number" + }, + "PrimaryKeyArn": { + "markdownDescription": "Specifies the multi-Region primary key to replicate. The primary key must be in a different AWS Region of the same AWS partition. You can create only one replica of a given primary key in each AWS Region .\n\n> If you change the `PrimaryKeyArn` value of a replica key, the existing replica key is scheduled for deletion and a new replica key is created based on the specified primary key. While it is scheduled for deletion, the existing replica key becomes unusable. You can cancel the scheduled deletion of the key outside of CloudFormation.\n> \n> However, if you inadvertently delete a replica key, you can decrypt ciphertext encrypted by that replica key by using any related multi-Region key. If necessary, you can recreate the replica in the same Region after the previous one is completely deleted. For details, see [Deleting multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-delete.html) in the *AWS Key Management Service Developer Guide* \n\nSpecify the key ARN of an existing multi-Region primary key. For example, `arn:aws:kms:us-east-2:111122223333:key/mrk-1234abcd12ab34cd56ef1234567890ab` .", + "title": "PrimaryKeyArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags assigned to the Accessor.\n\nFor more information about tags, see [Tagging Resources](https://docs.aws.amazon.com/managed-blockchain/latest/ethereum-dev/tagging-resources.html) in the *Amazon Managed Blockchain Ethereum Developer Guide* , or [Tagging Resources](https://docs.aws.amazon.com/managed-blockchain/latest/hyperledger-fabric-dev/tagging-resources.html) in the *Amazon Managed Blockchain Hyperledger Fabric Developer Guide* .", + "markdownDescription": "Assigns one or more tags to the replica key.\n\n> Tagging or untagging a KMS key can allow or deny permission to the KMS key. For details, see [ABAC for AWS KMS](https://docs.aws.amazon.com/kms/latest/developerguide/abac.html) in the *AWS Key Management Service Developer Guide* . \n\nTags are not a shared property of multi-Region keys. You can specify the same tags or different tags for each key in a set of related multi-Region keys. AWS KMS does not synchronize this property.\n\nEach tag consists of a tag key and a tag value. Both the tag key and the tag value are required, but the tag value can be an empty (null) string. You cannot have more than one tag on a KMS key with the same tag key. If you specify an existing tag key with a different tag value, AWS KMS replaces the current tag value with the specified one.\n\nWhen you assign tags to an AWS resource, AWS generates a cost allocation report with usage and costs aggregated by tags. Tags can also be used to control access to a KMS key. For details, see [Tagging keys](https://docs.aws.amazon.com/kms/latest/developerguide/tagging-keys.html) .", "title": "Tags", "type": "array" } }, "required": [ - "AccessorType" + "KeyPolicy", + "PrimaryKeyArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::ManagedBlockchain::Accessor" + "AWS::KMS::ReplicaKey" ], "type": "string" }, @@ -154083,7 +159682,7 @@ ], "type": "object" }, - "AWS::ManagedBlockchain::Member": { + "AWS::KafkaConnect::Connector": { "additionalProperties": false, "properties": { "Condition": { @@ -154118,35 +159717,100 @@ "Properties": { "additionalProperties": false, "properties": { - "InvitationId": { - "markdownDescription": "The unique identifier of the invitation to join the network sent to the account that creates the member.", - "title": "InvitationId", + "Capacity": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.Capacity", + "markdownDescription": "The connector's compute capacity settings.", + "title": "Capacity" + }, + "ConnectorConfiguration": { + "additionalProperties": true, + "markdownDescription": "The configuration of the connector.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "ConnectorConfiguration", + "type": "object" + }, + "ConnectorDescription": { + "markdownDescription": "The description of the connector.", + "title": "ConnectorDescription", "type": "string" }, - "MemberConfiguration": { - "$ref": "#/definitions/AWS::ManagedBlockchain::Member.MemberConfiguration", - "markdownDescription": "Configuration properties of the member.", - "title": "MemberConfiguration" + "ConnectorName": { + "markdownDescription": "The name of the connector.\n\nThe connector name must be unique and can include up to 128 characters. Valid characters you can include in a connector name are: a-z, A-Z, 0-9, and -.", + "title": "ConnectorName", + "type": "string" }, - "NetworkConfiguration": { - "$ref": "#/definitions/AWS::ManagedBlockchain::Member.NetworkConfiguration", - "markdownDescription": "Configuration properties of the network to which the member belongs.", - "title": "NetworkConfiguration" + "KafkaCluster": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.KafkaCluster", + "markdownDescription": "The details of the Apache Kafka cluster to which the connector is connected.", + "title": "KafkaCluster" }, - "NetworkId": { - "markdownDescription": "The unique identifier of the network to which the member belongs.", - "title": "NetworkId", + "KafkaClusterClientAuthentication": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.KafkaClusterClientAuthentication", + "markdownDescription": "The type of client authentication used to connect to the Apache Kafka cluster. The value is NONE when no client authentication is used.", + "title": "KafkaClusterClientAuthentication" + }, + "KafkaClusterEncryptionInTransit": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.KafkaClusterEncryptionInTransit", + "markdownDescription": "Details of encryption in transit to the Apache Kafka cluster.", + "title": "KafkaClusterEncryptionInTransit" + }, + "KafkaConnectVersion": { + "markdownDescription": "The version of Kafka Connect. It has to be compatible with both the Apache Kafka cluster's version and the plugins.", + "title": "KafkaConnectVersion", + "type": "string" + }, + "LogDelivery": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.LogDelivery", + "markdownDescription": "The settings for delivering connector logs to Amazon CloudWatch Logs.", + "title": "LogDelivery" + }, + "Plugins": { + "items": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.Plugin" + }, + "markdownDescription": "Specifies which plugin to use for the connector. You must specify a single-element list. Amazon MSK Connect does not currently support specifying multiple plugins.", + "title": "Plugins", + "type": "array" + }, + "ServiceExecutionRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role used by the connector to access Amazon Web Services resources.", + "title": "ServiceExecutionRoleArn", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + }, + "WorkerConfiguration": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.WorkerConfiguration", + "markdownDescription": "The worker configurations that are in use with the connector.", + "title": "WorkerConfiguration" } }, "required": [ - "MemberConfiguration" + "Capacity", + "ConnectorConfiguration", + "ConnectorName", + "KafkaCluster", + "KafkaClusterClientAuthentication", + "KafkaClusterEncryptionInTransit", + "KafkaConnectVersion", + "Plugins", + "ServiceExecutionRoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::ManagedBlockchain::Member" + "AWS::KafkaConnect::Connector" ], "type": "string" }, @@ -154165,161 +159829,347 @@ ], "type": "object" }, - "AWS::ManagedBlockchain::Member.ApprovalThresholdPolicy": { + "AWS::KafkaConnect::Connector.ApacheKafkaCluster": { "additionalProperties": false, "properties": { - "ProposalDurationInHours": { - "markdownDescription": "The duration from the time that a proposal is created until it expires. If members cast neither the required number of `YES` votes to approve the proposal nor the number of `NO` votes required to reject it before the duration expires, the proposal is `EXPIRED` and `ProposalActions` aren't carried out.", - "title": "ProposalDurationInHours", + "BootstrapServers": { + "markdownDescription": "The bootstrap servers of the cluster.", + "title": "BootstrapServers", + "type": "string" + }, + "Vpc": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.Vpc", + "markdownDescription": "Details of an Amazon VPC which has network connectivity to the Apache Kafka cluster.", + "title": "Vpc" + } + }, + "required": [ + "BootstrapServers", + "Vpc" + ], + "type": "object" + }, + "AWS::KafkaConnect::Connector.AutoScaling": { + "additionalProperties": false, + "properties": { + "MaxWorkerCount": { + "markdownDescription": "The maximum number of workers allocated to the connector.", + "title": "MaxWorkerCount", "type": "number" }, - "ThresholdComparator": { - "markdownDescription": "Determines whether the vote percentage must be greater than the `ThresholdPercentage` or must be greater than or equal to the `ThresholdPercentage` to be approved.", - "title": "ThresholdComparator", - "type": "string" + "McuCount": { + "markdownDescription": "The number of microcontroller units (MCUs) allocated to each connector worker. The valid values are 1,2,4,8.", + "title": "McuCount", + "type": "number" }, - "ThresholdPercentage": { - "markdownDescription": "The percentage of votes among all members that must be `YES` for a proposal to be approved. For example, a `ThresholdPercentage` value of `50` indicates 50%. The `ThresholdComparator` determines the precise comparison. If a `ThresholdPercentage` value of `50` is specified on a network with 10 members, along with a `ThresholdComparator` value of `GREATER_THAN` , this indicates that 6 `YES` votes are required for the proposal to be approved.", - "title": "ThresholdPercentage", + "MinWorkerCount": { + "markdownDescription": "The minimum number of workers allocated to the connector.", + "title": "MinWorkerCount", "type": "number" + }, + "ScaleInPolicy": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.ScaleInPolicy", + "markdownDescription": "The sacle-in policy for the connector.", + "title": "ScaleInPolicy" + }, + "ScaleOutPolicy": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.ScaleOutPolicy", + "markdownDescription": "The sacle-out policy for the connector.", + "title": "ScaleOutPolicy" } }, + "required": [ + "MaxWorkerCount", + "McuCount", + "MinWorkerCount", + "ScaleInPolicy", + "ScaleOutPolicy" + ], "type": "object" }, - "AWS::ManagedBlockchain::Member.MemberConfiguration": { + "AWS::KafkaConnect::Connector.Capacity": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "An optional description of the member.", - "title": "Description", - "type": "string" + "AutoScaling": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.AutoScaling", + "markdownDescription": "Information about the auto scaling parameters for the connector.", + "title": "AutoScaling" }, - "MemberFrameworkConfiguration": { - "$ref": "#/definitions/AWS::ManagedBlockchain::Member.MemberFrameworkConfiguration", - "markdownDescription": "Configuration properties of the blockchain framework relevant to the member.", - "title": "MemberFrameworkConfiguration" + "ProvisionedCapacity": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.ProvisionedCapacity", + "markdownDescription": "Details about a fixed capacity allocated to a connector.", + "title": "ProvisionedCapacity" + } + }, + "type": "object" + }, + "AWS::KafkaConnect::Connector.CloudWatchLogsLogDelivery": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Whether log delivery to Amazon CloudWatch Logs is enabled.", + "title": "Enabled", + "type": "boolean" }, - "Name": { - "markdownDescription": "The name of the member.", - "title": "Name", + "LogGroup": { + "markdownDescription": "The name of the CloudWatch log group that is the destination for log delivery.", + "title": "LogGroup", "type": "string" } }, "required": [ - "Name" + "Enabled" ], "type": "object" }, - "AWS::ManagedBlockchain::Member.MemberFabricConfiguration": { + "AWS::KafkaConnect::Connector.CustomPlugin": { "additionalProperties": false, "properties": { - "AdminPassword": { - "markdownDescription": "The password for the member's initial administrative user. The `AdminPassword` must be at least 8 characters long and no more than 32 characters. It must contain at least one uppercase letter, one lowercase letter, and one digit. It cannot have a single quotation mark (\u2018), a double quotation marks (\u201c), a forward slash(/), a backward slash(\\), @, or a space.", - "title": "AdminPassword", + "CustomPluginArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the custom plugin.", + "title": "CustomPluginArn", "type": "string" }, - "AdminUsername": { - "markdownDescription": "The user name for the member's initial administrative user.", - "title": "AdminUsername", + "Revision": { + "markdownDescription": "The revision of the custom plugin.", + "title": "Revision", + "type": "number" + } + }, + "required": [ + "CustomPluginArn", + "Revision" + ], + "type": "object" + }, + "AWS::KafkaConnect::Connector.FirehoseLogDelivery": { + "additionalProperties": false, + "properties": { + "DeliveryStream": { + "markdownDescription": "The name of the Kinesis Data Firehose delivery stream that is the destination for log delivery.", + "title": "DeliveryStream", "type": "string" + }, + "Enabled": { + "markdownDescription": "Specifies whether connector logs get delivered to Amazon Kinesis Data Firehose.", + "title": "Enabled", + "type": "boolean" } }, "required": [ - "AdminPassword", - "AdminUsername" + "Enabled" ], "type": "object" }, - "AWS::ManagedBlockchain::Member.MemberFrameworkConfiguration": { + "AWS::KafkaConnect::Connector.KafkaCluster": { "additionalProperties": false, "properties": { - "MemberFabricConfiguration": { - "$ref": "#/definitions/AWS::ManagedBlockchain::Member.MemberFabricConfiguration", - "markdownDescription": "Configuration properties for Hyperledger Fabric.", - "title": "MemberFabricConfiguration" + "ApacheKafkaCluster": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.ApacheKafkaCluster", + "markdownDescription": "The Apache Kafka cluster to which the connector is connected.", + "title": "ApacheKafkaCluster" } }, + "required": [ + "ApacheKafkaCluster" + ], "type": "object" }, - "AWS::ManagedBlockchain::Member.NetworkConfiguration": { + "AWS::KafkaConnect::Connector.KafkaClusterClientAuthentication": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "Attributes of the blockchain framework for the network.", - "title": "Description", - "type": "string" - }, - "Framework": { - "markdownDescription": "The blockchain framework that the network uses.", - "title": "Framework", + "AuthenticationType": { + "markdownDescription": "The type of client authentication used to connect to the Apache Kafka cluster. Value NONE means that no client authentication is used.", + "title": "AuthenticationType", "type": "string" - }, - "FrameworkVersion": { - "markdownDescription": "The version of the blockchain framework that the network uses.", - "title": "FrameworkVersion", + } + }, + "required": [ + "AuthenticationType" + ], + "type": "object" + }, + "AWS::KafkaConnect::Connector.KafkaClusterEncryptionInTransit": { + "additionalProperties": false, + "properties": { + "EncryptionType": { + "markdownDescription": "The type of encryption in transit to the Apache Kafka cluster.", + "title": "EncryptionType", "type": "string" + } + }, + "required": [ + "EncryptionType" + ], + "type": "object" + }, + "AWS::KafkaConnect::Connector.LogDelivery": { + "additionalProperties": false, + "properties": { + "WorkerLogDelivery": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.WorkerLogDelivery", + "markdownDescription": "The workers can send worker logs to different destination types. This configuration specifies the details of these destinations.", + "title": "WorkerLogDelivery" + } + }, + "required": [ + "WorkerLogDelivery" + ], + "type": "object" + }, + "AWS::KafkaConnect::Connector.Plugin": { + "additionalProperties": false, + "properties": { + "CustomPlugin": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.CustomPlugin", + "markdownDescription": "Details about a custom plugin.", + "title": "CustomPlugin" + } + }, + "required": [ + "CustomPlugin" + ], + "type": "object" + }, + "AWS::KafkaConnect::Connector.ProvisionedCapacity": { + "additionalProperties": false, + "properties": { + "McuCount": { + "markdownDescription": "The number of microcontroller units (MCUs) allocated to each connector worker. The valid values are 1,2,4,8.", + "title": "McuCount", + "type": "number" }, - "Name": { - "markdownDescription": "The name of the network.", - "title": "Name", + "WorkerCount": { + "markdownDescription": "The number of workers that are allocated to the connector.", + "title": "WorkerCount", + "type": "number" + } + }, + "required": [ + "WorkerCount" + ], + "type": "object" + }, + "AWS::KafkaConnect::Connector.S3LogDelivery": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The name of the S3 bucket that is the destination for log delivery.", + "title": "Bucket", "type": "string" }, - "NetworkFrameworkConfiguration": { - "$ref": "#/definitions/AWS::ManagedBlockchain::Member.NetworkFrameworkConfiguration", - "markdownDescription": "Configuration properties relevant to the network for the blockchain framework that the network uses.", - "title": "NetworkFrameworkConfiguration" + "Enabled": { + "markdownDescription": "Specifies whether connector logs get sent to the specified Amazon S3 destination.", + "title": "Enabled", + "type": "boolean" }, - "VotingPolicy": { - "$ref": "#/definitions/AWS::ManagedBlockchain::Member.VotingPolicy", - "markdownDescription": "The voting rules that the network uses to decide if a proposal is accepted.", - "title": "VotingPolicy" + "Prefix": { + "markdownDescription": "The S3 prefix that is the destination for log delivery.", + "title": "Prefix", + "type": "string" } }, "required": [ - "Framework", - "FrameworkVersion", - "Name", - "VotingPolicy" + "Enabled" ], "type": "object" }, - "AWS::ManagedBlockchain::Member.NetworkFabricConfiguration": { + "AWS::KafkaConnect::Connector.ScaleInPolicy": { "additionalProperties": false, "properties": { - "Edition": { - "markdownDescription": "The edition of Amazon Managed Blockchain that the network uses. Valid values are `standard` and `starter` . For more information, see [Amazon Managed Blockchain Pricing](https://docs.aws.amazon.com/managed-blockchain/pricing/)", - "title": "Edition", - "type": "string" + "CpuUtilizationPercentage": { + "markdownDescription": "Specifies the CPU utilization percentage threshold at which you want connector scale in to be triggered.", + "title": "CpuUtilizationPercentage", + "type": "number" } }, "required": [ - "Edition" + "CpuUtilizationPercentage" ], "type": "object" }, - "AWS::ManagedBlockchain::Member.NetworkFrameworkConfiguration": { + "AWS::KafkaConnect::Connector.ScaleOutPolicy": { "additionalProperties": false, "properties": { - "NetworkFabricConfiguration": { - "$ref": "#/definitions/AWS::ManagedBlockchain::Member.NetworkFabricConfiguration", - "markdownDescription": "Configuration properties for Hyperledger Fabric for a member in a Managed Blockchain network that is using the Hyperledger Fabric framework.", - "title": "NetworkFabricConfiguration" + "CpuUtilizationPercentage": { + "markdownDescription": "The CPU utilization percentage threshold at which you want connector scale out to be triggered.", + "title": "CpuUtilizationPercentage", + "type": "number" } }, + "required": [ + "CpuUtilizationPercentage" + ], "type": "object" }, - "AWS::ManagedBlockchain::Member.VotingPolicy": { + "AWS::KafkaConnect::Connector.Vpc": { "additionalProperties": false, "properties": { - "ApprovalThresholdPolicy": { - "$ref": "#/definitions/AWS::ManagedBlockchain::Member.ApprovalThresholdPolicy", - "markdownDescription": "Defines the rules for the network for voting on proposals, such as the percentage of `YES` votes required for the proposal to be approved and the duration of the proposal. The policy applies to all proposals and is specified when the network is created.", - "title": "ApprovalThresholdPolicy" + "SecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The security group IDs for the connector.", + "title": "SecurityGroups", + "type": "array" + }, + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The subnets for the connector.", + "title": "Subnets", + "type": "array" } }, + "required": [ + "SecurityGroups", + "Subnets" + ], "type": "object" }, - "AWS::ManagedBlockchain::Node": { + "AWS::KafkaConnect::Connector.WorkerConfiguration": { + "additionalProperties": false, + "properties": { + "Revision": { + "markdownDescription": "The revision of the worker configuration.", + "title": "Revision", + "type": "number" + }, + "WorkerConfigurationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the worker configuration.", + "title": "WorkerConfigurationArn", + "type": "string" + } + }, + "required": [ + "Revision", + "WorkerConfigurationArn" + ], + "type": "object" + }, + "AWS::KafkaConnect::Connector.WorkerLogDelivery": { + "additionalProperties": false, + "properties": { + "CloudWatchLogs": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.CloudWatchLogsLogDelivery", + "markdownDescription": "Details about delivering logs to Amazon CloudWatch Logs.", + "title": "CloudWatchLogs" + }, + "Firehose": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.FirehoseLogDelivery", + "markdownDescription": "Details about delivering logs to Amazon Kinesis Data Firehose.", + "title": "Firehose" + }, + "S3": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.S3LogDelivery", + "markdownDescription": "Details about delivering logs to Amazon S3.", + "title": "S3" + } + }, + "type": "object" + }, + "AWS::KafkaConnect::CustomPlugin": { "additionalProperties": false, "properties": { "Condition": { @@ -154354,31 +160204,45 @@ "Properties": { "additionalProperties": false, "properties": { - "MemberId": { - "markdownDescription": "The unique identifier of the member to which the node belongs. Applies only to Hyperledger Fabric.", - "title": "MemberId", + "ContentType": { + "markdownDescription": "The format of the plugin file.", + "title": "ContentType", "type": "string" }, - "NetworkId": { - "markdownDescription": "The unique identifier of the network for the node.\n\nEthereum public networks have the following `NetworkId` s:\n\n- `n-ethereum-mainnet`", - "title": "NetworkId", + "Description": { + "markdownDescription": "The description of the custom plugin.", + "title": "Description", "type": "string" }, - "NodeConfiguration": { - "$ref": "#/definitions/AWS::ManagedBlockchain::Node.NodeConfiguration", - "markdownDescription": "Configuration properties of a peer node.", - "title": "NodeConfiguration" + "Location": { + "$ref": "#/definitions/AWS::KafkaConnect::CustomPlugin.CustomPluginLocation", + "markdownDescription": "Information about the location of the custom plugin.", + "title": "Location" + }, + "Name": { + "markdownDescription": "The name of the custom plugin.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" } }, "required": [ - "NetworkId", - "NodeConfiguration" + "ContentType", + "Location", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::ManagedBlockchain::Node" + "AWS::KafkaConnect::CustomPlugin" ], "type": "string" }, @@ -154397,27 +160261,62 @@ ], "type": "object" }, - "AWS::ManagedBlockchain::Node.NodeConfiguration": { + "AWS::KafkaConnect::CustomPlugin.CustomPluginFileDescription": { "additionalProperties": false, "properties": { - "AvailabilityZone": { - "markdownDescription": "The Availability Zone in which the node exists. Required for Ethereum nodes.", - "title": "AvailabilityZone", + "FileMd5": { + "markdownDescription": "The hex-encoded MD5 checksum of the custom plugin file. You can use it to validate the file.", + "title": "FileMd5", "type": "string" }, - "InstanceType": { - "markdownDescription": "The Amazon Managed Blockchain instance type for the node.", - "title": "InstanceType", + "FileSize": { + "markdownDescription": "The size in bytes of the custom plugin file. You can use it to validate the file.", + "title": "FileSize", + "type": "number" + } + }, + "type": "object" + }, + "AWS::KafkaConnect::CustomPlugin.CustomPluginLocation": { + "additionalProperties": false, + "properties": { + "S3Location": { + "$ref": "#/definitions/AWS::KafkaConnect::CustomPlugin.S3Location", + "markdownDescription": "The S3 bucket Amazon Resource Name (ARN), file key, and object version of the plugin file stored in Amazon S3.", + "title": "S3Location" + } + }, + "required": [ + "S3Location" + ], + "type": "object" + }, + "AWS::KafkaConnect::CustomPlugin.S3Location": { + "additionalProperties": false, + "properties": { + "BucketArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an S3 bucket.", + "title": "BucketArn", + "type": "string" + }, + "FileKey": { + "markdownDescription": "The file key for an object in an S3 bucket.", + "title": "FileKey", + "type": "string" + }, + "ObjectVersion": { + "markdownDescription": "The version of an object in an S3 bucket.", + "title": "ObjectVersion", "type": "string" } }, "required": [ - "AvailabilityZone", - "InstanceType" + "BucketArn", + "FileKey" ], "type": "object" }, - "AWS::MediaConnect::Bridge": { + "AWS::KafkaConnect::WorkerConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -154452,58 +160351,39 @@ "Properties": { "additionalProperties": false, "properties": { - "EgressGatewayBridge": { - "$ref": "#/definitions/AWS::MediaConnect::Bridge.EgressGatewayBridge", - "markdownDescription": "An egress bridge is a cloud-to-ground bridge. The content comes from an existing MediaConnect flow and is delivered to your premises.", - "title": "EgressGatewayBridge" - }, - "IngressGatewayBridge": { - "$ref": "#/definitions/AWS::MediaConnect::Bridge.IngressGatewayBridge", - "markdownDescription": "An ingress bridge is a ground-to-cloud bridge. The content originates at your premises and is delivered to the cloud.", - "title": "IngressGatewayBridge" + "Description": { + "markdownDescription": "The description of a worker configuration.", + "title": "Description", + "type": "string" }, "Name": { - "markdownDescription": "The name of the bridge. This name can not be modified after the bridge is created.", + "markdownDescription": "The name of the worker configuration.", "title": "Name", "type": "string" }, - "Outputs": { - "items": { - "$ref": "#/definitions/AWS::MediaConnect::Bridge.BridgeOutput" - }, - "markdownDescription": "The outputs that you want to add to this bridge.", - "title": "Outputs", - "type": "array" - }, - "PlacementArn": { - "markdownDescription": "The bridge placement Amazon Resource Number (ARN).", - "title": "PlacementArn", + "PropertiesFileContent": { + "markdownDescription": "Base64 encoded contents of the connect-distributed.properties file.", + "title": "PropertiesFileContent", "type": "string" }, - "SourceFailoverConfig": { - "$ref": "#/definitions/AWS::MediaConnect::Bridge.FailoverConfig", - "markdownDescription": "The settings for source failover.", - "title": "SourceFailoverConfig" - }, - "Sources": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::MediaConnect::Bridge.BridgeSource" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The sources that you want to add to this bridge.", - "title": "Sources", + "markdownDescription": "", + "title": "Tags", "type": "array" } }, "required": [ "Name", - "PlacementArn", - "Sources" + "PropertiesFileContent" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaConnect::Bridge" + "AWS::KafkaConnect::WorkerConfiguration" ], "type": "string" }, @@ -154522,796 +160402,1723 @@ ], "type": "object" }, - "AWS::MediaConnect::Bridge.BridgeFlowSource": { + "AWS::Kendra::DataSource": { "additionalProperties": false, "properties": { - "FlowArn": { - "markdownDescription": "The ARN of the cloud flow used as a source of this bridge.", - "title": "FlowArn", + "Condition": { "type": "string" }, - "FlowVpcInterfaceAttachment": { - "$ref": "#/definitions/AWS::MediaConnect::Bridge.VpcInterfaceAttachment", - "markdownDescription": "The name of the VPC interface attachment to use for this source.", - "title": "FlowVpcInterfaceAttachment" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Name": { - "markdownDescription": "The name of the flow source.", - "title": "Name", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CustomDocumentEnrichmentConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.CustomDocumentEnrichmentConfiguration", + "markdownDescription": "Configuration information for altering document metadata and content during the document ingestion process.", + "title": "CustomDocumentEnrichmentConfiguration" + }, + "DataSourceConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceConfiguration", + "markdownDescription": "Configuration information for an Amazon Kendra data source. The contents of the configuration depend on the type of data source. You can only specify one type of data source in the configuration.\n\nYou can't specify the `Configuration` parameter when the `Type` parameter is set to `CUSTOM` .\n\nThe `Configuration` parameter is required for all other data sources.", + "title": "DataSourceConfiguration" + }, + "Description": { + "markdownDescription": "A description for the data source connector.", + "title": "Description", + "type": "string" + }, + "IndexId": { + "markdownDescription": "The identifier of the index you want to use with the data source connector.", + "title": "IndexId", + "type": "string" + }, + "LanguageCode": { + "markdownDescription": "The code for a language. This shows a supported language for all documents in the data source. English is supported by default. For more information on supported languages, including their codes, see [Adding documents in languages other than English](https://docs.aws.amazon.com/kendra/latest/dg/in-adding-languages.html) .", + "title": "LanguageCode", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the data source.", + "title": "Name", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of a role with permission to access the data source.\n\nYou can't specify the `RoleArn` parameter when the `Type` parameter is set to `CUSTOM` .\n\nThe `RoleArn` parameter is required for all other data sources.", + "title": "RoleArn", + "type": "string" + }, + "Schedule": { + "markdownDescription": "Sets the frequency that Amazon Kendra checks the documents in your data source and updates the index. If you don't set a schedule, Amazon Kendra doesn't periodically update the index.", + "title": "Schedule", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of the data source.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "IndexId", + "Name", + "Type" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Kendra::DataSource" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "FlowArn", - "Name" + "Type", + "Properties" ], "type": "object" }, - "AWS::MediaConnect::Bridge.BridgeNetworkOutput": { + "AWS::Kendra::DataSource.AccessControlListConfiguration": { "additionalProperties": false, "properties": { - "IpAddress": { - "markdownDescription": "The network output IP address.", - "title": "IpAddress", - "type": "string" - }, - "Name": { - "markdownDescription": "The network output name.", - "title": "Name", - "type": "string" - }, - "NetworkName": { - "markdownDescription": "The network output's gateway network name.", - "title": "NetworkName", + "KeyPath": { + "markdownDescription": "Path to the AWS S3 bucket that contains the access control list files.", + "title": "KeyPath", "type": "string" - }, - "Port": { - "markdownDescription": "The network output's port.", - "title": "Port", - "type": "number" - }, - "Protocol": { - "markdownDescription": "The network output protocol.\n\n> AWS Elemental MediaConnect no longer supports the Fujitsu QoS protocol. This reference is maintained for legacy purposes only.", - "title": "Protocol", + } + }, + "type": "object" + }, + "AWS::Kendra::DataSource.AclConfiguration": { + "additionalProperties": false, + "properties": { + "AllowedGroupsColumnName": { + "markdownDescription": "A list of groups, separated by semi-colons, that filters a query response based on user context. The document is only returned to users that are in one of the groups specified in the `UserContext` field of the [Query](https://docs.aws.amazon.com/kendra/latest/dg/API_Query.html) operation.", + "title": "AllowedGroupsColumnName", "type": "string" - }, - "Ttl": { - "markdownDescription": "The network output TTL.", - "title": "Ttl", - "type": "number" } }, "required": [ - "IpAddress", - "Name", - "NetworkName", - "Port", - "Protocol", - "Ttl" + "AllowedGroupsColumnName" ], "type": "object" }, - "AWS::MediaConnect::Bridge.BridgeNetworkSource": { + "AWS::Kendra::DataSource.ColumnConfiguration": { "additionalProperties": false, "properties": { - "MulticastIp": { - "markdownDescription": "The network source multicast IP.", - "title": "MulticastIp", - "type": "string" + "ChangeDetectingColumns": { + "items": { + "type": "string" + }, + "markdownDescription": "One to five columns that indicate when a document in the database has changed.", + "title": "ChangeDetectingColumns", + "type": "array" }, - "Name": { - "markdownDescription": "The name of the network source.", - "title": "Name", + "DocumentDataColumnName": { + "markdownDescription": "The column that contains the contents of the document.", + "title": "DocumentDataColumnName", "type": "string" }, - "NetworkName": { - "markdownDescription": "The network source's gateway network name.", - "title": "NetworkName", + "DocumentIdColumnName": { + "markdownDescription": "The column that provides the document's identifier.", + "title": "DocumentIdColumnName", "type": "string" }, - "Port": { - "markdownDescription": "The network source port.", - "title": "Port", - "type": "number" - }, - "Protocol": { - "markdownDescription": "The network source protocol.\n\n> AWS Elemental MediaConnect no longer supports the Fujitsu QoS protocol. This reference is maintained for legacy purposes only.", - "title": "Protocol", + "DocumentTitleColumnName": { + "markdownDescription": "The column that contains the title of the document.", + "title": "DocumentTitleColumnName", "type": "string" + }, + "FieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + }, + "markdownDescription": "An array of objects that map database column names to the corresponding fields in an index. You must first create the fields in the index using the [UpdateIndex](https://docs.aws.amazon.com/kendra/latest/dg/API_UpdateIndex.html) operation.", + "title": "FieldMappings", + "type": "array" } }, "required": [ - "MulticastIp", - "Name", - "NetworkName", - "Port", - "Protocol" + "ChangeDetectingColumns", + "DocumentDataColumnName", + "DocumentIdColumnName" ], "type": "object" }, - "AWS::MediaConnect::Bridge.BridgeOutput": { + "AWS::Kendra::DataSource.ConfluenceAttachmentConfiguration": { "additionalProperties": false, "properties": { - "NetworkOutput": { - "$ref": "#/definitions/AWS::MediaConnect::Bridge.BridgeNetworkOutput", - "markdownDescription": "The output of the bridge. A network output is delivered to your premises.", - "title": "NetworkOutput" + "AttachmentFieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceAttachmentToIndexFieldMapping" + }, + "markdownDescription": "Maps attributes or field names of Confluence attachments to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Confluence fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Confluence data source field names must exist in your Confluence custom metadata.\n\nIf you specify the `AttachentFieldMappings` parameter, you must specify at least one field mapping.", + "title": "AttachmentFieldMappings", + "type": "array" + }, + "CrawlAttachments": { + "markdownDescription": "`TRUE` to index attachments of pages and blogs in Confluence.", + "title": "CrawlAttachments", + "type": "boolean" } }, "type": "object" }, - "AWS::MediaConnect::Bridge.BridgeSource": { + "AWS::Kendra::DataSource.ConfluenceAttachmentToIndexFieldMapping": { "additionalProperties": false, "properties": { - "FlowSource": { - "$ref": "#/definitions/AWS::MediaConnect::Bridge.BridgeFlowSource", - "markdownDescription": "The source of the bridge. A flow source originates in MediaConnect as an existing cloud flow.", - "title": "FlowSource" + "DataSourceFieldName": { + "markdownDescription": "The name of the field in the data source.\n\nYou must first create the index field using the `UpdateIndex` API.", + "title": "DataSourceFieldName", + "type": "string" }, - "NetworkSource": { - "$ref": "#/definitions/AWS::MediaConnect::Bridge.BridgeNetworkSource", - "markdownDescription": "The source of the bridge. A network source originates at your premises.", - "title": "NetworkSource" + "DateFieldFormat": { + "markdownDescription": "The format for date fields in the data source. If the field specified in `DataSourceFieldName` is a date field you must specify the date format. If the field is not a date field, an exception is thrown.", + "title": "DateFieldFormat", + "type": "string" + }, + "IndexFieldName": { + "markdownDescription": "The name of the index field to map to the Confluence data source field. The index field type must match the Confluence field type.", + "title": "IndexFieldName", + "type": "string" } }, + "required": [ + "DataSourceFieldName", + "IndexFieldName" + ], "type": "object" }, - "AWS::MediaConnect::Bridge.EgressGatewayBridge": { + "AWS::Kendra::DataSource.ConfluenceBlogConfiguration": { "additionalProperties": false, "properties": { - "MaxBitrate": { - "markdownDescription": "The maximum expected bitrate (in bps) of the egress bridge.", - "title": "MaxBitrate", - "type": "number" + "BlogFieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceBlogToIndexFieldMapping" + }, + "markdownDescription": "Maps attributes or field names of Confluence blogs to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Confluence fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Confluence data source field names must exist in your Confluence custom metadata.\n\nIf you specify the `BlogFieldMappings` parameter, you must specify at least one field mapping.", + "title": "BlogFieldMappings", + "type": "array" } }, - "required": [ - "MaxBitrate" - ], "type": "object" }, - "AWS::MediaConnect::Bridge.FailoverConfig": { + "AWS::Kendra::DataSource.ConfluenceBlogToIndexFieldMapping": { "additionalProperties": false, "properties": { - "FailoverMode": { - "markdownDescription": "The type of failover you choose for this flow. MERGE combines the source streams into a single stream, allowing graceful recovery from any single-source loss. FAILOVER allows switching between different streams.", - "title": "FailoverMode", + "DataSourceFieldName": { + "markdownDescription": "The name of the field in the data source.", + "title": "DataSourceFieldName", "type": "string" }, - "SourcePriority": { - "$ref": "#/definitions/AWS::MediaConnect::Bridge.SourcePriority", - "markdownDescription": "The priority you want to assign to a source. You can have a primary stream and a backup stream or two equally prioritized streams.", - "title": "SourcePriority" + "DateFieldFormat": { + "markdownDescription": "The format for date fields in the data source. If the field specified in `DataSourceFieldName` is a date field you must specify the date format. If the field is not a date field, an exception is thrown.", + "title": "DateFieldFormat", + "type": "string" }, - "State": { - "markdownDescription": "The state of source failover on the flow. If the state is inactive, the flow can have only one source. If the state is active, the flow can have one or two sources.", - "title": "State", + "IndexFieldName": { + "markdownDescription": "The name of the index field to map to the Confluence data source field. The index field type must match the Confluence field type.", + "title": "IndexFieldName", "type": "string" } }, "required": [ - "FailoverMode" + "DataSourceFieldName", + "IndexFieldName" ], "type": "object" }, - "AWS::MediaConnect::Bridge.IngressGatewayBridge": { + "AWS::Kendra::DataSource.ConfluenceConfiguration": { "additionalProperties": false, "properties": { - "MaxBitrate": { - "markdownDescription": "The maximum expected bitrate (in bps) of the ingress bridge.", - "title": "MaxBitrate", - "type": "number" + "AttachmentConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceAttachmentConfiguration", + "markdownDescription": "Configuration information for indexing attachments to Confluence blogs and pages.", + "title": "AttachmentConfiguration" }, - "MaxOutputs": { - "markdownDescription": "The maximum number of outputs on the ingress bridge.", - "title": "MaxOutputs", - "type": "number" + "BlogConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceBlogConfiguration", + "markdownDescription": "Configuration information for indexing Confluence blogs.", + "title": "BlogConfiguration" + }, + "ExclusionPatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns to exclude certain blog posts, pages, spaces, or attachments in your Confluence. Content that matches the patterns are excluded from the index. Content that doesn't match the patterns is included in the index. If content matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the content isn't included in the index.", + "title": "ExclusionPatterns", + "type": "array" + }, + "InclusionPatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns to include certain blog posts, pages, spaces, or attachments in your Confluence. Content that matches the patterns are included in the index. Content that doesn't match the patterns is excluded from the index. If content matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the content isn't included in the index.", + "title": "InclusionPatterns", + "type": "array" + }, + "PageConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluencePageConfiguration", + "markdownDescription": "Configuration information for indexing Confluence pages.", + "title": "PageConfiguration" + }, + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that contains the user name and password required to connect to the Confluence instance. If you use Confluence Cloud, you use a generated API token as the password.\n\nYou can also provide authentication credentials in the form of a personal access token. For more information, see [Using a Confluence data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-confluence.html) .", + "title": "SecretArn", + "type": "string" + }, + "ServerUrl": { + "markdownDescription": "The URL of your Confluence instance. Use the full URL of the server. For example, *https://server.example.com:port/* . You can also use an IP address, for example, *https://192.168.1.113/* .", + "title": "ServerUrl", + "type": "string" + }, + "SpaceConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceSpaceConfiguration", + "markdownDescription": "Configuration information for indexing Confluence spaces.", + "title": "SpaceConfiguration" + }, + "Version": { + "markdownDescription": "The version or the type of Confluence installation to connect to.", + "title": "Version", + "type": "string" + }, + "VpcConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceVpcConfiguration", + "markdownDescription": "Configuration information for an Amazon Virtual Private Cloud to connect to your Confluence. For more information, see [Configuring a VPC](https://docs.aws.amazon.com/kendra/latest/dg/vpc-configuration.html) .", + "title": "VpcConfiguration" } }, "required": [ - "MaxBitrate", - "MaxOutputs" + "SecretArn", + "ServerUrl", + "Version" ], "type": "object" }, - "AWS::MediaConnect::Bridge.SourcePriority": { + "AWS::Kendra::DataSource.ConfluencePageConfiguration": { "additionalProperties": false, "properties": { - "PrimarySource": { - "markdownDescription": "The name of the source you choose as the primary source for this flow.", - "title": "PrimarySource", - "type": "string" + "PageFieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluencePageToIndexFieldMapping" + }, + "markdownDescription": "Maps attributes or field names of Confluence pages to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Confluence fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Confluence data source field names must exist in your Confluence custom metadata.\n\nIf you specify the `PageFieldMappings` parameter, you must specify at least one field mapping.", + "title": "PageFieldMappings", + "type": "array" } }, "type": "object" }, - "AWS::MediaConnect::Bridge.VpcInterfaceAttachment": { + "AWS::Kendra::DataSource.ConfluencePageToIndexFieldMapping": { "additionalProperties": false, "properties": { - "VpcInterfaceName": { - "markdownDescription": "The name of the VPC interface to use for this resource.", - "title": "VpcInterfaceName", + "DataSourceFieldName": { + "markdownDescription": "The name of the field in the data source.", + "title": "DataSourceFieldName", + "type": "string" + }, + "DateFieldFormat": { + "markdownDescription": "The format for date fields in the data source. If the field specified in `DataSourceFieldName` is a date field you must specify the date format. If the field is not a date field, an exception is thrown.", + "title": "DateFieldFormat", + "type": "string" + }, + "IndexFieldName": { + "markdownDescription": "The name of the index field to map to the Confluence data source field. The index field type must match the Confluence field type.", + "title": "IndexFieldName", "type": "string" } }, + "required": [ + "DataSourceFieldName", + "IndexFieldName" + ], "type": "object" }, - "AWS::MediaConnect::BridgeOutput": { + "AWS::Kendra::DataSource.ConfluenceSpaceConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "CrawlArchivedSpaces": { + "markdownDescription": "`TRUE` to index archived spaces.", + "title": "CrawlArchivedSpaces", + "type": "boolean" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "CrawlPersonalSpaces": { + "markdownDescription": "`TRUE` to index personal spaces. You can add restrictions to items in personal spaces. If personal spaces are indexed, queries without user context information may return restricted items from a personal space in their results. For more information, see [Filtering on user context](https://docs.aws.amazon.com/kendra/latest/dg/user-context-filter.html) .", + "title": "CrawlPersonalSpaces", + "type": "boolean" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ExcludeSpaces": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of space keys of Confluence spaces. If you include a key, the blogs, documents, and attachments in the space are not indexed. If a space is in both the `ExcludeSpaces` and the `IncludeSpaces` list, the space is excluded.", + "title": "ExcludeSpaces", + "type": "array" }, - "Metadata": { - "type": "object" + "IncludeSpaces": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of space keys for Confluence spaces. If you include a key, the blogs, documents, and attachments in the space are indexed. Spaces that aren't in the list aren't indexed. A space in the list must exist. Otherwise, Amazon Kendra logs an error when the data source is synchronized. If a space is in both the `IncludeSpaces` and the `ExcludeSpaces` list, the space is excluded.", + "title": "IncludeSpaces", + "type": "array" }, - "Properties": { - "additionalProperties": false, - "properties": { - "BridgeArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the bridge that you want to update.", - "title": "BridgeArn", - "type": "string" - }, - "Name": { - "markdownDescription": "The network output name. This name is used to reference the output and must be unique among outputs in this bridge.", - "title": "Name", - "type": "string" - }, - "NetworkOutput": { - "$ref": "#/definitions/AWS::MediaConnect::BridgeOutput.BridgeNetworkOutput", - "markdownDescription": "The network output of the bridge. A network output is delivered to your premises.", - "title": "NetworkOutput" - } + "SpaceFieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceSpaceToIndexFieldMapping" }, - "required": [ - "BridgeArn", - "Name", - "NetworkOutput" - ], - "type": "object" + "markdownDescription": "Maps attributes or field names of Confluence spaces to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Confluence fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Confluence data source field names must exist in your Confluence custom metadata.\n\nIf you specify the `SpaceFieldMappings` parameter, you must specify at least one field mapping.", + "title": "SpaceFieldMappings", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Kendra::DataSource.ConfluenceSpaceToIndexFieldMapping": { + "additionalProperties": false, + "properties": { + "DataSourceFieldName": { + "markdownDescription": "The name of the field in the data source.", + "title": "DataSourceFieldName", + "type": "string" }, - "Type": { - "enum": [ - "AWS::MediaConnect::BridgeOutput" - ], + "DateFieldFormat": { + "markdownDescription": "The format for date fields in the data source. If the field specified in `DataSourceFieldName` is a date field you must specify the date format. If the field is not a date field, an exception is thrown.", + "title": "DateFieldFormat", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "IndexFieldName": { + "markdownDescription": "The name of the index field to map to the Confluence data source field. The index field type must match the Confluence field type.", + "title": "IndexFieldName", "type": "string" } }, "required": [ - "Type", - "Properties" + "DataSourceFieldName", + "IndexFieldName" ], "type": "object" }, - "AWS::MediaConnect::BridgeOutput.BridgeNetworkOutput": { + "AWS::Kendra::DataSource.ConnectionConfiguration": { "additionalProperties": false, "properties": { - "IpAddress": { - "markdownDescription": "The network output IP address.", - "title": "IpAddress", + "DatabaseHost": { + "markdownDescription": "The name of the host for the database. Can be either a string (host.subdomain.domain.tld) or an IPv4 or IPv6 address.", + "title": "DatabaseHost", "type": "string" }, - "NetworkName": { - "markdownDescription": "The network output's gateway network name.", - "title": "NetworkName", + "DatabaseName": { + "markdownDescription": "The name of the database containing the document data.", + "title": "DatabaseName", "type": "string" }, - "Port": { - "markdownDescription": "The network output's port.", - "title": "Port", + "DatabasePort": { + "markdownDescription": "The port that the database uses for connections.", + "title": "DatabasePort", "type": "number" }, - "Protocol": { - "markdownDescription": "The network output protocol.\n\n> AWS Elemental MediaConnect no longer supports the Fujitsu QoS protocol. This reference is maintained for legacy purposes only.", - "title": "Protocol", + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that stores the credentials. The credentials should be a user-password pair. For more information, see [Using a Database Data Source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-database.html) . For more information about AWS Secrets Manager , see [What Is AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html) in the *AWS Secrets Manager* user guide.", + "title": "SecretArn", "type": "string" }, - "Ttl": { - "markdownDescription": "The network output TTL.", - "title": "Ttl", - "type": "number" + "TableName": { + "markdownDescription": "The name of the table that contains the document data.", + "title": "TableName", + "type": "string" } }, "required": [ - "IpAddress", - "NetworkName", - "Port", - "Protocol", - "Ttl" + "DatabaseHost", + "DatabaseName", + "DatabasePort", + "SecretArn", + "TableName" ], "type": "object" }, - "AWS::MediaConnect::BridgeSource": { + "AWS::Kendra::DataSource.CustomDocumentEnrichmentConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "InlineConfigurations": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.InlineCustomDocumentEnrichmentConfiguration" + }, + "markdownDescription": "Configuration information to alter document attributes or metadata fields and content when ingesting documents into Amazon Kendra.", + "title": "InlineConfigurations", + "type": "array" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "PostExtractionHookConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.HookConfiguration", + "markdownDescription": "Configuration information for invoking a Lambda function in AWS Lambda on the structured documents with their metadata and text extracted. You can use a Lambda function to apply advanced logic for creating, modifying, or deleting document metadata and content. For more information, see [Advanced data manipulation](https://docs.aws.amazon.com/kendra/latest/dg/custom-document-enrichment.html#advanced-data-manipulation) .", + "title": "PostExtractionHookConfiguration" + }, + "PreExtractionHookConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.HookConfiguration", + "markdownDescription": "Configuration information for invoking a Lambda function in AWS Lambda on the original or raw documents before extracting their metadata and text. You can use a Lambda function to apply advanced logic for creating, modifying, or deleting document metadata and content. For more information, see [Advanced data manipulation](https://docs.aws.amazon.com/kendra/latest/dg/custom-document-enrichment.html#advanced-data-manipulation) .", + "title": "PreExtractionHookConfiguration" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role with permission to run `PreExtractionHookConfiguration` and `PostExtractionHookConfiguration` for altering document metadata and content during the document ingestion process. For more information, see [an IAM roles for Amazon Kendra](https://docs.aws.amazon.com/kendra/latest/dg/iam-roles.html) .", + "title": "RoleArn", "type": "string" + } + }, + "type": "object" + }, + "AWS::Kendra::DataSource.DataSourceConfiguration": { + "additionalProperties": false, + "properties": { + "ConfluenceConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceConfiguration", + "markdownDescription": "Provides the configuration information to connect to Confluence as your data source.", + "title": "ConfluenceConfiguration" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "DatabaseConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DatabaseConfiguration", + "markdownDescription": "Provides the configuration information to connect to a database as your data source.", + "title": "DatabaseConfiguration" }, - "Metadata": { - "type": "object" + "GoogleDriveConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.GoogleDriveConfiguration", + "markdownDescription": "Provides the configuration information to connect to Google Drive as your data source.", + "title": "GoogleDriveConfiguration" }, - "Properties": { - "additionalProperties": false, - "properties": { - "BridgeArn": { - "markdownDescription": "The ARN of the bridge feeding this flow.", - "title": "BridgeArn", - "type": "string" - }, - "FlowSource": { - "$ref": "#/definitions/AWS::MediaConnect::BridgeSource.BridgeFlowSource", - "markdownDescription": "The source of the flow.", - "title": "FlowSource" - }, - "Name": { - "markdownDescription": "The name of the flow source. This name is used to reference the source and must be unique among sources in this bridge.", - "title": "Name", - "type": "string" - }, - "NetworkSource": { - "$ref": "#/definitions/AWS::MediaConnect::BridgeSource.BridgeNetworkSource", - "markdownDescription": "The source of the network.", - "title": "NetworkSource" - } - }, - "required": [ - "BridgeArn", - "Name" - ], - "type": "object" + "OneDriveConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.OneDriveConfiguration", + "markdownDescription": "Provides the configuration information to connect to Microsoft OneDrive as your data source.", + "title": "OneDriveConfiguration" }, - "Type": { - "enum": [ - "AWS::MediaConnect::BridgeSource" - ], + "S3Configuration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.S3DataSourceConfiguration", + "markdownDescription": "Provides the configuration information to connect to an Amazon S3 bucket as your data source.\n\n> Amazon Kendra now supports an upgraded Amazon S3 connector.\n> \n> You must now use the [TemplateConfiguration](https://docs.aws.amazon.com/kendra/latest/APIReference/API_TemplateConfiguration.html) object instead of the `S3DataSourceConfiguration` object to configure your connector.\n> \n> Connectors configured using the older console and API architecture will continue to function as configured. However, you won't be able to edit or update them. If you want to edit or update your connector configuration, you must create a new connector.\n> \n> We recommended migrating your connector workflow to the upgraded version. Support for connectors configured using the older architecture is scheduled to end by June 2024.", + "title": "S3Configuration" + }, + "SalesforceConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceConfiguration", + "markdownDescription": "Provides the configuration information to connect to Salesforce as your data source.", + "title": "SalesforceConfiguration" + }, + "ServiceNowConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ServiceNowConfiguration", + "markdownDescription": "Provides the configuration information to connect to ServiceNow as your data source.", + "title": "ServiceNowConfiguration" + }, + "SharePointConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.SharePointConfiguration", + "markdownDescription": "Provides the configuration information to connect to Microsoft SharePoint as your data source.", + "title": "SharePointConfiguration" + }, + "TemplateConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.TemplateConfiguration", + "markdownDescription": "Provides a template for the configuration information to connect to your data source.", + "title": "TemplateConfiguration" + }, + "WebCrawlerConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.WebCrawlerConfiguration", + "markdownDescription": "Provides the configuration information required for Amazon Kendra Web Crawler.", + "title": "WebCrawlerConfiguration" + }, + "WorkDocsConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.WorkDocsConfiguration", + "markdownDescription": "Provides the configuration information to connect to Amazon WorkDocs as your data source.", + "title": "WorkDocsConfiguration" + } + }, + "type": "object" + }, + "AWS::Kendra::DataSource.DataSourceToIndexFieldMapping": { + "additionalProperties": false, + "properties": { + "DataSourceFieldName": { + "markdownDescription": "The name of the field in the data source. You must first create the index field using the `UpdateIndex` API.", + "title": "DataSourceFieldName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DateFieldFormat": { + "markdownDescription": "The format for date fields in the data source. If the field specified in `DataSourceFieldName` is a date field, you must specify the date format. If the field is not a date field, an exception is thrown.", + "title": "DateFieldFormat", + "type": "string" + }, + "IndexFieldName": { + "markdownDescription": "The name of the index field to map to the data source field. The index field type must match the data source field type.", + "title": "IndexFieldName", "type": "string" } }, "required": [ - "Type", - "Properties" + "DataSourceFieldName", + "IndexFieldName" ], "type": "object" }, - "AWS::MediaConnect::BridgeSource.BridgeFlowSource": { + "AWS::Kendra::DataSource.DataSourceVpcConfiguration": { "additionalProperties": false, "properties": { - "FlowArn": { - "markdownDescription": "The ARN of the cloud flow used as a source of this bridge.", - "title": "FlowArn", - "type": "string" + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of identifiers of security groups within your Amazon VPC. The security groups should enable Amazon Kendra to connect to the data source.", + "title": "SecurityGroupIds", + "type": "array" }, - "FlowVpcInterfaceAttachment": { - "$ref": "#/definitions/AWS::MediaConnect::BridgeSource.VpcInterfaceAttachment", - "markdownDescription": "The name of the VPC interface attachment to use for this source.", - "title": "FlowVpcInterfaceAttachment" + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of identifiers for subnets within your Amazon VPC. The subnets should be able to connect to each other in the VPC, and they should have outgoing access to the Internet through a NAT device.", + "title": "SubnetIds", + "type": "array" } }, "required": [ - "FlowArn" + "SecurityGroupIds", + "SubnetIds" ], "type": "object" }, - "AWS::MediaConnect::BridgeSource.BridgeNetworkSource": { + "AWS::Kendra::DataSource.DatabaseConfiguration": { "additionalProperties": false, "properties": { - "MulticastIp": { - "markdownDescription": "The network source multicast IP.", - "title": "MulticastIp", - "type": "string" + "AclConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.AclConfiguration", + "markdownDescription": "Information about the database column that provides information for user context filtering.", + "title": "AclConfiguration" }, - "NetworkName": { - "markdownDescription": "The network source's gateway network name.", - "title": "NetworkName", - "type": "string" + "ColumnConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ColumnConfiguration", + "markdownDescription": "Information about where the index should get the document information from the database.", + "title": "ColumnConfiguration" }, - "Port": { - "markdownDescription": "The network source port.", - "title": "Port", - "type": "number" + "ConnectionConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ConnectionConfiguration", + "markdownDescription": "Configuration information that's required to connect to a database.", + "title": "ConnectionConfiguration" }, - "Protocol": { - "markdownDescription": "The network source protocol.\n\n> AWS Elemental MediaConnect no longer supports the Fujitsu QoS protocol. This reference is maintained for legacy purposes only.", - "title": "Protocol", + "DatabaseEngineType": { + "markdownDescription": "The type of database engine that runs the database.", + "title": "DatabaseEngineType", "type": "string" + }, + "SqlConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.SqlConfiguration", + "markdownDescription": "Provides information about how Amazon Kendra uses quote marks around SQL identifiers when querying a database data source.", + "title": "SqlConfiguration" + }, + "VpcConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceVpcConfiguration", + "markdownDescription": "Provides information for connecting to an Amazon VPC.", + "title": "VpcConfiguration" } }, "required": [ - "MulticastIp", - "NetworkName", - "Port", - "Protocol" + "ColumnConfiguration", + "ConnectionConfiguration", + "DatabaseEngineType" ], "type": "object" }, - "AWS::MediaConnect::BridgeSource.VpcInterfaceAttachment": { + "AWS::Kendra::DataSource.DocumentAttributeCondition": { "additionalProperties": false, "properties": { - "VpcInterfaceName": { - "markdownDescription": "The name of the VPC interface to use for this resource.", - "title": "VpcInterfaceName", + "ConditionDocumentAttributeKey": { + "markdownDescription": "The identifier of the document attribute used for the condition.\n\nFor example, 'Source_URI' could be an identifier for the attribute or metadata field that contains source URIs associated with the documents.\n\nAmazon Kendra currently does not support `_document_body` as an attribute key used for the condition.", + "title": "ConditionDocumentAttributeKey", + "type": "string" + }, + "ConditionOnValue": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DocumentAttributeValue", + "markdownDescription": "The value used by the operator.\n\nFor example, you can specify the value 'financial' for strings in the 'Source_URI' field that partially match or contain this value.", + "title": "ConditionOnValue" + }, + "Operator": { + "markdownDescription": "The condition operator.\n\nFor example, you can use 'Contains' to partially match a string.", + "title": "Operator", "type": "string" } }, + "required": [ + "ConditionDocumentAttributeKey", + "Operator" + ], "type": "object" }, - "AWS::MediaConnect::Flow": { + "AWS::Kendra::DataSource.DocumentAttributeTarget": { "additionalProperties": false, "properties": { - "Condition": { + "TargetDocumentAttributeKey": { + "markdownDescription": "The identifier of the target document attribute or metadata field.\n\nFor example, 'Department' could be an identifier for the target attribute or metadata field that includes the department names associated with the documents.", + "title": "TargetDocumentAttributeKey", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "TargetDocumentAttributeValue": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DocumentAttributeValue", + "markdownDescription": "The target value you want to create for the target attribute.\n\nFor example, 'Finance' could be the target value for the target attribute key 'Department'.", + "title": "TargetDocumentAttributeValue" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "TargetDocumentAttributeValueDeletion": { + "markdownDescription": "`TRUE` to delete the existing target value for your specified target attribute key. You cannot create a target value and set this to `TRUE` . To create a target value ( `TargetDocumentAttributeValue` ), set this to `FALSE` .", + "title": "TargetDocumentAttributeValueDeletion", + "type": "boolean" + } + }, + "required": [ + "TargetDocumentAttributeKey" + ], + "type": "object" + }, + "AWS::Kendra::DataSource.DocumentAttributeValue": { + "additionalProperties": false, + "properties": { + "DateValue": { + "markdownDescription": "A date expressed as an ISO 8601 string.\n\nIt is important for the time zone to be included in the ISO 8601 date-time format. For example, 2012-03-25T12:30:10+01:00 is the ISO 8601 date-time format for March 25th 2012 at 12:30PM (plus 10 seconds) in Central European Time.", + "title": "DateValue", + "type": "string" }, - "Metadata": { - "type": "object" + "LongValue": { + "markdownDescription": "A long integer value.", + "title": "LongValue", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AvailabilityZone": { - "markdownDescription": "The Availability Zone that you want to create the flow in. These options are limited to the Availability Zones within the current AWS Region.", - "title": "AvailabilityZone", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the flow.", - "title": "Name", - "type": "string" - }, - "Source": { - "$ref": "#/definitions/AWS::MediaConnect::Flow.Source", - "markdownDescription": "The settings for the source that you want to use for the new flow.", - "title": "Source" - }, - "SourceFailoverConfig": { - "$ref": "#/definitions/AWS::MediaConnect::Flow.FailoverConfig", - "markdownDescription": "The settings for source failover.", - "title": "SourceFailoverConfig" - } + "StringListValue": { + "items": { + "type": "string" }, - "required": [ - "Name", - "Source" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::MediaConnect::Flow" - ], - "type": "string" + "markdownDescription": "A list of strings. The default maximum length or number of strings is 10.", + "title": "StringListValue", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "StringValue": { + "markdownDescription": "A string, such as \"department\".", + "title": "StringValue", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::MediaConnect::Flow.Encryption": { + "AWS::Kendra::DataSource.DocumentsMetadataConfiguration": { "additionalProperties": false, "properties": { - "Algorithm": { - "markdownDescription": "The type of algorithm that is used for static key encryption (such as aes128, aes192, or aes256). If you are using SPEKE or SRT-password encryption, this property must be left blank.", - "title": "Algorithm", - "type": "string" - }, - "ConstantInitializationVector": { - "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, to be used with the key for encrypting content. This parameter is not valid for static key encryption.", - "title": "ConstantInitializationVector", + "S3Prefix": { + "markdownDescription": "A prefix used to filter metadata configuration files in the AWS S3 bucket. The S3 bucket might contain multiple metadata files. Use `S3Prefix` to include only the desired metadata files.", + "title": "S3Prefix", "type": "string" + } + }, + "type": "object" + }, + "AWS::Kendra::DataSource.GoogleDriveConfiguration": { + "additionalProperties": false, + "properties": { + "ExcludeMimeTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of MIME types to exclude from the index. All documents matching the specified MIME type are excluded.\n\nFor a list of MIME types, see [Using a Google Workspace Drive data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-google-drive.html) .", + "title": "ExcludeMimeTypes", + "type": "array" }, - "DeviceId": { - "markdownDescription": "The value of one of the devices that you configured with your digital rights management (DRM) platform key provider. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "DeviceId", - "type": "string" + "ExcludeSharedDrives": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of identifiers or shared drives to exclude from the index. All files and folders stored on the shared drive are excluded.", + "title": "ExcludeSharedDrives", + "type": "array" }, - "KeyType": { - "markdownDescription": "The type of key that is used for the encryption. If you don't specify a `keyType` value, the service uses the default setting ( `static-key` ). Valid key types are: `static-key` , `speke` , and `srt-password` .", - "title": "KeyType", - "type": "string" + "ExcludeUserAccounts": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of email addresses of the users. Documents owned by these users are excluded from the index. Documents shared with excluded users are indexed unless they are excluded in another way.", + "title": "ExcludeUserAccounts", + "type": "array" }, - "Region": { - "markdownDescription": "The AWS Region that the API Gateway proxy endpoint was created in. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "Region", - "type": "string" + "ExclusionPatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns to exclude certain items in your Google Drive, including shared drives and users' My Drives. Items that match the patterns are excluded from the index. Items that don't match the patterns are included in the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.", + "title": "ExclusionPatterns", + "type": "array" }, - "ResourceId": { - "markdownDescription": "An identifier for the content. The service sends this value to the key server to identify the current endpoint. The resource ID is also known as the content ID. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "ResourceId", - "type": "string" + "FieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + }, + "markdownDescription": "Maps Google Drive data source attributes or field names to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Google Drive fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Google Drive data source field names must exist in your Google Drive custom metadata.", + "title": "FieldMappings", + "type": "array" }, - "RoleArn": { - "markdownDescription": "The ARN of the role that you created during setup (when you set up MediaConnect as a trusted entity).", - "title": "RoleArn", - "type": "string" + "InclusionPatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns to include certain items in your Google Drive, including shared drives and users' My Drives. Items that match the patterns are included in the index. Items that don't match the patterns are excluded from the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.", + "title": "InclusionPatterns", + "type": "array" }, "SecretArn": { - "markdownDescription": "The ARN of the secret that you created in AWS Secrets Manager to store the encryption key. This parameter is required for static key encryption and is not valid for SPEKE encryption.", + "markdownDescription": "The Amazon Resource Name (ARN) of a AWS Secrets Manager secret that contains the credentials required to connect to Google Drive. For more information, see [Using a Google Workspace Drive data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-google-drive.html) .", "title": "SecretArn", "type": "string" - }, - "Url": { - "markdownDescription": "The URL from the API Gateway proxy that you set up to talk to your key server. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "Url", - "type": "string" } }, "required": [ - "RoleArn" + "SecretArn" ], "type": "object" }, - "AWS::MediaConnect::Flow.FailoverConfig": { + "AWS::Kendra::DataSource.HookConfiguration": { "additionalProperties": false, "properties": { - "FailoverMode": { - "markdownDescription": "The type of failover you choose for this flow. MERGE combines the source streams into a single stream, allowing graceful recovery from any single-source loss. FAILOVER allows switching between different streams. The string for this property must be entered as MERGE or FAILOVER. No other string entry is valid.", - "title": "FailoverMode", - "type": "string" - }, - "RecoveryWindow": { - "markdownDescription": "Search window time to look for dash-7 packets.", - "title": "RecoveryWindow", - "type": "number" + "InvocationCondition": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DocumentAttributeCondition", + "markdownDescription": "The condition used for when a Lambda function should be invoked.\n\nFor example, you can specify a condition that if there are empty date-time values, then Amazon Kendra should invoke a function that inserts the current date-time.", + "title": "InvocationCondition" }, - "SourcePriority": { - "$ref": "#/definitions/AWS::MediaConnect::Flow.SourcePriority", - "markdownDescription": "The priority you want to assign to a source. You can have a primary stream and a backup stream or two equally prioritized streams.", - "title": "SourcePriority" + "LambdaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role with permission to run a Lambda function during ingestion. For more information, see [an IAM roles for Amazon Kendra](https://docs.aws.amazon.com/kendra/latest/dg/iam-roles.html) .", + "title": "LambdaArn", + "type": "string" }, - "State": { - "markdownDescription": "The state of source failover on the flow. If the state is inactive, the flow can have only one source. If the state is active, the flow can have one or two sources.", - "title": "State", + "S3Bucket": { + "markdownDescription": "Stores the original, raw documents or the structured, parsed documents before and after altering them. For more information, see [Data contracts for Lambda functions](https://docs.aws.amazon.com/kendra/latest/dg/custom-document-enrichment.html#cde-data-contracts-lambda) .", + "title": "S3Bucket", "type": "string" } }, + "required": [ + "LambdaArn", + "S3Bucket" + ], "type": "object" }, - "AWS::MediaConnect::Flow.GatewayBridgeSource": { + "AWS::Kendra::DataSource.InlineCustomDocumentEnrichmentConfiguration": { "additionalProperties": false, "properties": { - "BridgeArn": { - "markdownDescription": "The ARN of the bridge feeding this flow.", - "title": "BridgeArn", - "type": "string" + "Condition": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DocumentAttributeCondition", + "markdownDescription": "Configuration of the condition used for the target document attribute or metadata field when ingesting documents into Amazon Kendra.", + "title": "Condition" }, - "VpcInterfaceAttachment": { - "$ref": "#/definitions/AWS::MediaConnect::Flow.VpcInterfaceAttachment", - "markdownDescription": "The name of the VPC interface attachment to use for this bridge source.", - "title": "VpcInterfaceAttachment" + "DocumentContentDeletion": { + "markdownDescription": "`TRUE` to delete content if the condition used for the target attribute is met.", + "title": "DocumentContentDeletion", + "type": "boolean" + }, + "Target": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DocumentAttributeTarget", + "markdownDescription": "Configuration of the target document attribute or metadata field when ingesting documents into Amazon Kendra. You can also include a value.", + "title": "Target" } }, - "required": [ - "BridgeArn" - ], "type": "object" }, - "AWS::MediaConnect::Flow.Source": { + "AWS::Kendra::DataSource.OneDriveConfiguration": { "additionalProperties": false, "properties": { - "Decryption": { - "$ref": "#/definitions/AWS::MediaConnect::Flow.Encryption", - "markdownDescription": "The type of encryption that is used on the content ingested from this source.", - "title": "Decryption" + "DisableLocalGroups": { + "markdownDescription": "`TRUE` to disable local groups information.", + "title": "DisableLocalGroups", + "type": "boolean" }, - "Description": { - "markdownDescription": "A description for the source. This value is not used or seen outside of the current MediaConnect account.", - "title": "Description", - "type": "string" + "ExclusionPatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns to exclude certain documents in your OneDrive. Documents that match the patterns are excluded from the index. Documents that don't match the patterns are included in the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index.\n\nThe pattern is applied to the file name.", + "title": "ExclusionPatterns", + "type": "array" }, - "EntitlementArn": { - "markdownDescription": "The ARN of the entitlement that allows you to subscribe to content that comes from another AWS account. The entitlement is set by the content originator and the ARN is generated as part of the originator's flow.", - "title": "EntitlementArn", - "type": "string" + "FieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + }, + "markdownDescription": "A list of `DataSourceToIndexFieldMapping` objects that map OneDrive data source attributes or field names to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to OneDrive fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The OneDrive data source field names must exist in your OneDrive custom metadata.", + "title": "FieldMappings", + "type": "array" }, - "GatewayBridgeSource": { - "$ref": "#/definitions/AWS::MediaConnect::Flow.GatewayBridgeSource", - "markdownDescription": "The source configuration for cloud flows receiving a stream from a bridge.", - "title": "GatewayBridgeSource" + "InclusionPatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns to include certain documents in your OneDrive. Documents that match the patterns are included in the index. Documents that don't match the patterns are excluded from the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index.\n\nThe pattern is applied to the file name.", + "title": "InclusionPatterns", + "type": "array" }, - "IngestIp": { - "markdownDescription": "The IP address that the flow will be listening on for incoming content.", - "title": "IngestIp", - "type": "string" + "OneDriveUsers": { + "$ref": "#/definitions/AWS::Kendra::DataSource.OneDriveUsers", + "markdownDescription": "A list of user accounts whose documents should be indexed.", + "title": "OneDriveUsers" }, - "IngestPort": { - "markdownDescription": "The port that the flow will be listening on for incoming content.", - "title": "IngestPort", - "type": "number" + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that contains the user name and password to connect to OneDrive. The user name should be the application ID for the OneDrive application, and the password is the application key for the OneDrive application.", + "title": "SecretArn", + "type": "string" }, - "MaxBitrate": { - "markdownDescription": "The maximum bitrate for RIST, RTP, and RTP-FEC streams.", - "title": "MaxBitrate", - "type": "number" + "TenantDomain": { + "markdownDescription": "The Azure Active Directory domain of the organization.", + "title": "TenantDomain", + "type": "string" + } + }, + "required": [ + "OneDriveUsers", + "SecretArn", + "TenantDomain" + ], + "type": "object" + }, + "AWS::Kendra::DataSource.OneDriveUsers": { + "additionalProperties": false, + "properties": { + "OneDriveUserList": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of users whose documents should be indexed. Specify the user names in email format, for example, `username@tenantdomain` . If you need to index the documents of more than 10 users, use the `OneDriveUserS3Path` field to specify the location of a file containing a list of users.", + "title": "OneDriveUserList", + "type": "array" }, - "MaxLatency": { - "markdownDescription": "The maximum latency in milliseconds for a RIST or Zixi-based source.", - "title": "MaxLatency", - "type": "number" + "OneDriveUserS3Path": { + "$ref": "#/definitions/AWS::Kendra::DataSource.S3Path", + "markdownDescription": "The S3 bucket location of a file containing a list of users whose documents should be indexed.", + "title": "OneDriveUserS3Path" + } + }, + "type": "object" + }, + "AWS::Kendra::DataSource.ProxyConfiguration": { + "additionalProperties": false, + "properties": { + "Credentials": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret. You create a secret to store your credentials in [AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html)\n\nThe credentials are optional. You use a secret if web proxy credentials are required to connect to a website host. Amazon Kendra currently support basic authentication to connect to a web proxy server. The secret stores your credentials.", + "title": "Credentials", + "type": "string" }, - "MinLatency": { - "markdownDescription": "The minimum latency in milliseconds for SRT-based streams. In streams that use the SRT protocol, this value that you set on your MediaConnect source or output represents the minimal potential latency of that connection. The latency of the stream is set to the highest number between the sender\u2019s minimum latency and the receiver\u2019s minimum latency.", - "title": "MinLatency", + "Host": { + "markdownDescription": "The name of the website host you want to connect to via a web proxy server.\n\nFor example, the host name of https://a.example.com/page1.html is \"a.example.com\".", + "title": "Host", + "type": "string" + }, + "Port": { + "markdownDescription": "The port number of the website host you want to connect to via a web proxy server.\n\nFor example, the port for https://a.example.com/page1.html is 443, the standard port for HTTPS.", + "title": "Port", "type": "number" + } + }, + "required": [ + "Host", + "Port" + ], + "type": "object" + }, + "AWS::Kendra::DataSource.S3DataSourceConfiguration": { + "additionalProperties": false, + "properties": { + "AccessControlListConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.AccessControlListConfiguration", + "markdownDescription": "Provides the path to the S3 bucket that contains the user context filtering files for the data source. For the format of the file, see [Access control for S3 data sources](https://docs.aws.amazon.com/kendra/latest/dg/s3-acl.html) .", + "title": "AccessControlListConfiguration" + }, + "BucketName": { + "markdownDescription": "The name of the bucket that contains the documents.", + "title": "BucketName", + "type": "string" + }, + "DocumentsMetadataConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DocumentsMetadataConfiguration", + "markdownDescription": "Specifies document metadata files that contain information such as the document access control information, source URI, document author, and custom attributes. Each metadata file contains metadata about a single document.", + "title": "DocumentsMetadataConfiguration" + }, + "ExclusionPatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of glob patterns (patterns that can expand a wildcard pattern into a list of path names that match the given pattern) for certain file names and file types to exclude from your index. If a document matches both an inclusion and exclusion prefix or pattern, the exclusion prefix takes precendence and the document is not indexed. Examples of glob patterns include:\n\n- */myapp/config/** \u2014All files inside config directory.\n- ***/*.png* \u2014All .png files in all directories.\n- ***/*.{png, ico, md}* \u2014All .png, .ico or .md files in all directories.\n- */myapp/src/**/*.ts* \u2014All .ts files inside src directory (and all its subdirectories).\n- ***/!(*.module).ts* \u2014All .ts files but not .module.ts\n- **.png , *.jpg* \u2014All PNG and JPEG image files in a directory (files with the extensions .png and .jpg).\n- **internal** \u2014All files in a directory that contain 'internal' in the file name, such as 'internal', 'internal_only', 'company_internal'.\n- ***/*internal** \u2014All internal-related files in a directory and its subdirectories.\n\nFor more examples, see [Use of Exclude and Include Filters](https://docs.aws.amazon.com/cli/latest/reference/s3/#use-of-exclude-and-include-filters) in the AWS CLI Command Reference.", + "title": "ExclusionPatterns", + "type": "array" + }, + "InclusionPatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of glob patterns (patterns that can expand a wildcard pattern into a list of path names that match the given pattern) for certain file names and file types to include in your index. If a document matches both an inclusion and exclusion prefix or pattern, the exclusion prefix takes precendence and the document is not indexed. Examples of glob patterns include:\n\n- */myapp/config/** \u2014All files inside config directory.\n- ***/*.png* \u2014All .png files in all directories.\n- ***/*.{png, ico, md}* \u2014All .png, .ico or .md files in all directories.\n- */myapp/src/**/*.ts* \u2014All .ts files inside src directory (and all its subdirectories).\n- ***/!(*.module).ts* \u2014All .ts files but not .module.ts\n- **.png , *.jpg* \u2014All PNG and JPEG image files in a directory (files with the extensions .png and .jpg).\n- **internal** \u2014All files in a directory that contain 'internal' in the file name, such as 'internal', 'internal_only', 'company_internal'.\n- ***/*internal** \u2014All internal-related files in a directory and its subdirectories.\n\nFor more examples, see [Use of Exclude and Include Filters](https://docs.aws.amazon.com/cli/latest/reference/s3/#use-of-exclude-and-include-filters) in the AWS CLI Command Reference.", + "title": "InclusionPatterns", + "type": "array" + }, + "InclusionPrefixes": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of S3 prefixes for the documents that should be included in the index.", + "title": "InclusionPrefixes", + "type": "array" + } + }, + "required": [ + "BucketName" + ], + "type": "object" + }, + "AWS::Kendra::DataSource.S3Path": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The name of the S3 bucket that contains the file.", + "title": "Bucket", + "type": "string" + }, + "Key": { + "markdownDescription": "The name of the file.", + "title": "Key", + "type": "string" + } + }, + "required": [ + "Bucket", + "Key" + ], + "type": "object" + }, + "AWS::Kendra::DataSource.SalesforceChatterFeedConfiguration": { + "additionalProperties": false, + "properties": { + "DocumentDataFieldName": { + "markdownDescription": "The name of the column in the Salesforce FeedItem table that contains the content to index. Typically this is the `Body` column.", + "title": "DocumentDataFieldName", + "type": "string" + }, + "DocumentTitleFieldName": { + "markdownDescription": "The name of the column in the Salesforce FeedItem table that contains the title of the document. This is typically the `Title` column.", + "title": "DocumentTitleFieldName", + "type": "string" + }, + "FieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + }, + "markdownDescription": "Maps fields from a Salesforce chatter feed into Amazon Kendra index fields.", + "title": "FieldMappings", + "type": "array" + }, + "IncludeFilterTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "Filters the documents in the feed based on status of the user. When you specify `ACTIVE_USERS` only documents from users who have an active account are indexed. When you specify `STANDARD_USER` only documents for Salesforce standard users are documented. You can specify both.", + "title": "IncludeFilterTypes", + "type": "array" + } + }, + "required": [ + "DocumentDataFieldName" + ], + "type": "object" + }, + "AWS::Kendra::DataSource.SalesforceConfiguration": { + "additionalProperties": false, + "properties": { + "ChatterFeedConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceChatterFeedConfiguration", + "markdownDescription": "Configuration information for Salesforce chatter feeds.", + "title": "ChatterFeedConfiguration" + }, + "CrawlAttachments": { + "markdownDescription": "Indicates whether Amazon Kendra should index attachments to Salesforce objects.", + "title": "CrawlAttachments", + "type": "boolean" + }, + "ExcludeAttachmentFilePatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns to exclude certain documents in your Salesforce. Documents that match the patterns are excluded from the index. Documents that don't match the patterns are included in the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index.\n\nThe pattern is applied to the name of the attached file.", + "title": "ExcludeAttachmentFilePatterns", + "type": "array" + }, + "IncludeAttachmentFilePatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns to include certain documents in your Salesforce. Documents that match the patterns are included in the index. Documents that don't match the patterns are excluded from the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index.\n\nThe pattern is applied to the name of the attached file.", + "title": "IncludeAttachmentFilePatterns", + "type": "array" + }, + "KnowledgeArticleConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceKnowledgeArticleConfiguration", + "markdownDescription": "Configuration information for the knowledge article types that Amazon Kendra indexes. Amazon Kendra indexes standard knowledge articles and the standard fields of knowledge articles, or the custom fields of custom knowledge articles, but not both.", + "title": "KnowledgeArticleConfiguration" + }, + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that contains the key/value pairs required to connect to your Salesforce instance. The secret must contain a JSON structure with the following keys:\n\n- authenticationUrl - The OAUTH endpoint that Amazon Kendra connects to get an OAUTH token.\n- consumerKey - The application public key generated when you created your Salesforce application.\n- consumerSecret - The application private key generated when you created your Salesforce application.\n- password - The password associated with the user logging in to the Salesforce instance.\n- securityToken - The token associated with the user logging in to the Salesforce instance.\n- username - The user name of the user logging in to the Salesforce instance.", + "title": "SecretArn", + "type": "string" + }, + "ServerUrl": { + "markdownDescription": "The instance URL for the Salesforce site that you want to index.", + "title": "ServerUrl", + "type": "string" + }, + "StandardObjectAttachmentConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceStandardObjectAttachmentConfiguration", + "markdownDescription": "Configuration information for processing attachments to Salesforce standard objects.", + "title": "StandardObjectAttachmentConfiguration" + }, + "StandardObjectConfigurations": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceStandardObjectConfiguration" + }, + "markdownDescription": "Configuration of the Salesforce standard objects that Amazon Kendra indexes.", + "title": "StandardObjectConfigurations", + "type": "array" + } + }, + "required": [ + "SecretArn", + "ServerUrl" + ], + "type": "object" + }, + "AWS::Kendra::DataSource.SalesforceCustomKnowledgeArticleTypeConfiguration": { + "additionalProperties": false, + "properties": { + "DocumentDataFieldName": { + "markdownDescription": "The name of the field in the custom knowledge article that contains the document data to index.", + "title": "DocumentDataFieldName", + "type": "string" + }, + "DocumentTitleFieldName": { + "markdownDescription": "The name of the field in the custom knowledge article that contains the document title.", + "title": "DocumentTitleFieldName", + "type": "string" + }, + "FieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + }, + "markdownDescription": "Maps attributes or field names of the custom knowledge article to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Salesforce fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Salesforce data source field names must exist in your Salesforce custom metadata.", + "title": "FieldMappings", + "type": "array" }, "Name": { - "markdownDescription": "The name of the source.", + "markdownDescription": "The name of the configuration.", "title": "Name", "type": "string" + } + }, + "required": [ + "DocumentDataFieldName", + "Name" + ], + "type": "object" + }, + "AWS::Kendra::DataSource.SalesforceKnowledgeArticleConfiguration": { + "additionalProperties": false, + "properties": { + "CustomKnowledgeArticleTypeConfigurations": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceCustomKnowledgeArticleTypeConfiguration" + }, + "markdownDescription": "Configuration information for custom Salesforce knowledge articles.", + "title": "CustomKnowledgeArticleTypeConfigurations", + "type": "array" + }, + "IncludedStates": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the document states that should be included when Amazon Kendra indexes knowledge articles. You must specify at least one state.", + "title": "IncludedStates", + "type": "array" + }, + "StandardKnowledgeArticleTypeConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceStandardKnowledgeArticleTypeConfiguration", + "markdownDescription": "Configuration information for standard Salesforce knowledge articles.", + "title": "StandardKnowledgeArticleTypeConfiguration" + } + }, + "required": [ + "IncludedStates" + ], + "type": "object" + }, + "AWS::Kendra::DataSource.SalesforceStandardKnowledgeArticleTypeConfiguration": { + "additionalProperties": false, + "properties": { + "DocumentDataFieldName": { + "markdownDescription": "The name of the field that contains the document data to index.", + "title": "DocumentDataFieldName", + "type": "string" }, - "Protocol": { - "markdownDescription": "The protocol that is used by the source. AWS CloudFormation does not currently support CDI or ST 2110 JPEG XS source protocols.\n\n> AWS Elemental MediaConnect no longer supports the Fujitsu QoS protocol. This reference is maintained for legacy purposes only.", - "title": "Protocol", + "DocumentTitleFieldName": { + "markdownDescription": "The name of the field that contains the document title.", + "title": "DocumentTitleFieldName", "type": "string" }, - "SenderControlPort": { - "markdownDescription": "The port that the flow uses to send outbound requests to initiate connection with the sender.", - "title": "SenderControlPort", - "type": "number" + "FieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + }, + "markdownDescription": "Maps attributes or field names of the knowledge article to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Salesforce fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Salesforce data source field names must exist in your Salesforce custom metadata.", + "title": "FieldMappings", + "type": "array" + } + }, + "required": [ + "DocumentDataFieldName" + ], + "type": "object" + }, + "AWS::Kendra::DataSource.SalesforceStandardObjectAttachmentConfiguration": { + "additionalProperties": false, + "properties": { + "DocumentTitleFieldName": { + "markdownDescription": "The name of the field used for the document title.", + "title": "DocumentTitleFieldName", + "type": "string" }, - "SenderIpAddress": { - "markdownDescription": "The IP address that the flow communicates with to initiate connection with the sender.", - "title": "SenderIpAddress", + "FieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + }, + "markdownDescription": "One or more objects that map fields in attachments to Amazon Kendra index fields.", + "title": "FieldMappings", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Kendra::DataSource.SalesforceStandardObjectConfiguration": { + "additionalProperties": false, + "properties": { + "DocumentDataFieldName": { + "markdownDescription": "The name of the field in the standard object table that contains the document contents.", + "title": "DocumentDataFieldName", "type": "string" }, - "SourceArn": { - "markdownDescription": "The ARN of the source.", - "title": "SourceArn", + "DocumentTitleFieldName": { + "markdownDescription": "The name of the field in the standard object table that contains the document title.", + "title": "DocumentTitleFieldName", "type": "string" }, - "SourceIngestPort": { - "markdownDescription": "The port that the flow listens on for incoming content. If the protocol of the source is Zixi, the port must be set to 2088.", - "title": "SourceIngestPort", + "FieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + }, + "markdownDescription": "Maps attributes or field names of the standard object to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Salesforce fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Salesforce data source field names must exist in your Salesforce custom metadata.", + "title": "FieldMappings", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the standard object.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "DocumentDataFieldName", + "Name" + ], + "type": "object" + }, + "AWS::Kendra::DataSource.ServiceNowConfiguration": { + "additionalProperties": false, + "properties": { + "AuthenticationType": { + "markdownDescription": "The type of authentication used to connect to the ServiceNow instance. If you choose `HTTP_BASIC` , Amazon Kendra is authenticated using the user name and password provided in the AWS Secrets Manager secret in the `SecretArn` field. If you choose `OAUTH2` , Amazon Kendra is authenticated using the credentials of client ID, client secret, user name and password.\n\nWhen you use `OAUTH2` authentication, you must generate a token and a client secret using the ServiceNow console. For more information, see [Using a ServiceNow data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-servicenow.html) .", + "title": "AuthenticationType", "type": "string" }, - "SourceListenerAddress": { - "markdownDescription": "Source IP or domain name for SRT-caller protocol.", - "title": "SourceListenerAddress", + "HostUrl": { + "markdownDescription": "The ServiceNow instance that the data source connects to. The host endpoint should look like the following: *{instance}.service-now.com.*", + "title": "HostUrl", "type": "string" }, - "SourceListenerPort": { - "markdownDescription": "Source port for SRT-caller protocol.", - "title": "SourceListenerPort", - "type": "number" + "KnowledgeArticleConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ServiceNowKnowledgeArticleConfiguration", + "markdownDescription": "Configuration information for crawling knowledge articles in the ServiceNow site.", + "title": "KnowledgeArticleConfiguration" }, - "StreamId": { - "markdownDescription": "The stream ID that you want to use for the transport. This parameter applies only to Zixi-based streams.", - "title": "StreamId", + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Secrets Manager secret that contains the user name and password required to connect to the ServiceNow instance. You can also provide OAuth authentication credentials of user name, password, client ID, and client secret. For more information, see [Using a ServiceNow data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-servicenow.html) .", + "title": "SecretArn", "type": "string" }, - "VpcInterfaceName": { - "markdownDescription": "The name of the VPC interface that is used for this source.", - "title": "VpcInterfaceName", + "ServiceCatalogConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ServiceNowServiceCatalogConfiguration", + "markdownDescription": "Configuration information for crawling service catalogs in the ServiceNow site.", + "title": "ServiceCatalogConfiguration" + }, + "ServiceNowBuildVersion": { + "markdownDescription": "The identifier of the release that the ServiceNow host is running. If the host is not running the `LONDON` release, use `OTHERS` .", + "title": "ServiceNowBuildVersion", "type": "string" + } + }, + "required": [ + "HostUrl", + "SecretArn", + "ServiceNowBuildVersion" + ], + "type": "object" + }, + "AWS::Kendra::DataSource.ServiceNowKnowledgeArticleConfiguration": { + "additionalProperties": false, + "properties": { + "CrawlAttachments": { + "markdownDescription": "`TRUE` to index attachments to knowledge articles.", + "title": "CrawlAttachments", + "type": "boolean" }, - "WhitelistCidr": { - "markdownDescription": "The range of IP addresses that should be allowed to contribute content to your source. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16.", - "title": "WhitelistCidr", + "DocumentDataFieldName": { + "markdownDescription": "The name of the ServiceNow field that is mapped to the index document contents field in the Amazon Kendra index.", + "title": "DocumentDataFieldName", + "type": "string" + }, + "DocumentTitleFieldName": { + "markdownDescription": "The name of the ServiceNow field that is mapped to the index document title field.", + "title": "DocumentTitleFieldName", + "type": "string" + }, + "ExcludeAttachmentFilePatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns applied to exclude certain knowledge article attachments. Attachments that match the patterns are excluded from the index. Items that don't match the patterns are included in the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.", + "title": "ExcludeAttachmentFilePatterns", + "type": "array" + }, + "FieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + }, + "markdownDescription": "Maps attributes or field names of knoweldge articles to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to ServiceNow fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The ServiceNow data source field names must exist in your ServiceNow custom metadata.", + "title": "FieldMappings", + "type": "array" + }, + "FilterQuery": { + "markdownDescription": "A query that selects the knowledge articles to index. The query can return articles from multiple knowledge bases, and the knowledge bases can be public or private.\n\nThe query string must be one generated by the ServiceNow console. For more information, see [Specifying documents to index with a query](https://docs.aws.amazon.com/kendra/latest/dg/servicenow-query.html) .", + "title": "FilterQuery", "type": "string" + }, + "IncludeAttachmentFilePatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns applied to include knowledge article attachments. Attachments that match the patterns are included in the index. Items that don't match the patterns are excluded from the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.", + "title": "IncludeAttachmentFilePatterns", + "type": "array" } }, + "required": [ + "DocumentDataFieldName" + ], "type": "object" }, - "AWS::MediaConnect::Flow.SourcePriority": { + "AWS::Kendra::DataSource.ServiceNowServiceCatalogConfiguration": { "additionalProperties": false, "properties": { - "PrimarySource": { - "markdownDescription": "The name of the source you choose as the primary source for this flow.", - "title": "PrimarySource", + "CrawlAttachments": { + "markdownDescription": "`TRUE` to index attachments to service catalog items.", + "title": "CrawlAttachments", + "type": "boolean" + }, + "DocumentDataFieldName": { + "markdownDescription": "The name of the ServiceNow field that is mapped to the index document contents field in the Amazon Kendra index.", + "title": "DocumentDataFieldName", + "type": "string" + }, + "DocumentTitleFieldName": { + "markdownDescription": "The name of the ServiceNow field that is mapped to the index document title field.", + "title": "DocumentTitleFieldName", + "type": "string" + }, + "ExcludeAttachmentFilePatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns to exclude certain attachments of catalogs in your ServiceNow. Item that match the patterns are excluded from the index. Items that don't match the patterns are included in the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.\n\nThe regex is applied to the file name of the attachment.", + "title": "ExcludeAttachmentFilePatterns", + "type": "array" + }, + "FieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + }, + "markdownDescription": "Maps attributes or field names of catalogs to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to ServiceNow fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The ServiceNow data source field names must exist in your ServiceNow custom metadata.", + "title": "FieldMappings", + "type": "array" + }, + "IncludeAttachmentFilePatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns to include certain attachments of catalogs in your ServiceNow. Item that match the patterns are included in the index. Items that don't match the patterns are excluded from the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.\n\nThe regex is applied to the file name of the attachment.", + "title": "IncludeAttachmentFilePatterns", + "type": "array" + } + }, + "required": [ + "DocumentDataFieldName" + ], + "type": "object" + }, + "AWS::Kendra::DataSource.SharePointConfiguration": { + "additionalProperties": false, + "properties": { + "CrawlAttachments": { + "markdownDescription": "`TRUE` to index document attachments.", + "title": "CrawlAttachments", + "type": "boolean" + }, + "DisableLocalGroups": { + "markdownDescription": "`TRUE` to disable local groups information.", + "title": "DisableLocalGroups", + "type": "boolean" + }, + "DocumentTitleFieldName": { + "markdownDescription": "The Microsoft SharePoint attribute field that contains the title of the document.", + "title": "DocumentTitleFieldName", + "type": "string" + }, + "ExclusionPatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns. Documents that match the patterns are excluded from the index. Documents that don't match the patterns are included in the index. If a document matches both an exclusion pattern and an inclusion pattern, the document is not included in the index.\n\nThe regex is applied to the display URL of the SharePoint document.", + "title": "ExclusionPatterns", + "type": "array" + }, + "FieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + }, + "markdownDescription": "A list of `DataSourceToIndexFieldMapping` objects that map Microsoft SharePoint attributes or fields to Amazon Kendra index fields. You must first create the index fields using the [UpdateIndex](https://docs.aws.amazon.com/kendra/latest/dg/API_UpdateIndex.html) operation before you map SharePoint attributes. For more information, see [Mapping Data Source Fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) .", + "title": "FieldMappings", + "type": "array" + }, + "InclusionPatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns to include certain documents in your SharePoint. Documents that match the patterns are included in the index. Documents that don't match the patterns are excluded from the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index.\n\nThe regex applies to the display URL of the SharePoint document.", + "title": "InclusionPatterns", + "type": "array" + }, + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that contains the user name and password required to connect to the SharePoint instance. For more information, see [Microsoft SharePoint](https://docs.aws.amazon.com/kendra/latest/dg/data-source-sharepoint.html) .", + "title": "SecretArn", + "type": "string" + }, + "SharePointVersion": { + "markdownDescription": "The version of Microsoft SharePoint that you use.", + "title": "SharePointVersion", "type": "string" + }, + "SslCertificateS3Path": { + "$ref": "#/definitions/AWS::Kendra::DataSource.S3Path", + "markdownDescription": "Information required to find a specific file in an Amazon S3 bucket.", + "title": "SslCertificateS3Path" + }, + "Urls": { + "items": { + "type": "string" + }, + "markdownDescription": "The Microsoft SharePoint site URLs for the documents you want to index.", + "title": "Urls", + "type": "array" + }, + "UseChangeLog": { + "markdownDescription": "`TRUE` to use the SharePoint change log to determine which documents require updating in the index. Depending on the change log's size, it may take longer for Amazon Kendra to use the change log than to scan all of your documents in SharePoint.", + "title": "UseChangeLog", + "type": "boolean" + }, + "VpcConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceVpcConfiguration", + "markdownDescription": "Provides information for connecting to an Amazon VPC.", + "title": "VpcConfiguration" } }, "required": [ - "PrimarySource" + "SecretArn", + "SharePointVersion", + "Urls" ], "type": "object" }, - "AWS::MediaConnect::Flow.VpcInterfaceAttachment": { + "AWS::Kendra::DataSource.SqlConfiguration": { "additionalProperties": false, "properties": { - "VpcInterfaceName": { - "markdownDescription": "The name of the VPC interface to use for this resource.", - "title": "VpcInterfaceName", + "QueryIdentifiersEnclosingOption": { + "markdownDescription": "Determines whether Amazon Kendra encloses SQL identifiers for tables and column names in double quotes (\") when making a database query. You can set the value to `DOUBLE_QUOTES` or `NONE` .\n\nBy default, Amazon Kendra passes SQL identifiers the way that they are entered into the data source configuration. It does not change the case of identifiers or enclose them in quotes.\n\nPostgreSQL internally converts uppercase characters to lower case characters in identifiers unless they are quoted. Choosing this option encloses identifiers in quotes so that PostgreSQL does not convert the character's case.\n\nFor MySQL databases, you must enable the ansi_quotes option when you set this field to `DOUBLE_QUOTES` .", + "title": "QueryIdentifiersEnclosingOption", "type": "string" } }, "type": "object" }, - "AWS::MediaConnect::FlowEntitlement": { + "AWS::Kendra::DataSource.TemplateConfiguration": { + "additionalProperties": false, + "properties": { + "Template": { + "markdownDescription": "The template schema used for the data source, where templates schemas are supported.\n\nSee [Data source template schemas](https://docs.aws.amazon.com/kendra/latest/dg/ds-schemas.html) .", + "title": "Template", + "type": "object" + } + }, + "required": [ + "Template" + ], + "type": "object" + }, + "AWS::Kendra::DataSource.WebCrawlerAuthenticationConfiguration": { + "additionalProperties": false, + "properties": { + "BasicAuthentication": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.WebCrawlerBasicAuthentication" + }, + "markdownDescription": "The list of configuration information that's required to connect to and crawl a website host using basic authentication credentials.\n\nThe list includes the name and port number of the website host.", + "title": "BasicAuthentication", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Kendra::DataSource.WebCrawlerBasicAuthentication": { + "additionalProperties": false, + "properties": { + "Credentials": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret. You create a secret to store your credentials in [AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html)\n\nYou use a secret if basic authentication credentials are required to connect to a website. The secret stores your credentials of user name and password.", + "title": "Credentials", + "type": "string" + }, + "Host": { + "markdownDescription": "The name of the website host you want to connect to using authentication credentials.\n\nFor example, the host name of https://a.example.com/page1.html is \"a.example.com\".", + "title": "Host", + "type": "string" + }, + "Port": { + "markdownDescription": "The port number of the website host you want to connect to using authentication credentials.\n\nFor example, the port for https://a.example.com/page1.html is 443, the standard port for HTTPS.", + "title": "Port", + "type": "number" + } + }, + "required": [ + "Credentials", + "Host", + "Port" + ], + "type": "object" + }, + "AWS::Kendra::DataSource.WebCrawlerConfiguration": { + "additionalProperties": false, + "properties": { + "AuthenticationConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.WebCrawlerAuthenticationConfiguration", + "markdownDescription": "Configuration information required to connect to websites using authentication.\n\nYou can connect to websites using basic authentication of user name and password. You use a secret in [AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html) to store your authentication credentials.\n\nYou must provide the website host name and port number. For example, the host name of https://a.example.com/page1.html is \"a.example.com\" and the port is 443, the standard port for HTTPS.", + "title": "AuthenticationConfiguration" + }, + "CrawlDepth": { + "markdownDescription": "The 'depth' or number of levels from the seed level to crawl. For example, the seed URL page is depth 1 and any hyperlinks on this page that are also crawled are depth 2.", + "title": "CrawlDepth", + "type": "number" + }, + "MaxContentSizePerPageInMegaBytes": { + "markdownDescription": "The maximum size (in MB) of a web page or attachment to crawl.\n\nFiles larger than this size (in MB) are skipped/not crawled.\n\nThe default maximum size of a web page or attachment is set to 50 MB.", + "title": "MaxContentSizePerPageInMegaBytes", + "type": "number" + }, + "MaxLinksPerPage": { + "markdownDescription": "The maximum number of URLs on a web page to include when crawling a website. This number is per web page.\n\nAs a website\u2019s web pages are crawled, any URLs the web pages link to are also crawled. URLs on a web page are crawled in order of appearance.\n\nThe default maximum links per page is 100.", + "title": "MaxLinksPerPage", + "type": "number" + }, + "MaxUrlsPerMinuteCrawlRate": { + "markdownDescription": "The maximum number of URLs crawled per website host per minute.\n\nA minimum of one URL is required.\n\nThe default maximum number of URLs crawled per website host per minute is 300.", + "title": "MaxUrlsPerMinuteCrawlRate", + "type": "number" + }, + "ProxyConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ProxyConfiguration", + "markdownDescription": "Configuration information required to connect to your internal websites via a web proxy.\n\nYou must provide the website host name and port number. For example, the host name of https://a.example.com/page1.html is \"a.example.com\" and the port is 443, the standard port for HTTPS.\n\nWeb proxy credentials are optional and you can use them to connect to a web proxy server that requires basic authentication. To store web proxy credentials, you use a secret in [AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html) .", + "title": "ProxyConfiguration" + }, + "UrlExclusionPatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns to exclude certain URLs to crawl. URLs that match the patterns are excluded from the index. URLs that don't match the patterns are included in the index. If a URL matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the URL file isn't included in the index.", + "title": "UrlExclusionPatterns", + "type": "array" + }, + "UrlInclusionPatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns to include certain URLs to crawl. URLs that match the patterns are included in the index. URLs that don't match the patterns are excluded from the index. If a URL matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the URL file isn't included in the index.", + "title": "UrlInclusionPatterns", + "type": "array" + }, + "Urls": { + "$ref": "#/definitions/AWS::Kendra::DataSource.WebCrawlerUrls", + "markdownDescription": "Specifies the seed or starting point URLs of the websites or the sitemap URLs of the websites you want to crawl.\n\nYou can include website subdomains. You can list up to 100 seed URLs and up to three sitemap URLs.\n\nYou can only crawl websites that use the secure communication protocol, Hypertext Transfer Protocol Secure (HTTPS). If you receive an error when crawling a website, it could be that the website is blocked from crawling.\n\n*When selecting websites to index, you must adhere to the [Amazon Acceptable Use Policy](https://docs.aws.amazon.com/aup/) and all other Amazon terms. Remember that you must only use Amazon Kendra Web Crawler to index your own webpages, or webpages that you have authorization to index.*", + "title": "Urls" + } + }, + "required": [ + "Urls" + ], + "type": "object" + }, + "AWS::Kendra::DataSource.WebCrawlerSeedUrlConfiguration": { + "additionalProperties": false, + "properties": { + "SeedUrls": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of seed or starting point URLs of the websites you want to crawl.\n\nThe list can include a maximum of 100 seed URLs.", + "title": "SeedUrls", + "type": "array" + }, + "WebCrawlerMode": { + "markdownDescription": "You can choose one of the following modes:\n\n- `HOST_ONLY` \u2014crawl only the website host names. For example, if the seed URL is \"abc.example.com\", then only URLs with host name \"abc.example.com\" are crawled.\n- `SUBDOMAINS` \u2014crawl the website host names with subdomains. For example, if the seed URL is \"abc.example.com\", then \"a.abc.example.com\" and \"b.abc.example.com\" are also crawled.\n- `EVERYTHING` \u2014crawl the website host names with subdomains and other domains that the web pages link to.\n\nThe default mode is set to `HOST_ONLY` .", + "title": "WebCrawlerMode", + "type": "string" + } + }, + "required": [ + "SeedUrls" + ], + "type": "object" + }, + "AWS::Kendra::DataSource.WebCrawlerSiteMapsConfiguration": { + "additionalProperties": false, + "properties": { + "SiteMaps": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of sitemap URLs of the websites you want to crawl.\n\nThe list can include a maximum of three sitemap URLs.", + "title": "SiteMaps", + "type": "array" + } + }, + "required": [ + "SiteMaps" + ], + "type": "object" + }, + "AWS::Kendra::DataSource.WebCrawlerUrls": { + "additionalProperties": false, + "properties": { + "SeedUrlConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.WebCrawlerSeedUrlConfiguration", + "markdownDescription": "Configuration of the seed or starting point URLs of the websites you want to crawl.\n\nYou can choose to crawl only the website host names, or the website host names with subdomains, or the website host names with subdomains and other domains that the web pages link to.\n\nYou can list up to 100 seed URLs.", + "title": "SeedUrlConfiguration" + }, + "SiteMapsConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.WebCrawlerSiteMapsConfiguration", + "markdownDescription": "Configuration of the sitemap URLs of the websites you want to crawl.\n\nOnly URLs belonging to the same website host names are crawled. You can list up to three sitemap URLs.", + "title": "SiteMapsConfiguration" + } + }, + "type": "object" + }, + "AWS::Kendra::DataSource.WorkDocsConfiguration": { + "additionalProperties": false, + "properties": { + "CrawlComments": { + "markdownDescription": "`TRUE` to include comments on documents in your index. Including comments in your index means each comment is a document that can be searched on.\n\nThe default is set to `FALSE` .", + "title": "CrawlComments", + "type": "boolean" + }, + "ExclusionPatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns to exclude certain files in your Amazon WorkDocs site repository. Files that match the patterns are excluded from the index. Files that don\u2019t match the patterns are included in the index. If a file matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the file isn't included in the index.", + "title": "ExclusionPatterns", + "type": "array" + }, + "FieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + }, + "markdownDescription": "A list of `DataSourceToIndexFieldMapping` objects that map Amazon WorkDocs data source attributes or field names to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Amazon WorkDocs fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Amazon WorkDocs data source field names must exist in your Amazon WorkDocs custom metadata.", + "title": "FieldMappings", + "type": "array" + }, + "InclusionPatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns to include certain files in your Amazon WorkDocs site repository. Files that match the patterns are included in the index. Files that don't match the patterns are excluded from the index. If a file matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the file isn't included in the index.", + "title": "InclusionPatterns", + "type": "array" + }, + "OrganizationId": { + "markdownDescription": "The identifier of the directory corresponding to your Amazon WorkDocs site repository.\n\nYou can find the organization ID in the [AWS Directory Service](https://docs.aws.amazon.com/directoryservicev2/) by going to *Active Directory* , then *Directories* . Your Amazon WorkDocs site directory has an ID, which is the organization ID. You can also set up a new Amazon WorkDocs directory in the AWS Directory Service console and enable a Amazon WorkDocs site for the directory in the Amazon WorkDocs console.", + "title": "OrganizationId", + "type": "string" + }, + "UseChangeLog": { + "markdownDescription": "`TRUE` to use the Amazon WorkDocs change log to determine which documents require updating in the index. Depending on the change log's size, it may take longer for Amazon Kendra to use the change log than to scan all of your documents in Amazon WorkDocs.", + "title": "UseChangeLog", + "type": "boolean" + } + }, + "required": [ + "OrganizationId" + ], + "type": "object" + }, + "AWS::Kendra::Faq": { "additionalProperties": false, "properties": { "Condition": { @@ -155346,56 +162153,61 @@ "Properties": { "additionalProperties": false, "properties": { - "DataTransferSubscriberFeePercent": { - "markdownDescription": "The percentage of the entitlement data transfer fee that you want the subscriber to be responsible for.", - "title": "DataTransferSubscriberFeePercent", - "type": "number" - }, "Description": { - "markdownDescription": "A description of the entitlement. This description appears only on the MediaConnect console and is not visible outside of the current AWS account.", + "markdownDescription": "A description for the FAQ.", "title": "Description", "type": "string" }, - "Encryption": { - "$ref": "#/definitions/AWS::MediaConnect::FlowEntitlement.Encryption", - "markdownDescription": "Information about the encryption of the flow.", - "title": "Encryption" + "FileFormat": { + "markdownDescription": "The format of the input file. You can choose between a basic CSV format, a CSV format that includes customs attributes in a header, and a JSON format that includes custom attributes.\n\nThe format must match the format of the file stored in the S3 bucket identified in the S3Path parameter.\n\nValid values are:\n\n- `CSV`\n- `CSV_WITH_HEADER`\n- `JSON`", + "title": "FileFormat", + "type": "string" }, - "EntitlementStatus": { - "markdownDescription": "An indication of whether the new entitlement should be enabled or disabled as soon as it is created. If you don\u2019t specify the entitlementStatus field in your request, MediaConnect sets it to ENABLED.", - "title": "EntitlementStatus", + "IndexId": { + "markdownDescription": "The identifier of the index that contains the FAQ.", + "title": "IndexId", "type": "string" }, - "FlowArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", - "title": "FlowArn", + "LanguageCode": { + "markdownDescription": "The code for a language. This shows a supported language for the FAQ document as part of the summary information for FAQs. English is supported by default. For more information on supported languages, including their codes, see [Adding documents in languages other than English](https://docs.aws.amazon.com/kendra/latest/dg/in-adding-languages.html) .", + "title": "LanguageCode", "type": "string" }, "Name": { - "markdownDescription": "The name of the entitlement. This value must be unique within the current flow.", + "markdownDescription": "The name that you assigned the FAQ when you created or updated the FAQ.", "title": "Name", "type": "string" }, - "Subscribers": { + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of a role with permission to access the S3 bucket that contains the FAQ.", + "title": "RoleArn", + "type": "string" + }, + "S3Path": { + "$ref": "#/definitions/AWS::Kendra::Faq.S3Path", + "markdownDescription": "The Amazon Simple Storage Service (Amazon S3) location of the FAQ input data.", + "title": "S3Path" + }, + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The AWS account IDs that you want to share your content with. The receiving accounts (subscribers) will be allowed to create their own flows using your content as the source.", - "title": "Subscribers", + "markdownDescription": "An array of key-value pairs to apply to this resource\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", "type": "array" } }, "required": [ - "Description", - "FlowArn", + "IndexId", "Name", - "Subscribers" + "RoleArn", + "S3Path" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaConnect::FlowEntitlement" + "AWS::Kendra::Faq" ], "type": "string" }, @@ -155414,62 +162226,27 @@ ], "type": "object" }, - "AWS::MediaConnect::FlowEntitlement.Encryption": { + "AWS::Kendra::Faq.S3Path": { "additionalProperties": false, "properties": { - "Algorithm": { - "markdownDescription": "The type of algorithm that is used for static key encryption (such as aes128, aes192, or aes256). If you are using SPEKE or SRT-password encryption, this property must be left blank.", - "title": "Algorithm", - "type": "string" - }, - "ConstantInitializationVector": { - "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, to be used with the key for encrypting content. This parameter is not valid for static key encryption.", - "title": "ConstantInitializationVector", - "type": "string" - }, - "DeviceId": { - "markdownDescription": "The value of one of the devices that you configured with your digital rights management (DRM) platform key provider. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "DeviceId", - "type": "string" - }, - "KeyType": { - "markdownDescription": "The type of key that is used for the encryption. If you don't specify a `keyType` value, the service uses the default setting ( `static-key` ). Valid key types are: `static-key` , `speke` , and `srt-password` .", - "title": "KeyType", - "type": "string" - }, - "Region": { - "markdownDescription": "The AWS Region that the API Gateway proxy endpoint was created in. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "Region", - "type": "string" - }, - "ResourceId": { - "markdownDescription": "An identifier for the content. The service sends this value to the key server to identify the current endpoint. The resource ID is also known as the content ID. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "ResourceId", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN of the role that you created during setup (when you set up MediaConnect as a trusted entity).", - "title": "RoleArn", - "type": "string" - }, - "SecretArn": { - "markdownDescription": "The ARN of the secret that you created in AWS Secrets Manager to store the encryption key. This parameter is required for static key encryption and is not valid for SPEKE encryption.", - "title": "SecretArn", + "Bucket": { + "markdownDescription": "The name of the S3 bucket that contains the file.", + "title": "Bucket", "type": "string" }, - "Url": { - "markdownDescription": "The URL from the API Gateway proxy that you set up to talk to your key server. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "Url", + "Key": { + "markdownDescription": "The name of the file.", + "title": "Key", "type": "string" } }, "required": [ - "Algorithm", - "RoleArn" + "Bucket", + "Key" ], "type": "object" }, - "AWS::MediaConnect::FlowOutput": { + "AWS::Kendra::Index": { "additionalProperties": false, "properties": { "Condition": { @@ -155504,89 +162281,76 @@ "Properties": { "additionalProperties": false, "properties": { - "CidrAllowList": { - "items": { - "type": "string" - }, - "markdownDescription": "The range of IP addresses that should be allowed to initiate output requests to this flow. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16.", - "title": "CidrAllowList", - "type": "array" + "CapacityUnits": { + "$ref": "#/definitions/AWS::Kendra::Index.CapacityUnitsConfiguration", + "markdownDescription": "Specifies additional capacity units configured for your Enterprise Edition index. You can add and remove capacity units to fit your usage requirements.", + "title": "CapacityUnits" }, "Description": { - "markdownDescription": "A description of the output. This description appears only on the MediaConnect console and will not be seen by the end user.", + "markdownDescription": "A description for the index.", "title": "Description", "type": "string" }, - "Destination": { - "markdownDescription": "The IP address where you want to send the output.", - "title": "Destination", - "type": "string" - }, - "Encryption": { - "$ref": "#/definitions/AWS::MediaConnect::FlowOutput.Encryption", - "markdownDescription": "The type of key used for the encryption. If no `keyType` is provided, the service will use the default setting (static-key). Allowable encryption types: static-key.", - "title": "Encryption" + "DocumentMetadataConfigurations": { + "items": { + "$ref": "#/definitions/AWS::Kendra::Index.DocumentMetadataConfiguration" + }, + "markdownDescription": "Specifies the properties of an index field. You can add either a custom or a built-in field. You can add and remove built-in fields at any time. When a built-in field is removed it's configuration reverts to the default for the field. Custom fields can't be removed from an index after they are added.", + "title": "DocumentMetadataConfigurations", + "type": "array" }, - "FlowArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the flow this output is attached to.", - "title": "FlowArn", + "Edition": { + "markdownDescription": "Indicates whether the index is a Enterprise Edition index, a Developer Edition index, or a GenAI Enterprise Edition index.", + "title": "Edition", "type": "string" }, - "MaxLatency": { - "markdownDescription": "The maximum latency in milliseconds. This parameter applies only to RIST-based and Zixi-based streams.", - "title": "MaxLatency", - "type": "number" - }, - "MinLatency": { - "markdownDescription": "The minimum latency in milliseconds for SRT-based streams. In streams that use the SRT protocol, this value that you set on your MediaConnect source or output represents the minimal potential latency of that connection. The latency of the stream is set to the highest number between the sender\u2019s minimum latency and the receiver\u2019s minimum latency.", - "title": "MinLatency", - "type": "number" - }, "Name": { - "markdownDescription": "The name of the bridge's output.", + "markdownDescription": "The name of the index.", "title": "Name", "type": "string" }, - "Port": { - "markdownDescription": "The port to use when content is distributed to this output.", - "title": "Port", - "type": "number" - }, - "Protocol": { - "markdownDescription": "The protocol to use for the output.\n\n> AWS Elemental MediaConnect no longer supports the Fujitsu QoS protocol. This reference is maintained for legacy purposes only.", - "title": "Protocol", + "RoleArn": { + "markdownDescription": "An IAM role that gives Amazon Kendra permissions to access your Amazon CloudWatch logs and metrics. This is also the role used when you use the [BatchPutDocument](https://docs.aws.amazon.com/kendra/latest/dg/BatchPutDocument.html) operation to index documents from an Amazon S3 bucket.", + "title": "RoleArn", "type": "string" }, - "RemoteId": { - "markdownDescription": "The remote ID for the Zixi-pull stream.", - "title": "RemoteId", - "type": "string" + "ServerSideEncryptionConfiguration": { + "$ref": "#/definitions/AWS::Kendra::Index.ServerSideEncryptionConfiguration", + "markdownDescription": "The identifier of the AWS KMS customer managed key (CMK) to use to encrypt data indexed by Amazon Kendra. Amazon Kendra doesn't support asymmetric CMKs.", + "title": "ServerSideEncryptionConfiguration" }, - "SmoothingLatency": { - "markdownDescription": "The smoothing latency in milliseconds for RIST, RTP, and RTP-FEC streams.", - "title": "SmoothingLatency", - "type": "number" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" }, - "StreamId": { - "markdownDescription": "The stream ID that you want to use for this transport. This parameter applies only to Zixi and SRT caller-based streams.", - "title": "StreamId", + "UserContextPolicy": { + "markdownDescription": "The user context policy.\n\nATTRIBUTE_FILTER\n\n- All indexed content is searchable and displayable for all users. If you want to filter search results on user context, you can use the attribute filters of `_user_id` and `_group_ids` or you can provide user and group information in `UserContext` .\n\nUSER_TOKEN\n\n- Enables token-based user access control to filter search results on user context. All documents with no access control and all documents accessible to the user will be searchable and displayable.", + "title": "UserContextPolicy", "type": "string" }, - "VpcInterfaceAttachment": { - "$ref": "#/definitions/AWS::MediaConnect::FlowOutput.VpcInterfaceAttachment", - "markdownDescription": "The name of the VPC interface attachment to use for this output.", - "title": "VpcInterfaceAttachment" - } - }, - "required": [ - "FlowArn", - "Protocol" + "UserTokenConfigurations": { + "items": { + "$ref": "#/definitions/AWS::Kendra::Index.UserTokenConfiguration" + }, + "markdownDescription": "Defines the type of user token used for the index.", + "title": "UserTokenConfigurations", + "type": "array" + } + }, + "required": [ + "Edition", + "Name", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaConnect::FlowOutput" + "AWS::Kendra::Index" ], "type": "string" }, @@ -155605,285 +162369,224 @@ ], "type": "object" }, - "AWS::MediaConnect::FlowOutput.Encryption": { + "AWS::Kendra::Index.CapacityUnitsConfiguration": { "additionalProperties": false, "properties": { - "Algorithm": { - "markdownDescription": "The type of algorithm that is used for static key encryption (such as aes128, aes192, or aes256). If you are using SPEKE or SRT-password encryption, this property must be left blank.", - "title": "Algorithm", - "type": "string" + "QueryCapacityUnits": { + "markdownDescription": "The amount of extra query capacity for an index and [GetQuerySuggestions](https://docs.aws.amazon.com/kendra/latest/dg/API_GetQuerySuggestions.html) capacity.\n\nA single extra capacity unit for an index provides 0.1 queries per second or approximately 8,000 queries per day. You can add up to 100 extra capacity units.\n\n`GetQuerySuggestions` capacity is five times the provisioned query capacity for an index, or the base capacity of 2.5 calls per second, whichever is higher. For example, the base capacity for an index is 0.1 queries per second, and `GetQuerySuggestions` capacity has a base of 2.5 calls per second. If you add another 0.1 queries per second to total 0.2 queries per second for an index, the `GetQuerySuggestions` capacity is 2.5 calls per second (higher than five times 0.2 queries per second).", + "title": "QueryCapacityUnits", + "type": "number" }, - "KeyType": { - "markdownDescription": "The type of key that is used for the encryption. If you don't specify a `keyType` value, the service uses the default setting ( `static-key` ). Valid key types are: `static-key` , `speke` , and `srt-password` .", - "title": "KeyType", + "StorageCapacityUnits": { + "markdownDescription": "The amount of extra storage capacity for an index. A single capacity unit provides 30 GB of storage space or 100,000 documents, whichever is reached first. You can add up to 100 extra capacity units.", + "title": "StorageCapacityUnits", + "type": "number" + } + }, + "required": [ + "QueryCapacityUnits", + "StorageCapacityUnits" + ], + "type": "object" + }, + "AWS::Kendra::Index.DocumentMetadataConfiguration": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the index field.", + "title": "Name", "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the role that you created during setup (when you set up MediaConnect as a trusted entity).", - "title": "RoleArn", - "type": "string" + "Relevance": { + "$ref": "#/definitions/AWS::Kendra::Index.Relevance", + "markdownDescription": "Provides tuning parameters to determine how the field affects the search results.", + "title": "Relevance" }, - "SecretArn": { - "markdownDescription": "The ARN of the secret that you created in AWS Secrets Manager to store the encryption key. This parameter is required for static key encryption and is not valid for SPEKE encryption.", - "title": "SecretArn", + "Search": { + "$ref": "#/definitions/AWS::Kendra::Index.Search", + "markdownDescription": "Provides information about how the field is used during a search.", + "title": "Search" + }, + "Type": { + "markdownDescription": "The data type of the index field.", + "title": "Type", "type": "string" } }, "required": [ - "RoleArn", - "SecretArn" + "Name", + "Type" ], "type": "object" }, - "AWS::MediaConnect::FlowOutput.VpcInterfaceAttachment": { + "AWS::Kendra::Index.JsonTokenTypeConfiguration": { "additionalProperties": false, "properties": { - "VpcInterfaceName": { - "markdownDescription": "The name of the VPC interface to use for this resource.", - "title": "VpcInterfaceName", + "GroupAttributeField": { + "markdownDescription": "The group attribute field.", + "title": "GroupAttributeField", + "type": "string" + }, + "UserNameAttributeField": { + "markdownDescription": "The user name attribute field.", + "title": "UserNameAttributeField", "type": "string" } }, + "required": [ + "GroupAttributeField", + "UserNameAttributeField" + ], "type": "object" }, - "AWS::MediaConnect::FlowSource": { + "AWS::Kendra::Index.JwtTokenTypeConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "ClaimRegex": { + "markdownDescription": "The regular expression that identifies the claim.", + "title": "ClaimRegex", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "GroupAttributeField": { + "markdownDescription": "The group attribute field.", + "title": "GroupAttributeField", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Issuer": { + "markdownDescription": "The issuer of the token.", + "title": "Issuer", + "type": "string" }, - "Metadata": { - "type": "object" + "KeyLocation": { + "markdownDescription": "The location of the key.", + "title": "KeyLocation", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Decryption": { - "$ref": "#/definitions/AWS::MediaConnect::FlowSource.Encryption", - "markdownDescription": "The type of encryption that is used on the content ingested from this source. Allowable encryption types: static-key.", - "title": "Decryption" - }, - "Description": { - "markdownDescription": "A description for the source. This value is not used or seen outside of the current MediaConnect account.", - "title": "Description", - "type": "string" - }, - "EntitlementArn": { - "markdownDescription": "The ARN of the entitlement that allows you to subscribe to this flow. The entitlement is set by the flow originator, and the ARN is generated as part of the originator's flow.", - "title": "EntitlementArn", - "type": "string" - }, - "FlowArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the flow this source is connected to. The flow must have Failover enabled to add an additional source.", - "title": "FlowArn", - "type": "string" - }, - "GatewayBridgeSource": { - "$ref": "#/definitions/AWS::MediaConnect::FlowSource.GatewayBridgeSource", - "markdownDescription": "The bridge's source.", - "title": "GatewayBridgeSource" - }, - "IngestPort": { - "markdownDescription": "The port that the flow listens on for incoming content. If the protocol of the source is Zixi, the port must be set to 2088.", - "title": "IngestPort", - "type": "number" - }, - "MaxBitrate": { - "markdownDescription": "The smoothing max bitrate (in bps) for RIST, RTP, and RTP-FEC streams.", - "title": "MaxBitrate", - "type": "number" - }, - "MaxLatency": { - "markdownDescription": "The maximum latency in milliseconds. This parameter applies only to RIST-based and Zixi-based streams.", - "title": "MaxLatency", - "type": "number" - }, - "MinLatency": { - "markdownDescription": "The minimum latency in milliseconds for SRT-based streams. In streams that use the SRT protocol, this value that you set on your MediaConnect source or output represents the minimal potential latency of that connection. The latency of the stream is set to the highest number between the sender\u2019s minimum latency and the receiver\u2019s minimum latency.", - "title": "MinLatency", - "type": "number" - }, - "Name": { - "markdownDescription": "The name of the source.", - "title": "Name", - "type": "string" - }, - "Protocol": { - "markdownDescription": "The protocol that the source uses to deliver the content to MediaConnect. Adding additional sources to an existing flow requires Failover to be enabled. When you enable Failover, the additional source must use the same protocol as the existing source. Only the following protocols support failover: Zixi-push, RTP-FEC, RTP, RIST and SRT protocols.\n\nIf you use failover with SRT caller or listener, the `FailoverMode` property must be set to `FAILOVER` . The `FailoverMode` property\u00a0is found in\u00a0the `FailoverConfig` resource\u00a0of the same flow ARN you used for the source's `FlowArn` property. SRT caller/listener does not support\u00a0merge\u00a0mode failover.", - "title": "Protocol", - "type": "string" - }, - "SenderControlPort": { - "markdownDescription": "The port that the flow uses to send outbound requests to initiate connection with the sender.", - "title": "SenderControlPort", - "type": "number" - }, - "SenderIpAddress": { - "markdownDescription": "The IP address that the flow communicates with to initiate connection with the sender.", - "title": "SenderIpAddress", - "type": "string" - }, - "SourceListenerAddress": { - "markdownDescription": "Source IP or domain name for SRT-caller protocol.", - "title": "SourceListenerAddress", - "type": "string" - }, - "SourceListenerPort": { - "markdownDescription": "Source port for SRT-caller protocol.", - "title": "SourceListenerPort", - "type": "number" - }, - "StreamId": { - "markdownDescription": "The stream ID that you want to use for this transport. This parameter applies only to Zixi and SRT caller-based streams.", - "title": "StreamId", - "type": "string" - }, - "VpcInterfaceName": { - "markdownDescription": "The name of the VPC interface to use for this source.", - "title": "VpcInterfaceName", - "type": "string" - }, - "WhitelistCidr": { - "markdownDescription": "The range of IP addresses that should be allowed to contribute content to your source. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16.", - "title": "WhitelistCidr", - "type": "string" - } - }, - "required": [ - "Description", - "Name" - ], - "type": "object" + "SecretManagerArn": { + "markdownDescription": "The Amazon Resource Name (arn) of the secret.", + "title": "SecretManagerArn", + "type": "string" }, - "Type": { - "enum": [ - "AWS::MediaConnect::FlowSource" - ], + "URL": { + "markdownDescription": "The signing key URL.", + "title": "URL", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "UserNameAttributeField": { + "markdownDescription": "The user name attribute field.", + "title": "UserNameAttributeField", "type": "string" } }, "required": [ - "Type", - "Properties" + "KeyLocation" ], "type": "object" }, - "AWS::MediaConnect::FlowSource.Encryption": { + "AWS::Kendra::Index.Relevance": { "additionalProperties": false, "properties": { - "Algorithm": { - "markdownDescription": "The type of algorithm that is used for static key encryption (such as aes128, aes192, or aes256). If you are using SPEKE or SRT-password encryption, this property must be left blank.", - "title": "Algorithm", - "type": "string" - }, - "ConstantInitializationVector": { - "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, to be used with the key for encrypting content. This parameter is not valid for static key encryption.", - "title": "ConstantInitializationVector", + "Duration": { + "markdownDescription": "Specifies the time period that the boost applies to. For example, to make the boost apply to documents with the field value within the last month, you would use \"2628000s\". Once the field value is beyond the specified range, the effect of the boost drops off. The higher the importance, the faster the effect drops off. If you don't specify a value, the default is 3 months. The value of the field is a numeric string followed by the character \"s\", for example \"86400s\" for one day, or \"604800s\" for one week.\n\nOnly applies to `DATE` fields.", + "title": "Duration", "type": "string" }, - "DeviceId": { - "markdownDescription": "The value of one of the devices that you configured with your digital rights management (DRM) platform key provider. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "DeviceId", - "type": "string" + "Freshness": { + "markdownDescription": "Indicates that this field determines how \"fresh\" a document is. For example, if document 1 was created on November 5, and document 2 was created on October 31, document 1 is \"fresher\" than document 2. Only applies to `DATE` fields.", + "title": "Freshness", + "type": "boolean" }, - "KeyType": { - "markdownDescription": "The type of key that is used for the encryption. If you don't specify a `keyType` value, the service uses the default setting ( `static-key` ). Valid key types are: `static-key` , `speke` , and `srt-password` .", - "title": "KeyType", - "type": "string" + "Importance": { + "markdownDescription": "The relative importance of the field in the search. Larger numbers provide more of a boost than smaller numbers.", + "title": "Importance", + "type": "number" }, - "Region": { - "markdownDescription": "The AWS Region that the API Gateway proxy endpoint was created in. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "Region", + "RankOrder": { + "markdownDescription": "Determines how values should be interpreted.\n\nWhen the `RankOrder` field is `ASCENDING` , higher numbers are better. For example, a document with a rating score of 10 is higher ranking than a document with a rating score of 1.\n\nWhen the `RankOrder` field is `DESCENDING` , lower numbers are better. For example, in a task tracking application, a priority 1 task is more important than a priority 5 task.\n\nOnly applies to `LONG` fields.", + "title": "RankOrder", "type": "string" }, - "ResourceId": { - "markdownDescription": "An identifier for the content. The service sends this value to the key server to identify the current endpoint. The resource ID is also known as the content ID. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "ResourceId", - "type": "string" + "ValueImportanceItems": { + "items": { + "$ref": "#/definitions/AWS::Kendra::Index.ValueImportanceItem" + }, + "markdownDescription": "An array of key-value pairs for different boosts when they appear in the search result list. For example, if you want to boost query terms that match the \"department\" field in the result, query terms that match this field are boosted in the result. You can add entries from the department field to boost documents with those values higher.\n\nFor example, you can add entries to the map with names of departments. If you add \"HR\", 5 and \"Legal\",3 those departments are given special attention when they appear in the metadata of a document.", + "title": "ValueImportanceItems", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Kendra::Index.Search": { + "additionalProperties": false, + "properties": { + "Displayable": { + "markdownDescription": "Determines whether the field is returned in the query response. The default is `true` .", + "title": "Displayable", + "type": "boolean" }, - "RoleArn": { - "markdownDescription": "The ARN of the role that you created during setup (when you set up MediaConnect as a trusted entity).", - "title": "RoleArn", - "type": "string" + "Facetable": { + "markdownDescription": "Indicates that the field can be used to create search facets, a count of results for each value in the field. The default is `false` .", + "title": "Facetable", + "type": "boolean" }, - "SecretArn": { - "markdownDescription": "The ARN of the secret that you created in AWS Secrets Manager to store the encryption key. This parameter is required for static key encryption and is not valid for SPEKE encryption.", - "title": "SecretArn", - "type": "string" + "Searchable": { + "markdownDescription": "Determines whether the field is used in the search. If the `Searchable` field is `true` , you can use relevance tuning to manually tune how Amazon Kendra weights the field in the search. The default is `true` for string fields and `false` for number and date fields.", + "title": "Searchable", + "type": "boolean" }, - "Url": { - "markdownDescription": "The URL from the API Gateway proxy that you set up to talk to your key server. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "Url", - "type": "string" + "Sortable": { + "markdownDescription": "Determines whether the field can be used to sort the results of a query. The default is `false` .", + "title": "Sortable", + "type": "boolean" } }, - "required": [ - "RoleArn" - ], "type": "object" }, - "AWS::MediaConnect::FlowSource.GatewayBridgeSource": { + "AWS::Kendra::Index.ServerSideEncryptionConfiguration": { "additionalProperties": false, "properties": { - "BridgeArn": { - "markdownDescription": "The ARN of the bridge feeding this flow.", - "title": "BridgeArn", + "KmsKeyId": { + "markdownDescription": "The identifier of the AWS KMS key . Amazon Kendra doesn't support asymmetric keys.", + "title": "KmsKeyId", "type": "string" + } + }, + "type": "object" + }, + "AWS::Kendra::Index.UserTokenConfiguration": { + "additionalProperties": false, + "properties": { + "JsonTokenTypeConfiguration": { + "$ref": "#/definitions/AWS::Kendra::Index.JsonTokenTypeConfiguration", + "markdownDescription": "Information about the JSON token type configuration.", + "title": "JsonTokenTypeConfiguration" }, - "VpcInterfaceAttachment": { - "$ref": "#/definitions/AWS::MediaConnect::FlowSource.VpcInterfaceAttachment", - "markdownDescription": "The name of the VPC interface attachment to use for this bridge source.", - "title": "VpcInterfaceAttachment" + "JwtTokenTypeConfiguration": { + "$ref": "#/definitions/AWS::Kendra::Index.JwtTokenTypeConfiguration", + "markdownDescription": "Information about the JWT token type configuration.", + "title": "JwtTokenTypeConfiguration" } }, - "required": [ - "BridgeArn" - ], "type": "object" }, - "AWS::MediaConnect::FlowSource.VpcInterfaceAttachment": { + "AWS::Kendra::Index.ValueImportanceItem": { "additionalProperties": false, "properties": { - "VpcInterfaceName": { - "markdownDescription": "The name of the VPC interface to use for this resource.", - "title": "VpcInterfaceName", + "Key": { + "markdownDescription": "The document metadata value used for the search boost.", + "title": "Key", "type": "string" + }, + "Value": { + "markdownDescription": "The boost value for a document when the key is part of the metadata of a document.", + "title": "Value", + "type": "number" } }, "type": "object" }, - "AWS::MediaConnect::FlowVpcInterface": { + "AWS::KendraRanking::ExecutionPlan": { "additionalProperties": false, "properties": { "Condition": { @@ -155918,47 +162621,38 @@ "Properties": { "additionalProperties": false, "properties": { - "FlowArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", - "title": "FlowArn", + "CapacityUnits": { + "$ref": "#/definitions/AWS::KendraRanking::ExecutionPlan.CapacityUnitsConfiguration", + "markdownDescription": "You can set additional capacity units to meet the needs of your rescore execution plan. You are given a single capacity unit by default. If you want to use the default capacity, you don't set additional capacity units. For more information on the default capacity and additional capacity units, see [Adjusting capacity](https://docs.aws.amazon.com/kendra/latest/dg/adjusting-capacity.html) .", + "title": "CapacityUnits" + }, + "Description": { + "markdownDescription": "A description for the rescore execution plan.", + "title": "Description", "type": "string" }, "Name": { - "markdownDescription": "The name for the VPC interface. This name must be unique within the flow.", + "markdownDescription": "A name for the rescore execution plan.", "title": "Name", "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role that you created when you set up MediaConnect as a trusted service.", - "title": "RoleArn", - "type": "string" - }, - "SecurityGroupIds": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "A virtual firewall to control inbound and outbound traffic.", - "title": "SecurityGroupIds", + "markdownDescription": "A list of key-value pairs that identify or categorize your rescore execution plan. You can also use tags to help control access to the rescore execution plan. Tag keys and values can consist of Unicode letters, digits, white space. They can also consist of underscore, period, colon, equal, plus, and asperand.", + "title": "Tags", "type": "array" - }, - "SubnetId": { - "markdownDescription": "The subnet IDs that you want to use for your VPC interface. A range of IP addresses in your VPC. When you create your VPC, you specify a range of IPv4 addresses for the VPC in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16. This is the primary CIDR block for your VPC. When you create a subnet for your VPC, you specify the CIDR block for the subnet, which is a subset of the VPC CIDR block. The subnets that you use across all VPC interfaces on the flow must be in the same Availability Zone as the flow.", - "title": "SubnetId", - "type": "string" } }, "required": [ - "FlowArn", - "Name", - "RoleArn", - "SecurityGroupIds", - "SubnetId" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaConnect::FlowVpcInterface" + "AWS::KendraRanking::ExecutionPlan" ], "type": "string" }, @@ -155977,7 +162671,21 @@ ], "type": "object" }, - "AWS::MediaConnect::Gateway": { + "AWS::KendraRanking::ExecutionPlan.CapacityUnitsConfiguration": { + "additionalProperties": false, + "properties": { + "RescoreCapacityUnits": { + "markdownDescription": "The amount of extra capacity for your rescore execution plan.\n\nA single extra capacity unit for a rescore execution plan provides 0.01 rescore requests per second. You can add up to 1000 extra capacity units.", + "title": "RescoreCapacityUnits", + "type": "number" + } + }, + "required": [ + "RescoreCapacityUnits" + ], + "type": "object" + }, + "AWS::Kinesis::ResourcePolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -156012,38 +162720,26 @@ "Properties": { "additionalProperties": false, "properties": { - "EgressCidrBlocks": { - "items": { - "type": "string" - }, - "markdownDescription": "The range of IP addresses that are allowed to contribute content or initiate output requests for flows communicating with this gateway. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16.", - "title": "EgressCidrBlocks", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the gateway. This name can not be modified after the gateway is created.", - "title": "Name", + "ResourceArn": { + "markdownDescription": "This is the name for the resource policy.", + "title": "ResourceArn", "type": "string" }, - "Networks": { - "items": { - "$ref": "#/definitions/AWS::MediaConnect::Gateway.GatewayNetwork" - }, - "markdownDescription": "The list of networks in the gateway.", - "title": "Networks", - "type": "array" + "ResourcePolicy": { + "markdownDescription": "This is the description for the resource policy.", + "title": "ResourcePolicy", + "type": "object" } }, "required": [ - "EgressCidrBlocks", - "Name", - "Networks" + "ResourceArn", + "ResourcePolicy" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaConnect::Gateway" + "AWS::Kinesis::ResourcePolicy" ], "type": "string" }, @@ -156062,27 +162758,7 @@ ], "type": "object" }, - "AWS::MediaConnect::Gateway.GatewayNetwork": { - "additionalProperties": false, - "properties": { - "CidrBlock": { - "markdownDescription": "A unique IP address range to use for this network. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16.", - "title": "CidrBlock", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the network. This name is used to reference the network and must be unique among networks in this gateway.", - "title": "Name", - "type": "string" - } - }, - "required": [ - "CidrBlock", - "Name" - ], - "type": "object" - }, - "AWS::MediaConvert::JobTemplate": { + "AWS::Kinesis::Stream": { "additionalProperties": false, "properties": { "Condition": { @@ -156117,68 +162793,53 @@ "Properties": { "additionalProperties": false, "properties": { - "AccelerationSettings": { - "$ref": "#/definitions/AWS::MediaConvert::JobTemplate.AccelerationSettings", - "markdownDescription": "Accelerated transcoding can significantly speed up jobs with long, visually complex content. Outputs that use this feature incur pro-tier pricing. For information about feature limitations, For more information, see [Job Limitations for Accelerated Transcoding in AWS Elemental MediaConvert](https://docs.aws.amazon.com/mediaconvert/latest/ug/job-requirements.html) in the *AWS Elemental MediaConvert User Guide* .", - "title": "AccelerationSettings" - }, - "Category": { - "markdownDescription": "Optional. A category for the job template you are creating", - "title": "Category", - "type": "string" - }, - "Description": { - "markdownDescription": "Optional. A description of the job template you are creating.", - "title": "Description", - "type": "string" - }, - "HopDestinations": { + "DesiredShardLevelMetrics": { "items": { - "$ref": "#/definitions/AWS::MediaConvert::JobTemplate.HopDestination" + "type": "string" }, - "markdownDescription": "Optional. Configuration for a destination queue to which the job can hop once a customer-defined minimum wait time has passed. For more information, see [Setting Up Queue Hopping to Avoid Long Waits](https://docs.aws.amazon.com/mediaconvert/latest/ug/setting-up-queue-hopping-to-avoid-long-waits.html) in the *AWS Elemental MediaConvert User Guide* .", - "title": "HopDestinations", + "markdownDescription": "A list of shard-level metrics in properties to enable enhanced monitoring mode.", + "title": "DesiredShardLevelMetrics", "type": "array" }, "Name": { - "markdownDescription": "Name of the output group", + "markdownDescription": "The name of the Kinesis stream. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the stream name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nIf you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", "title": "Name", "type": "string" }, - "Priority": { - "markdownDescription": "Specify the relative priority for this job. In any given queue, the service begins processing the job with the highest value first. When more than one job has the same priority, the service begins processing the job that you submitted first. If you don't specify a priority, the service uses the default value 0. Minimum: -50 Maximum: 50", - "title": "Priority", + "RetentionPeriodHours": { + "markdownDescription": "The number of hours for the data records that are stored in shards to remain accessible. The default value is 24. For more information about the stream retention period, see [Changing the Data Retention Period](https://docs.aws.amazon.com/streams/latest/dev/kinesis-extended-retention.html) in the Amazon Kinesis Developer Guide.", + "title": "RetentionPeriodHours", "type": "number" }, - "Queue": { - "markdownDescription": "Optional. The queue that jobs created from this template are assigned to. Specify the Amazon Resource Name (ARN) of the queue. For example, arn:aws:mediaconvert:us-west-2:505474453218:queues/Default. If you don't specify this, jobs will go to the default queue.", - "title": "Queue", - "type": "string" + "ShardCount": { + "markdownDescription": "The number of shards that the stream uses. For greater provisioned throughput, increase the number of shards.", + "title": "ShardCount", + "type": "number" }, - "SettingsJson": { - "markdownDescription": "Specify, in JSON format, the transcoding job settings for this job template. This specification must conform to the AWS Elemental MediaConvert job validation. For information about forming this specification, see the Remarks section later in this topic.\n\nFor more information about MediaConvert job templates, see [Working with AWS Elemental MediaConvert Job Templates](https://docs.aws.amazon.com/mediaconvert/latest/ug/working-with-job-templates.html) in the ** .", - "title": "SettingsJson", - "type": "object" + "StreamEncryption": { + "$ref": "#/definitions/AWS::Kinesis::Stream.StreamEncryption", + "markdownDescription": "When specified, enables or updates server-side encryption using an AWS KMS key for a specified stream. Removing this property from your stack template and updating your stack disables encryption.", + "title": "StreamEncryption" }, - "StatusUpdateInterval": { - "markdownDescription": "Specify how often MediaConvert sends STATUS_UPDATE events to Amazon CloudWatch Events. Set the interval, in seconds, between status updates. MediaConvert sends an update at this interval from the time the service begins processing your job to the time it completes the transcode or encounters an error.\n\nSpecify one of the following enums:\n\nSECONDS_10\n\nSECONDS_12\n\nSECONDS_15\n\nSECONDS_20\n\nSECONDS_30\n\nSECONDS_60\n\nSECONDS_120\n\nSECONDS_180\n\nSECONDS_240\n\nSECONDS_300\n\nSECONDS_360\n\nSECONDS_420\n\nSECONDS_480\n\nSECONDS_540\n\nSECONDS_600", - "title": "StatusUpdateInterval", - "type": "string" + "StreamModeDetails": { + "$ref": "#/definitions/AWS::Kinesis::Stream.StreamModeDetails", + "markdownDescription": "Specifies the capacity mode to which you want to set your data stream. Currently, in Kinesis Data Streams, you can choose between an *on-demand* capacity mode and a *provisioned* capacity mode for your data streams.", + "title": "StreamModeDetails" }, "Tags": { - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An arbitrary set of tags (key\u2013value pairs) to associate with the Kinesis stream. For information about constraints for this property, see [Tag Restrictions](https://docs.aws.amazon.com/streams/latest/dev/tagging.html#tagging-restrictions) in the *Amazon Kinesis Developer Guide* .", "title": "Tags", - "type": "object" + "type": "array" } }, - "required": [ - "SettingsJson" - ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaConvert::JobTemplate" + "AWS::Kinesis::Stream" ], "type": "string" }, @@ -156192,47 +162853,45 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::MediaConvert::JobTemplate.AccelerationSettings": { + "AWS::Kinesis::Stream.StreamEncryption": { "additionalProperties": false, "properties": { - "Mode": { - "markdownDescription": "Specify the conditions when the service will run your job with accelerated transcoding.", - "title": "Mode", + "EncryptionType": { + "markdownDescription": "The encryption type to use. The only valid value is `KMS` .", + "title": "EncryptionType", + "type": "string" + }, + "KeyId": { + "markdownDescription": "The GUID for the customer-managed AWS KMS key to use for encryption. This value can be a globally unique identifier, a fully specified Amazon Resource Name (ARN) to either an alias or a key, or an alias name prefixed by \"alias/\".You can also use a master key owned by Kinesis Data Streams by specifying the alias `aws/kinesis` .\n\n- Key ARN example: `arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012`\n- Alias ARN example: `arn:aws:kms:us-east-1:123456789012:alias/MyAliasName`\n- Globally unique key ID example: `12345678-1234-1234-1234-123456789012`\n- Alias name example: `alias/MyAliasName`\n- Master key owned by Kinesis Data Streams: `alias/aws/kinesis`", + "title": "KeyId", "type": "string" } }, "required": [ - "Mode" + "EncryptionType", + "KeyId" ], "type": "object" }, - "AWS::MediaConvert::JobTemplate.HopDestination": { + "AWS::Kinesis::Stream.StreamModeDetails": { "additionalProperties": false, "properties": { - "Priority": { - "markdownDescription": "Optional. When you set up a job to use queue hopping, you can specify a different relative priority for the job in the destination queue. If you don't specify, the relative priority will remain the same as in the previous queue.", - "title": "Priority", - "type": "number" - }, - "Queue": { - "markdownDescription": "Optional unless the job is submitted on the default queue. When you set up a job to use queue hopping, you can specify a destination queue. This queue cannot be the original queue to which the job is submitted. If the original queue isn't the default queue and you don't specify the destination queue, the job will move to the default queue.", - "title": "Queue", + "StreamMode": { + "markdownDescription": "Specifies the capacity mode to which you want to set your data stream. Currently, in Kinesis Data Streams, you can choose between an *on-demand* capacity mode and a *provisioned* capacity mode for your data streams.", + "title": "StreamMode", "type": "string" - }, - "WaitMinutes": { - "markdownDescription": "Required for setting up a job to use queue hopping. Minimum wait time in minutes until the job can hop to the destination queue. Valid range is 1 to 4320 minutes, inclusive.", - "title": "WaitMinutes", - "type": "number" } }, + "required": [ + "StreamMode" + ], "type": "object" }, - "AWS::MediaConvert::Preset": { + "AWS::Kinesis::StreamConsumer": { "additionalProperties": false, "properties": { "Condition": { @@ -156267,40 +162926,34 @@ "Properties": { "additionalProperties": false, "properties": { - "Category": { - "markdownDescription": "The new category for the preset, if you are changing it.", - "title": "Category", - "type": "string" - }, - "Description": { - "markdownDescription": "The new description for the preset, if you are changing it.", - "title": "Description", + "ConsumerName": { + "markdownDescription": "The name of the consumer is something you choose when you register the consumer.", + "title": "ConsumerName", "type": "string" }, - "Name": { - "markdownDescription": "The name of the preset that you are modifying.", - "title": "Name", + "StreamARN": { + "markdownDescription": "The ARN of the stream with which you registered the consumer.", + "title": "StreamARN", "type": "string" }, - "SettingsJson": { - "markdownDescription": "Specify, in JSON format, the transcoding job settings for this output preset. This specification must conform to the AWS Elemental MediaConvert job validation. For information about forming this specification, see the Remarks section later in this topic.\n\nFor more information about MediaConvert output presets, see [Working with AWS Elemental MediaConvert Output Presets](https://docs.aws.amazon.com/mediaconvert/latest/ug/working-with-presets.html) in the ** .", - "title": "SettingsJson", - "type": "object" - }, "Tags": { - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of tags to be added to a specified Kinesis resource. A tag consists of a required key and an optional value. You can specify up to 50 tag key-value pairs.", "title": "Tags", - "type": "object" + "type": "array" } }, "required": [ - "SettingsJson" + "ConsumerName", + "StreamARN" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaConvert::Preset" + "AWS::Kinesis::StreamConsumer" ], "type": "string" }, @@ -156319,7 +162972,7 @@ ], "type": "object" }, - "AWS::MediaConvert::Queue": { + "AWS::KinesisAnalytics::Application": { "additionalProperties": false, "properties": { "Condition": { @@ -156354,37 +163007,38 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "Optional. A description of the queue that you are creating.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the queue that you are creating.", - "title": "Name", + "ApplicationCode": { + "markdownDescription": "One or more SQL statements that read input data, transform it, and generate output. For example, you can write a SQL statement that reads data from one in-application stream, generates a running average of the number of advertisement clicks by vendor, and insert resulting rows in another in-application stream using pumps. For more information about the typical pattern, see [Application Code](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/how-it-works-app-code.html) .\n\nYou can provide such series of SQL statements, where output of one statement can be used as the input for the next statement. You store intermediate results by creating in-application streams and pumps.\n\nNote that the application code must create the streams with names specified in the `Outputs` . For example, if your `Outputs` defines output streams named `ExampleOutputStream1` and `ExampleOutputStream2` , then your application code must create these streams.", + "title": "ApplicationCode", "type": "string" }, - "PricingPlan": { - "markdownDescription": "When you use AWS CloudFormation , you can create only on-demand queues. Therefore, always set `PricingPlan` to the value \"ON_DEMAND\" when declaring an AWS::MediaConvert::Queue in your AWS CloudFormation template.\n\nTo create a reserved queue, use the AWS Elemental MediaConvert console at https://console.aws.amazon.com/mediaconvert to set up a contract. For more information, see [Working with AWS Elemental MediaConvert Queues](https://docs.aws.amazon.com/mediaconvert/latest/ug/working-with-queues.html) in the ** .", - "title": "PricingPlan", + "ApplicationDescription": { + "markdownDescription": "Summary description of the application.", + "title": "ApplicationDescription", "type": "string" }, - "Status": { - "markdownDescription": "Initial state of the queue. Queues can be either ACTIVE or PAUSED. If you create a paused queue, then jobs that you send to that queue won't begin.", - "title": "Status", + "ApplicationName": { + "markdownDescription": "Name of your Amazon Kinesis Analytics application (for example, `sample-app` ).", + "title": "ApplicationName", "type": "string" }, - "Tags": { - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "object" + "Inputs": { + "items": { + "$ref": "#/definitions/AWS::KinesisAnalytics::Application.Input" + }, + "markdownDescription": "Use this parameter to configure the application input.\n\nYou can configure your application to receive input from a single streaming source. In this configuration, you map this streaming source to an in-application stream that is created. Your application code can then query the in-application stream like a table (you can think of it as a constantly updating table).\n\nFor the streaming source, you provide its Amazon Resource Name (ARN) and format of data on the stream (for example, JSON, CSV, etc.). You also must provide an IAM role that Amazon Kinesis Analytics can assume to read this stream on your behalf.\n\nTo create the in-application stream, you need to specify a schema to transform your data into a schematized version used in SQL. In the schema, you provide the necessary mapping of the data elements in the streaming source to record columns in the in-app stream.", + "title": "Inputs", + "type": "array" } }, + "required": [ + "Inputs" + ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaConvert::Queue" + "AWS::KinesisAnalytics::Application" ], "type": "string" }, @@ -156398,4724 +163052,4027 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::MediaLive::Channel": { + "AWS::KinesisAnalytics::Application.CSVMappingParameters": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "CdiInputSpecification": { - "$ref": "#/definitions/AWS::MediaLive::Channel.CdiInputSpecification", - "markdownDescription": "Specification of CDI inputs for this channel.", - "title": "CdiInputSpecification" - }, - "ChannelClass": { - "markdownDescription": "The class for this channel. For a channel with two pipelines, the class is STANDARD. For a channel with one pipeline, the class is SINGLE_PIPELINE.", - "title": "ChannelClass", - "type": "string" - }, - "Destinations": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputDestination" - }, - "markdownDescription": "The settings that identify the destination for the outputs in this MediaLive output package.", - "title": "Destinations", - "type": "array" - }, - "EncoderSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.EncoderSettings", - "markdownDescription": "The encoding configuration for the output content.", - "title": "EncoderSettings" - }, - "InputAttachments": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputAttachment" - }, - "markdownDescription": "The list of input attachments for the channel.", - "title": "InputAttachments", - "type": "array" - }, - "InputSpecification": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputSpecification", - "markdownDescription": "The input specification for this channel. It specifies the key characteristics of the inputs for this channel: the maximum bitrate, the resolution, and the codec.", - "title": "InputSpecification" - }, - "LogLevel": { - "markdownDescription": "The verbosity for logging activity for this channel. Charges for logging (which are generated through Amazon CloudWatch Logging) are higher for higher verbosities.", - "title": "LogLevel", - "type": "string" - }, - "Maintenance": { - "$ref": "#/definitions/AWS::MediaLive::Channel.MaintenanceCreateSettings", - "markdownDescription": "Maintenance settings for this channel.", - "title": "Maintenance" - }, - "Name": { - "markdownDescription": "Name of channel.", - "title": "Name", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The IAM role for MediaLive to assume when running this channel. The role is identified by its ARN.", - "title": "RoleArn", - "type": "string" - }, - "Tags": { - "markdownDescription": "A collection of tags for this channel. Each tag is a key-value pair.", - "title": "Tags", - "type": "object" - }, - "Vpc": { - "$ref": "#/definitions/AWS::MediaLive::Channel.VpcOutputSettings", - "markdownDescription": "Settings to enable VPC mode in the channel, so that the endpoints for all outputs are in your VPC.", - "title": "Vpc" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::MediaLive::Channel" - ], + "RecordColumnDelimiter": { + "markdownDescription": "Column delimiter. For example, in a CSV format, a comma (\",\") is the typical column delimiter.", + "title": "RecordColumnDelimiter", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "RecordRowDelimiter": { + "markdownDescription": "Row delimiter. For example, in a CSV format, *'\\n'* is the typical row delimiter.", + "title": "RecordRowDelimiter", "type": "string" } }, "required": [ - "Type" + "RecordColumnDelimiter", + "RecordRowDelimiter" ], "type": "object" }, - "AWS::MediaLive::Channel.AacSettings": { + "AWS::KinesisAnalytics::Application.Input": { "additionalProperties": false, "properties": { - "Bitrate": { - "markdownDescription": "The average bitrate in bits/second. Valid values depend on the rate control mode and profile.", - "title": "Bitrate", - "type": "number" - }, - "CodingMode": { - "markdownDescription": "Mono, stereo, or 5.1 channel layout. Valid values depend on the rate control mode and profile. The adReceiverMix setting receives a stereo description plus control track, and emits a mono AAC encode of the description track, with control data emitted in the PES header as per ETSI TS 101 154 Annex E.", - "title": "CodingMode", - "type": "string" - }, - "InputType": { - "markdownDescription": "Set to broadcasterMixedAd when the input contains pre-mixed main audio + AD (narration) as a stereo pair. The Audio Type field (audioType) will be set to 3, which signals to downstream systems that this stream contains broadcaster mixed AD. Note that the input received by the encoder must contain pre-mixed audio; MediaLive does not perform the mixing. The values in audioTypeControl and audioType (in AudioDescription) are ignored when set to broadcasterMixedAd. Leave this set to normal when the input does not contain pre-mixed audio + AD.", - "title": "InputType", - "type": "string" - }, - "Profile": { - "markdownDescription": "The AAC profile.", - "title": "Profile", - "type": "string" + "InputParallelism": { + "$ref": "#/definitions/AWS::KinesisAnalytics::Application.InputParallelism", + "markdownDescription": "Describes the number of in-application streams to create.\n\nData from your source is routed to these in-application input streams.\n\nSee [Configuring Application Input](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/how-it-works-input.html) .", + "title": "InputParallelism" }, - "RateControlMode": { - "markdownDescription": "The rate control mode.", - "title": "RateControlMode", - "type": "string" + "InputProcessingConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalytics::Application.InputProcessingConfiguration", + "markdownDescription": "The [InputProcessingConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisanalytics-application-inputprocessingconfiguration.html) for the input. An input processor transforms records as they are received from the stream, before the application's SQL code executes. Currently, the only input processing configuration available is [InputLambdaProcessor](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisanalytics-application-inputlambdaprocessor.html) .", + "title": "InputProcessingConfiguration" }, - "RawFormat": { - "markdownDescription": "Sets the LATM/LOAS AAC output for raw containers.", - "title": "RawFormat", - "type": "string" + "InputSchema": { + "$ref": "#/definitions/AWS::KinesisAnalytics::Application.InputSchema", + "markdownDescription": "Describes the format of the data in the streaming source, and how each data element maps to corresponding columns in the in-application stream that is being created.\n\nAlso used to describe the format of the reference data source.", + "title": "InputSchema" }, - "SampleRate": { - "markdownDescription": "The sample rate in Hz. Valid values depend on the rate control mode and profile.", - "title": "SampleRate", - "type": "number" + "KinesisFirehoseInput": { + "$ref": "#/definitions/AWS::KinesisAnalytics::Application.KinesisFirehoseInput", + "markdownDescription": "If the streaming source is an Amazon Kinesis Firehose delivery stream, identifies the delivery stream's ARN and an IAM role that enables Amazon Kinesis Analytics to access the stream on your behalf.\n\nNote: Either `KinesisStreamsInput` or `KinesisFirehoseInput` is required.", + "title": "KinesisFirehoseInput" }, - "Spec": { - "markdownDescription": "Uses MPEG-2 AAC audio instead of MPEG-4 AAC audio for raw or MPEG-2 Transport Stream containers.", - "title": "Spec", - "type": "string" + "KinesisStreamsInput": { + "$ref": "#/definitions/AWS::KinesisAnalytics::Application.KinesisStreamsInput", + "markdownDescription": "If the streaming source is an Amazon Kinesis stream, identifies the stream's Amazon Resource Name (ARN) and an IAM role that enables Amazon Kinesis Analytics to access the stream on your behalf.\n\nNote: Either `KinesisStreamsInput` or `KinesisFirehoseInput` is required.", + "title": "KinesisStreamsInput" }, - "VbrQuality": { - "markdownDescription": "The VBR quality level. This is used only if rateControlMode is VBR.", - "title": "VbrQuality", + "NamePrefix": { + "markdownDescription": "Name prefix to use when creating an in-application stream. Suppose that you specify a prefix \"MyInApplicationStream.\" Amazon Kinesis Analytics then creates one or more (as per the `InputParallelism` count you specified) in-application streams with names \"MyInApplicationStream_001,\" \"MyInApplicationStream_002,\" and so on.", + "title": "NamePrefix", "type": "string" } }, + "required": [ + "InputSchema", + "NamePrefix" + ], "type": "object" }, - "AWS::MediaLive::Channel.Ac3Settings": { + "AWS::KinesisAnalytics::Application.InputLambdaProcessor": { "additionalProperties": false, "properties": { - "AttenuationControl": { - "markdownDescription": "", - "title": "AttenuationControl", - "type": "string" - }, - "Bitrate": { - "markdownDescription": "The average bitrate in bits/second. Valid bitrates depend on the coding mode.", - "title": "Bitrate", - "type": "number" - }, - "BitstreamMode": { - "markdownDescription": "Specifies the bitstream mode (bsmod) for the emitted AC-3 stream. For more information about these values, see ATSC A/52-2012.", - "title": "BitstreamMode", - "type": "string" - }, - "CodingMode": { - "markdownDescription": "The Dolby Digital coding mode. This determines the number of channels.", - "title": "CodingMode", - "type": "string" - }, - "Dialnorm": { - "markdownDescription": "Sets the dialnorm for the output. If excluded and the input audio is Dolby Digital, dialnorm is passed through.", - "title": "Dialnorm", - "type": "number" - }, - "DrcProfile": { - "markdownDescription": "If set to filmStandard, adds dynamic range compression signaling to the output bitstream as defined in the Dolby Digital specification.", - "title": "DrcProfile", - "type": "string" - }, - "LfeFilter": { - "markdownDescription": "When set to enabled, applies a 120Hz lowpass filter to the LFE channel prior to encoding. This is valid only in codingMode32Lfe mode.", - "title": "LfeFilter", + "ResourceARN": { + "markdownDescription": "The ARN of the [AWS Lambda](https://docs.aws.amazon.com/lambda/) function that operates on records in the stream.\n\n> To specify an earlier version of the Lambda function than the latest, include the Lambda function version in the Lambda function ARN. For more information about Lambda ARNs, see [Example ARNs: AWS Lambda](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-lambda)", + "title": "ResourceARN", "type": "string" }, - "MetadataControl": { - "markdownDescription": "When set to followInput, encoder metadata is sourced from the DD, DD+, or DolbyE decoder that supplies this audio data. If the audio is supplied from one of these streams, the static metadata settings are used.", - "title": "MetadataControl", + "RoleARN": { + "markdownDescription": "The ARN of the IAM role that is used to access the AWS Lambda function.", + "title": "RoleARN", "type": "string" } }, + "required": [ + "ResourceARN", + "RoleARN" + ], "type": "object" }, - "AWS::MediaLive::Channel.AncillarySourceSettings": { + "AWS::KinesisAnalytics::Application.InputParallelism": { "additionalProperties": false, "properties": { - "SourceAncillaryChannelNumber": { - "markdownDescription": "Specifies the number (1 to 4) of the captions channel you want to extract from the ancillary captions. If you plan to convert the ancillary captions to another format, complete this field. If you plan to choose Embedded as the captions destination in the output (to pass through all the channels in the ancillary captions), leave this field blank because MediaLive ignores the field.", - "title": "SourceAncillaryChannelNumber", + "Count": { + "markdownDescription": "Number of in-application streams to create. For more information, see [Limits](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/limits.html) .", + "title": "Count", "type": "number" } }, "type": "object" }, - "AWS::MediaLive::Channel.ArchiveCdnSettings": { + "AWS::KinesisAnalytics::Application.InputProcessingConfiguration": { "additionalProperties": false, "properties": { - "ArchiveS3Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.ArchiveS3Settings", - "markdownDescription": "Sets up Amazon S3 as the destination for this Archive output.", - "title": "ArchiveS3Settings" + "InputLambdaProcessor": { + "$ref": "#/definitions/AWS::KinesisAnalytics::Application.InputLambdaProcessor", + "markdownDescription": "The [InputLambdaProcessor](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisanalytics-application-inputlambdaprocessor.html) that is used to preprocess the records in the stream before being processed by your application code.", + "title": "InputLambdaProcessor" } }, "type": "object" }, - "AWS::MediaLive::Channel.ArchiveContainerSettings": { + "AWS::KinesisAnalytics::Application.InputSchema": { "additionalProperties": false, "properties": { - "M2tsSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.M2tsSettings", - "markdownDescription": "The settings for the M2TS in the archive output.", - "title": "M2tsSettings" + "RecordColumns": { + "items": { + "$ref": "#/definitions/AWS::KinesisAnalytics::Application.RecordColumn" + }, + "markdownDescription": "A list of `RecordColumn` objects.", + "title": "RecordColumns", + "type": "array" }, - "RawSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.RawSettings", - "markdownDescription": "The settings for Raw archive output type.", - "title": "RawSettings" + "RecordEncoding": { + "markdownDescription": "Specifies the encoding of the records in the streaming source. For example, UTF-8.", + "title": "RecordEncoding", + "type": "string" + }, + "RecordFormat": { + "$ref": "#/definitions/AWS::KinesisAnalytics::Application.RecordFormat", + "markdownDescription": "Specifies the format of the records on the streaming source.", + "title": "RecordFormat" } }, + "required": [ + "RecordColumns", + "RecordFormat" + ], "type": "object" }, - "AWS::MediaLive::Channel.ArchiveGroupSettings": { + "AWS::KinesisAnalytics::Application.JSONMappingParameters": { "additionalProperties": false, "properties": { - "ArchiveCdnSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.ArchiveCdnSettings", - "markdownDescription": "Settings to configure the destination of an Archive output.", - "title": "ArchiveCdnSettings" - }, - "Destination": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", - "markdownDescription": "A directory and base file name where archive files should be written.", - "title": "Destination" - }, - "RolloverInterval": { - "markdownDescription": "The number of seconds to write to an archive file before closing and starting a new one.", - "title": "RolloverInterval", - "type": "number" + "RecordRowPath": { + "markdownDescription": "Path to the top-level parent that contains the records.", + "title": "RecordRowPath", + "type": "string" } }, + "required": [ + "RecordRowPath" + ], "type": "object" }, - "AWS::MediaLive::Channel.ArchiveOutputSettings": { + "AWS::KinesisAnalytics::Application.KinesisFirehoseInput": { "additionalProperties": false, "properties": { - "ContainerSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.ArchiveContainerSettings", - "markdownDescription": "The settings that are specific to the container type of the file.", - "title": "ContainerSettings" - }, - "Extension": { - "markdownDescription": "The output file extension. If excluded, this is auto-selected from the container type.", - "title": "Extension", + "ResourceARN": { + "markdownDescription": "ARN of the input delivery stream.", + "title": "ResourceARN", "type": "string" }, - "NameModifier": { - "markdownDescription": "A string that is concatenated to the end of the destination file name. The string is required for multiple outputs of the same type.", - "title": "NameModifier", + "RoleARN": { + "markdownDescription": "ARN of the IAM role that Amazon Kinesis Analytics can assume to access the stream on your behalf. You need to make sure that the role has the necessary permissions to access the stream.", + "title": "RoleARN", "type": "string" } }, + "required": [ + "ResourceARN", + "RoleARN" + ], "type": "object" }, - "AWS::MediaLive::Channel.ArchiveS3Settings": { + "AWS::KinesisAnalytics::Application.KinesisStreamsInput": { "additionalProperties": false, "properties": { - "CannedAcl": { - "markdownDescription": "Specify the canned ACL to apply to each S3 request. Defaults to none.", - "title": "CannedAcl", + "ResourceARN": { + "markdownDescription": "ARN of the input Amazon Kinesis stream to read.", + "title": "ResourceARN", + "type": "string" + }, + "RoleARN": { + "markdownDescription": "ARN of the IAM role that Amazon Kinesis Analytics can assume to access the stream on your behalf. You need to grant the necessary permissions to this role.", + "title": "RoleARN", "type": "string" } }, + "required": [ + "ResourceARN", + "RoleARN" + ], "type": "object" }, - "AWS::MediaLive::Channel.AribDestinationSettings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.AribSourceSettings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.AudioChannelMapping": { + "AWS::KinesisAnalytics::Application.MappingParameters": { "additionalProperties": false, "properties": { - "InputChannelLevels": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputChannelLevel" - }, - "markdownDescription": "The indices and gain values for each input channel that should be remixed into this output channel.", - "title": "InputChannelLevels", - "type": "array" + "CSVMappingParameters": { + "$ref": "#/definitions/AWS::KinesisAnalytics::Application.CSVMappingParameters", + "markdownDescription": "Provides additional mapping information when the record format uses delimiters (for example, CSV).", + "title": "CSVMappingParameters" }, - "OutputChannel": { - "markdownDescription": "The index of the output channel that is being produced.", - "title": "OutputChannel", - "type": "number" + "JSONMappingParameters": { + "$ref": "#/definitions/AWS::KinesisAnalytics::Application.JSONMappingParameters", + "markdownDescription": "Provides additional mapping information when JSON is the record format on the streaming source.", + "title": "JSONMappingParameters" } }, "type": "object" }, - "AWS::MediaLive::Channel.AudioCodecSettings": { + "AWS::KinesisAnalytics::Application.RecordColumn": { "additionalProperties": false, "properties": { - "AacSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AacSettings", - "markdownDescription": "The setup of the AAC audio codec in the output.", - "title": "AacSettings" - }, - "Ac3Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Ac3Settings", - "markdownDescription": "The setup of an AC3 audio codec in the output.", - "title": "Ac3Settings" - }, - "Eac3AtmosSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Eac3AtmosSettings", - "markdownDescription": "", - "title": "Eac3AtmosSettings" - }, - "Eac3Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Eac3Settings", - "markdownDescription": "The setup of an EAC3 audio codec in the output.", - "title": "Eac3Settings" - }, - "Mp2Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Mp2Settings", - "markdownDescription": "The setup of an MP2 audio codec in the output.", - "title": "Mp2Settings" + "Mapping": { + "markdownDescription": "Reference to the data element in the streaming input or the reference data source. This element is required if the [RecordFormatType](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/API_RecordFormat.html#analytics-Type-RecordFormat-RecordFormatTypel) is `JSON` .", + "title": "Mapping", + "type": "string" }, - "PassThroughSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.PassThroughSettings", - "markdownDescription": "The setup to pass through the Dolby audio codec to the output.", - "title": "PassThroughSettings" + "Name": { + "markdownDescription": "Name of the column created in the in-application input stream or reference table.", + "title": "Name", + "type": "string" }, - "WavSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.WavSettings", - "markdownDescription": "Settings for audio encoded with the WAV codec.", - "title": "WavSettings" + "SqlType": { + "markdownDescription": "Type of column created in the in-application input stream or reference table.", + "title": "SqlType", + "type": "string" } }, + "required": [ + "Name", + "SqlType" + ], "type": "object" }, - "AWS::MediaLive::Channel.AudioDescription": { + "AWS::KinesisAnalytics::Application.RecordFormat": { "additionalProperties": false, "properties": { - "AudioDashRoles": { - "items": { - "type": "string" - }, - "markdownDescription": "", - "title": "AudioDashRoles", - "type": "array" - }, - "AudioNormalizationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioNormalizationSettings", - "markdownDescription": "The advanced audio normalization settings.", - "title": "AudioNormalizationSettings" + "MappingParameters": { + "$ref": "#/definitions/AWS::KinesisAnalytics::Application.MappingParameters", + "markdownDescription": "When configuring application input at the time of creating or updating an application, provides additional mapping information specific to the record format (such as JSON, CSV, or record fields delimited by some delimiter) on the streaming source.", + "title": "MappingParameters" }, - "AudioSelectorName": { - "markdownDescription": "The name of the AudioSelector that is used as the source for this AudioDescription.", - "title": "AudioSelectorName", + "RecordFormatType": { + "markdownDescription": "The type of record format.", + "title": "RecordFormatType", "type": "string" - }, - "AudioType": { - "markdownDescription": "Applies only if audioTypeControl is useConfigured. The values for audioType are defined in ISO-IEC 13818-1.", - "title": "AudioType", + } + }, + "required": [ + "RecordFormatType" + ], + "type": "object" + }, + "AWS::KinesisAnalytics::ApplicationOutput": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "AudioTypeControl": { - "markdownDescription": "Determines how audio type is determined. followInput: If the input contains an ISO 639 audioType, then that value is passed through to the output. If the input contains no ISO 639 audioType, the value in Audio Type is included in the output. useConfigured: The value in Audio Type is included in the output. Note that this field and audioType are both ignored if inputType is broadcasterMixedAd.", - "title": "AudioTypeControl", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "AudioWatermarkingSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioWatermarkSettings", - "markdownDescription": "Settings to configure one or more solutions that insert audio watermarks in the audio encode", - "title": "AudioWatermarkingSettings" - }, - "CodecSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioCodecSettings", - "markdownDescription": "The audio codec settings.", - "title": "CodecSettings" - }, - "DvbDashAccessibility": { - "markdownDescription": "", - "title": "DvbDashAccessibility", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "LanguageCode": { - "markdownDescription": "Indicates the language of the audio output track. Used only if languageControlMode is useConfigured, or there is no ISO 639 language code specified in the input.", - "title": "LanguageCode", - "type": "string" + "Metadata": { + "type": "object" }, - "LanguageCodeControl": { - "markdownDescription": "Choosing followInput causes the ISO 639 language code of the output to follow the ISO 639 language code of the input. The languageCode setting is used when useConfigured is set, or when followInput is selected but there is no ISO 639 language code specified by the input.", - "title": "LanguageCodeControl", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationName": { + "markdownDescription": "Name of the application to which you want to add the output configuration.", + "title": "ApplicationName", + "type": "string" + }, + "Output": { + "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationOutput.Output", + "markdownDescription": "An array of objects, each describing one output configuration. In the output configuration, you specify the name of an in-application stream, a destination (that is, an Amazon Kinesis stream, an Amazon Kinesis Firehose delivery stream, or an AWS Lambda function), and record the formation to use when writing to the destination.", + "title": "Output" + } + }, + "required": [ + "ApplicationName", + "Output" + ], + "type": "object" }, - "Name": { - "markdownDescription": "The name of this AudioDescription. Outputs use this name to uniquely identify this AudioDescription. Description names should be unique within this channel.", - "title": "Name", + "Type": { + "enum": [ + "AWS::KinesisAnalytics::ApplicationOutput" + ], "type": "string" }, - "RemixSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.RemixSettings", - "markdownDescription": "The settings that control how input audio channels are remixed into the output audio channels.", - "title": "RemixSettings" - }, - "StreamName": { - "markdownDescription": "Used for Microsoft Smooth and Apple HLS outputs. Indicates the name displayed by the player (for example, English or Director Commentary).", - "title": "StreamName", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::MediaLive::Channel.AudioDolbyEDecode": { + "AWS::KinesisAnalytics::ApplicationOutput.DestinationSchema": { "additionalProperties": false, "properties": { - "ProgramSelection": { - "markdownDescription": "", - "title": "ProgramSelection", + "RecordFormatType": { + "markdownDescription": "Specifies the format of the records on the output stream.", + "title": "RecordFormatType", "type": "string" } }, "type": "object" }, - "AWS::MediaLive::Channel.AudioHlsRenditionSelection": { + "AWS::KinesisAnalytics::ApplicationOutput.KinesisFirehoseOutput": { "additionalProperties": false, "properties": { - "GroupId": { - "markdownDescription": "Specifies the GROUP-ID in the #EXT-X-MEDIA tag of the target HLS audio rendition.", - "title": "GroupId", + "ResourceARN": { + "markdownDescription": "ARN of the destination Amazon Kinesis Firehose delivery stream to write to.", + "title": "ResourceARN", "type": "string" }, - "Name": { - "markdownDescription": "Specifies the NAME in the #EXT-X-MEDIA tag of the target HLS audio rendition.", - "title": "Name", + "RoleARN": { + "markdownDescription": "ARN of the IAM role that Amazon Kinesis Analytics can assume to write to the destination stream on your behalf. You need to grant the necessary permissions to this role.", + "title": "RoleARN", "type": "string" } }, + "required": [ + "ResourceARN", + "RoleARN" + ], "type": "object" }, - "AWS::MediaLive::Channel.AudioLanguageSelection": { + "AWS::KinesisAnalytics::ApplicationOutput.KinesisStreamsOutput": { "additionalProperties": false, "properties": { - "LanguageCode": { - "markdownDescription": "Selects a specific three-letter language code from within an audio source.", - "title": "LanguageCode", + "ResourceARN": { + "markdownDescription": "ARN of the destination Amazon Kinesis stream to write to.", + "title": "ResourceARN", "type": "string" }, - "LanguageSelectionPolicy": { - "markdownDescription": "When set to \"strict,\" the transport stream demux strictly identifies audio streams by their language descriptor. If a PMT update occurs such that an audio stream matching the initially selected language is no longer present, then mute is encoded until the language returns. If set to \"loose,\" then on a PMT update the demux chooses another audio stream in the program with the same stream type if it can't find one with the same language.", - "title": "LanguageSelectionPolicy", + "RoleARN": { + "markdownDescription": "ARN of the IAM role that Amazon Kinesis Analytics can assume to write to the destination stream on your behalf. You need to grant the necessary permissions to this role.", + "title": "RoleARN", "type": "string" } }, + "required": [ + "ResourceARN", + "RoleARN" + ], "type": "object" }, - "AWS::MediaLive::Channel.AudioNormalizationSettings": { + "AWS::KinesisAnalytics::ApplicationOutput.LambdaOutput": { "additionalProperties": false, "properties": { - "Algorithm": { - "markdownDescription": "The audio normalization algorithm to use. itu17701 conforms to the CALM Act specification. itu17702 conforms to the EBU R-128 specification.", - "title": "Algorithm", + "ResourceARN": { + "markdownDescription": "Amazon Resource Name (ARN) of the destination Lambda function to write to.\n\n> To specify an earlier version of the Lambda function than the latest, include the Lambda function version in the Lambda function ARN. For more information about Lambda ARNs, see [Example ARNs: AWS Lambda](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-lambda)", + "title": "ResourceARN", "type": "string" }, - "AlgorithmControl": { - "markdownDescription": "When set to correctAudio, the output audio is corrected using the chosen algorithm. If set to measureOnly, the audio is measured but not adjusted.", - "title": "AlgorithmControl", + "RoleARN": { + "markdownDescription": "ARN of the IAM role that Amazon Kinesis Analytics can assume to write to the destination function on your behalf. You need to grant the necessary permissions to this role.", + "title": "RoleARN", "type": "string" - }, - "TargetLkfs": { - "markdownDescription": "The Target LKFS(loudness) to adjust volume to. If no value is entered, a default value is used according to the chosen algorithm. The CALM Act (1770-1) recommends a target of -24 LKFS. The EBU R-128 specification (1770-2) recommends a target of -23 LKFS.", - "title": "TargetLkfs", - "type": "number" } }, + "required": [ + "ResourceARN", + "RoleARN" + ], "type": "object" }, - "AWS::MediaLive::Channel.AudioOnlyHlsSettings": { + "AWS::KinesisAnalytics::ApplicationOutput.Output": { "additionalProperties": false, "properties": { - "AudioGroupId": { - "markdownDescription": "Specifies the group that the audio rendition belongs to.", - "title": "AudioGroupId", - "type": "string" + "DestinationSchema": { + "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationOutput.DestinationSchema", + "markdownDescription": "Describes the data format when records are written to the destination. For more information, see [Configuring Application Output](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/how-it-works-output.html) .", + "title": "DestinationSchema" }, - "AudioOnlyImage": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", - "markdownDescription": "Used with an audio-only stream. It must be a .jpg or .png file. If given, this image is used as the cover art for the audio-only output. Ideally, it should be formatted for an iPhone screen for two reasons. The iPhone does not resize the image; instead, it crops a centered image on the top/bottom and left/right. Additionally, this image file gets saved bit-for-bit into every 10-second segment file, so it increases bandwidth by {image file size} * {segment count} * {user count.}.", - "title": "AudioOnlyImage" + "KinesisFirehoseOutput": { + "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationOutput.KinesisFirehoseOutput", + "markdownDescription": "Identifies an Amazon Kinesis Firehose delivery stream as the destination.", + "title": "KinesisFirehoseOutput" }, - "AudioTrackType": { - "markdownDescription": "Four types of audio-only tracks are supported: Audio-Only Variant Stream The client can play back this audio-only stream instead of video in low-bandwidth scenarios. Represented as an EXT-X-STREAM-INF in the HLS manifest. Alternate Audio, Auto Select, Default Alternate rendition that the client should try to play back by default. Represented as an EXT-X-MEDIA in the HLS manifest with DEFAULT=YES, AUTOSELECT=YES Alternate Audio, Auto Select, Not Default Alternate rendition that the client might try to play back by default. Represented as an EXT-X-MEDIA in the HLS manifest with DEFAULT=NO, AUTOSELECT=YES Alternate Audio, not Auto Select Alternate rendition that the client will not try to play back by default. Represented as an EXT-X-MEDIA in the HLS manifest with DEFAULT=NO, AUTOSELECT=NO.", - "title": "AudioTrackType", - "type": "string" + "KinesisStreamsOutput": { + "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationOutput.KinesisStreamsOutput", + "markdownDescription": "Identifies an Amazon Kinesis stream as the destination.", + "title": "KinesisStreamsOutput" + }, + "LambdaOutput": { + "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationOutput.LambdaOutput", + "markdownDescription": "Identifies an AWS Lambda function as the destination.", + "title": "LambdaOutput" }, - "SegmentType": { - "markdownDescription": "Specifies the segment type.", - "title": "SegmentType", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.AudioPidSelection": { - "additionalProperties": false, - "properties": { - "Pid": { - "markdownDescription": "Select the audio by this PID.", - "title": "Pid", - "type": "number" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.AudioSelector": { - "additionalProperties": false, - "properties": { "Name": { - "markdownDescription": "A name for this AudioSelector.", + "markdownDescription": "Name of the in-application stream.", "title": "Name", "type": "string" - }, - "SelectorSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioSelectorSettings", - "markdownDescription": "Information about the specific audio to extract from the input.", - "title": "SelectorSettings" } }, + "required": [ + "DestinationSchema" + ], "type": "object" }, - "AWS::MediaLive::Channel.AudioSelectorSettings": { + "AWS::KinesisAnalytics::ApplicationReferenceDataSource": { "additionalProperties": false, "properties": { - "AudioHlsRenditionSelection": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioHlsRenditionSelection", - "markdownDescription": "Selector for HLS audio rendition.", - "title": "AudioHlsRenditionSelection" + "Condition": { + "type": "string" }, - "AudioLanguageSelection": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioLanguageSelection", - "markdownDescription": "The language code of the audio to select.", - "title": "AudioLanguageSelection" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "AudioPidSelection": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioPidSelection", - "markdownDescription": "The PID of the audio to select.", - "title": "AudioPidSelection" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "AudioTrackSelection": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioTrackSelection", - "markdownDescription": "Information about the audio track to extract.", - "title": "AudioTrackSelection" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationName": { + "markdownDescription": "Name of an existing application.", + "title": "ApplicationName", + "type": "string" + }, + "ReferenceDataSource": { + "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.ReferenceDataSource", + "markdownDescription": "The reference data source can be an object in your Amazon S3 bucket. Amazon Kinesis Analytics reads the object and copies the data into the in-application table that is created. You provide an S3 bucket, object key name, and the resulting in-application table that is created. You must also provide an IAM role with the necessary permissions that Amazon Kinesis Analytics can assume to read the object from your S3 bucket on your behalf.", + "title": "ReferenceDataSource" + } + }, + "required": [ + "ApplicationName", + "ReferenceDataSource" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::KinesisAnalytics::ApplicationReferenceDataSource" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::MediaLive::Channel.AudioSilenceFailoverSettings": { + "AWS::KinesisAnalytics::ApplicationReferenceDataSource.CSVMappingParameters": { "additionalProperties": false, "properties": { - "AudioSelectorName": { - "markdownDescription": "The name of the audio selector in the input that MediaLive should monitor to detect silence. Select your most important rendition. If you didn't create an audio selector in this input, leave blank.", - "title": "AudioSelectorName", + "RecordColumnDelimiter": { + "markdownDescription": "Column delimiter. For example, in a CSV format, a comma (\",\") is the typical column delimiter.", + "title": "RecordColumnDelimiter", "type": "string" }, - "AudioSilenceThresholdMsec": { - "markdownDescription": "The amount of time (in milliseconds) that the active input must be silent before automatic input failover occurs. Silence is defined as audio loss or audio quieter than -50 dBFS.", - "title": "AudioSilenceThresholdMsec", - "type": "number" + "RecordRowDelimiter": { + "markdownDescription": "Row delimiter. For example, in a CSV format, *'\\n'* is the typical row delimiter.", + "title": "RecordRowDelimiter", + "type": "string" } }, + "required": [ + "RecordColumnDelimiter", + "RecordRowDelimiter" + ], "type": "object" }, - "AWS::MediaLive::Channel.AudioTrack": { + "AWS::KinesisAnalytics::ApplicationReferenceDataSource.JSONMappingParameters": { "additionalProperties": false, "properties": { - "Track": { - "markdownDescription": "1-based integer value that maps to a specific audio track", - "title": "Track", - "type": "number" + "RecordRowPath": { + "markdownDescription": "Path to the top-level parent that contains the records.", + "title": "RecordRowPath", + "type": "string" } }, + "required": [ + "RecordRowPath" + ], "type": "object" }, - "AWS::MediaLive::Channel.AudioTrackSelection": { + "AWS::KinesisAnalytics::ApplicationReferenceDataSource.MappingParameters": { "additionalProperties": false, "properties": { - "DolbyEDecode": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioDolbyEDecode", - "markdownDescription": "", - "title": "DolbyEDecode" + "CSVMappingParameters": { + "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.CSVMappingParameters", + "markdownDescription": "Provides additional mapping information when the record format uses delimiters (for example, CSV).", + "title": "CSVMappingParameters" }, - "Tracks": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioTrack" - }, - "markdownDescription": "Selects one or more unique audio tracks from within a source.", - "title": "Tracks", - "type": "array" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.AudioWatermarkSettings": { - "additionalProperties": false, - "properties": { - "NielsenWatermarksSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.NielsenWatermarksSettings", - "markdownDescription": "Settings to configure Nielsen Watermarks in the audio encode", - "title": "NielsenWatermarksSettings" + "JSONMappingParameters": { + "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.JSONMappingParameters", + "markdownDescription": "Provides additional mapping information when JSON is the record format on the streaming source.", + "title": "JSONMappingParameters" } }, "type": "object" }, - "AWS::MediaLive::Channel.AutomaticInputFailoverSettings": { + "AWS::KinesisAnalytics::ApplicationReferenceDataSource.RecordColumn": { "additionalProperties": false, "properties": { - "ErrorClearTimeMsec": { - "markdownDescription": "This clear time defines the requirement a recovered input must meet to be considered healthy. The input must have no failover conditions for this length of time. Enter a time in milliseconds. This value is particularly important if the input_preference for the failover pair is set to PRIMARY_INPUT_PREFERRED, because after this time, MediaLive will switch back to the primary input.", - "title": "ErrorClearTimeMsec", - "type": "number" - }, - "FailoverConditions": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.FailoverCondition" - }, - "markdownDescription": "A list of failover conditions. If any of these conditions occur, MediaLive will perform a failover to the other input.", - "title": "FailoverConditions", - "type": "array" + "Mapping": { + "markdownDescription": "Reference to the data element in the streaming input or the reference data source. This element is required if the [RecordFormatType](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/API_RecordFormat.html#analytics-Type-RecordFormat-RecordFormatTypel) is `JSON` .", + "title": "Mapping", + "type": "string" }, - "InputPreference": { - "markdownDescription": "Input preference when deciding which input to make active when a previously failed input has recovered.", - "title": "InputPreference", + "Name": { + "markdownDescription": "Name of the column created in the in-application input stream or reference table.", + "title": "Name", "type": "string" }, - "SecondaryInputId": { - "markdownDescription": "The input ID of the secondary input in the automatic input failover pair.", - "title": "SecondaryInputId", + "SqlType": { + "markdownDescription": "Type of column created in the in-application input stream or reference table.", + "title": "SqlType", "type": "string" } }, + "required": [ + "Name", + "SqlType" + ], "type": "object" }, - "AWS::MediaLive::Channel.AvailBlanking": { + "AWS::KinesisAnalytics::ApplicationReferenceDataSource.RecordFormat": { "additionalProperties": false, "properties": { - "AvailBlankingImage": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", - "markdownDescription": "The blanking image to be used. Keep empty for solid black. Only .bmp and .png images are supported.", - "title": "AvailBlankingImage" + "MappingParameters": { + "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.MappingParameters", + "markdownDescription": "When configuring application input at the time of creating or updating an application, provides additional mapping information specific to the record format (such as JSON, CSV, or record fields delimited by some delimiter) on the streaming source.", + "title": "MappingParameters" }, - "State": { - "markdownDescription": "When set to enabled, the video, audio, and captions are blanked when insertion metadata is added.", - "title": "State", + "RecordFormatType": { + "markdownDescription": "The type of record format.", + "title": "RecordFormatType", "type": "string" } }, + "required": [ + "RecordFormatType" + ], "type": "object" }, - "AWS::MediaLive::Channel.AvailConfiguration": { + "AWS::KinesisAnalytics::ApplicationReferenceDataSource.ReferenceDataSource": { "additionalProperties": false, "properties": { - "AvailSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AvailSettings", - "markdownDescription": "The setup of ad avail handling in the output.", - "title": "AvailSettings" + "ReferenceSchema": { + "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.ReferenceSchema", + "markdownDescription": "Describes the format of the data in the streaming source, and how each data element maps to corresponding columns created in the in-application stream.", + "title": "ReferenceSchema" + }, + "S3ReferenceDataSource": { + "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.S3ReferenceDataSource", + "markdownDescription": "Identifies the S3 bucket and object that contains the reference data. Also identifies the IAM role Amazon Kinesis Analytics can assume to read this object on your behalf. An Amazon Kinesis Analytics application loads reference data only once. If the data changes, you call the `UpdateApplication` operation to trigger reloading of data into your application.", + "title": "S3ReferenceDataSource" + }, + "TableName": { + "markdownDescription": "Name of the in-application table to create.", + "title": "TableName", + "type": "string" } }, + "required": [ + "ReferenceSchema" + ], "type": "object" }, - "AWS::MediaLive::Channel.AvailSettings": { + "AWS::KinesisAnalytics::ApplicationReferenceDataSource.ReferenceSchema": { "additionalProperties": false, "properties": { - "Esam": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Esam", - "markdownDescription": "", - "title": "Esam" + "RecordColumns": { + "items": { + "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.RecordColumn" + }, + "markdownDescription": "A list of RecordColumn objects.", + "title": "RecordColumns", + "type": "array" }, - "Scte35SpliceInsert": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Scte35SpliceInsert", - "markdownDescription": "The setup for SCTE-35 splice insert handling.", - "title": "Scte35SpliceInsert" + "RecordEncoding": { + "markdownDescription": "Specifies the encoding of the records in the reference source. For example, UTF-8.", + "title": "RecordEncoding", + "type": "string" }, - "Scte35TimeSignalApos": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Scte35TimeSignalApos", - "markdownDescription": "The setup for SCTE-35 time signal APOS handling.", - "title": "Scte35TimeSignalApos" + "RecordFormat": { + "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.RecordFormat", + "markdownDescription": "Specifies the format of the records on the reference source.", + "title": "RecordFormat" } }, + "required": [ + "RecordColumns", + "RecordFormat" + ], "type": "object" }, - "AWS::MediaLive::Channel.BlackoutSlate": { + "AWS::KinesisAnalytics::ApplicationReferenceDataSource.S3ReferenceDataSource": { "additionalProperties": false, "properties": { - "BlackoutSlateImage": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", - "markdownDescription": "The blackout slate image to be used. Keep empty for solid black. Only .bmp and .png images are supported.", - "title": "BlackoutSlateImage" - }, - "NetworkEndBlackout": { - "markdownDescription": "Setting to enabled causes MediaLive to blackout the video, audio, and captions, and raise the \"Network Blackout Image\" slate when an SCTE104/35 Network End Segmentation Descriptor is encountered. The blackout is lifted when the Network Start Segmentation Descriptor is encountered. The Network End and Network Start descriptors must contain a network ID that matches the value entered in Network ID.", - "title": "NetworkEndBlackout", + "BucketARN": { + "markdownDescription": "Amazon Resource Name (ARN) of the S3 bucket.", + "title": "BucketARN", "type": "string" }, - "NetworkEndBlackoutImage": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", - "markdownDescription": "The path to the local file to use as the Network End Blackout image. The image is scaled to fill the entire output raster.", - "title": "NetworkEndBlackoutImage" - }, - "NetworkId": { - "markdownDescription": "Provides a Network ID that matches EIDR ID format (for example, \"10.XXXX/XXXX-XXXX-XXXX-XXXX-XXXX-C\").", - "title": "NetworkId", + "FileKey": { + "markdownDescription": "Object key name containing reference data.", + "title": "FileKey", "type": "string" }, - "State": { - "markdownDescription": "When set to enabled, this causes video, audio, and captions to be blanked when indicated by program metadata.", - "title": "State", + "ReferenceRoleARN": { + "markdownDescription": "ARN of the IAM role that the service can assume to read data on your behalf. This role must have permission for the `s3:GetObject` action on the object and trust policy that allows Amazon Kinesis Analytics service principal to assume this role.", + "title": "ReferenceRoleARN", "type": "string" } }, + "required": [ + "BucketARN", + "FileKey", + "ReferenceRoleARN" + ], "type": "object" }, - "AWS::MediaLive::Channel.BurnInDestinationSettings": { + "AWS::KinesisAnalyticsV2::Application": { "additionalProperties": false, "properties": { - "Alignment": { - "markdownDescription": "If no explicit xPosition or yPosition is provided, setting alignment to centered places the captions at the bottom center of the output. Similarly, setting a left alignment aligns captions to the bottom left of the output. If x and y positions are specified in conjunction with the alignment parameter, the font is justified (either left or centered) relative to those coordinates. Selecting \"smart\" justification left-justifies live subtitles and center-justifies pre-recorded subtitles. All burn-in and DVB-Sub font settings must match.", - "title": "Alignment", - "type": "string" - }, - "BackgroundColor": { - "markdownDescription": "Specifies the color of the rectangle behind the captions. All burn-in and DVB-Sub font settings must match.", - "title": "BackgroundColor", + "Condition": { "type": "string" }, - "BackgroundOpacity": { - "markdownDescription": "Specifies the opacity of the background rectangle. 255 is opaque; 0 is transparent. Keeping this parameter blank is equivalent to setting it to 0 (transparent). All burn-in and DVB-Sub font settings must match.", - "title": "BackgroundOpacity", - "type": "number" - }, - "Font": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", - "markdownDescription": "The external font file that is used for captions burn-in. The file extension must be .ttf or .tte. Although you can select output fonts for many different types of input captions, embedded, STL, and Teletext sources use a strict grid system. Using external fonts with these captions sources could cause an unexpected display of proportional fonts. All burn-in and DVB-Sub font settings must match.", - "title": "Font" - }, - "FontColor": { - "markdownDescription": "Specifies the color of the burned-in captions. This option is not valid for source captions that are STL, 608/embedded, or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", - "title": "FontColor", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "FontOpacity": { - "markdownDescription": "Specifies the opacity of the burned-in captions. 255 is opaque; 0 is transparent. All burn-in and DVB-Sub font settings must match.", - "title": "FontOpacity", - "type": "number" - }, - "FontResolution": { - "markdownDescription": "The font resolution in DPI (dots per inch). The default is 96 dpi. All burn-in and DVB-Sub font settings must match.", - "title": "FontResolution", - "type": "number" - }, - "FontSize": { - "markdownDescription": "When set to auto, fontSize scales depending on the size of the output. Providing a positive integer specifies the exact font size in points. All burn-in and DVB-Sub font settings must match.", - "title": "FontSize", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "OutlineColor": { - "markdownDescription": "Specifies the font outline color. This option is not valid for source captions that are either 608/embedded or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", - "title": "OutlineColor", - "type": "string" + "Metadata": { + "type": "object" }, - "OutlineSize": { - "markdownDescription": "Specifies font outline size in pixels. This option is not valid for source captions that are either 608/embedded or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", - "title": "OutlineSize", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ApplicationConfiguration", + "markdownDescription": "Use this parameter to configure the application.", + "title": "ApplicationConfiguration" + }, + "ApplicationDescription": { + "markdownDescription": "The description of the application.", + "title": "ApplicationDescription", + "type": "string" + }, + "ApplicationMaintenanceConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ApplicationMaintenanceConfiguration", + "markdownDescription": "Specifies the maintenance window parameters for a Kinesis Data Analytics application.", + "title": "ApplicationMaintenanceConfiguration" + }, + "ApplicationMode": { + "markdownDescription": "To create a Kinesis Data Analytics Studio notebook, you must set the mode to `INTERACTIVE` . However, for a Kinesis Data Analytics for Apache Flink application, the mode is optional.", + "title": "ApplicationMode", + "type": "string" + }, + "ApplicationName": { + "markdownDescription": "The name of the application.", + "title": "ApplicationName", + "type": "string" + }, + "RunConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.RunConfiguration", + "markdownDescription": "Describes the starting parameters for an Managed Service for Apache Flink application.", + "title": "RunConfiguration" + }, + "RuntimeEnvironment": { + "markdownDescription": "The runtime environment for the application.", + "title": "RuntimeEnvironment", + "type": "string" + }, + "ServiceExecutionRole": { + "markdownDescription": "Specifies the IAM role that the application uses to access external resources.", + "title": "ServiceExecutionRole", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of one or more tags to assign to the application. A tag is a key-value pair that identifies an application. Note that the maximum number of application tags includes system tags. The maximum number of user-defined application tags is 50.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "RuntimeEnvironment", + "ServiceExecutionRole" + ], + "type": "object" }, - "ShadowColor": { - "markdownDescription": "Specifies the color of the shadow cast by the captions. All burn-in and DVB-Sub font settings must match.", - "title": "ShadowColor", + "Type": { + "enum": [ + "AWS::KinesisAnalyticsV2::Application" + ], "type": "string" }, - "ShadowOpacity": { - "markdownDescription": "Specifies the opacity of the shadow. 255 is opaque; 0 is transparent. Keeping this parameter blank is equivalent to setting it to 0 (transparent). All burn-in and DVB-Sub font settings must match.", - "title": "ShadowOpacity", - "type": "number" - }, - "ShadowXOffset": { - "markdownDescription": "Specifies the horizontal offset of the shadow that is relative to the captions in pixels. A value of -2 would result in a shadow offset 2 pixels to the left. All burn-in and DVB-Sub font settings must match.", - "title": "ShadowXOffset", - "type": "number" - }, - "ShadowYOffset": { - "markdownDescription": "Specifies the vertical offset of the shadow that is relative to the captions in pixels. A value of -2 would result in a shadow offset 2 pixels above the text. All burn-in and DVB-Sub font settings must match.", - "title": "ShadowYOffset", - "type": "number" - }, - "TeletextGridControl": { - "markdownDescription": "Controls whether a fixed grid size is used to generate the output subtitles bitmap. This applies only to Teletext inputs and DVB-Sub/Burn-in outputs.", - "title": "TeletextGridControl", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "XPosition": { - "markdownDescription": "Specifies the horizontal position of the captions relative to the left side of the output in pixels. A value of 10 would result in the captions starting 10 pixels from the left of the output. If no explicit xPosition is provided, the horizontal captions position is determined by the alignment parameter. All burn-in and DVB-Sub font settings must match.", - "title": "XPosition", - "type": "number" - }, - "YPosition": { - "markdownDescription": "Specifies the vertical position of the captions relative to the top of the output in pixels. A value of 10 would result in the captions starting 10 pixels from the top of the output. If no explicit yPosition is provided, the captions are positioned towards the bottom of the output. All burn-in and DVB-Sub font settings must match.", - "title": "YPosition", - "type": "number" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::MediaLive::Channel.CaptionDescription": { + "AWS::KinesisAnalyticsV2::Application.ApplicationCodeConfiguration": { "additionalProperties": false, "properties": { - "Accessibility": { - "markdownDescription": "", - "title": "Accessibility", - "type": "string" - }, - "CaptionDashRoles": { - "items": { - "type": "string" - }, - "markdownDescription": "", - "title": "CaptionDashRoles", - "type": "array" - }, - "CaptionSelectorName": { - "markdownDescription": "Specifies which input captions selector to use as a captions source when generating output captions. This field should match a captionSelector name.", - "title": "CaptionSelectorName", - "type": "string" - }, - "DestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionDestinationSettings", - "markdownDescription": "Additional settings for a captions destination that depend on the destination type.", - "title": "DestinationSettings" - }, - "DvbDashAccessibility": { - "markdownDescription": "", - "title": "DvbDashAccessibility", - "type": "string" - }, - "LanguageCode": { - "markdownDescription": "An ISO 639-2 three-digit code. For more information, see http://www.loc.gov/standards/iso639-2/.", - "title": "LanguageCode", - "type": "string" - }, - "LanguageDescription": { - "markdownDescription": "Human-readable information to indicate the captions that are available for players (for example, English or Spanish).", - "title": "LanguageDescription", - "type": "string" + "CodeContent": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.CodeContent", + "markdownDescription": "The location and type of the application code.", + "title": "CodeContent" }, - "Name": { - "markdownDescription": "The name of the captions description. The name is used to associate a captions description with an output. Names must be unique within a channel.", - "title": "Name", + "CodeContentType": { + "markdownDescription": "Specifies whether the code content is in text or zip format.", + "title": "CodeContentType", "type": "string" } }, + "required": [ + "CodeContent", + "CodeContentType" + ], "type": "object" }, - "AWS::MediaLive::Channel.CaptionDestinationSettings": { + "AWS::KinesisAnalyticsV2::Application.ApplicationConfiguration": { "additionalProperties": false, "properties": { - "AribDestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AribDestinationSettings", - "markdownDescription": "The configuration of one ARIB captions encode in the output.", - "title": "AribDestinationSettings" - }, - "BurnInDestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.BurnInDestinationSettings", - "markdownDescription": "The configuration of one burn-in captions encode in the output.", - "title": "BurnInDestinationSettings" - }, - "DvbSubDestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.DvbSubDestinationSettings", - "markdownDescription": "The configuration of one DVB Sub captions encode in the output.", - "title": "DvbSubDestinationSettings" - }, - "EbuTtDDestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.EbuTtDDestinationSettings", - "markdownDescription": "Settings for EBU-TT captions in the output.", - "title": "EbuTtDDestinationSettings" - }, - "EmbeddedDestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.EmbeddedDestinationSettings", - "markdownDescription": "The configuration of one embedded captions encode in the output.", - "title": "EmbeddedDestinationSettings" - }, - "EmbeddedPlusScte20DestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.EmbeddedPlusScte20DestinationSettings", - "markdownDescription": "The configuration of one embedded plus SCTE-20 captions encode in the output.", - "title": "EmbeddedPlusScte20DestinationSettings" + "ApplicationCodeConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ApplicationCodeConfiguration", + "markdownDescription": "The code location and type parameters for a Managed Service for Apache Flink application.", + "title": "ApplicationCodeConfiguration" }, - "RtmpCaptionInfoDestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.RtmpCaptionInfoDestinationSettings", - "markdownDescription": "The configuration of one RTMPCaptionInfo captions encode in the output.", - "title": "RtmpCaptionInfoDestinationSettings" + "ApplicationSnapshotConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ApplicationSnapshotConfiguration", + "markdownDescription": "Describes whether snapshots are enabled for a Managed Service for Apache Flink application.", + "title": "ApplicationSnapshotConfiguration" }, - "Scte20PlusEmbeddedDestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Scte20PlusEmbeddedDestinationSettings", - "markdownDescription": "The configuration of one SCTE20 plus embedded captions encode in the output.", - "title": "Scte20PlusEmbeddedDestinationSettings" + "ApplicationSystemRollbackConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ApplicationSystemRollbackConfiguration", + "markdownDescription": "Describes whether system rollbacks are enabled for a Managed Service for Apache Flink application.", + "title": "ApplicationSystemRollbackConfiguration" }, - "Scte27DestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Scte27DestinationSettings", - "markdownDescription": "The configuration of one SCTE-27 captions encode in the output.", - "title": "Scte27DestinationSettings" + "EnvironmentProperties": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.EnvironmentProperties", + "markdownDescription": "Describes execution properties for a Managed Service for Apache Flink application.", + "title": "EnvironmentProperties" }, - "SmpteTtDestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.SmpteTtDestinationSettings", - "markdownDescription": "The configuration of one SMPTE-TT captions encode in the output.", - "title": "SmpteTtDestinationSettings" + "FlinkApplicationConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.FlinkApplicationConfiguration", + "markdownDescription": "The creation and update parameters for a Managed Service for Apache Flink application.", + "title": "FlinkApplicationConfiguration" }, - "TeletextDestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.TeletextDestinationSettings", - "markdownDescription": "The configuration of one Teletext captions encode in the output.", - "title": "TeletextDestinationSettings" + "SqlApplicationConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.SqlApplicationConfiguration", + "markdownDescription": "The creation and update parameters for a SQL-based Kinesis Data Analytics application.", + "title": "SqlApplicationConfiguration" }, - "TtmlDestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.TtmlDestinationSettings", - "markdownDescription": "The configuration of one TTML captions encode in the output.", - "title": "TtmlDestinationSettings" + "VpcConfigurations": { + "items": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.VpcConfiguration" + }, + "markdownDescription": "The array of descriptions of VPC configurations available to the application.", + "title": "VpcConfigurations", + "type": "array" }, - "WebvttDestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.WebvttDestinationSettings", - "markdownDescription": "The configuration of one WebVTT captions encode in the output.", - "title": "WebvttDestinationSettings" + "ZeppelinApplicationConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ZeppelinApplicationConfiguration", + "markdownDescription": "The configuration parameters for a Kinesis Data Analytics Studio notebook.", + "title": "ZeppelinApplicationConfiguration" } }, "type": "object" }, - "AWS::MediaLive::Channel.CaptionLanguageMapping": { + "AWS::KinesisAnalyticsV2::Application.ApplicationMaintenanceConfiguration": { "additionalProperties": false, "properties": { - "CaptionChannel": { - "markdownDescription": "The closed caption channel being described by this CaptionLanguageMapping. Each channel mapping must have a unique channel number (maximum of 4).", - "title": "CaptionChannel", - "type": "number" - }, - "LanguageCode": { - "markdownDescription": "A three-character ISO 639-2 language code (see http://www.loc.gov/standards/iso639-2).", - "title": "LanguageCode", + "ApplicationMaintenanceWindowStartTime": { + "markdownDescription": "", + "title": "ApplicationMaintenanceWindowStartTime", + "type": "string" + } + }, + "required": [ + "ApplicationMaintenanceWindowStartTime" + ], + "type": "object" + }, + "AWS::KinesisAnalyticsV2::Application.ApplicationRestoreConfiguration": { + "additionalProperties": false, + "properties": { + "ApplicationRestoreType": { + "markdownDescription": "Specifies how the application should be restored.", + "title": "ApplicationRestoreType", "type": "string" }, - "LanguageDescription": { - "markdownDescription": "The textual description of language.", - "title": "LanguageDescription", + "SnapshotName": { + "markdownDescription": "The identifier of an existing snapshot of application state to use to restart an application. The application uses this value if `RESTORE_FROM_CUSTOM_SNAPSHOT` is specified for the `ApplicationRestoreType` .", + "title": "SnapshotName", "type": "string" } }, + "required": [ + "ApplicationRestoreType" + ], "type": "object" }, - "AWS::MediaLive::Channel.CaptionRectangle": { + "AWS::KinesisAnalyticsV2::Application.ApplicationSnapshotConfiguration": { "additionalProperties": false, "properties": { - "Height": { - "markdownDescription": "See the description in leftOffset.\n\nFor height, specify the entire height of the rectangle as a percentage of the underlying frame height. For example, \\\"80\\\" means the rectangle height is 80% of the underlying frame height. The topOffset and rectangleHeight must add up to 100% or less. This field corresponds to tts:extent - Y in the TTML standard.", - "title": "Height", - "type": "number" - }, - "LeftOffset": { - "markdownDescription": "Applies only if you plan to convert these source captions to EBU-TT-D or TTML in an output. (Make sure to leave the default if you don't have either of these formats in the output.) You can define a display rectangle for the captions that is smaller than the underlying video frame. You define the rectangle by specifying the position of the left edge, top edge, bottom edge, and right edge of the rectangle, all within the underlying video frame. The units for the measurements are percentages. If you specify a value for one of these fields, you must specify a value for all of them.\n\nFor leftOffset, specify the position of the left edge of the rectangle, as a percentage of the underlying frame width, and relative to the left edge of the frame. For example, \\\"10\\\" means the measurement is 10% of the underlying frame width. The rectangle left edge starts at that position from the left edge of the frame. This field corresponds to tts:origin - X in the TTML standard.", - "title": "LeftOffset", - "type": "number" - }, - "TopOffset": { - "markdownDescription": "See the description in leftOffset.\n\nFor topOffset, specify the position of the top edge of the rectangle, as a percentage of the underlying frame height, and relative to the top edge of the frame. For example, \\\"10\\\" means the measurement is 10% of the underlying frame height. The rectangle top edge starts at that position from the top edge of the frame. This field corresponds to tts:origin - Y in the TTML standard.", - "title": "TopOffset", - "type": "number" - }, - "Width": { - "markdownDescription": "See the description in leftOffset.\n\nFor width, specify the entire width of the rectangle as a percentage of the underlying frame width. For example, \\\"80\\\" means the rectangle width is 80% of the underlying frame width. The leftOffset and rectangleWidth must add up to 100% or less. This field corresponds to tts:extent - X in the TTML standard.", - "title": "Width", - "type": "number" + "SnapshotsEnabled": { + "markdownDescription": "Describes whether snapshots are enabled for a Managed Service for Apache Flink application.", + "title": "SnapshotsEnabled", + "type": "boolean" } }, + "required": [ + "SnapshotsEnabled" + ], "type": "object" }, - "AWS::MediaLive::Channel.CaptionSelector": { + "AWS::KinesisAnalyticsV2::Application.ApplicationSystemRollbackConfiguration": { "additionalProperties": false, "properties": { - "LanguageCode": { - "markdownDescription": "When specified, this field indicates the three-letter language code of the captions track to extract from the source.", - "title": "LanguageCode", - "type": "string" - }, - "Name": { - "markdownDescription": "The name identifier for a captions selector. This name is used to associate this captions selector with one or more captions descriptions. Names must be unique within a channel.", - "title": "Name", - "type": "string" - }, - "SelectorSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionSelectorSettings", - "markdownDescription": "Information about the specific audio to extract from the input.", - "title": "SelectorSettings" + "RollbackEnabled": { + "markdownDescription": "Describes whether system rollbacks are enabled for a Managed Service for Apache Flink application.", + "title": "RollbackEnabled", + "type": "boolean" } }, + "required": [ + "RollbackEnabled" + ], "type": "object" }, - "AWS::MediaLive::Channel.CaptionSelectorSettings": { + "AWS::KinesisAnalyticsV2::Application.CSVMappingParameters": { "additionalProperties": false, "properties": { - "AncillarySourceSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AncillarySourceSettings", - "markdownDescription": "Information about the ancillary captions to extract from the input.", - "title": "AncillarySourceSettings" - }, - "AribSourceSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AribSourceSettings", - "markdownDescription": "Information about the ARIB captions to extract from the input.", - "title": "AribSourceSettings" - }, - "DvbSubSourceSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.DvbSubSourceSettings", - "markdownDescription": "Information about the DVB Sub captions to extract from the input.", - "title": "DvbSubSourceSettings" - }, - "EmbeddedSourceSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.EmbeddedSourceSettings", - "markdownDescription": "Information about the embedded captions to extract from the input.", - "title": "EmbeddedSourceSettings" - }, - "Scte20SourceSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Scte20SourceSettings", - "markdownDescription": "Information about the SCTE-20 captions to extract from the input.", - "title": "Scte20SourceSettings" - }, - "Scte27SourceSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Scte27SourceSettings", - "markdownDescription": "Information about the SCTE-27 captions to extract from the input.", - "title": "Scte27SourceSettings" + "RecordColumnDelimiter": { + "markdownDescription": "The column delimiter. For example, in a CSV format, a comma (\",\") is the typical column delimiter.", + "title": "RecordColumnDelimiter", + "type": "string" }, - "TeletextSourceSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.TeletextSourceSettings", - "markdownDescription": "Information about the Teletext captions to extract from the input.", - "title": "TeletextSourceSettings" + "RecordRowDelimiter": { + "markdownDescription": "The row delimiter. For example, in a CSV format, *'\\n'* is the typical row delimiter.", + "title": "RecordRowDelimiter", + "type": "string" } }, + "required": [ + "RecordColumnDelimiter", + "RecordRowDelimiter" + ], "type": "object" }, - "AWS::MediaLive::Channel.CdiInputSpecification": { + "AWS::KinesisAnalyticsV2::Application.CatalogConfiguration": { "additionalProperties": false, "properties": { - "Resolution": { - "markdownDescription": "Maximum CDI input resolution", - "title": "Resolution", - "type": "string" + "GlueDataCatalogConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.GlueDataCatalogConfiguration", + "markdownDescription": "The configuration parameters for the default Amazon Glue database. You use this database for Apache Flink SQL queries and table API transforms that you write in a Kinesis Data Analytics Studio notebook.", + "title": "GlueDataCatalogConfiguration" } }, "type": "object" }, - "AWS::MediaLive::Channel.CmafIngestGroupSettings": { + "AWS::KinesisAnalyticsV2::Application.CheckpointConfiguration": { "additionalProperties": false, "properties": { - "Destination": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", - "markdownDescription": "", - "title": "Destination" - }, - "NielsenId3Behavior": { - "markdownDescription": "", - "title": "NielsenId3Behavior", - "type": "string" - }, - "Scte35Type": { - "markdownDescription": "", - "title": "Scte35Type", - "type": "string" - }, - "SegmentLength": { - "markdownDescription": "", - "title": "SegmentLength", + "CheckpointInterval": { + "markdownDescription": "Describes the interval in milliseconds between checkpoint operations.\n\n> If `CheckpointConfiguration.ConfigurationType` is `DEFAULT` , the application will use a `CheckpointInterval` value of 60000, even if this value is set to another value using this API or in application code.", + "title": "CheckpointInterval", "type": "number" }, - "SegmentLengthUnits": { - "markdownDescription": "", - "title": "SegmentLengthUnits", + "CheckpointingEnabled": { + "markdownDescription": "Describes whether checkpointing is enabled for a Managed Service for Apache Flink application.\n\n> If `CheckpointConfiguration.ConfigurationType` is `DEFAULT` , the application will use a `CheckpointingEnabled` value of `true` , even if this value is set to another value using this API or in application code.", + "title": "CheckpointingEnabled", + "type": "boolean" + }, + "ConfigurationType": { + "markdownDescription": "Describes whether the application uses Managed Service for Apache Flink' default checkpointing behavior. You must set this property to `CUSTOM` in order to set the `CheckpointingEnabled` , `CheckpointInterval` , or `MinPauseBetweenCheckpoints` parameters.\n\n> If this value is set to `DEFAULT` , the application will use the following values, even if they are set to other values using APIs or application code:\n> \n> - *CheckpointingEnabled:* true\n> - *CheckpointInterval:* 60000\n> - *MinPauseBetweenCheckpoints:* 5000", + "title": "ConfigurationType", "type": "string" }, - "SendDelayMs": { - "markdownDescription": "", - "title": "SendDelayMs", + "MinPauseBetweenCheckpoints": { + "markdownDescription": "Describes the minimum time in milliseconds after a checkpoint operation completes that a new checkpoint operation can start. If a checkpoint operation takes longer than the `CheckpointInterval` , the application otherwise performs continual checkpoint operations. For more information, see [Tuning Checkpointing](https://docs.aws.amazon.com/https://nightlies.apache.org/flink/flink-docs-master/docs/ops/state/large_state_tuning/#tuning-checkpointing) in the [Apache Flink Documentation](https://docs.aws.amazon.com/https://nightlies.apache.org/flink/flink-docs-master) .\n\n> If `CheckpointConfiguration.ConfigurationType` is `DEFAULT` , the application will use a `MinPauseBetweenCheckpoints` value of 5000, even if this value is set using this API or in application code.", + "title": "MinPauseBetweenCheckpoints", "type": "number" } }, + "required": [ + "ConfigurationType" + ], "type": "object" }, - "AWS::MediaLive::Channel.CmafIngestOutputSettings": { + "AWS::KinesisAnalyticsV2::Application.CodeContent": { "additionalProperties": false, "properties": { - "NameModifier": { - "markdownDescription": "", - "title": "NameModifier", + "S3ContentLocation": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.S3ContentLocation", + "markdownDescription": "Information about the Amazon S3 bucket that contains the application code.", + "title": "S3ContentLocation" + }, + "TextContent": { + "markdownDescription": "The text-format code for a Managed Service for Apache Flink application.", + "title": "TextContent", + "type": "string" + }, + "ZipFileContent": { + "markdownDescription": "The zip-format code for a Managed Service for Apache Flink application.", + "title": "ZipFileContent", "type": "string" } }, "type": "object" }, - "AWS::MediaLive::Channel.ColorCorrection": { + "AWS::KinesisAnalyticsV2::Application.CustomArtifactConfiguration": { "additionalProperties": false, "properties": { - "InputColorSpace": { - "markdownDescription": "", - "title": "InputColorSpace", + "ArtifactType": { + "markdownDescription": "Set this to either `UDF` or `DEPENDENCY_JAR` . `UDF` stands for user-defined functions. This type of artifact must be in an S3 bucket. A `DEPENDENCY_JAR` can be in either Maven or an S3 bucket.", + "title": "ArtifactType", "type": "string" }, - "OutputColorSpace": { - "markdownDescription": "", - "title": "OutputColorSpace", - "type": "string" + "MavenReference": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.MavenReference", + "markdownDescription": "The parameters required to fully specify a Maven reference.", + "title": "MavenReference" }, - "Uri": { - "markdownDescription": "", - "title": "Uri", - "type": "string" + "S3ContentLocation": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.S3ContentLocation", + "markdownDescription": "The location of the custom artifacts.", + "title": "S3ContentLocation" } }, + "required": [ + "ArtifactType" + ], "type": "object" }, - "AWS::MediaLive::Channel.ColorCorrectionSettings": { + "AWS::KinesisAnalyticsV2::Application.DeployAsApplicationConfiguration": { "additionalProperties": false, "properties": { - "GlobalColorCorrections": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.ColorCorrection" - }, - "markdownDescription": "", - "title": "GlobalColorCorrections", - "type": "array" + "S3ContentLocation": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.S3ContentBaseLocation", + "markdownDescription": "The description of an Amazon S3 object that contains the Amazon Data Analytics application, including the Amazon Resource Name (ARN) of the S3 bucket, the name of the Amazon S3 object that contains the data, and the version number of the Amazon S3 object that contains the data.", + "title": "S3ContentLocation" } }, + "required": [ + "S3ContentLocation" + ], "type": "object" }, - "AWS::MediaLive::Channel.ColorSpacePassthroughSettings": { + "AWS::KinesisAnalyticsV2::Application.EnvironmentProperties": { "additionalProperties": false, - "properties": {}, + "properties": { + "PropertyGroups": { + "items": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.PropertyGroup" + }, + "markdownDescription": "Describes the execution property groups.", + "title": "PropertyGroups", + "type": "array" + } + }, "type": "object" }, - "AWS::MediaLive::Channel.DolbyVision81Settings": { + "AWS::KinesisAnalyticsV2::Application.FlinkApplicationConfiguration": { "additionalProperties": false, - "properties": {}, + "properties": { + "CheckpointConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.CheckpointConfiguration", + "markdownDescription": "Describes an application's checkpointing configuration. Checkpointing is the process of persisting application state for fault tolerance. For more information, see [Checkpoints for Fault Tolerance](https://docs.aws.amazon.com/https://ci.apache.org/projects/flink/flink-docs-release-1.8/concepts/programming-model.html#checkpoints-for-fault-tolerance) in the [Apache Flink Documentation](https://docs.aws.amazon.com/https://ci.apache.org/projects/flink/flink-docs-release-1.8/) .", + "title": "CheckpointConfiguration" + }, + "MonitoringConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.MonitoringConfiguration", + "markdownDescription": "Describes configuration parameters for Amazon CloudWatch logging for an application.", + "title": "MonitoringConfiguration" + }, + "ParallelismConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ParallelismConfiguration", + "markdownDescription": "Describes parameters for how an application executes multiple tasks simultaneously.", + "title": "ParallelismConfiguration" + } + }, "type": "object" }, - "AWS::MediaLive::Channel.DvbNitSettings": { + "AWS::KinesisAnalyticsV2::Application.FlinkRunConfiguration": { "additionalProperties": false, "properties": { - "NetworkId": { - "markdownDescription": "The numeric value placed in the Network Information Table (NIT).", - "title": "NetworkId", - "type": "number" - }, - "NetworkName": { - "markdownDescription": "The network name text placed in the networkNameDescriptor inside the Network Information Table (NIT). The maximum length is 256 characters.", - "title": "NetworkName", - "type": "string" - }, - "RepInterval": { - "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream.", - "title": "RepInterval", - "type": "number" + "AllowNonRestoredState": { + "markdownDescription": "When restoring from a snapshot, specifies whether the runtime is allowed to skip a state that cannot be mapped to the new program. This will happen if the program is updated between snapshots to remove stateful parameters, and state data in the snapshot no longer corresponds to valid application data. For more information, see [Allowing Non-Restored State](https://docs.aws.amazon.com/https://nightlies.apache.org/flink/flink-docs-master/docs/ops/state/savepoints/#allowing-non-restored-state) in the [Apache Flink documentation](https://docs.aws.amazon.com/https://nightlies.apache.org/flink/flink-docs-master) .\n\n> This value defaults to `false` . If you update your application without specifying this parameter, `AllowNonRestoredState` will be set to `false` , even if it was previously set to `true` .", + "title": "AllowNonRestoredState", + "type": "boolean" } }, "type": "object" }, - "AWS::MediaLive::Channel.DvbSdtSettings": { + "AWS::KinesisAnalyticsV2::Application.GlueDataCatalogConfiguration": { "additionalProperties": false, "properties": { - "OutputSdt": { - "markdownDescription": "Selects a method of inserting SDT information into an output stream. The sdtFollow setting copies SDT information from input stream to output stream. The sdtFollowIfPresent setting copies SDT information from input stream to output stream if SDT information is present in the input. Otherwise, it falls back on the user-defined values. The sdtManual setting means that the user will enter the SDT information. The sdtNone setting means that the output stream will not contain SDT information.", - "title": "OutputSdt", - "type": "string" - }, - "RepInterval": { - "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream.", - "title": "RepInterval", - "type": "number" - }, - "ServiceName": { - "markdownDescription": "The service name placed in the serviceDescriptor in the Service Description Table (SDT). The maximum length is 256 characters.", - "title": "ServiceName", - "type": "string" - }, - "ServiceProviderName": { - "markdownDescription": "The service provider name placed in the serviceDescriptor in the Service Description Table (SDT). The maximum length is 256 characters.", - "title": "ServiceProviderName", + "DatabaseARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the database.", + "title": "DatabaseARN", "type": "string" } }, "type": "object" }, - "AWS::MediaLive::Channel.DvbSubDestinationSettings": { + "AWS::KinesisAnalyticsV2::Application.Input": { "additionalProperties": false, "properties": { - "Alignment": { - "markdownDescription": "If no explicit xPosition or yPosition is provided, setting the alignment to centered places the captions at the bottom center of the output. Similarly, setting a left alignment aligns captions to the bottom left of the output. If x and y positions are specified in conjunction with the alignment parameter, the font is justified (either left or centered) relative to those coordinates. Selecting \"smart\" justification left-justifies live subtitles and center-justifies pre-recorded subtitles. This option is not valid for source captions that are STL or 608/embedded. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", - "title": "Alignment", - "type": "string" - }, - "BackgroundColor": { - "markdownDescription": "Specifies the color of the rectangle behind the captions. All burn-in and DVB-Sub font settings must match.", - "title": "BackgroundColor", - "type": "string" - }, - "BackgroundOpacity": { - "markdownDescription": "Specifies the opacity of the background rectangle. 255 is opaque; 0 is transparent. Keeping this parameter blank is equivalent to setting it to 0 (transparent). All burn-in and DVB-Sub font settings must match.", - "title": "BackgroundOpacity", - "type": "number" - }, - "Font": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", - "markdownDescription": "The external font file that is used for captions burn-in. The file extension must be .ttf or .tte. Although you can select output fonts for many different types of input captions, embedded, STL, and Teletext sources use a strict grid system. Using external fonts with these captions sources could cause an unexpected display of proportional fonts. All burn-in and DVB-Sub font settings must match.", - "title": "Font" - }, - "FontColor": { - "markdownDescription": "Specifies the color of the burned-in captions. This option is not valid for source captions that are STL, 608/embedded, or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", - "title": "FontColor", - "type": "string" - }, - "FontOpacity": { - "markdownDescription": "Specifies the opacity of the burned-in captions. 255 is opaque; 0 is transparent. All burn-in and DVB-Sub font settings must match.", - "title": "FontOpacity", - "type": "number" - }, - "FontResolution": { - "markdownDescription": "The font resolution in DPI (dots per inch). The default is 96 dpi. All burn-in and DVB-Sub font settings must match.", - "title": "FontResolution", - "type": "number" - }, - "FontSize": { - "markdownDescription": "When set to auto, fontSize scales depending on the size of the output. Providing a positive integer specifies the exact font size in points. All burn-in and DVB-Sub font settings must match.", - "title": "FontSize", - "type": "string" - }, - "OutlineColor": { - "markdownDescription": "Specifies the font outline color. This option is not valid for source captions that are either 608/embedded or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", - "title": "OutlineColor", - "type": "string" - }, - "OutlineSize": { - "markdownDescription": "Specifies the font outline size in pixels. This option is not valid for source captions that are either 608/embedded or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", - "title": "OutlineSize", - "type": "number" + "InputParallelism": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.InputParallelism", + "markdownDescription": "Describes the number of in-application streams to create.", + "title": "InputParallelism" }, - "ShadowColor": { - "markdownDescription": "Specifies the color of the shadow that is cast by the captions. All burn-in and DVB-Sub font settings must match.", - "title": "ShadowColor", - "type": "string" + "InputProcessingConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.InputProcessingConfiguration", + "markdownDescription": "The [InputProcessingConfiguration](https://docs.aws.amazon.com/managed-flink/latest/apiv2/API_InputProcessingConfiguration.html) for the input. An input processor transforms records as they are received from the stream, before the application's SQL code executes. Currently, the only input processing configuration available is [InputLambdaProcessor](https://docs.aws.amazon.com/managed-flink/latest/apiv2/API_InputLambdaProcessor.html) .", + "title": "InputProcessingConfiguration" }, - "ShadowOpacity": { - "markdownDescription": "Specifies the opacity of the shadow. 255 is opaque; 0 is transparent. Keeping this parameter blank is equivalent to setting it to 0 (transparent). All burn-in and DVB-Sub font settings must match.", - "title": "ShadowOpacity", - "type": "number" + "InputSchema": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.InputSchema", + "markdownDescription": "Describes the format of the data in the streaming source, and how each data element maps to corresponding columns in the in-application stream that is being created.\n\nAlso used to describe the format of the reference data source.", + "title": "InputSchema" }, - "ShadowXOffset": { - "markdownDescription": "Specifies the horizontal offset of the shadow relative to the captions in pixels. A value of -2 would result in a shadow offset 2 pixels to the left. All burn-in and DVB-Sub font settings must match.", - "title": "ShadowXOffset", - "type": "number" + "KinesisFirehoseInput": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.KinesisFirehoseInput", + "markdownDescription": "If the streaming source is an Amazon Kinesis Data Firehose delivery stream, identifies the delivery stream's ARN.", + "title": "KinesisFirehoseInput" }, - "ShadowYOffset": { - "markdownDescription": "Specifies the vertical offset of the shadow relative to the captions in pixels. A value of -2 would result in a shadow offset 2 pixels above the text. All burn-in and DVB-Sub font settings must match.", - "title": "ShadowYOffset", - "type": "number" + "KinesisStreamsInput": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.KinesisStreamsInput", + "markdownDescription": "If the streaming source is an Amazon Kinesis data stream, identifies the stream's Amazon Resource Name (ARN).", + "title": "KinesisStreamsInput" }, - "TeletextGridControl": { - "markdownDescription": "Controls whether a fixed grid size is used to generate the output subtitles bitmap. This applies to only Teletext inputs and DVB-Sub/Burn-in outputs.", - "title": "TeletextGridControl", + "NamePrefix": { + "markdownDescription": "The name prefix to use when creating an in-application stream. Suppose that you specify a prefix \" `MyInApplicationStream` .\" Kinesis Data Analytics then creates one or more (as per the `InputParallelism` count you specified) in-application streams with the names \" `MyInApplicationStream_001` ,\" \" `MyInApplicationStream_002` ,\" and so on.", + "title": "NamePrefix", "type": "string" - }, - "XPosition": { - "markdownDescription": "Specifies the horizontal position of the captions relative to the left side of the output in pixels. A value of 10 would result in the captions starting 10 pixels from the left of the output. If no explicit xPosition is provided, the horizontal captions position is determined by the alignment parameter. This option is not valid for source captions that are STL, 608/embedded, or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", - "title": "XPosition", - "type": "number" - }, - "YPosition": { - "markdownDescription": "Specifies the vertical position of the captions relative to the top of the output in pixels. A value of 10 would result in the captions starting 10 pixels from the top of the output. If no explicit yPosition is provided, the captions are positioned towards the bottom of the output. This option is not valid for source captions that are STL, 608/embedded, or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", - "title": "YPosition", - "type": "number" } }, + "required": [ + "InputSchema", + "NamePrefix" + ], "type": "object" }, - "AWS::MediaLive::Channel.DvbSubSourceSettings": { + "AWS::KinesisAnalyticsV2::Application.InputLambdaProcessor": { "additionalProperties": false, "properties": { - "OcrLanguage": { - "markdownDescription": "If you will configure a WebVTT caption description that references this caption selector, use this field to\nprovide the language to consider when translating the image-based source to text.", - "title": "OcrLanguage", + "ResourceARN": { + "markdownDescription": "The ARN of the Amazon Lambda function that operates on records in the stream.\n\n> To specify an earlier version of the Lambda function than the latest, include the Lambda function version in the Lambda function ARN. For more information about Lambda ARNs, see [Example ARNs: Amazon Lambda](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-lambda)", + "title": "ResourceARN", "type": "string" - }, - "Pid": { - "markdownDescription": "When using DVB-Sub with burn-in or SMPTE-TT, use this PID for the source content. It is unused for DVB-Sub passthrough. All DVB-Sub content is passed through, regardless of selectors.", - "title": "Pid", - "type": "number" } }, + "required": [ + "ResourceARN" + ], "type": "object" }, - "AWS::MediaLive::Channel.DvbTdtSettings": { + "AWS::KinesisAnalyticsV2::Application.InputParallelism": { "additionalProperties": false, "properties": { - "RepInterval": { - "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream.", - "title": "RepInterval", + "Count": { + "markdownDescription": "The number of in-application streams to create.", + "title": "Count", "type": "number" } }, "type": "object" }, - "AWS::MediaLive::Channel.Eac3AtmosSettings": { + "AWS::KinesisAnalyticsV2::Application.InputProcessingConfiguration": { "additionalProperties": false, "properties": { - "Bitrate": { - "markdownDescription": "", - "title": "Bitrate", - "type": "number" - }, - "CodingMode": { - "markdownDescription": "", - "title": "CodingMode", - "type": "string" - }, - "Dialnorm": { - "markdownDescription": "", - "title": "Dialnorm", - "type": "number" - }, - "DrcLine": { - "markdownDescription": "", - "title": "DrcLine", - "type": "string" - }, - "DrcRf": { - "markdownDescription": "", - "title": "DrcRf", - "type": "string" - }, - "HeightTrim": { - "markdownDescription": "", - "title": "HeightTrim", - "type": "number" - }, - "SurroundTrim": { - "markdownDescription": "", - "title": "SurroundTrim", - "type": "number" + "InputLambdaProcessor": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.InputLambdaProcessor", + "markdownDescription": "The [InputLambdaProcessor](https://docs.aws.amazon.com/managed-flink/latest/apiv2/API_InputLambdaProcessor.html) that is used to preprocess the records in the stream before being processed by your application code.", + "title": "InputLambdaProcessor" } }, "type": "object" }, - "AWS::MediaLive::Channel.Eac3Settings": { + "AWS::KinesisAnalyticsV2::Application.InputSchema": { "additionalProperties": false, "properties": { - "AttenuationControl": { - "markdownDescription": "When set to attenuate3Db, applies a 3 dB attenuation to the surround channels. Used only for the 3/2 coding mode.", - "title": "AttenuationControl", - "type": "string" - }, - "Bitrate": { - "markdownDescription": "The average bitrate in bits/second. Valid bitrates depend on the coding mode.", - "title": "Bitrate", - "type": "number" - }, - "BitstreamMode": { - "markdownDescription": "Specifies the bitstream mode (bsmod) for the emitted E-AC-3 stream. For more information, see ATSC A/52-2012 (Annex E).", - "title": "BitstreamMode", - "type": "string" - }, - "CodingMode": { - "markdownDescription": "The Dolby Digital Plus coding mode. This mode determines the number of channels.", - "title": "CodingMode", - "type": "string" - }, - "DcFilter": { - "markdownDescription": "When set to enabled, activates a DC highpass filter for all input channels.", - "title": "DcFilter", - "type": "string" - }, - "Dialnorm": { - "markdownDescription": "Sets the dialnorm for the output. If blank and the input audio is Dolby Digital Plus, dialnorm will be passed through.", - "title": "Dialnorm", - "type": "number" - }, - "DrcLine": { - "markdownDescription": "Sets the Dolby dynamic range compression profile.", - "title": "DrcLine", - "type": "string" - }, - "DrcRf": { - "markdownDescription": "Sets the profile for heavy Dolby dynamic range compression, ensuring that the instantaneous signal peaks do not exceed specified levels.", - "title": "DrcRf", - "type": "string" - }, - "LfeControl": { - "markdownDescription": "When encoding 3/2 audio, setting to lfe enables the LFE channel.", - "title": "LfeControl", - "type": "string" - }, - "LfeFilter": { - "markdownDescription": "When set to enabled, applies a 120Hz lowpass filter to the LFE channel prior to encoding. Valid only with a codingMode32 coding mode.", - "title": "LfeFilter", - "type": "string" - }, - "LoRoCenterMixLevel": { - "markdownDescription": "The Left only/Right only center mix level. Used only for the 3/2 coding mode.", - "title": "LoRoCenterMixLevel", - "type": "number" - }, - "LoRoSurroundMixLevel": { - "markdownDescription": "The Left only/Right only surround mix level. Used only for a 3/2 coding mode.", - "title": "LoRoSurroundMixLevel", - "type": "number" - }, - "LtRtCenterMixLevel": { - "markdownDescription": "The Left total/Right total center mix level. Used only for a 3/2 coding mode.", - "title": "LtRtCenterMixLevel", - "type": "number" - }, - "LtRtSurroundMixLevel": { - "markdownDescription": "The Left total/Right total surround mix level. Used only for the 3/2 coding mode.", - "title": "LtRtSurroundMixLevel", - "type": "number" - }, - "MetadataControl": { - "markdownDescription": "When set to followInput, encoder metadata is sourced from the DD, DD+, or DolbyE decoder that supplies this audio data. If the audio is not supplied from one of these streams, then the static metadata settings are used.", - "title": "MetadataControl", - "type": "string" - }, - "PassthroughControl": { - "markdownDescription": "When set to whenPossible, input DD+ audio will be passed through if it is present on the input. This detection is dynamic over the life of the transcode. Inputs that alternate between DD+ and non-DD+ content will have a consistent DD+ output as the system alternates between passthrough and encoding.", - "title": "PassthroughControl", - "type": "string" - }, - "PhaseControl": { - "markdownDescription": "When set to shift90Degrees, applies a 90-degree phase shift to the surround channels. Used only for a 3/2 coding mode.", - "title": "PhaseControl", - "type": "string" - }, - "StereoDownmix": { - "markdownDescription": "A stereo downmix preference. Used only for the 3/2 coding mode.", - "title": "StereoDownmix", - "type": "string" + "RecordColumns": { + "items": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.RecordColumn" + }, + "markdownDescription": "A list of `RecordColumn` objects.", + "title": "RecordColumns", + "type": "array" }, - "SurroundExMode": { - "markdownDescription": "When encoding 3/2 audio, sets whether an extra center back surround channel is matrix encoded into the left and right surround channels.", - "title": "SurroundExMode", + "RecordEncoding": { + "markdownDescription": "Specifies the encoding of the records in the streaming source. For example, UTF-8.", + "title": "RecordEncoding", "type": "string" }, - "SurroundMode": { - "markdownDescription": "When encoding 2/0 audio, sets whether Dolby Surround is matrix-encoded into the two channels.", - "title": "SurroundMode", - "type": "string" + "RecordFormat": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.RecordFormat", + "markdownDescription": "Specifies the format of the records on the streaming source.", + "title": "RecordFormat" } }, + "required": [ + "RecordColumns", + "RecordFormat" + ], "type": "object" }, - "AWS::MediaLive::Channel.EbuTtDDestinationSettings": { + "AWS::KinesisAnalyticsV2::Application.JSONMappingParameters": { "additionalProperties": false, "properties": { - "CopyrightHolder": { - "markdownDescription": "Applies only if you plan to convert these source captions to EBU-TT-D or TTML in an output. Complete this field if you want to include the name of the copyright holder in the copyright metadata tag in the TTML", - "title": "CopyrightHolder", - "type": "string" - }, - "FillLineGap": { - "markdownDescription": "Specifies how to handle the gap between the lines (in multi-line captions). - enabled: Fill with the captions background color (as specified in the input captions).\n- disabled: Leave the gap unfilled.", - "title": "FillLineGap", - "type": "string" - }, - "FontFamily": { - "markdownDescription": "Specifies the font family to include in the font data attached to the EBU-TT captions. Valid only if styleControl is set to include. If you leave this field empty, the font family is set to \"monospaced\". (If styleControl is set to exclude, the font family is always set to \"monospaced\".) You specify only the font family. All other style information (color, bold, position and so on) is copied from the input captions. The size is always set to 100% to allow the downstream player to choose the size. - Enter a list of font families, as a comma-separated list of font names, in order of preference. The name can be a font family (such as \u201cArial\u201d), or a generic font family (such as \u201cserif\u201d), or \u201cdefault\u201d (to let the downstream player choose the font).\n- Leave blank to set the family to \u201cmonospace\u201d.", - "title": "FontFamily", - "type": "string" - }, - "StyleControl": { - "markdownDescription": "Specifies the style information (font color, font position, and so on) to include in the font data that is attached to the EBU-TT captions. - include: Take the style information (font color, font position, and so on) from the source captions and include that information in the font data attached to the EBU-TT captions. This option is valid only if the source captions are Embedded or Teletext.\n- exclude: In the font data attached to the EBU-TT captions, set the font family to \"monospaced\". Do not include any other style information.", - "title": "StyleControl", + "RecordRowPath": { + "markdownDescription": "The path to the top-level parent that contains the records.", + "title": "RecordRowPath", "type": "string" } }, + "required": [ + "RecordRowPath" + ], "type": "object" }, - "AWS::MediaLive::Channel.EmbeddedDestinationSettings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.EmbeddedPlusScte20DestinationSettings": { + "AWS::KinesisAnalyticsV2::Application.KinesisFirehoseInput": { "additionalProperties": false, - "properties": {}, + "properties": { + "ResourceARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the delivery stream.", + "title": "ResourceARN", + "type": "string" + } + }, + "required": [ + "ResourceARN" + ], "type": "object" }, - "AWS::MediaLive::Channel.EmbeddedSourceSettings": { + "AWS::KinesisAnalyticsV2::Application.KinesisStreamsInput": { "additionalProperties": false, "properties": { - "Convert608To708": { - "markdownDescription": "If this is upconvert, 608 data is both passed through the \"608 compatibility bytes\" fields of the 708 wrapper as well as translated into 708. If 708 data is present in the source content, it is discarded.", - "title": "Convert608To708", - "type": "string" - }, - "Scte20Detection": { - "markdownDescription": "Set to \"auto\" to handle streams with intermittent or non-aligned SCTE-20 and embedded captions.", - "title": "Scte20Detection", + "ResourceARN": { + "markdownDescription": "The ARN of the input Kinesis data stream to read.", + "title": "ResourceARN", "type": "string" - }, - "Source608ChannelNumber": { - "markdownDescription": "Specifies the 608/708 channel number within the video track from which to extract captions. This is unused for passthrough.", - "title": "Source608ChannelNumber", - "type": "number" - }, - "Source608TrackNumber": { - "markdownDescription": "This field is unused and deprecated.", - "title": "Source608TrackNumber", - "type": "number" } }, + "required": [ + "ResourceARN" + ], "type": "object" }, - "AWS::MediaLive::Channel.EncoderSettings": { + "AWS::KinesisAnalyticsV2::Application.MappingParameters": { "additionalProperties": false, "properties": { - "AudioDescriptions": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioDescription" - }, - "markdownDescription": "The encoding information for output audio.", - "title": "AudioDescriptions", - "type": "array" - }, - "AvailBlanking": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AvailBlanking", - "markdownDescription": "The settings for ad avail blanking.", - "title": "AvailBlanking" - }, - "AvailConfiguration": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AvailConfiguration", - "markdownDescription": "The configuration settings for the ad avail handling.", - "title": "AvailConfiguration" - }, - "BlackoutSlate": { - "$ref": "#/definitions/AWS::MediaLive::Channel.BlackoutSlate", - "markdownDescription": "The settings for the blackout slate.", - "title": "BlackoutSlate" - }, - "CaptionDescriptions": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionDescription" - }, - "markdownDescription": "The encoding information for output captions.", - "title": "CaptionDescriptions", - "type": "array" - }, - "ColorCorrectionSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.ColorCorrectionSettings", - "markdownDescription": "", - "title": "ColorCorrectionSettings" - }, - "FeatureActivations": { - "$ref": "#/definitions/AWS::MediaLive::Channel.FeatureActivations", - "markdownDescription": "Settings to enable specific features.", - "title": "FeatureActivations" - }, - "GlobalConfiguration": { - "$ref": "#/definitions/AWS::MediaLive::Channel.GlobalConfiguration", - "markdownDescription": "The configuration settings that apply to the entire channel.", - "title": "GlobalConfiguration" - }, - "MotionGraphicsConfiguration": { - "$ref": "#/definitions/AWS::MediaLive::Channel.MotionGraphicsConfiguration", - "markdownDescription": "Settings to enable and configure the motion graphics overlay feature in the channel.", - "title": "MotionGraphicsConfiguration" - }, - "NielsenConfiguration": { - "$ref": "#/definitions/AWS::MediaLive::Channel.NielsenConfiguration", - "markdownDescription": "The settings to configure Nielsen watermarks.", - "title": "NielsenConfiguration" - }, - "OutputGroups": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputGroup" - }, - "markdownDescription": "The settings for the output groups in the channel.", - "title": "OutputGroups", - "type": "array" - }, - "ThumbnailConfiguration": { - "$ref": "#/definitions/AWS::MediaLive::Channel.ThumbnailConfiguration", - "markdownDescription": "", - "title": "ThumbnailConfiguration" - }, - "TimecodeConfig": { - "$ref": "#/definitions/AWS::MediaLive::Channel.TimecodeConfig", - "markdownDescription": "Contains settings used to acquire and adjust timecode information from the inputs.", - "title": "TimecodeConfig" + "CSVMappingParameters": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.CSVMappingParameters", + "markdownDescription": "Provides additional mapping information when the record format uses delimiters (for example, CSV).", + "title": "CSVMappingParameters" }, - "VideoDescriptions": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.VideoDescription" - }, - "markdownDescription": "The encoding information for output videos.", - "title": "VideoDescriptions", - "type": "array" + "JSONMappingParameters": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.JSONMappingParameters", + "markdownDescription": "Provides additional mapping information when JSON is the record format on the streaming source.", + "title": "JSONMappingParameters" } }, "type": "object" }, - "AWS::MediaLive::Channel.EpochLockingSettings": { + "AWS::KinesisAnalyticsV2::Application.MavenReference": { "additionalProperties": false, "properties": { - "CustomEpoch": { - "markdownDescription": "", - "title": "CustomEpoch", + "ArtifactId": { + "markdownDescription": "The artifact ID of the Maven reference.", + "title": "ArtifactId", "type": "string" }, - "JamSyncTime": { - "markdownDescription": "", - "title": "JamSyncTime", + "GroupId": { + "markdownDescription": "The group ID of the Maven reference.", + "title": "GroupId", + "type": "string" + }, + "Version": { + "markdownDescription": "The version of the Maven reference.", + "title": "Version", "type": "string" } }, + "required": [ + "ArtifactId", + "GroupId", + "Version" + ], "type": "object" }, - "AWS::MediaLive::Channel.Esam": { + "AWS::KinesisAnalyticsV2::Application.MonitoringConfiguration": { "additionalProperties": false, "properties": { - "AcquisitionPointId": { - "markdownDescription": "", - "title": "AcquisitionPointId", - "type": "string" - }, - "AdAvailOffset": { - "markdownDescription": "", - "title": "AdAvailOffset", - "type": "number" - }, - "PasswordParam": { - "markdownDescription": "", - "title": "PasswordParam", - "type": "string" - }, - "PoisEndpoint": { - "markdownDescription": "", - "title": "PoisEndpoint", + "ConfigurationType": { + "markdownDescription": "Describes whether to use the default CloudWatch logging configuration for an application. You must set this property to `CUSTOM` in order to set the `LogLevel` or `MetricsLevel` parameters.", + "title": "ConfigurationType", "type": "string" }, - "Username": { - "markdownDescription": "", - "title": "Username", + "LogLevel": { + "markdownDescription": "Describes the verbosity of the CloudWatch Logs for an application.", + "title": "LogLevel", "type": "string" }, - "ZoneIdentity": { - "markdownDescription": "", - "title": "ZoneIdentity", + "MetricsLevel": { + "markdownDescription": "Describes the granularity of the CloudWatch Logs for an application. The `Parallelism` level is not recommended for applications with a Parallelism over 64 due to excessive costs.", + "title": "MetricsLevel", "type": "string" } }, + "required": [ + "ConfigurationType" + ], "type": "object" }, - "AWS::MediaLive::Channel.FailoverCondition": { + "AWS::KinesisAnalyticsV2::Application.ParallelismConfiguration": { "additionalProperties": false, "properties": { - "FailoverConditionSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.FailoverConditionSettings", - "markdownDescription": "Settings for a specific failover condition.", - "title": "FailoverConditionSettings" + "AutoScalingEnabled": { + "markdownDescription": "Describes whether the Managed Service for Apache Flink service can increase the parallelism of the application in response to increased throughput.", + "title": "AutoScalingEnabled", + "type": "boolean" + }, + "ConfigurationType": { + "markdownDescription": "Describes whether the application uses the default parallelism for the Managed Service for Apache Flink service. You must set this property to `CUSTOM` in order to change your application's `AutoScalingEnabled` , `Parallelism` , or `ParallelismPerKPU` properties.", + "title": "ConfigurationType", + "type": "string" + }, + "Parallelism": { + "markdownDescription": "Describes the initial number of parallel tasks that a Java-based Kinesis Data Analytics application can perform. The Kinesis Data Analytics service can increase this number automatically if [ParallelismConfiguration:AutoScalingEnabled](https://docs.aws.amazon.com/managed-flink/latest/apiv2/API_ParallelismConfiguration.html#kinesisanalytics-Type-ParallelismConfiguration-AutoScalingEnabled.html) is set to `true` .", + "title": "Parallelism", + "type": "number" + }, + "ParallelismPerKPU": { + "markdownDescription": "Describes the number of parallel tasks that a Java-based Kinesis Data Analytics application can perform per Kinesis Processing Unit (KPU) used by the application. For more information about KPUs, see [Amazon Kinesis Data Analytics Pricing](https://docs.aws.amazon.com/kinesis/data-analytics/pricing/) .", + "title": "ParallelismPerKPU", + "type": "number" } }, + "required": [ + "ConfigurationType" + ], "type": "object" }, - "AWS::MediaLive::Channel.FailoverConditionSettings": { + "AWS::KinesisAnalyticsV2::Application.PropertyGroup": { "additionalProperties": false, "properties": { - "AudioSilenceSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioSilenceFailoverSettings", - "markdownDescription": "MediaLive will perform a failover if the specified audio selector is silent for the specified period.", - "title": "AudioSilenceSettings" - }, - "InputLossSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputLossFailoverSettings", - "markdownDescription": "MediaLive will perform a failover if content is not detected in this input for the specified period.", - "title": "InputLossSettings" + "PropertyGroupId": { + "markdownDescription": "Describes the key of an application execution property key-value pair.", + "title": "PropertyGroupId", + "type": "string" }, - "VideoBlackSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.VideoBlackFailoverSettings", - "markdownDescription": "MediaLive will perform a failover if content is considered black for the specified period.", - "title": "VideoBlackSettings" + "PropertyMap": { + "additionalProperties": true, + "markdownDescription": "Describes the value of an application execution property key-value pair.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "PropertyMap", + "type": "object" } }, "type": "object" }, - "AWS::MediaLive::Channel.FeatureActivations": { + "AWS::KinesisAnalyticsV2::Application.RecordColumn": { "additionalProperties": false, "properties": { - "InputPrepareScheduleActions": { - "markdownDescription": "Enables the Input Prepare feature. You can create Input Prepare actions in the schedule only if this feature is enabled.\nIf you disable the feature on an existing schedule, make sure that you first delete all input prepare actions from the schedule.", - "title": "InputPrepareScheduleActions", + "Mapping": { + "markdownDescription": "A reference to the data element in the streaming input or the reference data source.", + "title": "Mapping", "type": "string" }, - "OutputStaticImageOverlayScheduleActions": { - "markdownDescription": "", - "title": "OutputStaticImageOverlayScheduleActions", + "Name": { + "markdownDescription": "The name of the column that is created in the in-application input stream or reference table.", + "title": "Name", + "type": "string" + }, + "SqlType": { + "markdownDescription": "The type of column created in the in-application input stream or reference table.", + "title": "SqlType", "type": "string" } }, + "required": [ + "Name", + "SqlType" + ], "type": "object" }, - "AWS::MediaLive::Channel.FecOutputSettings": { + "AWS::KinesisAnalyticsV2::Application.RecordFormat": { "additionalProperties": false, "properties": { - "ColumnDepth": { - "markdownDescription": "The parameter D from SMPTE 2022-1. The height of the FEC protection matrix. The number of transport stream packets per column error correction packet. The number must be between 4 and 20, inclusive.", - "title": "ColumnDepth", - "type": "number" + "MappingParameters": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.MappingParameters", + "markdownDescription": "When you configure application input at the time of creating or updating an application, provides additional mapping information specific to the record format (such as JSON, CSV, or record fields delimited by some delimiter) on the streaming source.", + "title": "MappingParameters" }, - "IncludeFec": { - "markdownDescription": "Enables column only or column and row-based FEC.", - "title": "IncludeFec", + "RecordFormatType": { + "markdownDescription": "The type of record format.", + "title": "RecordFormatType", "type": "string" - }, - "RowLength": { - "markdownDescription": "The parameter L from SMPTE 2022-1. The width of the FEC protection matrix. Must be between 1 and 20, inclusive. If only Column FEC is used, then larger values increase robustness. If Row FEC is used, then this is the number of transport stream packets per row error correction packet, and the value must be between 4 and 20, inclusive, if includeFec is columnAndRow. If includeFec is column, this value must be 1 to 20, inclusive.", - "title": "RowLength", - "type": "number" } }, + "required": [ + "RecordFormatType" + ], "type": "object" }, - "AWS::MediaLive::Channel.Fmp4HlsSettings": { + "AWS::KinesisAnalyticsV2::Application.RunConfiguration": { "additionalProperties": false, "properties": { - "AudioRenditionSets": { - "markdownDescription": "List all the audio groups that are used with the video output stream. Input all the audio GROUP-IDs that are associated to the video, separate by ','.", - "title": "AudioRenditionSets", - "type": "string" - }, - "NielsenId3Behavior": { - "markdownDescription": "If set to passthrough, Nielsen inaudible tones for media tracking will be detected in the input audio and an equivalent ID3 tag will be inserted in the output.", - "title": "NielsenId3Behavior", - "type": "string" + "ApplicationRestoreConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ApplicationRestoreConfiguration", + "markdownDescription": "Describes the restore behavior of a restarting application.", + "title": "ApplicationRestoreConfiguration" }, - "TimedMetadataBehavior": { - "markdownDescription": "When set to passthrough, timed metadata is passed through from input to output.", - "title": "TimedMetadataBehavior", - "type": "string" + "FlinkRunConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.FlinkRunConfiguration", + "markdownDescription": "Describes the starting parameters for a Managed Service for Apache Flink application.", + "title": "FlinkRunConfiguration" } }, "type": "object" }, - "AWS::MediaLive::Channel.FrameCaptureCdnSettings": { + "AWS::KinesisAnalyticsV2::Application.S3ContentBaseLocation": { "additionalProperties": false, "properties": { - "FrameCaptureS3Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.FrameCaptureS3Settings", - "markdownDescription": "Sets up Amazon S3 as the destination for this Frame Capture output.", - "title": "FrameCaptureS3Settings" + "BasePath": { + "markdownDescription": "The base path for the S3 bucket.", + "title": "BasePath", + "type": "string" + }, + "BucketARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the S3 bucket.", + "title": "BucketARN", + "type": "string" } }, + "required": [ + "BucketARN" + ], "type": "object" }, - "AWS::MediaLive::Channel.FrameCaptureGroupSettings": { + "AWS::KinesisAnalyticsV2::Application.S3ContentLocation": { "additionalProperties": false, "properties": { - "Destination": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", - "markdownDescription": "The destination for the frame capture files. The destination is either the URI for an Amazon S3 bucket and object, plus a file name prefix (for example, s3ssl://sportsDelivery/highlights/20180820/curling_) or the URI for a MediaStore container, plus a file name prefix (for example, mediastoressl://sportsDelivery/20180820/curling_). The final file names consist of the prefix from the destination field (for example, \"curling_\") + name modifier + the counter (5 digits, starting from 00001) + extension (which is always .jpg). For example, curlingLow.00001.jpg.", - "title": "Destination" + "BucketARN": { + "markdownDescription": "The Amazon Resource Name (ARN) for the S3 bucket containing the application code.", + "title": "BucketARN", + "type": "string" }, - "FrameCaptureCdnSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.FrameCaptureCdnSettings", - "markdownDescription": "Settings to configure the destination of a Frame Capture output.", - "title": "FrameCaptureCdnSettings" + "FileKey": { + "markdownDescription": "The file key for the object containing the application code.", + "title": "FileKey", + "type": "string" + }, + "ObjectVersion": { + "markdownDescription": "The version of the object containing the application code.", + "title": "ObjectVersion", + "type": "string" } }, + "required": [ + "BucketARN", + "FileKey" + ], "type": "object" }, - "AWS::MediaLive::Channel.FrameCaptureHlsSettings": { + "AWS::KinesisAnalyticsV2::Application.SqlApplicationConfiguration": { "additionalProperties": false, - "properties": {}, + "properties": { + "Inputs": { + "items": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.Input" + }, + "markdownDescription": "The array of [Input](https://docs.aws.amazon.com/managed-flink/latest/apiv2/API_Input.html) objects describing the input streams used by the application.", + "title": "Inputs", + "type": "array" + } + }, "type": "object" }, - "AWS::MediaLive::Channel.FrameCaptureOutputSettings": { + "AWS::KinesisAnalyticsV2::Application.VpcConfiguration": { "additionalProperties": false, "properties": { - "NameModifier": { - "markdownDescription": "Required if the output group contains more than one output. This modifier forms part of the output file name.", - "title": "NameModifier", - "type": "string" + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The array of [SecurityGroup](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SecurityGroup.html) IDs used by the VPC configuration.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The array of [Subnet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_Subnet.html) IDs used by the VPC configuration.", + "title": "SubnetIds", + "type": "array" } }, + "required": [ + "SecurityGroupIds", + "SubnetIds" + ], "type": "object" }, - "AWS::MediaLive::Channel.FrameCaptureS3Settings": { + "AWS::KinesisAnalyticsV2::Application.ZeppelinApplicationConfiguration": { "additionalProperties": false, "properties": { - "CannedAcl": { - "markdownDescription": "Specify the canned ACL to apply to each S3 request. Defaults to none.", - "title": "CannedAcl", - "type": "string" + "CatalogConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.CatalogConfiguration", + "markdownDescription": "The Amazon Glue Data Catalog that you use in queries in a Kinesis Data Analytics Studio notebook.", + "title": "CatalogConfiguration" + }, + "CustomArtifactsConfiguration": { + "items": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.CustomArtifactConfiguration" + }, + "markdownDescription": "A list of `CustomArtifactConfiguration` objects.", + "title": "CustomArtifactsConfiguration", + "type": "array" + }, + "DeployAsApplicationConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.DeployAsApplicationConfiguration", + "markdownDescription": "The information required to deploy a Kinesis Data Analytics Studio notebook as an application with durable state.", + "title": "DeployAsApplicationConfiguration" + }, + "MonitoringConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ZeppelinMonitoringConfiguration", + "markdownDescription": "The monitoring configuration of a Kinesis Data Analytics Studio notebook.", + "title": "MonitoringConfiguration" } }, "type": "object" }, - "AWS::MediaLive::Channel.FrameCaptureSettings": { + "AWS::KinesisAnalyticsV2::Application.ZeppelinMonitoringConfiguration": { "additionalProperties": false, "properties": { - "CaptureInterval": { - "markdownDescription": "The frequency, in seconds, for capturing frames for inclusion in the output. For example, \"10\" means capture a frame every 10 seconds.", - "title": "CaptureInterval", - "type": "number" - }, - "CaptureIntervalUnits": { - "markdownDescription": "Unit for the frame capture interval.", - "title": "CaptureIntervalUnits", + "LogLevel": { + "markdownDescription": "The verbosity of the CloudWatch Logs for an application. You can set it to `INFO` , `WARN` , `ERROR` , or `DEBUG` .", + "title": "LogLevel", "type": "string" - }, - "TimecodeBurninSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.TimecodeBurninSettings", - "markdownDescription": "", - "title": "TimecodeBurninSettings" } }, "type": "object" }, - "AWS::MediaLive::Channel.GlobalConfiguration": { + "AWS::KinesisAnalyticsV2::ApplicationCloudWatchLoggingOption": { "additionalProperties": false, "properties": { - "InitialAudioGain": { - "markdownDescription": "The value to set the initial audio gain for the channel.", - "title": "InitialAudioGain", - "type": "number" - }, - "InputEndAction": { - "markdownDescription": "Indicates the action to take when the current input completes (for example, end-of-file). When switchAndLoopInputs is configured, MediaLive restarts at the beginning of the first input. When \"none\" is configured, MediaLive transcodes either black, a solid color, or a user-specified slate images per the \"Input Loss Behavior\" configuration until the next input switch occurs (which is controlled through the Channel Schedule API).", - "title": "InputEndAction", + "Condition": { "type": "string" }, - "InputLossBehavior": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputLossBehavior", - "markdownDescription": "The settings for system actions when the input is lost.", - "title": "InputLossBehavior" - }, - "OutputLockingMode": { - "markdownDescription": "Indicates how MediaLive pipelines are synchronized. PIPELINELOCKING - MediaLive attempts to synchronize the output of each pipeline to the other. EPOCHLOCKING - MediaLive attempts to synchronize the output of each pipeline to the Unix epoch.", - "title": "OutputLockingMode", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "OutputLockingSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLockingSettings", - "markdownDescription": "", - "title": "OutputLockingSettings" - }, - "OutputTimingSource": { - "markdownDescription": "Indicates whether the rate of frames emitted by the Live encoder should be paced by its system clock (which optionally might be locked to another source through NTP) or should be locked to the clock of the source that is providing the input stream.", - "title": "OutputTimingSource", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SupportLowFramerateInputs": { - "markdownDescription": "Adjusts the video input buffer for streams with very low video frame rates. This is commonly set to enabled for music channels with less than one video frame per second.", - "title": "SupportLowFramerateInputs", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.H264ColorSpaceSettings": { - "additionalProperties": false, - "properties": { - "ColorSpacePassthroughSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.ColorSpacePassthroughSettings", - "markdownDescription": "Passthrough applies no color space conversion to the output.", - "title": "ColorSpacePassthroughSettings" + "Metadata": { + "type": "object" }, - "Rec601Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Rec601Settings", - "markdownDescription": "Settings to configure the handling of Rec601 color space.", - "title": "Rec601Settings" + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationName": { + "markdownDescription": "The name of the application.", + "title": "ApplicationName", + "type": "string" + }, + "CloudWatchLoggingOption": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationCloudWatchLoggingOption.CloudWatchLoggingOption", + "markdownDescription": "Provides a description of Amazon CloudWatch logging options, including the log stream Amazon Resource Name (ARN).", + "title": "CloudWatchLoggingOption" + } + }, + "required": [ + "ApplicationName", + "CloudWatchLoggingOption" + ], + "type": "object" }, - "Rec709Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Rec709Settings", - "markdownDescription": "Settings to configure the handling of Rec709 color space.", - "title": "Rec709Settings" + "Type": { + "enum": [ + "AWS::KinesisAnalyticsV2::ApplicationCloudWatchLoggingOption" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::MediaLive::Channel.H264FilterSettings": { + "AWS::KinesisAnalyticsV2::ApplicationCloudWatchLoggingOption.CloudWatchLoggingOption": { "additionalProperties": false, "properties": { - "TemporalFilterSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.TemporalFilterSettings", - "markdownDescription": "Settings for applying the temporal filter to the video.", - "title": "TemporalFilterSettings" + "LogStreamARN": { + "markdownDescription": "The ARN of the CloudWatch log to receive application messages.", + "title": "LogStreamARN", + "type": "string" } }, + "required": [ + "LogStreamARN" + ], "type": "object" }, - "AWS::MediaLive::Channel.H264Settings": { + "AWS::KinesisAnalyticsV2::ApplicationOutput": { "additionalProperties": false, "properties": { - "AdaptiveQuantization": { - "markdownDescription": "The adaptive quantization. This allows intra-frame quantizers to vary to improve visual quality.", - "title": "AdaptiveQuantization", + "Condition": { "type": "string" }, - "AfdSignaling": { - "markdownDescription": "Indicates that AFD values will be written into the output stream. If afdSignaling is auto, the system tries to preserve the input AFD value (in cases where multiple AFD values are valid). If set to fixed, the AFD value is the value configured in the fixedAfd parameter.", - "title": "AfdSignaling", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Bitrate": { - "markdownDescription": "The average bitrate in bits/second. This is required when the rate control mode is VBR or CBR. It isn't used for QVBR. In a Microsoft Smooth output group, each output must have a unique value when its bitrate is rounded down to the nearest multiple of 1000.", - "title": "Bitrate", - "type": "number" - }, - "BufFillPct": { - "markdownDescription": "The percentage of the buffer that should initially be filled (HRD buffer model).", - "title": "BufFillPct", - "type": "number" - }, - "BufSize": { - "markdownDescription": "The size of the buffer (HRD buffer model) in bits/second.", - "title": "BufSize", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ColorMetadata": { - "markdownDescription": "Includes color space metadata in the output.", - "title": "ColorMetadata", - "type": "string" + "Metadata": { + "type": "object" }, - "ColorSpaceSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.H264ColorSpaceSettings", - "markdownDescription": "Settings to configure the color space handling for the video.", - "title": "ColorSpaceSettings" + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationName": { + "markdownDescription": "The name of the application.", + "title": "ApplicationName", + "type": "string" + }, + "Output": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationOutput.Output", + "markdownDescription": "Describes a SQL-based Kinesis Data Analytics application's output configuration, in which you identify an in-application stream and a destination where you want the in-application stream data to be written. The destination can be a Kinesis data stream or a Kinesis Data Firehose delivery stream.", + "title": "Output" + } + }, + "required": [ + "ApplicationName", + "Output" + ], + "type": "object" }, - "EntropyEncoding": { - "markdownDescription": "The entropy encoding mode. Use cabac (must be in Main or High profile) or cavlc.", - "title": "EntropyEncoding", + "Type": { + "enum": [ + "AWS::KinesisAnalyticsV2::ApplicationOutput" + ], "type": "string" }, - "FilterSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.H264FilterSettings", - "markdownDescription": "Optional filters that you can apply to an encode.", - "title": "FilterSettings" - }, - "FixedAfd": { - "markdownDescription": "A four-bit AFD value to write on all frames of video in the output stream. Valid only when afdSignaling is set to Fixed.", - "title": "FixedAfd", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "FlickerAq": { - "markdownDescription": "If set to enabled, adjusts the quantization within each frame to reduce flicker or pop on I-frames.", - "title": "FlickerAq", + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::KinesisAnalyticsV2::ApplicationOutput.DestinationSchema": { + "additionalProperties": false, + "properties": { + "RecordFormatType": { + "markdownDescription": "Specifies the format of the records on the output stream.", + "title": "RecordFormatType", "type": "string" - }, - "ForceFieldPictures": { - "markdownDescription": "This setting applies only when scan type is \"interlaced.\" It controls whether coding is performed on a field basis or on a frame basis. (When the video is progressive, the coding is always performed on a frame basis.)\nenabled: Force MediaLive to code on a field basis, so that odd and even sets of fields are coded separately.\ndisabled: Code the two sets of fields separately (on a field basis) or together (on a frame basis using PAFF), depending on what is most appropriate for the content.", - "title": "ForceFieldPictures", + } + }, + "type": "object" + }, + "AWS::KinesisAnalyticsV2::ApplicationOutput.KinesisFirehoseOutput": { + "additionalProperties": false, + "properties": { + "ResourceARN": { + "markdownDescription": "The ARN of the destination delivery stream to write to.", + "title": "ResourceARN", "type": "string" - }, - "FramerateControl": { - "markdownDescription": "Indicates how the output video frame rate is specified. If you select \"specified,\" the output video frame rate is determined by framerateNumerator and framerateDenominator. If you select \"initializeFromSource,\" the output video frame rate is set equal to the input video frame rate of the first input.", - "title": "FramerateControl", + } + }, + "required": [ + "ResourceARN" + ], + "type": "object" + }, + "AWS::KinesisAnalyticsV2::ApplicationOutput.KinesisStreamsOutput": { + "additionalProperties": false, + "properties": { + "ResourceARN": { + "markdownDescription": "The ARN of the destination Kinesis data stream to write to.", + "title": "ResourceARN", "type": "string" - }, - "FramerateDenominator": { - "markdownDescription": "The frame rate denominator.", - "title": "FramerateDenominator", - "type": "number" - }, - "FramerateNumerator": { - "markdownDescription": "The frame rate numerator. The frame rate is a fraction, for example, 24000/1001 = 23.976 fps.", - "title": "FramerateNumerator", - "type": "number" - }, - "GopBReference": { - "markdownDescription": "If enabled, uses reference B frames for GOP structures that have B frames > 1.", - "title": "GopBReference", + } + }, + "required": [ + "ResourceARN" + ], + "type": "object" + }, + "AWS::KinesisAnalyticsV2::ApplicationOutput.LambdaOutput": { + "additionalProperties": false, + "properties": { + "ResourceARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the destination Lambda function to write to.\n\n> To specify an earlier version of the Lambda function than the latest, include the Lambda function version in the Lambda function ARN. For more information about Lambda ARNs, see [Example ARNs: Amazon Lambda](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-lambda)", + "title": "ResourceARN", "type": "string" + } + }, + "required": [ + "ResourceARN" + ], + "type": "object" + }, + "AWS::KinesisAnalyticsV2::ApplicationOutput.Output": { + "additionalProperties": false, + "properties": { + "DestinationSchema": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationOutput.DestinationSchema", + "markdownDescription": "Describes the data format when records are written to the destination.", + "title": "DestinationSchema" }, - "GopClosedCadence": { - "markdownDescription": "The frequency of closed GOPs. In streaming applications, we recommend that you set this to 1 so that a decoder joining mid-stream will receive an IDR frame as quickly as possible. Setting this value to 0 will break output segmenting.", - "title": "GopClosedCadence", - "type": "number" - }, - "GopNumBFrames": { - "markdownDescription": "The number of B-frames between reference frames.", - "title": "GopNumBFrames", - "type": "number" + "KinesisFirehoseOutput": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationOutput.KinesisFirehoseOutput", + "markdownDescription": "Identifies a Kinesis Data Firehose delivery stream as the destination.", + "title": "KinesisFirehoseOutput" }, - "GopSize": { - "markdownDescription": "The GOP size (keyframe interval) in units of either frames or seconds per gopSizeUnits. The value must be greater than zero.", - "title": "GopSize", - "type": "number" + "KinesisStreamsOutput": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationOutput.KinesisStreamsOutput", + "markdownDescription": "Identifies a Kinesis data stream as the destination.", + "title": "KinesisStreamsOutput" }, - "GopSizeUnits": { - "markdownDescription": "Indicates if the gopSize is specified in frames or seconds. If seconds, the system converts the gopSize into a frame count at runtime.", - "title": "GopSizeUnits", - "type": "string" + "LambdaOutput": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationOutput.LambdaOutput", + "markdownDescription": "Identifies an Amazon Lambda function as the destination.", + "title": "LambdaOutput" }, - "Level": { - "markdownDescription": "The H.264 level.", - "title": "Level", + "Name": { + "markdownDescription": "The name of the in-application stream.", + "title": "Name", "type": "string" - }, - "LookAheadRateControl": { - "markdownDescription": "The amount of lookahead. A value of low can decrease latency and memory usage, while high can produce better quality for certain content.", - "title": "LookAheadRateControl", + } + }, + "required": [ + "DestinationSchema" + ], + "type": "object" + }, + "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "MaxBitrate": { - "markdownDescription": "For QVBR: See the tooltip for Quality level. For VBR: Set the maximum bitrate in order to accommodate expected spikes in the complexity of the video.", - "title": "MaxBitrate", - "type": "number" - }, - "MinIInterval": { - "markdownDescription": "Meaningful only if sceneChangeDetect is set to enabled. This setting enforces separation between repeated (cadence) I-frames and I-frames inserted by Scene Change Detection. If a scene change I-frame is within I-interval frames of a cadence I-frame, the GOP is shrunk or stretched to the scene change I-frame. GOP stretch requires enabling lookahead as well as setting the I-interval. The normal cadence resumes for the next GOP. Note that the maximum GOP stretch = GOP size + Min-I-interval - 1.", - "title": "MinIInterval", - "type": "number" - }, - "NumRefFrames": { - "markdownDescription": "The number of reference frames to use. The encoder might use more than requested if you use B-frames or interlaced encoding.", - "title": "NumRefFrames", - "type": "number" - }, - "ParControl": { - "markdownDescription": "Indicates how the output pixel aspect ratio is specified. If \"specified\" is selected, the output video pixel aspect ratio is determined by parNumerator and parDenominator. If \"initializeFromSource\" is selected, the output pixels aspect ratio will be set equal to the input video pixel aspect ratio of the first input.", - "title": "ParControl", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ParDenominator": { - "markdownDescription": "The Pixel Aspect Ratio denominator.", - "title": "ParDenominator", - "type": "number" - }, - "ParNumerator": { - "markdownDescription": "The Pixel Aspect Ratio numerator.", - "title": "ParNumerator", - "type": "number" - }, - "Profile": { - "markdownDescription": "An H.264 profile.", - "title": "Profile", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "QualityLevel": { - "markdownDescription": "Leave as STANDARD_QUALITY or choose a different value (which might result in additional costs to run the channel).\n- ENHANCED_QUALITY: Produces a slightly better video quality without an increase in the bitrate. Has an effect only when the Rate control mode is QVBR or CBR. If this channel is in a MediaLive multiplex, the value must be ENHANCED_QUALITY.\n- STANDARD_QUALITY: Valid for any Rate control mode.", - "title": "QualityLevel", - "type": "string" + "Metadata": { + "type": "object" }, - "QvbrQualityLevel": { - "markdownDescription": "Controls the target quality for the video encode. This applies only when the rate control mode is QVBR. Set values for the QVBR quality level field and Max bitrate field that suit your most important viewing devices. Recommended values are: - Primary screen: Quality level: 8 to 10. Max bitrate: 4M - PC or tablet: Quality level: 7. Max bitrate: 1.5M to 3M - Smartphone: Quality level: 6. Max bitrate: 1M to 1.5M.", - "title": "QvbrQualityLevel", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationName": { + "markdownDescription": "The name of the application.", + "title": "ApplicationName", + "type": "string" + }, + "ReferenceDataSource": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.ReferenceDataSource", + "markdownDescription": "For a SQL-based Kinesis Data Analytics application, describes the reference data source by providing the source information (Amazon S3 bucket name and object key name), the resulting in-application table name that is created, and the necessary schema to map the data elements in the Amazon S3 object to the in-application table.", + "title": "ReferenceDataSource" + } + }, + "required": [ + "ApplicationName", + "ReferenceDataSource" + ], + "type": "object" }, - "RateControlMode": { - "markdownDescription": "The rate control mode. QVBR: The quality will match the specified quality level except when it is constrained by the maximum bitrate. We recommend this if you or your viewers pay for bandwidth. VBR: The quality and bitrate vary, depending on the video complexity. We recommend this instead of QVBR if you want to maintain a specific average bitrate over the duration of the channel. CBR: The quality varies, depending on the video complexity. We recommend this only if you distribute your assets to devices that can't handle variable bitrates.", - "title": "RateControlMode", + "Type": { + "enum": [ + "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource" + ], "type": "string" }, - "ScanType": { - "markdownDescription": "Sets the scan type of the output to progressive or top-field-first interlaced.", - "title": "ScanType", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "SceneChangeDetect": { - "markdownDescription": "The scene change detection. On: inserts I-frames when the scene change is detected. Off: does not force an I-frame when the scene change is detected.", - "title": "SceneChangeDetect", + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.CSVMappingParameters": { + "additionalProperties": false, + "properties": { + "RecordColumnDelimiter": { + "markdownDescription": "The column delimiter. For example, in a CSV format, a comma (\",\") is the typical column delimiter.", + "title": "RecordColumnDelimiter", "type": "string" }, - "Slices": { - "markdownDescription": "The number of slices per picture. The number must be less than or equal to the number of macroblock rows for progressive pictures, and less than or equal to half the number of macroblock rows for interlaced pictures. This field is optional. If you don't specify a value, MediaLive chooses the number of slices based on the encode resolution.", - "title": "Slices", - "type": "number" - }, - "Softness": { - "markdownDescription": "Softness. Selects a quantizer matrix. Larger values reduce high-frequency content in the encoded image.", - "title": "Softness", - "type": "number" - }, - "SpatialAq": { - "markdownDescription": "If set to enabled, adjusts quantization within each frame based on the spatial variation of content complexity.", - "title": "SpatialAq", + "RecordRowDelimiter": { + "markdownDescription": "The row delimiter. For example, in a CSV format, *'\\n'* is the typical row delimiter.", + "title": "RecordRowDelimiter", "type": "string" - }, - "SubgopLength": { - "markdownDescription": "If set to fixed, uses gopNumBFrames B-frames per sub-GOP. If set to dynamic, optimizes the number of B-frames used for each sub-GOP to improve visual quality.", - "title": "SubgopLength", + } + }, + "required": [ + "RecordColumnDelimiter", + "RecordRowDelimiter" + ], + "type": "object" + }, + "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.JSONMappingParameters": { + "additionalProperties": false, + "properties": { + "RecordRowPath": { + "markdownDescription": "The path to the top-level parent that contains the records.", + "title": "RecordRowPath", "type": "string" + } + }, + "required": [ + "RecordRowPath" + ], + "type": "object" + }, + "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.MappingParameters": { + "additionalProperties": false, + "properties": { + "CSVMappingParameters": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.CSVMappingParameters", + "markdownDescription": "Provides additional mapping information when the record format uses delimiters (for example, CSV).", + "title": "CSVMappingParameters" }, - "Syntax": { - "markdownDescription": "Produces a bitstream that is compliant with SMPTE RP-2027.", - "title": "Syntax", + "JSONMappingParameters": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.JSONMappingParameters", + "markdownDescription": "Provides additional mapping information when JSON is the record format on the streaming source.", + "title": "JSONMappingParameters" + } + }, + "type": "object" + }, + "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.RecordColumn": { + "additionalProperties": false, + "properties": { + "Mapping": { + "markdownDescription": "A reference to the data element in the streaming input or the reference data source.", + "title": "Mapping", "type": "string" }, - "TemporalAq": { - "markdownDescription": "If set to enabled, adjusts quantization within each frame based on the temporal variation of content complexity.", - "title": "TemporalAq", + "Name": { + "markdownDescription": "The name of the column that is created in the in-application input stream or reference table.", + "title": "Name", "type": "string" }, - "TimecodeBurninSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.TimecodeBurninSettings", - "markdownDescription": "", - "title": "TimecodeBurninSettings" - }, - "TimecodeInsertion": { - "markdownDescription": "Determines how timecodes should be inserted into the video elementary stream. disabled: don't include timecodes. picTimingSei: pass through picture timing SEI messages from the source specified in Timecode Config.", - "title": "TimecodeInsertion", + "SqlType": { + "markdownDescription": "The type of column created in the in-application input stream or reference table.", + "title": "SqlType", "type": "string" } }, + "required": [ + "Name", + "SqlType" + ], "type": "object" }, - "AWS::MediaLive::Channel.H265ColorSpaceSettings": { + "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.RecordFormat": { "additionalProperties": false, "properties": { - "ColorSpacePassthroughSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.ColorSpacePassthroughSettings", - "markdownDescription": "Passthrough applies no color space conversion to the output.", - "title": "ColorSpacePassthroughSettings" - }, - "DolbyVision81Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.DolbyVision81Settings", - "markdownDescription": "", - "title": "DolbyVision81Settings" - }, - "Hdr10Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Hdr10Settings", - "markdownDescription": "Settings to configure the handling of HDR10 color space.", - "title": "Hdr10Settings" - }, - "Rec601Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Rec601Settings", - "markdownDescription": "Settings to configure the handling of Rec601 color space.", - "title": "Rec601Settings" + "MappingParameters": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.MappingParameters", + "markdownDescription": "When you configure application input at the time of creating or updating an application, provides additional mapping information specific to the record format (such as JSON, CSV, or record fields delimited by some delimiter) on the streaming source.", + "title": "MappingParameters" }, - "Rec709Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Rec709Settings", - "markdownDescription": "Settings to configure the handling of Rec709 color space.", - "title": "Rec709Settings" + "RecordFormatType": { + "markdownDescription": "The type of record format.", + "title": "RecordFormatType", + "type": "string" } }, + "required": [ + "RecordFormatType" + ], "type": "object" }, - "AWS::MediaLive::Channel.H265FilterSettings": { + "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.ReferenceDataSource": { "additionalProperties": false, "properties": { - "TemporalFilterSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.TemporalFilterSettings", - "markdownDescription": "Settings for applying the temporal filter to the video.", - "title": "TemporalFilterSettings" + "ReferenceSchema": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.ReferenceSchema", + "markdownDescription": "Describes the format of the data in the streaming source, and how each data element maps to corresponding columns created in the in-application stream.", + "title": "ReferenceSchema" + }, + "S3ReferenceDataSource": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.S3ReferenceDataSource", + "markdownDescription": "Identifies the S3 bucket and object that contains the reference data. A Kinesis Data Analytics application loads reference data only once. If the data changes, you call the [UpdateApplication](https://docs.aws.amazon.com/managed-flink/latest/apiv2/API_UpdateApplication.html) operation to trigger reloading of data into your application.", + "title": "S3ReferenceDataSource" + }, + "TableName": { + "markdownDescription": "The name of the in-application table to create.", + "title": "TableName", + "type": "string" } }, + "required": [ + "ReferenceSchema" + ], "type": "object" }, - "AWS::MediaLive::Channel.H265Settings": { + "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.ReferenceSchema": { "additionalProperties": false, "properties": { - "AdaptiveQuantization": { - "markdownDescription": "Adaptive quantization. Allows intra-frame quantizers to vary to improve visual quality.", - "title": "AdaptiveQuantization", - "type": "string" + "RecordColumns": { + "items": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.RecordColumn" + }, + "markdownDescription": "A list of `RecordColumn` objects.", + "title": "RecordColumns", + "type": "array" }, - "AfdSignaling": { - "markdownDescription": "Indicates that AFD values will be written into the output stream. If afdSignaling is \"auto\", the system will try to preserve the input AFD value (in cases where multiple AFD values are valid). If set to \"fixed\", the AFD value will be the value configured in the fixedAfd parameter.", - "title": "AfdSignaling", + "RecordEncoding": { + "markdownDescription": "Specifies the encoding of the records in the streaming source. For example, UTF-8.", + "title": "RecordEncoding", "type": "string" }, - "AlternativeTransferFunction": { - "markdownDescription": "Whether or not EML should insert an Alternative Transfer Function SEI message to support backwards compatibility with non-HDR decoders and displays.", - "title": "AlternativeTransferFunction", + "RecordFormat": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.RecordFormat", + "markdownDescription": "Specifies the format of the records on the streaming source.", + "title": "RecordFormat" + } + }, + "required": [ + "RecordColumns", + "RecordFormat" + ], + "type": "object" + }, + "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.S3ReferenceDataSource": { + "additionalProperties": false, + "properties": { + "BucketARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the S3 bucket.", + "title": "BucketARN", "type": "string" }, - "Bitrate": { - "markdownDescription": "Average bitrate in bits/second. Required when the rate control mode is VBR or CBR. Not used for QVBR. In an MS Smooth output group, each output must have a unique value when its bitrate is rounded down to the nearest multiple of 1000.", - "title": "Bitrate", - "type": "number" - }, - "BufSize": { - "markdownDescription": "Size of buffer (HRD buffer model) in bits.", - "title": "BufSize", - "type": "number" - }, - "ColorMetadata": { - "markdownDescription": "Includes colorspace metadata in the output.", - "title": "ColorMetadata", + "FileKey": { + "markdownDescription": "The object key name containing the reference data.", + "title": "FileKey", "type": "string" - }, - "ColorSpaceSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.H265ColorSpaceSettings", - "markdownDescription": "Color Space settings", - "title": "ColorSpaceSettings" - }, - "FilterSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.H265FilterSettings", - "markdownDescription": "Optional filters that you can apply to an encode.", - "title": "FilterSettings" - }, - "FixedAfd": { - "markdownDescription": "Four bit AFD value to write on all frames of video in the output stream. Only valid when afdSignaling is set to 'Fixed'.", - "title": "FixedAfd", + } + }, + "required": [ + "BucketARN", + "FileKey" + ], + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "FlickerAq": { - "markdownDescription": "If set to enabled, adjust quantization within each frame to reduce flicker or 'pop' on I-frames.", - "title": "FlickerAq", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "FramerateDenominator": { - "markdownDescription": "Framerate denominator.", - "title": "FramerateDenominator", - "type": "number" - }, - "FramerateNumerator": { - "markdownDescription": "Framerate numerator - framerate is a fraction, e.g. 24000 / 1001 = 23.976 fps.", - "title": "FramerateNumerator", - "type": "number" - }, - "GopClosedCadence": { - "markdownDescription": "Frequency of closed GOPs. In streaming applications, it is recommended that this be set to 1 so a decoder joining mid-stream will receive an IDR frame as quickly as possible. Setting this value to 0 will break output segmenting.", - "title": "GopClosedCadence", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "GopSize": { - "markdownDescription": "GOP size (keyframe interval) in units of either frames or seconds per gopSizeUnits.\nIf gopSizeUnits is frames, gopSize must be an integer and must be greater than or equal to 1.\nIf gopSizeUnits is seconds, gopSize must be greater than 0, but need not be an integer.", - "title": "GopSize", - "type": "number" + "Metadata": { + "type": "object" }, - "GopSizeUnits": { - "markdownDescription": "Indicates if the gopSize is specified in frames or seconds. If seconds the system will convert the gopSize into a frame count at run time.", - "title": "GopSizeUnits", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "AmazonOpenSearchServerlessDestinationConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessDestinationConfiguration", + "markdownDescription": "Describes the configuration of a destination in the Serverless offering for Amazon OpenSearch Service.", + "title": "AmazonOpenSearchServerlessDestinationConfiguration" + }, + "AmazonopensearchserviceDestinationConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceDestinationConfiguration", + "markdownDescription": "The destination in Amazon OpenSearch Service. You can specify only one destination.", + "title": "AmazonopensearchserviceDestinationConfiguration" + }, + "DatabaseSourceConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DatabaseSourceConfiguration", + "markdownDescription": "The top level object for configuring streams with database as a source.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "DatabaseSourceConfiguration" + }, + "DeliveryStreamEncryptionConfigurationInput": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DeliveryStreamEncryptionConfigurationInput", + "markdownDescription": "Specifies the type and Amazon Resource Name (ARN) of the CMK to use for Server-Side Encryption (SSE).", + "title": "DeliveryStreamEncryptionConfigurationInput" + }, + "DeliveryStreamName": { + "markdownDescription": "The name of the Firehose stream.", + "title": "DeliveryStreamName", + "type": "string" + }, + "DeliveryStreamType": { + "markdownDescription": "The Firehose stream type. This can be one of the following values:\n\n- `DirectPut` : Provider applications access the Firehose stream directly.\n- `KinesisStreamAsSource` : The Firehose stream uses a Kinesis data stream as a source.", + "title": "DeliveryStreamType", + "type": "string" + }, + "DirectPutSourceConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DirectPutSourceConfiguration", + "markdownDescription": "The structure that configures parameters such as `ThroughputHintInMBs` for a stream configured with Direct PUT as a source.", + "title": "DirectPutSourceConfiguration" + }, + "ElasticsearchDestinationConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ElasticsearchDestinationConfiguration", + "markdownDescription": "An Amazon ES destination for the delivery stream.\n\nConditional. You must specify only one destination configuration.\n\nIf you change the delivery stream destination from an Amazon ES destination to an Amazon S3 or Amazon Redshift destination, update requires [some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt) .", + "title": "ElasticsearchDestinationConfiguration" + }, + "ExtendedS3DestinationConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ExtendedS3DestinationConfiguration", + "markdownDescription": "An Amazon S3 destination for the delivery stream.\n\nConditional. You must specify only one destination configuration.\n\nIf you change the delivery stream destination from an Amazon Extended S3 destination to an Amazon ES destination, update requires [some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt) .", + "title": "ExtendedS3DestinationConfiguration" + }, + "HttpEndpointDestinationConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.HttpEndpointDestinationConfiguration", + "markdownDescription": "Enables configuring Kinesis Firehose to deliver data to any HTTP endpoint destination. You can specify only one destination.", + "title": "HttpEndpointDestinationConfiguration" + }, + "IcebergDestinationConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.IcebergDestinationConfiguration", + "markdownDescription": "Specifies the destination configure settings for Apache Iceberg Table.", + "title": "IcebergDestinationConfiguration" + }, + "KinesisStreamSourceConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.KinesisStreamSourceConfiguration", + "markdownDescription": "When a Kinesis stream is used as the source for the delivery stream, a [KinesisStreamSourceConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisfirehose-deliverystream-kinesisstreamsourceconfiguration.html) containing the Kinesis stream ARN and the role ARN for the source stream.", + "title": "KinesisStreamSourceConfiguration" + }, + "MSKSourceConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.MSKSourceConfiguration", + "markdownDescription": "The configuration for the Amazon MSK cluster to be used as the source for a delivery stream.", + "title": "MSKSourceConfiguration" + }, + "RedshiftDestinationConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.RedshiftDestinationConfiguration", + "markdownDescription": "An Amazon Redshift destination for the delivery stream.\n\nConditional. You must specify only one destination configuration.\n\nIf you change the delivery stream destination from an Amazon Redshift destination to an Amazon ES destination, update requires [some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt) .", + "title": "RedshiftDestinationConfiguration" + }, + "S3DestinationConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", + "markdownDescription": "The `S3DestinationConfiguration` property type specifies an Amazon Simple Storage Service (Amazon S3) destination to which Amazon Kinesis Data Firehose (Kinesis Data Firehose) delivers data.\n\nConditional. You must specify only one destination configuration.\n\nIf you change the delivery stream destination from an Amazon S3 destination to an Amazon ES destination, update requires [some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt) .", + "title": "S3DestinationConfiguration" + }, + "SnowflakeDestinationConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SnowflakeDestinationConfiguration", + "markdownDescription": "Configure Snowflake destination", + "title": "SnowflakeDestinationConfiguration" + }, + "SplunkDestinationConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SplunkDestinationConfiguration", + "markdownDescription": "The configuration of a destination in Splunk for the delivery stream.", + "title": "SplunkDestinationConfiguration" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A set of tags to assign to the Firehose stream. A tag is a key-value pair that you can define and assign to AWS resources. Tags are metadata. For example, you can add friendly names and descriptions or other types of information that can help you distinguish the Firehose stream. For more information about tags, see [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html) in the AWS Billing and Cost Management User Guide.\n\nYou can specify up to 50 tags when creating a Firehose stream.\n\nIf you specify tags in the `CreateDeliveryStream` action, Amazon Data Firehose performs an additional authorization on the `firehose:TagDeliveryStream` action to verify if users have permissions to create tags. If you do not provide this permission, requests to create new Firehose streams with IAM resource tags will fail with an `AccessDeniedException` such as following.\n\n*AccessDeniedException*\n\nUser: arn:aws:sts::x:assumed-role/x/x is not authorized to perform: firehose:TagDeliveryStream on resource: arn:aws:firehose:us-east-1:x:deliverystream/x with an explicit deny in an identity-based policy.\n\nFor an example IAM policy, see [Tag example.](https://docs.aws.amazon.com/firehose/latest/APIReference/API_CreateDeliveryStream.html#API_CreateDeliveryStream_Examples)", + "title": "Tags", + "type": "array" + } + }, + "type": "object" }, - "Level": { - "markdownDescription": "H.265 Level.", - "title": "Level", + "Type": { + "enum": [ + "AWS::KinesisFirehose::DeliveryStream" + ], "type": "string" }, - "LookAheadRateControl": { - "markdownDescription": "Amount of lookahead. A value of low can decrease latency and memory usage, while high can produce better quality for certain content.", - "title": "LookAheadRateControl", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "MaxBitrate": { - "markdownDescription": "For QVBR: See the tooltip for Quality level", - "title": "MaxBitrate", + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessBufferingHints": { + "additionalProperties": false, + "properties": { + "IntervalInSeconds": { + "markdownDescription": "Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 300 (5 minutes).", + "title": "IntervalInSeconds", "type": "number" }, - "MinIInterval": { - "markdownDescription": "Only meaningful if sceneChangeDetect is set to enabled. Defaults to 5 if multiplex rate control is used. Enforces separation between repeated (cadence) I-frames and I-frames inserted by Scene Change Detection. If a scene change I-frame is within I-interval frames of a cadence I-frame, the GOP is shrunk and/or stretched to the scene change I-frame. GOP stretch requires enabling lookahead as well as setting I-interval. The normal cadence resumes for the next GOP. Note: Maximum GOP stretch = GOP size + Min-I-interval - 1", - "title": "MinIInterval", + "SizeInMBs": { + "markdownDescription": "Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 5.\n\nWe recommend setting this parameter to a value greater than the amount of data you typically ingest into the Firehose stream in 10 seconds. For example, if you typically ingest data at 1 MB/sec, the value should be 10 MB or higher.", + "title": "SizeInMBs", "type": "number" + } + }, + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessDestinationConfiguration": { + "additionalProperties": false, + "properties": { + "BufferingHints": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessBufferingHints", + "markdownDescription": "The buffering options. If no value is specified, the default values for AmazonopensearchserviceBufferingHints are used.", + "title": "BufferingHints" }, - "MvOverPictureBoundaries": { - "markdownDescription": "", - "title": "MvOverPictureBoundaries", - "type": "string" - }, - "MvTemporalPredictor": { + "CloudWatchLoggingOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", "markdownDescription": "", - "title": "MvTemporalPredictor", - "type": "string" - }, - "ParDenominator": { - "markdownDescription": "Pixel Aspect Ratio denominator.", - "title": "ParDenominator", - "type": "number" - }, - "ParNumerator": { - "markdownDescription": "Pixel Aspect Ratio numerator.", - "title": "ParNumerator", - "type": "number" - }, - "Profile": { - "markdownDescription": "H.265 Profile.", - "title": "Profile", - "type": "string" - }, - "QvbrQualityLevel": { - "markdownDescription": "Controls the target quality for the video encode. Applies only when the rate control mode is QVBR. Set values for the QVBR quality level field and Max bitrate field that suit your most important viewing devices. Recommended values are:\n- Primary screen: Quality level: 8 to 10. Max bitrate: 4M\n- PC or tablet: Quality level: 7. Max bitrate: 1.5M to 3M\n- Smartphone: Quality level: 6. Max bitrate: 1M to 1.5M", - "title": "QvbrQualityLevel", - "type": "number" + "title": "CloudWatchLoggingOptions" }, - "RateControlMode": { - "markdownDescription": "Rate control mode. QVBR: Quality will match the specified quality level except when it is constrained by the\nmaximum bitrate. Recommended if you or your viewers pay for bandwidth. CBR: Quality varies, depending on the video complexity. Recommended only if you distribute\nyour assets to devices that cannot handle variable bitrates. Multiplex: This rate control mode is only supported (and is required) when the video is being\ndelivered to a MediaLive Multiplex in which case the rate control configuration is controlled\nby the properties within the Multiplex Program.", - "title": "RateControlMode", + "CollectionEndpoint": { + "markdownDescription": "The endpoint to use when communicating with the collection in the Serverless offering for Amazon OpenSearch Service.", + "title": "CollectionEndpoint", "type": "string" }, - "ScanType": { - "markdownDescription": "Sets the scan type of the output to progressive or top-field-first interlaced.", - "title": "ScanType", + "IndexName": { + "markdownDescription": "The Serverless offering for Amazon OpenSearch Service index name.", + "title": "IndexName", "type": "string" }, - "SceneChangeDetect": { - "markdownDescription": "Scene change detection.", - "title": "SceneChangeDetect", - "type": "string" + "ProcessingConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", + "markdownDescription": "", + "title": "ProcessingConfiguration" }, - "Slices": { - "markdownDescription": "Number of slices per picture. Must be less than or equal to the number of macroblock rows for progressive pictures, and less than or equal to half the number of macroblock rows for interlaced pictures.\nThis field is optional; when no value is specified the encoder will choose the number of slices based on encode resolution.", - "title": "Slices", - "type": "number" + "RetryOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessRetryOptions", + "markdownDescription": "The retry behavior in case Firehose is unable to deliver documents to the Serverless offering for Amazon OpenSearch Service. The default value is 300 (5 minutes).", + "title": "RetryOptions" }, - "Tier": { - "markdownDescription": "H.265 Tier.", - "title": "Tier", + "RoleARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to be assumed by Firehose for calling the Serverless offering for Amazon OpenSearch Service Configuration API and for indexing documents.", + "title": "RoleARN", "type": "string" }, - "TileHeight": { - "markdownDescription": "", - "title": "TileHeight", - "type": "number" - }, - "TilePadding": { - "markdownDescription": "", - "title": "TilePadding", + "S3BackupMode": { + "markdownDescription": "Defines how documents should be delivered to Amazon S3. When it is set to FailedDocumentsOnly, Firehose writes any documents that could not be indexed to the configured Amazon S3 destination, with AmazonOpenSearchService-failed/ appended to the key prefix. When set to AllDocuments, Firehose delivers all incoming records to Amazon S3, and also writes failed documents with AmazonOpenSearchService-failed/ appended to the prefix.", + "title": "S3BackupMode", "type": "string" }, - "TileWidth": { - "markdownDescription": "", - "title": "TileWidth", - "type": "number" - }, - "TimecodeBurninSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.TimecodeBurninSettings", + "S3Configuration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", "markdownDescription": "", - "title": "TimecodeBurninSettings" - }, - "TimecodeInsertion": { - "markdownDescription": "Determines how timecodes should be inserted into the video elementary stream.\n- 'disabled': Do not include timecodes\n- 'picTimingSei': Pass through picture timing SEI messages from the source specified in Timecode Config", - "title": "TimecodeInsertion", - "type": "string" + "title": "S3Configuration" }, - "TreeblockSize": { + "VpcConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.VpcConfiguration", "markdownDescription": "", - "title": "TreeblockSize", - "type": "string" + "title": "VpcConfiguration" } }, + "required": [ + "IndexName", + "RoleARN", + "S3Configuration" + ], "type": "object" }, - "AWS::MediaLive::Channel.Hdr10Settings": { + "AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessRetryOptions": { "additionalProperties": false, "properties": { - "MaxCll": { - "markdownDescription": "Maximum Content Light Level\nAn integer metadata value defining the maximum light level, in nits,\nof any single pixel within an encoded HDR video stream or file.", - "title": "MaxCll", - "type": "number" - }, - "MaxFall": { - "markdownDescription": "Maximum Frame Average Light Level\nAn integer metadata value defining the maximum average light level, in nits,\nfor any single frame within an encoded HDR video stream or file.", - "title": "MaxFall", + "DurationInSeconds": { + "markdownDescription": "After an initial failure to deliver to the Serverless offering for Amazon OpenSearch Service, the total amount of time during which Firehose retries delivery (including the first attempt). After this time has elapsed, the failed documents are written to Amazon S3. Default value is 300 seconds (5 minutes). A value of 0 (zero) results in no retries.", + "title": "DurationInSeconds", "type": "number" } }, "type": "object" }, - "AWS::MediaLive::Channel.HlsAkamaiSettings": { + "AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceBufferingHints": { "additionalProperties": false, "properties": { - "ConnectionRetryInterval": { - "markdownDescription": "The number of seconds to wait before retrying a connection to the CDN if the connection is lost.", - "title": "ConnectionRetryInterval", - "type": "number" - }, - "FilecacheDuration": { - "markdownDescription": "The size, in seconds, of the file cache for streaming outputs.", - "title": "FilecacheDuration", - "type": "number" - }, - "HttpTransferMode": { - "markdownDescription": "Specifies whether to use chunked transfer encoding to Akamai. To enable this feature, contact Akamai.", - "title": "HttpTransferMode", - "type": "string" - }, - "NumRetries": { - "markdownDescription": "The number of retry attempts that will be made before the channel is put into an error state.", - "title": "NumRetries", + "IntervalInSeconds": { + "markdownDescription": "Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 300 (5 minutes).", + "title": "IntervalInSeconds", "type": "number" }, - "RestartDelay": { - "markdownDescription": "If a streaming output fails, the number of seconds to wait until a restart is initiated. A value of 0 means never restart.", - "title": "RestartDelay", + "SizeInMBs": { + "markdownDescription": "Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 5. We recommend setting this parameter to a value greater than the amount of data you typically ingest into the delivery stream in 10 seconds. For example, if you typically ingest data at 1 MB/sec, the value should be 10 MB or higher.", + "title": "SizeInMBs", "type": "number" - }, - "Salt": { - "markdownDescription": "The salt for authenticated Akamai.", - "title": "Salt", - "type": "string" - }, - "Token": { - "markdownDescription": "The token parameter for authenticated Akamai. If this is not specified, _gda_ is used.", - "title": "Token", - "type": "string" } }, "type": "object" }, - "AWS::MediaLive::Channel.HlsBasicPutSettings": { + "AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceDestinationConfiguration": { "additionalProperties": false, "properties": { - "ConnectionRetryInterval": { - "markdownDescription": "The number of seconds to wait before retrying a connection to the CDN if the connection is lost.", - "title": "ConnectionRetryInterval", - "type": "number" + "BufferingHints": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceBufferingHints", + "markdownDescription": "The buffering options. If no value is specified, the default values for AmazonopensearchserviceBufferingHints are used.", + "title": "BufferingHints" }, - "FilecacheDuration": { - "markdownDescription": "The size, in seconds, of the file cache for streaming outputs.", - "title": "FilecacheDuration", - "type": "number" + "CloudWatchLoggingOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", + "markdownDescription": "Describes the Amazon CloudWatch logging options for your delivery stream.", + "title": "CloudWatchLoggingOptions" }, - "NumRetries": { - "markdownDescription": "The number of retry attempts that MediaLive makes before the channel is put into an error state.", - "title": "NumRetries", - "type": "number" - }, - "RestartDelay": { - "markdownDescription": "If a streaming output fails, the number of seconds to wait until a restart is initiated. A value of 0 means never restart.", - "title": "RestartDelay", - "type": "number" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.HlsCdnSettings": { - "additionalProperties": false, - "properties": { - "HlsAkamaiSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.HlsAkamaiSettings", - "markdownDescription": "Sets up Akamai as the downstream system for the HLS output group.", - "title": "HlsAkamaiSettings" - }, - "HlsBasicPutSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.HlsBasicPutSettings", - "markdownDescription": "The settings for Basic Put for the HLS output.", - "title": "HlsBasicPutSettings" - }, - "HlsMediaStoreSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.HlsMediaStoreSettings", - "markdownDescription": "Sets up MediaStore as the destination for the HLS output.", - "title": "HlsMediaStoreSettings" - }, - "HlsS3Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.HlsS3Settings", - "markdownDescription": "Sets up Amazon S3 as the destination for this HLS output.", - "title": "HlsS3Settings" - }, - "HlsWebdavSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.HlsWebdavSettings", - "markdownDescription": "The settings for Web VTT captions in the HLS output group.\n\nThe parent of this entity is HlsGroupSettings.", - "title": "HlsWebdavSettings" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.HlsGroupSettings": { - "additionalProperties": false, - "properties": { - "AdMarkers": { - "items": { - "type": "string" - }, - "markdownDescription": "Chooses one or more ad marker types to pass SCTE35 signals through to this group of Apple HLS outputs.", - "title": "AdMarkers", - "type": "array" - }, - "BaseUrlContent": { - "markdownDescription": "A partial URI prefix that will be prepended to each output in the media .m3u8 file. The partial URI prefix can be used if the base manifest is delivered from a different URL than the main .m3u8 file.", - "title": "BaseUrlContent", - "type": "string" - }, - "BaseUrlContent1": { - "markdownDescription": "Optional. One value per output group. This field is required only if you are completing Base URL content A, and the downstream system has notified you that the media files for pipeline 1 of all outputs are in a location different from the media files for pipeline 0.", - "title": "BaseUrlContent1", - "type": "string" - }, - "BaseUrlManifest": { - "markdownDescription": "A partial URI prefix that will be prepended to each output in the media .m3u8 file. The partial URI prefix can be used if the base manifest is delivered from a different URL than the main .m3u8 file.", - "title": "BaseUrlManifest", - "type": "string" - }, - "BaseUrlManifest1": { - "markdownDescription": "Optional. One value per output group. Complete this field only if you are completing Base URL manifest A, and the downstream system has notified you that the child manifest files for pipeline 1 of all outputs are in a location different from the child manifest files for pipeline 0.", - "title": "BaseUrlManifest1", + "ClusterEndpoint": { + "markdownDescription": "The endpoint to use when communicating with the cluster. Specify either this ClusterEndpoint or the DomainARN field.", + "title": "ClusterEndpoint", "type": "string" }, - "CaptionLanguageMappings": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionLanguageMapping" - }, - "markdownDescription": "A mapping of up to 4 captions channels to captions languages. This is meaningful only if captionLanguageSetting is set to \"insert.\"", - "title": "CaptionLanguageMappings", - "type": "array" - }, - "CaptionLanguageSetting": { - "markdownDescription": "Applies only to 608 embedded output captions. Insert: Include CLOSED-CAPTIONS lines in the manifest. Specify at least one language in the CC1 Language Code field. One CLOSED-CAPTION line is added for each Language Code that you specify. Make sure to specify the languages in the order in which they appear in the original source (if the source is embedded format) or the order of the captions selectors (if the source is other than embedded). Otherwise, languages in the manifest will not match properly with the output captions. None: Include the CLOSED-CAPTIONS=NONE line in the manifest. Omit: Omit any CLOSED-CAPTIONS line from the manifest.", - "title": "CaptionLanguageSetting", - "type": "string" + "DocumentIdOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DocumentIdOptions", + "markdownDescription": "Indicates the method for setting up document ID. The supported methods are Firehose generated document ID and OpenSearch Service generated document ID.", + "title": "DocumentIdOptions" }, - "ClientCache": { - "markdownDescription": "When set to \"disabled,\" sets the #EXT-X-ALLOW-CACHE:no tag in the manifest, which prevents clients from saving media segments for later replay.", - "title": "ClientCache", + "DomainARN": { + "markdownDescription": "The ARN of the Amazon OpenSearch Service domain.", + "title": "DomainARN", "type": "string" }, - "CodecSpecification": { - "markdownDescription": "The specification to use (RFC-6381 or the default RFC-4281) during m3u8 playlist generation.", - "title": "CodecSpecification", + "IndexName": { + "markdownDescription": "The Amazon OpenSearch Service index name.", + "title": "IndexName", "type": "string" }, - "ConstantIv": { - "markdownDescription": "Used with encryptionType. This is a 128-bit, 16-byte hex value that is represented by a 32-character text string. If ivSource is set to \"explicit,\" this parameter is required and is used as the IV for encryption.", - "title": "ConstantIv", + "IndexRotationPeriod": { + "markdownDescription": "The Amazon OpenSearch Service index rotation period. Index rotation appends a timestamp to the IndexName to facilitate the expiration of old data.", + "title": "IndexRotationPeriod", "type": "string" }, - "Destination": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", - "markdownDescription": "A directory or HTTP destination for the HLS segments, manifest files, and encryption keys (if enabled).", - "title": "Destination" - }, - "DirectoryStructure": { - "markdownDescription": "Places segments in subdirectories.", - "title": "DirectoryStructure", - "type": "string" + "ProcessingConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", + "markdownDescription": "Describes a data processing configuration.", + "title": "ProcessingConfiguration" }, - "DiscontinuityTags": { - "markdownDescription": "Specifies whether to insert EXT-X-DISCONTINUITY tags in the HLS child manifests for this output group.\nTypically, choose Insert because these tags are required in the manifest (according to the HLS specification) and serve an important purpose.\nChoose Never Insert only if the downstream system is doing real-time failover (without using the MediaLive automatic failover feature) and only if that downstream system has advised you to exclude the tags.", - "title": "DiscontinuityTags", - "type": "string" + "RetryOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceRetryOptions", + "markdownDescription": "The retry behavior in case Kinesis Data Firehose is unable to deliver documents to Amazon OpenSearch Service. The default value is 300 (5 minutes).", + "title": "RetryOptions" }, - "EncryptionType": { - "markdownDescription": "Encrypts the segments with the specified encryption scheme. Exclude this parameter if you don't want encryption.", - "title": "EncryptionType", + "RoleARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to be assumed by Kinesis Data Firehose for calling the Amazon OpenSearch Service Configuration API and for indexing documents.", + "title": "RoleARN", "type": "string" }, - "HlsCdnSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.HlsCdnSettings", - "markdownDescription": "The parameters that control interactions with the CDN.", - "title": "HlsCdnSettings" - }, - "HlsId3SegmentTagging": { - "markdownDescription": "State of HLS ID3 Segment Tagging", - "title": "HlsId3SegmentTagging", + "S3BackupMode": { + "markdownDescription": "Defines how documents should be delivered to Amazon S3.", + "title": "S3BackupMode", "type": "string" }, - "IFrameOnlyPlaylists": { - "markdownDescription": "DISABLED: Don't create an I-frame-only manifest, but do create the master and media manifests (according to the Output Selection field). STANDARD: Create an I-frame-only manifest for each output that contains video, as well as the other manifests (according to the Output Selection field). The I-frame manifest contains a #EXT-X-I-FRAMES-ONLY tag to indicate it is I-frame only, and one or more #EXT-X-BYTERANGE entries identifying the I-frame position. For example, #EXT-X-BYTERANGE:160364@1461888\".", - "title": "IFrameOnlyPlaylists", - "type": "string" + "S3Configuration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", + "markdownDescription": "Describes the configuration of a destination in Amazon S3.", + "title": "S3Configuration" }, - "IncompleteSegmentBehavior": { - "markdownDescription": "Specifies whether to include the final (incomplete) segment in the media output when the pipeline stops producing output because of a channel stop, a channel pause or a loss of input to the pipeline.\nAuto means that MediaLive decides whether to include the final segment, depending on the channel class and the types of output groups.\nSuppress means to never include the incomplete segment. We recommend you choose Auto and let MediaLive control the behavior.", - "title": "IncompleteSegmentBehavior", + "TypeName": { + "markdownDescription": "The Amazon OpenSearch Service type name.", + "title": "TypeName", "type": "string" }, - "IndexNSegments": { - "markdownDescription": "Applies only if the Mode field is LIVE. Specifies the maximum number of segments in the media manifest file. After this maximum, older segments are removed from the media manifest. This number must be less than or equal to the Keep Segments field.", - "title": "IndexNSegments", + "VpcConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.VpcConfiguration", + "markdownDescription": "The details of the VPC of the Amazon OpenSearch Service destination.", + "title": "VpcConfiguration" + } + }, + "required": [ + "IndexName", + "RoleARN", + "S3Configuration" + ], + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceRetryOptions": { + "additionalProperties": false, + "properties": { + "DurationInSeconds": { + "markdownDescription": "After an initial failure to deliver to Amazon OpenSearch Service, the total amount of time during which Kinesis Data Firehose retries delivery (including the first attempt). After this time has elapsed, the failed documents are written to Amazon S3. Default value is 300 seconds (5 minutes). A value of 0 (zero) results in no retries.", + "title": "DurationInSeconds", "type": "number" - }, - "InputLossAction": { - "markdownDescription": "A parameter that controls output group behavior on an input loss.", - "title": "InputLossAction", - "type": "string" - }, - "IvInManifest": { - "markdownDescription": "Used with encryptionType. The IV (initialization vector) is a 128-bit number used in conjunction with the key for encrypting blocks. If set to \"include,\" the IV is listed in the manifest. Otherwise, the IV is not in the manifest.", - "title": "IvInManifest", + } + }, + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.AuthenticationConfiguration": { + "additionalProperties": false, + "properties": { + "Connectivity": { + "markdownDescription": "The type of connectivity used to access the Amazon MSK cluster.", + "title": "Connectivity", "type": "string" }, - "IvSource": { - "markdownDescription": "Used with encryptionType. The IV (initialization vector) is a 128-bit number used in conjunction with the key for encrypting blocks. If this setting is \"followsSegmentNumber,\" it causes the IV to change every segment (to match the segment number). If this is set to \"explicit,\" you must enter a constantIv value.", - "title": "IvSource", + "RoleARN": { + "markdownDescription": "The ARN of the role used to access the Amazon MSK cluster.", + "title": "RoleARN", "type": "string" - }, - "KeepSegments": { - "markdownDescription": "Applies only if the Mode field is LIVE. Specifies the number of media segments (.ts files) to retain in the destination directory.", - "title": "KeepSegments", + } + }, + "required": [ + "Connectivity", + "RoleARN" + ], + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.BufferingHints": { + "additionalProperties": false, + "properties": { + "IntervalInSeconds": { + "markdownDescription": "The length of time, in seconds, that Kinesis Data Firehose buffers incoming data before delivering it to the destination. For valid values, see the `IntervalInSeconds` content for the [BufferingHints](https://docs.aws.amazon.com/firehose/latest/APIReference/API_BufferingHints.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", + "title": "IntervalInSeconds", "type": "number" }, - "KeyFormat": { - "markdownDescription": "Specifies how the key is represented in the resource identified by the URI. If the parameter is absent, an implicit value of \"identity\" is used. A reverse DNS string can also be specified.", - "title": "KeyFormat", - "type": "string" - }, - "KeyFormatVersions": { - "markdownDescription": "Either a single positive integer version value or a slash-delimited list of version values (1/2/3).", - "title": "KeyFormatVersions", - "type": "string" - }, - "KeyProviderSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.KeyProviderSettings", - "markdownDescription": "The key provider settings.", - "title": "KeyProviderSettings" - }, - "ManifestCompression": { - "markdownDescription": "When set to gzip, compresses HLS playlist.", - "title": "ManifestCompression", - "type": "string" - }, - "ManifestDurationFormat": { - "markdownDescription": "Indicates whether the output manifest should use a floating point or integer values for segment duration.", - "title": "ManifestDurationFormat", - "type": "string" - }, - "MinSegmentLength": { - "markdownDescription": "When set, minimumSegmentLength is enforced by looking ahead and back within the specified range for a nearby avail and extending the segment size if needed.", - "title": "MinSegmentLength", + "SizeInMBs": { + "markdownDescription": "The size of the buffer, in MBs, that Kinesis Data Firehose uses for incoming data before delivering it to the destination. For valid values, see the `SizeInMBs` content for the [BufferingHints](https://docs.aws.amazon.com/firehose/latest/APIReference/API_BufferingHints.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", + "title": "SizeInMBs", "type": "number" - }, - "Mode": { - "markdownDescription": "If \"vod,\" all segments are indexed and kept permanently in the destination and manifest. If \"live,\" only the number segments specified in keepSegments and indexNSegments are kept. Newer segments replace older segments, which might prevent players from rewinding all the way to the beginning of the channel. VOD mode uses HLS EXT-X-PLAYLIST-TYPE of EVENT while the channel is running, converting it to a \"VOD\" type manifest on completion of the stream.", - "title": "Mode", - "type": "string" - }, - "OutputSelection": { - "markdownDescription": "MANIFESTSANDSEGMENTS: Generates manifests (the master manifest, if applicable, and media manifests) for this output group. SEGMENTSONLY: Doesn't generate any manifests for this output group.", - "title": "OutputSelection", - "type": "string" - }, - "ProgramDateTime": { - "markdownDescription": "Includes or excludes the EXT-X-PROGRAM-DATE-TIME tag in .m3u8 manifest files. The value is calculated as follows: Either the program date and time are initialized using the input timecode source, or the time is initialized using the input timecode source and the date is initialized using the timestampOffset.", - "title": "ProgramDateTime", + } + }, + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.CatalogConfiguration": { + "additionalProperties": false, + "properties": { + "CatalogArn": { + "markdownDescription": "Specifies the Glue catalog ARN identifier of the destination Apache Iceberg Tables. You must specify the ARN in the format `arn:aws:glue:region:account-id:catalog` .", + "title": "CatalogArn", "type": "string" }, - "ProgramDateTimeClock": { - "markdownDescription": "Specifies the algorithm used to drive the HLS EXT-X-PROGRAM-DATE-TIME clock. Options include: INITIALIZE_FROM_OUTPUT_TIMECODE: The PDT clock is initialized as a function of the first output timecode, then incremented by the EXTINF duration of each encoded segment. SYSTEM_CLOCK: The PDT clock is initialized as a function of the UTC wall clock, then incremented by the EXTINF duration of each encoded segment. If the PDT clock diverges from the wall clock by more than 500ms, it is resynchronized to the wall clock.", - "title": "ProgramDateTimeClock", + "WarehouseLocation": { + "markdownDescription": "The warehouse location for Apache Iceberg tables. You must configure this when schema evolution and table creation is enabled.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "WarehouseLocation", "type": "string" + } + }, + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Indicates whether CloudWatch Logs logging is enabled.", + "title": "Enabled", + "type": "boolean" }, - "ProgramDateTimePeriod": { - "markdownDescription": "The period of insertion of the EXT-X-PROGRAM-DATE-TIME entry, in seconds.", - "title": "ProgramDateTimePeriod", - "type": "number" - }, - "RedundantManifest": { - "markdownDescription": "ENABLED: The master manifest (.m3u8 file) for each pipeline includes information about both pipelines: first its own media files, then the media files of the other pipeline. This feature allows a playout device that supports stale manifest detection to switch from one manifest to the other, when the current manifest seems to be stale. There are still two destinations and two master manifests, but both master manifests reference the media files from both pipelines. DISABLED: The master manifest (.m3u8 file) for each pipeline includes information about its own pipeline only. For an HLS output group with MediaPackage as the destination, the DISABLED behavior is always followed. MediaPackage regenerates the manifests it serves to players, so a redundant manifest from MediaLive is irrelevant.", - "title": "RedundantManifest", + "LogGroupName": { + "markdownDescription": "The name of the CloudWatch Logs log group that contains the log stream that Kinesis Data Firehose will use.\n\nConditional. If you enable logging, you must specify this property.", + "title": "LogGroupName", "type": "string" }, - "SegmentLength": { - "markdownDescription": "The length of the MPEG-2 Transport Stream segments to create, in seconds. Note that segments will end on the next keyframe after this number of seconds, so the actual segment length might be longer.", - "title": "SegmentLength", - "type": "number" - }, - "SegmentationMode": { - "markdownDescription": "useInputSegmentation has been deprecated. The configured segment size is always used.", - "title": "SegmentationMode", + "LogStreamName": { + "markdownDescription": "The name of the CloudWatch Logs log stream that Kinesis Data Firehose uses to send logs about data delivery.\n\nConditional. If you enable logging, you must specify this property.", + "title": "LogStreamName", "type": "string" - }, - "SegmentsPerSubdirectory": { - "markdownDescription": "The number of segments to write to a subdirectory before starting a new one. For this setting to have an effect, directoryStructure must be subdirectoryPerStream.", - "title": "SegmentsPerSubdirectory", - "type": "number" - }, - "StreamInfResolution": { - "markdownDescription": "The include or exclude RESOLUTION attribute for a video in the EXT-X-STREAM-INF tag of a variant manifest.", - "title": "StreamInfResolution", + } + }, + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.CopyCommand": { + "additionalProperties": false, + "properties": { + "CopyOptions": { + "markdownDescription": "Parameters to use with the Amazon Redshift `COPY` command. For examples, see the `CopyOptions` content for the [CopyCommand](https://docs.aws.amazon.com/firehose/latest/APIReference/API_CopyCommand.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", + "title": "CopyOptions", "type": "string" }, - "TimedMetadataId3Frame": { - "markdownDescription": "Indicates the ID3 frame that has the timecode.", - "title": "TimedMetadataId3Frame", + "DataTableColumns": { + "markdownDescription": "A comma-separated list of column names.", + "title": "DataTableColumns", "type": "string" }, - "TimedMetadataId3Period": { - "markdownDescription": "The timed metadata interval, in seconds.", - "title": "TimedMetadataId3Period", - "type": "number" - }, - "TimestampDeltaMilliseconds": { - "markdownDescription": "Provides an extra millisecond delta offset to fine tune the timestamps.", - "title": "TimestampDeltaMilliseconds", - "type": "number" - }, - "TsFileMode": { - "markdownDescription": "SEGMENTEDFILES: Emits the program as segments -multiple .ts media files. SINGLEFILE: Applies only if the Mode field is VOD. Emits the program as a single .ts media file. The media manifest includes #EXT-X-BYTERANGE tags to index segments for playback. A typical use for this value is when sending the output to AWS Elemental MediaConvert, which can accept only a single media file. Playback while the channel is running is not guaranteed due to HTTP server caching.", - "title": "TsFileMode", + "DataTableName": { + "markdownDescription": "The name of the target table. The table must already exist in the database.", + "title": "DataTableName", "type": "string" } }, + "required": [ + "DataTableName" + ], "type": "object" }, - "AWS::MediaLive::Channel.HlsInputSettings": { + "AWS::KinesisFirehose::DeliveryStream.DataFormatConversionConfiguration": { "additionalProperties": false, "properties": { - "Bandwidth": { - "markdownDescription": "When specified, the HLS stream with the m3u8 bandwidth that most closely matches this value is chosen. Otherwise, the highest bandwidth stream in the m3u8 is chosen. The bitrate is specified in bits per second, as in an HLS manifest.", - "title": "Bandwidth", - "type": "number" - }, - "BufferSegments": { - "markdownDescription": "When specified, reading of the HLS input begins this many buffer segments from the end (most recently written segment). When not specified, the HLS input begins with the first segment specified in the m3u8.", - "title": "BufferSegments", - "type": "number" + "Enabled": { + "markdownDescription": "Defaults to `true` . Set it to `false` if you want to disable format conversion while preserving the configuration details.", + "title": "Enabled", + "type": "boolean" }, - "Retries": { - "markdownDescription": "The number of consecutive times that attempts to read a manifest or segment must fail before the input is considered unavailable.", - "title": "Retries", - "type": "number" + "InputFormatConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.InputFormatConfiguration", + "markdownDescription": "Specifies the deserializer that you want Firehose to use to convert the format of your data from JSON. This parameter is required if `Enabled` is set to true.", + "title": "InputFormatConfiguration" }, - "RetryInterval": { - "markdownDescription": "The number of seconds between retries when an attempt to read a manifest or segment fails.", - "title": "RetryInterval", - "type": "number" + "OutputFormatConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.OutputFormatConfiguration", + "markdownDescription": "Specifies the serializer that you want Firehose to use to convert the format of your data to the Parquet or ORC format. This parameter is required if `Enabled` is set to true.", + "title": "OutputFormatConfiguration" }, - "Scte35Source": { - "markdownDescription": "Identifies the source for the SCTE-35 messages that MediaLive will ingest. Messages can be ingested from the content segments (in the stream) or from tags in the playlist (the HLS manifest). MediaLive ignores SCTE-35 information in the source that is not selected.", - "title": "Scte35Source", - "type": "string" + "SchemaConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SchemaConfiguration", + "markdownDescription": "Specifies the AWS Glue Data Catalog table that contains the column information. This parameter is required if `Enabled` is set to true.", + "title": "SchemaConfiguration" } }, "type": "object" }, - "AWS::MediaLive::Channel.HlsMediaStoreSettings": { + "AWS::KinesisFirehose::DeliveryStream.DatabaseColumns": { "additionalProperties": false, "properties": { - "ConnectionRetryInterval": { - "markdownDescription": "The number of seconds to wait before retrying a connection to the CDN if the connection is lost.", - "title": "ConnectionRetryInterval", - "type": "number" - }, - "FilecacheDuration": { - "markdownDescription": "The size, in seconds, of the file cache for streaming outputs.", - "title": "FilecacheDuration", - "type": "number" - }, - "MediaStoreStorageClass": { - "markdownDescription": "When set to temporal, output files are stored in non-persistent memory for faster reading and writing.", - "title": "MediaStoreStorageClass", - "type": "string" - }, - "NumRetries": { - "markdownDescription": "The number of retry attempts that are made before the channel is put into an error state.", - "title": "NumRetries", - "type": "number" + "Exclude": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "Exclude", + "type": "array" }, - "RestartDelay": { - "markdownDescription": "If a streaming output fails, the number of seconds to wait until a restart is initiated. A value of 0 means never restart.", - "title": "RestartDelay", - "type": "number" + "Include": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "Include", + "type": "array" } }, "type": "object" }, - "AWS::MediaLive::Channel.HlsOutputSettings": { + "AWS::KinesisFirehose::DeliveryStream.DatabaseSourceAuthenticationConfiguration": { "additionalProperties": false, "properties": { - "H265PackagingType": { - "markdownDescription": "Only applicable when this output is referencing an H.265 video description.\nSpecifies whether MP4 segments should be packaged as HEV1 or HVC1.", - "title": "H265PackagingType", + "SecretsManagerConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SecretsManagerConfiguration", + "markdownDescription": "", + "title": "SecretsManagerConfiguration" + } + }, + "required": [ + "SecretsManagerConfiguration" + ], + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.DatabaseSourceConfiguration": { + "additionalProperties": false, + "properties": { + "Columns": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DatabaseColumns", + "markdownDescription": "The list of column patterns in source database endpoint for Firehose to read from.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "Columns" + }, + "DatabaseSourceAuthenticationConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DatabaseSourceAuthenticationConfiguration", + "markdownDescription": "The structure to configure the authentication methods for Firehose to connect to source database endpoint.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "DatabaseSourceAuthenticationConfiguration" + }, + "DatabaseSourceVPCConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DatabaseSourceVPCConfiguration", + "markdownDescription": "The details of the VPC Endpoint Service which Firehose uses to create a PrivateLink to the database.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "DatabaseSourceVPCConfiguration" + }, + "Databases": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.Databases", + "markdownDescription": "The list of database patterns in source database endpoint for Firehose to read from.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "Databases" + }, + "Digest": { + "markdownDescription": "", + "title": "Digest", "type": "string" }, - "HlsSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.HlsSettings", - "markdownDescription": "The settings regarding the underlying stream. These settings are different for audio-only outputs.", - "title": "HlsSettings" + "Endpoint": { + "markdownDescription": "The endpoint of the database server.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "Endpoint", + "type": "string" }, - "NameModifier": { - "markdownDescription": "A string that is concatenated to the end of the destination file name. Accepts \\\"Format Identifiers\\\":#formatIdentifierParameters.", - "title": "NameModifier", + "Port": { + "markdownDescription": "The port of the database. This can be one of the following values.\n\n- 3306 for MySQL database type\n- 5432 for PostgreSQL database type\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "Port", + "type": "number" + }, + "PublicCertificate": { + "markdownDescription": "", + "title": "PublicCertificate", "type": "string" }, - "SegmentModifier": { - "markdownDescription": "A string that is concatenated to the end of segment file names.", - "title": "SegmentModifier", + "SSLMode": { + "markdownDescription": "The mode to enable or disable SSL when Firehose connects to the database endpoint.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "SSLMode", + "type": "string" + }, + "SnapshotWatermarkTable": { + "markdownDescription": "The fully qualified name of the table in source database endpoint that Firehose uses to track snapshot progress.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "SnapshotWatermarkTable", + "type": "string" + }, + "SurrogateKeys": { + "items": { + "type": "string" + }, + "markdownDescription": "The optional list of table and column names used as unique key columns when taking snapshot if the tables don\u2019t have primary keys configured.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "SurrogateKeys", + "type": "array" + }, + "Tables": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DatabaseTables", + "markdownDescription": "The list of table patterns in source database endpoint for Firehose to read from.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "Tables" + }, + "Type": { + "markdownDescription": "The type of database engine. This can be one of the following values.\n\n- MySQL\n- PostgreSQL\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "Type", "type": "string" } }, + "required": [ + "DatabaseSourceAuthenticationConfiguration", + "DatabaseSourceVPCConfiguration", + "Databases", + "Endpoint", + "Port", + "SnapshotWatermarkTable", + "Tables", + "Type" + ], "type": "object" }, - "AWS::MediaLive::Channel.HlsS3Settings": { + "AWS::KinesisFirehose::DeliveryStream.DatabaseSourceVPCConfiguration": { "additionalProperties": false, "properties": { - "CannedAcl": { - "markdownDescription": "Specify the canned ACL to apply to each S3 request. Defaults to none.", - "title": "CannedAcl", + "VpcEndpointServiceName": { + "markdownDescription": "The VPC endpoint service name which Firehose uses to create a PrivateLink to the database. The endpoint service must have the Firehose service principle `firehose.amazonaws.com` as an allowed principal on the VPC endpoint service. The VPC endpoint service name is a string that looks like `com.amazonaws.vpce..` .\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "VpcEndpointServiceName", "type": "string" } }, + "required": [ + "VpcEndpointServiceName" + ], "type": "object" }, - "AWS::MediaLive::Channel.HlsSettings": { + "AWS::KinesisFirehose::DeliveryStream.DatabaseTables": { "additionalProperties": false, "properties": { - "AudioOnlyHlsSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioOnlyHlsSettings", - "markdownDescription": "The settings for an audio-only output.", - "title": "AudioOnlyHlsSettings" - }, - "Fmp4HlsSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Fmp4HlsSettings", - "markdownDescription": "The settings for an fMP4 container.", - "title": "Fmp4HlsSettings" - }, - "FrameCaptureHlsSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.FrameCaptureHlsSettings", - "markdownDescription": "Settings for a frame capture output in an HLS output group.", - "title": "FrameCaptureHlsSettings" + "Exclude": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "Exclude", + "type": "array" }, - "StandardHlsSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.StandardHlsSettings", - "markdownDescription": "The settings for a standard output (an output that is not audio-only).", - "title": "StandardHlsSettings" + "Include": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "Include", + "type": "array" } }, "type": "object" }, - "AWS::MediaLive::Channel.HlsWebdavSettings": { + "AWS::KinesisFirehose::DeliveryStream.Databases": { "additionalProperties": false, "properties": { - "ConnectionRetryInterval": { - "markdownDescription": "The number of seconds to wait before retrying a connection to the CDN if the connection is lost.", - "title": "ConnectionRetryInterval", - "type": "number" - }, - "FilecacheDuration": { - "markdownDescription": "The size, in seconds, of the file cache for streaming outputs.", - "title": "FilecacheDuration", - "type": "number" + "Exclude": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "Exclude", + "type": "array" }, - "HttpTransferMode": { - "markdownDescription": "Specifies whether to use chunked transfer encoding to WebDAV.", - "title": "HttpTransferMode", + "Include": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "Include", + "type": "array" + } + }, + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.DeliveryStreamEncryptionConfigurationInput": { + "additionalProperties": false, + "properties": { + "KeyARN": { + "markdownDescription": "If you set `KeyType` to `CUSTOMER_MANAGED_CMK` , you must specify the Amazon Resource Name (ARN) of the CMK. If you set `KeyType` to `AWS _OWNED_CMK` , Firehose uses a service-account CMK.", + "title": "KeyARN", "type": "string" }, - "NumRetries": { - "markdownDescription": "The number of retry attempts that are made before the channel is put into an error state.", - "title": "NumRetries", - "type": "number" - }, - "RestartDelay": { - "markdownDescription": "If a streaming output fails, the number of seconds to wait until a restart is initiated. A value of 0 means never restart.", - "title": "RestartDelay", - "type": "number" + "KeyType": { + "markdownDescription": "Indicates the type of customer master key (CMK) to use for encryption. The default setting is `AWS_OWNED_CMK` . For more information about CMKs, see [Customer Master Keys (CMKs)](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#master_keys) .\n\nYou can use a CMK of type CUSTOMER_MANAGED_CMK to encrypt up to 500 delivery streams.\n\n> To encrypt your delivery stream, use symmetric CMKs. Kinesis Data Firehose doesn't support asymmetric CMKs. For information about symmetric and asymmetric CMKs, see [About Symmetric and Asymmetric CMKs](https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-concepts.html) in the AWS Key Management Service developer guide.", + "title": "KeyType", + "type": "string" } }, + "required": [ + "KeyType" + ], "type": "object" }, - "AWS::MediaLive::Channel.HtmlMotionGraphicsSettings": { + "AWS::KinesisFirehose::DeliveryStream.Deserializer": { "additionalProperties": false, - "properties": {}, + "properties": { + "HiveJsonSerDe": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.HiveJsonSerDe", + "markdownDescription": "The native Hive / HCatalog JsonSerDe. Used by Firehose for deserializing data, which means converting it from the JSON format in preparation for serializing it to the Parquet or ORC format. This is one of two deserializers you can choose, depending on which one offers the functionality you need. The other option is the OpenX SerDe.", + "title": "HiveJsonSerDe" + }, + "OpenXJsonSerDe": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.OpenXJsonSerDe", + "markdownDescription": "The OpenX SerDe. Used by Firehose for deserializing data, which means converting it from the JSON format in preparation for serializing it to the Parquet or ORC format. This is one of two deserializers you can choose, depending on which one offers the functionality you need. The other option is the native Hive / HCatalog JsonSerDe.", + "title": "OpenXJsonSerDe" + } + }, "type": "object" }, - "AWS::MediaLive::Channel.InputAttachment": { + "AWS::KinesisFirehose::DeliveryStream.DestinationTableConfiguration": { "additionalProperties": false, "properties": { - "AutomaticInputFailoverSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AutomaticInputFailoverSettings", - "markdownDescription": "Settings to implement automatic input failover in this input.", - "title": "AutomaticInputFailoverSettings" + "DestinationDatabaseName": { + "markdownDescription": "The name of the Apache Iceberg database.", + "title": "DestinationDatabaseName", + "type": "string" }, - "InputAttachmentName": { - "markdownDescription": "A name for the attachment. This is required if you want to use this input in an input switch action.", - "title": "InputAttachmentName", + "DestinationTableName": { + "markdownDescription": "Specifies the name of the Apache Iceberg Table.", + "title": "DestinationTableName", "type": "string" }, - "InputId": { - "markdownDescription": "The ID of the input to attach.", - "title": "InputId", + "PartitionSpec": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.PartitionSpec", + "markdownDescription": "The partition spec configuration for a table that is used by automatic table creation.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "PartitionSpec" + }, + "S3ErrorOutputPrefix": { + "markdownDescription": "The table specific S3 error output prefix. All the errors that occurred while delivering to this table will be prefixed with this value in S3 destination.", + "title": "S3ErrorOutputPrefix", "type": "string" }, - "InputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputSettings", - "markdownDescription": "Information about the content to extract from the input and about the general handling of the content.", - "title": "InputSettings" + "UniqueKeys": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of unique keys for a given Apache Iceberg table. Firehose will use these for running Create, Update, or Delete operations on the given Iceberg table.", + "title": "UniqueKeys", + "type": "array" } }, + "required": [ + "DestinationDatabaseName", + "DestinationTableName" + ], "type": "object" }, - "AWS::MediaLive::Channel.InputChannelLevel": { + "AWS::KinesisFirehose::DeliveryStream.DirectPutSourceConfiguration": { "additionalProperties": false, "properties": { - "Gain": { - "markdownDescription": "The remixing value. Units are in dB, and acceptable values are within the range from -60 (mute) to 6 dB.", - "title": "Gain", - "type": "number" - }, - "InputChannel": { - "markdownDescription": "The index of the input channel that is used as a source.", - "title": "InputChannel", + "ThroughputHintInMBs": { + "markdownDescription": "The value that you configure for this parameter is for information purpose only and does not affect Firehose delivery throughput limit. You can use the [Firehose Limits form](https://docs.aws.amazon.com/https://support.console.aws.amazon.com/support/home#/case/create%3FissueType=service-limit-increase%26limitType=kinesis-firehose-limits) to request a throughput limit increase.", + "title": "ThroughputHintInMBs", "type": "number" } }, "type": "object" }, - "AWS::MediaLive::Channel.InputLocation": { + "AWS::KinesisFirehose::DeliveryStream.DocumentIdOptions": { "additionalProperties": false, "properties": { - "PasswordParam": { - "markdownDescription": "The password parameter that holds the password for accessing the downstream system. This applies only if the downstream system requires credentials.", - "title": "PasswordParam", - "type": "string" - }, - "Uri": { - "markdownDescription": "The URI should be a path to a file that is accessible to the Live system (for example, an http:// URI) depending on the output type. For example, an RTMP destination should have a URI similar to rtmp://fmsserver/live.", - "title": "Uri", - "type": "string" - }, - "Username": { - "markdownDescription": "The user name to connect to the downstream system. This applies only if the downstream system requires credentials.", - "title": "Username", + "DefaultDocumentIdFormat": { + "markdownDescription": "When the `FIREHOSE_DEFAULT` option is chosen, Firehose generates a unique document ID for each record based on a unique internal identifier. The generated document ID is stable across multiple delivery attempts, which helps prevent the same record from being indexed multiple times with different document IDs.\n\nWhen the `NO_DOCUMENT_ID` option is chosen, Firehose does not include any document IDs in the requests it sends to the Amazon OpenSearch Service. This causes the Amazon OpenSearch Service domain to generate document IDs. In case of multiple delivery attempts, this may cause the same record to be indexed more than once with different document IDs. This option enables write-heavy operations, such as the ingestion of logs and observability data, to consume less resources in the Amazon OpenSearch Service domain, resulting in improved performance.", + "title": "DefaultDocumentIdFormat", "type": "string" } }, + "required": [ + "DefaultDocumentIdFormat" + ], "type": "object" }, - "AWS::MediaLive::Channel.InputLossBehavior": { + "AWS::KinesisFirehose::DeliveryStream.DynamicPartitioningConfiguration": { "additionalProperties": false, "properties": { - "BlackFrameMsec": { - "markdownDescription": "On input loss, the number of milliseconds to substitute black into the output before switching to the frame specified by inputLossImageType. A value x, where 0 <= x <= 1,000,000 and a value of 1,000,000, is interpreted as infinite.", - "title": "BlackFrameMsec", - "type": "number" - }, - "InputLossImageColor": { - "markdownDescription": "When the input loss image type is \"color,\" this field specifies the color to use. Value: 6 hex characters that represent the values of RGB.", - "title": "InputLossImageColor", - "type": "string" - }, - "InputLossImageSlate": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", - "markdownDescription": "When the input loss image type is \"slate,\" these fields specify the parameters for accessing the slate.", - "title": "InputLossImageSlate" - }, - "InputLossImageType": { - "markdownDescription": "Indicates whether to substitute a solid color or a slate into the output after the input loss exceeds blackFrameMsec.", - "title": "InputLossImageType", - "type": "string" + "Enabled": { + "markdownDescription": "Specifies whether dynamic partitioning is enabled for this Kinesis Data Firehose delivery stream.", + "title": "Enabled", + "type": "boolean" }, - "RepeatFrameMsec": { - "markdownDescription": "On input loss, the number of milliseconds to repeat the previous picture before substituting black into the output. A value x, where 0 <= x <= 1,000,000 and a value of 1,000,000, is interpreted as infinite.", - "title": "RepeatFrameMsec", - "type": "number" + "RetryOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.RetryOptions", + "markdownDescription": "Specifies the retry behavior in case Kinesis Data Firehose is unable to deliver data to an Amazon S3 prefix.", + "title": "RetryOptions" } }, "type": "object" }, - "AWS::MediaLive::Channel.InputLossFailoverSettings": { + "AWS::KinesisFirehose::DeliveryStream.ElasticsearchBufferingHints": { "additionalProperties": false, "properties": { - "InputLossThresholdMsec": { - "markdownDescription": "The amount of time (in milliseconds) that no input is detected. After that time, an input failover will occur.", - "title": "InputLossThresholdMsec", + "IntervalInSeconds": { + "markdownDescription": "The length of time, in seconds, that Kinesis Data Firehose buffers incoming data before delivering it to the destination. For valid values, see the `IntervalInSeconds` content for the [BufferingHints](https://docs.aws.amazon.com/firehose/latest/APIReference/API_BufferingHints.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", + "title": "IntervalInSeconds", + "type": "number" + }, + "SizeInMBs": { + "markdownDescription": "The size of the buffer, in MBs, that Kinesis Data Firehose uses for incoming data before delivering it to the destination. For valid values, see the `SizeInMBs` content for the [BufferingHints](https://docs.aws.amazon.com/firehose/latest/APIReference/API_BufferingHints.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", + "title": "SizeInMBs", "type": "number" } }, "type": "object" }, - "AWS::MediaLive::Channel.InputSettings": { + "AWS::KinesisFirehose::DeliveryStream.ElasticsearchDestinationConfiguration": { "additionalProperties": false, "properties": { - "AudioSelectors": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioSelector" - }, - "markdownDescription": "Information about the specific audio to extract from the input.\n\nThe parent of this entity is InputSettings.", - "title": "AudioSelectors", - "type": "array" + "BufferingHints": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ElasticsearchBufferingHints", + "markdownDescription": "Configures how Kinesis Data Firehose buffers incoming data while delivering it to the Amazon ES domain.", + "title": "BufferingHints" }, - "CaptionSelectors": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionSelector" - }, - "markdownDescription": "Information about the specific captions to extract from the input.", - "title": "CaptionSelectors", - "type": "array" + "CloudWatchLoggingOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", + "markdownDescription": "The Amazon CloudWatch Logs logging options for the delivery stream.", + "title": "CloudWatchLoggingOptions" }, - "DeblockFilter": { - "markdownDescription": "Enables or disables the deblock filter when filtering.", - "title": "DeblockFilter", + "ClusterEndpoint": { + "markdownDescription": "The endpoint to use when communicating with the cluster. Specify either this `ClusterEndpoint` or the `DomainARN` field.", + "title": "ClusterEndpoint", "type": "string" }, - "DenoiseFilter": { - "markdownDescription": "Enables or disables the denoise filter when filtering.", - "title": "DenoiseFilter", + "DocumentIdOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DocumentIdOptions", + "markdownDescription": "Indicates the method for setting up document ID. The supported methods are Firehose generated document ID and OpenSearch Service generated document ID.", + "title": "DocumentIdOptions" + }, + "DomainARN": { + "markdownDescription": "The ARN of the Amazon ES domain. The IAM role must have permissions for `DescribeElasticsearchDomain` , `DescribeElasticsearchDomains` , and `DescribeElasticsearchDomainConfig` after assuming the role specified in *RoleARN* .\n\nSpecify either `ClusterEndpoint` or `DomainARN` .", + "title": "DomainARN", "type": "string" }, - "FilterStrength": { - "markdownDescription": "Adjusts the magnitude of filtering from 1 (minimal) to 5 (strongest).", - "title": "FilterStrength", - "type": "number" + "IndexName": { + "markdownDescription": "The name of the Elasticsearch index to which Kinesis Data Firehose adds data for indexing.", + "title": "IndexName", + "type": "string" }, - "InputFilter": { - "markdownDescription": "Turns on the filter for this input. MPEG-2 inputs have the deblocking filter enabled by default. 1) auto - filtering is applied depending on input type/quality 2) disabled - no filtering is applied to the input 3) forced - filtering is applied regardless of the input type.", - "title": "InputFilter", + "IndexRotationPeriod": { + "markdownDescription": "The frequency of Elasticsearch index rotation. If you enable index rotation, Kinesis Data Firehose appends a portion of the UTC arrival timestamp to the specified index name, and rotates the appended timestamp accordingly. For more information, see [Index Rotation for the Amazon ES Destination](https://docs.aws.amazon.com/firehose/latest/dev/basic-deliver.html#es-index-rotation) in the *Amazon Kinesis Data Firehose Developer Guide* .", + "title": "IndexRotationPeriod", "type": "string" }, - "NetworkInputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.NetworkInputSettings", - "markdownDescription": "Information about how to connect to the upstream system.", - "title": "NetworkInputSettings" + "ProcessingConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", + "markdownDescription": "The data processing configuration for the Kinesis Data Firehose delivery stream.", + "title": "ProcessingConfiguration" }, - "Scte35Pid": { - "markdownDescription": "", - "title": "Scte35Pid", - "type": "number" + "RetryOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ElasticsearchRetryOptions", + "markdownDescription": "The retry behavior when Kinesis Data Firehose is unable to deliver data to Amazon ES.", + "title": "RetryOptions" }, - "Smpte2038DataPreference": { - "markdownDescription": "Specifies whether to extract applicable ancillary data from a SMPTE-2038 source in this input. Applicable data types are captions, timecode, AFD, and SCTE-104 messages.\n- PREFER: Extract from SMPTE-2038 if present in this input, otherwise extract from another source (if any).\n- IGNORE: Never extract any ancillary data from SMPTE-2038.", - "title": "Smpte2038DataPreference", + "RoleARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to be assumed by Kinesis Data Firehose for calling the Amazon ES Configuration API and for indexing documents. For more information, see [Controlling Access with Amazon Kinesis Data Firehose](https://docs.aws.amazon.com/firehose/latest/dev/controlling-access.html) .", + "title": "RoleARN", "type": "string" }, - "SourceEndBehavior": { - "markdownDescription": "The loop input if it is a file.", - "title": "SourceEndBehavior", + "S3BackupMode": { + "markdownDescription": "The condition under which Kinesis Data Firehose delivers data to Amazon Simple Storage Service (Amazon S3). You can send Amazon S3 all documents (all data) or only the documents that Kinesis Data Firehose could not deliver to the Amazon ES destination. For more information and valid values, see the `S3BackupMode` content for the [ElasticsearchDestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ElasticsearchDestinationConfiguration.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", + "title": "S3BackupMode", "type": "string" }, - "VideoSelector": { - "$ref": "#/definitions/AWS::MediaLive::Channel.VideoSelector", - "markdownDescription": "Information about one video to extract from the input.", - "title": "VideoSelector" + "S3Configuration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", + "markdownDescription": "The S3 bucket where Kinesis Data Firehose backs up incoming data.", + "title": "S3Configuration" + }, + "TypeName": { + "markdownDescription": "The Elasticsearch type name that Amazon ES adds to documents when indexing data.", + "title": "TypeName", + "type": "string" + }, + "VpcConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.VpcConfiguration", + "markdownDescription": "The details of the VPC of the Amazon ES destination.", + "title": "VpcConfiguration" } }, + "required": [ + "IndexName", + "RoleARN", + "S3Configuration" + ], "type": "object" }, - "AWS::MediaLive::Channel.InputSpecification": { + "AWS::KinesisFirehose::DeliveryStream.ElasticsearchRetryOptions": { "additionalProperties": false, "properties": { - "Codec": { - "markdownDescription": "The codec to include in the input specification for this channel.", - "title": "Codec", - "type": "string" - }, - "MaximumBitrate": { - "markdownDescription": "The maximum input bitrate for any input attached to this channel.", - "title": "MaximumBitrate", - "type": "string" - }, - "Resolution": { - "markdownDescription": "The resolution for any input attached to this channel.", - "title": "Resolution", - "type": "string" + "DurationInSeconds": { + "markdownDescription": "After an initial failure to deliver to Amazon ES, the total amount of time during which Kinesis Data Firehose re-attempts delivery (including the first attempt). If Kinesis Data Firehose can't deliver the data within the specified time, it writes the data to the backup S3 bucket. For valid values, see the `DurationInSeconds` content for the [ElasticsearchRetryOptions](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ElasticsearchRetryOptions.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", + "title": "DurationInSeconds", + "type": "number" } }, "type": "object" }, - "AWS::MediaLive::Channel.KeyProviderSettings": { + "AWS::KinesisFirehose::DeliveryStream.EncryptionConfiguration": { "additionalProperties": false, "properties": { - "StaticKeySettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.StaticKeySettings", - "markdownDescription": "The configuration of static key settings.", - "title": "StaticKeySettings" + "KMSEncryptionConfig": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.KMSEncryptionConfig", + "markdownDescription": "The AWS Key Management Service ( AWS KMS) encryption key that Amazon S3 uses to encrypt your data.", + "title": "KMSEncryptionConfig" + }, + "NoEncryptionConfig": { + "markdownDescription": "Disables encryption. For valid values, see the `NoEncryptionConfig` content for the [EncryptionConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_EncryptionConfiguration.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", + "title": "NoEncryptionConfig", + "type": "string" } }, "type": "object" }, - "AWS::MediaLive::Channel.M2tsSettings": { + "AWS::KinesisFirehose::DeliveryStream.ExtendedS3DestinationConfiguration": { "additionalProperties": false, "properties": { - "AbsentInputAudioBehavior": { - "markdownDescription": "When set to drop, the output audio streams are removed from the program if the selected input audio stream is removed from the input. This allows the output audio configuration to dynamically change based on the input configuration. If this is set to encodeSilence, all output audio streams will output encoded silence when not connected to an active input stream.", - "title": "AbsentInputAudioBehavior", + "BucketARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon S3 bucket. For constraints, see [ExtendedS3DestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ExtendedS3DestinationConfiguration.html) in the *Amazon Kinesis Data Firehose API Reference* .", + "title": "BucketARN", "type": "string" }, - "Arib": { - "markdownDescription": "When set to enabled, uses ARIB-compliant field muxing and removes video descriptor.", - "title": "Arib", - "type": "string" + "BufferingHints": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.BufferingHints", + "markdownDescription": "The buffering option.", + "title": "BufferingHints" }, - "AribCaptionsPid": { - "markdownDescription": "The PID for ARIB Captions in the transport stream. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", - "title": "AribCaptionsPid", - "type": "string" + "CloudWatchLoggingOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", + "markdownDescription": "The Amazon CloudWatch logging options for your Firehose stream.", + "title": "CloudWatchLoggingOptions" }, - "AribCaptionsPidControl": { - "markdownDescription": "If set to auto, The PID number used for ARIB Captions will be auto-selected from unused PIDs. If set to useConfigured, ARIB captions will be on the configured PID number.", - "title": "AribCaptionsPidControl", + "CompressionFormat": { + "markdownDescription": "The compression format. If no value is specified, the default is `UNCOMPRESSED` .", + "title": "CompressionFormat", "type": "string" }, - "AudioBufferModel": { - "markdownDescription": "When set to dvb, uses the DVB buffer model for Dolby Digital audio. When set to atsc, the ATSC model is used.", - "title": "AudioBufferModel", + "CustomTimeZone": { + "markdownDescription": "The time zone you prefer. UTC is the default.", + "title": "CustomTimeZone", "type": "string" }, - "AudioFramesPerPes": { - "markdownDescription": "The number of audio frames to insert for each PES packet.", - "title": "AudioFramesPerPes", - "type": "number" - }, - "AudioPids": { - "markdownDescription": "The PID of the elementary audio streams in the transport stream. Multiple values are accepted, and can be entered in ranges or by comma separation. You can enter the value as a decimal or hexadecimal value. Each PID specified must be in the range of 32 (or 0x20)..8182 (or 0x1ff6).", - "title": "AudioPids", - "type": "string" + "DataFormatConversionConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DataFormatConversionConfiguration", + "markdownDescription": "The serializer, deserializer, and schema for converting data from the JSON format to the Parquet or ORC format before writing it to Amazon S3.", + "title": "DataFormatConversionConfiguration" }, - "AudioStreamType": { - "markdownDescription": "When set to atsc, uses stream type = 0x81 for AC3 and stream type = 0x87 for EAC3. When set to dvb, uses stream type = 0x06.", - "title": "AudioStreamType", - "type": "string" + "DynamicPartitioningConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DynamicPartitioningConfiguration", + "markdownDescription": "The configuration of the dynamic partitioning mechanism that creates targeted data sets from the streaming data by partitioning it based on partition keys.", + "title": "DynamicPartitioningConfiguration" }, - "Bitrate": { - "markdownDescription": "The output bitrate of the transport stream in bits per second. Setting to 0 lets the muxer automatically determine the appropriate bitrate.", - "title": "Bitrate", - "type": "number" + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.EncryptionConfiguration", + "markdownDescription": "The encryption configuration for the Kinesis Data Firehose delivery stream. The default value is `NoEncryption` .", + "title": "EncryptionConfiguration" }, - "BufferModel": { - "markdownDescription": "If set to multiplex, uses the multiplex buffer model for accurate interleaving. Setting to bufferModel to none can lead to lower latency, but low-memory devices might not be able to play back the stream without interruptions.", - "title": "BufferModel", + "ErrorOutputPrefix": { + "markdownDescription": "A prefix that Kinesis Data Firehose evaluates and adds to failed records before writing them to S3. This prefix appears immediately following the bucket name. For information about how to specify this prefix, see [Custom Prefixes for Amazon S3 Objects](https://docs.aws.amazon.com/firehose/latest/dev/s3-prefixes.html) .", + "title": "ErrorOutputPrefix", "type": "string" }, - "CcDescriptor": { - "markdownDescription": "When set to enabled, generates captionServiceDescriptor in PMT.", - "title": "CcDescriptor", + "FileExtension": { + "markdownDescription": "Specify a file extension. It will override the default file extension", + "title": "FileExtension", "type": "string" }, - "DvbNitSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.DvbNitSettings", - "markdownDescription": "Inserts a DVB Network Information Table (NIT) at the specified table repetition interval.", - "title": "DvbNitSettings" - }, - "DvbSdtSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.DvbSdtSettings", - "markdownDescription": "Inserts a DVB Service Description Table (SDT) at the specified table repetition interval.", - "title": "DvbSdtSettings" - }, - "DvbSubPids": { - "markdownDescription": "The PID for the input source DVB Subtitle data to this output. Multiple values are accepted, and can be entered in ranges and/or by comma separation. You can enter the value as a decimal or hexadecimal value. Each PID specified must be in the range of 32 (or 0x20)..8182 (or 0x1ff6).", - "title": "DvbSubPids", + "Prefix": { + "markdownDescription": "The `YYYY/MM/DD/HH` time format prefix is automatically used for delivered Amazon S3 files. For more information, see [ExtendedS3DestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ExtendedS3DestinationConfiguration.html) in the *Amazon Kinesis Data Firehose API Reference* .", + "title": "Prefix", "type": "string" }, - "DvbTdtSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.DvbTdtSettings", - "markdownDescription": "Inserts DVB Time and Date Table (TDT) at the specified table repetition interval.", - "title": "DvbTdtSettings" + "ProcessingConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", + "markdownDescription": "The data processing configuration for the Kinesis Data Firehose delivery stream.", + "title": "ProcessingConfiguration" }, - "DvbTeletextPid": { - "markdownDescription": "The PID for the input source DVB Teletext data to this output. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", - "title": "DvbTeletextPid", + "RoleARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS credentials. For constraints, see [ExtendedS3DestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ExtendedS3DestinationConfiguration.html) in the *Amazon Kinesis Data Firehose API Reference* .", + "title": "RoleARN", "type": "string" }, - "Ebif": { - "markdownDescription": "If set to passthrough, passes any EBIF data from the input source to this output.", - "title": "Ebif", - "type": "string" + "S3BackupConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", + "markdownDescription": "The configuration for backup in Amazon S3.", + "title": "S3BackupConfiguration" }, - "EbpAudioInterval": { - "markdownDescription": "When videoAndFixedIntervals is selected, audio EBP markers are added to partitions 3 and 4. The interval between these additional markers is fixed, and is slightly shorter than the video EBP marker interval. This is only available when EBP Cablelabs segmentation markers are selected. Partitions 1 and 2 always follow the video interval.", - "title": "EbpAudioInterval", + "S3BackupMode": { + "markdownDescription": "The Amazon S3 backup mode. After you create a Firehose stream, you can update it to enable Amazon S3 backup if it is disabled. If backup is enabled, you can't update the Firehose stream to disable it.", + "title": "S3BackupMode", "type": "string" - }, - "EbpLookaheadMs": { - "markdownDescription": "When set, enforces that Encoder Boundary Points do not come within the specified time interval of each other by looking ahead at input video. If another EBP is going to come in within the specified time interval, the current EBP is not emitted, and the segment is \"stretched\" to the next marker. The lookahead value does not add latency to the system. The channel must be configured elsewhere to create sufficient latency to make the lookahead accurate.", - "title": "EbpLookaheadMs", - "type": "number" - }, - "EbpPlacement": { - "markdownDescription": "Controls placement of EBP on audio PIDs. If set to videoAndAudioPids, EBP markers are placed on the video PID and all audio PIDs. If set to videoPid, EBP markers are placed on only the video PID.", - "title": "EbpPlacement", + } + }, + "required": [ + "BucketARN", + "RoleARN" + ], + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.HiveJsonSerDe": { + "additionalProperties": false, + "properties": { + "TimestampFormats": { + "items": { + "type": "string" + }, + "markdownDescription": "Indicates how you want Firehose to parse the date and timestamps that may be present in your input data JSON. To specify these format strings, follow the pattern syntax of JodaTime's DateTimeFormat format strings. For more information, see [Class DateTimeFormat](https://docs.aws.amazon.com/https://www.joda.org/joda-time/apidocs/org/joda/time/format/DateTimeFormat.html) . You can also use the special value `millis` to parse timestamps in epoch milliseconds. If you don't specify a format, Firehose uses `java.sql.Timestamp::valueOf` by default.", + "title": "TimestampFormats", + "type": "array" + } + }, + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.HttpEndpointCommonAttribute": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "markdownDescription": "The name of the HTTP endpoint common attribute.", + "title": "AttributeName", "type": "string" }, - "EcmPid": { - "markdownDescription": "This field is unused and deprecated.", - "title": "EcmPid", + "AttributeValue": { + "markdownDescription": "The value of the HTTP endpoint common attribute.", + "title": "AttributeValue", "type": "string" - }, - "EsRateInPes": { - "markdownDescription": "Includes or excludes the ES Rate field in the PES header.", - "title": "EsRateInPes", + } + }, + "required": [ + "AttributeName", + "AttributeValue" + ], + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.HttpEndpointConfiguration": { + "additionalProperties": false, + "properties": { + "AccessKey": { + "markdownDescription": "The access key required for Kinesis Firehose to authenticate with the HTTP endpoint selected as the destination.", + "title": "AccessKey", "type": "string" }, - "EtvPlatformPid": { - "markdownDescription": "The PID for the input source ETV Platform data to this output. You can enter it as a decimal or hexadecimal value. Valid values are 32 (or 0x20) to 8182 (or 0x1ff6).", - "title": "EtvPlatformPid", + "Name": { + "markdownDescription": "The name of the HTTP endpoint selected as the destination.", + "title": "Name", "type": "string" }, - "EtvSignalPid": { - "markdownDescription": "The PID for input source ETV Signal data to this output. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", - "title": "EtvSignalPid", - "type": "string" - }, - "FragmentTime": { - "markdownDescription": "The length in seconds of each fragment. This is used only with EBP markers.", - "title": "FragmentTime", - "type": "number" - }, - "Klv": { - "markdownDescription": "If set to passthrough, passes any KLV data from the input source to this output.", - "title": "Klv", - "type": "string" - }, - "KlvDataPids": { - "markdownDescription": "The PID for the input source KLV data to this output. Multiple values are accepted, and can be entered in ranges or by comma separation. You can enter the value as a decimal or hexadecimal value. Each PID specified must be in the range of 32 (or 0x20)..8182 (or 0x1ff6).", - "title": "KlvDataPids", - "type": "string" - }, - "NielsenId3Behavior": { - "markdownDescription": "If set to passthrough, Nielsen inaudible tones for media tracking will be detected in the input audio and an equivalent ID3 tag will be inserted in the output.", - "title": "NielsenId3Behavior", - "type": "string" - }, - "NullPacketBitrate": { - "markdownDescription": "The value, in bits per second, of extra null packets to insert into the transport stream. This can be used if a downstream encryption system requires periodic null packets.", - "title": "NullPacketBitrate", - "type": "number" - }, - "PatInterval": { - "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream. Valid values are 0, 10..1000.", - "title": "PatInterval", - "type": "number" - }, - "PcrControl": { - "markdownDescription": "When set to pcrEveryPesPacket, a Program Clock Reference value is inserted for every Packetized Elementary Stream (PES) header. This parameter is effective only when the PCR PID is the same as the video or audio elementary stream.", - "title": "PcrControl", - "type": "string" - }, - "PcrPeriod": { - "markdownDescription": "The maximum time, in milliseconds, between Program Clock References (PCRs) inserted into the transport stream.", - "title": "PcrPeriod", - "type": "number" - }, - "PcrPid": { - "markdownDescription": "The PID of the Program Clock Reference (PCR) in the transport stream. When no value is given, MediaLive assigns the same value as the video PID. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", - "title": "PcrPid", - "type": "string" - }, - "PmtInterval": { - "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream. Valid values are 0, 10..1000.", - "title": "PmtInterval", - "type": "number" - }, - "PmtPid": { - "markdownDescription": "The PID for the Program Map Table (PMT) in the transport stream. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", - "title": "PmtPid", - "type": "string" - }, - "ProgramNum": { - "markdownDescription": "The value of the program number field in the Program Map Table (PMT).", - "title": "ProgramNum", - "type": "number" - }, - "RateMode": { - "markdownDescription": "When VBR, does not insert null packets into the transport stream to fill the specified bitrate. The bitrate setting acts as the maximum bitrate when VBR is set.", - "title": "RateMode", - "type": "string" - }, - "Scte27Pids": { - "markdownDescription": "The PID for the input source SCTE-27 data to this output. Multiple values are accepted, and can be entered in ranges or by comma separation. You can enter the value as a decimal or hexadecimal value. Each PID specified must be in the range of 32 (or 0x20)..8182 (or 0x1ff6).", - "title": "Scte27Pids", - "type": "string" - }, - "Scte35Control": { - "markdownDescription": "Optionally passes SCTE-35 signals from the input source to this output.", - "title": "Scte35Control", - "type": "string" - }, - "Scte35Pid": { - "markdownDescription": "The PID of the SCTE-35 stream in the transport stream. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", - "title": "Scte35Pid", - "type": "string" - }, - "Scte35PrerollPullupMilliseconds": { - "markdownDescription": "", - "title": "Scte35PrerollPullupMilliseconds", - "type": "number" - }, - "SegmentationMarkers": { - "markdownDescription": "Inserts segmentation markers at each segmentationTime period. raiSegstart sets the Random Access Indicator bit in the adaptation field. raiAdapt sets the RAI bit and adds the current timecode in the private data bytes. psiSegstart inserts PAT and PMT tables at the start of segments. ebp adds Encoder Boundary Point information to the adaptation field as per OpenCable specification OC-SP-EBP-I01-130118. ebpLegacy adds Encoder Boundary Point information to the adaptation field using a legacy proprietary format.", - "title": "SegmentationMarkers", - "type": "string" - }, - "SegmentationStyle": { - "markdownDescription": "The segmentation style parameter controls how segmentation markers are inserted into the transport stream. With avails, it is possible that segments might be truncated, which can influence where future segmentation markers are inserted. When a segmentation style of resetCadence is selected and a segment is truncated due to an avail, we will reset the segmentation cadence. This means the subsequent segment will have a duration of $segmentationTime seconds. When a segmentation style of maintainCadence is selected and a segment is truncated due to an avail, we will not reset the segmentation cadence. This means the subsequent segment will likely be truncated as well. However, all segments after that will have a duration of $segmentationTime seconds. Note that EBP lookahead is a slight exception to this rule.", - "title": "SegmentationStyle", - "type": "string" - }, - "SegmentationTime": { - "markdownDescription": "The length, in seconds, of each segment. This is required unless markers is set to None_.", - "title": "SegmentationTime", - "type": "number" - }, - "TimedMetadataBehavior": { - "markdownDescription": "When set to passthrough, timed metadata is passed through from input to output.", - "title": "TimedMetadataBehavior", - "type": "string" - }, - "TimedMetadataPid": { - "markdownDescription": "The PID of the timed metadata stream in the transport stream. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", - "title": "TimedMetadataPid", - "type": "string" - }, - "TransportStreamId": { - "markdownDescription": "The value of the transport stream ID field in the Program Map Table (PMT).", - "title": "TransportStreamId", - "type": "number" - }, - "VideoPid": { - "markdownDescription": "The PID of the elementary video stream in the transport stream. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", - "title": "VideoPid", + "Url": { + "markdownDescription": "The URL of the HTTP endpoint selected as the destination.", + "title": "Url", "type": "string" } }, + "required": [ + "Url" + ], "type": "object" }, - "AWS::MediaLive::Channel.M3u8Settings": { + "AWS::KinesisFirehose::DeliveryStream.HttpEndpointDestinationConfiguration": { "additionalProperties": false, "properties": { - "AudioFramesPerPes": { - "markdownDescription": "The number of audio frames to insert for each PES packet.", - "title": "AudioFramesPerPes", - "type": "number" - }, - "AudioPids": { - "markdownDescription": "The PID of the elementary audio streams in the transport stream. Multiple values are accepted, and can be entered in ranges or by comma separation. You can enter the value as a decimal or hexadecimal value.", - "title": "AudioPids", - "type": "string" - }, - "EcmPid": { - "markdownDescription": "This parameter is unused and deprecated.", - "title": "EcmPid", - "type": "string" - }, - "KlvBehavior": { - "markdownDescription": "", - "title": "KlvBehavior", - "type": "string" - }, - "KlvDataPids": { - "markdownDescription": "", - "title": "KlvDataPids", - "type": "string" - }, - "NielsenId3Behavior": { - "markdownDescription": "If set to passthrough, Nielsen inaudible tones for media tracking will be detected in the input audio and an equivalent ID3 tag will be inserted in the output.", - "title": "NielsenId3Behavior", - "type": "string" - }, - "PatInterval": { - "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream. A value of \\\"0\\\" writes out the PMT once per segment file.", - "title": "PatInterval", - "type": "number" - }, - "PcrControl": { - "markdownDescription": "When set to pcrEveryPesPacket, a Program Clock Reference value is inserted for every Packetized Elementary Stream (PES) header. This parameter is effective only when the PCR PID is the same as the video or audio elementary stream.", - "title": "PcrControl", - "type": "string" - }, - "PcrPeriod": { - "markdownDescription": "The maximum time, in milliseconds, between Program Clock References (PCRs) inserted into the transport stream.", - "title": "PcrPeriod", - "type": "number" - }, - "PcrPid": { - "markdownDescription": "The PID of the Program Clock Reference (PCR) in the transport stream. When no value is given, MediaLive assigns the same value as the video PID. You can enter the value as a decimal or hexadecimal value.", - "title": "PcrPid", - "type": "string" + "BufferingHints": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.BufferingHints", + "markdownDescription": "The buffering options that can be used before data is delivered to the specified destination. Kinesis Data Firehose treats these options as hints, and it might choose to use more optimal values. The SizeInMBs and IntervalInSeconds parameters are optional. However, if you specify a value for one of them, you must also provide a value for the other.", + "title": "BufferingHints" }, - "PmtInterval": { - "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream. A value of \\\"0\\\" writes out the PMT once per segment file.", - "title": "PmtInterval", - "type": "number" + "CloudWatchLoggingOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", + "markdownDescription": "Describes the Amazon CloudWatch logging options for your delivery stream.", + "title": "CloudWatchLoggingOptions" }, - "PmtPid": { - "markdownDescription": "The PID for the Program Map Table (PMT) in the transport stream. You can enter the value as a decimal or hexadecimal value.", - "title": "PmtPid", - "type": "string" + "EndpointConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.HttpEndpointConfiguration", + "markdownDescription": "The configuration of the HTTP endpoint selected as the destination.", + "title": "EndpointConfiguration" }, - "ProgramNum": { - "markdownDescription": "The value of the program number field in the Program Map Table (PMT).", - "title": "ProgramNum", - "type": "number" + "ProcessingConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", + "markdownDescription": "Describes the data processing configuration.", + "title": "ProcessingConfiguration" }, - "Scte35Behavior": { - "markdownDescription": "If set to passthrough, passes any SCTE-35 signals from the input source to this output.", - "title": "Scte35Behavior", - "type": "string" + "RequestConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.HttpEndpointRequestConfiguration", + "markdownDescription": "The configuration of the request sent to the HTTP endpoint specified as the destination.", + "title": "RequestConfiguration" }, - "Scte35Pid": { - "markdownDescription": "The PID of the SCTE-35 stream in the transport stream. You can enter the value as a decimal or hexadecimal value.", - "title": "Scte35Pid", - "type": "string" + "RetryOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.RetryOptions", + "markdownDescription": "Describes the retry behavior in case Kinesis Data Firehose is unable to deliver data to the specified HTTP endpoint destination, or if it doesn't receive a valid acknowledgment of receipt from the specified HTTP endpoint destination.", + "title": "RetryOptions" }, - "TimedMetadataBehavior": { - "markdownDescription": "When set to passthrough, timed metadata is passed through from input to output.", - "title": "TimedMetadataBehavior", + "RoleARN": { + "markdownDescription": "Kinesis Data Firehose uses this IAM role for all the permissions that the delivery stream needs.", + "title": "RoleARN", "type": "string" }, - "TimedMetadataPid": { - "markdownDescription": "The PID of the timed metadata stream in the transport stream. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", - "title": "TimedMetadataPid", + "S3BackupMode": { + "markdownDescription": "Describes the S3 bucket backup options for the data that Kinesis Data Firehose delivers to the HTTP endpoint destination. You can back up all documents (AllData) or only the documents that Kinesis Data Firehose could not deliver to the specified HTTP endpoint destination (FailedDataOnly).", + "title": "S3BackupMode", "type": "string" }, - "TransportStreamId": { - "markdownDescription": "The value of the transport stream ID field in the Program Map Table (PMT).", - "title": "TransportStreamId", - "type": "number" + "S3Configuration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", + "markdownDescription": "Describes the configuration of a destination in Amazon S3.", + "title": "S3Configuration" }, - "VideoPid": { - "markdownDescription": "The PID of the elementary video stream in the transport stream. You can enter the value as a decimal or hexadecimal value.", - "title": "VideoPid", - "type": "string" + "SecretsManagerConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SecretsManagerConfiguration", + "markdownDescription": "The configuration that defines how you access secrets for HTTP Endpoint destination.", + "title": "SecretsManagerConfiguration" } }, + "required": [ + "EndpointConfiguration", + "S3Configuration" + ], "type": "object" }, - "AWS::MediaLive::Channel.MaintenanceCreateSettings": { + "AWS::KinesisFirehose::DeliveryStream.HttpEndpointRequestConfiguration": { "additionalProperties": false, "properties": { - "MaintenanceDay": { - "markdownDescription": "Choose one day of the week for maintenance. The chosen day is used for all future maintenance windows.", - "title": "MaintenanceDay", - "type": "string" + "CommonAttributes": { + "items": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.HttpEndpointCommonAttribute" + }, + "markdownDescription": "Describes the metadata sent to the HTTP endpoint destination.", + "title": "CommonAttributes", + "type": "array" }, - "MaintenanceStartTime": { - "markdownDescription": "Choose the hour that maintenance will start. The chosen time is used for all future maintenance windows.", - "title": "MaintenanceStartTime", + "ContentEncoding": { + "markdownDescription": "Kinesis Data Firehose uses the content encoding to compress the body of a request before sending the request to the destination. For more information, see Content-Encoding in MDN Web Docs, the official Mozilla documentation.", + "title": "ContentEncoding", "type": "string" } }, "type": "object" }, - "AWS::MediaLive::Channel.MaintenanceUpdateSettings": { + "AWS::KinesisFirehose::DeliveryStream.IcebergDestinationConfiguration": { "additionalProperties": false, "properties": { - "MaintenanceDay": { - "type": "string" + "AppendOnly": { + "markdownDescription": "Describes whether all incoming data for this delivery stream will be append only (inserts only and not for updates and deletes) for Iceberg delivery. This feature is only applicable for Apache Iceberg Tables.\n\nThe default value is false. If you set this value to true, Firehose automatically increases the throughput limit of a stream based on the throttling levels of the stream. If you set this parameter to true for a stream with updates and deletes, you will see out of order delivery.", + "title": "AppendOnly", + "type": "boolean" }, - "MaintenanceScheduledDate": { + "BufferingHints": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.BufferingHints", + "markdownDescription": "", + "title": "BufferingHints" + }, + "CatalogConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CatalogConfiguration", + "markdownDescription": "Configuration describing where the destination Apache Iceberg Tables are persisted.", + "title": "CatalogConfiguration" + }, + "CloudWatchLoggingOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", + "markdownDescription": "", + "title": "CloudWatchLoggingOptions" + }, + "DestinationTableConfigurationList": { + "items": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DestinationTableConfiguration" + }, + "markdownDescription": "Provides a list of `DestinationTableConfigurations` which Firehose uses to deliver data to Apache Iceberg Tables. Firehose will write data with insert if table specific configuration is not provided here.", + "title": "DestinationTableConfigurationList", + "type": "array" + }, + "ProcessingConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", + "markdownDescription": "", + "title": "ProcessingConfiguration" + }, + "RetryOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.RetryOptions", + "markdownDescription": "", + "title": "RetryOptions" + }, + "RoleARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to be assumed by Firehose for calling Apache Iceberg Tables.", + "title": "RoleARN", "type": "string" }, - "MaintenanceStartTime": { + "S3Configuration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", + "markdownDescription": "", + "title": "S3Configuration" + }, + "SchemaEvolutionConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SchemaEvolutionConfiguration", + "markdownDescription": "The configuration to enable automatic schema evolution.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "SchemaEvolutionConfiguration" + }, + "TableCreationConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.TableCreationConfiguration", + "markdownDescription": "The configuration to enable automatic table creation.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "TableCreationConfiguration" + }, + "s3BackupMode": { + "markdownDescription": "Describes how Firehose will backup records. Currently,S3 backup only supports `FailedDataOnly` .", + "title": "s3BackupMode", "type": "string" } }, + "required": [ + "CatalogConfiguration", + "RoleARN", + "S3Configuration" + ], "type": "object" }, - "AWS::MediaLive::Channel.MediaPackageGroupSettings": { + "AWS::KinesisFirehose::DeliveryStream.InputFormatConfiguration": { "additionalProperties": false, "properties": { - "Destination": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", - "markdownDescription": "The MediaPackage channel destination.", - "title": "Destination" + "Deserializer": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.Deserializer", + "markdownDescription": "Specifies which deserializer to use. You can choose either the Apache Hive JSON SerDe or the OpenX JSON SerDe. If both are non-null, the server rejects the request.", + "title": "Deserializer" } }, "type": "object" }, - "AWS::MediaLive::Channel.MediaPackageOutputDestinationSettings": { + "AWS::KinesisFirehose::DeliveryStream.KMSEncryptionConfig": { "additionalProperties": false, "properties": { - "ChannelId": { - "markdownDescription": "The ID of the channel in MediaPackage that is the destination for this output group. You don't need to specify the individual inputs in MediaPackage; MediaLive handles the connection of the two MediaLive pipelines to the two MediaPackage inputs. The MediaPackage channel and MediaLive channel must be in the same Region.", - "title": "ChannelId", + "AWSKMSKeyARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS encryption key that Amazon S3 uses to encrypt data delivered by the Kinesis Data Firehose stream. The key must belong to the same region as the destination S3 bucket.", + "title": "AWSKMSKeyARN", "type": "string" } }, + "required": [ + "AWSKMSKeyARN" + ], "type": "object" }, - "AWS::MediaLive::Channel.MediaPackageOutputSettings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.MotionGraphicsConfiguration": { + "AWS::KinesisFirehose::DeliveryStream.KinesisStreamSourceConfiguration": { "additionalProperties": false, "properties": { - "MotionGraphicsInsertion": { - "markdownDescription": "Enables or disables the motion graphics overlay feature in the channel.", - "title": "MotionGraphicsInsertion", + "KinesisStreamARN": { + "markdownDescription": "The ARN of the source Kinesis data stream.", + "title": "KinesisStreamARN", "type": "string" }, - "MotionGraphicsSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.MotionGraphicsSettings", - "markdownDescription": "Settings to enable and configure the motion graphics overlay feature in the channel.", - "title": "MotionGraphicsSettings" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.MotionGraphicsSettings": { - "additionalProperties": false, - "properties": { - "HtmlMotionGraphicsSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.HtmlMotionGraphicsSettings", - "markdownDescription": "Settings to configure the motion graphics overlay to use an HTML asset.", - "title": "HtmlMotionGraphicsSettings" + "RoleARN": { + "markdownDescription": "The ARN of the role that provides access to the source Kinesis data stream.", + "title": "RoleARN", + "type": "string" } }, + "required": [ + "KinesisStreamARN", + "RoleARN" + ], "type": "object" }, - "AWS::MediaLive::Channel.Mp2Settings": { + "AWS::KinesisFirehose::DeliveryStream.MSKSourceConfiguration": { "additionalProperties": false, "properties": { - "Bitrate": { - "markdownDescription": "The average bitrate in bits/second.", - "title": "Bitrate", - "type": "number" + "AuthenticationConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AuthenticationConfiguration", + "markdownDescription": "The authentication configuration of the Amazon MSK cluster.", + "title": "AuthenticationConfiguration" }, - "CodingMode": { - "markdownDescription": "The MPEG2 Audio coding mode. Valid values are codingMode10 (for mono) or codingMode20 (for stereo).", - "title": "CodingMode", + "MSKClusterARN": { + "markdownDescription": "The ARN of the Amazon MSK cluster.", + "title": "MSKClusterARN", "type": "string" }, - "SampleRate": { - "markdownDescription": "The sample rate in Hz.", - "title": "SampleRate", - "type": "number" + "ReadFromTimestamp": { + "markdownDescription": "The start date and time in UTC for the offset position within your MSK topic from where Firehose begins to read. By default, this is set to timestamp when Firehose becomes Active.\n\nIf you want to create a Firehose stream with Earliest start position from SDK or CLI, you need to set the `ReadFromTimestamp` parameter to Epoch (1970-01-01T00:00:00Z).", + "title": "ReadFromTimestamp", + "type": "string" + }, + "TopicName": { + "markdownDescription": "The topic name within the Amazon MSK cluster.", + "title": "TopicName", + "type": "string" } }, + "required": [ + "AuthenticationConfiguration", + "MSKClusterARN", + "TopicName" + ], "type": "object" }, - "AWS::MediaLive::Channel.Mpeg2FilterSettings": { + "AWS::KinesisFirehose::DeliveryStream.OpenXJsonSerDe": { "additionalProperties": false, "properties": { - "TemporalFilterSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.TemporalFilterSettings", - "markdownDescription": "Settings for applying the temporal filter to the video.", - "title": "TemporalFilterSettings" + "CaseInsensitive": { + "markdownDescription": "When set to `true` , which is the default, Firehose converts JSON keys to lowercase before deserializing them.", + "title": "CaseInsensitive", + "type": "boolean" + }, + "ColumnToJsonKeyMappings": { + "additionalProperties": true, + "markdownDescription": "Maps column names to JSON keys that aren't identical to the column names. This is useful when the JSON contains keys that are Hive keywords. For example, `timestamp` is a Hive keyword. If you have a JSON key named `timestamp` , set this parameter to `{\"ts\": \"timestamp\"}` to map this key to a column named `ts` .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "ColumnToJsonKeyMappings", + "type": "object" + }, + "ConvertDotsInJsonKeysToUnderscores": { + "markdownDescription": "When set to `true` , specifies that the names of the keys include dots and that you want Firehose to replace them with underscores. This is useful because Apache Hive does not allow dots in column names. For example, if the JSON contains a key whose name is \"a.b\", you can define the column name to be \"a_b\" when using this option.\n\nThe default is `false` .", + "title": "ConvertDotsInJsonKeysToUnderscores", + "type": "boolean" } }, "type": "object" }, - "AWS::MediaLive::Channel.Mpeg2Settings": { + "AWS::KinesisFirehose::DeliveryStream.OrcSerDe": { "additionalProperties": false, "properties": { - "AdaptiveQuantization": { - "markdownDescription": "Choose Off to disable adaptive quantization. Or choose another value to enable the quantizer and set its strength. The strengths are: Auto, Off, Low, Medium, High. When you enable this field, MediaLive allows intra-frame quantizers to vary, which might improve visual quality.", - "title": "AdaptiveQuantization", - "type": "string" + "BlockSizeBytes": { + "markdownDescription": "The Hadoop Distributed File System (HDFS) block size. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is 256 MiB and the minimum is 64 MiB. Firehose uses this value for padding calculations.", + "title": "BlockSizeBytes", + "type": "number" }, - "AfdSignaling": { - "markdownDescription": "Indicates the AFD values that MediaLive will write into the video encode. If you do not know what AFD signaling is, or if your downstream system has not given you guidance, choose AUTO.\nAUTO: MediaLive will try to preserve the input AFD value (in cases where multiple AFD values are valid).\nFIXED: MediaLive will use the value you specify in fixedAFD.", - "title": "AfdSignaling", - "type": "string" + "BloomFilterColumns": { + "items": { + "type": "string" + }, + "markdownDescription": "The column names for which you want Firehose to create bloom filters. The default is `null` .", + "title": "BloomFilterColumns", + "type": "array" }, - "ColorMetadata": { - "markdownDescription": "Specifies whether to include the color space metadata. The metadata describes the color space that applies to the video (the colorSpace field). We recommend that you insert the metadata.", - "title": "ColorMetadata", - "type": "string" + "BloomFilterFalsePositiveProbability": { + "markdownDescription": "The Bloom filter false positive probability (FPP). The lower the FPP, the bigger the Bloom filter. The default value is 0.05, the minimum is 0, and the maximum is 1.", + "title": "BloomFilterFalsePositiveProbability", + "type": "number" }, - "ColorSpace": { - "markdownDescription": "Choose the type of color space conversion to apply to the output. For detailed information on setting up both the input and the output to obtain the desired color space in the output, see the section on \\\"MediaLive Features - Video - color space\\\" in the MediaLive User Guide.\nPASSTHROUGH: Keep the color space of the input content - do not convert it.\nAUTO:Convert all content that is SD to rec 601, and convert all content that is HD to rec 709.", - "title": "ColorSpace", + "Compression": { + "markdownDescription": "The compression code to use over data blocks. The default is `SNAPPY` .", + "title": "Compression", "type": "string" }, - "DisplayAspectRatio": { - "markdownDescription": "Sets the pixel aspect ratio for the encode.", - "title": "DisplayAspectRatio", - "type": "string" + "DictionaryKeyThreshold": { + "markdownDescription": "Represents the fraction of the total number of non-null rows. To turn off dictionary encoding, set this fraction to a number that is less than the number of distinct keys in a dictionary. To always use dictionary encoding, set this threshold to 1.", + "title": "DictionaryKeyThreshold", + "type": "number" }, - "FilterSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Mpeg2FilterSettings", - "markdownDescription": "Optionally specify a noise reduction filter, which can improve quality of compressed content. If you do not choose a filter, no filter will be applied.\nTEMPORAL: This filter is useful for both source content that is noisy (when it has excessive digital artifacts) and source content that is clean.\nWhen the content is noisy, the filter cleans up the source content before the encoding phase, with these two effects: First, it improves the output video quality because the content has been cleaned up. Secondly, it decreases the bandwidth because MediaLive does not waste bits on encoding noise.\nWhen the content is reasonably clean, the filter tends to decrease the bitrate.", - "title": "FilterSettings" + "EnablePadding": { + "markdownDescription": "Set this to `true` to indicate that you want stripes to be padded to the HDFS block boundaries. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is `false` .", + "title": "EnablePadding", + "type": "boolean" }, - "FixedAfd": { - "markdownDescription": "Complete this field only when afdSignaling is set to FIXED. Enter the AFD value (4 bits) to write on all frames of the video encode.", - "title": "FixedAfd", + "FormatVersion": { + "markdownDescription": "The version of the file to write. The possible values are `V0_11` and `V0_12` . The default is `V0_12` .", + "title": "FormatVersion", "type": "string" }, - "FramerateDenominator": { - "markdownDescription": "description\": \"The framerate denominator. For example, 1001. The framerate is the numerator divided by the denominator. For example, 24000 / 1001 = 23.976 FPS.", - "title": "FramerateDenominator", - "type": "number" - }, - "FramerateNumerator": { - "markdownDescription": "The framerate numerator. For example, 24000. The framerate is the numerator divided by the denominator. For example, 24000 / 1001 = 23.976 FPS.", - "title": "FramerateNumerator", - "type": "number" - }, - "GopClosedCadence": { - "markdownDescription": "MPEG2: default is open GOP.", - "title": "GopClosedCadence", + "PaddingTolerance": { + "markdownDescription": "A number between 0 and 1 that defines the tolerance for block padding as a decimal fraction of stripe size. The default value is 0.05, which means 5 percent of stripe size.\n\nFor the default values of 64 MiB ORC stripes and 256 MiB HDFS blocks, the default block padding tolerance of 5 percent reserves a maximum of 3.2 MiB for padding within the 256 MiB block. In such a case, if the available size within the block is more than 3.2 MiB, a new, smaller stripe is inserted to fit within that space. This ensures that no stripe crosses block boundaries and causes remote reads within a node-local task.\n\nKinesis Data Firehose ignores this parameter when `EnablePadding` is `false` .", + "title": "PaddingTolerance", "type": "number" }, - "GopNumBFrames": { - "markdownDescription": "Relates to the GOP structure. The number of B-frames between reference frames. If you do not know what a B-frame is, use the default.", - "title": "GopNumBFrames", + "RowIndexStride": { + "markdownDescription": "The number of rows between index entries. The default is 10,000 and the minimum is 1,000.", + "title": "RowIndexStride", "type": "number" }, - "GopSize": { - "markdownDescription": "Relates to the GOP structure. The GOP size (keyframe interval) in the units specified in gopSizeUnits. If you do not know what GOP is, use the default.\nIf gopSizeUnits is frames, then the gopSize must be an integer and must be greater than or equal to 1.\nIf gopSizeUnits is seconds, the gopSize must be greater than 0, but does not need to be an integer.", - "title": "GopSize", + "StripeSizeBytes": { + "markdownDescription": "The number of bytes in each stripe. The default is 64 MiB and the minimum is 8 MiB.", + "title": "StripeSizeBytes", "type": "number" - }, - "GopSizeUnits": { - "markdownDescription": "Relates to the GOP structure. Specifies whether the gopSize is specified in frames or seconds. If you do not plan to change the default gopSize, leave the default. If you specify SECONDS, MediaLive will internally convert the gop size to a frame count.", - "title": "GopSizeUnits", - "type": "string" - }, - "ScanType": { - "markdownDescription": "Set the scan type of the output to PROGRESSIVE or INTERLACED (top field first).", - "title": "ScanType", - "type": "string" - }, - "SubgopLength": { - "markdownDescription": "Relates to the GOP structure. If you do not know what GOP is, use the default.\nFIXED: Set the number of B-frames in each sub-GOP to the value in gopNumBFrames.\nDYNAMIC: Let MediaLive optimize the number of B-frames in each sub-GOP, to improve visual quality.", - "title": "SubgopLength", - "type": "string" - }, - "TimecodeBurninSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.TimecodeBurninSettings", - "markdownDescription": "", - "title": "TimecodeBurninSettings" - }, - "TimecodeInsertion": { - "markdownDescription": "Determines how MediaLive inserts timecodes in the output video. For detailed information about setting up the input and the output for a timecode, see the section on \\\"MediaLive Features - Timecode configuration\\\" in the MediaLive User Guide.\nDISABLED: do not include timecodes.\nGOP_TIMECODE: Include timecode metadata in the GOP header.", - "title": "TimecodeInsertion", - "type": "string" } }, "type": "object" }, - "AWS::MediaLive::Channel.MsSmoothGroupSettings": { + "AWS::KinesisFirehose::DeliveryStream.OutputFormatConfiguration": { "additionalProperties": false, "properties": { - "AcquisitionPointId": { - "markdownDescription": "The value of the Acquisition Point Identity element that is used in each message placed in the sparse track. Enabled only if sparseTrackType is not \"none.\"", - "title": "AcquisitionPointId", - "type": "string" - }, - "AudioOnlyTimecodeControl": { - "markdownDescription": "If set to passthrough for an audio-only Microsoft Smooth output, the fragment absolute time is set to the current timecode. This option does not write timecodes to the audio elementary stream.", - "title": "AudioOnlyTimecodeControl", - "type": "string" - }, - "CertificateMode": { - "markdownDescription": "If set to verifyAuthenticity, verifies the HTTPS certificate chain to a trusted certificate authority (CA). This causes HTTPS outputs to self-signed certificates to fail.", - "title": "CertificateMode", - "type": "string" - }, - "ConnectionRetryInterval": { - "markdownDescription": "The number of seconds to wait before retrying the connection to the IIS server if the connection is lost. Content is cached during this time, and the cache is delivered to the IIS server after the connection is re-established.", - "title": "ConnectionRetryInterval", - "type": "number" - }, - "Destination": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", - "markdownDescription": "The Smooth Streaming publish point on an IIS server. MediaLive acts as a \"Push\" encoder to IIS.", - "title": "Destination" - }, - "EventId": { - "markdownDescription": "The Microsoft Smooth channel ID that is sent to the IIS server. Specify the ID only if eventIdMode is set to useConfigured.", - "title": "EventId", - "type": "string" - }, - "EventIdMode": { - "markdownDescription": "Specifies whether to send a channel ID to the IIS server. If no channel ID is sent and the same channel is used without changing the publishing point, clients might see cached video from the previous run. Options: - \"useConfigured\" - use the value provided in eventId - \"useTimestamp\" - generate and send a channel ID based on the current timestamp - \"noEventId\" - do not send a channel ID to the IIS server.", - "title": "EventIdMode", - "type": "string" - }, - "EventStopBehavior": { - "markdownDescription": "When set to sendEos, sends an EOS signal to an IIS server when stopping the channel.", - "title": "EventStopBehavior", - "type": "string" - }, - "FilecacheDuration": { - "markdownDescription": "The size, in seconds, of the file cache for streaming outputs.", - "title": "FilecacheDuration", - "type": "number" - }, - "FragmentLength": { - "markdownDescription": "The length, in seconds, of mp4 fragments to generate. The fragment length must be compatible with GOP size and frame rate.", - "title": "FragmentLength", + "Serializer": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.Serializer", + "markdownDescription": "Specifies which serializer to use. You can choose either the ORC SerDe or the Parquet SerDe. If both are non-null, the server rejects the request.", + "title": "Serializer" + } + }, + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.ParquetSerDe": { + "additionalProperties": false, + "properties": { + "BlockSizeBytes": { + "markdownDescription": "The Hadoop Distributed File System (HDFS) block size. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is 256 MiB and the minimum is 64 MiB. Firehose uses this value for padding calculations.", + "title": "BlockSizeBytes", "type": "number" }, - "InputLossAction": { - "markdownDescription": "A parameter that controls output group behavior on an input loss.", - "title": "InputLossAction", + "Compression": { + "markdownDescription": "The compression code to use over data blocks. The possible values are `UNCOMPRESSED` , `SNAPPY` , and `GZIP` , with the default being `SNAPPY` . Use `SNAPPY` for higher decompression speed. Use `GZIP` if the compression ratio is more important than speed.", + "title": "Compression", "type": "string" }, - "NumRetries": { - "markdownDescription": "The number of retry attempts.", - "title": "NumRetries", - "type": "number" + "EnableDictionaryCompression": { + "markdownDescription": "Indicates whether to enable dictionary compression.", + "title": "EnableDictionaryCompression", + "type": "boolean" }, - "RestartDelay": { - "markdownDescription": "The number of seconds before initiating a restart due to output failure, due to exhausting the numRetries on one segment, or exceeding filecacheDuration.", - "title": "RestartDelay", + "MaxPaddingBytes": { + "markdownDescription": "The maximum amount of padding to apply. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is 0.", + "title": "MaxPaddingBytes", "type": "number" }, - "SegmentationMode": { - "markdownDescription": "useInputSegmentation has been deprecated. The configured segment size is always used.", - "title": "SegmentationMode", - "type": "string" - }, - "SendDelayMs": { - "markdownDescription": "The number of milliseconds to delay the output from the second pipeline.", - "title": "SendDelayMs", + "PageSizeBytes": { + "markdownDescription": "The Parquet page size. Column chunks are divided into pages. A page is conceptually an indivisible unit (in terms of compression and encoding). The minimum value is 64 KiB and the default is 1 MiB.", + "title": "PageSizeBytes", "type": "number" }, - "SparseTrackType": { - "markdownDescription": "If set to scte35, uses incoming SCTE-35 messages to generate a sparse track in this group of Microsoft Smooth outputs.", - "title": "SparseTrackType", - "type": "string" - }, - "StreamManifestBehavior": { - "markdownDescription": "When set to send, sends a stream manifest so that the publishing point doesn't start until all streams start.", - "title": "StreamManifestBehavior", - "type": "string" - }, - "TimestampOffset": { - "markdownDescription": "The timestamp offset for the channel. Used only if timestampOffsetMode is set to useConfiguredOffset.", - "title": "TimestampOffset", - "type": "string" - }, - "TimestampOffsetMode": { - "markdownDescription": "The type of timestamp date offset to use. - useEventStartDate: Use the date the channel was started as the offset - useConfiguredOffset: Use an explicitly configured date as the offset.", - "title": "TimestampOffsetMode", + "WriterVersion": { + "markdownDescription": "Indicates the version of row format to output. The possible values are `V1` and `V2` . The default is `V1` .", + "title": "WriterVersion", "type": "string" } }, "type": "object" }, - "AWS::MediaLive::Channel.MsSmoothOutputSettings": { + "AWS::KinesisFirehose::DeliveryStream.PartitionField": { "additionalProperties": false, "properties": { - "H265PackagingType": { - "markdownDescription": "Only applicable when this output is referencing an H.265 video description.\nSpecifies whether MP4 segments should be packaged as HEV1 or HVC1.", - "title": "H265PackagingType", - "type": "string" - }, - "NameModifier": { - "markdownDescription": "A string that is concatenated to the end of the destination file name. This is required for multiple outputs of the same type.", - "title": "NameModifier", + "SourceName": { + "markdownDescription": "The column name to be configured in partition spec.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "SourceName", "type": "string" } }, + "required": [ + "SourceName" + ], "type": "object" }, - "AWS::MediaLive::Channel.MultiplexGroupSettings": { + "AWS::KinesisFirehose::DeliveryStream.PartitionSpec": { "additionalProperties": false, - "properties": {}, + "properties": { + "Identity": { + "items": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.PartitionField" + }, + "markdownDescription": "List of identity [transforms](https://docs.aws.amazon.com/https://iceberg.apache.org/spec/#partition-transforms) that performs an identity transformation. The transform takes the source value, and does not modify it. Result type is the source type.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "Identity", + "type": "array" + } + }, "type": "object" }, - "AWS::MediaLive::Channel.MultiplexOutputSettings": { + "AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration": { "additionalProperties": false, "properties": { - "Destination": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", - "markdownDescription": "Destination is a Multiplex.", - "title": "Destination" + "Enabled": { + "markdownDescription": "Indicates whether data processing is enabled (true) or disabled (false).", + "title": "Enabled", + "type": "boolean" + }, + "Processors": { + "items": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.Processor" + }, + "markdownDescription": "The data processors.", + "title": "Processors", + "type": "array" } }, "type": "object" }, - "AWS::MediaLive::Channel.MultiplexProgramChannelDestinationSettings": { + "AWS::KinesisFirehose::DeliveryStream.Processor": { "additionalProperties": false, "properties": { - "MultiplexId": { - "markdownDescription": "The ID of the Multiplex that the encoder is providing output to. You do not need to specify the individual inputs to the Multiplex; MediaLive will handle the connection of the two MediaLive pipelines to the two Multiplex instances.\nThe Multiplex must be in the same region as the Channel.", - "title": "MultiplexId", - "type": "string" + "Parameters": { + "items": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessorParameter" + }, + "markdownDescription": "The processor parameters.", + "title": "Parameters", + "type": "array" }, - "ProgramName": { - "markdownDescription": "The program name of the Multiplex program that the encoder is providing output to.", - "title": "ProgramName", + "Type": { + "markdownDescription": "The type of processor. Valid values: `Lambda` .", + "title": "Type", "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::MediaLive::Channel.NetworkInputSettings": { + "AWS::KinesisFirehose::DeliveryStream.ProcessorParameter": { "additionalProperties": false, "properties": { - "HlsInputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.HlsInputSettings", - "markdownDescription": "Information about how to connect to the upstream system.", - "title": "HlsInputSettings" + "ParameterName": { + "markdownDescription": "The name of the parameter. Currently the following default values are supported: 3 for `NumberOfRetries` and 60 for the `BufferIntervalInSeconds` . The `BufferSizeInMBs` ranges between 0.2 MB and up to 3MB. The default buffering hint is 1MB for all destinations, except Splunk. For Splunk, the default buffering hint is 256 KB.", + "title": "ParameterName", + "type": "string" }, - "ServerValidation": { - "markdownDescription": "Checks HTTPS server certificates. When set to checkCryptographyOnly, cryptography in the certificate is checked, but not the server's name. Certain subdomains (notably S3 buckets that use dots in the bucket name) don't strictly match the corresponding certificate's wildcard pattern and would otherwise cause the channel to error. This setting is ignored for protocols that do not use HTTPS.", - "title": "ServerValidation", + "ParameterValue": { + "markdownDescription": "The parameter value.", + "title": "ParameterValue", "type": "string" } }, + "required": [ + "ParameterName", + "ParameterValue" + ], "type": "object" }, - "AWS::MediaLive::Channel.NielsenCBET": { + "AWS::KinesisFirehose::DeliveryStream.RedshiftDestinationConfiguration": { "additionalProperties": false, "properties": { - "CbetCheckDigitString": { - "markdownDescription": "Enter the CBET check digits to use in the watermark.", - "title": "CbetCheckDigitString", + "CloudWatchLoggingOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", + "markdownDescription": "The CloudWatch logging options for your Firehose stream.", + "title": "CloudWatchLoggingOptions" + }, + "ClusterJDBCURL": { + "markdownDescription": "The connection string that Kinesis Data Firehose uses to connect to the Amazon Redshift cluster.", + "title": "ClusterJDBCURL", "type": "string" }, - "CbetStepaside": { - "markdownDescription": "Determines the method of CBET insertion mode when prior encoding is detected on the same layer.", - "title": "CbetStepaside", + "CopyCommand": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CopyCommand", + "markdownDescription": "Configures the Amazon Redshift `COPY` command that Kinesis Data Firehose uses to load data into the cluster from the Amazon S3 bucket.", + "title": "CopyCommand" + }, + "Password": { + "markdownDescription": "The password for the Amazon Redshift user that you specified in the `Username` property.", + "title": "Password", "type": "string" }, - "Csid": { - "markdownDescription": "Enter the CBET Source ID (CSID) to use in the watermark", - "title": "Csid", + "ProcessingConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", + "markdownDescription": "The data processing configuration for the Kinesis Data Firehose delivery stream.", + "title": "ProcessingConfiguration" + }, + "RetryOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.RedshiftRetryOptions", + "markdownDescription": "The retry behavior in case Firehose is unable to deliver documents to Amazon Redshift. Default value is 3600 (60 minutes).", + "title": "RetryOptions" + }, + "RoleARN": { + "markdownDescription": "The ARN of the AWS Identity and Access Management (IAM) role that grants Kinesis Data Firehose access to your Amazon S3 bucket and AWS KMS (if you enable data encryption). For more information, see [Grant Kinesis Data Firehose Access to an Amazon Redshift Destination](https://docs.aws.amazon.com/firehose/latest/dev/controlling-access.html#using-iam-rs) in the *Amazon Kinesis Data Firehose Developer Guide* .", + "title": "RoleARN", + "type": "string" + }, + "S3BackupConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", + "markdownDescription": "The configuration for backup in Amazon S3.", + "title": "S3BackupConfiguration" + }, + "S3BackupMode": { + "markdownDescription": "The Amazon S3 backup mode. After you create a Firehose stream, you can update it to enable Amazon S3 backup if it is disabled. If backup is enabled, you can't update the Firehose stream to disable it.", + "title": "S3BackupMode", + "type": "string" + }, + "S3Configuration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", + "markdownDescription": "The S3 bucket where Kinesis Data Firehose first delivers data. After the data is in the bucket, Kinesis Data Firehose uses the `COPY` command to load the data into the Amazon Redshift cluster. For the Amazon S3 bucket's compression format, don't specify `SNAPPY` or `ZIP` because the Amazon Redshift `COPY` command doesn't support them.", + "title": "S3Configuration" + }, + "SecretsManagerConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SecretsManagerConfiguration", + "markdownDescription": "The configuration that defines how you access secrets for Amazon Redshift.", + "title": "SecretsManagerConfiguration" + }, + "Username": { + "markdownDescription": "The Amazon Redshift user that has permission to access the Amazon Redshift cluster. This user must have `INSERT` privileges for copying data from the Amazon S3 bucket to the cluster.", + "title": "Username", "type": "string" } }, + "required": [ + "ClusterJDBCURL", + "CopyCommand", + "RoleARN", + "S3Configuration" + ], "type": "object" }, - "AWS::MediaLive::Channel.NielsenConfiguration": { + "AWS::KinesisFirehose::DeliveryStream.RedshiftRetryOptions": { "additionalProperties": false, "properties": { - "DistributorId": { - "markdownDescription": "Enter the Distributor ID assigned to your organization by Nielsen.", - "title": "DistributorId", - "type": "string" - }, - "NielsenPcmToId3Tagging": { - "markdownDescription": "Enables Nielsen PCM to ID3 tagging", - "title": "NielsenPcmToId3Tagging", - "type": "string" + "DurationInSeconds": { + "markdownDescription": "The length of time during which Firehose retries delivery after a failure, starting from the initial request and including the first attempt. The default value is 3600 seconds (60 minutes). Firehose does not retry if the value of `DurationInSeconds` is 0 (zero) or if the first delivery attempt takes longer than the current value.", + "title": "DurationInSeconds", + "type": "number" } }, "type": "object" }, - "AWS::MediaLive::Channel.NielsenNaesIiNw": { + "AWS::KinesisFirehose::DeliveryStream.RetryOptions": { "additionalProperties": false, "properties": { - "CheckDigitString": { - "markdownDescription": "Enter the check digit string for the watermark", - "title": "CheckDigitString", - "type": "string" - }, - "Sid": { - "markdownDescription": "Enter the Nielsen Source ID (SID) to include in the watermark", - "title": "Sid", + "DurationInSeconds": { + "markdownDescription": "The total amount of time that Kinesis Data Firehose spends on retries. This duration starts after the initial attempt to send data to the custom destination via HTTPS endpoint fails. It doesn't include the periods during which Kinesis Data Firehose waits for acknowledgment from the specified destination after each attempt.", + "title": "DurationInSeconds", "type": "number" - }, - "Timezone": { - "markdownDescription": "", - "title": "Timezone", - "type": "string" } }, "type": "object" }, - "AWS::MediaLive::Channel.NielsenWatermarksSettings": { + "AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration": { "additionalProperties": false, "properties": { - "NielsenCbetSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.NielsenCBET", - "markdownDescription": "Complete these fields only if you want to insert watermarks of type Nielsen CBET", - "title": "NielsenCbetSettings" + "BucketARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon S3 bucket to send data to.", + "title": "BucketARN", + "type": "string" }, - "NielsenDistributionType": { - "markdownDescription": "Choose the distribution types that you want to assign to the watermarks:\n- PROGRAM_CONTENT\n- FINAL_DISTRIBUTOR", - "title": "NielsenDistributionType", + "BufferingHints": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.BufferingHints", + "markdownDescription": "Configures how Kinesis Data Firehose buffers incoming data while delivering it to the Amazon S3 bucket.", + "title": "BufferingHints" + }, + "CloudWatchLoggingOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", + "markdownDescription": "The CloudWatch logging options for your Firehose stream.", + "title": "CloudWatchLoggingOptions" + }, + "CompressionFormat": { + "markdownDescription": "The type of compression that Kinesis Data Firehose uses to compress the data that it delivers to the Amazon S3 bucket. For valid values, see the `CompressionFormat` content for the [S3DestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_S3DestinationConfiguration.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", + "title": "CompressionFormat", "type": "string" }, - "NielsenNaesIiNwSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.NielsenNaesIiNw", - "markdownDescription": "Complete these fields only if you want to insert watermarks of type Nielsen NAES II (N2) and Nielsen NAES VI (NW).", - "title": "NielsenNaesIiNwSettings" + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.EncryptionConfiguration", + "markdownDescription": "Configures Amazon Simple Storage Service (Amazon S3) server-side encryption. Kinesis Data Firehose uses AWS Key Management Service ( AWS KMS) to encrypt the data that it delivers to your Amazon S3 bucket.", + "title": "EncryptionConfiguration" + }, + "ErrorOutputPrefix": { + "markdownDescription": "A prefix that Kinesis Data Firehose evaluates and adds to failed records before writing them to S3. This prefix appears immediately following the bucket name. For information about how to specify this prefix, see [Custom Prefixes for Amazon S3 Objects](https://docs.aws.amazon.com/firehose/latest/dev/s3-prefixes.html) .", + "title": "ErrorOutputPrefix", + "type": "string" + }, + "Prefix": { + "markdownDescription": "A prefix that Kinesis Data Firehose adds to the files that it delivers to the Amazon S3 bucket. The prefix helps you identify the files that Kinesis Data Firehose delivered.", + "title": "Prefix", + "type": "string" + }, + "RoleARN": { + "markdownDescription": "The ARN of an AWS Identity and Access Management (IAM) role that grants Kinesis Data Firehose access to your Amazon S3 bucket and AWS KMS (if you enable data encryption). For more information, see [Grant Kinesis Data Firehose Access to an Amazon S3 Destination](https://docs.aws.amazon.com/firehose/latest/dev/controlling-access.html#using-iam-s3) in the *Amazon Kinesis Data Firehose Developer Guide* .", + "title": "RoleARN", + "type": "string" } }, + "required": [ + "BucketARN", + "RoleARN" + ], "type": "object" }, - "AWS::MediaLive::Channel.Output": { + "AWS::KinesisFirehose::DeliveryStream.SchemaConfiguration": { "additionalProperties": false, "properties": { - "AudioDescriptionNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The names of the audio descriptions that are used as audio sources for this output.", - "title": "AudioDescriptionNames", - "type": "array" + "CatalogId": { + "markdownDescription": "The ID of the AWS Glue Data Catalog. If you don't supply this, the AWS account ID is used by default.", + "title": "CatalogId", + "type": "string" }, - "CaptionDescriptionNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The names of the caption descriptions that are used as captions sources for this output.", - "title": "CaptionDescriptionNames", - "type": "array" + "DatabaseName": { + "markdownDescription": "Specifies the name of the AWS Glue database that contains the schema for the output data.\n\n> If the `SchemaConfiguration` request parameter is used as part of invoking the `CreateDeliveryStream` API, then the `DatabaseName` property is required and its value must be specified.", + "title": "DatabaseName", + "type": "string" }, - "OutputName": { - "markdownDescription": "The name that is used to identify an output.", - "title": "OutputName", + "Region": { + "markdownDescription": "If you don't specify an AWS Region, the default is the current Region.", + "title": "Region", "type": "string" }, - "OutputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputSettings", - "markdownDescription": "The output type-specific settings.", - "title": "OutputSettings" + "RoleARN": { + "markdownDescription": "The role that Firehose can use to access AWS Glue. This role must be in the same account you use for Firehose. Cross-account roles aren't allowed.\n\n> If the `SchemaConfiguration` request parameter is used as part of invoking the `CreateDeliveryStream` API, then the `RoleARN` property is required and its value must be specified.", + "title": "RoleARN", + "type": "string" }, - "VideoDescriptionName": { - "markdownDescription": "The name of the VideoDescription that is used as the source for this output.", - "title": "VideoDescriptionName", + "TableName": { + "markdownDescription": "Specifies the AWS Glue table that contains the column information that constitutes your data schema.\n\n> If the `SchemaConfiguration` request parameter is used as part of invoking the `CreateDeliveryStream` API, then the `TableName` property is required and its value must be specified.", + "title": "TableName", + "type": "string" + }, + "VersionId": { + "markdownDescription": "Specifies the table version for the output data schema. If you don't specify this version ID, or if you set it to `LATEST` , Firehose uses the most recent version. This means that any updates to the table are automatically picked up.", + "title": "VersionId", "type": "string" } }, "type": "object" }, - "AWS::MediaLive::Channel.OutputDestination": { + "AWS::KinesisFirehose::DeliveryStream.SchemaEvolutionConfiguration": { "additionalProperties": false, "properties": { - "Id": { - "markdownDescription": "The ID for this destination.", - "title": "Id", - "type": "string" - }, - "MediaPackageSettings": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.MediaPackageOutputDestinationSettings" - }, - "markdownDescription": "The destination settings for a MediaPackage output.", - "title": "MediaPackageSettings", - "type": "array" - }, - "MultiplexSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.MultiplexProgramChannelDestinationSettings", - "markdownDescription": "Destination settings for a Multiplex output; one destination for both encoders.", - "title": "MultiplexSettings" - }, - "Settings": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputDestinationSettings" - }, - "markdownDescription": "The destination settings for an output.", - "title": "Settings", - "type": "array" + "Enabled": { + "markdownDescription": "Specify whether you want to enable schema evolution.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "Enabled", + "type": "boolean" } }, "type": "object" }, - "AWS::MediaLive::Channel.OutputDestinationSettings": { + "AWS::KinesisFirehose::DeliveryStream.SecretsManagerConfiguration": { "additionalProperties": false, "properties": { - "PasswordParam": { - "markdownDescription": "The password parameter that holds the password for accessing the downstream system. This password parameter applies only if the downstream system requires credentials.", - "title": "PasswordParam", - "type": "string" - }, - "StreamName": { - "markdownDescription": "The stream name for the content. This applies only to RTMP outputs.", - "title": "StreamName", - "type": "string" + "Enabled": { + "markdownDescription": "Specifies whether you want to use the secrets manager feature. When set as `True` the secrets manager configuration overwrites the existing secrets in the destination configuration. When it's set to `False` Firehose falls back to the credentials in the destination configuration.", + "title": "Enabled", + "type": "boolean" }, - "Url": { - "markdownDescription": "The URL for the destination.", - "title": "Url", + "RoleARN": { + "markdownDescription": "Specifies the role that Firehose assumes when calling the Secrets Manager API operation. When you provide the role, it overrides any destination specific role defined in the destination configuration. If you do not provide the then we use the destination specific role. This parameter is required for Splunk.", + "title": "RoleARN", "type": "string" }, - "Username": { - "markdownDescription": "The user name to connect to the downstream system. This applies only if the downstream system requires credentials.", - "title": "Username", + "SecretARN": { + "markdownDescription": "The ARN of the secret that stores your credentials. It must be in the same region as the Firehose stream and the role. The secret ARN can reside in a different account than the Firehose stream and role as Firehose supports cross-account secret access. This parameter is required when *Enabled* is set to `True` .", + "title": "SecretARN", "type": "string" } }, + "required": [ + "Enabled" + ], "type": "object" }, - "AWS::MediaLive::Channel.OutputGroup": { + "AWS::KinesisFirehose::DeliveryStream.Serializer": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "A custom output group name that you can optionally define. Only letters, numbers, and the underscore character are allowed. The maximum length is 32 characters.", - "title": "Name", - "type": "string" - }, - "OutputGroupSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputGroupSettings", - "markdownDescription": "The settings associated with the output group.", - "title": "OutputGroupSettings" + "OrcSerDe": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.OrcSerDe", + "markdownDescription": "A serializer to use for converting data to the ORC format before storing it in Amazon S3. For more information, see [Apache ORC](https://docs.aws.amazon.com/https://orc.apache.org/docs/) .", + "title": "OrcSerDe" }, - "Outputs": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Output" - }, - "markdownDescription": "The settings for the outputs in the output group.", - "title": "Outputs", - "type": "array" + "ParquetSerDe": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ParquetSerDe", + "markdownDescription": "A serializer to use for converting data to the Parquet format before storing it in Amazon S3. For more information, see [Apache Parquet](https://docs.aws.amazon.com/https://parquet.apache.org/docs/contribution-guidelines/) .", + "title": "ParquetSerDe" } }, "type": "object" }, - "AWS::MediaLive::Channel.OutputGroupSettings": { + "AWS::KinesisFirehose::DeliveryStream.SnowflakeBufferingHints": { "additionalProperties": false, "properties": { - "ArchiveGroupSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.ArchiveGroupSettings", - "markdownDescription": "The configuration of an archive output group.\n\nThe parent of this entity is OutputGroupSettings.", - "title": "ArchiveGroupSettings" + "IntervalInSeconds": { + "markdownDescription": "Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 0.", + "title": "IntervalInSeconds", + "type": "number" }, - "CmafIngestGroupSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.CmafIngestGroupSettings", - "markdownDescription": "", - "title": "CmafIngestGroupSettings" - }, - "FrameCaptureGroupSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.FrameCaptureGroupSettings", - "markdownDescription": "The configuration of a frame capture output group.", - "title": "FrameCaptureGroupSettings" - }, - "HlsGroupSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.HlsGroupSettings", - "markdownDescription": "The configuration of an HLS output group.", - "title": "HlsGroupSettings" - }, - "MediaPackageGroupSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.MediaPackageGroupSettings", - "markdownDescription": "The configuration of a MediaPackage output group.", - "title": "MediaPackageGroupSettings" - }, - "MsSmoothGroupSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.MsSmoothGroupSettings", - "markdownDescription": "The configuration of a Microsoft Smooth output group.", - "title": "MsSmoothGroupSettings" - }, - "MultiplexGroupSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.MultiplexGroupSettings", - "markdownDescription": "The settings for a Multiplex output group.", - "title": "MultiplexGroupSettings" - }, - "RtmpGroupSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.RtmpGroupSettings", - "markdownDescription": "The configuration of an RTMP output group.", - "title": "RtmpGroupSettings" - }, - "UdpGroupSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.UdpGroupSettings", - "markdownDescription": "The configuration of a UDP output group.", - "title": "UdpGroupSettings" + "SizeInMBs": { + "markdownDescription": "Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 128.", + "title": "SizeInMBs", + "type": "number" } }, "type": "object" }, - "AWS::MediaLive::Channel.OutputLocationRef": { + "AWS::KinesisFirehose::DeliveryStream.SnowflakeDestinationConfiguration": { "additionalProperties": false, "properties": { - "DestinationRefId": { - "markdownDescription": "A reference ID for this destination.", - "title": "DestinationRefId", + "AccountUrl": { + "markdownDescription": "URL for accessing your Snowflake account. This URL must include your [account identifier](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/admin-account-identifier) . Note that the protocol (https://) and port number are optional.", + "title": "AccountUrl", "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.OutputLockingSettings": { - "additionalProperties": false, - "properties": { - "EpochLockingSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.EpochLockingSettings", - "markdownDescription": "", - "title": "EpochLockingSettings" }, - "PipelineLockingSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.PipelineLockingSettings", - "markdownDescription": "", - "title": "PipelineLockingSettings" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.OutputSettings": { - "additionalProperties": false, - "properties": { - "ArchiveOutputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.ArchiveOutputSettings", - "markdownDescription": "The settings for an archive output.", - "title": "ArchiveOutputSettings" + "BufferingHints": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SnowflakeBufferingHints", + "markdownDescription": "Describes the buffering to perform before delivering data to the Snowflake destination. If you do not specify any value, Firehose uses the default values.", + "title": "BufferingHints" }, - "CmafIngestOutputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.CmafIngestOutputSettings", + "CloudWatchLoggingOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", "markdownDescription": "", - "title": "CmafIngestOutputSettings" - }, - "FrameCaptureOutputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.FrameCaptureOutputSettings", - "markdownDescription": "The settings for a frame capture output.\n\nThe parent of this entity is OutputGroupSettings.", - "title": "FrameCaptureOutputSettings" - }, - "HlsOutputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.HlsOutputSettings", - "markdownDescription": "The settings for an HLS output.\n\nThe parent of this entity is OutputGroupSettings.", - "title": "HlsOutputSettings" - }, - "MediaPackageOutputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.MediaPackageOutputSettings", - "markdownDescription": "The settings for a MediaPackage output.\n\nThe parent of this entity is OutputGroupSettings.", - "title": "MediaPackageOutputSettings" - }, - "MsSmoothOutputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.MsSmoothOutputSettings", - "markdownDescription": "The settings for a Microsoft Smooth output.", - "title": "MsSmoothOutputSettings" - }, - "MultiplexOutputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.MultiplexOutputSettings", - "markdownDescription": "Configuration of a Multiplex output.", - "title": "MultiplexOutputSettings" - }, - "RtmpOutputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.RtmpOutputSettings", - "markdownDescription": "The settings for an RTMP output.\n\nThe parent of this entity is OutputGroupSettings.", - "title": "RtmpOutputSettings" - }, - "UdpOutputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.UdpOutputSettings", - "markdownDescription": "The settings for a UDP output.\n\nThe parent of this entity is OutputGroupSettings.", - "title": "UdpOutputSettings" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.PassThroughSettings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.PipelineLockingSettings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.RawSettings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.Rec601Settings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.Rec709Settings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.RemixSettings": { - "additionalProperties": false, - "properties": { - "ChannelMappings": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioChannelMapping" - }, - "markdownDescription": "A mapping of input channels to output channels, with appropriate gain adjustments.", - "title": "ChannelMappings", - "type": "array" - }, - "ChannelsIn": { - "markdownDescription": "The number of input channels to be used.", - "title": "ChannelsIn", - "type": "number" - }, - "ChannelsOut": { - "markdownDescription": "The number of output channels to be produced. Valid values: 1, 2, 4, 6, 8.", - "title": "ChannelsOut", - "type": "number" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.RtmpCaptionInfoDestinationSettings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.RtmpGroupSettings": { - "additionalProperties": false, - "properties": { - "AdMarkers": { - "items": { - "type": "string" - }, - "markdownDescription": "Choose the ad marker type for this output group. MediaLive will create a message based on the content of each SCTE-35 message, format it for that marker type, and insert it in the datastream.", - "title": "AdMarkers", - "type": "array" - }, - "AuthenticationScheme": { - "markdownDescription": "An authentication scheme to use when connecting with a CDN.", - "title": "AuthenticationScheme", - "type": "string" + "title": "CloudWatchLoggingOptions" }, - "CacheFullBehavior": { - "markdownDescription": "Controls behavior when the content cache fills up. If a remote origin server stalls the RTMP connection and doesn't accept content fast enough, the media cache fills up. When the cache reaches the duration specified by cacheLength, the cache stops accepting new content. If set to disconnectImmediately, the RTMP output forces a disconnect. Clear the media cache, and reconnect after restartDelay seconds. If set to waitForServer, the RTMP output waits up to 5 minutes to allow the origin server to begin accepting data again.", - "title": "CacheFullBehavior", + "ContentColumnName": { + "markdownDescription": "The name of the record content column.", + "title": "ContentColumnName", "type": "string" }, - "CacheLength": { - "markdownDescription": "The cache length, in seconds, that is used to calculate buffer size.", - "title": "CacheLength", - "type": "number" - }, - "CaptionData": { - "markdownDescription": "Controls the types of data that pass to onCaptionInfo outputs. If set to all, 608 and 708 carried DTVCC data is passed. If set to field1AndField2608, DTVCC data is stripped out, but 608 data from both fields is passed. If set to field1608, only the data carried in 608 from field 1 video is passed.", - "title": "CaptionData", + "DataLoadingOption": { + "markdownDescription": "Choose to load JSON keys mapped to table column names or choose to split the JSON payload where content is mapped to a record content column and source metadata is mapped to a record metadata column.", + "title": "DataLoadingOption", "type": "string" }, - "IncludeFillerNalUnits": { - "markdownDescription": "", - "title": "IncludeFillerNalUnits", + "Database": { + "markdownDescription": "All data in Snowflake is maintained in databases.", + "title": "Database", "type": "string" }, - "InputLossAction": { - "markdownDescription": "Controls the behavior of this RTMP group if the input becomes unavailable. emitOutput: Emit a slate until the input returns. pauseOutput: Stop transmitting data until the input returns. This does not close the underlying RTMP connection.", - "title": "InputLossAction", + "KeyPassphrase": { + "markdownDescription": "Passphrase to decrypt the private key when the key is encrypted. For information, see [Using Key Pair Authentication & Key Rotation](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/data-load-snowpipe-streaming-configuration#using-key-pair-authentication-key-rotation) .", + "title": "KeyPassphrase", "type": "string" }, - "RestartDelay": { - "markdownDescription": "If a streaming output fails, the number of seconds to wait until a restart is initiated. A value of 0 means never restart.", - "title": "RestartDelay", - "type": "number" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.RtmpOutputSettings": { - "additionalProperties": false, - "properties": { - "CertificateMode": { - "markdownDescription": "If set to verifyAuthenticity, verifies the TLS certificate chain to a trusted certificate authority (CA). This causes RTMPS outputs with self-signed certificates to fail.", - "title": "CertificateMode", + "MetaDataColumnName": { + "markdownDescription": "Specify a column name in the table, where the metadata information has to be loaded. When you enable this field, you will see the following column in the snowflake table, which differs based on the source type.\n\nFor Direct PUT as source\n\n`{ \"firehoseDeliveryStreamName\" : \"streamname\", \"IngestionTime\" : \"timestamp\" }`\n\nFor Kinesis Data Stream as source\n\n`\"kinesisStreamName\" : \"streamname\", \"kinesisShardId\" : \"Id\", \"kinesisPartitionKey\" : \"key\", \"kinesisSequenceNumber\" : \"1234\", \"subsequenceNumber\" : \"2334\", \"IngestionTime\" : \"timestamp\" }`", + "title": "MetaDataColumnName", "type": "string" }, - "ConnectionRetryInterval": { - "markdownDescription": "The number of seconds to wait before retrying a connection to the Flash Media server if the connection is lost.", - "title": "ConnectionRetryInterval", - "type": "number" - }, - "Destination": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", - "markdownDescription": "The RTMP endpoint excluding the stream name (for example, rtmp://host/appname).", - "title": "Destination" - }, - "NumRetries": { - "markdownDescription": "The number of retry attempts.", - "title": "NumRetries", - "type": "number" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.Scte20PlusEmbeddedDestinationSettings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.Scte20SourceSettings": { - "additionalProperties": false, - "properties": { - "Convert608To708": { - "markdownDescription": "If upconvert, 608 data is both passed through the \"608 compatibility bytes\" fields of the 708 wrapper as well as translated into 708. Any 708 data present in the source content is discarded.", - "title": "Convert608To708", + "PrivateKey": { + "markdownDescription": "The private key used to encrypt your Snowflake client. For information, see [Using Key Pair Authentication & Key Rotation](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/data-load-snowpipe-streaming-configuration#using-key-pair-authentication-key-rotation) .", + "title": "PrivateKey", "type": "string" }, - "Source608ChannelNumber": { - "markdownDescription": "Specifies the 608/708 channel number within the video track from which to extract captions.", - "title": "Source608ChannelNumber", - "type": "number" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.Scte27DestinationSettings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.Scte27SourceSettings": { - "additionalProperties": false, - "properties": { - "OcrLanguage": { - "markdownDescription": "If you will configure a WebVTT caption description that references this caption selector, use this field to\nprovide the language to consider when translating the image-based source to text.", - "title": "OcrLanguage", - "type": "string" + "ProcessingConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", + "markdownDescription": "", + "title": "ProcessingConfiguration" }, - "Pid": { - "markdownDescription": "The PID field is used in conjunction with the captions selector languageCode field as follows: Specify PID and Language: Extracts captions from that PID; the language is \"informational.\" Specify PID and omit Language: Extracts the specified PID. Omit PID and specify Language: Extracts the specified language, whichever PID that happens to be. Omit PID and omit Language: Valid only if source is DVB-Sub that is being passed through; all languages are passed through.", - "title": "Pid", - "type": "number" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.Scte35SpliceInsert": { - "additionalProperties": false, - "properties": { - "AdAvailOffset": { - "markdownDescription": "When specified, this offset (in milliseconds) is added to the input ad avail PTS time. This applies only to embedded SCTE 104/35 messages. It doesn't apply to OOB messages.", - "title": "AdAvailOffset", - "type": "number" + "RetryOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SnowflakeRetryOptions", + "markdownDescription": "The time period where Firehose will retry sending data to the chosen HTTP endpoint.", + "title": "RetryOptions" }, - "NoRegionalBlackoutFlag": { - "markdownDescription": "When set to ignore, segment descriptors with noRegionalBlackoutFlag set to 0 no longer trigger blackouts or ad avail slates.", - "title": "NoRegionalBlackoutFlag", + "RoleARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Snowflake role", + "title": "RoleARN", "type": "string" }, - "WebDeliveryAllowedFlag": { - "markdownDescription": "When set to ignore, segment descriptors with webDeliveryAllowedFlag set to 0 no longer trigger blackouts or ad avail slates.", - "title": "WebDeliveryAllowedFlag", + "S3BackupMode": { + "markdownDescription": "Choose an S3 backup mode", + "title": "S3BackupMode", "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.Scte35TimeSignalApos": { - "additionalProperties": false, - "properties": { - "AdAvailOffset": { - "markdownDescription": "When specified, this offset (in milliseconds) is added to the input ad avail PTS time. This applies only to embedded SCTE 104/35 messages. It doesn't apply to OOB messages.", - "title": "AdAvailOffset", - "type": "number" }, - "NoRegionalBlackoutFlag": { - "markdownDescription": "When set to ignore, segment descriptors with noRegionalBlackoutFlag set to 0 no longer trigger blackouts or ad avail slates.", - "title": "NoRegionalBlackoutFlag", - "type": "string" + "S3Configuration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", + "markdownDescription": "", + "title": "S3Configuration" }, - "WebDeliveryAllowedFlag": { - "markdownDescription": "When set to ignore, segment descriptors with webDeliveryAllowedFlag set to 0 no longer trigger blackouts or ad avail slates.", - "title": "WebDeliveryAllowedFlag", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.SmpteTtDestinationSettings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.StandardHlsSettings": { - "additionalProperties": false, - "properties": { - "AudioRenditionSets": { - "markdownDescription": "Lists all the audio groups that are used with the video output stream. This inputs all the audio GROUP-IDs that are associated with the video, separated by a comma (,).", - "title": "AudioRenditionSets", + "Schema": { + "markdownDescription": "Each database consists of one or more schemas, which are logical groupings of database objects, such as tables and views", + "title": "Schema", "type": "string" }, - "M3u8Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.M3u8Settings", - "markdownDescription": "Settings for the M3U8 container.", - "title": "M3u8Settings" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.StaticKeySettings": { - "additionalProperties": false, - "properties": { - "KeyProviderServer": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", - "markdownDescription": "The URL of the license server that is used for protecting content.", - "title": "KeyProviderServer" - }, - "StaticKeyValue": { - "markdownDescription": "The static key value as a 32 character hexadecimal string.", - "title": "StaticKeyValue", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.TeletextDestinationSettings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.TeletextSourceSettings": { - "additionalProperties": false, - "properties": { - "OutputRectangle": { - "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionRectangle", - "markdownDescription": "Settings to configure the caption rectangle for an output captions that will be created using this Teletext source captions.", - "title": "OutputRectangle" + "SecretsManagerConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SecretsManagerConfiguration", + "markdownDescription": "The configuration that defines how you access secrets for Snowflake.", + "title": "SecretsManagerConfiguration" }, - "PageNumber": { - "markdownDescription": "Specifies the Teletext page number within the data stream from which to extract captions. The range is 0x100 (256) to 0x8FF (2303). This is unused for passthrough. It should be specified as a hexadecimal string with no \"0x\" prefix.", - "title": "PageNumber", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.TemporalFilterSettings": { - "additionalProperties": false, - "properties": { - "PostFilterSharpening": { - "markdownDescription": "If you enable this filter, the results are the following:\n- If the source content is noisy (it contains excessive digital artifacts), the filter cleans up the source.\n- If the source content is already clean, the filter tends to decrease the bitrate, especially when the rate control mode is QVBR.", - "title": "PostFilterSharpening", - "type": "string" + "SnowflakeRoleConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SnowflakeRoleConfiguration", + "markdownDescription": "Optionally configure a Snowflake role. Otherwise the default user role will be used.", + "title": "SnowflakeRoleConfiguration" }, - "Strength": { - "markdownDescription": "Choose a filter strength. We recommend a strength of 1 or 2. A higher strength might take out good information, resulting in an image that is overly soft.", - "title": "Strength", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.ThumbnailConfiguration": { - "additionalProperties": false, - "properties": { - "State": { - "markdownDescription": "", - "title": "State", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.TimecodeBurninSettings": { - "additionalProperties": false, - "properties": { - "FontSize": { - "markdownDescription": "", - "title": "FontSize", - "type": "string" + "SnowflakeVpcConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SnowflakeVpcConfiguration", + "markdownDescription": "The VPCE ID for Firehose to privately connect with Snowflake. The ID format is com.amazonaws.vpce.[region].vpce-svc-<[id]>. For more information, see [Amazon PrivateLink & Snowflake](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/admin-security-privatelink)", + "title": "SnowflakeVpcConfiguration" }, - "Position": { - "markdownDescription": "", - "title": "Position", + "Table": { + "markdownDescription": "All data in Snowflake is stored in database tables, logically structured as collections of columns and rows.", + "title": "Table", "type": "string" }, - "Prefix": { - "markdownDescription": "", - "title": "Prefix", + "User": { + "markdownDescription": "User login name for the Snowflake account.", + "title": "User", "type": "string" } }, + "required": [ + "AccountUrl", + "Database", + "RoleARN", + "S3Configuration", + "Schema", + "Table" + ], "type": "object" }, - "AWS::MediaLive::Channel.TimecodeConfig": { + "AWS::KinesisFirehose::DeliveryStream.SnowflakeRetryOptions": { "additionalProperties": false, "properties": { - "Source": { - "markdownDescription": "Identifies the source for the timecode that will be associated with the channel outputs. Embedded (embedded): Initialize the output timecode with timecode from the source. If no embedded timecode is detected in the source, the system falls back to using \"Start at 0\" (zerobased). System Clock (systemclock): Use the UTC time. Start at 0 (zerobased): The time of the first frame of the channel will be 00:00:00:00.", - "title": "Source", - "type": "string" - }, - "SyncThreshold": { - "markdownDescription": "The threshold in frames beyond which output timecode is resynchronized to the input timecode. Discrepancies below this threshold are permitted to avoid unnecessary discontinuities in the output timecode. There is no timecode sync when this is not specified.", - "title": "SyncThreshold", + "DurationInSeconds": { + "markdownDescription": "the time period where Firehose will retry sending data to the chosen HTTP endpoint.", + "title": "DurationInSeconds", "type": "number" } }, "type": "object" }, - "AWS::MediaLive::Channel.TtmlDestinationSettings": { - "additionalProperties": false, - "properties": { - "StyleControl": { - "markdownDescription": "When set to passthrough, passes through style and position information from a TTML-like input source (TTML, SMPTE-TT, CFF-TT) to the CFF-TT output or TTML output.", - "title": "StyleControl", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.UdpContainerSettings": { - "additionalProperties": false, - "properties": { - "M2tsSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.M2tsSettings", - "markdownDescription": "The M2TS configuration for this UDP output.", - "title": "M2tsSettings" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.UdpGroupSettings": { + "AWS::KinesisFirehose::DeliveryStream.SnowflakeRoleConfiguration": { "additionalProperties": false, "properties": { - "InputLossAction": { - "markdownDescription": "Specifies the behavior of the last resort when the input video is lost, and no more backup inputs are available. When dropTs is selected, the entire transport stream stops emitting. When dropProgram is selected, the program can be dropped from the transport stream (and replaced with null packets to meet the TS bitrate requirement). Or when emitProgram is selected, the transport stream continues to be produced normally with repeat frames, black frames, or slate frames substituted for the absent input video.", - "title": "InputLossAction", - "type": "string" + "Enabled": { + "markdownDescription": "Enable Snowflake role", + "title": "Enabled", + "type": "boolean" }, - "TimedMetadataId3Frame": { - "markdownDescription": "Indicates the ID3 frame that has the timecode.", - "title": "TimedMetadataId3Frame", + "SnowflakeRole": { + "markdownDescription": "The Snowflake role you wish to configure", + "title": "SnowflakeRole", "type": "string" - }, - "TimedMetadataId3Period": { - "markdownDescription": "The timed metadata interval in seconds.", - "title": "TimedMetadataId3Period", - "type": "number" } }, "type": "object" }, - "AWS::MediaLive::Channel.UdpOutputSettings": { + "AWS::KinesisFirehose::DeliveryStream.SnowflakeVpcConfiguration": { "additionalProperties": false, "properties": { - "BufferMsec": { - "markdownDescription": "The UDP output buffering in milliseconds. Larger values increase latency through the transcoder but simultaneously assist the transcoder in maintaining a constant, low-jitter UDP/RTP output while accommodating clock recovery, input switching, input disruptions, picture reordering, and so on.", - "title": "BufferMsec", - "type": "number" - }, - "ContainerSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.UdpContainerSettings", - "markdownDescription": "The settings for the UDP output.", - "title": "ContainerSettings" - }, - "Destination": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", - "markdownDescription": "The destination address and port number for RTP or UDP packets. These can be unicast or multicast RTP or UDP (for example, rtp://239.10.10.10:5001 or udp://10.100.100.100:5002).", - "title": "Destination" - }, - "FecOutputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.FecOutputSettings", - "markdownDescription": "The settings for enabling and adjusting Forward Error Correction on UDP outputs.", - "title": "FecOutputSettings" + "PrivateLinkVpceId": { + "markdownDescription": "The VPCE ID for Firehose to privately connect with Snowflake. The ID format is com.amazonaws.vpce.[region].vpce-svc-<[id]>. For more information, see [Amazon PrivateLink & Snowflake](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/admin-security-privatelink)", + "title": "PrivateLinkVpceId", + "type": "string" } }, + "required": [ + "PrivateLinkVpceId" + ], "type": "object" }, - "AWS::MediaLive::Channel.VideoBlackFailoverSettings": { + "AWS::KinesisFirehose::DeliveryStream.SplunkBufferingHints": { "additionalProperties": false, "properties": { - "BlackDetectThreshold": { - "markdownDescription": "A value used in calculating the threshold below which MediaLive considers a pixel to be 'black'. For the input to be considered black, every pixel in a frame must be below this threshold. The threshold is calculated as a percentage (expressed as a decimal) of white. Therefore .1 means 10% white (or 90% black). Note how the formula works for any color depth. For example, if you set this field to 0.1 in 10-bit color depth: (1023*0.1=102.3), which means a pixel value of 102 or less is 'black'. If you set this field to .1 in an 8-bit color depth: (255*0.1=25.5), which means a pixel value of 25 or less is 'black'. The range is 0.0 to 1.0, with any number of decimal places.", - "title": "BlackDetectThreshold", + "IntervalInSeconds": { + "markdownDescription": "Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 60 (1 minute).", + "title": "IntervalInSeconds", "type": "number" }, - "VideoBlackThresholdMsec": { - "markdownDescription": "The amount of time (in milliseconds) that the active input must be black before automatic input failover occurs.", - "title": "VideoBlackThresholdMsec", + "SizeInMBs": { + "markdownDescription": "Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 5.", + "title": "SizeInMBs", "type": "number" } }, "type": "object" }, - "AWS::MediaLive::Channel.VideoCodecSettings": { + "AWS::KinesisFirehose::DeliveryStream.SplunkDestinationConfiguration": { "additionalProperties": false, "properties": { - "FrameCaptureSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.FrameCaptureSettings", - "markdownDescription": "The settings for the video codec in a frame capture output.", - "title": "FrameCaptureSettings" - }, - "H264Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.H264Settings", - "markdownDescription": "The settings for the H.264 codec in the output.", - "title": "H264Settings" - }, - "H265Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.H265Settings", - "markdownDescription": "Settings for video encoded with the H265 codec.", - "title": "H265Settings" + "BufferingHints": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SplunkBufferingHints", + "markdownDescription": "The buffering options. If no value is specified, the default values for Splunk are used.", + "title": "BufferingHints" }, - "Mpeg2Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Mpeg2Settings", - "markdownDescription": "Settings for video encoded with the MPEG-2 codec.", - "title": "Mpeg2Settings" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.VideoDescription": { - "additionalProperties": false, - "properties": { - "CodecSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.VideoCodecSettings", - "markdownDescription": "The video codec settings.", - "title": "CodecSettings" + "CloudWatchLoggingOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", + "markdownDescription": "The Amazon CloudWatch logging options for your Firehose stream.", + "title": "CloudWatchLoggingOptions" }, - "Height": { - "markdownDescription": "The output video height, in pixels. This must be an even number. For most codecs, you can keep this field and width blank in order to use the height and width (resolution) from the source. Note that we don't recommend keeping the field blank. For the Frame Capture codec, height and width are required.", - "title": "Height", + "HECAcknowledgmentTimeoutInSeconds": { + "markdownDescription": "The amount of time that Firehose waits to receive an acknowledgment from Splunk after it sends it data. At the end of the timeout period, Firehose either tries to send the data again or considers it an error, based on your retry settings.", + "title": "HECAcknowledgmentTimeoutInSeconds", "type": "number" }, - "Name": { - "markdownDescription": "The name of this VideoDescription. Outputs use this name to uniquely identify this description. Description names should be unique within this channel.", - "title": "Name", + "HECEndpoint": { + "markdownDescription": "The HTTP Event Collector (HEC) endpoint to which Firehose sends your data.", + "title": "HECEndpoint", "type": "string" }, - "RespondToAfd": { - "markdownDescription": "Indicates how to respond to the AFD values in the input stream. RESPOND causes input video to be clipped, depending on the AFD value, input display aspect ratio, and output display aspect ratio, and (except for the FRAMECAPTURE codec) includes the values in the output. PASSTHROUGH (does not apply to FRAMECAPTURE codec) ignores the AFD values and includes the values in the output, so input video is not clipped. NONE ignores the AFD values and does not include the values through to the output, so input video is not clipped.", - "title": "RespondToAfd", + "HECEndpointType": { + "markdownDescription": "This type can be either `Raw` or `Event` .", + "title": "HECEndpointType", "type": "string" }, - "ScalingBehavior": { - "markdownDescription": "STRETCHTOOUTPUT configures the output position to stretch the video to the specified output resolution (height and width). This option overrides any position value. DEFAULT might insert black boxes (pillar boxes or letter boxes) around the video to provide the specified output resolution.", - "title": "ScalingBehavior", + "HECToken": { + "markdownDescription": "This is a GUID that you obtain from your Splunk cluster when you create a new HEC endpoint.", + "title": "HECToken", "type": "string" }, - "Sharpness": { - "markdownDescription": "Changes the strength of the anti-alias filter used for scaling. 0 is the softest setting, and 100 is the sharpest. We recommend a setting of 50 for most content.", - "title": "Sharpness", - "type": "number" - }, - "Width": { - "markdownDescription": "The output video width, in pixels. It must be an even number. For most codecs, you can keep this field and height blank in order to use the height and width (resolution) from the source. Note that we don't recommend keeping the field blank. For the Frame Capture codec, height and width are required.", - "title": "Width", - "type": "number" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.VideoSelector": { - "additionalProperties": false, - "properties": { - "ColorSpace": { - "markdownDescription": "Specifies the color space of an input. This setting works in tandem with colorSpaceConversion to determine if MediaLive will perform any conversion.", - "title": "ColorSpace", - "type": "string" + "ProcessingConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", + "markdownDescription": "The data processing configuration.", + "title": "ProcessingConfiguration" }, - "ColorSpaceSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.VideoSelectorColorSpaceSettings", - "markdownDescription": "Settings to configure color space settings in the incoming video.", - "title": "ColorSpaceSettings" + "RetryOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SplunkRetryOptions", + "markdownDescription": "The retry behavior in case Firehose is unable to deliver data to Splunk, or if it doesn't receive an acknowledgment of receipt from Splunk.", + "title": "RetryOptions" }, - "ColorSpaceUsage": { - "markdownDescription": "Applies only if colorSpace is a value other than Follow. This field controls how the value in the colorSpace field is used. Fallback means that when the input does include color space data, that data is used, but when the input has no color space data, the value in colorSpace is used. Choose fallback if your input is sometimes missing color space data, but when it does have color space data, that data is correct. Force means to always use the value in colorSpace. Choose force if your input usually has no color space data or might have unreliable color space data.", - "title": "ColorSpaceUsage", + "S3BackupMode": { + "markdownDescription": "Defines how documents should be delivered to Amazon S3. When set to `FailedEventsOnly` , Firehose writes any data that could not be indexed to the configured Amazon S3 destination. When set to `AllEvents` , Firehose delivers all incoming records to Amazon S3, and also writes failed documents to Amazon S3. The default value is `FailedEventsOnly` .\n\nYou can update this backup mode from `FailedEventsOnly` to `AllEvents` . You can't update it from `AllEvents` to `FailedEventsOnly` .", + "title": "S3BackupMode", "type": "string" }, - "SelectorSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.VideoSelectorSettings", - "markdownDescription": "Information about the video to select from the content.", - "title": "SelectorSettings" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.VideoSelectorColorSpaceSettings": { - "additionalProperties": false, - "properties": { - "Hdr10Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Hdr10Settings", - "markdownDescription": "Settings to configure color space settings in the incoming video.", - "title": "Hdr10Settings" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.VideoSelectorPid": { - "additionalProperties": false, - "properties": { - "Pid": { - "markdownDescription": "Selects a specific PID from within a video source.", - "title": "Pid", - "type": "number" + "S3Configuration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", + "markdownDescription": "The configuration for the backup Amazon S3 location.", + "title": "S3Configuration" + }, + "SecretsManagerConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SecretsManagerConfiguration", + "markdownDescription": "The configuration that defines how you access secrets for Splunk.", + "title": "SecretsManagerConfiguration" } }, + "required": [ + "HECEndpoint", + "HECEndpointType", + "S3Configuration" + ], "type": "object" }, - "AWS::MediaLive::Channel.VideoSelectorProgramId": { + "AWS::KinesisFirehose::DeliveryStream.SplunkRetryOptions": { "additionalProperties": false, "properties": { - "ProgramId": { - "markdownDescription": "Selects a specific program from within a multi-program transport stream. If the program doesn't exist, MediaLive selects the first program within the transport stream by default.", - "title": "ProgramId", + "DurationInSeconds": { + "markdownDescription": "The total amount of time that Firehose spends on retries. This duration starts after the initial attempt to send data to Splunk fails. It doesn't include the periods during which Firehose waits for acknowledgment from Splunk after each attempt.", + "title": "DurationInSeconds", "type": "number" } }, "type": "object" }, - "AWS::MediaLive::Channel.VideoSelectorSettings": { + "AWS::KinesisFirehose::DeliveryStream.TableCreationConfiguration": { "additionalProperties": false, "properties": { - "VideoSelectorPid": { - "$ref": "#/definitions/AWS::MediaLive::Channel.VideoSelectorPid", - "markdownDescription": "Used to extract video by PID.", - "title": "VideoSelectorPid" - }, - "VideoSelectorProgramId": { - "$ref": "#/definitions/AWS::MediaLive::Channel.VideoSelectorProgramId", - "markdownDescription": "Used to extract video by program ID.", - "title": "VideoSelectorProgramId" + "Enabled": { + "markdownDescription": "Specify whether you want to enable automatic table creation.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "Enabled", + "type": "boolean" } }, "type": "object" }, - "AWS::MediaLive::Channel.VpcOutputSettings": { + "AWS::KinesisFirehose::DeliveryStream.VpcConfiguration": { "additionalProperties": false, "properties": { - "PublicAddressAllocationIds": { - "items": { - "type": "string" - }, - "markdownDescription": "List of public address allocation IDs to associate with ENIs that will be created in Output VPC. Must specify one for SINGLE_PIPELINE, two for STANDARD channels", - "title": "PublicAddressAllocationIds", - "type": "array" + "RoleARN": { + "markdownDescription": "The ARN of the IAM role that you want the delivery stream to use to create endpoints in the destination VPC. You can use your existing Kinesis Data Firehose delivery role or you can specify a new role. In either case, make sure that the role trusts the Kinesis Data Firehose service principal and that it grants the following permissions:\n\n- `ec2:DescribeVpcs`\n- `ec2:DescribeVpcAttribute`\n- `ec2:DescribeSubnets`\n- `ec2:DescribeSecurityGroups`\n- `ec2:DescribeNetworkInterfaces`\n- `ec2:CreateNetworkInterface`\n- `ec2:CreateNetworkInterfacePermission`\n- `ec2:DeleteNetworkInterface`\n\nIf you revoke these permissions after you create the delivery stream, Kinesis Data Firehose can't scale out by creating more ENIs when necessary. You might therefore see a degradation in performance.", + "title": "RoleARN", + "type": "string" }, "SecurityGroupIds": { "items": { "type": "string" }, - "markdownDescription": "A list of up to 5 EC2 VPC security group IDs to attach to the Output VPC network interfaces.\nIf none are specified then the VPC default security group will be used", + "markdownDescription": "The IDs of the security groups that you want Kinesis Data Firehose to use when it creates ENIs in the VPC of the Amazon ES destination. You can use the same security group that the Amazon ES domain uses or different ones. If you specify different security groups here, ensure that they allow outbound HTTPS traffic to the Amazon ES domain's security group. Also ensure that the Amazon ES domain's security group allows HTTPS traffic from the security groups specified here. If you use the same security group for both your delivery stream and the Amazon ES domain, make sure the security group inbound rule allows HTTPS traffic.", "title": "SecurityGroupIds", "type": "array" }, @@ -161123,46 +167080,19 @@ "items": { "type": "string" }, - "markdownDescription": "A list of VPC subnet IDs from the same VPC.\nIf STANDARD channel, subnet IDs must be mapped to two unique availability zones (AZ).", + "markdownDescription": "The IDs of the subnets that Kinesis Data Firehose uses to create ENIs in the VPC of the Amazon ES destination. Make sure that the routing tables and inbound and outbound rules allow traffic to flow from the subnets whose IDs are specified here to the subnets that have the destination Amazon ES endpoints. Kinesis Data Firehose creates at least one ENI in each of the subnets that are specified here. Do not delete or modify these ENIs.\n\nThe number of ENIs that Kinesis Data Firehose creates in the subnets specified here scales up and down automatically based on throughput. To enable Kinesis Data Firehose to scale up the number of ENIs to match throughput, ensure that you have sufficient quota. To help you calculate the quota you need, assume that Kinesis Data Firehose can create up to three ENIs for this delivery stream for each of the subnets specified here.", "title": "SubnetIds", "type": "array" } }, + "required": [ + "RoleARN", + "SecurityGroupIds", + "SubnetIds" + ], "type": "object" }, - "AWS::MediaLive::Channel.WavSettings": { - "additionalProperties": false, - "properties": { - "BitDepth": { - "markdownDescription": "Bits per sample.", - "title": "BitDepth", - "type": "number" - }, - "CodingMode": { - "markdownDescription": "The audio coding mode for the WAV audio. The mode determines the number of channels in the audio.", - "title": "CodingMode", - "type": "string" - }, - "SampleRate": { - "markdownDescription": "Sample rate in Hz.", - "title": "SampleRate", - "type": "number" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.WebvttDestinationSettings": { - "additionalProperties": false, - "properties": { - "StyleControl": { - "markdownDescription": "Controls whether the color and position of the source captions is passed through to the WebVTT output captions. PASSTHROUGH - Valid only if the source captions are EMBEDDED or TELETEXT. NO_STYLE_DATA - Don't pass through the style. The output captions will not contain any font styling information.", - "title": "StyleControl", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaLive::Input": { + "AWS::KinesisVideo::SignalingChannel": { "additionalProperties": false, "properties": { "Condition": { @@ -161197,77 +167127,35 @@ "Properties": { "additionalProperties": false, "properties": { - "Destinations": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Input.InputDestinationRequest" - }, - "markdownDescription": "Settings that apply only if the input is a push type of input.", - "title": "Destinations", - "type": "array" - }, - "InputDevices": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Input.InputDeviceSettings" - }, - "markdownDescription": "Settings that apply only if the input is an Elemental Link input.", - "title": "InputDevices", - "type": "array" - }, - "InputSecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of input security groups (referenced by IDs) to attach to the input if the input is a push type.", - "title": "InputSecurityGroups", - "type": "array" - }, - "MediaConnectFlows": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Input.MediaConnectFlowRequest" - }, - "markdownDescription": "Settings that apply only if the input is a MediaConnect input.", - "title": "MediaConnectFlows", - "type": "array" + "MessageTtlSeconds": { + "markdownDescription": "The period of time (in seconds) a signaling channel retains undelivered messages before they are discarded. Use `API_UpdateSignalingChannel` to update this value.", + "title": "MessageTtlSeconds", + "type": "number" }, "Name": { - "markdownDescription": "A name for the input.", + "markdownDescription": "A name for the signaling channel that you are creating. It must be unique for each AWS account and AWS Region .", "title": "Name", "type": "string" }, - "RoleArn": { - "markdownDescription": "The IAM role for MediaLive to assume when creating a MediaConnect input or Amazon VPC input. This doesn't apply to other types of inputs. The role is identified by its ARN.", - "title": "RoleArn", - "type": "string" - }, - "Sources": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::MediaLive::Input.InputSourceRequest" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "Settings that apply only if the input is a pull type of input.", - "title": "Sources", - "type": "array" - }, - "Tags": { - "markdownDescription": "A collection of tags for this input. Each tag is a key-value pair.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", - "type": "object" + "type": "array" }, "Type": { - "markdownDescription": "The type for this input.", + "markdownDescription": "A type of the signaling channel that you are creating. Currently, `SINGLE_MASTER` is the only supported channel type.", "title": "Type", "type": "string" - }, - "Vpc": { - "$ref": "#/definitions/AWS::MediaLive::Input.InputVpcRequest", - "markdownDescription": "Settings that apply only if the input is an push input where the source is on Amazon VPC.", - "title": "Vpc" } }, "type": "object" }, "Type": { "enum": [ - "AWS::MediaLive::Input" + "AWS::KinesisVideo::SignalingChannel" ], "type": "string" }, @@ -161285,92 +167173,7 @@ ], "type": "object" }, - "AWS::MediaLive::Input.InputDestinationRequest": { - "additionalProperties": false, - "properties": { - "StreamName": { - "markdownDescription": "The stream name (application name/application instance) for the location the RTMP source content will be pushed to in MediaLive.", - "title": "StreamName", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaLive::Input.InputDeviceRequest": { - "additionalProperties": false, - "properties": { - "Id": { - "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaLive::Input.InputDeviceSettings": { - "additionalProperties": false, - "properties": { - "Id": { - "markdownDescription": "The unique ID for the device.", - "title": "Id", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaLive::Input.InputSourceRequest": { - "additionalProperties": false, - "properties": { - "PasswordParam": { - "markdownDescription": "The password parameter that holds the password for accessing the upstream system. The password parameter applies only if the upstream system requires credentials.", - "title": "PasswordParam", - "type": "string" - }, - "Url": { - "markdownDescription": "For a pull input, the URL where MediaLive pulls the source content from.", - "title": "Url", - "type": "string" - }, - "Username": { - "markdownDescription": "The user name to connect to the upstream system. The user name applies only if the upstream system requires credentials.", - "title": "Username", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaLive::Input.InputVpcRequest": { - "additionalProperties": false, - "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of up to five VPC security group IDs to attach to the input VPC network interfaces. The security groups require subnet IDs. If none are specified, MediaLive uses the VPC default security group.", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of two VPC subnet IDs from the same VPC. You must associate subnet IDs to two unique Availability Zones.", - "title": "SubnetIds", - "type": "array" - } - }, - "type": "object" - }, - "AWS::MediaLive::Input.MediaConnectFlowRequest": { - "additionalProperties": false, - "properties": { - "FlowArn": { - "markdownDescription": "The ARN of one or two MediaConnect flows that are the sources for this MediaConnect input.", - "title": "FlowArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaLive::InputSecurityGroup": { + "AWS::KinesisVideo::Stream": { "additionalProperties": false, "properties": { "Condition": { @@ -161405,17 +167208,37 @@ "Properties": { "additionalProperties": false, "properties": { - "Tags": { - "markdownDescription": "A collection of tags for this input security group. Each tag is a key-value pair.", - "title": "Tags", - "type": "object" + "DataRetentionInHours": { + "markdownDescription": "How long the stream retains data, in hours.", + "title": "DataRetentionInHours", + "type": "number" }, - "WhitelistRules": { + "DeviceName": { + "markdownDescription": "The name of the device that is associated with the stream.", + "title": "DeviceName", + "type": "string" + }, + "KmsKeyId": { + "markdownDescription": "The ID of the AWS Key Management Service ( AWS KMS ) key that Kinesis Video Streams uses to encrypt data on the stream.", + "title": "KmsKeyId", + "type": "string" + }, + "MediaType": { + "markdownDescription": "The `MediaType` of the stream.", + "title": "MediaType", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the stream.", + "title": "Name", + "type": "string" + }, + "Tags": { "items": { - "$ref": "#/definitions/AWS::MediaLive::InputSecurityGroup.InputWhitelistRuleCidr" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The list of IPv4 CIDR addresses to include in the input security group as \"allowed\" addresses.", - "title": "WhitelistRules", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", "type": "array" } }, @@ -161423,7 +167246,7 @@ }, "Type": { "enum": [ - "AWS::MediaLive::InputSecurityGroup" + "AWS::KinesisVideo::Stream" ], "type": "string" }, @@ -161441,18 +167264,7 @@ ], "type": "object" }, - "AWS::MediaLive::InputSecurityGroup.InputWhitelistRuleCidr": { - "additionalProperties": false, - "properties": { - "Cidr": { - "markdownDescription": "An IPv4 CIDR range to include in this input security group.", - "title": "Cidr", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaLive::Multiplex": { + "AWS::LakeFormation::DataCellsFilter": { "additionalProperties": false, "properties": { "Condition": { @@ -161487,51 +167299,56 @@ "Properties": { "additionalProperties": false, "properties": { - "AvailabilityZones": { + "ColumnNames": { "items": { "type": "string" }, - "markdownDescription": "A list of availability zones for the multiplex.", - "title": "AvailabilityZones", + "markdownDescription": "An array of UTF-8 strings. A list of column names.", + "title": "ColumnNames", "type": "array" }, - "Destinations": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Multiplex.MultiplexOutputDestination" - }, - "markdownDescription": "A list of the multiplex output destinations.", - "title": "Destinations", - "type": "array" + "ColumnWildcard": { + "$ref": "#/definitions/AWS::LakeFormation::DataCellsFilter.ColumnWildcard", + "markdownDescription": "A wildcard with exclusions. You must specify either a `ColumnNames` list or the `ColumnWildCard` .", + "title": "ColumnWildcard" }, - "MultiplexSettings": { - "$ref": "#/definitions/AWS::MediaLive::Multiplex.MultiplexSettings", - "markdownDescription": "Configuration for a multiplex event.", - "title": "MultiplexSettings" + "DatabaseName": { + "markdownDescription": "UTF-8 string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html) .\n\nA database in the Data Catalog .", + "title": "DatabaseName", + "type": "string" }, "Name": { - "markdownDescription": "The name of the multiplex.", + "markdownDescription": "UTF-8 string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html) .\n\nThe name given by the user to the data filter cell.", "title": "Name", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Multiplex.Tags" - }, - "markdownDescription": "A collection of key-value pairs.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "AvailabilityZones", - "MultiplexSettings", - "Name" + "RowFilter": { + "$ref": "#/definitions/AWS::LakeFormation::DataCellsFilter.RowFilter", + "markdownDescription": "A PartiQL predicate.", + "title": "RowFilter" + }, + "TableCatalogId": { + "markdownDescription": "Catalog id string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html) .\n\nThe ID of the catalog to which the table belongs.", + "title": "TableCatalogId", + "type": "string" + }, + "TableName": { + "markdownDescription": "UTF-8 string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html) .\n\nA table in the database.", + "title": "TableName", + "type": "string" + } + }, + "required": [ + "DatabaseName", + "Name", + "TableCatalogId", + "TableName" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaLive::Multiplex" + "AWS::LakeFormation::DataCellsFilter" ], "type": "string" }, @@ -161550,75 +167367,37 @@ ], "type": "object" }, - "AWS::MediaLive::Multiplex.MultiplexMediaConnectOutputDestinationSettings": { - "additionalProperties": false, - "properties": { - "EntitlementArn": { - "markdownDescription": "The MediaConnect entitlement ARN available as a Flow source.", - "title": "EntitlementArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaLive::Multiplex.MultiplexOutputDestination": { - "additionalProperties": false, - "properties": { - "MultiplexMediaConnectOutputDestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Multiplex.MultiplexMediaConnectOutputDestinationSettings", - "markdownDescription": "", - "title": "MultiplexMediaConnectOutputDestinationSettings" - } - }, - "type": "object" - }, - "AWS::MediaLive::Multiplex.MultiplexSettings": { + "AWS::LakeFormation::DataCellsFilter.ColumnWildcard": { "additionalProperties": false, "properties": { - "MaximumVideoBufferDelayMilliseconds": { - "markdownDescription": "Maximum video buffer delay in milliseconds.", - "title": "MaximumVideoBufferDelayMilliseconds", - "type": "number" - }, - "TransportStreamBitrate": { - "markdownDescription": "Transport stream bit rate.", - "title": "TransportStreamBitrate", - "type": "number" - }, - "TransportStreamId": { - "markdownDescription": "Transport stream ID.", - "title": "TransportStreamId", - "type": "number" - }, - "TransportStreamReservedBitrate": { - "markdownDescription": "Transport stream reserved bit rate.", - "title": "TransportStreamReservedBitrate", - "type": "number" + "ExcludedColumnNames": { + "items": { + "type": "string" + }, + "markdownDescription": "Excludes column names. Any column with this name will be excluded.", + "title": "ExcludedColumnNames", + "type": "array" } }, - "required": [ - "TransportStreamBitrate", - "TransportStreamId" - ], "type": "object" }, - "AWS::MediaLive::Multiplex.Tags": { + "AWS::LakeFormation::DataCellsFilter.RowFilter": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "", - "title": "Key", - "type": "string" + "AllRowsWildcard": { + "markdownDescription": "A wildcard for all rows.", + "title": "AllRowsWildcard", + "type": "object" }, - "Value": { - "markdownDescription": "", - "title": "Value", + "FilterExpression": { + "markdownDescription": "A filter expression.", + "title": "FilterExpression", "type": "string" } }, "type": "object" }, - "AWS::MediaLive::Multiplexprogram": { + "AWS::LakeFormation::DataLakeSettings": { "additionalProperties": false, "properties": { "Condition": { @@ -161653,48 +167432,68 @@ "Properties": { "additionalProperties": false, "properties": { - "ChannelId": { - "type": "string" - }, - "MultiplexId": { - "markdownDescription": "The unique id of the multiplex.", - "title": "MultiplexId", - "type": "string" + "Admins": { + "$ref": "#/definitions/AWS::LakeFormation::DataLakeSettings.Admins", + "markdownDescription": "A list of AWS Lake Formation principals.", + "title": "Admins" }, - "MultiplexProgramSettings": { - "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram.MultiplexProgramSettings", - "markdownDescription": "Multiplex Program settings configuration.", - "title": "MultiplexProgramSettings" + "AllowExternalDataFiltering": { + "markdownDescription": "Whether to allow Amazon EMR clusters or other third-party query engines to access data managed by Lake Formation .\n\nIf set to true, you allow Amazon EMR clusters or other third-party engines to access data in Amazon S3 locations that are registered with Lake Formation .\n\nIf false or null, no third-party query engines will be able to access data in Amazon S3 locations that are registered with Lake Formation.\n\nFor more information, see [External data filtering setting](https://docs.aws.amazon.com/lake-formation/latest/dg/initial-LF-setup.html#external-data-filter) .", + "title": "AllowExternalDataFiltering", + "type": "boolean" }, - "PacketIdentifiersMap": { - "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram.MultiplexProgramPacketIdentifiersMap", - "markdownDescription": "", - "title": "PacketIdentifiersMap" + "AllowFullTableExternalDataAccess": { + "markdownDescription": "Specifies whether query engines and applications can get credentials without IAM session tags if the user has full table access. It provides query engines and applications performance benefits as well as simplifies data access. Amazon EMR on Amazon EC2 is able to leverage this setting.\n\nFor more information, see [](https://docs.aws.amazon.com/lake-formation/latest/dg/using-cred-vending.html)", + "title": "AllowFullTableExternalDataAccess", + "type": "boolean" }, - "PipelineDetails": { + "AuthorizedSessionTagValueList": { "items": { - "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram.MultiplexProgramPipelineDetail" + "type": "string" }, - "markdownDescription": "", - "title": "PipelineDetails", + "markdownDescription": "Lake Formation relies on a privileged process secured by Amazon EMR or the third party integrator to tag the user's role while assuming it. Lake Formation will publish the acceptable key-value pair, for example key = \"LakeFormationTrustedCaller\" and value = \"TRUE\" and the third party integrator must properly tag the temporary security credentials that will be used to call Lake Formation 's administrative API operations.", + "title": "AuthorizedSessionTagValueList", "type": "array" }, - "PreferredChannelPipeline": { - "markdownDescription": "Indicates which pipeline is preferred by the multiplex for program ingest.\nIf set to \\\"PIPELINE_0\\\" or \\\"PIPELINE_1\\\" and an unhealthy ingest causes the multiplex to switch to the non-preferred pipeline,\nit will switch back once that ingest is healthy again. If set to \\\"CURRENTLY_ACTIVE\\\",\nit will not switch back to the other pipeline based on it recovering to a healthy state,\nit will only switch if the active pipeline becomes unhealthy.", - "title": "PreferredChannelPipeline", - "type": "string" + "CreateDatabaseDefaultPermissions": { + "$ref": "#/definitions/AWS::LakeFormation::DataLakeSettings.CreateDatabaseDefaultPermissions", + "markdownDescription": "Specifies whether access control on a newly created database is managed by Lake Formation permissions or exclusively by IAM permissions.\n\nA null value indicates that the access is controlled by Lake Formation permissions. `ALL` permissions assigned to `IAM_ALLOWED_PRINCIPALS` group indicates that the user's IAM permissions determine the access to the database. This is referred to as the setting \"Use only IAM access control,\" and is to support backward compatibility with the AWS Glue permission model implemented by IAM permissions.\n\nThe only permitted values are an empty array or an array that contains a single JSON object that grants `ALL` to `IAM_ALLOWED_PRINCIPALS` .\n\nFor more information, see [Changing the default security settings for your data lake](https://docs.aws.amazon.com/lake-formation/latest/dg/change-settings.html) .", + "title": "CreateDatabaseDefaultPermissions" }, - "ProgramName": { - "markdownDescription": "", - "title": "ProgramName", + "CreateTableDefaultPermissions": { + "$ref": "#/definitions/AWS::LakeFormation::DataLakeSettings.CreateTableDefaultPermissions", + "markdownDescription": "Specifies whether access control on a newly created table is managed by Lake Formation permissions or exclusively by IAM permissions.\n\nA null value indicates that the access is controlled by Lake Formation permissions. `ALL` permissions assigned to `IAM_ALLOWED_PRINCIPALS` group indicate that the user's IAM permissions determine the access to the table. This is referred to as the setting \"Use only IAM access control,\" and is to support the backward compatibility with the AWS Glue permission model implemented by IAM permissions.\n\nThe only permitted values are an empty array or an array that contains a single JSON object that grants `ALL` permissions to `IAM_ALLOWED_PRINCIPALS` .\n\nFor more information, see [Changing the default security settings for your data lake](https://docs.aws.amazon.com/lake-formation/latest/dg/change-settings.html) .", + "title": "CreateTableDefaultPermissions" + }, + "ExternalDataFilteringAllowList": { + "$ref": "#/definitions/AWS::LakeFormation::DataLakeSettings.ExternalDataFilteringAllowList", + "markdownDescription": "A list of the account IDs of AWS accounts with Amazon EMR clusters or third-party engines that are allwed to perform data filtering.", + "title": "ExternalDataFilteringAllowList" + }, + "MutationType": { + "markdownDescription": "Specifies whether the data lake settings are updated by adding new values to the current settings ( `APPEND` ) or by replacing the current settings with new settings ( `REPLACE` ).\n\n> If you choose `REPLACE` , your current data lake settings will be replaced with the new values in your template.", + "title": "MutationType", "type": "string" + }, + "Parameters": { + "markdownDescription": "A key-value map that provides an additional configuration on your data lake. `CrossAccountVersion` is the key you can configure in the `Parameters` field. Accepted values for the `CrossAccountVersion` key are 1, 2, 3, and 4.", + "title": "Parameters", + "type": "object" + }, + "TrustedResourceOwners": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of UTF-8 strings.\n\nA list of the resource-owning account IDs that the caller's account can use to share their user access details (user ARNs). The user ARNs can be logged in the resource owner's CloudTrail log. You may want to specify this property when you are in a high-trust boundary, such as the same team or company.", + "title": "TrustedResourceOwners", + "type": "array" } }, "type": "object" }, "Type": { "enum": [ - "AWS::MediaLive::Multiplexprogram" + "AWS::LakeFormation::DataLakeSettings" ], "type": "string" }, @@ -161712,192 +167511,64 @@ ], "type": "object" }, - "AWS::MediaLive::Multiplexprogram.MultiplexProgramPacketIdentifiersMap": { + "AWS::LakeFormation::DataLakeSettings.Admins": { "additionalProperties": false, - "properties": { - "AudioPids": { - "items": { - "type": "number" - }, - "markdownDescription": "", - "title": "AudioPids", - "type": "array" - }, - "DvbSubPids": { - "items": { - "type": "number" - }, - "markdownDescription": "", - "title": "DvbSubPids", - "type": "array" - }, - "DvbTeletextPid": { - "markdownDescription": "", - "title": "DvbTeletextPid", - "type": "number" - }, - "EtvPlatformPid": { - "markdownDescription": "", - "title": "EtvPlatformPid", - "type": "number" - }, - "EtvSignalPid": { - "markdownDescription": "", - "title": "EtvSignalPid", - "type": "number" - }, - "KlvDataPids": { - "items": { - "type": "number" - }, - "markdownDescription": "", - "title": "KlvDataPids", - "type": "array" - }, - "PcrPid": { - "markdownDescription": "", - "title": "PcrPid", - "type": "number" - }, - "PmtPid": { - "markdownDescription": "", - "title": "PmtPid", - "type": "number" - }, - "PrivateMetadataPid": { - "markdownDescription": "", - "title": "PrivateMetadataPid", - "type": "number" - }, - "Scte27Pids": { - "items": { - "type": "number" - }, - "markdownDescription": "", - "title": "Scte27Pids", - "type": "array" - }, - "Scte35Pid": { - "markdownDescription": "", - "title": "Scte35Pid", - "type": "number" - }, - "TimedMetadataPid": { - "markdownDescription": "", - "title": "TimedMetadataPid", - "type": "number" - }, - "VideoPid": { - "markdownDescription": "", - "title": "VideoPid", - "type": "number" - } - }, + "properties": {}, "type": "object" }, - "AWS::MediaLive::Multiplexprogram.MultiplexProgramPipelineDetail": { + "AWS::LakeFormation::DataLakeSettings.CreateDatabaseDefaultPermissions": { "additionalProperties": false, - "properties": { - "ActiveChannelPipeline": { - "markdownDescription": "Identifies the channel pipeline that is currently active for the pipeline (identified by PipelineId) in the multiplex.", - "title": "ActiveChannelPipeline", - "type": "string" - }, - "PipelineId": { - "markdownDescription": "Identifies a specific pipeline in the multiplex.", - "title": "PipelineId", - "type": "string" - } - }, + "properties": {}, "type": "object" }, - "AWS::MediaLive::Multiplexprogram.MultiplexProgramServiceDescriptor": { + "AWS::LakeFormation::DataLakeSettings.CreateTableDefaultPermissions": { "additionalProperties": false, - "properties": { - "ProviderName": { - "markdownDescription": "Name of the provider.", - "title": "ProviderName", - "type": "string" - }, - "ServiceName": { - "markdownDescription": "Name of the service.", - "title": "ServiceName", - "type": "string" - } - }, - "required": [ - "ProviderName", - "ServiceName" - ], + "properties": {}, "type": "object" }, - "AWS::MediaLive::Multiplexprogram.MultiplexProgramSettings": { + "AWS::LakeFormation::DataLakeSettings.DataLakePrincipal": { "additionalProperties": false, "properties": { - "PreferredChannelPipeline": { - "markdownDescription": "Indicates which pipeline is preferred by the multiplex for program ingest.", - "title": "PreferredChannelPipeline", + "DataLakePrincipalIdentifier": { + "markdownDescription": "An identifier for the Lake Formation principal.", + "title": "DataLakePrincipalIdentifier", "type": "string" - }, - "ProgramNumber": { - "markdownDescription": "Unique program number.", - "title": "ProgramNumber", - "type": "number" - }, - "ServiceDescriptor": { - "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram.MultiplexProgramServiceDescriptor", - "markdownDescription": "Transport stream service descriptor configuration for the Multiplex program.", - "title": "ServiceDescriptor" - }, - "VideoSettings": { - "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram.MultiplexVideoSettings", - "markdownDescription": "Program video settings configuration.", - "title": "VideoSettings" } }, "required": [ - "ProgramNumber" + "DataLakePrincipalIdentifier" ], "type": "object" }, - "AWS::MediaLive::Multiplexprogram.MultiplexStatmuxVideoSettings": { + "AWS::LakeFormation::DataLakeSettings.ExternalDataFilteringAllowList": { "additionalProperties": false, - "properties": { - "MaximumBitrate": { - "markdownDescription": "Maximum statmux bitrate.", - "title": "MaximumBitrate", - "type": "number" - }, - "MinimumBitrate": { - "markdownDescription": "Minimum statmux bitrate.", - "title": "MinimumBitrate", - "type": "number" - }, - "Priority": { - "markdownDescription": "The purpose of the priority is to use a combination of the\\nmultiplex rate control algorithm and the QVBR capability of the\\nencoder to prioritize the video quality of some channels in a\\nmultiplex over others. Channels that have a higher priority will\\nget higher video quality at the expense of the video quality of\\nother channels in the multiplex with lower priority.", - "title": "Priority", - "type": "number" - } - }, + "properties": {}, "type": "object" }, - "AWS::MediaLive::Multiplexprogram.MultiplexVideoSettings": { + "AWS::LakeFormation::DataLakeSettings.PrincipalPermissions": { "additionalProperties": false, "properties": { - "ConstantBitrate": { - "markdownDescription": "The constant bitrate configuration for the video encode.\nWhen this field is defined, StatmuxSettings must be undefined.", - "title": "ConstantBitrate", - "type": "number" + "Permissions": { + "items": { + "type": "string" + }, + "markdownDescription": "The permissions that are granted to the principal.", + "title": "Permissions", + "type": "array" }, - "StatmuxSettings": { - "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram.MultiplexStatmuxVideoSettings", - "markdownDescription": "Statmux rate control settings.\nWhen this field is defined, ConstantBitrate must be undefined.", - "title": "StatmuxSettings" + "Principal": { + "$ref": "#/definitions/AWS::LakeFormation::DataLakeSettings.DataLakePrincipal", + "markdownDescription": "The principal who is granted permissions.", + "title": "Principal" } }, + "required": [ + "Permissions", + "Principal" + ], "type": "object" }, - "AWS::MediaPackage::Asset": { + "AWS::LakeFormation::Permissions": { "additionalProperties": false, "properties": { "Condition": { @@ -161932,59 +167603,42 @@ "Properties": { "additionalProperties": false, "properties": { - "EgressEndpoints": { + "DataLakePrincipal": { + "$ref": "#/definitions/AWS::LakeFormation::Permissions.DataLakePrincipal", + "markdownDescription": "The AWS Lake Formation principal.", + "title": "DataLakePrincipal" + }, + "Permissions": { "items": { - "$ref": "#/definitions/AWS::MediaPackage::Asset.EgressEndpoint" + "type": "string" }, - "markdownDescription": "List of playback endpoints that are available for this asset.", - "title": "EgressEndpoints", + "markdownDescription": "The permissions granted or revoked.", + "title": "Permissions", "type": "array" }, - "Id": { - "markdownDescription": "Unique identifier that you assign to the asset.", - "title": "Id", - "type": "string" - }, - "PackagingGroupId": { - "markdownDescription": "The ID of the packaging group associated with this asset.", - "title": "PackagingGroupId", - "type": "string" - }, - "ResourceId": { - "markdownDescription": "Unique identifier for this asset, as it's configured in the key provider service.", - "title": "ResourceId", - "type": "string" - }, - "SourceArn": { - "markdownDescription": "The ARN for the source content in Amazon S3.", - "title": "SourceArn", - "type": "string" - }, - "SourceRoleArn": { - "markdownDescription": "The ARN for the IAM role that provides AWS Elemental MediaPackage access to the Amazon S3 bucket where the source content is stored. Valid format: arn:aws:iam::{accountID}:role/{name}", - "title": "SourceRoleArn", - "type": "string" - }, - "Tags": { + "PermissionsWithGrantOption": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "The tags to assign to the asset.", - "title": "Tags", + "markdownDescription": "Indicates the ability to grant permissions (as a subset of permissions granted).", + "title": "PermissionsWithGrantOption", "type": "array" + }, + "Resource": { + "$ref": "#/definitions/AWS::LakeFormation::Permissions.Resource", + "markdownDescription": "A structure for the resource.", + "title": "Resource" } }, "required": [ - "Id", - "PackagingGroupId", - "SourceArn", - "SourceRoleArn" + "DataLakePrincipal", + "Resource" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaPackage::Asset" + "AWS::LakeFormation::Permissions" ], "type": "string" }, @@ -162003,179 +167657,155 @@ ], "type": "object" }, - "AWS::MediaPackage::Asset.EgressEndpoint": { + "AWS::LakeFormation::Permissions.ColumnWildcard": { "additionalProperties": false, "properties": { - "PackagingConfigurationId": { - "markdownDescription": "The ID of a packaging configuration that's applied to this asset.", - "title": "PackagingConfigurationId", - "type": "string" - }, - "Url": { - "markdownDescription": "The URL that's used to request content from this endpoint.", - "title": "Url", + "ExcludedColumnNames": { + "items": { + "type": "string" + }, + "markdownDescription": "Excludes column names. Any column with this name will be excluded.", + "title": "ExcludedColumnNames", + "type": "array" + } + }, + "type": "object" + }, + "AWS::LakeFormation::Permissions.DataLakePrincipal": { + "additionalProperties": false, + "properties": { + "DataLakePrincipalIdentifier": { + "markdownDescription": "An identifier for the Lake Formation principal.", + "title": "DataLakePrincipalIdentifier", "type": "string" } }, - "required": [ - "PackagingConfigurationId", - "Url" - ], "type": "object" }, - "AWS::MediaPackage::Channel": { + "AWS::LakeFormation::Permissions.DataLocationResource": { "additionalProperties": false, "properties": { - "Condition": { + "CatalogId": { + "markdownDescription": "The identifier for the Data Catalog . By default, it is the account ID of the caller.", + "title": "CatalogId", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "S3Resource": { + "markdownDescription": "The Amazon Resource Name (ARN) that uniquely identifies the data location resource.", + "title": "S3Resource", "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "Any descriptive information that you want to add to the channel for future identification purposes.", - "title": "Description", - "type": "string" - }, - "EgressAccessLogs": { - "$ref": "#/definitions/AWS::MediaPackage::Channel.LogConfiguration", - "markdownDescription": "Configures egress access logs.", - "title": "EgressAccessLogs" - }, - "HlsIngest": { - "$ref": "#/definitions/AWS::MediaPackage::Channel.HlsIngest", - "markdownDescription": "The input URL where the source stream should be sent.", - "title": "HlsIngest" - }, - "Id": { - "markdownDescription": "Unique identifier that you assign to the channel.", - "title": "Id", - "type": "string" - }, - "IngressAccessLogs": { - "$ref": "#/definitions/AWS::MediaPackage::Channel.LogConfiguration", - "markdownDescription": "Configures ingress access logs.", - "title": "IngressAccessLogs" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to assign to the channel.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Id" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::MediaPackage::Channel" - ], + } + }, + "type": "object" + }, + "AWS::LakeFormation::Permissions.DatabaseResource": { + "additionalProperties": false, + "properties": { + "CatalogId": { + "markdownDescription": "The identifier for the Data Catalog . By default, it is the account ID of the caller.", + "title": "CatalogId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "The name of the database resource. Unique to the Data Catalog.", + "title": "Name", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::MediaPackage::Channel.HlsIngest": { + "AWS::LakeFormation::Permissions.Resource": { "additionalProperties": false, "properties": { - "ingestEndpoints": { - "items": { - "$ref": "#/definitions/AWS::MediaPackage::Channel.IngestEndpoint" - }, - "markdownDescription": "The input URL where the source stream should be sent.", - "title": "ingestEndpoints", - "type": "array" + "DataLocationResource": { + "$ref": "#/definitions/AWS::LakeFormation::Permissions.DataLocationResource", + "markdownDescription": "A structure for a data location object where permissions are granted or revoked.", + "title": "DataLocationResource" + }, + "DatabaseResource": { + "$ref": "#/definitions/AWS::LakeFormation::Permissions.DatabaseResource", + "markdownDescription": "A structure for the database object.", + "title": "DatabaseResource" + }, + "TableResource": { + "$ref": "#/definitions/AWS::LakeFormation::Permissions.TableResource", + "markdownDescription": "A structure for the table object. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.", + "title": "TableResource" + }, + "TableWithColumnsResource": { + "$ref": "#/definitions/AWS::LakeFormation::Permissions.TableWithColumnsResource", + "markdownDescription": "A structure for a table with columns object. This object is only used when granting a SELECT permission.", + "title": "TableWithColumnsResource" } }, "type": "object" }, - "AWS::MediaPackage::Channel.IngestEndpoint": { + "AWS::LakeFormation::Permissions.TableResource": { "additionalProperties": false, "properties": { - "Id": { - "markdownDescription": "The endpoint identifier.", - "title": "Id", + "CatalogId": { + "markdownDescription": "The identifier for the Data Catalog . By default, it is the account ID of the caller.", + "title": "CatalogId", "type": "string" }, - "Password": { - "markdownDescription": "The system-generated password for WebDAV input authentication.", - "title": "Password", + "DatabaseName": { + "markdownDescription": "The name of the database for the table. Unique to a Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.", + "title": "DatabaseName", "type": "string" }, - "Url": { - "markdownDescription": "The input URL where the source stream should be sent.", - "title": "Url", + "Name": { + "markdownDescription": "The name of the table.", + "title": "Name", "type": "string" }, - "Username": { - "markdownDescription": "The system-generated username for WebDAV input authentication.", - "title": "Username", - "type": "string" + "TableWildcard": { + "$ref": "#/definitions/AWS::LakeFormation::Permissions.TableWildcard", + "markdownDescription": "An empty object representing all tables under a database. If this field is specified instead of the `Name` field, all tables under `DatabaseName` will have permission changes applied.", + "title": "TableWildcard" } }, - "required": [ - "Id", - "Password", - "Url", - "Username" - ], "type": "object" }, - "AWS::MediaPackage::Channel.LogConfiguration": { + "AWS::LakeFormation::Permissions.TableWildcard": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::LakeFormation::Permissions.TableWithColumnsResource": { "additionalProperties": false, "properties": { - "LogGroupName": { - "markdownDescription": "Sets a custom Amazon CloudWatch log group name.", - "title": "LogGroupName", + "CatalogId": { + "markdownDescription": "The identifier for the Data Catalog . By default, it is the account ID of the caller.", + "title": "CatalogId", + "type": "string" + }, + "ColumnNames": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of column names for the table. At least one of `ColumnNames` or `ColumnWildcard` is required.", + "title": "ColumnNames", + "type": "array" + }, + "ColumnWildcard": { + "$ref": "#/definitions/AWS::LakeFormation::Permissions.ColumnWildcard", + "markdownDescription": "A wildcard specified by a `ColumnWildcard` object. At least one of `ColumnNames` or `ColumnWildcard` is required.", + "title": "ColumnWildcard" + }, + "DatabaseName": { + "markdownDescription": "The name of the database for the table with columns resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.", + "title": "DatabaseName", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the table resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.", + "title": "Name", "type": "string" } }, "type": "object" }, - "AWS::MediaPackage::OriginEndpoint": { + "AWS::LakeFormation::PrincipalPermissions": { "additionalProperties": false, "properties": { "Condition": { @@ -162210,92 +167840,49 @@ "Properties": { "additionalProperties": false, "properties": { - "Authorization": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.Authorization", - "markdownDescription": "Parameters for CDN authorization.", - "title": "Authorization" - }, - "ChannelId": { - "markdownDescription": "The ID of the channel associated with this endpoint.", - "title": "ChannelId", - "type": "string" - }, - "CmafPackage": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.CmafPackage", - "markdownDescription": "Parameters for Common Media Application Format (CMAF) packaging.", - "title": "CmafPackage" - }, - "DashPackage": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.DashPackage", - "markdownDescription": "Parameters for DASH packaging.", - "title": "DashPackage" - }, - "Description": { - "markdownDescription": "Any descriptive information that you want to add to the endpoint for future identification purposes.", - "title": "Description", - "type": "string" - }, - "HlsPackage": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.HlsPackage", - "markdownDescription": "Parameters for Apple HLS packaging.", - "title": "HlsPackage" - }, - "Id": { - "markdownDescription": "The manifest ID is required and must be unique within the OriginEndpoint. The ID can't be changed after the endpoint is created.", - "title": "Id", - "type": "string" - }, - "ManifestName": { - "markdownDescription": "A short string that's appended to the end of the endpoint URL to create a unique path to this endpoint.", - "title": "ManifestName", - "type": "string" - }, - "MssPackage": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.MssPackage", - "markdownDescription": "Parameters for Microsoft Smooth Streaming packaging.", - "title": "MssPackage" - }, - "Origination": { - "markdownDescription": "Controls video origination from this endpoint.\n\nValid values:\n\n- `ALLOW` - enables this endpoint to serve content to requesting devices.\n- `DENY` - prevents this endpoint from serving content. Denying origination is helpful for harvesting live-to-VOD assets. For more information about harvesting and origination, see [Live-to-VOD Requirements](https://docs.aws.amazon.com/mediapackage/latest/ug/ltov-reqmts.html) .", - "title": "Origination", + "Catalog": { + "markdownDescription": "The identifier for the Data Catalog . By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your Lake Formation environment.", + "title": "Catalog", "type": "string" }, - "StartoverWindowSeconds": { - "markdownDescription": "Maximum duration (seconds) of content to retain for startover playback. Omit this attribute or enter `0` to indicate that startover playback is disabled for this endpoint.", - "title": "StartoverWindowSeconds", - "type": "number" - }, - "Tags": { + "Permissions": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "The tags to assign to the endpoint.", - "title": "Tags", + "markdownDescription": "The permissions granted or revoked.", + "title": "Permissions", "type": "array" }, - "TimeDelaySeconds": { - "markdownDescription": "Minimum duration (seconds) of delay to enforce on the playback of live content. Omit this attribute or enter `0` to indicate that there is no time delay in effect for this endpoint.", - "title": "TimeDelaySeconds", - "type": "number" - }, - "Whitelist": { + "PermissionsWithGrantOption": { "items": { "type": "string" }, - "markdownDescription": "The IP addresses that can access this endpoint.", - "title": "Whitelist", + "markdownDescription": "Indicates the ability to grant permissions (as a subset of permissions granted).", + "title": "PermissionsWithGrantOption", "type": "array" + }, + "Principal": { + "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.DataLakePrincipal", + "markdownDescription": "The principal to be granted a permission.", + "title": "Principal" + }, + "Resource": { + "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.Resource", + "markdownDescription": "The resource to be granted or revoked permissions.", + "title": "Resource" } }, "required": [ - "ChannelId", - "Id" + "Permissions", + "PermissionsWithGrantOption", + "Principal", + "Resource" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaPackage::OriginEndpoint" + "AWS::LakeFormation::PrincipalPermissions" ], "type": "string" }, @@ -162314,477 +167901,296 @@ ], "type": "object" }, - "AWS::MediaPackage::OriginEndpoint.Authorization": { + "AWS::LakeFormation::PrincipalPermissions.ColumnWildcard": { "additionalProperties": false, "properties": { - "CdnIdentifierSecret": { - "markdownDescription": "The Amazon Resource Name (ARN) for the secret in AWS Secrets Manager that your Content Delivery Network (CDN) uses for authorization to access your endpoint.", - "title": "CdnIdentifierSecret", - "type": "string" - }, - "SecretsRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the IAM role that allows AWS Elemental MediaPackage to communicate with AWS Secrets Manager .", - "title": "SecretsRoleArn", - "type": "string" + "ExcludedColumnNames": { + "items": { + "type": "string" + }, + "markdownDescription": "Excludes column names. Any column with this name will be excluded.", + "title": "ExcludedColumnNames", + "type": "array" } }, - "required": [ - "CdnIdentifierSecret", - "SecretsRoleArn" - ], "type": "object" }, - "AWS::MediaPackage::OriginEndpoint.CmafEncryption": { + "AWS::LakeFormation::PrincipalPermissions.DataCellsFilterResource": { "additionalProperties": false, "properties": { - "ConstantInitializationVector": { - "markdownDescription": "An optional 128-bit, 16-byte hex value represented by a 32-character string, used in conjunction with the key for encrypting blocks. If you don't specify a value, then AWS Elemental MediaPackage creates the constant initialization vector (IV).", - "title": "ConstantInitializationVector", + "DatabaseName": { + "markdownDescription": "A database in the Data Catalog .", + "title": "DatabaseName", "type": "string" }, - "EncryptionMethod": { - "markdownDescription": "The encryption method to use.", - "title": "EncryptionMethod", + "Name": { + "markdownDescription": "The name given by the user to the data filter cell.", + "title": "Name", "type": "string" }, - "KeyRotationIntervalSeconds": { - "markdownDescription": "Number of seconds before AWS Elemental MediaPackage rotates to a new key. By default, rotation is set to 60 seconds. Set to `0` to disable key rotation.", - "title": "KeyRotationIntervalSeconds", - "type": "number" + "TableCatalogId": { + "markdownDescription": "The ID of the catalog to which the table belongs.", + "title": "TableCatalogId", + "type": "string" }, - "SpekeKeyProvider": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.SpekeKeyProvider", - "markdownDescription": "Parameters for the SPEKE key provider.", - "title": "SpekeKeyProvider" + "TableName": { + "markdownDescription": "The name of the table.", + "title": "TableName", + "type": "string" } }, "required": [ - "SpekeKeyProvider" + "DatabaseName", + "Name", + "TableCatalogId", + "TableName" ], "type": "object" }, - "AWS::MediaPackage::OriginEndpoint.CmafPackage": { + "AWS::LakeFormation::PrincipalPermissions.DataLakePrincipal": { "additionalProperties": false, "properties": { - "Encryption": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.CmafEncryption", - "markdownDescription": "Parameters for encrypting content.", - "title": "Encryption" - }, - "HlsManifests": { - "items": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.HlsManifest" - }, - "markdownDescription": "A list of HLS manifest configurations that are available from this endpoint.", - "title": "HlsManifests", - "type": "array" - }, - "SegmentDurationSeconds": { - "markdownDescription": "Duration (in seconds) of each segment. Actual segments are rounded to the nearest multiple of the source segment duration.", - "title": "SegmentDurationSeconds", - "type": "number" - }, - "SegmentPrefix": { - "markdownDescription": "An optional custom string that is prepended to the name of each segment. If not specified, the segment prefix defaults to the ChannelId.", - "title": "SegmentPrefix", + "DataLakePrincipalIdentifier": { + "markdownDescription": "An identifier for the AWS Lake Formation principal.", + "title": "DataLakePrincipalIdentifier", "type": "string" - }, - "StreamSelection": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.StreamSelection", - "markdownDescription": "Limitations for outputs from the endpoint, based on the video bitrate.", - "title": "StreamSelection" } }, "type": "object" }, - "AWS::MediaPackage::OriginEndpoint.DashEncryption": { + "AWS::LakeFormation::PrincipalPermissions.DataLocationResource": { "additionalProperties": false, "properties": { - "KeyRotationIntervalSeconds": { - "markdownDescription": "Number of seconds before AWS Elemental MediaPackage rotates to a new key. By default, rotation is set to 60 seconds. Set to `0` to disable key rotation.", - "title": "KeyRotationIntervalSeconds", - "type": "number" + "CatalogId": { + "markdownDescription": "The identifier for the Data Catalog where the location is registered with AWS Lake Formation .", + "title": "CatalogId", + "type": "string" }, - "SpekeKeyProvider": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.SpekeKeyProvider", - "markdownDescription": "Parameters for the SPEKE key provider.", - "title": "SpekeKeyProvider" + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that uniquely identifies the data location resource.", + "title": "ResourceArn", + "type": "string" } }, "required": [ - "SpekeKeyProvider" + "CatalogId", + "ResourceArn" ], "type": "object" }, - "AWS::MediaPackage::OriginEndpoint.DashPackage": { + "AWS::LakeFormation::PrincipalPermissions.DatabaseResource": { "additionalProperties": false, "properties": { - "AdTriggers": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the SCTE-35 message types that AWS Elemental MediaPackage treats as ad markers in the output manifest.\n\nValid values:\n\n- `BREAK`\n- `DISTRIBUTOR_ADVERTISEMENT`\n- `DISTRIBUTOR_OVERLAY_PLACEMENT_OPPORTUNITY` .\n- `DISTRIBUTOR_PLACEMENT_OPPORTUNITY` .\n- `PROVIDER_ADVERTISEMENT` .\n- `PROVIDER_OVERLAY_PLACEMENT_OPPORTUNITY` .\n- `PROVIDER_PLACEMENT_OPPORTUNITY` .\n- `SPLICE_INSERT` .", - "title": "AdTriggers", - "type": "array" - }, - "AdsOnDeliveryRestrictions": { - "markdownDescription": "The flags on SCTE-35 segmentation descriptors that have to be present for AWS Elemental MediaPackage to insert ad markers in the output manifest. For information about SCTE-35 in AWS Elemental MediaPackage , see [SCTE-35 Message Options in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/ug/scte.html) .", - "title": "AdsOnDeliveryRestrictions", + "CatalogId": { + "markdownDescription": "The identifier for the Data Catalog. By default, it is the account ID of the caller.", + "title": "CatalogId", "type": "string" }, - "Encryption": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.DashEncryption", - "markdownDescription": "Parameters for encrypting content.", - "title": "Encryption" - }, - "IncludeIframeOnlyStream": { - "markdownDescription": "This applies only to stream sets with a single video track. When true, the stream set includes an additional I-frame trick-play only stream, along with the other tracks. If false, this extra stream is not included.", - "title": "IncludeIframeOnlyStream", - "type": "boolean" - }, - "ManifestLayout": { - "markdownDescription": "Determines the position of some tags in the manifest.\n\nValid values:\n\n- `FULL` - Elements like `SegmentTemplate` and `ContentProtection` are included in each `Representation` .\n- `COMPACT` - Duplicate elements are combined and presented at the `AdaptationSet` level.", - "title": "ManifestLayout", + "Name": { + "markdownDescription": "The name of the database resource. Unique to the Data Catalog.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "CatalogId", + "Name" + ], + "type": "object" + }, + "AWS::LakeFormation::PrincipalPermissions.LFTag": { + "additionalProperties": false, + "properties": { + "TagKey": { + "markdownDescription": "The key-name for the LF-tag.", + "title": "TagKey", "type": "string" }, - "ManifestWindowSeconds": { - "markdownDescription": "Time window (in seconds) contained in each manifest.", - "title": "ManifestWindowSeconds", - "type": "number" - }, - "MinBufferTimeSeconds": { - "markdownDescription": "Minimum amount of content (measured in seconds) that a player must keep available in the buffer.", - "title": "MinBufferTimeSeconds", - "type": "number" - }, - "MinUpdatePeriodSeconds": { - "markdownDescription": "Minimum amount of time (in seconds) that the player should wait before requesting updates to the manifest.", - "title": "MinUpdatePeriodSeconds", - "type": "number" - }, - "PeriodTriggers": { + "TagValues": { "items": { "type": "string" }, - "markdownDescription": "Controls whether AWS Elemental MediaPackage produces single-period or multi-period DASH manifests. For more information about periods, see [Multi-period DASH in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/ug/multi-period.html) .\n\nValid values:\n\n- `ADS` - AWS Elemental MediaPackage will produce multi-period DASH manifests. Periods are created based on the SCTE-35 ad markers present in the input manifest.\n- *No value* - AWS Elemental MediaPackage will produce single-period DASH manifests. This is the default setting.", - "title": "PeriodTriggers", + "markdownDescription": "A list of possible values of the corresponding `TagKey` of an LF-tag key-value pair.", + "title": "TagValues", "type": "array" - }, - "Profile": { - "markdownDescription": "The DASH profile for the output.\n\nValid values:\n\n- `NONE` - The output doesn't use a DASH profile.\n- `HBBTV_1_5` - The output is compliant with HbbTV v1.5.\n- `DVB_DASH_2014` - The output is compliant with DVB-DASH 2014.", - "title": "Profile", - "type": "string" - }, - "SegmentDurationSeconds": { - "markdownDescription": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source fragment duration.", - "title": "SegmentDurationSeconds", - "type": "number" - }, - "SegmentTemplateFormat": { - "markdownDescription": "Determines the type of variable used in the `media` URL of the `SegmentTemplate` tag in the manifest. Also specifies if segment timeline information is included in `SegmentTimeline` or `SegmentTemplate` .\n\nValid values:\n\n- `NUMBER_WITH_TIMELINE` - The `$Number$` variable is used in the `media` URL. The value of this variable is the sequential number of the segment. A full `SegmentTimeline` object is presented in each `SegmentTemplate` .\n- `NUMBER_WITH_DURATION` - The `$Number$` variable is used in the `media` URL and a `duration` attribute is added to the segment template. The `SegmentTimeline` object is removed from the representation.\n- `TIME_WITH_TIMELINE` - The `$Time$` variable is used in the `media` URL. The value of this variable is the timestamp of when the segment starts. A full `SegmentTimeline` object is presented in each `SegmentTemplate` .", - "title": "SegmentTemplateFormat", - "type": "string" - }, - "StreamSelection": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.StreamSelection", - "markdownDescription": "Limitations for outputs from the endpoint, based on the video bitrate.", - "title": "StreamSelection" - }, - "SuggestedPresentationDelaySeconds": { - "markdownDescription": "Amount of time (in seconds) that the player should be from the live point at the end of the manifest.", - "title": "SuggestedPresentationDelaySeconds", - "type": "number" - }, - "UtcTiming": { - "markdownDescription": "Determines the type of UTC timing included in the DASH Media Presentation Description (MPD).", - "title": "UtcTiming", - "type": "string" - }, - "UtcTimingUri": { - "markdownDescription": "Specifies the value attribute of the UTC timing field when utcTiming is set to HTTP-ISO or HTTP-HEAD.", - "title": "UtcTimingUri", - "type": "string" } }, "type": "object" }, - "AWS::MediaPackage::OriginEndpoint.EncryptionContractConfiguration": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaPackage::OriginEndpoint.HlsEncryption": { + "AWS::LakeFormation::PrincipalPermissions.LFTagKeyResource": { "additionalProperties": false, "properties": { - "ConstantInitializationVector": { - "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, used with the key for encrypting blocks.", - "title": "ConstantInitializationVector", + "CatalogId": { + "markdownDescription": "The identifier for the Data Catalog where the location is registered with Data Catalog .", + "title": "CatalogId", "type": "string" }, - "EncryptionMethod": { - "markdownDescription": "HLS encryption type.", - "title": "EncryptionMethod", + "TagKey": { + "markdownDescription": "The key-name for the LF-tag.", + "title": "TagKey", "type": "string" }, - "KeyRotationIntervalSeconds": { - "markdownDescription": "Number of seconds before AWS Elemental MediaPackage rotates to a new key. By default, rotation is set to 60 seconds. Set to `0` to disable key rotation.", - "title": "KeyRotationIntervalSeconds", - "type": "number" - }, - "RepeatExtXKey": { - "markdownDescription": "Repeat the `EXT-X-KEY` directive for every media segment. This might result in an increase in client requests to the DRM server.", - "title": "RepeatExtXKey", - "type": "boolean" - }, - "SpekeKeyProvider": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.SpekeKeyProvider", - "markdownDescription": "Parameters for the SPEKE key provider.", - "title": "SpekeKeyProvider" + "TagValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of possible values for the corresponding `TagKey` of an LF-tag key-value pair.", + "title": "TagValues", + "type": "array" } }, "required": [ - "SpekeKeyProvider" + "CatalogId", + "TagKey", + "TagValues" ], "type": "object" }, - "AWS::MediaPackage::OriginEndpoint.HlsManifest": { + "AWS::LakeFormation::PrincipalPermissions.LFTagPolicyResource": { "additionalProperties": false, "properties": { - "AdMarkers": { - "markdownDescription": "Controls how ad markers are included in the packaged endpoint.\n\nValid values:\n\n- `NONE` - Omits all SCTE-35 ad markers from the output.\n- `PASSTHROUGH` - Creates a copy in the output of the SCTE-35 ad markers (comments) taken directly from the input manifest.\n- `SCTE35_ENHANCED` - Generates ad markers and blackout tags in the output based on the SCTE-35 messages from the input manifest.", - "title": "AdMarkers", + "CatalogId": { + "markdownDescription": "The identifier for the Data Catalog . The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your AWS Lake Formation environment.", + "title": "CatalogId", "type": "string" }, - "AdTriggers": { + "Expression": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.LFTag" }, - "markdownDescription": "Specifies the SCTE-35 message types that AWS Elemental MediaPackage treats as ad markers in the output manifest.\n\nValid values:\n\n- `BREAK`\n- `DISTRIBUTOR_ADVERTISEMENT`\n- `DISTRIBUTOR_OVERLAY_PLACEMENT_OPPORTUNITY`\n- `DISTRIBUTOR_PLACEMENT_OPPORTUNITY`\n- `PROVIDER_ADVERTISEMENT`\n- `PROVIDER_OVERLAY_PLACEMENT_OPPORTUNITY`\n- `PROVIDER_PLACEMENT_OPPORTUNITY`\n- `SPLICE_INSERT`", - "title": "AdTriggers", + "markdownDescription": "A list of LF-tag conditions that apply to the resource's LF-tag policy.", + "title": "Expression", "type": "array" }, - "AdsOnDeliveryRestrictions": { - "markdownDescription": "The flags on SCTE-35 segmentation descriptors that have to be present for AWS Elemental MediaPackage to insert ad markers in the output manifest. For information about SCTE-35 in AWS Elemental MediaPackage , see [SCTE-35 Message Options in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/ug/scte.html) .", - "title": "AdsOnDeliveryRestrictions", - "type": "string" - }, - "Id": { - "markdownDescription": "The manifest ID is required and must be unique within the OriginEndpoint. The ID can't be changed after the endpoint is created.", - "title": "Id", - "type": "string" - }, - "IncludeIframeOnlyStream": { - "markdownDescription": "Applies to stream sets with a single video track only. When true, the stream set includes an additional I-frame only stream, along with the other tracks. If false, this extra stream is not included.", - "title": "IncludeIframeOnlyStream", - "type": "boolean" - }, - "ManifestName": { - "markdownDescription": "A short string that's appended to the end of the endpoint URL to create a unique path to this endpoint. The manifestName on the HLSManifest object overrides the manifestName that you provided on the originEndpoint object.", - "title": "ManifestName", - "type": "string" - }, - "PlaylistType": { - "markdownDescription": "When specified as either `event` or `vod` , a corresponding `EXT-X-PLAYLIST-TYPE` entry is included in the media playlist. Indicates if the playlist is live-to-VOD content.", - "title": "PlaylistType", - "type": "string" - }, - "PlaylistWindowSeconds": { - "markdownDescription": "Time window (in seconds) contained in each parent manifest.", - "title": "PlaylistWindowSeconds", - "type": "number" - }, - "ProgramDateTimeIntervalSeconds": { - "markdownDescription": "Inserts `EXT-X-PROGRAM-DATE-TIME` tags in the output manifest at the interval that you specify.\n\nIrrespective of this parameter, if any ID3Timed metadata is in the HLS input, it is passed through to the HLS output.\n\nOmit this attribute or enter `0` to indicate that the `EXT-X-PROGRAM-DATE-TIME` tags are not included in the manifest.", - "title": "ProgramDateTimeIntervalSeconds", - "type": "number" - }, - "Url": { - "markdownDescription": "The URL that's used to request this manifest from this endpoint.", - "title": "Url", + "ResourceType": { + "markdownDescription": "The resource type for which the LF-tag policy applies.", + "title": "ResourceType", "type": "string" } }, "required": [ - "Id" + "CatalogId", + "Expression", + "ResourceType" ], "type": "object" }, - "AWS::MediaPackage::OriginEndpoint.HlsPackage": { + "AWS::LakeFormation::PrincipalPermissions.Resource": { "additionalProperties": false, "properties": { - "AdMarkers": { - "markdownDescription": "Controls how ad markers are included in the packaged endpoint.\n\nValid values:\n\n- `NONE` - Omits all SCTE-35 ad markers from the output.\n- `PASSTHROUGH` - Creates a copy in the output of the SCTE-35 ad markers (comments) taken directly from the input manifest.\n- `SCTE35_ENHANCED` - Generates ad markers and blackout tags in the output based on the SCTE-35 messages from the input manifest.", - "title": "AdMarkers", - "type": "string" - }, - "AdTriggers": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the SCTE-35 message types that AWS Elemental MediaPackage treats as ad markers in the output manifest.\n\nValid values:\n\n- `BREAK`\n- `DISTRIBUTOR_ADVERTISEMENT`\n- `DISTRIBUTOR_OVERLAY_PLACEMENT_OPPORTUNITY`\n- `DISTRIBUTOR_PLACEMENT_OPPORTUNITY`\n- `PROVIDER_ADVERTISEMENT`\n- `PROVIDER_OVERLAY_PLACEMENT_OPPORTUNITY`\n- `PROVIDER_PLACEMENT_OPPORTUNITY`\n- `SPLICE_INSERT`", - "title": "AdTriggers", - "type": "array" - }, - "AdsOnDeliveryRestrictions": { - "markdownDescription": "The flags on SCTE-35 segmentation descriptors that have to be present for AWS Elemental MediaPackage to insert ad markers in the output manifest. For information about SCTE-35 in AWS Elemental MediaPackage , see [SCTE-35 Message Options in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/ug/scte.html) .", - "title": "AdsOnDeliveryRestrictions", - "type": "string" - }, - "Encryption": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.HlsEncryption", - "markdownDescription": "Parameters for encrypting content.", - "title": "Encryption" - }, - "IncludeDvbSubtitles": { - "markdownDescription": "When enabled, MediaPackage passes through digital video broadcasting (DVB) subtitles into the output.", - "title": "IncludeDvbSubtitles", - "type": "boolean" + "Catalog": { + "markdownDescription": "The identifier for the Data Catalog. By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your AWS Lake Formation environment.", + "title": "Catalog", + "type": "object" }, - "IncludeIframeOnlyStream": { - "markdownDescription": "Only applies to stream sets with a single video track. When true, the stream set includes an additional I-frame only stream, along with the other tracks. If false, this extra stream is not included.", - "title": "IncludeIframeOnlyStream", - "type": "boolean" + "DataCellsFilter": { + "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.DataCellsFilterResource", + "markdownDescription": "A data cell filter.", + "title": "DataCellsFilter" }, - "PlaylistType": { - "markdownDescription": "When specified as either `event` or `vod` , a corresponding `EXT-X-PLAYLIST-TYPE` entry is included in the media playlist. Indicates if the playlist is live-to-VOD content.", - "title": "PlaylistType", - "type": "string" + "DataLocation": { + "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.DataLocationResource", + "markdownDescription": "The location of an Amazon S3 path where permissions are granted or revoked.", + "title": "DataLocation" }, - "PlaylistWindowSeconds": { - "markdownDescription": "Time window (in seconds) contained in each parent manifest.", - "title": "PlaylistWindowSeconds", - "type": "number" + "Database": { + "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.DatabaseResource", + "markdownDescription": "The database for the resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database permissions to a principal.", + "title": "Database" }, - "ProgramDateTimeIntervalSeconds": { - "markdownDescription": "Inserts `EXT-X-PROGRAM-DATE-TIME` tags in the output manifest at the interval that you specify.\n\nIrrespective of this parameter, if any ID3Timed metadata is in the HLS input, it is passed through to the HLS output.\n\nOmit this attribute or enter `0` to indicate that the `EXT-X-PROGRAM-DATE-TIME` tags are not included in the manifest.", - "title": "ProgramDateTimeIntervalSeconds", - "type": "number" + "LFTag": { + "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.LFTagKeyResource", + "markdownDescription": "The LF-tag key and values attached to a resource.", + "title": "LFTag" }, - "SegmentDurationSeconds": { - "markdownDescription": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source fragment duration.", - "title": "SegmentDurationSeconds", - "type": "number" + "LFTagPolicy": { + "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.LFTagPolicyResource", + "markdownDescription": "A list of LF-tag conditions that define a resource's LF-tag policy.", + "title": "LFTagPolicy" }, - "StreamSelection": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.StreamSelection", - "markdownDescription": "Limitations for outputs from the endpoint, based on the video bitrate.", - "title": "StreamSelection" + "Table": { + "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.TableResource", + "markdownDescription": "The table for the resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.", + "title": "Table" }, - "UseAudioRenditionGroup": { - "markdownDescription": "When true, AWS Elemental MediaPackage bundles all audio tracks in a rendition group. All other tracks in the stream can be used with any audio rendition from the group.", - "title": "UseAudioRenditionGroup", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::MediaPackage::OriginEndpoint.MssEncryption": { - "additionalProperties": false, - "properties": { - "SpekeKeyProvider": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.SpekeKeyProvider", - "markdownDescription": "Parameters for the SPEKE key provider.", - "title": "SpekeKeyProvider" + "TableWithColumns": { + "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.TableWithColumnsResource", + "markdownDescription": "The table with columns for the resource. A principal with permissions to this resource can select metadata from the columns of a table in the Data Catalog and the underlying data in Amazon S3.", + "title": "TableWithColumns" } }, - "required": [ - "SpekeKeyProvider" - ], "type": "object" }, - "AWS::MediaPackage::OriginEndpoint.MssPackage": { + "AWS::LakeFormation::PrincipalPermissions.TableResource": { "additionalProperties": false, "properties": { - "Encryption": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.MssEncryption", - "markdownDescription": "Parameters for encrypting content.", - "title": "Encryption" + "CatalogId": { + "markdownDescription": "The identifier for the Data Catalog. By default, it is the account ID of the caller.", + "title": "CatalogId", + "type": "string" }, - "ManifestWindowSeconds": { - "markdownDescription": "Time window (in seconds) contained in each manifest.", - "title": "ManifestWindowSeconds", - "type": "number" + "DatabaseName": { + "markdownDescription": "The name of the database for the table. Unique to a Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.", + "title": "DatabaseName", + "type": "string" }, - "SegmentDurationSeconds": { - "markdownDescription": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source fragment duration.", - "title": "SegmentDurationSeconds", - "type": "number" + "Name": { + "markdownDescription": "The name of the table.", + "title": "Name", + "type": "string" }, - "StreamSelection": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.StreamSelection", - "markdownDescription": "Limitations for outputs from the endpoint, based on the video bitrate.", - "title": "StreamSelection" + "TableWildcard": { + "markdownDescription": "A wildcard object representing every table under a database.\n\nAt least one of `TableResource$Name` or `TableResource$TableWildcard` is required.", + "title": "TableWildcard", + "type": "object" } }, + "required": [ + "CatalogId", + "DatabaseName" + ], "type": "object" }, - "AWS::MediaPackage::OriginEndpoint.SpekeKeyProvider": { + "AWS::LakeFormation::PrincipalPermissions.TableWithColumnsResource": { "additionalProperties": false, "properties": { - "CertificateArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the certificate that you imported to AWS Certificate Manager to add content key encryption to this endpoint. For this feature to work, your DRM key provider must support content key encryption.", - "title": "CertificateArn", - "type": "string" - }, - "EncryptionContractConfiguration": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.EncryptionContractConfiguration", - "markdownDescription": "Use `encryptionContractConfiguration` to configure one or more content encryption keys for your endpoints that use SPEKE Version 2.0. The encryption contract defines which content keys are used to encrypt the audio and video tracks in your stream. To configure the encryption contract, specify which audio and video encryption presets to use.", - "title": "EncryptionContractConfiguration" - }, - "ResourceId": { - "markdownDescription": "Unique identifier for this endpoint, as it is configured in the key provider service.", - "title": "ResourceId", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN for the IAM role that's granted by the key provider to provide access to the key provider API. This role must have a trust policy that allows AWS Elemental MediaPackage to assume the role, and it must have a sufficient permissions policy to allow access to the specific key retrieval URL. Valid format: arn:aws:iam::{accountID}:role/{name}", - "title": "RoleArn", + "CatalogId": { + "markdownDescription": "The identifier for the Data Catalog where the location is registered with AWS Lake Formation .", + "title": "CatalogId", "type": "string" }, - "SystemIds": { + "ColumnNames": { "items": { "type": "string" }, - "markdownDescription": "List of unique identifiers for the DRM systems to use, as defined in the CPIX specification.", - "title": "SystemIds", + "markdownDescription": "The list of column names for the table. At least one of `ColumnNames` or `ColumnWildcard` is required.", + "title": "ColumnNames", "type": "array" }, - "Url": { - "markdownDescription": "URL for the key provider\u2019s key retrieval API endpoint. Must start with https://.", - "title": "Url", - "type": "string" - } - }, - "required": [ - "ResourceId", - "RoleArn", - "SystemIds", - "Url" - ], - "type": "object" - }, - "AWS::MediaPackage::OriginEndpoint.StreamSelection": { - "additionalProperties": false, - "properties": { - "MaxVideoBitsPerSecond": { - "markdownDescription": "The upper limit of the bitrates that this endpoint serves. If the video track exceeds this threshold, then AWS Elemental MediaPackage excludes it from output. If you don't specify a value, it defaults to 2147483647 bits per second.", - "title": "MaxVideoBitsPerSecond", - "type": "number" + "ColumnWildcard": { + "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.ColumnWildcard", + "markdownDescription": "A wildcard specified by a `ColumnWildcard` object. At least one of `ColumnNames` or `ColumnWildcard` is required.", + "title": "ColumnWildcard" }, - "MinVideoBitsPerSecond": { - "markdownDescription": "The lower limit of the bitrates that this endpoint serves. If the video track is below this threshold, then AWS Elemental MediaPackage excludes it from output. If you don't specify a value, it defaults to 0 bits per second.", - "title": "MinVideoBitsPerSecond", - "type": "number" + "DatabaseName": { + "markdownDescription": "The name of the database for the table with columns resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.", + "title": "DatabaseName", + "type": "string" }, - "StreamOrder": { - "markdownDescription": "Order in which the different video bitrates are presented to the player.\n\nValid values: `ORIGINAL` , `VIDEO_BITRATE_ASCENDING` , `VIDEO_BITRATE_DESCENDING` .", - "title": "StreamOrder", + "Name": { + "markdownDescription": "The name of the table resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.", + "title": "Name", "type": "string" } }, + "required": [ + "CatalogId", + "DatabaseName", + "Name" + ], "type": "object" }, - "AWS::MediaPackage::PackagingConfiguration": { + "AWS::LakeFormation::Resource": { "additionalProperties": false, "properties": { "Condition": { @@ -162819,54 +168225,41 @@ "Properties": { "additionalProperties": false, "properties": { - "CmafPackage": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.CmafPackage", - "markdownDescription": "Parameters for CMAF packaging.", - "title": "CmafPackage" - }, - "DashPackage": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.DashPackage", - "markdownDescription": "Parameters for DASH-ISO packaging.", - "title": "DashPackage" - }, - "HlsPackage": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.HlsPackage", - "markdownDescription": "Parameters for Apple HLS packaging.", - "title": "HlsPackage" + "HybridAccessEnabled": { + "markdownDescription": "Indicates whether the data access of tables pointing to the location can be managed by both Lake Formation permissions as well as Amazon S3 bucket policies.", + "title": "HybridAccessEnabled", + "type": "boolean" }, - "Id": { - "markdownDescription": "Unique identifier that you assign to the packaging configuration.", - "title": "Id", + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", + "title": "ResourceArn", "type": "string" }, - "MssPackage": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.MssPackage", - "markdownDescription": "Parameters for Microsoft Smooth Streaming packaging.", - "title": "MssPackage" - }, - "PackagingGroupId": { - "markdownDescription": "The ID of the packaging group associated with this packaging configuration.", - "title": "PackagingGroupId", + "RoleArn": { + "markdownDescription": "The IAM role that registered a resource.", + "title": "RoleArn", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to assign to the packaging configuration.", - "title": "Tags", - "type": "array" + "UseServiceLinkedRole": { + "markdownDescription": "Designates a trusted caller, an IAM principal, by registering this caller with the Data Catalog .", + "title": "UseServiceLinkedRole", + "type": "boolean" + }, + "WithFederation": { + "markdownDescription": "Allows Lake Formation to assume a role to access tables in a federated database.", + "title": "WithFederation", + "type": "boolean" } }, "required": [ - "Id", - "PackagingGroupId" + "ResourceArn", + "UseServiceLinkedRole" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaPackage::PackagingConfiguration" + "AWS::LakeFormation::Resource" ], "type": "string" }, @@ -162885,382 +168278,304 @@ ], "type": "object" }, - "AWS::MediaPackage::PackagingConfiguration.CmafEncryption": { - "additionalProperties": false, - "properties": { - "SpekeKeyProvider": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.SpekeKeyProvider", - "markdownDescription": "Parameters for the SPEKE key provider.", - "title": "SpekeKeyProvider" - } - }, - "required": [ - "SpekeKeyProvider" - ], - "type": "object" - }, - "AWS::MediaPackage::PackagingConfiguration.CmafPackage": { - "additionalProperties": false, - "properties": { - "Encryption": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.CmafEncryption", - "markdownDescription": "Parameters for encrypting content.", - "title": "Encryption" - }, - "HlsManifests": { - "items": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.HlsManifest" - }, - "markdownDescription": "A list of HLS manifest configurations that are available from this endpoint.", - "title": "HlsManifests", - "type": "array" - }, - "IncludeEncoderConfigurationInSegments": { - "markdownDescription": "When includeEncoderConfigurationInSegments is set to true, AWS Elemental MediaPackage places your encoder's Sequence Parameter Set (SPS), Picture Parameter Set (PPS), and Video Parameter Set (VPS) metadata in every video segment instead of in the init fragment. This lets you use different SPS/PPS/VPS settings for your assets during content playback.", - "title": "IncludeEncoderConfigurationInSegments", - "type": "boolean" - }, - "SegmentDurationSeconds": { - "markdownDescription": "Duration (in seconds) of each segment. Actual segments are rounded to the nearest multiple of the source fragment duration.", - "title": "SegmentDurationSeconds", - "type": "number" - } - }, - "required": [ - "HlsManifests" - ], - "type": "object" - }, - "AWS::MediaPackage::PackagingConfiguration.DashEncryption": { - "additionalProperties": false, - "properties": { - "SpekeKeyProvider": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.SpekeKeyProvider", - "markdownDescription": "Parameters for the SPEKE key provider.", - "title": "SpekeKeyProvider" - } - }, - "required": [ - "SpekeKeyProvider" - ], - "type": "object" - }, - "AWS::MediaPackage::PackagingConfiguration.DashManifest": { + "AWS::LakeFormation::Tag": { "additionalProperties": false, "properties": { - "ManifestLayout": { - "markdownDescription": "Determines the position of some tags in the Media Presentation Description (MPD). When set to `FULL` , elements like `SegmentTemplate` and `ContentProtection` are included in each `Representation` . When set to `COMPACT` , duplicate elements are combined and presented at the AdaptationSet level.", - "title": "ManifestLayout", + "Condition": { "type": "string" }, - "ManifestName": { - "markdownDescription": "A short string that's appended to the end of the endpoint URL to create a unique path to this packaging configuration.", - "title": "ManifestName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "MinBufferTimeSeconds": { - "markdownDescription": "Minimum amount of content (measured in seconds) that a player must keep available in the buffer.", - "title": "MinBufferTimeSeconds", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Profile": { - "markdownDescription": "The DASH profile type. When set to `HBBTV_1_5` , the content is compliant with HbbTV 1.5.", - "title": "Profile", - "type": "string" + "Metadata": { + "type": "object" }, - "ScteMarkersSource": { - "markdownDescription": "The source of scte markers used.\n\nValue description:\n\n- `SEGMENTS` - The scte markers are sourced from the segments of the ingested content.\n- `MANIFEST` - the scte markers are sourced from the manifest of the ingested content. The MANIFEST value is compatible with source HLS playlists using the SCTE-35 Enhanced syntax ( `EXT-OATCLS-SCTE35` tags). SCTE-35 Elemental and SCTE-35 Daterange syntaxes are not supported with this option.", - "title": "ScteMarkersSource", + "Properties": { + "additionalProperties": false, + "properties": { + "CatalogId": { + "markdownDescription": "Catalog id string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html) .\n\nThe identifier for the Data Catalog . By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your AWS Lake Formation environment.", + "title": "CatalogId", + "type": "string" + }, + "TagKey": { + "markdownDescription": "UTF-8 string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html) .\n\nThe key-name for the LF-tag.", + "title": "TagKey", + "type": "string" + }, + "TagValues": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of UTF-8 strings, not less than 1 or more than 50 strings.\n\nA list of possible values of the corresponding `TagKey` of an LF-tag key-value pair.", + "title": "TagValues", + "type": "array" + } + }, + "required": [ + "TagKey", + "TagValues" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::LakeFormation::Tag" + ], "type": "string" }, - "StreamSelection": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.StreamSelection", - "markdownDescription": "Limitations for outputs from the endpoint, based on the video bitrate.", - "title": "StreamSelection" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::MediaPackage::PackagingConfiguration.DashPackage": { + "AWS::LakeFormation::TagAssociation": { "additionalProperties": false, "properties": { - "DashManifests": { - "items": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.DashManifest" - }, - "markdownDescription": "A list of DASH manifest configurations that are available from this endpoint.", - "title": "DashManifests", - "type": "array" + "Condition": { + "type": "string" }, - "Encryption": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.DashEncryption", - "markdownDescription": "Parameters for encrypting content.", - "title": "Encryption" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "IncludeEncoderConfigurationInSegments": { - "markdownDescription": "When includeEncoderConfigurationInSegments is set to true, AWS Elemental MediaPackage places your encoder's Sequence Parameter Set (SPS), Picture Parameter Set (PPS), and Video Parameter Set (VPS) metadata in every video segment instead of in the init fragment. This lets you use different SPS/PPS/VPS settings for your assets during content playback.", - "title": "IncludeEncoderConfigurationInSegments", - "type": "boolean" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "IncludeIframeOnlyStream": { - "markdownDescription": "This applies only to stream sets with a single video track. When true, the stream set includes an additional I-frame trick-play only stream, along with the other tracks. If false, this extra stream is not included.", - "title": "IncludeIframeOnlyStream", - "type": "boolean" + "Metadata": { + "type": "object" }, - "PeriodTriggers": { - "items": { - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "LFTags": { + "items": { + "$ref": "#/definitions/AWS::LakeFormation::TagAssociation.LFTagPair" + }, + "markdownDescription": "A structure containing an LF-tag key-value pair.", + "title": "LFTags", + "type": "array" + }, + "Resource": { + "$ref": "#/definitions/AWS::LakeFormation::TagAssociation.Resource", + "markdownDescription": "UTF-8 string (valid values: `DATABASE | TABLE` ).\n\nThe resource for which the LF-tag policy applies.", + "title": "Resource" + } }, - "markdownDescription": "Controls whether AWS Elemental MediaPackage produces single-period or multi-period DASH manifests. For more information about periods, see [Multi-period DASH in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/ug/multi-period.html) .\n\nValid values:\n\n- `ADS` - AWS Elemental MediaPackage will produce multi-period DASH manifests. Periods are created based on the SCTE-35 ad markers present in the input manifest.\n- *No value* - AWS Elemental MediaPackage will produce single-period DASH manifests. This is the default setting.", - "title": "PeriodTriggers", - "type": "array" - }, - "SegmentDurationSeconds": { - "markdownDescription": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source segment duration.", - "title": "SegmentDurationSeconds", - "type": "number" + "required": [ + "LFTags", + "Resource" + ], + "type": "object" }, - "SegmentTemplateFormat": { - "markdownDescription": "Determines the type of SegmentTemplate included in the Media Presentation Description (MPD). When set to `NUMBER_WITH_TIMELINE` , a full timeline is presented in each SegmentTemplate, with $Number$ media URLs. When set to `TIME_WITH_TIMELINE` , a full timeline is presented in each SegmentTemplate, with $Time$ media URLs. When set to `NUMBER_WITH_DURATION` , only a duration is included in each SegmentTemplate, with $Number$ media URLs.", - "title": "SegmentTemplateFormat", - "type": "string" - } - }, - "required": [ - "DashManifests" - ], - "type": "object" - }, - "AWS::MediaPackage::PackagingConfiguration.EncryptionContractConfiguration": { - "additionalProperties": false, - "properties": { - "PresetSpeke20Audio": { - "markdownDescription": "A collection of audio encryption presets.\n\nValue description:\n\n- `PRESET-AUDIO-1` - Use one content key to encrypt all of the audio tracks in your stream.\n- `PRESET-AUDIO-2` - Use one content key to encrypt all of the stereo audio tracks and one content key to encrypt all of the multichannel audio tracks.\n- `PRESET-AUDIO-3` - Use one content key to encrypt all of the stereo audio tracks, one content key to encrypt all of the multichannel audio tracks with 3 to 6 channels, and one content key to encrypt all of the multichannel audio tracks with more than 6 channels.\n- `SHARED` - Use the same content key for all of the audio and video tracks in your stream.\n- `UNENCRYPTED` - Don't encrypt any of the audio tracks in your stream.", - "title": "PresetSpeke20Audio", + "Type": { + "enum": [ + "AWS::LakeFormation::TagAssociation" + ], "type": "string" }, - "PresetSpeke20Video": { - "markdownDescription": "A collection of video encryption presets.\n\nValue description:\n\n- `PRESET-VIDEO-1` - Use one content key to encrypt all of the video tracks in your stream.\n- `PRESET-VIDEO-2` - Use one content key to encrypt all of the SD video tracks and one content key for all HD and higher resolutions video tracks.\n- `PRESET-VIDEO-3` - Use one content key to encrypt all of the SD video tracks, one content key for HD video tracks and one content key for all UHD video tracks.\n- `PRESET-VIDEO-4` - Use one content key to encrypt all of the SD video tracks, one content key for HD video tracks, one content key for all UHD1 video tracks and one content key for all UHD2 video tracks.\n- `PRESET-VIDEO-5` - Use one content key to encrypt all of the SD video tracks, one content key for HD1 video tracks, one content key for HD2 video tracks, one content key for all UHD1 video tracks and one content key for all UHD2 video tracks.\n- `PRESET-VIDEO-6` - Use one content key to encrypt all of the SD video tracks, one content key for HD1 video tracks, one content key for HD2 video tracks and one content key for all UHD video tracks.\n- `PRESET-VIDEO-7` - Use one content key to encrypt all of the SD+HD1 video tracks, one content key for HD2 video tracks and one content key for all UHD video tracks.\n- `PRESET-VIDEO-8` - Use one content key to encrypt all of the SD+HD1 video tracks, one content key for HD2 video tracks, one content key for all UHD1 video tracks and one content key for all UHD2 video tracks.\n- `SHARED` - Use the same content key for all of the video and audio tracks in your stream.\n- `UNENCRYPTED` - Don't encrypt any of the video tracks in your stream.", - "title": "PresetSpeke20Video", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "PresetSpeke20Audio", - "PresetSpeke20Video" + "Type", + "Properties" ], "type": "object" }, - "AWS::MediaPackage::PackagingConfiguration.HlsEncryption": { + "AWS::LakeFormation::TagAssociation.DatabaseResource": { "additionalProperties": false, "properties": { - "ConstantInitializationVector": { - "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, used with the key for encrypting blocks. If you don't specify a constant initialization vector (IV), AWS Elemental MediaPackage periodically rotates the IV.", - "title": "ConstantInitializationVector", + "CatalogId": { + "markdownDescription": "The identifier for the Data Catalog . By default, it should be the account ID of the caller.", + "title": "CatalogId", "type": "string" }, - "EncryptionMethod": { - "markdownDescription": "HLS encryption type.", - "title": "EncryptionMethod", + "Name": { + "markdownDescription": "The name of the database resource. Unique to the Data Catalog.", + "title": "Name", "type": "string" - }, - "SpekeKeyProvider": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.SpekeKeyProvider", - "markdownDescription": "Parameters for the SPEKE key provider.", - "title": "SpekeKeyProvider" } }, "required": [ - "SpekeKeyProvider" + "CatalogId", + "Name" ], "type": "object" }, - "AWS::MediaPackage::PackagingConfiguration.HlsManifest": { + "AWS::LakeFormation::TagAssociation.LFTagPair": { "additionalProperties": false, "properties": { - "AdMarkers": { - "markdownDescription": "This setting controls ad markers in the packaged content.\n\nValid values:\n\n- `NONE` - Omits all SCTE-35 ad markers from the output.\n- `PASSTHROUGH` - Creates a copy in the output of the SCTE-35 ad markers (comments) taken directly from the input manifest.\n- `SCTE35_ENHANCED` - Generates ad markers and blackout tags in the output based on the SCTE-35 messages from the input manifest.", - "title": "AdMarkers", + "CatalogId": { + "markdownDescription": "The identifier for the Data Catalog . By default, it is the account ID of the caller.", + "title": "CatalogId", "type": "string" }, - "IncludeIframeOnlyStream": { - "markdownDescription": "Applies to stream sets with a single video track only. When enabled, the output includes an additional I-frame only stream, along with the other tracks.", - "title": "IncludeIframeOnlyStream", - "type": "boolean" - }, - "ManifestName": { - "markdownDescription": "A short string that's appended to the end of the endpoint URL to create a unique path to this packaging configuration.", - "title": "ManifestName", + "TagKey": { + "markdownDescription": "The key-name for the LF-tag.", + "title": "TagKey", "type": "string" }, - "ProgramDateTimeIntervalSeconds": { - "markdownDescription": "Inserts `EXT-X-PROGRAM-DATE-TIME` tags in the output manifest at the interval that you specify.\n\nIrrespective of this parameter, if any ID3Timed metadata is in the HLS input, it is passed through to the HLS output.\n\nOmit this attribute or enter `0` to indicate that the `EXT-X-PROGRAM-DATE-TIME` tags are not included in the manifest.", - "title": "ProgramDateTimeIntervalSeconds", - "type": "number" - }, - "RepeatExtXKey": { - "markdownDescription": "Repeat the `EXT-X-KEY` directive for every media segment. This might result in an increase in client requests to the DRM server.", - "title": "RepeatExtXKey", - "type": "boolean" - }, - "StreamSelection": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.StreamSelection", - "markdownDescription": "Video bitrate limitations for outputs from this packaging configuration.", - "title": "StreamSelection" - } - }, - "type": "object" - }, - "AWS::MediaPackage::PackagingConfiguration.HlsPackage": { - "additionalProperties": false, - "properties": { - "Encryption": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.HlsEncryption", - "markdownDescription": "Parameters for encrypting content.", - "title": "Encryption" - }, - "HlsManifests": { + "TagValues": { "items": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.HlsManifest" + "type": "string" }, - "markdownDescription": "A list of HLS manifest configurations that are available from this endpoint.", - "title": "HlsManifests", + "markdownDescription": "A list of possible values of the corresponding `TagKey` of an LF-tag key-value pair.", + "title": "TagValues", "type": "array" - }, - "IncludeDvbSubtitles": { - "markdownDescription": "When enabled, MediaPackage passes through digital video broadcasting (DVB) subtitles into the output.", - "title": "IncludeDvbSubtitles", - "type": "boolean" - }, - "SegmentDurationSeconds": { - "markdownDescription": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source fragment duration.", - "title": "SegmentDurationSeconds", - "type": "number" - }, - "UseAudioRenditionGroup": { - "markdownDescription": "When true, AWS Elemental MediaPackage bundles all audio tracks in a rendition group. All other tracks in the stream can be used with any audio rendition from the group.", - "title": "UseAudioRenditionGroup", - "type": "boolean" } }, "required": [ - "HlsManifests" + "CatalogId", + "TagKey", + "TagValues" ], "type": "object" }, - "AWS::MediaPackage::PackagingConfiguration.MssEncryption": { + "AWS::LakeFormation::TagAssociation.Resource": { "additionalProperties": false, "properties": { - "SpekeKeyProvider": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.SpekeKeyProvider", - "markdownDescription": "Parameters for the SPEKE key provider.", - "title": "SpekeKeyProvider" + "Catalog": { + "markdownDescription": "The identifier for the Data Catalog. By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your AWS Lake Formation environment.", + "title": "Catalog", + "type": "object" + }, + "Database": { + "$ref": "#/definitions/AWS::LakeFormation::TagAssociation.DatabaseResource", + "markdownDescription": "The database for the resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database permissions to a principal.", + "title": "Database" + }, + "Table": { + "$ref": "#/definitions/AWS::LakeFormation::TagAssociation.TableResource", + "markdownDescription": "The table for the resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.", + "title": "Table" + }, + "TableWithColumns": { + "$ref": "#/definitions/AWS::LakeFormation::TagAssociation.TableWithColumnsResource", + "markdownDescription": "The table with columns for the resource. A principal with permissions to this resource can select metadata from the columns of a table in the Data Catalog and the underlying data in Amazon S3.", + "title": "TableWithColumns" } }, - "required": [ - "SpekeKeyProvider" - ], "type": "object" }, - "AWS::MediaPackage::PackagingConfiguration.MssManifest": { + "AWS::LakeFormation::TagAssociation.TableResource": { "additionalProperties": false, "properties": { - "ManifestName": { - "markdownDescription": "A short string that's appended to the end of the endpoint URL to create a unique path to this packaging configuration.", - "title": "ManifestName", + "CatalogId": { + "markdownDescription": "The identifier for the Data Catalog . By default, it is the account ID of the caller.", + "title": "CatalogId", "type": "string" }, - "StreamSelection": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.StreamSelection", - "markdownDescription": "Video bitrate limitations for outputs from this packaging configuration.", - "title": "StreamSelection" - } - }, - "type": "object" - }, - "AWS::MediaPackage::PackagingConfiguration.MssPackage": { - "additionalProperties": false, - "properties": { - "Encryption": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.MssEncryption", - "markdownDescription": "Parameters for encrypting content.", - "title": "Encryption" + "DatabaseName": { + "markdownDescription": "The name of the database for the table. Unique to a Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.", + "title": "DatabaseName", + "type": "string" }, - "MssManifests": { - "items": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.MssManifest" - }, - "markdownDescription": "A list of Microsoft Smooth manifest configurations that are available from this endpoint.", - "title": "MssManifests", - "type": "array" + "Name": { + "markdownDescription": "The name of the table.", + "title": "Name", + "type": "string" }, - "SegmentDurationSeconds": { - "markdownDescription": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source fragment duration.", - "title": "SegmentDurationSeconds", - "type": "number" + "TableWildcard": { + "markdownDescription": "A wildcard object representing every table under a database.This is an object with no properties that effectively behaves as a true or false depending on whether not it is passed as a parameter. The valid inputs for a property with this type in either yaml or json is null or {}.\n\nAt least one of `TableResource$Name` or `TableResource$TableWildcard` is required.", + "title": "TableWildcard", + "type": "object" } }, "required": [ - "MssManifests" + "CatalogId", + "DatabaseName" ], "type": "object" }, - "AWS::MediaPackage::PackagingConfiguration.SpekeKeyProvider": { + "AWS::LakeFormation::TagAssociation.TableWithColumnsResource": { "additionalProperties": false, "properties": { - "EncryptionContractConfiguration": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.EncryptionContractConfiguration", - "markdownDescription": "Use `encryptionContractConfiguration` to configure one or more content encryption keys for your endpoints that use SPEKE Version 2.0. The encryption contract defines which content keys are used to encrypt the audio and video tracks in your stream. To configure the encryption contract, specify which audio and video encryption presets to use.", - "title": "EncryptionContractConfiguration" - }, - "RoleArn": { - "markdownDescription": "The ARN for the IAM role that's granted by the key provider to provide access to the key provider API. Valid format: arn:aws:iam::{accountID}:role/{name}", - "title": "RoleArn", + "CatalogId": { + "markdownDescription": "A wildcard object representing every table under a database.\n\nAt least one of TableResource$Name or TableResource$TableWildcard is required.", + "title": "CatalogId", "type": "string" }, - "SystemIds": { + "ColumnNames": { "items": { "type": "string" }, - "markdownDescription": "List of unique identifiers for the DRM systems to use, as defined in the CPIX specification.", - "title": "SystemIds", + "markdownDescription": "The list of column names for the table. At least one of `ColumnNames` or `ColumnWildcard` is required.", + "title": "ColumnNames", "type": "array" }, - "Url": { - "markdownDescription": "URL for the key provider's key retrieval API endpoint. Must start with https://.", - "title": "Url", + "DatabaseName": { + "markdownDescription": "The name of the database for the table with columns resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.", + "title": "DatabaseName", "type": "string" - } - }, - "required": [ - "RoleArn", - "SystemIds", - "Url" - ], - "type": "object" - }, - "AWS::MediaPackage::PackagingConfiguration.StreamSelection": { - "additionalProperties": false, - "properties": { - "MaxVideoBitsPerSecond": { - "markdownDescription": "The upper limit of the bitrates that this endpoint serves. If the video track exceeds this threshold, then AWS Elemental MediaPackage excludes it from output. If you don't specify a value, it defaults to 2147483647 bits per second.", - "title": "MaxVideoBitsPerSecond", - "type": "number" - }, - "MinVideoBitsPerSecond": { - "markdownDescription": "The lower limit of the bitrates that this endpoint serves. If the video track is below this threshold, then AWS Elemental MediaPackage excludes it from output. If you don't specify a value, it defaults to 0 bits per second.", - "title": "MinVideoBitsPerSecond", - "type": "number" }, - "StreamOrder": { - "markdownDescription": "Order in which the different video bitrates are presented to the player.\n\nValid values: `ORIGINAL` , `VIDEO_BITRATE_ASCENDING` , `VIDEO_BITRATE_DESCENDING` .", - "title": "StreamOrder", + "Name": { + "markdownDescription": "The name of the table resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.", + "title": "Name", "type": "string" } }, + "required": [ + "CatalogId", + "ColumnNames", + "DatabaseName", + "Name" + ], "type": "object" }, - "AWS::MediaPackage::PackagingGroup": { + "AWS::Lambda::Alias": { "additionalProperties": false, "properties": { "Condition": { @@ -163295,38 +168610,47 @@ "Properties": { "additionalProperties": false, "properties": { - "Authorization": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingGroup.Authorization", - "markdownDescription": "Parameters for CDN authorization.", - "title": "Authorization" + "Description": { + "markdownDescription": "A description of the alias.", + "title": "Description", + "type": "string" }, - "EgressAccessLogs": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingGroup.LogConfiguration", - "markdownDescription": "The configuration parameters for egress access logging.", - "title": "EgressAccessLogs" + "FunctionName": { + "markdownDescription": "The name or ARN of the Lambda function.\n\n**Name formats** - *Function name* - `MyFunction` .\n- *Function ARN* - `arn:aws:lambda:us-west-2:123456789012:function:MyFunction` .\n- *Partial ARN* - `123456789012:function:MyFunction` .\n\nThe length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length.", + "title": "FunctionName", + "type": "string" }, - "Id": { - "markdownDescription": "Unique identifier that you assign to the packaging group.", - "title": "Id", + "FunctionVersion": { + "markdownDescription": "The function version that the alias invokes.", + "title": "FunctionVersion", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to assign to the packaging group.", - "title": "Tags", - "type": "array" + "Name": { + "markdownDescription": "The name of the alias.", + "title": "Name", + "type": "string" + }, + "ProvisionedConcurrencyConfig": { + "$ref": "#/definitions/AWS::Lambda::Alias.ProvisionedConcurrencyConfiguration", + "markdownDescription": "Specifies a [provisioned concurrency](https://docs.aws.amazon.com/lambda/latest/dg/configuration-concurrency.html) configuration for a function's alias.", + "title": "ProvisionedConcurrencyConfig" + }, + "RoutingConfig": { + "$ref": "#/definitions/AWS::Lambda::Alias.AliasRoutingConfiguration", + "markdownDescription": "The [routing configuration](https://docs.aws.amazon.com/lambda/latest/dg/lambda-traffic-shifting-using-aliases.html) of the alias.", + "title": "RoutingConfig" } }, "required": [ - "Id" + "FunctionName", + "FunctionVersion", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaPackage::PackagingGroup" + "AWS::Lambda::Alias" ], "type": "string" }, @@ -163345,38 +168669,55 @@ ], "type": "object" }, - "AWS::MediaPackage::PackagingGroup.Authorization": { + "AWS::Lambda::Alias.AliasRoutingConfiguration": { "additionalProperties": false, "properties": { - "CdnIdentifierSecret": { - "markdownDescription": "The Amazon Resource Name (ARN) for the secret in AWS Secrets Manager that is used for CDN authorization.", - "title": "CdnIdentifierSecret", - "type": "string" - }, - "SecretsRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the IAM role that allows AWS Elemental MediaPackage to communicate with AWS Secrets Manager .", - "title": "SecretsRoleArn", - "type": "string" + "AdditionalVersionWeights": { + "items": { + "$ref": "#/definitions/AWS::Lambda::Alias.VersionWeight" + }, + "markdownDescription": "The second version, and the percentage of traffic that's routed to it.", + "title": "AdditionalVersionWeights", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Lambda::Alias.ProvisionedConcurrencyConfiguration": { + "additionalProperties": false, + "properties": { + "ProvisionedConcurrentExecutions": { + "markdownDescription": "The amount of provisioned concurrency to allocate for the alias.", + "title": "ProvisionedConcurrentExecutions", + "type": "number" } }, "required": [ - "CdnIdentifierSecret", - "SecretsRoleArn" + "ProvisionedConcurrentExecutions" ], "type": "object" }, - "AWS::MediaPackage::PackagingGroup.LogConfiguration": { + "AWS::Lambda::Alias.VersionWeight": { "additionalProperties": false, "properties": { - "LogGroupName": { - "markdownDescription": "Sets a custom Amazon CloudWatch log group name for egress logs. If a log group name isn't specified, the default name is used: /aws/MediaPackage/EgressAccessLogs.", - "title": "LogGroupName", + "FunctionVersion": { + "markdownDescription": "The qualifier of the second version.", + "title": "FunctionVersion", "type": "string" + }, + "FunctionWeight": { + "markdownDescription": "The percentage of traffic that the alias routes to the second version.", + "title": "FunctionWeight", + "type": "number" } }, + "required": [ + "FunctionVersion", + "FunctionWeight" + ], "type": "object" }, - "AWS::MediaPackageV2::Channel": { + "AWS::Lambda::CodeSigningConfig": { "additionalProperties": false, "properties": { "Condition": { @@ -163411,18 +168752,18 @@ "Properties": { "additionalProperties": false, "properties": { - "ChannelGroupName": { - "markdownDescription": "The name of the channel group associated with the channel configuration.", - "title": "ChannelGroupName", - "type": "string" + "AllowedPublishers": { + "$ref": "#/definitions/AWS::Lambda::CodeSigningConfig.AllowedPublishers", + "markdownDescription": "List of allowed publishers.", + "title": "AllowedPublishers" }, - "ChannelName": { - "markdownDescription": "The name of the channel.", - "title": "ChannelName", - "type": "string" + "CodeSigningPolicies": { + "$ref": "#/definitions/AWS::Lambda::CodeSigningConfig.CodeSigningPolicies", + "markdownDescription": "The code signing policy controls the validation failure action for signature mismatch or expiry.", + "title": "CodeSigningPolicies" }, "Description": { - "markdownDescription": "The description of the channel.", + "markdownDescription": "Code signing configuration description.", "title": "Description", "type": "string" }, @@ -163430,20 +168771,19 @@ "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags associated with the channel.", + "markdownDescription": "A list of tags to add to the code signing configuration.\n\n> You must have the `lambda:TagResource` , `lambda:UntagResource` , and `lambda:ListTags` permissions for your [IAM principal](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html) to manage the AWS CloudFormation stack. If you don't have these permissions, there might be unexpected behavior with stack-level tags propagating to the resource during resource creation and update.", "title": "Tags", "type": "array" } }, "required": [ - "ChannelGroupName", - "ChannelName" + "AllowedPublishers" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaPackageV2::Channel" + "AWS::Lambda::CodeSigningConfig" ], "type": "string" }, @@ -163462,23 +168802,38 @@ ], "type": "object" }, - "AWS::MediaPackageV2::Channel.IngestEndpoint": { + "AWS::Lambda::CodeSigningConfig.AllowedPublishers": { "additionalProperties": false, "properties": { - "Id": { - "markdownDescription": "The identifier associated with the ingest endpoint of the channel.", - "title": "Id", - "type": "string" - }, - "Url": { - "markdownDescription": "The URL associated with the ingest endpoint of the channel.", - "title": "Url", + "SigningProfileVersionArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Name (ARN) for each of the signing profiles. A signing profile defines a trusted user who can sign a code package.", + "title": "SigningProfileVersionArns", + "type": "array" + } + }, + "required": [ + "SigningProfileVersionArns" + ], + "type": "object" + }, + "AWS::Lambda::CodeSigningConfig.CodeSigningPolicies": { + "additionalProperties": false, + "properties": { + "UntrustedArtifactOnDeployment": { + "markdownDescription": "Code signing configuration policy for deployment validation failure. If you set the policy to `Enforce` , Lambda blocks the deployment request if signature validation checks fail. If you set the policy to `Warn` , Lambda allows the deployment and creates a CloudWatch log.\n\nDefault value: `Warn`", + "title": "UntrustedArtifactOnDeployment", "type": "string" } }, + "required": [ + "UntrustedArtifactOnDeployment" + ], "type": "object" }, - "AWS::MediaPackageV2::ChannelGroup": { + "AWS::Lambda::EventInvokeConfig": { "additionalProperties": false, "properties": { "Condition": { @@ -163513,33 +168868,41 @@ "Properties": { "additionalProperties": false, "properties": { - "ChannelGroupName": { - "markdownDescription": "The name of the channel group.", - "title": "ChannelGroupName", - "type": "string" + "DestinationConfig": { + "$ref": "#/definitions/AWS::Lambda::EventInvokeConfig.DestinationConfig", + "markdownDescription": "A destination for events after they have been sent to a function for processing.\n\n**Destinations** - *Function* - The Amazon Resource Name (ARN) of a Lambda function.\n- *Queue* - The ARN of a standard SQS queue.\n- *Bucket* - The ARN of an Amazon S3 bucket.\n- *Topic* - The ARN of a standard SNS topic.\n- *Event Bus* - The ARN of an Amazon EventBridge event bus.\n\n> S3 buckets are supported only for on-failure destinations. To retain records of successful invocations, use another destination type.", + "title": "DestinationConfig" }, - "Description": { - "markdownDescription": "The configuration for a MediaPackage V2 channel group.", - "title": "Description", + "FunctionName": { + "markdownDescription": "The name of the Lambda function.\n\n*Minimum* : `1`\n\n*Maximum* : `64`\n\n*Pattern* : `([a-zA-Z0-9-_]+)`", + "title": "FunctionName", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags associated with the channel group.", - "title": "Tags", - "type": "array" + "MaximumEventAgeInSeconds": { + "markdownDescription": "The maximum age of a request that Lambda sends to a function for processing.", + "title": "MaximumEventAgeInSeconds", + "type": "number" + }, + "MaximumRetryAttempts": { + "markdownDescription": "The maximum number of times to retry when the function returns an error.", + "title": "MaximumRetryAttempts", + "type": "number" + }, + "Qualifier": { + "markdownDescription": "The identifier of a version or alias.\n\n- *Version* - A version number.\n- *Alias* - An alias name.\n- *Latest* - To specify the unpublished version, use `$LATEST` .", + "title": "Qualifier", + "type": "string" } }, "required": [ - "ChannelGroupName" + "FunctionName", + "Qualifier" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaPackageV2::ChannelGroup" + "AWS::Lambda::EventInvokeConfig" ], "type": "string" }, @@ -163558,29 +168921,73 @@ ], "type": "object" }, - "AWS::MediaPackageV2::ChannelPolicy": { + "AWS::Lambda::EventInvokeConfig.DestinationConfig": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "OnFailure": { + "$ref": "#/definitions/AWS::Lambda::EventInvokeConfig.OnFailure", + "markdownDescription": "The destination configuration for failed invocations.\n\n> When using an Amazon SQS queue as a destination, FIFO queues cannot be used.", + "title": "OnFailure" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", + "OnSuccess": { + "$ref": "#/definitions/AWS::Lambda::EventInvokeConfig.OnSuccess", + "markdownDescription": "The destination configuration for successful invocations.\n\n> When using an Amazon SQS queue as a destination, FIFO queues cannot be used.", + "title": "OnSuccess" + } + }, + "type": "object" + }, + "AWS::Lambda::EventInvokeConfig.OnFailure": { + "additionalProperties": false, + "properties": { + "Destination": { + "markdownDescription": "The Amazon Resource Name (ARN) of the destination resource.\n\nTo retain records of unsuccessful [asynchronous invocations](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-async-destinations) , you can configure an Amazon SNS topic, Amazon SQS queue, Amazon S3 bucket, Lambda function, or Amazon EventBridge event bus as the destination.\n\nTo retain records of failed invocations from [Kinesis](https://docs.aws.amazon.com/lambda/latest/dg/with-kinesis.html) , [DynamoDB](https://docs.aws.amazon.com/lambda/latest/dg/with-ddb.html) , [self-managed Kafka](https://docs.aws.amazon.com/lambda/latest/dg/with-kafka.html#services-smaa-onfailure-destination) or [Amazon MSK](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#services-msk-onfailure-destination) , you can configure an Amazon SNS topic, Amazon SQS queue, or Amazon S3 bucket as the destination.", + "title": "Destination", + "type": "string" + } + }, + "required": [ + "Destination" + ], + "type": "object" + }, + "AWS::Lambda::EventInvokeConfig.OnSuccess": { + "additionalProperties": false, + "properties": { + "Destination": { + "markdownDescription": "The Amazon Resource Name (ARN) of the destination resource.", + "title": "Destination", + "type": "string" + } + }, + "required": [ + "Destination" + ], + "type": "object" + }, + "AWS::Lambda::EventSourceMapping": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" @@ -163593,32 +169000,165 @@ "Properties": { "additionalProperties": false, "properties": { - "ChannelGroupName": { - "markdownDescription": "The name of the channel group associated with the channel policy.", - "title": "ChannelGroupName", + "AmazonManagedKafkaEventSourceConfig": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.AmazonManagedKafkaEventSourceConfig", + "markdownDescription": "Specific configuration settings for an Amazon Managed Streaming for Apache Kafka (Amazon MSK) event source.", + "title": "AmazonManagedKafkaEventSourceConfig" + }, + "BatchSize": { + "markdownDescription": "The maximum number of records in each batch that Lambda pulls from your stream or queue and sends to your function. Lambda passes all of the records in the batch to the function in a single call, up to the payload limit for synchronous invocation (6 MB).\n\n- *Amazon Kinesis* \u2013 Default 100. Max 10,000.\n- *Amazon DynamoDB Streams* \u2013 Default 100. Max 10,000.\n- *Amazon Simple Queue Service* \u2013 Default 10. For standard queues the max is 10,000. For FIFO queues the max is 10.\n- *Amazon Managed Streaming for Apache Kafka* \u2013 Default 100. Max 10,000.\n- *Self-managed Apache Kafka* \u2013 Default 100. Max 10,000.\n- *Amazon MQ (ActiveMQ and RabbitMQ)* \u2013 Default 100. Max 10,000.\n- *DocumentDB* \u2013 Default 100. Max 10,000.", + "title": "BatchSize", + "type": "number" + }, + "BisectBatchOnFunctionError": { + "markdownDescription": "(Kinesis and DynamoDB Streams only) If the function returns an error, split the batch in two and retry. The default value is false.\n\n> When using `BisectBatchOnFunctionError` , check the `BatchSize` parameter in the `OnFailure` destination message's metadata. The `BatchSize` could be greater than 1 since Lambda consolidates failed messages metadata when writing to the `OnFailure` destination.", + "title": "BisectBatchOnFunctionError", + "type": "boolean" + }, + "DestinationConfig": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.DestinationConfig", + "markdownDescription": "(Kinesis, DynamoDB Streams, Amazon MSK, and self-managed Apache Kafka event sources only) A configuration object that specifies the destination of an event after Lambda processes it.", + "title": "DestinationConfig" + }, + "DocumentDBEventSourceConfig": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.DocumentDBEventSourceConfig", + "markdownDescription": "Specific configuration settings for a DocumentDB event source.", + "title": "DocumentDBEventSourceConfig" + }, + "Enabled": { + "markdownDescription": "When true, the event source mapping is active. When false, Lambda pauses polling and invocation.\n\nDefault: True", + "title": "Enabled", + "type": "boolean" + }, + "EventSourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the event source.\n\n- *Amazon Kinesis* \u2013 The ARN of the data stream or a stream consumer.\n- *Amazon DynamoDB Streams* \u2013 The ARN of the stream.\n- *Amazon Simple Queue Service* \u2013 The ARN of the queue.\n- *Amazon Managed Streaming for Apache Kafka* \u2013 The ARN of the cluster or the ARN of the VPC connection (for [cross-account event source mappings](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#msk-multi-vpc) ).\n- *Amazon MQ* \u2013 The ARN of the broker.\n- *Amazon DocumentDB* \u2013 The ARN of the DocumentDB change stream.", + "title": "EventSourceArn", "type": "string" }, - "ChannelName": { - "markdownDescription": "The name of the channel associated with the channel policy.", - "title": "ChannelName", + "FilterCriteria": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.FilterCriteria", + "markdownDescription": "An object that defines the filter criteria that determine whether Lambda should process an event. For more information, see [Lambda event filtering](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html) .", + "title": "FilterCriteria" + }, + "FunctionName": { + "markdownDescription": "The name or ARN of the Lambda function.\n\n**Name formats** - *Function name* \u2013 `MyFunction` .\n- *Function ARN* \u2013 `arn:aws:lambda:us-west-2:123456789012:function:MyFunction` .\n- *Version or Alias ARN* \u2013 `arn:aws:lambda:us-west-2:123456789012:function:MyFunction:PROD` .\n- *Partial ARN* \u2013 `123456789012:function:MyFunction` .\n\nThe length constraint applies only to the full ARN. If you specify only the function name, it's limited to 64 characters in length.", + "title": "FunctionName", "type": "string" }, - "Policy": { - "markdownDescription": "The policy associated with the channel.", - "title": "Policy", - "type": "object" + "FunctionResponseTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "(Kinesis, DynamoDB Streams, and SQS) A list of current response type enums applied to the event source mapping.\n\nValid Values: `ReportBatchItemFailures`", + "title": "FunctionResponseTypes", + "type": "array" + }, + "KmsKeyArn": { + "markdownDescription": "The ARN of the AWS Key Management Service ( AWS KMS ) customer managed key that Lambda uses to encrypt your function's [filter criteria](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html#filtering-basics) .", + "title": "KmsKeyArn", + "type": "string" + }, + "MaximumBatchingWindowInSeconds": { + "markdownDescription": "The maximum amount of time, in seconds, that Lambda spends gathering records before invoking the function.\n\n*Default ( Kinesis , DynamoDB , Amazon SQS event sources)* : 0\n\n*Default ( Amazon MSK , Kafka, Amazon MQ , Amazon DocumentDB event sources)* : 500 ms\n\n*Related setting:* For Amazon SQS event sources, when you set `BatchSize` to a value greater than 10, you must set `MaximumBatchingWindowInSeconds` to at least 1.", + "title": "MaximumBatchingWindowInSeconds", + "type": "number" + }, + "MaximumRecordAgeInSeconds": { + "markdownDescription": "(Kinesis and DynamoDB Streams only) Discard records older than the specified age. The default value is -1,\nwhich sets the maximum age to infinite. When the value is set to infinite, Lambda never discards old records.\n\n> The minimum valid value for maximum record age is 60s. Although values less than 60 and greater than -1 fall within the parameter's absolute range, they are not allowed", + "title": "MaximumRecordAgeInSeconds", + "type": "number" + }, + "MaximumRetryAttempts": { + "markdownDescription": "(Kinesis and DynamoDB Streams only) Discard records after the specified number of retries. The default value is -1,\nwhich sets the maximum number of retries to infinite. When MaximumRetryAttempts is infinite, Lambda retries failed records until the record expires in the event source.", + "title": "MaximumRetryAttempts", + "type": "number" + }, + "MetricsConfig": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.MetricsConfig", + "markdownDescription": "The metrics configuration for your event source. For more information, see [Event source mapping metrics](https://docs.aws.amazon.com/lambda/latest/dg/monitoring-metrics-types.html#event-source-mapping-metrics) .", + "title": "MetricsConfig" + }, + "ParallelizationFactor": { + "markdownDescription": "(Kinesis and DynamoDB Streams only) The number of batches to process concurrently from each shard. The default value is 1.", + "title": "ParallelizationFactor", + "type": "number" + }, + "ProvisionedPollerConfig": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.ProvisionedPollerConfig", + "markdownDescription": "(Amazon MSK and self-managed Apache Kafka only) The provisioned mode configuration for the event source. For more information, see [provisioned mode](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventsourcemapping.html#invocation-eventsourcemapping-provisioned-mode) .", + "title": "ProvisionedPollerConfig" + }, + "Queues": { + "items": { + "type": "string" + }, + "markdownDescription": "(Amazon MQ) The name of the Amazon MQ broker destination queue to consume.", + "title": "Queues", + "type": "array" + }, + "ScalingConfig": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.ScalingConfig", + "markdownDescription": "(Amazon SQS only) The scaling configuration for the event source. For more information, see [Configuring maximum concurrency for Amazon SQS event sources](https://docs.aws.amazon.com/lambda/latest/dg/with-sqs.html#events-sqs-max-concurrency) .", + "title": "ScalingConfig" + }, + "SelfManagedEventSource": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.SelfManagedEventSource", + "markdownDescription": "The self-managed Apache Kafka cluster for your event source.", + "title": "SelfManagedEventSource" + }, + "SelfManagedKafkaEventSourceConfig": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.SelfManagedKafkaEventSourceConfig", + "markdownDescription": "Specific configuration settings for a self-managed Apache Kafka event source.", + "title": "SelfManagedKafkaEventSourceConfig" + }, + "SourceAccessConfigurations": { + "items": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.SourceAccessConfiguration" + }, + "markdownDescription": "An array of the authentication protocol, VPC components, or virtual host to secure and define your event source.", + "title": "SourceAccessConfigurations", + "type": "array" + }, + "StartingPosition": { + "markdownDescription": "The position in a stream from which to start reading. Required for Amazon Kinesis and Amazon DynamoDB.\n\n- *LATEST* - Read only new records.\n- *TRIM_HORIZON* - Process all available records.\n- *AT_TIMESTAMP* - Specify a time from which to start reading records.", + "title": "StartingPosition", + "type": "string" + }, + "StartingPositionTimestamp": { + "markdownDescription": "With `StartingPosition` set to `AT_TIMESTAMP` , the time from which to start reading, in Unix time seconds. `StartingPositionTimestamp` cannot be in the future.", + "title": "StartingPositionTimestamp", + "type": "number" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags to add to the event source mapping.\n\n> You must have the `lambda:TagResource` , `lambda:UntagResource` , and `lambda:ListTags` permissions for your [IAM principal](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html) to manage the AWS CloudFormation stack. If you don't have these permissions, there might be unexpected behavior with stack-level tags propagating to the resource during resource creation and update.", + "title": "Tags", + "type": "array" + }, + "Topics": { + "items": { + "type": "string" + }, + "markdownDescription": "The name of the Kafka topic.", + "title": "Topics", + "type": "array" + }, + "TumblingWindowInSeconds": { + "markdownDescription": "(Kinesis and DynamoDB Streams only) The duration in seconds of a processing window for DynamoDB and Kinesis Streams event sources. A value of 0 seconds indicates no tumbling window.", + "title": "TumblingWindowInSeconds", + "type": "number" } }, "required": [ - "ChannelGroupName", - "ChannelName", - "Policy" + "FunctionName" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaPackageV2::ChannelPolicy" + "AWS::Lambda::EventSourceMapping" ], "type": "string" }, @@ -163637,12 +169177,260 @@ ], "type": "object" }, - "AWS::MediaPackageV2::OriginEndpoint": { + "AWS::Lambda::EventSourceMapping.AmazonManagedKafkaEventSourceConfig": { + "additionalProperties": false, + "properties": { + "ConsumerGroupId": { + "markdownDescription": "The identifier for the Kafka consumer group to join. The consumer group ID must be unique among all your Kafka event sources. After creating a Kafka event source mapping with the consumer group ID specified, you cannot update this value. For more information, see [Customizable consumer group ID](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#services-msk-consumer-group-id) .", + "title": "ConsumerGroupId", + "type": "string" + }, + "SchemaRegistryConfig": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.SchemaRegistryConfig", + "markdownDescription": "Specific configuration settings for a Kafka schema registry.", + "title": "SchemaRegistryConfig" + } + }, + "type": "object" + }, + "AWS::Lambda::EventSourceMapping.DestinationConfig": { + "additionalProperties": false, + "properties": { + "OnFailure": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.OnFailure", + "markdownDescription": "The destination configuration for failed invocations.", + "title": "OnFailure" + } + }, + "type": "object" + }, + "AWS::Lambda::EventSourceMapping.DocumentDBEventSourceConfig": { + "additionalProperties": false, + "properties": { + "CollectionName": { + "markdownDescription": "The name of the collection to consume within the database. If you do not specify a collection, Lambda consumes all collections.", + "title": "CollectionName", + "type": "string" + }, + "DatabaseName": { + "markdownDescription": "The name of the database to consume within the DocumentDB cluster.", + "title": "DatabaseName", + "type": "string" + }, + "FullDocument": { + "markdownDescription": "Determines what DocumentDB sends to your event stream during document update operations. If set to UpdateLookup, DocumentDB sends a delta describing the changes, along with a copy of the entire document. Otherwise, DocumentDB sends only a partial document that contains the changes.", + "title": "FullDocument", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Lambda::EventSourceMapping.Endpoints": { + "additionalProperties": false, + "properties": { + "KafkaBootstrapServers": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of bootstrap servers for your Kafka brokers in the following format: `\"KafkaBootstrapServers\": [\"abc.xyz.com:xxxx\",\"abc2.xyz.com:xxxx\"]` .", + "title": "KafkaBootstrapServers", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Lambda::EventSourceMapping.Filter": { + "additionalProperties": false, + "properties": { + "Pattern": { + "markdownDescription": "A filter pattern. For more information on the syntax of a filter pattern, see [Filter rule syntax](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html#filtering-syntax) .", + "title": "Pattern", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Lambda::EventSourceMapping.FilterCriteria": { + "additionalProperties": false, + "properties": { + "Filters": { + "items": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.Filter" + }, + "markdownDescription": "A list of filters.", + "title": "Filters", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Lambda::EventSourceMapping.MetricsConfig": { + "additionalProperties": false, + "properties": { + "Metrics": { + "items": { + "type": "string" + }, + "markdownDescription": "The metrics you want your event source mapping to produce. Include `EventCount` to receive event source mapping metrics related to the number of events processed by your event source mapping. For more information about these metrics, see [Event source mapping metrics](https://docs.aws.amazon.com/lambda/latest/dg/monitoring-metrics-types.html#event-source-mapping-metrics) .", + "title": "Metrics", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Lambda::EventSourceMapping.OnFailure": { + "additionalProperties": false, + "properties": { + "Destination": { + "markdownDescription": "The Amazon Resource Name (ARN) of the destination resource.\n\nTo retain records of unsuccessful [asynchronous invocations](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-async-destinations) , you can configure an Amazon SNS topic, Amazon SQS queue, Amazon S3 bucket, Lambda function, or Amazon EventBridge event bus as the destination.\n\nTo retain records of failed invocations from [Kinesis](https://docs.aws.amazon.com/lambda/latest/dg/with-kinesis.html) , [DynamoDB](https://docs.aws.amazon.com/lambda/latest/dg/with-ddb.html) , [self-managed Kafka](https://docs.aws.amazon.com/lambda/latest/dg/with-kafka.html#services-smaa-onfailure-destination) or [Amazon MSK](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#services-msk-onfailure-destination) , you can configure an Amazon SNS topic, Amazon SQS queue, or Amazon S3 bucket as the destination.", + "title": "Destination", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Lambda::EventSourceMapping.ProvisionedPollerConfig": { + "additionalProperties": false, + "properties": { + "MaximumPollers": { + "markdownDescription": "The maximum number of event pollers this event source can scale up to.", + "title": "MaximumPollers", + "type": "number" + }, + "MinimumPollers": { + "markdownDescription": "The minimum number of event pollers this event source can scale down to.", + "title": "MinimumPollers", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Lambda::EventSourceMapping.ScalingConfig": { + "additionalProperties": false, + "properties": { + "MaximumConcurrency": { + "markdownDescription": "Limits the number of concurrent instances that the Amazon SQS event source can invoke.", + "title": "MaximumConcurrency", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Lambda::EventSourceMapping.SchemaRegistryAccessConfig": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "The type of authentication Lambda uses to access your schema registry.", + "title": "Type", + "type": "string" + }, + "URI": { + "markdownDescription": "The URI of the secret (Secrets Manager secret ARN) to authenticate with your schema registry.", + "title": "URI", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Lambda::EventSourceMapping.SchemaRegistryConfig": { + "additionalProperties": false, + "properties": { + "AccessConfigs": { + "items": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.SchemaRegistryAccessConfig" + }, + "markdownDescription": "An array of access configuration objects that tell Lambda how to authenticate with your schema registry.", + "title": "AccessConfigs", + "type": "array" + }, + "EventRecordFormat": { + "markdownDescription": "The record format that Lambda delivers to your function after schema validation.\n\n- Choose `JSON` to have Lambda deliver the record to your function as a standard JSON object.\n- Choose `SOURCE` to have Lambda deliver the record to your function in its original source format. Lambda removes all schema metadata, such as the schema ID, before sending the record to your function.", + "title": "EventRecordFormat", + "type": "string" + }, + "SchemaRegistryURI": { + "markdownDescription": "The URI for your schema registry. The correct URI format depends on the type of schema registry you're using.\n\n- For AWS Glue schema registries, use the ARN of the registry.\n- For Confluent schema registries, use the URL of the registry.", + "title": "SchemaRegistryURI", + "type": "string" + }, + "SchemaValidationConfigs": { + "items": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.SchemaValidationConfig" + }, + "markdownDescription": "An array of schema validation configuration objects, which tell Lambda the message attributes you want to validate and filter using your schema registry.", + "title": "SchemaValidationConfigs", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Lambda::EventSourceMapping.SchemaValidationConfig": { + "additionalProperties": false, + "properties": { + "Attribute": { + "markdownDescription": "The attributes you want your schema registry to validate and filter for. If you selected `JSON` as the `EventRecordFormat` , Lambda also deserializes the selected message attributes.", + "title": "Attribute", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Lambda::EventSourceMapping.SelfManagedEventSource": { + "additionalProperties": false, + "properties": { + "Endpoints": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.Endpoints", + "markdownDescription": "The list of bootstrap servers for your Kafka brokers in the following format: `\"KafkaBootstrapServers\": [\"abc.xyz.com:xxxx\",\"abc2.xyz.com:xxxx\"]` .", + "title": "Endpoints" + } + }, + "type": "object" + }, + "AWS::Lambda::EventSourceMapping.SelfManagedKafkaEventSourceConfig": { + "additionalProperties": false, + "properties": { + "ConsumerGroupId": { + "markdownDescription": "The identifier for the Kafka consumer group to join. The consumer group ID must be unique among all your Kafka event sources. After creating a Kafka event source mapping with the consumer group ID specified, you cannot update this value. For more information, see [Customizable consumer group ID](https://docs.aws.amazon.com/lambda/latest/dg/with-kafka-process.html#services-smaa-topic-add) .", + "title": "ConsumerGroupId", + "type": "string" + }, + "SchemaRegistryConfig": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.SchemaRegistryConfig", + "markdownDescription": "Specific configuration settings for a Kafka schema registry.", + "title": "SchemaRegistryConfig" + } + }, + "type": "object" + }, + "AWS::Lambda::EventSourceMapping.SourceAccessConfiguration": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "The type of authentication protocol, VPC components, or virtual host for your event source. For example: `\"Type\":\"SASL_SCRAM_512_AUTH\"` .\n\n- `BASIC_AUTH` \u2013 (Amazon MQ) The AWS Secrets Manager secret that stores your broker credentials.\n- `BASIC_AUTH` \u2013 (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL/PLAIN authentication of your Apache Kafka brokers.\n- `VPC_SUBNET` \u2013 (Self-managed Apache Kafka) The subnets associated with your VPC. Lambda connects to these subnets to fetch data from your self-managed Apache Kafka cluster.\n- `VPC_SECURITY_GROUP` \u2013 (Self-managed Apache Kafka) The VPC security group used to manage access to your self-managed Apache Kafka brokers.\n- `SASL_SCRAM_256_AUTH` \u2013 (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-256 authentication of your self-managed Apache Kafka brokers.\n- `SASL_SCRAM_512_AUTH` \u2013 (Amazon MSK, Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-512 authentication of your self-managed Apache Kafka brokers.\n- `VIRTUAL_HOST` \u2013- (RabbitMQ) The name of the virtual host in your RabbitMQ broker. Lambda uses this RabbitMQ host as the event source. This property cannot be specified in an UpdateEventSourceMapping API call.\n- `CLIENT_CERTIFICATE_TLS_AUTH` \u2013 (Amazon MSK, self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the certificate chain (X.509 PEM), private key (PKCS#8 PEM), and private key password (optional) used for mutual TLS authentication of your MSK/Apache Kafka brokers.\n- `SERVER_ROOT_CA_CERTIFICATE` \u2013 (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the root CA certificate (X.509 PEM) used for TLS encryption of your Apache Kafka brokers.", + "title": "Type", + "type": "string" + }, + "URI": { + "markdownDescription": "The value for your chosen configuration in `Type` . For example: `\"URI\": \"arn:aws:secretsmanager:us-east-1:01234567890:secret:MyBrokerSecretName\"` .", + "title": "URI", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Lambda::Function": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, + "Connectors": { + "additionalProperties": { + "$ref": "#/definitions/EmbeddedConnector" + }, + "title": "Connectors", + "type": "object" + }, "DeletionPolicy": { "enum": [ "Delete", @@ -163672,76 +169460,158 @@ "Properties": { "additionalProperties": false, "properties": { - "ChannelGroupName": { - "markdownDescription": "The name of the channel group associated with the origin endpoint configuration.", - "title": "ChannelGroupName", - "type": "string" + "Architectures": { + "items": { + "type": "string" + }, + "markdownDescription": "The instruction set architecture that the function supports. Enter a string array with one of the valid values (arm64 or x86_64). The default value is `x86_64` .", + "title": "Architectures", + "type": "array" }, - "ChannelName": { - "markdownDescription": "The channel name associated with the origin endpoint.", - "title": "ChannelName", - "type": "string" + "Code": { + "$ref": "#/definitions/AWS::Lambda::Function.Code", + "markdownDescription": "The code for the function. You can define your function code in multiple ways:\n\n- For .zip deployment packages, you can specify the Amazon S3 location of the .zip file in the `S3Bucket` , `S3Key` , and `S3ObjectVersion` properties.\n- For .zip deployment packages, you can alternatively define the function code inline in the `ZipFile` property. This method works only for Node.js and Python functions.\n- For container images, specify the URI of your container image in the Amazon ECR registry in the `ImageUri` property.", + "title": "Code" }, - "ContainerType": { - "markdownDescription": "The container type associated with the origin endpoint configuration.", - "title": "ContainerType", + "CodeSigningConfigArn": { + "markdownDescription": "To enable code signing for this function, specify the ARN of a code-signing configuration. A code-signing configuration\nincludes a set of signing profiles, which define the trusted publishers for this function.", + "title": "CodeSigningConfigArn", "type": "string" }, + "DeadLetterConfig": { + "$ref": "#/definitions/AWS::Lambda::Function.DeadLetterConfig", + "markdownDescription": "A dead-letter queue configuration that specifies the queue or topic where Lambda sends asynchronous events when they fail processing. For more information, see [Dead-letter queues](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-dlq) .", + "title": "DeadLetterConfig" + }, "Description": { - "markdownDescription": "The description associated with the origin endpoint.", + "markdownDescription": "A description of the function.", "title": "Description", "type": "string" }, - "HlsManifests": { + "Environment": { + "$ref": "#/definitions/AWS::Lambda::Function.Environment", + "markdownDescription": "Environment variables that are accessible from function code during execution.", + "title": "Environment" + }, + "EphemeralStorage": { + "$ref": "#/definitions/AWS::Lambda::Function.EphemeralStorage", + "markdownDescription": "The size of the function's `/tmp` directory in MB. The default value is 512, but it can be any whole number between 512 and 10,240 MB.", + "title": "EphemeralStorage" + }, + "FileSystemConfigs": { "items": { - "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.HlsManifestConfiguration" + "$ref": "#/definitions/AWS::Lambda::Function.FileSystemConfig" }, - "markdownDescription": "The HLS manifests associated with the origin endpoint configuration.", - "title": "HlsManifests", + "markdownDescription": "Connection settings for an Amazon EFS file system. To connect a function to a file system, a mount target must be available in every Availability Zone that your function connects to. If your template contains an [AWS::EFS::MountTarget](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-efs-mounttarget.html) resource, you must also specify a `DependsOn` attribute to ensure that the mount target is created or updated before the function.\n\nFor more information about using the `DependsOn` attribute, see [DependsOn Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) .", + "title": "FileSystemConfigs", "type": "array" }, - "LowLatencyHlsManifests": { + "FunctionName": { + "markdownDescription": "The name of the Lambda function, up to 64 characters in length. If you don't specify a name, AWS CloudFormation generates one.\n\nIf you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "FunctionName", + "type": "string" + }, + "Handler": { + "markdownDescription": "The name of the method within your code that Lambda calls to run your function. Handler is required if the deployment package is a .zip file archive. The format includes the file name. It can also include namespaces and other qualifiers, depending on the runtime. For more information, see [Lambda programming model](https://docs.aws.amazon.com/lambda/latest/dg/foundation-progmodel.html) .", + "title": "Handler", + "type": "string" + }, + "ImageConfig": { + "$ref": "#/definitions/AWS::Lambda::Function.ImageConfig", + "markdownDescription": "Configuration values that override the container image Dockerfile settings. For more information, see [Container image settings](https://docs.aws.amazon.com/lambda/latest/dg/images-create.html#images-parms) .", + "title": "ImageConfig" + }, + "KmsKeyArn": { + "markdownDescription": "The ARN of the AWS Key Management Service ( AWS KMS ) customer managed key that's used to encrypt the following resources:\n\n- The function's [environment variables](https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html#configuration-envvars-encryption) .\n- The function's [Lambda SnapStart](https://docs.aws.amazon.com/lambda/latest/dg/snapstart-security.html) snapshots.\n- When used with `SourceKMSKeyArn` , the unzipped version of the .zip deployment package that's used for function invocations. For more information, see [Specifying a customer managed key for Lambda](https://docs.aws.amazon.com/lambda/latest/dg/encrypt-zip-package.html#enable-zip-custom-encryption) .\n- The optimized version of the container image that's used for function invocations. Note that this is not the same key that's used to protect your container image in the Amazon Elastic Container Registry (Amazon ECR). For more information, see [Function lifecycle](https://docs.aws.amazon.com/lambda/latest/dg/images-create.html#images-lifecycle) .\n\nIf you don't provide a customer managed key, Lambda uses an [AWS owned key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-owned-cmk) or an [AWS managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk) .", + "title": "KmsKeyArn", + "type": "string" + }, + "Layers": { "items": { - "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.LowLatencyHlsManifestConfiguration" + "type": "string" }, - "markdownDescription": "The low-latency HLS (LL-HLS) manifests associated with the origin endpoint.", - "title": "LowLatencyHlsManifests", + "markdownDescription": "A list of [function layers](https://docs.aws.amazon.com/lambda/latest/dg/configuration-layers.html) to add to the function's execution environment. Specify each layer by its ARN, including the version.", + "title": "Layers", "type": "array" }, - "OriginEndpointName": { - "markdownDescription": "The name of the origin endpoint associated with the origin endpoint configuration.", - "title": "OriginEndpointName", + "LoggingConfig": { + "$ref": "#/definitions/AWS::Lambda::Function.LoggingConfig", + "markdownDescription": "The function's Amazon CloudWatch Logs configuration settings.", + "title": "LoggingConfig" + }, + "MemorySize": { + "markdownDescription": "The amount of [memory available to the function](https://docs.aws.amazon.com/lambda/latest/dg/configuration-function-common.html#configuration-memory-console) at runtime. Increasing the function memory also increases its CPU allocation. The default value is 128 MB. The value can be any multiple of 1 MB. Note that new AWS accounts have reduced concurrency and memory quotas. AWS raises these quotas automatically based on your usage. You can also request a quota increase.", + "title": "MemorySize", + "type": "number" + }, + "PackageType": { + "markdownDescription": "The type of deployment package. Set to `Image` for container image and set `Zip` for .zip file archive.", + "title": "PackageType", "type": "string" }, - "Segment": { - "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.Segment", - "markdownDescription": "The segment associated with the origin endpoint.", - "title": "Segment" + "RecursiveLoop": { + "markdownDescription": "The status of your function's recursive loop detection configuration.\n\nWhen this value is set to `Allow` and Lambda detects your function being invoked as part of a recursive loop, it doesn't take any action.\n\nWhen this value is set to `Terminate` and Lambda detects your function being invoked as part of a recursive loop, it stops your function being invoked and notifies you.", + "title": "RecursiveLoop", + "type": "string" }, - "StartoverWindowSeconds": { - "markdownDescription": "The size of the window (in seconds) to specify a window of the live stream that's available for on-demand viewing. Viewers can start-over or catch-up on content that falls within the window.", - "title": "StartoverWindowSeconds", + "ReservedConcurrentExecutions": { + "markdownDescription": "The number of simultaneous executions to reserve for the function.", + "title": "ReservedConcurrentExecutions", "type": "number" }, + "Role": { + "markdownDescription": "The Amazon Resource Name (ARN) of the function's execution role.", + "title": "Role", + "type": "string" + }, + "Runtime": { + "markdownDescription": "The identifier of the function's [runtime](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html) . Runtime is required if the deployment package is a .zip file archive. Specifying a runtime results in an error if you're deploying a function using a container image.\n\nThe following list includes deprecated runtimes. Lambda blocks creating new functions and updating existing functions shortly after each runtime is deprecated. For more information, see [Runtime use after deprecation](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html#runtime-deprecation-levels) .\n\nFor a list of all currently supported runtimes, see [Supported runtimes](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html#runtimes-supported) .", + "title": "Runtime", + "type": "string" + }, + "RuntimeManagementConfig": { + "$ref": "#/definitions/AWS::Lambda::Function.RuntimeManagementConfig", + "markdownDescription": "Sets the runtime management configuration for a function's version. For more information, see [Runtime updates](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html) .", + "title": "RuntimeManagementConfig" + }, + "SnapStart": { + "$ref": "#/definitions/AWS::Lambda::Function.SnapStart", + "markdownDescription": "The function's [AWS Lambda SnapStart](https://docs.aws.amazon.com/lambda/latest/dg/snapstart.html) setting.", + "title": "SnapStart" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags associated with the origin endpoint.", + "markdownDescription": "A list of [tags](https://docs.aws.amazon.com/lambda/latest/dg/tagging.html) to apply to the function.\n\n> You must have the `lambda:TagResource` , `lambda:UntagResource` , and `lambda:ListTags` permissions for your [IAM principal](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html) to manage the AWS CloudFormation stack. If you don't have these permissions, there might be unexpected behavior with stack-level tags propagating to the resource during resource creation and update.", "title": "Tags", "type": "array" + }, + "Timeout": { + "markdownDescription": "The amount of time (in seconds) that Lambda allows a function to run before stopping it. The default is 3 seconds. The maximum allowed value is 900 seconds. For more information, see [Lambda execution environment](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-context.html) .", + "title": "Timeout", + "type": "number" + }, + "TracingConfig": { + "$ref": "#/definitions/AWS::Lambda::Function.TracingConfig", + "markdownDescription": "Set `Mode` to `Active` to sample and trace a subset of incoming requests with [X-Ray](https://docs.aws.amazon.com/lambda/latest/dg/services-xray.html) .", + "title": "TracingConfig" + }, + "VpcConfig": { + "$ref": "#/definitions/AWS::Lambda::Function.VpcConfig", + "markdownDescription": "For network connectivity to AWS resources in a VPC, specify a list of security groups and subnets in the VPC. When you connect a function to a VPC, it can access resources and the internet only through that VPC. For more information, see [Configuring a Lambda function to access resources in a VPC](https://docs.aws.amazon.com/lambda/latest/dg/configuration-vpc.html) .", + "title": "VpcConfig" } }, "required": [ - "ChannelGroupName", - "ChannelName", - "OriginEndpointName" + "Code", + "Role" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaPackageV2::OriginEndpoint" + "AWS::Lambda::Function" ], "type": "string" }, @@ -163760,294 +169630,245 @@ ], "type": "object" }, - "AWS::MediaPackageV2::OriginEndpoint.Encryption": { + "AWS::Lambda::Function.Code": { "additionalProperties": false, "properties": { - "ConstantInitializationVector": { - "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, used in conjunction with the key for encrypting content. If you don't specify a value, then MediaPackage creates the constant initialization vector (IV).", - "title": "ConstantInitializationVector", + "ImageUri": { + "markdownDescription": "URI of a [container image](https://docs.aws.amazon.com/lambda/latest/dg/lambda-images.html) in the Amazon ECR registry.", + "title": "ImageUri", "type": "string" }, - "EncryptionMethod": { - "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.EncryptionMethod", - "markdownDescription": "The encryption method to use.", - "title": "EncryptionMethod" + "S3Bucket": { + "markdownDescription": "An Amazon S3 bucket in the same AWS Region as your function. The bucket can be in a different AWS account .", + "title": "S3Bucket", + "type": "string" }, - "KeyRotationIntervalSeconds": { - "markdownDescription": "The interval, in seconds, to rotate encryption keys for the origin endpoint.", - "title": "KeyRotationIntervalSeconds", - "type": "number" + "S3Key": { + "markdownDescription": "The Amazon S3 key of the deployment package.", + "title": "S3Key", + "type": "string" }, - "SpekeKeyProvider": { - "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.SpekeKeyProvider", - "markdownDescription": "The SPEKE key provider to use for encryption.", - "title": "SpekeKeyProvider" + "S3ObjectVersion": { + "markdownDescription": "For versioned objects, the version of the deployment package object to use.", + "title": "S3ObjectVersion", + "type": "string" + }, + "SourceKMSKeyArn": { + "markdownDescription": "The ARN of the AWS Key Management Service ( AWS KMS ) customer managed key that's used to encrypt your function's .zip deployment package. If you don't provide a customer managed key, Lambda uses an [AWS owned key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-owned-cmk) .", + "title": "SourceKMSKeyArn", + "type": "string" + }, + "ZipFile": { + "markdownDescription": "(Node.js and Python) The source code of your Lambda function. If you include your function source inline with this parameter, AWS CloudFormation places it in a file named `index` and zips it to create a [deployment package](https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-package.html) . This zip file cannot exceed 4MB. For the `Handler` property, the first part of the handler identifier must be `index` . For example, `index.handler` .\n\n> When you specify source code inline for a Node.js function, the `index` file that AWS CloudFormation creates uses the extension `.js` . This means that Lambda treats the file as a CommonJS module. ES modules aren't supported for inline functions. \n\nFor JSON, you must escape quotes and special characters such as newline ( `\\n` ) with a backslash.\n\nIf you specify a function that interacts with an AWS CloudFormation custom resource, you don't have to write your own functions to send responses to the custom resource that invoked the function. AWS CloudFormation provides a response module ( [cfn-response](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cfn-lambda-function-code-cfnresponsemodule.html) ) that simplifies sending responses. See [Using AWS Lambda with AWS CloudFormation](https://docs.aws.amazon.com/lambda/latest/dg/services-cloudformation.html) for details.", + "title": "ZipFile", + "type": "string" } }, - "required": [ - "EncryptionMethod", - "SpekeKeyProvider" - ], "type": "object" }, - "AWS::MediaPackageV2::OriginEndpoint.EncryptionContractConfiguration": { + "AWS::Lambda::Function.DeadLetterConfig": { "additionalProperties": false, "properties": { - "PresetSpeke20Audio": { - "markdownDescription": "A collection of audio encryption presets.\n\nValue description:\n\n- `PRESET-AUDIO-1` - Use one content key to encrypt all of the audio tracks in your stream.\n- `PRESET-AUDIO-2` - Use one content key to encrypt all of the stereo audio tracks and one content key to encrypt all of the multichannel audio tracks.\n- `PRESET-AUDIO-3` - Use one content key to encrypt all of the stereo audio tracks, one content key to encrypt all of the multichannel audio tracks with 3 to 6 channels, and one content key to encrypt all of the multichannel audio tracks with more than 6 channels.\n- `SHARED` - Use the same content key for all of the audio and video tracks in your stream.\n- `UNENCRYPTED` - Don't encrypt any of the audio tracks in your stream.", - "title": "PresetSpeke20Audio", - "type": "string" - }, - "PresetSpeke20Video": { - "markdownDescription": "The SPEKE Version 2.0 preset video associated with the encryption contract configuration of the origin endpoint.\n\nA collection of video encryption presets.\n\nValue description:\n\n- `PRESET-VIDEO-1` - Use one content key to encrypt all of the video tracks in your stream.\n- `PRESET-VIDEO-2` - Use one content key to encrypt all of the SD video tracks and one content key for all HD and higher resolutions video tracks.\n- `PRESET-VIDEO-3` - Use one content key to encrypt all of the SD video tracks, one content key for HD video tracks and one content key for all UHD video tracks.\n- `PRESET-VIDEO-4` - Use one content key to encrypt all of the SD video tracks, one content key for HD video tracks, one content key for all UHD1 video tracks and one content key for all UHD2 video tracks.\n- `PRESET-VIDEO-5` - Use one content key to encrypt all of the SD video tracks, one content key for HD1 video tracks, one content key for HD2 video tracks, one content key for all UHD1 video tracks and one content key for all UHD2 video tracks.\n- `PRESET-VIDEO-6` - Use one content key to encrypt all of the SD video tracks, one content key for HD1 video tracks, one content key for HD2 video tracks and one content key for all UHD video tracks.\n- `PRESET-VIDEO-7` - Use one content key to encrypt all of the SD+HD1 video tracks, one content key for HD2 video tracks and one content key for all UHD video tracks.\n- `PRESET-VIDEO-8` - Use one content key to encrypt all of the SD+HD1 video tracks, one content key for HD2 video tracks, one content key for all UHD1 video tracks and one content key for all UHD2 video tracks.\n- `SHARED` - Use the same content key for all of the video and audio tracks in your stream.\n- `UNENCRYPTED` - Don't encrypt any of the video tracks in your stream.", - "title": "PresetSpeke20Video", + "TargetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an Amazon SQS queue or Amazon SNS topic.", + "title": "TargetArn", "type": "string" } }, + "type": "object" + }, + "AWS::Lambda::Function.Environment": { + "additionalProperties": false, + "properties": { + "Variables": { + "additionalProperties": true, + "markdownDescription": "Environment variable key-value pairs. For more information, see [Using Lambda environment variables](https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html) .\n\nIf the value of the environment variable is a time or a duration, enclose the value in quotes.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Variables", + "type": "object" + } + }, + "type": "object" + }, + "AWS::Lambda::Function.EphemeralStorage": { + "additionalProperties": false, + "properties": { + "Size": { + "markdownDescription": "The size of the function's `/tmp` directory.", + "title": "Size", + "type": "number" + } + }, "required": [ - "PresetSpeke20Audio", - "PresetSpeke20Video" + "Size" ], "type": "object" }, - "AWS::MediaPackageV2::OriginEndpoint.EncryptionMethod": { + "AWS::Lambda::Function.FileSystemConfig": { "additionalProperties": false, "properties": { - "CmafEncryptionMethod": { - "markdownDescription": "The encryption method to use.", - "title": "CmafEncryptionMethod", + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon EFS access point that provides access to the file system.", + "title": "Arn", "type": "string" }, - "TsEncryptionMethod": { - "markdownDescription": "The encryption method to use.", - "title": "TsEncryptionMethod", + "LocalMountPath": { + "markdownDescription": "The path where the function can access the file system, starting with `/mnt/` .", + "title": "LocalMountPath", "type": "string" } }, + "required": [ + "Arn", + "LocalMountPath" + ], "type": "object" }, - "AWS::MediaPackageV2::OriginEndpoint.FilterConfiguration": { + "AWS::Lambda::Function.ImageConfig": { "additionalProperties": false, "properties": { - "End": { - "markdownDescription": "Optionally specify the end time for all of your manifest egress requests. When you include end time, note that you cannot use end time query parameters for this manifest's endpoint URL.", - "title": "End", - "type": "string" + "Command": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies parameters that you want to pass in with ENTRYPOINT. You can specify a maximum of 1,500 parameters in the list.", + "title": "Command", + "type": "array" }, - "ManifestFilter": { - "markdownDescription": "Optionally specify one or more manifest filters for all of your manifest egress requests. When you include a manifest filter, note that you cannot use an identical manifest filter query parameter for this manifest's endpoint URL.", - "title": "ManifestFilter", - "type": "string" + "EntryPoint": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the entry point to their application, which is typically the location of the runtime executable. You can specify a maximum of 1,500 string entries in the list.", + "title": "EntryPoint", + "type": "array" }, - "Start": { - "markdownDescription": "Optionally specify the start time for all of your manifest egress requests. When you include start time, note that you cannot use start time query parameters for this manifest's endpoint URL.", - "title": "Start", + "WorkingDirectory": { + "markdownDescription": "Specifies the working directory. The length of the directory string cannot exceed 1,000 characters.", + "title": "WorkingDirectory", "type": "string" - }, - "TimeDelaySeconds": { - "markdownDescription": "Optionally specify the time delay for all of your manifest egress requests. Enter a value that is smaller than your endpoint's startover window. When you include time delay, note that you cannot use time delay query parameters for this manifest's endpoint URL.", - "title": "TimeDelaySeconds", - "type": "number" } }, "type": "object" }, - "AWS::MediaPackageV2::OriginEndpoint.HlsManifestConfiguration": { + "AWS::Lambda::Function.LoggingConfig": { "additionalProperties": false, "properties": { - "ChildManifestName": { - "markdownDescription": "The name of the child manifest associated with the HLS manifest configuration.", - "title": "ChildManifestName", + "ApplicationLogLevel": { + "markdownDescription": "Set this property to filter the application logs for your function that Lambda sends to CloudWatch. Lambda only sends application logs at the selected level of detail and lower, where `TRACE` is the highest level and `FATAL` is the lowest.", + "title": "ApplicationLogLevel", "type": "string" }, - "FilterConfiguration": { - "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.FilterConfiguration", - "markdownDescription": "", - "title": "FilterConfiguration" - }, - "ManifestName": { - "markdownDescription": "The name of the manifest associated with the HLS manifest configuration.", - "title": "ManifestName", + "LogFormat": { + "markdownDescription": "The format in which Lambda sends your function's application and system logs to CloudWatch. Select between plain text and structured JSON.", + "title": "LogFormat", "type": "string" }, - "ManifestWindowSeconds": { - "markdownDescription": "The duration of the manifest window, in seconds, for the HLS manifest configuration.", - "title": "ManifestWindowSeconds", - "type": "number" - }, - "ProgramDateTimeIntervalSeconds": { - "markdownDescription": "The `EXT-X-PROGRAM-DATE-TIME` interval, in seconds, associated with the HLS manifest configuration.", - "title": "ProgramDateTimeIntervalSeconds", - "type": "number" - }, - "ScteHls": { - "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.ScteHls", - "markdownDescription": "THE SCTE-35 HLS configuration associated with the HLS manifest configuration.", - "title": "ScteHls" + "LogGroup": { + "markdownDescription": "The name of the Amazon CloudWatch log group the function sends logs to. By default, Lambda functions send logs to a default log group named `/aws/lambda/` . To use a different log group, enter an existing log group or enter a new log group name.", + "title": "LogGroup", + "type": "string" }, - "Url": { - "markdownDescription": "The URL of the HLS manifest configuration.", - "title": "Url", + "SystemLogLevel": { + "markdownDescription": "Set this property to filter the system logs for your function that Lambda sends to CloudWatch. Lambda only sends system logs at the selected level of detail and lower, where `DEBUG` is the highest level and `WARN` is the lowest.", + "title": "SystemLogLevel", "type": "string" } }, - "required": [ - "ManifestName" - ], "type": "object" }, - "AWS::MediaPackageV2::OriginEndpoint.LowLatencyHlsManifestConfiguration": { + "AWS::Lambda::Function.RuntimeManagementConfig": { "additionalProperties": false, "properties": { - "ChildManifestName": { - "markdownDescription": "The name of the child manifest associated with the low-latency HLS (LL-HLS) manifest configuration of the origin endpoint.", - "title": "ChildManifestName", - "type": "string" - }, - "FilterConfiguration": { - "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.FilterConfiguration", - "markdownDescription": "", - "title": "FilterConfiguration" - }, - "ManifestName": { - "markdownDescription": "A short string that's appended to the endpoint URL. The manifest name creates a unique path to this endpoint. If you don't enter a value, MediaPackage uses the default manifest name, `index` . MediaPackage automatically inserts the format extension, such as `.m3u8` . You can't use the same manifest name if you use HLS manifest and low-latency HLS manifest. The `manifestName` on the `HLSManifest` object overrides the `manifestName` you provided on the `originEndpoint` object.", - "title": "ManifestName", + "RuntimeVersionArn": { + "markdownDescription": "The ARN of the runtime version you want the function to use.\n\n> This is only required if you're using the *Manual* runtime update mode.", + "title": "RuntimeVersionArn", "type": "string" }, - "ManifestWindowSeconds": { - "markdownDescription": "The total duration (in seconds) of the manifest's content.", - "title": "ManifestWindowSeconds", - "type": "number" - }, - "ProgramDateTimeIntervalSeconds": { - "markdownDescription": "Inserts `EXT-X-PROGRAM-DATE-TIME` tags in the output manifest at the interval that you specify. If you don't enter an interval, `EXT-X-PROGRAM-DATE-TIME` tags aren't included in the manifest. The tags sync the stream to the wall clock so that viewers can seek to a specific time in the playback timeline on the player.\n\nIrrespective of this parameter, if any `ID3Timed` metadata is in the HLS input, MediaPackage passes through that metadata to the HLS output.", - "title": "ProgramDateTimeIntervalSeconds", - "type": "number" - }, - "ScteHls": { - "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.ScteHls", - "markdownDescription": "The SCTE-35 HLS configuration associated with the low-latency HLS (LL-HLS) manifest configuration of the origin endpoint.", - "title": "ScteHls" - }, - "Url": { - "markdownDescription": "The URL of the low-latency HLS (LL-HLS) manifest configuration of the origin endpoint.", - "title": "Url", + "UpdateRuntimeOn": { + "markdownDescription": "Specify the runtime update mode.\n\n- *Auto (default)* - Automatically update to the most recent and secure runtime version using a [Two-phase runtime version rollout](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html#runtime-management-two-phase) . This is the best choice for most customers to ensure they always benefit from runtime updates.\n- *FunctionUpdate* - Lambda updates the runtime of you function to the most recent and secure runtime version when you update your function. This approach synchronizes runtime updates with function deployments, giving you control over when runtime updates are applied and allowing you to detect and mitigate rare runtime update incompatibilities early. When using this setting, you need to regularly update your functions to keep their runtime up-to-date.\n- *Manual* - You specify a runtime version in your function configuration. The function will use this runtime version indefinitely. In the rare case where a new runtime version is incompatible with an existing function, this allows you to roll back your function to an earlier runtime version. For more information, see [Roll back a runtime version](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html#runtime-management-rollback) .\n\n*Valid Values* : `Auto` | `FunctionUpdate` | `Manual`", + "title": "UpdateRuntimeOn", "type": "string" } }, "required": [ - "ManifestName" + "UpdateRuntimeOn" ], "type": "object" }, - "AWS::MediaPackageV2::OriginEndpoint.Scte": { + "AWS::Lambda::Function.SnapStart": { "additionalProperties": false, "properties": { - "ScteFilter": { - "items": { - "type": "string" - }, - "markdownDescription": "The filter associated with the SCTE-35 configuration.", - "title": "ScteFilter", - "type": "array" + "ApplyOn": { + "markdownDescription": "Set `ApplyOn` to `PublishedVersions` to create a snapshot of the initialized execution environment when you publish a function version.", + "title": "ApplyOn", + "type": "string" } }, + "required": [ + "ApplyOn" + ], "type": "object" }, - "AWS::MediaPackageV2::OriginEndpoint.ScteHls": { + "AWS::Lambda::Function.SnapStartResponse": { "additionalProperties": false, "properties": { - "AdMarkerHls": { - "markdownDescription": "The SCTE-35 HLS ad-marker configuration.", - "title": "AdMarkerHls", + "ApplyOn": { + "markdownDescription": "When set to `PublishedVersions` , Lambda creates a snapshot of the execution environment when you publish a function version.", + "title": "ApplyOn", + "type": "string" + }, + "OptimizationStatus": { + "markdownDescription": "When you provide a [qualified Amazon Resource Name (ARN)](https://docs.aws.amazon.com/lambda/latest/dg/configuration-versions.html#versioning-versions-using) , this response element indicates whether SnapStart is activated for the specified function version.", + "title": "OptimizationStatus", "type": "string" } }, "type": "object" }, - "AWS::MediaPackageV2::OriginEndpoint.Segment": { + "AWS::Lambda::Function.TracingConfig": { "additionalProperties": false, "properties": { - "Encryption": { - "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.Encryption", - "markdownDescription": "Whether to use encryption for the segment.", - "title": "Encryption" - }, - "IncludeIframeOnlyStreams": { - "markdownDescription": "Whether the segment includes I-frame-only streams.", - "title": "IncludeIframeOnlyStreams", - "type": "boolean" - }, - "Scte": { - "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.Scte", - "markdownDescription": "The SCTE-35 configuration associated with the segment.", - "title": "Scte" - }, - "SegmentDurationSeconds": { - "markdownDescription": "The duration of the segment, in seconds.", - "title": "SegmentDurationSeconds", - "type": "number" - }, - "SegmentName": { - "markdownDescription": "The name of the segment associated with the origin endpoint.", - "title": "SegmentName", + "Mode": { + "markdownDescription": "The tracing mode.", + "title": "Mode", "type": "string" - }, - "TsIncludeDvbSubtitles": { - "markdownDescription": "Whether the segment includes DVB subtitles.", - "title": "TsIncludeDvbSubtitles", - "type": "boolean" - }, - "TsUseAudioRenditionGroup": { - "markdownDescription": "Whether the segment is an audio rendition group.", - "title": "TsUseAudioRenditionGroup", - "type": "boolean" } }, "type": "object" }, - "AWS::MediaPackageV2::OriginEndpoint.SpekeKeyProvider": { + "AWS::Lambda::Function.VpcConfig": { "additionalProperties": false, "properties": { - "DrmSystems": { + "Ipv6AllowedForDualStack": { + "markdownDescription": "Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.", + "title": "Ipv6AllowedForDualStack", + "type": "boolean" + }, + "SecurityGroupIds": { "items": { "type": "string" }, - "markdownDescription": "The DRM solution provider you're using to protect your content during distribution.", - "title": "DrmSystems", + "markdownDescription": "A list of VPC security group IDs.", + "title": "SecurityGroupIds", "type": "array" }, - "EncryptionContractConfiguration": { - "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.EncryptionContractConfiguration", - "markdownDescription": "The encryption contract configuration associated with the SPEKE key provider.", - "title": "EncryptionContractConfiguration" - }, - "ResourceId": { - "markdownDescription": "The unique identifier for the content. The service sends this identifier to the key server to identify the current endpoint. How unique you make this identifier depends on how fine-grained you want access controls to be. The service does not permit you to use the same ID for two simultaneous encryption processes. The resource ID is also known as the content ID.\n\nThe following example shows a resource ID: `MovieNight20171126093045`", - "title": "ResourceId", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN for the IAM role granted by the key provider that provides access to the key provider API. This role must have a trust policy that allows MediaPackage to assume the role, and it must have a sufficient permissions policy to allow access to the specific key retrieval URL. Get this from your DRM solution provider.\n\nValid format: `arn:aws:iam::{accountID}:role/{name}` . The following example shows a role ARN: `arn:aws:iam::444455556666:role/SpekeAccess`", - "title": "RoleArn", - "type": "string" - }, - "Url": { - "markdownDescription": "The URL of the SPEKE key provider.", - "title": "Url", - "type": "string" + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of VPC subnet IDs.", + "title": "SubnetIds", + "type": "array" } }, - "required": [ - "DrmSystems", - "EncryptionContractConfiguration", - "ResourceId", - "RoleArn", - "Url" - ], "type": "object" }, - "AWS::MediaPackageV2::OriginEndpointPolicy": { + "AWS::Lambda::LayerVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -164082,38 +169903,51 @@ "Properties": { "additionalProperties": false, "properties": { - "ChannelGroupName": { - "markdownDescription": "The name of the channel group associated with the origin endpoint policy.", - "title": "ChannelGroupName", - "type": "string" + "CompatibleArchitectures": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of compatible [instruction set architectures](https://docs.aws.amazon.com/lambda/latest/dg/foundation-arch.html) .", + "title": "CompatibleArchitectures", + "type": "array" }, - "ChannelName": { - "markdownDescription": "The channel name associated with the origin endpoint policy.", - "title": "ChannelName", + "CompatibleRuntimes": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of compatible [function runtimes](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html) . Used for filtering with [ListLayers](https://docs.aws.amazon.com/lambda/latest/dg/API_ListLayers.html) and [ListLayerVersions](https://docs.aws.amazon.com/lambda/latest/dg/API_ListLayerVersions.html) .", + "title": "CompatibleRuntimes", + "type": "array" + }, + "Content": { + "$ref": "#/definitions/AWS::Lambda::LayerVersion.Content", + "markdownDescription": "The function layer archive.", + "title": "Content" + }, + "Description": { + "markdownDescription": "The description of the version.", + "title": "Description", "type": "string" }, - "OriginEndpointName": { - "markdownDescription": "The name of the origin endpoint associated with the origin endpoint policy.", - "title": "OriginEndpointName", + "LayerName": { + "markdownDescription": "The name or Amazon Resource Name (ARN) of the layer.", + "title": "LayerName", "type": "string" }, - "Policy": { - "markdownDescription": "The policy associated with the origin endpoint.", - "title": "Policy", - "type": "object" + "LicenseInfo": { + "markdownDescription": "The layer's software license. It can be any of the following:\n\n- An [SPDX license identifier](https://docs.aws.amazon.com/https://spdx.org/licenses/) . For example, `MIT` .\n- The URL of a license hosted on the internet. For example, `https://opensource.org/licenses/MIT` .\n- The full text of the license.", + "title": "LicenseInfo", + "type": "string" } }, "required": [ - "ChannelGroupName", - "ChannelName", - "OriginEndpointName", - "Policy" + "Content" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaPackageV2::OriginEndpointPolicy" + "AWS::Lambda::LayerVersion" ], "type": "string" }, @@ -164132,7 +169966,32 @@ ], "type": "object" }, - "AWS::MediaStore::Container": { + "AWS::Lambda::LayerVersion.Content": { + "additionalProperties": false, + "properties": { + "S3Bucket": { + "markdownDescription": "The Amazon S3 bucket of the layer archive.", + "title": "S3Bucket", + "type": "string" + }, + "S3Key": { + "markdownDescription": "The Amazon S3 key of the layer archive.", + "title": "S3Key", + "type": "string" + }, + "S3ObjectVersion": { + "markdownDescription": "For versioned objects, the version of the layer archive object to use.", + "title": "S3ObjectVersion", + "type": "string" + } + }, + "required": [ + "S3Bucket", + "S3Key" + ], + "type": "object" + }, + "AWS::Lambda::LayerVersionPermission": { "additionalProperties": false, "properties": { "Condition": { @@ -164167,56 +170026,37 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessLoggingEnabled": { - "markdownDescription": "The state of access logging on the container. This value is `false` by default, indicating that AWS Elemental MediaStore does not send access logs to Amazon CloudWatch Logs. When you enable access logging on the container, MediaStore changes this value to `true` , indicating that the service delivers access logs for objects stored in that container to CloudWatch Logs.", - "title": "AccessLoggingEnabled", - "type": "boolean" - }, - "ContainerName": { - "markdownDescription": "The name for the container. The name must be from 1 to 255 characters. Container names must be unique to your AWS account within a specific region. As an example, you could create a container named `movies` in every region, as long as you don\u2019t have an existing container with that name.", - "title": "ContainerName", + "Action": { + "markdownDescription": "The API action that grants access to the layer. For example, `lambda:GetLayerVersion` .", + "title": "Action", "type": "string" }, - "CorsPolicy": { - "items": { - "$ref": "#/definitions/AWS::MediaStore::Container.CorsRule" - }, - "markdownDescription": "> End of support notice: On November 13, 2025, AWS will discontinue support for AWS Elemental MediaStore. After November 13, 2025, you will no longer be able to access the AWS Elemental MediaStore console or AWS Elemental MediaStore resources. For more information, visit this [blog post](https://docs.aws.amazon.com/media/support-for-aws-elemental-mediastore-ending-soon/) . \n\nSets the cross-origin resource sharing (CORS) configuration on a container so that the container can service cross-origin requests. For example, you might want to enable a request whose origin is http://www.example.com to access your AWS Elemental MediaStore container at my.example.container.com by using the browser's XMLHttpRequest capability.\n\nTo enable CORS on a container, you attach a CORS policy to the container. In the CORS policy, you configure rules that identify origins and the HTTP methods that can be executed on your container. The policy can contain up to 398,000 characters. You can add up to 100 rules to a CORS policy. If more than one rule applies, the service uses the first applicable rule listed.\n\nTo learn more about CORS, see [Cross-Origin Resource Sharing (CORS) in AWS Elemental MediaStore](https://docs.aws.amazon.com/mediastore/latest/ug/cors-policy.html) .", - "title": "CorsPolicy", - "type": "array" - }, - "LifecyclePolicy": { - "markdownDescription": "> End of support notice: On November 13, 2025, AWS will discontinue support for AWS Elemental MediaStore. After November 13, 2025, you will no longer be able to access the AWS Elemental MediaStore console or AWS Elemental MediaStore resources. For more information, visit this [blog post](https://docs.aws.amazon.com/media/support-for-aws-elemental-mediastore-ending-soon/) . \n\nWrites an object lifecycle policy to a container. If the container already has an object lifecycle policy, the service replaces the existing policy with the new policy. It takes up to 20 minutes for the change to take effect.\n\nFor information about how to construct an object lifecycle policy, see [Components of an Object Lifecycle Policy](https://docs.aws.amazon.com/mediastore/latest/ug/policies-object-lifecycle-components.html) .", - "title": "LifecyclePolicy", + "LayerVersionArn": { + "markdownDescription": "The name or Amazon Resource Name (ARN) of the layer.", + "title": "LayerVersionArn", "type": "string" }, - "MetricPolicy": { - "$ref": "#/definitions/AWS::MediaStore::Container.MetricPolicy", - "markdownDescription": "The metric policy that is associated with the container. A metric policy allows AWS Elemental MediaStore to send metrics to Amazon CloudWatch. In the policy, you must indicate whether you want MediaStore to send container-level metrics. You can also include rules to define groups of objects that you want MediaStore to send object-level metrics for.\n\nTo view examples of how to construct a metric policy for your use case, see [Example Metric Policies](https://docs.aws.amazon.com/mediastore/latest/ug/policies-metric-examples.html) .", - "title": "MetricPolicy" - }, - "Policy": { - "markdownDescription": "Creates an access policy for the specified container to restrict the users and clients that can access it. For information about the data that is included in an access policy, see the [AWS Identity and Access Management User Guide](https://docs.aws.amazon.com/iam/) .\n\nFor this release of the REST API, you can create only one policy for a container. If you enter `PutContainerPolicy` twice, the second command modifies the existing policy.", - "title": "Policy", + "OrganizationId": { + "markdownDescription": "With the principal set to `*` , grant permission to all accounts in the specified organization.", + "title": "OrganizationId", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "", - "title": "Tags", - "type": "array" + "Principal": { + "markdownDescription": "An account ID, or `*` to grant layer usage permission to all accounts in an organization, or all AWS accounts (if `organizationId` is not specified). For the last case, make sure that you really do want all AWS accounts to have usage permission to this layer.", + "title": "Principal", + "type": "string" } }, "required": [ - "ContainerName" + "Action", + "LayerVersionArn", + "Principal" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaStore::Container" + "AWS::Lambda::LayerVersionPermission" ], "type": "string" }, @@ -164235,92 +170075,111 @@ ], "type": "object" }, - "AWS::MediaStore::Container.CorsRule": { + "AWS::Lambda::Permission": { "additionalProperties": false, "properties": { - "AllowedHeaders": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies which headers are allowed in a preflight `OPTIONS` request through the `Access-Control-Request-Headers` header. Each header name that is specified in `Access-Control-Request-Headers` must have a corresponding entry in the rule. Only the headers that were requested are sent back.\n\nThis element can contain only one wildcard character (*).", - "title": "AllowedHeaders", - "type": "array" - }, - "AllowedMethods": { - "items": { - "type": "string" - }, - "markdownDescription": "Identifies an HTTP method that the origin that is specified in the rule is allowed to execute.\n\nEach CORS rule must contain at least one `AllowedMethods` and one `AllowedOrigins` element.", - "title": "AllowedMethods", - "type": "array" + "Condition": { + "type": "string" }, - "AllowedOrigins": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more response headers that you want users to be able to access from their applications (for example, from a JavaScript `XMLHttpRequest` object).\n\nEach CORS rule must have at least one `AllowedOrigins` element. The string value can include only one wildcard character (*), for example, http://*.example.com. Additionally, you can specify only one wildcard character to allow cross-origin access for all origins.", - "title": "AllowedOrigins", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ExposeHeaders": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more headers in the response that you want users to be able to access from their applications (for example, from a JavaScript `XMLHttpRequest` object).\n\nThis element is optional for each rule.", - "title": "ExposeHeaders", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "MaxAgeSeconds": { - "markdownDescription": "The time in seconds that your browser caches the preflight response for the specified resource.\n\nA CORS rule can have only one `MaxAgeSeconds` element.", - "title": "MaxAgeSeconds", - "type": "number" - } - }, - "type": "object" - }, - "AWS::MediaStore::Container.MetricPolicy": { - "additionalProperties": false, - "properties": { - "ContainerLevelMetrics": { - "markdownDescription": "A setting to enable or disable metrics at the container level.", - "title": "ContainerLevelMetrics", - "type": "string" + "Metadata": { + "type": "object" }, - "MetricPolicyRules": { - "items": { - "$ref": "#/definitions/AWS::MediaStore::Container.MetricPolicyRule" + "Properties": { + "additionalProperties": false, + "properties": { + "Action": { + "markdownDescription": "The action that the principal can use on the function. For example, `lambda:InvokeFunction` or `lambda:GetFunction` .", + "title": "Action", + "type": "string" + }, + "EventSourceToken": { + "markdownDescription": "For Alexa Smart Home functions, a token that the invoker must supply.", + "title": "EventSourceToken", + "type": "string" + }, + "FunctionName": { + "markdownDescription": "The name or ARN of the Lambda function, version, or alias.\n\n**Name formats** - *Function name* \u2013 `my-function` (name-only), `my-function:v1` (with alias).\n- *Function ARN* \u2013 `arn:aws:lambda:us-west-2:123456789012:function:my-function` .\n- *Partial ARN* \u2013 `123456789012:function:my-function` .\n\nYou can append a version number or alias to any of the formats. The length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length.", + "title": "FunctionName", + "type": "string" + }, + "FunctionUrlAuthType": { + "markdownDescription": "The type of authentication that your function URL uses. Set to `AWS_IAM` if you want to restrict access to authenticated users only. Set to `NONE` if you want to bypass IAM authentication to create a public endpoint. For more information, see [Security and auth model for Lambda function URLs](https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html) .", + "title": "FunctionUrlAuthType", + "type": "string" + }, + "Principal": { + "markdownDescription": "The AWS service , AWS account , IAM user, or IAM role that invokes the function. If you specify a service, use `SourceArn` or `SourceAccount` to limit who can invoke the function through that service.", + "title": "Principal", + "type": "string" + }, + "PrincipalOrgID": { + "markdownDescription": "The identifier for your organization in AWS Organizations . Use this to grant permissions to all the AWS accounts under this organization.", + "title": "PrincipalOrgID", + "type": "string" + }, + "SourceAccount": { + "markdownDescription": "For AWS service , the ID of the AWS account that owns the resource. Use this together with `SourceArn` to ensure that the specified account owns the resource. It is possible for an Amazon S3 bucket to be deleted by its owner and recreated by another account.", + "title": "SourceAccount", + "type": "string" + }, + "SourceArn": { + "markdownDescription": "For AWS services , the ARN of the AWS resource that invokes the function. For example, an Amazon S3 bucket or Amazon SNS topic.\n\nNote that Lambda configures the comparison using the `StringLike` operator.", + "title": "SourceArn", + "type": "string" + } }, - "markdownDescription": "A parameter that holds an array of rules that enable metrics at the object level. This parameter is optional, but if you choose to include it, you must also include at least one rule. By default, you can include up to five rules. You can also [request a quota increase](https://docs.aws.amazon.com/servicequotas/home?region=us-east-1#!/services/mediastore/quotas) to allow up to 300 rules per policy.", - "title": "MetricPolicyRules", - "type": "array" - } - }, - "required": [ - "ContainerLevelMetrics" - ], - "type": "object" - }, - "AWS::MediaStore::Container.MetricPolicyRule": { - "additionalProperties": false, - "properties": { - "ObjectGroup": { - "markdownDescription": "A path or file name that defines which objects to include in the group. Wildcards (*) are acceptable.", - "title": "ObjectGroup", + "required": [ + "Action", + "FunctionName", + "Principal" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Lambda::Permission" + ], "type": "string" }, - "ObjectGroupName": { - "markdownDescription": "A name that allows you to refer to the object group.", - "title": "ObjectGroupName", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ObjectGroup", - "ObjectGroupName" + "Type", + "Properties" ], "type": "object" }, - "AWS::MediaTailor::Channel": { + "AWS::Lambda::Url": { "additionalProperties": false, "properties": { "Condition": { @@ -164355,71 +170214,41 @@ "Properties": { "additionalProperties": false, "properties": { - "Audiences": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of audiences defined in channel.", - "title": "Audiences", - "type": "array" - }, - "ChannelName": { - "markdownDescription": "The name of the channel.", - "title": "ChannelName", + "AuthType": { + "markdownDescription": "The type of authentication that your function URL uses. Set to `AWS_IAM` if you want to restrict access to authenticated users only. Set to `NONE` if you want to bypass IAM authentication to create a public endpoint. For more information, see [Security and auth model for Lambda function URLs](https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html) .", + "title": "AuthType", "type": "string" }, - "FillerSlate": { - "$ref": "#/definitions/AWS::MediaTailor::Channel.SlateSource", - "markdownDescription": "The slate used to fill gaps between programs in the schedule. You must configure filler slate if your channel uses the `LINEAR` `PlaybackMode` . MediaTailor doesn't support filler slate for channels using the `LOOP` `PlaybackMode` .", - "title": "FillerSlate" - }, - "LogConfiguration": { - "$ref": "#/definitions/AWS::MediaTailor::Channel.LogConfigurationForChannel", - "markdownDescription": "The log configuration.", - "title": "LogConfiguration" - }, - "Outputs": { - "items": { - "$ref": "#/definitions/AWS::MediaTailor::Channel.RequestOutputItem" - }, - "markdownDescription": "The channel's output properties.", - "title": "Outputs", - "type": "array" + "Cors": { + "$ref": "#/definitions/AWS::Lambda::Url.Cors", + "markdownDescription": "The [Cross-Origin Resource Sharing (CORS)](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) settings for your function URL.", + "title": "Cors" }, - "PlaybackMode": { - "markdownDescription": "The type of playback mode for this channel.\n\n`LINEAR` - Programs play back-to-back only once.\n\n`LOOP` - Programs play back-to-back in an endless loop. When the last program in the schedule plays, playback loops back to the first program in the schedule.", - "title": "PlaybackMode", + "InvokeMode": { + "markdownDescription": "Use one of the following options:\n\n- `BUFFERED` \u2013 This is the default option. Lambda invokes your function using the `Invoke` API operation. Invocation results are available when the payload is complete. The maximum payload size is 6 MB.\n- `RESPONSE_STREAM` \u2013 Your function streams payload results as they become available. Lambda invokes your function using the `InvokeWithResponseStream` API operation. The maximum response payload size is 20 MB, however, you can [request a quota increase](https://docs.aws.amazon.com/servicequotas/latest/userguide/request-quota-increase.html) .", + "title": "InvokeMode", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to assign to the channel. Tags are key-value pairs that you can associate with Amazon resources to help with organization, access control, and cost tracking. For more information, see [Tagging AWS Elemental MediaTailor Resources](https://docs.aws.amazon.com/mediatailor/latest/ug/tagging.html) .", - "title": "Tags", - "type": "array" - }, - "Tier": { - "markdownDescription": "The tier for this channel. STANDARD tier channels can contain live programs.", - "title": "Tier", + "Qualifier": { + "markdownDescription": "The alias name.", + "title": "Qualifier", "type": "string" }, - "TimeShiftConfiguration": { - "$ref": "#/definitions/AWS::MediaTailor::Channel.TimeShiftConfiguration", - "markdownDescription": "The configuration for time-shifted viewing.", - "title": "TimeShiftConfiguration" + "TargetFunctionArn": { + "markdownDescription": "The name of the Lambda function.\n\n**Name formats** - *Function name* - `my-function` .\n- *Function ARN* - `lambda: : :function:my-function` .\n- *Partial ARN* - `:function:my-function` .\n\nThe length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length.", + "title": "TargetFunctionArn", + "type": "string" } }, "required": [ - "ChannelName", - "Outputs", - "PlaybackMode" + "AuthType", + "TargetFunctionArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaTailor::Channel" + "AWS::Lambda::Url" ], "type": "string" }, @@ -164438,126 +170267,55 @@ ], "type": "object" }, - "AWS::MediaTailor::Channel.DashPlaylistSettings": { + "AWS::Lambda::Url.Cors": { "additionalProperties": false, "properties": { - "ManifestWindowSeconds": { - "markdownDescription": "The total duration (in seconds) of each manifest. Minimum value: `30` seconds. Maximum value: `3600` seconds.", - "title": "ManifestWindowSeconds", - "type": "number" - }, - "MinBufferTimeSeconds": { - "markdownDescription": "Minimum amount of content (measured in seconds) that a player must keep available in the buffer. Minimum value: `2` seconds. Maximum value: `60` seconds.", - "title": "MinBufferTimeSeconds", - "type": "number" - }, - "MinUpdatePeriodSeconds": { - "markdownDescription": "Minimum amount of time (in seconds) that the player should wait before requesting updates to the manifest. Minimum value: `2` seconds. Maximum value: `60` seconds.", - "title": "MinUpdatePeriodSeconds", - "type": "number" + "AllowCredentials": { + "markdownDescription": "Whether you want to allow cookies or other credentials in requests to your function URL. The default is `false` .", + "title": "AllowCredentials", + "type": "boolean" }, - "SuggestedPresentationDelaySeconds": { - "markdownDescription": "Amount of time (in seconds) that the player should be from the live point at the end of the manifest. Minimum value: `2` seconds. Maximum value: `60` seconds.", - "title": "SuggestedPresentationDelaySeconds", - "type": "number" - } - }, - "type": "object" - }, - "AWS::MediaTailor::Channel.HlsPlaylistSettings": { - "additionalProperties": false, - "properties": { - "AdMarkupType": { + "AllowHeaders": { "items": { "type": "string" }, - "markdownDescription": "Determines the type of SCTE 35 tags to use in ad markup. Specify `DATERANGE` to use `DATERANGE` tags (for live or VOD content). Specify `SCTE35_ENHANCED` to use `EXT-X-CUE-OUT` and `EXT-X-CUE-IN` tags (for VOD content only).", - "title": "AdMarkupType", + "markdownDescription": "The HTTP headers that origins can include in requests to your function URL. For example: `Date` , `Keep-Alive` , `X-Custom-Header` .", + "title": "AllowHeaders", "type": "array" }, - "ManifestWindowSeconds": { - "markdownDescription": "The total duration (in seconds) of each manifest. Minimum value: `30` seconds. Maximum value: `3600` seconds.", - "title": "ManifestWindowSeconds", - "type": "number" - } - }, - "type": "object" - }, - "AWS::MediaTailor::Channel.LogConfigurationForChannel": { - "additionalProperties": false, - "properties": { - "LogTypes": { + "AllowMethods": { "items": { "type": "string" }, - "markdownDescription": "The log types.", - "title": "LogTypes", + "markdownDescription": "The HTTP methods that are allowed when calling your function URL. For example: `GET` , `POST` , `DELETE` , or the wildcard character ( `*` ).", + "title": "AllowMethods", "type": "array" - } - }, - "type": "object" - }, - "AWS::MediaTailor::Channel.RequestOutputItem": { - "additionalProperties": false, - "properties": { - "DashPlaylistSettings": { - "$ref": "#/definitions/AWS::MediaTailor::Channel.DashPlaylistSettings", - "markdownDescription": "DASH manifest configuration parameters.", - "title": "DashPlaylistSettings" - }, - "HlsPlaylistSettings": { - "$ref": "#/definitions/AWS::MediaTailor::Channel.HlsPlaylistSettings", - "markdownDescription": "HLS playlist configuration parameters.", - "title": "HlsPlaylistSettings" }, - "ManifestName": { - "markdownDescription": "The name of the manifest for the channel. The name appears in the `PlaybackUrl` .", - "title": "ManifestName", - "type": "string" + "AllowOrigins": { + "items": { + "type": "string" + }, + "markdownDescription": "The origins that can access your function URL. You can list any number of specific origins, separated by a comma. For example: `https://www.example.com` , `http://localhost:60905` .\n\nAlternatively, you can grant access to all origins with the wildcard character ( `*` ).", + "title": "AllowOrigins", + "type": "array" }, - "SourceGroup": { - "markdownDescription": "A string used to match which `HttpPackageConfiguration` is used for each `VodSource` .", - "title": "SourceGroup", - "type": "string" - } - }, - "required": [ - "ManifestName", - "SourceGroup" - ], - "type": "object" - }, - "AWS::MediaTailor::Channel.SlateSource": { - "additionalProperties": false, - "properties": { - "SourceLocationName": { - "markdownDescription": "The name of the source location where the slate VOD source is stored.", - "title": "SourceLocationName", - "type": "string" + "ExposeHeaders": { + "items": { + "type": "string" + }, + "markdownDescription": "The HTTP headers in your function response that you want to expose to origins that call your function URL. For example: `Date` , `Keep-Alive` , `X-Custom-Header` .", + "title": "ExposeHeaders", + "type": "array" }, - "VodSourceName": { - "markdownDescription": "The slate VOD source name. The VOD source must already exist in a source location before it can be used for slate.", - "title": "VodSourceName", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaTailor::Channel.TimeShiftConfiguration": { - "additionalProperties": false, - "properties": { - "MaxTimeDelaySeconds": { - "markdownDescription": "The maximum time delay for time-shifted viewing. The minimum allowed maximum time delay is 0 seconds, and the maximum allowed maximum time delay is 21600 seconds (6 hours).", - "title": "MaxTimeDelaySeconds", + "MaxAge": { + "markdownDescription": "The maximum amount of time, in seconds, that browsers can cache results of a preflight request. By default, this is set to `0` , which means the browser will not cache results.", + "title": "MaxAge", "type": "number" } }, - "required": [ - "MaxTimeDelaySeconds" - ], "type": "object" }, - "AWS::MediaTailor::ChannelPolicy": { + "AWS::Lambda::Version": { "additionalProperties": false, "properties": { "Condition": { @@ -164592,26 +170350,40 @@ "Properties": { "additionalProperties": false, "properties": { - "ChannelName": { - "markdownDescription": "The name of the channel associated with this Channel Policy.", - "title": "ChannelName", + "CodeSha256": { + "markdownDescription": "Only publish a version if the hash value matches the value that's specified. Use this option to avoid publishing a version if the function code has changed since you last updated it. Updates are not supported for this property.", + "title": "CodeSha256", "type": "string" }, - "Policy": { - "markdownDescription": "The IAM policy for the channel. IAM policies are used to control access to your channel.", - "title": "Policy", - "type": "object" + "Description": { + "markdownDescription": "A description for the version to override the description in the function configuration. Updates are not supported for this property.", + "title": "Description", + "type": "string" + }, + "FunctionName": { + "markdownDescription": "The name or ARN of the Lambda function.\n\n**Name formats** - *Function name* - `MyFunction` .\n- *Function ARN* - `arn:aws:lambda:us-west-2:123456789012:function:MyFunction` .\n- *Partial ARN* - `123456789012:function:MyFunction` .\n\nThe length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length.", + "title": "FunctionName", + "type": "string" + }, + "ProvisionedConcurrencyConfig": { + "$ref": "#/definitions/AWS::Lambda::Version.ProvisionedConcurrencyConfiguration", + "markdownDescription": "Specifies a provisioned concurrency configuration for a function's version. Updates are not supported for this property.", + "title": "ProvisionedConcurrencyConfig" + }, + "RuntimePolicy": { + "$ref": "#/definitions/AWS::Lambda::Version.RuntimePolicy", + "markdownDescription": "", + "title": "RuntimePolicy" } }, "required": [ - "ChannelName", - "Policy" + "FunctionName" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaTailor::ChannelPolicy" + "AWS::Lambda::Version" ], "type": "string" }, @@ -164630,7 +170402,40 @@ ], "type": "object" }, - "AWS::MediaTailor::LiveSource": { + "AWS::Lambda::Version.ProvisionedConcurrencyConfiguration": { + "additionalProperties": false, + "properties": { + "ProvisionedConcurrentExecutions": { + "markdownDescription": "The amount of provisioned concurrency to allocate for the version.", + "title": "ProvisionedConcurrentExecutions", + "type": "number" + } + }, + "required": [ + "ProvisionedConcurrentExecutions" + ], + "type": "object" + }, + "AWS::Lambda::Version.RuntimePolicy": { + "additionalProperties": false, + "properties": { + "RuntimeVersionArn": { + "markdownDescription": "The ARN of the runtime version you want the function to use.\n\n> This is only required if you're using the *Manual* runtime update mode.", + "title": "RuntimeVersionArn", + "type": "string" + }, + "UpdateRuntimeOn": { + "markdownDescription": "Specify the runtime update mode.\n\n- *Auto (default)* - Automatically update to the most recent and secure runtime version using a [Two-phase runtime version rollout](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html#runtime-management-two-phase) . This is the best choice for most customers to ensure they always benefit from runtime updates.\n- *FunctionUpdate* - Lambda updates the runtime of you function to the most recent and secure runtime version when you update your function. This approach synchronizes runtime updates with function deployments, giving you control over when runtime updates are applied and allowing you to detect and mitigate rare runtime update incompatibilities early. When using this setting, you need to regularly update your functions to keep their runtime up-to-date.\n- *Manual* - You specify a runtime version in your function configuration. The function will use this runtime version indefinitely. In the rare case where a new runtime version is incompatible with an existing function, this allows you to roll back your function to an earlier runtime version. For more information, see [Roll back a runtime version](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html#runtime-management-rollback) .\n\n*Valid Values* : `Auto` | `FunctionUpdate` | `Manual`", + "title": "UpdateRuntimeOn", + "type": "string" + } + }, + "required": [ + "UpdateRuntimeOn" + ], + "type": "object" + }, + "AWS::LaunchWizard::Deployment": { "additionalProperties": false, "properties": { "Condition": { @@ -164665,43 +170470,51 @@ "Properties": { "additionalProperties": false, "properties": { - "HttpPackageConfigurations": { - "items": { - "$ref": "#/definitions/AWS::MediaTailor::LiveSource.HttpPackageConfiguration" - }, - "markdownDescription": "The HTTP package configurations for the live source.", - "title": "HttpPackageConfigurations", - "type": "array" - }, - "LiveSourceName": { - "markdownDescription": "The name that's used to refer to a live source.", - "title": "LiveSourceName", + "DeploymentPatternName": { + "markdownDescription": "The name of the deployment pattern.", + "title": "DeploymentPatternName", "type": "string" }, - "SourceLocationName": { - "markdownDescription": "The name of the source location.", - "title": "SourceLocationName", + "Name": { + "markdownDescription": "The name of the deployment.", + "title": "Name", "type": "string" }, + "Specifications": { + "additionalProperties": true, + "markdownDescription": "The settings specified for the deployment. These settings define how to deploy and configure your resources created by the deployment. For more information about the specifications required for creating a deployment for a SAP workload, see [SAP deployment specifications](https://docs.aws.amazon.com/launchwizard/latest/APIReference/launch-wizard-specifications-sap.html) . To retrieve the specifications required to create a deployment for other workloads, use the [`GetWorkloadDeploymentPattern`](https://docs.aws.amazon.com/launchwizard/latest/APIReference/API_GetWorkloadDeploymentPattern.html) operation.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Specifications", + "type": "object" + }, "Tags": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::LaunchWizard::Deployment.Tags" }, - "markdownDescription": "The tags assigned to the live source. Tags are key-value pairs that you can associate with Amazon resources to help with organization, access control, and cost tracking. For more information, see [Tagging AWS Elemental MediaTailor Resources](https://docs.aws.amazon.com/mediatailor/latest/ug/tagging.html) .", + "markdownDescription": "Information about the tags attached to a deployment.", "title": "Tags", "type": "array" + }, + "WorkloadName": { + "markdownDescription": "The name of the workload.", + "title": "WorkloadName", + "type": "string" } }, "required": [ - "HttpPackageConfigurations", - "LiveSourceName", - "SourceLocationName" + "DeploymentPatternName", + "Name", + "WorkloadName" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaTailor::LiveSource" + "AWS::LaunchWizard::Deployment" ], "type": "string" }, @@ -164720,33 +170533,26 @@ ], "type": "object" }, - "AWS::MediaTailor::LiveSource.HttpPackageConfiguration": { + "AWS::LaunchWizard::Deployment.Tags": { "additionalProperties": false, "properties": { - "Path": { - "markdownDescription": "The relative path to the URL for this VOD source. This is combined with `SourceLocation::HttpConfiguration::BaseUrl` to form a valid URL.", - "title": "Path", - "type": "string" - }, - "SourceGroup": { - "markdownDescription": "The name of the source group. This has to match one of the `Channel::Outputs::SourceGroup` .", - "title": "SourceGroup", + "Key": { + "markdownDescription": "The key name of the tag.", + "title": "Key", "type": "string" }, - "Type": { - "markdownDescription": "The streaming protocol for this package configuration. Supported values are `HLS` and `DASH` .", - "title": "Type", + "Value": { + "markdownDescription": "The value for the tag.", + "title": "Value", "type": "string" } }, "required": [ - "Path", - "SourceGroup", - "Type" + "Key" ], "type": "object" }, - "AWS::MediaTailor::PlaybackConfiguration": { + "AWS::Lex::Bot": { "additionalProperties": false, "properties": { "Condition": { @@ -164781,101 +170587,87 @@ "Properties": { "additionalProperties": false, "properties": { - "AdDecisionServerUrl": { - "markdownDescription": "The URL for the ad decision server (ADS). This includes the specification of static parameters and placeholders for dynamic parameters. AWS Elemental MediaTailor substitutes player-specific and session-specific parameters as needed when calling the ADS. Alternately, for testing you can provide a static VAST URL. The maximum length is 25,000 characters.", - "title": "AdDecisionServerUrl", - "type": "string" - }, - "AvailSuppression": { - "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.AvailSuppression", - "markdownDescription": "The configuration for avail suppression, also known as ad suppression. For more information about ad suppression, see [Ad Suppression](https://docs.aws.amazon.com/mediatailor/latest/ug/ad-behavior.html) .", - "title": "AvailSuppression" - }, - "Bumper": { - "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.Bumper", - "markdownDescription": "The configuration for bumpers. Bumpers are short audio or video clips that play at the start or before the end of an ad break. To learn more about bumpers, see [Bumpers](https://docs.aws.amazon.com/mediatailor/latest/ug/bumpers.html) .", - "title": "Bumper" + "AutoBuildBotLocales": { + "markdownDescription": "Indicates whether Amazon Lex V2 should automatically build the locales for the bot after a change.", + "title": "AutoBuildBotLocales", + "type": "boolean" }, - "CdnConfiguration": { - "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.CdnConfiguration", - "markdownDescription": "The configuration for using a content delivery network (CDN), like Amazon CloudFront, for content and ad segment management.", - "title": "CdnConfiguration" + "BotFileS3Location": { + "$ref": "#/definitions/AWS::Lex::Bot.S3Location", + "markdownDescription": "The Amazon S3 location of files used to import a bot. The files must be in the import format specified in [JSON format for importing and exporting](https://docs.aws.amazon.com/lexv2/latest/dg/import-export-format.html) in the *Amazon Lex developer guide.*", + "title": "BotFileS3Location" }, - "ConfigurationAliases": { - "additionalProperties": true, - "markdownDescription": "The player parameters and aliases used as dynamic variables during session initialization. For more information, see [Domain Variables](https://docs.aws.amazon.com/mediatailor/latest/ug/variables-domain.html) .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "object" - } + "BotLocales": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.BotLocale" }, - "title": "ConfigurationAliases", - "type": "object" + "markdownDescription": "A list of locales for the bot.", + "title": "BotLocales", + "type": "array" }, - "DashConfiguration": { - "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.DashConfiguration", - "markdownDescription": "The configuration for a DASH source.", - "title": "DashConfiguration" + "BotTags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags to add to the bot. You can only add tags when you import a bot. You can't use the `UpdateBot` operation to update tags. To update tags, use the `TagResource` operation.", + "title": "BotTags", + "type": "array" }, - "HlsConfiguration": { - "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.HlsConfiguration", - "markdownDescription": "The configuration for HLS content.", - "title": "HlsConfiguration" + "DataPrivacy": { + "$ref": "#/definitions/AWS::Lex::Bot.DataPrivacy", + "markdownDescription": "By default, data stored by Amazon Lex is encrypted. The `DataPrivacy` structure provides settings that determine how Amazon Lex handles special cases of securing the data for your bot.", + "title": "DataPrivacy" }, - "LivePreRollConfiguration": { - "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.LivePreRollConfiguration", - "markdownDescription": "The configuration for pre-roll ad insertion.", - "title": "LivePreRollConfiguration" + "Description": { + "markdownDescription": "The description of the version.", + "title": "Description", + "type": "string" }, - "ManifestProcessingRules": { - "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.ManifestProcessingRules", - "markdownDescription": "The configuration for manifest processing rules. Manifest processing rules enable customization of the personalized manifests created by MediaTailor.", - "title": "ManifestProcessingRules" + "IdleSessionTTLInSeconds": { + "markdownDescription": "The time, in seconds, that Amazon Lex should keep information about a user's conversation with the bot.\n\nA user interaction remains active for the amount of time specified. If no conversation occurs during this time, the session expires and Amazon Lex deletes any data provided before the timeout.\n\nYou can specify between 60 (1 minute) and 86,400 (24 hours) seconds.", + "title": "IdleSessionTTLInSeconds", + "type": "number" }, "Name": { - "markdownDescription": "The identifier for the playback configuration.", + "markdownDescription": "The name of the bot locale.", "title": "Name", "type": "string" }, - "PersonalizationThresholdSeconds": { - "markdownDescription": "Defines the maximum duration of underfilled ad time (in seconds) allowed in an ad break. If the duration of underfilled ad time exceeds the personalization threshold, then the personalization of the ad break is abandoned and the underlying content is shown. This feature applies to *ad replacement* in live and VOD streams, rather than ad insertion, because it relies on an underlying content stream. For more information about ad break behavior, including ad replacement and insertion, see [Ad Behavior in AWS Elemental MediaTailor](https://docs.aws.amazon.com/mediatailor/latest/ug/ad-behavior.html) .", - "title": "PersonalizationThresholdSeconds", - "type": "number" + "Replication": { + "$ref": "#/definitions/AWS::Lex::Bot.Replication", + "markdownDescription": "", + "title": "Replication" }, - "SlateAdUrl": { - "markdownDescription": "The URL for a video asset to transcode and use to fill in time that's not used by ads. AWS Elemental MediaTailor shows the slate to fill in gaps in media content. Configuring the slate is optional for non-VPAID playback configurations. For VPAID, the slate is required because MediaTailor provides it in the slots designated for dynamic ad content. The slate must be a high-quality asset that contains both audio and video.", - "title": "SlateAdUrl", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role used to build and run the bot.", + "title": "RoleArn", "type": "string" }, - "Tags": { + "TestBotAliasSettings": { + "$ref": "#/definitions/AWS::Lex::Bot.TestBotAliasSettings", + "markdownDescription": "Specifies configuration settings for the alias used to test the bot. If the `TestBotAliasSettings` property is not specified, the settings are configured with default values.", + "title": "TestBotAliasSettings" + }, + "TestBotAliasTags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to assign to the playback configuration. Tags are key-value pairs that you can associate with Amazon resources to help with organization, access control, and cost tracking. For more information, see [Tagging AWS Elemental MediaTailor Resources](https://docs.aws.amazon.com/mediatailor/latest/ug/tagging.html) .", - "title": "Tags", + "markdownDescription": "A list of tags to add to the test alias for a bot. You can only add tags when you import a bot. You can't use the `UpdateAlias` operation to update tags. To update tags on the test alias, use the `TagResource` operation.", + "title": "TestBotAliasTags", "type": "array" - }, - "TranscodeProfileName": { - "markdownDescription": "The name that is used to associate this playback configuration with a custom transcode profile. This overrides the dynamic transcoding defaults of MediaTailor. Use this only if you have already set up custom profiles with the help of AWS Support.", - "title": "TranscodeProfileName", - "type": "string" - }, - "VideoContentSourceUrl": { - "markdownDescription": "The URL prefix for the parent manifest for the stream, minus the asset ID. The maximum length is 512 characters.", - "title": "VideoContentSourceUrl", - "type": "string" } }, "required": [ - "AdDecisionServerUrl", + "DataPrivacy", + "IdleSessionTTLInSeconds", "Name", - "VideoContentSourceUrl" + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaTailor::PlaybackConfiguration" + "AWS::Lex::Bot" ], "type": "string" }, @@ -164894,3276 +170686,2550 @@ ], "type": "object" }, - "AWS::MediaTailor::PlaybackConfiguration.AdMarkerPassthrough": { + "AWS::Lex::Bot.AdvancedRecognitionSetting": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Enables ad marker passthrough for your configuration.", - "title": "Enabled", - "type": "boolean" + "AudioRecognitionStrategy": { + "markdownDescription": "Enables using the slot values as a custom vocabulary for recognizing user utterances.", + "title": "AudioRecognitionStrategy", + "type": "string" } }, "type": "object" }, - "AWS::MediaTailor::PlaybackConfiguration.AvailSuppression": { + "AWS::Lex::Bot.AllowedInputTypes": { "additionalProperties": false, "properties": { - "Mode": { - "markdownDescription": "Sets the ad suppression mode. By default, ad suppression is off and all ad breaks are filled with ads or slate. When Mode is set to `BEHIND_LIVE_EDGE` , ad suppression is active and MediaTailor won't fill ad breaks on or behind the ad suppression Value time in the manifest lookback window. When Mode is set to `AFTER_LIVE_EDGE` , ad suppression is active and MediaTailor won't fill ad breaks that are within the live edge plus the avail suppression value.", - "title": "Mode", - "type": "string" + "AllowAudioInput": { + "markdownDescription": "Indicates whether audio input is allowed.", + "title": "AllowAudioInput", + "type": "boolean" }, - "Value": { - "markdownDescription": "A live edge offset time in HH:MM:SS. MediaTailor won't fill ad breaks on or behind this time in the manifest lookback window. If Value is set to 00:00:00, it is in sync with the live edge, and MediaTailor won't fill any ad breaks on or behind the live edge. If you set a Value time, MediaTailor won't fill any ad breaks on or behind this time in the manifest lookback window. For example, if you set 00:45:00, then MediaTailor will fill ad breaks that occur within 45 minutes behind the live edge, but won't fill ad breaks on or behind 45 minutes behind the live edge.", - "title": "Value", - "type": "string" + "AllowDTMFInput": { + "markdownDescription": "Indicates whether DTMF input is allowed.", + "title": "AllowDTMFInput", + "type": "boolean" } }, + "required": [ + "AllowAudioInput", + "AllowDTMFInput" + ], "type": "object" }, - "AWS::MediaTailor::PlaybackConfiguration.Bumper": { + "AWS::Lex::Bot.AudioAndDTMFInputSpecification": { "additionalProperties": false, "properties": { - "EndUrl": { - "markdownDescription": "The URL for the end bumper asset.", - "title": "EndUrl", - "type": "string" + "AudioSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.AudioSpecification", + "markdownDescription": "Specifies the settings on audio input.", + "title": "AudioSpecification" }, - "StartUrl": { - "markdownDescription": "The URL for the start bumper asset.", - "title": "StartUrl", - "type": "string" + "DTMFSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.DTMFSpecification", + "markdownDescription": "Specifies the settings on DTMF input.", + "title": "DTMFSpecification" + }, + "StartTimeoutMs": { + "markdownDescription": "Time for which a bot waits before assuming that the customer isn't going to speak or press a key. This timeout is shared between Audio and DTMF inputs.", + "title": "StartTimeoutMs", + "type": "number" + } + }, + "required": [ + "StartTimeoutMs" + ], + "type": "object" + }, + "AWS::Lex::Bot.AudioLogDestination": { + "additionalProperties": false, + "properties": { + "S3Bucket": { + "$ref": "#/definitions/AWS::Lex::Bot.S3BucketLogDestination", + "markdownDescription": "Specifies the Amazon S3 bucket where the audio files are stored.", + "title": "S3Bucket" } }, + "required": [ + "S3Bucket" + ], "type": "object" }, - "AWS::MediaTailor::PlaybackConfiguration.CdnConfiguration": { + "AWS::Lex::Bot.AudioLogSetting": { "additionalProperties": false, "properties": { - "AdSegmentUrlPrefix": { - "markdownDescription": "A non-default content delivery network (CDN) to serve ad segments. By default, AWS Elemental MediaTailor uses Amazon CloudFront with default cache settings as its CDN for ad segments. To set up an alternate CDN, create a rule in your CDN for the origin ads.mediatailor. ** .amazonaws.com. Then specify the rule's name in this `AdSegmentUrlPrefix` . When AWS Elemental MediaTailor serves a manifest, it reports your CDN as the source for ad segments.", - "title": "AdSegmentUrlPrefix", - "type": "string" + "Destination": { + "$ref": "#/definitions/AWS::Lex::Bot.AudioLogDestination", + "markdownDescription": "Specifies the location of the audio log files collected when conversation logging is enabled for a bot.", + "title": "Destination" }, - "ContentSegmentUrlPrefix": { - "markdownDescription": "A content delivery network (CDN) to cache content segments, so that content requests don\u2019t always have to go to the origin server. First, create a rule in your CDN for the content segment origin server. Then specify the rule's name in this `ContentSegmentUrlPrefix` . When AWS Elemental MediaTailor serves a manifest, it reports your CDN as the source for content segments.", - "title": "ContentSegmentUrlPrefix", - "type": "string" + "Enabled": { + "markdownDescription": "Determines whether audio logging in enabled for the bot.", + "title": "Enabled", + "type": "boolean" } }, + "required": [ + "Destination", + "Enabled" + ], "type": "object" }, - "AWS::MediaTailor::PlaybackConfiguration.DashConfiguration": { + "AWS::Lex::Bot.AudioSpecification": { "additionalProperties": false, "properties": { - "ManifestEndpointPrefix": { - "markdownDescription": "The URL generated by MediaTailor to initiate a playback session. The session uses server-side reporting. This setting is ignored in PUT operations.", - "title": "ManifestEndpointPrefix", - "type": "string" - }, - "MpdLocation": { - "markdownDescription": "The setting that controls whether MediaTailor includes the Location tag in DASH manifests. MediaTailor populates the Location tag with the URL for manifest update requests, to be used by players that don't support sticky redirects. Disable this if you have CDN routing rules set up for accessing MediaTailor manifests, and you are either using client-side reporting or your players support sticky HTTP redirects. Valid values are `DISABLED` and `EMT_DEFAULT` . The `EMT_DEFAULT` setting enables the inclusion of the tag and is the default value.", - "title": "MpdLocation", - "type": "string" + "EndTimeoutMs": { + "markdownDescription": "Time for which a bot waits after the customer stops speaking to assume the utterance is finished.", + "title": "EndTimeoutMs", + "type": "number" }, - "OriginManifestType": { - "markdownDescription": "The setting that controls whether MediaTailor handles manifests from the origin server as multi-period manifests or single-period manifests. If your origin server produces single-period manifests, set this to `SINGLE_PERIOD` . The default setting is `MULTI_PERIOD` . For multi-period manifests, omit this setting or set it to `MULTI_PERIOD` .", - "title": "OriginManifestType", - "type": "string" + "MaxLengthMs": { + "markdownDescription": "Time for how long Amazon Lex waits before speech input is truncated and the speech is returned to application.", + "title": "MaxLengthMs", + "type": "number" } }, + "required": [ + "EndTimeoutMs", + "MaxLengthMs" + ], "type": "object" }, - "AWS::MediaTailor::PlaybackConfiguration.HlsConfiguration": { + "AWS::Lex::Bot.BKBExactResponseFields": { "additionalProperties": false, "properties": { - "ManifestEndpointPrefix": { - "markdownDescription": "The URL that is used to initiate a playback session for devices that support Apple HLS. The session uses server-side reporting.", - "title": "ManifestEndpointPrefix", + "AnswerField": { + "markdownDescription": "", + "title": "AnswerField", "type": "string" } }, "type": "object" }, - "AWS::MediaTailor::PlaybackConfiguration.LivePreRollConfiguration": { + "AWS::Lex::Bot.BedrockAgentConfiguration": { "additionalProperties": false, "properties": { - "AdDecisionServerUrl": { - "markdownDescription": "The URL for the ad decision server (ADS) for pre-roll ads. This includes the specification of static parameters and placeholders for dynamic parameters. AWS Elemental MediaTailor substitutes player-specific and session-specific parameters as needed when calling the ADS. Alternately, for testing, you can provide a static VAST URL. The maximum length is 25,000 characters.", - "title": "AdDecisionServerUrl", + "BedrockAgentAliasId": { + "markdownDescription": "", + "title": "BedrockAgentAliasId", "type": "string" }, - "MaxDurationSeconds": { - "markdownDescription": "The maximum allowed duration for the pre-roll ad avail. AWS Elemental MediaTailor won't play pre-roll ads to exceed this duration, regardless of the total duration of ads that the ADS returns.", - "title": "MaxDurationSeconds", - "type": "number" + "BedrockAgentId": { + "markdownDescription": "", + "title": "BedrockAgentId", + "type": "string" } }, "type": "object" }, - "AWS::MediaTailor::PlaybackConfiguration.ManifestProcessingRules": { + "AWS::Lex::Bot.BedrockAgentIntentConfiguration": { "additionalProperties": false, "properties": { - "AdMarkerPassthrough": { - "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.AdMarkerPassthrough", - "markdownDescription": "For HLS, when set to `true` , MediaTailor passes through `EXT-X-CUE-IN` , `EXT-X-CUE-OUT` , and `EXT-X-SPLICEPOINT-SCTE35` ad markers from the origin manifest to the MediaTailor personalized manifest.\n\nNo logic is applied to these ad markers. For example, if `EXT-X-CUE-OUT` has a value of `60` , but no ads are filled for that ad break, MediaTailor will not set the value to `0` .", - "title": "AdMarkerPassthrough" + "BedrockAgentConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.BedrockAgentConfiguration", + "markdownDescription": "", + "title": "BedrockAgentConfiguration" + }, + "BedrockAgentIntentKnowledgeBaseConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.BedrockAgentIntentKnowledgeBaseConfiguration", + "markdownDescription": "", + "title": "BedrockAgentIntentKnowledgeBaseConfiguration" } }, "type": "object" }, - "AWS::MediaTailor::SourceLocation": { + "AWS::Lex::Bot.BedrockAgentIntentKnowledgeBaseConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AccessConfiguration": { - "$ref": "#/definitions/AWS::MediaTailor::SourceLocation.AccessConfiguration", - "markdownDescription": "The access configuration for the source location.", - "title": "AccessConfiguration" - }, - "DefaultSegmentDeliveryConfiguration": { - "$ref": "#/definitions/AWS::MediaTailor::SourceLocation.DefaultSegmentDeliveryConfiguration", - "markdownDescription": "The default segment delivery configuration.", - "title": "DefaultSegmentDeliveryConfiguration" - }, - "HttpConfiguration": { - "$ref": "#/definitions/AWS::MediaTailor::SourceLocation.HttpConfiguration", - "markdownDescription": "The HTTP configuration for the source location.", - "title": "HttpConfiguration" - }, - "SegmentDeliveryConfigurations": { - "items": { - "$ref": "#/definitions/AWS::MediaTailor::SourceLocation.SegmentDeliveryConfiguration" - }, - "markdownDescription": "The segment delivery configurations for the source location.", - "title": "SegmentDeliveryConfigurations", - "type": "array" - }, - "SourceLocationName": { - "markdownDescription": "The name of the source location.", - "title": "SourceLocationName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags assigned to the source location. Tags are key-value pairs that you can associate with Amazon resources to help with organization, access control, and cost tracking. For more information, see [Tagging AWS Elemental MediaTailor Resources](https://docs.aws.amazon.com/mediatailor/latest/ug/tagging.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "HttpConfiguration", - "SourceLocationName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::MediaTailor::SourceLocation" - ], + "BedrockKnowledgeBaseArn": { + "markdownDescription": "", + "title": "BedrockKnowledgeBaseArn", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "BedrockModelConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.BedrockModelSpecification", + "markdownDescription": "", + "title": "BedrockModelConfiguration" } }, "required": [ - "Type", - "Properties" + "BedrockKnowledgeBaseArn", + "BedrockModelConfiguration" ], "type": "object" }, - "AWS::MediaTailor::SourceLocation.AccessConfiguration": { + "AWS::Lex::Bot.BedrockGuardrailConfiguration": { "additionalProperties": false, "properties": { - "AccessType": { - "markdownDescription": "The type of authentication used to access content from `HttpConfiguration::BaseUrl` on your source location. Accepted value: `S3_SIGV4` .\n\n`S3_SIGV4` - AWS Signature Version 4 authentication for Amazon S3 hosted virtual-style access. If your source location base URL is an Amazon S3 bucket, MediaTailor can use AWS Signature Version 4 (SigV4) authentication to access the bucket where your source content is stored. Your MediaTailor source location baseURL must follow the S3 virtual hosted-style request URL format. For example, https://bucket-name.s3.Region.amazonaws.com/key-name.\n\nBefore you can use `S3_SIGV4` , you must meet these requirements:\n\n\u2022 You must allow MediaTailor to access your S3 bucket by granting mediatailor.amazonaws.com principal access in IAM. For information about configuring access in IAM, see Access management in the IAM User Guide.\n\n\u2022 The mediatailor.amazonaws.com service principal must have permissions to read all top level manifests referenced by the VodSource packaging configurations.\n\n\u2022 The caller of the API must have s3:GetObject IAM permissions to read all top level manifests referenced by your MediaTailor VodSource packaging configurations.", - "title": "AccessType", + "BedrockGuardrailIdentifier": { + "markdownDescription": "", + "title": "BedrockGuardrailIdentifier", "type": "string" }, - "SecretsManagerAccessTokenConfiguration": { - "$ref": "#/definitions/AWS::MediaTailor::SourceLocation.SecretsManagerAccessTokenConfiguration", - "markdownDescription": "AWS Secrets Manager access token configuration parameters.", - "title": "SecretsManagerAccessTokenConfiguration" + "BedrockGuardrailVersion": { + "markdownDescription": "", + "title": "BedrockGuardrailVersion", + "type": "string" } }, "type": "object" }, - "AWS::MediaTailor::SourceLocation.DefaultSegmentDeliveryConfiguration": { + "AWS::Lex::Bot.BedrockKnowledgeStoreConfiguration": { "additionalProperties": false, "properties": { - "BaseUrl": { - "markdownDescription": "The hostname of the server that will be used to serve segments. This string must include the protocol, such as *https://* .", - "title": "BaseUrl", + "BKBExactResponseFields": { + "$ref": "#/definitions/AWS::Lex::Bot.BKBExactResponseFields", + "markdownDescription": "", + "title": "BKBExactResponseFields" + }, + "BedrockKnowledgeBaseArn": { + "markdownDescription": "The base ARN of the knowledge base used.", + "title": "BedrockKnowledgeBaseArn", "type": "string" + }, + "ExactResponse": { + "markdownDescription": "Specifies whether to return an exact response, or to return an answer generated by the model, using the fields you specify from the database.", + "title": "ExactResponse", + "type": "boolean" } }, "type": "object" }, - "AWS::MediaTailor::SourceLocation.HttpConfiguration": { + "AWS::Lex::Bot.BedrockModelSpecification": { "additionalProperties": false, "properties": { - "BaseUrl": { - "markdownDescription": "The base URL for the source location host server. This string must include the protocol, such as *https://* .", - "title": "BaseUrl", + "BedrockGuardrailConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.BedrockGuardrailConfiguration", + "markdownDescription": "", + "title": "BedrockGuardrailConfiguration" + }, + "BedrockModelCustomPrompt": { + "markdownDescription": "", + "title": "BedrockModelCustomPrompt", + "type": "string" + }, + "BedrockTraceStatus": { + "markdownDescription": "", + "title": "BedrockTraceStatus", + "type": "string" + }, + "ModelArn": { + "markdownDescription": "The ARN of the foundation model used in descriptive bot building.", + "title": "ModelArn", "type": "string" } }, "required": [ - "BaseUrl" + "ModelArn" ], "type": "object" }, - "AWS::MediaTailor::SourceLocation.SecretsManagerAccessTokenConfiguration": { + "AWS::Lex::Bot.BotAliasLocaleSettings": { "additionalProperties": false, "properties": { - "HeaderName": { - "markdownDescription": "The name of the HTTP header used to supply the access token in requests to the source location.", - "title": "HeaderName", - "type": "string" - }, - "SecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Secrets Manager secret that contains the access token.", - "title": "SecretArn", - "type": "string" + "CodeHookSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.CodeHookSpecification", + "markdownDescription": "Specifies the Lambda function that should be used in the locale.", + "title": "CodeHookSpecification" }, - "SecretStringKey": { - "markdownDescription": "The AWS Secrets Manager [SecretString](https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_CreateSecret.html#SecretsManager-CreateSecret-request-SecretString.html) key associated with the access token. MediaTailor uses the key to look up SecretString key and value pair containing the access token.", - "title": "SecretStringKey", - "type": "string" + "Enabled": { + "markdownDescription": "Determines whether the locale is enabled for the bot. If the value is `false` , the locale isn't available for use.", + "title": "Enabled", + "type": "boolean" } }, + "required": [ + "Enabled" + ], "type": "object" }, - "AWS::MediaTailor::SourceLocation.SegmentDeliveryConfiguration": { + "AWS::Lex::Bot.BotAliasLocaleSettingsItem": { "additionalProperties": false, "properties": { - "BaseUrl": { - "markdownDescription": "The base URL of the host or path of the segment delivery server that you're using to serve segments. This is typically a content delivery network (CDN). The URL can be absolute or relative. To use an absolute URL include the protocol, such as `https://example.com/some/path` . To use a relative URL specify the relative path, such as `/some/path*` .", - "title": "BaseUrl", - "type": "string" + "BotAliasLocaleSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.BotAliasLocaleSettings", + "markdownDescription": "Specifies locale settings for a locale.", + "title": "BotAliasLocaleSetting" }, - "Name": { - "markdownDescription": "A unique identifier used to distinguish between multiple segment delivery configurations in a source location.", - "title": "Name", + "LocaleId": { + "markdownDescription": "Specifies the locale that the settings apply to.", + "title": "LocaleId", "type": "string" } }, + "required": [ + "BotAliasLocaleSetting", + "LocaleId" + ], "type": "object" }, - "AWS::MediaTailor::VodSource": { + "AWS::Lex::Bot.BotLocale": { "additionalProperties": false, "properties": { - "Condition": { + "CustomVocabulary": { + "$ref": "#/definitions/AWS::Lex::Bot.CustomVocabulary", + "markdownDescription": "Specifies a custom vocabulary to use with a specific locale.", + "title": "CustomVocabulary" + }, + "Description": { + "markdownDescription": "A description of the bot locale. Use this to help identify the bot locale in lists.", + "title": "Description", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "GenerativeAISettings": { + "$ref": "#/definitions/AWS::Lex::Bot.GenerativeAISettings", + "markdownDescription": "", + "title": "GenerativeAISettings" + }, + "Intents": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.Intent" + }, + "markdownDescription": "One or more intents defined for the locale.", + "title": "Intents", + "type": "array" + }, + "LocaleId": { + "markdownDescription": "The identifier of the language and locale that the bot will be used in. The string must match one of the supported locales.", + "title": "LocaleId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "NluConfidenceThreshold": { + "markdownDescription": "Determines the threshold where Amazon Lex will insert the `AMAZON.FallbackIntent` , `AMAZON.KendraSearchIntent` , or both when returning alternative intents. You must configure an `AMAZON.FallbackIntent` . `AMAZON.KendraSearchIntent` is only inserted if it is configured for the bot.", + "title": "NluConfidenceThreshold", + "type": "number" }, - "Metadata": { - "type": "object" + "SlotTypes": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotType" + }, + "markdownDescription": "One or more slot types defined for the locale.", + "title": "SlotTypes", + "type": "array" }, - "Properties": { - "additionalProperties": false, - "properties": { - "HttpPackageConfigurations": { - "items": { - "$ref": "#/definitions/AWS::MediaTailor::VodSource.HttpPackageConfiguration" - }, - "markdownDescription": "The HTTP package configurations for the VOD source.", - "title": "HttpPackageConfigurations", - "type": "array" - }, - "SourceLocationName": { - "markdownDescription": "The name of the source location that the VOD source is associated with.", - "title": "SourceLocationName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags assigned to the VOD source. Tags are key-value pairs that you can associate with Amazon resources to help with organization, access control, and cost tracking. For more information, see [Tagging AWS Elemental MediaTailor Resources](https://docs.aws.amazon.com/mediatailor/latest/ug/tagging.html) .", - "title": "Tags", - "type": "array" - }, - "VodSourceName": { - "markdownDescription": "The name of the VOD source.", - "title": "VodSourceName", - "type": "string" - } - }, - "required": [ - "HttpPackageConfigurations", - "SourceLocationName", - "VodSourceName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::MediaTailor::VodSource" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "VoiceSettings": { + "$ref": "#/definitions/AWS::Lex::Bot.VoiceSettings", + "markdownDescription": "Defines settings for using an Amazon Polly voice to communicate with a user.\n\nValid values include:\n\n- `standard`\n- `neural`\n- `long-form`\n- `generative`", + "title": "VoiceSettings" } }, "required": [ - "Type", - "Properties" + "LocaleId", + "NluConfidenceThreshold" ], "type": "object" }, - "AWS::MediaTailor::VodSource.HttpPackageConfiguration": { + "AWS::Lex::Bot.BuildtimeSettings": { "additionalProperties": false, "properties": { - "Path": { - "markdownDescription": "The relative path to the URL for this VOD source. This is combined with `SourceLocation::HttpConfiguration::BaseUrl` to form a valid URL.", - "title": "Path", - "type": "string" + "DescriptiveBotBuilderSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.DescriptiveBotBuilderSpecification", + "markdownDescription": "", + "title": "DescriptiveBotBuilderSpecification" }, - "SourceGroup": { - "markdownDescription": "The name of the source group. This has to match one of the `Channel::Outputs::SourceGroup` .", - "title": "SourceGroup", + "SampleUtteranceGenerationSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.SampleUtteranceGenerationSpecification", + "markdownDescription": "", + "title": "SampleUtteranceGenerationSpecification" + } + }, + "type": "object" + }, + "AWS::Lex::Bot.Button": { + "additionalProperties": false, + "properties": { + "Text": { + "markdownDescription": "The text that appears on the button. Use this to tell the user what value is returned when they choose this button.", + "title": "Text", "type": "string" }, - "Type": { - "markdownDescription": "The streaming protocol for this package configuration. Supported values are `HLS` and `DASH` .", - "title": "Type", + "Value": { + "markdownDescription": "The value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.", + "title": "Value", "type": "string" } }, "required": [ - "Path", - "SourceGroup", - "Type" + "Text", + "Value" ], "type": "object" }, - "AWS::MemoryDB::ACL": { + "AWS::Lex::Bot.CloudWatchLogGroupLogDestination": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ACLName": { - "markdownDescription": "The name of the Access Control List.", - "title": "ACLName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - }, - "UserNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of users that belong to the Access Control List.", - "title": "UserNames", - "type": "array" - } - }, - "required": [ - "ACLName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::MemoryDB::ACL" - ], + "CloudWatchLogGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the log group where text and metadata logs are delivered.", + "title": "CloudWatchLogGroupArn", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "LogPrefix": { + "markdownDescription": "The prefix of the log stream name within the log group that you specified", + "title": "LogPrefix", "type": "string" } }, "required": [ - "Type", - "Properties" + "CloudWatchLogGroupArn", + "LogPrefix" ], "type": "object" }, - "AWS::MemoryDB::Cluster": { + "AWS::Lex::Bot.CodeHookSpecification": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ACLName": { - "markdownDescription": "The name of the Access Control List to associate with the cluster .", - "title": "ACLName", - "type": "string" - }, - "AutoMinorVersionUpgrade": { - "markdownDescription": "When set to true, the cluster will automatically receive minor engine version upgrades after launch.", - "title": "AutoMinorVersionUpgrade", - "type": "boolean" - }, - "ClusterEndpoint": { - "$ref": "#/definitions/AWS::MemoryDB::Cluster.Endpoint", - "markdownDescription": "The cluster 's configuration endpoint.", - "title": "ClusterEndpoint" - }, - "ClusterName": { - "markdownDescription": "The name of the cluster .", - "title": "ClusterName", - "type": "string" - }, - "DataTiering": { - "markdownDescription": "Enables data tiering. Data tiering is only supported for clusters using the r6gd node type. This parameter must be set when using r6gd nodes. For more information, see [Data tiering](https://docs.aws.amazon.com/memorydb/latest/devguide/data-tiering.html) .", - "title": "DataTiering", - "type": "string" - }, - "Description": { - "markdownDescription": "A description of the cluster .", - "title": "Description", - "type": "string" - }, - "EngineVersion": { - "markdownDescription": "The Redis engine version used by the cluster .", - "title": "EngineVersion", - "type": "string" - }, - "FinalSnapshotName": { - "markdownDescription": "The user-supplied name of a final cluster snapshot. This is the unique name that identifies the snapshot. MemoryDB creates the snapshot, and then deletes the cluster immediately afterward.", - "title": "FinalSnapshotName", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "The ID of the KMS key used to encrypt the cluster .", - "title": "KmsKeyId", - "type": "string" - }, - "MaintenanceWindow": { - "markdownDescription": "Specifies the weekly time range during which maintenance on the cluster is performed. It is specified as a range in the format `ddd:hh24:mi-ddd:hh24:mi` (24H Clock UTC). The minimum maintenance window is a 60 minute period.\n\n*Pattern* : `ddd:hh24:mi-ddd:hh24:mi`", - "title": "MaintenanceWindow", - "type": "string" - }, - "NodeType": { - "markdownDescription": "The cluster 's node type.", - "title": "NodeType", - "type": "string" - }, - "NumReplicasPerShard": { - "markdownDescription": "The number of replicas to apply to each shard.\n\n*Default value* : `1`\n\n*Maximum value* : `5`", - "title": "NumReplicasPerShard", - "type": "number" - }, - "NumShards": { - "markdownDescription": "The number of shards in the cluster .", - "title": "NumShards", - "type": "number" - }, - "ParameterGroupName": { - "markdownDescription": "The name of the parameter group used by the cluster .", - "title": "ParameterGroupName", - "type": "string" - }, - "Port": { - "markdownDescription": "The port used by the cluster .", - "title": "Port", - "type": "number" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of security group names to associate with this cluster .", - "title": "SecurityGroupIds", - "type": "array" - }, - "SnapshotArns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of Amazon Resource Names (ARN) that uniquely identify the RDB snapshot files stored in Amazon S3. The snapshot files are used to populate the new cluster . The Amazon S3 object name in the ARN cannot contain any commas.", - "title": "SnapshotArns", - "type": "array" - }, - "SnapshotName": { - "markdownDescription": "The name of a snapshot from which to restore data into the new cluster . The snapshot status changes to restoring while the new cluster is being created.", - "title": "SnapshotName", - "type": "string" - }, - "SnapshotRetentionLimit": { - "markdownDescription": "The number of days for which MemoryDB retains automatic snapshots before deleting them. For example, if you set SnapshotRetentionLimit to 5, a snapshot that was taken today is retained for 5 days before being deleted.", - "title": "SnapshotRetentionLimit", - "type": "number" - }, - "SnapshotWindow": { - "markdownDescription": "The daily time range (in UTC) during which MemoryDB begins taking a daily snapshot of your shard. Example: 05:00-09:00 If you do not specify this parameter, MemoryDB automatically chooses an appropriate time range.", - "title": "SnapshotWindow", - "type": "string" - }, - "SnsTopicArn": { - "markdownDescription": "When you pass the logical ID of this resource to the intrinsic `Ref` function, Ref returns the ARN of the SNS topic, such as `arn:aws:memorydb:us-east-1:123456789012:mySNSTopic`", - "title": "SnsTopicArn", - "type": "string" - }, - "SnsTopicStatus": { - "markdownDescription": "The SNS topic must be in Active status to receive notifications.", - "title": "SnsTopicStatus", - "type": "string" - }, - "SubnetGroupName": { - "markdownDescription": "The name of the subnet group used by the cluster .", - "title": "SubnetGroupName", - "type": "string" - }, - "TLSEnabled": { - "markdownDescription": "A flag to indicate if In-transit encryption is enabled.", - "title": "TLSEnabled", - "type": "boolean" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "ACLName", - "ClusterName", - "NodeType" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::MemoryDB::Cluster" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "LambdaCodeHook": { + "$ref": "#/definitions/AWS::Lex::Bot.LambdaCodeHook", + "markdownDescription": "Specifies a Lambda function that verifies requests to a bot or fulfills the user's request to a bot.", + "title": "LambdaCodeHook" } }, "required": [ - "Type", - "Properties" + "LambdaCodeHook" ], "type": "object" }, - "AWS::MemoryDB::Cluster.Endpoint": { + "AWS::Lex::Bot.CompositeSlotTypeSetting": { "additionalProperties": false, "properties": { - "Address": { - "markdownDescription": "The DNS hostname of the node.", - "title": "Address", - "type": "string" - }, - "Port": { - "markdownDescription": "The port number that the engine is listening on.", - "title": "Port", - "type": "number" + "SubSlots": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.SubSlotTypeComposition" + }, + "markdownDescription": "Subslots in the composite slot.", + "title": "SubSlots", + "type": "array" } }, "type": "object" }, - "AWS::MemoryDB::ParameterGroup": { + "AWS::Lex::Bot.Condition": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description of the parameter group.", - "title": "Description", - "type": "string" - }, - "Family": { - "markdownDescription": "The name of the parameter group family that this parameter group is compatible with.", - "title": "Family", - "type": "string" - }, - "ParameterGroupName": { - "markdownDescription": "The name of the parameter group.", - "title": "ParameterGroupName", - "type": "string" - }, - "Parameters": { - "markdownDescription": "Returns the detailed parameter list for the parameter group.", - "title": "Parameters", - "type": "object" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Family", - "ParameterGroupName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::MemoryDB::ParameterGroup" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ExpressionString": { + "markdownDescription": "The expression string that is evaluated.", + "title": "ExpressionString", "type": "string" } }, "required": [ - "Type", - "Properties" + "ExpressionString" ], "type": "object" }, - "AWS::MemoryDB::SubnetGroup": { + "AWS::Lex::Bot.ConditionalBranch": { "additionalProperties": false, "properties": { "Condition": { - "type": "string" + "$ref": "#/definitions/AWS::Lex::Bot.Condition", + "markdownDescription": "Contains the expression to evaluate. If the condition is true, the branch's actions are taken.", + "title": "Condition" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "The name of the branch.", + "title": "Name", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description of the subnet group.", - "title": "Description", - "type": "string" - }, - "SubnetGroupName": { - "markdownDescription": "The name of the subnet group to be used for the cluster .", - "title": "SubnetGroupName", - "type": "string" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of Amazon VPC subnet IDs for the subnet group.", - "title": "SubnetIds", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "SubnetGroupName", - "SubnetIds" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::MemoryDB::SubnetGroup" - ], - "type": "string" + "NextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "The next step in the conversation.", + "title": "NextStep" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Response": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input.", + "title": "Response" } }, "required": [ - "Type", - "Properties" + "Condition", + "Name", + "NextStep" ], "type": "object" }, - "AWS::MemoryDB::User": { + "AWS::Lex::Bot.ConditionalSpecification": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AccessString": { - "markdownDescription": "Access permissions string used for this user.", - "title": "AccessString", - "type": "string" - }, - "AuthenticationMode": { - "$ref": "#/definitions/AWS::MemoryDB::User.AuthenticationMode", - "markdownDescription": "Denotes whether the user requires a password to authenticate.\n\n*Example:*\n\n`mynewdbuser: Type: AWS::MemoryDB::User Properties: AccessString: on ~* &* +@all AuthenticationMode: Passwords: '1234567890123456' Type: password UserName: mynewdbuser AuthenticationMode: { \"Passwords\": [\"1234567890123456\"], \"Type\": \"Password\" }`", - "title": "AuthenticationMode" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - }, - "UserName": { - "markdownDescription": "The name of the user.", - "title": "UserName", - "type": "string" - } + "ConditionalBranches": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalBranch" }, - "required": [ - "UserName" - ], - "type": "object" + "markdownDescription": "A list of conditional branches. A conditional branch is made up of a condition, a response and a next step. The response and next step are executed when the condition is true.", + "title": "ConditionalBranches", + "type": "array" }, - "Type": { - "enum": [ - "AWS::MemoryDB::User" - ], - "type": "string" + "DefaultBranch": { + "$ref": "#/definitions/AWS::Lex::Bot.DefaultConditionalBranch", + "markdownDescription": "The conditional branch that should be followed when the conditions for other branches are not satisfied. A conditional branch is made up of a condition, a response and a next step.", + "title": "DefaultBranch" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "IsActive": { + "markdownDescription": "Determines whether a conditional branch is active. When `IsActive` is false, the conditions are not evaluated.", + "title": "IsActive", + "type": "boolean" } }, "required": [ - "Type", - "Properties" + "ConditionalBranches", + "DefaultBranch", + "IsActive" ], "type": "object" }, - "AWS::MemoryDB::User.AuthenticationMode": { + "AWS::Lex::Bot.ConversationLogSettings": { "additionalProperties": false, "properties": { - "Passwords": { + "AudioLogSettings": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Lex::Bot.AudioLogSetting" }, - "markdownDescription": "The password(s) used for authentication", - "title": "Passwords", + "markdownDescription": "The Amazon S3 settings for logging audio to an S3 bucket.", + "title": "AudioLogSettings", "type": "array" }, - "Type": { - "markdownDescription": "Indicates whether the user requires a password to authenticate. All newly-created users require a password.", - "title": "Type", - "type": "string" + "TextLogSettings": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.TextLogSetting" + }, + "markdownDescription": "The Amazon CloudWatch Logs settings for logging text and metadata.", + "title": "TextLogSettings", + "type": "array" } }, "type": "object" }, - "AWS::Neptune::DBCluster": { + "AWS::Lex::Bot.CustomPayload": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AssociatedRoles": { - "items": { - "$ref": "#/definitions/AWS::Neptune::DBCluster.DBClusterRole" - }, - "markdownDescription": "Provides a list of the Amazon Identity and Access Management (IAM) roles that are associated with the DB cluster. IAM roles that are associated with a DB cluster grant permission for the DB cluster to access other Amazon services on your behalf.", - "title": "AssociatedRoles", - "type": "array" - }, - "AvailabilityZones": { - "items": { - "type": "string" - }, - "markdownDescription": "Provides the list of EC2 Availability Zones that instances in the DB cluster can be created in.", - "title": "AvailabilityZones", - "type": "array" - }, - "BackupRetentionPeriod": { - "markdownDescription": "Specifies the number of days for which automatic DB snapshots are retained.\n\nAn update may require some interruption. See [ModifyDBInstance](https://docs.aws.amazon.com/neptune/latest/userguide/api-instances.html#ModifyDBInstance) in the Amazon Neptune User Guide for more information.", - "title": "BackupRetentionPeriod", - "type": "number" - }, - "CopyTagsToSnapshot": { - "markdownDescription": "*If set to `true` , tags are copied to any snapshot of the DB cluster that is created.*", - "title": "CopyTagsToSnapshot", - "type": "boolean" - }, - "DBClusterIdentifier": { - "markdownDescription": "Contains a user-supplied DB cluster identifier. This identifier is the unique key that identifies a DB cluster.", - "title": "DBClusterIdentifier", - "type": "string" - }, - "DBClusterParameterGroupName": { - "markdownDescription": "Provides the name of the DB cluster parameter group.\n\nAn update may require some interruption. See [ModifyDBInstance](https://docs.aws.amazon.com/neptune/latest/userguide/api-instances.html#ModifyDBInstance) in the Amazon Neptune User Guide for more information.", - "title": "DBClusterParameterGroupName", - "type": "string" - }, - "DBInstanceParameterGroupName": { - "markdownDescription": "The name of the DB parameter group to apply to all instances of the DB cluster. Used only in case of a major engine version upgrade request\n\nNote that when you apply a parameter group using `DBInstanceParameterGroupName` , parameter changes are applied immediately, not during the next maintenance window.\n\n**Constraints** - The DB parameter group must be in the same DB parameter group family as the target DB cluster version.\n- The `DBInstanceParameterGroupName` parameter is only valid for major engine version upgrades.", - "title": "DBInstanceParameterGroupName", - "type": "string" - }, - "DBPort": { - "markdownDescription": "The port number on which the DB instances in the DB cluster accept connections.\n\nIf not specified, the default port used is `8182` .\n\n> The `Port` property will soon be deprecated. Please update existing templates to use the new `DBPort` property that has the same functionality.", - "title": "DBPort", - "type": "number" - }, - "DBSubnetGroupName": { - "markdownDescription": "Specifies information on the subnet group associated with the DB cluster, including the name, description, and subnets in the subnet group.", - "title": "DBSubnetGroupName", - "type": "string" - }, - "DeletionProtection": { - "markdownDescription": "Indicates whether or not the DB cluster has deletion protection enabled. The database can't be deleted when deletion protection is enabled.", - "title": "DeletionProtection", - "type": "boolean" - }, - "EnableCloudwatchLogsExports": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies a list of log types that are enabled for export to CloudWatch Logs.", - "title": "EnableCloudwatchLogsExports", - "type": "array" - }, - "EngineVersion": { - "markdownDescription": "Indicates the database engine version.", - "title": "EngineVersion", - "type": "string" - }, - "IamAuthEnabled": { - "markdownDescription": "True if mapping of Amazon Identity and Access Management (IAM) accounts to database accounts is enabled, and otherwise false.", - "title": "IamAuthEnabled", - "type": "boolean" - }, - "KmsKeyId": { - "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key that is used to encrypt the database instances in the DB cluster, such as `arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef` . If you enable the `StorageEncrypted` property but don't specify this property, the default KMS key is used. If you specify this property, you must set the `StorageEncrypted` property to `true` .", - "title": "KmsKeyId", - "type": "string" - }, - "PreferredBackupWindow": { - "markdownDescription": "Specifies the daily time range during which automated backups are created if automated backups are enabled, as determined by the `BackupRetentionPeriod` .\n\nAn update may require some interruption.", - "title": "PreferredBackupWindow", - "type": "string" - }, - "PreferredMaintenanceWindow": { - "markdownDescription": "Specifies the weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).", - "title": "PreferredMaintenanceWindow", - "type": "string" - }, - "RestoreToTime": { - "markdownDescription": "Creates a new DB cluster from a DB snapshot or DB cluster snapshot.\n\nIf a DB snapshot is specified, the target DB cluster is created from the source DB snapshot with a default configuration and default security group.\n\nIf a DB cluster snapshot is specified, the target DB cluster is created from the source DB cluster restore point with the same configuration as the original source DB cluster, except that the new DB cluster is created with the default security group.", - "title": "RestoreToTime", - "type": "string" - }, - "RestoreType": { - "markdownDescription": "Creates a new DB cluster from a DB snapshot or DB cluster snapshot.\n\nIf a DB snapshot is specified, the target DB cluster is created from the source DB snapshot with a default configuration and default security group.\n\nIf a DB cluster snapshot is specified, the target DB cluster is created from the source DB cluster restore point with the same configuration as the original source DB cluster, except that the new DB cluster is created with the default security group.", - "title": "RestoreType", - "type": "string" - }, - "ServerlessScalingConfiguration": { - "$ref": "#/definitions/AWS::Neptune::DBCluster.ServerlessScalingConfiguration", - "markdownDescription": "", - "title": "ServerlessScalingConfiguration" - }, - "SnapshotIdentifier": { - "markdownDescription": "Specifies the identifier for a DB cluster snapshot. Must match the identifier of an existing snapshot.\n\nAfter you restore a DB cluster using a `SnapshotIdentifier` , you must specify the same `SnapshotIdentifier` for any future updates to the DB cluster. When you specify this property for an update, the DB cluster is not restored from the snapshot again, and the data in the database is not changed.\n\nHowever, if you don't specify the `SnapshotIdentifier` , an empty DB cluster is created, and the original DB cluster is deleted. If you specify a property that is different from the previous snapshot restore property, the DB cluster is restored from the snapshot specified by the `SnapshotIdentifier` , and the original DB cluster is deleted.", - "title": "SnapshotIdentifier", - "type": "string" - }, - "SourceDBClusterIdentifier": { - "markdownDescription": "Creates a new DB cluster from a DB snapshot or DB cluster snapshot.\n\nIf a DB snapshot is specified, the target DB cluster is created from the source DB snapshot with a default configuration and default security group.\n\nIf a DB cluster snapshot is specified, the target DB cluster is created from the source DB cluster restore point with the same configuration as the original source DB cluster, except that the new DB cluster is created with the default security group.", - "title": "SourceDBClusterIdentifier", - "type": "string" - }, - "StorageEncrypted": { - "markdownDescription": "Indicates whether the DB cluster is encrypted.\n\nIf you specify the `KmsKeyId` property, then you must enable encryption and set this property to `true` .\n\nIf you enable the `StorageEncrypted` property but don't specify the `KmsKeyId` property, then the default KMS key is used. If you specify the `KmsKeyId` property, then that KMS key is used to encrypt the database instances in the DB cluster.\n\nIf you specify the `SourceDBClusterIdentifier` property, and don't specify this property or disable it, the value is inherited from the source DB cluster. If the source DB cluster is encrypted, the `KmsKeyId` property from the source cluster is used.\n\nIf you specify the `DBSnapshotIdentifier` and don't specify this property or disable it, the value is inherited from the snapshot and the specified `KmsKeyId` property from the snapshot is used.", - "title": "StorageEncrypted", - "type": "boolean" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags assigned to this cluster.", - "title": "Tags", - "type": "array" - }, - "UseLatestRestorableTime": { - "markdownDescription": "Creates a new DB cluster from a DB snapshot or DB cluster snapshot.\n\nIf a DB snapshot is specified, the target DB cluster is created from the source DB snapshot with a default configuration and default security group.\n\nIf a DB cluster snapshot is specified, the target DB cluster is created from the source DB cluster restore point with the same configuration as the original source DB cluster, except that the new DB cluster is created with the default security group.", - "title": "UseLatestRestorableTime", - "type": "boolean" - }, - "VpcSecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "Provides a list of VPC security groups that the DB cluster belongs to.", - "title": "VpcSecurityGroupIds", - "type": "array" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Neptune::DBCluster" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Value": { + "markdownDescription": "The string that is sent to your application.", + "title": "Value", "type": "string" } }, "required": [ - "Type" + "Value" ], "type": "object" }, - "AWS::Neptune::DBCluster.DBClusterRole": { + "AWS::Lex::Bot.CustomVocabulary": { "additionalProperties": false, "properties": { - "FeatureName": { - "markdownDescription": "The name of the feature associated with the Amazon Identity and Access Management (IAM) role. For the list of supported feature names, see [DescribeDBEngineVersions](https://docs.aws.amazon.com/neptune/latest/userguide/api-other-apis.html#DescribeDBEngineVersions) .", - "title": "FeatureName", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that is associated with the DB cluster.", - "title": "RoleArn", - "type": "string" + "CustomVocabularyItems": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.CustomVocabularyItem" + }, + "markdownDescription": "Specifies a list of words that you expect to be used during a conversation with your bot.", + "title": "CustomVocabularyItems", + "type": "array" } }, "required": [ - "RoleArn" + "CustomVocabularyItems" ], "type": "object" }, - "AWS::Neptune::DBCluster.ServerlessScalingConfiguration": { + "AWS::Lex::Bot.CustomVocabularyItem": { "additionalProperties": false, "properties": { - "MaxCapacity": { - "markdownDescription": "The maximum number of Neptune capacity units (NCUs) for a DB instance in a Neptune Serverless cluster. You can specify NCU values in half-step increments, such as 40, 40.5, 41, and so on.", - "title": "MaxCapacity", - "type": "number" + "DisplayAs": { + "markdownDescription": "The DisplayAs value for the custom vocabulary item from the custom vocabulary list.", + "title": "DisplayAs", + "type": "string" }, - "MinCapacity": { - "markdownDescription": "The minimum number of Neptune capacity units (NCUs) for a DB instance in a Neptune Serverless cluster. You can specify NCU values in half-step increments, such as 8, 8.5, 9, and so on.", - "title": "MinCapacity", + "Phrase": { + "markdownDescription": "Specifies 1 - 4 words that should be recognized.", + "title": "Phrase", + "type": "string" + }, + "Weight": { + "markdownDescription": "Specifies the degree to which the phrase recognition is boosted. The default value is 1.", + "title": "Weight", "type": "number" } }, "required": [ - "MaxCapacity", - "MinCapacity" + "Phrase" ], "type": "object" }, - "AWS::Neptune::DBClusterParameterGroup": { + "AWS::Lex::Bot.DTMFSpecification": { "additionalProperties": false, "properties": { - "Condition": { + "DeletionCharacter": { + "markdownDescription": "The DTMF character that clears the accumulated DTMF digits and immediately ends the input.", + "title": "DeletionCharacter", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "EndCharacter": { + "markdownDescription": "The DTMF character that immediately ends input. If the user does not press this character, the input ends after the end timeout.", + "title": "EndCharacter", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "Provides the customer-specified description for this DB cluster parameter group.", - "title": "Description", - "type": "string" - }, - "Family": { - "markdownDescription": "Must be `neptune1` for engine versions prior to [1.2.0.0](https://docs.aws.amazon.com/neptune/latest/userguide/engine-releases-1.2.0.0.html) , or `neptune1.2` for engine version `1.2.0.0` and higher.", - "title": "Family", - "type": "string" - }, - "Name": { - "markdownDescription": "Provides the name of the DB cluster parameter group.", - "title": "Name", - "type": "string" - }, - "Parameters": { - "markdownDescription": "The parameters to set for this DB cluster parameter group.\n\nThe parameters are expressed as a JSON object consisting of key-value pairs.\n\nIf you update the parameters, some interruption may occur depending on which parameters you update.", - "title": "Parameters", - "type": "object" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags that you want to attach to this parameter group.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Description", - "Family", - "Parameters" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Neptune::DBClusterParameterGroup" - ], - "type": "string" + "EndTimeoutMs": { + "markdownDescription": "How long the bot should wait after the last DTMF character input before assuming that the input has concluded.", + "title": "EndTimeoutMs", + "type": "number" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "MaxLength": { + "markdownDescription": "The maximum number of DTMF digits allowed in an utterance.", + "title": "MaxLength", + "type": "number" } }, "required": [ - "Type", - "Properties" + "DeletionCharacter", + "EndCharacter", + "EndTimeoutMs", + "MaxLength" ], "type": "object" }, - "AWS::Neptune::DBInstance": { + "AWS::Lex::Bot.DataPrivacy": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "ChildDirected": { + "markdownDescription": "For each Amazon Lex bot created with the Amazon Lex Model Building Service, you must specify whether your use of Amazon Lex is related to a website, program, or other application that is directed or targeted, in whole or in part, to children under age 13 and subject to the Children's Online Privacy Protection Act (COPPA) by specifying `true` or `false` in the `childDirected` field. By specifying `true` in the `childDirected` field, you confirm that your use of Amazon Lex *is* related to a website, program, or other application that is directed or targeted, in whole or in part, to children under age 13 and subject to COPPA. By specifying `false` in the `childDirected` field, you confirm that your use of Amazon Lex *is not* related to a website, program, or other application that is directed or targeted, in whole or in part, to children under age 13 and subject to COPPA. You may not specify a default value for the `childDirected` field that does not accurately reflect whether your use of Amazon Lex is related to a website, program, or other application that is directed or targeted, in whole or in part, to children under age 13 and subject to COPPA. If your use of Amazon Lex relates to a website, program, or other application that is directed in whole or in part, to children under age 13, you must obtain any required verifiable parental consent under COPPA. For information regarding the use of Amazon Lex in connection with websites, programs, or other applications that are directed or targeted, in whole or in part, to children under age 13, see the [Amazon Lex FAQ](https://docs.aws.amazon.com/lex/faqs#data-security) .", + "title": "ChildDirected", + "type": "boolean" + } + }, + "required": [ + "ChildDirected" + ], + "type": "object" + }, + "AWS::Lex::Bot.DataSourceConfiguration": { + "additionalProperties": false, + "properties": { + "BedrockKnowledgeStoreConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.BedrockKnowledgeStoreConfiguration", + "markdownDescription": "Contains details about the configuration of the Amazon Bedrock knowledge base used for the `AMAZON.QnAIntent` . To set up a knowledge base, follow the steps at [Building a knowledge base](https://docs.aws.amazon.com/bedrock/latest/userguide/knowledge-base.html) .", + "title": "BedrockKnowledgeStoreConfiguration" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AllowMajorVersionUpgrade": { - "markdownDescription": "Indicates that major version upgrades are allowed. Changing this parameter doesn't result in an outage and the change is asynchronously applied as soon as possible. This parameter must be set to true when specifying a value for the EngineVersion parameter that is a different major version than the DB instance's current version.\n\nWhen you change this parameter for an existing DB cluster, CloudFormation will replace your existing DB cluster with a new, empty one that uses the engine version you specified.", - "title": "AllowMajorVersionUpgrade", - "type": "boolean" - }, - "AutoMinorVersionUpgrade": { - "markdownDescription": "Indicates that minor version patches are applied automatically.\n\nWhen updating this property, some interruptions may occur.", - "title": "AutoMinorVersionUpgrade", - "type": "boolean" - }, - "AvailabilityZone": { - "markdownDescription": "Specifies the name of the Availability Zone the DB instance is located in.", - "title": "AvailabilityZone", - "type": "string" - }, - "DBClusterIdentifier": { - "markdownDescription": "If the DB instance is a member of a DB cluster, contains the name of the DB cluster that the DB instance is a member of.", - "title": "DBClusterIdentifier", - "type": "string" - }, - "DBInstanceClass": { - "markdownDescription": "Contains the name of the compute and memory capacity class of the DB instance.\n\nIf you update this property, some interruptions may occur.", - "title": "DBInstanceClass", - "type": "string" - }, - "DBInstanceIdentifier": { - "markdownDescription": "Contains a user-supplied database identifier. This identifier is the unique key that identifies a DB instance.", - "title": "DBInstanceIdentifier", - "type": "string" - }, - "DBParameterGroupName": { - "markdownDescription": "The name of an existing DB parameter group or a reference to an AWS::Neptune::DBParameterGroup resource created in the template. If any of the data members of the referenced parameter group are changed during an update, the DB instance might need to be restarted, which causes some interruption. If the parameter group contains static parameters, whether they were changed or not, an update triggers a reboot.", - "title": "DBParameterGroupName", - "type": "string" - }, - "DBSnapshotIdentifier": { - "markdownDescription": "This parameter is not supported.\n\n`AWS::Neptune::DBInstance` does not support restoring from snapshots.\n\n`AWS::Neptune::DBCluster` does support restoring from snapshots.", - "title": "DBSnapshotIdentifier", - "type": "string" - }, - "DBSubnetGroupName": { - "markdownDescription": "A DB subnet group to associate with the DB instance. If you update this value, the new subnet group must be a subnet group in a new virtual private cloud (VPC).", - "title": "DBSubnetGroupName", - "type": "string" - }, - "PreferredMaintenanceWindow": { - "markdownDescription": "Specifies the weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).", - "title": "PreferredMaintenanceWindow", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An arbitrary set of tags (key-value pairs) for this DB instance.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "DBInstanceClass" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Neptune::DBInstance" - ], - "type": "string" + "KendraConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.QnAKendraConfiguration", + "markdownDescription": "Contains details about the configuration of the Amazon Kendra index used for the `AMAZON.QnAIntent` . To create a Amazon Kendra index, follow the steps at [Creating an index](https://docs.aws.amazon.com/kendra/latest/dg/create-index.html) .", + "title": "KendraConfiguration" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "OpensearchConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.OpensearchConfiguration", + "markdownDescription": "Contains details about the configuration of the Amazon OpenSearch Service database used for the `AMAZON.QnAIntent` . To create a domain, follow the steps at [Creating and managing Amazon OpenSearch Service domains](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/createupdatedomains.html) .", + "title": "OpensearchConfiguration" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Neptune::DBParameterGroup": { + "AWS::Lex::Bot.DefaultConditionalBranch": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "Provides the customer-specified description for this DB parameter group.", - "title": "Description", - "type": "string" - }, - "Family": { - "markdownDescription": "Must be `neptune1` for engine versions prior to [1.2.0.0](https://docs.aws.amazon.com/neptune/latest/userguide/engine-releases-1.2.0.0.html) , or `neptune1.2` for engine version `1.2.0.0` and higher.", - "title": "Family", - "type": "string" - }, - "Name": { - "markdownDescription": "Provides the name of the DB parameter group.", - "title": "Name", - "type": "string" - }, - "Parameters": { - "markdownDescription": "The parameters to set for this DB parameter group.\n\nThe parameters are expressed as a JSON object consisting of key-value pairs.\n\nChanges to dynamic parameters are applied immediately. During an update, if you have static parameters (whether they were changed or not), it triggers AWS CloudFormation to reboot the associated DB instance without failover.", - "title": "Parameters", - "type": "object" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags that you want to attach to this parameter group.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Description", - "Family", - "Parameters" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Neptune::DBParameterGroup" - ], - "type": "string" + "NextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "The next step in the conversation.", + "title": "NextStep" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Response": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input.", + "title": "Response" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Neptune::DBSubnetGroup": { + "AWS::Lex::Bot.DescriptiveBotBuilderSpecification": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DBSubnetGroupDescription": { - "markdownDescription": "Provides the description of the DB subnet group.", - "title": "DBSubnetGroupDescription", - "type": "string" - }, - "DBSubnetGroupName": { - "markdownDescription": "The name of the DB subnet group.", - "title": "DBSubnetGroupName", - "type": "string" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon EC2 subnet IDs for the DB subnet group.", - "title": "SubnetIds", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags that you want to attach to the DB subnet group.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "DBSubnetGroupDescription", - "SubnetIds" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Neptune::DBSubnetGroup" - ], - "type": "string" + "BedrockModelSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.BedrockModelSpecification", + "markdownDescription": "An object containing information about the Amazon Bedrock model used to interpret the prompt used in descriptive bot building.", + "title": "BedrockModelSpecification" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Enabled": { + "markdownDescription": "Specifies whether the descriptive bot building feature is activated or not.", + "title": "Enabled", + "type": "boolean" } }, "required": [ - "Type", - "Properties" + "Enabled" ], "type": "object" }, - "AWS::NeptuneGraph::Graph": { + "AWS::Lex::Bot.DialogAction": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SlotToElicit": { + "markdownDescription": "If the dialog action is `ElicitSlot` , defines the slot to elicit from the user.", + "title": "SlotToElicit", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DeletionProtection": { - "markdownDescription": "A value that indicates whether the graph has deletion protection enabled. The graph can't be deleted when deletion protection is enabled.", - "title": "DeletionProtection", - "type": "boolean" - }, - "GraphName": { - "markdownDescription": "The graph name. For example: `my-graph-1` .\n\nThe name must contain from 1 to 63 letters, numbers, or hyphens, and its first character must be a letter. It cannot end with a hyphen or contain two consecutive hyphens.\n\nIf you don't specify a graph name, a unique graph name is generated for you using the prefix `graph-for` , followed by a combination of `Stack Name` and a `UUID` .", - "title": "GraphName", - "type": "string" - }, - "ProvisionedMemory": { - "markdownDescription": "The provisioned memory-optimized Neptune Capacity Units (m-NCUs) to use for the graph.\n\nMin = 16", - "title": "ProvisionedMemory", - "type": "number" - }, - "PublicConnectivity": { - "markdownDescription": "Specifies whether or not the graph can be reachable over the internet. All access to graphs is IAM authenticated.\n\nWhen the graph is publicly available, its domain name system (DNS) endpoint resolves to the public IP address from the internet. When the graph isn't publicly available, you need to create a `PrivateGraphEndpoint` in a given VPC to ensure the DNS name resolves to a private IP address that is reachable from the VPC.\n\nDefault: If not specified, the default value is false.\n\n> If enabling public connectivity for the first time, there will be a delay while it is enabled.", - "title": "PublicConnectivity", - "type": "boolean" - }, - "ReplicaCount": { - "markdownDescription": "The number of replicas in other AZs.\n\nDefault: If not specified, the default value is 1.", - "title": "ReplicaCount", - "type": "number" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Adds metadata tags to the new graph. These tags can also be used with cost allocation reporting, or used in a Condition statement in an IAM policy.", - "title": "Tags", - "type": "array" - }, - "VectorSearchConfiguration": { - "$ref": "#/definitions/AWS::NeptuneGraph::Graph.VectorSearchConfiguration", - "markdownDescription": "Specifies the number of dimensions for vector embeddings that will be loaded into the graph. The value is specified as `dimension=` value. Max = 65,535", - "title": "VectorSearchConfiguration" - } - }, - "required": [ - "ProvisionedMemory" - ], - "type": "object" + "SuppressNextMessage": { + "markdownDescription": "When true the next message for the intent is not used.", + "title": "SuppressNextMessage", + "type": "boolean" }, "Type": { - "enum": [ - "AWS::NeptuneGraph::Graph" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "markdownDescription": "The action that the bot should execute.", + "title": "Type", "type": "string" } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::NeptuneGraph::Graph.VectorSearchConfiguration": { + "AWS::Lex::Bot.DialogCodeHookInvocationSetting": { "additionalProperties": false, "properties": { - "VectorSearchDimension": { - "markdownDescription": "The number of dimensions.", - "title": "VectorSearchDimension", - "type": "number" + "EnableCodeHookInvocation": { + "markdownDescription": "Indicates whether a Lambda function should be invoked for the dialog.", + "title": "EnableCodeHookInvocation", + "type": "boolean" + }, + "InvocationLabel": { + "markdownDescription": "A label that indicates the dialog step from which the dialog code hook is happening.", + "title": "InvocationLabel", + "type": "string" + }, + "IsActive": { + "markdownDescription": "Determines whether a dialog code hook is used when the intent is activated.", + "title": "IsActive", + "type": "boolean" + }, + "PostCodeHookSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.PostDialogCodeHookInvocationSpecification", + "markdownDescription": "Contains the responses and actions that Amazon Lex takes after the Lambda function is complete.", + "title": "PostCodeHookSpecification" } }, "required": [ - "VectorSearchDimension" + "EnableCodeHookInvocation", + "IsActive", + "PostCodeHookSpecification" ], "type": "object" }, - "AWS::NeptuneGraph::PrivateGraphEndpoint": { + "AWS::Lex::Bot.DialogCodeHookSetting": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "GraphIdentifier": { - "markdownDescription": "The unique identifier of the Neptune Analytics graph.", - "title": "GraphIdentifier", - "type": "string" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "Security groups to be attached to the private graph endpoint..", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "Subnets in which private graph endpoint ENIs are created.", - "title": "SubnetIds", - "type": "array" - }, - "VpcId": { - "markdownDescription": "The VPC in which the private graph endpoint needs to be created.", - "title": "VpcId", - "type": "string" - } - }, - "required": [ - "GraphIdentifier", - "VpcId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::NeptuneGraph::PrivateGraphEndpoint" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Enabled": { + "markdownDescription": "Enables the dialog code hook so that it processes user requests.", + "title": "Enabled", + "type": "boolean" } }, "required": [ - "Type", - "Properties" + "Enabled" ], "type": "object" }, - "AWS::NetworkFirewall::Firewall": { + "AWS::Lex::Bot.DialogState": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "DialogAction": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogAction", + "markdownDescription": "Defines the action that the bot executes at runtime when the conversation reaches this step.", + "title": "DialogAction" }, - "Metadata": { - "type": "object" + "Intent": { + "$ref": "#/definitions/AWS::Lex::Bot.IntentOverride", + "markdownDescription": "Override settings to configure the intent state.", + "title": "Intent" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DeleteProtection": { - "markdownDescription": "A flag indicating whether it is possible to delete the firewall. A setting of `TRUE` indicates that the firewall is protected against deletion. Use this setting to protect against accidentally deleting a firewall that is in use. When you create a firewall, the operation initializes this flag to `TRUE` .", - "title": "DeleteProtection", - "type": "boolean" - }, - "Description": { - "markdownDescription": "A description of the firewall.", - "title": "Description", - "type": "string" - }, - "FirewallName": { - "markdownDescription": "The descriptive name of the firewall. You can't change the name of a firewall after you create it.", - "title": "FirewallName", - "type": "string" - }, - "FirewallPolicyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the firewall policy.\n\nThe relationship of firewall to firewall policy is many to one. Each firewall requires one firewall policy association, and you can use the same firewall policy for multiple firewalls.", - "title": "FirewallPolicyArn", - "type": "string" - }, - "FirewallPolicyChangeProtection": { - "markdownDescription": "A setting indicating whether the firewall is protected against a change to the firewall policy association. Use this setting to protect against accidentally modifying the firewall policy for a firewall that is in use. When you create a firewall, the operation initializes this setting to `TRUE` .", - "title": "FirewallPolicyChangeProtection", - "type": "boolean" - }, - "SubnetChangeProtection": { - "markdownDescription": "A setting indicating whether the firewall is protected against changes to the subnet associations. Use this setting to protect against accidentally modifying the subnet associations for a firewall that is in use. When you create a firewall, the operation initializes this setting to `TRUE` .", - "title": "SubnetChangeProtection", - "type": "boolean" - }, - "SubnetMappings": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::Firewall.SubnetMapping" - }, - "markdownDescription": "The primary public subnets that Network Firewall is using for the firewall. Network Firewall creates a firewall endpoint in each subnet. Create a subnet mapping for each Availability Zone where you want to use the firewall.\n\nThese subnets are all defined for a single, primary VPC, and each must belong to a different Availability Zone. Each of these subnets establishes the availability of the firewall in its Availability Zone.\n\nIn addition to these subnets, you can define other endpoints for the firewall in `VpcEndpointAssociation` resources. You can define these additional endpoints for any VPC, and for any of the Availability Zones where the firewall resource already has a subnet mapping. VPC endpoint associations give you the ability to protect multiple VPCs using a single firewall, and to define multiple firewall endpoints for a VPC in a single Availability Zone.", - "title": "SubnetMappings", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - }, - "VpcId": { - "markdownDescription": "The unique identifier of the VPC where the firewall is in use. You can't change the VPC of a firewall after you create the firewall.", - "title": "VpcId", - "type": "string" - } + "SessionAttributes": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.SessionAttribute" }, - "required": [ - "FirewallName", - "FirewallPolicyArn", - "SubnetMappings", - "VpcId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::NetworkFirewall::Firewall" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "markdownDescription": "Map of key/value pairs representing session-specific context information. It contains application information passed between Amazon Lex and a client application.", + "title": "SessionAttributes", + "type": "array" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::NetworkFirewall::Firewall.SubnetMapping": { + "AWS::Lex::Bot.ElicitationCodeHookInvocationSetting": { "additionalProperties": false, "properties": { - "IPAddressType": { - "markdownDescription": "The subnet's IP address type. You can't change the IP address type after you create the subnet.", - "title": "IPAddressType", - "type": "string" + "EnableCodeHookInvocation": { + "markdownDescription": "Indicates whether a Lambda function should be invoked for the dialog.", + "title": "EnableCodeHookInvocation", + "type": "boolean" }, - "SubnetId": { - "markdownDescription": "The unique identifier for the subnet.", - "title": "SubnetId", + "InvocationLabel": { + "markdownDescription": "A label that indicates the dialog step from which the dialog code hook is happening.", + "title": "InvocationLabel", "type": "string" } }, "required": [ - "SubnetId" + "EnableCodeHookInvocation" ], "type": "object" }, - "AWS::NetworkFirewall::FirewallPolicy": { + "AWS::Lex::Bot.ExactResponseFields": { "additionalProperties": false, "properties": { - "Condition": { + "AnswerField": { + "markdownDescription": "The name of the field that contains the answer to the query made to the OpenSearch Service database.", + "title": "AnswerField", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description of the firewall policy.", - "title": "Description", - "type": "string" - }, - "FirewallPolicy": { - "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.FirewallPolicy", - "markdownDescription": "The traffic filtering behavior of a firewall policy, defined in a collection of stateless and stateful rule groups and other settings.", - "title": "FirewallPolicy" - }, - "FirewallPolicyName": { - "markdownDescription": "The descriptive name of the firewall policy. You can't change the name of a firewall policy after you create it.", - "title": "FirewallPolicyName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "FirewallPolicy", - "FirewallPolicyName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::NetworkFirewall::FirewallPolicy" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "QuestionField": { + "markdownDescription": "The name of the field that contains the query made to the OpenSearch Service database.", + "title": "QuestionField", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::NetworkFirewall::FirewallPolicy.ActionDefinition": { + "AWS::Lex::Bot.ExternalSourceSetting": { "additionalProperties": false, "properties": { - "PublishMetricAction": { - "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.PublishMetricAction", - "markdownDescription": "Stateless inspection criteria that publishes the specified metrics to Amazon CloudWatch for the matching packet. This setting defines a CloudWatch dimension value to be published.\n\nYou can pair this custom action with any of the standard stateless rule actions. For example, you could pair this in a rule action with the standard action that forwards the packet for stateful inspection. Then, when a packet matches the rule, Network Firewall publishes metrics for the packet and forwards it.", - "title": "PublishMetricAction" + "GrammarSlotTypeSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.GrammarSlotTypeSetting", + "markdownDescription": "Settings required for a slot type based on a grammar that you provide.", + "title": "GrammarSlotTypeSetting" } }, "type": "object" }, - "AWS::NetworkFirewall::FirewallPolicy.CustomAction": { + "AWS::Lex::Bot.FulfillmentCodeHookSetting": { "additionalProperties": false, "properties": { - "ActionDefinition": { - "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.ActionDefinition", - "markdownDescription": "The custom action associated with the action name.", - "title": "ActionDefinition" + "Enabled": { + "markdownDescription": "Indicates whether a Lambda function should be invoked to fulfill a specific intent.", + "title": "Enabled", + "type": "boolean" }, - "ActionName": { - "markdownDescription": "The descriptive name of the custom action. You can't change the name of a custom action after you create it.", - "title": "ActionName", - "type": "string" + "FulfillmentUpdatesSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.FulfillmentUpdatesSpecification", + "markdownDescription": "Provides settings for update messages sent to the user for long-running Lambda fulfillment functions. Fulfillment updates can be used only with streaming conversations.", + "title": "FulfillmentUpdatesSpecification" + }, + "IsActive": { + "markdownDescription": "Determines whether the fulfillment code hook is used. When `active` is false, the code hook doesn't run.", + "title": "IsActive", + "type": "boolean" + }, + "PostFulfillmentStatusSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.PostFulfillmentStatusSpecification", + "markdownDescription": "Provides settings for messages sent to the user for after the Lambda fulfillment function completes. Post-fulfillment messages can be sent for both streaming and non-streaming conversations.", + "title": "PostFulfillmentStatusSpecification" } }, "required": [ - "ActionDefinition", - "ActionName" + "Enabled" ], "type": "object" }, - "AWS::NetworkFirewall::FirewallPolicy.Dimension": { + "AWS::Lex::Bot.FulfillmentStartResponseSpecification": { "additionalProperties": false, "properties": { - "Value": { - "markdownDescription": "The value to use in the custom metric dimension.", - "title": "Value", - "type": "string" + "AllowInterrupt": { + "markdownDescription": "Determines whether the user can interrupt the start message while it is playing.", + "title": "AllowInterrupt", + "type": "boolean" + }, + "DelayInSeconds": { + "markdownDescription": "The delay between when the Lambda fulfillment function starts running and the start message is played. If the Lambda function returns before the delay is over, the start message isn't played.", + "title": "DelayInSeconds", + "type": "number" + }, + "MessageGroups": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.MessageGroup" + }, + "markdownDescription": "1 - 5 message groups that contain start messages. Amazon Lex chooses one of the messages to play to the user.", + "title": "MessageGroups", + "type": "array" } }, "required": [ - "Value" + "DelayInSeconds", + "MessageGroups" ], "type": "object" }, - "AWS::NetworkFirewall::FirewallPolicy.FirewallPolicy": { + "AWS::Lex::Bot.FulfillmentUpdateResponseSpecification": { "additionalProperties": false, "properties": { - "PolicyVariables": { - "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.PolicyVariables", - "markdownDescription": "Contains variables that you can use to override default Suricata settings in your firewall policy.", - "title": "PolicyVariables" - }, - "StatefulDefaultActions": { - "items": { - "type": "string" - }, - "markdownDescription": "The default actions to take on a packet that doesn't match any stateful rules. The stateful default action is optional, and is only valid when using the strict rule order.\n\nValid values of the stateful default action:\n\n- aws:drop_strict\n- aws:drop_established\n- aws:alert_strict\n- aws:alert_established\n\nFor more information, see [Strict evaluation order](https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html#suricata-strict-rule-evaluation-order.html) in the *AWS Network Firewall Developer Guide* .", - "title": "StatefulDefaultActions", - "type": "array" - }, - "StatefulEngineOptions": { - "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.StatefulEngineOptions", - "markdownDescription": "Additional options governing how Network Firewall handles stateful rules. The stateful rule groups that you use in your policy must have stateful rule options settings that are compatible with these settings.", - "title": "StatefulEngineOptions" - }, - "StatefulRuleGroupReferences": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.StatefulRuleGroupReference" - }, - "markdownDescription": "References to the stateful rule groups that are used in the policy. These define the inspection criteria in stateful rules.", - "title": "StatefulRuleGroupReferences", - "type": "array" - }, - "StatelessCustomActions": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.CustomAction" - }, - "markdownDescription": "The custom action definitions that are available for use in the firewall policy's `StatelessDefaultActions` setting. You name each custom action that you define, and then you can use it by name in your default actions specifications.", - "title": "StatelessCustomActions", - "type": "array" - }, - "StatelessDefaultActions": { - "items": { - "type": "string" - }, - "markdownDescription": "The actions to take on a packet if it doesn't match any of the stateless rules in the policy. If you want non-matching packets to be forwarded for stateful inspection, specify `aws:forward_to_sfe` .\n\nYou must specify one of the standard actions: `aws:pass` , `aws:drop` , or `aws:forward_to_sfe` . In addition, you can specify custom actions that are compatible with your standard section choice.\n\nFor example, you could specify `[\"aws:pass\"]` or you could specify `[\"aws:pass\", \u201ccustomActionName\u201d]` . For information about compatibility, see the custom action descriptions.", - "title": "StatelessDefaultActions", - "type": "array" + "AllowInterrupt": { + "markdownDescription": "Determines whether the user can interrupt an update message while it is playing.", + "title": "AllowInterrupt", + "type": "boolean" }, - "StatelessFragmentDefaultActions": { - "items": { - "type": "string" - }, - "markdownDescription": "The actions to take on a fragmented packet if it doesn't match any of the stateless rules in the policy. If you want non-matching fragmented packets to be forwarded for stateful inspection, specify `aws:forward_to_sfe` .\n\nYou must specify one of the standard actions: `aws:pass` , `aws:drop` , or `aws:forward_to_sfe` . In addition, you can specify custom actions that are compatible with your standard section choice.\n\nFor example, you could specify `[\"aws:pass\"]` or you could specify `[\"aws:pass\", \u201ccustomActionName\u201d]` . For information about compatibility, see the custom action descriptions.", - "title": "StatelessFragmentDefaultActions", - "type": "array" + "FrequencyInSeconds": { + "markdownDescription": "The frequency that a message is sent to the user. When the period ends, Amazon Lex chooses a message from the message groups and plays it to the user. If the fulfillment Lambda returns before the first period ends, an update message is not played to the user.", + "title": "FrequencyInSeconds", + "type": "number" }, - "StatelessRuleGroupReferences": { + "MessageGroups": { "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.StatelessRuleGroupReference" + "$ref": "#/definitions/AWS::Lex::Bot.MessageGroup" }, - "markdownDescription": "References to the stateless rule groups that are used in the policy. These define the matching criteria in stateless rules.", - "title": "StatelessRuleGroupReferences", + "markdownDescription": "1 - 5 message groups that contain update messages. Amazon Lex chooses one of the messages to play to the user.", + "title": "MessageGroups", "type": "array" - }, - "TLSInspectionConfigurationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the TLS inspection configuration.", - "title": "TLSInspectionConfigurationArn", - "type": "string" } }, "required": [ - "StatelessDefaultActions", - "StatelessFragmentDefaultActions" + "FrequencyInSeconds", + "MessageGroups" ], "type": "object" }, - "AWS::NetworkFirewall::FirewallPolicy.IPSet": { + "AWS::Lex::Bot.FulfillmentUpdatesSpecification": { "additionalProperties": false, "properties": { - "Definition": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of IP addresses and address ranges, in CIDR notation.", - "title": "Definition", - "type": "array" + "Active": { + "markdownDescription": "Determines whether fulfillment updates are sent to the user. When this field is true, updates are sent.\n\nIf the `active` field is set to true, the `startResponse` , `updateResponse` , and `timeoutInSeconds` fields are required.", + "title": "Active", + "type": "boolean" + }, + "StartResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.FulfillmentStartResponseSpecification", + "markdownDescription": "Provides configuration information for the message sent to users when the fulfillment Lambda functions starts running.", + "title": "StartResponse" + }, + "TimeoutInSeconds": { + "markdownDescription": "The length of time that the fulfillment Lambda function should run before it times out.", + "title": "TimeoutInSeconds", + "type": "number" + }, + "UpdateResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.FulfillmentUpdateResponseSpecification", + "markdownDescription": "Provides configuration information for messages sent periodically to the user while the fulfillment Lambda function is running.", + "title": "UpdateResponse" } }, + "required": [ + "Active" + ], "type": "object" }, - "AWS::NetworkFirewall::FirewallPolicy.PolicyVariables": { + "AWS::Lex::Bot.GenerativeAISettings": { "additionalProperties": false, "properties": { - "RuleVariables": { - "additionalProperties": false, - "markdownDescription": "The IPv4 or IPv6 addresses in CIDR notation to use for the Suricata `HOME_NET` variable. If your firewall uses an inspection VPC, you might want to override the `HOME_NET` variable with the CIDRs of your home networks. If you don't override `HOME_NET` with your own CIDRs, Network Firewall by default uses the CIDR of your inspection VPC.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.IPSet" - } - }, - "title": "RuleVariables", - "type": "object" + "BuildtimeSettings": { + "$ref": "#/definitions/AWS::Lex::Bot.BuildtimeSettings", + "markdownDescription": "", + "title": "BuildtimeSettings" + }, + "RuntimeSettings": { + "$ref": "#/definitions/AWS::Lex::Bot.RuntimeSettings", + "markdownDescription": "", + "title": "RuntimeSettings" } }, "type": "object" }, - "AWS::NetworkFirewall::FirewallPolicy.PublishMetricAction": { + "AWS::Lex::Bot.GrammarSlotTypeSetting": { "additionalProperties": false, "properties": { - "Dimensions": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.Dimension" - }, - "markdownDescription": "", - "title": "Dimensions", - "type": "array" + "Source": { + "$ref": "#/definitions/AWS::Lex::Bot.GrammarSlotTypeSource", + "markdownDescription": "The source of the grammar used to create the slot type.", + "title": "Source" } }, - "required": [ - "Dimensions" - ], "type": "object" }, - "AWS::NetworkFirewall::FirewallPolicy.StatefulEngineOptions": { + "AWS::Lex::Bot.GrammarSlotTypeSource": { "additionalProperties": false, "properties": { - "RuleOrder": { - "markdownDescription": "Indicates how to manage the order of stateful rule evaluation for the policy. `DEFAULT_ACTION_ORDER` is the default behavior. Stateful rules are provided to the rule engine as Suricata compatible strings, and Suricata evaluates them based on certain settings. For more information, see [Evaluation order for stateful rules](https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html) in the *AWS Network Firewall Developer Guide* .", - "title": "RuleOrder", + "KmsKeyArn": { + "markdownDescription": "The AWS KMS key required to decrypt the contents of the grammar, if any.", + "title": "KmsKeyArn", "type": "string" }, - "StreamExceptionPolicy": { - "markdownDescription": "Configures how Network Firewall processes traffic when a network connection breaks midstream. Network connections can break due to disruptions in external networks or within the firewall itself.\n\n- `DROP` - Network Firewall fails closed and drops all subsequent traffic going to the firewall. This is the default behavior.\n- `CONTINUE` - Network Firewall continues to apply rules to the subsequent traffic without context from traffic before the break. This impacts the behavior of rules that depend on this context. For example, if you have a stateful rule to `drop http` traffic, Network Firewall won't match the traffic for this rule because the service won't have the context from session initialization defining the application layer protocol as HTTP. However, this behavior is rule dependent\u2014a TCP-layer rule using a `flow:stateless` rule would still match, as would the `aws:drop_strict` default action.\n- `REJECT` - Network Firewall fails closed and drops all subsequent traffic going to the firewall. Network Firewall also sends a TCP reject packet back to your client so that the client can immediately establish a new session. Network Firewall will have context about the new session and will apply rules to the subsequent traffic.", - "title": "StreamExceptionPolicy", + "S3BucketName": { + "markdownDescription": "The name of the Amazon S3 bucket that contains the grammar source.", + "title": "S3BucketName", + "type": "string" + }, + "S3ObjectKey": { + "markdownDescription": "The path to the grammar in the Amazon S3 bucket.", + "title": "S3ObjectKey", "type": "string" } }, + "required": [ + "S3BucketName", + "S3ObjectKey" + ], "type": "object" }, - "AWS::NetworkFirewall::FirewallPolicy.StatefulRuleGroupOverride": { + "AWS::Lex::Bot.ImageResponseCard": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The action that changes the rule group from `DROP` to `ALERT` . This only applies to managed rule groups.", - "title": "Action", + "Buttons": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.Button" + }, + "markdownDescription": "A list of buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button.", + "title": "Buttons", + "type": "array" + }, + "ImageUrl": { + "markdownDescription": "The URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.", + "title": "ImageUrl", + "type": "string" + }, + "Subtitle": { + "markdownDescription": "The subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.", + "title": "Subtitle", + "type": "string" + }, + "Title": { + "markdownDescription": "The title to display on the response card. The format of the title is determined by the platform displaying the response card.", + "title": "Title", "type": "string" } }, + "required": [ + "Title" + ], "type": "object" }, - "AWS::NetworkFirewall::FirewallPolicy.StatefulRuleGroupReference": { + "AWS::Lex::Bot.InitialResponseSetting": { "additionalProperties": false, "properties": { - "Override": { - "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.StatefulRuleGroupOverride", - "markdownDescription": "The action that allows the policy owner to override the behavior of the rule group within a policy.", - "title": "Override" + "CodeHook": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogCodeHookInvocationSetting", + "markdownDescription": "Settings that specify the dialog code hook that is called by Amazon Lex at a step of the conversation.", + "title": "CodeHook" }, - "Priority": { - "markdownDescription": "An integer setting that indicates the order in which to run the stateful rule groups in a single `FirewallPolicy` . This setting only applies to firewall policies that specify the `STRICT_ORDER` rule order in the stateful engine options settings.\n\nNetwork Firewall evalutes each stateful rule group against a packet starting with the group that has the lowest priority setting. You must ensure that the priority settings are unique within each policy.\n\nYou can change the priority settings of your rule groups at any time. To make it easier to insert rule groups later, number them so there's a wide range in between, for example use 100, 200, and so on.", - "title": "Priority", - "type": "number" + "Conditional": { + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", + "markdownDescription": "Provides a list of conditional branches. Branches are evaluated in the order that they are entered in the list. The first branch with a condition that evaluates to true is executed. The last branch in the list is the default branch. The default branch should not have any condition expression. The default branch is executed if no other branch has a matching condition.", + "title": "Conditional" }, - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the stateful rule group.", - "title": "ResourceArn", - "type": "string" + "InitialResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input.", + "title": "InitialResponse" + }, + "NextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "The next step in the conversation.", + "title": "NextStep" } }, - "required": [ - "ResourceArn" - ], "type": "object" }, - "AWS::NetworkFirewall::FirewallPolicy.StatelessRuleGroupReference": { + "AWS::Lex::Bot.InputContext": { "additionalProperties": false, "properties": { - "Priority": { - "markdownDescription": "An integer setting that indicates the order in which to run the stateless rule groups in a single `FirewallPolicy` . Network Firewall applies each stateless rule group to a packet starting with the group that has the lowest priority setting. You must ensure that the priority settings are unique within each policy.", - "title": "Priority", - "type": "number" - }, - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the stateless rule group.", - "title": "ResourceArn", + "Name": { + "markdownDescription": "The name of the context.", + "title": "Name", "type": "string" } }, "required": [ - "Priority", - "ResourceArn" + "Name" ], "type": "object" }, - "AWS::NetworkFirewall::LoggingConfiguration": { + "AWS::Lex::Bot.Intent": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "BedrockAgentIntentConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.BedrockAgentIntentConfiguration", + "markdownDescription": "", + "title": "BedrockAgentIntentConfiguration" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Description": { + "markdownDescription": "A description of the intent. Use the description to help identify the intent in lists.", + "title": "Description", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "DialogCodeHook": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogCodeHookSetting", + "markdownDescription": "Specifies that Amazon Lex invokes the alias Lambda function for each user input. You can invoke this Lambda function to personalize user interaction.", + "title": "DialogCodeHook" }, - "Metadata": { - "type": "object" + "FulfillmentCodeHook": { + "$ref": "#/definitions/AWS::Lex::Bot.FulfillmentCodeHookSetting", + "markdownDescription": "Specifies that Amazon Lex invokes the alias Lambda function when the intent is ready for fulfillment. You can invoke this function to complete the bot's transaction with the user.", + "title": "FulfillmentCodeHook" }, - "Properties": { - "additionalProperties": false, - "properties": { - "FirewallArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the `Firewall` that the logging configuration is associated with. You can't change the firewall specification after you create the logging configuration.", - "title": "FirewallArn", - "type": "string" - }, - "FirewallName": { - "markdownDescription": "The name of the firewall that the logging configuration is associated with. You can't change the firewall specification after you create the logging configuration.", - "title": "FirewallName", - "type": "string" - }, - "LoggingConfiguration": { - "$ref": "#/definitions/AWS::NetworkFirewall::LoggingConfiguration.LoggingConfiguration", - "markdownDescription": "Defines how AWS Network Firewall performs logging for a `Firewall` .", - "title": "LoggingConfiguration" - } + "InitialResponseSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.InitialResponseSetting", + "markdownDescription": "Configuration setting for a response sent to the user before Amazon Lex starts eliciting slots.", + "title": "InitialResponseSetting" + }, + "InputContexts": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.InputContext" }, - "required": [ - "FirewallArn", - "LoggingConfiguration" - ], - "type": "object" + "markdownDescription": "A list of contexts that must be active for this intent to be considered by Amazon Lex .", + "title": "InputContexts", + "type": "array" }, - "Type": { - "enum": [ - "AWS::NetworkFirewall::LoggingConfiguration" - ], + "IntentClosingSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.IntentClosingSetting", + "markdownDescription": "Sets the response that Amazon Lex sends to the user when the intent is closed.", + "title": "IntentClosingSetting" + }, + "IntentConfirmationSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.IntentConfirmationSetting", + "markdownDescription": "Provides prompts that Amazon Lex sends to the user to confirm the completion of an intent. If the user answers \"no,\" the settings contain a statement that is sent to the user to end the intent.", + "title": "IntentConfirmationSetting" + }, + "KendraConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.KendraConfiguration", + "markdownDescription": "Provides configuration information for the `AMAZON.KendraSearchIntent` intent. When you use this intent, Amazon Lex searches the specified Amazon Kendra index and returns documents from the index that match the user's utterance.", + "title": "KendraConfiguration" + }, + "Name": { + "markdownDescription": "The name of the intent. Intent names must be unique within the locale that contains the intent and can't match the name of any built-in intent.", + "title": "Name", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "OutputContexts": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.OutputContext" + }, + "markdownDescription": "A list of contexts that the intent activates when it is fulfilled.", + "title": "OutputContexts", + "type": "array" + }, + "ParentIntentSignature": { + "markdownDescription": "A unique identifier for the built-in intent to base this intent on.", + "title": "ParentIntentSignature", "type": "string" + }, + "QInConnectIntentConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.QInConnectIntentConfiguration", + "markdownDescription": "", + "title": "QInConnectIntentConfiguration" + }, + "QnAIntentConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.QnAIntentConfiguration", + "markdownDescription": "", + "title": "QnAIntentConfiguration" + }, + "SampleUtterances": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.SampleUtterance" + }, + "markdownDescription": "A list of utterances that a user might say to signal the intent.", + "title": "SampleUtterances", + "type": "array" + }, + "SlotPriorities": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotPriority" + }, + "markdownDescription": "Indicates the priority for slots. Amazon Lex prompts the user for slot values in priority order.", + "title": "SlotPriorities", + "type": "array" + }, + "Slots": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.Slot" + }, + "markdownDescription": "A list of slots that the intent requires for fulfillment.", + "title": "Slots", + "type": "array" } }, "required": [ - "Type", - "Properties" + "Name" ], "type": "object" }, - "AWS::NetworkFirewall::LoggingConfiguration.LogDestinationConfig": { + "AWS::Lex::Bot.IntentClosingSetting": { "additionalProperties": false, "properties": { - "LogDestination": { - "additionalProperties": true, - "markdownDescription": "The named location for the logs, provided in a key:value mapping that is specific to the chosen destination type.\n\n- For an Amazon S3 bucket, provide the name of the bucket, with key `bucketName` , and optionally provide a prefix, with key `prefix` .\n\nThe following example specifies an Amazon S3 bucket named `DOC-EXAMPLE-BUCKET` and the prefix `alerts` :\n\n`\"LogDestination\": { \"bucketName\": \"DOC-EXAMPLE-BUCKET\", \"prefix\": \"alerts\" }`\n- For a CloudWatch log group, provide the name of the CloudWatch log group, with key `logGroup` . The following example specifies a log group named `alert-log-group` :\n\n`\"LogDestination\": { \"logGroup\": \"alert-log-group\" }`\n- For a Firehose delivery stream, provide the name of the delivery stream, with key `deliveryStream` . The following example specifies a delivery stream named `alert-delivery-stream` :\n\n`\"LogDestination\": { \"deliveryStream\": \"alert-delivery-stream\" }`", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "LogDestination", - "type": "object" + "ClosingResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "The response that Amazon Lex sends to the user when the intent is complete.", + "title": "ClosingResponse" }, - "LogDestinationType": { - "markdownDescription": "The type of storage destination to send these logs to. You can send logs to an Amazon S3 bucket, a CloudWatch log group, or a Firehose delivery stream.", - "title": "LogDestinationType", - "type": "string" + "Conditional": { + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", + "markdownDescription": "A list of conditional branches associated with the intent's closing response. These branches are executed when the `nextStep` attribute is set to `EvalutateConditional` .", + "title": "Conditional" }, - "LogType": { - "markdownDescription": "The type of log to record. You can record the following types of logs from your Network Firewall stateful engine.\n\n- `ALERT` - Logs for traffic that matches your stateful rules and that have an action that sends an alert. A stateful rule sends alerts for the rule actions DROP, ALERT, and REJECT. For more information, see the `StatefulRule` property.\n- `FLOW` - Standard network traffic flow logs. The stateful rules engine records flow logs for all network traffic that it receives. Each flow log record captures the network flow for a specific standard stateless rule group.\n- `TLS` - Logs for events that are related to TLS inspection. For more information, see [Inspecting SSL/TLS traffic with TLS inspection configurations](https://docs.aws.amazon.com/network-firewall/latest/developerguide/tls-inspection-configurations.html) in the *Network Firewall Developer Guide* .", - "title": "LogType", - "type": "string" + "IsActive": { + "markdownDescription": "Specifies whether an intent's closing response is used. When this field is false, the closing response isn't sent to the user. If the `IsActive` field isn't specified, the default is true.", + "title": "IsActive", + "type": "boolean" + }, + "NextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "Specifies the next step that the bot executes after playing the intent's closing response.", + "title": "NextStep" + } + }, + "type": "object" + }, + "AWS::Lex::Bot.IntentConfirmationSetting": { + "additionalProperties": false, + "properties": { + "CodeHook": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogCodeHookInvocationSetting", + "markdownDescription": "The `DialogCodeHookInvocationSetting` object associated with intent's confirmation step. The dialog code hook is triggered based on these invocation settings when the confirmation next step or declination next step or failure next step is `InvokeDialogCodeHook` .", + "title": "CodeHook" + }, + "ConfirmationConditional": { + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", + "markdownDescription": "A list of conditional branches to evaluate after the intent is closed.", + "title": "ConfirmationConditional" + }, + "ConfirmationNextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "Specifies the next step that the bot executes when the customer confirms the intent.", + "title": "ConfirmationNextStep" + }, + "ConfirmationResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input.", + "title": "ConfirmationResponse" + }, + "DeclinationConditional": { + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", + "markdownDescription": "A list of conditional branches to evaluate after the intent is declined.", + "title": "DeclinationConditional" + }, + "DeclinationNextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "Specifies the next step that the bot executes when the customer declines the intent.", + "title": "DeclinationNextStep" + }, + "DeclinationResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "When the user answers \"no\" to the question defined in `promptSpecification` , Amazon Lex responds with this response to acknowledge that the intent was canceled.", + "title": "DeclinationResponse" + }, + "ElicitationCodeHook": { + "$ref": "#/definitions/AWS::Lex::Bot.ElicitationCodeHookInvocationSetting", + "markdownDescription": "The `DialogCodeHookInvocationSetting` used when the code hook is invoked during confirmation prompt retries.", + "title": "ElicitationCodeHook" + }, + "FailureConditional": { + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", + "markdownDescription": "Provides a list of conditional branches. Branches are evaluated in the order that they are entered in the list. The first branch with a condition that evaluates to true is executed. The last branch in the list is the default branch. The default branch should not have any condition expression. The default branch is executed if no other branch has a matching condition.", + "title": "FailureConditional" + }, + "FailureNextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "The next step to take in the conversation if the confirmation step fails.", + "title": "FailureNextStep" + }, + "FailureResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input when the intent confirmation fails.", + "title": "FailureResponse" + }, + "IsActive": { + "markdownDescription": "Specifies whether the intent's confirmation is sent to the user. When this field is false, confirmation and declination responses aren't sent. If the `IsActive` field isn't specified, the default is true.", + "title": "IsActive", + "type": "boolean" + }, + "PromptSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.PromptSpecification", + "markdownDescription": "Prompts the user to confirm the intent. This question should have a yes or no answer.\n\nAmazon Lex uses this prompt to ensure that the user acknowledges that the intent is ready for fulfillment. For example, with the `OrderPizza` intent, you might want to confirm that the order is correct before placing it. For other intents, such as intents that simply respond to user questions, you might not need to ask the user for confirmation before providing the information.", + "title": "PromptSpecification" } }, "required": [ - "LogDestination", - "LogDestinationType", - "LogType" + "PromptSpecification" ], "type": "object" }, - "AWS::NetworkFirewall::LoggingConfiguration.LoggingConfiguration": { + "AWS::Lex::Bot.IntentOverride": { "additionalProperties": false, "properties": { - "LogDestinationConfigs": { + "Name": { + "markdownDescription": "The name of the intent. Only required when you're switching intents.", + "title": "Name", + "type": "string" + }, + "Slots": { "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::LoggingConfiguration.LogDestinationConfig" + "$ref": "#/definitions/AWS::Lex::Bot.SlotValueOverrideMap" }, - "markdownDescription": "Defines the logging destinations for the logs for a firewall. Network Firewall generates logs for stateful rule groups.", - "title": "LogDestinationConfigs", + "markdownDescription": "A map of all of the slot value overrides for the intent. The name of the slot maps to the value of the slot. Slots that are not included in the map aren't overridden.", + "title": "Slots", "type": "array" } }, - "required": [ - "LogDestinationConfigs" - ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup": { + "AWS::Lex::Bot.KendraConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "KendraIndex": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Kendra index that you want the `AMAZON.KendraSearchIntent` intent to search. The index must be in the same account and Region as the Amazon Lex bot.", + "title": "KendraIndex", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "QueryFilterString": { + "markdownDescription": "A query filter that Amazon Lex sends to Amazon Kendra to filter the response from a query. The filter is in the format defined by Amazon Kendra. For more information, see [Filtering queries](https://docs.aws.amazon.com/kendra/latest/dg/filtering.html) .", + "title": "QueryFilterString", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Capacity": { - "markdownDescription": "The maximum operating resources that this rule group can use. You can't change a rule group's capacity setting after you create the rule group. When you update a rule group, you are limited to this capacity. When you reference a rule group from a firewall policy, Network Firewall reserves this capacity for the rule group.", - "title": "Capacity", - "type": "number" - }, - "Description": { - "markdownDescription": "A description of the rule group.", - "title": "Description", - "type": "string" - }, - "RuleGroup": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.RuleGroup", - "markdownDescription": "An object that defines the rule group rules.", - "title": "RuleGroup" - }, - "RuleGroupName": { - "markdownDescription": "The descriptive name of the rule group. You can't change the name of a rule group after you create it.", - "title": "RuleGroupName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - }, - "Type": { - "markdownDescription": "Indicates whether the rule group is stateless or stateful. If the rule group is stateless, it contains\nstateless rules. If it is stateful, it contains stateful rules.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Capacity", - "RuleGroupName", - "Type" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::NetworkFirewall::RuleGroup" - ], + "QueryFilterStringEnabled": { + "markdownDescription": "Determines whether the `AMAZON.KendraSearchIntent` intent uses a custom query string to query the Amazon Kendra index.", + "title": "QueryFilterStringEnabled", + "type": "boolean" + } + }, + "required": [ + "KendraIndex" + ], + "type": "object" + }, + "AWS::Lex::Bot.LambdaCodeHook": { + "additionalProperties": false, + "properties": { + "CodeHookInterfaceVersion": { + "markdownDescription": "The version of the request-response that you want Amazon Lex to use to invoke your Lambda function.", + "title": "CodeHookInterfaceVersion", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "LambdaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function.", + "title": "LambdaArn", "type": "string" } }, "required": [ - "Type", - "Properties" + "CodeHookInterfaceVersion", + "LambdaArn" ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.ActionDefinition": { + "AWS::Lex::Bot.Message": { "additionalProperties": false, "properties": { - "PublishMetricAction": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.PublishMetricAction", - "markdownDescription": "Stateless inspection criteria that publishes the specified metrics to Amazon CloudWatch for the matching packet. This setting defines a CloudWatch dimension value to be published.\n\nYou can pair this custom action with any of the standard stateless rule actions. For example, you could pair this in a rule action with the standard action that forwards the packet for stateful inspection. Then, when a packet matches the rule, Network Firewall publishes metrics for the packet and forwards it.", - "title": "PublishMetricAction" + "CustomPayload": { + "$ref": "#/definitions/AWS::Lex::Bot.CustomPayload", + "markdownDescription": "A message in a custom format defined by the client application.", + "title": "CustomPayload" + }, + "ImageResponseCard": { + "$ref": "#/definitions/AWS::Lex::Bot.ImageResponseCard", + "markdownDescription": "A message that defines a response card that the client application can show to the user.", + "title": "ImageResponseCard" + }, + "PlainTextMessage": { + "$ref": "#/definitions/AWS::Lex::Bot.PlainTextMessage", + "markdownDescription": "A message in plain text format.", + "title": "PlainTextMessage" + }, + "SSMLMessage": { + "$ref": "#/definitions/AWS::Lex::Bot.SSMLMessage", + "markdownDescription": "A message in Speech Synthesis Markup Language (SSML).", + "title": "SSMLMessage" } }, "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.Address": { + "AWS::Lex::Bot.MessageGroup": { "additionalProperties": false, "properties": { - "AddressDefinition": { - "markdownDescription": "Specify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4 and IPv6.\n\nExamples:\n\n- To configure Network Firewall to inspect for the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n- To configure Network Firewall to inspect for the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure Network Firewall to inspect for IP addresses from 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .", - "title": "AddressDefinition", - "type": "string" + "Message": { + "$ref": "#/definitions/AWS::Lex::Bot.Message", + "markdownDescription": "The primary message that Amazon Lex should send to the user.", + "title": "Message" + }, + "Variations": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.Message" + }, + "markdownDescription": "Message variations to send to the user. When variations are defined, Amazon Lex chooses the primary message or one of the variations to send to the user.", + "title": "Variations", + "type": "array" } }, "required": [ - "AddressDefinition" + "Message" ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.CustomAction": { + "AWS::Lex::Bot.MultipleValuesSetting": { "additionalProperties": false, "properties": { - "ActionDefinition": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.ActionDefinition", - "markdownDescription": "The custom action associated with the action name.", - "title": "ActionDefinition" - }, - "ActionName": { - "markdownDescription": "The descriptive name of the custom action. You can't change the name of a custom action after you create it.", - "title": "ActionName", - "type": "string" + "AllowMultipleValues": { + "markdownDescription": "Indicates whether a slot can return multiple values. When `true` , the slot may return more than one value in a response. When `false` , the slot returns only a single value.\n\nMulti-value slots are only available in the en-US locale. If you set this value to `true` in any other locale, Amazon Lex throws a `ValidationException` .\n\nIf the `allowMutlipleValues` is not set, the default value is `false` .", + "title": "AllowMultipleValues", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::Lex::Bot.NluImprovementSpecification": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Determines whether the Assisted NLU feature is enabled for the bot. When set to `true` , Amazon Lex uses advanced models to improve intent recognition and slot resolution, with the default being `false` .", + "title": "Enabled", + "type": "boolean" } }, "required": [ - "ActionDefinition", - "ActionName" + "Enabled" ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.Dimension": { + "AWS::Lex::Bot.ObfuscationSetting": { "additionalProperties": false, "properties": { - "Value": { - "markdownDescription": "The value to use in the custom metric dimension.", - "title": "Value", + "ObfuscationSettingType": { + "markdownDescription": "Value that determines whether Amazon Lex obscures slot values in conversation logs. The default is to obscure the values.", + "title": "ObfuscationSettingType", "type": "string" } }, "required": [ - "Value" + "ObfuscationSettingType" ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.Header": { + "AWS::Lex::Bot.OpensearchConfiguration": { "additionalProperties": false, "properties": { - "Destination": { - "markdownDescription": "The destination IP address or address range to inspect for, in CIDR notation. To match with any address, specify `ANY` .\n\nSpecify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4 and IPv6.\n\nExamples:\n\n- To configure Network Firewall to inspect for the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n- To configure Network Firewall to inspect for the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure Network Firewall to inspect for IP addresses from 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .", - "title": "Destination", + "DomainEndpoint": { + "markdownDescription": "The endpoint of the Amazon OpenSearch Service domain.", + "title": "DomainEndpoint", "type": "string" }, - "DestinationPort": { - "markdownDescription": "The destination port to inspect for. You can specify an individual port, for example `1994` and you can specify a port range, for example `1990:1994` . To match with any port, specify `ANY` .", - "title": "DestinationPort", - "type": "string" + "ExactResponse": { + "markdownDescription": "Specifies whether to return an exact response or to return an answer generated by the model using the fields you specify from the database.", + "title": "ExactResponse", + "type": "boolean" }, - "Direction": { - "markdownDescription": "The direction of traffic flow to inspect. If set to `ANY` , the inspection matches bidirectional traffic, both from the source to the destination and from the destination to the source. If set to `FORWARD` , the inspection only matches traffic going from the source to the destination.", - "title": "Direction", - "type": "string" + "ExactResponseFields": { + "$ref": "#/definitions/AWS::Lex::Bot.ExactResponseFields", + "markdownDescription": "Contains the names of the fields used for an exact response to the user.", + "title": "ExactResponseFields" }, - "Protocol": { - "markdownDescription": "The protocol to inspect for. To specify all, you can use `IP` , because all traffic on AWS and on the internet is IP.", - "title": "Protocol", - "type": "string" + "IncludeFields": { + "items": { + "type": "string" + }, + "markdownDescription": "Contains a list of fields from the Amazon OpenSearch Service that the model can use to generate the answer to the query.", + "title": "IncludeFields", + "type": "array" }, - "Source": { - "markdownDescription": "The source IP address or address range to inspect for, in CIDR notation. To match with any address, specify `ANY` .\n\nSpecify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4 and IPv6.\n\nExamples:\n\n- To configure Network Firewall to inspect for the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n- To configure Network Firewall to inspect for the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure Network Firewall to inspect for IP addresses from 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .", - "title": "Source", + "IndexName": { + "markdownDescription": "The name of the Amazon OpenSearch Service index.", + "title": "IndexName", "type": "string" - }, - "SourcePort": { - "markdownDescription": "The source port to inspect for. You can specify an individual port, for example `1994` and you can specify a port range, for example `1990:1994` . To match with any port, specify `ANY` .", - "title": "SourcePort", + } + }, + "type": "object" + }, + "AWS::Lex::Bot.OutputContext": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the output context.", + "title": "Name", "type": "string" + }, + "TimeToLiveInSeconds": { + "markdownDescription": "The amount of time, in seconds, that the output context should remain active. The time is figured from the first time the context is sent to the user.", + "title": "TimeToLiveInSeconds", + "type": "number" + }, + "TurnsToLive": { + "markdownDescription": "The number of conversation turns that the output context should remain active. The number of turns is counted from the first time that the context is sent to the user.", + "title": "TurnsToLive", + "type": "number" } }, "required": [ - "Destination", - "DestinationPort", - "Direction", - "Protocol", - "Source", - "SourcePort" + "Name", + "TimeToLiveInSeconds", + "TurnsToLive" ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.IPSet": { + "AWS::Lex::Bot.PlainTextMessage": { "additionalProperties": false, "properties": { - "Definition": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of IP addresses and address ranges, in CIDR notation.", - "title": "Definition", - "type": "array" + "Value": { + "markdownDescription": "The message to send to the user.", + "title": "Value", + "type": "string" } }, + "required": [ + "Value" + ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.IPSetReference": { + "AWS::Lex::Bot.PostDialogCodeHookInvocationSpecification": { "additionalProperties": false, "properties": { - "ReferenceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource to include in the `RuleGroup.IPSetReference` .", - "title": "ReferenceArn", - "type": "string" + "FailureConditional": { + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", + "markdownDescription": "A list of conditional branches to evaluate after the dialog code hook throws an exception or returns with the `State` field of the `Intent` object set to `Failed` .", + "title": "FailureConditional" + }, + "FailureNextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "Specifies the next step the bot runs after the dialog code hook throws an exception or returns with the `State` field of the `Intent` object set to `Failed` .", + "title": "FailureNextStep" + }, + "FailureResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input when the code hook fails.", + "title": "FailureResponse" + }, + "SuccessConditional": { + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", + "markdownDescription": "A list of conditional branches to evaluate after the dialog code hook finishes successfully.", + "title": "SuccessConditional" + }, + "SuccessNextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "Specifics the next step the bot runs after the dialog code hook finishes successfully.", + "title": "SuccessNextStep" + }, + "SuccessResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond when the code hook succeeds.", + "title": "SuccessResponse" + }, + "TimeoutConditional": { + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", + "markdownDescription": "A list of conditional branches to evaluate if the code hook times out.", + "title": "TimeoutConditional" + }, + "TimeoutNextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "Specifies the next step that the bot runs when the code hook times out.", + "title": "TimeoutNextStep" + }, + "TimeoutResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond to the user input when the code hook times out.", + "title": "TimeoutResponse" } }, "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.MatchAttributes": { + "AWS::Lex::Bot.PostFulfillmentStatusSpecification": { "additionalProperties": false, "properties": { - "DestinationPorts": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.PortRange" - }, - "markdownDescription": "The destination port to inspect for. You can specify an individual port, for example `1994` and you can specify a port range, for example `1990:1994` . To match with any port, specify `ANY` .\n\nThis setting is only used for protocols 6 (TCP) and 17 (UDP).", - "title": "DestinationPorts", - "type": "array" + "FailureConditional": { + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", + "markdownDescription": "A list of conditional branches to evaluate after the fulfillment code hook throws an exception or returns with the `State` field of the `Intent` object set to `Failed` .", + "title": "FailureConditional" }, - "Destinations": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.Address" - }, - "markdownDescription": "The destination IP addresses and address ranges to inspect for, in CIDR notation. If not specified, this matches with any destination address.", - "title": "Destinations", - "type": "array" + "FailureNextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "Specifies the next step the bot runs after the fulfillment code hook throws an exception or returns with the `State` field of the `Intent` object set to `Failed` .", + "title": "FailureNextStep" }, - "Protocols": { - "items": { - "type": "number" - }, - "markdownDescription": "The protocols to inspect for, specified using the assigned internet protocol number (IANA) for each protocol. If not specified, this matches with any protocol.", - "title": "Protocols", - "type": "array" + "FailureResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond when fulfillment isn't successful.", + "title": "FailureResponse" }, - "SourcePorts": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.PortRange" - }, - "markdownDescription": "The source port to inspect for. You can specify an individual port, for example `1994` and you can specify a port range, for example `1990:1994` . To match with any port, specify `ANY` .\n\nIf not specified, this matches with any source port.\n\nThis setting is only used for protocols 6 (TCP) and 17 (UDP).", - "title": "SourcePorts", - "type": "array" + "SuccessConditional": { + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", + "markdownDescription": "A list of conditional branches to evaluate after the fulfillment code hook finishes successfully.", + "title": "SuccessConditional" }, - "Sources": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.Address" - }, - "markdownDescription": "The source IP addresses and address ranges to inspect for, in CIDR notation. If not specified, this matches with any source address.", - "title": "Sources", - "type": "array" + "SuccessNextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "Specifies the next step in the conversation that Amazon Lex invokes when the fulfillment code hook completes successfully.", + "title": "SuccessNextStep" }, - "TCPFlags": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.TCPFlagField" - }, - "markdownDescription": "The TCP flags and masks to inspect for. If not specified, this matches with any settings. This setting is only used for protocol 6 (TCP).", - "title": "TCPFlags", - "type": "array" + "SuccessResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond when the fulfillment is successful.", + "title": "SuccessResponse" + }, + "TimeoutConditional": { + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", + "markdownDescription": "A list of conditional branches to evaluate if the fulfillment code hook times out.", + "title": "TimeoutConditional" + }, + "TimeoutNextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "Specifies the next step that the bot runs when the fulfillment code hook times out.", + "title": "TimeoutNextStep" + }, + "TimeoutResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond when fulfillment isn't completed within the timeout period.", + "title": "TimeoutResponse" } }, "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.PortRange": { + "AWS::Lex::Bot.PromptAttemptSpecification": { "additionalProperties": false, "properties": { - "FromPort": { - "markdownDescription": "The lower limit of the port range. This must be less than or equal to the `ToPort` specification.", - "title": "FromPort", - "type": "number" + "AllowInterrupt": { + "markdownDescription": "Indicates whether the user can interrupt a speech prompt attempt from the bot.", + "title": "AllowInterrupt", + "type": "boolean" }, - "ToPort": { - "markdownDescription": "The upper limit of the port range. This must be greater than or equal to the `FromPort` specification.", - "title": "ToPort", - "type": "number" + "AllowedInputTypes": { + "$ref": "#/definitions/AWS::Lex::Bot.AllowedInputTypes", + "markdownDescription": "Indicates the allowed input types of the prompt attempt.", + "title": "AllowedInputTypes" + }, + "AudioAndDTMFInputSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.AudioAndDTMFInputSpecification", + "markdownDescription": "Specifies the settings on audio and DTMF input.", + "title": "AudioAndDTMFInputSpecification" + }, + "TextInputSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.TextInputSpecification", + "markdownDescription": "Specifies the settings on text input.", + "title": "TextInputSpecification" } }, "required": [ - "FromPort", - "ToPort" + "AllowedInputTypes" ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.PortSet": { + "AWS::Lex::Bot.PromptSpecification": { "additionalProperties": false, "properties": { - "Definition": { + "AllowInterrupt": { + "markdownDescription": "Indicates whether the user can interrupt a speech prompt from the bot.", + "title": "AllowInterrupt", + "type": "boolean" + }, + "MaxRetries": { + "markdownDescription": "The maximum number of times the bot tries to elicit a response from the user using this prompt.", + "title": "MaxRetries", + "type": "number" + }, + "MessageGroupsList": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Lex::Bot.MessageGroup" }, - "markdownDescription": "The set of port ranges.", - "title": "Definition", + "markdownDescription": "A collection of messages that Amazon Lex can send to the user. Amazon Lex chooses the actual message to send at runtime.", + "title": "MessageGroupsList", "type": "array" + }, + "MessageSelectionStrategy": { + "markdownDescription": "Indicates how a message is selected from a message group among retries.", + "title": "MessageSelectionStrategy", + "type": "string" + }, + "PromptAttemptsSpecification": { + "additionalProperties": false, + "markdownDescription": "Specifies the advanced settings on each attempt of the prompt.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::Lex::Bot.PromptAttemptSpecification" + } + }, + "title": "PromptAttemptsSpecification", + "type": "object" } }, + "required": [ + "MaxRetries", + "MessageGroupsList" + ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.PublishMetricAction": { + "AWS::Lex::Bot.QInConnectAssistantConfiguration": { "additionalProperties": false, "properties": { - "Dimensions": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.Dimension" - }, + "AssistantArn": { "markdownDescription": "", - "title": "Dimensions", - "type": "array" + "title": "AssistantArn", + "type": "string" } }, "required": [ - "Dimensions" + "AssistantArn" ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.ReferenceSets": { + "AWS::Lex::Bot.QInConnectIntentConfiguration": { "additionalProperties": false, "properties": { - "IPSetReferences": { - "additionalProperties": false, - "markdownDescription": "The IP set references to use in the stateful rule group.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.IPSetReference" - } - }, - "title": "IPSetReferences", - "type": "object" + "QInConnectAssistantConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.QInConnectAssistantConfiguration", + "markdownDescription": "", + "title": "QInConnectAssistantConfiguration" } }, "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.RuleDefinition": { + "AWS::Lex::Bot.QnAIntentConfiguration": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "type": "string" - }, - "markdownDescription": "The actions to take on a packet that matches one of the stateless rule definition's match attributes. You must specify a standard action and you can add custom actions.\n\n> Network Firewall only forwards a packet for stateful rule inspection if you specify `aws:forward_to_sfe` for a rule that the packet matches, or if the packet doesn't match any stateless rule and you specify `aws:forward_to_sfe` for the `StatelessDefaultActions` setting for the `FirewallPolicy` . \n\nFor every rule, you must specify exactly one of the following standard actions.\n\n- *aws:pass* - Discontinues all inspection of the packet and permits it to go to its intended destination.\n- *aws:drop* - Discontinues all inspection of the packet and blocks it from going to its intended destination.\n- *aws:forward_to_sfe* - Discontinues stateless inspection of the packet and forwards it to the stateful rule engine for inspection.\n\nAdditionally, you can specify a custom action. To do this, you define a custom action by name and type, then provide the name you've assigned to the action in this `Actions` setting.\n\nTo provide more than one action in this setting, separate the settings with a comma. For example, if you have a publish metrics custom action that you've named `MyMetricsAction` , then you could specify the standard action `aws:pass` combined with the custom action using `[\u201caws:pass\u201d, \u201cMyMetricsAction\u201d]` .", - "title": "Actions", - "type": "array" + "BedrockModelConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.BedrockModelSpecification", + "markdownDescription": "", + "title": "BedrockModelConfiguration" }, - "MatchAttributes": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.MatchAttributes", - "markdownDescription": "Criteria for Network Firewall to use to inspect an individual packet in stateless rule inspection. Each match attributes set can include one or more items such as IP address, CIDR range, port number, protocol, and TCP flags.", - "title": "MatchAttributes" + "DataSourceConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.DataSourceConfiguration", + "markdownDescription": "Contains details about the configuration of the data source used for the `AMAZON.QnAIntent` .", + "title": "DataSourceConfiguration" } }, "required": [ - "Actions", - "MatchAttributes" + "BedrockModelConfiguration", + "DataSourceConfiguration" ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.RuleGroup": { + "AWS::Lex::Bot.QnAKendraConfiguration": { "additionalProperties": false, "properties": { - "ReferenceSets": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.ReferenceSets", - "markdownDescription": "The reference sets for the stateful rule group.", - "title": "ReferenceSets" + "ExactResponse": { + "markdownDescription": "Specifies whether to return an exact response from the Amazon Kendra index or to let the Amazon Bedrock model you select generate a response based on the results. To use this feature, you must first add FAQ questions to your index by following the steps at [Adding frequently asked questions (FAQs) to an index](https://docs.aws.amazon.com/kendra/latest/dg/in-creating-faq.html) .", + "title": "ExactResponse", + "type": "boolean" }, - "RuleVariables": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.RuleVariables", - "markdownDescription": "Settings that are available for use in the rules in the rule group. You can only use these for stateful rule groups.", - "title": "RuleVariables" + "KendraIndex": { + "markdownDescription": "The ARN of the Amazon Kendra index to use.", + "title": "KendraIndex", + "type": "string" }, - "RulesSource": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.RulesSource", - "markdownDescription": "The stateful rules or stateless rules for the rule group.", - "title": "RulesSource" + "QueryFilterString": { + "markdownDescription": "Contains the Amazon Kendra filter string to use if enabled. For more information on the Amazon Kendra search filter JSON format, see [Using document attributes to filter search results](https://docs.aws.amazon.com/kendra/latest/dg/filtering.html#search-filtering) .", + "title": "QueryFilterString", + "type": "string" }, - "StatefulRuleOptions": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.StatefulRuleOptions", - "markdownDescription": "Additional options governing how Network Firewall handles stateful rules. The policies where you use your stateful rule group must have stateful rule options settings that are compatible with these settings. Some limitations apply; for more information, see [Strict evaluation order](https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-limitations-caveats.html) in the *AWS Network Firewall Developer Guide* .", - "title": "StatefulRuleOptions" + "QueryFilterStringEnabled": { + "markdownDescription": "Specifies whether to enable an Amazon Kendra filter string or not.", + "title": "QueryFilterStringEnabled", + "type": "boolean" } }, "required": [ - "RulesSource" + "ExactResponse", + "KendraIndex", + "QueryFilterStringEnabled" ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.RuleOption": { + "AWS::Lex::Bot.Replication": { "additionalProperties": false, "properties": { - "Keyword": { - "markdownDescription": "The Suricata rule option keywords. For Network Firewall , the keyword signature ID (sid) is required in the format `sid:112233` . The sid must be unique within the rule group. For information about Suricata rule option keywords, see [Rule options](https://docs.aws.amazon.com/https://suricata.readthedocs.io/en/suricata-6.0.9/rules/intro.html#rule-options) .", - "title": "Keyword", - "type": "string" - }, - "Settings": { + "ReplicaRegions": { "items": { "type": "string" }, - "markdownDescription": "The Suricata rule option settings. Settings have zero or more values, and the number of possible settings and required settings depends on the keyword. The format for Settings is `number` . For information about Suricata rule option settings, see [Rule options](https://docs.aws.amazon.com/https://suricata.readthedocs.io/en/suricata-6.0.9/rules/intro.html#rule-options) .", - "title": "Settings", + "markdownDescription": "", + "title": "ReplicaRegions", "type": "array" } }, "required": [ - "Keyword" + "ReplicaRegions" ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.RuleVariables": { + "AWS::Lex::Bot.ResponseSpecification": { "additionalProperties": false, "properties": { - "IPSets": { - "additionalProperties": false, - "markdownDescription": "A list of IP addresses and address ranges, in CIDR notation.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.IPSet" - } - }, - "title": "IPSets", - "type": "object" + "AllowInterrupt": { + "markdownDescription": "Indicates whether the user can interrupt a speech response from Amazon Lex.", + "title": "AllowInterrupt", + "type": "boolean" }, - "PortSets": { - "additionalProperties": false, - "markdownDescription": "A list of port ranges.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.PortSet" - } + "MessageGroupsList": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.MessageGroup" }, - "title": "PortSets", - "type": "object" + "markdownDescription": "A collection of responses that Amazon Lex can send to the user. Amazon Lex chooses the actual response to send at runtime.", + "title": "MessageGroupsList", + "type": "array" } }, + "required": [ + "MessageGroupsList" + ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.RulesSource": { + "AWS::Lex::Bot.RuntimeSettings": { "additionalProperties": false, "properties": { - "RulesSourceList": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.RulesSourceList", - "markdownDescription": "Stateful inspection criteria for a domain list rule group.", - "title": "RulesSourceList" - }, - "RulesString": { - "markdownDescription": "Stateful inspection criteria, provided in Suricata compatible rules. Suricata is an open-source threat detection framework that includes a standard rule-based language for network traffic inspection.\n\nThese rules contain the inspection criteria and the action to take for traffic that matches the criteria, so this type of rule group doesn't have a separate action setting.\n\n> You can't use the `priority` keyword if the `RuleOrder` option in `StatefulRuleOptions` is set to `STRICT_ORDER` .", - "title": "RulesString", - "type": "string" - }, - "StatefulRules": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.StatefulRule" - }, - "markdownDescription": "An array of individual stateful rules inspection criteria to be used together in a stateful rule group. Use this option to specify simple Suricata rules with protocol, source and destination, ports, direction, and rule options. For information about the Suricata `Rules` format, see [Rules Format](https://docs.aws.amazon.com/https://suricata.readthedocs.io/en/suricata-7.0.3/rules/intro.html) .", - "title": "StatefulRules", - "type": "array" + "NluImprovementSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.NluImprovementSpecification", + "markdownDescription": "", + "title": "NluImprovementSpecification" }, - "StatelessRulesAndCustomActions": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.StatelessRulesAndCustomActions", - "markdownDescription": "Stateless inspection criteria to be used in a stateless rule group.", - "title": "StatelessRulesAndCustomActions" + "SlotResolutionImprovementSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotResolutionImprovementSpecification", + "markdownDescription": "", + "title": "SlotResolutionImprovementSpecification" } }, "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.RulesSourceList": { + "AWS::Lex::Bot.S3BucketLogDestination": { "additionalProperties": false, "properties": { - "GeneratedRulesType": { - "markdownDescription": "Whether you want to allow or deny access to the domains in your target list.", - "title": "GeneratedRulesType", + "KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Key Management Service (KMS) key for encrypting audio log files stored in an Amazon S3 bucket.", + "title": "KmsKeyArn", "type": "string" }, - "TargetTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The types of targets to inspect for. Valid values are `TLS_SNI` and `HTTP_HOST` .", - "title": "TargetTypes", - "type": "array" + "LogPrefix": { + "markdownDescription": "The S3 prefix to assign to audio log files.", + "title": "LogPrefix", + "type": "string" }, - "Targets": { - "items": { - "type": "string" - }, - "markdownDescription": "The domains that you want to inspect for in your traffic flows. Valid domain specifications are the following:\n\n- Explicit names. For example, `abc.example.com` matches only the domain `abc.example.com` .\n- Names that use a domain wildcard, which you indicate with an initial ' `.` '. For example, `.example.com` matches `example.com` and matches all subdomains of `example.com` , such as `abc.example.com` and `www.example.com` .", - "title": "Targets", - "type": "array" + "S3BucketArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an Amazon S3 bucket where audio log files are stored.", + "title": "S3BucketArn", + "type": "string" } }, "required": [ - "GeneratedRulesType", - "TargetTypes", - "Targets" + "LogPrefix", + "S3BucketArn" ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.StatefulRule": { + "AWS::Lex::Bot.S3Location": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "Defines what Network Firewall should do with the packets in a traffic flow when the flow matches the stateful rule criteria. For all actions, Network Firewall performs the specified action and discontinues stateful inspection of the traffic flow.\n\nThe actions for a stateful rule are defined as follows:\n\n- *PASS* - Permits the packets to go to the intended destination.\n- *DROP* - Blocks the packets from going to the intended destination and sends an alert log message, if alert logging is configured in the `Firewall` `LoggingConfiguration` .\n- *REJECT* - Drops traffic that matches the conditions of the stateful rule and sends a TCP reset packet back to sender of the packet. A TCP reset packet is a packet with no payload and a `RST` bit contained in the TCP header flags. `REJECT` is available only for TCP traffic.\n- *ALERT* - Permits the packets to go to the intended destination and sends an alert log message, if alert logging is configured in the `Firewall` `LoggingConfiguration` .\n\nYou can use this action to test a rule that you intend to use to drop traffic. You can enable the rule with `ALERT` action, verify in the logs that the rule is filtering as you want, then change the action to `DROP` .\n- *REJECT* - Drops TCP traffic that matches the conditions of the stateful rule, and sends a TCP reset packet back to sender of the packet. A TCP reset packet is a packet with no payload and a `RST` bit contained in the TCP header flags. Also sends an alert log mesage if alert logging is configured in the `Firewall` `LoggingConfiguration` .\n\n`REJECT` isn't currently available for use with IMAP and FTP protocols.", - "title": "Action", + "S3Bucket": { + "markdownDescription": "The S3 bucket name.", + "title": "S3Bucket", "type": "string" }, - "Header": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.Header", - "markdownDescription": "The stateful inspection criteria for this rule, used to inspect traffic flows.", - "title": "Header" + "S3ObjectKey": { + "markdownDescription": "The path and file name to the object in the S3 bucket.", + "title": "S3ObjectKey", + "type": "string" }, - "RuleOptions": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.RuleOption" - }, - "markdownDescription": "Additional settings for a stateful rule, provided as keywords and settings.", - "title": "RuleOptions", - "type": "array" + "S3ObjectVersion": { + "markdownDescription": "The version of the object in the S3 bucket.", + "title": "S3ObjectVersion", + "type": "string" } }, "required": [ - "Action", - "Header", - "RuleOptions" + "S3Bucket", + "S3ObjectKey" ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.StatefulRuleOptions": { + "AWS::Lex::Bot.SSMLMessage": { "additionalProperties": false, "properties": { - "RuleOrder": { - "markdownDescription": "Indicates how to manage the order of the rule evaluation for the rule group. `DEFAULT_ACTION_ORDER` is the default behavior. Stateful rules are provided to the rule engine as Suricata compatible strings, and Suricata evaluates them based on certain settings. For more information, see [Evaluation order for stateful rules](https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html) in the *AWS Network Firewall Developer Guide* .", - "title": "RuleOrder", + "Value": { + "markdownDescription": "The SSML text that defines the prompt.", + "title": "Value", "type": "string" } }, + "required": [ + "Value" + ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.StatelessRule": { + "AWS::Lex::Bot.SampleUtterance": { "additionalProperties": false, "properties": { - "Priority": { - "markdownDescription": "Indicates the order in which to run this rule relative to all of the rules that are defined for a stateless rule group. Network Firewall evaluates the rules in a rule group starting with the lowest priority setting. You must ensure that the priority settings are unique for the rule group.\n\nEach stateless rule group uses exactly one `StatelessRulesAndCustomActions` object, and each `StatelessRulesAndCustomActions` contains exactly one `StatelessRules` object. To ensure unique priority settings for your rule groups, set unique priorities for the stateless rules that you define inside any single `StatelessRules` object.\n\nYou can change the priority settings of your rules at any time. To make it easier to insert rules later, number them so there's a wide range in between, for example use 100, 200, and so on.", - "title": "Priority", - "type": "number" - }, - "RuleDefinition": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.RuleDefinition", - "markdownDescription": "Defines the stateless 5-tuple packet inspection criteria and the action to take on a packet that matches the criteria.", - "title": "RuleDefinition" + "Utterance": { + "markdownDescription": "A sample utterance that invokes an intent or respond to a slot elicitation prompt.", + "title": "Utterance", + "type": "string" } }, "required": [ - "Priority", - "RuleDefinition" + "Utterance" ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.StatelessRulesAndCustomActions": { + "AWS::Lex::Bot.SampleUtteranceGenerationSpecification": { "additionalProperties": false, "properties": { - "CustomActions": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.CustomAction" - }, - "markdownDescription": "Defines an array of individual custom action definitions that are available for use by the stateless rules in this `StatelessRulesAndCustomActions` specification. You name each custom action that you define, and then you can use it by name in your stateless rule `RuleGroup.RuleDefinition` `Actions` specification.", - "title": "CustomActions", - "type": "array" + "BedrockModelSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.BedrockModelSpecification", + "markdownDescription": "", + "title": "BedrockModelSpecification" }, - "StatelessRules": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.StatelessRule" - }, - "markdownDescription": "Defines the set of stateless rules for use in a stateless rule group.", - "title": "StatelessRules", - "type": "array" + "Enabled": { + "markdownDescription": "Specifies whether to enable sample utterance generation or not.", + "title": "Enabled", + "type": "boolean" } }, "required": [ - "StatelessRules" + "Enabled" ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.TCPFlagField": { + "AWS::Lex::Bot.SampleValue": { "additionalProperties": false, "properties": { - "Flags": { - "items": { - "type": "string" - }, - "markdownDescription": "Used in conjunction with the `Masks` setting to define the flags that must be set and flags that must not be set in order for the packet to match. This setting can only specify values that are also specified in the `Masks` setting.\n\nFor the flags that are specified in the masks setting, the following must be true for the packet to match:\n\n- The ones that are set in this flags setting must be set in the packet.\n- The ones that are not set in this flags setting must also not be set in the packet.", - "title": "Flags", - "type": "array" - }, - "Masks": { - "items": { - "type": "string" - }, - "markdownDescription": "The set of flags to consider in the inspection. To inspect all flags in the valid values list, leave this with no setting.", - "title": "Masks", - "type": "array" + "Value": { + "markdownDescription": "The value that can be used for a slot type.", + "title": "Value", + "type": "string" } }, "required": [ - "Flags" + "Value" ], "type": "object" }, - "AWS::NetworkFirewall::TLSInspectionConfiguration": { + "AWS::Lex::Bot.SentimentAnalysisSettings": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DetectSentiment": { + "markdownDescription": "Sets whether Amazon Lex uses Amazon Comprehend to detect the sentiment of user utterances.", + "title": "DetectSentiment", + "type": "boolean" + } + }, + "required": [ + "DetectSentiment" + ], + "type": "object" + }, + "AWS::Lex::Bot.SessionAttribute": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The name of the session attribute.", + "title": "Key", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "Value": { + "markdownDescription": "The session-specific context information for the session attribute.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key" + ], + "type": "object" + }, + "AWS::Lex::Bot.Slot": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the slot.", + "title": "Description", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description of the TLS inspection configuration.", - "title": "Description", - "type": "string" - }, - "TLSInspectionConfiguration": { - "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.TLSInspectionConfiguration", - "markdownDescription": "The object that defines a TLS inspection configuration. AWS Network Firewall uses TLS inspection configurations to decrypt your firewall's inbound and outbound SSL/TLS traffic. After decryption, AWS Network Firewall inspects the traffic according to your firewall policy's stateful rules, and then re-encrypts it before sending it to its destination. You can enable inspection of your firewall's inbound traffic, outbound traffic, or both. To use TLS inspection with your firewall, you must first import or provision certificates using AWS Certificate Manager , create a TLS inspection configuration, add that configuration to a new firewall policy, and then associate that policy with your firewall. For more information about using TLS inspection configurations, see [Inspecting SSL/TLS traffic with TLS inspection configurations](https://docs.aws.amazon.com/network-firewall/latest/developerguide/tls-inspection.html) in the *AWS Network Firewall Developer Guide* .", - "title": "TLSInspectionConfiguration" - }, - "TLSInspectionConfigurationName": { - "markdownDescription": "The descriptive name of the TLS inspection configuration. You can't change the name of a TLS inspection configuration after you create it.", - "title": "TLSInspectionConfigurationName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The key:value pairs to associate with the resource.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "TLSInspectionConfiguration", - "TLSInspectionConfigurationName" - ], - "type": "object" + "MultipleValuesSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.MultipleValuesSetting", + "markdownDescription": "Indicates whether a slot can return multiple values.", + "title": "MultipleValuesSetting" }, - "Type": { - "enum": [ - "AWS::NetworkFirewall::TLSInspectionConfiguration" - ], + "Name": { + "markdownDescription": "The name given to the slot.", + "title": "Name", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ObfuscationSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.ObfuscationSetting", + "markdownDescription": "Determines whether the contents of the slot are obfuscated in Amazon CloudWatch Logs logs. Use obfuscated slots to protect information such as personally identifiable information (PII) in logs.", + "title": "ObfuscationSetting" + }, + "SlotTypeName": { + "markdownDescription": "The name of the slot type that this slot is based on. The slot type defines the acceptable values for the slot.", + "title": "SlotTypeName", "type": "string" + }, + "SubSlotSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.SubSlotSetting", + "markdownDescription": "", + "title": "SubSlotSetting" + }, + "ValueElicitationSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotValueElicitationSetting", + "markdownDescription": "Determines the slot resolution strategy that Amazon Lex uses to return slot type values. The field can be set to one of the following values:\n\n- ORIGINAL_VALUE - Returns the value entered by the user, if the user value is similar to a slot value.\n- TOP_RESOLUTION - If there is a resolution list for the slot, return the first value in the resolution list as the slot type value. If there is no resolution list, null is returned.\n\nIf you don't specify the `valueSelectionStrategy` , the default is `ORIGINAL_VALUE` .", + "title": "ValueElicitationSetting" } }, "required": [ - "Type", - "Properties" + "Name", + "SlotTypeName", + "ValueElicitationSetting" ], "type": "object" }, - "AWS::NetworkFirewall::TLSInspectionConfiguration.Address": { + "AWS::Lex::Bot.SlotCaptureSetting": { "additionalProperties": false, "properties": { - "AddressDefinition": { - "markdownDescription": "Specify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4 and IPv6.\n\nExamples:\n\n- To configure Network Firewall to inspect for the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n- To configure Network Firewall to inspect for the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure Network Firewall to inspect for IP addresses from 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .", - "title": "AddressDefinition", + "CaptureConditional": { + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", + "markdownDescription": "A list of conditional branches to evaluate after the slot value is captured.", + "title": "CaptureConditional" + }, + "CaptureNextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "Specifies the next step that the bot runs when the slot value is captured before the code hook times out.", + "title": "CaptureNextStep" + }, + "CaptureResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input.", + "title": "CaptureResponse" + }, + "CodeHook": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogCodeHookInvocationSetting", + "markdownDescription": "Code hook called after Amazon Lex successfully captures a slot value.", + "title": "CodeHook" + }, + "ElicitationCodeHook": { + "$ref": "#/definitions/AWS::Lex::Bot.ElicitationCodeHookInvocationSetting", + "markdownDescription": "Code hook called when Amazon Lex doesn't capture a slot value.", + "title": "ElicitationCodeHook" + }, + "FailureConditional": { + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", + "markdownDescription": "A list of conditional branches to evaluate when the slot value isn't captured.", + "title": "FailureConditional" + }, + "FailureNextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "Specifies the next step that the bot runs when the slot value code is not recognized.", + "title": "FailureNextStep" + }, + "FailureResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input when the slot fails to be captured.", + "title": "FailureResponse" + } + }, + "type": "object" + }, + "AWS::Lex::Bot.SlotDefaultValue": { + "additionalProperties": false, + "properties": { + "DefaultValue": { + "markdownDescription": "The default value to use when a user doesn't provide a value for a slot.", + "title": "DefaultValue", "type": "string" } }, "required": [ - "AddressDefinition" + "DefaultValue" ], "type": "object" }, - "AWS::NetworkFirewall::TLSInspectionConfiguration.CheckCertificateRevocationStatus": { + "AWS::Lex::Bot.SlotDefaultValueSpecification": { "additionalProperties": false, "properties": { - "RevokedStatusAction": { - "markdownDescription": "Configures how Network Firewall processes traffic when it determines that the certificate presented by the server in the SSL/TLS connection has a revoked status.\n\n- *PASS* - Allow the connection to continue, and pass subsequent packets to the stateful engine for inspection.\n- *DROP* - Network Firewall closes the connection and drops subsequent packets for that connection.\n- *REJECT* - Network Firewall sends a TCP reject packet back to your client. The service closes the connection and drops subsequent packets for that connection. `REJECT` is available only for TCP traffic.", - "title": "RevokedStatusAction", - "type": "string" - }, - "UnknownStatusAction": { - "markdownDescription": "Configures how Network Firewall processes traffic when it determines that the certificate presented by the server in the SSL/TLS connection has an unknown status, or a status that cannot be determined for any other reason, including when the service is unable to connect to the OCSP and CRL endpoints for the certificate.\n\n- *PASS* - Allow the connection to continue, and pass subsequent packets to the stateful engine for inspection.\n- *DROP* - Network Firewall closes the connection and drops subsequent packets for that connection.\n- *REJECT* - Network Firewall sends a TCP reject packet back to your client. The service closes the connection and drops subsequent packets for that connection. `REJECT` is available only for TCP traffic.", - "title": "UnknownStatusAction", - "type": "string" + "DefaultValueList": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotDefaultValue" + }, + "markdownDescription": "A list of default values. Amazon Lex chooses the default value to use in the order that they are presented in the list.", + "title": "DefaultValueList", + "type": "array" } }, + "required": [ + "DefaultValueList" + ], "type": "object" }, - "AWS::NetworkFirewall::TLSInspectionConfiguration.PortRange": { + "AWS::Lex::Bot.SlotPriority": { "additionalProperties": false, "properties": { - "FromPort": { - "markdownDescription": "The lower limit of the port range. This must be less than or equal to the `ToPort` specification.", - "title": "FromPort", + "Priority": { + "markdownDescription": "The priority that Amazon Lex should apply to the slot.", + "title": "Priority", "type": "number" }, - "ToPort": { - "markdownDescription": "The upper limit of the port range. This must be greater than or equal to the `FromPort` specification.", - "title": "ToPort", - "type": "number" + "SlotName": { + "markdownDescription": "The name of the slot.", + "title": "SlotName", + "type": "string" } }, "required": [ - "FromPort", - "ToPort" + "Priority", + "SlotName" ], "type": "object" }, - "AWS::NetworkFirewall::TLSInspectionConfiguration.ServerCertificate": { + "AWS::Lex::Bot.SlotResolutionImprovementSpecification": { "additionalProperties": false, "properties": { - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Certificate Manager SSL/TLS server certificate that's used for inbound SSL/TLS inspection.", - "title": "ResourceArn", - "type": "string" + "BedrockModelSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.BedrockModelSpecification", + "markdownDescription": "An object containing information about the Amazon Bedrock model used to assist slot resolution.", + "title": "BedrockModelSpecification" + }, + "Enabled": { + "markdownDescription": "Specifies whether assisted slot resolution is turned on or off.", + "title": "Enabled", + "type": "boolean" } }, + "required": [ + "Enabled" + ], "type": "object" }, - "AWS::NetworkFirewall::TLSInspectionConfiguration.ServerCertificateConfiguration": { + "AWS::Lex::Bot.SlotType": { "additionalProperties": false, "properties": { - "CertificateAuthorityArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the imported certificate authority (CA) certificate within AWS Certificate Manager (ACM) to use for outbound SSL/TLS inspection.\n\nThe following limitations apply:\n\n- You can use CA certificates that you imported into ACM, but you can't generate CA certificates with ACM.\n- You can't use certificates issued by AWS Private Certificate Authority .\n\nFor more information about configuring certificates for outbound inspection, see [Using SSL/TLS certificates with certificates with TLS inspection configurations](https://docs.aws.amazon.com/network-firewall/latest/developerguide/tls-inspection-certificate-requirements.html) in the *AWS Network Firewall Developer Guide* .\n\nFor information about working with certificates in ACM, see [Importing certificates](https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html) in the *AWS Certificate Manager User Guide* .", - "title": "CertificateAuthorityArn", + "CompositeSlotTypeSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.CompositeSlotTypeSetting", + "markdownDescription": "", + "title": "CompositeSlotTypeSetting" + }, + "Description": { + "markdownDescription": "A description of the slot type. Use the description to help identify the slot type in lists.", + "title": "Description", "type": "string" }, - "CheckCertificateRevocationStatus": { - "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.CheckCertificateRevocationStatus", - "markdownDescription": "When enabled, Network Firewall checks if the server certificate presented by the server in the SSL/TLS connection has a revoked or unkown status. If the certificate has an unknown or revoked status, you must specify the actions that Network Firewall takes on outbound traffic. To check the certificate revocation status, you must also specify a `CertificateAuthorityArn` in [ServerCertificateConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-servercertificateconfiguration.html) .", - "title": "CheckCertificateRevocationStatus" + "ExternalSourceSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.ExternalSourceSetting", + "markdownDescription": "Sets the type of external information used to create the slot type.", + "title": "ExternalSourceSetting" }, - "Scopes": { + "Name": { + "markdownDescription": "The name of the slot type. A slot type name must be unique withing the account.", + "title": "Name", + "type": "string" + }, + "ParentSlotTypeSignature": { + "markdownDescription": "The built-in slot type used as a parent of this slot type. When you define a parent slot type, the new slot type has the configuration of the parent lot type.\n\nOnly `AMAZON.AlphaNumeric` is supported.", + "title": "ParentSlotTypeSignature", + "type": "string" + }, + "SlotTypeValues": { "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.ServerCertificateScope" + "$ref": "#/definitions/AWS::Lex::Bot.SlotTypeValue" }, - "markdownDescription": "A list of scopes.", - "title": "Scopes", + "markdownDescription": "A list of SlotTypeValue objects that defines the values that the slot type can take. Each value can have a list of synonyms, additional values that help train the machine learning model about the values that it resolves for the slot.", + "title": "SlotTypeValues", "type": "array" }, - "ServerCertificates": { + "ValueSelectionSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotValueSelectionSetting", + "markdownDescription": "Determines the slot resolution strategy that Amazon Lex uses to return slot type values. The field can be set to one of the following values:\n\n- `ORIGINAL_VALUE` - Returns the value entered by the user, if the user value is similar to the slot value.\n- `TOP_RESOLUTION` - If there is a resolution list for the slot, return the first value in the resolution list as the slot type value. If there is no resolution list, null is returned.\n\nIf you don't specify the `valueSelectionStrategy` , the default is `ORIGINAL_VALUE` .", + "title": "ValueSelectionSetting" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::Lex::Bot.SlotTypeValue": { + "additionalProperties": false, + "properties": { + "SampleValue": { + "$ref": "#/definitions/AWS::Lex::Bot.SampleValue", + "markdownDescription": "The value of the slot type entry.", + "title": "SampleValue" + }, + "Synonyms": { "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.ServerCertificate" + "$ref": "#/definitions/AWS::Lex::Bot.SampleValue" }, - "markdownDescription": "The list of server certificates to use for inbound SSL/TLS inspection.", - "title": "ServerCertificates", + "markdownDescription": "Additional values related to the slot type entry.", + "title": "Synonyms", "type": "array" } }, + "required": [ + "SampleValue" + ], "type": "object" }, - "AWS::NetworkFirewall::TLSInspectionConfiguration.ServerCertificateScope": { + "AWS::Lex::Bot.SlotValue": { "additionalProperties": false, "properties": { - "DestinationPorts": { + "InterpretedValue": { + "markdownDescription": "The value that Amazon Lex determines for the slot. The actual value depends on the setting of the value selection strategy for the bot. You can choose to use the value entered by the user, or you can have Amazon Lex choose the first value in the `resolvedValues` list.", + "title": "InterpretedValue", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Lex::Bot.SlotValueElicitationSetting": { + "additionalProperties": false, + "properties": { + "DefaultValueSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotDefaultValueSpecification", + "markdownDescription": "A list of default values for a slot. Default values are used when Amazon Lex hasn't determined a value for a slot. You can specify default values from context variables, session attributes, and defined values.", + "title": "DefaultValueSpecification" + }, + "PromptSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.PromptSpecification", + "markdownDescription": "The prompt that Amazon Lex uses to elicit the slot value from the user.", + "title": "PromptSpecification" + }, + "SampleUtterances": { "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.PortRange" + "$ref": "#/definitions/AWS::Lex::Bot.SampleUtterance" }, - "markdownDescription": "The destination ports to decrypt for inspection, in Transmission Control Protocol (TCP) format. If not specified, this matches with any destination port.\n\nYou can specify individual ports, for example `1994` , and you can specify port ranges, such as `1990:1994` .", - "title": "DestinationPorts", + "markdownDescription": "If you know a specific pattern that users might respond to an Amazon Lex request for a slot value, you can provide those utterances to improve accuracy. This is optional. In most cases, Amazon Lex is capable of understanding user utterances.", + "title": "SampleUtterances", "type": "array" }, - "Destinations": { + "SlotCaptureSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotCaptureSetting", + "markdownDescription": "Specifies the settings that Amazon Lex uses when a slot value is successfully entered by a user.", + "title": "SlotCaptureSetting" + }, + "SlotConstraint": { + "markdownDescription": "Specifies whether the slot is required or optional.", + "title": "SlotConstraint", + "type": "string" + }, + "WaitAndContinueSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.WaitAndContinueSpecification", + "markdownDescription": "Specifies the prompts that Amazon Lex uses while a bot is waiting for customer input.", + "title": "WaitAndContinueSpecification" + } + }, + "required": [ + "SlotConstraint" + ], + "type": "object" + }, + "AWS::Lex::Bot.SlotValueOverride": { + "additionalProperties": false, + "properties": { + "Shape": { + "markdownDescription": "When the shape value is `List` , it indicates that the `values` field contains a list of slot values. When the value is `Scalar` , it indicates that the `value` field contains a single value.", + "title": "Shape", + "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotValue", + "markdownDescription": "The current value of the slot.", + "title": "Value" + }, + "Values": { "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.Address" + "$ref": "#/definitions/AWS::Lex::Bot.SlotValueOverride" }, - "markdownDescription": "The destination IP addresses and address ranges to decrypt for inspection, in CIDR notation. If not specified, this\nmatches with any destination address.", - "title": "Destinations", + "markdownDescription": "A list of one or more values that the user provided for the slot. For example, for a slot that elicits pizza toppings, the values might be \"pepperoni\" and \"pineapple.\"", + "title": "Values", "type": "array" + } + }, + "type": "object" + }, + "AWS::Lex::Bot.SlotValueOverrideMap": { + "additionalProperties": false, + "properties": { + "SlotName": { + "markdownDescription": "The name of the slot.", + "title": "SlotName", + "type": "string" }, - "Protocols": { + "SlotValueOverride": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotValueOverride", + "markdownDescription": "The SlotValueOverride object to which the slot name will be mapped.", + "title": "SlotValueOverride" + } + }, + "type": "object" + }, + "AWS::Lex::Bot.SlotValueRegexFilter": { + "additionalProperties": false, + "properties": { + "Pattern": { + "markdownDescription": "A regular expression used to validate the value of a slot.\n\nUse a standard regular expression. Amazon Lex supports the following characters in the regular expression:\n\n- A-Z, a-z\n- 0-9\n- Unicode characters (\"\\\u2060u\")\n\nRepresent Unicode characters with four digits, for example \"\\\u2060u0041\" or \"\\\u2060u005A\".\n\nThe following regular expression operators are not supported:\n\n- Infinite repeaters: *, +, or {x,} with no upper bound.\n- Wild card (.)", + "title": "Pattern", + "type": "string" + } + }, + "required": [ + "Pattern" + ], + "type": "object" + }, + "AWS::Lex::Bot.SlotValueSelectionSetting": { + "additionalProperties": false, + "properties": { + "AdvancedRecognitionSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.AdvancedRecognitionSetting", + "markdownDescription": "Provides settings that enable advanced recognition settings for slot values. You can use this to enable using slot values as a custom vocabulary for recognizing user utterances.", + "title": "AdvancedRecognitionSetting" + }, + "RegexFilter": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotValueRegexFilter", + "markdownDescription": "A regular expression used to validate the value of a slot.", + "title": "RegexFilter" + }, + "ResolutionStrategy": { + "markdownDescription": "Determines the slot resolution strategy that Amazon Lex uses to return slot type values. The field can be set to one of the following values:\n\n- `ORIGINAL_VALUE` - Returns the value entered by the user, if the user value is similar to the slot value.\n- `TOP_RESOLUTION` - If there is a resolution list for the slot, return the first value in the resolution list as the slot type value. If there is no resolution list, null is returned.\n\nIf you don't specify the `valueSelectionStrategy` , the default is `ORIGINAL_VALUE` .", + "title": "ResolutionStrategy", + "type": "string" + } + }, + "required": [ + "ResolutionStrategy" + ], + "type": "object" + }, + "AWS::Lex::Bot.Specifications": { + "additionalProperties": false, + "properties": { + "SlotTypeId": { + "markdownDescription": "The unique identifier assigned to the slot type.", + "title": "SlotTypeId", + "type": "string" + }, + "ValueElicitationSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.SubSlotValueElicitationSetting", + "markdownDescription": "Specifies the elicitation setting details for constituent sub slots of a composite slot.", + "title": "ValueElicitationSetting" + } + }, + "required": [ + "SlotTypeId", + "ValueElicitationSetting" + ], + "type": "object" + }, + "AWS::Lex::Bot.StillWaitingResponseSpecification": { + "additionalProperties": false, + "properties": { + "AllowInterrupt": { + "markdownDescription": "Indicates that the user can interrupt the response by speaking while the message is being played.", + "title": "AllowInterrupt", + "type": "boolean" + }, + "FrequencyInSeconds": { + "markdownDescription": "How often a message should be sent to the user. Minimum of 1 second, maximum of 5 minutes.", + "title": "FrequencyInSeconds", + "type": "number" + }, + "MessageGroupsList": { "items": { - "type": "number" + "$ref": "#/definitions/AWS::Lex::Bot.MessageGroup" }, - "markdownDescription": "The protocols to inspect for, specified using the assigned internet protocol number (IANA) for each protocol. If not specified, this matches with any protocol.\n\nNetwork Firewall currently supports only TCP.", - "title": "Protocols", + "markdownDescription": "One or more message groups, each containing one or more messages, that define the prompts that Amazon Lex sends to the user.", + "title": "MessageGroupsList", "type": "array" }, - "SourcePorts": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.PortRange" + "TimeoutInSeconds": { + "markdownDescription": "If Amazon Lex waits longer than this length of time for a response, it will stop sending messages.", + "title": "TimeoutInSeconds", + "type": "number" + } + }, + "required": [ + "FrequencyInSeconds", + "MessageGroupsList", + "TimeoutInSeconds" + ], + "type": "object" + }, + "AWS::Lex::Bot.SubSlotSetting": { + "additionalProperties": false, + "properties": { + "Expression": { + "markdownDescription": "The expression text for defining the constituent sub slots in the composite slot using logical AND and OR operators.", + "title": "Expression", + "type": "string" + }, + "SlotSpecifications": { + "additionalProperties": false, + "markdownDescription": "Specifications for the constituent sub slots of a composite slot.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::Lex::Bot.Specifications" + } }, - "markdownDescription": "The source ports to decrypt for inspection, in Transmission Control Protocol (TCP) format. If not specified, this matches with any source port.\n\nYou can specify individual ports, for example `1994` , and you can specify port ranges, such as `1990:1994` .", - "title": "SourcePorts", - "type": "array" + "title": "SlotSpecifications", + "type": "object" + } + }, + "type": "object" + }, + "AWS::Lex::Bot.SubSlotTypeComposition": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "Name of a constituent sub slot inside a composite slot.", + "title": "Name", + "type": "string" }, - "Sources": { + "SlotTypeId": { + "markdownDescription": "The unique identifier assigned to a slot type. This refers to either a built-in slot type or the unique slotTypeId of a custom slot type.", + "title": "SlotTypeId", + "type": "string" + } + }, + "required": [ + "Name", + "SlotTypeId" + ], + "type": "object" + }, + "AWS::Lex::Bot.SubSlotValueElicitationSetting": { + "additionalProperties": false, + "properties": { + "DefaultValueSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotDefaultValueSpecification", + "markdownDescription": "", + "title": "DefaultValueSpecification" + }, + "PromptSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.PromptSpecification", + "markdownDescription": "", + "title": "PromptSpecification" + }, + "SampleUtterances": { "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.Address" + "$ref": "#/definitions/AWS::Lex::Bot.SampleUtterance" }, - "markdownDescription": "The source IP addresses and address ranges to decrypt for inspection, in CIDR notation. If not specified, this\nmatches with any source address.", - "title": "Sources", + "markdownDescription": "If you know a specific pattern that users might respond to an Amazon Lex request for a sub slot value, you can provide those utterances to improve accuracy. This is optional. In most cases Amazon Lex is capable of understanding user utterances. This is similar to `SampleUtterances` for slots.", + "title": "SampleUtterances", "type": "array" + }, + "WaitAndContinueSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.WaitAndContinueSpecification", + "markdownDescription": "", + "title": "WaitAndContinueSpecification" } }, "type": "object" }, - "AWS::NetworkFirewall::TLSInspectionConfiguration.TLSInspectionConfiguration": { + "AWS::Lex::Bot.TestBotAliasSettings": { "additionalProperties": false, "properties": { - "ServerCertificateConfigurations": { + "BotAliasLocaleSettings": { "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.ServerCertificateConfiguration" + "$ref": "#/definitions/AWS::Lex::Bot.BotAliasLocaleSettingsItem" }, - "markdownDescription": "Lists the server certificate configurations that are associated with the TLS configuration.", - "title": "ServerCertificateConfigurations", + "markdownDescription": "Specifies settings that are unique to a locale. For example, you can use a different Lambda function depending on the bot's locale.", + "title": "BotAliasLocaleSettings", "type": "array" + }, + "ConversationLogSettings": { + "$ref": "#/definitions/AWS::Lex::Bot.ConversationLogSettings", + "markdownDescription": "Specifies settings for conversation logs that save audio, text, and metadata information for conversations with your users.", + "title": "ConversationLogSettings" + }, + "Description": { + "markdownDescription": "Specifies a description for the test bot alias.", + "title": "Description", + "type": "string" + }, + "SentimentAnalysisSettings": { + "$ref": "#/definitions/AWS::Lex::Bot.SentimentAnalysisSettings", + "markdownDescription": "Specifies whether Amazon Lex will use Amazon Comprehend to detect the sentiment of user utterances.", + "title": "SentimentAnalysisSettings" } }, "type": "object" }, - "AWS::NetworkManager::ConnectAttachment": { + "AWS::Lex::Bot.TextInputSpecification": { + "additionalProperties": false, + "properties": { + "StartTimeoutMs": { + "markdownDescription": "Time for which a bot waits before re-prompting a customer for text input.", + "title": "StartTimeoutMs", + "type": "number" + } + }, + "required": [ + "StartTimeoutMs" + ], + "type": "object" + }, + "AWS::Lex::Bot.TextLogDestination": { + "additionalProperties": false, + "properties": { + "CloudWatch": { + "$ref": "#/definitions/AWS::Lex::Bot.CloudWatchLogGroupLogDestination", + "markdownDescription": "Defines the Amazon CloudWatch Logs log group where text and metadata logs are delivered.", + "title": "CloudWatch" + } + }, + "required": [ + "CloudWatch" + ], + "type": "object" + }, + "AWS::Lex::Bot.TextLogSetting": { + "additionalProperties": false, + "properties": { + "Destination": { + "$ref": "#/definitions/AWS::Lex::Bot.TextLogDestination", + "markdownDescription": "Specifies the Amazon CloudWatch Logs destination log group for conversation text logs.", + "title": "Destination" + }, + "Enabled": { + "markdownDescription": "Determines whether conversation logs should be stored for an alias.", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "Destination", + "Enabled" + ], + "type": "object" + }, + "AWS::Lex::Bot.VoiceSettings": { + "additionalProperties": false, + "properties": { + "Engine": { + "markdownDescription": "Indicates the type of Amazon Polly voice that Amazon Lex should use for voice interaction with the user. For more information, see the [`engine` parameter of the `SynthesizeSpeech` operation](https://docs.aws.amazon.com/polly/latest/dg/API_SynthesizeSpeech.html#polly-SynthesizeSpeech-request-Engine) in the *Amazon Polly developer guide* .\n\nIf you do not specify a value, the default is `standard` .", + "title": "Engine", + "type": "string" + }, + "VoiceId": { + "markdownDescription": "The identifier of the Amazon Polly voice to use.", + "title": "VoiceId", + "type": "string" + } + }, + "required": [ + "VoiceId" + ], + "type": "object" + }, + "AWS::Lex::Bot.WaitAndContinueSpecification": { + "additionalProperties": false, + "properties": { + "ContinueResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "The response that Amazon Lex sends to indicate that the bot is ready to continue the conversation.", + "title": "ContinueResponse" + }, + "IsActive": { + "markdownDescription": "Specifies whether the bot will wait for a user to respond. When this field is false, wait and continue responses for a slot aren't used. If the `IsActive` field isn't specified, the default is true.", + "title": "IsActive", + "type": "boolean" + }, + "StillWaitingResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.StillWaitingResponseSpecification", + "markdownDescription": "A response that Amazon Lex sends periodically to the user to indicate that the bot is still waiting for input from the user.", + "title": "StillWaitingResponse" + }, + "WaitingResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "The response that Amazon Lex sends to indicate that the bot is waiting for the conversation to continue.", + "title": "WaitingResponse" + } + }, + "required": [ + "ContinueResponse", + "WaitingResponse" + ], + "type": "object" + }, + "AWS::Lex::BotAlias": { "additionalProperties": false, "properties": { "Condition": { @@ -168198,51 +173264,62 @@ "Properties": { "additionalProperties": false, "properties": { - "CoreNetworkId": { - "markdownDescription": "The ID of the core network where the Connect attachment is located.", - "title": "CoreNetworkId", - "type": "string" + "BotAliasLocaleSettings": { + "items": { + "$ref": "#/definitions/AWS::Lex::BotAlias.BotAliasLocaleSettingsItem" + }, + "markdownDescription": "Specifies settings that are unique to a locale. For example, you can use different Lambda function depending on the bot's locale.", + "title": "BotAliasLocaleSettings", + "type": "array" }, - "EdgeLocation": { - "markdownDescription": "The Region where the edge is located.", - "title": "EdgeLocation", + "BotAliasName": { + "markdownDescription": "The name of the bot alias.", + "title": "BotAliasName", "type": "string" }, - "Options": { - "$ref": "#/definitions/AWS::NetworkManager::ConnectAttachment.ConnectAttachmentOptions", - "markdownDescription": "Options for connecting an attachment.", - "title": "Options" - }, - "ProposedSegmentChange": { - "$ref": "#/definitions/AWS::NetworkManager::ConnectAttachment.ProposedSegmentChange", - "markdownDescription": "Describes a proposed segment change. In some cases, the segment change must first be evaluated and accepted.", - "title": "ProposedSegmentChange" - }, - "Tags": { + "BotAliasTags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags associated with the Connect attachment.", - "title": "Tags", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nYou can only add tags when you specify an alias.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "BotAliasTags", "type": "array" }, - "TransportAttachmentId": { - "markdownDescription": "The ID of the transport attachment.", - "title": "TransportAttachmentId", + "BotId": { + "markdownDescription": "The unique identifier of the bot.", + "title": "BotId", + "type": "string" + }, + "BotVersion": { + "markdownDescription": "The version of the bot that the bot alias references.", + "title": "BotVersion", + "type": "string" + }, + "ConversationLogSettings": { + "$ref": "#/definitions/AWS::Lex::BotAlias.ConversationLogSettings", + "markdownDescription": "Specifies whether Amazon Lex logs text and audio for conversations with the bot. When you enable conversation logs, text logs store text input, transcripts of audio input, and associated metadata in Amazon CloudWatch logs. Audio logs store input in Amazon S3 .", + "title": "ConversationLogSettings" + }, + "Description": { + "markdownDescription": "The description of the bot alias.", + "title": "Description", "type": "string" + }, + "SentimentAnalysisSettings": { + "$ref": "#/definitions/AWS::Lex::BotAlias.SentimentAnalysisSettings", + "markdownDescription": "Determines whether Amazon Lex will use Amazon Comprehend to detect the sentiment of user utterances.", + "title": "SentimentAnalysisSettings" } }, "required": [ - "CoreNetworkId", - "EdgeLocation", - "Options", - "TransportAttachmentId" + "BotAliasName", + "BotId" ], "type": "object" }, "Type": { "enum": [ - "AWS::NetworkManager::ConnectAttachment" + "AWS::Lex::BotAlias" ], "type": "string" }, @@ -168261,42 +173338,229 @@ ], "type": "object" }, - "AWS::NetworkManager::ConnectAttachment.ConnectAttachmentOptions": { + "AWS::Lex::BotAlias.AudioLogDestination": { "additionalProperties": false, "properties": { - "Protocol": { - "markdownDescription": "The protocol used for the attachment connection.", - "title": "Protocol", + "S3Bucket": { + "$ref": "#/definitions/AWS::Lex::BotAlias.S3BucketLogDestination", + "markdownDescription": "The S3 bucket location where audio logs are stored.", + "title": "S3Bucket" + } + }, + "required": [ + "S3Bucket" + ], + "type": "object" + }, + "AWS::Lex::BotAlias.AudioLogSetting": { + "additionalProperties": false, + "properties": { + "Destination": { + "$ref": "#/definitions/AWS::Lex::BotAlias.AudioLogDestination", + "markdownDescription": "The location of audio log files collected when conversation logging is enabled for a bot.", + "title": "Destination" + }, + "Enabled": { + "markdownDescription": "Determines whether audio logging in enabled for the bot.", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "Destination", + "Enabled" + ], + "type": "object" + }, + "AWS::Lex::BotAlias.BotAliasLocaleSettings": { + "additionalProperties": false, + "properties": { + "CodeHookSpecification": { + "$ref": "#/definitions/AWS::Lex::BotAlias.CodeHookSpecification", + "markdownDescription": "Specifies the Lambda function that should be used in the locale.", + "title": "CodeHookSpecification" + }, + "Enabled": { + "markdownDescription": "Determines whether the locale is enabled for the bot. If the value is `false` , the locale isn't available for use.", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::Lex::BotAlias.BotAliasLocaleSettingsItem": { + "additionalProperties": false, + "properties": { + "BotAliasLocaleSetting": { + "$ref": "#/definitions/AWS::Lex::BotAlias.BotAliasLocaleSettings", + "markdownDescription": "Specifies settings that are unique to a locale.", + "title": "BotAliasLocaleSetting" + }, + "LocaleId": { + "markdownDescription": "The unique identifier of the locale.", + "title": "LocaleId", "type": "string" } }, + "required": [ + "BotAliasLocaleSetting", + "LocaleId" + ], "type": "object" }, - "AWS::NetworkManager::ConnectAttachment.ProposedSegmentChange": { + "AWS::Lex::BotAlias.CloudWatchLogGroupLogDestination": { "additionalProperties": false, "properties": { - "AttachmentPolicyRuleNumber": { - "markdownDescription": "The rule number in the policy document that applies to this change.", - "title": "AttachmentPolicyRuleNumber", - "type": "number" + "CloudWatchLogGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the log group where text and metadata logs are delivered.", + "title": "CloudWatchLogGroupArn", + "type": "string" }, - "SegmentName": { - "markdownDescription": "The name of the segment to change.", - "title": "SegmentName", + "LogPrefix": { + "markdownDescription": "The prefix of the log stream name within the log group that you specified", + "title": "LogPrefix", "type": "string" + } + }, + "required": [ + "CloudWatchLogGroupArn", + "LogPrefix" + ], + "type": "object" + }, + "AWS::Lex::BotAlias.CodeHookSpecification": { + "additionalProperties": false, + "properties": { + "LambdaCodeHook": { + "$ref": "#/definitions/AWS::Lex::BotAlias.LambdaCodeHook", + "markdownDescription": "Specifies a Lambda function that verifies requests to a bot or fulfills the user's request to a bot.", + "title": "LambdaCodeHook" + } + }, + "required": [ + "LambdaCodeHook" + ], + "type": "object" + }, + "AWS::Lex::BotAlias.ConversationLogSettings": { + "additionalProperties": false, + "properties": { + "AudioLogSettings": { + "items": { + "$ref": "#/definitions/AWS::Lex::BotAlias.AudioLogSetting" + }, + "markdownDescription": "The Amazon S3 settings for logging audio to an S3 bucket.", + "title": "AudioLogSettings", + "type": "array" }, - "Tags": { + "TextLogSettings": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Lex::BotAlias.TextLogSetting" }, - "markdownDescription": "The list of key-value tags that changed for the segment.", - "title": "Tags", + "markdownDescription": "The Amazon CloudWatch Logs settings for logging text and metadata.", + "title": "TextLogSettings", "type": "array" } }, "type": "object" }, - "AWS::NetworkManager::ConnectPeer": { + "AWS::Lex::BotAlias.LambdaCodeHook": { + "additionalProperties": false, + "properties": { + "CodeHookInterfaceVersion": { + "markdownDescription": "The version of the request-response that you want Amazon Lex to use to invoke your Lambda function.", + "title": "CodeHookInterfaceVersion", + "type": "string" + }, + "LambdaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function.", + "title": "LambdaArn", + "type": "string" + } + }, + "required": [ + "CodeHookInterfaceVersion", + "LambdaArn" + ], + "type": "object" + }, + "AWS::Lex::BotAlias.S3BucketLogDestination": { + "additionalProperties": false, + "properties": { + "KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Key Management Service (KMS) key for encrypting audio log files stored in an Amazon S3 bucket.", + "title": "KmsKeyArn", + "type": "string" + }, + "LogPrefix": { + "markdownDescription": "The S3 prefix to assign to audio log files.", + "title": "LogPrefix", + "type": "string" + }, + "S3BucketArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an Amazon S3 bucket where audio log files are stored.", + "title": "S3BucketArn", + "type": "string" + } + }, + "required": [ + "LogPrefix", + "S3BucketArn" + ], + "type": "object" + }, + "AWS::Lex::BotAlias.SentimentAnalysisSettings": { + "additionalProperties": false, + "properties": { + "DetectSentiment": { + "markdownDescription": "Sets whether Amazon Lex uses Amazon Comprehend to detect the sentiment of user utterances.", + "title": "DetectSentiment", + "type": "boolean" + } + }, + "required": [ + "DetectSentiment" + ], + "type": "object" + }, + "AWS::Lex::BotAlias.TextLogDestination": { + "additionalProperties": false, + "properties": { + "CloudWatch": { + "$ref": "#/definitions/AWS::Lex::BotAlias.CloudWatchLogGroupLogDestination", + "markdownDescription": "Defines the Amazon CloudWatch Logs log group where text and metadata logs are delivered.", + "title": "CloudWatch" + } + }, + "required": [ + "CloudWatch" + ], + "type": "object" + }, + "AWS::Lex::BotAlias.TextLogSetting": { + "additionalProperties": false, + "properties": { + "Destination": { + "$ref": "#/definitions/AWS::Lex::BotAlias.TextLogDestination", + "markdownDescription": "Defines the Amazon CloudWatch Logs destination log group for conversation text logs.", + "title": "Destination" + }, + "Enabled": { + "markdownDescription": "Determines whether conversation logs should be stored for an alias.", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "Destination", + "Enabled" + ], + "type": "object" + }, + "AWS::Lex::BotVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -168331,57 +173595,34 @@ "Properties": { "additionalProperties": false, "properties": { - "BgpOptions": { - "$ref": "#/definitions/AWS::NetworkManager::ConnectPeer.BgpOptions", - "markdownDescription": "Describes the BGP options.", - "title": "BgpOptions" - }, - "ConnectAttachmentId": { - "markdownDescription": "The ID of the attachment to connect.", - "title": "ConnectAttachmentId", - "type": "string" - }, - "CoreNetworkAddress": { - "markdownDescription": "The IP address of a core network.", - "title": "CoreNetworkAddress", + "BotId": { + "markdownDescription": "The unique identifier of the bot.", + "title": "BotId", "type": "string" }, - "InsideCidrBlocks": { + "BotVersionLocaleSpecification": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Lex::BotVersion.BotVersionLocaleSpecification" }, - "markdownDescription": "The inside IP addresses used for a Connect peer configuration.", - "title": "InsideCidrBlocks", + "markdownDescription": "Specifies the locales that Amazon Lex adds to this version. You can choose the Draft version or any other previously published version for each locale. When you specify a source version, the locale data is copied from the source version to the new version.", + "title": "BotVersionLocaleSpecification", "type": "array" }, - "PeerAddress": { - "markdownDescription": "The IP address of the Connect peer.", - "title": "PeerAddress", - "type": "string" - }, - "SubnetArn": { - "markdownDescription": "The subnet ARN of the Connect peer.", - "title": "SubnetArn", + "Description": { + "markdownDescription": "The description of the version.", + "title": "Description", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The list of key-value tags associated with the Connect peer.", - "title": "Tags", - "type": "array" } }, "required": [ - "ConnectAttachmentId", - "PeerAddress" + "BotId", + "BotVersionLocaleSpecification" ], "type": "object" }, "Type": { "enum": [ - "AWS::NetworkManager::ConnectPeer" + "AWS::Lex::BotVersion" ], "type": "string" }, @@ -168400,81 +173641,41 @@ ], "type": "object" }, - "AWS::NetworkManager::ConnectPeer.BgpOptions": { + "AWS::Lex::BotVersion.BotVersionLocaleDetails": { "additionalProperties": false, "properties": { - "PeerAsn": { - "markdownDescription": "The Peer ASN of the BGP.", - "title": "PeerAsn", - "type": "number" + "SourceBotVersion": { + "markdownDescription": "The version of a bot used for a bot locale.", + "title": "SourceBotVersion", + "type": "string" } }, + "required": [ + "SourceBotVersion" + ], "type": "object" }, - "AWS::NetworkManager::ConnectPeer.ConnectPeerBgpConfiguration": { + "AWS::Lex::BotVersion.BotVersionLocaleSpecification": { "additionalProperties": false, "properties": { - "CoreNetworkAddress": { - "markdownDescription": "The address of a core network.", - "title": "CoreNetworkAddress", - "type": "string" - }, - "CoreNetworkAsn": { - "markdownDescription": "The ASN of the Coret Network.", - "title": "CoreNetworkAsn", - "type": "number" - }, - "PeerAddress": { - "markdownDescription": "The address of a core network Connect peer.", - "title": "PeerAddress", - "type": "string" + "BotVersionLocaleDetails": { + "$ref": "#/definitions/AWS::Lex::BotVersion.BotVersionLocaleDetails", + "markdownDescription": "The version of a bot used for a bot locale.", + "title": "BotVersionLocaleDetails" }, - "PeerAsn": { - "markdownDescription": "The ASN of the Connect peer.", - "title": "PeerAsn", - "type": "number" - } - }, - "type": "object" - }, - "AWS::NetworkManager::ConnectPeer.ConnectPeerConfiguration": { - "additionalProperties": false, - "properties": { - "BgpConfigurations": { - "items": { - "$ref": "#/definitions/AWS::NetworkManager::ConnectPeer.ConnectPeerBgpConfiguration" - }, - "markdownDescription": "The Connect peer BGP configurations.", - "title": "BgpConfigurations", - "type": "array" - }, - "CoreNetworkAddress": { - "markdownDescription": "The IP address of a core network.", - "title": "CoreNetworkAddress", - "type": "string" - }, - "InsideCidrBlocks": { - "items": { - "type": "string" - }, - "markdownDescription": "The inside IP addresses used for a Connect peer configuration.", - "title": "InsideCidrBlocks", - "type": "array" - }, - "PeerAddress": { - "markdownDescription": "The IP address of the Connect peer.", - "title": "PeerAddress", - "type": "string" - }, - "Protocol": { - "markdownDescription": "The protocol used for a Connect peer configuration.", - "title": "Protocol", + "LocaleId": { + "markdownDescription": "The identifier of the locale to add to the version.", + "title": "LocaleId", "type": "string" } }, + "required": [ + "BotVersionLocaleDetails", + "LocaleId" + ], "type": "object" }, - "AWS::NetworkManager::CoreNetwork": { + "AWS::Lex::ResourcePolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -168509,38 +173710,26 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of a core network.", - "title": "Description", - "type": "string" - }, - "GlobalNetworkId": { - "markdownDescription": "The ID of the global network that your core network is a part of.", - "title": "GlobalNetworkId", - "type": "string" - }, - "PolicyDocument": { - "markdownDescription": "Describes a core network policy. For more information, see [Core network policies](https://docs.aws.amazon.com/network-manager/latest/cloudwan/cloudwan-policy-change-sets.html) .\n\nIf you update the policy document, CloudFormation will apply the core network change set generated from the updated policy document, and then set it as the LIVE policy.", - "title": "PolicyDocument", + "Policy": { + "markdownDescription": "A resource policy to add to the resource. The policy is a JSON structure that contains one or more statements that define the policy. The policy must follow IAM syntax. If the policy isn't valid, Amazon Lex returns a validation exception.", + "title": "Policy", "type": "object" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The list of key-value tags associated with a core network.", - "title": "Tags", - "type": "array" + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the bot or bot alias that the resource policy is attached to.", + "title": "ResourceArn", + "type": "string" } }, "required": [ - "GlobalNetworkId" + "Policy", + "ResourceArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::NetworkManager::CoreNetwork" + "AWS::Lex::ResourcePolicy" ], "type": "string" }, @@ -168559,58 +173748,7 @@ ], "type": "object" }, - "AWS::NetworkManager::CoreNetwork.CoreNetworkEdge": { - "additionalProperties": false, - "properties": { - "Asn": { - "markdownDescription": "The ASN of a core network edge.", - "title": "Asn", - "type": "number" - }, - "EdgeLocation": { - "markdownDescription": "The Region where a core network edge is located.", - "title": "EdgeLocation", - "type": "string" - }, - "InsideCidrBlocks": { - "items": { - "type": "string" - }, - "markdownDescription": "The inside IP addresses used for core network edges.", - "title": "InsideCidrBlocks", - "type": "array" - } - }, - "type": "object" - }, - "AWS::NetworkManager::CoreNetwork.CoreNetworkSegment": { - "additionalProperties": false, - "properties": { - "EdgeLocations": { - "items": { - "type": "string" - }, - "markdownDescription": "The Regions where the edges are located.", - "title": "EdgeLocations", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of a core network segment.", - "title": "Name", - "type": "string" - }, - "SharedSegments": { - "items": { - "type": "string" - }, - "markdownDescription": "The shared segments of a core network.", - "title": "SharedSegments", - "type": "array" - } - }, - "type": "object" - }, - "AWS::NetworkManager::CustomerGatewayAssociation": { + "AWS::LicenseManager::Grant": { "additionalProperties": false, "properties": { "Condition": { @@ -168645,37 +173783,48 @@ "Properties": { "additionalProperties": false, "properties": { - "CustomerGatewayArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the customer gateway.", - "title": "CustomerGatewayArn", + "AllowedOperations": { + "items": { + "type": "string" + }, + "markdownDescription": "Allowed operations for the grant.", + "title": "AllowedOperations", + "type": "array" + }, + "GrantName": { + "markdownDescription": "Grant name.", + "title": "GrantName", "type": "string" }, - "DeviceId": { - "markdownDescription": "The ID of the device.", - "title": "DeviceId", + "HomeRegion": { + "markdownDescription": "Home Region of the grant.", + "title": "HomeRegion", "type": "string" }, - "GlobalNetworkId": { - "markdownDescription": "The ID of the global network.", - "title": "GlobalNetworkId", + "LicenseArn": { + "markdownDescription": "License ARN.", + "title": "LicenseArn", "type": "string" }, - "LinkId": { - "markdownDescription": "The ID of the link.", - "title": "LinkId", + "Principals": { + "items": { + "type": "string" + }, + "markdownDescription": "The grant principals. You can specify one of the following as an Amazon Resource Name (ARN):\n\n- An AWS account, which includes only the account specified.\n\n- An organizational unit (OU), which includes all accounts in the OU.\n\n- An organization, which will include all accounts across your organization.", + "title": "Principals", + "type": "array" + }, + "Status": { + "markdownDescription": "Granted license status.", + "title": "Status", "type": "string" } }, - "required": [ - "CustomerGatewayArn", - "DeviceId", - "GlobalNetworkId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::NetworkManager::CustomerGatewayAssociation" + "AWS::LicenseManager::Grant" ], "type": "string" }, @@ -168689,12 +173838,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::NetworkManager::Device": { + "AWS::LicenseManager::License": { "additionalProperties": false, "properties": { "Condition": { @@ -168729,68 +173877,82 @@ "Properties": { "additionalProperties": false, "properties": { - "AWSLocation": { - "$ref": "#/definitions/AWS::NetworkManager::Device.AWSLocation", - "markdownDescription": "The AWS location of the device.", - "title": "AWSLocation" - }, - "Description": { - "markdownDescription": "A description of the device.\n\nConstraints: Maximum length of 256 characters.", - "title": "Description", - "type": "string" - }, - "GlobalNetworkId": { - "markdownDescription": "The ID of the global network.", - "title": "GlobalNetworkId", + "Beneficiary": { + "markdownDescription": "License beneficiary.", + "title": "Beneficiary", "type": "string" }, - "Location": { - "$ref": "#/definitions/AWS::NetworkManager::Device.Location", - "markdownDescription": "The site location.", - "title": "Location" + "ConsumptionConfiguration": { + "$ref": "#/definitions/AWS::LicenseManager::License.ConsumptionConfiguration", + "markdownDescription": "Configuration for consumption of the license.", + "title": "ConsumptionConfiguration" }, - "Model": { - "markdownDescription": "The model of the device.\n\nConstraints: Maximum length of 128 characters.", - "title": "Model", - "type": "string" + "Entitlements": { + "items": { + "$ref": "#/definitions/AWS::LicenseManager::License.Entitlement" + }, + "markdownDescription": "License entitlements.", + "title": "Entitlements", + "type": "array" }, - "SerialNumber": { - "markdownDescription": "The serial number of the device.\n\nConstraints: Maximum length of 128 characters.", - "title": "SerialNumber", + "HomeRegion": { + "markdownDescription": "Home Region of the license.", + "title": "HomeRegion", "type": "string" }, - "SiteId": { - "markdownDescription": "The site ID.", - "title": "SiteId", - "type": "string" + "Issuer": { + "$ref": "#/definitions/AWS::LicenseManager::License.IssuerData", + "markdownDescription": "License issuer.", + "title": "Issuer" }, - "Tags": { + "LicenseMetadata": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::LicenseManager::License.Metadata" }, - "markdownDescription": "The tags for the device.", - "title": "Tags", + "markdownDescription": "License metadata.", + "title": "LicenseMetadata", "type": "array" }, - "Type": { - "markdownDescription": "The device type.", - "title": "Type", + "LicenseName": { + "markdownDescription": "License name.", + "title": "LicenseName", "type": "string" }, - "Vendor": { - "markdownDescription": "The vendor of the device.\n\nConstraints: Maximum length of 128 characters.", - "title": "Vendor", + "ProductName": { + "markdownDescription": "Product name.", + "title": "ProductName", + "type": "string" + }, + "ProductSKU": { + "markdownDescription": "Product SKU.", + "title": "ProductSKU", + "type": "string" + }, + "Status": { + "markdownDescription": "License status.", + "title": "Status", "type": "string" + }, + "Validity": { + "$ref": "#/definitions/AWS::LicenseManager::License.ValidityDateFormat", + "markdownDescription": "Date and time range during which the license is valid, in ISO8601-UTC format.", + "title": "Validity" } }, "required": [ - "GlobalNetworkId" + "ConsumptionConfiguration", + "Entitlements", + "HomeRegion", + "Issuer", + "LicenseName", + "ProductName", + "Validity" ], "type": "object" }, "Type": { "enum": [ - "AWS::NetworkManager::Device" + "AWS::LicenseManager::License" ], "type": "string" }, @@ -168809,44 +173971,161 @@ ], "type": "object" }, - "AWS::NetworkManager::Device.AWSLocation": { + "AWS::LicenseManager::License.BorrowConfiguration": { "additionalProperties": false, "properties": { - "SubnetArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the subnet that the device is located in.", - "title": "SubnetArn", + "AllowEarlyCheckIn": { + "markdownDescription": "Indicates whether early check-ins are allowed.", + "title": "AllowEarlyCheckIn", + "type": "boolean" + }, + "MaxTimeToLiveInMinutes": { + "markdownDescription": "Maximum time for the borrow configuration, in minutes.", + "title": "MaxTimeToLiveInMinutes", + "type": "number" + } + }, + "required": [ + "AllowEarlyCheckIn", + "MaxTimeToLiveInMinutes" + ], + "type": "object" + }, + "AWS::LicenseManager::License.ConsumptionConfiguration": { + "additionalProperties": false, + "properties": { + "BorrowConfiguration": { + "$ref": "#/definitions/AWS::LicenseManager::License.BorrowConfiguration", + "markdownDescription": "Details about a borrow configuration.", + "title": "BorrowConfiguration" + }, + "ProvisionalConfiguration": { + "$ref": "#/definitions/AWS::LicenseManager::License.ProvisionalConfiguration", + "markdownDescription": "Details about a provisional configuration.", + "title": "ProvisionalConfiguration" + }, + "RenewType": { + "markdownDescription": "Renewal frequency.", + "title": "RenewType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::LicenseManager::License.Entitlement": { + "additionalProperties": false, + "properties": { + "AllowCheckIn": { + "markdownDescription": "Indicates whether check-ins are allowed.", + "title": "AllowCheckIn", + "type": "boolean" + }, + "MaxCount": { + "markdownDescription": "Maximum entitlement count. Use if the unit is not None.", + "title": "MaxCount", + "type": "number" + }, + "Name": { + "markdownDescription": "Entitlement name.", + "title": "Name", "type": "string" }, - "Zone": { - "markdownDescription": "The Zone that the device is located in. Specify the ID of an Availability Zone, Local Zone, Wavelength Zone, or an Outpost.", - "title": "Zone", + "Overage": { + "markdownDescription": "Indicates whether overages are allowed.", + "title": "Overage", + "type": "boolean" + }, + "Unit": { + "markdownDescription": "Entitlement unit.", + "title": "Unit", + "type": "string" + }, + "Value": { + "markdownDescription": "Entitlement resource. Use only if the unit is None.", + "title": "Value", "type": "string" } }, + "required": [ + "Name", + "Unit" + ], "type": "object" }, - "AWS::NetworkManager::Device.Location": { + "AWS::LicenseManager::License.IssuerData": { "additionalProperties": false, "properties": { - "Address": { - "markdownDescription": "The physical address.", - "title": "Address", + "Name": { + "markdownDescription": "Issuer name.", + "title": "Name", "type": "string" }, - "Latitude": { - "markdownDescription": "The latitude.", - "title": "Latitude", + "SignKey": { + "markdownDescription": "Asymmetric KMS key from AWS Key Management Service . The KMS key must have a key usage of sign and verify, and support the RSASSA-PSS SHA-256 signing algorithm.", + "title": "SignKey", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::LicenseManager::License.Metadata": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The key name.", + "title": "Name", "type": "string" }, - "Longitude": { - "markdownDescription": "The longitude.", - "title": "Longitude", + "Value": { + "markdownDescription": "The value.", + "title": "Value", "type": "string" } }, + "required": [ + "Name", + "Value" + ], "type": "object" }, - "AWS::NetworkManager::GlobalNetwork": { + "AWS::LicenseManager::License.ProvisionalConfiguration": { + "additionalProperties": false, + "properties": { + "MaxTimeToLiveInMinutes": { + "markdownDescription": "Maximum time for the provisional configuration, in minutes.", + "title": "MaxTimeToLiveInMinutes", + "type": "number" + } + }, + "required": [ + "MaxTimeToLiveInMinutes" + ], + "type": "object" + }, + "AWS::LicenseManager::License.ValidityDateFormat": { + "additionalProperties": false, + "properties": { + "Begin": { + "markdownDescription": "Start of the time range.", + "title": "Begin", + "type": "string" + }, + "End": { + "markdownDescription": "End of the time range.", + "title": "End", + "type": "string" + } + }, + "required": [ + "Begin", + "End" + ], + "type": "object" + }, + "AWS::Lightsail::Alarm": { "additionalProperties": false, "properties": { "Condition": { @@ -168881,35 +174160,81 @@ "Properties": { "additionalProperties": false, "properties": { - "CreatedAt": { - "markdownDescription": "The date and time that the global network was created.", - "title": "CreatedAt", + "AlarmName": { + "markdownDescription": "The name of the alarm.", + "title": "AlarmName", "type": "string" }, - "Description": { - "markdownDescription": "A description of the global network.\n\nConstraints: Maximum length of 256 characters.", - "title": "Description", + "ComparisonOperator": { + "markdownDescription": "The arithmetic operation to use when comparing the specified statistic and threshold.", + "title": "ComparisonOperator", "type": "string" }, - "State": { - "markdownDescription": "The state of the global network.", - "title": "State", + "ContactProtocols": { + "items": { + "type": "string" + }, + "markdownDescription": "The contact protocols for the alarm, such as `Email` , `SMS` (text messaging), or both.\n\n*Allowed Values* : `Email` | `SMS`", + "title": "ContactProtocols", + "type": "array" + }, + "DatapointsToAlarm": { + "markdownDescription": "The number of data points within the evaluation periods that must be breaching to cause the alarm to go to the `ALARM` state.", + "title": "DatapointsToAlarm", + "type": "number" + }, + "EvaluationPeriods": { + "markdownDescription": "The number of periods over which data is compared to the specified threshold.", + "title": "EvaluationPeriods", + "type": "number" + }, + "MetricName": { + "markdownDescription": "The name of the metric associated with the alarm.", + "title": "MetricName", "type": "string" }, - "Tags": { + "MonitoredResourceName": { + "markdownDescription": "The name of the Lightsail resource that the alarm monitors.", + "title": "MonitoredResourceName", + "type": "string" + }, + "NotificationEnabled": { + "markdownDescription": "A Boolean value indicating whether the alarm is enabled.", + "title": "NotificationEnabled", + "type": "boolean" + }, + "NotificationTriggers": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "The tags for the global network.", - "title": "Tags", + "markdownDescription": "The alarm states that trigger a notification.\n\n> To specify the `OK` and `INSUFFICIENT_DATA` values, you must also specify `ContactProtocols` values. Otherwise, the `OK` and `INSUFFICIENT_DATA` values will not take effect and the stack will drift. \n\n*Allowed Values* : `OK` | `ALARM` | `INSUFFICIENT_DATA`", + "title": "NotificationTriggers", "type": "array" + }, + "Threshold": { + "markdownDescription": "The value against which the specified statistic is compared.", + "title": "Threshold", + "type": "number" + }, + "TreatMissingData": { + "markdownDescription": "Specifies how the alarm handles missing data points.\n\nAn alarm can treat missing data in the following ways:\n\n- `breaching` - Assumes the missing data is not within the threshold. Missing data counts towards the number of times that the metric is not within the threshold.\n- `notBreaching` - Assumes the missing data is within the threshold. Missing data does not count towards the number of times that the metric is not within the threshold.\n- `ignore` - Ignores the missing data. Maintains the current alarm state.\n- `missing` - Missing data is treated as missing.", + "title": "TreatMissingData", + "type": "string" } }, + "required": [ + "AlarmName", + "ComparisonOperator", + "EvaluationPeriods", + "MetricName", + "MonitoredResourceName", + "Threshold" + ], "type": "object" }, "Type": { "enum": [ - "AWS::NetworkManager::GlobalNetwork" + "AWS::Lightsail::Alarm" ], "type": "string" }, @@ -168923,11 +174248,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::NetworkManager::Link": { + "AWS::Lightsail::Bucket": { "additionalProperties": false, "properties": { "Condition": { @@ -168962,55 +174288,60 @@ "Properties": { "additionalProperties": false, "properties": { - "Bandwidth": { - "$ref": "#/definitions/AWS::NetworkManager::Link.Bandwidth", - "markdownDescription": "The bandwidth for the link.", - "title": "Bandwidth" + "AccessRules": { + "$ref": "#/definitions/AWS::Lightsail::Bucket.AccessRules", + "markdownDescription": "An object that describes the access rules for the bucket.", + "title": "AccessRules" }, - "Description": { - "markdownDescription": "A description of the link.\n\nConstraints: Maximum length of 256 characters.", - "title": "Description", + "BucketName": { + "markdownDescription": "The name of the bucket.", + "title": "BucketName", "type": "string" }, - "GlobalNetworkId": { - "markdownDescription": "The ID of the global network.", - "title": "GlobalNetworkId", + "BundleId": { + "markdownDescription": "The bundle ID for the bucket (for example, `small_1_0` ).\n\nA bucket bundle specifies the monthly cost, storage space, and data transfer quota for a bucket.", + "title": "BundleId", "type": "string" }, - "Provider": { - "markdownDescription": "The provider of the link.\n\nConstraints: Maximum length of 128 characters. Cannot include the following characters: | \\ ^", - "title": "Provider", - "type": "string" + "ObjectVersioning": { + "markdownDescription": "Indicates whether object versioning is enabled for the bucket.\n\nThe following options can be configured:\n\n- `Enabled` - Object versioning is enabled.\n- `Suspended` - Object versioning was previously enabled but is currently suspended. Existing object versions are retained.\n- `NeverEnabled` - Object versioning has never been enabled.", + "title": "ObjectVersioning", + "type": "boolean" }, - "SiteId": { - "markdownDescription": "The ID of the site.", - "title": "SiteId", - "type": "string" + "ReadOnlyAccessAccounts": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of AWS account IDs that have read-only access to the bucket.", + "title": "ReadOnlyAccessAccounts", + "type": "array" + }, + "ResourcesReceivingAccess": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of Lightsail instances that have access to the bucket.", + "title": "ResourcesReceivingAccess", + "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags for the link.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", "title": "Tags", "type": "array" - }, - "Type": { - "markdownDescription": "The type of the link.\n\nConstraints: Maximum length of 128 characters. Cannot include the following characters: | \\ ^", - "title": "Type", - "type": "string" } }, "required": [ - "Bandwidth", - "GlobalNetworkId", - "SiteId" + "BucketName", + "BundleId" ], "type": "object" }, "Type": { "enum": [ - "AWS::NetworkManager::Link" + "AWS::Lightsail::Bucket" ], "type": "string" }, @@ -169029,23 +174360,23 @@ ], "type": "object" }, - "AWS::NetworkManager::Link.Bandwidth": { + "AWS::Lightsail::Bucket.AccessRules": { "additionalProperties": false, "properties": { - "DownloadSpeed": { - "markdownDescription": "Download speed in Mbps.", - "title": "DownloadSpeed", - "type": "number" + "AllowPublicOverrides": { + "markdownDescription": "A Boolean value indicating whether the access control list (ACL) permissions that are applied to individual objects override the `GetObject` option that is currently specified.\n\nWhen this is true, you can use the [PutObjectAcl](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectAcl.html) Amazon S3 API operation to set individual objects to public (read-only) or private, using either the `public-read` ACL or the `private` ACL.", + "title": "AllowPublicOverrides", + "type": "boolean" }, - "UploadSpeed": { - "markdownDescription": "Upload speed in Mbps.", - "title": "UploadSpeed", - "type": "number" + "GetObject": { + "markdownDescription": "Specifies the anonymous access to all objects in a bucket.\n\nThe following options can be specified:\n\n- `public` - Sets all objects in the bucket to public (read-only), making them readable by everyone on the internet.\n\nIf the `GetObject` value is set to `public` , then all objects in the bucket default to public regardless of the `allowPublicOverrides` value.\n- `private` - Sets all objects in the bucket to private, making them readable only by you and anyone that you grant access to.\n\nIf the `GetObject` value is set to `private` , and the `allowPublicOverrides` value is set to `true` , then all objects in the bucket default to private unless they are configured with a `public-read` ACL. Individual objects with a `public-read` ACL are readable by everyone on the internet.", + "title": "GetObject", + "type": "string" } }, "type": "object" }, - "AWS::NetworkManager::LinkAssociation": { + "AWS::Lightsail::Certificate": { "additionalProperties": false, "properties": { "Condition": { @@ -169080,32 +174411,42 @@ "Properties": { "additionalProperties": false, "properties": { - "DeviceId": { - "markdownDescription": "The device ID for the link association.", - "title": "DeviceId", + "CertificateName": { + "markdownDescription": "The name of the certificate.", + "title": "CertificateName", "type": "string" }, - "GlobalNetworkId": { - "markdownDescription": "The ID of the global network.", - "title": "GlobalNetworkId", + "DomainName": { + "markdownDescription": "The domain name of the certificate.", + "title": "DomainName", "type": "string" }, - "LinkId": { - "markdownDescription": "The ID of the link.", - "title": "LinkId", - "type": "string" + "SubjectAlternativeNames": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of strings that specify the alternate domains (such as `example.org` ) and subdomains (such as `blog.example.com` ) of the certificate.", + "title": "SubjectAlternativeNames", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", + "title": "Tags", + "type": "array" } }, "required": [ - "DeviceId", - "GlobalNetworkId", - "LinkId" + "CertificateName", + "DomainName" ], "type": "object" }, "Type": { "enum": [ - "AWS::NetworkManager::LinkAssociation" + "AWS::Lightsail::Certificate" ], "type": "string" }, @@ -169124,7 +174465,7 @@ ], "type": "object" }, - "AWS::NetworkManager::Site": { + "AWS::Lightsail::Container": { "additionalProperties": false, "properties": { "Condition": { @@ -169159,38 +174500,63 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of your site.\n\nConstraints: Maximum length of 256 characters.", - "title": "Description", - "type": "string" + "ContainerServiceDeployment": { + "$ref": "#/definitions/AWS::Lightsail::Container.ContainerServiceDeployment", + "markdownDescription": "An object that describes the current container deployment of the container service.", + "title": "ContainerServiceDeployment" }, - "GlobalNetworkId": { - "markdownDescription": "The ID of the global network.", - "title": "GlobalNetworkId", + "IsDisabled": { + "markdownDescription": "A Boolean value indicating whether the container service is disabled.", + "title": "IsDisabled", + "type": "boolean" + }, + "Power": { + "markdownDescription": "The power specification of the container service.\n\nThe power specifies the amount of RAM, the number of vCPUs, and the base price of the container service.", + "title": "Power", "type": "string" }, - "Location": { - "$ref": "#/definitions/AWS::NetworkManager::Site.Location", - "markdownDescription": "The site location. This information is used for visualization in the Network Manager console. If you specify the address, the latitude and longitude are automatically calculated.\n\n- `Address` : The physical address of the site.\n- `Latitude` : The latitude of the site.\n- `Longitude` : The longitude of the site.", - "title": "Location" + "PrivateRegistryAccess": { + "$ref": "#/definitions/AWS::Lightsail::Container.PrivateRegistryAccess", + "markdownDescription": "An object that describes the configuration for the container service to access private container image repositories, such as Amazon Elastic Container Registry ( Amazon ECR ) private repositories.\n\nFor more information, see [Configuring access to an Amazon ECR private repository for an Amazon Lightsail container service](https://docs.aws.amazon.com/lightsail/latest/userguide/amazon-lightsail-container-service-ecr-private-repo-access) in the *Amazon Lightsail Developer Guide* .", + "title": "PrivateRegistryAccess" + }, + "PublicDomainNames": { + "items": { + "$ref": "#/definitions/AWS::Lightsail::Container.PublicDomainName" + }, + "markdownDescription": "The public domain name of the container service, such as `example.com` and `www.example.com` .\n\nYou can specify up to four public domain names for a container service. The domain names that you specify are used when you create a deployment with a container that is configured as the public endpoint of your container service.\n\nIf you don't specify public domain names, then you can use the default domain of the container service.\n\n> You must create and validate an SSL/TLS certificate before you can use public domain names with your container service. Use the [AWS::Lightsail::Certificate](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lightsail-certificate.html) resource to create a certificate for the public domain names that you want to use with your container service.", + "title": "PublicDomainNames", + "type": "array" + }, + "Scale": { + "markdownDescription": "The scale specification of the container service.\n\nThe scale specifies the allocated compute nodes of the container service.", + "title": "Scale", + "type": "number" + }, + "ServiceName": { + "markdownDescription": "The name of the container service.", + "title": "ServiceName", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags for the site.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", "title": "Tags", "type": "array" } }, "required": [ - "GlobalNetworkId" + "Power", + "Scale", + "ServiceName" ], "type": "object" }, "Type": { "enum": [ - "AWS::NetworkManager::Site" + "AWS::Lightsail::Container" ], "type": "string" }, @@ -169209,28 +174575,201 @@ ], "type": "object" }, - "AWS::NetworkManager::Site.Location": { + "AWS::Lightsail::Container.Container": { "additionalProperties": false, "properties": { - "Address": { - "markdownDescription": "The physical address.", - "title": "Address", + "Command": { + "items": { + "type": "string" + }, + "markdownDescription": "The launch command for the container.", + "title": "Command", + "type": "array" + }, + "ContainerName": { + "markdownDescription": "The name of the container.", + "title": "ContainerName", "type": "string" }, - "Latitude": { - "markdownDescription": "The latitude.", - "title": "Latitude", + "Environment": { + "items": { + "$ref": "#/definitions/AWS::Lightsail::Container.EnvironmentVariable" + }, + "markdownDescription": "The environment variables of the container.", + "title": "Environment", + "type": "array" + }, + "Image": { + "markdownDescription": "The name of the image used for the container.\n\nContainer images that are sourced from (registered and stored on) your container service start with a colon ( `:` ). For example, if your container service name is `container-service-1` , the container image label is `mystaticsite` , and you want to use the third version ( `3` ) of the registered container image, then you should specify `:container-service-1.mystaticsite.3` . To use the latest version of a container image, specify `latest` instead of a version number (for example, `:container-service-1.mystaticsite.latest` ). Your container service will automatically use the highest numbered version of the registered container image.\n\nContainer images that are sourced from a public registry like Docker Hub don\u2019t start with a colon. For example, `nginx:latest` or `nginx` .", + "title": "Image", "type": "string" }, - "Longitude": { - "markdownDescription": "The longitude.", - "title": "Longitude", + "Ports": { + "items": { + "$ref": "#/definitions/AWS::Lightsail::Container.PortInfo" + }, + "markdownDescription": "An object that describes the open firewall ports and protocols of the container.", + "title": "Ports", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Lightsail::Container.ContainerServiceDeployment": { + "additionalProperties": false, + "properties": { + "Containers": { + "items": { + "$ref": "#/definitions/AWS::Lightsail::Container.Container" + }, + "markdownDescription": "An object that describes the configuration for the containers of the deployment.", + "title": "Containers", + "type": "array" + }, + "PublicEndpoint": { + "$ref": "#/definitions/AWS::Lightsail::Container.PublicEndpoint", + "markdownDescription": "An object that describes the endpoint of the deployment.", + "title": "PublicEndpoint" + } + }, + "type": "object" + }, + "AWS::Lightsail::Container.EcrImagePullerRole": { + "additionalProperties": false, + "properties": { + "IsActive": { + "markdownDescription": "A boolean value that indicates whether the `ECRImagePullerRole` is active.", + "title": "IsActive", + "type": "boolean" + }, + "PrincipalArn": { + "markdownDescription": "The principle Amazon Resource Name (ARN) of the role. This property is read-only.", + "title": "PrincipalArn", "type": "string" } }, "type": "object" }, - "AWS::NetworkManager::SiteToSiteVpnAttachment": { + "AWS::Lightsail::Container.EnvironmentVariable": { + "additionalProperties": false, + "properties": { + "Value": { + "markdownDescription": "The environment variable value.", + "title": "Value", + "type": "string" + }, + "Variable": { + "markdownDescription": "The environment variable key.", + "title": "Variable", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Lightsail::Container.HealthCheckConfig": { + "additionalProperties": false, + "properties": { + "HealthyThreshold": { + "markdownDescription": "The number of consecutive health check successes required before moving the container to the `Healthy` state. The default value is `2` .", + "title": "HealthyThreshold", + "type": "number" + }, + "IntervalSeconds": { + "markdownDescription": "The approximate interval, in seconds, between health checks of an individual container. You can specify between `5` and `300` seconds. The default value is `5` .", + "title": "IntervalSeconds", + "type": "number" + }, + "Path": { + "markdownDescription": "The path on the container on which to perform the health check. The default value is `/` .", + "title": "Path", + "type": "string" + }, + "SuccessCodes": { + "markdownDescription": "The HTTP codes to use when checking for a successful response from a container. You can specify values between `200` and `499` . You can specify multiple values (for example, `200,202` ) or a range of values (for example, `200-299` ).", + "title": "SuccessCodes", + "type": "string" + }, + "TimeoutSeconds": { + "markdownDescription": "The amount of time, in seconds, during which no response means a failed health check. You can specify between `2` and `60` seconds. The default value is `2` .", + "title": "TimeoutSeconds", + "type": "number" + }, + "UnhealthyThreshold": { + "markdownDescription": "The number of consecutive health check failures required before moving the container to the `Unhealthy` state. The default value is `2` .", + "title": "UnhealthyThreshold", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Lightsail::Container.PortInfo": { + "additionalProperties": false, + "properties": { + "Port": { + "markdownDescription": "The open firewall ports of the container.", + "title": "Port", + "type": "string" + }, + "Protocol": { + "markdownDescription": "The protocol name for the open ports.\n\n*Allowed values* : `HTTP` | `HTTPS` | `TCP` | `UDP`", + "title": "Protocol", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Lightsail::Container.PrivateRegistryAccess": { + "additionalProperties": false, + "properties": { + "EcrImagePullerRole": { + "$ref": "#/definitions/AWS::Lightsail::Container.EcrImagePullerRole", + "markdownDescription": "An object that describes the activation status of the role that you can use to grant a Lightsail container service access to Amazon ECR private repositories. If the role is activated, the Amazon Resource Name (ARN) of the role is also listed.", + "title": "EcrImagePullerRole" + } + }, + "type": "object" + }, + "AWS::Lightsail::Container.PublicDomainName": { + "additionalProperties": false, + "properties": { + "CertificateName": { + "markdownDescription": "The name of the certificate for the public domains.", + "title": "CertificateName", + "type": "string" + }, + "DomainNames": { + "items": { + "type": "string" + }, + "markdownDescription": "The public domain names to use with the container service.", + "title": "DomainNames", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Lightsail::Container.PublicEndpoint": { + "additionalProperties": false, + "properties": { + "ContainerName": { + "markdownDescription": "The name of the container entry of the deployment that the endpoint configuration applies to.", + "title": "ContainerName", + "type": "string" + }, + "ContainerPort": { + "markdownDescription": "The port of the specified container to which traffic is forwarded to.", + "title": "ContainerPort", + "type": "number" + }, + "HealthCheckConfig": { + "$ref": "#/definitions/AWS::Lightsail::Container.HealthCheckConfig", + "markdownDescription": "An object that describes the health check configuration of the container.", + "title": "HealthCheckConfig" + } + }, + "type": "object" + }, + "AWS::Lightsail::Database": { "additionalProperties": false, "properties": { "Condition": { @@ -169265,39 +174804,100 @@ "Properties": { "additionalProperties": false, "properties": { - "CoreNetworkId": { - "markdownDescription": "", - "title": "CoreNetworkId", + "AvailabilityZone": { + "markdownDescription": "The Availability Zone for the database.", + "title": "AvailabilityZone", "type": "string" }, - "ProposedSegmentChange": { - "$ref": "#/definitions/AWS::NetworkManager::SiteToSiteVpnAttachment.ProposedSegmentChange", - "markdownDescription": "Describes a proposed segment change. In some cases, the segment change must first be evaluated and accepted.", - "title": "ProposedSegmentChange" + "BackupRetention": { + "markdownDescription": "A Boolean value indicating whether automated backup retention is enabled for the database. Data Import Mode is enabled when `BackupRetention` is set to `false` , and is disabled when `BackupRetention` is set to `true` .", + "title": "BackupRetention", + "type": "boolean" + }, + "CaCertificateIdentifier": { + "markdownDescription": "The certificate associated with the database.", + "title": "CaCertificateIdentifier", + "type": "string" + }, + "MasterDatabaseName": { + "markdownDescription": "The meaning of this parameter differs according to the database engine you use.\n\n*MySQL*\n\nThe name of the database to create when the Lightsail database resource is created. If this parameter isn't specified, no database is created in the database resource.\n\nConstraints:\n\n- Must contain 1-64 letters or numbers.\n- Must begin with a letter. Subsequent characters can be letters, underscores, or numbers (0-9).\n- Can't be a word reserved by the specified database engine.\n\nFor more information about reserved words in MySQL, see the Keywords and Reserved Words articles for [MySQL 5.6](https://docs.aws.amazon.com/https://dev.mysql.com/doc/refman/5.6/en/keywords.html) , [MySQL 5.7](https://docs.aws.amazon.com/https://dev.mysql.com/doc/refman/5.7/en/keywords.html) , and [MySQL 8.0](https://docs.aws.amazon.com/https://dev.mysql.com/doc/refman/8.0/en/keywords.html) .\n\n*PostgreSQL*\n\nThe name of the database to create when the Lightsail database resource is created. If this parameter isn't specified, a database named `postgres` is created in the database resource.\n\nConstraints:\n\n- Must contain 1-63 letters or numbers.\n- Must begin with a letter. Subsequent characters can be letters, underscores, or numbers (0-9).\n- Can't be a word reserved by the specified database engine.\n\nFor more information about reserved words in PostgreSQL, see the SQL Key Words articles for [PostgreSQL 9.6](https://docs.aws.amazon.com/https://www.postgresql.org/docs/9.6/sql-keywords-appendix.html) , [PostgreSQL 10](https://docs.aws.amazon.com/https://www.postgresql.org/docs/10/sql-keywords-appendix.html) , [PostgreSQL 11](https://docs.aws.amazon.com/https://www.postgresql.org/docs/11/sql-keywords-appendix.html) , and [PostgreSQL 12](https://docs.aws.amazon.com/https://www.postgresql.org/docs/12/sql-keywords-appendix.html) .", + "title": "MasterDatabaseName", + "type": "string" + }, + "MasterUserPassword": { + "markdownDescription": "The password for the primary user of the database. The password can include any printable ASCII character except the following: /, \", or @. It cannot contain spaces.\n\n> The `MasterUserPassword` and `RotateMasterUserPassword` parameters cannot be used together in the same template. \n\n*MySQL*\n\nConstraints: Must contain 8-41 characters.\n\n*PostgreSQL*\n\nConstraints: Must contain 8-128 characters.", + "title": "MasterUserPassword", + "type": "string" + }, + "MasterUsername": { + "markdownDescription": "The name for the primary user.\n\n*MySQL*\n\nConstraints:\n\n- Required for MySQL.\n- Must be 1-16 letters or numbers. Can contain underscores.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.\n\nFor more information about reserved words in MySQL 5.6 or 5.7, see the Keywords and Reserved Words articles for [MySQL 5.6](https://docs.aws.amazon.com/https://dev.mysql.com/doc/refman/5.6/en/keywords.html) , [MySQL 5.7](https://docs.aws.amazon.com/https://dev.mysql.com/doc/refman/5.7/en/keywords.html) , or [MySQL 8.0](https://docs.aws.amazon.com/https://dev.mysql.com/doc/refman/8.0/en/keywords.html) .\n\n*PostgreSQL*\n\nConstraints:\n\n- Required for PostgreSQL.\n- Must be 1-63 letters or numbers. Can contain underscores.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.\n\nFor more information about reserved words in MySQL 5.6 or 5.7, see the Keywords and Reserved Words articles for [PostgreSQL 9.6](https://docs.aws.amazon.com/https://www.postgresql.org/docs/9.6/sql-keywords-appendix.html) , [PostgreSQL 10](https://docs.aws.amazon.com/https://www.postgresql.org/docs/10/sql-keywords-appendix.html) , [PostgreSQL 11](https://docs.aws.amazon.com/https://www.postgresql.org/docs/11/sql-keywords-appendix.html) , and [PostgreSQL 12](https://docs.aws.amazon.com/https://www.postgresql.org/docs/12/sql-keywords-appendix.html) .", + "title": "MasterUsername", + "type": "string" + }, + "PreferredBackupWindow": { + "markdownDescription": "The daily time range during which automated backups are created for the database (for example, `16:00-16:30` ).", + "title": "PreferredBackupWindow", + "type": "string" + }, + "PreferredMaintenanceWindow": { + "markdownDescription": "The weekly time range during which system maintenance can occur for the database, formatted as follows: `ddd:hh24:mi-ddd:hh24:mi` . For example, `Tue:17:00-Tue:17:30` .", + "title": "PreferredMaintenanceWindow", + "type": "string" + }, + "PubliclyAccessible": { + "markdownDescription": "A Boolean value indicating whether the database is accessible to anyone on the internet.", + "title": "PubliclyAccessible", + "type": "boolean" + }, + "RelationalDatabaseBlueprintId": { + "markdownDescription": "The blueprint ID for the database (for example, `mysql_8_0` ).", + "title": "RelationalDatabaseBlueprintId", + "type": "string" + }, + "RelationalDatabaseBundleId": { + "markdownDescription": "The bundle ID for the database (for example, `medium_1_0` ).", + "title": "RelationalDatabaseBundleId", + "type": "string" + }, + "RelationalDatabaseName": { + "markdownDescription": "The name of the instance.", + "title": "RelationalDatabaseName", + "type": "string" + }, + "RelationalDatabaseParameters": { + "items": { + "$ref": "#/definitions/AWS::Lightsail::Database.RelationalDatabaseParameter" + }, + "markdownDescription": "An array of parameters for the database.", + "title": "RelationalDatabaseParameters", + "type": "array" + }, + "RotateMasterUserPassword": { + "markdownDescription": "A Boolean value indicating whether to change the primary user password to a new, strong password generated by Lightsail .\n\n> The `RotateMasterUserPassword` and `MasterUserPassword` parameters cannot be used together in the same template.", + "title": "RotateMasterUserPassword", + "type": "boolean" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags associated with the Site-to-Site VPN attachment.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", "title": "Tags", "type": "array" - }, - "VpnConnectionArn": { - "markdownDescription": "The ARN of the site-to-site VPN attachment.", - "title": "VpnConnectionArn", - "type": "string" } }, "required": [ - "CoreNetworkId", - "VpnConnectionArn" + "MasterDatabaseName", + "MasterUsername", + "RelationalDatabaseBlueprintId", + "RelationalDatabaseBundleId", + "RelationalDatabaseName" ], "type": "object" }, "Type": { "enum": [ - "AWS::NetworkManager::SiteToSiteVpnAttachment" + "AWS::Lightsail::Database" ], "type": "string" }, @@ -169316,112 +174916,53 @@ ], "type": "object" }, - "AWS::NetworkManager::SiteToSiteVpnAttachment.ProposedSegmentChange": { + "AWS::Lightsail::Database.RelationalDatabaseParameter": { "additionalProperties": false, "properties": { - "AttachmentPolicyRuleNumber": { - "markdownDescription": "The rule number in the policy document that applies to this change.", - "title": "AttachmentPolicyRuleNumber", - "type": "number" + "AllowedValues": { + "markdownDescription": "The valid range of values for the parameter.", + "title": "AllowedValues", + "type": "string" }, - "SegmentName": { - "markdownDescription": "The name of the segment to change.", - "title": "SegmentName", + "ApplyMethod": { + "markdownDescription": "Indicates when parameter updates are applied.\n\nCan be `immediate` or `pending-reboot` .", + "title": "ApplyMethod", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The list of key-value tags that changed for the segment.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, - "AWS::NetworkManager::TransitGatewayPeering": { - "additionalProperties": false, - "properties": { - "Condition": { + "ApplyType": { + "markdownDescription": "Specifies the engine-specific parameter type.", + "title": "ApplyType", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DataType": { + "markdownDescription": "The valid data type of the parameter.", + "title": "DataType", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "Description": { + "markdownDescription": "A description of the parameter.", + "title": "Description", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "CoreNetworkId": { - "markdownDescription": "The ID of the core network.", - "title": "CoreNetworkId", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The list of key-value tags associated with the peering.", - "title": "Tags", - "type": "array" - }, - "TransitGatewayArn": { - "markdownDescription": "The ARN of the transit gateway.", - "title": "TransitGatewayArn", - "type": "string" - } - }, - "required": [ - "CoreNetworkId", - "TransitGatewayArn" - ], - "type": "object" + "IsModifiable": { + "markdownDescription": "A Boolean value indicating whether the parameter can be modified.", + "title": "IsModifiable", + "type": "boolean" }, - "Type": { - "enum": [ - "AWS::NetworkManager::TransitGatewayPeering" - ], + "ParameterName": { + "markdownDescription": "The name of the parameter.", + "title": "ParameterName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ParameterValue": { + "markdownDescription": "The value for the parameter.", + "title": "ParameterValue", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::NetworkManager::TransitGatewayRegistration": { + "AWS::Lightsail::Disk": { "additionalProperties": false, "properties": { "Condition": { @@ -169456,26 +174997,52 @@ "Properties": { "additionalProperties": false, "properties": { - "GlobalNetworkId": { - "markdownDescription": "The ID of the global network.", - "title": "GlobalNetworkId", + "AddOns": { + "items": { + "$ref": "#/definitions/AWS::Lightsail::Disk.AddOn" + }, + "markdownDescription": "An array of add-ons for the disk.\n\n> If the disk has an add-on enabled when performing a delete disk request, the add-on is automatically disabled before the disk is deleted.", + "title": "AddOns", + "type": "array" + }, + "AvailabilityZone": { + "markdownDescription": "The AWS Region and Availability Zone location for the disk (for example, `us-east-1a` ).", + "title": "AvailabilityZone", "type": "string" }, - "TransitGatewayArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the transit gateway.", - "title": "TransitGatewayArn", + "DiskName": { + "markdownDescription": "The name of the disk.", + "title": "DiskName", "type": "string" + }, + "Location": { + "$ref": "#/definitions/AWS::Lightsail::Disk.Location", + "markdownDescription": "The AWS Region and Availability Zone where the disk is located.", + "title": "Location" + }, + "SizeInGb": { + "markdownDescription": "The size of the disk in GB.", + "title": "SizeInGb", + "type": "number" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", + "title": "Tags", + "type": "array" } }, "required": [ - "GlobalNetworkId", - "TransitGatewayArn" + "DiskName", + "SizeInGb" ], "type": "object" }, "Type": { "enum": [ - "AWS::NetworkManager::TransitGatewayRegistration" + "AWS::Lightsail::Disk" ], "type": "string" }, @@ -169494,117 +175061,58 @@ ], "type": "object" }, - "AWS::NetworkManager::TransitGatewayRouteTableAttachment": { + "AWS::Lightsail::Disk.AddOn": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "AddOnType": { + "markdownDescription": "The add-on type (for example, `AutoSnapshot` ).\n\n> `AutoSnapshot` is the only add-on that can be enabled for a disk.", + "title": "AddOnType", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "PeeringId": { - "markdownDescription": "The ID of the transit gateway peering.", - "title": "PeeringId", - "type": "string" - }, - "ProposedSegmentChange": { - "$ref": "#/definitions/AWS::NetworkManager::TransitGatewayRouteTableAttachment.ProposedSegmentChange", - "markdownDescription": "This property is read-only. Values can't be assigned to it.", - "title": "ProposedSegmentChange" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The list of key-value pairs associated with the transit gateway route table attachment.", - "title": "Tags", - "type": "array" - }, - "TransitGatewayRouteTableArn": { - "markdownDescription": "The ARN of the transit gateway attachment route table. For example, `\"TransitGatewayRouteTableArn\": \"arn:aws:ec2:us-west-2:123456789012:transit-gateway-route-table/tgw-rtb-9876543210123456\"` .", - "title": "TransitGatewayRouteTableArn", - "type": "string" - } - }, - "required": [ - "PeeringId", - "TransitGatewayRouteTableArn" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::NetworkManager::TransitGatewayRouteTableAttachment" - ], - "type": "string" + "AutoSnapshotAddOnRequest": { + "$ref": "#/definitions/AWS::Lightsail::Disk.AutoSnapshotAddOn", + "markdownDescription": "The parameters for the automatic snapshot add-on, such as the daily time when an automatic snapshot will be created.", + "title": "AutoSnapshotAddOnRequest" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Status": { + "markdownDescription": "The status of the add-on.\n\nValid Values: `Enabled` | `Disabled`", + "title": "Status", "type": "string" } }, "required": [ - "Type", - "Properties" + "AddOnType" ], "type": "object" }, - "AWS::NetworkManager::TransitGatewayRouteTableAttachment.ProposedSegmentChange": { + "AWS::Lightsail::Disk.AutoSnapshotAddOn": { "additionalProperties": false, "properties": { - "AttachmentPolicyRuleNumber": { - "markdownDescription": "The rule number in the policy document that applies to this change.", - "title": "AttachmentPolicyRuleNumber", - "type": "number" - }, - "SegmentName": { - "markdownDescription": "The name of the segment to change.", - "title": "SegmentName", + "SnapshotTimeOfDay": { + "markdownDescription": "The daily time when an automatic snapshot will be created.\n\nConstraints:\n\n- Must be in `HH:00` format, and in an hourly increment.\n- Specified in Coordinated Universal Time (UTC).\n- The snapshot will be automatically created between the time specified and up to 45 minutes after.", + "title": "SnapshotTimeOfDay", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Lightsail::Disk.Location": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "markdownDescription": "The Availability Zone where the disk is located.", + "title": "AvailabilityZone", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The list of key-value tags that changed for the segment.", - "title": "Tags", - "type": "array" + "RegionName": { + "markdownDescription": "The AWS Region where the disk is located.", + "title": "RegionName", + "type": "string" } }, "type": "object" }, - "AWS::NetworkManager::VpcAttachment": { + "AWS::Lightsail::Distribution": { "additionalProperties": false, "properties": { "Condition": { @@ -169639,53 +175147,74 @@ "Properties": { "additionalProperties": false, "properties": { - "CoreNetworkId": { - "markdownDescription": "The core network ID.", - "title": "CoreNetworkId", + "BundleId": { + "markdownDescription": "The ID of the bundle applied to the distribution.", + "title": "BundleId", "type": "string" }, - "Options": { - "$ref": "#/definitions/AWS::NetworkManager::VpcAttachment.VpcOptions", - "markdownDescription": "Options for creating the VPC attachment.", - "title": "Options" - }, - "ProposedSegmentChange": { - "$ref": "#/definitions/AWS::NetworkManager::VpcAttachment.ProposedSegmentChange", - "markdownDescription": "Describes a proposed segment change. In some cases, the segment change must first be evaluated and accepted.", - "title": "ProposedSegmentChange" + "CacheBehaviorSettings": { + "$ref": "#/definitions/AWS::Lightsail::Distribution.CacheSettings", + "markdownDescription": "An object that describes the cache behavior settings of the distribution.", + "title": "CacheBehaviorSettings" }, - "SubnetArns": { + "CacheBehaviors": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Lightsail::Distribution.CacheBehaviorPerPath" }, - "markdownDescription": "The subnet ARNs.", - "title": "SubnetArns", + "markdownDescription": "An array of objects that describe the per-path cache behavior of the distribution.", + "title": "CacheBehaviors", "type": "array" }, + "CertificateName": { + "markdownDescription": "The name of the SSL/TLS certificate attached to the distribution.", + "title": "CertificateName", + "type": "string" + }, + "DefaultCacheBehavior": { + "$ref": "#/definitions/AWS::Lightsail::Distribution.CacheBehavior", + "markdownDescription": "An object that describes the default cache behavior of the distribution.", + "title": "DefaultCacheBehavior" + }, + "DistributionName": { + "markdownDescription": "The name of the distribution", + "title": "DistributionName", + "type": "string" + }, + "IpAddressType": { + "markdownDescription": "The IP address type of the distribution.\n\nThe possible values are `ipv4` for IPv4 only, and `dualstack` for IPv4 and IPv6.", + "title": "IpAddressType", + "type": "string" + }, + "IsEnabled": { + "markdownDescription": "A Boolean value indicating whether the distribution is enabled.", + "title": "IsEnabled", + "type": "boolean" + }, + "Origin": { + "$ref": "#/definitions/AWS::Lightsail::Distribution.InputOrigin", + "markdownDescription": "An object that describes the origin resource of the distribution, such as a Lightsail instance, bucket, or load balancer.\n\nThe distribution pulls, caches, and serves content from the origin.", + "title": "Origin" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags associated with the VPC attachment.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", "title": "Tags", "type": "array" - }, - "VpcArn": { - "markdownDescription": "The ARN of the VPC attachment.", - "title": "VpcArn", - "type": "string" } }, "required": [ - "CoreNetworkId", - "SubnetArns", - "VpcArn" + "BundleId", + "DefaultCacheBehavior", + "DistributionName", + "Origin" ], "type": "object" }, "Type": { "enum": [ - "AWS::NetworkManager::VpcAttachment" + "AWS::Lightsail::Distribution" ], "type": "string" }, @@ -169704,47 +175233,158 @@ ], "type": "object" }, - "AWS::NetworkManager::VpcAttachment.ProposedSegmentChange": { + "AWS::Lightsail::Distribution.CacheBehavior": { "additionalProperties": false, "properties": { - "AttachmentPolicyRuleNumber": { - "markdownDescription": "The rule number in the policy document that applies to this change.", - "title": "AttachmentPolicyRuleNumber", - "type": "number" + "Behavior": { + "markdownDescription": "The cache behavior of the distribution.\n\nThe following cache behaviors can be specified:\n\n- *`cache`* - This option is best for static sites. When specified, your distribution caches and serves your entire website as static content. This behavior is ideal for websites with static content that doesn't change depending on who views it, or for websites that don't use cookies, headers, or query strings to personalize content.\n- *`dont-cache`* - This option is best for sites that serve a mix of static and dynamic content. When specified, your distribution caches and serves only the content that is specified in the distribution\u2019s `CacheBehaviorPerPath` parameter. This behavior is ideal for websites or web applications that use cookies, headers, and query strings to personalize content for individual users.", + "title": "Behavior", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Lightsail::Distribution.CacheBehaviorPerPath": { + "additionalProperties": false, + "properties": { + "Behavior": { + "markdownDescription": "The cache behavior for the specified path.\n\nYou can specify one of the following per-path cache behaviors:\n\n- *`cache`* - This behavior caches the specified path.\n- *`dont-cache`* - This behavior doesn't cache the specified path.", + "title": "Behavior", + "type": "string" }, - "SegmentName": { - "markdownDescription": "The name of the segment to change.", - "title": "SegmentName", + "Path": { + "markdownDescription": "The path to a directory or file to cache, or not cache. Use an asterisk symbol to specify wildcard directories ( `path/to/assets/*` ), and file types ( `*.html` , `*jpg` , `*js` ). Directories and file paths are case-sensitive.\n\nExamples:\n\n- Specify the following to cache all files in the document root of an Apache web server running on a instance.\n\n`var/www/html/`\n- Specify the following file to cache only the index page in the document root of an Apache web server.\n\n`var/www/html/index.html`\n- Specify the following to cache only the .html files in the document root of an Apache web server.\n\n`var/www/html/*.html`\n- Specify the following to cache only the .jpg, .png, and .gif files in the images sub-directory of the document root of an Apache web server.\n\n`var/www/html/images/*.jpg`\n\n`var/www/html/images/*.png`\n\n`var/www/html/images/*.gif`\n\nSpecify the following to cache all files in the images subdirectory of the document root of an Apache web server.\n\n`var/www/html/images/`", + "title": "Path", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Lightsail::Distribution.CacheSettings": { + "additionalProperties": false, + "properties": { + "AllowedHTTPMethods": { + "markdownDescription": "The HTTP methods that are processed and forwarded to the distribution's origin.\n\nYou can specify the following options:\n\n- `GET,HEAD` - The distribution forwards the `GET` and `HEAD` methods.\n- `GET,HEAD,OPTIONS` - The distribution forwards the `GET` , `HEAD` , and `OPTIONS` methods.\n- `GET,HEAD,OPTIONS,PUT,PATCH,POST,DELETE` - The distribution forwards the `GET` , `HEAD` , `OPTIONS` , `PUT` , `PATCH` , `POST` , and `DELETE` methods.\n\nIf you specify `GET,HEAD,OPTIONS,PUT,PATCH,POST,DELETE` , you might need to restrict access to your distribution's origin so users can't perform operations that you don't want them to. For example, you might not want users to have permission to delete objects from your origin.", + "title": "AllowedHTTPMethods", "type": "string" }, - "Tags": { + "CachedHTTPMethods": { + "markdownDescription": "The HTTP method responses that are cached by your distribution.\n\nYou can specify the following options:\n\n- `GET,HEAD` - The distribution caches responses to the `GET` and `HEAD` methods.\n- `GET,HEAD,OPTIONS` - The distribution caches responses to the `GET` , `HEAD` , and `OPTIONS` methods.", + "title": "CachedHTTPMethods", + "type": "string" + }, + "DefaultTTL": { + "markdownDescription": "The default amount of time that objects stay in the distribution's cache before the distribution forwards another request to the origin to determine whether the content has been updated.\n\n> The value specified applies only when the origin does not add HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects.", + "title": "DefaultTTL", + "type": "number" + }, + "ForwardedCookies": { + "$ref": "#/definitions/AWS::Lightsail::Distribution.CookieObject", + "markdownDescription": "An object that describes the cookies that are forwarded to the origin. Your content is cached based on the cookies that are forwarded.", + "title": "ForwardedCookies" + }, + "ForwardedHeaders": { + "$ref": "#/definitions/AWS::Lightsail::Distribution.HeaderObject", + "markdownDescription": "An object that describes the headers that are forwarded to the origin. Your content is cached based on the headers that are forwarded.", + "title": "ForwardedHeaders" + }, + "ForwardedQueryStrings": { + "$ref": "#/definitions/AWS::Lightsail::Distribution.QueryStringObject", + "markdownDescription": "An object that describes the query strings that are forwarded to the origin. Your content is cached based on the query strings that are forwarded.", + "title": "ForwardedQueryStrings" + }, + "MaximumTTL": { + "markdownDescription": "The maximum amount of time that objects stay in the distribution's cache before the distribution forwards another request to the origin to determine whether the object has been updated.\n\nThe value specified applies only when the origin adds HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects.", + "title": "MaximumTTL", + "type": "number" + }, + "MinimumTTL": { + "markdownDescription": "The minimum amount of time that objects stay in the distribution's cache before the distribution forwards another request to the origin to determine whether the object has been updated.\n\nA value of `0` must be specified for `minimumTTL` if the distribution is configured to forward all headers to the origin.", + "title": "MinimumTTL", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Lightsail::Distribution.CookieObject": { + "additionalProperties": false, + "properties": { + "CookiesAllowList": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "The list of key-value tags that changed for the segment.", - "title": "Tags", + "markdownDescription": "The specific cookies to forward to your distribution's origin.", + "title": "CookiesAllowList", "type": "array" + }, + "Option": { + "markdownDescription": "Specifies which cookies to forward to the distribution's origin for a cache behavior.\n\nUse one of the following configurations for your distribution:\n\n- *`all`* - Forwards all cookies to your origin.\n- *`none`* - Doesn\u2019t forward cookies to your origin.\n- *`allow-list`* - Forwards only the cookies that you specify using the `CookiesAllowList` parameter.", + "title": "Option", + "type": "string" } }, "type": "object" }, - "AWS::NetworkManager::VpcAttachment.VpcOptions": { + "AWS::Lightsail::Distribution.HeaderObject": { "additionalProperties": false, "properties": { - "ApplianceModeSupport": { - "markdownDescription": "Indicates whether appliance mode is supported. If enabled, traffic flow between a source and destination use the same Availability Zone for the VPC attachment for the lifetime of that flow. The default value is `false` .", - "title": "ApplianceModeSupport", - "type": "boolean" + "HeadersAllowList": { + "items": { + "type": "string" + }, + "markdownDescription": "The specific headers to forward to your distribution's origin.", + "title": "HeadersAllowList", + "type": "array" }, - "Ipv6Support": { - "markdownDescription": "Indicates whether IPv6 is supported.", - "title": "Ipv6Support", + "Option": { + "markdownDescription": "The headers that you want your distribution to forward to your origin. Your distribution caches your content based on these headers.\n\nUse one of the following configurations for your distribution:\n\n- *`all`* - Forwards all headers to your origin..\n- *`none`* - Forwards only the default headers.\n- *`allow-list`* - Forwards only the headers that you specify using the `HeadersAllowList` parameter.", + "title": "Option", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Lightsail::Distribution.InputOrigin": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the origin resource.", + "title": "Name", + "type": "string" + }, + "ProtocolPolicy": { + "markdownDescription": "The protocol that your Amazon Lightsail distribution uses when establishing a connection with your origin to pull content.", + "title": "ProtocolPolicy", + "type": "string" + }, + "RegionName": { + "markdownDescription": "The AWS Region name of the origin resource.", + "title": "RegionName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Lightsail::Distribution.QueryStringObject": { + "additionalProperties": false, + "properties": { + "Option": { + "markdownDescription": "Indicates whether the distribution forwards and caches based on query strings.", + "title": "Option", "type": "boolean" + }, + "QueryStringsAllowList": { + "items": { + "type": "string" + }, + "markdownDescription": "The specific query strings that the distribution forwards to the origin.\n\nYour distribution caches content based on the specified query strings.\n\nIf the `option` parameter is true, then your distribution forwards all query strings, regardless of what you specify using the `QueryStringsAllowList` parameter.", + "title": "QueryStringsAllowList", + "type": "array" } }, "type": "object" }, - "AWS::NimbleStudio::LaunchProfile": { + "AWS::Lightsail::Instance": { "additionalProperties": false, "properties": { "Condition": { @@ -169779,59 +175419,83 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "type": "string" - }, - "Ec2SubnetIds": { + "AddOns": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Lightsail::Instance.AddOn" }, + "markdownDescription": "An array of add-ons for the instance.\n\n> If the instance has an add-on enabled when performing a delete instance request, the add-on is automatically disabled before the instance is deleted.", + "title": "AddOns", "type": "array" }, - "LaunchProfileProtocolVersions": { - "items": { - "type": "string" - }, - "type": "array" + "AvailabilityZone": { + "markdownDescription": "The Availability Zone for the instance.", + "title": "AvailabilityZone", + "type": "string" }, - "Name": { + "BlueprintId": { + "markdownDescription": "The blueprint ID for the instance (for example, `os_amlinux_2016_03` ).", + "title": "BlueprintId", + "type": "string" + }, + "BundleId": { + "markdownDescription": "The bundle ID for the instance (for example, `micro_1_0` ).", + "title": "BundleId", "type": "string" }, - "StreamConfiguration": { - "$ref": "#/definitions/AWS::NimbleStudio::LaunchProfile.StreamConfiguration" + "Hardware": { + "$ref": "#/definitions/AWS::Lightsail::Instance.Hardware", + "markdownDescription": "The hardware properties for the instance, such as the vCPU count, attached disks, and amount of RAM.\n\n> The instance restarts when performing an attach disk or detach disk request. This resets the public IP address of your instance if a static IP isn't attached to it.", + "title": "Hardware" }, - "StudioComponentIds": { - "items": { - "type": "string" - }, - "type": "array" + "InstanceName": { + "markdownDescription": "The name of the instance.", + "title": "InstanceName", + "type": "string" }, - "StudioId": { + "KeyPairName": { + "markdownDescription": "The name of the key pair to use for the instance.\n\nIf no key pair name is specified, the Regional Lightsail default key pair is used.", + "title": "KeyPairName", "type": "string" }, + "Location": { + "$ref": "#/definitions/AWS::Lightsail::Instance.Location", + "markdownDescription": "The location for the instance, such as the AWS Region and Availability Zone.\n\n> The `Location` property is read-only and should not be specified in a create instance or update instance request.", + "title": "Location" + }, + "Networking": { + "$ref": "#/definitions/AWS::Lightsail::Instance.Networking", + "markdownDescription": "The public ports and the monthly amount of data transfer allocated for the instance.", + "title": "Networking" + }, + "State": { + "$ref": "#/definitions/AWS::Lightsail::Instance.State", + "markdownDescription": "The status code and the state (for example, `running` ) of the instance.\n\n> The `State` property is read-only and should not be specified in a create instance or update instance request.", + "title": "State" + }, "Tags": { - "additionalProperties": true, - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, - "type": "object" + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", + "title": "Tags", + "type": "array" + }, + "UserData": { + "markdownDescription": "The optional launch script for the instance.\n\nSpecify a launch script to configure an instance with additional user data. For example, you might want to specify `apt-get -y update` as a launch script.\n\n> Depending on the blueprint of your instance, the command to get software on your instance varies. Amazon Linux and CentOS use `yum` , Debian and Ubuntu use `apt-get` , and FreeBSD uses `pkg` .", + "title": "UserData", + "type": "string" } }, "required": [ - "Ec2SubnetIds", - "LaunchProfileProtocolVersions", - "Name", - "StreamConfiguration", - "StudioComponentIds", - "StudioId" + "BlueprintId", + "BundleId", + "InstanceName" ], "type": "object" }, "Type": { "enum": [ - "AWS::NimbleStudio::LaunchProfile" + "AWS::Lightsail::Instance" ], "type": "string" }, @@ -169850,111 +175514,241 @@ ], "type": "object" }, - "AWS::NimbleStudio::LaunchProfile.StreamConfiguration": { + "AWS::Lightsail::Instance.AddOn": { "additionalProperties": false, "properties": { - "AutomaticTerminationMode": { + "AddOnType": { + "markdownDescription": "The add-on type (for example, `AutoSnapshot` ).\n\n> `AutoSnapshot` is the only add-on that can be enabled for an instance.", + "title": "AddOnType", "type": "string" }, - "ClipboardMode": { + "AutoSnapshotAddOnRequest": { + "$ref": "#/definitions/AWS::Lightsail::Instance.AutoSnapshotAddOn", + "markdownDescription": "The parameters for the automatic snapshot add-on, such as the daily time when an automatic snapshot will be created.", + "title": "AutoSnapshotAddOnRequest" + }, + "Status": { + "markdownDescription": "The status of the add-on.\n\nValid Values: `Enabled` | `Disabled`", + "title": "Status", + "type": "string" + } + }, + "required": [ + "AddOnType" + ], + "type": "object" + }, + "AWS::Lightsail::Instance.AutoSnapshotAddOn": { + "additionalProperties": false, + "properties": { + "SnapshotTimeOfDay": { + "markdownDescription": "The daily time when an automatic snapshot will be created.\n\nConstraints:\n\n- Must be in `HH:00` format, and in an hourly increment.\n- Specified in Coordinated Universal Time (UTC).\n- The snapshot will be automatically created between the time specified and up to 45 minutes after.", + "title": "SnapshotTimeOfDay", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Lightsail::Instance.Disk": { + "additionalProperties": false, + "properties": { + "AttachedTo": { + "markdownDescription": "The resources to which the disk is attached.", + "title": "AttachedTo", "type": "string" }, - "Ec2InstanceTypes": { - "items": { - "type": "string" - }, - "type": "array" + "AttachmentState": { + "markdownDescription": "(Deprecated) The attachment state of the disk.\n\n> In releases prior to November 14, 2017, this parameter returned `attached` for system disks in the API response. It is now deprecated, but still included in the response. Use `isAttached` instead.", + "title": "AttachmentState", + "type": "string" }, - "MaxSessionLengthInMinutes": { - "type": "number" + "DiskName": { + "markdownDescription": "The unique name of the disk.", + "title": "DiskName", + "type": "string" }, - "MaxStoppedSessionLengthInMinutes": { + "IOPS": { + "markdownDescription": "The input/output operations per second (IOPS) of the disk.", + "title": "IOPS", "type": "number" }, - "SessionBackup": { - "$ref": "#/definitions/AWS::NimbleStudio::LaunchProfile.StreamConfigurationSessionBackup" + "IsSystemDisk": { + "markdownDescription": "A Boolean value indicating whether this disk is a system disk (has an operating system loaded on it).", + "title": "IsSystemDisk", + "type": "boolean" }, - "SessionPersistenceMode": { + "Path": { + "markdownDescription": "The disk path.", + "title": "Path", "type": "string" }, - "SessionStorage": { - "$ref": "#/definitions/AWS::NimbleStudio::LaunchProfile.StreamConfigurationSessionStorage" + "SizeInGb": { + "markdownDescription": "The size of the disk in GB.", + "title": "SizeInGb", + "type": "string" + } + }, + "required": [ + "DiskName", + "Path" + ], + "type": "object" + }, + "AWS::Lightsail::Instance.Hardware": { + "additionalProperties": false, + "properties": { + "CpuCount": { + "markdownDescription": "The number of vCPUs the instance has.\n\n> The `CpuCount` property is read-only and should not be specified in a create instance or update instance request.", + "title": "CpuCount", + "type": "number" }, - "StreamingImageIds": { + "Disks": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Lightsail::Instance.Disk" }, + "markdownDescription": "The disks attached to the instance.\n\nThe instance restarts when performing an attach disk or detach disk request. This resets the public IP address of your instance if a static IP isn't attached to it.", + "title": "Disks", "type": "array" }, - "VolumeConfiguration": { - "$ref": "#/definitions/AWS::NimbleStudio::LaunchProfile.VolumeConfiguration" + "RamSizeInGb": { + "markdownDescription": "The amount of RAM in GB on the instance (for example, `1.0` ).\n\n> The `RamSizeInGb` property is read-only and should not be specified in a create instance or update instance request.", + "title": "RamSizeInGb", + "type": "number" } }, - "required": [ - "ClipboardMode", - "Ec2InstanceTypes", - "StreamingImageIds" - ], "type": "object" }, - "AWS::NimbleStudio::LaunchProfile.StreamConfigurationSessionBackup": { + "AWS::Lightsail::Instance.Location": { "additionalProperties": false, "properties": { - "MaxBackupsToRetain": { - "type": "number" + "AvailabilityZone": { + "markdownDescription": "The Availability Zone for the instance.", + "title": "AvailabilityZone", + "type": "string" }, - "Mode": { + "RegionName": { + "markdownDescription": "The name of the AWS Region for the instance.", + "title": "RegionName", "type": "string" } }, "type": "object" }, - "AWS::NimbleStudio::LaunchProfile.StreamConfigurationSessionStorage": { + "AWS::Lightsail::Instance.MonthlyTransfer": { "additionalProperties": false, "properties": { - "Mode": { + "GbPerMonthAllocated": { + "markdownDescription": "The amount of allocated monthly data transfer (in GB) for an instance.", + "title": "GbPerMonthAllocated", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Lightsail::Instance.Networking": { + "additionalProperties": false, + "properties": { + "MonthlyTransfer": { + "$ref": "#/definitions/AWS::Lightsail::Instance.MonthlyTransfer", + "markdownDescription": "The monthly amount of data transfer, in GB, allocated for the instance", + "title": "MonthlyTransfer" + }, + "Ports": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Lightsail::Instance.Port" }, + "markdownDescription": "An array of ports to open on the instance.", + "title": "Ports", "type": "array" - }, - "Root": { - "$ref": "#/definitions/AWS::NimbleStudio::LaunchProfile.StreamingSessionStorageRoot" } }, "required": [ - "Mode" + "Ports" ], "type": "object" }, - "AWS::NimbleStudio::LaunchProfile.StreamingSessionStorageRoot": { + "AWS::Lightsail::Instance.Port": { "additionalProperties": false, "properties": { - "Linux": { + "AccessDirection": { + "markdownDescription": "The access direction ( `inbound` or `outbound` ).\n\n> Lightsail currently supports only `inbound` access direction.", + "title": "AccessDirection", "type": "string" }, - "Windows": { + "AccessFrom": { + "markdownDescription": "The location from which access is allowed. For example, `Anywhere (0.0.0.0/0)` , or `Custom` if a specific IP address or range of IP addresses is allowed.", + "title": "AccessFrom", + "type": "string" + }, + "AccessType": { + "markdownDescription": "The type of access ( `Public` or `Private` ).", + "title": "AccessType", + "type": "string" + }, + "CidrListAliases": { + "items": { + "type": "string" + }, + "markdownDescription": "An alias that defines access for a preconfigured range of IP addresses.\n\nThe only alias currently supported is `lightsail-connect` , which allows IP addresses of the browser-based RDP/SSH client in the Lightsail console to connect to your instance.", + "title": "CidrListAliases", + "type": "array" + }, + "Cidrs": { + "items": { + "type": "string" + }, + "markdownDescription": "The IPv4 address, or range of IPv4 addresses (in CIDR notation) that are allowed to connect to an instance through the ports, and the protocol.\n\n> The `ipv6Cidrs` parameter lists the IPv6 addresses that are allowed to connect to an instance. \n\nExamples:\n\n- To allow the IP address `192.0.2.44` , specify `192.0.2.44` or `192.0.2.44/32` .\n- To allow the IP addresses `192.0.2.0` to `192.0.2.255` , specify `192.0.2.0/24` .", + "title": "Cidrs", + "type": "array" + }, + "CommonName": { + "markdownDescription": "The common name of the port information.", + "title": "CommonName", + "type": "string" + }, + "FromPort": { + "markdownDescription": "The first port in a range of open ports on an instance.\n\nAllowed ports:\n\n- TCP and UDP - `0` to `65535`\n- ICMP - The ICMP type for IPv4 addresses. For example, specify `8` as the `fromPort` (ICMP type), and `-1` as the `toPort` (ICMP code), to enable ICMP Ping.\n- ICMPv6 - The ICMP type for IPv6 addresses. For example, specify `128` as the `fromPort` (ICMPv6 type), and `0` as `toPort` (ICMPv6 code).", + "title": "FromPort", + "type": "number" + }, + "Ipv6Cidrs": { + "items": { + "type": "string" + }, + "markdownDescription": "The IPv6 address, or range of IPv6 addresses (in CIDR notation) that are allowed to connect to an instance through the ports, and the protocol. Only devices with an IPv6 address can connect to an instance through IPv6; otherwise, IPv4 should be used.\n\n> The `cidrs` parameter lists the IPv4 addresses that are allowed to connect to an instance.", + "title": "Ipv6Cidrs", + "type": "array" + }, + "Protocol": { + "markdownDescription": "The IP protocol name.\n\nThe name can be one of the following:\n\n- `tcp` - Transmission Control Protocol (TCP) provides reliable, ordered, and error-checked delivery of streamed data between applications running on hosts communicating by an IP network. If you have an application that doesn't require reliable data stream service, use UDP instead.\n- `all` - All transport layer protocol types.\n- `udp` - With User Datagram Protocol (UDP), computer applications can send messages (or datagrams) to other hosts on an Internet Protocol (IP) network. Prior communications are not required to set up transmission channels or data paths. Applications that don't require reliable data stream service can use UDP, which provides a connectionless datagram service that emphasizes reduced latency over reliability. If you do require reliable data stream service, use TCP instead.\n- `icmp` - Internet Control Message Protocol (ICMP) is used to send error messages and operational information indicating success or failure when communicating with an instance. For example, an error is indicated when an instance could not be reached. When you specify `icmp` as the `protocol` , you must specify the ICMP type using the `fromPort` parameter, and ICMP code using the `toPort` parameter.", + "title": "Protocol", "type": "string" + }, + "ToPort": { + "markdownDescription": "The last port in a range of open ports on an instance.\n\nAllowed ports:\n\n- TCP and UDP - `0` to `65535`\n- ICMP - The ICMP code for IPv4 addresses. For example, specify `8` as the `fromPort` (ICMP type), and `-1` as the `toPort` (ICMP code), to enable ICMP Ping.\n- ICMPv6 - The ICMP code for IPv6 addresses. For example, specify `128` as the `fromPort` (ICMPv6 type), and `0` as `toPort` (ICMPv6 code).", + "title": "ToPort", + "type": "number" } }, "type": "object" }, - "AWS::NimbleStudio::LaunchProfile.VolumeConfiguration": { + "AWS::Lightsail::Instance.State": { "additionalProperties": false, "properties": { - "Iops": { - "type": "number" - }, - "Size": { + "Code": { + "markdownDescription": "The status code of the instance.", + "title": "Code", "type": "number" }, - "Throughput": { - "type": "number" + "Name": { + "markdownDescription": "The state of the instance (for example, `running` or `pending` ).", + "title": "Name", + "type": "string" } }, "type": "object" }, - "AWS::NimbleStudio::StreamingImage": { + "AWS::Lightsail::InstanceSnapshot": { "additionalProperties": false, "properties": { "Condition": { @@ -169989,38 +175783,34 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "type": "string" - }, - "Ec2ImageId": { - "type": "string" - }, - "Name": { + "InstanceName": { + "markdownDescription": "The name the user gave the instance ( `Amazon_Linux_2023-1` ).", + "title": "InstanceName", "type": "string" }, - "StudioId": { + "InstanceSnapshotName": { + "markdownDescription": "The name of the snapshot.", + "title": "InstanceSnapshotName", "type": "string" }, "Tags": { - "additionalProperties": true, - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, - "type": "object" + "markdownDescription": "The tag keys and optional values for the resource. For more information about tags in Lightsail, see the [Amazon Lightsail Developer Guide](https://docs.aws.amazon.com/lightsail/latest/userguide/amazon-lightsail-tags) .", + "title": "Tags", + "type": "array" } }, "required": [ - "Ec2ImageId", - "Name", - "StudioId" + "InstanceName", + "InstanceSnapshotName" ], "type": "object" }, "Type": { "enum": [ - "AWS::NimbleStudio::StreamingImage" + "AWS::Lightsail::InstanceSnapshot" ], "type": "string" }, @@ -170039,22 +175829,23 @@ ], "type": "object" }, - "AWS::NimbleStudio::StreamingImage.StreamingImageEncryptionConfiguration": { + "AWS::Lightsail::InstanceSnapshot.Location": { "additionalProperties": false, "properties": { - "KeyArn": { + "AvailabilityZone": { + "markdownDescription": "", + "title": "AvailabilityZone", "type": "string" }, - "KeyType": { + "RegionName": { + "markdownDescription": "", + "title": "RegionName", "type": "string" } }, - "required": [ - "KeyType" - ], "type": "object" }, - "AWS::NimbleStudio::Studio": { + "AWS::Lightsail::LoadBalancer": { "additionalProperties": false, "properties": { "Condition": { @@ -170089,42 +175880,67 @@ "Properties": { "additionalProperties": false, "properties": { - "AdminRoleArn": { + "AttachedInstances": { + "items": { + "type": "string" + }, + "markdownDescription": "The Lightsail instances to attach to the load balancer.", + "title": "AttachedInstances", + "type": "array" + }, + "HealthCheckPath": { + "markdownDescription": "The path on the attached instance where the health check will be performed. If no path is specified, the load balancer tries to make a request to the default (root) page ( `/index.html` ).", + "title": "HealthCheckPath", "type": "string" }, - "DisplayName": { + "InstancePort": { + "markdownDescription": "The port that the load balancer uses to direct traffic to your Lightsail instances. For HTTP traffic, specify port `80` . For HTTPS traffic, specify port `443` .", + "title": "InstancePort", + "type": "number" + }, + "IpAddressType": { + "markdownDescription": "The IP address type of the load balancer.\n\nThe possible values are `ipv4` for IPv4 only, and `dualstack` for both IPv4 and IPv6.", + "title": "IpAddressType", + "type": "string" + }, + "LoadBalancerName": { + "markdownDescription": "The name of the load balancer.", + "title": "LoadBalancerName", "type": "string" }, - "StudioEncryptionConfiguration": { - "$ref": "#/definitions/AWS::NimbleStudio::Studio.StudioEncryptionConfiguration" + "SessionStickinessEnabled": { + "markdownDescription": "A Boolean value indicating whether session stickiness is enabled.\n\nEnable session stickiness (also known as *session affinity* ) to bind a user's session to a specific instance. This ensures that all requests from the user during the session are sent to the same instance.", + "title": "SessionStickinessEnabled", + "type": "boolean" }, - "StudioName": { + "SessionStickinessLBCookieDurationSeconds": { + "markdownDescription": "The time period, in seconds, after which the load balancer session stickiness cookie should be considered stale. If you do not specify this parameter, the default value is 0, which indicates that the sticky session should last for the duration of the browser session.", + "title": "SessionStickinessLBCookieDurationSeconds", "type": "string" }, "Tags": { - "additionalProperties": true, - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, - "type": "object" + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", + "title": "Tags", + "type": "array" }, - "UserRoleArn": { + "TlsPolicyName": { + "markdownDescription": "The name of the TLS security policy for the load balancer.", + "title": "TlsPolicyName", "type": "string" } }, "required": [ - "AdminRoleArn", - "DisplayName", - "StudioName", - "UserRoleArn" + "InstancePort", + "LoadBalancerName" ], "type": "object" }, "Type": { "enum": [ - "AWS::NimbleStudio::Studio" + "AWS::Lightsail::LoadBalancer" ], "type": "string" }, @@ -170143,22 +175959,7 @@ ], "type": "object" }, - "AWS::NimbleStudio::Studio.StudioEncryptionConfiguration": { - "additionalProperties": false, - "properties": { - "KeyArn": { - "type": "string" - }, - "KeyType": { - "type": "string" - } - }, - "required": [ - "KeyType" - ], - "type": "object" - }, - "AWS::NimbleStudio::StudioComponent": { + "AWS::Lightsail::LoadBalancerTlsCertificate": { "additionalProperties": false, "properties": { "Condition": { @@ -170193,62 +175994,50 @@ "Properties": { "additionalProperties": false, "properties": { - "Configuration": { - "$ref": "#/definitions/AWS::NimbleStudio::StudioComponent.StudioComponentConfiguration" - }, - "Description": { - "type": "string" - }, - "Ec2SecurityGroupIds": { + "CertificateAlternativeNames": { "items": { "type": "string" }, + "markdownDescription": "An array of alternative domain names and subdomain names for your SSL/TLS certificate.\n\nIn addition to the primary domain name, you can have up to nine alternative domain names. Wildcards (such as `*.example.com` ) are not supported.", + "title": "CertificateAlternativeNames", "type": "array" }, - "InitializationScripts": { - "items": { - "$ref": "#/definitions/AWS::NimbleStudio::StudioComponent.StudioComponentInitializationScript" - }, - "type": "array" - }, - "Name": { + "CertificateDomainName": { + "markdownDescription": "The domain name for the SSL/TLS certificate. For example, `example.com` or `www.example.com` .", + "title": "CertificateDomainName", "type": "string" }, - "ScriptParameters": { - "items": { - "$ref": "#/definitions/AWS::NimbleStudio::StudioComponent.ScriptParameterKeyValue" - }, - "type": "array" - }, - "StudioId": { + "CertificateName": { + "markdownDescription": "The name of the SSL/TLS certificate.", + "title": "CertificateName", "type": "string" }, - "Subtype": { - "type": "string" + "HttpsRedirectionEnabled": { + "markdownDescription": "A Boolean value indicating whether HTTPS redirection is enabled for the load balancer that the TLS certificate is attached to.", + "title": "HttpsRedirectionEnabled", + "type": "boolean" }, - "Tags": { - "additionalProperties": true, - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "type": "object" + "IsAttached": { + "markdownDescription": "A Boolean value indicating whether the SSL/TLS certificate is attached to a Lightsail load balancer.", + "title": "IsAttached", + "type": "boolean" }, - "Type": { + "LoadBalancerName": { + "markdownDescription": "The name of the load balancer that the SSL/TLS certificate is attached to.", + "title": "LoadBalancerName", "type": "string" } }, "required": [ - "Name", - "StudioId", - "Type" + "CertificateDomainName", + "CertificateName", + "LoadBalancerName" ], "type": "object" }, "Type": { "enum": [ - "AWS::NimbleStudio::StudioComponent" + "AWS::Lightsail::LoadBalancerTlsCertificate" ], "type": "string" }, @@ -170267,127 +176056,79 @@ ], "type": "object" }, - "AWS::NimbleStudio::StudioComponent.ActiveDirectoryComputerAttribute": { - "additionalProperties": false, - "properties": { - "Name": { - "type": "string" - }, - "Value": { - "type": "string" - } - }, - "type": "object" - }, - "AWS::NimbleStudio::StudioComponent.ActiveDirectoryConfiguration": { - "additionalProperties": false, - "properties": { - "ComputerAttributes": { - "items": { - "$ref": "#/definitions/AWS::NimbleStudio::StudioComponent.ActiveDirectoryComputerAttribute" - }, - "type": "array" - }, - "DirectoryId": { - "type": "string" - }, - "OrganizationalUnitDistinguishedName": { - "type": "string" - } - }, - "type": "object" - }, - "AWS::NimbleStudio::StudioComponent.ComputeFarmConfiguration": { - "additionalProperties": false, - "properties": { - "ActiveDirectoryUser": { - "type": "string" - }, - "Endpoint": { - "type": "string" - } - }, - "type": "object" - }, - "AWS::NimbleStudio::StudioComponent.LicenseServiceConfiguration": { - "additionalProperties": false, - "properties": { - "Endpoint": { - "type": "string" - } - }, - "type": "object" - }, - "AWS::NimbleStudio::StudioComponent.ScriptParameterKeyValue": { - "additionalProperties": false, - "properties": { - "Key": { - "type": "string" - }, - "Value": { - "type": "string" - } - }, - "type": "object" - }, - "AWS::NimbleStudio::StudioComponent.SharedFileSystemConfiguration": { + "AWS::Lightsail::StaticIp": { "additionalProperties": false, "properties": { - "Endpoint": { - "type": "string" - }, - "FileSystemId": { - "type": "string" - }, - "LinuxMountPoint": { - "type": "string" - }, - "ShareName": { + "Condition": { "type": "string" }, - "WindowsMountDrive": { + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::NimbleStudio::StudioComponent.StudioComponentConfiguration": { - "additionalProperties": false, - "properties": { - "ActiveDirectoryConfiguration": { - "$ref": "#/definitions/AWS::NimbleStudio::StudioComponent.ActiveDirectoryConfiguration" - }, - "ComputeFarmConfiguration": { - "$ref": "#/definitions/AWS::NimbleStudio::StudioComponent.ComputeFarmConfiguration" }, - "LicenseServiceConfiguration": { - "$ref": "#/definitions/AWS::NimbleStudio::StudioComponent.LicenseServiceConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SharedFileSystemConfiguration": { - "$ref": "#/definitions/AWS::NimbleStudio::StudioComponent.SharedFileSystemConfiguration" - } - }, - "type": "object" - }, - "AWS::NimbleStudio::StudioComponent.StudioComponentInitializationScript": { - "additionalProperties": false, - "properties": { - "LaunchProfileProtocolVersion": { - "type": "string" + "Metadata": { + "type": "object" }, - "Platform": { - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "AttachedTo": { + "markdownDescription": "The instance that the static IP is attached to.", + "title": "AttachedTo", + "type": "string" + }, + "StaticIpName": { + "markdownDescription": "The name of the static IP.", + "title": "StaticIpName", + "type": "string" + } + }, + "required": [ + "StaticIpName" + ], + "type": "object" }, - "RunContext": { + "Type": { + "enum": [ + "AWS::Lightsail::StaticIp" + ], "type": "string" }, - "Script": { + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::OSIS::Pipeline": { + "AWS::Location::APIKey": { "additionalProperties": false, "properties": { "Condition": { @@ -170422,66 +176163,59 @@ "Properties": { "additionalProperties": false, "properties": { - "BufferOptions": { - "$ref": "#/definitions/AWS::OSIS::Pipeline.BufferOptions", - "markdownDescription": "Options that specify the configuration of a persistent buffer. To configure how OpenSearch Ingestion encrypts this data, set the `EncryptionAtRestOptions` . For more information, see [Persistent buffering](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/osis-features-overview.html#persistent-buffering) .", - "title": "BufferOptions" - }, - "EncryptionAtRestOptions": { - "$ref": "#/definitions/AWS::OSIS::Pipeline.EncryptionAtRestOptions", - "markdownDescription": "Options to control how OpenSearch encrypts buffer data.", - "title": "EncryptionAtRestOptions" + "Description": { + "markdownDescription": "Updates the description for the API key resource.", + "title": "Description", + "type": "string" }, - "LogPublishingOptions": { - "$ref": "#/definitions/AWS::OSIS::Pipeline.LogPublishingOptions", - "markdownDescription": "Key-value pairs that represent log publishing settings.", - "title": "LogPublishingOptions" + "ExpireTime": { + "markdownDescription": "The optional timestamp for when the API key resource will expire in [ISO 8601 format](https://docs.aws.amazon.com/https://www.iso.org/iso-8601-date-and-time-format.html) .", + "title": "ExpireTime", + "type": "string" }, - "MaxUnits": { - "markdownDescription": "The maximum pipeline capacity, in Ingestion Compute Units (ICUs).", - "title": "MaxUnits", - "type": "number" + "ForceDelete": { + "markdownDescription": "ForceDelete bypasses an API key's expiry conditions and deletes the key. Set the parameter `true` to delete the key or to `false` to not preemptively delete the API key.\n\nValid values: `true` , or `false` .\n\n> This action is irreversible. Only use ForceDelete if you are certain the key is no longer in use.", + "title": "ForceDelete", + "type": "boolean" }, - "MinUnits": { - "markdownDescription": "The minimum pipeline capacity, in Ingestion Compute Units (ICUs).", - "title": "MinUnits", - "type": "number" + "ForceUpdate": { + "markdownDescription": "The boolean flag to be included for updating `ExpireTime` or Restrictions details.\nMust be set to `true` to update an API key resource that has been used in the past 7 days. `False` if force update is not preferred.", + "title": "ForceUpdate", + "type": "boolean" }, - "PipelineConfigurationBody": { - "markdownDescription": "The Data Prepper pipeline configuration in YAML format.", - "title": "PipelineConfigurationBody", + "KeyName": { + "markdownDescription": "A custom name for the API key resource.\n\nRequirements:\n\n- Contain only alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139), hyphens (-), periods (.), and underscores (_).\n- Must be a unique API key name.\n- No spaces allowed. For example, `ExampleAPIKey` .", + "title": "KeyName", "type": "string" }, - "PipelineName": { - "markdownDescription": "The name of the pipeline.", - "title": "PipelineName", - "type": "string" + "NoExpiry": { + "markdownDescription": "Whether the API key should expire. Set to `true` to set the API key to have no expiration time.", + "title": "NoExpiry", + "type": "boolean" + }, + "Restrictions": { + "$ref": "#/definitions/AWS::Location::APIKey.ApiKeyRestrictions", + "markdownDescription": "The API key restrictions for the API key resource.", + "title": "Restrictions" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "List of tags to add to the pipeline upon creation.", + "markdownDescription": "Applies one or more tags to the map resource. A tag is a key-value pair that helps manage, identify, search, and filter your resources by labelling them.", "title": "Tags", "type": "array" - }, - "VpcOptions": { - "$ref": "#/definitions/AWS::OSIS::Pipeline.VpcOptions", - "markdownDescription": "Options that specify the subnets and security groups for an OpenSearch Ingestion VPC endpoint.", - "title": "VpcOptions" } }, "required": [ - "MaxUnits", - "MinUnits", - "PipelineConfigurationBody", - "PipelineName" + "KeyName", + "Restrictions" ], "type": "object" }, "Type": { "enum": [ - "AWS::OSIS::Pipeline" + "AWS::Location::APIKey" ], "type": "string" }, @@ -170500,111 +176234,41 @@ ], "type": "object" }, - "AWS::OSIS::Pipeline.BufferOptions": { - "additionalProperties": false, - "properties": { - "PersistentBufferEnabled": { - "markdownDescription": "Whether persistent buffering should be enabled.", - "title": "PersistentBufferEnabled", - "type": "boolean" - } - }, - "required": [ - "PersistentBufferEnabled" - ], - "type": "object" - }, - "AWS::OSIS::Pipeline.CloudWatchLogDestination": { - "additionalProperties": false, - "properties": { - "LogGroup": { - "markdownDescription": "The name of the CloudWatch Logs group to send pipeline logs to. You can specify an existing log group or create a new one. For example, `/aws/vendedlogs/OpenSearchService/pipelines` .", - "title": "LogGroup", - "type": "string" - } - }, - "required": [ - "LogGroup" - ], - "type": "object" - }, - "AWS::OSIS::Pipeline.EncryptionAtRestOptions": { - "additionalProperties": false, - "properties": { - "KmsKeyArn": { - "markdownDescription": "The ARN of the KMS key used to encrypt buffer data. By default, data is encrypted using an AWS owned key.", - "title": "KmsKeyArn", - "type": "string" - } - }, - "required": [ - "KmsKeyArn" - ], - "type": "object" - }, - "AWS::OSIS::Pipeline.LogPublishingOptions": { - "additionalProperties": false, - "properties": { - "CloudWatchLogDestination": { - "$ref": "#/definitions/AWS::OSIS::Pipeline.CloudWatchLogDestination", - "markdownDescription": "The destination for OpenSearch Ingestion logs sent to Amazon CloudWatch Logs. This parameter is required if `IsLoggingEnabled` is set to `true` .", - "title": "CloudWatchLogDestination" - }, - "IsLoggingEnabled": { - "markdownDescription": "Whether logs should be published.", - "title": "IsLoggingEnabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::OSIS::Pipeline.VpcEndpoint": { + "AWS::Location::APIKey.ApiKeyRestrictions": { "additionalProperties": false, "properties": { - "VpcEndpointId": { - "markdownDescription": "The unique identifier of the endpoint.", - "title": "VpcEndpointId", - "type": "string" - }, - "VpcId": { - "markdownDescription": "The ID for your VPC. AWS PrivateLink generates this value when you create a VPC.", - "title": "VpcId", - "type": "string" + "AllowActions": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of allowed actions that an API key resource grants permissions to perform. You must have at least one action for each type of resource. For example, if you have a place resource, you must include at least one place action.\n\nThe following are valid values for the actions.\n\n- *Map actions*\n\n- `geo:GetMap*` - Allows all actions needed for map rendering.\n- *Enhanced Maps actions*\n\n- `geo-maps:GetTile` - Allows getting map tiles for rendering.\n- `geo-maps:GetStaticMap` - Allows getting static map images.\n- *Place actions*\n\n- `geo:SearchPlaceIndexForText` - Allows finding geo coordinates of a known place.\n- `geo:SearchPlaceIndexForPosition` - Allows getting nearest address to geo coordinates.\n- `geo:SearchPlaceIndexForSuggestions` - Allows suggestions based on an incomplete or misspelled query.\n- `geo:GetPlace` - Allows getting details of a place.\n- *Enhanced Places actions*\n\n- `geo-places:Autcomplete` - Allows auto-completion of search text.\n- `geo-places:Geocode` - Allows finding geo coordinates of a known place.\n- `geo-places:GetPlace` - Allows getting details of a place.\n- `geo-places:ReverseGeocode` - Allows getting nearest address to geo coordinates.\n- `geo-places:SearchNearby` - Allows category based places search around geo coordinates.\n- `geo-places:SearchText` - Allows place or address search based on free-form text.\n- `geo-places:Suggest` - Allows suggestions based on an incomplete or misspelled query.\n- *Route actions*\n\n- `geo:CalculateRoute` - Allows point to point routing.\n- `geo:CalculateRouteMatrix` - Allows matrix routing.\n- *Enhanced Routes actions*\n\n- `geo-routes:CalculateIsolines` - Allows isoline calculation.\n- `geo-routes:CalculateRoutes` - Allows point to point routing.\n- `geo-routes:CalculateRouteMatrix` - Allows matrix routing.\n- `geo-routes:OptimizeWaypoints` - Allows computing the best sequence of waypoints.\n- `geo-routes:SnapToRoads` - Allows snapping GPS points to a likely route.\n\n> You must use these strings exactly. For example, to provide access to map rendering, the only valid action is `geo:GetMap*` as an input to the list. `[\"geo:GetMap*\"]` is valid but `[\"geo:GetTile\"]` is not. Similarly, you cannot use `[\"geo:SearchPlaceIndexFor*\"]` - you must list each of the Place actions separately.", + "title": "AllowActions", + "type": "array" }, - "VpcOptions": { - "$ref": "#/definitions/AWS::OSIS::Pipeline.VpcOptions", - "markdownDescription": "Information about the VPC, including associated subnets and security groups.", - "title": "VpcOptions" - } - }, - "type": "object" - }, - "AWS::OSIS::Pipeline.VpcOptions": { - "additionalProperties": false, - "properties": { - "SecurityGroupIds": { + "AllowReferers": { "items": { "type": "string" }, - "markdownDescription": "A list of security groups associated with the VPC endpoint.", - "title": "SecurityGroupIds", + "markdownDescription": "An optional list of allowed HTTP referers for which requests must originate from. Requests using this API key from other domains will not be allowed.\n\nRequirements:\n\n- Contain only alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139) or any symbols in this list `$\\-._+!*`(),;/?:@=&`\n- May contain a percent (%) if followed by 2 hexadecimal digits (A-F, a-f, 0-9); this is used for URL encoding purposes.\n- May contain wildcard characters question mark (?) and asterisk (*).\n\nQuestion mark (?) will replace any single character (including hexadecimal digits).\n\nAsterisk (*) will replace any multiple characters (including multiple hexadecimal digits).\n- No spaces allowed. For example, `https://example.com` .", + "title": "AllowReferers", "type": "array" }, - "SubnetIds": { + "AllowResources": { "items": { "type": "string" }, - "markdownDescription": "A list of subnet IDs associated with the VPC endpoint.", - "title": "SubnetIds", + "markdownDescription": "A list of allowed resource ARNs that a API key bearer can perform actions on.\n\n- The ARN must be the correct ARN for a map, place, or route ARN. You may include wildcards in the resource-id to match multiple resources of the same type.\n- The resources must be in the same `partition` , `region` , and `account-id` as the key that is being created.\n- Other than wildcards, you must include the full ARN, including the `arn` , `partition` , `service` , `region` , `account-id` and `resource-id` delimited by colons (:).\n- No spaces allowed, even with wildcards. For example, `arn:aws:geo:region: *account-id* :map/ExampleMap*` .\n\nFor more information about ARN format, see [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) .", + "title": "AllowResources", "type": "array" } }, "required": [ - "SubnetIds" + "AllowActions", + "AllowResources" ], "type": "object" }, - "AWS::Oam::Link": { + "AWS::Location::GeofenceCollection": { "additionalProperties": false, "properties": { "Condition": { @@ -170639,50 +176303,38 @@ "Properties": { "additionalProperties": false, "properties": { - "LabelTemplate": { - "markdownDescription": "Specify a friendly human-readable name to use to identify this source account when you are viewing data from it in the monitoring account.\n\nYou can include the following variables in your template:\n\n- `$AccountName` is the name of the account\n- `$AccountEmail` is a globally-unique email address, which includes the email domain, such as `mariagarcia@example.com`\n- `$AccountEmailNoDomain` is an email address without the domain name, such as `mariagarcia`\n\n> In the and Regions, the only supported option is to use custom labels, and the `$AccountName` , `$AccountEmail` , and `$AccountEmailNoDomain` variables all resolve as *account-id* instead of the specified variable.", - "title": "LabelTemplate", + "CollectionName": { + "markdownDescription": "A custom name for the geofence collection.\n\nRequirements:\n\n- Contain only alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139), hyphens (-), periods (.), and underscores (_).\n- Must be a unique geofence collection name.\n- No spaces allowed. For example, `ExampleGeofenceCollection` .", + "title": "CollectionName", "type": "string" }, - "LinkConfiguration": { - "$ref": "#/definitions/AWS::Oam::Link.LinkConfiguration", - "markdownDescription": "Use this structure to optionally create filters that specify that only some metric namespaces or log groups are to be shared from the source account to the monitoring account.", - "title": "LinkConfiguration" - }, - "ResourceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of strings that define which types of data that the source account shares with the monitoring account. Valid values are `AWS::CloudWatch::Metric | AWS::Logs::LogGroup | AWS::XRay::Trace | AWS::ApplicationInsights::Application | AWS::InternetMonitor::Monitor` .", - "title": "ResourceTypes", - "type": "array" + "Description": { + "markdownDescription": "An optional description for the geofence collection.", + "title": "Description", + "type": "string" }, - "SinkIdentifier": { - "markdownDescription": "The ARN of the sink in the monitoring account that you want to link to. You can use [ListSinks](https://docs.aws.amazon.com/OAM/latest/APIReference/API_ListSinks.html) to find the ARNs of sinks.", - "title": "SinkIdentifier", + "KmsKeyId": { + "markdownDescription": "A key identifier for an [AWS KMS customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/create-keys.html) . Enter a key ID, key ARN, alias name, or alias ARN.", + "title": "KmsKeyId", "type": "string" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "An array of key-value pairs to apply to the link.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "Applies one or more tags to the geofence collection. A tag is a key-value pair helps manage, identify, search, and filter your resources by labelling them.\n\nFormat: `\"key\" : \"value\"`\n\nRestrictions:\n\n- Maximum 50 tags per resource\n- Each resource tag must be unique with a maximum of one value.\n- Maximum key length: 128 Unicode characters in UTF-8\n- Maximum value length: 256 Unicode characters in UTF-8\n- Can use alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139), and the following characters: + - = . _ : / @.\n- Cannot use \"aws:\" as a prefix for a key.", "title": "Tags", - "type": "object" + "type": "array" } }, "required": [ - "ResourceTypes", - "SinkIdentifier" + "CollectionName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Oam::Link" + "AWS::Location::GeofenceCollection" ], "type": "string" }, @@ -170701,37 +176353,7 @@ ], "type": "object" }, - "AWS::Oam::Link.LinkConfiguration": { - "additionalProperties": false, - "properties": { - "LogGroupConfiguration": { - "$ref": "#/definitions/AWS::Oam::Link.LinkFilter", - "markdownDescription": "Use this structure to filter which log groups are to share log events from this source account to the monitoring account.", - "title": "LogGroupConfiguration" - }, - "MetricConfiguration": { - "$ref": "#/definitions/AWS::Oam::Link.LinkFilter", - "markdownDescription": "Use this structure to filter which metric namespaces are to be shared from the source account to the monitoring account.", - "title": "MetricConfiguration" - } - }, - "type": "object" - }, - "AWS::Oam::Link.LinkFilter": { - "additionalProperties": false, - "properties": { - "Filter": { - "markdownDescription": "When used in `MetricConfiguration` this field specifies which metric namespaces are to be shared with the monitoring account\n\nWhen used in `LogGroupConfiguration` this field specifies which log groups are to share their log events with the monitoring account. Use the term `LogGroupName` and one or more of the following operands.\n\nUse single quotation marks (') around log group names and metric namespaces.\n\nThe matching of log group names and metric namespaces is case sensitive. Each filter has a limit of five conditional operands. Conditional operands are `AND` and `OR` .\n\n- `=` and `!=`\n- `AND`\n- `OR`\n- `LIKE` and `NOT LIKE` . These can be used only as prefix searches. Include a `%` at the end of the string that you want to search for and include.\n- `IN` and `NOT IN` , using parentheses `( )`\n\nExamples:\n\n- `Namespace NOT LIKE 'AWS/%'` includes only namespaces that don't start with `AWS/` , such as custom namespaces.\n- `Namespace IN ('AWS/EC2', 'AWS/ELB', 'AWS/S3')` includes only the metrics in the EC2, Elastic Load Balancing , and Amazon S3 namespaces.\n- `Namespace = 'AWS/EC2' OR Namespace NOT LIKE 'AWS/%'` includes only the EC2 namespace and your custom namespaces.\n- `LogGroupName IN ('This-Log-Group', 'Other-Log-Group')` includes only the log groups with names `This-Log-Group` and `Other-Log-Group` .\n- `LogGroupName NOT IN ('Private-Log-Group', 'Private-Log-Group-2')` includes all log groups except the log groups with names `Private-Log-Group` and `Private-Log-Group-2` .\n- `LogGroupName LIKE 'aws/lambda/%' OR LogGroupName LIKE 'AWSLogs%'` includes all log groups that have names that start with `aws/lambda/` or `AWSLogs` .\n\n> If you are updating a link that uses filters, you can specify `*` as the only value for the `filter` parameter to delete the filter and share all log groups with the monitoring account.", - "title": "Filter", - "type": "string" - } - }, - "required": [ - "Filter" - ], - "type": "object" - }, - "AWS::Oam::Sink": { + "AWS::Location::Map": { "additionalProperties": false, "properties": { "Condition": { @@ -170766,36 +176388,44 @@ "Properties": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "A name for the sink.", - "title": "Name", + "Configuration": { + "$ref": "#/definitions/AWS::Location::Map.MapConfiguration", + "markdownDescription": "Specifies the `MapConfiguration` , including the map style, for the map resource that you create. The map style defines the look of maps and the data provider for your map resource.", + "title": "Configuration" + }, + "Description": { + "markdownDescription": "An optional description for the map resource.", + "title": "Description", "type": "string" }, - "Policy": { - "markdownDescription": "The IAM policy that grants permissions to source accounts to link to this sink. The policy can grant permission in the following ways:\n\n- Include organization IDs or organization paths to permit all accounts in an organization\n- Include account IDs to permit the specified accounts", - "title": "Policy", - "type": "object" + "MapName": { + "markdownDescription": "The name for the map resource.\n\nRequirements:\n\n- Must contain only alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139), hyphens (-), periods (.), and underscores (_).\n- Must be a unique map resource name.\n- No spaces allowed. For example, `ExampleMap` .", + "title": "MapName", + "type": "string" + }, + "PricingPlan": { + "markdownDescription": "No longer used. If included, the only allowed value is `RequestBasedUsage` .\n\n*Allowed Values* : `RequestBasedUsage`", + "title": "PricingPlan", + "type": "string" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "An array of key-value pairs to apply to the sink.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "Applies one or more tags to the map resource. A tag is a key-value pair helps manage, identify, search, and filter your resources by labelling them.\n\nFormat: `\"key\" : \"value\"`\n\nRestrictions:\n\n- Maximum 50 tags per resource\n- Each resource tag must be unique with a maximum of one value.\n- Maximum key length: 128 Unicode characters in UTF-8\n- Maximum value length: 256 Unicode characters in UTF-8\n- Can use alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139), and the following characters: + - = . _ : / @.\n- Cannot use \"aws:\" as a prefix for a key.", "title": "Tags", - "type": "object" + "type": "array" } }, "required": [ - "Name" + "Configuration", + "MapName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Oam::Sink" + "AWS::Location::Map" ], "type": "string" }, @@ -170814,7 +176444,34 @@ ], "type": "object" }, - "AWS::Omics::AnnotationStore": { + "AWS::Location::Map.MapConfiguration": { + "additionalProperties": false, + "properties": { + "CustomLayers": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the custom layers for the style. Leave unset to not enable any custom layer, or, for styles that support custom layers, you can enable layer(s), such as the `POI` layer for the VectorEsriNavigation style.\n\n> Currenlty only `VectorEsriNavigation` supports CustomLayers. For more information, see [Custom Layers](https://docs.aws.amazon.com//location/latest/developerguide/map-concepts.html#map-custom-layers) .", + "title": "CustomLayers", + "type": "array" + }, + "PoliticalView": { + "markdownDescription": "Specifies the map political view selected from an available data provider.", + "title": "PoliticalView", + "type": "string" + }, + "Style": { + "markdownDescription": "Specifies the map style selected from an available data provider.\n\nValid [Esri map styles](https://docs.aws.amazon.com/location/previous/developerguide/esri.html) :\n\n- `VectorEsriDarkGrayCanvas` \u2013 The Esri Dark Gray Canvas map style. A vector basemap with a dark gray, neutral background with minimal colors, labels, and features that's designed to draw attention to your thematic content.\n- `RasterEsriImagery` \u2013 The Esri Imagery map style. A raster basemap that provides one meter or better satellite and aerial imagery in many parts of the world and lower resolution satellite imagery worldwide.\n- `VectorEsriLightGrayCanvas` \u2013 The Esri Light Gray Canvas map style, which provides a detailed vector basemap with a light gray, neutral background style with minimal colors, labels, and features that's designed to draw attention to your thematic content.\n- `VectorEsriTopographic` \u2013 The Esri Light map style, which provides a detailed vector basemap with a classic Esri map style.\n- `VectorEsriStreets` \u2013 The Esri Street Map style, which provides a detailed vector basemap for the world symbolized with a classic Esri street map style. The vector tile layer is similar in content and style to the World Street Map raster map.\n- `VectorEsriNavigation` \u2013 The Esri Navigation map style, which provides a detailed basemap for the world symbolized with a custom navigation map style that's designed for use during the day in mobile devices.\n\nValid [HERE Technologies map styles](https://docs.aws.amazon.com/location/previous/developerguide/HERE.html) :\n\n- `VectorHereContrast` \u2013 The HERE Contrast (Berlin) map style is a high contrast detailed base map of the world that blends 3D and 2D rendering.\n\n> The `VectorHereContrast` style has been renamed from `VectorHereBerlin` . `VectorHereBerlin` has been deprecated, but will continue to work in applications that use it.\n- `VectorHereExplore` \u2013 A default HERE map style containing a neutral, global map and its features including roads, buildings, landmarks, and water features. It also now includes a fully designed map of Japan.\n- `VectorHereExploreTruck` \u2013 A global map containing truck restrictions and attributes (e.g. width / height / HAZMAT) symbolized with highlighted segments and icons on top of HERE Explore to support use cases within transport and logistics.\n- `RasterHereExploreSatellite` \u2013 A global map containing high resolution satellite imagery.\n- `HybridHereExploreSatellite` \u2013 A global map displaying the road network, street names, and city labels over satellite imagery. This style will automatically retrieve both raster and vector tiles, and your charges will be based on total tiles retrieved.\n\n> Hybrid styles use both vector and raster tiles when rendering the map that you see. This means that more tiles are retrieved than when using either vector or raster tiles alone. Your charges will include all tiles retrieved.\n\nValid [GrabMaps map styles](https://docs.aws.amazon.com/location/previous/developerguide/grab.html) :\n\n- `VectorGrabStandardLight` \u2013 The Grab Standard Light map style provides a basemap with detailed land use coloring, area names, roads, landmarks, and points of interest covering Southeast Asia.\n- `VectorGrabStandardDark` \u2013 The Grab Standard Dark map style provides a dark variation of the standard basemap covering Southeast Asia.\n\n> Grab provides maps only for countries in Southeast Asia, and is only available in the Asia Pacific (Singapore) Region ( `ap-southeast-1` ). For more information, see [GrabMaps countries and area covered](https://docs.aws.amazon.com/location/previous/developerguide/grab.html#grab-coverage-area) . \n\nValid [Open Data map styles](https://docs.aws.amazon.com/location/previous/developerguide/open-data.html) :\n\n- `VectorOpenDataStandardLight` \u2013 The Open Data Standard Light map style provides a detailed basemap for the world suitable for website and mobile application use. The map includes highways major roads, minor roads, railways, water features, cities, parks, landmarks, building footprints, and administrative boundaries.\n- `VectorOpenDataStandardDark` \u2013 Open Data Standard Dark is a dark-themed map style that provides a detailed basemap for the world suitable for website and mobile application use. The map includes highways major roads, minor roads, railways, water features, cities, parks, landmarks, building footprints, and administrative boundaries.\n- `VectorOpenDataVisualizationLight` \u2013 The Open Data Visualization Light map style is a light-themed style with muted colors and fewer features that aids in understanding overlaid data.\n- `VectorOpenDataVisualizationDark` \u2013 The Open Data Visualization Dark map style is a dark-themed style with muted colors and fewer features that aids in understanding overlaid data.", + "title": "Style", + "type": "string" + } + }, + "required": [ + "Style" + ], + "type": "object" + }, + "AWS::Location::PlaceIndex": { "additionalProperties": false, "properties": { "Condition": { @@ -170849,57 +176506,49 @@ "Properties": { "additionalProperties": false, "properties": { + "DataSource": { + "markdownDescription": "Specifies the geospatial data provider for the new place index.\n\n> This field is case-sensitive. Enter the valid values as shown. For example, entering `HERE` returns an error. \n\nValid values include:\n\n- `Esri` \u2013 For additional information about [Esri](https://docs.aws.amazon.com/location/previous/developerguide/esri.html) 's coverage in your region of interest, see [Esri details on geocoding coverage](https://docs.aws.amazon.com/https://developers.arcgis.com/rest/geocode/api-reference/geocode-coverage.htm) .\n- `Grab` \u2013 Grab provides place index functionality for Southeast Asia. For additional information about [GrabMaps](https://docs.aws.amazon.com/location/previous/developerguide/grab.html) ' coverage, see [GrabMaps countries and areas covered](https://docs.aws.amazon.com/location/previous/developerguide/grab.html#grab-coverage-area) .\n- `Here` \u2013 For additional information about [HERE Technologies](https://docs.aws.amazon.com/location/previous/developerguide/HERE.html) ' coverage in your region of interest, see [HERE details on goecoding coverage](https://docs.aws.amazon.com/https://developer.here.com/documentation/geocoder/dev_guide/topics/coverage-geocoder.html) .\n\n> If you specify HERE Technologies ( `Here` ) as the data provider, you may not [store results](https://docs.aws.amazon.com//location-places/latest/APIReference/API_DataSourceConfiguration.html) for locations in Japan. For more information, see the [AWS service terms](https://docs.aws.amazon.com/service-terms/) for Amazon Location Service.\n\nFor additional information , see [Data providers](https://docs.aws.amazon.com/location/previous/developerguide/what-is-data-provider.html) on the *Amazon Location Service developer guide* .", + "title": "DataSource", + "type": "string" + }, + "DataSourceConfiguration": { + "$ref": "#/definitions/AWS::Location::PlaceIndex.DataSourceConfiguration", + "markdownDescription": "Specifies the data storage option requesting Places.", + "title": "DataSourceConfiguration" + }, "Description": { - "markdownDescription": "A description for the store.", + "markdownDescription": "The optional description for the place index resource.", "title": "Description", "type": "string" }, - "Name": { - "markdownDescription": "The name of the Annotation Store.", - "title": "Name", + "IndexName": { + "markdownDescription": "The name of the place index resource.\n\nRequirements:\n\n- Contain only alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139), hyphens (-), periods (.), and underscores (_).\n- Must be a unique place index resource name.\n- No spaces allowed. For example, `ExamplePlaceIndex` .", + "title": "IndexName", "type": "string" }, - "Reference": { - "$ref": "#/definitions/AWS::Omics::AnnotationStore.ReferenceItem", - "markdownDescription": "The genome reference for the store's annotations.", - "title": "Reference" - }, - "SseConfig": { - "$ref": "#/definitions/AWS::Omics::AnnotationStore.SseConfig", - "markdownDescription": "The store's server-side encryption (SSE) settings.", - "title": "SseConfig" - }, - "StoreFormat": { - "markdownDescription": "The annotation file format of the store.", - "title": "StoreFormat", + "PricingPlan": { + "markdownDescription": "No longer used. If included, the only allowed value is `RequestBasedUsage` .\n\n*Allowed Values* : `RequestBasedUsage`", + "title": "PricingPlan", "type": "string" }, - "StoreOptions": { - "$ref": "#/definitions/AWS::Omics::AnnotationStore.StoreOptions", - "markdownDescription": "File parsing options for the annotation store.", - "title": "StoreOptions" - }, "Tags": { - "additionalProperties": true, - "markdownDescription": "Tags for the store.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "", "title": "Tags", - "type": "object" + "type": "array" } }, "required": [ - "Name", - "StoreFormat" + "DataSource", + "IndexName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Omics::AnnotationStore" + "AWS::Location::PlaceIndex" ], "type": "string" }, @@ -170918,81 +176567,18 @@ ], "type": "object" }, - "AWS::Omics::AnnotationStore.ReferenceItem": { - "additionalProperties": false, - "properties": { - "ReferenceArn": { - "markdownDescription": "The reference's ARN.", - "title": "ReferenceArn", - "type": "string" - } - }, - "required": [ - "ReferenceArn" - ], - "type": "object" - }, - "AWS::Omics::AnnotationStore.SseConfig": { - "additionalProperties": false, - "properties": { - "KeyArn": { - "markdownDescription": "An encryption key ARN.", - "title": "KeyArn", - "type": "string" - }, - "Type": { - "markdownDescription": "The encryption type.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::Omics::AnnotationStore.StoreOptions": { - "additionalProperties": false, - "properties": { - "TsvStoreOptions": { - "$ref": "#/definitions/AWS::Omics::AnnotationStore.TsvStoreOptions", - "markdownDescription": "Formatting options for a TSV file.", - "title": "TsvStoreOptions" - } - }, - "required": [ - "TsvStoreOptions" - ], - "type": "object" - }, - "AWS::Omics::AnnotationStore.TsvStoreOptions": { + "AWS::Location::PlaceIndex.DataSourceConfiguration": { "additionalProperties": false, "properties": { - "AnnotationType": { - "markdownDescription": "The store's annotation type.", - "title": "AnnotationType", + "IntendedUse": { + "markdownDescription": "Specifies how the results of an operation will be stored by the caller.\n\nValid values include:\n\n- `SingleUse` specifies that the results won't be stored.\n- `Storage` specifies that the result can be cached or stored in a database.\n\nDefault value: `SingleUse`", + "title": "IntendedUse", "type": "string" - }, - "FormatToHeader": { - "additionalProperties": true, - "markdownDescription": "The store's header key to column name mapping.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "FormatToHeader", - "type": "object" - }, - "Schema": { - "markdownDescription": "The schema of an annotation store.", - "title": "Schema", - "type": "object" } }, "type": "object" }, - "AWS::Omics::ReferenceStore": { + "AWS::Location::RouteCalculator": { "additionalProperties": false, "properties": { "Condition": { @@ -171027,41 +176613,44 @@ "Properties": { "additionalProperties": false, "properties": { + "CalculatorName": { + "markdownDescription": "The name of the route calculator resource.\n\nRequirements:\n\n- Can use alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139) , hyphens (-), periods (.), and underscores (_).\n- Must be a unique Route calculator resource name.\n- No spaces allowed. For example, `ExampleRouteCalculator` .", + "title": "CalculatorName", + "type": "string" + }, + "DataSource": { + "markdownDescription": "Specifies the data provider of traffic and road network data.\n\n> This field is case-sensitive. Enter the valid values as shown. For example, entering `HERE` returns an error. \n\nValid values include:\n\n- `Esri` \u2013 For additional information about [Esri](https://docs.aws.amazon.com/location/previous/developerguide/esri.html) 's coverage in your region of interest, see [Esri details on street networks and traffic coverage](https://docs.aws.amazon.com/https://doc.arcgis.com/en/arcgis-online/reference/network-coverage.htm) .\n\nRoute calculators that use Esri as a data source only calculate routes that are shorter than 400 km.\n- `Grab` \u2013 Grab provides routing functionality for Southeast Asia. For additional information about [GrabMaps](https://docs.aws.amazon.com/location/previous/developerguide/grab.html) ' coverage, see [GrabMaps countries and areas covered](https://docs.aws.amazon.com/location/previous/developerguide/grab.html#grab-coverage-area) .\n- `Here` \u2013 For additional information about [HERE Technologies](https://docs.aws.amazon.com/location/previous/developerguide/HERE.html) ' coverage in your region of interest, see [HERE car routing coverage](https://docs.aws.amazon.com/https://developer.here.com/documentation/routing-api/dev_guide/topics/coverage/car-routing.html) and [HERE truck routing coverage](https://docs.aws.amazon.com/https://developer.here.com/documentation/routing-api/dev_guide/topics/coverage/truck-routing.html) .\n\nFor additional information , see [Data providers](https://docs.aws.amazon.com/location/previous/developerguide/what-is-data-provider.html) on the *Amazon Location Service Developer Guide* .", + "title": "DataSource", + "type": "string" + }, "Description": { - "markdownDescription": "A description for the store.", + "markdownDescription": "The optional description for the route calculator resource.", "title": "Description", "type": "string" }, - "Name": { - "markdownDescription": "A name for the store.", - "title": "Name", + "PricingPlan": { + "markdownDescription": "No longer used. If included, the only allowed value is `RequestBasedUsage` .\n\n*Allowed Values* : `RequestBasedUsage`", + "title": "PricingPlan", "type": "string" }, - "SseConfig": { - "$ref": "#/definitions/AWS::Omics::ReferenceStore.SseConfig", - "markdownDescription": "Server-side encryption (SSE) settings for the store.", - "title": "SseConfig" - }, "Tags": { - "additionalProperties": true, - "markdownDescription": "Tags for the store.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "", "title": "Tags", - "type": "object" + "type": "array" } }, "required": [ - "Name" + "CalculatorName", + "DataSource" ], "type": "object" }, "Type": { "enum": [ - "AWS::Omics::ReferenceStore" + "AWS::Location::RouteCalculator" ], "type": "string" }, @@ -171080,26 +176669,7 @@ ], "type": "object" }, - "AWS::Omics::ReferenceStore.SseConfig": { - "additionalProperties": false, - "properties": { - "KeyArn": { - "markdownDescription": "An encryption key ARN.", - "title": "KeyArn", - "type": "string" - }, - "Type": { - "markdownDescription": "The encryption type.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::Omics::RunGroup": { + "AWS::Location::Tracker": { "additionalProperties": false, "properties": { "Condition": { @@ -171134,48 +176704,53 @@ "Properties": { "additionalProperties": false, "properties": { - "MaxCpus": { - "markdownDescription": "The group's maximum CPU count setting.", - "title": "MaxCpus", - "type": "number" + "Description": { + "markdownDescription": "An optional description for the tracker resource.", + "title": "Description", + "type": "string" }, - "MaxDuration": { - "markdownDescription": "The group's maximum duration setting in minutes.", - "title": "MaxDuration", - "type": "number" + "EventBridgeEnabled": { + "markdownDescription": "", + "title": "EventBridgeEnabled", + "type": "boolean" }, - "MaxGpus": { - "markdownDescription": "The maximum GPUs that can be used by a run group.", - "title": "MaxGpus", - "type": "number" + "KmsKeyEnableGeospatialQueries": { + "markdownDescription": "", + "title": "KmsKeyEnableGeospatialQueries", + "type": "boolean" }, - "MaxRuns": { - "markdownDescription": "The group's maximum concurrent run setting.", - "title": "MaxRuns", - "type": "number" + "KmsKeyId": { + "markdownDescription": "A key identifier for an [AWS KMS customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/create-keys.html) . Enter a key ID, key ARN, alias name, or alias ARN.", + "title": "KmsKeyId", + "type": "string" }, - "Name": { - "markdownDescription": "The group's name.", - "title": "Name", + "PositionFiltering": { + "markdownDescription": "Specifies the position filtering for the tracker resource.\n\nValid values:\n\n- `TimeBased` - Location updates are evaluated against linked geofence collections, but not every location update is stored. If your update frequency is more often than 30 seconds, only one update per 30 seconds is stored for each unique device ID.\n- `DistanceBased` - If the device has moved less than 30 m (98.4 ft), location updates are ignored. Location updates within this area are neither evaluated against linked geofence collections, nor stored. This helps control costs by reducing the number of geofence evaluations and historical device positions to paginate through. Distance-based filtering can also reduce the effects of GPS noise when displaying device trajectories on a map.\n- `AccuracyBased` - If the device has moved less than the measured accuracy, location updates are ignored. For example, if two consecutive updates from a device have a horizontal accuracy of 5 m and 10 m, the second update is ignored if the device has moved less than 15 m. Ignored location updates are neither evaluated against linked geofence collections, nor stored. This can reduce the effects of GPS noise when displaying device trajectories on a map, and can help control your costs by reducing the number of geofence evaluations.\n\nThis field is optional. If not specified, the default value is `TimeBased` .", + "title": "PositionFiltering", "type": "string" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "Tags for the group.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "", "title": "Tags", - "type": "object" + "type": "array" + }, + "TrackerName": { + "markdownDescription": "The name for the tracker resource.\n\nRequirements:\n\n- Contain only alphanumeric characters (A-Z, a-z, 0-9) , hyphens (-), periods (.), and underscores (_).\n- Must be a unique tracker resource name.\n- No spaces allowed. For example, `ExampleTracker` .", + "title": "TrackerName", + "type": "string" } }, + "required": [ + "TrackerName" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Omics::RunGroup" + "AWS::Location::Tracker" ], "type": "string" }, @@ -171189,11 +176764,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Omics::SequenceStore": { + "AWS::Location::TrackerConsumer": { "additionalProperties": false, "properties": { "Condition": { @@ -171228,46 +176804,26 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description for the store.", - "title": "Description", - "type": "string" - }, - "FallbackLocation": { - "markdownDescription": "An S3 location that is used to store files that have failed a direct upload.", - "title": "FallbackLocation", + "ConsumerArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the geofence collection to be associated to tracker resource. Used when you need to specify a resource across all AWS .\n\n- Format example: `arn:aws:geo:region:account-id:geofence-collection/ExampleGeofenceCollectionConsumer`", + "title": "ConsumerArn", "type": "string" }, - "Name": { - "markdownDescription": "A name for the store.", - "title": "Name", + "TrackerName": { + "markdownDescription": "The name for the tracker resource.\n\nRequirements:\n\n- Contain only alphanumeric characters (A-Z, a-z, 0-9) , hyphens (-), periods (.), and underscores (_).\n- Must be a unique tracker resource name.\n- No spaces allowed. For example, `ExampleTracker` .", + "title": "TrackerName", "type": "string" - }, - "SseConfig": { - "$ref": "#/definitions/AWS::Omics::SequenceStore.SseConfig", - "markdownDescription": "Server-side encryption (SSE) settings for the store.", - "title": "SseConfig" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Tags for the store.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" } }, "required": [ - "Name" + "ConsumerArn", + "TrackerName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Omics::SequenceStore" + "AWS::Location::TrackerConsumer" ], "type": "string" }, @@ -171286,26 +176842,7 @@ ], "type": "object" }, - "AWS::Omics::SequenceStore.SseConfig": { - "additionalProperties": false, - "properties": { - "KeyArn": { - "markdownDescription": "An encryption key ARN.", - "title": "KeyArn", - "type": "string" - }, - "Type": { - "markdownDescription": "The encryption type.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::Omics::VariantStore": { + "AWS::Logs::AccountPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -171340,47 +176877,42 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description for the store.", - "title": "Description", + "PolicyDocument": { + "markdownDescription": "Specify the policy, in JSON.\n\n*Data protection policy*\n\nA data protection policy must include two JSON blocks:\n\n- The first block must include both a `DataIdentifer` array and an `Operation` property with an `Audit` action. The `DataIdentifer` array lists the types of sensitive data that you want to mask. For more information about the available options, see [Types of data that you can mask](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/mask-sensitive-log-data-types.html) .\n\nThe `Operation` property with an `Audit` action is required to find the sensitive data terms. This `Audit` action must contain a `FindingsDestination` object. You can optionally use that `FindingsDestination` object to list one or more destinations to send audit findings to. If you specify destinations such as log groups, Firehose streams, and S3 buckets, they must already exist.\n- The second block must include both a `DataIdentifer` array and an `Operation` property with an `Deidentify` action. The `DataIdentifer` array must exactly match the `DataIdentifer` array in the first block of the policy.\n\nThe `Operation` property with the `Deidentify` action is what actually masks the data, and it must contain the `\"MaskConfig\": {}` object. The `\"MaskConfig\": {}` object must be empty.\n\n> The contents of the two `DataIdentifer` arrays must match exactly. \n\nIn addition to the two JSON blocks, the `policyDocument` can also include `Name` , `Description` , and `Version` fields. The `Name` is different than the operation's `policyName` parameter, and is used as a dimension when CloudWatch Logs reports audit findings metrics to CloudWatch .\n\nThe JSON specified in `policyDocument` can be up to 30,720 characters long.\n\n*Subscription filter policy*\n\nA subscription filter policy can include the following attributes in a JSON block:\n\n- *DestinationArn* The ARN of the destination to deliver log events to. Supported destinations are:\n\n- An Kinesis Data Streams data stream in the same account as the subscription policy, for same-account delivery.\n- An Firehose data stream in the same account as the subscription policy, for same-account delivery.\n- A Lambda function in the same account as the subscription policy, for same-account delivery.\n- A logical destination in a different account created with [PutDestination](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDestination.html) , for cross-account delivery. Kinesis Data Streams and Firehose are supported as logical destinations.\n- *RoleArn* The ARN of an IAM role that grants CloudWatch Logs permissions to deliver ingested log events to the destination stream. You don't need to provide the ARN when you are working with a logical destination for cross-account delivery.\n- *FilterPattern* A filter pattern for subscribing to a filtered stream of log events.\n- *Distribution* The method used to distribute log data to the destination. By default, log data is grouped by log stream, but the grouping can be set to `Random` for a more even distribution. This property is only applicable when the destination is an Kinesis Data Streams data stream.\n\n*Field index policy*\n\nA field index filter policy can include the following attribute in a JSON block:\n\n- *Fields* The array of field indexes to create.\n\nThe following is an example of an index policy document that creates two indexes, `RequestId` and `TransactionId` .\n\n`\"policyDocument\": \"{ \\\"Fields\\\": [ \\\"RequestId\\\", \\\"TransactionId\\\" ] }\"`\n\n*Transformer policy*\n\nA transformer policy must include one JSON block with the array of processors and their configurations. For more information about available processors, see [Processors that you can use](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-Processors) .", + "title": "PolicyDocument", "type": "string" }, - "Name": { - "markdownDescription": "A name for the store.", - "title": "Name", + "PolicyName": { + "markdownDescription": "A name for the policy. This must be unique within the account.", + "title": "PolicyName", "type": "string" }, - "Reference": { - "$ref": "#/definitions/AWS::Omics::VariantStore.ReferenceItem", - "markdownDescription": "The genome reference for the store's variants.", - "title": "Reference" + "PolicyType": { + "markdownDescription": "The type of policy that you're creating or updating.", + "title": "PolicyType", + "type": "string" }, - "SseConfig": { - "$ref": "#/definitions/AWS::Omics::VariantStore.SseConfig", - "markdownDescription": "Server-side encryption (SSE) settings for the store.", - "title": "SseConfig" + "Scope": { + "markdownDescription": "Currently the only valid value for this parameter is `ALL` , which specifies that the policy applies to all log groups in the account. If you omit this parameter, the default of `ALL` is used. To scope down a subscription filter policy to a subset of log groups, use the `SelectionCriteria` parameter.", + "title": "Scope", + "type": "string" }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Tags for the store.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" + "SelectionCriteria": { + "markdownDescription": "Use this parameter to apply the new policy to a subset of log groups in the account.\n\nYou need to specify `SelectionCriteria` only when you specify `SUBSCRIPTION_FILTER_POLICY` , `FIELD_INDEX_POLICY` or `TRANSFORMER_POLICY` for `PolicyType` .\n\nIf `PolicyType` is `SUBSCRIPTION_FILTER_POLICY` , the only supported `SelectionCriteria` filter is `LogGroupName NOT IN []`\n\nIf `PolicyType` is `FIELD_INDEX_POLICY` or `TRANSFORMER_POLICY` , the only supported `SelectionCriteria` filter is `LogGroupNamePrefix`\n\nThe `SelectionCriteria` string can be up to 25KB in length. The length is determined by using its UTF-8 bytes.\n\nUsing the `SelectionCriteria` parameter with `SUBSCRIPTION_FILTER_POLICY` is useful to help prevent infinite loops. For more information, see [Log recursion prevention](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/Subscriptions-recursion-prevention.html) .", + "title": "SelectionCriteria", + "type": "string" } }, "required": [ - "Name", - "Reference" + "PolicyDocument", + "PolicyName", + "PolicyType" ], "type": "object" }, "Type": { "enum": [ - "AWS::Omics::VariantStore" + "AWS::Logs::AccountPolicy" ], "type": "string" }, @@ -171399,40 +176931,7 @@ ], "type": "object" }, - "AWS::Omics::VariantStore.ReferenceItem": { - "additionalProperties": false, - "properties": { - "ReferenceArn": { - "markdownDescription": "The reference's ARN.", - "title": "ReferenceArn", - "type": "string" - } - }, - "required": [ - "ReferenceArn" - ], - "type": "object" - }, - "AWS::Omics::VariantStore.SseConfig": { - "additionalProperties": false, - "properties": { - "KeyArn": { - "markdownDescription": "An encryption key ARN.", - "title": "KeyArn", - "type": "string" - }, - "Type": { - "markdownDescription": "The encryption type.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::Omics::Workflow": { + "AWS::Logs::Delivery": { "additionalProperties": false, "properties": { "Condition": { @@ -171467,69 +176966,57 @@ "Properties": { "additionalProperties": false, "properties": { - "Accelerators": { - "markdownDescription": "", - "title": "Accelerators", + "DeliveryDestinationArn": { + "markdownDescription": "The ARN of the delivery destination that is associated with this delivery.", + "title": "DeliveryDestinationArn", "type": "string" }, - "DefinitionUri": { - "markdownDescription": "The URI of a definition for the workflow.", - "title": "DefinitionUri", + "DeliverySourceName": { + "markdownDescription": "The name of the delivery source that is associated with this delivery.", + "title": "DeliverySourceName", "type": "string" }, - "Description": { - "markdownDescription": "The parameter's description.", - "title": "Description", + "FieldDelimiter": { + "markdownDescription": "The field delimiter that is used between record fields when the final output format of a delivery is in `Plain` , `W3C` , or `Raw` format.", + "title": "FieldDelimiter", "type": "string" }, - "Engine": { - "markdownDescription": "An engine for the workflow.", - "title": "Engine", - "type": "string" + "RecordFields": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of record fields to be delivered to the destination, in order. If the delivery's log source has mandatory fields, they must be included in this list.", + "title": "RecordFields", + "type": "array" }, - "Main": { - "markdownDescription": "The path of the main definition file for the workflow.", - "title": "Main", - "type": "string" + "S3EnableHiveCompatiblePath": { + "markdownDescription": "Use this parameter to cause the S3 objects that contain delivered logs to use a prefix structure that allows for integration with Apache Hive.", + "title": "S3EnableHiveCompatiblePath", + "type": "boolean" }, - "Name": { - "markdownDescription": "The workflow's name.", - "title": "Name", + "S3SuffixPath": { + "markdownDescription": "Use this to reconfigure the S3 object prefix to contain either static or variable sections. The valid variables to use in the suffix path will vary by each log source. To find the values supported for the suffix path for each log source, use the [DescribeConfigurationTemplates](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DescribeConfigurationTemplates.html) operation and check the `allowedSuffixPathFields` field in the response.", + "title": "S3SuffixPath", "type": "string" }, - "ParameterTemplate": { - "additionalProperties": false, - "markdownDescription": "The workflow's parameter template.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::Omics::Workflow.WorkflowParameter" - } - }, - "title": "ParameterTemplate", - "type": "object" - }, - "StorageCapacity": { - "markdownDescription": "The default static storage capacity (in gibibytes) for runs that use this workflow or workflow version.", - "title": "StorageCapacity", - "type": "number" - }, "Tags": { - "additionalProperties": true, - "markdownDescription": "Tags for the workflow.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "An array of key-value pairs to apply to the delivery.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", - "type": "object" + "type": "array" } }, + "required": [ + "DeliveryDestinationArn", + "DeliverySourceName" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Omics::Workflow" + "AWS::Logs::Delivery" ], "type": "string" }, @@ -171543,27 +177030,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Omics::Workflow.WorkflowParameter": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The parameter's description.", - "title": "Description", - "type": "string" - }, - "Optional": { - "markdownDescription": "Whether the parameter is optional.", - "title": "Optional", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::OpenSearchServerless::AccessPolicy": { + "AWS::Logs::DeliveryDestination": { "additionalProperties": false, "properties": { "Condition": { @@ -171598,37 +177070,43 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the policy.", - "title": "Description", + "DeliveryDestinationPolicy": { + "$ref": "#/definitions/AWS::Logs::DeliveryDestination.DestinationPolicy", + "markdownDescription": "An IAM policy that grants permissions to CloudWatch Logs to deliver logs cross-account to a specified destination in this account. For examples of this policy, see [Examples](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDeliveryDestinationPolicy.html#API_PutDeliveryDestinationPolicy_Examples) in the CloudWatch Logs API Reference.", + "title": "DeliveryDestinationPolicy" + }, + "DestinationResourceArn": { + "markdownDescription": "The ARN of the AWS destination that this delivery destination represents. That AWS destination can be a log group in CloudWatch Logs , an Amazon S3 bucket, or a Firehose stream.", + "title": "DestinationResourceArn", "type": "string" }, "Name": { - "markdownDescription": "The name of the policy.", + "markdownDescription": "The name of this delivery destination.", "title": "Name", "type": "string" }, - "Policy": { - "markdownDescription": "The JSON policy document without any whitespaces.", - "title": "Policy", + "OutputFormat": { + "markdownDescription": "The format of the logs that are sent to this delivery destination.", + "title": "OutputFormat", "type": "string" }, - "Type": { - "markdownDescription": "The type of access policy. Currently the only option is `data` .", - "title": "Type", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to the delivery destination.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, "required": [ - "Name", - "Policy", - "Type" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::OpenSearchServerless::AccessPolicy" + "AWS::Logs::DeliveryDestination" ], "type": "string" }, @@ -171647,7 +177125,23 @@ ], "type": "object" }, - "AWS::OpenSearchServerless::Collection": { + "AWS::Logs::DeliveryDestination.DestinationPolicy": { + "additionalProperties": false, + "properties": { + "DeliveryDestinationName": { + "markdownDescription": "", + "title": "DeliveryDestinationName", + "type": "string" + }, + "DeliveryDestinationPolicy": { + "markdownDescription": "", + "title": "DeliveryDestinationPolicy", + "type": "object" + } + }, + "type": "object" + }, + "AWS::Logs::DeliverySource": { "additionalProperties": false, "properties": { "Condition": { @@ -171682,33 +177176,28 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the collection.", - "title": "Description", + "LogType": { + "markdownDescription": "The type of log that the source is sending. For valid values for this parameter, see the documentation for the source service.", + "title": "LogType", "type": "string" }, "Name": { - "markdownDescription": "The name of the collection.\n\nCollection names must meet the following criteria:\n\n- Starts with a lowercase letter\n- Unique to your account and AWS Region\n- Contains between 3 and 28 characters\n- Contains only lowercase letters a-z, the numbers 0-9, and the hyphen (-)", + "markdownDescription": "The unique name of the delivery source.", "title": "Name", "type": "string" }, - "StandbyReplicas": { - "markdownDescription": "Indicates whether to use standby replicas for the collection. You can't update this property after the collection is already created. If you attempt to modify this property, the collection continues to use the original value.", - "title": "StandbyReplicas", + "ResourceArn": { + "markdownDescription": "The ARN of the AWS resource that is generating and sending logs. For example, `arn:aws:workmail:us-east-1:123456789012:organization/m-1234EXAMPLEabcd1234abcd1234abcd1234`", + "title": "ResourceArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An arbitrary set of tags (key\u2013value pairs) to associate with the collection.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "An array of key-value pairs to apply to the delivery source.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" - }, - "Type": { - "markdownDescription": "The type of collection. Possible values are `SEARCH` , `TIMESERIES` , and `VECTORSEARCH` . For more information, see [Choosing a collection type](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/serverless-overview.html#serverless-usecase) .", - "title": "Type", - "type": "string" } }, "required": [ @@ -171718,7 +177207,7 @@ }, "Type": { "enum": [ - "AWS::OpenSearchServerless::Collection" + "AWS::Logs::DeliverySource" ], "type": "string" }, @@ -171737,7 +177226,7 @@ ], "type": "object" }, - "AWS::OpenSearchServerless::LifecyclePolicy": { + "AWS::Logs::Destination": { "additionalProperties": false, "properties": { "Condition": { @@ -171772,37 +177261,37 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the lifecycle policy.", - "title": "Description", + "DestinationName": { + "markdownDescription": "The name of the destination.", + "title": "DestinationName", "type": "string" }, - "Name": { - "markdownDescription": "The name of the lifecycle policy.", - "title": "Name", + "DestinationPolicy": { + "markdownDescription": "An IAM policy document that governs which AWS accounts can create subscription filters against this destination.", + "title": "DestinationPolicy", "type": "string" }, - "Policy": { - "markdownDescription": "The JSON policy document without any whitespaces.", - "title": "Policy", + "RoleArn": { + "markdownDescription": "The ARN of an IAM role that permits CloudWatch Logs to send data to the specified AWS resource.", + "title": "RoleArn", "type": "string" }, - "Type": { - "markdownDescription": "The type of lifecycle policy.", - "title": "Type", + "TargetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the physical target where the log events are delivered (for example, a Kinesis stream).", + "title": "TargetArn", "type": "string" } }, "required": [ - "Name", - "Policy", - "Type" + "DestinationName", + "RoleArn", + "TargetArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::OpenSearchServerless::LifecyclePolicy" + "AWS::Logs::Destination" ], "type": "string" }, @@ -171821,7 +177310,7 @@ ], "type": "object" }, - "AWS::OpenSearchServerless::SecurityConfig": { + "AWS::Logs::Integration": { "additionalProperties": false, "properties": { "Condition": { @@ -171856,32 +177345,32 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the security configuration.", - "title": "Description", + "IntegrationName": { + "markdownDescription": "The name of this integration.", + "title": "IntegrationName", "type": "string" }, - "Name": { - "markdownDescription": "The name of the security configuration.", - "title": "Name", + "IntegrationType": { + "markdownDescription": "The type of integration. Integrations with OpenSearch Service have the type `OPENSEARCH` .", + "title": "IntegrationType", "type": "string" }, - "SamlOptions": { - "$ref": "#/definitions/AWS::OpenSearchServerless::SecurityConfig.SamlConfigOptions", - "markdownDescription": "SAML options for the security configuration in the form of a key-value map.", - "title": "SamlOptions" - }, - "Type": { - "markdownDescription": "The type of security configuration. Currently the only option is `saml` .", - "title": "Type", - "type": "string" + "ResourceConfig": { + "$ref": "#/definitions/AWS::Logs::Integration.ResourceConfig", + "markdownDescription": "This structure contains configuration details about an integration between CloudWatch Logs and another entity.", + "title": "ResourceConfig" } }, + "required": [ + "IntegrationName", + "IntegrationType", + "ResourceConfig" + ], "type": "object" }, "Type": { "enum": [ - "AWS::OpenSearchServerless::SecurityConfig" + "AWS::Logs::Integration" ], "type": "string" }, @@ -171895,40 +177384,61 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::OpenSearchServerless::SecurityConfig.SamlConfigOptions": { + "AWS::Logs::Integration.OpenSearchResourceConfig": { "additionalProperties": false, "properties": { - "GroupAttribute": { - "markdownDescription": "The group attribute for this SAML integration.", - "title": "GroupAttribute", + "ApplicationARN": { + "markdownDescription": "If you want to use an existing OpenSearch Service application for your integration with OpenSearch Service, specify it here. If you omit this, a new application will be created.", + "title": "ApplicationARN", "type": "string" }, - "Metadata": { - "markdownDescription": "The XML IdP metadata file generated from your identity provider.", - "title": "Metadata", - "type": "string" + "DashboardViewerPrincipals": { + "items": { + "type": "string" + }, + "markdownDescription": "Specify the ARNs of IAM roles and IAM users who you want to grant permission to for viewing the dashboards.\n\n> In addition to specifying these users here, you must also grant them the *CloudWatchOpenSearchDashboardAccess* IAM policy. For more information, see [IAM policies for users](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/OpenSearch-Dashboards-UserRoles.html) .", + "title": "DashboardViewerPrincipals", + "type": "array" }, - "SessionTimeout": { - "markdownDescription": "The session timeout, in minutes. Default is 60 minutes (12 hours).", - "title": "SessionTimeout", - "type": "number" + "DataSourceRoleArn": { + "markdownDescription": "Specify the ARN of an IAM role that CloudWatch Logs will use to create the integration. This role must have the permissions necessary to access the OpenSearch Service collection to be able to create the dashboards. For more information about the permissions needed, see [Permissions that the integration needs](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/OpenSearch-Dashboards-CreateRole.html) in the CloudWatch Logs User Guide.", + "title": "DataSourceRoleArn", + "type": "string" }, - "UserAttribute": { - "markdownDescription": "A user attribute for this SAML integration.", - "title": "UserAttribute", + "KmsKeyArn": { + "markdownDescription": "To have the vended dashboard data encrypted with AWS KMS instead of the CloudWatch Logs default encryption method, specify the ARN of the AWS KMS key that you want to use.", + "title": "KmsKeyArn", "type": "string" + }, + "RetentionDays": { + "markdownDescription": "Specify how many days that you want the data derived by OpenSearch Service to be retained in the index that the dashboard refers to. This also sets the maximum time period that you can choose when viewing data in the dashboard. Choosing a longer time frame will incur additional costs.", + "title": "RetentionDays", + "type": "number" } }, "required": [ - "Metadata" + "DashboardViewerPrincipals", + "DataSourceRoleArn" ], "type": "object" }, - "AWS::OpenSearchServerless::SecurityPolicy": { + "AWS::Logs::Integration.ResourceConfig": { + "additionalProperties": false, + "properties": { + "OpenSearchResourceConfig": { + "$ref": "#/definitions/AWS::Logs::Integration.OpenSearchResourceConfig", + "markdownDescription": "This structure contains configuration details about an integration between CloudWatch Logs and OpenSearch Service.", + "title": "OpenSearchResourceConfig" + } + }, + "type": "object" + }, + "AWS::Logs::LogAnomalyDetector": { "additionalProperties": false, "properties": { "Condition": { @@ -171963,37 +177473,50 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the security policy.", - "title": "Description", + "AccountId": { + "markdownDescription": "The ID of the account to create the anomaly detector in.", + "title": "AccountId", "type": "string" }, - "Name": { - "markdownDescription": "The name of the policy.", - "title": "Name", + "AnomalyVisibilityTime": { + "markdownDescription": "The number of days to have visibility on an anomaly. After this time period has elapsed for an anomaly, it will be automatically baselined and the anomaly detector will treat new occurrences of a similar anomaly as normal. Therefore, if you do not correct the cause of an anomaly during the time period specified in `AnomalyVisibilityTime` , it will be considered normal going forward and will not be detected as an anomaly.", + "title": "AnomalyVisibilityTime", + "type": "number" + }, + "DetectorName": { + "markdownDescription": "A name for this anomaly detector.", + "title": "DetectorName", "type": "string" }, - "Policy": { - "markdownDescription": "The JSON policy document without any whitespaces.", - "title": "Policy", + "EvaluationFrequency": { + "markdownDescription": "Specifies how often the anomaly detector is to run and look for anomalies. Set this value according to the frequency that the log group receives new logs. For example, if the log group receives new log events every 10 minutes, then 15 minutes might be a good setting for `EvaluationFrequency` .", + "title": "EvaluationFrequency", "type": "string" }, - "Type": { - "markdownDescription": "The type of security policy. Can be either `encryption` or `network` .", - "title": "Type", + "FilterPattern": { + "markdownDescription": "You can use this parameter to limit the anomaly detection model to examine only log events that match the pattern you specify here. For more information, see [Filter and Pattern Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html) .", + "title": "FilterPattern", + "type": "string" + }, + "KmsKeyId": { + "markdownDescription": "Optionally assigns a AWS KMS key to secure this anomaly detector and its findings. If a key is assigned, the anomalies found and the model used by this detector are encrypted at rest with the key. If a key is assigned to an anomaly detector, a user must have permissions for both this key and for the anomaly detector to retrieve information about the anomalies that it finds.\n\nFor more information about using a AWS KMS key and to see the required IAM policy, see [Use a AWS KMS key with an anomaly detector](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/LogsAnomalyDetection-KMS.html) .", + "title": "KmsKeyId", "type": "string" + }, + "LogGroupArnList": { + "items": { + "type": "string" + }, + "markdownDescription": "The ARN of the log group that is associated with this anomaly detector. You can specify only one log group ARN.", + "title": "LogGroupArnList", + "type": "array" } }, - "required": [ - "Name", - "Policy", - "Type" - ], "type": "object" }, "Type": { "enum": [ - "AWS::OpenSearchServerless::SecurityPolicy" + "AWS::Logs::LogAnomalyDetector" ], "type": "string" }, @@ -172007,12 +177530,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::OpenSearchServerless::VpcEndpoint": { + "AWS::Logs::LogGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -172047,43 +177569,53 @@ "Properties": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the endpoint.", - "title": "Name", - "type": "string" + "DataProtectionPolicy": { + "markdownDescription": "Creates a data protection policy and assigns it to the log group. A data protection policy can help safeguard sensitive data that's ingested by the log group by auditing and masking the sensitive log data. When a user who does not have permission to view masked data views a log event that includes masked data, the sensitive data is replaced by asterisks.\n\nFor more information, including a list of types of data that can be audited and masked, see [Protect sensitive log data with masking](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/mask-sensitive-log-data.html) .", + "title": "DataProtectionPolicy", + "type": "object" }, - "SecurityGroupIds": { + "FieldIndexPolicies": { "items": { - "type": "string" + "type": "object" }, - "markdownDescription": "The unique identifiers of the security groups that define the ports, protocols, and sources for inbound traffic that you are authorizing into your endpoint.", - "title": "SecurityGroupIds", + "markdownDescription": "Creates or updates a *field index policy* for the specified log group. Only log groups in the Standard log class support field index policies. For more information about log classes, see [Log classes](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch_Logs_Log_Classes.html) .\n\nYou can use field index policies to create *field indexes* on fields found in log events in the log group. Creating field indexes lowers the costs for CloudWatch Logs Insights queries that reference those field indexes, because these queries attempt to skip the processing of log events that are known to not match the indexed field. Good fields to index are fields that you often need to query for and fields that have high cardinality of values Common examples of indexes include request ID, session ID, userID, and instance IDs. For more information, see [Create field indexes to improve query performance and reduce costs](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatchLogs-Field-Indexing.html) .\n\nCurrently, this array supports only one field index policy object.", + "title": "FieldIndexPolicies", "type": "array" }, - "SubnetIds": { + "KmsKeyId": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key to use when encrypting log data.\n\nTo associate an AWS KMS key with the log group, specify the ARN of that KMS key here. If you do so, ingested data is encrypted using this key. This association is stored as long as the data encrypted with the KMS key is still within CloudWatch Logs . This enables CloudWatch Logs to decrypt this data whenever it is requested.\n\nIf you attempt to associate a KMS key with the log group but the KMS key doesn't exist or is deactivated, you will receive an `InvalidParameterException` error.\n\nLog group data is always encrypted in CloudWatch Logs . If you omit this key, the encryption does not use AWS KMS . For more information, see [Encrypt log data in CloudWatch Logs using AWS Key Management Service](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/encrypt-log-data-kms.html)", + "title": "KmsKeyId", + "type": "string" + }, + "LogGroupClass": { + "markdownDescription": "Specifies the log group class for this log group. There are two classes:\n\n- The `Standard` log class supports all CloudWatch Logs features.\n- The `Infrequent Access` log class supports a subset of CloudWatch Logs features and incurs lower costs.\n\nFor details about the features supported by each class, see [Log classes](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch_Logs_Log_Classes.html)", + "title": "LogGroupClass", + "type": "string" + }, + "LogGroupName": { + "markdownDescription": "The name of the log group. If you don't specify a name, AWS CloudFormation generates a unique ID for the log group.", + "title": "LogGroupName", + "type": "string" + }, + "RetentionInDays": { + "markdownDescription": "The number of days to retain the log events in the specified log group. Possible values are: 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1096, 1827, 2192, 2557, 2922, 3288, and 3653.\n\nTo set a log group so that its log events do not expire, use [DeleteRetentionPolicy](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DeleteRetentionPolicy.html) .", + "title": "RetentionInDays", + "type": "number" + }, + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The ID of the subnets from which you access OpenSearch Serverless.", - "title": "SubnetIds", + "markdownDescription": "An array of key-value pairs to apply to the log group.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", "type": "array" - }, - "VpcId": { - "markdownDescription": "The ID of the VPC from which you access OpenSearch Serverless.", - "title": "VpcId", - "type": "string" } }, - "required": [ - "Name", - "SubnetIds", - "VpcId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::OpenSearchServerless::VpcEndpoint" + "AWS::Logs::LogGroup" ], "type": "string" }, @@ -172097,12 +177629,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::OpenSearchService::Domain": { + "AWS::Logs::LogStream": { "additionalProperties": false, "properties": { "Condition": { @@ -172137,117 +177668,25 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessPolicies": { - "markdownDescription": "An AWS Identity and Access Management ( IAM ) policy document that specifies who can access the OpenSearch Service domain and their permissions. For more information, see [Configuring access policies](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ac.html#ac-creating) in the *Amazon OpenSearch Service Developer Guide* .", - "title": "AccessPolicies", - "type": "object" - }, - "AdvancedOptions": { - "additionalProperties": true, - "markdownDescription": "Additional options to specify for the OpenSearch Service domain. For more information, see [AdvancedOptions](https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_CreateDomain.html#API_CreateDomain_RequestBody) in the OpenSearch Service API reference.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "AdvancedOptions", - "type": "object" - }, - "AdvancedSecurityOptions": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.AdvancedSecurityOptionsInput", - "markdownDescription": "Specifies options for fine-grained access control and SAML authentication.\n\nIf you specify advanced security options, you must also enable node-to-node encryption ( [NodeToNodeEncryptionOptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-nodetonodeencryptionoptions.html) ) and encryption at rest ( [EncryptionAtRestOptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-encryptionatrestoptions.html) ). You must also enable `EnforceHTTPS` within [DomainEndpointOptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-domainendpointoptions.html) , which requires HTTPS for all traffic to the domain.", - "title": "AdvancedSecurityOptions" - }, - "ClusterConfig": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.ClusterConfig", - "markdownDescription": "Container for the cluster configuration of a domain.", - "title": "ClusterConfig" - }, - "CognitoOptions": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.CognitoOptions", - "markdownDescription": "Configures OpenSearch Service to use Amazon Cognito authentication for OpenSearch Dashboards.", - "title": "CognitoOptions" - }, - "DomainEndpointOptions": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.DomainEndpointOptions", - "markdownDescription": "Specifies additional options for the domain endpoint, such as whether to require HTTPS for all traffic or whether to use a custom endpoint rather than the default endpoint.", - "title": "DomainEndpointOptions" - }, - "DomainName": { - "markdownDescription": "A name for the OpenSearch Service domain. The name must have a minimum length of 3 and a maximum length of 28. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the domain name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nRequired when creating a new domain.\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "DomainName", - "type": "string" - }, - "EBSOptions": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.EBSOptions", - "markdownDescription": "The configurations of Amazon Elastic Block Store (Amazon EBS) volumes that are attached to data nodes in the OpenSearch Service domain. For more information, see [EBS volume size limits](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/limits.html#ebsresource) in the *Amazon OpenSearch Service Developer Guide* .", - "title": "EBSOptions" - }, - "EncryptionAtRestOptions": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.EncryptionAtRestOptions", - "markdownDescription": "Whether the domain should encrypt data at rest, and if so, the AWS KMS key to use. See [Encryption of data at rest for Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/encryption-at-rest.html) .\n\nIf no encryption at rest options were initially specified in the template, updating this property by adding it causes no interruption. However, if you change this property after it's already been set within a template, the domain is deleted and recreated in order to modify the property.", - "title": "EncryptionAtRestOptions" - }, - "EngineVersion": { - "markdownDescription": "The version of OpenSearch to use. The value must be in the format `OpenSearch_X.Y` or `Elasticsearch_X.Y` . If not specified, the latest version of OpenSearch is used. For information about the versions that OpenSearch Service supports, see [Supported versions of OpenSearch and Elasticsearch](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/what-is.html#choosing-version) in the *Amazon OpenSearch Service Developer Guide* .\n\nIf you set the [EnableVersionUpgrade](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-upgradeopensearchdomain) update policy to `true` , you can update `EngineVersion` without interruption. When `EnableVersionUpgrade` is set to `false` , or is not specified, updating `EngineVersion` results in [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "EngineVersion", + "LogGroupName": { + "markdownDescription": "The name of the log group where the log stream is created.", + "title": "LogGroupName", "type": "string" }, - "IPAddressType": { - "markdownDescription": "Choose either dual stack or IPv4 as your IP address type. Dual stack allows you to share domain resources across IPv4 and IPv6 address types, and is the recommended option. If you set your IP address type to dual stack, you can't change your address type later.", - "title": "IPAddressType", + "LogStreamName": { + "markdownDescription": "The name of the log stream. The name must be unique within the log group.", + "title": "LogStreamName", "type": "string" - }, - "LogPublishingOptions": { - "additionalProperties": false, - "markdownDescription": "An object with one or more of the following keys: `SEARCH_SLOW_LOGS` , `ES_APPLICATION_LOGS` , `INDEX_SLOW_LOGS` , `AUDIT_LOGS` , depending on the types of logs you want to publish. Each key needs a valid `LogPublishingOption` value. For the full syntax, see the [examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-opensearchservice-domain.html#aws-resource-opensearchservice-domain--examples) .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.LogPublishingOption" - } - }, - "title": "LogPublishingOptions", - "type": "object" - }, - "NodeToNodeEncryptionOptions": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.NodeToNodeEncryptionOptions", - "markdownDescription": "Specifies whether node-to-node encryption is enabled. See [Node-to-node encryption for Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ntn.html) .", - "title": "NodeToNodeEncryptionOptions" - }, - "OffPeakWindowOptions": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.OffPeakWindowOptions", - "markdownDescription": "Options for a domain's off-peak window, during which OpenSearch Service can perform mandatory configuration changes on the domain.", - "title": "OffPeakWindowOptions" - }, - "SnapshotOptions": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.SnapshotOptions", - "markdownDescription": "*DEPRECATED* . The automated snapshot configuration for the OpenSearch Service domain indexes.", - "title": "SnapshotOptions" - }, - "SoftwareUpdateOptions": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.SoftwareUpdateOptions", - "markdownDescription": "Service software update options for the domain.", - "title": "SoftwareUpdateOptions" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An arbitrary set of tags (key\u2013value pairs) to associate with the OpenSearch Service domain.", - "title": "Tags", - "type": "array" - }, - "VPCOptions": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.VPCOptions", - "markdownDescription": "The virtual private cloud (VPC) configuration for the OpenSearch Service domain. For more information, see [Launching your Amazon OpenSearch Service domains within a VPC](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/vpc.html) in the *Amazon OpenSearch Service Developer Guide* .\n\nIf you remove this entity altogether, along with its associated properties, it causes a replacement. You might encounter this scenario if you're updating your security configuration from a VPC to a public endpoint.", - "title": "VPCOptions" } }, + "required": [ + "LogGroupName" + ], "type": "object" }, "Type": { "enum": [ - "AWS::OpenSearchService::Domain" + "AWS::Logs::LogStream" ], "type": "string" }, @@ -172261,485 +177700,168 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::OpenSearchService::Domain.AdvancedSecurityOptionsInput": { - "additionalProperties": false, - "properties": { - "AnonymousAuthDisableDate": { - "markdownDescription": "Date and time when the migration period will be disabled. Only necessary when [enabling fine-grained access control on an existing domain](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/fgac.html#fgac-enabling-existing) .", - "title": "AnonymousAuthDisableDate", - "type": "string" - }, - "AnonymousAuthEnabled": { - "markdownDescription": "True to enable a 30-day migration period during which administrators can create role mappings. Only necessary when [enabling fine-grained access control on an existing domain](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/fgac.html#fgac-enabling-existing) .", - "title": "AnonymousAuthEnabled", - "type": "boolean" - }, - "Enabled": { - "markdownDescription": "True to enable fine-grained access control. You must also enable encryption of data at rest and node-to-node encryption. See [Fine-grained access control in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/fgac.html) .", - "title": "Enabled", - "type": "boolean" - }, - "InternalUserDatabaseEnabled": { - "markdownDescription": "True to enable the internal user database.", - "title": "InternalUserDatabaseEnabled", - "type": "boolean" - }, - "MasterUserOptions": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.MasterUserOptions", - "markdownDescription": "Specifies information about the master user.", - "title": "MasterUserOptions" - }, - "SAMLOptions": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.SAMLOptions", - "markdownDescription": "Container for information about the SAML configuration for OpenSearch Dashboards.", - "title": "SAMLOptions" - } - }, - "type": "object" - }, - "AWS::OpenSearchService::Domain.ClusterConfig": { - "additionalProperties": false, - "properties": { - "ColdStorageOptions": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.ColdStorageOptions", - "markdownDescription": "Container for cold storage configuration options.", - "title": "ColdStorageOptions" - }, - "DedicatedMasterCount": { - "markdownDescription": "The number of instances to use for the master node. If you specify this property, you must specify `true` for the `DedicatedMasterEnabled` property.", - "title": "DedicatedMasterCount", - "type": "number" - }, - "DedicatedMasterEnabled": { - "markdownDescription": "Indicates whether to use a dedicated master node for the OpenSearch Service domain. A dedicated master node is a cluster node that performs cluster management tasks, but doesn't hold data or respond to data upload requests. Dedicated master nodes offload cluster management tasks to increase the stability of your search clusters. See [Dedicated master nodes in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-dedicatedmasternodes.html) .", - "title": "DedicatedMasterEnabled", - "type": "boolean" - }, - "DedicatedMasterType": { - "markdownDescription": "The hardware configuration of the computer that hosts the dedicated master node, such as `m3.medium.search` . If you specify this property, you must specify `true` for the `DedicatedMasterEnabled` property. For valid values, see [Supported instance types in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/supported-instance-types.html) .", - "title": "DedicatedMasterType", - "type": "string" - }, - "InstanceCount": { - "markdownDescription": "The number of data nodes (instances) to use in the OpenSearch Service domain.", - "title": "InstanceCount", - "type": "number" - }, - "InstanceType": { - "markdownDescription": "The instance type for your data nodes, such as `m3.medium.search` . For valid values, see [Supported instance types in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/supported-instance-types.html) .", - "title": "InstanceType", - "type": "string" - }, - "MultiAZWithStandbyEnabled": { - "markdownDescription": "Indicates whether Multi-AZ with Standby deployment option is enabled. For more information, see [Multi-AZ with Standby](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-multiaz.html#managedomains-za-standby) .", - "title": "MultiAZWithStandbyEnabled", - "type": "boolean" - }, - "WarmCount": { - "markdownDescription": "The number of warm nodes in the cluster.", - "title": "WarmCount", - "type": "number" - }, - "WarmEnabled": { - "markdownDescription": "Whether to enable UltraWarm storage for the cluster. See [UltraWarm storage for Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ultrawarm.html) .", - "title": "WarmEnabled", - "type": "boolean" - }, - "WarmType": { - "markdownDescription": "The instance type for the cluster's warm nodes.", - "title": "WarmType", - "type": "string" - }, - "ZoneAwarenessConfig": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.ZoneAwarenessConfig", - "markdownDescription": "Specifies zone awareness configuration options. Only use if `ZoneAwarenessEnabled` is `true` .", - "title": "ZoneAwarenessConfig" - }, - "ZoneAwarenessEnabled": { - "markdownDescription": "Indicates whether to enable zone awareness for the OpenSearch Service domain. When you enable zone awareness, OpenSearch Service allocates the nodes and replica index shards that belong to a cluster across two Availability Zones (AZs) in the same region to prevent data loss and minimize downtime in the event of node or data center failure. Don't enable zone awareness if your cluster has no replica index shards or is a single-node cluster. For more information, see [Configuring a multi-AZ domain in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-multiaz.html) .", - "title": "ZoneAwarenessEnabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::OpenSearchService::Domain.CognitoOptions": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Whether to enable or disable Amazon Cognito authentication for OpenSearch Dashboards. See [Amazon Cognito authentication for OpenSearch Dashboards](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/cognito-auth.html) .", - "title": "Enabled", - "type": "boolean" - }, - "IdentityPoolId": { - "markdownDescription": "The Amazon Cognito identity pool ID that you want OpenSearch Service to use for OpenSearch Dashboards authentication.\n\nRequired if you enabled Cognito Authentication for OpenSearch Dashboards.", - "title": "IdentityPoolId", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The `AmazonOpenSearchServiceCognitoAccess` role that allows OpenSearch Service to configure your user pool and identity pool.\n\nRequired if you enabled Cognito Authentication for OpenSearch Dashboards.", - "title": "RoleArn", - "type": "string" - }, - "UserPoolId": { - "markdownDescription": "The Amazon Cognito user pool ID that you want OpenSearch Service to use for OpenSearch Dashboards authentication.\n\nRequired if you enabled Cognito Authentication for OpenSearch Dashboards.", - "title": "UserPoolId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::OpenSearchService::Domain.ColdStorageOptions": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Whether to enable or disable cold storage on the domain. You must enable UltraWarm storage to enable cold storage.", - "title": "Enabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::OpenSearchService::Domain.DomainEndpointOptions": { + "AWS::Logs::MetricFilter": { "additionalProperties": false, "properties": { - "CustomEndpoint": { - "markdownDescription": "The fully qualified URL for your custom endpoint. Required if you enabled a custom endpoint for the domain.", - "title": "CustomEndpoint", - "type": "string" - }, - "CustomEndpointCertificateArn": { - "markdownDescription": "The AWS Certificate Manager ARN for your domain's SSL/TLS certificate. Required if you enabled a custom endpoint for the domain.", - "title": "CustomEndpointCertificateArn", + "Condition": { "type": "string" }, - "CustomEndpointEnabled": { - "markdownDescription": "True to enable a custom endpoint for the domain. If enabled, you must also provide values for `CustomEndpoint` and `CustomEndpointCertificateArn` .", - "title": "CustomEndpointEnabled", - "type": "boolean" - }, - "EnforceHTTPS": { - "markdownDescription": "True to require that all traffic to the domain arrive over HTTPS. Required if you enable fine-grained access control in [AdvancedSecurityOptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .", - "title": "EnforceHTTPS", - "type": "boolean" - }, - "TLSSecurityPolicy": { - "markdownDescription": "The minimum TLS version required for traffic to the domain. The policy can be one of the following values:\n\n- *Policy-Min-TLS-1-0-2019-07:* TLS security policy that supports TLS version 1.0 to TLS version 1.2\n- *Policy-Min-TLS-1-2-2019-07:* TLS security policy that supports only TLS version 1.2\n- *Policy-Min-TLS-1-2-PFS-2023-10:* TLS security policy that supports TLS version 1.2 to TLS version 1.3 with perfect forward secrecy cipher suites", - "title": "TLSSecurityPolicy", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::OpenSearchService::Domain.EBSOptions": { - "additionalProperties": false, - "properties": { - "EBSEnabled": { - "markdownDescription": "Specifies whether Amazon EBS volumes are attached to data nodes in the OpenSearch Service domain.", - "title": "EBSEnabled", - "type": "boolean" - }, - "Iops": { - "markdownDescription": "The number of I/O operations per second (IOPS) that the volume supports. This property applies only to the `gp3` and provisioned IOPS EBS volume types.", - "title": "Iops", - "type": "number" }, - "Throughput": { - "markdownDescription": "The throughput (in MiB/s) of the EBS volumes attached to data nodes. Applies only to the `gp3` volume type.", - "title": "Throughput", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "VolumeSize": { - "markdownDescription": "The size (in GiB) of the EBS volume for each data node. The minimum and maximum size of an EBS volume depends on the EBS volume type and the instance type to which it is attached. For more information, see [EBS volume size limits](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/limits.html#ebsresource) in the *Amazon OpenSearch Service Developer Guide* .", - "title": "VolumeSize", - "type": "number" + "Metadata": { + "type": "object" }, - "VolumeType": { - "markdownDescription": "The EBS volume type to use with the OpenSearch Service domain. If you choose `gp3` , you must also specify values for `Iops` and `Throughput` . For more information about each type, see [Amazon EBS volume types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) in the *Amazon EC2 User Guide for Linux Instances* .", - "title": "VolumeType", - "type": "string" - } - }, - "type": "object" - }, - "AWS::OpenSearchService::Domain.EncryptionAtRestOptions": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Specify `true` to enable encryption at rest. Required if you enable fine-grained access control in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .\n\nIf no encryption at rest options were initially specified in the template, updating this property by adding it causes no interruption. However, if you change this property after it's already been set within a template, the domain is deleted and recreated in order to modify the property.", - "title": "Enabled", - "type": "boolean" + "Properties": { + "additionalProperties": false, + "properties": { + "ApplyOnTransformedLogs": { + "markdownDescription": "This parameter is valid only for log groups that have an active log transformer. For more information about log transformers, see [PutTransformer](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutTransformer.html) .\n\nIf this value is `true` , the metric filter is applied on the transformed version of the log events instead of the original ingested log events.", + "title": "ApplyOnTransformedLogs", + "type": "boolean" + }, + "FilterName": { + "markdownDescription": "The name of the metric filter.", + "title": "FilterName", + "type": "string" + }, + "FilterPattern": { + "markdownDescription": "A filter pattern for extracting metric data out of ingested log events. For more information, see [Filter and Pattern Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html) .", + "title": "FilterPattern", + "type": "string" + }, + "LogGroupName": { + "markdownDescription": "The name of an existing log group that you want to associate with this metric filter.", + "title": "LogGroupName", + "type": "string" + }, + "MetricTransformations": { + "items": { + "$ref": "#/definitions/AWS::Logs::MetricFilter.MetricTransformation" + }, + "markdownDescription": "The metric transformations.", + "title": "MetricTransformations", + "type": "array" + } + }, + "required": [ + "FilterPattern", + "LogGroupName", + "MetricTransformations" + ], + "type": "object" }, - "KmsKeyId": { - "markdownDescription": "The KMS key ID. Takes the form `1a2a3a4-1a2a-3a4a-5a6a-1a2a3a4a5a6a` . Required if you enable encryption at rest.\n\nYou can also use `keyAlias` as a value.\n\nIf no encryption at rest options were initially specified in the template, updating this property by adding it causes no interruption. However, if you change this property after it's already been set within a template, the domain is deleted and recreated in order to modify the property.", - "title": "KmsKeyId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::OpenSearchService::Domain.Idp": { - "additionalProperties": false, - "properties": { - "EntityId": { - "markdownDescription": "The unique entity ID of the application in the SAML identity provider.", - "title": "EntityId", + "Type": { + "enum": [ + "AWS::Logs::MetricFilter" + ], "type": "string" }, - "MetadataContent": { - "markdownDescription": "The metadata of the SAML application, in XML format.", - "title": "MetadataContent", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "EntityId", - "MetadataContent" + "Type", + "Properties" ], "type": "object" }, - "AWS::OpenSearchService::Domain.LogPublishingOption": { - "additionalProperties": false, - "properties": { - "CloudWatchLogsLogGroupArn": { - "markdownDescription": "Specifies the CloudWatch log group to publish to. Required if you enable log publishing.", - "title": "CloudWatchLogsLogGroupArn", - "type": "string" - }, - "Enabled": { - "markdownDescription": "If `true` , enables the publishing of logs to CloudWatch.\n\nDefault: `false` .", - "title": "Enabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::OpenSearchService::Domain.MasterUserOptions": { + "AWS::Logs::MetricFilter.Dimension": { "additionalProperties": false, "properties": { - "MasterUserARN": { - "markdownDescription": "Amazon Resource Name (ARN) for the master user. The ARN can point to an IAM user or role. This property is required for Amazon Cognito to work, and it must match the role configured for Cognito. Only specify if `InternalUserDatabaseEnabled` is false in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .", - "title": "MasterUserARN", - "type": "string" - }, - "MasterUserName": { - "markdownDescription": "Username for the master user. Only specify if `InternalUserDatabaseEnabled` is true in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .\n\nIf you don't want to specify this value directly within the template, you can use a [dynamic reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html) instead.", - "title": "MasterUserName", + "Key": { + "markdownDescription": "The name for the CloudWatch metric dimension that the metric filter creates.\n\nDimension names must contain only ASCII characters, must include at least one non-whitespace character, and cannot start with a colon (:).", + "title": "Key", "type": "string" }, - "MasterUserPassword": { - "markdownDescription": "Password for the master user. Only specify if `InternalUserDatabaseEnabled` is true in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .\n\nIf you don't want to specify this value directly within the template, you can use a [dynamic reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html) instead.", - "title": "MasterUserPassword", + "Value": { + "markdownDescription": "The log event field that will contain the value for this dimension. This dimension will only be published for a metric if the value is found in the log event. For example, `$.eventType` for JSON log events, or `$server` for space-delimited log events.", + "title": "Value", "type": "string" } }, + "required": [ + "Key", + "Value" + ], "type": "object" }, - "AWS::OpenSearchService::Domain.NodeToNodeEncryptionOptions": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Specifies to enable or disable node-to-node encryption on the domain. Required if you enable fine-grained access control in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .", - "title": "Enabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::OpenSearchService::Domain.OffPeakWindow": { - "additionalProperties": false, - "properties": { - "WindowStartTime": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.WindowStartTime", - "markdownDescription": "The desired start time for an off-peak maintenance window.", - "title": "WindowStartTime" - } - }, - "type": "object" - }, - "AWS::OpenSearchService::Domain.OffPeakWindowOptions": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Specifies whether off-peak window settings are enabled for the domain.", - "title": "Enabled", - "type": "boolean" - }, - "OffPeakWindow": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.OffPeakWindow", - "markdownDescription": "Off-peak window settings for the domain.", - "title": "OffPeakWindow" - } - }, - "type": "object" - }, - "AWS::OpenSearchService::Domain.SAMLOptions": { + "AWS::Logs::MetricFilter.MetricTransformation": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "True to enable SAML authentication for a domain.", - "title": "Enabled", - "type": "boolean" - }, - "Idp": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.Idp", - "markdownDescription": "The SAML Identity Provider's information.", - "title": "Idp" - }, - "MasterBackendRole": { - "markdownDescription": "The backend role that the SAML master user is mapped to.", - "title": "MasterBackendRole", - "type": "string" - }, - "MasterUserName": { - "markdownDescription": "The SAML master user name, which is stored in the domain's internal user database.", - "title": "MasterUserName", - "type": "string" - }, - "RolesKey": { - "markdownDescription": "Element of the SAML assertion to use for backend roles. Default is `roles` .", - "title": "RolesKey", - "type": "string" - }, - "SessionTimeoutMinutes": { - "markdownDescription": "The duration, in minutes, after which a user session becomes inactive. Acceptable values are between 1 and 1440, and the default value is 60.", - "title": "SessionTimeoutMinutes", + "DefaultValue": { + "markdownDescription": "(Optional) The value to emit when a filter pattern does not match a log event. This value can be null.", + "title": "DefaultValue", "type": "number" }, - "SubjectKey": { - "markdownDescription": "Element of the SAML assertion to use for the user name. Default is `NameID` .", - "title": "SubjectKey", - "type": "string" - } - }, - "type": "object" - }, - "AWS::OpenSearchService::Domain.ServiceSoftwareOptions": { - "additionalProperties": false, - "properties": { - "AutomatedUpdateDate": { - "markdownDescription": "The timestamp, in Epoch time, until which you can manually request a service software update. After this date, we automatically update your service software.", - "title": "AutomatedUpdateDate", - "type": "string" - }, - "Cancellable": { - "markdownDescription": "True if you're able to cancel your service software version update. False if you can't cancel your service software update.", - "title": "Cancellable", - "type": "boolean" + "Dimensions": { + "items": { + "$ref": "#/definitions/AWS::Logs::MetricFilter.Dimension" + }, + "markdownDescription": "The fields to use as dimensions for the metric. One metric filter can include as many as three dimensions.\n\n> Metrics extracted from log events are charged as custom metrics. To prevent unexpected high charges, do not specify high-cardinality fields such as `IPAddress` or `requestID` as dimensions. Each different value found for a dimension is treated as a separate metric and accrues charges as a separate custom metric.\n> \n> CloudWatch Logs disables a metric filter if it generates 1000 different name/value pairs for your specified dimensions within a certain amount of time. This helps to prevent accidental high charges.\n> \n> You can also set up a billing alarm to alert you if your charges are higher than expected. For more information, see [Creating a Billing Alarm to Monitor Your Estimated AWS Charges](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/monitor_estimated_charges_with_cloudwatch.html) .", + "title": "Dimensions", + "type": "array" }, - "CurrentVersion": { - "markdownDescription": "The current service software version present on the domain.", - "title": "CurrentVersion", + "MetricName": { + "markdownDescription": "The name of the CloudWatch metric.", + "title": "MetricName", "type": "string" }, - "Description": { - "markdownDescription": "A description of the service software update status.", - "title": "Description", + "MetricNamespace": { + "markdownDescription": "A custom namespace to contain your metric in CloudWatch. Use namespaces to group together metrics that are similar. For more information, see [Namespaces](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html#Namespace) .", + "title": "MetricNamespace", "type": "string" }, - "NewVersion": { - "markdownDescription": "The new service software version, if one is available.", - "title": "NewVersion", + "MetricValue": { + "markdownDescription": "The value that is published to the CloudWatch metric. For example, if you're counting the occurrences of a particular term like `Error` , specify 1 for the metric value. If you're counting the number of bytes transferred, reference the value that is in the log event by using $. followed by the name of the field that you specified in the filter pattern, such as `$.size` .", + "title": "MetricValue", "type": "string" }, - "OptionalDeployment": { - "markdownDescription": "True if a service software is never automatically updated. False if a service software is automatically updated after the automated update date.", - "title": "OptionalDeployment", - "type": "boolean" - }, - "UpdateAvailable": { - "markdownDescription": "True if you're able to update your service software version. False if you can't update your service software version.", - "title": "UpdateAvailable", - "type": "boolean" - }, - "UpdateStatus": { - "markdownDescription": "The status of your service software update.", - "title": "UpdateStatus", + "Unit": { + "markdownDescription": "The unit to assign to the metric. If you omit this, the unit is set as `None` .", + "title": "Unit", "type": "string" } }, - "type": "object" - }, - "AWS::OpenSearchService::Domain.SnapshotOptions": { - "additionalProperties": false, - "properties": { - "AutomatedSnapshotStartHour": { - "markdownDescription": "The hour in UTC during which the service takes an automated daily snapshot of the indexes in the OpenSearch Service domain. For example, if you specify 0, OpenSearch Service takes an automated snapshot everyday between midnight and 1 am. You can specify a value between 0 and 23.", - "title": "AutomatedSnapshotStartHour", - "type": "number" - } - }, - "type": "object" - }, - "AWS::OpenSearchService::Domain.SoftwareUpdateOptions": { - "additionalProperties": false, - "properties": { - "AutoSoftwareUpdateEnabled": { - "markdownDescription": "Specifies whether automatic service software updates are enabled for the domain.", - "title": "AutoSoftwareUpdateEnabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::OpenSearchService::Domain.VPCOptions": { - "additionalProperties": false, - "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of security group IDs that are associated with the VPC endpoints for the domain. If you don't provide a security group ID, OpenSearch Service uses the default security group for the VPC. To learn more, see [Security groups for your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) in the *Amazon VPC User Guide* .", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "Provide one subnet ID for each Availability Zone that your domain uses. For example, you must specify three subnet IDs for a three-AZ domain. To learn more, see [VPCs and subnets](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) in the *Amazon VPC User Guide* .\n\nIf you specify more than one subnet, you must also configure `ZoneAwarenessEnabled` and `ZoneAwarenessConfig` within [ClusterConfig](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-clusterconfig.html) , otherwise you'll see the error \"You must specify exactly one subnet\" during template creation.", - "title": "SubnetIds", - "type": "array" - } - }, - "type": "object" - }, - "AWS::OpenSearchService::Domain.WindowStartTime": { - "additionalProperties": false, - "properties": { - "Hours": { - "markdownDescription": "The start hour of the window in Coordinated Universal Time (UTC), using 24-hour time. For example, 17 refers to 5:00 P.M. UTC. The minimum value is 0 and the maximum value is 23.", - "title": "Hours", - "type": "number" - }, - "Minutes": { - "markdownDescription": "The start minute of the window, in UTC. The minimum value is 0 and the maximum value is 59.", - "title": "Minutes", - "type": "number" - } - }, "required": [ - "Hours", - "Minutes" + "MetricName", + "MetricNamespace", + "MetricValue" ], "type": "object" }, - "AWS::OpenSearchService::Domain.ZoneAwarenessConfig": { - "additionalProperties": false, - "properties": { - "AvailabilityZoneCount": { - "markdownDescription": "If you enabled multiple Availability Zones (AZs), the number of AZs that you want the domain to use.\n\nValid values are `2` and `3` . Default is 2.", - "title": "AvailabilityZoneCount", - "type": "number" - } - }, - "type": "object" - }, - "AWS::OpsWorks::App": { + "AWS::Logs::QueryDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -172774,92 +177896,39 @@ "Properties": { "additionalProperties": false, "properties": { - "AppSource": { - "$ref": "#/definitions/AWS::OpsWorks::App.Source", - "markdownDescription": "A `Source` object that specifies the app repository.", - "title": "AppSource" - }, - "Attributes": { - "additionalProperties": true, - "markdownDescription": "One or more user-defined key/value pairs to be added to the stack attributes.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Attributes", - "type": "object" - }, - "DataSources": { - "items": { - "$ref": "#/definitions/AWS::OpsWorks::App.DataSource" - }, - "markdownDescription": "The app's data source.", - "title": "DataSources", - "type": "array" - }, - "Description": { - "markdownDescription": "A description of the app.", - "title": "Description", - "type": "string" - }, - "Domains": { + "LogGroupNames": { "items": { "type": "string" }, - "markdownDescription": "The app virtual host settings, with multiple domains separated by commas. For example: `'www.example.com, example.com'`", - "title": "Domains", - "type": "array" - }, - "EnableSsl": { - "markdownDescription": "Whether to enable SSL for the app.", - "title": "EnableSsl", - "type": "boolean" - }, - "Environment": { - "items": { - "$ref": "#/definitions/AWS::OpsWorks::App.EnvironmentVariable" - }, - "markdownDescription": "An array of `EnvironmentVariable` objects that specify environment variables to be associated with the app. After you deploy the app, these variables are defined on the associated app server instance. For more information, see [Environment Variables](https://docs.aws.amazon.com/opsworks/latest/userguide/workingapps-creating.html#workingapps-creating-environment) .\n\nThere is no specific limit on the number of environment variables. However, the size of the associated data structure - which includes the variables' names, values, and protected flag values - cannot exceed 20 KB. This limit should accommodate most if not all use cases. Exceeding it will cause an exception with the message, \"Environment: is too large (maximum is 20KB).\"\n\n> If you have specified one or more environment variables, you cannot modify the stack's Chef version.", - "title": "Environment", + "markdownDescription": "Use this parameter if you want the query to query only certain log groups.", + "title": "LogGroupNames", "type": "array" }, "Name": { - "markdownDescription": "The app name.", + "markdownDescription": "A name for the query definition.\n\n> You can use the name to create a folder structure for your queries. To create a folder, use a forward slash (/) to prefix your desired query name with your desired folder name. For example, `*folder-name* / *query-name*` .", "title": "Name", "type": "string" }, - "Shortname": { - "markdownDescription": "The app's short name.", - "title": "Shortname", - "type": "string" - }, - "SslConfiguration": { - "$ref": "#/definitions/AWS::OpsWorks::App.SslConfiguration", - "markdownDescription": "An `SslConfiguration` object with the SSL configuration.", - "title": "SslConfiguration" - }, - "StackId": { - "markdownDescription": "The stack ID.", - "title": "StackId", + "QueryLanguage": { + "markdownDescription": "The query language used for this query. For more information about the query languages that CloudWatch Logs supports, see [Supported query languages](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_AnalyzeLogData_Languages.html) .", + "title": "QueryLanguage", "type": "string" }, - "Type": { - "markdownDescription": "The app type. Each supported type is associated with a particular layer. For example, PHP applications are associated with a PHP layer. AWS OpsWorks Stacks deploys an application to those instances that are members of the corresponding layer. If your app isn't one of the standard types, or you prefer to implement your own Deploy recipes, specify `other` .", - "title": "Type", + "QueryString": { + "markdownDescription": "The query string to use for this query definition. For more information, see [CloudWatch Logs Insights Query Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_QuerySyntax.html) .", + "title": "QueryString", "type": "string" } }, "required": [ "Name", - "StackId", - "Type" + "QueryString" ], "type": "object" }, "Type": { "enum": [ - "AWS::OpsWorks::App" + "AWS::Logs::QueryDefinition" ], "type": "string" }, @@ -172878,110 +177947,80 @@ ], "type": "object" }, - "AWS::OpsWorks::App.DataSource": { + "AWS::Logs::ResourcePolicy": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The data source's ARN.", - "title": "Arn", - "type": "string" - }, - "DatabaseName": { - "markdownDescription": "The database name.", - "title": "DatabaseName", + "Condition": { "type": "string" }, - "Type": { - "markdownDescription": "The data source's type, `AutoSelectOpsworksMysqlInstance` , `OpsworksMysqlInstance` , `RdsDbInstance` , or `None` .", - "title": "Type", - "type": "string" - } - }, - "type": "object" - }, - "AWS::OpsWorks::App.EnvironmentVariable": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "(Required) The environment variable's name, which can consist of up to 64 characters and must be specified. The name can contain upper- and lowercase letters, numbers, and underscores (_), but it must start with a letter or underscore.", - "title": "Key", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Secure": { - "markdownDescription": "(Optional) Whether the variable's value is returned by the `DescribeApps` action. To hide an environment variable's value, set `Secure` to `true` . `DescribeApps` returns `*****FILTERED*****` instead of the actual value. The default value for `Secure` is `false` .", - "title": "Secure", - "type": "boolean" - }, - "Value": { - "markdownDescription": "(Optional) The environment variable's value, which can be left empty. If you specify a value, it can contain up to 256 characters, which must all be printable.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - }, - "AWS::OpsWorks::App.Source": { - "additionalProperties": false, - "properties": { - "Password": { - "markdownDescription": "When included in a request, the parameter depends on the repository type.\n\n- For Amazon S3 bundles, set `Password` to the appropriate IAM secret access key.\n- For HTTP bundles and Subversion repositories, set `Password` to the password.\n\nFor more information on how to safely handle IAM credentials, see [](https://docs.aws.amazon.com/general/latest/gr/aws-access-keys-best-practices.html) .\n\nIn responses, AWS OpsWorks Stacks returns `*****FILTERED*****` instead of the actual value.", - "title": "Password", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Revision": { - "markdownDescription": "The application's version. AWS OpsWorks Stacks enables you to easily deploy new versions of an application. One of the simplest approaches is to have branches or revisions in your repository that represent different versions that can potentially be deployed.", - "title": "Revision", - "type": "string" + "Metadata": { + "type": "object" }, - "SshKey": { - "markdownDescription": "In requests, the repository's SSH key.\n\nIn responses, AWS OpsWorks Stacks returns `*****FILTERED*****` instead of the actual value.", - "title": "SshKey", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "PolicyDocument": { + "markdownDescription": "The details of the policy. It must be formatted in JSON, and you must use backslashes to escape characters that need to be escaped in JSON strings, such as double quote marks.", + "title": "PolicyDocument", + "type": "string" + }, + "PolicyName": { + "markdownDescription": "The name of the resource policy.", + "title": "PolicyName", + "type": "string" + } + }, + "required": [ + "PolicyDocument", + "PolicyName" + ], + "type": "object" }, "Type": { - "markdownDescription": "The repository type.", - "title": "Type", - "type": "string" - }, - "Url": { - "markdownDescription": "The source URL. The following is an example of an Amazon S3 source URL: `https://s3.amazonaws.com/opsworks-demo-bucket/opsworks_cookbook_demo.tar.gz` .", - "title": "Url", - "type": "string" - }, - "Username": { - "markdownDescription": "This parameter depends on the repository type.\n\n- For Amazon S3 bundles, set `Username` to the appropriate IAM access key ID.\n- For HTTP bundles, Git repositories, and Subversion repositories, set `Username` to the user name.", - "title": "Username", - "type": "string" - } - }, - "type": "object" - }, - "AWS::OpsWorks::App.SslConfiguration": { - "additionalProperties": false, - "properties": { - "Certificate": { - "markdownDescription": "The contents of the certificate's domain.crt file.", - "title": "Certificate", - "type": "string" - }, - "Chain": { - "markdownDescription": "Optional. Can be used to specify an intermediate certificate authority key or client authentication.", - "title": "Chain", + "enum": [ + "AWS::Logs::ResourcePolicy" + ], "type": "string" }, - "PrivateKey": { - "markdownDescription": "The private key; the contents of the certificate's domain.kex file.", - "title": "PrivateKey", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::OpsWorks::ElasticLoadBalancerAttachment": { + "AWS::Logs::SubscriptionFilter": { "additionalProperties": false, "properties": { "Condition": { @@ -173016,26 +178055,52 @@ "Properties": { "additionalProperties": false, "properties": { - "ElasticLoadBalancerName": { - "markdownDescription": "The Elastic Load Balancing instance name.", - "title": "ElasticLoadBalancerName", + "ApplyOnTransformedLogs": { + "markdownDescription": "This parameter is valid only for log groups that have an active log transformer. For more information about log transformers, see [PutTransformer](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutTransformer.html) .\n\nIf this value is `true` , the subscription filter is applied on the transformed version of the log events instead of the original ingested log events.", + "title": "ApplyOnTransformedLogs", + "type": "boolean" + }, + "DestinationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the destination.", + "title": "DestinationArn", "type": "string" }, - "LayerId": { - "markdownDescription": "The AWS OpsWorks layer ID to which the Elastic Load Balancing load balancer is attached.", - "title": "LayerId", + "Distribution": { + "markdownDescription": "The method used to distribute log data to the destination, which can be either random or grouped by log stream.", + "title": "Distribution", + "type": "string" + }, + "FilterName": { + "markdownDescription": "The name of the subscription filter.", + "title": "FilterName", + "type": "string" + }, + "FilterPattern": { + "markdownDescription": "The filtering expressions that restrict what gets delivered to the destination AWS resource. For more information about the filter pattern syntax, see [Filter and Pattern Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html) .", + "title": "FilterPattern", + "type": "string" + }, + "LogGroupName": { + "markdownDescription": "The log group to associate with the subscription filter. All log events that are uploaded to this log group are filtered and delivered to the specified AWS resource if the filter pattern matches the log events.", + "title": "LogGroupName", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of an IAM role that grants CloudWatch Logs permissions to deliver ingested log events to the destination stream. You don't need to provide the ARN when you are working with a logical destination for cross-account delivery.", + "title": "RoleArn", "type": "string" } }, "required": [ - "ElasticLoadBalancerName", - "LayerId" + "DestinationArn", + "FilterPattern", + "LogGroupName" ], "type": "object" }, "Type": { "enum": [ - "AWS::OpsWorks::ElasticLoadBalancerAttachment" + "AWS::Logs::SubscriptionFilter" ], "type": "string" }, @@ -173054,7 +178119,7 @@ ], "type": "object" }, - "AWS::OpsWorks::Instance": { + "AWS::Logs::Transformer": { "additionalProperties": false, "properties": { "Condition": { @@ -173089,134 +178154,29 @@ "Properties": { "additionalProperties": false, "properties": { - "AgentVersion": { - "markdownDescription": "The default AWS OpsWorks Stacks agent version. You have the following options:\n\n- `INHERIT` - Use the stack's default agent version setting.\n- *version_number* - Use the specified agent version. This value overrides the stack's default setting. To update the agent version, edit the instance configuration and specify a new version. AWS OpsWorks Stacks installs that version on the instance.\n\nThe default setting is `INHERIT` . To specify an agent version, you must use the complete version number, not the abbreviated number shown on the console. For a list of available agent version numbers, call `DescribeAgentVersions` . AgentVersion cannot be set to Chef 12.2.", - "title": "AgentVersion", - "type": "string" - }, - "AmiId": { - "markdownDescription": "A custom AMI ID to be used to create the instance. The AMI should be based on one of the supported operating systems. For more information, see [Using Custom AMIs](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-custom-ami.html) .\n\n> If you specify a custom AMI, you must set `Os` to `Custom` .", - "title": "AmiId", - "type": "string" - }, - "Architecture": { - "markdownDescription": "The instance architecture. The default option is `x86_64` . Instance types do not necessarily support both architectures. For a list of the architectures that are supported by the different instance types, see [Instance Families and Types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) .", - "title": "Architecture", - "type": "string" - }, - "AutoScalingType": { - "markdownDescription": "For load-based or time-based instances, the type. Windows stacks can use only time-based instances.", - "title": "AutoScalingType", - "type": "string" - }, - "AvailabilityZone": { - "markdownDescription": "The Availability Zone of the AWS OpsWorks instance, such as `us-east-2a` .", - "title": "AvailabilityZone", + "LogGroupIdentifier": { + "markdownDescription": "Specify either the name or ARN of the log group to create the transformer for.", + "title": "LogGroupIdentifier", "type": "string" }, - "BlockDeviceMappings": { - "items": { - "$ref": "#/definitions/AWS::OpsWorks::Instance.BlockDeviceMapping" - }, - "markdownDescription": "An array of `BlockDeviceMapping` objects that specify the instance's block devices. For more information, see [Block Device Mapping](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/block-device-mapping-concepts.html) . Note that block device mappings are not supported for custom AMIs.", - "title": "BlockDeviceMappings", - "type": "array" - }, - "EbsOptimized": { - "markdownDescription": "Whether to create an Amazon EBS-optimized instance.", - "title": "EbsOptimized", - "type": "boolean" - }, - "ElasticIps": { + "TransformerConfig": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Logs::Transformer.Processor" }, - "markdownDescription": "A list of Elastic IP addresses to associate with the instance.", - "title": "ElasticIps", - "type": "array" - }, - "Hostname": { - "markdownDescription": "The instance host name. The following are character limits for instance host names.\n\n- Linux-based instances: 63 characters\n- Windows-based instances: 15 characters", - "title": "Hostname", - "type": "string" - }, - "InstallUpdatesOnBoot": { - "markdownDescription": "Whether to install operating system and package updates when the instance boots. The default value is `true` . To control when updates are installed, set this value to `false` . You must then update your instances manually by using `CreateDeployment` to run the `update_dependencies` stack command or by manually running `yum` (Amazon Linux) or `apt-get` (Ubuntu) on the instances.\n\n> We strongly recommend using the default value of `true` to ensure that your instances have the latest security updates.", - "title": "InstallUpdatesOnBoot", - "type": "boolean" - }, - "InstanceType": { - "markdownDescription": "The instance type, such as `t2.micro` . For a list of supported instance types, open the stack in the console, choose *Instances* , and choose *+ Instance* . The *Size* list contains the currently supported types. For more information, see [Instance Families and Types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) . The parameter values that you use to specify the various types are in the *API Name* column of the *Available Instance Types* table.", - "title": "InstanceType", - "type": "string" - }, - "LayerIds": { - "items": { - "type": "string" - }, - "markdownDescription": "An array that contains the instance's layer IDs.", - "title": "LayerIds", - "type": "array" - }, - "Os": { - "markdownDescription": "The instance's operating system, which must be set to one of the following.\n\n- A supported Linux operating system: An Amazon Linux version, such as `Amazon Linux 2` , `Amazon Linux 2018.03` , `Amazon Linux 2017.09` , `Amazon Linux 2017.03` , `Amazon Linux 2016.09` , `Amazon Linux 2016.03` , `Amazon Linux 2015.09` , or `Amazon Linux 2015.03` .\n- A supported Ubuntu operating system, such as `Ubuntu 18.04 LTS` , `Ubuntu 16.04 LTS` , `Ubuntu 14.04 LTS` , or `Ubuntu 12.04 LTS` .\n- `CentOS Linux 7`\n- `Red Hat Enterprise Linux 7`\n- A supported Windows operating system, such as `Microsoft Windows Server 2012 R2 Base` , `Microsoft Windows Server 2012 R2 with SQL Server Express` , `Microsoft Windows Server 2012 R2 with SQL Server Standard` , or `Microsoft Windows Server 2012 R2 with SQL Server Web` .\n- A custom AMI: `Custom` .\n\nNot all operating systems are supported with all versions of Chef. For more information about the supported operating systems, see [AWS OpsWorks Stacks Operating Systems](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-os.html) .\n\nThe default option is the current Amazon Linux version. If you set this parameter to `Custom` , you must use the `CreateInstance` action's AmiId parameter to specify the custom AMI that you want to use. Block device mappings are not supported if the value is `Custom` . For more information about how to use custom AMIs with AWS OpsWorks Stacks, see [Using Custom AMIs](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-custom-ami.html) .", - "title": "Os", - "type": "string" - }, - "RootDeviceType": { - "markdownDescription": "The instance root device type. For more information, see [Storage for the Root Device](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ComponentsAMIs.html#storage-for-the-root-device) .", - "title": "RootDeviceType", - "type": "string" - }, - "SshKeyName": { - "markdownDescription": "The instance's Amazon EC2 key-pair name.", - "title": "SshKeyName", - "type": "string" - }, - "StackId": { - "markdownDescription": "The stack ID.", - "title": "StackId", - "type": "string" - }, - "SubnetId": { - "markdownDescription": "The ID of the instance's subnet. If the stack is running in a VPC, you can use this parameter to override the stack's default subnet ID value and direct AWS OpsWorks Stacks to launch the instance in a different subnet.", - "title": "SubnetId", - "type": "string" - }, - "Tenancy": { - "markdownDescription": "The instance's tenancy option. The default option is no tenancy, or if the instance is running in a VPC, inherit tenancy settings from the VPC. The following are valid values for this parameter: `dedicated` , `default` , or `host` . Because there are costs associated with changes in tenancy options, we recommend that you research tenancy options before choosing them for your instances. For more information about dedicated hosts, see [Dedicated Hosts Overview](https://docs.aws.amazon.com/ec2/dedicated-hosts/) and [Amazon EC2 Dedicated Hosts](https://docs.aws.amazon.com/ec2/dedicated-hosts/) . For more information about dedicated instances, see [Dedicated Instances](https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/dedicated-instance.html) and [Amazon EC2 Dedicated Instances](https://docs.aws.amazon.com/ec2/purchasing-options/dedicated-instances/) .", - "title": "Tenancy", - "type": "string" - }, - "TimeBasedAutoScaling": { - "$ref": "#/definitions/AWS::OpsWorks::Instance.TimeBasedAutoScaling", - "markdownDescription": "The time-based scaling configuration for the instance.", - "title": "TimeBasedAutoScaling" - }, - "VirtualizationType": { - "markdownDescription": "The instance's virtualization type, `paravirtual` or `hvm` .", - "title": "VirtualizationType", - "type": "string" - }, - "Volumes": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of AWS OpsWorks volume IDs to associate with the instance. For more information, see [`AWS::OpsWorks::Volume`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-opsworks-volume.html) .", - "title": "Volumes", + "markdownDescription": "This structure is an array that contains the configuration of this log transformer. A log transformer is an array of processors, where each processor applies one type of transformation to the log events that are ingested.", + "title": "TransformerConfig", "type": "array" } }, "required": [ - "InstanceType", - "LayerIds", - "StackId" + "LogGroupIdentifier", + "TransformerConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::OpsWorks::Instance" + "AWS::Logs::Transformer" ], "type": "string" }, @@ -173235,499 +178195,755 @@ ], "type": "object" }, - "AWS::OpsWorks::Instance.BlockDeviceMapping": { + "AWS::Logs::Transformer.AddKeyEntry": { "additionalProperties": false, "properties": { - "DeviceName": { - "markdownDescription": "The device name that is exposed to the instance, such as `/dev/sdh` . For the root device, you can use the explicit device name or you can set this parameter to `ROOT_DEVICE` and AWS OpsWorks Stacks will provide the correct device name.", - "title": "DeviceName", + "Key": { + "markdownDescription": "The key of the new entry to be added to the log event", + "title": "Key", "type": "string" }, - "Ebs": { - "$ref": "#/definitions/AWS::OpsWorks::Instance.EbsBlockDevice", - "markdownDescription": "An `EBSBlockDevice` that defines how to configure an Amazon EBS volume when the instance is launched. You can specify either the `VirtualName` or `Ebs` , but not both.", - "title": "Ebs" - }, - "NoDevice": { - "markdownDescription": "Suppresses the specified device included in the AMI's block device mapping.", - "title": "NoDevice", - "type": "string" + "OverwriteIfExists": { + "markdownDescription": "Specifies whether to overwrite the value if the key already exists in the log event. If you omit this, the default is `false` .", + "title": "OverwriteIfExists", + "type": "boolean" }, - "VirtualName": { - "markdownDescription": "The virtual device name. For more information, see [BlockDeviceMapping](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_BlockDeviceMapping.html) . You can specify either the `VirtualName` or `Ebs` , but not both.", - "title": "VirtualName", + "Value": { + "markdownDescription": "The value of the new entry to be added to the log event", + "title": "Value", "type": "string" } }, + "required": [ + "Key", + "Value" + ], "type": "object" }, - "AWS::OpsWorks::Instance.EbsBlockDevice": { + "AWS::Logs::Transformer.AddKeys": { "additionalProperties": false, "properties": { - "DeleteOnTermination": { - "markdownDescription": "Whether the volume is deleted on instance termination.", - "title": "DeleteOnTermination", + "Entries": { + "items": { + "$ref": "#/definitions/AWS::Logs::Transformer.AddKeyEntry" + }, + "markdownDescription": "An array of objects, where each object contains the information about one key to add to the log event.", + "title": "Entries", + "type": "array" + } + }, + "required": [ + "Entries" + ], + "type": "object" + }, + "AWS::Logs::Transformer.CopyValue": { + "additionalProperties": false, + "properties": { + "Entries": { + "items": { + "$ref": "#/definitions/AWS::Logs::Transformer.CopyValueEntry" + }, + "markdownDescription": "An array of `CopyValueEntry` objects, where each object contains the information about one field value to copy.", + "title": "Entries", + "type": "array" + } + }, + "required": [ + "Entries" + ], + "type": "object" + }, + "AWS::Logs::Transformer.CopyValueEntry": { + "additionalProperties": false, + "properties": { + "OverwriteIfExists": { + "markdownDescription": "Specifies whether to overwrite the value if the destination key already exists. If you omit this, the default is `false` .", + "title": "OverwriteIfExists", "type": "boolean" }, - "Iops": { - "markdownDescription": "The number of I/O operations per second (IOPS) that the volume supports. For more information, see [EbsBlockDevice](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_EbsBlockDevice.html) .", - "title": "Iops", - "type": "number" + "Source": { + "markdownDescription": "The key to copy.", + "title": "Source", + "type": "string" }, - "SnapshotId": { - "markdownDescription": "The snapshot ID.", - "title": "SnapshotId", + "Target": { + "markdownDescription": "The key of the field to copy the value to.", + "title": "Target", + "type": "string" + } + }, + "required": [ + "Source", + "Target" + ], + "type": "object" + }, + "AWS::Logs::Transformer.Csv": { + "additionalProperties": false, + "properties": { + "Columns": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of names to use for the columns in the transformed log event.\n\nIf you omit this, default column names ( `[column_1, column_2 ...]` ) are used.", + "title": "Columns", + "type": "array" + }, + "Delimiter": { + "markdownDescription": "The character used to separate each column in the original comma-separated value log event. If you omit this, the processor looks for the comma `,` character as the delimiter.", + "title": "Delimiter", "type": "string" }, - "VolumeSize": { - "markdownDescription": "The volume size, in GiB. For more information, see [EbsBlockDevice](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_EbsBlockDevice.html) .", - "title": "VolumeSize", - "type": "number" + "QuoteCharacter": { + "markdownDescription": "The character used used as a text qualifier for a single column of data. If you omit this, the double quotation mark `\"` character is used.", + "title": "QuoteCharacter", + "type": "string" }, - "VolumeType": { - "markdownDescription": "The volume type. `gp2` for General Purpose (SSD) volumes, `io1` for Provisioned IOPS (SSD) volumes, `st1` for Throughput Optimized hard disk drives (HDD), `sc1` for Cold HDD,and `standard` for Magnetic volumes.\n\nIf you specify the `io1` volume type, you must also specify a value for the `Iops` attribute. The maximum ratio of provisioned IOPS to requested volume size (in GiB) is 50:1. AWS uses the default volume size (in GiB) specified in the AMI attributes to set IOPS to 50 x (volume size).", - "title": "VolumeType", + "Source": { + "markdownDescription": "The path to the field in the log event that has the comma separated values to be parsed. If you omit this value, the whole log message is processed.", + "title": "Source", "type": "string" } }, "type": "object" }, - "AWS::OpsWorks::Instance.TimeBasedAutoScaling": { + "AWS::Logs::Transformer.DateTimeConverter": { "additionalProperties": false, "properties": { - "Friday": { - "additionalProperties": true, - "markdownDescription": "The schedule for Friday.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Friday", - "type": "object" + "Locale": { + "markdownDescription": "The locale of the source field. If you omit this, the default of `locale.ROOT` is used.", + "title": "Locale", + "type": "string" }, - "Monday": { - "additionalProperties": true, - "markdownDescription": "The schedule for Monday.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "MatchPatterns": { + "items": { + "type": "string" }, - "title": "Monday", - "type": "object" + "markdownDescription": "A list of patterns to match against the `source` field.", + "title": "MatchPatterns", + "type": "array" }, - "Saturday": { - "additionalProperties": true, - "markdownDescription": "The schedule for Saturday.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Saturday", - "type": "object" + "Source": { + "markdownDescription": "The key to apply the date conversion to.", + "title": "Source", + "type": "string" }, - "Sunday": { - "additionalProperties": true, - "markdownDescription": "The schedule for Sunday.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Sunday", - "type": "object" + "SourceTimezone": { + "markdownDescription": "The time zone of the source field. If you omit this, the default used is the UTC zone.", + "title": "SourceTimezone", + "type": "string" }, - "Thursday": { - "additionalProperties": true, - "markdownDescription": "The schedule for Thursday.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Thursday", - "type": "object" + "Target": { + "markdownDescription": "The JSON field to store the result in.", + "title": "Target", + "type": "string" }, - "Tuesday": { - "additionalProperties": true, - "markdownDescription": "The schedule for Tuesday.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tuesday", - "type": "object" + "TargetFormat": { + "markdownDescription": "The datetime format to use for the converted data in the target field.\n\nIf you omit this, the default of `yyyy-MM-dd'T'HH:mm:ss.SSS'Z` is used.", + "title": "TargetFormat", + "type": "string" }, - "Wednesday": { - "additionalProperties": true, - "markdownDescription": "The schedule for Wednesday.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "TargetTimezone": { + "markdownDescription": "The time zone of the target field. If you omit this, the default used is the UTC zone.", + "title": "TargetTimezone", + "type": "string" + } + }, + "required": [ + "MatchPatterns", + "Source", + "Target" + ], + "type": "object" + }, + "AWS::Logs::Transformer.DeleteKeys": { + "additionalProperties": false, + "properties": { + "WithKeys": { + "items": { + "type": "string" }, - "title": "Wednesday", - "type": "object" + "markdownDescription": "The list of keys to delete.", + "title": "WithKeys", + "type": "array" } }, + "required": [ + "WithKeys" + ], "type": "object" }, - "AWS::OpsWorks::Layer": { + "AWS::Logs::Transformer.Grok": { "additionalProperties": false, "properties": { - "Condition": { + "Match": { + "markdownDescription": "The grok pattern to match against the log event. For a list of supported grok patterns, see [Supported grok patterns](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#Grok-Patterns) .", + "title": "Match", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Source": { + "markdownDescription": "The path to the field in the log event that you want to parse. If you omit this value, the whole log message is parsed.", + "title": "Source", + "type": "string" + } + }, + "required": [ + "Match" + ], + "type": "object" + }, + "AWS::Logs::Transformer.ListToMap": { + "additionalProperties": false, + "properties": { + "Flatten": { + "markdownDescription": "A Boolean value to indicate whether the list will be flattened into single items. Specify `true` to flatten the list. The default is `false`", + "title": "Flatten", + "type": "boolean" + }, + "FlattenedElement": { + "markdownDescription": "If you set `flatten` to `true` , use `flattenedElement` to specify which element, `first` or `last` , to keep.\n\nYou must specify this parameter if `flatten` is `true`", + "title": "FlattenedElement", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Key": { + "markdownDescription": "The key of the field to be extracted as keys in the generated map", + "title": "Key", + "type": "string" }, - "Metadata": { - "type": "object" + "Source": { + "markdownDescription": "The key in the log event that has a list of objects that will be converted to a map.", + "title": "Source", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Attributes": { - "additionalProperties": true, - "markdownDescription": "One or more user-defined key-value pairs to be added to the stack attributes.\n\nTo create a cluster layer, set the `EcsClusterArn` attribute to the cluster's ARN.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Attributes", - "type": "object" - }, - "AutoAssignElasticIps": { - "markdownDescription": "Whether to automatically assign an [Elastic IP address](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html) to the layer's instances. For more information, see [How to Edit a Layer](https://docs.aws.amazon.com/opsworks/latest/userguide/workinglayers-basics-edit.html) .", - "title": "AutoAssignElasticIps", - "type": "boolean" - }, - "AutoAssignPublicIps": { - "markdownDescription": "For stacks that are running in a VPC, whether to automatically assign a public IP address to the layer's instances. For more information, see [How to Edit a Layer](https://docs.aws.amazon.com/opsworks/latest/userguide/workinglayers-basics-edit.html) .", - "title": "AutoAssignPublicIps", - "type": "boolean" - }, - "CustomInstanceProfileArn": { - "markdownDescription": "The ARN of an IAM profile to be used for the layer's EC2 instances. For more information about IAM ARNs, see [Using Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) .", - "title": "CustomInstanceProfileArn", - "type": "string" - }, - "CustomJson": { - "markdownDescription": "A JSON-formatted string containing custom stack configuration and deployment attributes to be installed on the layer's instances. For more information, see [Using Custom JSON](https://docs.aws.amazon.com/opsworks/latest/userguide/workingcookbook-json-override.html) . This feature is supported as of version 1.7.42 of the AWS CLI .", - "title": "CustomJson", - "type": "object" - }, - "CustomRecipes": { - "$ref": "#/definitions/AWS::OpsWorks::Layer.Recipes", - "markdownDescription": "A `LayerCustomRecipes` object that specifies the layer custom recipes.", - "title": "CustomRecipes" - }, - "CustomSecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "An array containing the layer custom security group IDs.", - "title": "CustomSecurityGroupIds", - "type": "array" - }, - "EnableAutoHealing": { - "markdownDescription": "Whether to disable auto healing for the layer.", - "title": "EnableAutoHealing", - "type": "boolean" - }, - "InstallUpdatesOnBoot": { - "markdownDescription": "Whether to install operating system and package updates when the instance boots. The default value is `true` . To control when updates are installed, set this value to `false` . You must then update your instances manually by using `CreateDeployment` to run the `update_dependencies` stack command or by manually running `yum` (Amazon Linux) or `apt-get` (Ubuntu) on the instances.\n\n> To ensure that your instances have the latest security updates, we strongly recommend using the default value of `true` .", - "title": "InstallUpdatesOnBoot", - "type": "boolean" - }, - "LifecycleEventConfiguration": { - "$ref": "#/definitions/AWS::OpsWorks::Layer.LifecycleEventConfiguration", - "markdownDescription": "A `LifeCycleEventConfiguration` object that you can use to configure the Shutdown event to specify an execution timeout and enable or disable Elastic Load Balancer connection draining.", - "title": "LifecycleEventConfiguration" - }, - "LoadBasedAutoScaling": { - "$ref": "#/definitions/AWS::OpsWorks::Layer.LoadBasedAutoScaling", - "markdownDescription": "The load-based scaling configuration for the AWS OpsWorks layer.", - "title": "LoadBasedAutoScaling" - }, - "Name": { - "markdownDescription": "The layer name, which is used by the console. Layer names can be a maximum of 32 characters.", - "title": "Name", - "type": "string" - }, - "Packages": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of `Package` objects that describes the layer packages.", - "title": "Packages", - "type": "array" - }, - "Shortname": { - "markdownDescription": "For custom layers only, use this parameter to specify the layer's short name, which is used internally by AWS OpsWorks Stacks and by Chef recipes. The short name is also used as the name for the directory where your app files are installed. It can have a maximum of 32 characters, which are limited to the alphanumeric characters, '-', '_', and '.'.\n\nBuilt-in layer short names are defined by AWS OpsWorks Stacks. For more information, see the [Layer Reference](https://docs.aws.amazon.com/opsworks/latest/userguide/layers.html) .", - "title": "Shortname", - "type": "string" - }, - "StackId": { - "markdownDescription": "The layer stack ID.", - "title": "StackId", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Specifies one or more sets of tags (key\u2013value pairs) to associate with this AWS OpsWorks layer. Use tags to manage your resources.", - "title": "Tags", - "type": "array" - }, - "Type": { - "markdownDescription": "The layer type. A stack cannot have more than one built-in layer of the same type. It can have any number of custom layers. Built-in layers are not available in Chef 12 stacks.", - "title": "Type", - "type": "string" - }, - "UseEbsOptimizedInstances": { - "markdownDescription": "Whether to use Amazon EBS-optimized instances.", - "title": "UseEbsOptimizedInstances", - "type": "boolean" - }, - "VolumeConfigurations": { - "items": { - "$ref": "#/definitions/AWS::OpsWorks::Layer.VolumeConfiguration" - }, - "markdownDescription": "A `VolumeConfigurations` object that describes the layer's Amazon EBS volumes.", - "title": "VolumeConfigurations", - "type": "array" - } + "Target": { + "markdownDescription": "The key of the field that will hold the generated map", + "title": "Target", + "type": "string" + }, + "ValueKey": { + "markdownDescription": "If this is specified, the values that you specify in this parameter will be extracted from the `source` objects and put into the values of the generated map. Otherwise, original objects in the source list will be put into the values of the generated map.", + "title": "ValueKey", + "type": "string" + } + }, + "required": [ + "Key", + "Source" + ], + "type": "object" + }, + "AWS::Logs::Transformer.LowerCaseString": { + "additionalProperties": false, + "properties": { + "WithKeys": { + "items": { + "type": "string" }, - "required": [ - "AutoAssignElasticIps", - "AutoAssignPublicIps", - "EnableAutoHealing", - "Name", - "Shortname", - "StackId", - "Type" - ], - "type": "object" + "markdownDescription": "The array caontaining the keys of the fields to convert to lowercase.", + "title": "WithKeys", + "type": "array" + } + }, + "required": [ + "WithKeys" + ], + "type": "object" + }, + "AWS::Logs::Transformer.MoveKeyEntry": { + "additionalProperties": false, + "properties": { + "OverwriteIfExists": { + "markdownDescription": "Specifies whether to overwrite the value if the destination key already exists. If you omit this, the default is `false` .", + "title": "OverwriteIfExists", + "type": "boolean" }, - "Type": { - "enum": [ - "AWS::OpsWorks::Layer" - ], + "Source": { + "markdownDescription": "The key to move.", + "title": "Source", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Target": { + "markdownDescription": "The key to move to.", + "title": "Target", "type": "string" } }, "required": [ - "Type", - "Properties" + "Source", + "Target" ], "type": "object" }, - "AWS::OpsWorks::Layer.AutoScalingThresholds": { + "AWS::Logs::Transformer.MoveKeys": { "additionalProperties": false, "properties": { - "CpuThreshold": { - "markdownDescription": "The CPU utilization threshold, as a percent of the available CPU. A value of -1 disables the threshold.", - "title": "CpuThreshold", - "type": "number" + "Entries": { + "items": { + "$ref": "#/definitions/AWS::Logs::Transformer.MoveKeyEntry" + }, + "markdownDescription": "An array of objects, where each object contains the information about one key to move.", + "title": "Entries", + "type": "array" + } + }, + "required": [ + "Entries" + ], + "type": "object" + }, + "AWS::Logs::Transformer.ParseCloudfront": { + "additionalProperties": false, + "properties": { + "Source": { + "markdownDescription": "Omit this parameter and the whole log message will be processed by this processor. No other value than `@message` is allowed for `source` .", + "title": "Source", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Logs::Transformer.ParseJSON": { + "additionalProperties": false, + "properties": { + "Destination": { + "markdownDescription": "The location to put the parsed key value pair into. If you omit this parameter, it is placed under the root node.", + "title": "Destination", + "type": "string" }, - "IgnoreMetricsTime": { - "markdownDescription": "The amount of time (in minutes) after a scaling event occurs that AWS OpsWorks Stacks should ignore metrics and suppress additional scaling events. For example, AWS OpsWorks Stacks adds new instances following an upscaling event but the instances won't start reducing the load until they have been booted and configured. There is no point in raising additional scaling events during that operation, which typically takes several minutes. `IgnoreMetricsTime` allows you to direct AWS OpsWorks Stacks to suppress scaling events long enough to get the new instances online.", - "title": "IgnoreMetricsTime", - "type": "number" + "Source": { + "markdownDescription": "Path to the field in the log event that will be parsed. Use dot notation to access child fields. For example, `store.book`", + "title": "Source", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Logs::Transformer.ParseKeyValue": { + "additionalProperties": false, + "properties": { + "Destination": { + "markdownDescription": "The destination field to put the extracted key-value pairs into", + "title": "Destination", + "type": "string" }, - "InstanceCount": { - "markdownDescription": "The number of instances to add or remove when the load exceeds a threshold.", - "title": "InstanceCount", - "type": "number" + "FieldDelimiter": { + "markdownDescription": "The field delimiter string that is used between key-value pairs in the original log events. If you omit this, the ampersand `&` character is used.", + "title": "FieldDelimiter", + "type": "string" }, - "LoadThreshold": { - "markdownDescription": "The load threshold. A value of -1 disables the threshold. For more information about how load is computed, see [Load (computing)](https://docs.aws.amazon.com/http://en.wikipedia.org/wiki/Load_%28computing%29) .", - "title": "LoadThreshold", - "type": "number" + "KeyPrefix": { + "markdownDescription": "If you want to add a prefix to all transformed keys, specify it here.", + "title": "KeyPrefix", + "type": "string" }, - "MemoryThreshold": { - "markdownDescription": "The memory utilization threshold, as a percent of the available memory. A value of -1 disables the threshold.", - "title": "MemoryThreshold", - "type": "number" + "KeyValueDelimiter": { + "markdownDescription": "The delimiter string to use between the key and value in each pair in the transformed log event.\n\nIf you omit this, the equal `=` character is used.", + "title": "KeyValueDelimiter", + "type": "string" }, - "ThresholdsWaitTime": { - "markdownDescription": "The amount of time, in minutes, that the load must exceed a threshold before more instances are added or removed.", - "title": "ThresholdsWaitTime", - "type": "number" + "NonMatchValue": { + "markdownDescription": "A value to insert into the value field in the result, when a key-value pair is not successfully split.", + "title": "NonMatchValue", + "type": "string" + }, + "OverwriteIfExists": { + "markdownDescription": "Specifies whether to overwrite the value if the destination key already exists. If you omit this, the default is `false` .", + "title": "OverwriteIfExists", + "type": "boolean" + }, + "Source": { + "markdownDescription": "Path to the field in the log event that will be parsed. Use dot notation to access child fields. For example, `store.book`", + "title": "Source", + "type": "string" } }, "type": "object" }, - "AWS::OpsWorks::Layer.LifecycleEventConfiguration": { + "AWS::Logs::Transformer.ParsePostgres": { "additionalProperties": false, "properties": { - "ShutdownEventConfiguration": { - "$ref": "#/definitions/AWS::OpsWorks::Layer.ShutdownEventConfiguration", - "markdownDescription": "The Shutdown event configuration.", - "title": "ShutdownEventConfiguration" + "Source": { + "markdownDescription": "Omit this parameter and the whole log message will be processed by this processor. No other value than `@message` is allowed for `source` .", + "title": "Source", + "type": "string" } }, "type": "object" }, - "AWS::OpsWorks::Layer.LoadBasedAutoScaling": { + "AWS::Logs::Transformer.ParseRoute53": { "additionalProperties": false, "properties": { - "DownScaling": { - "$ref": "#/definitions/AWS::OpsWorks::Layer.AutoScalingThresholds", - "markdownDescription": "An `AutoScalingThresholds` object that describes the downscaling configuration, which defines how and when AWS OpsWorks Stacks reduces the number of instances.", - "title": "DownScaling" + "Source": { + "markdownDescription": "Omit this parameter and the whole log message will be processed by this processor. No other value than `@message` is allowed for `source` .", + "title": "Source", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Logs::Transformer.ParseToOCSF": { + "additionalProperties": false, + "properties": { + "EventSource": { + "markdownDescription": "Specify the service or process that produces the log events that will be converted with this processor.", + "title": "EventSource", + "type": "string" }, - "Enable": { - "markdownDescription": "Whether load-based auto scaling is enabled for the layer.", - "title": "Enable", + "OcsfVersion": { + "markdownDescription": "Specify which version of the OCSF schema to use for the transformed log events.", + "title": "OcsfVersion", + "type": "string" + }, + "Source": { + "markdownDescription": "The path to the field in the log event that you want to parse. If you omit this value, the whole log message is parsed.", + "title": "Source", + "type": "string" + } + }, + "required": [ + "EventSource", + "OcsfVersion" + ], + "type": "object" + }, + "AWS::Logs::Transformer.ParseVPC": { + "additionalProperties": false, + "properties": { + "Source": { + "markdownDescription": "Omit this parameter and the whole log message will be processed by this processor. No other value than `@message` is allowed for `source` .", + "title": "Source", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Logs::Transformer.ParseWAF": { + "additionalProperties": false, + "properties": { + "Source": { + "markdownDescription": "Omit this parameter and the whole log message will be processed by this processor. No other value than `@message` is allowed for `source` .", + "title": "Source", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Logs::Transformer.Processor": { + "additionalProperties": false, + "properties": { + "AddKeys": { + "$ref": "#/definitions/AWS::Logs::Transformer.AddKeys", + "markdownDescription": "Use this parameter to include the [addKeys](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-addKeys) processor in your transformer.", + "title": "AddKeys" + }, + "CopyValue": { + "$ref": "#/definitions/AWS::Logs::Transformer.CopyValue", + "markdownDescription": "Use this parameter to include the [copyValue](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-copyValue) processor in your transformer.", + "title": "CopyValue" + }, + "Csv": { + "$ref": "#/definitions/AWS::Logs::Transformer.Csv", + "markdownDescription": "Use this parameter to include the [CSV](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-CSV) processor in your transformer.", + "title": "Csv" + }, + "DateTimeConverter": { + "$ref": "#/definitions/AWS::Logs::Transformer.DateTimeConverter", + "markdownDescription": "Use this parameter to include the [datetimeConverter](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-datetimeConverter) processor in your transformer.", + "title": "DateTimeConverter" + }, + "DeleteKeys": { + "$ref": "#/definitions/AWS::Logs::Transformer.DeleteKeys", + "markdownDescription": "Use this parameter to include the [deleteKeys](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-deleteKeys) processor in your transformer.", + "title": "DeleteKeys" + }, + "Grok": { + "$ref": "#/definitions/AWS::Logs::Transformer.Grok", + "markdownDescription": "Use this parameter to include the [grok](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-grok) processor in your transformer.", + "title": "Grok" + }, + "ListToMap": { + "$ref": "#/definitions/AWS::Logs::Transformer.ListToMap", + "markdownDescription": "Use this parameter to include the [listToMap](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-listToMap) processor in your transformer.", + "title": "ListToMap" + }, + "LowerCaseString": { + "$ref": "#/definitions/AWS::Logs::Transformer.LowerCaseString", + "markdownDescription": "Use this parameter to include the [lowerCaseString](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-lowerCaseString) processor in your transformer.", + "title": "LowerCaseString" + }, + "MoveKeys": { + "$ref": "#/definitions/AWS::Logs::Transformer.MoveKeys", + "markdownDescription": "Use this parameter to include the [moveKeys](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-moveKeys) processor in your transformer.", + "title": "MoveKeys" + }, + "ParseCloudfront": { + "$ref": "#/definitions/AWS::Logs::Transformer.ParseCloudfront", + "markdownDescription": "Use this parameter to include the [parseCloudfront](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-parseCloudfront) processor in your transformer.\n\nIf you use this processor, it must be the first processor in your transformer.", + "title": "ParseCloudfront" + }, + "ParseJSON": { + "$ref": "#/definitions/AWS::Logs::Transformer.ParseJSON", + "markdownDescription": "Use this parameter to include the [parseJSON](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-parseJSON) processor in your transformer.", + "title": "ParseJSON" + }, + "ParseKeyValue": { + "$ref": "#/definitions/AWS::Logs::Transformer.ParseKeyValue", + "markdownDescription": "Use this parameter to include the [parseKeyValue](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-parseKeyValue) processor in your transformer.", + "title": "ParseKeyValue" + }, + "ParsePostgres": { + "$ref": "#/definitions/AWS::Logs::Transformer.ParsePostgres", + "markdownDescription": "Use this parameter to include the [parsePostGres](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-parsePostGres) processor in your transformer.\n\nIf you use this processor, it must be the first processor in your transformer.", + "title": "ParsePostgres" + }, + "ParseRoute53": { + "$ref": "#/definitions/AWS::Logs::Transformer.ParseRoute53", + "markdownDescription": "Use this parameter to include the [parseRoute53](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-parseRoute53) processor in your transformer.\n\nIf you use this processor, it must be the first processor in your transformer.", + "title": "ParseRoute53" + }, + "ParseToOCSF": { + "$ref": "#/definitions/AWS::Logs::Transformer.ParseToOCSF", + "markdownDescription": "Use this parameter to convert logs into Open Cybersecurity Schema (OCSF) format.", + "title": "ParseToOCSF" + }, + "ParseVPC": { + "$ref": "#/definitions/AWS::Logs::Transformer.ParseVPC", + "markdownDescription": "Use this parameter to include the [parseVPC](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-parseVPC) processor in your transformer.\n\nIf you use this processor, it must be the first processor in your transformer.", + "title": "ParseVPC" + }, + "ParseWAF": { + "$ref": "#/definitions/AWS::Logs::Transformer.ParseWAF", + "markdownDescription": "Use this parameter to include the [parseWAF](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-parseWAF) processor in your transformer.\n\nIf you use this processor, it must be the first processor in your transformer.", + "title": "ParseWAF" + }, + "RenameKeys": { + "$ref": "#/definitions/AWS::Logs::Transformer.RenameKeys", + "markdownDescription": "Use this parameter to include the [renameKeys](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-renameKeys) processor in your transformer.", + "title": "RenameKeys" + }, + "SplitString": { + "$ref": "#/definitions/AWS::Logs::Transformer.SplitString", + "markdownDescription": "Use this parameter to include the [splitString](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-splitString) processor in your transformer.", + "title": "SplitString" + }, + "SubstituteString": { + "$ref": "#/definitions/AWS::Logs::Transformer.SubstituteString", + "markdownDescription": "Use this parameter to include the [substituteString](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-substituteString) processor in your transformer.", + "title": "SubstituteString" + }, + "TrimString": { + "$ref": "#/definitions/AWS::Logs::Transformer.TrimString", + "markdownDescription": "Use this parameter to include the [trimString](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-trimString) processor in your transformer.", + "title": "TrimString" + }, + "TypeConverter": { + "$ref": "#/definitions/AWS::Logs::Transformer.TypeConverter", + "markdownDescription": "Use this parameter to include the [typeConverter](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-typeConverter) processor in your transformer.", + "title": "TypeConverter" + }, + "UpperCaseString": { + "$ref": "#/definitions/AWS::Logs::Transformer.UpperCaseString", + "markdownDescription": "Use this parameter to include the [upperCaseString](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-upperCaseString) processor in your transformer.", + "title": "UpperCaseString" + } + }, + "type": "object" + }, + "AWS::Logs::Transformer.RenameKeyEntry": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The key to rename", + "title": "Key", + "type": "string" + }, + "OverwriteIfExists": { + "markdownDescription": "Specifies whether to overwrite the existing value if the destination key already exists. The default is `false`", + "title": "OverwriteIfExists", "type": "boolean" }, - "UpScaling": { - "$ref": "#/definitions/AWS::OpsWorks::Layer.AutoScalingThresholds", - "markdownDescription": "An `AutoScalingThresholds` object that describes the upscaling configuration, which defines how and when AWS OpsWorks Stacks increases the number of instances.", - "title": "UpScaling" + "RenameTo": { + "markdownDescription": "The string to use for the new key name", + "title": "RenameTo", + "type": "string" } }, + "required": [ + "Key", + "RenameTo" + ], "type": "object" }, - "AWS::OpsWorks::Layer.Recipes": { + "AWS::Logs::Transformer.RenameKeys": { "additionalProperties": false, "properties": { - "Configure": { + "Entries": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Logs::Transformer.RenameKeyEntry" }, - "markdownDescription": "An array of custom recipe names to be run following a `configure` event.", - "title": "Configure", + "markdownDescription": "An array of `RenameKeyEntry` objects, where each object contains the information about a single key to rename.", + "title": "Entries", "type": "array" - }, - "Deploy": { + } + }, + "required": [ + "Entries" + ], + "type": "object" + }, + "AWS::Logs::Transformer.SplitString": { + "additionalProperties": false, + "properties": { + "Entries": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Logs::Transformer.SplitStringEntry" }, - "markdownDescription": "An array of custom recipe names to be run following a `deploy` event.", - "title": "Deploy", + "markdownDescription": "An array of `SplitStringEntry` objects, where each object contains the information about one field to split.", + "title": "Entries", "type": "array" + } + }, + "required": [ + "Entries" + ], + "type": "object" + }, + "AWS::Logs::Transformer.SplitStringEntry": { + "additionalProperties": false, + "properties": { + "Delimiter": { + "markdownDescription": "The separator characters to split the string entry on.", + "title": "Delimiter", + "type": "string" }, - "Setup": { + "Source": { + "markdownDescription": "The key of the field to split.", + "title": "Source", + "type": "string" + } + }, + "required": [ + "Delimiter", + "Source" + ], + "type": "object" + }, + "AWS::Logs::Transformer.SubstituteString": { + "additionalProperties": false, + "properties": { + "Entries": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Logs::Transformer.SubstituteStringEntry" }, - "markdownDescription": "An array of custom recipe names to be run following a `setup` event.", - "title": "Setup", + "markdownDescription": "An array of objects, where each object contains the information about one key to match and replace.", + "title": "Entries", "type": "array" + } + }, + "required": [ + "Entries" + ], + "type": "object" + }, + "AWS::Logs::Transformer.SubstituteStringEntry": { + "additionalProperties": false, + "properties": { + "From": { + "markdownDescription": "The regular expression string to be replaced. Special regex characters such as [ and ] must be escaped using \\\\ when using double quotes and with \\ when using single quotes. For more information, see [Class Pattern](https://docs.aws.amazon.com/https://docs.oracle.com/en/java/javase/17/docs/api/java.base/java/util/regex/Pattern.html) on the Oracle web site.", + "title": "From", + "type": "string" }, - "Shutdown": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of custom recipe names to be run following a `shutdown` event.", - "title": "Shutdown", - "type": "array" + "Source": { + "markdownDescription": "The key to modify", + "title": "Source", + "type": "string" }, - "Undeploy": { + "To": { + "markdownDescription": "The string to be substituted for each match of `from`", + "title": "To", + "type": "string" + } + }, + "required": [ + "From", + "Source", + "To" + ], + "type": "object" + }, + "AWS::Logs::Transformer.TrimString": { + "additionalProperties": false, + "properties": { + "WithKeys": { "items": { "type": "string" }, - "markdownDescription": "An array of custom recipe names to be run following a `undeploy` event.", - "title": "Undeploy", + "markdownDescription": "The array containing the keys of the fields to trim.", + "title": "WithKeys", "type": "array" } }, + "required": [ + "WithKeys" + ], "type": "object" }, - "AWS::OpsWorks::Layer.ShutdownEventConfiguration": { + "AWS::Logs::Transformer.TypeConverter": { "additionalProperties": false, "properties": { - "DelayUntilElbConnectionsDrained": { - "markdownDescription": "Whether to enable Elastic Load Balancing connection draining. For more information, see [Connection Draining](https://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/TerminologyandKeyConcepts.html#conn-drain)", - "title": "DelayUntilElbConnectionsDrained", - "type": "boolean" - }, - "ExecutionTimeout": { - "markdownDescription": "The time, in seconds, that AWS OpsWorks Stacks waits after triggering a Shutdown event before shutting down an instance.", - "title": "ExecutionTimeout", - "type": "number" + "Entries": { + "items": { + "$ref": "#/definitions/AWS::Logs::Transformer.TypeConverterEntry" + }, + "markdownDescription": "An array of `TypeConverterEntry` objects, where each object contains the information about one field to change the type of.", + "title": "Entries", + "type": "array" } }, + "required": [ + "Entries" + ], "type": "object" }, - "AWS::OpsWorks::Layer.VolumeConfiguration": { + "AWS::Logs::Transformer.TypeConverterEntry": { "additionalProperties": false, "properties": { - "Encrypted": { - "markdownDescription": "Specifies whether an Amazon EBS volume is encrypted. For more information, see [Amazon EBS Encryption](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) .", - "title": "Encrypted", - "type": "boolean" - }, - "Iops": { - "markdownDescription": "The number of I/O operations per second (IOPS) to provision for the volume. For PIOPS volumes, the IOPS per disk.\n\nIf you specify `io1` for the volume type, you must specify this property.", - "title": "Iops", - "type": "number" - }, - "MountPoint": { - "markdownDescription": "The volume mount point. For example \"/dev/sdh\".", - "title": "MountPoint", + "Key": { + "markdownDescription": "The key with the value that is to be converted to a different type.", + "title": "Key", "type": "string" }, - "NumberOfDisks": { - "markdownDescription": "The number of disks in the volume.", - "title": "NumberOfDisks", - "type": "number" - }, - "RaidLevel": { - "markdownDescription": "The volume [RAID level](https://docs.aws.amazon.com/http://en.wikipedia.org/wiki/Standard_RAID_levels) .", - "title": "RaidLevel", - "type": "number" - }, - "Size": { - "markdownDescription": "The volume size.", - "title": "Size", - "type": "number" - }, - "VolumeType": { - "markdownDescription": "The volume type. For more information, see [Amazon EBS Volume Types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) .\n\n- `standard` - Magnetic. Magnetic volumes must have a minimum size of 1 GiB and a maximum size of 1024 GiB.\n- `io1` - Provisioned IOPS (SSD). PIOPS volumes must have a minimum size of 4 GiB and a maximum size of 16384 GiB.\n- `gp2` - General Purpose (SSD). General purpose volumes must have a minimum size of 1 GiB and a maximum size of 16384 GiB.\n- `st1` - Throughput Optimized hard disk drive (HDD). Throughput optimized HDD volumes must have a minimum size of 125 GiB and a maximum size of 16384 GiB.\n- `sc1` - Cold HDD. Cold HDD volumes must have a minimum size of 125 GiB and a maximum size of 16384 GiB.", - "title": "VolumeType", + "Type": { + "markdownDescription": "The type to convert the field value to. Valid values are `integer` , `double` , `string` and `boolean` .", + "title": "Type", "type": "string" } }, + "required": [ + "Key", + "Type" + ], + "type": "object" + }, + "AWS::Logs::Transformer.UpperCaseString": { + "additionalProperties": false, + "properties": { + "WithKeys": { + "items": { + "type": "string" + }, + "markdownDescription": "The array of containing the keys of the field to convert to uppercase.", + "title": "WithKeys", + "type": "array" + } + }, + "required": [ + "WithKeys" + ], "type": "object" }, - "AWS::OpsWorks::Stack": { + "AWS::LookoutEquipment::InferenceScheduler": { "additionalProperties": false, "properties": { "Condition": { @@ -173762,160 +178978,67 @@ "Properties": { "additionalProperties": false, "properties": { - "AgentVersion": { - "markdownDescription": "The default AWS OpsWorks Stacks agent version. You have the following options:\n\n- Auto-update - Set this parameter to `LATEST` . AWS OpsWorks Stacks automatically installs new agent versions on the stack's instances as soon as they are available.\n- Fixed version - Set this parameter to your preferred agent version. To update the agent version, you must edit the stack configuration and specify a new version. AWS OpsWorks Stacks installs that version on the stack's instances.\n\nThe default setting is the most recent release of the agent. To specify an agent version, you must use the complete version number, not the abbreviated number shown on the console. For a list of available agent version numbers, call `DescribeAgentVersions` . AgentVersion cannot be set to Chef 12.2.\n\n> You can also specify an agent version when you create or update an instance, which overrides the stack's default setting.", - "title": "AgentVersion", - "type": "string" - }, - "Attributes": { - "additionalProperties": true, - "markdownDescription": "One or more user-defined key-value pairs to be added to the stack attributes.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Attributes", - "type": "object" - }, - "ChefConfiguration": { - "$ref": "#/definitions/AWS::OpsWorks::Stack.ChefConfiguration", - "markdownDescription": "A `ChefConfiguration` object that specifies whether to enable Berkshelf and the Berkshelf version on Chef 11.10 stacks. For more information, see [Create a New Stack](https://docs.aws.amazon.com/opsworks/latest/userguide/workingstacks-creating.html) .", - "title": "ChefConfiguration" - }, - "CloneAppIds": { - "items": { - "type": "string" - }, - "markdownDescription": "If you're cloning an AWS OpsWorks stack, a list of AWS OpsWorks application stack IDs from the source stack to include in the cloned stack.", - "title": "CloneAppIds", - "type": "array" - }, - "ClonePermissions": { - "markdownDescription": "If you're cloning an AWS OpsWorks stack, indicates whether to clone the source stack's permissions.", - "title": "ClonePermissions", - "type": "boolean" - }, - "ConfigurationManager": { - "$ref": "#/definitions/AWS::OpsWorks::Stack.StackConfigurationManager", - "markdownDescription": "The configuration manager. When you create a stack we recommend that you use the configuration manager to specify the Chef version: 12, 11.10, or 11.4 for Linux stacks, or 12.2 for Windows stacks. The default value for Linux stacks is currently 12.", - "title": "ConfigurationManager" - }, - "CustomCookbooksSource": { - "$ref": "#/definitions/AWS::OpsWorks::Stack.Source", - "markdownDescription": "Contains the information required to retrieve an app or cookbook from a repository. For more information, see [Adding Apps](https://docs.aws.amazon.com/opsworks/latest/userguide/workingapps-creating.html) or [Cookbooks and Recipes](https://docs.aws.amazon.com/opsworks/latest/userguide/workingcookbook.html) .", - "title": "CustomCookbooksSource" - }, - "CustomJson": { - "markdownDescription": "A string that contains user-defined, custom JSON. It can be used to override the corresponding default stack configuration attribute values or to pass data to recipes. The string should be in the following format:\n\n`\"{\\\"key1\\\": \\\"value1\\\", \\\"key2\\\": \\\"value2\\\",...}\"`\n\nFor more information about custom JSON, see [Use Custom JSON to Modify the Stack Configuration Attributes](https://docs.aws.amazon.com/opsworks/latest/userguide/workingstacks-json.html) .", - "title": "CustomJson", - "type": "object" - }, - "DefaultAvailabilityZone": { - "markdownDescription": "The stack's default Availability Zone, which must be in the specified region. For more information, see [Regions and Endpoints](https://docs.aws.amazon.com/general/latest/gr/rande.html) . If you also specify a value for `DefaultSubnetId` , the subnet must be in the same zone. For more information, see the `VpcId` parameter description.", - "title": "DefaultAvailabilityZone", - "type": "string" - }, - "DefaultInstanceProfileArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an IAM profile that is the default profile for all of the stack's EC2 instances. For more information about IAM ARNs, see [Using Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) .", - "title": "DefaultInstanceProfileArn", - "type": "string" - }, - "DefaultOs": { - "markdownDescription": "The stack's default operating system, which is installed on every instance unless you specify a different operating system when you create the instance. You can specify one of the following.\n\n- A supported Linux operating system: An Amazon Linux version, such as `Amazon Linux 2` , `Amazon Linux 2018.03` , `Amazon Linux 2017.09` , `Amazon Linux 2017.03` , `Amazon Linux 2016.09` , `Amazon Linux 2016.03` , `Amazon Linux 2015.09` , or `Amazon Linux 2015.03` .\n- A supported Ubuntu operating system, such as `Ubuntu 18.04 LTS` , `Ubuntu 16.04 LTS` , `Ubuntu 14.04 LTS` , or `Ubuntu 12.04 LTS` .\n- `CentOS Linux 7`\n- `Red Hat Enterprise Linux 7`\n- A supported Windows operating system, such as `Microsoft Windows Server 2012 R2 Base` , `Microsoft Windows Server 2012 R2 with SQL Server Express` , `Microsoft Windows Server 2012 R2 with SQL Server Standard` , or `Microsoft Windows Server 2012 R2 with SQL Server Web` .\n- A custom AMI: `Custom` . You specify the custom AMI you want to use when you create instances. For more information, see [Using Custom AMIs](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-custom-ami.html) .\n\nThe default option is the current Amazon Linux version. Not all operating systems are supported with all versions of Chef. For more information about supported operating systems, see [AWS OpsWorks Stacks Operating Systems](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-os.html) .", - "title": "DefaultOs", - "type": "string" - }, - "DefaultRootDeviceType": { - "markdownDescription": "The default root device type. This value is the default for all instances in the stack, but you can override it when you create an instance. The default option is `instance-store` . For more information, see [Storage for the Root Device](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ComponentsAMIs.html#storage-for-the-root-device) .", - "title": "DefaultRootDeviceType", - "type": "string" + "DataDelayOffsetInMinutes": { + "markdownDescription": "A period of time (in minutes) by which inference on the data is delayed after the data starts. For instance, if an offset delay time of five minutes was selected, inference will not begin on the data until the first data measurement after the five minute mark. For example, if five minutes is selected, the inference scheduler will wake up at the configured frequency with the additional five minute delay time to check the customer S3 bucket. The customer can upload data at the same frequency and they don't need to stop and restart the scheduler when uploading new data.", + "title": "DataDelayOffsetInMinutes", + "type": "number" }, - "DefaultSshKeyName": { - "markdownDescription": "A default Amazon EC2 key pair name. The default value is none. If you specify a key pair name, AWS OpsWorks installs the public key on the instance and you can use the private key with an SSH client to log in to the instance. For more information, see [Using SSH to Communicate with an Instance](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-ssh.html) and [Managing SSH Access](https://docs.aws.amazon.com/opsworks/latest/userguide/security-ssh-access.html) . You can override this setting by specifying a different key pair, or no key pair, when you [create an instance](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-add.html) .", - "title": "DefaultSshKeyName", - "type": "string" + "DataInputConfiguration": { + "$ref": "#/definitions/AWS::LookoutEquipment::InferenceScheduler.DataInputConfiguration", + "markdownDescription": "Specifies configuration information for the input data for the inference scheduler, including delimiter, format, and dataset location.", + "title": "DataInputConfiguration" }, - "DefaultSubnetId": { - "markdownDescription": "The stack's default subnet ID. All instances are launched into this subnet unless you specify another subnet ID when you create the instance. This parameter is required if you specify a value for the `VpcId` parameter. If you also specify a value for `DefaultAvailabilityZone` , the subnet must be in that zone.", - "title": "DefaultSubnetId", - "type": "string" + "DataOutputConfiguration": { + "$ref": "#/definitions/AWS::LookoutEquipment::InferenceScheduler.DataOutputConfiguration", + "markdownDescription": "Specifies configuration information for the output results for the inference scheduler, including the Amazon S3 location for the output.", + "title": "DataOutputConfiguration" }, - "EcsClusterArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Elastic Container Service ( Amazon ECS ) cluster to register with the AWS OpsWorks stack.\n\n> If you specify a cluster that's registered with another AWS OpsWorks stack, AWS CloudFormation deregisters the existing association before registering the cluster.", - "title": "EcsClusterArn", + "DataUploadFrequency": { + "markdownDescription": "How often data is uploaded to the source S3 bucket for the input data. This value is the length of time between data uploads. For instance, if you select 5 minutes, Amazon Lookout for Equipment will upload the real-time data to the source bucket once every 5 minutes. This frequency also determines how often Amazon Lookout for Equipment starts a scheduled inference on your data. In this example, it starts once every 5 minutes.", + "title": "DataUploadFrequency", "type": "string" }, - "ElasticIps": { - "items": { - "$ref": "#/definitions/AWS::OpsWorks::Stack.ElasticIp" - }, - "markdownDescription": "A list of Elastic IP addresses to register with the AWS OpsWorks stack.\n\n> If you specify an IP address that's registered with another AWS OpsWorks stack, AWS CloudFormation deregisters the existing association before registering the IP address.", - "title": "ElasticIps", - "type": "array" - }, - "HostnameTheme": { - "markdownDescription": "The stack's host name theme, with spaces replaced by underscores. The theme is used to generate host names for the stack's instances. By default, `HostnameTheme` is set to `Layer_Dependent` , which creates host names by appending integers to the layer's short name. The other themes are:\n\n- `Baked_Goods`\n- `Clouds`\n- `Europe_Cities`\n- `Fruits`\n- `Greek_Deities_and_Titans`\n- `Legendary_creatures_from_Japan`\n- `Planets_and_Moons`\n- `Roman_Deities`\n- `Scottish_Islands`\n- `US_Cities`\n- `Wild_Cats`\n\nTo obtain a generated host name, call `GetHostNameSuggestion` , which returns a host name based on the current theme.", - "title": "HostnameTheme", + "InferenceSchedulerName": { + "markdownDescription": "The name of the inference scheduler.", + "title": "InferenceSchedulerName", "type": "string" }, - "Name": { - "markdownDescription": "The stack name. Stack names can be a maximum of 64 characters.", - "title": "Name", + "ModelName": { + "markdownDescription": "The name of the machine learning model used for the inference scheduler.", + "title": "ModelName", "type": "string" }, - "RdsDbInstances": { - "items": { - "$ref": "#/definitions/AWS::OpsWorks::Stack.RdsDbInstance" - }, - "markdownDescription": "The Amazon Relational Database Service ( Amazon RDS ) database instance to register with the AWS OpsWorks stack.\n\n> If you specify a database instance that's registered with another AWS OpsWorks stack, AWS CloudFormation deregisters the existing association before registering the database instance.", - "title": "RdsDbInstances", - "type": "array" - }, - "ServiceRoleArn": { - "markdownDescription": "The stack's IAM role, which allows AWS OpsWorks Stacks to work with AWS resources on your behalf. You must set this parameter to the Amazon Resource Name (ARN) for an existing IAM role. For more information about IAM ARNs, see [Using Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) .", - "title": "ServiceRoleArn", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of a role with permission to access the data source being used for the inference.", + "title": "RoleArn", "type": "string" }, - "SourceStackId": { - "markdownDescription": "If you're cloning an AWS OpsWorks stack, the stack ID of the source AWS OpsWorks stack to clone.", - "title": "SourceStackId", + "ServerSideKmsKeyId": { + "markdownDescription": "Provides the identifier of the AWS KMS key used to encrypt inference scheduler data by Amazon Lookout for Equipment .", + "title": "ServerSideKmsKeyId", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A map that contains tag keys and tag values that are attached to a stack or layer.\n\n- The key cannot be empty.\n- The key can be a maximum of 127 characters, and can contain only Unicode letters, numbers, or separators, or the following special characters: `+ - = . _ : /`\n- The value can be a maximum 255 characters, and contain only Unicode letters, numbers, or separators, or the following special characters: `+ - = . _ : /`\n- Leading and trailing white spaces are trimmed from both the key and value.\n- A maximum of 40 tags is allowed for any resource.", + "markdownDescription": "Any tags associated with the inference scheduler.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" - }, - "UseCustomCookbooks": { - "markdownDescription": "Whether the stack uses custom cookbooks.", - "title": "UseCustomCookbooks", - "type": "boolean" - }, - "UseOpsworksSecurityGroups": { - "markdownDescription": "Whether to associate the AWS OpsWorks Stacks built-in security groups with the stack's layers.\n\nAWS OpsWorks Stacks provides a standard set of built-in security groups, one for each layer, which are associated with layers by default. With `UseOpsworksSecurityGroups` you can instead provide your own custom security groups. `UseOpsworksSecurityGroups` has the following settings:\n\n- True - AWS OpsWorks Stacks automatically associates the appropriate built-in security group with each layer (default setting). You can associate additional security groups with a layer after you create it, but you cannot delete the built-in security group.\n- False - AWS OpsWorks Stacks does not associate built-in security groups with layers. You must create appropriate EC2 security groups and associate a security group with each layer that you create. However, you can still manually associate a built-in security group with a layer on creation; custom security groups are required only for those layers that need custom settings.\n\nFor more information, see [Create a New Stack](https://docs.aws.amazon.com/opsworks/latest/userguide/workingstacks-creating.html) .", - "title": "UseOpsworksSecurityGroups", - "type": "boolean" - }, - "VpcId": { - "markdownDescription": "The ID of the VPC that the stack is to be launched into. The VPC must be in the stack's region. All instances are launched into this VPC. You cannot change the ID later.\n\n- If your account supports EC2-Classic, the default value is `no VPC` .\n- If your account does not support EC2-Classic, the default value is the default VPC for the specified region.\n\nIf the VPC ID corresponds to a default VPC and you have specified either the `DefaultAvailabilityZone` or the `DefaultSubnetId` parameter only, AWS OpsWorks Stacks infers the value of the other parameter. If you specify neither parameter, AWS OpsWorks Stacks sets these parameters to the first valid Availability Zone for the specified region and the corresponding default VPC subnet ID, respectively.\n\nIf you specify a nondefault VPC ID, note the following:\n\n- It must belong to a VPC in your account that is in the specified region.\n- You must specify a value for `DefaultSubnetId` .\n\nFor more information about how to use AWS OpsWorks Stacks with a VPC, see [Running a Stack in a VPC](https://docs.aws.amazon.com/opsworks/latest/userguide/workingstacks-vpc.html) . For more information about default VPC and EC2-Classic, see [Supported Platforms](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-supported-platforms.html) .", - "title": "VpcId", - "type": "string" } }, "required": [ - "DefaultInstanceProfileArn", - "Name", - "ServiceRoleArn" + "DataInputConfiguration", + "DataOutputConfiguration", + "DataUploadFrequency", + "ModelName", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::OpsWorks::Stack" + "AWS::LookoutEquipment::InferenceScheduler" ], "type": "string" }, @@ -173934,120 +179057,104 @@ ], "type": "object" }, - "AWS::OpsWorks::Stack.ChefConfiguration": { + "AWS::LookoutEquipment::InferenceScheduler.DataInputConfiguration": { "additionalProperties": false, "properties": { - "BerkshelfVersion": { - "markdownDescription": "The Berkshelf version.", - "title": "BerkshelfVersion", + "InferenceInputNameConfiguration": { + "$ref": "#/definitions/AWS::LookoutEquipment::InferenceScheduler.InputNameConfiguration", + "markdownDescription": "", + "title": "InferenceInputNameConfiguration" + }, + "InputTimeZoneOffset": { + "markdownDescription": "", + "title": "InputTimeZoneOffset", "type": "string" }, - "ManageBerkshelf": { - "markdownDescription": "Whether to enable Berkshelf.", - "title": "ManageBerkshelf", - "type": "boolean" + "S3InputConfiguration": { + "$ref": "#/definitions/AWS::LookoutEquipment::InferenceScheduler.S3InputConfiguration", + "markdownDescription": "", + "title": "S3InputConfiguration" } }, + "required": [ + "S3InputConfiguration" + ], "type": "object" }, - "AWS::OpsWorks::Stack.ElasticIp": { + "AWS::LookoutEquipment::InferenceScheduler.DataOutputConfiguration": { "additionalProperties": false, "properties": { - "Ip": { - "markdownDescription": "The IP address.", - "title": "Ip", + "KmsKeyId": { + "markdownDescription": "", + "title": "KmsKeyId", "type": "string" }, - "Name": { - "markdownDescription": "The name, which can be a maximum of 32 characters.", - "title": "Name", - "type": "string" + "S3OutputConfiguration": { + "$ref": "#/definitions/AWS::LookoutEquipment::InferenceScheduler.S3OutputConfiguration", + "markdownDescription": "", + "title": "S3OutputConfiguration" } }, "required": [ - "Ip" + "S3OutputConfiguration" ], "type": "object" }, - "AWS::OpsWorks::Stack.RdsDbInstance": { + "AWS::LookoutEquipment::InferenceScheduler.InputNameConfiguration": { "additionalProperties": false, "properties": { - "DbPassword": { - "markdownDescription": "AWS OpsWorks Stacks returns `*****FILTERED*****` instead of the actual value.", - "title": "DbPassword", + "ComponentTimestampDelimiter": { + "markdownDescription": "", + "title": "ComponentTimestampDelimiter", "type": "string" }, - "DbUser": { - "markdownDescription": "The master user name.", - "title": "DbUser", + "TimestampFormat": { + "markdownDescription": "", + "title": "TimestampFormat", + "type": "string" + } + }, + "type": "object" + }, + "AWS::LookoutEquipment::InferenceScheduler.S3InputConfiguration": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "", + "title": "Bucket", "type": "string" }, - "RdsDbInstanceArn": { - "markdownDescription": "The instance's ARN.", - "title": "RdsDbInstanceArn", + "Prefix": { + "markdownDescription": "", + "title": "Prefix", "type": "string" } }, "required": [ - "DbPassword", - "DbUser", - "RdsDbInstanceArn" + "Bucket" ], "type": "object" }, - "AWS::OpsWorks::Stack.Source": { + "AWS::LookoutEquipment::InferenceScheduler.S3OutputConfiguration": { "additionalProperties": false, "properties": { - "Password": { - "markdownDescription": "When included in a request, the parameter depends on the repository type.\n\n- For Amazon S3 bundles, set `Password` to the appropriate IAM secret access key.\n- For HTTP bundles and Subversion repositories, set `Password` to the password.\n\nFor more information on how to safely handle IAM credentials, see [](https://docs.aws.amazon.com/general/latest/gr/aws-access-keys-best-practices.html) .\n\nIn responses, AWS OpsWorks Stacks returns `*****FILTERED*****` instead of the actual value.", - "title": "Password", - "type": "string" - }, - "Revision": { - "markdownDescription": "The application's version. AWS OpsWorks Stacks enables you to easily deploy new versions of an application. One of the simplest approaches is to have branches or revisions in your repository that represent different versions that can potentially be deployed.", - "title": "Revision", - "type": "string" - }, - "SshKey": { - "markdownDescription": "The repository's SSH key. For more information, see [Using Git Repository SSH Keys](https://docs.aws.amazon.com/opsworks/latest/userguide/workingapps-deploykeys.html) in the *AWS OpsWorks User Guide* . To pass in an SSH key as a parameter, see the following example:\n\n`\"Parameters\" : { \"GitSSHKey\" : { \"Description\" : \"Change SSH key newlines to commas.\", \"Type\" : \"CommaDelimitedList\", \"NoEcho\" : \"true\" }, ... \"CustomCookbooksSource\": { \"Revision\" : { \"Ref\": \"GitRevision\"}, \"SshKey\" : { \"Fn::Join\" : [ \"\\n\", { \"Ref\": \"GitSSHKey\"} ] }, \"Type\": \"git\", \"Url\": { \"Ref\": \"GitURL\"} } ...`", - "title": "SshKey", - "type": "string" - }, - "Type": { - "markdownDescription": "The repository type.", - "title": "Type", - "type": "string" - }, - "Url": { - "markdownDescription": "The source URL. The following is an example of an Amazon S3 source URL: `https://s3.amazonaws.com/opsworks-demo-bucket/opsworks_cookbook_demo.tar.gz` .", - "title": "Url", - "type": "string" - }, - "Username": { - "markdownDescription": "This parameter depends on the repository type.\n\n- For Amazon S3 bundles, set `Username` to the appropriate IAM access key ID.\n- For HTTP bundles, Git repositories, and Subversion repositories, set `Username` to the user name.", - "title": "Username", - "type": "string" - } - }, - "type": "object" - }, - "AWS::OpsWorks::Stack.StackConfigurationManager": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name. This parameter must be set to `Chef` .", - "title": "Name", + "Bucket": { + "markdownDescription": "", + "title": "Bucket", "type": "string" }, - "Version": { - "markdownDescription": "The Chef version. This parameter must be set to 12, 11.10, or 11.4 for Linux stacks, and to 12.2 for Windows stacks. The default value for Linux stacks is 12.", - "title": "Version", + "Prefix": { + "markdownDescription": "", + "title": "Prefix", "type": "string" } }, + "required": [ + "Bucket" + ], "type": "object" }, - "AWS::OpsWorks::UserProfile": { + "AWS::LookoutMetrics::Alert": { "additionalProperties": false, "properties": { "Condition": { @@ -174082,35 +179189,42 @@ "Properties": { "additionalProperties": false, "properties": { - "AllowSelfManagement": { - "markdownDescription": "Whether users can specify their own SSH public key through the My Settings page. For more information, see [Managing User Permissions](https://docs.aws.amazon.com/opsworks/latest/userguide/security-settingsshkey.html) .", - "title": "AllowSelfManagement", - "type": "boolean" + "Action": { + "$ref": "#/definitions/AWS::LookoutMetrics::Alert.Action", + "markdownDescription": "Action that will be triggered when there is an alert.", + "title": "Action" }, - "IamUserArn": { - "markdownDescription": "The user's IAM ARN.", - "title": "IamUserArn", + "AlertDescription": { + "markdownDescription": "A description of the alert.", + "title": "AlertDescription", "type": "string" }, - "SshPublicKey": { - "markdownDescription": "The user's SSH public key.", - "title": "SshPublicKey", + "AlertName": { + "markdownDescription": "The name of the alert.", + "title": "AlertName", "type": "string" }, - "SshUsername": { - "markdownDescription": "The user's SSH user name.", - "title": "SshUsername", + "AlertSensitivityThreshold": { + "markdownDescription": "An integer from 0 to 100 specifying the alert sensitivity threshold.", + "title": "AlertSensitivityThreshold", + "type": "number" + }, + "AnomalyDetectorArn": { + "markdownDescription": "The ARN of the detector to which the alert is attached.", + "title": "AnomalyDetectorArn", "type": "string" } }, "required": [ - "IamUserArn" + "Action", + "AlertSensitivityThreshold", + "AnomalyDetectorArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::OpsWorks::UserProfile" + "AWS::LookoutMetrics::Alert" ], "type": "string" }, @@ -174129,7 +179243,63 @@ ], "type": "object" }, - "AWS::OpsWorks::Volume": { + "AWS::LookoutMetrics::Alert.Action": { + "additionalProperties": false, + "properties": { + "LambdaConfiguration": { + "$ref": "#/definitions/AWS::LookoutMetrics::Alert.LambdaConfiguration", + "markdownDescription": "A configuration for an AWS Lambda channel.", + "title": "LambdaConfiguration" + }, + "SNSConfiguration": { + "$ref": "#/definitions/AWS::LookoutMetrics::Alert.SNSConfiguration", + "markdownDescription": "A configuration for an Amazon SNS channel.", + "title": "SNSConfiguration" + } + }, + "type": "object" + }, + "AWS::LookoutMetrics::Alert.LambdaConfiguration": { + "additionalProperties": false, + "properties": { + "LambdaArn": { + "markdownDescription": "The ARN of the Lambda function.", + "title": "LambdaArn", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of an IAM role that has permission to invoke the Lambda function.", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "LambdaArn", + "RoleArn" + ], + "type": "object" + }, + "AWS::LookoutMetrics::Alert.SNSConfiguration": { + "additionalProperties": false, + "properties": { + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that has access to the target SNS topic.", + "title": "RoleArn", + "type": "string" + }, + "SnsTopicArn": { + "markdownDescription": "The ARN of the target SNS topic.", + "title": "SnsTopicArn", + "type": "string" + } + }, + "required": [ + "RoleArn", + "SnsTopicArn" + ], + "type": "object" + }, + "AWS::LookoutMetrics::AnomalyDetector": { "additionalProperties": false, "properties": { "Condition": { @@ -174164,36 +179334,44 @@ "Properties": { "additionalProperties": false, "properties": { - "Ec2VolumeId": { - "markdownDescription": "The Amazon EC2 volume ID.", - "title": "Ec2VolumeId", - "type": "string" + "AnomalyDetectorConfig": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.AnomalyDetectorConfig", + "markdownDescription": "Contains information about the configuration of the anomaly detector.", + "title": "AnomalyDetectorConfig" }, - "MountPoint": { - "markdownDescription": "The volume mount point. For example, \"/mnt/disk1\".", - "title": "MountPoint", + "AnomalyDetectorDescription": { + "markdownDescription": "A description of the detector.", + "title": "AnomalyDetectorDescription", "type": "string" }, - "Name": { - "markdownDescription": "The volume name. Volume names are a maximum of 128 characters.", - "title": "Name", + "AnomalyDetectorName": { + "markdownDescription": "The name of the detector.", + "title": "AnomalyDetectorName", "type": "string" }, - "StackId": { - "markdownDescription": "The stack ID.", - "title": "StackId", + "KmsKeyArn": { + "markdownDescription": "The ARN of the KMS key to use to encrypt your data.", + "title": "KmsKeyArn", "type": "string" + }, + "MetricSetList": { + "items": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.MetricSet" + }, + "markdownDescription": "The detector's dataset.", + "title": "MetricSetList", + "type": "array" } }, "required": [ - "Ec2VolumeId", - "StackId" + "AnomalyDetectorConfig", + "MetricSetList" ], "type": "object" }, "Type": { "enum": [ - "AWS::OpsWorks::Volume" + "AWS::LookoutMetrics::AnomalyDetector" ], "type": "string" }, @@ -174212,7 +179390,434 @@ ], "type": "object" }, - "AWS::OpsWorksCM::Server": { + "AWS::LookoutMetrics::AnomalyDetector.AnomalyDetectorConfig": { + "additionalProperties": false, + "properties": { + "AnomalyDetectorFrequency": { + "markdownDescription": "The frequency at which the detector analyzes its source data.", + "title": "AnomalyDetectorFrequency", + "type": "string" + } + }, + "required": [ + "AnomalyDetectorFrequency" + ], + "type": "object" + }, + "AWS::LookoutMetrics::AnomalyDetector.AppFlowConfig": { + "additionalProperties": false, + "properties": { + "FlowName": { + "markdownDescription": "name of the flow.", + "title": "FlowName", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "An IAM role that gives Amazon Lookout for Metrics permission to access the flow.", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "FlowName", + "RoleArn" + ], + "type": "object" + }, + "AWS::LookoutMetrics::AnomalyDetector.CloudwatchConfig": { + "additionalProperties": false, + "properties": { + "RoleArn": { + "markdownDescription": "An IAM role that gives Amazon Lookout for Metrics permission to access data in Amazon CloudWatch.", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "RoleArn" + ], + "type": "object" + }, + "AWS::LookoutMetrics::AnomalyDetector.CsvFormatDescriptor": { + "additionalProperties": false, + "properties": { + "Charset": { + "markdownDescription": "The character set in which the source CSV file is written.", + "title": "Charset", + "type": "string" + }, + "ContainsHeader": { + "markdownDescription": "Whether or not the source CSV file contains a header.", + "title": "ContainsHeader", + "type": "boolean" + }, + "Delimiter": { + "markdownDescription": "The character used to delimit the source CSV file.", + "title": "Delimiter", + "type": "string" + }, + "FileCompression": { + "markdownDescription": "The level of compression of the source CSV file.", + "title": "FileCompression", + "type": "string" + }, + "HeaderList": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the source CSV file's headers, if any.", + "title": "HeaderList", + "type": "array" + }, + "QuoteSymbol": { + "markdownDescription": "The character used as a quote character.", + "title": "QuoteSymbol", + "type": "string" + } + }, + "type": "object" + }, + "AWS::LookoutMetrics::AnomalyDetector.FileFormatDescriptor": { + "additionalProperties": false, + "properties": { + "CsvFormatDescriptor": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.CsvFormatDescriptor", + "markdownDescription": "Contains information about how a source CSV data file should be analyzed.", + "title": "CsvFormatDescriptor" + }, + "JsonFormatDescriptor": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.JsonFormatDescriptor", + "markdownDescription": "Contains information about how a source JSON data file should be analyzed.", + "title": "JsonFormatDescriptor" + } + }, + "type": "object" + }, + "AWS::LookoutMetrics::AnomalyDetector.JsonFormatDescriptor": { + "additionalProperties": false, + "properties": { + "Charset": { + "markdownDescription": "The character set in which the source JSON file is written.", + "title": "Charset", + "type": "string" + }, + "FileCompression": { + "markdownDescription": "The level of compression of the source CSV file.", + "title": "FileCompression", + "type": "string" + } + }, + "type": "object" + }, + "AWS::LookoutMetrics::AnomalyDetector.Metric": { + "additionalProperties": false, + "properties": { + "AggregationFunction": { + "markdownDescription": "The function with which the metric is calculated.", + "title": "AggregationFunction", + "type": "string" + }, + "MetricName": { + "markdownDescription": "The name of the metric.", + "title": "MetricName", + "type": "string" + }, + "Namespace": { + "markdownDescription": "The namespace for the metric.", + "title": "Namespace", + "type": "string" + } + }, + "required": [ + "AggregationFunction", + "MetricName" + ], + "type": "object" + }, + "AWS::LookoutMetrics::AnomalyDetector.MetricSet": { + "additionalProperties": false, + "properties": { + "DimensionList": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the fields you want to treat as dimensions.", + "title": "DimensionList", + "type": "array" + }, + "MetricList": { + "items": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.Metric" + }, + "markdownDescription": "A list of metrics that the dataset will contain.", + "title": "MetricList", + "type": "array" + }, + "MetricSetDescription": { + "markdownDescription": "A description of the dataset you are creating.", + "title": "MetricSetDescription", + "type": "string" + }, + "MetricSetFrequency": { + "markdownDescription": "The frequency with which the source data will be analyzed for anomalies.", + "title": "MetricSetFrequency", + "type": "string" + }, + "MetricSetName": { + "markdownDescription": "The name of the dataset.", + "title": "MetricSetName", + "type": "string" + }, + "MetricSource": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.MetricSource", + "markdownDescription": "Contains information about how the source data should be interpreted.", + "title": "MetricSource" + }, + "Offset": { + "markdownDescription": "After an interval ends, the amount of seconds that the detector waits before importing data. Offset is only supported for S3, Redshift, Athena and datasources.", + "title": "Offset", + "type": "number" + }, + "TimestampColumn": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.TimestampColumn", + "markdownDescription": "Contains information about the column used for tracking time in your source data.", + "title": "TimestampColumn" + }, + "Timezone": { + "markdownDescription": "The time zone in which your source data was recorded.", + "title": "Timezone", + "type": "string" + } + }, + "required": [ + "MetricList", + "MetricSetName", + "MetricSource" + ], + "type": "object" + }, + "AWS::LookoutMetrics::AnomalyDetector.MetricSource": { + "additionalProperties": false, + "properties": { + "AppFlowConfig": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.AppFlowConfig", + "markdownDescription": "Details about an AppFlow datasource.", + "title": "AppFlowConfig" + }, + "CloudwatchConfig": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.CloudwatchConfig", + "markdownDescription": "Details about an Amazon CloudWatch monitoring datasource.", + "title": "CloudwatchConfig" + }, + "RDSSourceConfig": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.RDSSourceConfig", + "markdownDescription": "Details about an Amazon Relational Database Service (RDS) datasource.", + "title": "RDSSourceConfig" + }, + "RedshiftSourceConfig": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.RedshiftSourceConfig", + "markdownDescription": "Details about an Amazon Redshift database datasource.", + "title": "RedshiftSourceConfig" + }, + "S3SourceConfig": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.S3SourceConfig", + "markdownDescription": "Contains information about the configuration of the S3 bucket that contains source files.", + "title": "S3SourceConfig" + } + }, + "type": "object" + }, + "AWS::LookoutMetrics::AnomalyDetector.RDSSourceConfig": { + "additionalProperties": false, + "properties": { + "DBInstanceIdentifier": { + "markdownDescription": "A string identifying the database instance.", + "title": "DBInstanceIdentifier", + "type": "string" + }, + "DatabaseHost": { + "markdownDescription": "The host name of the database.", + "title": "DatabaseHost", + "type": "string" + }, + "DatabaseName": { + "markdownDescription": "The name of the RDS database.", + "title": "DatabaseName", + "type": "string" + }, + "DatabasePort": { + "markdownDescription": "The port number where the database can be accessed.", + "title": "DatabasePort", + "type": "number" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role.", + "title": "RoleArn", + "type": "string" + }, + "SecretManagerArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Secrets Manager role.", + "title": "SecretManagerArn", + "type": "string" + }, + "TableName": { + "markdownDescription": "The name of the table in the database.", + "title": "TableName", + "type": "string" + }, + "VpcConfiguration": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.VpcConfiguration", + "markdownDescription": "An object containing information about the Amazon Virtual Private Cloud (VPC) configuration.", + "title": "VpcConfiguration" + } + }, + "required": [ + "DBInstanceIdentifier", + "DatabaseHost", + "DatabaseName", + "DatabasePort", + "RoleArn", + "SecretManagerArn", + "TableName", + "VpcConfiguration" + ], + "type": "object" + }, + "AWS::LookoutMetrics::AnomalyDetector.RedshiftSourceConfig": { + "additionalProperties": false, + "properties": { + "ClusterIdentifier": { + "markdownDescription": "A string identifying the Redshift cluster.", + "title": "ClusterIdentifier", + "type": "string" + }, + "DatabaseHost": { + "markdownDescription": "The name of the database host.", + "title": "DatabaseHost", + "type": "string" + }, + "DatabaseName": { + "markdownDescription": "The Redshift database name.", + "title": "DatabaseName", + "type": "string" + }, + "DatabasePort": { + "markdownDescription": "The port number where the database can be accessed.", + "title": "DatabasePort", + "type": "number" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role providing access to the database.", + "title": "RoleArn", + "type": "string" + }, + "SecretManagerArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Secrets Manager role.", + "title": "SecretManagerArn", + "type": "string" + }, + "TableName": { + "markdownDescription": "The table name of the Redshift database.", + "title": "TableName", + "type": "string" + }, + "VpcConfiguration": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.VpcConfiguration", + "markdownDescription": "Contains information about the Amazon Virtual Private Cloud (VPC) configuration.", + "title": "VpcConfiguration" + } + }, + "required": [ + "ClusterIdentifier", + "DatabaseHost", + "DatabaseName", + "DatabasePort", + "RoleArn", + "SecretManagerArn", + "TableName", + "VpcConfiguration" + ], + "type": "object" + }, + "AWS::LookoutMetrics::AnomalyDetector.S3SourceConfig": { + "additionalProperties": false, + "properties": { + "FileFormatDescriptor": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.FileFormatDescriptor", + "markdownDescription": "Contains information about a source file's formatting.", + "title": "FileFormatDescriptor" + }, + "HistoricalDataPathList": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of paths to the historical data files.", + "title": "HistoricalDataPathList", + "type": "array" + }, + "RoleArn": { + "markdownDescription": "The ARN of an IAM role that has read and write access permissions to the source S3 bucket.", + "title": "RoleArn", + "type": "string" + }, + "TemplatedPathList": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of templated paths to the source files.", + "title": "TemplatedPathList", + "type": "array" + } + }, + "required": [ + "FileFormatDescriptor", + "RoleArn" + ], + "type": "object" + }, + "AWS::LookoutMetrics::AnomalyDetector.TimestampColumn": { + "additionalProperties": false, + "properties": { + "ColumnFormat": { + "markdownDescription": "The format of the timestamp column.", + "title": "ColumnFormat", + "type": "string" + }, + "ColumnName": { + "markdownDescription": "The name of the timestamp column.", + "title": "ColumnName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::LookoutMetrics::AnomalyDetector.VpcConfiguration": { + "additionalProperties": false, + "properties": { + "SecurityGroupIdList": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of strings containing the list of security groups.", + "title": "SecurityGroupIdList", + "type": "array" + }, + "SubnetIdList": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of strings containing the Amazon VPC subnet IDs (e.g., `subnet-0bb1c79de3EXAMPLE` .", + "title": "SubnetIdList", + "type": "array" + } + }, + "required": [ + "SecurityGroupIdList", + "SubnetIdList" + ], + "type": "object" + }, + "AWS::LookoutVision::Project": { "additionalProperties": false, "properties": { "Condition": { @@ -174247,129 +179852,20 @@ "Properties": { "additionalProperties": false, "properties": { - "AssociatePublicIpAddress": { - "markdownDescription": "Associate a public IP address with a server that you are launching. Valid values are `true` or `false` . The default value is `true` .", - "title": "AssociatePublicIpAddress", - "type": "boolean" - }, - "BackupId": { - "markdownDescription": "If you specify this field, AWS OpsWorks CM creates the server by using the backup represented by BackupId.", - "title": "BackupId", - "type": "string" - }, - "BackupRetentionCount": { - "markdownDescription": "The number of automated backups that you want to keep. Whenever a new backup is created, AWS OpsWorks CM deletes the oldest backups if this number is exceeded. The default value is `1` .", - "title": "BackupRetentionCount", - "type": "number" - }, - "CustomCertificate": { - "markdownDescription": "Supported on servers running Chef Automate 2.0 only. A PEM-formatted HTTPS certificate. The value can be be a single, self-signed certificate, or a certificate chain. If you specify a custom certificate, you must also specify values for `CustomDomain` and `CustomPrivateKey` . The following are requirements for the `CustomCertificate` value:\n\n- You can provide either a self-signed, custom certificate, or the full certificate chain.\n- The certificate must be a valid X509 certificate, or a certificate chain in PEM format.\n- The certificate must be valid at the time of upload. A certificate can't be used before its validity period begins (the certificate's `NotBefore` date), or after it expires (the certificate's `NotAfter` date).\n- The certificate\u2019s common name or subject alternative names (SANs), if present, must match the value of `CustomDomain` .\n- The certificate must match the value of `CustomPrivateKey` .", - "title": "CustomCertificate", - "type": "string" - }, - "CustomDomain": { - "markdownDescription": "Supported on servers running Chef Automate 2.0 only. An optional public endpoint of a server, such as `https://aws.my-company.com` . To access the server, create a CNAME DNS record in your preferred DNS service that points the custom domain to the endpoint that is generated when the server is created (the value of the CreateServer Endpoint attribute). You cannot access the server by using the generated `Endpoint` value if the server is using a custom domain. If you specify a custom domain, you must also specify values for `CustomCertificate` and `CustomPrivateKey` .", - "title": "CustomDomain", - "type": "string" - }, - "CustomPrivateKey": { - "markdownDescription": "Supported on servers running Chef Automate 2.0 only. A private key in PEM format for connecting to the server by using HTTPS. The private key must not be encrypted; it cannot be protected by a password or passphrase. If you specify a custom private key, you must also specify values for `CustomDomain` and `CustomCertificate` .", - "title": "CustomPrivateKey", - "type": "string" - }, - "DisableAutomatedBackup": { - "markdownDescription": "Enable or disable scheduled backups. Valid values are `true` or `false` . The default value is `true` .", - "title": "DisableAutomatedBackup", - "type": "boolean" - }, - "Engine": { - "markdownDescription": "The configuration management engine to use. Valid values include `ChefAutomate` and `Puppet` .", - "title": "Engine", - "type": "string" - }, - "EngineAttributes": { - "items": { - "$ref": "#/definitions/AWS::OpsWorksCM::Server.EngineAttribute" - }, - "markdownDescription": "Optional engine attributes on a specified server.\n\n**Attributes accepted in a Chef createServer request:** - `CHEF_AUTOMATE_PIVOTAL_KEY` : A base64-encoded RSA public key. The corresponding private key is required to access the Chef API. When no CHEF_AUTOMATE_PIVOTAL_KEY is set, a private key is generated and returned in the response. When you are specifying the value of CHEF_AUTOMATE_PIVOTAL_KEY as a parameter in the AWS CloudFormation console, you must add newline ( `\\n` ) characters at the end of each line of the pivotal key value.\n- `CHEF_AUTOMATE_ADMIN_PASSWORD` : The password for the administrative user in the Chef Automate web-based dashboard. The password length is a minimum of eight characters, and a maximum of 32. The password can contain letters, numbers, and special characters (!/@#$%^&+=_). The password must contain at least one lower case letter, one upper case letter, one number, and one special character. When no CHEF_AUTOMATE_ADMIN_PASSWORD is set, one is generated and returned in the response.\n\n**Attributes accepted in a Puppet createServer request:** - `PUPPET_ADMIN_PASSWORD` : To work with the Puppet Enterprise console, a password must use ASCII characters.\n- `PUPPET_R10K_REMOTE` : The r10k remote is the URL of your control repository (for example, ssh://git@your.git-repo.com:user/control-repo.git). Specifying an r10k remote opens TCP port 8170.\n- `PUPPET_R10K_PRIVATE_KEY` : If you are using a private Git repository, add PUPPET_R10K_PRIVATE_KEY to specify a PEM-encoded private SSH key.", - "title": "EngineAttributes", - "type": "array" - }, - "EngineModel": { - "markdownDescription": "The engine model of the server. Valid values in this release include `Monolithic` for Puppet and `Single` for Chef.", - "title": "EngineModel", - "type": "string" - }, - "EngineVersion": { - "markdownDescription": "The major release version of the engine that you want to use. For a Chef server, the valid value for EngineVersion is currently `2` . For a Puppet server, valid values are `2019` or `2017` .", - "title": "EngineVersion", - "type": "string" - }, - "InstanceProfileArn": { - "markdownDescription": "The ARN of the instance profile that your Amazon EC2 instances use.", - "title": "InstanceProfileArn", - "type": "string" - }, - "InstanceType": { - "markdownDescription": "The Amazon EC2 instance type to use. For example, `m5.large` .", - "title": "InstanceType", - "type": "string" - }, - "KeyPair": { - "markdownDescription": "The Amazon EC2 key pair to set for the instance. This parameter is optional; if desired, you may specify this parameter to connect to your instances by using SSH.", - "title": "KeyPair", - "type": "string" - }, - "PreferredBackupWindow": { - "markdownDescription": "The start time for a one-hour period during which AWS OpsWorks CM backs up application-level data on your server if automated backups are enabled. Valid values must be specified in one of the following formats:\n\n- `HH:MM` for daily backups\n- `DDD:HH:MM` for weekly backups\n\n`MM` must be specified as `00` . The specified time is in coordinated universal time (UTC). The default value is a random, daily start time.\n\n*Example:* `08:00` , which represents a daily start time of 08:00 UTC.\n\n*Example:* `Mon:08:00` , which represents a start time of every Monday at 08:00 UTC. (8:00 a.m.)", - "title": "PreferredBackupWindow", - "type": "string" - }, - "PreferredMaintenanceWindow": { - "markdownDescription": "The start time for a one-hour period each week during which AWS OpsWorks CM performs maintenance on the instance. Valid values must be specified in the following format: `DDD:HH:MM` . `MM` must be specified as `00` . The specified time is in coordinated universal time (UTC). The default value is a random one-hour period on Tuesday, Wednesday, or Friday. See `TimeWindowDefinition` for more information.\n\n*Example:* `Mon:08:00` , which represents a start time of every Monday at 08:00 UTC. (8:00 a.m.)", - "title": "PreferredMaintenanceWindow", - "type": "string" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of security group IDs to attach to the Amazon EC2 instance. If you add this parameter, the specified security groups must be within the VPC that is specified by `SubnetIds` .\n\nIf you do not specify this parameter, AWS OpsWorks CM creates one new security group that uses TCP ports 22 and 443, open to 0.0.0.0/0 (everyone).", - "title": "SecurityGroupIds", - "type": "array" - }, - "ServiceRoleArn": { - "markdownDescription": "The service role that the AWS OpsWorks CM service backend uses to work with your account. Although the AWS OpsWorks management console typically creates the service role for you, if you are using the AWS CLI or API commands, run the service-role-creation.yaml AWS CloudFormation template, located at https://s3.amazonaws.com/opsworks-cm-us-east-1-prod-default-assets/misc/opsworks-cm-roles.yaml. This template creates a CloudFormation stack that includes the service role and instance profile that you need.", - "title": "ServiceRoleArn", + "ProjectName": { + "markdownDescription": "The name of the project.", + "title": "ProjectName", "type": "string" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of subnets in which to launch the server EC2 instance.\n\nAmazon EC2-Classic customers: This field is required. All servers must run within a VPC. The VPC must have \"Auto Assign Public IP\" enabled.\n\nEC2-VPC customers: This field is optional. If you do not specify subnet IDs, your EC2 instances are created in a default subnet that is selected by Amazon EC2. If you specify subnet IDs, the VPC must have \"Auto Assign Public IP\" enabled.\n\nFor more information about supported Amazon EC2 platforms, see [Supported Platforms](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-supported-platforms.html) .", - "title": "SubnetIds", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A map that contains tag keys and tag values to attach to an AWS OpsWorks for Chef Automate or OpsWorks for Puppet Enterprise server.\n\n- The key cannot be empty.\n- The key can be a maximum of 127 characters, and can contain only Unicode letters, numbers, or separators, or the following special characters: `+ - = . _ : / @`\n- The value can be a maximum 255 characters, and contain only Unicode letters, numbers, or separators, or the following special characters: `+ - = . _ : / @`\n- Leading and trailing spaces are trimmed from both the key and value.\n- A maximum of 50 user-applied tags is allowed for any AWS OpsWorks CM server.", - "title": "Tags", - "type": "array" } }, "required": [ - "InstanceProfileArn", - "InstanceType", - "ServiceRoleArn" + "ProjectName" ], "type": "object" }, "Type": { "enum": [ - "AWS::OpsWorksCM::Server" + "AWS::LookoutVision::Project" ], "type": "string" }, @@ -174388,23 +179884,7 @@ ], "type": "object" }, - "AWS::OpsWorksCM::Server.EngineAttribute": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the engine attribute.\n\n*Attribute name for Chef Automate servers:*\n\n- `CHEF_AUTOMATE_ADMIN_PASSWORD`\n\n*Attribute names for Puppet Enterprise servers:*\n\n- `PUPPET_ADMIN_PASSWORD`\n- `PUPPET_R10K_REMOTE`\n- `PUPPET_R10K_PRIVATE_KEY`", - "title": "Name", - "type": "string" - }, - "Value": { - "markdownDescription": "The value of the engine attribute.\n\n*Attribute value for Chef Automate servers:*\n\n- `CHEF_AUTOMATE_PIVOTAL_KEY` : A base64-encoded RSA public key. The corresponding private key is required to access the Chef API. You can generate this key by running the following [OpenSSL](https://docs.aws.amazon.com/https://www.openssl.org/) command on Linux-based computers.\n\n`openssl genrsa -out *pivotal_key_file_name* .pem 2048`\n\nOn Windows-based computers, you can use the PuTTYgen utility to generate a base64-encoded RSA private key. For more information, see [PuTTYgen - Key Generator for PuTTY on Windows](https://docs.aws.amazon.com/https://www.ssh.com/ssh/putty/windows/puttygen) on SSH.com.\n\n*Attribute values for Puppet Enterprise servers:*\n\n- `PUPPET_ADMIN_PASSWORD` : An administrator password that you can use to sign in to the Puppet Enterprise console webpage after the server is online. The password must use between 8 and 32 ASCII characters.\n- `PUPPET_R10K_REMOTE` : The r10k remote is the URL of your control repository (for example, ssh://git@your.git-repo.com:user/control-repo.git). Specifying an r10k remote opens TCP port 8170.\n- `PUPPET_R10K_PRIVATE_KEY` : If you are using a private Git repository, add `PUPPET_R10K_PRIVATE_KEY` to specify a PEM-encoded private SSH key.", - "title": "Value", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Organizations::Account": { + "AWS::M2::Application": { "additionalProperties": false, "properties": { "Condition": { @@ -174439,47 +179919,57 @@ "Properties": { "additionalProperties": false, "properties": { - "AccountName": { - "markdownDescription": "The account name given to the account when it was created.", - "title": "AccountName", + "Definition": { + "$ref": "#/definitions/AWS::M2::Application.Definition", + "markdownDescription": "The application definition for a particular application. You can specify either inline JSON or an Amazon S3 bucket location.\n\nFor information about application definitions, see the [AWS Mainframe Modernization User Guide](https://docs.aws.amazon.com/m2/latest/userguide/applications-m2-definition.html) .", + "title": "Definition" + }, + "Description": { + "markdownDescription": "The description of the application.", + "title": "Description", "type": "string" }, - "Email": { - "markdownDescription": "The email address associated with the AWS account.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) for this parameter is a string of characters that represents a standard internet email address.", - "title": "Email", + "EngineType": { + "markdownDescription": "The type of the target platform for this application.", + "title": "EngineType", "type": "string" }, - "ParentIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The unique identifier (ID) of the root or organizational unit (OU) that you want to create the new account in. If you don't specify this parameter, the `ParentId` defaults to the root ID.\n\nThis parameter only accepts a string array with one string value.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) for a parent ID string requires one of the following:\n\n- *Root* - A string that begins with \"r-\" followed by from 4 to 32 lowercase letters or digits.\n- *Organizational unit (OU)* - A string that begins with \"ou-\" followed by from 4 to 32 lowercase letters or digits (the ID of the root that the OU is in). This string is followed by a second \"-\" dash and from 8 to 32 additional lowercase letters or digits.", - "title": "ParentIds", - "type": "array" + "KmsKeyId": { + "markdownDescription": "The identifier of a customer managed key.", + "title": "KmsKeyId", + "type": "string" }, - "RoleName": { - "markdownDescription": "The name of an IAM role that AWS Organizations automatically preconfigures in the new member account. This role trusts the management account, allowing users in the management account to assume the role, as permitted by the management account administrator. The role has administrator permissions in the new member account.\n\nIf you don't specify this parameter, the role name defaults to `OrganizationAccountAccessRole` .\n\nFor more information about how to use this role to access the member account, see the following links:\n\n- [Creating the OrganizationAccountAccessRole in an invited member account](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_access.html#orgs_manage_accounts_create-cross-account-role) in the *AWS Organizations User Guide*\n- Steps 2 and 3 in [IAM Tutorial: Delegate access across AWS accounts using IAM roles](https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_cross-account-with-roles.html) in the *IAM User Guide*\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) that is used to validate this parameter. The pattern can include uppercase letters, lowercase letters, digits with no spaces, and any of the following characters: =,.@-", - "title": "RoleName", + "Name": { + "markdownDescription": "The name of the application.", + "title": "Name", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role associated with the application.", + "title": "RoleArn", "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "A list of tags that you want to attach to the newly created account. For each tag in the list, you must specify both a tag key and a value. You can set the value to an empty string, but you can't set it to `null` . For more information about tagging, see [Tagging AWS Organizations resources](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_tagging.html) in the AWS Organizations User Guide.\n\n> If any one of the tags is not valid or if you exceed the maximum allowed number of tags for an account, then the entire request fails and the account is not created.", "title": "Tags", - "type": "array" + "type": "object" } }, "required": [ - "AccountName", - "Email" + "EngineType", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Organizations::Account" + "AWS::M2::Application" ], "type": "string" }, @@ -174498,7 +179988,23 @@ ], "type": "object" }, - "AWS::Organizations::Organization": { + "AWS::M2::Application.Definition": { + "additionalProperties": false, + "properties": { + "Content": { + "markdownDescription": "The content of the application definition. This is a JSON object that contains the resource configuration/definitions that identify an application.", + "title": "Content", + "type": "string" + }, + "S3Location": { + "markdownDescription": "The S3 bucket that contains the application definition.", + "title": "S3Location", + "type": "string" + } + }, + "type": "object" + }, + "AWS::M2::Deployment": { "additionalProperties": false, "properties": { "Condition": { @@ -174533,17 +180039,32 @@ "Properties": { "additionalProperties": false, "properties": { - "FeatureSet": { - "markdownDescription": "Specifies the feature set supported by the new organization. Each feature set supports different levels of functionality.\n\n- `ALL` In addition to all the features supported by the consolidated billing feature set, the management account gains access to advanced features that give you more control over accounts in your organization. For more information, see [All features](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html#feature-set-all) in the *AWS Organizations User Guide* .\n- `CONSOLIDATED_BILLING` All member accounts have their bills consolidated to and paid by the management account. For more information, see [Consolidated billing](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html#feature-set-cb-only) in the *AWS Organizations User Guide* .\n\n> The consolidated billing feature feature set isn't available for organizations in the AWS GovCloud (US) Region.\n\nIf you don't specify this property, the default value is `ALL` .", - "title": "FeatureSet", + "ApplicationId": { + "markdownDescription": "The unique identifier of the application.", + "title": "ApplicationId", + "type": "string" + }, + "ApplicationVersion": { + "markdownDescription": "The version of the application.", + "title": "ApplicationVersion", + "type": "number" + }, + "EnvironmentId": { + "markdownDescription": "The unique identifier of the runtime environment.", + "title": "EnvironmentId", "type": "string" } }, + "required": [ + "ApplicationId", + "ApplicationVersion", + "EnvironmentId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Organizations::Organization" + "AWS::M2::Deployment" ], "type": "string" }, @@ -174557,11 +180078,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Organizations::OrganizationalUnit": { + "AWS::M2::Environment": { "additionalProperties": false, "properties": { "Condition": { @@ -174596,34 +180118,102 @@ "Properties": { "additionalProperties": false, "properties": { + "Description": { + "markdownDescription": "The description of the runtime environment.", + "title": "Description", + "type": "string" + }, + "EngineType": { + "markdownDescription": "The target platform for the runtime environment.", + "title": "EngineType", + "type": "string" + }, + "EngineVersion": { + "markdownDescription": "The version of the runtime engine.", + "title": "EngineVersion", + "type": "string" + }, + "HighAvailabilityConfig": { + "$ref": "#/definitions/AWS::M2::Environment.HighAvailabilityConfig", + "markdownDescription": "Defines the details of a high availability configuration.", + "title": "HighAvailabilityConfig" + }, + "InstanceType": { + "markdownDescription": "The instance type of the runtime environment.", + "title": "InstanceType", + "type": "string" + }, + "KmsKeyId": { + "markdownDescription": "The identifier of a customer managed key.", + "title": "KmsKeyId", + "type": "string" + }, "Name": { - "markdownDescription": "The friendly name of this OU.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) that is used to validate this parameter is a string of any of the characters in the ASCII character range.", + "markdownDescription": "The name of the runtime environment.", "title": "Name", "type": "string" }, - "ParentId": { - "markdownDescription": "The unique identifier (ID) of the parent root or OU that you want to create the new OU in.\n\n> To update the `ParentId` parameter value, you must first remove all accounts attached to the organizational unit (OU). OUs can't be moved within the organization with accounts still attached. \n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) for a parent ID string requires one of the following:\n\n- *Root* - A string that begins with \"r-\" followed by from 4 to 32 lowercase letters or digits.\n- *Organizational unit (OU)* - A string that begins with \"ou-\" followed by from 4 to 32 lowercase letters or digits (the ID of the root that the OU is in). This string is followed by a second \"-\" dash and from 8 to 32 additional lowercase letters or digits.", - "title": "ParentId", + "NetworkType": { + "markdownDescription": "The network type supported by the runtime environment.", + "title": "NetworkType", "type": "string" }, - "Tags": { + "PreferredMaintenanceWindow": { + "markdownDescription": "Configures the maintenance window that you want for the runtime environment. The maintenance window must have the format `ddd:hh24:mi-ddd:hh24:mi` and must be less than 24 hours. The following two examples are valid maintenance windows: `sun:23:45-mon:00:15` or `sat:01:00-sat:03:00` .\n\nIf you do not provide a value, a random system-generated value will be assigned.", + "title": "PreferredMaintenanceWindow", + "type": "string" + }, + "PubliclyAccessible": { + "markdownDescription": "Specifies whether the runtime environment is publicly accessible.", + "title": "PubliclyAccessible", + "type": "boolean" + }, + "SecurityGroupIds": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "A list of tags that you want to attach to the newly created OU. For each tag in the list, you must specify both a tag key and a value. You can set the value to an empty string, but you can't set it to `null` . For more information about tagging, see [Tagging AWS Organizations resources](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_tagging.html) in the AWS Organizations User Guide.\n\n> If any one of the tags is not valid or if you exceed the allowed number of tags for an OU, then the entire request fails and the OU is not created.", - "title": "Tags", + "markdownDescription": "The list of security groups for the VPC associated with this runtime environment.", + "title": "SecurityGroupIds", + "type": "array" + }, + "StorageConfigurations": { + "items": { + "$ref": "#/definitions/AWS::M2::Environment.StorageConfiguration" + }, + "markdownDescription": "Defines the storage configuration for a runtime environment.", + "title": "StorageConfigurations", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of subnets associated with the VPC for this runtime environment.", + "title": "SubnetIds", "type": "array" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" } }, "required": [ - "Name", - "ParentId" + "EngineType", + "InstanceType", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Organizations::OrganizationalUnit" + "AWS::M2::Environment" ], "type": "string" }, @@ -174642,7 +180232,77 @@ ], "type": "object" }, - "AWS::Organizations::Policy": { + "AWS::M2::Environment.EfsStorageConfiguration": { + "additionalProperties": false, + "properties": { + "FileSystemId": { + "markdownDescription": "The file system identifier.", + "title": "FileSystemId", + "type": "string" + }, + "MountPoint": { + "markdownDescription": "The mount point for the file system.", + "title": "MountPoint", + "type": "string" + } + }, + "required": [ + "FileSystemId", + "MountPoint" + ], + "type": "object" + }, + "AWS::M2::Environment.FsxStorageConfiguration": { + "additionalProperties": false, + "properties": { + "FileSystemId": { + "markdownDescription": "The file system identifier.", + "title": "FileSystemId", + "type": "string" + }, + "MountPoint": { + "markdownDescription": "The mount point for the file system.", + "title": "MountPoint", + "type": "string" + } + }, + "required": [ + "FileSystemId", + "MountPoint" + ], + "type": "object" + }, + "AWS::M2::Environment.HighAvailabilityConfig": { + "additionalProperties": false, + "properties": { + "DesiredCapacity": { + "markdownDescription": "The number of instances in a high availability configuration. The minimum possible value is 1 and the maximum is 100.", + "title": "DesiredCapacity", + "type": "number" + } + }, + "required": [ + "DesiredCapacity" + ], + "type": "object" + }, + "AWS::M2::Environment.StorageConfiguration": { + "additionalProperties": false, + "properties": { + "Efs": { + "$ref": "#/definitions/AWS::M2::Environment.EfsStorageConfiguration", + "markdownDescription": "Defines the storage configuration for an Amazon EFS file system.", + "title": "Efs" + }, + "Fsx": { + "$ref": "#/definitions/AWS::M2::Environment.FsxStorageConfiguration", + "markdownDescription": "Defines the storage configuration for an Amazon FSx file system.", + "title": "Fsx" + } + }, + "type": "object" + }, + "AWS::MPA::ApprovalTeam": { "additionalProperties": false, "properties": { "Condition": { @@ -174677,53 +180337,58 @@ "Properties": { "additionalProperties": false, "properties": { - "Content": { - "markdownDescription": "The policy text content. You can specify the policy content as a JSON object or a JSON string.\n\n> When you specify the policy content as a JSON string, you can't perform drift detection on the CloudFormation stack. For this reason, we recommend specifying the policy content as a JSON object instead. \n\nThe text that you supply must adhere to the rules of the policy type you specify in the `Type` parameter. The following AWS Organizations quotas are enforced for the maximum size of a policy document:\n\n- Service control policies: 5,120 characters\n- Resource control policies: 5,120 characters\n- Declarative policies: 10,000 characters\n- Backup policies: 10,000 characters\n- Tag policies: 10,000 characters\n- Chat applications policies: 10,000 characters\n- AI services opt-out policies: 2,500 characters\n\nFor more information about Organizations service quotas, see [Quotas for AWS Organizations](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) in the *AWS Organizations User Guide* .", - "title": "Content", - "type": "object" + "ApprovalStrategy": { + "$ref": "#/definitions/AWS::MPA::ApprovalTeam.ApprovalStrategy", + "markdownDescription": "Contains details for how an approval team grants approval.", + "title": "ApprovalStrategy" + }, + "Approvers": { + "items": { + "$ref": "#/definitions/AWS::MPA::ApprovalTeam.Approver" + }, + "markdownDescription": "Contains details for an approver.", + "title": "Approvers", + "type": "array" }, "Description": { - "markdownDescription": "Human readable description of the policy.", + "markdownDescription": "Description for the team.", "title": "Description", "type": "string" }, "Name": { - "markdownDescription": "Name of the policy.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) that is used to validate this parameter is a string of any of the characters in the ASCII character range.", + "markdownDescription": "Name of the team.", "title": "Name", "type": "string" }, + "Policies": { + "items": { + "$ref": "#/definitions/AWS::MPA::ApprovalTeam.Policy" + }, + "markdownDescription": "Contains details for a policy. Policies define what operations a team that define the permissions for team resources.", + "title": "Policies", + "type": "array" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tags that you want to attach to the newly created policy. For each tag in the list, you must specify both a tag key and a value. You can set the value to an empty string, but you can't set it to `null` . For more information about tagging, see [Tagging AWS Organizations resources](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_tagging.html) in the AWS Organizations User Guide.\n\n> If any one of the tags is not valid or if you exceed the allowed number of tags for a policy, then the entire request fails and the policy is not created.", + "markdownDescription": "Tags that you have added to the specified resource.", "title": "Tags", "type": "array" - }, - "TargetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "List of unique identifiers (IDs) of the root, OU, or account that you want to attach the policy to. You can get the ID by calling the [ListRoots](https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListRoots.html) , [ListOrganizationalUnitsForParent](https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListOrganizationalUnitsForParent.html) , or [ListAccounts](https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListAccounts.html) operations. If you don't specify this parameter, the policy is created but not attached to any organization resource.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) for a target ID string requires one of the following:\n\n- *Root* - A string that begins with \"r-\" followed by from 4 to 32 lowercase letters or digits.\n- *Account* - A string that consists of exactly 12 digits.\n- *Organizational unit (OU)* - A string that begins with \"ou-\" followed by from 4 to 32 lowercase letters or digits (the ID of the root that the OU is in). This string is followed by a second \"-\" dash and from 8 to 32 additional lowercase letters or digits.", - "title": "TargetIds", - "type": "array" - }, - "Type": { - "markdownDescription": "The type of policy to create.", - "title": "Type", - "type": "string" } }, "required": [ - "Content", + "ApprovalStrategy", + "Approvers", + "Description", "Name", - "Type" + "Policies" ], "type": "object" }, "Type": { "enum": [ - "AWS::Organizations::Policy" + "AWS::MPA::ApprovalTeam" ], "type": "string" }, @@ -174742,82 +180407,84 @@ ], "type": "object" }, - "AWS::Organizations::ResourcePolicy": { + "AWS::MPA::ApprovalTeam.ApprovalStrategy": { "additionalProperties": false, "properties": { - "Condition": { + "MofN": { + "$ref": "#/definitions/AWS::MPA::ApprovalTeam.MofNApprovalStrategy", + "markdownDescription": "Minimum number of approvals (M) required for a total number of approvers (N).", + "title": "MofN" + } + }, + "required": [ + "MofN" + ], + "type": "object" + }, + "AWS::MPA::ApprovalTeam.Approver": { + "additionalProperties": false, + "properties": { + "ApproverId": { + "markdownDescription": "ID for the approver.", + "title": "ApproverId", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "PrimaryIdentityId": { + "markdownDescription": "ID for the user.", + "title": "PrimaryIdentityId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Content": { - "markdownDescription": "The policy text of the organization resource policy. You can specify the resource policy content as a JSON object or a JSON string.\n\n> When you specify the resource policy content as a JSON string, you can't perform drift detection on the CloudFormation stack. For this reason, we recommend specifying the resource policy content as a JSON object instead.", - "title": "Content", - "type": "object" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of tags that you want to attach to the newly created resource policy. For each tag in the list, you must specify both a tag key and a value. You can set the value to an empty string, but you can't set it to `null` . For more information about tagging, see [Tagging AWS Organizations resources](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_tagging.html) in the *AWS Organizations User Guide* .\n\n> If any one of the tags is not valid or if you exceed the allowed number of tags for the resource policy, then the entire request fails and the resource policy is not created.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Content" - ], - "type": "object" + "PrimaryIdentitySourceArn": { + "markdownDescription": "Amazon Resource Name (ARN) for the identity source. The identity source manages the user authentication for approvers.", + "title": "PrimaryIdentitySourceArn", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Organizations::ResourcePolicy" - ], + "PrimaryIdentityStatus": { + "markdownDescription": "Status for the identity source. For example, if an approver has accepted a team invitation with a user authentication method managed by the identity source.", + "title": "PrimaryIdentityStatus", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ResponseTime": { + "markdownDescription": "Timestamp when the approver responded to an approval team invitation.", + "title": "ResponseTime", "type": "string" } }, "required": [ - "Type", - "Properties" + "PrimaryIdentityId", + "PrimaryIdentitySourceArn" ], "type": "object" }, - "AWS::PCAConnectorAD::Connector": { + "AWS::MPA::ApprovalTeam.MofNApprovalStrategy": { + "additionalProperties": false, + "properties": { + "MinApprovalsRequired": { + "markdownDescription": "Minimum number of approvals (M) required for a total number of approvers (N).", + "title": "MinApprovalsRequired", + "type": "number" + } + }, + "required": [ + "MinApprovalsRequired" + ], + "type": "object" + }, + "AWS::MPA::ApprovalTeam.Policy": { + "additionalProperties": false, + "properties": { + "PolicyArn": { + "markdownDescription": "", + "title": "PolicyArn", + "type": "string" + } + }, + "required": [ + "PolicyArn" + ], + "type": "object" + }, + "AWS::MPA::IdentitySource": { "additionalProperties": false, "properties": { "Condition": { @@ -174852,43 +180519,28 @@ "Properties": { "additionalProperties": false, "properties": { - "CertificateAuthorityArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the certificate authority being used.", - "title": "CertificateAuthorityArn", - "type": "string" - }, - "DirectoryId": { - "markdownDescription": "The identifier of the Active Directory.", - "title": "DirectoryId", - "type": "string" + "IdentitySourceParameters": { + "$ref": "#/definitions/AWS::MPA::IdentitySource.IdentitySourceParameters", + "markdownDescription": "A `IdentitySourceParameters` object. Contains details for the resource that provides identities to the identity source. For example, an IAM Identity Center instance.", + "title": "IdentitySourceParameters" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "Metadata assigned to a connector consisting of a key-value pair.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "Tags that you have added to the specified resource.", "title": "Tags", - "type": "object" - }, - "VpcInformation": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Connector.VpcInformation", - "markdownDescription": "Information of the VPC and security group(s) used with the connector.", - "title": "VpcInformation" + "type": "array" } }, "required": [ - "CertificateAuthorityArn", - "DirectoryId", - "VpcInformation" + "IdentitySourceParameters" ], "type": "object" }, "Type": { "enum": [ - "AWS::PCAConnectorAD::Connector" + "AWS::MPA::IdentitySource" ], "type": "string" }, @@ -174907,24 +180559,46 @@ ], "type": "object" }, - "AWS::PCAConnectorAD::Connector.VpcInformation": { + "AWS::MPA::IdentitySource.IamIdentityCenter": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The security groups used with the connector. You can use a maximum of 4 security groups with a connector.", - "title": "SecurityGroupIds", - "type": "array" + "ApprovalPortalUrl": { + "markdownDescription": "", + "title": "ApprovalPortalUrl", + "type": "string" + }, + "InstanceArn": { + "markdownDescription": "Amazon Resource Name (ARN) for the IAM Identity Center instance.", + "title": "InstanceArn", + "type": "string" + }, + "Region": { + "markdownDescription": "AWS Region where the IAM Identity Center instance is located.", + "title": "Region", + "type": "string" } }, "required": [ - "SecurityGroupIds" + "InstanceArn", + "Region" ], "type": "object" }, - "AWS::PCAConnectorAD::DirectoryRegistration": { + "AWS::MPA::IdentitySource.IdentitySourceParameters": { + "additionalProperties": false, + "properties": { + "IamIdentityCenter": { + "$ref": "#/definitions/AWS::MPA::IdentitySource.IamIdentityCenter", + "markdownDescription": "AWS IAM Identity Center credentials.", + "title": "IamIdentityCenter" + } + }, + "required": [ + "IamIdentityCenter" + ], + "type": "object" + }, + "AWS::MSK::BatchScramSecret": { "additionalProperties": false, "properties": { "Condition": { @@ -174959,31 +180633,28 @@ "Properties": { "additionalProperties": false, "properties": { - "DirectoryId": { - "markdownDescription": "The identifier of the Active Directory.", - "title": "DirectoryId", + "ClusterArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that uniquely identifies the cluster.", + "title": "ClusterArn", "type": "string" }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Metadata assigned to a directory registration consisting of a key-value pair.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "SecretArnList": { + "items": { + "type": "string" }, - "title": "Tags", - "type": "object" + "markdownDescription": "List of Amazon Resource Name (ARN)s of Secrets Manager secrets.", + "title": "SecretArnList", + "type": "array" } }, "required": [ - "DirectoryId" + "ClusterArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::PCAConnectorAD::DirectoryRegistration" + "AWS::MSK::BatchScramSecret" ], "type": "string" }, @@ -175002,7 +180673,7 @@ ], "type": "object" }, - "AWS::PCAConnectorAD::ServicePrincipalName": { + "AWS::MSK::Cluster": { "additionalProperties": false, "properties": { "Condition": { @@ -175037,97 +180708,69 @@ "Properties": { "additionalProperties": false, "properties": { - "ConnectorArn": { - "markdownDescription": "The Amazon Resource Name (ARN) that was returned when you called [CreateConnector.html](https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateConnector.html) .", - "title": "ConnectorArn", + "BrokerNodeGroupInfo": { + "$ref": "#/definitions/AWS::MSK::Cluster.BrokerNodeGroupInfo", + "markdownDescription": "Information about the broker nodes in the cluster.", + "title": "BrokerNodeGroupInfo" + }, + "ClientAuthentication": { + "$ref": "#/definitions/AWS::MSK::Cluster.ClientAuthentication", + "markdownDescription": "Includes all client authentication related information.", + "title": "ClientAuthentication" + }, + "ClusterName": { + "markdownDescription": "The name of the cluster.", + "title": "ClusterName", "type": "string" }, - "DirectoryRegistrationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) that was returned when you called [CreateDirectoryRegistration](https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateDirectoryRegistration.html) .", - "title": "DirectoryRegistrationArn", + "ConfigurationInfo": { + "$ref": "#/definitions/AWS::MSK::Cluster.ConfigurationInfo", + "markdownDescription": "Represents the configuration that you want MSK to use for the cluster.", + "title": "ConfigurationInfo" + }, + "CurrentVersion": { + "markdownDescription": "The version of the cluster that you want to update.", + "title": "CurrentVersion", "type": "string" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::PCAConnectorAD::ServicePrincipalName" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::PCAConnectorAD::Template": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + }, + "EncryptionInfo": { + "$ref": "#/definitions/AWS::MSK::Cluster.EncryptionInfo", + "markdownDescription": "Includes all encryption-related information.", + "title": "EncryptionInfo" + }, + "EnhancedMonitoring": { + "markdownDescription": "Specifies the level of monitoring for the MSK cluster.", + "title": "EnhancedMonitoring", "type": "string" }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ConnectorArn": { - "markdownDescription": "The Amazon Resource Name (ARN) that was returned when you called [CreateConnector](https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateConnector.html) .", - "title": "ConnectorArn", + "KafkaVersion": { + "markdownDescription": "The version of Apache Kafka. You can use Amazon MSK to create clusters that use [supported Apache Kafka versions](https://docs.aws.amazon.com/msk/latest/developerguide/supported-kafka-versions.html) .", + "title": "KafkaVersion", "type": "string" }, - "Definition": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.TemplateDefinition", - "markdownDescription": "Template configuration to define the information included in certificates. Define certificate validity and renewal periods, certificate request handling and enrollment options, key usage extensions, application policies, and cryptography settings.", - "title": "Definition" + "LoggingInfo": { + "$ref": "#/definitions/AWS::MSK::Cluster.LoggingInfo", + "markdownDescription": "Logging info details for the cluster.", + "title": "LoggingInfo" }, - "Name": { - "markdownDescription": "Name of the templates. Template names must be unique.", - "title": "Name", - "type": "string" + "NumberOfBrokerNodes": { + "markdownDescription": "The number of broker nodes in the cluster.", + "title": "NumberOfBrokerNodes", + "type": "number" }, - "ReenrollAllCertificateHolders": { - "markdownDescription": "This setting allows the major version of a template to be increased automatically. All members of Active Directory groups that are allowed to enroll with a template will receive a new certificate issued using that template.", - "title": "ReenrollAllCertificateHolders", - "type": "boolean" + "OpenMonitoring": { + "$ref": "#/definitions/AWS::MSK::Cluster.OpenMonitoring", + "markdownDescription": "The settings for open monitoring.", + "title": "OpenMonitoring" + }, + "StorageMode": { + "markdownDescription": "This controls storage mode for supported storage tiers.", + "title": "StorageMode", + "type": "string" }, "Tags": { "additionalProperties": true, - "markdownDescription": "Metadata assigned to a template consisting of a key-value pair.", + "markdownDescription": "An arbitrary set of tags (key-value pairs) for the cluster.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" @@ -175138,15 +180781,16 @@ } }, "required": [ - "ConnectorArn", - "Definition", - "Name" + "BrokerNodeGroupInfo", + "ClusterName", + "KafkaVersion", + "NumberOfBrokerNodes" ], "type": "object" }, "Type": { "enum": [ - "AWS::PCAConnectorAD::Template" + "AWS::MSK::Cluster" ], "type": "string" }, @@ -175165,942 +180809,527 @@ ], "type": "object" }, - "AWS::PCAConnectorAD::Template.ApplicationPolicies": { + "AWS::MSK::Cluster.BrokerLogs": { "additionalProperties": false, "properties": { - "Critical": { - "markdownDescription": "Marks the application policy extension as critical.", - "title": "Critical", - "type": "boolean" + "CloudWatchLogs": { + "$ref": "#/definitions/AWS::MSK::Cluster.CloudWatchLogs", + "markdownDescription": "", + "title": "CloudWatchLogs" }, - "Policies": { + "Firehose": { + "$ref": "#/definitions/AWS::MSK::Cluster.Firehose", + "markdownDescription": "Details of the Kinesis Data Firehose delivery stream that is the destination for broker logs.", + "title": "Firehose" + }, + "S3": { + "$ref": "#/definitions/AWS::MSK::Cluster.S3", + "markdownDescription": "Details of the Amazon S3 destination for broker logs.", + "title": "S3" + } + }, + "type": "object" + }, + "AWS::MSK::Cluster.BrokerNodeGroupInfo": { + "additionalProperties": false, + "properties": { + "BrokerAZDistribution": { + "markdownDescription": "This parameter is currently not in use.", + "title": "BrokerAZDistribution", + "type": "string" + }, + "ClientSubnets": { "items": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ApplicationPolicy" + "type": "string" }, - "markdownDescription": "Application policies describe what the certificate can be used for.", - "title": "Policies", + "markdownDescription": "The list of subnets to connect to in the client virtual private cloud (VPC). Amazon creates elastic network interfaces (ENIs) inside these subnets. Client applications use ENIs to produce and consume data.\n\nIf you use the US West (N. California) Region, specify exactly two subnets. For other Regions where Amazon MSK is available, you can specify either two or three subnets. The subnets that you specify must be in distinct Availability Zones. When you create a cluster, Amazon MSK distributes the broker nodes evenly across the subnets that you specify.\n\nClient subnets can't occupy the Availability Zone with ID `use1-az3` .", + "title": "ClientSubnets", + "type": "array" + }, + "ConnectivityInfo": { + "$ref": "#/definitions/AWS::MSK::Cluster.ConnectivityInfo", + "markdownDescription": "Information about the cluster's connectivity setting.", + "title": "ConnectivityInfo" + }, + "InstanceType": { + "markdownDescription": "The type of Amazon EC2 instances to use for brokers. Depending on the [broker type](https://docs.aws.amazon.com/msk/latest/developerguide/broker-instance-types.html) , Amazon MSK supports the following broker sizes:\n\n*Standard broker sizes*\n\n- kafka.t3.small\n\n> You can't select the kafka.t3.small instance type when the metadata mode is KRaft.\n- kafka.m5.large, kafka.m5.xlarge, kafka.m5.2xlarge, kafka.m5.4xlarge, kafka.m5.8xlarge, kafka.m5.12xlarge, kafka.m5.16xlarge, kafka.m5.24xlarge\n- kafka.m7g.large, kafka.m7g.xlarge, kafka.m7g.2xlarge, kafka.m7g.4xlarge, kafka.m7g.8xlarge, kafka.m7g.12xlarge, kafka.m7g.16xlarge\n\n*Express broker sizes*\n\n- express.m7g.large, express.m7g.xlarge, express.m7g.2xlarge, express.m7g.4xlarge, express.m7g.8xlarge, express.m7g.12xlarge, express.m7g.16xlarge\n\n> Some broker sizes might not be available in certian AWS Regions. See the updated [Pricing tools](https://docs.aws.amazon.com/msk/pricing/) section on the Amazon MSK pricing page for the latest list of available instances by Region.", + "title": "InstanceType", + "type": "string" + }, + "SecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The security groups to associate with the ENIs in order to specify who can connect to and communicate with the Amazon MSK cluster. If you don't specify a security group, Amazon MSK uses the default security group associated with the VPC. If you specify security groups that were shared with you, you must ensure that you have permissions to them. Specifically, you need the `ec2:DescribeSecurityGroups` permission.", + "title": "SecurityGroups", "type": "array" + }, + "StorageInfo": { + "$ref": "#/definitions/AWS::MSK::Cluster.StorageInfo", + "markdownDescription": "Contains information about storage volumes attached to Amazon MSK broker nodes.", + "title": "StorageInfo" } }, "required": [ - "Policies" + "ClientSubnets", + "InstanceType" ], "type": "object" }, - "AWS::PCAConnectorAD::Template.ApplicationPolicy": { + "AWS::MSK::Cluster.ClientAuthentication": { "additionalProperties": false, "properties": { - "PolicyObjectIdentifier": { - "markdownDescription": "The object identifier (OID) of an application policy.", - "title": "PolicyObjectIdentifier", - "type": "string" + "Sasl": { + "$ref": "#/definitions/AWS::MSK::Cluster.Sasl", + "markdownDescription": "Details for client authentication using SASL. To turn on SASL, you must also turn on `EncryptionInTransit` by setting `inCluster` to true. You must set `clientBroker` to either `TLS` or `TLS_PLAINTEXT` . If you choose `TLS_PLAINTEXT` , then you must also set `unauthenticated` to true.", + "title": "Sasl" }, - "PolicyType": { - "markdownDescription": "The type of application policy", - "title": "PolicyType", - "type": "string" + "Tls": { + "$ref": "#/definitions/AWS::MSK::Cluster.Tls", + "markdownDescription": "Details for ClientAuthentication using TLS. To turn on TLS access control, you must also turn on `EncryptionInTransit` by setting `inCluster` to true and `clientBroker` to `TLS` .", + "title": "Tls" + }, + "Unauthenticated": { + "$ref": "#/definitions/AWS::MSK::Cluster.Unauthenticated", + "markdownDescription": "Details for ClientAuthentication using no authentication.", + "title": "Unauthenticated" } }, "type": "object" }, - "AWS::PCAConnectorAD::Template.CertificateValidity": { + "AWS::MSK::Cluster.CloudWatchLogs": { "additionalProperties": false, "properties": { - "RenewalPeriod": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ValidityPeriod", - "markdownDescription": "Renewal period is the period of time before certificate expiration when a new certificate will be requested.", - "title": "RenewalPeriod" + "Enabled": { + "markdownDescription": "Specifies whether broker logs get sent to the specified CloudWatch Logs destination.", + "title": "Enabled", + "type": "boolean" }, - "ValidityPeriod": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ValidityPeriod", - "markdownDescription": "Information describing the end of the validity period of the certificate. This parameter sets the \u201cNot After\u201d date for the certificate. Certificate validity is the period of time during which a certificate is valid. Validity can be expressed as an explicit date and time when the certificate expires, or as a span of time after issuance, stated in days, months, or years. For more information, see Validity in RFC 5280. This value is unaffected when ValidityNotBefore is also specified. For example, if Validity is set to 20 days in the future, the certificate will expire 20 days from issuance time regardless of the ValidityNotBefore value.", - "title": "ValidityPeriod" + "LogGroup": { + "markdownDescription": "The CloudWatch log group that is the destination for broker logs.", + "title": "LogGroup", + "type": "string" } }, "required": [ - "RenewalPeriod", - "ValidityPeriod" + "Enabled" ], "type": "object" }, - "AWS::PCAConnectorAD::Template.EnrollmentFlagsV2": { + "AWS::MSK::Cluster.ConfigurationInfo": { "additionalProperties": false, "properties": { - "EnableKeyReuseOnNtTokenKeysetStorageFull": { - "markdownDescription": "Allow renewal using the same key.", - "title": "EnableKeyReuseOnNtTokenKeysetStorageFull", - "type": "boolean" - }, - "IncludeSymmetricAlgorithms": { - "markdownDescription": "Include symmetric algorithms allowed by the subject.", - "title": "IncludeSymmetricAlgorithms", - "type": "boolean" - }, - "NoSecurityExtension": { - "markdownDescription": "This flag instructs the CA to not include the security extension szOID_NTDS_CA_SECURITY_EXT (OID:1.3.6.1.4.1.311.25.2), as specified in [MS-WCCE] sections 2.2.2.7.7.4 and 3.2.2.6.2.1.4.5.9, in the issued certificate. This addresses a Windows Kerberos elevation-of-privilege vulnerability.", - "title": "NoSecurityExtension", - "type": "boolean" - }, - "RemoveInvalidCertificateFromPersonalStore": { - "markdownDescription": "Delete expired or revoked certificates instead of archiving them.", - "title": "RemoveInvalidCertificateFromPersonalStore", - "type": "boolean" + "Arn": { + "markdownDescription": "ARN of the configuration to use.", + "title": "Arn", + "type": "string" }, - "UserInteractionRequired": { - "markdownDescription": "Require user interaction when the subject is enrolled and the private key associated with the certificate is used.", - "title": "UserInteractionRequired", - "type": "boolean" + "Revision": { + "markdownDescription": "The revision of the configuration to use.", + "title": "Revision", + "type": "number" } }, + "required": [ + "Arn", + "Revision" + ], "type": "object" }, - "AWS::PCAConnectorAD::Template.EnrollmentFlagsV3": { + "AWS::MSK::Cluster.ConnectivityInfo": { "additionalProperties": false, "properties": { - "EnableKeyReuseOnNtTokenKeysetStorageFull": { - "markdownDescription": "Allow renewal using the same key.", - "title": "EnableKeyReuseOnNtTokenKeysetStorageFull", - "type": "boolean" - }, - "IncludeSymmetricAlgorithms": { - "markdownDescription": "Include symmetric algorithms allowed by the subject.", - "title": "IncludeSymmetricAlgorithms", - "type": "boolean" - }, - "NoSecurityExtension": { - "markdownDescription": "This flag instructs the CA to not include the security extension szOID_NTDS_CA_SECURITY_EXT (OID:1.3.6.1.4.1.311.25.2), as specified in [MS-WCCE] sections 2.2.2.7.7.4 and 3.2.2.6.2.1.4.5.9, in the issued certificate. This addresses a Windows Kerberos elevation-of-privilege vulnerability.", - "title": "NoSecurityExtension", - "type": "boolean" - }, - "RemoveInvalidCertificateFromPersonalStore": { - "markdownDescription": "Delete expired or revoked certificates instead of archiving them.", - "title": "RemoveInvalidCertificateFromPersonalStore", - "type": "boolean" + "PublicAccess": { + "$ref": "#/definitions/AWS::MSK::Cluster.PublicAccess", + "markdownDescription": "Access control settings for the cluster's brokers.", + "title": "PublicAccess" }, - "UserInteractionRequired": { - "markdownDescription": "Require user interaction when the subject is enrolled and the private key associated with the certificate is used.", - "title": "UserInteractionRequired", - "type": "boolean" + "VpcConnectivity": { + "$ref": "#/definitions/AWS::MSK::Cluster.VpcConnectivity", + "markdownDescription": "VPC connection control settings for brokers.", + "title": "VpcConnectivity" } }, "type": "object" }, - "AWS::PCAConnectorAD::Template.EnrollmentFlagsV4": { + "AWS::MSK::Cluster.EBSStorageInfo": { "additionalProperties": false, "properties": { - "EnableKeyReuseOnNtTokenKeysetStorageFull": { - "markdownDescription": "Allow renewal using the same key.", - "title": "EnableKeyReuseOnNtTokenKeysetStorageFull", - "type": "boolean" - }, - "IncludeSymmetricAlgorithms": { - "markdownDescription": "Include symmetric algorithms allowed by the subject.", - "title": "IncludeSymmetricAlgorithms", - "type": "boolean" - }, - "NoSecurityExtension": { - "markdownDescription": "This flag instructs the CA to not include the security extension szOID_NTDS_CA_SECURITY_EXT (OID:1.3.6.1.4.1.311.25.2), as specified in [MS-WCCE] sections 2.2.2.7.7.4 and 3.2.2.6.2.1.4.5.9, in the issued certificate. This addresses a Windows Kerberos elevation-of-privilege vulnerability.", - "title": "NoSecurityExtension", - "type": "boolean" - }, - "RemoveInvalidCertificateFromPersonalStore": { - "markdownDescription": "Delete expired or revoked certificates instead of archiving them.", - "title": "RemoveInvalidCertificateFromPersonalStore", - "type": "boolean" + "ProvisionedThroughput": { + "$ref": "#/definitions/AWS::MSK::Cluster.ProvisionedThroughput", + "markdownDescription": "EBS volume provisioned throughput information.", + "title": "ProvisionedThroughput" }, - "UserInteractionRequired": { - "markdownDescription": "Require user interaction when the subject is enrolled and the private key associated with the certificate is used.", - "title": "UserInteractionRequired", - "type": "boolean" + "VolumeSize": { + "markdownDescription": "The size in GiB of the EBS volume for the data drive on each broker node.", + "title": "VolumeSize", + "type": "number" } }, "type": "object" }, - "AWS::PCAConnectorAD::Template.ExtensionsV2": { + "AWS::MSK::Cluster.EncryptionAtRest": { "additionalProperties": false, "properties": { - "ApplicationPolicies": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ApplicationPolicies", - "markdownDescription": "Application policies specify what the certificate is used for and its purpose.", - "title": "ApplicationPolicies" - }, - "KeyUsage": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsage", - "markdownDescription": "The key usage extension defines the purpose (e.g., encipherment, signature, certificate signing) of the key contained in the certificate.", - "title": "KeyUsage" + "DataVolumeKMSKeyId": { + "markdownDescription": "The ARN of the Amazon KMS key for encrypting data at rest. If you don't specify a KMS key, MSK creates one for you and uses it.", + "title": "DataVolumeKMSKeyId", + "type": "string" } }, "required": [ - "KeyUsage" + "DataVolumeKMSKeyId" ], "type": "object" }, - "AWS::PCAConnectorAD::Template.ExtensionsV3": { + "AWS::MSK::Cluster.EncryptionInTransit": { "additionalProperties": false, "properties": { - "ApplicationPolicies": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ApplicationPolicies", - "markdownDescription": "Application policies specify what the certificate is used for and its purpose.", - "title": "ApplicationPolicies" + "ClientBroker": { + "markdownDescription": "Indicates the encryption setting for data in transit between clients and brokers. You must set it to one of the following values.\n\n- `TLS` : Indicates that client-broker communication is enabled with TLS only.\n- `TLS_PLAINTEXT` : Indicates that client-broker communication is enabled for both TLS-encrypted, as well as plaintext data.\n- `PLAINTEXT` : Indicates that client-broker communication is enabled in plaintext only.\n\nThe default value is `TLS` .", + "title": "ClientBroker", + "type": "string" }, - "KeyUsage": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsage", - "markdownDescription": "The key usage extension defines the purpose (e.g., encipherment, signature, certificate signing) of the key contained in the certificate.", - "title": "KeyUsage" + "InCluster": { + "markdownDescription": "When set to true, it indicates that data communication among the broker nodes of the cluster is encrypted. When set to false, the communication happens in plaintext.\n\nThe default value is true.", + "title": "InCluster", + "type": "boolean" } }, - "required": [ - "KeyUsage" - ], "type": "object" }, - "AWS::PCAConnectorAD::Template.ExtensionsV4": { + "AWS::MSK::Cluster.EncryptionInfo": { "additionalProperties": false, "properties": { - "ApplicationPolicies": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ApplicationPolicies", - "markdownDescription": "Application policies specify what the certificate is used for and its purpose.", - "title": "ApplicationPolicies" + "EncryptionAtRest": { + "$ref": "#/definitions/AWS::MSK::Cluster.EncryptionAtRest", + "markdownDescription": "The data-volume encryption details.", + "title": "EncryptionAtRest" }, - "KeyUsage": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsage", - "markdownDescription": "The key usage extension defines the purpose (e.g., encipherment, signature) of the key contained in the certificate.", - "title": "KeyUsage" + "EncryptionInTransit": { + "$ref": "#/definitions/AWS::MSK::Cluster.EncryptionInTransit", + "markdownDescription": "The details for encryption in transit.", + "title": "EncryptionInTransit" } }, - "required": [ - "KeyUsage" - ], "type": "object" }, - "AWS::PCAConnectorAD::Template.GeneralFlagsV2": { + "AWS::MSK::Cluster.Firehose": { "additionalProperties": false, "properties": { - "AutoEnrollment": { - "markdownDescription": "Allows certificate issuance using autoenrollment. Set to TRUE to allow autoenrollment.", - "title": "AutoEnrollment", - "type": "boolean" + "DeliveryStream": { + "markdownDescription": "The Kinesis Data Firehose delivery stream that is the destination for broker logs.", + "title": "DeliveryStream", + "type": "string" }, - "MachineType": { - "markdownDescription": "Defines if the template is for machines or users. Set to TRUE if the template is for machines. Set to FALSE if the template is for users.", - "title": "MachineType", + "Enabled": { + "markdownDescription": "Specifies whether broker logs get send to the specified Kinesis Data Firehose delivery stream.", + "title": "Enabled", "type": "boolean" } }, + "required": [ + "Enabled" + ], "type": "object" }, - "AWS::PCAConnectorAD::Template.GeneralFlagsV3": { + "AWS::MSK::Cluster.Iam": { "additionalProperties": false, "properties": { - "AutoEnrollment": { - "markdownDescription": "Allows certificate issuance using autoenrollment. Set to TRUE to allow autoenrollment.", - "title": "AutoEnrollment", - "type": "boolean" - }, - "MachineType": { - "markdownDescription": "Defines if the template is for machines or users. Set to TRUE if the template is for machines. Set to FALSE if the template is for users", - "title": "MachineType", + "Enabled": { + "markdownDescription": "SASL/IAM authentication is enabled or not.", + "title": "Enabled", "type": "boolean" } }, + "required": [ + "Enabled" + ], "type": "object" }, - "AWS::PCAConnectorAD::Template.GeneralFlagsV4": { + "AWS::MSK::Cluster.JmxExporter": { "additionalProperties": false, "properties": { - "AutoEnrollment": { - "markdownDescription": "Allows certificate issuance using autoenrollment. Set to TRUE to allow autoenrollment.", - "title": "AutoEnrollment", - "type": "boolean" - }, - "MachineType": { - "markdownDescription": "Defines if the template is for machines or users. Set to TRUE if the template is for machines. Set to FALSE if the template is for users", - "title": "MachineType", + "EnabledInBroker": { + "markdownDescription": "Indicates whether you want to enable or disable the JMX Exporter.", + "title": "EnabledInBroker", "type": "boolean" } }, + "required": [ + "EnabledInBroker" + ], "type": "object" }, - "AWS::PCAConnectorAD::Template.KeyUsage": { + "AWS::MSK::Cluster.LoggingInfo": { "additionalProperties": false, "properties": { - "Critical": { - "markdownDescription": "Sets the key usage extension to critical.", - "title": "Critical", - "type": "boolean" - }, - "UsageFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsageFlags", - "markdownDescription": "The key usage flags represent the purpose (e.g., encipherment, signature) of the key contained in the certificate.", - "title": "UsageFlags" + "BrokerLogs": { + "$ref": "#/definitions/AWS::MSK::Cluster.BrokerLogs", + "markdownDescription": "You can configure your MSK cluster to send broker logs to different destination types. This configuration specifies the details of these destinations.", + "title": "BrokerLogs" } }, "required": [ - "UsageFlags" + "BrokerLogs" ], "type": "object" }, - "AWS::PCAConnectorAD::Template.KeyUsageFlags": { + "AWS::MSK::Cluster.NodeExporter": { "additionalProperties": false, "properties": { - "DataEncipherment": { - "markdownDescription": "DataEncipherment is asserted when the subject public key is used for directly enciphering raw user data without the use of an intermediate symmetric cipher.", - "title": "DataEncipherment", - "type": "boolean" - }, - "DigitalSignature": { - "markdownDescription": "The digitalSignature is asserted when the subject public key is used for verifying digital signatures.", - "title": "DigitalSignature", - "type": "boolean" - }, - "KeyAgreement": { - "markdownDescription": "KeyAgreement is asserted when the subject public key is used for key agreement.", - "title": "KeyAgreement", - "type": "boolean" - }, - "KeyEncipherment": { - "markdownDescription": "KeyEncipherment is asserted when the subject public key is used for enciphering private or secret keys, i.e., for key transport.", - "title": "KeyEncipherment", - "type": "boolean" - }, - "NonRepudiation": { - "markdownDescription": "NonRepudiation is asserted when the subject public key is used to verify digital signatures.", - "title": "NonRepudiation", + "EnabledInBroker": { + "markdownDescription": "Indicates whether you want to enable or disable the Node Exporter.", + "title": "EnabledInBroker", "type": "boolean" } }, + "required": [ + "EnabledInBroker" + ], "type": "object" }, - "AWS::PCAConnectorAD::Template.KeyUsageProperty": { + "AWS::MSK::Cluster.OpenMonitoring": { "additionalProperties": false, "properties": { - "PropertyFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsagePropertyFlags", - "markdownDescription": "You can specify key usage for encryption, key agreement, and signature. You can use property flags or property type but not both.", - "title": "PropertyFlags" - }, - "PropertyType": { - "markdownDescription": "You can specify all key usages using property type ALL. You can use property type or property flags but not both.", - "title": "PropertyType", - "type": "string" + "Prometheus": { + "$ref": "#/definitions/AWS::MSK::Cluster.Prometheus", + "markdownDescription": "Prometheus exporter settings.", + "title": "Prometheus" } }, + "required": [ + "Prometheus" + ], "type": "object" }, - "AWS::PCAConnectorAD::Template.KeyUsagePropertyFlags": { + "AWS::MSK::Cluster.Prometheus": { "additionalProperties": false, "properties": { - "Decrypt": { - "markdownDescription": "Allows key for encryption and decryption.", - "title": "Decrypt", - "type": "boolean" + "JmxExporter": { + "$ref": "#/definitions/AWS::MSK::Cluster.JmxExporter", + "markdownDescription": "Indicates whether you want to enable or disable the JMX Exporter.", + "title": "JmxExporter" }, - "KeyAgreement": { - "markdownDescription": "Allows key exchange without encryption.", - "title": "KeyAgreement", + "NodeExporter": { + "$ref": "#/definitions/AWS::MSK::Cluster.NodeExporter", + "markdownDescription": "Indicates whether you want to enable or disable the Node Exporter.", + "title": "NodeExporter" + } + }, + "type": "object" + }, + "AWS::MSK::Cluster.ProvisionedThroughput": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Provisioned throughput is on or off.", + "title": "Enabled", "type": "boolean" }, - "Sign": { - "markdownDescription": "Allow key use for digital signature.", - "title": "Sign", - "type": "boolean" + "VolumeThroughput": { + "markdownDescription": "Throughput value of the EBS volumes for the data drive on each kafka broker node in MiB per second.", + "title": "VolumeThroughput", + "type": "number" } }, "type": "object" }, - "AWS::PCAConnectorAD::Template.PrivateKeyAttributesV2": { + "AWS::MSK::Cluster.PublicAccess": { "additionalProperties": false, "properties": { - "CryptoProviders": { - "items": { - "type": "string" - }, - "markdownDescription": "Defines the cryptographic providers used to generate the private key.", - "title": "CryptoProviders", - "type": "array" - }, - "KeySpec": { - "markdownDescription": "Defines the purpose of the private key. Set it to \"KEY_EXCHANGE\" or \"SIGNATURE\" value.", - "title": "KeySpec", + "Type": { + "markdownDescription": "DISABLED means that public access is turned off. SERVICE_PROVIDED_EIPS means that public access is turned on.", + "title": "Type", "type": "string" - }, - "MinimalKeyLength": { - "markdownDescription": "Set the minimum key length of the private key.", - "title": "MinimalKeyLength", - "type": "number" } }, - "required": [ - "KeySpec", - "MinimalKeyLength" - ], "type": "object" }, - "AWS::PCAConnectorAD::Template.PrivateKeyAttributesV3": { + "AWS::MSK::Cluster.S3": { "additionalProperties": false, "properties": { - "Algorithm": { - "markdownDescription": "Defines the algorithm used to generate the private key.", - "title": "Algorithm", + "Bucket": { + "markdownDescription": "The name of the S3 bucket that is the destination for broker logs.", + "title": "Bucket", "type": "string" }, - "CryptoProviders": { - "items": { - "type": "string" - }, - "markdownDescription": "Defines the cryptographic providers used to generate the private key.", - "title": "CryptoProviders", - "type": "array" + "Enabled": { + "markdownDescription": "Specifies whether broker logs get sent to the specified Amazon S3 destination.", + "title": "Enabled", + "type": "boolean" }, - "KeySpec": { - "markdownDescription": "Defines the purpose of the private key. Set it to \"KEY_EXCHANGE\" or \"SIGNATURE\" value.", - "title": "KeySpec", + "Prefix": { + "markdownDescription": "The S3 prefix that is the destination for broker logs.", + "title": "Prefix", "type": "string" - }, - "KeyUsageProperty": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsageProperty", - "markdownDescription": "The key usage property defines the purpose of the private key contained in the certificate. You can specify specific purposes using property flags or all by using property type ALL.", - "title": "KeyUsageProperty" - }, - "MinimalKeyLength": { - "markdownDescription": "Set the minimum key length of the private key.", - "title": "MinimalKeyLength", - "type": "number" } }, "required": [ - "Algorithm", - "KeySpec", - "KeyUsageProperty", - "MinimalKeyLength" + "Enabled" ], "type": "object" }, - "AWS::PCAConnectorAD::Template.PrivateKeyAttributesV4": { + "AWS::MSK::Cluster.Sasl": { "additionalProperties": false, "properties": { - "Algorithm": { - "markdownDescription": "Defines the algorithm used to generate the private key.", - "title": "Algorithm", - "type": "string" + "Iam": { + "$ref": "#/definitions/AWS::MSK::Cluster.Iam", + "markdownDescription": "Details for ClientAuthentication using IAM.", + "title": "Iam" }, - "CryptoProviders": { + "Scram": { + "$ref": "#/definitions/AWS::MSK::Cluster.Scram", + "markdownDescription": "Details for SASL/SCRAM client authentication.", + "title": "Scram" + } + }, + "type": "object" + }, + "AWS::MSK::Cluster.Scram": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "SASL/SCRAM authentication is enabled or not.", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::MSK::Cluster.StorageInfo": { + "additionalProperties": false, + "properties": { + "EBSStorageInfo": { + "$ref": "#/definitions/AWS::MSK::Cluster.EBSStorageInfo", + "markdownDescription": "EBS volume information.", + "title": "EBSStorageInfo" + } + }, + "type": "object" + }, + "AWS::MSK::Cluster.Tls": { + "additionalProperties": false, + "properties": { + "CertificateAuthorityArnList": { "items": { "type": "string" }, - "markdownDescription": "Defines the cryptographic providers used to generate the private key.", - "title": "CryptoProviders", + "markdownDescription": "List of AWS Private CA ARNs.", + "title": "CertificateAuthorityArnList", "type": "array" }, - "KeySpec": { - "markdownDescription": "Defines the purpose of the private key. Set it to \"KEY_EXCHANGE\" or \"SIGNATURE\" value.", - "title": "KeySpec", - "type": "string" - }, - "KeyUsageProperty": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsageProperty", - "markdownDescription": "The key usage property defines the purpose of the private key contained in the certificate. You can specify specific purposes using property flags or all by using property type ALL.", - "title": "KeyUsageProperty" - }, - "MinimalKeyLength": { - "markdownDescription": "Set the minimum key length of the private key.", - "title": "MinimalKeyLength", - "type": "number" + "Enabled": { + "markdownDescription": "TLS authentication is enabled or not.", + "title": "Enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::MSK::Cluster.Unauthenticated": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Unauthenticated is enabled or not.", + "title": "Enabled", + "type": "boolean" } }, "required": [ - "KeySpec", - "MinimalKeyLength" + "Enabled" ], "type": "object" }, - "AWS::PCAConnectorAD::Template.PrivateKeyFlagsV2": { + "AWS::MSK::Cluster.VpcConnectivity": { "additionalProperties": false, "properties": { - "ClientVersion": { - "markdownDescription": "Defines the minimum client compatibility.", - "title": "ClientVersion", - "type": "string" - }, - "ExportableKey": { - "markdownDescription": "Allows the private key to be exported.", - "title": "ExportableKey", - "type": "boolean" + "ClientAuthentication": { + "$ref": "#/definitions/AWS::MSK::Cluster.VpcConnectivityClientAuthentication", + "markdownDescription": "VPC connection control settings for brokers.", + "title": "ClientAuthentication" + } + }, + "type": "object" + }, + "AWS::MSK::Cluster.VpcConnectivityClientAuthentication": { + "additionalProperties": false, + "properties": { + "Sasl": { + "$ref": "#/definitions/AWS::MSK::Cluster.VpcConnectivitySasl", + "markdownDescription": "Details for VpcConnectivity ClientAuthentication using SASL.", + "title": "Sasl" }, - "StrongKeyProtectionRequired": { - "markdownDescription": "Require user input when using the private key for enrollment.", - "title": "StrongKeyProtectionRequired", + "Tls": { + "$ref": "#/definitions/AWS::MSK::Cluster.VpcConnectivityTls", + "markdownDescription": "Details for VpcConnectivity ClientAuthentication using TLS.", + "title": "Tls" + } + }, + "type": "object" + }, + "AWS::MSK::Cluster.VpcConnectivityIam": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "SASL/IAM authentication is enabled or not.", + "title": "Enabled", "type": "boolean" } }, "required": [ - "ClientVersion" + "Enabled" ], "type": "object" }, - "AWS::PCAConnectorAD::Template.PrivateKeyFlagsV3": { + "AWS::MSK::Cluster.VpcConnectivitySasl": { "additionalProperties": false, "properties": { - "ClientVersion": { - "markdownDescription": "Defines the minimum client compatibility.", - "title": "ClientVersion", - "type": "string" - }, - "ExportableKey": { - "markdownDescription": "Allows the private key to be exported.", - "title": "ExportableKey", - "type": "boolean" - }, - "RequireAlternateSignatureAlgorithm": { - "markdownDescription": "Reguires the PKCS #1 v2.1 signature format for certificates. You should verify that your CA, objects, and applications can accept this signature format.", - "title": "RequireAlternateSignatureAlgorithm", - "type": "boolean" + "Iam": { + "$ref": "#/definitions/AWS::MSK::Cluster.VpcConnectivityIam", + "markdownDescription": "Details for ClientAuthentication using IAM for VpcConnectivity.", + "title": "Iam" }, - "StrongKeyProtectionRequired": { - "markdownDescription": "Requirer user input when using the private key for enrollment.", - "title": "StrongKeyProtectionRequired", + "Scram": { + "$ref": "#/definitions/AWS::MSK::Cluster.VpcConnectivityScram", + "markdownDescription": "Details for SASL/SCRAM client authentication for VpcConnectivity.", + "title": "Scram" + } + }, + "type": "object" + }, + "AWS::MSK::Cluster.VpcConnectivityScram": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "SASL/SCRAM authentication is enabled or not.", + "title": "Enabled", "type": "boolean" } }, "required": [ - "ClientVersion" + "Enabled" ], "type": "object" }, - "AWS::PCAConnectorAD::Template.PrivateKeyFlagsV4": { + "AWS::MSK::Cluster.VpcConnectivityTls": { "additionalProperties": false, "properties": { - "ClientVersion": { - "markdownDescription": "Defines the minimum client compatibility.", - "title": "ClientVersion", - "type": "string" - }, - "ExportableKey": { - "markdownDescription": "Allows the private key to be exported.", - "title": "ExportableKey", - "type": "boolean" - }, - "RequireAlternateSignatureAlgorithm": { - "markdownDescription": "Requires the PKCS #1 v2.1 signature format for certificates. You should verify that your CA, objects, and applications can accept this signature format.", - "title": "RequireAlternateSignatureAlgorithm", - "type": "boolean" - }, - "RequireSameKeyRenewal": { - "markdownDescription": "Renew certificate using the same private key.", - "title": "RequireSameKeyRenewal", - "type": "boolean" - }, - "StrongKeyProtectionRequired": { - "markdownDescription": "Require user input when using the private key for enrollment.", - "title": "StrongKeyProtectionRequired", - "type": "boolean" - }, - "UseLegacyProvider": { - "markdownDescription": "Specifies the cryptographic service provider category used to generate private keys. Set to TRUE to use Legacy Cryptographic Service Providers and FALSE to use Key Storage Providers.", - "title": "UseLegacyProvider", + "Enabled": { + "markdownDescription": "TLS authentication is enabled or not.", + "title": "Enabled", "type": "boolean" } }, "required": [ - "ClientVersion" + "Enabled" ], "type": "object" }, - "AWS::PCAConnectorAD::Template.SubjectNameFlagsV2": { - "additionalProperties": false, - "properties": { - "RequireCommonName": { - "markdownDescription": "Include the common name in the subject name.", - "title": "RequireCommonName", - "type": "boolean" - }, - "RequireDirectoryPath": { - "markdownDescription": "Include the directory path in the subject name.", - "title": "RequireDirectoryPath", - "type": "boolean" - }, - "RequireDnsAsCn": { - "markdownDescription": "Include the DNS as common name in the subject name.", - "title": "RequireDnsAsCn", - "type": "boolean" - }, - "RequireEmail": { - "markdownDescription": "Include the subject's email in the subject name.", - "title": "RequireEmail", - "type": "boolean" - }, - "SanRequireDirectoryGuid": { - "markdownDescription": "Include the globally unique identifier (GUID) in the subject alternate name.", - "title": "SanRequireDirectoryGuid", - "type": "boolean" - }, - "SanRequireDns": { - "markdownDescription": "Include the DNS in the subject alternate name.", - "title": "SanRequireDns", - "type": "boolean" - }, - "SanRequireDomainDns": { - "markdownDescription": "Include the domain DNS in the subject alternate name.", - "title": "SanRequireDomainDns", - "type": "boolean" - }, - "SanRequireEmail": { - "markdownDescription": "Include the subject's email in the subject alternate name.", - "title": "SanRequireEmail", - "type": "boolean" - }, - "SanRequireSpn": { - "markdownDescription": "Include the service principal name (SPN) in the subject alternate name.", - "title": "SanRequireSpn", - "type": "boolean" - }, - "SanRequireUpn": { - "markdownDescription": "Include the user principal name (UPN) in the subject alternate name.", - "title": "SanRequireUpn", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::PCAConnectorAD::Template.SubjectNameFlagsV3": { - "additionalProperties": false, - "properties": { - "RequireCommonName": { - "markdownDescription": "Include the common name in the subject name.", - "title": "RequireCommonName", - "type": "boolean" - }, - "RequireDirectoryPath": { - "markdownDescription": "Include the directory path in the subject name.", - "title": "RequireDirectoryPath", - "type": "boolean" - }, - "RequireDnsAsCn": { - "markdownDescription": "Include the DNS as common name in the subject name.", - "title": "RequireDnsAsCn", - "type": "boolean" - }, - "RequireEmail": { - "markdownDescription": "Include the subject's email in the subject name.", - "title": "RequireEmail", - "type": "boolean" - }, - "SanRequireDirectoryGuid": { - "markdownDescription": "Include the globally unique identifier (GUID) in the subject alternate name.", - "title": "SanRequireDirectoryGuid", - "type": "boolean" - }, - "SanRequireDns": { - "markdownDescription": "Include the DNS in the subject alternate name.", - "title": "SanRequireDns", - "type": "boolean" - }, - "SanRequireDomainDns": { - "markdownDescription": "Include the domain DNS in the subject alternate name.", - "title": "SanRequireDomainDns", - "type": "boolean" - }, - "SanRequireEmail": { - "markdownDescription": "Include the subject's email in the subject alternate name.", - "title": "SanRequireEmail", - "type": "boolean" - }, - "SanRequireSpn": { - "markdownDescription": "Include the service principal name (SPN) in the subject alternate name.", - "title": "SanRequireSpn", - "type": "boolean" - }, - "SanRequireUpn": { - "markdownDescription": "Include the user principal name (UPN) in the subject alternate name.", - "title": "SanRequireUpn", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::PCAConnectorAD::Template.SubjectNameFlagsV4": { - "additionalProperties": false, - "properties": { - "RequireCommonName": { - "markdownDescription": "Include the common name in the subject name.", - "title": "RequireCommonName", - "type": "boolean" - }, - "RequireDirectoryPath": { - "markdownDescription": "Include the directory path in the subject name.", - "title": "RequireDirectoryPath", - "type": "boolean" - }, - "RequireDnsAsCn": { - "markdownDescription": "Include the DNS as common name in the subject name.", - "title": "RequireDnsAsCn", - "type": "boolean" - }, - "RequireEmail": { - "markdownDescription": "Include the subject's email in the subject name.", - "title": "RequireEmail", - "type": "boolean" - }, - "SanRequireDirectoryGuid": { - "markdownDescription": "Include the globally unique identifier (GUID) in the subject alternate name.", - "title": "SanRequireDirectoryGuid", - "type": "boolean" - }, - "SanRequireDns": { - "markdownDescription": "Include the DNS in the subject alternate name.", - "title": "SanRequireDns", - "type": "boolean" - }, - "SanRequireDomainDns": { - "markdownDescription": "Include the domain DNS in the subject alternate name.", - "title": "SanRequireDomainDns", - "type": "boolean" - }, - "SanRequireEmail": { - "markdownDescription": "Include the subject's email in the subject alternate name.", - "title": "SanRequireEmail", - "type": "boolean" - }, - "SanRequireSpn": { - "markdownDescription": "Include the service principal name (SPN) in the subject alternate name.", - "title": "SanRequireSpn", - "type": "boolean" - }, - "SanRequireUpn": { - "markdownDescription": "Include the user principal name (UPN) in the subject alternate name.", - "title": "SanRequireUpn", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::PCAConnectorAD::Template.TemplateDefinition": { - "additionalProperties": false, - "properties": { - "TemplateV2": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.TemplateV2", - "markdownDescription": "Template configuration to define the information included in certificates. Define certificate validity and renewal periods, certificate request handling and enrollment options, key usage extensions, application policies, and cryptography settings.", - "title": "TemplateV2" - }, - "TemplateV3": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.TemplateV3", - "markdownDescription": "Template configuration to define the information included in certificates. Define certificate validity and renewal periods, certificate request handling and enrollment options, key usage extensions, application policies, and cryptography settings.", - "title": "TemplateV3" - }, - "TemplateV4": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.TemplateV4", - "markdownDescription": "Template configuration to define the information included in certificates. Define certificate validity and renewal periods, certificate request handling and enrollment options, key usage extensions, application policies, and cryptography settings.", - "title": "TemplateV4" - } - }, - "type": "object" - }, - "AWS::PCAConnectorAD::Template.TemplateV2": { - "additionalProperties": false, - "properties": { - "CertificateValidity": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.CertificateValidity", - "markdownDescription": "Certificate validity describes the validity and renewal periods of a certificate.", - "title": "CertificateValidity" - }, - "EnrollmentFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.EnrollmentFlagsV2", - "markdownDescription": "Enrollment flags describe the enrollment settings for certificates such as using the existing private key and deleting expired or revoked certificates.", - "title": "EnrollmentFlags" - }, - "Extensions": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ExtensionsV2", - "markdownDescription": "Extensions describe the key usage extensions and application policies for a template.", - "title": "Extensions" - }, - "GeneralFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.GeneralFlagsV2", - "markdownDescription": "General flags describe whether the template is used for computers or users and if the template can be used with autoenrollment.", - "title": "GeneralFlags" - }, - "PrivateKeyAttributes": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.PrivateKeyAttributesV2", - "markdownDescription": "Private key attributes allow you to specify the minimal key length, key spec, and cryptographic providers for the private key of a certificate for v2 templates. V2 templates allow you to use Legacy Cryptographic Service Providers.", - "title": "PrivateKeyAttributes" - }, - "PrivateKeyFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.PrivateKeyFlagsV2", - "markdownDescription": "Private key flags for v2 templates specify the client compatibility, if the private key can be exported, and if user input is required when using a private key.", - "title": "PrivateKeyFlags" - }, - "SubjectNameFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.SubjectNameFlagsV2", - "markdownDescription": "Subject name flags describe the subject name and subject alternate name that is included in a certificate.", - "title": "SubjectNameFlags" - }, - "SupersededTemplates": { - "items": { - "type": "string" - }, - "markdownDescription": "List of templates in Active Directory that are superseded by this template.", - "title": "SupersededTemplates", - "type": "array" - } - }, - "required": [ - "CertificateValidity", - "EnrollmentFlags", - "Extensions", - "GeneralFlags", - "PrivateKeyAttributes", - "PrivateKeyFlags", - "SubjectNameFlags" - ], - "type": "object" - }, - "AWS::PCAConnectorAD::Template.TemplateV3": { - "additionalProperties": false, - "properties": { - "CertificateValidity": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.CertificateValidity", - "markdownDescription": "Certificate validity describes the validity and renewal periods of a certificate.", - "title": "CertificateValidity" - }, - "EnrollmentFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.EnrollmentFlagsV3", - "markdownDescription": "Enrollment flags describe the enrollment settings for certificates such as using the existing private key and deleting expired or revoked certificates.", - "title": "EnrollmentFlags" - }, - "Extensions": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ExtensionsV3", - "markdownDescription": "Extensions describe the key usage extensions and application policies for a template.", - "title": "Extensions" - }, - "GeneralFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.GeneralFlagsV3", - "markdownDescription": "General flags describe whether the template is used for computers or users and if the template can be used with autoenrollment.", - "title": "GeneralFlags" - }, - "HashAlgorithm": { - "markdownDescription": "Specifies the hash algorithm used to hash the private key.", - "title": "HashAlgorithm", - "type": "string" - }, - "PrivateKeyAttributes": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.PrivateKeyAttributesV3", - "markdownDescription": "Private key attributes allow you to specify the algorithm, minimal key length, key spec, key usage, and cryptographic providers for the private key of a certificate for v3 templates. V3 templates allow you to use Key Storage Providers.", - "title": "PrivateKeyAttributes" - }, - "PrivateKeyFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.PrivateKeyFlagsV3", - "markdownDescription": "Private key flags for v3 templates specify the client compatibility, if the private key can be exported, if user input is required when using a private key, and if an alternate signature algorithm should be used.", - "title": "PrivateKeyFlags" - }, - "SubjectNameFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.SubjectNameFlagsV3", - "markdownDescription": "Subject name flags describe the subject name and subject alternate name that is included in a certificate.", - "title": "SubjectNameFlags" - }, - "SupersededTemplates": { - "items": { - "type": "string" - }, - "markdownDescription": "List of templates in Active Directory that are superseded by this template.", - "title": "SupersededTemplates", - "type": "array" - } - }, - "required": [ - "CertificateValidity", - "EnrollmentFlags", - "Extensions", - "GeneralFlags", - "HashAlgorithm", - "PrivateKeyAttributes", - "PrivateKeyFlags", - "SubjectNameFlags" - ], - "type": "object" - }, - "AWS::PCAConnectorAD::Template.TemplateV4": { - "additionalProperties": false, - "properties": { - "CertificateValidity": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.CertificateValidity", - "markdownDescription": "Certificate validity describes the validity and renewal periods of a certificate.", - "title": "CertificateValidity" - }, - "EnrollmentFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.EnrollmentFlagsV4", - "markdownDescription": "Enrollment flags describe the enrollment settings for certificates using the existing private key and deleting expired or revoked certificates.", - "title": "EnrollmentFlags" - }, - "Extensions": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ExtensionsV4", - "markdownDescription": "Extensions describe the key usage extensions and application policies for a template.", - "title": "Extensions" - }, - "GeneralFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.GeneralFlagsV4", - "markdownDescription": "General flags describe whether the template is used for computers or users and if the template can be used with autoenrollment.", - "title": "GeneralFlags" - }, - "HashAlgorithm": { - "markdownDescription": "Specifies the hash algorithm used to hash the private key. Hash algorithm can only be specified when using Key Storage Providers.", - "title": "HashAlgorithm", - "type": "string" - }, - "PrivateKeyAttributes": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.PrivateKeyAttributesV4", - "markdownDescription": "Private key attributes allow you to specify the minimal key length, key spec, key usage, and cryptographic providers for the private key of a certificate for v4 templates. V4 templates allow you to use either Key Storage Providers or Legacy Cryptographic Service Providers. You specify the cryptography provider category in private key flags.", - "title": "PrivateKeyAttributes" - }, - "PrivateKeyFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.PrivateKeyFlagsV4", - "markdownDescription": "Private key flags for v4 templates specify the client compatibility, if the private key can be exported, if user input is required when using a private key, if an alternate signature algorithm should be used, and if certificates are renewed using the same private key.", - "title": "PrivateKeyFlags" - }, - "SubjectNameFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.SubjectNameFlagsV4", - "markdownDescription": "Subject name flags describe the subject name and subject alternate name that is included in a certificate.", - "title": "SubjectNameFlags" - }, - "SupersededTemplates": { - "items": { - "type": "string" - }, - "markdownDescription": "List of templates in Active Directory that are superseded by this template.", - "title": "SupersededTemplates", - "type": "array" - } - }, - "required": [ - "CertificateValidity", - "EnrollmentFlags", - "Extensions", - "GeneralFlags", - "PrivateKeyAttributes", - "PrivateKeyFlags", - "SubjectNameFlags" - ], - "type": "object" - }, - "AWS::PCAConnectorAD::Template.ValidityPeriod": { - "additionalProperties": false, - "properties": { - "Period": { - "markdownDescription": "The numeric value for the validity period.", - "title": "Period", - "type": "number" - }, - "PeriodType": { - "markdownDescription": "The unit of time. You can select hours, days, weeks, months, and years.", - "title": "PeriodType", - "type": "string" - } - }, - "required": [ - "Period", - "PeriodType" - ], - "type": "object" - }, - "AWS::PCAConnectorAD::TemplateGroupAccessControlEntry": { + "AWS::MSK::ClusterPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -176135,36 +181364,26 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessRights": { - "$ref": "#/definitions/AWS::PCAConnectorAD::TemplateGroupAccessControlEntry.AccessRights", - "markdownDescription": "Permissions to allow or deny an Active Directory group to enroll or autoenroll certificates issued against a template.", - "title": "AccessRights" - }, - "GroupDisplayName": { - "markdownDescription": "Name of the Active Directory group. This name does not need to match the group name in Active Directory.", - "title": "GroupDisplayName", - "type": "string" - }, - "GroupSecurityIdentifier": { - "markdownDescription": "Security identifier (SID) of the group object from Active Directory. The SID starts with \"S-\".", - "title": "GroupSecurityIdentifier", + "ClusterArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that uniquely identifies the cluster.", + "title": "ClusterArn", "type": "string" }, - "TemplateArn": { - "markdownDescription": "The Amazon Resource Name (ARN) that was returned when you called [CreateTemplate](https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateTemplate.html) .", - "title": "TemplateArn", - "type": "string" + "Policy": { + "markdownDescription": "Resource policy for the cluster.", + "title": "Policy", + "type": "object" } }, "required": [ - "AccessRights", - "GroupDisplayName" + "ClusterArn", + "Policy" ], "type": "object" }, "Type": { "enum": [ - "AWS::PCAConnectorAD::TemplateGroupAccessControlEntry" + "AWS::MSK::ClusterPolicy" ], "type": "string" }, @@ -176183,23 +181402,7 @@ ], "type": "object" }, - "AWS::PCAConnectorAD::TemplateGroupAccessControlEntry.AccessRights": { - "additionalProperties": false, - "properties": { - "AutoEnroll": { - "markdownDescription": "Allow or deny an Active Directory group from autoenrolling certificates issued against a template. The Active Directory group must be allowed to enroll to allow autoenrollment", - "title": "AutoEnroll", - "type": "string" - }, - "Enroll": { - "markdownDescription": "Allow or deny an Active Directory group from enrolling certificates issued against a template.", - "title": "Enroll", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Panorama::ApplicationInstance": { + "AWS::MSK::Configuration": { "additionalProperties": false, "properties": { "Condition": { @@ -176234,59 +181437,44 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationInstanceIdToReplace": { - "markdownDescription": "The ID of an application instance to replace with the new instance.", - "title": "ApplicationInstanceIdToReplace", - "type": "string" - }, - "DefaultRuntimeContextDevice": { - "markdownDescription": "The device's ID.", - "title": "DefaultRuntimeContextDevice", - "type": "string" - }, "Description": { - "markdownDescription": "A description for the application instance.", + "markdownDescription": "The description of the configuration.", "title": "Description", "type": "string" }, - "ManifestOverridesPayload": { - "$ref": "#/definitions/AWS::Panorama::ApplicationInstance.ManifestOverridesPayload", - "markdownDescription": "Setting overrides for the application manifest.", - "title": "ManifestOverridesPayload" + "KafkaVersionsList": { + "items": { + "type": "string" + }, + "markdownDescription": "The [versions of Apache Kafka](https://docs.aws.amazon.com/msk/latest/developerguide/supported-kafka-versions.html) with which you can use this MSK configuration.\n\nWhen you update the `KafkaVersionsList` property, AWS CloudFormation recreates a new configuration with the updated property before deleting the old configuration. Such an update requires a [resource replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) . To successfully update `KafkaVersionsList` , you must also update the `Name` property in the same operation.\n\nIf your configuration is attached with any clusters created using the AWS Management Console or AWS CLI , you'll need to manually delete the old configuration from the console after the update completes.\n\nFor more information, see [Can\u2019t update KafkaVersionsList in MSK configuration](https://docs.aws.amazon.com/msk/latest/developerguide/troubleshooting.html#troubleshoot-kafkaversionslist-cfn-update-failure) in the *Amazon MSK Developer Guide* .", + "title": "KafkaVersionsList", + "type": "array" }, - "ManifestPayload": { - "$ref": "#/definitions/AWS::Panorama::ApplicationInstance.ManifestPayload", - "markdownDescription": "The application's manifest document.", - "title": "ManifestPayload" + "LatestRevision": { + "$ref": "#/definitions/AWS::MSK::Configuration.LatestRevision", + "markdownDescription": "Latest revision of the MSK configuration.", + "title": "LatestRevision" }, "Name": { - "markdownDescription": "A name for the application instance.", + "markdownDescription": "The name of the configuration. Configuration names are strings that match the regex \"^[0-9A-Za-z][0-9A-Za-z-]{0,}$\".", "title": "Name", "type": "string" }, - "RuntimeRoleArn": { - "markdownDescription": "The ARN of a runtime role for the application instance.", - "title": "RuntimeRoleArn", + "ServerProperties": { + "markdownDescription": "Contents of the `server.properties` file. When using the console, the SDK, or the AWS CLI , the contents of `server.properties` can be in plaintext.", + "title": "ServerProperties", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Tags for the application instance.", - "title": "Tags", - "type": "array" } }, "required": [ - "DefaultRuntimeContextDevice", - "ManifestPayload" + "Name", + "ServerProperties" ], "type": "object" }, "Type": { "enum": [ - "AWS::Panorama::ApplicationInstance" + "AWS::MSK::Configuration" ], "type": "string" }, @@ -176305,29 +181493,28 @@ ], "type": "object" }, - "AWS::Panorama::ApplicationInstance.ManifestOverridesPayload": { + "AWS::MSK::Configuration.LatestRevision": { "additionalProperties": false, "properties": { - "PayloadData": { - "markdownDescription": "The overrides document.", - "title": "PayloadData", + "CreationTime": { + "markdownDescription": "The time when the configuration revision was created.", + "title": "CreationTime", "type": "string" - } - }, - "type": "object" - }, - "AWS::Panorama::ApplicationInstance.ManifestPayload": { - "additionalProperties": false, - "properties": { - "PayloadData": { - "markdownDescription": "The application manifest.", - "title": "PayloadData", + }, + "Description": { + "markdownDescription": "The description of the configuration revision.", + "title": "Description", "type": "string" + }, + "Revision": { + "markdownDescription": "The revision number.", + "title": "Revision", + "type": "number" } }, "type": "object" }, - "AWS::Panorama::Package": { + "AWS::MSK::Replicator": { "additionalProperties": false, "properties": { "Condition": { @@ -176362,33 +181549,57 @@ "Properties": { "additionalProperties": false, "properties": { - "PackageName": { - "markdownDescription": "A name for the package.", - "title": "PackageName", + "Description": { + "markdownDescription": "A summary description of the replicator.", + "title": "Description", "type": "string" }, - "StorageLocation": { - "$ref": "#/definitions/AWS::Panorama::Package.StorageLocation", - "markdownDescription": "A storage location.", - "title": "StorageLocation" + "KafkaClusters": { + "items": { + "$ref": "#/definitions/AWS::MSK::Replicator.KafkaCluster" + }, + "markdownDescription": "Kafka Clusters to use in setting up sources / targets for replication.", + "title": "KafkaClusters", + "type": "array" + }, + "ReplicationInfoList": { + "items": { + "$ref": "#/definitions/AWS::MSK::Replicator.ReplicationInfo" + }, + "markdownDescription": "A list of replication configurations, where each configuration targets a given source cluster to target cluster replication flow.", + "title": "ReplicationInfoList", + "type": "array" + }, + "ReplicatorName": { + "markdownDescription": "The name of the replicator. Alpha-numeric characters with '-' are allowed.", + "title": "ReplicatorName", + "type": "string" + }, + "ServiceExecutionRoleArn": { + "markdownDescription": "The ARN of the IAM role used by the replicator to access resources in the customer's account (e.g source and target clusters)", + "title": "ServiceExecutionRoleArn", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Tags for the package.", + "markdownDescription": "List of tags to attach to created Replicator.", "title": "Tags", "type": "array" } }, "required": [ - "PackageName" + "KafkaClusters", + "ReplicationInfoList", + "ReplicatorName", + "ServiceExecutionRoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Panorama::Package" + "AWS::MSK::Replicator" ], "type": "string" }, @@ -176407,38 +181618,211 @@ ], "type": "object" }, - "AWS::Panorama::Package.StorageLocation": { + "AWS::MSK::Replicator.AmazonMskCluster": { "additionalProperties": false, "properties": { - "BinaryPrefixLocation": { - "markdownDescription": "The location's binary prefix.", - "title": "BinaryPrefixLocation", + "MskClusterArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an Amazon MSK cluster.", + "title": "MskClusterArn", "type": "string" + } + }, + "required": [ + "MskClusterArn" + ], + "type": "object" + }, + "AWS::MSK::Replicator.ConsumerGroupReplication": { + "additionalProperties": false, + "properties": { + "ConsumerGroupsToExclude": { + "items": { + "type": "string" + }, + "markdownDescription": "List of regular expression patterns indicating the consumer groups that should not be replicated.", + "title": "ConsumerGroupsToExclude", + "type": "array" }, - "Bucket": { - "markdownDescription": "The location's bucket.", - "title": "Bucket", + "ConsumerGroupsToReplicate": { + "items": { + "type": "string" + }, + "markdownDescription": "List of regular expression patterns indicating the consumer groups to copy.", + "title": "ConsumerGroupsToReplicate", + "type": "array" + }, + "DetectAndCopyNewConsumerGroups": { + "markdownDescription": "Enables synchronization of consumer groups to target cluster.", + "title": "DetectAndCopyNewConsumerGroups", + "type": "boolean" + }, + "SynchroniseConsumerGroupOffsets": { + "markdownDescription": "Enables synchronization of consumer group offsets to target cluster. The translated offsets will be written to topic __consumer_offsets.", + "title": "SynchroniseConsumerGroupOffsets", + "type": "boolean" + } + }, + "required": [ + "ConsumerGroupsToReplicate" + ], + "type": "object" + }, + "AWS::MSK::Replicator.KafkaCluster": { + "additionalProperties": false, + "properties": { + "AmazonMskCluster": { + "$ref": "#/definitions/AWS::MSK::Replicator.AmazonMskCluster", + "markdownDescription": "Details of an Amazon MSK Cluster.", + "title": "AmazonMskCluster" + }, + "VpcConfig": { + "$ref": "#/definitions/AWS::MSK::Replicator.KafkaClusterClientVpcConfig", + "markdownDescription": "Details of an Amazon VPC which has network connectivity to the Apache Kafka cluster.", + "title": "VpcConfig" + } + }, + "required": [ + "AmazonMskCluster", + "VpcConfig" + ], + "type": "object" + }, + "AWS::MSK::Replicator.KafkaClusterClientVpcConfig": { + "additionalProperties": false, + "properties": { + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The security groups to attach to the ENIs for the broker nodes.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of subnets in the client VPC to connect to.", + "title": "SubnetIds", + "type": "array" + } + }, + "required": [ + "SubnetIds" + ], + "type": "object" + }, + "AWS::MSK::Replicator.ReplicationInfo": { + "additionalProperties": false, + "properties": { + "ConsumerGroupReplication": { + "$ref": "#/definitions/AWS::MSK::Replicator.ConsumerGroupReplication", + "markdownDescription": "Configuration relating to consumer group replication.", + "title": "ConsumerGroupReplication" + }, + "SourceKafkaClusterArn": { + "markdownDescription": "The ARN of the source Kafka cluster.", + "title": "SourceKafkaClusterArn", "type": "string" }, - "GeneratedPrefixLocation": { - "markdownDescription": "The location's generated prefix.", - "title": "GeneratedPrefixLocation", + "TargetCompressionType": { + "markdownDescription": "The compression type to use when producing records to target cluster.", + "title": "TargetCompressionType", "type": "string" }, - "ManifestPrefixLocation": { - "markdownDescription": "The location's manifest prefix.", - "title": "ManifestPrefixLocation", + "TargetKafkaClusterArn": { + "markdownDescription": "The ARN of the target Kafka cluster.", + "title": "TargetKafkaClusterArn", "type": "string" }, - "RepoPrefixLocation": { - "markdownDescription": "The location's repo prefix.", - "title": "RepoPrefixLocation", + "TopicReplication": { + "$ref": "#/definitions/AWS::MSK::Replicator.TopicReplication", + "markdownDescription": "Configuration relating to topic replication.", + "title": "TopicReplication" + } + }, + "required": [ + "ConsumerGroupReplication", + "SourceKafkaClusterArn", + "TargetCompressionType", + "TargetKafkaClusterArn", + "TopicReplication" + ], + "type": "object" + }, + "AWS::MSK::Replicator.ReplicationStartingPosition": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "The type of replication starting position.", + "title": "Type", "type": "string" } }, "type": "object" }, - "AWS::Panorama::PackageVersion": { + "AWS::MSK::Replicator.ReplicationTopicNameConfiguration": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "The type of replication topic name configuration, identical to upstream topic name or prefixed with source cluster alias.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::MSK::Replicator.TopicReplication": { + "additionalProperties": false, + "properties": { + "CopyAccessControlListsForTopics": { + "markdownDescription": "Whether to periodically configure remote topic ACLs to match their corresponding upstream topics.", + "title": "CopyAccessControlListsForTopics", + "type": "boolean" + }, + "CopyTopicConfigurations": { + "markdownDescription": "Whether to periodically configure remote topics to match their corresponding upstream topics.", + "title": "CopyTopicConfigurations", + "type": "boolean" + }, + "DetectAndCopyNewTopics": { + "markdownDescription": "Whether to periodically check for new topics and partitions.", + "title": "DetectAndCopyNewTopics", + "type": "boolean" + }, + "StartingPosition": { + "$ref": "#/definitions/AWS::MSK::Replicator.ReplicationStartingPosition", + "markdownDescription": "Specifies the position in the topics to start replicating from.", + "title": "StartingPosition" + }, + "TopicNameConfiguration": { + "$ref": "#/definitions/AWS::MSK::Replicator.ReplicationTopicNameConfiguration", + "markdownDescription": "Configuration for specifying replicated topic names will be the same as their corresponding upstream topics or prefixed with source cluster alias.", + "title": "TopicNameConfiguration" + }, + "TopicsToExclude": { + "items": { + "type": "string" + }, + "markdownDescription": "List of regular expression patterns indicating the topics that should not be replicated.", + "title": "TopicsToExclude", + "type": "array" + }, + "TopicsToReplicate": { + "items": { + "type": "string" + }, + "markdownDescription": "List of regular expression patterns indicating the topics to copy.", + "title": "TopicsToReplicate", + "type": "array" + } + }, + "required": [ + "TopicsToReplicate" + ], + "type": "object" + }, + "AWS::MSK::ServerlessCluster": { "additionalProperties": false, "properties": { "Condition": { @@ -176473,47 +181857,46 @@ "Properties": { "additionalProperties": false, "properties": { - "MarkLatest": { - "markdownDescription": "Whether to mark the new version as the latest version.", - "title": "MarkLatest", - "type": "boolean" - }, - "OwnerAccount": { - "markdownDescription": "An owner account.", - "title": "OwnerAccount", - "type": "string" - }, - "PackageId": { - "markdownDescription": "A package ID.", - "title": "PackageId", - "type": "string" + "ClientAuthentication": { + "$ref": "#/definitions/AWS::MSK::ServerlessCluster.ClientAuthentication", + "markdownDescription": "Includes all client authentication related information.", + "title": "ClientAuthentication" }, - "PackageVersion": { - "markdownDescription": "A package version.", - "title": "PackageVersion", + "ClusterName": { + "markdownDescription": "The name of the cluster.", + "title": "ClusterName", "type": "string" }, - "PatchVersion": { - "markdownDescription": "A patch version.", - "title": "PatchVersion", - "type": "string" + "Tags": { + "additionalProperties": true, + "markdownDescription": "An arbitrary set of tags (key-value pairs) for the cluster.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" }, - "UpdatedLatestPatchVersion": { - "markdownDescription": "If the version was marked latest, the new version to maker as latest.", - "title": "UpdatedLatestPatchVersion", - "type": "string" + "VpcConfigs": { + "items": { + "$ref": "#/definitions/AWS::MSK::ServerlessCluster.VpcConfig" + }, + "markdownDescription": "VPC configuration information for the serverless cluster.", + "title": "VpcConfigs", + "type": "array" } }, "required": [ - "PackageId", - "PackageVersion", - "PatchVersion" + "ClientAuthentication", + "ClusterName", + "VpcConfigs" ], "type": "object" }, "Type": { "enum": [ - "AWS::Panorama::PackageVersion" + "AWS::MSK::ServerlessCluster" ], "type": "string" }, @@ -176532,7 +181915,74 @@ ], "type": "object" }, - "AWS::PaymentCryptography::Alias": { + "AWS::MSK::ServerlessCluster.ClientAuthentication": { + "additionalProperties": false, + "properties": { + "Sasl": { + "$ref": "#/definitions/AWS::MSK::ServerlessCluster.Sasl", + "markdownDescription": "Details for client authentication using SASL. To turn on SASL, you must also turn on `EncryptionInTransit` by setting `inCluster` to true. You must set `clientBroker` to either `TLS` or `TLS_PLAINTEXT` . If you choose `TLS_PLAINTEXT` , then you must also set `unauthenticated` to true.", + "title": "Sasl" + } + }, + "required": [ + "Sasl" + ], + "type": "object" + }, + "AWS::MSK::ServerlessCluster.Iam": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "SASL/IAM authentication is enabled or not.", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::MSK::ServerlessCluster.Sasl": { + "additionalProperties": false, + "properties": { + "Iam": { + "$ref": "#/definitions/AWS::MSK::ServerlessCluster.Iam", + "markdownDescription": "Details for ClientAuthentication using IAM.", + "title": "Iam" + } + }, + "required": [ + "Iam" + ], + "type": "object" + }, + "AWS::MSK::ServerlessCluster.VpcConfig": { + "additionalProperties": false, + "properties": { + "SecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "SecurityGroups", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "SubnetIds", + "type": "array" + } + }, + "required": [ + "SubnetIds" + ], + "type": "object" + }, + "AWS::MSK::VpcConnection": { "additionalProperties": false, "properties": { "Condition": { @@ -176567,25 +182017,61 @@ "Properties": { "additionalProperties": false, "properties": { - "AliasName": { - "markdownDescription": "A friendly name that you can use to refer to a key. The value must begin with `alias/` .\n\n> Do not include confidential or sensitive information in this field. This field may be displayed in plaintext in AWS CloudTrail logs and other output.", - "title": "AliasName", + "Authentication": { + "markdownDescription": "The type of private link authentication.", + "title": "Authentication", "type": "string" }, - "KeyArn": { - "markdownDescription": "The `KeyARN` of the key associated with the alias.", - "title": "KeyArn", + "ClientSubnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of subnets in the client VPC to connect to.", + "title": "ClientSubnets", + "type": "array" + }, + "SecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The security groups to attach to the ENIs for the broker nodes.", + "title": "SecurityGroups", + "type": "array" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "An arbitrary set of tags (key-value pairs) you specify while creating the VPC connection.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "TargetClusterArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the cluster.", + "title": "TargetClusterArn", + "type": "string" + }, + "VpcId": { + "markdownDescription": "The VPC ID of the remote client.", + "title": "VpcId", "type": "string" } }, "required": [ - "AliasName" + "Authentication", + "ClientSubnets", + "SecurityGroups", + "TargetClusterArn", + "VpcId" ], "type": "object" }, "Type": { "enum": [ - "AWS::PaymentCryptography::Alias" + "AWS::MSK::VpcConnection" ], "type": "string" }, @@ -176604,7 +182090,7 @@ ], "type": "object" }, - "AWS::PaymentCryptography::Key": { + "AWS::MWAA::Environment": { "additionalProperties": false, "properties": { "Condition": { @@ -176639,217 +182125,145 @@ "Properties": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Specifies whether the key is enabled.", - "title": "Enabled", - "type": "boolean" + "AirflowConfigurationOptions": { + "markdownDescription": "A list of key-value pairs containing the Airflow configuration options for your environment. For example, `core.default_timezone: utc` . To learn more, see [Apache Airflow configuration options](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-env-variables.html) .", + "title": "AirflowConfigurationOptions", + "type": "object" }, - "Exportable": { - "markdownDescription": "Specifies whether the key is exportable. This data is immutable after the key is created.", - "title": "Exportable", - "type": "boolean" + "AirflowVersion": { + "markdownDescription": "The version of Apache Airflow to use for the environment. If no value is specified, defaults to the latest version.\n\nIf you specify a newer version number for an existing environment, the version update requires some service interruption before taking effect.\n\n*Allowed Values* : `1.10.12` | `2.0.2` | `2.2.2` | `2.4.3` | `2.5.1` | `2.6.3` | `2.7.2` | `2.8.1` | `2.9.2` | `2.10.1` (latest)", + "title": "AirflowVersion", + "type": "string" }, - "KeyAttributes": { - "$ref": "#/definitions/AWS::PaymentCryptography::Key.KeyAttributes", - "markdownDescription": "The role of the key, the algorithm it supports, and the cryptographic operations allowed with the key. This data is immutable after the key is created.", - "title": "KeyAttributes" + "DagS3Path": { + "markdownDescription": "The relative path to the DAGs folder on your Amazon S3 bucket. For example, `dags` . To learn more, see [Adding or updating DAGs](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-dag-folder.html) .", + "title": "DagS3Path", + "type": "string" }, - "KeyCheckValueAlgorithm": { - "markdownDescription": "The algorithm that AWS Payment Cryptography uses to calculate the key check value (KCV). It is used to validate the key integrity.\n\nFor TDES keys, the KCV is computed by encrypting 8 bytes, each with value of zero, with the key to be checked and retaining the 3 highest order bytes of the encrypted result. For AES keys, the KCV is computed using a CMAC algorithm where the input data is 16 bytes of zero and retaining the 3 highest order bytes of the encrypted result.", - "title": "KeyCheckValueAlgorithm", + "EndpointManagement": { + "markdownDescription": "Defines whether the VPC endpoints configured for the environment are created, and managed, by the customer or by Amazon MWAA. If set to `SERVICE` , Amazon MWAA will create and manage the required VPC endpoints in your VPC. If set to `CUSTOMER` , you must create, and manage, the VPC endpoints in your VPC.", + "title": "EndpointManagement", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Exportable", - "KeyAttributes" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::PaymentCryptography::Key" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::PaymentCryptography::Key.KeyAttributes": { - "additionalProperties": false, - "properties": { - "KeyAlgorithm": { - "markdownDescription": "The key algorithm to be use during creation of an AWS Payment Cryptography key.\n\nFor symmetric keys, AWS Payment Cryptography supports `AES` and `TDES` algorithms. For asymmetric keys, AWS Payment Cryptography supports `RSA` and `ECC_NIST` algorithms.", - "title": "KeyAlgorithm", - "type": "string" - }, - "KeyClass": { - "markdownDescription": "The type of AWS Payment Cryptography key to create, which determines the classi\ufb01cation of the cryptographic method and whether AWS Payment Cryptography key contains a symmetric key or an asymmetric key pair.", - "title": "KeyClass", - "type": "string" - }, - "KeyModesOfUse": { - "$ref": "#/definitions/AWS::PaymentCryptography::Key.KeyModesOfUse", - "markdownDescription": "The list of cryptographic operations that you can perform using the key.", - "title": "KeyModesOfUse" - }, - "KeyUsage": { - "markdownDescription": "The cryptographic usage of an AWS Payment Cryptography key as de\ufb01ned in section A.5.2 of the TR-31 spec.", - "title": "KeyUsage", - "type": "string" - } - }, - "required": [ - "KeyAlgorithm", - "KeyClass", - "KeyModesOfUse", - "KeyUsage" - ], - "type": "object" - }, - "AWS::PaymentCryptography::Key.KeyModesOfUse": { - "additionalProperties": false, - "properties": { - "Decrypt": { - "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used to decrypt data.", - "title": "Decrypt", - "type": "boolean" - }, - "DeriveKey": { - "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used to derive new keys.", - "title": "DeriveKey", - "type": "boolean" - }, - "Encrypt": { - "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used to encrypt data.", - "title": "Encrypt", - "type": "boolean" - }, - "Generate": { - "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used to generate and verify other card and PIN verification keys.", - "title": "Generate", - "type": "boolean" - }, - "NoRestrictions": { - "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key has no special restrictions other than the restrictions implied by `KeyUsage` .", - "title": "NoRestrictions", - "type": "boolean" - }, - "Sign": { - "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used for signing.", - "title": "Sign", - "type": "boolean" - }, - "Unwrap": { - "markdownDescription": "", - "title": "Unwrap", - "type": "boolean" - }, - "Verify": { - "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used to verify signatures.", - "title": "Verify", - "type": "boolean" - }, - "Wrap": { - "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used to wrap other keys.", - "title": "Wrap", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::Personalize::Dataset": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + "EnvironmentClass": { + "markdownDescription": "The environment class type. Valid values: `mw1.micro` , `mw1.small` , `mw1.medium` , `mw1.large` , `mw1.1large` , and `mw1.2large` . To learn more, see [Amazon MWAA environment class](https://docs.aws.amazon.com/mwaa/latest/userguide/environment-class.html) .", + "title": "EnvironmentClass", "type": "string" }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DatasetGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the dataset group.", - "title": "DatasetGroupArn", + "ExecutionRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the execution role in IAM that allows MWAA to access AWS resources in your environment. For example, `arn:aws:iam::123456789:role/my-execution-role` . To learn more, see [Amazon MWAA Execution role](https://docs.aws.amazon.com/mwaa/latest/userguide/mwaa-create-role.html) .", + "title": "ExecutionRoleArn", "type": "string" }, - "DatasetImportJob": { - "$ref": "#/definitions/AWS::Personalize::Dataset.DatasetImportJob", - "markdownDescription": "Describes a job that imports training data from a data source (Amazon S3 bucket) to an Amazon Personalize dataset. If you specify a dataset import job as part of a dataset, all dataset import job fields are required.", - "title": "DatasetImportJob" - }, - "DatasetType": { - "markdownDescription": "One of the following values:\n\n- Interactions\n- Items\n- Users\n\n> You can't use CloudFormation to create an Action Interactions or Actions dataset.", - "title": "DatasetType", + "KmsKey": { + "markdownDescription": "The AWS Key Management Service (KMS) key to encrypt and decrypt the data in your environment. You can use an AWS KMS key managed by MWAA, or a customer-managed KMS key (advanced).", + "title": "KmsKey", "type": "string" }, + "LoggingConfiguration": { + "$ref": "#/definitions/AWS::MWAA::Environment.LoggingConfiguration", + "markdownDescription": "The Apache Airflow logs being sent to CloudWatch Logs: `DagProcessingLogs` , `SchedulerLogs` , `TaskLogs` , `WebserverLogs` , `WorkerLogs` .", + "title": "LoggingConfiguration" + }, + "MaxWebservers": { + "markdownDescription": "The maximum number of web servers that you want to run in your environment. Amazon MWAA scales the number of Apache Airflow web servers up to the number you specify for `MaxWebservers` when you interact with your Apache Airflow environment using Apache Airflow REST API, or the Apache Airflow CLI. For example, in scenarios where your workload requires network calls to the Apache Airflow REST API with a high transaction-per-second (TPS) rate, Amazon MWAA will increase the number of web servers up to the number set in `MaxWebserers` . As TPS rates decrease Amazon MWAA disposes of the additional web servers, and scales down to the number set in `MinxWebserers` .\n\nValid values: For environments larger than mw1.micro, accepts values from `2` to `5` . Defaults to `2` for all environment sizes except mw1.micro, which defaults to `1` .", + "title": "MaxWebservers", + "type": "number" + }, + "MaxWorkers": { + "markdownDescription": "The maximum number of workers that you want to run in your environment. MWAA scales the number of Apache Airflow workers up to the number you specify in the `MaxWorkers` field. For example, `20` . When there are no more tasks running, and no more in the queue, MWAA disposes of the extra workers leaving the one worker that is included with your environment, or the number you specify in `MinWorkers` .", + "title": "MaxWorkers", + "type": "number" + }, + "MinWebservers": { + "markdownDescription": "The minimum number of web servers that you want to run in your environment. Amazon MWAA scales the number of Apache Airflow web servers up to the number you specify for `MaxWebservers` when you interact with your Apache Airflow environment using Apache Airflow REST API, or the Apache Airflow CLI. As the transaction-per-second rate, and the network load, decrease, Amazon MWAA disposes of the additional web servers, and scales down to the number set in `MinxWebserers` .\n\nValid values: For environments larger than mw1.micro, accepts values from `2` to `5` . Defaults to `2` for all environment sizes except mw1.micro, which defaults to `1` .", + "title": "MinWebservers", + "type": "number" + }, + "MinWorkers": { + "markdownDescription": "The minimum number of workers that you want to run in your environment. MWAA scales the number of Apache Airflow workers up to the number you specify in the `MaxWorkers` field. When there are no more tasks running, and no more in the queue, MWAA disposes of the extra workers leaving the worker count you specify in the `MinWorkers` field. For example, `2` .", + "title": "MinWorkers", + "type": "number" + }, "Name": { - "markdownDescription": "The name of the dataset.", + "markdownDescription": "The name of your Amazon MWAA environment.", "title": "Name", "type": "string" }, - "SchemaArn": { - "markdownDescription": "The ARN of the associated schema.", - "title": "SchemaArn", + "NetworkConfiguration": { + "$ref": "#/definitions/AWS::MWAA::Environment.NetworkConfiguration", + "markdownDescription": "The VPC networking components used to secure and enable network traffic between the AWS resources for your environment. To learn more, see [About networking on Amazon MWAA](https://docs.aws.amazon.com/mwaa/latest/userguide/networking-about.html) .", + "title": "NetworkConfiguration" + }, + "PluginsS3ObjectVersion": { + "markdownDescription": "The version of the plugins.zip file on your Amazon S3 bucket. To learn more, see [Installing custom plugins](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-dag-import-plugins.html) .", + "title": "PluginsS3ObjectVersion", + "type": "string" + }, + "PluginsS3Path": { + "markdownDescription": "The relative path to the `plugins.zip` file on your Amazon S3 bucket. For example, `plugins.zip` . To learn more, see [Installing custom plugins](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-dag-import-plugins.html) .", + "title": "PluginsS3Path", + "type": "string" + }, + "RequirementsS3ObjectVersion": { + "markdownDescription": "The version of the requirements.txt file on your Amazon S3 bucket. To learn more, see [Installing Python dependencies](https://docs.aws.amazon.com/mwaa/latest/userguide/working-dags-dependencies.html) .", + "title": "RequirementsS3ObjectVersion", + "type": "string" + }, + "RequirementsS3Path": { + "markdownDescription": "The relative path to the `requirements.txt` file on your Amazon S3 bucket. For example, `requirements.txt` . To learn more, see [Installing Python dependencies](https://docs.aws.amazon.com/mwaa/latest/userguide/working-dags-dependencies.html) .", + "title": "RequirementsS3Path", + "type": "string" + }, + "Schedulers": { + "markdownDescription": "The number of schedulers that you want to run in your environment. Valid values:\n\n- *v2* - For environments larger than mw1.micro, accepts values from 2 to 5. Defaults to 2 for all environment sizes except mw1.micro, which defaults to 1.\n- *v1* - Accepts 1.", + "title": "Schedulers", + "type": "number" + }, + "SourceBucketArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon S3 bucket where your DAG code and supporting files are stored. For example, `arn:aws:s3:::my-airflow-bucket-unique-name` . To learn more, see [Create an Amazon S3 bucket for Amazon MWAA](https://docs.aws.amazon.com/mwaa/latest/userguide/mwaa-s3-bucket.html) .", + "title": "SourceBucketArn", + "type": "string" + }, + "StartupScriptS3ObjectVersion": { + "markdownDescription": "The version of the startup shell script in your Amazon S3 bucket. You must specify the [version ID](https://docs.aws.amazon.com/AmazonS3/latest/userguide/versioning-workflows.html) that Amazon S3 assigns to the file every time you update the script.\n\nVersion IDs are Unicode, UTF-8 encoded, URL-ready, opaque strings that are no more than 1,024 bytes long. The following is an example:\n\n`3sL4kqtJlcpXroDTDmJ+rmSpXd3dIbrHY+MTRCxf3vjVBH40Nr8X8gdRQBpUMLUo`\n\nFor more information, see [Using a startup script](https://docs.aws.amazon.com/mwaa/latest/userguide/using-startup-script.html) .", + "title": "StartupScriptS3ObjectVersion", + "type": "string" + }, + "StartupScriptS3Path": { + "markdownDescription": "The relative path to the startup shell script in your Amazon S3 bucket. For example, `s3://mwaa-environment/startup.sh` .\n\nAmazon MWAA runs the script as your environment starts, and before running the Apache Airflow process. You can use this script to install dependencies, modify Apache Airflow configuration options, and set environment variables. For more information, see [Using a startup script](https://docs.aws.amazon.com/mwaa/latest/userguide/using-startup-script.html) .", + "title": "StartupScriptS3Path", + "type": "string" + }, + "Tags": { + "markdownDescription": "The key-value tag pairs associated to your environment. For example, `\"Environment\": \"Staging\"` . To learn more, see [Tagging](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .\n\nIf you specify new tags for an existing environment, the update requires service interruption before taking effect.", + "title": "Tags", + "type": "object" + }, + "WebserverAccessMode": { + "markdownDescription": "The Apache Airflow *Web server* access mode. To learn more, see [Apache Airflow access modes](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-networking.html) . Valid values: `PRIVATE_ONLY` or `PUBLIC_ONLY` .", + "title": "WebserverAccessMode", + "type": "string" + }, + "WeeklyMaintenanceWindowStart": { + "markdownDescription": "The day and time of the week to start weekly maintenance updates of your environment in the following format: `DAY:HH:MM` . For example: `TUE:03:30` . You can specify a start time in 30 minute increments only. Supported input includes the following:\n\n- MON|TUE|WED|THU|FRI|SAT|SUN:([01]\\\\d|2[0-3]):(00|30)", + "title": "WeeklyMaintenanceWindowStart", + "type": "string" + }, + "WorkerReplacementStrategy": { + "markdownDescription": "", + "title": "WorkerReplacementStrategy", "type": "string" } }, "required": [ - "DatasetGroupArn", - "DatasetType", - "Name", - "SchemaArn" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Personalize::Dataset" + "AWS::MWAA::Environment" ], "type": "string" }, @@ -176868,49 +182282,81 @@ ], "type": "object" }, - "AWS::Personalize::Dataset.DataSource": { + "AWS::MWAA::Environment.LoggingConfiguration": { "additionalProperties": false, "properties": { - "DataLocation": { - "markdownDescription": "For dataset import jobs, the path to the Amazon S3 bucket where the data that you want to upload to your dataset is stored. For data deletion jobs, the path to the Amazon S3 bucket that stores the list of records to delete.\n\nFor example:\n\n`s3://bucket-name/folder-name/fileName.csv`\n\nIf your CSV files are in a folder in your Amazon S3 bucket and you want your import job or data deletion job to consider multiple files, you can specify the path to the folder. With a data deletion job, Amazon Personalize uses all files in the folder and any sub folder. Use the following syntax with a `/` after the folder name:\n\n`s3://bucket-name/folder-name/`", - "title": "DataLocation", - "type": "string" + "DagProcessingLogs": { + "$ref": "#/definitions/AWS::MWAA::Environment.ModuleLoggingConfiguration", + "markdownDescription": "Defines the processing logs sent to CloudWatch Logs and the logging level to send.", + "title": "DagProcessingLogs" + }, + "SchedulerLogs": { + "$ref": "#/definitions/AWS::MWAA::Environment.ModuleLoggingConfiguration", + "markdownDescription": "Defines the scheduler logs sent to CloudWatch Logs and the logging level to send.", + "title": "SchedulerLogs" + }, + "TaskLogs": { + "$ref": "#/definitions/AWS::MWAA::Environment.ModuleLoggingConfiguration", + "markdownDescription": "Defines the task logs sent to CloudWatch Logs and the logging level to send.", + "title": "TaskLogs" + }, + "WebserverLogs": { + "$ref": "#/definitions/AWS::MWAA::Environment.ModuleLoggingConfiguration", + "markdownDescription": "Defines the web server logs sent to CloudWatch Logs and the logging level to send.", + "title": "WebserverLogs" + }, + "WorkerLogs": { + "$ref": "#/definitions/AWS::MWAA::Environment.ModuleLoggingConfiguration", + "markdownDescription": "Defines the worker logs sent to CloudWatch Logs and the logging level to send.", + "title": "WorkerLogs" } }, "type": "object" }, - "AWS::Personalize::Dataset.DatasetImportJob": { + "AWS::MWAA::Environment.ModuleLoggingConfiguration": { "additionalProperties": false, "properties": { - "DataSource": { - "$ref": "#/definitions/AWS::Personalize::Dataset.DataSource", - "markdownDescription": "The Amazon S3 bucket that contains the training data to import.", - "title": "DataSource" - }, - "DatasetArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the dataset that receives the imported data.", - "title": "DatasetArn", + "CloudWatchLogGroupArn": { + "markdownDescription": "The ARN of the CloudWatch Logs log group for each type of Apache Airflow log type that you have enabled.\n\n> `CloudWatchLogGroupArn` is available only as a return value, accessible when specified as an attribute in the [`Fn:GetAtt`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mwaa-environment.html#aws-resource-mwaa-environment-return-values) intrinsic function. Any value you provide for `CloudWatchLogGroupArn` is discarded by Amazon MWAA.", + "title": "CloudWatchLogGroupArn", "type": "string" }, - "DatasetImportJobArn": { - "markdownDescription": "The ARN of the dataset import job.", - "title": "DatasetImportJobArn", - "type": "string" + "Enabled": { + "markdownDescription": "Indicates whether to enable the Apache Airflow log type (e.g. `DagProcessingLogs` ) in CloudWatch Logs.", + "title": "Enabled", + "type": "boolean" }, - "JobName": { - "markdownDescription": "The name of the import job.", - "title": "JobName", + "LogLevel": { + "markdownDescription": "Defines the Apache Airflow logs to send for the log type (e.g. `DagProcessingLogs` ) to CloudWatch Logs. Valid values: `CRITICAL` , `ERROR` , `WARNING` , `INFO` .", + "title": "LogLevel", "type": "string" + } + }, + "type": "object" + }, + "AWS::MWAA::Environment.NetworkConfiguration": { + "additionalProperties": false, + "properties": { + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of one or more security group IDs. Accepts up to 5 security group IDs. A security group must be attached to the same VPC as the subnets. To learn more, see [Security in your VPC on Amazon MWAA](https://docs.aws.amazon.com/mwaa/latest/userguide/vpc-security.html) .", + "title": "SecurityGroupIds", + "type": "array" }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role that has permissions to read from the Amazon S3 data source.", - "title": "RoleArn", - "type": "string" + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of subnet IDs. *Required* to create an environment. Must be private subnets in two different availability zones. A subnet must be attached to the same VPC as the security group. To learn more, see [About networking on Amazon MWAA](https://docs.aws.amazon.com/mwaa/latest/userguide/networking-about.html) .", + "title": "SubnetIds", + "type": "array" } }, "type": "object" }, - "AWS::Personalize::DatasetGroup": { + "AWS::Macie::AllowList": { "additionalProperties": false, "properties": { "Condition": { @@ -176945,35 +182391,39 @@ "Properties": { "additionalProperties": false, "properties": { - "Domain": { - "markdownDescription": "The domain of a Domain dataset group.", - "title": "Domain", - "type": "string" + "Criteria": { + "$ref": "#/definitions/AWS::Macie::AllowList.Criteria", + "markdownDescription": "The criteria that specify the text or text pattern to ignore. The criteria can be the location and name of an Amazon S3 object that lists specific text to ignore ( `S3WordsList` ), or a regular expression ( `Regex` ) that defines a text pattern to ignore.", + "title": "Criteria" }, - "KmsKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) key used to encrypt the datasets.", - "title": "KmsKeyArn", + "Description": { + "markdownDescription": "A custom description of the allow list. The description can contain 1-512 characters.", + "title": "Description", "type": "string" }, "Name": { - "markdownDescription": "The name of the dataset group.", + "markdownDescription": "A custom name for the allow list. The name can contain 1-128 characters.", "title": "Name", "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the AWS Identity and Access Management (IAM) role that has permissions to access the AWS Key Management Service (KMS) key. Supplying an IAM role is only valid when also specifying a KMS key.", - "title": "RoleArn", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to the allow list.\n\nFor more information, see [Resource tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, "required": [ + "Criteria", "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Personalize::DatasetGroup" + "AWS::Macie::AllowList" ], "type": "string" }, @@ -176992,7 +182442,43 @@ ], "type": "object" }, - "AWS::Personalize::Schema": { + "AWS::Macie::AllowList.Criteria": { + "additionalProperties": false, + "properties": { + "Regex": { + "markdownDescription": "The regular expression ( *regex* ) that defines the text pattern to ignore. The expression can contain 1-512 characters.", + "title": "Regex", + "type": "string" + }, + "S3WordsList": { + "$ref": "#/definitions/AWS::Macie::AllowList.S3WordsList", + "markdownDescription": "The location and name of an Amazon S3 object that lists specific text to ignore.", + "title": "S3WordsList" + } + }, + "type": "object" + }, + "AWS::Macie::AllowList.S3WordsList": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "The full name of the S3 bucket that contains the object. This value correlates to the `Name` field of a bucket's properties in Amazon S3 .\n\nThis value is case sensitive. In addition, don't use wildcard characters or specify partial values for the name.", + "title": "BucketName", + "type": "string" + }, + "ObjectKey": { + "markdownDescription": "The full name of the S3 object. This value correlates to the `Key` field of an object's properties in Amazon S3 . If the name includes a path, include the complete path. For example, `AllowLists/Macie/MyList.txt` .\n\nThis value is case sensitive. In addition, don't use wildcard characters or specify partial values for the name.", + "title": "ObjectKey", + "type": "string" + } + }, + "required": [ + "BucketName", + "ObjectKey" + ], + "type": "object" + }, + "AWS::Macie::CustomDataIdentifier": { "additionalProperties": false, "properties": { "Condition": { @@ -177027,31 +182513,60 @@ "Properties": { "additionalProperties": false, "properties": { - "Domain": { - "markdownDescription": "The domain of a schema that you created for a dataset in a Domain dataset group.", - "title": "Domain", + "Description": { + "markdownDescription": "A custom description of the custom data identifier. The description can contain 1-512 characters.\n\nAvoid including sensitive data in the description. Users of the account might be able to see the description, depending on the actions that they're allowed to perform in Amazon Macie .", + "title": "Description", "type": "string" }, + "IgnoreWords": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of character sequences ( *ignore words* ) to exclude from the results. If text matches the regular expression ( `Regex` ) but it contains a string in this array, Amazon Macie ignores the text and doesn't include it in the results.\n\nThe array can contain 1-10 ignore words. Each ignore word can contain 4-90 UTF-8 characters. Ignore words are case sensitive.", + "title": "IgnoreWords", + "type": "array" + }, + "Keywords": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of character sequences ( *keywords* ), one of which must precede and be in proximity ( `MaximumMatchDistance` ) of the regular expression ( `Regex` ) to match.\n\nThe array can contain 1-50 keywords. Each keyword can contain 3-90 UTF-8 characters. Keywords aren't case sensitive.", + "title": "Keywords", + "type": "array" + }, + "MaximumMatchDistance": { + "markdownDescription": "The maximum number of characters that can exist between the end of at least one complete character sequence specified by the `Keywords` array and the end of text that matches the regular expression ( `Regex` ). If a complete keyword precedes all the text that matches the regular expression and the keyword is within the specified distance, Amazon Macie includes the result.\n\nThe distance can be 1-300 characters. The default value is 50.", + "title": "MaximumMatchDistance", + "type": "number" + }, "Name": { - "markdownDescription": "The name of the schema.", + "markdownDescription": "A custom name for the custom data identifier. The name can contain 1-128 characters.\n\nAvoid including sensitive data in the name of a custom data identifier. Users of the account might be able to see the name, depending on the actions that they're allowed to perform in Amazon Macie .", "title": "Name", "type": "string" }, - "Schema": { - "markdownDescription": "The schema.", - "title": "Schema", + "Regex": { + "markdownDescription": "The regular expression ( *regex* ) that defines the text pattern to match. The expression can contain 1-512 characters.", + "title": "Regex", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to the custom data identifier.\n\nFor more information, see [Resource tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, "required": [ "Name", - "Schema" + "Regex" ], "type": "object" }, "Type": { "enum": [ - "AWS::Personalize::Schema" + "AWS::Macie::CustomDataIdentifier" ], "type": "string" }, @@ -177070,7 +182585,7 @@ ], "type": "object" }, - "AWS::Personalize::Solution": { + "AWS::Macie::FindingsFilter": { "additionalProperties": false, "properties": { "Condition": { @@ -177105,51 +182620,49 @@ "Properties": { "additionalProperties": false, "properties": { - "DatasetGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the dataset group that provides the training data.", - "title": "DatasetGroupArn", + "Action": { + "markdownDescription": "The action to perform on findings that match the filter criteria ( `FindingCriteria` ). Valid values are:\n\n- `ARCHIVE` - Suppress (automatically archive) the findings.\n- `NOOP` - Don't perform any action on the findings.", + "title": "Action", "type": "string" }, - "EventType": { - "markdownDescription": "The event type (for example, 'click' or 'like') that is used for training the model. If no `eventType` is provided, Amazon Personalize uses all interactions for training with equal weight regardless of type.", - "title": "EventType", + "Description": { + "markdownDescription": "A custom description of the findings filter. The description can contain 1-512 characters.\n\nAvoid including sensitive data in the description. Users of the account might be able to see the description, depending on the actions that they're allowed to perform in Amazon Macie .", + "title": "Description", "type": "string" }, + "FindingCriteria": { + "$ref": "#/definitions/AWS::Macie::FindingsFilter.FindingCriteria", + "markdownDescription": "The criteria to use to filter findings.", + "title": "FindingCriteria" + }, "Name": { - "markdownDescription": "The name of the solution.", + "markdownDescription": "A custom name for the findings filter. The name can contain 3-64 characters.\n\nAvoid including sensitive data in the name. Users of the account might be able to see the name, depending on the actions that they're allowed to perform in Amazon Macie .", "title": "Name", "type": "string" }, - "PerformAutoML": { - "markdownDescription": "> We don't recommend enabling automated machine learning. Instead, match your use case to the available Amazon Personalize recipes. For more information, see [Determining your use case.](https://docs.aws.amazon.com/personalize/latest/dg/determining-use-case.html) \n\nWhen true, Amazon Personalize performs a search for the best USER_PERSONALIZATION recipe from the list specified in the solution configuration ( `recipeArn` must not be specified). When false (the default), Amazon Personalize uses `recipeArn` for training.", - "title": "PerformAutoML", - "type": "boolean" - }, - "PerformHPO": { - "markdownDescription": "Whether to perform hyperparameter optimization (HPO) on the chosen recipe. The default is `false` .", - "title": "PerformHPO", - "type": "boolean" - }, - "RecipeArn": { - "markdownDescription": "The ARN of the recipe used to create the solution. This is required when `performAutoML` is false.", - "title": "RecipeArn", - "type": "string" + "Position": { + "markdownDescription": "The position of the findings filter in the list of saved filter rules on the Amazon Macie console. This value also determines the order in which the filter is applied to findings, relative to other filters that are also applied to findings.", + "title": "Position", + "type": "number" }, - "SolutionConfig": { - "$ref": "#/definitions/AWS::Personalize::Solution.SolutionConfig", - "markdownDescription": "Describes the configuration properties for the solution.", - "title": "SolutionConfig" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to the findings filter.\n\nFor more information, see [Resource tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, "required": [ - "DatasetGroupArn", + "FindingCriteria", "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Personalize::Solution" + "AWS::Macie::FindingsFilter" ], "type": "string" }, @@ -177168,218 +182681,66 @@ ], "type": "object" }, - "AWS::Personalize::Solution.AlgorithmHyperParameterRanges": { - "additionalProperties": false, - "properties": { - "CategoricalHyperParameterRanges": { - "items": { - "$ref": "#/definitions/AWS::Personalize::Solution.CategoricalHyperParameterRange" - }, - "markdownDescription": "Provides the name and range of a categorical hyperparameter.", - "title": "CategoricalHyperParameterRanges", - "type": "array" - }, - "ContinuousHyperParameterRanges": { - "items": { - "$ref": "#/definitions/AWS::Personalize::Solution.ContinuousHyperParameterRange" - }, - "markdownDescription": "Provides the name and range of a continuous hyperparameter.", - "title": "ContinuousHyperParameterRanges", - "type": "array" - }, - "IntegerHyperParameterRanges": { - "items": { - "$ref": "#/definitions/AWS::Personalize::Solution.IntegerHyperParameterRange" - }, - "markdownDescription": "Provides the name and range of an integer-valued hyperparameter.", - "title": "IntegerHyperParameterRanges", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Personalize::Solution.AutoMLConfig": { + "AWS::Macie::FindingsFilter.CriterionAdditionalProperties": { "additionalProperties": false, "properties": { - "MetricName": { - "markdownDescription": "The metric to optimize.", - "title": "MetricName", - "type": "string" - }, - "RecipeList": { + "eq": { "items": { "type": "string" }, - "markdownDescription": "The list of candidate recipes.", - "title": "RecipeList", + "markdownDescription": "The value for the specified property matches (equals) the specified value. If you specify multiple values, Amazon Macie uses OR logic to join the values.", + "title": "eq", "type": "array" - } - }, - "type": "object" - }, - "AWS::Personalize::Solution.CategoricalHyperParameterRange": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the hyperparameter.", - "title": "Name", - "type": "string" }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the categories for the hyperparameter.", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Personalize::Solution.ContinuousHyperParameterRange": { - "additionalProperties": false, - "properties": { - "MaxValue": { - "markdownDescription": "The maximum allowable value for the hyperparameter.", - "title": "MaxValue", + "gt": { + "markdownDescription": "The value for the specified property is greater than the specified value.", + "title": "gt", "type": "number" }, - "MinValue": { - "markdownDescription": "The minimum allowable value for the hyperparameter.", - "title": "MinValue", + "gte": { + "markdownDescription": "The value for the specified property is greater than or equal to the specified value.", + "title": "gte", "type": "number" }, - "Name": { - "markdownDescription": "The name of the hyperparameter.", - "title": "Name", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Personalize::Solution.HpoConfig": { - "additionalProperties": false, - "properties": { - "AlgorithmHyperParameterRanges": { - "$ref": "#/definitions/AWS::Personalize::Solution.AlgorithmHyperParameterRanges", - "markdownDescription": "The hyperparameters and their allowable ranges.", - "title": "AlgorithmHyperParameterRanges" - }, - "HpoObjective": { - "$ref": "#/definitions/AWS::Personalize::Solution.HpoObjective", - "markdownDescription": "The metric to optimize during HPO.\n\n> Amazon Personalize doesn't support configuring the `hpoObjective` at this time.", - "title": "HpoObjective" - }, - "HpoResourceConfig": { - "$ref": "#/definitions/AWS::Personalize::Solution.HpoResourceConfig", - "markdownDescription": "Describes the resource configuration for HPO.", - "title": "HpoResourceConfig" - } - }, - "type": "object" - }, - "AWS::Personalize::Solution.HpoObjective": { - "additionalProperties": false, - "properties": { - "MetricName": { - "markdownDescription": "The name of the metric.", - "title": "MetricName", - "type": "string" - }, - "MetricRegex": { - "markdownDescription": "A regular expression for finding the metric in the training job logs.", - "title": "MetricRegex", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of the metric. Valid values are `Maximize` and `Minimize` .", - "title": "Type", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Personalize::Solution.HpoResourceConfig": { - "additionalProperties": false, - "properties": { - "MaxNumberOfTrainingJobs": { - "markdownDescription": "The maximum number of training jobs when you create a solution version. The maximum value for `maxNumberOfTrainingJobs` is `40` .", - "title": "MaxNumberOfTrainingJobs", - "type": "string" - }, - "MaxParallelTrainingJobs": { - "markdownDescription": "The maximum number of parallel training jobs when you create a solution version. The maximum value for `maxParallelTrainingJobs` is `10` .", - "title": "MaxParallelTrainingJobs", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Personalize::Solution.IntegerHyperParameterRange": { - "additionalProperties": false, - "properties": { - "MaxValue": { - "markdownDescription": "The maximum allowable value for the hyperparameter.", - "title": "MaxValue", + "lt": { + "markdownDescription": "The value for the specified property is less than the specified value.", + "title": "lt", "type": "number" }, - "MinValue": { - "markdownDescription": "The minimum allowable value for the hyperparameter.", - "title": "MinValue", + "lte": { + "markdownDescription": "The value for the specified property is less than or equal to the specified value.", + "title": "lte", "type": "number" }, - "Name": { - "markdownDescription": "The name of the hyperparameter.", - "title": "Name", - "type": "string" + "neq": { + "items": { + "type": "string" + }, + "markdownDescription": "The value for the specified property doesn't match (doesn't equal) the specified value. If you specify multiple values, Amazon Macie uses OR logic to join the values.", + "title": "neq", + "type": "array" } }, "type": "object" }, - "AWS::Personalize::Solution.SolutionConfig": { + "AWS::Macie::FindingsFilter.FindingCriteria": { "additionalProperties": false, "properties": { - "AlgorithmHyperParameters": { - "additionalProperties": true, - "markdownDescription": "Lists the algorithm hyperparameters and their values.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "AlgorithmHyperParameters", - "type": "object" - }, - "AutoMLConfig": { - "$ref": "#/definitions/AWS::Personalize::Solution.AutoMLConfig", - "markdownDescription": "The [AutoMLConfig](https://docs.aws.amazon.com/personalize/latest/dg/API_AutoMLConfig.html) object containing a list of recipes to search when AutoML is performed.", - "title": "AutoMLConfig" - }, - "EventValueThreshold": { - "markdownDescription": "Only events with a value greater than or equal to this threshold are used for training a model.", - "title": "EventValueThreshold", - "type": "string" - }, - "FeatureTransformationParameters": { - "additionalProperties": true, - "markdownDescription": "Lists the feature transformation parameters.", + "Criterion": { + "additionalProperties": false, + "markdownDescription": "Specifies a condition that defines the property, operator, and one or more values to use to filter the results.", "patternProperties": { "^[a-zA-Z0-9]+$": { - "type": "string" + "$ref": "#/definitions/AWS::Macie::FindingsFilter.CriterionAdditionalProperties" } }, - "title": "FeatureTransformationParameters", + "title": "Criterion", "type": "object" - }, - "HpoConfig": { - "$ref": "#/definitions/AWS::Personalize::Solution.HpoConfig", - "markdownDescription": "Describes the properties for hyperparameter optimization (HPO).", - "title": "HpoConfig" } }, "type": "object" }, - "AWS::Pinpoint::ADMChannel": { + "AWS::Macie::Session": { "additionalProperties": false, "properties": { "Condition": { @@ -177414,37 +182775,22 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationId": { - "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the ADM channel applies to.", - "title": "ApplicationId", - "type": "string" - }, - "ClientId": { - "markdownDescription": "The Client ID that you received from Amazon to send messages by using ADM.", - "title": "ClientId", + "FindingPublishingFrequency": { + "markdownDescription": "Specifies how often Amazon Macie publishes updates to policy findings for the account. This includes publishing updates to AWS Security Hub and Amazon EventBridge (formerly Amazon CloudWatch Events ). Valid values are:\n\n- FIFTEEN_MINUTES\n- ONE_HOUR\n- SIX_HOURS", + "title": "FindingPublishingFrequency", "type": "string" }, - "ClientSecret": { - "markdownDescription": "The Client Secret that you received from Amazon to send messages by using ADM.", - "title": "ClientSecret", + "Status": { + "markdownDescription": "The status of Amazon Macie for the account. Valid values are: `ENABLED` , start or resume Macie activities for the account; and, `PAUSED` , suspend Macie activities for the account.", + "title": "Status", "type": "string" - }, - "Enabled": { - "markdownDescription": "Specifies whether to enable the ADM channel for the application.", - "title": "Enabled", - "type": "boolean" } }, - "required": [ - "ApplicationId", - "ClientId", - "ClientSecret" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Pinpoint::ADMChannel" + "AWS::Macie::Session" ], "type": "string" }, @@ -177458,12 +182804,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Pinpoint::APNSChannel": { + "AWS::ManagedBlockchain::Accessor": { "additionalProperties": false, "properties": { "Condition": { @@ -177498,60 +182843,33 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationId": { - "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the APNs channel applies to.", - "title": "ApplicationId", - "type": "string" - }, - "BundleId": { - "markdownDescription": "The bundle identifier that's assigned to your iOS app. This identifier is used for APNs tokens.", - "title": "BundleId", - "type": "string" - }, - "Certificate": { - "markdownDescription": "The APNs client certificate that you received from Apple. Specify this value if you want Amazon Pinpoint to communicate with APNs by using an APNs certificate.", - "title": "Certificate", - "type": "string" - }, - "DefaultAuthenticationMethod": { - "markdownDescription": "The default authentication method that you want Amazon Pinpoint to use when authenticating with APNs. Valid options are `key` or `certificate` .", - "title": "DefaultAuthenticationMethod", - "type": "string" - }, - "Enabled": { - "markdownDescription": "Specifies whether to enable the APNs channel for the application.", - "title": "Enabled", - "type": "boolean" - }, - "PrivateKey": { - "markdownDescription": "The private key for the APNs client certificate that you want Amazon Pinpoint to use to communicate with APNs.", - "title": "PrivateKey", - "type": "string" - }, - "TeamId": { - "markdownDescription": "The identifier that's assigned to your Apple Developer Account team. This identifier is used for APNs tokens.", - "title": "TeamId", + "AccessorType": { + "markdownDescription": "The type of the accessor.\n\n> Currently, accessor type is restricted to `BILLING_TOKEN` .", + "title": "AccessorType", "type": "string" }, - "TokenKey": { - "markdownDescription": "The authentication key to use for APNs tokens.", - "title": "TokenKey", + "NetworkType": { + "markdownDescription": "The blockchain network that the `Accessor` token is created for.\n\n> We recommend using the appropriate `networkType` value for the blockchain network that you are creating the `Accessor` token for. You cannot use the value `ETHEREUM_MAINNET_AND_GOERLI` to specify a `networkType` for your Accessor token.\n> \n> The default value of `ETHEREUM_MAINNET_AND_GOERLI` is only applied:\n> \n> - when the `CreateAccessor` action does not set a `networkType` .\n> - to all existing `Accessor` tokens that were created before the `networkType` property was introduced.", + "title": "NetworkType", "type": "string" }, - "TokenKeyId": { - "markdownDescription": "The key identifier that's assigned to your APNs signing key. Specify this value if you want Amazon Pinpoint to communicate with APNs by using APNs tokens.", - "title": "TokenKeyId", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags assigned to the Accessor.\n\nFor more information about tags, see [Tagging Resources](https://docs.aws.amazon.com/managed-blockchain/latest/ethereum-dev/tagging-resources.html) in the *Amazon Managed Blockchain Ethereum Developer Guide* , or [Tagging Resources](https://docs.aws.amazon.com/managed-blockchain/latest/hyperledger-fabric-dev/tagging-resources.html) in the *Amazon Managed Blockchain Hyperledger Fabric Developer Guide* .", + "title": "Tags", + "type": "array" } }, "required": [ - "ApplicationId" + "AccessorType" ], "type": "object" }, "Type": { "enum": [ - "AWS::Pinpoint::APNSChannel" + "AWS::ManagedBlockchain::Accessor" ], "type": "string" }, @@ -177570,7 +182888,7 @@ ], "type": "object" }, - "AWS::Pinpoint::APNSSandboxChannel": { + "AWS::ManagedBlockchain::Member": { "additionalProperties": false, "properties": { "Condition": { @@ -177605,60 +182923,35 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationId": { - "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the APNs sandbox channel applies to.", - "title": "ApplicationId", - "type": "string" - }, - "BundleId": { - "markdownDescription": "The bundle identifier that's assigned to your iOS app. This identifier is used for APNs tokens.", - "title": "BundleId", - "type": "string" - }, - "Certificate": { - "markdownDescription": "The APNs client certificate that you received from Apple. Specify this value if you want Amazon Pinpoint to communicate with APNs by using an APNs certificate.", - "title": "Certificate", - "type": "string" - }, - "DefaultAuthenticationMethod": { - "markdownDescription": "The default authentication method that you want Amazon Pinpoint to use when authenticating with APNs. Valid options are `key` or `certificate` .", - "title": "DefaultAuthenticationMethod", - "type": "string" - }, - "Enabled": { - "markdownDescription": "Specifies whether to enable the APNs Sandbox channel for the Amazon Pinpoint application.", - "title": "Enabled", - "type": "boolean" - }, - "PrivateKey": { - "markdownDescription": "The private key for the APNs client certificate that you want Amazon Pinpoint to use to communicate with APNs.", - "title": "PrivateKey", + "InvitationId": { + "markdownDescription": "The unique identifier of the invitation to join the network sent to the account that creates the member.", + "title": "InvitationId", "type": "string" }, - "TeamId": { - "markdownDescription": "The identifier that's assigned to your Apple Developer Account team. This identifier is used for APNs tokens.", - "title": "TeamId", - "type": "string" + "MemberConfiguration": { + "$ref": "#/definitions/AWS::ManagedBlockchain::Member.MemberConfiguration", + "markdownDescription": "Configuration properties of the member.", + "title": "MemberConfiguration" }, - "TokenKey": { - "markdownDescription": "The authentication key to use for APNs tokens.", - "title": "TokenKey", - "type": "string" + "NetworkConfiguration": { + "$ref": "#/definitions/AWS::ManagedBlockchain::Member.NetworkConfiguration", + "markdownDescription": "Configuration properties of the network to which the member belongs.", + "title": "NetworkConfiguration" }, - "TokenKeyId": { - "markdownDescription": "The key identifier that's assigned to your APNs signing key. Specify this value if you want Amazon Pinpoint to communicate with APNs by using APNs tokens.", - "title": "TokenKeyId", + "NetworkId": { + "markdownDescription": "The unique identifier of the network to which the member belongs.", + "title": "NetworkId", "type": "string" } }, "required": [ - "ApplicationId" + "MemberConfiguration" ], "type": "object" }, "Type": { "enum": [ - "AWS::Pinpoint::APNSSandboxChannel" + "AWS::ManagedBlockchain::Member" ], "type": "string" }, @@ -177677,7 +182970,161 @@ ], "type": "object" }, - "AWS::Pinpoint::APNSVoipChannel": { + "AWS::ManagedBlockchain::Member.ApprovalThresholdPolicy": { + "additionalProperties": false, + "properties": { + "ProposalDurationInHours": { + "markdownDescription": "The duration from the time that a proposal is created until it expires. If members cast neither the required number of `YES` votes to approve the proposal nor the number of `NO` votes required to reject it before the duration expires, the proposal is `EXPIRED` and `ProposalActions` aren't carried out.", + "title": "ProposalDurationInHours", + "type": "number" + }, + "ThresholdComparator": { + "markdownDescription": "Determines whether the vote percentage must be greater than the `ThresholdPercentage` or must be greater than or equal to the `ThresholdPercentage` to be approved.", + "title": "ThresholdComparator", + "type": "string" + }, + "ThresholdPercentage": { + "markdownDescription": "The percentage of votes among all members that must be `YES` for a proposal to be approved. For example, a `ThresholdPercentage` value of `50` indicates 50%. The `ThresholdComparator` determines the precise comparison. If a `ThresholdPercentage` value of `50` is specified on a network with 10 members, along with a `ThresholdComparator` value of `GREATER_THAN` , this indicates that 6 `YES` votes are required for the proposal to be approved.", + "title": "ThresholdPercentage", + "type": "number" + } + }, + "type": "object" + }, + "AWS::ManagedBlockchain::Member.MemberConfiguration": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "An optional description of the member.", + "title": "Description", + "type": "string" + }, + "MemberFrameworkConfiguration": { + "$ref": "#/definitions/AWS::ManagedBlockchain::Member.MemberFrameworkConfiguration", + "markdownDescription": "Configuration properties of the blockchain framework relevant to the member.", + "title": "MemberFrameworkConfiguration" + }, + "Name": { + "markdownDescription": "The name of the member.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::ManagedBlockchain::Member.MemberFabricConfiguration": { + "additionalProperties": false, + "properties": { + "AdminPassword": { + "markdownDescription": "The password for the member's initial administrative user. The `AdminPassword` must be at least 8 characters long and no more than 32 characters. It must contain at least one uppercase letter, one lowercase letter, and one digit. It cannot have a single quotation mark (\u2018), a double quotation marks (\u201c), a forward slash(/), a backward slash(\\), @, or a space.", + "title": "AdminPassword", + "type": "string" + }, + "AdminUsername": { + "markdownDescription": "The user name for the member's initial administrative user.", + "title": "AdminUsername", + "type": "string" + } + }, + "required": [ + "AdminPassword", + "AdminUsername" + ], + "type": "object" + }, + "AWS::ManagedBlockchain::Member.MemberFrameworkConfiguration": { + "additionalProperties": false, + "properties": { + "MemberFabricConfiguration": { + "$ref": "#/definitions/AWS::ManagedBlockchain::Member.MemberFabricConfiguration", + "markdownDescription": "Configuration properties for Hyperledger Fabric.", + "title": "MemberFabricConfiguration" + } + }, + "type": "object" + }, + "AWS::ManagedBlockchain::Member.NetworkConfiguration": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "Attributes of the blockchain framework for the network.", + "title": "Description", + "type": "string" + }, + "Framework": { + "markdownDescription": "The blockchain framework that the network uses.", + "title": "Framework", + "type": "string" + }, + "FrameworkVersion": { + "markdownDescription": "The version of the blockchain framework that the network uses.", + "title": "FrameworkVersion", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the network.", + "title": "Name", + "type": "string" + }, + "NetworkFrameworkConfiguration": { + "$ref": "#/definitions/AWS::ManagedBlockchain::Member.NetworkFrameworkConfiguration", + "markdownDescription": "Configuration properties relevant to the network for the blockchain framework that the network uses.", + "title": "NetworkFrameworkConfiguration" + }, + "VotingPolicy": { + "$ref": "#/definitions/AWS::ManagedBlockchain::Member.VotingPolicy", + "markdownDescription": "The voting rules that the network uses to decide if a proposal is accepted.", + "title": "VotingPolicy" + } + }, + "required": [ + "Framework", + "FrameworkVersion", + "Name", + "VotingPolicy" + ], + "type": "object" + }, + "AWS::ManagedBlockchain::Member.NetworkFabricConfiguration": { + "additionalProperties": false, + "properties": { + "Edition": { + "markdownDescription": "The edition of Amazon Managed Blockchain that the network uses. Valid values are `standard` and `starter` . For more information, see [Amazon Managed Blockchain Pricing](https://docs.aws.amazon.com/managed-blockchain/pricing/)", + "title": "Edition", + "type": "string" + } + }, + "required": [ + "Edition" + ], + "type": "object" + }, + "AWS::ManagedBlockchain::Member.NetworkFrameworkConfiguration": { + "additionalProperties": false, + "properties": { + "NetworkFabricConfiguration": { + "$ref": "#/definitions/AWS::ManagedBlockchain::Member.NetworkFabricConfiguration", + "markdownDescription": "Configuration properties for Hyperledger Fabric for a member in a Managed Blockchain network that is using the Hyperledger Fabric framework.", + "title": "NetworkFabricConfiguration" + } + }, + "type": "object" + }, + "AWS::ManagedBlockchain::Member.VotingPolicy": { + "additionalProperties": false, + "properties": { + "ApprovalThresholdPolicy": { + "$ref": "#/definitions/AWS::ManagedBlockchain::Member.ApprovalThresholdPolicy", + "markdownDescription": "Defines the rules for the network for voting on proposals, such as the percentage of `YES` votes required for the proposal to be approved and the duration of the proposal. The policy applies to all proposals and is specified when the network is created.", + "title": "ApprovalThresholdPolicy" + } + }, + "type": "object" + }, + "AWS::ManagedBlockchain::Node": { "additionalProperties": false, "properties": { "Condition": { @@ -177712,60 +183159,31 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationId": { - "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the APNs VoIP channel applies to.", - "title": "ApplicationId", - "type": "string" - }, - "BundleId": { - "markdownDescription": "The bundle identifier that's assigned to your iOS app. This identifier is used for APNs tokens.", - "title": "BundleId", - "type": "string" - }, - "Certificate": { - "markdownDescription": "The APNs client certificate that you received from Apple. Specify this value if you want Amazon Pinpoint to communicate with APNs by using an APNs certificate.", - "title": "Certificate", - "type": "string" - }, - "DefaultAuthenticationMethod": { - "markdownDescription": "The default authentication method that you want Amazon Pinpoint to use when authenticating with APNs. Valid options are `key` or `certificate` .", - "title": "DefaultAuthenticationMethod", + "MemberId": { + "markdownDescription": "The unique identifier of the member to which the node belongs. Applies only to Hyperledger Fabric.", + "title": "MemberId", "type": "string" }, - "Enabled": { - "markdownDescription": "Specifies whether to enable the APNs VoIP channel for the Amazon Pinpoint application.", - "title": "Enabled", - "type": "boolean" - }, - "PrivateKey": { - "markdownDescription": "The private key for the APNs client certificate that you want Amazon Pinpoint to use to communicate with APNs.", - "title": "PrivateKey", + "NetworkId": { + "markdownDescription": "The unique identifier of the network for the node.\n\nEthereum public networks have the following `NetworkId` s:\n\n- `n-ethereum-mainnet`", + "title": "NetworkId", "type": "string" }, - "TeamId": { - "markdownDescription": "The identifier that's assigned to your Apple Developer Account team. This identifier is used for APNs tokens.", - "title": "TeamId", - "type": "string" - }, - "TokenKey": { - "markdownDescription": "The authentication key to use for APNs tokens.", - "title": "TokenKey", - "type": "string" - }, - "TokenKeyId": { - "markdownDescription": "The key identifier that's assigned to your APNs signing key. Specify this value if you want Amazon Pinpoint to communicate with APNs by using APNs tokens.", - "title": "TokenKeyId", - "type": "string" + "NodeConfiguration": { + "$ref": "#/definitions/AWS::ManagedBlockchain::Node.NodeConfiguration", + "markdownDescription": "Configuration properties of a peer node.", + "title": "NodeConfiguration" } }, "required": [ - "ApplicationId" + "NetworkId", + "NodeConfiguration" ], "type": "object" }, "Type": { "enum": [ - "AWS::Pinpoint::APNSVoipChannel" + "AWS::ManagedBlockchain::Node" ], "type": "string" }, @@ -177784,7 +183202,27 @@ ], "type": "object" }, - "AWS::Pinpoint::APNSVoipSandboxChannel": { + "AWS::ManagedBlockchain::Node.NodeConfiguration": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "markdownDescription": "The Availability Zone in which the node exists. Required for Ethereum nodes.", + "title": "AvailabilityZone", + "type": "string" + }, + "InstanceType": { + "markdownDescription": "The Amazon Managed Blockchain instance type for the node.", + "title": "InstanceType", + "type": "string" + } + }, + "required": [ + "AvailabilityZone", + "InstanceType" + ], + "type": "object" + }, + "AWS::MediaConnect::Bridge": { "additionalProperties": false, "properties": { "Condition": { @@ -177819,60 +183257,58 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationId": { - "markdownDescription": "The unique identifier for the application that the APNs VoIP sandbox channel applies to.", - "title": "ApplicationId", - "type": "string" - }, - "BundleId": { - "markdownDescription": "The bundle identifier that's assigned to your iOS app. This identifier is used for APNs tokens.", - "title": "BundleId", - "type": "string" + "EgressGatewayBridge": { + "$ref": "#/definitions/AWS::MediaConnect::Bridge.EgressGatewayBridge", + "markdownDescription": "An egress bridge is a cloud-to-ground bridge. The content comes from an existing MediaConnect flow and is delivered to your premises.", + "title": "EgressGatewayBridge" }, - "Certificate": { - "markdownDescription": "The APNs client certificate that you received from Apple. Specify this value if you want Amazon Pinpoint to communicate with the APNs sandbox environment by using an APNs certificate.", - "title": "Certificate", - "type": "string" + "IngressGatewayBridge": { + "$ref": "#/definitions/AWS::MediaConnect::Bridge.IngressGatewayBridge", + "markdownDescription": "An ingress bridge is a ground-to-cloud bridge. The content originates at your premises and is delivered to the cloud.", + "title": "IngressGatewayBridge" }, - "DefaultAuthenticationMethod": { - "markdownDescription": "The default authentication method that you want Amazon Pinpoint to use when authenticating with APNs. Valid options are `key` or `certificate` .", - "title": "DefaultAuthenticationMethod", + "Name": { + "markdownDescription": "The name of the bridge. This name can not be modified after the bridge is created.", + "title": "Name", "type": "string" }, - "Enabled": { - "markdownDescription": "Specifies whether the APNs VoIP sandbox channel is enabled for the application.", - "title": "Enabled", - "type": "boolean" - }, - "PrivateKey": { - "markdownDescription": "The private key for the APNs client certificate that you want Amazon Pinpoint to use to communicate with the APNs sandbox environment.", - "title": "PrivateKey", - "type": "string" + "Outputs": { + "items": { + "$ref": "#/definitions/AWS::MediaConnect::Bridge.BridgeOutput" + }, + "markdownDescription": "The outputs that you want to add to this bridge.", + "title": "Outputs", + "type": "array" }, - "TeamId": { - "markdownDescription": "The identifier that's assigned to your Apple developer account team. This identifier is used for APNs tokens.", - "title": "TeamId", + "PlacementArn": { + "markdownDescription": "The bridge placement Amazon Resource Number (ARN).", + "title": "PlacementArn", "type": "string" }, - "TokenKey": { - "markdownDescription": "The authentication key to use for APNs tokens.", - "title": "TokenKey", - "type": "string" + "SourceFailoverConfig": { + "$ref": "#/definitions/AWS::MediaConnect::Bridge.FailoverConfig", + "markdownDescription": "The settings for source failover.", + "title": "SourceFailoverConfig" }, - "TokenKeyId": { - "markdownDescription": "The key identifier that's assigned to your APNs signing key. Specify this value if you want Amazon Pinpoint to communicate with the APNs sandbox environment by using APNs tokens.", - "title": "TokenKeyId", - "type": "string" + "Sources": { + "items": { + "$ref": "#/definitions/AWS::MediaConnect::Bridge.BridgeSource" + }, + "markdownDescription": "The sources that you want to add to this bridge.", + "title": "Sources", + "type": "array" } }, "required": [ - "ApplicationId" + "Name", + "PlacementArn", + "Sources" ], "type": "object" }, "Type": { "enum": [ - "AWS::Pinpoint::APNSVoipSandboxChannel" + "AWS::MediaConnect::Bridge" ], "type": "string" }, @@ -177891,79 +183327,237 @@ ], "type": "object" }, - "AWS::Pinpoint::App": { + "AWS::MediaConnect::Bridge.BridgeFlowSource": { "additionalProperties": false, "properties": { - "Condition": { + "FlowArn": { + "markdownDescription": "The ARN of the cloud flow used as a source of this bridge.", + "title": "FlowArn", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FlowVpcInterfaceAttachment": { + "$ref": "#/definitions/AWS::MediaConnect::Bridge.VpcInterfaceAttachment", + "markdownDescription": "The name of the VPC interface attachment to use for this source.", + "title": "FlowVpcInterfaceAttachment" + }, + "Name": { + "markdownDescription": "The name of the flow source.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "FlowArn", + "Name" + ], + "type": "object" + }, + "AWS::MediaConnect::Bridge.BridgeNetworkOutput": { + "additionalProperties": false, + "properties": { + "IpAddress": { + "markdownDescription": "The network output IP address.", + "title": "IpAddress", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Name": { + "markdownDescription": "The network output name.", + "title": "Name", + "type": "string" }, - "Metadata": { - "type": "object" + "NetworkName": { + "markdownDescription": "The network output's gateway network name.", + "title": "NetworkName", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The display name of the application.", - "title": "Name", - "type": "string" - }, - "Tags": { - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "object" - } - }, - "required": [ - "Name" - ], - "type": "object" + "Port": { + "markdownDescription": "The network output's port.", + "title": "Port", + "type": "number" }, - "Type": { - "enum": [ - "AWS::Pinpoint::App" - ], + "Protocol": { + "markdownDescription": "The network output protocol.\n\n> AWS Elemental MediaConnect no longer supports the Fujitsu QoS protocol. This reference is maintained for legacy purposes only.", + "title": "Protocol", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Ttl": { + "markdownDescription": "The network output TTL.", + "title": "Ttl", + "type": "number" + } + }, + "required": [ + "IpAddress", + "Name", + "NetworkName", + "Port", + "Protocol", + "Ttl" + ], + "type": "object" + }, + "AWS::MediaConnect::Bridge.BridgeNetworkSource": { + "additionalProperties": false, + "properties": { + "MulticastIp": { + "markdownDescription": "The network source multicast IP.", + "title": "MulticastIp", + "type": "string" + }, + "MulticastSourceSettings": { + "$ref": "#/definitions/AWS::MediaConnect::Bridge.MulticastSourceSettings", + "markdownDescription": "The settings related to the multicast source.", + "title": "MulticastSourceSettings" + }, + "Name": { + "markdownDescription": "The name of the network source.", + "title": "Name", + "type": "string" + }, + "NetworkName": { + "markdownDescription": "The network source's gateway network name.", + "title": "NetworkName", + "type": "string" + }, + "Port": { + "markdownDescription": "The network source port.", + "title": "Port", + "type": "number" + }, + "Protocol": { + "markdownDescription": "The network source protocol.\n\n> AWS Elemental MediaConnect no longer supports the Fujitsu QoS protocol. This reference is maintained for legacy purposes only.", + "title": "Protocol", "type": "string" } }, "required": [ - "Type", - "Properties" + "MulticastIp", + "Name", + "NetworkName", + "Port", + "Protocol" ], "type": "object" }, - "AWS::Pinpoint::ApplicationSettings": { + "AWS::MediaConnect::Bridge.BridgeOutput": { + "additionalProperties": false, + "properties": { + "NetworkOutput": { + "$ref": "#/definitions/AWS::MediaConnect::Bridge.BridgeNetworkOutput", + "markdownDescription": "The output of the bridge. A network output is delivered to your premises.", + "title": "NetworkOutput" + } + }, + "type": "object" + }, + "AWS::MediaConnect::Bridge.BridgeSource": { + "additionalProperties": false, + "properties": { + "FlowSource": { + "$ref": "#/definitions/AWS::MediaConnect::Bridge.BridgeFlowSource", + "markdownDescription": "The source of the bridge. A flow source originates in MediaConnect as an existing cloud flow.", + "title": "FlowSource" + }, + "NetworkSource": { + "$ref": "#/definitions/AWS::MediaConnect::Bridge.BridgeNetworkSource", + "markdownDescription": "The source of the bridge. A network source originates at your premises.", + "title": "NetworkSource" + } + }, + "type": "object" + }, + "AWS::MediaConnect::Bridge.EgressGatewayBridge": { + "additionalProperties": false, + "properties": { + "MaxBitrate": { + "markdownDescription": "The maximum expected bitrate (in bps) of the egress bridge.", + "title": "MaxBitrate", + "type": "number" + } + }, + "required": [ + "MaxBitrate" + ], + "type": "object" + }, + "AWS::MediaConnect::Bridge.FailoverConfig": { + "additionalProperties": false, + "properties": { + "FailoverMode": { + "markdownDescription": "The type of failover you choose for this flow. MERGE combines the source streams into a single stream, allowing graceful recovery from any single-source loss. FAILOVER allows switching between different streams.", + "title": "FailoverMode", + "type": "string" + }, + "SourcePriority": { + "$ref": "#/definitions/AWS::MediaConnect::Bridge.SourcePriority", + "markdownDescription": "The priority you want to assign to a source. You can have a primary stream and a backup stream or two equally prioritized streams.", + "title": "SourcePriority" + }, + "State": { + "markdownDescription": "The state of source failover on the flow. If the state is inactive, the flow can have only one source. If the state is active, the flow can have one or two sources.", + "title": "State", + "type": "string" + } + }, + "required": [ + "FailoverMode" + ], + "type": "object" + }, + "AWS::MediaConnect::Bridge.IngressGatewayBridge": { + "additionalProperties": false, + "properties": { + "MaxBitrate": { + "markdownDescription": "The maximum expected bitrate (in bps) of the ingress bridge.", + "title": "MaxBitrate", + "type": "number" + }, + "MaxOutputs": { + "markdownDescription": "The maximum number of outputs on the ingress bridge.", + "title": "MaxOutputs", + "type": "number" + } + }, + "required": [ + "MaxBitrate", + "MaxOutputs" + ], + "type": "object" + }, + "AWS::MediaConnect::Bridge.MulticastSourceSettings": { + "additionalProperties": false, + "properties": { + "MulticastSourceIp": { + "markdownDescription": "The IP address of the source for source-specific multicast (SSM).", + "title": "MulticastSourceIp", + "type": "string" + } + }, + "type": "object" + }, + "AWS::MediaConnect::Bridge.SourcePriority": { + "additionalProperties": false, + "properties": { + "PrimarySource": { + "markdownDescription": "The name of the source you choose as the primary source for this flow.", + "title": "PrimarySource", + "type": "string" + } + }, + "type": "object" + }, + "AWS::MediaConnect::Bridge.VpcInterfaceAttachment": { + "additionalProperties": false, + "properties": { + "VpcInterfaceName": { + "markdownDescription": "The name of the VPC interface to use for this resource.", + "title": "VpcInterfaceName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::MediaConnect::BridgeOutput": { "additionalProperties": false, "properties": { "Condition": { @@ -177998,40 +183592,32 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationId": { - "markdownDescription": "The unique identifier for the Amazon Pinpoint application.", - "title": "ApplicationId", + "BridgeArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the bridge that you want to update.", + "title": "BridgeArn", "type": "string" }, - "CampaignHook": { - "$ref": "#/definitions/AWS::Pinpoint::ApplicationSettings.CampaignHook", - "markdownDescription": "The settings for the Lambda function to use by default as a code hook for campaigns in the application. To override these settings for a specific campaign, use the Campaign resource to define custom Lambda function settings for the campaign.", - "title": "CampaignHook" - }, - "CloudWatchMetricsEnabled": { - "markdownDescription": "", - "title": "CloudWatchMetricsEnabled", - "type": "boolean" - }, - "Limits": { - "$ref": "#/definitions/AWS::Pinpoint::ApplicationSettings.Limits", - "markdownDescription": "The default sending limits for campaigns in the application. To override these limits for a specific campaign, use the Campaign resource to define custom limits for the campaign.", - "title": "Limits" + "Name": { + "markdownDescription": "The network output name. This name is used to reference the output and must be unique among outputs in this bridge.", + "title": "Name", + "type": "string" }, - "QuietTime": { - "$ref": "#/definitions/AWS::Pinpoint::ApplicationSettings.QuietTime", - "markdownDescription": "The default quiet time for campaigns in the application. Quiet time is a specific time range when campaigns don't send messages to endpoints, if all the following conditions are met:\n\n- The `EndpointDemographic.Timezone` property of the endpoint is set to a valid value.\n\n- The current time in the endpoint's time zone is later than or equal to the time specified by the `QuietTime.Start` property for the application (or a campaign that has custom quiet time settings).\n\n- The current time in the endpoint's time zone is earlier than or equal to the time specified by the `QuietTime.End` property for the application (or a campaign that has custom quiet time settings).\n\nIf any of the preceding conditions isn't met, the endpoint will receive messages from a campaign, even if quiet time is enabled.\n\nTo override the default quiet time settings for a specific campaign, use the Campaign resource to define a custom quiet time for the campaign.", - "title": "QuietTime" + "NetworkOutput": { + "$ref": "#/definitions/AWS::MediaConnect::BridgeOutput.BridgeNetworkOutput", + "markdownDescription": "The network output of the bridge. A network output is delivered to your premises.", + "title": "NetworkOutput" } }, "required": [ - "ApplicationId" + "BridgeArn", + "Name", + "NetworkOutput" ], "type": "object" }, "Type": { "enum": [ - "AWS::Pinpoint::ApplicationSettings" + "AWS::MediaConnect::BridgeOutput" ], "type": "string" }, @@ -178050,74 +183636,45 @@ ], "type": "object" }, - "AWS::Pinpoint::ApplicationSettings.CampaignHook": { + "AWS::MediaConnect::BridgeOutput.BridgeNetworkOutput": { "additionalProperties": false, "properties": { - "LambdaFunctionName": { - "markdownDescription": "The name or Amazon Resource Name (ARN) of the Lambda function that Amazon Pinpoint invokes to send messages for campaigns in the application.", - "title": "LambdaFunctionName", - "type": "string" - }, - "Mode": { - "markdownDescription": "The mode that Amazon Pinpoint uses to invoke the Lambda function. Possible values are:\n\n- `FILTER` - Invoke the function to customize the segment that's used by a campaign.\n- `DELIVERY` - (Deprecated) Previously, invoked the function to send a campaign through a custom channel. This functionality is not supported anymore. To send a campaign through a custom channel, use the `CustomDeliveryConfiguration` and `CampaignCustomMessage` objects of the campaign.", - "title": "Mode", + "IpAddress": { + "markdownDescription": "The network output IP address.", + "title": "IpAddress", "type": "string" }, - "WebUrl": { - "markdownDescription": "The web URL that Amazon Pinpoint calls to invoke the Lambda function over HTTPS.", - "title": "WebUrl", + "NetworkName": { + "markdownDescription": "The network output's gateway network name.", + "title": "NetworkName", "type": "string" - } - }, - "type": "object" - }, - "AWS::Pinpoint::ApplicationSettings.Limits": { - "additionalProperties": false, - "properties": { - "Daily": { - "markdownDescription": "The maximum number of messages that a campaign can send to a single endpoint during a 24-hour period. The maximum value is 100.", - "title": "Daily", - "type": "number" - }, - "MaximumDuration": { - "markdownDescription": "The maximum amount of time, in seconds, that a campaign can attempt to deliver a message after the scheduled start time for the campaign. The minimum value is 60 seconds.", - "title": "MaximumDuration", - "type": "number" }, - "MessagesPerSecond": { - "markdownDescription": "The maximum number of messages that a campaign can send each second. The minimum value is 1. The maximum value is 20,000.", - "title": "MessagesPerSecond", + "Port": { + "markdownDescription": "The network output's port.", + "title": "Port", "type": "number" }, - "Total": { - "markdownDescription": "The maximum number of messages that a campaign can send to a single endpoint during the course of the campaign. The maximum value is 100.", - "title": "Total", - "type": "number" - } - }, - "type": "object" - }, - "AWS::Pinpoint::ApplicationSettings.QuietTime": { - "additionalProperties": false, - "properties": { - "End": { - "markdownDescription": "The specific time when quiet time ends. This value has to use 24-hour notation and be in HH:MM format, where HH is the hour (with a leading zero, if applicable) and MM is the minutes. For example, use `02:30` to represent 2:30 AM, or `14:30` to represent 2:30 PM.", - "title": "End", + "Protocol": { + "markdownDescription": "The network output protocol.\n\n> AWS Elemental MediaConnect no longer supports the Fujitsu QoS protocol. This reference is maintained for legacy purposes only.", + "title": "Protocol", "type": "string" }, - "Start": { - "markdownDescription": "The specific time when quiet time begins. This value has to use 24-hour notation and be in HH:MM format, where HH is the hour (with a leading zero, if applicable) and MM is the minutes. For example, use `02:30` to represent 2:30 AM, or `14:30` to represent 2:30 PM.", - "title": "Start", - "type": "string" + "Ttl": { + "markdownDescription": "The network output TTL.", + "title": "Ttl", + "type": "number" } }, "required": [ - "End", - "Start" + "IpAddress", + "NetworkName", + "Port", + "Protocol", + "Ttl" ], "type": "object" }, - "AWS::Pinpoint::BaiduChannel": { + "AWS::MediaConnect::BridgeSource": { "additionalProperties": false, "properties": { "Condition": { @@ -178152,37 +183709,36 @@ "Properties": { "additionalProperties": false, "properties": { - "ApiKey": { - "markdownDescription": "The API key that you received from the Baidu Cloud Push service to communicate with the service.", - "title": "ApiKey", - "type": "string" - }, - "ApplicationId": { - "markdownDescription": "The unique identifier for the Amazon Pinpoint application that you're configuring the Baidu channel for.", - "title": "ApplicationId", + "BridgeArn": { + "markdownDescription": "The ARN of the bridge feeding this flow.", + "title": "BridgeArn", "type": "string" }, - "Enabled": { - "markdownDescription": "Specifies whether to enable the Baidu channel for the application.", - "title": "Enabled", - "type": "boolean" + "FlowSource": { + "$ref": "#/definitions/AWS::MediaConnect::BridgeSource.BridgeFlowSource", + "markdownDescription": "The source of the flow.", + "title": "FlowSource" }, - "SecretKey": { - "markdownDescription": "The secret key that you received from the Baidu Cloud Push service to communicate with the service.", - "title": "SecretKey", + "Name": { + "markdownDescription": "The name of the flow source. This name is used to reference the source and must be unique among sources in this bridge.", + "title": "Name", "type": "string" + }, + "NetworkSource": { + "$ref": "#/definitions/AWS::MediaConnect::BridgeSource.BridgeNetworkSource", + "markdownDescription": "The source of the network.", + "title": "NetworkSource" } }, "required": [ - "ApiKey", - "ApplicationId", - "SecretKey" + "BridgeArn", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Pinpoint::BaiduChannel" + "AWS::MediaConnect::BridgeSource" ], "type": "string" }, @@ -178201,7 +183757,85 @@ ], "type": "object" }, - "AWS::Pinpoint::Campaign": { + "AWS::MediaConnect::BridgeSource.BridgeFlowSource": { + "additionalProperties": false, + "properties": { + "FlowArn": { + "markdownDescription": "The ARN of the cloud flow used as a source of this bridge.", + "title": "FlowArn", + "type": "string" + }, + "FlowVpcInterfaceAttachment": { + "$ref": "#/definitions/AWS::MediaConnect::BridgeSource.VpcInterfaceAttachment", + "markdownDescription": "The name of the VPC interface attachment to use for this source.", + "title": "FlowVpcInterfaceAttachment" + } + }, + "required": [ + "FlowArn" + ], + "type": "object" + }, + "AWS::MediaConnect::BridgeSource.BridgeNetworkSource": { + "additionalProperties": false, + "properties": { + "MulticastIp": { + "markdownDescription": "The network source multicast IP.", + "title": "MulticastIp", + "type": "string" + }, + "MulticastSourceSettings": { + "$ref": "#/definitions/AWS::MediaConnect::BridgeSource.MulticastSourceSettings", + "markdownDescription": "The settings related to the multicast source.", + "title": "MulticastSourceSettings" + }, + "NetworkName": { + "markdownDescription": "The network source's gateway network name.", + "title": "NetworkName", + "type": "string" + }, + "Port": { + "markdownDescription": "The network source port.", + "title": "Port", + "type": "number" + }, + "Protocol": { + "markdownDescription": "The network source protocol.\n\n> AWS Elemental MediaConnect no longer supports the Fujitsu QoS protocol. This reference is maintained for legacy purposes only.", + "title": "Protocol", + "type": "string" + } + }, + "required": [ + "MulticastIp", + "NetworkName", + "Port", + "Protocol" + ], + "type": "object" + }, + "AWS::MediaConnect::BridgeSource.MulticastSourceSettings": { + "additionalProperties": false, + "properties": { + "MulticastSourceIp": { + "markdownDescription": "The IP address of the source for source-specific multicast (SSM).", + "title": "MulticastSourceIp", + "type": "string" + } + }, + "type": "object" + }, + "AWS::MediaConnect::BridgeSource.VpcInterfaceAttachment": { + "additionalProperties": false, + "properties": { + "VpcInterfaceName": { + "markdownDescription": "The name of the VPC interface to use for this resource.", + "title": "VpcInterfaceName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::MediaConnect::Flow": { "additionalProperties": false, "properties": { "Condition": { @@ -178236,111 +183870,72 @@ "Properties": { "additionalProperties": false, "properties": { - "AdditionalTreatments": { - "items": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.WriteTreatmentResource" - }, - "markdownDescription": "An array of requests that defines additional treatments for the campaign, in addition to the default treatment for the campaign.", - "title": "AdditionalTreatments", - "type": "array" - }, - "ApplicationId": { - "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the campaign is associated with.", - "title": "ApplicationId", + "AvailabilityZone": { + "markdownDescription": "The Availability Zone that you want to create the flow in. These options are limited to the Availability Zones within the current AWS Region.", + "title": "AvailabilityZone", "type": "string" }, - "CampaignHook": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.CampaignHook", - "markdownDescription": "Specifies the Lambda function to use as a code hook for a campaign.", - "title": "CampaignHook" - }, - "CustomDeliveryConfiguration": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.CustomDeliveryConfiguration", - "markdownDescription": "The delivery configuration settings for sending the treatment through a custom channel. This object is required if the `MessageConfiguration` object for the treatment specifies a `CustomMessage` object.", - "title": "CustomDeliveryConfiguration" - }, - "Description": { - "markdownDescription": "A custom description of the campaign.", - "title": "Description", + "FlowSize": { + "markdownDescription": "Determines the processing capacity and feature set of the flow. Set this optional parameter to LARGE if you want to enable NDI outputs on the flow.", + "title": "FlowSize", "type": "string" }, - "HoldoutPercent": { - "markdownDescription": "The allocated percentage of users (segment members) who shouldn't receive messages from the campaign.", - "title": "HoldoutPercent", - "type": "number" - }, - "IsPaused": { - "markdownDescription": "Specifies whether to pause the campaign. A paused campaign doesn't run unless you resume it by changing this value to `false` . If you restart a campaign, the campaign restarts from the beginning and not at the point you paused it. If a campaign is running it will complete and then pause. Pause only pauses or skips the next run for a recurring future scheduled campaign. A campaign scheduled for immediate can't be paused.", - "title": "IsPaused", - "type": "boolean" - }, - "Limits": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.Limits", - "markdownDescription": "The messaging limits for the campaign.", - "title": "Limits" + "Maintenance": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.Maintenance", + "markdownDescription": "The maintenance settings you want to use for the flow.", + "title": "Maintenance" }, - "MessageConfiguration": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.MessageConfiguration", - "markdownDescription": "The message configuration settings for the treatment.", - "title": "MessageConfiguration" + "MediaStreams": { + "items": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.MediaStream" + }, + "markdownDescription": "The media streams that are associated with the flow. After you associate a media stream with a source, you can also associate it with outputs on the flow.", + "title": "MediaStreams", + "type": "array" }, "Name": { - "markdownDescription": "The name of the campaign.", + "markdownDescription": "The name of the flow.", "title": "Name", "type": "string" }, - "Priority": { - "markdownDescription": "An integer between 1 and 5, inclusive, that represents the priority of the in-app message campaign, where 1 is the highest priority and 5 is the lowest. If there are multiple messages scheduled to be displayed at the same time, the priority determines the order in which those messages are displayed.", - "title": "Priority", - "type": "number" - }, - "Schedule": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.Schedule", - "markdownDescription": "The schedule settings for the treatment.", - "title": "Schedule" - }, - "SegmentId": { - "markdownDescription": "The unique identifier for the segment to associate with the campaign.", - "title": "SegmentId", - "type": "string" - }, - "SegmentVersion": { - "markdownDescription": "The version of the segment to associate with the campaign.", - "title": "SegmentVersion", - "type": "number" + "NdiConfig": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.NdiConfig", + "markdownDescription": "Specifies the configuration settings for NDI outputs. Required when the flow includes NDI outputs.", + "title": "NdiConfig" }, - "Tags": { - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "object" + "Source": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.Source", + "markdownDescription": "The settings for the source that you want to use for the new flow.", + "title": "Source" }, - "TemplateConfiguration": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.TemplateConfiguration", - "markdownDescription": "The message template to use for the treatment.", - "title": "TemplateConfiguration" + "SourceFailoverConfig": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.FailoverConfig", + "markdownDescription": "The settings for source failover.", + "title": "SourceFailoverConfig" }, - "TreatmentDescription": { - "markdownDescription": "A custom description of the treatment.", - "title": "TreatmentDescription", - "type": "string" + "SourceMonitoringConfig": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.SourceMonitoringConfig", + "markdownDescription": "The settings for source monitoring.", + "title": "SourceMonitoringConfig" }, - "TreatmentName": { - "markdownDescription": "A custom name for the treatment.", - "title": "TreatmentName", - "type": "string" + "VpcInterfaces": { + "items": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.VpcInterface" + }, + "markdownDescription": "The VPC Interfaces for this flow.", + "title": "VpcInterfaces", + "type": "array" } }, "required": [ - "ApplicationId", "Name", - "Schedule", - "SegmentId" + "Source" ], "type": "object" }, "Type": { "enum": [ - "AWS::Pinpoint::Campaign" + "AWS::MediaConnect::Flow" ], "type": "string" }, @@ -178359,675 +183954,644 @@ ], "type": "object" }, - "AWS::Pinpoint::Campaign.AttributeDimension": { + "AWS::MediaConnect::Flow.AudioMonitoringSetting": { "additionalProperties": false, "properties": { - "AttributeType": { - "type": "string" - }, - "Values": { - "items": { - "type": "string" - }, - "type": "array" + "SilentAudio": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.SilentAudio", + "markdownDescription": "Detects periods of silence.", + "title": "SilentAudio" } }, "type": "object" }, - "AWS::Pinpoint::Campaign.CampaignCustomMessage": { + "AWS::MediaConnect::Flow.BlackFrames": { "additionalProperties": false, "properties": { - "Data": { - "markdownDescription": "The raw, JSON-formatted string to use as the payload for the message. The maximum size is 5 KB.", - "title": "Data", + "State": { + "markdownDescription": "Indicates whether the `BlackFrames` metric is enabled or disabled..", + "title": "State", "type": "string" + }, + "ThresholdSeconds": { + "markdownDescription": "Specifies the number of consecutive seconds of black frames that triggers an event or alert.", + "title": "ThresholdSeconds", + "type": "number" } }, "type": "object" }, - "AWS::Pinpoint::Campaign.CampaignEmailMessage": { + "AWS::MediaConnect::Flow.Encryption": { "additionalProperties": false, "properties": { - "Body": { - "markdownDescription": "The body of the email for recipients whose email clients don't render HTML content.", - "title": "Body", + "Algorithm": { + "markdownDescription": "The type of algorithm that is used for static key encryption (such as aes128, aes192, or aes256). If you are using SPEKE or SRT-password encryption, this property must be left blank.", + "title": "Algorithm", "type": "string" }, - "FromAddress": { - "markdownDescription": "The verified email address to send the email from. The default address is the `FromAddress` specified for the email channel for the application.", - "title": "FromAddress", + "ConstantInitializationVector": { + "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, to be used with the key for encrypting content. This parameter is not valid for static key encryption.", + "title": "ConstantInitializationVector", "type": "string" }, - "HtmlBody": { - "markdownDescription": "The body of the email, in HTML format, for recipients whose email clients render HTML content.", - "title": "HtmlBody", + "DeviceId": { + "markdownDescription": "The value of one of the devices that you configured with your digital rights management (DRM) platform key provider. This parameter is required for SPEKE encryption and is not valid for static key encryption.", + "title": "DeviceId", "type": "string" }, - "Title": { - "markdownDescription": "The subject line, or title, of the email.", - "title": "Title", + "KeyType": { + "markdownDescription": "The type of key that is used for the encryption. If you don't specify a `keyType` value, the service uses the default setting ( `static-key` ). Valid key types are: `static-key` , `speke` , and `srt-password` .", + "title": "KeyType", + "type": "string" + }, + "Region": { + "markdownDescription": "The AWS Region that the API Gateway proxy endpoint was created in. This parameter is required for SPEKE encryption and is not valid for static key encryption.", + "title": "Region", + "type": "string" + }, + "ResourceId": { + "markdownDescription": "An identifier for the content. The service sends this value to the key server to identify the current endpoint. The resource ID is also known as the content ID. This parameter is required for SPEKE encryption and is not valid for static key encryption.", + "title": "ResourceId", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the role that you created during setup (when you set up MediaConnect as a trusted entity).", + "title": "RoleArn", + "type": "string" + }, + "SecretArn": { + "markdownDescription": "The ARN of the secret that you created in AWS Secrets Manager to store the encryption key. This parameter is required for static key encryption and is not valid for SPEKE encryption.", + "title": "SecretArn", + "type": "string" + }, + "Url": { + "markdownDescription": "The URL from the API Gateway proxy that you set up to talk to your key server. This parameter is required for SPEKE encryption and is not valid for static key encryption.", + "title": "Url", "type": "string" } }, + "required": [ + "RoleArn" + ], "type": "object" }, - "AWS::Pinpoint::Campaign.CampaignEventFilter": { + "AWS::MediaConnect::Flow.FailoverConfig": { "additionalProperties": false, "properties": { - "Dimensions": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.EventDimensions", - "markdownDescription": "The dimension settings of the event filter for the campaign.", - "title": "Dimensions" + "FailoverMode": { + "markdownDescription": "The type of failover you choose for this flow. MERGE combines the source streams into a single stream, allowing graceful recovery from any single-source loss. FAILOVER allows switching between different streams. The string for this property must be entered as MERGE or FAILOVER. No other string entry is valid.", + "title": "FailoverMode", + "type": "string" }, - "FilterType": { - "markdownDescription": "The type of event that causes the campaign to be sent. Valid values are: `SYSTEM` , sends the campaign when a system event occurs; and, `ENDPOINT` , sends the campaign when an endpoint event (Events resource) occurs.", - "title": "FilterType", + "RecoveryWindow": { + "markdownDescription": "Search window time to look for dash-7 packets.", + "title": "RecoveryWindow", + "type": "number" + }, + "SourcePriority": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.SourcePriority", + "markdownDescription": "The priority you want to assign to a source. You can have a primary stream and a backup stream or two equally prioritized streams.", + "title": "SourcePriority" + }, + "State": { + "markdownDescription": "The state of source failover on the flow. If the state is inactive, the flow can have only one source. If the state is active, the flow can have one or two sources.", + "title": "State", "type": "string" } }, "type": "object" }, - "AWS::Pinpoint::Campaign.CampaignHook": { + "AWS::MediaConnect::Flow.Fmtp": { "additionalProperties": false, "properties": { - "LambdaFunctionName": { - "markdownDescription": "The name or Amazon Resource Name (ARN) of the Lambda function that Amazon Pinpoint invokes to customize a segment for a campaign.", - "title": "LambdaFunctionName", + "ChannelOrder": { + "markdownDescription": "The format of the audio channel.", + "title": "ChannelOrder", "type": "string" }, - "Mode": { - "markdownDescription": "The mode that Amazon Pinpoint uses to invoke the Lambda function. Possible values are:\n\n- `FILTER` - Invoke the function to customize the segment that's used by a campaign.\n- `DELIVERY` - (Deprecated) Previously, invoked the function to send a campaign through a custom channel. This functionality is not supported anymore. To send a campaign through a custom channel, use the `CustomDeliveryConfiguration` and `CampaignCustomMessage` objects of the campaign.", - "title": "Mode", + "Colorimetry": { + "markdownDescription": "The format used for the representation of color.", + "title": "Colorimetry", "type": "string" }, - "WebUrl": { - "markdownDescription": "The web URL that Amazon Pinpoint calls to invoke the Lambda function over HTTPS.", - "title": "WebUrl", + "ExactFramerate": { + "markdownDescription": "The frame rate for the video stream, in frames/second. For example: 60000/1001.", + "title": "ExactFramerate", + "type": "string" + }, + "Par": { + "markdownDescription": "The pixel aspect ratio (PAR) of the video.", + "title": "Par", + "type": "string" + }, + "Range": { + "markdownDescription": "The encoding range of the video.", + "title": "Range", + "type": "string" + }, + "ScanMode": { + "markdownDescription": "The type of compression that was used to smooth the video\u2019s appearance.", + "title": "ScanMode", + "type": "string" + }, + "Tcs": { + "markdownDescription": "The transfer characteristic system (TCS) that is used in the video.", + "title": "Tcs", "type": "string" } }, "type": "object" }, - "AWS::Pinpoint::Campaign.CampaignInAppMessage": { + "AWS::MediaConnect::Flow.FrozenFrames": { "additionalProperties": false, "properties": { - "Content": { - "items": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.InAppMessageContent" - }, - "markdownDescription": "An array that contains configurtion information about the in-app message for the campaign, including title and body text, text colors, background colors, image URLs, and button configurations.", - "title": "Content", - "type": "array" - }, - "CustomConfig": { - "markdownDescription": "Custom data, in the form of key-value pairs, that is included in an in-app messaging payload.", - "title": "CustomConfig", - "type": "object" - }, - "Layout": { - "markdownDescription": "A string that describes how the in-app message will appear. You can specify one of the following:\n\n- `BOTTOM_BANNER` \u2013 a message that appears as a banner at the bottom of the page.\n- `TOP_BANNER` \u2013 a message that appears as a banner at the top of the page.\n- `OVERLAYS` \u2013 a message that covers entire screen.\n- `MOBILE_FEED` \u2013 a message that appears in a window in front of the page.\n- `MIDDLE_BANNER` \u2013 a message that appears as a banner in the middle of the page.\n- `CAROUSEL` \u2013 a scrollable layout of up to five unique messages.", - "title": "Layout", + "State": { + "markdownDescription": "Indicates whether the `FrozenFrames` metric is enabled or disabled.", + "title": "State", "type": "string" + }, + "ThresholdSeconds": { + "markdownDescription": "Specifies the number of consecutive seconds of a static image that triggers an event or alert.", + "title": "ThresholdSeconds", + "type": "number" } }, "type": "object" }, - "AWS::Pinpoint::Campaign.CampaignSmsMessage": { + "AWS::MediaConnect::Flow.GatewayBridgeSource": { "additionalProperties": false, "properties": { - "Body": { - "markdownDescription": "The body of the SMS message.", - "title": "Body", - "type": "string" - }, - "EntityId": { - "markdownDescription": "The entity ID or Principal Entity (PE) id received from the regulatory body for sending SMS in your country.", - "title": "EntityId", - "type": "string" - }, - "MessageType": { - "markdownDescription": "The SMS message type. Valid values are `TRANSACTIONAL` (for messages that are critical or time-sensitive, such as a one-time passwords) and `PROMOTIONAL` (for messsages that aren't critical or time-sensitive, such as marketing messages).", - "title": "MessageType", - "type": "string" - }, - "OriginationNumber": { - "markdownDescription": "The long code to send the SMS message from. This value should be one of the dedicated long codes that's assigned to your AWS account. Although it isn't required, we recommend that you specify the long code using an E.164 format to ensure prompt and accurate delivery of the message. For example, +12065550100.", - "title": "OriginationNumber", + "BridgeArn": { + "markdownDescription": "The ARN of the bridge feeding this flow.", + "title": "BridgeArn", "type": "string" }, - "SenderId": { - "markdownDescription": "The alphabetic Sender ID to display as the sender of the message on a recipient's device. Support for sender IDs varies by country or region. To specify a phone number as the sender, omit this parameter and use `OriginationNumber` instead. For more information about support for Sender ID by country, see the [Amazon Pinpoint User Guide](https://docs.aws.amazon.com/pinpoint/latest/userguide/channels-sms-countries.html) .", - "title": "SenderId", - "type": "string" + "VpcInterfaceAttachment": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.VpcInterfaceAttachment", + "markdownDescription": "The name of the VPC interface attachment to use for this bridge source.", + "title": "VpcInterfaceAttachment" + } + }, + "required": [ + "BridgeArn" + ], + "type": "object" + }, + "AWS::MediaConnect::Flow.InputConfiguration": { + "additionalProperties": false, + "properties": { + "InputPort": { + "markdownDescription": "The port that the flow listens on for an incoming media stream.", + "title": "InputPort", + "type": "number" }, - "TemplateId": { - "markdownDescription": "The template ID received from the regulatory body for sending SMS in your country.", - "title": "TemplateId", + "Interface": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.Interface", + "markdownDescription": "The VPC interface where the media stream comes in from.", + "title": "Interface" + } + }, + "required": [ + "InputPort", + "Interface" + ], + "type": "object" + }, + "AWS::MediaConnect::Flow.Interface": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the VPC interface.", + "title": "Name", "type": "string" } }, + "required": [ + "Name" + ], "type": "object" }, - "AWS::Pinpoint::Campaign.CustomDeliveryConfiguration": { + "AWS::MediaConnect::Flow.Maintenance": { "additionalProperties": false, "properties": { - "DeliveryUri": { - "markdownDescription": "The destination to send the campaign or treatment to. This value can be one of the following:\n\n- The name or Amazon Resource Name (ARN) of an AWS Lambda function to invoke to handle delivery of the campaign or treatment.\n- The URL for a web application or service that supports HTTPS and can receive the message. The URL has to be a full URL, including the HTTPS protocol.", - "title": "DeliveryUri", + "MaintenanceDay": { + "markdownDescription": "A day of a week when the maintenance will happen. Use Monday/Tuesday/Wednesday/Thursday/Friday/Saturday/Sunday.", + "title": "MaintenanceDay", "type": "string" }, - "EndpointTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The types of endpoints to send the campaign or treatment to. Each valid value maps to a type of channel that you can associate with an endpoint by using the `ChannelType` property of an endpoint.", - "title": "EndpointTypes", - "type": "array" + "MaintenanceStartHour": { + "markdownDescription": "UTC time when the maintenance will happen. Use 24-hour HH:MM format. Minutes must be 00. Example: 13:00. The default value is 02:00.", + "title": "MaintenanceStartHour", + "type": "string" } }, + "required": [ + "MaintenanceDay", + "MaintenanceStartHour" + ], "type": "object" }, - "AWS::Pinpoint::Campaign.DefaultButtonConfiguration": { + "AWS::MediaConnect::Flow.MediaStream": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "markdownDescription": "The background color of a button, expressed as a hex color code (such as #000000 for black).", - "title": "BackgroundColor", - "type": "string" + "Attributes": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.MediaStreamAttributes", + "markdownDescription": "Attributes that are related to the media stream.", + "title": "Attributes" }, - "BorderRadius": { - "markdownDescription": "The border radius of a button.", - "title": "BorderRadius", + "ClockRate": { + "markdownDescription": "The sample rate for the stream. This value is measured in Hz.", + "title": "ClockRate", "type": "number" }, - "ButtonAction": { - "markdownDescription": "The action that occurs when a recipient chooses a button in an in-app message. You can specify one of the following:\n\n- `LINK` \u2013 A link to a web destination.\n- `DEEP_LINK` \u2013 A link to a specific page in an application.\n- `CLOSE` \u2013 Dismisses the message.", - "title": "ButtonAction", + "Description": { + "markdownDescription": "A description that can help you quickly identify what your media stream is used for.", + "title": "Description", "type": "string" }, - "Link": { - "markdownDescription": "The destination (such as a URL) for a button.", - "title": "Link", + "Fmt": { + "markdownDescription": "The format type number (sometimes referred to as RTP payload type) of the media stream. MediaConnect assigns this value to the media stream. For ST 2110 JPEG XS outputs, you need to provide this value to the receiver.", + "title": "Fmt", + "type": "number" + }, + "MediaStreamId": { + "markdownDescription": "A unique identifier for the media stream.", + "title": "MediaStreamId", + "type": "number" + }, + "MediaStreamName": { + "markdownDescription": "A name that helps you distinguish one media stream from another.", + "title": "MediaStreamName", "type": "string" }, - "Text": { - "markdownDescription": "The text that appears on a button in an in-app message.", - "title": "Text", + "MediaStreamType": { + "markdownDescription": "The type of media stream.", + "title": "MediaStreamType", "type": "string" }, - "TextColor": { - "markdownDescription": "The color of the body text in a button, expressed as a hex color code (such as #000000 for black).", - "title": "TextColor", + "VideoFormat": { + "markdownDescription": "The resolution of the video.", + "title": "VideoFormat", "type": "string" } }, + "required": [ + "MediaStreamId", + "MediaStreamName", + "MediaStreamType" + ], "type": "object" }, - "AWS::Pinpoint::Campaign.EventDimensions": { + "AWS::MediaConnect::Flow.MediaStreamAttributes": { "additionalProperties": false, "properties": { - "Attributes": { - "markdownDescription": "One or more custom attributes that your application reports to Amazon Pinpoint. You can use these attributes as selection criteria when you create an event filter.", - "title": "Attributes", - "type": "object" - }, - "EventType": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.SetDimension", - "markdownDescription": "The name of the event that causes the campaign to be sent or the journey activity to be performed. This can be a standard event that Amazon Pinpoint generates, such as `_email.delivered` or `_custom.delivered` . For campaigns, this can also be a custom event that's specific to your application. For information about standard events, see [Streaming Amazon Pinpoint Events](https://docs.aws.amazon.com/pinpoint/latest/developerguide/event-streams.html) in the *Amazon Pinpoint Developer Guide* .", - "title": "EventType" + "Fmtp": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.Fmtp", + "markdownDescription": "The settings that you want to use to define the media stream.", + "title": "Fmtp" }, - "Metrics": { - "markdownDescription": "One or more custom metrics that your application reports to Amazon Pinpoint . You can use these metrics as selection criteria when you create an event filter.", - "title": "Metrics", - "type": "object" + "Lang": { + "markdownDescription": "The audio language, in a format that is recognized by the receiver.", + "title": "Lang", + "type": "string" } }, "type": "object" }, - "AWS::Pinpoint::Campaign.InAppMessageBodyConfig": { + "AWS::MediaConnect::Flow.MediaStreamSourceConfiguration": { "additionalProperties": false, "properties": { - "Alignment": { - "markdownDescription": "The text alignment of the main body text of the message. Acceptable values: `LEFT` , `CENTER` , `RIGHT` .", - "title": "Alignment", + "EncodingName": { + "markdownDescription": "The format that was used to encode the data. For ancillary data streams, set the encoding name to smpte291. For audio streams, set the encoding name to pcm. For video, 2110 streams, set the encoding name to raw. For video, JPEG XS streams, set the encoding name to jxsv.", + "title": "EncodingName", "type": "string" }, - "Body": { - "markdownDescription": "The main body text of the message.", - "title": "Body", - "type": "string" + "InputConfigurations": { + "items": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.InputConfiguration" + }, + "markdownDescription": "The media streams that you want to associate with the source.", + "title": "InputConfigurations", + "type": "array" }, - "TextColor": { - "markdownDescription": "The color of the body text, expressed as a string consisting of a hex color code (such as \"#000000\" for black).", - "title": "TextColor", + "MediaStreamName": { + "markdownDescription": "A name that helps you distinguish one media stream from another.", + "title": "MediaStreamName", "type": "string" } }, + "required": [ + "EncodingName", + "MediaStreamName" + ], "type": "object" }, - "AWS::Pinpoint::Campaign.InAppMessageButton": { + "AWS::MediaConnect::Flow.NdiConfig": { "additionalProperties": false, "properties": { - "Android": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.OverrideButtonConfiguration", - "markdownDescription": "An object that defines the default behavior for a button in in-app messages sent to Android.", - "title": "Android" - }, - "DefaultConfig": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.DefaultButtonConfiguration", - "markdownDescription": "An object that defines the default behavior for a button in an in-app message.", - "title": "DefaultConfig" + "MachineName": { + "markdownDescription": "A prefix for the names of the NDI sources that the flow creates. If a custom name isn't specified, MediaConnect generates a unique 12-character ID as the prefix.", + "title": "MachineName", + "type": "string" }, - "IOS": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.OverrideButtonConfiguration", - "markdownDescription": "An object that defines the default behavior for a button in in-app messages sent to iOS devices.", - "title": "IOS" + "NdiDiscoveryServers": { + "items": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.NdiDiscoveryServerConfig" + }, + "markdownDescription": "A list of up to three NDI discovery server configurations. While not required by the API, this configuration is necessary for NDI functionality to work properly.", + "title": "NdiDiscoveryServers", + "type": "array" }, - "Web": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.OverrideButtonConfiguration", - "markdownDescription": "An object that defines the default behavior for a button in in-app messages for web applications.", - "title": "Web" + "NdiState": { + "markdownDescription": "A setting that controls whether NDI outputs can be used in the flow. Must be ENABLED to add NDI outputs. Default is DISABLED.", + "title": "NdiState", + "type": "string" } }, "type": "object" }, - "AWS::Pinpoint::Campaign.InAppMessageContent": { + "AWS::MediaConnect::Flow.NdiDiscoveryServerConfig": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "markdownDescription": "The background color for an in-app message banner, expressed as a hex color code (such as #000000 for black).", - "title": "BackgroundColor", + "DiscoveryServerAddress": { + "markdownDescription": "The unique network address of the NDI discovery server.", + "title": "DiscoveryServerAddress", "type": "string" }, - "BodyConfig": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.InAppMessageBodyConfig", - "markdownDescription": "Specifies the configuration of main body text in an in-app message template.", - "title": "BodyConfig" - }, - "HeaderConfig": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.InAppMessageHeaderConfig", - "markdownDescription": "Specifies the configuration and content of the header or title text of the in-app message.", - "title": "HeaderConfig" + "DiscoveryServerPort": { + "markdownDescription": "The port for the NDI discovery server. Defaults to 5959 if a custom port isn't specified.", + "title": "DiscoveryServerPort", + "type": "number" }, - "ImageUrl": { - "markdownDescription": "The URL of the image that appears on an in-app message banner.", - "title": "ImageUrl", + "VpcInterfaceAdapter": { + "markdownDescription": "The identifier for the Virtual Private Cloud (VPC) network interface used by the flow.", + "title": "VpcInterfaceAdapter", "type": "string" - }, - "PrimaryBtn": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.InAppMessageButton", - "markdownDescription": "An object that contains configuration information about the primary button in an in-app message.", - "title": "PrimaryBtn" - }, - "SecondaryBtn": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.InAppMessageButton", - "markdownDescription": "An object that contains configuration information about the secondary button in an in-app message.", - "title": "SecondaryBtn" } }, + "required": [ + "DiscoveryServerAddress", + "VpcInterfaceAdapter" + ], "type": "object" }, - "AWS::Pinpoint::Campaign.InAppMessageHeaderConfig": { + "AWS::MediaConnect::Flow.SilentAudio": { "additionalProperties": false, "properties": { - "Alignment": { - "markdownDescription": "The text alignment of the title of the message. Acceptable values: `LEFT` , `CENTER` , `RIGHT` .", - "title": "Alignment", - "type": "string" - }, - "Header": { - "markdownDescription": "The header or title text of the in-app message.", - "title": "Header", + "State": { + "markdownDescription": "Indicates whether the `SilentAudio` metric is enabled or disabled.", + "title": "State", "type": "string" }, - "TextColor": { - "markdownDescription": "The color of the body text, expressed as a string consisting of a hex color code (such as \"#000000\" for black).", - "title": "TextColor", - "type": "string" + "ThresholdSeconds": { + "markdownDescription": "Specifies the number of consecutive seconds of silence that triggers an event or alert.", + "title": "ThresholdSeconds", + "type": "number" } }, "type": "object" }, - "AWS::Pinpoint::Campaign.Limits": { + "AWS::MediaConnect::Flow.Source": { "additionalProperties": false, "properties": { - "Daily": { - "markdownDescription": "The maximum number of messages that a campaign can send to a single endpoint during a 24-hour period. The maximum value is 100.", - "title": "Daily", + "Decryption": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.Encryption", + "markdownDescription": "The type of encryption that is used on the content ingested from this source.", + "title": "Decryption" + }, + "Description": { + "markdownDescription": "A description for the source. This value is not used or seen outside of the current MediaConnect account.", + "title": "Description", + "type": "string" + }, + "EntitlementArn": { + "markdownDescription": "The ARN of the entitlement that allows you to subscribe to content that comes from another AWS account. The entitlement is set by the content originator and the ARN is generated as part of the originator's flow.", + "title": "EntitlementArn", + "type": "string" + }, + "GatewayBridgeSource": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.GatewayBridgeSource", + "markdownDescription": "The source configuration for cloud flows receiving a stream from a bridge.", + "title": "GatewayBridgeSource" + }, + "IngestIp": { + "markdownDescription": "The IP address that the flow will be listening on for incoming content.", + "title": "IngestIp", + "type": "string" + }, + "IngestPort": { + "markdownDescription": "The port that the flow will be listening on for incoming content.", + "title": "IngestPort", "type": "number" }, - "MaximumDuration": { - "markdownDescription": "The maximum amount of time, in seconds, that a campaign can attempt to deliver a message after the scheduled start time for the campaign. The minimum value is 60 seconds.", - "title": "MaximumDuration", + "MaxBitrate": { + "markdownDescription": "The maximum bitrate for RIST, RTP, and RTP-FEC streams.", + "title": "MaxBitrate", "type": "number" }, - "MessagesPerSecond": { - "markdownDescription": "The maximum number of messages that a campaign can send each second. The minimum value is 1. The maximum value is 20,000.", - "title": "MessagesPerSecond", + "MaxLatency": { + "markdownDescription": "The maximum latency in milliseconds for a RIST or Zixi-based source.", + "title": "MaxLatency", "type": "number" }, - "Session": { - "markdownDescription": "The maximum number of messages that the campaign can send per user session.", - "title": "Session", + "MaxSyncBuffer": { + "markdownDescription": "The size of the buffer (in milliseconds) to use to sync incoming source data.", + "title": "MaxSyncBuffer", "type": "number" }, - "Total": { - "markdownDescription": "The maximum number of messages that a campaign can send to a single endpoint during the course of the campaign. The maximum value is 100.", - "title": "Total", + "MediaStreamSourceConfigurations": { + "items": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.MediaStreamSourceConfiguration" + }, + "markdownDescription": "The media streams that are associated with the source, and the parameters for those associations.", + "title": "MediaStreamSourceConfigurations", + "type": "array" + }, + "MinLatency": { + "markdownDescription": "The minimum latency in milliseconds for SRT-based streams. In streams that use the SRT protocol, this value that you set on your MediaConnect source or output represents the minimal potential latency of that connection. The latency of the stream is set to the highest number between the sender\u2019s minimum latency and the receiver\u2019s minimum latency.", + "title": "MinLatency", "type": "number" - } - }, - "type": "object" - }, - "AWS::Pinpoint::Campaign.Message": { - "additionalProperties": false, - "properties": { - "Action": { - "markdownDescription": "The action to occur if a recipient taps the push notification. Valid values are:\n\n- `OPEN_APP` \u2013 Your app opens or it becomes the foreground app if it was sent to the background. This is the default action.\n- `DEEP_LINK` \u2013 Your app opens and displays a designated user interface in the app. This setting uses the deep-linking features of iOS and Android.\n- `URL` \u2013 The default mobile browser on the recipient's device opens and loads the web page at a URL that you specify.", - "title": "Action", - "type": "string" }, - "Body": { - "markdownDescription": "The body of the notification message. The maximum number of characters is 200.", - "title": "Body", + "Name": { + "markdownDescription": "The name of the source.", + "title": "Name", "type": "string" }, - "ImageIconUrl": { - "markdownDescription": "The URL of the image to display as the push notification icon, such as the icon for the app.", - "title": "ImageIconUrl", + "Protocol": { + "markdownDescription": "The protocol that is used by the source. AWS CloudFormation does not currently support CDI or ST 2110 JPEG XS source protocols.\n\n> AWS Elemental MediaConnect no longer supports the Fujitsu QoS protocol. This reference is maintained for legacy purposes only.", + "title": "Protocol", "type": "string" }, - "ImageSmallIconUrl": { - "markdownDescription": "The URL of the image to display as the small, push notification icon, such as a small version of the icon for the app.", - "title": "ImageSmallIconUrl", - "type": "string" + "SenderControlPort": { + "markdownDescription": "The port that the flow uses to send outbound requests to initiate connection with the sender.", + "title": "SenderControlPort", + "type": "number" }, - "ImageUrl": { - "markdownDescription": "The URL of an image to display in the push notification.", - "title": "ImageUrl", + "SenderIpAddress": { + "markdownDescription": "The IP address that the flow communicates with to initiate connection with the sender.", + "title": "SenderIpAddress", "type": "string" }, - "JsonBody": { - "markdownDescription": "The JSON payload to use for a silent push notification.", - "title": "JsonBody", + "SourceArn": { + "markdownDescription": "The ARN of the source.", + "title": "SourceArn", "type": "string" }, - "MediaUrl": { - "markdownDescription": "The URL of the image or video to display in the push notification.", - "title": "MediaUrl", + "SourceIngestPort": { + "markdownDescription": "The port that the flow listens on for incoming content. If the protocol of the source is Zixi, the port must be set to 2088.", + "title": "SourceIngestPort", "type": "string" }, - "RawContent": { - "markdownDescription": "The raw, JSON-formatted string to use as the payload for the notification message. If specified, this value overrides all other content for the message.", - "title": "RawContent", + "SourceListenerAddress": { + "markdownDescription": "Source IP or domain name for SRT-caller protocol.", + "title": "SourceListenerAddress", "type": "string" }, - "SilentPush": { - "markdownDescription": "Specifies whether the notification is a silent push notification, which is a push notification that doesn't display on a recipient's device. Silent push notifications can be used for cases such as updating an app's configuration, displaying messages in an in-app message center, or supporting phone home functionality.", - "title": "SilentPush", - "type": "boolean" - }, - "TimeToLive": { - "markdownDescription": "The number of seconds that the push notification service should keep the message, if the service is unable to deliver the notification the first time. This value is converted to an expiration value when it's sent to a push notification service. If this value is `0` , the service treats the notification as if it expires immediately and the service doesn't store or try to deliver the notification again.\n\nThis value doesn't apply to messages that are sent through the Amazon Device Messaging (ADM) service.", - "title": "TimeToLive", + "SourceListenerPort": { + "markdownDescription": "Source port for SRT-caller protocol.", + "title": "SourceListenerPort", "type": "number" }, - "Title": { - "markdownDescription": "The title to display above the notification message on a recipient's device.", - "title": "Title", + "StreamId": { + "markdownDescription": "The stream ID that you want to use for the transport. This parameter applies only to Zixi-based streams.", + "title": "StreamId", "type": "string" }, - "Url": { - "markdownDescription": "The URL to open in a recipient's default mobile browser, if a recipient taps the push notification and the value of the `Action` property is `URL` .", - "title": "Url", + "VpcInterfaceName": { + "markdownDescription": "The name of the VPC interface that is used for this source.", + "title": "VpcInterfaceName", "type": "string" - } - }, - "type": "object" - }, - "AWS::Pinpoint::Campaign.MessageConfiguration": { - "additionalProperties": false, - "properties": { - "ADMMessage": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.Message", - "markdownDescription": "The message that the campaign sends through the ADM (Amazon Device Messaging) channel. If specified, this message overrides the default message.", - "title": "ADMMessage" - }, - "APNSMessage": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.Message", - "markdownDescription": "The message that the campaign sends through the APNs (Apple Push Notification service) channel. If specified, this message overrides the default message.", - "title": "APNSMessage" - }, - "BaiduMessage": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.Message", - "markdownDescription": "The message that the campaign sends through the Baidu (Baidu Cloud Push) channel. If specified, this message overrides the default message.", - "title": "BaiduMessage" - }, - "CustomMessage": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.CampaignCustomMessage", - "markdownDescription": "The message that the campaign sends through a custom channel, as specified by the delivery configuration ( `CustomDeliveryConfiguration` ) settings for the campaign. If specified, this message overrides the default message.", - "title": "CustomMessage" - }, - "DefaultMessage": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.Message", - "markdownDescription": "The default message that the campaign sends through all the channels that are configured for the campaign.", - "title": "DefaultMessage" - }, - "EmailMessage": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.CampaignEmailMessage", - "markdownDescription": "The message that the campaign sends through the email channel. If specified, this message overrides the default message.\n\n> The maximum email message size is 200 KB. You can use email templates to send larger email messages.", - "title": "EmailMessage" - }, - "GCMMessage": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.Message", - "markdownDescription": "The message that the campaign sends through the GCM channel, which enables Amazon Pinpoint to send push notifications through the Firebase Cloud Messaging (FCM), formerly Google Cloud Messaging (GCM), service. If specified, this message overrides the default message.", - "title": "GCMMessage" }, - "InAppMessage": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.CampaignInAppMessage", - "markdownDescription": "The default message for the in-app messaging channel. This message overrides the default message ( `DefaultMessage` ).", - "title": "InAppMessage" - }, - "SMSMessage": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.CampaignSmsMessage", - "markdownDescription": "The message that the campaign sends through the SMS channel. If specified, this message overrides the default message.", - "title": "SMSMessage" - } - }, - "type": "object" - }, - "AWS::Pinpoint::Campaign.MetricDimension": { - "additionalProperties": false, - "properties": { - "ComparisonOperator": { + "WhitelistCidr": { + "markdownDescription": "The range of IP addresses that should be allowed to contribute content to your source. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16.", + "title": "WhitelistCidr", "type": "string" - }, - "Value": { - "type": "number" } }, "type": "object" }, - "AWS::Pinpoint::Campaign.OverrideButtonConfiguration": { + "AWS::MediaConnect::Flow.SourceMonitoringConfig": { "additionalProperties": false, "properties": { - "ButtonAction": { - "markdownDescription": "The action that occurs when a recipient chooses a button in an in-app message. You can specify one of the following:\n\n- `LINK` \u2013 A link to a web destination.\n- `DEEP_LINK` \u2013 A link to a specific page in an application.\n- `CLOSE` \u2013 Dismisses the message.", - "title": "ButtonAction", + "AudioMonitoringSettings": { + "items": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.AudioMonitoringSetting" + }, + "markdownDescription": "Contains the settings for audio stream metrics monitoring.", + "title": "AudioMonitoringSettings", + "type": "array" + }, + "ContentQualityAnalysisState": { + "markdownDescription": "Indicates whether content quality analysis is enabled or disabled.", + "title": "ContentQualityAnalysisState", "type": "string" }, - "Link": { - "markdownDescription": "The destination (such as a URL) for a button.", - "title": "Link", + "ThumbnailState": { + "markdownDescription": "The current state of the thumbnail monitoring.\n\n- If you don't explicitly specify a value when creating a flow, no thumbnail state will be set.\n- If you update an existing flow and remove a previously set thumbnail state, the value will change to `DISABLED` .", + "title": "ThumbnailState", "type": "string" + }, + "VideoMonitoringSettings": { + "items": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.VideoMonitoringSetting" + }, + "markdownDescription": "Contains the settings for video stream metrics monitoring.", + "title": "VideoMonitoringSettings", + "type": "array" } }, "type": "object" }, - "AWS::Pinpoint::Campaign.QuietTime": { + "AWS::MediaConnect::Flow.SourcePriority": { "additionalProperties": false, "properties": { - "End": { - "markdownDescription": "The specific time when quiet time ends. This value has to use 24-hour notation and be in HH:MM format, where HH is the hour (with a leading zero, if applicable) and MM is the minutes. For example, use `02:30` to represent 2:30 AM, or `14:30` to represent 2:30 PM.", - "title": "End", - "type": "string" - }, - "Start": { - "markdownDescription": "The specific time when quiet time begins. This value has to use 24-hour notation and be in HH:MM format, where HH is the hour (with a leading zero, if applicable) and MM is the minutes. For example, use `02:30` to represent 2:30 AM, or `14:30` to represent 2:30 PM.", - "title": "Start", + "PrimarySource": { + "markdownDescription": "The name of the source you choose as the primary source for this flow.", + "title": "PrimarySource", "type": "string" } }, "required": [ - "End", - "Start" + "PrimarySource" ], "type": "object" }, - "AWS::Pinpoint::Campaign.Schedule": { + "AWS::MediaConnect::Flow.VideoMonitoringSetting": { "additionalProperties": false, "properties": { - "EndTime": { - "markdownDescription": "The scheduled time, in ISO 8601 format, when the campaign ended or will end.", - "title": "EndTime", - "type": "string" - }, - "EventFilter": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.CampaignEventFilter", - "markdownDescription": "The type of event that causes the campaign to be sent, if the value of the `Frequency` property is `EVENT` .", - "title": "EventFilter" + "BlackFrames": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.BlackFrames", + "markdownDescription": "Detects video frames that are black.", + "title": "BlackFrames" }, - "Frequency": { - "markdownDescription": "Specifies how often the campaign is sent or whether the campaign is sent in response to a specific event.", - "title": "Frequency", - "type": "string" - }, - "IsLocalTime": { - "markdownDescription": "Specifies whether the start and end times for the campaign schedule use each recipient's local time. To base the schedule on each recipient's local time, set this value to `true` .", - "title": "IsLocalTime", - "type": "boolean" - }, - "QuietTime": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.QuietTime", - "markdownDescription": "The default quiet time for the campaign. Quiet time is a specific time range when a campaign doesn't send messages to endpoints, if all the following conditions are met:\n\n- The `EndpointDemographic.Timezone` property of the endpoint is set to a valid value.\n- The current time in the endpoint's time zone is later than or equal to the time specified by the `QuietTime.Start` property for the campaign.\n- The current time in the endpoint's time zone is earlier than or equal to the time specified by the `QuietTime.End` property for the campaign.\n\nIf any of the preceding conditions isn't met, the endpoint will receive messages from the campaign, even if quiet time is enabled.", - "title": "QuietTime" - }, - "StartTime": { - "markdownDescription": "The scheduled time when the campaign began or will begin. Valid values are: `IMMEDIATE` , to start the campaign immediately; or, a specific time in ISO 8601 format.", - "title": "StartTime", - "type": "string" - }, - "TimeZone": { - "markdownDescription": "The starting UTC offset for the campaign schedule, if the value of the `IsLocalTime` property is `true` . Valid values are: `UTC, UTC+01, UTC+02, UTC+03, UTC+03:30, UTC+04, UTC+04:30, UTC+05, UTC+05:30, UTC+05:45, UTC+06, UTC+06:30, UTC+07, UTC+08, UTC+09, UTC+09:30, UTC+10, UTC+10:30, UTC+11, UTC+12, UTC+13, UTC-02, UTC-03, UTC-04, UTC-05, UTC-06, UTC-07, UTC-08, UTC-09, UTC-10,` and `UTC-11` .", - "title": "TimeZone", - "type": "string" + "FrozenFrames": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.FrozenFrames", + "markdownDescription": "Detects video frames that have not changed.", + "title": "FrozenFrames" } }, "type": "object" }, - "AWS::Pinpoint::Campaign.SetDimension": { + "AWS::MediaConnect::Flow.VpcInterface": { "additionalProperties": false, "properties": { - "DimensionType": { - "markdownDescription": "The type of segment dimension to use. Valid values are: `INCLUSIVE` , endpoints that match the criteria are included in the segment; and, `EXCLUSIVE` , endpoints that match the criteria are excluded from the segment.", - "title": "DimensionType", + "Name": { + "markdownDescription": "Immutable and has to be a unique against other VpcInterfaces in this Flow.", + "title": "Name", "type": "string" }, - "Values": { + "NetworkInterfaceIds": { "items": { "type": "string" }, - "markdownDescription": "The criteria values to use for the segment dimension. Depending on the value of the `DimensionType` property, endpoints are included or excluded from the segment if their values match the criteria values.", - "title": "Values", + "markdownDescription": "IDs of the network interfaces created in customer's account by MediaConnect .", + "title": "NetworkInterfaceIds", "type": "array" - } - }, - "type": "object" - }, - "AWS::Pinpoint::Campaign.Template": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the message template to use for the message. If specified, this value must match the name of an existing message template.", - "title": "Name", - "type": "string" }, - "Version": { - "markdownDescription": "The unique identifier for the version of the message template to use for the message. If specified, this value must match the identifier for an existing template version. To retrieve a list of versions and version identifiers for a template, use the [Template Versions](https://docs.aws.amazon.com/pinpoint/latest/apireference/templates-template-name-template-type-versions.html) resource.\n\nIf you don't specify a value for this property, Amazon Pinpoint uses the *active version* of the template. The *active version* is typically the version of a template that's been most recently reviewed and approved for use, depending on your workflow. It isn't necessarily the latest version of a template.", - "title": "Version", + "NetworkInterfaceType": { + "markdownDescription": "The type of network interface.", + "title": "NetworkInterfaceType", "type": "string" - } - }, - "type": "object" - }, - "AWS::Pinpoint::Campaign.TemplateConfiguration": { - "additionalProperties": false, - "properties": { - "EmailTemplate": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.Template", - "markdownDescription": "The email template to use for the message.", - "title": "EmailTemplate" }, - "PushTemplate": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.Template", - "markdownDescription": "The push notification template to use for the message.", - "title": "PushTemplate" + "RoleArn": { + "markdownDescription": "A role Arn MediaConnect can assume to create ENIs in your account.", + "title": "RoleArn", + "type": "string" }, - "SMSTemplate": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.Template", - "markdownDescription": "The SMS template to use for the message.", - "title": "SMSTemplate" + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "Security Group IDs to be used on ENI.", + "title": "SecurityGroupIds", + "type": "array" }, - "VoiceTemplate": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.Template", - "markdownDescription": "The voice template to use for the message. This object isn't supported for campaigns.", - "title": "VoiceTemplate" + "SubnetId": { + "markdownDescription": "Subnet must be in the AZ of the Flow.", + "title": "SubnetId", + "type": "string" } }, + "required": [ + "Name", + "RoleArn", + "SecurityGroupIds", + "SubnetId" + ], "type": "object" }, - "AWS::Pinpoint::Campaign.WriteTreatmentResource": { + "AWS::MediaConnect::Flow.VpcInterfaceAttachment": { "additionalProperties": false, "properties": { - "CustomDeliveryConfiguration": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.CustomDeliveryConfiguration", - "markdownDescription": "The delivery configuration settings for sending the treatment through a custom channel. This object is required if the `MessageConfiguration` object for the treatment specifies a `CustomMessage` object.", - "title": "CustomDeliveryConfiguration" - }, - "MessageConfiguration": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.MessageConfiguration", - "markdownDescription": "The message configuration settings for the treatment.", - "title": "MessageConfiguration" - }, - "Schedule": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.Schedule", - "markdownDescription": "The schedule settings for the treatment.", - "title": "Schedule" - }, - "SizePercent": { - "markdownDescription": "The allocated percentage of users (segment members) to send the treatment to.", - "title": "SizePercent", - "type": "number" - }, - "TemplateConfiguration": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.TemplateConfiguration", - "markdownDescription": "The message template to use for the treatment.", - "title": "TemplateConfiguration" - }, - "TreatmentDescription": { - "markdownDescription": "A custom description of the treatment.", - "title": "TreatmentDescription", - "type": "string" - }, - "TreatmentName": { - "markdownDescription": "A custom name for the treatment.", - "title": "TreatmentName", + "VpcInterfaceName": { + "markdownDescription": "The name of the VPC interface to use for this resource.", + "title": "VpcInterfaceName", "type": "string" } }, "type": "object" }, - "AWS::Pinpoint::EmailChannel": { + "AWS::MediaConnect::FlowEntitlement": { "additionalProperties": false, "properties": { "Condition": { @@ -179062,52 +184626,56 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationId": { - "markdownDescription": "The unique identifier for the Amazon Pinpoint application that you're specifying the email channel for.", - "title": "ApplicationId", - "type": "string" + "DataTransferSubscriberFeePercent": { + "markdownDescription": "The percentage of the entitlement data transfer fee that you want the subscriber to be responsible for.", + "title": "DataTransferSubscriberFeePercent", + "type": "number" }, - "ConfigurationSet": { - "markdownDescription": "The [Amazon SES configuration set](https://docs.aws.amazon.com/ses/latest/APIReference/API_ConfigurationSet.html) that you want to apply to messages that you send through the channel.", - "title": "ConfigurationSet", + "Description": { + "markdownDescription": "A description of the entitlement. This description appears only on the MediaConnect console and is not visible outside of the current AWS account.", + "title": "Description", "type": "string" }, - "Enabled": { - "markdownDescription": "Specifies whether to enable the email channel for the application.", - "title": "Enabled", - "type": "boolean" + "Encryption": { + "$ref": "#/definitions/AWS::MediaConnect::FlowEntitlement.Encryption", + "markdownDescription": "Information about the encryption of the flow.", + "title": "Encryption" }, - "FromAddress": { - "markdownDescription": "The verified email address that you want to send email from when you send email through the channel.", - "title": "FromAddress", + "EntitlementStatus": { + "markdownDescription": "An indication of whether the new entitlement should be enabled or disabled as soon as it is created. If you don\u2019t specify the entitlementStatus field in your request, MediaConnect sets it to ENABLED.", + "title": "EntitlementStatus", "type": "string" }, - "Identity": { - "markdownDescription": "The Amazon Resource Name (ARN) of the identity, verified with Amazon Simple Email Service (Amazon SES), that you want to use when you send email through the channel.", - "title": "Identity", + "FlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", + "title": "FlowArn", "type": "string" }, - "OrchestrationSendingRoleArn": { - "markdownDescription": "The ARN of an IAM role for Amazon Pinpoint to use to send email from your campaigns or journeys through Amazon SES .", - "title": "OrchestrationSendingRoleArn", + "Name": { + "markdownDescription": "The name of the entitlement. This value must be unique within the current flow.", + "title": "Name", "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the AWS Identity and Access Management (IAM) role that you want Amazon Pinpoint to use when it submits email-related event data for the channel.", - "title": "RoleArn", - "type": "string" + "Subscribers": { + "items": { + "type": "string" + }, + "markdownDescription": "The AWS account IDs that you want to share your content with. The receiving accounts (subscribers) will be allowed to create their own flows using your content as the source.", + "title": "Subscribers", + "type": "array" } }, "required": [ - "ApplicationId", - "FromAddress", - "Identity" + "Description", + "FlowArn", + "Name", + "Subscribers" ], "type": "object" }, "Type": { "enum": [ - "AWS::Pinpoint::EmailChannel" + "AWS::MediaConnect::FlowEntitlement" ], "type": "string" }, @@ -179126,7 +184694,62 @@ ], "type": "object" }, - "AWS::Pinpoint::EmailTemplate": { + "AWS::MediaConnect::FlowEntitlement.Encryption": { + "additionalProperties": false, + "properties": { + "Algorithm": { + "markdownDescription": "The type of algorithm that is used for static key encryption (such as aes128, aes192, or aes256). If you are using SPEKE or SRT-password encryption, this property must be left blank.", + "title": "Algorithm", + "type": "string" + }, + "ConstantInitializationVector": { + "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, to be used with the key for encrypting content. This parameter is not valid for static key encryption.", + "title": "ConstantInitializationVector", + "type": "string" + }, + "DeviceId": { + "markdownDescription": "The value of one of the devices that you configured with your digital rights management (DRM) platform key provider. This parameter is required for SPEKE encryption and is not valid for static key encryption.", + "title": "DeviceId", + "type": "string" + }, + "KeyType": { + "markdownDescription": "The type of key that is used for the encryption. If you don't specify a `keyType` value, the service uses the default setting ( `static-key` ). Valid key types are: `static-key` , `speke` , and `srt-password` .", + "title": "KeyType", + "type": "string" + }, + "Region": { + "markdownDescription": "The AWS Region that the API Gateway proxy endpoint was created in. This parameter is required for SPEKE encryption and is not valid for static key encryption.", + "title": "Region", + "type": "string" + }, + "ResourceId": { + "markdownDescription": "An identifier for the content. The service sends this value to the key server to identify the current endpoint. The resource ID is also known as the content ID. This parameter is required for SPEKE encryption and is not valid for static key encryption.", + "title": "ResourceId", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the role that you created during setup (when you set up MediaConnect as a trusted entity).", + "title": "RoleArn", + "type": "string" + }, + "SecretArn": { + "markdownDescription": "The ARN of the secret that you created in AWS Secrets Manager to store the encryption key. This parameter is required for static key encryption and is not valid for SPEKE encryption.", + "title": "SecretArn", + "type": "string" + }, + "Url": { + "markdownDescription": "The URL from the API Gateway proxy that you set up to talk to your key server. This parameter is required for SPEKE encryption and is not valid for static key encryption.", + "title": "Url", + "type": "string" + } + }, + "required": [ + "Algorithm", + "RoleArn" + ], + "type": "object" + }, + "AWS::MediaConnect::FlowOutput": { "additionalProperties": false, "properties": { "Condition": { @@ -179161,51 +184784,112 @@ "Properties": { "additionalProperties": false, "properties": { - "DefaultSubstitutions": { - "markdownDescription": "A JSON object that specifies the default values to use for message variables in the message template. This object is a set of key-value pairs. Each key defines a message variable in the template. The corresponding value defines the default value for that variable. When you create a message that's based on the template, you can override these defaults with message-specific and address-specific variables and values.", - "title": "DefaultSubstitutions", + "CidrAllowList": { + "items": { + "type": "string" + }, + "markdownDescription": "The range of IP addresses that should be allowed to initiate output requests to this flow. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16.", + "title": "CidrAllowList", + "type": "array" + }, + "Description": { + "markdownDescription": "A description of the output. This description appears only on the MediaConnect console and will not be seen by the end user.", + "title": "Description", "type": "string" }, - "HtmlPart": { - "markdownDescription": "The message body, in HTML format, to use in email messages that are based on the message template. We recommend using HTML format for email clients that render HTML content. You can include links, formatted text, and more in an HTML message.", - "title": "HtmlPart", + "Destination": { + "markdownDescription": "The IP address where you want to send the output.", + "title": "Destination", "type": "string" }, - "Subject": { - "markdownDescription": "The subject line, or title, to use in email messages that are based on the message template.", - "title": "Subject", + "Encryption": { + "$ref": "#/definitions/AWS::MediaConnect::FlowOutput.Encryption", + "markdownDescription": "The type of key used for the encryption. If no `keyType` is provided, the service will use the default setting (static-key). Allowable encryption types: static-key.", + "title": "Encryption" + }, + "FlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the flow this output is attached to.", + "title": "FlowArn", "type": "string" }, - "Tags": { - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "object" + "MaxLatency": { + "markdownDescription": "The maximum latency in milliseconds. This parameter applies only to RIST-based and Zixi-based streams.", + "title": "MaxLatency", + "type": "number" }, - "TemplateDescription": { - "markdownDescription": "A custom description of the message template.", - "title": "TemplateDescription", + "MediaStreamOutputConfigurations": { + "items": { + "$ref": "#/definitions/AWS::MediaConnect::FlowOutput.MediaStreamOutputConfiguration" + }, + "markdownDescription": "The media streams that are associated with the output, and the parameters for those associations.", + "title": "MediaStreamOutputConfigurations", + "type": "array" + }, + "MinLatency": { + "markdownDescription": "The minimum latency in milliseconds for SRT-based streams. In streams that use the SRT protocol, this value that you set on your MediaConnect source or output represents the minimal potential latency of that connection. The latency of the stream is set to the highest number between the sender\u2019s minimum latency and the receiver\u2019s minimum latency.", + "title": "MinLatency", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of the bridge's output.", + "title": "Name", "type": "string" }, - "TemplateName": { - "markdownDescription": "The name of the message template.", - "title": "TemplateName", + "NdiProgramName": { + "markdownDescription": "A suffix for the names of the NDI sources that the flow creates. If a custom name isn't specified, MediaConnect uses the output name.", + "title": "NdiProgramName", "type": "string" }, - "TextPart": { - "markdownDescription": "The message body, in plain text format, to use in email messages that are based on the message template. We recommend using plain text format for email clients that don't render HTML content and clients that are connected to high-latency networks, such as mobile devices.", - "title": "TextPart", + "NdiSpeedHqQuality": { + "markdownDescription": "A quality setting for the NDI Speed HQ encoder.", + "title": "NdiSpeedHqQuality", + "type": "number" + }, + "OutputStatus": { + "markdownDescription": "", + "title": "OutputStatus", + "type": "string" + }, + "Port": { + "markdownDescription": "The port to use when content is distributed to this output.", + "title": "Port", + "type": "number" + }, + "Protocol": { + "markdownDescription": "The protocol to use for the output.\n\n> AWS Elemental MediaConnect no longer supports the Fujitsu QoS protocol. This reference is maintained for legacy purposes only.", + "title": "Protocol", + "type": "string" + }, + "RemoteId": { + "markdownDescription": "The remote ID for the Zixi-pull stream.", + "title": "RemoteId", + "type": "string" + }, + "SmoothingLatency": { + "markdownDescription": "The smoothing latency in milliseconds for RIST, RTP, and RTP-FEC streams.", + "title": "SmoothingLatency", + "type": "number" + }, + "StreamId": { + "markdownDescription": "The stream ID that you want to use for this transport. This parameter applies only to Zixi and SRT caller-based streams.", + "title": "StreamId", "type": "string" + }, + "VpcInterfaceAttachment": { + "$ref": "#/definitions/AWS::MediaConnect::FlowOutput.VpcInterfaceAttachment", + "markdownDescription": "The name of the VPC interface attachment to use for this output.", + "title": "VpcInterfaceAttachment" } }, "required": [ - "Subject", - "TemplateName" + "FlowArn", + "Protocol" ], "type": "object" }, "Type": { "enum": [ - "AWS::Pinpoint::EmailTemplate" + "AWS::MediaConnect::FlowOutput" ], "type": "string" }, @@ -179224,7 +184908,140 @@ ], "type": "object" }, - "AWS::Pinpoint::EventStream": { + "AWS::MediaConnect::FlowOutput.DestinationConfiguration": { + "additionalProperties": false, + "properties": { + "DestinationIp": { + "markdownDescription": "The IP address where you want MediaConnect to send contents of the media stream.", + "title": "DestinationIp", + "type": "string" + }, + "DestinationPort": { + "markdownDescription": "The port that you want MediaConnect to use when it distributes the media stream to the output.", + "title": "DestinationPort", + "type": "number" + }, + "Interface": { + "$ref": "#/definitions/AWS::MediaConnect::FlowOutput.Interface", + "markdownDescription": "The VPC interface that you want to use for the media stream associated with the output.", + "title": "Interface" + } + }, + "required": [ + "DestinationIp", + "DestinationPort", + "Interface" + ], + "type": "object" + }, + "AWS::MediaConnect::FlowOutput.EncodingParameters": { + "additionalProperties": false, + "properties": { + "CompressionFactor": { + "markdownDescription": "A value that is used to calculate compression for an output. The bitrate of the output is calculated as follows: Output bitrate = (1 / compressionFactor) * (source bitrate) This property only applies to outputs that use the ST 2110 JPEG XS protocol, with a flow source that uses the CDI protocol. Valid values are floating point numbers in the range of 3.0 to 10.0, inclusive.", + "title": "CompressionFactor", + "type": "number" + }, + "EncoderProfile": { + "markdownDescription": "A setting on the encoder that drives compression settings. This property only applies to video media streams associated with outputs that use the ST 2110 JPEG XS protocol, with a flow source that uses the CDI protocol.", + "title": "EncoderProfile", + "type": "string" + } + }, + "required": [ + "CompressionFactor" + ], + "type": "object" + }, + "AWS::MediaConnect::FlowOutput.Encryption": { + "additionalProperties": false, + "properties": { + "Algorithm": { + "markdownDescription": "The type of algorithm that is used for static key encryption (such as aes128, aes192, or aes256). If you are using SPEKE or SRT-password encryption, this property must be left blank.", + "title": "Algorithm", + "type": "string" + }, + "KeyType": { + "markdownDescription": "The type of key that is used for the encryption. If you don't specify a `keyType` value, the service uses the default setting ( `static-key` ). Valid key types are: `static-key` , `speke` , and `srt-password` .", + "title": "KeyType", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the role that you created during setup (when you set up MediaConnect as a trusted entity).", + "title": "RoleArn", + "type": "string" + }, + "SecretArn": { + "markdownDescription": "The ARN of the secret that you created in AWS Secrets Manager to store the encryption key. This parameter is required for static key encryption and is not valid for SPEKE encryption.", + "title": "SecretArn", + "type": "string" + } + }, + "required": [ + "RoleArn", + "SecretArn" + ], + "type": "object" + }, + "AWS::MediaConnect::FlowOutput.Interface": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the VPC interface.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::MediaConnect::FlowOutput.MediaStreamOutputConfiguration": { + "additionalProperties": false, + "properties": { + "DestinationConfigurations": { + "items": { + "$ref": "#/definitions/AWS::MediaConnect::FlowOutput.DestinationConfiguration" + }, + "markdownDescription": "The transport parameters that are associated with each outbound media stream.", + "title": "DestinationConfigurations", + "type": "array" + }, + "EncodingName": { + "markdownDescription": "The format that was used to encode the data. For ancillary data streams, set the encoding name to smpte291. For audio streams, set the encoding name to pcm. For video, 2110 streams, set the encoding name to raw. For video, JPEG XS streams, set the encoding name to jxsv.", + "title": "EncodingName", + "type": "string" + }, + "EncodingParameters": { + "$ref": "#/definitions/AWS::MediaConnect::FlowOutput.EncodingParameters", + "markdownDescription": "A collection of parameters that determine how MediaConnect will convert the content. These fields only apply to outputs on flows that have a CDI source.", + "title": "EncodingParameters" + }, + "MediaStreamName": { + "markdownDescription": "The name of the media stream.", + "title": "MediaStreamName", + "type": "string" + } + }, + "required": [ + "EncodingName", + "MediaStreamName" + ], + "type": "object" + }, + "AWS::MediaConnect::FlowOutput.VpcInterfaceAttachment": { + "additionalProperties": false, + "properties": { + "VpcInterfaceName": { + "markdownDescription": "The name of the VPC interface to use for this resource.", + "title": "VpcInterfaceName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::MediaConnect::FlowSource": { "additionalProperties": false, "properties": { "Condition": { @@ -179259,32 +185076,106 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationId": { - "markdownDescription": "The unique identifier for the Amazon Pinpoint application that you want to export data from.", - "title": "ApplicationId", + "Decryption": { + "$ref": "#/definitions/AWS::MediaConnect::FlowSource.Encryption", + "markdownDescription": "The type of encryption that is used on the content ingested from this source. Allowable encryption types: static-key.", + "title": "Decryption" + }, + "Description": { + "markdownDescription": "A description for the source. This value is not used or seen outside of the current MediaConnect account.", + "title": "Description", "type": "string" }, - "DestinationStreamArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Kinesis Data Stream or Amazon Data Firehose delivery stream that you want to publish event data to.\n\nFor a Kinesis Data Stream, the ARN format is: `arn:aws:kinesis: region : account-id :stream/ stream_name`\n\nFor a Firehose delivery stream, the ARN format is: `arn:aws:firehose: region : account-id :deliverystream/ stream_name`", - "title": "DestinationStreamArn", + "EntitlementArn": { + "markdownDescription": "The ARN of the entitlement that allows you to subscribe to this flow. The entitlement is set by the flow originator, and the ARN is generated as part of the originator's flow.", + "title": "EntitlementArn", "type": "string" }, - "RoleArn": { - "markdownDescription": "The AWS Identity and Access Management (IAM) role that authorizes Amazon Pinpoint to publish event data to the stream in your AWS account.", - "title": "RoleArn", + "FlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the flow this source is connected to. The flow must have Failover enabled to add an additional source.", + "title": "FlowArn", + "type": "string" + }, + "GatewayBridgeSource": { + "$ref": "#/definitions/AWS::MediaConnect::FlowSource.GatewayBridgeSource", + "markdownDescription": "The bridge's source.", + "title": "GatewayBridgeSource" + }, + "IngestPort": { + "markdownDescription": "The port that the flow listens on for incoming content. If the protocol of the source is Zixi, the port must be set to 2088.", + "title": "IngestPort", + "type": "number" + }, + "MaxBitrate": { + "markdownDescription": "The smoothing max bitrate (in bps) for RIST, RTP, and RTP-FEC streams.", + "title": "MaxBitrate", + "type": "number" + }, + "MaxLatency": { + "markdownDescription": "The maximum latency in milliseconds. This parameter applies only to RIST-based and Zixi-based streams.", + "title": "MaxLatency", + "type": "number" + }, + "MinLatency": { + "markdownDescription": "The minimum latency in milliseconds for SRT-based streams. In streams that use the SRT protocol, this value that you set on your MediaConnect source or output represents the minimal potential latency of that connection. The latency of the stream is set to the highest number between the sender\u2019s minimum latency and the receiver\u2019s minimum latency.", + "title": "MinLatency", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of the source.", + "title": "Name", + "type": "string" + }, + "Protocol": { + "markdownDescription": "The protocol that the source uses to deliver the content to MediaConnect. Adding additional sources to an existing flow requires Failover to be enabled. When you enable Failover, the additional source must use the same protocol as the existing source. Only the following protocols support failover: Zixi-push, RTP-FEC, RTP, RIST and SRT protocols.\n\nIf you use failover with SRT caller or listener, the `FailoverMode` property must be set to `FAILOVER` . The `FailoverMode` property\u00a0is found in\u00a0the `FailoverConfig` resource\u00a0of the same flow ARN you used for the source's `FlowArn` property. SRT caller/listener does not support\u00a0merge\u00a0mode failover.", + "title": "Protocol", + "type": "string" + }, + "SenderControlPort": { + "markdownDescription": "The port that the flow uses to send outbound requests to initiate connection with the sender.", + "title": "SenderControlPort", + "type": "number" + }, + "SenderIpAddress": { + "markdownDescription": "The IP address that the flow communicates with to initiate connection with the sender.", + "title": "SenderIpAddress", + "type": "string" + }, + "SourceListenerAddress": { + "markdownDescription": "Source IP or domain name for SRT-caller protocol.", + "title": "SourceListenerAddress", + "type": "string" + }, + "SourceListenerPort": { + "markdownDescription": "Source port for SRT-caller protocol.", + "title": "SourceListenerPort", + "type": "number" + }, + "StreamId": { + "markdownDescription": "The stream ID that you want to use for this transport. This parameter applies only to Zixi and SRT caller-based streams.", + "title": "StreamId", + "type": "string" + }, + "VpcInterfaceName": { + "markdownDescription": "The name of the VPC interface to use for this source.", + "title": "VpcInterfaceName", + "type": "string" + }, + "WhitelistCidr": { + "markdownDescription": "The range of IP addresses that should be allowed to contribute content to your source. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16.", + "title": "WhitelistCidr", "type": "string" } }, "required": [ - "ApplicationId", - "DestinationStreamArn", - "RoleArn" + "Description", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Pinpoint::EventStream" + "AWS::MediaConnect::FlowSource" ], "type": "string" }, @@ -179303,7 +185194,91 @@ ], "type": "object" }, - "AWS::Pinpoint::GCMChannel": { + "AWS::MediaConnect::FlowSource.Encryption": { + "additionalProperties": false, + "properties": { + "Algorithm": { + "markdownDescription": "The type of algorithm that is used for static key encryption (such as aes128, aes192, or aes256). If you are using SPEKE or SRT-password encryption, this property must be left blank.", + "title": "Algorithm", + "type": "string" + }, + "ConstantInitializationVector": { + "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, to be used with the key for encrypting content. This parameter is not valid for static key encryption.", + "title": "ConstantInitializationVector", + "type": "string" + }, + "DeviceId": { + "markdownDescription": "The value of one of the devices that you configured with your digital rights management (DRM) platform key provider. This parameter is required for SPEKE encryption and is not valid for static key encryption.", + "title": "DeviceId", + "type": "string" + }, + "KeyType": { + "markdownDescription": "The type of key that is used for the encryption. If you don't specify a `keyType` value, the service uses the default setting ( `static-key` ). Valid key types are: `static-key` , `speke` , and `srt-password` .", + "title": "KeyType", + "type": "string" + }, + "Region": { + "markdownDescription": "The AWS Region that the API Gateway proxy endpoint was created in. This parameter is required for SPEKE encryption and is not valid for static key encryption.", + "title": "Region", + "type": "string" + }, + "ResourceId": { + "markdownDescription": "An identifier for the content. The service sends this value to the key server to identify the current endpoint. The resource ID is also known as the content ID. This parameter is required for SPEKE encryption and is not valid for static key encryption.", + "title": "ResourceId", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the role that you created during setup (when you set up MediaConnect as a trusted entity).", + "title": "RoleArn", + "type": "string" + }, + "SecretArn": { + "markdownDescription": "The ARN of the secret that you created in AWS Secrets Manager to store the encryption key. This parameter is required for static key encryption and is not valid for SPEKE encryption.", + "title": "SecretArn", + "type": "string" + }, + "Url": { + "markdownDescription": "The URL from the API Gateway proxy that you set up to talk to your key server. This parameter is required for SPEKE encryption and is not valid for static key encryption.", + "title": "Url", + "type": "string" + } + }, + "required": [ + "RoleArn" + ], + "type": "object" + }, + "AWS::MediaConnect::FlowSource.GatewayBridgeSource": { + "additionalProperties": false, + "properties": { + "BridgeArn": { + "markdownDescription": "The ARN of the bridge feeding this flow.", + "title": "BridgeArn", + "type": "string" + }, + "VpcInterfaceAttachment": { + "$ref": "#/definitions/AWS::MediaConnect::FlowSource.VpcInterfaceAttachment", + "markdownDescription": "The name of the VPC interface attachment to use for this bridge source.", + "title": "VpcInterfaceAttachment" + } + }, + "required": [ + "BridgeArn" + ], + "type": "object" + }, + "AWS::MediaConnect::FlowSource.VpcInterfaceAttachment": { + "additionalProperties": false, + "properties": { + "VpcInterfaceName": { + "markdownDescription": "The name of the VPC interface to use for this resource.", + "title": "VpcInterfaceName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::MediaConnect::FlowVpcInterface": { "additionalProperties": false, "properties": { "Condition": { @@ -179338,40 +185313,47 @@ "Properties": { "additionalProperties": false, "properties": { - "ApiKey": { - "markdownDescription": "The Web API key, also called the *server key* , that you received from Google to communicate with Google services.", - "title": "ApiKey", + "FlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", + "title": "FlowArn", "type": "string" }, - "ApplicationId": { - "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the GCM channel applies to.", - "title": "ApplicationId", + "Name": { + "markdownDescription": "The name for the VPC interface. This name must be unique within the flow.", + "title": "Name", "type": "string" }, - "DefaultAuthenticationMethod": { - "markdownDescription": "The default authentication method used for GCM. Values are either \"TOKEN\" or \"KEY\". Defaults to \"KEY\".", - "title": "DefaultAuthenticationMethod", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role that you created when you set up MediaConnect as a trusted service.", + "title": "RoleArn", "type": "string" }, - "Enabled": { - "markdownDescription": "Specifies whether to enable the GCM channel for the Amazon Pinpoint application.", - "title": "Enabled", - "type": "boolean" + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A virtual firewall to control inbound and outbound traffic.", + "title": "SecurityGroupIds", + "type": "array" }, - "ServiceJson": { - "markdownDescription": "The contents of the JSON file provided by Google during registration in order to generate an access token for authentication. For more information see [Migrate from legacy FCM APIs to HTTP v1](https://docs.aws.amazon.com/https://firebase.google.com/docs/cloud-messaging/migrate-v1) .", - "title": "ServiceJson", + "SubnetId": { + "markdownDescription": "The subnet IDs that you want to use for your VPC interface. A range of IP addresses in your VPC. When you create your VPC, you specify a range of IPv4 addresses for the VPC in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16. This is the primary CIDR block for your VPC. When you create a subnet for your VPC, you specify the CIDR block for the subnet, which is a subset of the VPC CIDR block. The subnets that you use across all VPC interfaces on the flow must be in the same Availability Zone as the flow.", + "title": "SubnetId", "type": "string" } }, "required": [ - "ApplicationId" + "FlowArn", + "Name", + "RoleArn", + "SecurityGroupIds", + "SubnetId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Pinpoint::GCMChannel" + "AWS::MediaConnect::FlowVpcInterface" ], "type": "string" }, @@ -179390,7 +185372,7 @@ ], "type": "object" }, - "AWS::Pinpoint::InAppTemplate": { + "AWS::MediaConnect::Gateway": { "additionalProperties": false, "properties": { "Condition": { @@ -179425,48 +185407,38 @@ "Properties": { "additionalProperties": false, "properties": { - "Content": { + "EgressCidrBlocks": { "items": { - "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.InAppMessageContent" + "type": "string" }, - "markdownDescription": "An object that contains information about the content of an in-app message, including its title and body text, text colors, background colors, images, buttons, and behaviors.", - "title": "Content", + "markdownDescription": "The range of IP addresses that are allowed to contribute content or initiate output requests for flows communicating with this gateway. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16.", + "title": "EgressCidrBlocks", "type": "array" }, - "CustomConfig": { - "markdownDescription": "Custom data, in the form of key-value pairs, that is included in an in-app messaging payload.", - "title": "CustomConfig", - "type": "object" - }, - "Layout": { - "markdownDescription": "A string that determines the appearance of the in-app message. You can specify one of the following:\n\n- `BOTTOM_BANNER` \u2013 a message that appears as a banner at the bottom of the page.\n- `TOP_BANNER` \u2013 a message that appears as a banner at the top of the page.\n- `OVERLAYS` \u2013 a message that covers entire screen.\n- `MOBILE_FEED` \u2013 a message that appears in a window in front of the page.\n- `MIDDLE_BANNER` \u2013 a message that appears as a banner in the middle of the page.\n- `CAROUSEL` \u2013 a scrollable layout of up to five unique messages.", - "title": "Layout", - "type": "string" - }, - "Tags": { - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "object" - }, - "TemplateDescription": { - "markdownDescription": "An optional description of the in-app template.", - "title": "TemplateDescription", + "Name": { + "markdownDescription": "The name of the gateway. This name can not be modified after the gateway is created.", + "title": "Name", "type": "string" }, - "TemplateName": { - "markdownDescription": "The name of the in-app message template.", - "title": "TemplateName", - "type": "string" + "Networks": { + "items": { + "$ref": "#/definitions/AWS::MediaConnect::Gateway.GatewayNetwork" + }, + "markdownDescription": "The list of networks in the gateway.", + "title": "Networks", + "type": "array" } }, "required": [ - "TemplateName" + "EgressCidrBlocks", + "Name", + "Networks" ], "type": "object" }, "Type": { "enum": [ - "AWS::Pinpoint::InAppTemplate" + "AWS::MediaConnect::Gateway" ], "type": "string" }, @@ -179485,175 +185457,39 @@ ], "type": "object" }, - "AWS::Pinpoint::InAppTemplate.BodyConfig": { + "AWS::MediaConnect::Gateway.GatewayNetwork": { "additionalProperties": false, "properties": { - "Alignment": { - "markdownDescription": "The text alignment of the main body text of the message. Acceptable values: `LEFT` , `CENTER` , `RIGHT` .", - "title": "Alignment", - "type": "string" - }, - "Body": { - "markdownDescription": "The main body text of the message.", - "title": "Body", + "CidrBlock": { + "markdownDescription": "A unique IP address range to use for this network. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16.", + "title": "CidrBlock", "type": "string" }, - "TextColor": { - "markdownDescription": "The color of the body text, expressed as a hex color code (such as #000000 for black).", - "title": "TextColor", + "Name": { + "markdownDescription": "The name of the network. This name is used to reference the network and must be unique among networks in this gateway.", + "title": "Name", "type": "string" } }, + "required": [ + "CidrBlock", + "Name" + ], "type": "object" }, - "AWS::Pinpoint::InAppTemplate.ButtonConfig": { + "AWS::MediaConvert::JobTemplate": { "additionalProperties": false, "properties": { - "Android": { - "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.OverrideButtonConfiguration", - "markdownDescription": "Optional button configuration to use for in-app messages sent to Android devices. This button configuration overrides the default button configuration.", - "title": "Android" - }, - "DefaultConfig": { - "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.DefaultButtonConfiguration", - "markdownDescription": "Specifies the default behavior of a button that appears in an in-app message. You can optionally add button configurations that specifically apply to iOS, Android, or web browser users.", - "title": "DefaultConfig" + "Condition": { + "type": "string" }, - "IOS": { - "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.OverrideButtonConfiguration", - "markdownDescription": "Optional button configuration to use for in-app messages sent to iOS devices. This button configuration overrides the default button configuration.", - "title": "IOS" - }, - "Web": { - "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.OverrideButtonConfiguration", - "markdownDescription": "Optional button configuration to use for in-app messages sent to web applications. This button configuration overrides the default button configuration.", - "title": "Web" - } - }, - "type": "object" - }, - "AWS::Pinpoint::InAppTemplate.DefaultButtonConfiguration": { - "additionalProperties": false, - "properties": { - "BackgroundColor": { - "markdownDescription": "The background color of a button, expressed as a hex color code (such as #000000 for black).", - "title": "BackgroundColor", - "type": "string" - }, - "BorderRadius": { - "markdownDescription": "The border radius of a button.", - "title": "BorderRadius", - "type": "number" - }, - "ButtonAction": { - "markdownDescription": "The action that occurs when a recipient chooses a button in an in-app message. You can specify one of the following:\n\n- `LINK` \u2013 A link to a web destination.\n- `DEEP_LINK` \u2013 A link to a specific page in an application.\n- `CLOSE` \u2013 Dismisses the message.", - "title": "ButtonAction", - "type": "string" - }, - "Link": { - "markdownDescription": "The destination (such as a URL) for a button.", - "title": "Link", - "type": "string" - }, - "Text": { - "markdownDescription": "The text that appears on a button in an in-app message.", - "title": "Text", - "type": "string" - }, - "TextColor": { - "markdownDescription": "The color of the body text in a button, expressed as a hex color code (such as #000000 for black).", - "title": "TextColor", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Pinpoint::InAppTemplate.HeaderConfig": { - "additionalProperties": false, - "properties": { - "Alignment": { - "markdownDescription": "The text alignment of the title of the message. Acceptable values: `LEFT` , `CENTER` , `RIGHT` .", - "title": "Alignment", - "type": "string" - }, - "Header": { - "markdownDescription": "The title text of the in-app message.", - "title": "Header", - "type": "string" - }, - "TextColor": { - "markdownDescription": "The color of the title text, expressed as a hex color code (such as #000000 for black).", - "title": "TextColor", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Pinpoint::InAppTemplate.InAppMessageContent": { - "additionalProperties": false, - "properties": { - "BackgroundColor": { - "markdownDescription": "The background color for an in-app message banner, expressed as a hex color code (such as #000000 for black).", - "title": "BackgroundColor", - "type": "string" - }, - "BodyConfig": { - "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.BodyConfig", - "markdownDescription": "An object that contains configuration information about the header or title text of the in-app message.", - "title": "BodyConfig" - }, - "HeaderConfig": { - "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.HeaderConfig", - "markdownDescription": "An object that contains configuration information about the header or title text of the in-app message.", - "title": "HeaderConfig" - }, - "ImageUrl": { - "markdownDescription": "The URL of the image that appears on an in-app message banner.", - "title": "ImageUrl", - "type": "string" - }, - "PrimaryBtn": { - "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.ButtonConfig", - "markdownDescription": "An object that contains configuration information about the primary button in an in-app message.", - "title": "PrimaryBtn" - }, - "SecondaryBtn": { - "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.ButtonConfig", - "markdownDescription": "An object that contains configuration information about the secondary button in an in-app message.", - "title": "SecondaryBtn" - } - }, - "type": "object" - }, - "AWS::Pinpoint::InAppTemplate.OverrideButtonConfiguration": { - "additionalProperties": false, - "properties": { - "ButtonAction": { - "markdownDescription": "The action that occurs when a recipient chooses a button in an in-app message. You can specify one of the following:\n\n- `LINK` \u2013 A link to a web destination.\n- `DEEP_LINK` \u2013 A link to a specific page in an application.\n- `CLOSE` \u2013 Dismisses the message.", - "title": "ButtonAction", - "type": "string" - }, - "Link": { - "markdownDescription": "The destination (such as a URL) for a button.", - "title": "Link", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Pinpoint::PushTemplate": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, "DependsOn": { "anyOf": [ @@ -179676,60 +185512,68 @@ "Properties": { "additionalProperties": false, "properties": { - "ADM": { - "$ref": "#/definitions/AWS::Pinpoint::PushTemplate.AndroidPushNotificationTemplate", - "markdownDescription": "The message template to use for the ADM (Amazon Device Messaging) channel. This message template overrides the default template for push notification channels ( `Default` ).", - "title": "ADM" + "AccelerationSettings": { + "$ref": "#/definitions/AWS::MediaConvert::JobTemplate.AccelerationSettings", + "markdownDescription": "Accelerated transcoding can significantly speed up jobs with long, visually complex content. Outputs that use this feature incur pro-tier pricing. For information about feature limitations, For more information, see [Job Limitations for Accelerated Transcoding in AWS Elemental MediaConvert](https://docs.aws.amazon.com/mediaconvert/latest/ug/job-requirements.html) in the *AWS Elemental MediaConvert User Guide* .", + "title": "AccelerationSettings" }, - "APNS": { - "$ref": "#/definitions/AWS::Pinpoint::PushTemplate.APNSPushNotificationTemplate", - "markdownDescription": "The message template to use for the APNs (Apple Push Notification service) channel. This message template overrides the default template for push notification channels ( `Default` ).", - "title": "APNS" + "Category": { + "markdownDescription": "Optional. A category for the job template you are creating", + "title": "Category", + "type": "string" }, - "Baidu": { - "$ref": "#/definitions/AWS::Pinpoint::PushTemplate.AndroidPushNotificationTemplate", - "markdownDescription": "The message template to use for the Baidu (Baidu Cloud Push) channel. This message template overrides the default template for push notification channels ( `Default` ).", - "title": "Baidu" + "Description": { + "markdownDescription": "Optional. A description of the job template you are creating.", + "title": "Description", + "type": "string" }, - "Default": { - "$ref": "#/definitions/AWS::Pinpoint::PushTemplate.DefaultPushNotificationTemplate", - "markdownDescription": "The default message template to use for push notification channels.", - "title": "Default" + "HopDestinations": { + "items": { + "$ref": "#/definitions/AWS::MediaConvert::JobTemplate.HopDestination" + }, + "markdownDescription": "Optional. Configuration for a destination queue to which the job can hop once a customer-defined minimum wait time has passed. For more information, see [Setting Up Queue Hopping to Avoid Long Waits](https://docs.aws.amazon.com/mediaconvert/latest/ug/setting-up-queue-hopping-to-avoid-long-waits.html) in the *AWS Elemental MediaConvert User Guide* .", + "title": "HopDestinations", + "type": "array" }, - "DefaultSubstitutions": { - "markdownDescription": "A JSON object that specifies the default values to use for message variables in the message template. This object is a set of key-value pairs. Each key defines a message variable in the template. The corresponding value defines the default value for that variable. When you create a message that's based on the template, you can override these defaults with message-specific and address-specific variables and values.", - "title": "DefaultSubstitutions", + "Name": { + "markdownDescription": "Name of the output group", + "title": "Name", "type": "string" }, - "GCM": { - "$ref": "#/definitions/AWS::Pinpoint::PushTemplate.AndroidPushNotificationTemplate", - "markdownDescription": "The message template to use for the GCM channel, which is used to send notifications through the Firebase Cloud Messaging (FCM), formerly Google Cloud Messaging (GCM), service. This message template overrides the default template for push notification channels ( `Default` ).", - "title": "GCM" + "Priority": { + "markdownDescription": "Specify the relative priority for this job. In any given queue, the service begins processing the job with the highest value first. When more than one job has the same priority, the service begins processing the job that you submitted first. If you don't specify a priority, the service uses the default value 0. Minimum: -50 Maximum: 50", + "title": "Priority", + "type": "number" }, - "Tags": { - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", + "Queue": { + "markdownDescription": "Optional. The queue that jobs created from this template are assigned to. Specify the Amazon Resource Name (ARN) of the queue. For example, arn:aws:mediaconvert:us-west-2:505474453218:queues/Default. If you don't specify this, jobs will go to the default queue.", + "title": "Queue", + "type": "string" + }, + "SettingsJson": { + "markdownDescription": "Specify, in JSON format, the transcoding job settings for this job template. This specification must conform to the AWS Elemental MediaConvert job validation. For information about forming this specification, see the Remarks section later in this topic.\n\nFor more information about MediaConvert job templates, see [Working with AWS Elemental MediaConvert Job Templates](https://docs.aws.amazon.com/mediaconvert/latest/ug/working-with-job-templates.html) in the ** .", + "title": "SettingsJson", "type": "object" }, - "TemplateDescription": { - "markdownDescription": "A custom description of the message template.", - "title": "TemplateDescription", + "StatusUpdateInterval": { + "markdownDescription": "Specify how often MediaConvert sends STATUS_UPDATE events to Amazon CloudWatch Events. Set the interval, in seconds, between status updates. MediaConvert sends an update at this interval from the time the service begins processing your job to the time it completes the transcode or encounters an error.\n\nSpecify one of the following enums:\n\nSECONDS_10\n\nSECONDS_12\n\nSECONDS_15\n\nSECONDS_20\n\nSECONDS_30\n\nSECONDS_60\n\nSECONDS_120\n\nSECONDS_180\n\nSECONDS_240\n\nSECONDS_300\n\nSECONDS_360\n\nSECONDS_420\n\nSECONDS_480\n\nSECONDS_540\n\nSECONDS_600", + "title": "StatusUpdateInterval", "type": "string" }, - "TemplateName": { - "markdownDescription": "The name of the message template to use for the message. If specified, this value must match the name of an existing message template.", - "title": "TemplateName", - "type": "string" + "Tags": { + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "object" } }, "required": [ - "TemplateName" + "SettingsJson" ], "type": "object" }, "Type": { "enum": [ - "AWS::Pinpoint::PushTemplate" + "AWS::MediaConvert::JobTemplate" ], "type": "string" }, @@ -179748,120 +185592,42 @@ ], "type": "object" }, - "AWS::Pinpoint::PushTemplate.APNSPushNotificationTemplate": { - "additionalProperties": false, - "properties": { - "Action": { - "markdownDescription": "The action to occur if a recipient taps a push notification that's based on the message template. Valid values are:\n\n- `OPEN_APP` \u2013 Your app opens or it becomes the foreground app if it was sent to the background. This is the default action.\n- `DEEP_LINK` \u2013 Your app opens and displays a designated user interface in the app. This setting uses the deep-linking features of the iOS platform.\n- `URL` \u2013 The default mobile browser on the recipient's device opens and loads the web page at a URL that you specify.", - "title": "Action", - "type": "string" - }, - "Body": { - "markdownDescription": "The message body to use in push notifications that are based on the message template.", - "title": "Body", - "type": "string" - }, - "MediaUrl": { - "markdownDescription": "The URL of an image or video to display in push notifications that are based on the message template.", - "title": "MediaUrl", - "type": "string" - }, - "Sound": { - "markdownDescription": "The key for the sound to play when the recipient receives a push notification that's based on the message template. The value for this key is the name of a sound file in your app's main bundle or the `Library/Sounds` folder in your app's data container. If the sound file can't be found or you specify `default` for the value, the system plays the default alert sound.", - "title": "Sound", - "type": "string" - }, - "Title": { - "markdownDescription": "The title to use in push notifications that are based on the message template. This title appears above the notification message on a recipient's device.", - "title": "Title", - "type": "string" - }, - "Url": { - "markdownDescription": "The URL to open in the recipient's default mobile browser, if a recipient taps a push notification that's based on the message template and the value of the `Action` property is `URL` .", - "title": "Url", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Pinpoint::PushTemplate.AndroidPushNotificationTemplate": { + "AWS::MediaConvert::JobTemplate.AccelerationSettings": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The action to occur if a recipient taps a push notification that's based on the message template. Valid values are:\n\n- `OPEN_APP` \u2013 Your app opens or it becomes the foreground app if it was sent to the background. This is the default action.\n- `DEEP_LINK` \u2013 Your app opens and displays a designated user interface in the app. This action uses the deep-linking features of the Android platform.\n- `URL` \u2013 The default mobile browser on the recipient's device opens and loads the web page at a URL that you specify.", - "title": "Action", - "type": "string" - }, - "Body": { - "markdownDescription": "The message body to use in a push notification that's based on the message template.", - "title": "Body", - "type": "string" - }, - "ImageIconUrl": { - "markdownDescription": "The URL of the large icon image to display in the content view of a push notification that's based on the message template.", - "title": "ImageIconUrl", - "type": "string" - }, - "ImageUrl": { - "markdownDescription": "The URL of an image to display in a push notification that's based on the message template.", - "title": "ImageUrl", - "type": "string" - }, - "SmallImageIconUrl": { - "markdownDescription": "The URL of the small icon image to display in the status bar and the content view of a push notification that's based on the message template.", - "title": "SmallImageIconUrl", - "type": "string" - }, - "Sound": { - "markdownDescription": "The sound to play when a recipient receives a push notification that's based on the message template. You can use the default stream or specify the file name of a sound resource that's bundled in your app. On an Android platform, the sound file must reside in `/res/raw/` .", - "title": "Sound", - "type": "string" - }, - "Title": { - "markdownDescription": "The title to use in a push notification that's based on the message template. This title appears above the notification message on a recipient's device.", - "title": "Title", - "type": "string" - }, - "Url": { - "markdownDescription": "The URL to open in a recipient's default mobile browser, if a recipient taps a push notification that's based on the message template and the value of the `Action` property is `URL` .", - "title": "Url", + "Mode": { + "markdownDescription": "Specify the conditions when the service will run your job with accelerated transcoding.", + "title": "Mode", "type": "string" } }, + "required": [ + "Mode" + ], "type": "object" }, - "AWS::Pinpoint::PushTemplate.DefaultPushNotificationTemplate": { + "AWS::MediaConvert::JobTemplate.HopDestination": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The action to occur if a recipient taps a push notification that's based on the message template. Valid values are:\n\n- `OPEN_APP` \u2013 Your app opens or it becomes the foreground app if it was sent to the background. This is the default action.\n- `DEEP_LINK` \u2013 Your app opens and displays a designated user interface in the app. This setting uses the deep-linking features of the iOS and Android platforms.\n- `URL` \u2013 The default mobile browser on the recipient's device opens and loads the web page at a URL that you specify.", - "title": "Action", - "type": "string" - }, - "Body": { - "markdownDescription": "The message body to use in push notifications that are based on the message template.", - "title": "Body", - "type": "string" - }, - "Sound": { - "markdownDescription": "The sound to play when a recipient receives a push notification that's based on the message template. You can use the default stream or specify the file name of a sound resource that's bundled in your app. On an Android platform, the sound file must reside in `/res/raw/` .\n\nFor an iOS platform, this value is the key for the name of a sound file in your app's main bundle or the `Library/Sounds` folder in your app's data container. If the sound file can't be found or you specify `default` for the value, the system plays the default alert sound.", - "title": "Sound", - "type": "string" + "Priority": { + "markdownDescription": "Optional. When you set up a job to use queue hopping, you can specify a different relative priority for the job in the destination queue. If you don't specify, the relative priority will remain the same as in the previous queue.", + "title": "Priority", + "type": "number" }, - "Title": { - "markdownDescription": "The title to use in push notifications that are based on the message template. This title appears above the notification message on a recipient's device.", - "title": "Title", + "Queue": { + "markdownDescription": "Optional unless the job is submitted on the default queue. When you set up a job to use queue hopping, you can specify a destination queue. This queue cannot be the original queue to which the job is submitted. If the original queue isn't the default queue and you don't specify the destination queue, the job will move to the default queue.", + "title": "Queue", "type": "string" }, - "Url": { - "markdownDescription": "The URL to open in a recipient's default mobile browser, if a recipient taps a push notification that's based on the message template and the value of the `Action` property is `URL` .", - "title": "Url", - "type": "string" + "WaitMinutes": { + "markdownDescription": "Required for setting up a job to use queue hopping. Minimum wait time in minutes until the job can hop to the destination queue. Valid range is 1 to 4320 minutes, inclusive.", + "title": "WaitMinutes", + "type": "number" } }, "type": "object" }, - "AWS::Pinpoint::SMSChannel": { + "AWS::MediaConvert::Preset": { "additionalProperties": false, "properties": { "Condition": { @@ -179896,35 +185662,40 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationId": { - "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the SMS channel applies to.", - "title": "ApplicationId", + "Category": { + "markdownDescription": "The new category for the preset, if you are changing it.", + "title": "Category", "type": "string" }, - "Enabled": { - "markdownDescription": "Specifies whether to enable the SMS channel for the application.", - "title": "Enabled", - "type": "boolean" - }, - "SenderId": { - "markdownDescription": "The identity that you want to display on recipients' devices when they receive messages from the SMS channel.\n\n> SenderIDs are only supported in certain countries and regions. For more information, see [Supported Countries and Regions](https://docs.aws.amazon.com/pinpoint/latest/userguide/channels-sms-countries.html) in the *Amazon Pinpoint User Guide* .", - "title": "SenderId", + "Description": { + "markdownDescription": "The new description for the preset, if you are changing it.", + "title": "Description", "type": "string" }, - "ShortCode": { - "markdownDescription": "The registered short code that you want to use when you send messages through the SMS channel.\n\n> For information about obtaining a dedicated short code for sending SMS messages, see [Requesting Dedicated Short Codes for SMS Messaging with Amazon Pinpoint](https://docs.aws.amazon.com/pinpoint/latest/userguide/channels-sms-awssupport-short-code.html) in the *Amazon Pinpoint User Guide* .", - "title": "ShortCode", + "Name": { + "markdownDescription": "The name of the preset that you are modifying.", + "title": "Name", "type": "string" + }, + "SettingsJson": { + "markdownDescription": "Specify, in JSON format, the transcoding job settings for this output preset. This specification must conform to the AWS Elemental MediaConvert job validation. For information about forming this specification, see the Remarks section later in this topic.\n\nFor more information about MediaConvert output presets, see [Working with AWS Elemental MediaConvert Output Presets](https://docs.aws.amazon.com/mediaconvert/latest/ug/working-with-presets.html) in the ** .", + "title": "SettingsJson", + "type": "object" + }, + "Tags": { + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "object" } }, "required": [ - "ApplicationId" + "SettingsJson" ], "type": "object" }, "Type": { "enum": [ - "AWS::Pinpoint::SMSChannel" + "AWS::MediaConvert::Preset" ], "type": "string" }, @@ -179943,7 +185714,7 @@ ], "type": "object" }, - "AWS::Pinpoint::Segment": { + "AWS::MediaConvert::Queue": { "additionalProperties": false, "properties": { "Condition": { @@ -179978,25 +185749,30 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationId": { - "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the segment is associated with.", - "title": "ApplicationId", - "type": "string" + "ConcurrentJobs": { + "markdownDescription": "Specify the maximum number of jobs your queue can process concurrently. For on-demand queues, the value you enter is constrained by your service quotas for Maximum concurrent jobs, per on-demand queue and Maximum concurrent jobs, per account. For reserved queues, specify the number of jobs you can process concurrently in your reservation plan instead.", + "title": "ConcurrentJobs", + "type": "number" }, - "Dimensions": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.SegmentDimensions", - "markdownDescription": "An array that defines the dimensions for the segment.", - "title": "Dimensions" + "Description": { + "markdownDescription": "Optional. A description of the queue that you are creating.", + "title": "Description", + "type": "string" }, "Name": { - "markdownDescription": "The name of the segment.\n\n> A segment must have a name otherwise it will not appear in the Amazon Pinpoint console.", + "markdownDescription": "The name of the queue that you are creating.", "title": "Name", "type": "string" }, - "SegmentGroups": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.SegmentGroups", - "markdownDescription": "The segment group to use and the dimensions to apply to the group's base segments in order to build the segment. A segment group can consist of zero or more base segments. Your request can include only one segment group.", - "title": "SegmentGroups" + "PricingPlan": { + "markdownDescription": "When you use AWS CloudFormation , you can create only on-demand queues. Therefore, always set `PricingPlan` to the value \"ON_DEMAND\" when declaring an AWS::MediaConvert::Queue in your AWS CloudFormation template.\n\nTo create a reserved queue, use the AWS Elemental MediaConvert console at https://console.aws.amazon.com/mediaconvert to set up a contract. For more information, see [Working with AWS Elemental MediaConvert Queues](https://docs.aws.amazon.com/mediaconvert/latest/ug/working-with-queues.html) in the ** .", + "title": "PricingPlan", + "type": "string" + }, + "Status": { + "markdownDescription": "Initial state of the queue. Queues can be either ACTIVE or PAUSED. If you create a paused queue, then jobs that you send to that queue won't begin.", + "title": "Status", + "type": "string" }, "Tags": { "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", @@ -180004,15 +185780,11 @@ "type": "object" } }, - "required": [ - "ApplicationId", - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Pinpoint::Segment" + "AWS::MediaConvert::Queue" ], "type": "string" }, @@ -180026,275 +185798,11 @@ } }, "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::Pinpoint::Segment.AttributeDimension": { - "additionalProperties": false, - "properties": { - "AttributeType": { - "type": "string" - }, - "Values": { - "items": { - "type": "string" - }, - "type": "array" - } - }, - "type": "object" - }, - "AWS::Pinpoint::Segment.Behavior": { - "additionalProperties": false, - "properties": { - "Recency": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.Recency", - "markdownDescription": "Specifies how recently segment members were active.", - "title": "Recency" - } - }, - "type": "object" - }, - "AWS::Pinpoint::Segment.Coordinates": { - "additionalProperties": false, - "properties": { - "Latitude": { - "markdownDescription": "The latitude coordinate of the location.", - "title": "Latitude", - "type": "number" - }, - "Longitude": { - "markdownDescription": "The longitude coordinate of the location.", - "title": "Longitude", - "type": "number" - } - }, - "required": [ - "Latitude", - "Longitude" - ], - "type": "object" - }, - "AWS::Pinpoint::Segment.Demographic": { - "additionalProperties": false, - "properties": { - "AppVersion": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", - "markdownDescription": "The app version criteria for the segment.", - "title": "AppVersion" - }, - "Channel": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", - "markdownDescription": "The channel criteria for the segment.", - "title": "Channel" - }, - "DeviceType": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", - "markdownDescription": "The device type criteria for the segment.", - "title": "DeviceType" - }, - "Make": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", - "markdownDescription": "The device make criteria for the segment.", - "title": "Make" - }, - "Model": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", - "markdownDescription": "The device model criteria for the segment.", - "title": "Model" - }, - "Platform": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", - "markdownDescription": "The device platform criteria for the segment.", - "title": "Platform" - } - }, - "type": "object" - }, - "AWS::Pinpoint::Segment.GPSPoint": { - "additionalProperties": false, - "properties": { - "Coordinates": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.Coordinates", - "markdownDescription": "The GPS coordinates to measure distance from.", - "title": "Coordinates" - }, - "RangeInKilometers": { - "markdownDescription": "The range, in kilometers, from the GPS coordinates.", - "title": "RangeInKilometers", - "type": "number" - } - }, - "required": [ - "Coordinates", - "RangeInKilometers" - ], - "type": "object" - }, - "AWS::Pinpoint::Segment.Groups": { - "additionalProperties": false, - "properties": { - "Dimensions": { - "items": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.SegmentDimensions" - }, - "markdownDescription": "An array that defines the dimensions to include or exclude from the segment.", - "title": "Dimensions", - "type": "array" - }, - "SourceSegments": { - "items": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.SourceSegments" - }, - "markdownDescription": "The base segment to build the segment on. A base segment, also called a *source segment* , defines the initial population of endpoints for a segment. When you add dimensions to the segment, Amazon Pinpoint filters the base segment by using the dimensions that you specify.\n\nYou can specify more than one dimensional segment or only one imported segment. If you specify an imported segment, the segment size estimate that displays on the Amazon Pinpoint console indicates the size of the imported segment without any filters applied to it.", - "title": "SourceSegments", - "type": "array" - }, - "SourceType": { - "markdownDescription": "Specifies how to handle multiple base segments for the segment. For example, if you specify three base segments for the segment, whether the resulting segment is based on all, any, or none of the base segments.", - "title": "SourceType", - "type": "string" - }, - "Type": { - "markdownDescription": "Specifies how to handle multiple dimensions for the segment. For example, if you specify three dimensions for the segment, whether the resulting segment includes endpoints that match all, any, or none of the dimensions.", - "title": "Type", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Pinpoint::Segment.Location": { - "additionalProperties": false, - "properties": { - "Country": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", - "markdownDescription": "The country or region code, in ISO 3166-1 alpha-2 format, for the segment.", - "title": "Country" - }, - "GPSPoint": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.GPSPoint", - "markdownDescription": "The GPS point dimension for the segment.", - "title": "GPSPoint" - } - }, - "type": "object" - }, - "AWS::Pinpoint::Segment.Recency": { - "additionalProperties": false, - "properties": { - "Duration": { - "markdownDescription": "The duration to use when determining which users have been active or inactive with your app.\n\nPossible values: `HR_24` | `DAY_7` | `DAY_14` | `DAY_30` .", - "title": "Duration", - "type": "string" - }, - "RecencyType": { - "markdownDescription": "The type of recency dimension to use for the segment. Valid values are: `ACTIVE` and `INACTIVE` . If the value is `ACTIVE` , the segment includes users who have used your app within the specified duration are included in the segment. If the value is `INACTIVE` , the segment includes users who haven't used your app within the specified duration are included in the segment.", - "title": "RecencyType", - "type": "string" - } - }, - "required": [ - "Duration", - "RecencyType" - ], - "type": "object" - }, - "AWS::Pinpoint::Segment.SegmentDimensions": { - "additionalProperties": false, - "properties": { - "Attributes": { - "markdownDescription": "One or more custom attributes to use as criteria for the segment. For more information see [AttributeDimension](https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-segments.html#apps-application-id-segments-model-attributedimension)", - "title": "Attributes", - "type": "object" - }, - "Behavior": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.Behavior", - "markdownDescription": "The behavior-based criteria, such as how recently users have used your app, for the segment.", - "title": "Behavior" - }, - "Demographic": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.Demographic", - "markdownDescription": "The demographic-based criteria, such as device platform, for the segment.", - "title": "Demographic" - }, - "Location": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.Location", - "markdownDescription": "The location-based criteria, such as region or GPS coordinates, for the segment.", - "title": "Location" - }, - "Metrics": { - "markdownDescription": "One or more custom metrics to use as criteria for the segment.", - "title": "Metrics", - "type": "object" - }, - "UserAttributes": { - "markdownDescription": "One or more custom user attributes to use as criteria for the segment.", - "title": "UserAttributes", - "type": "object" - } - }, - "type": "object" - }, - "AWS::Pinpoint::Segment.SegmentGroups": { - "additionalProperties": false, - "properties": { - "Groups": { - "items": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.Groups" - }, - "markdownDescription": "Specifies the set of segment criteria to evaluate when handling segment groups for the segment.", - "title": "Groups", - "type": "array" - }, - "Include": { - "markdownDescription": "Specifies how to handle multiple segment groups for the segment. For example, if the segment includes three segment groups, whether the resulting segment includes endpoints that match all, any, or none of the segment groups.", - "title": "Include", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Pinpoint::Segment.SetDimension": { - "additionalProperties": false, - "properties": { - "DimensionType": { - "markdownDescription": "The type of segment dimension to use. Valid values are: `INCLUSIVE` , endpoints that match the criteria are included in the segment; and, `EXCLUSIVE` , endpoints that match the criteria are excluded from the segment.", - "title": "DimensionType", - "type": "string" - }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The criteria values to use for the segment dimension. Depending on the value of the `DimensionType` property, endpoints are included or excluded from the segment if their values match the criteria values.", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Pinpoint::Segment.SourceSegments": { - "additionalProperties": false, - "properties": { - "Id": { - "markdownDescription": "The unique identifier for the source segment.", - "title": "Id", - "type": "string" - }, - "Version": { - "markdownDescription": "The version number of the source segment.", - "title": "Version", - "type": "number" - } - }, - "required": [ - "Id" + "Type" ], "type": "object" }, - "AWS::Pinpoint::SmsTemplate": { + "AWS::MediaLive::Channel": { "additionalProperties": false, "properties": { "Condition": { @@ -180329,41 +185837,93 @@ "Properties": { "additionalProperties": false, "properties": { - "Body": { - "markdownDescription": "The message body to use in text messages that are based on the message template.", - "title": "Body", + "AnywhereSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AnywhereSettings", + "markdownDescription": "", + "title": "AnywhereSettings" + }, + "CdiInputSpecification": { + "$ref": "#/definitions/AWS::MediaLive::Channel.CdiInputSpecification", + "markdownDescription": "Specification of CDI inputs for this channel.", + "title": "CdiInputSpecification" + }, + "ChannelClass": { + "markdownDescription": "The class for this channel. For a channel with two pipelines, the class is STANDARD. For a channel with one pipeline, the class is SINGLE_PIPELINE.", + "title": "ChannelClass", "type": "string" }, - "DefaultSubstitutions": { - "markdownDescription": "A JSON object that specifies the default values to use for message variables in the message template. This object is a set of key-value pairs. Each key defines a message variable in the template. The corresponding value defines the default value for that variable. When you create a message that's based on the template, you can override these defaults with message-specific and address-specific variables and values.", - "title": "DefaultSubstitutions", + "ChannelEngineVersion": { + "$ref": "#/definitions/AWS::MediaLive::Channel.ChannelEngineVersionRequest", + "markdownDescription": "", + "title": "ChannelEngineVersion" + }, + "Destinations": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputDestination" + }, + "markdownDescription": "The settings that identify the destination for the outputs in this MediaLive output package.", + "title": "Destinations", + "type": "array" + }, + "DryRun": { + "markdownDescription": "", + "title": "DryRun", + "type": "boolean" + }, + "EncoderSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.EncoderSettings", + "markdownDescription": "The encoding configuration for the output content.", + "title": "EncoderSettings" + }, + "InputAttachments": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InputAttachment" + }, + "markdownDescription": "The list of input attachments for the channel.", + "title": "InputAttachments", + "type": "array" + }, + "InputSpecification": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InputSpecification", + "markdownDescription": "The input specification for this channel. It specifies the key characteristics of the inputs for this channel: the maximum bitrate, the resolution, and the codec.", + "title": "InputSpecification" + }, + "LogLevel": { + "markdownDescription": "The verbosity for logging activity for this channel. Charges for logging (which are generated through Amazon CloudWatch Logging) are higher for higher verbosities.", + "title": "LogLevel", "type": "string" }, - "Tags": { - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "object" + "Maintenance": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MaintenanceCreateSettings", + "markdownDescription": "Maintenance settings for this channel.", + "title": "Maintenance" }, - "TemplateDescription": { - "markdownDescription": "A custom description of the message template.", - "title": "TemplateDescription", + "Name": { + "markdownDescription": "Name of channel.", + "title": "Name", "type": "string" }, - "TemplateName": { - "markdownDescription": "The name of the message template to use for the message. If specified, this value must match the name of an existing message template.", - "title": "TemplateName", + "RoleArn": { + "markdownDescription": "The IAM role for MediaLive to assume when running this channel. The role is identified by its ARN.", + "title": "RoleArn", "type": "string" + }, + "Tags": { + "markdownDescription": "A collection of tags for this channel. Each tag is a key-value pair.", + "title": "Tags", + "type": "object" + }, + "Vpc": { + "$ref": "#/definitions/AWS::MediaLive::Channel.VpcOutputSettings", + "markdownDescription": "Settings to enable VPC mode in the channel, so that the endpoints for all outputs are in your VPC.", + "title": "Vpc" } }, - "required": [ - "Body", - "TemplateName" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Pinpoint::SmsTemplate" + "AWS::MediaLive::Channel" ], "type": "string" }, @@ -180377,11580 +185937,49927 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Pinpoint::VoiceChannel": { + "AWS::MediaLive::Channel.AacSettings": { "additionalProperties": false, "properties": { - "Condition": { + "Bitrate": { + "markdownDescription": "The average bitrate in bits/second. Valid values depend on the rate control mode and profile.", + "title": "Bitrate", + "type": "number" + }, + "CodingMode": { + "markdownDescription": "Mono, stereo, or 5.1 channel layout. Valid values depend on the rate control mode and profile. The adReceiverMix setting receives a stereo description plus control track, and emits a mono AAC encode of the description track, with control data emitted in the PES header as per ETSI TS 101 154 Annex E.", + "title": "CodingMode", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "InputType": { + "markdownDescription": "Set to broadcasterMixedAd when the input contains pre-mixed main audio + AD (narration) as a stereo pair. The Audio Type field (audioType) will be set to 3, which signals to downstream systems that this stream contains broadcaster mixed AD. Note that the input received by the encoder must contain pre-mixed audio; MediaLive does not perform the mixing. The values in audioTypeControl and audioType (in AudioDescription) are ignored when set to broadcasterMixedAd. Leave this set to normal when the input does not contain pre-mixed audio + AD.", + "title": "InputType", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Profile": { + "markdownDescription": "The AAC profile.", + "title": "Profile", + "type": "string" }, - "Metadata": { - "type": "object" + "RateControlMode": { + "markdownDescription": "The rate control mode.", + "title": "RateControlMode", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ApplicationId": { - "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the voice channel applies to.", - "title": "ApplicationId", - "type": "string" - }, - "Enabled": { - "markdownDescription": "Specifies whether to enable the voice channel for the application.", - "title": "Enabled", - "type": "boolean" - } - }, - "required": [ - "ApplicationId" - ], - "type": "object" + "RawFormat": { + "markdownDescription": "Sets the LATM/LOAS AAC output for raw containers.", + "title": "RawFormat", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Pinpoint::VoiceChannel" - ], + "SampleRate": { + "markdownDescription": "The sample rate in Hz. Valid values depend on the rate control mode and profile.", + "title": "SampleRate", + "type": "number" + }, + "Spec": { + "markdownDescription": "Uses MPEG-2 AAC audio instead of MPEG-4 AAC audio for raw or MPEG-2 Transport Stream containers.", + "title": "Spec", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VbrQuality": { + "markdownDescription": "The VBR quality level. This is used only if rateControlMode is VBR.", + "title": "VbrQuality", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::PinpointEmail::ConfigurationSet": { + "AWS::MediaLive::Channel.Ac3Settings": { "additionalProperties": false, "properties": { - "Condition": { + "AttenuationControl": { + "markdownDescription": "", + "title": "AttenuationControl", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Bitrate": { + "markdownDescription": "The average bitrate in bits/second. Valid bitrates depend on the coding mode.", + "title": "Bitrate", + "type": "number" + }, + "BitstreamMode": { + "markdownDescription": "Specifies the bitstream mode (bsmod) for the emitted AC-3 stream. For more information about these values, see ATSC A/52-2012.", + "title": "BitstreamMode", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "CodingMode": { + "markdownDescription": "The Dolby Digital coding mode. This determines the number of channels.", + "title": "CodingMode", + "type": "string" }, - "Metadata": { - "type": "object" + "Dialnorm": { + "markdownDescription": "Sets the dialnorm for the output. If excluded and the input audio is Dolby Digital, dialnorm is passed through.", + "title": "Dialnorm", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DeliveryOptions": { - "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSet.DeliveryOptions", - "markdownDescription": "An object that defines the dedicated IP pool that is used to send emails that you send using the configuration set.", - "title": "DeliveryOptions" - }, - "Name": { - "markdownDescription": "The name of the configuration set.", - "title": "Name", - "type": "string" - }, - "ReputationOptions": { - "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSet.ReputationOptions", - "markdownDescription": "An object that defines whether or not Amazon Pinpoint collects reputation metrics for the emails that you send that use the configuration set.", - "title": "ReputationOptions" - }, - "SendingOptions": { - "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSet.SendingOptions", - "markdownDescription": "An object that defines whether or not Amazon Pinpoint can send email that you send using the configuration set.", - "title": "SendingOptions" - }, - "Tags": { - "items": { - "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSet.Tags" - }, - "markdownDescription": "An object that defines the tags (keys and values) that you want to associate with the configuration set.", - "title": "Tags", - "type": "array" - }, - "TrackingOptions": { - "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSet.TrackingOptions", - "markdownDescription": "An object that defines the open and click tracking options for emails that you send using the configuration set.", - "title": "TrackingOptions" - } - }, - "required": [ - "Name" - ], - "type": "object" + "DrcProfile": { + "markdownDescription": "If set to filmStandard, adds dynamic range compression signaling to the output bitstream as defined in the Dolby Digital specification.", + "title": "DrcProfile", + "type": "string" }, - "Type": { - "enum": [ - "AWS::PinpointEmail::ConfigurationSet" - ], + "LfeFilter": { + "markdownDescription": "When set to enabled, applies a 120Hz lowpass filter to the LFE channel prior to encoding. This is valid only in codingMode32Lfe mode.", + "title": "LfeFilter", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "MetadataControl": { + "markdownDescription": "When set to followInput, encoder metadata is sourced from the DD, DD+, or DolbyE decoder that supplies this audio data. If the audio is supplied from one of these streams, the static metadata settings are used.", + "title": "MetadataControl", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::PinpointEmail::ConfigurationSet.DeliveryOptions": { + "AWS::MediaLive::Channel.AncillarySourceSettings": { "additionalProperties": false, "properties": { - "SendingPoolName": { - "markdownDescription": "The name of the dedicated IP pool that you want to associate with the configuration set.", - "title": "SendingPoolName", - "type": "string" + "SourceAncillaryChannelNumber": { + "markdownDescription": "Specifies the number (1 to 4) of the captions channel you want to extract from the ancillary captions. If you plan to convert the ancillary captions to another format, complete this field. If you plan to choose Embedded as the captions destination in the output (to pass through all the channels in the ancillary captions), leave this field blank because MediaLive ignores the field.", + "title": "SourceAncillaryChannelNumber", + "type": "number" } }, "type": "object" }, - "AWS::PinpointEmail::ConfigurationSet.ReputationOptions": { + "AWS::MediaLive::Channel.AnywhereSettings": { "additionalProperties": false, "properties": { - "ReputationMetricsEnabled": { - "markdownDescription": "If `true` , tracking of reputation metrics is enabled for the configuration set. If `false` , tracking of reputation metrics is disabled for the configuration set.", - "title": "ReputationMetricsEnabled", - "type": "boolean" + "ChannelPlacementGroupId": { + "markdownDescription": "", + "title": "ChannelPlacementGroupId", + "type": "string" + }, + "ClusterId": { + "markdownDescription": "", + "title": "ClusterId", + "type": "string" } }, "type": "object" }, - "AWS::PinpointEmail::ConfigurationSet.SendingOptions": { + "AWS::MediaLive::Channel.ArchiveCdnSettings": { "additionalProperties": false, "properties": { - "SendingEnabled": { - "markdownDescription": "If `true` , email sending is enabled for the configuration set. If `false` , email sending is disabled for the configuration set.", - "title": "SendingEnabled", - "type": "boolean" + "ArchiveS3Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.ArchiveS3Settings", + "markdownDescription": "Sets up Amazon S3 as the destination for this Archive output.", + "title": "ArchiveS3Settings" } }, "type": "object" }, - "AWS::PinpointEmail::ConfigurationSet.Tags": { + "AWS::MediaLive::Channel.ArchiveContainerSettings": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "One part of a key-value pair that defines a tag. The maximum length of a tag key is 128 characters. The minimum length is 1 character.\n\nIf you specify tags for the configuration set, then this value is required.", - "title": "Key", - "type": "string" + "M2tsSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.M2tsSettings", + "markdownDescription": "The settings for the M2TS in the archive output.", + "title": "M2tsSettings" }, - "Value": { - "markdownDescription": "The optional part of a key-value pair that defines a tag. The maximum length of a tag value is 256 characters. The minimum length is 0 characters. If you don\u2019t want a resource to have a specific tag value, don\u2019t specify a value for this parameter. Amazon Pinpoint will set the value to an empty string.", - "title": "Value", - "type": "string" - } - }, - "type": "object" - }, - "AWS::PinpointEmail::ConfigurationSet.TrackingOptions": { - "additionalProperties": false, - "properties": { - "CustomRedirectDomain": { - "markdownDescription": "The domain that you want to use for tracking open and click events.", - "title": "CustomRedirectDomain", - "type": "string" + "RawSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.RawSettings", + "markdownDescription": "The settings for Raw archive output type.", + "title": "RawSettings" } }, "type": "object" }, - "AWS::PinpointEmail::ConfigurationSetEventDestination": { + "AWS::MediaLive::Channel.ArchiveGroupSettings": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "ArchiveCdnSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.ArchiveCdnSettings", + "markdownDescription": "Settings to configure the destination of an Archive output.", + "title": "ArchiveCdnSettings" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "Destination": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", + "markdownDescription": "A directory and base file name where archive files should be written.", + "title": "Destination" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ConfigurationSetName": { - "markdownDescription": "The name of the configuration set that contains the event destination that you want to modify.", - "title": "ConfigurationSetName", - "type": "string" - }, - "EventDestination": { - "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination.EventDestination", - "markdownDescription": "An object that defines the event destination.", - "title": "EventDestination" - }, - "EventDestinationName": { - "markdownDescription": "The name of the event destination that you want to modify.", - "title": "EventDestinationName", - "type": "string" - } - }, - "required": [ - "ConfigurationSetName", - "EventDestinationName" - ], - "type": "object" + "RolloverInterval": { + "markdownDescription": "The number of seconds to write to an archive file before closing and starting a new one.", + "title": "RolloverInterval", + "type": "number" + } + }, + "type": "object" + }, + "AWS::MediaLive::Channel.ArchiveOutputSettings": { + "additionalProperties": false, + "properties": { + "ContainerSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.ArchiveContainerSettings", + "markdownDescription": "The settings that are specific to the container type of the file.", + "title": "ContainerSettings" }, - "Type": { - "enum": [ - "AWS::PinpointEmail::ConfigurationSetEventDestination" - ], + "Extension": { + "markdownDescription": "The output file extension. If excluded, this is auto-selected from the container type.", + "title": "Extension", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "NameModifier": { + "markdownDescription": "A string that is concatenated to the end of the destination file name. The string is required for multiple outputs of the same type.", + "title": "NameModifier", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::PinpointEmail::ConfigurationSetEventDestination.CloudWatchDestination": { + "AWS::MediaLive::Channel.ArchiveS3Settings": { "additionalProperties": false, "properties": { - "DimensionConfigurations": { - "items": { - "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination.DimensionConfiguration" - }, - "markdownDescription": "An array of objects that define the dimensions to use when you send email events to Amazon CloudWatch.", - "title": "DimensionConfigurations", - "type": "array" + "CannedAcl": { + "markdownDescription": "Specify the canned ACL to apply to each S3 request. Defaults to none.", + "title": "CannedAcl", + "type": "string" } }, "type": "object" }, - "AWS::PinpointEmail::ConfigurationSetEventDestination.DimensionConfiguration": { + "AWS::MediaLive::Channel.AribDestinationSettings": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::MediaLive::Channel.AribSourceSettings": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::MediaLive::Channel.AudioChannelMapping": { "additionalProperties": false, "properties": { - "DefaultDimensionValue": { - "markdownDescription": "The default value of the dimension that is published to Amazon CloudWatch if you don't provide the value of the dimension when you send an email. This value has to meet the following criteria:\n\n- It can only contain ASCII letters (a\u2013z, A\u2013Z), numbers (0\u20139), underscores (_), or dashes (-).\n- It can contain no more than 256 characters.", - "title": "DefaultDimensionValue", - "type": "string" - }, - "DimensionName": { - "markdownDescription": "The name of an Amazon CloudWatch dimension associated with an email sending metric. The name has to meet the following criteria:\n\n- It can only contain ASCII letters (a\u2013z, A\u2013Z), numbers (0\u20139), underscores (_), or dashes (-).\n- It can contain no more than 256 characters.", - "title": "DimensionName", - "type": "string" + "InputChannelLevels": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InputChannelLevel" + }, + "markdownDescription": "The indices and gain values for each input channel that should be remixed into this output channel.", + "title": "InputChannelLevels", + "type": "array" }, - "DimensionValueSource": { - "markdownDescription": "The location where Amazon Pinpoint finds the value of a dimension to publish to Amazon CloudWatch. Acceptable values: `MESSAGE_TAG` , `EMAIL_HEADER` , and `LINK_TAG` .\n\nIf you want Amazon Pinpoint to use the message tags that you specify using an `X-SES-MESSAGE-TAGS` header or a parameter to the `SendEmail` API, choose `MESSAGE_TAG` . If you want Amazon Pinpoint to use your own email headers, choose `EMAIL_HEADER` . If you want Amazon Pinpoint to use tags that are specified in your links, choose `LINK_TAG` .", - "title": "DimensionValueSource", - "type": "string" + "OutputChannel": { + "markdownDescription": "The index of the output channel that is being produced.", + "title": "OutputChannel", + "type": "number" } }, - "required": [ - "DefaultDimensionValue", - "DimensionName", - "DimensionValueSource" - ], "type": "object" }, - "AWS::PinpointEmail::ConfigurationSetEventDestination.EventDestination": { + "AWS::MediaLive::Channel.AudioCodecSettings": { "additionalProperties": false, "properties": { - "CloudWatchDestination": { - "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination.CloudWatchDestination", - "markdownDescription": "An object that defines an Amazon CloudWatch destination for email events. You can use Amazon CloudWatch to monitor and gain insights on your email sending metrics.", - "title": "CloudWatchDestination" + "AacSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AacSettings", + "markdownDescription": "The setup of the AAC audio codec in the output.", + "title": "AacSettings" }, - "Enabled": { - "markdownDescription": "If `true` , the event destination is enabled. When the event destination is enabled, the specified event types are sent to the destinations in this `EventDestinationDefinition` .\n\nIf `false` , the event destination is disabled. When the event destination is disabled, events aren't sent to the specified destinations.", - "title": "Enabled", - "type": "boolean" + "Ac3Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Ac3Settings", + "markdownDescription": "The setup of an AC3 audio codec in the output.", + "title": "Ac3Settings" }, - "KinesisFirehoseDestination": { - "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination.KinesisFirehoseDestination", - "markdownDescription": "An object that defines an Amazon Kinesis Data Firehose destination for email events. You can use Amazon Kinesis Data Firehose to stream data to other services, such as Amazon S3 and Amazon Redshift.", - "title": "KinesisFirehoseDestination" + "Eac3AtmosSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Eac3AtmosSettings", + "markdownDescription": "", + "title": "Eac3AtmosSettings" }, - "MatchingEventTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The types of events that Amazon Pinpoint sends to the specified event destinations. Acceptable values: `SEND` , `REJECT` , `BOUNCE` , `COMPLAINT` , `DELIVERY` , `OPEN` , `CLICK` , and `RENDERING_FAILURE` .", - "title": "MatchingEventTypes", - "type": "array" + "Eac3Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Eac3Settings", + "markdownDescription": "The setup of an EAC3 audio codec in the output.", + "title": "Eac3Settings" }, - "PinpointDestination": { - "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination.PinpointDestination", - "markdownDescription": "An object that defines a Amazon Pinpoint destination for email events. You can use Amazon Pinpoint events to create attributes in Amazon Pinpoint projects. You can use these attributes to create segments for your campaigns.", - "title": "PinpointDestination" + "Mp2Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Mp2Settings", + "markdownDescription": "The setup of an MP2 audio codec in the output.", + "title": "Mp2Settings" }, - "SnsDestination": { - "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination.SnsDestination", - "markdownDescription": "An object that defines an Amazon SNS destination for email events. You can use Amazon SNS to send notification when certain email events occur.", - "title": "SnsDestination" + "PassThroughSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.PassThroughSettings", + "markdownDescription": "The setup to pass through the Dolby audio codec to the output.", + "title": "PassThroughSettings" + }, + "WavSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.WavSettings", + "markdownDescription": "Settings for audio encoded with the WAV codec.", + "title": "WavSettings" } }, - "required": [ - "MatchingEventTypes" - ], "type": "object" }, - "AWS::PinpointEmail::ConfigurationSetEventDestination.KinesisFirehoseDestination": { + "AWS::MediaLive::Channel.AudioDescription": { "additionalProperties": false, "properties": { - "DeliveryStreamArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Kinesis Data Firehose stream that Amazon Pinpoint sends email events to.", - "title": "DeliveryStreamArn", + "AudioDashRoles": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "AudioDashRoles", + "type": "array" + }, + "AudioNormalizationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioNormalizationSettings", + "markdownDescription": "The advanced audio normalization settings.", + "title": "AudioNormalizationSettings" + }, + "AudioSelectorName": { + "markdownDescription": "The name of the AudioSelector that is used as the source for this AudioDescription.", + "title": "AudioSelectorName", "type": "string" }, - "IamRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that Amazon Pinpoint uses when sending email events to the Amazon Kinesis Data Firehose stream.", - "title": "IamRoleArn", + "AudioType": { + "markdownDescription": "Applies only if audioTypeControl is useConfigured. The values for audioType are defined in ISO-IEC 13818-1.", + "title": "AudioType", + "type": "string" + }, + "AudioTypeControl": { + "markdownDescription": "Determines how audio type is determined. followInput: If the input contains an ISO 639 audioType, then that value is passed through to the output. If the input contains no ISO 639 audioType, the value in Audio Type is included in the output. useConfigured: The value in Audio Type is included in the output. Note that this field and audioType are both ignored if inputType is broadcasterMixedAd.", + "title": "AudioTypeControl", + "type": "string" + }, + "AudioWatermarkingSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioWatermarkSettings", + "markdownDescription": "Settings to configure one or more solutions that insert audio watermarks in the audio encode", + "title": "AudioWatermarkingSettings" + }, + "CodecSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioCodecSettings", + "markdownDescription": "The audio codec settings.", + "title": "CodecSettings" + }, + "DvbDashAccessibility": { + "markdownDescription": "", + "title": "DvbDashAccessibility", + "type": "string" + }, + "LanguageCode": { + "markdownDescription": "Indicates the language of the audio output track. Used only if languageControlMode is useConfigured, or there is no ISO 639 language code specified in the input.", + "title": "LanguageCode", + "type": "string" + }, + "LanguageCodeControl": { + "markdownDescription": "Choosing followInput causes the ISO 639 language code of the output to follow the ISO 639 language code of the input. The languageCode setting is used when useConfigured is set, or when followInput is selected but there is no ISO 639 language code specified by the input.", + "title": "LanguageCodeControl", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of this AudioDescription. Outputs use this name to uniquely identify this AudioDescription. Description names should be unique within this channel.", + "title": "Name", + "type": "string" + }, + "RemixSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.RemixSettings", + "markdownDescription": "The settings that control how input audio channels are remixed into the output audio channels.", + "title": "RemixSettings" + }, + "StreamName": { + "markdownDescription": "Used for Microsoft Smooth and Apple HLS outputs. Indicates the name displayed by the player (for example, English or Director Commentary).", + "title": "StreamName", "type": "string" } }, - "required": [ - "DeliveryStreamArn", - "IamRoleArn" - ], "type": "object" }, - "AWS::PinpointEmail::ConfigurationSetEventDestination.PinpointDestination": { + "AWS::MediaLive::Channel.AudioDolbyEDecode": { "additionalProperties": false, "properties": { - "ApplicationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Pinpoint project that you want to send email events to.", - "title": "ApplicationArn", + "ProgramSelection": { + "markdownDescription": "", + "title": "ProgramSelection", "type": "string" } }, "type": "object" }, - "AWS::PinpointEmail::ConfigurationSetEventDestination.SnsDestination": { + "AWS::MediaLive::Channel.AudioHlsRenditionSelection": { "additionalProperties": false, "properties": { - "TopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic that you want to publish email events to. For more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) .", - "title": "TopicArn", + "GroupId": { + "markdownDescription": "Specifies the GROUP-ID in the #EXT-X-MEDIA tag of the target HLS audio rendition.", + "title": "GroupId", + "type": "string" + }, + "Name": { + "markdownDescription": "Specifies the NAME in the #EXT-X-MEDIA tag of the target HLS audio rendition.", + "title": "Name", "type": "string" } }, - "required": [ - "TopicArn" - ], "type": "object" }, - "AWS::PinpointEmail::DedicatedIpPool": { + "AWS::MediaLive::Channel.AudioLanguageSelection": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "PoolName": { - "markdownDescription": "The name of the dedicated IP pool.", - "title": "PoolName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/AWS::PinpointEmail::DedicatedIpPool.Tags" - }, - "markdownDescription": "An object that defines the tags (keys and values) that you want to associate with the dedicated IP pool.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::PinpointEmail::DedicatedIpPool" - ], + "LanguageCode": { + "markdownDescription": "Selects a specific three-letter language code from within an audio source.", + "title": "LanguageCode", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "LanguageSelectionPolicy": { + "markdownDescription": "When set to \"strict,\" the transport stream demux strictly identifies audio streams by their language descriptor. If a PMT update occurs such that an audio stream matching the initially selected language is no longer present, then mute is encoded until the language returns. If set to \"loose,\" then on a PMT update the demux chooses another audio stream in the program with the same stream type if it can't find one with the same language.", + "title": "LanguageSelectionPolicy", "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::PinpointEmail::DedicatedIpPool.Tags": { + "AWS::MediaLive::Channel.AudioNormalizationSettings": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "One part of a key-value pair that defines a tag. The maximum length of a tag key is 128 characters. The minimum length is 1 character.\n\nIf you specify tags for the dedicated IP pool, then this value is required.", - "title": "Key", + "Algorithm": { + "markdownDescription": "The audio normalization algorithm to use. itu17701 conforms to the CALM Act specification. itu17702 conforms to the EBU R-128 specification.", + "title": "Algorithm", "type": "string" }, - "Value": { - "markdownDescription": "The optional part of a key-value pair that defines a tag. The maximum length of a tag value is 256 characters. The minimum length is 0 characters. If you don\u2019t want a resource to have a specific tag value, don\u2019t specify a value for this parameter. Amazon Pinpoint will set the value to an empty string.", - "title": "Value", + "AlgorithmControl": { + "markdownDescription": "When set to correctAudio, the output audio is corrected using the chosen algorithm. If set to measureOnly, the audio is measured but not adjusted.", + "title": "AlgorithmControl", "type": "string" + }, + "TargetLkfs": { + "markdownDescription": "The Target LKFS(loudness) to adjust volume to. If no value is entered, a default value is used according to the chosen algorithm. The CALM Act (1770-1) recommends a target of -24 LKFS. The EBU R-128 specification (1770-2) recommends a target of -23 LKFS.", + "title": "TargetLkfs", + "type": "number" } }, "type": "object" }, - "AWS::PinpointEmail::Identity": { + "AWS::MediaLive::Channel.AudioOnlyHlsSettings": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "AudioGroupId": { + "markdownDescription": "Specifies the group that the audio rendition belongs to.", + "title": "AudioGroupId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DkimSigningEnabled": { - "markdownDescription": "For domain identities, this attribute is used to enable or disable DomainKeys Identified Mail (DKIM) signing for the domain.\n\nIf the value is `true` , then the messages that you send from the domain are signed using both the DKIM keys for your domain, as well as the keys for the `amazonses.com` domain. If the value is `false` , then the messages that you send are only signed using the DKIM keys for the `amazonses.com` domain.", - "title": "DkimSigningEnabled", - "type": "boolean" - }, - "FeedbackForwardingEnabled": { - "markdownDescription": "Used to enable or disable feedback forwarding for an identity. This setting determines what happens when an identity is used to send an email that results in a bounce or complaint event.\n\nWhen you enable feedback forwarding, Amazon Pinpoint sends you email notifications when bounce or complaint events occur. Amazon Pinpoint sends this notification to the address that you specified in the Return-Path header of the original email.\n\nWhen you disable feedback forwarding, Amazon Pinpoint sends notifications through other mechanisms, such as by notifying an Amazon SNS topic. You're required to have a method of tracking bounces and complaints. If you haven't set up another mechanism for receiving bounce or complaint notifications, Amazon Pinpoint sends an email notification when these events occur (even if this setting is disabled).", - "title": "FeedbackForwardingEnabled", - "type": "boolean" - }, - "MailFromAttributes": { - "$ref": "#/definitions/AWS::PinpointEmail::Identity.MailFromAttributes", - "markdownDescription": "Used to enable or disable the custom Mail-From domain configuration for an email identity.", - "title": "MailFromAttributes" - }, - "Name": { - "markdownDescription": "The address or domain of the identity, such as *sender@example.com* or *example.co.uk* .", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/AWS::PinpointEmail::Identity.Tags" - }, - "markdownDescription": "An object that defines the tags (keys and values) that you want to associate with the email identity.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Name" - ], - "type": "object" + "AudioOnlyImage": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", + "markdownDescription": "Used with an audio-only stream. It must be a .jpg or .png file. If given, this image is used as the cover art for the audio-only output. Ideally, it should be formatted for an iPhone screen for two reasons. The iPhone does not resize the image; instead, it crops a centered image on the top/bottom and left/right. Additionally, this image file gets saved bit-for-bit into every 10-second segment file, so it increases bandwidth by {image file size} * {segment count} * {user count.}.", + "title": "AudioOnlyImage" }, - "Type": { - "enum": [ - "AWS::PinpointEmail::Identity" - ], + "AudioTrackType": { + "markdownDescription": "Four types of audio-only tracks are supported: Audio-Only Variant Stream The client can play back this audio-only stream instead of video in low-bandwidth scenarios. Represented as an EXT-X-STREAM-INF in the HLS manifest. Alternate Audio, Auto Select, Default Alternate rendition that the client should try to play back by default. Represented as an EXT-X-MEDIA in the HLS manifest with DEFAULT=YES, AUTOSELECT=YES Alternate Audio, Auto Select, Not Default Alternate rendition that the client might try to play back by default. Represented as an EXT-X-MEDIA in the HLS manifest with DEFAULT=NO, AUTOSELECT=YES Alternate Audio, not Auto Select Alternate rendition that the client will not try to play back by default. Represented as an EXT-X-MEDIA in the HLS manifest with DEFAULT=NO, AUTOSELECT=NO.", + "title": "AudioTrackType", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SegmentType": { + "markdownDescription": "Specifies the segment type.", + "title": "SegmentType", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::PinpointEmail::Identity.MailFromAttributes": { + "AWS::MediaLive::Channel.AudioPidSelection": { "additionalProperties": false, "properties": { - "BehaviorOnMxFailure": { - "markdownDescription": "The action that Amazon Pinpoint to takes if it can't read the required MX record for a custom MAIL FROM domain. When you set this value to `UseDefaultValue` , Amazon Pinpoint uses *amazonses.com* as the MAIL FROM domain. When you set this value to `RejectMessage` , Amazon Pinpoint returns a `MailFromDomainNotVerified` error, and doesn't attempt to deliver the email.\n\nThese behaviors are taken when the custom MAIL FROM domain configuration is in the `Pending` , `Failed` , and `TemporaryFailure` states.", - "title": "BehaviorOnMxFailure", - "type": "string" - }, - "MailFromDomain": { - "markdownDescription": "The name of a domain that an email identity uses as a custom MAIL FROM domain.", - "title": "MailFromDomain", - "type": "string" + "Pid": { + "markdownDescription": "Select the audio by this PID.", + "title": "Pid", + "type": "number" } }, "type": "object" }, - "AWS::PinpointEmail::Identity.Tags": { + "AWS::MediaLive::Channel.AudioSelector": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "One part of a key-value pair that defines a tag. The maximum length of a tag key is 128 characters. The minimum length is 1 character.\n\nIf you specify tags for the identity, then this value is required.", - "title": "Key", + "Name": { + "markdownDescription": "A name for this AudioSelector.", + "title": "Name", "type": "string" }, - "Value": { - "markdownDescription": "The optional part of a key-value pair that defines a tag. The maximum length of a tag value is 256 characters. The minimum length is 0 characters. If you don\u2019t want a resource to have a specific tag value, don\u2019t specify a value for this parameter. Amazon Pinpoint will set the value to an empty string.", - "title": "Value", - "type": "string" + "SelectorSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioSelectorSettings", + "markdownDescription": "Information about the specific audio to extract from the input.", + "title": "SelectorSettings" } }, "type": "object" }, - "AWS::Pipes::Pipe": { + "AWS::MediaLive::Channel.AudioSelectorSettings": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "AudioHlsRenditionSelection": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioHlsRenditionSelection", + "markdownDescription": "Selector for HLS audio rendition.", + "title": "AudioHlsRenditionSelection" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description of the pipe.", - "title": "Description", - "type": "string" - }, - "DesiredState": { - "markdownDescription": "The state the pipe should be in.", - "title": "DesiredState", - "type": "string" - }, - "Enrichment": { - "markdownDescription": "The ARN of the enrichment resource.", - "title": "Enrichment", - "type": "string" - }, - "EnrichmentParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeEnrichmentParameters", - "markdownDescription": "The parameters required to set up enrichment on your pipe.", - "title": "EnrichmentParameters" - }, - "LogConfiguration": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeLogConfiguration", - "markdownDescription": "The logging configuration settings for the pipe.", - "title": "LogConfiguration" - }, - "Name": { - "markdownDescription": "The name of the pipe.", - "title": "Name", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN of the role that allows the pipe to send data to the target.", - "title": "RoleArn", - "type": "string" - }, - "Source": { - "markdownDescription": "The ARN of the source resource.", - "title": "Source", - "type": "string" - }, - "SourceParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceParameters", - "markdownDescription": "The parameters required to set up a source for your pipe.", - "title": "SourceParameters" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "The list of key-value pairs to associate with the pipe.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - }, - "Target": { - "markdownDescription": "The ARN of the target resource.", - "title": "Target", - "type": "string" - }, - "TargetParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetParameters", - "markdownDescription": "The parameters required to set up a target for your pipe.\n\nFor more information about pipe target parameters, including how to use dynamic path parameters, see [Target parameters](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes-event-target.html) in the *Amazon EventBridge User Guide* .", - "title": "TargetParameters" - } - }, - "required": [ - "RoleArn", - "Source", - "Target" - ], - "type": "object" + "AudioLanguageSelection": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioLanguageSelection", + "markdownDescription": "The language code of the audio to select.", + "title": "AudioLanguageSelection" }, - "Type": { - "enum": [ - "AWS::Pipes::Pipe" - ], - "type": "string" + "AudioPidSelection": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioPidSelection", + "markdownDescription": "The PID of the audio to select.", + "title": "AudioPidSelection" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "AudioTrackSelection": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioTrackSelection", + "markdownDescription": "Information about the audio track to extract.", + "title": "AudioTrackSelection" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Pipes::Pipe.AwsVpcConfiguration": { + "AWS::MediaLive::Channel.AudioSilenceFailoverSettings": { "additionalProperties": false, "properties": { - "AssignPublicIp": { - "markdownDescription": "Specifies whether the task's elastic network interface receives a public IP address. You can specify `ENABLED` only when `LaunchType` in `EcsParameters` is set to `FARGATE` .", - "title": "AssignPublicIp", + "AudioSelectorName": { + "markdownDescription": "The name of the audio selector in the input that MediaLive should monitor to detect silence. Select your most important rendition. If you didn't create an audio selector in this input, leave blank.", + "title": "AudioSelectorName", "type": "string" }, - "SecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the security groups associated with the task. These security groups must all be in the same VPC. You can specify as many as five security groups. If you do not specify a security group, the default security group for the VPC is used.", - "title": "SecurityGroups", - "type": "array" - }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the subnets associated with the task. These subnets must all be in the same VPC. You can specify as many as 16 subnets.", - "title": "Subnets", - "type": "array" + "AudioSilenceThresholdMsec": { + "markdownDescription": "The amount of time (in milliseconds) that the active input must be silent before automatic input failover occurs. Silence is defined as audio loss or audio quieter than -50 dBFS.", + "title": "AudioSilenceThresholdMsec", + "type": "number" } }, - "required": [ - "Subnets" - ], "type": "object" }, - "AWS::Pipes::Pipe.BatchArrayProperties": { + "AWS::MediaLive::Channel.AudioTrack": { "additionalProperties": false, "properties": { - "Size": { - "markdownDescription": "The size of the array, if this is an array batch job.", - "title": "Size", + "Track": { + "markdownDescription": "1-based integer value that maps to a specific audio track", + "title": "Track", "type": "number" } }, "type": "object" }, - "AWS::Pipes::Pipe.BatchContainerOverrides": { + "AWS::MediaLive::Channel.AudioTrackSelection": { "additionalProperties": false, "properties": { - "Command": { - "items": { - "type": "string" - }, - "markdownDescription": "The command to send to the container that overrides the default command from the Docker image or the task definition.", - "title": "Command", - "type": "array" - }, - "Environment": { - "items": { - "$ref": "#/definitions/AWS::Pipes::Pipe.BatchEnvironmentVariable" - }, - "markdownDescription": "The environment variables to send to the container. You can add new environment variables, which are added to the container at launch, or you can override the existing environment variables from the Docker image or the task definition.\n\n> Environment variables cannot start with \" `AWS Batch` \". This naming convention is reserved for variables that AWS Batch sets.", - "title": "Environment", - "type": "array" - }, - "InstanceType": { - "markdownDescription": "The instance type to use for a multi-node parallel job.\n\n> This parameter isn't applicable to single-node container jobs or jobs that run on Fargate resources, and shouldn't be provided.", - "title": "InstanceType", - "type": "string" + "DolbyEDecode": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioDolbyEDecode", + "markdownDescription": "", + "title": "DolbyEDecode" }, - "ResourceRequirements": { + "Tracks": { "items": { - "$ref": "#/definitions/AWS::Pipes::Pipe.BatchResourceRequirement" + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioTrack" }, - "markdownDescription": "The type and amount of resources to assign to a container. This overrides the settings in the job definition. The supported resources include `GPU` , `MEMORY` , and `VCPU` .", - "title": "ResourceRequirements", + "markdownDescription": "Selects one or more unique audio tracks from within a source.", + "title": "Tracks", "type": "array" } }, "type": "object" }, - "AWS::Pipes::Pipe.BatchEnvironmentVariable": { + "AWS::MediaLive::Channel.AudioWatermarkSettings": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the key-value pair. For environment variables, this is the name of the environment variable.", - "title": "Name", - "type": "string" - }, - "Value": { - "markdownDescription": "The value of the key-value pair. For environment variables, this is the value of the environment variable.", - "title": "Value", - "type": "string" + "NielsenWatermarksSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.NielsenWatermarksSettings", + "markdownDescription": "Settings to configure Nielsen Watermarks in the audio encode", + "title": "NielsenWatermarksSettings" } }, "type": "object" }, - "AWS::Pipes::Pipe.BatchJobDependency": { + "AWS::MediaLive::Channel.AutomaticInputFailoverSettings": { "additionalProperties": false, "properties": { - "JobId": { - "markdownDescription": "The job ID of the AWS Batch job that's associated with this dependency.", - "title": "JobId", + "ErrorClearTimeMsec": { + "markdownDescription": "This clear time defines the requirement a recovered input must meet to be considered healthy. The input must have no failover conditions for this length of time. Enter a time in milliseconds. This value is particularly important if the input_preference for the failover pair is set to PRIMARY_INPUT_PREFERRED, because after this time, MediaLive will switch back to the primary input.", + "title": "ErrorClearTimeMsec", + "type": "number" + }, + "FailoverConditions": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Channel.FailoverCondition" + }, + "markdownDescription": "A list of failover conditions. If any of these conditions occur, MediaLive will perform a failover to the other input.", + "title": "FailoverConditions", + "type": "array" + }, + "InputPreference": { + "markdownDescription": "Input preference when deciding which input to make active when a previously failed input has recovered.", + "title": "InputPreference", "type": "string" }, - "Type": { - "markdownDescription": "The type of the job dependency.", - "title": "Type", + "SecondaryInputId": { + "markdownDescription": "The input ID of the secondary input in the automatic input failover pair.", + "title": "SecondaryInputId", "type": "string" } }, "type": "object" }, - "AWS::Pipes::Pipe.BatchResourceRequirement": { + "AWS::MediaLive::Channel.Av1ColorSpaceSettings": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The type of resource to assign to a container. The supported resources include `GPU` , `MEMORY` , and `VCPU` .", - "title": "Type", - "type": "string" + "ColorSpacePassthroughSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.ColorSpacePassthroughSettings", + "markdownDescription": "", + "title": "ColorSpacePassthroughSettings" }, - "Value": { - "markdownDescription": "The quantity of the specified resource to reserve for the container. The values vary based on the `type` specified.\n\n- **type=\"GPU\"** - The number of physical GPUs to reserve for the container. Make sure that the number of GPUs reserved for all containers in a job doesn't exceed the number of available GPUs on the compute resource that the job is launched on.\n\n> GPUs aren't available for jobs that are running on Fargate resources.\n- **type=\"MEMORY\"** - The memory hard limit (in MiB) present to the container. This parameter is supported for jobs that are running on EC2 resources. If your container attempts to exceed the memory specified, the container is terminated. This parameter maps to `Memory` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--memory` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . You must specify at least 4 MiB of memory for a job. This is required but can be specified in several places for multi-node parallel (MNP) jobs. It must be specified for each node at least once. This parameter maps to `Memory` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--memory` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) .\n\n> If you're trying to maximize your resource utilization by providing your jobs as much memory as possible for a particular instance type, see [Memory management](https://docs.aws.amazon.com/batch/latest/userguide/memory-management.html) in the *AWS Batch User Guide* . \n\nFor jobs that are running on Fargate resources, then `value` is the hard limit (in MiB), and must match one of the supported values and the `VCPU` values must be one of the values supported for that memory value.\n\n- **value = 512** - `VCPU` = 0.25\n- **value = 1024** - `VCPU` = 0.25 or 0.5\n- **value = 2048** - `VCPU` = 0.25, 0.5, or 1\n- **value = 3072** - `VCPU` = 0.5, or 1\n- **value = 4096** - `VCPU` = 0.5, 1, or 2\n- **value = 5120, 6144, or 7168** - `VCPU` = 1 or 2\n- **value = 8192** - `VCPU` = 1, 2, 4, or 8\n- **value = 9216, 10240, 11264, 12288, 13312, 14336, or 15360** - `VCPU` = 2 or 4\n- **value = 16384** - `VCPU` = 2, 4, or 8\n- **value = 17408, 18432, 19456, 21504, 22528, 23552, 25600, 26624, 27648, 29696, or 30720** - `VCPU` = 4\n- **value = 20480, 24576, or 28672** - `VCPU` = 4 or 8\n- **value = 36864, 45056, 53248, or 61440** - `VCPU` = 8\n- **value = 32768, 40960, 49152, or 57344** - `VCPU` = 8 or 16\n- **value = 65536, 73728, 81920, 90112, 98304, 106496, 114688, or 122880** - `VCPU` = 16\n- **type=\"VCPU\"** - The number of vCPUs reserved for the container. This parameter maps to `CpuShares` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--cpu-shares` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . Each vCPU is equivalent to 1,024 CPU shares. For EC2 resources, you must specify at least one vCPU. This is required but can be specified in several places; it must be specified for each node at least once.\n\nThe default for the Fargate On-Demand vCPU resource count quota is 6 vCPUs. For more information about Fargate quotas, see [AWS Fargate quotas](https://docs.aws.amazon.com/general/latest/gr/ecs-service.html#service-quotas-fargate) in the *AWS General Reference* .\n\nFor jobs that are running on Fargate resources, then `value` must match one of the supported values and the `MEMORY` values must be one of the values supported for that `VCPU` value. The supported values are 0.25, 0.5, 1, 2, 4, 8, and 16\n\n- **value = 0.25** - `MEMORY` = 512, 1024, or 2048\n- **value = 0.5** - `MEMORY` = 1024, 2048, 3072, or 4096\n- **value = 1** - `MEMORY` = 2048, 3072, 4096, 5120, 6144, 7168, or 8192\n- **value = 2** - `MEMORY` = 4096, 5120, 6144, 7168, 8192, 9216, 10240, 11264, 12288, 13312, 14336, 15360, or 16384\n- **value = 4** - `MEMORY` = 8192, 9216, 10240, 11264, 12288, 13312, 14336, 15360, 16384, 17408, 18432, 19456, 20480, 21504, 22528, 23552, 24576, 25600, 26624, 27648, 28672, 29696, or 30720\n- **value = 8** - `MEMORY` = 16384, 20480, 24576, 28672, 32768, 36864, 40960, 45056, 49152, 53248, 57344, or 61440\n- **value = 16** - `MEMORY` = 32768, 40960, 49152, 57344, 65536, 73728, 81920, 90112, 98304, 106496, 114688, or 122880", - "title": "Value", - "type": "string" + "Hdr10Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Hdr10Settings", + "markdownDescription": "", + "title": "Hdr10Settings" + }, + "Rec601Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Rec601Settings", + "markdownDescription": "", + "title": "Rec601Settings" + }, + "Rec709Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Rec709Settings", + "markdownDescription": "", + "title": "Rec709Settings" } }, - "required": [ - "Type", - "Value" - ], "type": "object" }, - "AWS::Pipes::Pipe.BatchRetryStrategy": { + "AWS::MediaLive::Channel.Av1Settings": { "additionalProperties": false, "properties": { - "Attempts": { - "markdownDescription": "The number of times to move a job to the `RUNNABLE` status. If the value of `attempts` is greater than one, the job is retried on failure the same number of attempts as the value.", - "title": "Attempts", + "AfdSignaling": { + "markdownDescription": "", + "title": "AfdSignaling", + "type": "string" + }, + "Bitrate": { + "markdownDescription": "", + "title": "Bitrate", "type": "number" - } - }, - "type": "object" - }, - "AWS::Pipes::Pipe.CapacityProviderStrategyItem": { - "additionalProperties": false, - "properties": { - "Base": { - "markdownDescription": "The base value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined. If no value is specified, the default value of 0 is used.", - "title": "Base", + }, + "BufSize": { + "markdownDescription": "", + "title": "BufSize", "type": "number" }, - "CapacityProvider": { - "markdownDescription": "The short name of the capacity provider.", - "title": "CapacityProvider", + "ColorSpaceSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Av1ColorSpaceSettings", + "markdownDescription": "", + "title": "ColorSpaceSettings" + }, + "FixedAfd": { + "markdownDescription": "", + "title": "FixedAfd", "type": "string" }, - "Weight": { - "markdownDescription": "The weight value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The weight value is taken into consideration after the base value, if defined, is satisfied.", - "title": "Weight", + "FramerateDenominator": { + "markdownDescription": "", + "title": "FramerateDenominator", "type": "number" - } - }, - "required": [ - "CapacityProvider" - ], - "type": "object" - }, - "AWS::Pipes::Pipe.CloudwatchLogsLogDestination": { - "additionalProperties": false, - "properties": { - "LogGroupArn": { - "markdownDescription": "The AWS Resource Name (ARN) for the CloudWatch log group to which EventBridge sends the log records.", - "title": "LogGroupArn", + }, + "FramerateNumerator": { + "markdownDescription": "", + "title": "FramerateNumerator", + "type": "number" + }, + "GopSize": { + "markdownDescription": "", + "title": "GopSize", + "type": "number" + }, + "GopSizeUnits": { + "markdownDescription": "", + "title": "GopSizeUnits", "type": "string" - } - }, - "type": "object" - }, - "AWS::Pipes::Pipe.DeadLetterConfig": { - "additionalProperties": false, - "properties": { - "Arn": { - "markdownDescription": "The ARN of the specified target for the dead-letter queue.\n\nFor Amazon Kinesis stream and Amazon DynamoDB stream sources, specify either an Amazon SNS topic or Amazon SQS queue ARN.", - "title": "Arn", + }, + "Level": { + "markdownDescription": "", + "title": "Level", "type": "string" - } - }, - "type": "object" - }, - "AWS::Pipes::Pipe.EcsContainerOverride": { - "additionalProperties": false, - "properties": { - "Command": { - "items": { - "type": "string" - }, - "markdownDescription": "The command to send to the container that overrides the default command from the Docker image or the task definition. You must also specify a container name.", - "title": "Command", - "type": "array" }, - "Cpu": { - "markdownDescription": "The number of `cpu` units reserved for the container, instead of the default value from the task definition. You must also specify a container name.", - "title": "Cpu", + "LookAheadRateControl": { + "markdownDescription": "", + "title": "LookAheadRateControl", + "type": "string" + }, + "MaxBitrate": { + "markdownDescription": "", + "title": "MaxBitrate", "type": "number" }, - "Environment": { - "items": { - "$ref": "#/definitions/AWS::Pipes::Pipe.EcsEnvironmentVariable" - }, - "markdownDescription": "The environment variables to send to the container. You can add new environment variables, which are added to the container at launch, or you can override the existing environment variables from the Docker image or the task definition. You must also specify a container name.", - "title": "Environment", - "type": "array" + "MinIInterval": { + "markdownDescription": "", + "title": "MinIInterval", + "type": "number" }, - "EnvironmentFiles": { - "items": { - "$ref": "#/definitions/AWS::Pipes::Pipe.EcsEnvironmentFile" - }, - "markdownDescription": "A list of files containing the environment variables to pass to a container, instead of the value from the container definition.", - "title": "EnvironmentFiles", - "type": "array" + "ParDenominator": { + "markdownDescription": "", + "title": "ParDenominator", + "type": "number" }, - "Memory": { - "markdownDescription": "The hard limit (in MiB) of memory to present to the container, instead of the default value from the task definition. If your container attempts to exceed the memory specified here, the container is killed. You must also specify a container name.", - "title": "Memory", + "ParNumerator": { + "markdownDescription": "", + "title": "ParNumerator", "type": "number" }, - "MemoryReservation": { - "markdownDescription": "The soft limit (in MiB) of memory to reserve for the container, instead of the default value from the task definition. You must also specify a container name.", - "title": "MemoryReservation", + "QvbrQualityLevel": { + "markdownDescription": "", + "title": "QvbrQualityLevel", "type": "number" }, - "Name": { - "markdownDescription": "The name of the container that receives the override. This parameter is required if any override is specified.", - "title": "Name", + "RateControlMode": { + "markdownDescription": "", + "title": "RateControlMode", "type": "string" }, - "ResourceRequirements": { - "items": { - "$ref": "#/definitions/AWS::Pipes::Pipe.EcsResourceRequirement" - }, - "markdownDescription": "The type and amount of a resource to assign to a container, instead of the default value from the task definition. The only supported resource is a GPU.", - "title": "ResourceRequirements", - "type": "array" + "SceneChangeDetect": { + "markdownDescription": "", + "title": "SceneChangeDetect", + "type": "string" + }, + "TimecodeBurninSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.TimecodeBurninSettings", + "markdownDescription": "", + "title": "TimecodeBurninSettings" } }, "type": "object" }, - "AWS::Pipes::Pipe.EcsEnvironmentFile": { + "AWS::MediaLive::Channel.AvailBlanking": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The file type to use. The only supported value is `s3` .", - "title": "Type", - "type": "string" + "AvailBlankingImage": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", + "markdownDescription": "The blanking image to be used. Keep empty for solid black. Only .bmp and .png images are supported.", + "title": "AvailBlankingImage" }, - "Value": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon S3 object containing the environment variable file.", - "title": "Value", + "State": { + "markdownDescription": "When set to enabled, the video, audio, and captions are blanked when insertion metadata is added.", + "title": "State", "type": "string" } }, - "required": [ - "Type", - "Value" - ], "type": "object" }, - "AWS::Pipes::Pipe.EcsEnvironmentVariable": { + "AWS::MediaLive::Channel.AvailConfiguration": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the key-value pair. For environment variables, this is the name of the environment variable.", - "title": "Name", - "type": "string" + "AvailSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AvailSettings", + "markdownDescription": "The setup of ad avail handling in the output.", + "title": "AvailSettings" }, - "Value": { - "markdownDescription": "The value of the key-value pair. For environment variables, this is the value of the environment variable.", - "title": "Value", + "Scte35SegmentationScope": { + "markdownDescription": "", + "title": "Scte35SegmentationScope", "type": "string" } }, "type": "object" }, - "AWS::Pipes::Pipe.EcsEphemeralStorage": { + "AWS::MediaLive::Channel.AvailSettings": { "additionalProperties": false, "properties": { - "SizeInGiB": { - "markdownDescription": "The total amount, in GiB, of ephemeral storage to set for the task. The minimum supported value is `21` GiB and the maximum supported value is `200` GiB.", - "title": "SizeInGiB", - "type": "number" + "Esam": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Esam", + "markdownDescription": "", + "title": "Esam" + }, + "Scte35SpliceInsert": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Scte35SpliceInsert", + "markdownDescription": "The setup for SCTE-35 splice insert handling.", + "title": "Scte35SpliceInsert" + }, + "Scte35TimeSignalApos": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Scte35TimeSignalApos", + "markdownDescription": "The setup for SCTE-35 time signal APOS handling.", + "title": "Scte35TimeSignalApos" } }, - "required": [ - "SizeInGiB" - ], "type": "object" }, - "AWS::Pipes::Pipe.EcsInferenceAcceleratorOverride": { + "AWS::MediaLive::Channel.BandwidthReductionFilterSettings": { "additionalProperties": false, "properties": { - "DeviceName": { - "markdownDescription": "The Elastic Inference accelerator device name to override for the task. This parameter must match a `deviceName` specified in the task definition.", - "title": "DeviceName", - "type": "string" - }, - "DeviceType": { - "markdownDescription": "The Elastic Inference accelerator type to use.", - "title": "DeviceType", + "PostFilterSharpening": { + "markdownDescription": "", + "title": "PostFilterSharpening", + "type": "string" + }, + "Strength": { + "markdownDescription": "", + "title": "Strength", "type": "string" } }, "type": "object" }, - "AWS::Pipes::Pipe.EcsResourceRequirement": { + "AWS::MediaLive::Channel.BlackoutSlate": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The type of resource to assign to a container. The supported values are `GPU` or `InferenceAccelerator` .", - "title": "Type", + "BlackoutSlateImage": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", + "markdownDescription": "The blackout slate image to be used. Keep empty for solid black. Only .bmp and .png images are supported.", + "title": "BlackoutSlateImage" + }, + "NetworkEndBlackout": { + "markdownDescription": "Setting to enabled causes MediaLive to blackout the video, audio, and captions, and raise the \"Network Blackout Image\" slate when an SCTE104/35 Network End Segmentation Descriptor is encountered. The blackout is lifted when the Network Start Segmentation Descriptor is encountered. The Network End and Network Start descriptors must contain a network ID that matches the value entered in Network ID.", + "title": "NetworkEndBlackout", "type": "string" }, - "Value": { - "markdownDescription": "The value for the specified resource type.\n\nIf the `GPU` type is used, the value is the number of physical `GPUs` the Amazon ECS container agent reserves for the container. The number of GPUs that's reserved for all containers in a task can't exceed the number of available GPUs on the container instance that the task is launched on.\n\nIf the `InferenceAccelerator` type is used, the `value` matches the `deviceName` for an InferenceAccelerator specified in a task definition.", - "title": "Value", + "NetworkEndBlackoutImage": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", + "markdownDescription": "The path to the local file to use as the Network End Blackout image. The image is scaled to fill the entire output raster.", + "title": "NetworkEndBlackoutImage" + }, + "NetworkId": { + "markdownDescription": "Provides a Network ID that matches EIDR ID format (for example, \"10.XXXX/XXXX-XXXX-XXXX-XXXX-XXXX-C\").", + "title": "NetworkId", + "type": "string" + }, + "State": { + "markdownDescription": "When set to enabled, this causes video, audio, and captions to be blanked when indicated by program metadata.", + "title": "State", "type": "string" } }, - "required": [ - "Type", - "Value" - ], "type": "object" }, - "AWS::Pipes::Pipe.EcsTaskOverride": { + "AWS::MediaLive::Channel.BurnInDestinationSettings": { "additionalProperties": false, "properties": { - "ContainerOverrides": { - "items": { - "$ref": "#/definitions/AWS::Pipes::Pipe.EcsContainerOverride" - }, - "markdownDescription": "One or more container overrides that are sent to a task.", - "title": "ContainerOverrides", - "type": "array" + "Alignment": { + "markdownDescription": "If no explicit xPosition or yPosition is provided, setting alignment to centered places the captions at the bottom center of the output. Similarly, setting a left alignment aligns captions to the bottom left of the output. If x and y positions are specified in conjunction with the alignment parameter, the font is justified (either left or centered) relative to those coordinates. Selecting \"smart\" justification left-justifies live subtitles and center-justifies pre-recorded subtitles. All burn-in and DVB-Sub font settings must match.", + "title": "Alignment", + "type": "string" }, - "Cpu": { - "markdownDescription": "The cpu override for the task.", - "title": "Cpu", + "BackgroundColor": { + "markdownDescription": "Specifies the color of the rectangle behind the captions. All burn-in and DVB-Sub font settings must match.", + "title": "BackgroundColor", "type": "string" }, - "EphemeralStorage": { - "$ref": "#/definitions/AWS::Pipes::Pipe.EcsEphemeralStorage", - "markdownDescription": "The ephemeral storage setting override for the task.\n\n> This parameter is only supported for tasks hosted on Fargate that use the following platform versions:\n> \n> - Linux platform version `1.4.0` or later.\n> - Windows platform version `1.0.0` or later.", - "title": "EphemeralStorage" + "BackgroundOpacity": { + "markdownDescription": "Specifies the opacity of the background rectangle. 255 is opaque; 0 is transparent. Keeping this parameter blank is equivalent to setting it to 0 (transparent). All burn-in and DVB-Sub font settings must match.", + "title": "BackgroundOpacity", + "type": "number" }, - "ExecutionRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the task execution IAM role override for the task. For more information, see [Amazon ECS task execution IAM role](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_execution_IAM_role.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "ExecutionRoleArn", + "Font": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", + "markdownDescription": "The external font file that is used for captions burn-in. The file extension must be .ttf or .tte. Although you can select output fonts for many different types of input captions, embedded, STL, and Teletext sources use a strict grid system. Using external fonts with these captions sources could cause an unexpected display of proportional fonts. All burn-in and DVB-Sub font settings must match.", + "title": "Font" + }, + "FontColor": { + "markdownDescription": "Specifies the color of the burned-in captions. This option is not valid for source captions that are STL, 608/embedded, or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", + "title": "FontColor", "type": "string" }, - "InferenceAcceleratorOverrides": { - "items": { - "$ref": "#/definitions/AWS::Pipes::Pipe.EcsInferenceAcceleratorOverride" - }, - "markdownDescription": "The Elastic Inference accelerator override for the task.", - "title": "InferenceAcceleratorOverrides", - "type": "array" + "FontOpacity": { + "markdownDescription": "Specifies the opacity of the burned-in captions. 255 is opaque; 0 is transparent. All burn-in and DVB-Sub font settings must match.", + "title": "FontOpacity", + "type": "number" }, - "Memory": { - "markdownDescription": "The memory override for the task.", - "title": "Memory", + "FontResolution": { + "markdownDescription": "The font resolution in DPI (dots per inch). The default is 96 dpi. All burn-in and DVB-Sub font settings must match.", + "title": "FontResolution", + "type": "number" + }, + "FontSize": { + "markdownDescription": "When set to auto, fontSize scales depending on the size of the output. Providing a positive integer specifies the exact font size in points. All burn-in and DVB-Sub font settings must match.", + "title": "FontSize", "type": "string" }, - "TaskRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that containers in this task can assume. All containers in this task are granted the permissions that are specified in this role. For more information, see [IAM Role for Tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-iam-roles.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "TaskRoleArn", + "OutlineColor": { + "markdownDescription": "Specifies the font outline color. This option is not valid for source captions that are either 608/embedded or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", + "title": "OutlineColor", "type": "string" - } - }, - "type": "object" - }, - "AWS::Pipes::Pipe.Filter": { - "additionalProperties": false, - "properties": { - "Pattern": { - "markdownDescription": "The event pattern.", - "title": "Pattern", + }, + "OutlineSize": { + "markdownDescription": "Specifies font outline size in pixels. This option is not valid for source captions that are either 608/embedded or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", + "title": "OutlineSize", + "type": "number" + }, + "ShadowColor": { + "markdownDescription": "Specifies the color of the shadow cast by the captions. All burn-in and DVB-Sub font settings must match.", + "title": "ShadowColor", + "type": "string" + }, + "ShadowOpacity": { + "markdownDescription": "Specifies the opacity of the shadow. 255 is opaque; 0 is transparent. Keeping this parameter blank is equivalent to setting it to 0 (transparent). All burn-in and DVB-Sub font settings must match.", + "title": "ShadowOpacity", + "type": "number" + }, + "ShadowXOffset": { + "markdownDescription": "Specifies the horizontal offset of the shadow that is relative to the captions in pixels. A value of -2 would result in a shadow offset 2 pixels to the left. All burn-in and DVB-Sub font settings must match.", + "title": "ShadowXOffset", + "type": "number" + }, + "ShadowYOffset": { + "markdownDescription": "Specifies the vertical offset of the shadow that is relative to the captions in pixels. A value of -2 would result in a shadow offset 2 pixels above the text. All burn-in and DVB-Sub font settings must match.", + "title": "ShadowYOffset", + "type": "number" + }, + "TeletextGridControl": { + "markdownDescription": "Controls whether a fixed grid size is used to generate the output subtitles bitmap. This applies only to Teletext inputs and DVB-Sub/Burn-in outputs.", + "title": "TeletextGridControl", "type": "string" + }, + "XPosition": { + "markdownDescription": "Specifies the horizontal position of the captions relative to the left side of the output in pixels. A value of 10 would result in the captions starting 10 pixels from the left of the output. If no explicit xPosition is provided, the horizontal captions position is determined by the alignment parameter. All burn-in and DVB-Sub font settings must match.", + "title": "XPosition", + "type": "number" + }, + "YPosition": { + "markdownDescription": "Specifies the vertical position of the captions relative to the top of the output in pixels. A value of 10 would result in the captions starting 10 pixels from the top of the output. If no explicit yPosition is provided, the captions are positioned towards the bottom of the output. All burn-in and DVB-Sub font settings must match.", + "title": "YPosition", + "type": "number" } }, "type": "object" }, - "AWS::Pipes::Pipe.FilterCriteria": { + "AWS::MediaLive::Channel.CaptionDescription": { "additionalProperties": false, "properties": { - "Filters": { + "Accessibility": { + "markdownDescription": "", + "title": "Accessibility", + "type": "string" + }, + "CaptionDashRoles": { "items": { - "$ref": "#/definitions/AWS::Pipes::Pipe.Filter" + "type": "string" }, - "markdownDescription": "The event patterns.", - "title": "Filters", + "markdownDescription": "", + "title": "CaptionDashRoles", "type": "array" + }, + "CaptionSelectorName": { + "markdownDescription": "Specifies which input captions selector to use as a captions source when generating output captions. This field should match a captionSelector name.", + "title": "CaptionSelectorName", + "type": "string" + }, + "DestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionDestinationSettings", + "markdownDescription": "Additional settings for a captions destination that depend on the destination type.", + "title": "DestinationSettings" + }, + "DvbDashAccessibility": { + "markdownDescription": "", + "title": "DvbDashAccessibility", + "type": "string" + }, + "LanguageCode": { + "markdownDescription": "An ISO 639-2 three-digit code. For more information, see http://www.loc.gov/standards/iso639-2/.", + "title": "LanguageCode", + "type": "string" + }, + "LanguageDescription": { + "markdownDescription": "Human-readable information to indicate the captions that are available for players (for example, English or Spanish).", + "title": "LanguageDescription", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the captions description. The name is used to associate a captions description with an output. Names must be unique within a channel.", + "title": "Name", + "type": "string" } }, "type": "object" }, - "AWS::Pipes::Pipe.FirehoseLogDestination": { + "AWS::MediaLive::Channel.CaptionDestinationSettings": { "additionalProperties": false, "properties": { - "DeliveryStreamArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Firehose delivery stream to which EventBridge delivers the pipe log records.", - "title": "DeliveryStreamArn", - "type": "string" + "AribDestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AribDestinationSettings", + "markdownDescription": "The configuration of one ARIB captions encode in the output.", + "title": "AribDestinationSettings" + }, + "BurnInDestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.BurnInDestinationSettings", + "markdownDescription": "The configuration of one burn-in captions encode in the output.", + "title": "BurnInDestinationSettings" + }, + "DvbSubDestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.DvbSubDestinationSettings", + "markdownDescription": "The configuration of one DVB Sub captions encode in the output.", + "title": "DvbSubDestinationSettings" + }, + "EbuTtDDestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.EbuTtDDestinationSettings", + "markdownDescription": "Settings for EBU-TT captions in the output.", + "title": "EbuTtDDestinationSettings" + }, + "EmbeddedDestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.EmbeddedDestinationSettings", + "markdownDescription": "The configuration of one embedded captions encode in the output.", + "title": "EmbeddedDestinationSettings" + }, + "EmbeddedPlusScte20DestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.EmbeddedPlusScte20DestinationSettings", + "markdownDescription": "The configuration of one embedded plus SCTE-20 captions encode in the output.", + "title": "EmbeddedPlusScte20DestinationSettings" + }, + "RtmpCaptionInfoDestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.RtmpCaptionInfoDestinationSettings", + "markdownDescription": "The configuration of one RTMPCaptionInfo captions encode in the output.", + "title": "RtmpCaptionInfoDestinationSettings" + }, + "Scte20PlusEmbeddedDestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Scte20PlusEmbeddedDestinationSettings", + "markdownDescription": "The configuration of one SCTE20 plus embedded captions encode in the output.", + "title": "Scte20PlusEmbeddedDestinationSettings" + }, + "Scte27DestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Scte27DestinationSettings", + "markdownDescription": "The configuration of one SCTE-27 captions encode in the output.", + "title": "Scte27DestinationSettings" + }, + "SmpteTtDestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.SmpteTtDestinationSettings", + "markdownDescription": "The configuration of one SMPTE-TT captions encode in the output.", + "title": "SmpteTtDestinationSettings" + }, + "TeletextDestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.TeletextDestinationSettings", + "markdownDescription": "The configuration of one Teletext captions encode in the output.", + "title": "TeletextDestinationSettings" + }, + "TtmlDestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.TtmlDestinationSettings", + "markdownDescription": "The configuration of one TTML captions encode in the output.", + "title": "TtmlDestinationSettings" + }, + "WebvttDestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.WebvttDestinationSettings", + "markdownDescription": "The configuration of one WebVTT captions encode in the output.", + "title": "WebvttDestinationSettings" } }, "type": "object" }, - "AWS::Pipes::Pipe.MQBrokerAccessCredentials": { + "AWS::MediaLive::Channel.CaptionLanguageMapping": { "additionalProperties": false, "properties": { - "BasicAuth": { - "markdownDescription": "The ARN of the Secrets Manager secret.", - "title": "BasicAuth", + "CaptionChannel": { + "markdownDescription": "The closed caption channel being described by this CaptionLanguageMapping. Each channel mapping must have a unique channel number (maximum of 4).", + "title": "CaptionChannel", + "type": "number" + }, + "LanguageCode": { + "markdownDescription": "A three-character ISO 639-2 language code (see http://www.loc.gov/standards/iso639-2).", + "title": "LanguageCode", + "type": "string" + }, + "LanguageDescription": { + "markdownDescription": "The textual description of language.", + "title": "LanguageDescription", "type": "string" } }, - "required": [ - "BasicAuth" - ], "type": "object" }, - "AWS::Pipes::Pipe.MSKAccessCredentials": { + "AWS::MediaLive::Channel.CaptionRectangle": { "additionalProperties": false, "properties": { - "ClientCertificateTlsAuth": { - "markdownDescription": "The ARN of the Secrets Manager secret.", - "title": "ClientCertificateTlsAuth", - "type": "string" + "Height": { + "markdownDescription": "See the description in leftOffset.\n\nFor height, specify the entire height of the rectangle as a percentage of the underlying frame height. For example, \\\"80\\\" means the rectangle height is 80% of the underlying frame height. The topOffset and rectangleHeight must add up to 100% or less. This field corresponds to tts:extent - Y in the TTML standard.", + "title": "Height", + "type": "number" }, - "SaslScram512Auth": { - "markdownDescription": "The ARN of the Secrets Manager secret.", - "title": "SaslScram512Auth", - "type": "string" + "LeftOffset": { + "markdownDescription": "Applies only if you plan to convert these source captions to EBU-TT-D or TTML in an output. (Make sure to leave the default if you don't have either of these formats in the output.) You can define a display rectangle for the captions that is smaller than the underlying video frame. You define the rectangle by specifying the position of the left edge, top edge, bottom edge, and right edge of the rectangle, all within the underlying video frame. The units for the measurements are percentages. If you specify a value for one of these fields, you must specify a value for all of them.\n\nFor leftOffset, specify the position of the left edge of the rectangle, as a percentage of the underlying frame width, and relative to the left edge of the frame. For example, \\\"10\\\" means the measurement is 10% of the underlying frame width. The rectangle left edge starts at that position from the left edge of the frame. This field corresponds to tts:origin - X in the TTML standard.", + "title": "LeftOffset", + "type": "number" + }, + "TopOffset": { + "markdownDescription": "See the description in leftOffset.\n\nFor topOffset, specify the position of the top edge of the rectangle, as a percentage of the underlying frame height, and relative to the top edge of the frame. For example, \\\"10\\\" means the measurement is 10% of the underlying frame height. The rectangle top edge starts at that position from the top edge of the frame. This field corresponds to tts:origin - Y in the TTML standard.", + "title": "TopOffset", + "type": "number" + }, + "Width": { + "markdownDescription": "See the description in leftOffset.\n\nFor width, specify the entire width of the rectangle as a percentage of the underlying frame width. For example, \\\"80\\\" means the rectangle width is 80% of the underlying frame width. The leftOffset and rectangleWidth must add up to 100% or less. This field corresponds to tts:extent - X in the TTML standard.", + "title": "Width", + "type": "number" } }, "type": "object" }, - "AWS::Pipes::Pipe.NetworkConfiguration": { + "AWS::MediaLive::Channel.CaptionSelector": { "additionalProperties": false, "properties": { - "AwsvpcConfiguration": { - "$ref": "#/definitions/AWS::Pipes::Pipe.AwsVpcConfiguration", - "markdownDescription": "Use this structure to specify the VPC subnets and security groups for the task, and whether a public IP address is to be used. This structure is relevant only for ECS tasks that use the `awsvpc` network mode.", - "title": "AwsvpcConfiguration" + "LanguageCode": { + "markdownDescription": "When specified, this field indicates the three-letter language code of the captions track to extract from the source.", + "title": "LanguageCode", + "type": "string" + }, + "Name": { + "markdownDescription": "The name identifier for a captions selector. This name is used to associate this captions selector with one or more captions descriptions. Names must be unique within a channel.", + "title": "Name", + "type": "string" + }, + "SelectorSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionSelectorSettings", + "markdownDescription": "Information about the specific audio to extract from the input.", + "title": "SelectorSettings" } }, "type": "object" }, - "AWS::Pipes::Pipe.PipeEnrichmentHttpParameters": { + "AWS::MediaLive::Channel.CaptionSelectorSettings": { "additionalProperties": false, "properties": { - "HeaderParameters": { - "additionalProperties": true, - "markdownDescription": "The headers that need to be sent as part of request invoking the API Gateway REST API or EventBridge ApiDestination.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "HeaderParameters", - "type": "object" + "AncillarySourceSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AncillarySourceSettings", + "markdownDescription": "Information about the ancillary captions to extract from the input.", + "title": "AncillarySourceSettings" }, - "PathParameterValues": { - "items": { - "type": "string" - }, - "markdownDescription": "The path parameter values to be used to populate API Gateway REST API or EventBridge ApiDestination path wildcards (\"*\").", - "title": "PathParameterValues", - "type": "array" + "AribSourceSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AribSourceSettings", + "markdownDescription": "Information about the ARIB captions to extract from the input.", + "title": "AribSourceSettings" }, - "QueryStringParameters": { - "additionalProperties": true, - "markdownDescription": "The query string keys/values that need to be sent as part of request invoking the API Gateway REST API or EventBridge ApiDestination.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "QueryStringParameters", - "type": "object" + "DvbSubSourceSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.DvbSubSourceSettings", + "markdownDescription": "Information about the DVB Sub captions to extract from the input.", + "title": "DvbSubSourceSettings" + }, + "EmbeddedSourceSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.EmbeddedSourceSettings", + "markdownDescription": "Information about the embedded captions to extract from the input.", + "title": "EmbeddedSourceSettings" + }, + "Scte20SourceSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Scte20SourceSettings", + "markdownDescription": "Information about the SCTE-20 captions to extract from the input.", + "title": "Scte20SourceSettings" + }, + "Scte27SourceSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Scte27SourceSettings", + "markdownDescription": "Information about the SCTE-27 captions to extract from the input.", + "title": "Scte27SourceSettings" + }, + "TeletextSourceSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.TeletextSourceSettings", + "markdownDescription": "Information about the Teletext captions to extract from the input.", + "title": "TeletextSourceSettings" } }, "type": "object" }, - "AWS::Pipes::Pipe.PipeEnrichmentParameters": { + "AWS::MediaLive::Channel.CdiInputSpecification": { "additionalProperties": false, "properties": { - "HttpParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeEnrichmentHttpParameters", - "markdownDescription": "Contains the HTTP parameters to use when the target is a API Gateway REST endpoint or EventBridge ApiDestination.\n\nIf you specify an API Gateway REST API or EventBridge ApiDestination as a target, you can use this parameter to specify headers, path parameters, and query string keys/values as part of your target invoking request. If you're using ApiDestinations, the corresponding Connection can also have these values configured. In case of any conflicting keys, values from the Connection take precedence.", - "title": "HttpParameters" - }, - "InputTemplate": { - "markdownDescription": "Valid JSON text passed to the enrichment. In this case, nothing from the event itself is passed to the enrichment. For more information, see [The JavaScript Object Notation (JSON) Data Interchange Format](https://docs.aws.amazon.com/http://www.rfc-editor.org/rfc/rfc7159.txt) .\n\nTo remove an input template, specify an empty string.", - "title": "InputTemplate", + "Resolution": { + "markdownDescription": "Maximum CDI input resolution", + "title": "Resolution", "type": "string" } }, "type": "object" }, - "AWS::Pipes::Pipe.PipeLogConfiguration": { + "AWS::MediaLive::Channel.ChannelEngineVersionRequest": { "additionalProperties": false, "properties": { - "CloudwatchLogsLogDestination": { - "$ref": "#/definitions/AWS::Pipes::Pipe.CloudwatchLogsLogDestination", - "markdownDescription": "The logging configuration settings for the pipe.", - "title": "CloudwatchLogsLogDestination" - }, - "FirehoseLogDestination": { - "$ref": "#/definitions/AWS::Pipes::Pipe.FirehoseLogDestination", - "markdownDescription": "The Amazon Data Firehose logging configuration settings for the pipe.", - "title": "FirehoseLogDestination" - }, - "IncludeExecutionData": { - "items": { - "type": "string" - }, - "markdownDescription": "Whether the execution data (specifically, the `payload` , `awsRequest` , and `awsResponse` fields) is included in the log messages for this pipe.\n\nThis applies to all log destinations for the pipe.\n\nFor more information, see [Including execution data in logs](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes-logs.html#eb-pipes-logs-execution-data) in the *Amazon EventBridge User Guide* .\n\n*Allowed values:* `ALL`", - "title": "IncludeExecutionData", - "type": "array" - }, - "Level": { - "markdownDescription": "The level of logging detail to include. This applies to all log destinations for the pipe.", - "title": "Level", + "Version": { + "markdownDescription": "", + "title": "Version", "type": "string" - }, - "S3LogDestination": { - "$ref": "#/definitions/AWS::Pipes::Pipe.S3LogDestination", - "markdownDescription": "The Amazon S3 logging configuration settings for the pipe.", - "title": "S3LogDestination" } }, "type": "object" }, - "AWS::Pipes::Pipe.PipeSourceActiveMQBrokerParameters": { + "AWS::MediaLive::Channel.CmafIngestCaptionLanguageMapping": { "additionalProperties": false, "properties": { - "BatchSize": { - "markdownDescription": "The maximum number of records to include in each batch.", - "title": "BatchSize", - "type": "number" - }, - "Credentials": { - "$ref": "#/definitions/AWS::Pipes::Pipe.MQBrokerAccessCredentials", - "markdownDescription": "The credentials needed to access the resource.", - "title": "Credentials" - }, - "MaximumBatchingWindowInSeconds": { - "markdownDescription": "The maximum length of a time to wait for events.", - "title": "MaximumBatchingWindowInSeconds", + "CaptionChannel": { + "markdownDescription": "", + "title": "CaptionChannel", "type": "number" }, - "QueueName": { - "markdownDescription": "The name of the destination queue to consume.", - "title": "QueueName", + "LanguageCode": { + "markdownDescription": "", + "title": "LanguageCode", "type": "string" } }, - "required": [ - "Credentials", - "QueueName" - ], "type": "object" }, - "AWS::Pipes::Pipe.PipeSourceDynamoDBStreamParameters": { + "AWS::MediaLive::Channel.CmafIngestGroupSettings": { "additionalProperties": false, "properties": { - "BatchSize": { - "markdownDescription": "The maximum number of records to include in each batch.", - "title": "BatchSize", - "type": "number" + "CaptionLanguageMappings": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Channel.CmafIngestCaptionLanguageMapping" + }, + "markdownDescription": "", + "title": "CaptionLanguageMappings", + "type": "array" }, - "DeadLetterConfig": { - "$ref": "#/definitions/AWS::Pipes::Pipe.DeadLetterConfig", - "markdownDescription": "Define the target queue to send dead-letter queue events to.", - "title": "DeadLetterConfig" + "Destination": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", + "markdownDescription": "", + "title": "Destination" }, - "MaximumBatchingWindowInSeconds": { - "markdownDescription": "The maximum length of a time to wait for events.", - "title": "MaximumBatchingWindowInSeconds", - "type": "number" + "Id3Behavior": { + "markdownDescription": "", + "title": "Id3Behavior", + "type": "string" }, - "MaximumRecordAgeInSeconds": { - "markdownDescription": "Discard records older than the specified age. The default value is -1, which sets the maximum age to infinite. When the value is set to infinite, EventBridge never discards old records.", - "title": "MaximumRecordAgeInSeconds", - "type": "number" + "Id3NameModifier": { + "markdownDescription": "", + "title": "Id3NameModifier", + "type": "string" }, - "MaximumRetryAttempts": { - "markdownDescription": "Discard records after the specified number of retries. The default value is -1, which sets the maximum number of retries to infinite. When MaximumRetryAttempts is infinite, EventBridge retries failed records until the record expires in the event source.", - "title": "MaximumRetryAttempts", - "type": "number" + "KlvBehavior": { + "markdownDescription": "", + "title": "KlvBehavior", + "type": "string" }, - "OnPartialBatchItemFailure": { - "markdownDescription": "Define how to handle item process failures. `AUTOMATIC_BISECT` halves each batch and retry each half until all the records are processed or there is one failed message left in the batch.", - "title": "OnPartialBatchItemFailure", + "KlvNameModifier": { + "markdownDescription": "", + "title": "KlvNameModifier", "type": "string" }, - "ParallelizationFactor": { - "markdownDescription": "The number of batches to process concurrently from each shard. The default value is 1.", - "title": "ParallelizationFactor", - "type": "number" + "NielsenId3Behavior": { + "markdownDescription": "", + "title": "NielsenId3Behavior", + "type": "string" }, - "StartingPosition": { - "markdownDescription": "(Streams only) The position in a stream from which to start reading.\n\n*Valid values* : `TRIM_HORIZON | LATEST`", - "title": "StartingPosition", + "NielsenId3NameModifier": { + "markdownDescription": "", + "title": "NielsenId3NameModifier", "type": "string" - } - }, - "required": [ - "StartingPosition" - ], - "type": "object" - }, - "AWS::Pipes::Pipe.PipeSourceKinesisStreamParameters": { - "additionalProperties": false, - "properties": { - "BatchSize": { - "markdownDescription": "The maximum number of records to include in each batch.", - "title": "BatchSize", - "type": "number" }, - "DeadLetterConfig": { - "$ref": "#/definitions/AWS::Pipes::Pipe.DeadLetterConfig", - "markdownDescription": "Define the target queue to send dead-letter queue events to.", - "title": "DeadLetterConfig" + "Scte35NameModifier": { + "markdownDescription": "", + "title": "Scte35NameModifier", + "type": "string" }, - "MaximumBatchingWindowInSeconds": { - "markdownDescription": "The maximum length of a time to wait for events.", - "title": "MaximumBatchingWindowInSeconds", - "type": "number" + "Scte35Type": { + "markdownDescription": "", + "title": "Scte35Type", + "type": "string" }, - "MaximumRecordAgeInSeconds": { - "markdownDescription": "Discard records older than the specified age. The default value is -1, which sets the maximum age to infinite. When the value is set to infinite, EventBridge never discards old records.", - "title": "MaximumRecordAgeInSeconds", + "SegmentLength": { + "markdownDescription": "", + "title": "SegmentLength", "type": "number" }, - "MaximumRetryAttempts": { - "markdownDescription": "Discard records after the specified number of retries. The default value is -1, which sets the maximum number of retries to infinite. When MaximumRetryAttempts is infinite, EventBridge retries failed records until the record expires in the event source.", - "title": "MaximumRetryAttempts", + "SegmentLengthUnits": { + "markdownDescription": "", + "title": "SegmentLengthUnits", + "type": "string" + }, + "SendDelayMs": { + "markdownDescription": "", + "title": "SendDelayMs", "type": "number" }, - "OnPartialBatchItemFailure": { - "markdownDescription": "Define how to handle item process failures. `AUTOMATIC_BISECT` halves each batch and retry each half until all the records are processed or there is one failed message left in the batch.", - "title": "OnPartialBatchItemFailure", + "TimedMetadataId3Frame": { + "markdownDescription": "", + "title": "TimedMetadataId3Frame", "type": "string" }, - "ParallelizationFactor": { - "markdownDescription": "The number of batches to process concurrently from each shard. The default value is 1.", - "title": "ParallelizationFactor", + "TimedMetadataId3Period": { + "markdownDescription": "", + "title": "TimedMetadataId3Period", "type": "number" }, - "StartingPosition": { - "markdownDescription": "The position in a stream from which to start reading.", - "title": "StartingPosition", + "TimedMetadataPassthrough": { + "markdownDescription": "", + "title": "TimedMetadataPassthrough", "type": "string" - }, - "StartingPositionTimestamp": { - "markdownDescription": "With `StartingPosition` set to `AT_TIMESTAMP` , the time from which to start reading, in Unix time seconds.", - "title": "StartingPositionTimestamp", + } + }, + "type": "object" + }, + "AWS::MediaLive::Channel.CmafIngestOutputSettings": { + "additionalProperties": false, + "properties": { + "NameModifier": { + "markdownDescription": "", + "title": "NameModifier", "type": "string" } }, - "required": [ - "StartingPosition" - ], "type": "object" }, - "AWS::Pipes::Pipe.PipeSourceManagedStreamingKafkaParameters": { + "AWS::MediaLive::Channel.ColorCorrection": { "additionalProperties": false, "properties": { - "BatchSize": { - "markdownDescription": "The maximum number of records to include in each batch.", - "title": "BatchSize", - "type": "number" - }, - "ConsumerGroupID": { - "markdownDescription": "The name of the destination queue to consume.", - "title": "ConsumerGroupID", + "InputColorSpace": { + "markdownDescription": "", + "title": "InputColorSpace", "type": "string" }, - "Credentials": { - "$ref": "#/definitions/AWS::Pipes::Pipe.MSKAccessCredentials", - "markdownDescription": "The credentials needed to access the resource.", - "title": "Credentials" - }, - "MaximumBatchingWindowInSeconds": { - "markdownDescription": "The maximum length of a time to wait for events.", - "title": "MaximumBatchingWindowInSeconds", - "type": "number" - }, - "StartingPosition": { - "markdownDescription": "The position in a stream from which to start reading.", - "title": "StartingPosition", + "OutputColorSpace": { + "markdownDescription": "", + "title": "OutputColorSpace", "type": "string" }, - "TopicName": { - "markdownDescription": "The name of the topic that the pipe will read from.", - "title": "TopicName", + "Uri": { + "markdownDescription": "", + "title": "Uri", "type": "string" } }, - "required": [ - "TopicName" - ], "type": "object" }, - "AWS::Pipes::Pipe.PipeSourceParameters": { + "AWS::MediaLive::Channel.ColorCorrectionSettings": { "additionalProperties": false, "properties": { - "ActiveMQBrokerParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceActiveMQBrokerParameters", - "markdownDescription": "The parameters for using an Active MQ broker as a source.", - "title": "ActiveMQBrokerParameters" - }, - "DynamoDBStreamParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceDynamoDBStreamParameters", - "markdownDescription": "The parameters for using a DynamoDB stream as a source.", - "title": "DynamoDBStreamParameters" - }, - "FilterCriteria": { - "$ref": "#/definitions/AWS::Pipes::Pipe.FilterCriteria", - "markdownDescription": "The collection of event patterns used to filter events.\n\nTo remove a filter, specify a `FilterCriteria` object with an empty array of `Filter` objects.\n\nFor more information, see [Events and Event Patterns](https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-and-event-patterns.html) in the *Amazon EventBridge User Guide* .", - "title": "FilterCriteria" - }, - "KinesisStreamParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceKinesisStreamParameters", - "markdownDescription": "The parameters for using a Kinesis stream as a source.", - "title": "KinesisStreamParameters" - }, - "ManagedStreamingKafkaParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceManagedStreamingKafkaParameters", - "markdownDescription": "The parameters for using an MSK stream as a source.", - "title": "ManagedStreamingKafkaParameters" - }, - "RabbitMQBrokerParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceRabbitMQBrokerParameters", - "markdownDescription": "The parameters for using a Rabbit MQ broker as a source.", - "title": "RabbitMQBrokerParameters" - }, - "SelfManagedKafkaParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceSelfManagedKafkaParameters", - "markdownDescription": "The parameters for using a self-managed Apache Kafka stream as a source.\n\nA *self managed* cluster refers to any Apache Kafka cluster not hosted by AWS . This includes both clusters you manage yourself, as well as those hosted by a third-party provider, such as [Confluent Cloud](https://docs.aws.amazon.com/https://www.confluent.io/) , [CloudKarafka](https://docs.aws.amazon.com/https://www.cloudkarafka.com/) , or [Redpanda](https://docs.aws.amazon.com/https://redpanda.com/) . For more information, see [Apache Kafka streams as a source](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes-kafka.html) in the *Amazon EventBridge User Guide* .", - "title": "SelfManagedKafkaParameters" - }, - "SqsQueueParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceSqsQueueParameters", - "markdownDescription": "The parameters for using a Amazon SQS stream as a source.", - "title": "SqsQueueParameters" + "GlobalColorCorrections": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Channel.ColorCorrection" + }, + "markdownDescription": "", + "title": "GlobalColorCorrections", + "type": "array" } }, "type": "object" }, - "AWS::Pipes::Pipe.PipeSourceRabbitMQBrokerParameters": { + "AWS::MediaLive::Channel.ColorSpacePassthroughSettings": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::MediaLive::Channel.DolbyVision81Settings": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::MediaLive::Channel.DvbNitSettings": { "additionalProperties": false, "properties": { - "BatchSize": { - "markdownDescription": "The maximum number of records to include in each batch.", - "title": "BatchSize", + "NetworkId": { + "markdownDescription": "The numeric value placed in the Network Information Table (NIT).", + "title": "NetworkId", "type": "number" }, - "Credentials": { - "$ref": "#/definitions/AWS::Pipes::Pipe.MQBrokerAccessCredentials", - "markdownDescription": "The credentials needed to access the resource.", - "title": "Credentials" + "NetworkName": { + "markdownDescription": "The network name text placed in the networkNameDescriptor inside the Network Information Table (NIT). The maximum length is 256 characters.", + "title": "NetworkName", + "type": "string" }, - "MaximumBatchingWindowInSeconds": { - "markdownDescription": "The maximum length of a time to wait for events.", - "title": "MaximumBatchingWindowInSeconds", + "RepInterval": { + "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream.", + "title": "RepInterval", + "type": "number" + } + }, + "type": "object" + }, + "AWS::MediaLive::Channel.DvbSdtSettings": { + "additionalProperties": false, + "properties": { + "OutputSdt": { + "markdownDescription": "Selects a method of inserting SDT information into an output stream. The sdtFollow setting copies SDT information from input stream to output stream. The sdtFollowIfPresent setting copies SDT information from input stream to output stream if SDT information is present in the input. Otherwise, it falls back on the user-defined values. The sdtManual setting means that the user will enter the SDT information. The sdtNone setting means that the output stream will not contain SDT information.", + "title": "OutputSdt", + "type": "string" + }, + "RepInterval": { + "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream.", + "title": "RepInterval", "type": "number" }, - "QueueName": { - "markdownDescription": "The name of the destination queue to consume.", - "title": "QueueName", + "ServiceName": { + "markdownDescription": "The service name placed in the serviceDescriptor in the Service Description Table (SDT). The maximum length is 256 characters.", + "title": "ServiceName", "type": "string" }, - "VirtualHost": { - "markdownDescription": "The name of the virtual host associated with the source broker.", - "title": "VirtualHost", + "ServiceProviderName": { + "markdownDescription": "The service provider name placed in the serviceDescriptor in the Service Description Table (SDT). The maximum length is 256 characters.", + "title": "ServiceProviderName", "type": "string" } }, - "required": [ - "Credentials", - "QueueName" - ], "type": "object" }, - "AWS::Pipes::Pipe.PipeSourceSelfManagedKafkaParameters": { + "AWS::MediaLive::Channel.DvbSubDestinationSettings": { "additionalProperties": false, "properties": { - "AdditionalBootstrapServers": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of server URLs.", - "title": "AdditionalBootstrapServers", - "type": "array" + "Alignment": { + "markdownDescription": "If no explicit xPosition or yPosition is provided, setting the alignment to centered places the captions at the bottom center of the output. Similarly, setting a left alignment aligns captions to the bottom left of the output. If x and y positions are specified in conjunction with the alignment parameter, the font is justified (either left or centered) relative to those coordinates. Selecting \"smart\" justification left-justifies live subtitles and center-justifies pre-recorded subtitles. This option is not valid for source captions that are STL or 608/embedded. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", + "title": "Alignment", + "type": "string" }, - "BatchSize": { - "markdownDescription": "The maximum number of records to include in each batch.", - "title": "BatchSize", + "BackgroundColor": { + "markdownDescription": "Specifies the color of the rectangle behind the captions. All burn-in and DVB-Sub font settings must match.", + "title": "BackgroundColor", + "type": "string" + }, + "BackgroundOpacity": { + "markdownDescription": "Specifies the opacity of the background rectangle. 255 is opaque; 0 is transparent. Keeping this parameter blank is equivalent to setting it to 0 (transparent). All burn-in and DVB-Sub font settings must match.", + "title": "BackgroundOpacity", "type": "number" }, - "ConsumerGroupID": { - "markdownDescription": "The name of the destination queue to consume.", - "title": "ConsumerGroupID", + "Font": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", + "markdownDescription": "The external font file that is used for captions burn-in. The file extension must be .ttf or .tte. Although you can select output fonts for many different types of input captions, embedded, STL, and Teletext sources use a strict grid system. Using external fonts with these captions sources could cause an unexpected display of proportional fonts. All burn-in and DVB-Sub font settings must match.", + "title": "Font" + }, + "FontColor": { + "markdownDescription": "Specifies the color of the burned-in captions. This option is not valid for source captions that are STL, 608/embedded, or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", + "title": "FontColor", "type": "string" }, - "Credentials": { - "$ref": "#/definitions/AWS::Pipes::Pipe.SelfManagedKafkaAccessConfigurationCredentials", - "markdownDescription": "The credentials needed to access the resource.", - "title": "Credentials" + "FontOpacity": { + "markdownDescription": "Specifies the opacity of the burned-in captions. 255 is opaque; 0 is transparent. All burn-in and DVB-Sub font settings must match.", + "title": "FontOpacity", + "type": "number" }, - "MaximumBatchingWindowInSeconds": { - "markdownDescription": "The maximum length of a time to wait for events.", - "title": "MaximumBatchingWindowInSeconds", + "FontResolution": { + "markdownDescription": "The font resolution in DPI (dots per inch). The default is 96 dpi. All burn-in and DVB-Sub font settings must match.", + "title": "FontResolution", "type": "number" }, - "ServerRootCaCertificate": { - "markdownDescription": "The ARN of the Secrets Manager secret used for certification.", - "title": "ServerRootCaCertificate", + "FontSize": { + "markdownDescription": "When set to auto, fontSize scales depending on the size of the output. Providing a positive integer specifies the exact font size in points. All burn-in and DVB-Sub font settings must match.", + "title": "FontSize", "type": "string" }, - "StartingPosition": { - "markdownDescription": "The position in a stream from which to start reading.", - "title": "StartingPosition", + "OutlineColor": { + "markdownDescription": "Specifies the font outline color. This option is not valid for source captions that are either 608/embedded or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", + "title": "OutlineColor", "type": "string" }, - "TopicName": { - "markdownDescription": "The name of the topic that the pipe will read from.", - "title": "TopicName", + "OutlineSize": { + "markdownDescription": "Specifies the font outline size in pixels. This option is not valid for source captions that are either 608/embedded or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", + "title": "OutlineSize", + "type": "number" + }, + "ShadowColor": { + "markdownDescription": "Specifies the color of the shadow that is cast by the captions. All burn-in and DVB-Sub font settings must match.", + "title": "ShadowColor", "type": "string" }, - "Vpc": { - "$ref": "#/definitions/AWS::Pipes::Pipe.SelfManagedKafkaAccessConfigurationVpc", - "markdownDescription": "This structure specifies the VPC subnets and security groups for the stream, and whether a public IP address is to be used.", - "title": "Vpc" + "ShadowOpacity": { + "markdownDescription": "Specifies the opacity of the shadow. 255 is opaque; 0 is transparent. Keeping this parameter blank is equivalent to setting it to 0 (transparent). All burn-in and DVB-Sub font settings must match.", + "title": "ShadowOpacity", + "type": "number" + }, + "ShadowXOffset": { + "markdownDescription": "Specifies the horizontal offset of the shadow relative to the captions in pixels. A value of -2 would result in a shadow offset 2 pixels to the left. All burn-in and DVB-Sub font settings must match.", + "title": "ShadowXOffset", + "type": "number" + }, + "ShadowYOffset": { + "markdownDescription": "Specifies the vertical offset of the shadow relative to the captions in pixels. A value of -2 would result in a shadow offset 2 pixels above the text. All burn-in and DVB-Sub font settings must match.", + "title": "ShadowYOffset", + "type": "number" + }, + "TeletextGridControl": { + "markdownDescription": "Controls whether a fixed grid size is used to generate the output subtitles bitmap. This applies to only Teletext inputs and DVB-Sub/Burn-in outputs.", + "title": "TeletextGridControl", + "type": "string" + }, + "XPosition": { + "markdownDescription": "Specifies the horizontal position of the captions relative to the left side of the output in pixels. A value of 10 would result in the captions starting 10 pixels from the left of the output. If no explicit xPosition is provided, the horizontal captions position is determined by the alignment parameter. This option is not valid for source captions that are STL, 608/embedded, or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", + "title": "XPosition", + "type": "number" + }, + "YPosition": { + "markdownDescription": "Specifies the vertical position of the captions relative to the top of the output in pixels. A value of 10 would result in the captions starting 10 pixels from the top of the output. If no explicit yPosition is provided, the captions are positioned towards the bottom of the output. This option is not valid for source captions that are STL, 608/embedded, or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", + "title": "YPosition", + "type": "number" } }, - "required": [ - "TopicName" - ], "type": "object" }, - "AWS::Pipes::Pipe.PipeSourceSqsQueueParameters": { + "AWS::MediaLive::Channel.DvbSubSourceSettings": { "additionalProperties": false, "properties": { - "BatchSize": { - "markdownDescription": "The maximum number of records to include in each batch.", - "title": "BatchSize", - "type": "number" + "OcrLanguage": { + "markdownDescription": "If you will configure a WebVTT caption description that references this caption selector, use this field to\nprovide the language to consider when translating the image-based source to text.", + "title": "OcrLanguage", + "type": "string" }, - "MaximumBatchingWindowInSeconds": { - "markdownDescription": "The maximum length of a time to wait for events.", - "title": "MaximumBatchingWindowInSeconds", + "Pid": { + "markdownDescription": "When using DVB-Sub with burn-in or SMPTE-TT, use this PID for the source content. It is unused for DVB-Sub passthrough. All DVB-Sub content is passed through, regardless of selectors.", + "title": "Pid", "type": "number" } }, "type": "object" }, - "AWS::Pipes::Pipe.PipeTargetBatchJobParameters": { + "AWS::MediaLive::Channel.DvbTdtSettings": { "additionalProperties": false, "properties": { - "ArrayProperties": { - "$ref": "#/definitions/AWS::Pipes::Pipe.BatchArrayProperties", - "markdownDescription": "The array properties for the submitted job, such as the size of the array. The array size can be between 2 and 10,000. If you specify array properties for a job, it becomes an array job. This parameter is used only if the target is an AWS Batch job.", - "title": "ArrayProperties" - }, - "ContainerOverrides": { - "$ref": "#/definitions/AWS::Pipes::Pipe.BatchContainerOverrides", - "markdownDescription": "The overrides that are sent to a container.", - "title": "ContainerOverrides" - }, - "DependsOn": { - "items": { - "$ref": "#/definitions/AWS::Pipes::Pipe.BatchJobDependency" - }, - "markdownDescription": "A list of dependencies for the job. A job can depend upon a maximum of 20 jobs. You can specify a `SEQUENTIAL` type dependency without specifying a job ID for array jobs so that each child array job completes sequentially, starting at index 0. You can also specify an `N_TO_N` type dependency with a job ID for array jobs. In that case, each index child of this job must wait for the corresponding index child of each dependency to complete before it can begin.", - "title": "DependsOn", - "type": "array" - }, - "JobDefinition": { - "markdownDescription": "The job definition used by this job. This value can be one of `name` , `name:revision` , or the Amazon Resource Name (ARN) for the job definition. If name is specified without a revision then the latest active revision is used.", - "title": "JobDefinition", - "type": "string" - }, - "JobName": { - "markdownDescription": "The name of the job. It can be up to 128 letters long. The first character must be alphanumeric, can contain uppercase and lowercase letters, numbers, hyphens (-), and underscores (_).", - "title": "JobName", - "type": "string" - }, - "Parameters": { - "additionalProperties": true, - "markdownDescription": "Additional parameters passed to the job that replace parameter substitution placeholders that are set in the job definition. Parameters are specified as a key and value pair mapping. Parameters included here override any corresponding parameter defaults from the job definition.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Parameters", - "type": "object" - }, - "RetryStrategy": { - "$ref": "#/definitions/AWS::Pipes::Pipe.BatchRetryStrategy", - "markdownDescription": "The retry strategy to use for failed jobs. When a retry strategy is specified here, it overrides the retry strategy defined in the job definition.", - "title": "RetryStrategy" + "RepInterval": { + "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream.", + "title": "RepInterval", + "type": "number" } }, - "required": [ - "JobDefinition", - "JobName" - ], "type": "object" }, - "AWS::Pipes::Pipe.PipeTargetCloudWatchLogsParameters": { + "AWS::MediaLive::Channel.Eac3AtmosSettings": { "additionalProperties": false, "properties": { - "LogStreamName": { - "markdownDescription": "The name of the log stream.", - "title": "LogStreamName", + "Bitrate": { + "markdownDescription": "", + "title": "Bitrate", + "type": "number" + }, + "CodingMode": { + "markdownDescription": "", + "title": "CodingMode", "type": "string" }, - "Timestamp": { - "markdownDescription": "A [dynamic path parameter](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes-event-target.html) to a field in the payload containing the time the event occurred, expressed as the number of milliseconds after Jan 1, 1970 00:00:00 UTC.\n\nThe value cannot be a static timestamp as the provided timestamp would be applied to all events delivered by the Pipe, regardless of when they are actually delivered.\n\nIf no dynamic path parameter is provided, the default value is the time the invocation is processed by the Pipe.", - "title": "Timestamp", + "Dialnorm": { + "markdownDescription": "", + "title": "Dialnorm", + "type": "number" + }, + "DrcLine": { + "markdownDescription": "", + "title": "DrcLine", + "type": "string" + }, + "DrcRf": { + "markdownDescription": "", + "title": "DrcRf", "type": "string" + }, + "HeightTrim": { + "markdownDescription": "", + "title": "HeightTrim", + "type": "number" + }, + "SurroundTrim": { + "markdownDescription": "", + "title": "SurroundTrim", + "type": "number" } }, "type": "object" }, - "AWS::Pipes::Pipe.PipeTargetEcsTaskParameters": { + "AWS::MediaLive::Channel.Eac3Settings": { "additionalProperties": false, "properties": { - "CapacityProviderStrategy": { - "items": { - "$ref": "#/definitions/AWS::Pipes::Pipe.CapacityProviderStrategyItem" - }, - "markdownDescription": "The capacity provider strategy to use for the task.\n\nIf a `capacityProviderStrategy` is specified, the `launchType` parameter must be omitted. If no `capacityProviderStrategy` or launchType is specified, the `defaultCapacityProviderStrategy` for the cluster is used.", - "title": "CapacityProviderStrategy", - "type": "array" + "AttenuationControl": { + "markdownDescription": "When set to attenuate3Db, applies a 3 dB attenuation to the surround channels. Used only for the 3/2 coding mode.", + "title": "AttenuationControl", + "type": "string" }, - "EnableECSManagedTags": { - "markdownDescription": "Specifies whether to enable Amazon ECS managed tags for the task. For more information, see [Tagging Your Amazon ECS Resources](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-using-tags.html) in the Amazon Elastic Container Service Developer Guide.", - "title": "EnableECSManagedTags", - "type": "boolean" + "Bitrate": { + "markdownDescription": "The average bitrate in bits/second. Valid bitrates depend on the coding mode.", + "title": "Bitrate", + "type": "number" }, - "EnableExecuteCommand": { - "markdownDescription": "Whether or not to enable the execute command functionality for the containers in this task. If true, this enables execute command functionality on all containers in the task.", - "title": "EnableExecuteCommand", - "type": "boolean" + "BitstreamMode": { + "markdownDescription": "Specifies the bitstream mode (bsmod) for the emitted E-AC-3 stream. For more information, see ATSC A/52-2012 (Annex E).", + "title": "BitstreamMode", + "type": "string" }, - "Group": { - "markdownDescription": "Specifies an Amazon ECS task group for the task. The maximum length is 255 characters.", - "title": "Group", + "CodingMode": { + "markdownDescription": "The Dolby Digital Plus coding mode. This mode determines the number of channels.", + "title": "CodingMode", "type": "string" }, - "LaunchType": { - "markdownDescription": "Specifies the launch type on which your task is running. The launch type that you specify here must match one of the launch type (compatibilities) of the target task. The `FARGATE` value is supported only in the Regions where AWS Fargate with Amazon ECS is supported. For more information, see [AWS Fargate on Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/AWS-Fargate.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "LaunchType", + "DcFilter": { + "markdownDescription": "When set to enabled, activates a DC highpass filter for all input channels.", + "title": "DcFilter", "type": "string" }, - "NetworkConfiguration": { - "$ref": "#/definitions/AWS::Pipes::Pipe.NetworkConfiguration", - "markdownDescription": "Use this structure if the Amazon ECS task uses the `awsvpc` network mode. This structure specifies the VPC subnets and security groups associated with the task, and whether a public IP address is to be used. This structure is required if `LaunchType` is `FARGATE` because the `awsvpc` mode is required for Fargate tasks.\n\nIf you specify `NetworkConfiguration` when the target ECS task does not use the `awsvpc` network mode, the task fails.", - "title": "NetworkConfiguration" + "Dialnorm": { + "markdownDescription": "Sets the dialnorm for the output. If blank and the input audio is Dolby Digital Plus, dialnorm will be passed through.", + "title": "Dialnorm", + "type": "number" }, - "Overrides": { - "$ref": "#/definitions/AWS::Pipes::Pipe.EcsTaskOverride", - "markdownDescription": "The overrides that are associated with a task.", - "title": "Overrides" + "DrcLine": { + "markdownDescription": "Sets the Dolby dynamic range compression profile.", + "title": "DrcLine", + "type": "string" }, - "PlacementConstraints": { - "items": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PlacementConstraint" - }, - "markdownDescription": "An array of placement constraint objects to use for the task. You can specify up to 10 constraints per task (including constraints in the task definition and those specified at runtime).", - "title": "PlacementConstraints", - "type": "array" + "DrcRf": { + "markdownDescription": "Sets the profile for heavy Dolby dynamic range compression, ensuring that the instantaneous signal peaks do not exceed specified levels.", + "title": "DrcRf", + "type": "string" }, - "PlacementStrategy": { - "items": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PlacementStrategy" - }, - "markdownDescription": "The placement strategy objects to use for the task. You can specify a maximum of five strategy rules per task.", - "title": "PlacementStrategy", - "type": "array" + "LfeControl": { + "markdownDescription": "When encoding 3/2 audio, setting to lfe enables the LFE channel.", + "title": "LfeControl", + "type": "string" }, - "PlatformVersion": { - "markdownDescription": "Specifies the platform version for the task. Specify only the numeric portion of the platform version, such as `1.1.0` .\n\nThis structure is used only if `LaunchType` is `FARGATE` . For more information about valid platform versions, see [AWS Fargate Platform Versions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "PlatformVersion", + "LfeFilter": { + "markdownDescription": "When set to enabled, applies a 120Hz lowpass filter to the LFE channel prior to encoding. Valid only with a codingMode32 coding mode.", + "title": "LfeFilter", "type": "string" }, - "PropagateTags": { - "markdownDescription": "Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags are not propagated. Tags can only be propagated to the task during task creation. To add tags to a task after task creation, use the `TagResource` API action.", - "title": "PropagateTags", + "LoRoCenterMixLevel": { + "markdownDescription": "The Left only/Right only center mix level. Used only for the 3/2 coding mode.", + "title": "LoRoCenterMixLevel", + "type": "number" + }, + "LoRoSurroundMixLevel": { + "markdownDescription": "The Left only/Right only surround mix level. Used only for a 3/2 coding mode.", + "title": "LoRoSurroundMixLevel", + "type": "number" + }, + "LtRtCenterMixLevel": { + "markdownDescription": "The Left total/Right total center mix level. Used only for a 3/2 coding mode.", + "title": "LtRtCenterMixLevel", + "type": "number" + }, + "LtRtSurroundMixLevel": { + "markdownDescription": "The Left total/Right total surround mix level. Used only for the 3/2 coding mode.", + "title": "LtRtSurroundMixLevel", + "type": "number" + }, + "MetadataControl": { + "markdownDescription": "When set to followInput, encoder metadata is sourced from the DD, DD+, or DolbyE decoder that supplies this audio data. If the audio is not supplied from one of these streams, then the static metadata settings are used.", + "title": "MetadataControl", "type": "string" }, - "ReferenceId": { - "markdownDescription": "The reference ID to use for the task.", - "title": "ReferenceId", + "PassthroughControl": { + "markdownDescription": "When set to whenPossible, input DD+ audio will be passed through if it is present on the input. This detection is dynamic over the life of the transcode. Inputs that alternate between DD+ and non-DD+ content will have a consistent DD+ output as the system alternates between passthrough and encoding.", + "title": "PassthroughControl", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The metadata that you apply to the task to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define. To learn more, see [RunTask](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RunTask.html#ECS-RunTask-request-tags) in the Amazon ECS API Reference.", - "title": "Tags", - "type": "array" + "PhaseControl": { + "markdownDescription": "When set to shift90Degrees, applies a 90-degree phase shift to the surround channels. Used only for a 3/2 coding mode.", + "title": "PhaseControl", + "type": "string" }, - "TaskCount": { - "markdownDescription": "The number of tasks to create based on `TaskDefinition` . The default is 1.", - "title": "TaskCount", - "type": "number" + "StereoDownmix": { + "markdownDescription": "A stereo downmix preference. Used only for the 3/2 coding mode.", + "title": "StereoDownmix", + "type": "string" }, - "TaskDefinitionArn": { - "markdownDescription": "The ARN of the task definition to use if the event target is an Amazon ECS task.", - "title": "TaskDefinitionArn", + "SurroundExMode": { + "markdownDescription": "When encoding 3/2 audio, sets whether an extra center back surround channel is matrix encoded into the left and right surround channels.", + "title": "SurroundExMode", + "type": "string" + }, + "SurroundMode": { + "markdownDescription": "When encoding 2/0 audio, sets whether Dolby Surround is matrix-encoded into the two channels.", + "title": "SurroundMode", "type": "string" } }, - "required": [ - "TaskDefinitionArn" - ], "type": "object" }, - "AWS::Pipes::Pipe.PipeTargetEventBridgeEventBusParameters": { + "AWS::MediaLive::Channel.EbuTtDDestinationSettings": { "additionalProperties": false, "properties": { - "DetailType": { - "markdownDescription": "A free-form string, with a maximum of 128 characters, used to decide what fields to expect in the event detail.", - "title": "DetailType", + "CopyrightHolder": { + "markdownDescription": "Applies only if you plan to convert these source captions to EBU-TT-D or TTML in an output. Complete this field if you want to include the name of the copyright holder in the copyright metadata tag in the TTML", + "title": "CopyrightHolder", "type": "string" }, - "EndpointId": { - "markdownDescription": "The URL subdomain of the endpoint. For example, if the URL for Endpoint is https://abcde.veo.endpoints.event.amazonaws.com, then the EndpointId is `abcde.veo` .", - "title": "EndpointId", - "type": "string" + "DefaultFontSize": { + "markdownDescription": "", + "title": "DefaultFontSize", + "type": "number" }, - "Resources": { - "items": { - "type": "string" - }, - "markdownDescription": "AWS resources, identified by Amazon Resource Name (ARN), which the event primarily concerns. Any number, including zero, may be present.", - "title": "Resources", - "type": "array" + "DefaultLineHeight": { + "markdownDescription": "", + "title": "DefaultLineHeight", + "type": "number" }, - "Source": { - "markdownDescription": "The source of the event.", - "title": "Source", + "FillLineGap": { + "markdownDescription": "Specifies how to handle the gap between the lines (in multi-line captions). - enabled: Fill with the captions background color (as specified in the input captions).\n- disabled: Leave the gap unfilled.", + "title": "FillLineGap", "type": "string" }, - "Time": { - "markdownDescription": "The time stamp of the event, per [RFC3339](https://docs.aws.amazon.com/https://www.rfc-editor.org/rfc/rfc3339.txt) . If no time stamp is provided, the time stamp of the [PutEvents](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_PutEvents.html) call is used.", - "title": "Time", + "FontFamily": { + "markdownDescription": "Specifies the font family to include in the font data attached to the EBU-TT captions. Valid only if styleControl is set to include. If you leave this field empty, the font family is set to \"monospaced\". (If styleControl is set to exclude, the font family is always set to \"monospaced\".) You specify only the font family. All other style information (color, bold, position and so on) is copied from the input captions. The size is always set to 100% to allow the downstream player to choose the size. - Enter a list of font families, as a comma-separated list of font names, in order of preference. The name can be a font family (such as \u201cArial\u201d), or a generic font family (such as \u201cserif\u201d), or \u201cdefault\u201d (to let the downstream player choose the font).\n- Leave blank to set the family to \u201cmonospace\u201d.", + "title": "FontFamily", + "type": "string" + }, + "StyleControl": { + "markdownDescription": "Specifies the style information (font color, font position, and so on) to include in the font data that is attached to the EBU-TT captions. - include: Take the style information (font color, font position, and so on) from the source captions and include that information in the font data attached to the EBU-TT captions. This option is valid only if the source captions are Embedded or Teletext.\n- exclude: In the font data attached to the EBU-TT captions, set the font family to \"monospaced\". Do not include any other style information.", + "title": "StyleControl", "type": "string" } }, "type": "object" }, - "AWS::Pipes::Pipe.PipeTargetHttpParameters": { + "AWS::MediaLive::Channel.EmbeddedDestinationSettings": { "additionalProperties": false, - "properties": { - "HeaderParameters": { - "additionalProperties": true, - "markdownDescription": "The headers that need to be sent as part of request invoking the API Gateway REST API or EventBridge ApiDestination.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "HeaderParameters", - "type": "object" - }, - "PathParameterValues": { - "items": { - "type": "string" - }, - "markdownDescription": "The path parameter values to be used to populate API Gateway REST API or EventBridge ApiDestination path wildcards (\"*\").", - "title": "PathParameterValues", - "type": "array" - }, - "QueryStringParameters": { - "additionalProperties": true, - "markdownDescription": "The query string keys/values that need to be sent as part of request invoking the API Gateway REST API or EventBridge ApiDestination.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "QueryStringParameters", - "type": "object" - } - }, + "properties": {}, "type": "object" }, - "AWS::Pipes::Pipe.PipeTargetKinesisStreamParameters": { + "AWS::MediaLive::Channel.EmbeddedPlusScte20DestinationSettings": { "additionalProperties": false, - "properties": { - "PartitionKey": { - "markdownDescription": "Determines which shard in the stream the data record is assigned to. Partition keys are Unicode strings with a maximum length limit of 256 characters for each key. Amazon Kinesis Data Streams uses the partition key as input to a hash function that maps the partition key and associated data to a specific shard. Specifically, an MD5 hash function is used to map partition keys to 128-bit integer values and to map associated data records to shards. As a result of this hashing mechanism, all data records with the same partition key map to the same shard within the stream.", - "title": "PartitionKey", - "type": "string" - } - }, - "required": [ - "PartitionKey" - ], + "properties": {}, "type": "object" }, - "AWS::Pipes::Pipe.PipeTargetLambdaFunctionParameters": { + "AWS::MediaLive::Channel.EmbeddedSourceSettings": { "additionalProperties": false, "properties": { - "InvocationType": { - "markdownDescription": "Specify whether to invoke the function synchronously or asynchronously.\n\n- `REQUEST_RESPONSE` (default) - Invoke synchronously. This corresponds to the `RequestResponse` option in the `InvocationType` parameter for the Lambda [Invoke](https://docs.aws.amazon.com/lambda/latest/dg/API_Invoke.html#API_Invoke_RequestSyntax) API.\n- `FIRE_AND_FORGET` - Invoke asynchronously. This corresponds to the `Event` option in the `InvocationType` parameter for the Lambda [Invoke](https://docs.aws.amazon.com/lambda/latest/dg/API_Invoke.html#API_Invoke_RequestSyntax) API.\n\nFor more information, see [Invocation types](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes.html#pipes-invocation) in the *Amazon EventBridge User Guide* .", - "title": "InvocationType", + "Convert608To708": { + "markdownDescription": "If this is upconvert, 608 data is both passed through the \"608 compatibility bytes\" fields of the 708 wrapper as well as translated into 708. If 708 data is present in the source content, it is discarded.", + "title": "Convert608To708", + "type": "string" + }, + "Scte20Detection": { + "markdownDescription": "Set to \"auto\" to handle streams with intermittent or non-aligned SCTE-20 and embedded captions.", + "title": "Scte20Detection", "type": "string" + }, + "Source608ChannelNumber": { + "markdownDescription": "Specifies the 608/708 channel number within the video track from which to extract captions. This is unused for passthrough.", + "title": "Source608ChannelNumber", + "type": "number" + }, + "Source608TrackNumber": { + "markdownDescription": "This field is unused and deprecated.", + "title": "Source608TrackNumber", + "type": "number" } }, "type": "object" }, - "AWS::Pipes::Pipe.PipeTargetParameters": { + "AWS::MediaLive::Channel.EncoderSettings": { "additionalProperties": false, "properties": { - "BatchJobParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetBatchJobParameters", - "markdownDescription": "The parameters for using an AWS Batch job as a target.", - "title": "BatchJobParameters" + "AudioDescriptions": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioDescription" + }, + "markdownDescription": "The encoding information for output audio.", + "title": "AudioDescriptions", + "type": "array" }, - "CloudWatchLogsParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetCloudWatchLogsParameters", - "markdownDescription": "The parameters for using an CloudWatch Logs log stream as a target.", - "title": "CloudWatchLogsParameters" + "AvailBlanking": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AvailBlanking", + "markdownDescription": "The settings for ad avail blanking.", + "title": "AvailBlanking" }, - "EcsTaskParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetEcsTaskParameters", - "markdownDescription": "The parameters for using an Amazon ECS task as a target.", - "title": "EcsTaskParameters" + "AvailConfiguration": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AvailConfiguration", + "markdownDescription": "The configuration settings for the ad avail handling.", + "title": "AvailConfiguration" }, - "EventBridgeEventBusParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetEventBridgeEventBusParameters", - "markdownDescription": "The parameters for using an EventBridge event bus as a target.", - "title": "EventBridgeEventBusParameters" + "BlackoutSlate": { + "$ref": "#/definitions/AWS::MediaLive::Channel.BlackoutSlate", + "markdownDescription": "The settings for the blackout slate.", + "title": "BlackoutSlate" }, - "HttpParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetHttpParameters", - "markdownDescription": "These are custom parameter to be used when the target is an API Gateway REST APIs or EventBridge ApiDestinations.", - "title": "HttpParameters" + "CaptionDescriptions": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionDescription" + }, + "markdownDescription": "The encoding information for output captions.", + "title": "CaptionDescriptions", + "type": "array" }, - "InputTemplate": { - "markdownDescription": "Valid JSON text passed to the target. In this case, nothing from the event itself is passed to the target. For more information, see [The JavaScript Object Notation (JSON) Data Interchange Format](https://docs.aws.amazon.com/http://www.rfc-editor.org/rfc/rfc7159.txt) .\n\nTo remove an input template, specify an empty string.", - "title": "InputTemplate", - "type": "string" + "ColorCorrectionSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.ColorCorrectionSettings", + "markdownDescription": "", + "title": "ColorCorrectionSettings" }, - "KinesisStreamParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetKinesisStreamParameters", - "markdownDescription": "The parameters for using a Kinesis stream as a target.", - "title": "KinesisStreamParameters" + "FeatureActivations": { + "$ref": "#/definitions/AWS::MediaLive::Channel.FeatureActivations", + "markdownDescription": "Settings to enable specific features.", + "title": "FeatureActivations" }, - "LambdaFunctionParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetLambdaFunctionParameters", - "markdownDescription": "The parameters for using a Lambda function as a target.", - "title": "LambdaFunctionParameters" + "GlobalConfiguration": { + "$ref": "#/definitions/AWS::MediaLive::Channel.GlobalConfiguration", + "markdownDescription": "The configuration settings that apply to the entire channel.", + "title": "GlobalConfiguration" }, - "RedshiftDataParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetRedshiftDataParameters", - "markdownDescription": "These are custom parameters to be used when the target is a Amazon Redshift cluster to invoke the Amazon Redshift Data API BatchExecuteStatement.", - "title": "RedshiftDataParameters" + "MotionGraphicsConfiguration": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MotionGraphicsConfiguration", + "markdownDescription": "Settings to enable and configure the motion graphics overlay feature in the channel.", + "title": "MotionGraphicsConfiguration" }, - "SageMakerPipelineParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetSageMakerPipelineParameters", - "markdownDescription": "The parameters for using a SageMaker AI pipeline as a target.", - "title": "SageMakerPipelineParameters" + "NielsenConfiguration": { + "$ref": "#/definitions/AWS::MediaLive::Channel.NielsenConfiguration", + "markdownDescription": "The settings to configure Nielsen watermarks.", + "title": "NielsenConfiguration" }, - "SqsQueueParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetSqsQueueParameters", - "markdownDescription": "The parameters for using a Amazon SQS stream as a target.", - "title": "SqsQueueParameters" + "OutputGroups": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputGroup" + }, + "markdownDescription": "The settings for the output groups in the channel.", + "title": "OutputGroups", + "type": "array" }, - "StepFunctionStateMachineParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetStateMachineParameters", - "markdownDescription": "The parameters for using a Step Functions state machine as a target.", - "title": "StepFunctionStateMachineParameters" + "ThumbnailConfiguration": { + "$ref": "#/definitions/AWS::MediaLive::Channel.ThumbnailConfiguration", + "markdownDescription": "", + "title": "ThumbnailConfiguration" + }, + "TimecodeConfig": { + "$ref": "#/definitions/AWS::MediaLive::Channel.TimecodeConfig", + "markdownDescription": "Contains settings used to acquire and adjust timecode information from the inputs.", + "title": "TimecodeConfig" + }, + "VideoDescriptions": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Channel.VideoDescription" + }, + "markdownDescription": "The encoding information for output videos.", + "title": "VideoDescriptions", + "type": "array" } }, "type": "object" }, - "AWS::Pipes::Pipe.PipeTargetRedshiftDataParameters": { + "AWS::MediaLive::Channel.EpochLockingSettings": { "additionalProperties": false, "properties": { - "Database": { - "markdownDescription": "The name of the database. Required when authenticating using temporary credentials.", - "title": "Database", + "CustomEpoch": { + "markdownDescription": "", + "title": "CustomEpoch", "type": "string" }, - "DbUser": { - "markdownDescription": "The database user name. Required when authenticating using temporary credentials.", - "title": "DbUser", + "JamSyncTime": { + "markdownDescription": "", + "title": "JamSyncTime", + "type": "string" + } + }, + "type": "object" + }, + "AWS::MediaLive::Channel.Esam": { + "additionalProperties": false, + "properties": { + "AcquisitionPointId": { + "markdownDescription": "", + "title": "AcquisitionPointId", "type": "string" }, - "SecretManagerArn": { - "markdownDescription": "The name or ARN of the secret that enables access to the database. Required when authenticating using Secrets Manager.", - "title": "SecretManagerArn", + "AdAvailOffset": { + "markdownDescription": "", + "title": "AdAvailOffset", + "type": "number" + }, + "PasswordParam": { + "markdownDescription": "", + "title": "PasswordParam", "type": "string" }, - "Sqls": { - "items": { - "type": "string" - }, - "markdownDescription": "The SQL statement text to run.", - "title": "Sqls", - "type": "array" + "PoisEndpoint": { + "markdownDescription": "", + "title": "PoisEndpoint", + "type": "string" }, - "StatementName": { - "markdownDescription": "The name of the SQL statement. You can name the SQL statement when you create it to identify the query.", - "title": "StatementName", + "Username": { + "markdownDescription": "", + "title": "Username", "type": "string" }, - "WithEvent": { - "markdownDescription": "Indicates whether to send an event back to EventBridge after the SQL statement runs.", - "title": "WithEvent", - "type": "boolean" + "ZoneIdentity": { + "markdownDescription": "", + "title": "ZoneIdentity", + "type": "string" } }, - "required": [ - "Database", - "Sqls" - ], "type": "object" }, - "AWS::Pipes::Pipe.PipeTargetSageMakerPipelineParameters": { + "AWS::MediaLive::Channel.FailoverCondition": { "additionalProperties": false, "properties": { - "PipelineParameterList": { - "items": { - "$ref": "#/definitions/AWS::Pipes::Pipe.SageMakerPipelineParameter" - }, - "markdownDescription": "List of Parameter names and values for SageMaker AI Model Building Pipeline execution.", - "title": "PipelineParameterList", - "type": "array" + "FailoverConditionSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.FailoverConditionSettings", + "markdownDescription": "Settings for a specific failover condition.", + "title": "FailoverConditionSettings" } }, "type": "object" }, - "AWS::Pipes::Pipe.PipeTargetSqsQueueParameters": { + "AWS::MediaLive::Channel.FailoverConditionSettings": { "additionalProperties": false, "properties": { - "MessageDeduplicationId": { - "markdownDescription": "This parameter applies only to FIFO (first-in-first-out) queues.\n\nThe token used for deduplication of sent messages.", - "title": "MessageDeduplicationId", - "type": "string" + "AudioSilenceSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioSilenceFailoverSettings", + "markdownDescription": "MediaLive will perform a failover if the specified audio selector is silent for the specified period.", + "title": "AudioSilenceSettings" }, - "MessageGroupId": { - "markdownDescription": "The FIFO message group ID to use as the target.", - "title": "MessageGroupId", - "type": "string" + "InputLossSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InputLossFailoverSettings", + "markdownDescription": "MediaLive will perform a failover if content is not detected in this input for the specified period.", + "title": "InputLossSettings" + }, + "VideoBlackSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.VideoBlackFailoverSettings", + "markdownDescription": "MediaLive will perform a failover if content is considered black for the specified period.", + "title": "VideoBlackSettings" } }, "type": "object" }, - "AWS::Pipes::Pipe.PipeTargetStateMachineParameters": { + "AWS::MediaLive::Channel.FeatureActivations": { "additionalProperties": false, "properties": { - "InvocationType": { - "markdownDescription": "Specify whether to invoke the Step Functions state machine synchronously or asynchronously.\n\n- `REQUEST_RESPONSE` (default) - Invoke synchronously. For more information, see [StartSyncExecution](https://docs.aws.amazon.com/step-functions/latest/apireference/API_StartSyncExecution.html) in the *AWS Step Functions API Reference* .\n\n> `REQUEST_RESPONSE` is not supported for `STANDARD` state machine workflows.\n- `FIRE_AND_FORGET` - Invoke asynchronously. For more information, see [StartExecution](https://docs.aws.amazon.com/step-functions/latest/apireference/API_StartExecution.html) in the *AWS Step Functions API Reference* .\n\nFor more information, see [Invocation types](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes.html#pipes-invocation) in the *Amazon EventBridge User Guide* .", - "title": "InvocationType", + "InputPrepareScheduleActions": { + "markdownDescription": "Enables the Input Prepare feature. You can create Input Prepare actions in the schedule only if this feature is enabled.\nIf you disable the feature on an existing schedule, make sure that you first delete all input prepare actions from the schedule.", + "title": "InputPrepareScheduleActions", + "type": "string" + }, + "OutputStaticImageOverlayScheduleActions": { + "markdownDescription": "", + "title": "OutputStaticImageOverlayScheduleActions", "type": "string" } }, "type": "object" }, - "AWS::Pipes::Pipe.PlacementConstraint": { + "AWS::MediaLive::Channel.FecOutputSettings": { "additionalProperties": false, "properties": { - "Expression": { - "markdownDescription": "A cluster query language expression to apply to the constraint. You cannot specify an expression if the constraint type is `distinctInstance` . To learn more, see [Cluster Query Language](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html) in the Amazon Elastic Container Service Developer Guide.", - "title": "Expression", - "type": "string" + "ColumnDepth": { + "markdownDescription": "The parameter D from SMPTE 2022-1. The height of the FEC protection matrix. The number of transport stream packets per column error correction packet. The number must be between 4 and 20, inclusive.", + "title": "ColumnDepth", + "type": "number" }, - "Type": { - "markdownDescription": "The type of constraint. Use distinctInstance to ensure that each task in a particular group is running on a different container instance. Use memberOf to restrict the selection to a group of valid candidates.", - "title": "Type", + "IncludeFec": { + "markdownDescription": "Enables column only or column and row-based FEC.", + "title": "IncludeFec", "type": "string" + }, + "RowLength": { + "markdownDescription": "The parameter L from SMPTE 2022-1. The width of the FEC protection matrix. Must be between 1 and 20, inclusive. If only Column FEC is used, then larger values increase robustness. If Row FEC is used, then this is the number of transport stream packets per row error correction packet, and the value must be between 4 and 20, inclusive, if includeFec is columnAndRow. If includeFec is column, this value must be 1 to 20, inclusive.", + "title": "RowLength", + "type": "number" } }, "type": "object" }, - "AWS::Pipes::Pipe.PlacementStrategy": { + "AWS::MediaLive::Channel.Fmp4HlsSettings": { "additionalProperties": false, "properties": { - "Field": { - "markdownDescription": "The field to apply the placement strategy against. For the spread placement strategy, valid values are instanceId (or host, which has the same effect), or any platform or custom attribute that is applied to a container instance, such as attribute:ecs.availability-zone. For the binpack placement strategy, valid values are cpu and memory. For the random placement strategy, this field is not used.", - "title": "Field", + "AudioRenditionSets": { + "markdownDescription": "List all the audio groups that are used with the video output stream. Input all the audio GROUP-IDs that are associated to the video, separate by ','.", + "title": "AudioRenditionSets", "type": "string" }, - "Type": { - "markdownDescription": "The type of placement strategy. The random placement strategy randomly places tasks on available candidates. The spread placement strategy spreads placement across available candidates evenly based on the field parameter. The binpack strategy places tasks on available candidates that have the least available amount of the resource that is specified with the field parameter. For example, if you binpack on memory, a task is placed on the instance with the least amount of remaining memory (but still enough to run the task).", - "title": "Type", + "NielsenId3Behavior": { + "markdownDescription": "If set to passthrough, Nielsen inaudible tones for media tracking will be detected in the input audio and an equivalent ID3 tag will be inserted in the output.", + "title": "NielsenId3Behavior", + "type": "string" + }, + "TimedMetadataBehavior": { + "markdownDescription": "When set to passthrough, timed metadata is passed through from input to output.", + "title": "TimedMetadataBehavior", "type": "string" } }, "type": "object" }, - "AWS::Pipes::Pipe.S3LogDestination": { + "AWS::MediaLive::Channel.FrameCaptureCdnSettings": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "The name of the Amazon S3 bucket to which EventBridge delivers the log records for the pipe.", - "title": "BucketName", - "type": "string" - }, - "BucketOwner": { - "markdownDescription": "The AWS account that owns the Amazon S3 bucket to which EventBridge delivers the log records for the pipe.", - "title": "BucketOwner", - "type": "string" - }, - "OutputFormat": { - "markdownDescription": "The format EventBridge uses for the log records.\n\nEventBridge currently only supports `json` formatting.", - "title": "OutputFormat", - "type": "string" - }, - "Prefix": { - "markdownDescription": "The prefix text with which to begin Amazon S3 log object names.\n\nFor more information, see [Organizing objects using prefixes](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-prefixes.html) in the *Amazon Simple Storage Service User Guide* .", - "title": "Prefix", - "type": "string" + "FrameCaptureS3Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.FrameCaptureS3Settings", + "markdownDescription": "Sets up Amazon S3 as the destination for this Frame Capture output.", + "title": "FrameCaptureS3Settings" } }, "type": "object" }, - "AWS::Pipes::Pipe.SageMakerPipelineParameter": { + "AWS::MediaLive::Channel.FrameCaptureGroupSettings": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "Name of parameter to start execution of a SageMaker AI Model Building Pipeline.", - "title": "Name", - "type": "string" + "Destination": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", + "markdownDescription": "The destination for the frame capture files. The destination is either the URI for an Amazon S3 bucket and object, plus a file name prefix (for example, s3ssl://sportsDelivery/highlights/20180820/curling_) or the URI for a MediaStore container, plus a file name prefix (for example, mediastoressl://sportsDelivery/20180820/curling_). The final file names consist of the prefix from the destination field (for example, \"curling_\") + name modifier + the counter (5 digits, starting from 00001) + extension (which is always .jpg). For example, curlingLow.00001.jpg.", + "title": "Destination" }, - "Value": { - "markdownDescription": "Value of parameter to start execution of a SageMaker AI Model Building Pipeline.", - "title": "Value", - "type": "string" + "FrameCaptureCdnSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.FrameCaptureCdnSettings", + "markdownDescription": "Settings to configure the destination of a Frame Capture output.", + "title": "FrameCaptureCdnSettings" } }, - "required": [ - "Name", - "Value" - ], "type": "object" }, - "AWS::Pipes::Pipe.SelfManagedKafkaAccessConfigurationCredentials": { + "AWS::MediaLive::Channel.FrameCaptureHlsSettings": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::MediaLive::Channel.FrameCaptureOutputSettings": { "additionalProperties": false, "properties": { - "BasicAuth": { - "markdownDescription": "The ARN of the Secrets Manager secret.", - "title": "BasicAuth", - "type": "string" - }, - "ClientCertificateTlsAuth": { - "markdownDescription": "The ARN of the Secrets Manager secret.", - "title": "ClientCertificateTlsAuth", - "type": "string" - }, - "SaslScram256Auth": { - "markdownDescription": "The ARN of the Secrets Manager secret.", - "title": "SaslScram256Auth", - "type": "string" - }, - "SaslScram512Auth": { - "markdownDescription": "The ARN of the Secrets Manager secret.", - "title": "SaslScram512Auth", + "NameModifier": { + "markdownDescription": "Required if the output group contains more than one output. This modifier forms part of the output file name.", + "title": "NameModifier", "type": "string" } }, "type": "object" }, - "AWS::Pipes::Pipe.SelfManagedKafkaAccessConfigurationVpc": { + "AWS::MediaLive::Channel.FrameCaptureS3Settings": { "additionalProperties": false, "properties": { - "SecurityGroup": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the security groups associated with the stream. These security groups must all be in the same VPC. You can specify as many as five security groups.", - "title": "SecurityGroup", - "type": "array" - }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the subnets associated with the stream. These subnets must all be in the same VPC. You can specify as many as 16 subnets.", - "title": "Subnets", - "type": "array" + "CannedAcl": { + "markdownDescription": "Specify the canned ACL to apply to each S3 request. Defaults to none.", + "title": "CannedAcl", + "type": "string" } }, "type": "object" }, - "AWS::Proton::EnvironmentAccountConnection": { + "AWS::MediaLive::Channel.FrameCaptureSettings": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "CodebuildRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an IAM service role in the environment account. AWS Proton uses this role to provision infrastructure resources using CodeBuild-based provisioning in the associated environment account.", - "title": "CodebuildRoleArn", - "type": "string" - }, - "ComponentRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM service role that AWS Proton uses when provisioning directly defined components in the associated environment account. It determines the scope of infrastructure that a component can provision in the account.\n\nThe environment account connection must have a `componentRoleArn` to allow directly defined components to be associated with any environments running in the account.\n\nFor more information about components, see [AWS Proton components](https://docs.aws.amazon.com/proton/latest/userguide/ag-components.html) in the *AWS Proton User Guide* .", - "title": "ComponentRoleArn", - "type": "string" - }, - "EnvironmentAccountId": { - "markdownDescription": "The environment account that's connected to the environment account connection.", - "title": "EnvironmentAccountId", - "type": "string" - }, - "EnvironmentName": { - "markdownDescription": "The name of the environment that's associated with the environment account connection.", - "title": "EnvironmentName", - "type": "string" - }, - "ManagementAccountId": { - "markdownDescription": "The ID of the management account that's connected to the environment account connection.", - "title": "ManagementAccountId", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The IAM service role that's associated with the environment account connection.", - "title": "RoleArn", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An optional list of metadata items that you can associate with the AWS Proton environment account connection. A tag is a key-value pair.\n\nFor more information, see [AWS Proton resources and tagging](https://docs.aws.amazon.com/proton/latest/userguide/resources.html) in the *AWS Proton User Guide* .", - "title": "Tags", - "type": "array" - } - }, - "type": "object" + "CaptureInterval": { + "markdownDescription": "The frequency, in seconds, for capturing frames for inclusion in the output. For example, \"10\" means capture a frame every 10 seconds.", + "title": "CaptureInterval", + "type": "number" }, - "Type": { - "enum": [ - "AWS::Proton::EnvironmentAccountConnection" - ], + "CaptureIntervalUnits": { + "markdownDescription": "Unit for the frame capture interval.", + "title": "CaptureIntervalUnits", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "TimecodeBurninSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.TimecodeBurninSettings", + "markdownDescription": "", + "title": "TimecodeBurninSettings" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::Proton::EnvironmentTemplate": { + "AWS::MediaLive::Channel.GlobalConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "InitialAudioGain": { + "markdownDescription": "The value to set the initial audio gain for the channel.", + "title": "InitialAudioGain", + "type": "number" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "InputEndAction": { + "markdownDescription": "Indicates the action to take when the current input completes (for example, end-of-file). When switchAndLoopInputs is configured, MediaLive restarts at the beginning of the first input. When \"none\" is configured, MediaLive transcodes either black, a solid color, or a user-specified slate images per the \"Input Loss Behavior\" configuration until the next input switch occurs (which is controlled through the Channel Schedule API).", + "title": "InputEndAction", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "InputLossBehavior": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InputLossBehavior", + "markdownDescription": "The settings for system actions when the input is lost.", + "title": "InputLossBehavior" }, - "Metadata": { - "type": "object" + "OutputLockingMode": { + "markdownDescription": "Indicates how MediaLive pipelines are synchronized. PIPELINELOCKING - MediaLive attempts to synchronize the output of each pipeline to the other. EPOCHLOCKING - MediaLive attempts to synchronize the output of each pipeline to the Unix epoch.", + "title": "OutputLockingMode", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description of the environment template.", - "title": "Description", - "type": "string" - }, - "DisplayName": { - "markdownDescription": "The name of the environment template as displayed in the developer interface.", - "title": "DisplayName", - "type": "string" - }, - "EncryptionKey": { - "markdownDescription": "The customer provided encryption key for the environment template.", - "title": "EncryptionKey", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the environment template.", - "title": "Name", - "type": "string" - }, - "Provisioning": { - "markdownDescription": "When included, indicates that the environment template is for customer provisioned and managed infrastructure.", - "title": "Provisioning", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An optional list of metadata items that you can associate with the AWS Proton environment template. A tag is a key-value pair.\n\nFor more information, see [AWS Proton resources and tagging](https://docs.aws.amazon.com/proton/latest/userguide/resources.html) in the *AWS Proton User Guide* .", - "title": "Tags", - "type": "array" - } - }, - "type": "object" + "OutputLockingSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLockingSettings", + "markdownDescription": "", + "title": "OutputLockingSettings" }, - "Type": { - "enum": [ - "AWS::Proton::EnvironmentTemplate" - ], + "OutputTimingSource": { + "markdownDescription": "Indicates whether the rate of frames emitted by the Live encoder should be paced by its system clock (which optionally might be locked to another source through NTP) or should be locked to the clock of the source that is providing the input stream.", + "title": "OutputTimingSource", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SupportLowFramerateInputs": { + "markdownDescription": "Adjusts the video input buffer for streams with very low video frame rates. This is commonly set to enabled for music channels with less than one video frame per second.", + "title": "SupportLowFramerateInputs", "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::Proton::ServiceTemplate": { + "AWS::MediaLive::Channel.H264ColorSpaceSettings": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "ColorSpacePassthroughSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.ColorSpacePassthroughSettings", + "markdownDescription": "Passthrough applies no color space conversion to the output.", + "title": "ColorSpacePassthroughSettings" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description of the service template.", - "title": "Description", - "type": "string" - }, - "DisplayName": { - "markdownDescription": "The service template name as displayed in the developer interface.", - "title": "DisplayName", - "type": "string" - }, - "EncryptionKey": { - "markdownDescription": "The customer provided service template encryption key that's used to encrypt data.", - "title": "EncryptionKey", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the service template.", - "title": "Name", - "type": "string" - }, - "PipelineProvisioning": { - "markdownDescription": "If `pipelineProvisioning` is `true` , a service pipeline is included in the service template. Otherwise, a service pipeline *isn't* included in the service template.", - "title": "PipelineProvisioning", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An object that includes the template bundle S3 bucket path and name for the new version of a service template.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" + "Rec601Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Rec601Settings", + "markdownDescription": "Settings to configure the handling of Rec601 color space.", + "title": "Rec601Settings" }, - "Type": { - "enum": [ - "AWS::Proton::ServiceTemplate" - ], - "type": "string" + "Rec709Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Rec709Settings", + "markdownDescription": "Settings to configure the handling of Rec709 color space.", + "title": "Rec709Settings" + } + }, + "type": "object" + }, + "AWS::MediaLive::Channel.H264FilterSettings": { + "additionalProperties": false, + "properties": { + "BandwidthReductionFilterSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.BandwidthReductionFilterSettings", + "markdownDescription": "", + "title": "BandwidthReductionFilterSettings" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "TemporalFilterSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.TemporalFilterSettings", + "markdownDescription": "Settings for applying the temporal filter to the video.", + "title": "TemporalFilterSettings" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::QLDB::Ledger": { + "AWS::MediaLive::Channel.H264Settings": { "additionalProperties": false, "properties": { - "Condition": { + "AdaptiveQuantization": { + "markdownDescription": "The adaptive quantization. This allows intra-frame quantizers to vary to improve visual quality.", + "title": "AdaptiveQuantization", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "AfdSignaling": { + "markdownDescription": "Indicates that AFD values will be written into the output stream. If afdSignaling is auto, the system tries to preserve the input AFD value (in cases where multiple AFD values are valid). If set to fixed, the AFD value is the value configured in the fixedAfd parameter.", + "title": "AfdSignaling", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Bitrate": { + "markdownDescription": "The average bitrate in bits/second. This is required when the rate control mode is VBR or CBR. It isn't used for QVBR. In a Microsoft Smooth output group, each output must have a unique value when its bitrate is rounded down to the nearest multiple of 1000.", + "title": "Bitrate", + "type": "number" }, - "Metadata": { - "type": "object" + "BufFillPct": { + "markdownDescription": "The percentage of the buffer that should initially be filled (HRD buffer model).", + "title": "BufFillPct", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DeletionProtection": { - "markdownDescription": "Specifies whether the ledger is protected from being deleted by any user. If not defined during ledger creation, this feature is enabled ( `true` ) by default.\n\nIf deletion protection is enabled, you must first disable it before you can delete the ledger. You can disable it by calling the `UpdateLedger` operation to set this parameter to `false` .", - "title": "DeletionProtection", - "type": "boolean" - }, - "KmsKey": { - "markdownDescription": "The key in AWS Key Management Service ( AWS KMS ) to use for encryption of data at rest in the ledger. For more information, see [Encryption at rest](https://docs.aws.amazon.com/qldb/latest/developerguide/encryption-at-rest.html) in the *Amazon QLDB Developer Guide* .\n\nUse one of the following options to specify this parameter:\n\n- `AWS_OWNED_KMS_KEY` : Use an AWS KMS key that is owned and managed by AWS on your behalf.\n- *Undefined* : By default, use an AWS owned KMS key.\n- *A valid symmetric customer managed KMS key* : Use the specified symmetric encryption KMS key in your account that you create, own, and manage.\n\nAmazon QLDB does not support asymmetric keys. For more information, see [Using symmetric and asymmetric keys](https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html) in the *AWS Key Management Service Developer Guide* .\n\nTo specify a customer managed KMS key, you can use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. When using an alias name, prefix it with `\"alias/\"` . To specify a key in a different AWS account , you must use the key ARN or alias ARN.\n\nFor example:\n\n- Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key ARN: `arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n- Alias name: `alias/ExampleAlias`\n- Alias ARN: `arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias`\n\nFor more information, see [Key identifiers (KeyId)](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id) in the *AWS Key Management Service Developer Guide* .", - "title": "KmsKey", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the ledger that you want to create. The name must be unique among all of the ledgers in your AWS account in the current Region.\n\nNaming constraints for ledger names are defined in [Quotas in Amazon QLDB](https://docs.aws.amazon.com/qldb/latest/developerguide/limits.html#limits.naming) in the *Amazon QLDB Developer Guide* .", - "title": "Name", - "type": "string" - }, - "PermissionsMode": { - "markdownDescription": "The permissions mode to assign to the ledger that you want to create. This parameter can have one of the following values:\n\n- `ALLOW_ALL` : A legacy permissions mode that enables access control with API-level granularity for ledgers.\n\nThis mode allows users who have the `SendCommand` API permission for this ledger to run all PartiQL commands (hence, `ALLOW_ALL` ) on any tables in the specified ledger. This mode disregards any table-level or command-level IAM permissions policies that you create for the ledger.\n- `STANDARD` : ( *Recommended* ) A permissions mode that enables access control with finer granularity for ledgers, tables, and PartiQL commands.\n\nBy default, this mode denies all user requests to run any PartiQL commands on any tables in this ledger. To allow PartiQL commands to run, you must create IAM permissions policies for specific table resources and PartiQL actions, in addition to the `SendCommand` API permission for the ledger. For information, see [Getting started with the standard permissions mode](https://docs.aws.amazon.com/qldb/latest/developerguide/getting-started-standard-mode.html) in the *Amazon QLDB Developer Guide* .\n\n> We strongly recommend using the `STANDARD` permissions mode to maximize the security of your ledger data.", - "title": "PermissionsMode", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "PermissionsMode" - ], - "type": "object" + "BufSize": { + "markdownDescription": "The size of the buffer (HRD buffer model) in bits/second.", + "title": "BufSize", + "type": "number" }, - "Type": { - "enum": [ - "AWS::QLDB::Ledger" - ], + "ColorMetadata": { + "markdownDescription": "Includes color space metadata in the output.", + "title": "ColorMetadata", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ColorSpaceSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.H264ColorSpaceSettings", + "markdownDescription": "Settings to configure the color space handling for the video.", + "title": "ColorSpaceSettings" + }, + "EntropyEncoding": { + "markdownDescription": "The entropy encoding mode. Use cabac (must be in Main or High profile) or cavlc.", + "title": "EntropyEncoding", "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::QLDB::Stream": { - "additionalProperties": false, - "properties": { - "Condition": { + }, + "FilterSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.H264FilterSettings", + "markdownDescription": "Optional filters that you can apply to an encode.", + "title": "FilterSettings" + }, + "FixedAfd": { + "markdownDescription": "A four-bit AFD value to write on all frames of video in the output stream. Valid only when afdSignaling is set to Fixed.", + "title": "FixedAfd", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FlickerAq": { + "markdownDescription": "If set to enabled, adjusts the quantization within each frame to reduce flicker or pop on I-frames.", + "title": "FlickerAq", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ForceFieldPictures": { + "markdownDescription": "This setting applies only when scan type is \"interlaced.\" It controls whether coding is performed on a field basis or on a frame basis. (When the video is progressive, the coding is always performed on a frame basis.)\nenabled: Force MediaLive to code on a field basis, so that odd and even sets of fields are coded separately.\ndisabled: Code the two sets of fields separately (on a field basis) or together (on a frame basis using PAFF), depending on what is most appropriate for the content.", + "title": "ForceFieldPictures", + "type": "string" }, - "Metadata": { - "type": "object" + "FramerateControl": { + "markdownDescription": "Indicates how the output video frame rate is specified. If you select \"specified,\" the output video frame rate is determined by framerateNumerator and framerateDenominator. If you select \"initializeFromSource,\" the output video frame rate is set equal to the input video frame rate of the first input.", + "title": "FramerateControl", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ExclusiveEndTime": { - "markdownDescription": "The exclusive date and time that specifies when the stream ends. If you don't define this parameter, the stream runs indefinitely until you cancel it.\n\nThe `ExclusiveEndTime` must be in `ISO 8601` date and time format and in Universal Coordinated Time (UTC). For example: `2019-06-13T21:36:34Z` .", - "title": "ExclusiveEndTime", - "type": "string" - }, - "InclusiveStartTime": { - "markdownDescription": "The inclusive start date and time from which to start streaming journal data. This parameter must be in `ISO 8601` date and time format and in Universal Coordinated Time (UTC). For example: `2019-06-13T21:36:34Z` .\n\nThe `InclusiveStartTime` cannot be in the future and must be before `ExclusiveEndTime` .\n\nIf you provide an `InclusiveStartTime` that is before the ledger's `CreationDateTime` , QLDB effectively defaults it to the ledger's `CreationDateTime` .", - "title": "InclusiveStartTime", - "type": "string" - }, - "KinesisConfiguration": { - "$ref": "#/definitions/AWS::QLDB::Stream.KinesisConfiguration", - "markdownDescription": "The configuration settings of the Kinesis Data Streams destination for your stream request.", - "title": "KinesisConfiguration" - }, - "LedgerName": { - "markdownDescription": "The name of the ledger.", - "title": "LedgerName", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that grants QLDB permissions for a journal stream to write data records to a Kinesis Data Streams resource.\n\nTo pass a role to QLDB when requesting a journal stream, you must have permissions to perform the `iam:PassRole` action on the IAM role resource. This is required for all journal stream requests.", - "title": "RoleArn", - "type": "string" - }, - "StreamName": { - "markdownDescription": "The name that you want to assign to the QLDB journal stream. User-defined names can help identify and indicate the purpose of a stream.\n\nYour stream name must be unique among other *active* streams for a given ledger. Stream names have the same naming constraints as ledger names, as defined in [Quotas in Amazon QLDB](https://docs.aws.amazon.com/qldb/latest/developerguide/limits.html#limits.naming) in the *Amazon QLDB Developer Guide* .", - "title": "StreamName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "InclusiveStartTime", - "KinesisConfiguration", - "LedgerName", - "RoleArn", - "StreamName" - ], - "type": "object" + "FramerateDenominator": { + "markdownDescription": "The frame rate denominator.", + "title": "FramerateDenominator", + "type": "number" }, - "Type": { - "enum": [ - "AWS::QLDB::Stream" - ], + "FramerateNumerator": { + "markdownDescription": "The frame rate numerator. The frame rate is a fraction, for example, 24000/1001 = 23.976 fps.", + "title": "FramerateNumerator", + "type": "number" + }, + "GopBReference": { + "markdownDescription": "If enabled, uses reference B frames for GOP structures that have B frames > 1.", + "title": "GopBReference", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "GopClosedCadence": { + "markdownDescription": "The frequency of closed GOPs. In streaming applications, we recommend that you set this to 1 so that a decoder joining mid-stream will receive an IDR frame as quickly as possible. Setting this value to 0 will break output segmenting.", + "title": "GopClosedCadence", + "type": "number" + }, + "GopNumBFrames": { + "markdownDescription": "The number of B-frames between reference frames.", + "title": "GopNumBFrames", + "type": "number" + }, + "GopSize": { + "markdownDescription": "The GOP size (keyframe interval) in units of either frames or seconds per gopSizeUnits. The value must be greater than zero.", + "title": "GopSize", + "type": "number" + }, + "GopSizeUnits": { + "markdownDescription": "Indicates if the gopSize is specified in frames or seconds. If seconds, the system converts the gopSize into a frame count at runtime.", + "title": "GopSizeUnits", "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::QLDB::Stream.KinesisConfiguration": { - "additionalProperties": false, - "properties": { - "AggregationEnabled": { - "markdownDescription": "Enables QLDB to publish multiple data records in a single Kinesis Data Streams record, increasing the number of records sent per API call.\n\nDefault: `True`\n\n> Record aggregation has important implications for processing records and requires de-aggregation in your stream consumer. To learn more, see [KPL Key Concepts](https://docs.aws.amazon.com/streams/latest/dev/kinesis-kpl-concepts.html) and [Consumer De-aggregation](https://docs.aws.amazon.com/streams/latest/dev/kinesis-kpl-consumer-deaggregation.html) in the *Amazon Kinesis Data Streams Developer Guide* .", - "title": "AggregationEnabled", - "type": "boolean" }, - "StreamArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Kinesis Data Streams resource.", - "title": "StreamArn", + "Level": { + "markdownDescription": "The H.264 level.", + "title": "Level", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis": { - "additionalProperties": false, - "properties": { - "Condition": { + }, + "LookAheadRateControl": { + "markdownDescription": "The amount of lookahead. A value of low can decrease latency and memory usage, while high can produce better quality for certain content.", + "title": "LookAheadRateControl", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "MaxBitrate": { + "markdownDescription": "For QVBR: See the tooltip for Quality level. For VBR: Set the maximum bitrate in order to accommodate expected spikes in the complexity of the video.", + "title": "MaxBitrate", + "type": "number" + }, + "MinIInterval": { + "markdownDescription": "Meaningful only if sceneChangeDetect is set to enabled. This setting enforces separation between repeated (cadence) I-frames and I-frames inserted by Scene Change Detection. If a scene change I-frame is within I-interval frames of a cadence I-frame, the GOP is shrunk or stretched to the scene change I-frame. GOP stretch requires enabling lookahead as well as setting the I-interval. The normal cadence resumes for the next GOP. Note that the maximum GOP stretch = GOP size + Min-I-interval - 1.", + "title": "MinIInterval", + "type": "number" + }, + "MinQp": { + "markdownDescription": "", + "title": "MinQp", + "type": "number" + }, + "NumRefFrames": { + "markdownDescription": "The number of reference frames to use. The encoder might use more than requested if you use B-frames or interlaced encoding.", + "title": "NumRefFrames", + "type": "number" + }, + "ParControl": { + "markdownDescription": "Indicates how the output pixel aspect ratio is specified. If \"specified\" is selected, the output video pixel aspect ratio is determined by parNumerator and parDenominator. If \"initializeFromSource\" is selected, the output pixels aspect ratio will be set equal to the input video pixel aspect ratio of the first input.", + "title": "ParControl", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ParDenominator": { + "markdownDescription": "The Pixel Aspect Ratio denominator.", + "title": "ParDenominator", + "type": "number" }, - "Metadata": { - "type": "object" + "ParNumerator": { + "markdownDescription": "The Pixel Aspect Ratio numerator.", + "title": "ParNumerator", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AnalysisId": { - "markdownDescription": "The ID for the analysis that you're creating. This ID displays in the URL of the analysis.", - "title": "AnalysisId", - "type": "string" - }, - "AwsAccountId": { - "markdownDescription": "The ID of the AWS account where you are creating an analysis.", - "title": "AwsAccountId", - "type": "string" - }, - "Definition": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AnalysisDefinition", - "markdownDescription": "", - "title": "Definition" - }, - "Errors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AnalysisError" - }, - "markdownDescription": "Errors associated with the analysis.", - "title": "Errors", - "type": "array" - }, - "Name": { - "markdownDescription": "A descriptive name for the analysis that you're creating. This name displays for the analysis in the Amazon QuickSight console.", - "title": "Name", - "type": "string" - }, - "Parameters": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.Parameters", - "markdownDescription": "The parameter names and override values that you want to use. An analysis can have any parameter type, and some parameters might accept multiple values.", - "title": "Parameters" - }, - "Permissions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ResourcePermission" - }, - "markdownDescription": "A structure that describes the principals and the resource-level permissions on an analysis. You can use the `Permissions` structure to grant permissions by providing a list of AWS Identity and Access Management (IAM) action information for each principal listed by Amazon Resource Name (ARN).\n\nTo specify no permissions, omit `Permissions` .", - "title": "Permissions", - "type": "array" - }, - "Sheets": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.Sheet" - }, - "markdownDescription": "A list of the associated sheets with the unique identifier and name of each sheet.", - "title": "Sheets", - "type": "array" - }, - "SourceEntity": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AnalysisSourceEntity", - "markdownDescription": "A source entity to use for the analysis that you're creating. This metadata structure contains details that describe a source template and one or more datasets.\n\nEither a `SourceEntity` or a `Definition` must be provided in order for the request to be valid.", - "title": "SourceEntity" - }, - "Status": { - "markdownDescription": "Status associated with the analysis.", - "title": "Status", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Contains a map of the key-value pairs for the resource tag or tags assigned to the analysis.", - "title": "Tags", - "type": "array" - }, - "ThemeArn": { - "markdownDescription": "The ARN for the theme to apply to the analysis that you're creating. To see the theme in the Amazon QuickSight console, make sure that you have access to it.", - "title": "ThemeArn", - "type": "string" - }, - "ValidationStrategy": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ValidationStrategy", - "markdownDescription": "The option to relax the validation that is required to create and update analyses, dashboards, and templates with definition objects. When you set this value to `LENIENT` , validation is skipped for specific errors.", - "title": "ValidationStrategy" - } - }, - "required": [ - "AnalysisId", - "AwsAccountId", - "Name" - ], - "type": "object" + "Profile": { + "markdownDescription": "An H.264 profile.", + "title": "Profile", + "type": "string" }, - "Type": { - "enum": [ - "AWS::QuickSight::Analysis" - ], + "QualityLevel": { + "markdownDescription": "Leave as STANDARD_QUALITY or choose a different value (which might result in additional costs to run the channel).\n- ENHANCED_QUALITY: Produces a slightly better video quality without an increase in the bitrate. Has an effect only when the Rate control mode is QVBR or CBR. If this channel is in a MediaLive multiplex, the value must be ENHANCED_QUALITY.\n- STANDARD_QUALITY: Valid for any Rate control mode.", + "title": "QualityLevel", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "QvbrQualityLevel": { + "markdownDescription": "Controls the target quality for the video encode. This applies only when the rate control mode is QVBR. Set values for the QVBR quality level field and Max bitrate field that suit your most important viewing devices. Recommended values are: - Primary screen: Quality level: 8 to 10. Max bitrate: 4M - PC or tablet: Quality level: 7. Max bitrate: 1.5M to 3M - Smartphone: Quality level: 6. Max bitrate: 1M to 1.5M.", + "title": "QvbrQualityLevel", + "type": "number" + }, + "RateControlMode": { + "markdownDescription": "The rate control mode. QVBR: The quality will match the specified quality level except when it is constrained by the maximum bitrate. We recommend this if you or your viewers pay for bandwidth. VBR: The quality and bitrate vary, depending on the video complexity. We recommend this instead of QVBR if you want to maintain a specific average bitrate over the duration of the channel. CBR: The quality varies, depending on the video complexity. We recommend this only if you distribute your assets to devices that can't handle variable bitrates.", + "title": "RateControlMode", "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.AggregationFunction": { - "additionalProperties": false, - "properties": { - "AttributeAggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AttributeAggregationFunction", - "markdownDescription": "Aggregation for attributes.", - "title": "AttributeAggregationFunction" }, - "CategoricalAggregationFunction": { - "markdownDescription": "Aggregation for categorical values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values.", - "title": "CategoricalAggregationFunction", + "ScanType": { + "markdownDescription": "Sets the scan type of the output to progressive or top-field-first interlaced.", + "title": "ScanType", "type": "string" }, - "DateAggregationFunction": { - "markdownDescription": "Aggregation for date values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values.\n- `MIN` : Select the smallest date value.\n- `MAX` : Select the largest date value.", - "title": "DateAggregationFunction", + "SceneChangeDetect": { + "markdownDescription": "The scene change detection. On: inserts I-frames when the scene change is detected. Off: does not force an I-frame when the scene change is detected.", + "title": "SceneChangeDetect", "type": "string" }, - "NumericalAggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericalAggregationFunction", - "markdownDescription": "Aggregation for numerical values.", - "title": "NumericalAggregationFunction" + "Slices": { + "markdownDescription": "The number of slices per picture. The number must be less than or equal to the number of macroblock rows for progressive pictures, and less than or equal to half the number of macroblock rows for interlaced pictures. This field is optional. If you don't specify a value, MediaLive chooses the number of slices based on the encode resolution.", + "title": "Slices", + "type": "number" + }, + "Softness": { + "markdownDescription": "Softness. Selects a quantizer matrix. Larger values reduce high-frequency content in the encoded image.", + "title": "Softness", + "type": "number" + }, + "SpatialAq": { + "markdownDescription": "If set to enabled, adjusts quantization within each frame based on the spatial variation of content complexity.", + "title": "SpatialAq", + "type": "string" + }, + "SubgopLength": { + "markdownDescription": "If set to fixed, uses gopNumBFrames B-frames per sub-GOP. If set to dynamic, optimizes the number of B-frames used for each sub-GOP to improve visual quality.", + "title": "SubgopLength", + "type": "string" + }, + "Syntax": { + "markdownDescription": "Produces a bitstream that is compliant with SMPTE RP-2027.", + "title": "Syntax", + "type": "string" + }, + "TemporalAq": { + "markdownDescription": "If set to enabled, adjusts quantization within each frame based on the temporal variation of content complexity.", + "title": "TemporalAq", + "type": "string" + }, + "TimecodeBurninSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.TimecodeBurninSettings", + "markdownDescription": "", + "title": "TimecodeBurninSettings" + }, + "TimecodeInsertion": { + "markdownDescription": "Determines how timecodes should be inserted into the video elementary stream. disabled: don't include timecodes. picTimingSei: pass through picture timing SEI messages from the source specified in Timecode Config.", + "title": "TimecodeInsertion", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.AggregationSortConfiguration": { + "AWS::MediaLive::Channel.H265ColorSpaceSettings": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationFunction", - "markdownDescription": "The function that aggregates the values in `Column` .", - "title": "AggregationFunction" + "ColorSpacePassthroughSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.ColorSpacePassthroughSettings", + "markdownDescription": "Passthrough applies no color space conversion to the output.", + "title": "ColorSpacePassthroughSettings" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that determines the sort order of aggregated values.", - "title": "Column" + "DolbyVision81Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.DolbyVision81Settings", + "markdownDescription": "", + "title": "DolbyVision81Settings" }, - "SortDirection": { - "markdownDescription": "The sort direction of values.\n\n- `ASC` : Sort in ascending order.\n- `DESC` : Sort in descending order.", - "title": "SortDirection", - "type": "string" + "Hdr10Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Hdr10Settings", + "markdownDescription": "Settings to configure the handling of HDR10 color space.", + "title": "Hdr10Settings" + }, + "Rec601Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Rec601Settings", + "markdownDescription": "Settings to configure the handling of Rec601 color space.", + "title": "Rec601Settings" + }, + "Rec709Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Rec709Settings", + "markdownDescription": "Settings to configure the handling of Rec709 color space.", + "title": "Rec709Settings" } }, - "required": [ - "Column", - "SortDirection" - ], "type": "object" }, - "AWS::QuickSight::Analysis.AnalysisDefaults": { + "AWS::MediaLive::Channel.H265FilterSettings": { "additionalProperties": false, "properties": { - "DefaultNewSheetConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultNewSheetConfiguration", - "markdownDescription": "The configuration for default new sheet settings.", - "title": "DefaultNewSheetConfiguration" + "BandwidthReductionFilterSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.BandwidthReductionFilterSettings", + "markdownDescription": "", + "title": "BandwidthReductionFilterSettings" + }, + "TemporalFilterSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.TemporalFilterSettings", + "markdownDescription": "Settings for applying the temporal filter to the video.", + "title": "TemporalFilterSettings" } }, - "required": [ - "DefaultNewSheetConfiguration" - ], "type": "object" }, - "AWS::QuickSight::Analysis.AnalysisDefinition": { + "AWS::MediaLive::Channel.H265Settings": { "additionalProperties": false, "properties": { - "AnalysisDefaults": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AnalysisDefaults", - "markdownDescription": "", - "title": "AnalysisDefaults" + "AdaptiveQuantization": { + "markdownDescription": "Adaptive quantization. Allows intra-frame quantizers to vary to improve visual quality.", + "title": "AdaptiveQuantization", + "type": "string" }, - "CalculatedFields": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CalculatedField" - }, - "markdownDescription": "An array of calculated field definitions for the analysis.", - "title": "CalculatedFields", - "type": "array" + "AfdSignaling": { + "markdownDescription": "Indicates that AFD values will be written into the output stream. If afdSignaling is \"auto\", the system will try to preserve the input AFD value (in cases where multiple AFD values are valid). If set to \"fixed\", the AFD value will be the value configured in the fixedAfd parameter.", + "title": "AfdSignaling", + "type": "string" }, - "ColumnConfigurations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnConfiguration" - }, - "markdownDescription": "An array of analysis-level column configurations. Column configurations can be used to set default formatting for a column to be used throughout an analysis.", - "title": "ColumnConfigurations", - "type": "array" + "AlternativeTransferFunction": { + "markdownDescription": "Whether or not EML should insert an Alternative Transfer Function SEI message to support backwards compatibility with non-HDR decoders and displays.", + "title": "AlternativeTransferFunction", + "type": "string" }, - "DataSetIdentifierDeclarations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataSetIdentifierDeclaration" - }, - "markdownDescription": "An array of dataset identifier declarations. This mapping allows the usage of dataset identifiers instead of dataset ARNs throughout analysis sub-structures.", - "title": "DataSetIdentifierDeclarations", - "type": "array" + "Bitrate": { + "markdownDescription": "Average bitrate in bits/second. Required when the rate control mode is VBR or CBR. Not used for QVBR. In an MS Smooth output group, each output must have a unique value when its bitrate is rounded down to the nearest multiple of 1000.", + "title": "Bitrate", + "type": "number" }, - "FilterGroups": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterGroup" - }, - "markdownDescription": "Filter definitions for an analysis.\n\nFor more information, see [Filtering Data in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/adding-a-filter.html) in the *Amazon QuickSight User Guide* .", - "title": "FilterGroups", - "type": "array" + "BufSize": { + "markdownDescription": "Size of buffer (HRD buffer model) in bits.", + "title": "BufSize", + "type": "number" }, - "Options": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AssetOptions", - "markdownDescription": "An array of option definitions for an analysis.", - "title": "Options" + "ColorMetadata": { + "markdownDescription": "Includes colorspace metadata in the output.", + "title": "ColorMetadata", + "type": "string" }, - "ParameterDeclarations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterDeclaration" - }, - "markdownDescription": "An array of parameter declarations for an analysis.\n\nParameters are named variables that can transfer a value for use by an action or an object.\n\nFor more information, see [Parameters in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-in-quicksight.html) in the *Amazon QuickSight User Guide* .", - "title": "ParameterDeclarations", - "type": "array" + "ColorSpaceSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.H265ColorSpaceSettings", + "markdownDescription": "Color Space settings", + "title": "ColorSpaceSettings" }, - "Sheets": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetDefinition" - }, - "markdownDescription": "An array of sheet definitions for an analysis. Each `SheetDefinition` provides detailed information about a sheet within this analysis.", - "title": "Sheets", - "type": "array" - } - }, - "required": [ - "DataSetIdentifierDeclarations" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.AnalysisError": { - "additionalProperties": false, - "properties": { - "Message": { - "markdownDescription": "The message associated with the analysis error.", - "title": "Message", + "Deblocking": { + "markdownDescription": "", + "title": "Deblocking", "type": "string" }, - "Type": { - "markdownDescription": "The type of the analysis error.", - "title": "Type", + "FilterSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.H265FilterSettings", + "markdownDescription": "Optional filters that you can apply to an encode.", + "title": "FilterSettings" + }, + "FixedAfd": { + "markdownDescription": "Four bit AFD value to write on all frames of video in the output stream. Only valid when afdSignaling is set to 'Fixed'.", + "title": "FixedAfd", "type": "string" }, - "ViolatedEntities": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.Entity" - }, - "markdownDescription": "Lists the violated entities that caused the analysis error", - "title": "ViolatedEntities", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.AnalysisSourceEntity": { - "additionalProperties": false, - "properties": { - "SourceTemplate": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AnalysisSourceTemplate", - "markdownDescription": "The source template for the source entity of the analysis.", - "title": "SourceTemplate" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.AnalysisSourceTemplate": { - "additionalProperties": false, - "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the source template of an analysis.", - "title": "Arn", + "FlickerAq": { + "markdownDescription": "If set to enabled, adjust quantization within each frame to reduce flicker or 'pop' on I-frames.", + "title": "FlickerAq", "type": "string" }, - "DataSetReferences": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataSetReference" - }, - "markdownDescription": "The dataset references of the source template of an analysis.", - "title": "DataSetReferences", - "type": "array" - } - }, - "required": [ - "Arn", - "DataSetReferences" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.AnchorDateConfiguration": { - "additionalProperties": false, - "properties": { - "AnchorOption": { - "markdownDescription": "The options for the date configuration. Choose one of the options below:\n\n- `NOW`", - "title": "AnchorOption", + "FramerateDenominator": { + "markdownDescription": "Framerate denominator.", + "title": "FramerateDenominator", + "type": "number" + }, + "FramerateNumerator": { + "markdownDescription": "Framerate numerator - framerate is a fraction, e.g. 24000 / 1001 = 23.976 fps.", + "title": "FramerateNumerator", + "type": "number" + }, + "GopClosedCadence": { + "markdownDescription": "Frequency of closed GOPs. In streaming applications, it is recommended that this be set to 1 so a decoder joining mid-stream will receive an IDR frame as quickly as possible. Setting this value to 0 will break output segmenting.", + "title": "GopClosedCadence", + "type": "number" + }, + "GopSize": { + "markdownDescription": "GOP size (keyframe interval) in units of either frames or seconds per gopSizeUnits.\nIf gopSizeUnits is frames, gopSize must be an integer and must be greater than or equal to 1.\nIf gopSizeUnits is seconds, gopSize must be greater than 0, but need not be an integer.", + "title": "GopSize", + "type": "number" + }, + "GopSizeUnits": { + "markdownDescription": "Indicates if the gopSize is specified in frames or seconds. If seconds the system will convert the gopSize into a frame count at run time.", + "title": "GopSizeUnits", "type": "string" }, - "ParameterName": { - "markdownDescription": "The name of the parameter that is used for the anchor date configuration.", - "title": "ParameterName", + "Level": { + "markdownDescription": "H.265 Level.", + "title": "Level", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.ArcAxisConfiguration": { - "additionalProperties": false, - "properties": { - "Range": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ArcAxisDisplayRange", - "markdownDescription": "The arc axis range of a `GaugeChartVisual` .", - "title": "Range" }, - "ReserveRange": { - "markdownDescription": "The reserved range of the arc axis.", - "title": "ReserveRange", - "type": "number" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.ArcAxisDisplayRange": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum value of the arc axis range.", - "title": "Max", + "LookAheadRateControl": { + "markdownDescription": "Amount of lookahead. A value of low can decrease latency and memory usage, while high can produce better quality for certain content.", + "title": "LookAheadRateControl", + "type": "string" + }, + "MaxBitrate": { + "markdownDescription": "For QVBR: See the tooltip for Quality level", + "title": "MaxBitrate", "type": "number" }, - "Min": { - "markdownDescription": "The minimum value of the arc axis range.", - "title": "Min", + "MinIInterval": { + "markdownDescription": "Only meaningful if sceneChangeDetect is set to enabled. Defaults to 5 if multiplex rate control is used. Enforces separation between repeated (cadence) I-frames and I-frames inserted by Scene Change Detection. If a scene change I-frame is within I-interval frames of a cadence I-frame, the GOP is shrunk and/or stretched to the scene change I-frame. GOP stretch requires enabling lookahead as well as setting I-interval. The normal cadence resumes for the next GOP. Note: Maximum GOP stretch = GOP size + Min-I-interval - 1", + "title": "MinIInterval", "type": "number" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.ArcConfiguration": { - "additionalProperties": false, - "properties": { - "ArcAngle": { - "markdownDescription": "The option that determines the arc angle of a `GaugeChartVisual` .", - "title": "ArcAngle", + }, + "MinQp": { + "markdownDescription": "", + "title": "MinQp", "type": "number" }, - "ArcThickness": { - "markdownDescription": "The options that determine the arc thickness of a `GaugeChartVisual` .", - "title": "ArcThickness", + "MvOverPictureBoundaries": { + "markdownDescription": "", + "title": "MvOverPictureBoundaries", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.ArcOptions": { - "additionalProperties": false, - "properties": { - "ArcThickness": { - "markdownDescription": "The arc thickness of a `GaugeChartVisual` .", - "title": "ArcThickness", + }, + "MvTemporalPredictor": { + "markdownDescription": "", + "title": "MvTemporalPredictor", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.AssetOptions": { - "additionalProperties": false, - "properties": { - "Timezone": { - "markdownDescription": "Determines the timezone for the analysis.", - "title": "Timezone", + }, + "ParDenominator": { + "markdownDescription": "Pixel Aspect Ratio denominator.", + "title": "ParDenominator", + "type": "number" + }, + "ParNumerator": { + "markdownDescription": "Pixel Aspect Ratio numerator.", + "title": "ParNumerator", + "type": "number" + }, + "Profile": { + "markdownDescription": "H.265 Profile.", + "title": "Profile", "type": "string" }, - "WeekStart": { - "markdownDescription": "Determines the week start day for an analysis.", - "title": "WeekStart", + "QvbrQualityLevel": { + "markdownDescription": "Controls the target quality for the video encode. Applies only when the rate control mode is QVBR. Set values for the QVBR quality level field and Max bitrate field that suit your most important viewing devices. Recommended values are:\n- Primary screen: Quality level: 8 to 10. Max bitrate: 4M\n- PC or tablet: Quality level: 7. Max bitrate: 1.5M to 3M\n- Smartphone: Quality level: 6. Max bitrate: 1M to 1.5M", + "title": "QvbrQualityLevel", + "type": "number" + }, + "RateControlMode": { + "markdownDescription": "Rate control mode. QVBR: Quality will match the specified quality level except when it is constrained by the\nmaximum bitrate. Recommended if you or your viewers pay for bandwidth. CBR: Quality varies, depending on the video complexity. Recommended only if you distribute\nyour assets to devices that cannot handle variable bitrates. Multiplex: This rate control mode is only supported (and is required) when the video is being\ndelivered to a MediaLive Multiplex in which case the rate control configuration is controlled\nby the properties within the Multiplex Program.", + "title": "RateControlMode", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.AttributeAggregationFunction": { - "additionalProperties": false, - "properties": { - "SimpleAttributeAggregation": { - "markdownDescription": "The built-in aggregation functions for attributes.\n\n- `UNIQUE_VALUE` : Returns the unique value for a field, aggregated by the dimension fields.", - "title": "SimpleAttributeAggregation", + }, + "ScanType": { + "markdownDescription": "Sets the scan type of the output to progressive or top-field-first interlaced.", + "title": "ScanType", "type": "string" }, - "ValueForMultipleValues": { - "markdownDescription": "Used by the `UNIQUE_VALUE` aggregation function. If there are multiple values for the field used by the aggregation, the value for this property will be returned instead. Defaults to '*'.", - "title": "ValueForMultipleValues", + "SceneChangeDetect": { + "markdownDescription": "Scene change detection.", + "title": "SceneChangeDetect", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.AxisDataOptions": { - "additionalProperties": false, - "properties": { - "DateAxisOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateAxisOptions", - "markdownDescription": "The options for an axis with a date field.", - "title": "DateAxisOptions" }, - "NumericAxisOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericAxisOptions", - "markdownDescription": "The options for an axis with a numeric field.", - "title": "NumericAxisOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.AxisDisplayMinMaxRange": { - "additionalProperties": false, - "properties": { - "Maximum": { - "markdownDescription": "The maximum setup for an axis display range.", - "title": "Maximum", + "Slices": { + "markdownDescription": "Number of slices per picture. Must be less than or equal to the number of macroblock rows for progressive pictures, and less than or equal to half the number of macroblock rows for interlaced pictures.\nThis field is optional; when no value is specified the encoder will choose the number of slices based on encode resolution.", + "title": "Slices", "type": "number" }, - "Minimum": { - "markdownDescription": "The minimum setup for an axis display range.", - "title": "Minimum", - "type": "number" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.AxisDisplayOptions": { - "additionalProperties": false, - "properties": { - "AxisLineVisibility": { - "markdownDescription": "Determines whether or not the axis line is visible.", - "title": "AxisLineVisibility", + "Tier": { + "markdownDescription": "H.265 Tier.", + "title": "Tier", "type": "string" }, - "AxisOffset": { - "markdownDescription": "The offset value that determines the starting placement of the axis within a visual's bounds.", - "title": "AxisOffset", + "TileHeight": { + "markdownDescription": "", + "title": "TileHeight", + "type": "number" + }, + "TilePadding": { + "markdownDescription": "", + "title": "TilePadding", "type": "string" }, - "DataOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDataOptions", - "markdownDescription": "The data options for an axis.", - "title": "DataOptions" + "TileWidth": { + "markdownDescription": "", + "title": "TileWidth", + "type": "number" }, - "GridLineVisibility": { - "markdownDescription": "Determines whether or not the grid line is visible.", - "title": "GridLineVisibility", - "type": "string" + "TimecodeBurninSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.TimecodeBurninSettings", + "markdownDescription": "", + "title": "TimecodeBurninSettings" }, - "ScrollbarOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ScrollBarOptions", - "markdownDescription": "The scroll bar options for an axis.", - "title": "ScrollbarOptions" + "TimecodeInsertion": { + "markdownDescription": "Determines how timecodes should be inserted into the video elementary stream.\n- 'disabled': Do not include timecodes\n- 'picTimingSei': Pass through picture timing SEI messages from the source specified in Timecode Config", + "title": "TimecodeInsertion", + "type": "string" }, - "TickLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisTickLabelOptions", - "markdownDescription": "The tick label options of an axis.", - "title": "TickLabelOptions" + "TreeblockSize": { + "markdownDescription": "", + "title": "TreeblockSize", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.AxisDisplayRange": { + "AWS::MediaLive::Channel.Hdr10Settings": { "additionalProperties": false, "properties": { - "DataDriven": { - "markdownDescription": "The data-driven setup of an axis display range.", - "title": "DataDriven", - "type": "object" + "MaxCll": { + "markdownDescription": "Maximum Content Light Level\nAn integer metadata value defining the maximum light level, in nits,\nof any single pixel within an encoded HDR video stream or file.", + "title": "MaxCll", + "type": "number" }, - "MinMax": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayMinMaxRange", - "markdownDescription": "The minimum and maximum setup of an axis display range.", - "title": "MinMax" + "MaxFall": { + "markdownDescription": "Maximum Frame Average Light Level\nAn integer metadata value defining the maximum average light level, in nits,\nfor any single frame within an encoded HDR video stream or file.", + "title": "MaxFall", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.AxisLabelOptions": { + "AWS::MediaLive::Channel.HlsAkamaiSettings": { "additionalProperties": false, "properties": { - "ApplyTo": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisLabelReferenceOptions", - "markdownDescription": "The options that indicate which field the label belongs to.", - "title": "ApplyTo" + "ConnectionRetryInterval": { + "markdownDescription": "The number of seconds to wait before retrying a connection to the CDN if the connection is lost.", + "title": "ConnectionRetryInterval", + "type": "number" }, - "CustomLabel": { - "markdownDescription": "The text for the axis label.", - "title": "CustomLabel", + "FilecacheDuration": { + "markdownDescription": "The size, in seconds, of the file cache for streaming outputs.", + "title": "FilecacheDuration", + "type": "number" + }, + "HttpTransferMode": { + "markdownDescription": "Specifies whether to use chunked transfer encoding to Akamai. To enable this feature, contact Akamai.", + "title": "HttpTransferMode", "type": "string" }, - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", - "markdownDescription": "The font configuration of the axis label.", - "title": "FontConfiguration" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.AxisLabelReferenceOptions": { - "additionalProperties": false, - "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that the axis label is targeted to.", - "title": "Column" + "NumRetries": { + "markdownDescription": "The number of retry attempts that will be made before the channel is put into an error state.", + "title": "NumRetries", + "type": "number" }, - "FieldId": { - "markdownDescription": "The field that the axis label is targeted to.", - "title": "FieldId", + "RestartDelay": { + "markdownDescription": "If a streaming output fails, the number of seconds to wait until a restart is initiated. A value of 0 means never restart.", + "title": "RestartDelay", + "type": "number" + }, + "Salt": { + "markdownDescription": "The salt for authenticated Akamai.", + "title": "Salt", + "type": "string" + }, + "Token": { + "markdownDescription": "The token parameter for authenticated Akamai. If this is not specified, _gda_ is used.", + "title": "Token", "type": "string" } }, - "required": [ - "Column", - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.AxisLinearScale": { + "AWS::MediaLive::Channel.HlsBasicPutSettings": { "additionalProperties": false, "properties": { - "StepCount": { - "markdownDescription": "The step count setup of a linear axis.", - "title": "StepCount", + "ConnectionRetryInterval": { + "markdownDescription": "The number of seconds to wait before retrying a connection to the CDN if the connection is lost.", + "title": "ConnectionRetryInterval", "type": "number" }, - "StepSize": { - "markdownDescription": "The step size setup of a linear axis.", - "title": "StepSize", + "FilecacheDuration": { + "markdownDescription": "The size, in seconds, of the file cache for streaming outputs.", + "title": "FilecacheDuration", "type": "number" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.AxisLogarithmicScale": { - "additionalProperties": false, - "properties": { - "Base": { - "markdownDescription": "The base setup of a logarithmic axis scale.", - "title": "Base", + }, + "NumRetries": { + "markdownDescription": "The number of retry attempts that MediaLive makes before the channel is put into an error state.", + "title": "NumRetries", "type": "number" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.AxisScale": { - "additionalProperties": false, - "properties": { - "Linear": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisLinearScale", - "markdownDescription": "The linear axis scale setup.", - "title": "Linear" }, - "Logarithmic": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisLogarithmicScale", - "markdownDescription": "The logarithmic axis scale setup.", - "title": "Logarithmic" + "RestartDelay": { + "markdownDescription": "If a streaming output fails, the number of seconds to wait until a restart is initiated. A value of 0 means never restart.", + "title": "RestartDelay", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.AxisTickLabelOptions": { + "AWS::MediaLive::Channel.HlsCdnSettings": { "additionalProperties": false, "properties": { - "LabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", - "markdownDescription": "Determines whether or not the axis ticks are visible.", - "title": "LabelOptions" + "HlsAkamaiSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.HlsAkamaiSettings", + "markdownDescription": "Sets up Akamai as the downstream system for the HLS output group.", + "title": "HlsAkamaiSettings" }, - "RotationAngle": { - "markdownDescription": "The rotation angle of the axis tick labels.", - "title": "RotationAngle", - "type": "number" + "HlsBasicPutSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.HlsBasicPutSettings", + "markdownDescription": "The settings for Basic Put for the HLS output.", + "title": "HlsBasicPutSettings" + }, + "HlsMediaStoreSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.HlsMediaStoreSettings", + "markdownDescription": "Sets up MediaStore as the destination for the HLS output.", + "title": "HlsMediaStoreSettings" + }, + "HlsS3Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.HlsS3Settings", + "markdownDescription": "Sets up Amazon S3 as the destination for this HLS output.", + "title": "HlsS3Settings" + }, + "HlsWebdavSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.HlsWebdavSettings", + "markdownDescription": "The settings for Web VTT captions in the HLS output group.\n\nThe parent of this entity is HlsGroupSettings.", + "title": "HlsWebdavSettings" } }, "type": "object" }, - "AWS::QuickSight::Analysis.BarChartAggregatedFieldWells": { + "AWS::MediaLive::Channel.HlsGroupSettings": { "additionalProperties": false, "properties": { - "Category": { + "AdMarkers": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + "type": "string" }, - "markdownDescription": "The category (y-axis) field well of a bar chart.", - "title": "Category", + "markdownDescription": "Chooses one or more ad marker types to pass SCTE35 signals through to this group of Apple HLS outputs.", + "title": "AdMarkers", "type": "array" }, - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The color (group/color) field well of a bar chart.", - "title": "Colors", - "type": "array" + "BaseUrlContent": { + "markdownDescription": "A partial URI prefix that will be prepended to each output in the media .m3u8 file. The partial URI prefix can be used if the base manifest is delivered from a different URL than the main .m3u8 file.", + "title": "BaseUrlContent", + "type": "string" }, - "SmallMultiples": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The small multiples field well of a bar chart.", - "title": "SmallMultiples", - "type": "array" + "BaseUrlContent1": { + "markdownDescription": "Optional. One value per output group. This field is required only if you are completing Base URL content A, and the downstream system has notified you that the media files for pipeline 1 of all outputs are in a location different from the media files for pipeline 0.", + "title": "BaseUrlContent1", + "type": "string" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The value field wells of a bar chart. Values are aggregated by category.", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.BarChartConfiguration": { - "additionalProperties": false, - "properties": { - "BarsArrangement": { - "markdownDescription": "Determines the arrangement of the bars. The orientation and arrangement of bars determine the type of bar that is used in the visual.", - "title": "BarsArrangement", + "BaseUrlManifest": { + "markdownDescription": "A partial URI prefix that will be prepended to each output in the media .m3u8 file. The partial URI prefix can be used if the base manifest is delivered from a different URL than the main .m3u8 file.", + "title": "BaseUrlManifest", "type": "string" }, - "CategoryAxis": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) for bar chart category.", - "title": "CategoryAxis" - }, - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a bar chart.", - "title": "CategoryLabelOptions" - }, - "ColorLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a color that is used in a bar chart.", - "title": "ColorLabelOptions" + "BaseUrlManifest1": { + "markdownDescription": "Optional. One value per output group. Complete this field only if you are completing Base URL manifest A, and the downstream system has notified you that the child manifest files for pipeline 1 of all outputs are in a location different from the child manifest files for pipeline 0.", + "title": "BaseUrlManifest1", + "type": "string" }, - "ContributionAnalysisDefaults": { + "CaptionLanguageMappings": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ContributionAnalysisDefault" + "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionLanguageMapping" }, - "markdownDescription": "The contribution analysis (anomaly configuration) setup of the visual.", - "title": "ContributionAnalysisDefaults", + "markdownDescription": "A mapping of up to 4 captions channels to captions languages. This is meaningful only if captionLanguageSetting is set to \"insert.\"", + "title": "CaptionLanguageMappings", "type": "array" }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.", - "title": "DataLabels" + "CaptionLanguageSetting": { + "markdownDescription": "Applies only to 608 embedded output captions. Insert: Include CLOSED-CAPTIONS lines in the manifest. Specify at least one language in the CC1 Language Code field. One CLOSED-CAPTION line is added for each Language Code that you specify. Make sure to specify the languages in the order in which they appear in the original source (if the source is embedded format) or the order of the captions selectors (if the source is other than embedded). Otherwise, languages in the manifest will not match properly with the output captions. None: Include the CLOSED-CAPTIONS=NONE line in the manifest. Omit: Omit any CLOSED-CAPTIONS line from the manifest.", + "title": "CaptionLanguageSetting", + "type": "string" }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BarChartFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" + "ClientCache": { + "markdownDescription": "When set to \"disabled,\" sets the #EXT-X-ALLOW-CACHE:no tag in the manifest, which prevents clients from saving media segments for later replay.", + "title": "ClientCache", + "type": "string" }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" + "CodecSpecification": { + "markdownDescription": "The specification to use (RFC-6381 or the default RFC-4281) during m3u8 playlist generation.", + "title": "CodecSpecification", + "type": "string" }, - "Orientation": { - "markdownDescription": "The orientation of the bars in a bar chart visual. There are two valid values in this structure:\n\n- `HORIZONTAL` : Used for charts that have horizontal bars. Visuals that use this value are horizontal bar charts, horizontal stacked bar charts, and horizontal stacked 100% bar charts.\n- `VERTICAL` : Used for charts that have vertical bars. Visuals that use this value are vertical bar charts, vertical stacked bar charts, and vertical stacked 100% bar charts.", - "title": "Orientation", + "ConstantIv": { + "markdownDescription": "Used with encryptionType. This is a 128-bit, 16-byte hex value that is represented by a 32-character text string. If ivSource is set to \"explicit,\" this parameter is required and is used as the IV for encryption.", + "title": "ConstantIv", "type": "string" }, - "ReferenceLines": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLine" - }, - "markdownDescription": "The reference line setup of the visual.", - "title": "ReferenceLines", - "type": "array" + "Destination": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", + "markdownDescription": "A directory or HTTP destination for the HLS segments, manifest files, and encryption keys (if enabled).", + "title": "Destination" }, - "SmallMultiplesOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SmallMultiplesOptions", - "markdownDescription": "The small multiples setup for the visual.", - "title": "SmallMultiplesOptions" + "DirectoryStructure": { + "markdownDescription": "Places segments in subdirectories.", + "title": "DirectoryStructure", + "type": "string" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BarChartSortConfiguration", - "markdownDescription": "The sort configuration of a `BarChartVisual` .", - "title": "SortConfiguration" + "DiscontinuityTags": { + "markdownDescription": "Specifies whether to insert EXT-X-DISCONTINUITY tags in the HLS child manifests for this output group.\nTypically, choose Insert because these tags are required in the manifest (according to the HLS specification) and serve an important purpose.\nChoose Never Insert only if the downstream system is doing real-time failover (without using the MediaLive automatic failover feature) and only if that downstream system has advised you to exclude the tags.", + "title": "DiscontinuityTags", + "type": "string" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" + "EncryptionType": { + "markdownDescription": "Encrypts the segments with the specified encryption scheme. Exclude this parameter if you don't want encryption.", + "title": "EncryptionType", + "type": "string" }, - "ValueAxis": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) for a bar chart value.", - "title": "ValueAxis" + "HlsCdnSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.HlsCdnSettings", + "markdownDescription": "The parameters that control interactions with the CDN.", + "title": "HlsCdnSettings" }, - "ValueLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a bar chart value.", - "title": "ValueLabelOptions" + "HlsId3SegmentTagging": { + "markdownDescription": "State of HLS ID3 Segment Tagging", + "title": "HlsId3SegmentTagging", + "type": "string" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.BarChartFieldWells": { - "additionalProperties": false, - "properties": { - "BarChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BarChartAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a bar chart.", - "title": "BarChartAggregatedFieldWells" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.BarChartSortConfiguration": { - "additionalProperties": false, - "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of categories displayed in a bar chart.", - "title": "CategoryItemsLimit" + "IFrameOnlyPlaylists": { + "markdownDescription": "DISABLED: Don't create an I-frame-only manifest, but do create the master and media manifests (according to the Output Selection field). STANDARD: Create an I-frame-only manifest for each output that contains video, as well as the other manifests (according to the Output Selection field). The I-frame manifest contains a #EXT-X-I-FRAMES-ONLY tag to indicate it is I-frame only, and one or more #EXT-X-BYTERANGE entries identifying the I-frame position. For example, #EXT-X-BYTERANGE:160364@1461888\".", + "title": "IFrameOnlyPlaylists", + "type": "string" }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of category fields.", - "title": "CategorySort", - "type": "array" + "IncompleteSegmentBehavior": { + "markdownDescription": "Specifies whether to include the final (incomplete) segment in the media output when the pipeline stops producing output because of a channel stop, a channel pause or a loss of input to the pipeline.\nAuto means that MediaLive decides whether to include the final segment, depending on the channel class and the types of output groups.\nSuppress means to never include the incomplete segment. We recommend you choose Auto and let MediaLive control the behavior.", + "title": "IncompleteSegmentBehavior", + "type": "string" }, - "ColorItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of values displayed in a bar chart.", - "title": "ColorItemsLimit" + "IndexNSegments": { + "markdownDescription": "Applies only if the Mode field is LIVE. Specifies the maximum number of segments in the media manifest file. After this maximum, older segments are removed from the media manifest. This number must be less than or equal to the Keep Segments field.", + "title": "IndexNSegments", + "type": "number" }, - "ColorSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of color fields in a bar chart.", - "title": "ColorSort", - "type": "array" + "InputLossAction": { + "markdownDescription": "A parameter that controls output group behavior on an input loss.", + "title": "InputLossAction", + "type": "string" }, - "SmallMultiplesLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of small multiples panels that are displayed.", - "title": "SmallMultiplesLimitConfiguration" + "IvInManifest": { + "markdownDescription": "Used with encryptionType. The IV (initialization vector) is a 128-bit number used in conjunction with the key for encrypting blocks. If set to \"include,\" the IV is listed in the manifest. Otherwise, the IV is not in the manifest.", + "title": "IvInManifest", + "type": "string" }, - "SmallMultiplesSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the small multiples field.", - "title": "SmallMultiplesSort", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.BarChartVisual": { - "additionalProperties": false, - "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "IvSource": { + "markdownDescription": "Used with encryptionType. The IV (initialization vector) is a 128-bit number used in conjunction with the key for encrypting blocks. If this setting is \"followsSegmentNumber,\" it causes the IV to change every segment (to match the segment number). If this is set to \"explicit,\" you must enter a constantIv value.", + "title": "IvSource", + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BarChartConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "KeepSegments": { + "markdownDescription": "Applies only if the Mode field is LIVE. Specifies the number of media segments (.ts files) to retain in the destination directory.", + "title": "KeepSegments", + "type": "number" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "KeyFormat": { + "markdownDescription": "Specifies how the key is represented in the resource identified by the URI. If the parameter is absent, an implicit value of \"identity\" is used. A reverse DNS string can also be specified.", + "title": "KeyFormat", + "type": "string" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "KeyFormatVersions": { + "markdownDescription": "Either a single positive integer version value or a slash-delimited list of version values (1/2/3).", + "title": "KeyFormatVersions", + "type": "string" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "KeyProviderSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.KeyProviderSettings", + "markdownDescription": "The key provider settings.", + "title": "KeyProviderSettings" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "ManifestCompression": { + "markdownDescription": "When set to gzip, compresses HLS playlist.", + "title": "ManifestCompression", "type": "string" - } - }, - "required": [ - "VisualId" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.BinCountOptions": { - "additionalProperties": false, - "properties": { - "Value": { - "markdownDescription": "The options that determine the bin count value.", - "title": "Value", - "type": "number" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.BinWidthOptions": { - "additionalProperties": false, - "properties": { - "BinCountLimit": { - "markdownDescription": "The options that determine the bin count limit.", - "title": "BinCountLimit", - "type": "number" }, - "Value": { - "markdownDescription": "The options that determine the bin width value.", - "title": "Value", + "ManifestDurationFormat": { + "markdownDescription": "Indicates whether the output manifest should use a floating point or integer values for segment duration.", + "title": "ManifestDurationFormat", + "type": "string" + }, + "MinSegmentLength": { + "markdownDescription": "When set, minimumSegmentLength is enforced by looking ahead and back within the specified range for a nearby avail and extending the segment size if needed.", + "title": "MinSegmentLength", "type": "number" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.BodySectionConfiguration": { - "additionalProperties": false, - "properties": { - "Content": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BodySectionContent", - "markdownDescription": "The configuration of content in a body section.", - "title": "Content" }, - "PageBreakConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionPageBreakConfiguration", - "markdownDescription": "The configuration of a page break for a section.", - "title": "PageBreakConfiguration" + "Mode": { + "markdownDescription": "If \"vod,\" all segments are indexed and kept permanently in the destination and manifest. If \"live,\" only the number segments specified in keepSegments and indexNSegments are kept. Newer segments replace older segments, which might prevent players from rewinding all the way to the beginning of the channel. VOD mode uses HLS EXT-X-PLAYLIST-TYPE of EVENT while the channel is running, converting it to a \"VOD\" type manifest on completion of the stream.", + "title": "Mode", + "type": "string" }, - "SectionId": { - "markdownDescription": "The unique identifier of a body section.", - "title": "SectionId", + "OutputSelection": { + "markdownDescription": "MANIFESTSANDSEGMENTS: Generates manifests (the master manifest, if applicable, and media manifests) for this output group. SEGMENTSONLY: Doesn't generate any manifests for this output group.", + "title": "OutputSelection", "type": "string" }, - "Style": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionStyle", - "markdownDescription": "The style options of a body section.", - "title": "Style" - } - }, - "required": [ - "Content", - "SectionId" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.BodySectionContent": { - "additionalProperties": false, - "properties": { - "Layout": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionLayoutConfiguration", - "markdownDescription": "The layout configuration of a body section.", - "title": "Layout" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.BoxPlotAggregatedFieldWells": { - "additionalProperties": false, - "properties": { - "GroupBy": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The group by field well of a box plot chart. Values are grouped based on group by fields.", - "title": "GroupBy", - "type": "array" + "ProgramDateTime": { + "markdownDescription": "Includes or excludes the EXT-X-PROGRAM-DATE-TIME tag in .m3u8 manifest files. The value is calculated as follows: Either the program date and time are initialized using the input timecode source, or the time is initialized using the input timecode source and the date is initialized using the timestampOffset.", + "title": "ProgramDateTime", + "type": "string" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The value field well of a box plot chart. Values are aggregated based on group by fields.", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.BoxPlotChartConfiguration": { - "additionalProperties": false, - "properties": { - "BoxPlotOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotOptions", - "markdownDescription": "The box plot chart options for a box plot visual", - "title": "BoxPlotOptions" + "ProgramDateTimeClock": { + "markdownDescription": "Specifies the algorithm used to drive the HLS EXT-X-PROGRAM-DATE-TIME clock. Options include: INITIALIZE_FROM_OUTPUT_TIMECODE: The PDT clock is initialized as a function of the first output timecode, then incremented by the EXTINF duration of each encoded segment. SYSTEM_CLOCK: The PDT clock is initialized as a function of the UTC wall clock, then incremented by the EXTINF duration of each encoded segment. If the PDT clock diverges from the wall clock by more than 500ms, it is resynchronized to the wall clock.", + "title": "ProgramDateTimeClock", + "type": "string" }, - "CategoryAxis": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) of a box plot category.", - "title": "CategoryAxis" + "ProgramDateTimePeriod": { + "markdownDescription": "The period of insertion of the EXT-X-PROGRAM-DATE-TIME entry, in seconds.", + "title": "ProgramDateTimePeriod", + "type": "number" }, - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort Icon visibility) of a box plot category.", - "title": "CategoryLabelOptions" + "RedundantManifest": { + "markdownDescription": "ENABLED: The master manifest (.m3u8 file) for each pipeline includes information about both pipelines: first its own media files, then the media files of the other pipeline. This feature allows a playout device that supports stale manifest detection to switch from one manifest to the other, when the current manifest seems to be stale. There are still two destinations and two master manifests, but both master manifests reference the media files from both pipelines. DISABLED: The master manifest (.m3u8 file) for each pipeline includes information about its own pipeline only. For an HLS output group with MediaPackage as the destination, the DISABLED behavior is always followed. MediaPackage regenerates the manifests it serves to players, so a redundant manifest from MediaLive is irrelevant.", + "title": "RedundantManifest", + "type": "string" }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" + "SegmentLength": { + "markdownDescription": "The length of the MPEG-2 Transport Stream segments to create, in seconds. Note that segments will end on the next keyframe after this number of seconds, so the actual segment length might be longer.", + "title": "SegmentLength", + "type": "number" }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", - "markdownDescription": "", - "title": "Legend" + "SegmentationMode": { + "markdownDescription": "useInputSegmentation has been deprecated. The configured segment size is always used.", + "title": "SegmentationMode", + "type": "string" }, - "PrimaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) of a box plot category.", - "title": "PrimaryYAxisDisplayOptions" + "SegmentsPerSubdirectory": { + "markdownDescription": "The number of segments to write to a subdirectory before starting a new one. For this setting to have an effect, directoryStructure must be subdirectoryPerStream.", + "title": "SegmentsPerSubdirectory", + "type": "number" }, - "PrimaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort icon visibility) of a box plot value.", - "title": "PrimaryYAxisLabelOptions" + "StreamInfResolution": { + "markdownDescription": "The include or exclude RESOLUTION attribute for a video in the EXT-X-STREAM-INF tag of a variant manifest.", + "title": "StreamInfResolution", + "type": "string" }, - "ReferenceLines": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLine" - }, - "markdownDescription": "The reference line setup of the visual.", - "title": "ReferenceLines", - "type": "array" + "TimedMetadataId3Frame": { + "markdownDescription": "Indicates the ID3 frame that has the timecode.", + "title": "TimedMetadataId3Frame", + "type": "string" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotSortConfiguration", - "markdownDescription": "The sort configuration of a `BoxPlotVisual` .", - "title": "SortConfiguration" + "TimedMetadataId3Period": { + "markdownDescription": "The timed metadata interval, in seconds.", + "title": "TimedMetadataId3Period", + "type": "number" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" + "TimestampDeltaMilliseconds": { + "markdownDescription": "Provides an extra millisecond delta offset to fine tune the timestamps.", + "title": "TimestampDeltaMilliseconds", + "type": "number" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" + "TsFileMode": { + "markdownDescription": "SEGMENTEDFILES: Emits the program as segments -multiple .ts media files. SINGLEFILE: Applies only if the Mode field is VOD. Emits the program as a single .ts media file. The media manifest includes #EXT-X-BYTERANGE tags to index segments for playback. A typical use for this value is when sending the output to AWS Elemental MediaConvert, which can accept only a single media file. Playback while the channel is running is not guaranteed due to HTTP server caching.", + "title": "TsFileMode", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.BoxPlotFieldWells": { + "AWS::MediaLive::Channel.HlsInputSettings": { "additionalProperties": false, "properties": { - "BoxPlotAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a box plot.", - "title": "BoxPlotAggregatedFieldWells" + "Bandwidth": { + "markdownDescription": "When specified, the HLS stream with the m3u8 bandwidth that most closely matches this value is chosen. Otherwise, the highest bandwidth stream in the m3u8 is chosen. The bitrate is specified in bits per second, as in an HLS manifest.", + "title": "Bandwidth", + "type": "number" + }, + "BufferSegments": { + "markdownDescription": "When specified, reading of the HLS input begins this many buffer segments from the end (most recently written segment). When not specified, the HLS input begins with the first segment specified in the m3u8.", + "title": "BufferSegments", + "type": "number" + }, + "Retries": { + "markdownDescription": "The number of consecutive times that attempts to read a manifest or segment must fail before the input is considered unavailable.", + "title": "Retries", + "type": "number" + }, + "RetryInterval": { + "markdownDescription": "The number of seconds between retries when an attempt to read a manifest or segment fails.", + "title": "RetryInterval", + "type": "number" + }, + "Scte35Source": { + "markdownDescription": "Identifies the source for the SCTE-35 messages that MediaLive will ingest. Messages can be ingested from the content segments (in the stream) or from tags in the playlist (the HLS manifest). MediaLive ignores SCTE-35 information in the source that is not selected.", + "title": "Scte35Source", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.BoxPlotOptions": { + "AWS::MediaLive::Channel.HlsMediaStoreSettings": { "additionalProperties": false, "properties": { - "AllDataPointsVisibility": { - "markdownDescription": "Determines the visibility of all data points of the box plot.", - "title": "AllDataPointsVisibility", - "type": "string" + "ConnectionRetryInterval": { + "markdownDescription": "The number of seconds to wait before retrying a connection to the CDN if the connection is lost.", + "title": "ConnectionRetryInterval", + "type": "number" }, - "OutlierVisibility": { - "markdownDescription": "Determines the visibility of the outlier in a box plot.", - "title": "OutlierVisibility", + "FilecacheDuration": { + "markdownDescription": "The size, in seconds, of the file cache for streaming outputs.", + "title": "FilecacheDuration", + "type": "number" + }, + "MediaStoreStorageClass": { + "markdownDescription": "When set to temporal, output files are stored in non-persistent memory for faster reading and writing.", + "title": "MediaStoreStorageClass", "type": "string" }, - "StyleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotStyleOptions", - "markdownDescription": "The style options of the box plot.", - "title": "StyleOptions" + "NumRetries": { + "markdownDescription": "The number of retry attempts that are made before the channel is put into an error state.", + "title": "NumRetries", + "type": "number" + }, + "RestartDelay": { + "markdownDescription": "If a streaming output fails, the number of seconds to wait until a restart is initiated. A value of 0 means never restart.", + "title": "RestartDelay", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.BoxPlotSortConfiguration": { + "AWS::MediaLive::Channel.HlsOutputSettings": { "additionalProperties": false, "properties": { - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of a group by fields.", - "title": "CategorySort", - "type": "array" + "H265PackagingType": { + "markdownDescription": "Only applicable when this output is referencing an H.265 video description.\nSpecifies whether MP4 segments should be packaged as HEV1 or HVC1.", + "title": "H265PackagingType", + "type": "string" }, - "PaginationConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PaginationConfiguration", - "markdownDescription": "The pagination configuration of a table visual or box plot.", - "title": "PaginationConfiguration" + "HlsSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.HlsSettings", + "markdownDescription": "The settings regarding the underlying stream. These settings are different for audio-only outputs.", + "title": "HlsSettings" + }, + "NameModifier": { + "markdownDescription": "A string that is concatenated to the end of the destination file name. Accepts \\\"Format Identifiers\\\":#formatIdentifierParameters.", + "title": "NameModifier", + "type": "string" + }, + "SegmentModifier": { + "markdownDescription": "A string that is concatenated to the end of segment file names.", + "title": "SegmentModifier", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.BoxPlotStyleOptions": { + "AWS::MediaLive::Channel.HlsS3Settings": { "additionalProperties": false, "properties": { - "FillStyle": { - "markdownDescription": "The fill styles (solid, transparent) of the box plot.", - "title": "FillStyle", + "CannedAcl": { + "markdownDescription": "Specify the canned ACL to apply to each S3 request. Defaults to none.", + "title": "CannedAcl", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.BoxPlotVisual": { + "AWS::MediaLive::Channel.HlsSettings": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotChartConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" - }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "AudioOnlyHlsSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioOnlyHlsSettings", + "markdownDescription": "The settings for an audio-only output.", + "title": "AudioOnlyHlsSettings" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Fmp4HlsSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Fmp4HlsSettings", + "markdownDescription": "The settings for an fMP4 container.", + "title": "Fmp4HlsSettings" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "FrameCaptureHlsSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.FrameCaptureHlsSettings", + "markdownDescription": "Settings for a frame capture output in an HLS output group.", + "title": "FrameCaptureHlsSettings" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", - "type": "string" + "StandardHlsSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.StandardHlsSettings", + "markdownDescription": "The settings for a standard output (an output that is not audio-only).", + "title": "StandardHlsSettings" } }, - "required": [ - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.CalculatedField": { + "AWS::MediaLive::Channel.HlsWebdavSettings": { "additionalProperties": false, "properties": { - "DataSetIdentifier": { - "markdownDescription": "The data set that is used in this calculated field.", - "title": "DataSetIdentifier", - "type": "string" + "ConnectionRetryInterval": { + "markdownDescription": "The number of seconds to wait before retrying a connection to the CDN if the connection is lost.", + "title": "ConnectionRetryInterval", + "type": "number" }, - "Expression": { - "markdownDescription": "The expression of the calculated field.", - "title": "Expression", - "type": "string" + "FilecacheDuration": { + "markdownDescription": "The size, in seconds, of the file cache for streaming outputs.", + "title": "FilecacheDuration", + "type": "number" }, - "Name": { - "markdownDescription": "The name of the calculated field.", - "title": "Name", + "HttpTransferMode": { + "markdownDescription": "Specifies whether to use chunked transfer encoding to WebDAV.", + "title": "HttpTransferMode", "type": "string" + }, + "NumRetries": { + "markdownDescription": "The number of retry attempts that are made before the channel is put into an error state.", + "title": "NumRetries", + "type": "number" + }, + "RestartDelay": { + "markdownDescription": "If a streaming output fails, the number of seconds to wait until a restart is initiated. A value of 0 means never restart.", + "title": "RestartDelay", + "type": "number" } }, - "required": [ - "DataSetIdentifier", - "Expression", - "Name" - ], "type": "object" }, - "AWS::QuickSight::Analysis.CalculatedMeasureField": { + "AWS::MediaLive::Channel.HtmlMotionGraphicsSettings": { "additionalProperties": false, - "properties": { - "Expression": { - "markdownDescription": "The expression in the table calculation.", - "title": "Expression", - "type": "string" - }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", - "type": "string" - } - }, - "required": [ - "Expression", - "FieldId" - ], + "properties": {}, "type": "object" }, - "AWS::QuickSight::Analysis.CascadingControlConfiguration": { + "AWS::MediaLive::Channel.InputAttachment": { "additionalProperties": false, "properties": { - "SourceControls": { + "AutomaticInputFailoverSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AutomaticInputFailoverSettings", + "markdownDescription": "Settings to implement automatic input failover in this input.", + "title": "AutomaticInputFailoverSettings" + }, + "InputAttachmentName": { + "markdownDescription": "A name for the attachment. This is required if you want to use this input in an input switch action.", + "title": "InputAttachmentName", + "type": "string" + }, + "InputId": { + "markdownDescription": "The ID of the input to attach.", + "title": "InputId", + "type": "string" + }, + "InputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InputSettings", + "markdownDescription": "Information about the content to extract from the input and about the general handling of the content.", + "title": "InputSettings" + }, + "LogicalInterfaceNames": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CascadingControlSource" + "type": "string" }, - "markdownDescription": "A list of source controls that determine the values that are used in the current control.", - "title": "SourceControls", + "markdownDescription": "", + "title": "LogicalInterfaceNames", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.CascadingControlSource": { + "AWS::MediaLive::Channel.InputChannelLevel": { "additionalProperties": false, "properties": { - "ColumnToMatch": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column identifier that determines which column to look up for the source sheet control.", - "title": "ColumnToMatch" + "Gain": { + "markdownDescription": "The remixing value. Units are in dB, and acceptable values are within the range from -60 (mute) to 6 dB.", + "title": "Gain", + "type": "number" }, - "SourceSheetControlId": { - "markdownDescription": "The source sheet control ID of a `CascadingControlSource` .", - "title": "SourceSheetControlId", - "type": "string" + "InputChannel": { + "markdownDescription": "The index of the input channel that is used as a source.", + "title": "InputChannel", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.CategoricalDimensionField": { + "AWS::MediaLive::Channel.InputLocation": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that is used in the `CategoricalDimensionField` .", - "title": "Column" - }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "PasswordParam": { + "markdownDescription": "The password parameter that holds the password for accessing the downstream system. This applies only if the downstream system requires credentials.", + "title": "PasswordParam", "type": "string" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.StringFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" + "Uri": { + "markdownDescription": "The URI should be a path to a file that is accessible to the Live system (for example, an http:// URI) depending on the output type. For example, an RTMP destination should have a URI similar to rtmp://fmsserver/live.", + "title": "Uri", + "type": "string" }, - "HierarchyId": { - "markdownDescription": "The custom hierarchy ID.", - "title": "HierarchyId", + "Username": { + "markdownDescription": "The user name to connect to the downstream system. This applies only if the downstream system requires credentials.", + "title": "Username", "type": "string" } }, - "required": [ - "Column", - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.CategoricalMeasureField": { + "AWS::MediaLive::Channel.InputLossBehavior": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "markdownDescription": "The aggregation function of the measure field.", - "title": "AggregationFunction", + "BlackFrameMsec": { + "markdownDescription": "On input loss, the number of milliseconds to substitute black into the output before switching to the frame specified by inputLossImageType. A value x, where 0 <= x <= 1,000,000 and a value of 1,000,000, is interpreted as infinite.", + "title": "BlackFrameMsec", + "type": "number" + }, + "InputLossImageColor": { + "markdownDescription": "When the input loss image type is \"color,\" this field specifies the color to use. Value: 6 hex characters that represent the values of RGB.", + "title": "InputLossImageColor", "type": "string" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that is used in the `CategoricalMeasureField` .", - "title": "Column" + "InputLossImageSlate": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", + "markdownDescription": "When the input loss image type is \"slate,\" these fields specify the parameters for accessing the slate.", + "title": "InputLossImageSlate" }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "InputLossImageType": { + "markdownDescription": "Indicates whether to substitute a solid color or a slate into the output after the input loss exceeds blackFrameMsec.", + "title": "InputLossImageType", "type": "string" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.StringFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" + "RepeatFrameMsec": { + "markdownDescription": "On input loss, the number of milliseconds to repeat the previous picture before substituting black into the output. A value x, where 0 <= x <= 1,000,000 and a value of 1,000,000, is interpreted as infinite.", + "title": "RepeatFrameMsec", + "type": "number" } }, - "required": [ - "Column", - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.CategoryDrillDownFilter": { + "AWS::MediaLive::Channel.InputLossFailoverSettings": { "additionalProperties": false, "properties": { - "CategoryValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the string inputs that are the values of the category drill down filter.", - "title": "CategoryValues", - "type": "array" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" + "InputLossThresholdMsec": { + "markdownDescription": "The amount of time (in milliseconds) that no input is detected. After that time, an input failover will occur.", + "title": "InputLossThresholdMsec", + "type": "number" } }, - "required": [ - "CategoryValues", - "Column" - ], "type": "object" }, - "AWS::QuickSight::Analysis.CategoryFilter": { + "AWS::MediaLive::Channel.InputSettings": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" + "AudioSelectors": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioSelector" + }, + "markdownDescription": "Information about the specific audio to extract from the input.\n\nThe parent of this entity is InputSettings.", + "title": "AudioSelectors", + "type": "array" }, - "Configuration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CategoryFilterConfiguration", - "markdownDescription": "The configuration for a `CategoryFilter` .", - "title": "Configuration" + "CaptionSelectors": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionSelector" + }, + "markdownDescription": "Information about the specific captions to extract from the input.", + "title": "CaptionSelectors", + "type": "array" }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" + "DeblockFilter": { + "markdownDescription": "Enables or disables the deblock filter when filtering.", + "title": "DeblockFilter", + "type": "string" }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", + "DenoiseFilter": { + "markdownDescription": "Enables or disables the denoise filter when filtering.", + "title": "DenoiseFilter", "type": "string" - } - }, - "required": [ - "Column", - "Configuration", - "FilterId" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.CategoryFilterConfiguration": { - "additionalProperties": false, - "properties": { - "CustomFilterConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomFilterConfiguration", - "markdownDescription": "A custom filter that filters based on a single value. This filter can be partially matched.", - "title": "CustomFilterConfiguration" }, - "CustomFilterListConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomFilterListConfiguration", - "markdownDescription": "A list of custom filter values. In the Amazon QuickSight console, this filter type is called a custom filter list.", - "title": "CustomFilterListConfiguration" + "FilterStrength": { + "markdownDescription": "Adjusts the magnitude of filtering from 1 (minimal) to 5 (strongest).", + "title": "FilterStrength", + "type": "number" }, - "FilterListConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterListConfiguration", - "markdownDescription": "A list of filter configurations. In the Amazon QuickSight console, this filter type is called a filter list.", - "title": "FilterListConfiguration" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.ChartAxisLabelOptions": { - "additionalProperties": false, - "properties": { - "AxisLabelOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisLabelOptions" - }, - "markdownDescription": "The label options for a chart axis.", - "title": "AxisLabelOptions", - "type": "array" + "InputFilter": { + "markdownDescription": "Turns on the filter for this input. MPEG-2 inputs have the deblocking filter enabled by default. 1) auto - filtering is applied depending on input type/quality 2) disabled - no filtering is applied to the input 3) forced - filtering is applied regardless of the input type.", + "title": "InputFilter", + "type": "string" }, - "SortIconVisibility": { - "markdownDescription": "The visibility configuration of the sort icon on a chart's axis label.", - "title": "SortIconVisibility", + "NetworkInputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.NetworkInputSettings", + "markdownDescription": "Information about how to connect to the upstream system.", + "title": "NetworkInputSettings" + }, + "Scte35Pid": { + "markdownDescription": "", + "title": "Scte35Pid", + "type": "number" + }, + "Smpte2038DataPreference": { + "markdownDescription": "Specifies whether to extract applicable ancillary data from a SMPTE-2038 source in this input. Applicable data types are captions, timecode, AFD, and SCTE-104 messages.\n- PREFER: Extract from SMPTE-2038 if present in this input, otherwise extract from another source (if any).\n- IGNORE: Never extract any ancillary data from SMPTE-2038.", + "title": "Smpte2038DataPreference", "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of an axis label on a chart. Choose one of the following options:\n\n- `VISIBLE` : Shows the axis.\n- `HIDDEN` : Hides the axis.", - "title": "Visibility", + "SourceEndBehavior": { + "markdownDescription": "The loop input if it is a file.", + "title": "SourceEndBehavior", "type": "string" + }, + "VideoSelector": { + "$ref": "#/definitions/AWS::MediaLive::Channel.VideoSelector", + "markdownDescription": "Information about one video to extract from the input.", + "title": "VideoSelector" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ClusterMarker": { - "additionalProperties": false, - "properties": { - "SimpleClusterMarker": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SimpleClusterMarker", - "markdownDescription": "The simple cluster marker of the cluster marker.", - "title": "SimpleClusterMarker" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.ClusterMarkerConfiguration": { - "additionalProperties": false, - "properties": { - "ClusterMarker": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ClusterMarker", - "markdownDescription": "The cluster marker that is a part of the cluster marker configuration.", - "title": "ClusterMarker" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.ColorScale": { + "AWS::MediaLive::Channel.InputSpecification": { "additionalProperties": false, "properties": { - "ColorFillType": { - "markdownDescription": "Determines the color fill type.", - "title": "ColorFillType", + "Codec": { + "markdownDescription": "The codec to include in the input specification for this channel.", + "title": "Codec", "type": "string" }, - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataColor" - }, - "markdownDescription": "Determines the list of colors that are applied to the visual.", - "title": "Colors", - "type": "array" + "MaximumBitrate": { + "markdownDescription": "The maximum input bitrate for any input attached to this channel.", + "title": "MaximumBitrate", + "type": "string" }, - "NullValueColor": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataColor", - "markdownDescription": "Determines the color that is applied to null values.", - "title": "NullValueColor" + "Resolution": { + "markdownDescription": "The resolution for any input attached to this channel.", + "title": "Resolution", + "type": "string" } }, - "required": [ - "ColorFillType", - "Colors" - ], "type": "object" }, - "AWS::QuickSight::Analysis.ColorsConfiguration": { + "AWS::MediaLive::Channel.KeyProviderSettings": { "additionalProperties": false, "properties": { - "CustomColors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomColor" - }, - "markdownDescription": "A list of up to 50 custom colors.", - "title": "CustomColors", - "type": "array" + "StaticKeySettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.StaticKeySettings", + "markdownDescription": "The configuration of static key settings.", + "title": "StaticKeySettings" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ColumnConfiguration": { + "AWS::MediaLive::Channel.M2tsSettings": { "additionalProperties": false, "properties": { - "ColorsConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColorsConfiguration", - "markdownDescription": "The color configurations of the column.", - "title": "ColorsConfiguration" + "AbsentInputAudioBehavior": { + "markdownDescription": "When set to drop, the output audio streams are removed from the program if the selected input audio stream is removed from the input. This allows the output audio configuration to dynamically change based on the input configuration. If this is set to encodeSilence, all output audio streams will output encoded silence when not connected to an active input stream.", + "title": "AbsentInputAudioBehavior", + "type": "string" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column.", - "title": "Column" + "Arib": { + "markdownDescription": "When set to enabled, uses ARIB-compliant field muxing and removes video descriptor.", + "title": "Arib", + "type": "string" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FormatConfiguration", - "markdownDescription": "The format configuration of a column.", - "title": "FormatConfiguration" + "AribCaptionsPid": { + "markdownDescription": "The PID for ARIB Captions in the transport stream. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", + "title": "AribCaptionsPid", + "type": "string" }, - "Role": { - "markdownDescription": "The role of the column.", - "title": "Role", + "AribCaptionsPidControl": { + "markdownDescription": "If set to auto, The PID number used for ARIB Captions will be auto-selected from unused PIDs. If set to useConfigured, ARIB captions will be on the configured PID number.", + "title": "AribCaptionsPidControl", "type": "string" - } - }, - "required": [ - "Column" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.ColumnHierarchy": { - "additionalProperties": false, - "properties": { - "DateTimeHierarchy": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeHierarchy", - "markdownDescription": "The option that determines the hierarchy of any `DateTime` fields.", - "title": "DateTimeHierarchy" }, - "ExplicitHierarchy": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ExplicitHierarchy", - "markdownDescription": "The option that determines the hierarchy of the fields that are built within a visual's field wells. These fields can't be duplicated to other visuals.", - "title": "ExplicitHierarchy" + "AudioBufferModel": { + "markdownDescription": "When set to dvb, uses the DVB buffer model for Dolby Digital audio. When set to atsc, the ATSC model is used.", + "title": "AudioBufferModel", + "type": "string" }, - "PredefinedHierarchy": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PredefinedHierarchy", - "markdownDescription": "The option that determines the hierarchy of the fields that are defined during data preparation. These fields are available to use in any analysis that uses the data source.", - "title": "PredefinedHierarchy" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.ColumnIdentifier": { - "additionalProperties": false, - "properties": { - "ColumnName": { - "markdownDescription": "The name of the column.", - "title": "ColumnName", + "AudioFramesPerPes": { + "markdownDescription": "The number of audio frames to insert for each PES packet.", + "title": "AudioFramesPerPes", + "type": "number" + }, + "AudioPids": { + "markdownDescription": "The PID of the elementary audio streams in the transport stream. Multiple values are accepted, and can be entered in ranges or by comma separation. You can enter the value as a decimal or hexadecimal value. Each PID specified must be in the range of 32 (or 0x20)..8182 (or 0x1ff6).", + "title": "AudioPids", "type": "string" }, - "DataSetIdentifier": { - "markdownDescription": "The data set that the column belongs to.", - "title": "DataSetIdentifier", + "AudioStreamType": { + "markdownDescription": "When set to atsc, uses stream type = 0x81 for AC3 and stream type = 0x87 for EAC3. When set to dvb, uses stream type = 0x06.", + "title": "AudioStreamType", "type": "string" - } - }, - "required": [ - "ColumnName", - "DataSetIdentifier" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.ColumnSort": { - "additionalProperties": false, - "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationFunction", - "markdownDescription": "The aggregation function that is defined in the column sort.", - "title": "AggregationFunction" }, - "Direction": { - "markdownDescription": "The sort direction.", - "title": "Direction", + "Bitrate": { + "markdownDescription": "The output bitrate of the transport stream in bits per second. Setting to 0 lets the muxer automatically determine the appropriate bitrate.", + "title": "Bitrate", + "type": "number" + }, + "BufferModel": { + "markdownDescription": "If set to multiplex, uses the multiplex buffer model for accurate interleaving. Setting to bufferModel to none can lead to lower latency, but low-memory devices might not be able to play back the stream without interruptions.", + "title": "BufferModel", "type": "string" }, - "SortBy": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "", - "title": "SortBy" - } - }, - "required": [ - "Direction", - "SortBy" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.ColumnTooltipItem": { - "additionalProperties": false, - "properties": { - "Aggregation": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationFunction", - "markdownDescription": "The aggregation function of the column tooltip item.", - "title": "Aggregation" + "CcDescriptor": { + "markdownDescription": "When set to enabled, generates captionServiceDescriptor in PMT.", + "title": "CcDescriptor", + "type": "string" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The target column of the tooltip item.", - "title": "Column" + "DvbNitSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.DvbNitSettings", + "markdownDescription": "Inserts a DVB Network Information Table (NIT) at the specified table repetition interval.", + "title": "DvbNitSettings" }, - "Label": { - "markdownDescription": "The label of the tooltip item.", - "title": "Label", + "DvbSdtSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.DvbSdtSettings", + "markdownDescription": "Inserts a DVB Service Description Table (SDT) at the specified table repetition interval.", + "title": "DvbSdtSettings" + }, + "DvbSubPids": { + "markdownDescription": "The PID for the input source DVB Subtitle data to this output. Multiple values are accepted, and can be entered in ranges and/or by comma separation. You can enter the value as a decimal or hexadecimal value. Each PID specified must be in the range of 32 (or 0x20)..8182 (or 0x1ff6).", + "title": "DvbSubPids", "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the tooltip item.", - "title": "Visibility", + "DvbTdtSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.DvbTdtSettings", + "markdownDescription": "Inserts DVB Time and Date Table (TDT) at the specified table repetition interval.", + "title": "DvbTdtSettings" + }, + "DvbTeletextPid": { + "markdownDescription": "The PID for the input source DVB Teletext data to this output. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", + "title": "DvbTeletextPid", "type": "string" - } - }, - "required": [ - "Column" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.ComboChartAggregatedFieldWells": { - "additionalProperties": false, - "properties": { - "BarValues": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The aggregated `BarValues` field well of a combo chart.", - "title": "BarValues", - "type": "array" }, - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The aggregated category field wells of a combo chart.", - "title": "Category", - "type": "array" + "Ebif": { + "markdownDescription": "If set to passthrough, passes any EBIF data from the input source to this output.", + "title": "Ebif", + "type": "string" }, - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The aggregated colors field well of a combo chart.", - "title": "Colors", - "type": "array" + "EbpAudioInterval": { + "markdownDescription": "When videoAndFixedIntervals is selected, audio EBP markers are added to partitions 3 and 4. The interval between these additional markers is fixed, and is slightly shorter than the video EBP marker interval. This is only available when EBP Cablelabs segmentation markers are selected. Partitions 1 and 2 always follow the video interval.", + "title": "EbpAudioInterval", + "type": "string" }, - "LineValues": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The aggregated `LineValues` field well of a combo chart.", - "title": "LineValues", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.ComboChartConfiguration": { - "additionalProperties": false, - "properties": { - "BarDataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.\n\nThe data label options for a bar in a combo chart.", - "title": "BarDataLabels" + "EbpLookaheadMs": { + "markdownDescription": "When set, enforces that Encoder Boundary Points do not come within the specified time interval of each other by looking ahead at input video. If another EBP is going to come in within the specified time interval, the current EBP is not emitted, and the segment is \"stretched\" to the next marker. The lookahead value does not add latency to the system. The channel must be configured elsewhere to create sufficient latency to make the lookahead accurate.", + "title": "EbpLookaheadMs", + "type": "number" }, - "BarsArrangement": { - "markdownDescription": "Determines the bar arrangement in a combo chart. The following are valid values in this structure:\n\n- `CLUSTERED` : For clustered bar combo charts.\n- `STACKED` : For stacked bar combo charts.\n- `STACKED_PERCENT` : Do not use. If you use this value, the operation returns a validation error.", - "title": "BarsArrangement", + "EbpPlacement": { + "markdownDescription": "Controls placement of EBP on audio PIDs. If set to videoAndAudioPids, EBP markers are placed on the video PID and all audio PIDs. If set to videoPid, EBP markers are placed on only the video PID.", + "title": "EbpPlacement", "type": "string" }, - "CategoryAxis": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The category axis of a combo chart.", - "title": "CategoryAxis" + "EcmPid": { + "markdownDescription": "This field is unused and deprecated.", + "title": "EcmPid", + "type": "string" }, - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart category (group/color) field well.", - "title": "CategoryLabelOptions" + "EsRateInPes": { + "markdownDescription": "Includes or excludes the ES Rate field in the PES header.", + "title": "EsRateInPes", + "type": "string" }, - "ColorLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's color field well.", - "title": "ColorLabelOptions" + "EtvPlatformPid": { + "markdownDescription": "The PID for the input source ETV Platform data to this output. You can enter it as a decimal or hexadecimal value. Valid values are 32 (or 0x20) to 8182 (or 0x1ff6).", + "title": "EtvPlatformPid", + "type": "string" }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ComboChartFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" + "EtvSignalPid": { + "markdownDescription": "The PID for input source ETV Signal data to this output. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", + "title": "EtvSignalPid", + "type": "string" }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" + "FragmentTime": { + "markdownDescription": "The length in seconds of each fragment. This is used only with EBP markers.", + "title": "FragmentTime", + "type": "number" }, - "LineDataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.\n\nThe data label options for a line in a combo chart.", - "title": "LineDataLabels" + "Klv": { + "markdownDescription": "If set to passthrough, passes any KLV data from the input source to this output.", + "title": "Klv", + "type": "string" }, - "PrimaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, and axis step) of a combo chart's primary y-axis (bar) field well.", - "title": "PrimaryYAxisDisplayOptions" + "KlvDataPids": { + "markdownDescription": "The PID for the input source KLV data to this output. Multiple values are accepted, and can be entered in ranges or by comma separation. You can enter the value as a decimal or hexadecimal value. Each PID specified must be in the range of 32 (or 0x20)..8182 (or 0x1ff6).", + "title": "KlvDataPids", + "type": "string" }, - "PrimaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's primary y-axis (bar) field well.", - "title": "PrimaryYAxisLabelOptions" + "NielsenId3Behavior": { + "markdownDescription": "If set to passthrough, Nielsen inaudible tones for media tracking will be detected in the input audio and an equivalent ID3 tag will be inserted in the output.", + "title": "NielsenId3Behavior", + "type": "string" }, - "ReferenceLines": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLine" - }, - "markdownDescription": "The reference line setup of the visual.", - "title": "ReferenceLines", - "type": "array" + "NullPacketBitrate": { + "markdownDescription": "The value, in bits per second, of extra null packets to insert into the transport stream. This can be used if a downstream encryption system requires periodic null packets.", + "title": "NullPacketBitrate", + "type": "number" }, - "SecondaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) of a combo chart's secondary y-axis (line) field well.", - "title": "SecondaryYAxisDisplayOptions" + "PatInterval": { + "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream. Valid values are 0, 10..1000.", + "title": "PatInterval", + "type": "number" }, - "SecondaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's secondary y-axis(line) field well.", - "title": "SecondaryYAxisLabelOptions" + "PcrControl": { + "markdownDescription": "When set to pcrEveryPesPacket, a Program Clock Reference value is inserted for every Packetized Elementary Stream (PES) header. This parameter is effective only when the PCR PID is the same as the video or audio elementary stream.", + "title": "PcrControl", + "type": "string" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ComboChartSortConfiguration", - "markdownDescription": "The sort configuration of a `ComboChartVisual` .", - "title": "SortConfiguration" + "PcrPeriod": { + "markdownDescription": "The maximum time, in milliseconds, between Program Clock References (PCRs) inserted into the transport stream.", + "title": "PcrPeriod", + "type": "number" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Tooltip" + "PcrPid": { + "markdownDescription": "The PID of the Program Clock Reference (PCR) in the transport stream. When no value is given, MediaLive assigns the same value as the video PID. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", + "title": "PcrPid", + "type": "string" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.ComboChartFieldWells": { - "additionalProperties": false, - "properties": { - "ComboChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ComboChartAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a combo chart. Combo charts only have aggregated field wells. Columns in a combo chart are aggregated by category.", - "title": "ComboChartAggregatedFieldWells" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.ComboChartSortConfiguration": { - "additionalProperties": false, - "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The item limit configuration for the category field well of a combo chart.", - "title": "CategoryItemsLimit" + "PmtInterval": { + "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream. Valid values are 0, 10..1000.", + "title": "PmtInterval", + "type": "number" }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the category field well in a combo chart.", - "title": "CategorySort", - "type": "array" + "PmtPid": { + "markdownDescription": "The PID for the Program Map Table (PMT) in the transport stream. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", + "title": "PmtPid", + "type": "string" }, - "ColorItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The item limit configuration of the color field well in a combo chart.", - "title": "ColorItemsLimit" + "ProgramNum": { + "markdownDescription": "The value of the program number field in the Program Map Table (PMT).", + "title": "ProgramNum", + "type": "number" }, - "ColorSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the color field well in a combo chart.", - "title": "ColorSort", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.ComboChartVisual": { - "additionalProperties": false, - "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "RateMode": { + "markdownDescription": "When VBR, does not insert null packets into the transport stream to fill the specified bitrate. The bitrate setting acts as the maximum bitrate when VBR is set.", + "title": "RateMode", + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ComboChartConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "Scte27Pids": { + "markdownDescription": "The PID for the input source SCTE-27 data to this output. Multiple values are accepted, and can be entered in ranges or by comma separation. You can enter the value as a decimal or hexadecimal value. Each PID specified must be in the range of 32 (or 0x20)..8182 (or 0x1ff6).", + "title": "Scte27Pids", + "type": "string" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "Scte35Control": { + "markdownDescription": "Optionally passes SCTE-35 signals from the input source to this output.", + "title": "Scte35Control", + "type": "string" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Scte35Pid": { + "markdownDescription": "The PID of the SCTE-35 stream in the transport stream. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", + "title": "Scte35Pid", + "type": "string" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Scte35PrerollPullupMilliseconds": { + "markdownDescription": "", + "title": "Scte35PrerollPullupMilliseconds", + "type": "number" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "SegmentationMarkers": { + "markdownDescription": "Inserts segmentation markers at each segmentationTime period. raiSegstart sets the Random Access Indicator bit in the adaptation field. raiAdapt sets the RAI bit and adds the current timecode in the private data bytes. psiSegstart inserts PAT and PMT tables at the start of segments. ebp adds Encoder Boundary Point information to the adaptation field as per OpenCable specification OC-SP-EBP-I01-130118. ebpLegacy adds Encoder Boundary Point information to the adaptation field using a legacy proprietary format.", + "title": "SegmentationMarkers", "type": "string" - } - }, - "required": [ - "VisualId" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.ComparisonConfiguration": { - "additionalProperties": false, - "properties": { - "ComparisonFormat": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ComparisonFormatConfiguration", - "markdownDescription": "The format of the comparison.", - "title": "ComparisonFormat" }, - "ComparisonMethod": { - "markdownDescription": "The method of the comparison. Choose from the following options:\n\n- `DIFFERENCE`\n- `PERCENT_DIFFERENCE`\n- `PERCENT`", - "title": "ComparisonMethod", + "SegmentationStyle": { + "markdownDescription": "The segmentation style parameter controls how segmentation markers are inserted into the transport stream. With avails, it is possible that segments might be truncated, which can influence where future segmentation markers are inserted. When a segmentation style of resetCadence is selected and a segment is truncated due to an avail, we will reset the segmentation cadence. This means the subsequent segment will have a duration of $segmentationTime seconds. When a segmentation style of maintainCadence is selected and a segment is truncated due to an avail, we will not reset the segmentation cadence. This means the subsequent segment will likely be truncated as well. However, all segments after that will have a duration of $segmentationTime seconds. Note that EBP lookahead is a slight exception to this rule.", + "title": "SegmentationStyle", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.ComparisonFormatConfiguration": { - "additionalProperties": false, - "properties": { - "NumberDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumberDisplayFormatConfiguration", - "markdownDescription": "The number display format.", - "title": "NumberDisplayFormatConfiguration" }, - "PercentageDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PercentageDisplayFormatConfiguration", - "markdownDescription": "The percentage display format.", - "title": "PercentageDisplayFormatConfiguration" + "SegmentationTime": { + "markdownDescription": "The length, in seconds, of each segment. This is required unless markers is set to None_.", + "title": "SegmentationTime", + "type": "number" + }, + "TimedMetadataBehavior": { + "markdownDescription": "When set to passthrough, timed metadata is passed through from input to output.", + "title": "TimedMetadataBehavior", + "type": "string" + }, + "TimedMetadataPid": { + "markdownDescription": "The PID of the timed metadata stream in the transport stream. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", + "title": "TimedMetadataPid", + "type": "string" + }, + "TransportStreamId": { + "markdownDescription": "The value of the transport stream ID field in the Program Map Table (PMT).", + "title": "TransportStreamId", + "type": "number" + }, + "VideoPid": { + "markdownDescription": "The PID of the elementary video stream in the transport stream. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", + "title": "VideoPid", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.Computation": { + "AWS::MediaLive::Channel.M3u8Settings": { "additionalProperties": false, "properties": { - "Forecast": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ForecastComputation", - "markdownDescription": "The forecast computation configuration.", - "title": "Forecast" + "AudioFramesPerPes": { + "markdownDescription": "The number of audio frames to insert for each PES packet.", + "title": "AudioFramesPerPes", + "type": "number" }, - "GrowthRate": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GrowthRateComputation", - "markdownDescription": "The growth rate computation configuration.", - "title": "GrowthRate" + "AudioPids": { + "markdownDescription": "The PID of the elementary audio streams in the transport stream. Multiple values are accepted, and can be entered in ranges or by comma separation. You can enter the value as a decimal or hexadecimal value.", + "title": "AudioPids", + "type": "string" }, - "MaximumMinimum": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MaximumMinimumComputation", - "markdownDescription": "The maximum and minimum computation configuration.", - "title": "MaximumMinimum" + "EcmPid": { + "markdownDescription": "This parameter is unused and deprecated.", + "title": "EcmPid", + "type": "string" }, - "MetricComparison": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MetricComparisonComputation", - "markdownDescription": "The metric comparison computation configuration.", - "title": "MetricComparison" + "KlvBehavior": { + "markdownDescription": "", + "title": "KlvBehavior", + "type": "string" }, - "PeriodOverPeriod": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PeriodOverPeriodComputation", - "markdownDescription": "The period over period computation configuration.", - "title": "PeriodOverPeriod" + "KlvDataPids": { + "markdownDescription": "", + "title": "KlvDataPids", + "type": "string" }, - "PeriodToDate": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PeriodToDateComputation", - "markdownDescription": "The period to `DataSetIdentifier` computation configuration.", - "title": "PeriodToDate" + "NielsenId3Behavior": { + "markdownDescription": "If set to passthrough, Nielsen inaudible tones for media tracking will be detected in the input audio and an equivalent ID3 tag will be inserted in the output.", + "title": "NielsenId3Behavior", + "type": "string" }, - "TopBottomMovers": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TopBottomMoversComputation", - "markdownDescription": "The top movers and bottom movers computation configuration.", - "title": "TopBottomMovers" + "PatInterval": { + "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream. A value of \\\"0\\\" writes out the PMT once per segment file.", + "title": "PatInterval", + "type": "number" }, - "TopBottomRanked": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TopBottomRankedComputation", - "markdownDescription": "The top ranked and bottom ranked computation configuration.", - "title": "TopBottomRanked" + "PcrControl": { + "markdownDescription": "When set to pcrEveryPesPacket, a Program Clock Reference value is inserted for every Packetized Elementary Stream (PES) header. This parameter is effective only when the PCR PID is the same as the video or audio elementary stream.", + "title": "PcrControl", + "type": "string" }, - "TotalAggregation": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TotalAggregationComputation", - "markdownDescription": "The total aggregation computation configuration.", - "title": "TotalAggregation" + "PcrPeriod": { + "markdownDescription": "The maximum time, in milliseconds, between Program Clock References (PCRs) inserted into the transport stream.", + "title": "PcrPeriod", + "type": "number" }, - "UniqueValues": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.UniqueValuesComputation", - "markdownDescription": "The unique values computation configuration.", - "title": "UniqueValues" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.ConditionalFormattingColor": { - "additionalProperties": false, - "properties": { - "Gradient": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingGradientColor", - "markdownDescription": "Formatting configuration for gradient color.", - "title": "Gradient" + "PcrPid": { + "markdownDescription": "The PID of the Program Clock Reference (PCR) in the transport stream. When no value is given, MediaLive assigns the same value as the video PID. You can enter the value as a decimal or hexadecimal value.", + "title": "PcrPid", + "type": "string" }, - "Solid": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingSolidColor", - "markdownDescription": "Formatting configuration for solid color.", - "title": "Solid" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.ConditionalFormattingCustomIconCondition": { - "additionalProperties": false, - "properties": { - "Color": { - "markdownDescription": "Determines the color of the icon.", - "title": "Color", + "PmtInterval": { + "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream. A value of \\\"0\\\" writes out the PMT once per segment file.", + "title": "PmtInterval", + "type": "number" + }, + "PmtPid": { + "markdownDescription": "The PID for the Program Map Table (PMT) in the transport stream. You can enter the value as a decimal or hexadecimal value.", + "title": "PmtPid", "type": "string" }, - "DisplayConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIconDisplayConfiguration", - "markdownDescription": "Determines the icon display configuration.", - "title": "DisplayConfiguration" + "ProgramNum": { + "markdownDescription": "The value of the program number field in the Program Map Table (PMT).", + "title": "ProgramNum", + "type": "number" }, - "Expression": { - "markdownDescription": "The expression that determines the condition of the icon set.", - "title": "Expression", + "Scte35Behavior": { + "markdownDescription": "If set to passthrough, passes any SCTE-35 signals from the input source to this output.", + "title": "Scte35Behavior", "type": "string" }, - "IconOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingCustomIconOptions", - "markdownDescription": "Custom icon options for an icon set.", - "title": "IconOptions" + "Scte35Pid": { + "markdownDescription": "The PID of the SCTE-35 stream in the transport stream. You can enter the value as a decimal or hexadecimal value.", + "title": "Scte35Pid", + "type": "string" + }, + "TimedMetadataBehavior": { + "markdownDescription": "When set to passthrough, timed metadata is passed through from input to output.", + "title": "TimedMetadataBehavior", + "type": "string" + }, + "TimedMetadataPid": { + "markdownDescription": "The PID of the timed metadata stream in the transport stream. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", + "title": "TimedMetadataPid", + "type": "string" + }, + "TransportStreamId": { + "markdownDescription": "The value of the transport stream ID field in the Program Map Table (PMT).", + "title": "TransportStreamId", + "type": "number" + }, + "VideoPid": { + "markdownDescription": "The PID of the elementary video stream in the transport stream. You can enter the value as a decimal or hexadecimal value.", + "title": "VideoPid", + "type": "string" } }, - "required": [ - "Expression", - "IconOptions" - ], "type": "object" }, - "AWS::QuickSight::Analysis.ConditionalFormattingCustomIconOptions": { + "AWS::MediaLive::Channel.MaintenanceCreateSettings": { "additionalProperties": false, "properties": { - "Icon": { - "markdownDescription": "Determines the type of icon.", - "title": "Icon", + "MaintenanceDay": { + "markdownDescription": "Choose one day of the week for maintenance. The chosen day is used for all future maintenance windows.", + "title": "MaintenanceDay", "type": "string" }, - "UnicodeIcon": { - "markdownDescription": "Determines the Unicode icon type.", - "title": "UnicodeIcon", + "MaintenanceStartTime": { + "markdownDescription": "Choose the hour that maintenance will start. The chosen time is used for all future maintenance windows.", + "title": "MaintenanceStartTime", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ConditionalFormattingGradientColor": { + "AWS::MediaLive::Channel.MaintenanceUpdateSettings": { "additionalProperties": false, "properties": { - "Color": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GradientColor", - "markdownDescription": "Determines the color.", - "title": "Color" + "MaintenanceDay": { + "type": "string" }, - "Expression": { - "markdownDescription": "The expression that determines the formatting configuration for gradient color.", - "title": "Expression", + "MaintenanceScheduledDate": { + "type": "string" + }, + "MaintenanceStartTime": { "type": "string" } }, - "required": [ - "Color", - "Expression" - ], "type": "object" }, - "AWS::QuickSight::Analysis.ConditionalFormattingIcon": { + "AWS::MediaLive::Channel.MediaPackageGroupSettings": { "additionalProperties": false, "properties": { - "CustomCondition": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingCustomIconCondition", - "markdownDescription": "Determines the custom condition for an icon set.", - "title": "CustomCondition" + "Destination": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", + "markdownDescription": "The MediaPackage channel destination.", + "title": "Destination" }, - "IconSet": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIconSet", - "markdownDescription": "Formatting configuration for icon set.", - "title": "IconSet" + "MediapackageV2GroupSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MediaPackageV2GroupSettings" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ConditionalFormattingIconDisplayConfiguration": { + "AWS::MediaLive::Channel.MediaPackageOutputDestinationSettings": { "additionalProperties": false, "properties": { - "IconDisplayOption": { - "markdownDescription": "Determines the icon display configuration.", - "title": "IconDisplayOption", + "ChannelGroup": { + "markdownDescription": "", + "title": "ChannelGroup", + "type": "string" + }, + "ChannelId": { + "markdownDescription": "The ID of the channel in MediaPackage that is the destination for this output group. You don't need to specify the individual inputs in MediaPackage; MediaLive handles the connection of the two MediaLive pipelines to the two MediaPackage inputs. The MediaPackage channel and MediaLive channel must be in the same Region.", + "title": "ChannelId", + "type": "string" + }, + "ChannelName": { + "markdownDescription": "", + "title": "ChannelName", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ConditionalFormattingIconSet": { + "AWS::MediaLive::Channel.MediaPackageOutputSettings": { "additionalProperties": false, "properties": { - "Expression": { - "markdownDescription": "The expression that determines the formatting configuration for the icon set.", - "title": "Expression", - "type": "string" - }, - "IconSetType": { - "markdownDescription": "Determines the icon set type.", - "title": "IconSetType", - "type": "string" + "MediaPackageV2DestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MediaPackageV2DestinationSettings" } }, - "required": [ - "Expression" - ], "type": "object" }, - "AWS::QuickSight::Analysis.ConditionalFormattingSolidColor": { + "AWS::MediaLive::Channel.MediaPackageV2DestinationSettings": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "Determines the color.", - "title": "Color", + "AudioGroupId": { "type": "string" }, - "Expression": { - "markdownDescription": "The expression that determines the formatting configuration for solid color.", - "title": "Expression", + "AudioRenditionSets": { + "type": "string" + }, + "HlsAutoSelect": { + "type": "string" + }, + "HlsDefault": { "type": "string" } }, - "required": [ - "Expression" - ], "type": "object" }, - "AWS::QuickSight::Analysis.ContributionAnalysisDefault": { + "AWS::MediaLive::Channel.MediaPackageV2GroupSettings": { "additionalProperties": false, "properties": { - "ContributorDimensions": { + "CaptionLanguageMappings": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier" + "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionLanguageMapping" }, - "markdownDescription": "The dimensions columns that are used in the contribution analysis, usually a list of `ColumnIdentifiers` .", - "title": "ContributorDimensions", "type": "array" - }, - "MeasureFieldId": { - "markdownDescription": "The measure field that is used in the contribution analysis.", - "title": "MeasureFieldId", - "type": "string" } }, - "required": [ - "ContributorDimensions", - "MeasureFieldId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.CurrencyDisplayFormatConfiguration": { + "AWS::MediaLive::Channel.MotionGraphicsConfiguration": { "additionalProperties": false, "properties": { - "DecimalPlacesConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalPlacesConfiguration", - "markdownDescription": "The option that determines the decimal places configuration.", - "title": "DecimalPlacesConfiguration" - }, - "NegativeValueConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NegativeValueConfiguration", - "markdownDescription": "The options that determine the negative value configuration.", - "title": "NegativeValueConfiguration" - }, - "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NullValueFormatConfiguration", - "markdownDescription": "The options that determine the null value format configuration.", - "title": "NullValueFormatConfiguration" - }, - "NumberScale": { - "markdownDescription": "Determines the number scale value for the currency format.", - "title": "NumberScale", - "type": "string" - }, - "Prefix": { - "markdownDescription": "Determines the prefix value of the currency format.", - "title": "Prefix", - "type": "string" - }, - "SeparatorConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericSeparatorConfiguration", - "markdownDescription": "The options that determine the numeric separator configuration.", - "title": "SeparatorConfiguration" - }, - "Suffix": { - "markdownDescription": "Determines the suffix value of the currency format.", - "title": "Suffix", + "MotionGraphicsInsertion": { + "markdownDescription": "Enables or disables the motion graphics overlay feature in the channel.", + "title": "MotionGraphicsInsertion", "type": "string" }, - "Symbol": { - "markdownDescription": "Determines the symbol for the currency format.", - "title": "Symbol", - "type": "string" + "MotionGraphicsSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MotionGraphicsSettings", + "markdownDescription": "Settings to enable and configure the motion graphics overlay feature in the channel.", + "title": "MotionGraphicsSettings" } }, "type": "object" }, - "AWS::QuickSight::Analysis.CustomActionFilterOperation": { + "AWS::MediaLive::Channel.MotionGraphicsSettings": { "additionalProperties": false, "properties": { - "SelectedFieldsConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterOperationSelectedFieldsConfiguration", - "markdownDescription": "The configuration that chooses the fields to be filtered.", - "title": "SelectedFieldsConfiguration" - }, - "TargetVisualsConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterOperationTargetVisualsConfiguration", - "markdownDescription": "The configuration that chooses the target visuals to be filtered.", - "title": "TargetVisualsConfiguration" + "HtmlMotionGraphicsSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.HtmlMotionGraphicsSettings", + "markdownDescription": "Settings to configure the motion graphics overlay to use an HTML asset.", + "title": "HtmlMotionGraphicsSettings" } }, - "required": [ - "SelectedFieldsConfiguration", - "TargetVisualsConfiguration" - ], "type": "object" }, - "AWS::QuickSight::Analysis.CustomActionNavigationOperation": { + "AWS::MediaLive::Channel.Mp2Settings": { "additionalProperties": false, "properties": { - "LocalNavigationConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LocalNavigationConfiguration", - "markdownDescription": "The configuration that chooses the navigation target.", - "title": "LocalNavigationConfiguration" + "Bitrate": { + "markdownDescription": "The average bitrate in bits/second.", + "title": "Bitrate", + "type": "number" + }, + "CodingMode": { + "markdownDescription": "The MPEG2 Audio coding mode. Valid values are codingMode10 (for mono) or codingMode20 (for stereo).", + "title": "CodingMode", + "type": "string" + }, + "SampleRate": { + "markdownDescription": "The sample rate in Hz.", + "title": "SampleRate", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.CustomActionSetParametersOperation": { + "AWS::MediaLive::Channel.Mpeg2FilterSettings": { "additionalProperties": false, "properties": { - "ParameterValueConfigurations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SetParameterValueConfiguration" - }, - "markdownDescription": "The parameter that determines the value configuration.", - "title": "ParameterValueConfigurations", - "type": "array" + "TemporalFilterSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.TemporalFilterSettings", + "markdownDescription": "Settings for applying the temporal filter to the video.", + "title": "TemporalFilterSettings" } }, - "required": [ - "ParameterValueConfigurations" - ], "type": "object" }, - "AWS::QuickSight::Analysis.CustomActionURLOperation": { + "AWS::MediaLive::Channel.Mpeg2Settings": { "additionalProperties": false, "properties": { - "URLTarget": { - "markdownDescription": "The target of the `CustomActionURLOperation` .\n\nValid values are defined as follows:\n\n- `NEW_TAB` : Opens the target URL in a new browser tab.\n- `NEW_WINDOW` : Opens the target URL in a new browser window.\n- `SAME_TAB` : Opens the target URL in the same browser tab.", - "title": "URLTarget", + "AdaptiveQuantization": { + "markdownDescription": "Choose Off to disable adaptive quantization. Or choose another value to enable the quantizer and set its strength. The strengths are: Auto, Off, Low, Medium, High. When you enable this field, MediaLive allows intra-frame quantizers to vary, which might improve visual quality.", + "title": "AdaptiveQuantization", "type": "string" }, - "URLTemplate": { - "markdownDescription": "THe URL link of the `CustomActionURLOperation` .", - "title": "URLTemplate", - "type": "string" - } - }, - "required": [ - "URLTarget", - "URLTemplate" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.CustomColor": { - "additionalProperties": false, - "properties": { - "Color": { - "markdownDescription": "The color that is applied to the data value.", - "title": "Color", + "AfdSignaling": { + "markdownDescription": "Indicates the AFD values that MediaLive will write into the video encode. If you do not know what AFD signaling is, or if your downstream system has not given you guidance, choose AUTO.\nAUTO: MediaLive will try to preserve the input AFD value (in cases where multiple AFD values are valid).\nFIXED: MediaLive will use the value you specify in fixedAFD.", + "title": "AfdSignaling", "type": "string" }, - "FieldValue": { - "markdownDescription": "The data value that the color is applied to.", - "title": "FieldValue", + "ColorMetadata": { + "markdownDescription": "Specifies whether to include the color space metadata. The metadata describes the color space that applies to the video (the colorSpace field). We recommend that you insert the metadata.", + "title": "ColorMetadata", "type": "string" }, - "SpecialValue": { - "markdownDescription": "The value of a special data value.", - "title": "SpecialValue", - "type": "string" - } - }, - "required": [ - "Color" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.CustomContentConfiguration": { - "additionalProperties": false, - "properties": { - "ContentType": { - "markdownDescription": "The content type of the custom content visual. You can use this to have the visual render as an image.", - "title": "ContentType", + "ColorSpace": { + "markdownDescription": "Choose the type of color space conversion to apply to the output. For detailed information on setting up both the input and the output to obtain the desired color space in the output, see the section on \\\"MediaLive Features - Video - color space\\\" in the MediaLive User Guide.\nPASSTHROUGH: Keep the color space of the input content - do not convert it.\nAUTO:Convert all content that is SD to rec 601, and convert all content that is HD to rec 709.", + "title": "ColorSpace", "type": "string" }, - "ContentUrl": { - "markdownDescription": "The input URL that links to the custom content that you want in the custom visual.", - "title": "ContentUrl", + "DisplayAspectRatio": { + "markdownDescription": "Sets the pixel aspect ratio for the encode.", + "title": "DisplayAspectRatio", "type": "string" }, - "ImageScaling": { - "markdownDescription": "The sizing options for the size of the custom content visual. This structure is required when the `ContentType` of the visual is `'IMAGE'` .", - "title": "ImageScaling", + "FilterSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Mpeg2FilterSettings", + "markdownDescription": "Optionally specify a noise reduction filter, which can improve quality of compressed content. If you do not choose a filter, no filter will be applied.\nTEMPORAL: This filter is useful for both source content that is noisy (when it has excessive digital artifacts) and source content that is clean.\nWhen the content is noisy, the filter cleans up the source content before the encoding phase, with these two effects: First, it improves the output video quality because the content has been cleaned up. Secondly, it decreases the bandwidth because MediaLive does not waste bits on encoding noise.\nWhen the content is reasonably clean, the filter tends to decrease the bitrate.", + "title": "FilterSettings" + }, + "FixedAfd": { + "markdownDescription": "Complete this field only when afdSignaling is set to FIXED. Enter the AFD value (4 bits) to write on all frames of the video encode.", + "title": "FixedAfd", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.CustomContentVisual": { - "additionalProperties": false, - "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomContentConfiguration", - "markdownDescription": "The configuration of a `CustomContentVisual` .", - "title": "ChartConfiguration" + "FramerateDenominator": { + "markdownDescription": "description\": \"The framerate denominator. For example, 1001. The framerate is the numerator divided by the denominator. For example, 24000 / 1001 = 23.976 FPS.", + "title": "FramerateDenominator", + "type": "number" }, - "DataSetIdentifier": { - "markdownDescription": "The dataset that is used to create the custom content visual. You can't create a visual without a dataset.", - "title": "DataSetIdentifier", + "FramerateNumerator": { + "markdownDescription": "The framerate numerator. For example, 24000. The framerate is the numerator divided by the denominator. For example, 24000 / 1001 = 23.976 FPS.", + "title": "FramerateNumerator", + "type": "number" + }, + "GopClosedCadence": { + "markdownDescription": "MPEG2: default is open GOP.", + "title": "GopClosedCadence", + "type": "number" + }, + "GopNumBFrames": { + "markdownDescription": "Relates to the GOP structure. The number of B-frames between reference frames. If you do not know what a B-frame is, use the default.", + "title": "GopNumBFrames", + "type": "number" + }, + "GopSize": { + "markdownDescription": "Relates to the GOP structure. The GOP size (keyframe interval) in the units specified in gopSizeUnits. If you do not know what GOP is, use the default.\nIf gopSizeUnits is frames, then the gopSize must be an integer and must be greater than or equal to 1.\nIf gopSizeUnits is seconds, the gopSize must be greater than 0, but does not need to be an integer.", + "title": "GopSize", + "type": "number" + }, + "GopSizeUnits": { + "markdownDescription": "Relates to the GOP structure. Specifies whether the gopSize is specified in frames or seconds. If you do not plan to change the default gopSize, leave the default. If you specify SECONDS, MediaLive will internally convert the gop size to a frame count.", + "title": "GopSizeUnits", "type": "string" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "ScanType": { + "markdownDescription": "Set the scan type of the output to PROGRESSIVE or INTERLACED (top field first).", + "title": "ScanType", + "type": "string" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "SubgopLength": { + "markdownDescription": "Relates to the GOP structure. If you do not know what GOP is, use the default.\nFIXED: Set the number of B-frames in each sub-GOP to the value in gopNumBFrames.\nDYNAMIC: Let MediaLive optimize the number of B-frames in each sub-GOP, to improve visual quality.", + "title": "SubgopLength", + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "TimecodeBurninSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.TimecodeBurninSettings", + "markdownDescription": "", + "title": "TimecodeBurninSettings" + }, + "TimecodeInsertion": { + "markdownDescription": "Determines how MediaLive inserts timecodes in the output video. For detailed information about setting up the input and the output for a timecode, see the section on \\\"MediaLive Features - Timecode configuration\\\" in the MediaLive User Guide.\nDISABLED: do not include timecodes.\nGOP_TIMECODE: Include timecode metadata in the GOP header.", + "title": "TimecodeInsertion", "type": "string" } }, - "required": [ - "DataSetIdentifier", - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.CustomFilterConfiguration": { + "AWS::MediaLive::Channel.MsSmoothGroupSettings": { "additionalProperties": false, "properties": { - "CategoryValue": { - "markdownDescription": "The category value for the filter.\n\nThis field is mutually exclusive to `ParameterName` .", - "title": "CategoryValue", + "AcquisitionPointId": { + "markdownDescription": "The value of the Acquisition Point Identity element that is used in each message placed in the sparse track. Enabled only if sparseTrackType is not \"none.\"", + "title": "AcquisitionPointId", "type": "string" }, - "MatchOperator": { - "markdownDescription": "The match operator that is used to determine if a filter should be applied.", - "title": "MatchOperator", + "AudioOnlyTimecodeControl": { + "markdownDescription": "If set to passthrough for an audio-only Microsoft Smooth output, the fragment absolute time is set to the current timecode. This option does not write timecodes to the audio elementary stream.", + "title": "AudioOnlyTimecodeControl", "type": "string" }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", + "CertificateMode": { + "markdownDescription": "If set to verifyAuthenticity, verifies the HTTPS certificate chain to a trusted certificate authority (CA). This causes HTTPS outputs to self-signed certificates to fail.", + "title": "CertificateMode", "type": "string" }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `CategoryValue` .", - "title": "ParameterName", - "type": "string" + "ConnectionRetryInterval": { + "markdownDescription": "The number of seconds to wait before retrying the connection to the IIS server if the connection is lost. Content is cached during this time, and the cache is delivered to the IIS server after the connection is re-established.", + "title": "ConnectionRetryInterval", + "type": "number" }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", + "Destination": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", + "markdownDescription": "The Smooth Streaming publish point on an IIS server. MediaLive acts as a \"Push\" encoder to IIS.", + "title": "Destination" + }, + "EventId": { + "markdownDescription": "The Microsoft Smooth channel ID that is sent to the IIS server. Specify the ID only if eventIdMode is set to useConfigured.", + "title": "EventId", "type": "string" - } - }, - "required": [ - "MatchOperator", - "NullOption" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.CustomFilterListConfiguration": { - "additionalProperties": false, - "properties": { - "CategoryValues": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of category values for the filter.", - "title": "CategoryValues", - "type": "array" }, - "MatchOperator": { - "markdownDescription": "The match operator that is used to determine if a filter should be applied.", - "title": "MatchOperator", + "EventIdMode": { + "markdownDescription": "Specifies whether to send a channel ID to the IIS server. If no channel ID is sent and the same channel is used without changing the publishing point, clients might see cached video from the previous run. Options: - \"useConfigured\" - use the value provided in eventId - \"useTimestamp\" - generate and send a channel ID based on the current timestamp - \"noEventId\" - do not send a channel ID to the IIS server.", + "title": "EventIdMode", "type": "string" }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", + "EventStopBehavior": { + "markdownDescription": "When set to sendEos, sends an EOS signal to an IIS server when stopping the channel.", + "title": "EventStopBehavior", "type": "string" }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", + "FilecacheDuration": { + "markdownDescription": "The size, in seconds, of the file cache for streaming outputs.", + "title": "FilecacheDuration", + "type": "number" + }, + "FragmentLength": { + "markdownDescription": "The length, in seconds, of mp4 fragments to generate. The fragment length must be compatible with GOP size and frame rate.", + "title": "FragmentLength", + "type": "number" + }, + "InputLossAction": { + "markdownDescription": "A parameter that controls output group behavior on an input loss.", + "title": "InputLossAction", "type": "string" - } - }, - "required": [ - "MatchOperator", - "NullOption" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.CustomNarrativeOptions": { - "additionalProperties": false, - "properties": { - "Narrative": { - "markdownDescription": "The string input of custom narrative.", - "title": "Narrative", + }, + "NumRetries": { + "markdownDescription": "The number of retry attempts.", + "title": "NumRetries", + "type": "number" + }, + "RestartDelay": { + "markdownDescription": "The number of seconds before initiating a restart due to output failure, due to exhausting the numRetries on one segment, or exceeding filecacheDuration.", + "title": "RestartDelay", + "type": "number" + }, + "SegmentationMode": { + "markdownDescription": "useInputSegmentation has been deprecated. The configured segment size is always used.", + "title": "SegmentationMode", "type": "string" - } - }, - "required": [ - "Narrative" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.CustomParameterValues": { - "additionalProperties": false, - "properties": { - "DateTimeValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of datetime-type parameter values.", - "title": "DateTimeValues", - "type": "array" }, - "DecimalValues": { - "items": { - "type": "number" - }, - "markdownDescription": "A list of decimal-type parameter values.", - "title": "DecimalValues", - "type": "array" + "SendDelayMs": { + "markdownDescription": "The number of milliseconds to delay the output from the second pipeline.", + "title": "SendDelayMs", + "type": "number" }, - "IntegerValues": { - "items": { - "type": "number" - }, - "markdownDescription": "A list of integer-type parameter values.", - "title": "IntegerValues", - "type": "array" + "SparseTrackType": { + "markdownDescription": "If set to scte35, uses incoming SCTE-35 messages to generate a sparse track in this group of Microsoft Smooth outputs.", + "title": "SparseTrackType", + "type": "string" }, - "StringValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of string-type parameter values.", - "title": "StringValues", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.CustomValuesConfiguration": { - "additionalProperties": false, - "properties": { - "CustomValues": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomParameterValues", - "markdownDescription": "", - "title": "CustomValues" + "StreamManifestBehavior": { + "markdownDescription": "When set to send, sends a stream manifest so that the publishing point doesn't start until all streams start.", + "title": "StreamManifestBehavior", + "type": "string" }, - "IncludeNullValue": { - "markdownDescription": "Includes the null value in custom action parameter values.", - "title": "IncludeNullValue", - "type": "boolean" + "TimestampOffset": { + "markdownDescription": "The timestamp offset for the channel. Used only if timestampOffsetMode is set to useConfiguredOffset.", + "title": "TimestampOffset", + "type": "string" + }, + "TimestampOffsetMode": { + "markdownDescription": "The type of timestamp date offset to use. - useEventStartDate: Use the date the channel was started as the offset - useConfiguredOffset: Use an explicitly configured date as the offset.", + "title": "TimestampOffsetMode", + "type": "string" } }, - "required": [ - "CustomValues" - ], "type": "object" }, - "AWS::QuickSight::Analysis.DataBarsOptions": { + "AWS::MediaLive::Channel.MsSmoothOutputSettings": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID for the data bars options.", - "title": "FieldId", - "type": "string" - }, - "NegativeColor": { - "markdownDescription": "The color of the negative data bar.", - "title": "NegativeColor", + "H265PackagingType": { + "markdownDescription": "Only applicable when this output is referencing an H.265 video description.\nSpecifies whether MP4 segments should be packaged as HEV1 or HVC1.", + "title": "H265PackagingType", "type": "string" }, - "PositiveColor": { - "markdownDescription": "The color of the positive data bar.", - "title": "PositiveColor", + "NameModifier": { + "markdownDescription": "A string that is concatenated to the end of the destination file name. This is required for multiple outputs of the same type.", + "title": "NameModifier", "type": "string" } }, - "required": [ - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.DataColor": { + "AWS::MediaLive::Channel.MulticastInputSettings": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The color that is applied to the data value.", - "title": "Color", + "SourceIpAddress": { + "markdownDescription": "", + "title": "SourceIpAddress", "type": "string" - }, - "DataValue": { - "markdownDescription": "The data value that the color is applied to.", - "title": "DataValue", - "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.DataFieldSeriesItem": { + "AWS::MediaLive::Channel.MultiplexContainerSettings": { "additionalProperties": false, "properties": { - "AxisBinding": { - "markdownDescription": "The axis that you are binding the field to.", - "title": "AxisBinding", - "type": "string" - }, - "FieldId": { - "markdownDescription": "The field ID of the field that you are setting the axis binding to.", - "title": "FieldId", - "type": "string" - }, - "FieldValue": { - "markdownDescription": "The field value of the field that you are setting the axis binding to.", - "title": "FieldValue", - "type": "string" - }, - "Settings": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartSeriesSettings", - "markdownDescription": "The options that determine the presentation of line series associated to the field.", - "title": "Settings" + "MultiplexM2tsSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MultiplexM2tsSettings", + "markdownDescription": "", + "title": "MultiplexM2tsSettings" } }, - "required": [ - "AxisBinding", - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.DataLabelOptions": { + "AWS::MediaLive::Channel.MultiplexGroupSettings": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::MediaLive::Channel.MultiplexM2tsSettings": { "additionalProperties": false, "properties": { - "CategoryLabelVisibility": { - "markdownDescription": "Determines the visibility of the category field labels.", - "title": "CategoryLabelVisibility", + "AbsentInputAudioBehavior": { + "markdownDescription": "", + "title": "AbsentInputAudioBehavior", "type": "string" }, - "DataLabelTypes": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelType" - }, - "markdownDescription": "The option that determines the data label type.", - "title": "DataLabelTypes", - "type": "array" - }, - "LabelColor": { - "markdownDescription": "Determines the color of the data labels.", - "title": "LabelColor", + "Arib": { + "markdownDescription": "", + "title": "Arib", "type": "string" }, - "LabelContent": { - "markdownDescription": "Determines the content of the data labels.", - "title": "LabelContent", + "AudioBufferModel": { + "markdownDescription": "", + "title": "AudioBufferModel", "type": "string" }, - "LabelFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", - "markdownDescription": "Determines the font configuration of the data labels.", - "title": "LabelFontConfiguration" + "AudioFramesPerPes": { + "markdownDescription": "", + "title": "AudioFramesPerPes", + "type": "number" }, - "MeasureLabelVisibility": { - "markdownDescription": "Determines the visibility of the measure field labels.", - "title": "MeasureLabelVisibility", + "AudioStreamType": { + "markdownDescription": "", + "title": "AudioStreamType", "type": "string" }, - "Overlap": { - "markdownDescription": "Determines whether overlap is enabled or disabled for the data labels.", - "title": "Overlap", + "CcDescriptor": { + "markdownDescription": "", + "title": "CcDescriptor", "type": "string" }, - "Position": { - "markdownDescription": "Determines the position of the data labels.", - "title": "Position", + "Ebif": { + "markdownDescription": "", + "title": "Ebif", "type": "string" }, - "TotalsVisibility": { - "markdownDescription": "Determines the visibility of the total.", - "title": "TotalsVisibility", + "EsRateInPes": { + "markdownDescription": "", + "title": "EsRateInPes", "type": "string" }, - "Visibility": { - "markdownDescription": "Determines the visibility of the data labels.", - "title": "Visibility", + "Klv": { + "markdownDescription": "", + "title": "Klv", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.DataLabelType": { - "additionalProperties": false, - "properties": { - "DataPathLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathLabelType", - "markdownDescription": "The option that specifies individual data values for labels.", - "title": "DataPathLabelType" - }, - "FieldLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldLabelType", - "markdownDescription": "Determines the label configuration for the entire field.", - "title": "FieldLabelType" - }, - "MaximumLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MaximumLabelType", - "markdownDescription": "Determines the label configuration for the maximum value in a visual.", - "title": "MaximumLabelType" }, - "MinimumLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MinimumLabelType", - "markdownDescription": "Determines the label configuration for the minimum value in a visual.", - "title": "MinimumLabelType" + "NielsenId3Behavior": { + "markdownDescription": "", + "title": "NielsenId3Behavior", + "type": "string" }, - "RangeEndsLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RangeEndsLabelType", - "markdownDescription": "Determines the label configuration for range end value in a visual.", - "title": "RangeEndsLabelType" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.DataPathColor": { - "additionalProperties": false, - "properties": { - "Color": { - "markdownDescription": "The color that needs to be applied to the element.", - "title": "Color", + "PcrControl": { + "markdownDescription": "", + "title": "PcrControl", "type": "string" }, - "Element": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathValue", - "markdownDescription": "The element that the color needs to be applied to.", - "title": "Element" + "PcrPeriod": { + "markdownDescription": "", + "title": "PcrPeriod", + "type": "number" }, - "TimeGranularity": { - "markdownDescription": "The time granularity of the field that the color needs to be applied to.", - "title": "TimeGranularity", + "Scte35Control": { + "markdownDescription": "", + "title": "Scte35Control", "type": "string" + }, + "Scte35PrerollPullupMilliseconds": { + "markdownDescription": "", + "title": "Scte35PrerollPullupMilliseconds", + "type": "number" } }, - "required": [ - "Color", - "Element" - ], "type": "object" }, - "AWS::QuickSight::Analysis.DataPathLabelType": { + "AWS::MediaLive::Channel.MultiplexOutputSettings": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID of the field that the data label needs to be applied to.", - "title": "FieldId", - "type": "string" - }, - "FieldValue": { - "markdownDescription": "The actual value of the field that is labeled.", - "title": "FieldValue", - "type": "string" + "ContainerSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MultiplexContainerSettings", + "markdownDescription": "", + "title": "ContainerSettings" }, - "Visibility": { - "markdownDescription": "The visibility of the data label.", - "title": "Visibility", - "type": "string" + "Destination": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", + "markdownDescription": "Destination is a Multiplex.", + "title": "Destination" } }, "type": "object" }, - "AWS::QuickSight::Analysis.DataPathSort": { + "AWS::MediaLive::Channel.MultiplexProgramChannelDestinationSettings": { "additionalProperties": false, "properties": { - "Direction": { - "markdownDescription": "Determines the sort direction.", - "title": "Direction", + "MultiplexId": { + "markdownDescription": "The ID of the Multiplex that the encoder is providing output to. You do not need to specify the individual inputs to the Multiplex; MediaLive will handle the connection of the two MediaLive pipelines to the two Multiplex instances.\nThe Multiplex must be in the same region as the Channel.", + "title": "MultiplexId", "type": "string" }, - "SortPaths": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathValue" - }, - "markdownDescription": "The list of data paths that need to be sorted.", - "title": "SortPaths", - "type": "array" + "ProgramName": { + "markdownDescription": "The program name of the Multiplex program that the encoder is providing output to.", + "title": "ProgramName", + "type": "string" } }, - "required": [ - "Direction", - "SortPaths" - ], "type": "object" }, - "AWS::QuickSight::Analysis.DataPathType": { + "AWS::MediaLive::Channel.NetworkInputSettings": { "additionalProperties": false, "properties": { - "PivotTableDataPathType": { - "markdownDescription": "The type of data path value utilized in a pivot table. Choose one of the following options:\n\n- `HIERARCHY_ROWS_LAYOUT_COLUMN` - The type of data path for the rows layout column, when `RowsLayout` is set to `HIERARCHY` .\n- `MULTIPLE_ROW_METRICS_COLUMN` - The type of data path for the metric column when the row is set to Metric Placement.\n- `EMPTY_COLUMN_HEADER` - The type of data path for the column with empty column header, when there is no field in `ColumnsFieldWell` and the row is set to Metric Placement.\n- `COUNT_METRIC_COLUMN` - The type of data path for the column with `COUNT` as the metric, when there is no field in the `ValuesFieldWell` .", - "title": "PivotTableDataPathType", + "HlsInputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.HlsInputSettings", + "markdownDescription": "Information about how to connect to the upstream system.", + "title": "HlsInputSettings" + }, + "MulticastInputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MulticastInputSettings", + "markdownDescription": "", + "title": "MulticastInputSettings" + }, + "ServerValidation": { + "markdownDescription": "Checks HTTPS server certificates. When set to checkCryptographyOnly, cryptography in the certificate is checked, but not the server's name. Certain subdomains (notably S3 buckets that use dots in the bucket name) don't strictly match the corresponding certificate's wildcard pattern and would otherwise cause the channel to error. This setting is ignored for protocols that do not use HTTPS.", + "title": "ServerValidation", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.DataPathValue": { + "AWS::MediaLive::Channel.NielsenCBET": { "additionalProperties": false, "properties": { - "DataPathType": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathType", - "markdownDescription": "The type configuration of the field.", - "title": "DataPathType" + "CbetCheckDigitString": { + "markdownDescription": "Enter the CBET check digits to use in the watermark.", + "title": "CbetCheckDigitString", + "type": "string" }, - "FieldId": { - "markdownDescription": "The field ID of the field that needs to be sorted.", - "title": "FieldId", + "CbetStepaside": { + "markdownDescription": "Determines the method of CBET insertion mode when prior encoding is detected on the same layer.", + "title": "CbetStepaside", "type": "string" }, - "FieldValue": { - "markdownDescription": "The actual value of the field that needs to be sorted.", - "title": "FieldValue", + "Csid": { + "markdownDescription": "Enter the CBET Source ID (CSID) to use in the watermark", + "title": "Csid", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.DataSetIdentifierDeclaration": { + "AWS::MediaLive::Channel.NielsenConfiguration": { "additionalProperties": false, "properties": { - "DataSetArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the data set.", - "title": "DataSetArn", + "DistributorId": { + "markdownDescription": "Enter the Distributor ID assigned to your organization by Nielsen.", + "title": "DistributorId", "type": "string" }, - "Identifier": { - "markdownDescription": "The identifier of the data set, typically the data set's name.", - "title": "Identifier", + "NielsenPcmToId3Tagging": { + "markdownDescription": "Enables Nielsen PCM to ID3 tagging", + "title": "NielsenPcmToId3Tagging", "type": "string" } }, - "required": [ - "DataSetArn", - "Identifier" - ], "type": "object" }, - "AWS::QuickSight::Analysis.DataSetReference": { + "AWS::MediaLive::Channel.NielsenNaesIiNw": { "additionalProperties": false, "properties": { - "DataSetArn": { - "markdownDescription": "Dataset Amazon Resource Name (ARN).", - "title": "DataSetArn", + "CheckDigitString": { + "markdownDescription": "Enter the check digit string for the watermark", + "title": "CheckDigitString", "type": "string" }, - "DataSetPlaceholder": { - "markdownDescription": "Dataset placeholder.", - "title": "DataSetPlaceholder", + "Sid": { + "markdownDescription": "Enter the Nielsen Source ID (SID) to include in the watermark", + "title": "Sid", + "type": "number" + }, + "Timezone": { + "markdownDescription": "", + "title": "Timezone", "type": "string" } }, - "required": [ - "DataSetArn", - "DataSetPlaceholder" - ], "type": "object" }, - "AWS::QuickSight::Analysis.DateAxisOptions": { + "AWS::MediaLive::Channel.NielsenWatermarksSettings": { "additionalProperties": false, "properties": { - "MissingDateVisibility": { - "markdownDescription": "Determines whether or not missing dates are displayed.", - "title": "MissingDateVisibility", + "NielsenCbetSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.NielsenCBET", + "markdownDescription": "Complete these fields only if you want to insert watermarks of type Nielsen CBET", + "title": "NielsenCbetSettings" + }, + "NielsenDistributionType": { + "markdownDescription": "Choose the distribution types that you want to assign to the watermarks:\n- PROGRAM_CONTENT\n- FINAL_DISTRIBUTOR", + "title": "NielsenDistributionType", "type": "string" + }, + "NielsenNaesIiNwSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.NielsenNaesIiNw", + "markdownDescription": "Complete these fields only if you want to insert watermarks of type Nielsen NAES II (N2) and Nielsen NAES VI (NW).", + "title": "NielsenNaesIiNwSettings" } }, "type": "object" }, - "AWS::QuickSight::Analysis.DateDimensionField": { + "AWS::MediaLive::Channel.Output": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that is used in the `DateDimensionField` .", - "title": "Column" + "AudioDescriptionNames": { + "items": { + "type": "string" + }, + "markdownDescription": "The names of the audio descriptions that are used as audio sources for this output.", + "title": "AudioDescriptionNames", + "type": "array" }, - "DateGranularity": { - "markdownDescription": "The date granularity of the `DateDimensionField` . Choose one of the following options:\n\n- `YEAR`\n- `QUARTER`\n- `MONTH`\n- `WEEK`\n- `DAY`\n- `HOUR`\n- `MINUTE`\n- `SECOND`\n- `MILLISECOND`", - "title": "DateGranularity", - "type": "string" + "CaptionDescriptionNames": { + "items": { + "type": "string" + }, + "markdownDescription": "The names of the caption descriptions that are used as captions sources for this output.", + "title": "CaptionDescriptionNames", + "type": "array" }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "OutputName": { + "markdownDescription": "The name that is used to identify an output.", + "title": "OutputName", "type": "string" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" + "OutputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputSettings", + "markdownDescription": "The output type-specific settings.", + "title": "OutputSettings" }, - "HierarchyId": { - "markdownDescription": "The custom hierarchy ID.", - "title": "HierarchyId", + "VideoDescriptionName": { + "markdownDescription": "The name of the VideoDescription that is used as the source for this output.", + "title": "VideoDescriptionName", "type": "string" } }, - "required": [ - "Column", - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.DateMeasureField": { + "AWS::MediaLive::Channel.OutputDestination": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "markdownDescription": "The aggregation function of the measure field.", - "title": "AggregationFunction", + "Id": { + "markdownDescription": "The ID for this destination.", + "title": "Id", "type": "string" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that is used in the `DateMeasureField` .", - "title": "Column" + "LogicalInterfaceNames": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "LogicalInterfaceNames", + "type": "array" }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", - "type": "string" + "MediaPackageSettings": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MediaPackageOutputDestinationSettings" + }, + "markdownDescription": "The destination settings for a MediaPackage output.", + "title": "MediaPackageSettings", + "type": "array" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" - } - }, - "required": [ - "Column", - "FieldId" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.DateTimeDefaultValues": { - "additionalProperties": false, - "properties": { - "DynamicValue": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DynamicDefaultValue", - "markdownDescription": "The dynamic value of the `DataTimeDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", - "title": "DynamicValue" + "MultiplexSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MultiplexProgramChannelDestinationSettings", + "markdownDescription": "Destination settings for a Multiplex output; one destination for both encoders.", + "title": "MultiplexSettings" }, - "RollingDate": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RollingDateConfiguration", - "markdownDescription": "The rolling date of the `DataTimeDefaultValues` . The date is determined from the dataset based on input expression.", - "title": "RollingDate" + "Settings": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputDestinationSettings" + }, + "markdownDescription": "The destination settings for an output.", + "title": "Settings", + "type": "array" }, - "StaticValues": { + "SrtSettings": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::MediaLive::Channel.SrtOutputDestinationSettings" }, - "markdownDescription": "The static values of the `DataTimeDefaultValues` .", - "title": "StaticValues", + "markdownDescription": "", + "title": "SrtSettings", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.DateTimeFormatConfiguration": { + "AWS::MediaLive::Channel.OutputDestinationSettings": { "additionalProperties": false, "properties": { - "DateTimeFormat": { - "markdownDescription": "Determines the `DateTime` format.", - "title": "DateTimeFormat", + "PasswordParam": { + "markdownDescription": "The password parameter that holds the password for accessing the downstream system. This password parameter applies only if the downstream system requires credentials.", + "title": "PasswordParam", "type": "string" }, - "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NullValueFormatConfiguration", - "markdownDescription": "The options that determine the null value format configuration.", - "title": "NullValueFormatConfiguration" + "StreamName": { + "markdownDescription": "The stream name for the content. This applies only to RTMP outputs.", + "title": "StreamName", + "type": "string" }, - "NumericFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericFormatConfiguration", - "markdownDescription": "The formatting configuration for numeric `DateTime` fields.", - "title": "NumericFormatConfiguration" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.DateTimeHierarchy": { - "additionalProperties": false, - "properties": { - "DrillDownFilters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DrillDownFilter" - }, - "markdownDescription": "The option that determines the drill down filters for the `DateTime` hierarchy.", - "title": "DrillDownFilters", - "type": "array" + "Url": { + "markdownDescription": "The URL for the destination.", + "title": "Url", + "type": "string" }, - "HierarchyId": { - "markdownDescription": "The hierarchy ID of the `DateTime` hierarchy.", - "title": "HierarchyId", + "Username": { + "markdownDescription": "The user name to connect to the downstream system. This applies only if the downstream system requires credentials.", + "title": "Username", "type": "string" } }, - "required": [ - "HierarchyId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.DateTimeParameter": { + "AWS::MediaLive::Channel.OutputGroup": { "additionalProperties": false, "properties": { "Name": { - "markdownDescription": "A display name for the date-time parameter.", + "markdownDescription": "A custom output group name that you can optionally define. Only letters, numbers, and the underscore character are allowed. The maximum length is 32 characters.", "title": "Name", "type": "string" }, - "Values": { + "OutputGroupSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputGroupSettings", + "markdownDescription": "The settings associated with the output group.", + "title": "OutputGroupSettings" + }, + "Outputs": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::MediaLive::Channel.Output" }, - "markdownDescription": "The values for the date-time parameter.", - "title": "Values", + "markdownDescription": "The settings for the outputs in the output group.", + "title": "Outputs", "type": "array" } }, - "required": [ - "Name", - "Values" - ], "type": "object" }, - "AWS::QuickSight::Analysis.DateTimeParameterDeclaration": { + "AWS::MediaLive::Channel.OutputGroupSettings": { "additionalProperties": false, "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeDefaultValues", - "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", - "title": "DefaultValues" + "ArchiveGroupSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.ArchiveGroupSettings", + "markdownDescription": "The configuration of an archive output group.\n\nThe parent of this entity is OutputGroupSettings.", + "title": "ArchiveGroupSettings" }, - "MappedDataSetParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MappedDataSetParameter" - }, + "CmafIngestGroupSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.CmafIngestGroupSettings", "markdownDescription": "", - "title": "MappedDataSetParameters", - "type": "array" + "title": "CmafIngestGroupSettings" }, - "Name": { - "markdownDescription": "The name of the parameter that is being declared.", - "title": "Name", - "type": "string" + "FrameCaptureGroupSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.FrameCaptureGroupSettings", + "markdownDescription": "The configuration of a frame capture output group.", + "title": "FrameCaptureGroupSettings" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", - "type": "string" + "HlsGroupSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.HlsGroupSettings", + "markdownDescription": "The configuration of an HLS output group.", + "title": "HlsGroupSettings" }, - "ValueWhenUnset": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeValueWhenUnsetConfiguration", - "markdownDescription": "The configuration that defines the default value of a `DateTime` parameter when a value has not been set.", - "title": "ValueWhenUnset" + "MediaPackageGroupSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MediaPackageGroupSettings", + "markdownDescription": "The configuration of a MediaPackage output group.", + "title": "MediaPackageGroupSettings" + }, + "MsSmoothGroupSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MsSmoothGroupSettings", + "markdownDescription": "The configuration of a Microsoft Smooth output group.", + "title": "MsSmoothGroupSettings" + }, + "MultiplexGroupSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MultiplexGroupSettings", + "markdownDescription": "The settings for a Multiplex output group.", + "title": "MultiplexGroupSettings" + }, + "RtmpGroupSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.RtmpGroupSettings", + "markdownDescription": "The configuration of an RTMP output group.", + "title": "RtmpGroupSettings" + }, + "SrtGroupSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.SrtGroupSettings", + "markdownDescription": "", + "title": "SrtGroupSettings" + }, + "UdpGroupSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.UdpGroupSettings", + "markdownDescription": "The configuration of a UDP output group.", + "title": "UdpGroupSettings" } }, - "required": [ - "Name" - ], "type": "object" }, - "AWS::QuickSight::Analysis.DateTimePickerControlDisplayOptions": { + "AWS::MediaLive::Channel.OutputLocationRef": { "additionalProperties": false, "properties": { - "DateTimeFormat": { - "markdownDescription": "Customize how dates are formatted in controls.", - "title": "DateTimeFormat", + "DestinationRefId": { + "markdownDescription": "A reference ID for this destination.", + "title": "DestinationRefId", "type": "string" - }, - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" - }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" } }, "type": "object" }, - "AWS::QuickSight::Analysis.DateTimeValueWhenUnsetConfiguration": { + "AWS::MediaLive::Channel.OutputLockingSettings": { "additionalProperties": false, "properties": { - "CustomValue": { - "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", - "title": "CustomValue", - "type": "string" + "EpochLockingSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.EpochLockingSettings", + "markdownDescription": "", + "title": "EpochLockingSettings" }, - "ValueWhenUnsetOption": { - "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", - "title": "ValueWhenUnsetOption", - "type": "string" + "PipelineLockingSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.PipelineLockingSettings", + "markdownDescription": "", + "title": "PipelineLockingSettings" } }, "type": "object" }, - "AWS::QuickSight::Analysis.DecimalDefaultValues": { + "AWS::MediaLive::Channel.OutputSettings": { "additionalProperties": false, "properties": { - "DynamicValue": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DynamicDefaultValue", - "markdownDescription": "The dynamic value of the `DecimalDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", - "title": "DynamicValue" + "ArchiveOutputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.ArchiveOutputSettings", + "markdownDescription": "The settings for an archive output.", + "title": "ArchiveOutputSettings" }, - "StaticValues": { - "items": { - "type": "number" - }, - "markdownDescription": "The static values of the `DecimalDefaultValues` .", - "title": "StaticValues", - "type": "array" + "CmafIngestOutputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.CmafIngestOutputSettings", + "markdownDescription": "", + "title": "CmafIngestOutputSettings" + }, + "FrameCaptureOutputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.FrameCaptureOutputSettings", + "markdownDescription": "The settings for a frame capture output.\n\nThe parent of this entity is OutputGroupSettings.", + "title": "FrameCaptureOutputSettings" + }, + "HlsOutputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.HlsOutputSettings", + "markdownDescription": "The settings for an HLS output.\n\nThe parent of this entity is OutputGroupSettings.", + "title": "HlsOutputSettings" + }, + "MediaPackageOutputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MediaPackageOutputSettings", + "markdownDescription": "The settings for a MediaPackage output.\n\nThe parent of this entity is OutputGroupSettings.", + "title": "MediaPackageOutputSettings" + }, + "MsSmoothOutputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MsSmoothOutputSettings", + "markdownDescription": "The settings for a Microsoft Smooth output.", + "title": "MsSmoothOutputSettings" + }, + "MultiplexOutputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MultiplexOutputSettings", + "markdownDescription": "Configuration of a Multiplex output.", + "title": "MultiplexOutputSettings" + }, + "RtmpOutputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.RtmpOutputSettings", + "markdownDescription": "The settings for an RTMP output.\n\nThe parent of this entity is OutputGroupSettings.", + "title": "RtmpOutputSettings" + }, + "SrtOutputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.SrtOutputSettings", + "markdownDescription": "", + "title": "SrtOutputSettings" + }, + "UdpOutputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.UdpOutputSettings", + "markdownDescription": "The settings for a UDP output.\n\nThe parent of this entity is OutputGroupSettings.", + "title": "UdpOutputSettings" } }, "type": "object" }, - "AWS::QuickSight::Analysis.DecimalParameter": { + "AWS::MediaLive::Channel.PassThroughSettings": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::MediaLive::Channel.PipelineLockingSettings": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::MediaLive::Channel.RawSettings": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::MediaLive::Channel.Rec601Settings": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::MediaLive::Channel.Rec709Settings": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::MediaLive::Channel.RemixSettings": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "A display name for the decimal parameter.", - "title": "Name", - "type": "string" - }, - "Values": { + "ChannelMappings": { "items": { - "type": "number" + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioChannelMapping" }, - "markdownDescription": "The values for the decimal parameter.", - "title": "Values", + "markdownDescription": "A mapping of input channels to output channels, with appropriate gain adjustments.", + "title": "ChannelMappings", "type": "array" + }, + "ChannelsIn": { + "markdownDescription": "The number of input channels to be used.", + "title": "ChannelsIn", + "type": "number" + }, + "ChannelsOut": { + "markdownDescription": "The number of output channels to be produced. Valid values: 1, 2, 4, 6, 8.", + "title": "ChannelsOut", + "type": "number" } }, - "required": [ - "Name", - "Values" - ], "type": "object" }, - "AWS::QuickSight::Analysis.DecimalParameterDeclaration": { + "AWS::MediaLive::Channel.RtmpCaptionInfoDestinationSettings": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::MediaLive::Channel.RtmpGroupSettings": { "additionalProperties": false, "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalDefaultValues", - "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", - "title": "DefaultValues" - }, - "MappedDataSetParameters": { + "AdMarkers": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MappedDataSetParameter" + "type": "string" }, - "markdownDescription": "", - "title": "MappedDataSetParameters", + "markdownDescription": "Choose the ad marker type for this output group. MediaLive will create a message based on the content of each SCTE-35 message, format it for that marker type, and insert it in the datastream.", + "title": "AdMarkers", "type": "array" }, - "Name": { - "markdownDescription": "The name of the parameter that is being declared.", - "title": "Name", + "AuthenticationScheme": { + "markdownDescription": "An authentication scheme to use when connecting with a CDN.", + "title": "AuthenticationScheme", "type": "string" }, - "ParameterValueType": { - "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", - "title": "ParameterValueType", + "CacheFullBehavior": { + "markdownDescription": "Controls behavior when the content cache fills up. If a remote origin server stalls the RTMP connection and doesn't accept content fast enough, the media cache fills up. When the cache reaches the duration specified by cacheLength, the cache stops accepting new content. If set to disconnectImmediately, the RTMP output forces a disconnect. Clear the media cache, and reconnect after restartDelay seconds. If set to waitForServer, the RTMP output waits up to 5 minutes to allow the origin server to begin accepting data again.", + "title": "CacheFullBehavior", "type": "string" }, - "ValueWhenUnset": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalValueWhenUnsetConfiguration", - "markdownDescription": "The configuration that defines the default value of a `Decimal` parameter when a value has not been set.", - "title": "ValueWhenUnset" + "CacheLength": { + "markdownDescription": "The cache length, in seconds, that is used to calculate buffer size.", + "title": "CacheLength", + "type": "number" + }, + "CaptionData": { + "markdownDescription": "Controls the types of data that pass to onCaptionInfo outputs. If set to all, 608 and 708 carried DTVCC data is passed. If set to field1AndField2608, DTVCC data is stripped out, but 608 data from both fields is passed. If set to field1608, only the data carried in 608 from field 1 video is passed.", + "title": "CaptionData", + "type": "string" + }, + "IncludeFillerNalUnits": { + "markdownDescription": "", + "title": "IncludeFillerNalUnits", + "type": "string" + }, + "InputLossAction": { + "markdownDescription": "Controls the behavior of this RTMP group if the input becomes unavailable. emitOutput: Emit a slate until the input returns. pauseOutput: Stop transmitting data until the input returns. This does not close the underlying RTMP connection.", + "title": "InputLossAction", + "type": "string" + }, + "RestartDelay": { + "markdownDescription": "If a streaming output fails, the number of seconds to wait until a restart is initiated. A value of 0 means never restart.", + "title": "RestartDelay", + "type": "number" } }, - "required": [ - "Name", - "ParameterValueType" - ], "type": "object" }, - "AWS::QuickSight::Analysis.DecimalPlacesConfiguration": { + "AWS::MediaLive::Channel.RtmpOutputSettings": { "additionalProperties": false, "properties": { - "DecimalPlaces": { - "markdownDescription": "The values of the decimal places.", - "title": "DecimalPlaces", + "CertificateMode": { + "markdownDescription": "If set to verifyAuthenticity, verifies the TLS certificate chain to a trusted certificate authority (CA). This causes RTMPS outputs with self-signed certificates to fail.", + "title": "CertificateMode", + "type": "string" + }, + "ConnectionRetryInterval": { + "markdownDescription": "The number of seconds to wait before retrying a connection to the Flash Media server if the connection is lost.", + "title": "ConnectionRetryInterval", + "type": "number" + }, + "Destination": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", + "markdownDescription": "The RTMP endpoint excluding the stream name (for example, rtmp://host/appname).", + "title": "Destination" + }, + "NumRetries": { + "markdownDescription": "The number of retry attempts.", + "title": "NumRetries", "type": "number" } }, - "required": [ - "DecimalPlaces" - ], "type": "object" }, - "AWS::QuickSight::Analysis.DecimalValueWhenUnsetConfiguration": { + "AWS::MediaLive::Channel.Scte20PlusEmbeddedDestinationSettings": { "additionalProperties": false, - "properties": { - "CustomValue": { - "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", - "title": "CustomValue", - "type": "number" - }, - "ValueWhenUnsetOption": { - "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", - "title": "ValueWhenUnsetOption", - "type": "string" - } - }, + "properties": {}, "type": "object" }, - "AWS::QuickSight::Analysis.DefaultDateTimePickerControlOptions": { + "AWS::MediaLive::Channel.Scte20SourceSettings": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimePickerControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "Type": { - "markdownDescription": "The date time picker type of the `DefaultDateTimePickerControlOptions` . Choose one of the following options:\n\n- `SINGLE_VALUED` : The filter condition is a fixed date.\n- `DATE_RANGE` : The filter condition is a date time range.", - "title": "Type", + "Convert608To708": { + "markdownDescription": "If upconvert, 608 data is both passed through the \"608 compatibility bytes\" fields of the 708 wrapper as well as translated into 708. Any 708 data present in the source content is discarded.", + "title": "Convert608To708", "type": "string" + }, + "Source608ChannelNumber": { + "markdownDescription": "Specifies the 608/708 channel number within the video track from which to extract captions.", + "title": "Source608ChannelNumber", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.DefaultFilterControlConfiguration": { + "AWS::MediaLive::Channel.Scte27DestinationSettings": { "additionalProperties": false, - "properties": { - "ControlOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlOptions", - "markdownDescription": "The control option for the `DefaultFilterControlConfiguration` .", - "title": "ControlOptions" - }, - "Title": { - "markdownDescription": "The title of the `DefaultFilterControlConfiguration` . This title is shared by all controls that are tied to this filter.", - "title": "Title", - "type": "string" - } - }, - "required": [ - "ControlOptions", - "Title" - ], + "properties": {}, "type": "object" }, - "AWS::QuickSight::Analysis.DefaultFilterControlOptions": { + "AWS::MediaLive::Channel.Scte27SourceSettings": { "additionalProperties": false, "properties": { - "DefaultDateTimePickerOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultDateTimePickerControlOptions", - "markdownDescription": "The default options that correspond to the filter control type of a `DateTimePicker` .", - "title": "DefaultDateTimePickerOptions" - }, - "DefaultDropdownOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterDropDownControlOptions", - "markdownDescription": "The default options that correspond to the `Dropdown` filter control type.", - "title": "DefaultDropdownOptions" - }, - "DefaultListOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterListControlOptions", - "markdownDescription": "The default options that correspond to the `List` filter control type.", - "title": "DefaultListOptions" - }, - "DefaultRelativeDateTimeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultRelativeDateTimeControlOptions", - "markdownDescription": "The default options that correspond to the `RelativeDateTime` filter control type.", - "title": "DefaultRelativeDateTimeOptions" - }, - "DefaultSliderOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultSliderControlOptions", - "markdownDescription": "The default options that correspond to the `Slider` filter control type.", - "title": "DefaultSliderOptions" - }, - "DefaultTextAreaOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultTextAreaControlOptions", - "markdownDescription": "The default options that correspond to the `TextArea` filter control type.", - "title": "DefaultTextAreaOptions" + "OcrLanguage": { + "markdownDescription": "If you will configure a WebVTT caption description that references this caption selector, use this field to\nprovide the language to consider when translating the image-based source to text.", + "title": "OcrLanguage", + "type": "string" }, - "DefaultTextFieldOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultTextFieldControlOptions", - "markdownDescription": "The default options that correspond to the `TextField` filter control type.", - "title": "DefaultTextFieldOptions" + "Pid": { + "markdownDescription": "The PID field is used in conjunction with the captions selector languageCode field as follows: Specify PID and Language: Extracts captions from that PID; the language is \"informational.\" Specify PID and omit Language: Extracts the specified PID. Omit PID and specify Language: Extracts the specified language, whichever PID that happens to be. Omit PID and omit Language: Valid only if source is DVB-Sub that is being passed through; all languages are passed through.", + "title": "Pid", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.DefaultFilterDropDownControlOptions": { + "AWS::MediaLive::Channel.Scte35SpliceInsert": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DropDownControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "AdAvailOffset": { + "markdownDescription": "When specified, this offset (in milliseconds) is added to the input ad avail PTS time. This applies only to embedded SCTE 104/35 messages. It doesn't apply to OOB messages.", + "title": "AdAvailOffset", + "type": "number" }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" + "NoRegionalBlackoutFlag": { + "markdownDescription": "When set to ignore, segment descriptors with noRegionalBlackoutFlag set to 0 no longer trigger blackouts or ad avail slates.", + "title": "NoRegionalBlackoutFlag", + "type": "string" }, - "Type": { - "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", - "title": "Type", + "WebDeliveryAllowedFlag": { + "markdownDescription": "When set to ignore, segment descriptors with webDeliveryAllowedFlag set to 0 no longer trigger blackouts or ad avail slates.", + "title": "WebDeliveryAllowedFlag", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.DefaultFilterListControlOptions": { + "AWS::MediaLive::Channel.Scte35TimeSignalApos": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ListControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "AdAvailOffset": { + "markdownDescription": "When specified, this offset (in milliseconds) is added to the input ad avail PTS time. This applies only to embedded SCTE 104/35 messages. It doesn't apply to OOB messages.", + "title": "AdAvailOffset", + "type": "number" }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" + "NoRegionalBlackoutFlag": { + "markdownDescription": "When set to ignore, segment descriptors with noRegionalBlackoutFlag set to 0 no longer trigger blackouts or ad avail slates.", + "title": "NoRegionalBlackoutFlag", + "type": "string" }, - "Type": { - "markdownDescription": "The type of the `DefaultFilterListControlOptions` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list.", - "title": "Type", + "WebDeliveryAllowedFlag": { + "markdownDescription": "When set to ignore, segment descriptors with webDeliveryAllowedFlag set to 0 no longer trigger blackouts or ad avail slates.", + "title": "WebDeliveryAllowedFlag", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.DefaultFreeFormLayoutConfiguration": { + "AWS::MediaLive::Channel.SmpteTtDestinationSettings": { "additionalProperties": false, - "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutCanvasSizeOptions", - "markdownDescription": "Determines the screen canvas size options for a free-form layout.", - "title": "CanvasSizeOptions" - } - }, - "required": [ - "CanvasSizeOptions" - ], + "properties": {}, "type": "object" }, - "AWS::QuickSight::Analysis.DefaultGridLayoutConfiguration": { + "AWS::MediaLive::Channel.SrtGroupSettings": { "additionalProperties": false, "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GridLayoutCanvasSizeOptions", - "markdownDescription": "Determines the screen canvas size options for a grid layout.", - "title": "CanvasSizeOptions" + "InputLossAction": { + "markdownDescription": "", + "title": "InputLossAction", + "type": "string" } }, - "required": [ - "CanvasSizeOptions" - ], "type": "object" }, - "AWS::QuickSight::Analysis.DefaultInteractiveLayoutConfiguration": { + "AWS::MediaLive::Channel.SrtOutputDestinationSettings": { "additionalProperties": false, "properties": { - "FreeForm": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFreeFormLayoutConfiguration", - "markdownDescription": "The options that determine the default settings of a free-form layout configuration.", - "title": "FreeForm" + "EncryptionPassphraseSecretArn": { + "markdownDescription": "", + "title": "EncryptionPassphraseSecretArn", + "type": "string" }, - "Grid": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultGridLayoutConfiguration", - "markdownDescription": "The options that determine the default settings for a grid layout configuration.", - "title": "Grid" + "StreamId": { + "markdownDescription": "", + "title": "StreamId", + "type": "string" + }, + "Url": { + "markdownDescription": "", + "title": "Url", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.DefaultNewSheetConfiguration": { + "AWS::MediaLive::Channel.SrtOutputSettings": { "additionalProperties": false, "properties": { - "InteractiveLayoutConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultInteractiveLayoutConfiguration", - "markdownDescription": "The options that determine the default settings for interactive layout configuration.", - "title": "InteractiveLayoutConfiguration" + "BufferMsec": { + "markdownDescription": "", + "title": "BufferMsec", + "type": "number" }, - "PaginatedLayoutConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultPaginatedLayoutConfiguration", - "markdownDescription": "The options that determine the default settings for a paginated layout configuration.", - "title": "PaginatedLayoutConfiguration" + "ContainerSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.UdpContainerSettings", + "markdownDescription": "", + "title": "ContainerSettings" }, - "SheetContentType": { - "markdownDescription": "The option that determines the sheet content type.", - "title": "SheetContentType", + "Destination": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", + "markdownDescription": "", + "title": "Destination" + }, + "EncryptionType": { + "markdownDescription": "", + "title": "EncryptionType", "type": "string" + }, + "Latency": { + "markdownDescription": "", + "title": "Latency", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.DefaultPaginatedLayoutConfiguration": { + "AWS::MediaLive::Channel.StandardHlsSettings": { "additionalProperties": false, "properties": { - "SectionBased": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultSectionBasedLayoutConfiguration", - "markdownDescription": "The options that determine the default settings for a section-based layout configuration.", - "title": "SectionBased" + "AudioRenditionSets": { + "markdownDescription": "Lists all the audio groups that are used with the video output stream. This inputs all the audio GROUP-IDs that are associated with the video, separated by a comma (,).", + "title": "AudioRenditionSets", + "type": "string" + }, + "M3u8Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.M3u8Settings", + "markdownDescription": "Settings for the M3U8 container.", + "title": "M3u8Settings" } }, "type": "object" }, - "AWS::QuickSight::Analysis.DefaultRelativeDateTimeControlOptions": { + "AWS::MediaLive::Channel.StaticKeySettings": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RelativeDateTimeControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "KeyProviderServer": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", + "markdownDescription": "The URL of the license server that is used for protecting content.", + "title": "KeyProviderServer" + }, + "StaticKeyValue": { + "markdownDescription": "The static key value as a 32 character hexadecimal string.", + "title": "StaticKeyValue", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.DefaultSectionBasedLayoutConfiguration": { + "AWS::MediaLive::Channel.TeletextDestinationSettings": { "additionalProperties": false, - "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionBasedLayoutCanvasSizeOptions", - "markdownDescription": "Determines the screen canvas size options for a section-based layout.", - "title": "CanvasSizeOptions" - } - }, - "required": [ - "CanvasSizeOptions" - ], + "properties": {}, "type": "object" }, - "AWS::QuickSight::Analysis.DefaultSliderControlOptions": { + "AWS::MediaLive::Channel.TeletextSourceSettings": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SliderControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "MaximumValue": { - "markdownDescription": "The larger value that is displayed at the right of the slider.", - "title": "MaximumValue", - "type": "number" - }, - "MinimumValue": { - "markdownDescription": "The smaller value that is displayed at the left of the slider.", - "title": "MinimumValue", - "type": "number" - }, - "StepSize": { - "markdownDescription": "The number of increments that the slider bar is divided into.", - "title": "StepSize", - "type": "number" + "OutputRectangle": { + "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionRectangle", + "markdownDescription": "Settings to configure the caption rectangle for an output captions that will be created using this Teletext source captions.", + "title": "OutputRectangle" }, - "Type": { - "markdownDescription": "The type of the `DefaultSliderControlOptions` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range.", - "title": "Type", + "PageNumber": { + "markdownDescription": "Specifies the Teletext page number within the data stream from which to extract captions. The range is 0x100 (256) to 0x8FF (2303). This is unused for passthrough. It should be specified as a hexadecimal string with no \"0x\" prefix.", + "title": "PageNumber", "type": "string" } }, - "required": [ - "MaximumValue", - "MinimumValue", - "StepSize" - ], "type": "object" }, - "AWS::QuickSight::Analysis.DefaultTextAreaControlOptions": { + "AWS::MediaLive::Channel.TemporalFilterSettings": { "additionalProperties": false, "properties": { - "Delimiter": { - "markdownDescription": "The delimiter that is used to separate the lines in text.", - "title": "Delimiter", + "PostFilterSharpening": { + "markdownDescription": "If you enable this filter, the results are the following:\n- If the source content is noisy (it contains excessive digital artifacts), the filter cleans up the source.\n- If the source content is already clean, the filter tends to decrease the bitrate, especially when the rate control mode is QVBR.", + "title": "PostFilterSharpening", "type": "string" }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TextAreaControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "Strength": { + "markdownDescription": "Choose a filter strength. We recommend a strength of 1 or 2. A higher strength might take out good information, resulting in an image that is overly soft.", + "title": "Strength", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.DefaultTextFieldControlOptions": { + "AWS::MediaLive::Channel.ThumbnailConfiguration": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TextFieldControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "State": { + "markdownDescription": "", + "title": "State", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.DestinationParameterValueConfiguration": { + "AWS::MediaLive::Channel.TimecodeBurninSettings": { "additionalProperties": false, "properties": { - "CustomValuesConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomValuesConfiguration", - "markdownDescription": "The configuration of custom values for destination parameter in `DestinationParameterValueConfiguration` .", - "title": "CustomValuesConfiguration" - }, - "SelectAllValueOptions": { - "markdownDescription": "The configuration that selects all options.", - "title": "SelectAllValueOptions", + "FontSize": { + "markdownDescription": "", + "title": "FontSize", "type": "string" }, - "SourceColumn": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "A column of a data set.", - "title": "SourceColumn" - }, - "SourceField": { - "markdownDescription": "The source field ID of the destination parameter.", - "title": "SourceField", + "Position": { + "markdownDescription": "", + "title": "Position", "type": "string" }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the destination parameter.", - "title": "SourceParameterName", + "Prefix": { + "markdownDescription": "", + "title": "Prefix", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.DimensionField": { + "AWS::MediaLive::Channel.TimecodeConfig": { "additionalProperties": false, "properties": { - "CategoricalDimensionField": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CategoricalDimensionField", - "markdownDescription": "The dimension type field with categorical type columns.", - "title": "CategoricalDimensionField" - }, - "DateDimensionField": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateDimensionField", - "markdownDescription": "The dimension type field with date type columns.", - "title": "DateDimensionField" + "Source": { + "markdownDescription": "Identifies the source for the timecode that will be associated with the channel outputs. Embedded (embedded): Initialize the output timecode with timecode from the source. If no embedded timecode is detected in the source, the system falls back to using \"Start at 0\" (zerobased). System Clock (systemclock): Use the UTC time. Start at 0 (zerobased): The time of the first frame of the channel will be 00:00:00:00.", + "title": "Source", + "type": "string" }, - "NumericalDimensionField": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericalDimensionField", - "markdownDescription": "The dimension type field with numerical type columns.", - "title": "NumericalDimensionField" + "SyncThreshold": { + "markdownDescription": "The threshold in frames beyond which output timecode is resynchronized to the input timecode. Discrepancies below this threshold are permitted to avoid unnecessary discontinuities in the output timecode. There is no timecode sync when this is not specified.", + "title": "SyncThreshold", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.DonutCenterOptions": { + "AWS::MediaLive::Channel.TtmlDestinationSettings": { "additionalProperties": false, "properties": { - "LabelVisibility": { - "markdownDescription": "Determines the visibility of the label in a donut chart. In the Amazon QuickSight console, this option is called `'Show total'` .", - "title": "LabelVisibility", + "StyleControl": { + "markdownDescription": "When set to passthrough, passes through style and position information from a TTML-like input source (TTML, SMPTE-TT, CFF-TT) to the CFF-TT output or TTML output.", + "title": "StyleControl", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.DonutOptions": { + "AWS::MediaLive::Channel.UdpContainerSettings": { "additionalProperties": false, "properties": { - "ArcOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ArcOptions", - "markdownDescription": "The option for define the arc of the chart shape. Valid values are as follows:\n\n- `WHOLE` - A pie chart\n- `SMALL` - A small-sized donut chart\n- `MEDIUM` - A medium-sized donut chart\n- `LARGE` - A large-sized donut chart", - "title": "ArcOptions" - }, - "DonutCenterOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DonutCenterOptions", - "markdownDescription": "The label options of the label that is displayed in the center of a donut chart. This option isn't available for pie charts.", - "title": "DonutCenterOptions" + "M2tsSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.M2tsSettings", + "markdownDescription": "The M2TS configuration for this UDP output.", + "title": "M2tsSettings" } }, "type": "object" }, - "AWS::QuickSight::Analysis.DrillDownFilter": { + "AWS::MediaLive::Channel.UdpGroupSettings": { "additionalProperties": false, "properties": { - "CategoryFilter": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CategoryDrillDownFilter", - "markdownDescription": "The category type drill down filter. This filter is used for string type columns.", - "title": "CategoryFilter" + "InputLossAction": { + "markdownDescription": "Specifies the behavior of the last resort when the input video is lost, and no more backup inputs are available. When dropTs is selected, the entire transport stream stops emitting. When dropProgram is selected, the program can be dropped from the transport stream (and replaced with null packets to meet the TS bitrate requirement). Or when emitProgram is selected, the transport stream continues to be produced normally with repeat frames, black frames, or slate frames substituted for the absent input video.", + "title": "InputLossAction", + "type": "string" }, - "NumericEqualityFilter": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericEqualityDrillDownFilter", - "markdownDescription": "The numeric equality type drill down filter. This filter is used for number type columns.", - "title": "NumericEqualityFilter" + "TimedMetadataId3Frame": { + "markdownDescription": "Indicates the ID3 frame that has the timecode.", + "title": "TimedMetadataId3Frame", + "type": "string" }, - "TimeRangeFilter": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TimeRangeDrillDownFilter", - "markdownDescription": "The time range drill down filter. This filter is used for date time columns.", - "title": "TimeRangeFilter" + "TimedMetadataId3Period": { + "markdownDescription": "The timed metadata interval in seconds.", + "title": "TimedMetadataId3Period", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.DropDownControlDisplayOptions": { + "AWS::MediaLive::Channel.UdpOutputSettings": { "additionalProperties": false, "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" + "BufferMsec": { + "markdownDescription": "The UDP output buffering in milliseconds. Larger values increase latency through the transcoder but simultaneously assist the transcoder in maintaining a constant, low-jitter UDP/RTP output while accommodating clock recovery, input switching, input disruptions, picture reordering, and so on.", + "title": "BufferMsec", + "type": "number" }, - "SelectAllOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ListControlSelectAllOptions", - "markdownDescription": "The configuration of the `Select all` options in a dropdown control.", - "title": "SelectAllOptions" + "ContainerSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.UdpContainerSettings", + "markdownDescription": "The settings for the UDP output.", + "title": "ContainerSettings" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" + "Destination": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", + "markdownDescription": "The destination address and port number for RTP or UDP packets. These can be unicast or multicast RTP or UDP (for example, rtp://239.10.10.10:5001 or udp://10.100.100.100:5002).", + "title": "Destination" + }, + "FecOutputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.FecOutputSettings", + "markdownDescription": "The settings for enabling and adjusting Forward Error Correction on UDP outputs.", + "title": "FecOutputSettings" } }, "type": "object" }, - "AWS::QuickSight::Analysis.DynamicDefaultValue": { + "AWS::MediaLive::Channel.VideoBlackFailoverSettings": { "additionalProperties": false, "properties": { - "DefaultValueColumn": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that contains the default value of each user or group.", - "title": "DefaultValueColumn" - }, - "GroupNameColumn": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that contains the group name.", - "title": "GroupNameColumn" + "BlackDetectThreshold": { + "markdownDescription": "A value used in calculating the threshold below which MediaLive considers a pixel to be 'black'. For the input to be considered black, every pixel in a frame must be below this threshold. The threshold is calculated as a percentage (expressed as a decimal) of white. Therefore .1 means 10% white (or 90% black). Note how the formula works for any color depth. For example, if you set this field to 0.1 in 10-bit color depth: (1023*0.1=102.3), which means a pixel value of 102 or less is 'black'. If you set this field to .1 in an 8-bit color depth: (255*0.1=25.5), which means a pixel value of 25 or less is 'black'. The range is 0.0 to 1.0, with any number of decimal places.", + "title": "BlackDetectThreshold", + "type": "number" }, - "UserNameColumn": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that contains the username.", - "title": "UserNameColumn" + "VideoBlackThresholdMsec": { + "markdownDescription": "The amount of time (in milliseconds) that the active input must be black before automatic input failover occurs.", + "title": "VideoBlackThresholdMsec", + "type": "number" } }, - "required": [ - "DefaultValueColumn" - ], "type": "object" }, - "AWS::QuickSight::Analysis.EmptyVisual": { + "AWS::MediaLive::Channel.VideoCodecSettings": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Av1Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Av1Settings", + "markdownDescription": "", + "title": "Av1Settings" }, - "DataSetIdentifier": { - "markdownDescription": "The data set that is used in the empty visual. Every visual requires a dataset to render.", - "title": "DataSetIdentifier", - "type": "string" + "FrameCaptureSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.FrameCaptureSettings", + "markdownDescription": "The settings for the video codec in a frame capture output.", + "title": "FrameCaptureSettings" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", - "type": "string" - } - }, - "required": [ - "DataSetIdentifier", - "VisualId" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.Entity": { - "additionalProperties": false, - "properties": { - "Path": { - "markdownDescription": "The hierarchical path of the entity within the analysis, template, or dashboard definition tree.", - "title": "Path", - "type": "string" + "H264Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.H264Settings", + "markdownDescription": "The settings for the H.264 codec in the output.", + "title": "H264Settings" + }, + "H265Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.H265Settings", + "markdownDescription": "Settings for video encoded with the H265 codec.", + "title": "H265Settings" + }, + "Mpeg2Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Mpeg2Settings", + "markdownDescription": "Settings for video encoded with the MPEG-2 codec.", + "title": "Mpeg2Settings" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ExcludePeriodConfiguration": { + "AWS::MediaLive::Channel.VideoDescription": { "additionalProperties": false, "properties": { - "Amount": { - "markdownDescription": "The amount or number of the exclude period.", - "title": "Amount", + "CodecSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.VideoCodecSettings", + "markdownDescription": "The video codec settings.", + "title": "CodecSettings" + }, + "Height": { + "markdownDescription": "The output video height, in pixels. This must be an even number. For most codecs, you can keep this field and width blank in order to use the height and width (resolution) from the source. Note that we don't recommend keeping the field blank. For the Frame Capture codec, height and width are required.", + "title": "Height", "type": "number" }, - "Granularity": { - "markdownDescription": "The granularity or unit (day, month, year) of the exclude period.", - "title": "Granularity", + "Name": { + "markdownDescription": "The name of this VideoDescription. Outputs use this name to uniquely identify this description. Description names should be unique within this channel.", + "title": "Name", "type": "string" }, - "Status": { - "markdownDescription": "The status of the exclude period. Choose from the following options:\n\n- `ENABLED`\n- `DISABLED`", - "title": "Status", + "RespondToAfd": { + "markdownDescription": "Indicates how to respond to the AFD values in the input stream. RESPOND causes input video to be clipped, depending on the AFD value, input display aspect ratio, and output display aspect ratio, and (except for the FRAMECAPTURE codec) includes the values in the output. PASSTHROUGH (does not apply to FRAMECAPTURE codec) ignores the AFD values and includes the values in the output, so input video is not clipped. NONE ignores the AFD values and does not include the values through to the output, so input video is not clipped.", + "title": "RespondToAfd", "type": "string" - } - }, - "required": [ - "Amount", - "Granularity" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.ExplicitHierarchy": { - "additionalProperties": false, - "properties": { - "Columns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier" - }, - "markdownDescription": "The list of columns that define the explicit hierarchy.", - "title": "Columns", - "type": "array" - }, - "DrillDownFilters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DrillDownFilter" - }, - "markdownDescription": "The option that determines the drill down filters for the explicit hierarchy.", - "title": "DrillDownFilters", - "type": "array" }, - "HierarchyId": { - "markdownDescription": "The hierarchy ID of the explicit hierarchy.", - "title": "HierarchyId", - "type": "string" - } - }, - "required": [ - "Columns", - "HierarchyId" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.FieldBasedTooltip": { - "additionalProperties": false, - "properties": { - "AggregationVisibility": { - "markdownDescription": "The visibility of `Show aggregations` .", - "title": "AggregationVisibility", + "ScalingBehavior": { + "markdownDescription": "STRETCHTOOUTPUT configures the output position to stretch the video to the specified output resolution (height and width). This option overrides any position value. DEFAULT might insert black boxes (pillar boxes or letter boxes) around the video to provide the specified output resolution.", + "title": "ScalingBehavior", "type": "string" }, - "TooltipFields": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipItem" - }, - "markdownDescription": "The fields configuration in the tooltip.", - "title": "TooltipFields", - "type": "array" + "Sharpness": { + "markdownDescription": "Changes the strength of the anti-alias filter used for scaling. 0 is the softest setting, and 100 is the sharpest. We recommend a setting of 50 for most content.", + "title": "Sharpness", + "type": "number" }, - "TooltipTitleType": { - "markdownDescription": "The type for the >tooltip title. Choose one of the following options:\n\n- `NONE` : Doesn't use the primary value as the title.\n- `PRIMARY_VALUE` : Uses primary value as the title.", - "title": "TooltipTitleType", - "type": "string" + "Width": { + "markdownDescription": "The output video width, in pixels. It must be an even number. For most codecs, you can keep this field and height blank in order to use the height and width (resolution) from the source. Note that we don't recommend keeping the field blank. For the Frame Capture codec, height and width are required.", + "title": "Width", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.FieldLabelType": { + "AWS::MediaLive::Channel.VideoSelector": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "Indicates the field that is targeted by the field label.", - "title": "FieldId", + "ColorSpace": { + "markdownDescription": "Specifies the color space of an input. This setting works in tandem with colorSpaceConversion to determine if MediaLive will perform any conversion.", + "title": "ColorSpace", "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the field label.", - "title": "Visibility", + "ColorSpaceSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.VideoSelectorColorSpaceSettings", + "markdownDescription": "Settings to configure color space settings in the incoming video.", + "title": "ColorSpaceSettings" + }, + "ColorSpaceUsage": { + "markdownDescription": "Applies only if colorSpace is a value other than Follow. This field controls how the value in the colorSpace field is used. Fallback means that when the input does include color space data, that data is used, but when the input has no color space data, the value in colorSpace is used. Choose fallback if your input is sometimes missing color space data, but when it does have color space data, that data is correct. Force means to always use the value in colorSpace. Choose force if your input usually has no color space data or might have unreliable color space data.", + "title": "ColorSpaceUsage", "type": "string" + }, + "SelectorSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.VideoSelectorSettings", + "markdownDescription": "Information about the video to select from the content.", + "title": "SelectorSettings" } }, "type": "object" }, - "AWS::QuickSight::Analysis.FieldSeriesItem": { + "AWS::MediaLive::Channel.VideoSelectorColorSpaceSettings": { "additionalProperties": false, "properties": { - "AxisBinding": { - "markdownDescription": "The axis that you are binding the field to.", - "title": "AxisBinding", - "type": "string" - }, - "FieldId": { - "markdownDescription": "The field ID of the field for which you are setting the axis binding.", - "title": "FieldId", - "type": "string" - }, - "Settings": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartSeriesSettings", - "markdownDescription": "The options that determine the presentation of line series associated to the field.", - "title": "Settings" + "Hdr10Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Hdr10Settings", + "markdownDescription": "Settings to configure color space settings in the incoming video.", + "title": "Hdr10Settings" } }, - "required": [ - "AxisBinding", - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.FieldSort": { + "AWS::MediaLive::Channel.VideoSelectorPid": { "additionalProperties": false, "properties": { - "Direction": { - "markdownDescription": "The sort direction. Choose one of the following options:\n\n- `ASC` : Ascending\n- `DESC` : Descending", - "title": "Direction", - "type": "string" - }, - "FieldId": { - "markdownDescription": "The sort configuration target field.", - "title": "FieldId", - "type": "string" + "Pid": { + "markdownDescription": "Selects a specific PID from within a video source.", + "title": "Pid", + "type": "number" } }, - "required": [ - "Direction", - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.FieldSortOptions": { + "AWS::MediaLive::Channel.VideoSelectorProgramId": { "additionalProperties": false, "properties": { - "ColumnSort": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnSort", - "markdownDescription": "The sort configuration for a column that is not used in a field well.", - "title": "ColumnSort" - }, - "FieldSort": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSort", - "markdownDescription": "The sort configuration for a field in a field well.", - "title": "FieldSort" + "ProgramId": { + "markdownDescription": "Selects a specific program from within a multi-program transport stream. If the program doesn't exist, MediaLive selects the first program within the transport stream by default.", + "title": "ProgramId", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.FieldTooltipItem": { + "AWS::MediaLive::Channel.VideoSelectorSettings": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The unique ID of the field that is targeted by the tooltip.", - "title": "FieldId", - "type": "string" - }, - "Label": { - "markdownDescription": "The label of the tooltip item.", - "title": "Label", - "type": "string" + "VideoSelectorPid": { + "$ref": "#/definitions/AWS::MediaLive::Channel.VideoSelectorPid", + "markdownDescription": "Used to extract video by PID.", + "title": "VideoSelectorPid" }, - "Visibility": { - "markdownDescription": "The visibility of the tooltip item.", - "title": "Visibility", - "type": "string" + "VideoSelectorProgramId": { + "$ref": "#/definitions/AWS::MediaLive::Channel.VideoSelectorProgramId", + "markdownDescription": "Used to extract video by program ID.", + "title": "VideoSelectorProgramId" } }, - "required": [ - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.FilledMapAggregatedFieldWells": { + "AWS::MediaLive::Channel.VpcOutputSettings": { "additionalProperties": false, "properties": { - "Geospatial": { + "PublicAddressAllocationIds": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + "type": "string" }, - "markdownDescription": "The aggregated location field well of the filled map. Values are grouped by location fields.", - "title": "Geospatial", + "markdownDescription": "List of public address allocation IDs to associate with ENIs that will be created in Output VPC. Must specify one for SINGLE_PIPELINE, two for STANDARD channels", + "title": "PublicAddressAllocationIds", "type": "array" }, - "Values": { + "SecurityGroupIds": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + "type": "string" }, - "markdownDescription": "The aggregated color field well of a filled map. Values are aggregated based on location fields.", - "title": "Values", + "markdownDescription": "A list of up to 5 EC2 VPC security group IDs to attach to the Output VPC network interfaces.\nIf none are specified then the VPC default security group will be used", + "title": "SecurityGroupIds", "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.FilledMapConditionalFormatting": { - "additionalProperties": false, - "properties": { - "ConditionalFormattingOptions": { + }, + "SubnetIds": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapConditionalFormattingOption" + "type": "string" }, - "markdownDescription": "Conditional formatting options of a `FilledMapVisual` .", - "title": "ConditionalFormattingOptions", + "markdownDescription": "A list of VPC subnet IDs from the same VPC.\nIf STANDARD channel, subnet IDs must be mapped to two unique availability zones (AZ).", + "title": "SubnetIds", "type": "array" } }, - "required": [ - "ConditionalFormattingOptions" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.FilledMapConditionalFormattingOption": { - "additionalProperties": false, - "properties": { - "Shape": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapShapeConditionalFormatting", - "markdownDescription": "The conditional formatting that determines the shape of the filled map.", - "title": "Shape" - } - }, - "required": [ - "Shape" - ], "type": "object" }, - "AWS::QuickSight::Analysis.FilledMapConfiguration": { + "AWS::MediaLive::Channel.WavSettings": { "additionalProperties": false, "properties": { - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" - }, - "MapStyleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapStyleOptions", - "markdownDescription": "The map style options of the filled map visual.", - "title": "MapStyleOptions" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapSortConfiguration", - "markdownDescription": "The sort configuration of a `FilledMapVisual` .", - "title": "SortConfiguration" - }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" + "BitDepth": { + "markdownDescription": "Bits per sample.", + "title": "BitDepth", + "type": "number" }, - "WindowOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialWindowOptions", - "markdownDescription": "The window options of the filled map visual.", - "title": "WindowOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.FilledMapFieldWells": { - "additionalProperties": false, - "properties": { - "FilledMapAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapAggregatedFieldWells", - "markdownDescription": "The aggregated field well of the filled map.", - "title": "FilledMapAggregatedFieldWells" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.FilledMapShapeConditionalFormatting": { - "additionalProperties": false, - "properties": { - "FieldId": { - "markdownDescription": "The field ID of the filled map shape.", - "title": "FieldId", + "CodingMode": { + "markdownDescription": "The audio coding mode for the WAV audio. The mode determines the number of channels in the audio.", + "title": "CodingMode", "type": "string" }, - "Format": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ShapeConditionalFormat", - "markdownDescription": "The conditional formatting that determines the background color of a filled map's shape.", - "title": "Format" + "SampleRate": { + "markdownDescription": "Sample rate in Hz.", + "title": "SampleRate", + "type": "number" } }, - "required": [ - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.FilledMapSortConfiguration": { + "AWS::MediaLive::Channel.WebvttDestinationSettings": { "additionalProperties": false, "properties": { - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the location fields.", - "title": "CategorySort", - "type": "array" + "StyleControl": { + "markdownDescription": "Controls whether the color and position of the source captions is passed through to the WebVTT output captions. PASSTHROUGH - Valid only if the source captions are EMBEDDED or TELETEXT. NO_STYLE_DATA - Don't pass through the style. The output captions will not contain any font styling information.", + "title": "StyleControl", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.FilledMapVisual": { + "AWS::MediaLive::ChannelPlacementGroup": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapConditionalFormatting", - "markdownDescription": "The conditional formatting of a `FilledMapVisual` .", - "title": "ConditionalFormatting" + "Metadata": { + "type": "object" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Properties": { + "additionalProperties": false, + "properties": { + "ClusterId": { + "markdownDescription": "", + "title": "ClusterId", + "type": "string" + }, + "Name": { + "markdownDescription": "", + "title": "Name", + "type": "string" + }, + "Nodes": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "Nodes", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::ChannelPlacementGroup.Tags" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + } + }, + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Type": { + "enum": [ + "AWS::MediaLive::ChannelPlacementGroup" + ], + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type" ], "type": "object" }, - "AWS::QuickSight::Analysis.Filter": { + "AWS::MediaLive::ChannelPlacementGroup.Tags": { "additionalProperties": false, "properties": { - "CategoryFilter": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CategoryFilter", - "markdownDescription": "A `CategoryFilter` filters text values.\n\nFor more information, see [Adding text filters](https://docs.aws.amazon.com/quicksight/latest/user/add-a-text-filter-data-prep.html) in the *Amazon QuickSight User Guide* .", - "title": "CategoryFilter" - }, - "NumericEqualityFilter": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericEqualityFilter", - "markdownDescription": "A `NumericEqualityFilter` filters numeric values that equal or do not equal a given numeric value.", - "title": "NumericEqualityFilter" - }, - "NumericRangeFilter": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericRangeFilter", - "markdownDescription": "A `NumericRangeFilter` filters numeric values that are either inside or outside a given numeric range.", - "title": "NumericRangeFilter" - }, - "RelativeDatesFilter": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RelativeDatesFilter", - "markdownDescription": "A `RelativeDatesFilter` filters date values that are relative to a given date.", - "title": "RelativeDatesFilter" - }, - "TimeEqualityFilter": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TimeEqualityFilter", - "markdownDescription": "A `TimeEqualityFilter` filters date-time values that equal or do not equal a given date/time value.", - "title": "TimeEqualityFilter" - }, - "TimeRangeFilter": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TimeRangeFilter", - "markdownDescription": "A `TimeRangeFilter` filters date-time values that are either inside or outside a given date/time range.", - "title": "TimeRangeFilter" + "Key": { + "markdownDescription": "", + "title": "Key", + "type": "string" }, - "TopBottomFilter": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TopBottomFilter", - "markdownDescription": "A `TopBottomFilter` filters data to the top or bottom values for a given column.", - "title": "TopBottomFilter" + "Value": { + "markdownDescription": "", + "title": "Value", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.FilterControl": { + "AWS::MediaLive::CloudWatchAlarmTemplate": { "additionalProperties": false, "properties": { - "CrossSheet": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterCrossSheetControl", - "markdownDescription": "A control from a filter that is scoped across more than one sheet. This represents your filter control on a sheet", - "title": "CrossSheet" - }, - "DateTimePicker": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterDateTimePickerControl", - "markdownDescription": "A control from a date filter that is used to specify date and time.", - "title": "DateTimePicker" + "Condition": { + "type": "string" }, - "Dropdown": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterDropDownControl", - "markdownDescription": "A control to display a dropdown list with buttons that are used to select a single value.", - "title": "Dropdown" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "List": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterListControl", - "markdownDescription": "A control to display a list of buttons or boxes. This is used to select either a single value or multiple values.", - "title": "List" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "RelativeDateTime": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterRelativeDateTimeControl", - "markdownDescription": "A control from a date filter that is used to specify the relative date.", - "title": "RelativeDateTime" + "Metadata": { + "type": "object" }, - "Slider": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterSliderControl", - "markdownDescription": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle.", - "title": "Slider" - }, - "TextArea": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterTextAreaControl", - "markdownDescription": "A control to display a text box that is used to enter multiple entries.", - "title": "TextArea" - }, - "TextField": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterTextFieldControl", - "markdownDescription": "A control to display a text box that is used to enter a single entry.", - "title": "TextField" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.FilterCrossSheetControl": { - "additionalProperties": false, - "properties": { - "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CascadingControlConfiguration", - "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", - "title": "CascadingControlConfiguration" + "Properties": { + "additionalProperties": false, + "properties": { + "ComparisonOperator": { + "markdownDescription": "The comparison operator used to compare the specified statistic and the threshold.", + "title": "ComparisonOperator", + "type": "string" + }, + "DatapointsToAlarm": { + "markdownDescription": "The number of datapoints within the evaluation period that must be breaching to trigger the alarm.", + "title": "DatapointsToAlarm", + "type": "number" + }, + "Description": { + "markdownDescription": "A resource's optional description.", + "title": "Description", + "type": "string" + }, + "EvaluationPeriods": { + "markdownDescription": "The number of periods over which data is compared to the specified threshold.", + "title": "EvaluationPeriods", + "type": "number" + }, + "GroupIdentifier": { + "markdownDescription": "A cloudwatch alarm template group's identifier. Can be either be its id or current name.", + "title": "GroupIdentifier", + "type": "string" + }, + "MetricName": { + "markdownDescription": "The name of the metric associated with the alarm. Must be compatible with targetResourceType.", + "title": "MetricName", + "type": "string" + }, + "Name": { + "markdownDescription": "A resource's name. Names must be unique within the scope of a resource type in a specific region.", + "title": "Name", + "type": "string" + }, + "Period": { + "markdownDescription": "The period, in seconds, over which the specified statistic is applied.", + "title": "Period", + "type": "number" + }, + "Statistic": { + "markdownDescription": "The statistic to apply to the alarm's metric data.", + "title": "Statistic", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "TargetResourceType": { + "markdownDescription": "The resource type this template should dynamically generate CloudWatch metric alarms for.", + "title": "TargetResourceType", + "type": "string" + }, + "Threshold": { + "markdownDescription": "The threshold value to compare with the specified statistic.", + "title": "Threshold", + "type": "number" + }, + "TreatMissingData": { + "markdownDescription": "Specifies how missing data points are treated when evaluating the alarm's condition.", + "title": "TreatMissingData", + "type": "string" + } + }, + "required": [ + "ComparisonOperator", + "EvaluationPeriods", + "MetricName", + "Name", + "Period", + "Statistic", + "TargetResourceType", + "Threshold", + "TreatMissingData" + ], + "type": "object" }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterCrossSheetControl` .", - "title": "FilterControlId", + "Type": { + "enum": [ + "AWS::MediaLive::CloudWatchAlarmTemplate" + ], "type": "string" }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterCrossSheetControl` .", - "title": "SourceFilterId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "FilterControlId", - "SourceFilterId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.FilterDateTimePickerControl": { + "AWS::MediaLive::CloudWatchAlarmTemplateGroup": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimePickerControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterDateTimePickerControl` .", - "title": "FilterControlId", + "Condition": { "type": "string" }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterDateTimePickerControl` .", - "title": "SourceFilterId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Title": { - "markdownDescription": "The title of the `FilterDateTimePickerControl` .", - "title": "Title", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A resource's optional description.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "A resource's name. Names must be unique within the scope of a resource type in a specific region.", + "title": "Name", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "Name" + ], + "type": "object" }, "Type": { - "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", - "title": "Type", + "enum": [ + "AWS::MediaLive::CloudWatchAlarmTemplateGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "FilterControlId", - "SourceFilterId", - "Title" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.FilterDropDownControl": { + "AWS::MediaLive::Cluster": { "additionalProperties": false, "properties": { - "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CascadingControlConfiguration", - "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", - "title": "CascadingControlConfiguration" - }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DropDownControlDisplayOptions", - "markdownDescription": "The display options of the `FilterDropDownControl` .", - "title": "DisplayOptions" + "Condition": { + "type": "string" }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterDropDownControl` .", - "title": "FilterControlId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterDropDownControl` .", - "title": "SourceFilterId", - "type": "string" + "Metadata": { + "type": "object" }, - "Title": { - "markdownDescription": "The title of the `FilterDropDownControl` .", - "title": "Title", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "ClusterType": { + "markdownDescription": "", + "title": "ClusterType", + "type": "string" + }, + "InstanceRoleArn": { + "markdownDescription": "", + "title": "InstanceRoleArn", + "type": "string" + }, + "Name": { + "markdownDescription": "", + "title": "Name", + "type": "string" + }, + "NetworkSettings": { + "$ref": "#/definitions/AWS::MediaLive::Cluster.ClusterNetworkSettings", + "markdownDescription": "", + "title": "NetworkSettings" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Cluster.Tags" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + } + }, + "type": "object" }, "Type": { - "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", - "title": "Type", + "enum": [ + "AWS::MediaLive::Cluster" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "FilterControlId", - "SourceFilterId", - "Title" + "Type" ], "type": "object" }, - "AWS::QuickSight::Analysis.FilterGroup": { + "AWS::MediaLive::Cluster.ClusterNetworkSettings": { "additionalProperties": false, "properties": { - "CrossDataset": { - "markdownDescription": "The filter new feature which can apply filter group to all data sets. Choose one of the following options:\n\n- `ALL_DATASETS`\n- `SINGLE_DATASET`", - "title": "CrossDataset", - "type": "string" - }, - "FilterGroupId": { - "markdownDescription": "The value that uniquely identifies a `FilterGroup` within a dashboard, template, or analysis.", - "title": "FilterGroupId", + "DefaultRoute": { + "markdownDescription": "", + "title": "DefaultRoute", "type": "string" }, - "Filters": { + "InterfaceMappings": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.Filter" + "$ref": "#/definitions/AWS::MediaLive::Cluster.InterfaceMapping" }, - "markdownDescription": "The list of filters that are present in a `FilterGroup` .", - "title": "Filters", + "markdownDescription": "", + "title": "InterfaceMappings", "type": "array" - }, - "ScopeConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterScopeConfiguration", - "markdownDescription": "The configuration that specifies what scope to apply to a `FilterGroup` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", - "title": "ScopeConfiguration" - }, - "Status": { - "markdownDescription": "The status of the `FilterGroup` .", - "title": "Status", - "type": "string" } }, - "required": [ - "CrossDataset", - "FilterGroupId", - "Filters", - "ScopeConfiguration" - ], "type": "object" }, - "AWS::QuickSight::Analysis.FilterListConfiguration": { + "AWS::MediaLive::Cluster.InterfaceMapping": { "additionalProperties": false, "properties": { - "CategoryValues": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of category values for the filter.", - "title": "CategoryValues", - "type": "array" - }, - "MatchOperator": { - "markdownDescription": "The match operator that is used to determine if a filter should be applied.", - "title": "MatchOperator", - "type": "string" - }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", + "LogicalInterfaceName": { + "markdownDescription": "", + "title": "LogicalInterfaceName", "type": "string" }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", + "NetworkId": { + "markdownDescription": "", + "title": "NetworkId", "type": "string" } }, - "required": [ - "MatchOperator" - ], "type": "object" }, - "AWS::QuickSight::Analysis.FilterListControl": { + "AWS::MediaLive::Cluster.Tags": { "additionalProperties": false, "properties": { - "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CascadingControlConfiguration", - "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", - "title": "CascadingControlConfiguration" - }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ListControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterListControl` .", - "title": "FilterControlId", - "type": "string" - }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" - }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterListControl` .", - "title": "SourceFilterId", - "type": "string" - }, - "Title": { - "markdownDescription": "The title of the `FilterListControl` .", - "title": "Title", + "Key": { + "markdownDescription": "", + "title": "Key", "type": "string" }, - "Type": { - "markdownDescription": "The type of the `FilterListControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list.", - "title": "Type", + "Value": { + "markdownDescription": "", + "title": "Value", "type": "string" } }, - "required": [ - "FilterControlId", - "SourceFilterId", - "Title" - ], "type": "object" }, - "AWS::QuickSight::Analysis.FilterOperationSelectedFieldsConfiguration": { + "AWS::MediaLive::EventBridgeRuleTemplate": { "additionalProperties": false, "properties": { - "SelectedColumns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier" - }, - "markdownDescription": "The selected columns of a dataset.", - "title": "SelectedColumns", - "type": "array" + "Condition": { + "type": "string" }, - "SelectedFieldOptions": { - "markdownDescription": "A structure that contains the options that choose which fields are filtered in the `CustomActionFilterOperation` .\n\nValid values are defined as follows:\n\n- `ALL_FIELDS` : Applies the filter operation to all fields.", - "title": "SelectedFieldOptions", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SelectedFields": { - "items": { - "type": "string" - }, - "markdownDescription": "Chooses the fields that are filtered in `CustomActionFilterOperation` .", - "title": "SelectedFields", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.FilterOperationTargetVisualsConfiguration": { - "additionalProperties": false, - "properties": { - "SameSheetTargetVisualConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SameSheetTargetVisualConfiguration", - "markdownDescription": "The configuration of the same-sheet target visuals that you want to be filtered.", - "title": "SameSheetTargetVisualConfiguration" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.FilterRelativeDateTimeControl": { - "additionalProperties": false, - "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RelativeDateTimeControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterTextAreaControl` .", - "title": "FilterControlId", - "type": "string" + "Metadata": { + "type": "object" }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterTextAreaControl` .", - "title": "SourceFilterId", + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A resource's optional description.", + "title": "Description", + "type": "string" + }, + "EventTargets": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::EventBridgeRuleTemplate.EventBridgeRuleTemplateTarget" + }, + "markdownDescription": "The destinations that will receive the event notifications.", + "title": "EventTargets", + "type": "array" + }, + "EventType": { + "markdownDescription": "The type of event to match with the rule.", + "title": "EventType", + "type": "string" + }, + "GroupIdentifier": { + "markdownDescription": "An eventbridge rule template group's identifier. Can be either be its id or current name.", + "title": "GroupIdentifier", + "type": "string" + }, + "Name": { + "markdownDescription": "A resource's name. Names must be unique within the scope of a resource type in a specific region.", + "title": "Name", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "EventType", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaLive::EventBridgeRuleTemplate" + ], "type": "string" }, - "Title": { - "markdownDescription": "The title of the `FilterTextAreaControl` .", - "title": "Title", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "FilterControlId", - "SourceFilterId", - "Title" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.FilterScopeConfiguration": { - "additionalProperties": false, - "properties": { - "AllSheets": { - "markdownDescription": "The configuration that applies a filter to all sheets. When you choose `AllSheets` as the value for a `FilterScopeConfiguration` , this filter is applied to all visuals of all sheets in an Analysis, Dashboard, or Template. The `AllSheetsFilterScopeConfiguration` is chosen.", - "title": "AllSheets", - "type": "object" - }, - "SelectedSheets": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SelectedSheetsFilterScopeConfiguration", - "markdownDescription": "The configuration for applying a filter to specific sheets.", - "title": "SelectedSheets" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.FilterSelectableValues": { + "AWS::MediaLive::EventBridgeRuleTemplate.EventBridgeRuleTemplateTarget": { "additionalProperties": false, "properties": { - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The values that are used in the `FilterSelectableValues` .", - "title": "Values", - "type": "array" + "Arn": { + "markdownDescription": "Target ARNs must be either an SNS topic or CloudWatch log group.", + "title": "Arn", + "type": "string" } }, + "required": [ + "Arn" + ], "type": "object" }, - "AWS::QuickSight::Analysis.FilterSliderControl": { + "AWS::MediaLive::EventBridgeRuleTemplateGroup": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SliderControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterSliderControl` .", - "title": "FilterControlId", + "Condition": { "type": "string" }, - "MaximumValue": { - "markdownDescription": "The larger value that is displayed at the right of the slider.", - "title": "MaximumValue", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "MinimumValue": { - "markdownDescription": "The smaller value that is displayed at the left of the slider.", - "title": "MinimumValue", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterSliderControl` .", - "title": "SourceFilterId", - "type": "string" + "Metadata": { + "type": "object" }, - "StepSize": { - "markdownDescription": "The number of increments that the slider bar is divided into.", - "title": "StepSize", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A resource's optional description.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "A resource's name. Names must be unique within the scope of a resource type in a specific region.", + "title": "Name", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "Name" + ], + "type": "object" }, - "Title": { - "markdownDescription": "The title of the `FilterSliderControl` .", - "title": "Title", + "Type": { + "enum": [ + "AWS::MediaLive::EventBridgeRuleTemplateGroup" + ], "type": "string" }, - "Type": { - "markdownDescription": "The type of the `FilterSliderControl` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range.", - "title": "Type", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "FilterControlId", - "MaximumValue", - "MinimumValue", - "SourceFilterId", - "StepSize", - "Title" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.FilterTextAreaControl": { + "AWS::MediaLive::Input": { "additionalProperties": false, "properties": { - "Delimiter": { - "markdownDescription": "The delimiter that is used to separate the lines in text.", - "title": "Delimiter", + "Condition": { "type": "string" }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TextAreaControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterTextAreaControl` .", - "title": "FilterControlId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterTextAreaControl` .", - "title": "SourceFilterId", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Destinations": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Input.InputDestinationRequest" + }, + "markdownDescription": "Settings that apply only if the input is a push type of input.", + "title": "Destinations", + "type": "array" + }, + "InputDevices": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Input.InputDeviceSettings" + }, + "markdownDescription": "Settings that apply only if the input is an Elemental Link input.", + "title": "InputDevices", + "type": "array" + }, + "InputNetworkLocation": { + "markdownDescription": "", + "title": "InputNetworkLocation", + "type": "string" + }, + "InputSecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of input security groups (referenced by IDs) to attach to the input if the input is a push type.", + "title": "InputSecurityGroups", + "type": "array" + }, + "MediaConnectFlows": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Input.MediaConnectFlowRequest" + }, + "markdownDescription": "Settings that apply only if the input is a MediaConnect input.", + "title": "MediaConnectFlows", + "type": "array" + }, + "MulticastSettings": { + "$ref": "#/definitions/AWS::MediaLive::Input.MulticastSettingsCreateRequest", + "markdownDescription": "", + "title": "MulticastSettings" + }, + "Name": { + "markdownDescription": "A name for the input.", + "title": "Name", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The IAM role for MediaLive to assume when creating a MediaConnect input or Amazon VPC input. This doesn't apply to other types of inputs. The role is identified by its ARN.", + "title": "RoleArn", + "type": "string" + }, + "SdiSources": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "SdiSources", + "type": "array" + }, + "Smpte2110ReceiverGroupSettings": { + "$ref": "#/definitions/AWS::MediaLive::Input.Smpte2110ReceiverGroupSettings", + "markdownDescription": "", + "title": "Smpte2110ReceiverGroupSettings" + }, + "Sources": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Input.InputSourceRequest" + }, + "markdownDescription": "Settings that apply only if the input is a pull type of input.", + "title": "Sources", + "type": "array" + }, + "SrtSettings": { + "$ref": "#/definitions/AWS::MediaLive::Input.SrtSettingsRequest", + "markdownDescription": "", + "title": "SrtSettings" + }, + "Tags": { + "markdownDescription": "A collection of tags for this input. Each tag is a key-value pair.", + "title": "Tags", + "type": "object" + }, + "Type": { + "markdownDescription": "The type for this input.", + "title": "Type", + "type": "string" + }, + "Vpc": { + "$ref": "#/definitions/AWS::MediaLive::Input.InputVpcRequest", + "markdownDescription": "Settings that apply only if the input is an push input where the source is on Amazon VPC.", + "title": "Vpc" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaLive::Input" + ], "type": "string" }, - "Title": { - "markdownDescription": "The title of the `FilterTextAreaControl` .", - "title": "Title", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "FilterControlId", - "SourceFilterId", - "Title" + "Type" ], "type": "object" }, - "AWS::QuickSight::Analysis.FilterTextFieldControl": { + "AWS::MediaLive::Input.InputDestinationRequest": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TextFieldControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterTextFieldControl` .", - "title": "FilterControlId", + "Network": { + "markdownDescription": "", + "title": "Network", "type": "string" }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterTextFieldControl` .", - "title": "SourceFilterId", + "NetworkRoutes": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Input.InputRequestDestinationRoute" + }, + "markdownDescription": "", + "title": "NetworkRoutes", + "type": "array" + }, + "StaticIpAddress": { + "markdownDescription": "", + "title": "StaticIpAddress", "type": "string" }, - "Title": { - "markdownDescription": "The title of the `FilterTextFieldControl` .", - "title": "Title", + "StreamName": { + "markdownDescription": "The stream name (application name/application instance) for the location the RTMP source content will be pushed to in MediaLive.", + "title": "StreamName", "type": "string" } }, - "required": [ - "FilterControlId", - "SourceFilterId", - "Title" - ], "type": "object" }, - "AWS::QuickSight::Analysis.FontConfiguration": { + "AWS::MediaLive::Input.InputDeviceRequest": { "additionalProperties": false, "properties": { - "FontColor": { - "markdownDescription": "Determines the color of the text.", - "title": "FontColor", - "type": "string" - }, - "FontDecoration": { - "markdownDescription": "Determines the appearance of decorative lines on the text.", - "title": "FontDecoration", - "type": "string" - }, - "FontSize": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FontSize", - "markdownDescription": "The option that determines the text display size.", - "title": "FontSize" - }, - "FontStyle": { - "markdownDescription": "Determines the text display face that is inherited by the given font family.", - "title": "FontStyle", + "Id": { "type": "string" - }, - "FontWeight": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FontWeight", - "markdownDescription": "The option that determines the text display weight, or boldness.", - "title": "FontWeight" } }, "type": "object" }, - "AWS::QuickSight::Analysis.FontSize": { + "AWS::MediaLive::Input.InputDeviceSettings": { "additionalProperties": false, "properties": { - "Relative": { - "markdownDescription": "The lexical name for the text size, proportional to its surrounding context.", - "title": "Relative", + "Id": { + "markdownDescription": "The unique ID for the device.", + "title": "Id", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.FontWeight": { + "AWS::MediaLive::Input.InputRequestDestinationRoute": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The lexical name for the level of boldness of the text display.", - "title": "Name", + "Cidr": { + "markdownDescription": "", + "title": "Cidr", + "type": "string" + }, + "Gateway": { + "markdownDescription": "", + "title": "Gateway", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ForecastComputation": { + "AWS::MediaLive::Input.InputSdpLocation": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" - }, - "CustomSeasonalityValue": { - "markdownDescription": "The custom seasonality value setup of a forecast computation.", - "title": "CustomSeasonalityValue", - "type": "number" - }, - "LowerBoundary": { - "markdownDescription": "The lower boundary setup of a forecast computation.", - "title": "LowerBoundary", - "type": "number" - }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", - "type": "string" - }, - "PeriodsBackward": { - "markdownDescription": "The periods backward setup of a forecast computation.", - "title": "PeriodsBackward", - "type": "number" - }, - "PeriodsForward": { - "markdownDescription": "The periods forward setup of a forecast computation.", - "title": "PeriodsForward", - "type": "number" - }, - "PredictionInterval": { - "markdownDescription": "The prediction interval setup of a forecast computation.", - "title": "PredictionInterval", + "MediaIndex": { + "markdownDescription": "", + "title": "MediaIndex", "type": "number" }, - "Seasonality": { - "markdownDescription": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `AUTOMATIC`\n- `CUSTOM` : Checks the custom seasonality value.", - "title": "Seasonality", + "SdpUrl": { + "markdownDescription": "", + "title": "SdpUrl", "type": "string" - }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" - }, - "UpperBoundary": { - "markdownDescription": "The upper boundary setup of a forecast computation.", - "title": "UpperBoundary", - "type": "number" - }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" } }, - "required": [ - "ComputationId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.ForecastConfiguration": { + "AWS::MediaLive::Input.InputSourceRequest": { "additionalProperties": false, "properties": { - "ForecastProperties": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TimeBasedForecastProperties", - "markdownDescription": "The forecast properties setup of a forecast in the line chart.", - "title": "ForecastProperties" + "PasswordParam": { + "markdownDescription": "The password parameter that holds the password for accessing the upstream system. The password parameter applies only if the upstream system requires credentials.", + "title": "PasswordParam", + "type": "string" }, - "Scenario": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ForecastScenario", - "markdownDescription": "The forecast scenario of a forecast in the line chart.", - "title": "Scenario" + "Url": { + "markdownDescription": "For a pull input, the URL where MediaLive pulls the source content from.", + "title": "Url", + "type": "string" + }, + "Username": { + "markdownDescription": "The user name to connect to the upstream system. The user name applies only if the upstream system requires credentials.", + "title": "Username", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ForecastScenario": { + "AWS::MediaLive::Input.InputVpcRequest": { "additionalProperties": false, "properties": { - "WhatIfPointScenario": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WhatIfPointScenario", - "markdownDescription": "The what-if analysis forecast setup with the target date.", - "title": "WhatIfPointScenario" + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of up to five VPC security group IDs to attach to the input VPC network interfaces. The security groups require subnet IDs. If none are specified, MediaLive uses the VPC default security group.", + "title": "SecurityGroupIds", + "type": "array" }, - "WhatIfRangeScenario": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WhatIfRangeScenario", - "markdownDescription": "The what-if analysis forecast setup with the date range.", - "title": "WhatIfRangeScenario" + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of two VPC subnet IDs from the same VPC. You must associate subnet IDs to two unique Availability Zones.", + "title": "SubnetIds", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.FormatConfiguration": { + "AWS::MediaLive::Input.MediaConnectFlowRequest": { "additionalProperties": false, "properties": { - "DateTimeFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeFormatConfiguration", - "markdownDescription": "Formatting configuration for `DateTime` fields.", - "title": "DateTimeFormatConfiguration" - }, - "NumberFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumberFormatConfiguration", - "markdownDescription": "Formatting configuration for number fields.", - "title": "NumberFormatConfiguration" - }, - "StringFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.StringFormatConfiguration", - "markdownDescription": "Formatting configuration for string fields.", - "title": "StringFormatConfiguration" + "FlowArn": { + "markdownDescription": "The ARN of one or two MediaConnect flows that are the sources for this MediaConnect input.", + "title": "FlowArn", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.FreeFormLayoutCanvasSizeOptions": { + "AWS::MediaLive::Input.MulticastSettingsCreateRequest": { "additionalProperties": false, "properties": { - "ScreenCanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutScreenCanvasSizeOptions", - "markdownDescription": "The options that determine the sizing of the canvas used in a free-form layout.", - "title": "ScreenCanvasSizeOptions" + "Sources": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Input.MulticastSourceCreateRequest" + }, + "markdownDescription": "", + "title": "Sources", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.FreeFormLayoutConfiguration": { + "AWS::MediaLive::Input.MulticastSettingsUpdateRequest": { "additionalProperties": false, "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutCanvasSizeOptions", - "markdownDescription": "", - "title": "CanvasSizeOptions" - }, - "Elements": { + "Sources": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutElement" + "$ref": "#/definitions/AWS::MediaLive::Input.MulticastSourceUpdateRequest" }, - "markdownDescription": "The elements that are included in a free-form layout.", - "title": "Elements", "type": "array" } }, - "required": [ - "Elements" - ], "type": "object" }, - "AWS::QuickSight::Analysis.FreeFormLayoutElement": { + "AWS::MediaLive::Input.MulticastSourceCreateRequest": { "additionalProperties": false, "properties": { - "BackgroundStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutElementBackgroundStyle", - "markdownDescription": "The background style configuration of a free-form layout element.", - "title": "BackgroundStyle" - }, - "BorderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutElementBorderStyle", - "markdownDescription": "The border style configuration of a free-form layout element.", - "title": "BorderStyle" - }, - "ElementId": { - "markdownDescription": "A unique identifier for an element within a free-form layout.", - "title": "ElementId", + "SourceIp": { + "markdownDescription": "", + "title": "SourceIp", "type": "string" }, - "ElementType": { - "markdownDescription": "The type of element.", - "title": "ElementType", - "type": "string" - }, - "Height": { - "markdownDescription": "The height of an element within a free-form layout.", - "title": "Height", - "type": "string" - }, - "LoadingAnimation": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LoadingAnimation", - "markdownDescription": "The loading animation configuration of a free-form layout element.", - "title": "LoadingAnimation" - }, - "RenderingRules": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetElementRenderingRule" - }, - "markdownDescription": "The rendering rules that determine when an element should be displayed within a free-form layout.", - "title": "RenderingRules", - "type": "array" - }, - "SelectedBorderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutElementBorderStyle", - "markdownDescription": "The border style configuration of a free-form layout element. This border style is used when the element is selected.", - "title": "SelectedBorderStyle" - }, - "Visibility": { - "markdownDescription": "The visibility of an element within a free-form layout.", - "title": "Visibility", - "type": "string" - }, - "Width": { - "markdownDescription": "The width of an element within a free-form layout.", - "title": "Width", - "type": "string" - }, - "XAxisLocation": { - "markdownDescription": "The x-axis coordinate of the element.", - "title": "XAxisLocation", - "type": "string" - }, - "YAxisLocation": { - "markdownDescription": "The y-axis coordinate of the element.", - "title": "YAxisLocation", - "type": "string" - } - }, - "required": [ - "ElementId", - "ElementType", - "Height", - "Width", - "XAxisLocation", - "YAxisLocation" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.FreeFormLayoutElementBackgroundStyle": { - "additionalProperties": false, - "properties": { - "Color": { - "markdownDescription": "The background color of a free-form layout element.", - "title": "Color", - "type": "string" - }, - "Visibility": { - "markdownDescription": "The background visibility of a free-form layout element.", - "title": "Visibility", + "Url": { + "markdownDescription": "", + "title": "Url", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.FreeFormLayoutElementBorderStyle": { + "AWS::MediaLive::Input.MulticastSourceUpdateRequest": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The border color of a free-form layout element.", - "title": "Color", + "SourceIp": { "type": "string" }, - "Visibility": { - "markdownDescription": "The border visibility of a free-form layout element.", - "title": "Visibility", + "Url": { "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.FreeFormLayoutScreenCanvasSizeOptions": { + "AWS::MediaLive::Input.Smpte2110ReceiverGroup": { "additionalProperties": false, "properties": { - "OptimizedViewPortWidth": { - "markdownDescription": "The width that the view port will be optimized for when the layout renders.", - "title": "OptimizedViewPortWidth", - "type": "string" + "SdpSettings": { + "$ref": "#/definitions/AWS::MediaLive::Input.Smpte2110ReceiverGroupSdpSettings", + "markdownDescription": "", + "title": "SdpSettings" } }, - "required": [ - "OptimizedViewPortWidth" - ], "type": "object" }, - "AWS::QuickSight::Analysis.FreeFormSectionLayoutConfiguration": { + "AWS::MediaLive::Input.Smpte2110ReceiverGroupSdpSettings": { "additionalProperties": false, "properties": { - "Elements": { + "AncillarySdps": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutElement" + "$ref": "#/definitions/AWS::MediaLive::Input.InputSdpLocation" }, - "markdownDescription": "The elements that are included in the free-form layout.", - "title": "Elements", + "markdownDescription": "", + "title": "AncillarySdps", "type": "array" + }, + "AudioSdps": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Input.InputSdpLocation" + }, + "markdownDescription": "", + "title": "AudioSdps", + "type": "array" + }, + "VideoSdp": { + "$ref": "#/definitions/AWS::MediaLive::Input.InputSdpLocation", + "markdownDescription": "", + "title": "VideoSdp" } }, - "required": [ - "Elements" - ], "type": "object" }, - "AWS::QuickSight::Analysis.FunnelChartAggregatedFieldWells": { + "AWS::MediaLive::Input.Smpte2110ReceiverGroupSettings": { "additionalProperties": false, "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The category field wells of a funnel chart. Values are grouped by category fields.", - "title": "Category", - "type": "array" - }, - "Values": { + "Smpte2110ReceiverGroups": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + "$ref": "#/definitions/AWS::MediaLive::Input.Smpte2110ReceiverGroup" }, - "markdownDescription": "The value field wells of a funnel chart. Values are aggregated based on categories.", - "title": "Values", + "markdownDescription": "", + "title": "Smpte2110ReceiverGroups", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.FunnelChartConfiguration": { + "AWS::MediaLive::Input.SrtCallerDecryptionRequest": { "additionalProperties": false, "properties": { - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options of the categories that are displayed in a `FunnelChartVisual` .", - "title": "CategoryLabelOptions" - }, - "DataLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FunnelChartDataLabelOptions", - "markdownDescription": "The options that determine the presentation of the data labels.", - "title": "DataLabelOptions" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FunnelChartFieldWells", - "markdownDescription": "The field well configuration of a `FunnelChartVisual` .", - "title": "FieldWells" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FunnelChartSortConfiguration", - "markdownDescription": "The sort configuration of a `FunnelChartVisual` .", - "title": "SortConfiguration" - }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", - "markdownDescription": "The tooltip configuration of a `FunnelChartVisual` .", - "title": "Tooltip" - }, - "ValueLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options for the values that are displayed in a `FunnelChartVisual` .", - "title": "ValueLabelOptions" + "Algorithm": { + "markdownDescription": "", + "title": "Algorithm", + "type": "string" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", - "markdownDescription": "The visual palette configuration of a `FunnelChartVisual` .", - "title": "VisualPalette" + "PassphraseSecretArn": { + "markdownDescription": "", + "title": "PassphraseSecretArn", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.FunnelChartDataLabelOptions": { + "AWS::MediaLive::Input.SrtCallerSourceRequest": { "additionalProperties": false, "properties": { - "CategoryLabelVisibility": { - "markdownDescription": "The visibility of the category labels within the data labels.", - "title": "CategoryLabelVisibility", - "type": "string" - }, - "LabelColor": { - "markdownDescription": "The color of the data label text.", - "title": "LabelColor", - "type": "string" - }, - "LabelFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", - "markdownDescription": "The font configuration for the data labels.\n\nOnly the `FontSize` attribute of the font configuration is used for data labels.", - "title": "LabelFontConfiguration" + "Decryption": { + "$ref": "#/definitions/AWS::MediaLive::Input.SrtCallerDecryptionRequest", + "markdownDescription": "", + "title": "Decryption" }, - "MeasureDataLabelStyle": { - "markdownDescription": "Determines the style of the metric labels.", - "title": "MeasureDataLabelStyle", - "type": "string" + "MinimumLatency": { + "markdownDescription": "", + "title": "MinimumLatency", + "type": "number" }, - "MeasureLabelVisibility": { - "markdownDescription": "The visibility of the measure labels within the data labels.", - "title": "MeasureLabelVisibility", + "SrtListenerAddress": { + "markdownDescription": "", + "title": "SrtListenerAddress", "type": "string" }, - "Position": { - "markdownDescription": "Determines the positioning of the data label relative to a section of the funnel.", - "title": "Position", + "SrtListenerPort": { + "markdownDescription": "", + "title": "SrtListenerPort", "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility option that determines if data labels are displayed.", - "title": "Visibility", + "StreamId": { + "markdownDescription": "", + "title": "StreamId", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.FunnelChartFieldWells": { - "additionalProperties": false, - "properties": { - "FunnelChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FunnelChartAggregatedFieldWells", - "markdownDescription": "The field well configuration of a `FunnelChartVisual` .", - "title": "FunnelChartAggregatedFieldWells" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.FunnelChartSortConfiguration": { + "AWS::MediaLive::Input.SrtSettingsRequest": { "additionalProperties": false, "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of categories displayed.", - "title": "CategoryItemsLimit" - }, - "CategorySort": { + "SrtCallerSources": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + "$ref": "#/definitions/AWS::MediaLive::Input.SrtCallerSourceRequest" }, - "markdownDescription": "The sort configuration of the category fields.", - "title": "CategorySort", + "markdownDescription": "", + "title": "SrtCallerSources", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.FunnelChartVisual": { + "AWS::MediaLive::InputSecurityGroup": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FunnelChartConfiguration", - "markdownDescription": "The configuration of a `FunnelChartVisual` .", - "title": "ChartConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Metadata": { + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Properties": { + "additionalProperties": false, + "properties": { + "Tags": { + "markdownDescription": "A collection of tags for this input security group. Each tag is a key-value pair.", + "title": "Tags", + "type": "object" + }, + "WhitelistRules": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::InputSecurityGroup.InputWhitelistRuleCidr" + }, + "markdownDescription": "The list of IPv4 CIDR addresses to include in the input security group as \"allowed\" addresses.", + "title": "WhitelistRules", + "type": "array" + } + }, + "type": "object" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "Type": { + "enum": [ + "AWS::MediaLive::InputSecurityGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type" ], "type": "object" }, - "AWS::QuickSight::Analysis.GaugeChartArcConditionalFormatting": { + "AWS::MediaLive::InputSecurityGroup.InputWhitelistRuleCidr": { "additionalProperties": false, "properties": { - "ForegroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the arc foreground color.", - "title": "ForegroundColor" + "Cidr": { + "markdownDescription": "An IPv4 CIDR range to include in this input security group.", + "title": "Cidr", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.GaugeChartConditionalFormatting": { + "AWS::MediaLive::Multiplex": { "additionalProperties": false, "properties": { - "ConditionalFormattingOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartConditionalFormattingOption" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AvailabilityZones": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of availability zones for the multiplex.", + "title": "AvailabilityZones", + "type": "array" + }, + "Destinations": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Multiplex.MultiplexOutputDestination" + }, + "markdownDescription": "A list of the multiplex output destinations.", + "title": "Destinations", + "type": "array" + }, + "MultiplexSettings": { + "$ref": "#/definitions/AWS::MediaLive::Multiplex.MultiplexSettings", + "markdownDescription": "Configuration for a multiplex event.", + "title": "MultiplexSettings" + }, + "Name": { + "markdownDescription": "The name of the multiplex.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Multiplex.Tags" + }, + "markdownDescription": "A collection of key-value pairs.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "Conditional formatting options of a `GaugeChartVisual` .", - "title": "ConditionalFormattingOptions", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.GaugeChartConditionalFormattingOption": { - "additionalProperties": false, - "properties": { - "Arc": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartArcConditionalFormatting", - "markdownDescription": "The options that determine the presentation of the arc of a `GaugeChartVisual` .", - "title": "Arc" + "required": [ + "AvailabilityZones", + "MultiplexSettings", + "Name" + ], + "type": "object" }, - "PrimaryValue": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartPrimaryValueConditionalFormatting", - "markdownDescription": "The conditional formatting for the primary value of a `GaugeChartVisual` .", - "title": "PrimaryValue" + "Type": { + "enum": [ + "AWS::MediaLive::Multiplex" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.GaugeChartConfiguration": { + "AWS::MediaLive::Multiplex.MultiplexMediaConnectOutputDestinationSettings": { "additionalProperties": false, "properties": { - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", - "markdownDescription": "The data label configuration of a `GaugeChartVisual` .", - "title": "DataLabels" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartFieldWells", - "markdownDescription": "The field well configuration of a `GaugeChartVisual` .", - "title": "FieldWells" - }, - "GaugeChartOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartOptions", - "markdownDescription": "The options that determine the presentation of the `GaugeChartVisual` .", - "title": "GaugeChartOptions" - }, - "TooltipOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", - "markdownDescription": "The tooltip configuration of a `GaugeChartVisual` .", - "title": "TooltipOptions" - }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", - "markdownDescription": "The visual palette configuration of a `GaugeChartVisual` .", - "title": "VisualPalette" + "EntitlementArn": { + "markdownDescription": "The MediaConnect entitlement ARN available as a Flow source.", + "title": "EntitlementArn", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.GaugeChartFieldWells": { + "AWS::MediaLive::Multiplex.MultiplexOutputDestination": { "additionalProperties": false, "properties": { - "TargetValues": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The target value field wells of a `GaugeChartVisual` .", - "title": "TargetValues", - "type": "array" - }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The value field wells of a `GaugeChartVisual` .", - "title": "Values", - "type": "array" + "MultiplexMediaConnectOutputDestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Multiplex.MultiplexMediaConnectOutputDestinationSettings", + "markdownDescription": "", + "title": "MultiplexMediaConnectOutputDestinationSettings" } }, "type": "object" }, - "AWS::QuickSight::Analysis.GaugeChartOptions": { + "AWS::MediaLive::Multiplex.MultiplexSettings": { "additionalProperties": false, "properties": { - "Arc": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ArcConfiguration", - "markdownDescription": "The arc configuration of a `GaugeChartVisual` .", - "title": "Arc" - }, - "ArcAxis": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ArcAxisConfiguration", - "markdownDescription": "The arc axis configuration of a `GaugeChartVisual` .", - "title": "ArcAxis" + "MaximumVideoBufferDelayMilliseconds": { + "markdownDescription": "Maximum video buffer delay in milliseconds.", + "title": "MaximumVideoBufferDelayMilliseconds", + "type": "number" }, - "Comparison": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ComparisonConfiguration", - "markdownDescription": "The comparison configuration of a `GaugeChartVisual` .", - "title": "Comparison" + "TransportStreamBitrate": { + "markdownDescription": "Transport stream bit rate.", + "title": "TransportStreamBitrate", + "type": "number" }, - "PrimaryValueDisplayType": { - "markdownDescription": "The options that determine the primary value display type.", - "title": "PrimaryValueDisplayType", - "type": "string" + "TransportStreamId": { + "markdownDescription": "Transport stream ID.", + "title": "TransportStreamId", + "type": "number" }, - "PrimaryValueFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", - "markdownDescription": "The options that determine the primary value font configuration.", - "title": "PrimaryValueFontConfiguration" + "TransportStreamReservedBitrate": { + "markdownDescription": "Transport stream reserved bit rate.", + "title": "TransportStreamReservedBitrate", + "type": "number" } }, + "required": [ + "TransportStreamBitrate", + "TransportStreamId" + ], "type": "object" }, - "AWS::QuickSight::Analysis.GaugeChartPrimaryValueConditionalFormatting": { + "AWS::MediaLive::Multiplex.Tags": { "additionalProperties": false, "properties": { - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting of the primary value icon.", - "title": "Icon" + "Key": { + "markdownDescription": "", + "title": "Key", + "type": "string" }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the primary value text color.", - "title": "TextColor" + "Value": { + "markdownDescription": "", + "title": "Value", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.GaugeChartVisual": { + "AWS::MediaLive::Multiplexprogram": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartConfiguration", - "markdownDescription": "The configuration of a `GaugeChartVisual` .", - "title": "ChartConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartConditionalFormatting", - "markdownDescription": "The conditional formatting of a `GaugeChartVisual` .", - "title": "ConditionalFormatting" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Metadata": { + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Properties": { + "additionalProperties": false, + "properties": { + "MultiplexId": { + "markdownDescription": "The unique id of the multiplex.", + "title": "MultiplexId", + "type": "string" + }, + "MultiplexProgramSettings": { + "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram.MultiplexProgramSettings", + "markdownDescription": "Multiplex Program settings configuration.", + "title": "MultiplexProgramSettings" + }, + "PacketIdentifiersMap": { + "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram.MultiplexProgramPacketIdentifiersMap", + "markdownDescription": "", + "title": "PacketIdentifiersMap" + }, + "PipelineDetails": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram.MultiplexProgramPipelineDetail" + }, + "markdownDescription": "", + "title": "PipelineDetails", + "type": "array" + }, + "PreferredChannelPipeline": { + "markdownDescription": "Indicates which pipeline is preferred by the multiplex for program ingest.\nIf set to \\\"PIPELINE_0\\\" or \\\"PIPELINE_1\\\" and an unhealthy ingest causes the multiplex to switch to the non-preferred pipeline,\nit will switch back once that ingest is healthy again. If set to \\\"CURRENTLY_ACTIVE\\\",\nit will not switch back to the other pipeline based on it recovering to a healthy state,\nit will only switch if the active pipeline becomes unhealthy.", + "title": "PreferredChannelPipeline", + "type": "string" + }, + "ProgramName": { + "markdownDescription": "", + "title": "ProgramName", + "type": "string" + } + }, + "type": "object" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "Type": { + "enum": [ + "AWS::MediaLive::Multiplexprogram" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type" ], "type": "object" }, - "AWS::QuickSight::Analysis.GeospatialCoordinateBounds": { + "AWS::MediaLive::Multiplexprogram.MultiplexProgramPacketIdentifiersMap": { "additionalProperties": false, "properties": { - "East": { - "markdownDescription": "The longitude of the east bound of the geospatial coordinate bounds.", - "title": "East", + "AudioPids": { + "items": { + "type": "number" + }, + "markdownDescription": "", + "title": "AudioPids", + "type": "array" + }, + "DvbSubPids": { + "items": { + "type": "number" + }, + "markdownDescription": "", + "title": "DvbSubPids", + "type": "array" + }, + "DvbTeletextPid": { + "markdownDescription": "", + "title": "DvbTeletextPid", "type": "number" }, - "North": { - "markdownDescription": "The latitude of the north bound of the geospatial coordinate bounds.", - "title": "North", + "EtvPlatformPid": { + "markdownDescription": "", + "title": "EtvPlatformPid", "type": "number" }, - "South": { - "markdownDescription": "The latitude of the south bound of the geospatial coordinate bounds.", - "title": "South", + "EtvSignalPid": { + "markdownDescription": "", + "title": "EtvSignalPid", "type": "number" }, - "West": { - "markdownDescription": "The longitude of the west bound of the geospatial coordinate bounds.", - "title": "West", + "KlvDataPids": { + "items": { + "type": "number" + }, + "markdownDescription": "", + "title": "KlvDataPids", + "type": "array" + }, + "PcrPid": { + "markdownDescription": "", + "title": "PcrPid", "type": "number" - } - }, - "required": [ - "East", - "North", - "South", - "West" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.GeospatialHeatmapColorScale": { - "additionalProperties": false, - "properties": { - "Colors": { + }, + "PmtPid": { + "markdownDescription": "", + "title": "PmtPid", + "type": "number" + }, + "PrivateMetadataPid": { + "markdownDescription": "", + "title": "PrivateMetadataPid", + "type": "number" + }, + "Scte27Pids": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialHeatmapDataColor" + "type": "number" }, - "markdownDescription": "The list of colors to be used in heatmap point style.", - "title": "Colors", + "markdownDescription": "", + "title": "Scte27Pids", "type": "array" + }, + "Scte35Pid": { + "markdownDescription": "", + "title": "Scte35Pid", + "type": "number" + }, + "TimedMetadataPid": { + "markdownDescription": "", + "title": "TimedMetadataPid", + "type": "number" + }, + "VideoPid": { + "markdownDescription": "", + "title": "VideoPid", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.GeospatialHeatmapConfiguration": { + "AWS::MediaLive::Multiplexprogram.MultiplexProgramPipelineDetail": { "additionalProperties": false, "properties": { - "HeatmapColor": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialHeatmapColorScale", - "markdownDescription": "The color scale specification for the heatmap point style.", - "title": "HeatmapColor" + "ActiveChannelPipeline": { + "markdownDescription": "Identifies the channel pipeline that is currently active for the pipeline (identified by PipelineId) in the multiplex.", + "title": "ActiveChannelPipeline", + "type": "string" + }, + "PipelineId": { + "markdownDescription": "Identifies a specific pipeline in the multiplex.", + "title": "PipelineId", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.GeospatialHeatmapDataColor": { + "AWS::MediaLive::Multiplexprogram.MultiplexProgramServiceDescriptor": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The hex color to be used in the heatmap point style.", - "title": "Color", + "ProviderName": { + "markdownDescription": "Name of the provider.", + "title": "ProviderName", + "type": "string" + }, + "ServiceName": { + "markdownDescription": "Name of the service.", + "title": "ServiceName", "type": "string" } }, "required": [ - "Color" + "ProviderName", + "ServiceName" ], "type": "object" }, - "AWS::QuickSight::Analysis.GeospatialMapAggregatedFieldWells": { + "AWS::MediaLive::Multiplexprogram.MultiplexProgramSettings": { "additionalProperties": false, "properties": { - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The color field wells of a geospatial map.", - "title": "Colors", - "type": "array" + "PreferredChannelPipeline": { + "markdownDescription": "Indicates which pipeline is preferred by the multiplex for program ingest.", + "title": "PreferredChannelPipeline", + "type": "string" }, - "Geospatial": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The geospatial field wells of a geospatial map. Values are grouped by geospatial fields.", - "title": "Geospatial", - "type": "array" + "ProgramNumber": { + "markdownDescription": "Unique program number.", + "title": "ProgramNumber", + "type": "number" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The size field wells of a geospatial map. Values are aggregated based on geospatial fields.", - "title": "Values", - "type": "array" + "ServiceDescriptor": { + "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram.MultiplexProgramServiceDescriptor", + "markdownDescription": "Transport stream service descriptor configuration for the Multiplex program.", + "title": "ServiceDescriptor" + }, + "VideoSettings": { + "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram.MultiplexVideoSettings", + "markdownDescription": "Program video settings configuration.", + "title": "VideoSettings" } }, + "required": [ + "ProgramNumber" + ], "type": "object" }, - "AWS::QuickSight::Analysis.GeospatialMapConfiguration": { + "AWS::MediaLive::Multiplexprogram.MultiplexStatmuxVideoSettings": { "additionalProperties": false, "properties": { - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" - }, - "MapStyleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapStyleOptions", - "markdownDescription": "The map style options of the geospatial map.", - "title": "MapStyleOptions" - }, - "PointStyleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialPointStyleOptions", - "markdownDescription": "The point style options of the geospatial map.", - "title": "PointStyleOptions" - }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" + "MaximumBitrate": { + "markdownDescription": "Maximum statmux bitrate.", + "title": "MaximumBitrate", + "type": "number" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", - "markdownDescription": "", - "title": "VisualPalette" + "MinimumBitrate": { + "markdownDescription": "Minimum statmux bitrate.", + "title": "MinimumBitrate", + "type": "number" }, - "WindowOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialWindowOptions", - "markdownDescription": "The window options of the geospatial map.", - "title": "WindowOptions" + "Priority": { + "markdownDescription": "The purpose of the priority is to use a combination of the\\nmultiplex rate control algorithm and the QVBR capability of the\\nencoder to prioritize the video quality of some channels in a\\nmultiplex over others. Channels that have a higher priority will\\nget higher video quality at the expense of the video quality of\\nother channels in the multiplex with lower priority.", + "title": "Priority", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.GeospatialMapFieldWells": { + "AWS::MediaLive::Multiplexprogram.MultiplexVideoSettings": { "additionalProperties": false, "properties": { - "GeospatialMapAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapAggregatedFieldWells", - "markdownDescription": "The aggregated field well for a geospatial map.", - "title": "GeospatialMapAggregatedFieldWells" + "ConstantBitrate": { + "markdownDescription": "The constant bitrate configuration for the video encode.\nWhen this field is defined, StatmuxSettings must be undefined.", + "title": "ConstantBitrate", + "type": "number" + }, + "StatmuxSettings": { + "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram.MultiplexStatmuxVideoSettings", + "markdownDescription": "Statmux rate control settings.\nWhen this field is defined, ConstantBitrate must be undefined.", + "title": "StatmuxSettings" } }, "type": "object" }, - "AWS::QuickSight::Analysis.GeospatialMapStyleOptions": { + "AWS::MediaLive::Network": { "additionalProperties": false, "properties": { - "BaseMapStyle": { - "markdownDescription": "The base map style of the geospatial map.", - "title": "BaseMapStyle", + "Condition": { "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.GeospatialMapVisual": { - "additionalProperties": false, - "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Metadata": { + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Properties": { + "additionalProperties": false, + "properties": { + "IpPools": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Network.IpPool" + }, + "markdownDescription": "", + "title": "IpPools", + "type": "array" + }, + "Name": { + "markdownDescription": "", + "title": "Name", + "type": "string" + }, + "Routes": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Network.Route" + }, + "markdownDescription": "", + "title": "Routes", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Network.Tags" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "IpPools", + "Name" + ], + "type": "object" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "Type": { + "enum": [ + "AWS::MediaLive::Network" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.GeospatialPointStyleOptions": { + "AWS::MediaLive::Network.IpPool": { "additionalProperties": false, "properties": { - "ClusterMarkerConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ClusterMarkerConfiguration", - "markdownDescription": "The cluster marker configuration of the geospatial point style.", - "title": "ClusterMarkerConfiguration" - }, - "HeatmapConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialHeatmapConfiguration", - "markdownDescription": "The heatmap configuration of the geospatial point style.", - "title": "HeatmapConfiguration" - }, - "SelectedPointStyle": { - "markdownDescription": "The selected point styles (point, cluster) of the geospatial map.", - "title": "SelectedPointStyle", + "Cidr": { + "markdownDescription": "", + "title": "Cidr", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.GeospatialWindowOptions": { + "AWS::MediaLive::Network.Route": { "additionalProperties": false, "properties": { - "Bounds": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialCoordinateBounds", - "markdownDescription": "The bounds options (north, south, west, east) of the geospatial window options.", - "title": "Bounds" + "Cidr": { + "markdownDescription": "", + "title": "Cidr", + "type": "string" }, - "MapZoomMode": { - "markdownDescription": "The map zoom modes (manual, auto) of the geospatial window options.", - "title": "MapZoomMode", + "Gateway": { + "markdownDescription": "", + "title": "Gateway", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.GlobalTableBorderOptions": { + "AWS::MediaLive::Network.Tags": { "additionalProperties": false, "properties": { - "SideSpecificBorder": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableSideBorderOptions", - "markdownDescription": "Determines the options for side specific border.", - "title": "SideSpecificBorder" - }, - "UniformBorder": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", - "markdownDescription": "Determines the options for uniform border.", - "title": "UniformBorder" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.GradientColor": { - "additionalProperties": false, - "properties": { - "Stops": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GradientStop" - }, - "markdownDescription": "The list of gradient color stops.", - "title": "Stops", - "type": "array" + "Key": { + "markdownDescription": "", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "", + "title": "Value", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.GradientStop": { + "AWS::MediaLive::SdiSource": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "Determines the color.", - "title": "Color", + "Condition": { "type": "string" }, - "DataValue": { - "markdownDescription": "Determines the data value.", - "title": "DataValue", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "GradientOffset": { - "markdownDescription": "Determines gradient offset value.", - "title": "GradientOffset", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Mode": { + "markdownDescription": "", + "title": "Mode", + "type": "string" + }, + "Name": { + "markdownDescription": "", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::SdiSource.Tags" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Name", + "Type" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaLive::SdiSource" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "GradientOffset" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.GridLayoutCanvasSizeOptions": { - "additionalProperties": false, - "properties": { - "ScreenCanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GridLayoutScreenCanvasSizeOptions", - "markdownDescription": "The options that determine the sizing of the canvas used in a grid layout.", - "title": "ScreenCanvasSizeOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.GridLayoutConfiguration": { + "AWS::MediaLive::SdiSource.Tags": { "additionalProperties": false, "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GridLayoutCanvasSizeOptions", + "Key": { "markdownDescription": "", - "title": "CanvasSizeOptions" + "title": "Key", + "type": "string" }, - "Elements": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GridLayoutElement" - }, - "markdownDescription": "The elements that are included in a grid layout.", - "title": "Elements", - "type": "array" + "Value": { + "markdownDescription": "", + "title": "Value", + "type": "string" } }, - "required": [ - "Elements" - ], "type": "object" }, - "AWS::QuickSight::Analysis.GridLayoutElement": { + "AWS::MediaLive::SignalMap": { "additionalProperties": false, "properties": { - "ColumnIndex": { - "markdownDescription": "The column index for the upper left corner of an element.", - "title": "ColumnIndex", - "type": "number" - }, - "ColumnSpan": { - "markdownDescription": "The width of a grid element expressed as a number of grid columns.", - "title": "ColumnSpan", - "type": "number" - }, - "ElementId": { - "markdownDescription": "A unique identifier for an element within a grid layout.", - "title": "ElementId", + "Condition": { "type": "string" }, - "ElementType": { - "markdownDescription": "The type of element.", - "title": "ElementType", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "RowIndex": { - "markdownDescription": "The row index for the upper left corner of an element.", - "title": "RowIndex", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "RowSpan": { - "markdownDescription": "The height of a grid element expressed as a number of grid rows.", - "title": "RowSpan", - "type": "number" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CloudWatchAlarmTemplateGroupIdentifiers": { + "items": { + "type": "string" + }, + "markdownDescription": "A cloudwatch alarm template group's identifier. Can be either be its id or current name.", + "title": "CloudWatchAlarmTemplateGroupIdentifiers", + "type": "array" + }, + "Description": { + "markdownDescription": "A resource's optional description.", + "title": "Description", + "type": "string" + }, + "DiscoveryEntryPointArn": { + "markdownDescription": "A top-level supported Amazon Web Services resource ARN to discover a signal map from.", + "title": "DiscoveryEntryPointArn", + "type": "string" + }, + "EventBridgeRuleTemplateGroupIdentifiers": { + "items": { + "type": "string" + }, + "markdownDescription": "An eventbridge rule template group's identifier. Can be either be its id or current name.", + "title": "EventBridgeRuleTemplateGroupIdentifiers", + "type": "array" + }, + "ForceRediscovery": { + "markdownDescription": "If true, will force a rediscovery of a signal map if an unchanged discoveryEntryPointArn is provided.", + "title": "ForceRediscovery", + "type": "boolean" + }, + "Name": { + "markdownDescription": "A resource's name. Names must be unique within the scope of a resource type in a specific region.", + "title": "Name", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "DiscoveryEntryPointArn", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaLive::SignalMap" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "ColumnSpan", - "ElementId", - "ElementType", - "RowSpan" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.GridLayoutScreenCanvasSizeOptions": { + "AWS::MediaLive::SignalMap.MediaResource": { "additionalProperties": false, "properties": { - "OptimizedViewPortWidth": { - "markdownDescription": "The width that the view port will be optimized for when the layout renders.", - "title": "OptimizedViewPortWidth", - "type": "string" + "Destinations": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::SignalMap.MediaResourceNeighbor" + }, + "markdownDescription": "A direct destination neighbor to an Amazon Web Services media resource.", + "title": "Destinations", + "type": "array" }, - "ResizeOption": { - "markdownDescription": "This value determines the layout behavior when the viewport is resized.\n\n- `FIXED` : A fixed width will be used when optimizing the layout. In the Amazon QuickSight console, this option is called `Classic` .\n- `RESPONSIVE` : The width of the canvas will be responsive and optimized to the view port. In the Amazon QuickSight console, this option is called `Tiled` .", - "title": "ResizeOption", + "Name": { + "markdownDescription": "The logical name of an Amazon Web Services media resource.", + "title": "Name", "type": "string" + }, + "Sources": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::SignalMap.MediaResourceNeighbor" + }, + "markdownDescription": "A direct source neighbor to an Amazon Web Services media resource.", + "title": "Sources", + "type": "array" } }, - "required": [ - "ResizeOption" - ], "type": "object" }, - "AWS::QuickSight::Analysis.GrowthRateComputation": { + "AWS::MediaLive::SignalMap.MediaResourceNeighbor": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", + "Arn": { + "markdownDescription": "The ARN of a resource used in Amazon Web Services media workflows.", + "title": "Arn", "type": "string" }, "Name": { - "markdownDescription": "The name of a computation.", + "markdownDescription": "The logical name of an Amazon Web Services media resource.", "title": "Name", "type": "string" - }, - "PeriodSize": { - "markdownDescription": "The period size setup of a growth rate computation.", - "title": "PeriodSize", - "type": "number" - }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" - }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" } }, "required": [ - "ComputationId" + "Arn" ], "type": "object" }, - "AWS::QuickSight::Analysis.HeaderFooterSectionConfiguration": { + "AWS::MediaLive::SignalMap.MonitorDeployment": { "additionalProperties": false, "properties": { - "Layout": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionLayoutConfiguration", - "markdownDescription": "The layout configuration of the header or footer section.", - "title": "Layout" + "DetailsUri": { + "markdownDescription": "URI associated with a signal map's monitor deployment.", + "title": "DetailsUri", + "type": "string" }, - "SectionId": { - "markdownDescription": "The unique identifier of the header or footer section.", - "title": "SectionId", + "ErrorMessage": { + "markdownDescription": "Error message associated with a failed monitor deployment of a signal map.", + "title": "ErrorMessage", "type": "string" }, - "Style": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionStyle", - "markdownDescription": "The style options of a header or footer section.", - "title": "Style" + "Status": { + "markdownDescription": "The signal map monitor deployment status.", + "title": "Status", + "type": "string" } }, "required": [ - "Layout", - "SectionId" + "Status" ], "type": "object" }, - "AWS::QuickSight::Analysis.HeatMapAggregatedFieldWells": { + "AWS::MediaLive::SignalMap.SuccessfulMonitorDeployment": { "additionalProperties": false, "properties": { - "Columns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The columns field well of a heat map.", - "title": "Columns", - "type": "array" - }, - "Rows": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The rows field well of a heat map.", - "title": "Rows", - "type": "array" + "DetailsUri": { + "markdownDescription": "URI associated with a signal map's monitor deployment.", + "title": "DetailsUri", + "type": "string" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The values field well of a heat map.", - "title": "Values", - "type": "array" + "Status": { + "markdownDescription": "A signal map's monitor deployment status.", + "title": "Status", + "type": "string" } }, + "required": [ + "DetailsUri", + "Status" + ], "type": "object" }, - "AWS::QuickSight::Analysis.HeatMapConfiguration": { + "AWS::MediaPackage::Asset": { "additionalProperties": false, "properties": { - "ColorScale": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColorScale", - "markdownDescription": "The color options (gradient color, point of divergence) in a heat map.", - "title": "ColorScale" - }, - "ColumnLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options of the column that is displayed in a heat map.", - "title": "ColumnLabelOptions" + "Condition": { + "type": "string" }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.", - "title": "DataLabels" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.HeatMapFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" + "Metadata": { + "type": "object" }, - "RowLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options of the row that is displayed in a `heat map` .", - "title": "RowLabelOptions" + "Properties": { + "additionalProperties": false, + "properties": { + "EgressEndpoints": { + "items": { + "$ref": "#/definitions/AWS::MediaPackage::Asset.EgressEndpoint" + }, + "markdownDescription": "List of playback endpoints that are available for this asset.", + "title": "EgressEndpoints", + "type": "array" + }, + "Id": { + "markdownDescription": "Unique identifier that you assign to the asset.", + "title": "Id", + "type": "string" + }, + "PackagingGroupId": { + "markdownDescription": "The ID of the packaging group associated with this asset.", + "title": "PackagingGroupId", + "type": "string" + }, + "ResourceId": { + "markdownDescription": "Unique identifier for this asset, as it's configured in the key provider service.", + "title": "ResourceId", + "type": "string" + }, + "SourceArn": { + "markdownDescription": "The ARN for the source content in Amazon S3.", + "title": "SourceArn", + "type": "string" + }, + "SourceRoleArn": { + "markdownDescription": "The ARN for the IAM role that provides AWS Elemental MediaPackage access to the Amazon S3 bucket where the source content is stored. Valid format: arn:aws:iam::{accountID}:role/{name}", + "title": "SourceRoleArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to assign to the asset.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Id", + "PackagingGroupId", + "SourceArn", + "SourceRoleArn" + ], + "type": "object" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.HeatMapSortConfiguration", - "markdownDescription": "The sort configuration of a heat map.", - "title": "SortConfiguration" + "Type": { + "enum": [ + "AWS::MediaPackage::Asset" + ], + "type": "string" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.HeatMapFieldWells": { + "AWS::MediaPackage::Asset.EgressEndpoint": { "additionalProperties": false, "properties": { - "HeatMapAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.HeatMapAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a heat map.", - "title": "HeatMapAggregatedFieldWells" + "PackagingConfigurationId": { + "markdownDescription": "The ID of a packaging configuration that's applied to this asset.", + "title": "PackagingConfigurationId", + "type": "string" + }, + "Url": { + "markdownDescription": "The URL that's used to request content from this endpoint.", + "title": "Url", + "type": "string" } }, + "required": [ + "PackagingConfigurationId", + "Url" + ], "type": "object" }, - "AWS::QuickSight::Analysis.HeatMapSortConfiguration": { + "AWS::MediaPackage::Channel": { "additionalProperties": false, "properties": { - "HeatMapColumnItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of columns that are displayed in a heat map.", - "title": "HeatMapColumnItemsLimitConfiguration" - }, - "HeatMapColumnSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The column sort configuration for heat map for columns that aren't a part of a field well.", - "title": "HeatMapColumnSort", - "type": "array" + "Condition": { + "type": "string" }, - "HeatMapRowItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of rows that are displayed in a heat map.", - "title": "HeatMapRowItemsLimitConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "HeatMapRowSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The field sort configuration of the rows fields.", - "title": "HeatMapRowSort", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.HeatMapVisual": { - "additionalProperties": false, - "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.HeatMapConfiguration", - "markdownDescription": "The configuration of a heat map.", - "title": "ChartConfiguration" + "Metadata": { + "type": "object" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "Any descriptive information that you want to add to the channel for future identification purposes.", + "title": "Description", + "type": "string" + }, + "EgressAccessLogs": { + "$ref": "#/definitions/AWS::MediaPackage::Channel.LogConfiguration", + "markdownDescription": "Configures egress access logs.", + "title": "EgressAccessLogs" + }, + "HlsIngest": { + "$ref": "#/definitions/AWS::MediaPackage::Channel.HlsIngest", + "markdownDescription": "The input URL where the source stream should be sent.", + "title": "HlsIngest" + }, + "Id": { + "markdownDescription": "Unique identifier that you assign to the channel.", + "title": "Id", + "type": "string" + }, + "IngressAccessLogs": { + "$ref": "#/definitions/AWS::MediaPackage::Channel.LogConfiguration", + "markdownDescription": "Configures ingress access logs.", + "title": "IngressAccessLogs" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to assign to the channel.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "required": [ + "Id" + ], + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Type": { + "enum": [ + "AWS::MediaPackage::Channel" + ], + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.HistogramAggregatedFieldWells": { + "AWS::MediaPackage::Channel.HlsIngest": { "additionalProperties": false, "properties": { - "Values": { + "ingestEndpoints": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + "$ref": "#/definitions/AWS::MediaPackage::Channel.IngestEndpoint" }, - "markdownDescription": "The value field wells of a histogram. Values are aggregated by `COUNT` or `DISTINCT_COUNT` .", - "title": "Values", + "markdownDescription": "The input URL where the source stream should be sent.", + "title": "ingestEndpoints", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.HistogramBinOptions": { + "AWS::MediaPackage::Channel.IngestEndpoint": { "additionalProperties": false, "properties": { - "BinCount": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BinCountOptions", - "markdownDescription": "The options that determine the bin count of a histogram.", - "title": "BinCount" - }, - "BinWidth": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BinWidthOptions", - "markdownDescription": "The options that determine the bin width of a histogram.", - "title": "BinWidth" - }, - "SelectedBinType": { - "markdownDescription": "The options that determine the selected bin type.", - "title": "SelectedBinType", + "Id": { + "markdownDescription": "The endpoint identifier.", + "title": "Id", "type": "string" }, - "StartValue": { - "markdownDescription": "The options that determine the bin start value.", - "title": "StartValue", - "type": "number" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.HistogramConfiguration": { - "additionalProperties": false, - "properties": { - "BinOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.HistogramBinOptions", - "markdownDescription": "The options that determine the presentation of histogram bins.", - "title": "BinOptions" - }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", - "markdownDescription": "The data label configuration of a histogram.", - "title": "DataLabels" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.HistogramFieldWells", - "markdownDescription": "The field well configuration of a histogram.", - "title": "FieldWells" - }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", - "markdownDescription": "The tooltip configuration of a histogram.", - "title": "Tooltip" - }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", - "markdownDescription": "The visual palette configuration of a histogram.", - "title": "VisualPalette" - }, - "XAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the x-axis.", - "title": "XAxisDisplayOptions" + "Password": { + "markdownDescription": "The system-generated password for WebDAV input authentication.", + "title": "Password", + "type": "string" }, - "XAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the x-axis label.", - "title": "XAxisLabelOptions" + "Url": { + "markdownDescription": "The input URL where the source stream should be sent.", + "title": "Url", + "type": "string" }, - "YAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the y-axis.", - "title": "YAxisDisplayOptions" + "Username": { + "markdownDescription": "The system-generated username for WebDAV input authentication.", + "title": "Username", + "type": "string" } }, + "required": [ + "Id", + "Password", + "Url", + "Username" + ], "type": "object" }, - "AWS::QuickSight::Analysis.HistogramFieldWells": { + "AWS::MediaPackage::Channel.LogConfiguration": { "additionalProperties": false, "properties": { - "HistogramAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.HistogramAggregatedFieldWells", - "markdownDescription": "The field well configuration of a histogram.", - "title": "HistogramAggregatedFieldWells" + "LogGroupName": { + "markdownDescription": "Sets a custom Amazon CloudWatch log group name.", + "title": "LogGroupName", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.HistogramVisual": { + "AWS::MediaPackage::OriginEndpoint": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.HistogramConfiguration", - "markdownDescription": "The configuration for a `HistogramVisual` .", - "title": "ChartConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Metadata": { + "type": "object" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "Properties": { + "additionalProperties": false, + "properties": { + "Authorization": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.Authorization", + "markdownDescription": "Parameters for CDN authorization.", + "title": "Authorization" + }, + "ChannelId": { + "markdownDescription": "The ID of the channel associated with this endpoint.", + "title": "ChannelId", + "type": "string" + }, + "CmafPackage": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.CmafPackage", + "markdownDescription": "Parameters for Common Media Application Format (CMAF) packaging.", + "title": "CmafPackage" + }, + "DashPackage": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.DashPackage", + "markdownDescription": "Parameters for DASH packaging.", + "title": "DashPackage" + }, + "Description": { + "markdownDescription": "Any descriptive information that you want to add to the endpoint for future identification purposes.", + "title": "Description", + "type": "string" + }, + "HlsPackage": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.HlsPackage", + "markdownDescription": "Parameters for Apple HLS packaging.", + "title": "HlsPackage" + }, + "Id": { + "markdownDescription": "The manifest ID is required and must be unique within the OriginEndpoint. The ID can't be changed after the endpoint is created.", + "title": "Id", + "type": "string" + }, + "ManifestName": { + "markdownDescription": "A short string that's appended to the end of the endpoint URL to create a unique path to this endpoint.", + "title": "ManifestName", + "type": "string" + }, + "MssPackage": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.MssPackage", + "markdownDescription": "Parameters for Microsoft Smooth Streaming packaging.", + "title": "MssPackage" + }, + "Origination": { + "markdownDescription": "Controls video origination from this endpoint.\n\nValid values:\n\n- `ALLOW` - enables this endpoint to serve content to requesting devices.\n- `DENY` - prevents this endpoint from serving content. Denying origination is helpful for harvesting live-to-VOD assets. For more information about harvesting and origination, see [Live-to-VOD Requirements](https://docs.aws.amazon.com/mediapackage/latest/ug/ltov-reqmts.html) .", + "title": "Origination", + "type": "string" + }, + "StartoverWindowSeconds": { + "markdownDescription": "Maximum duration (seconds) of content to retain for startover playback. Omit this attribute or enter `0` to indicate that startover playback is disabled for this endpoint.", + "title": "StartoverWindowSeconds", + "type": "number" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to assign to the endpoint.", + "title": "Tags", + "type": "array" + }, + "TimeDelaySeconds": { + "markdownDescription": "Minimum duration (seconds) of delay to enforce on the playback of live content. Omit this attribute or enter `0` to indicate that there is no time delay in effect for this endpoint.", + "title": "TimeDelaySeconds", + "type": "number" + }, + "Whitelist": { + "items": { + "type": "string" + }, + "markdownDescription": "The IP addresses that can access this endpoint.", + "title": "Whitelist", + "type": "array" + } + }, + "required": [ + "ChannelId", + "Id" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaPackage::OriginEndpoint" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.InsightConfiguration": { + "AWS::MediaPackage::OriginEndpoint.Authorization": { "additionalProperties": false, "properties": { - "Computations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.Computation" - }, - "markdownDescription": "The computations configurations of the insight visual", - "title": "Computations", - "type": "array" + "CdnIdentifierSecret": { + "markdownDescription": "The Amazon Resource Name (ARN) for the secret in AWS Secrets Manager that your Content Delivery Network (CDN) uses for authorization to access your endpoint.", + "title": "CdnIdentifierSecret", + "type": "string" }, - "CustomNarrative": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomNarrativeOptions", - "markdownDescription": "The custom narrative of the insight visual.", - "title": "CustomNarrative" + "SecretsRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the IAM role that allows AWS Elemental MediaPackage to communicate with AWS Secrets Manager .", + "title": "SecretsRoleArn", + "type": "string" } }, + "required": [ + "CdnIdentifierSecret", + "SecretsRoleArn" + ], "type": "object" }, - "AWS::QuickSight::Analysis.InsightVisual": { + "AWS::MediaPackage::OriginEndpoint.CmafEncryption": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "DataSetIdentifier": { - "markdownDescription": "The dataset that is used in the insight visual.", - "title": "DataSetIdentifier", + "ConstantInitializationVector": { + "markdownDescription": "An optional 128-bit, 16-byte hex value represented by a 32-character string, used in conjunction with the key for encrypting blocks. If you don't specify a value, then AWS Elemental MediaPackage creates the constant initialization vector (IV).", + "title": "ConstantInitializationVector", "type": "string" }, - "InsightConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.InsightConfiguration", - "markdownDescription": "The configuration of an insight visual.", - "title": "InsightConfiguration" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "EncryptionMethod": { + "markdownDescription": "The encryption method to use.", + "title": "EncryptionMethod", + "type": "string" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "KeyRotationIntervalSeconds": { + "markdownDescription": "Number of seconds before AWS Elemental MediaPackage rotates to a new key. By default, rotation is set to 60 seconds. Set to `0` to disable key rotation.", + "title": "KeyRotationIntervalSeconds", + "type": "number" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", - "type": "string" + "SpekeKeyProvider": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.SpekeKeyProvider", + "markdownDescription": "Parameters for the SPEKE key provider.", + "title": "SpekeKeyProvider" } }, "required": [ - "DataSetIdentifier", - "VisualId" + "SpekeKeyProvider" ], "type": "object" }, - "AWS::QuickSight::Analysis.IntegerDefaultValues": { + "AWS::MediaPackage::OriginEndpoint.CmafPackage": { "additionalProperties": false, "properties": { - "DynamicValue": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DynamicDefaultValue", - "markdownDescription": "The dynamic value of the `IntegerDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", - "title": "DynamicValue" + "Encryption": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.CmafEncryption", + "markdownDescription": "Parameters for encrypting content.", + "title": "Encryption" }, - "StaticValues": { + "HlsManifests": { "items": { - "type": "number" + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.HlsManifest" }, - "markdownDescription": "The static values of the `IntegerDefaultValues` .", - "title": "StaticValues", + "markdownDescription": "A list of HLS manifest configurations that are available from this endpoint.", + "title": "HlsManifests", "type": "array" + }, + "SegmentDurationSeconds": { + "markdownDescription": "Duration (in seconds) of each segment. Actual segments are rounded to the nearest multiple of the source segment duration.", + "title": "SegmentDurationSeconds", + "type": "number" + }, + "SegmentPrefix": { + "markdownDescription": "An optional custom string that is prepended to the name of each segment. If not specified, the segment prefix defaults to the ChannelId.", + "title": "SegmentPrefix", + "type": "string" + }, + "StreamSelection": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.StreamSelection", + "markdownDescription": "Limitations for outputs from the endpoint, based on the video bitrate.", + "title": "StreamSelection" } }, "type": "object" }, - "AWS::QuickSight::Analysis.IntegerParameter": { + "AWS::MediaPackage::OriginEndpoint.DashEncryption": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the integer parameter.", - "title": "Name", - "type": "string" + "KeyRotationIntervalSeconds": { + "markdownDescription": "Number of seconds before AWS Elemental MediaPackage rotates to a new key. By default, rotation is set to 60 seconds. Set to `0` to disable key rotation.", + "title": "KeyRotationIntervalSeconds", + "type": "number" }, - "Values": { - "items": { - "type": "number" - }, - "markdownDescription": "The values for the integer parameter.", - "title": "Values", - "type": "array" + "SpekeKeyProvider": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.SpekeKeyProvider", + "markdownDescription": "Parameters for the SPEKE key provider.", + "title": "SpekeKeyProvider" } }, "required": [ - "Name", - "Values" + "SpekeKeyProvider" ], "type": "object" }, - "AWS::QuickSight::Analysis.IntegerParameterDeclaration": { + "AWS::MediaPackage::OriginEndpoint.DashPackage": { "additionalProperties": false, "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.IntegerDefaultValues", - "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", - "title": "DefaultValues" + "AdTriggers": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the SCTE-35 message types that AWS Elemental MediaPackage treats as ad markers in the output manifest.\n\nValid values:\n\n- `BREAK`\n- `DISTRIBUTOR_ADVERTISEMENT`\n- `DISTRIBUTOR_OVERLAY_PLACEMENT_OPPORTUNITY` .\n- `DISTRIBUTOR_PLACEMENT_OPPORTUNITY` .\n- `PROVIDER_ADVERTISEMENT` .\n- `PROVIDER_OVERLAY_PLACEMENT_OPPORTUNITY` .\n- `PROVIDER_PLACEMENT_OPPORTUNITY` .\n- `SPLICE_INSERT` .", + "title": "AdTriggers", + "type": "array" }, - "MappedDataSetParameters": { + "AdsOnDeliveryRestrictions": { + "markdownDescription": "The flags on SCTE-35 segmentation descriptors that have to be present for AWS Elemental MediaPackage to insert ad markers in the output manifest. For information about SCTE-35 in AWS Elemental MediaPackage , see [SCTE-35 Message Options in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/ug/scte.html) .", + "title": "AdsOnDeliveryRestrictions", + "type": "string" + }, + "Encryption": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.DashEncryption", + "markdownDescription": "Parameters for encrypting content.", + "title": "Encryption" + }, + "IncludeIframeOnlyStream": { + "markdownDescription": "This applies only to stream sets with a single video track. When true, the stream set includes an additional I-frame trick-play only stream, along with the other tracks. If false, this extra stream is not included.", + "title": "IncludeIframeOnlyStream", + "type": "boolean" + }, + "ManifestLayout": { + "markdownDescription": "Determines the position of some tags in the manifest.\n\nValid values:\n\n- `FULL` - Elements like `SegmentTemplate` and `ContentProtection` are included in each `Representation` .\n- `COMPACT` - Duplicate elements are combined and presented at the `AdaptationSet` level.", + "title": "ManifestLayout", + "type": "string" + }, + "ManifestWindowSeconds": { + "markdownDescription": "Time window (in seconds) contained in each manifest.", + "title": "ManifestWindowSeconds", + "type": "number" + }, + "MinBufferTimeSeconds": { + "markdownDescription": "Minimum amount of content (measured in seconds) that a player must keep available in the buffer.", + "title": "MinBufferTimeSeconds", + "type": "number" + }, + "MinUpdatePeriodSeconds": { + "markdownDescription": "Minimum amount of time (in seconds) that the player should wait before requesting updates to the manifest.", + "title": "MinUpdatePeriodSeconds", + "type": "number" + }, + "PeriodTriggers": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MappedDataSetParameter" + "type": "string" }, - "markdownDescription": "", - "title": "MappedDataSetParameters", + "markdownDescription": "Controls whether AWS Elemental MediaPackage produces single-period or multi-period DASH manifests. For more information about periods, see [Multi-period DASH in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/ug/multi-period.html) .\n\nValid values:\n\n- `ADS` - AWS Elemental MediaPackage will produce multi-period DASH manifests. Periods are created based on the SCTE-35 ad markers present in the input manifest.\n- *No value* - AWS Elemental MediaPackage will produce single-period DASH manifests. This is the default setting.", + "title": "PeriodTriggers", "type": "array" }, - "Name": { - "markdownDescription": "The name of the parameter that is being declared.", - "title": "Name", + "Profile": { + "markdownDescription": "The DASH profile for the output.\n\nValid values:\n\n- `NONE` - The output doesn't use a DASH profile.\n- `HBBTV_1_5` - The output is compliant with HbbTV v1.5.\n- `DVB_DASH_2014` - The output is compliant with DVB-DASH 2014.", + "title": "Profile", "type": "string" }, - "ParameterValueType": { - "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", - "title": "ParameterValueType", + "SegmentDurationSeconds": { + "markdownDescription": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source fragment duration.", + "title": "SegmentDurationSeconds", + "type": "number" + }, + "SegmentTemplateFormat": { + "markdownDescription": "Determines the type of variable used in the `media` URL of the `SegmentTemplate` tag in the manifest. Also specifies if segment timeline information is included in `SegmentTimeline` or `SegmentTemplate` .\n\nValid values:\n\n- `NUMBER_WITH_TIMELINE` - The `$Number$` variable is used in the `media` URL. The value of this variable is the sequential number of the segment. A full `SegmentTimeline` object is presented in each `SegmentTemplate` .\n- `NUMBER_WITH_DURATION` - The `$Number$` variable is used in the `media` URL and a `duration` attribute is added to the segment template. The `SegmentTimeline` object is removed from the representation.\n- `TIME_WITH_TIMELINE` - The `$Time$` variable is used in the `media` URL. The value of this variable is the timestamp of when the segment starts. A full `SegmentTimeline` object is presented in each `SegmentTemplate` .", + "title": "SegmentTemplateFormat", "type": "string" }, - "ValueWhenUnset": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.IntegerValueWhenUnsetConfiguration", - "markdownDescription": "A parameter declaration for the `Integer` data type.", - "title": "ValueWhenUnset" - } - }, - "required": [ - "Name", - "ParameterValueType" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.IntegerValueWhenUnsetConfiguration": { - "additionalProperties": false, - "properties": { - "CustomValue": { - "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", - "title": "CustomValue", + "StreamSelection": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.StreamSelection", + "markdownDescription": "Limitations for outputs from the endpoint, based on the video bitrate.", + "title": "StreamSelection" + }, + "SuggestedPresentationDelaySeconds": { + "markdownDescription": "Amount of time (in seconds) that the player should be from the live point at the end of the manifest.", + "title": "SuggestedPresentationDelaySeconds", "type": "number" }, - "ValueWhenUnsetOption": { - "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", - "title": "ValueWhenUnsetOption", + "UtcTiming": { + "markdownDescription": "Determines the type of UTC timing included in the DASH Media Presentation Description (MPD).", + "title": "UtcTiming", + "type": "string" + }, + "UtcTimingUri": { + "markdownDescription": "Specifies the value attribute of the UTC timing field when utcTiming is set to HTTP-ISO or HTTP-HEAD.", + "title": "UtcTimingUri", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ItemsLimitConfiguration": { + "AWS::MediaPackage::OriginEndpoint.EncryptionContractConfiguration": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::MediaPackage::OriginEndpoint.HlsEncryption": { "additionalProperties": false, "properties": { - "ItemsLimit": { - "markdownDescription": "The limit on how many items of a field are showed in the chart. For example, the number of slices that are displayed in a pie chart.", - "title": "ItemsLimit", - "type": "number" + "ConstantInitializationVector": { + "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, used with the key for encrypting blocks.", + "title": "ConstantInitializationVector", + "type": "string" }, - "OtherCategories": { - "markdownDescription": "The `Show other` of an axis in the chart. Choose one of the following options:\n\n- `INCLUDE`\n- `EXCLUDE`", - "title": "OtherCategories", + "EncryptionMethod": { + "markdownDescription": "HLS encryption type.", + "title": "EncryptionMethod", "type": "string" + }, + "KeyRotationIntervalSeconds": { + "markdownDescription": "Number of seconds before AWS Elemental MediaPackage rotates to a new key. By default, rotation is set to 60 seconds. Set to `0` to disable key rotation.", + "title": "KeyRotationIntervalSeconds", + "type": "number" + }, + "RepeatExtXKey": { + "markdownDescription": "Repeat the `EXT-X-KEY` directive for every media segment. This might result in an increase in client requests to the DRM server.", + "title": "RepeatExtXKey", + "type": "boolean" + }, + "SpekeKeyProvider": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.SpekeKeyProvider", + "markdownDescription": "Parameters for the SPEKE key provider.", + "title": "SpekeKeyProvider" } }, + "required": [ + "SpekeKeyProvider" + ], "type": "object" }, - "AWS::QuickSight::Analysis.KPIActualValueConditionalFormatting": { + "AWS::MediaPackage::OriginEndpoint.HlsManifest": { "additionalProperties": false, "properties": { - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting of the actual value's icon.", - "title": "Icon" + "AdMarkers": { + "markdownDescription": "Controls how ad markers are included in the packaged endpoint.\n\nValid values:\n\n- `NONE` - Omits all SCTE-35 ad markers from the output.\n- `PASSTHROUGH` - Creates a copy in the output of the SCTE-35 ad markers (comments) taken directly from the input manifest.\n- `SCTE35_ENHANCED` - Generates ad markers and blackout tags in the output based on the SCTE-35 messages from the input manifest.", + "title": "AdMarkers", + "type": "string" }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the actual value's text color.", - "title": "TextColor" + "AdTriggers": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the SCTE-35 message types that AWS Elemental MediaPackage treats as ad markers in the output manifest.\n\nValid values:\n\n- `BREAK`\n- `DISTRIBUTOR_ADVERTISEMENT`\n- `DISTRIBUTOR_OVERLAY_PLACEMENT_OPPORTUNITY`\n- `DISTRIBUTOR_PLACEMENT_OPPORTUNITY`\n- `PROVIDER_ADVERTISEMENT`\n- `PROVIDER_OVERLAY_PLACEMENT_OPPORTUNITY`\n- `PROVIDER_PLACEMENT_OPPORTUNITY`\n- `SPLICE_INSERT`", + "title": "AdTriggers", + "type": "array" + }, + "AdsOnDeliveryRestrictions": { + "markdownDescription": "The flags on SCTE-35 segmentation descriptors that have to be present for AWS Elemental MediaPackage to insert ad markers in the output manifest. For information about SCTE-35 in AWS Elemental MediaPackage , see [SCTE-35 Message Options in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/ug/scte.html) .", + "title": "AdsOnDeliveryRestrictions", + "type": "string" + }, + "Id": { + "markdownDescription": "The manifest ID is required and must be unique within the OriginEndpoint. The ID can't be changed after the endpoint is created.", + "title": "Id", + "type": "string" + }, + "IncludeIframeOnlyStream": { + "markdownDescription": "Applies to stream sets with a single video track only. When true, the stream set includes an additional I-frame only stream, along with the other tracks. If false, this extra stream is not included.", + "title": "IncludeIframeOnlyStream", + "type": "boolean" + }, + "ManifestName": { + "markdownDescription": "A short string that's appended to the end of the endpoint URL to create a unique path to this endpoint. The manifestName on the HLSManifest object overrides the manifestName that you provided on the originEndpoint object.", + "title": "ManifestName", + "type": "string" + }, + "PlaylistType": { + "markdownDescription": "When specified as either `event` or `vod` , a corresponding `EXT-X-PLAYLIST-TYPE` entry is included in the media playlist. Indicates if the playlist is live-to-VOD content.", + "title": "PlaylistType", + "type": "string" + }, + "PlaylistWindowSeconds": { + "markdownDescription": "Time window (in seconds) contained in each parent manifest.", + "title": "PlaylistWindowSeconds", + "type": "number" + }, + "ProgramDateTimeIntervalSeconds": { + "markdownDescription": "Inserts `EXT-X-PROGRAM-DATE-TIME` tags in the output manifest at the interval that you specify.\n\nIrrespective of this parameter, if any ID3Timed metadata is in the HLS input, it is passed through to the HLS output.\n\nOmit this attribute or enter `0` to indicate that the `EXT-X-PROGRAM-DATE-TIME` tags are not included in the manifest.", + "title": "ProgramDateTimeIntervalSeconds", + "type": "number" + }, + "Url": { + "markdownDescription": "The URL that's used to request this manifest from this endpoint.", + "title": "Url", + "type": "string" } }, + "required": [ + "Id" + ], "type": "object" }, - "AWS::QuickSight::Analysis.KPIComparisonValueConditionalFormatting": { + "AWS::MediaPackage::OriginEndpoint.HlsPackage": { "additionalProperties": false, "properties": { - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting of the comparison value's icon.", - "title": "Icon" + "AdMarkers": { + "markdownDescription": "Controls how ad markers are included in the packaged endpoint.\n\nValid values:\n\n- `NONE` - Omits all SCTE-35 ad markers from the output.\n- `PASSTHROUGH` - Creates a copy in the output of the SCTE-35 ad markers (comments) taken directly from the input manifest.\n- `SCTE35_ENHANCED` - Generates ad markers and blackout tags in the output based on the SCTE-35 messages from the input manifest.", + "title": "AdMarkers", + "type": "string" }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the comparison value's text color.", - "title": "TextColor" + "AdTriggers": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the SCTE-35 message types that AWS Elemental MediaPackage treats as ad markers in the output manifest.\n\nValid values:\n\n- `BREAK`\n- `DISTRIBUTOR_ADVERTISEMENT`\n- `DISTRIBUTOR_OVERLAY_PLACEMENT_OPPORTUNITY`\n- `DISTRIBUTOR_PLACEMENT_OPPORTUNITY`\n- `PROVIDER_ADVERTISEMENT`\n- `PROVIDER_OVERLAY_PLACEMENT_OPPORTUNITY`\n- `PROVIDER_PLACEMENT_OPPORTUNITY`\n- `SPLICE_INSERT`", + "title": "AdTriggers", + "type": "array" + }, + "AdsOnDeliveryRestrictions": { + "markdownDescription": "The flags on SCTE-35 segmentation descriptors that have to be present for AWS Elemental MediaPackage to insert ad markers in the output manifest. For information about SCTE-35 in AWS Elemental MediaPackage , see [SCTE-35 Message Options in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/ug/scte.html) .", + "title": "AdsOnDeliveryRestrictions", + "type": "string" + }, + "Encryption": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.HlsEncryption", + "markdownDescription": "Parameters for encrypting content.", + "title": "Encryption" + }, + "IncludeDvbSubtitles": { + "markdownDescription": "When enabled, MediaPackage passes through digital video broadcasting (DVB) subtitles into the output.", + "title": "IncludeDvbSubtitles", + "type": "boolean" + }, + "IncludeIframeOnlyStream": { + "markdownDescription": "Only applies to stream sets with a single video track. When true, the stream set includes an additional I-frame only stream, along with the other tracks. If false, this extra stream is not included.", + "title": "IncludeIframeOnlyStream", + "type": "boolean" + }, + "PlaylistType": { + "markdownDescription": "When specified as either `event` or `vod` , a corresponding `EXT-X-PLAYLIST-TYPE` entry is included in the media playlist. Indicates if the playlist is live-to-VOD content.", + "title": "PlaylistType", + "type": "string" + }, + "PlaylistWindowSeconds": { + "markdownDescription": "Time window (in seconds) contained in each parent manifest.", + "title": "PlaylistWindowSeconds", + "type": "number" + }, + "ProgramDateTimeIntervalSeconds": { + "markdownDescription": "Inserts `EXT-X-PROGRAM-DATE-TIME` tags in the output manifest at the interval that you specify.\n\nIrrespective of this parameter, if any ID3Timed metadata is in the HLS input, it is passed through to the HLS output.\n\nOmit this attribute or enter `0` to indicate that the `EXT-X-PROGRAM-DATE-TIME` tags are not included in the manifest.", + "title": "ProgramDateTimeIntervalSeconds", + "type": "number" + }, + "SegmentDurationSeconds": { + "markdownDescription": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source fragment duration.", + "title": "SegmentDurationSeconds", + "type": "number" + }, + "StreamSelection": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.StreamSelection", + "markdownDescription": "Limitations for outputs from the endpoint, based on the video bitrate.", + "title": "StreamSelection" + }, + "UseAudioRenditionGroup": { + "markdownDescription": "When true, AWS Elemental MediaPackage bundles all audio tracks in a rendition group. All other tracks in the stream can be used with any audio rendition from the group.", + "title": "UseAudioRenditionGroup", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Analysis.KPIConditionalFormatting": { + "AWS::MediaPackage::OriginEndpoint.MssEncryption": { "additionalProperties": false, "properties": { - "ConditionalFormattingOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIConditionalFormattingOption" - }, - "markdownDescription": "The conditional formatting options of a KPI visual.", - "title": "ConditionalFormattingOptions", - "type": "array" + "SpekeKeyProvider": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.SpekeKeyProvider", + "markdownDescription": "Parameters for the SPEKE key provider.", + "title": "SpekeKeyProvider" } }, + "required": [ + "SpekeKeyProvider" + ], "type": "object" }, - "AWS::QuickSight::Analysis.KPIConditionalFormattingOption": { + "AWS::MediaPackage::OriginEndpoint.MssPackage": { "additionalProperties": false, "properties": { - "ActualValue": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIActualValueConditionalFormatting", - "markdownDescription": "The conditional formatting for the actual value of a KPI visual.", - "title": "ActualValue" + "Encryption": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.MssEncryption", + "markdownDescription": "Parameters for encrypting content.", + "title": "Encryption" }, - "ComparisonValue": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIComparisonValueConditionalFormatting", - "markdownDescription": "The conditional formatting for the comparison value of a KPI visual.", - "title": "ComparisonValue" + "ManifestWindowSeconds": { + "markdownDescription": "Time window (in seconds) contained in each manifest.", + "title": "ManifestWindowSeconds", + "type": "number" }, - "PrimaryValue": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIPrimaryValueConditionalFormatting", - "markdownDescription": "The conditional formatting for the primary value of a KPI visual.", - "title": "PrimaryValue" + "SegmentDurationSeconds": { + "markdownDescription": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source fragment duration.", + "title": "SegmentDurationSeconds", + "type": "number" }, - "ProgressBar": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIProgressBarConditionalFormatting", - "markdownDescription": "The conditional formatting for the progress bar of a KPI visual.", - "title": "ProgressBar" + "StreamSelection": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.StreamSelection", + "markdownDescription": "Limitations for outputs from the endpoint, based on the video bitrate.", + "title": "StreamSelection" } }, "type": "object" }, - "AWS::QuickSight::Analysis.KPIConfiguration": { + "AWS::MediaPackage::OriginEndpoint.SpekeKeyProvider": { "additionalProperties": false, "properties": { - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIFieldWells", - "markdownDescription": "The field well configuration of a KPI visual.", - "title": "FieldWells" + "CertificateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the certificate that you imported to AWS Certificate Manager to add content key encryption to this endpoint. For this feature to work, your DRM key provider must support content key encryption.", + "title": "CertificateArn", + "type": "string" }, - "KPIOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIOptions", - "markdownDescription": "The options that determine the presentation of a KPI visual.", - "title": "KPIOptions" + "EncryptionContractConfiguration": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.EncryptionContractConfiguration", + "markdownDescription": "Use `encryptionContractConfiguration` to configure one or more content encryption keys for your endpoints that use SPEKE Version 2.0. The encryption contract defines which content keys are used to encrypt the audio and video tracks in your stream. To configure the encryption contract, specify which audio and video encryption presets to use.", + "title": "EncryptionContractConfiguration" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPISortConfiguration", - "markdownDescription": "The sort configuration of a KPI visual.", - "title": "SortConfiguration" + "ResourceId": { + "markdownDescription": "Unique identifier for this endpoint, as it is configured in the key provider service.", + "title": "ResourceId", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN for the IAM role that's granted by the key provider to provide access to the key provider API. This role must have a trust policy that allows AWS Elemental MediaPackage to assume the role, and it must have a sufficient permissions policy to allow access to the specific key retrieval URL. Valid format: arn:aws:iam::{accountID}:role/{name}", + "title": "RoleArn", + "type": "string" + }, + "SystemIds": { + "items": { + "type": "string" + }, + "markdownDescription": "List of unique identifiers for the DRM systems to use, as defined in the CPIX specification.", + "title": "SystemIds", + "type": "array" + }, + "Url": { + "markdownDescription": "URL for the key provider\u2019s key retrieval API endpoint. Must start with https://.", + "title": "Url", + "type": "string" } }, + "required": [ + "ResourceId", + "RoleArn", + "SystemIds", + "Url" + ], "type": "object" }, - "AWS::QuickSight::Analysis.KPIFieldWells": { + "AWS::MediaPackage::OriginEndpoint.StreamSelection": { "additionalProperties": false, "properties": { - "TargetValues": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The target value field wells of a KPI visual.", - "title": "TargetValues", - "type": "array" + "MaxVideoBitsPerSecond": { + "markdownDescription": "The upper limit of the bitrates that this endpoint serves. If the video track exceeds this threshold, then AWS Elemental MediaPackage excludes it from output. If you don't specify a value, it defaults to 2147483647 bits per second.", + "title": "MaxVideoBitsPerSecond", + "type": "number" }, - "TrendGroups": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The trend group field wells of a KPI visual.", - "title": "TrendGroups", - "type": "array" + "MinVideoBitsPerSecond": { + "markdownDescription": "The lower limit of the bitrates that this endpoint serves. If the video track is below this threshold, then AWS Elemental MediaPackage excludes it from output. If you don't specify a value, it defaults to 0 bits per second.", + "title": "MinVideoBitsPerSecond", + "type": "number" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The value field wells of a KPI visual.", - "title": "Values", - "type": "array" + "StreamOrder": { + "markdownDescription": "Order in which the different video bitrates are presented to the player.\n\nValid values: `ORIGINAL` , `VIDEO_BITRATE_ASCENDING` , `VIDEO_BITRATE_DESCENDING` .", + "title": "StreamOrder", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.KPIOptions": { + "AWS::MediaPackage::PackagingConfiguration": { "additionalProperties": false, "properties": { - "Comparison": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ComparisonConfiguration", - "markdownDescription": "The comparison configuration of a KPI visual.", - "title": "Comparison" - }, - "PrimaryValueDisplayType": { - "markdownDescription": "The options that determine the primary value display type.", - "title": "PrimaryValueDisplayType", + "Condition": { "type": "string" }, - "PrimaryValueFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", - "markdownDescription": "The options that determine the primary value font configuration.", - "title": "PrimaryValueFontConfiguration" - }, - "ProgressBar": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ProgressBarOptions", - "markdownDescription": "The options that determine the presentation of the progress bar of a KPI visual.", - "title": "ProgressBar" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "SecondaryValue": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SecondaryValueOptions", - "markdownDescription": "The options that determine the presentation of the secondary value of a KPI visual.", - "title": "SecondaryValue" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SecondaryValueFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", - "markdownDescription": "The options that determine the secondary value font configuration.", - "title": "SecondaryValueFontConfiguration" + "Metadata": { + "type": "object" }, - "Sparkline": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPISparklineOptions", - "markdownDescription": "The options that determine the visibility, color, type, and tooltip visibility of the sparkline of a KPI visual.", - "title": "Sparkline" + "Properties": { + "additionalProperties": false, + "properties": { + "CmafPackage": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.CmafPackage", + "markdownDescription": "Parameters for CMAF packaging.", + "title": "CmafPackage" + }, + "DashPackage": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.DashPackage", + "markdownDescription": "Parameters for DASH-ISO packaging.", + "title": "DashPackage" + }, + "HlsPackage": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.HlsPackage", + "markdownDescription": "Parameters for Apple HLS packaging.", + "title": "HlsPackage" + }, + "Id": { + "markdownDescription": "Unique identifier that you assign to the packaging configuration.", + "title": "Id", + "type": "string" + }, + "MssPackage": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.MssPackage", + "markdownDescription": "Parameters for Microsoft Smooth Streaming packaging.", + "title": "MssPackage" + }, + "PackagingGroupId": { + "markdownDescription": "The ID of the packaging group associated with this packaging configuration.", + "title": "PackagingGroupId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to assign to the packaging configuration.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Id", + "PackagingGroupId" + ], + "type": "object" }, - "TrendArrows": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TrendArrowOptions", - "markdownDescription": "The options that determine the presentation of trend arrows in a KPI visual.", - "title": "TrendArrows" + "Type": { + "enum": [ + "AWS::MediaPackage::PackagingConfiguration" + ], + "type": "string" }, - "VisualLayoutOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIVisualLayoutOptions", - "markdownDescription": "The options that determine the layout a KPI visual.", - "title": "VisualLayoutOptions" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.KPIPrimaryValueConditionalFormatting": { + "AWS::MediaPackage::PackagingConfiguration.CmafEncryption": { "additionalProperties": false, "properties": { - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting of the primary value's icon.", - "title": "Icon" - }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the primary value's text color.", - "title": "TextColor" + "SpekeKeyProvider": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.SpekeKeyProvider", + "markdownDescription": "Parameters for the SPEKE key provider.", + "title": "SpekeKeyProvider" } }, + "required": [ + "SpekeKeyProvider" + ], "type": "object" }, - "AWS::QuickSight::Analysis.KPIProgressBarConditionalFormatting": { + "AWS::MediaPackage::PackagingConfiguration.CmafPackage": { "additionalProperties": false, "properties": { - "ForegroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the progress bar's foreground color.", - "title": "ForegroundColor" + "Encryption": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.CmafEncryption", + "markdownDescription": "Parameters for encrypting content.", + "title": "Encryption" + }, + "HlsManifests": { + "items": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.HlsManifest" + }, + "markdownDescription": "A list of HLS manifest configurations that are available from this endpoint.", + "title": "HlsManifests", + "type": "array" + }, + "IncludeEncoderConfigurationInSegments": { + "markdownDescription": "When includeEncoderConfigurationInSegments is set to true, AWS Elemental MediaPackage places your encoder's Sequence Parameter Set (SPS), Picture Parameter Set (PPS), and Video Parameter Set (VPS) metadata in every video segment instead of in the init fragment. This lets you use different SPS/PPS/VPS settings for your assets during content playback.", + "title": "IncludeEncoderConfigurationInSegments", + "type": "boolean" + }, + "SegmentDurationSeconds": { + "markdownDescription": "Duration (in seconds) of each segment. Actual segments are rounded to the nearest multiple of the source fragment duration.", + "title": "SegmentDurationSeconds", + "type": "number" } }, + "required": [ + "HlsManifests" + ], "type": "object" }, - "AWS::QuickSight::Analysis.KPISortConfiguration": { + "AWS::MediaPackage::PackagingConfiguration.DashEncryption": { "additionalProperties": false, "properties": { - "TrendGroupSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the trend group fields.", - "title": "TrendGroupSort", - "type": "array" + "SpekeKeyProvider": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.SpekeKeyProvider", + "markdownDescription": "Parameters for the SPEKE key provider.", + "title": "SpekeKeyProvider" } }, + "required": [ + "SpekeKeyProvider" + ], "type": "object" }, - "AWS::QuickSight::Analysis.KPISparklineOptions": { + "AWS::MediaPackage::PackagingConfiguration.DashManifest": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The color of the sparkline.", - "title": "Color", + "ManifestLayout": { + "markdownDescription": "Determines the position of some tags in the Media Presentation Description (MPD). When set to `FULL` , elements like `SegmentTemplate` and `ContentProtection` are included in each `Representation` . When set to `COMPACT` , duplicate elements are combined and presented at the AdaptationSet level.", + "title": "ManifestLayout", "type": "string" }, - "TooltipVisibility": { - "markdownDescription": "The tooltip visibility of the sparkline.", - "title": "TooltipVisibility", + "ManifestName": { + "markdownDescription": "A short string that's appended to the end of the endpoint URL to create a unique path to this packaging configuration.", + "title": "ManifestName", "type": "string" }, - "Type": { - "markdownDescription": "The type of the sparkline.", - "title": "Type", + "MinBufferTimeSeconds": { + "markdownDescription": "Minimum amount of content (measured in seconds) that a player must keep available in the buffer.", + "title": "MinBufferTimeSeconds", + "type": "number" + }, + "Profile": { + "markdownDescription": "The DASH profile type. When set to `HBBTV_1_5` , the content is compliant with HbbTV 1.5.", + "title": "Profile", "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the sparkline.", - "title": "Visibility", + "ScteMarkersSource": { + "markdownDescription": "The source of scte markers used.\n\nValue description:\n\n- `SEGMENTS` - The scte markers are sourced from the segments of the ingested content.\n- `MANIFEST` - the scte markers are sourced from the manifest of the ingested content. The MANIFEST value is compatible with source HLS playlists using the SCTE-35 Enhanced syntax ( `EXT-OATCLS-SCTE35` tags). SCTE-35 Elemental and SCTE-35 Daterange syntaxes are not supported with this option.", + "title": "ScteMarkersSource", "type": "string" + }, + "StreamSelection": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.StreamSelection", + "markdownDescription": "Limitations for outputs from the endpoint, based on the video bitrate.", + "title": "StreamSelection" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::QuickSight::Analysis.KPIVisual": { + "AWS::MediaPackage::PackagingConfiguration.DashPackage": { "additionalProperties": false, "properties": { - "Actions": { + "DashManifests": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.DashManifest" }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", + "markdownDescription": "A list of DASH manifest configurations that are available from this endpoint.", + "title": "DashManifests", "type": "array" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIConfiguration", - "markdownDescription": "The configuration of a KPI visual.", - "title": "ChartConfiguration" + "Encryption": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.DashEncryption", + "markdownDescription": "Parameters for encrypting content.", + "title": "Encryption" }, - "ColumnHierarchies": { + "IncludeEncoderConfigurationInSegments": { + "markdownDescription": "When includeEncoderConfigurationInSegments is set to true, AWS Elemental MediaPackage places your encoder's Sequence Parameter Set (SPS), Picture Parameter Set (PPS), and Video Parameter Set (VPS) metadata in every video segment instead of in the init fragment. This lets you use different SPS/PPS/VPS settings for your assets during content playback.", + "title": "IncludeEncoderConfigurationInSegments", + "type": "boolean" + }, + "IncludeIframeOnlyStream": { + "markdownDescription": "This applies only to stream sets with a single video track. When true, the stream set includes an additional I-frame trick-play only stream, along with the other tracks. If false, this extra stream is not included.", + "title": "IncludeIframeOnlyStream", + "type": "boolean" + }, + "PeriodTriggers": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" + "type": "string" }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", + "markdownDescription": "Controls whether AWS Elemental MediaPackage produces single-period or multi-period DASH manifests. For more information about periods, see [Multi-period DASH in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/ug/multi-period.html) .\n\nValid values:\n\n- `ADS` - AWS Elemental MediaPackage will produce multi-period DASH manifests. Periods are created based on the SCTE-35 ad markers present in the input manifest.\n- *No value* - AWS Elemental MediaPackage will produce single-period DASH manifests. This is the default setting.", + "title": "PeriodTriggers", "type": "array" }, - "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIConditionalFormatting", - "markdownDescription": "The conditional formatting of a KPI visual.", - "title": "ConditionalFormatting" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "SegmentDurationSeconds": { + "markdownDescription": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source segment duration.", + "title": "SegmentDurationSeconds", + "type": "number" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "SegmentTemplateFormat": { + "markdownDescription": "Determines the type of SegmentTemplate included in the Media Presentation Description (MPD). When set to `NUMBER_WITH_TIMELINE` , a full timeline is presented in each SegmentTemplate, with $Number$ media URLs. When set to `TIME_WITH_TIMELINE` , a full timeline is presented in each SegmentTemplate, with $Time$ media URLs. When set to `NUMBER_WITH_DURATION` , only a duration is included in each SegmentTemplate, with $Number$ media URLs.", + "title": "SegmentTemplateFormat", "type": "string" } }, "required": [ - "VisualId" + "DashManifests" ], "type": "object" }, - "AWS::QuickSight::Analysis.KPIVisualLayoutOptions": { + "AWS::MediaPackage::PackagingConfiguration.EncryptionContractConfiguration": { "additionalProperties": false, "properties": { - "StandardLayout": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIVisualStandardLayout", - "markdownDescription": "The standard layout of the KPI visual.", - "title": "StandardLayout" + "PresetSpeke20Audio": { + "markdownDescription": "A collection of audio encryption presets.\n\nValue description:\n\n- `PRESET-AUDIO-1` - Use one content key to encrypt all of the audio tracks in your stream.\n- `PRESET-AUDIO-2` - Use one content key to encrypt all of the stereo audio tracks and one content key to encrypt all of the multichannel audio tracks.\n- `PRESET-AUDIO-3` - Use one content key to encrypt all of the stereo audio tracks, one content key to encrypt all of the multichannel audio tracks with 3 to 6 channels, and one content key to encrypt all of the multichannel audio tracks with more than 6 channels.\n- `SHARED` - Use the same content key for all of the audio and video tracks in your stream.\n- `UNENCRYPTED` - Don't encrypt any of the audio tracks in your stream.", + "title": "PresetSpeke20Audio", + "type": "string" + }, + "PresetSpeke20Video": { + "markdownDescription": "A collection of video encryption presets.\n\nValue description:\n\n- `PRESET-VIDEO-1` - Use one content key to encrypt all of the video tracks in your stream.\n- `PRESET-VIDEO-2` - Use one content key to encrypt all of the SD video tracks and one content key for all HD and higher resolutions video tracks.\n- `PRESET-VIDEO-3` - Use one content key to encrypt all of the SD video tracks, one content key for HD video tracks and one content key for all UHD video tracks.\n- `PRESET-VIDEO-4` - Use one content key to encrypt all of the SD video tracks, one content key for HD video tracks, one content key for all UHD1 video tracks and one content key for all UHD2 video tracks.\n- `PRESET-VIDEO-5` - Use one content key to encrypt all of the SD video tracks, one content key for HD1 video tracks, one content key for HD2 video tracks, one content key for all UHD1 video tracks and one content key for all UHD2 video tracks.\n- `PRESET-VIDEO-6` - Use one content key to encrypt all of the SD video tracks, one content key for HD1 video tracks, one content key for HD2 video tracks and one content key for all UHD video tracks.\n- `PRESET-VIDEO-7` - Use one content key to encrypt all of the SD+HD1 video tracks, one content key for HD2 video tracks and one content key for all UHD video tracks.\n- `PRESET-VIDEO-8` - Use one content key to encrypt all of the SD+HD1 video tracks, one content key for HD2 video tracks, one content key for all UHD1 video tracks and one content key for all UHD2 video tracks.\n- `SHARED` - Use the same content key for all of the video and audio tracks in your stream.\n- `UNENCRYPTED` - Don't encrypt any of the video tracks in your stream.", + "title": "PresetSpeke20Video", + "type": "string" } }, + "required": [ + "PresetSpeke20Audio", + "PresetSpeke20Video" + ], "type": "object" }, - "AWS::QuickSight::Analysis.KPIVisualStandardLayout": { + "AWS::MediaPackage::PackagingConfiguration.HlsEncryption": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The standard layout type.", - "title": "Type", + "ConstantInitializationVector": { + "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, used with the key for encrypting blocks. If you don't specify a constant initialization vector (IV), AWS Elemental MediaPackage periodically rotates the IV.", + "title": "ConstantInitializationVector", "type": "string" + }, + "EncryptionMethod": { + "markdownDescription": "HLS encryption type.", + "title": "EncryptionMethod", + "type": "string" + }, + "SpekeKeyProvider": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.SpekeKeyProvider", + "markdownDescription": "Parameters for the SPEKE key provider.", + "title": "SpekeKeyProvider" } }, "required": [ - "Type" + "SpekeKeyProvider" ], "type": "object" }, - "AWS::QuickSight::Analysis.LabelOptions": { + "AWS::MediaPackage::PackagingConfiguration.HlsManifest": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The text for the label.", - "title": "CustomLabel", + "AdMarkers": { + "markdownDescription": "This setting controls ad markers in the packaged content.\n\nValid values:\n\n- `NONE` - Omits all SCTE-35 ad markers from the output.\n- `PASSTHROUGH` - Creates a copy in the output of the SCTE-35 ad markers (comments) taken directly from the input manifest.\n- `SCTE35_ENHANCED` - Generates ad markers and blackout tags in the output based on the SCTE-35 messages from the input manifest.", + "title": "AdMarkers", "type": "string" }, - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", - "markdownDescription": "The font configuration of the label.", - "title": "FontConfiguration" + "IncludeIframeOnlyStream": { + "markdownDescription": "Applies to stream sets with a single video track only. When enabled, the output includes an additional I-frame only stream, along with the other tracks.", + "title": "IncludeIframeOnlyStream", + "type": "boolean" }, - "Visibility": { - "markdownDescription": "Determines whether or not the label is visible.", - "title": "Visibility", + "ManifestName": { + "markdownDescription": "A short string that's appended to the end of the endpoint URL to create a unique path to this packaging configuration.", + "title": "ManifestName", "type": "string" + }, + "ProgramDateTimeIntervalSeconds": { + "markdownDescription": "Inserts `EXT-X-PROGRAM-DATE-TIME` tags in the output manifest at the interval that you specify.\n\nIrrespective of this parameter, if any ID3Timed metadata is in the HLS input, it is passed through to the HLS output.\n\nOmit this attribute or enter `0` to indicate that the `EXT-X-PROGRAM-DATE-TIME` tags are not included in the manifest.", + "title": "ProgramDateTimeIntervalSeconds", + "type": "number" + }, + "RepeatExtXKey": { + "markdownDescription": "Repeat the `EXT-X-KEY` directive for every media segment. This might result in an increase in client requests to the DRM server.", + "title": "RepeatExtXKey", + "type": "boolean" + }, + "StreamSelection": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.StreamSelection", + "markdownDescription": "Video bitrate limitations for outputs from this packaging configuration.", + "title": "StreamSelection" } }, "type": "object" }, - "AWS::QuickSight::Analysis.Layout": { + "AWS::MediaPackage::PackagingConfiguration.HlsPackage": { "additionalProperties": false, "properties": { - "Configuration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LayoutConfiguration", - "markdownDescription": "The configuration that determines what the type of layout for a sheet.", - "title": "Configuration" + "Encryption": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.HlsEncryption", + "markdownDescription": "Parameters for encrypting content.", + "title": "Encryption" + }, + "HlsManifests": { + "items": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.HlsManifest" + }, + "markdownDescription": "A list of HLS manifest configurations that are available from this endpoint.", + "title": "HlsManifests", + "type": "array" + }, + "IncludeDvbSubtitles": { + "markdownDescription": "When enabled, MediaPackage passes through digital video broadcasting (DVB) subtitles into the output.", + "title": "IncludeDvbSubtitles", + "type": "boolean" + }, + "SegmentDurationSeconds": { + "markdownDescription": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source fragment duration.", + "title": "SegmentDurationSeconds", + "type": "number" + }, + "UseAudioRenditionGroup": { + "markdownDescription": "When true, AWS Elemental MediaPackage bundles all audio tracks in a rendition group. All other tracks in the stream can be used with any audio rendition from the group.", + "title": "UseAudioRenditionGroup", + "type": "boolean" } }, "required": [ - "Configuration" + "HlsManifests" ], "type": "object" }, - "AWS::QuickSight::Analysis.LayoutConfiguration": { + "AWS::MediaPackage::PackagingConfiguration.MssEncryption": { "additionalProperties": false, "properties": { - "FreeFormLayout": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutConfiguration", - "markdownDescription": "A free-form is optimized for a fixed width and has more control over the exact placement of layout elements.", - "title": "FreeFormLayout" - }, - "GridLayout": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GridLayoutConfiguration", - "markdownDescription": "A type of layout that can be used on a sheet. In a grid layout, visuals snap to a grid with standard spacing and alignment. Dashboards are displayed as designed, with options to fit to screen or view at actual size. A grid layout can be configured to behave in one of two ways when the viewport is resized: `FIXED` or `RESPONSIVE` .", - "title": "GridLayout" - }, - "SectionBasedLayout": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionBasedLayoutConfiguration", - "markdownDescription": "A section based layout organizes visuals into multiple sections and has customized header, footer and page break.", - "title": "SectionBasedLayout" + "SpekeKeyProvider": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.SpekeKeyProvider", + "markdownDescription": "Parameters for the SPEKE key provider.", + "title": "SpekeKeyProvider" } }, + "required": [ + "SpekeKeyProvider" + ], "type": "object" }, - "AWS::QuickSight::Analysis.LegendOptions": { + "AWS::MediaPackage::PackagingConfiguration.MssManifest": { "additionalProperties": false, "properties": { - "Height": { - "markdownDescription": "The height of the legend. If this value is omitted, a default height is used when rendering.", - "title": "Height", - "type": "string" - }, - "Position": { - "markdownDescription": "The positions for the legend. Choose one of the following options:\n\n- `AUTO`\n- `RIGHT`\n- `BOTTOM`\n- `LEFT`", - "title": "Position", - "type": "string" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", - "markdownDescription": "The custom title for the legend.", - "title": "Title" - }, - "Visibility": { - "markdownDescription": "Determines whether or not the legend is visible.", - "title": "Visibility", + "ManifestName": { + "markdownDescription": "A short string that's appended to the end of the endpoint URL to create a unique path to this packaging configuration.", + "title": "ManifestName", "type": "string" }, - "Width": { - "markdownDescription": "The width of the legend. If this value is omitted, a default width is used when rendering.", - "title": "Width", - "type": "string" + "StreamSelection": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.StreamSelection", + "markdownDescription": "Video bitrate limitations for outputs from this packaging configuration.", + "title": "StreamSelection" } }, "type": "object" }, - "AWS::QuickSight::Analysis.LineChartAggregatedFieldWells": { + "AWS::MediaPackage::PackagingConfiguration.MssPackage": { "additionalProperties": false, "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The category field wells of a line chart. Values are grouped by category fields.", - "title": "Category", - "type": "array" - }, - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The color field wells of a line chart. Values are grouped by category fields.", - "title": "Colors", - "type": "array" + "Encryption": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.MssEncryption", + "markdownDescription": "Parameters for encrypting content.", + "title": "Encryption" }, - "SmallMultiples": { + "MssManifests": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.MssManifest" }, - "markdownDescription": "The small multiples field well of a line chart.", - "title": "SmallMultiples", + "markdownDescription": "A list of Microsoft Smooth manifest configurations that are available from this endpoint.", + "title": "MssManifests", "type": "array" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The value field wells of a line chart. Values are aggregated based on categories.", - "title": "Values", - "type": "array" + "SegmentDurationSeconds": { + "markdownDescription": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source fragment duration.", + "title": "SegmentDurationSeconds", + "type": "number" } }, + "required": [ + "MssManifests" + ], "type": "object" }, - "AWS::QuickSight::Analysis.LineChartConfiguration": { + "AWS::MediaPackage::PackagingConfiguration.SpekeKeyProvider": { "additionalProperties": false, "properties": { - "ContributionAnalysisDefaults": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ContributionAnalysisDefault" - }, - "markdownDescription": "The default configuration of a line chart's contribution analysis.", - "title": "ContributionAnalysisDefaults", - "type": "array" - }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", - "markdownDescription": "The data label configuration of a line chart.", - "title": "DataLabels" - }, - "DefaultSeriesSettings": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartDefaultSeriesSettings", - "markdownDescription": "The options that determine the default presentation of all line series in `LineChartVisual` .", - "title": "DefaultSeriesSettings" + "EncryptionContractConfiguration": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.EncryptionContractConfiguration", + "markdownDescription": "Use `encryptionContractConfiguration` to configure one or more content encryption keys for your endpoints that use SPEKE Version 2.0. The encryption contract defines which content keys are used to encrypt the audio and video tracks in your stream. To configure the encryption contract, specify which audio and video encryption presets to use.", + "title": "EncryptionContractConfiguration" }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartFieldWells", - "markdownDescription": "The field well configuration of a line chart.", - "title": "FieldWells" + "RoleArn": { + "markdownDescription": "The ARN for the IAM role that's granted by the key provider to provide access to the key provider API. Valid format: arn:aws:iam::{accountID}:role/{name}", + "title": "RoleArn", + "type": "string" }, - "ForecastConfigurations": { + "SystemIds": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ForecastConfiguration" + "type": "string" }, - "markdownDescription": "The forecast configuration of a line chart.", - "title": "ForecastConfigurations", + "markdownDescription": "List of unique identifiers for the DRM systems to use, as defined in the CPIX specification.", + "title": "SystemIds", "type": "array" }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", - "markdownDescription": "The legend configuration of a line chart.", - "title": "Legend" - }, - "PrimaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineSeriesAxisDisplayOptions", - "markdownDescription": "The series axis configuration of a line chart.", - "title": "PrimaryYAxisDisplayOptions" + "Url": { + "markdownDescription": "URL for the key provider's key retrieval API endpoint. Must start with https://.", + "title": "Url", + "type": "string" + } + }, + "required": [ + "RoleArn", + "SystemIds", + "Url" + ], + "type": "object" + }, + "AWS::MediaPackage::PackagingConfiguration.StreamSelection": { + "additionalProperties": false, + "properties": { + "MaxVideoBitsPerSecond": { + "markdownDescription": "The upper limit of the bitrates that this endpoint serves. If the video track exceeds this threshold, then AWS Elemental MediaPackage excludes it from output. If you don't specify a value, it defaults to 2147483647 bits per second.", + "title": "MaxVideoBitsPerSecond", + "type": "number" }, - "PrimaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the y-axis label.", - "title": "PrimaryYAxisLabelOptions" + "MinVideoBitsPerSecond": { + "markdownDescription": "The lower limit of the bitrates that this endpoint serves. If the video track is below this threshold, then AWS Elemental MediaPackage excludes it from output. If you don't specify a value, it defaults to 0 bits per second.", + "title": "MinVideoBitsPerSecond", + "type": "number" }, - "ReferenceLines": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLine" - }, - "markdownDescription": "The reference lines configuration of a line chart.", - "title": "ReferenceLines", - "type": "array" + "StreamOrder": { + "markdownDescription": "Order in which the different video bitrates are presented to the player.\n\nValid values: `ORIGINAL` , `VIDEO_BITRATE_ASCENDING` , `VIDEO_BITRATE_DESCENDING` .", + "title": "StreamOrder", + "type": "string" + } + }, + "type": "object" + }, + "AWS::MediaPackage::PackagingGroup": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" }, - "SecondaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineSeriesAxisDisplayOptions", - "markdownDescription": "The series axis configuration of a line chart.", - "title": "SecondaryYAxisDisplayOptions" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "SecondaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the secondary y-axis label.", - "title": "SecondaryYAxisLabelOptions" - }, - "Series": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SeriesItem" - }, - "markdownDescription": "The series item configuration of a line chart.", - "title": "Series", - "type": "array" - }, - "SmallMultiplesOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SmallMultiplesOptions", - "markdownDescription": "The small multiples setup for the visual.", - "title": "SmallMultiplesOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartSortConfiguration", - "markdownDescription": "The sort configuration of a line chart.", - "title": "SortConfiguration" + "Metadata": { + "type": "object" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", - "markdownDescription": "The tooltip configuration of a line chart.", - "title": "Tooltip" + "Properties": { + "additionalProperties": false, + "properties": { + "Authorization": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingGroup.Authorization", + "markdownDescription": "Parameters for CDN authorization.", + "title": "Authorization" + }, + "EgressAccessLogs": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingGroup.LogConfiguration", + "markdownDescription": "The configuration parameters for egress access logging.", + "title": "EgressAccessLogs" + }, + "Id": { + "markdownDescription": "Unique identifier that you assign to the packaging group.", + "title": "Id", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to assign to the packaging group.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Id" + ], + "type": "object" }, "Type": { - "markdownDescription": "Determines the type of the line chart.", - "title": "Type", + "enum": [ + "AWS::MediaPackage::PackagingGroup" + ], "type": "string" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", - "markdownDescription": "The visual palette configuration of a line chart.", - "title": "VisualPalette" - }, - "XAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the x-axis.", - "title": "XAxisDisplayOptions" - }, - "XAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the x-axis label.", - "title": "XAxisLabelOptions" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.LineChartDefaultSeriesSettings": { + "AWS::MediaPackage::PackagingGroup.Authorization": { "additionalProperties": false, "properties": { - "AxisBinding": { - "markdownDescription": "The axis to which you are binding all line series to.", - "title": "AxisBinding", + "CdnIdentifierSecret": { + "markdownDescription": "The Amazon Resource Name (ARN) for the secret in AWS Secrets Manager that is used for CDN authorization.", + "title": "CdnIdentifierSecret", "type": "string" }, - "LineStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartLineStyleSettings", - "markdownDescription": "Line styles options for all line series in the visual.", - "title": "LineStyleSettings" - }, - "MarkerStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartMarkerStyleSettings", - "markdownDescription": "Marker styles options for all line series in the visual.", - "title": "MarkerStyleSettings" + "SecretsRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the IAM role that allows AWS Elemental MediaPackage to communicate with AWS Secrets Manager .", + "title": "SecretsRoleArn", + "type": "string" } }, + "required": [ + "CdnIdentifierSecret", + "SecretsRoleArn" + ], "type": "object" }, - "AWS::QuickSight::Analysis.LineChartFieldWells": { + "AWS::MediaPackage::PackagingGroup.LogConfiguration": { "additionalProperties": false, "properties": { - "LineChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartAggregatedFieldWells", - "markdownDescription": "The field well configuration of a line chart.", - "title": "LineChartAggregatedFieldWells" + "LogGroupName": { + "markdownDescription": "Sets a custom Amazon CloudWatch log group name for egress logs. If a log group name isn't specified, the default name is used: /aws/MediaPackage/EgressAccessLogs.", + "title": "LogGroupName", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.LineChartLineStyleSettings": { + "AWS::MediaPackageV2::Channel": { "additionalProperties": false, "properties": { - "LineInterpolation": { - "markdownDescription": "Interpolation style for line series.\n\n- `LINEAR` : Show as default, linear style.\n- `SMOOTH` : Show as a smooth curve.\n- `STEPPED` : Show steps in line.", - "title": "LineInterpolation", + "Condition": { "type": "string" }, - "LineStyle": { - "markdownDescription": "Line style for line series.\n\n- `SOLID` : Show as a solid line.\n- `DOTTED` : Show as a dotted line.\n- `DASHED` : Show as a dashed line.", - "title": "LineStyle", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "LineVisibility": { - "markdownDescription": "Configuration option that determines whether to show the line for the series.", - "title": "LineVisibility", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ChannelGroupName": { + "markdownDescription": "The name of the channel group associated with the channel configuration.", + "title": "ChannelGroupName", + "type": "string" + }, + "ChannelName": { + "markdownDescription": "The name of the channel.", + "title": "ChannelName", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the channel.", + "title": "Description", + "type": "string" + }, + "InputSwitchConfiguration": { + "$ref": "#/definitions/AWS::MediaPackageV2::Channel.InputSwitchConfiguration", + "markdownDescription": "The configuration for input switching based on the media quality confidence score (MQCS) as provided from AWS Elemental MediaLive.", + "title": "InputSwitchConfiguration" + }, + "InputType": { + "markdownDescription": "The input type will be an immutable field which will be used to define whether the channel will allow CMAF ingest or HLS ingest. If unprovided, it will default to HLS to preserve current behavior.\n\nThe allowed values are:\n\n- `HLS` - The HLS streaming specification (which defines M3U8 manifests and TS segments).\n- `CMAF` - The DASH-IF CMAF Ingest specification (which defines CMAF segments with optional DASH manifests).", + "title": "InputType", + "type": "string" + }, + "OutputHeaderConfiguration": { + "$ref": "#/definitions/AWS::MediaPackageV2::Channel.OutputHeaderConfiguration", + "markdownDescription": "The settings for what common media server data (CMSD) headers AWS Elemental MediaPackage includes in responses to the CDN.", + "title": "OutputHeaderConfiguration" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "ChannelGroupName", + "ChannelName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaPackageV2::Channel" + ], "type": "string" }, - "LineWidth": { - "markdownDescription": "Width that determines the line thickness.", - "title": "LineWidth", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.LineChartMarkerStyleSettings": { + "AWS::MediaPackageV2::Channel.IngestEndpoint": { "additionalProperties": false, "properties": { - "MarkerColor": { - "markdownDescription": "Color of marker in the series.", - "title": "MarkerColor", - "type": "string" - }, - "MarkerShape": { - "markdownDescription": "Shape option for markers in the series.\n\n- `CIRCLE` : Show marker as a circle.\n- `TRIANGLE` : Show marker as a triangle.\n- `SQUARE` : Show marker as a square.\n- `DIAMOND` : Show marker as a diamond.\n- `ROUNDED_SQUARE` : Show marker as a rounded square.", - "title": "MarkerShape", - "type": "string" - }, - "MarkerSize": { - "markdownDescription": "Size of marker in the series.", - "title": "MarkerSize", + "Id": { + "markdownDescription": "The identifier associated with the ingest endpoint of the channel.", + "title": "Id", "type": "string" }, - "MarkerVisibility": { - "markdownDescription": "Configuration option that determines whether to show the markers in the series.", - "title": "MarkerVisibility", + "Url": { + "markdownDescription": "The URL associated with the ingest endpoint of the channel.", + "title": "Url", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.LineChartSeriesSettings": { + "AWS::MediaPackageV2::Channel.InputSwitchConfiguration": { "additionalProperties": false, "properties": { - "LineStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartLineStyleSettings", - "markdownDescription": "Line styles options for a line series in `LineChartVisual` .", - "title": "LineStyleSettings" - }, - "MarkerStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartMarkerStyleSettings", - "markdownDescription": "Marker styles options for a line series in `LineChartVisual` .", - "title": "MarkerStyleSettings" + "MQCSInputSwitching": { + "markdownDescription": "When true, AWS Elemental MediaPackage performs input switching based on the MQCS. Default is true. This setting is valid only when `InputType` is `CMAF` .", + "title": "MQCSInputSwitching", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Analysis.LineChartSortConfiguration": { + "AWS::MediaPackageV2::Channel.OutputHeaderConfiguration": { "additionalProperties": false, "properties": { - "CategoryItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of categories that are displayed in a line chart.", - "title": "CategoryItemsLimitConfiguration" + "PublishMQCS": { + "markdownDescription": "When true, AWS Elemental MediaPackage includes the MQCS in responses to the CDN. This setting is valid only when `InputType` is `CMAF` .", + "title": "PublishMQCS", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::MediaPackageV2::ChannelGroup": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the category fields.", - "title": "CategorySort", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ColorItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of lines that are displayed in a line chart.", - "title": "ColorItemsLimitConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SmallMultiplesLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of small multiples panels that are displayed.", - "title": "SmallMultiplesLimitConfiguration" + "Metadata": { + "type": "object" }, - "SmallMultiplesSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + "Properties": { + "additionalProperties": false, + "properties": { + "ChannelGroupName": { + "markdownDescription": "The name of the channel group.", + "title": "ChannelGroupName", + "type": "string" + }, + "Description": { + "markdownDescription": "The configuration for a MediaPackage V2 channel group.", + "title": "Description", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags associated with the channel group.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The sort configuration of the small multiples field.", - "title": "SmallMultiplesSort", - "type": "array" + "required": [ + "ChannelGroupName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaPackageV2::ChannelGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.LineChartVisual": { + "AWS::MediaPackageV2::ChannelPolicy": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartConfiguration", - "markdownDescription": "The configuration of a line chart.", - "title": "ChartConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Metadata": { + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Properties": { + "additionalProperties": false, + "properties": { + "ChannelGroupName": { + "markdownDescription": "The name of the channel group associated with the channel policy.", + "title": "ChannelGroupName", + "type": "string" + }, + "ChannelName": { + "markdownDescription": "The name of the channel associated with the channel policy.", + "title": "ChannelName", + "type": "string" + }, + "Policy": { + "markdownDescription": "The policy associated with the channel.", + "title": "Policy", + "type": "object" + } + }, + "required": [ + "ChannelGroupName", + "ChannelName", + "Policy" + ], + "type": "object" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "Type": { + "enum": [ + "AWS::MediaPackageV2::ChannelPolicy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.LineSeriesAxisDisplayOptions": { + "AWS::MediaPackageV2::OriginEndpoint": { "additionalProperties": false, "properties": { - "AxisOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the line series axis.", - "title": "AxisOptions" + "Condition": { + "type": "string" }, - "MissingDataConfigurations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MissingDataConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ChannelGroupName": { + "markdownDescription": "The name of the channel group associated with the origin endpoint configuration.", + "title": "ChannelGroupName", + "type": "string" + }, + "ChannelName": { + "markdownDescription": "The channel name associated with the origin endpoint.", + "title": "ChannelName", + "type": "string" + }, + "ContainerType": { + "markdownDescription": "The container type associated with the origin endpoint configuration.", + "title": "ContainerType", + "type": "string" + }, + "DashManifests": { + "items": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.DashManifestConfiguration" + }, + "markdownDescription": "A DASH manifest configuration.", + "title": "DashManifests", + "type": "array" + }, + "Description": { + "markdownDescription": "The description associated with the origin endpoint.", + "title": "Description", + "type": "string" + }, + "ForceEndpointErrorConfiguration": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.ForceEndpointErrorConfiguration", + "markdownDescription": "The failover settings for the endpoint.", + "title": "ForceEndpointErrorConfiguration" + }, + "HlsManifests": { + "items": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.HlsManifestConfiguration" + }, + "markdownDescription": "The HLS manifests associated with the origin endpoint configuration.", + "title": "HlsManifests", + "type": "array" + }, + "LowLatencyHlsManifests": { + "items": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.LowLatencyHlsManifestConfiguration" + }, + "markdownDescription": "The low-latency HLS (LL-HLS) manifests associated with the origin endpoint.", + "title": "LowLatencyHlsManifests", + "type": "array" + }, + "OriginEndpointName": { + "markdownDescription": "The name of the origin endpoint associated with the origin endpoint configuration.", + "title": "OriginEndpointName", + "type": "string" + }, + "Segment": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.Segment", + "markdownDescription": "The segment associated with the origin endpoint.", + "title": "Segment" + }, + "StartoverWindowSeconds": { + "markdownDescription": "The size of the window (in seconds) to specify a window of the live stream that's available for on-demand viewing. Viewers can start-over or catch-up on content that falls within the window.", + "title": "StartoverWindowSeconds", + "type": "number" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags associated with the origin endpoint.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The configuration options that determine how missing data is treated during the rendering of a line chart.", - "title": "MissingDataConfigurations", - "type": "array" + "required": [ + "ChannelGroupName", + "ChannelName", + "ContainerType", + "OriginEndpointName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaPackageV2::OriginEndpoint" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.ListControlDisplayOptions": { + "AWS::MediaPackageV2::OriginEndpoint.DashBaseUrl": { "additionalProperties": false, "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" + "DvbPriority": { + "markdownDescription": "For use with DVB-DASH profiles only. The priority of this location for servings segments. The lower the number, the higher the priority.", + "title": "DvbPriority", + "type": "number" }, - "SearchOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ListControlSearchOptions", - "markdownDescription": "The configuration of the search options in a list control.", - "title": "SearchOptions" + "DvbWeight": { + "markdownDescription": "For use with DVB-DASH profiles only. The weighting for source locations that have the same priority.", + "title": "DvbWeight", + "type": "number" }, - "SelectAllOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ListControlSelectAllOptions", - "markdownDescription": "The configuration of the `Select all` options in a list control.", - "title": "SelectAllOptions" + "ServiceLocation": { + "markdownDescription": "The name of the source location.", + "title": "ServiceLocation", + "type": "string" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" + "Url": { + "markdownDescription": "A source location for segments.", + "title": "Url", + "type": "string" } }, + "required": [ + "Url" + ], "type": "object" }, - "AWS::QuickSight::Analysis.ListControlSearchOptions": { + "AWS::MediaPackageV2::OriginEndpoint.DashDvbFontDownload": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility configuration of the search options in a list control.", - "title": "Visibility", + "FontFamily": { + "markdownDescription": "The `fontFamily` name for subtitles, as described in [EBU-TT-D Subtitling Distribution Format](https://docs.aws.amazon.com/https://tech.ebu.ch/publications/tech3380) .", + "title": "FontFamily", + "type": "string" + }, + "MimeType": { + "markdownDescription": "The `mimeType` of the resource that's at the font download URL.\n\nFor information about font MIME types, see the [MPEG-DASH Profile for Transport of ISO BMFF Based DVB Services over IP Based Networks](https://docs.aws.amazon.com/https://dvb.org/wp-content/uploads/2021/06/A168r4_MPEG-DASH-Profile-for-Transport-of-ISO-BMFF-Based-DVB-Services_Draft-ts_103-285-v140_November_2021.pdf) document.", + "title": "MimeType", + "type": "string" + }, + "Url": { + "markdownDescription": "The URL for downloading fonts for subtitles.", + "title": "Url", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ListControlSelectAllOptions": { + "AWS::MediaPackageV2::OriginEndpoint.DashDvbMetricsReporting": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility configuration of the `Select all` options in a list control.", - "title": "Visibility", + "Probability": { + "markdownDescription": "The number of playback devices per 1000 that will send error reports to the reporting URL. This represents the probability that a playback device will be a reporting player for this session.", + "title": "Probability", + "type": "number" + }, + "ReportingUrl": { + "markdownDescription": "The URL where playback devices send error reports.", + "title": "ReportingUrl", "type": "string" } }, + "required": [ + "ReportingUrl" + ], "type": "object" }, - "AWS::QuickSight::Analysis.LoadingAnimation": { + "AWS::MediaPackageV2::OriginEndpoint.DashDvbSettings": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility configuration of `LoadingAnimation` .", - "title": "Visibility", - "type": "string" + "ErrorMetrics": { + "items": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.DashDvbMetricsReporting" + }, + "markdownDescription": "Playback device error reporting settings.", + "title": "ErrorMetrics", + "type": "array" + }, + "FontDownload": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.DashDvbFontDownload", + "markdownDescription": "Subtitle font settings.", + "title": "FontDownload" } }, "type": "object" }, - "AWS::QuickSight::Analysis.LocalNavigationConfiguration": { + "AWS::MediaPackageV2::OriginEndpoint.DashManifestConfiguration": { "additionalProperties": false, "properties": { - "TargetSheetId": { - "markdownDescription": "The sheet that is targeted for navigation in the same analysis.", - "title": "TargetSheetId", + "BaseUrls": { + "items": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.DashBaseUrl" + }, + "markdownDescription": "The base URLs to use for retrieving segments.", + "title": "BaseUrls", + "type": "array" + }, + "Compactness": { + "markdownDescription": "The layout of the DASH manifest that MediaPackage produces. `STANDARD` indicates a default manifest, which is compacted. `NONE` indicates a full manifest.\n\nFor information about compactness, see [DASH manifest compactness](https://docs.aws.amazon.com/mediapackage/latest/userguide/compacted.html) in the *AWS Elemental MediaPackage v2 User Guide* .", + "title": "Compactness", + "type": "string" + }, + "DrmSignaling": { + "markdownDescription": "Determines how the DASH manifest signals the DRM content.", + "title": "DrmSignaling", + "type": "string" + }, + "DvbSettings": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.DashDvbSettings", + "markdownDescription": "For endpoints that use the DVB-DASH profile only. The font download and error reporting information that you want MediaPackage to pass through to the manifest.", + "title": "DvbSettings" + }, + "FilterConfiguration": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.FilterConfiguration", + "markdownDescription": "Filter configuration includes settings for manifest filtering, start and end times, and time delay that apply to all of your egress requests for this manifest.", + "title": "FilterConfiguration" + }, + "ManifestName": { + "markdownDescription": "A short string that's appended to the endpoint URL. The child manifest name creates a unique path to this endpoint.", + "title": "ManifestName", + "type": "string" + }, + "ManifestWindowSeconds": { + "markdownDescription": "The total duration (in seconds) of the manifest's content.", + "title": "ManifestWindowSeconds", + "type": "number" + }, + "MinBufferTimeSeconds": { + "markdownDescription": "Minimum amount of content (in seconds) that a player must keep available in the buffer.", + "title": "MinBufferTimeSeconds", + "type": "number" + }, + "MinUpdatePeriodSeconds": { + "markdownDescription": "Minimum amount of time (in seconds) that the player should wait before requesting updates to the manifest.", + "title": "MinUpdatePeriodSeconds", + "type": "number" + }, + "PeriodTriggers": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of triggers that controls when AWS Elemental MediaPackage separates the MPEG-DASH manifest into multiple periods. Type `ADS` to indicate that AWS Elemental MediaPackage must create periods in the output manifest that correspond to SCTE-35 ad markers in the input source. Leave this value empty to indicate that the manifest is contained all in one period. For more information about periods in the DASH manifest, see [Multi-period DASH in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/userguide/multi-period.html) .", + "title": "PeriodTriggers", + "type": "array" + }, + "Profiles": { + "items": { + "type": "string" + }, + "markdownDescription": "The profile that the output is compliant with.", + "title": "Profiles", + "type": "array" + }, + "ProgramInformation": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.DashProgramInformation", + "markdownDescription": "Details about the content that you want MediaPackage to pass through in the manifest to the playback device.", + "title": "ProgramInformation" + }, + "ScteDash": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.ScteDash", + "markdownDescription": "The SCTE configuration.", + "title": "ScteDash" + }, + "SegmentTemplateFormat": { + "markdownDescription": "Determines the type of variable used in the `media` URL of the `SegmentTemplate` tag in the manifest. Also specifies if segment timeline information is included in `SegmentTimeline` or `SegmentTemplate` .\n\nValue description:\n\n- `NUMBER_WITH_TIMELINE` - The `$Number$` variable is used in the `media` URL. The value of this variable is the sequential number of the segment. A full `SegmentTimeline` object is presented in each `SegmentTemplate` .", + "title": "SegmentTemplateFormat", "type": "string" + }, + "SubtitleConfiguration": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.DashSubtitleConfiguration", + "markdownDescription": "The configuration for DASH subtitles.", + "title": "SubtitleConfiguration" + }, + "SuggestedPresentationDelaySeconds": { + "markdownDescription": "The amount of time (in seconds) that the player should be from the end of the manifest.", + "title": "SuggestedPresentationDelaySeconds", + "type": "number" + }, + "UtcTiming": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.DashUtcTiming", + "markdownDescription": "Determines the type of UTC timing included in the DASH Media Presentation Description (MPD).", + "title": "UtcTiming" } }, "required": [ - "TargetSheetId" + "ManifestName" ], "type": "object" }, - "AWS::QuickSight::Analysis.LongFormatText": { + "AWS::MediaPackageV2::OriginEndpoint.DashProgramInformation": { "additionalProperties": false, "properties": { - "PlainText": { - "markdownDescription": "Plain text format.", - "title": "PlainText", + "Copyright": { + "markdownDescription": "A copyright statement about the content.", + "title": "Copyright", "type": "string" }, - "RichText": { - "markdownDescription": "Rich text. Examples of rich text include bold, underline, and italics.", - "title": "RichText", + "LanguageCode": { + "markdownDescription": "The language code for this manifest.", + "title": "LanguageCode", + "type": "string" + }, + "MoreInformationUrl": { + "markdownDescription": "An absolute URL that contains more information about this content.", + "title": "MoreInformationUrl", + "type": "string" + }, + "Source": { + "markdownDescription": "Information about the content provider.", + "title": "Source", + "type": "string" + }, + "Title": { + "markdownDescription": "The title for the manifest.", + "title": "Title", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.MappedDataSetParameter": { + "AWS::MediaPackageV2::OriginEndpoint.DashSubtitleConfiguration": { "additionalProperties": false, "properties": { - "DataSetIdentifier": { - "markdownDescription": "A unique name that identifies a dataset within the analysis or dashboard.", - "title": "DataSetIdentifier", - "type": "string" - }, - "DataSetParameterName": { - "markdownDescription": "The name of the dataset parameter.", - "title": "DataSetParameterName", - "type": "string" + "TtmlConfiguration": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.DashTtmlConfiguration", + "markdownDescription": "Settings for TTML subtitles.", + "title": "TtmlConfiguration" } }, - "required": [ - "DataSetIdentifier", - "DataSetParameterName" - ], "type": "object" }, - "AWS::QuickSight::Analysis.MaximumLabelType": { + "AWS::MediaPackageV2::OriginEndpoint.DashTtmlConfiguration": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility of the maximum label.", - "title": "Visibility", + "TtmlProfile": { + "markdownDescription": "The profile that MediaPackage uses when signaling subtitles in the manifest. `IMSC` is the default profile. `EBU-TT-D` produces subtitles that are compliant with the EBU-TT-D TTML profile. MediaPackage passes through subtitle styles to the manifest. For more information about EBU-TT-D subtitles, see [EBU-TT-D Subtitling Distribution Format](https://docs.aws.amazon.com/https://tech.ebu.ch/publications/tech3380) .", + "title": "TtmlProfile", "type": "string" } }, + "required": [ + "TtmlProfile" + ], "type": "object" }, - "AWS::QuickSight::Analysis.MaximumMinimumComputation": { + "AWS::MediaPackageV2::OriginEndpoint.DashUtcTiming": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "TimingMode": { + "markdownDescription": "The UTC timing mode.", + "title": "TimingMode", "type": "string" }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" - }, - "Type": { - "markdownDescription": "The type of computation. Choose one of the following options:\n\n- MAXIMUM: A maximum computation.\n- MINIMUM: A minimum computation.", - "title": "Type", + "TimingSource": { + "markdownDescription": "The the method that the player uses to synchronize to coordinated universal time (UTC) wall clock time.", + "title": "TimingSource", "type": "string" - }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" } }, - "required": [ - "ComputationId", - "Type" - ], "type": "object" }, - "AWS::QuickSight::Analysis.MeasureField": { + "AWS::MediaPackageV2::OriginEndpoint.Encryption": { "additionalProperties": false, "properties": { - "CalculatedMeasureField": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CalculatedMeasureField", - "markdownDescription": "The calculated measure field only used in pivot tables.", - "title": "CalculatedMeasureField" + "ConstantInitializationVector": { + "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, used in conjunction with the key for encrypting content. If you don't specify a value, then MediaPackage creates the constant initialization vector (IV).", + "title": "ConstantInitializationVector", + "type": "string" }, - "CategoricalMeasureField": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CategoricalMeasureField", - "markdownDescription": "The measure type field with categorical type columns.", - "title": "CategoricalMeasureField" + "EncryptionMethod": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.EncryptionMethod", + "markdownDescription": "The encryption method to use.", + "title": "EncryptionMethod" }, - "DateMeasureField": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateMeasureField", - "markdownDescription": "The measure type field with date type columns.", - "title": "DateMeasureField" + "KeyRotationIntervalSeconds": { + "markdownDescription": "The interval, in seconds, to rotate encryption keys for the origin endpoint.", + "title": "KeyRotationIntervalSeconds", + "type": "number" }, - "NumericalMeasureField": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericalMeasureField", - "markdownDescription": "The measure type field with numerical type columns.", - "title": "NumericalMeasureField" + "SpekeKeyProvider": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.SpekeKeyProvider", + "markdownDescription": "The SPEKE key provider to use for encryption.", + "title": "SpekeKeyProvider" } }, + "required": [ + "EncryptionMethod", + "SpekeKeyProvider" + ], "type": "object" }, - "AWS::QuickSight::Analysis.MetricComparisonComputation": { + "AWS::MediaPackageV2::OriginEndpoint.EncryptionContractConfiguration": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", + "PresetSpeke20Audio": { + "markdownDescription": "A collection of audio encryption presets.\n\nValue description:\n\n- `PRESET-AUDIO-1` - Use one content key to encrypt all of the audio tracks in your stream.\n- `PRESET-AUDIO-2` - Use one content key to encrypt all of the stereo audio tracks and one content key to encrypt all of the multichannel audio tracks.\n- `PRESET-AUDIO-3` - Use one content key to encrypt all of the stereo audio tracks, one content key to encrypt all of the multichannel audio tracks with 3 to 6 channels, and one content key to encrypt all of the multichannel audio tracks with more than 6 channels.\n- `SHARED` - Use the same content key for all of the audio and video tracks in your stream.\n- `UNENCRYPTED` - Don't encrypt any of the audio tracks in your stream.", + "title": "PresetSpeke20Audio", "type": "string" }, - "FromValue": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", - "markdownDescription": "The field that is used in a metric comparison from value setup.", - "title": "FromValue" - }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "PresetSpeke20Video": { + "markdownDescription": "The SPEKE Version 2.0 preset video associated with the encryption contract configuration of the origin endpoint.\n\nA collection of video encryption presets.\n\nValue description:\n\n- `PRESET-VIDEO-1` - Use one content key to encrypt all of the video tracks in your stream.\n- `PRESET-VIDEO-2` - Use one content key to encrypt all of the SD video tracks and one content key for all HD and higher resolutions video tracks.\n- `PRESET-VIDEO-3` - Use one content key to encrypt all of the SD video tracks, one content key for HD video tracks and one content key for all UHD video tracks.\n- `PRESET-VIDEO-4` - Use one content key to encrypt all of the SD video tracks, one content key for HD video tracks, one content key for all UHD1 video tracks and one content key for all UHD2 video tracks.\n- `PRESET-VIDEO-5` - Use one content key to encrypt all of the SD video tracks, one content key for HD1 video tracks, one content key for HD2 video tracks, one content key for all UHD1 video tracks and one content key for all UHD2 video tracks.\n- `PRESET-VIDEO-6` - Use one content key to encrypt all of the SD video tracks, one content key for HD1 video tracks, one content key for HD2 video tracks and one content key for all UHD video tracks.\n- `PRESET-VIDEO-7` - Use one content key to encrypt all of the SD+HD1 video tracks, one content key for HD2 video tracks and one content key for all UHD video tracks.\n- `PRESET-VIDEO-8` - Use one content key to encrypt all of the SD+HD1 video tracks, one content key for HD2 video tracks, one content key for all UHD1 video tracks and one content key for all UHD2 video tracks.\n- `SHARED` - Use the same content key for all of the video and audio tracks in your stream.\n- `UNENCRYPTED` - Don't encrypt any of the video tracks in your stream.", + "title": "PresetSpeke20Video", "type": "string" - }, - "TargetValue": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", - "markdownDescription": "The field that is used in a metric comparison to value setup.", - "title": "TargetValue" - }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" } }, "required": [ - "ComputationId" + "PresetSpeke20Audio", + "PresetSpeke20Video" ], "type": "object" }, - "AWS::QuickSight::Analysis.MinimumLabelType": { + "AWS::MediaPackageV2::OriginEndpoint.EncryptionMethod": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility of the minimum label.", - "title": "Visibility", + "CmafEncryptionMethod": { + "markdownDescription": "The encryption method to use.", + "title": "CmafEncryptionMethod", + "type": "string" + }, + "TsEncryptionMethod": { + "markdownDescription": "The encryption method to use.", + "title": "TsEncryptionMethod", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.MissingDataConfiguration": { + "AWS::MediaPackageV2::OriginEndpoint.FilterConfiguration": { "additionalProperties": false, "properties": { - "TreatmentOption": { - "markdownDescription": "The treatment option that determines how missing data should be rendered. Choose from the following options:\n\n- `INTERPOLATE` : Interpolate missing values between the prior and the next known value.\n- `SHOW_AS_ZERO` : Show missing values as the value `0` .\n- `SHOW_AS_BLANK` : Display a blank space when rendering missing data.", - "title": "TreatmentOption", + "ClipStartTime": { + "markdownDescription": "Optionally specify the clip start time for all of your manifest egress requests. When you include clip start time, note that you cannot use clip start time query parameters for this manifest's endpoint URL.", + "title": "ClipStartTime", + "type": "string" + }, + "End": { + "markdownDescription": "Optionally specify the end time for all of your manifest egress requests. When you include end time, note that you cannot use end time query parameters for this manifest's endpoint URL.", + "title": "End", + "type": "string" + }, + "ManifestFilter": { + "markdownDescription": "Optionally specify one or more manifest filters for all of your manifest egress requests. When you include a manifest filter, note that you cannot use an identical manifest filter query parameter for this manifest's endpoint URL.", + "title": "ManifestFilter", + "type": "string" + }, + "Start": { + "markdownDescription": "Optionally specify the start time for all of your manifest egress requests. When you include start time, note that you cannot use start time query parameters for this manifest's endpoint URL.", + "title": "Start", "type": "string" + }, + "TimeDelaySeconds": { + "markdownDescription": "Optionally specify the time delay for all of your manifest egress requests. Enter a value that is smaller than your endpoint's startover window. When you include time delay, note that you cannot use time delay query parameters for this manifest's endpoint URL.", + "title": "TimeDelaySeconds", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.NegativeValueConfiguration": { + "AWS::MediaPackageV2::OriginEndpoint.ForceEndpointErrorConfiguration": { "additionalProperties": false, "properties": { - "DisplayMode": { - "markdownDescription": "Determines the display mode of the negative value configuration.", - "title": "DisplayMode", - "type": "string" + "EndpointErrorConditions": { + "items": { + "type": "string" + }, + "markdownDescription": "The failover conditions for the endpoint. The options are:\n\n- `STALE_MANIFEST` - The manifest stalled and there are no new segments or parts.\n- `INCOMPLETE_MANIFEST` - There is a gap in the manifest.\n- `MISSING_DRM_KEY` - Key rotation is enabled but we're unable to fetch the key for the current key period.\n- `SLATE_INPUT` - The segments which contain slate content are considered to be missing content.", + "title": "EndpointErrorConditions", + "type": "array" } }, - "required": [ - "DisplayMode" - ], "type": "object" }, - "AWS::QuickSight::Analysis.NullValueFormatConfiguration": { + "AWS::MediaPackageV2::OriginEndpoint.HlsManifestConfiguration": { "additionalProperties": false, "properties": { - "NullString": { - "markdownDescription": "Determines the null string of null values.", - "title": "NullString", + "ChildManifestName": { + "markdownDescription": "The name of the child manifest associated with the HLS manifest configuration.", + "title": "ChildManifestName", + "type": "string" + }, + "FilterConfiguration": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.FilterConfiguration", + "markdownDescription": "Filter configuration includes settings for manifest filtering, start and end times, and time delay that apply to all of your egress requests for this manifest.", + "title": "FilterConfiguration" + }, + "ManifestName": { + "markdownDescription": "The name of the manifest associated with the HLS manifest configuration.", + "title": "ManifestName", + "type": "string" + }, + "ManifestWindowSeconds": { + "markdownDescription": "The duration of the manifest window, in seconds, for the HLS manifest configuration.", + "title": "ManifestWindowSeconds", + "type": "number" + }, + "ProgramDateTimeIntervalSeconds": { + "markdownDescription": "The `EXT-X-PROGRAM-DATE-TIME` interval, in seconds, associated with the HLS manifest configuration.", + "title": "ProgramDateTimeIntervalSeconds", + "type": "number" + }, + "ScteHls": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.ScteHls", + "markdownDescription": "THE SCTE-35 HLS configuration associated with the HLS manifest configuration.", + "title": "ScteHls" + }, + "StartTag": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.StartTag", + "markdownDescription": "To insert an EXT-X-START tag in your HLS playlist, specify a StartTag configuration object with a valid TimeOffset. When you do, you can also optionally specify whether to include a PRECISE value in the EXT-X-START tag.", + "title": "StartTag" + }, + "Url": { + "markdownDescription": "The URL of the HLS manifest configuration.", + "title": "Url", "type": "string" + }, + "UrlEncodeChildManifest": { + "markdownDescription": "When enabled, MediaPackage URL-encodes the query string for API requests for HLS child manifests to comply with AWS Signature Version 4 (SigV4) signature signing protocol. For more information, see [AWS Signature Version 4 for API requests](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_sigv.html) in *AWS Identity and Access Management User Guide* .", + "title": "UrlEncodeChildManifest", + "type": "boolean" } }, "required": [ - "NullString" + "ManifestName" ], "type": "object" }, - "AWS::QuickSight::Analysis.NumberDisplayFormatConfiguration": { + "AWS::MediaPackageV2::OriginEndpoint.LowLatencyHlsManifestConfiguration": { "additionalProperties": false, "properties": { - "DecimalPlacesConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalPlacesConfiguration", - "markdownDescription": "The option that determines the decimal places configuration.", - "title": "DecimalPlacesConfiguration" - }, - "NegativeValueConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NegativeValueConfiguration", - "markdownDescription": "The options that determine the negative value configuration.", - "title": "NegativeValueConfiguration" + "ChildManifestName": { + "markdownDescription": "The name of the child manifest associated with the low-latency HLS (LL-HLS) manifest configuration of the origin endpoint.", + "title": "ChildManifestName", + "type": "string" }, - "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NullValueFormatConfiguration", - "markdownDescription": "The options that determine the null value format configuration.", - "title": "NullValueFormatConfiguration" + "FilterConfiguration": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.FilterConfiguration", + "markdownDescription": "Filter configuration includes settings for manifest filtering, start and end times, and time delay that apply to all of your egress requests for this manifest.", + "title": "FilterConfiguration" }, - "NumberScale": { - "markdownDescription": "Determines the number scale value of the number format.", - "title": "NumberScale", + "ManifestName": { + "markdownDescription": "A short string that's appended to the endpoint URL. The manifest name creates a unique path to this endpoint. If you don't enter a value, MediaPackage uses the default manifest name, `index` . MediaPackage automatically inserts the format extension, such as `.m3u8` . You can't use the same manifest name if you use HLS manifest and low-latency HLS manifest. The `manifestName` on the `HLSManifest` object overrides the `manifestName` you provided on the `originEndpoint` object.", + "title": "ManifestName", "type": "string" }, - "Prefix": { - "markdownDescription": "Determines the prefix value of the number format.", - "title": "Prefix", - "type": "string" + "ManifestWindowSeconds": { + "markdownDescription": "The total duration (in seconds) of the manifest's content.", + "title": "ManifestWindowSeconds", + "type": "number" }, - "SeparatorConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericSeparatorConfiguration", - "markdownDescription": "The options that determine the numeric separator configuration.", - "title": "SeparatorConfiguration" + "ProgramDateTimeIntervalSeconds": { + "markdownDescription": "Inserts `EXT-X-PROGRAM-DATE-TIME` tags in the output manifest at the interval that you specify. If you don't enter an interval, `EXT-X-PROGRAM-DATE-TIME` tags aren't included in the manifest. The tags sync the stream to the wall clock so that viewers can seek to a specific time in the playback timeline on the player.\n\nIrrespective of this parameter, if any `ID3Timed` metadata is in the HLS input, MediaPackage passes through that metadata to the HLS output.", + "title": "ProgramDateTimeIntervalSeconds", + "type": "number" }, - "Suffix": { - "markdownDescription": "Determines the suffix value of the number format.", - "title": "Suffix", + "ScteHls": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.ScteHls", + "markdownDescription": "The SCTE-35 HLS configuration associated with the low-latency HLS (LL-HLS) manifest configuration of the origin endpoint.", + "title": "ScteHls" + }, + "StartTag": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.StartTag", + "markdownDescription": "To insert an EXT-X-START tag in your HLS playlist, specify a StartTag configuration object with a valid TimeOffset. When you do, you can also optionally specify whether to include a PRECISE value in the EXT-X-START tag.", + "title": "StartTag" + }, + "Url": { + "markdownDescription": "The URL of the low-latency HLS (LL-HLS) manifest configuration of the origin endpoint.", + "title": "Url", "type": "string" + }, + "UrlEncodeChildManifest": { + "markdownDescription": "When enabled, MediaPackage URL-encodes the query string for API requests for LL-HLS child manifests to comply with AWS Signature Version 4 (SigV4) signature signing protocol. For more information, see [AWS Signature Version 4 for API requests](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_sigv.html) in *AWS Identity and Access Management User Guide* .", + "title": "UrlEncodeChildManifest", + "type": "boolean" } }, + "required": [ + "ManifestName" + ], "type": "object" }, - "AWS::QuickSight::Analysis.NumberFormatConfiguration": { + "AWS::MediaPackageV2::OriginEndpoint.Scte": { "additionalProperties": false, "properties": { - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericFormatConfiguration", - "markdownDescription": "The options that determine the numeric format configuration.", - "title": "FormatConfiguration" + "ScteFilter": { + "items": { + "type": "string" + }, + "markdownDescription": "The filter associated with the SCTE-35 configuration.", + "title": "ScteFilter", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.NumericAxisOptions": { + "AWS::MediaPackageV2::OriginEndpoint.ScteDash": { "additionalProperties": false, "properties": { - "Range": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayRange", - "markdownDescription": "The range setup of a numeric axis.", - "title": "Range" - }, - "Scale": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisScale", - "markdownDescription": "The scale setup of a numeric axis.", - "title": "Scale" + "AdMarkerDash": { + "markdownDescription": "Choose how ad markers are included in the packaged content. If you include ad markers in the content stream in your upstream encoders, then you need to inform MediaPackage what to do with the ad markers in the output.\n\nValue description:\n\n- `Binary` - The SCTE-35 marker is expressed as a hex-string (Base64 string) rather than full XML.\n- `XML` - The SCTE marker is expressed fully in XML.", + "title": "AdMarkerDash", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.NumericEqualityDrillDownFilter": { + "AWS::MediaPackageV2::OriginEndpoint.ScteHls": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "Value": { - "markdownDescription": "The value of the double input numeric drill down filter.", - "title": "Value", - "type": "number" + "AdMarkerHls": { + "markdownDescription": "The SCTE-35 HLS ad-marker configuration.", + "title": "AdMarkerHls", + "type": "string" } }, - "required": [ - "Column", - "Value" - ], "type": "object" }, - "AWS::QuickSight::Analysis.NumericEqualityFilter": { + "AWS::MediaPackageV2::OriginEndpoint.Segment": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationFunction", - "markdownDescription": "The aggregation function of the filter.", - "title": "AggregationFunction" + "Encryption": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.Encryption", + "markdownDescription": "Whether to use encryption for the segment.", + "title": "Encryption" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" + "IncludeIframeOnlyStreams": { + "markdownDescription": "Whether the segment includes I-frame-only streams.", + "title": "IncludeIframeOnlyStreams", + "type": "boolean" }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" + "Scte": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.Scte", + "markdownDescription": "The SCTE-35 configuration associated with the segment.", + "title": "Scte" }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", - "type": "string" + "SegmentDurationSeconds": { + "markdownDescription": "The duration of the segment, in seconds.", + "title": "SegmentDurationSeconds", + "type": "number" }, - "MatchOperator": { - "markdownDescription": "The match operator that is used to determine if a filter should be applied.", - "title": "MatchOperator", + "SegmentName": { + "markdownDescription": "The name of the segment associated with the origin endpoint.", + "title": "SegmentName", "type": "string" }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", - "type": "string" + "TsIncludeDvbSubtitles": { + "markdownDescription": "Whether the segment includes DVB subtitles.", + "title": "TsIncludeDvbSubtitles", + "type": "boolean" }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.", - "title": "ParameterName", + "TsUseAudioRenditionGroup": { + "markdownDescription": "Whether the segment is an audio rendition group.", + "title": "TsUseAudioRenditionGroup", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::MediaPackageV2::OriginEndpoint.SpekeKeyProvider": { + "additionalProperties": false, + "properties": { + "DrmSystems": { + "items": { + "type": "string" + }, + "markdownDescription": "The DRM solution provider you're using to protect your content during distribution.", + "title": "DrmSystems", + "type": "array" + }, + "EncryptionContractConfiguration": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.EncryptionContractConfiguration", + "markdownDescription": "The encryption contract configuration associated with the SPEKE key provider.", + "title": "EncryptionContractConfiguration" + }, + "ResourceId": { + "markdownDescription": "The unique identifier for the content. The service sends this identifier to the key server to identify the current endpoint. How unique you make this identifier depends on how fine-grained you want access controls to be. The service does not permit you to use the same ID for two simultaneous encryption processes. The resource ID is also known as the content ID.\n\nThe following example shows a resource ID: `MovieNight20171126093045`", + "title": "ResourceId", "type": "string" }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", + "RoleArn": { + "markdownDescription": "The ARN for the IAM role granted by the key provider that provides access to the key provider API. This role must have a trust policy that allows MediaPackage to assume the role, and it must have a sufficient permissions policy to allow access to the specific key retrieval URL. Get this from your DRM solution provider.\n\nValid format: `arn:aws:iam::{accountID}:role/{name}` . The following example shows a role ARN: `arn:aws:iam::444455556666:role/SpekeAccess`", + "title": "RoleArn", "type": "string" }, - "Value": { - "markdownDescription": "The input value.", - "title": "Value", - "type": "number" + "Url": { + "markdownDescription": "The URL of the SPEKE key provider.", + "title": "Url", + "type": "string" } }, "required": [ - "Column", - "FilterId", - "MatchOperator", - "NullOption" + "DrmSystems", + "EncryptionContractConfiguration", + "ResourceId", + "RoleArn", + "Url" ], "type": "object" }, - "AWS::QuickSight::Analysis.NumericFormatConfiguration": { + "AWS::MediaPackageV2::OriginEndpoint.StartTag": { "additionalProperties": false, "properties": { - "CurrencyDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CurrencyDisplayFormatConfiguration", - "markdownDescription": "The options that determine the currency display format configuration.", - "title": "CurrencyDisplayFormatConfiguration" - }, - "NumberDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumberDisplayFormatConfiguration", - "markdownDescription": "The options that determine the number display format configuration.", - "title": "NumberDisplayFormatConfiguration" + "Precise": { + "markdownDescription": "Specify the value for PRECISE within your EXT-X-START tag. Leave blank, or choose false, to use the default value NO. Choose yes to use the value YES.", + "title": "Precise", + "type": "boolean" }, - "PercentageDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PercentageDisplayFormatConfiguration", - "markdownDescription": "The options that determine the percentage display format configuration.", - "title": "PercentageDisplayFormatConfiguration" + "TimeOffset": { + "markdownDescription": "Specify the value for TIME-OFFSET within your EXT-X-START tag. Enter a signed floating point value which, if positive, must be less than the configured manifest duration minus three times the configured segment target duration. If negative, the absolute value must be larger than three times the configured segment target duration, and the absolute value must be smaller than the configured manifest duration.", + "title": "TimeOffset", + "type": "number" } }, + "required": [ + "TimeOffset" + ], "type": "object" }, - "AWS::QuickSight::Analysis.NumericRangeFilter": { + "AWS::MediaPackageV2::OriginEndpointPolicy": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationFunction", - "markdownDescription": "The aggregation function of the filter.", - "title": "AggregationFunction" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" - }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", + "Condition": { "type": "string" }, - "IncludeMaximum": { - "markdownDescription": "Determines whether the maximum value in the filter value range should be included in the filtered results.", - "title": "IncludeMaximum", - "type": "boolean" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "IncludeMinimum": { - "markdownDescription": "Determines whether the minimum value in the filter value range should be included in the filtered results.", - "title": "IncludeMinimum", - "type": "boolean" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", - "type": "string" + "Metadata": { + "type": "object" }, - "RangeMaximum": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericRangeFilterValue", - "markdownDescription": "The maximum value for the filter value range.", - "title": "RangeMaximum" + "Properties": { + "additionalProperties": false, + "properties": { + "ChannelGroupName": { + "markdownDescription": "The name of the channel group associated with the origin endpoint policy.", + "title": "ChannelGroupName", + "type": "string" + }, + "ChannelName": { + "markdownDescription": "The channel name associated with the origin endpoint policy.", + "title": "ChannelName", + "type": "string" + }, + "OriginEndpointName": { + "markdownDescription": "The name of the origin endpoint associated with the origin endpoint policy.", + "title": "OriginEndpointName", + "type": "string" + }, + "Policy": { + "markdownDescription": "The policy associated with the origin endpoint.", + "title": "Policy", + "type": "object" + } + }, + "required": [ + "ChannelGroupName", + "ChannelName", + "OriginEndpointName", + "Policy" + ], + "type": "object" }, - "RangeMinimum": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericRangeFilterValue", - "markdownDescription": "The minimum value for the filter value range.", - "title": "RangeMinimum" + "Type": { + "enum": [ + "AWS::MediaPackageV2::OriginEndpointPolicy" + ], + "type": "string" }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Column", - "FilterId", - "NullOption" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.NumericRangeFilterValue": { + "AWS::MediaStore::Container": { "additionalProperties": false, "properties": { - "Parameter": { - "markdownDescription": "The parameter that is used in the numeric range.", - "title": "Parameter", + "Condition": { "type": "string" }, - "StaticValue": { - "markdownDescription": "The static value of the numeric range filter.", - "title": "StaticValue", - "type": "number" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.NumericSeparatorConfiguration": { - "additionalProperties": false, - "properties": { - "DecimalSeparator": { - "markdownDescription": "Determines the decimal separator.", - "title": "DecimalSeparator", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ThousandsSeparator": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ThousandSeparatorOptions", - "markdownDescription": "The options that determine the thousands separator configuration.", - "title": "ThousandsSeparator" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.NumericalAggregationFunction": { - "additionalProperties": false, - "properties": { - "PercentileAggregation": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PercentileAggregation", - "markdownDescription": "An aggregation based on the percentile of values in a dimension or measure.", - "title": "PercentileAggregation" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SimpleNumericalAggregation": { - "markdownDescription": "Built-in aggregation functions for numerical values.\n\n- `SUM` : The sum of a dimension or measure.\n- `AVERAGE` : The average of a dimension or measure.\n- `MIN` : The minimum value of a dimension or measure.\n- `MAX` : The maximum value of a dimension or measure.\n- `COUNT` : The count of a dimension or measure.\n- `DISTINCT_COUNT` : The count of distinct values in a dimension or measure.\n- `VAR` : The variance of a dimension or measure.\n- `VARP` : The partitioned variance of a dimension or measure.\n- `STDEV` : The standard deviation of a dimension or measure.\n- `STDEVP` : The partitioned standard deviation of a dimension or measure.\n- `MEDIAN` : The median value of a dimension or measure.", - "title": "SimpleNumericalAggregation", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AccessLoggingEnabled": { + "markdownDescription": "The state of access logging on the container. This value is `false` by default, indicating that AWS Elemental MediaStore does not send access logs to Amazon CloudWatch Logs. When you enable access logging on the container, MediaStore changes this value to `true` , indicating that the service delivers access logs for objects stored in that container to CloudWatch Logs.", + "title": "AccessLoggingEnabled", + "type": "boolean" + }, + "ContainerName": { + "markdownDescription": "The name for the container. The name must be from 1 to 255 characters. Container names must be unique to your AWS account within a specific region. As an example, you could create a container named `movies` in every region, as long as you don\u2019t have an existing container with that name.", + "title": "ContainerName", + "type": "string" + }, + "CorsPolicy": { + "items": { + "$ref": "#/definitions/AWS::MediaStore::Container.CorsRule" + }, + "markdownDescription": "> End of support notice: On November 13, 2025, AWS will discontinue support for AWS Elemental MediaStore. After November 13, 2025, you will no longer be able to access the AWS Elemental MediaStore console or AWS Elemental MediaStore resources. For more information, visit this [blog post](https://docs.aws.amazon.com/media/support-for-aws-elemental-mediastore-ending-soon/) . \n\nSets the cross-origin resource sharing (CORS) configuration on a container so that the container can service cross-origin requests. For example, you might want to enable a request whose origin is http://www.example.com to access your AWS Elemental MediaStore container at my.example.container.com by using the browser's XMLHttpRequest capability.\n\nTo enable CORS on a container, you attach a CORS policy to the container. In the CORS policy, you configure rules that identify origins and the HTTP methods that can be executed on your container. The policy can contain up to 398,000 characters. You can add up to 100 rules to a CORS policy. If more than one rule applies, the service uses the first applicable rule listed.\n\nTo learn more about CORS, see [Cross-Origin Resource Sharing (CORS) in AWS Elemental MediaStore](https://docs.aws.amazon.com/mediastore/latest/ug/cors-policy.html) .", + "title": "CorsPolicy", + "type": "array" + }, + "LifecyclePolicy": { + "markdownDescription": "> End of support notice: On November 13, 2025, AWS will discontinue support for AWS Elemental MediaStore. After November 13, 2025, you will no longer be able to access the AWS Elemental MediaStore console or AWS Elemental MediaStore resources. For more information, visit this [blog post](https://docs.aws.amazon.com/media/support-for-aws-elemental-mediastore-ending-soon/) . \n\nWrites an object lifecycle policy to a container. If the container already has an object lifecycle policy, the service replaces the existing policy with the new policy. It takes up to 20 minutes for the change to take effect.\n\nFor information about how to construct an object lifecycle policy, see [Components of an Object Lifecycle Policy](https://docs.aws.amazon.com/mediastore/latest/ug/policies-object-lifecycle-components.html) .", + "title": "LifecyclePolicy", + "type": "string" + }, + "MetricPolicy": { + "$ref": "#/definitions/AWS::MediaStore::Container.MetricPolicy", + "markdownDescription": "The metric policy that is associated with the container. A metric policy allows AWS Elemental MediaStore to send metrics to Amazon CloudWatch. In the policy, you must indicate whether you want MediaStore to send container-level metrics. You can also include rules to define groups of objects that you want MediaStore to send object-level metrics for.\n\nTo view examples of how to construct a metric policy for your use case, see [Example Metric Policies](https://docs.aws.amazon.com/mediastore/latest/ug/policies-metric-examples.html) .", + "title": "MetricPolicy" + }, + "Policy": { + "markdownDescription": "Creates an access policy for the specified container to restrict the users and clients that can access it. For information about the data that is included in an access policy, see the [AWS Identity and Access Management User Guide](https://docs.aws.amazon.com/iam/) .\n\nFor this release of the REST API, you can create only one policy for a container. If you enter `PutContainerPolicy` twice, the second command modifies the existing policy.", + "title": "Policy", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "ContainerName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaStore::Container" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.NumericalDimensionField": { + "AWS::MediaStore::Container.CorsRule": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that is used in the `NumericalDimensionField` .", - "title": "Column" + "AllowedHeaders": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies which headers are allowed in a preflight `OPTIONS` request through the `Access-Control-Request-Headers` header. Each header name that is specified in `Access-Control-Request-Headers` must have a corresponding entry in the rule. Only the headers that were requested are sent back.\n\nThis element can contain only one wildcard character (*).", + "title": "AllowedHeaders", + "type": "array" }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", - "type": "string" + "AllowedMethods": { + "items": { + "type": "string" + }, + "markdownDescription": "Identifies an HTTP method that the origin that is specified in the rule is allowed to execute.\n\nEach CORS rule must contain at least one `AllowedMethods` and one `AllowedOrigins` element.", + "title": "AllowedMethods", + "type": "array" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumberFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" + "AllowedOrigins": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more response headers that you want users to be able to access from their applications (for example, from a JavaScript `XMLHttpRequest` object).\n\nEach CORS rule must have at least one `AllowedOrigins` element. The string value can include only one wildcard character (*), for example, http://*.example.com. Additionally, you can specify only one wildcard character to allow cross-origin access for all origins.", + "title": "AllowedOrigins", + "type": "array" }, - "HierarchyId": { - "markdownDescription": "The custom hierarchy ID.", - "title": "HierarchyId", - "type": "string" + "ExposeHeaders": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more headers in the response that you want users to be able to access from their applications (for example, from a JavaScript `XMLHttpRequest` object).\n\nThis element is optional for each rule.", + "title": "ExposeHeaders", + "type": "array" + }, + "MaxAgeSeconds": { + "markdownDescription": "The time in seconds that your browser caches the preflight response for the specified resource.\n\nA CORS rule can have only one `MaxAgeSeconds` element.", + "title": "MaxAgeSeconds", + "type": "number" } }, - "required": [ - "Column", - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.NumericalMeasureField": { + "AWS::MediaStore::Container.MetricPolicy": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericalAggregationFunction", - "markdownDescription": "The aggregation function of the measure field.", - "title": "AggregationFunction" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that is used in the `NumericalMeasureField` .", - "title": "Column" - }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "ContainerLevelMetrics": { + "markdownDescription": "A setting to enable or disable metrics at the container level.", + "title": "ContainerLevelMetrics", "type": "string" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumberFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" + "MetricPolicyRules": { + "items": { + "$ref": "#/definitions/AWS::MediaStore::Container.MetricPolicyRule" + }, + "markdownDescription": "A parameter that holds an array of rules that enable metrics at the object level. This parameter is optional, but if you choose to include it, you must also include at least one rule. By default, you can include up to five rules. You can also [request a quota increase](https://docs.aws.amazon.com/servicequotas/home?region=us-east-1#!/services/mediastore/quotas) to allow up to 300 rules per policy.", + "title": "MetricPolicyRules", + "type": "array" } }, "required": [ - "Column", - "FieldId" + "ContainerLevelMetrics" ], "type": "object" }, - "AWS::QuickSight::Analysis.PaginationConfiguration": { + "AWS::MediaStore::Container.MetricPolicyRule": { "additionalProperties": false, "properties": { - "PageNumber": { - "markdownDescription": "Indicates the page number.", - "title": "PageNumber", - "type": "number" + "ObjectGroup": { + "markdownDescription": "A path or file name that defines which objects to include in the group. Wildcards (*) are acceptable.", + "title": "ObjectGroup", + "type": "string" }, - "PageSize": { - "markdownDescription": "Indicates how many items render in one page.", - "title": "PageSize", - "type": "number" + "ObjectGroupName": { + "markdownDescription": "A name that allows you to refer to the object group.", + "title": "ObjectGroupName", + "type": "string" } }, "required": [ - "PageNumber", - "PageSize" + "ObjectGroup", + "ObjectGroupName" ], "type": "object" }, - "AWS::QuickSight::Analysis.PanelConfiguration": { + "AWS::MediaTailor::Channel": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "markdownDescription": "Sets the background color for each panel.", - "title": "BackgroundColor", - "type": "string" - }, - "BackgroundVisibility": { - "markdownDescription": "Determines whether or not a background for each small multiples panel is rendered.", - "title": "BackgroundVisibility", + "Condition": { "type": "string" }, - "BorderColor": { - "markdownDescription": "Sets the line color of panel borders.", - "title": "BorderColor", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "BorderStyle": { - "markdownDescription": "Sets the line style of panel borders.", - "title": "BorderStyle", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "BorderThickness": { - "markdownDescription": "Sets the line thickness of panel borders.", - "title": "BorderThickness", - "type": "string" + "Metadata": { + "type": "object" }, - "BorderVisibility": { - "markdownDescription": "Determines whether or not each panel displays a border.", - "title": "BorderVisibility", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Audiences": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of audiences defined in channel.", + "title": "Audiences", + "type": "array" + }, + "ChannelName": { + "markdownDescription": "The name of the channel.", + "title": "ChannelName", + "type": "string" + }, + "FillerSlate": { + "$ref": "#/definitions/AWS::MediaTailor::Channel.SlateSource", + "markdownDescription": "The slate used to fill gaps between programs in the schedule. You must configure filler slate if your channel uses the `LINEAR` `PlaybackMode` . MediaTailor doesn't support filler slate for channels using the `LOOP` `PlaybackMode` .", + "title": "FillerSlate" + }, + "LogConfiguration": { + "$ref": "#/definitions/AWS::MediaTailor::Channel.LogConfigurationForChannel", + "markdownDescription": "The log configuration.", + "title": "LogConfiguration" + }, + "Outputs": { + "items": { + "$ref": "#/definitions/AWS::MediaTailor::Channel.RequestOutputItem" + }, + "markdownDescription": "The channel's output properties.", + "title": "Outputs", + "type": "array" + }, + "PlaybackMode": { + "markdownDescription": "The type of playback mode for this channel.\n\n`LINEAR` - Programs play back-to-back only once.\n\n`LOOP` - Programs play back-to-back in an endless loop. When the last program in the schedule plays, playback loops back to the first program in the schedule.", + "title": "PlaybackMode", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to assign to the channel. Tags are key-value pairs that you can associate with Amazon resources to help with organization, access control, and cost tracking. For more information, see [Tagging AWS Elemental MediaTailor Resources](https://docs.aws.amazon.com/mediatailor/latest/ug/tagging.html) .", + "title": "Tags", + "type": "array" + }, + "Tier": { + "markdownDescription": "The tier for this channel. STANDARD tier channels can contain live programs.", + "title": "Tier", + "type": "string" + }, + "TimeShiftConfiguration": { + "$ref": "#/definitions/AWS::MediaTailor::Channel.TimeShiftConfiguration", + "markdownDescription": "The configuration for time-shifted viewing.", + "title": "TimeShiftConfiguration" + } + }, + "required": [ + "ChannelName", + "Outputs", + "PlaybackMode" + ], + "type": "object" }, - "GutterSpacing": { - "markdownDescription": "Sets the total amount of negative space to display between sibling panels.", - "title": "GutterSpacing", + "Type": { + "enum": [ + "AWS::MediaTailor::Channel" + ], "type": "string" }, - "GutterVisibility": { - "markdownDescription": "Determines whether or not negative space between sibling panels is rendered.", - "title": "GutterVisibility", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PanelTitleOptions", - "markdownDescription": "Configures the title display within each small multiples panel.", - "title": "Title" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.PanelTitleOptions": { + "AWS::MediaTailor::Channel.DashPlaylistSettings": { "additionalProperties": false, "properties": { - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", - "markdownDescription": "", - "title": "FontConfiguration" + "ManifestWindowSeconds": { + "markdownDescription": "The total duration (in seconds) of each manifest. Minimum value: `30` seconds. Maximum value: `3600` seconds.", + "title": "ManifestWindowSeconds", + "type": "number" }, - "HorizontalTextAlignment": { - "markdownDescription": "Sets the horizontal text alignment of the title within each panel.", - "title": "HorizontalTextAlignment", - "type": "string" + "MinBufferTimeSeconds": { + "markdownDescription": "Minimum amount of content (measured in seconds) that a player must keep available in the buffer. Minimum value: `2` seconds. Maximum value: `60` seconds.", + "title": "MinBufferTimeSeconds", + "type": "number" }, - "Visibility": { - "markdownDescription": "Determines whether or not panel titles are displayed.", - "title": "Visibility", - "type": "string" + "MinUpdatePeriodSeconds": { + "markdownDescription": "Minimum amount of time (in seconds) that the player should wait before requesting updates to the manifest. Minimum value: `2` seconds. Maximum value: `60` seconds.", + "title": "MinUpdatePeriodSeconds", + "type": "number" + }, + "SuggestedPresentationDelaySeconds": { + "markdownDescription": "Amount of time (in seconds) that the player should be from the live point at the end of the manifest. Minimum value: `2` seconds. Maximum value: `60` seconds.", + "title": "SuggestedPresentationDelaySeconds", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ParameterControl": { + "AWS::MediaTailor::Channel.HlsPlaylistSettings": { "additionalProperties": false, "properties": { - "DateTimePicker": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterDateTimePickerControl", - "markdownDescription": "A control from a date parameter that specifies date and time.", - "title": "DateTimePicker" - }, - "Dropdown": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterDropDownControl", - "markdownDescription": "A control to display a dropdown list with buttons that are used to select a single value.", - "title": "Dropdown" - }, - "List": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterListControl", - "markdownDescription": "A control to display a list with buttons or boxes that are used to select either a single value or multiple values.", - "title": "List" - }, - "Slider": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterSliderControl", - "markdownDescription": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle.", - "title": "Slider" - }, - "TextArea": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterTextAreaControl", - "markdownDescription": "A control to display a text box that is used to enter multiple entries.", - "title": "TextArea" + "AdMarkupType": { + "items": { + "type": "string" + }, + "markdownDescription": "Determines the type of SCTE 35 tags to use in ad markup. Specify `DATERANGE` to use `DATERANGE` tags (for live or VOD content). Specify `SCTE35_ENHANCED` to use `EXT-X-CUE-OUT` and `EXT-X-CUE-IN` tags (for VOD content only).", + "title": "AdMarkupType", + "type": "array" }, - "TextField": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterTextFieldControl", - "markdownDescription": "A control to display a text box that is used to enter a single entry.", - "title": "TextField" + "ManifestWindowSeconds": { + "markdownDescription": "The total duration (in seconds) of each manifest. Minimum value: `30` seconds. Maximum value: `3600` seconds.", + "title": "ManifestWindowSeconds", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ParameterDateTimePickerControl": { + "AWS::MediaTailor::Channel.LogConfigurationForChannel": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimePickerControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "LogTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The log types.", + "title": "LogTypes", + "type": "array" + } + }, + "type": "object" + }, + "AWS::MediaTailor::Channel.RequestOutputItem": { + "additionalProperties": false, + "properties": { + "DashPlaylistSettings": { + "$ref": "#/definitions/AWS::MediaTailor::Channel.DashPlaylistSettings", + "markdownDescription": "DASH manifest configuration parameters.", + "title": "DashPlaylistSettings" }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterDateTimePickerControl` .", - "title": "ParameterControlId", - "type": "string" + "HlsPlaylistSettings": { + "$ref": "#/definitions/AWS::MediaTailor::Channel.HlsPlaylistSettings", + "markdownDescription": "HLS playlist configuration parameters.", + "title": "HlsPlaylistSettings" }, - "SourceParameterName": { - "markdownDescription": "The name of the `ParameterDateTimePickerControl` .", - "title": "SourceParameterName", + "ManifestName": { + "markdownDescription": "The name of the manifest for the channel. The name appears in the `PlaybackUrl` .", + "title": "ManifestName", "type": "string" }, - "Title": { - "markdownDescription": "The title of the `ParameterDateTimePickerControl` .", - "title": "Title", + "SourceGroup": { + "markdownDescription": "A string used to match which `HttpPackageConfiguration` is used for each `VodSource` .", + "title": "SourceGroup", "type": "string" } }, "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" + "ManifestName", + "SourceGroup" ], "type": "object" }, - "AWS::QuickSight::Analysis.ParameterDeclaration": { + "AWS::MediaTailor::Channel.SlateSource": { "additionalProperties": false, "properties": { - "DateTimeParameterDeclaration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeParameterDeclaration", - "markdownDescription": "A parameter declaration for the `DateTime` data type.", - "title": "DateTimeParameterDeclaration" - }, - "DecimalParameterDeclaration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalParameterDeclaration", - "markdownDescription": "A parameter declaration for the `Decimal` data type.", - "title": "DecimalParameterDeclaration" - }, - "IntegerParameterDeclaration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.IntegerParameterDeclaration", - "markdownDescription": "A parameter declaration for the `Integer` data type.", - "title": "IntegerParameterDeclaration" + "SourceLocationName": { + "markdownDescription": "The name of the source location where the slate VOD source is stored.", + "title": "SourceLocationName", + "type": "string" }, - "StringParameterDeclaration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.StringParameterDeclaration", - "markdownDescription": "A parameter declaration for the `String` data type.", - "title": "StringParameterDeclaration" + "VodSourceName": { + "markdownDescription": "The slate VOD source name. The VOD source must already exist in a source location before it can be used for slate.", + "title": "VodSourceName", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ParameterDropDownControl": { + "AWS::MediaTailor::Channel.TimeShiftConfiguration": { "additionalProperties": false, "properties": { - "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CascadingControlConfiguration", - "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", - "title": "CascadingControlConfiguration" - }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DropDownControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "MaxTimeDelaySeconds": { + "markdownDescription": "The maximum time delay for time-shifted viewing. The minimum allowed maximum time delay is 0 seconds, and the maximum allowed maximum time delay is 21600 seconds (6 hours).", + "title": "MaxTimeDelaySeconds", + "type": "number" + } + }, + "required": [ + "MaxTimeDelaySeconds" + ], + "type": "object" + }, + "AWS::MediaTailor::ChannelPolicy": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterDropDownControl` .", - "title": "ParameterControlId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterDropDownControl` .", - "title": "SourceParameterName", - "type": "string" + "Metadata": { + "type": "object" }, - "Title": { - "markdownDescription": "The title of the `ParameterDropDownControl` .", - "title": "Title", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "ChannelName": { + "markdownDescription": "The name of the channel associated with this Channel Policy.", + "title": "ChannelName", + "type": "string" + }, + "Policy": { + "markdownDescription": "The IAM policy for the channel. IAM policies are used to control access to your channel.", + "title": "Policy", + "type": "object" + } + }, + "required": [ + "ChannelName", + "Policy" + ], + "type": "object" }, "Type": { - "markdownDescription": "The type parameter name of the `ParameterDropDownControl` .", - "title": "Type", + "enum": [ + "AWS::MediaTailor::ChannelPolicy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.ParameterListControl": { + "AWS::MediaTailor::LiveSource": { "additionalProperties": false, "properties": { - "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CascadingControlConfiguration", - "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", - "title": "CascadingControlConfiguration" - }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ListControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "Condition": { + "type": "string" }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterListControl` .", - "title": "ParameterControlId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterListControl` .", - "title": "SourceParameterName", - "type": "string" + "Metadata": { + "type": "object" }, - "Title": { - "markdownDescription": "The title of the `ParameterListControl` .", - "title": "Title", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "HttpPackageConfigurations": { + "items": { + "$ref": "#/definitions/AWS::MediaTailor::LiveSource.HttpPackageConfiguration" + }, + "markdownDescription": "The HTTP package configurations for the live source.", + "title": "HttpPackageConfigurations", + "type": "array" + }, + "LiveSourceName": { + "markdownDescription": "The name that's used to refer to a live source.", + "title": "LiveSourceName", + "type": "string" + }, + "SourceLocationName": { + "markdownDescription": "The name of the source location.", + "title": "SourceLocationName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags assigned to the live source. Tags are key-value pairs that you can associate with Amazon resources to help with organization, access control, and cost tracking. For more information, see [Tagging AWS Elemental MediaTailor Resources](https://docs.aws.amazon.com/mediatailor/latest/ug/tagging.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "HttpPackageConfigurations", + "LiveSourceName", + "SourceLocationName" + ], + "type": "object" }, "Type": { - "markdownDescription": "The type of `ParameterListControl` .", - "title": "Type", + "enum": [ + "AWS::MediaTailor::LiveSource" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.ParameterSelectableValues": { + "AWS::MediaTailor::LiveSource.HttpPackageConfiguration": { "additionalProperties": false, "properties": { - "LinkToDataSetColumn": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column identifier that fetches values from the data set.", - "title": "LinkToDataSetColumn" + "Path": { + "markdownDescription": "The relative path to the URL for this VOD source. This is combined with `SourceLocation::HttpConfiguration::BaseUrl` to form a valid URL.", + "title": "Path", + "type": "string" }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The values that are used in `ParameterSelectableValues` .", - "title": "Values", - "type": "array" + "SourceGroup": { + "markdownDescription": "The name of the source group. This has to match one of the `Channel::Outputs::SourceGroup` .", + "title": "SourceGroup", + "type": "string" + }, + "Type": { + "markdownDescription": "The streaming protocol for this package configuration. Supported values are `HLS` and `DASH` .", + "title": "Type", + "type": "string" } }, + "required": [ + "Path", + "SourceGroup", + "Type" + ], "type": "object" }, - "AWS::QuickSight::Analysis.ParameterSliderControl": { + "AWS::MediaTailor::PlaybackConfiguration": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SliderControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "MaximumValue": { - "markdownDescription": "The larger value that is displayed at the right of the slider.", - "title": "MaximumValue", - "type": "number" + "Condition": { + "type": "string" }, - "MinimumValue": { - "markdownDescription": "The smaller value that is displayed at the left of the slider.", - "title": "MinimumValue", - "type": "number" - }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterSliderControl` .", - "title": "ParameterControlId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterSliderControl` .", - "title": "SourceParameterName", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "StepSize": { - "markdownDescription": "The number of increments that the slider bar is divided into.", - "title": "StepSize", - "type": "number" + "Metadata": { + "type": "object" }, - "Title": { - "markdownDescription": "The title of the `ParameterSliderControl` .", - "title": "Title", + "Properties": { + "additionalProperties": false, + "properties": { + "AdConditioningConfiguration": { + "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.AdConditioningConfiguration", + "markdownDescription": "The setting that indicates what conditioning MediaTailor will perform on ads that the ad decision server (ADS) returns, and what priority MediaTailor uses when inserting ads.", + "title": "AdConditioningConfiguration" + }, + "AdDecisionServerUrl": { + "markdownDescription": "The URL for the ad decision server (ADS). This includes the specification of static parameters and placeholders for dynamic parameters. AWS Elemental MediaTailor substitutes player-specific and session-specific parameters as needed when calling the ADS. Alternately, for testing you can provide a static VAST URL. The maximum length is 25,000 characters.", + "title": "AdDecisionServerUrl", + "type": "string" + }, + "AvailSuppression": { + "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.AvailSuppression", + "markdownDescription": "The configuration for avail suppression, also known as ad suppression. For more information about ad suppression, see [Ad Suppression](https://docs.aws.amazon.com/mediatailor/latest/ug/ad-behavior.html) .", + "title": "AvailSuppression" + }, + "Bumper": { + "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.Bumper", + "markdownDescription": "The configuration for bumpers. Bumpers are short audio or video clips that play at the start or before the end of an ad break. To learn more about bumpers, see [Bumpers](https://docs.aws.amazon.com/mediatailor/latest/ug/bumpers.html) .", + "title": "Bumper" + }, + "CdnConfiguration": { + "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.CdnConfiguration", + "markdownDescription": "The configuration for using a content delivery network (CDN), like Amazon CloudFront, for content and ad segment management.", + "title": "CdnConfiguration" + }, + "ConfigurationAliases": { + "additionalProperties": true, + "markdownDescription": "The player parameters and aliases used as dynamic variables during session initialization. For more information, see [Domain Variables](https://docs.aws.amazon.com/mediatailor/latest/ug/variables-domain.html) .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "object" + } + }, + "title": "ConfigurationAliases", + "type": "object" + }, + "DashConfiguration": { + "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.DashConfiguration", + "markdownDescription": "The configuration for a DASH source.", + "title": "DashConfiguration" + }, + "HlsConfiguration": { + "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.HlsConfiguration", + "markdownDescription": "The configuration for HLS content.", + "title": "HlsConfiguration" + }, + "InsertionMode": { + "markdownDescription": "The setting that controls whether players can use stitched or guided ad insertion. The default, `STITCHED_ONLY` , forces all player sessions to use stitched (server-side) ad insertion. Choosing `PLAYER_SELECT` allows players to select either stitched or guided ad insertion at session-initialization time. The default for players that do not specify an insertion mode is stitched.", + "title": "InsertionMode", + "type": "string" + }, + "LivePreRollConfiguration": { + "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.LivePreRollConfiguration", + "markdownDescription": "The configuration for pre-roll ad insertion.", + "title": "LivePreRollConfiguration" + }, + "LogConfiguration": { + "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.LogConfiguration", + "markdownDescription": "Defines where AWS Elemental MediaTailor sends logs for the playback configuration.", + "title": "LogConfiguration" + }, + "ManifestProcessingRules": { + "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.ManifestProcessingRules", + "markdownDescription": "The configuration for manifest processing rules. Manifest processing rules enable customization of the personalized manifests created by MediaTailor.", + "title": "ManifestProcessingRules" + }, + "Name": { + "markdownDescription": "The identifier for the playback configuration.", + "title": "Name", + "type": "string" + }, + "PersonalizationThresholdSeconds": { + "markdownDescription": "Defines the maximum duration of underfilled ad time (in seconds) allowed in an ad break. If the duration of underfilled ad time exceeds the personalization threshold, then the personalization of the ad break is abandoned and the underlying content is shown. This feature applies to *ad replacement* in live and VOD streams, rather than ad insertion, because it relies on an underlying content stream. For more information about ad break behavior, including ad replacement and insertion, see [Ad Behavior in AWS Elemental MediaTailor](https://docs.aws.amazon.com/mediatailor/latest/ug/ad-behavior.html) .", + "title": "PersonalizationThresholdSeconds", + "type": "number" + }, + "SlateAdUrl": { + "markdownDescription": "The URL for a video asset to transcode and use to fill in time that's not used by ads. AWS Elemental MediaTailor shows the slate to fill in gaps in media content. Configuring the slate is optional for non-VPAID playback configurations. For VPAID, the slate is required because MediaTailor provides it in the slots designated for dynamic ad content. The slate must be a high-quality asset that contains both audio and video.", + "title": "SlateAdUrl", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to assign to the playback configuration. Tags are key-value pairs that you can associate with Amazon resources to help with organization, access control, and cost tracking. For more information, see [Tagging AWS Elemental MediaTailor Resources](https://docs.aws.amazon.com/mediatailor/latest/ug/tagging.html) .", + "title": "Tags", + "type": "array" + }, + "TranscodeProfileName": { + "markdownDescription": "The name that is used to associate this playback configuration with a custom transcode profile. This overrides the dynamic transcoding defaults of MediaTailor. Use this only if you have already set up custom profiles with the help of AWS Support.", + "title": "TranscodeProfileName", + "type": "string" + }, + "VideoContentSourceUrl": { + "markdownDescription": "The URL prefix for the parent manifest for the stream, minus the asset ID. The maximum length is 512 characters.", + "title": "VideoContentSourceUrl", + "type": "string" + } + }, + "required": [ + "AdDecisionServerUrl", + "Name", + "VideoContentSourceUrl" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaTailor::PlaybackConfiguration" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "MaximumValue", - "MinimumValue", - "ParameterControlId", - "SourceParameterName", - "StepSize", - "Title" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.ParameterTextAreaControl": { + "AWS::MediaTailor::PlaybackConfiguration.AdConditioningConfiguration": { "additionalProperties": false, "properties": { - "Delimiter": { - "markdownDescription": "The delimiter that is used to separate the lines in text.", - "title": "Delimiter", - "type": "string" - }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TextAreaControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterTextAreaControl` .", - "title": "ParameterControlId", - "type": "string" - }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterTextAreaControl` .", - "title": "SourceParameterName", - "type": "string" - }, - "Title": { - "markdownDescription": "The title of the `ParameterTextAreaControl` .", - "title": "Title", + "StreamingMediaFileConditioning": { + "markdownDescription": "For ads that have media files with streaming delivery and supported file extensions, indicates what transcoding action MediaTailor takes when it first receives these ads from the ADS. `TRANSCODE` indicates that MediaTailor must transcode the ads. `NONE` indicates that you have already transcoded the ads outside of MediaTailor and don't need them transcoded as part of the ad insertion workflow. For more information about ad conditioning see [Using preconditioned ads](https://docs.aws.amazon.com/mediatailor/latest/ug/precondition-ads.html) in the AWS Elemental MediaTailor user guide.", + "title": "StreamingMediaFileConditioning", "type": "string" } }, "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" + "StreamingMediaFileConditioning" ], "type": "object" }, - "AWS::QuickSight::Analysis.ParameterTextFieldControl": { + "AWS::MediaTailor::PlaybackConfiguration.AdMarkerPassthrough": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TextFieldControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterTextFieldControl` .", - "title": "ParameterControlId", - "type": "string" - }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterTextFieldControl` .", - "title": "SourceParameterName", - "type": "string" - }, - "Title": { - "markdownDescription": "The title of the `ParameterTextFieldControl` .", - "title": "Title", - "type": "string" + "Enabled": { + "markdownDescription": "Enables ad marker passthrough for your configuration.", + "title": "Enabled", + "type": "boolean" } }, - "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" - ], "type": "object" }, - "AWS::QuickSight::Analysis.Parameters": { + "AWS::MediaTailor::PlaybackConfiguration.AdsInteractionLog": { "additionalProperties": false, "properties": { - "DateTimeParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeParameter" - }, - "markdownDescription": "The parameters that have a data type of date-time.", - "title": "DateTimeParameters", - "type": "array" - }, - "DecimalParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalParameter" - }, - "markdownDescription": "The parameters that have a data type of decimal.", - "title": "DecimalParameters", - "type": "array" - }, - "IntegerParameters": { + "ExcludeEventTypes": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.IntegerParameter" + "type": "string" }, - "markdownDescription": "The parameters that have a data type of integer.", - "title": "IntegerParameters", + "markdownDescription": "Indicates that MediaTailor won't emit the selected events in the logs for playback sessions that are initialized with this configuration.", + "title": "ExcludeEventTypes", "type": "array" }, - "StringParameters": { + "PublishOptInEventTypes": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.StringParameter" + "type": "string" }, - "markdownDescription": "The parameters that have a data type of string.", - "title": "StringParameters", + "markdownDescription": "Indicates that MediaTailor emits `RAW_ADS_RESPONSE` logs for playback sessions that are initialized with this configuration.", + "title": "PublishOptInEventTypes", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.PercentVisibleRange": { + "AWS::MediaTailor::PlaybackConfiguration.AvailSuppression": { "additionalProperties": false, "properties": { - "From": { - "markdownDescription": "The lower bound of the range.", - "title": "From", - "type": "number" + "FillPolicy": { + "markdownDescription": "Defines the policy to apply to the avail suppression mode. `BEHIND_LIVE_EDGE` will always use the full avail suppression policy. `AFTER_LIVE_EDGE` mode can be used to invoke partial ad break fills when a session starts mid-break.", + "title": "FillPolicy", + "type": "string" }, - "To": { - "markdownDescription": "The top bound of the range.", - "title": "To", - "type": "number" + "Mode": { + "markdownDescription": "Sets the ad suppression mode. By default, ad suppression is off and all ad breaks are filled with ads or slate. When Mode is set to `BEHIND_LIVE_EDGE` , ad suppression is active and MediaTailor won't fill ad breaks on or behind the ad suppression Value time in the manifest lookback window. When Mode is set to `AFTER_LIVE_EDGE` , ad suppression is active and MediaTailor won't fill ad breaks that are within the live edge plus the avail suppression value.", + "title": "Mode", + "type": "string" + }, + "Value": { + "markdownDescription": "A live edge offset time in HH:MM:SS. MediaTailor won't fill ad breaks on or behind this time in the manifest lookback window. If Value is set to 00:00:00, it is in sync with the live edge, and MediaTailor won't fill any ad breaks on or behind the live edge. If you set a Value time, MediaTailor won't fill any ad breaks on or behind this time in the manifest lookback window. For example, if you set 00:45:00, then MediaTailor will fill ad breaks that occur within 45 minutes behind the live edge, but won't fill ad breaks on or behind 45 minutes behind the live edge.", + "title": "Value", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.PercentageDisplayFormatConfiguration": { + "AWS::MediaTailor::PlaybackConfiguration.Bumper": { "additionalProperties": false, "properties": { - "DecimalPlacesConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalPlacesConfiguration", - "markdownDescription": "The option that determines the decimal places configuration.", - "title": "DecimalPlacesConfiguration" - }, - "NegativeValueConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NegativeValueConfiguration", - "markdownDescription": "The options that determine the negative value configuration.", - "title": "NegativeValueConfiguration" - }, - "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NullValueFormatConfiguration", - "markdownDescription": "The options that determine the null value format configuration.", - "title": "NullValueFormatConfiguration" - }, - "Prefix": { - "markdownDescription": "Determines the prefix value of the percentage format.", - "title": "Prefix", + "EndUrl": { + "markdownDescription": "The URL for the end bumper asset.", + "title": "EndUrl", "type": "string" }, - "SeparatorConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericSeparatorConfiguration", - "markdownDescription": "The options that determine the numeric separator configuration.", - "title": "SeparatorConfiguration" - }, - "Suffix": { - "markdownDescription": "Determines the suffix value of the percentage format.", - "title": "Suffix", + "StartUrl": { + "markdownDescription": "The URL for the start bumper asset.", + "title": "StartUrl", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.PercentileAggregation": { + "AWS::MediaTailor::PlaybackConfiguration.CdnConfiguration": { "additionalProperties": false, "properties": { - "PercentileValue": { - "markdownDescription": "The percentile value. This value can be any numeric constant 0\u2013100. A percentile value of 50 computes the median value of the measure.", - "title": "PercentileValue", - "type": "number" + "AdSegmentUrlPrefix": { + "markdownDescription": "A non-default content delivery network (CDN) to serve ad segments. By default, AWS Elemental MediaTailor uses Amazon CloudFront with default cache settings as its CDN for ad segments. To set up an alternate CDN, create a rule in your CDN for the origin ads.mediatailor. ** .amazonaws.com. Then specify the rule's name in this `AdSegmentUrlPrefix` . When AWS Elemental MediaTailor serves a manifest, it reports your CDN as the source for ad segments.", + "title": "AdSegmentUrlPrefix", + "type": "string" + }, + "ContentSegmentUrlPrefix": { + "markdownDescription": "A content delivery network (CDN) to cache content segments, so that content requests don\u2019t always have to go to the origin server. First, create a rule in your CDN for the content segment origin server. Then specify the rule's name in this `ContentSegmentUrlPrefix` . When AWS Elemental MediaTailor serves a manifest, it reports your CDN as the source for content segments.", + "title": "ContentSegmentUrlPrefix", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.PeriodOverPeriodComputation": { + "AWS::MediaTailor::PlaybackConfiguration.DashConfiguration": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", + "ManifestEndpointPrefix": { + "markdownDescription": "The URL generated by MediaTailor to initiate a playback session. The session uses server-side reporting. This setting is ignored in PUT operations.", + "title": "ManifestEndpointPrefix", "type": "string" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "MpdLocation": { + "markdownDescription": "The setting that controls whether MediaTailor includes the Location tag in DASH manifests. MediaTailor populates the Location tag with the URL for manifest update requests, to be used by players that don't support sticky redirects. Disable this if you have CDN routing rules set up for accessing MediaTailor manifests, and you are either using client-side reporting or your players support sticky HTTP redirects. Valid values are `DISABLED` and `EMT_DEFAULT` . The `EMT_DEFAULT` setting enables the inclusion of the tag and is the default value.", + "title": "MpdLocation", "type": "string" }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" - }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "OriginManifestType": { + "markdownDescription": "The setting that controls whether MediaTailor handles manifests from the origin server as multi-period manifests or single-period manifests. If your origin server produces single-period manifests, set this to `SINGLE_PERIOD` . The default setting is `MULTI_PERIOD` . For multi-period manifests, omit this setting or set it to `MULTI_PERIOD` .", + "title": "OriginManifestType", + "type": "string" } }, - "required": [ - "ComputationId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.PeriodToDateComputation": { + "AWS::MediaTailor::PlaybackConfiguration.HlsConfiguration": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", - "type": "string" - }, - "PeriodTimeGranularity": { - "markdownDescription": "The time granularity setup of period to date computation. Choose from the following options:\n\n- YEAR: Year to date.\n- MONTH: Month to date.", - "title": "PeriodTimeGranularity", + "ManifestEndpointPrefix": { + "markdownDescription": "The URL that is used to initiate a playback session for devices that support Apple HLS. The session uses server-side reporting.", + "title": "ManifestEndpointPrefix", "type": "string" - }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" - }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" } }, - "required": [ - "ComputationId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.PieChartAggregatedFieldWells": { + "AWS::MediaTailor::PlaybackConfiguration.LivePreRollConfiguration": { "additionalProperties": false, "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The category (group/color) field wells of a pie chart.", - "title": "Category", - "type": "array" - }, - "SmallMultiples": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The small multiples field well of a pie chart.", - "title": "SmallMultiples", - "type": "array" + "AdDecisionServerUrl": { + "markdownDescription": "The URL for the ad decision server (ADS) for pre-roll ads. This includes the specification of static parameters and placeholders for dynamic parameters. AWS Elemental MediaTailor substitutes player-specific and session-specific parameters as needed when calling the ADS. Alternately, for testing, you can provide a static VAST URL. The maximum length is 25,000 characters.", + "title": "AdDecisionServerUrl", + "type": "string" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The value field wells of a pie chart. Values are aggregated based on categories.", - "title": "Values", - "type": "array" + "MaxDurationSeconds": { + "markdownDescription": "The maximum allowed duration for the pre-roll ad avail. AWS Elemental MediaTailor won't play pre-roll ads to exceed this duration, regardless of the total duration of ads that the ADS returns.", + "title": "MaxDurationSeconds", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.PieChartConfiguration": { + "AWS::MediaTailor::PlaybackConfiguration.LogConfiguration": { "additionalProperties": false, "properties": { - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options of the group/color that is displayed in a pie chart.", - "title": "CategoryLabelOptions" + "AdsInteractionLog": { + "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.AdsInteractionLog", + "markdownDescription": "Settings for customizing what events are included in logs for interactions with the ad decision server (ADS).", + "title": "AdsInteractionLog" }, - "ContributionAnalysisDefaults": { + "EnabledLoggingStrategies": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ContributionAnalysisDefault" + "type": "string" }, - "markdownDescription": "The contribution analysis (anomaly configuration) setup of the visual.", - "title": "ContributionAnalysisDefaults", + "markdownDescription": "The method used for collecting logs from AWS Elemental MediaTailor. `LEGACY_CLOUDWATCH` indicates that MediaTailor is sending logs directly to Amazon CloudWatch Logs. `VENDED_LOGS` indicates that MediaTailor is sending logs to CloudWatch, which then vends the logs to your destination of choice. Supported destinations are CloudWatch Logs log group, Amazon S3 bucket, and Amazon Data Firehose stream.", + "title": "EnabledLoggingStrategies", "type": "array" }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.", - "title": "DataLabels" - }, - "DonutOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DonutOptions", - "markdownDescription": "The options that determine the shape of the chart. This option determines whether the chart is a pie chart or a donut chart.", - "title": "DonutOptions" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PieChartFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" - }, - "SmallMultiplesOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SmallMultiplesOptions", - "markdownDescription": "The small multiples setup for the visual.", - "title": "SmallMultiplesOptions" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PieChartSortConfiguration", - "markdownDescription": "The sort configuration of a pie chart.", - "title": "SortConfiguration" - }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" - }, - "ValueLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options for the value that is displayed in a pie chart.", - "title": "ValueLabelOptions" + "ManifestServiceInteractionLog": { + "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.ManifestServiceInteractionLog", + "markdownDescription": "Settings for customizing what events are included in logs for interactions with the origin server.", + "title": "ManifestServiceInteractionLog" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" + "PercentEnabled": { + "markdownDescription": "The percentage of session logs that MediaTailor sends to your configured log destination. For example, if your playback configuration has 1000 sessions and `percentEnabled` is set to `60` , MediaTailor sends logs for 600 of the sessions to CloudWatch Logs. MediaTailor decides at random which of the playback configuration sessions to send logs for. If you want to view logs for a specific session, you can use the [debug log mode](https://docs.aws.amazon.com/mediatailor/latest/ug/debug-log-mode.html) .\n\nValid values: `0` - `100`", + "title": "PercentEnabled", + "type": "number" } }, + "required": [ + "PercentEnabled" + ], "type": "object" }, - "AWS::QuickSight::Analysis.PieChartFieldWells": { + "AWS::MediaTailor::PlaybackConfiguration.ManifestProcessingRules": { "additionalProperties": false, "properties": { - "PieChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PieChartAggregatedFieldWells", - "markdownDescription": "The field well configuration of a pie chart.", - "title": "PieChartAggregatedFieldWells" + "AdMarkerPassthrough": { + "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.AdMarkerPassthrough", + "markdownDescription": "For HLS, when set to `true` , MediaTailor passes through `EXT-X-CUE-IN` , `EXT-X-CUE-OUT` , and `EXT-X-SPLICEPOINT-SCTE35` ad markers from the origin manifest to the MediaTailor personalized manifest.\n\nNo logic is applied to these ad markers. For example, if `EXT-X-CUE-OUT` has a value of `60` , but no ads are filled for that ad break, MediaTailor will not set the value to `0` .", + "title": "AdMarkerPassthrough" } }, "type": "object" }, - "AWS::QuickSight::Analysis.PieChartSortConfiguration": { + "AWS::MediaTailor::PlaybackConfiguration.ManifestServiceInteractionLog": { "additionalProperties": false, "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of categories that are displayed in a pie chart.", - "title": "CategoryItemsLimit" - }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the category fields.", - "title": "CategorySort", - "type": "array" - }, - "SmallMultiplesLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of small multiples panels that are displayed.", - "title": "SmallMultiplesLimitConfiguration" - }, - "SmallMultiplesSort": { + "ExcludeEventTypes": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + "type": "string" }, - "markdownDescription": "The sort configuration of the small multiples field.", - "title": "SmallMultiplesSort", + "markdownDescription": "Indicates that MediaTailor won't emit the selected events in the logs for playback sessions that are initialized with this configuration.", + "title": "ExcludeEventTypes", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.PieChartVisual": { + "AWS::MediaTailor::SourceLocation": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PieChartConfiguration", - "markdownDescription": "The configuration of a pie chart.", - "title": "ChartConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Metadata": { + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Properties": { + "additionalProperties": false, + "properties": { + "AccessConfiguration": { + "$ref": "#/definitions/AWS::MediaTailor::SourceLocation.AccessConfiguration", + "markdownDescription": "The access configuration for the source location.", + "title": "AccessConfiguration" + }, + "DefaultSegmentDeliveryConfiguration": { + "$ref": "#/definitions/AWS::MediaTailor::SourceLocation.DefaultSegmentDeliveryConfiguration", + "markdownDescription": "The default segment delivery configuration.", + "title": "DefaultSegmentDeliveryConfiguration" + }, + "HttpConfiguration": { + "$ref": "#/definitions/AWS::MediaTailor::SourceLocation.HttpConfiguration", + "markdownDescription": "The HTTP configuration for the source location.", + "title": "HttpConfiguration" + }, + "SegmentDeliveryConfigurations": { + "items": { + "$ref": "#/definitions/AWS::MediaTailor::SourceLocation.SegmentDeliveryConfiguration" + }, + "markdownDescription": "The segment delivery configurations for the source location.", + "title": "SegmentDeliveryConfigurations", + "type": "array" + }, + "SourceLocationName": { + "markdownDescription": "The name of the source location.", + "title": "SourceLocationName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags assigned to the source location. Tags are key-value pairs that you can associate with Amazon resources to help with organization, access control, and cost tracking. For more information, see [Tagging AWS Elemental MediaTailor Resources](https://docs.aws.amazon.com/mediatailor/latest/ug/tagging.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "HttpConfiguration", + "SourceLocationName" + ], + "type": "object" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "Type": { + "enum": [ + "AWS::MediaTailor::SourceLocation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.PivotFieldSortOptions": { + "AWS::MediaTailor::SourceLocation.AccessConfiguration": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID for the field sort options.", - "title": "FieldId", + "AccessType": { + "markdownDescription": "The type of authentication used to access content from `HttpConfiguration::BaseUrl` on your source location. Accepted value: `S3_SIGV4` .\n\n`S3_SIGV4` - AWS Signature Version 4 authentication for Amazon S3 hosted virtual-style access. If your source location base URL is an Amazon S3 bucket, MediaTailor can use AWS Signature Version 4 (SigV4) authentication to access the bucket where your source content is stored. Your MediaTailor source location baseURL must follow the S3 virtual hosted-style request URL format. For example, https://bucket-name.s3.Region.amazonaws.com/key-name.\n\nBefore you can use `S3_SIGV4` , you must meet these requirements:\n\n\u2022 You must allow MediaTailor to access your S3 bucket by granting mediatailor.amazonaws.com principal access in IAM. For information about configuring access in IAM, see Access management in the IAM User Guide.\n\n\u2022 The mediatailor.amazonaws.com service principal must have permissions to read all top level manifests referenced by the VodSource packaging configurations.\n\n\u2022 The caller of the API must have s3:GetObject IAM permissions to read all top level manifests referenced by your MediaTailor VodSource packaging configurations.", + "title": "AccessType", "type": "string" }, - "SortBy": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableSortBy", - "markdownDescription": "The sort by field for the field sort options.", - "title": "SortBy" + "SecretsManagerAccessTokenConfiguration": { + "$ref": "#/definitions/AWS::MediaTailor::SourceLocation.SecretsManagerAccessTokenConfiguration", + "markdownDescription": "AWS Secrets Manager access token configuration parameters.", + "title": "SecretsManagerAccessTokenConfiguration" } }, - "required": [ - "FieldId", - "SortBy" - ], "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableAggregatedFieldWells": { + "AWS::MediaTailor::SourceLocation.DefaultSegmentDeliveryConfiguration": { "additionalProperties": false, "properties": { - "Columns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The columns field well for a pivot table. Values are grouped by columns fields.", - "title": "Columns", - "type": "array" - }, - "Rows": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The rows field well for a pivot table. Values are grouped by rows fields.", - "title": "Rows", - "type": "array" - }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The values field well for a pivot table. Values are aggregated based on rows and columns fields.", - "title": "Values", - "type": "array" + "BaseUrl": { + "markdownDescription": "The hostname of the server that will be used to serve segments. This string must include the protocol, such as *https://* .", + "title": "BaseUrl", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableCellConditionalFormatting": { + "AWS::MediaTailor::SourceLocation.HttpConfiguration": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID of the cell for conditional formatting.", - "title": "FieldId", + "BaseUrl": { + "markdownDescription": "The base URL for the source location host server. This string must include the protocol, such as *https://* .", + "title": "BaseUrl", "type": "string" - }, - "Scope": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableConditionalFormattingScope", - "markdownDescription": "The scope of the cell for conditional formatting.", - "title": "Scope" - }, - "Scopes": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableConditionalFormattingScope" - }, - "markdownDescription": "A list of cell scopes for conditional formatting.", - "title": "Scopes", - "type": "array" - }, - "TextFormat": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TextConditionalFormat", - "markdownDescription": "The text format of the cell for conditional formatting.", - "title": "TextFormat" } }, "required": [ - "FieldId" + "BaseUrl" ], "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableConditionalFormatting": { - "additionalProperties": false, - "properties": { - "ConditionalFormattingOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableConditionalFormattingOption" - }, - "markdownDescription": "Conditional formatting options for a `PivotTableVisual` .", - "title": "ConditionalFormattingOptions", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.PivotTableConditionalFormattingOption": { + "AWS::MediaTailor::SourceLocation.SecretsManagerAccessTokenConfiguration": { "additionalProperties": false, "properties": { - "Cell": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableCellConditionalFormatting", - "markdownDescription": "The cell conditional formatting option for a pivot table.", - "title": "Cell" + "HeaderName": { + "markdownDescription": "The name of the HTTP header used to supply the access token in requests to the source location.", + "title": "HeaderName", + "type": "string" + }, + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Secrets Manager secret that contains the access token.", + "title": "SecretArn", + "type": "string" + }, + "SecretStringKey": { + "markdownDescription": "The AWS Secrets Manager [SecretString](https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_CreateSecret.html#SecretsManager-CreateSecret-request-SecretString.html) key associated with the access token. MediaTailor uses the key to look up SecretString key and value pair containing the access token.", + "title": "SecretStringKey", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableConditionalFormattingScope": { + "AWS::MediaTailor::SourceLocation.SegmentDeliveryConfiguration": { "additionalProperties": false, "properties": { - "Role": { - "markdownDescription": "The role (field, field total, grand total) of the cell for conditional formatting.", - "title": "Role", + "BaseUrl": { + "markdownDescription": "The base URL of the host or path of the segment delivery server that you're using to serve segments. This is typically a content delivery network (CDN). The URL can be absolute or relative. To use an absolute URL include the protocol, such as `https://example.com/some/path` . To use a relative URL specify the relative path, such as `/some/path*` .", + "title": "BaseUrl", + "type": "string" + }, + "Name": { + "markdownDescription": "A unique identifier used to distinguish between multiple segment delivery configurations in a source location.", + "title": "Name", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableConfiguration": { + "AWS::MediaTailor::VodSource": { "additionalProperties": false, "properties": { - "FieldOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableFieldOptions", - "markdownDescription": "The field options for a pivot table visual.", - "title": "FieldOptions" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" + "Condition": { + "type": "string" }, - "PaginatedReportOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTablePaginatedReportOptions", - "markdownDescription": "The paginated report options for a pivot table visual.", - "title": "PaginatedReportOptions" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableSortConfiguration", - "markdownDescription": "The sort configuration for a `PivotTableVisual` .", - "title": "SortConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "TableOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableOptions", - "markdownDescription": "The table options for a pivot table visual.", - "title": "TableOptions" + "Metadata": { + "type": "object" }, - "TotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableTotalOptions", - "markdownDescription": "The total options for a pivot table visual.", - "title": "TotalOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.PivotTableDataPathOption": { - "additionalProperties": false, - "properties": { - "DataPathList": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathValue" + "Properties": { + "additionalProperties": false, + "properties": { + "HttpPackageConfigurations": { + "items": { + "$ref": "#/definitions/AWS::MediaTailor::VodSource.HttpPackageConfiguration" + }, + "markdownDescription": "The HTTP package configurations for the VOD source.", + "title": "HttpPackageConfigurations", + "type": "array" + }, + "SourceLocationName": { + "markdownDescription": "The name of the source location that the VOD source is associated with.", + "title": "SourceLocationName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags assigned to the VOD source. Tags are key-value pairs that you can associate with Amazon resources to help with organization, access control, and cost tracking. For more information, see [Tagging AWS Elemental MediaTailor Resources](https://docs.aws.amazon.com/mediatailor/latest/ug/tagging.html) .", + "title": "Tags", + "type": "array" + }, + "VodSourceName": { + "markdownDescription": "The name of the VOD source.", + "title": "VodSourceName", + "type": "string" + } }, - "markdownDescription": "The list of data path values for the data path options.", - "title": "DataPathList", - "type": "array" + "required": [ + "HttpPackageConfigurations", + "SourceLocationName", + "VodSourceName" + ], + "type": "object" }, - "Width": { - "markdownDescription": "The width of the data path option.", - "title": "Width", + "Type": { + "enum": [ + "AWS::MediaTailor::VodSource" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "DataPathList" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableFieldCollapseStateOption": { + "AWS::MediaTailor::VodSource.HttpPackageConfiguration": { "additionalProperties": false, "properties": { - "State": { - "markdownDescription": "The state of the field target of a pivot table. Choose one of the following options:\n\n- `COLLAPSED`\n- `EXPANDED`", - "title": "State", + "Path": { + "markdownDescription": "The relative path to the URL for this VOD source. This is combined with `SourceLocation::HttpConfiguration::BaseUrl` to form a valid URL.", + "title": "Path", "type": "string" }, - "Target": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableFieldCollapseStateTarget", - "markdownDescription": "A tagged-union object that sets the collapse state.", - "title": "Target" + "SourceGroup": { + "markdownDescription": "The name of the source group. This has to match one of the `Channel::Outputs::SourceGroup` .", + "title": "SourceGroup", + "type": "string" + }, + "Type": { + "markdownDescription": "The streaming protocol for this package configuration. Supported values are `HLS` and `DASH` .", + "title": "Type", + "type": "string" } }, "required": [ - "Target" + "Path", + "SourceGroup", + "Type" ], "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableFieldCollapseStateTarget": { + "AWS::MemoryDB::ACL": { "additionalProperties": false, "properties": { - "FieldDataPathValues": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathValue" - }, - "markdownDescription": "The data path of the pivot table's header. Used to set the collapse state.", - "title": "FieldDataPathValues", - "type": "array" - }, - "FieldId": { - "markdownDescription": "The field ID of the pivot table that the collapse state needs to be set to.", - "title": "FieldId", + "Condition": { "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.PivotTableFieldOption": { - "additionalProperties": false, - "properties": { - "CustomLabel": { - "markdownDescription": "The custom label of the pivot table field.", - "title": "CustomLabel", + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "FieldId": { - "markdownDescription": "The field ID of the pivot table field.", - "title": "FieldId", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ACLName": { + "markdownDescription": "The name of the Access Control List.", + "title": "ACLName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + }, + "UserNames": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of users that belong to the Access Control List.", + "title": "UserNames", + "type": "array" + } + }, + "required": [ + "ACLName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MemoryDB::ACL" + ], "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the pivot table field.", - "title": "Visibility", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "FieldId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableFieldOptions": { + "AWS::MemoryDB::Cluster": { "additionalProperties": false, "properties": { - "CollapseStateOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableFieldCollapseStateOption" - }, - "markdownDescription": "The collapse state options for the pivot table field options.", - "title": "CollapseStateOptions", - "type": "array" - }, - "DataPathOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableDataPathOption" - }, - "markdownDescription": "The data path options for the pivot table field options.", - "title": "DataPathOptions", - "type": "array" + "Condition": { + "type": "string" }, - "SelectedFieldOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableFieldOption" - }, - "markdownDescription": "The selected field options for the pivot table field options.", - "title": "SelectedFieldOptions", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.PivotTableFieldSubtotalOptions": { - "additionalProperties": false, - "properties": { - "FieldId": { - "markdownDescription": "The field ID of the subtotal options.", - "title": "FieldId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.PivotTableFieldWells": { - "additionalProperties": false, + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ACLName": { + "markdownDescription": "The name of the Access Control List to associate with the cluster .", + "title": "ACLName", + "type": "string" + }, + "AutoMinorVersionUpgrade": { + "markdownDescription": "When set to true, the cluster will automatically receive minor engine version upgrades after launch.", + "title": "AutoMinorVersionUpgrade", + "type": "boolean" + }, + "ClusterEndpoint": { + "$ref": "#/definitions/AWS::MemoryDB::Cluster.Endpoint", + "markdownDescription": "The cluster 's configuration endpoint.", + "title": "ClusterEndpoint" + }, + "ClusterName": { + "markdownDescription": "The name of the cluster .", + "title": "ClusterName", + "type": "string" + }, + "DataTiering": { + "markdownDescription": "Enables data tiering. Data tiering is only supported for clusters using the r6gd node type. This parameter must be set when using r6gd nodes. For more information, see [Data tiering](https://docs.aws.amazon.com/memorydb/latest/devguide/data-tiering.html) .", + "title": "DataTiering", + "type": "string" + }, + "Description": { + "markdownDescription": "A description of the cluster .", + "title": "Description", + "type": "string" + }, + "Engine": { + "markdownDescription": "The name of the engine used by the cluster.", + "title": "Engine", + "type": "string" + }, + "EngineVersion": { + "markdownDescription": "The Redis engine version used by the cluster .", + "title": "EngineVersion", + "type": "string" + }, + "FinalSnapshotName": { + "markdownDescription": "The user-supplied name of a final cluster snapshot. This is the unique name that identifies the snapshot. MemoryDB creates the snapshot, and then deletes the cluster immediately afterward.", + "title": "FinalSnapshotName", + "type": "string" + }, + "IpDiscovery": { + "markdownDescription": "The mechanism that the cluster uses to discover IP addresses. Returns 'ipv4' when DNS endpoints resolve to IPv4 addresses, or 'ipv6' when DNS endpoints resolve to IPv6 addresses.", + "title": "IpDiscovery", + "type": "string" + }, + "KmsKeyId": { + "markdownDescription": "The ID of the KMS key used to encrypt the cluster .", + "title": "KmsKeyId", + "type": "string" + }, + "MaintenanceWindow": { + "markdownDescription": "Specifies the weekly time range during which maintenance on the cluster is performed. It is specified as a range in the format `ddd:hh24:mi-ddd:hh24:mi` (24H Clock UTC). The minimum maintenance window is a 60 minute period.\n\n*Pattern* : `ddd:hh24:mi-ddd:hh24:mi`", + "title": "MaintenanceWindow", + "type": "string" + }, + "MultiRegionClusterName": { + "markdownDescription": "The name of the multi-Region cluster that this cluster belongs to.", + "title": "MultiRegionClusterName", + "type": "string" + }, + "NetworkType": { + "markdownDescription": "The IP address type for the cluster. Returns 'ipv4' for IPv4 only, 'ipv6' for IPv6 only, or 'dual-stack' if the cluster supports both IPv4 and IPv6 addressing.", + "title": "NetworkType", + "type": "string" + }, + "NodeType": { + "markdownDescription": "The cluster 's node type.", + "title": "NodeType", + "type": "string" + }, + "NumReplicasPerShard": { + "markdownDescription": "The number of replicas to apply to each shard.\n\n*Default value* : `1`\n\n*Maximum value* : `5`", + "title": "NumReplicasPerShard", + "type": "number" + }, + "NumShards": { + "markdownDescription": "The number of shards in the cluster .", + "title": "NumShards", + "type": "number" + }, + "ParameterGroupName": { + "markdownDescription": "The name of the parameter group used by the cluster .", + "title": "ParameterGroupName", + "type": "string" + }, + "Port": { + "markdownDescription": "The port used by the cluster .", + "title": "Port", + "type": "number" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of security group names to associate with this cluster .", + "title": "SecurityGroupIds", + "type": "array" + }, + "SnapshotArns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of Amazon Resource Names (ARN) that uniquely identify the RDB snapshot files stored in Amazon S3. The snapshot files are used to populate the new cluster . The Amazon S3 object name in the ARN cannot contain any commas.", + "title": "SnapshotArns", + "type": "array" + }, + "SnapshotName": { + "markdownDescription": "The name of a snapshot from which to restore data into the new cluster . The snapshot status changes to restoring while the new cluster is being created.", + "title": "SnapshotName", + "type": "string" + }, + "SnapshotRetentionLimit": { + "markdownDescription": "The number of days for which MemoryDB retains automatic snapshots before deleting them. For example, if you set SnapshotRetentionLimit to 5, a snapshot that was taken today is retained for 5 days before being deleted.", + "title": "SnapshotRetentionLimit", + "type": "number" + }, + "SnapshotWindow": { + "markdownDescription": "The daily time range (in UTC) during which MemoryDB begins taking a daily snapshot of your shard. Example: 05:00-09:00 If you do not specify this parameter, MemoryDB automatically chooses an appropriate time range.", + "title": "SnapshotWindow", + "type": "string" + }, + "SnsTopicArn": { + "markdownDescription": "When you pass the logical ID of this resource to the intrinsic `Ref` function, Ref returns the ARN of the SNS topic, such as `arn:aws:memorydb:us-east-1:123456789012:mySNSTopic`", + "title": "SnsTopicArn", + "type": "string" + }, + "SnsTopicStatus": { + "markdownDescription": "The SNS topic must be in Active status to receive notifications.", + "title": "SnsTopicStatus", + "type": "string" + }, + "SubnetGroupName": { + "markdownDescription": "The name of the subnet group used by the cluster .", + "title": "SubnetGroupName", + "type": "string" + }, + "TLSEnabled": { + "markdownDescription": "A flag to indicate if In-transit encryption is enabled.", + "title": "TLSEnabled", + "type": "boolean" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "ACLName", + "ClusterName", + "NodeType" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MemoryDB::Cluster" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::MemoryDB::Cluster.Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "markdownDescription": "The DNS hostname of the node.", + "title": "Address", + "type": "string" + }, + "Port": { + "markdownDescription": "The port number that the engine is listening on.", + "title": "Port", + "type": "number" + } + }, + "type": "object" + }, + "AWS::MemoryDB::MultiRegionCluster": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the multi-Region cluster.", + "title": "Description", + "type": "string" + }, + "Engine": { + "markdownDescription": "The name of the engine used by the multi-Region cluster.", + "title": "Engine", + "type": "string" + }, + "EngineVersion": { + "markdownDescription": "The version of the engine used by the multi-Region cluster.", + "title": "EngineVersion", + "type": "string" + }, + "MultiRegionClusterNameSuffix": { + "markdownDescription": "A suffix to be added to the Multi-Region cluster name. Amazon MemoryDB automatically applies a prefix to the Multi-Region cluster Name when it is created. Each Amazon Region has its own prefix. For instance, a Multi-Region cluster Name created in the US-West-1 region will begin with \"virxk\", along with the suffix name you provide. The suffix guarantees uniqueness of the Multi-Region cluster name across multiple regions.", + "title": "MultiRegionClusterNameSuffix", + "type": "string" + }, + "MultiRegionParameterGroupName": { + "markdownDescription": "The name of the multi-Region parameter group associated with the cluster.", + "title": "MultiRegionParameterGroupName", + "type": "string" + }, + "NodeType": { + "markdownDescription": "The node type used by the multi-Region cluster.", + "title": "NodeType", + "type": "string" + }, + "NumShards": { + "markdownDescription": "The number of shards in the multi-Region cluster.", + "title": "NumShards", + "type": "number" + }, + "TLSEnabled": { + "markdownDescription": "Indiciates if the multi-Region cluster is TLS enabled.", + "title": "TLSEnabled", + "type": "boolean" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags to be applied to the multi-Region cluster.", + "title": "Tags", + "type": "array" + }, + "UpdateStrategy": { + "markdownDescription": "The strategy to use for the update operation. Supported values are \"coordinated\" or \"uncoordinated\".", + "title": "UpdateStrategy", + "type": "string" + } + }, + "required": [ + "NodeType" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MemoryDB::MultiRegionCluster" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::MemoryDB::ParameterGroup": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the parameter group.", + "title": "Description", + "type": "string" + }, + "Family": { + "markdownDescription": "The name of the parameter group family that this parameter group is compatible with.", + "title": "Family", + "type": "string" + }, + "ParameterGroupName": { + "markdownDescription": "The name of the parameter group.", + "title": "ParameterGroupName", + "type": "string" + }, + "Parameters": { + "markdownDescription": "Returns the detailed parameter list for the parameter group.", + "title": "Parameters", + "type": "object" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Family", + "ParameterGroupName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MemoryDB::ParameterGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::MemoryDB::SubnetGroup": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the subnet group.", + "title": "Description", + "type": "string" + }, + "SubnetGroupName": { + "markdownDescription": "The name of the subnet group to be used for the cluster .", + "title": "SubnetGroupName", + "type": "string" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of Amazon VPC subnet IDs for the subnet group.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "SubnetGroupName", + "SubnetIds" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MemoryDB::SubnetGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::MemoryDB::User": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AccessString": { + "markdownDescription": "Access permissions string used for this user.", + "title": "AccessString", + "type": "string" + }, + "AuthenticationMode": { + "$ref": "#/definitions/AWS::MemoryDB::User.AuthenticationMode", + "markdownDescription": "Denotes whether the user requires a password to authenticate.\n\n*Example:*\n\n`mynewdbuser: Type: AWS::MemoryDB::User Properties: AccessString: on ~* &* +@all AuthenticationMode: Passwords: '1234567890123456' Type: password UserName: mynewdbuser AuthenticationMode: { \"Passwords\": [\"1234567890123456\"], \"Type\": \"Password\" }`", + "title": "AuthenticationMode" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + }, + "UserName": { + "markdownDescription": "The name of the user.", + "title": "UserName", + "type": "string" + } + }, + "required": [ + "UserName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MemoryDB::User" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::MemoryDB::User.AuthenticationMode": { + "additionalProperties": false, + "properties": { + "Passwords": { + "items": { + "type": "string" + }, + "markdownDescription": "The password(s) used for authentication", + "title": "Passwords", + "type": "array" + }, + "Type": { + "markdownDescription": "Indicates whether the user requires a password to authenticate. All newly-created users require a password.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Neptune::DBCluster": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/AWS::Neptune::DBCluster.DBClusterRole" + }, + "markdownDescription": "Provides a list of the Amazon Identity and Access Management (IAM) roles that are associated with the DB cluster. IAM roles that are associated with a DB cluster grant permission for the DB cluster to access other Amazon services on your behalf.", + "title": "AssociatedRoles", + "type": "array" + }, + "AvailabilityZones": { + "items": { + "type": "string" + }, + "markdownDescription": "Provides the list of EC2 Availability Zones that instances in the DB cluster can be created in.", + "title": "AvailabilityZones", + "type": "array" + }, + "BackupRetentionPeriod": { + "markdownDescription": "Specifies the number of days for which automatic DB snapshots are retained.\n\nAn update may require some interruption. See [ModifyDBInstance](https://docs.aws.amazon.com/neptune/latest/userguide/api-instances.html#ModifyDBInstance) in the Amazon Neptune User Guide for more information.", + "title": "BackupRetentionPeriod", + "type": "number" + }, + "CopyTagsToSnapshot": { + "markdownDescription": "*If set to `true` , tags are copied to any snapshot of the DB cluster that is created.*", + "title": "CopyTagsToSnapshot", + "type": "boolean" + }, + "DBClusterIdentifier": { + "markdownDescription": "Contains a user-supplied DB cluster identifier. This identifier is the unique key that identifies a DB cluster.", + "title": "DBClusterIdentifier", + "type": "string" + }, + "DBClusterParameterGroupName": { + "markdownDescription": "Provides the name of the DB cluster parameter group.\n\nAn update may require some interruption. See [ModifyDBInstance](https://docs.aws.amazon.com/neptune/latest/userguide/api-instances.html#ModifyDBInstance) in the Amazon Neptune User Guide for more information.", + "title": "DBClusterParameterGroupName", + "type": "string" + }, + "DBInstanceParameterGroupName": { + "markdownDescription": "The name of the DB parameter group to apply to all instances of the DB cluster. Used only in case of a major engine version upgrade request\n\nNote that when you apply a parameter group using `DBInstanceParameterGroupName` , parameter changes are applied immediately, not during the next maintenance window.\n\n**Constraints** - The DB parameter group must be in the same DB parameter group family as the target DB cluster version.\n- The `DBInstanceParameterGroupName` parameter is only valid for major engine version upgrades.", + "title": "DBInstanceParameterGroupName", + "type": "string" + }, + "DBPort": { + "markdownDescription": "The port number on which the DB instances in the DB cluster accept connections.\n\nIf not specified, the default port used is `8182` .\n\n> The `Port` property will soon be deprecated. Please update existing templates to use the new `DBPort` property that has the same functionality.", + "title": "DBPort", + "type": "number" + }, + "DBSubnetGroupName": { + "markdownDescription": "Specifies information on the subnet group associated with the DB cluster, including the name, description, and subnets in the subnet group.", + "title": "DBSubnetGroupName", + "type": "string" + }, + "DeletionProtection": { + "markdownDescription": "Indicates whether or not the DB cluster has deletion protection enabled. The database can't be deleted when deletion protection is enabled.", + "title": "DeletionProtection", + "type": "boolean" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies a list of log types that are enabled for export to CloudWatch Logs.", + "title": "EnableCloudwatchLogsExports", + "type": "array" + }, + "EngineVersion": { + "markdownDescription": "Indicates the database engine version.", + "title": "EngineVersion", + "type": "string" + }, + "IamAuthEnabled": { + "markdownDescription": "True if mapping of Amazon Identity and Access Management (IAM) accounts to database accounts is enabled, and otherwise false.", + "title": "IamAuthEnabled", + "type": "boolean" + }, + "KmsKeyId": { + "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key that is used to encrypt the database instances in the DB cluster, such as `arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef` . If you enable the `StorageEncrypted` property but don't specify this property, the default KMS key is used. If you specify this property, you must set the `StorageEncrypted` property to `true` .", + "title": "KmsKeyId", + "type": "string" + }, + "PreferredBackupWindow": { + "markdownDescription": "Specifies the daily time range during which automated backups are created if automated backups are enabled, as determined by the `BackupRetentionPeriod` .\n\nAn update may require some interruption.", + "title": "PreferredBackupWindow", + "type": "string" + }, + "PreferredMaintenanceWindow": { + "markdownDescription": "Specifies the weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).", + "title": "PreferredMaintenanceWindow", + "type": "string" + }, + "RestoreToTime": { + "markdownDescription": "Creates a new DB cluster from a DB snapshot or DB cluster snapshot.\n\nIf a DB snapshot is specified, the target DB cluster is created from the source DB snapshot with a default configuration and default security group.\n\nIf a DB cluster snapshot is specified, the target DB cluster is created from the source DB cluster restore point with the same configuration as the original source DB cluster, except that the new DB cluster is created with the default security group.", + "title": "RestoreToTime", + "type": "string" + }, + "RestoreType": { + "markdownDescription": "Creates a new DB cluster from a DB snapshot or DB cluster snapshot.\n\nIf a DB snapshot is specified, the target DB cluster is created from the source DB snapshot with a default configuration and default security group.\n\nIf a DB cluster snapshot is specified, the target DB cluster is created from the source DB cluster restore point with the same configuration as the original source DB cluster, except that the new DB cluster is created with the default security group.", + "title": "RestoreType", + "type": "string" + }, + "ServerlessScalingConfiguration": { + "$ref": "#/definitions/AWS::Neptune::DBCluster.ServerlessScalingConfiguration", + "markdownDescription": "", + "title": "ServerlessScalingConfiguration" + }, + "SnapshotIdentifier": { + "markdownDescription": "Specifies the identifier for a DB cluster snapshot. Must match the identifier of an existing snapshot.\n\nAfter you restore a DB cluster using a `SnapshotIdentifier` , you must specify the same `SnapshotIdentifier` for any future updates to the DB cluster. When you specify this property for an update, the DB cluster is not restored from the snapshot again, and the data in the database is not changed.\n\nHowever, if you don't specify the `SnapshotIdentifier` , an empty DB cluster is created, and the original DB cluster is deleted. If you specify a property that is different from the previous snapshot restore property, the DB cluster is restored from the snapshot specified by the `SnapshotIdentifier` , and the original DB cluster is deleted.", + "title": "SnapshotIdentifier", + "type": "string" + }, + "SourceDBClusterIdentifier": { + "markdownDescription": "Creates a new DB cluster from a DB snapshot or DB cluster snapshot.\n\nIf a DB snapshot is specified, the target DB cluster is created from the source DB snapshot with a default configuration and default security group.\n\nIf a DB cluster snapshot is specified, the target DB cluster is created from the source DB cluster restore point with the same configuration as the original source DB cluster, except that the new DB cluster is created with the default security group.", + "title": "SourceDBClusterIdentifier", + "type": "string" + }, + "StorageEncrypted": { + "markdownDescription": "Indicates whether the DB cluster is encrypted.\n\nIf you specify the `KmsKeyId` property, then you must enable encryption and set this property to `true` .\n\nIf you enable the `StorageEncrypted` property but don't specify the `KmsKeyId` property, then the default KMS key is used. If you specify the `KmsKeyId` property, then that KMS key is used to encrypt the database instances in the DB cluster.\n\nIf you specify the `SourceDBClusterIdentifier` property, and don't specify this property or disable it, the value is inherited from the source DB cluster. If the source DB cluster is encrypted, the `KmsKeyId` property from the source cluster is used.\n\nIf you specify the `DBSnapshotIdentifier` and don't specify this property or disable it, the value is inherited from the snapshot and the specified `KmsKeyId` property from the snapshot is used.", + "title": "StorageEncrypted", + "type": "boolean" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags assigned to this cluster.", + "title": "Tags", + "type": "array" + }, + "UseLatestRestorableTime": { + "markdownDescription": "Creates a new DB cluster from a DB snapshot or DB cluster snapshot.\n\nIf a DB snapshot is specified, the target DB cluster is created from the source DB snapshot with a default configuration and default security group.\n\nIf a DB cluster snapshot is specified, the target DB cluster is created from the source DB cluster restore point with the same configuration as the original source DB cluster, except that the new DB cluster is created with the default security group.", + "title": "UseLatestRestorableTime", + "type": "boolean" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "Provides a list of VPC security groups that the DB cluster belongs to.", + "title": "VpcSecurityGroupIds", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Neptune::DBCluster" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Neptune::DBCluster.DBClusterRole": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "markdownDescription": "The name of the feature associated with the Amazon Identity and Access Management (IAM) role. For the list of supported feature names, see [DescribeDBEngineVersions](https://docs.aws.amazon.com/neptune/latest/userguide/api-other-apis.html#DescribeDBEngineVersions) .", + "title": "FeatureName", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that is associated with the DB cluster.", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "RoleArn" + ], + "type": "object" + }, + "AWS::Neptune::DBCluster.ServerlessScalingConfiguration": { + "additionalProperties": false, + "properties": { + "MaxCapacity": { + "markdownDescription": "The maximum number of Neptune capacity units (NCUs) for a DB instance in a Neptune Serverless cluster. You can specify NCU values in half-step increments, such as 40, 40.5, 41, and so on.", + "title": "MaxCapacity", + "type": "number" + }, + "MinCapacity": { + "markdownDescription": "The minimum number of Neptune capacity units (NCUs) for a DB instance in a Neptune Serverless cluster. You can specify NCU values in half-step increments, such as 8, 8.5, 9, and so on.", + "title": "MinCapacity", + "type": "number" + } + }, + "required": [ + "MaxCapacity", + "MinCapacity" + ], + "type": "object" + }, + "AWS::Neptune::DBClusterParameterGroup": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "Provides the customer-specified description for this DB cluster parameter group.", + "title": "Description", + "type": "string" + }, + "Family": { + "markdownDescription": "Must be `neptune1` for engine versions prior to [1.2.0.0](https://docs.aws.amazon.com/neptune/latest/userguide/engine-releases-1.2.0.0.html) , or `neptune1.2` for engine version `1.2.0.0` and higher.", + "title": "Family", + "type": "string" + }, + "Name": { + "markdownDescription": "Provides the name of the DB cluster parameter group.", + "title": "Name", + "type": "string" + }, + "Parameters": { + "markdownDescription": "The parameters to set for this DB cluster parameter group.\n\nThe parameters are expressed as a JSON object consisting of key-value pairs.\n\nIf you update the parameters, some interruption may occur depending on which parameters you update.", + "title": "Parameters", + "type": "object" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags that you want to attach to this parameter group.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Description", + "Family", + "Parameters" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Neptune::DBClusterParameterGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Neptune::DBInstance": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AllowMajorVersionUpgrade": { + "markdownDescription": "Indicates that major version upgrades are allowed. Changing this parameter doesn't result in an outage and the change is asynchronously applied as soon as possible. This parameter must be set to true when specifying a value for the EngineVersion parameter that is a different major version than the DB instance's current version.\n\nWhen you change this parameter for an existing DB cluster, CloudFormation will replace your existing DB cluster with a new, empty one that uses the engine version you specified.", + "title": "AllowMajorVersionUpgrade", + "type": "boolean" + }, + "AutoMinorVersionUpgrade": { + "markdownDescription": "Indicates that minor version patches are applied automatically.\n\nWhen updating this property, some interruptions may occur.", + "title": "AutoMinorVersionUpgrade", + "type": "boolean" + }, + "AvailabilityZone": { + "markdownDescription": "Specifies the name of the Availability Zone the DB instance is located in.", + "title": "AvailabilityZone", + "type": "string" + }, + "DBClusterIdentifier": { + "markdownDescription": "If the DB instance is a member of a DB cluster, contains the name of the DB cluster that the DB instance is a member of.", + "title": "DBClusterIdentifier", + "type": "string" + }, + "DBInstanceClass": { + "markdownDescription": "Contains the name of the compute and memory capacity class of the DB instance.\n\nIf you update this property, some interruptions may occur.", + "title": "DBInstanceClass", + "type": "string" + }, + "DBInstanceIdentifier": { + "markdownDescription": "Contains a user-supplied database identifier. This identifier is the unique key that identifies a DB instance.", + "title": "DBInstanceIdentifier", + "type": "string" + }, + "DBParameterGroupName": { + "markdownDescription": "The name of an existing DB parameter group or a reference to an AWS::Neptune::DBParameterGroup resource created in the template. If any of the data members of the referenced parameter group are changed during an update, the DB instance might need to be restarted, which causes some interruption. If the parameter group contains static parameters, whether they were changed or not, an update triggers a reboot.", + "title": "DBParameterGroupName", + "type": "string" + }, + "DBSubnetGroupName": { + "markdownDescription": "A DB subnet group to associate with the DB instance. If you update this value, the new subnet group must be a subnet group in a new virtual private cloud (VPC).", + "title": "DBSubnetGroupName", + "type": "string" + }, + "PreferredMaintenanceWindow": { + "markdownDescription": "Specifies the weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).", + "title": "PreferredMaintenanceWindow", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An arbitrary set of tags (key-value pairs) for this DB instance.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "DBInstanceClass" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Neptune::DBInstance" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Neptune::DBParameterGroup": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "Provides the customer-specified description for this DB parameter group.", + "title": "Description", + "type": "string" + }, + "Family": { + "markdownDescription": "Must be `neptune1` for engine versions prior to [1.2.0.0](https://docs.aws.amazon.com/neptune/latest/userguide/engine-releases-1.2.0.0.html) , or `neptune1.2` for engine version `1.2.0.0` and higher.", + "title": "Family", + "type": "string" + }, + "Name": { + "markdownDescription": "Provides the name of the DB parameter group.", + "title": "Name", + "type": "string" + }, + "Parameters": { + "markdownDescription": "The parameters to set for this DB parameter group.\n\nThe parameters are expressed as a JSON object consisting of key-value pairs.\n\nChanges to dynamic parameters are applied immediately. During an update, if you have static parameters (whether they were changed or not), it triggers AWS CloudFormation to reboot the associated DB instance without failover.", + "title": "Parameters", + "type": "object" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags that you want to attach to this parameter group.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Description", + "Family", + "Parameters" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Neptune::DBParameterGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Neptune::DBSubnetGroup": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DBSubnetGroupDescription": { + "markdownDescription": "Provides the description of the DB subnet group.", + "title": "DBSubnetGroupDescription", + "type": "string" + }, + "DBSubnetGroupName": { + "markdownDescription": "The name of the DB subnet group.", + "title": "DBSubnetGroupName", + "type": "string" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon EC2 subnet IDs for the DB subnet group.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags that you want to attach to the DB subnet group.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "DBSubnetGroupDescription", + "SubnetIds" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Neptune::DBSubnetGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Neptune::EventSubscription": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "A Boolean value indicating if the subscription is enabled. True indicates the subscription is enabled.", + "title": "Enabled", + "type": "boolean" + }, + "EventCategories": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "EventCategories", + "type": "array" + }, + "SnsTopicArn": { + "markdownDescription": "The topic ARN of the event notification subscription.", + "title": "SnsTopicArn", + "type": "string" + }, + "SourceIds": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "SourceIds", + "type": "array" + }, + "SourceType": { + "markdownDescription": "The source type for the event notification subscription.", + "title": "SourceType", + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Neptune::EventSubscription" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::NeptuneGraph::Graph": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DeletionProtection": { + "markdownDescription": "A value that indicates whether the graph has deletion protection enabled. The graph can't be deleted when deletion protection is enabled.", + "title": "DeletionProtection", + "type": "boolean" + }, + "GraphName": { + "markdownDescription": "The graph name. For example: `my-graph-1` .\n\nThe name must contain from 1 to 63 letters, numbers, or hyphens, and its first character must be a letter. It cannot end with a hyphen or contain two consecutive hyphens.\n\nIf you don't specify a graph name, a unique graph name is generated for you using the prefix `graph-for` , followed by a combination of `Stack Name` and a `UUID` .", + "title": "GraphName", + "type": "string" + }, + "ProvisionedMemory": { + "markdownDescription": "The provisioned memory-optimized Neptune Capacity Units (m-NCUs) to use for the graph.\n\nMin = 16", + "title": "ProvisionedMemory", + "type": "number" + }, + "PublicConnectivity": { + "markdownDescription": "Specifies whether or not the graph can be reachable over the internet. All access to graphs is IAM authenticated.\n\nWhen the graph is publicly available, its domain name system (DNS) endpoint resolves to the public IP address from the internet. When the graph isn't publicly available, you need to create a `PrivateGraphEndpoint` in a given VPC to ensure the DNS name resolves to a private IP address that is reachable from the VPC.\n\nDefault: If not specified, the default value is false.\n\n> If enabling public connectivity for the first time, there will be a delay while it is enabled.", + "title": "PublicConnectivity", + "type": "boolean" + }, + "ReplicaCount": { + "markdownDescription": "The number of replicas in other AZs.\n\nDefault: If not specified, the default value is 1.", + "title": "ReplicaCount", + "type": "number" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Adds metadata tags to the new graph. These tags can also be used with cost allocation reporting, or used in a Condition statement in an IAM policy.", + "title": "Tags", + "type": "array" + }, + "VectorSearchConfiguration": { + "$ref": "#/definitions/AWS::NeptuneGraph::Graph.VectorSearchConfiguration", + "markdownDescription": "Specifies the number of dimensions for vector embeddings that will be loaded into the graph. The value is specified as `dimension=` value. Max = 65,535", + "title": "VectorSearchConfiguration" + } + }, + "required": [ + "ProvisionedMemory" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NeptuneGraph::Graph" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::NeptuneGraph::Graph.VectorSearchConfiguration": { + "additionalProperties": false, + "properties": { + "VectorSearchDimension": { + "markdownDescription": "The number of dimensions.", + "title": "VectorSearchDimension", + "type": "number" + } + }, + "required": [ + "VectorSearchDimension" + ], + "type": "object" + }, + "AWS::NeptuneGraph::PrivateGraphEndpoint": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "GraphIdentifier": { + "markdownDescription": "The unique identifier of the Neptune Analytics graph.", + "title": "GraphIdentifier", + "type": "string" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "Security groups to be attached to the private graph endpoint..", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "Subnets in which private graph endpoint ENIs are created.", + "title": "SubnetIds", + "type": "array" + }, + "VpcId": { + "markdownDescription": "The VPC in which the private graph endpoint needs to be created.", + "title": "VpcId", + "type": "string" + } + }, + "required": [ + "GraphIdentifier", + "VpcId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NeptuneGraph::PrivateGraphEndpoint" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::NetworkFirewall::Firewall": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DeleteProtection": { + "markdownDescription": "A flag indicating whether it is possible to delete the firewall. A setting of `TRUE` indicates that the firewall is protected against deletion. Use this setting to protect against accidentally deleting a firewall that is in use. When you create a firewall, the operation initializes this flag to `TRUE` .", + "title": "DeleteProtection", + "type": "boolean" + }, + "Description": { + "markdownDescription": "A description of the firewall.", + "title": "Description", + "type": "string" + }, + "EnabledAnalysisTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "An optional setting indicating the specific traffic analysis types to enable on the firewall.", + "title": "EnabledAnalysisTypes", + "type": "array" + }, + "FirewallName": { + "markdownDescription": "The descriptive name of the firewall. You can't change the name of a firewall after you create it.", + "title": "FirewallName", + "type": "string" + }, + "FirewallPolicyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the firewall policy.\n\nThe relationship of firewall to firewall policy is many to one. Each firewall requires one firewall policy association, and you can use the same firewall policy for multiple firewalls.", + "title": "FirewallPolicyArn", + "type": "string" + }, + "FirewallPolicyChangeProtection": { + "markdownDescription": "A setting indicating whether the firewall is protected against a change to the firewall policy association. Use this setting to protect against accidentally modifying the firewall policy for a firewall that is in use. When you create a firewall, the operation initializes this setting to `TRUE` .", + "title": "FirewallPolicyChangeProtection", + "type": "boolean" + }, + "SubnetChangeProtection": { + "markdownDescription": "A setting indicating whether the firewall is protected against changes to the subnet associations. Use this setting to protect against accidentally modifying the subnet associations for a firewall that is in use. When you create a firewall, the operation initializes this setting to `TRUE` .", + "title": "SubnetChangeProtection", + "type": "boolean" + }, + "SubnetMappings": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::Firewall.SubnetMapping" + }, + "markdownDescription": "The primary public subnets that Network Firewall is using for the firewall. Network Firewall creates a firewall endpoint in each subnet. Create a subnet mapping for each Availability Zone where you want to use the firewall.\n\nThese subnets are all defined for a single, primary VPC, and each must belong to a different Availability Zone. Each of these subnets establishes the availability of the firewall in its Availability Zone.\n\nIn addition to these subnets, you can define other endpoints for the firewall in `VpcEndpointAssociation` resources. You can define these additional endpoints for any VPC, and for any of the Availability Zones where the firewall resource already has a subnet mapping. VPC endpoint associations give you the ability to protect multiple VPCs using a single firewall, and to define multiple firewall endpoints for a VPC in a single Availability Zone.", + "title": "SubnetMappings", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + }, + "VpcId": { + "markdownDescription": "The unique identifier of the VPC where the firewall is in use. You can't change the VPC of a firewall after you create the firewall.", + "title": "VpcId", + "type": "string" + } + }, + "required": [ + "FirewallName", + "FirewallPolicyArn", + "SubnetMappings", + "VpcId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NetworkFirewall::Firewall" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::NetworkFirewall::Firewall.SubnetMapping": { + "additionalProperties": false, + "properties": { + "IPAddressType": { + "markdownDescription": "The subnet's IP address type. You can't change the IP address type after you create the subnet.", + "title": "IPAddressType", + "type": "string" + }, + "SubnetId": { + "markdownDescription": "The unique identifier for the subnet.", + "title": "SubnetId", + "type": "string" + } + }, + "required": [ + "SubnetId" + ], + "type": "object" + }, + "AWS::NetworkFirewall::FirewallPolicy": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the firewall policy.", + "title": "Description", + "type": "string" + }, + "FirewallPolicy": { + "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.FirewallPolicy", + "markdownDescription": "The traffic filtering behavior of a firewall policy, defined in a collection of stateless and stateful rule groups and other settings.", + "title": "FirewallPolicy" + }, + "FirewallPolicyName": { + "markdownDescription": "The descriptive name of the firewall policy. You can't change the name of a firewall policy after you create it.", + "title": "FirewallPolicyName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "FirewallPolicy", + "FirewallPolicyName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NetworkFirewall::FirewallPolicy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::NetworkFirewall::FirewallPolicy.ActionDefinition": { + "additionalProperties": false, + "properties": { + "PublishMetricAction": { + "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.PublishMetricAction", + "markdownDescription": "Stateless inspection criteria that publishes the specified metrics to Amazon CloudWatch for the matching packet. This setting defines a CloudWatch dimension value to be published.\n\nYou can pair this custom action with any of the standard stateless rule actions. For example, you could pair this in a rule action with the standard action that forwards the packet for stateful inspection. Then, when a packet matches the rule, Network Firewall publishes metrics for the packet and forwards it.", + "title": "PublishMetricAction" + } + }, + "type": "object" + }, + "AWS::NetworkFirewall::FirewallPolicy.CustomAction": { + "additionalProperties": false, + "properties": { + "ActionDefinition": { + "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.ActionDefinition", + "markdownDescription": "The custom action associated with the action name.", + "title": "ActionDefinition" + }, + "ActionName": { + "markdownDescription": "The descriptive name of the custom action. You can't change the name of a custom action after you create it.", + "title": "ActionName", + "type": "string" + } + }, + "required": [ + "ActionDefinition", + "ActionName" + ], + "type": "object" + }, + "AWS::NetworkFirewall::FirewallPolicy.Dimension": { + "additionalProperties": false, + "properties": { + "Value": { + "markdownDescription": "The value to use in the custom metric dimension.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Value" + ], + "type": "object" + }, + "AWS::NetworkFirewall::FirewallPolicy.FirewallPolicy": { + "additionalProperties": false, + "properties": { + "PolicyVariables": { + "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.PolicyVariables", + "markdownDescription": "Contains variables that you can use to override default Suricata settings in your firewall policy.", + "title": "PolicyVariables" + }, + "StatefulDefaultActions": { + "items": { + "type": "string" + }, + "markdownDescription": "The default actions to take on a packet that doesn't match any stateful rules. The stateful default action is optional, and is only valid when using the strict rule order.\n\nValid values of the stateful default action:\n\n- aws:drop_strict\n- aws:drop_established\n- aws:alert_strict\n- aws:alert_established\n\nFor more information, see [Strict evaluation order](https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html#suricata-strict-rule-evaluation-order.html) in the *AWS Network Firewall Developer Guide* .", + "title": "StatefulDefaultActions", + "type": "array" + }, + "StatefulEngineOptions": { + "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.StatefulEngineOptions", + "markdownDescription": "Additional options governing how Network Firewall handles stateful rules. The stateful rule groups that you use in your policy must have stateful rule options settings that are compatible with these settings.", + "title": "StatefulEngineOptions" + }, + "StatefulRuleGroupReferences": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.StatefulRuleGroupReference" + }, + "markdownDescription": "References to the stateful rule groups that are used in the policy. These define the inspection criteria in stateful rules.", + "title": "StatefulRuleGroupReferences", + "type": "array" + }, + "StatelessCustomActions": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.CustomAction" + }, + "markdownDescription": "The custom action definitions that are available for use in the firewall policy's `StatelessDefaultActions` setting. You name each custom action that you define, and then you can use it by name in your default actions specifications.", + "title": "StatelessCustomActions", + "type": "array" + }, + "StatelessDefaultActions": { + "items": { + "type": "string" + }, + "markdownDescription": "The actions to take on a packet if it doesn't match any of the stateless rules in the policy. If you want non-matching packets to be forwarded for stateful inspection, specify `aws:forward_to_sfe` .\n\nYou must specify one of the standard actions: `aws:pass` , `aws:drop` , or `aws:forward_to_sfe` . In addition, you can specify custom actions that are compatible with your standard section choice.\n\nFor example, you could specify `[\"aws:pass\"]` or you could specify `[\"aws:pass\", \u201ccustomActionName\u201d]` . For information about compatibility, see the custom action descriptions.", + "title": "StatelessDefaultActions", + "type": "array" + }, + "StatelessFragmentDefaultActions": { + "items": { + "type": "string" + }, + "markdownDescription": "The actions to take on a fragmented packet if it doesn't match any of the stateless rules in the policy. If you want non-matching fragmented packets to be forwarded for stateful inspection, specify `aws:forward_to_sfe` .\n\nYou must specify one of the standard actions: `aws:pass` , `aws:drop` , or `aws:forward_to_sfe` . In addition, you can specify custom actions that are compatible with your standard section choice.\n\nFor example, you could specify `[\"aws:pass\"]` or you could specify `[\"aws:pass\", \u201ccustomActionName\u201d]` . For information about compatibility, see the custom action descriptions.", + "title": "StatelessFragmentDefaultActions", + "type": "array" + }, + "StatelessRuleGroupReferences": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.StatelessRuleGroupReference" + }, + "markdownDescription": "References to the stateless rule groups that are used in the policy. These define the matching criteria in stateless rules.", + "title": "StatelessRuleGroupReferences", + "type": "array" + }, + "TLSInspectionConfigurationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the TLS inspection configuration.", + "title": "TLSInspectionConfigurationArn", + "type": "string" + } + }, + "required": [ + "StatelessDefaultActions", + "StatelessFragmentDefaultActions" + ], + "type": "object" + }, + "AWS::NetworkFirewall::FirewallPolicy.FlowTimeouts": { + "additionalProperties": false, + "properties": { + "TcpIdleTimeoutSeconds": { + "markdownDescription": "The number of seconds that can pass without any TCP traffic sent through the firewall before the firewall determines that the connection is idle. After the idle timeout passes, data packets are dropped, however, the next TCP SYN packet is considered a new flow and is processed by the firewall. Clients or targets can use TCP keepalive packets to reset the idle timeout.\n\nYou can define the `TcpIdleTimeoutSeconds` value to be between 60 and 6000 seconds. If no value is provided, it defaults to 350 seconds.", + "title": "TcpIdleTimeoutSeconds", + "type": "number" + } + }, + "type": "object" + }, + "AWS::NetworkFirewall::FirewallPolicy.IPSet": { + "additionalProperties": false, + "properties": { + "Definition": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of IP addresses and address ranges, in CIDR notation.", + "title": "Definition", + "type": "array" + } + }, + "type": "object" + }, + "AWS::NetworkFirewall::FirewallPolicy.PolicyVariables": { + "additionalProperties": false, + "properties": { + "RuleVariables": { + "additionalProperties": false, + "markdownDescription": "The IPv4 or IPv6 addresses in CIDR notation to use for the Suricata `HOME_NET` variable. If your firewall uses an inspection VPC, you might want to override the `HOME_NET` variable with the CIDRs of your home networks. If you don't override `HOME_NET` with your own CIDRs, Network Firewall by default uses the CIDR of your inspection VPC.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.IPSet" + } + }, + "title": "RuleVariables", + "type": "object" + } + }, + "type": "object" + }, + "AWS::NetworkFirewall::FirewallPolicy.PublishMetricAction": { + "additionalProperties": false, + "properties": { + "Dimensions": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.Dimension" + }, + "markdownDescription": "", + "title": "Dimensions", + "type": "array" + } + }, + "required": [ + "Dimensions" + ], + "type": "object" + }, + "AWS::NetworkFirewall::FirewallPolicy.StatefulEngineOptions": { + "additionalProperties": false, + "properties": { + "FlowTimeouts": { + "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.FlowTimeouts", + "markdownDescription": "Configures the amount of time that can pass without any traffic sent through the firewall before the firewall determines that the connection is idle.", + "title": "FlowTimeouts" + }, + "RuleOrder": { + "markdownDescription": "Indicates how to manage the order of stateful rule evaluation for the policy. `DEFAULT_ACTION_ORDER` is the default behavior. Stateful rules are provided to the rule engine as Suricata compatible strings, and Suricata evaluates them based on certain settings. For more information, see [Evaluation order for stateful rules](https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html) in the *AWS Network Firewall Developer Guide* .", + "title": "RuleOrder", + "type": "string" + }, + "StreamExceptionPolicy": { + "markdownDescription": "Configures how Network Firewall processes traffic when a network connection breaks midstream. Network connections can break due to disruptions in external networks or within the firewall itself.\n\n- `DROP` - Network Firewall fails closed and drops all subsequent traffic going to the firewall. This is the default behavior.\n- `CONTINUE` - Network Firewall continues to apply rules to the subsequent traffic without context from traffic before the break. This impacts the behavior of rules that depend on this context. For example, if you have a stateful rule to `drop http` traffic, Network Firewall won't match the traffic for this rule because the service won't have the context from session initialization defining the application layer protocol as HTTP. However, this behavior is rule dependent\u2014a TCP-layer rule using a `flow:stateless` rule would still match, as would the `aws:drop_strict` default action.\n- `REJECT` - Network Firewall fails closed and drops all subsequent traffic going to the firewall. Network Firewall also sends a TCP reject packet back to your client so that the client can immediately establish a new session. Network Firewall will have context about the new session and will apply rules to the subsequent traffic.", + "title": "StreamExceptionPolicy", + "type": "string" + } + }, + "type": "object" + }, + "AWS::NetworkFirewall::FirewallPolicy.StatefulRuleGroupOverride": { + "additionalProperties": false, + "properties": { + "Action": { + "markdownDescription": "The action that changes the rule group from `DROP` to `ALERT` . This only applies to managed rule groups.", + "title": "Action", + "type": "string" + } + }, + "type": "object" + }, + "AWS::NetworkFirewall::FirewallPolicy.StatefulRuleGroupReference": { + "additionalProperties": false, + "properties": { + "Override": { + "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.StatefulRuleGroupOverride", + "markdownDescription": "The action that allows the policy owner to override the behavior of the rule group within a policy.", + "title": "Override" + }, + "Priority": { + "markdownDescription": "An integer setting that indicates the order in which to run the stateful rule groups in a single `FirewallPolicy` . This setting only applies to firewall policies that specify the `STRICT_ORDER` rule order in the stateful engine options settings.\n\nNetwork Firewall evalutes each stateful rule group against a packet starting with the group that has the lowest priority setting. You must ensure that the priority settings are unique within each policy.\n\nYou can change the priority settings of your rule groups at any time. To make it easier to insert rule groups later, number them so there's a wide range in between, for example use 100, 200, and so on.", + "title": "Priority", + "type": "number" + }, + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the stateful rule group.", + "title": "ResourceArn", + "type": "string" + } + }, + "required": [ + "ResourceArn" + ], + "type": "object" + }, + "AWS::NetworkFirewall::FirewallPolicy.StatelessRuleGroupReference": { + "additionalProperties": false, + "properties": { + "Priority": { + "markdownDescription": "An integer setting that indicates the order in which to run the stateless rule groups in a single `FirewallPolicy` . Network Firewall applies each stateless rule group to a packet starting with the group that has the lowest priority setting. You must ensure that the priority settings are unique within each policy.", + "title": "Priority", + "type": "number" + }, + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the stateless rule group.", + "title": "ResourceArn", + "type": "string" + } + }, + "required": [ + "Priority", + "ResourceArn" + ], + "type": "object" + }, + "AWS::NetworkFirewall::LoggingConfiguration": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "EnableMonitoringDashboard": { + "markdownDescription": "", + "title": "EnableMonitoringDashboard", + "type": "boolean" + }, + "FirewallArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the `Firewall` that the logging configuration is associated with. You can't change the firewall specification after you create the logging configuration.", + "title": "FirewallArn", + "type": "string" + }, + "FirewallName": { + "markdownDescription": "The name of the firewall that the logging configuration is associated with. You can't change the firewall specification after you create the logging configuration.", + "title": "FirewallName", + "type": "string" + }, + "LoggingConfiguration": { + "$ref": "#/definitions/AWS::NetworkFirewall::LoggingConfiguration.LoggingConfiguration", + "markdownDescription": "Defines how AWS Network Firewall performs logging for a `Firewall` .", + "title": "LoggingConfiguration" + } + }, + "required": [ + "FirewallArn", + "LoggingConfiguration" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NetworkFirewall::LoggingConfiguration" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::NetworkFirewall::LoggingConfiguration.LogDestinationConfig": { + "additionalProperties": false, + "properties": { + "LogDestination": { + "additionalProperties": true, + "markdownDescription": "The named location for the logs, provided in a key:value mapping that is specific to the chosen destination type.\n\n- For an Amazon S3 bucket, provide the name of the bucket, with key `bucketName` , and optionally provide a prefix, with key `prefix` .\n\nThe following example specifies an Amazon S3 bucket named `DOC-EXAMPLE-BUCKET` and the prefix `alerts` :\n\n`\"LogDestination\": { \"bucketName\": \"DOC-EXAMPLE-BUCKET\", \"prefix\": \"alerts\" }`\n- For a CloudWatch log group, provide the name of the CloudWatch log group, with key `logGroup` . The following example specifies a log group named `alert-log-group` :\n\n`\"LogDestination\": { \"logGroup\": \"alert-log-group\" }`\n- For a Firehose delivery stream, provide the name of the delivery stream, with key `deliveryStream` . The following example specifies a delivery stream named `alert-delivery-stream` :\n\n`\"LogDestination\": { \"deliveryStream\": \"alert-delivery-stream\" }`", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "LogDestination", + "type": "object" + }, + "LogDestinationType": { + "markdownDescription": "The type of storage destination to send these logs to. You can send logs to an Amazon S3 bucket, a CloudWatch log group, or a Firehose delivery stream.", + "title": "LogDestinationType", + "type": "string" + }, + "LogType": { + "markdownDescription": "The type of log to record. You can record the following types of logs from your Network Firewall stateful engine.\n\n- `ALERT` - Logs for traffic that matches your stateful rules and that have an action that sends an alert. A stateful rule sends alerts for the rule actions DROP, ALERT, and REJECT. For more information, see the `StatefulRule` property.\n- `FLOW` - Standard network traffic flow logs. The stateful rules engine records flow logs for all network traffic that it receives. Each flow log record captures the network flow for a specific standard stateless rule group.\n- `TLS` - Logs for events that are related to TLS inspection. For more information, see [Inspecting SSL/TLS traffic with TLS inspection configurations](https://docs.aws.amazon.com/network-firewall/latest/developerguide/tls-inspection-configurations.html) in the *Network Firewall Developer Guide* .", + "title": "LogType", + "type": "string" + } + }, + "required": [ + "LogDestination", + "LogDestinationType", + "LogType" + ], + "type": "object" + }, + "AWS::NetworkFirewall::LoggingConfiguration.LoggingConfiguration": { + "additionalProperties": false, + "properties": { + "LogDestinationConfigs": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::LoggingConfiguration.LogDestinationConfig" + }, + "markdownDescription": "Defines the logging destinations for the logs for a firewall. Network Firewall generates logs for stateful rule groups.", + "title": "LogDestinationConfigs", + "type": "array" + } + }, + "required": [ + "LogDestinationConfigs" + ], + "type": "object" + }, + "AWS::NetworkFirewall::RuleGroup": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Capacity": { + "markdownDescription": "The maximum operating resources that this rule group can use. You can't change a rule group's capacity setting after you create the rule group. When you update a rule group, you are limited to this capacity. When you reference a rule group from a firewall policy, Network Firewall reserves this capacity for the rule group.", + "title": "Capacity", + "type": "number" + }, + "Description": { + "markdownDescription": "A description of the rule group.", + "title": "Description", + "type": "string" + }, + "RuleGroup": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.RuleGroup", + "markdownDescription": "An object that defines the rule group rules.", + "title": "RuleGroup" + }, + "RuleGroupName": { + "markdownDescription": "The descriptive name of the rule group. You can't change the name of a rule group after you create it.", + "title": "RuleGroupName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "Indicates whether the rule group is stateless or stateful. If the rule group is stateless, it contains\nstateless rules. If it is stateful, it contains stateful rules.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Capacity", + "RuleGroupName", + "Type" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NetworkFirewall::RuleGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::NetworkFirewall::RuleGroup.ActionDefinition": { + "additionalProperties": false, + "properties": { + "PublishMetricAction": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.PublishMetricAction", + "markdownDescription": "Stateless inspection criteria that publishes the specified metrics to Amazon CloudWatch for the matching packet. This setting defines a CloudWatch dimension value to be published.\n\nYou can pair this custom action with any of the standard stateless rule actions. For example, you could pair this in a rule action with the standard action that forwards the packet for stateful inspection. Then, when a packet matches the rule, Network Firewall publishes metrics for the packet and forwards it.", + "title": "PublishMetricAction" + } + }, + "type": "object" + }, + "AWS::NetworkFirewall::RuleGroup.Address": { + "additionalProperties": false, + "properties": { + "AddressDefinition": { + "markdownDescription": "Specify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4 and IPv6.\n\nExamples:\n\n- To configure Network Firewall to inspect for the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n- To configure Network Firewall to inspect for the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure Network Firewall to inspect for IP addresses from 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .", + "title": "AddressDefinition", + "type": "string" + } + }, + "required": [ + "AddressDefinition" + ], + "type": "object" + }, + "AWS::NetworkFirewall::RuleGroup.CustomAction": { + "additionalProperties": false, + "properties": { + "ActionDefinition": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.ActionDefinition", + "markdownDescription": "The custom action associated with the action name.", + "title": "ActionDefinition" + }, + "ActionName": { + "markdownDescription": "The descriptive name of the custom action. You can't change the name of a custom action after you create it.", + "title": "ActionName", + "type": "string" + } + }, + "required": [ + "ActionDefinition", + "ActionName" + ], + "type": "object" + }, + "AWS::NetworkFirewall::RuleGroup.Dimension": { + "additionalProperties": false, + "properties": { + "Value": { + "markdownDescription": "The value to use in the custom metric dimension.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Value" + ], + "type": "object" + }, + "AWS::NetworkFirewall::RuleGroup.Header": { + "additionalProperties": false, + "properties": { + "Destination": { + "markdownDescription": "The destination IP address or address range to inspect for, in CIDR notation. To match with any address, specify `ANY` .\n\nSpecify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4 and IPv6.\n\nExamples:\n\n- To configure Network Firewall to inspect for the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n- To configure Network Firewall to inspect for the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure Network Firewall to inspect for IP addresses from 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .", + "title": "Destination", + "type": "string" + }, + "DestinationPort": { + "markdownDescription": "The destination port to inspect for. You can specify an individual port, for example `1994` and you can specify a port range, for example `1990:1994` . To match with any port, specify `ANY` .", + "title": "DestinationPort", + "type": "string" + }, + "Direction": { + "markdownDescription": "The direction of traffic flow to inspect. If set to `ANY` , the inspection matches bidirectional traffic, both from the source to the destination and from the destination to the source. If set to `FORWARD` , the inspection only matches traffic going from the source to the destination.", + "title": "Direction", + "type": "string" + }, + "Protocol": { + "markdownDescription": "The protocol to inspect for. To specify all, you can use `IP` , because all traffic on AWS and on the internet is IP.", + "title": "Protocol", + "type": "string" + }, + "Source": { + "markdownDescription": "The source IP address or address range to inspect for, in CIDR notation. To match with any address, specify `ANY` .\n\nSpecify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4 and IPv6.\n\nExamples:\n\n- To configure Network Firewall to inspect for the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n- To configure Network Firewall to inspect for the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure Network Firewall to inspect for IP addresses from 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .", + "title": "Source", + "type": "string" + }, + "SourcePort": { + "markdownDescription": "The source port to inspect for. You can specify an individual port, for example `1994` and you can specify a port range, for example `1990:1994` . To match with any port, specify `ANY` .", + "title": "SourcePort", + "type": "string" + } + }, + "required": [ + "Destination", + "DestinationPort", + "Direction", + "Protocol", + "Source", + "SourcePort" + ], + "type": "object" + }, + "AWS::NetworkFirewall::RuleGroup.IPSet": { + "additionalProperties": false, + "properties": { + "Definition": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of IP addresses and address ranges, in CIDR notation.", + "title": "Definition", + "type": "array" + } + }, + "type": "object" + }, + "AWS::NetworkFirewall::RuleGroup.IPSetReference": { + "additionalProperties": false, + "properties": { + "ReferenceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource to include in the `RuleGroup.IPSetReference` .", + "title": "ReferenceArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::NetworkFirewall::RuleGroup.MatchAttributes": { + "additionalProperties": false, + "properties": { + "DestinationPorts": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.PortRange" + }, + "markdownDescription": "The destination port to inspect for. You can specify an individual port, for example `1994` and you can specify a port range, for example `1990:1994` . To match with any port, specify `ANY` .\n\nThis setting is only used for protocols 6 (TCP) and 17 (UDP).", + "title": "DestinationPorts", + "type": "array" + }, + "Destinations": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.Address" + }, + "markdownDescription": "The destination IP addresses and address ranges to inspect for, in CIDR notation. If not specified, this matches with any destination address.", + "title": "Destinations", + "type": "array" + }, + "Protocols": { + "items": { + "type": "number" + }, + "markdownDescription": "The protocols to inspect for, specified using the assigned internet protocol number (IANA) for each protocol. If not specified, this matches with any protocol.", + "title": "Protocols", + "type": "array" + }, + "SourcePorts": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.PortRange" + }, + "markdownDescription": "The source port to inspect for. You can specify an individual port, for example `1994` and you can specify a port range, for example `1990:1994` . To match with any port, specify `ANY` .\n\nIf not specified, this matches with any source port.\n\nThis setting is only used for protocols 6 (TCP) and 17 (UDP).", + "title": "SourcePorts", + "type": "array" + }, + "Sources": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.Address" + }, + "markdownDescription": "The source IP addresses and address ranges to inspect for, in CIDR notation. If not specified, this matches with any source address.", + "title": "Sources", + "type": "array" + }, + "TCPFlags": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.TCPFlagField" + }, + "markdownDescription": "The TCP flags and masks to inspect for. If not specified, this matches with any settings. This setting is only used for protocol 6 (TCP).", + "title": "TCPFlags", + "type": "array" + } + }, + "type": "object" + }, + "AWS::NetworkFirewall::RuleGroup.PortRange": { + "additionalProperties": false, + "properties": { + "FromPort": { + "markdownDescription": "The lower limit of the port range. This must be less than or equal to the `ToPort` specification.", + "title": "FromPort", + "type": "number" + }, + "ToPort": { + "markdownDescription": "The upper limit of the port range. This must be greater than or equal to the `FromPort` specification.", + "title": "ToPort", + "type": "number" + } + }, + "required": [ + "FromPort", + "ToPort" + ], + "type": "object" + }, + "AWS::NetworkFirewall::RuleGroup.PortSet": { + "additionalProperties": false, + "properties": { + "Definition": { + "items": { + "type": "string" + }, + "markdownDescription": "The set of port ranges.", + "title": "Definition", + "type": "array" + } + }, + "type": "object" + }, + "AWS::NetworkFirewall::RuleGroup.PublishMetricAction": { + "additionalProperties": false, + "properties": { + "Dimensions": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.Dimension" + }, + "markdownDescription": "", + "title": "Dimensions", + "type": "array" + } + }, + "required": [ + "Dimensions" + ], + "type": "object" + }, + "AWS::NetworkFirewall::RuleGroup.ReferenceSets": { + "additionalProperties": false, + "properties": { + "IPSetReferences": { + "additionalProperties": false, + "markdownDescription": "The IP set references to use in the stateful rule group.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.IPSetReference" + } + }, + "title": "IPSetReferences", + "type": "object" + } + }, + "type": "object" + }, + "AWS::NetworkFirewall::RuleGroup.RuleDefinition": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "type": "string" + }, + "markdownDescription": "The actions to take on a packet that matches one of the stateless rule definition's match attributes. You must specify a standard action and you can add custom actions.\n\n> Network Firewall only forwards a packet for stateful rule inspection if you specify `aws:forward_to_sfe` for a rule that the packet matches, or if the packet doesn't match any stateless rule and you specify `aws:forward_to_sfe` for the `StatelessDefaultActions` setting for the `FirewallPolicy` . \n\nFor every rule, you must specify exactly one of the following standard actions.\n\n- *aws:pass* - Discontinues all inspection of the packet and permits it to go to its intended destination.\n- *aws:drop* - Discontinues all inspection of the packet and blocks it from going to its intended destination.\n- *aws:forward_to_sfe* - Discontinues stateless inspection of the packet and forwards it to the stateful rule engine for inspection.\n\nAdditionally, you can specify a custom action. To do this, you define a custom action by name and type, then provide the name you've assigned to the action in this `Actions` setting.\n\nTo provide more than one action in this setting, separate the settings with a comma. For example, if you have a publish metrics custom action that you've named `MyMetricsAction` , then you could specify the standard action `aws:pass` combined with the custom action using `[\u201caws:pass\u201d, \u201cMyMetricsAction\u201d]` .", + "title": "Actions", + "type": "array" + }, + "MatchAttributes": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.MatchAttributes", + "markdownDescription": "Criteria for Network Firewall to use to inspect an individual packet in stateless rule inspection. Each match attributes set can include one or more items such as IP address, CIDR range, port number, protocol, and TCP flags.", + "title": "MatchAttributes" + } + }, + "required": [ + "Actions", + "MatchAttributes" + ], + "type": "object" + }, + "AWS::NetworkFirewall::RuleGroup.RuleGroup": { + "additionalProperties": false, + "properties": { + "ReferenceSets": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.ReferenceSets", + "markdownDescription": "The reference sets for the stateful rule group.", + "title": "ReferenceSets" + }, + "RuleVariables": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.RuleVariables", + "markdownDescription": "Settings that are available for use in the rules in the rule group. You can only use these for stateful rule groups.", + "title": "RuleVariables" + }, + "RulesSource": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.RulesSource", + "markdownDescription": "The stateful rules or stateless rules for the rule group.", + "title": "RulesSource" + }, + "StatefulRuleOptions": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.StatefulRuleOptions", + "markdownDescription": "Additional options governing how Network Firewall handles stateful rules. The policies where you use your stateful rule group must have stateful rule options settings that are compatible with these settings. Some limitations apply; for more information, see [Strict evaluation order](https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-limitations-caveats.html) in the *AWS Network Firewall Developer Guide* .", + "title": "StatefulRuleOptions" + } + }, + "required": [ + "RulesSource" + ], + "type": "object" + }, + "AWS::NetworkFirewall::RuleGroup.RuleOption": { + "additionalProperties": false, + "properties": { + "Keyword": { + "markdownDescription": "The Suricata rule option keywords. For Network Firewall , the keyword signature ID (sid) is required in the format `sid:112233` . The sid must be unique within the rule group. For information about Suricata rule option keywords, see [Rule options](https://docs.aws.amazon.com/https://suricata.readthedocs.io/en/suricata-6.0.9/rules/intro.html#rule-options) .", + "title": "Keyword", + "type": "string" + }, + "Settings": { + "items": { + "type": "string" + }, + "markdownDescription": "The Suricata rule option settings. Settings have zero or more values, and the number of possible settings and required settings depends on the keyword. The format for Settings is `number` . For information about Suricata rule option settings, see [Rule options](https://docs.aws.amazon.com/https://suricata.readthedocs.io/en/suricata-6.0.9/rules/intro.html#rule-options) .", + "title": "Settings", + "type": "array" + } + }, + "required": [ + "Keyword" + ], + "type": "object" + }, + "AWS::NetworkFirewall::RuleGroup.RuleVariables": { + "additionalProperties": false, + "properties": { + "IPSets": { + "additionalProperties": false, + "markdownDescription": "A list of IP addresses and address ranges, in CIDR notation.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.IPSet" + } + }, + "title": "IPSets", + "type": "object" + }, + "PortSets": { + "additionalProperties": false, + "markdownDescription": "A list of port ranges.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.PortSet" + } + }, + "title": "PortSets", + "type": "object" + } + }, + "type": "object" + }, + "AWS::NetworkFirewall::RuleGroup.RulesSource": { + "additionalProperties": false, + "properties": { + "RulesSourceList": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.RulesSourceList", + "markdownDescription": "Stateful inspection criteria for a domain list rule group.", + "title": "RulesSourceList" + }, + "RulesString": { + "markdownDescription": "Stateful inspection criteria, provided in Suricata compatible rules. Suricata is an open-source threat detection framework that includes a standard rule-based language for network traffic inspection.\n\nThese rules contain the inspection criteria and the action to take for traffic that matches the criteria, so this type of rule group doesn't have a separate action setting.\n\n> You can't use the `priority` keyword if the `RuleOrder` option in `StatefulRuleOptions` is set to `STRICT_ORDER` .", + "title": "RulesString", + "type": "string" + }, + "StatefulRules": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.StatefulRule" + }, + "markdownDescription": "An array of individual stateful rules inspection criteria to be used together in a stateful rule group. Use this option to specify simple Suricata rules with protocol, source and destination, ports, direction, and rule options. For information about the Suricata `Rules` format, see [Rules Format](https://docs.aws.amazon.com/https://suricata.readthedocs.io/en/suricata-7.0.3/rules/intro.html) .", + "title": "StatefulRules", + "type": "array" + }, + "StatelessRulesAndCustomActions": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.StatelessRulesAndCustomActions", + "markdownDescription": "Stateless inspection criteria to be used in a stateless rule group.", + "title": "StatelessRulesAndCustomActions" + } + }, + "type": "object" + }, + "AWS::NetworkFirewall::RuleGroup.RulesSourceList": { + "additionalProperties": false, + "properties": { + "GeneratedRulesType": { + "markdownDescription": "Whether you want to allow or deny access to the domains in your target list.", + "title": "GeneratedRulesType", + "type": "string" + }, + "TargetTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The types of targets to inspect for. Valid values are `TLS_SNI` and `HTTP_HOST` .", + "title": "TargetTypes", + "type": "array" + }, + "Targets": { + "items": { + "type": "string" + }, + "markdownDescription": "The domains that you want to inspect for in your traffic flows. Valid domain specifications are the following:\n\n- Explicit names. For example, `abc.example.com` matches only the domain `abc.example.com` .\n- Names that use a domain wildcard, which you indicate with an initial ' `.` '. For example, `.example.com` matches `example.com` and matches all subdomains of `example.com` , such as `abc.example.com` and `www.example.com` .", + "title": "Targets", + "type": "array" + } + }, + "required": [ + "GeneratedRulesType", + "TargetTypes", + "Targets" + ], + "type": "object" + }, + "AWS::NetworkFirewall::RuleGroup.StatefulRule": { + "additionalProperties": false, + "properties": { + "Action": { + "markdownDescription": "Defines what Network Firewall should do with the packets in a traffic flow when the flow matches the stateful rule criteria. For all actions, Network Firewall performs the specified action and discontinues stateful inspection of the traffic flow.\n\nThe actions for a stateful rule are defined as follows:\n\n- *PASS* - Permits the packets to go to the intended destination.\n- *DROP* - Blocks the packets from going to the intended destination and sends an alert log message, if alert logging is configured in the `Firewall` `LoggingConfiguration` .\n- *REJECT* - Drops traffic that matches the conditions of the stateful rule and sends a TCP reset packet back to sender of the packet. A TCP reset packet is a packet with no payload and a `RST` bit contained in the TCP header flags. `REJECT` is available only for TCP traffic.\n- *ALERT* - Permits the packets to go to the intended destination and sends an alert log message, if alert logging is configured in the `Firewall` `LoggingConfiguration` .\n\nYou can use this action to test a rule that you intend to use to drop traffic. You can enable the rule with `ALERT` action, verify in the logs that the rule is filtering as you want, then change the action to `DROP` .\n- *REJECT* - Drops TCP traffic that matches the conditions of the stateful rule, and sends a TCP reset packet back to sender of the packet. A TCP reset packet is a packet with no payload and a `RST` bit contained in the TCP header flags. Also sends an alert log mesage if alert logging is configured in the `Firewall` `LoggingConfiguration` .\n\n`REJECT` isn't currently available for use with IMAP and FTP protocols.", + "title": "Action", + "type": "string" + }, + "Header": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.Header", + "markdownDescription": "The stateful inspection criteria for this rule, used to inspect traffic flows.", + "title": "Header" + }, + "RuleOptions": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.RuleOption" + }, + "markdownDescription": "Additional settings for a stateful rule, provided as keywords and settings.", + "title": "RuleOptions", + "type": "array" + } + }, + "required": [ + "Action", + "Header", + "RuleOptions" + ], + "type": "object" + }, + "AWS::NetworkFirewall::RuleGroup.StatefulRuleOptions": { + "additionalProperties": false, + "properties": { + "RuleOrder": { + "markdownDescription": "Indicates how to manage the order of the rule evaluation for the rule group. `DEFAULT_ACTION_ORDER` is the default behavior. Stateful rules are provided to the rule engine as Suricata compatible strings, and Suricata evaluates them based on certain settings. For more information, see [Evaluation order for stateful rules](https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html) in the *AWS Network Firewall Developer Guide* .", + "title": "RuleOrder", + "type": "string" + } + }, + "type": "object" + }, + "AWS::NetworkFirewall::RuleGroup.StatelessRule": { + "additionalProperties": false, + "properties": { + "Priority": { + "markdownDescription": "Indicates the order in which to run this rule relative to all of the rules that are defined for a stateless rule group. Network Firewall evaluates the rules in a rule group starting with the lowest priority setting. You must ensure that the priority settings are unique for the rule group.\n\nEach stateless rule group uses exactly one `StatelessRulesAndCustomActions` object, and each `StatelessRulesAndCustomActions` contains exactly one `StatelessRules` object. To ensure unique priority settings for your rule groups, set unique priorities for the stateless rules that you define inside any single `StatelessRules` object.\n\nYou can change the priority settings of your rules at any time. To make it easier to insert rules later, number them so there's a wide range in between, for example use 100, 200, and so on.", + "title": "Priority", + "type": "number" + }, + "RuleDefinition": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.RuleDefinition", + "markdownDescription": "Defines the stateless 5-tuple packet inspection criteria and the action to take on a packet that matches the criteria.", + "title": "RuleDefinition" + } + }, + "required": [ + "Priority", + "RuleDefinition" + ], + "type": "object" + }, + "AWS::NetworkFirewall::RuleGroup.StatelessRulesAndCustomActions": { + "additionalProperties": false, + "properties": { + "CustomActions": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.CustomAction" + }, + "markdownDescription": "Defines an array of individual custom action definitions that are available for use by the stateless rules in this `StatelessRulesAndCustomActions` specification. You name each custom action that you define, and then you can use it by name in your stateless rule `RuleGroup.RuleDefinition` `Actions` specification.", + "title": "CustomActions", + "type": "array" + }, + "StatelessRules": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.StatelessRule" + }, + "markdownDescription": "Defines the set of stateless rules for use in a stateless rule group.", + "title": "StatelessRules", + "type": "array" + } + }, + "required": [ + "StatelessRules" + ], + "type": "object" + }, + "AWS::NetworkFirewall::RuleGroup.TCPFlagField": { + "additionalProperties": false, + "properties": { + "Flags": { + "items": { + "type": "string" + }, + "markdownDescription": "Used in conjunction with the `Masks` setting to define the flags that must be set and flags that must not be set in order for the packet to match. This setting can only specify values that are also specified in the `Masks` setting.\n\nFor the flags that are specified in the masks setting, the following must be true for the packet to match:\n\n- The ones that are set in this flags setting must be set in the packet.\n- The ones that are not set in this flags setting must also not be set in the packet.", + "title": "Flags", + "type": "array" + }, + "Masks": { + "items": { + "type": "string" + }, + "markdownDescription": "The set of flags to consider in the inspection. To inspect all flags in the valid values list, leave this with no setting.", + "title": "Masks", + "type": "array" + } + }, + "required": [ + "Flags" + ], + "type": "object" + }, + "AWS::NetworkFirewall::TLSInspectionConfiguration": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the TLS inspection configuration.", + "title": "Description", + "type": "string" + }, + "TLSInspectionConfiguration": { + "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.TLSInspectionConfiguration", + "markdownDescription": "The object that defines a TLS inspection configuration. AWS Network Firewall uses TLS inspection configurations to decrypt your firewall's inbound and outbound SSL/TLS traffic. After decryption, AWS Network Firewall inspects the traffic according to your firewall policy's stateful rules, and then re-encrypts it before sending it to its destination. You can enable inspection of your firewall's inbound traffic, outbound traffic, or both. To use TLS inspection with your firewall, you must first import or provision certificates using AWS Certificate Manager , create a TLS inspection configuration, add that configuration to a new firewall policy, and then associate that policy with your firewall. For more information about using TLS inspection configurations, see [Inspecting SSL/TLS traffic with TLS inspection configurations](https://docs.aws.amazon.com/network-firewall/latest/developerguide/tls-inspection.html) in the *AWS Network Firewall Developer Guide* .", + "title": "TLSInspectionConfiguration" + }, + "TLSInspectionConfigurationName": { + "markdownDescription": "The descriptive name of the TLS inspection configuration. You can't change the name of a TLS inspection configuration after you create it.", + "title": "TLSInspectionConfigurationName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The key:value pairs to associate with the resource.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "TLSInspectionConfiguration", + "TLSInspectionConfigurationName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NetworkFirewall::TLSInspectionConfiguration" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::NetworkFirewall::TLSInspectionConfiguration.Address": { + "additionalProperties": false, + "properties": { + "AddressDefinition": { + "markdownDescription": "Specify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4 and IPv6.\n\nExamples:\n\n- To configure Network Firewall to inspect for the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n- To configure Network Firewall to inspect for the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure Network Firewall to inspect for IP addresses from 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .", + "title": "AddressDefinition", + "type": "string" + } + }, + "required": [ + "AddressDefinition" + ], + "type": "object" + }, + "AWS::NetworkFirewall::TLSInspectionConfiguration.CheckCertificateRevocationStatus": { + "additionalProperties": false, + "properties": { + "RevokedStatusAction": { + "markdownDescription": "Configures how Network Firewall processes traffic when it determines that the certificate presented by the server in the SSL/TLS connection has a revoked status.\n\n- *PASS* - Allow the connection to continue, and pass subsequent packets to the stateful engine for inspection.\n- *DROP* - Network Firewall closes the connection and drops subsequent packets for that connection.\n- *REJECT* - Network Firewall sends a TCP reject packet back to your client. The service closes the connection and drops subsequent packets for that connection. `REJECT` is available only for TCP traffic.", + "title": "RevokedStatusAction", + "type": "string" + }, + "UnknownStatusAction": { + "markdownDescription": "Configures how Network Firewall processes traffic when it determines that the certificate presented by the server in the SSL/TLS connection has an unknown status, or a status that cannot be determined for any other reason, including when the service is unable to connect to the OCSP and CRL endpoints for the certificate.\n\n- *PASS* - Allow the connection to continue, and pass subsequent packets to the stateful engine for inspection.\n- *DROP* - Network Firewall closes the connection and drops subsequent packets for that connection.\n- *REJECT* - Network Firewall sends a TCP reject packet back to your client. The service closes the connection and drops subsequent packets for that connection. `REJECT` is available only for TCP traffic.", + "title": "UnknownStatusAction", + "type": "string" + } + }, + "type": "object" + }, + "AWS::NetworkFirewall::TLSInspectionConfiguration.PortRange": { + "additionalProperties": false, + "properties": { + "FromPort": { + "markdownDescription": "The lower limit of the port range. This must be less than or equal to the `ToPort` specification.", + "title": "FromPort", + "type": "number" + }, + "ToPort": { + "markdownDescription": "The upper limit of the port range. This must be greater than or equal to the `FromPort` specification.", + "title": "ToPort", + "type": "number" + } + }, + "required": [ + "FromPort", + "ToPort" + ], + "type": "object" + }, + "AWS::NetworkFirewall::TLSInspectionConfiguration.ServerCertificate": { + "additionalProperties": false, + "properties": { + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Certificate Manager SSL/TLS server certificate that's used for inbound SSL/TLS inspection.", + "title": "ResourceArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::NetworkFirewall::TLSInspectionConfiguration.ServerCertificateConfiguration": { + "additionalProperties": false, + "properties": { + "CertificateAuthorityArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the imported certificate authority (CA) certificate within AWS Certificate Manager (ACM) to use for outbound SSL/TLS inspection.\n\nThe following limitations apply:\n\n- You can use CA certificates that you imported into ACM, but you can't generate CA certificates with ACM.\n- You can't use certificates issued by AWS Private Certificate Authority .\n\nFor more information about configuring certificates for outbound inspection, see [Using SSL/TLS certificates with TLS inspection configurations](https://docs.aws.amazon.com/network-firewall/latest/developerguide/tls-inspection-certificate-requirements.html) in the *AWS Network Firewall Developer Guide* .\n\nFor information about working with certificates in ACM, see [Importing certificates](https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html) in the *AWS Certificate Manager User Guide* .", + "title": "CertificateAuthorityArn", + "type": "string" + }, + "CheckCertificateRevocationStatus": { + "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.CheckCertificateRevocationStatus", + "markdownDescription": "When enabled, Network Firewall checks if the server certificate presented by the server in the SSL/TLS connection has a revoked or unkown status. If the certificate has an unknown or revoked status, you must specify the actions that Network Firewall takes on outbound traffic. To check the certificate revocation status, you must also specify a `CertificateAuthorityArn` in [ServerCertificateConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-servercertificateconfiguration.html) .", + "title": "CheckCertificateRevocationStatus" + }, + "Scopes": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.ServerCertificateScope" + }, + "markdownDescription": "A list of scopes.", + "title": "Scopes", + "type": "array" + }, + "ServerCertificates": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.ServerCertificate" + }, + "markdownDescription": "The list of server certificates to use for inbound SSL/TLS inspection.", + "title": "ServerCertificates", + "type": "array" + } + }, + "type": "object" + }, + "AWS::NetworkFirewall::TLSInspectionConfiguration.ServerCertificateScope": { + "additionalProperties": false, + "properties": { + "DestinationPorts": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.PortRange" + }, + "markdownDescription": "The destination ports to decrypt for inspection, in Transmission Control Protocol (TCP) format. If not specified, this matches with any destination port.\n\nYou can specify individual ports, for example `1994` , and you can specify port ranges, such as `1990:1994` .", + "title": "DestinationPorts", + "type": "array" + }, + "Destinations": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.Address" + }, + "markdownDescription": "The destination IP addresses and address ranges to decrypt for inspection, in CIDR notation. If not specified, this\nmatches with any destination address.", + "title": "Destinations", + "type": "array" + }, + "Protocols": { + "items": { + "type": "number" + }, + "markdownDescription": "The protocols to inspect for, specified using the assigned internet protocol number (IANA) for each protocol. If not specified, this matches with any protocol.\n\nNetwork Firewall currently supports only TCP.", + "title": "Protocols", + "type": "array" + }, + "SourcePorts": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.PortRange" + }, + "markdownDescription": "The source ports to decrypt for inspection, in Transmission Control Protocol (TCP) format. If not specified, this matches with any source port.\n\nYou can specify individual ports, for example `1994` , and you can specify port ranges, such as `1990:1994` .", + "title": "SourcePorts", + "type": "array" + }, + "Sources": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.Address" + }, + "markdownDescription": "The source IP addresses and address ranges to decrypt for inspection, in CIDR notation. If not specified, this\nmatches with any source address.", + "title": "Sources", + "type": "array" + } + }, + "type": "object" + }, + "AWS::NetworkFirewall::TLSInspectionConfiguration.TLSInspectionConfiguration": { + "additionalProperties": false, + "properties": { + "ServerCertificateConfigurations": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.ServerCertificateConfiguration" + }, + "markdownDescription": "Lists the server certificate configurations that are associated with the TLS configuration.", + "title": "ServerCertificateConfigurations", + "type": "array" + } + }, + "type": "object" + }, + "AWS::NetworkFirewall::VpcEndpointAssociation": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the VPC endpoint association.", + "title": "Description", + "type": "string" + }, + "FirewallArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the firewall.", + "title": "FirewallArn", + "type": "string" + }, + "SubnetMapping": { + "$ref": "#/definitions/AWS::NetworkFirewall::VpcEndpointAssociation.SubnetMapping", + "markdownDescription": "The ID for a subnet that's used in an association with a firewall. This is used in `CreateFirewall` , `AssociateSubnets` , and `CreateVpcEndpointAssociation` . AWS Network Firewall creates an instance of the associated firewall in each subnet that you specify, to filter traffic in the subnet's Availability Zone.", + "title": "SubnetMapping" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The key:value pairs to associate with the resource.", + "title": "Tags", + "type": "array" + }, + "VpcId": { + "markdownDescription": "The unique identifier of the VPC for the endpoint association.", + "title": "VpcId", + "type": "string" + } + }, + "required": [ + "FirewallArn", + "SubnetMapping", + "VpcId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NetworkFirewall::VpcEndpointAssociation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::NetworkFirewall::VpcEndpointAssociation.SubnetMapping": { + "additionalProperties": false, + "properties": { + "IPAddressType": { + "markdownDescription": "The subnet's IP address type. You can't change the IP address type after you create the subnet.", + "title": "IPAddressType", + "type": "string" + }, + "SubnetId": { + "markdownDescription": "The unique identifier for the subnet.", + "title": "SubnetId", + "type": "string" + } + }, + "required": [ + "SubnetId" + ], + "type": "object" + }, + "AWS::NetworkManager::ConnectAttachment": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CoreNetworkId": { + "markdownDescription": "The ID of the core network where the Connect attachment is located.", + "title": "CoreNetworkId", + "type": "string" + }, + "EdgeLocation": { + "markdownDescription": "The Region where the edge is located.", + "title": "EdgeLocation", + "type": "string" + }, + "NetworkFunctionGroupName": { + "markdownDescription": "The name of the network function group.", + "title": "NetworkFunctionGroupName", + "type": "string" + }, + "Options": { + "$ref": "#/definitions/AWS::NetworkManager::ConnectAttachment.ConnectAttachmentOptions", + "markdownDescription": "Options for connecting an attachment.", + "title": "Options" + }, + "ProposedNetworkFunctionGroupChange": { + "$ref": "#/definitions/AWS::NetworkManager::ConnectAttachment.ProposedNetworkFunctionGroupChange", + "markdownDescription": "Describes proposed changes to a network function group.", + "title": "ProposedNetworkFunctionGroupChange" + }, + "ProposedSegmentChange": { + "$ref": "#/definitions/AWS::NetworkManager::ConnectAttachment.ProposedSegmentChange", + "markdownDescription": "Describes a proposed segment change. In some cases, the segment change must first be evaluated and accepted.", + "title": "ProposedSegmentChange" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags associated with the Connect attachment.", + "title": "Tags", + "type": "array" + }, + "TransportAttachmentId": { + "markdownDescription": "The ID of the transport attachment.", + "title": "TransportAttachmentId", + "type": "string" + } + }, + "required": [ + "CoreNetworkId", + "EdgeLocation", + "Options", + "TransportAttachmentId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NetworkManager::ConnectAttachment" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::NetworkManager::ConnectAttachment.ConnectAttachmentOptions": { + "additionalProperties": false, + "properties": { + "Protocol": { + "markdownDescription": "The protocol used for the attachment connection.", + "title": "Protocol", + "type": "string" + } + }, + "type": "object" + }, + "AWS::NetworkManager::ConnectAttachment.ProposedNetworkFunctionGroupChange": { + "additionalProperties": false, + "properties": { + "AttachmentPolicyRuleNumber": { + "markdownDescription": "The proposed new attachment policy rule number for the network function group.", + "title": "AttachmentPolicyRuleNumber", + "type": "number" + }, + "NetworkFunctionGroupName": { + "markdownDescription": "The proposed name change for the network function group name.", + "title": "NetworkFunctionGroupName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of proposed changes to the key-value tags associated with the network function group.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "AWS::NetworkManager::ConnectAttachment.ProposedSegmentChange": { + "additionalProperties": false, + "properties": { + "AttachmentPolicyRuleNumber": { + "markdownDescription": "The rule number in the policy document that applies to this change.", + "title": "AttachmentPolicyRuleNumber", + "type": "number" + }, + "SegmentName": { + "markdownDescription": "The name of the segment to change.", + "title": "SegmentName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of key-value tags that changed for the segment.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "AWS::NetworkManager::ConnectPeer": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "BgpOptions": { + "$ref": "#/definitions/AWS::NetworkManager::ConnectPeer.BgpOptions", + "markdownDescription": "Describes the BGP options.", + "title": "BgpOptions" + }, + "ConnectAttachmentId": { + "markdownDescription": "The ID of the attachment to connect.", + "title": "ConnectAttachmentId", + "type": "string" + }, + "CoreNetworkAddress": { + "markdownDescription": "The IP address of a core network.", + "title": "CoreNetworkAddress", + "type": "string" + }, + "InsideCidrBlocks": { + "items": { + "type": "string" + }, + "markdownDescription": "The inside IP addresses used for a Connect peer configuration.", + "title": "InsideCidrBlocks", + "type": "array" + }, + "PeerAddress": { + "markdownDescription": "The IP address of the Connect peer.", + "title": "PeerAddress", + "type": "string" + }, + "SubnetArn": { + "markdownDescription": "The subnet ARN of the Connect peer.", + "title": "SubnetArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of key-value tags associated with the Connect peer.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "ConnectAttachmentId", + "PeerAddress" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NetworkManager::ConnectPeer" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::NetworkManager::ConnectPeer.BgpOptions": { + "additionalProperties": false, + "properties": { + "PeerAsn": { + "markdownDescription": "The Peer ASN of the BGP.", + "title": "PeerAsn", + "type": "number" + } + }, + "type": "object" + }, + "AWS::NetworkManager::ConnectPeer.ConnectPeerBgpConfiguration": { + "additionalProperties": false, + "properties": { + "CoreNetworkAddress": { + "markdownDescription": "The address of a core network.", + "title": "CoreNetworkAddress", + "type": "string" + }, + "CoreNetworkAsn": { + "markdownDescription": "The ASN of the Coret Network.", + "title": "CoreNetworkAsn", + "type": "number" + }, + "PeerAddress": { + "markdownDescription": "The address of a core network Connect peer.", + "title": "PeerAddress", + "type": "string" + }, + "PeerAsn": { + "markdownDescription": "The ASN of the Connect peer.", + "title": "PeerAsn", + "type": "number" + } + }, + "type": "object" + }, + "AWS::NetworkManager::ConnectPeer.ConnectPeerConfiguration": { + "additionalProperties": false, + "properties": { + "BgpConfigurations": { + "items": { + "$ref": "#/definitions/AWS::NetworkManager::ConnectPeer.ConnectPeerBgpConfiguration" + }, + "markdownDescription": "The Connect peer BGP configurations.", + "title": "BgpConfigurations", + "type": "array" + }, + "CoreNetworkAddress": { + "markdownDescription": "The IP address of a core network.", + "title": "CoreNetworkAddress", + "type": "string" + }, + "InsideCidrBlocks": { + "items": { + "type": "string" + }, + "markdownDescription": "The inside IP addresses used for a Connect peer configuration.", + "title": "InsideCidrBlocks", + "type": "array" + }, + "PeerAddress": { + "markdownDescription": "The IP address of the Connect peer.", + "title": "PeerAddress", + "type": "string" + }, + "Protocol": { + "markdownDescription": "The protocol used for a Connect peer configuration.", + "title": "Protocol", + "type": "string" + } + }, + "type": "object" + }, + "AWS::NetworkManager::CoreNetwork": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of a core network.", + "title": "Description", + "type": "string" + }, + "GlobalNetworkId": { + "markdownDescription": "The ID of the global network that your core network is a part of.", + "title": "GlobalNetworkId", + "type": "string" + }, + "PolicyDocument": { + "markdownDescription": "Describes a core network policy. For more information, see [Core network policies](https://docs.aws.amazon.com/network-manager/latest/cloudwan/cloudwan-policy-change-sets.html) .\n\nIf you update the policy document, CloudFormation will apply the core network change set generated from the updated policy document, and then set it as the LIVE policy.", + "title": "PolicyDocument", + "type": "object" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of key-value tags associated with a core network.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "GlobalNetworkId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NetworkManager::CoreNetwork" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::NetworkManager::CoreNetwork.CoreNetworkEdge": { + "additionalProperties": false, + "properties": { + "Asn": { + "markdownDescription": "The ASN of a core network edge.", + "title": "Asn", + "type": "number" + }, + "EdgeLocation": { + "markdownDescription": "The Region where a core network edge is located.", + "title": "EdgeLocation", + "type": "string" + }, + "InsideCidrBlocks": { + "items": { + "type": "string" + }, + "markdownDescription": "The inside IP addresses used for core network edges.", + "title": "InsideCidrBlocks", + "type": "array" + } + }, + "type": "object" + }, + "AWS::NetworkManager::CoreNetwork.CoreNetworkNetworkFunctionGroup": { + "additionalProperties": false, + "properties": { + "EdgeLocations": { + "items": { + "type": "string" + }, + "markdownDescription": "The core network edge locations.", + "title": "EdgeLocations", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the network function group.", + "title": "Name", + "type": "string" + }, + "Segments": { + "$ref": "#/definitions/AWS::NetworkManager::CoreNetwork.Segments", + "markdownDescription": "The segments associated with the network function group.", + "title": "Segments" + } + }, + "type": "object" + }, + "AWS::NetworkManager::CoreNetwork.CoreNetworkSegment": { + "additionalProperties": false, + "properties": { + "EdgeLocations": { + "items": { + "type": "string" + }, + "markdownDescription": "The Regions where the edges are located.", + "title": "EdgeLocations", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of a core network segment.", + "title": "Name", + "type": "string" + }, + "SharedSegments": { + "items": { + "type": "string" + }, + "markdownDescription": "The shared segments of a core network.", + "title": "SharedSegments", + "type": "array" + } + }, + "type": "object" + }, + "AWS::NetworkManager::CoreNetwork.Segments": { + "additionalProperties": false, + "properties": { + "SendTo": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "SendTo", + "type": "array" + }, + "SendVia": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "SendVia", + "type": "array" + } + }, + "type": "object" + }, + "AWS::NetworkManager::CustomerGatewayAssociation": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CustomerGatewayArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the customer gateway.", + "title": "CustomerGatewayArn", + "type": "string" + }, + "DeviceId": { + "markdownDescription": "The ID of the device.", + "title": "DeviceId", + "type": "string" + }, + "GlobalNetworkId": { + "markdownDescription": "The ID of the global network.", + "title": "GlobalNetworkId", + "type": "string" + }, + "LinkId": { + "markdownDescription": "The ID of the link.", + "title": "LinkId", + "type": "string" + } + }, + "required": [ + "CustomerGatewayArn", + "DeviceId", + "GlobalNetworkId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NetworkManager::CustomerGatewayAssociation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::NetworkManager::Device": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AWSLocation": { + "$ref": "#/definitions/AWS::NetworkManager::Device.AWSLocation", + "markdownDescription": "The AWS location of the device.", + "title": "AWSLocation" + }, + "Description": { + "markdownDescription": "A description of the device.\n\nConstraints: Maximum length of 256 characters.", + "title": "Description", + "type": "string" + }, + "GlobalNetworkId": { + "markdownDescription": "The ID of the global network.", + "title": "GlobalNetworkId", + "type": "string" + }, + "Location": { + "$ref": "#/definitions/AWS::NetworkManager::Device.Location", + "markdownDescription": "The site location.", + "title": "Location" + }, + "Model": { + "markdownDescription": "The model of the device.\n\nConstraints: Maximum length of 128 characters.", + "title": "Model", + "type": "string" + }, + "SerialNumber": { + "markdownDescription": "The serial number of the device.\n\nConstraints: Maximum length of 128 characters.", + "title": "SerialNumber", + "type": "string" + }, + "SiteId": { + "markdownDescription": "The site ID.", + "title": "SiteId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the device.", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "The device type.", + "title": "Type", + "type": "string" + }, + "Vendor": { + "markdownDescription": "The vendor of the device.\n\nConstraints: Maximum length of 128 characters.", + "title": "Vendor", + "type": "string" + } + }, + "required": [ + "GlobalNetworkId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NetworkManager::Device" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::NetworkManager::Device.AWSLocation": { + "additionalProperties": false, + "properties": { + "SubnetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the subnet that the device is located in.", + "title": "SubnetArn", + "type": "string" + }, + "Zone": { + "markdownDescription": "The Zone that the device is located in. Specify the ID of an Availability Zone, Local Zone, Wavelength Zone, or an Outpost.", + "title": "Zone", + "type": "string" + } + }, + "type": "object" + }, + "AWS::NetworkManager::Device.Location": { + "additionalProperties": false, + "properties": { + "Address": { + "markdownDescription": "The physical address.", + "title": "Address", + "type": "string" + }, + "Latitude": { + "markdownDescription": "The latitude.", + "title": "Latitude", + "type": "string" + }, + "Longitude": { + "markdownDescription": "The longitude.", + "title": "Longitude", + "type": "string" + } + }, + "type": "object" + }, + "AWS::NetworkManager::DirectConnectGatewayAttachment": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CoreNetworkId": { + "markdownDescription": "", + "title": "CoreNetworkId", + "type": "string" + }, + "DirectConnectGatewayArn": { + "markdownDescription": "The Direct Connect gateway attachment ARN.", + "title": "DirectConnectGatewayArn", + "type": "string" + }, + "EdgeLocations": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "EdgeLocations", + "type": "array" + }, + "ProposedNetworkFunctionGroupChange": { + "$ref": "#/definitions/AWS::NetworkManager::DirectConnectGatewayAttachment.ProposedNetworkFunctionGroupChange", + "markdownDescription": "Describes proposed changes to a network function group.", + "title": "ProposedNetworkFunctionGroupChange" + }, + "ProposedSegmentChange": { + "$ref": "#/definitions/AWS::NetworkManager::DirectConnectGatewayAttachment.ProposedSegmentChange", + "markdownDescription": "Describes a proposed segment change. In some cases, the segment change must first be evaluated and accepted.", + "title": "ProposedSegmentChange" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "CoreNetworkId", + "DirectConnectGatewayArn", + "EdgeLocations" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NetworkManager::DirectConnectGatewayAttachment" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::NetworkManager::DirectConnectGatewayAttachment.ProposedNetworkFunctionGroupChange": { + "additionalProperties": false, + "properties": { + "AttachmentPolicyRuleNumber": { + "markdownDescription": "The proposed new attachment policy rule number for the network function group.", + "title": "AttachmentPolicyRuleNumber", + "type": "number" + }, + "NetworkFunctionGroupName": { + "markdownDescription": "The proposed name change for the network function group name.", + "title": "NetworkFunctionGroupName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of proposed changes to the key-value tags associated with the network function group.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "AWS::NetworkManager::DirectConnectGatewayAttachment.ProposedSegmentChange": { + "additionalProperties": false, + "properties": { + "AttachmentPolicyRuleNumber": { + "markdownDescription": "The rule number in the policy document that applies to this change.", + "title": "AttachmentPolicyRuleNumber", + "type": "number" + }, + "SegmentName": { + "markdownDescription": "The name of the segment to change.", + "title": "SegmentName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of key-value tags that changed for the segment.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "AWS::NetworkManager::GlobalNetwork": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CreatedAt": { + "markdownDescription": "The date and time that the global network was created.", + "title": "CreatedAt", + "type": "string" + }, + "Description": { + "markdownDescription": "A description of the global network.\n\nConstraints: Maximum length of 256 characters.", + "title": "Description", + "type": "string" + }, + "State": { + "markdownDescription": "The state of the global network.", + "title": "State", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the global network.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NetworkManager::GlobalNetwork" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::NetworkManager::Link": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Bandwidth": { + "$ref": "#/definitions/AWS::NetworkManager::Link.Bandwidth", + "markdownDescription": "The bandwidth for the link.", + "title": "Bandwidth" + }, + "Description": { + "markdownDescription": "A description of the link.\n\nConstraints: Maximum length of 256 characters.", + "title": "Description", + "type": "string" + }, + "GlobalNetworkId": { + "markdownDescription": "The ID of the global network.", + "title": "GlobalNetworkId", + "type": "string" + }, + "Provider": { + "markdownDescription": "The provider of the link.\n\nConstraints: Maximum length of 128 characters. Cannot include the following characters: | \\ ^", + "title": "Provider", + "type": "string" + }, + "SiteId": { + "markdownDescription": "The ID of the site.", + "title": "SiteId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the link.", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of the link.\n\nConstraints: Maximum length of 128 characters. Cannot include the following characters: | \\ ^", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Bandwidth", + "GlobalNetworkId", + "SiteId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NetworkManager::Link" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::NetworkManager::Link.Bandwidth": { + "additionalProperties": false, + "properties": { + "DownloadSpeed": { + "markdownDescription": "Download speed in Mbps.", + "title": "DownloadSpeed", + "type": "number" + }, + "UploadSpeed": { + "markdownDescription": "Upload speed in Mbps.", + "title": "UploadSpeed", + "type": "number" + } + }, + "type": "object" + }, + "AWS::NetworkManager::LinkAssociation": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DeviceId": { + "markdownDescription": "The device ID for the link association.", + "title": "DeviceId", + "type": "string" + }, + "GlobalNetworkId": { + "markdownDescription": "The ID of the global network.", + "title": "GlobalNetworkId", + "type": "string" + }, + "LinkId": { + "markdownDescription": "The ID of the link.", + "title": "LinkId", + "type": "string" + } + }, + "required": [ + "DeviceId", + "GlobalNetworkId", + "LinkId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NetworkManager::LinkAssociation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::NetworkManager::Site": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of your site.\n\nConstraints: Maximum length of 256 characters.", + "title": "Description", + "type": "string" + }, + "GlobalNetworkId": { + "markdownDescription": "The ID of the global network.", + "title": "GlobalNetworkId", + "type": "string" + }, + "Location": { + "$ref": "#/definitions/AWS::NetworkManager::Site.Location", + "markdownDescription": "The site location. This information is used for visualization in the Network Manager console. If you specify the address, the latitude and longitude are automatically calculated.\n\n- `Address` : The physical address of the site.\n- `Latitude` : The latitude of the site.\n- `Longitude` : The longitude of the site.", + "title": "Location" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the site.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "GlobalNetworkId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NetworkManager::Site" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::NetworkManager::Site.Location": { + "additionalProperties": false, + "properties": { + "Address": { + "markdownDescription": "The physical address.", + "title": "Address", + "type": "string" + }, + "Latitude": { + "markdownDescription": "The latitude.", + "title": "Latitude", + "type": "string" + }, + "Longitude": { + "markdownDescription": "The longitude.", + "title": "Longitude", + "type": "string" + } + }, + "type": "object" + }, + "AWS::NetworkManager::SiteToSiteVpnAttachment": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CoreNetworkId": { + "markdownDescription": "", + "title": "CoreNetworkId", + "type": "string" + }, + "NetworkFunctionGroupName": { + "markdownDescription": "The name of the network function group.", + "title": "NetworkFunctionGroupName", + "type": "string" + }, + "ProposedNetworkFunctionGroupChange": { + "$ref": "#/definitions/AWS::NetworkManager::SiteToSiteVpnAttachment.ProposedNetworkFunctionGroupChange", + "markdownDescription": "Describes proposed changes to a network function group.", + "title": "ProposedNetworkFunctionGroupChange" + }, + "ProposedSegmentChange": { + "$ref": "#/definitions/AWS::NetworkManager::SiteToSiteVpnAttachment.ProposedSegmentChange", + "markdownDescription": "Describes a proposed segment change. In some cases, the segment change must first be evaluated and accepted.", + "title": "ProposedSegmentChange" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags associated with the Site-to-Site VPN attachment.", + "title": "Tags", + "type": "array" + }, + "VpnConnectionArn": { + "markdownDescription": "The ARN of the site-to-site VPN attachment.", + "title": "VpnConnectionArn", + "type": "string" + } + }, + "required": [ + "CoreNetworkId", + "VpnConnectionArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NetworkManager::SiteToSiteVpnAttachment" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::NetworkManager::SiteToSiteVpnAttachment.ProposedNetworkFunctionGroupChange": { + "additionalProperties": false, + "properties": { + "AttachmentPolicyRuleNumber": { + "markdownDescription": "The proposed new attachment policy rule number for the network function group.", + "title": "AttachmentPolicyRuleNumber", + "type": "number" + }, + "NetworkFunctionGroupName": { + "markdownDescription": "The proposed name change for the network function group name.", + "title": "NetworkFunctionGroupName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of proposed changes to the key-value tags associated with the network function group.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "AWS::NetworkManager::SiteToSiteVpnAttachment.ProposedSegmentChange": { + "additionalProperties": false, + "properties": { + "AttachmentPolicyRuleNumber": { + "markdownDescription": "The rule number in the policy document that applies to this change.", + "title": "AttachmentPolicyRuleNumber", + "type": "number" + }, + "SegmentName": { + "markdownDescription": "The name of the segment to change.", + "title": "SegmentName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of key-value tags that changed for the segment.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "AWS::NetworkManager::TransitGatewayPeering": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CoreNetworkId": { + "markdownDescription": "The ID of the core network.", + "title": "CoreNetworkId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of key-value tags associated with the peering.", + "title": "Tags", + "type": "array" + }, + "TransitGatewayArn": { + "markdownDescription": "The ARN of the transit gateway.", + "title": "TransitGatewayArn", + "type": "string" + } + }, + "required": [ + "CoreNetworkId", + "TransitGatewayArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NetworkManager::TransitGatewayPeering" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::NetworkManager::TransitGatewayRegistration": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "GlobalNetworkId": { + "markdownDescription": "The ID of the global network.", + "title": "GlobalNetworkId", + "type": "string" + }, + "TransitGatewayArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the transit gateway.", + "title": "TransitGatewayArn", + "type": "string" + } + }, + "required": [ + "GlobalNetworkId", + "TransitGatewayArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NetworkManager::TransitGatewayRegistration" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::NetworkManager::TransitGatewayRouteTableAttachment": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "NetworkFunctionGroupName": { + "markdownDescription": "The name of the network function group.", + "title": "NetworkFunctionGroupName", + "type": "string" + }, + "PeeringId": { + "markdownDescription": "The ID of the transit gateway peering.", + "title": "PeeringId", + "type": "string" + }, + "ProposedNetworkFunctionGroupChange": { + "$ref": "#/definitions/AWS::NetworkManager::TransitGatewayRouteTableAttachment.ProposedNetworkFunctionGroupChange", + "markdownDescription": "Describes proposed changes to a network function group.", + "title": "ProposedNetworkFunctionGroupChange" + }, + "ProposedSegmentChange": { + "$ref": "#/definitions/AWS::NetworkManager::TransitGatewayRouteTableAttachment.ProposedSegmentChange", + "markdownDescription": "This property is read-only. Values can't be assigned to it.", + "title": "ProposedSegmentChange" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of key-value pairs associated with the transit gateway route table attachment.", + "title": "Tags", + "type": "array" + }, + "TransitGatewayRouteTableArn": { + "markdownDescription": "The ARN of the transit gateway attachment route table. For example, `\"TransitGatewayRouteTableArn\": \"arn:aws:ec2:us-west-2:123456789012:transit-gateway-route-table/tgw-rtb-9876543210123456\"` .", + "title": "TransitGatewayRouteTableArn", + "type": "string" + } + }, + "required": [ + "PeeringId", + "TransitGatewayRouteTableArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NetworkManager::TransitGatewayRouteTableAttachment" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::NetworkManager::TransitGatewayRouteTableAttachment.ProposedNetworkFunctionGroupChange": { + "additionalProperties": false, + "properties": { + "AttachmentPolicyRuleNumber": { + "markdownDescription": "The proposed new attachment policy rule number for the network function group.", + "title": "AttachmentPolicyRuleNumber", + "type": "number" + }, + "NetworkFunctionGroupName": { + "markdownDescription": "The proposed name change for the network function group name.", + "title": "NetworkFunctionGroupName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of proposed changes to the key-value tags associated with the network function group.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "AWS::NetworkManager::TransitGatewayRouteTableAttachment.ProposedSegmentChange": { + "additionalProperties": false, + "properties": { + "AttachmentPolicyRuleNumber": { + "markdownDescription": "The rule number in the policy document that applies to this change.", + "title": "AttachmentPolicyRuleNumber", + "type": "number" + }, + "SegmentName": { + "markdownDescription": "The name of the segment to change.", + "title": "SegmentName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of key-value tags that changed for the segment.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "AWS::NetworkManager::VpcAttachment": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CoreNetworkId": { + "markdownDescription": "The core network ID.", + "title": "CoreNetworkId", + "type": "string" + }, + "Options": { + "$ref": "#/definitions/AWS::NetworkManager::VpcAttachment.VpcOptions", + "markdownDescription": "Options for creating the VPC attachment.", + "title": "Options" + }, + "ProposedNetworkFunctionGroupChange": { + "$ref": "#/definitions/AWS::NetworkManager::VpcAttachment.ProposedNetworkFunctionGroupChange", + "markdownDescription": "Describes proposed changes to a network function group.", + "title": "ProposedNetworkFunctionGroupChange" + }, + "ProposedSegmentChange": { + "$ref": "#/definitions/AWS::NetworkManager::VpcAttachment.ProposedSegmentChange", + "markdownDescription": "Describes a proposed segment change. In some cases, the segment change must first be evaluated and accepted.", + "title": "ProposedSegmentChange" + }, + "SubnetArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The subnet ARNs.", + "title": "SubnetArns", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags associated with the VPC attachment.", + "title": "Tags", + "type": "array" + }, + "VpcArn": { + "markdownDescription": "The ARN of the VPC attachment.", + "title": "VpcArn", + "type": "string" + } + }, + "required": [ + "CoreNetworkId", + "SubnetArns", + "VpcArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NetworkManager::VpcAttachment" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::NetworkManager::VpcAttachment.ProposedNetworkFunctionGroupChange": { + "additionalProperties": false, + "properties": { + "AttachmentPolicyRuleNumber": { + "markdownDescription": "The proposed new attachment policy rule number for the network function group.", + "title": "AttachmentPolicyRuleNumber", + "type": "number" + }, + "NetworkFunctionGroupName": { + "markdownDescription": "The proposed name change for the network function group name.", + "title": "NetworkFunctionGroupName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of proposed changes to the key-value tags associated with the network function group.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "AWS::NetworkManager::VpcAttachment.ProposedSegmentChange": { + "additionalProperties": false, + "properties": { + "AttachmentPolicyRuleNumber": { + "markdownDescription": "The rule number in the policy document that applies to this change.", + "title": "AttachmentPolicyRuleNumber", + "type": "number" + }, + "SegmentName": { + "markdownDescription": "The name of the segment to change.", + "title": "SegmentName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of key-value tags that changed for the segment.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "AWS::NetworkManager::VpcAttachment.VpcOptions": { + "additionalProperties": false, + "properties": { + "ApplianceModeSupport": { + "markdownDescription": "Indicates whether appliance mode is supported. If enabled, traffic flow between a source and destination use the same Availability Zone for the VPC attachment for the lifetime of that flow. The default value is `false` .", + "title": "ApplianceModeSupport", + "type": "boolean" + }, + "DnsSupport": { + "markdownDescription": "Indicates whether DNS is supported.", + "title": "DnsSupport", + "type": "boolean" + }, + "Ipv6Support": { + "markdownDescription": "Indicates whether IPv6 is supported.", + "title": "Ipv6Support", + "type": "boolean" + }, + "SecurityGroupReferencingSupport": { + "markdownDescription": "Indicates whether security group referencing is enabled for this VPC attachment. The default is `true` . However, at the core network policy-level the default is set to `false` .", + "title": "SecurityGroupReferencingSupport", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::Notifications::ChannelAssociation": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the `Channel` .", + "title": "Arn", + "type": "string" + }, + "NotificationConfigurationArn": { + "markdownDescription": "The ARN of the `NotificationConfiguration` associated with the `Channel` .", + "title": "NotificationConfigurationArn", + "type": "string" + } + }, + "required": [ + "Arn", + "NotificationConfigurationArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Notifications::ChannelAssociation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Notifications::EventRule": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "EventPattern": { + "markdownDescription": "An additional event pattern used to further filter the events this `EventRule` receives.\n\nFor more information, see [Amazon EventBridge event patterns](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-event-patterns.html) in the *Amazon EventBridge User Guide.*", + "title": "EventPattern", + "type": "string" + }, + "EventType": { + "markdownDescription": "The event type this rule should match with the EventBridge events. It must match with atleast one of the valid EventBridge event types. For example, Amazon EC2 Instance State change Notification and Amazon CloudWatch State Change. For more information, see [Event delivery from AWS services](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-service-event.html#eb-service-event-delivery-level) in the *Amazon EventBridge User Guide* .", + "title": "EventType", + "type": "string" + }, + "NotificationConfigurationArn": { + "markdownDescription": "The ARN for the `NotificationConfiguration` associated with this `EventRule` .", + "title": "NotificationConfigurationArn", + "type": "string" + }, + "Regions": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of AWS Regions that send events to this `EventRule` .", + "title": "Regions", + "type": "array" + }, + "Source": { + "markdownDescription": "The event source this rule should match with the EventBridge event sources. It must match with atleast one of the valid EventBridge event sources. Only AWS service sourced events are supported. For example, `aws.ec2` and `aws.cloudwatch` . For more information, see [Event delivery from AWS services](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-service-event.html#eb-service-event-delivery-level) in the *Amazon EventBridge User Guide* .", + "title": "Source", + "type": "string" + } + }, + "required": [ + "EventType", + "NotificationConfigurationArn", + "Regions", + "Source" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Notifications::EventRule" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Notifications::EventRule.EventRuleStatusSummary": { + "additionalProperties": false, + "properties": { + "Reason": { + "markdownDescription": "A human-readable reason for `EventRuleStatus` .", + "title": "Reason", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the `EventRule` .\n\n- Values:\n\n- `ACTIVE`\n\n- The `EventRule` can process events.\n- `INACTIVE`\n\n- The `EventRule` may be unable to process events.\n- `CREATING`\n\n- The `EventRule` is being created.\n\nOnly `GET` and `LIST` calls can be run.\n- `UPDATING`\n\n- The `EventRule` is being updated.\n\nOnly `GET` and `LIST` calls can be run.\n- `DELETING`\n\n- The `EventRule` is being deleted.\n\nOnly `GET` and `LIST` calls can be run.", + "title": "Status", + "type": "string" + } + }, + "required": [ + "Reason", + "Status" + ], + "type": "object" + }, + "AWS::Notifications::ManagedNotificationAccountContactAssociation": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ContactIdentifier": { + "markdownDescription": "The unique identifier of the notification contact associated with the AWS account. For more information about the contact types associated with an account, see the [Account Management Reference Guide](https://docs.aws.amazon.com/accounts/latest/reference/manage-acct-update-contact-alternate.html#manage-acct-update-contact-alternate-orgs) .", + "title": "ContactIdentifier", + "type": "string" + }, + "ManagedNotificationConfigurationArn": { + "markdownDescription": "The ARN of the `ManagedNotificationConfiguration` to be associated with the `Channel` .", + "title": "ManagedNotificationConfigurationArn", + "type": "string" + } + }, + "required": [ + "ContactIdentifier", + "ManagedNotificationConfigurationArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Notifications::ManagedNotificationAccountContactAssociation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Notifications::ManagedNotificationAdditionalChannelAssociation": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ChannelArn": { + "markdownDescription": "The ARN of the `Channel` .", + "title": "ChannelArn", + "type": "string" + }, + "ManagedNotificationConfigurationArn": { + "markdownDescription": "The ARN of the `ManagedNotificationAdditionalChannelAssociation` associated with the `Channel` .", + "title": "ManagedNotificationConfigurationArn", + "type": "string" + } + }, + "required": [ + "ChannelArn", + "ManagedNotificationConfigurationArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Notifications::ManagedNotificationAdditionalChannelAssociation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Notifications::NotificationConfiguration": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AggregationDuration": { + "markdownDescription": "The aggregation preference of the `NotificationConfiguration` .\n\n- Values:\n\n- `LONG`\n\n- Aggregate notifications for long periods of time (12 hours).\n- `SHORT`\n\n- Aggregate notifications for short periods of time (5 minutes).\n- `NONE`\n\n- Don't aggregate notifications.", + "title": "AggregationDuration", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the `NotificationConfiguration` .", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the `NotificationConfiguration` . Supports RFC 3986's unreserved characters.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A map of tags assigned to a `NotificationConfiguration` .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Description", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Notifications::NotificationConfiguration" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Notifications::NotificationHub": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Region": { + "markdownDescription": "The `NotificationHub` Region.", + "title": "Region", + "type": "string" + } + }, + "required": [ + "Region" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Notifications::NotificationHub" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Notifications::NotificationHub.NotificationHubStatusSummary": { + "additionalProperties": false, + "properties": { + "NotificationHubStatus": { + "markdownDescription": "Indicates the current status of the `NotificationHub` .", + "title": "NotificationHubStatus", + "type": "string" + }, + "NotificationHubStatusReason": { + "markdownDescription": "An explanation for the current status.", + "title": "NotificationHubStatusReason", + "type": "string" + } + }, + "required": [ + "NotificationHubStatus", + "NotificationHubStatusReason" + ], + "type": "object" + }, + "AWS::NotificationsContacts::EmailContact": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "EmailAddress": { + "markdownDescription": "The email address of the contact. The activation and notification emails are sent here.", + "title": "EmailAddress", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the contact.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags to apply to the email contact.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "EmailAddress", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NotificationsContacts::EmailContact" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::NotificationsContacts::EmailContact.EmailContact": { + "additionalProperties": false, + "properties": { + "Address": { + "markdownDescription": "The email address of the contact.", + "title": "Address", + "type": "string" + }, + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the contact.", + "title": "Arn", + "type": "string" + }, + "CreationTime": { + "markdownDescription": "The creation time of the `EmailContact` .", + "title": "CreationTime", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the contact.", + "title": "Name", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the contact. Only activated contacts receive emails.", + "title": "Status", + "type": "string" + }, + "UpdateTime": { + "markdownDescription": "The time the `EmailContact` was last updated.", + "title": "UpdateTime", + "type": "string" + } + }, + "required": [ + "Address", + "Arn", + "CreationTime", + "Name", + "Status", + "UpdateTime" + ], + "type": "object" + }, + "AWS::ODB::CloudAutonomousVmCluster": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AutonomousDataStorageSizeInTBs": { + "markdownDescription": "The data storage size allocated for Autonomous Databases in the Autonomous VM cluster, in TB.\n\nRequired when creating an Autonomous VM cluster.", + "title": "AutonomousDataStorageSizeInTBs", + "type": "number" + }, + "CloudExadataInfrastructureId": { + "markdownDescription": "The unique identifier of the Cloud Exadata Infrastructure containing this Autonomous VM cluster.\n\nRequired when creating an Autonomous VM cluster.", + "title": "CloudExadataInfrastructureId", + "type": "string" + }, + "CpuCoreCountPerNode": { + "markdownDescription": "The number of CPU cores enabled per node in the Autonomous VM cluster.\n\nRequired when creating an Autonomous VM cluster.", + "title": "CpuCoreCountPerNode", + "type": "number" + }, + "DbServers": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of database servers associated with the Autonomous VM cluster.", + "title": "DbServers", + "type": "array" + }, + "Description": { + "markdownDescription": "The user-provided description of the Autonomous VM cluster.", + "title": "Description", + "type": "string" + }, + "DisplayName": { + "markdownDescription": "The display name of the Autonomous VM cluster.\n\nRequired when creating an Autonomous VM cluster.", + "title": "DisplayName", + "type": "string" + }, + "IsMtlsEnabledVmCluster": { + "markdownDescription": "Specifies whether mutual TLS (mTLS) authentication is enabled for the Autonomous VM cluster.", + "title": "IsMtlsEnabledVmCluster", + "type": "boolean" + }, + "LicenseModel": { + "markdownDescription": "The Oracle license model that applies to the Autonomous VM cluster. Valid values are `LICENSE_INCLUDED` or `BRING_YOUR_OWN_LICENSE` .", + "title": "LicenseModel", + "type": "string" + }, + "MaintenanceWindow": { + "$ref": "#/definitions/AWS::ODB::CloudAutonomousVmCluster.MaintenanceWindow", + "markdownDescription": "The scheduling details for the maintenance window. Patching and system updates take place during the maintenance window.", + "title": "MaintenanceWindow" + }, + "MemoryPerOracleComputeUnitInGBs": { + "markdownDescription": "The amount of memory allocated per Oracle Compute Unit, in GB.\n\nRequired when creating an Autonomous VM cluster.", + "title": "MemoryPerOracleComputeUnitInGBs", + "type": "number" + }, + "OdbNetworkId": { + "markdownDescription": "The unique identifier of the ODB network associated with this Autonomous VM cluster.\n\nRequired when creating an Autonomous VM cluster.", + "title": "OdbNetworkId", + "type": "string" + }, + "ScanListenerPortNonTls": { + "markdownDescription": "The SCAN listener port for non-TLS (TCP) protocol. The default is 1521.", + "title": "ScanListenerPortNonTls", + "type": "number" + }, + "ScanListenerPortTls": { + "markdownDescription": "The SCAN listener port for TLS (TCP) protocol. The default is 2484.", + "title": "ScanListenerPortTls", + "type": "number" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags to assign to the Autonomous Vm Cluster.", + "title": "Tags", + "type": "array" + }, + "TimeZone": { + "markdownDescription": "The time zone of the Autonomous VM cluster.", + "title": "TimeZone", + "type": "string" + }, + "TotalContainerDatabases": { + "markdownDescription": "The total number of Autonomous Container Databases that can be created with the allocated local storage.\n\nRequired when creating an Autonomous VM cluster.", + "title": "TotalContainerDatabases", + "type": "number" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ODB::CloudAutonomousVmCluster" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::ODB::CloudAutonomousVmCluster.MaintenanceWindow": { + "additionalProperties": false, + "properties": { + "DaysOfWeek": { + "items": { + "type": "string" + }, + "markdownDescription": "The days of the week when maintenance can be performed.", + "title": "DaysOfWeek", + "type": "array" + }, + "HoursOfDay": { + "items": { + "type": "number" + }, + "markdownDescription": "The hours of the day when maintenance can be performed.", + "title": "HoursOfDay", + "type": "array" + }, + "LeadTimeInWeeks": { + "markdownDescription": "The lead time in weeks before the maintenance window.", + "title": "LeadTimeInWeeks", + "type": "number" + }, + "Months": { + "items": { + "type": "string" + }, + "markdownDescription": "The months when maintenance can be performed.", + "title": "Months", + "type": "array" + }, + "Preference": { + "markdownDescription": "The preference for the maintenance window scheduling.", + "title": "Preference", + "type": "string" + }, + "WeeksOfMonth": { + "items": { + "type": "number" + }, + "markdownDescription": "The weeks of the month when maintenance can be performed.", + "title": "WeeksOfMonth", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ODB::CloudExadataInfrastructure": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "markdownDescription": "The name of the Availability Zone (AZ) where the Exadata infrastructure is located.\n\nRequired when creating an Exadata infrastructure. Specify either AvailabilityZone or AvailabilityZoneId to define the location of the infrastructure.", + "title": "AvailabilityZone", + "type": "string" + }, + "AvailabilityZoneId": { + "markdownDescription": "The AZ ID of the AZ where the Exadata infrastructure is located.\n\nRequired when creating an Exadata infrastructure. Specify either AvailabilityZone or AvailabilityZoneId to define the location of the infrastructure.", + "title": "AvailabilityZoneId", + "type": "string" + }, + "ComputeCount": { + "markdownDescription": "The number of database servers for the Exadata infrastructure.\n\nRequired when creating an Exadata infrastructure.", + "title": "ComputeCount", + "type": "number" + }, + "CustomerContactsToSendToOCI": { + "items": { + "$ref": "#/definitions/AWS::ODB::CloudExadataInfrastructure.CustomerContact" + }, + "markdownDescription": "The email addresses of contacts to receive notification from Oracle about maintenance updates for the Exadata infrastructure.", + "title": "CustomerContactsToSendToOCI", + "type": "array" + }, + "DatabaseServerType": { + "markdownDescription": "The database server model type of the Exadata infrastructure. For the list of valid model names, use the `ListDbSystemShapes` operation.", + "title": "DatabaseServerType", + "type": "string" + }, + "DisplayName": { + "markdownDescription": "The user-friendly name for the Exadata infrastructure.\n\nRequired when creating an Exadata infrastructure.", + "title": "DisplayName", + "type": "string" + }, + "Shape": { + "markdownDescription": "The model name of the Exadata infrastructure.\n\nRequired when creating an Exadata infrastructure.", + "title": "Shape", + "type": "string" + }, + "StorageCount": { + "markdownDescription": "The number of storage servers that are activated for the Exadata infrastructure.\n\nRequired when creating an Exadata infrastructure.", + "title": "StorageCount", + "type": "number" + }, + "StorageServerType": { + "markdownDescription": "The storage server model type of the Exadata infrastructure. For the list of valid model names, use the `ListDbSystemShapes` operation.", + "title": "StorageServerType", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags to assign to the Exadata Infrastructure.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ODB::CloudExadataInfrastructure" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::ODB::CloudExadataInfrastructure.CustomerContact": { + "additionalProperties": false, + "properties": { + "Email": { + "markdownDescription": "The email address of the contact.", + "title": "Email", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ODB::CloudVmCluster": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CloudExadataInfrastructureId": { + "markdownDescription": "The unique identifier of the Exadata infrastructure that this VM cluster belongs to.\n\nRequired when creating a VM cluster.", + "title": "CloudExadataInfrastructureId", + "type": "string" + }, + "ClusterName": { + "markdownDescription": "The name of the Grid Infrastructure (GI) cluster.", + "title": "ClusterName", + "type": "string" + }, + "CpuCoreCount": { + "markdownDescription": "The number of CPU cores enabled on the VM cluster.\n\nRequired when creating a VM cluster.", + "title": "CpuCoreCount", + "type": "number" + }, + "DataCollectionOptions": { + "$ref": "#/definitions/AWS::ODB::CloudVmCluster.DataCollectionOptions", + "markdownDescription": "The set of diagnostic collection options enabled for the VM cluster.", + "title": "DataCollectionOptions" + }, + "DataStorageSizeInTBs": { + "markdownDescription": "The size of the data disk group, in terabytes (TB), that's allocated for the VM cluster.", + "title": "DataStorageSizeInTBs", + "type": "number" + }, + "DbNodeStorageSizeInGBs": { + "markdownDescription": "The amount of local node storage, in gigabytes (GB), that's allocated for the VM cluster.", + "title": "DbNodeStorageSizeInGBs", + "type": "number" + }, + "DbServers": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of database servers for the VM cluster.", + "title": "DbServers", + "type": "array" + }, + "DisplayName": { + "markdownDescription": "The user-friendly name for the VM cluster.\n\nRequired when creating a VM cluster.", + "title": "DisplayName", + "type": "string" + }, + "GiVersion": { + "markdownDescription": "The software version of the Oracle Grid Infrastructure (GI) for the VM cluster.\n\nRequired when creating a VM cluster.", + "title": "GiVersion", + "type": "string" + }, + "Hostname": { + "markdownDescription": "The host name for the VM cluster.\n\nRequired when creating a VM cluster.", + "title": "Hostname", + "type": "string" + }, + "IsLocalBackupEnabled": { + "markdownDescription": "Specifies whether database backups to local Exadata storage are enabled for the VM cluster.", + "title": "IsLocalBackupEnabled", + "type": "boolean" + }, + "IsSparseDiskgroupEnabled": { + "markdownDescription": "Specifies whether the VM cluster is configured with a sparse disk group.", + "title": "IsSparseDiskgroupEnabled", + "type": "boolean" + }, + "LicenseModel": { + "markdownDescription": "The Oracle license model applied to the VM cluster.", + "title": "LicenseModel", + "type": "string" + }, + "MemorySizeInGBs": { + "markdownDescription": "The amount of memory, in gigabytes (GB), that's allocated for the VM cluster.", + "title": "MemorySizeInGBs", + "type": "number" + }, + "OdbNetworkId": { + "markdownDescription": "The unique identifier of the ODB network for the VM cluster.\n\nRequired when creating a VM cluster.", + "title": "OdbNetworkId", + "type": "string" + }, + "ScanListenerPortTcp": { + "markdownDescription": "The port number for TCP connections to the single client access name (SCAN) listener.\n\nValid values: `1024\u20138999` with the following exceptions: `2484` , `6100` , `6200` , `7060` , `7070` , `7085` , and `7879`\n\nDefault: `1521`", + "title": "ScanListenerPortTcp", + "type": "number" + }, + "SshPublicKeys": { + "items": { + "type": "string" + }, + "markdownDescription": "The public key portion of one or more key pairs used for SSH access to the VM cluster.\n\nRequired when creating a VM cluster.", + "title": "SshPublicKeys", + "type": "array" + }, + "SystemVersion": { + "markdownDescription": "The operating system version of the image chosen for the VM cluster.", + "title": "SystemVersion", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags to assign to the Vm Cluster.", + "title": "Tags", + "type": "array" + }, + "TimeZone": { + "markdownDescription": "The time zone of the VM cluster.", + "title": "TimeZone", + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ODB::CloudVmCluster" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::ODB::CloudVmCluster.DataCollectionOptions": { + "additionalProperties": false, + "properties": { + "IsDiagnosticsEventsEnabled": { + "markdownDescription": "Specifies whether diagnostic collection is enabled for the VM cluster.", + "title": "IsDiagnosticsEventsEnabled", + "type": "boolean" + }, + "IsHealthMonitoringEnabled": { + "markdownDescription": "Specifies whether health monitoring is enabled for the VM cluster.", + "title": "IsHealthMonitoringEnabled", + "type": "boolean" + }, + "IsIncidentLogsEnabled": { + "markdownDescription": "Specifies whether incident logs are enabled for the VM cluster.", + "title": "IsIncidentLogsEnabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::ODB::OdbNetwork": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "markdownDescription": "The Availability Zone (AZ) where the ODB network is located.\n\nRequired when creating an ODB network. Specify either AvailabilityZone or AvailabilityZoneId to define the location of the network.", + "title": "AvailabilityZone", + "type": "string" + }, + "AvailabilityZoneId": { + "markdownDescription": "The AZ ID of the AZ where the ODB network is located.\n\nRequired when creating an ODB network. Specify either AvailabilityZone or AvailabilityZoneId to define the location of the network.", + "title": "AvailabilityZoneId", + "type": "string" + }, + "BackupSubnetCidr": { + "markdownDescription": "The CIDR range of the backup subnet in the ODB network.", + "title": "BackupSubnetCidr", + "type": "string" + }, + "ClientSubnetCidr": { + "markdownDescription": "The CIDR range of the client subnet in the ODB network.\n\nRequired when creating an ODB network.", + "title": "ClientSubnetCidr", + "type": "string" + }, + "DefaultDnsPrefix": { + "markdownDescription": "The DNS prefix to the default DNS domain name. The default DNS domain name is oraclevcn.com.", + "title": "DefaultDnsPrefix", + "type": "string" + }, + "DeleteAssociatedResources": { + "markdownDescription": "Specifies whether to delete associated OCI networking resources along with the ODB network.\n\nRequired when creating an ODB network.", + "title": "DeleteAssociatedResources", + "type": "boolean" + }, + "DisplayName": { + "markdownDescription": "The user-friendly name of the ODB network.\n\nRequired when creating an ODB network.", + "title": "DisplayName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags to assign to the Odb Network.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ODB::OdbNetwork" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::OSIS::Pipeline": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "BufferOptions": { + "$ref": "#/definitions/AWS::OSIS::Pipeline.BufferOptions", + "markdownDescription": "Options that specify the configuration of a persistent buffer. To configure how OpenSearch Ingestion encrypts this data, set the `EncryptionAtRestOptions` . For more information, see [Persistent buffering](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/osis-features-overview.html#persistent-buffering) .", + "title": "BufferOptions" + }, + "EncryptionAtRestOptions": { + "$ref": "#/definitions/AWS::OSIS::Pipeline.EncryptionAtRestOptions", + "markdownDescription": "Options to control how OpenSearch encrypts buffer data.", + "title": "EncryptionAtRestOptions" + }, + "LogPublishingOptions": { + "$ref": "#/definitions/AWS::OSIS::Pipeline.LogPublishingOptions", + "markdownDescription": "Key-value pairs that represent log publishing settings.", + "title": "LogPublishingOptions" + }, + "MaxUnits": { + "markdownDescription": "The maximum pipeline capacity, in Ingestion Compute Units (ICUs).", + "title": "MaxUnits", + "type": "number" + }, + "MinUnits": { + "markdownDescription": "The minimum pipeline capacity, in Ingestion Compute Units (ICUs).", + "title": "MinUnits", + "type": "number" + }, + "PipelineConfigurationBody": { + "markdownDescription": "The Data Prepper pipeline configuration in YAML format.", + "title": "PipelineConfigurationBody", + "type": "string" + }, + "PipelineName": { + "markdownDescription": "The name of the pipeline.", + "title": "PipelineName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "List of tags to add to the pipeline upon creation.", + "title": "Tags", + "type": "array" + }, + "VpcOptions": { + "$ref": "#/definitions/AWS::OSIS::Pipeline.VpcOptions", + "markdownDescription": "Options that specify the subnets and security groups for an OpenSearch Ingestion VPC endpoint.", + "title": "VpcOptions" + } + }, + "required": [ + "MaxUnits", + "MinUnits", + "PipelineConfigurationBody", + "PipelineName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::OSIS::Pipeline" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::OSIS::Pipeline.BufferOptions": { + "additionalProperties": false, + "properties": { + "PersistentBufferEnabled": { + "markdownDescription": "Whether persistent buffering should be enabled.", + "title": "PersistentBufferEnabled", + "type": "boolean" + } + }, + "required": [ + "PersistentBufferEnabled" + ], + "type": "object" + }, + "AWS::OSIS::Pipeline.CloudWatchLogDestination": { + "additionalProperties": false, + "properties": { + "LogGroup": { + "markdownDescription": "The name of the CloudWatch Logs group to send pipeline logs to. You can specify an existing log group or create a new one. For example, `/aws/vendedlogs/OpenSearchService/pipelines` .", + "title": "LogGroup", + "type": "string" + } + }, + "required": [ + "LogGroup" + ], + "type": "object" + }, + "AWS::OSIS::Pipeline.EncryptionAtRestOptions": { + "additionalProperties": false, + "properties": { + "KmsKeyArn": { + "markdownDescription": "The ARN of the KMS key used to encrypt buffer data. By default, data is encrypted using an AWS owned key.", + "title": "KmsKeyArn", + "type": "string" + } + }, + "required": [ + "KmsKeyArn" + ], + "type": "object" + }, + "AWS::OSIS::Pipeline.LogPublishingOptions": { + "additionalProperties": false, + "properties": { + "CloudWatchLogDestination": { + "$ref": "#/definitions/AWS::OSIS::Pipeline.CloudWatchLogDestination", + "markdownDescription": "The destination for OpenSearch Ingestion logs sent to Amazon CloudWatch Logs. This parameter is required if `IsLoggingEnabled` is set to `true` .", + "title": "CloudWatchLogDestination" + }, + "IsLoggingEnabled": { + "markdownDescription": "Whether logs should be published.", + "title": "IsLoggingEnabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::OSIS::Pipeline.VpcAttachmentOptions": { + "additionalProperties": false, + "properties": { + "AttachToVpc": { + "markdownDescription": "Whether a VPC is attached to the pipeline.", + "title": "AttachToVpc", + "type": "boolean" + }, + "CidrBlock": { + "markdownDescription": "The CIDR block to be reserved for OpenSearch Ingestion to create elastic network interfaces (ENIs).", + "title": "CidrBlock", + "type": "string" + } + }, + "required": [ + "AttachToVpc", + "CidrBlock" + ], + "type": "object" + }, + "AWS::OSIS::Pipeline.VpcEndpoint": { + "additionalProperties": false, + "properties": { + "VpcEndpointId": { + "markdownDescription": "The unique identifier of the endpoint.", + "title": "VpcEndpointId", + "type": "string" + }, + "VpcId": { + "markdownDescription": "The ID for your VPC. AWS PrivateLink generates this value when you create a VPC.", + "title": "VpcId", + "type": "string" + }, + "VpcOptions": { + "$ref": "#/definitions/AWS::OSIS::Pipeline.VpcOptions", + "markdownDescription": "Information about the VPC, including associated subnets and security groups.", + "title": "VpcOptions" + } + }, + "type": "object" + }, + "AWS::OSIS::Pipeline.VpcOptions": { + "additionalProperties": false, + "properties": { + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of security groups associated with the VPC endpoint.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of subnet IDs associated with the VPC endpoint.", + "title": "SubnetIds", + "type": "array" + }, + "VpcAttachmentOptions": { + "$ref": "#/definitions/AWS::OSIS::Pipeline.VpcAttachmentOptions", + "markdownDescription": "Options for attaching a VPC to a pipeline.", + "title": "VpcAttachmentOptions" + }, + "VpcEndpointManagement": { + "markdownDescription": "Defines whether you or Amazon OpenSearch Ingestion service create and manage the VPC endpoint configured for the pipeline.", + "title": "VpcEndpointManagement", + "type": "string" + } + }, + "required": [ + "SubnetIds" + ], + "type": "object" + }, + "AWS::Oam::Link": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "LabelTemplate": { + "markdownDescription": "Specify a friendly human-readable name to use to identify this source account when you are viewing data from it in the monitoring account.\n\nYou can include the following variables in your template:\n\n- `$AccountName` is the name of the account\n- `$AccountEmail` is a globally-unique email address, which includes the email domain, such as `mariagarcia@example.com`\n- `$AccountEmailNoDomain` is an email address without the domain name, such as `mariagarcia`\n\n> In the and Regions, the only supported option is to use custom labels, and the `$AccountName` , `$AccountEmail` , and `$AccountEmailNoDomain` variables all resolve as *account-id* instead of the specified variable.", + "title": "LabelTemplate", + "type": "string" + }, + "LinkConfiguration": { + "$ref": "#/definitions/AWS::Oam::Link.LinkConfiguration", + "markdownDescription": "Use this structure to optionally create filters that specify that only some metric namespaces or log groups are to be shared from the source account to the monitoring account.", + "title": "LinkConfiguration" + }, + "ResourceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of strings that define which types of data that the source account shares with the monitoring account. Valid values are `AWS::CloudWatch::Metric | AWS::Logs::LogGroup | AWS::XRay::Trace | AWS::ApplicationInsights::Application | AWS::InternetMonitor::Monitor` .", + "title": "ResourceTypes", + "type": "array" + }, + "SinkIdentifier": { + "markdownDescription": "The ARN of the sink in the monitoring account that you want to link to. You can use [ListSinks](https://docs.aws.amazon.com/OAM/latest/APIReference/API_ListSinks.html) to find the ARNs of sinks.", + "title": "SinkIdentifier", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "An array of key-value pairs to apply to the link.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "ResourceTypes", + "SinkIdentifier" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Oam::Link" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Oam::Link.LinkConfiguration": { + "additionalProperties": false, + "properties": { + "LogGroupConfiguration": { + "$ref": "#/definitions/AWS::Oam::Link.LinkFilter", + "markdownDescription": "Use this structure to filter which log groups are to share log events from this source account to the monitoring account.", + "title": "LogGroupConfiguration" + }, + "MetricConfiguration": { + "$ref": "#/definitions/AWS::Oam::Link.LinkFilter", + "markdownDescription": "Use this structure to filter which metric namespaces are to be shared from the source account to the monitoring account.", + "title": "MetricConfiguration" + } + }, + "type": "object" + }, + "AWS::Oam::Link.LinkFilter": { + "additionalProperties": false, + "properties": { + "Filter": { + "markdownDescription": "When used in `MetricConfiguration` this field specifies which metric namespaces are to be shared with the monitoring account\n\nWhen used in `LogGroupConfiguration` this field specifies which log groups are to share their log events with the monitoring account. Use the term `LogGroupName` and one or more of the following operands.\n\nUse single quotation marks (') around log group names and metric namespaces.\n\nThe matching of log group names and metric namespaces is case sensitive. Each filter has a limit of five conditional operands. Conditional operands are `AND` and `OR` .\n\n- `=` and `!=`\n- `AND`\n- `OR`\n- `LIKE` and `NOT LIKE` . These can be used only as prefix searches. Include a `%` at the end of the string that you want to search for and include.\n- `IN` and `NOT IN` , using parentheses `( )`\n\nExamples:\n\n- `Namespace NOT LIKE 'AWS/%'` includes only namespaces that don't start with `AWS/` , such as custom namespaces.\n- `Namespace IN ('AWS/EC2', 'AWS/ELB', 'AWS/S3')` includes only the metrics in the EC2, Elastic Load Balancing , and Amazon S3 namespaces.\n- `Namespace = 'AWS/EC2' OR Namespace NOT LIKE 'AWS/%'` includes only the EC2 namespace and your custom namespaces.\n- `LogGroupName IN ('This-Log-Group', 'Other-Log-Group')` includes only the log groups with names `This-Log-Group` and `Other-Log-Group` .\n- `LogGroupName NOT IN ('Private-Log-Group', 'Private-Log-Group-2')` includes all log groups except the log groups with names `Private-Log-Group` and `Private-Log-Group-2` .\n- `LogGroupName LIKE 'aws/lambda/%' OR LogGroupName LIKE 'AWSLogs%'` includes all log groups that have names that start with `aws/lambda/` or `AWSLogs` .\n\n> If you are updating a link that uses filters, you can specify `*` as the only value for the `filter` parameter to delete the filter and share all log groups with the monitoring account.", + "title": "Filter", + "type": "string" + } + }, + "required": [ + "Filter" + ], + "type": "object" + }, + "AWS::Oam::Sink": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "A name for the sink.", + "title": "Name", + "type": "string" + }, + "Policy": { + "markdownDescription": "The IAM policy that grants permissions to source accounts to link to this sink. The policy can grant permission in the following ways:\n\n- Include organization IDs or organization paths to permit all accounts in an organization\n- Include account IDs to permit the specified accounts", + "title": "Policy", + "type": "object" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "An array of key-value pairs to apply to the sink.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Oam::Sink" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Omics::AnnotationStore": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description for the store.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the Annotation Store.", + "title": "Name", + "type": "string" + }, + "Reference": { + "$ref": "#/definitions/AWS::Omics::AnnotationStore.ReferenceItem", + "markdownDescription": "The genome reference for the store's annotations.", + "title": "Reference" + }, + "SseConfig": { + "$ref": "#/definitions/AWS::Omics::AnnotationStore.SseConfig", + "markdownDescription": "The store's server-side encryption (SSE) settings.", + "title": "SseConfig" + }, + "StoreFormat": { + "markdownDescription": "The annotation file format of the store.", + "title": "StoreFormat", + "type": "string" + }, + "StoreOptions": { + "$ref": "#/definitions/AWS::Omics::AnnotationStore.StoreOptions", + "markdownDescription": "File parsing options for the annotation store.", + "title": "StoreOptions" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Tags for the store.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "Name", + "StoreFormat" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Omics::AnnotationStore" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Omics::AnnotationStore.ReferenceItem": { + "additionalProperties": false, + "properties": { + "ReferenceArn": { + "markdownDescription": "The reference's ARN.", + "title": "ReferenceArn", + "type": "string" + } + }, + "required": [ + "ReferenceArn" + ], + "type": "object" + }, + "AWS::Omics::AnnotationStore.SseConfig": { + "additionalProperties": false, + "properties": { + "KeyArn": { + "markdownDescription": "An encryption key ARN.", + "title": "KeyArn", + "type": "string" + }, + "Type": { + "markdownDescription": "The encryption type.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Omics::AnnotationStore.StoreOptions": { + "additionalProperties": false, + "properties": { + "TsvStoreOptions": { + "$ref": "#/definitions/AWS::Omics::AnnotationStore.TsvStoreOptions", + "markdownDescription": "Formatting options for a TSV file.", + "title": "TsvStoreOptions" + } + }, + "required": [ + "TsvStoreOptions" + ], + "type": "object" + }, + "AWS::Omics::AnnotationStore.TsvStoreOptions": { + "additionalProperties": false, + "properties": { + "AnnotationType": { + "markdownDescription": "The store's annotation type.", + "title": "AnnotationType", + "type": "string" + }, + "FormatToHeader": { + "additionalProperties": true, + "markdownDescription": "The store's header key to column name mapping.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "FormatToHeader", + "type": "object" + }, + "Schema": { + "markdownDescription": "The schema of an annotation store.", + "title": "Schema", + "type": "object" + } + }, + "type": "object" + }, + "AWS::Omics::ReferenceStore": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description for the store.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "A name for the store.", + "title": "Name", + "type": "string" + }, + "SseConfig": { + "$ref": "#/definitions/AWS::Omics::ReferenceStore.SseConfig", + "markdownDescription": "Server-side encryption (SSE) settings for the store.", + "title": "SseConfig" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Tags for the store.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Omics::ReferenceStore" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Omics::ReferenceStore.SseConfig": { + "additionalProperties": false, + "properties": { + "KeyArn": { + "markdownDescription": "An encryption key ARN.", + "title": "KeyArn", + "type": "string" + }, + "Type": { + "markdownDescription": "The encryption type.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Omics::RunGroup": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "MaxCpus": { + "markdownDescription": "The group's maximum CPU count setting.", + "title": "MaxCpus", + "type": "number" + }, + "MaxDuration": { + "markdownDescription": "The group's maximum duration setting in minutes.", + "title": "MaxDuration", + "type": "number" + }, + "MaxGpus": { + "markdownDescription": "The maximum GPUs that can be used by a run group.", + "title": "MaxGpus", + "type": "number" + }, + "MaxRuns": { + "markdownDescription": "The group's maximum concurrent run setting.", + "title": "MaxRuns", + "type": "number" + }, + "Name": { + "markdownDescription": "The group's name.", + "title": "Name", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Tags for the group.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Omics::RunGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Omics::SequenceStore": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AccessLogLocation": { + "markdownDescription": "Location of the access logs.", + "title": "AccessLogLocation", + "type": "string" + }, + "Description": { + "markdownDescription": "A description for the store.", + "title": "Description", + "type": "string" + }, + "ETagAlgorithmFamily": { + "markdownDescription": "The algorithm family of the ETag.", + "title": "ETagAlgorithmFamily", + "type": "string" + }, + "FallbackLocation": { + "markdownDescription": "An S3 location that is used to store files that have failed a direct upload.", + "title": "FallbackLocation", + "type": "string" + }, + "Name": { + "markdownDescription": "A name for the store.", + "title": "Name", + "type": "string" + }, + "PropagatedSetLevelTags": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "PropagatedSetLevelTags", + "type": "array" + }, + "S3AccessPolicy": { + "markdownDescription": "", + "title": "S3AccessPolicy", + "type": "object" + }, + "SseConfig": { + "$ref": "#/definitions/AWS::Omics::SequenceStore.SseConfig", + "markdownDescription": "Server-side encryption (SSE) settings for the store.", + "title": "SseConfig" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Tags for the store.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Omics::SequenceStore" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Omics::SequenceStore.SseConfig": { + "additionalProperties": false, + "properties": { + "KeyArn": { + "markdownDescription": "An encryption key ARN.", + "title": "KeyArn", + "type": "string" + }, + "Type": { + "markdownDescription": "The encryption type.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Omics::VariantStore": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description for the store.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "A name for the store.", + "title": "Name", + "type": "string" + }, + "Reference": { + "$ref": "#/definitions/AWS::Omics::VariantStore.ReferenceItem", + "markdownDescription": "The genome reference for the store's variants.", + "title": "Reference" + }, + "SseConfig": { + "$ref": "#/definitions/AWS::Omics::VariantStore.SseConfig", + "markdownDescription": "Server-side encryption (SSE) settings for the store.", + "title": "SseConfig" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Tags for the store.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "Name", + "Reference" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Omics::VariantStore" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Omics::VariantStore.ReferenceItem": { + "additionalProperties": false, + "properties": { + "ReferenceArn": { + "markdownDescription": "The reference's ARN.", + "title": "ReferenceArn", + "type": "string" + } + }, + "required": [ + "ReferenceArn" + ], + "type": "object" + }, + "AWS::Omics::VariantStore.SseConfig": { + "additionalProperties": false, + "properties": { + "KeyArn": { + "markdownDescription": "An encryption key ARN.", + "title": "KeyArn", + "type": "string" + }, + "Type": { + "markdownDescription": "The encryption type.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Omics::Workflow": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Accelerators": { + "markdownDescription": "", + "title": "Accelerators", + "type": "string" + }, + "DefinitionUri": { + "markdownDescription": "The URI of a definition for the workflow.", + "title": "DefinitionUri", + "type": "string" + }, + "Description": { + "markdownDescription": "The parameter's description.", + "title": "Description", + "type": "string" + }, + "Engine": { + "markdownDescription": "An engine for the workflow.", + "title": "Engine", + "type": "string" + }, + "Main": { + "markdownDescription": "The path of the main definition file for the workflow.", + "title": "Main", + "type": "string" + }, + "Name": { + "markdownDescription": "The workflow's name.", + "title": "Name", + "type": "string" + }, + "ParameterTemplate": { + "additionalProperties": false, + "markdownDescription": "The workflow's parameter template.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::Omics::Workflow.WorkflowParameter" + } + }, + "title": "ParameterTemplate", + "type": "object" + }, + "StorageCapacity": { + "markdownDescription": "The default static storage capacity (in gibibytes) for runs that use this workflow or workflow version. The `storageCapacity` can be overwritten at run time. The storage capacity is not required for runs with a `DYNAMIC` storage type.", + "title": "StorageCapacity", + "type": "number" + }, + "StorageType": { + "markdownDescription": "", + "title": "StorageType", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Tags for the workflow.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Omics::Workflow" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Omics::Workflow.WorkflowParameter": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The parameter's description.", + "title": "Description", + "type": "string" + }, + "Optional": { + "markdownDescription": "Whether the parameter is optional.", + "title": "Optional", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::Omics::WorkflowVersion": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Accelerators": { + "markdownDescription": "", + "title": "Accelerators", + "type": "string" + }, + "DefinitionUri": { + "markdownDescription": "", + "title": "DefinitionUri", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the workflow version.", + "title": "Description", + "type": "string" + }, + "Engine": { + "markdownDescription": "", + "title": "Engine", + "type": "string" + }, + "Main": { + "markdownDescription": "", + "title": "Main", + "type": "string" + }, + "ParameterTemplate": { + "additionalProperties": false, + "markdownDescription": "", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::Omics::WorkflowVersion.WorkflowParameter" + } + }, + "title": "ParameterTemplate", + "type": "object" + }, + "StorageCapacity": { + "markdownDescription": "", + "title": "StorageCapacity", + "type": "number" + }, + "StorageType": { + "markdownDescription": "", + "title": "StorageType", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "VersionName": { + "markdownDescription": "The name of the workflow version.", + "title": "VersionName", + "type": "string" + }, + "WorkflowBucketOwnerId": { + "markdownDescription": "", + "title": "WorkflowBucketOwnerId", + "type": "string" + }, + "WorkflowId": { + "markdownDescription": "The workflow's ID.", + "title": "WorkflowId", + "type": "string" + } + }, + "required": [ + "VersionName", + "WorkflowId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Omics::WorkflowVersion" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Omics::WorkflowVersion.WorkflowParameter": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The parameter's description.", + "title": "Description", + "type": "string" + }, + "Optional": { + "markdownDescription": "Whether the parameter is optional.", + "title": "Optional", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::OpenSearchServerless::AccessPolicy": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the policy.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the policy.", + "title": "Name", + "type": "string" + }, + "Policy": { + "markdownDescription": "The JSON policy document without any whitespaces.", + "title": "Policy", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of access policy. Currently the only option is `data` .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Name", + "Policy", + "Type" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::OpenSearchServerless::AccessPolicy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::OpenSearchServerless::Collection": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the collection.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the collection.\n\nCollection names must meet the following criteria:\n\n- Starts with a lowercase letter\n- Unique to your account and AWS Region\n- Contains between 3 and 28 characters\n- Contains only lowercase letters a-z, the numbers 0-9, and the hyphen (-)", + "title": "Name", + "type": "string" + }, + "StandbyReplicas": { + "markdownDescription": "Indicates whether to use standby replicas for the collection. You can't update this property after the collection is already created. If you attempt to modify this property, the collection continues to use the original value.", + "title": "StandbyReplicas", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An arbitrary set of tags (key\u2013value pairs) to associate with the collection.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of collection. Possible values are `SEARCH` , `TIMESERIES` , and `VECTORSEARCH` . For more information, see [Choosing a collection type](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/serverless-overview.html#serverless-usecase) .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::OpenSearchServerless::Collection" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::OpenSearchServerless::Index": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CollectionEndpoint": { + "markdownDescription": "The endpoint for the collection.", + "title": "CollectionEndpoint", + "type": "string" + }, + "IndexName": { + "markdownDescription": "The name of the OpenSearch Serverless index.", + "title": "IndexName", + "type": "string" + }, + "Mappings": { + "$ref": "#/definitions/AWS::OpenSearchServerless::Index.Mappings", + "markdownDescription": "Index mappings for the OpenSearch Serverless index.", + "title": "Mappings" + }, + "Settings": { + "$ref": "#/definitions/AWS::OpenSearchServerless::Index.IndexSettings", + "markdownDescription": "Index settings for the OpenSearch Serverless index.", + "title": "Settings" + } + }, + "required": [ + "CollectionEndpoint", + "IndexName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::OpenSearchServerless::Index" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::OpenSearchServerless::Index.Index": { + "additionalProperties": false, + "properties": { + "Knn": { + "markdownDescription": "Enable or disable k-nearest neighbor search capability.", + "title": "Knn", + "type": "boolean" + }, + "KnnAlgoParamEfSearch": { + "markdownDescription": "The size of the dynamic list for the nearest neighbors.", + "title": "KnnAlgoParamEfSearch", + "type": "number" + }, + "RefreshInterval": { + "markdownDescription": "How often to perform a refresh operation. For example, 1s or 5s.", + "title": "RefreshInterval", + "type": "string" + } + }, + "type": "object" + }, + "AWS::OpenSearchServerless::Index.IndexSettings": { + "additionalProperties": false, + "properties": { + "Index": { + "$ref": "#/definitions/AWS::OpenSearchServerless::Index.Index", + "markdownDescription": "Index settings.", + "title": "Index" + } + }, + "type": "object" + }, + "AWS::OpenSearchServerless::Index.Mappings": { + "additionalProperties": false, + "properties": { + "Properties": { + "additionalProperties": false, + "markdownDescription": "Nested fields within an object or nested field type.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::OpenSearchServerless::Index.PropertyMapping" + } + }, + "title": "Properties", + "type": "object" + } + }, + "type": "object" + }, + "AWS::OpenSearchServerless::Index.Method": { + "additionalProperties": false, + "properties": { + "Engine": { + "markdownDescription": "The k-NN search engine to use", + "title": "Engine", + "type": "string" + }, + "Name": { + "markdownDescription": "The algorithm name for k-NN search.", + "title": "Name", + "type": "string" + }, + "Parameters": { + "$ref": "#/definitions/AWS::OpenSearchServerless::Index.Parameters", + "markdownDescription": "Additional parameters for the k-NN algorithm.", + "title": "Parameters" + }, + "SpaceType": { + "markdownDescription": "The distance function used for k-NN search.", + "title": "SpaceType", + "type": "string" + } + }, + "required": [ + "Engine", + "Name" + ], + "type": "object" + }, + "AWS::OpenSearchServerless::Index.Parameters": { + "additionalProperties": false, + "properties": { + "EfConstruction": { + "markdownDescription": "The size of the dynamic list used during k-NN graph creation.", + "title": "EfConstruction", + "type": "number" + }, + "M": { + "markdownDescription": "Number of neighbors to consider during k-NN search.", + "title": "M", + "type": "number" + } + }, + "type": "object" + }, + "AWS::OpenSearchServerless::Index.PropertyMapping": { + "additionalProperties": false, + "properties": { + "Dimension": { + "markdownDescription": "Dimension size for vector fields, defines the number of dimensions in the vector.", + "title": "Dimension", + "type": "number" + }, + "Index": { + "markdownDescription": "Whether a field should be indexed.", + "title": "Index", + "type": "boolean" + }, + "Method": { + "$ref": "#/definitions/AWS::OpenSearchServerless::Index.Method", + "markdownDescription": "Configuration for k-NN search method.", + "title": "Method" + }, + "Properties": { + "additionalProperties": false, + "markdownDescription": "Defines the fields within the mapping, including their types and configurations.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::OpenSearchServerless::Index.PropertyMapping" + } + }, + "title": "Properties", + "type": "object" + }, + "Type": { + "markdownDescription": "The field data type. Must be a valid OpenSearch field type.", + "title": "Type", + "type": "string" + }, + "Value": { + "markdownDescription": "Default value for the field when not specified in a document.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::OpenSearchServerless::LifecyclePolicy": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the lifecycle policy.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the lifecycle policy.", + "title": "Name", + "type": "string" + }, + "Policy": { + "markdownDescription": "The JSON policy document without any whitespaces.", + "title": "Policy", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of lifecycle policy.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Name", + "Policy", + "Type" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::OpenSearchServerless::LifecyclePolicy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::OpenSearchServerless::SecurityConfig": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the security configuration.", + "title": "Description", + "type": "string" + }, + "IamIdentityCenterOptions": { + "$ref": "#/definitions/AWS::OpenSearchServerless::SecurityConfig.IamIdentityCenterConfigOptions", + "markdownDescription": "Describes IAM Identity Center options in the form of a key-value map.", + "title": "IamIdentityCenterOptions" + }, + "Name": { + "markdownDescription": "The name of the security configuration.", + "title": "Name", + "type": "string" + }, + "SamlOptions": { + "$ref": "#/definitions/AWS::OpenSearchServerless::SecurityConfig.SamlConfigOptions", + "markdownDescription": "SAML options for the security configuration in the form of a key-value map.", + "title": "SamlOptions" + }, + "Type": { + "markdownDescription": "The type of security configuration. Currently the only option is `saml` .", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::OpenSearchServerless::SecurityConfig" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::OpenSearchServerless::SecurityConfig.IamIdentityCenterConfigOptions": { + "additionalProperties": false, + "properties": { + "ApplicationArn": { + "markdownDescription": "The ARN of the IAM Identity Center application used to integrate with OpenSearch Serverless.", + "title": "ApplicationArn", + "type": "string" + }, + "ApplicationDescription": { + "markdownDescription": "The description of the IAM Identity Center application used to integrate with OpenSearch Serverless.", + "title": "ApplicationDescription", + "type": "string" + }, + "ApplicationName": { + "markdownDescription": "The name of the IAM Identity Center application used to integrate with OpenSearch Serverless.", + "title": "ApplicationName", + "type": "string" + }, + "GroupAttribute": { + "markdownDescription": "The group attribute for this IAM Identity Center integration. Defaults to `GroupId` .", + "title": "GroupAttribute", + "type": "string" + }, + "InstanceArn": { + "markdownDescription": "The ARN of the IAM Identity Center instance used to integrate with OpenSearch Serverless.", + "title": "InstanceArn", + "type": "string" + }, + "UserAttribute": { + "markdownDescription": "The user attribute for this IAM Identity Center integration. Defaults to `UserId`", + "title": "UserAttribute", + "type": "string" + } + }, + "required": [ + "InstanceArn" + ], + "type": "object" + }, + "AWS::OpenSearchServerless::SecurityConfig.SamlConfigOptions": { + "additionalProperties": false, + "properties": { + "GroupAttribute": { + "markdownDescription": "The group attribute for this SAML integration.", + "title": "GroupAttribute", + "type": "string" + }, + "Metadata": { + "markdownDescription": "The XML IdP metadata file generated from your identity provider.", + "title": "Metadata", + "type": "string" + }, + "OpenSearchServerlessEntityId": { + "markdownDescription": "Custom entity id attribute to override default entity id for this saml integration.", + "title": "OpenSearchServerlessEntityId", + "type": "string" + }, + "SessionTimeout": { + "markdownDescription": "The session timeout, in minutes. Default is 60 minutes (12 hours).", + "title": "SessionTimeout", + "type": "number" + }, + "UserAttribute": { + "markdownDescription": "A user attribute for this SAML integration.", + "title": "UserAttribute", + "type": "string" + } + }, + "required": [ + "Metadata" + ], + "type": "object" + }, + "AWS::OpenSearchServerless::SecurityPolicy": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the security policy.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the policy.", + "title": "Name", + "type": "string" + }, + "Policy": { + "markdownDescription": "The JSON policy document without any whitespaces.", + "title": "Policy", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of security policy. Can be either `encryption` or `network` .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Name", + "Policy", + "Type" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::OpenSearchServerless::SecurityPolicy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::OpenSearchServerless::VpcEndpoint": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the endpoint.", + "title": "Name", + "type": "string" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The unique identifiers of the security groups that define the ports, protocols, and sources for inbound traffic that you are authorizing into your endpoint.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The ID of the subnets from which you access OpenSearch Serverless.", + "title": "SubnetIds", + "type": "array" + }, + "VpcId": { + "markdownDescription": "The ID of the VPC from which you access OpenSearch Serverless.", + "title": "VpcId", + "type": "string" + } + }, + "required": [ + "Name", + "SubnetIds", + "VpcId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::OpenSearchServerless::VpcEndpoint" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::OpenSearchService::Application": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AppConfigs": { + "items": { + "$ref": "#/definitions/AWS::OpenSearchService::Application.AppConfig" + }, + "markdownDescription": "", + "title": "AppConfigs", + "type": "array" + }, + "DataSources": { + "items": { + "$ref": "#/definitions/AWS::OpenSearchService::Application.DataSource" + }, + "markdownDescription": "", + "title": "DataSources", + "type": "array" + }, + "Endpoint": { + "markdownDescription": "The endpoint URL of an OpenSearch application.", + "title": "Endpoint", + "type": "string" + }, + "IamIdentityCenterOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Application.IamIdentityCenterOptions", + "markdownDescription": "Settings container for integrating IAM Identity Center with OpenSearch UI applications, which enables enabling secure user authentication and access control across multiple data sources. This setup supports single sign-on (SSO) through IAM Identity Center, allowing centralized user management.", + "title": "IamIdentityCenterOptions" + }, + "Name": { + "markdownDescription": "The name of an OpenSearch application.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::OpenSearchService::Application" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::OpenSearchService::Application.AppConfig": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The configuration item to set, such as the admin role for the OpenSearch application.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The value assigned to the configuration key, such as an IAM user ARN.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::OpenSearchService::Application.DataSource": { + "additionalProperties": false, + "properties": { + "DataSourceArn": { + "markdownDescription": "", + "title": "DataSourceArn", + "type": "string" + }, + "DataSourceDescription": { + "markdownDescription": "Detailed description of a data source.", + "title": "DataSourceDescription", + "type": "string" + } + }, + "required": [ + "DataSourceArn" + ], + "type": "object" + }, + "AWS::OpenSearchService::Application.IamIdentityCenterOptions": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Indicates whether IAM Identity Center is enabled for the OpenSearch application.", + "title": "Enabled", + "type": "boolean" + }, + "IamIdentityCenterInstanceArn": { + "markdownDescription": "", + "title": "IamIdentityCenterInstanceArn", + "type": "string" + }, + "IamRoleForIdentityCenterApplicationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role assigned to the IAM Identity Center application for the OpenSearch application.", + "title": "IamRoleForIdentityCenterApplicationArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::OpenSearchService::Domain": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AccessPolicies": { + "markdownDescription": "An AWS Identity and Access Management ( IAM ) policy document that specifies who can access the OpenSearch Service domain and their permissions. For more information, see [Configuring access policies](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ac.html#ac-creating) in the *Amazon OpenSearch Service Developer Guide* .", + "title": "AccessPolicies", + "type": "object" + }, + "AdvancedOptions": { + "additionalProperties": true, + "markdownDescription": "Additional options to specify for the OpenSearch Service domain. For more information, see [AdvancedOptions](https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_CreateDomain.html#API_CreateDomain_RequestBody) in the OpenSearch Service API reference.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AdvancedOptions", + "type": "object" + }, + "AdvancedSecurityOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.AdvancedSecurityOptionsInput", + "markdownDescription": "Specifies options for fine-grained access control and SAML authentication.\n\nIf you specify advanced security options, you must also enable node-to-node encryption ( [NodeToNodeEncryptionOptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-nodetonodeencryptionoptions.html) ) and encryption at rest ( [EncryptionAtRestOptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-encryptionatrestoptions.html) ). You must also enable `EnforceHTTPS` within [DomainEndpointOptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-domainendpointoptions.html) , which requires HTTPS for all traffic to the domain.", + "title": "AdvancedSecurityOptions" + }, + "ClusterConfig": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.ClusterConfig", + "markdownDescription": "Container for the cluster configuration of a domain.", + "title": "ClusterConfig" + }, + "CognitoOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.CognitoOptions", + "markdownDescription": "Configures OpenSearch Service to use Amazon Cognito authentication for OpenSearch Dashboards.", + "title": "CognitoOptions" + }, + "DomainEndpointOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.DomainEndpointOptions", + "markdownDescription": "Specifies additional options for the domain endpoint, such as whether to require HTTPS for all traffic or whether to use a custom endpoint rather than the default endpoint.", + "title": "DomainEndpointOptions" + }, + "DomainName": { + "markdownDescription": "A name for the OpenSearch Service domain. The name must have a minimum length of 3 and a maximum length of 28. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the domain name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nRequired when creating a new domain.\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "DomainName", + "type": "string" + }, + "EBSOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.EBSOptions", + "markdownDescription": "The configurations of Amazon Elastic Block Store (Amazon EBS) volumes that are attached to data nodes in the OpenSearch Service domain. For more information, see [EBS volume size limits](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/limits.html#ebsresource) in the *Amazon OpenSearch Service Developer Guide* .", + "title": "EBSOptions" + }, + "EncryptionAtRestOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.EncryptionAtRestOptions", + "markdownDescription": "Whether the domain should encrypt data at rest, and if so, the AWS KMS key to use. See [Encryption of data at rest for Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/encryption-at-rest.html) .\n\nIf no encryption at rest options were initially specified in the template, updating this property by adding it causes no interruption. However, if you change this property after it's already been set within a template, the domain is deleted and recreated in order to modify the property.", + "title": "EncryptionAtRestOptions" + }, + "EngineVersion": { + "markdownDescription": "The version of OpenSearch to use. The value must be in the format `OpenSearch_X.Y` or `Elasticsearch_X.Y` . If not specified, the latest version of OpenSearch is used. For information about the versions that OpenSearch Service supports, see [Supported versions of OpenSearch and Elasticsearch](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/what-is.html#choosing-version) in the *Amazon OpenSearch Service Developer Guide* .\n\nIf you set the [EnableVersionUpgrade](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-upgradeopensearchdomain) update policy to `true` , you can update `EngineVersion` without interruption. When `EnableVersionUpgrade` is set to `false` , or is not specified, updating `EngineVersion` results in [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", + "title": "EngineVersion", + "type": "string" + }, + "IPAddressType": { + "markdownDescription": "Choose either dual stack or IPv4 as your IP address type. Dual stack allows you to share domain resources across IPv4 and IPv6 address types, and is the recommended option. If you set your IP address type to dual stack, you can't change your address type later.", + "title": "IPAddressType", + "type": "string" + }, + "IdentityCenterOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.IdentityCenterOptions", + "markdownDescription": "Configuration options for controlling IAM Identity Center integration within a domain.", + "title": "IdentityCenterOptions" + }, + "LogPublishingOptions": { + "additionalProperties": false, + "markdownDescription": "An object with one or more of the following keys: `SEARCH_SLOW_LOGS` , `ES_APPLICATION_LOGS` , `INDEX_SLOW_LOGS` , `AUDIT_LOGS` , depending on the types of logs you want to publish. Each key needs a valid `LogPublishingOption` value. For the full syntax, see the [examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-opensearchservice-domain.html#aws-resource-opensearchservice-domain--examples) .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.LogPublishingOption" + } + }, + "title": "LogPublishingOptions", + "type": "object" + }, + "NodeToNodeEncryptionOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.NodeToNodeEncryptionOptions", + "markdownDescription": "Specifies whether node-to-node encryption is enabled. See [Node-to-node encryption for Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ntn.html) .", + "title": "NodeToNodeEncryptionOptions" + }, + "OffPeakWindowOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.OffPeakWindowOptions", + "markdownDescription": "Options for a domain's off-peak window, during which OpenSearch Service can perform mandatory configuration changes on the domain.", + "title": "OffPeakWindowOptions" + }, + "SkipShardMigrationWait": { + "markdownDescription": "", + "title": "SkipShardMigrationWait", + "type": "boolean" + }, + "SnapshotOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.SnapshotOptions", + "markdownDescription": "*DEPRECATED* . The automated snapshot configuration for the OpenSearch Service domain indexes.", + "title": "SnapshotOptions" + }, + "SoftwareUpdateOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.SoftwareUpdateOptions", + "markdownDescription": "Service software update options for the domain.", + "title": "SoftwareUpdateOptions" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An arbitrary set of tags (key\u2013value pairs) to associate with the OpenSearch Service domain.", + "title": "Tags", + "type": "array" + }, + "VPCOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.VPCOptions", + "markdownDescription": "The virtual private cloud (VPC) configuration for the OpenSearch Service domain. For more information, see [Launching your Amazon OpenSearch Service domains within a VPC](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/vpc.html) in the *Amazon OpenSearch Service Developer Guide* .\n\nIf you remove this entity altogether, along with its associated properties, it causes a replacement. You might encounter this scenario if you're updating your security configuration from a VPC to a public endpoint.", + "title": "VPCOptions" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::OpenSearchService::Domain" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::OpenSearchService::Domain.AdvancedSecurityOptionsInput": { + "additionalProperties": false, + "properties": { + "AnonymousAuthDisableDate": { + "markdownDescription": "Date and time when the migration period will be disabled. Only necessary when [enabling fine-grained access control on an existing domain](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/fgac.html#fgac-enabling-existing) .", + "title": "AnonymousAuthDisableDate", + "type": "string" + }, + "AnonymousAuthEnabled": { + "markdownDescription": "True to enable a 30-day migration period during which administrators can create role mappings. Only necessary when [enabling fine-grained access control on an existing domain](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/fgac.html#fgac-enabling-existing) .", + "title": "AnonymousAuthEnabled", + "type": "boolean" + }, + "Enabled": { + "markdownDescription": "True to enable fine-grained access control. You must also enable encryption of data at rest and node-to-node encryption. See [Fine-grained access control in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/fgac.html) .", + "title": "Enabled", + "type": "boolean" + }, + "InternalUserDatabaseEnabled": { + "markdownDescription": "True to enable the internal user database.", + "title": "InternalUserDatabaseEnabled", + "type": "boolean" + }, + "JWTOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.JWTOptions", + "markdownDescription": "Container for information about the JWT configuration of the Amazon OpenSearch Service.", + "title": "JWTOptions" + }, + "MasterUserOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.MasterUserOptions", + "markdownDescription": "Specifies information about the master user.", + "title": "MasterUserOptions" + }, + "SAMLOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.SAMLOptions", + "markdownDescription": "Container for information about the SAML configuration for OpenSearch Dashboards.", + "title": "SAMLOptions" + } + }, + "type": "object" + }, + "AWS::OpenSearchService::Domain.ClusterConfig": { + "additionalProperties": false, + "properties": { + "ColdStorageOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.ColdStorageOptions", + "markdownDescription": "Container for cold storage configuration options.", + "title": "ColdStorageOptions" + }, + "DedicatedMasterCount": { + "markdownDescription": "The number of instances to use for the master node. If you specify this property, you must specify `true` for the `DedicatedMasterEnabled` property.", + "title": "DedicatedMasterCount", + "type": "number" + }, + "DedicatedMasterEnabled": { + "markdownDescription": "Indicates whether to use a dedicated master node for the OpenSearch Service domain. A dedicated master node is a cluster node that performs cluster management tasks, but doesn't hold data or respond to data upload requests. Dedicated master nodes offload cluster management tasks to increase the stability of your search clusters. See [Dedicated master nodes in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-dedicatedmasternodes.html) .", + "title": "DedicatedMasterEnabled", + "type": "boolean" + }, + "DedicatedMasterType": { + "markdownDescription": "The hardware configuration of the computer that hosts the dedicated master node, such as `m3.medium.search` . If you specify this property, you must specify `true` for the `DedicatedMasterEnabled` property. For valid values, see [Supported instance types in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/supported-instance-types.html) .", + "title": "DedicatedMasterType", + "type": "string" + }, + "InstanceCount": { + "markdownDescription": "The number of data nodes (instances) to use in the OpenSearch Service domain.", + "title": "InstanceCount", + "type": "number" + }, + "InstanceType": { + "markdownDescription": "The instance type for your data nodes, such as `m3.medium.search` . For valid values, see [Supported instance types in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/supported-instance-types.html) .", + "title": "InstanceType", + "type": "string" + }, + "MultiAZWithStandbyEnabled": { + "markdownDescription": "Indicates whether Multi-AZ with Standby deployment option is enabled. For more information, see [Multi-AZ with Standby](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-multiaz.html#managedomains-za-standby) .", + "title": "MultiAZWithStandbyEnabled", + "type": "boolean" + }, + "NodeOptions": { + "items": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.NodeOption" + }, + "markdownDescription": "List of node options for the domain.", + "title": "NodeOptions", + "type": "array" + }, + "WarmCount": { + "markdownDescription": "The number of warm nodes in the cluster.", + "title": "WarmCount", + "type": "number" + }, + "WarmEnabled": { + "markdownDescription": "Whether to enable UltraWarm storage for the cluster. See [UltraWarm storage for Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ultrawarm.html) .", + "title": "WarmEnabled", + "type": "boolean" + }, + "WarmType": { + "markdownDescription": "The instance type for the cluster's warm nodes.", + "title": "WarmType", + "type": "string" + }, + "ZoneAwarenessConfig": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.ZoneAwarenessConfig", + "markdownDescription": "Specifies zone awareness configuration options. Only use if `ZoneAwarenessEnabled` is `true` .", + "title": "ZoneAwarenessConfig" + }, + "ZoneAwarenessEnabled": { + "markdownDescription": "Indicates whether to enable zone awareness for the OpenSearch Service domain. When you enable zone awareness, OpenSearch Service allocates the nodes and replica index shards that belong to a cluster across two Availability Zones (AZs) in the same region to prevent data loss and minimize downtime in the event of node or data center failure. Don't enable zone awareness if your cluster has no replica index shards or is a single-node cluster. For more information, see [Configuring a multi-AZ domain in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-multiaz.html) .", + "title": "ZoneAwarenessEnabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::OpenSearchService::Domain.CognitoOptions": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Whether to enable or disable Amazon Cognito authentication for OpenSearch Dashboards. See [Amazon Cognito authentication for OpenSearch Dashboards](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/cognito-auth.html) .", + "title": "Enabled", + "type": "boolean" + }, + "IdentityPoolId": { + "markdownDescription": "The Amazon Cognito identity pool ID that you want OpenSearch Service to use for OpenSearch Dashboards authentication.\n\nRequired if you enabled Cognito Authentication for OpenSearch Dashboards.", + "title": "IdentityPoolId", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The `AmazonOpenSearchServiceCognitoAccess` role that allows OpenSearch Service to configure your user pool and identity pool.\n\nRequired if you enabled Cognito Authentication for OpenSearch Dashboards.", + "title": "RoleArn", + "type": "string" + }, + "UserPoolId": { + "markdownDescription": "The Amazon Cognito user pool ID that you want OpenSearch Service to use for OpenSearch Dashboards authentication.\n\nRequired if you enabled Cognito Authentication for OpenSearch Dashboards.", + "title": "UserPoolId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::OpenSearchService::Domain.ColdStorageOptions": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Whether to enable or disable cold storage on the domain. You must enable UltraWarm storage to enable cold storage.", + "title": "Enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::OpenSearchService::Domain.DomainEndpointOptions": { + "additionalProperties": false, + "properties": { + "CustomEndpoint": { + "markdownDescription": "The fully qualified URL for your custom endpoint. Required if you enabled a custom endpoint for the domain.", + "title": "CustomEndpoint", + "type": "string" + }, + "CustomEndpointCertificateArn": { + "markdownDescription": "The AWS Certificate Manager ARN for your domain's SSL/TLS certificate. Required if you enabled a custom endpoint for the domain.", + "title": "CustomEndpointCertificateArn", + "type": "string" + }, + "CustomEndpointEnabled": { + "markdownDescription": "True to enable a custom endpoint for the domain. If enabled, you must also provide values for `CustomEndpoint` and `CustomEndpointCertificateArn` .", + "title": "CustomEndpointEnabled", + "type": "boolean" + }, + "EnforceHTTPS": { + "markdownDescription": "True to require that all traffic to the domain arrive over HTTPS. Required if you enable fine-grained access control in [AdvancedSecurityOptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .", + "title": "EnforceHTTPS", + "type": "boolean" + }, + "TLSSecurityPolicy": { + "markdownDescription": "The minimum TLS version required for traffic to the domain. The policy can be one of the following values:\n\n- *Policy-Min-TLS-1-0-2019-07:* TLS security policy that supports TLS version 1.0 to TLS version 1.2\n- *Policy-Min-TLS-1-2-2019-07:* TLS security policy that supports only TLS version 1.2\n- *Policy-Min-TLS-1-2-PFS-2023-10:* TLS security policy that supports TLS version 1.2 to TLS version 1.3 with perfect forward secrecy cipher suites", + "title": "TLSSecurityPolicy", + "type": "string" + } + }, + "type": "object" + }, + "AWS::OpenSearchService::Domain.EBSOptions": { + "additionalProperties": false, + "properties": { + "EBSEnabled": { + "markdownDescription": "Specifies whether Amazon EBS volumes are attached to data nodes in the OpenSearch Service domain.", + "title": "EBSEnabled", + "type": "boolean" + }, + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS) that the volume supports. This property applies only to the `gp3` and provisioned IOPS EBS volume types.", + "title": "Iops", + "type": "number" + }, + "Throughput": { + "markdownDescription": "The throughput (in MiB/s) of the EBS volumes attached to data nodes. Applies only to the `gp3` volume type.", + "title": "Throughput", + "type": "number" + }, + "VolumeSize": { + "markdownDescription": "The size (in GiB) of the EBS volume for each data node. The minimum and maximum size of an EBS volume depends on the EBS volume type and the instance type to which it is attached. For more information, see [EBS volume size limits](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/limits.html#ebsresource) in the *Amazon OpenSearch Service Developer Guide* .", + "title": "VolumeSize", + "type": "number" + }, + "VolumeType": { + "markdownDescription": "The EBS volume type to use with the OpenSearch Service domain. If you choose `gp3` , you must also specify values for `Iops` and `Throughput` . For more information about each type, see [Amazon EBS volume types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) in the *Amazon EC2 User Guide for Linux Instances* .", + "title": "VolumeType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::OpenSearchService::Domain.EncryptionAtRestOptions": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Specify `true` to enable encryption at rest. Required if you enable fine-grained access control in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .\n\nIf no encryption at rest options were initially specified in the template, updating this property by adding it causes no interruption. However, if you change this property after it's already been set within a template, the domain is deleted and recreated in order to modify the property.", + "title": "Enabled", + "type": "boolean" + }, + "KmsKeyId": { + "markdownDescription": "The KMS key ID. Takes the form `1a2a3a4-1a2a-3a4a-5a6a-1a2a3a4a5a6a` . Required if you enable encryption at rest.\n\nYou can also use `keyAlias` as a value.\n\nIf no encryption at rest options were initially specified in the template, updating this property by adding it causes no interruption. However, if you change this property after it's already been set within a template, the domain is deleted and recreated in order to modify the property.", + "title": "KmsKeyId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::OpenSearchService::Domain.IdentityCenterOptions": { + "additionalProperties": false, + "properties": { + "EnabledAPIAccess": { + "markdownDescription": "Indicates whether IAM Identity Center is enabled for the application.", + "title": "EnabledAPIAccess", + "type": "boolean" + }, + "IdentityCenterApplicationARN": { + "markdownDescription": "The ARN of the IAM Identity Center application that integrates with Amazon OpenSearch Service.", + "title": "IdentityCenterApplicationARN", + "type": "string" + }, + "IdentityCenterInstanceARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM Identity Center instance.", + "title": "IdentityCenterInstanceARN", + "type": "string" + }, + "IdentityStoreId": { + "markdownDescription": "The identifier of the IAM Identity Store.", + "title": "IdentityStoreId", + "type": "string" + }, + "RolesKey": { + "markdownDescription": "Specifies the attribute that contains the backend role identifier (such as group name or group ID) in IAM Identity Center.", + "title": "RolesKey", + "type": "string" + }, + "SubjectKey": { + "markdownDescription": "Specifies the attribute that contains the subject identifier (such as username, user ID, or email) in IAM Identity Center.", + "title": "SubjectKey", + "type": "string" + } + }, + "type": "object" + }, + "AWS::OpenSearchService::Domain.Idp": { + "additionalProperties": false, + "properties": { + "EntityId": { + "markdownDescription": "The unique entity ID of the application in the SAML identity provider.", + "title": "EntityId", + "type": "string" + }, + "MetadataContent": { + "markdownDescription": "The metadata of the SAML application, in XML format.", + "title": "MetadataContent", + "type": "string" + } + }, + "required": [ + "EntityId", + "MetadataContent" + ], + "type": "object" + }, + "AWS::OpenSearchService::Domain.JWTOptions": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "", + "title": "Enabled", + "type": "boolean" + }, + "PublicKey": { + "markdownDescription": "", + "title": "PublicKey", + "type": "string" + }, + "RolesKey": { + "markdownDescription": "", + "title": "RolesKey", + "type": "string" + }, + "SubjectKey": { + "markdownDescription": "", + "title": "SubjectKey", + "type": "string" + } + }, + "type": "object" + }, + "AWS::OpenSearchService::Domain.LogPublishingOption": { + "additionalProperties": false, + "properties": { + "CloudWatchLogsLogGroupArn": { + "markdownDescription": "Specifies the CloudWatch log group to publish to. Required if you enable log publishing.", + "title": "CloudWatchLogsLogGroupArn", + "type": "string" + }, + "Enabled": { + "markdownDescription": "If `true` , enables the publishing of logs to CloudWatch.\n\nDefault: `false` .", + "title": "Enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::OpenSearchService::Domain.MasterUserOptions": { + "additionalProperties": false, + "properties": { + "MasterUserARN": { + "markdownDescription": "Amazon Resource Name (ARN) for the master user. The ARN can point to an IAM user or role. This property is required for Amazon Cognito to work, and it must match the role configured for Cognito. Only specify if `InternalUserDatabaseEnabled` is false in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .", + "title": "MasterUserARN", + "type": "string" + }, + "MasterUserName": { + "markdownDescription": "Username for the master user. Only specify if `InternalUserDatabaseEnabled` is true in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .\n\nIf you don't want to specify this value directly within the template, you can use a [dynamic reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html) instead.", + "title": "MasterUserName", + "type": "string" + }, + "MasterUserPassword": { + "markdownDescription": "Password for the master user. Only specify if `InternalUserDatabaseEnabled` is true in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .\n\nIf you don't want to specify this value directly within the template, you can use a [dynamic reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html) instead.", + "title": "MasterUserPassword", + "type": "string" + } + }, + "type": "object" + }, + "AWS::OpenSearchService::Domain.NodeConfig": { + "additionalProperties": false, + "properties": { + "Count": { + "markdownDescription": "The number of nodes of a specific type within the cluster.", + "title": "Count", + "type": "number" + }, + "Enabled": { + "markdownDescription": "A boolean value indicating whether a specific node type is active or inactive.", + "title": "Enabled", + "type": "boolean" + }, + "Type": { + "markdownDescription": "The instance type of a particular node within the cluster.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::OpenSearchService::Domain.NodeOption": { + "additionalProperties": false, + "properties": { + "NodeConfig": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.NodeConfig", + "markdownDescription": "Configuration options for defining the setup of any node type.", + "title": "NodeConfig" + }, + "NodeType": { + "markdownDescription": "Defines the type of node, such as coordinating nodes.", + "title": "NodeType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::OpenSearchService::Domain.NodeToNodeEncryptionOptions": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Specifies to enable or disable node-to-node encryption on the domain. Required if you enable fine-grained access control in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .", + "title": "Enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::OpenSearchService::Domain.OffPeakWindow": { + "additionalProperties": false, + "properties": { + "WindowStartTime": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.WindowStartTime", + "markdownDescription": "The desired start time for an off-peak maintenance window.", + "title": "WindowStartTime" + } + }, + "type": "object" + }, + "AWS::OpenSearchService::Domain.OffPeakWindowOptions": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Specifies whether off-peak window settings are enabled for the domain.", + "title": "Enabled", + "type": "boolean" + }, + "OffPeakWindow": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.OffPeakWindow", + "markdownDescription": "Off-peak window settings for the domain.", + "title": "OffPeakWindow" + } + }, + "type": "object" + }, + "AWS::OpenSearchService::Domain.SAMLOptions": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "True to enable SAML authentication for a domain.", + "title": "Enabled", + "type": "boolean" + }, + "Idp": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.Idp", + "markdownDescription": "The SAML Identity Provider's information.", + "title": "Idp" + }, + "MasterBackendRole": { + "markdownDescription": "The backend role that the SAML master user is mapped to.", + "title": "MasterBackendRole", + "type": "string" + }, + "MasterUserName": { + "markdownDescription": "The SAML master user name, which is stored in the domain's internal user database.", + "title": "MasterUserName", + "type": "string" + }, + "RolesKey": { + "markdownDescription": "Element of the SAML assertion to use for backend roles. Default is `roles` .", + "title": "RolesKey", + "type": "string" + }, + "SessionTimeoutMinutes": { + "markdownDescription": "The duration, in minutes, after which a user session becomes inactive. Acceptable values are between 1 and 1440, and the default value is 60.", + "title": "SessionTimeoutMinutes", + "type": "number" + }, + "SubjectKey": { + "markdownDescription": "Element of the SAML assertion to use for the user name. Default is `NameID` .", + "title": "SubjectKey", + "type": "string" + } + }, + "type": "object" + }, + "AWS::OpenSearchService::Domain.ServiceSoftwareOptions": { + "additionalProperties": false, + "properties": { + "AutomatedUpdateDate": { + "markdownDescription": "The timestamp, in Epoch time, until which you can manually request a service software update. After this date, we automatically update your service software.", + "title": "AutomatedUpdateDate", + "type": "string" + }, + "Cancellable": { + "markdownDescription": "True if you're able to cancel your service software version update. False if you can't cancel your service software update.", + "title": "Cancellable", + "type": "boolean" + }, + "CurrentVersion": { + "markdownDescription": "The current service software version present on the domain.", + "title": "CurrentVersion", + "type": "string" + }, + "Description": { + "markdownDescription": "A description of the service software update status.", + "title": "Description", + "type": "string" + }, + "NewVersion": { + "markdownDescription": "The new service software version, if one is available.", + "title": "NewVersion", + "type": "string" + }, + "OptionalDeployment": { + "markdownDescription": "True if a service software is never automatically updated. False if a service software is automatically updated after the automated update date.", + "title": "OptionalDeployment", + "type": "boolean" + }, + "UpdateAvailable": { + "markdownDescription": "True if you're able to update your service software version. False if you can't update your service software version.", + "title": "UpdateAvailable", + "type": "boolean" + }, + "UpdateStatus": { + "markdownDescription": "The status of your service software update.", + "title": "UpdateStatus", + "type": "string" + } + }, + "type": "object" + }, + "AWS::OpenSearchService::Domain.SnapshotOptions": { + "additionalProperties": false, + "properties": { + "AutomatedSnapshotStartHour": { + "markdownDescription": "The hour in UTC during which the service takes an automated daily snapshot of the indexes in the OpenSearch Service domain. For example, if you specify 0, OpenSearch Service takes an automated snapshot everyday between midnight and 1 am. You can specify a value between 0 and 23.", + "title": "AutomatedSnapshotStartHour", + "type": "number" + } + }, + "type": "object" + }, + "AWS::OpenSearchService::Domain.SoftwareUpdateOptions": { + "additionalProperties": false, + "properties": { + "AutoSoftwareUpdateEnabled": { + "markdownDescription": "Specifies whether automatic service software updates are enabled for the domain.", + "title": "AutoSoftwareUpdateEnabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::OpenSearchService::Domain.VPCOptions": { + "additionalProperties": false, + "properties": { + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of security group IDs that are associated with the VPC endpoints for the domain. If you don't provide a security group ID, OpenSearch Service uses the default security group for the VPC. To learn more, see [Security groups for your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) in the *Amazon VPC User Guide* .", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "Provide one subnet ID for each Availability Zone that your domain uses. For example, you must specify three subnet IDs for a three-AZ domain. To learn more, see [VPCs and subnets](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) in the *Amazon VPC User Guide* .\n\nIf you specify more than one subnet, you must also configure `ZoneAwarenessEnabled` and `ZoneAwarenessConfig` within [ClusterConfig](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-clusterconfig.html) , otherwise you'll see the error \"You must specify exactly one subnet\" during template creation.", + "title": "SubnetIds", + "type": "array" + } + }, + "type": "object" + }, + "AWS::OpenSearchService::Domain.WindowStartTime": { + "additionalProperties": false, + "properties": { + "Hours": { + "markdownDescription": "The start hour of the window in Coordinated Universal Time (UTC), using 24-hour time. For example, 17 refers to 5:00 P.M. UTC. The minimum value is 0 and the maximum value is 23.", + "title": "Hours", + "type": "number" + }, + "Minutes": { + "markdownDescription": "The start minute of the window, in UTC. The minimum value is 0 and the maximum value is 59.", + "title": "Minutes", + "type": "number" + } + }, + "required": [ + "Hours", + "Minutes" + ], + "type": "object" + }, + "AWS::OpenSearchService::Domain.ZoneAwarenessConfig": { + "additionalProperties": false, + "properties": { + "AvailabilityZoneCount": { + "markdownDescription": "If you enabled multiple Availability Zones (AZs), the number of AZs that you want the domain to use.\n\nValid values are `2` and `3` . Default is 2.", + "title": "AvailabilityZoneCount", + "type": "number" + } + }, + "type": "object" + }, + "AWS::OpsWorks::App": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AppSource": { + "$ref": "#/definitions/AWS::OpsWorks::App.Source", + "markdownDescription": "A `Source` object that specifies the app repository.", + "title": "AppSource" + }, + "Attributes": { + "additionalProperties": true, + "markdownDescription": "One or more user-defined key/value pairs to be added to the stack attributes.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Attributes", + "type": "object" + }, + "DataSources": { + "items": { + "$ref": "#/definitions/AWS::OpsWorks::App.DataSource" + }, + "markdownDescription": "The app's data source.", + "title": "DataSources", + "type": "array" + }, + "Description": { + "markdownDescription": "A description of the app.", + "title": "Description", + "type": "string" + }, + "Domains": { + "items": { + "type": "string" + }, + "markdownDescription": "The app virtual host settings, with multiple domains separated by commas. For example: `'www.example.com, example.com'`", + "title": "Domains", + "type": "array" + }, + "EnableSsl": { + "markdownDescription": "Whether to enable SSL for the app.", + "title": "EnableSsl", + "type": "boolean" + }, + "Environment": { + "items": { + "$ref": "#/definitions/AWS::OpsWorks::App.EnvironmentVariable" + }, + "markdownDescription": "An array of `EnvironmentVariable` objects that specify environment variables to be associated with the app. After you deploy the app, these variables are defined on the associated app server instance. For more information, see [Environment Variables](https://docs.aws.amazon.com/opsworks/latest/userguide/workingapps-creating.html#workingapps-creating-environment) .\n\nThere is no specific limit on the number of environment variables. However, the size of the associated data structure - which includes the variables' names, values, and protected flag values - cannot exceed 20 KB. This limit should accommodate most if not all use cases. Exceeding it will cause an exception with the message, \"Environment: is too large (maximum is 20KB).\"\n\n> If you have specified one or more environment variables, you cannot modify the stack's Chef version.", + "title": "Environment", + "type": "array" + }, + "Name": { + "markdownDescription": "The app name.", + "title": "Name", + "type": "string" + }, + "Shortname": { + "markdownDescription": "The app's short name.", + "title": "Shortname", + "type": "string" + }, + "SslConfiguration": { + "$ref": "#/definitions/AWS::OpsWorks::App.SslConfiguration", + "markdownDescription": "An `SslConfiguration` object with the SSL configuration.", + "title": "SslConfiguration" + }, + "StackId": { + "markdownDescription": "The stack ID.", + "title": "StackId", + "type": "string" + }, + "Type": { + "markdownDescription": "The app type. Each supported type is associated with a particular layer. For example, PHP applications are associated with a PHP layer. AWS OpsWorks Stacks deploys an application to those instances that are members of the corresponding layer. If your app isn't one of the standard types, or you prefer to implement your own Deploy recipes, specify `other` .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Name", + "StackId", + "Type" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::OpsWorks::App" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::OpsWorks::App.DataSource": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The data source's ARN.", + "title": "Arn", + "type": "string" + }, + "DatabaseName": { + "markdownDescription": "The database name.", + "title": "DatabaseName", + "type": "string" + }, + "Type": { + "markdownDescription": "The data source's type, `AutoSelectOpsworksMysqlInstance` , `OpsworksMysqlInstance` , `RdsDbInstance` , or `None` .", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::OpsWorks::App.EnvironmentVariable": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "(Required) The environment variable's name, which can consist of up to 64 characters and must be specified. The name can contain upper- and lowercase letters, numbers, and underscores (_), but it must start with a letter or underscore.", + "title": "Key", + "type": "string" + }, + "Secure": { + "markdownDescription": "(Optional) Whether the variable's value is returned by the `DescribeApps` action. To hide an environment variable's value, set `Secure` to `true` . `DescribeApps` returns `*****FILTERED*****` instead of the actual value. The default value for `Secure` is `false` .", + "title": "Secure", + "type": "boolean" + }, + "Value": { + "markdownDescription": "(Optional) The environment variable's value, which can be left empty. If you specify a value, it can contain up to 256 characters, which must all be printable.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::OpsWorks::App.Source": { + "additionalProperties": false, + "properties": { + "Password": { + "markdownDescription": "When included in a request, the parameter depends on the repository type.\n\n- For Amazon S3 bundles, set `Password` to the appropriate IAM secret access key.\n- For HTTP bundles and Subversion repositories, set `Password` to the password.\n\nFor more information on how to safely handle IAM credentials, see [](https://docs.aws.amazon.com/general/latest/gr/aws-access-keys-best-practices.html) .\n\nIn responses, AWS OpsWorks Stacks returns `*****FILTERED*****` instead of the actual value.", + "title": "Password", + "type": "string" + }, + "Revision": { + "markdownDescription": "The application's version. AWS OpsWorks Stacks enables you to easily deploy new versions of an application. One of the simplest approaches is to have branches or revisions in your repository that represent different versions that can potentially be deployed.", + "title": "Revision", + "type": "string" + }, + "SshKey": { + "markdownDescription": "In requests, the repository's SSH key.\n\nIn responses, AWS OpsWorks Stacks returns `*****FILTERED*****` instead of the actual value.", + "title": "SshKey", + "type": "string" + }, + "Type": { + "markdownDescription": "The repository type.", + "title": "Type", + "type": "string" + }, + "Url": { + "markdownDescription": "The source URL. The following is an example of an Amazon S3 source URL: `https://s3.amazonaws.com/opsworks-demo-bucket/opsworks_cookbook_demo.tar.gz` .", + "title": "Url", + "type": "string" + }, + "Username": { + "markdownDescription": "This parameter depends on the repository type.\n\n- For Amazon S3 bundles, set `Username` to the appropriate IAM access key ID.\n- For HTTP bundles, Git repositories, and Subversion repositories, set `Username` to the user name.", + "title": "Username", + "type": "string" + } + }, + "type": "object" + }, + "AWS::OpsWorks::App.SslConfiguration": { + "additionalProperties": false, + "properties": { + "Certificate": { + "markdownDescription": "The contents of the certificate's domain.crt file.", + "title": "Certificate", + "type": "string" + }, + "Chain": { + "markdownDescription": "Optional. Can be used to specify an intermediate certificate authority key or client authentication.", + "title": "Chain", + "type": "string" + }, + "PrivateKey": { + "markdownDescription": "The private key; the contents of the certificate's domain.kex file.", + "title": "PrivateKey", + "type": "string" + } + }, + "type": "object" + }, + "AWS::OpsWorks::ElasticLoadBalancerAttachment": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ElasticLoadBalancerName": { + "markdownDescription": "The Elastic Load Balancing instance name.", + "title": "ElasticLoadBalancerName", + "type": "string" + }, + "LayerId": { + "markdownDescription": "The AWS OpsWorks layer ID to which the Elastic Load Balancing load balancer is attached.", + "title": "LayerId", + "type": "string" + } + }, + "required": [ + "ElasticLoadBalancerName", + "LayerId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::OpsWorks::ElasticLoadBalancerAttachment" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::OpsWorks::Instance": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AgentVersion": { + "markdownDescription": "The default AWS OpsWorks Stacks agent version. You have the following options:\n\n- `INHERIT` - Use the stack's default agent version setting.\n- *version_number* - Use the specified agent version. This value overrides the stack's default setting. To update the agent version, edit the instance configuration and specify a new version. AWS OpsWorks Stacks installs that version on the instance.\n\nThe default setting is `INHERIT` . To specify an agent version, you must use the complete version number, not the abbreviated number shown on the console. For a list of available agent version numbers, call `DescribeAgentVersions` . AgentVersion cannot be set to Chef 12.2.", + "title": "AgentVersion", + "type": "string" + }, + "AmiId": { + "markdownDescription": "A custom AMI ID to be used to create the instance. The AMI should be based on one of the supported operating systems. For more information, see [Using Custom AMIs](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-custom-ami.html) .\n\n> If you specify a custom AMI, you must set `Os` to `Custom` .", + "title": "AmiId", + "type": "string" + }, + "Architecture": { + "markdownDescription": "The instance architecture. The default option is `x86_64` . Instance types do not necessarily support both architectures. For a list of the architectures that are supported by the different instance types, see [Instance Families and Types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) .", + "title": "Architecture", + "type": "string" + }, + "AutoScalingType": { + "markdownDescription": "For load-based or time-based instances, the type. Windows stacks can use only time-based instances.", + "title": "AutoScalingType", + "type": "string" + }, + "AvailabilityZone": { + "markdownDescription": "The Availability Zone of the AWS OpsWorks instance, such as `us-east-2a` .", + "title": "AvailabilityZone", + "type": "string" + }, + "BlockDeviceMappings": { + "items": { + "$ref": "#/definitions/AWS::OpsWorks::Instance.BlockDeviceMapping" + }, + "markdownDescription": "An array of `BlockDeviceMapping` objects that specify the instance's block devices. For more information, see [Block Device Mapping](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/block-device-mapping-concepts.html) . Note that block device mappings are not supported for custom AMIs.", + "title": "BlockDeviceMappings", + "type": "array" + }, + "EbsOptimized": { + "markdownDescription": "Whether to create an Amazon EBS-optimized instance.", + "title": "EbsOptimized", + "type": "boolean" + }, + "ElasticIps": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of Elastic IP addresses to associate with the instance.", + "title": "ElasticIps", + "type": "array" + }, + "Hostname": { + "markdownDescription": "The instance host name. The following are character limits for instance host names.\n\n- Linux-based instances: 63 characters\n- Windows-based instances: 15 characters", + "title": "Hostname", + "type": "string" + }, + "InstallUpdatesOnBoot": { + "markdownDescription": "Whether to install operating system and package updates when the instance boots. The default value is `true` . To control when updates are installed, set this value to `false` . You must then update your instances manually by using `CreateDeployment` to run the `update_dependencies` stack command or by manually running `yum` (Amazon Linux) or `apt-get` (Ubuntu) on the instances.\n\n> We strongly recommend using the default value of `true` to ensure that your instances have the latest security updates.", + "title": "InstallUpdatesOnBoot", + "type": "boolean" + }, + "InstanceType": { + "markdownDescription": "The instance type, such as `t2.micro` . For a list of supported instance types, open the stack in the console, choose *Instances* , and choose *+ Instance* . The *Size* list contains the currently supported types. For more information, see [Instance Families and Types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) . The parameter values that you use to specify the various types are in the *API Name* column of the *Available Instance Types* table.", + "title": "InstanceType", + "type": "string" + }, + "LayerIds": { + "items": { + "type": "string" + }, + "markdownDescription": "An array that contains the instance's layer IDs.", + "title": "LayerIds", + "type": "array" + }, + "Os": { + "markdownDescription": "The instance's operating system, which must be set to one of the following.\n\n- A supported Linux operating system: An Amazon Linux version, such as `Amazon Linux 2` , `Amazon Linux 2018.03` , `Amazon Linux 2017.09` , `Amazon Linux 2017.03` , `Amazon Linux 2016.09` , `Amazon Linux 2016.03` , `Amazon Linux 2015.09` , or `Amazon Linux 2015.03` .\n- A supported Ubuntu operating system, such as `Ubuntu 18.04 LTS` , `Ubuntu 16.04 LTS` , `Ubuntu 14.04 LTS` , or `Ubuntu 12.04 LTS` .\n- `CentOS Linux 7`\n- `Red Hat Enterprise Linux 7`\n- A supported Windows operating system, such as `Microsoft Windows Server 2012 R2 Base` , `Microsoft Windows Server 2012 R2 with SQL Server Express` , `Microsoft Windows Server 2012 R2 with SQL Server Standard` , or `Microsoft Windows Server 2012 R2 with SQL Server Web` .\n- A custom AMI: `Custom` .\n\nNot all operating systems are supported with all versions of Chef. For more information about the supported operating systems, see [AWS OpsWorks Stacks Operating Systems](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-os.html) .\n\nThe default option is the current Amazon Linux version. If you set this parameter to `Custom` , you must use the `CreateInstance` action's AmiId parameter to specify the custom AMI that you want to use. Block device mappings are not supported if the value is `Custom` . For more information about how to use custom AMIs with AWS OpsWorks Stacks, see [Using Custom AMIs](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-custom-ami.html) .", + "title": "Os", + "type": "string" + }, + "RootDeviceType": { + "markdownDescription": "The instance root device type. For more information, see [Storage for the Root Device](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ComponentsAMIs.html#storage-for-the-root-device) .", + "title": "RootDeviceType", + "type": "string" + }, + "SshKeyName": { + "markdownDescription": "The instance's Amazon EC2 key-pair name.", + "title": "SshKeyName", + "type": "string" + }, + "StackId": { + "markdownDescription": "The stack ID.", + "title": "StackId", + "type": "string" + }, + "SubnetId": { + "markdownDescription": "The ID of the instance's subnet. If the stack is running in a VPC, you can use this parameter to override the stack's default subnet ID value and direct AWS OpsWorks Stacks to launch the instance in a different subnet.", + "title": "SubnetId", + "type": "string" + }, + "Tenancy": { + "markdownDescription": "The instance's tenancy option. The default option is no tenancy, or if the instance is running in a VPC, inherit tenancy settings from the VPC. The following are valid values for this parameter: `dedicated` , `default` , or `host` . Because there are costs associated with changes in tenancy options, we recommend that you research tenancy options before choosing them for your instances. For more information about dedicated hosts, see [Dedicated Hosts Overview](https://docs.aws.amazon.com/ec2/dedicated-hosts/) and [Amazon EC2 Dedicated Hosts](https://docs.aws.amazon.com/ec2/dedicated-hosts/) . For more information about dedicated instances, see [Dedicated Instances](https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/dedicated-instance.html) and [Amazon EC2 Dedicated Instances](https://docs.aws.amazon.com/ec2/purchasing-options/dedicated-instances/) .", + "title": "Tenancy", + "type": "string" + }, + "TimeBasedAutoScaling": { + "$ref": "#/definitions/AWS::OpsWorks::Instance.TimeBasedAutoScaling", + "markdownDescription": "The time-based scaling configuration for the instance.", + "title": "TimeBasedAutoScaling" + }, + "VirtualizationType": { + "markdownDescription": "The instance's virtualization type, `paravirtual` or `hvm` .", + "title": "VirtualizationType", + "type": "string" + }, + "Volumes": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of AWS OpsWorks volume IDs to associate with the instance. For more information, see [`AWS::OpsWorks::Volume`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-opsworks-volume.html) .", + "title": "Volumes", + "type": "array" + } + }, + "required": [ + "InstanceType", + "LayerIds", + "StackId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::OpsWorks::Instance" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::OpsWorks::Instance.BlockDeviceMapping": { + "additionalProperties": false, + "properties": { + "DeviceName": { + "markdownDescription": "The device name that is exposed to the instance, such as `/dev/sdh` . For the root device, you can use the explicit device name or you can set this parameter to `ROOT_DEVICE` and AWS OpsWorks Stacks will provide the correct device name.", + "title": "DeviceName", + "type": "string" + }, + "Ebs": { + "$ref": "#/definitions/AWS::OpsWorks::Instance.EbsBlockDevice", + "markdownDescription": "An `EBSBlockDevice` that defines how to configure an Amazon EBS volume when the instance is launched. You can specify either the `VirtualName` or `Ebs` , but not both.", + "title": "Ebs" + }, + "NoDevice": { + "markdownDescription": "Suppresses the specified device included in the AMI's block device mapping.", + "title": "NoDevice", + "type": "string" + }, + "VirtualName": { + "markdownDescription": "The virtual device name. For more information, see [BlockDeviceMapping](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_BlockDeviceMapping.html) . You can specify either the `VirtualName` or `Ebs` , but not both.", + "title": "VirtualName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::OpsWorks::Instance.EbsBlockDevice": { + "additionalProperties": false, + "properties": { + "DeleteOnTermination": { + "markdownDescription": "Whether the volume is deleted on instance termination.", + "title": "DeleteOnTermination", + "type": "boolean" + }, + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS) that the volume supports. For more information, see [EbsBlockDevice](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_EbsBlockDevice.html) .", + "title": "Iops", + "type": "number" + }, + "SnapshotId": { + "markdownDescription": "The snapshot ID.", + "title": "SnapshotId", + "type": "string" + }, + "VolumeSize": { + "markdownDescription": "The volume size, in GiB. For more information, see [EbsBlockDevice](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_EbsBlockDevice.html) .", + "title": "VolumeSize", + "type": "number" + }, + "VolumeType": { + "markdownDescription": "The volume type. `gp2` for General Purpose (SSD) volumes, `io1` for Provisioned IOPS (SSD) volumes, `st1` for Throughput Optimized hard disk drives (HDD), `sc1` for Cold HDD,and `standard` for Magnetic volumes.\n\nIf you specify the `io1` volume type, you must also specify a value for the `Iops` attribute. The maximum ratio of provisioned IOPS to requested volume size (in GiB) is 50:1. AWS uses the default volume size (in GiB) specified in the AMI attributes to set IOPS to 50 x (volume size).", + "title": "VolumeType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::OpsWorks::Instance.TimeBasedAutoScaling": { + "additionalProperties": false, + "properties": { + "Friday": { + "additionalProperties": true, + "markdownDescription": "The schedule for Friday.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Friday", + "type": "object" + }, + "Monday": { + "additionalProperties": true, + "markdownDescription": "The schedule for Monday.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Monday", + "type": "object" + }, + "Saturday": { + "additionalProperties": true, + "markdownDescription": "The schedule for Saturday.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Saturday", + "type": "object" + }, + "Sunday": { + "additionalProperties": true, + "markdownDescription": "The schedule for Sunday.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Sunday", + "type": "object" + }, + "Thursday": { + "additionalProperties": true, + "markdownDescription": "The schedule for Thursday.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Thursday", + "type": "object" + }, + "Tuesday": { + "additionalProperties": true, + "markdownDescription": "The schedule for Tuesday.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tuesday", + "type": "object" + }, + "Wednesday": { + "additionalProperties": true, + "markdownDescription": "The schedule for Wednesday.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Wednesday", + "type": "object" + } + }, + "type": "object" + }, + "AWS::OpsWorks::Layer": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Attributes": { + "additionalProperties": true, + "markdownDescription": "One or more user-defined key-value pairs to be added to the stack attributes.\n\nTo create a cluster layer, set the `EcsClusterArn` attribute to the cluster's ARN.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Attributes", + "type": "object" + }, + "AutoAssignElasticIps": { + "markdownDescription": "Whether to automatically assign an [Elastic IP address](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html) to the layer's instances. For more information, see [How to Edit a Layer](https://docs.aws.amazon.com/opsworks/latest/userguide/workinglayers-basics-edit.html) .", + "title": "AutoAssignElasticIps", + "type": "boolean" + }, + "AutoAssignPublicIps": { + "markdownDescription": "For stacks that are running in a VPC, whether to automatically assign a public IP address to the layer's instances. For more information, see [How to Edit a Layer](https://docs.aws.amazon.com/opsworks/latest/userguide/workinglayers-basics-edit.html) .", + "title": "AutoAssignPublicIps", + "type": "boolean" + }, + "CustomInstanceProfileArn": { + "markdownDescription": "The ARN of an IAM profile to be used for the layer's EC2 instances. For more information about IAM ARNs, see [Using Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) .", + "title": "CustomInstanceProfileArn", + "type": "string" + }, + "CustomJson": { + "markdownDescription": "A JSON-formatted string containing custom stack configuration and deployment attributes to be installed on the layer's instances. For more information, see [Using Custom JSON](https://docs.aws.amazon.com/opsworks/latest/userguide/workingcookbook-json-override.html) . This feature is supported as of version 1.7.42 of the AWS CLI .", + "title": "CustomJson", + "type": "object" + }, + "CustomRecipes": { + "$ref": "#/definitions/AWS::OpsWorks::Layer.Recipes", + "markdownDescription": "A `LayerCustomRecipes` object that specifies the layer custom recipes.", + "title": "CustomRecipes" + }, + "CustomSecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "An array containing the layer custom security group IDs.", + "title": "CustomSecurityGroupIds", + "type": "array" + }, + "EnableAutoHealing": { + "markdownDescription": "Whether to disable auto healing for the layer.", + "title": "EnableAutoHealing", + "type": "boolean" + }, + "InstallUpdatesOnBoot": { + "markdownDescription": "Whether to install operating system and package updates when the instance boots. The default value is `true` . To control when updates are installed, set this value to `false` . You must then update your instances manually by using `CreateDeployment` to run the `update_dependencies` stack command or by manually running `yum` (Amazon Linux) or `apt-get` (Ubuntu) on the instances.\n\n> To ensure that your instances have the latest security updates, we strongly recommend using the default value of `true` .", + "title": "InstallUpdatesOnBoot", + "type": "boolean" + }, + "LifecycleEventConfiguration": { + "$ref": "#/definitions/AWS::OpsWorks::Layer.LifecycleEventConfiguration", + "markdownDescription": "A `LifeCycleEventConfiguration` object that you can use to configure the Shutdown event to specify an execution timeout and enable or disable Elastic Load Balancer connection draining.", + "title": "LifecycleEventConfiguration" + }, + "LoadBasedAutoScaling": { + "$ref": "#/definitions/AWS::OpsWorks::Layer.LoadBasedAutoScaling", + "markdownDescription": "The load-based scaling configuration for the AWS OpsWorks layer.", + "title": "LoadBasedAutoScaling" + }, + "Name": { + "markdownDescription": "The layer name, which is used by the console. Layer names can be a maximum of 32 characters.", + "title": "Name", + "type": "string" + }, + "Packages": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of `Package` objects that describes the layer packages.", + "title": "Packages", + "type": "array" + }, + "Shortname": { + "markdownDescription": "For custom layers only, use this parameter to specify the layer's short name, which is used internally by AWS OpsWorks Stacks and by Chef recipes. The short name is also used as the name for the directory where your app files are installed. It can have a maximum of 32 characters, which are limited to the alphanumeric characters, '-', '_', and '.'.\n\nBuilt-in layer short names are defined by AWS OpsWorks Stacks. For more information, see the [Layer Reference](https://docs.aws.amazon.com/opsworks/latest/userguide/layers.html) .", + "title": "Shortname", + "type": "string" + }, + "StackId": { + "markdownDescription": "The layer stack ID.", + "title": "StackId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies one or more sets of tags (key\u2013value pairs) to associate with this AWS OpsWorks layer. Use tags to manage your resources.", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "The layer type. A stack cannot have more than one built-in layer of the same type. It can have any number of custom layers. Built-in layers are not available in Chef 12 stacks.", + "title": "Type", + "type": "string" + }, + "UseEbsOptimizedInstances": { + "markdownDescription": "Whether to use Amazon EBS-optimized instances.", + "title": "UseEbsOptimizedInstances", + "type": "boolean" + }, + "VolumeConfigurations": { + "items": { + "$ref": "#/definitions/AWS::OpsWorks::Layer.VolumeConfiguration" + }, + "markdownDescription": "A `VolumeConfigurations` object that describes the layer's Amazon EBS volumes.", + "title": "VolumeConfigurations", + "type": "array" + } + }, + "required": [ + "AutoAssignElasticIps", + "AutoAssignPublicIps", + "EnableAutoHealing", + "Name", + "Shortname", + "StackId", + "Type" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::OpsWorks::Layer" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::OpsWorks::Layer.AutoScalingThresholds": { + "additionalProperties": false, + "properties": { + "CpuThreshold": { + "markdownDescription": "The CPU utilization threshold, as a percent of the available CPU. A value of -1 disables the threshold.", + "title": "CpuThreshold", + "type": "number" + }, + "IgnoreMetricsTime": { + "markdownDescription": "The amount of time (in minutes) after a scaling event occurs that AWS OpsWorks Stacks should ignore metrics and suppress additional scaling events. For example, AWS OpsWorks Stacks adds new instances following an upscaling event but the instances won't start reducing the load until they have been booted and configured. There is no point in raising additional scaling events during that operation, which typically takes several minutes. `IgnoreMetricsTime` allows you to direct AWS OpsWorks Stacks to suppress scaling events long enough to get the new instances online.", + "title": "IgnoreMetricsTime", + "type": "number" + }, + "InstanceCount": { + "markdownDescription": "The number of instances to add or remove when the load exceeds a threshold.", + "title": "InstanceCount", + "type": "number" + }, + "LoadThreshold": { + "markdownDescription": "The load threshold. A value of -1 disables the threshold. For more information about how load is computed, see [Load (computing)](https://docs.aws.amazon.com/http://en.wikipedia.org/wiki/Load_%28computing%29) .", + "title": "LoadThreshold", + "type": "number" + }, + "MemoryThreshold": { + "markdownDescription": "The memory utilization threshold, as a percent of the available memory. A value of -1 disables the threshold.", + "title": "MemoryThreshold", + "type": "number" + }, + "ThresholdsWaitTime": { + "markdownDescription": "The amount of time, in minutes, that the load must exceed a threshold before more instances are added or removed.", + "title": "ThresholdsWaitTime", + "type": "number" + } + }, + "type": "object" + }, + "AWS::OpsWorks::Layer.LifecycleEventConfiguration": { + "additionalProperties": false, + "properties": { + "ShutdownEventConfiguration": { + "$ref": "#/definitions/AWS::OpsWorks::Layer.ShutdownEventConfiguration", + "markdownDescription": "The Shutdown event configuration.", + "title": "ShutdownEventConfiguration" + } + }, + "type": "object" + }, + "AWS::OpsWorks::Layer.LoadBasedAutoScaling": { + "additionalProperties": false, + "properties": { + "DownScaling": { + "$ref": "#/definitions/AWS::OpsWorks::Layer.AutoScalingThresholds", + "markdownDescription": "An `AutoScalingThresholds` object that describes the downscaling configuration, which defines how and when AWS OpsWorks Stacks reduces the number of instances.", + "title": "DownScaling" + }, + "Enable": { + "markdownDescription": "Whether load-based auto scaling is enabled for the layer.", + "title": "Enable", + "type": "boolean" + }, + "UpScaling": { + "$ref": "#/definitions/AWS::OpsWorks::Layer.AutoScalingThresholds", + "markdownDescription": "An `AutoScalingThresholds` object that describes the upscaling configuration, which defines how and when AWS OpsWorks Stacks increases the number of instances.", + "title": "UpScaling" + } + }, + "type": "object" + }, + "AWS::OpsWorks::Layer.Recipes": { + "additionalProperties": false, + "properties": { + "Configure": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of custom recipe names to be run following a `configure` event.", + "title": "Configure", + "type": "array" + }, + "Deploy": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of custom recipe names to be run following a `deploy` event.", + "title": "Deploy", + "type": "array" + }, + "Setup": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of custom recipe names to be run following a `setup` event.", + "title": "Setup", + "type": "array" + }, + "Shutdown": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of custom recipe names to be run following a `shutdown` event.", + "title": "Shutdown", + "type": "array" + }, + "Undeploy": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of custom recipe names to be run following a `undeploy` event.", + "title": "Undeploy", + "type": "array" + } + }, + "type": "object" + }, + "AWS::OpsWorks::Layer.ShutdownEventConfiguration": { + "additionalProperties": false, + "properties": { + "DelayUntilElbConnectionsDrained": { + "markdownDescription": "Whether to enable Elastic Load Balancing connection draining. For more information, see [Connection Draining](https://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/TerminologyandKeyConcepts.html#conn-drain)", + "title": "DelayUntilElbConnectionsDrained", + "type": "boolean" + }, + "ExecutionTimeout": { + "markdownDescription": "The time, in seconds, that AWS OpsWorks Stacks waits after triggering a Shutdown event before shutting down an instance.", + "title": "ExecutionTimeout", + "type": "number" + } + }, + "type": "object" + }, + "AWS::OpsWorks::Layer.VolumeConfiguration": { + "additionalProperties": false, + "properties": { + "Encrypted": { + "markdownDescription": "Specifies whether an Amazon EBS volume is encrypted. For more information, see [Amazon EBS Encryption](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) .", + "title": "Encrypted", + "type": "boolean" + }, + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS) to provision for the volume. For PIOPS volumes, the IOPS per disk.\n\nIf you specify `io1` for the volume type, you must specify this property.", + "title": "Iops", + "type": "number" + }, + "MountPoint": { + "markdownDescription": "The volume mount point. For example \"/dev/sdh\".", + "title": "MountPoint", + "type": "string" + }, + "NumberOfDisks": { + "markdownDescription": "The number of disks in the volume.", + "title": "NumberOfDisks", + "type": "number" + }, + "RaidLevel": { + "markdownDescription": "The volume [RAID level](https://docs.aws.amazon.com/http://en.wikipedia.org/wiki/Standard_RAID_levels) .", + "title": "RaidLevel", + "type": "number" + }, + "Size": { + "markdownDescription": "The volume size.", + "title": "Size", + "type": "number" + }, + "VolumeType": { + "markdownDescription": "The volume type. For more information, see [Amazon EBS Volume Types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) .\n\n- `standard` - Magnetic. Magnetic volumes must have a minimum size of 1 GiB and a maximum size of 1024 GiB.\n- `io1` - Provisioned IOPS (SSD). PIOPS volumes must have a minimum size of 4 GiB and a maximum size of 16384 GiB.\n- `gp2` - General Purpose (SSD). General purpose volumes must have a minimum size of 1 GiB and a maximum size of 16384 GiB.\n- `st1` - Throughput Optimized hard disk drive (HDD). Throughput optimized HDD volumes must have a minimum size of 125 GiB and a maximum size of 16384 GiB.\n- `sc1` - Cold HDD. Cold HDD volumes must have a minimum size of 125 GiB and a maximum size of 16384 GiB.", + "title": "VolumeType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::OpsWorks::Stack": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AgentVersion": { + "markdownDescription": "The default AWS OpsWorks Stacks agent version. You have the following options:\n\n- Auto-update - Set this parameter to `LATEST` . AWS OpsWorks Stacks automatically installs new agent versions on the stack's instances as soon as they are available.\n- Fixed version - Set this parameter to your preferred agent version. To update the agent version, you must edit the stack configuration and specify a new version. AWS OpsWorks Stacks installs that version on the stack's instances.\n\nThe default setting is the most recent release of the agent. To specify an agent version, you must use the complete version number, not the abbreviated number shown on the console. For a list of available agent version numbers, call `DescribeAgentVersions` . AgentVersion cannot be set to Chef 12.2.\n\n> You can also specify an agent version when you create or update an instance, which overrides the stack's default setting.", + "title": "AgentVersion", + "type": "string" + }, + "Attributes": { + "additionalProperties": true, + "markdownDescription": "One or more user-defined key-value pairs to be added to the stack attributes.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Attributes", + "type": "object" + }, + "ChefConfiguration": { + "$ref": "#/definitions/AWS::OpsWorks::Stack.ChefConfiguration", + "markdownDescription": "A `ChefConfiguration` object that specifies whether to enable Berkshelf and the Berkshelf version on Chef 11.10 stacks. For more information, see [Create a New Stack](https://docs.aws.amazon.com/opsworks/latest/userguide/workingstacks-creating.html) .", + "title": "ChefConfiguration" + }, + "CloneAppIds": { + "items": { + "type": "string" + }, + "markdownDescription": "If you're cloning an AWS OpsWorks stack, a list of AWS OpsWorks application stack IDs from the source stack to include in the cloned stack.", + "title": "CloneAppIds", + "type": "array" + }, + "ClonePermissions": { + "markdownDescription": "If you're cloning an AWS OpsWorks stack, indicates whether to clone the source stack's permissions.", + "title": "ClonePermissions", + "type": "boolean" + }, + "ConfigurationManager": { + "$ref": "#/definitions/AWS::OpsWorks::Stack.StackConfigurationManager", + "markdownDescription": "The configuration manager. When you create a stack we recommend that you use the configuration manager to specify the Chef version: 12, 11.10, or 11.4 for Linux stacks, or 12.2 for Windows stacks. The default value for Linux stacks is currently 12.", + "title": "ConfigurationManager" + }, + "CustomCookbooksSource": { + "$ref": "#/definitions/AWS::OpsWorks::Stack.Source", + "markdownDescription": "Contains the information required to retrieve an app or cookbook from a repository. For more information, see [Adding Apps](https://docs.aws.amazon.com/opsworks/latest/userguide/workingapps-creating.html) or [Cookbooks and Recipes](https://docs.aws.amazon.com/opsworks/latest/userguide/workingcookbook.html) .", + "title": "CustomCookbooksSource" + }, + "CustomJson": { + "markdownDescription": "A string that contains user-defined, custom JSON. It can be used to override the corresponding default stack configuration attribute values or to pass data to recipes. The string should be in the following format:\n\n`\"{\\\"key1\\\": \\\"value1\\\", \\\"key2\\\": \\\"value2\\\",...}\"`\n\nFor more information about custom JSON, see [Use Custom JSON to Modify the Stack Configuration Attributes](https://docs.aws.amazon.com/opsworks/latest/userguide/workingstacks-json.html) .", + "title": "CustomJson", + "type": "object" + }, + "DefaultAvailabilityZone": { + "markdownDescription": "The stack's default Availability Zone, which must be in the specified region. For more information, see [Regions and Endpoints](https://docs.aws.amazon.com/general/latest/gr/rande.html) . If you also specify a value for `DefaultSubnetId` , the subnet must be in the same zone. For more information, see the `VpcId` parameter description.", + "title": "DefaultAvailabilityZone", + "type": "string" + }, + "DefaultInstanceProfileArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM profile that is the default profile for all of the stack's EC2 instances. For more information about IAM ARNs, see [Using Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) .", + "title": "DefaultInstanceProfileArn", + "type": "string" + }, + "DefaultOs": { + "markdownDescription": "The stack's default operating system, which is installed on every instance unless you specify a different operating system when you create the instance. You can specify one of the following.\n\n- A supported Linux operating system: An Amazon Linux version, such as `Amazon Linux 2` , `Amazon Linux 2018.03` , `Amazon Linux 2017.09` , `Amazon Linux 2017.03` , `Amazon Linux 2016.09` , `Amazon Linux 2016.03` , `Amazon Linux 2015.09` , or `Amazon Linux 2015.03` .\n- A supported Ubuntu operating system, such as `Ubuntu 18.04 LTS` , `Ubuntu 16.04 LTS` , `Ubuntu 14.04 LTS` , or `Ubuntu 12.04 LTS` .\n- `CentOS Linux 7`\n- `Red Hat Enterprise Linux 7`\n- A supported Windows operating system, such as `Microsoft Windows Server 2012 R2 Base` , `Microsoft Windows Server 2012 R2 with SQL Server Express` , `Microsoft Windows Server 2012 R2 with SQL Server Standard` , or `Microsoft Windows Server 2012 R2 with SQL Server Web` .\n- A custom AMI: `Custom` . You specify the custom AMI you want to use when you create instances. For more information, see [Using Custom AMIs](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-custom-ami.html) .\n\nThe default option is the current Amazon Linux version. Not all operating systems are supported with all versions of Chef. For more information about supported operating systems, see [AWS OpsWorks Stacks Operating Systems](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-os.html) .", + "title": "DefaultOs", + "type": "string" + }, + "DefaultRootDeviceType": { + "markdownDescription": "The default root device type. This value is the default for all instances in the stack, but you can override it when you create an instance. The default option is `instance-store` . For more information, see [Storage for the Root Device](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ComponentsAMIs.html#storage-for-the-root-device) .", + "title": "DefaultRootDeviceType", + "type": "string" + }, + "DefaultSshKeyName": { + "markdownDescription": "A default Amazon EC2 key pair name. The default value is none. If you specify a key pair name, AWS OpsWorks installs the public key on the instance and you can use the private key with an SSH client to log in to the instance. For more information, see [Using SSH to Communicate with an Instance](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-ssh.html) and [Managing SSH Access](https://docs.aws.amazon.com/opsworks/latest/userguide/security-ssh-access.html) . You can override this setting by specifying a different key pair, or no key pair, when you [create an instance](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-add.html) .", + "title": "DefaultSshKeyName", + "type": "string" + }, + "DefaultSubnetId": { + "markdownDescription": "The stack's default subnet ID. All instances are launched into this subnet unless you specify another subnet ID when you create the instance. This parameter is required if you specify a value for the `VpcId` parameter. If you also specify a value for `DefaultAvailabilityZone` , the subnet must be in that zone.", + "title": "DefaultSubnetId", + "type": "string" + }, + "EcsClusterArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Elastic Container Service ( Amazon ECS ) cluster to register with the AWS OpsWorks stack.\n\n> If you specify a cluster that's registered with another AWS OpsWorks stack, AWS CloudFormation deregisters the existing association before registering the cluster.", + "title": "EcsClusterArn", + "type": "string" + }, + "ElasticIps": { + "items": { + "$ref": "#/definitions/AWS::OpsWorks::Stack.ElasticIp" + }, + "markdownDescription": "A list of Elastic IP addresses to register with the AWS OpsWorks stack.\n\n> If you specify an IP address that's registered with another AWS OpsWorks stack, AWS CloudFormation deregisters the existing association before registering the IP address.", + "title": "ElasticIps", + "type": "array" + }, + "HostnameTheme": { + "markdownDescription": "The stack's host name theme, with spaces replaced by underscores. The theme is used to generate host names for the stack's instances. By default, `HostnameTheme` is set to `Layer_Dependent` , which creates host names by appending integers to the layer's short name. The other themes are:\n\n- `Baked_Goods`\n- `Clouds`\n- `Europe_Cities`\n- `Fruits`\n- `Greek_Deities_and_Titans`\n- `Legendary_creatures_from_Japan`\n- `Planets_and_Moons`\n- `Roman_Deities`\n- `Scottish_Islands`\n- `US_Cities`\n- `Wild_Cats`\n\nTo obtain a generated host name, call `GetHostNameSuggestion` , which returns a host name based on the current theme.", + "title": "HostnameTheme", + "type": "string" + }, + "Name": { + "markdownDescription": "The stack name. Stack names can be a maximum of 64 characters.", + "title": "Name", + "type": "string" + }, + "RdsDbInstances": { + "items": { + "$ref": "#/definitions/AWS::OpsWorks::Stack.RdsDbInstance" + }, + "markdownDescription": "The Amazon Relational Database Service ( Amazon RDS ) database instance to register with the AWS OpsWorks stack.\n\n> If you specify a database instance that's registered with another AWS OpsWorks stack, AWS CloudFormation deregisters the existing association before registering the database instance.", + "title": "RdsDbInstances", + "type": "array" + }, + "ServiceRoleArn": { + "markdownDescription": "The stack's IAM role, which allows AWS OpsWorks Stacks to work with AWS resources on your behalf. You must set this parameter to the Amazon Resource Name (ARN) for an existing IAM role. For more information about IAM ARNs, see [Using Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) .", + "title": "ServiceRoleArn", + "type": "string" + }, + "SourceStackId": { + "markdownDescription": "If you're cloning an AWS OpsWorks stack, the stack ID of the source AWS OpsWorks stack to clone.", + "title": "SourceStackId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A map that contains tag keys and tag values that are attached to a stack or layer.\n\n- The key cannot be empty.\n- The key can be a maximum of 127 characters, and can contain only Unicode letters, numbers, or separators, or the following special characters: `+ - = . _ : /`\n- The value can be a maximum 255 characters, and contain only Unicode letters, numbers, or separators, or the following special characters: `+ - = . _ : /`\n- Leading and trailing white spaces are trimmed from both the key and value.\n- A maximum of 40 tags is allowed for any resource.", + "title": "Tags", + "type": "array" + }, + "UseCustomCookbooks": { + "markdownDescription": "Whether the stack uses custom cookbooks.", + "title": "UseCustomCookbooks", + "type": "boolean" + }, + "UseOpsworksSecurityGroups": { + "markdownDescription": "Whether to associate the AWS OpsWorks Stacks built-in security groups with the stack's layers.\n\nAWS OpsWorks Stacks provides a standard set of built-in security groups, one for each layer, which are associated with layers by default. With `UseOpsworksSecurityGroups` you can instead provide your own custom security groups. `UseOpsworksSecurityGroups` has the following settings:\n\n- True - AWS OpsWorks Stacks automatically associates the appropriate built-in security group with each layer (default setting). You can associate additional security groups with a layer after you create it, but you cannot delete the built-in security group.\n- False - AWS OpsWorks Stacks does not associate built-in security groups with layers. You must create appropriate EC2 security groups and associate a security group with each layer that you create. However, you can still manually associate a built-in security group with a layer on creation; custom security groups are required only for those layers that need custom settings.\n\nFor more information, see [Create a New Stack](https://docs.aws.amazon.com/opsworks/latest/userguide/workingstacks-creating.html) .", + "title": "UseOpsworksSecurityGroups", + "type": "boolean" + }, + "VpcId": { + "markdownDescription": "The ID of the VPC that the stack is to be launched into. The VPC must be in the stack's region. All instances are launched into this VPC. You cannot change the ID later.\n\n- If your account supports EC2-Classic, the default value is `no VPC` .\n- If your account does not support EC2-Classic, the default value is the default VPC for the specified region.\n\nIf the VPC ID corresponds to a default VPC and you have specified either the `DefaultAvailabilityZone` or the `DefaultSubnetId` parameter only, AWS OpsWorks Stacks infers the value of the other parameter. If you specify neither parameter, AWS OpsWorks Stacks sets these parameters to the first valid Availability Zone for the specified region and the corresponding default VPC subnet ID, respectively.\n\nIf you specify a nondefault VPC ID, note the following:\n\n- It must belong to a VPC in your account that is in the specified region.\n- You must specify a value for `DefaultSubnetId` .\n\nFor more information about how to use AWS OpsWorks Stacks with a VPC, see [Running a Stack in a VPC](https://docs.aws.amazon.com/opsworks/latest/userguide/workingstacks-vpc.html) . For more information about default VPC and EC2-Classic, see [Supported Platforms](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-supported-platforms.html) .", + "title": "VpcId", + "type": "string" + } + }, + "required": [ + "DefaultInstanceProfileArn", + "Name", + "ServiceRoleArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::OpsWorks::Stack" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::OpsWorks::Stack.ChefConfiguration": { + "additionalProperties": false, + "properties": { + "BerkshelfVersion": { + "markdownDescription": "The Berkshelf version.", + "title": "BerkshelfVersion", + "type": "string" + }, + "ManageBerkshelf": { + "markdownDescription": "Whether to enable Berkshelf.", + "title": "ManageBerkshelf", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::OpsWorks::Stack.ElasticIp": { + "additionalProperties": false, + "properties": { + "Ip": { + "markdownDescription": "The IP address.", + "title": "Ip", + "type": "string" + }, + "Name": { + "markdownDescription": "The name, which can be a maximum of 32 characters.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Ip" + ], + "type": "object" + }, + "AWS::OpsWorks::Stack.RdsDbInstance": { + "additionalProperties": false, + "properties": { + "DbPassword": { + "markdownDescription": "AWS OpsWorks Stacks returns `*****FILTERED*****` instead of the actual value.", + "title": "DbPassword", + "type": "string" + }, + "DbUser": { + "markdownDescription": "The master user name.", + "title": "DbUser", + "type": "string" + }, + "RdsDbInstanceArn": { + "markdownDescription": "The instance's ARN.", + "title": "RdsDbInstanceArn", + "type": "string" + } + }, + "required": [ + "DbPassword", + "DbUser", + "RdsDbInstanceArn" + ], + "type": "object" + }, + "AWS::OpsWorks::Stack.Source": { + "additionalProperties": false, + "properties": { + "Password": { + "markdownDescription": "When included in a request, the parameter depends on the repository type.\n\n- For Amazon S3 bundles, set `Password` to the appropriate IAM secret access key.\n- For HTTP bundles and Subversion repositories, set `Password` to the password.\n\nFor more information on how to safely handle IAM credentials, see [](https://docs.aws.amazon.com/general/latest/gr/aws-access-keys-best-practices.html) .\n\nIn responses, AWS OpsWorks Stacks returns `*****FILTERED*****` instead of the actual value.", + "title": "Password", + "type": "string" + }, + "Revision": { + "markdownDescription": "The application's version. AWS OpsWorks Stacks enables you to easily deploy new versions of an application. One of the simplest approaches is to have branches or revisions in your repository that represent different versions that can potentially be deployed.", + "title": "Revision", + "type": "string" + }, + "SshKey": { + "markdownDescription": "The repository's SSH key. For more information, see [Using Git Repository SSH Keys](https://docs.aws.amazon.com/opsworks/latest/userguide/workingapps-deploykeys.html) in the *AWS OpsWorks User Guide* . To pass in an SSH key as a parameter, see the following example:\n\n`\"Parameters\" : { \"GitSSHKey\" : { \"Description\" : \"Change SSH key newlines to commas.\", \"Type\" : \"CommaDelimitedList\", \"NoEcho\" : \"true\" }, ... \"CustomCookbooksSource\": { \"Revision\" : { \"Ref\": \"GitRevision\"}, \"SshKey\" : { \"Fn::Join\" : [ \"\\n\", { \"Ref\": \"GitSSHKey\"} ] }, \"Type\": \"git\", \"Url\": { \"Ref\": \"GitURL\"} } ...`", + "title": "SshKey", + "type": "string" + }, + "Type": { + "markdownDescription": "The repository type.", + "title": "Type", + "type": "string" + }, + "Url": { + "markdownDescription": "The source URL. The following is an example of an Amazon S3 source URL: `https://s3.amazonaws.com/opsworks-demo-bucket/opsworks_cookbook_demo.tar.gz` .", + "title": "Url", + "type": "string" + }, + "Username": { + "markdownDescription": "This parameter depends on the repository type.\n\n- For Amazon S3 bundles, set `Username` to the appropriate IAM access key ID.\n- For HTTP bundles, Git repositories, and Subversion repositories, set `Username` to the user name.", + "title": "Username", + "type": "string" + } + }, + "type": "object" + }, + "AWS::OpsWorks::Stack.StackConfigurationManager": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name. This parameter must be set to `Chef` .", + "title": "Name", + "type": "string" + }, + "Version": { + "markdownDescription": "The Chef version. This parameter must be set to 12, 11.10, or 11.4 for Linux stacks, and to 12.2 for Windows stacks. The default value for Linux stacks is 12.", + "title": "Version", + "type": "string" + } + }, + "type": "object" + }, + "AWS::OpsWorks::UserProfile": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AllowSelfManagement": { + "markdownDescription": "Whether users can specify their own SSH public key through the My Settings page. For more information, see [Managing User Permissions](https://docs.aws.amazon.com/opsworks/latest/userguide/security-settingsshkey.html) .", + "title": "AllowSelfManagement", + "type": "boolean" + }, + "IamUserArn": { + "markdownDescription": "The user's IAM ARN.", + "title": "IamUserArn", + "type": "string" + }, + "SshPublicKey": { + "markdownDescription": "The user's SSH public key.", + "title": "SshPublicKey", + "type": "string" + }, + "SshUsername": { + "markdownDescription": "The user's SSH user name.", + "title": "SshUsername", + "type": "string" + } + }, + "required": [ + "IamUserArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::OpsWorks::UserProfile" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::OpsWorks::Volume": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Ec2VolumeId": { + "markdownDescription": "The Amazon EC2 volume ID.", + "title": "Ec2VolumeId", + "type": "string" + }, + "MountPoint": { + "markdownDescription": "The volume mount point. For example, \"/mnt/disk1\".", + "title": "MountPoint", + "type": "string" + }, + "Name": { + "markdownDescription": "The volume name. Volume names are a maximum of 128 characters.", + "title": "Name", + "type": "string" + }, + "StackId": { + "markdownDescription": "The stack ID.", + "title": "StackId", + "type": "string" + } + }, + "required": [ + "Ec2VolumeId", + "StackId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::OpsWorks::Volume" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::OpsWorksCM::Server": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AssociatePublicIpAddress": { + "markdownDescription": "Associate a public IP address with a server that you are launching. Valid values are `true` or `false` . The default value is `true` .", + "title": "AssociatePublicIpAddress", + "type": "boolean" + }, + "BackupId": { + "markdownDescription": "If you specify this field, AWS OpsWorks CM creates the server by using the backup represented by BackupId.", + "title": "BackupId", + "type": "string" + }, + "BackupRetentionCount": { + "markdownDescription": "The number of automated backups that you want to keep. Whenever a new backup is created, AWS OpsWorks CM deletes the oldest backups if this number is exceeded. The default value is `1` .", + "title": "BackupRetentionCount", + "type": "number" + }, + "CustomCertificate": { + "markdownDescription": "Supported on servers running Chef Automate 2.0 only. A PEM-formatted HTTPS certificate. The value can be be a single, self-signed certificate, or a certificate chain. If you specify a custom certificate, you must also specify values for `CustomDomain` and `CustomPrivateKey` . The following are requirements for the `CustomCertificate` value:\n\n- You can provide either a self-signed, custom certificate, or the full certificate chain.\n- The certificate must be a valid X509 certificate, or a certificate chain in PEM format.\n- The certificate must be valid at the time of upload. A certificate can't be used before its validity period begins (the certificate's `NotBefore` date), or after it expires (the certificate's `NotAfter` date).\n- The certificate\u2019s common name or subject alternative names (SANs), if present, must match the value of `CustomDomain` .\n- The certificate must match the value of `CustomPrivateKey` .", + "title": "CustomCertificate", + "type": "string" + }, + "CustomDomain": { + "markdownDescription": "Supported on servers running Chef Automate 2.0 only. An optional public endpoint of a server, such as `https://aws.my-company.com` . To access the server, create a CNAME DNS record in your preferred DNS service that points the custom domain to the endpoint that is generated when the server is created (the value of the CreateServer Endpoint attribute). You cannot access the server by using the generated `Endpoint` value if the server is using a custom domain. If you specify a custom domain, you must also specify values for `CustomCertificate` and `CustomPrivateKey` .", + "title": "CustomDomain", + "type": "string" + }, + "CustomPrivateKey": { + "markdownDescription": "Supported on servers running Chef Automate 2.0 only. A private key in PEM format for connecting to the server by using HTTPS. The private key must not be encrypted; it cannot be protected by a password or passphrase. If you specify a custom private key, you must also specify values for `CustomDomain` and `CustomCertificate` .", + "title": "CustomPrivateKey", + "type": "string" + }, + "DisableAutomatedBackup": { + "markdownDescription": "Enable or disable scheduled backups. Valid values are `true` or `false` . The default value is `true` .", + "title": "DisableAutomatedBackup", + "type": "boolean" + }, + "Engine": { + "markdownDescription": "The configuration management engine to use. Valid values include `ChefAutomate` and `Puppet` .", + "title": "Engine", + "type": "string" + }, + "EngineAttributes": { + "items": { + "$ref": "#/definitions/AWS::OpsWorksCM::Server.EngineAttribute" + }, + "markdownDescription": "Optional engine attributes on a specified server.\n\n**Attributes accepted in a Chef createServer request:** - `CHEF_AUTOMATE_PIVOTAL_KEY` : A base64-encoded RSA public key. The corresponding private key is required to access the Chef API. When no CHEF_AUTOMATE_PIVOTAL_KEY is set, a private key is generated and returned in the response. When you are specifying the value of CHEF_AUTOMATE_PIVOTAL_KEY as a parameter in the AWS CloudFormation console, you must add newline ( `\\n` ) characters at the end of each line of the pivotal key value.\n- `CHEF_AUTOMATE_ADMIN_PASSWORD` : The password for the administrative user in the Chef Automate web-based dashboard. The password length is a minimum of eight characters, and a maximum of 32. The password can contain letters, numbers, and special characters (!/@#$%^&+=_). The password must contain at least one lower case letter, one upper case letter, one number, and one special character. When no CHEF_AUTOMATE_ADMIN_PASSWORD is set, one is generated and returned in the response.\n\n**Attributes accepted in a Puppet createServer request:** - `PUPPET_ADMIN_PASSWORD` : To work with the Puppet Enterprise console, a password must use ASCII characters.\n- `PUPPET_R10K_REMOTE` : The r10k remote is the URL of your control repository (for example, ssh://git@your.git-repo.com:user/control-repo.git). Specifying an r10k remote opens TCP port 8170.\n- `PUPPET_R10K_PRIVATE_KEY` : If you are using a private Git repository, add PUPPET_R10K_PRIVATE_KEY to specify a PEM-encoded private SSH key.", + "title": "EngineAttributes", + "type": "array" + }, + "EngineModel": { + "markdownDescription": "The engine model of the server. Valid values in this release include `Monolithic` for Puppet and `Single` for Chef.", + "title": "EngineModel", + "type": "string" + }, + "EngineVersion": { + "markdownDescription": "The major release version of the engine that you want to use. For a Chef server, the valid value for EngineVersion is currently `2` . For a Puppet server, valid values are `2019` or `2017` .", + "title": "EngineVersion", + "type": "string" + }, + "InstanceProfileArn": { + "markdownDescription": "The ARN of the instance profile that your Amazon EC2 instances use.", + "title": "InstanceProfileArn", + "type": "string" + }, + "InstanceType": { + "markdownDescription": "The Amazon EC2 instance type to use. For example, `m5.large` .", + "title": "InstanceType", + "type": "string" + }, + "KeyPair": { + "markdownDescription": "The Amazon EC2 key pair to set for the instance. This parameter is optional; if desired, you may specify this parameter to connect to your instances by using SSH.", + "title": "KeyPair", + "type": "string" + }, + "PreferredBackupWindow": { + "markdownDescription": "The start time for a one-hour period during which AWS OpsWorks CM backs up application-level data on your server if automated backups are enabled. Valid values must be specified in one of the following formats:\n\n- `HH:MM` for daily backups\n- `DDD:HH:MM` for weekly backups\n\n`MM` must be specified as `00` . The specified time is in coordinated universal time (UTC). The default value is a random, daily start time.\n\n*Example:* `08:00` , which represents a daily start time of 08:00 UTC.\n\n*Example:* `Mon:08:00` , which represents a start time of every Monday at 08:00 UTC. (8:00 a.m.)", + "title": "PreferredBackupWindow", + "type": "string" + }, + "PreferredMaintenanceWindow": { + "markdownDescription": "The start time for a one-hour period each week during which AWS OpsWorks CM performs maintenance on the instance. Valid values must be specified in the following format: `DDD:HH:MM` . `MM` must be specified as `00` . The specified time is in coordinated universal time (UTC). The default value is a random one-hour period on Tuesday, Wednesday, or Friday. See `TimeWindowDefinition` for more information.\n\n*Example:* `Mon:08:00` , which represents a start time of every Monday at 08:00 UTC. (8:00 a.m.)", + "title": "PreferredMaintenanceWindow", + "type": "string" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of security group IDs to attach to the Amazon EC2 instance. If you add this parameter, the specified security groups must be within the VPC that is specified by `SubnetIds` .\n\nIf you do not specify this parameter, AWS OpsWorks CM creates one new security group that uses TCP ports 22 and 443, open to 0.0.0.0/0 (everyone).", + "title": "SecurityGroupIds", + "type": "array" + }, + "ServerName": { + "markdownDescription": "The name of the server. The server name must be unique within your AWS account, within each region. Server names must start with a letter; then letters, numbers, or hyphens (-) are allowed, up to a maximum of 40 characters.", + "title": "ServerName", + "type": "string" + }, + "ServiceRoleArn": { + "markdownDescription": "The service role that the AWS OpsWorks CM service backend uses to work with your account.", + "title": "ServiceRoleArn", + "type": "string" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of subnets in which to launch the server EC2 instance.\n\nAmazon EC2-Classic customers: This field is required. All servers must run within a VPC. The VPC must have \"Auto Assign Public IP\" enabled.\n\nEC2-VPC customers: This field is optional. If you do not specify subnet IDs, your EC2 instances are created in a default subnet that is selected by Amazon EC2. If you specify subnet IDs, the VPC must have \"Auto Assign Public IP\" enabled.\n\nFor more information about supported Amazon EC2 platforms, see [Supported Platforms](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-supported-platforms.html) .", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A map that contains tag keys and tag values to attach to an AWS OpsWorks for Chef Automate or OpsWorks for Puppet Enterprise server.\n\n- The key cannot be empty.\n- The key can be a maximum of 127 characters, and can contain only Unicode letters, numbers, or separators, or the following special characters: `+ - = . _ : / @`\n- The value can be a maximum 255 characters, and contain only Unicode letters, numbers, or separators, or the following special characters: `+ - = . _ : / @`\n- Leading and trailing spaces are trimmed from both the key and value.\n- A maximum of 50 user-applied tags is allowed for any AWS OpsWorks CM server.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "InstanceProfileArn", + "InstanceType", + "ServiceRoleArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::OpsWorksCM::Server" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::OpsWorksCM::Server.EngineAttribute": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the engine attribute.\n\n*Attribute name for Chef Automate servers:*\n\n- `CHEF_AUTOMATE_ADMIN_PASSWORD`\n\n*Attribute names for Puppet Enterprise servers:*\n\n- `PUPPET_ADMIN_PASSWORD`\n- `PUPPET_R10K_REMOTE`\n- `PUPPET_R10K_PRIVATE_KEY`", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the engine attribute.\n\n*Attribute value for Chef Automate servers:*\n\n- `CHEF_AUTOMATE_PIVOTAL_KEY` : A base64-encoded RSA public key. The corresponding private key is required to access the Chef API. You can generate this key by running the following [OpenSSL](https://docs.aws.amazon.com/https://www.openssl.org/) command on Linux-based computers.\n\n`openssl genrsa -out *pivotal_key_file_name* .pem 2048`\n\nOn Windows-based computers, you can use the PuTTYgen utility to generate a base64-encoded RSA private key. For more information, see [PuTTYgen - Key Generator for PuTTY on Windows](https://docs.aws.amazon.com/https://www.ssh.com/ssh/putty/windows/puttygen) on SSH.com.\n\n*Attribute values for Puppet Enterprise servers:*\n\n- `PUPPET_ADMIN_PASSWORD` : An administrator password that you can use to sign in to the Puppet Enterprise console webpage after the server is online. The password must use between 8 and 32 ASCII characters.\n- `PUPPET_R10K_REMOTE` : The r10k remote is the URL of your control repository (for example, ssh://git@your.git-repo.com:user/control-repo.git). Specifying an r10k remote opens TCP port 8170.\n- `PUPPET_R10K_PRIVATE_KEY` : If you are using a private Git repository, add `PUPPET_R10K_PRIVATE_KEY` to specify a PEM-encoded private SSH key.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Organizations::Account": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AccountName": { + "markdownDescription": "The account name given to the account when it was created.", + "title": "AccountName", + "type": "string" + }, + "Email": { + "markdownDescription": "The email address associated with the AWS account.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) for this parameter is a string of characters that represents a standard internet email address.", + "title": "Email", + "type": "string" + }, + "ParentIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The unique identifier (ID) of the root or organizational unit (OU) that you want to create the new account in. If you don't specify this parameter, the `ParentId` defaults to the root ID.\n\nThis parameter only accepts a string array with one string value.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) for a parent ID string requires one of the following:\n\n- *Root* - A string that begins with \"r-\" followed by from 4 to 32 lowercase letters or digits.\n- *Organizational unit (OU)* - A string that begins with \"ou-\" followed by from 4 to 32 lowercase letters or digits (the ID of the root that the OU is in). This string is followed by a second \"-\" dash and from 8 to 32 additional lowercase letters or digits.", + "title": "ParentIds", + "type": "array" + }, + "RoleName": { + "markdownDescription": "The name of an IAM role that AWS Organizations automatically preconfigures in the new member account. This role trusts the management account, allowing users in the management account to assume the role, as permitted by the management account administrator. The role has administrator permissions in the new member account.\n\nIf you don't specify this parameter, the role name defaults to `OrganizationAccountAccessRole` .\n\nFor more information about how to use this role to access the member account, see the following links:\n\n- [Creating the OrganizationAccountAccessRole in an invited member account](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_access.html#orgs_manage_accounts_create-cross-account-role) in the *AWS Organizations User Guide*\n- Steps 2 and 3 in [IAM Tutorial: Delegate access across AWS accounts using IAM roles](https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_cross-account-with-roles.html) in the *IAM User Guide*\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) that is used to validate this parameter. The pattern can include uppercase letters, lowercase letters, digits with no spaces, and any of the following characters: =,.@-", + "title": "RoleName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags that you want to attach to the newly created account. For each tag in the list, you must specify both a tag key and a value. You can set the value to an empty string, but you can't set it to `null` . For more information about tagging, see [Tagging AWS Organizations resources](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_tagging.html) in the AWS Organizations User Guide.\n\n> If any one of the tags is not valid or if you exceed the maximum allowed number of tags for an account, then the entire request fails and the account is not created.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "AccountName", + "Email" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Organizations::Account" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Organizations::Organization": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "FeatureSet": { + "markdownDescription": "Specifies the feature set supported by the new organization. Each feature set supports different levels of functionality.\n\n- `ALL` In addition to all the features supported by the consolidated billing feature set, the management account gains access to advanced features that give you more control over accounts in your organization. For more information, see [All features](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html#feature-set-all) in the *AWS Organizations User Guide* .\n- `CONSOLIDATED_BILLING` All member accounts have their bills consolidated to and paid by the management account. For more information, see [Consolidated billing](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html#feature-set-cb-only) in the *AWS Organizations User Guide* .\n\n> The consolidated billing feature feature set isn't available for organizations in the AWS GovCloud (US) Region.\n\nIf you don't specify this property, the default value is `ALL` .", + "title": "FeatureSet", + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Organizations::Organization" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Organizations::OrganizationalUnit": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The friendly name of this OU.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) that is used to validate this parameter is a string of any of the characters in the ASCII character range.", + "title": "Name", + "type": "string" + }, + "ParentId": { + "markdownDescription": "The unique identifier (ID) of the parent root or OU that you want to create the new OU in.\n\n> To update the `ParentId` parameter value, you must first remove all accounts attached to the organizational unit (OU). OUs can't be moved within the organization with accounts still attached. \n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) for a parent ID string requires one of the following:\n\n- *Root* - A string that begins with \"r-\" followed by from 4 to 32 lowercase letters or digits.\n- *Organizational unit (OU)* - A string that begins with \"ou-\" followed by from 4 to 32 lowercase letters or digits (the ID of the root that the OU is in). This string is followed by a second \"-\" dash and from 8 to 32 additional lowercase letters or digits.", + "title": "ParentId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags that you want to attach to the newly created OU. For each tag in the list, you must specify both a tag key and a value. You can set the value to an empty string, but you can't set it to `null` . For more information about tagging, see [Tagging AWS Organizations resources](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_tagging.html) in the AWS Organizations User Guide.\n\n> If any one of the tags is not valid or if you exceed the allowed number of tags for an OU, then the entire request fails and the OU is not created.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Name", + "ParentId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Organizations::OrganizationalUnit" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Organizations::Policy": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Content": { + "markdownDescription": "The policy text content. You can specify the policy content as a JSON object or a JSON string.\n\n> When you specify the policy content as a JSON string, you can't perform drift detection on the CloudFormation stack. For this reason, we recommend specifying the policy content as a JSON object instead. \n\nThe text that you supply must adhere to the rules of the policy type you specify in the `Type` parameter. The following AWS Organizations quotas are enforced for the maximum size of a policy document:\n\n- Service control policies: 5,120 characters\n- Resource control policies: 5,120 characters\n- Declarative policies: 10,000 characters\n- Backup policies: 10,000 characters\n- Tag policies: 10,000 characters\n- Chat applications policies: 10,000 characters\n- AI services opt-out policies: 2,500 characters\n\nFor more information about Organizations service quotas, see [Quotas for AWS Organizations](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) in the *AWS Organizations User Guide* .", + "title": "Content", + "type": "object" + }, + "Description": { + "markdownDescription": "Human readable description of the policy.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "Name of the policy.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) that is used to validate this parameter is a string of any of the characters in the ASCII character range.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags that you want to attach to the newly created policy. For each tag in the list, you must specify both a tag key and a value. You can set the value to an empty string, but you can't set it to `null` . For more information about tagging, see [Tagging AWS Organizations resources](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_tagging.html) in the AWS Organizations User Guide.\n\n> If any one of the tags is not valid or if you exceed the allowed number of tags for a policy, then the entire request fails and the policy is not created.", + "title": "Tags", + "type": "array" + }, + "TargetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "List of unique identifiers (IDs) of the root, OU, or account that you want to attach the policy to. You can get the ID by calling the [ListRoots](https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListRoots.html) , [ListOrganizationalUnitsForParent](https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListOrganizationalUnitsForParent.html) , or [ListAccounts](https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListAccounts.html) operations. If you don't specify this parameter, the policy is created but not attached to any organization resource.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) for a target ID string requires one of the following:\n\n- *Root* - A string that begins with \"r-\" followed by from 4 to 32 lowercase letters or digits.\n- *Account* - A string that consists of exactly 12 digits.\n- *Organizational unit (OU)* - A string that begins with \"ou-\" followed by from 4 to 32 lowercase letters or digits (the ID of the root that the OU is in). This string is followed by a second \"-\" dash and from 8 to 32 additional lowercase letters or digits.", + "title": "TargetIds", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of policy to create.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Content", + "Name", + "Type" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Organizations::Policy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Organizations::ResourcePolicy": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Content": { + "markdownDescription": "The policy text of the organization resource policy. You can specify the resource policy content as a JSON object or a JSON string.\n\n> When you specify the resource policy content as a JSON string, you can't perform drift detection on the CloudFormation stack. For this reason, we recommend specifying the resource policy content as a JSON object instead.", + "title": "Content", + "type": "object" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags that you want to attach to the newly created resource policy. For each tag in the list, you must specify both a tag key and a value. You can set the value to an empty string, but you can't set it to `null` . For more information about tagging, see [Tagging AWS Organizations resources](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_tagging.html) in the *AWS Organizations User Guide* .\n\n> If any one of the tags is not valid or if you exceed the allowed number of tags for the resource policy, then the entire request fails and the resource policy is not created.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Content" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Organizations::ResourcePolicy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::PCAConnectorAD::Connector": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CertificateAuthorityArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the certificate authority being used.", + "title": "CertificateAuthorityArn", + "type": "string" + }, + "DirectoryId": { + "markdownDescription": "The identifier of the Active Directory.", + "title": "DirectoryId", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Metadata assigned to a connector consisting of a key-value pair.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "VpcInformation": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Connector.VpcInformation", + "markdownDescription": "Information of the VPC and security group(s) used with the connector.", + "title": "VpcInformation" + } + }, + "required": [ + "CertificateAuthorityArn", + "DirectoryId", + "VpcInformation" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::PCAConnectorAD::Connector" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::PCAConnectorAD::Connector.VpcInformation": { + "additionalProperties": false, + "properties": { + "IpAddressType": { + "markdownDescription": "The VPC IP address type.", + "title": "IpAddressType", + "type": "string" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The security groups used with the connector. You can use a maximum of 4 security groups with a connector.", + "title": "SecurityGroupIds", + "type": "array" + } + }, + "required": [ + "SecurityGroupIds" + ], + "type": "object" + }, + "AWS::PCAConnectorAD::DirectoryRegistration": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DirectoryId": { + "markdownDescription": "The identifier of the Active Directory.", + "title": "DirectoryId", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Metadata assigned to a directory registration consisting of a key-value pair.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "DirectoryId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::PCAConnectorAD::DirectoryRegistration" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::PCAConnectorAD::ServicePrincipalName": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ConnectorArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that was returned when you called [CreateConnector.html](https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateConnector.html) .", + "title": "ConnectorArn", + "type": "string" + }, + "DirectoryRegistrationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that was returned when you called [CreateDirectoryRegistration](https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateDirectoryRegistration.html) .", + "title": "DirectoryRegistrationArn", + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::PCAConnectorAD::ServicePrincipalName" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::PCAConnectorAD::Template": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ConnectorArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that was returned when you called [CreateConnector](https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateConnector.html) .", + "title": "ConnectorArn", + "type": "string" + }, + "Definition": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.TemplateDefinition", + "markdownDescription": "Template configuration to define the information included in certificates. Define certificate validity and renewal periods, certificate request handling and enrollment options, key usage extensions, application policies, and cryptography settings.", + "title": "Definition" + }, + "Name": { + "markdownDescription": "Name of the templates. Template names must be unique.", + "title": "Name", + "type": "string" + }, + "ReenrollAllCertificateHolders": { + "markdownDescription": "This setting allows the major version of a template to be increased automatically. All members of Active Directory groups that are allowed to enroll with a template will receive a new certificate issued using that template.", + "title": "ReenrollAllCertificateHolders", + "type": "boolean" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Metadata assigned to a template consisting of a key-value pair.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "ConnectorArn", + "Definition", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::PCAConnectorAD::Template" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::PCAConnectorAD::Template.ApplicationPolicies": { + "additionalProperties": false, + "properties": { + "Critical": { + "markdownDescription": "Marks the application policy extension as critical.", + "title": "Critical", + "type": "boolean" + }, + "Policies": { + "items": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ApplicationPolicy" + }, + "markdownDescription": "Application policies describe what the certificate can be used for.", + "title": "Policies", + "type": "array" + } + }, + "required": [ + "Policies" + ], + "type": "object" + }, + "AWS::PCAConnectorAD::Template.ApplicationPolicy": { + "additionalProperties": false, + "properties": { + "PolicyObjectIdentifier": { + "markdownDescription": "The object identifier (OID) of an application policy.", + "title": "PolicyObjectIdentifier", + "type": "string" + }, + "PolicyType": { + "markdownDescription": "The type of application policy", + "title": "PolicyType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::PCAConnectorAD::Template.CertificateValidity": { + "additionalProperties": false, + "properties": { + "RenewalPeriod": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ValidityPeriod", + "markdownDescription": "Renewal period is the period of time before certificate expiration when a new certificate will be requested.", + "title": "RenewalPeriod" + }, + "ValidityPeriod": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ValidityPeriod", + "markdownDescription": "Information describing the end of the validity period of the certificate. This parameter sets the \u201cNot After\u201d date for the certificate. Certificate validity is the period of time during which a certificate is valid. Validity can be expressed as an explicit date and time when the certificate expires, or as a span of time after issuance, stated in days, months, or years. For more information, see Validity in RFC 5280. This value is unaffected when ValidityNotBefore is also specified. For example, if Validity is set to 20 days in the future, the certificate will expire 20 days from issuance time regardless of the ValidityNotBefore value.", + "title": "ValidityPeriod" + } + }, + "required": [ + "RenewalPeriod", + "ValidityPeriod" + ], + "type": "object" + }, + "AWS::PCAConnectorAD::Template.EnrollmentFlagsV2": { + "additionalProperties": false, + "properties": { + "EnableKeyReuseOnNtTokenKeysetStorageFull": { + "markdownDescription": "Allow renewal using the same key.", + "title": "EnableKeyReuseOnNtTokenKeysetStorageFull", + "type": "boolean" + }, + "IncludeSymmetricAlgorithms": { + "markdownDescription": "Include symmetric algorithms allowed by the subject.", + "title": "IncludeSymmetricAlgorithms", + "type": "boolean" + }, + "NoSecurityExtension": { + "markdownDescription": "This flag instructs the CA to not include the security extension szOID_NTDS_CA_SECURITY_EXT (OID:1.3.6.1.4.1.311.25.2), as specified in [MS-WCCE] sections 2.2.2.7.7.4 and 3.2.2.6.2.1.4.5.9, in the issued certificate. This addresses a Windows Kerberos elevation-of-privilege vulnerability.", + "title": "NoSecurityExtension", + "type": "boolean" + }, + "RemoveInvalidCertificateFromPersonalStore": { + "markdownDescription": "Delete expired or revoked certificates instead of archiving them.", + "title": "RemoveInvalidCertificateFromPersonalStore", + "type": "boolean" + }, + "UserInteractionRequired": { + "markdownDescription": "Require user interaction when the subject is enrolled and the private key associated with the certificate is used.", + "title": "UserInteractionRequired", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::PCAConnectorAD::Template.EnrollmentFlagsV3": { + "additionalProperties": false, + "properties": { + "EnableKeyReuseOnNtTokenKeysetStorageFull": { + "markdownDescription": "Allow renewal using the same key.", + "title": "EnableKeyReuseOnNtTokenKeysetStorageFull", + "type": "boolean" + }, + "IncludeSymmetricAlgorithms": { + "markdownDescription": "Include symmetric algorithms allowed by the subject.", + "title": "IncludeSymmetricAlgorithms", + "type": "boolean" + }, + "NoSecurityExtension": { + "markdownDescription": "This flag instructs the CA to not include the security extension szOID_NTDS_CA_SECURITY_EXT (OID:1.3.6.1.4.1.311.25.2), as specified in [MS-WCCE] sections 2.2.2.7.7.4 and 3.2.2.6.2.1.4.5.9, in the issued certificate. This addresses a Windows Kerberos elevation-of-privilege vulnerability.", + "title": "NoSecurityExtension", + "type": "boolean" + }, + "RemoveInvalidCertificateFromPersonalStore": { + "markdownDescription": "Delete expired or revoked certificates instead of archiving them.", + "title": "RemoveInvalidCertificateFromPersonalStore", + "type": "boolean" + }, + "UserInteractionRequired": { + "markdownDescription": "Require user interaction when the subject is enrolled and the private key associated with the certificate is used.", + "title": "UserInteractionRequired", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::PCAConnectorAD::Template.EnrollmentFlagsV4": { + "additionalProperties": false, + "properties": { + "EnableKeyReuseOnNtTokenKeysetStorageFull": { + "markdownDescription": "Allow renewal using the same key.", + "title": "EnableKeyReuseOnNtTokenKeysetStorageFull", + "type": "boolean" + }, + "IncludeSymmetricAlgorithms": { + "markdownDescription": "Include symmetric algorithms allowed by the subject.", + "title": "IncludeSymmetricAlgorithms", + "type": "boolean" + }, + "NoSecurityExtension": { + "markdownDescription": "This flag instructs the CA to not include the security extension szOID_NTDS_CA_SECURITY_EXT (OID:1.3.6.1.4.1.311.25.2), as specified in [MS-WCCE] sections 2.2.2.7.7.4 and 3.2.2.6.2.1.4.5.9, in the issued certificate. This addresses a Windows Kerberos elevation-of-privilege vulnerability.", + "title": "NoSecurityExtension", + "type": "boolean" + }, + "RemoveInvalidCertificateFromPersonalStore": { + "markdownDescription": "Delete expired or revoked certificates instead of archiving them.", + "title": "RemoveInvalidCertificateFromPersonalStore", + "type": "boolean" + }, + "UserInteractionRequired": { + "markdownDescription": "Require user interaction when the subject is enrolled and the private key associated with the certificate is used.", + "title": "UserInteractionRequired", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::PCAConnectorAD::Template.ExtensionsV2": { + "additionalProperties": false, + "properties": { + "ApplicationPolicies": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ApplicationPolicies", + "markdownDescription": "Application policies specify what the certificate is used for and its purpose.", + "title": "ApplicationPolicies" + }, + "KeyUsage": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsage", + "markdownDescription": "The key usage extension defines the purpose (e.g., encipherment, signature, certificate signing) of the key contained in the certificate.", + "title": "KeyUsage" + } + }, + "required": [ + "KeyUsage" + ], + "type": "object" + }, + "AWS::PCAConnectorAD::Template.ExtensionsV3": { + "additionalProperties": false, + "properties": { + "ApplicationPolicies": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ApplicationPolicies", + "markdownDescription": "Application policies specify what the certificate is used for and its purpose.", + "title": "ApplicationPolicies" + }, + "KeyUsage": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsage", + "markdownDescription": "The key usage extension defines the purpose (e.g., encipherment, signature, certificate signing) of the key contained in the certificate.", + "title": "KeyUsage" + } + }, + "required": [ + "KeyUsage" + ], + "type": "object" + }, + "AWS::PCAConnectorAD::Template.ExtensionsV4": { + "additionalProperties": false, + "properties": { + "ApplicationPolicies": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ApplicationPolicies", + "markdownDescription": "Application policies specify what the certificate is used for and its purpose.", + "title": "ApplicationPolicies" + }, + "KeyUsage": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsage", + "markdownDescription": "The key usage extension defines the purpose (e.g., encipherment, signature) of the key contained in the certificate.", + "title": "KeyUsage" + } + }, + "required": [ + "KeyUsage" + ], + "type": "object" + }, + "AWS::PCAConnectorAD::Template.GeneralFlagsV2": { + "additionalProperties": false, + "properties": { + "AutoEnrollment": { + "markdownDescription": "Allows certificate issuance using autoenrollment. Set to TRUE to allow autoenrollment.", + "title": "AutoEnrollment", + "type": "boolean" + }, + "MachineType": { + "markdownDescription": "Defines if the template is for machines or users. Set to TRUE if the template is for machines. Set to FALSE if the template is for users.", + "title": "MachineType", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::PCAConnectorAD::Template.GeneralFlagsV3": { + "additionalProperties": false, + "properties": { + "AutoEnrollment": { + "markdownDescription": "Allows certificate issuance using autoenrollment. Set to TRUE to allow autoenrollment.", + "title": "AutoEnrollment", + "type": "boolean" + }, + "MachineType": { + "markdownDescription": "Defines if the template is for machines or users. Set to TRUE if the template is for machines. Set to FALSE if the template is for users", + "title": "MachineType", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::PCAConnectorAD::Template.GeneralFlagsV4": { + "additionalProperties": false, + "properties": { + "AutoEnrollment": { + "markdownDescription": "Allows certificate issuance using autoenrollment. Set to TRUE to allow autoenrollment.", + "title": "AutoEnrollment", + "type": "boolean" + }, + "MachineType": { + "markdownDescription": "Defines if the template is for machines or users. Set to TRUE if the template is for machines. Set to FALSE if the template is for users", + "title": "MachineType", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::PCAConnectorAD::Template.KeyUsage": { + "additionalProperties": false, + "properties": { + "Critical": { + "markdownDescription": "Sets the key usage extension to critical.", + "title": "Critical", + "type": "boolean" + }, + "UsageFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsageFlags", + "markdownDescription": "The key usage flags represent the purpose (e.g., encipherment, signature) of the key contained in the certificate.", + "title": "UsageFlags" + } + }, + "required": [ + "UsageFlags" + ], + "type": "object" + }, + "AWS::PCAConnectorAD::Template.KeyUsageFlags": { + "additionalProperties": false, + "properties": { + "DataEncipherment": { + "markdownDescription": "DataEncipherment is asserted when the subject public key is used for directly enciphering raw user data without the use of an intermediate symmetric cipher.", + "title": "DataEncipherment", + "type": "boolean" + }, + "DigitalSignature": { + "markdownDescription": "The digitalSignature is asserted when the subject public key is used for verifying digital signatures.", + "title": "DigitalSignature", + "type": "boolean" + }, + "KeyAgreement": { + "markdownDescription": "KeyAgreement is asserted when the subject public key is used for key agreement.", + "title": "KeyAgreement", + "type": "boolean" + }, + "KeyEncipherment": { + "markdownDescription": "KeyEncipherment is asserted when the subject public key is used for enciphering private or secret keys, i.e., for key transport.", + "title": "KeyEncipherment", + "type": "boolean" + }, + "NonRepudiation": { + "markdownDescription": "NonRepudiation is asserted when the subject public key is used to verify digital signatures.", + "title": "NonRepudiation", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::PCAConnectorAD::Template.KeyUsageProperty": { + "additionalProperties": false, + "properties": { + "PropertyFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsagePropertyFlags", + "markdownDescription": "You can specify key usage for encryption, key agreement, and signature. You can use property flags or property type but not both.", + "title": "PropertyFlags" + }, + "PropertyType": { + "markdownDescription": "You can specify all key usages using property type ALL. You can use property type or property flags but not both.", + "title": "PropertyType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::PCAConnectorAD::Template.KeyUsagePropertyFlags": { + "additionalProperties": false, + "properties": { + "Decrypt": { + "markdownDescription": "Allows key for encryption and decryption.", + "title": "Decrypt", + "type": "boolean" + }, + "KeyAgreement": { + "markdownDescription": "Allows key exchange without encryption.", + "title": "KeyAgreement", + "type": "boolean" + }, + "Sign": { + "markdownDescription": "Allow key use for digital signature.", + "title": "Sign", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::PCAConnectorAD::Template.PrivateKeyAttributesV2": { + "additionalProperties": false, + "properties": { + "CryptoProviders": { + "items": { + "type": "string" + }, + "markdownDescription": "Defines the cryptographic providers used to generate the private key.", + "title": "CryptoProviders", + "type": "array" + }, + "KeySpec": { + "markdownDescription": "Defines the purpose of the private key. Set it to \"KEY_EXCHANGE\" or \"SIGNATURE\" value.", + "title": "KeySpec", + "type": "string" + }, + "MinimalKeyLength": { + "markdownDescription": "Set the minimum key length of the private key.", + "title": "MinimalKeyLength", + "type": "number" + } + }, + "required": [ + "KeySpec", + "MinimalKeyLength" + ], + "type": "object" + }, + "AWS::PCAConnectorAD::Template.PrivateKeyAttributesV3": { + "additionalProperties": false, + "properties": { + "Algorithm": { + "markdownDescription": "Defines the algorithm used to generate the private key.", + "title": "Algorithm", + "type": "string" + }, + "CryptoProviders": { + "items": { + "type": "string" + }, + "markdownDescription": "Defines the cryptographic providers used to generate the private key.", + "title": "CryptoProviders", + "type": "array" + }, + "KeySpec": { + "markdownDescription": "Defines the purpose of the private key. Set it to \"KEY_EXCHANGE\" or \"SIGNATURE\" value.", + "title": "KeySpec", + "type": "string" + }, + "KeyUsageProperty": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsageProperty", + "markdownDescription": "The key usage property defines the purpose of the private key contained in the certificate. You can specify specific purposes using property flags or all by using property type ALL.", + "title": "KeyUsageProperty" + }, + "MinimalKeyLength": { + "markdownDescription": "Set the minimum key length of the private key.", + "title": "MinimalKeyLength", + "type": "number" + } + }, + "required": [ + "Algorithm", + "KeySpec", + "KeyUsageProperty", + "MinimalKeyLength" + ], + "type": "object" + }, + "AWS::PCAConnectorAD::Template.PrivateKeyAttributesV4": { + "additionalProperties": false, + "properties": { + "Algorithm": { + "markdownDescription": "Defines the algorithm used to generate the private key.", + "title": "Algorithm", + "type": "string" + }, + "CryptoProviders": { + "items": { + "type": "string" + }, + "markdownDescription": "Defines the cryptographic providers used to generate the private key.", + "title": "CryptoProviders", + "type": "array" + }, + "KeySpec": { + "markdownDescription": "Defines the purpose of the private key. Set it to \"KEY_EXCHANGE\" or \"SIGNATURE\" value.", + "title": "KeySpec", + "type": "string" + }, + "KeyUsageProperty": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsageProperty", + "markdownDescription": "The key usage property defines the purpose of the private key contained in the certificate. You can specify specific purposes using property flags or all by using property type ALL.", + "title": "KeyUsageProperty" + }, + "MinimalKeyLength": { + "markdownDescription": "Set the minimum key length of the private key.", + "title": "MinimalKeyLength", + "type": "number" + } + }, + "required": [ + "KeySpec", + "MinimalKeyLength" + ], + "type": "object" + }, + "AWS::PCAConnectorAD::Template.PrivateKeyFlagsV2": { + "additionalProperties": false, + "properties": { + "ClientVersion": { + "markdownDescription": "Defines the minimum client compatibility.", + "title": "ClientVersion", + "type": "string" + }, + "ExportableKey": { + "markdownDescription": "Allows the private key to be exported.", + "title": "ExportableKey", + "type": "boolean" + }, + "StrongKeyProtectionRequired": { + "markdownDescription": "Require user input when using the private key for enrollment.", + "title": "StrongKeyProtectionRequired", + "type": "boolean" + } + }, + "required": [ + "ClientVersion" + ], + "type": "object" + }, + "AWS::PCAConnectorAD::Template.PrivateKeyFlagsV3": { + "additionalProperties": false, + "properties": { + "ClientVersion": { + "markdownDescription": "Defines the minimum client compatibility.", + "title": "ClientVersion", + "type": "string" + }, + "ExportableKey": { + "markdownDescription": "Allows the private key to be exported.", + "title": "ExportableKey", + "type": "boolean" + }, + "RequireAlternateSignatureAlgorithm": { + "markdownDescription": "Reguires the PKCS #1 v2.1 signature format for certificates. You should verify that your CA, objects, and applications can accept this signature format.", + "title": "RequireAlternateSignatureAlgorithm", + "type": "boolean" + }, + "StrongKeyProtectionRequired": { + "markdownDescription": "Requirer user input when using the private key for enrollment.", + "title": "StrongKeyProtectionRequired", + "type": "boolean" + } + }, + "required": [ + "ClientVersion" + ], + "type": "object" + }, + "AWS::PCAConnectorAD::Template.PrivateKeyFlagsV4": { + "additionalProperties": false, + "properties": { + "ClientVersion": { + "markdownDescription": "Defines the minimum client compatibility.", + "title": "ClientVersion", + "type": "string" + }, + "ExportableKey": { + "markdownDescription": "Allows the private key to be exported.", + "title": "ExportableKey", + "type": "boolean" + }, + "RequireAlternateSignatureAlgorithm": { + "markdownDescription": "Requires the PKCS #1 v2.1 signature format for certificates. You should verify that your CA, objects, and applications can accept this signature format.", + "title": "RequireAlternateSignatureAlgorithm", + "type": "boolean" + }, + "RequireSameKeyRenewal": { + "markdownDescription": "Renew certificate using the same private key.", + "title": "RequireSameKeyRenewal", + "type": "boolean" + }, + "StrongKeyProtectionRequired": { + "markdownDescription": "Require user input when using the private key for enrollment.", + "title": "StrongKeyProtectionRequired", + "type": "boolean" + }, + "UseLegacyProvider": { + "markdownDescription": "Specifies the cryptographic service provider category used to generate private keys. Set to TRUE to use Legacy Cryptographic Service Providers and FALSE to use Key Storage Providers.", + "title": "UseLegacyProvider", + "type": "boolean" + } + }, + "required": [ + "ClientVersion" + ], + "type": "object" + }, + "AWS::PCAConnectorAD::Template.SubjectNameFlagsV2": { + "additionalProperties": false, + "properties": { + "RequireCommonName": { + "markdownDescription": "Include the common name in the subject name.", + "title": "RequireCommonName", + "type": "boolean" + }, + "RequireDirectoryPath": { + "markdownDescription": "Include the directory path in the subject name.", + "title": "RequireDirectoryPath", + "type": "boolean" + }, + "RequireDnsAsCn": { + "markdownDescription": "Include the DNS as common name in the subject name.", + "title": "RequireDnsAsCn", + "type": "boolean" + }, + "RequireEmail": { + "markdownDescription": "Include the subject's email in the subject name.", + "title": "RequireEmail", + "type": "boolean" + }, + "SanRequireDirectoryGuid": { + "markdownDescription": "Include the globally unique identifier (GUID) in the subject alternate name.", + "title": "SanRequireDirectoryGuid", + "type": "boolean" + }, + "SanRequireDns": { + "markdownDescription": "Include the DNS in the subject alternate name.", + "title": "SanRequireDns", + "type": "boolean" + }, + "SanRequireDomainDns": { + "markdownDescription": "Include the domain DNS in the subject alternate name.", + "title": "SanRequireDomainDns", + "type": "boolean" + }, + "SanRequireEmail": { + "markdownDescription": "Include the subject's email in the subject alternate name.", + "title": "SanRequireEmail", + "type": "boolean" + }, + "SanRequireSpn": { + "markdownDescription": "Include the service principal name (SPN) in the subject alternate name.", + "title": "SanRequireSpn", + "type": "boolean" + }, + "SanRequireUpn": { + "markdownDescription": "Include the user principal name (UPN) in the subject alternate name.", + "title": "SanRequireUpn", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::PCAConnectorAD::Template.SubjectNameFlagsV3": { + "additionalProperties": false, + "properties": { + "RequireCommonName": { + "markdownDescription": "Include the common name in the subject name.", + "title": "RequireCommonName", + "type": "boolean" + }, + "RequireDirectoryPath": { + "markdownDescription": "Include the directory path in the subject name.", + "title": "RequireDirectoryPath", + "type": "boolean" + }, + "RequireDnsAsCn": { + "markdownDescription": "Include the DNS as common name in the subject name.", + "title": "RequireDnsAsCn", + "type": "boolean" + }, + "RequireEmail": { + "markdownDescription": "Include the subject's email in the subject name.", + "title": "RequireEmail", + "type": "boolean" + }, + "SanRequireDirectoryGuid": { + "markdownDescription": "Include the globally unique identifier (GUID) in the subject alternate name.", + "title": "SanRequireDirectoryGuid", + "type": "boolean" + }, + "SanRequireDns": { + "markdownDescription": "Include the DNS in the subject alternate name.", + "title": "SanRequireDns", + "type": "boolean" + }, + "SanRequireDomainDns": { + "markdownDescription": "Include the domain DNS in the subject alternate name.", + "title": "SanRequireDomainDns", + "type": "boolean" + }, + "SanRequireEmail": { + "markdownDescription": "Include the subject's email in the subject alternate name.", + "title": "SanRequireEmail", + "type": "boolean" + }, + "SanRequireSpn": { + "markdownDescription": "Include the service principal name (SPN) in the subject alternate name.", + "title": "SanRequireSpn", + "type": "boolean" + }, + "SanRequireUpn": { + "markdownDescription": "Include the user principal name (UPN) in the subject alternate name.", + "title": "SanRequireUpn", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::PCAConnectorAD::Template.SubjectNameFlagsV4": { + "additionalProperties": false, + "properties": { + "RequireCommonName": { + "markdownDescription": "Include the common name in the subject name.", + "title": "RequireCommonName", + "type": "boolean" + }, + "RequireDirectoryPath": { + "markdownDescription": "Include the directory path in the subject name.", + "title": "RequireDirectoryPath", + "type": "boolean" + }, + "RequireDnsAsCn": { + "markdownDescription": "Include the DNS as common name in the subject name.", + "title": "RequireDnsAsCn", + "type": "boolean" + }, + "RequireEmail": { + "markdownDescription": "Include the subject's email in the subject name.", + "title": "RequireEmail", + "type": "boolean" + }, + "SanRequireDirectoryGuid": { + "markdownDescription": "Include the globally unique identifier (GUID) in the subject alternate name.", + "title": "SanRequireDirectoryGuid", + "type": "boolean" + }, + "SanRequireDns": { + "markdownDescription": "Include the DNS in the subject alternate name.", + "title": "SanRequireDns", + "type": "boolean" + }, + "SanRequireDomainDns": { + "markdownDescription": "Include the domain DNS in the subject alternate name.", + "title": "SanRequireDomainDns", + "type": "boolean" + }, + "SanRequireEmail": { + "markdownDescription": "Include the subject's email in the subject alternate name.", + "title": "SanRequireEmail", + "type": "boolean" + }, + "SanRequireSpn": { + "markdownDescription": "Include the service principal name (SPN) in the subject alternate name.", + "title": "SanRequireSpn", + "type": "boolean" + }, + "SanRequireUpn": { + "markdownDescription": "Include the user principal name (UPN) in the subject alternate name.", + "title": "SanRequireUpn", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::PCAConnectorAD::Template.TemplateDefinition": { + "additionalProperties": false, + "properties": { + "TemplateV2": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.TemplateV2", + "markdownDescription": "Template configuration to define the information included in certificates. Define certificate validity and renewal periods, certificate request handling and enrollment options, key usage extensions, application policies, and cryptography settings.", + "title": "TemplateV2" + }, + "TemplateV3": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.TemplateV3", + "markdownDescription": "Template configuration to define the information included in certificates. Define certificate validity and renewal periods, certificate request handling and enrollment options, key usage extensions, application policies, and cryptography settings.", + "title": "TemplateV3" + }, + "TemplateV4": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.TemplateV4", + "markdownDescription": "Template configuration to define the information included in certificates. Define certificate validity and renewal periods, certificate request handling and enrollment options, key usage extensions, application policies, and cryptography settings.", + "title": "TemplateV4" + } + }, + "type": "object" + }, + "AWS::PCAConnectorAD::Template.TemplateV2": { + "additionalProperties": false, + "properties": { + "CertificateValidity": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.CertificateValidity", + "markdownDescription": "Certificate validity describes the validity and renewal periods of a certificate.", + "title": "CertificateValidity" + }, + "EnrollmentFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.EnrollmentFlagsV2", + "markdownDescription": "Enrollment flags describe the enrollment settings for certificates such as using the existing private key and deleting expired or revoked certificates.", + "title": "EnrollmentFlags" + }, + "Extensions": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ExtensionsV2", + "markdownDescription": "Extensions describe the key usage extensions and application policies for a template.", + "title": "Extensions" + }, + "GeneralFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.GeneralFlagsV2", + "markdownDescription": "General flags describe whether the template is used for computers or users and if the template can be used with autoenrollment.", + "title": "GeneralFlags" + }, + "PrivateKeyAttributes": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.PrivateKeyAttributesV2", + "markdownDescription": "Private key attributes allow you to specify the minimal key length, key spec, and cryptographic providers for the private key of a certificate for v2 templates. V2 templates allow you to use Legacy Cryptographic Service Providers.", + "title": "PrivateKeyAttributes" + }, + "PrivateKeyFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.PrivateKeyFlagsV2", + "markdownDescription": "Private key flags for v2 templates specify the client compatibility, if the private key can be exported, and if user input is required when using a private key.", + "title": "PrivateKeyFlags" + }, + "SubjectNameFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.SubjectNameFlagsV2", + "markdownDescription": "Subject name flags describe the subject name and subject alternate name that is included in a certificate.", + "title": "SubjectNameFlags" + }, + "SupersededTemplates": { + "items": { + "type": "string" + }, + "markdownDescription": "List of templates in Active Directory that are superseded by this template.", + "title": "SupersededTemplates", + "type": "array" + } + }, + "required": [ + "CertificateValidity", + "EnrollmentFlags", + "Extensions", + "GeneralFlags", + "PrivateKeyAttributes", + "PrivateKeyFlags", + "SubjectNameFlags" + ], + "type": "object" + }, + "AWS::PCAConnectorAD::Template.TemplateV3": { + "additionalProperties": false, + "properties": { + "CertificateValidity": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.CertificateValidity", + "markdownDescription": "Certificate validity describes the validity and renewal periods of a certificate.", + "title": "CertificateValidity" + }, + "EnrollmentFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.EnrollmentFlagsV3", + "markdownDescription": "Enrollment flags describe the enrollment settings for certificates such as using the existing private key and deleting expired or revoked certificates.", + "title": "EnrollmentFlags" + }, + "Extensions": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ExtensionsV3", + "markdownDescription": "Extensions describe the key usage extensions and application policies for a template.", + "title": "Extensions" + }, + "GeneralFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.GeneralFlagsV3", + "markdownDescription": "General flags describe whether the template is used for computers or users and if the template can be used with autoenrollment.", + "title": "GeneralFlags" + }, + "HashAlgorithm": { + "markdownDescription": "Specifies the hash algorithm used to hash the private key.", + "title": "HashAlgorithm", + "type": "string" + }, + "PrivateKeyAttributes": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.PrivateKeyAttributesV3", + "markdownDescription": "Private key attributes allow you to specify the algorithm, minimal key length, key spec, key usage, and cryptographic providers for the private key of a certificate for v3 templates. V3 templates allow you to use Key Storage Providers.", + "title": "PrivateKeyAttributes" + }, + "PrivateKeyFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.PrivateKeyFlagsV3", + "markdownDescription": "Private key flags for v3 templates specify the client compatibility, if the private key can be exported, if user input is required when using a private key, and if an alternate signature algorithm should be used.", + "title": "PrivateKeyFlags" + }, + "SubjectNameFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.SubjectNameFlagsV3", + "markdownDescription": "Subject name flags describe the subject name and subject alternate name that is included in a certificate.", + "title": "SubjectNameFlags" + }, + "SupersededTemplates": { + "items": { + "type": "string" + }, + "markdownDescription": "List of templates in Active Directory that are superseded by this template.", + "title": "SupersededTemplates", + "type": "array" + } + }, + "required": [ + "CertificateValidity", + "EnrollmentFlags", + "Extensions", + "GeneralFlags", + "HashAlgorithm", + "PrivateKeyAttributes", + "PrivateKeyFlags", + "SubjectNameFlags" + ], + "type": "object" + }, + "AWS::PCAConnectorAD::Template.TemplateV4": { + "additionalProperties": false, + "properties": { + "CertificateValidity": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.CertificateValidity", + "markdownDescription": "Certificate validity describes the validity and renewal periods of a certificate.", + "title": "CertificateValidity" + }, + "EnrollmentFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.EnrollmentFlagsV4", + "markdownDescription": "Enrollment flags describe the enrollment settings for certificates using the existing private key and deleting expired or revoked certificates.", + "title": "EnrollmentFlags" + }, + "Extensions": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ExtensionsV4", + "markdownDescription": "Extensions describe the key usage extensions and application policies for a template.", + "title": "Extensions" + }, + "GeneralFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.GeneralFlagsV4", + "markdownDescription": "General flags describe whether the template is used for computers or users and if the template can be used with autoenrollment.", + "title": "GeneralFlags" + }, + "HashAlgorithm": { + "markdownDescription": "Specifies the hash algorithm used to hash the private key. Hash algorithm can only be specified when using Key Storage Providers.", + "title": "HashAlgorithm", + "type": "string" + }, + "PrivateKeyAttributes": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.PrivateKeyAttributesV4", + "markdownDescription": "Private key attributes allow you to specify the minimal key length, key spec, key usage, and cryptographic providers for the private key of a certificate for v4 templates. V4 templates allow you to use either Key Storage Providers or Legacy Cryptographic Service Providers. You specify the cryptography provider category in private key flags.", + "title": "PrivateKeyAttributes" + }, + "PrivateKeyFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.PrivateKeyFlagsV4", + "markdownDescription": "Private key flags for v4 templates specify the client compatibility, if the private key can be exported, if user input is required when using a private key, if an alternate signature algorithm should be used, and if certificates are renewed using the same private key.", + "title": "PrivateKeyFlags" + }, + "SubjectNameFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.SubjectNameFlagsV4", + "markdownDescription": "Subject name flags describe the subject name and subject alternate name that is included in a certificate.", + "title": "SubjectNameFlags" + }, + "SupersededTemplates": { + "items": { + "type": "string" + }, + "markdownDescription": "List of templates in Active Directory that are superseded by this template.", + "title": "SupersededTemplates", + "type": "array" + } + }, + "required": [ + "CertificateValidity", + "EnrollmentFlags", + "Extensions", + "GeneralFlags", + "PrivateKeyAttributes", + "PrivateKeyFlags", + "SubjectNameFlags" + ], + "type": "object" + }, + "AWS::PCAConnectorAD::Template.ValidityPeriod": { + "additionalProperties": false, + "properties": { + "Period": { + "markdownDescription": "The numeric value for the validity period.", + "title": "Period", + "type": "number" + }, + "PeriodType": { + "markdownDescription": "The unit of time. You can select hours, days, weeks, months, and years.", + "title": "PeriodType", + "type": "string" + } + }, + "required": [ + "Period", + "PeriodType" + ], + "type": "object" + }, + "AWS::PCAConnectorAD::TemplateGroupAccessControlEntry": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AccessRights": { + "$ref": "#/definitions/AWS::PCAConnectorAD::TemplateGroupAccessControlEntry.AccessRights", + "markdownDescription": "Permissions to allow or deny an Active Directory group to enroll or autoenroll certificates issued against a template.", + "title": "AccessRights" + }, + "GroupDisplayName": { + "markdownDescription": "Name of the Active Directory group. This name does not need to match the group name in Active Directory.", + "title": "GroupDisplayName", + "type": "string" + }, + "GroupSecurityIdentifier": { + "markdownDescription": "Security identifier (SID) of the group object from Active Directory. The SID starts with \"S-\".", + "title": "GroupSecurityIdentifier", + "type": "string" + }, + "TemplateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that was returned when you called [CreateTemplate](https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateTemplate.html) .", + "title": "TemplateArn", + "type": "string" + } + }, + "required": [ + "AccessRights", + "GroupDisplayName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::PCAConnectorAD::TemplateGroupAccessControlEntry" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::PCAConnectorAD::TemplateGroupAccessControlEntry.AccessRights": { + "additionalProperties": false, + "properties": { + "AutoEnroll": { + "markdownDescription": "Allow or deny an Active Directory group from autoenrolling certificates issued against a template. The Active Directory group must be allowed to enroll to allow autoenrollment", + "title": "AutoEnroll", + "type": "string" + }, + "Enroll": { + "markdownDescription": "Allow or deny an Active Directory group from enrolling certificates issued against a template.", + "title": "Enroll", + "type": "string" + } + }, + "type": "object" + }, + "AWS::PCAConnectorSCEP::Challenge": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ConnectorArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the connector.", + "title": "ConnectorArn", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "ConnectorArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::PCAConnectorSCEP::Challenge" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::PCAConnectorSCEP::Connector": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CertificateAuthorityArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the certificate authority associated with the connector.", + "title": "CertificateAuthorityArn", + "type": "string" + }, + "MobileDeviceManagement": { + "$ref": "#/definitions/AWS::PCAConnectorSCEP::Connector.MobileDeviceManagement", + "markdownDescription": "Contains settings relevant to the mobile device management system that you chose for the connector. If you didn't configure `MobileDeviceManagement` , then the connector is for general-purpose use and this object is empty.", + "title": "MobileDeviceManagement" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "CertificateAuthorityArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::PCAConnectorSCEP::Connector" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::PCAConnectorSCEP::Connector.IntuneConfiguration": { + "additionalProperties": false, + "properties": { + "AzureApplicationId": { + "markdownDescription": "The directory (tenant) ID from your Microsoft Entra ID app registration.", + "title": "AzureApplicationId", + "type": "string" + }, + "Domain": { + "markdownDescription": "The primary domain from your Microsoft Entra ID app registration.", + "title": "Domain", + "type": "string" + } + }, + "required": [ + "AzureApplicationId", + "Domain" + ], + "type": "object" + }, + "AWS::PCAConnectorSCEP::Connector.MobileDeviceManagement": { + "additionalProperties": false, + "properties": { + "Intune": { + "$ref": "#/definitions/AWS::PCAConnectorSCEP::Connector.IntuneConfiguration", + "markdownDescription": "Configuration settings for use with Microsoft Intune. For information about using Connector for SCEP for Microsoft Intune, see [Using Connector for SCEP for Microsoft Intune](https://docs.aws.amazon.com/privateca/latest/userguide/scep-connector.htmlconnector-for-scep-intune.html) .", + "title": "Intune" + } + }, + "required": [ + "Intune" + ], + "type": "object" + }, + "AWS::PCAConnectorSCEP::Connector.OpenIdConfiguration": { + "additionalProperties": false, + "properties": { + "Audience": { + "markdownDescription": "The audience value to copy into your Microsoft Entra app registration's OIDC.", + "title": "Audience", + "type": "string" + }, + "Issuer": { + "markdownDescription": "The issuer value to copy into your Microsoft Entra app registration's OIDC.", + "title": "Issuer", + "type": "string" + }, + "Subject": { + "markdownDescription": "The subject value to copy into your Microsoft Entra app registration's OIDC.", + "title": "Subject", + "type": "string" + } + }, + "type": "object" + }, + "AWS::PCS::Cluster": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name that identifies the cluster.", + "title": "Name", + "type": "string" + }, + "Networking": { + "$ref": "#/definitions/AWS::PCS::Cluster.Networking", + "markdownDescription": "The networking configuration for the cluster's control plane.", + "title": "Networking" + }, + "Scheduler": { + "$ref": "#/definitions/AWS::PCS::Cluster.Scheduler", + "markdownDescription": "The cluster management and job scheduling software associated with the cluster.", + "title": "Scheduler" + }, + "Size": { + "markdownDescription": "The size of the cluster.", + "title": "Size", + "type": "string" + }, + "SlurmConfiguration": { + "$ref": "#/definitions/AWS::PCS::Cluster.SlurmConfiguration", + "markdownDescription": "Additional options related to the Slurm scheduler.", + "title": "SlurmConfiguration" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "1 or more tags added to the resource. Each tag consists of a tag key and tag value. The tag value is optional and can be an empty string.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "Networking", + "Scheduler", + "Size" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::PCS::Cluster" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::PCS::Cluster.Accounting": { + "additionalProperties": false, + "properties": { + "DefaultPurgeTimeInDays": { + "markdownDescription": "The default value for all purge settings for `slurmdbd.conf` . For more information, see the [slurmdbd.conf documentation at SchedMD](https://docs.aws.amazon.com/https://slurm.schedmd.com/slurmdbd.conf.html) .\n\nThe default value `-1` means there is no purge time and records persist as long as the cluster exists.\n\n> `0` isn't a valid value.", + "title": "DefaultPurgeTimeInDays", + "type": "number" + }, + "Mode": { + "markdownDescription": "The default value for `mode` is `STANDARD` . A value of `STANDARD` means Slurm accounting is enabled.", + "title": "Mode", + "type": "string" + } + }, + "required": [ + "Mode" + ], + "type": "object" + }, + "AWS::PCS::Cluster.AuthKey": { + "additionalProperties": false, + "properties": { + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the shared Slurm key.", + "title": "SecretArn", + "type": "string" + }, + "SecretVersion": { + "markdownDescription": "The version of the shared Slurm key.", + "title": "SecretVersion", + "type": "string" + } + }, + "required": [ + "SecretArn", + "SecretVersion" + ], + "type": "object" + }, + "AWS::PCS::Cluster.Endpoint": { + "additionalProperties": false, + "properties": { + "Port": { + "markdownDescription": "The endpoint's connection port number.", + "title": "Port", + "type": "string" + }, + "PrivateIpAddress": { + "markdownDescription": "The endpoint's private IP address.", + "title": "PrivateIpAddress", + "type": "string" + }, + "PublicIpAddress": { + "markdownDescription": "The endpoint's public IP address.", + "title": "PublicIpAddress", + "type": "string" + }, + "Type": { + "markdownDescription": "Indicates the type of endpoint running at the specific IP address.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Port", + "PrivateIpAddress", + "Type" + ], + "type": "object" + }, + "AWS::PCS::Cluster.ErrorInfo": { + "additionalProperties": false, + "properties": { + "Code": { + "markdownDescription": "The short-form error code.", + "title": "Code", + "type": "string" + }, + "Message": { + "markdownDescription": "The detailed error information.", + "title": "Message", + "type": "string" + } + }, + "type": "object" + }, + "AWS::PCS::Cluster.Networking": { + "additionalProperties": false, + "properties": { + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of security group IDs associated with the Elastic Network Interface (ENI) created in subnets.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of subnet IDs where AWS PCS creates an Elastic Network Interface (ENI) to enable communication between managed controllers and AWS PCS resources. The subnet must have an available IP address, cannot reside in AWS Outposts, AWS Wavelength, or an AWS Local Zone. AWS PCS currently supports only 1 subnet in this list.", + "title": "SubnetIds", + "type": "array" + } + }, + "type": "object" + }, + "AWS::PCS::Cluster.Scheduler": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "The software AWS PCS uses to manage cluster scaling and job scheduling.", + "title": "Type", + "type": "string" + }, + "Version": { + "markdownDescription": "The version of the specified scheduling software that AWS PCS uses to manage cluster scaling and job scheduling.", + "title": "Version", + "type": "string" + } + }, + "required": [ + "Type", + "Version" + ], + "type": "object" + }, + "AWS::PCS::Cluster.SlurmConfiguration": { + "additionalProperties": false, + "properties": { + "Accounting": { + "$ref": "#/definitions/AWS::PCS::Cluster.Accounting", + "markdownDescription": "The accounting configuration includes configurable settings for Slurm accounting.", + "title": "Accounting" + }, + "AuthKey": { + "$ref": "#/definitions/AWS::PCS::Cluster.AuthKey", + "markdownDescription": "The shared Slurm key for authentication, also known as the cluster secret.", + "title": "AuthKey" + }, + "ScaleDownIdleTimeInSeconds": { + "markdownDescription": "The time before an idle node is scaled down.", + "title": "ScaleDownIdleTimeInSeconds", + "type": "number" + }, + "SlurmCustomSettings": { + "items": { + "$ref": "#/definitions/AWS::PCS::Cluster.SlurmCustomSetting" + }, + "markdownDescription": "Additional Slurm-specific configuration that directly maps to Slurm settings.", + "title": "SlurmCustomSettings", + "type": "array" + } + }, + "type": "object" + }, + "AWS::PCS::Cluster.SlurmCustomSetting": { + "additionalProperties": false, + "properties": { + "ParameterName": { + "markdownDescription": "AWS PCS supports configuration of the following Slurm parameters:\n\n- For *clusters*\n\n- [`Prolog`](https://docs.aws.amazon.com/https://slurm.schedmd.com/slurm.conf.html#OPT_Prolog_1)\n- [`Epilog`](https://docs.aws.amazon.com/https://slurm.schedmd.com/slurm.conf.html#OPT_Epilog_1)\n- [`SelectTypeParameters`](https://docs.aws.amazon.com/https://slurm.schedmd.com/slurm.conf.html#OPT_SelectTypeParameters)\n- For *compute node groups*\n\n- [`Weight`](https://docs.aws.amazon.com/https://slurm.schedmd.com/slurm.conf.html#OPT_Weight)\n- [`RealMemory`](https://docs.aws.amazon.com/https://slurm.schedmd.com/slurm.conf.html#OPT_Weight)", + "title": "ParameterName", + "type": "string" + }, + "ParameterValue": { + "markdownDescription": "The values for the configured Slurm settings.", + "title": "ParameterValue", + "type": "string" + } + }, + "required": [ + "ParameterName", + "ParameterValue" + ], + "type": "object" + }, + "AWS::PCS::ComputeNodeGroup": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AmiId": { + "markdownDescription": "The ID of the Amazon Machine Image (AMI) that AWS PCS uses to launch instances. If not provided, AWS PCS uses the AMI ID specified in the custom launch template.", + "title": "AmiId", + "type": "string" + }, + "ClusterId": { + "markdownDescription": "The ID of the cluster of the compute node group.", + "title": "ClusterId", + "type": "string" + }, + "CustomLaunchTemplate": { + "$ref": "#/definitions/AWS::PCS::ComputeNodeGroup.CustomLaunchTemplate", + "markdownDescription": "An Amazon EC2 launch template AWS PCS uses to launch compute nodes.", + "title": "CustomLaunchTemplate" + }, + "IamInstanceProfileArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM instance profile used to pass an IAM role when launching EC2 instances. The role contained in your instance profile must have pcs:RegisterComputeNodeGroupInstance permissions attached to provision instances correctly.", + "title": "IamInstanceProfileArn", + "type": "string" + }, + "InstanceConfigs": { + "items": { + "$ref": "#/definitions/AWS::PCS::ComputeNodeGroup.InstanceConfig" + }, + "markdownDescription": "A list of EC2 instance configurations that AWS PCS can provision in the compute node group.", + "title": "InstanceConfigs", + "type": "array" + }, + "Name": { + "markdownDescription": "The name that identifies the compute node group.", + "title": "Name", + "type": "string" + }, + "PurchaseOption": { + "markdownDescription": "Specifies how EC2 instances are purchased on your behalf. AWS PCS supports On-Demand and Spot instances. For more information, see Instance purchasing options in the Amazon Elastic Compute Cloud User Guide. If you don't provide this option, it defaults to On-Demand.", + "title": "PurchaseOption", + "type": "string" + }, + "ScalingConfiguration": { + "$ref": "#/definitions/AWS::PCS::ComputeNodeGroup.ScalingConfiguration", + "markdownDescription": "Specifies the boundaries of the compute node group auto scaling.", + "title": "ScalingConfiguration" + }, + "SlurmConfiguration": { + "$ref": "#/definitions/AWS::PCS::ComputeNodeGroup.SlurmConfiguration", + "markdownDescription": "Additional options related to the Slurm scheduler.", + "title": "SlurmConfiguration" + }, + "SpotOptions": { + "$ref": "#/definitions/AWS::PCS::ComputeNodeGroup.SpotOptions", + "markdownDescription": "Additional configuration when you specify `SPOT` as the `purchaseOption` .", + "title": "SpotOptions" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of subnet IDs where instances are provisioned by the compute node group. The subnets must be in the same VPC as the cluster.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "1 or more tags added to the resource. Each tag consists of a tag key and tag value. The tag value is optional and can be an empty string.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "ClusterId", + "CustomLaunchTemplate", + "IamInstanceProfileArn", + "InstanceConfigs", + "ScalingConfiguration", + "SubnetIds" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::PCS::ComputeNodeGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::PCS::ComputeNodeGroup.CustomLaunchTemplate": { + "additionalProperties": false, + "properties": { + "TemplateId": { + "markdownDescription": "The ID of the EC2 launch template to use to provision instances.", + "title": "TemplateId", + "type": "string" + }, + "Version": { + "markdownDescription": "The version of the EC2 launch template to use to provision instances.", + "title": "Version", + "type": "string" + } + }, + "required": [ + "Version" + ], + "type": "object" + }, + "AWS::PCS::ComputeNodeGroup.ErrorInfo": { + "additionalProperties": false, + "properties": { + "Code": { + "markdownDescription": "The short-form error code.", + "title": "Code", + "type": "string" + }, + "Message": { + "markdownDescription": "The detailed error information.", + "title": "Message", + "type": "string" + } + }, + "type": "object" + }, + "AWS::PCS::ComputeNodeGroup.InstanceConfig": { + "additionalProperties": false, + "properties": { + "InstanceType": { + "markdownDescription": "The EC2 instance type that AWS PCS can provision in the compute node group.\n\nExample: `t2.xlarge`", + "title": "InstanceType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::PCS::ComputeNodeGroup.ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "MaxInstanceCount": { + "markdownDescription": "The upper bound of the number of instances allowed in the compute fleet.", + "title": "MaxInstanceCount", + "type": "number" + }, + "MinInstanceCount": { + "markdownDescription": "The lower bound of the number of instances allowed in the compute fleet.", + "title": "MinInstanceCount", + "type": "number" + } + }, + "required": [ + "MaxInstanceCount", + "MinInstanceCount" + ], + "type": "object" + }, + "AWS::PCS::ComputeNodeGroup.SlurmConfiguration": { + "additionalProperties": false, + "properties": { + "SlurmCustomSettings": { + "items": { + "$ref": "#/definitions/AWS::PCS::ComputeNodeGroup.SlurmCustomSetting" + }, + "markdownDescription": "Additional Slurm-specific configuration that directly maps to Slurm settings.", + "title": "SlurmCustomSettings", + "type": "array" + } + }, + "type": "object" + }, + "AWS::PCS::ComputeNodeGroup.SlurmCustomSetting": { + "additionalProperties": false, + "properties": { + "ParameterName": { + "markdownDescription": "AWS PCS supports configuration of the following Slurm parameters:\n\n- For *clusters*\n\n- [`Prolog`](https://docs.aws.amazon.com/https://slurm.schedmd.com/slurm.conf.html#OPT_Prolog_1)\n- [`Epilog`](https://docs.aws.amazon.com/https://slurm.schedmd.com/slurm.conf.html#OPT_Epilog_1)\n- [`SelectTypeParameters`](https://docs.aws.amazon.com/https://slurm.schedmd.com/slurm.conf.html#OPT_SelectTypeParameters)\n- For *compute node groups*\n\n- [`Weight`](https://docs.aws.amazon.com/https://slurm.schedmd.com/slurm.conf.html#OPT_Weight)\n- [`RealMemory`](https://docs.aws.amazon.com/https://slurm.schedmd.com/slurm.conf.html#OPT_Weight)", + "title": "ParameterName", + "type": "string" + }, + "ParameterValue": { + "markdownDescription": "The values for the configured Slurm settings.", + "title": "ParameterValue", + "type": "string" + } + }, + "required": [ + "ParameterName", + "ParameterValue" + ], + "type": "object" + }, + "AWS::PCS::ComputeNodeGroup.SpotOptions": { + "additionalProperties": false, + "properties": { + "AllocationStrategy": { + "markdownDescription": "The Amazon EC2 allocation strategy AWS PCS uses to provision EC2 instances. AWS PCS supports lowest price, capacity optimized, and price capacity optimized. If you don't provide this option, it defaults to price capacity optimized.", + "title": "AllocationStrategy", + "type": "string" + } + }, + "type": "object" + }, + "AWS::PCS::Queue": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ClusterId": { + "markdownDescription": "The ID of the cluster of the queue.", + "title": "ClusterId", + "type": "string" + }, + "ComputeNodeGroupConfigurations": { + "items": { + "$ref": "#/definitions/AWS::PCS::Queue.ComputeNodeGroupConfiguration" + }, + "markdownDescription": "The list of compute node group configurations associated with the queue. Queues assign jobs to associated compute node groups.", + "title": "ComputeNodeGroupConfigurations", + "type": "array" + }, + "Name": { + "markdownDescription": "The name that identifies the queue.", + "title": "Name", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "1 or more tags added to the resource. Each tag consists of a tag key and tag value. The tag value is optional and can be an empty string.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "ClusterId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::PCS::Queue" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::PCS::Queue.ComputeNodeGroupConfiguration": { + "additionalProperties": false, + "properties": { + "ComputeNodeGroupId": { + "markdownDescription": "The compute node group ID for the compute node group configuration.", + "title": "ComputeNodeGroupId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::PCS::Queue.ErrorInfo": { + "additionalProperties": false, + "properties": { + "Code": { + "markdownDescription": "The short-form error code.", + "title": "Code", + "type": "string" + }, + "Message": { + "markdownDescription": "TBDThe detailed error information.", + "title": "Message", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Panorama::ApplicationInstance": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationInstanceIdToReplace": { + "markdownDescription": "The ID of an application instance to replace with the new instance.", + "title": "ApplicationInstanceIdToReplace", + "type": "string" + }, + "DefaultRuntimeContextDevice": { + "markdownDescription": "The device's ID.", + "title": "DefaultRuntimeContextDevice", + "type": "string" + }, + "Description": { + "markdownDescription": "A description for the application instance.", + "title": "Description", + "type": "string" + }, + "ManifestOverridesPayload": { + "$ref": "#/definitions/AWS::Panorama::ApplicationInstance.ManifestOverridesPayload", + "markdownDescription": "Setting overrides for the application manifest.", + "title": "ManifestOverridesPayload" + }, + "ManifestPayload": { + "$ref": "#/definitions/AWS::Panorama::ApplicationInstance.ManifestPayload", + "markdownDescription": "The application's manifest document.", + "title": "ManifestPayload" + }, + "Name": { + "markdownDescription": "A name for the application instance.", + "title": "Name", + "type": "string" + }, + "RuntimeRoleArn": { + "markdownDescription": "The ARN of a runtime role for the application instance.", + "title": "RuntimeRoleArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags for the application instance.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "DefaultRuntimeContextDevice", + "ManifestPayload" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Panorama::ApplicationInstance" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Panorama::ApplicationInstance.ManifestOverridesPayload": { + "additionalProperties": false, + "properties": { + "PayloadData": { + "markdownDescription": "The overrides document.", + "title": "PayloadData", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Panorama::ApplicationInstance.ManifestPayload": { + "additionalProperties": false, + "properties": { + "PayloadData": { + "markdownDescription": "The application manifest.", + "title": "PayloadData", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Panorama::Package": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "PackageName": { + "markdownDescription": "A name for the package.", + "title": "PackageName", + "type": "string" + }, + "StorageLocation": { + "$ref": "#/definitions/AWS::Panorama::Package.StorageLocation", + "markdownDescription": "A storage location.", + "title": "StorageLocation" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags for the package.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "PackageName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Panorama::Package" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Panorama::Package.StorageLocation": { + "additionalProperties": false, + "properties": { + "BinaryPrefixLocation": { + "markdownDescription": "The location's binary prefix.", + "title": "BinaryPrefixLocation", + "type": "string" + }, + "Bucket": { + "markdownDescription": "The location's bucket.", + "title": "Bucket", + "type": "string" + }, + "GeneratedPrefixLocation": { + "markdownDescription": "The location's generated prefix.", + "title": "GeneratedPrefixLocation", + "type": "string" + }, + "ManifestPrefixLocation": { + "markdownDescription": "The location's manifest prefix.", + "title": "ManifestPrefixLocation", + "type": "string" + }, + "RepoPrefixLocation": { + "markdownDescription": "The location's repo prefix.", + "title": "RepoPrefixLocation", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Panorama::PackageVersion": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "MarkLatest": { + "markdownDescription": "Whether to mark the new version as the latest version.", + "title": "MarkLatest", + "type": "boolean" + }, + "OwnerAccount": { + "markdownDescription": "An owner account.", + "title": "OwnerAccount", + "type": "string" + }, + "PackageId": { + "markdownDescription": "A package ID.", + "title": "PackageId", + "type": "string" + }, + "PackageVersion": { + "markdownDescription": "A package version.", + "title": "PackageVersion", + "type": "string" + }, + "PatchVersion": { + "markdownDescription": "A patch version.", + "title": "PatchVersion", + "type": "string" + }, + "UpdatedLatestPatchVersion": { + "markdownDescription": "If the version was marked latest, the new version to maker as latest.", + "title": "UpdatedLatestPatchVersion", + "type": "string" + } + }, + "required": [ + "PackageId", + "PackageVersion", + "PatchVersion" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Panorama::PackageVersion" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::PaymentCryptography::Alias": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AliasName": { + "markdownDescription": "A friendly name that you can use to refer to a key. The value must begin with `alias/` .\n\n> Do not include confidential or sensitive information in this field. This field may be displayed in plaintext in AWS CloudTrail logs and other output.", + "title": "AliasName", + "type": "string" + }, + "KeyArn": { + "markdownDescription": "The `KeyARN` of the key associated with the alias.", + "title": "KeyArn", + "type": "string" + } + }, + "required": [ + "AliasName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::PaymentCryptography::Alias" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::PaymentCryptography::Key": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DeriveKeyUsage": { + "markdownDescription": "The cryptographic usage of an ECDH derived key as de\ufb01ned in section A.5.2 of the TR-31 spec.", + "title": "DeriveKeyUsage", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Specifies whether the key is enabled.", + "title": "Enabled", + "type": "boolean" + }, + "Exportable": { + "markdownDescription": "Specifies whether the key is exportable. This data is immutable after the key is created.", + "title": "Exportable", + "type": "boolean" + }, + "KeyAttributes": { + "$ref": "#/definitions/AWS::PaymentCryptography::Key.KeyAttributes", + "markdownDescription": "The role of the key, the algorithm it supports, and the cryptographic operations allowed with the key. This data is immutable after the key is created.", + "title": "KeyAttributes" + }, + "KeyCheckValueAlgorithm": { + "markdownDescription": "The algorithm that AWS Payment Cryptography uses to calculate the key check value (KCV). It is used to validate the key integrity.\n\nFor TDES keys, the KCV is computed by encrypting 8 bytes, each with value of zero, with the key to be checked and retaining the 3 highest order bytes of the encrypted result. For AES keys, the KCV is computed using a CMAC algorithm where the input data is 16 bytes of zero and retaining the 3 highest order bytes of the encrypted result.", + "title": "KeyCheckValueAlgorithm", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Exportable", + "KeyAttributes" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::PaymentCryptography::Key" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::PaymentCryptography::Key.KeyAttributes": { + "additionalProperties": false, + "properties": { + "KeyAlgorithm": { + "markdownDescription": "The key algorithm to be use during creation of an AWS Payment Cryptography key.\n\nFor symmetric keys, AWS Payment Cryptography supports `AES` and `TDES` algorithms. For asymmetric keys, AWS Payment Cryptography supports `RSA` and `ECC_NIST` algorithms.", + "title": "KeyAlgorithm", + "type": "string" + }, + "KeyClass": { + "markdownDescription": "The type of AWS Payment Cryptography key to create, which determines the classi\ufb01cation of the cryptographic method and whether AWS Payment Cryptography key contains a symmetric key or an asymmetric key pair.", + "title": "KeyClass", + "type": "string" + }, + "KeyModesOfUse": { + "$ref": "#/definitions/AWS::PaymentCryptography::Key.KeyModesOfUse", + "markdownDescription": "The list of cryptographic operations that you can perform using the key.", + "title": "KeyModesOfUse" + }, + "KeyUsage": { + "markdownDescription": "The cryptographic usage of an AWS Payment Cryptography key as de\ufb01ned in section A.5.2 of the TR-31 spec.", + "title": "KeyUsage", + "type": "string" + } + }, + "required": [ + "KeyAlgorithm", + "KeyClass", + "KeyModesOfUse", + "KeyUsage" + ], + "type": "object" + }, + "AWS::PaymentCryptography::Key.KeyModesOfUse": { + "additionalProperties": false, + "properties": { + "Decrypt": { + "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used to decrypt data.", + "title": "Decrypt", + "type": "boolean" + }, + "DeriveKey": { + "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used to derive new keys.", + "title": "DeriveKey", + "type": "boolean" + }, + "Encrypt": { + "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used to encrypt data.", + "title": "Encrypt", + "type": "boolean" + }, + "Generate": { + "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used to generate and verify other card and PIN verification keys.", + "title": "Generate", + "type": "boolean" + }, + "NoRestrictions": { + "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key has no special restrictions other than the restrictions implied by `KeyUsage` .", + "title": "NoRestrictions", + "type": "boolean" + }, + "Sign": { + "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used for signing.", + "title": "Sign", + "type": "boolean" + }, + "Unwrap": { + "markdownDescription": "", + "title": "Unwrap", + "type": "boolean" + }, + "Verify": { + "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used to verify signatures.", + "title": "Verify", + "type": "boolean" + }, + "Wrap": { + "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used to wrap other keys.", + "title": "Wrap", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::Personalize::Dataset": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DatasetGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the dataset group.", + "title": "DatasetGroupArn", + "type": "string" + }, + "DatasetImportJob": { + "$ref": "#/definitions/AWS::Personalize::Dataset.DatasetImportJob", + "markdownDescription": "Describes a job that imports training data from a data source (Amazon S3 bucket) to an Amazon Personalize dataset. If you specify a dataset import job as part of a dataset, all dataset import job fields are required.", + "title": "DatasetImportJob" + }, + "DatasetType": { + "markdownDescription": "One of the following values:\n\n- Interactions\n- Items\n- Users\n\n> You can't use CloudFormation to create an Action Interactions or Actions dataset.", + "title": "DatasetType", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the dataset.", + "title": "Name", + "type": "string" + }, + "SchemaArn": { + "markdownDescription": "The ARN of the associated schema.", + "title": "SchemaArn", + "type": "string" + } + }, + "required": [ + "DatasetGroupArn", + "DatasetType", + "Name", + "SchemaArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Personalize::Dataset" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Personalize::Dataset.DataSource": { + "additionalProperties": false, + "properties": { + "DataLocation": { + "markdownDescription": "For dataset import jobs, the path to the Amazon S3 bucket where the data that you want to upload to your dataset is stored. For data deletion jobs, the path to the Amazon S3 bucket that stores the list of records to delete.\n\nFor example:\n\n`s3://bucket-name/folder-name/fileName.csv`\n\nIf your CSV files are in a folder in your Amazon S3 bucket and you want your import job or data deletion job to consider multiple files, you can specify the path to the folder. With a data deletion job, Amazon Personalize uses all files in the folder and any sub folder. Use the following syntax with a `/` after the folder name:\n\n`s3://bucket-name/folder-name/`", + "title": "DataLocation", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Personalize::Dataset.DatasetImportJob": { + "additionalProperties": false, + "properties": { + "DataSource": { + "$ref": "#/definitions/AWS::Personalize::Dataset.DataSource", + "markdownDescription": "The Amazon S3 bucket that contains the training data to import.", + "title": "DataSource" + }, + "DatasetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the dataset that receives the imported data.", + "title": "DatasetArn", + "type": "string" + }, + "DatasetImportJobArn": { + "markdownDescription": "The ARN of the dataset import job.", + "title": "DatasetImportJobArn", + "type": "string" + }, + "JobName": { + "markdownDescription": "The name of the import job.", + "title": "JobName", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that has permissions to read from the Amazon S3 data source.", + "title": "RoleArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Personalize::DatasetGroup": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Domain": { + "markdownDescription": "The domain of a Domain dataset group.", + "title": "Domain", + "type": "string" + }, + "KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) key used to encrypt the datasets.", + "title": "KmsKeyArn", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the dataset group.", + "title": "Name", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the AWS Identity and Access Management (IAM) role that has permissions to access the AWS Key Management Service (KMS) key. Supplying an IAM role is only valid when also specifying a KMS key.", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Personalize::DatasetGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Personalize::Schema": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Domain": { + "markdownDescription": "The domain of a schema that you created for a dataset in a Domain dataset group.", + "title": "Domain", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the schema.", + "title": "Name", + "type": "string" + }, + "Schema": { + "markdownDescription": "The schema.", + "title": "Schema", + "type": "string" + } + }, + "required": [ + "Name", + "Schema" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Personalize::Schema" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Personalize::Solution": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DatasetGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the dataset group that provides the training data.", + "title": "DatasetGroupArn", + "type": "string" + }, + "EventType": { + "markdownDescription": "The event type (for example, 'click' or 'like') that is used for training the model. If no `eventType` is provided, Amazon Personalize uses all interactions for training with equal weight regardless of type.", + "title": "EventType", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the solution.", + "title": "Name", + "type": "string" + }, + "PerformAutoML": { + "markdownDescription": "> We don't recommend enabling automated machine learning. Instead, match your use case to the available Amazon Personalize recipes. For more information, see [Determining your use case.](https://docs.aws.amazon.com/personalize/latest/dg/determining-use-case.html) \n\nWhen true, Amazon Personalize performs a search for the best USER_PERSONALIZATION recipe from the list specified in the solution configuration ( `recipeArn` must not be specified). When false (the default), Amazon Personalize uses `recipeArn` for training.", + "title": "PerformAutoML", + "type": "boolean" + }, + "PerformHPO": { + "markdownDescription": "Whether to perform hyperparameter optimization (HPO) on the chosen recipe. The default is `false` .", + "title": "PerformHPO", + "type": "boolean" + }, + "RecipeArn": { + "markdownDescription": "The ARN of the recipe used to create the solution. This is required when `performAutoML` is false.", + "title": "RecipeArn", + "type": "string" + }, + "SolutionConfig": { + "$ref": "#/definitions/AWS::Personalize::Solution.SolutionConfig", + "markdownDescription": "Describes the configuration properties for the solution.", + "title": "SolutionConfig" + } + }, + "required": [ + "DatasetGroupArn", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Personalize::Solution" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Personalize::Solution.AlgorithmHyperParameterRanges": { + "additionalProperties": false, + "properties": { + "CategoricalHyperParameterRanges": { + "items": { + "$ref": "#/definitions/AWS::Personalize::Solution.CategoricalHyperParameterRange" + }, + "markdownDescription": "Provides the name and range of a categorical hyperparameter.", + "title": "CategoricalHyperParameterRanges", + "type": "array" + }, + "ContinuousHyperParameterRanges": { + "items": { + "$ref": "#/definitions/AWS::Personalize::Solution.ContinuousHyperParameterRange" + }, + "markdownDescription": "Provides the name and range of a continuous hyperparameter.", + "title": "ContinuousHyperParameterRanges", + "type": "array" + }, + "IntegerHyperParameterRanges": { + "items": { + "$ref": "#/definitions/AWS::Personalize::Solution.IntegerHyperParameterRange" + }, + "markdownDescription": "Provides the name and range of an integer-valued hyperparameter.", + "title": "IntegerHyperParameterRanges", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Personalize::Solution.AutoMLConfig": { + "additionalProperties": false, + "properties": { + "MetricName": { + "markdownDescription": "The metric to optimize.", + "title": "MetricName", + "type": "string" + }, + "RecipeList": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of candidate recipes.", + "title": "RecipeList", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Personalize::Solution.CategoricalHyperParameterRange": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the hyperparameter.", + "title": "Name", + "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the categories for the hyperparameter.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Personalize::Solution.ContinuousHyperParameterRange": { + "additionalProperties": false, + "properties": { + "MaxValue": { + "markdownDescription": "The maximum allowable value for the hyperparameter.", + "title": "MaxValue", + "type": "number" + }, + "MinValue": { + "markdownDescription": "The minimum allowable value for the hyperparameter.", + "title": "MinValue", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of the hyperparameter.", + "title": "Name", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Personalize::Solution.HpoConfig": { + "additionalProperties": false, + "properties": { + "AlgorithmHyperParameterRanges": { + "$ref": "#/definitions/AWS::Personalize::Solution.AlgorithmHyperParameterRanges", + "markdownDescription": "The hyperparameters and their allowable ranges.", + "title": "AlgorithmHyperParameterRanges" + }, + "HpoObjective": { + "$ref": "#/definitions/AWS::Personalize::Solution.HpoObjective", + "markdownDescription": "The metric to optimize during HPO.\n\n> Amazon Personalize doesn't support configuring the `hpoObjective` at this time.", + "title": "HpoObjective" + }, + "HpoResourceConfig": { + "$ref": "#/definitions/AWS::Personalize::Solution.HpoResourceConfig", + "markdownDescription": "Describes the resource configuration for HPO.", + "title": "HpoResourceConfig" + } + }, + "type": "object" + }, + "AWS::Personalize::Solution.HpoObjective": { + "additionalProperties": false, + "properties": { + "MetricName": { + "markdownDescription": "The name of the metric.", + "title": "MetricName", + "type": "string" + }, + "MetricRegex": { + "markdownDescription": "A regular expression for finding the metric in the training job logs.", + "title": "MetricRegex", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the metric. Valid values are `Maximize` and `Minimize` .", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Personalize::Solution.HpoResourceConfig": { + "additionalProperties": false, + "properties": { + "MaxNumberOfTrainingJobs": { + "markdownDescription": "The maximum number of training jobs when you create a solution version. The maximum value for `maxNumberOfTrainingJobs` is `40` .", + "title": "MaxNumberOfTrainingJobs", + "type": "string" + }, + "MaxParallelTrainingJobs": { + "markdownDescription": "The maximum number of parallel training jobs when you create a solution version. The maximum value for `maxParallelTrainingJobs` is `10` .", + "title": "MaxParallelTrainingJobs", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Personalize::Solution.IntegerHyperParameterRange": { + "additionalProperties": false, + "properties": { + "MaxValue": { + "markdownDescription": "The maximum allowable value for the hyperparameter.", + "title": "MaxValue", + "type": "number" + }, + "MinValue": { + "markdownDescription": "The minimum allowable value for the hyperparameter.", + "title": "MinValue", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of the hyperparameter.", + "title": "Name", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Personalize::Solution.SolutionConfig": { + "additionalProperties": false, + "properties": { + "AlgorithmHyperParameters": { + "additionalProperties": true, + "markdownDescription": "Lists the algorithm hyperparameters and their values.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AlgorithmHyperParameters", + "type": "object" + }, + "AutoMLConfig": { + "$ref": "#/definitions/AWS::Personalize::Solution.AutoMLConfig", + "markdownDescription": "The [AutoMLConfig](https://docs.aws.amazon.com/personalize/latest/dg/API_AutoMLConfig.html) object containing a list of recipes to search when AutoML is performed.", + "title": "AutoMLConfig" + }, + "EventValueThreshold": { + "markdownDescription": "Only events with a value greater than or equal to this threshold are used for training a model.", + "title": "EventValueThreshold", + "type": "string" + }, + "FeatureTransformationParameters": { + "additionalProperties": true, + "markdownDescription": "Lists the feature transformation parameters.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "FeatureTransformationParameters", + "type": "object" + }, + "HpoConfig": { + "$ref": "#/definitions/AWS::Personalize::Solution.HpoConfig", + "markdownDescription": "Describes the properties for hyperparameter optimization (HPO).", + "title": "HpoConfig" + } + }, + "type": "object" + }, + "AWS::Pinpoint::ADMChannel": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the ADM channel applies to.", + "title": "ApplicationId", + "type": "string" + }, + "ClientId": { + "markdownDescription": "The Client ID that you received from Amazon to send messages by using ADM.", + "title": "ClientId", + "type": "string" + }, + "ClientSecret": { + "markdownDescription": "The Client Secret that you received from Amazon to send messages by using ADM.", + "title": "ClientSecret", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Specifies whether to enable the ADM channel for the application.", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "ApplicationId", + "ClientId", + "ClientSecret" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Pinpoint::ADMChannel" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Pinpoint::APNSChannel": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the APNs channel applies to.", + "title": "ApplicationId", + "type": "string" + }, + "BundleId": { + "markdownDescription": "The bundle identifier that's assigned to your iOS app. This identifier is used for APNs tokens.", + "title": "BundleId", + "type": "string" + }, + "Certificate": { + "markdownDescription": "The APNs client certificate that you received from Apple. Specify this value if you want Amazon Pinpoint to communicate with APNs by using an APNs certificate.", + "title": "Certificate", + "type": "string" + }, + "DefaultAuthenticationMethod": { + "markdownDescription": "The default authentication method that you want Amazon Pinpoint to use when authenticating with APNs. Valid options are `key` or `certificate` .", + "title": "DefaultAuthenticationMethod", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Specifies whether to enable the APNs channel for the application.", + "title": "Enabled", + "type": "boolean" + }, + "PrivateKey": { + "markdownDescription": "The private key for the APNs client certificate that you want Amazon Pinpoint to use to communicate with APNs.", + "title": "PrivateKey", + "type": "string" + }, + "TeamId": { + "markdownDescription": "The identifier that's assigned to your Apple Developer Account team. This identifier is used for APNs tokens.", + "title": "TeamId", + "type": "string" + }, + "TokenKey": { + "markdownDescription": "The authentication key to use for APNs tokens.", + "title": "TokenKey", + "type": "string" + }, + "TokenKeyId": { + "markdownDescription": "The key identifier that's assigned to your APNs signing key. Specify this value if you want Amazon Pinpoint to communicate with APNs by using APNs tokens.", + "title": "TokenKeyId", + "type": "string" + } + }, + "required": [ + "ApplicationId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Pinpoint::APNSChannel" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Pinpoint::APNSSandboxChannel": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the APNs sandbox channel applies to.", + "title": "ApplicationId", + "type": "string" + }, + "BundleId": { + "markdownDescription": "The bundle identifier that's assigned to your iOS app. This identifier is used for APNs tokens.", + "title": "BundleId", + "type": "string" + }, + "Certificate": { + "markdownDescription": "The APNs client certificate that you received from Apple. Specify this value if you want Amazon Pinpoint to communicate with APNs by using an APNs certificate.", + "title": "Certificate", + "type": "string" + }, + "DefaultAuthenticationMethod": { + "markdownDescription": "The default authentication method that you want Amazon Pinpoint to use when authenticating with APNs. Valid options are `key` or `certificate` .", + "title": "DefaultAuthenticationMethod", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Specifies whether to enable the APNs Sandbox channel for the Amazon Pinpoint application.", + "title": "Enabled", + "type": "boolean" + }, + "PrivateKey": { + "markdownDescription": "The private key for the APNs client certificate that you want Amazon Pinpoint to use to communicate with APNs.", + "title": "PrivateKey", + "type": "string" + }, + "TeamId": { + "markdownDescription": "The identifier that's assigned to your Apple Developer Account team. This identifier is used for APNs tokens.", + "title": "TeamId", + "type": "string" + }, + "TokenKey": { + "markdownDescription": "The authentication key to use for APNs tokens.", + "title": "TokenKey", + "type": "string" + }, + "TokenKeyId": { + "markdownDescription": "The key identifier that's assigned to your APNs signing key. Specify this value if you want Amazon Pinpoint to communicate with APNs by using APNs tokens.", + "title": "TokenKeyId", + "type": "string" + } + }, + "required": [ + "ApplicationId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Pinpoint::APNSSandboxChannel" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Pinpoint::APNSVoipChannel": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the APNs VoIP channel applies to.", + "title": "ApplicationId", + "type": "string" + }, + "BundleId": { + "markdownDescription": "The bundle identifier that's assigned to your iOS app. This identifier is used for APNs tokens.", + "title": "BundleId", + "type": "string" + }, + "Certificate": { + "markdownDescription": "The APNs client certificate that you received from Apple. Specify this value if you want Amazon Pinpoint to communicate with APNs by using an APNs certificate.", + "title": "Certificate", + "type": "string" + }, + "DefaultAuthenticationMethod": { + "markdownDescription": "The default authentication method that you want Amazon Pinpoint to use when authenticating with APNs. Valid options are `key` or `certificate` .", + "title": "DefaultAuthenticationMethod", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Specifies whether to enable the APNs VoIP channel for the Amazon Pinpoint application.", + "title": "Enabled", + "type": "boolean" + }, + "PrivateKey": { + "markdownDescription": "The private key for the APNs client certificate that you want Amazon Pinpoint to use to communicate with APNs.", + "title": "PrivateKey", + "type": "string" + }, + "TeamId": { + "markdownDescription": "The identifier that's assigned to your Apple Developer Account team. This identifier is used for APNs tokens.", + "title": "TeamId", + "type": "string" + }, + "TokenKey": { + "markdownDescription": "The authentication key to use for APNs tokens.", + "title": "TokenKey", + "type": "string" + }, + "TokenKeyId": { + "markdownDescription": "The key identifier that's assigned to your APNs signing key. Specify this value if you want Amazon Pinpoint to communicate with APNs by using APNs tokens.", + "title": "TokenKeyId", + "type": "string" + } + }, + "required": [ + "ApplicationId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Pinpoint::APNSVoipChannel" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Pinpoint::APNSVoipSandboxChannel": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The unique identifier for the application that the APNs VoIP sandbox channel applies to.", + "title": "ApplicationId", + "type": "string" + }, + "BundleId": { + "markdownDescription": "The bundle identifier that's assigned to your iOS app. This identifier is used for APNs tokens.", + "title": "BundleId", + "type": "string" + }, + "Certificate": { + "markdownDescription": "The APNs client certificate that you received from Apple. Specify this value if you want Amazon Pinpoint to communicate with the APNs sandbox environment by using an APNs certificate.", + "title": "Certificate", + "type": "string" + }, + "DefaultAuthenticationMethod": { + "markdownDescription": "The default authentication method that you want Amazon Pinpoint to use when authenticating with APNs. Valid options are `key` or `certificate` .", + "title": "DefaultAuthenticationMethod", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Specifies whether the APNs VoIP sandbox channel is enabled for the application.", + "title": "Enabled", + "type": "boolean" + }, + "PrivateKey": { + "markdownDescription": "The private key for the APNs client certificate that you want Amazon Pinpoint to use to communicate with the APNs sandbox environment.", + "title": "PrivateKey", + "type": "string" + }, + "TeamId": { + "markdownDescription": "The identifier that's assigned to your Apple developer account team. This identifier is used for APNs tokens.", + "title": "TeamId", + "type": "string" + }, + "TokenKey": { + "markdownDescription": "The authentication key to use for APNs tokens.", + "title": "TokenKey", + "type": "string" + }, + "TokenKeyId": { + "markdownDescription": "The key identifier that's assigned to your APNs signing key. Specify this value if you want Amazon Pinpoint to communicate with the APNs sandbox environment by using APNs tokens.", + "title": "TokenKeyId", + "type": "string" + } + }, + "required": [ + "ApplicationId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Pinpoint::APNSVoipSandboxChannel" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Pinpoint::App": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The display name of the application.", + "title": "Name", + "type": "string" + }, + "Tags": { + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "object" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Pinpoint::App" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Pinpoint::ApplicationSettings": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The unique identifier for the Amazon Pinpoint application.", + "title": "ApplicationId", + "type": "string" + }, + "CampaignHook": { + "$ref": "#/definitions/AWS::Pinpoint::ApplicationSettings.CampaignHook", + "markdownDescription": "The settings for the Lambda function to use by default as a code hook for campaigns in the application. To override these settings for a specific campaign, use the Campaign resource to define custom Lambda function settings for the campaign.", + "title": "CampaignHook" + }, + "CloudWatchMetricsEnabled": { + "markdownDescription": "", + "title": "CloudWatchMetricsEnabled", + "type": "boolean" + }, + "Limits": { + "$ref": "#/definitions/AWS::Pinpoint::ApplicationSettings.Limits", + "markdownDescription": "The default sending limits for campaigns in the application. To override these limits for a specific campaign, use the Campaign resource to define custom limits for the campaign.", + "title": "Limits" + }, + "QuietTime": { + "$ref": "#/definitions/AWS::Pinpoint::ApplicationSettings.QuietTime", + "markdownDescription": "The default quiet time for campaigns in the application. Quiet time is a specific time range when campaigns don't send messages to endpoints, if all the following conditions are met:\n\n- The `EndpointDemographic.Timezone` property of the endpoint is set to a valid value.\n\n- The current time in the endpoint's time zone is later than or equal to the time specified by the `QuietTime.Start` property for the application (or a campaign that has custom quiet time settings).\n\n- The current time in the endpoint's time zone is earlier than or equal to the time specified by the `QuietTime.End` property for the application (or a campaign that has custom quiet time settings).\n\nIf any of the preceding conditions isn't met, the endpoint will receive messages from a campaign, even if quiet time is enabled.\n\nTo override the default quiet time settings for a specific campaign, use the Campaign resource to define a custom quiet time for the campaign.", + "title": "QuietTime" + } + }, + "required": [ + "ApplicationId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Pinpoint::ApplicationSettings" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Pinpoint::ApplicationSettings.CampaignHook": { + "additionalProperties": false, + "properties": { + "LambdaFunctionName": { + "markdownDescription": "The name or Amazon Resource Name (ARN) of the Lambda function that Amazon Pinpoint invokes to send messages for campaigns in the application.", + "title": "LambdaFunctionName", + "type": "string" + }, + "Mode": { + "markdownDescription": "The mode that Amazon Pinpoint uses to invoke the Lambda function. Possible values are:\n\n- `FILTER` - Invoke the function to customize the segment that's used by a campaign.\n- `DELIVERY` - (Deprecated) Previously, invoked the function to send a campaign through a custom channel. This functionality is not supported anymore. To send a campaign through a custom channel, use the `CustomDeliveryConfiguration` and `CampaignCustomMessage` objects of the campaign.", + "title": "Mode", + "type": "string" + }, + "WebUrl": { + "markdownDescription": "The web URL that Amazon Pinpoint calls to invoke the Lambda function over HTTPS.", + "title": "WebUrl", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Pinpoint::ApplicationSettings.Limits": { + "additionalProperties": false, + "properties": { + "Daily": { + "markdownDescription": "The maximum number of messages that a campaign can send to a single endpoint during a 24-hour period. The maximum value is 100.", + "title": "Daily", + "type": "number" + }, + "MaximumDuration": { + "markdownDescription": "The maximum amount of time, in seconds, that a campaign can attempt to deliver a message after the scheduled start time for the campaign. The minimum value is 60 seconds.", + "title": "MaximumDuration", + "type": "number" + }, + "MessagesPerSecond": { + "markdownDescription": "The maximum number of messages that a campaign can send each second. The minimum value is 1. The maximum value is 20,000.", + "title": "MessagesPerSecond", + "type": "number" + }, + "Total": { + "markdownDescription": "The maximum number of messages that a campaign can send to a single endpoint during the course of the campaign. The maximum value is 100.", + "title": "Total", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Pinpoint::ApplicationSettings.QuietTime": { + "additionalProperties": false, + "properties": { + "End": { + "markdownDescription": "The specific time when quiet time ends. This value has to use 24-hour notation and be in HH:MM format, where HH is the hour (with a leading zero, if applicable) and MM is the minutes. For example, use `02:30` to represent 2:30 AM, or `14:30` to represent 2:30 PM.", + "title": "End", + "type": "string" + }, + "Start": { + "markdownDescription": "The specific time when quiet time begins. This value has to use 24-hour notation and be in HH:MM format, where HH is the hour (with a leading zero, if applicable) and MM is the minutes. For example, use `02:30` to represent 2:30 AM, or `14:30` to represent 2:30 PM.", + "title": "Start", + "type": "string" + } + }, + "required": [ + "End", + "Start" + ], + "type": "object" + }, + "AWS::Pinpoint::BaiduChannel": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApiKey": { + "markdownDescription": "The API key that you received from the Baidu Cloud Push service to communicate with the service.", + "title": "ApiKey", + "type": "string" + }, + "ApplicationId": { + "markdownDescription": "The unique identifier for the Amazon Pinpoint application that you're configuring the Baidu channel for.", + "title": "ApplicationId", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Specifies whether to enable the Baidu channel for the application.", + "title": "Enabled", + "type": "boolean" + }, + "SecretKey": { + "markdownDescription": "The secret key that you received from the Baidu Cloud Push service to communicate with the service.", + "title": "SecretKey", + "type": "string" + } + }, + "required": [ + "ApiKey", + "ApplicationId", + "SecretKey" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Pinpoint::BaiduChannel" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Pinpoint::Campaign": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AdditionalTreatments": { + "items": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.WriteTreatmentResource" + }, + "markdownDescription": "An array of requests that defines additional treatments for the campaign, in addition to the default treatment for the campaign.", + "title": "AdditionalTreatments", + "type": "array" + }, + "ApplicationId": { + "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the campaign is associated with.", + "title": "ApplicationId", + "type": "string" + }, + "CampaignHook": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.CampaignHook", + "markdownDescription": "Specifies the Lambda function to use as a code hook for a campaign.", + "title": "CampaignHook" + }, + "CustomDeliveryConfiguration": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.CustomDeliveryConfiguration", + "markdownDescription": "The delivery configuration settings for sending the treatment through a custom channel. This object is required if the `MessageConfiguration` object for the treatment specifies a `CustomMessage` object.", + "title": "CustomDeliveryConfiguration" + }, + "Description": { + "markdownDescription": "A custom description of the campaign.", + "title": "Description", + "type": "string" + }, + "HoldoutPercent": { + "markdownDescription": "The allocated percentage of users (segment members) who shouldn't receive messages from the campaign.", + "title": "HoldoutPercent", + "type": "number" + }, + "IsPaused": { + "markdownDescription": "Specifies whether to pause the campaign. A paused campaign doesn't run unless you resume it by changing this value to `false` . If you restart a campaign, the campaign restarts from the beginning and not at the point you paused it. If a campaign is running it will complete and then pause. Pause only pauses or skips the next run for a recurring future scheduled campaign. A campaign scheduled for immediate can't be paused.", + "title": "IsPaused", + "type": "boolean" + }, + "Limits": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.Limits", + "markdownDescription": "The messaging limits for the campaign.", + "title": "Limits" + }, + "MessageConfiguration": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.MessageConfiguration", + "markdownDescription": "The message configuration settings for the treatment.", + "title": "MessageConfiguration" + }, + "Name": { + "markdownDescription": "The name of the campaign.", + "title": "Name", + "type": "string" + }, + "Priority": { + "markdownDescription": "An integer between 1 and 5, inclusive, that represents the priority of the in-app message campaign, where 1 is the highest priority and 5 is the lowest. If there are multiple messages scheduled to be displayed at the same time, the priority determines the order in which those messages are displayed.", + "title": "Priority", + "type": "number" + }, + "Schedule": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.Schedule", + "markdownDescription": "The schedule settings for the treatment.", + "title": "Schedule" + }, + "SegmentId": { + "markdownDescription": "The unique identifier for the segment to associate with the campaign.", + "title": "SegmentId", + "type": "string" + }, + "SegmentVersion": { + "markdownDescription": "The version of the segment to associate with the campaign.", + "title": "SegmentVersion", + "type": "number" + }, + "Tags": { + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "object" + }, + "TemplateConfiguration": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.TemplateConfiguration", + "markdownDescription": "The message template to use for the treatment.", + "title": "TemplateConfiguration" + }, + "TreatmentDescription": { + "markdownDescription": "A custom description of the treatment.", + "title": "TreatmentDescription", + "type": "string" + }, + "TreatmentName": { + "markdownDescription": "A custom name for the treatment.", + "title": "TreatmentName", + "type": "string" + } + }, + "required": [ + "ApplicationId", + "Name", + "Schedule", + "SegmentId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Pinpoint::Campaign" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Pinpoint::Campaign.AttributeDimension": { + "additionalProperties": false, + "properties": { + "AttributeType": { + "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "AWS::Pinpoint::Campaign.CampaignCustomMessage": { + "additionalProperties": false, + "properties": { + "Data": { + "markdownDescription": "The raw, JSON-formatted string to use as the payload for the message. The maximum size is 5 KB.", + "title": "Data", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Pinpoint::Campaign.CampaignEmailMessage": { + "additionalProperties": false, + "properties": { + "Body": { + "markdownDescription": "The body of the email for recipients whose email clients don't render HTML content.", + "title": "Body", + "type": "string" + }, + "FromAddress": { + "markdownDescription": "The verified email address to send the email from. The default address is the `FromAddress` specified for the email channel for the application.", + "title": "FromAddress", + "type": "string" + }, + "HtmlBody": { + "markdownDescription": "The body of the email, in HTML format, for recipients whose email clients render HTML content.", + "title": "HtmlBody", + "type": "string" + }, + "Title": { + "markdownDescription": "The subject line, or title, of the email.", + "title": "Title", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Pinpoint::Campaign.CampaignEventFilter": { + "additionalProperties": false, + "properties": { + "Dimensions": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.EventDimensions", + "markdownDescription": "The dimension settings of the event filter for the campaign.", + "title": "Dimensions" + }, + "FilterType": { + "markdownDescription": "The type of event that causes the campaign to be sent. Valid values are: `SYSTEM` , sends the campaign when a system event occurs; and, `ENDPOINT` , sends the campaign when an endpoint event (Events resource) occurs.", + "title": "FilterType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Pinpoint::Campaign.CampaignHook": { + "additionalProperties": false, + "properties": { + "LambdaFunctionName": { + "markdownDescription": "The name or Amazon Resource Name (ARN) of the Lambda function that Amazon Pinpoint invokes to customize a segment for a campaign.", + "title": "LambdaFunctionName", + "type": "string" + }, + "Mode": { + "markdownDescription": "The mode that Amazon Pinpoint uses to invoke the Lambda function. Possible values are:\n\n- `FILTER` - Invoke the function to customize the segment that's used by a campaign.\n- `DELIVERY` - (Deprecated) Previously, invoked the function to send a campaign through a custom channel. This functionality is not supported anymore. To send a campaign through a custom channel, use the `CustomDeliveryConfiguration` and `CampaignCustomMessage` objects of the campaign.", + "title": "Mode", + "type": "string" + }, + "WebUrl": { + "markdownDescription": "The web URL that Amazon Pinpoint calls to invoke the Lambda function over HTTPS.", + "title": "WebUrl", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Pinpoint::Campaign.CampaignInAppMessage": { + "additionalProperties": false, + "properties": { + "Content": { + "items": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.InAppMessageContent" + }, + "markdownDescription": "An array that contains configurtion information about the in-app message for the campaign, including title and body text, text colors, background colors, image URLs, and button configurations.", + "title": "Content", + "type": "array" + }, + "CustomConfig": { + "markdownDescription": "Custom data, in the form of key-value pairs, that is included in an in-app messaging payload.", + "title": "CustomConfig", + "type": "object" + }, + "Layout": { + "markdownDescription": "A string that describes how the in-app message will appear. You can specify one of the following:\n\n- `BOTTOM_BANNER` \u2013 a message that appears as a banner at the bottom of the page.\n- `TOP_BANNER` \u2013 a message that appears as a banner at the top of the page.\n- `OVERLAYS` \u2013 a message that covers entire screen.\n- `MOBILE_FEED` \u2013 a message that appears in a window in front of the page.\n- `MIDDLE_BANNER` \u2013 a message that appears as a banner in the middle of the page.\n- `CAROUSEL` \u2013 a scrollable layout of up to five unique messages.", + "title": "Layout", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Pinpoint::Campaign.CampaignSmsMessage": { + "additionalProperties": false, + "properties": { + "Body": { + "markdownDescription": "The body of the SMS message.", + "title": "Body", + "type": "string" + }, + "EntityId": { + "markdownDescription": "The entity ID or Principal Entity (PE) id received from the regulatory body for sending SMS in your country.", + "title": "EntityId", + "type": "string" + }, + "MessageType": { + "markdownDescription": "The SMS message type. Valid values are `TRANSACTIONAL` (for messages that are critical or time-sensitive, such as a one-time passwords) and `PROMOTIONAL` (for messsages that aren't critical or time-sensitive, such as marketing messages).", + "title": "MessageType", + "type": "string" + }, + "OriginationNumber": { + "markdownDescription": "The long code to send the SMS message from. This value should be one of the dedicated long codes that's assigned to your AWS account. Although it isn't required, we recommend that you specify the long code using an E.164 format to ensure prompt and accurate delivery of the message. For example, +12065550100.", + "title": "OriginationNumber", + "type": "string" + }, + "SenderId": { + "markdownDescription": "The alphabetic Sender ID to display as the sender of the message on a recipient's device. Support for sender IDs varies by country or region. To specify a phone number as the sender, omit this parameter and use `OriginationNumber` instead. For more information about support for Sender ID by country, see the [Amazon Pinpoint User Guide](https://docs.aws.amazon.com/pinpoint/latest/userguide/channels-sms-countries.html) .", + "title": "SenderId", + "type": "string" + }, + "TemplateId": { + "markdownDescription": "The template ID received from the regulatory body for sending SMS in your country.", + "title": "TemplateId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Pinpoint::Campaign.CustomDeliveryConfiguration": { + "additionalProperties": false, + "properties": { + "DeliveryUri": { + "markdownDescription": "The destination to send the campaign or treatment to. This value can be one of the following:\n\n- The name or Amazon Resource Name (ARN) of an AWS Lambda function to invoke to handle delivery of the campaign or treatment.\n- The URL for a web application or service that supports HTTPS and can receive the message. The URL has to be a full URL, including the HTTPS protocol.", + "title": "DeliveryUri", + "type": "string" + }, + "EndpointTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The types of endpoints to send the campaign or treatment to. Each valid value maps to a type of channel that you can associate with an endpoint by using the `ChannelType` property of an endpoint.", + "title": "EndpointTypes", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Pinpoint::Campaign.DefaultButtonConfiguration": { + "additionalProperties": false, + "properties": { + "BackgroundColor": { + "markdownDescription": "The background color of a button, expressed as a hex color code (such as #000000 for black).", + "title": "BackgroundColor", + "type": "string" + }, + "BorderRadius": { + "markdownDescription": "The border radius of a button.", + "title": "BorderRadius", + "type": "number" + }, + "ButtonAction": { + "markdownDescription": "The action that occurs when a recipient chooses a button in an in-app message. You can specify one of the following:\n\n- `LINK` \u2013 A link to a web destination.\n- `DEEP_LINK` \u2013 A link to a specific page in an application.\n- `CLOSE` \u2013 Dismisses the message.", + "title": "ButtonAction", + "type": "string" + }, + "Link": { + "markdownDescription": "The destination (such as a URL) for a button.", + "title": "Link", + "type": "string" + }, + "Text": { + "markdownDescription": "The text that appears on a button in an in-app message.", + "title": "Text", + "type": "string" + }, + "TextColor": { + "markdownDescription": "The color of the body text in a button, expressed as a hex color code (such as #000000 for black).", + "title": "TextColor", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Pinpoint::Campaign.EventDimensions": { + "additionalProperties": false, + "properties": { + "Attributes": { + "markdownDescription": "One or more custom attributes that your application reports to Amazon Pinpoint. You can use these attributes as selection criteria when you create an event filter.", + "title": "Attributes", + "type": "object" + }, + "EventType": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.SetDimension", + "markdownDescription": "The name of the event that causes the campaign to be sent or the journey activity to be performed. This can be a standard event that Amazon Pinpoint generates, such as `_email.delivered` or `_custom.delivered` . For campaigns, this can also be a custom event that's specific to your application. For information about standard events, see [Streaming Amazon Pinpoint Events](https://docs.aws.amazon.com/pinpoint/latest/developerguide/event-streams.html) in the *Amazon Pinpoint Developer Guide* .", + "title": "EventType" + }, + "Metrics": { + "markdownDescription": "One or more custom metrics that your application reports to Amazon Pinpoint . You can use these metrics as selection criteria when you create an event filter.", + "title": "Metrics", + "type": "object" + } + }, + "type": "object" + }, + "AWS::Pinpoint::Campaign.InAppMessageBodyConfig": { + "additionalProperties": false, + "properties": { + "Alignment": { + "markdownDescription": "The text alignment of the main body text of the message. Acceptable values: `LEFT` , `CENTER` , `RIGHT` .", + "title": "Alignment", + "type": "string" + }, + "Body": { + "markdownDescription": "The main body text of the message.", + "title": "Body", + "type": "string" + }, + "TextColor": { + "markdownDescription": "The color of the body text, expressed as a string consisting of a hex color code (such as \"#000000\" for black).", + "title": "TextColor", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Pinpoint::Campaign.InAppMessageButton": { + "additionalProperties": false, + "properties": { + "Android": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.OverrideButtonConfiguration", + "markdownDescription": "An object that defines the default behavior for a button in in-app messages sent to Android.", + "title": "Android" + }, + "DefaultConfig": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.DefaultButtonConfiguration", + "markdownDescription": "An object that defines the default behavior for a button in an in-app message.", + "title": "DefaultConfig" + }, + "IOS": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.OverrideButtonConfiguration", + "markdownDescription": "An object that defines the default behavior for a button in in-app messages sent to iOS devices.", + "title": "IOS" + }, + "Web": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.OverrideButtonConfiguration", + "markdownDescription": "An object that defines the default behavior for a button in in-app messages for web applications.", + "title": "Web" + } + }, + "type": "object" + }, + "AWS::Pinpoint::Campaign.InAppMessageContent": { + "additionalProperties": false, + "properties": { + "BackgroundColor": { + "markdownDescription": "The background color for an in-app message banner, expressed as a hex color code (such as #000000 for black).", + "title": "BackgroundColor", + "type": "string" + }, + "BodyConfig": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.InAppMessageBodyConfig", + "markdownDescription": "Specifies the configuration of main body text in an in-app message template.", + "title": "BodyConfig" + }, + "HeaderConfig": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.InAppMessageHeaderConfig", + "markdownDescription": "Specifies the configuration and content of the header or title text of the in-app message.", + "title": "HeaderConfig" + }, + "ImageUrl": { + "markdownDescription": "The URL of the image that appears on an in-app message banner.", + "title": "ImageUrl", + "type": "string" + }, + "PrimaryBtn": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.InAppMessageButton", + "markdownDescription": "An object that contains configuration information about the primary button in an in-app message.", + "title": "PrimaryBtn" + }, + "SecondaryBtn": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.InAppMessageButton", + "markdownDescription": "An object that contains configuration information about the secondary button in an in-app message.", + "title": "SecondaryBtn" + } + }, + "type": "object" + }, + "AWS::Pinpoint::Campaign.InAppMessageHeaderConfig": { + "additionalProperties": false, + "properties": { + "Alignment": { + "markdownDescription": "The text alignment of the title of the message. Acceptable values: `LEFT` , `CENTER` , `RIGHT` .", + "title": "Alignment", + "type": "string" + }, + "Header": { + "markdownDescription": "The header or title text of the in-app message.", + "title": "Header", + "type": "string" + }, + "TextColor": { + "markdownDescription": "The color of the body text, expressed as a string consisting of a hex color code (such as \"#000000\" for black).", + "title": "TextColor", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Pinpoint::Campaign.Limits": { + "additionalProperties": false, + "properties": { + "Daily": { + "markdownDescription": "The maximum number of messages that a campaign can send to a single endpoint during a 24-hour period. The maximum value is 100.", + "title": "Daily", + "type": "number" + }, + "MaximumDuration": { + "markdownDescription": "The maximum amount of time, in seconds, that a campaign can attempt to deliver a message after the scheduled start time for the campaign. The minimum value is 60 seconds.", + "title": "MaximumDuration", + "type": "number" + }, + "MessagesPerSecond": { + "markdownDescription": "The maximum number of messages that a campaign can send each second. The minimum value is 1. The maximum value is 20,000.", + "title": "MessagesPerSecond", + "type": "number" + }, + "Session": { + "markdownDescription": "The maximum number of messages that the campaign can send per user session.", + "title": "Session", + "type": "number" + }, + "Total": { + "markdownDescription": "The maximum number of messages that a campaign can send to a single endpoint during the course of the campaign. The maximum value is 100.", + "title": "Total", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Pinpoint::Campaign.Message": { + "additionalProperties": false, + "properties": { + "Action": { + "markdownDescription": "The action to occur if a recipient taps the push notification. Valid values are:\n\n- `OPEN_APP` \u2013 Your app opens or it becomes the foreground app if it was sent to the background. This is the default action.\n- `DEEP_LINK` \u2013 Your app opens and displays a designated user interface in the app. This setting uses the deep-linking features of iOS and Android.\n- `URL` \u2013 The default mobile browser on the recipient's device opens and loads the web page at a URL that you specify.", + "title": "Action", + "type": "string" + }, + "Body": { + "markdownDescription": "The body of the notification message. The maximum number of characters is 200.", + "title": "Body", + "type": "string" + }, + "ImageIconUrl": { + "markdownDescription": "The URL of the image to display as the push notification icon, such as the icon for the app.", + "title": "ImageIconUrl", + "type": "string" + }, + "ImageSmallIconUrl": { + "markdownDescription": "The URL of the image to display as the small, push notification icon, such as a small version of the icon for the app.", + "title": "ImageSmallIconUrl", + "type": "string" + }, + "ImageUrl": { + "markdownDescription": "The URL of an image to display in the push notification.", + "title": "ImageUrl", + "type": "string" + }, + "JsonBody": { + "markdownDescription": "The JSON payload to use for a silent push notification.", + "title": "JsonBody", + "type": "string" + }, + "MediaUrl": { + "markdownDescription": "The URL of the image or video to display in the push notification.", + "title": "MediaUrl", + "type": "string" + }, + "RawContent": { + "markdownDescription": "The raw, JSON-formatted string to use as the payload for the notification message. If specified, this value overrides all other content for the message.", + "title": "RawContent", + "type": "string" + }, + "SilentPush": { + "markdownDescription": "Specifies whether the notification is a silent push notification, which is a push notification that doesn't display on a recipient's device. Silent push notifications can be used for cases such as updating an app's configuration, displaying messages in an in-app message center, or supporting phone home functionality.", + "title": "SilentPush", + "type": "boolean" + }, + "TimeToLive": { + "markdownDescription": "The number of seconds that the push notification service should keep the message, if the service is unable to deliver the notification the first time. This value is converted to an expiration value when it's sent to a push notification service. If this value is `0` , the service treats the notification as if it expires immediately and the service doesn't store or try to deliver the notification again.\n\nThis value doesn't apply to messages that are sent through the Amazon Device Messaging (ADM) service.", + "title": "TimeToLive", + "type": "number" + }, + "Title": { + "markdownDescription": "The title to display above the notification message on a recipient's device.", + "title": "Title", + "type": "string" + }, + "Url": { + "markdownDescription": "The URL to open in a recipient's default mobile browser, if a recipient taps the push notification and the value of the `Action` property is `URL` .", + "title": "Url", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Pinpoint::Campaign.MessageConfiguration": { + "additionalProperties": false, + "properties": { + "ADMMessage": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.Message", + "markdownDescription": "The message that the campaign sends through the ADM (Amazon Device Messaging) channel. If specified, this message overrides the default message.", + "title": "ADMMessage" + }, + "APNSMessage": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.Message", + "markdownDescription": "The message that the campaign sends through the APNs (Apple Push Notification service) channel. If specified, this message overrides the default message.", + "title": "APNSMessage" + }, + "BaiduMessage": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.Message", + "markdownDescription": "The message that the campaign sends through the Baidu (Baidu Cloud Push) channel. If specified, this message overrides the default message.", + "title": "BaiduMessage" + }, + "CustomMessage": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.CampaignCustomMessage", + "markdownDescription": "The message that the campaign sends through a custom channel, as specified by the delivery configuration ( `CustomDeliveryConfiguration` ) settings for the campaign. If specified, this message overrides the default message.", + "title": "CustomMessage" + }, + "DefaultMessage": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.Message", + "markdownDescription": "The default message that the campaign sends through all the channels that are configured for the campaign.", + "title": "DefaultMessage" + }, + "EmailMessage": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.CampaignEmailMessage", + "markdownDescription": "The message that the campaign sends through the email channel. If specified, this message overrides the default message.\n\n> The maximum email message size is 200 KB. You can use email templates to send larger email messages.", + "title": "EmailMessage" + }, + "GCMMessage": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.Message", + "markdownDescription": "The message that the campaign sends through the GCM channel, which enables Amazon Pinpoint to send push notifications through the Firebase Cloud Messaging (FCM), formerly Google Cloud Messaging (GCM), service. If specified, this message overrides the default message.", + "title": "GCMMessage" + }, + "InAppMessage": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.CampaignInAppMessage", + "markdownDescription": "The default message for the in-app messaging channel. This message overrides the default message ( `DefaultMessage` ).", + "title": "InAppMessage" + }, + "SMSMessage": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.CampaignSmsMessage", + "markdownDescription": "The message that the campaign sends through the SMS channel. If specified, this message overrides the default message.", + "title": "SMSMessage" + } + }, + "type": "object" + }, + "AWS::Pinpoint::Campaign.MetricDimension": { + "additionalProperties": false, + "properties": { + "ComparisonOperator": { + "type": "string" + }, + "Value": { + "type": "number" + } + }, + "type": "object" + }, + "AWS::Pinpoint::Campaign.OverrideButtonConfiguration": { + "additionalProperties": false, + "properties": { + "ButtonAction": { + "markdownDescription": "The action that occurs when a recipient chooses a button in an in-app message. You can specify one of the following:\n\n- `LINK` \u2013 A link to a web destination.\n- `DEEP_LINK` \u2013 A link to a specific page in an application.\n- `CLOSE` \u2013 Dismisses the message.", + "title": "ButtonAction", + "type": "string" + }, + "Link": { + "markdownDescription": "The destination (such as a URL) for a button.", + "title": "Link", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Pinpoint::Campaign.QuietTime": { + "additionalProperties": false, + "properties": { + "End": { + "markdownDescription": "The specific time when quiet time ends. This value has to use 24-hour notation and be in HH:MM format, where HH is the hour (with a leading zero, if applicable) and MM is the minutes. For example, use `02:30` to represent 2:30 AM, or `14:30` to represent 2:30 PM.", + "title": "End", + "type": "string" + }, + "Start": { + "markdownDescription": "The specific time when quiet time begins. This value has to use 24-hour notation and be in HH:MM format, where HH is the hour (with a leading zero, if applicable) and MM is the minutes. For example, use `02:30` to represent 2:30 AM, or `14:30` to represent 2:30 PM.", + "title": "Start", + "type": "string" + } + }, + "required": [ + "End", + "Start" + ], + "type": "object" + }, + "AWS::Pinpoint::Campaign.Schedule": { + "additionalProperties": false, + "properties": { + "EndTime": { + "markdownDescription": "The scheduled time, in ISO 8601 format, when the campaign ended or will end.", + "title": "EndTime", + "type": "string" + }, + "EventFilter": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.CampaignEventFilter", + "markdownDescription": "The type of event that causes the campaign to be sent, if the value of the `Frequency` property is `EVENT` .", + "title": "EventFilter" + }, + "Frequency": { + "markdownDescription": "Specifies how often the campaign is sent or whether the campaign is sent in response to a specific event.", + "title": "Frequency", + "type": "string" + }, + "IsLocalTime": { + "markdownDescription": "Specifies whether the start and end times for the campaign schedule use each recipient's local time. To base the schedule on each recipient's local time, set this value to `true` .", + "title": "IsLocalTime", + "type": "boolean" + }, + "QuietTime": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.QuietTime", + "markdownDescription": "The default quiet time for the campaign. Quiet time is a specific time range when a campaign doesn't send messages to endpoints, if all the following conditions are met:\n\n- The `EndpointDemographic.Timezone` property of the endpoint is set to a valid value.\n- The current time in the endpoint's time zone is later than or equal to the time specified by the `QuietTime.Start` property for the campaign.\n- The current time in the endpoint's time zone is earlier than or equal to the time specified by the `QuietTime.End` property for the campaign.\n\nIf any of the preceding conditions isn't met, the endpoint will receive messages from the campaign, even if quiet time is enabled.", + "title": "QuietTime" + }, + "StartTime": { + "markdownDescription": "The scheduled time when the campaign began or will begin. Valid values are: `IMMEDIATE` , to start the campaign immediately; or, a specific time in ISO 8601 format.", + "title": "StartTime", + "type": "string" + }, + "TimeZone": { + "markdownDescription": "The starting UTC offset for the campaign schedule, if the value of the `IsLocalTime` property is `true` . Valid values are: `UTC, UTC+01, UTC+02, UTC+03, UTC+03:30, UTC+04, UTC+04:30, UTC+05, UTC+05:30, UTC+05:45, UTC+06, UTC+06:30, UTC+07, UTC+08, UTC+09, UTC+09:30, UTC+10, UTC+10:30, UTC+11, UTC+12, UTC+13, UTC-02, UTC-03, UTC-04, UTC-05, UTC-06, UTC-07, UTC-08, UTC-09, UTC-10,` and `UTC-11` .", + "title": "TimeZone", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Pinpoint::Campaign.SetDimension": { + "additionalProperties": false, + "properties": { + "DimensionType": { + "markdownDescription": "The type of segment dimension to use. Valid values are: `INCLUSIVE` , endpoints that match the criteria are included in the segment; and, `EXCLUSIVE` , endpoints that match the criteria are excluded from the segment.", + "title": "DimensionType", + "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The criteria values to use for the segment dimension. Depending on the value of the `DimensionType` property, endpoints are included or excluded from the segment if their values match the criteria values.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Pinpoint::Campaign.Template": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the message template to use for the message. If specified, this value must match the name of an existing message template.", + "title": "Name", + "type": "string" + }, + "Version": { + "markdownDescription": "The unique identifier for the version of the message template to use for the message. If specified, this value must match the identifier for an existing template version. To retrieve a list of versions and version identifiers for a template, use the [Template Versions](https://docs.aws.amazon.com/pinpoint/latest/apireference/templates-template-name-template-type-versions.html) resource.\n\nIf you don't specify a value for this property, Amazon Pinpoint uses the *active version* of the template. The *active version* is typically the version of a template that's been most recently reviewed and approved for use, depending on your workflow. It isn't necessarily the latest version of a template.", + "title": "Version", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Pinpoint::Campaign.TemplateConfiguration": { + "additionalProperties": false, + "properties": { + "EmailTemplate": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.Template", + "markdownDescription": "The email template to use for the message.", + "title": "EmailTemplate" + }, + "PushTemplate": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.Template", + "markdownDescription": "The push notification template to use for the message.", + "title": "PushTemplate" + }, + "SMSTemplate": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.Template", + "markdownDescription": "The SMS template to use for the message.", + "title": "SMSTemplate" + }, + "VoiceTemplate": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.Template", + "markdownDescription": "The voice template to use for the message. This object isn't supported for campaigns.", + "title": "VoiceTemplate" + } + }, + "type": "object" + }, + "AWS::Pinpoint::Campaign.WriteTreatmentResource": { + "additionalProperties": false, + "properties": { + "CustomDeliveryConfiguration": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.CustomDeliveryConfiguration", + "markdownDescription": "The delivery configuration settings for sending the treatment through a custom channel. This object is required if the `MessageConfiguration` object for the treatment specifies a `CustomMessage` object.", + "title": "CustomDeliveryConfiguration" + }, + "MessageConfiguration": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.MessageConfiguration", + "markdownDescription": "The message configuration settings for the treatment.", + "title": "MessageConfiguration" + }, + "Schedule": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.Schedule", + "markdownDescription": "The schedule settings for the treatment.", + "title": "Schedule" + }, + "SizePercent": { + "markdownDescription": "The allocated percentage of users (segment members) to send the treatment to.", + "title": "SizePercent", + "type": "number" + }, + "TemplateConfiguration": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.TemplateConfiguration", + "markdownDescription": "The message template to use for the treatment.", + "title": "TemplateConfiguration" + }, + "TreatmentDescription": { + "markdownDescription": "A custom description of the treatment.", + "title": "TreatmentDescription", + "type": "string" + }, + "TreatmentName": { + "markdownDescription": "A custom name for the treatment.", + "title": "TreatmentName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Pinpoint::EmailChannel": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The unique identifier for the Amazon Pinpoint application that you're specifying the email channel for.", + "title": "ApplicationId", + "type": "string" + }, + "ConfigurationSet": { + "markdownDescription": "The [Amazon SES configuration set](https://docs.aws.amazon.com/ses/latest/APIReference/API_ConfigurationSet.html) that you want to apply to messages that you send through the channel.", + "title": "ConfigurationSet", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Specifies whether to enable the email channel for the application.", + "title": "Enabled", + "type": "boolean" + }, + "FromAddress": { + "markdownDescription": "The verified email address that you want to send email from when you send email through the channel.", + "title": "FromAddress", + "type": "string" + }, + "Identity": { + "markdownDescription": "The Amazon Resource Name (ARN) of the identity, verified with Amazon Simple Email Service (Amazon SES), that you want to use when you send email through the channel.", + "title": "Identity", + "type": "string" + }, + "OrchestrationSendingRoleArn": { + "markdownDescription": "The ARN of an IAM role for Amazon Pinpoint to use to send email from your campaigns or journeys through Amazon SES .", + "title": "OrchestrationSendingRoleArn", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the AWS Identity and Access Management (IAM) role that you want Amazon Pinpoint to use when it submits email-related event data for the channel.", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "ApplicationId", + "FromAddress", + "Identity" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Pinpoint::EmailChannel" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Pinpoint::EmailTemplate": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DefaultSubstitutions": { + "markdownDescription": "A JSON object that specifies the default values to use for message variables in the message template. This object is a set of key-value pairs. Each key defines a message variable in the template. The corresponding value defines the default value for that variable. When you create a message that's based on the template, you can override these defaults with message-specific and address-specific variables and values.", + "title": "DefaultSubstitutions", + "type": "string" + }, + "HtmlPart": { + "markdownDescription": "The message body, in HTML format, to use in email messages that are based on the message template. We recommend using HTML format for email clients that render HTML content. You can include links, formatted text, and more in an HTML message.", + "title": "HtmlPart", + "type": "string" + }, + "Subject": { + "markdownDescription": "The subject line, or title, to use in email messages that are based on the message template.", + "title": "Subject", + "type": "string" + }, + "Tags": { + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "object" + }, + "TemplateDescription": { + "markdownDescription": "A custom description of the message template.", + "title": "TemplateDescription", + "type": "string" + }, + "TemplateName": { + "markdownDescription": "The name of the message template.", + "title": "TemplateName", + "type": "string" + }, + "TextPart": { + "markdownDescription": "The message body, in plain text format, to use in email messages that are based on the message template. We recommend using plain text format for email clients that don't render HTML content and clients that are connected to high-latency networks, such as mobile devices.", + "title": "TextPart", + "type": "string" + } + }, + "required": [ + "Subject", + "TemplateName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Pinpoint::EmailTemplate" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Pinpoint::EventStream": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The unique identifier for the Amazon Pinpoint application that you want to export data from.", + "title": "ApplicationId", + "type": "string" + }, + "DestinationStreamArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Kinesis Data Stream or Amazon Data Firehose delivery stream that you want to publish event data to.\n\nFor a Kinesis Data Stream, the ARN format is: `arn:aws:kinesis: region : account-id :stream/ stream_name`\n\nFor a Firehose delivery stream, the ARN format is: `arn:aws:firehose: region : account-id :deliverystream/ stream_name`", + "title": "DestinationStreamArn", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The AWS Identity and Access Management (IAM) role that authorizes Amazon Pinpoint to publish event data to the stream in your AWS account.", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "ApplicationId", + "DestinationStreamArn", + "RoleArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Pinpoint::EventStream" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Pinpoint::GCMChannel": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApiKey": { + "markdownDescription": "The Web API key, also called the *server key* , that you received from Google to communicate with Google services.", + "title": "ApiKey", + "type": "string" + }, + "ApplicationId": { + "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the GCM channel applies to.", + "title": "ApplicationId", + "type": "string" + }, + "DefaultAuthenticationMethod": { + "markdownDescription": "The default authentication method used for GCM. Values are either \"TOKEN\" or \"KEY\". Defaults to \"KEY\".", + "title": "DefaultAuthenticationMethod", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Specifies whether to enable the GCM channel for the Amazon Pinpoint application.", + "title": "Enabled", + "type": "boolean" + }, + "ServiceJson": { + "markdownDescription": "The contents of the JSON file provided by Google during registration in order to generate an access token for authentication. For more information see [Migrate from legacy FCM APIs to HTTP v1](https://docs.aws.amazon.com/https://firebase.google.com/docs/cloud-messaging/migrate-v1) .", + "title": "ServiceJson", + "type": "string" + } + }, + "required": [ + "ApplicationId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Pinpoint::GCMChannel" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Pinpoint::InAppTemplate": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Content": { + "items": { + "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.InAppMessageContent" + }, + "markdownDescription": "An object that contains information about the content of an in-app message, including its title and body text, text colors, background colors, images, buttons, and behaviors.", + "title": "Content", + "type": "array" + }, + "CustomConfig": { + "markdownDescription": "Custom data, in the form of key-value pairs, that is included in an in-app messaging payload.", + "title": "CustomConfig", + "type": "object" + }, + "Layout": { + "markdownDescription": "A string that determines the appearance of the in-app message. You can specify one of the following:\n\n- `BOTTOM_BANNER` \u2013 a message that appears as a banner at the bottom of the page.\n- `TOP_BANNER` \u2013 a message that appears as a banner at the top of the page.\n- `OVERLAYS` \u2013 a message that covers entire screen.\n- `MOBILE_FEED` \u2013 a message that appears in a window in front of the page.\n- `MIDDLE_BANNER` \u2013 a message that appears as a banner in the middle of the page.\n- `CAROUSEL` \u2013 a scrollable layout of up to five unique messages.", + "title": "Layout", + "type": "string" + }, + "Tags": { + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "object" + }, + "TemplateDescription": { + "markdownDescription": "An optional description of the in-app template.", + "title": "TemplateDescription", + "type": "string" + }, + "TemplateName": { + "markdownDescription": "The name of the in-app message template.", + "title": "TemplateName", + "type": "string" + } + }, + "required": [ + "TemplateName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Pinpoint::InAppTemplate" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Pinpoint::InAppTemplate.BodyConfig": { + "additionalProperties": false, + "properties": { + "Alignment": { + "markdownDescription": "The text alignment of the main body text of the message. Acceptable values: `LEFT` , `CENTER` , `RIGHT` .", + "title": "Alignment", + "type": "string" + }, + "Body": { + "markdownDescription": "The main body text of the message.", + "title": "Body", + "type": "string" + }, + "TextColor": { + "markdownDescription": "The color of the body text, expressed as a hex color code (such as #000000 for black).", + "title": "TextColor", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Pinpoint::InAppTemplate.ButtonConfig": { + "additionalProperties": false, + "properties": { + "Android": { + "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.OverrideButtonConfiguration", + "markdownDescription": "Optional button configuration to use for in-app messages sent to Android devices. This button configuration overrides the default button configuration.", + "title": "Android" + }, + "DefaultConfig": { + "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.DefaultButtonConfiguration", + "markdownDescription": "Specifies the default behavior of a button that appears in an in-app message. You can optionally add button configurations that specifically apply to iOS, Android, or web browser users.", + "title": "DefaultConfig" + }, + "IOS": { + "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.OverrideButtonConfiguration", + "markdownDescription": "Optional button configuration to use for in-app messages sent to iOS devices. This button configuration overrides the default button configuration.", + "title": "IOS" + }, + "Web": { + "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.OverrideButtonConfiguration", + "markdownDescription": "Optional button configuration to use for in-app messages sent to web applications. This button configuration overrides the default button configuration.", + "title": "Web" + } + }, + "type": "object" + }, + "AWS::Pinpoint::InAppTemplate.DefaultButtonConfiguration": { + "additionalProperties": false, + "properties": { + "BackgroundColor": { + "markdownDescription": "The background color of a button, expressed as a hex color code (such as #000000 for black).", + "title": "BackgroundColor", + "type": "string" + }, + "BorderRadius": { + "markdownDescription": "The border radius of a button.", + "title": "BorderRadius", + "type": "number" + }, + "ButtonAction": { + "markdownDescription": "The action that occurs when a recipient chooses a button in an in-app message. You can specify one of the following:\n\n- `LINK` \u2013 A link to a web destination.\n- `DEEP_LINK` \u2013 A link to a specific page in an application.\n- `CLOSE` \u2013 Dismisses the message.", + "title": "ButtonAction", + "type": "string" + }, + "Link": { + "markdownDescription": "The destination (such as a URL) for a button.", + "title": "Link", + "type": "string" + }, + "Text": { + "markdownDescription": "The text that appears on a button in an in-app message.", + "title": "Text", + "type": "string" + }, + "TextColor": { + "markdownDescription": "The color of the body text in a button, expressed as a hex color code (such as #000000 for black).", + "title": "TextColor", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Pinpoint::InAppTemplate.HeaderConfig": { + "additionalProperties": false, + "properties": { + "Alignment": { + "markdownDescription": "The text alignment of the title of the message. Acceptable values: `LEFT` , `CENTER` , `RIGHT` .", + "title": "Alignment", + "type": "string" + }, + "Header": { + "markdownDescription": "The title text of the in-app message.", + "title": "Header", + "type": "string" + }, + "TextColor": { + "markdownDescription": "The color of the title text, expressed as a hex color code (such as #000000 for black).", + "title": "TextColor", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Pinpoint::InAppTemplate.InAppMessageContent": { + "additionalProperties": false, + "properties": { + "BackgroundColor": { + "markdownDescription": "The background color for an in-app message banner, expressed as a hex color code (such as #000000 for black).", + "title": "BackgroundColor", + "type": "string" + }, + "BodyConfig": { + "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.BodyConfig", + "markdownDescription": "An object that contains configuration information about the header or title text of the in-app message.", + "title": "BodyConfig" + }, + "HeaderConfig": { + "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.HeaderConfig", + "markdownDescription": "An object that contains configuration information about the header or title text of the in-app message.", + "title": "HeaderConfig" + }, + "ImageUrl": { + "markdownDescription": "The URL of the image that appears on an in-app message banner.", + "title": "ImageUrl", + "type": "string" + }, + "PrimaryBtn": { + "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.ButtonConfig", + "markdownDescription": "An object that contains configuration information about the primary button in an in-app message.", + "title": "PrimaryBtn" + }, + "SecondaryBtn": { + "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.ButtonConfig", + "markdownDescription": "An object that contains configuration information about the secondary button in an in-app message.", + "title": "SecondaryBtn" + } + }, + "type": "object" + }, + "AWS::Pinpoint::InAppTemplate.OverrideButtonConfiguration": { + "additionalProperties": false, + "properties": { + "ButtonAction": { + "markdownDescription": "The action that occurs when a recipient chooses a button in an in-app message. You can specify one of the following:\n\n- `LINK` \u2013 A link to a web destination.\n- `DEEP_LINK` \u2013 A link to a specific page in an application.\n- `CLOSE` \u2013 Dismisses the message.", + "title": "ButtonAction", + "type": "string" + }, + "Link": { + "markdownDescription": "The destination (such as a URL) for a button.", + "title": "Link", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Pinpoint::PushTemplate": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ADM": { + "$ref": "#/definitions/AWS::Pinpoint::PushTemplate.AndroidPushNotificationTemplate", + "markdownDescription": "The message template to use for the ADM (Amazon Device Messaging) channel. This message template overrides the default template for push notification channels ( `Default` ).", + "title": "ADM" + }, + "APNS": { + "$ref": "#/definitions/AWS::Pinpoint::PushTemplate.APNSPushNotificationTemplate", + "markdownDescription": "The message template to use for the APNs (Apple Push Notification service) channel. This message template overrides the default template for push notification channels ( `Default` ).", + "title": "APNS" + }, + "Baidu": { + "$ref": "#/definitions/AWS::Pinpoint::PushTemplate.AndroidPushNotificationTemplate", + "markdownDescription": "The message template to use for the Baidu (Baidu Cloud Push) channel. This message template overrides the default template for push notification channels ( `Default` ).", + "title": "Baidu" + }, + "Default": { + "$ref": "#/definitions/AWS::Pinpoint::PushTemplate.DefaultPushNotificationTemplate", + "markdownDescription": "The default message template to use for push notification channels.", + "title": "Default" + }, + "DefaultSubstitutions": { + "markdownDescription": "A JSON object that specifies the default values to use for message variables in the message template. This object is a set of key-value pairs. Each key defines a message variable in the template. The corresponding value defines the default value for that variable. When you create a message that's based on the template, you can override these defaults with message-specific and address-specific variables and values.", + "title": "DefaultSubstitutions", + "type": "string" + }, + "GCM": { + "$ref": "#/definitions/AWS::Pinpoint::PushTemplate.AndroidPushNotificationTemplate", + "markdownDescription": "The message template to use for the GCM channel, which is used to send notifications through the Firebase Cloud Messaging (FCM), formerly Google Cloud Messaging (GCM), service. This message template overrides the default template for push notification channels ( `Default` ).", + "title": "GCM" + }, + "Tags": { + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "object" + }, + "TemplateDescription": { + "markdownDescription": "A custom description of the message template.", + "title": "TemplateDescription", + "type": "string" + }, + "TemplateName": { + "markdownDescription": "The name of the message template to use for the message. If specified, this value must match the name of an existing message template.", + "title": "TemplateName", + "type": "string" + } + }, + "required": [ + "TemplateName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Pinpoint::PushTemplate" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Pinpoint::PushTemplate.APNSPushNotificationTemplate": { + "additionalProperties": false, + "properties": { + "Action": { + "markdownDescription": "The action to occur if a recipient taps a push notification that's based on the message template. Valid values are:\n\n- `OPEN_APP` \u2013 Your app opens or it becomes the foreground app if it was sent to the background. This is the default action.\n- `DEEP_LINK` \u2013 Your app opens and displays a designated user interface in the app. This setting uses the deep-linking features of the iOS platform.\n- `URL` \u2013 The default mobile browser on the recipient's device opens and loads the web page at a URL that you specify.", + "title": "Action", + "type": "string" + }, + "Body": { + "markdownDescription": "The message body to use in push notifications that are based on the message template.", + "title": "Body", + "type": "string" + }, + "MediaUrl": { + "markdownDescription": "The URL of an image or video to display in push notifications that are based on the message template.", + "title": "MediaUrl", + "type": "string" + }, + "Sound": { + "markdownDescription": "The key for the sound to play when the recipient receives a push notification that's based on the message template. The value for this key is the name of a sound file in your app's main bundle or the `Library/Sounds` folder in your app's data container. If the sound file can't be found or you specify `default` for the value, the system plays the default alert sound.", + "title": "Sound", + "type": "string" + }, + "Title": { + "markdownDescription": "The title to use in push notifications that are based on the message template. This title appears above the notification message on a recipient's device.", + "title": "Title", + "type": "string" + }, + "Url": { + "markdownDescription": "The URL to open in the recipient's default mobile browser, if a recipient taps a push notification that's based on the message template and the value of the `Action` property is `URL` .", + "title": "Url", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Pinpoint::PushTemplate.AndroidPushNotificationTemplate": { + "additionalProperties": false, + "properties": { + "Action": { + "markdownDescription": "The action to occur if a recipient taps a push notification that's based on the message template. Valid values are:\n\n- `OPEN_APP` \u2013 Your app opens or it becomes the foreground app if it was sent to the background. This is the default action.\n- `DEEP_LINK` \u2013 Your app opens and displays a designated user interface in the app. This action uses the deep-linking features of the Android platform.\n- `URL` \u2013 The default mobile browser on the recipient's device opens and loads the web page at a URL that you specify.", + "title": "Action", + "type": "string" + }, + "Body": { + "markdownDescription": "The message body to use in a push notification that's based on the message template.", + "title": "Body", + "type": "string" + }, + "ImageIconUrl": { + "markdownDescription": "The URL of the large icon image to display in the content view of a push notification that's based on the message template.", + "title": "ImageIconUrl", + "type": "string" + }, + "ImageUrl": { + "markdownDescription": "The URL of an image to display in a push notification that's based on the message template.", + "title": "ImageUrl", + "type": "string" + }, + "SmallImageIconUrl": { + "markdownDescription": "The URL of the small icon image to display in the status bar and the content view of a push notification that's based on the message template.", + "title": "SmallImageIconUrl", + "type": "string" + }, + "Sound": { + "markdownDescription": "The sound to play when a recipient receives a push notification that's based on the message template. You can use the default stream or specify the file name of a sound resource that's bundled in your app. On an Android platform, the sound file must reside in `/res/raw/` .", + "title": "Sound", + "type": "string" + }, + "Title": { + "markdownDescription": "The title to use in a push notification that's based on the message template. This title appears above the notification message on a recipient's device.", + "title": "Title", + "type": "string" + }, + "Url": { + "markdownDescription": "The URL to open in a recipient's default mobile browser, if a recipient taps a push notification that's based on the message template and the value of the `Action` property is `URL` .", + "title": "Url", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Pinpoint::PushTemplate.DefaultPushNotificationTemplate": { + "additionalProperties": false, + "properties": { + "Action": { + "markdownDescription": "The action to occur if a recipient taps a push notification that's based on the message template. Valid values are:\n\n- `OPEN_APP` \u2013 Your app opens or it becomes the foreground app if it was sent to the background. This is the default action.\n- `DEEP_LINK` \u2013 Your app opens and displays a designated user interface in the app. This setting uses the deep-linking features of the iOS and Android platforms.\n- `URL` \u2013 The default mobile browser on the recipient's device opens and loads the web page at a URL that you specify.", + "title": "Action", + "type": "string" + }, + "Body": { + "markdownDescription": "The message body to use in push notifications that are based on the message template.", + "title": "Body", + "type": "string" + }, + "Sound": { + "markdownDescription": "The sound to play when a recipient receives a push notification that's based on the message template. You can use the default stream or specify the file name of a sound resource that's bundled in your app. On an Android platform, the sound file must reside in `/res/raw/` .\n\nFor an iOS platform, this value is the key for the name of a sound file in your app's main bundle or the `Library/Sounds` folder in your app's data container. If the sound file can't be found or you specify `default` for the value, the system plays the default alert sound.", + "title": "Sound", + "type": "string" + }, + "Title": { + "markdownDescription": "The title to use in push notifications that are based on the message template. This title appears above the notification message on a recipient's device.", + "title": "Title", + "type": "string" + }, + "Url": { + "markdownDescription": "The URL to open in a recipient's default mobile browser, if a recipient taps a push notification that's based on the message template and the value of the `Action` property is `URL` .", + "title": "Url", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Pinpoint::SMSChannel": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the SMS channel applies to.", + "title": "ApplicationId", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Specifies whether to enable the SMS channel for the application.", + "title": "Enabled", + "type": "boolean" + }, + "SenderId": { + "markdownDescription": "The identity that you want to display on recipients' devices when they receive messages from the SMS channel.\n\n> SenderIDs are only supported in certain countries and regions. For more information, see [Supported Countries and Regions](https://docs.aws.amazon.com/pinpoint/latest/userguide/channels-sms-countries.html) in the *Amazon Pinpoint User Guide* .", + "title": "SenderId", + "type": "string" + }, + "ShortCode": { + "markdownDescription": "The registered short code that you want to use when you send messages through the SMS channel.\n\n> For information about obtaining a dedicated short code for sending SMS messages, see [Requesting Dedicated Short Codes for SMS Messaging with Amazon Pinpoint](https://docs.aws.amazon.com/pinpoint/latest/userguide/channels-sms-awssupport-short-code.html) in the *Amazon Pinpoint User Guide* .", + "title": "ShortCode", + "type": "string" + } + }, + "required": [ + "ApplicationId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Pinpoint::SMSChannel" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Pinpoint::Segment": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the segment is associated with.", + "title": "ApplicationId", + "type": "string" + }, + "Dimensions": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.SegmentDimensions", + "markdownDescription": "An array that defines the dimensions for the segment.", + "title": "Dimensions" + }, + "Name": { + "markdownDescription": "The name of the segment.\n\n> A segment must have a name otherwise it will not appear in the Amazon Pinpoint console.", + "title": "Name", + "type": "string" + }, + "SegmentGroups": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.SegmentGroups", + "markdownDescription": "The segment group to use and the dimensions to apply to the group's base segments in order to build the segment. A segment group can consist of zero or more base segments. Your request can include only one segment group.", + "title": "SegmentGroups" + }, + "Tags": { + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "object" + } + }, + "required": [ + "ApplicationId", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Pinpoint::Segment" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Pinpoint::Segment.AttributeDimension": { + "additionalProperties": false, + "properties": { + "AttributeType": { + "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "AWS::Pinpoint::Segment.Behavior": { + "additionalProperties": false, + "properties": { + "Recency": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.Recency", + "markdownDescription": "Specifies how recently segment members were active.", + "title": "Recency" + } + }, + "type": "object" + }, + "AWS::Pinpoint::Segment.Coordinates": { + "additionalProperties": false, + "properties": { + "Latitude": { + "markdownDescription": "The latitude coordinate of the location.", + "title": "Latitude", + "type": "number" + }, + "Longitude": { + "markdownDescription": "The longitude coordinate of the location.", + "title": "Longitude", + "type": "number" + } + }, + "required": [ + "Latitude", + "Longitude" + ], + "type": "object" + }, + "AWS::Pinpoint::Segment.Demographic": { + "additionalProperties": false, + "properties": { + "AppVersion": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", + "markdownDescription": "The app version criteria for the segment.", + "title": "AppVersion" + }, + "Channel": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", + "markdownDescription": "The channel criteria for the segment.", + "title": "Channel" + }, + "DeviceType": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", + "markdownDescription": "The device type criteria for the segment.", + "title": "DeviceType" + }, + "Make": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", + "markdownDescription": "The device make criteria for the segment.", + "title": "Make" + }, + "Model": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", + "markdownDescription": "The device model criteria for the segment.", + "title": "Model" + }, + "Platform": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", + "markdownDescription": "The device platform criteria for the segment.", + "title": "Platform" + } + }, + "type": "object" + }, + "AWS::Pinpoint::Segment.GPSPoint": { + "additionalProperties": false, + "properties": { + "Coordinates": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.Coordinates", + "markdownDescription": "The GPS coordinates to measure distance from.", + "title": "Coordinates" + }, + "RangeInKilometers": { + "markdownDescription": "The range, in kilometers, from the GPS coordinates.", + "title": "RangeInKilometers", + "type": "number" + } + }, + "required": [ + "Coordinates", + "RangeInKilometers" + ], + "type": "object" + }, + "AWS::Pinpoint::Segment.Groups": { + "additionalProperties": false, + "properties": { + "Dimensions": { + "items": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.SegmentDimensions" + }, + "markdownDescription": "An array that defines the dimensions to include or exclude from the segment.", + "title": "Dimensions", + "type": "array" + }, + "SourceSegments": { + "items": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.SourceSegments" + }, + "markdownDescription": "The base segment to build the segment on. A base segment, also called a *source segment* , defines the initial population of endpoints for a segment. When you add dimensions to the segment, Amazon Pinpoint filters the base segment by using the dimensions that you specify.\n\nYou can specify more than one dimensional segment or only one imported segment. If you specify an imported segment, the segment size estimate that displays on the Amazon Pinpoint console indicates the size of the imported segment without any filters applied to it.", + "title": "SourceSegments", + "type": "array" + }, + "SourceType": { + "markdownDescription": "Specifies how to handle multiple base segments for the segment. For example, if you specify three base segments for the segment, whether the resulting segment is based on all, any, or none of the base segments.", + "title": "SourceType", + "type": "string" + }, + "Type": { + "markdownDescription": "Specifies how to handle multiple dimensions for the segment. For example, if you specify three dimensions for the segment, whether the resulting segment includes endpoints that match all, any, or none of the dimensions.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Pinpoint::Segment.Location": { + "additionalProperties": false, + "properties": { + "Country": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", + "markdownDescription": "The country or region code, in ISO 3166-1 alpha-2 format, for the segment.", + "title": "Country" + }, + "GPSPoint": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.GPSPoint", + "markdownDescription": "The GPS point dimension for the segment.", + "title": "GPSPoint" + } + }, + "type": "object" + }, + "AWS::Pinpoint::Segment.Recency": { + "additionalProperties": false, + "properties": { + "Duration": { + "markdownDescription": "The duration to use when determining which users have been active or inactive with your app.\n\nPossible values: `HR_24` | `DAY_7` | `DAY_14` | `DAY_30` .", + "title": "Duration", + "type": "string" + }, + "RecencyType": { + "markdownDescription": "The type of recency dimension to use for the segment. Valid values are: `ACTIVE` and `INACTIVE` . If the value is `ACTIVE` , the segment includes users who have used your app within the specified duration are included in the segment. If the value is `INACTIVE` , the segment includes users who haven't used your app within the specified duration are included in the segment.", + "title": "RecencyType", + "type": "string" + } + }, + "required": [ + "Duration", + "RecencyType" + ], + "type": "object" + }, + "AWS::Pinpoint::Segment.SegmentDimensions": { + "additionalProperties": false, + "properties": { + "Attributes": { + "markdownDescription": "One or more custom attributes to use as criteria for the segment. For more information see [AttributeDimension](https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-segments.html#apps-application-id-segments-model-attributedimension)", + "title": "Attributes", + "type": "object" + }, + "Behavior": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.Behavior", + "markdownDescription": "The behavior-based criteria, such as how recently users have used your app, for the segment.", + "title": "Behavior" + }, + "Demographic": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.Demographic", + "markdownDescription": "The demographic-based criteria, such as device platform, for the segment.", + "title": "Demographic" + }, + "Location": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.Location", + "markdownDescription": "The location-based criteria, such as region or GPS coordinates, for the segment.", + "title": "Location" + }, + "Metrics": { + "markdownDescription": "One or more custom metrics to use as criteria for the segment.", + "title": "Metrics", + "type": "object" + }, + "UserAttributes": { + "markdownDescription": "One or more custom user attributes to use as criteria for the segment.", + "title": "UserAttributes", + "type": "object" + } + }, + "type": "object" + }, + "AWS::Pinpoint::Segment.SegmentGroups": { + "additionalProperties": false, + "properties": { + "Groups": { + "items": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.Groups" + }, + "markdownDescription": "Specifies the set of segment criteria to evaluate when handling segment groups for the segment.", + "title": "Groups", + "type": "array" + }, + "Include": { + "markdownDescription": "Specifies how to handle multiple segment groups for the segment. For example, if the segment includes three segment groups, whether the resulting segment includes endpoints that match all, any, or none of the segment groups.", + "title": "Include", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Pinpoint::Segment.SetDimension": { + "additionalProperties": false, + "properties": { + "DimensionType": { + "markdownDescription": "The type of segment dimension to use. Valid values are: `INCLUSIVE` , endpoints that match the criteria are included in the segment; and, `EXCLUSIVE` , endpoints that match the criteria are excluded from the segment.", + "title": "DimensionType", + "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The criteria values to use for the segment dimension. Depending on the value of the `DimensionType` property, endpoints are included or excluded from the segment if their values match the criteria values.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Pinpoint::Segment.SourceSegments": { + "additionalProperties": false, + "properties": { + "Id": { + "markdownDescription": "The unique identifier for the source segment.", + "title": "Id", + "type": "string" + }, + "Version": { + "markdownDescription": "The version number of the source segment.", + "title": "Version", + "type": "number" + } + }, + "required": [ + "Id" + ], + "type": "object" + }, + "AWS::Pinpoint::SmsTemplate": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Body": { + "markdownDescription": "The message body to use in text messages that are based on the message template.", + "title": "Body", + "type": "string" + }, + "DefaultSubstitutions": { + "markdownDescription": "A JSON object that specifies the default values to use for message variables in the message template. This object is a set of key-value pairs. Each key defines a message variable in the template. The corresponding value defines the default value for that variable. When you create a message that's based on the template, you can override these defaults with message-specific and address-specific variables and values.", + "title": "DefaultSubstitutions", + "type": "string" + }, + "Tags": { + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "object" + }, + "TemplateDescription": { + "markdownDescription": "A custom description of the message template.", + "title": "TemplateDescription", + "type": "string" + }, + "TemplateName": { + "markdownDescription": "The name of the message template to use for the message. If specified, this value must match the name of an existing message template.", + "title": "TemplateName", + "type": "string" + } + }, + "required": [ + "Body", + "TemplateName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Pinpoint::SmsTemplate" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Pinpoint::VoiceChannel": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the voice channel applies to.", + "title": "ApplicationId", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Specifies whether to enable the voice channel for the application.", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "ApplicationId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Pinpoint::VoiceChannel" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::PinpointEmail::ConfigurationSet": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DeliveryOptions": { + "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSet.DeliveryOptions", + "markdownDescription": "An object that defines the dedicated IP pool that is used to send emails that you send using the configuration set.", + "title": "DeliveryOptions" + }, + "Name": { + "markdownDescription": "The name of the configuration set.", + "title": "Name", + "type": "string" + }, + "ReputationOptions": { + "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSet.ReputationOptions", + "markdownDescription": "An object that defines whether or not Amazon Pinpoint collects reputation metrics for the emails that you send that use the configuration set.", + "title": "ReputationOptions" + }, + "SendingOptions": { + "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSet.SendingOptions", + "markdownDescription": "An object that defines whether or not Amazon Pinpoint can send email that you send using the configuration set.", + "title": "SendingOptions" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSet.Tags" + }, + "markdownDescription": "An object that defines the tags (keys and values) that you want to associate with the configuration set.", + "title": "Tags", + "type": "array" + }, + "TrackingOptions": { + "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSet.TrackingOptions", + "markdownDescription": "An object that defines the open and click tracking options for emails that you send using the configuration set.", + "title": "TrackingOptions" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::PinpointEmail::ConfigurationSet" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::PinpointEmail::ConfigurationSet.DeliveryOptions": { + "additionalProperties": false, + "properties": { + "SendingPoolName": { + "markdownDescription": "The name of the dedicated IP pool that you want to associate with the configuration set.", + "title": "SendingPoolName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::PinpointEmail::ConfigurationSet.ReputationOptions": { + "additionalProperties": false, + "properties": { + "ReputationMetricsEnabled": { + "markdownDescription": "If `true` , tracking of reputation metrics is enabled for the configuration set. If `false` , tracking of reputation metrics is disabled for the configuration set.", + "title": "ReputationMetricsEnabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::PinpointEmail::ConfigurationSet.SendingOptions": { + "additionalProperties": false, + "properties": { + "SendingEnabled": { + "markdownDescription": "If `true` , email sending is enabled for the configuration set. If `false` , email sending is disabled for the configuration set.", + "title": "SendingEnabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::PinpointEmail::ConfigurationSet.Tags": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "One part of a key-value pair that defines a tag. The maximum length of a tag key is 128 characters. The minimum length is 1 character.\n\nIf you specify tags for the configuration set, then this value is required.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The optional part of a key-value pair that defines a tag. The maximum length of a tag value is 256 characters. The minimum length is 0 characters. If you don\u2019t want a resource to have a specific tag value, don\u2019t specify a value for this parameter. Amazon Pinpoint will set the value to an empty string.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::PinpointEmail::ConfigurationSet.TrackingOptions": { + "additionalProperties": false, + "properties": { + "CustomRedirectDomain": { + "markdownDescription": "The domain that you want to use for tracking open and click events.", + "title": "CustomRedirectDomain", + "type": "string" + } + }, + "type": "object" + }, + "AWS::PinpointEmail::ConfigurationSetEventDestination": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ConfigurationSetName": { + "markdownDescription": "The name of the configuration set that contains the event destination that you want to modify.", + "title": "ConfigurationSetName", + "type": "string" + }, + "EventDestination": { + "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination.EventDestination", + "markdownDescription": "An object that defines the event destination.", + "title": "EventDestination" + }, + "EventDestinationName": { + "markdownDescription": "The name of the event destination that you want to modify.", + "title": "EventDestinationName", + "type": "string" + } + }, + "required": [ + "ConfigurationSetName", + "EventDestinationName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::PinpointEmail::ConfigurationSetEventDestination" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::PinpointEmail::ConfigurationSetEventDestination.CloudWatchDestination": { + "additionalProperties": false, + "properties": { + "DimensionConfigurations": { + "items": { + "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination.DimensionConfiguration" + }, + "markdownDescription": "An array of objects that define the dimensions to use when you send email events to Amazon CloudWatch.", + "title": "DimensionConfigurations", + "type": "array" + } + }, + "type": "object" + }, + "AWS::PinpointEmail::ConfigurationSetEventDestination.DimensionConfiguration": { + "additionalProperties": false, + "properties": { + "DefaultDimensionValue": { + "markdownDescription": "The default value of the dimension that is published to Amazon CloudWatch if you don't provide the value of the dimension when you send an email. This value has to meet the following criteria:\n\n- It can only contain ASCII letters (a\u2013z, A\u2013Z), numbers (0\u20139), underscores (_), or dashes (-).\n- It can contain no more than 256 characters.", + "title": "DefaultDimensionValue", + "type": "string" + }, + "DimensionName": { + "markdownDescription": "The name of an Amazon CloudWatch dimension associated with an email sending metric. The name has to meet the following criteria:\n\n- It can only contain ASCII letters (a\u2013z, A\u2013Z), numbers (0\u20139), underscores (_), or dashes (-).\n- It can contain no more than 256 characters.", + "title": "DimensionName", + "type": "string" + }, + "DimensionValueSource": { + "markdownDescription": "The location where Amazon Pinpoint finds the value of a dimension to publish to Amazon CloudWatch. Acceptable values: `MESSAGE_TAG` , `EMAIL_HEADER` , and `LINK_TAG` .\n\nIf you want Amazon Pinpoint to use the message tags that you specify using an `X-SES-MESSAGE-TAGS` header or a parameter to the `SendEmail` API, choose `MESSAGE_TAG` . If you want Amazon Pinpoint to use your own email headers, choose `EMAIL_HEADER` . If you want Amazon Pinpoint to use tags that are specified in your links, choose `LINK_TAG` .", + "title": "DimensionValueSource", + "type": "string" + } + }, + "required": [ + "DefaultDimensionValue", + "DimensionName", + "DimensionValueSource" + ], + "type": "object" + }, + "AWS::PinpointEmail::ConfigurationSetEventDestination.EventDestination": { + "additionalProperties": false, + "properties": { + "CloudWatchDestination": { + "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination.CloudWatchDestination", + "markdownDescription": "An object that defines an Amazon CloudWatch destination for email events. You can use Amazon CloudWatch to monitor and gain insights on your email sending metrics.", + "title": "CloudWatchDestination" + }, + "Enabled": { + "markdownDescription": "If `true` , the event destination is enabled. When the event destination is enabled, the specified event types are sent to the destinations in this `EventDestinationDefinition` .\n\nIf `false` , the event destination is disabled. When the event destination is disabled, events aren't sent to the specified destinations.", + "title": "Enabled", + "type": "boolean" + }, + "KinesisFirehoseDestination": { + "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination.KinesisFirehoseDestination", + "markdownDescription": "An object that defines an Amazon Kinesis Data Firehose destination for email events. You can use Amazon Kinesis Data Firehose to stream data to other services, such as Amazon S3 and Amazon Redshift.", + "title": "KinesisFirehoseDestination" + }, + "MatchingEventTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The types of events that Amazon Pinpoint sends to the specified event destinations. Acceptable values: `SEND` , `REJECT` , `BOUNCE` , `COMPLAINT` , `DELIVERY` , `OPEN` , `CLICK` , and `RENDERING_FAILURE` .", + "title": "MatchingEventTypes", + "type": "array" + }, + "PinpointDestination": { + "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination.PinpointDestination", + "markdownDescription": "An object that defines a Amazon Pinpoint destination for email events. You can use Amazon Pinpoint events to create attributes in Amazon Pinpoint projects. You can use these attributes to create segments for your campaigns.", + "title": "PinpointDestination" + }, + "SnsDestination": { + "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination.SnsDestination", + "markdownDescription": "An object that defines an Amazon SNS destination for email events. You can use Amazon SNS to send notification when certain email events occur.", + "title": "SnsDestination" + } + }, + "required": [ + "MatchingEventTypes" + ], + "type": "object" + }, + "AWS::PinpointEmail::ConfigurationSetEventDestination.KinesisFirehoseDestination": { + "additionalProperties": false, + "properties": { + "DeliveryStreamArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Kinesis Data Firehose stream that Amazon Pinpoint sends email events to.", + "title": "DeliveryStreamArn", + "type": "string" + }, + "IamRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that Amazon Pinpoint uses when sending email events to the Amazon Kinesis Data Firehose stream.", + "title": "IamRoleArn", + "type": "string" + } + }, + "required": [ + "DeliveryStreamArn", + "IamRoleArn" + ], + "type": "object" + }, + "AWS::PinpointEmail::ConfigurationSetEventDestination.PinpointDestination": { + "additionalProperties": false, + "properties": { + "ApplicationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Pinpoint project that you want to send email events to.", + "title": "ApplicationArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::PinpointEmail::ConfigurationSetEventDestination.SnsDestination": { + "additionalProperties": false, + "properties": { + "TopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic that you want to publish email events to. For more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) .", + "title": "TopicArn", + "type": "string" + } + }, + "required": [ + "TopicArn" + ], + "type": "object" + }, + "AWS::PinpointEmail::DedicatedIpPool": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "PoolName": { + "markdownDescription": "The name of the dedicated IP pool.", + "title": "PoolName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::PinpointEmail::DedicatedIpPool.Tags" + }, + "markdownDescription": "An object that defines the tags (keys and values) that you want to associate with the dedicated IP pool.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::PinpointEmail::DedicatedIpPool" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::PinpointEmail::DedicatedIpPool.Tags": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "One part of a key-value pair that defines a tag. The maximum length of a tag key is 128 characters. The minimum length is 1 character.\n\nIf you specify tags for the dedicated IP pool, then this value is required.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The optional part of a key-value pair that defines a tag. The maximum length of a tag value is 256 characters. The minimum length is 0 characters. If you don\u2019t want a resource to have a specific tag value, don\u2019t specify a value for this parameter. Amazon Pinpoint will set the value to an empty string.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::PinpointEmail::Identity": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DkimSigningEnabled": { + "markdownDescription": "For domain identities, this attribute is used to enable or disable DomainKeys Identified Mail (DKIM) signing for the domain.\n\nIf the value is `true` , then the messages that you send from the domain are signed using both the DKIM keys for your domain, as well as the keys for the `amazonses.com` domain. If the value is `false` , then the messages that you send are only signed using the DKIM keys for the `amazonses.com` domain.", + "title": "DkimSigningEnabled", + "type": "boolean" + }, + "FeedbackForwardingEnabled": { + "markdownDescription": "Used to enable or disable feedback forwarding for an identity. This setting determines what happens when an identity is used to send an email that results in a bounce or complaint event.\n\nWhen you enable feedback forwarding, Amazon Pinpoint sends you email notifications when bounce or complaint events occur. Amazon Pinpoint sends this notification to the address that you specified in the Return-Path header of the original email.\n\nWhen you disable feedback forwarding, Amazon Pinpoint sends notifications through other mechanisms, such as by notifying an Amazon SNS topic. You're required to have a method of tracking bounces and complaints. If you haven't set up another mechanism for receiving bounce or complaint notifications, Amazon Pinpoint sends an email notification when these events occur (even if this setting is disabled).", + "title": "FeedbackForwardingEnabled", + "type": "boolean" + }, + "MailFromAttributes": { + "$ref": "#/definitions/AWS::PinpointEmail::Identity.MailFromAttributes", + "markdownDescription": "Used to enable or disable the custom Mail-From domain configuration for an email identity.", + "title": "MailFromAttributes" + }, + "Name": { + "markdownDescription": "The address or domain of the identity, such as *sender@example.com* or *example.co.uk* .", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::PinpointEmail::Identity.Tags" + }, + "markdownDescription": "An object that defines the tags (keys and values) that you want to associate with the email identity.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::PinpointEmail::Identity" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::PinpointEmail::Identity.MailFromAttributes": { + "additionalProperties": false, + "properties": { + "BehaviorOnMxFailure": { + "markdownDescription": "The action that Amazon Pinpoint to takes if it can't read the required MX record for a custom MAIL FROM domain. When you set this value to `UseDefaultValue` , Amazon Pinpoint uses *amazonses.com* as the MAIL FROM domain. When you set this value to `RejectMessage` , Amazon Pinpoint returns a `MailFromDomainNotVerified` error, and doesn't attempt to deliver the email.\n\nThese behaviors are taken when the custom MAIL FROM domain configuration is in the `Pending` , `Failed` , and `TemporaryFailure` states.", + "title": "BehaviorOnMxFailure", + "type": "string" + }, + "MailFromDomain": { + "markdownDescription": "The name of a domain that an email identity uses as a custom MAIL FROM domain.", + "title": "MailFromDomain", + "type": "string" + } + }, + "type": "object" + }, + "AWS::PinpointEmail::Identity.Tags": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "One part of a key-value pair that defines a tag. The maximum length of a tag key is 128 characters. The minimum length is 1 character.\n\nIf you specify tags for the identity, then this value is required.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The optional part of a key-value pair that defines a tag. The maximum length of a tag value is 256 characters. The minimum length is 0 characters. If you don\u2019t want a resource to have a specific tag value, don\u2019t specify a value for this parameter. Amazon Pinpoint will set the value to an empty string.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Pipes::Pipe": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the pipe.", + "title": "Description", + "type": "string" + }, + "DesiredState": { + "markdownDescription": "The state the pipe should be in.", + "title": "DesiredState", + "type": "string" + }, + "Enrichment": { + "markdownDescription": "The ARN of the enrichment resource.", + "title": "Enrichment", + "type": "string" + }, + "EnrichmentParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeEnrichmentParameters", + "markdownDescription": "The parameters required to set up enrichment on your pipe.", + "title": "EnrichmentParameters" + }, + "KmsKeyIdentifier": { + "markdownDescription": "The identifier of the AWS KMS customer managed key for EventBridge to use, if you choose to use a customer managed key to encrypt pipe data. The identifier can be the key Amazon Resource Name (ARN), KeyId, key alias, or key alias ARN.\n\nTo update a pipe that is using the default AWS owned key to use a customer managed key instead, or update a pipe that is using a customer managed key to use a different customer managed key, specify a customer managed key identifier.\n\nTo update a pipe that is using a customer managed key to use the default AWS owned key , specify an empty string.\n\nFor more information, see [Managing keys](https://docs.aws.amazon.com/kms/latest/developerguide/getting-started.html) in the *AWS Key Management Service Developer Guide* .", + "title": "KmsKeyIdentifier", + "type": "string" + }, + "LogConfiguration": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeLogConfiguration", + "markdownDescription": "The logging configuration settings for the pipe.", + "title": "LogConfiguration" + }, + "Name": { + "markdownDescription": "The name of the pipe.", + "title": "Name", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the role that allows the pipe to send data to the target.", + "title": "RoleArn", + "type": "string" + }, + "Source": { + "markdownDescription": "The ARN of the source resource.", + "title": "Source", + "type": "string" + }, + "SourceParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceParameters", + "markdownDescription": "The parameters required to set up a source for your pipe.", + "title": "SourceParameters" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The list of key-value pairs to associate with the pipe.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "Target": { + "markdownDescription": "The ARN of the target resource.", + "title": "Target", + "type": "string" + }, + "TargetParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetParameters", + "markdownDescription": "The parameters required to set up a target for your pipe.\n\nFor more information about pipe target parameters, including how to use dynamic path parameters, see [Target parameters](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes-event-target.html) in the *Amazon EventBridge User Guide* .", + "title": "TargetParameters" + } + }, + "required": [ + "RoleArn", + "Source", + "Target" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Pipes::Pipe" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Pipes::Pipe.AwsVpcConfiguration": { + "additionalProperties": false, + "properties": { + "AssignPublicIp": { + "markdownDescription": "Specifies whether the task's elastic network interface receives a public IP address. You can specify `ENABLED` only when `LaunchType` in `EcsParameters` is set to `FARGATE` .", + "title": "AssignPublicIp", + "type": "string" + }, + "SecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the security groups associated with the task. These security groups must all be in the same VPC. You can specify as many as five security groups. If you do not specify a security group, the default security group for the VPC is used.", + "title": "SecurityGroups", + "type": "array" + }, + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the subnets associated with the task. These subnets must all be in the same VPC. You can specify as many as 16 subnets.", + "title": "Subnets", + "type": "array" + } + }, + "required": [ + "Subnets" + ], + "type": "object" + }, + "AWS::Pipes::Pipe.BatchArrayProperties": { + "additionalProperties": false, + "properties": { + "Size": { + "markdownDescription": "The size of the array, if this is an array batch job.", + "title": "Size", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Pipes::Pipe.BatchContainerOverrides": { + "additionalProperties": false, + "properties": { + "Command": { + "items": { + "type": "string" + }, + "markdownDescription": "The command to send to the container that overrides the default command from the Docker image or the task definition.", + "title": "Command", + "type": "array" + }, + "Environment": { + "items": { + "$ref": "#/definitions/AWS::Pipes::Pipe.BatchEnvironmentVariable" + }, + "markdownDescription": "The environment variables to send to the container. You can add new environment variables, which are added to the container at launch, or you can override the existing environment variables from the Docker image or the task definition.\n\n> Environment variables cannot start with \" `AWS Batch` \". This naming convention is reserved for variables that AWS Batch sets.", + "title": "Environment", + "type": "array" + }, + "InstanceType": { + "markdownDescription": "The instance type to use for a multi-node parallel job.\n\n> This parameter isn't applicable to single-node container jobs or jobs that run on Fargate resources, and shouldn't be provided.", + "title": "InstanceType", + "type": "string" + }, + "ResourceRequirements": { + "items": { + "$ref": "#/definitions/AWS::Pipes::Pipe.BatchResourceRequirement" + }, + "markdownDescription": "The type and amount of resources to assign to a container. This overrides the settings in the job definition. The supported resources include `GPU` , `MEMORY` , and `VCPU` .", + "title": "ResourceRequirements", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Pipes::Pipe.BatchEnvironmentVariable": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the key-value pair. For environment variables, this is the name of the environment variable.", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the key-value pair. For environment variables, this is the value of the environment variable.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Pipes::Pipe.BatchJobDependency": { + "additionalProperties": false, + "properties": { + "JobId": { + "markdownDescription": "The job ID of the AWS Batch job that's associated with this dependency.", + "title": "JobId", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the job dependency.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Pipes::Pipe.BatchResourceRequirement": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "The type of resource to assign to a container. The supported resources include `GPU` , `MEMORY` , and `VCPU` .", + "title": "Type", + "type": "string" + }, + "Value": { + "markdownDescription": "The quantity of the specified resource to reserve for the container. The values vary based on the `type` specified.\n\n- **type=\"GPU\"** - The number of physical GPUs to reserve for the container. Make sure that the number of GPUs reserved for all containers in a job doesn't exceed the number of available GPUs on the compute resource that the job is launched on.\n\n> GPUs aren't available for jobs that are running on Fargate resources.\n- **type=\"MEMORY\"** - The memory hard limit (in MiB) present to the container. This parameter is supported for jobs that are running on EC2 resources. If your container attempts to exceed the memory specified, the container is terminated. This parameter maps to `Memory` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--memory` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . You must specify at least 4 MiB of memory for a job. This is required but can be specified in several places for multi-node parallel (MNP) jobs. It must be specified for each node at least once. This parameter maps to `Memory` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--memory` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) .\n\n> If you're trying to maximize your resource utilization by providing your jobs as much memory as possible for a particular instance type, see [Memory management](https://docs.aws.amazon.com/batch/latest/userguide/memory-management.html) in the *AWS Batch User Guide* . \n\nFor jobs that are running on Fargate resources, then `value` is the hard limit (in MiB), and must match one of the supported values and the `VCPU` values must be one of the values supported for that memory value.\n\n- **value = 512** - `VCPU` = 0.25\n- **value = 1024** - `VCPU` = 0.25 or 0.5\n- **value = 2048** - `VCPU` = 0.25, 0.5, or 1\n- **value = 3072** - `VCPU` = 0.5, or 1\n- **value = 4096** - `VCPU` = 0.5, 1, or 2\n- **value = 5120, 6144, or 7168** - `VCPU` = 1 or 2\n- **value = 8192** - `VCPU` = 1, 2, 4, or 8\n- **value = 9216, 10240, 11264, 12288, 13312, 14336, or 15360** - `VCPU` = 2 or 4\n- **value = 16384** - `VCPU` = 2, 4, or 8\n- **value = 17408, 18432, 19456, 21504, 22528, 23552, 25600, 26624, 27648, 29696, or 30720** - `VCPU` = 4\n- **value = 20480, 24576, or 28672** - `VCPU` = 4 or 8\n- **value = 36864, 45056, 53248, or 61440** - `VCPU` = 8\n- **value = 32768, 40960, 49152, or 57344** - `VCPU` = 8 or 16\n- **value = 65536, 73728, 81920, 90112, 98304, 106496, 114688, or 122880** - `VCPU` = 16\n- **type=\"VCPU\"** - The number of vCPUs reserved for the container. This parameter maps to `CpuShares` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--cpu-shares` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . Each vCPU is equivalent to 1,024 CPU shares. For EC2 resources, you must specify at least one vCPU. This is required but can be specified in several places; it must be specified for each node at least once.\n\nThe default for the Fargate On-Demand vCPU resource count quota is 6 vCPUs. For more information about Fargate quotas, see [AWS Fargate quotas](https://docs.aws.amazon.com/general/latest/gr/ecs-service.html#service-quotas-fargate) in the *AWS General Reference* .\n\nFor jobs that are running on Fargate resources, then `value` must match one of the supported values and the `MEMORY` values must be one of the values supported for that `VCPU` value. The supported values are 0.25, 0.5, 1, 2, 4, 8, and 16\n\n- **value = 0.25** - `MEMORY` = 512, 1024, or 2048\n- **value = 0.5** - `MEMORY` = 1024, 2048, 3072, or 4096\n- **value = 1** - `MEMORY` = 2048, 3072, 4096, 5120, 6144, 7168, or 8192\n- **value = 2** - `MEMORY` = 4096, 5120, 6144, 7168, 8192, 9216, 10240, 11264, 12288, 13312, 14336, 15360, or 16384\n- **value = 4** - `MEMORY` = 8192, 9216, 10240, 11264, 12288, 13312, 14336, 15360, 16384, 17408, 18432, 19456, 20480, 21504, 22528, 23552, 24576, 25600, 26624, 27648, 28672, 29696, or 30720\n- **value = 8** - `MEMORY` = 16384, 20480, 24576, 28672, 32768, 36864, 40960, 45056, 49152, 53248, 57344, or 61440\n- **value = 16** - `MEMORY` = 32768, 40960, 49152, 57344, 65536, 73728, 81920, 90112, 98304, 106496, 114688, or 122880", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Type", + "Value" + ], + "type": "object" + }, + "AWS::Pipes::Pipe.BatchRetryStrategy": { + "additionalProperties": false, + "properties": { + "Attempts": { + "markdownDescription": "The number of times to move a job to the `RUNNABLE` status. If the value of `attempts` is greater than one, the job is retried on failure the same number of attempts as the value.", + "title": "Attempts", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Pipes::Pipe.CapacityProviderStrategyItem": { + "additionalProperties": false, + "properties": { + "Base": { + "markdownDescription": "The base value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined. If no value is specified, the default value of 0 is used.", + "title": "Base", + "type": "number" + }, + "CapacityProvider": { + "markdownDescription": "The short name of the capacity provider.", + "title": "CapacityProvider", + "type": "string" + }, + "Weight": { + "markdownDescription": "The weight value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The weight value is taken into consideration after the base value, if defined, is satisfied.", + "title": "Weight", + "type": "number" + } + }, + "required": [ + "CapacityProvider" + ], + "type": "object" + }, + "AWS::Pipes::Pipe.CloudwatchLogsLogDestination": { + "additionalProperties": false, + "properties": { + "LogGroupArn": { + "markdownDescription": "The AWS Resource Name (ARN) for the CloudWatch log group to which EventBridge sends the log records.", + "title": "LogGroupArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Pipes::Pipe.DeadLetterConfig": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The ARN of the specified target for the dead-letter queue.\n\nFor Amazon Kinesis stream and Amazon DynamoDB stream sources, specify either an Amazon SNS topic or Amazon SQS queue ARN.", + "title": "Arn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Pipes::Pipe.DimensionMapping": { + "additionalProperties": false, + "properties": { + "DimensionName": { + "markdownDescription": "The metadata attributes of the time series. For example, the name and Availability Zone of an Amazon EC2 instance or the name of the manufacturer of a wind turbine are dimensions.", + "title": "DimensionName", + "type": "string" + }, + "DimensionValue": { + "markdownDescription": "Dynamic path to the dimension value in the source event.", + "title": "DimensionValue", + "type": "string" + }, + "DimensionValueType": { + "markdownDescription": "The data type of the dimension for the time-series data.", + "title": "DimensionValueType", + "type": "string" + } + }, + "required": [ + "DimensionName", + "DimensionValue", + "DimensionValueType" + ], + "type": "object" + }, + "AWS::Pipes::Pipe.EcsContainerOverride": { + "additionalProperties": false, + "properties": { + "Command": { + "items": { + "type": "string" + }, + "markdownDescription": "The command to send to the container that overrides the default command from the Docker image or the task definition. You must also specify a container name.", + "title": "Command", + "type": "array" + }, + "Cpu": { + "markdownDescription": "The number of `cpu` units reserved for the container, instead of the default value from the task definition. You must also specify a container name.", + "title": "Cpu", + "type": "number" + }, + "Environment": { + "items": { + "$ref": "#/definitions/AWS::Pipes::Pipe.EcsEnvironmentVariable" + }, + "markdownDescription": "The environment variables to send to the container. You can add new environment variables, which are added to the container at launch, or you can override the existing environment variables from the Docker image or the task definition. You must also specify a container name.", + "title": "Environment", + "type": "array" + }, + "EnvironmentFiles": { + "items": { + "$ref": "#/definitions/AWS::Pipes::Pipe.EcsEnvironmentFile" + }, + "markdownDescription": "A list of files containing the environment variables to pass to a container, instead of the value from the container definition.", + "title": "EnvironmentFiles", + "type": "array" + }, + "Memory": { + "markdownDescription": "The hard limit (in MiB) of memory to present to the container, instead of the default value from the task definition. If your container attempts to exceed the memory specified here, the container is killed. You must also specify a container name.", + "title": "Memory", + "type": "number" + }, + "MemoryReservation": { + "markdownDescription": "The soft limit (in MiB) of memory to reserve for the container, instead of the default value from the task definition. You must also specify a container name.", + "title": "MemoryReservation", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of the container that receives the override. This parameter is required if any override is specified.", + "title": "Name", + "type": "string" + }, + "ResourceRequirements": { + "items": { + "$ref": "#/definitions/AWS::Pipes::Pipe.EcsResourceRequirement" + }, + "markdownDescription": "The type and amount of a resource to assign to a container, instead of the default value from the task definition. The only supported resource is a GPU.", + "title": "ResourceRequirements", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Pipes::Pipe.EcsEnvironmentFile": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "The file type to use. The only supported value is `s3` .", + "title": "Type", + "type": "string" + }, + "Value": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon S3 object containing the environment variable file.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Type", + "Value" + ], + "type": "object" + }, + "AWS::Pipes::Pipe.EcsEnvironmentVariable": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the key-value pair. For environment variables, this is the name of the environment variable.", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the key-value pair. For environment variables, this is the value of the environment variable.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Pipes::Pipe.EcsEphemeralStorage": { + "additionalProperties": false, + "properties": { + "SizeInGiB": { + "markdownDescription": "The total amount, in GiB, of ephemeral storage to set for the task. The minimum supported value is `21` GiB and the maximum supported value is `200` GiB.", + "title": "SizeInGiB", + "type": "number" + } + }, + "required": [ + "SizeInGiB" + ], + "type": "object" + }, + "AWS::Pipes::Pipe.EcsInferenceAcceleratorOverride": { + "additionalProperties": false, + "properties": { + "DeviceName": { + "markdownDescription": "The Elastic Inference accelerator device name to override for the task. This parameter must match a `deviceName` specified in the task definition.", + "title": "DeviceName", + "type": "string" + }, + "DeviceType": { + "markdownDescription": "The Elastic Inference accelerator type to use.", + "title": "DeviceType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Pipes::Pipe.EcsResourceRequirement": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "The type of resource to assign to a container. The supported values are `GPU` or `InferenceAccelerator` .", + "title": "Type", + "type": "string" + }, + "Value": { + "markdownDescription": "The value for the specified resource type.\n\nIf the `GPU` type is used, the value is the number of physical `GPUs` the Amazon ECS container agent reserves for the container. The number of GPUs that's reserved for all containers in a task can't exceed the number of available GPUs on the container instance that the task is launched on.\n\nIf the `InferenceAccelerator` type is used, the `value` matches the `deviceName` for an InferenceAccelerator specified in a task definition.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Type", + "Value" + ], + "type": "object" + }, + "AWS::Pipes::Pipe.EcsTaskOverride": { + "additionalProperties": false, + "properties": { + "ContainerOverrides": { + "items": { + "$ref": "#/definitions/AWS::Pipes::Pipe.EcsContainerOverride" + }, + "markdownDescription": "One or more container overrides that are sent to a task.", + "title": "ContainerOverrides", + "type": "array" + }, + "Cpu": { + "markdownDescription": "The cpu override for the task.", + "title": "Cpu", + "type": "string" + }, + "EphemeralStorage": { + "$ref": "#/definitions/AWS::Pipes::Pipe.EcsEphemeralStorage", + "markdownDescription": "The ephemeral storage setting override for the task.\n\n> This parameter is only supported for tasks hosted on Fargate that use the following platform versions:\n> \n> - Linux platform version `1.4.0` or later.\n> - Windows platform version `1.0.0` or later.", + "title": "EphemeralStorage" + }, + "ExecutionRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the task execution IAM role override for the task. For more information, see [Amazon ECS task execution IAM role](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_execution_IAM_role.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "ExecutionRoleArn", + "type": "string" + }, + "InferenceAcceleratorOverrides": { + "items": { + "$ref": "#/definitions/AWS::Pipes::Pipe.EcsInferenceAcceleratorOverride" + }, + "markdownDescription": "The Elastic Inference accelerator override for the task.", + "title": "InferenceAcceleratorOverrides", + "type": "array" + }, + "Memory": { + "markdownDescription": "The memory override for the task.", + "title": "Memory", + "type": "string" + }, + "TaskRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that containers in this task can assume. All containers in this task are granted the permissions that are specified in this role. For more information, see [IAM Role for Tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-iam-roles.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "TaskRoleArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Pipes::Pipe.Filter": { + "additionalProperties": false, + "properties": { + "Pattern": { + "markdownDescription": "The event pattern.", + "title": "Pattern", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Pipes::Pipe.FilterCriteria": { + "additionalProperties": false, + "properties": { + "Filters": { + "items": { + "$ref": "#/definitions/AWS::Pipes::Pipe.Filter" + }, + "markdownDescription": "The event patterns.", + "title": "Filters", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Pipes::Pipe.FirehoseLogDestination": { + "additionalProperties": false, + "properties": { + "DeliveryStreamArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Firehose delivery stream to which EventBridge delivers the pipe log records.", + "title": "DeliveryStreamArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Pipes::Pipe.MQBrokerAccessCredentials": { + "additionalProperties": false, + "properties": { + "BasicAuth": { + "markdownDescription": "The ARN of the Secrets Manager secret.", + "title": "BasicAuth", + "type": "string" + } + }, + "required": [ + "BasicAuth" + ], + "type": "object" + }, + "AWS::Pipes::Pipe.MSKAccessCredentials": { + "additionalProperties": false, + "properties": { + "ClientCertificateTlsAuth": { + "markdownDescription": "The ARN of the Secrets Manager secret.", + "title": "ClientCertificateTlsAuth", + "type": "string" + }, + "SaslScram512Auth": { + "markdownDescription": "The ARN of the Secrets Manager secret.", + "title": "SaslScram512Auth", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Pipes::Pipe.MultiMeasureAttributeMapping": { + "additionalProperties": false, + "properties": { + "MeasureValue": { + "markdownDescription": "Dynamic path to the measurement attribute in the source event.", + "title": "MeasureValue", + "type": "string" + }, + "MeasureValueType": { + "markdownDescription": "Data type of the measurement attribute in the source event.", + "title": "MeasureValueType", + "type": "string" + }, + "MultiMeasureAttributeName": { + "markdownDescription": "Target measure name to be used.", + "title": "MultiMeasureAttributeName", + "type": "string" + } + }, + "required": [ + "MeasureValue", + "MeasureValueType", + "MultiMeasureAttributeName" + ], + "type": "object" + }, + "AWS::Pipes::Pipe.MultiMeasureMapping": { + "additionalProperties": false, + "properties": { + "MultiMeasureAttributeMappings": { + "items": { + "$ref": "#/definitions/AWS::Pipes::Pipe.MultiMeasureAttributeMapping" + }, + "markdownDescription": "Mappings that represent multiple source event fields mapped to measures in the same Timestream for LiveAnalytics record.", + "title": "MultiMeasureAttributeMappings", + "type": "array" + }, + "MultiMeasureName": { + "markdownDescription": "The name of the multiple measurements per record (multi-measure).", + "title": "MultiMeasureName", + "type": "string" + } + }, + "required": [ + "MultiMeasureAttributeMappings", + "MultiMeasureName" + ], + "type": "object" + }, + "AWS::Pipes::Pipe.NetworkConfiguration": { + "additionalProperties": false, + "properties": { + "AwsvpcConfiguration": { + "$ref": "#/definitions/AWS::Pipes::Pipe.AwsVpcConfiguration", + "markdownDescription": "Use this structure to specify the VPC subnets and security groups for the task, and whether a public IP address is to be used. This structure is relevant only for ECS tasks that use the `awsvpc` network mode.", + "title": "AwsvpcConfiguration" + } + }, + "type": "object" + }, + "AWS::Pipes::Pipe.PipeEnrichmentHttpParameters": { + "additionalProperties": false, + "properties": { + "HeaderParameters": { + "additionalProperties": true, + "markdownDescription": "The headers that need to be sent as part of request invoking the API Gateway REST API or EventBridge ApiDestination.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "HeaderParameters", + "type": "object" + }, + "PathParameterValues": { + "items": { + "type": "string" + }, + "markdownDescription": "The path parameter values to be used to populate API Gateway REST API or EventBridge ApiDestination path wildcards (\"*\").", + "title": "PathParameterValues", + "type": "array" + }, + "QueryStringParameters": { + "additionalProperties": true, + "markdownDescription": "The query string keys/values that need to be sent as part of request invoking the API Gateway REST API or EventBridge ApiDestination.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "QueryStringParameters", + "type": "object" + } + }, + "type": "object" + }, + "AWS::Pipes::Pipe.PipeEnrichmentParameters": { + "additionalProperties": false, + "properties": { + "HttpParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeEnrichmentHttpParameters", + "markdownDescription": "Contains the HTTP parameters to use when the target is a API Gateway REST endpoint or EventBridge ApiDestination.\n\nIf you specify an API Gateway REST API or EventBridge ApiDestination as a target, you can use this parameter to specify headers, path parameters, and query string keys/values as part of your target invoking request. If you're using ApiDestinations, the corresponding Connection can also have these values configured. In case of any conflicting keys, values from the Connection take precedence.", + "title": "HttpParameters" + }, + "InputTemplate": { + "markdownDescription": "Valid JSON text passed to the enrichment. In this case, nothing from the event itself is passed to the enrichment. For more information, see [The JavaScript Object Notation (JSON) Data Interchange Format](https://docs.aws.amazon.com/http://www.rfc-editor.org/rfc/rfc7159.txt) .\n\nTo remove an input template, specify an empty string.", + "title": "InputTemplate", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Pipes::Pipe.PipeLogConfiguration": { + "additionalProperties": false, + "properties": { + "CloudwatchLogsLogDestination": { + "$ref": "#/definitions/AWS::Pipes::Pipe.CloudwatchLogsLogDestination", + "markdownDescription": "The logging configuration settings for the pipe.", + "title": "CloudwatchLogsLogDestination" + }, + "FirehoseLogDestination": { + "$ref": "#/definitions/AWS::Pipes::Pipe.FirehoseLogDestination", + "markdownDescription": "The Amazon Data Firehose logging configuration settings for the pipe.", + "title": "FirehoseLogDestination" + }, + "IncludeExecutionData": { + "items": { + "type": "string" + }, + "markdownDescription": "Whether the execution data (specifically, the `payload` , `awsRequest` , and `awsResponse` fields) is included in the log messages for this pipe.\n\nThis applies to all log destinations for the pipe.\n\nFor more information, see [Including execution data in logs](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes-logs.html#eb-pipes-logs-execution-data) in the *Amazon EventBridge User Guide* .\n\n*Allowed values:* `ALL`", + "title": "IncludeExecutionData", + "type": "array" + }, + "Level": { + "markdownDescription": "The level of logging detail to include. This applies to all log destinations for the pipe.", + "title": "Level", + "type": "string" + }, + "S3LogDestination": { + "$ref": "#/definitions/AWS::Pipes::Pipe.S3LogDestination", + "markdownDescription": "The Amazon S3 logging configuration settings for the pipe.", + "title": "S3LogDestination" + } + }, + "type": "object" + }, + "AWS::Pipes::Pipe.PipeSourceActiveMQBrokerParameters": { + "additionalProperties": false, + "properties": { + "BatchSize": { + "markdownDescription": "The maximum number of records to include in each batch.", + "title": "BatchSize", + "type": "number" + }, + "Credentials": { + "$ref": "#/definitions/AWS::Pipes::Pipe.MQBrokerAccessCredentials", + "markdownDescription": "The credentials needed to access the resource.", + "title": "Credentials" + }, + "MaximumBatchingWindowInSeconds": { + "markdownDescription": "The maximum length of a time to wait for events.", + "title": "MaximumBatchingWindowInSeconds", + "type": "number" + }, + "QueueName": { + "markdownDescription": "The name of the destination queue to consume.", + "title": "QueueName", + "type": "string" + } + }, + "required": [ + "Credentials", + "QueueName" + ], + "type": "object" + }, + "AWS::Pipes::Pipe.PipeSourceDynamoDBStreamParameters": { + "additionalProperties": false, + "properties": { + "BatchSize": { + "markdownDescription": "The maximum number of records to include in each batch.", + "title": "BatchSize", + "type": "number" + }, + "DeadLetterConfig": { + "$ref": "#/definitions/AWS::Pipes::Pipe.DeadLetterConfig", + "markdownDescription": "Define the target queue to send dead-letter queue events to.", + "title": "DeadLetterConfig" + }, + "MaximumBatchingWindowInSeconds": { + "markdownDescription": "The maximum length of a time to wait for events.", + "title": "MaximumBatchingWindowInSeconds", + "type": "number" + }, + "MaximumRecordAgeInSeconds": { + "markdownDescription": "Discard records older than the specified age. The default value is -1, which sets the maximum age to infinite. When the value is set to infinite, EventBridge never discards old records.", + "title": "MaximumRecordAgeInSeconds", + "type": "number" + }, + "MaximumRetryAttempts": { + "markdownDescription": "Discard records after the specified number of retries. The default value is -1, which sets the maximum number of retries to infinite. When MaximumRetryAttempts is infinite, EventBridge retries failed records until the record expires in the event source.", + "title": "MaximumRetryAttempts", + "type": "number" + }, + "OnPartialBatchItemFailure": { + "markdownDescription": "Define how to handle item process failures. `AUTOMATIC_BISECT` halves each batch and retry each half until all the records are processed or there is one failed message left in the batch.", + "title": "OnPartialBatchItemFailure", + "type": "string" + }, + "ParallelizationFactor": { + "markdownDescription": "The number of batches to process concurrently from each shard. The default value is 1.", + "title": "ParallelizationFactor", + "type": "number" + }, + "StartingPosition": { + "markdownDescription": "(Streams only) The position in a stream from which to start reading.\n\n*Valid values* : `TRIM_HORIZON | LATEST`", + "title": "StartingPosition", + "type": "string" + } + }, + "required": [ + "StartingPosition" + ], + "type": "object" + }, + "AWS::Pipes::Pipe.PipeSourceKinesisStreamParameters": { + "additionalProperties": false, + "properties": { + "BatchSize": { + "markdownDescription": "The maximum number of records to include in each batch.", + "title": "BatchSize", + "type": "number" + }, + "DeadLetterConfig": { + "$ref": "#/definitions/AWS::Pipes::Pipe.DeadLetterConfig", + "markdownDescription": "Define the target queue to send dead-letter queue events to.", + "title": "DeadLetterConfig" + }, + "MaximumBatchingWindowInSeconds": { + "markdownDescription": "The maximum length of a time to wait for events.", + "title": "MaximumBatchingWindowInSeconds", + "type": "number" + }, + "MaximumRecordAgeInSeconds": { + "markdownDescription": "Discard records older than the specified age. The default value is -1, which sets the maximum age to infinite. When the value is set to infinite, EventBridge never discards old records.", + "title": "MaximumRecordAgeInSeconds", + "type": "number" + }, + "MaximumRetryAttempts": { + "markdownDescription": "Discard records after the specified number of retries. The default value is -1, which sets the maximum number of retries to infinite. When MaximumRetryAttempts is infinite, EventBridge retries failed records until the record expires in the event source.", + "title": "MaximumRetryAttempts", + "type": "number" + }, + "OnPartialBatchItemFailure": { + "markdownDescription": "Define how to handle item process failures. `AUTOMATIC_BISECT` halves each batch and retry each half until all the records are processed or there is one failed message left in the batch.", + "title": "OnPartialBatchItemFailure", + "type": "string" + }, + "ParallelizationFactor": { + "markdownDescription": "The number of batches to process concurrently from each shard. The default value is 1.", + "title": "ParallelizationFactor", + "type": "number" + }, + "StartingPosition": { + "markdownDescription": "The position in a stream from which to start reading.", + "title": "StartingPosition", + "type": "string" + }, + "StartingPositionTimestamp": { + "markdownDescription": "With `StartingPosition` set to `AT_TIMESTAMP` , the time from which to start reading, in Unix time seconds.", + "title": "StartingPositionTimestamp", + "type": "string" + } + }, + "required": [ + "StartingPosition" + ], + "type": "object" + }, + "AWS::Pipes::Pipe.PipeSourceManagedStreamingKafkaParameters": { + "additionalProperties": false, + "properties": { + "BatchSize": { + "markdownDescription": "The maximum number of records to include in each batch.", + "title": "BatchSize", + "type": "number" + }, + "ConsumerGroupID": { + "markdownDescription": "The name of the destination queue to consume.", + "title": "ConsumerGroupID", + "type": "string" + }, + "Credentials": { + "$ref": "#/definitions/AWS::Pipes::Pipe.MSKAccessCredentials", + "markdownDescription": "The credentials needed to access the resource.", + "title": "Credentials" + }, + "MaximumBatchingWindowInSeconds": { + "markdownDescription": "The maximum length of a time to wait for events.", + "title": "MaximumBatchingWindowInSeconds", + "type": "number" + }, + "StartingPosition": { + "markdownDescription": "The position in a stream from which to start reading.", + "title": "StartingPosition", + "type": "string" + }, + "TopicName": { + "markdownDescription": "The name of the topic that the pipe will read from.", + "title": "TopicName", + "type": "string" + } + }, + "required": [ + "TopicName" + ], + "type": "object" + }, + "AWS::Pipes::Pipe.PipeSourceParameters": { + "additionalProperties": false, + "properties": { + "ActiveMQBrokerParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceActiveMQBrokerParameters", + "markdownDescription": "The parameters for using an Active MQ broker as a source.", + "title": "ActiveMQBrokerParameters" + }, + "DynamoDBStreamParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceDynamoDBStreamParameters", + "markdownDescription": "The parameters for using a DynamoDB stream as a source.", + "title": "DynamoDBStreamParameters" + }, + "FilterCriteria": { + "$ref": "#/definitions/AWS::Pipes::Pipe.FilterCriteria", + "markdownDescription": "The collection of event patterns used to filter events.\n\nTo remove a filter, specify a `FilterCriteria` object with an empty array of `Filter` objects.\n\nFor more information, see [Events and Event Patterns](https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-and-event-patterns.html) in the *Amazon EventBridge User Guide* .", + "title": "FilterCriteria" + }, + "KinesisStreamParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceKinesisStreamParameters", + "markdownDescription": "The parameters for using a Kinesis stream as a source.", + "title": "KinesisStreamParameters" + }, + "ManagedStreamingKafkaParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceManagedStreamingKafkaParameters", + "markdownDescription": "The parameters for using an MSK stream as a source.", + "title": "ManagedStreamingKafkaParameters" + }, + "RabbitMQBrokerParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceRabbitMQBrokerParameters", + "markdownDescription": "The parameters for using a Rabbit MQ broker as a source.", + "title": "RabbitMQBrokerParameters" + }, + "SelfManagedKafkaParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceSelfManagedKafkaParameters", + "markdownDescription": "The parameters for using a self-managed Apache Kafka stream as a source.\n\nA *self managed* cluster refers to any Apache Kafka cluster not hosted by AWS . This includes both clusters you manage yourself, as well as those hosted by a third-party provider, such as [Confluent Cloud](https://docs.aws.amazon.com/https://www.confluent.io/) , [CloudKarafka](https://docs.aws.amazon.com/https://www.cloudkarafka.com/) , or [Redpanda](https://docs.aws.amazon.com/https://redpanda.com/) . For more information, see [Apache Kafka streams as a source](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes-kafka.html) in the *Amazon EventBridge User Guide* .", + "title": "SelfManagedKafkaParameters" + }, + "SqsQueueParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceSqsQueueParameters", + "markdownDescription": "The parameters for using a Amazon SQS stream as a source.", + "title": "SqsQueueParameters" + } + }, + "type": "object" + }, + "AWS::Pipes::Pipe.PipeSourceRabbitMQBrokerParameters": { + "additionalProperties": false, + "properties": { + "BatchSize": { + "markdownDescription": "The maximum number of records to include in each batch.", + "title": "BatchSize", + "type": "number" + }, + "Credentials": { + "$ref": "#/definitions/AWS::Pipes::Pipe.MQBrokerAccessCredentials", + "markdownDescription": "The credentials needed to access the resource.", + "title": "Credentials" + }, + "MaximumBatchingWindowInSeconds": { + "markdownDescription": "The maximum length of a time to wait for events.", + "title": "MaximumBatchingWindowInSeconds", + "type": "number" + }, + "QueueName": { + "markdownDescription": "The name of the destination queue to consume.", + "title": "QueueName", + "type": "string" + }, + "VirtualHost": { + "markdownDescription": "The name of the virtual host associated with the source broker.", + "title": "VirtualHost", + "type": "string" + } + }, + "required": [ + "Credentials", + "QueueName" + ], + "type": "object" + }, + "AWS::Pipes::Pipe.PipeSourceSelfManagedKafkaParameters": { + "additionalProperties": false, + "properties": { + "AdditionalBootstrapServers": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of server URLs.", + "title": "AdditionalBootstrapServers", + "type": "array" + }, + "BatchSize": { + "markdownDescription": "The maximum number of records to include in each batch.", + "title": "BatchSize", + "type": "number" + }, + "ConsumerGroupID": { + "markdownDescription": "The name of the destination queue to consume.", + "title": "ConsumerGroupID", + "type": "string" + }, + "Credentials": { + "$ref": "#/definitions/AWS::Pipes::Pipe.SelfManagedKafkaAccessConfigurationCredentials", + "markdownDescription": "The credentials needed to access the resource.", + "title": "Credentials" + }, + "MaximumBatchingWindowInSeconds": { + "markdownDescription": "The maximum length of a time to wait for events.", + "title": "MaximumBatchingWindowInSeconds", + "type": "number" + }, + "ServerRootCaCertificate": { + "markdownDescription": "The ARN of the Secrets Manager secret used for certification.", + "title": "ServerRootCaCertificate", + "type": "string" + }, + "StartingPosition": { + "markdownDescription": "The position in a stream from which to start reading.", + "title": "StartingPosition", + "type": "string" + }, + "TopicName": { + "markdownDescription": "The name of the topic that the pipe will read from.", + "title": "TopicName", + "type": "string" + }, + "Vpc": { + "$ref": "#/definitions/AWS::Pipes::Pipe.SelfManagedKafkaAccessConfigurationVpc", + "markdownDescription": "This structure specifies the VPC subnets and security groups for the stream, and whether a public IP address is to be used.", + "title": "Vpc" + } + }, + "required": [ + "TopicName" + ], + "type": "object" + }, + "AWS::Pipes::Pipe.PipeSourceSqsQueueParameters": { + "additionalProperties": false, + "properties": { + "BatchSize": { + "markdownDescription": "The maximum number of records to include in each batch.", + "title": "BatchSize", + "type": "number" + }, + "MaximumBatchingWindowInSeconds": { + "markdownDescription": "The maximum length of a time to wait for events.", + "title": "MaximumBatchingWindowInSeconds", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Pipes::Pipe.PipeTargetBatchJobParameters": { + "additionalProperties": false, + "properties": { + "ArrayProperties": { + "$ref": "#/definitions/AWS::Pipes::Pipe.BatchArrayProperties", + "markdownDescription": "The array properties for the submitted job, such as the size of the array. The array size can be between 2 and 10,000. If you specify array properties for a job, it becomes an array job. This parameter is used only if the target is an AWS Batch job.", + "title": "ArrayProperties" + }, + "ContainerOverrides": { + "$ref": "#/definitions/AWS::Pipes::Pipe.BatchContainerOverrides", + "markdownDescription": "The overrides that are sent to a container.", + "title": "ContainerOverrides" + }, + "DependsOn": { + "items": { + "$ref": "#/definitions/AWS::Pipes::Pipe.BatchJobDependency" + }, + "markdownDescription": "A list of dependencies for the job. A job can depend upon a maximum of 20 jobs. You can specify a `SEQUENTIAL` type dependency without specifying a job ID for array jobs so that each child array job completes sequentially, starting at index 0. You can also specify an `N_TO_N` type dependency with a job ID for array jobs. In that case, each index child of this job must wait for the corresponding index child of each dependency to complete before it can begin.", + "title": "DependsOn", + "type": "array" + }, + "JobDefinition": { + "markdownDescription": "The job definition used by this job. This value can be one of `name` , `name:revision` , or the Amazon Resource Name (ARN) for the job definition. If name is specified without a revision then the latest active revision is used.", + "title": "JobDefinition", + "type": "string" + }, + "JobName": { + "markdownDescription": "The name of the job. It can be up to 128 letters long. The first character must be alphanumeric, can contain uppercase and lowercase letters, numbers, hyphens (-), and underscores (_).", + "title": "JobName", + "type": "string" + }, + "Parameters": { + "additionalProperties": true, + "markdownDescription": "Additional parameters passed to the job that replace parameter substitution placeholders that are set in the job definition. Parameters are specified as a key and value pair mapping. Parameters included here override any corresponding parameter defaults from the job definition.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Parameters", + "type": "object" + }, + "RetryStrategy": { + "$ref": "#/definitions/AWS::Pipes::Pipe.BatchRetryStrategy", + "markdownDescription": "The retry strategy to use for failed jobs. When a retry strategy is specified here, it overrides the retry strategy defined in the job definition.", + "title": "RetryStrategy" + } + }, + "required": [ + "JobDefinition", + "JobName" + ], + "type": "object" + }, + "AWS::Pipes::Pipe.PipeTargetCloudWatchLogsParameters": { + "additionalProperties": false, + "properties": { + "LogStreamName": { + "markdownDescription": "The name of the log stream.", + "title": "LogStreamName", + "type": "string" + }, + "Timestamp": { + "markdownDescription": "A [dynamic path parameter](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes-event-target.html) to a field in the payload containing the time the event occurred, expressed as the number of milliseconds after Jan 1, 1970 00:00:00 UTC.\n\nThe value cannot be a static timestamp as the provided timestamp would be applied to all events delivered by the Pipe, regardless of when they are actually delivered.\n\nIf no dynamic path parameter is provided, the default value is the time the invocation is processed by the Pipe.", + "title": "Timestamp", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Pipes::Pipe.PipeTargetEcsTaskParameters": { + "additionalProperties": false, + "properties": { + "CapacityProviderStrategy": { + "items": { + "$ref": "#/definitions/AWS::Pipes::Pipe.CapacityProviderStrategyItem" + }, + "markdownDescription": "The capacity provider strategy to use for the task.\n\nIf a `capacityProviderStrategy` is specified, the `launchType` parameter must be omitted. If no `capacityProviderStrategy` or launchType is specified, the `defaultCapacityProviderStrategy` for the cluster is used.", + "title": "CapacityProviderStrategy", + "type": "array" + }, + "EnableECSManagedTags": { + "markdownDescription": "Specifies whether to enable Amazon ECS managed tags for the task. For more information, see [Tagging Your Amazon ECS Resources](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-using-tags.html) in the Amazon Elastic Container Service Developer Guide.", + "title": "EnableECSManagedTags", + "type": "boolean" + }, + "EnableExecuteCommand": { + "markdownDescription": "Whether or not to enable the execute command functionality for the containers in this task. If true, this enables execute command functionality on all containers in the task.", + "title": "EnableExecuteCommand", + "type": "boolean" + }, + "Group": { + "markdownDescription": "Specifies an Amazon ECS task group for the task. The maximum length is 255 characters.", + "title": "Group", + "type": "string" + }, + "LaunchType": { + "markdownDescription": "Specifies the launch type on which your task is running. The launch type that you specify here must match one of the launch type (compatibilities) of the target task. The `FARGATE` value is supported only in the Regions where AWS Fargate with Amazon ECS is supported. For more information, see [AWS Fargate on Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/AWS-Fargate.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "LaunchType", + "type": "string" + }, + "NetworkConfiguration": { + "$ref": "#/definitions/AWS::Pipes::Pipe.NetworkConfiguration", + "markdownDescription": "Use this structure if the Amazon ECS task uses the `awsvpc` network mode. This structure specifies the VPC subnets and security groups associated with the task, and whether a public IP address is to be used. This structure is required if `LaunchType` is `FARGATE` because the `awsvpc` mode is required for Fargate tasks.\n\nIf you specify `NetworkConfiguration` when the target ECS task does not use the `awsvpc` network mode, the task fails.", + "title": "NetworkConfiguration" + }, + "Overrides": { + "$ref": "#/definitions/AWS::Pipes::Pipe.EcsTaskOverride", + "markdownDescription": "The overrides that are associated with a task.", + "title": "Overrides" + }, + "PlacementConstraints": { + "items": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PlacementConstraint" + }, + "markdownDescription": "An array of placement constraint objects to use for the task. You can specify up to 10 constraints per task (including constraints in the task definition and those specified at runtime).", + "title": "PlacementConstraints", + "type": "array" + }, + "PlacementStrategy": { + "items": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PlacementStrategy" + }, + "markdownDescription": "The placement strategy objects to use for the task. You can specify a maximum of five strategy rules per task.", + "title": "PlacementStrategy", + "type": "array" + }, + "PlatformVersion": { + "markdownDescription": "Specifies the platform version for the task. Specify only the numeric portion of the platform version, such as `1.1.0` .\n\nThis structure is used only if `LaunchType` is `FARGATE` . For more information about valid platform versions, see [AWS Fargate Platform Versions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "PlatformVersion", + "type": "string" + }, + "PropagateTags": { + "markdownDescription": "Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags are not propagated. Tags can only be propagated to the task during task creation. To add tags to a task after task creation, use the `TagResource` API action.", + "title": "PropagateTags", + "type": "string" + }, + "ReferenceId": { + "markdownDescription": "The reference ID to use for the task.", + "title": "ReferenceId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The metadata that you apply to the task to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define. To learn more, see [RunTask](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RunTask.html#ECS-RunTask-request-tags) in the Amazon ECS API Reference.", + "title": "Tags", + "type": "array" + }, + "TaskCount": { + "markdownDescription": "The number of tasks to create based on `TaskDefinition` . The default is 1.", + "title": "TaskCount", + "type": "number" + }, + "TaskDefinitionArn": { + "markdownDescription": "The ARN of the task definition to use if the event target is an Amazon ECS task.", + "title": "TaskDefinitionArn", + "type": "string" + } + }, + "required": [ + "TaskDefinitionArn" + ], + "type": "object" + }, + "AWS::Pipes::Pipe.PipeTargetEventBridgeEventBusParameters": { + "additionalProperties": false, + "properties": { + "DetailType": { + "markdownDescription": "A free-form string, with a maximum of 128 characters, used to decide what fields to expect in the event detail.", + "title": "DetailType", + "type": "string" + }, + "EndpointId": { + "markdownDescription": "The URL subdomain of the endpoint. For example, if the URL for Endpoint is https://abcde.veo.endpoints.event.amazonaws.com, then the EndpointId is `abcde.veo` .", + "title": "EndpointId", + "type": "string" + }, + "Resources": { + "items": { + "type": "string" + }, + "markdownDescription": "AWS resources, identified by Amazon Resource Name (ARN), which the event primarily concerns. Any number, including zero, may be present.", + "title": "Resources", + "type": "array" + }, + "Source": { + "markdownDescription": "The source of the event.", + "title": "Source", + "type": "string" + }, + "Time": { + "markdownDescription": "The time stamp of the event, per [RFC3339](https://docs.aws.amazon.com/https://www.rfc-editor.org/rfc/rfc3339.txt) . If no time stamp is provided, the time stamp of the [PutEvents](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_PutEvents.html) call is used.", + "title": "Time", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Pipes::Pipe.PipeTargetHttpParameters": { + "additionalProperties": false, + "properties": { + "HeaderParameters": { + "additionalProperties": true, + "markdownDescription": "The headers that need to be sent as part of request invoking the API Gateway REST API or EventBridge ApiDestination.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "HeaderParameters", + "type": "object" + }, + "PathParameterValues": { + "items": { + "type": "string" + }, + "markdownDescription": "The path parameter values to be used to populate API Gateway REST API or EventBridge ApiDestination path wildcards (\"*\").", + "title": "PathParameterValues", + "type": "array" + }, + "QueryStringParameters": { + "additionalProperties": true, + "markdownDescription": "The query string keys/values that need to be sent as part of request invoking the API Gateway REST API or EventBridge ApiDestination.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "QueryStringParameters", + "type": "object" + } + }, + "type": "object" + }, + "AWS::Pipes::Pipe.PipeTargetKinesisStreamParameters": { + "additionalProperties": false, + "properties": { + "PartitionKey": { + "markdownDescription": "Determines which shard in the stream the data record is assigned to. Partition keys are Unicode strings with a maximum length limit of 256 characters for each key. Amazon Kinesis Data Streams uses the partition key as input to a hash function that maps the partition key and associated data to a specific shard. Specifically, an MD5 hash function is used to map partition keys to 128-bit integer values and to map associated data records to shards. As a result of this hashing mechanism, all data records with the same partition key map to the same shard within the stream.", + "title": "PartitionKey", + "type": "string" + } + }, + "required": [ + "PartitionKey" + ], + "type": "object" + }, + "AWS::Pipes::Pipe.PipeTargetLambdaFunctionParameters": { + "additionalProperties": false, + "properties": { + "InvocationType": { + "markdownDescription": "Specify whether to invoke the function synchronously or asynchronously.\n\n- `REQUEST_RESPONSE` (default) - Invoke synchronously. This corresponds to the `RequestResponse` option in the `InvocationType` parameter for the Lambda [Invoke](https://docs.aws.amazon.com/lambda/latest/dg/API_Invoke.html#API_Invoke_RequestSyntax) API.\n- `FIRE_AND_FORGET` - Invoke asynchronously. This corresponds to the `Event` option in the `InvocationType` parameter for the Lambda [Invoke](https://docs.aws.amazon.com/lambda/latest/dg/API_Invoke.html#API_Invoke_RequestSyntax) API.\n\nFor more information, see [Invocation types](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes.html#pipes-invocation) in the *Amazon EventBridge User Guide* .", + "title": "InvocationType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Pipes::Pipe.PipeTargetParameters": { + "additionalProperties": false, + "properties": { + "BatchJobParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetBatchJobParameters", + "markdownDescription": "The parameters for using an AWS Batch job as a target.", + "title": "BatchJobParameters" + }, + "CloudWatchLogsParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetCloudWatchLogsParameters", + "markdownDescription": "The parameters for using an CloudWatch Logs log stream as a target.", + "title": "CloudWatchLogsParameters" + }, + "EcsTaskParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetEcsTaskParameters", + "markdownDescription": "The parameters for using an Amazon ECS task as a target.", + "title": "EcsTaskParameters" + }, + "EventBridgeEventBusParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetEventBridgeEventBusParameters", + "markdownDescription": "The parameters for using an EventBridge event bus as a target.", + "title": "EventBridgeEventBusParameters" + }, + "HttpParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetHttpParameters", + "markdownDescription": "These are custom parameter to be used when the target is an API Gateway REST APIs or EventBridge ApiDestinations.", + "title": "HttpParameters" + }, + "InputTemplate": { + "markdownDescription": "Valid JSON text passed to the target. In this case, nothing from the event itself is passed to the target. For more information, see [The JavaScript Object Notation (JSON) Data Interchange Format](https://docs.aws.amazon.com/http://www.rfc-editor.org/rfc/rfc7159.txt) .\n\nTo remove an input template, specify an empty string.", + "title": "InputTemplate", + "type": "string" + }, + "KinesisStreamParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetKinesisStreamParameters", + "markdownDescription": "The parameters for using a Kinesis stream as a target.", + "title": "KinesisStreamParameters" + }, + "LambdaFunctionParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetLambdaFunctionParameters", + "markdownDescription": "The parameters for using a Lambda function as a target.", + "title": "LambdaFunctionParameters" + }, + "RedshiftDataParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetRedshiftDataParameters", + "markdownDescription": "These are custom parameters to be used when the target is a Amazon Redshift cluster to invoke the Amazon Redshift Data API BatchExecuteStatement.", + "title": "RedshiftDataParameters" + }, + "SageMakerPipelineParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetSageMakerPipelineParameters", + "markdownDescription": "The parameters for using a SageMaker AI pipeline as a target.", + "title": "SageMakerPipelineParameters" + }, + "SqsQueueParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetSqsQueueParameters", + "markdownDescription": "The parameters for using a Amazon SQS stream as a target.", + "title": "SqsQueueParameters" + }, + "StepFunctionStateMachineParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetStateMachineParameters", + "markdownDescription": "The parameters for using a Step Functions state machine as a target.", + "title": "StepFunctionStateMachineParameters" + }, + "TimestreamParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetTimestreamParameters", + "markdownDescription": "The parameters for using a Timestream for LiveAnalytics table as a target.", + "title": "TimestreamParameters" + } + }, + "type": "object" + }, + "AWS::Pipes::Pipe.PipeTargetRedshiftDataParameters": { + "additionalProperties": false, + "properties": { + "Database": { + "markdownDescription": "The name of the database. Required when authenticating using temporary credentials.", + "title": "Database", + "type": "string" + }, + "DbUser": { + "markdownDescription": "The database user name. Required when authenticating using temporary credentials.", + "title": "DbUser", + "type": "string" + }, + "SecretManagerArn": { + "markdownDescription": "The name or ARN of the secret that enables access to the database. Required when authenticating using Secrets Manager.", + "title": "SecretManagerArn", + "type": "string" + }, + "Sqls": { + "items": { + "type": "string" + }, + "markdownDescription": "The SQL statement text to run.", + "title": "Sqls", + "type": "array" + }, + "StatementName": { + "markdownDescription": "The name of the SQL statement. You can name the SQL statement when you create it to identify the query.", + "title": "StatementName", + "type": "string" + }, + "WithEvent": { + "markdownDescription": "Indicates whether to send an event back to EventBridge after the SQL statement runs.", + "title": "WithEvent", + "type": "boolean" + } + }, + "required": [ + "Database", + "Sqls" + ], + "type": "object" + }, + "AWS::Pipes::Pipe.PipeTargetSageMakerPipelineParameters": { + "additionalProperties": false, + "properties": { + "PipelineParameterList": { + "items": { + "$ref": "#/definitions/AWS::Pipes::Pipe.SageMakerPipelineParameter" + }, + "markdownDescription": "List of Parameter names and values for SageMaker AI Model Building Pipeline execution.", + "title": "PipelineParameterList", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Pipes::Pipe.PipeTargetSqsQueueParameters": { + "additionalProperties": false, + "properties": { + "MessageDeduplicationId": { + "markdownDescription": "This parameter applies only to FIFO (first-in-first-out) queues.\n\nThe token used for deduplication of sent messages.", + "title": "MessageDeduplicationId", + "type": "string" + }, + "MessageGroupId": { + "markdownDescription": "The FIFO message group ID to use as the target.", + "title": "MessageGroupId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Pipes::Pipe.PipeTargetStateMachineParameters": { + "additionalProperties": false, + "properties": { + "InvocationType": { + "markdownDescription": "Specify whether to invoke the Step Functions state machine synchronously or asynchronously.\n\n- `REQUEST_RESPONSE` (default) - Invoke synchronously. For more information, see [StartSyncExecution](https://docs.aws.amazon.com/step-functions/latest/apireference/API_StartSyncExecution.html) in the *AWS Step Functions API Reference* .\n\n> `REQUEST_RESPONSE` is not supported for `STANDARD` state machine workflows.\n- `FIRE_AND_FORGET` - Invoke asynchronously. For more information, see [StartExecution](https://docs.aws.amazon.com/step-functions/latest/apireference/API_StartExecution.html) in the *AWS Step Functions API Reference* .\n\nFor more information, see [Invocation types](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes.html#pipes-invocation) in the *Amazon EventBridge User Guide* .", + "title": "InvocationType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Pipes::Pipe.PipeTargetTimestreamParameters": { + "additionalProperties": false, + "properties": { + "DimensionMappings": { + "items": { + "$ref": "#/definitions/AWS::Pipes::Pipe.DimensionMapping" + }, + "markdownDescription": "Map source data to dimensions in the target Timestream for LiveAnalytics table.\n\nFor more information, see [Amazon Timestream for LiveAnalytics concepts](https://docs.aws.amazon.com/timestream/latest/developerguide/concepts.html)", + "title": "DimensionMappings", + "type": "array" + }, + "EpochTimeUnit": { + "markdownDescription": "The granularity of the time units used. Default is `MILLISECONDS` .\n\nRequired if `TimeFieldType` is specified as `EPOCH` .", + "title": "EpochTimeUnit", + "type": "string" + }, + "MultiMeasureMappings": { + "items": { + "$ref": "#/definitions/AWS::Pipes::Pipe.MultiMeasureMapping" + }, + "markdownDescription": "Maps multiple measures from the source event to the same record in the specified Timestream for LiveAnalytics table.", + "title": "MultiMeasureMappings", + "type": "array" + }, + "SingleMeasureMappings": { + "items": { + "$ref": "#/definitions/AWS::Pipes::Pipe.SingleMeasureMapping" + }, + "markdownDescription": "Mappings of single source data fields to individual records in the specified Timestream for LiveAnalytics table.", + "title": "SingleMeasureMappings", + "type": "array" + }, + "TimeFieldType": { + "markdownDescription": "The type of time value used.\n\nThe default is `EPOCH` .", + "title": "TimeFieldType", + "type": "string" + }, + "TimeValue": { + "markdownDescription": "Dynamic path to the source data field that represents the time value for your data.", + "title": "TimeValue", + "type": "string" + }, + "TimestampFormat": { + "markdownDescription": "How to format the timestamps. For example, `yyyy-MM-dd'T'HH:mm:ss'Z'` .\n\nRequired if `TimeFieldType` is specified as `TIMESTAMP_FORMAT` .", + "title": "TimestampFormat", + "type": "string" + }, + "VersionValue": { + "markdownDescription": "64 bit version value or source data field that represents the version value for your data.\n\nWrite requests with a higher version number will update the existing measure values of the record and version. In cases where the measure value is the same, the version will still be updated.\n\nDefault value is 1.\n\nTimestream for LiveAnalytics does not support updating partial measure values in a record.\n\nWrite requests for duplicate data with a higher version number will update the existing measure value and version. In cases where the measure value is the same, `Version` will still be updated. Default value is `1` .\n\n> `Version` must be `1` or greater, or you will receive a `ValidationException` error.", + "title": "VersionValue", + "type": "string" + } + }, + "required": [ + "DimensionMappings", + "TimeValue", + "VersionValue" + ], + "type": "object" + }, + "AWS::Pipes::Pipe.PlacementConstraint": { + "additionalProperties": false, + "properties": { + "Expression": { + "markdownDescription": "A cluster query language expression to apply to the constraint. You cannot specify an expression if the constraint type is `distinctInstance` . To learn more, see [Cluster Query Language](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html) in the Amazon Elastic Container Service Developer Guide.", + "title": "Expression", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of constraint. Use distinctInstance to ensure that each task in a particular group is running on a different container instance. Use memberOf to restrict the selection to a group of valid candidates.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Pipes::Pipe.PlacementStrategy": { + "additionalProperties": false, + "properties": { + "Field": { + "markdownDescription": "The field to apply the placement strategy against. For the spread placement strategy, valid values are instanceId (or host, which has the same effect), or any platform or custom attribute that is applied to a container instance, such as attribute:ecs.availability-zone. For the binpack placement strategy, valid values are cpu and memory. For the random placement strategy, this field is not used.", + "title": "Field", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of placement strategy. The random placement strategy randomly places tasks on available candidates. The spread placement strategy spreads placement across available candidates evenly based on the field parameter. The binpack strategy places tasks on available candidates that have the least available amount of the resource that is specified with the field parameter. For example, if you binpack on memory, a task is placed on the instance with the least amount of remaining memory (but still enough to run the task).", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Pipes::Pipe.S3LogDestination": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "The name of the Amazon S3 bucket to which EventBridge delivers the log records for the pipe.", + "title": "BucketName", + "type": "string" + }, + "BucketOwner": { + "markdownDescription": "The AWS account that owns the Amazon S3 bucket to which EventBridge delivers the log records for the pipe.", + "title": "BucketOwner", + "type": "string" + }, + "OutputFormat": { + "markdownDescription": "The format EventBridge uses for the log records.\n\nEventBridge currently only supports `json` formatting.", + "title": "OutputFormat", + "type": "string" + }, + "Prefix": { + "markdownDescription": "The prefix text with which to begin Amazon S3 log object names.\n\nFor more information, see [Organizing objects using prefixes](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-prefixes.html) in the *Amazon Simple Storage Service User Guide* .", + "title": "Prefix", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Pipes::Pipe.SageMakerPipelineParameter": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "Name of parameter to start execution of a SageMaker AI Model Building Pipeline.", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "Value of parameter to start execution of a SageMaker AI Model Building Pipeline.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Name", + "Value" + ], + "type": "object" + }, + "AWS::Pipes::Pipe.SelfManagedKafkaAccessConfigurationCredentials": { + "additionalProperties": false, + "properties": { + "BasicAuth": { + "markdownDescription": "The ARN of the Secrets Manager secret.", + "title": "BasicAuth", + "type": "string" + }, + "ClientCertificateTlsAuth": { + "markdownDescription": "The ARN of the Secrets Manager secret.", + "title": "ClientCertificateTlsAuth", + "type": "string" + }, + "SaslScram256Auth": { + "markdownDescription": "The ARN of the Secrets Manager secret.", + "title": "SaslScram256Auth", + "type": "string" + }, + "SaslScram512Auth": { + "markdownDescription": "The ARN of the Secrets Manager secret.", + "title": "SaslScram512Auth", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Pipes::Pipe.SelfManagedKafkaAccessConfigurationVpc": { + "additionalProperties": false, + "properties": { + "SecurityGroup": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the security groups associated with the stream. These security groups must all be in the same VPC. You can specify as many as five security groups.", + "title": "SecurityGroup", + "type": "array" + }, + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the subnets associated with the stream. These subnets must all be in the same VPC. You can specify as many as 16 subnets.", + "title": "Subnets", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Pipes::Pipe.SingleMeasureMapping": { + "additionalProperties": false, + "properties": { + "MeasureName": { + "markdownDescription": "Target measure name for the measurement attribute in the Timestream table.", + "title": "MeasureName", + "type": "string" + }, + "MeasureValue": { + "markdownDescription": "Dynamic path of the source field to map to the measure in the record.", + "title": "MeasureValue", + "type": "string" + }, + "MeasureValueType": { + "markdownDescription": "Data type of the source field.", + "title": "MeasureValueType", + "type": "string" + } + }, + "required": [ + "MeasureName", + "MeasureValue", + "MeasureValueType" + ], + "type": "object" + }, + "AWS::Proton::EnvironmentAccountConnection": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CodebuildRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM service role in the environment account. AWS Proton uses this role to provision infrastructure resources using CodeBuild-based provisioning in the associated environment account.", + "title": "CodebuildRoleArn", + "type": "string" + }, + "ComponentRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM service role that AWS Proton uses when provisioning directly defined components in the associated environment account. It determines the scope of infrastructure that a component can provision in the account.\n\nThe environment account connection must have a `componentRoleArn` to allow directly defined components to be associated with any environments running in the account.\n\nFor more information about components, see [AWS Proton components](https://docs.aws.amazon.com/proton/latest/userguide/ag-components.html) in the *AWS Proton User Guide* .", + "title": "ComponentRoleArn", + "type": "string" + }, + "EnvironmentAccountId": { + "markdownDescription": "The environment account that's connected to the environment account connection.", + "title": "EnvironmentAccountId", + "type": "string" + }, + "EnvironmentName": { + "markdownDescription": "The name of the environment that's associated with the environment account connection.", + "title": "EnvironmentName", + "type": "string" + }, + "ManagementAccountId": { + "markdownDescription": "The ID of the management account that's connected to the environment account connection.", + "title": "ManagementAccountId", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The IAM service role that's associated with the environment account connection.", + "title": "RoleArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An optional list of metadata items that you can associate with the AWS Proton environment account connection. A tag is a key-value pair.\n\nFor more information, see [AWS Proton resources and tagging](https://docs.aws.amazon.com/proton/latest/userguide/resources.html) in the *AWS Proton User Guide* .", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Proton::EnvironmentAccountConnection" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Proton::EnvironmentTemplate": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the environment template.", + "title": "Description", + "type": "string" + }, + "DisplayName": { + "markdownDescription": "The name of the environment template as displayed in the developer interface.", + "title": "DisplayName", + "type": "string" + }, + "EncryptionKey": { + "markdownDescription": "The customer provided encryption key for the environment template.", + "title": "EncryptionKey", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the environment template.", + "title": "Name", + "type": "string" + }, + "Provisioning": { + "markdownDescription": "When included, indicates that the environment template is for customer provisioned and managed infrastructure.", + "title": "Provisioning", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An optional list of metadata items that you can associate with the AWS Proton environment template. A tag is a key-value pair.\n\nFor more information, see [AWS Proton resources and tagging](https://docs.aws.amazon.com/proton/latest/userguide/resources.html) in the *AWS Proton User Guide* .", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Proton::EnvironmentTemplate" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Proton::ServiceTemplate": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the service template.", + "title": "Description", + "type": "string" + }, + "DisplayName": { + "markdownDescription": "The service template name as displayed in the developer interface.", + "title": "DisplayName", + "type": "string" + }, + "EncryptionKey": { + "markdownDescription": "The customer provided service template encryption key that's used to encrypt data.", + "title": "EncryptionKey", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the service template.", + "title": "Name", + "type": "string" + }, + "PipelineProvisioning": { + "markdownDescription": "If `pipelineProvisioning` is `true` , a service pipeline is included in the service template. Otherwise, a service pipeline *isn't* included in the service template.", + "title": "PipelineProvisioning", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An object that includes the template bundle S3 bucket path and name for the new version of a service template.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Proton::ServiceTemplate" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::QBusiness::Application": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AttachmentsConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::Application.AttachmentsConfiguration", + "markdownDescription": "Configuration information for the file upload during chat feature.", + "title": "AttachmentsConfiguration" + }, + "AutoSubscriptionConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::Application.AutoSubscriptionConfiguration", + "markdownDescription": "Subscription configuration information for an Amazon Q Business application using IAM identity federation for user management.", + "title": "AutoSubscriptionConfiguration" + }, + "ClientIdsForOIDC": { + "items": { + "type": "string" + }, + "markdownDescription": "The OIDC client ID for a Amazon Q Business application.", + "title": "ClientIdsForOIDC", + "type": "array" + }, + "Description": { + "markdownDescription": "A description for the Amazon Q Business application.", + "title": "Description", + "type": "string" + }, + "DisplayName": { + "markdownDescription": "The name of the Amazon Q Business application.", + "title": "DisplayName", + "type": "string" + }, + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::Application.EncryptionConfiguration", + "markdownDescription": "Provides the identifier of the AWS KMS key used to encrypt data indexed by Amazon Q Business. Amazon Q Business doesn't support asymmetric keys.", + "title": "EncryptionConfiguration" + }, + "IamIdentityProviderArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an identity provider being used by an Amazon Q Business application.", + "title": "IamIdentityProviderArn", + "type": "string" + }, + "IdentityCenterInstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM Identity Center instance you are either creating for\u2014or connecting to\u2014your Amazon Q Business application.\n\n*Required* : `Yes`", + "title": "IdentityCenterInstanceArn", + "type": "string" + }, + "IdentityType": { + "markdownDescription": "The authentication type being used by a Amazon Q Business application.", + "title": "IdentityType", + "type": "string" + }, + "PersonalizationConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::Application.PersonalizationConfiguration", + "markdownDescription": "Configuration information about chat response personalization. For more information, see [Personalizing chat responses](https://docs.aws.amazon.com/amazonq/latest/qbusiness-ug/personalizing-chat-responses.html) .", + "title": "PersonalizationConfiguration" + }, + "QAppsConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::Application.QAppsConfiguration", + "markdownDescription": "Configuration information about Amazon Q Apps.", + "title": "QAppsConfiguration" + }, + "QuickSightConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::Application.QuickSightConfiguration", + "markdownDescription": "The Amazon QuickSight configuration for an Amazon Q Business application that uses QuickSight as the identity provider.", + "title": "QuickSightConfiguration" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role with permissions to access your Amazon CloudWatch logs and metrics. If this property is not specified, Amazon Q Business will create a [service linked role (SLR)](https://docs.aws.amazon.com/amazonq/latest/qbusiness-ug/using-service-linked-roles.html#slr-permissions) and use it as the application's role.", + "title": "RoleArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs that identify or categorize your Amazon Q Business application. You can also use tags to help control access to the application. Tag keys and values can consist of Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "DisplayName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QBusiness::Application" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::QBusiness::Application.AttachmentsConfiguration": { + "additionalProperties": false, + "properties": { + "AttachmentsControlMode": { + "markdownDescription": "Status information about whether file upload functionality is activated or deactivated for your end user.", + "title": "AttachmentsControlMode", + "type": "string" + } + }, + "required": [ + "AttachmentsControlMode" + ], + "type": "object" + }, + "AWS::QBusiness::Application.AutoSubscriptionConfiguration": { + "additionalProperties": false, + "properties": { + "AutoSubscribe": { + "markdownDescription": "Describes whether automatic subscriptions are enabled for an Amazon Q Business application using IAM identity federation for user management.", + "title": "AutoSubscribe", + "type": "string" + }, + "DefaultSubscriptionType": { + "markdownDescription": "Describes the default subscription type assigned to an Amazon Q Business application using IAM identity federation for user management. If the value for `autoSubscribe` is set to `ENABLED` you must select a value for this field.", + "title": "DefaultSubscriptionType", + "type": "string" + } + }, + "required": [ + "AutoSubscribe" + ], + "type": "object" + }, + "AWS::QBusiness::Application.EncryptionConfiguration": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "markdownDescription": "The identifier of the AWS KMS key. Amazon Q Business doesn't support asymmetric keys.", + "title": "KmsKeyId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QBusiness::Application.PersonalizationConfiguration": { + "additionalProperties": false, + "properties": { + "PersonalizationControlMode": { + "markdownDescription": "An option to allow Amazon Q Business to customize chat responses using user specific metadata\u2014specifically, location and job information\u2014in your IAM Identity Center instance.", + "title": "PersonalizationControlMode", + "type": "string" + } + }, + "required": [ + "PersonalizationControlMode" + ], + "type": "object" + }, + "AWS::QBusiness::Application.QAppsConfiguration": { + "additionalProperties": false, + "properties": { + "QAppsControlMode": { + "markdownDescription": "Status information about whether end users can create and use Amazon Q Apps in the web experience.", + "title": "QAppsControlMode", + "type": "string" + } + }, + "required": [ + "QAppsControlMode" + ], + "type": "object" + }, + "AWS::QBusiness::Application.QuickSightConfiguration": { + "additionalProperties": false, + "properties": { + "ClientNamespace": { + "markdownDescription": "The Amazon QuickSight namespace that is used as the identity provider. For more information about QuickSight namespaces, see [Namespace operations](https://docs.aws.amazon.com/quicksight/latest/developerguide/namespace-operations.html) .", + "title": "ClientNamespace", + "type": "string" + } + }, + "required": [ + "ClientNamespace" + ], + "type": "object" + }, + "AWS::QBusiness::DataAccessor": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ActionConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.ActionConfiguration" + }, + "markdownDescription": "A list of action configurations specifying the allowed actions and any associated filters.", + "title": "ActionConfigurations", + "type": "array" + }, + "ApplicationId": { + "markdownDescription": "The unique identifier of the Amazon Q Business application.", + "title": "ApplicationId", + "type": "string" + }, + "AuthenticationDetail": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.DataAccessorAuthenticationDetail", + "markdownDescription": "The authentication configuration details for the data accessor. This specifies how the ISV authenticates when accessing data through this data accessor.", + "title": "AuthenticationDetail" + }, + "DisplayName": { + "markdownDescription": "The friendly name of the data accessor.", + "title": "DisplayName", + "type": "string" + }, + "Principal": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role for the ISV associated with this data accessor.", + "title": "Principal", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to associate with the data accessor.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "ActionConfigurations", + "ApplicationId", + "DisplayName", + "Principal" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QBusiness::DataAccessor" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::QBusiness::DataAccessor.ActionConfiguration": { + "additionalProperties": false, + "properties": { + "Action": { + "markdownDescription": "The Amazon Q Business action that is allowed.", + "title": "Action", + "type": "string" + }, + "FilterConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.ActionFilterConfiguration", + "markdownDescription": "The filter configuration for the action, if any.", + "title": "FilterConfiguration" + } + }, + "required": [ + "Action" + ], + "type": "object" + }, + "AWS::QBusiness::DataAccessor.ActionFilterConfiguration": { + "additionalProperties": false, + "properties": { + "DocumentAttributeFilter": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.AttributeFilter", + "markdownDescription": "Enables filtering of responses based on document attributes or metadata fields.", + "title": "DocumentAttributeFilter" + } + }, + "required": [ + "DocumentAttributeFilter" + ], + "type": "object" + }, + "AWS::QBusiness::DataAccessor.AttributeFilter": { + "additionalProperties": false, + "properties": { + "AndAllFilters": { + "items": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.AttributeFilter" + }, + "markdownDescription": "Performs a logical `AND` operation on all supplied filters.", + "title": "AndAllFilters", + "type": "array" + }, + "ContainsAll": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.DocumentAttribute", + "markdownDescription": "Returns `true` when a document contains all the specified document attributes or metadata fields. Supported for the following [document attribute value types](https://docs.aws.amazon.com/amazonq/latest/api-reference/API_DocumentAttributeValue.html) : `stringListValue` .", + "title": "ContainsAll" + }, + "ContainsAny": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.DocumentAttribute", + "markdownDescription": "Returns `true` when a document contains any of the specified document attributes or metadata fields. Supported for the following [document attribute value types](https://docs.aws.amazon.com/amazonq/latest/api-reference/API_DocumentAttributeValue.html) : `stringListValue` .", + "title": "ContainsAny" + }, + "EqualsTo": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.DocumentAttribute", + "markdownDescription": "Performs an equals operation on two document attributes or metadata fields. Supported for the following [document attribute value types](https://docs.aws.amazon.com/amazonq/latest/api-reference/API_DocumentAttributeValue.html) : `dateValue` , `longValue` , `stringListValue` and `stringValue` .", + "title": "EqualsTo" + }, + "GreaterThan": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.DocumentAttribute", + "markdownDescription": "Performs a greater than operation on two document attributes or metadata fields. Supported for the following [document attribute value types](https://docs.aws.amazon.com/amazonq/latest/api-reference/API_DocumentAttributeValue.html) : `dateValue` and `longValue` .", + "title": "GreaterThan" + }, + "GreaterThanOrEquals": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.DocumentAttribute", + "markdownDescription": "Performs a greater or equals than operation on two document attributes or metadata fields. Supported for the following [document attribute value types](https://docs.aws.amazon.com/amazonq/latest/api-reference/API_DocumentAttributeValue.html) : `dateValue` and `longValue` .", + "title": "GreaterThanOrEquals" + }, + "LessThan": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.DocumentAttribute", + "markdownDescription": "Performs a less than operation on two document attributes or metadata fields. Supported for the following [document attribute value types](https://docs.aws.amazon.com/amazonq/latest/api-reference/API_DocumentAttributeValue.html) : `dateValue` and `longValue` .", + "title": "LessThan" + }, + "LessThanOrEquals": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.DocumentAttribute", + "markdownDescription": "Performs a less than or equals operation on two document attributes or metadata fields.Supported for the following [document attribute value type](https://docs.aws.amazon.com/amazonq/latest/api-reference/API_DocumentAttributeValue.html) : `dateValue` and `longValue` .", + "title": "LessThanOrEquals" + }, + "NotFilter": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.AttributeFilter", + "markdownDescription": "Performs a logical `NOT` operation on all supplied filters.", + "title": "NotFilter" + }, + "OrAllFilters": { + "items": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.AttributeFilter" + }, + "markdownDescription": "Performs a logical `OR` operation on all supplied filters.", + "title": "OrAllFilters", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QBusiness::DataAccessor.DataAccessorAuthenticationConfiguration": { + "additionalProperties": false, + "properties": { + "IdcTrustedTokenIssuerConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.DataAccessorIdcTrustedTokenIssuerConfiguration", + "markdownDescription": "Configuration for IAM Identity Center Trusted Token Issuer (TTI) authentication used when the authentication type is `AWS_IAM_IDC_TTI` .", + "title": "IdcTrustedTokenIssuerConfiguration" + } + }, + "required": [ + "IdcTrustedTokenIssuerConfiguration" + ], + "type": "object" + }, + "AWS::QBusiness::DataAccessor.DataAccessorAuthenticationDetail": { + "additionalProperties": false, + "properties": { + "AuthenticationConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.DataAccessorAuthenticationConfiguration", + "markdownDescription": "The specific authentication configuration based on the authentication type.", + "title": "AuthenticationConfiguration" + }, + "AuthenticationType": { + "markdownDescription": "The type of authentication to use for the data accessor. This determines how the ISV authenticates when accessing data. You can use one of two authentication types:\n\n- `AWS_IAM_IDC_TTI` - Authentication using IAM Identity Center Trusted Token Issuer (TTI). This authentication type allows the ISV to use a trusted token issuer to generate tokens for accessing the data.\n- `AWS_IAM_IDC_AUTH_CODE` - Authentication using IAM Identity Center authorization code flow. This authentication type uses the standard OAuth 2.0 authorization code flow for authentication.", + "title": "AuthenticationType", + "type": "string" + }, + "ExternalIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of external identifiers associated with this authentication configuration. These are used to correlate the data accessor with external systems.", + "title": "ExternalIds", + "type": "array" + } + }, + "required": [ + "AuthenticationType" + ], + "type": "object" + }, + "AWS::QBusiness::DataAccessor.DataAccessorIdcTrustedTokenIssuerConfiguration": { + "additionalProperties": false, + "properties": { + "IdcTrustedTokenIssuerArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM Identity Center Trusted Token Issuer that will be used for authentication.", + "title": "IdcTrustedTokenIssuerArn", + "type": "string" + } + }, + "required": [ + "IdcTrustedTokenIssuerArn" + ], + "type": "object" + }, + "AWS::QBusiness::DataAccessor.DocumentAttribute": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The identifier for the attribute.", + "title": "Name", + "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.DocumentAttributeValue", + "markdownDescription": "The value of the attribute.", + "title": "Value" + } + }, + "required": [ + "Name", + "Value" + ], + "type": "object" + }, + "AWS::QBusiness::DataAccessor.DocumentAttributeValue": { + "additionalProperties": false, + "properties": { + "DateValue": { + "markdownDescription": "A date expressed as an ISO 8601 string.\n\nIt's important for the time zone to be included in the ISO 8601 date-time format. For example, 2012-03-25T12:30:10+01:00 is the ISO 8601 date-time format for March 25th 2012 at 12:30PM (plus 10 seconds) in Central European Time.", + "title": "DateValue", + "type": "string" + }, + "LongValue": { + "markdownDescription": "A long integer value.", + "title": "LongValue", + "type": "number" + }, + "StringListValue": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of strings.", + "title": "StringListValue", + "type": "array" + }, + "StringValue": { + "markdownDescription": "A string.", + "title": "StringValue", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QBusiness::DataSource": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The identifier of the Amazon Q Business application the data source will be attached to.", + "title": "ApplicationId", + "type": "string" + }, + "Configuration": { + "markdownDescription": "Use this property to specify a JSON or YAML schema with configuration properties specific to your data source connector to connect your data source repository to Amazon Q Business . You must use the JSON or YAML schema provided by Amazon Q .\n\nThe following links have the configuration properties and schemas for AWS CloudFormation for the following connectors:\n\n- [Amazon Simple Storage Service](https://docs.aws.amazon.com/amazonq/latest/qbusiness-ug/s3-cfn.html)\n- [Amazon Q Web Crawler](https://docs.aws.amazon.com/amazonq/latest/qbusiness-ug/web-crawler-cfn.html)\n\nSimilarly, you can find configuration templates and properties for your specific data source using the following steps:\n\n- Navigate to the [Supported connectors](https://docs.aws.amazon.com/amazonq/latest/business-use-dg/connectors-list.html) page in the Amazon Q Business User Guide, and select the data source connector of your choice.\n- Then, from that specific data source connector's page, choose the topic containing *Using AWS CloudFormation* to find the schemas for your data source connector, including configuration parameter descriptions and examples.", + "title": "Configuration", + "type": "object" + }, + "Description": { + "markdownDescription": "A description for the data source connector.", + "title": "Description", + "type": "string" + }, + "DisplayName": { + "markdownDescription": "The name of the Amazon Q Business data source.", + "title": "DisplayName", + "type": "string" + }, + "DocumentEnrichmentConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.DocumentEnrichmentConfiguration", + "markdownDescription": "Provides the configuration information for altering document metadata and content during the document ingestion process.\n\nFor more information, see [Custom document enrichment](https://docs.aws.amazon.com/amazonq/latest/business-use-dg/custom-document-enrichment.html) .", + "title": "DocumentEnrichmentConfiguration" + }, + "IndexId": { + "markdownDescription": "The identifier of the index the data source is attached to.", + "title": "IndexId", + "type": "string" + }, + "MediaExtractionConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.MediaExtractionConfiguration", + "markdownDescription": "The configuration for extracting information from media in documents.", + "title": "MediaExtractionConfiguration" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role with permission to access the data source and required resources.", + "title": "RoleArn", + "type": "string" + }, + "SyncSchedule": { + "markdownDescription": "Sets the frequency for Amazon Q Business to check the documents in your data source repository and update your index. If you don't set a schedule, Amazon Q Business won't periodically update the index.\n\nSpecify a `cron-` format schedule string or an empty string to indicate that the index is updated on demand. You can't specify the `Schedule` parameter when the `Type` parameter is set to `CUSTOM` . If you do, you receive a `ValidationException` exception.", + "title": "SyncSchedule", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs that identify or categorize the data source connector. You can also use tags to help control access to the data source connector. Tag keys and values can consist of Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @.", + "title": "Tags", + "type": "array" + }, + "VpcConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.DataSourceVpcConfiguration", + "markdownDescription": "Configuration information for an Amazon VPC (Virtual Private Cloud) to connect to your data source. For more information, see [Using Amazon VPC with Amazon Q Business connectors](https://docs.aws.amazon.com/amazonq/latest/business-use-dg/connector-vpc.html) .", + "title": "VpcConfiguration" + } + }, + "required": [ + "ApplicationId", + "Configuration", + "DisplayName", + "IndexId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QBusiness::DataSource" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::QBusiness::DataSource.AudioExtractionConfiguration": { + "additionalProperties": false, + "properties": { + "AudioExtractionStatus": { + "markdownDescription": "The status of audio extraction (ENABLED or DISABLED) for processing audio content from files.", + "title": "AudioExtractionStatus", + "type": "string" + } + }, + "required": [ + "AudioExtractionStatus" + ], + "type": "object" + }, + "AWS::QBusiness::DataSource.DataSourceVpcConfiguration": { + "additionalProperties": false, + "properties": { + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of identifiers of security groups within your Amazon VPC. The security groups should enable Amazon Q Business to connect to the data source.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of identifiers for subnets within your Amazon VPC. The subnets should be able to connect to each other in the VPC, and they should have outgoing access to the Internet through a NAT device.", + "title": "SubnetIds", + "type": "array" + } + }, + "required": [ + "SecurityGroupIds", + "SubnetIds" + ], + "type": "object" + }, + "AWS::QBusiness::DataSource.DocumentAttributeCondition": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The identifier of the document attribute used for the condition.\n\nFor example, 'Source_URI' could be an identifier for the attribute or metadata field that contains source URIs associated with the documents.\n\nAmazon Q Business currently doesn't support `_document_body` as an attribute key used for the condition.", + "title": "Key", + "type": "string" + }, + "Operator": { + "markdownDescription": "The identifier of the document attribute used for the condition.\n\nFor example, 'Source_URI' could be an identifier for the attribute or metadata field that contains source URIs associated with the documents.\n\nAmazon Q Business currently does not support `_document_body` as an attribute key used for the condition.", + "title": "Operator", + "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.DocumentAttributeValue", + "markdownDescription": "The value of a document attribute. You can only provide one value for a document attribute.", + "title": "Value" + } + }, + "required": [ + "Key", + "Operator" + ], + "type": "object" + }, + "AWS::QBusiness::DataSource.DocumentAttributeTarget": { + "additionalProperties": false, + "properties": { + "AttributeValueOperator": { + "markdownDescription": "`TRUE` to delete the existing target value for your specified target attribute key. You cannot create a target value and set this to `TRUE` .", + "title": "AttributeValueOperator", + "type": "string" + }, + "Key": { + "markdownDescription": "The identifier of the target document attribute or metadata field. For example, 'Department' could be an identifier for the target attribute or metadata field that includes the department names associated with the documents.", + "title": "Key", + "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.DocumentAttributeValue", + "markdownDescription": "The value of a document attribute. You can only provide one value for a document attribute.", + "title": "Value" + } + }, + "required": [ + "Key" + ], + "type": "object" + }, + "AWS::QBusiness::DataSource.DocumentAttributeValue": { + "additionalProperties": false, + "properties": { + "DateValue": { + "markdownDescription": "A date expressed as an ISO 8601 string.\n\nIt's important for the time zone to be included in the ISO 8601 date-time format. For example, 2012-03-25T12:30:10+01:00 is the ISO 8601 date-time format for March 25th 2012 at 12:30PM (plus 10 seconds) in Central European Time.", + "title": "DateValue", + "type": "string" + }, + "LongValue": { + "markdownDescription": "A long integer value.", + "title": "LongValue", + "type": "number" + }, + "StringListValue": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of strings.", + "title": "StringListValue", + "type": "array" + }, + "StringValue": { + "markdownDescription": "A string.", + "title": "StringValue", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QBusiness::DataSource.DocumentEnrichmentConfiguration": { + "additionalProperties": false, + "properties": { + "InlineConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.InlineDocumentEnrichmentConfiguration" + }, + "markdownDescription": "Configuration information to alter document attributes or metadata fields and content when ingesting documents into Amazon Q Business.", + "title": "InlineConfigurations", + "type": "array" + }, + "PostExtractionHookConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.HookConfiguration", + "markdownDescription": "Configuration information for invoking a Lambda function in AWS Lambda on the structured documents with their metadata and text extracted. You can use a Lambda function to apply advanced logic for creating, modifying, or deleting document metadata and content. For more information, see [Using Lambda functions](https://docs.aws.amazon.com/amazonq/latest/business-use-dg/cde-lambda-operations.html) .", + "title": "PostExtractionHookConfiguration" + }, + "PreExtractionHookConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.HookConfiguration", + "markdownDescription": "Configuration information for invoking a Lambda function in AWS Lambda on the original or raw documents before extracting their metadata and text. You can use a Lambda function to apply advanced logic for creating, modifying, or deleting document metadata and content. For more information, see [Using Lambda functions](https://docs.aws.amazon.com/amazonq/latest/business-use-dg/cde-lambda-operations.html) .", + "title": "PreExtractionHookConfiguration" + } + }, + "type": "object" + }, + "AWS::QBusiness::DataSource.HookConfiguration": { + "additionalProperties": false, + "properties": { + "InvocationCondition": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.DocumentAttributeCondition", + "markdownDescription": "The condition used for when a Lambda function should be invoked.\n\nFor example, you can specify a condition that if there are empty date-time values, then Amazon Q Business should invoke a function that inserts the current date-time.", + "title": "InvocationCondition" + }, + "LambdaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function during ingestion. For more information, see [Using Lambda functions for Amazon Q Business document enrichment](https://docs.aws.amazon.com/amazonq/latest/qbusiness-ug/cde-lambda-operations.html) .", + "title": "LambdaArn", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of a role with permission to run `PreExtractionHookConfiguration` and `PostExtractionHookConfiguration` for altering document metadata and content during the document ingestion process.", + "title": "RoleArn", + "type": "string" + }, + "S3BucketName": { + "markdownDescription": "Stores the original, raw documents or the structured, parsed documents before and after altering them. For more information, see [Data contracts for Lambda functions](https://docs.aws.amazon.com/amazonq/latest/business-use-dg/cde-lambda-operations.html#cde-lambda-operations-data-contracts) .", + "title": "S3BucketName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QBusiness::DataSource.ImageExtractionConfiguration": { + "additionalProperties": false, + "properties": { + "ImageExtractionStatus": { + "markdownDescription": "Specify whether to extract semantic meaning from images and visuals from documents.", + "title": "ImageExtractionStatus", + "type": "string" + } + }, + "required": [ + "ImageExtractionStatus" + ], + "type": "object" + }, + "AWS::QBusiness::DataSource.InlineDocumentEnrichmentConfiguration": { + "additionalProperties": false, + "properties": { + "Condition": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.DocumentAttributeCondition", + "markdownDescription": "Configuration of the condition used for the target document attribute or metadata field when ingesting documents into Amazon Q Business .", + "title": "Condition" + }, + "DocumentContentOperator": { + "markdownDescription": "`TRUE` to delete content if the condition used for the target attribute is met.", + "title": "DocumentContentOperator", + "type": "string" + }, + "Target": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.DocumentAttributeTarget", + "markdownDescription": "Configuration of the target document attribute or metadata field when ingesting documents into Amazon Q Business . You can also include a value.", + "title": "Target" + } + }, + "type": "object" + }, + "AWS::QBusiness::DataSource.MediaExtractionConfiguration": { + "additionalProperties": false, + "properties": { + "AudioExtractionConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.AudioExtractionConfiguration", + "markdownDescription": "Configuration settings for extracting and processing audio content from media files.", + "title": "AudioExtractionConfiguration" + }, + "ImageExtractionConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.ImageExtractionConfiguration", + "markdownDescription": "The configuration for extracting semantic meaning from images in documents. For more information, see [Extracting semantic meaning from images and visuals](https://docs.aws.amazon.com/amazonq/latest/qbusiness-ug/extracting-meaning-from-images.html) .", + "title": "ImageExtractionConfiguration" + }, + "VideoExtractionConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.VideoExtractionConfiguration", + "markdownDescription": "Configuration settings for extracting and processing video content from media files.", + "title": "VideoExtractionConfiguration" + } + }, + "type": "object" + }, + "AWS::QBusiness::DataSource.VideoExtractionConfiguration": { + "additionalProperties": false, + "properties": { + "VideoExtractionStatus": { + "markdownDescription": "The status of video extraction (ENABLED or DISABLED) for processing video content from files.", + "title": "VideoExtractionStatus", + "type": "string" + } + }, + "required": [ + "VideoExtractionStatus" + ], + "type": "object" + }, + "AWS::QBusiness::Index": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The identifier of the Amazon Q Business application using the index.", + "title": "ApplicationId", + "type": "string" + }, + "CapacityConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::Index.IndexCapacityConfiguration", + "markdownDescription": "The capacity units you want to provision for your index. You can add and remove capacity to fit your usage needs.", + "title": "CapacityConfiguration" + }, + "Description": { + "markdownDescription": "A description for the Amazon Q Business index.", + "title": "Description", + "type": "string" + }, + "DisplayName": { + "markdownDescription": "The name of the index.", + "title": "DisplayName", + "type": "string" + }, + "DocumentAttributeConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QBusiness::Index.DocumentAttributeConfiguration" + }, + "markdownDescription": "Configuration information for document attributes. Document attributes are metadata or fields associated with your documents. For example, the company department name associated with each document.\n\nFor more information, see [Understanding document attributes](https://docs.aws.amazon.com/amazonq/latest/business-use-dg/doc-attributes.html) .", + "title": "DocumentAttributeConfigurations", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs that identify or categorize the index. You can also use tags to help control access to the index. Tag keys and values can consist of Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @.", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "The index type that's suitable for your needs. For more information on what's included in each type of index, see [Amazon Q Business tiers](https://docs.aws.amazon.com/amazonq/latest/qbusiness-ug/tiers.html#index-tiers) .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "ApplicationId", + "DisplayName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QBusiness::Index" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::QBusiness::Index.DocumentAttributeConfiguration": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the document attribute.", + "title": "Name", + "type": "string" + }, + "Search": { + "markdownDescription": "Information about whether the document attribute can be used by an end user to search for information on their web experience.", + "title": "Search", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of document attribute.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QBusiness::Index.IndexCapacityConfiguration": { + "additionalProperties": false, + "properties": { + "Units": { + "markdownDescription": "The number of storage units configured for an Amazon Q Business index.", + "title": "Units", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QBusiness::Index.IndexStatistics": { + "additionalProperties": false, + "properties": { + "TextDocumentStatistics": { + "$ref": "#/definitions/AWS::QBusiness::Index.TextDocumentStatistics", + "markdownDescription": "The number of documents indexed.", + "title": "TextDocumentStatistics" + } + }, + "type": "object" + }, + "AWS::QBusiness::Index.TextDocumentStatistics": { + "additionalProperties": false, + "properties": { + "IndexedTextBytes": { + "markdownDescription": "The total size, in bytes, of the indexed documents.", + "title": "IndexedTextBytes", + "type": "number" + }, + "IndexedTextDocumentCount": { + "markdownDescription": "The number of text documents indexed.", + "title": "IndexedTextDocumentCount", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QBusiness::Permission": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of Amazon Q Business actions that the ISV is allowed to perform.", + "title": "Actions", + "type": "array" + }, + "ApplicationId": { + "markdownDescription": "The unique identifier of the Amazon Q Business application.", + "title": "ApplicationId", + "type": "string" + }, + "Conditions": { + "items": { + "$ref": "#/definitions/AWS::QBusiness::Permission.Condition" + }, + "markdownDescription": "", + "title": "Conditions", + "type": "array" + }, + "Principal": { + "markdownDescription": "Provides user and group information used for filtering documents to use for generating Amazon Q Business conversation responses.", + "title": "Principal", + "type": "string" + }, + "StatementId": { + "markdownDescription": "A unique identifier for the policy statement.", + "title": "StatementId", + "type": "string" + } + }, + "required": [ + "Actions", + "ApplicationId", + "Principal", + "StatementId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QBusiness::Permission" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::QBusiness::Permission.Condition": { + "additionalProperties": false, + "properties": { + "ConditionKey": { + "markdownDescription": "", + "title": "ConditionKey", + "type": "string" + }, + "ConditionOperator": { + "markdownDescription": "", + "title": "ConditionOperator", + "type": "string" + }, + "ConditionValues": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "ConditionValues", + "type": "array" + } + }, + "required": [ + "ConditionKey", + "ConditionOperator", + "ConditionValues" + ], + "type": "object" + }, + "AWS::QBusiness::Plugin": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The identifier of the application that will contain the plugin.", + "title": "ApplicationId", + "type": "string" + }, + "AuthConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::Plugin.PluginAuthConfiguration", + "markdownDescription": "Authentication configuration information for an Amazon Q Business plugin.", + "title": "AuthConfiguration" + }, + "CustomPluginConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::Plugin.CustomPluginConfiguration", + "markdownDescription": "Configuration information required to create a custom plugin.", + "title": "CustomPluginConfiguration" + }, + "DisplayName": { + "markdownDescription": "The name of the plugin.", + "title": "DisplayName", + "type": "string" + }, + "ServerUrl": { + "markdownDescription": "The plugin server URL used for configuration.", + "title": "ServerUrl", + "type": "string" + }, + "State": { + "markdownDescription": "The current status of the plugin.", + "title": "State", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs that identify or categorize the data source connector. You can also use tags to help control access to the data source connector. Tag keys and values can consist of Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @.", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of the plugin.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "AuthConfiguration", + "DisplayName", + "Type" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QBusiness::Plugin" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::QBusiness::Plugin.APISchema": { + "additionalProperties": false, + "properties": { + "Payload": { + "markdownDescription": "The JSON or YAML-formatted payload defining the OpenAPI schema for a custom plugin.", + "title": "Payload", + "type": "string" + }, + "S3": { + "$ref": "#/definitions/AWS::QBusiness::Plugin.S3", + "markdownDescription": "Contains details about the S3 object containing the OpenAPI schema for a custom plugin. The schema could be in either JSON or YAML format.", + "title": "S3" + } + }, + "type": "object" + }, + "AWS::QBusiness::Plugin.BasicAuthConfiguration": { + "additionalProperties": false, + "properties": { + "RoleArn": { + "markdownDescription": "The ARN of an IAM role used by Amazon Q Business to access the basic authentication credentials stored in a Secrets Manager secret.", + "title": "RoleArn", + "type": "string" + }, + "SecretArn": { + "markdownDescription": "The ARN of the Secrets Manager secret that stores the basic authentication credentials used for plugin configuration..", + "title": "SecretArn", + "type": "string" + } + }, + "required": [ + "RoleArn", + "SecretArn" + ], + "type": "object" + }, + "AWS::QBusiness::Plugin.CustomPluginConfiguration": { + "additionalProperties": false, + "properties": { + "ApiSchema": { + "$ref": "#/definitions/AWS::QBusiness::Plugin.APISchema", + "markdownDescription": "Contains either details about the S3 object containing the OpenAPI schema for the action group or the JSON or YAML-formatted payload defining the schema.", + "title": "ApiSchema" + }, + "ApiSchemaType": { + "markdownDescription": "The type of OpenAPI schema to use.", + "title": "ApiSchemaType", + "type": "string" + }, + "Description": { + "markdownDescription": "A description for your custom plugin configuration.", + "title": "Description", + "type": "string" + } + }, + "required": [ + "ApiSchema", + "ApiSchemaType", + "Description" + ], + "type": "object" + }, + "AWS::QBusiness::Plugin.OAuth2ClientCredentialConfiguration": { + "additionalProperties": false, + "properties": { + "AuthorizationUrl": { + "markdownDescription": "The redirect URL required by the OAuth 2.0 protocol for Amazon Q Business to authenticate a plugin user through a third party authentication server.", + "title": "AuthorizationUrl", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of an IAM role used by Amazon Q Business to access the OAuth 2.0 authentication credentials stored in a Secrets Manager secret.", + "title": "RoleArn", + "type": "string" + }, + "SecretArn": { + "markdownDescription": "The ARN of the Secrets Manager secret that stores the OAuth 2.0 credentials/token used for plugin configuration.", + "title": "SecretArn", + "type": "string" + }, + "TokenUrl": { + "markdownDescription": "The URL required by the OAuth 2.0 protocol to exchange an end user authorization code for an access token.", + "title": "TokenUrl", + "type": "string" + } + }, + "required": [ + "RoleArn", + "SecretArn" + ], + "type": "object" + }, + "AWS::QBusiness::Plugin.PluginAuthConfiguration": { + "additionalProperties": false, + "properties": { + "BasicAuthConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::Plugin.BasicAuthConfiguration", + "markdownDescription": "Information about the basic authentication credentials used to configure a plugin.", + "title": "BasicAuthConfiguration" + }, + "NoAuthConfiguration": { + "markdownDescription": "Information about invoking a custom plugin without any authentication.", + "title": "NoAuthConfiguration", + "type": "object" + }, + "OAuth2ClientCredentialConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::Plugin.OAuth2ClientCredentialConfiguration", + "markdownDescription": "Information about the OAuth 2.0 authentication credential/token used to configure a plugin.", + "title": "OAuth2ClientCredentialConfiguration" + } + }, + "type": "object" + }, + "AWS::QBusiness::Plugin.S3": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The name of the S3 bucket that contains the file.", + "title": "Bucket", + "type": "string" + }, + "Key": { + "markdownDescription": "The name of the file.", + "title": "Key", + "type": "string" + } + }, + "required": [ + "Bucket", + "Key" + ], + "type": "object" + }, + "AWS::QBusiness::Retriever": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The identifier of the Amazon Q Business application using the retriever.", + "title": "ApplicationId", + "type": "string" + }, + "Configuration": { + "$ref": "#/definitions/AWS::QBusiness::Retriever.RetrieverConfiguration", + "markdownDescription": "Provides information on how the retriever used for your Amazon Q Business application is configured.", + "title": "Configuration" + }, + "DisplayName": { + "markdownDescription": "The name of your retriever.", + "title": "DisplayName", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of an IAM role used by Amazon Q Business to access the basic authentication credentials stored in a Secrets Manager secret.", + "title": "RoleArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs that identify or categorize the retriever. You can also use tags to help control access to the retriever. Tag keys and values can consist of Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @.", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of your retriever.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "ApplicationId", + "Configuration", + "DisplayName", + "Type" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QBusiness::Retriever" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::QBusiness::Retriever.KendraIndexConfiguration": { + "additionalProperties": false, + "properties": { + "IndexId": { + "markdownDescription": "The identifier of the Amazon Kendra index.", + "title": "IndexId", + "type": "string" + } + }, + "required": [ + "IndexId" + ], + "type": "object" + }, + "AWS::QBusiness::Retriever.NativeIndexConfiguration": { + "additionalProperties": false, + "properties": { + "IndexId": { + "markdownDescription": "The identifier for the Amazon Q Business index.", + "title": "IndexId", + "type": "string" + } + }, + "required": [ + "IndexId" + ], + "type": "object" + }, + "AWS::QBusiness::Retriever.RetrieverConfiguration": { + "additionalProperties": false, + "properties": { + "KendraIndexConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::Retriever.KendraIndexConfiguration", + "markdownDescription": "Provides information on how the Amazon Kendra index used as a retriever for your Amazon Q Business application is configured.", + "title": "KendraIndexConfiguration" + }, + "NativeIndexConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::Retriever.NativeIndexConfiguration", + "markdownDescription": "Provides information on how a Amazon Q Business index used as a retriever for your Amazon Q Business application is configured.", + "title": "NativeIndexConfiguration" + } + }, + "type": "object" + }, + "AWS::QBusiness::WebExperience": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The identifier of the Amazon Q Business web experience.", + "title": "ApplicationId", + "type": "string" + }, + "BrowserExtensionConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::WebExperience.BrowserExtensionConfiguration", + "markdownDescription": "The container for browser extension configuration for an Amazon Q Business web experience.", + "title": "BrowserExtensionConfiguration" + }, + "CustomizationConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::WebExperience.CustomizationConfiguration", + "markdownDescription": "Contains the configuration information to customize the logo, font, and color of an Amazon Q Business web experience with individual files for each property or a CSS file for them all.", + "title": "CustomizationConfiguration" + }, + "IdentityProviderConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::WebExperience.IdentityProviderConfiguration", + "markdownDescription": "Provides information about the identity provider (IdP) used to authenticate end users of an Amazon Q Business web experience.", + "title": "IdentityProviderConfiguration" + }, + "Origins": { + "items": { + "type": "string" + }, + "markdownDescription": "Sets the website domain origins that are allowed to embed the Amazon Q Business web experience. The *domain origin* refers to the base URL for accessing a website including the protocol ( `http/https` ), the domain name, and the port number (if specified).\n\n> You must only submit a *base URL* and not a full path. For example, `https://docs.aws.amazon.com` .", + "title": "Origins", + "type": "array" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the service role attached to your web experience.\n\n> You must provide this value if you're using IAM Identity Center to manage end user access to your application. If you're using legacy identity management to manage user access, you don't need to provide this value.", + "title": "RoleArn", + "type": "string" + }, + "SamplePromptsControlMode": { + "markdownDescription": "Determines whether sample prompts are enabled in the web experience for an end user.", + "title": "SamplePromptsControlMode", + "type": "string" + }, + "Subtitle": { + "markdownDescription": "A subtitle to personalize your Amazon Q Business web experience.", + "title": "Subtitle", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs that identify or categorize your Amazon Q Business web experience. You can also use tags to help control access to the web experience. Tag keys and values can consist of Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @.", + "title": "Tags", + "type": "array" + }, + "Title": { + "markdownDescription": "The title for your Amazon Q Business web experience.", + "title": "Title", + "type": "string" + }, + "WelcomeMessage": { + "markdownDescription": "A message in an Amazon Q Business web experience.", + "title": "WelcomeMessage", + "type": "string" + } + }, + "required": [ + "ApplicationId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QBusiness::WebExperience" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::QBusiness::WebExperience.BrowserExtensionConfiguration": { + "additionalProperties": false, + "properties": { + "EnabledBrowserExtensions": { + "items": { + "type": "string" + }, + "markdownDescription": "Specify the browser extensions allowed for your Amazon Q web experience.\n\n- `CHROME` \u2014 Enables the extension for Chromium-based browsers (Google Chrome, Microsoft Edge, Opera, etc.).\n- `FIREFOX` \u2014 Enables the extension for Mozilla Firefox.\n- `CHROME` and `FIREFOX` \u2014 Enable the extension for Chromium-based browsers and Mozilla Firefox.", + "title": "EnabledBrowserExtensions", + "type": "array" + } + }, + "required": [ + "EnabledBrowserExtensions" + ], + "type": "object" + }, + "AWS::QBusiness::WebExperience.CustomizationConfiguration": { + "additionalProperties": false, + "properties": { + "CustomCSSUrl": { + "markdownDescription": "Provides the URL where the custom CSS file is hosted for an Amazon Q web experience.", + "title": "CustomCSSUrl", + "type": "string" + }, + "FaviconUrl": { + "markdownDescription": "Provides the URL where the custom favicon file is hosted for an Amazon Q web experience.", + "title": "FaviconUrl", + "type": "string" + }, + "FontUrl": { + "markdownDescription": "Provides the URL where the custom font file is hosted for an Amazon Q web experience.", + "title": "FontUrl", + "type": "string" + }, + "LogoUrl": { + "markdownDescription": "Provides the URL where the custom logo file is hosted for an Amazon Q web experience.", + "title": "LogoUrl", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QBusiness::WebExperience.IdentityProviderConfiguration": { + "additionalProperties": false, + "properties": { + "OpenIDConnectConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::WebExperience.OpenIDConnectProviderConfiguration", + "markdownDescription": "The OIDC-compliant identity provider (IdP) used to authenticate end users of an Amazon Q Business web experience.", + "title": "OpenIDConnectConfiguration" + }, + "SamlConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::WebExperience.SamlProviderConfiguration", + "markdownDescription": "The SAML 2.0-compliant identity provider (IdP) used to authenticate end users of an Amazon Q Business web experience.", + "title": "SamlConfiguration" + } + }, + "type": "object" + }, + "AWS::QBusiness::WebExperience.OpenIDConnectProviderConfiguration": { + "additionalProperties": false, + "properties": { + "SecretsArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of a Secrets Manager secret containing the OIDC client secret.", + "title": "SecretsArn", + "type": "string" + }, + "SecretsRole": { + "markdownDescription": "An IAM role with permissions to access AWS KMS to decrypt the Secrets Manager secret containing your OIDC client secret.", + "title": "SecretsRole", + "type": "string" + } + }, + "required": [ + "SecretsArn", + "SecretsRole" + ], + "type": "object" + }, + "AWS::QBusiness::WebExperience.SamlProviderConfiguration": { + "additionalProperties": false, + "properties": { + "AuthenticationUrl": { + "markdownDescription": "The URL where Amazon Q Business end users will be redirected for authentication.", + "title": "AuthenticationUrl", + "type": "string" + } + }, + "required": [ + "AuthenticationUrl" + ], + "type": "object" + }, + "AWS::QLDB::Ledger": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DeletionProtection": { + "markdownDescription": "Specifies whether the ledger is protected from being deleted by any user. If not defined during ledger creation, this feature is enabled ( `true` ) by default.\n\nIf deletion protection is enabled, you must first disable it before you can delete the ledger. You can disable it by calling the `UpdateLedger` operation to set this parameter to `false` .", + "title": "DeletionProtection", + "type": "boolean" + }, + "KmsKey": { + "markdownDescription": "The key in AWS Key Management Service ( AWS KMS ) to use for encryption of data at rest in the ledger. For more information, see [Encryption at rest](https://docs.aws.amazon.com/qldb/latest/developerguide/encryption-at-rest.html) in the *Amazon QLDB Developer Guide* .\n\nUse one of the following options to specify this parameter:\n\n- `AWS_OWNED_KMS_KEY` : Use an AWS KMS key that is owned and managed by AWS on your behalf.\n- *Undefined* : By default, use an AWS owned KMS key.\n- *A valid symmetric customer managed KMS key* : Use the specified symmetric encryption KMS key in your account that you create, own, and manage.\n\nAmazon QLDB does not support asymmetric keys. For more information, see [Using symmetric and asymmetric keys](https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html) in the *AWS Key Management Service Developer Guide* .\n\nTo specify a customer managed KMS key, you can use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. When using an alias name, prefix it with `\"alias/\"` . To specify a key in a different AWS account , you must use the key ARN or alias ARN.\n\nFor example:\n\n- Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key ARN: `arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n- Alias name: `alias/ExampleAlias`\n- Alias ARN: `arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias`\n\nFor more information, see [Key identifiers (KeyId)](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id) in the *AWS Key Management Service Developer Guide* .", + "title": "KmsKey", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the ledger that you want to create. The name must be unique among all of the ledgers in your AWS account in the current Region.\n\nNaming constraints for ledger names are defined in [Quotas in Amazon QLDB](https://docs.aws.amazon.com/qldb/latest/developerguide/limits.html#limits.naming) in the *Amazon QLDB Developer Guide* .", + "title": "Name", + "type": "string" + }, + "PermissionsMode": { + "markdownDescription": "The permissions mode to assign to the ledger that you want to create. This parameter can have one of the following values:\n\n- `ALLOW_ALL` : A legacy permissions mode that enables access control with API-level granularity for ledgers.\n\nThis mode allows users who have the `SendCommand` API permission for this ledger to run all PartiQL commands (hence, `ALLOW_ALL` ) on any tables in the specified ledger. This mode disregards any table-level or command-level IAM permissions policies that you create for the ledger.\n- `STANDARD` : ( *Recommended* ) A permissions mode that enables access control with finer granularity for ledgers, tables, and PartiQL commands.\n\nBy default, this mode denies all user requests to run any PartiQL commands on any tables in this ledger. To allow PartiQL commands to run, you must create IAM permissions policies for specific table resources and PartiQL actions, in addition to the `SendCommand` API permission for the ledger. For information, see [Getting started with the standard permissions mode](https://docs.aws.amazon.com/qldb/latest/developerguide/getting-started-standard-mode.html) in the *Amazon QLDB Developer Guide* .\n\n> We strongly recommend using the `STANDARD` permissions mode to maximize the security of your ledger data.", + "title": "PermissionsMode", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "PermissionsMode" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QLDB::Ledger" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::QLDB::Stream": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ExclusiveEndTime": { + "markdownDescription": "The exclusive date and time that specifies when the stream ends. If you don't define this parameter, the stream runs indefinitely until you cancel it.\n\nThe `ExclusiveEndTime` must be in `ISO 8601` date and time format and in Universal Coordinated Time (UTC). For example: `2019-06-13T21:36:34Z` .", + "title": "ExclusiveEndTime", + "type": "string" + }, + "InclusiveStartTime": { + "markdownDescription": "The inclusive start date and time from which to start streaming journal data. This parameter must be in `ISO 8601` date and time format and in Universal Coordinated Time (UTC). For example: `2019-06-13T21:36:34Z` .\n\nThe `InclusiveStartTime` cannot be in the future and must be before `ExclusiveEndTime` .\n\nIf you provide an `InclusiveStartTime` that is before the ledger's `CreationDateTime` , QLDB effectively defaults it to the ledger's `CreationDateTime` .", + "title": "InclusiveStartTime", + "type": "string" + }, + "KinesisConfiguration": { + "$ref": "#/definitions/AWS::QLDB::Stream.KinesisConfiguration", + "markdownDescription": "The configuration settings of the Kinesis Data Streams destination for your stream request.", + "title": "KinesisConfiguration" + }, + "LedgerName": { + "markdownDescription": "The name of the ledger.", + "title": "LedgerName", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that grants QLDB permissions for a journal stream to write data records to a Kinesis Data Streams resource.\n\nTo pass a role to QLDB when requesting a journal stream, you must have permissions to perform the `iam:PassRole` action on the IAM role resource. This is required for all journal stream requests.", + "title": "RoleArn", + "type": "string" + }, + "StreamName": { + "markdownDescription": "The name that you want to assign to the QLDB journal stream. User-defined names can help identify and indicate the purpose of a stream.\n\nYour stream name must be unique among other *active* streams for a given ledger. Stream names have the same naming constraints as ledger names, as defined in [Quotas in Amazon QLDB](https://docs.aws.amazon.com/qldb/latest/developerguide/limits.html#limits.naming) in the *Amazon QLDB Developer Guide* .", + "title": "StreamName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "InclusiveStartTime", + "KinesisConfiguration", + "LedgerName", + "RoleArn", + "StreamName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QLDB::Stream" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::QLDB::Stream.KinesisConfiguration": { + "additionalProperties": false, + "properties": { + "AggregationEnabled": { + "markdownDescription": "Enables QLDB to publish multiple data records in a single Kinesis Data Streams record, increasing the number of records sent per API call.\n\nDefault: `True`\n\n> Record aggregation has important implications for processing records and requires de-aggregation in your stream consumer. To learn more, see [KPL Key Concepts](https://docs.aws.amazon.com/streams/latest/dev/kinesis-kpl-concepts.html) and [Consumer De-aggregation](https://docs.aws.amazon.com/streams/latest/dev/kinesis-kpl-consumer-deaggregation.html) in the *Amazon Kinesis Data Streams Developer Guide* .", + "title": "AggregationEnabled", + "type": "boolean" + }, + "StreamArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Kinesis Data Streams resource.", + "title": "StreamArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AnalysisId": { + "markdownDescription": "The ID for the analysis that you're creating. This ID displays in the URL of the analysis.", + "title": "AnalysisId", + "type": "string" + }, + "AwsAccountId": { + "markdownDescription": "The ID of the AWS account where you are creating an analysis.", + "title": "AwsAccountId", + "type": "string" + }, + "Definition": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AnalysisDefinition", + "markdownDescription": "", + "title": "Definition" + }, + "Errors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AnalysisError" + }, + "markdownDescription": "Errors associated with the analysis.", + "title": "Errors", + "type": "array" + }, + "FolderArns": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "FolderArns", + "type": "array" + }, + "Name": { + "markdownDescription": "A descriptive name for the analysis that you're creating. This name displays for the analysis in the Amazon QuickSight console.", + "title": "Name", + "type": "string" + }, + "Parameters": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.Parameters", + "markdownDescription": "The parameter names and override values that you want to use. An analysis can have any parameter type, and some parameters might accept multiple values.", + "title": "Parameters" + }, + "Permissions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ResourcePermission" + }, + "markdownDescription": "A structure that describes the principals and the resource-level permissions on an analysis. You can use the `Permissions` structure to grant permissions by providing a list of AWS Identity and Access Management (IAM) action information for each principal listed by Amazon Resource Name (ARN).\n\nTo specify no permissions, omit `Permissions` .", + "title": "Permissions", + "type": "array" + }, + "Sheets": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.Sheet" + }, + "markdownDescription": "A list of the associated sheets with the unique identifier and name of each sheet.", + "title": "Sheets", + "type": "array" + }, + "SourceEntity": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AnalysisSourceEntity", + "markdownDescription": "A source entity to use for the analysis that you're creating. This metadata structure contains details that describe a source template and one or more datasets.\n\nEither a `SourceEntity` or a `Definition` must be provided in order for the request to be valid.", + "title": "SourceEntity" + }, + "Status": { + "markdownDescription": "Status associated with the analysis.", + "title": "Status", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Contains a map of the key-value pairs for the resource tag or tags assigned to the analysis.", + "title": "Tags", + "type": "array" + }, + "ThemeArn": { + "markdownDescription": "The ARN for the theme to apply to the analysis that you're creating. To see the theme in the Amazon QuickSight console, make sure that you have access to it.", + "title": "ThemeArn", + "type": "string" + }, + "ValidationStrategy": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ValidationStrategy", + "markdownDescription": "The option to relax the validation that is required to create and update analyses, dashboards, and templates with definition objects. When you set this value to `LENIENT` , validation is skipped for specific errors.", + "title": "ValidationStrategy" + } + }, + "required": [ + "AnalysisId", + "AwsAccountId", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QuickSight::Analysis" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.AggregationFunction": { + "additionalProperties": false, + "properties": { + "AttributeAggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AttributeAggregationFunction", + "markdownDescription": "Aggregation for attributes.", + "title": "AttributeAggregationFunction" + }, + "CategoricalAggregationFunction": { + "markdownDescription": "Aggregation for categorical values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values.", + "title": "CategoricalAggregationFunction", + "type": "string" + }, + "DateAggregationFunction": { + "markdownDescription": "Aggregation for date values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values.\n- `MIN` : Select the smallest date value.\n- `MAX` : Select the largest date value.", + "title": "DateAggregationFunction", + "type": "string" + }, + "NumericalAggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericalAggregationFunction", + "markdownDescription": "Aggregation for numerical values.", + "title": "NumericalAggregationFunction" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.AggregationSortConfiguration": { + "additionalProperties": false, + "properties": { + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationFunction", + "markdownDescription": "The function that aggregates the values in `Column` .", + "title": "AggregationFunction" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that determines the sort order of aggregated values.", + "title": "Column" + }, + "SortDirection": { + "markdownDescription": "The sort direction of values.\n\n- `ASC` : Sort in ascending order.\n- `DESC` : Sort in descending order.", + "title": "SortDirection", + "type": "string" + } + }, + "required": [ + "Column", + "SortDirection" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.AnalysisDefaults": { + "additionalProperties": false, + "properties": { + "DefaultNewSheetConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultNewSheetConfiguration", + "markdownDescription": "The configuration for default new sheet settings.", + "title": "DefaultNewSheetConfiguration" + } + }, + "required": [ + "DefaultNewSheetConfiguration" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.AnalysisDefinition": { + "additionalProperties": false, + "properties": { + "AnalysisDefaults": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AnalysisDefaults", + "markdownDescription": "", + "title": "AnalysisDefaults" + }, + "CalculatedFields": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CalculatedField" + }, + "markdownDescription": "An array of calculated field definitions for the analysis.", + "title": "CalculatedFields", + "type": "array" + }, + "ColumnConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnConfiguration" + }, + "markdownDescription": "An array of analysis-level column configurations. Column configurations can be used to set default formatting for a column to be used throughout an analysis.", + "title": "ColumnConfigurations", + "type": "array" + }, + "DataSetIdentifierDeclarations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataSetIdentifierDeclaration" + }, + "markdownDescription": "An array of dataset identifier declarations. This mapping allows the usage of dataset identifiers instead of dataset ARNs throughout analysis sub-structures.", + "title": "DataSetIdentifierDeclarations", + "type": "array" + }, + "FilterGroups": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterGroup" + }, + "markdownDescription": "Filter definitions for an analysis.\n\nFor more information, see [Filtering Data in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/adding-a-filter.html) in the *Amazon QuickSight User Guide* .", + "title": "FilterGroups", + "type": "array" + }, + "Options": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AssetOptions", + "markdownDescription": "An array of option definitions for an analysis.", + "title": "Options" + }, + "ParameterDeclarations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterDeclaration" + }, + "markdownDescription": "An array of parameter declarations for an analysis.\n\nParameters are named variables that can transfer a value for use by an action or an object.\n\nFor more information, see [Parameters in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-in-quicksight.html) in the *Amazon QuickSight User Guide* .", + "title": "ParameterDeclarations", + "type": "array" + }, + "QueryExecutionOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.QueryExecutionOptions", + "markdownDescription": "", + "title": "QueryExecutionOptions" + }, + "Sheets": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetDefinition" + }, + "markdownDescription": "An array of sheet definitions for an analysis. Each `SheetDefinition` provides detailed information about a sheet within this analysis.", + "title": "Sheets", + "type": "array" + }, + "StaticFiles": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.StaticFile" + }, + "markdownDescription": "The static files for the definition.", + "title": "StaticFiles", + "type": "array" + } + }, + "required": [ + "DataSetIdentifierDeclarations" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.AnalysisError": { + "additionalProperties": false, + "properties": { + "Message": { + "markdownDescription": "The message associated with the analysis error.", + "title": "Message", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the analysis error.", + "title": "Type", + "type": "string" + }, + "ViolatedEntities": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.Entity" + }, + "markdownDescription": "Lists the violated entities that caused the analysis error", + "title": "ViolatedEntities", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.AnalysisSourceEntity": { + "additionalProperties": false, + "properties": { + "SourceTemplate": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AnalysisSourceTemplate", + "markdownDescription": "The source template for the source entity of the analysis.", + "title": "SourceTemplate" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.AnalysisSourceTemplate": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the source template of an analysis.", + "title": "Arn", + "type": "string" + }, + "DataSetReferences": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataSetReference" + }, + "markdownDescription": "The dataset references of the source template of an analysis.", + "title": "DataSetReferences", + "type": "array" + } + }, + "required": [ + "Arn", + "DataSetReferences" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.AnchorDateConfiguration": { + "additionalProperties": false, + "properties": { + "AnchorOption": { + "markdownDescription": "The options for the date configuration. Choose one of the options below:\n\n- `NOW`", + "title": "AnchorOption", + "type": "string" + }, + "ParameterName": { + "markdownDescription": "The name of the parameter that is used for the anchor date configuration.", + "title": "ParameterName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ArcAxisConfiguration": { + "additionalProperties": false, + "properties": { + "Range": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ArcAxisDisplayRange", + "markdownDescription": "The arc axis range of a `GaugeChartVisual` .", + "title": "Range" + }, + "ReserveRange": { + "markdownDescription": "The reserved range of the arc axis.", + "title": "ReserveRange", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ArcAxisDisplayRange": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum value of the arc axis range.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The minimum value of the arc axis range.", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ArcConfiguration": { + "additionalProperties": false, + "properties": { + "ArcAngle": { + "markdownDescription": "The option that determines the arc angle of a `GaugeChartVisual` .", + "title": "ArcAngle", + "type": "number" + }, + "ArcThickness": { + "markdownDescription": "The options that determine the arc thickness of a `GaugeChartVisual` .", + "title": "ArcThickness", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ArcOptions": { + "additionalProperties": false, + "properties": { + "ArcThickness": { + "markdownDescription": "The arc thickness of a `GaugeChartVisual` .", + "title": "ArcThickness", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.AssetOptions": { + "additionalProperties": false, + "properties": { + "Timezone": { + "markdownDescription": "Determines the timezone for the analysis.", + "title": "Timezone", + "type": "string" + }, + "WeekStart": { + "markdownDescription": "Determines the week start day for an analysis.", + "title": "WeekStart", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.AttributeAggregationFunction": { + "additionalProperties": false, + "properties": { + "SimpleAttributeAggregation": { + "markdownDescription": "The built-in aggregation functions for attributes.\n\n- `UNIQUE_VALUE` : Returns the unique value for a field, aggregated by the dimension fields.", + "title": "SimpleAttributeAggregation", + "type": "string" + }, + "ValueForMultipleValues": { + "markdownDescription": "Used by the `UNIQUE_VALUE` aggregation function. If there are multiple values for the field used by the aggregation, the value for this property will be returned instead. Defaults to '*'.", + "title": "ValueForMultipleValues", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.AxisDataOptions": { + "additionalProperties": false, + "properties": { + "DateAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateAxisOptions", + "markdownDescription": "The options for an axis with a date field.", + "title": "DateAxisOptions" + }, + "NumericAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericAxisOptions", + "markdownDescription": "The options for an axis with a numeric field.", + "title": "NumericAxisOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.AxisDisplayMinMaxRange": { + "additionalProperties": false, + "properties": { + "Maximum": { + "markdownDescription": "The maximum setup for an axis display range.", + "title": "Maximum", + "type": "number" + }, + "Minimum": { + "markdownDescription": "The minimum setup for an axis display range.", + "title": "Minimum", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.AxisDisplayOptions": { + "additionalProperties": false, + "properties": { + "AxisLineVisibility": { + "markdownDescription": "Determines whether or not the axis line is visible.", + "title": "AxisLineVisibility", + "type": "string" + }, + "AxisOffset": { + "markdownDescription": "The offset value that determines the starting placement of the axis within a visual's bounds.", + "title": "AxisOffset", + "type": "string" + }, + "DataOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDataOptions", + "markdownDescription": "The data options for an axis.", + "title": "DataOptions" + }, + "GridLineVisibility": { + "markdownDescription": "Determines whether or not the grid line is visible.", + "title": "GridLineVisibility", + "type": "string" + }, + "ScrollbarOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ScrollBarOptions", + "markdownDescription": "The scroll bar options for an axis.", + "title": "ScrollbarOptions" + }, + "TickLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisTickLabelOptions", + "markdownDescription": "The tick label options of an axis.", + "title": "TickLabelOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.AxisDisplayRange": { + "additionalProperties": false, + "properties": { + "DataDriven": { + "markdownDescription": "The data-driven setup of an axis display range.", + "title": "DataDriven", + "type": "object" + }, + "MinMax": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayMinMaxRange", + "markdownDescription": "The minimum and maximum setup of an axis display range.", + "title": "MinMax" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.AxisLabelOptions": { + "additionalProperties": false, + "properties": { + "ApplyTo": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisLabelReferenceOptions", + "markdownDescription": "The options that indicate which field the label belongs to.", + "title": "ApplyTo" + }, + "CustomLabel": { + "markdownDescription": "The text for the axis label.", + "title": "CustomLabel", + "type": "string" + }, + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", + "markdownDescription": "The font configuration of the axis label.", + "title": "FontConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.AxisLabelReferenceOptions": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that the axis label is targeted to.", + "title": "Column" + }, + "FieldId": { + "markdownDescription": "The field that the axis label is targeted to.", + "title": "FieldId", + "type": "string" + } + }, + "required": [ + "Column", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.AxisLinearScale": { + "additionalProperties": false, + "properties": { + "StepCount": { + "markdownDescription": "The step count setup of a linear axis.", + "title": "StepCount", + "type": "number" + }, + "StepSize": { + "markdownDescription": "The step size setup of a linear axis.", + "title": "StepSize", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.AxisLogarithmicScale": { + "additionalProperties": false, + "properties": { + "Base": { + "markdownDescription": "The base setup of a logarithmic axis scale.", + "title": "Base", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.AxisScale": { + "additionalProperties": false, + "properties": { + "Linear": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisLinearScale", + "markdownDescription": "The linear axis scale setup.", + "title": "Linear" + }, + "Logarithmic": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisLogarithmicScale", + "markdownDescription": "The logarithmic axis scale setup.", + "title": "Logarithmic" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.AxisTickLabelOptions": { + "additionalProperties": false, + "properties": { + "LabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", + "markdownDescription": "Determines whether or not the axis ticks are visible.", + "title": "LabelOptions" + }, + "RotationAngle": { + "markdownDescription": "The rotation angle of the axis tick labels.", + "title": "RotationAngle", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.BarChartAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The category (y-axis) field well of a bar chart.", + "title": "Category", + "type": "array" + }, + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The color (group/color) field well of a bar chart.", + "title": "Colors", + "type": "array" + }, + "SmallMultiples": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The small multiples field well of a bar chart.", + "title": "SmallMultiples", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The value field wells of a bar chart. Values are aggregated by category.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.BarChartConfiguration": { + "additionalProperties": false, + "properties": { + "BarsArrangement": { + "markdownDescription": "Determines the arrangement of the bars. The orientation and arrangement of bars determine the type of bar that is used in the visual.", + "title": "BarsArrangement", + "type": "string" + }, + "CategoryAxis": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) for bar chart category.", + "title": "CategoryAxis" + }, + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a bar chart.", + "title": "CategoryLabelOptions" + }, + "ColorLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a color that is used in a bar chart.", + "title": "ColorLabelOptions" + }, + "ContributionAnalysisDefaults": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ContributionAnalysisDefault" + }, + "markdownDescription": "The contribution analysis (anomaly configuration) setup of the visual.", + "title": "ContributionAnalysisDefaults", + "type": "array" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.", + "title": "DataLabels" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BarChartFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "Orientation": { + "markdownDescription": "The orientation of the bars in a bar chart visual. There are two valid values in this structure:\n\n- `HORIZONTAL` : Used for charts that have horizontal bars. Visuals that use this value are horizontal bar charts, horizontal stacked bar charts, and horizontal stacked 100% bar charts.\n- `VERTICAL` : Used for charts that have vertical bars. Visuals that use this value are vertical bar charts, vertical stacked bar charts, and vertical stacked 100% bar charts.", + "title": "Orientation", + "type": "string" + }, + "ReferenceLines": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLine" + }, + "markdownDescription": "The reference line setup of the visual.", + "title": "ReferenceLines", + "type": "array" + }, + "SmallMultiplesOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SmallMultiplesOptions", + "markdownDescription": "The small multiples setup for the visual.", + "title": "SmallMultiplesOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BarChartSortConfiguration", + "markdownDescription": "The sort configuration of a `BarChartVisual` .", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + }, + "ValueAxis": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) for a bar chart value.", + "title": "ValueAxis" + }, + "ValueLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a bar chart value.", + "title": "ValueLabelOptions" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.BarChartFieldWells": { + "additionalProperties": false, + "properties": { + "BarChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BarChartAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a bar chart.", + "title": "BarChartAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.BarChartSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of categories displayed in a bar chart.", + "title": "CategoryItemsLimit" + }, + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of category fields.", + "title": "CategorySort", + "type": "array" + }, + "ColorItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of values displayed in a bar chart.", + "title": "ColorItemsLimit" + }, + "ColorSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of color fields in a bar chart.", + "title": "ColorSort", + "type": "array" + }, + "SmallMultiplesLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of small multiples panels that are displayed.", + "title": "SmallMultiplesLimitConfiguration" + }, + "SmallMultiplesSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the small multiples field.", + "title": "SmallMultiplesSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.BarChartVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BarChartConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.BinCountOptions": { + "additionalProperties": false, + "properties": { + "Value": { + "markdownDescription": "The options that determine the bin count value.", + "title": "Value", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.BinWidthOptions": { + "additionalProperties": false, + "properties": { + "BinCountLimit": { + "markdownDescription": "The options that determine the bin count limit.", + "title": "BinCountLimit", + "type": "number" + }, + "Value": { + "markdownDescription": "The options that determine the bin width value.", + "title": "Value", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.BodySectionConfiguration": { + "additionalProperties": false, + "properties": { + "Content": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BodySectionContent", + "markdownDescription": "The configuration of content in a body section.", + "title": "Content" + }, + "PageBreakConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionPageBreakConfiguration", + "markdownDescription": "The configuration of a page break for a section.", + "title": "PageBreakConfiguration" + }, + "RepeatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BodySectionRepeatConfiguration", + "markdownDescription": "Describes the configurations that are required to declare a section as repeating.", + "title": "RepeatConfiguration" + }, + "SectionId": { + "markdownDescription": "The unique identifier of a body section.", + "title": "SectionId", + "type": "string" + }, + "Style": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionStyle", + "markdownDescription": "The style options of a body section.", + "title": "Style" + } + }, + "required": [ + "Content", + "SectionId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.BodySectionContent": { + "additionalProperties": false, + "properties": { + "Layout": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionLayoutConfiguration", + "markdownDescription": "The layout configuration of a body section.", + "title": "Layout" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.BodySectionDynamicCategoryDimensionConfiguration": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "", + "title": "Column" + }, + "Limit": { + "markdownDescription": "Number of values to use from the column for repetition.", + "title": "Limit", + "type": "number" + }, + "SortByMetrics": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnSort" + }, + "markdownDescription": "Sort criteria on the column values that you use for repetition.", + "title": "SortByMetrics", + "type": "array" + } + }, + "required": [ + "Column" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.BodySectionDynamicNumericDimensionConfiguration": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "", + "title": "Column" + }, + "Limit": { + "markdownDescription": "Number of values to use from the column for repetition.", + "title": "Limit", + "type": "number" + }, + "SortByMetrics": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnSort" + }, + "markdownDescription": "Sort criteria on the column values that you use for repetition.", + "title": "SortByMetrics", + "type": "array" + } + }, + "required": [ + "Column" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.BodySectionRepeatConfiguration": { + "additionalProperties": false, + "properties": { + "DimensionConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BodySectionRepeatDimensionConfiguration" + }, + "markdownDescription": "List of `BodySectionRepeatDimensionConfiguration` values that describe the dataset column and constraints for the column used to repeat the contents of a section.", + "title": "DimensionConfigurations", + "type": "array" + }, + "NonRepeatingVisuals": { + "items": { + "type": "string" + }, + "markdownDescription": "List of visuals to exclude from repetition in repeating sections. The visuals will render identically, and ignore the repeating configurations in all repeating instances.", + "title": "NonRepeatingVisuals", + "type": "array" + }, + "PageBreakConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BodySectionRepeatPageBreakConfiguration", + "markdownDescription": "Page break configuration to apply for each repeating instance.", + "title": "PageBreakConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.BodySectionRepeatDimensionConfiguration": { + "additionalProperties": false, + "properties": { + "DynamicCategoryDimensionConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BodySectionDynamicCategoryDimensionConfiguration", + "markdownDescription": "Describes the *Category* dataset column and constraints around the dynamic values that will be used in repeating the section contents.", + "title": "DynamicCategoryDimensionConfiguration" + }, + "DynamicNumericDimensionConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BodySectionDynamicNumericDimensionConfiguration", + "markdownDescription": "Describes the *Numeric* dataset column and constraints around the dynamic values used to repeat the contents of a section.", + "title": "DynamicNumericDimensionConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.BodySectionRepeatPageBreakConfiguration": { + "additionalProperties": false, + "properties": { + "After": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionAfterPageBreak", + "markdownDescription": "", + "title": "After" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.BoxPlotAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "GroupBy": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The group by field well of a box plot chart. Values are grouped based on group by fields.", + "title": "GroupBy", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The value field well of a box plot chart. Values are aggregated based on group by fields.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.BoxPlotChartConfiguration": { + "additionalProperties": false, + "properties": { + "BoxPlotOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotOptions", + "markdownDescription": "The box plot chart options for a box plot visual", + "title": "BoxPlotOptions" + }, + "CategoryAxis": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) of a box plot category.", + "title": "CategoryAxis" + }, + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort Icon visibility) of a box plot category.", + "title": "CategoryLabelOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", + "markdownDescription": "", + "title": "Legend" + }, + "PrimaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) of a box plot category.", + "title": "PrimaryYAxisDisplayOptions" + }, + "PrimaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort icon visibility) of a box plot value.", + "title": "PrimaryYAxisLabelOptions" + }, + "ReferenceLines": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLine" + }, + "markdownDescription": "The reference line setup of the visual.", + "title": "ReferenceLines", + "type": "array" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotSortConfiguration", + "markdownDescription": "The sort configuration of a `BoxPlotVisual` .", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.BoxPlotFieldWells": { + "additionalProperties": false, + "properties": { + "BoxPlotAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a box plot.", + "title": "BoxPlotAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.BoxPlotOptions": { + "additionalProperties": false, + "properties": { + "AllDataPointsVisibility": { + "markdownDescription": "Determines the visibility of all data points of the box plot.", + "title": "AllDataPointsVisibility", + "type": "string" + }, + "OutlierVisibility": { + "markdownDescription": "Determines the visibility of the outlier in a box plot.", + "title": "OutlierVisibility", + "type": "string" + }, + "StyleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotStyleOptions", + "markdownDescription": "The style options of the box plot.", + "title": "StyleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.BoxPlotSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of a group by fields.", + "title": "CategorySort", + "type": "array" + }, + "PaginationConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PaginationConfiguration", + "markdownDescription": "The pagination configuration of a table visual or box plot.", + "title": "PaginationConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.BoxPlotStyleOptions": { + "additionalProperties": false, + "properties": { + "FillStyle": { + "markdownDescription": "The fill styles (solid, transparent) of the box plot.", + "title": "FillStyle", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.BoxPlotVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotChartConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.CalculatedField": { + "additionalProperties": false, + "properties": { + "DataSetIdentifier": { + "markdownDescription": "The data set that is used in this calculated field.", + "title": "DataSetIdentifier", + "type": "string" + }, + "Expression": { + "markdownDescription": "The expression of the calculated field.", + "title": "Expression", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the calculated field.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "DataSetIdentifier", + "Expression", + "Name" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.CalculatedMeasureField": { + "additionalProperties": false, + "properties": { + "Expression": { + "markdownDescription": "The expression in the table calculation.", + "title": "Expression", + "type": "string" + }, + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" + } + }, + "required": [ + "Expression", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.CascadingControlConfiguration": { + "additionalProperties": false, + "properties": { + "SourceControls": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CascadingControlSource" + }, + "markdownDescription": "A list of source controls that determine the values that are used in the current control.", + "title": "SourceControls", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.CascadingControlSource": { + "additionalProperties": false, + "properties": { + "ColumnToMatch": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column identifier that determines which column to look up for the source sheet control.", + "title": "ColumnToMatch" + }, + "SourceSheetControlId": { + "markdownDescription": "The source sheet control ID of a `CascadingControlSource` .", + "title": "SourceSheetControlId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.CategoricalDimensionField": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that is used in the `CategoricalDimensionField` .", + "title": "Column" + }, + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.StringFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" + }, + "HierarchyId": { + "markdownDescription": "The custom hierarchy ID.", + "title": "HierarchyId", + "type": "string" + } + }, + "required": [ + "Column", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.CategoricalMeasureField": { + "additionalProperties": false, + "properties": { + "AggregationFunction": { + "markdownDescription": "The aggregation function of the measure field.", + "title": "AggregationFunction", + "type": "string" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that is used in the `CategoricalMeasureField` .", + "title": "Column" + }, + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.StringFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" + } + }, + "required": [ + "Column", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.CategoryDrillDownFilter": { + "additionalProperties": false, + "properties": { + "CategoryValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the string inputs that are the values of the category drill down filter.", + "title": "CategoryValues", + "type": "array" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + } + }, + "required": [ + "CategoryValues", + "Column" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.CategoryFilter": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "Configuration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CategoryFilterConfiguration", + "markdownDescription": "The configuration for a `CategoryFilter` .", + "title": "Configuration" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + } + }, + "required": [ + "Column", + "Configuration", + "FilterId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.CategoryFilterConfiguration": { + "additionalProperties": false, + "properties": { + "CustomFilterConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomFilterConfiguration", + "markdownDescription": "A custom filter that filters based on a single value. This filter can be partially matched.", + "title": "CustomFilterConfiguration" + }, + "CustomFilterListConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomFilterListConfiguration", + "markdownDescription": "A list of custom filter values. In the Amazon QuickSight console, this filter type is called a custom filter list.", + "title": "CustomFilterListConfiguration" + }, + "FilterListConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterListConfiguration", + "markdownDescription": "A list of filter configurations. In the Amazon QuickSight console, this filter type is called a filter list.", + "title": "FilterListConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.CategoryInnerFilter": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "", + "title": "Column" + }, + "Configuration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CategoryFilterConfiguration", + "markdownDescription": "", + "title": "Configuration" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", + "markdownDescription": "", + "title": "DefaultFilterControlConfiguration" + } + }, + "required": [ + "Column", + "Configuration" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.ChartAxisLabelOptions": { + "additionalProperties": false, + "properties": { + "AxisLabelOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisLabelOptions" + }, + "markdownDescription": "The label options for a chart axis.", + "title": "AxisLabelOptions", + "type": "array" + }, + "SortIconVisibility": { + "markdownDescription": "The visibility configuration of the sort icon on a chart's axis label.", + "title": "SortIconVisibility", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of an axis label on a chart. Choose one of the following options:\n\n- `VISIBLE` : Shows the axis.\n- `HIDDEN` : Hides the axis.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ClusterMarker": { + "additionalProperties": false, + "properties": { + "SimpleClusterMarker": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SimpleClusterMarker", + "markdownDescription": "The simple cluster marker of the cluster marker.", + "title": "SimpleClusterMarker" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ClusterMarkerConfiguration": { + "additionalProperties": false, + "properties": { + "ClusterMarker": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ClusterMarker", + "markdownDescription": "The cluster marker that is a part of the cluster marker configuration.", + "title": "ClusterMarker" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ColorScale": { + "additionalProperties": false, + "properties": { + "ColorFillType": { + "markdownDescription": "Determines the color fill type.", + "title": "ColorFillType", + "type": "string" + }, + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataColor" + }, + "markdownDescription": "Determines the list of colors that are applied to the visual.", + "title": "Colors", + "type": "array" + }, + "NullValueColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataColor", + "markdownDescription": "Determines the color that is applied to null values.", + "title": "NullValueColor" + } + }, + "required": [ + "ColorFillType", + "Colors" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.ColorsConfiguration": { + "additionalProperties": false, + "properties": { + "CustomColors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomColor" + }, + "markdownDescription": "A list of up to 50 custom colors.", + "title": "CustomColors", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ColumnConfiguration": { + "additionalProperties": false, + "properties": { + "ColorsConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColorsConfiguration", + "markdownDescription": "The color configurations of the column.", + "title": "ColorsConfiguration" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column.", + "title": "Column" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FormatConfiguration", + "markdownDescription": "The format configuration of a column.", + "title": "FormatConfiguration" + }, + "Role": { + "markdownDescription": "The role of the column.", + "title": "Role", + "type": "string" + } + }, + "required": [ + "Column" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.ColumnHierarchy": { + "additionalProperties": false, + "properties": { + "DateTimeHierarchy": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeHierarchy", + "markdownDescription": "The option that determines the hierarchy of any `DateTime` fields.", + "title": "DateTimeHierarchy" + }, + "ExplicitHierarchy": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ExplicitHierarchy", + "markdownDescription": "The option that determines the hierarchy of the fields that are built within a visual's field wells. These fields can't be duplicated to other visuals.", + "title": "ExplicitHierarchy" + }, + "PredefinedHierarchy": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PredefinedHierarchy", + "markdownDescription": "The option that determines the hierarchy of the fields that are defined during data preparation. These fields are available to use in any analysis that uses the data source.", + "title": "PredefinedHierarchy" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ColumnIdentifier": { + "additionalProperties": false, + "properties": { + "ColumnName": { + "markdownDescription": "The name of the column.", + "title": "ColumnName", + "type": "string" + }, + "DataSetIdentifier": { + "markdownDescription": "The data set that the column belongs to.", + "title": "DataSetIdentifier", + "type": "string" + } + }, + "required": [ + "ColumnName", + "DataSetIdentifier" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.ColumnSort": { + "additionalProperties": false, + "properties": { + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationFunction", + "markdownDescription": "The aggregation function that is defined in the column sort.", + "title": "AggregationFunction" + }, + "Direction": { + "markdownDescription": "The sort direction.", + "title": "Direction", + "type": "string" + }, + "SortBy": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "", + "title": "SortBy" + } + }, + "required": [ + "Direction", + "SortBy" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.ColumnTooltipItem": { + "additionalProperties": false, + "properties": { + "Aggregation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationFunction", + "markdownDescription": "The aggregation function of the column tooltip item.", + "title": "Aggregation" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The target column of the tooltip item.", + "title": "Column" + }, + "Label": { + "markdownDescription": "The label of the tooltip item.", + "title": "Label", + "type": "string" + }, + "TooltipTarget": { + "markdownDescription": "Determines the target of the column tooltip item in a combo chart visual.", + "title": "TooltipTarget", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the tooltip item.", + "title": "Visibility", + "type": "string" + } + }, + "required": [ + "Column" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.ComboChartAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "BarValues": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The aggregated `BarValues` field well of a combo chart.", + "title": "BarValues", + "type": "array" + }, + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The aggregated category field wells of a combo chart.", + "title": "Category", + "type": "array" + }, + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The aggregated colors field well of a combo chart.", + "title": "Colors", + "type": "array" + }, + "LineValues": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The aggregated `LineValues` field well of a combo chart.", + "title": "LineValues", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ComboChartConfiguration": { + "additionalProperties": false, + "properties": { + "BarDataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.\n\nThe data label options for a bar in a combo chart.", + "title": "BarDataLabels" + }, + "BarsArrangement": { + "markdownDescription": "Determines the bar arrangement in a combo chart. The following are valid values in this structure:\n\n- `CLUSTERED` : For clustered bar combo charts.\n- `STACKED` : For stacked bar combo charts.\n- `STACKED_PERCENT` : Do not use. If you use this value, the operation returns a validation error.", + "title": "BarsArrangement", + "type": "string" + }, + "CategoryAxis": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", + "markdownDescription": "The category axis of a combo chart.", + "title": "CategoryAxis" + }, + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart category (group/color) field well.", + "title": "CategoryLabelOptions" + }, + "ColorLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's color field well.", + "title": "ColorLabelOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ComboChartFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "LineDataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.\n\nThe data label options for a line in a combo chart.", + "title": "LineDataLabels" + }, + "PrimaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, and axis step) of a combo chart's primary y-axis (bar) field well.", + "title": "PrimaryYAxisDisplayOptions" + }, + "PrimaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's primary y-axis (bar) field well.", + "title": "PrimaryYAxisLabelOptions" + }, + "ReferenceLines": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLine" + }, + "markdownDescription": "The reference line setup of the visual.", + "title": "ReferenceLines", + "type": "array" + }, + "SecondaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) of a combo chart's secondary y-axis (line) field well.", + "title": "SecondaryYAxisDisplayOptions" + }, + "SecondaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's secondary y-axis(line) field well.", + "title": "SecondaryYAxisLabelOptions" + }, + "SingleAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SingleAxisOptions", + "markdownDescription": "", + "title": "SingleAxisOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ComboChartSortConfiguration", + "markdownDescription": "The sort configuration of a `ComboChartVisual` .", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Tooltip" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ComboChartFieldWells": { + "additionalProperties": false, + "properties": { + "ComboChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ComboChartAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a combo chart. Combo charts only have aggregated field wells. Columns in a combo chart are aggregated by category.", + "title": "ComboChartAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ComboChartSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The item limit configuration for the category field well of a combo chart.", + "title": "CategoryItemsLimit" + }, + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the category field well in a combo chart.", + "title": "CategorySort", + "type": "array" + }, + "ColorItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The item limit configuration of the color field well in a combo chart.", + "title": "ColorItemsLimit" + }, + "ColorSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the color field well in a combo chart.", + "title": "ColorSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ComboChartVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ComboChartConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.ComparisonConfiguration": { + "additionalProperties": false, + "properties": { + "ComparisonFormat": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ComparisonFormatConfiguration", + "markdownDescription": "The format of the comparison.", + "title": "ComparisonFormat" + }, + "ComparisonMethod": { + "markdownDescription": "The method of the comparison. Choose from the following options:\n\n- `DIFFERENCE`\n- `PERCENT_DIFFERENCE`\n- `PERCENT`", + "title": "ComparisonMethod", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ComparisonFormatConfiguration": { + "additionalProperties": false, + "properties": { + "NumberDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumberDisplayFormatConfiguration", + "markdownDescription": "The number display format.", + "title": "NumberDisplayFormatConfiguration" + }, + "PercentageDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PercentageDisplayFormatConfiguration", + "markdownDescription": "The percentage display format.", + "title": "PercentageDisplayFormatConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.Computation": { + "additionalProperties": false, + "properties": { + "Forecast": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ForecastComputation", + "markdownDescription": "The forecast computation configuration.", + "title": "Forecast" + }, + "GrowthRate": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GrowthRateComputation", + "markdownDescription": "The growth rate computation configuration.", + "title": "GrowthRate" + }, + "MaximumMinimum": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MaximumMinimumComputation", + "markdownDescription": "The maximum and minimum computation configuration.", + "title": "MaximumMinimum" + }, + "MetricComparison": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MetricComparisonComputation", + "markdownDescription": "The metric comparison computation configuration.", + "title": "MetricComparison" + }, + "PeriodOverPeriod": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PeriodOverPeriodComputation", + "markdownDescription": "The period over period computation configuration.", + "title": "PeriodOverPeriod" + }, + "PeriodToDate": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PeriodToDateComputation", + "markdownDescription": "The period to `DataSetIdentifier` computation configuration.", + "title": "PeriodToDate" + }, + "TopBottomMovers": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TopBottomMoversComputation", + "markdownDescription": "The top movers and bottom movers computation configuration.", + "title": "TopBottomMovers" + }, + "TopBottomRanked": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TopBottomRankedComputation", + "markdownDescription": "The top ranked and bottom ranked computation configuration.", + "title": "TopBottomRanked" + }, + "TotalAggregation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TotalAggregationComputation", + "markdownDescription": "The total aggregation computation configuration.", + "title": "TotalAggregation" + }, + "UniqueValues": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.UniqueValuesComputation", + "markdownDescription": "The unique values computation configuration.", + "title": "UniqueValues" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ConditionalFormattingColor": { + "additionalProperties": false, + "properties": { + "Gradient": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingGradientColor", + "markdownDescription": "Formatting configuration for gradient color.", + "title": "Gradient" + }, + "Solid": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingSolidColor", + "markdownDescription": "Formatting configuration for solid color.", + "title": "Solid" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ConditionalFormattingCustomIconCondition": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "Determines the color of the icon.", + "title": "Color", + "type": "string" + }, + "DisplayConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIconDisplayConfiguration", + "markdownDescription": "Determines the icon display configuration.", + "title": "DisplayConfiguration" + }, + "Expression": { + "markdownDescription": "The expression that determines the condition of the icon set.", + "title": "Expression", + "type": "string" + }, + "IconOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingCustomIconOptions", + "markdownDescription": "Custom icon options for an icon set.", + "title": "IconOptions" + } + }, + "required": [ + "Expression", + "IconOptions" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.ConditionalFormattingCustomIconOptions": { + "additionalProperties": false, + "properties": { + "Icon": { + "markdownDescription": "Determines the type of icon.", + "title": "Icon", + "type": "string" + }, + "UnicodeIcon": { + "markdownDescription": "Determines the Unicode icon type.", + "title": "UnicodeIcon", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ConditionalFormattingGradientColor": { + "additionalProperties": false, + "properties": { + "Color": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GradientColor", + "markdownDescription": "Determines the color.", + "title": "Color" + }, + "Expression": { + "markdownDescription": "The expression that determines the formatting configuration for gradient color.", + "title": "Expression", + "type": "string" + } + }, + "required": [ + "Color", + "Expression" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.ConditionalFormattingIcon": { + "additionalProperties": false, + "properties": { + "CustomCondition": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingCustomIconCondition", + "markdownDescription": "Determines the custom condition for an icon set.", + "title": "CustomCondition" + }, + "IconSet": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIconSet", + "markdownDescription": "Formatting configuration for icon set.", + "title": "IconSet" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ConditionalFormattingIconDisplayConfiguration": { + "additionalProperties": false, + "properties": { + "IconDisplayOption": { + "markdownDescription": "Determines the icon display configuration.", + "title": "IconDisplayOption", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ConditionalFormattingIconSet": { + "additionalProperties": false, + "properties": { + "Expression": { + "markdownDescription": "The expression that determines the formatting configuration for the icon set.", + "title": "Expression", + "type": "string" + }, + "IconSetType": { + "markdownDescription": "Determines the icon set type.", + "title": "IconSetType", + "type": "string" + } + }, + "required": [ + "Expression" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.ConditionalFormattingSolidColor": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "Determines the color.", + "title": "Color", + "type": "string" + }, + "Expression": { + "markdownDescription": "The expression that determines the formatting configuration for solid color.", + "title": "Expression", + "type": "string" + } + }, + "required": [ + "Expression" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.ContextMenuOption": { + "additionalProperties": false, + "properties": { + "AvailabilityStatus": { + "markdownDescription": "The availability status of the context menu options. If the value of this property is set to `ENABLED` , dashboard readers can interact with the context menu.", + "title": "AvailabilityStatus", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ContributionAnalysisDefault": { + "additionalProperties": false, + "properties": { + "ContributorDimensions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier" + }, + "markdownDescription": "The dimensions columns that are used in the contribution analysis, usually a list of `ColumnIdentifiers` .", + "title": "ContributorDimensions", + "type": "array" + }, + "MeasureFieldId": { + "markdownDescription": "The measure field that is used in the contribution analysis.", + "title": "MeasureFieldId", + "type": "string" + } + }, + "required": [ + "ContributorDimensions", + "MeasureFieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.CurrencyDisplayFormatConfiguration": { + "additionalProperties": false, + "properties": { + "DecimalPlacesConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalPlacesConfiguration", + "markdownDescription": "The option that determines the decimal places configuration.", + "title": "DecimalPlacesConfiguration" + }, + "NegativeValueConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NegativeValueConfiguration", + "markdownDescription": "The options that determine the negative value configuration.", + "title": "NegativeValueConfiguration" + }, + "NullValueFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NullValueFormatConfiguration", + "markdownDescription": "The options that determine the null value format configuration.", + "title": "NullValueFormatConfiguration" + }, + "NumberScale": { + "markdownDescription": "Determines the number scale value for the currency format.", + "title": "NumberScale", + "type": "string" + }, + "Prefix": { + "markdownDescription": "Determines the prefix value of the currency format.", + "title": "Prefix", + "type": "string" + }, + "SeparatorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericSeparatorConfiguration", + "markdownDescription": "The options that determine the numeric separator configuration.", + "title": "SeparatorConfiguration" + }, + "Suffix": { + "markdownDescription": "Determines the suffix value of the currency format.", + "title": "Suffix", + "type": "string" + }, + "Symbol": { + "markdownDescription": "Determines the symbol for the currency format.", + "title": "Symbol", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.CustomActionFilterOperation": { + "additionalProperties": false, + "properties": { + "SelectedFieldsConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterOperationSelectedFieldsConfiguration", + "markdownDescription": "The configuration that chooses the fields to be filtered.", + "title": "SelectedFieldsConfiguration" + }, + "TargetVisualsConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterOperationTargetVisualsConfiguration", + "markdownDescription": "The configuration that chooses the target visuals to be filtered.", + "title": "TargetVisualsConfiguration" + } + }, + "required": [ + "SelectedFieldsConfiguration", + "TargetVisualsConfiguration" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.CustomActionNavigationOperation": { + "additionalProperties": false, + "properties": { + "LocalNavigationConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LocalNavigationConfiguration", + "markdownDescription": "The configuration that chooses the navigation target.", + "title": "LocalNavigationConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.CustomActionSetParametersOperation": { + "additionalProperties": false, + "properties": { + "ParameterValueConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SetParameterValueConfiguration" + }, + "markdownDescription": "The parameter that determines the value configuration.", + "title": "ParameterValueConfigurations", + "type": "array" + } + }, + "required": [ + "ParameterValueConfigurations" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.CustomActionURLOperation": { + "additionalProperties": false, + "properties": { + "URLTarget": { + "markdownDescription": "The target of the `CustomActionURLOperation` .\n\nValid values are defined as follows:\n\n- `NEW_TAB` : Opens the target URL in a new browser tab.\n- `NEW_WINDOW` : Opens the target URL in a new browser window.\n- `SAME_TAB` : Opens the target URL in the same browser tab.", + "title": "URLTarget", + "type": "string" + }, + "URLTemplate": { + "markdownDescription": "THe URL link of the `CustomActionURLOperation` .", + "title": "URLTemplate", + "type": "string" + } + }, + "required": [ + "URLTarget", + "URLTemplate" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.CustomColor": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The color that is applied to the data value.", + "title": "Color", + "type": "string" + }, + "FieldValue": { + "markdownDescription": "The data value that the color is applied to.", + "title": "FieldValue", + "type": "string" + }, + "SpecialValue": { + "markdownDescription": "The value of a special data value.", + "title": "SpecialValue", + "type": "string" + } + }, + "required": [ + "Color" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.CustomContentConfiguration": { + "additionalProperties": false, + "properties": { + "ContentType": { + "markdownDescription": "The content type of the custom content visual. You can use this to have the visual render as an image.", + "title": "ContentType", + "type": "string" + }, + "ContentUrl": { + "markdownDescription": "The input URL that links to the custom content that you want in the custom visual.", + "title": "ContentUrl", + "type": "string" + }, + "ImageScaling": { + "markdownDescription": "The sizing options for the size of the custom content visual. This structure is required when the `ContentType` of the visual is `'IMAGE'` .", + "title": "ImageScaling", + "type": "string" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.CustomContentVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomContentConfiguration", + "markdownDescription": "The configuration of a `CustomContentVisual` .", + "title": "ChartConfiguration" + }, + "DataSetIdentifier": { + "markdownDescription": "The dataset that is used to create the custom content visual. You can't create a visual without a dataset.", + "title": "DataSetIdentifier", + "type": "string" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "DataSetIdentifier", + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.CustomFilterConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryValue": { + "markdownDescription": "The category value for the filter.\n\nThis field is mutually exclusive to `ParameterName` .", + "title": "CategoryValue", + "type": "string" + }, + "MatchOperator": { + "markdownDescription": "The match operator that is used to determine if a filter should be applied.", + "title": "MatchOperator", + "type": "string" + }, + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" + }, + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `CategoryValue` .", + "title": "ParameterName", + "type": "string" + }, + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", + "type": "string" + } + }, + "required": [ + "MatchOperator", + "NullOption" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.CustomFilterListConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryValues": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of category values for the filter.", + "title": "CategoryValues", + "type": "array" + }, + "MatchOperator": { + "markdownDescription": "The match operator that is used to determine if a filter should be applied.", + "title": "MatchOperator", + "type": "string" + }, + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" + }, + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", + "type": "string" + } + }, + "required": [ + "MatchOperator", + "NullOption" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.CustomNarrativeOptions": { + "additionalProperties": false, + "properties": { + "Narrative": { + "markdownDescription": "The string input of custom narrative.", + "title": "Narrative", + "type": "string" + } + }, + "required": [ + "Narrative" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.CustomParameterValues": { + "additionalProperties": false, + "properties": { + "DateTimeValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of datetime-type parameter values.", + "title": "DateTimeValues", + "type": "array" + }, + "DecimalValues": { + "items": { + "type": "number" + }, + "markdownDescription": "A list of decimal-type parameter values.", + "title": "DecimalValues", + "type": "array" + }, + "IntegerValues": { + "items": { + "type": "number" + }, + "markdownDescription": "A list of integer-type parameter values.", + "title": "IntegerValues", + "type": "array" + }, + "StringValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of string-type parameter values.", + "title": "StringValues", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.CustomValuesConfiguration": { + "additionalProperties": false, + "properties": { + "CustomValues": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomParameterValues", + "markdownDescription": "", + "title": "CustomValues" + }, + "IncludeNullValue": { + "markdownDescription": "Includes the null value in custom action parameter values.", + "title": "IncludeNullValue", + "type": "boolean" + } + }, + "required": [ + "CustomValues" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.DataBarsOptions": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The field ID for the data bars options.", + "title": "FieldId", + "type": "string" + }, + "NegativeColor": { + "markdownDescription": "The color of the negative data bar.", + "title": "NegativeColor", + "type": "string" + }, + "PositiveColor": { + "markdownDescription": "The color of the positive data bar.", + "title": "PositiveColor", + "type": "string" + } + }, + "required": [ + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.DataColor": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The color that is applied to the data value.", + "title": "Color", + "type": "string" + }, + "DataValue": { + "markdownDescription": "The data value that the color is applied to.", + "title": "DataValue", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.DataFieldSeriesItem": { + "additionalProperties": false, + "properties": { + "AxisBinding": { + "markdownDescription": "The axis that you are binding the field to.", + "title": "AxisBinding", + "type": "string" + }, + "FieldId": { + "markdownDescription": "The field ID of the field that you are setting the axis binding to.", + "title": "FieldId", + "type": "string" + }, + "FieldValue": { + "markdownDescription": "The field value of the field that you are setting the axis binding to.", + "title": "FieldValue", + "type": "string" + }, + "Settings": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartSeriesSettings", + "markdownDescription": "The options that determine the presentation of line series associated to the field.", + "title": "Settings" + } + }, + "required": [ + "AxisBinding", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.DataLabelOptions": { + "additionalProperties": false, + "properties": { + "CategoryLabelVisibility": { + "markdownDescription": "Determines the visibility of the category field labels.", + "title": "CategoryLabelVisibility", + "type": "string" + }, + "DataLabelTypes": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelType" + }, + "markdownDescription": "The option that determines the data label type.", + "title": "DataLabelTypes", + "type": "array" + }, + "LabelColor": { + "markdownDescription": "Determines the color of the data labels.", + "title": "LabelColor", + "type": "string" + }, + "LabelContent": { + "markdownDescription": "Determines the content of the data labels.", + "title": "LabelContent", + "type": "string" + }, + "LabelFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", + "markdownDescription": "Determines the font configuration of the data labels.", + "title": "LabelFontConfiguration" + }, + "MeasureLabelVisibility": { + "markdownDescription": "Determines the visibility of the measure field labels.", + "title": "MeasureLabelVisibility", + "type": "string" + }, + "Overlap": { + "markdownDescription": "Determines whether overlap is enabled or disabled for the data labels.", + "title": "Overlap", + "type": "string" + }, + "Position": { + "markdownDescription": "Determines the position of the data labels.", + "title": "Position", + "type": "string" + }, + "TotalsVisibility": { + "markdownDescription": "Determines the visibility of the total.", + "title": "TotalsVisibility", + "type": "string" + }, + "Visibility": { + "markdownDescription": "Determines the visibility of the data labels.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.DataLabelType": { + "additionalProperties": false, + "properties": { + "DataPathLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathLabelType", + "markdownDescription": "The option that specifies individual data values for labels.", + "title": "DataPathLabelType" + }, + "FieldLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldLabelType", + "markdownDescription": "Determines the label configuration for the entire field.", + "title": "FieldLabelType" + }, + "MaximumLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MaximumLabelType", + "markdownDescription": "Determines the label configuration for the maximum value in a visual.", + "title": "MaximumLabelType" + }, + "MinimumLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MinimumLabelType", + "markdownDescription": "Determines the label configuration for the minimum value in a visual.", + "title": "MinimumLabelType" + }, + "RangeEndsLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.RangeEndsLabelType", + "markdownDescription": "Determines the label configuration for range end value in a visual.", + "title": "RangeEndsLabelType" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.DataPathColor": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The color that needs to be applied to the element.", + "title": "Color", + "type": "string" + }, + "Element": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathValue", + "markdownDescription": "The element that the color needs to be applied to.", + "title": "Element" + }, + "TimeGranularity": { + "markdownDescription": "The time granularity of the field that the color needs to be applied to.", + "title": "TimeGranularity", + "type": "string" + } + }, + "required": [ + "Color", + "Element" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.DataPathLabelType": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The field ID of the field that the data label needs to be applied to.", + "title": "FieldId", + "type": "string" + }, + "FieldValue": { + "markdownDescription": "The actual value of the field that is labeled.", + "title": "FieldValue", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the data label.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.DataPathSort": { + "additionalProperties": false, + "properties": { + "Direction": { + "markdownDescription": "Determines the sort direction.", + "title": "Direction", + "type": "string" + }, + "SortPaths": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathValue" + }, + "markdownDescription": "The list of data paths that need to be sorted.", + "title": "SortPaths", + "type": "array" + } + }, + "required": [ + "Direction", + "SortPaths" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.DataPathType": { + "additionalProperties": false, + "properties": { + "PivotTableDataPathType": { + "markdownDescription": "The type of data path value utilized in a pivot table. Choose one of the following options:\n\n- `HIERARCHY_ROWS_LAYOUT_COLUMN` - The type of data path for the rows layout column, when `RowsLayout` is set to `HIERARCHY` .\n- `MULTIPLE_ROW_METRICS_COLUMN` - The type of data path for the metric column when the row is set to Metric Placement.\n- `EMPTY_COLUMN_HEADER` - The type of data path for the column with empty column header, when there is no field in `ColumnsFieldWell` and the row is set to Metric Placement.\n- `COUNT_METRIC_COLUMN` - The type of data path for the column with `COUNT` as the metric, when there is no field in the `ValuesFieldWell` .", + "title": "PivotTableDataPathType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.DataPathValue": { + "additionalProperties": false, + "properties": { + "DataPathType": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathType", + "markdownDescription": "The type configuration of the field.", + "title": "DataPathType" + }, + "FieldId": { + "markdownDescription": "The field ID of the field that needs to be sorted.", + "title": "FieldId", + "type": "string" + }, + "FieldValue": { + "markdownDescription": "The actual value of the field that needs to be sorted.", + "title": "FieldValue", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.DataSetIdentifierDeclaration": { + "additionalProperties": false, + "properties": { + "DataSetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the data set.", + "title": "DataSetArn", + "type": "string" + }, + "Identifier": { + "markdownDescription": "The identifier of the data set, typically the data set's name.", + "title": "Identifier", + "type": "string" + } + }, + "required": [ + "DataSetArn", + "Identifier" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.DataSetReference": { + "additionalProperties": false, + "properties": { + "DataSetArn": { + "markdownDescription": "Dataset Amazon Resource Name (ARN).", + "title": "DataSetArn", + "type": "string" + }, + "DataSetPlaceholder": { + "markdownDescription": "Dataset placeholder.", + "title": "DataSetPlaceholder", + "type": "string" + } + }, + "required": [ + "DataSetArn", + "DataSetPlaceholder" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.DateAxisOptions": { + "additionalProperties": false, + "properties": { + "MissingDateVisibility": { + "markdownDescription": "Determines whether or not missing dates are displayed.", + "title": "MissingDateVisibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.DateDimensionField": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that is used in the `DateDimensionField` .", + "title": "Column" + }, + "DateGranularity": { + "markdownDescription": "The date granularity of the `DateDimensionField` . Choose one of the following options:\n\n- `YEAR`\n- `QUARTER`\n- `MONTH`\n- `WEEK`\n- `DAY`\n- `HOUR`\n- `MINUTE`\n- `SECOND`\n- `MILLISECOND`", + "title": "DateGranularity", + "type": "string" + }, + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" + }, + "HierarchyId": { + "markdownDescription": "The custom hierarchy ID.", + "title": "HierarchyId", + "type": "string" + } + }, + "required": [ + "Column", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.DateMeasureField": { + "additionalProperties": false, + "properties": { + "AggregationFunction": { + "markdownDescription": "The aggregation function of the measure field.", + "title": "AggregationFunction", + "type": "string" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that is used in the `DateMeasureField` .", + "title": "Column" + }, + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" + } + }, + "required": [ + "Column", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.DateTimeDefaultValues": { + "additionalProperties": false, + "properties": { + "DynamicValue": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DynamicDefaultValue", + "markdownDescription": "The dynamic value of the `DataTimeDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", + "title": "DynamicValue" + }, + "RollingDate": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.RollingDateConfiguration", + "markdownDescription": "The rolling date of the `DataTimeDefaultValues` . The date is determined from the dataset based on input expression.", + "title": "RollingDate" + }, + "StaticValues": { + "items": { + "type": "string" + }, + "markdownDescription": "The static values of the `DataTimeDefaultValues` .", + "title": "StaticValues", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.DateTimeFormatConfiguration": { + "additionalProperties": false, + "properties": { + "DateTimeFormat": { + "markdownDescription": "Determines the `DateTime` format.", + "title": "DateTimeFormat", + "type": "string" + }, + "NullValueFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NullValueFormatConfiguration", + "markdownDescription": "The options that determine the null value format configuration.", + "title": "NullValueFormatConfiguration" + }, + "NumericFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericFormatConfiguration", + "markdownDescription": "The formatting configuration for numeric `DateTime` fields.", + "title": "NumericFormatConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.DateTimeHierarchy": { + "additionalProperties": false, + "properties": { + "DrillDownFilters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DrillDownFilter" + }, + "markdownDescription": "The option that determines the drill down filters for the `DateTime` hierarchy.", + "title": "DrillDownFilters", + "type": "array" + }, + "HierarchyId": { + "markdownDescription": "The hierarchy ID of the `DateTime` hierarchy.", + "title": "HierarchyId", + "type": "string" + } + }, + "required": [ + "HierarchyId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.DateTimeParameter": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "A display name for the date-time parameter.", + "title": "Name", + "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The values for the date-time parameter.", + "title": "Values", + "type": "array" + } + }, + "required": [ + "Name", + "Values" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.DateTimeParameterDeclaration": { + "additionalProperties": false, + "properties": { + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeDefaultValues", + "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", + "title": "DefaultValues" + }, + "MappedDataSetParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MappedDataSetParameter" + }, + "markdownDescription": "", + "title": "MappedDataSetParameters", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the parameter that is being declared.", + "title": "Name", + "type": "string" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" + }, + "ValueWhenUnset": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeValueWhenUnsetConfiguration", + "markdownDescription": "The configuration that defines the default value of a `DateTime` parameter when a value has not been set.", + "title": "ValueWhenUnset" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.DateTimePickerControlDisplayOptions": { + "additionalProperties": false, + "properties": { + "DateIconVisibility": { + "markdownDescription": "The date icon visibility of the `DateTimePickerControlDisplayOptions` .", + "title": "DateIconVisibility", + "type": "string" + }, + "DateTimeFormat": { + "markdownDescription": "Customize how dates are formatted in controls.", + "title": "DateTimeFormat", + "type": "string" + }, + "HelperTextVisibility": { + "markdownDescription": "The helper text visibility of the `DateTimePickerControlDisplayOptions` .", + "title": "HelperTextVisibility", + "type": "string" + }, + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.DateTimeValueWhenUnsetConfiguration": { + "additionalProperties": false, + "properties": { + "CustomValue": { + "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", + "title": "CustomValue", + "type": "string" + }, + "ValueWhenUnsetOption": { + "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", + "title": "ValueWhenUnsetOption", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.DecimalDefaultValues": { + "additionalProperties": false, + "properties": { + "DynamicValue": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DynamicDefaultValue", + "markdownDescription": "The dynamic value of the `DecimalDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", + "title": "DynamicValue" + }, + "StaticValues": { + "items": { + "type": "number" + }, + "markdownDescription": "The static values of the `DecimalDefaultValues` .", + "title": "StaticValues", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.DecimalParameter": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "A display name for the decimal parameter.", + "title": "Name", + "type": "string" + }, + "Values": { + "items": { + "type": "number" + }, + "markdownDescription": "The values for the decimal parameter.", + "title": "Values", + "type": "array" + } + }, + "required": [ + "Name", + "Values" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.DecimalParameterDeclaration": { + "additionalProperties": false, + "properties": { + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalDefaultValues", + "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", + "title": "DefaultValues" + }, + "MappedDataSetParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MappedDataSetParameter" + }, + "markdownDescription": "", + "title": "MappedDataSetParameters", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the parameter that is being declared.", + "title": "Name", + "type": "string" + }, + "ParameterValueType": { + "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", + "title": "ParameterValueType", + "type": "string" + }, + "ValueWhenUnset": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalValueWhenUnsetConfiguration", + "markdownDescription": "The configuration that defines the default value of a `Decimal` parameter when a value has not been set.", + "title": "ValueWhenUnset" + } + }, + "required": [ + "Name", + "ParameterValueType" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.DecimalPlacesConfiguration": { + "additionalProperties": false, + "properties": { + "DecimalPlaces": { + "markdownDescription": "The values of the decimal places.", + "title": "DecimalPlaces", + "type": "number" + } + }, + "required": [ + "DecimalPlaces" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.DecimalValueWhenUnsetConfiguration": { + "additionalProperties": false, + "properties": { + "CustomValue": { + "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", + "title": "CustomValue", + "type": "number" + }, + "ValueWhenUnsetOption": { + "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", + "title": "ValueWhenUnsetOption", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.DefaultDateTimePickerControlOptions": { + "additionalProperties": false, + "properties": { + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `DateTimePickerControl` .", + "title": "CommitMode", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimePickerControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "Type": { + "markdownDescription": "The date time picker type of the `DefaultDateTimePickerControlOptions` . Choose one of the following options:\n\n- `SINGLE_VALUED` : The filter condition is a fixed date.\n- `DATE_RANGE` : The filter condition is a date time range.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.DefaultFilterControlConfiguration": { + "additionalProperties": false, + "properties": { + "ControlOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlOptions", + "markdownDescription": "The control option for the `DefaultFilterControlConfiguration` .", + "title": "ControlOptions" + }, + "Title": { + "markdownDescription": "The title of the `DefaultFilterControlConfiguration` . This title is shared by all controls that are tied to this filter.", + "title": "Title", + "type": "string" + } + }, + "required": [ + "ControlOptions", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.DefaultFilterControlOptions": { + "additionalProperties": false, + "properties": { + "DefaultDateTimePickerOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultDateTimePickerControlOptions", + "markdownDescription": "The default options that correspond to the filter control type of a `DateTimePicker` .", + "title": "DefaultDateTimePickerOptions" + }, + "DefaultDropdownOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterDropDownControlOptions", + "markdownDescription": "The default options that correspond to the `Dropdown` filter control type.", + "title": "DefaultDropdownOptions" + }, + "DefaultListOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterListControlOptions", + "markdownDescription": "The default options that correspond to the `List` filter control type.", + "title": "DefaultListOptions" + }, + "DefaultRelativeDateTimeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultRelativeDateTimeControlOptions", + "markdownDescription": "The default options that correspond to the `RelativeDateTime` filter control type.", + "title": "DefaultRelativeDateTimeOptions" + }, + "DefaultSliderOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultSliderControlOptions", + "markdownDescription": "The default options that correspond to the `Slider` filter control type.", + "title": "DefaultSliderOptions" + }, + "DefaultTextAreaOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultTextAreaControlOptions", + "markdownDescription": "The default options that correspond to the `TextArea` filter control type.", + "title": "DefaultTextAreaOptions" + }, + "DefaultTextFieldOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultTextFieldControlOptions", + "markdownDescription": "The default options that correspond to the `TextField` filter control type.", + "title": "DefaultTextFieldOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.DefaultFilterDropDownControlOptions": { + "additionalProperties": false, + "properties": { + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `FilterDropDownControl` .", + "title": "CommitMode", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DropDownControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "Type": { + "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.DefaultFilterListControlOptions": { + "additionalProperties": false, + "properties": { + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ListControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "Type": { + "markdownDescription": "The type of the `DefaultFilterListControlOptions` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.DefaultFreeFormLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutCanvasSizeOptions", + "markdownDescription": "Determines the screen canvas size options for a free-form layout.", + "title": "CanvasSizeOptions" + } + }, + "required": [ + "CanvasSizeOptions" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.DefaultGridLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GridLayoutCanvasSizeOptions", + "markdownDescription": "Determines the screen canvas size options for a grid layout.", + "title": "CanvasSizeOptions" + } + }, + "required": [ + "CanvasSizeOptions" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.DefaultInteractiveLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "FreeForm": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFreeFormLayoutConfiguration", + "markdownDescription": "The options that determine the default settings of a free-form layout configuration.", + "title": "FreeForm" + }, + "Grid": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultGridLayoutConfiguration", + "markdownDescription": "The options that determine the default settings for a grid layout configuration.", + "title": "Grid" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.DefaultNewSheetConfiguration": { + "additionalProperties": false, + "properties": { + "InteractiveLayoutConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultInteractiveLayoutConfiguration", + "markdownDescription": "The options that determine the default settings for interactive layout configuration.", + "title": "InteractiveLayoutConfiguration" + }, + "PaginatedLayoutConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultPaginatedLayoutConfiguration", + "markdownDescription": "The options that determine the default settings for a paginated layout configuration.", + "title": "PaginatedLayoutConfiguration" + }, + "SheetContentType": { + "markdownDescription": "The option that determines the sheet content type.", + "title": "SheetContentType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.DefaultPaginatedLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "SectionBased": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultSectionBasedLayoutConfiguration", + "markdownDescription": "The options that determine the default settings for a section-based layout configuration.", + "title": "SectionBased" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.DefaultRelativeDateTimeControlOptions": { + "additionalProperties": false, + "properties": { + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `RelativeDateTimeControl` .", + "title": "CommitMode", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.RelativeDateTimeControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.DefaultSectionBasedLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionBasedLayoutCanvasSizeOptions", + "markdownDescription": "Determines the screen canvas size options for a section-based layout.", + "title": "CanvasSizeOptions" + } + }, + "required": [ + "CanvasSizeOptions" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.DefaultSliderControlOptions": { + "additionalProperties": false, + "properties": { + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SliderControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "MaximumValue": { + "markdownDescription": "The larger value that is displayed at the right of the slider.", + "title": "MaximumValue", + "type": "number" + }, + "MinimumValue": { + "markdownDescription": "The smaller value that is displayed at the left of the slider.", + "title": "MinimumValue", + "type": "number" + }, + "StepSize": { + "markdownDescription": "The number of increments that the slider bar is divided into.", + "title": "StepSize", + "type": "number" + }, + "Type": { + "markdownDescription": "The type of the `DefaultSliderControlOptions` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "MaximumValue", + "MinimumValue", + "StepSize" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.DefaultTextAreaControlOptions": { + "additionalProperties": false, + "properties": { + "Delimiter": { + "markdownDescription": "The delimiter that is used to separate the lines in text.", + "title": "Delimiter", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TextAreaControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.DefaultTextFieldControlOptions": { + "additionalProperties": false, + "properties": { + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TextFieldControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.DestinationParameterValueConfiguration": { + "additionalProperties": false, + "properties": { + "CustomValuesConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomValuesConfiguration", + "markdownDescription": "The configuration of custom values for destination parameter in `DestinationParameterValueConfiguration` .", + "title": "CustomValuesConfiguration" + }, + "SelectAllValueOptions": { + "markdownDescription": "The configuration that selects all options.", + "title": "SelectAllValueOptions", + "type": "string" + }, + "SourceColumn": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "A column of a data set.", + "title": "SourceColumn" + }, + "SourceField": { + "markdownDescription": "The source field ID of the destination parameter.", + "title": "SourceField", + "type": "string" + }, + "SourceParameterName": { + "markdownDescription": "The source parameter name of the destination parameter.", + "title": "SourceParameterName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.DimensionField": { + "additionalProperties": false, + "properties": { + "CategoricalDimensionField": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CategoricalDimensionField", + "markdownDescription": "The dimension type field with categorical type columns.", + "title": "CategoricalDimensionField" + }, + "DateDimensionField": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateDimensionField", + "markdownDescription": "The dimension type field with date type columns.", + "title": "DateDimensionField" + }, + "NumericalDimensionField": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericalDimensionField", + "markdownDescription": "The dimension type field with numerical type columns.", + "title": "NumericalDimensionField" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.DonutCenterOptions": { + "additionalProperties": false, + "properties": { + "LabelVisibility": { + "markdownDescription": "Determines the visibility of the label in a donut chart. In the Amazon QuickSight console, this option is called `'Show total'` .", + "title": "LabelVisibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.DonutOptions": { + "additionalProperties": false, + "properties": { + "ArcOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ArcOptions", + "markdownDescription": "The option for define the arc of the chart shape. Valid values are as follows:\n\n- `WHOLE` - A pie chart\n- `SMALL` - A small-sized donut chart\n- `MEDIUM` - A medium-sized donut chart\n- `LARGE` - A large-sized donut chart", + "title": "ArcOptions" + }, + "DonutCenterOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DonutCenterOptions", + "markdownDescription": "The label options of the label that is displayed in the center of a donut chart. This option isn't available for pie charts.", + "title": "DonutCenterOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.DrillDownFilter": { + "additionalProperties": false, + "properties": { + "CategoryFilter": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CategoryDrillDownFilter", + "markdownDescription": "The category type drill down filter. This filter is used for string type columns.", + "title": "CategoryFilter" + }, + "NumericEqualityFilter": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericEqualityDrillDownFilter", + "markdownDescription": "The numeric equality type drill down filter. This filter is used for number type columns.", + "title": "NumericEqualityFilter" + }, + "TimeRangeFilter": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TimeRangeDrillDownFilter", + "markdownDescription": "The time range drill down filter. This filter is used for date time columns.", + "title": "TimeRangeFilter" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.DropDownControlDisplayOptions": { + "additionalProperties": false, + "properties": { + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "SelectAllOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ListControlSelectAllOptions", + "markdownDescription": "The configuration of the `Select all` options in a dropdown control.", + "title": "SelectAllOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.DynamicDefaultValue": { + "additionalProperties": false, + "properties": { + "DefaultValueColumn": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that contains the default value of each user or group.", + "title": "DefaultValueColumn" + }, + "GroupNameColumn": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that contains the group name.", + "title": "GroupNameColumn" + }, + "UserNameColumn": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that contains the username.", + "title": "UserNameColumn" + } + }, + "required": [ + "DefaultValueColumn" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.EmptyVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "DataSetIdentifier": { + "markdownDescription": "The data set that is used in the empty visual. Every visual requires a dataset to render.", + "title": "DataSetIdentifier", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "DataSetIdentifier", + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.Entity": { + "additionalProperties": false, + "properties": { + "Path": { + "markdownDescription": "The hierarchical path of the entity within the analysis, template, or dashboard definition tree.", + "title": "Path", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ExcludePeriodConfiguration": { + "additionalProperties": false, + "properties": { + "Amount": { + "markdownDescription": "The amount or number of the exclude period.", + "title": "Amount", + "type": "number" + }, + "Granularity": { + "markdownDescription": "The granularity or unit (day, month, year) of the exclude period.", + "title": "Granularity", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the exclude period. Choose from the following options:\n\n- `ENABLED`\n- `DISABLED`", + "title": "Status", + "type": "string" + } + }, + "required": [ + "Amount", + "Granularity" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.ExplicitHierarchy": { + "additionalProperties": false, + "properties": { + "Columns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier" + }, + "markdownDescription": "The list of columns that define the explicit hierarchy.", + "title": "Columns", + "type": "array" + }, + "DrillDownFilters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DrillDownFilter" + }, + "markdownDescription": "The option that determines the drill down filters for the explicit hierarchy.", + "title": "DrillDownFilters", + "type": "array" + }, + "HierarchyId": { + "markdownDescription": "The hierarchy ID of the explicit hierarchy.", + "title": "HierarchyId", + "type": "string" + } + }, + "required": [ + "Columns", + "HierarchyId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.FieldBasedTooltip": { + "additionalProperties": false, + "properties": { + "AggregationVisibility": { + "markdownDescription": "The visibility of `Show aggregations` .", + "title": "AggregationVisibility", + "type": "string" + }, + "TooltipFields": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipItem" + }, + "markdownDescription": "The fields configuration in the tooltip.", + "title": "TooltipFields", + "type": "array" + }, + "TooltipTitleType": { + "markdownDescription": "The type for the >tooltip title. Choose one of the following options:\n\n- `NONE` : Doesn't use the primary value as the title.\n- `PRIMARY_VALUE` : Uses primary value as the title.", + "title": "TooltipTitleType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.FieldLabelType": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "Indicates the field that is targeted by the field label.", + "title": "FieldId", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the field label.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.FieldSeriesItem": { + "additionalProperties": false, + "properties": { + "AxisBinding": { + "markdownDescription": "The axis that you are binding the field to.", + "title": "AxisBinding", + "type": "string" + }, + "FieldId": { + "markdownDescription": "The field ID of the field for which you are setting the axis binding.", + "title": "FieldId", + "type": "string" + }, + "Settings": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartSeriesSettings", + "markdownDescription": "The options that determine the presentation of line series associated to the field.", + "title": "Settings" + } + }, + "required": [ + "AxisBinding", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.FieldSort": { + "additionalProperties": false, + "properties": { + "Direction": { + "markdownDescription": "The sort direction. Choose one of the following options:\n\n- `ASC` : Ascending\n- `DESC` : Descending", + "title": "Direction", + "type": "string" + }, + "FieldId": { + "markdownDescription": "The sort configuration target field.", + "title": "FieldId", + "type": "string" + } + }, + "required": [ + "Direction", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.FieldSortOptions": { + "additionalProperties": false, + "properties": { + "ColumnSort": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnSort", + "markdownDescription": "The sort configuration for a column that is not used in a field well.", + "title": "ColumnSort" + }, + "FieldSort": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSort", + "markdownDescription": "The sort configuration for a field in a field well.", + "title": "FieldSort" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.FieldTooltipItem": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The unique ID of the field that is targeted by the tooltip.", + "title": "FieldId", + "type": "string" + }, + "Label": { + "markdownDescription": "The label of the tooltip item.", + "title": "Label", + "type": "string" + }, + "TooltipTarget": { + "markdownDescription": "Determines the target of the field tooltip item in a combo chart visual.", + "title": "TooltipTarget", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the tooltip item.", + "title": "Visibility", + "type": "string" + } + }, + "required": [ + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.FilledMapAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Geospatial": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The aggregated location field well of the filled map. Values are grouped by location fields.", + "title": "Geospatial", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The aggregated color field well of a filled map. Values are aggregated based on location fields.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.FilledMapConditionalFormatting": { + "additionalProperties": false, + "properties": { + "ConditionalFormattingOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapConditionalFormattingOption" + }, + "markdownDescription": "Conditional formatting options of a `FilledMapVisual` .", + "title": "ConditionalFormattingOptions", + "type": "array" + } + }, + "required": [ + "ConditionalFormattingOptions" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.FilledMapConditionalFormattingOption": { + "additionalProperties": false, + "properties": { + "Shape": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapShapeConditionalFormatting", + "markdownDescription": "The conditional formatting that determines the shape of the filled map.", + "title": "Shape" + } + }, + "required": [ + "Shape" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.FilledMapConfiguration": { + "additionalProperties": false, + "properties": { + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "MapStyleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapStyleOptions", + "markdownDescription": "The map style options of the filled map visual.", + "title": "MapStyleOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapSortConfiguration", + "markdownDescription": "The sort configuration of a `FilledMapVisual` .", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + }, + "WindowOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialWindowOptions", + "markdownDescription": "The window options of the filled map visual.", + "title": "WindowOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.FilledMapFieldWells": { + "additionalProperties": false, + "properties": { + "FilledMapAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapAggregatedFieldWells", + "markdownDescription": "The aggregated field well of the filled map.", + "title": "FilledMapAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.FilledMapShapeConditionalFormatting": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The field ID of the filled map shape.", + "title": "FieldId", + "type": "string" + }, + "Format": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ShapeConditionalFormat", + "markdownDescription": "The conditional formatting that determines the background color of a filled map's shape.", + "title": "Format" + } + }, + "required": [ + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.FilledMapSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the location fields.", + "title": "CategorySort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.FilledMapVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "ConditionalFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapConditionalFormatting", + "markdownDescription": "The conditional formatting of a `FilledMapVisual` .", + "title": "ConditionalFormatting" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.Filter": { + "additionalProperties": false, + "properties": { + "CategoryFilter": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CategoryFilter", + "markdownDescription": "A `CategoryFilter` filters text values.\n\nFor more information, see [Adding text filters](https://docs.aws.amazon.com/quicksight/latest/user/add-a-text-filter-data-prep.html) in the *Amazon QuickSight User Guide* .", + "title": "CategoryFilter" + }, + "NestedFilter": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NestedFilter", + "markdownDescription": "A `NestedFilter` filters data with a subset of data that is defined by the nested inner filter.", + "title": "NestedFilter" + }, + "NumericEqualityFilter": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericEqualityFilter", + "markdownDescription": "A `NumericEqualityFilter` filters numeric values that equal or do not equal a given numeric value.", + "title": "NumericEqualityFilter" + }, + "NumericRangeFilter": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericRangeFilter", + "markdownDescription": "A `NumericRangeFilter` filters numeric values that are either inside or outside a given numeric range.", + "title": "NumericRangeFilter" + }, + "RelativeDatesFilter": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.RelativeDatesFilter", + "markdownDescription": "A `RelativeDatesFilter` filters date values that are relative to a given date.", + "title": "RelativeDatesFilter" + }, + "TimeEqualityFilter": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TimeEqualityFilter", + "markdownDescription": "A `TimeEqualityFilter` filters date-time values that equal or do not equal a given date/time value.", + "title": "TimeEqualityFilter" + }, + "TimeRangeFilter": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TimeRangeFilter", + "markdownDescription": "A `TimeRangeFilter` filters date-time values that are either inside or outside a given date/time range.", + "title": "TimeRangeFilter" + }, + "TopBottomFilter": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TopBottomFilter", + "markdownDescription": "A `TopBottomFilter` filters data to the top or bottom values for a given column.", + "title": "TopBottomFilter" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.FilterControl": { + "additionalProperties": false, + "properties": { + "CrossSheet": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterCrossSheetControl", + "markdownDescription": "A control from a filter that is scoped across more than one sheet. This represents your filter control on a sheet", + "title": "CrossSheet" + }, + "DateTimePicker": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterDateTimePickerControl", + "markdownDescription": "A control from a date filter that is used to specify date and time.", + "title": "DateTimePicker" + }, + "Dropdown": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterDropDownControl", + "markdownDescription": "A control to display a dropdown list with buttons that are used to select a single value.", + "title": "Dropdown" + }, + "List": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterListControl", + "markdownDescription": "A control to display a list of buttons or boxes. This is used to select either a single value or multiple values.", + "title": "List" + }, + "RelativeDateTime": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterRelativeDateTimeControl", + "markdownDescription": "A control from a date filter that is used to specify the relative date.", + "title": "RelativeDateTime" + }, + "Slider": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterSliderControl", + "markdownDescription": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle.", + "title": "Slider" + }, + "TextArea": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterTextAreaControl", + "markdownDescription": "A control to display a text box that is used to enter multiple entries.", + "title": "TextArea" + }, + "TextField": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterTextFieldControl", + "markdownDescription": "A control to display a text box that is used to enter a single entry.", + "title": "TextField" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.FilterCrossSheetControl": { + "additionalProperties": false, + "properties": { + "CascadingControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CascadingControlConfiguration", + "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", + "title": "CascadingControlConfiguration" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterCrossSheetControl` .", + "title": "FilterControlId", + "type": "string" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterCrossSheetControl` .", + "title": "SourceFilterId", + "type": "string" + } + }, + "required": [ + "FilterControlId", + "SourceFilterId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.FilterDateTimePickerControl": { + "additionalProperties": false, + "properties": { + "CommitMode": { + "markdownDescription": "The visibility configurationof the Apply button on a `DateTimePickerControl` .", + "title": "CommitMode", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimePickerControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterDateTimePickerControl` .", + "title": "FilterControlId", + "type": "string" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterDateTimePickerControl` .", + "title": "SourceFilterId", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `FilterDateTimePickerControl` .", + "title": "Title", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "FilterControlId", + "SourceFilterId", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.FilterDropDownControl": { + "additionalProperties": false, + "properties": { + "CascadingControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CascadingControlConfiguration", + "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", + "title": "CascadingControlConfiguration" + }, + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `FilterDropDownControl` .", + "title": "CommitMode", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DropDownControlDisplayOptions", + "markdownDescription": "The display options of the `FilterDropDownControl` .", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterDropDownControl` .", + "title": "FilterControlId", + "type": "string" + }, + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterDropDownControl` .", + "title": "SourceFilterId", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `FilterDropDownControl` .", + "title": "Title", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "FilterControlId", + "SourceFilterId", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.FilterGroup": { + "additionalProperties": false, + "properties": { + "CrossDataset": { + "markdownDescription": "The filter new feature which can apply filter group to all data sets. Choose one of the following options:\n\n- `ALL_DATASETS`\n- `SINGLE_DATASET`", + "title": "CrossDataset", + "type": "string" + }, + "FilterGroupId": { + "markdownDescription": "The value that uniquely identifies a `FilterGroup` within a dashboard, template, or analysis.", + "title": "FilterGroupId", + "type": "string" + }, + "Filters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.Filter" + }, + "markdownDescription": "The list of filters that are present in a `FilterGroup` .", + "title": "Filters", + "type": "array" + }, + "ScopeConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterScopeConfiguration", + "markdownDescription": "The configuration that specifies what scope to apply to a `FilterGroup` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", + "title": "ScopeConfiguration" + }, + "Status": { + "markdownDescription": "The status of the `FilterGroup` .", + "title": "Status", + "type": "string" + } + }, + "required": [ + "CrossDataset", + "FilterGroupId", + "Filters", + "ScopeConfiguration" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.FilterListConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryValues": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of category values for the filter.", + "title": "CategoryValues", + "type": "array" + }, + "MatchOperator": { + "markdownDescription": "The match operator that is used to determine if a filter should be applied.", + "title": "MatchOperator", + "type": "string" + }, + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" + }, + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", + "type": "string" + } + }, + "required": [ + "MatchOperator" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.FilterListControl": { + "additionalProperties": false, + "properties": { + "CascadingControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CascadingControlConfiguration", + "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", + "title": "CascadingControlConfiguration" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ListControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterListControl` .", + "title": "FilterControlId", + "type": "string" + }, + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterListControl` .", + "title": "SourceFilterId", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `FilterListControl` .", + "title": "Title", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the `FilterListControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "FilterControlId", + "SourceFilterId", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.FilterOperationSelectedFieldsConfiguration": { + "additionalProperties": false, + "properties": { + "SelectedColumns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier" + }, + "markdownDescription": "The selected columns of a dataset.", + "title": "SelectedColumns", + "type": "array" + }, + "SelectedFieldOptions": { + "markdownDescription": "A structure that contains the options that choose which fields are filtered in the `CustomActionFilterOperation` .\n\nValid values are defined as follows:\n\n- `ALL_FIELDS` : Applies the filter operation to all fields.", + "title": "SelectedFieldOptions", + "type": "string" + }, + "SelectedFields": { + "items": { + "type": "string" + }, + "markdownDescription": "Chooses the fields that are filtered in `CustomActionFilterOperation` .", + "title": "SelectedFields", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.FilterOperationTargetVisualsConfiguration": { + "additionalProperties": false, + "properties": { + "SameSheetTargetVisualConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SameSheetTargetVisualConfiguration", + "markdownDescription": "The configuration of the same-sheet target visuals that you want to be filtered.", + "title": "SameSheetTargetVisualConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.FilterRelativeDateTimeControl": { + "additionalProperties": false, + "properties": { + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `FilterRelativeDateTimeControl` .", + "title": "CommitMode", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.RelativeDateTimeControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterTextAreaControl` .", + "title": "FilterControlId", + "type": "string" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterTextAreaControl` .", + "title": "SourceFilterId", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `FilterTextAreaControl` .", + "title": "Title", + "type": "string" + } + }, + "required": [ + "FilterControlId", + "SourceFilterId", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.FilterScopeConfiguration": { + "additionalProperties": false, + "properties": { + "AllSheets": { + "markdownDescription": "The configuration that applies a filter to all sheets. When you choose `AllSheets` as the value for a `FilterScopeConfiguration` , this filter is applied to all visuals of all sheets in an Analysis, Dashboard, or Template. The `AllSheetsFilterScopeConfiguration` is chosen.", + "title": "AllSheets", + "type": "object" + }, + "SelectedSheets": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SelectedSheetsFilterScopeConfiguration", + "markdownDescription": "The configuration for applying a filter to specific sheets.", + "title": "SelectedSheets" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.FilterSelectableValues": { + "additionalProperties": false, + "properties": { + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The values that are used in the `FilterSelectableValues` .", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.FilterSliderControl": { + "additionalProperties": false, + "properties": { + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SliderControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterSliderControl` .", + "title": "FilterControlId", + "type": "string" + }, + "MaximumValue": { + "markdownDescription": "The larger value that is displayed at the right of the slider.", + "title": "MaximumValue", + "type": "number" + }, + "MinimumValue": { + "markdownDescription": "The smaller value that is displayed at the left of the slider.", + "title": "MinimumValue", + "type": "number" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterSliderControl` .", + "title": "SourceFilterId", + "type": "string" + }, + "StepSize": { + "markdownDescription": "The number of increments that the slider bar is divided into.", + "title": "StepSize", + "type": "number" + }, + "Title": { + "markdownDescription": "The title of the `FilterSliderControl` .", + "title": "Title", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the `FilterSliderControl` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "FilterControlId", + "MaximumValue", + "MinimumValue", + "SourceFilterId", + "StepSize", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.FilterTextAreaControl": { + "additionalProperties": false, + "properties": { + "Delimiter": { + "markdownDescription": "The delimiter that is used to separate the lines in text.", + "title": "Delimiter", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TextAreaControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterTextAreaControl` .", + "title": "FilterControlId", + "type": "string" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterTextAreaControl` .", + "title": "SourceFilterId", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `FilterTextAreaControl` .", + "title": "Title", + "type": "string" + } + }, + "required": [ + "FilterControlId", + "SourceFilterId", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.FilterTextFieldControl": { + "additionalProperties": false, + "properties": { + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TextFieldControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterTextFieldControl` .", + "title": "FilterControlId", + "type": "string" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterTextFieldControl` .", + "title": "SourceFilterId", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `FilterTextFieldControl` .", + "title": "Title", + "type": "string" + } + }, + "required": [ + "FilterControlId", + "SourceFilterId", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.FontConfiguration": { + "additionalProperties": false, + "properties": { + "FontColor": { + "markdownDescription": "Determines the color of the text.", + "title": "FontColor", + "type": "string" + }, + "FontDecoration": { + "markdownDescription": "Determines the appearance of decorative lines on the text.", + "title": "FontDecoration", + "type": "string" + }, + "FontFamily": { + "markdownDescription": "The font family that you want to use.", + "title": "FontFamily", + "type": "string" + }, + "FontSize": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontSize", + "markdownDescription": "The option that determines the text display size.", + "title": "FontSize" + }, + "FontStyle": { + "markdownDescription": "Determines the text display face that is inherited by the given font family.", + "title": "FontStyle", + "type": "string" + }, + "FontWeight": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontWeight", + "markdownDescription": "The option that determines the text display weight, or boldness.", + "title": "FontWeight" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.FontSize": { + "additionalProperties": false, + "properties": { + "Absolute": { + "markdownDescription": "The font size that you want to use in px.", + "title": "Absolute", + "type": "string" + }, + "Relative": { + "markdownDescription": "The lexical name for the text size, proportional to its surrounding context.", + "title": "Relative", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.FontWeight": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The lexical name for the level of boldness of the text display.", + "title": "Name", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ForecastComputation": { + "additionalProperties": false, + "properties": { + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "CustomSeasonalityValue": { + "markdownDescription": "The custom seasonality value setup of a forecast computation.", + "title": "CustomSeasonalityValue", + "type": "number" + }, + "LowerBoundary": { + "markdownDescription": "The lower boundary setup of a forecast computation.", + "title": "LowerBoundary", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "PeriodsBackward": { + "markdownDescription": "The periods backward setup of a forecast computation.", + "title": "PeriodsBackward", + "type": "number" + }, + "PeriodsForward": { + "markdownDescription": "The periods forward setup of a forecast computation.", + "title": "PeriodsForward", + "type": "number" + }, + "PredictionInterval": { + "markdownDescription": "The prediction interval setup of a forecast computation.", + "title": "PredictionInterval", + "type": "number" + }, + "Seasonality": { + "markdownDescription": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `AUTOMATIC`\n- `CUSTOM` : Checks the custom seasonality value.", + "title": "Seasonality", + "type": "string" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + }, + "UpperBoundary": { + "markdownDescription": "The upper boundary setup of a forecast computation.", + "title": "UpperBoundary", + "type": "number" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" + } + }, + "required": [ + "ComputationId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.ForecastConfiguration": { + "additionalProperties": false, + "properties": { + "ForecastProperties": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TimeBasedForecastProperties", + "markdownDescription": "The forecast properties setup of a forecast in the line chart.", + "title": "ForecastProperties" + }, + "Scenario": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ForecastScenario", + "markdownDescription": "The forecast scenario of a forecast in the line chart.", + "title": "Scenario" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ForecastScenario": { + "additionalProperties": false, + "properties": { + "WhatIfPointScenario": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.WhatIfPointScenario", + "markdownDescription": "The what-if analysis forecast setup with the target date.", + "title": "WhatIfPointScenario" + }, + "WhatIfRangeScenario": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.WhatIfRangeScenario", + "markdownDescription": "The what-if analysis forecast setup with the date range.", + "title": "WhatIfRangeScenario" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.FormatConfiguration": { + "additionalProperties": false, + "properties": { + "DateTimeFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeFormatConfiguration", + "markdownDescription": "Formatting configuration for `DateTime` fields.", + "title": "DateTimeFormatConfiguration" + }, + "NumberFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumberFormatConfiguration", + "markdownDescription": "Formatting configuration for number fields.", + "title": "NumberFormatConfiguration" + }, + "StringFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.StringFormatConfiguration", + "markdownDescription": "Formatting configuration for string fields.", + "title": "StringFormatConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.FreeFormLayoutCanvasSizeOptions": { + "additionalProperties": false, + "properties": { + "ScreenCanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutScreenCanvasSizeOptions", + "markdownDescription": "The options that determine the sizing of the canvas used in a free-form layout.", + "title": "ScreenCanvasSizeOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.FreeFormLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutCanvasSizeOptions", + "markdownDescription": "", + "title": "CanvasSizeOptions" + }, + "Elements": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutElement" + }, + "markdownDescription": "The elements that are included in a free-form layout.", + "title": "Elements", + "type": "array" + } + }, + "required": [ + "Elements" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.FreeFormLayoutElement": { + "additionalProperties": false, + "properties": { + "BackgroundStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutElementBackgroundStyle", + "markdownDescription": "The background style configuration of a free-form layout element.", + "title": "BackgroundStyle" + }, + "BorderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutElementBorderStyle", + "markdownDescription": "The border style configuration of a free-form layout element.", + "title": "BorderStyle" + }, + "ElementId": { + "markdownDescription": "A unique identifier for an element within a free-form layout.", + "title": "ElementId", + "type": "string" + }, + "ElementType": { + "markdownDescription": "The type of element.", + "title": "ElementType", + "type": "string" + }, + "Height": { + "markdownDescription": "The height of an element within a free-form layout.", + "title": "Height", + "type": "string" + }, + "LoadingAnimation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LoadingAnimation", + "markdownDescription": "The loading animation configuration of a free-form layout element.", + "title": "LoadingAnimation" + }, + "RenderingRules": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetElementRenderingRule" + }, + "markdownDescription": "The rendering rules that determine when an element should be displayed within a free-form layout.", + "title": "RenderingRules", + "type": "array" + }, + "SelectedBorderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutElementBorderStyle", + "markdownDescription": "The border style configuration of a free-form layout element. This border style is used when the element is selected.", + "title": "SelectedBorderStyle" + }, + "Visibility": { + "markdownDescription": "The visibility of an element within a free-form layout.", + "title": "Visibility", + "type": "string" + }, + "Width": { + "markdownDescription": "The width of an element within a free-form layout.", + "title": "Width", + "type": "string" + }, + "XAxisLocation": { + "markdownDescription": "The x-axis coordinate of the element.", + "title": "XAxisLocation", + "type": "string" + }, + "YAxisLocation": { + "markdownDescription": "The y-axis coordinate of the element.", + "title": "YAxisLocation", + "type": "string" + } + }, + "required": [ + "ElementId", + "ElementType", + "Height", + "Width", + "XAxisLocation", + "YAxisLocation" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.FreeFormLayoutElementBackgroundStyle": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The background color of a free-form layout element.", + "title": "Color", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The background visibility of a free-form layout element.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.FreeFormLayoutElementBorderStyle": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The border color of a free-form layout element.", + "title": "Color", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The border visibility of a free-form layout element.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.FreeFormLayoutScreenCanvasSizeOptions": { + "additionalProperties": false, + "properties": { + "OptimizedViewPortWidth": { + "markdownDescription": "The width that the view port will be optimized for when the layout renders.", + "title": "OptimizedViewPortWidth", + "type": "string" + } + }, + "required": [ + "OptimizedViewPortWidth" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.FreeFormSectionLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "Elements": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutElement" + }, + "markdownDescription": "The elements that are included in the free-form layout.", + "title": "Elements", + "type": "array" + } + }, + "required": [ + "Elements" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.FunnelChartAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The category field wells of a funnel chart. Values are grouped by category fields.", + "title": "Category", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The value field wells of a funnel chart. Values are aggregated based on categories.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.FunnelChartConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options of the categories that are displayed in a `FunnelChartVisual` .", + "title": "CategoryLabelOptions" + }, + "DataLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FunnelChartDataLabelOptions", + "markdownDescription": "The options that determine the presentation of the data labels.", + "title": "DataLabelOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FunnelChartFieldWells", + "markdownDescription": "The field well configuration of a `FunnelChartVisual` .", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FunnelChartSortConfiguration", + "markdownDescription": "The sort configuration of a `FunnelChartVisual` .", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", + "markdownDescription": "The tooltip configuration of a `FunnelChartVisual` .", + "title": "Tooltip" + }, + "ValueLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options for the values that are displayed in a `FunnelChartVisual` .", + "title": "ValueLabelOptions" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", + "markdownDescription": "The visual palette configuration of a `FunnelChartVisual` .", + "title": "VisualPalette" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.FunnelChartDataLabelOptions": { + "additionalProperties": false, + "properties": { + "CategoryLabelVisibility": { + "markdownDescription": "The visibility of the category labels within the data labels.", + "title": "CategoryLabelVisibility", + "type": "string" + }, + "LabelColor": { + "markdownDescription": "The color of the data label text.", + "title": "LabelColor", + "type": "string" + }, + "LabelFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", + "markdownDescription": "The font configuration for the data labels.\n\nOnly the `FontSize` attribute of the font configuration is used for data labels.", + "title": "LabelFontConfiguration" + }, + "MeasureDataLabelStyle": { + "markdownDescription": "Determines the style of the metric labels.", + "title": "MeasureDataLabelStyle", + "type": "string" + }, + "MeasureLabelVisibility": { + "markdownDescription": "The visibility of the measure labels within the data labels.", + "title": "MeasureLabelVisibility", + "type": "string" + }, + "Position": { + "markdownDescription": "Determines the positioning of the data label relative to a section of the funnel.", + "title": "Position", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility option that determines if data labels are displayed.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.FunnelChartFieldWells": { + "additionalProperties": false, + "properties": { + "FunnelChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FunnelChartAggregatedFieldWells", + "markdownDescription": "The field well configuration of a `FunnelChartVisual` .", + "title": "FunnelChartAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.FunnelChartSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of categories displayed.", + "title": "CategoryItemsLimit" + }, + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the category fields.", + "title": "CategorySort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.FunnelChartVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FunnelChartConfiguration", + "markdownDescription": "The configuration of a `FunnelChartVisual` .", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.GaugeChartArcConditionalFormatting": { + "additionalProperties": false, + "properties": { + "ForegroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the arc foreground color.", + "title": "ForegroundColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GaugeChartColorConfiguration": { + "additionalProperties": false, + "properties": { + "BackgroundColor": { + "markdownDescription": "The background color configuration of a `GaugeChartVisual` .", + "title": "BackgroundColor", + "type": "string" + }, + "ForegroundColor": { + "markdownDescription": "The foreground color configuration of a `GaugeChartVisual` .", + "title": "ForegroundColor", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GaugeChartConditionalFormatting": { + "additionalProperties": false, + "properties": { + "ConditionalFormattingOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartConditionalFormattingOption" + }, + "markdownDescription": "Conditional formatting options of a `GaugeChartVisual` .", + "title": "ConditionalFormattingOptions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GaugeChartConditionalFormattingOption": { + "additionalProperties": false, + "properties": { + "Arc": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartArcConditionalFormatting", + "markdownDescription": "The options that determine the presentation of the arc of a `GaugeChartVisual` .", + "title": "Arc" + }, + "PrimaryValue": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartPrimaryValueConditionalFormatting", + "markdownDescription": "The conditional formatting for the primary value of a `GaugeChartVisual` .", + "title": "PrimaryValue" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GaugeChartConfiguration": { + "additionalProperties": false, + "properties": { + "ColorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartColorConfiguration", + "markdownDescription": "The color configuration of a `GaugeChartVisual` .", + "title": "ColorConfiguration" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", + "markdownDescription": "The data label configuration of a `GaugeChartVisual` .", + "title": "DataLabels" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartFieldWells", + "markdownDescription": "The field well configuration of a `GaugeChartVisual` .", + "title": "FieldWells" + }, + "GaugeChartOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartOptions", + "markdownDescription": "The options that determine the presentation of the `GaugeChartVisual` .", + "title": "GaugeChartOptions" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "TooltipOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", + "markdownDescription": "The tooltip configuration of a `GaugeChartVisual` .", + "title": "TooltipOptions" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", + "markdownDescription": "The visual palette configuration of a `GaugeChartVisual` .", + "title": "VisualPalette" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GaugeChartFieldWells": { + "additionalProperties": false, + "properties": { + "TargetValues": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The target value field wells of a `GaugeChartVisual` .", + "title": "TargetValues", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The value field wells of a `GaugeChartVisual` .", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GaugeChartOptions": { + "additionalProperties": false, + "properties": { + "Arc": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ArcConfiguration", + "markdownDescription": "The arc configuration of a `GaugeChartVisual` .", + "title": "Arc" + }, + "ArcAxis": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ArcAxisConfiguration", + "markdownDescription": "The arc axis configuration of a `GaugeChartVisual` .", + "title": "ArcAxis" + }, + "Comparison": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ComparisonConfiguration", + "markdownDescription": "The comparison configuration of a `GaugeChartVisual` .", + "title": "Comparison" + }, + "PrimaryValueDisplayType": { + "markdownDescription": "The options that determine the primary value display type.", + "title": "PrimaryValueDisplayType", + "type": "string" + }, + "PrimaryValueFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", + "markdownDescription": "The options that determine the primary value font configuration.", + "title": "PrimaryValueFontConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GaugeChartPrimaryValueConditionalFormatting": { + "additionalProperties": false, + "properties": { + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting of the primary value icon.", + "title": "Icon" + }, + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the primary value text color.", + "title": "TextColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GaugeChartVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartConfiguration", + "markdownDescription": "The configuration of a `GaugeChartVisual` .", + "title": "ChartConfiguration" + }, + "ConditionalFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartConditionalFormatting", + "markdownDescription": "The conditional formatting of a `GaugeChartVisual` .", + "title": "ConditionalFormatting" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialCategoricalColor": { + "additionalProperties": false, + "properties": { + "CategoryDataColors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialCategoricalDataColor" + }, + "markdownDescription": "A list of categorical data colors for each category.", + "title": "CategoryDataColors", + "type": "array" + }, + "DefaultOpacity": { + "markdownDescription": "The default opacity of a categorical color.", + "title": "DefaultOpacity", + "type": "number" + }, + "NullDataSettings": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialNullDataSettings", + "markdownDescription": "The null data visualization settings.", + "title": "NullDataSettings" + }, + "NullDataVisibility": { + "markdownDescription": "The state of visibility for null data.", + "title": "NullDataVisibility", + "type": "string" + } + }, + "required": [ + "CategoryDataColors" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialCategoricalDataColor": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The color and opacity values for the category data color.", + "title": "Color", + "type": "string" + }, + "DataValue": { + "markdownDescription": "The data value for the category data color.", + "title": "DataValue", + "type": "string" + } + }, + "required": [ + "Color", + "DataValue" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialCircleRadius": { + "additionalProperties": false, + "properties": { + "Radius": { + "markdownDescription": "The positive value for the radius of a circle.", + "title": "Radius", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialCircleSymbolStyle": { + "additionalProperties": false, + "properties": { + "CircleRadius": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialCircleRadius", + "markdownDescription": "The radius of the circle.", + "title": "CircleRadius" + }, + "FillColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialColor", + "markdownDescription": "The color and opacity values for the fill color.", + "title": "FillColor" + }, + "StrokeColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialColor", + "markdownDescription": "The color and opacity values for the stroke color.", + "title": "StrokeColor" + }, + "StrokeWidth": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialLineWidth", + "markdownDescription": "The width of the stroke (border).", + "title": "StrokeWidth" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialColor": { + "additionalProperties": false, + "properties": { + "Categorical": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialCategoricalColor", + "markdownDescription": "The visualization properties for the categorical color.", + "title": "Categorical" + }, + "Gradient": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialGradientColor", + "markdownDescription": "The visualization properties for the gradient color.", + "title": "Gradient" + }, + "Solid": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialSolidColor", + "markdownDescription": "The visualization properties for the solid color.", + "title": "Solid" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialCoordinateBounds": { + "additionalProperties": false, + "properties": { + "East": { + "markdownDescription": "The longitude of the east bound of the geospatial coordinate bounds.", + "title": "East", + "type": "number" + }, + "North": { + "markdownDescription": "The latitude of the north bound of the geospatial coordinate bounds.", + "title": "North", + "type": "number" + }, + "South": { + "markdownDescription": "The latitude of the south bound of the geospatial coordinate bounds.", + "title": "South", + "type": "number" + }, + "West": { + "markdownDescription": "The longitude of the west bound of the geospatial coordinate bounds.", + "title": "West", + "type": "number" + } + }, + "required": [ + "East", + "North", + "South", + "West" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialDataSourceItem": { + "additionalProperties": false, + "properties": { + "StaticFileDataSource": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialStaticFileSource", + "markdownDescription": "The static file data source properties for the geospatial data.", + "title": "StaticFileDataSource" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialGradientColor": { + "additionalProperties": false, + "properties": { + "DefaultOpacity": { + "markdownDescription": "The default opacity for the gradient color.", + "title": "DefaultOpacity", + "type": "number" + }, + "NullDataSettings": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialNullDataSettings", + "markdownDescription": "The null data visualization settings.", + "title": "NullDataSettings" + }, + "NullDataVisibility": { + "markdownDescription": "The state of visibility for null data.", + "title": "NullDataVisibility", + "type": "string" + }, + "StepColors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialGradientStepColor" + }, + "markdownDescription": "A list of gradient step colors for the gradient.", + "title": "StepColors", + "type": "array" + } + }, + "required": [ + "StepColors" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialGradientStepColor": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The color and opacity values for the gradient step color.", + "title": "Color", + "type": "string" + }, + "DataValue": { + "markdownDescription": "The data value for the gradient step color.", + "title": "DataValue", + "type": "number" + } + }, + "required": [ + "Color", + "DataValue" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialHeatmapColorScale": { + "additionalProperties": false, + "properties": { + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialHeatmapDataColor" + }, + "markdownDescription": "The list of colors to be used in heatmap point style.", + "title": "Colors", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialHeatmapConfiguration": { + "additionalProperties": false, + "properties": { + "HeatmapColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialHeatmapColorScale", + "markdownDescription": "The color scale specification for the heatmap point style.", + "title": "HeatmapColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialHeatmapDataColor": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The hex color to be used in the heatmap point style.", + "title": "Color", + "type": "string" + } + }, + "required": [ + "Color" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialLayerColorField": { + "additionalProperties": false, + "properties": { + "ColorDimensionsFields": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "A list of color dimension fields.", + "title": "ColorDimensionsFields", + "type": "array" + }, + "ColorValuesFields": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "A list of color measure fields.", + "title": "ColorValuesFields", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialLayerDefinition": { + "additionalProperties": false, + "properties": { + "LineLayer": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialLineLayer", + "markdownDescription": "The definition for a line layer.", + "title": "LineLayer" + }, + "PointLayer": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialPointLayer", + "markdownDescription": "The definition for a point layer.", + "title": "PointLayer" + }, + "PolygonLayer": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialPolygonLayer", + "markdownDescription": "The definition for a polygon layer.", + "title": "PolygonLayer" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialLayerItem": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LayerCustomAction" + }, + "markdownDescription": "A list of custom actions for a layer.", + "title": "Actions", + "type": "array" + }, + "DataSource": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialDataSourceItem", + "markdownDescription": "The data source for the layer.", + "title": "DataSource" + }, + "JoinDefinition": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialLayerJoinDefinition", + "markdownDescription": "The join definition properties for a layer.", + "title": "JoinDefinition" + }, + "Label": { + "markdownDescription": "The label that is displayed for the layer.", + "title": "Label", + "type": "string" + }, + "LayerDefinition": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialLayerDefinition", + "markdownDescription": "The definition properties for a layer.", + "title": "LayerDefinition" + }, + "LayerId": { + "markdownDescription": "The ID of the layer.", + "title": "LayerId", + "type": "string" + }, + "LayerType": { + "markdownDescription": "The layer type.", + "title": "LayerType", + "type": "string" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", + "markdownDescription": "", + "title": "Tooltip" + }, + "Visibility": { + "markdownDescription": "The state of visibility for the layer.", + "title": "Visibility", + "type": "string" + } + }, + "required": [ + "LayerId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialLayerJoinDefinition": { + "additionalProperties": false, + "properties": { + "ColorField": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialLayerColorField", + "markdownDescription": "The geospatial color field for the join definition.", + "title": "ColorField" + }, + "DatasetKeyField": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.UnaggregatedField", + "markdownDescription": "", + "title": "DatasetKeyField" + }, + "ShapeKeyField": { + "markdownDescription": "The name of the field or property in the geospatial data source.", + "title": "ShapeKeyField", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialLayerMapConfiguration": { + "additionalProperties": false, + "properties": { + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", + "markdownDescription": "", + "title": "Legend" + }, + "MapLayers": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialLayerItem" + }, + "markdownDescription": "The geospatial layers to visualize on the map.", + "title": "MapLayers", + "type": "array" + }, + "MapState": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapState", + "markdownDescription": "The map state properties for the map.", + "title": "MapState" + }, + "MapStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapStyle", + "markdownDescription": "The map style properties for the map.", + "title": "MapStyle" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialLineLayer": { + "additionalProperties": false, + "properties": { + "Style": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialLineStyle", + "markdownDescription": "The visualization style for a line layer.", + "title": "Style" + } + }, + "required": [ + "Style" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialLineStyle": { + "additionalProperties": false, + "properties": { + "LineSymbolStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialLineSymbolStyle", + "markdownDescription": "The symbol style for a line style.", + "title": "LineSymbolStyle" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialLineSymbolStyle": { + "additionalProperties": false, + "properties": { + "FillColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialColor", + "markdownDescription": "The color and opacity values for the fill color.", + "title": "FillColor" + }, + "LineWidth": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialLineWidth", + "markdownDescription": "The width value for a line.", + "title": "LineWidth" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialLineWidth": { + "additionalProperties": false, + "properties": { + "LineWidth": { + "markdownDescription": "The positive value for the width of a line.", + "title": "LineWidth", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialMapAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The color field wells of a geospatial map.", + "title": "Colors", + "type": "array" + }, + "Geospatial": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The geospatial field wells of a geospatial map. Values are grouped by geospatial fields.", + "title": "Geospatial", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The size field wells of a geospatial map. Values are aggregated based on geospatial fields.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialMapConfiguration": { + "additionalProperties": false, + "properties": { + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "MapStyleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapStyleOptions", + "markdownDescription": "The map style options of the geospatial map.", + "title": "MapStyleOptions" + }, + "PointStyleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialPointStyleOptions", + "markdownDescription": "The point style options of the geospatial map.", + "title": "PointStyleOptions" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", + "markdownDescription": "", + "title": "VisualPalette" + }, + "WindowOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialWindowOptions", + "markdownDescription": "The window options of the geospatial map.", + "title": "WindowOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialMapFieldWells": { + "additionalProperties": false, + "properties": { + "GeospatialMapAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapAggregatedFieldWells", + "markdownDescription": "The aggregated field well for a geospatial map.", + "title": "GeospatialMapAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialMapState": { + "additionalProperties": false, + "properties": { + "Bounds": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialCoordinateBounds", + "markdownDescription": "", + "title": "Bounds" + }, + "MapNavigation": { + "markdownDescription": "Enables or disables map navigation for a map.", + "title": "MapNavigation", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialMapStyle": { + "additionalProperties": false, + "properties": { + "BackgroundColor": { + "markdownDescription": "The background color and opacity values for a map.", + "title": "BackgroundColor", + "type": "string" + }, + "BaseMapStyle": { + "markdownDescription": "The selected base map style.", + "title": "BaseMapStyle", + "type": "string" + }, + "BaseMapVisibility": { + "markdownDescription": "The state of visibility for the base map.", + "title": "BaseMapVisibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialMapStyleOptions": { + "additionalProperties": false, + "properties": { + "BaseMapStyle": { + "markdownDescription": "The base map style of the geospatial map.", + "title": "BaseMapStyle", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialMapVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialNullDataSettings": { + "additionalProperties": false, + "properties": { + "SymbolStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialNullSymbolStyle", + "markdownDescription": "The symbol style for null data.", + "title": "SymbolStyle" + } + }, + "required": [ + "SymbolStyle" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialNullSymbolStyle": { + "additionalProperties": false, + "properties": { + "FillColor": { + "markdownDescription": "The color and opacity values for the fill color.", + "title": "FillColor", + "type": "string" + }, + "StrokeColor": { + "markdownDescription": "The color and opacity values for the stroke color.", + "title": "StrokeColor", + "type": "string" + }, + "StrokeWidth": { + "markdownDescription": "The width of the border stroke.", + "title": "StrokeWidth", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialPointLayer": { + "additionalProperties": false, + "properties": { + "Style": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialPointStyle", + "markdownDescription": "The visualization style for a point layer.", + "title": "Style" + } + }, + "required": [ + "Style" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialPointStyle": { + "additionalProperties": false, + "properties": { + "CircleSymbolStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialCircleSymbolStyle", + "markdownDescription": "The circle symbol style for a point layer.", + "title": "CircleSymbolStyle" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialPointStyleOptions": { + "additionalProperties": false, + "properties": { + "ClusterMarkerConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ClusterMarkerConfiguration", + "markdownDescription": "The cluster marker configuration of the geospatial point style.", + "title": "ClusterMarkerConfiguration" + }, + "HeatmapConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialHeatmapConfiguration", + "markdownDescription": "The heatmap configuration of the geospatial point style.", + "title": "HeatmapConfiguration" + }, + "SelectedPointStyle": { + "markdownDescription": "The selected point styles (point, cluster) of the geospatial map.", + "title": "SelectedPointStyle", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialPolygonLayer": { + "additionalProperties": false, + "properties": { + "Style": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialPolygonStyle", + "markdownDescription": "The visualization style for a polygon layer.", + "title": "Style" + } + }, + "required": [ + "Style" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialPolygonStyle": { + "additionalProperties": false, + "properties": { + "PolygonSymbolStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialPolygonSymbolStyle", + "markdownDescription": "The polygon symbol style for a polygon layer.", + "title": "PolygonSymbolStyle" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialPolygonSymbolStyle": { + "additionalProperties": false, + "properties": { + "FillColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialColor", + "markdownDescription": "The color and opacity values for the fill color.", + "title": "FillColor" + }, + "StrokeColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialColor", + "markdownDescription": "The color and opacity values for the stroke color.", + "title": "StrokeColor" + }, + "StrokeWidth": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialLineWidth", + "markdownDescription": "The width of the border stroke.", + "title": "StrokeWidth" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialSolidColor": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The color and opacity values for the color.", + "title": "Color", + "type": "string" + }, + "State": { + "markdownDescription": "Enables and disables the view state of the color.", + "title": "State", + "type": "string" + } + }, + "required": [ + "Color" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialStaticFileSource": { + "additionalProperties": false, + "properties": { + "StaticFileId": { + "markdownDescription": "The ID of the static file.", + "title": "StaticFileId", + "type": "string" + } + }, + "required": [ + "StaticFileId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialWindowOptions": { + "additionalProperties": false, + "properties": { + "Bounds": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialCoordinateBounds", + "markdownDescription": "The bounds options (north, south, west, east) of the geospatial window options.", + "title": "Bounds" + }, + "MapZoomMode": { + "markdownDescription": "The map zoom modes (manual, auto) of the geospatial window options.", + "title": "MapZoomMode", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GlobalTableBorderOptions": { + "additionalProperties": false, + "properties": { + "SideSpecificBorder": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableSideBorderOptions", + "markdownDescription": "Determines the options for side specific border.", + "title": "SideSpecificBorder" + }, + "UniformBorder": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", + "markdownDescription": "Determines the options for uniform border.", + "title": "UniformBorder" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GradientColor": { + "additionalProperties": false, + "properties": { + "Stops": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GradientStop" + }, + "markdownDescription": "The list of gradient color stops.", + "title": "Stops", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GradientStop": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "Determines the color.", + "title": "Color", + "type": "string" + }, + "DataValue": { + "markdownDescription": "Determines the data value.", + "title": "DataValue", + "type": "number" + }, + "GradientOffset": { + "markdownDescription": "Determines gradient offset value.", + "title": "GradientOffset", + "type": "number" + } + }, + "required": [ + "GradientOffset" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.GridLayoutCanvasSizeOptions": { + "additionalProperties": false, + "properties": { + "ScreenCanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GridLayoutScreenCanvasSizeOptions", + "markdownDescription": "The options that determine the sizing of the canvas used in a grid layout.", + "title": "ScreenCanvasSizeOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GridLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GridLayoutCanvasSizeOptions", + "markdownDescription": "", + "title": "CanvasSizeOptions" + }, + "Elements": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GridLayoutElement" + }, + "markdownDescription": "The elements that are included in a grid layout.", + "title": "Elements", + "type": "array" + } + }, + "required": [ + "Elements" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.GridLayoutElement": { + "additionalProperties": false, + "properties": { + "ColumnIndex": { + "markdownDescription": "The column index for the upper left corner of an element.", + "title": "ColumnIndex", + "type": "number" + }, + "ColumnSpan": { + "markdownDescription": "The width of a grid element expressed as a number of grid columns.", + "title": "ColumnSpan", + "type": "number" + }, + "ElementId": { + "markdownDescription": "A unique identifier for an element within a grid layout.", + "title": "ElementId", + "type": "string" + }, + "ElementType": { + "markdownDescription": "The type of element.", + "title": "ElementType", + "type": "string" + }, + "RowIndex": { + "markdownDescription": "The row index for the upper left corner of an element.", + "title": "RowIndex", + "type": "number" + }, + "RowSpan": { + "markdownDescription": "The height of a grid element expressed as a number of grid rows.", + "title": "RowSpan", + "type": "number" + } + }, + "required": [ + "ColumnSpan", + "ElementId", + "ElementType", + "RowSpan" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.GridLayoutScreenCanvasSizeOptions": { + "additionalProperties": false, + "properties": { + "OptimizedViewPortWidth": { + "markdownDescription": "The width that the view port will be optimized for when the layout renders.", + "title": "OptimizedViewPortWidth", + "type": "string" + }, + "ResizeOption": { + "markdownDescription": "This value determines the layout behavior when the viewport is resized.\n\n- `FIXED` : A fixed width will be used when optimizing the layout. In the Amazon QuickSight console, this option is called `Classic` .\n- `RESPONSIVE` : The width of the canvas will be responsive and optimized to the view port. In the Amazon QuickSight console, this option is called `Tiled` .", + "title": "ResizeOption", + "type": "string" + } + }, + "required": [ + "ResizeOption" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.GrowthRateComputation": { + "additionalProperties": false, + "properties": { + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "PeriodSize": { + "markdownDescription": "The period size setup of a growth rate computation.", + "title": "PeriodSize", + "type": "number" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" + } + }, + "required": [ + "ComputationId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.HeaderFooterSectionConfiguration": { + "additionalProperties": false, + "properties": { + "Layout": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionLayoutConfiguration", + "markdownDescription": "The layout configuration of the header or footer section.", + "title": "Layout" + }, + "SectionId": { + "markdownDescription": "The unique identifier of the header or footer section.", + "title": "SectionId", + "type": "string" + }, + "Style": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionStyle", + "markdownDescription": "The style options of a header or footer section.", + "title": "Style" + } + }, + "required": [ + "Layout", + "SectionId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.HeatMapAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Columns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The columns field well of a heat map.", + "title": "Columns", + "type": "array" + }, + "Rows": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The rows field well of a heat map.", + "title": "Rows", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The values field well of a heat map.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.HeatMapConfiguration": { + "additionalProperties": false, + "properties": { + "ColorScale": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColorScale", + "markdownDescription": "The color options (gradient color, point of divergence) in a heat map.", + "title": "ColorScale" + }, + "ColumnLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options of the column that is displayed in a heat map.", + "title": "ColumnLabelOptions" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.", + "title": "DataLabels" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.HeatMapFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "RowLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options of the row that is displayed in a `heat map` .", + "title": "RowLabelOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.HeatMapSortConfiguration", + "markdownDescription": "The sort configuration of a heat map.", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.HeatMapFieldWells": { + "additionalProperties": false, + "properties": { + "HeatMapAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.HeatMapAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a heat map.", + "title": "HeatMapAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.HeatMapSortConfiguration": { + "additionalProperties": false, + "properties": { + "HeatMapColumnItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of columns that are displayed in a heat map.", + "title": "HeatMapColumnItemsLimitConfiguration" + }, + "HeatMapColumnSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + }, + "markdownDescription": "The column sort configuration for heat map for columns that aren't a part of a field well.", + "title": "HeatMapColumnSort", + "type": "array" + }, + "HeatMapRowItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of rows that are displayed in a heat map.", + "title": "HeatMapRowItemsLimitConfiguration" + }, + "HeatMapRowSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + }, + "markdownDescription": "The field sort configuration of the rows fields.", + "title": "HeatMapRowSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.HeatMapVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.HeatMapConfiguration", + "markdownDescription": "The configuration of a heat map.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.HistogramAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The value field wells of a histogram. Values are aggregated by `COUNT` or `DISTINCT_COUNT` .", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.HistogramBinOptions": { + "additionalProperties": false, + "properties": { + "BinCount": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BinCountOptions", + "markdownDescription": "The options that determine the bin count of a histogram.", + "title": "BinCount" + }, + "BinWidth": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BinWidthOptions", + "markdownDescription": "The options that determine the bin width of a histogram.", + "title": "BinWidth" + }, + "SelectedBinType": { + "markdownDescription": "The options that determine the selected bin type.", + "title": "SelectedBinType", + "type": "string" + }, + "StartValue": { + "markdownDescription": "The options that determine the bin start value.", + "title": "StartValue", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.HistogramConfiguration": { + "additionalProperties": false, + "properties": { + "BinOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.HistogramBinOptions", + "markdownDescription": "The options that determine the presentation of histogram bins.", + "title": "BinOptions" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", + "markdownDescription": "The data label configuration of a histogram.", + "title": "DataLabels" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.HistogramFieldWells", + "markdownDescription": "The field well configuration of a histogram.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", + "markdownDescription": "The tooltip configuration of a histogram.", + "title": "Tooltip" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", + "markdownDescription": "The visual palette configuration of a histogram.", + "title": "VisualPalette" + }, + "XAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the x-axis.", + "title": "XAxisDisplayOptions" + }, + "XAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the x-axis label.", + "title": "XAxisLabelOptions" + }, + "YAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the y-axis.", + "title": "YAxisDisplayOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.HistogramFieldWells": { + "additionalProperties": false, + "properties": { + "HistogramAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.HistogramAggregatedFieldWells", + "markdownDescription": "The field well configuration of a histogram.", + "title": "HistogramAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.HistogramVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.HistogramConfiguration", + "markdownDescription": "The configuration for a `HistogramVisual` .", + "title": "ChartConfiguration" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.ImageCustomAction": { + "additionalProperties": false, + "properties": { + "ActionOperations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ImageCustomActionOperation" + }, + "markdownDescription": "A list of `ImageCustomActionOperations` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", + "title": "ActionOperations", + "type": "array" + }, + "CustomActionId": { + "markdownDescription": "The ID of the custom action.", + "title": "CustomActionId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the custom action.", + "title": "Name", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the custom action.", + "title": "Status", + "type": "string" + }, + "Trigger": { + "markdownDescription": "The trigger of the `VisualCustomAction` .\n\nValid values are defined as follows:\n\n- `CLICK` : Initiates a custom action by a left pointer click on a data point.\n- `MENU` : Initiates a custom action by right pointer click from the menu.", + "title": "Trigger", + "type": "string" + } + }, + "required": [ + "ActionOperations", + "CustomActionId", + "Name", + "Trigger" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.ImageCustomActionOperation": { + "additionalProperties": false, + "properties": { + "NavigationOperation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionNavigationOperation", + "markdownDescription": "", + "title": "NavigationOperation" + }, + "SetParametersOperation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionSetParametersOperation", + "markdownDescription": "", + "title": "SetParametersOperation" + }, + "URLOperation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionURLOperation", + "markdownDescription": "", + "title": "URLOperation" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ImageInteractionOptions": { + "additionalProperties": false, + "properties": { + "ImageMenuOption": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ImageMenuOption", + "markdownDescription": "The menu options for the image.", + "title": "ImageMenuOption" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ImageMenuOption": { + "additionalProperties": false, + "properties": { + "AvailabilityStatus": { + "markdownDescription": "The availability status of the image menu. If the value of this property is set to `ENABLED` , dashboard readers can interact with the image menu.", + "title": "AvailabilityStatus", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ImageStaticFile": { + "additionalProperties": false, + "properties": { + "Source": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.StaticFileSource", + "markdownDescription": "The source of the image static file.", + "title": "Source" + }, + "StaticFileId": { + "markdownDescription": "The ID of the static file that contains an image.", + "title": "StaticFileId", + "type": "string" + } + }, + "required": [ + "StaticFileId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.InnerFilter": { + "additionalProperties": false, + "properties": { + "CategoryInnerFilter": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CategoryInnerFilter", + "markdownDescription": "A `CategoryInnerFilter` filters text values for the `NestedFilter` .", + "title": "CategoryInnerFilter" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.InsightConfiguration": { + "additionalProperties": false, + "properties": { + "Computations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.Computation" + }, + "markdownDescription": "The computations configurations of the insight visual", + "title": "Computations", + "type": "array" + }, + "CustomNarrative": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomNarrativeOptions", + "markdownDescription": "The custom narrative of the insight visual.", + "title": "CustomNarrative" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.InsightVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "DataSetIdentifier": { + "markdownDescription": "The dataset that is used in the insight visual.", + "title": "DataSetIdentifier", + "type": "string" + }, + "InsightConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.InsightConfiguration", + "markdownDescription": "The configuration of an insight visual.", + "title": "InsightConfiguration" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "DataSetIdentifier", + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.IntegerDefaultValues": { + "additionalProperties": false, + "properties": { + "DynamicValue": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DynamicDefaultValue", + "markdownDescription": "The dynamic value of the `IntegerDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", + "title": "DynamicValue" + }, + "StaticValues": { + "items": { + "type": "number" + }, + "markdownDescription": "The static values of the `IntegerDefaultValues` .", + "title": "StaticValues", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.IntegerParameter": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the integer parameter.", + "title": "Name", + "type": "string" + }, + "Values": { + "items": { + "type": "number" + }, + "markdownDescription": "The values for the integer parameter.", + "title": "Values", + "type": "array" + } + }, + "required": [ + "Name", + "Values" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.IntegerParameterDeclaration": { + "additionalProperties": false, + "properties": { + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.IntegerDefaultValues", + "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", + "title": "DefaultValues" + }, + "MappedDataSetParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MappedDataSetParameter" + }, + "markdownDescription": "", + "title": "MappedDataSetParameters", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the parameter that is being declared.", + "title": "Name", + "type": "string" + }, + "ParameterValueType": { + "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", + "title": "ParameterValueType", + "type": "string" + }, + "ValueWhenUnset": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.IntegerValueWhenUnsetConfiguration", + "markdownDescription": "A parameter declaration for the `Integer` data type.", + "title": "ValueWhenUnset" + } + }, + "required": [ + "Name", + "ParameterValueType" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.IntegerValueWhenUnsetConfiguration": { + "additionalProperties": false, + "properties": { + "CustomValue": { + "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", + "title": "CustomValue", + "type": "number" + }, + "ValueWhenUnsetOption": { + "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", + "title": "ValueWhenUnsetOption", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ItemsLimitConfiguration": { + "additionalProperties": false, + "properties": { + "ItemsLimit": { + "markdownDescription": "The limit on how many items of a field are showed in the chart. For example, the number of slices that are displayed in a pie chart.", + "title": "ItemsLimit", + "type": "number" + }, + "OtherCategories": { + "markdownDescription": "The `Show other` of an axis in the chart. Choose one of the following options:\n\n- `INCLUDE`\n- `EXCLUDE`", + "title": "OtherCategories", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.KPIActualValueConditionalFormatting": { + "additionalProperties": false, + "properties": { + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting of the actual value's icon.", + "title": "Icon" + }, + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the actual value's text color.", + "title": "TextColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.KPIComparisonValueConditionalFormatting": { + "additionalProperties": false, + "properties": { + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting of the comparison value's icon.", + "title": "Icon" + }, + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the comparison value's text color.", + "title": "TextColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.KPIConditionalFormatting": { + "additionalProperties": false, + "properties": { + "ConditionalFormattingOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIConditionalFormattingOption" + }, + "markdownDescription": "The conditional formatting options of a KPI visual.", + "title": "ConditionalFormattingOptions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.KPIConditionalFormattingOption": { + "additionalProperties": false, + "properties": { + "ActualValue": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIActualValueConditionalFormatting", + "markdownDescription": "The conditional formatting for the actual value of a KPI visual.", + "title": "ActualValue" + }, + "ComparisonValue": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIComparisonValueConditionalFormatting", + "markdownDescription": "The conditional formatting for the comparison value of a KPI visual.", + "title": "ComparisonValue" + }, + "PrimaryValue": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIPrimaryValueConditionalFormatting", + "markdownDescription": "The conditional formatting for the primary value of a KPI visual.", + "title": "PrimaryValue" + }, + "ProgressBar": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIProgressBarConditionalFormatting", + "markdownDescription": "The conditional formatting for the progress bar of a KPI visual.", + "title": "ProgressBar" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.KPIConfiguration": { + "additionalProperties": false, + "properties": { + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIFieldWells", + "markdownDescription": "The field well configuration of a KPI visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "KPIOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIOptions", + "markdownDescription": "The options that determine the presentation of a KPI visual.", + "title": "KPIOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPISortConfiguration", + "markdownDescription": "The sort configuration of a KPI visual.", + "title": "SortConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.KPIFieldWells": { + "additionalProperties": false, + "properties": { + "TargetValues": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The target value field wells of a KPI visual.", + "title": "TargetValues", + "type": "array" + }, + "TrendGroups": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The trend group field wells of a KPI visual.", + "title": "TrendGroups", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The value field wells of a KPI visual.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.KPIOptions": { + "additionalProperties": false, + "properties": { + "Comparison": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ComparisonConfiguration", + "markdownDescription": "The comparison configuration of a KPI visual.", + "title": "Comparison" + }, + "PrimaryValueDisplayType": { + "markdownDescription": "The options that determine the primary value display type.", + "title": "PrimaryValueDisplayType", + "type": "string" + }, + "PrimaryValueFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", + "markdownDescription": "The options that determine the primary value font configuration.", + "title": "PrimaryValueFontConfiguration" + }, + "ProgressBar": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ProgressBarOptions", + "markdownDescription": "The options that determine the presentation of the progress bar of a KPI visual.", + "title": "ProgressBar" + }, + "SecondaryValue": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SecondaryValueOptions", + "markdownDescription": "The options that determine the presentation of the secondary value of a KPI visual.", + "title": "SecondaryValue" + }, + "SecondaryValueFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", + "markdownDescription": "The options that determine the secondary value font configuration.", + "title": "SecondaryValueFontConfiguration" + }, + "Sparkline": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPISparklineOptions", + "markdownDescription": "The options that determine the visibility, color, type, and tooltip visibility of the sparkline of a KPI visual.", + "title": "Sparkline" + }, + "TrendArrows": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TrendArrowOptions", + "markdownDescription": "The options that determine the presentation of trend arrows in a KPI visual.", + "title": "TrendArrows" + }, + "VisualLayoutOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIVisualLayoutOptions", + "markdownDescription": "The options that determine the layout a KPI visual.", + "title": "VisualLayoutOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.KPIPrimaryValueConditionalFormatting": { + "additionalProperties": false, + "properties": { + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting of the primary value's icon.", + "title": "Icon" + }, + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the primary value's text color.", + "title": "TextColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.KPIProgressBarConditionalFormatting": { + "additionalProperties": false, + "properties": { + "ForegroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the progress bar's foreground color.", + "title": "ForegroundColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.KPISortConfiguration": { + "additionalProperties": false, + "properties": { + "TrendGroupSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the trend group fields.", + "title": "TrendGroupSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.KPISparklineOptions": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The color of the sparkline.", + "title": "Color", + "type": "string" + }, + "TooltipVisibility": { + "markdownDescription": "The tooltip visibility of the sparkline.", + "title": "TooltipVisibility", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the sparkline.", + "title": "Type", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the sparkline.", + "title": "Visibility", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.KPIVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIConfiguration", + "markdownDescription": "The configuration of a KPI visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "ConditionalFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIConditionalFormatting", + "markdownDescription": "The conditional formatting of a KPI visual.", + "title": "ConditionalFormatting" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.KPIVisualLayoutOptions": { + "additionalProperties": false, + "properties": { + "StandardLayout": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIVisualStandardLayout", + "markdownDescription": "The standard layout of the KPI visual.", + "title": "StandardLayout" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.KPIVisualStandardLayout": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "The standard layout type.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.LabelOptions": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The text for the label.", + "title": "CustomLabel", + "type": "string" + }, + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", + "markdownDescription": "The font configuration of the label.", + "title": "FontConfiguration" + }, + "Visibility": { + "markdownDescription": "Determines whether or not the label is visible.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.LayerCustomAction": { + "additionalProperties": false, + "properties": { + "ActionOperations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LayerCustomActionOperation" + }, + "markdownDescription": "A list of `LayerCustomActionOperations` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", + "title": "ActionOperations", + "type": "array" + }, + "CustomActionId": { + "markdownDescription": "The ID of the custom action.", + "title": "CustomActionId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the custom action.", + "title": "Name", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the `LayerCustomAction` .", + "title": "Status", + "type": "string" + }, + "Trigger": { + "markdownDescription": "The trigger of the `LayerCustomAction` .\n\nValid values are defined as follows:\n\n- `DATA_POINT_CLICK` : Initiates a custom action by a left pointer click on a data point.\n- `DATA_POINT_MENU` : Initiates a custom action by right pointer click from the menu.", + "title": "Trigger", + "type": "string" + } + }, + "required": [ + "ActionOperations", + "CustomActionId", + "Name", + "Trigger" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.LayerCustomActionOperation": { + "additionalProperties": false, + "properties": { + "FilterOperation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionFilterOperation", + "markdownDescription": "", + "title": "FilterOperation" + }, + "NavigationOperation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionNavigationOperation", + "markdownDescription": "", + "title": "NavigationOperation" + }, + "SetParametersOperation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionSetParametersOperation", + "markdownDescription": "", + "title": "SetParametersOperation" + }, + "URLOperation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionURLOperation", + "markdownDescription": "", + "title": "URLOperation" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.LayerMapVisual": { + "additionalProperties": false, + "properties": { + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialLayerMapConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "DataSetIdentifier": { + "markdownDescription": "The dataset that is used to create the layer map visual. You can't create a visual without a dataset.", + "title": "DataSetIdentifier", + "type": "string" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The ID of the visual.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "DataSetIdentifier", + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.Layout": { + "additionalProperties": false, + "properties": { + "Configuration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LayoutConfiguration", + "markdownDescription": "The configuration that determines what the type of layout for a sheet.", + "title": "Configuration" + } + }, + "required": [ + "Configuration" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.LayoutConfiguration": { + "additionalProperties": false, + "properties": { + "FreeFormLayout": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutConfiguration", + "markdownDescription": "A free-form is optimized for a fixed width and has more control over the exact placement of layout elements.", + "title": "FreeFormLayout" + }, + "GridLayout": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GridLayoutConfiguration", + "markdownDescription": "A type of layout that can be used on a sheet. In a grid layout, visuals snap to a grid with standard spacing and alignment. Dashboards are displayed as designed, with options to fit to screen or view at actual size. A grid layout can be configured to behave in one of two ways when the viewport is resized: `FIXED` or `RESPONSIVE` .", + "title": "GridLayout" + }, + "SectionBasedLayout": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionBasedLayoutConfiguration", + "markdownDescription": "A section based layout organizes visuals into multiple sections and has customized header, footer and page break.", + "title": "SectionBasedLayout" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.LegendOptions": { + "additionalProperties": false, + "properties": { + "Height": { + "markdownDescription": "The height of the legend. If this value is omitted, a default height is used when rendering.", + "title": "Height", + "type": "string" + }, + "Position": { + "markdownDescription": "The positions for the legend. Choose one of the following options:\n\n- `AUTO`\n- `RIGHT`\n- `BOTTOM`\n- `LEFT`", + "title": "Position", + "type": "string" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", + "markdownDescription": "The custom title for the legend.", + "title": "Title" + }, + "ValueFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", + "markdownDescription": "", + "title": "ValueFontConfiguration" + }, + "Visibility": { + "markdownDescription": "Determines whether or not the legend is visible.", + "title": "Visibility", + "type": "string" + }, + "Width": { + "markdownDescription": "The width of the legend. If this value is omitted, a default width is used when rendering.", + "title": "Width", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.LineChartAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The category field wells of a line chart. Values are grouped by category fields.", + "title": "Category", + "type": "array" + }, + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The color field wells of a line chart. Values are grouped by category fields.", + "title": "Colors", + "type": "array" + }, + "SmallMultiples": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The small multiples field well of a line chart.", + "title": "SmallMultiples", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The value field wells of a line chart. Values are aggregated based on categories.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.LineChartConfiguration": { + "additionalProperties": false, + "properties": { + "ContributionAnalysisDefaults": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ContributionAnalysisDefault" + }, + "markdownDescription": "The default configuration of a line chart's contribution analysis.", + "title": "ContributionAnalysisDefaults", + "type": "array" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", + "markdownDescription": "The data label configuration of a line chart.", + "title": "DataLabels" + }, + "DefaultSeriesSettings": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartDefaultSeriesSettings", + "markdownDescription": "The options that determine the default presentation of all line series in `LineChartVisual` .", + "title": "DefaultSeriesSettings" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartFieldWells", + "markdownDescription": "The field well configuration of a line chart.", + "title": "FieldWells" + }, + "ForecastConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ForecastConfiguration" + }, + "markdownDescription": "The forecast configuration of a line chart.", + "title": "ForecastConfigurations", + "type": "array" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", + "markdownDescription": "The legend configuration of a line chart.", + "title": "Legend" + }, + "PrimaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineSeriesAxisDisplayOptions", + "markdownDescription": "The series axis configuration of a line chart.", + "title": "PrimaryYAxisDisplayOptions" + }, + "PrimaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the y-axis label.", + "title": "PrimaryYAxisLabelOptions" + }, + "ReferenceLines": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLine" + }, + "markdownDescription": "The reference lines configuration of a line chart.", + "title": "ReferenceLines", + "type": "array" + }, + "SecondaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineSeriesAxisDisplayOptions", + "markdownDescription": "The series axis configuration of a line chart.", + "title": "SecondaryYAxisDisplayOptions" + }, + "SecondaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the secondary y-axis label.", + "title": "SecondaryYAxisLabelOptions" + }, + "Series": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SeriesItem" + }, + "markdownDescription": "The series item configuration of a line chart.", + "title": "Series", + "type": "array" + }, + "SingleAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SingleAxisOptions", + "markdownDescription": "", + "title": "SingleAxisOptions" + }, + "SmallMultiplesOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SmallMultiplesOptions", + "markdownDescription": "The small multiples setup for the visual.", + "title": "SmallMultiplesOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartSortConfiguration", + "markdownDescription": "The sort configuration of a line chart.", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", + "markdownDescription": "The tooltip configuration of a line chart.", + "title": "Tooltip" + }, + "Type": { + "markdownDescription": "Determines the type of the line chart.", + "title": "Type", + "type": "string" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", + "markdownDescription": "The visual palette configuration of a line chart.", + "title": "VisualPalette" + }, + "XAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the x-axis.", + "title": "XAxisDisplayOptions" + }, + "XAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the x-axis label.", + "title": "XAxisLabelOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.LineChartDefaultSeriesSettings": { + "additionalProperties": false, + "properties": { + "AxisBinding": { + "markdownDescription": "The axis to which you are binding all line series to.", + "title": "AxisBinding", + "type": "string" + }, + "LineStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartLineStyleSettings", + "markdownDescription": "Line styles options for all line series in the visual.", + "title": "LineStyleSettings" + }, + "MarkerStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartMarkerStyleSettings", + "markdownDescription": "Marker styles options for all line series in the visual.", + "title": "MarkerStyleSettings" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.LineChartFieldWells": { + "additionalProperties": false, + "properties": { + "LineChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartAggregatedFieldWells", + "markdownDescription": "The field well configuration of a line chart.", + "title": "LineChartAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.LineChartLineStyleSettings": { + "additionalProperties": false, + "properties": { + "LineInterpolation": { + "markdownDescription": "Interpolation style for line series.\n\n- `LINEAR` : Show as default, linear style.\n- `SMOOTH` : Show as a smooth curve.\n- `STEPPED` : Show steps in line.", + "title": "LineInterpolation", + "type": "string" + }, + "LineStyle": { + "markdownDescription": "Line style for line series.\n\n- `SOLID` : Show as a solid line.\n- `DOTTED` : Show as a dotted line.\n- `DASHED` : Show as a dashed line.", + "title": "LineStyle", + "type": "string" + }, + "LineVisibility": { + "markdownDescription": "Configuration option that determines whether to show the line for the series.", + "title": "LineVisibility", + "type": "string" + }, + "LineWidth": { + "markdownDescription": "Width that determines the line thickness.", + "title": "LineWidth", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.LineChartMarkerStyleSettings": { + "additionalProperties": false, + "properties": { + "MarkerColor": { + "markdownDescription": "Color of marker in the series.", + "title": "MarkerColor", + "type": "string" + }, + "MarkerShape": { + "markdownDescription": "Shape option for markers in the series.\n\n- `CIRCLE` : Show marker as a circle.\n- `TRIANGLE` : Show marker as a triangle.\n- `SQUARE` : Show marker as a square.\n- `DIAMOND` : Show marker as a diamond.\n- `ROUNDED_SQUARE` : Show marker as a rounded square.", + "title": "MarkerShape", + "type": "string" + }, + "MarkerSize": { + "markdownDescription": "Size of marker in the series.", + "title": "MarkerSize", + "type": "string" + }, + "MarkerVisibility": { + "markdownDescription": "Configuration option that determines whether to show the markers in the series.", + "title": "MarkerVisibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.LineChartSeriesSettings": { + "additionalProperties": false, + "properties": { + "LineStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartLineStyleSettings", + "markdownDescription": "Line styles options for a line series in `LineChartVisual` .", + "title": "LineStyleSettings" + }, + "MarkerStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartMarkerStyleSettings", + "markdownDescription": "Marker styles options for a line series in `LineChartVisual` .", + "title": "MarkerStyleSettings" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.LineChartSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of categories that are displayed in a line chart.", + "title": "CategoryItemsLimitConfiguration" + }, + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the category fields.", + "title": "CategorySort", + "type": "array" + }, + "ColorItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of lines that are displayed in a line chart.", + "title": "ColorItemsLimitConfiguration" + }, + "SmallMultiplesLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of small multiples panels that are displayed.", + "title": "SmallMultiplesLimitConfiguration" + }, + "SmallMultiplesSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the small multiples field.", + "title": "SmallMultiplesSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.LineChartVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartConfiguration", + "markdownDescription": "The configuration of a line chart.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.LineSeriesAxisDisplayOptions": { + "additionalProperties": false, + "properties": { + "AxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the line series axis.", + "title": "AxisOptions" + }, + "MissingDataConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MissingDataConfiguration" + }, + "markdownDescription": "The configuration options that determine how missing data is treated during the rendering of a line chart.", + "title": "MissingDataConfigurations", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ListControlDisplayOptions": { + "additionalProperties": false, + "properties": { + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "SearchOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ListControlSearchOptions", + "markdownDescription": "The configuration of the search options in a list control.", + "title": "SearchOptions" + }, + "SelectAllOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ListControlSelectAllOptions", + "markdownDescription": "The configuration of the `Select all` options in a list control.", + "title": "SelectAllOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ListControlSearchOptions": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility configuration of the search options in a list control.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ListControlSelectAllOptions": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility configuration of the `Select all` options in a list control.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.LoadingAnimation": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility configuration of `LoadingAnimation` .", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.LocalNavigationConfiguration": { + "additionalProperties": false, + "properties": { + "TargetSheetId": { + "markdownDescription": "The sheet that is targeted for navigation in the same analysis.", + "title": "TargetSheetId", + "type": "string" + } + }, + "required": [ + "TargetSheetId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.LongFormatText": { + "additionalProperties": false, + "properties": { + "PlainText": { + "markdownDescription": "Plain text format.", + "title": "PlainText", + "type": "string" + }, + "RichText": { + "markdownDescription": "Rich text. Examples of rich text include bold, underline, and italics.", + "title": "RichText", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.MappedDataSetParameter": { + "additionalProperties": false, + "properties": { + "DataSetIdentifier": { + "markdownDescription": "A unique name that identifies a dataset within the analysis or dashboard.", + "title": "DataSetIdentifier", + "type": "string" + }, + "DataSetParameterName": { + "markdownDescription": "The name of the dataset parameter.", + "title": "DataSetParameterName", + "type": "string" + } + }, + "required": [ + "DataSetIdentifier", + "DataSetParameterName" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.MaximumLabelType": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility of the maximum label.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.MaximumMinimumComputation": { + "additionalProperties": false, + "properties": { + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + }, + "Type": { + "markdownDescription": "The type of computation. Choose one of the following options:\n\n- MAXIMUM: A maximum computation.\n- MINIMUM: A minimum computation.", + "title": "Type", + "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" + } + }, + "required": [ + "ComputationId", + "Type" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.MeasureField": { + "additionalProperties": false, + "properties": { + "CalculatedMeasureField": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CalculatedMeasureField", + "markdownDescription": "The calculated measure field only used in pivot tables.", + "title": "CalculatedMeasureField" + }, + "CategoricalMeasureField": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CategoricalMeasureField", + "markdownDescription": "The measure type field with categorical type columns.", + "title": "CategoricalMeasureField" + }, + "DateMeasureField": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateMeasureField", + "markdownDescription": "The measure type field with date type columns.", + "title": "DateMeasureField" + }, + "NumericalMeasureField": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericalMeasureField", + "markdownDescription": "The measure type field with numerical type columns.", + "title": "NumericalMeasureField" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.MetricComparisonComputation": { + "additionalProperties": false, + "properties": { + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "FromValue": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", + "markdownDescription": "The field that is used in a metric comparison from value setup.", + "title": "FromValue" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "TargetValue": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", + "markdownDescription": "The field that is used in a metric comparison to value setup.", + "title": "TargetValue" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + } + }, + "required": [ + "ComputationId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.MinimumLabelType": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility of the minimum label.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.MissingDataConfiguration": { + "additionalProperties": false, + "properties": { + "TreatmentOption": { + "markdownDescription": "The treatment option that determines how missing data should be rendered. Choose from the following options:\n\n- `INTERPOLATE` : Interpolate missing values between the prior and the next known value.\n- `SHOW_AS_ZERO` : Show missing values as the value `0` .\n- `SHOW_AS_BLANK` : Display a blank space when rendering missing data.", + "title": "TreatmentOption", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.NegativeValueConfiguration": { + "additionalProperties": false, + "properties": { + "DisplayMode": { + "markdownDescription": "Determines the display mode of the negative value configuration.", + "title": "DisplayMode", + "type": "string" + } + }, + "required": [ + "DisplayMode" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.NestedFilter": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + }, + "IncludeInnerSet": { + "markdownDescription": "A boolean condition to include or exclude the subset that is defined by the values of the nested inner filter.", + "title": "IncludeInnerSet", + "type": "boolean" + }, + "InnerFilter": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.InnerFilter", + "markdownDescription": "The `InnerFilter` defines the subset of data to be used with the `NestedFilter` .", + "title": "InnerFilter" + } + }, + "required": [ + "Column", + "FilterId", + "IncludeInnerSet", + "InnerFilter" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.NullValueFormatConfiguration": { + "additionalProperties": false, + "properties": { + "NullString": { + "markdownDescription": "Determines the null string of null values.", + "title": "NullString", + "type": "string" + } + }, + "required": [ + "NullString" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.NumberDisplayFormatConfiguration": { + "additionalProperties": false, + "properties": { + "DecimalPlacesConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalPlacesConfiguration", + "markdownDescription": "The option that determines the decimal places configuration.", + "title": "DecimalPlacesConfiguration" + }, + "NegativeValueConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NegativeValueConfiguration", + "markdownDescription": "The options that determine the negative value configuration.", + "title": "NegativeValueConfiguration" + }, + "NullValueFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NullValueFormatConfiguration", + "markdownDescription": "The options that determine the null value format configuration.", + "title": "NullValueFormatConfiguration" + }, + "NumberScale": { + "markdownDescription": "Determines the number scale value of the number format.", + "title": "NumberScale", + "type": "string" + }, + "Prefix": { + "markdownDescription": "Determines the prefix value of the number format.", + "title": "Prefix", + "type": "string" + }, + "SeparatorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericSeparatorConfiguration", + "markdownDescription": "The options that determine the numeric separator configuration.", + "title": "SeparatorConfiguration" + }, + "Suffix": { + "markdownDescription": "Determines the suffix value of the number format.", + "title": "Suffix", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.NumberFormatConfiguration": { + "additionalProperties": false, + "properties": { + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericFormatConfiguration", + "markdownDescription": "The options that determine the numeric format configuration.", + "title": "FormatConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.NumericAxisOptions": { + "additionalProperties": false, + "properties": { + "Range": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayRange", + "markdownDescription": "The range setup of a numeric axis.", + "title": "Range" + }, + "Scale": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisScale", + "markdownDescription": "The scale setup of a numeric axis.", + "title": "Scale" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.NumericEqualityDrillDownFilter": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "Value": { + "markdownDescription": "The value of the double input numeric drill down filter.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "Column", + "Value" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.NumericEqualityFilter": { + "additionalProperties": false, + "properties": { + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationFunction", + "markdownDescription": "The aggregation function of the filter.", + "title": "AggregationFunction" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + }, + "MatchOperator": { + "markdownDescription": "The match operator that is used to determine if a filter should be applied.", + "title": "MatchOperator", + "type": "string" + }, + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" + }, + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.", + "title": "ParameterName", + "type": "string" + }, + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", + "type": "string" + }, + "Value": { + "markdownDescription": "The input value.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "Column", + "FilterId", + "MatchOperator", + "NullOption" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.NumericFormatConfiguration": { + "additionalProperties": false, + "properties": { + "CurrencyDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CurrencyDisplayFormatConfiguration", + "markdownDescription": "The options that determine the currency display format configuration.", + "title": "CurrencyDisplayFormatConfiguration" + }, + "NumberDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumberDisplayFormatConfiguration", + "markdownDescription": "The options that determine the number display format configuration.", + "title": "NumberDisplayFormatConfiguration" + }, + "PercentageDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PercentageDisplayFormatConfiguration", + "markdownDescription": "The options that determine the percentage display format configuration.", + "title": "PercentageDisplayFormatConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.NumericRangeFilter": { + "additionalProperties": false, + "properties": { + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationFunction", + "markdownDescription": "The aggregation function of the filter.", + "title": "AggregationFunction" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + }, + "IncludeMaximum": { + "markdownDescription": "Determines whether the maximum value in the filter value range should be included in the filtered results.", + "title": "IncludeMaximum", + "type": "boolean" + }, + "IncludeMinimum": { + "markdownDescription": "Determines whether the minimum value in the filter value range should be included in the filtered results.", + "title": "IncludeMinimum", + "type": "boolean" + }, + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" + }, + "RangeMaximum": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericRangeFilterValue", + "markdownDescription": "The maximum value for the filter value range.", + "title": "RangeMaximum" + }, + "RangeMinimum": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericRangeFilterValue", + "markdownDescription": "The minimum value for the filter value range.", + "title": "RangeMinimum" + }, + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", + "type": "string" + } + }, + "required": [ + "Column", + "FilterId", + "NullOption" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.NumericRangeFilterValue": { + "additionalProperties": false, + "properties": { + "Parameter": { + "markdownDescription": "The parameter that is used in the numeric range.", + "title": "Parameter", + "type": "string" + }, + "StaticValue": { + "markdownDescription": "The static value of the numeric range filter.", + "title": "StaticValue", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.NumericSeparatorConfiguration": { + "additionalProperties": false, + "properties": { + "DecimalSeparator": { + "markdownDescription": "Determines the decimal separator.", + "title": "DecimalSeparator", + "type": "string" + }, + "ThousandsSeparator": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ThousandSeparatorOptions", + "markdownDescription": "The options that determine the thousands separator configuration.", + "title": "ThousandsSeparator" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.NumericalAggregationFunction": { + "additionalProperties": false, + "properties": { + "PercentileAggregation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PercentileAggregation", + "markdownDescription": "An aggregation based on the percentile of values in a dimension or measure.", + "title": "PercentileAggregation" + }, + "SimpleNumericalAggregation": { + "markdownDescription": "Built-in aggregation functions for numerical values.\n\n- `SUM` : The sum of a dimension or measure.\n- `AVERAGE` : The average of a dimension or measure.\n- `MIN` : The minimum value of a dimension or measure.\n- `MAX` : The maximum value of a dimension or measure.\n- `COUNT` : The count of a dimension or measure.\n- `DISTINCT_COUNT` : The count of distinct values in a dimension or measure.\n- `VAR` : The variance of a dimension or measure.\n- `VARP` : The partitioned variance of a dimension or measure.\n- `STDEV` : The standard deviation of a dimension or measure.\n- `STDEVP` : The partitioned standard deviation of a dimension or measure.\n- `MEDIAN` : The median value of a dimension or measure.", + "title": "SimpleNumericalAggregation", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.NumericalDimensionField": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that is used in the `NumericalDimensionField` .", + "title": "Column" + }, + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumberFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" + }, + "HierarchyId": { + "markdownDescription": "The custom hierarchy ID.", + "title": "HierarchyId", + "type": "string" + } + }, + "required": [ + "Column", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.NumericalMeasureField": { + "additionalProperties": false, + "properties": { + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericalAggregationFunction", + "markdownDescription": "The aggregation function of the measure field.", + "title": "AggregationFunction" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that is used in the `NumericalMeasureField` .", + "title": "Column" + }, + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumberFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" + } + }, + "required": [ + "Column", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.PaginationConfiguration": { + "additionalProperties": false, + "properties": { + "PageNumber": { + "markdownDescription": "Indicates the page number.", + "title": "PageNumber", + "type": "number" + }, + "PageSize": { + "markdownDescription": "Indicates how many items render in one page.", + "title": "PageSize", + "type": "number" + } + }, + "required": [ + "PageNumber", + "PageSize" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.PanelConfiguration": { + "additionalProperties": false, + "properties": { + "BackgroundColor": { + "markdownDescription": "Sets the background color for each panel.", + "title": "BackgroundColor", + "type": "string" + }, + "BackgroundVisibility": { + "markdownDescription": "Determines whether or not a background for each small multiples panel is rendered.", + "title": "BackgroundVisibility", + "type": "string" + }, + "BorderColor": { + "markdownDescription": "Sets the line color of panel borders.", + "title": "BorderColor", + "type": "string" + }, + "BorderStyle": { + "markdownDescription": "Sets the line style of panel borders.", + "title": "BorderStyle", + "type": "string" + }, + "BorderThickness": { + "markdownDescription": "Sets the line thickness of panel borders.", + "title": "BorderThickness", + "type": "string" + }, + "BorderVisibility": { + "markdownDescription": "Determines whether or not each panel displays a border.", + "title": "BorderVisibility", + "type": "string" + }, + "GutterSpacing": { + "markdownDescription": "Sets the total amount of negative space to display between sibling panels.", + "title": "GutterSpacing", + "type": "string" + }, + "GutterVisibility": { + "markdownDescription": "Determines whether or not negative space between sibling panels is rendered.", + "title": "GutterVisibility", + "type": "string" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PanelTitleOptions", + "markdownDescription": "Configures the title display within each small multiples panel.", + "title": "Title" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.PanelTitleOptions": { + "additionalProperties": false, + "properties": { + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", + "markdownDescription": "", + "title": "FontConfiguration" + }, + "HorizontalTextAlignment": { + "markdownDescription": "Sets the horizontal text alignment of the title within each panel.", + "title": "HorizontalTextAlignment", + "type": "string" + }, + "Visibility": { + "markdownDescription": "Determines whether or not panel titles are displayed.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ParameterControl": { + "additionalProperties": false, + "properties": { + "DateTimePicker": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterDateTimePickerControl", + "markdownDescription": "A control from a date parameter that specifies date and time.", + "title": "DateTimePicker" + }, + "Dropdown": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterDropDownControl", + "markdownDescription": "A control to display a dropdown list with buttons that are used to select a single value.", + "title": "Dropdown" + }, + "List": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterListControl", + "markdownDescription": "A control to display a list with buttons or boxes that are used to select either a single value or multiple values.", + "title": "List" + }, + "Slider": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterSliderControl", + "markdownDescription": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle.", + "title": "Slider" + }, + "TextArea": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterTextAreaControl", + "markdownDescription": "A control to display a text box that is used to enter multiple entries.", + "title": "TextArea" + }, + "TextField": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterTextFieldControl", + "markdownDescription": "A control to display a text box that is used to enter a single entry.", + "title": "TextField" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ParameterDateTimePickerControl": { + "additionalProperties": false, + "properties": { + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimePickerControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterDateTimePickerControl` .", + "title": "ParameterControlId", + "type": "string" + }, + "SourceParameterName": { + "markdownDescription": "The name of the `ParameterDateTimePickerControl` .", + "title": "SourceParameterName", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `ParameterDateTimePickerControl` .", + "title": "Title", + "type": "string" + } + }, + "required": [ + "ParameterControlId", + "SourceParameterName", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.ParameterDeclaration": { + "additionalProperties": false, + "properties": { + "DateTimeParameterDeclaration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeParameterDeclaration", + "markdownDescription": "A parameter declaration for the `DateTime` data type.", + "title": "DateTimeParameterDeclaration" + }, + "DecimalParameterDeclaration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalParameterDeclaration", + "markdownDescription": "A parameter declaration for the `Decimal` data type.", + "title": "DecimalParameterDeclaration" + }, + "IntegerParameterDeclaration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.IntegerParameterDeclaration", + "markdownDescription": "A parameter declaration for the `Integer` data type.", + "title": "IntegerParameterDeclaration" + }, + "StringParameterDeclaration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.StringParameterDeclaration", + "markdownDescription": "A parameter declaration for the `String` data type.", + "title": "StringParameterDeclaration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ParameterDropDownControl": { + "additionalProperties": false, + "properties": { + "CascadingControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CascadingControlConfiguration", + "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", + "title": "CascadingControlConfiguration" + }, + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `ParameterDropDownControl` .", + "title": "CommitMode", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DropDownControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterDropDownControl` .", + "title": "ParameterControlId", + "type": "string" + }, + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterDropDownControl` .", + "title": "SourceParameterName", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `ParameterDropDownControl` .", + "title": "Title", + "type": "string" + }, + "Type": { + "markdownDescription": "The type parameter name of the `ParameterDropDownControl` .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "ParameterControlId", + "SourceParameterName", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.ParameterListControl": { + "additionalProperties": false, + "properties": { + "CascadingControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CascadingControlConfiguration", + "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", + "title": "CascadingControlConfiguration" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ListControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterListControl` .", + "title": "ParameterControlId", + "type": "string" + }, + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterListControl` .", + "title": "SourceParameterName", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `ParameterListControl` .", + "title": "Title", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of `ParameterListControl` .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "ParameterControlId", + "SourceParameterName", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.ParameterSelectableValues": { + "additionalProperties": false, + "properties": { + "LinkToDataSetColumn": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column identifier that fetches values from the data set.", + "title": "LinkToDataSetColumn" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The values that are used in `ParameterSelectableValues` .", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ParameterSliderControl": { + "additionalProperties": false, + "properties": { + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SliderControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "MaximumValue": { + "markdownDescription": "The larger value that is displayed at the right of the slider.", + "title": "MaximumValue", + "type": "number" + }, + "MinimumValue": { + "markdownDescription": "The smaller value that is displayed at the left of the slider.", + "title": "MinimumValue", + "type": "number" + }, + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterSliderControl` .", + "title": "ParameterControlId", + "type": "string" + }, + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterSliderControl` .", + "title": "SourceParameterName", + "type": "string" + }, + "StepSize": { + "markdownDescription": "The number of increments that the slider bar is divided into.", + "title": "StepSize", + "type": "number" + }, + "Title": { + "markdownDescription": "The title of the `ParameterSliderControl` .", + "title": "Title", + "type": "string" + } + }, + "required": [ + "MaximumValue", + "MinimumValue", + "ParameterControlId", + "SourceParameterName", + "StepSize", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.ParameterTextAreaControl": { + "additionalProperties": false, + "properties": { + "Delimiter": { + "markdownDescription": "The delimiter that is used to separate the lines in text.", + "title": "Delimiter", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TextAreaControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterTextAreaControl` .", + "title": "ParameterControlId", + "type": "string" + }, + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterTextAreaControl` .", + "title": "SourceParameterName", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `ParameterTextAreaControl` .", + "title": "Title", + "type": "string" + } + }, + "required": [ + "ParameterControlId", + "SourceParameterName", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.ParameterTextFieldControl": { + "additionalProperties": false, + "properties": { + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TextFieldControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterTextFieldControl` .", + "title": "ParameterControlId", + "type": "string" + }, + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterTextFieldControl` .", + "title": "SourceParameterName", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `ParameterTextFieldControl` .", + "title": "Title", + "type": "string" + } + }, + "required": [ + "ParameterControlId", + "SourceParameterName", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.Parameters": { + "additionalProperties": false, + "properties": { + "DateTimeParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeParameter" + }, + "markdownDescription": "The parameters that have a data type of date-time.", + "title": "DateTimeParameters", + "type": "array" + }, + "DecimalParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalParameter" + }, + "markdownDescription": "The parameters that have a data type of decimal.", + "title": "DecimalParameters", + "type": "array" + }, + "IntegerParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.IntegerParameter" + }, + "markdownDescription": "The parameters that have a data type of integer.", + "title": "IntegerParameters", + "type": "array" + }, + "StringParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.StringParameter" + }, + "markdownDescription": "The parameters that have a data type of string.", + "title": "StringParameters", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.PercentVisibleRange": { + "additionalProperties": false, + "properties": { + "From": { + "markdownDescription": "The lower bound of the range.", + "title": "From", + "type": "number" + }, + "To": { + "markdownDescription": "The top bound of the range.", + "title": "To", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.PercentageDisplayFormatConfiguration": { + "additionalProperties": false, + "properties": { + "DecimalPlacesConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalPlacesConfiguration", + "markdownDescription": "The option that determines the decimal places configuration.", + "title": "DecimalPlacesConfiguration" + }, + "NegativeValueConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NegativeValueConfiguration", + "markdownDescription": "The options that determine the negative value configuration.", + "title": "NegativeValueConfiguration" + }, + "NullValueFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NullValueFormatConfiguration", + "markdownDescription": "The options that determine the null value format configuration.", + "title": "NullValueFormatConfiguration" + }, + "Prefix": { + "markdownDescription": "Determines the prefix value of the percentage format.", + "title": "Prefix", + "type": "string" + }, + "SeparatorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericSeparatorConfiguration", + "markdownDescription": "The options that determine the numeric separator configuration.", + "title": "SeparatorConfiguration" + }, + "Suffix": { + "markdownDescription": "Determines the suffix value of the percentage format.", + "title": "Suffix", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.PercentileAggregation": { + "additionalProperties": false, + "properties": { + "PercentileValue": { + "markdownDescription": "The percentile value. This value can be any numeric constant 0\u2013100. A percentile value of 50 computes the median value of the measure.", + "title": "PercentileValue", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.PeriodOverPeriodComputation": { + "additionalProperties": false, + "properties": { + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" + } + }, + "required": [ + "ComputationId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.PeriodToDateComputation": { + "additionalProperties": false, + "properties": { + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "PeriodTimeGranularity": { + "markdownDescription": "The time granularity setup of period to date computation. Choose from the following options:\n\n- YEAR: Year to date.\n- MONTH: Month to date.", + "title": "PeriodTimeGranularity", + "type": "string" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" + } + }, + "required": [ + "ComputationId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.PieChartAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The category (group/color) field wells of a pie chart.", + "title": "Category", + "type": "array" + }, + "SmallMultiples": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The small multiples field well of a pie chart.", + "title": "SmallMultiples", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The value field wells of a pie chart. Values are aggregated based on categories.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.PieChartConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options of the group/color that is displayed in a pie chart.", + "title": "CategoryLabelOptions" + }, + "ContributionAnalysisDefaults": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ContributionAnalysisDefault" + }, + "markdownDescription": "The contribution analysis (anomaly configuration) setup of the visual.", + "title": "ContributionAnalysisDefaults", + "type": "array" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.", + "title": "DataLabels" + }, + "DonutOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DonutOptions", + "markdownDescription": "The options that determine the shape of the chart. This option determines whether the chart is a pie chart or a donut chart.", + "title": "DonutOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PieChartFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "SmallMultiplesOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SmallMultiplesOptions", + "markdownDescription": "The small multiples setup for the visual.", + "title": "SmallMultiplesOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PieChartSortConfiguration", + "markdownDescription": "The sort configuration of a pie chart.", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + }, + "ValueLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options for the value that is displayed in a pie chart.", + "title": "ValueLabelOptions" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.PieChartFieldWells": { + "additionalProperties": false, + "properties": { + "PieChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PieChartAggregatedFieldWells", + "markdownDescription": "The field well configuration of a pie chart.", + "title": "PieChartAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.PieChartSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of categories that are displayed in a pie chart.", + "title": "CategoryItemsLimit" + }, + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the category fields.", + "title": "CategorySort", + "type": "array" + }, + "SmallMultiplesLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of small multiples panels that are displayed.", + "title": "SmallMultiplesLimitConfiguration" + }, + "SmallMultiplesSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the small multiples field.", + "title": "SmallMultiplesSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.PieChartVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PieChartConfiguration", + "markdownDescription": "The configuration of a pie chart.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.PivotFieldSortOptions": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The field ID for the field sort options.", + "title": "FieldId", + "type": "string" + }, + "SortBy": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableSortBy", + "markdownDescription": "The sort by field for the field sort options.", + "title": "SortBy" + } + }, + "required": [ + "FieldId", + "SortBy" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.PivotTableAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Columns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The columns field well for a pivot table. Values are grouped by columns fields.", + "title": "Columns", + "type": "array" + }, + "Rows": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The rows field well for a pivot table. Values are grouped by rows fields.", + "title": "Rows", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The values field well for a pivot table. Values are aggregated based on rows and columns fields.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.PivotTableCellConditionalFormatting": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The field ID of the cell for conditional formatting.", + "title": "FieldId", + "type": "string" + }, + "Scope": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableConditionalFormattingScope", + "markdownDescription": "The scope of the cell for conditional formatting.", + "title": "Scope" + }, + "Scopes": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableConditionalFormattingScope" + }, + "markdownDescription": "A list of cell scopes for conditional formatting.", + "title": "Scopes", + "type": "array" + }, + "TextFormat": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TextConditionalFormat", + "markdownDescription": "The text format of the cell for conditional formatting.", + "title": "TextFormat" + } + }, + "required": [ + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.PivotTableConditionalFormatting": { + "additionalProperties": false, + "properties": { + "ConditionalFormattingOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableConditionalFormattingOption" + }, + "markdownDescription": "Conditional formatting options for a `PivotTableVisual` .", + "title": "ConditionalFormattingOptions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.PivotTableConditionalFormattingOption": { + "additionalProperties": false, + "properties": { + "Cell": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableCellConditionalFormatting", + "markdownDescription": "The cell conditional formatting option for a pivot table.", + "title": "Cell" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.PivotTableConditionalFormattingScope": { + "additionalProperties": false, + "properties": { + "Role": { + "markdownDescription": "The role (field, field total, grand total) of the cell for conditional formatting.", + "title": "Role", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.PivotTableConfiguration": { + "additionalProperties": false, + "properties": { + "FieldOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableFieldOptions", + "markdownDescription": "The field options for a pivot table visual.", + "title": "FieldOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "PaginatedReportOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTablePaginatedReportOptions", + "markdownDescription": "The paginated report options for a pivot table visual.", + "title": "PaginatedReportOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableSortConfiguration", + "markdownDescription": "The sort configuration for a `PivotTableVisual` .", + "title": "SortConfiguration" + }, + "TableOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableOptions", + "markdownDescription": "The table options for a pivot table visual.", + "title": "TableOptions" + }, + "TotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableTotalOptions", + "markdownDescription": "The total options for a pivot table visual.", + "title": "TotalOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.PivotTableDataPathOption": { + "additionalProperties": false, + "properties": { + "DataPathList": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathValue" + }, + "markdownDescription": "The list of data path values for the data path options.", + "title": "DataPathList", + "type": "array" + }, + "Width": { + "markdownDescription": "The width of the data path option.", + "title": "Width", + "type": "string" + } + }, + "required": [ + "DataPathList" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.PivotTableFieldCollapseStateOption": { + "additionalProperties": false, + "properties": { + "State": { + "markdownDescription": "The state of the field target of a pivot table. Choose one of the following options:\n\n- `COLLAPSED`\n- `EXPANDED`", + "title": "State", + "type": "string" + }, + "Target": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableFieldCollapseStateTarget", + "markdownDescription": "A tagged-union object that sets the collapse state.", + "title": "Target" + } + }, + "required": [ + "Target" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.PivotTableFieldCollapseStateTarget": { + "additionalProperties": false, + "properties": { + "FieldDataPathValues": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathValue" + }, + "markdownDescription": "The data path of the pivot table's header. Used to set the collapse state.", + "title": "FieldDataPathValues", + "type": "array" + }, + "FieldId": { + "markdownDescription": "The field ID of the pivot table that the collapse state needs to be set to.", + "title": "FieldId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.PivotTableFieldOption": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The custom label of the pivot table field.", + "title": "CustomLabel", + "type": "string" + }, + "FieldId": { + "markdownDescription": "The field ID of the pivot table field.", + "title": "FieldId", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the pivot table field.", + "title": "Visibility", + "type": "string" + } + }, + "required": [ + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.PivotTableFieldOptions": { + "additionalProperties": false, + "properties": { + "CollapseStateOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableFieldCollapseStateOption" + }, + "markdownDescription": "The collapse state options for the pivot table field options.", + "title": "CollapseStateOptions", + "type": "array" + }, + "DataPathOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableDataPathOption" + }, + "markdownDescription": "The data path options for the pivot table field options.", + "title": "DataPathOptions", + "type": "array" + }, + "SelectedFieldOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableFieldOption" + }, + "markdownDescription": "The selected field options for the pivot table field options.", + "title": "SelectedFieldOptions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.PivotTableFieldSubtotalOptions": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The field ID of the subtotal options.", + "title": "FieldId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.PivotTableFieldWells": { + "additionalProperties": false, + "properties": { + "PivotTableAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableAggregatedFieldWells", + "markdownDescription": "The aggregated field well for the pivot table.", + "title": "PivotTableAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.PivotTableOptions": { + "additionalProperties": false, + "properties": { + "CellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", + "markdownDescription": "The table cell style of cells.", + "title": "CellStyle" + }, + "CollapsedRowDimensionsVisibility": { + "markdownDescription": "The visibility setting of a pivot table's collapsed row dimension fields. If the value of this structure is `HIDDEN` , all collapsed columns in a pivot table are automatically hidden. The default value is `VISIBLE` .", + "title": "CollapsedRowDimensionsVisibility", + "type": "string" + }, + "ColumnHeaderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", + "markdownDescription": "The table cell style of the column header.", + "title": "ColumnHeaderStyle" + }, + "ColumnNamesVisibility": { + "markdownDescription": "The visibility of the column names.", + "title": "ColumnNamesVisibility", + "type": "string" + }, + "DefaultCellWidth": { + "markdownDescription": "The default cell width of the pivot table.", + "title": "DefaultCellWidth", + "type": "string" + }, + "MetricPlacement": { + "markdownDescription": "The metric placement (row, column) options.", + "title": "MetricPlacement", + "type": "string" + }, + "RowAlternateColorOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.RowAlternateColorOptions", + "markdownDescription": "The row alternate color options (widget status, row alternate colors).", + "title": "RowAlternateColorOptions" + }, + "RowFieldNamesStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", + "markdownDescription": "The table cell style of row field names.", + "title": "RowFieldNamesStyle" + }, + "RowHeaderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", + "markdownDescription": "The table cell style of the row headers.", + "title": "RowHeaderStyle" + }, + "RowsLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableRowsLabelOptions", + "markdownDescription": "The options for the label that is located above the row headers. This option is only applicable when `RowsLayout` is set to `HIERARCHY` .", + "title": "RowsLabelOptions" + }, + "RowsLayout": { + "markdownDescription": "The layout for the row dimension headers of a pivot table. Choose one of the following options.\n\n- `TABULAR` : (Default) Each row field is displayed in a separate column.\n- `HIERARCHY` : All row fields are displayed in a single column. Indentation is used to differentiate row headers of different fields.", + "title": "RowsLayout", + "type": "string" + }, + "SingleMetricVisibility": { + "markdownDescription": "The visibility of the single metric options.", + "title": "SingleMetricVisibility", + "type": "string" + }, + "ToggleButtonsVisibility": { + "markdownDescription": "Determines the visibility of the pivot table.", + "title": "ToggleButtonsVisibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.PivotTablePaginatedReportOptions": { + "additionalProperties": false, + "properties": { + "OverflowColumnHeaderVisibility": { + "markdownDescription": "The visibility of the repeating header rows on each page.", + "title": "OverflowColumnHeaderVisibility", + "type": "string" + }, + "VerticalOverflowVisibility": { + "markdownDescription": "The visibility of the printing table overflow across pages.", + "title": "VerticalOverflowVisibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.PivotTableRowsLabelOptions": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The custom label string for the rows label.", + "title": "CustomLabel", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the rows label.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.PivotTableSortBy": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnSort", + "markdownDescription": "The column sort (field id, direction) for the pivot table sort by options.", + "title": "Column" + }, + "DataPath": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathSort", + "markdownDescription": "The data path sort (data path value, direction) for the pivot table sort by options.", + "title": "DataPath" + }, + "Field": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSort", + "markdownDescription": "The field sort (field id, direction) for the pivot table sort by options.", + "title": "Field" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.PivotTableSortConfiguration": { + "additionalProperties": false, + "properties": { + "FieldSortOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotFieldSortOptions" + }, + "markdownDescription": "The field sort options for a pivot table sort configuration.", + "title": "FieldSortOptions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.PivotTableTotalOptions": { + "additionalProperties": false, + "properties": { + "ColumnSubtotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SubtotalOptions", + "markdownDescription": "The column subtotal options.", + "title": "ColumnSubtotalOptions" + }, + "ColumnTotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTotalOptions", + "markdownDescription": "The column total options.", + "title": "ColumnTotalOptions" + }, + "RowSubtotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SubtotalOptions", + "markdownDescription": "The row subtotal options.", + "title": "RowSubtotalOptions" + }, + "RowTotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTotalOptions", + "markdownDescription": "The row total options.", + "title": "RowTotalOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.PivotTableVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ConditionalFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableConditionalFormatting", + "markdownDescription": "The conditional formatting for a `PivotTableVisual` .", + "title": "ConditionalFormatting" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.PivotTotalOptions": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The custom label string for the total cells.", + "title": "CustomLabel", + "type": "string" + }, + "MetricHeaderCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", + "markdownDescription": "The cell styling options for the total of header cells.", + "title": "MetricHeaderCellStyle" + }, + "Placement": { + "markdownDescription": "The placement (start, end) for the total cells.", + "title": "Placement", + "type": "string" + }, + "ScrollStatus": { + "markdownDescription": "The scroll status (pinned, scrolled) for the total cells.", + "title": "ScrollStatus", + "type": "string" + }, + "TotalAggregationOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TotalAggregationOption" + }, + "markdownDescription": "The total aggregation options for each value field.", + "title": "TotalAggregationOptions", + "type": "array" + }, + "TotalCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", + "markdownDescription": "The cell styling options for the total cells.", + "title": "TotalCellStyle" + }, + "TotalsVisibility": { + "markdownDescription": "The visibility configuration for the total cells.", + "title": "TotalsVisibility", + "type": "string" + }, + "ValueCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", + "markdownDescription": "The cell styling options for the totals of value cells.", + "title": "ValueCellStyle" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.PluginVisual": { + "additionalProperties": false, + "properties": { + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PluginVisualConfiguration", + "markdownDescription": "A description of the plugin field wells and their persisted properties.", + "title": "ChartConfiguration" + }, + "PluginArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that reflects the plugin and version.", + "title": "PluginArn", + "type": "string" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The ID of the visual that you want to use.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "PluginArn", + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.PluginVisualConfiguration": { + "additionalProperties": false, + "properties": { + "FieldWells": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PluginVisualFieldWell" + }, + "markdownDescription": "The field wells configuration of the plugin visual.", + "title": "FieldWells", + "type": "array" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PluginVisualSortConfiguration", + "markdownDescription": "The sort configuration of the plugin visual.", + "title": "SortConfiguration" + }, + "VisualOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PluginVisualOptions", + "markdownDescription": "The persisted properties of the plugin visual.", + "title": "VisualOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.PluginVisualFieldWell": { + "additionalProperties": false, + "properties": { + "AxisName": { + "markdownDescription": "The semantic axis name for the field well.", + "title": "AxisName", + "type": "string" + }, + "Dimensions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "A list of dimensions for the field well.", + "title": "Dimensions", + "type": "array" + }, + "Measures": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "A list of measures that exist in the field well.", + "title": "Measures", + "type": "array" + }, + "Unaggregated": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.UnaggregatedField" + }, + "markdownDescription": "A list of unaggregated fields that exist in the field well.", + "title": "Unaggregated", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.PluginVisualItemsLimitConfiguration": { + "additionalProperties": false, + "properties": { + "ItemsLimit": { + "markdownDescription": "Determines how many values are be fetched at once.", + "title": "ItemsLimit", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.PluginVisualOptions": { + "additionalProperties": false, + "properties": { + "VisualProperties": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PluginVisualProperty" + }, + "markdownDescription": "The persisted properties and their values.", + "title": "VisualProperties", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.PluginVisualProperty": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the plugin visual property.", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the plugin visual property.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.PluginVisualSortConfiguration": { + "additionalProperties": false, + "properties": { + "PluginVisualTableQuerySort": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PluginVisualTableQuerySort", + "markdownDescription": "The table query sorting options for the plugin visual.", + "title": "PluginVisualTableQuerySort" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.PluginVisualTableQuerySort": { + "additionalProperties": false, + "properties": { + "ItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PluginVisualItemsLimitConfiguration", + "markdownDescription": "The maximum amount of data to be returned by a query.", + "title": "ItemsLimitConfiguration" + }, + "RowSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + }, + "markdownDescription": "Determines how data is sorted in the response.", + "title": "RowSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.PredefinedHierarchy": { + "additionalProperties": false, + "properties": { + "Columns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier" + }, + "markdownDescription": "The list of columns that define the predefined hierarchy.", + "title": "Columns", + "type": "array" + }, + "DrillDownFilters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DrillDownFilter" + }, + "markdownDescription": "The option that determines the drill down filters for the predefined hierarchy.", + "title": "DrillDownFilters", + "type": "array" + }, + "HierarchyId": { + "markdownDescription": "The hierarchy ID of the predefined hierarchy.", + "title": "HierarchyId", + "type": "string" + } + }, + "required": [ + "Columns", + "HierarchyId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.ProgressBarOptions": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility of the progress bar.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.QueryExecutionOptions": { + "additionalProperties": false, + "properties": { + "QueryExecutionMode": { + "markdownDescription": "A structure that describes the query execution mode.", + "title": "QueryExecutionMode", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.RadarChartAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The aggregated field well categories of a radar chart.", + "title": "Category", + "type": "array" + }, + "Color": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The color that are assigned to the aggregated field wells of a radar chart.", + "title": "Color", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The values that are assigned to the aggregated field wells of a radar chart.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.RadarChartAreaStyleSettings": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility settings of a radar chart.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.RadarChartConfiguration": { + "additionalProperties": false, + "properties": { + "AlternateBandColorsVisibility": { + "markdownDescription": "Determines the visibility of the colors of alternatign bands in a radar chart.", + "title": "AlternateBandColorsVisibility", + "type": "string" + }, + "AlternateBandEvenColor": { + "markdownDescription": "The color of the even-numbered alternate bands of a radar chart.", + "title": "AlternateBandEvenColor", + "type": "string" + }, + "AlternateBandOddColor": { + "markdownDescription": "The color of the odd-numbered alternate bands of a radar chart.", + "title": "AlternateBandOddColor", + "type": "string" + }, + "AxesRangeScale": { + "markdownDescription": "The axis behavior options of a radar chart.", + "title": "AxesRangeScale", + "type": "string" + }, + "BaseSeriesSettings": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartSeriesSettings", + "markdownDescription": "The base sreies settings of a radar chart.", + "title": "BaseSeriesSettings" + }, + "CategoryAxis": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", + "markdownDescription": "The category axis of a radar chart.", + "title": "CategoryAxis" + }, + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The category label options of a radar chart.", + "title": "CategoryLabelOptions" + }, + "ColorAxis": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", + "markdownDescription": "The color axis of a radar chart.", + "title": "ColorAxis" + }, + "ColorLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The color label options of a radar chart.", + "title": "ColorLabelOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartFieldWells", + "markdownDescription": "The field well configuration of a `RadarChartVisual` .", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "Shape": { + "markdownDescription": "The shape of the radar chart.", + "title": "Shape", + "type": "string" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartSortConfiguration", + "markdownDescription": "The sort configuration of a `RadarChartVisual` .", + "title": "SortConfiguration" + }, + "StartAngle": { + "markdownDescription": "The start angle of a radar chart's axis.", + "title": "StartAngle", + "type": "number" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.RadarChartFieldWells": { + "additionalProperties": false, + "properties": { + "RadarChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a radar chart visual.", + "title": "RadarChartAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.RadarChartSeriesSettings": { + "additionalProperties": false, + "properties": { + "AreaStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartAreaStyleSettings", + "markdownDescription": "The area style settings of a radar chart.", + "title": "AreaStyleSettings" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.RadarChartSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The category items limit for a radar chart.", + "title": "CategoryItemsLimit" + }, + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + }, + "markdownDescription": "The category sort options of a radar chart.", + "title": "CategorySort", + "type": "array" + }, + "ColorItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The color items limit of a radar chart.", + "title": "ColorItemsLimit" + }, + "ColorSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + }, + "markdownDescription": "The color sort configuration of a radar chart.", + "title": "ColorSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.RadarChartVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.RangeEndsLabelType": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility of the range ends label.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ReferenceLine": { + "additionalProperties": false, + "properties": { + "DataConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineDataConfiguration", + "markdownDescription": "The data configuration of the reference line.", + "title": "DataConfiguration" + }, + "LabelConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineLabelConfiguration", + "markdownDescription": "The label configuration of the reference line.", + "title": "LabelConfiguration" + }, + "Status": { + "markdownDescription": "The status of the reference line. Choose one of the following options:\n\n- `ENABLE`\n- `DISABLE`", + "title": "Status", + "type": "string" + }, + "StyleConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineStyleConfiguration", + "markdownDescription": "The style configuration of the reference line.", + "title": "StyleConfiguration" + } + }, + "required": [ + "DataConfiguration" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.ReferenceLineCustomLabelConfiguration": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The string text of the custom label.", + "title": "CustomLabel", + "type": "string" + } + }, + "required": [ + "CustomLabel" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.ReferenceLineDataConfiguration": { + "additionalProperties": false, + "properties": { + "AxisBinding": { + "markdownDescription": "The axis binding type of the reference line. Choose one of the following options:\n\n- `PrimaryY`\n- `SecondaryY`", + "title": "AxisBinding", + "type": "string" + }, + "DynamicConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineDynamicDataConfiguration", + "markdownDescription": "The dynamic configuration of the reference line data configuration.", + "title": "DynamicConfiguration" + }, + "SeriesType": { + "markdownDescription": "The series type of the reference line data configuration. Choose one of the following options:\n\n- `BAR`\n- `LINE`", + "title": "SeriesType", + "type": "string" + }, + "StaticConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineStaticDataConfiguration", + "markdownDescription": "The static data configuration of the reference line data configuration.", + "title": "StaticConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ReferenceLineDynamicDataConfiguration": { + "additionalProperties": false, + "properties": { + "Calculation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericalAggregationFunction", + "markdownDescription": "The calculation that is used in the dynamic data.", + "title": "Calculation" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that the dynamic data targets.", + "title": "Column" + }, + "MeasureAggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationFunction", + "markdownDescription": "The aggregation function that is used in the dynamic data.", + "title": "MeasureAggregationFunction" + } + }, + "required": [ + "Calculation", + "Column" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.ReferenceLineLabelConfiguration": { + "additionalProperties": false, + "properties": { + "CustomLabelConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineCustomLabelConfiguration", + "markdownDescription": "The custom label configuration of the label in a reference line.", + "title": "CustomLabelConfiguration" + }, + "FontColor": { + "markdownDescription": "The font color configuration of the label in a reference line.", + "title": "FontColor", + "type": "string" + }, + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", + "markdownDescription": "The font configuration of the label in a reference line.", + "title": "FontConfiguration" + }, + "HorizontalPosition": { + "markdownDescription": "The horizontal position configuration of the label in a reference line. Choose one of the following options:\n\n- `LEFT`\n- `CENTER`\n- `RIGHT`", + "title": "HorizontalPosition", + "type": "string" + }, + "ValueLabelConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineValueLabelConfiguration", + "markdownDescription": "The value label configuration of the label in a reference line.", + "title": "ValueLabelConfiguration" + }, + "VerticalPosition": { + "markdownDescription": "The vertical position configuration of the label in a reference line. Choose one of the following options:\n\n- `ABOVE`\n- `BELOW`", + "title": "VerticalPosition", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ReferenceLineStaticDataConfiguration": { + "additionalProperties": false, + "properties": { + "Value": { + "markdownDescription": "The double input of the static data.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "Value" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.ReferenceLineStyleConfiguration": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The hex color of the reference line.", + "title": "Color", + "type": "string" + }, + "Pattern": { + "markdownDescription": "The pattern type of the line style. Choose one of the following options:\n\n- `SOLID`\n- `DASHED`\n- `DOTTED`", + "title": "Pattern", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ReferenceLineValueLabelConfiguration": { + "additionalProperties": false, + "properties": { + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericFormatConfiguration", + "markdownDescription": "The format configuration of the value label.", + "title": "FormatConfiguration" + }, + "RelativePosition": { + "markdownDescription": "The relative position of the value label. Choose one of the following options:\n\n- `BEFORE_CUSTOM_LABEL`\n- `AFTER_CUSTOM_LABEL`", + "title": "RelativePosition", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.RelativeDateTimeControlDisplayOptions": { + "additionalProperties": false, + "properties": { + "DateTimeFormat": { + "markdownDescription": "Customize how dates are formatted in controls.", + "title": "DateTimeFormat", + "type": "string" + }, + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.RelativeDatesFilter": { + "additionalProperties": false, + "properties": { + "AnchorDateConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AnchorDateConfiguration", + "markdownDescription": "The date configuration of the filter.", + "title": "AnchorDateConfiguration" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "ExcludePeriodConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ExcludePeriodConfiguration", + "markdownDescription": "The configuration for the exclude period of the filter.", + "title": "ExcludePeriodConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + }, + "MinimumGranularity": { + "markdownDescription": "The minimum granularity (period granularity) of the relative dates filter.", + "title": "MinimumGranularity", + "type": "string" + }, + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" + }, + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.", + "title": "ParameterName", + "type": "string" + }, + "RelativeDateType": { + "markdownDescription": "The range date type of the filter. Choose one of the options below:\n\n- `PREVIOUS`\n- `THIS`\n- `LAST`\n- `NOW`\n- `NEXT`", + "title": "RelativeDateType", + "type": "string" + }, + "RelativeDateValue": { + "markdownDescription": "The date value of the filter.", + "title": "RelativeDateValue", + "type": "number" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" + } + }, + "required": [ + "AnchorDateConfiguration", + "Column", + "FilterId", + "NullOption", + "RelativeDateType", + "TimeGranularity" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.ResourcePermission": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "type": "string" + }, + "markdownDescription": "The IAM action to grant or revoke permissions on.", + "title": "Actions", + "type": "array" + }, + "Principal": { + "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", + "title": "Principal", + "type": "string" + } + }, + "required": [ + "Actions", + "Principal" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.RollingDateConfiguration": { + "additionalProperties": false, + "properties": { + "DataSetIdentifier": { + "markdownDescription": "The data set that is used in the rolling date configuration.", + "title": "DataSetIdentifier", + "type": "string" + }, + "Expression": { + "markdownDescription": "The expression of the rolling date configuration.", + "title": "Expression", + "type": "string" + } + }, + "required": [ + "Expression" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.RowAlternateColorOptions": { + "additionalProperties": false, + "properties": { + "RowAlternateColors": { + "items": { + "type": "string" + }, + "markdownDescription": "Determines the list of row alternate colors.", + "title": "RowAlternateColors", + "type": "array" + }, + "Status": { + "markdownDescription": "Determines the widget status.", + "title": "Status", + "type": "string" + }, + "UsePrimaryBackgroundColor": { + "markdownDescription": "The primary background color options for alternate rows.", + "title": "UsePrimaryBackgroundColor", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SameSheetTargetVisualConfiguration": { + "additionalProperties": false, + "properties": { + "TargetVisualOptions": { + "markdownDescription": "The options that choose the target visual in the same sheet.\n\nValid values are defined as follows:\n\n- `ALL_VISUALS` : Applies the filter operation to all visuals in the same sheet.", + "title": "TargetVisualOptions", + "type": "string" + }, + "TargetVisuals": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the target visual IDs that are located in the same sheet of the analysis.", + "title": "TargetVisuals", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SankeyDiagramAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Destination": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The destination field wells of a sankey diagram.", + "title": "Destination", + "type": "array" + }, + "Source": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The source field wells of a sankey diagram.", + "title": "Source", + "type": "array" + }, + "Weight": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The weight field wells of a sankey diagram.", + "title": "Weight", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SankeyDiagramChartConfiguration": { + "additionalProperties": false, + "properties": { + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", + "markdownDescription": "The data label configuration of a sankey diagram.", + "title": "DataLabels" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SankeyDiagramFieldWells", + "markdownDescription": "The field well configuration of a sankey diagram.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SankeyDiagramSortConfiguration", + "markdownDescription": "The sort configuration of a sankey diagram.", + "title": "SortConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SankeyDiagramFieldWells": { + "additionalProperties": false, + "properties": { + "SankeyDiagramAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SankeyDiagramAggregatedFieldWells", + "markdownDescription": "The field well configuration of a sankey diagram.", + "title": "SankeyDiagramAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SankeyDiagramSortConfiguration": { + "additionalProperties": false, + "properties": { + "DestinationItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of destination nodes that are displayed in a sankey diagram.", + "title": "DestinationItemsLimit" + }, + "SourceItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of source nodes that are displayed in a sankey diagram.", + "title": "SourceItemsLimit" + }, + "WeightSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the weight fields.", + "title": "WeightSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SankeyDiagramVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SankeyDiagramChartConfiguration", + "markdownDescription": "The configuration of a sankey diagram.", + "title": "ChartConfiguration" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.ScatterPlotCategoricallyAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The category field well of a scatter plot.", + "title": "Category", + "type": "array" + }, + "Label": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The label field well of a scatter plot.", + "title": "Label", + "type": "array" + }, + "Size": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The size field well of a scatter plot.", + "title": "Size", + "type": "array" + }, + "XAxis": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The x-axis field well of a scatter plot.\n\nThe x-axis is aggregated by category.", + "title": "XAxis", + "type": "array" + }, + "YAxis": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The y-axis field well of a scatter plot.\n\nThe y-axis is aggregated by category.", + "title": "YAxis", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ScatterPlotConfiguration": { + "additionalProperties": false, + "properties": { + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.", + "title": "DataLabels" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ScatterPlotFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ScatterPlotSortConfiguration", + "markdownDescription": "The sort configuration of a scatter plot.", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Tooltip" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" + }, + "XAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, and axis step) of the scatter plot's x-axis.", + "title": "XAxisDisplayOptions" + }, + "XAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's x-axis.", + "title": "XAxisLabelOptions" + }, + "YAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, and axis step) of the scatter plot's y-axis.", + "title": "YAxisDisplayOptions" + }, + "YAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's y-axis.", + "title": "YAxisLabelOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ScatterPlotFieldWells": { + "additionalProperties": false, + "properties": { + "ScatterPlotCategoricallyAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ScatterPlotCategoricallyAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a scatter plot. The x and y-axes of scatter plots with aggregated field wells are aggregated by category, label, or both.", + "title": "ScatterPlotCategoricallyAggregatedFieldWells" + }, + "ScatterPlotUnaggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ScatterPlotUnaggregatedFieldWells", + "markdownDescription": "The unaggregated field wells of a scatter plot. The x and y-axes of these scatter plots are unaggregated.", + "title": "ScatterPlotUnaggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ScatterPlotSortConfiguration": { + "additionalProperties": false, + "properties": { + "ScatterPlotLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "", + "title": "ScatterPlotLimitConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ScatterPlotUnaggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The category field well of a scatter plot.", + "title": "Category", + "type": "array" + }, + "Label": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The label field well of a scatter plot.", + "title": "Label", + "type": "array" + }, + "Size": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The size field well of a scatter plot.", + "title": "Size", + "type": "array" + }, + "XAxis": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The x-axis field well of a scatter plot.\n\nThe x-axis is a dimension field and cannot be aggregated.", + "title": "XAxis", + "type": "array" + }, + "YAxis": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The y-axis field well of a scatter plot.\n\nThe y-axis is a dimension field and cannot be aggregated.", + "title": "YAxis", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ScatterPlotVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ScatterPlotConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.ScrollBarOptions": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility of the data zoom scroll bar.", + "title": "Visibility", + "type": "string" + }, + "VisibleRange": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisibleRangeOptions", + "markdownDescription": "The visibility range for the data zoom scroll bar.", + "title": "VisibleRange" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SecondaryValueOptions": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "Determines the visibility of the secondary value.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SectionAfterPageBreak": { + "additionalProperties": false, + "properties": { + "Status": { + "markdownDescription": "The option that enables or disables a page break at the end of a section.", + "title": "Status", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SectionBasedLayoutCanvasSizeOptions": { + "additionalProperties": false, + "properties": { + "PaperCanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionBasedLayoutPaperCanvasSizeOptions", + "markdownDescription": "The options for a paper canvas of a section-based layout.", + "title": "PaperCanvasSizeOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SectionBasedLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "BodySections": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BodySectionConfiguration" + }, + "markdownDescription": "A list of body section configurations.", + "title": "BodySections", + "type": "array" + }, + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionBasedLayoutCanvasSizeOptions", + "markdownDescription": "The options for the canvas of a section-based layout.", + "title": "CanvasSizeOptions" + }, + "FooterSections": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.HeaderFooterSectionConfiguration" + }, + "markdownDescription": "A list of footer section configurations.", + "title": "FooterSections", + "type": "array" + }, + "HeaderSections": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.HeaderFooterSectionConfiguration" + }, + "markdownDescription": "A list of header section configurations.", + "title": "HeaderSections", + "type": "array" + } + }, + "required": [ + "BodySections", + "CanvasSizeOptions", + "FooterSections", + "HeaderSections" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.SectionBasedLayoutPaperCanvasSizeOptions": { + "additionalProperties": false, + "properties": { + "PaperMargin": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.Spacing", + "markdownDescription": "Defines the spacing between the canvas content and the top, bottom, left, and right edges.", + "title": "PaperMargin" + }, + "PaperOrientation": { + "markdownDescription": "The paper orientation that is used to define canvas dimensions. Choose one of the following options:\n\n- PORTRAIT\n- LANDSCAPE", + "title": "PaperOrientation", + "type": "string" + }, + "PaperSize": { + "markdownDescription": "The paper size that is used to define canvas dimensions.", + "title": "PaperSize", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SectionLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "FreeFormLayout": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormSectionLayoutConfiguration", + "markdownDescription": "The free-form layout configuration of a section.", + "title": "FreeFormLayout" + } + }, + "required": [ + "FreeFormLayout" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.SectionPageBreakConfiguration": { + "additionalProperties": false, + "properties": { + "After": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionAfterPageBreak", + "markdownDescription": "The configuration of a page break after a section.", + "title": "After" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SectionStyle": { + "additionalProperties": false, + "properties": { + "Height": { + "markdownDescription": "The height of a section.\n\nHeights can only be defined for header and footer sections. The default height margin is 0.5 inches.", + "title": "Height", + "type": "string" + }, + "Padding": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.Spacing", + "markdownDescription": "The spacing between section content and its top, bottom, left, and right edges.\n\nThere is no padding by default.", + "title": "Padding" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SelectedSheetsFilterScopeConfiguration": { + "additionalProperties": false, + "properties": { + "SheetVisualScopingConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetVisualScopingConfiguration" + }, + "markdownDescription": "The sheet ID and visual IDs of the sheet and visuals that the filter is applied to.", + "title": "SheetVisualScopingConfigurations", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SeriesItem": { + "additionalProperties": false, + "properties": { + "DataFieldSeriesItem": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataFieldSeriesItem", + "markdownDescription": "The data field series item configuration of a line chart.", + "title": "DataFieldSeriesItem" + }, + "FieldSeriesItem": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSeriesItem", + "markdownDescription": "The field series item configuration of a line chart.", + "title": "FieldSeriesItem" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SetParameterValueConfiguration": { + "additionalProperties": false, + "properties": { + "DestinationParameterName": { + "markdownDescription": "The destination parameter name of the `SetParameterValueConfiguration` .", + "title": "DestinationParameterName", + "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DestinationParameterValueConfiguration", + "markdownDescription": "", + "title": "Value" + } + }, + "required": [ + "DestinationParameterName", + "Value" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.ShapeConditionalFormat": { + "additionalProperties": false, + "properties": { + "BackgroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting for the shape background color of a filled map visual.", + "title": "BackgroundColor" + } + }, + "required": [ + "BackgroundColor" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.Sheet": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of a sheet. This name is displayed on the sheet's tab in the Amazon QuickSight console.", + "title": "Name", + "type": "string" + }, + "SheetId": { + "markdownDescription": "The unique identifier associated with a sheet.", + "title": "SheetId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions": { + "additionalProperties": false, + "properties": { + "InfoIconText": { + "markdownDescription": "The text content of info icon.", + "title": "InfoIconText", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility configuration of info icon label options.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SheetControlLayout": { + "additionalProperties": false, + "properties": { + "Configuration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlLayoutConfiguration", + "markdownDescription": "The configuration that determines the elements and canvas size options of sheet control.", + "title": "Configuration" + } + }, + "required": [ + "Configuration" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.SheetControlLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "GridLayout": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GridLayoutConfiguration", + "markdownDescription": "The configuration that determines the elements and canvas size options of sheet control.", + "title": "GridLayout" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SheetDefinition": { + "additionalProperties": false, + "properties": { + "ContentType": { + "markdownDescription": "The layout content type of the sheet. Choose one of the following options:\n\n- `PAGINATED` : Creates a sheet for a paginated report.\n- `INTERACTIVE` : Creates a sheet for an interactive dashboard.", + "title": "ContentType", + "type": "string" + }, + "Description": { + "markdownDescription": "A description of the sheet.", + "title": "Description", + "type": "string" + }, + "FilterControls": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterControl" + }, + "markdownDescription": "The list of filter controls that are on a sheet.\n\nFor more information, see [Adding filter controls to analysis sheets](https://docs.aws.amazon.com/quicksight/latest/user/filter-controls.html) in the *Amazon QuickSight User Guide* .", + "title": "FilterControls", + "type": "array" + }, + "Images": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetImage" + }, + "markdownDescription": "A list of images on a sheet.", + "title": "Images", + "type": "array" + }, + "Layouts": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.Layout" + }, + "markdownDescription": "Layouts define how the components of a sheet are arranged.\n\nFor more information, see [Types of layout](https://docs.aws.amazon.com/quicksight/latest/user/types-of-layout.html) in the *Amazon QuickSight User Guide* .", + "title": "Layouts", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the sheet. This name is displayed on the sheet's tab in the Amazon QuickSight console.", + "title": "Name", + "type": "string" + }, + "ParameterControls": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterControl" + }, + "markdownDescription": "The list of parameter controls that are on a sheet.\n\nFor more information, see [Using a Control with a Parameter in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-controls.html) in the *Amazon QuickSight User Guide* .", + "title": "ParameterControls", + "type": "array" + }, + "SheetControlLayouts": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlLayout" + }, + "markdownDescription": "The control layouts of the sheet.", + "title": "SheetControlLayouts", + "type": "array" + }, + "SheetId": { + "markdownDescription": "The unique identifier of a sheet.", + "title": "SheetId", + "type": "string" + }, + "TextBoxes": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetTextBox" + }, + "markdownDescription": "The text boxes that are on a sheet.", + "title": "TextBoxes", + "type": "array" + }, + "Title": { + "markdownDescription": "The title of the sheet.", + "title": "Title", + "type": "string" + }, + "Visuals": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.Visual" + }, + "markdownDescription": "A list of the visuals that are on a sheet. Visual placement is determined by the layout of the sheet.", + "title": "Visuals", + "type": "array" + } + }, + "required": [ + "SheetId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.SheetElementConfigurationOverrides": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "Determines whether or not the overrides are visible. Choose one of the following options:\n\n- `VISIBLE`\n- `HIDDEN`", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SheetElementRenderingRule": { + "additionalProperties": false, + "properties": { + "ConfigurationOverrides": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetElementConfigurationOverrides", + "markdownDescription": "The override configuration of the rendering rules of a sheet.", + "title": "ConfigurationOverrides" + }, + "Expression": { + "markdownDescription": "The expression of the rendering rules of a sheet.", + "title": "Expression", + "type": "string" + } + }, + "required": [ + "ConfigurationOverrides", + "Expression" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.SheetImage": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ImageCustomAction" + }, + "markdownDescription": "A list of custom actions that are configured for an image.", + "title": "Actions", + "type": "array" + }, + "ImageContentAltText": { + "markdownDescription": "The alt text for the image.", + "title": "ImageContentAltText", + "type": "string" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ImageInteractionOptions", + "markdownDescription": "The general image interactions setup for an image.", + "title": "Interactions" + }, + "Scaling": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetImageScalingConfiguration", + "markdownDescription": "Determines how the image is scaled.", + "title": "Scaling" + }, + "SheetImageId": { + "markdownDescription": "The ID of the sheet image.", + "title": "SheetImageId", + "type": "string" + }, + "Source": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetImageSource", + "markdownDescription": "The source of the image.", + "title": "Source" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetImageTooltipConfiguration", + "markdownDescription": "The tooltip to be shown when hovering over the image.", + "title": "Tooltip" + } + }, + "required": [ + "SheetImageId", + "Source" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.SheetImageScalingConfiguration": { + "additionalProperties": false, + "properties": { + "ScalingType": { + "markdownDescription": "The scaling option to use when fitting the image inside the container.\n\nValid values are defined as follows:\n\n- `SCALE_TO_WIDTH` : The image takes up the entire width of the container. The image aspect ratio is preserved.\n- `SCALE_TO_HEIGHT` : The image takes up the entire height of the container. The image aspect ratio is preserved.\n- `SCALE_TO_CONTAINER` : The image takes up the entire width and height of the container. The image aspect ratio is not preserved.\n- `SCALE_NONE` : The image is displayed in its original size and is not scaled to the container.", + "title": "ScalingType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SheetImageSource": { + "additionalProperties": false, + "properties": { + "SheetImageStaticFileSource": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetImageStaticFileSource", + "markdownDescription": "The source of the static file that contains the image.", + "title": "SheetImageStaticFileSource" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SheetImageStaticFileSource": { + "additionalProperties": false, + "properties": { + "StaticFileId": { + "markdownDescription": "The ID of the static file that contains the image.", + "title": "StaticFileId", + "type": "string" + } + }, + "required": [ + "StaticFileId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.SheetImageTooltipConfiguration": { + "additionalProperties": false, + "properties": { + "TooltipText": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetImageTooltipText", + "markdownDescription": "The text that appears in the tooltip.", + "title": "TooltipText" + }, + "Visibility": { + "markdownDescription": "The visibility of the tooltip.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SheetImageTooltipText": { + "additionalProperties": false, + "properties": { + "PlainText": { + "markdownDescription": "The plain text format.", + "title": "PlainText", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SheetTextBox": { + "additionalProperties": false, + "properties": { + "Content": { + "markdownDescription": "The content that is displayed in the text box.", + "title": "Content", + "type": "string" + }, + "SheetTextBoxId": { + "markdownDescription": "The unique identifier for a text box. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have text boxes that share identifiers.", + "title": "SheetTextBoxId", + "type": "string" + } + }, + "required": [ + "SheetTextBoxId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.SheetVisualScopingConfiguration": { + "additionalProperties": false, + "properties": { + "Scope": { + "markdownDescription": "The scope of the applied entities. Choose one of the following options:\n\n- `ALL_VISUALS`\n- `SELECTED_VISUALS`", + "title": "Scope", + "type": "string" + }, + "SheetId": { + "markdownDescription": "The selected sheet that the filter is applied to.", + "title": "SheetId", + "type": "string" + }, + "VisualIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The selected visuals that the filter is applied to.", + "title": "VisualIds", + "type": "array" + } + }, + "required": [ + "Scope", + "SheetId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.ShortFormatText": { + "additionalProperties": false, + "properties": { + "PlainText": { + "markdownDescription": "Plain text format.", + "title": "PlainText", + "type": "string" + }, + "RichText": { + "markdownDescription": "Rich text. Examples of rich text include bold, underline, and italics.", + "title": "RichText", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SimpleClusterMarker": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The color of the simple cluster marker.", + "title": "Color", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SingleAxisOptions": { + "additionalProperties": false, + "properties": { + "YAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.YAxisOptions", + "markdownDescription": "The Y axis options of a single axis configuration.", + "title": "YAxisOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SliderControlDisplayOptions": { + "additionalProperties": false, + "properties": { + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SmallMultiplesAxisProperties": { + "additionalProperties": false, + "properties": { + "Placement": { + "markdownDescription": "Defines the placement of the axis. By default, axes are rendered `OUTSIDE` of the panels. Axes with `INDEPENDENT` scale are rendered `INSIDE` the panels.", + "title": "Placement", + "type": "string" + }, + "Scale": { + "markdownDescription": "Determines whether scale of the axes are shared or independent. The default value is `SHARED` .", + "title": "Scale", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SmallMultiplesOptions": { + "additionalProperties": false, + "properties": { + "MaxVisibleColumns": { + "markdownDescription": "Sets the maximum number of visible columns to display in the grid of small multiples panels.\n\nThe default is `Auto` , which automatically adjusts the columns in the grid to fit the overall layout and size of the given chart.", + "title": "MaxVisibleColumns", + "type": "number" + }, + "MaxVisibleRows": { + "markdownDescription": "Sets the maximum number of visible rows to display in the grid of small multiples panels.\n\nThe default value is `Auto` , which automatically adjusts the rows in the grid to fit the overall layout and size of the given chart.", + "title": "MaxVisibleRows", + "type": "number" + }, + "PanelConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PanelConfiguration", + "markdownDescription": "Configures the display options for each small multiples panel.", + "title": "PanelConfiguration" + }, + "XAxis": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SmallMultiplesAxisProperties", + "markdownDescription": "The properties of a small multiples X axis.", + "title": "XAxis" + }, + "YAxis": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SmallMultiplesAxisProperties", + "markdownDescription": "The properties of a small multiples Y axis.", + "title": "YAxis" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.Spacing": { + "additionalProperties": false, + "properties": { + "Bottom": { + "markdownDescription": "Define the bottom spacing.", + "title": "Bottom", + "type": "string" + }, + "Left": { + "markdownDescription": "Define the left spacing.", + "title": "Left", + "type": "string" + }, + "Right": { + "markdownDescription": "Define the right spacing.", + "title": "Right", + "type": "string" + }, + "Top": { + "markdownDescription": "Define the top spacing.", + "title": "Top", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SpatialStaticFile": { + "additionalProperties": false, + "properties": { + "Source": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.StaticFileSource", + "markdownDescription": "The source of the spatial static file.", + "title": "Source" + }, + "StaticFileId": { + "markdownDescription": "The ID of the spatial static file.", + "title": "StaticFileId", + "type": "string" + } + }, + "required": [ + "StaticFileId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.StaticFile": { + "additionalProperties": false, + "properties": { + "ImageStaticFile": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ImageStaticFile", + "markdownDescription": "The image static file.", + "title": "ImageStaticFile" + }, + "SpatialStaticFile": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SpatialStaticFile", + "markdownDescription": "The spacial static file.", + "title": "SpatialStaticFile" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.StaticFileS3SourceOptions": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "The name of the Amazon S3 bucket.", + "title": "BucketName", + "type": "string" + }, + "ObjectKey": { + "markdownDescription": "The identifier of the static file in the Amazon S3 bucket.", + "title": "ObjectKey", + "type": "string" + }, + "Region": { + "markdownDescription": "The Region of the Amazon S3 account that contains the bucket.", + "title": "Region", + "type": "string" + } + }, + "required": [ + "BucketName", + "ObjectKey", + "Region" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.StaticFileSource": { + "additionalProperties": false, + "properties": { + "S3Options": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.StaticFileS3SourceOptions", + "markdownDescription": "The structure that contains the Amazon S3 location to download the static file from.", + "title": "S3Options" + }, + "UrlOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.StaticFileUrlSourceOptions", + "markdownDescription": "The structure that contains the URL to download the static file from.", + "title": "UrlOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.StaticFileUrlSourceOptions": { + "additionalProperties": false, + "properties": { + "Url": { + "markdownDescription": "The URL to download the static file from.", + "title": "Url", + "type": "string" + } + }, + "required": [ + "Url" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.StringDefaultValues": { + "additionalProperties": false, + "properties": { + "DynamicValue": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DynamicDefaultValue", + "markdownDescription": "The dynamic value of the `StringDefaultValues` . Different defaults displayed according to users, groups, and values mapping.", + "title": "DynamicValue" + }, + "StaticValues": { + "items": { + "type": "string" + }, + "markdownDescription": "The static values of the `DecimalDefaultValues` .", + "title": "StaticValues", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.StringFormatConfiguration": { + "additionalProperties": false, + "properties": { + "NullValueFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NullValueFormatConfiguration", + "markdownDescription": "The options that determine the null value format configuration.", + "title": "NullValueFormatConfiguration" + }, + "NumericFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericFormatConfiguration", + "markdownDescription": "The formatting configuration for numeric strings.", + "title": "NumericFormatConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.StringParameter": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "A display name for a string parameter.", + "title": "Name", + "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The values of a string parameter.", + "title": "Values", + "type": "array" + } + }, + "required": [ + "Name", + "Values" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.StringParameterDeclaration": { + "additionalProperties": false, + "properties": { + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.StringDefaultValues", + "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", + "title": "DefaultValues" + }, + "MappedDataSetParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MappedDataSetParameter" + }, + "markdownDescription": "", + "title": "MappedDataSetParameters", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the parameter that is being declared.", + "title": "Name", + "type": "string" + }, + "ParameterValueType": { + "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", + "title": "ParameterValueType", + "type": "string" + }, + "ValueWhenUnset": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.StringValueWhenUnsetConfiguration", + "markdownDescription": "The configuration that defines the default value of a `String` parameter when a value has not been set.", + "title": "ValueWhenUnset" + } + }, + "required": [ + "Name", + "ParameterValueType" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.StringValueWhenUnsetConfiguration": { + "additionalProperties": false, + "properties": { + "CustomValue": { + "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", + "title": "CustomValue", + "type": "string" + }, + "ValueWhenUnsetOption": { + "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", + "title": "ValueWhenUnsetOption", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SubtotalOptions": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The custom label string for the subtotal cells.", + "title": "CustomLabel", + "type": "string" + }, + "FieldLevel": { + "markdownDescription": "The field level (all, custom, last) for the subtotal cells.", + "title": "FieldLevel", + "type": "string" + }, + "FieldLevelOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableFieldSubtotalOptions" + }, + "markdownDescription": "The optional configuration of subtotal cells.", + "title": "FieldLevelOptions", + "type": "array" + }, + "MetricHeaderCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", + "markdownDescription": "The cell styling options for the subtotals of header cells.", + "title": "MetricHeaderCellStyle" + }, + "StyleTargets": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableStyleTarget" + }, + "markdownDescription": "The style targets options for subtotals.", + "title": "StyleTargets", + "type": "array" + }, + "TotalCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", + "markdownDescription": "The cell styling options for the subtotal cells.", + "title": "TotalCellStyle" + }, + "TotalsVisibility": { + "markdownDescription": "The visibility configuration for the subtotal cells.", + "title": "TotalsVisibility", + "type": "string" + }, + "ValueCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", + "markdownDescription": "The cell styling options for the subtotals of value cells.", + "title": "ValueCellStyle" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "GroupBy": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The group by field well for a pivot table. Values are grouped by group by fields.", + "title": "GroupBy", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The values field well for a pivot table. Values are aggregated based on group by fields.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableBorderOptions": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The color of a table border.", + "title": "Color", + "type": "string" + }, + "Style": { + "markdownDescription": "The style (none, solid) of a table border.", + "title": "Style", + "type": "string" + }, + "Thickness": { + "markdownDescription": "The thickness of a table border.", + "title": "Thickness", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableCellConditionalFormatting": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The field ID of the cell for conditional formatting.", + "title": "FieldId", + "type": "string" + }, + "TextFormat": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TextConditionalFormat", + "markdownDescription": "The text format of the cell for conditional formatting.", + "title": "TextFormat" + } + }, + "required": [ + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.TableCellImageSizingConfiguration": { + "additionalProperties": false, + "properties": { + "TableCellImageScalingConfiguration": { + "markdownDescription": "The cell scaling configuration of the sizing options for the table image configuration.", + "title": "TableCellImageScalingConfiguration", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableCellStyle": { + "additionalProperties": false, + "properties": { + "BackgroundColor": { + "markdownDescription": "The background color for the table cells.", + "title": "BackgroundColor", + "type": "string" + }, + "Border": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GlobalTableBorderOptions", + "markdownDescription": "The borders for the table cells.", + "title": "Border" + }, + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", + "markdownDescription": "The font configuration of the table cells.", + "title": "FontConfiguration" + }, + "Height": { + "markdownDescription": "The height color for the table cells.", + "title": "Height", + "type": "number" + }, + "HorizontalTextAlignment": { + "markdownDescription": "The horizontal text alignment (left, center, right, auto) for the table cells.", + "title": "HorizontalTextAlignment", + "type": "string" + }, + "TextWrap": { + "markdownDescription": "The text wrap (none, wrap) for the table cells.", + "title": "TextWrap", + "type": "string" + }, + "VerticalTextAlignment": { + "markdownDescription": "The vertical text alignment (top, middle, bottom) for the table cells.", + "title": "VerticalTextAlignment", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the table cells.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableConditionalFormatting": { + "additionalProperties": false, + "properties": { + "ConditionalFormattingOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableConditionalFormattingOption" + }, + "markdownDescription": "Conditional formatting options for a `PivotTableVisual` .", + "title": "ConditionalFormattingOptions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableConditionalFormattingOption": { + "additionalProperties": false, + "properties": { + "Cell": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellConditionalFormatting", + "markdownDescription": "The cell conditional formatting option for a table.", + "title": "Cell" + }, + "Row": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableRowConditionalFormatting", + "markdownDescription": "The row conditional formatting option for a table.", + "title": "Row" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableConfiguration": { + "additionalProperties": false, + "properties": { + "FieldOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldOptions", + "markdownDescription": "The field options for a table visual.", + "title": "FieldOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "PaginatedReportOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TablePaginatedReportOptions", + "markdownDescription": "The paginated report options for a table visual.", + "title": "PaginatedReportOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableSortConfiguration", + "markdownDescription": "The sort configuration for a `TableVisual` .", + "title": "SortConfiguration" + }, + "TableInlineVisualizations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableInlineVisualization" + }, + "markdownDescription": "A collection of inline visualizations to display within a chart.", + "title": "TableInlineVisualizations", + "type": "array" + }, + "TableOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableOptions", + "markdownDescription": "The table options for a table visual.", + "title": "TableOptions" + }, + "TotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TotalOptions", + "markdownDescription": "The total options for a table visual.", + "title": "TotalOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableFieldCustomIconContent": { + "additionalProperties": false, + "properties": { + "Icon": { + "markdownDescription": "The icon set type (link) of the custom icon content for table URL link content.", + "title": "Icon", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableFieldCustomTextContent": { + "additionalProperties": false, + "properties": { + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", + "markdownDescription": "The font configuration of the custom text content for the table URL link content.", + "title": "FontConfiguration" + }, + "Value": { + "markdownDescription": "The string value of the custom text content for the table URL link content.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "FontConfiguration" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.TableFieldImageConfiguration": { + "additionalProperties": false, + "properties": { + "SizingOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellImageSizingConfiguration", + "markdownDescription": "The sizing options for the table image configuration.", + "title": "SizingOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableFieldLinkConfiguration": { + "additionalProperties": false, + "properties": { + "Content": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldLinkContentConfiguration", + "markdownDescription": "The URL content (text, icon) for the table link configuration.", + "title": "Content" + }, + "Target": { + "markdownDescription": "The URL target (new tab, new window, same tab) for the table link configuration.", + "title": "Target", + "type": "string" + } + }, + "required": [ + "Content", + "Target" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.TableFieldLinkContentConfiguration": { + "additionalProperties": false, + "properties": { + "CustomIconContent": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldCustomIconContent", + "markdownDescription": "The custom icon content for the table link content configuration.", + "title": "CustomIconContent" + }, + "CustomTextContent": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldCustomTextContent", + "markdownDescription": "The custom text content (value, font configuration) for the table link content configuration.", + "title": "CustomTextContent" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableFieldOption": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The custom label for a table field.", + "title": "CustomLabel", + "type": "string" + }, + "FieldId": { + "markdownDescription": "The field ID for a table field.", + "title": "FieldId", + "type": "string" + }, + "URLStyling": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldURLConfiguration", + "markdownDescription": "The URL configuration for a table field.", + "title": "URLStyling" + }, + "Visibility": { + "markdownDescription": "The visibility of a table field.", + "title": "Visibility", + "type": "string" + }, + "Width": { + "markdownDescription": "The width for a table field.", + "title": "Width", + "type": "string" + } + }, + "required": [ + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.TableFieldOptions": { + "additionalProperties": false, + "properties": { + "Order": { + "items": { + "type": "string" + }, + "markdownDescription": "The order of the field IDs that are configured as field options for a table visual.", + "title": "Order", + "type": "array" + }, + "PinnedFieldOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TablePinnedFieldOptions", + "markdownDescription": "The settings for the pinned columns of a table visual.", + "title": "PinnedFieldOptions" + }, + "SelectedFieldOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldOption" + }, + "markdownDescription": "The field options to be configured to a table.", + "title": "SelectedFieldOptions", + "type": "array" + }, + "TransposedTableOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TransposedTableOption" + }, + "markdownDescription": "The `TableOptions` of a transposed table.", + "title": "TransposedTableOptions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableFieldURLConfiguration": { + "additionalProperties": false, + "properties": { + "ImageConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldImageConfiguration", + "markdownDescription": "The image configuration of a table field URL.", + "title": "ImageConfiguration" + }, + "LinkConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldLinkConfiguration", + "markdownDescription": "The link configuration of a table field URL.", + "title": "LinkConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableFieldWells": { + "additionalProperties": false, + "properties": { + "TableAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableAggregatedFieldWells", + "markdownDescription": "The aggregated field well for the table.", + "title": "TableAggregatedFieldWells" + }, + "TableUnaggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableUnaggregatedFieldWells", + "markdownDescription": "The unaggregated field well for the table.", + "title": "TableUnaggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableInlineVisualization": { + "additionalProperties": false, + "properties": { + "DataBars": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataBarsOptions", + "markdownDescription": "The configuration of the inline visualization of the data bars within a chart.", + "title": "DataBars" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableOptions": { + "additionalProperties": false, + "properties": { + "CellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", + "markdownDescription": "The table cell style of table cells.", + "title": "CellStyle" + }, + "HeaderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", + "markdownDescription": "The table cell style of a table header.", + "title": "HeaderStyle" + }, + "Orientation": { + "markdownDescription": "The orientation (vertical, horizontal) for a table.", + "title": "Orientation", + "type": "string" + }, + "RowAlternateColorOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.RowAlternateColorOptions", + "markdownDescription": "The row alternate color options (widget status, row alternate colors) for a table.", + "title": "RowAlternateColorOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TablePaginatedReportOptions": { + "additionalProperties": false, + "properties": { + "OverflowColumnHeaderVisibility": { + "markdownDescription": "The visibility of repeating header rows on each page.", + "title": "OverflowColumnHeaderVisibility", + "type": "string" + }, + "VerticalOverflowVisibility": { + "markdownDescription": "The visibility of printing table overflow across pages.", + "title": "VerticalOverflowVisibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TablePinnedFieldOptions": { + "additionalProperties": false, + "properties": { + "PinnedLeftFields": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of columns to be pinned to the left of a table visual.", + "title": "PinnedLeftFields", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableRowConditionalFormatting": { + "additionalProperties": false, + "properties": { + "BackgroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting color (solid, gradient) of the background for a table row.", + "title": "BackgroundColor" + }, + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting color (solid, gradient) of the text for a table row.", + "title": "TextColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableSideBorderOptions": { + "additionalProperties": false, + "properties": { + "Bottom": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", + "markdownDescription": "The table border options of the bottom border.", + "title": "Bottom" + }, + "InnerHorizontal": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", + "markdownDescription": "The table border options of the inner horizontal border.", + "title": "InnerHorizontal" + }, + "InnerVertical": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", + "markdownDescription": "The table border options of the inner vertical border.", + "title": "InnerVertical" + }, + "Left": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", + "markdownDescription": "The table border options of the left border.", + "title": "Left" + }, + "Right": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", + "markdownDescription": "The table border options of the right border.", + "title": "Right" + }, + "Top": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", + "markdownDescription": "The table border options of the top border.", + "title": "Top" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableSortConfiguration": { + "additionalProperties": false, + "properties": { + "PaginationConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PaginationConfiguration", + "markdownDescription": "The pagination configuration (page size, page number) for the table.", + "title": "PaginationConfiguration" + }, + "RowSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + }, + "markdownDescription": "The field sort options for rows in the table.", + "title": "RowSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableStyleTarget": { + "additionalProperties": false, + "properties": { + "CellType": { + "markdownDescription": "The cell type of the table style target.", + "title": "CellType", + "type": "string" + } + }, + "required": [ + "CellType" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.TableUnaggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.UnaggregatedField" + }, + "markdownDescription": "The values field well for a pivot table. Values are unaggregated for an unaggregated table.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ConditionalFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableConditionalFormatting", + "markdownDescription": "The conditional formatting for a `PivotTableVisual` .", + "title": "ConditionalFormatting" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.TextAreaControlDisplayOptions": { + "additionalProperties": false, + "properties": { + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "PlaceholderOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TextControlPlaceholderOptions", + "markdownDescription": "The configuration of the placeholder options in a text area control.", + "title": "PlaceholderOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TextConditionalFormat": { + "additionalProperties": false, + "properties": { + "BackgroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting for the text background color.", + "title": "BackgroundColor" + }, + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting for the icon.", + "title": "Icon" + }, + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting for the text color.", + "title": "TextColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TextControlPlaceholderOptions": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility configuration of the placeholder options in a text control.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TextFieldControlDisplayOptions": { + "additionalProperties": false, + "properties": { + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "PlaceholderOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TextControlPlaceholderOptions", + "markdownDescription": "The configuration of the placeholder options in a text field control.", + "title": "PlaceholderOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ThousandSeparatorOptions": { + "additionalProperties": false, + "properties": { + "GroupingStyle": { + "markdownDescription": "Determines the way numbers are styled to accommodate different readability standards. The `DEFAULT` value uses the standard international grouping system and groups numbers by the thousands. The `LAKHS` value uses the Indian numbering system and groups numbers by lakhs and crores.", + "title": "GroupingStyle", + "type": "string" + }, + "Symbol": { + "markdownDescription": "Determines the thousands separator symbol.", + "title": "Symbol", + "type": "string" + }, + "Visibility": { + "markdownDescription": "Determines the visibility of the thousands separator.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TimeBasedForecastProperties": { + "additionalProperties": false, + "properties": { + "LowerBoundary": { + "markdownDescription": "The lower boundary setup of a forecast computation.", + "title": "LowerBoundary", + "type": "number" + }, + "PeriodsBackward": { + "markdownDescription": "The periods backward setup of a forecast computation.", + "title": "PeriodsBackward", + "type": "number" + }, + "PeriodsForward": { + "markdownDescription": "The periods forward setup of a forecast computation.", + "title": "PeriodsForward", + "type": "number" + }, + "PredictionInterval": { + "markdownDescription": "The prediction interval setup of a forecast computation.", + "title": "PredictionInterval", + "type": "number" + }, + "Seasonality": { + "markdownDescription": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `NULL` : The input is set to `NULL` .\n- `NON_NULL` : The input is set to a custom value.", + "title": "Seasonality", + "type": "number" + }, + "UpperBoundary": { + "markdownDescription": "The upper boundary setup of a forecast computation.", + "title": "UpperBoundary", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TimeEqualityFilter": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + }, + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `Value` and `RollingDate` .", + "title": "ParameterName", + "type": "string" + }, + "RollingDate": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.RollingDateConfiguration", + "markdownDescription": "The rolling date input for the `TimeEquality` filter.\n\nThis field is mutually exclusive to `Value` and `ParameterName` .", + "title": "RollingDate" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of a `TimeEquality` filter.\n\nThis field is mutually exclusive to `RollingDate` and `ParameterName` .", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Column", + "FilterId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.TimeRangeDrillDownFilter": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "RangeMaximum": { + "markdownDescription": "The maximum value for the filter value range.", + "title": "RangeMaximum", + "type": "string" + }, + "RangeMinimum": { + "markdownDescription": "The minimum value for the filter value range.", + "title": "RangeMinimum", + "type": "string" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" + } + }, + "required": [ + "Column", + "RangeMaximum", + "RangeMinimum", + "TimeGranularity" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.TimeRangeFilter": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "ExcludePeriodConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ExcludePeriodConfiguration", + "markdownDescription": "The exclude period of the time range filter.", + "title": "ExcludePeriodConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + }, + "IncludeMaximum": { + "markdownDescription": "Determines whether the maximum value in the filter value range should be included in the filtered results.", + "title": "IncludeMaximum", + "type": "boolean" + }, + "IncludeMinimum": { + "markdownDescription": "Determines whether the minimum value in the filter value range should be included in the filtered results.", + "title": "IncludeMinimum", + "type": "boolean" + }, + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" + }, + "RangeMaximumValue": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TimeRangeFilterValue", + "markdownDescription": "The maximum value for the filter value range.", + "title": "RangeMaximumValue" + }, + "RangeMinimumValue": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TimeRangeFilterValue", + "markdownDescription": "The minimum value for the filter value range.", + "title": "RangeMinimumValue" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" + } + }, + "required": [ + "Column", + "FilterId", + "NullOption" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.TimeRangeFilterValue": { + "additionalProperties": false, + "properties": { + "Parameter": { + "markdownDescription": "The parameter type input value.", + "title": "Parameter", + "type": "string" + }, + "RollingDate": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.RollingDateConfiguration", + "markdownDescription": "The rolling date input value.", + "title": "RollingDate" + }, + "StaticValue": { + "markdownDescription": "The static input value.", + "title": "StaticValue", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TooltipItem": { + "additionalProperties": false, + "properties": { + "ColumnTooltipItem": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnTooltipItem", + "markdownDescription": "The tooltip item for the columns that are not part of a field well.", + "title": "ColumnTooltipItem" + }, + "FieldTooltipItem": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldTooltipItem", + "markdownDescription": "The tooltip item for the fields.", + "title": "FieldTooltipItem" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TooltipOptions": { + "additionalProperties": false, + "properties": { + "FieldBasedTooltip": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldBasedTooltip", + "markdownDescription": "The setup for the detailed tooltip. The tooltip setup is always saved. The display type is decided based on the tooltip type.", + "title": "FieldBasedTooltip" + }, + "SelectedTooltipType": { + "markdownDescription": "The selected type for the tooltip. Choose one of the following options:\n\n- `BASIC` : A basic tooltip.\n- `DETAILED` : A detailed tooltip.", + "title": "SelectedTooltipType", + "type": "string" + }, + "TooltipVisibility": { + "markdownDescription": "Determines whether or not the tooltip is visible.", + "title": "TooltipVisibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TopBottomFilter": { + "additionalProperties": false, + "properties": { + "AggregationSortConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationSortConfiguration" + }, + "markdownDescription": "The aggregation and sort configuration of the top bottom filter.", + "title": "AggregationSortConfigurations", + "type": "array" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + }, + "Limit": { + "markdownDescription": "The number of items to include in the top bottom filter results.", + "title": "Limit", + "type": "number" + }, + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.", + "title": "ParameterName", + "type": "string" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" + } + }, + "required": [ + "AggregationSortConfigurations", + "Column", + "FilterId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.TopBottomMoversComputation": { + "additionalProperties": false, + "properties": { + "Category": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", + "markdownDescription": "The category field that is used in a computation.", + "title": "Category" + }, + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "MoverSize": { + "markdownDescription": "The mover size setup of the top and bottom movers computation.", + "title": "MoverSize", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "SortOrder": { + "markdownDescription": "The sort order setup of the top and bottom movers computation.", + "title": "SortOrder", + "type": "string" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + }, + "Type": { + "markdownDescription": "The computation type. Choose from the following options:\n\n- TOP: Top movers computation.\n- BOTTOM: Bottom movers computation.", + "title": "Type", + "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" + } + }, + "required": [ + "ComputationId", + "Type" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.TopBottomRankedComputation": { + "additionalProperties": false, + "properties": { + "Category": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", + "markdownDescription": "The category field that is used in a computation.", + "title": "Category" + }, + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "ResultSize": { + "markdownDescription": "The result size of a top and bottom ranked computation.", + "title": "ResultSize", + "type": "number" + }, + "Type": { + "markdownDescription": "The computation type. Choose one of the following options:\n\n- TOP: A top ranked computation.\n- BOTTOM: A bottom ranked computation.", + "title": "Type", + "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" + } + }, + "required": [ + "ComputationId", + "Type" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.TotalAggregationComputation": { + "additionalProperties": false, + "properties": { + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" + } + }, + "required": [ + "ComputationId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.TotalAggregationFunction": { + "additionalProperties": false, + "properties": { + "SimpleTotalAggregationFunction": { + "markdownDescription": "A built in aggregation function for total values.", + "title": "SimpleTotalAggregationFunction", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TotalAggregationOption": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The field id that's associated with the total aggregation option.", + "title": "FieldId", + "type": "string" + }, + "TotalAggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TotalAggregationFunction", + "markdownDescription": "The total aggregation function that you want to set for a specified field id.", + "title": "TotalAggregationFunction" + } + }, + "required": [ + "FieldId", + "TotalAggregationFunction" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.TotalOptions": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The custom label string for the total cells.", + "title": "CustomLabel", + "type": "string" + }, + "Placement": { + "markdownDescription": "The placement (start, end) for the total cells.", + "title": "Placement", + "type": "string" + }, + "ScrollStatus": { + "markdownDescription": "The scroll status (pinned, scrolled) for the total cells.", + "title": "ScrollStatus", + "type": "string" + }, + "TotalAggregationOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TotalAggregationOption" + }, + "markdownDescription": "The total aggregation settings for each value field.", + "title": "TotalAggregationOptions", + "type": "array" + }, + "TotalCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", + "markdownDescription": "Cell styling options for the total cells.", + "title": "TotalCellStyle" + }, + "TotalsVisibility": { + "markdownDescription": "The visibility configuration for the total cells.", + "title": "TotalsVisibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TransposedTableOption": { + "additionalProperties": false, + "properties": { + "ColumnIndex": { + "markdownDescription": "The index of a columns in a transposed table. The index range is 0-9999.", + "title": "ColumnIndex", + "type": "number" + }, + "ColumnType": { + "markdownDescription": "The column type of the column in a transposed table. Choose one of the following options:\n\n- `ROW_HEADER_COLUMN` : Refers to the leftmost column of the row header in the transposed table.\n- `VALUE_COLUMN` : Refers to all value columns in the transposed table.", + "title": "ColumnType", + "type": "string" + }, + "ColumnWidth": { + "markdownDescription": "The width of a column in a transposed table.", + "title": "ColumnWidth", + "type": "string" + } + }, + "required": [ + "ColumnType" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.TreeMapAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The color field well of a tree map. Values are grouped by aggregations based on group by fields.", + "title": "Colors", + "type": "array" + }, + "Groups": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The group by field well of a tree map. Values are grouped based on group by fields.", + "title": "Groups", + "type": "array" + }, + "Sizes": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The size field well of a tree map. Values are aggregated based on group by fields.", + "title": "Sizes", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TreeMapConfiguration": { + "additionalProperties": false, + "properties": { + "ColorLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility) for the colors displayed in a tree map.", + "title": "ColorLabelOptions" + }, + "ColorScale": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColorScale", + "markdownDescription": "The color options (gradient color, point of divergence) of a tree map.", + "title": "ColorScale" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.", + "title": "DataLabels" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TreeMapFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "GroupLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility) of the groups that are displayed in a tree map.", + "title": "GroupLabelOptions" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "SizeLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility) of the sizes that are displayed in a tree map.", + "title": "SizeLabelOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TreeMapSortConfiguration", + "markdownDescription": "The sort configuration of a tree map.", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TreeMapFieldWells": { + "additionalProperties": false, + "properties": { + "TreeMapAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TreeMapAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a tree map.", + "title": "TreeMapAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TreeMapSortConfiguration": { + "additionalProperties": false, + "properties": { + "TreeMapGroupItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of groups that are displayed.", + "title": "TreeMapGroupItemsLimitConfiguration" + }, + "TreeMapSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of group by fields.", + "title": "TreeMapSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TreeMapVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TreeMapConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.TrendArrowOptions": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility of the trend arrows.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.UnaggregatedField": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that is used in the `UnaggregatedField` .", + "title": "Column" + }, + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" + } + }, + "required": [ + "Column", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.UniqueValuesComputation": { + "additionalProperties": false, + "properties": { + "Category": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", + "markdownDescription": "The category field that is used in a computation.", + "title": "Category" + }, + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "ComputationId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.ValidationStrategy": { + "additionalProperties": false, + "properties": { + "Mode": { + "markdownDescription": "The mode of validation for the asset to be created or updated. When you set this value to `STRICT` , strict validation for every error is enforced. When you set this value to `LENIENT` , validation is skipped for specific UI errors.", + "title": "Mode", + "type": "string" + } + }, + "required": [ + "Mode" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.VisibleRangeOptions": { + "additionalProperties": false, + "properties": { + "PercentRange": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PercentVisibleRange", + "markdownDescription": "The percent range in the visible range.", + "title": "PercentRange" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.Visual": { + "additionalProperties": false, + "properties": { + "BarChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BarChartVisual", + "markdownDescription": "A bar chart.\n\nFor more information, see [Using bar charts](https://docs.aws.amazon.com/quicksight/latest/user/bar-charts.html) in the *Amazon QuickSight User Guide* .", + "title": "BarChartVisual" + }, + "BoxPlotVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotVisual", + "markdownDescription": "A box plot.\n\nFor more information, see [Using box plots](https://docs.aws.amazon.com/quicksight/latest/user/box-plots.html) in the *Amazon QuickSight User Guide* .", + "title": "BoxPlotVisual" + }, + "ComboChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ComboChartVisual", + "markdownDescription": "A combo chart.\n\nFor more information, see [Using combo charts](https://docs.aws.amazon.com/quicksight/latest/user/combo-charts.html) in the *Amazon QuickSight User Guide* .", + "title": "ComboChartVisual" + }, + "CustomContentVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomContentVisual", + "markdownDescription": "A visual that contains custom content.\n\nFor more information, see [Using custom visual content](https://docs.aws.amazon.com/quicksight/latest/user/custom-visual-content.html) in the *Amazon QuickSight User Guide* .", + "title": "CustomContentVisual" + }, + "EmptyVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.EmptyVisual", + "markdownDescription": "An empty visual.", + "title": "EmptyVisual" + }, + "FilledMapVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapVisual", + "markdownDescription": "A filled map.\n\nFor more information, see [Creating filled maps](https://docs.aws.amazon.com/quicksight/latest/user/filled-maps.html) in the *Amazon QuickSight User Guide* .", + "title": "FilledMapVisual" + }, + "FunnelChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FunnelChartVisual", + "markdownDescription": "A funnel chart.\n\nFor more information, see [Using funnel charts](https://docs.aws.amazon.com/quicksight/latest/user/funnel-visual-content.html) in the *Amazon QuickSight User Guide* .", + "title": "FunnelChartVisual" + }, + "GaugeChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartVisual", + "markdownDescription": "A gauge chart.\n\nFor more information, see [Using gauge charts](https://docs.aws.amazon.com/quicksight/latest/user/gauge-chart.html) in the *Amazon QuickSight User Guide* .", + "title": "GaugeChartVisual" + }, + "GeospatialMapVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapVisual", + "markdownDescription": "A geospatial map or a points on map visual.\n\nFor more information, see [Creating point maps](https://docs.aws.amazon.com/quicksight/latest/user/point-maps.html) in the *Amazon QuickSight User Guide* .", + "title": "GeospatialMapVisual" + }, + "HeatMapVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.HeatMapVisual", + "markdownDescription": "A heat map.\n\nFor more information, see [Using heat maps](https://docs.aws.amazon.com/quicksight/latest/user/heat-map.html) in the *Amazon QuickSight User Guide* .", + "title": "HeatMapVisual" + }, + "HistogramVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.HistogramVisual", + "markdownDescription": "A histogram.\n\nFor more information, see [Using histograms](https://docs.aws.amazon.com/quicksight/latest/user/histogram-charts.html) in the *Amazon QuickSight User Guide* .", + "title": "HistogramVisual" + }, + "InsightVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.InsightVisual", + "markdownDescription": "An insight visual.\n\nFor more information, see [Working with insights](https://docs.aws.amazon.com/quicksight/latest/user/computational-insights.html) in the *Amazon QuickSight User Guide* .", + "title": "InsightVisual" + }, + "KPIVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIVisual", + "markdownDescription": "A key performance indicator (KPI).\n\nFor more information, see [Using KPIs](https://docs.aws.amazon.com/quicksight/latest/user/kpi.html) in the *Amazon QuickSight User Guide* .", + "title": "KPIVisual" + }, + "LayerMapVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LayerMapVisual", + "markdownDescription": "The properties for a layer map visual", + "title": "LayerMapVisual" + }, + "LineChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartVisual", + "markdownDescription": "A line chart.\n\nFor more information, see [Using line charts](https://docs.aws.amazon.com/quicksight/latest/user/line-charts.html) in the *Amazon QuickSight User Guide* .", + "title": "LineChartVisual" + }, + "PieChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PieChartVisual", + "markdownDescription": "A pie or donut chart.\n\nFor more information, see [Using pie charts](https://docs.aws.amazon.com/quicksight/latest/user/pie-chart.html) in the *Amazon QuickSight User Guide* .", + "title": "PieChartVisual" + }, + "PivotTableVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableVisual", + "markdownDescription": "A pivot table.\n\nFor more information, see [Using pivot tables](https://docs.aws.amazon.com/quicksight/latest/user/pivot-table.html) in the *Amazon QuickSight User Guide* .", + "title": "PivotTableVisual" + }, + "PluginVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PluginVisual", + "markdownDescription": "The custom plugin visual type.", + "title": "PluginVisual" + }, + "RadarChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartVisual", + "markdownDescription": "A radar chart visual.\n\nFor more information, see [Using radar charts](https://docs.aws.amazon.com/quicksight/latest/user/radar-chart.html) in the *Amazon QuickSight User Guide* .", + "title": "RadarChartVisual" + }, + "SankeyDiagramVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SankeyDiagramVisual", + "markdownDescription": "A sankey diagram.\n\nFor more information, see [Using Sankey diagrams](https://docs.aws.amazon.com/quicksight/latest/user/sankey-diagram.html) in the *Amazon QuickSight User Guide* .", + "title": "SankeyDiagramVisual" + }, + "ScatterPlotVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ScatterPlotVisual", + "markdownDescription": "A scatter plot.\n\nFor more information, see [Using scatter plots](https://docs.aws.amazon.com/quicksight/latest/user/scatter-plot.html) in the *Amazon QuickSight User Guide* .", + "title": "ScatterPlotVisual" + }, + "TableVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableVisual", + "markdownDescription": "A table visual.\n\nFor more information, see [Using tables as visuals](https://docs.aws.amazon.com/quicksight/latest/user/tabular.html) in the *Amazon QuickSight User Guide* .", + "title": "TableVisual" + }, + "TreeMapVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TreeMapVisual", + "markdownDescription": "A tree map.\n\nFor more information, see [Using tree maps](https://docs.aws.amazon.com/quicksight/latest/user/tree-map.html) in the *Amazon QuickSight User Guide* .", + "title": "TreeMapVisual" + }, + "WaterfallVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallVisual", + "markdownDescription": "A waterfall chart.\n\nFor more information, see [Using waterfall charts](https://docs.aws.amazon.com/quicksight/latest/user/waterfall-chart.html) in the *Amazon QuickSight User Guide* .", + "title": "WaterfallVisual" + }, + "WordCloudVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.WordCloudVisual", + "markdownDescription": "A word cloud.\n\nFor more information, see [Using word clouds](https://docs.aws.amazon.com/quicksight/latest/user/word-cloud.html) in the *Amazon QuickSight User Guide* .", + "title": "WordCloudVisual" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.VisualCustomAction": { + "additionalProperties": false, + "properties": { + "ActionOperations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomActionOperation" + }, + "markdownDescription": "A list of `VisualCustomActionOperations` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", + "title": "ActionOperations", + "type": "array" + }, + "CustomActionId": { + "markdownDescription": "The ID of the `VisualCustomAction` .", + "title": "CustomActionId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the `VisualCustomAction` .", + "title": "Name", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the `VisualCustomAction` .", + "title": "Status", + "type": "string" + }, + "Trigger": { + "markdownDescription": "The trigger of the `VisualCustomAction` .\n\nValid values are defined as follows:\n\n- `DATA_POINT_CLICK` : Initiates a custom action by a left pointer click on a data point.\n- `DATA_POINT_MENU` : Initiates a custom action by right pointer click from the menu.", + "title": "Trigger", + "type": "string" + } + }, + "required": [ + "ActionOperations", + "CustomActionId", + "Name", + "Trigger" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.VisualCustomActionOperation": { + "additionalProperties": false, + "properties": { + "FilterOperation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionFilterOperation", + "markdownDescription": "The filter operation that filters data included in a visual or in an entire sheet.", + "title": "FilterOperation" + }, + "NavigationOperation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionNavigationOperation", + "markdownDescription": "The navigation operation that navigates between different sheets in the same analysis.", + "title": "NavigationOperation" + }, + "SetParametersOperation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionSetParametersOperation", + "markdownDescription": "The set parameter operation that sets parameters in custom action.", + "title": "SetParametersOperation" + }, + "URLOperation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionURLOperation", + "markdownDescription": "The URL operation that opens a link to another webpage.", + "title": "URLOperation" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.VisualInteractionOptions": { + "additionalProperties": false, + "properties": { + "ContextMenuOption": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ContextMenuOption", + "markdownDescription": "The context menu options for a visual.", + "title": "ContextMenuOption" + }, + "VisualMenuOption": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualMenuOption", + "markdownDescription": "The on-visual menu options for a visual.", + "title": "VisualMenuOption" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.VisualMenuOption": { + "additionalProperties": false, + "properties": { + "AvailabilityStatus": { + "markdownDescription": "The availaiblity status of a visual's menu options.", + "title": "AvailabilityStatus", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.VisualPalette": { + "additionalProperties": false, + "properties": { + "ChartColor": { + "markdownDescription": "The chart color options for the visual palette.", + "title": "ChartColor", + "type": "string" + }, + "ColorMap": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathColor" + }, + "markdownDescription": "The color map options for the visual palette.", + "title": "ColorMap", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.VisualSubtitleLabelOptions": { + "additionalProperties": false, + "properties": { + "FormatText": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LongFormatText", + "markdownDescription": "The long text format of the subtitle label, such as plain text or rich text.", + "title": "FormatText" + }, + "Visibility": { + "markdownDescription": "The visibility of the subtitle label.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.VisualTitleLabelOptions": { + "additionalProperties": false, + "properties": { + "FormatText": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ShortFormatText", + "markdownDescription": "The short text format of the title label, such as plain text or rich text.", + "title": "FormatText" + }, + "Visibility": { + "markdownDescription": "The visibility of the title label.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.WaterfallChartAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Breakdowns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The breakdown field wells of a waterfall visual.", + "title": "Breakdowns", + "type": "array" + }, + "Categories": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The category field wells of a waterfall visual.", + "title": "Categories", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The value field wells of a waterfall visual.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.WaterfallChartColorConfiguration": { + "additionalProperties": false, + "properties": { + "GroupColorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallChartGroupColorConfiguration", + "markdownDescription": "The color configuration for individual groups within a waterfall visual.", + "title": "GroupColorConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.WaterfallChartConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the category axis.", + "title": "CategoryAxisDisplayOptions" + }, + "CategoryAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the category axis label.", + "title": "CategoryAxisLabelOptions" + }, + "ColorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallChartColorConfiguration", + "markdownDescription": "The color configuration of a waterfall visual.", + "title": "ColorConfiguration" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", + "markdownDescription": "The data label configuration of a waterfall visual.", + "title": "DataLabels" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallChartFieldWells", + "markdownDescription": "The field well configuration of a waterfall visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", + "markdownDescription": "The legend configuration of a waterfall visual.", + "title": "Legend" + }, + "PrimaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the y-axis.", + "title": "PrimaryYAxisDisplayOptions" + }, + "PrimaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the y-axis label.", + "title": "PrimaryYAxisLabelOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallChartSortConfiguration", + "markdownDescription": "The sort configuration of a waterfall visual.", + "title": "SortConfiguration" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", + "markdownDescription": "The visual palette configuration of a waterfall visual.", + "title": "VisualPalette" + }, + "WaterfallChartOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallChartOptions", + "markdownDescription": "The options that determine the presentation of a waterfall visual.", + "title": "WaterfallChartOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.WaterfallChartFieldWells": { + "additionalProperties": false, + "properties": { + "WaterfallChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallChartAggregatedFieldWells", + "markdownDescription": "The field well configuration of a waterfall visual.", + "title": "WaterfallChartAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.WaterfallChartGroupColorConfiguration": { + "additionalProperties": false, + "properties": { + "NegativeBarColor": { + "markdownDescription": "Defines the color for the negative bars of a waterfall chart.", + "title": "NegativeBarColor", + "type": "string" + }, + "PositiveBarColor": { + "markdownDescription": "Defines the color for the positive bars of a waterfall chart.", + "title": "PositiveBarColor", + "type": "string" + }, + "TotalBarColor": { + "markdownDescription": "Defines the color for the total bars of a waterfall chart.", + "title": "TotalBarColor", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.WaterfallChartOptions": { + "additionalProperties": false, + "properties": { + "TotalBarLabel": { + "markdownDescription": "This option determines the total bar label of a waterfall visual.", + "title": "TotalBarLabel", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.WaterfallChartSortConfiguration": { + "additionalProperties": false, + "properties": { + "BreakdownItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of bar groups that are displayed.", + "title": "BreakdownItemsLimit" + }, + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the category fields.", + "title": "CategorySort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.WaterfallVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallChartConfiguration", + "markdownDescription": "The configuration for a waterfall visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.WhatIfPointScenario": { + "additionalProperties": false, + "properties": { + "Date": { + "markdownDescription": "The date that you need the forecast results for.", + "title": "Date", + "type": "string" + }, + "Value": { + "markdownDescription": "The target value that you want to meet for the provided date.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "Date", + "Value" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.WhatIfRangeScenario": { + "additionalProperties": false, + "properties": { + "EndDate": { + "markdownDescription": "The end date in the date range that you need the forecast results for.", + "title": "EndDate", + "type": "string" + }, + "StartDate": { + "markdownDescription": "The start date in the date range that you need the forecast results for.", + "title": "StartDate", + "type": "string" + }, + "Value": { + "markdownDescription": "The target value that you want to meet for the provided date range.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "EndDate", + "StartDate", + "Value" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.WordCloudAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "GroupBy": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The group by field well of a word cloud. Values are grouped by group by fields.", + "title": "GroupBy", + "type": "array" + }, + "Size": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The size field well of a word cloud. Values are aggregated based on group by fields.", + "title": "Size", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.WordCloudChartConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) for the word cloud category.", + "title": "CategoryLabelOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.WordCloudFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.WordCloudSortConfiguration", + "markdownDescription": "The sort configuration of a word cloud visual.", + "title": "SortConfiguration" + }, + "WordCloudOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.WordCloudOptions", + "markdownDescription": "The options for a word cloud visual.", + "title": "WordCloudOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.WordCloudFieldWells": { + "additionalProperties": false, + "properties": { + "WordCloudAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.WordCloudAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a word cloud.", + "title": "WordCloudAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.WordCloudOptions": { + "additionalProperties": false, + "properties": { + "CloudLayout": { + "markdownDescription": "The cloud layout options (fluid, normal) of a word cloud.", + "title": "CloudLayout", + "type": "string" + }, + "MaximumStringLength": { + "markdownDescription": "The length limit of each word from 1-100.", + "title": "MaximumStringLength", + "type": "number" + }, + "WordCasing": { + "markdownDescription": "The word casing options (lower_case, existing_case) for the words in a word cloud.", + "title": "WordCasing", + "type": "string" + }, + "WordOrientation": { + "markdownDescription": "The word orientation options (horizontal, horizontal_and_vertical) for the words in a word cloud.", + "title": "WordOrientation", + "type": "string" + }, + "WordPadding": { + "markdownDescription": "The word padding options (none, small, medium, large) for the words in a word cloud.", + "title": "WordPadding", + "type": "string" + }, + "WordScaling": { + "markdownDescription": "The word scaling options (emphasize, normal) for the words in a word cloud.", + "title": "WordScaling", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.WordCloudSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of groups that are displayed in a word cloud.", + "title": "CategoryItemsLimit" + }, + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of group by fields.", + "title": "CategorySort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.WordCloudVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.WordCloudChartConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.YAxisOptions": { + "additionalProperties": false, + "properties": { + "YAxis": { + "markdownDescription": "The Y axis type to be used in the chart.\n\nIf you choose `PRIMARY_Y_AXIS` , the primary Y Axis is located on the leftmost vertical axis of the chart.", + "title": "YAxis", + "type": "string" + } + }, + "required": [ + "YAxis" + ], + "type": "object" + }, + "AWS::QuickSight::CustomPermissions": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AwsAccountId": { + "markdownDescription": "The ID of the AWS account that contains the custom permission configuration that you want to update.", + "title": "AwsAccountId", + "type": "string" + }, + "Capabilities": { + "$ref": "#/definitions/AWS::QuickSight::CustomPermissions.Capabilities", + "markdownDescription": "A set of actions in the custom permissions profile.", + "title": "Capabilities" + }, + "CustomPermissionsName": { + "markdownDescription": "The name of the custom permissions profile.", + "title": "CustomPermissionsName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to associate with the custom permissions profile.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "AwsAccountId", + "CustomPermissionsName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QuickSight::CustomPermissions" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::QuickSight::CustomPermissions.Capabilities": { + "additionalProperties": false, + "properties": { + "AddOrRunAnomalyDetectionForAnalyses": { + "markdownDescription": "The ability to add or run anomaly detection.", + "title": "AddOrRunAnomalyDetectionForAnalyses", + "type": "string" + }, + "CreateAndUpdateDashboardEmailReports": { + "markdownDescription": "The ability to create and update email reports.", + "title": "CreateAndUpdateDashboardEmailReports", + "type": "string" + }, + "CreateAndUpdateDataSources": { + "markdownDescription": "The ability to create and update data sources.", + "title": "CreateAndUpdateDataSources", + "type": "string" + }, + "CreateAndUpdateDatasets": { + "markdownDescription": "The ability to create and update datasets.", + "title": "CreateAndUpdateDatasets", + "type": "string" + }, + "CreateAndUpdateThemes": { + "markdownDescription": "The ability to export to Create and Update themes.", + "title": "CreateAndUpdateThemes", + "type": "string" + }, + "CreateAndUpdateThresholdAlerts": { + "markdownDescription": "The ability to create and update threshold alerts.", + "title": "CreateAndUpdateThresholdAlerts", + "type": "string" + }, + "CreateSPICEDataset": { + "markdownDescription": "The ability to create a SPICE dataset.", + "title": "CreateSPICEDataset", + "type": "string" + }, + "CreateSharedFolders": { + "markdownDescription": "The ability to create shared folders.", + "title": "CreateSharedFolders", + "type": "string" + }, + "ExportToCsv": { + "markdownDescription": "The ability to export to CSV files from the UI.", + "title": "ExportToCsv", + "type": "string" + }, + "ExportToCsvInScheduledReports": { + "markdownDescription": "The ability to export to CSV files in scheduled email reports.", + "title": "ExportToCsvInScheduledReports", + "type": "string" + }, + "ExportToExcel": { + "markdownDescription": "The ability to export to Excel files from the UI.", + "title": "ExportToExcel", + "type": "string" + }, + "ExportToExcelInScheduledReports": { + "markdownDescription": "The ability to export to Excel files in scheduled email reports.", + "title": "ExportToExcelInScheduledReports", + "type": "string" + }, + "ExportToPdf": { + "markdownDescription": "The ability to export to PDF files from the UI.", + "title": "ExportToPdf", + "type": "string" + }, + "ExportToPdfInScheduledReports": { + "markdownDescription": "The ability to export to PDF files in scheduled email reports.", + "title": "ExportToPdfInScheduledReports", + "type": "string" + }, + "IncludeContentInScheduledReportsEmail": { + "markdownDescription": "The ability to include content in scheduled email reports.", + "title": "IncludeContentInScheduledReportsEmail", + "type": "string" + }, + "PrintReports": { + "markdownDescription": "The ability to print reports.", + "title": "PrintReports", + "type": "string" + }, + "RenameSharedFolders": { + "markdownDescription": "The ability to rename shared folders.", + "title": "RenameSharedFolders", + "type": "string" + }, + "ShareAnalyses": { + "markdownDescription": "The ability to share analyses.", + "title": "ShareAnalyses", + "type": "string" + }, + "ShareDashboards": { + "markdownDescription": "The ability to share dashboards.", + "title": "ShareDashboards", + "type": "string" + }, + "ShareDataSources": { + "markdownDescription": "The ability to share data sources.", + "title": "ShareDataSources", + "type": "string" + }, + "ShareDatasets": { + "markdownDescription": "The ability to share datasets.", + "title": "ShareDatasets", + "type": "string" + }, + "SubscribeDashboardEmailReports": { + "markdownDescription": "The ability to subscribe to email reports.", + "title": "SubscribeDashboardEmailReports", + "type": "string" + }, + "ViewAccountSPICECapacity": { + "markdownDescription": "The ability to view account SPICE capacity.", + "title": "ViewAccountSPICECapacity", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AwsAccountId": { + "markdownDescription": "The ID of the AWS account where you want to create the dashboard.", + "title": "AwsAccountId", + "type": "string" + }, + "DashboardId": { + "markdownDescription": "The ID for the dashboard, also added to the IAM policy.", + "title": "DashboardId", + "type": "string" + }, + "DashboardPublishOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DashboardPublishOptions", + "markdownDescription": "Options for publishing the dashboard when you create it:\n\n- `AvailabilityStatus` for `AdHocFilteringOption` - This status can be either `ENABLED` or `DISABLED` . When this is set to `DISABLED` , Amazon QuickSight disables the left filter pane on the published dashboard, which can be used for ad hoc (one-time) filtering. This option is `ENABLED` by default.\n- `AvailabilityStatus` for `ExportToCSVOption` - This status can be either `ENABLED` or `DISABLED` . The visual option to export data to .CSV format isn't enabled when this is set to `DISABLED` . This option is `ENABLED` by default.\n- `VisibilityState` for `SheetControlsOption` - This visibility state can be either `COLLAPSED` or `EXPANDED` . This option is `COLLAPSED` by default.", + "title": "DashboardPublishOptions" + }, + "Definition": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DashboardVersionDefinition", + "markdownDescription": "", + "title": "Definition" + }, + "FolderArns": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "FolderArns", + "type": "array" + }, + "LinkEntities": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of analysis Amazon Resource Names (ARNs) to be linked to the dashboard.", + "title": "LinkEntities", + "type": "array" + }, + "LinkSharingConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LinkSharingConfiguration", + "markdownDescription": "A structure that contains the link sharing configurations that you want to apply overrides to.", + "title": "LinkSharingConfiguration" + }, + "Name": { + "markdownDescription": "The display name of the dashboard.", + "title": "Name", + "type": "string" + }, + "Parameters": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.Parameters", + "markdownDescription": "The parameters for the creation of the dashboard, which you want to use to override the default settings. A dashboard can have any type of parameters, and some parameters might accept multiple values.", + "title": "Parameters" + }, + "Permissions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ResourcePermission" + }, + "markdownDescription": "A structure that contains the permissions of the dashboard. You can use this structure for granting permissions by providing a list of IAM action information for each principal ARN.\n\nTo specify no permissions, omit the permissions list.", + "title": "Permissions", + "type": "array" + }, + "SourceEntity": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DashboardSourceEntity", + "markdownDescription": "The entity that you are using as a source when you create the dashboard. In `SourceEntity` , you specify the type of object that you want to use. You can only create a dashboard from a template, so you use a `SourceTemplate` entity. If you need to create a dashboard from an analysis, first convert the analysis to a template by using the `CreateTemplate` API operation. For `SourceTemplate` , specify the Amazon Resource Name (ARN) of the source template. The `SourceTemplate` ARN can contain any AWS account; and any QuickSight-supported AWS Region .\n\nUse the `DataSetReferences` entity within `SourceTemplate` to list the replacement datasets for the placeholders listed in the original. The schema in each dataset must match its placeholder.", + "title": "SourceEntity" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Contains a map of the key-value pairs for the resource tag or tags assigned to the dashboard.", + "title": "Tags", + "type": "array" + }, + "ThemeArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the theme that is being used for this dashboard. If you add a value for this field, it overrides the value that is used in the source entity. The theme ARN must exist in the same AWS account where you create the dashboard.", + "title": "ThemeArn", + "type": "string" + }, + "ValidationStrategy": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ValidationStrategy", + "markdownDescription": "The option to relax the validation that is required to create and update analyses, dashboards, and templates with definition objects. When you set this value to `LENIENT` , validation is skipped for specific errors.", + "title": "ValidationStrategy" + }, + "VersionDescription": { + "markdownDescription": "A description for the first version of the dashboard being created.", + "title": "VersionDescription", + "type": "string" + } + }, + "required": [ + "AwsAccountId", + "DashboardId", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QuickSight::Dashboard" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.AdHocFilteringOption": { + "additionalProperties": false, + "properties": { + "AvailabilityStatus": { + "markdownDescription": "Availability status.", + "title": "AvailabilityStatus", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.AggregationFunction": { + "additionalProperties": false, + "properties": { + "AttributeAggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AttributeAggregationFunction", + "markdownDescription": "Aggregation for attributes.", + "title": "AttributeAggregationFunction" + }, + "CategoricalAggregationFunction": { + "markdownDescription": "Aggregation for categorical values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values.", + "title": "CategoricalAggregationFunction", + "type": "string" + }, + "DateAggregationFunction": { + "markdownDescription": "Aggregation for date values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values.\n- `MIN` : Select the smallest date value.\n- `MAX` : Select the largest date value.", + "title": "DateAggregationFunction", + "type": "string" + }, + "NumericalAggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericalAggregationFunction", + "markdownDescription": "Aggregation for numerical values.", + "title": "NumericalAggregationFunction" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.AggregationSortConfiguration": { + "additionalProperties": false, + "properties": { + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationFunction", + "markdownDescription": "The function that aggregates the values in `Column` .", + "title": "AggregationFunction" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that determines the sort order of aggregated values.", + "title": "Column" + }, + "SortDirection": { + "markdownDescription": "The sort direction of values.\n\n- `ASC` : Sort in ascending order.\n- `DESC` : Sort in descending order.", + "title": "SortDirection", + "type": "string" + } + }, + "required": [ + "Column", + "SortDirection" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.AnalysisDefaults": { + "additionalProperties": false, + "properties": { + "DefaultNewSheetConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultNewSheetConfiguration", + "markdownDescription": "The configuration for default new sheet settings.", + "title": "DefaultNewSheetConfiguration" + } + }, + "required": [ + "DefaultNewSheetConfiguration" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.AnchorDateConfiguration": { + "additionalProperties": false, + "properties": { + "AnchorOption": { + "markdownDescription": "The options for the date configuration. Choose one of the options below:\n\n- `NOW`", + "title": "AnchorOption", + "type": "string" + }, + "ParameterName": { + "markdownDescription": "The name of the parameter that is used for the anchor date configuration.", + "title": "ParameterName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ArcAxisConfiguration": { + "additionalProperties": false, + "properties": { + "Range": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ArcAxisDisplayRange", + "markdownDescription": "The arc axis range of a `GaugeChartVisual` .", + "title": "Range" + }, + "ReserveRange": { + "markdownDescription": "The reserved range of the arc axis.", + "title": "ReserveRange", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ArcAxisDisplayRange": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum value of the arc axis range.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The minimum value of the arc axis range.", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ArcConfiguration": { + "additionalProperties": false, + "properties": { + "ArcAngle": { + "markdownDescription": "The option that determines the arc angle of a `GaugeChartVisual` .", + "title": "ArcAngle", + "type": "number" + }, + "ArcThickness": { + "markdownDescription": "The options that determine the arc thickness of a `GaugeChartVisual` .", + "title": "ArcThickness", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ArcOptions": { + "additionalProperties": false, + "properties": { + "ArcThickness": { + "markdownDescription": "The arc thickness of a `GaugeChartVisual` .", + "title": "ArcThickness", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.AssetOptions": { + "additionalProperties": false, + "properties": { + "Timezone": { + "markdownDescription": "Determines the timezone for the analysis.", + "title": "Timezone", + "type": "string" + }, + "WeekStart": { + "markdownDescription": "Determines the week start day for an analysis.", + "title": "WeekStart", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.AttributeAggregationFunction": { + "additionalProperties": false, + "properties": { + "SimpleAttributeAggregation": { + "markdownDescription": "The built-in aggregation functions for attributes.\n\n- `UNIQUE_VALUE` : Returns the unique value for a field, aggregated by the dimension fields.", + "title": "SimpleAttributeAggregation", + "type": "string" + }, + "ValueForMultipleValues": { + "markdownDescription": "Used by the `UNIQUE_VALUE` aggregation function. If there are multiple values for the field used by the aggregation, the value for this property will be returned instead. Defaults to '*'.", + "title": "ValueForMultipleValues", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.AxisDataOptions": { + "additionalProperties": false, + "properties": { + "DateAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateAxisOptions", + "markdownDescription": "The options for an axis with a date field.", + "title": "DateAxisOptions" + }, + "NumericAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericAxisOptions", + "markdownDescription": "The options for an axis with a numeric field.", + "title": "NumericAxisOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.AxisDisplayMinMaxRange": { + "additionalProperties": false, + "properties": { + "Maximum": { + "markdownDescription": "The maximum setup for an axis display range.", + "title": "Maximum", + "type": "number" + }, + "Minimum": { + "markdownDescription": "The minimum setup for an axis display range.", + "title": "Minimum", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.AxisDisplayOptions": { + "additionalProperties": false, + "properties": { + "AxisLineVisibility": { + "markdownDescription": "Determines whether or not the axis line is visible.", + "title": "AxisLineVisibility", + "type": "string" + }, + "AxisOffset": { + "markdownDescription": "The offset value that determines the starting placement of the axis within a visual's bounds.", + "title": "AxisOffset", + "type": "string" + }, + "DataOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDataOptions", + "markdownDescription": "The data options for an axis.", + "title": "DataOptions" + }, + "GridLineVisibility": { + "markdownDescription": "Determines whether or not the grid line is visible.", + "title": "GridLineVisibility", + "type": "string" + }, + "ScrollbarOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScrollBarOptions", + "markdownDescription": "The scroll bar options for an axis.", + "title": "ScrollbarOptions" + }, + "TickLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisTickLabelOptions", + "markdownDescription": "The tick label options of an axis.", + "title": "TickLabelOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.AxisDisplayRange": { + "additionalProperties": false, + "properties": { + "DataDriven": { + "markdownDescription": "The data-driven setup of an axis display range.", + "title": "DataDriven", + "type": "object" + }, + "MinMax": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayMinMaxRange", + "markdownDescription": "The minimum and maximum setup of an axis display range.", + "title": "MinMax" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.AxisLabelOptions": { + "additionalProperties": false, "properties": { - "PivotTableAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableAggregatedFieldWells", - "markdownDescription": "The aggregated field well for the pivot table.", - "title": "PivotTableAggregatedFieldWells" + "ApplyTo": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisLabelReferenceOptions", + "markdownDescription": "The options that indicate which field the label belongs to.", + "title": "ApplyTo" + }, + "CustomLabel": { + "markdownDescription": "The text for the axis label.", + "title": "CustomLabel", + "type": "string" + }, + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", + "markdownDescription": "The font configuration of the axis label.", + "title": "FontConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableOptions": { + "AWS::QuickSight::Dashboard.AxisLabelReferenceOptions": { "additionalProperties": false, "properties": { - "CellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", - "markdownDescription": "The table cell style of cells.", - "title": "CellStyle" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that the axis label is targeted to.", + "title": "Column" }, - "CollapsedRowDimensionsVisibility": { - "markdownDescription": "The visibility setting of a pivot table's collapsed row dimension fields. If the value of this structure is `HIDDEN` , all collapsed columns in a pivot table are automatically hidden. The default value is `VISIBLE` .", - "title": "CollapsedRowDimensionsVisibility", + "FieldId": { + "markdownDescription": "The field that the axis label is targeted to.", + "title": "FieldId", "type": "string" + } + }, + "required": [ + "Column", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.AxisLinearScale": { + "additionalProperties": false, + "properties": { + "StepCount": { + "markdownDescription": "The step count setup of a linear axis.", + "title": "StepCount", + "type": "number" }, - "ColumnHeaderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", - "markdownDescription": "The table cell style of the column header.", - "title": "ColumnHeaderStyle" + "StepSize": { + "markdownDescription": "The step size setup of a linear axis.", + "title": "StepSize", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.AxisLogarithmicScale": { + "additionalProperties": false, + "properties": { + "Base": { + "markdownDescription": "The base setup of a logarithmic axis scale.", + "title": "Base", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.AxisScale": { + "additionalProperties": false, + "properties": { + "Linear": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisLinearScale", + "markdownDescription": "The linear axis scale setup.", + "title": "Linear" }, - "ColumnNamesVisibility": { - "markdownDescription": "The visibility of the column names.", - "title": "ColumnNamesVisibility", + "Logarithmic": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisLogarithmicScale", + "markdownDescription": "The logarithmic axis scale setup.", + "title": "Logarithmic" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.AxisTickLabelOptions": { + "additionalProperties": false, + "properties": { + "LabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", + "markdownDescription": "Determines whether or not the axis ticks are visible.", + "title": "LabelOptions" + }, + "RotationAngle": { + "markdownDescription": "The rotation angle of the axis tick labels.", + "title": "RotationAngle", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BarChartAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The category (y-axis) field well of a bar chart.", + "title": "Category", + "type": "array" + }, + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The color (group/color) field well of a bar chart.", + "title": "Colors", + "type": "array" + }, + "SmallMultiples": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The small multiples field well of a bar chart.", + "title": "SmallMultiples", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The value field wells of a bar chart. Values are aggregated by category.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BarChartConfiguration": { + "additionalProperties": false, + "properties": { + "BarsArrangement": { + "markdownDescription": "Determines the arrangement of the bars. The orientation and arrangement of bars determine the type of bar that is used in the visual.", + "title": "BarsArrangement", "type": "string" }, - "DefaultCellWidth": { - "markdownDescription": "The default cell width of the pivot table.", - "title": "DefaultCellWidth", + "CategoryAxis": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) for bar chart category.", + "title": "CategoryAxis" + }, + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a bar chart.", + "title": "CategoryLabelOptions" + }, + "ColorLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a color that is used in a bar chart.", + "title": "ColorLabelOptions" + }, + "ContributionAnalysisDefaults": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ContributionAnalysisDefault" + }, + "markdownDescription": "The contribution analysis (anomaly configuration) setup of the visual.", + "title": "ContributionAnalysisDefaults", + "type": "array" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.", + "title": "DataLabels" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BarChartFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "Orientation": { + "markdownDescription": "The orientation of the bars in a bar chart visual. There are two valid values in this structure:\n\n- `HORIZONTAL` : Used for charts that have horizontal bars. Visuals that use this value are horizontal bar charts, horizontal stacked bar charts, and horizontal stacked 100% bar charts.\n- `VERTICAL` : Used for charts that have vertical bars. Visuals that use this value are vertical bar charts, vertical stacked bar charts, and vertical stacked 100% bar charts.", + "title": "Orientation", "type": "string" }, - "MetricPlacement": { - "markdownDescription": "The metric placement (row, column) options.", - "title": "MetricPlacement", + "ReferenceLines": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLine" + }, + "markdownDescription": "The reference line setup of the visual.", + "title": "ReferenceLines", + "type": "array" + }, + "SmallMultiplesOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SmallMultiplesOptions", + "markdownDescription": "The small multiples setup for the visual.", + "title": "SmallMultiplesOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BarChartSortConfiguration", + "markdownDescription": "The sort configuration of a `BarChartVisual` .", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + }, + "ValueAxis": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) for a bar chart value.", + "title": "ValueAxis" + }, + "ValueLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a bar chart value.", + "title": "ValueLabelOptions" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BarChartFieldWells": { + "additionalProperties": false, + "properties": { + "BarChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BarChartAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a bar chart.", + "title": "BarChartAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BarChartSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of categories displayed in a bar chart.", + "title": "CategoryItemsLimit" + }, + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of category fields.", + "title": "CategorySort", + "type": "array" + }, + "ColorItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of values displayed in a bar chart.", + "title": "ColorItemsLimit" + }, + "ColorSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of color fields in a bar chart.", + "title": "ColorSort", + "type": "array" + }, + "SmallMultiplesLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of small multiples panels that are displayed.", + "title": "SmallMultiplesLimitConfiguration" + }, + "SmallMultiplesSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the small multiples field.", + "title": "SmallMultiplesSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BarChartVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BarChartConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", "type": "string" }, - "RowAlternateColorOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RowAlternateColorOptions", - "markdownDescription": "The row alternate color options (widget status, row alternate colors).", - "title": "RowAlternateColorOptions" + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.BinCountOptions": { + "additionalProperties": false, + "properties": { + "Value": { + "markdownDescription": "The options that determine the bin count value.", + "title": "Value", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BinWidthOptions": { + "additionalProperties": false, + "properties": { + "BinCountLimit": { + "markdownDescription": "The options that determine the bin count limit.", + "title": "BinCountLimit", + "type": "number" }, - "RowFieldNamesStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", - "markdownDescription": "The table cell style of row field names.", - "title": "RowFieldNamesStyle" + "Value": { + "markdownDescription": "The options that determine the bin width value.", + "title": "Value", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BodySectionConfiguration": { + "additionalProperties": false, + "properties": { + "Content": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BodySectionContent", + "markdownDescription": "The configuration of content in a body section.", + "title": "Content" }, - "RowHeaderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", - "markdownDescription": "The table cell style of the row headers.", - "title": "RowHeaderStyle" + "PageBreakConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionPageBreakConfiguration", + "markdownDescription": "The configuration of a page break for a section.", + "title": "PageBreakConfiguration" }, - "RowsLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableRowsLabelOptions", - "markdownDescription": "The options for the label that is located above the row headers. This option is only applicable when `RowsLayout` is set to `HIERARCHY` .", - "title": "RowsLabelOptions" + "RepeatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BodySectionRepeatConfiguration", + "markdownDescription": "Describes the configurations that are required to declare a section as repeating.", + "title": "RepeatConfiguration" }, - "RowsLayout": { - "markdownDescription": "The layout for the row dimension headers of a pivot table. Choose one of the following options.\n\n- `TABULAR` : (Default) Each row field is displayed in a separate column.\n- `HIERARCHY` : All row fields are displayed in a single column. Indentation is used to differentiate row headers of different fields.", - "title": "RowsLayout", + "SectionId": { + "markdownDescription": "The unique identifier of a body section.", + "title": "SectionId", "type": "string" }, - "SingleMetricVisibility": { - "markdownDescription": "The visibility of the single metric options.", - "title": "SingleMetricVisibility", + "Style": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionStyle", + "markdownDescription": "The style options of a body section.", + "title": "Style" + } + }, + "required": [ + "Content", + "SectionId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.BodySectionContent": { + "additionalProperties": false, + "properties": { + "Layout": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionLayoutConfiguration", + "markdownDescription": "The layout configuration of a body section.", + "title": "Layout" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BodySectionDynamicCategoryDimensionConfiguration": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "", + "title": "Column" + }, + "Limit": { + "markdownDescription": "Number of values to use from the column for repetition.", + "title": "Limit", + "type": "number" + }, + "SortByMetrics": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnSort" + }, + "markdownDescription": "Sort criteria on the column values that you use for repetition.", + "title": "SortByMetrics", + "type": "array" + } + }, + "required": [ + "Column" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.BodySectionDynamicNumericDimensionConfiguration": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "", + "title": "Column" + }, + "Limit": { + "markdownDescription": "Number of values to use from the column for repetition.", + "title": "Limit", + "type": "number" + }, + "SortByMetrics": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnSort" + }, + "markdownDescription": "Sort criteria on the column values that you use for repetition.", + "title": "SortByMetrics", + "type": "array" + } + }, + "required": [ + "Column" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.BodySectionRepeatConfiguration": { + "additionalProperties": false, + "properties": { + "DimensionConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BodySectionRepeatDimensionConfiguration" + }, + "markdownDescription": "List of `BodySectionRepeatDimensionConfiguration` values that describe the dataset column and constraints for the column used to repeat the contents of a section.", + "title": "DimensionConfigurations", + "type": "array" + }, + "NonRepeatingVisuals": { + "items": { + "type": "string" + }, + "markdownDescription": "List of visuals to exclude from repetition in repeating sections. The visuals will render identically, and ignore the repeating configurations in all repeating instances.", + "title": "NonRepeatingVisuals", + "type": "array" + }, + "PageBreakConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BodySectionRepeatPageBreakConfiguration", + "markdownDescription": "Page break configuration to apply for each repeating instance.", + "title": "PageBreakConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BodySectionRepeatDimensionConfiguration": { + "additionalProperties": false, + "properties": { + "DynamicCategoryDimensionConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BodySectionDynamicCategoryDimensionConfiguration", + "markdownDescription": "Describes the *Category* dataset column and constraints around the dynamic values that will be used in repeating the section contents.", + "title": "DynamicCategoryDimensionConfiguration" + }, + "DynamicNumericDimensionConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BodySectionDynamicNumericDimensionConfiguration", + "markdownDescription": "Describes the *Numeric* dataset column and constraints around the dynamic values used to repeat the contents of a section.", + "title": "DynamicNumericDimensionConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BodySectionRepeatPageBreakConfiguration": { + "additionalProperties": false, + "properties": { + "After": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionAfterPageBreak", + "markdownDescription": "", + "title": "After" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BoxPlotAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "GroupBy": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The group by field well of a box plot chart. Values are grouped based on group by fields.", + "title": "GroupBy", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The value field well of a box plot chart. Values are aggregated based on group by fields.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BoxPlotChartConfiguration": { + "additionalProperties": false, + "properties": { + "BoxPlotOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotOptions", + "markdownDescription": "The box plot chart options for a box plot visual", + "title": "BoxPlotOptions" + }, + "CategoryAxis": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) of a box plot category.", + "title": "CategoryAxis" + }, + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort Icon visibility) of a box plot category.", + "title": "CategoryLabelOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", + "markdownDescription": "", + "title": "Legend" + }, + "PrimaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) of a box plot category.", + "title": "PrimaryYAxisDisplayOptions" + }, + "PrimaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort icon visibility) of a box plot value.", + "title": "PrimaryYAxisLabelOptions" + }, + "ReferenceLines": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLine" + }, + "markdownDescription": "The reference line setup of the visual.", + "title": "ReferenceLines", + "type": "array" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotSortConfiguration", + "markdownDescription": "The sort configuration of a `BoxPlotVisual` .", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BoxPlotFieldWells": { + "additionalProperties": false, + "properties": { + "BoxPlotAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a box plot.", + "title": "BoxPlotAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BoxPlotOptions": { + "additionalProperties": false, + "properties": { + "AllDataPointsVisibility": { + "markdownDescription": "Determines the visibility of all data points of the box plot.", + "title": "AllDataPointsVisibility", "type": "string" }, - "ToggleButtonsVisibility": { - "markdownDescription": "Determines the visibility of the pivot table.", - "title": "ToggleButtonsVisibility", + "OutlierVisibility": { + "markdownDescription": "Determines the visibility of the outlier in a box plot.", + "title": "OutlierVisibility", "type": "string" + }, + "StyleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotStyleOptions", + "markdownDescription": "The style options of the box plot.", + "title": "StyleOptions" } }, "type": "object" }, - "AWS::QuickSight::Analysis.PivotTablePaginatedReportOptions": { + "AWS::QuickSight::Dashboard.BoxPlotSortConfiguration": { "additionalProperties": false, "properties": { - "OverflowColumnHeaderVisibility": { - "markdownDescription": "The visibility of the repeating header rows on each page.", - "title": "OverflowColumnHeaderVisibility", + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of a group by fields.", + "title": "CategorySort", + "type": "array" + }, + "PaginationConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PaginationConfiguration", + "markdownDescription": "The pagination configuration of a table visual or box plot.", + "title": "PaginationConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BoxPlotStyleOptions": { + "additionalProperties": false, + "properties": { + "FillStyle": { + "markdownDescription": "The fill styles (solid, transparent) of the box plot.", + "title": "FillStyle", "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BoxPlotVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" }, - "VerticalOverflowVisibility": { - "markdownDescription": "The visibility of the printing table overflow across pages.", - "title": "VerticalOverflowVisibility", + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotChartConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", "type": "string" } }, + "required": [ + "VisualId" + ], "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableRowsLabelOptions": { + "AWS::QuickSight::Dashboard.CalculatedField": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label string for the rows label.", - "title": "CustomLabel", + "DataSetIdentifier": { + "markdownDescription": "The data set that is used in this calculated field.", + "title": "DataSetIdentifier", "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the rows label.", - "title": "Visibility", + "Expression": { + "markdownDescription": "The expression of the calculated field.", + "title": "Expression", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the calculated field.", + "title": "Name", "type": "string" } }, + "required": [ + "DataSetIdentifier", + "Expression", + "Name" + ], "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableSortBy": { + "AWS::QuickSight::Dashboard.CalculatedMeasureField": { + "additionalProperties": false, + "properties": { + "Expression": { + "markdownDescription": "The expression in the table calculation.", + "title": "Expression", + "type": "string" + }, + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" + } + }, + "required": [ + "Expression", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.CascadingControlConfiguration": { + "additionalProperties": false, + "properties": { + "SourceControls": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CascadingControlSource" + }, + "markdownDescription": "A list of source controls that determine the values that are used in the current control.", + "title": "SourceControls", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.CascadingControlSource": { + "additionalProperties": false, + "properties": { + "ColumnToMatch": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column identifier that determines which column to look up for the source sheet control.", + "title": "ColumnToMatch" + }, + "SourceSheetControlId": { + "markdownDescription": "The source sheet control ID of a `CascadingControlSource` .", + "title": "SourceSheetControlId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.CategoricalDimensionField": { "additionalProperties": false, "properties": { "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnSort", - "markdownDescription": "The column sort (field id, direction) for the pivot table sort by options.", + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that is used in the `CategoricalDimensionField` .", "title": "Column" }, - "DataPath": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathSort", - "markdownDescription": "The data path sort (data path value, direction) for the pivot table sort by options.", - "title": "DataPath" + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" }, - "Field": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSort", - "markdownDescription": "The field sort (field id, direction) for the pivot table sort by options.", - "title": "Field" + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" + }, + "HierarchyId": { + "markdownDescription": "The custom hierarchy ID.", + "title": "HierarchyId", + "type": "string" } }, + "required": [ + "Column", + "FieldId" + ], "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableSortConfiguration": { + "AWS::QuickSight::Dashboard.CategoricalMeasureField": { "additionalProperties": false, "properties": { - "FieldSortOptions": { + "AggregationFunction": { + "markdownDescription": "The aggregation function of the measure field.", + "title": "AggregationFunction", + "type": "string" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that is used in the `CategoricalMeasureField` .", + "title": "Column" + }, + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" + } + }, + "required": [ + "Column", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.CategoryDrillDownFilter": { + "additionalProperties": false, + "properties": { + "CategoryValues": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotFieldSortOptions" + "type": "string" }, - "markdownDescription": "The field sort options for a pivot table sort configuration.", - "title": "FieldSortOptions", + "markdownDescription": "A list of the string inputs that are the values of the category drill down filter.", + "title": "CategoryValues", "type": "array" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" } }, + "required": [ + "CategoryValues", + "Column" + ], "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableTotalOptions": { + "AWS::QuickSight::Dashboard.CategoryFilter": { "additionalProperties": false, "properties": { - "ColumnSubtotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SubtotalOptions", - "markdownDescription": "The column subtotal options.", - "title": "ColumnSubtotalOptions" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" }, - "ColumnTotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTotalOptions", - "markdownDescription": "The column total options.", - "title": "ColumnTotalOptions" + "Configuration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CategoryFilterConfiguration", + "markdownDescription": "The configuration for a `CategoryFilter` .", + "title": "Configuration" }, - "RowSubtotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SubtotalOptions", - "markdownDescription": "The row subtotal options.", - "title": "RowSubtotalOptions" + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" }, - "RowTotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTotalOptions", - "markdownDescription": "The row total options.", - "title": "RowTotalOptions" + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + } + }, + "required": [ + "Column", + "Configuration", + "FilterId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.CategoryFilterConfiguration": { + "additionalProperties": false, + "properties": { + "CustomFilterConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomFilterConfiguration", + "markdownDescription": "A custom filter that filters based on a single value. This filter can be partially matched.", + "title": "CustomFilterConfiguration" + }, + "CustomFilterListConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomFilterListConfiguration", + "markdownDescription": "A list of custom filter values. In the Amazon QuickSight console, this filter type is called a custom filter list.", + "title": "CustomFilterListConfiguration" + }, + "FilterListConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterListConfiguration", + "markdownDescription": "A list of filter configurations. In the Amazon QuickSight console, this filter type is called a filter list.", + "title": "FilterListConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.CategoryInnerFilter": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "", + "title": "Column" + }, + "Configuration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CategoryFilterConfiguration", + "markdownDescription": "", + "title": "Configuration" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", + "markdownDescription": "", + "title": "DefaultFilterControlConfiguration" + } + }, + "required": [ + "Column", + "Configuration" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ChartAxisLabelOptions": { + "additionalProperties": false, + "properties": { + "AxisLabelOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisLabelOptions" + }, + "markdownDescription": "The label options for a chart axis.", + "title": "AxisLabelOptions", + "type": "array" + }, + "SortIconVisibility": { + "markdownDescription": "The visibility configuration of the sort icon on a chart's axis label.", + "title": "SortIconVisibility", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of an axis label on a chart. Choose one of the following options:\n\n- `VISIBLE` : Shows the axis.\n- `HIDDEN` : Hides the axis.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ClusterMarker": { + "additionalProperties": false, + "properties": { + "SimpleClusterMarker": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SimpleClusterMarker", + "markdownDescription": "The simple cluster marker of the cluster marker.", + "title": "SimpleClusterMarker" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ClusterMarkerConfiguration": { + "additionalProperties": false, + "properties": { + "ClusterMarker": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ClusterMarker", + "markdownDescription": "The cluster marker that is a part of the cluster marker configuration.", + "title": "ClusterMarker" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ColorScale": { + "additionalProperties": false, + "properties": { + "ColorFillType": { + "markdownDescription": "Determines the color fill type.", + "title": "ColorFillType", + "type": "string" + }, + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataColor" + }, + "markdownDescription": "Determines the list of colors that are applied to the visual.", + "title": "Colors", + "type": "array" + }, + "NullValueColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataColor", + "markdownDescription": "Determines the color that is applied to null values.", + "title": "NullValueColor" + } + }, + "required": [ + "ColorFillType", + "Colors" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ColorsConfiguration": { + "additionalProperties": false, + "properties": { + "CustomColors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomColor" + }, + "markdownDescription": "A list of up to 50 custom colors.", + "title": "CustomColors", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableVisual": { + "AWS::QuickSight::Dashboard.ColumnConfiguration": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" - }, - "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableConditionalFormatting", - "markdownDescription": "The conditional formatting for a `PivotTableVisual` .", - "title": "ConditionalFormatting" + "ColorsConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColorsConfiguration", + "markdownDescription": "The color configurations of the column.", + "title": "ColorsConfiguration" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column.", + "title": "Column" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FormatConfiguration", + "markdownDescription": "The format configuration of a column.", + "title": "FormatConfiguration" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "Role": { + "markdownDescription": "The role of the column.", + "title": "Role", "type": "string" } }, "required": [ - "VisualId" + "Column" ], "type": "object" }, - "AWS::QuickSight::Analysis.PivotTotalOptions": { + "AWS::QuickSight::Dashboard.ColumnHierarchy": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label string for the total cells.", - "title": "CustomLabel", - "type": "string" - }, - "MetricHeaderCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", - "markdownDescription": "The cell styling options for the total of header cells.", - "title": "MetricHeaderCellStyle" + "DateTimeHierarchy": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeHierarchy", + "markdownDescription": "The option that determines the hierarchy of any `DateTime` fields.", + "title": "DateTimeHierarchy" }, - "Placement": { - "markdownDescription": "The placement (start, end) for the total cells.", - "title": "Placement", - "type": "string" + "ExplicitHierarchy": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ExplicitHierarchy", + "markdownDescription": "The option that determines the hierarchy of the fields that are built within a visual's field wells. These fields can't be duplicated to other visuals.", + "title": "ExplicitHierarchy" }, - "ScrollStatus": { - "markdownDescription": "The scroll status (pinned, scrolled) for the total cells.", - "title": "ScrollStatus", + "PredefinedHierarchy": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PredefinedHierarchy", + "markdownDescription": "The option that determines the hierarchy of the fields that are defined during data preparation. These fields are available to use in any analysis that uses the data source.", + "title": "PredefinedHierarchy" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ColumnIdentifier": { + "additionalProperties": false, + "properties": { + "ColumnName": { + "markdownDescription": "The name of the column.", + "title": "ColumnName", "type": "string" }, - "TotalAggregationOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TotalAggregationOption" - }, - "markdownDescription": "The total aggregation options for each value field.", - "title": "TotalAggregationOptions", - "type": "array" - }, - "TotalCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", - "markdownDescription": "The cell styling options for the total cells.", - "title": "TotalCellStyle" - }, - "TotalsVisibility": { - "markdownDescription": "The visibility configuration for the total cells.", - "title": "TotalsVisibility", + "DataSetIdentifier": { + "markdownDescription": "The data set that the column belongs to.", + "title": "DataSetIdentifier", "type": "string" - }, - "ValueCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", - "markdownDescription": "The cell styling options for the totals of value cells.", - "title": "ValueCellStyle" } }, + "required": [ + "ColumnName", + "DataSetIdentifier" + ], "type": "object" }, - "AWS::QuickSight::Analysis.PredefinedHierarchy": { + "AWS::QuickSight::Dashboard.ColumnSort": { "additionalProperties": false, "properties": { - "Columns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier" - }, - "markdownDescription": "The list of columns that define the predefined hierarchy.", - "title": "Columns", - "type": "array" - }, - "DrillDownFilters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DrillDownFilter" - }, - "markdownDescription": "The option that determines the drill down filters for the predefined hierarchy.", - "title": "DrillDownFilters", - "type": "array" + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationFunction", + "markdownDescription": "The aggregation function that is defined in the column sort.", + "title": "AggregationFunction" }, - "HierarchyId": { - "markdownDescription": "The hierarchy ID of the predefined hierarchy.", - "title": "HierarchyId", + "Direction": { + "markdownDescription": "The sort direction.", + "title": "Direction", "type": "string" + }, + "SortBy": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "", + "title": "SortBy" } }, "required": [ - "Columns", - "HierarchyId" + "Direction", + "SortBy" ], "type": "object" }, - "AWS::QuickSight::Analysis.ProgressBarOptions": { + "AWS::QuickSight::Dashboard.ColumnTooltipItem": { "additionalProperties": false, "properties": { + "Aggregation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationFunction", + "markdownDescription": "The aggregation function of the column tooltip item.", + "title": "Aggregation" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The target column of the tooltip item.", + "title": "Column" + }, + "Label": { + "markdownDescription": "The label of the tooltip item.", + "title": "Label", + "type": "string" + }, + "TooltipTarget": { + "markdownDescription": "Determines the target of the column tooltip item in a combo chart visual.", + "title": "TooltipTarget", + "type": "string" + }, "Visibility": { - "markdownDescription": "The visibility of the progress bar.", + "markdownDescription": "The visibility of the tooltip item.", "title": "Visibility", "type": "string" } }, + "required": [ + "Column" + ], "type": "object" }, - "AWS::QuickSight::Analysis.RadarChartAggregatedFieldWells": { + "AWS::QuickSight::Dashboard.ComboChartAggregatedFieldWells": { "additionalProperties": false, "properties": { + "BarValues": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The aggregated `BarValues` field well of a combo chart.", + "title": "BarValues", + "type": "array" + }, "Category": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, - "markdownDescription": "The aggregated field well categories of a radar chart.", + "markdownDescription": "The aggregated category field wells of a combo chart.", "title": "Category", "type": "array" }, - "Color": { + "Colors": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, - "markdownDescription": "The color that are assigned to the aggregated field wells of a radar chart.", - "title": "Color", + "markdownDescription": "The aggregated colors field well of a combo chart.", + "title": "Colors", "type": "array" }, - "Values": { + "LineValues": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" }, - "markdownDescription": "The values that are assigned to the aggregated field wells of a radar chart.", - "title": "Values", + "markdownDescription": "The aggregated `LineValues` field well of a combo chart.", + "title": "LineValues", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.RadarChartAreaStyleSettings": { - "additionalProperties": false, - "properties": { - "Visibility": { - "markdownDescription": "The visibility settings of a radar chart.", - "title": "Visibility", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.RadarChartConfiguration": { + "AWS::QuickSight::Dashboard.ComboChartConfiguration": { "additionalProperties": false, "properties": { - "AlternateBandColorsVisibility": { - "markdownDescription": "Determines the visibility of the colors of alternatign bands in a radar chart.", - "title": "AlternateBandColorsVisibility", - "type": "string" - }, - "AlternateBandEvenColor": { - "markdownDescription": "The color of the even-numbered alternate bands of a radar chart.", - "title": "AlternateBandEvenColor", - "type": "string" - }, - "AlternateBandOddColor": { - "markdownDescription": "The color of the odd-numbered alternate bands of a radar chart.", - "title": "AlternateBandOddColor", - "type": "string" + "BarDataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.\n\nThe data label options for a bar in a combo chart.", + "title": "BarDataLabels" }, - "AxesRangeScale": { - "markdownDescription": "The axis behavior options of a radar chart.", - "title": "AxesRangeScale", + "BarsArrangement": { + "markdownDescription": "Determines the bar arrangement in a combo chart. The following are valid values in this structure:\n\n- `CLUSTERED` : For clustered bar combo charts.\n- `STACKED` : For stacked bar combo charts.\n- `STACKED_PERCENT` : Do not use. If you use this value, the operation returns a validation error.", + "title": "BarsArrangement", "type": "string" }, - "BaseSeriesSettings": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartSeriesSettings", - "markdownDescription": "The base sreies settings of a radar chart.", - "title": "BaseSeriesSettings" - }, "CategoryAxis": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The category axis of a radar chart.", + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The category axis of a combo chart.", "title": "CategoryAxis" }, "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The category label options of a radar chart.", + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart category (group/color) field well.", "title": "CategoryLabelOptions" }, - "ColorAxis": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The color axis of a radar chart.", - "title": "ColorAxis" - }, "ColorLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The color label options of a radar chart.", + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's color field well.", "title": "ColorLabelOptions" }, "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartFieldWells", - "markdownDescription": "The field well configuration of a `RadarChartVisual` .", + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComboChartFieldWells", + "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Legend" }, - "Shape": { - "markdownDescription": "The shape of the radar chart.", - "title": "Shape", - "type": "string" + "LineDataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.\n\nThe data label options for a line in a combo chart.", + "title": "LineDataLabels" + }, + "PrimaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, and axis step) of a combo chart's primary y-axis (bar) field well.", + "title": "PrimaryYAxisDisplayOptions" + }, + "PrimaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's primary y-axis (bar) field well.", + "title": "PrimaryYAxisLabelOptions" + }, + "ReferenceLines": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLine" + }, + "markdownDescription": "The reference line setup of the visual.", + "title": "ReferenceLines", + "type": "array" + }, + "SecondaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) of a combo chart's secondary y-axis (line) field well.", + "title": "SecondaryYAxisDisplayOptions" + }, + "SecondaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's secondary y-axis(line) field well.", + "title": "SecondaryYAxisLabelOptions" + }, + "SingleAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SingleAxisOptions", + "markdownDescription": "", + "title": "SingleAxisOptions" }, "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartSortConfiguration", - "markdownDescription": "The sort configuration of a `RadarChartVisual` .", + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComboChartSortConfiguration", + "markdownDescription": "The sort configuration of a `ComboChartVisual` .", "title": "SortConfiguration" }, - "StartAngle": { - "markdownDescription": "The start angle of a radar chart's axis.", - "title": "StartAngle", - "type": "number" + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Tooltip" }, "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", "markdownDescription": "The palette (chart color) display setup of the visual.", "title": "VisualPalette" } }, "type": "object" }, - "AWS::QuickSight::Analysis.RadarChartFieldWells": { - "additionalProperties": false, - "properties": { - "RadarChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a radar chart visual.", - "title": "RadarChartAggregatedFieldWells" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.RadarChartSeriesSettings": { + "AWS::QuickSight::Dashboard.ComboChartFieldWells": { "additionalProperties": false, "properties": { - "AreaStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartAreaStyleSettings", - "markdownDescription": "The area style settings of a radar chart.", - "title": "AreaStyleSettings" + "ComboChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComboChartAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a combo chart. Combo charts only have aggregated field wells. Columns in a combo chart are aggregated by category.", + "title": "ComboChartAggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Analysis.RadarChartSortConfiguration": { + "AWS::QuickSight::Dashboard.ComboChartSortConfiguration": { "additionalProperties": false, "properties": { "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The category items limit for a radar chart.", + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The item limit configuration for the category field well of a combo chart.", "title": "CategoryItemsLimit" }, "CategorySort": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" }, - "markdownDescription": "The category sort options of a radar chart.", + "markdownDescription": "The sort configuration of the category field well in a combo chart.", "title": "CategorySort", "type": "array" }, "ColorItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The color items limit of a radar chart.", + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The item limit configuration of the color field well in a combo chart.", "title": "ColorItemsLimit" }, "ColorSort": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" }, - "markdownDescription": "The color sort configuration of a radar chart.", + "markdownDescription": "The sort configuration of the color field well in a combo chart.", "title": "ColorSort", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.RadarChartVisual": { + "AWS::QuickSight::Dashboard.ComboChartVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComboChartConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", @@ -191962,316 +235869,232 @@ ], "type": "object" }, - "AWS::QuickSight::Analysis.RangeEndsLabelType": { - "additionalProperties": false, - "properties": { - "Visibility": { - "markdownDescription": "The visibility of the range ends label.", - "title": "Visibility", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.ReferenceLine": { + "AWS::QuickSight::Dashboard.ComparisonConfiguration": { "additionalProperties": false, "properties": { - "DataConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineDataConfiguration", - "markdownDescription": "The data configuration of the reference line.", - "title": "DataConfiguration" - }, - "LabelConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineLabelConfiguration", - "markdownDescription": "The label configuration of the reference line.", - "title": "LabelConfiguration" + "ComparisonFormat": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComparisonFormatConfiguration", + "markdownDescription": "The format of the comparison.", + "title": "ComparisonFormat" }, - "Status": { - "markdownDescription": "The status of the reference line. Choose one of the following options:\n\n- `ENABLE`\n- `DISABLE`", - "title": "Status", + "ComparisonMethod": { + "markdownDescription": "The method of the comparison. Choose from the following options:\n\n- `DIFFERENCE`\n- `PERCENT_DIFFERENCE`\n- `PERCENT`", + "title": "ComparisonMethod", "type": "string" - }, - "StyleConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineStyleConfiguration", - "markdownDescription": "The style configuration of the reference line.", - "title": "StyleConfiguration" } }, - "required": [ - "DataConfiguration" - ], "type": "object" }, - "AWS::QuickSight::Analysis.ReferenceLineCustomLabelConfiguration": { + "AWS::QuickSight::Dashboard.ComparisonFormatConfiguration": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The string text of the custom label.", - "title": "CustomLabel", - "type": "string" + "NumberDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumberDisplayFormatConfiguration", + "markdownDescription": "The number display format.", + "title": "NumberDisplayFormatConfiguration" + }, + "PercentageDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PercentageDisplayFormatConfiguration", + "markdownDescription": "The percentage display format.", + "title": "PercentageDisplayFormatConfiguration" } }, - "required": [ - "CustomLabel" - ], "type": "object" }, - "AWS::QuickSight::Analysis.ReferenceLineDataConfiguration": { + "AWS::QuickSight::Dashboard.Computation": { "additionalProperties": false, "properties": { - "AxisBinding": { - "markdownDescription": "The axis binding type of the reference line. Choose one of the following options:\n\n- `PrimaryY`\n- `SecondaryY`", - "title": "AxisBinding", - "type": "string" + "Forecast": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ForecastComputation", + "markdownDescription": "The forecast computation configuration.", + "title": "Forecast" }, - "DynamicConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineDynamicDataConfiguration", - "markdownDescription": "The dynamic configuration of the reference line data configuration.", - "title": "DynamicConfiguration" + "GrowthRate": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GrowthRateComputation", + "markdownDescription": "The growth rate computation configuration.", + "title": "GrowthRate" }, - "SeriesType": { - "markdownDescription": "The series type of the reference line data configuration. Choose one of the following options:\n\n- `BAR`\n- `LINE`", - "title": "SeriesType", - "type": "string" + "MaximumMinimum": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MaximumMinimumComputation", + "markdownDescription": "The maximum and minimum computation configuration.", + "title": "MaximumMinimum" }, - "StaticConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineStaticDataConfiguration", - "markdownDescription": "The static data configuration of the reference line data configuration.", - "title": "StaticConfiguration" + "MetricComparison": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MetricComparisonComputation", + "markdownDescription": "The metric comparison computation configuration.", + "title": "MetricComparison" + }, + "PeriodOverPeriod": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PeriodOverPeriodComputation", + "markdownDescription": "The period over period computation configuration.", + "title": "PeriodOverPeriod" + }, + "PeriodToDate": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PeriodToDateComputation", + "markdownDescription": "The period to `DataSetIdentifier` computation configuration.", + "title": "PeriodToDate" + }, + "TopBottomMovers": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TopBottomMoversComputation", + "markdownDescription": "The top movers and bottom movers computation configuration.", + "title": "TopBottomMovers" + }, + "TopBottomRanked": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TopBottomRankedComputation", + "markdownDescription": "The top ranked and bottom ranked computation configuration.", + "title": "TopBottomRanked" + }, + "TotalAggregation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TotalAggregationComputation", + "markdownDescription": "The total aggregation computation configuration.", + "title": "TotalAggregation" + }, + "UniqueValues": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.UniqueValuesComputation", + "markdownDescription": "The unique values computation configuration.", + "title": "UniqueValues" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ReferenceLineDynamicDataConfiguration": { + "AWS::QuickSight::Dashboard.ConditionalFormattingColor": { "additionalProperties": false, "properties": { - "Calculation": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericalAggregationFunction", - "markdownDescription": "The calculation that is used in the dynamic data.", - "title": "Calculation" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that the dynamic data targets.", - "title": "Column" + "Gradient": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingGradientColor", + "markdownDescription": "Formatting configuration for gradient color.", + "title": "Gradient" }, - "MeasureAggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationFunction", - "markdownDescription": "The aggregation function that is used in the dynamic data.", - "title": "MeasureAggregationFunction" + "Solid": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingSolidColor", + "markdownDescription": "Formatting configuration for solid color.", + "title": "Solid" } }, - "required": [ - "Calculation", - "Column" - ], "type": "object" }, - "AWS::QuickSight::Analysis.ReferenceLineLabelConfiguration": { + "AWS::QuickSight::Dashboard.ConditionalFormattingCustomIconCondition": { "additionalProperties": false, "properties": { - "CustomLabelConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineCustomLabelConfiguration", - "markdownDescription": "The custom label configuration of the label in a reference line.", - "title": "CustomLabelConfiguration" - }, - "FontColor": { - "markdownDescription": "The font color configuration of the label in a reference line.", - "title": "FontColor", + "Color": { + "markdownDescription": "Determines the color of the icon.", + "title": "Color", "type": "string" }, - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", - "markdownDescription": "The font configuration of the label in a reference line.", - "title": "FontConfiguration" + "DisplayConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIconDisplayConfiguration", + "markdownDescription": "Determines the icon display configuration.", + "title": "DisplayConfiguration" }, - "HorizontalPosition": { - "markdownDescription": "The horizontal position configuration of the label in a reference line. Choose one of the following options:\n\n- `LEFT`\n- `CENTER`\n- `RIGHT`", - "title": "HorizontalPosition", + "Expression": { + "markdownDescription": "The expression that determines the condition of the icon set.", + "title": "Expression", "type": "string" }, - "ValueLabelConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineValueLabelConfiguration", - "markdownDescription": "The value label configuration of the label in a reference line.", - "title": "ValueLabelConfiguration" - }, - "VerticalPosition": { - "markdownDescription": "The vertical position configuration of the label in a reference line. Choose one of the following options:\n\n- `ABOVE`\n- `BELOW`", - "title": "VerticalPosition", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.ReferenceLineStaticDataConfiguration": { - "additionalProperties": false, - "properties": { - "Value": { - "markdownDescription": "The double input of the static data.", - "title": "Value", - "type": "number" + "IconOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingCustomIconOptions", + "markdownDescription": "Custom icon options for an icon set.", + "title": "IconOptions" } }, "required": [ - "Value" + "Expression", + "IconOptions" ], "type": "object" }, - "AWS::QuickSight::Analysis.ReferenceLineStyleConfiguration": { + "AWS::QuickSight::Dashboard.ConditionalFormattingCustomIconOptions": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The hex color of the reference line.", - "title": "Color", + "Icon": { + "markdownDescription": "Determines the type of icon.", + "title": "Icon", "type": "string" }, - "Pattern": { - "markdownDescription": "The pattern type of the line style. Choose one of the following options:\n\n- `SOLID`\n- `DASHED`\n- `DOTTED`", - "title": "Pattern", + "UnicodeIcon": { + "markdownDescription": "Determines the Unicode icon type.", + "title": "UnicodeIcon", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ReferenceLineValueLabelConfiguration": { + "AWS::QuickSight::Dashboard.ConditionalFormattingGradientColor": { "additionalProperties": false, "properties": { - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericFormatConfiguration", - "markdownDescription": "The format configuration of the value label.", - "title": "FormatConfiguration" + "Color": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GradientColor", + "markdownDescription": "Determines the color.", + "title": "Color" }, - "RelativePosition": { - "markdownDescription": "The relative position of the value label. Choose one of the following options:\n\n- `BEFORE_CUSTOM_LABEL`\n- `AFTER_CUSTOM_LABEL`", - "title": "RelativePosition", + "Expression": { + "markdownDescription": "The expression that determines the formatting configuration for gradient color.", + "title": "Expression", "type": "string" } }, + "required": [ + "Color", + "Expression" + ], "type": "object" }, - "AWS::QuickSight::Analysis.RelativeDateTimeControlDisplayOptions": { + "AWS::QuickSight::Dashboard.ConditionalFormattingIcon": { "additionalProperties": false, "properties": { - "DateTimeFormat": { - "markdownDescription": "Customize how dates are formatted in controls.", - "title": "DateTimeFormat", - "type": "string" - }, - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" + "CustomCondition": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingCustomIconCondition", + "markdownDescription": "Determines the custom condition for an icon set.", + "title": "CustomCondition" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" + "IconSet": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIconSet", + "markdownDescription": "Formatting configuration for icon set.", + "title": "IconSet" } }, "type": "object" }, - "AWS::QuickSight::Analysis.RelativeDatesFilter": { + "AWS::QuickSight::Dashboard.ConditionalFormattingIconDisplayConfiguration": { "additionalProperties": false, "properties": { - "AnchorDateConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AnchorDateConfiguration", - "markdownDescription": "The date configuration of the filter.", - "title": "AnchorDateConfiguration" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" - }, - "ExcludePeriodConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ExcludePeriodConfiguration", - "markdownDescription": "The configuration for the exclude period of the filter.", - "title": "ExcludePeriodConfiguration" - }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", - "type": "string" - }, - "MinimumGranularity": { - "markdownDescription": "The minimum granularity (period granularity) of the relative dates filter.", - "title": "MinimumGranularity", - "type": "string" - }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", - "type": "string" - }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.", - "title": "ParameterName", - "type": "string" - }, - "RelativeDateType": { - "markdownDescription": "The range date type of the filter. Choose one of the options below:\n\n- `PREVIOUS`\n- `THIS`\n- `LAST`\n- `NOW`\n- `NEXT`", - "title": "RelativeDateType", - "type": "string" - }, - "RelativeDateValue": { - "markdownDescription": "The date value of the filter.", - "title": "RelativeDateValue", - "type": "number" - }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", + "IconDisplayOption": { + "markdownDescription": "Determines the icon display configuration.", + "title": "IconDisplayOption", "type": "string" } }, - "required": [ - "AnchorDateConfiguration", - "Column", - "FilterId", - "NullOption", - "RelativeDateType", - "TimeGranularity" - ], "type": "object" }, - "AWS::QuickSight::Analysis.ResourcePermission": { + "AWS::QuickSight::Dashboard.ConditionalFormattingIconSet": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "type": "string" - }, - "markdownDescription": "The IAM action to grant or revoke permissions on.", - "title": "Actions", - "type": "array" + "Expression": { + "markdownDescription": "The expression that determines the formatting configuration for the icon set.", + "title": "Expression", + "type": "string" }, - "Principal": { - "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", - "title": "Principal", + "IconSetType": { + "markdownDescription": "Determines the icon set type.", + "title": "IconSetType", "type": "string" } }, "required": [ - "Actions", - "Principal" + "Expression" ], "type": "object" }, - "AWS::QuickSight::Analysis.RollingDateConfiguration": { + "AWS::QuickSight::Dashboard.ConditionalFormattingSolidColor": { "additionalProperties": false, "properties": { - "DataSetIdentifier": { - "markdownDescription": "The data set that is used in the rolling date configuration.", - "title": "DataSetIdentifier", + "Color": { + "markdownDescription": "Determines the color.", + "title": "Color", "type": "string" }, "Expression": { - "markdownDescription": "The expression of the rolling date configuration.", + "markdownDescription": "The expression that determines the formatting configuration for solid color.", "title": "Expression", "type": "string" } @@ -192281,365 +236104,240 @@ ], "type": "object" }, - "AWS::QuickSight::Analysis.RowAlternateColorOptions": { + "AWS::QuickSight::Dashboard.ContextMenuOption": { "additionalProperties": false, "properties": { - "RowAlternateColors": { - "items": { - "type": "string" - }, - "markdownDescription": "Determines the list of row alternate colors.", - "title": "RowAlternateColors", - "type": "array" - }, - "Status": { - "markdownDescription": "Determines the widget status.", - "title": "Status", - "type": "string" - }, - "UsePrimaryBackgroundColor": { - "markdownDescription": "The primary background color options for alternate rows.", - "title": "UsePrimaryBackgroundColor", + "AvailabilityStatus": { + "markdownDescription": "The availability status of the context menu options. If the value of this property is set to `ENABLED` , dashboard readers can interact with the context menu.", + "title": "AvailabilityStatus", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.SameSheetTargetVisualConfiguration": { + "AWS::QuickSight::Dashboard.ContributionAnalysisDefault": { "additionalProperties": false, "properties": { - "TargetVisualOptions": { - "markdownDescription": "The options that choose the target visual in the same sheet.\n\nValid values are defined as follows:\n\n- `ALL_VISUALS` : Applies the filter operation to all visuals in the same sheet.", - "title": "TargetVisualOptions", - "type": "string" - }, - "TargetVisuals": { + "ContributorDimensions": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier" }, - "markdownDescription": "A list of the target visual IDs that are located in the same sheet of the analysis.", - "title": "TargetVisuals", + "markdownDescription": "The dimensions columns that are used in the contribution analysis, usually a list of `ColumnIdentifiers` .", + "title": "ContributorDimensions", "type": "array" + }, + "MeasureFieldId": { + "markdownDescription": "The measure field that is used in the contribution analysis.", + "title": "MeasureFieldId", + "type": "string" } }, + "required": [ + "ContributorDimensions", + "MeasureFieldId" + ], "type": "object" }, - "AWS::QuickSight::Analysis.SankeyDiagramAggregatedFieldWells": { + "AWS::QuickSight::Dashboard.CurrencyDisplayFormatConfiguration": { "additionalProperties": false, "properties": { - "Destination": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The destination field wells of a sankey diagram.", - "title": "Destination", - "type": "array" + "DecimalPlacesConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalPlacesConfiguration", + "markdownDescription": "The option that determines the decimal places configuration.", + "title": "DecimalPlacesConfiguration" }, - "Source": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The source field wells of a sankey diagram.", - "title": "Source", - "type": "array" + "NegativeValueConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NegativeValueConfiguration", + "markdownDescription": "The options that determine the negative value configuration.", + "title": "NegativeValueConfiguration" }, - "Weight": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The weight field wells of a sankey diagram.", - "title": "Weight", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.SankeyDiagramChartConfiguration": { - "additionalProperties": false, - "properties": { - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", - "markdownDescription": "The data label configuration of a sankey diagram.", - "title": "DataLabels" + "NullValueFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NullValueFormatConfiguration", + "markdownDescription": "The options that determine the null value format configuration.", + "title": "NullValueFormatConfiguration" }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SankeyDiagramFieldWells", - "markdownDescription": "The field well configuration of a sankey diagram.", - "title": "FieldWells" + "NumberScale": { + "markdownDescription": "Determines the number scale value for the currency format.", + "title": "NumberScale", + "type": "string" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SankeyDiagramSortConfiguration", - "markdownDescription": "The sort configuration of a sankey diagram.", - "title": "SortConfiguration" + "Prefix": { + "markdownDescription": "Determines the prefix value of the currency format.", + "title": "Prefix", + "type": "string" + }, + "SeparatorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericSeparatorConfiguration", + "markdownDescription": "The options that determine the numeric separator configuration.", + "title": "SeparatorConfiguration" + }, + "Suffix": { + "markdownDescription": "Determines the suffix value of the currency format.", + "title": "Suffix", + "type": "string" + }, + "Symbol": { + "markdownDescription": "Determines the symbol for the currency format.", + "title": "Symbol", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.SankeyDiagramFieldWells": { + "AWS::QuickSight::Dashboard.CustomActionFilterOperation": { "additionalProperties": false, "properties": { - "SankeyDiagramAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SankeyDiagramAggregatedFieldWells", - "markdownDescription": "The field well configuration of a sankey diagram.", - "title": "SankeyDiagramAggregatedFieldWells" + "SelectedFieldsConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterOperationSelectedFieldsConfiguration", + "markdownDescription": "The configuration that chooses the fields to be filtered.", + "title": "SelectedFieldsConfiguration" + }, + "TargetVisualsConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterOperationTargetVisualsConfiguration", + "markdownDescription": "The configuration that chooses the target visuals to be filtered.", + "title": "TargetVisualsConfiguration" } }, + "required": [ + "SelectedFieldsConfiguration", + "TargetVisualsConfiguration" + ], "type": "object" }, - "AWS::QuickSight::Analysis.SankeyDiagramSortConfiguration": { + "AWS::QuickSight::Dashboard.CustomActionNavigationOperation": { "additionalProperties": false, "properties": { - "DestinationItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of destination nodes that are displayed in a sankey diagram.", - "title": "DestinationItemsLimit" - }, - "SourceItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of source nodes that are displayed in a sankey diagram.", - "title": "SourceItemsLimit" - }, - "WeightSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the weight fields.", - "title": "WeightSort", - "type": "array" + "LocalNavigationConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LocalNavigationConfiguration", + "markdownDescription": "The configuration that chooses the navigation target.", + "title": "LocalNavigationConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Analysis.SankeyDiagramVisual": { + "AWS::QuickSight::Dashboard.CustomActionSetParametersOperation": { "additionalProperties": false, "properties": { - "Actions": { + "ParameterValueConfigurations": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SetParameterValueConfiguration" }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", + "markdownDescription": "The parameter that determines the value configuration.", + "title": "ParameterValueConfigurations", "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SankeyDiagramChartConfiguration", - "markdownDescription": "The configuration of a sankey diagram.", - "title": "ChartConfiguration" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" - }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", - "type": "string" } }, "required": [ - "VisualId" + "ParameterValueConfigurations" ], "type": "object" }, - "AWS::QuickSight::Analysis.ScatterPlotCategoricallyAggregatedFieldWells": { - "additionalProperties": false, - "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The category field well of a scatter plot.", - "title": "Category", - "type": "array" - }, - "Label": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The label field well of a scatter plot.", - "title": "Label", - "type": "array" - }, - "Size": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The size field well of a scatter plot.", - "title": "Size", - "type": "array" - }, - "XAxis": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The x-axis field well of a scatter plot.\n\nThe x-axis is aggregated by category.", - "title": "XAxis", - "type": "array" - }, - "YAxis": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The y-axis field well of a scatter plot.\n\nThe y-axis is aggregated by category.", - "title": "YAxis", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.ScatterPlotConfiguration": { + "AWS::QuickSight::Dashboard.CustomActionURLOperation": { "additionalProperties": false, "properties": { - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.", - "title": "DataLabels" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ScatterPlotFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" - }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Tooltip" - }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" - }, - "XAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, and axis step) of the scatter plot's x-axis.", - "title": "XAxisDisplayOptions" - }, - "XAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's x-axis.", - "title": "XAxisLabelOptions" - }, - "YAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, and axis step) of the scatter plot's y-axis.", - "title": "YAxisDisplayOptions" - }, - "YAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's y-axis.", - "title": "YAxisLabelOptions" + "URLTarget": { + "markdownDescription": "The target of the `CustomActionURLOperation` .\n\nValid values are defined as follows:\n\n- `NEW_TAB` : Opens the target URL in a new browser tab.\n- `NEW_WINDOW` : Opens the target URL in a new browser window.\n- `SAME_TAB` : Opens the target URL in the same browser tab.", + "title": "URLTarget", + "type": "string" + }, + "URLTemplate": { + "markdownDescription": "THe URL link of the `CustomActionURLOperation` .", + "title": "URLTemplate", + "type": "string" } }, + "required": [ + "URLTarget", + "URLTemplate" + ], "type": "object" }, - "AWS::QuickSight::Analysis.ScatterPlotFieldWells": { + "AWS::QuickSight::Dashboard.CustomColor": { "additionalProperties": false, "properties": { - "ScatterPlotCategoricallyAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ScatterPlotCategoricallyAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a scatter plot. The x and y-axes of scatter plots with aggregated field wells are aggregated by category, label, or both.", - "title": "ScatterPlotCategoricallyAggregatedFieldWells" + "Color": { + "markdownDescription": "The color that is applied to the data value.", + "title": "Color", + "type": "string" }, - "ScatterPlotUnaggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ScatterPlotUnaggregatedFieldWells", - "markdownDescription": "The unaggregated field wells of a scatter plot. The x and y-axes of these scatter plots are unaggregated.", - "title": "ScatterPlotUnaggregatedFieldWells" + "FieldValue": { + "markdownDescription": "The data value that the color is applied to.", + "title": "FieldValue", + "type": "string" + }, + "SpecialValue": { + "markdownDescription": "The value of a special data value.", + "title": "SpecialValue", + "type": "string" } }, + "required": [ + "Color" + ], "type": "object" }, - "AWS::QuickSight::Analysis.ScatterPlotUnaggregatedFieldWells": { + "AWS::QuickSight::Dashboard.CustomContentConfiguration": { "additionalProperties": false, "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The category field well of a scatter plot.", - "title": "Category", - "type": "array" - }, - "Label": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The label field well of a scatter plot.", - "title": "Label", - "type": "array" + "ContentType": { + "markdownDescription": "The content type of the custom content visual. You can use this to have the visual render as an image.", + "title": "ContentType", + "type": "string" }, - "Size": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The size field well of a scatter plot.", - "title": "Size", - "type": "array" + "ContentUrl": { + "markdownDescription": "The input URL that links to the custom content that you want in the custom visual.", + "title": "ContentUrl", + "type": "string" }, - "XAxis": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The x-axis field well of a scatter plot.\n\nThe x-axis is a dimension field and cannot be aggregated.", - "title": "XAxis", - "type": "array" + "ImageScaling": { + "markdownDescription": "The sizing options for the size of the custom content visual. This structure is required when the `ContentType` of the visual is `'IMAGE'` .", + "title": "ImageScaling", + "type": "string" }, - "YAxis": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The y-axis field well of a scatter plot.\n\nThe y-axis is a dimension field and cannot be aggregated.", - "title": "YAxis", - "type": "array" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ScatterPlotVisual": { + "AWS::QuickSight::Dashboard.CustomContentVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ScatterPlotConfiguration", - "markdownDescription": "The configuration settings of the visual.", + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomContentConfiguration", + "markdownDescription": "The configuration of a `CustomContentVisual` .", "title": "ChartConfiguration" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "DataSetIdentifier": { + "markdownDescription": "The dataset that is used to create the custom content visual. You can't create a visual without a dataset.", + "title": "DataSetIdentifier", + "type": "string" }, "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", @@ -192647,3402 +236345,3053 @@ } }, "required": [ + "DataSetIdentifier", "VisualId" ], "type": "object" }, - "AWS::QuickSight::Analysis.ScrollBarOptions": { + "AWS::QuickSight::Dashboard.CustomFilterConfiguration": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility of the data zoom scroll bar.", - "title": "Visibility", + "CategoryValue": { + "markdownDescription": "The category value for the filter.\n\nThis field is mutually exclusive to `ParameterName` .", + "title": "CategoryValue", "type": "string" }, - "VisibleRange": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisibleRangeOptions", - "markdownDescription": "The visibility range for the data zoom scroll bar.", - "title": "VisibleRange" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.SecondaryValueOptions": { - "additionalProperties": false, - "properties": { - "Visibility": { - "markdownDescription": "Determines the visibility of the secondary value.", - "title": "Visibility", + "MatchOperator": { + "markdownDescription": "The match operator that is used to determine if a filter should be applied.", + "title": "MatchOperator", + "type": "string" + }, + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" + }, + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `CategoryValue` .", + "title": "ParameterName", + "type": "string" + }, + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", "type": "string" } }, + "required": [ + "MatchOperator", + "NullOption" + ], "type": "object" }, - "AWS::QuickSight::Analysis.SectionAfterPageBreak": { + "AWS::QuickSight::Dashboard.CustomFilterListConfiguration": { "additionalProperties": false, "properties": { - "Status": { - "markdownDescription": "The option that enables or disables a page break at the end of a section.", - "title": "Status", + "CategoryValues": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of category values for the filter.", + "title": "CategoryValues", + "type": "array" + }, + "MatchOperator": { + "markdownDescription": "The match operator that is used to determine if a filter should be applied.", + "title": "MatchOperator", + "type": "string" + }, + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" + }, + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", "type": "string" } }, + "required": [ + "MatchOperator", + "NullOption" + ], "type": "object" }, - "AWS::QuickSight::Analysis.SectionBasedLayoutCanvasSizeOptions": { + "AWS::QuickSight::Dashboard.CustomNarrativeOptions": { "additionalProperties": false, "properties": { - "PaperCanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionBasedLayoutPaperCanvasSizeOptions", - "markdownDescription": "The options for a paper canvas of a section-based layout.", - "title": "PaperCanvasSizeOptions" + "Narrative": { + "markdownDescription": "The string input of custom narrative.", + "title": "Narrative", + "type": "string" } }, + "required": [ + "Narrative" + ], "type": "object" }, - "AWS::QuickSight::Analysis.SectionBasedLayoutConfiguration": { + "AWS::QuickSight::Dashboard.CustomParameterValues": { "additionalProperties": false, "properties": { - "BodySections": { + "DateTimeValues": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BodySectionConfiguration" + "type": "string" }, - "markdownDescription": "A list of body section configurations.", - "title": "BodySections", + "markdownDescription": "A list of datetime-type parameter values.", + "title": "DateTimeValues", "type": "array" }, - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionBasedLayoutCanvasSizeOptions", - "markdownDescription": "The options for the canvas of a section-based layout.", - "title": "CanvasSizeOptions" + "DecimalValues": { + "items": { + "type": "number" + }, + "markdownDescription": "A list of decimal-type parameter values.", + "title": "DecimalValues", + "type": "array" }, - "FooterSections": { + "IntegerValues": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.HeaderFooterSectionConfiguration" + "type": "number" }, - "markdownDescription": "A list of footer section configurations.", - "title": "FooterSections", + "markdownDescription": "A list of integer-type parameter values.", + "title": "IntegerValues", "type": "array" }, - "HeaderSections": { + "StringValues": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.HeaderFooterSectionConfiguration" + "type": "string" }, - "markdownDescription": "A list of header section configurations.", - "title": "HeaderSections", + "markdownDescription": "A list of string-type parameter values.", + "title": "StringValues", "type": "array" } }, - "required": [ - "BodySections", - "CanvasSizeOptions", - "FooterSections", - "HeaderSections" - ], "type": "object" }, - "AWS::QuickSight::Analysis.SectionBasedLayoutPaperCanvasSizeOptions": { + "AWS::QuickSight::Dashboard.CustomValuesConfiguration": { "additionalProperties": false, "properties": { - "PaperMargin": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.Spacing", - "markdownDescription": "Defines the spacing between the canvas content and the top, bottom, left, and right edges.", - "title": "PaperMargin" - }, - "PaperOrientation": { - "markdownDescription": "The paper orientation that is used to define canvas dimensions. Choose one of the following options:\n\n- PORTRAIT\n- LANDSCAPE", - "title": "PaperOrientation", - "type": "string" + "CustomValues": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomParameterValues", + "markdownDescription": "", + "title": "CustomValues" }, - "PaperSize": { - "markdownDescription": "The paper size that is used to define canvas dimensions.", - "title": "PaperSize", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.SectionLayoutConfiguration": { - "additionalProperties": false, - "properties": { - "FreeFormLayout": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormSectionLayoutConfiguration", - "markdownDescription": "The free-form layout configuration of a section.", - "title": "FreeFormLayout" + "IncludeNullValue": { + "markdownDescription": "Includes the null value in custom action parameter values.", + "title": "IncludeNullValue", + "type": "boolean" } }, "required": [ - "FreeFormLayout" + "CustomValues" ], "type": "object" }, - "AWS::QuickSight::Analysis.SectionPageBreakConfiguration": { - "additionalProperties": false, - "properties": { - "After": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionAfterPageBreak", - "markdownDescription": "The configuration of a page break after a section.", - "title": "After" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.SectionStyle": { + "AWS::QuickSight::Dashboard.DashboardError": { "additionalProperties": false, "properties": { - "Height": { - "markdownDescription": "The height of a section.\n\nHeights can only be defined for header and footer sections. The default height margin is 0.5 inches.", - "title": "Height", + "Message": { + "markdownDescription": "Message.", + "title": "Message", "type": "string" }, - "Padding": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.Spacing", - "markdownDescription": "The spacing between section content and its top, bottom, left, and right edges.\n\nThere is no padding by default.", - "title": "Padding" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.SelectedSheetsFilterScopeConfiguration": { - "additionalProperties": false, - "properties": { - "SheetVisualScopingConfigurations": { + "Type": { + "markdownDescription": "Type.", + "title": "Type", + "type": "string" + }, + "ViolatedEntities": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetVisualScopingConfiguration" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.Entity" }, - "markdownDescription": "The sheet ID and visual IDs of the sheet and visuals that the filter is applied to.", - "title": "SheetVisualScopingConfigurations", + "markdownDescription": "Lists the violated entities that caused the dashboard error.", + "title": "ViolatedEntities", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.SeriesItem": { + "AWS::QuickSight::Dashboard.DashboardPublishOptions": { "additionalProperties": false, "properties": { - "DataFieldSeriesItem": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataFieldSeriesItem", - "markdownDescription": "The data field series item configuration of a line chart.", - "title": "DataFieldSeriesItem" + "AdHocFilteringOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AdHocFilteringOption", + "markdownDescription": "Ad hoc (one-time) filtering option.", + "title": "AdHocFilteringOption" }, - "FieldSeriesItem": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSeriesItem", - "markdownDescription": "The field series item configuration of a line chart.", - "title": "FieldSeriesItem" + "DataPointDrillUpDownOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPointDrillUpDownOption", + "markdownDescription": "The drill-down options of data points in a dashboard.", + "title": "DataPointDrillUpDownOption" + }, + "DataPointMenuLabelOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPointMenuLabelOption", + "markdownDescription": "The data point menu label options of a dashboard.", + "title": "DataPointMenuLabelOption" + }, + "DataPointTooltipOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPointTooltipOption", + "markdownDescription": "The data point tool tip options of a dashboard.", + "title": "DataPointTooltipOption" + }, + "ExportToCSVOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ExportToCSVOption", + "markdownDescription": "Export to .csv option.", + "title": "ExportToCSVOption" + }, + "ExportWithHiddenFieldsOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ExportWithHiddenFieldsOption", + "markdownDescription": "Determines if hidden fields are exported with a dashboard.", + "title": "ExportWithHiddenFieldsOption" + }, + "SheetControlsOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlsOption", + "markdownDescription": "Sheet controls option.", + "title": "SheetControlsOption" + }, + "SheetLayoutElementMaximizationOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetLayoutElementMaximizationOption", + "markdownDescription": "The sheet layout maximization options of a dashbaord.", + "title": "SheetLayoutElementMaximizationOption" + }, + "VisualAxisSortOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualAxisSortOption", + "markdownDescription": "The axis sort options of a dashboard.", + "title": "VisualAxisSortOption" + }, + "VisualMenuOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualMenuOption", + "markdownDescription": "The menu options of a visual in a dashboard.", + "title": "VisualMenuOption" + }, + "VisualPublishOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DashboardVisualPublishOptions", + "markdownDescription": "The visual publish options of a visual in a dashboard.", + "title": "VisualPublishOptions" } }, "type": "object" }, - "AWS::QuickSight::Analysis.SetParameterValueConfiguration": { + "AWS::QuickSight::Dashboard.DashboardSourceEntity": { "additionalProperties": false, "properties": { - "DestinationParameterName": { - "markdownDescription": "The destination parameter name of the `SetParameterValueConfiguration` .", - "title": "DestinationParameterName", - "type": "string" - }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DestinationParameterValueConfiguration", - "markdownDescription": "", - "title": "Value" + "SourceTemplate": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DashboardSourceTemplate", + "markdownDescription": "Source template.", + "title": "SourceTemplate" } }, - "required": [ - "DestinationParameterName", - "Value" - ], "type": "object" }, - "AWS::QuickSight::Analysis.ShapeConditionalFormat": { + "AWS::QuickSight::Dashboard.DashboardSourceTemplate": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting for the shape background color of a filled map visual.", - "title": "BackgroundColor" + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", + "title": "Arn", + "type": "string" + }, + "DataSetReferences": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataSetReference" + }, + "markdownDescription": "Dataset references.", + "title": "DataSetReferences", + "type": "array" } }, "required": [ - "BackgroundColor" + "Arn", + "DataSetReferences" ], "type": "object" }, - "AWS::QuickSight::Analysis.Sheet": { + "AWS::QuickSight::Dashboard.DashboardVersion": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of a sheet. This name is displayed on the sheet's tab in the Amazon QuickSight console.", - "title": "Name", + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", + "title": "Arn", "type": "string" }, - "SheetId": { - "markdownDescription": "The unique identifier associated with a sheet.", - "title": "SheetId", + "CreatedTime": { + "markdownDescription": "The time that this dashboard version was created.", + "title": "CreatedTime", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions": { - "additionalProperties": false, - "properties": { - "InfoIconText": { - "markdownDescription": "The text content of info icon.", - "title": "InfoIconText", + }, + "DataSetArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Numbers (ARNs) for the datasets that are associated with this version of the dashboard.", + "title": "DataSetArns", + "type": "array" + }, + "Description": { + "markdownDescription": "Description.", + "title": "Description", "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility configuration of info icon label options.", - "title": "Visibility", + "Errors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DashboardError" + }, + "markdownDescription": "Errors associated with this dashboard version.", + "title": "Errors", + "type": "array" + }, + "Sheets": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.Sheet" + }, + "markdownDescription": "A list of the associated sheets with the unique identifier and name of each sheet.", + "title": "Sheets", + "type": "array" + }, + "SourceEntityArn": { + "markdownDescription": "Source entity ARN.", + "title": "SourceEntityArn", "type": "string" + }, + "Status": { + "markdownDescription": "The HTTP status of the request.", + "title": "Status", + "type": "string" + }, + "ThemeArn": { + "markdownDescription": "The ARN of the theme associated with a version of the dashboard.", + "title": "ThemeArn", + "type": "string" + }, + "VersionNumber": { + "markdownDescription": "Version number for this version of the dashboard.", + "title": "VersionNumber", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.SheetControlLayout": { - "additionalProperties": false, - "properties": { - "Configuration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlLayoutConfiguration", - "markdownDescription": "The configuration that determines the elements and canvas size options of sheet control.", - "title": "Configuration" - } - }, - "required": [ - "Configuration" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.SheetControlLayoutConfiguration": { - "additionalProperties": false, - "properties": { - "GridLayout": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GridLayoutConfiguration", - "markdownDescription": "The configuration that determines the elements and canvas size options of sheet control.", - "title": "GridLayout" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.SheetDefinition": { + "AWS::QuickSight::Dashboard.DashboardVersionDefinition": { "additionalProperties": false, "properties": { - "ContentType": { - "markdownDescription": "The layout content type of the sheet. Choose one of the following options:\n\n- `PAGINATED` : Creates a sheet for a paginated report.\n- `INTERACTIVE` : Creates a sheet for an interactive dashboard.", - "title": "ContentType", - "type": "string" - }, - "Description": { - "markdownDescription": "A description of the sheet.", - "title": "Description", - "type": "string" + "AnalysisDefaults": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AnalysisDefaults", + "markdownDescription": "", + "title": "AnalysisDefaults" }, - "FilterControls": { + "CalculatedFields": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterControl" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CalculatedField" }, - "markdownDescription": "The list of filter controls that are on a sheet.\n\nFor more information, see [Adding filter controls to analysis sheets](https://docs.aws.amazon.com/quicksight/latest/user/filter-controls.html) in the *Amazon QuickSight User Guide* .", - "title": "FilterControls", + "markdownDescription": "An array of calculated field definitions for the dashboard.", + "title": "CalculatedFields", "type": "array" }, - "Layouts": { + "ColumnConfigurations": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.Layout" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnConfiguration" }, - "markdownDescription": "Layouts define how the components of a sheet are arranged.\n\nFor more information, see [Types of layout](https://docs.aws.amazon.com/quicksight/latest/user/types-of-layout.html) in the *Amazon QuickSight User Guide* .", - "title": "Layouts", + "markdownDescription": "An array of dashboard-level column configurations. Column configurations are used to set the default formatting for a column that is used throughout a dashboard.", + "title": "ColumnConfigurations", "type": "array" }, - "Name": { - "markdownDescription": "The name of the sheet. This name is displayed on the sheet's tab in the Amazon QuickSight console.", - "title": "Name", - "type": "string" - }, - "ParameterControls": { + "DataSetIdentifierDeclarations": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterControl" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataSetIdentifierDeclaration" }, - "markdownDescription": "The list of parameter controls that are on a sheet.\n\nFor more information, see [Using a Control with a Parameter in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-controls.html) in the *Amazon QuickSight User Guide* .", - "title": "ParameterControls", + "markdownDescription": "An array of dataset identifier declarations. With this mapping,you can use dataset identifiers instead of dataset Amazon Resource Names (ARNs) throughout the dashboard's sub-structures.", + "title": "DataSetIdentifierDeclarations", "type": "array" }, - "SheetControlLayouts": { + "FilterGroups": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlLayout" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterGroup" }, - "markdownDescription": "The control layouts of the sheet.", - "title": "SheetControlLayouts", + "markdownDescription": "The filter definitions for a dashboard.\n\nFor more information, see [Filtering Data in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/adding-a-filter.html) in the *Amazon QuickSight User Guide* .", + "title": "FilterGroups", "type": "array" }, - "SheetId": { - "markdownDescription": "The unique identifier of a sheet.", - "title": "SheetId", - "type": "string" + "Options": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AssetOptions", + "markdownDescription": "An array of option definitions for a dashboard.", + "title": "Options" }, - "TextBoxes": { + "ParameterDeclarations": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetTextBox" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterDeclaration" }, - "markdownDescription": "The text boxes that are on a sheet.", - "title": "TextBoxes", + "markdownDescription": "The parameter declarations for a dashboard. Parameters are named variables that can transfer a value for use by an action or an object.\n\nFor more information, see [Parameters in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-in-quicksight.html) in the *Amazon QuickSight User Guide* .", + "title": "ParameterDeclarations", "type": "array" }, - "Title": { - "markdownDescription": "The title of the sheet.", - "title": "Title", - "type": "string" + "Sheets": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetDefinition" + }, + "markdownDescription": "An array of sheet definitions for a dashboard.", + "title": "Sheets", + "type": "array" }, - "Visuals": { + "StaticFiles": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.Visual" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.StaticFile" }, - "markdownDescription": "A list of the visuals that are on a sheet. Visual placement is determined by the layout of the sheet.", - "title": "Visuals", + "markdownDescription": "The static files for the definition.", + "title": "StaticFiles", "type": "array" } }, "required": [ - "SheetId" + "DataSetIdentifierDeclarations" ], "type": "object" }, - "AWS::QuickSight::Analysis.SheetElementConfigurationOverrides": { + "AWS::QuickSight::Dashboard.DashboardVisualPublishOptions": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "Determines whether or not the overrides are visible. Choose one of the following options:\n\n- `VISIBLE`\n- `HIDDEN`", - "title": "Visibility", - "type": "string" + "ExportHiddenFieldsOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ExportHiddenFieldsOption", + "markdownDescription": "Determines if hidden fields are included in an exported dashboard.", + "title": "ExportHiddenFieldsOption" } }, "type": "object" }, - "AWS::QuickSight::Analysis.SheetElementRenderingRule": { + "AWS::QuickSight::Dashboard.DataBarsOptions": { "additionalProperties": false, "properties": { - "ConfigurationOverrides": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetElementConfigurationOverrides", - "markdownDescription": "The override configuration of the rendering rules of a sheet.", - "title": "ConfigurationOverrides" + "FieldId": { + "markdownDescription": "The field ID for the data bars options.", + "title": "FieldId", + "type": "string" }, - "Expression": { - "markdownDescription": "The expression of the rendering rules of a sheet.", - "title": "Expression", + "NegativeColor": { + "markdownDescription": "The color of the negative data bar.", + "title": "NegativeColor", + "type": "string" + }, + "PositiveColor": { + "markdownDescription": "The color of the positive data bar.", + "title": "PositiveColor", "type": "string" } }, "required": [ - "ConfigurationOverrides", - "Expression" + "FieldId" ], "type": "object" }, - "AWS::QuickSight::Analysis.SheetTextBox": { + "AWS::QuickSight::Dashboard.DataColor": { "additionalProperties": false, "properties": { - "Content": { - "markdownDescription": "The content that is displayed in the text box.", - "title": "Content", + "Color": { + "markdownDescription": "The color that is applied to the data value.", + "title": "Color", "type": "string" }, - "SheetTextBoxId": { - "markdownDescription": "The unique identifier for a text box. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have text boxes that share identifiers.", - "title": "SheetTextBoxId", - "type": "string" + "DataValue": { + "markdownDescription": "The data value that the color is applied to.", + "title": "DataValue", + "type": "number" } }, - "required": [ - "SheetTextBoxId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.SheetVisualScopingConfiguration": { + "AWS::QuickSight::Dashboard.DataFieldSeriesItem": { "additionalProperties": false, "properties": { - "Scope": { - "markdownDescription": "The scope of the applied entities. Choose one of the following options:\n\n- `ALL_VISUALS`\n- `SELECTED_VISUALS`", - "title": "Scope", + "AxisBinding": { + "markdownDescription": "The axis that you are binding the field to.", + "title": "AxisBinding", "type": "string" }, - "SheetId": { - "markdownDescription": "The selected sheet that the filter is applied to.", - "title": "SheetId", + "FieldId": { + "markdownDescription": "The field ID of the field that you are setting the axis binding to.", + "title": "FieldId", "type": "string" }, - "VisualIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The selected visuals that the filter is applied to.", - "title": "VisualIds", - "type": "array" + "FieldValue": { + "markdownDescription": "The field value of the field that you are setting the axis binding to.", + "title": "FieldValue", + "type": "string" + }, + "Settings": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartSeriesSettings", + "markdownDescription": "The options that determine the presentation of line series associated to the field.", + "title": "Settings" } }, "required": [ - "Scope", - "SheetId" + "AxisBinding", + "FieldId" ], "type": "object" }, - "AWS::QuickSight::Analysis.ShortFormatText": { + "AWS::QuickSight::Dashboard.DataLabelOptions": { "additionalProperties": false, "properties": { - "PlainText": { - "markdownDescription": "Plain text format.", - "title": "PlainText", + "CategoryLabelVisibility": { + "markdownDescription": "Determines the visibility of the category field labels.", + "title": "CategoryLabelVisibility", "type": "string" }, - "RichText": { - "markdownDescription": "Rich text. Examples of rich text include bold, underline, and italics.", - "title": "RichText", + "DataLabelTypes": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelType" + }, + "markdownDescription": "The option that determines the data label type.", + "title": "DataLabelTypes", + "type": "array" + }, + "LabelColor": { + "markdownDescription": "Determines the color of the data labels.", + "title": "LabelColor", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.SimpleClusterMarker": { - "additionalProperties": false, - "properties": { - "Color": { - "markdownDescription": "The color of the simple cluster marker.", - "title": "Color", + }, + "LabelContent": { + "markdownDescription": "Determines the content of the data labels.", + "title": "LabelContent", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.SliderControlDisplayOptions": { - "additionalProperties": false, - "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.SmallMultiplesAxisProperties": { - "additionalProperties": false, - "properties": { - "Placement": { - "markdownDescription": "Defines the placement of the axis. By default, axes are rendered `OUTSIDE` of the panels. Axes with `INDEPENDENT` scale are rendered `INSIDE` the panels.", - "title": "Placement", + "LabelFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", + "markdownDescription": "Determines the font configuration of the data labels.", + "title": "LabelFontConfiguration" + }, + "MeasureLabelVisibility": { + "markdownDescription": "Determines the visibility of the measure field labels.", + "title": "MeasureLabelVisibility", "type": "string" }, - "Scale": { - "markdownDescription": "Determines whether scale of the axes are shared or independent. The default value is `SHARED` .", - "title": "Scale", + "Overlap": { + "markdownDescription": "Determines whether overlap is enabled or disabled for the data labels.", + "title": "Overlap", + "type": "string" + }, + "Position": { + "markdownDescription": "Determines the position of the data labels.", + "title": "Position", + "type": "string" + }, + "TotalsVisibility": { + "markdownDescription": "Determines the visibility of the total.", + "title": "TotalsVisibility", + "type": "string" + }, + "Visibility": { + "markdownDescription": "Determines the visibility of the data labels.", + "title": "Visibility", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.SmallMultiplesOptions": { + "AWS::QuickSight::Dashboard.DataLabelType": { "additionalProperties": false, "properties": { - "MaxVisibleColumns": { - "markdownDescription": "Sets the maximum number of visible columns to display in the grid of small multiples panels.\n\nThe default is `Auto` , which automatically adjusts the columns in the grid to fit the overall layout and size of the given chart.", - "title": "MaxVisibleColumns", - "type": "number" + "DataPathLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathLabelType", + "markdownDescription": "The option that specifies individual data values for labels.", + "title": "DataPathLabelType" }, - "MaxVisibleRows": { - "markdownDescription": "Sets the maximum number of visible rows to display in the grid of small multiples panels.\n\nThe default value is `Auto` , which automatically adjusts the rows in the grid to fit the overall layout and size of the given chart.", - "title": "MaxVisibleRows", - "type": "number" + "FieldLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldLabelType", + "markdownDescription": "Determines the label configuration for the entire field.", + "title": "FieldLabelType" }, - "PanelConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PanelConfiguration", - "markdownDescription": "Configures the display options for each small multiples panel.", - "title": "PanelConfiguration" + "MaximumLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MaximumLabelType", + "markdownDescription": "Determines the label configuration for the maximum value in a visual.", + "title": "MaximumLabelType" }, - "XAxis": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SmallMultiplesAxisProperties", - "markdownDescription": "The properties of a small multiples X axis.", - "title": "XAxis" + "MinimumLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MinimumLabelType", + "markdownDescription": "Determines the label configuration for the minimum value in a visual.", + "title": "MinimumLabelType" }, - "YAxis": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SmallMultiplesAxisProperties", - "markdownDescription": "The properties of a small multiples Y axis.", - "title": "YAxis" + "RangeEndsLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RangeEndsLabelType", + "markdownDescription": "Determines the label configuration for range end value in a visual.", + "title": "RangeEndsLabelType" } }, "type": "object" }, - "AWS::QuickSight::Analysis.Spacing": { + "AWS::QuickSight::Dashboard.DataPathColor": { "additionalProperties": false, "properties": { - "Bottom": { - "markdownDescription": "Define the bottom spacing.", - "title": "Bottom", - "type": "string" - }, - "Left": { - "markdownDescription": "Define the left spacing.", - "title": "Left", + "Color": { + "markdownDescription": "The color that needs to be applied to the element.", + "title": "Color", "type": "string" }, - "Right": { - "markdownDescription": "Define the right spacing.", - "title": "Right", - "type": "string" + "Element": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathValue", + "markdownDescription": "The element that the color needs to be applied to.", + "title": "Element" }, - "Top": { - "markdownDescription": "Define the top spacing.", - "title": "Top", + "TimeGranularity": { + "markdownDescription": "The time granularity of the field that the color needs to be applied to.", + "title": "TimeGranularity", "type": "string" } }, + "required": [ + "Color", + "Element" + ], "type": "object" }, - "AWS::QuickSight::Analysis.StringDefaultValues": { + "AWS::QuickSight::Dashboard.DataPathLabelType": { "additionalProperties": false, "properties": { - "DynamicValue": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DynamicDefaultValue", - "markdownDescription": "The dynamic value of the `StringDefaultValues` . Different defaults displayed according to users, groups, and values mapping.", - "title": "DynamicValue" + "FieldId": { + "markdownDescription": "The field ID of the field that the data label needs to be applied to.", + "title": "FieldId", + "type": "string" }, - "StaticValues": { - "items": { - "type": "string" - }, - "markdownDescription": "The static values of the `DecimalDefaultValues` .", - "title": "StaticValues", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.StringFormatConfiguration": { - "additionalProperties": false, - "properties": { - "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NullValueFormatConfiguration", - "markdownDescription": "The options that determine the null value format configuration.", - "title": "NullValueFormatConfiguration" + "FieldValue": { + "markdownDescription": "The actual value of the field that is labeled.", + "title": "FieldValue", + "type": "string" }, - "NumericFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericFormatConfiguration", - "markdownDescription": "The formatting configuration for numeric strings.", - "title": "NumericFormatConfiguration" + "Visibility": { + "markdownDescription": "The visibility of the data label.", + "title": "Visibility", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.StringParameter": { + "AWS::QuickSight::Dashboard.DataPathSort": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "A display name for a string parameter.", - "title": "Name", + "Direction": { + "markdownDescription": "Determines the sort direction.", + "title": "Direction", "type": "string" }, - "Values": { + "SortPaths": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathValue" }, - "markdownDescription": "The values of a string parameter.", - "title": "Values", + "markdownDescription": "The list of data paths that need to be sorted.", + "title": "SortPaths", "type": "array" } }, "required": [ - "Name", - "Values" + "Direction", + "SortPaths" ], "type": "object" }, - "AWS::QuickSight::Analysis.StringParameterDeclaration": { + "AWS::QuickSight::Dashboard.DataPathType": { "additionalProperties": false, "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.StringDefaultValues", - "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", - "title": "DefaultValues" - }, - "MappedDataSetParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MappedDataSetParameter" - }, - "markdownDescription": "", - "title": "MappedDataSetParameters", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the parameter that is being declared.", - "title": "Name", - "type": "string" - }, - "ParameterValueType": { - "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", - "title": "ParameterValueType", + "PivotTableDataPathType": { + "markdownDescription": "The type of data path value utilized in a pivot table. Choose one of the following options:\n\n- `HIERARCHY_ROWS_LAYOUT_COLUMN` - The type of data path for the rows layout column, when `RowsLayout` is set to `HIERARCHY` .\n- `MULTIPLE_ROW_METRICS_COLUMN` - The type of data path for the metric column when the row is set to Metric Placement.\n- `EMPTY_COLUMN_HEADER` - The type of data path for the column with empty column header, when there is no field in `ColumnsFieldWell` and the row is set to Metric Placement.\n- `COUNT_METRIC_COLUMN` - The type of data path for the column with `COUNT` as the metric, when there is no field in the `ValuesFieldWell` .", + "title": "PivotTableDataPathType", "type": "string" - }, - "ValueWhenUnset": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.StringValueWhenUnsetConfiguration", - "markdownDescription": "The configuration that defines the default value of a `String` parameter when a value has not been set.", - "title": "ValueWhenUnset" } }, - "required": [ - "Name", - "ParameterValueType" - ], "type": "object" }, - "AWS::QuickSight::Analysis.StringValueWhenUnsetConfiguration": { + "AWS::QuickSight::Dashboard.DataPathValue": { "additionalProperties": false, "properties": { - "CustomValue": { - "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", - "title": "CustomValue", + "DataPathType": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathType", + "markdownDescription": "The type configuration of the field.", + "title": "DataPathType" + }, + "FieldId": { + "markdownDescription": "The field ID of the field that needs to be sorted.", + "title": "FieldId", "type": "string" }, - "ValueWhenUnsetOption": { - "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", - "title": "ValueWhenUnsetOption", + "FieldValue": { + "markdownDescription": "The actual value of the field that needs to be sorted.", + "title": "FieldValue", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.SubtotalOptions": { + "AWS::QuickSight::Dashboard.DataPointDrillUpDownOption": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label string for the subtotal cells.", - "title": "CustomLabel", - "type": "string" - }, - "FieldLevel": { - "markdownDescription": "The field level (all, custom, last) for the subtotal cells.", - "title": "FieldLevel", + "AvailabilityStatus": { + "markdownDescription": "The status of the drill down options of data points.", + "title": "AvailabilityStatus", "type": "string" - }, - "FieldLevelOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableFieldSubtotalOptions" - }, - "markdownDescription": "The optional configuration of subtotal cells.", - "title": "FieldLevelOptions", - "type": "array" - }, - "MetricHeaderCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", - "markdownDescription": "The cell styling options for the subtotals of header cells.", - "title": "MetricHeaderCellStyle" - }, - "StyleTargets": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableStyleTarget" - }, - "markdownDescription": "The style targets options for subtotals.", - "title": "StyleTargets", - "type": "array" - }, - "TotalCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", - "markdownDescription": "The cell styling options for the subtotal cells.", - "title": "TotalCellStyle" - }, - "TotalsVisibility": { - "markdownDescription": "The visibility configuration for the subtotal cells.", - "title": "TotalsVisibility", + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DataPointMenuLabelOption": { + "additionalProperties": false, + "properties": { + "AvailabilityStatus": { + "markdownDescription": "The status of the data point menu options.", + "title": "AvailabilityStatus", "type": "string" - }, - "ValueCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", - "markdownDescription": "The cell styling options for the subtotals of value cells.", - "title": "ValueCellStyle" } }, "type": "object" }, - "AWS::QuickSight::Analysis.TableAggregatedFieldWells": { + "AWS::QuickSight::Dashboard.DataPointTooltipOption": { "additionalProperties": false, "properties": { - "GroupBy": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The group by field well for a pivot table. Values are grouped by group by fields.", - "title": "GroupBy", - "type": "array" - }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The values field well for a pivot table. Values are aggregated based on group by fields.", - "title": "Values", - "type": "array" + "AvailabilityStatus": { + "markdownDescription": "The status of the data point tool tip options.", + "title": "AvailabilityStatus", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.TableBorderOptions": { + "AWS::QuickSight::Dashboard.DataSetIdentifierDeclaration": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The color of a table border.", - "title": "Color", + "DataSetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the data set.", + "title": "DataSetArn", "type": "string" }, - "Style": { - "markdownDescription": "The style (none, solid) of a table border.", - "title": "Style", + "Identifier": { + "markdownDescription": "The identifier of the data set, typically the data set's name.", + "title": "Identifier", "type": "string" - }, - "Thickness": { - "markdownDescription": "The thickness of a table border.", - "title": "Thickness", - "type": "number" } }, + "required": [ + "DataSetArn", + "Identifier" + ], "type": "object" }, - "AWS::QuickSight::Analysis.TableCellConditionalFormatting": { + "AWS::QuickSight::Dashboard.DataSetReference": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID of the cell for conditional formatting.", - "title": "FieldId", + "DataSetArn": { + "markdownDescription": "Dataset Amazon Resource Name (ARN).", + "title": "DataSetArn", "type": "string" }, - "TextFormat": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TextConditionalFormat", - "markdownDescription": "The text format of the cell for conditional formatting.", - "title": "TextFormat" + "DataSetPlaceholder": { + "markdownDescription": "Dataset placeholder.", + "title": "DataSetPlaceholder", + "type": "string" } }, "required": [ - "FieldId" + "DataSetArn", + "DataSetPlaceholder" ], "type": "object" }, - "AWS::QuickSight::Analysis.TableCellImageSizingConfiguration": { + "AWS::QuickSight::Dashboard.DateAxisOptions": { "additionalProperties": false, "properties": { - "TableCellImageScalingConfiguration": { - "markdownDescription": "The cell scaling configuration of the sizing options for the table image configuration.", - "title": "TableCellImageScalingConfiguration", + "MissingDateVisibility": { + "markdownDescription": "Determines whether or not missing dates are displayed.", + "title": "MissingDateVisibility", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.TableCellStyle": { + "AWS::QuickSight::Dashboard.DateDimensionField": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "markdownDescription": "The background color for the table cells.", - "title": "BackgroundColor", - "type": "string" - }, - "Border": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GlobalTableBorderOptions", - "markdownDescription": "The borders for the table cells.", - "title": "Border" - }, - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", - "markdownDescription": "The font configuration of the table cells.", - "title": "FontConfiguration" - }, - "Height": { - "markdownDescription": "The height color for the table cells.", - "title": "Height", - "type": "number" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that is used in the `DateDimensionField` .", + "title": "Column" }, - "HorizontalTextAlignment": { - "markdownDescription": "The horizontal text alignment (left, center, right, auto) for the table cells.", - "title": "HorizontalTextAlignment", + "DateGranularity": { + "markdownDescription": "The date granularity of the `DateDimensionField` . Choose one of the following options:\n\n- `YEAR`\n- `QUARTER`\n- `MONTH`\n- `WEEK`\n- `DAY`\n- `HOUR`\n- `MINUTE`\n- `SECOND`\n- `MILLISECOND`", + "title": "DateGranularity", "type": "string" }, - "TextWrap": { - "markdownDescription": "The text wrap (none, wrap) for the table cells.", - "title": "TextWrap", + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", "type": "string" }, - "VerticalTextAlignment": { - "markdownDescription": "The vertical text alignment (top, middle, bottom) for the table cells.", - "title": "VerticalTextAlignment", - "type": "string" + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" }, - "Visibility": { - "markdownDescription": "The visibility of the table cells.", - "title": "Visibility", + "HierarchyId": { + "markdownDescription": "The custom hierarchy ID.", + "title": "HierarchyId", "type": "string" } }, + "required": [ + "Column", + "FieldId" + ], "type": "object" }, - "AWS::QuickSight::Analysis.TableConditionalFormatting": { - "additionalProperties": false, - "properties": { - "ConditionalFormattingOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableConditionalFormattingOption" - }, - "markdownDescription": "Conditional formatting options for a `PivotTableVisual` .", - "title": "ConditionalFormattingOptions", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.TableConditionalFormattingOption": { + "AWS::QuickSight::Dashboard.DateMeasureField": { "additionalProperties": false, "properties": { - "Cell": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellConditionalFormatting", - "markdownDescription": "The cell conditional formatting option for a table.", - "title": "Cell" + "AggregationFunction": { + "markdownDescription": "The aggregation function of the measure field.", + "title": "AggregationFunction", + "type": "string" }, - "Row": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableRowConditionalFormatting", - "markdownDescription": "The row conditional formatting option for a table.", - "title": "Row" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that is used in the `DateMeasureField` .", + "title": "Column" + }, + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" } }, + "required": [ + "Column", + "FieldId" + ], "type": "object" }, - "AWS::QuickSight::Analysis.TableConfiguration": { + "AWS::QuickSight::Dashboard.DateTimeDefaultValues": { "additionalProperties": false, "properties": { - "FieldOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldOptions", - "markdownDescription": "The field options for a table visual.", - "title": "FieldOptions" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "PaginatedReportOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TablePaginatedReportOptions", - "markdownDescription": "The paginated report options for a table visual.", - "title": "PaginatedReportOptions" + "DynamicValue": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DynamicDefaultValue", + "markdownDescription": "The dynamic value of the `DataTimeDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", + "title": "DynamicValue" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableSortConfiguration", - "markdownDescription": "The sort configuration for a `TableVisual` .", - "title": "SortConfiguration" + "RollingDate": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RollingDateConfiguration", + "markdownDescription": "The rolling date of the `DataTimeDefaultValues` . The date is determined from the dataset based on input expression.", + "title": "RollingDate" }, - "TableInlineVisualizations": { + "StaticValues": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableInlineVisualization" + "type": "string" }, - "markdownDescription": "A collection of inline visualizations to display within a chart.", - "title": "TableInlineVisualizations", + "markdownDescription": "The static values of the `DataTimeDefaultValues` .", + "title": "StaticValues", "type": "array" - }, - "TableOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableOptions", - "markdownDescription": "The table options for a table visual.", - "title": "TableOptions" - }, - "TotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TotalOptions", - "markdownDescription": "The total options for a table visual.", - "title": "TotalOptions" } }, "type": "object" }, - "AWS::QuickSight::Analysis.TableFieldCustomIconContent": { + "AWS::QuickSight::Dashboard.DateTimeFormatConfiguration": { "additionalProperties": false, "properties": { - "Icon": { - "markdownDescription": "The icon set type (link) of the custom icon content for table URL link content.", - "title": "Icon", + "DateTimeFormat": { + "markdownDescription": "Determines the `DateTime` format.", + "title": "DateTimeFormat", "type": "string" + }, + "NullValueFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NullValueFormatConfiguration", + "markdownDescription": "The options that determine the null value format configuration.", + "title": "NullValueFormatConfiguration" + }, + "NumericFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericFormatConfiguration", + "markdownDescription": "The formatting configuration for numeric `DateTime` fields.", + "title": "NumericFormatConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Analysis.TableFieldCustomTextContent": { + "AWS::QuickSight::Dashboard.DateTimeHierarchy": { "additionalProperties": false, "properties": { - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", - "markdownDescription": "The font configuration of the custom text content for the table URL link content.", - "title": "FontConfiguration" + "DrillDownFilters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DrillDownFilter" + }, + "markdownDescription": "The option that determines the drill down filters for the `DateTime` hierarchy.", + "title": "DrillDownFilters", + "type": "array" }, - "Value": { - "markdownDescription": "The string value of the custom text content for the table URL link content.", - "title": "Value", + "HierarchyId": { + "markdownDescription": "The hierarchy ID of the `DateTime` hierarchy.", + "title": "HierarchyId", "type": "string" } }, "required": [ - "FontConfiguration" + "HierarchyId" ], "type": "object" }, - "AWS::QuickSight::Analysis.TableFieldImageConfiguration": { + "AWS::QuickSight::Dashboard.DateTimeParameter": { "additionalProperties": false, "properties": { - "SizingOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellImageSizingConfiguration", - "markdownDescription": "The sizing options for the table image configuration.", - "title": "SizingOptions" + "Name": { + "markdownDescription": "A display name for the date-time parameter.", + "title": "Name", + "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The values for the date-time parameter.", + "title": "Values", + "type": "array" } }, + "required": [ + "Name", + "Values" + ], "type": "object" }, - "AWS::QuickSight::Analysis.TableFieldLinkConfiguration": { + "AWS::QuickSight::Dashboard.DateTimeParameterDeclaration": { "additionalProperties": false, "properties": { - "Content": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldLinkContentConfiguration", - "markdownDescription": "The URL content (text, icon) for the table link configuration.", - "title": "Content" + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeDefaultValues", + "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", + "title": "DefaultValues" }, - "Target": { - "markdownDescription": "The URL target (new tab, new window, same tab) for the table link configuration.", - "title": "Target", + "MappedDataSetParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MappedDataSetParameter" + }, + "markdownDescription": "", + "title": "MappedDataSetParameters", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the parameter that is being declared.", + "title": "Name", + "type": "string" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", "type": "string" + }, + "ValueWhenUnset": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeValueWhenUnsetConfiguration", + "markdownDescription": "The configuration that defines the default value of a `DateTime` parameter when a value has not been set.", + "title": "ValueWhenUnset" } }, "required": [ - "Content", - "Target" + "Name" ], "type": "object" }, - "AWS::QuickSight::Analysis.TableFieldLinkContentConfiguration": { + "AWS::QuickSight::Dashboard.DateTimePickerControlDisplayOptions": { "additionalProperties": false, "properties": { - "CustomIconContent": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldCustomIconContent", - "markdownDescription": "The custom icon content for the table link content configuration.", - "title": "CustomIconContent" + "DateIconVisibility": { + "markdownDescription": "The date icon visibility of the `DateTimePickerControlDisplayOptions` .", + "title": "DateIconVisibility", + "type": "string" }, - "CustomTextContent": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldCustomTextContent", - "markdownDescription": "The custom text content (value, font configuration) for the table link content configuration.", - "title": "CustomTextContent" + "DateTimeFormat": { + "markdownDescription": "Customize how dates are formatted in controls.", + "title": "DateTimeFormat", + "type": "string" + }, + "HelperTextVisibility": { + "markdownDescription": "The helper text visibility of the `DateTimePickerControlDisplayOptions` .", + "title": "HelperTextVisibility", + "type": "string" + }, + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" } }, "type": "object" }, - "AWS::QuickSight::Analysis.TableFieldOption": { + "AWS::QuickSight::Dashboard.DateTimeValueWhenUnsetConfiguration": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label for a table field.", - "title": "CustomLabel", - "type": "string" - }, - "FieldId": { - "markdownDescription": "The field ID for a table field.", - "title": "FieldId", - "type": "string" - }, - "URLStyling": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldURLConfiguration", - "markdownDescription": "The URL configuration for a table field.", - "title": "URLStyling" - }, - "Visibility": { - "markdownDescription": "The visibility of a table field.", - "title": "Visibility", + "CustomValue": { + "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", + "title": "CustomValue", "type": "string" }, - "Width": { - "markdownDescription": "The width for a table field.", - "title": "Width", + "ValueWhenUnsetOption": { + "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", + "title": "ValueWhenUnsetOption", "type": "string" } }, - "required": [ - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.TableFieldOptions": { + "AWS::QuickSight::Dashboard.DecimalDefaultValues": { "additionalProperties": false, "properties": { - "Order": { - "items": { - "type": "string" - }, - "markdownDescription": "The order of the field IDs that are configured as field options for a table visual.", - "title": "Order", - "type": "array" - }, - "PinnedFieldOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TablePinnedFieldOptions", - "markdownDescription": "The settings for the pinned columns of a table visual.", - "title": "PinnedFieldOptions" + "DynamicValue": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DynamicDefaultValue", + "markdownDescription": "The dynamic value of the `DecimalDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", + "title": "DynamicValue" }, - "SelectedFieldOptions": { + "StaticValues": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldOption" + "type": "number" }, - "markdownDescription": "The field options to be configured to a table.", - "title": "SelectedFieldOptions", + "markdownDescription": "The static values of the `DecimalDefaultValues` .", + "title": "StaticValues", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.TableFieldURLConfiguration": { + "AWS::QuickSight::Dashboard.DecimalParameter": { "additionalProperties": false, "properties": { - "ImageConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldImageConfiguration", - "markdownDescription": "The image configuration of a table field URL.", - "title": "ImageConfiguration" + "Name": { + "markdownDescription": "A display name for the decimal parameter.", + "title": "Name", + "type": "string" }, - "LinkConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldLinkConfiguration", - "markdownDescription": "The link configuration of a table field URL.", - "title": "LinkConfiguration" + "Values": { + "items": { + "type": "number" + }, + "markdownDescription": "The values for the decimal parameter.", + "title": "Values", + "type": "array" } }, + "required": [ + "Name", + "Values" + ], "type": "object" }, - "AWS::QuickSight::Analysis.TableFieldWells": { + "AWS::QuickSight::Dashboard.DecimalParameterDeclaration": { "additionalProperties": false, "properties": { - "TableAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableAggregatedFieldWells", - "markdownDescription": "The aggregated field well for the table.", - "title": "TableAggregatedFieldWells" + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalDefaultValues", + "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", + "title": "DefaultValues" }, - "TableUnaggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableUnaggregatedFieldWells", - "markdownDescription": "The unaggregated field well for the table.", - "title": "TableUnaggregatedFieldWells" + "MappedDataSetParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MappedDataSetParameter" + }, + "markdownDescription": "", + "title": "MappedDataSetParameters", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the parameter that is being declared.", + "title": "Name", + "type": "string" + }, + "ParameterValueType": { + "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", + "title": "ParameterValueType", + "type": "string" + }, + "ValueWhenUnset": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalValueWhenUnsetConfiguration", + "markdownDescription": "The configuration that defines the default value of a `Decimal` parameter when a value has not been set.", + "title": "ValueWhenUnset" } }, + "required": [ + "Name", + "ParameterValueType" + ], "type": "object" }, - "AWS::QuickSight::Analysis.TableInlineVisualization": { + "AWS::QuickSight::Dashboard.DecimalPlacesConfiguration": { "additionalProperties": false, "properties": { - "DataBars": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataBarsOptions", - "markdownDescription": "The configuration of the inline visualization of the data bars within a chart.", - "title": "DataBars" + "DecimalPlaces": { + "markdownDescription": "The values of the decimal places.", + "title": "DecimalPlaces", + "type": "number" } }, + "required": [ + "DecimalPlaces" + ], "type": "object" }, - "AWS::QuickSight::Analysis.TableOptions": { + "AWS::QuickSight::Dashboard.DecimalValueWhenUnsetConfiguration": { "additionalProperties": false, "properties": { - "CellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", - "markdownDescription": "The table cell style of table cells.", - "title": "CellStyle" - }, - "HeaderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", - "markdownDescription": "The table cell style of a table header.", - "title": "HeaderStyle" + "CustomValue": { + "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", + "title": "CustomValue", + "type": "number" }, - "Orientation": { - "markdownDescription": "The orientation (vertical, horizontal) for a table.", - "title": "Orientation", + "ValueWhenUnsetOption": { + "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", + "title": "ValueWhenUnsetOption", "type": "string" - }, - "RowAlternateColorOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RowAlternateColorOptions", - "markdownDescription": "The row alternate color options (widget status, row alternate colors) for a table.", - "title": "RowAlternateColorOptions" } }, "type": "object" }, - "AWS::QuickSight::Analysis.TablePaginatedReportOptions": { + "AWS::QuickSight::Dashboard.DefaultDateTimePickerControlOptions": { "additionalProperties": false, "properties": { - "OverflowColumnHeaderVisibility": { - "markdownDescription": "The visibility of repeating header rows on each page.", - "title": "OverflowColumnHeaderVisibility", + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `DateTimePickerControl` .", + "title": "CommitMode", "type": "string" }, - "VerticalOverflowVisibility": { - "markdownDescription": "The visibility of printing table overflow across pages.", - "title": "VerticalOverflowVisibility", + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimePickerControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "Type": { + "markdownDescription": "The date time picker type of the `DefaultDateTimePickerControlOptions` . Choose one of the following options:\n\n- `SINGLE_VALUED` : The filter condition is a fixed date.\n- `DATE_RANGE` : The filter condition is a date time range.", + "title": "Type", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.TablePinnedFieldOptions": { - "additionalProperties": false, - "properties": { - "PinnedLeftFields": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of columns to be pinned to the left of a table visual.", - "title": "PinnedLeftFields", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.TableRowConditionalFormatting": { + "AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting color (solid, gradient) of the background for a table row.", - "title": "BackgroundColor" + "ControlOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlOptions", + "markdownDescription": "The control option for the `DefaultFilterControlConfiguration` .", + "title": "ControlOptions" }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting color (solid, gradient) of the text for a table row.", - "title": "TextColor" + "Title": { + "markdownDescription": "The title of the `DefaultFilterControlConfiguration` . This title is shared by all controls that are tied to this filter.", + "title": "Title", + "type": "string" } }, + "required": [ + "ControlOptions", + "Title" + ], "type": "object" }, - "AWS::QuickSight::Analysis.TableSideBorderOptions": { + "AWS::QuickSight::Dashboard.DefaultFilterControlOptions": { "additionalProperties": false, "properties": { - "Bottom": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", - "markdownDescription": "The table border options of the bottom border.", - "title": "Bottom" + "DefaultDateTimePickerOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultDateTimePickerControlOptions", + "markdownDescription": "The default options that correspond to the filter control type of a `DateTimePicker` .", + "title": "DefaultDateTimePickerOptions" }, - "InnerHorizontal": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", - "markdownDescription": "The table border options of the inner horizontal border.", - "title": "InnerHorizontal" + "DefaultDropdownOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterDropDownControlOptions", + "markdownDescription": "The default options that correspond to the `Dropdown` filter control type.", + "title": "DefaultDropdownOptions" }, - "InnerVertical": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", - "markdownDescription": "The table border options of the inner vertical border.", - "title": "InnerVertical" + "DefaultListOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterListControlOptions", + "markdownDescription": "The default options that correspond to the `List` filter control type.", + "title": "DefaultListOptions" }, - "Left": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", - "markdownDescription": "The table border options of the left border.", - "title": "Left" + "DefaultRelativeDateTimeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultRelativeDateTimeControlOptions", + "markdownDescription": "The default options that correspond to the `RelativeDateTime` filter control type.", + "title": "DefaultRelativeDateTimeOptions" }, - "Right": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", - "markdownDescription": "The table border options of the right border.", - "title": "Right" + "DefaultSliderOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultSliderControlOptions", + "markdownDescription": "The default options that correspond to the `Slider` filter control type.", + "title": "DefaultSliderOptions" }, - "Top": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", - "markdownDescription": "The table border options of the top border.", - "title": "Top" + "DefaultTextAreaOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultTextAreaControlOptions", + "markdownDescription": "The default options that correspond to the `TextArea` filter control type.", + "title": "DefaultTextAreaOptions" + }, + "DefaultTextFieldOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultTextFieldControlOptions", + "markdownDescription": "The default options that correspond to the `TextField` filter control type.", + "title": "DefaultTextFieldOptions" } }, "type": "object" }, - "AWS::QuickSight::Analysis.TableSortConfiguration": { + "AWS::QuickSight::Dashboard.DefaultFilterDropDownControlOptions": { "additionalProperties": false, "properties": { - "PaginationConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PaginationConfiguration", - "markdownDescription": "The pagination configuration (page size, page number) for the table.", - "title": "PaginationConfiguration" + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `FilterDropDownControl` .", + "title": "CommitMode", + "type": "string" }, - "RowSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The field sort options for rows in the table.", - "title": "RowSort", - "type": "array" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DropDownControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "Type": { + "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", + "title": "Type", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.TableStyleTarget": { + "AWS::QuickSight::Dashboard.DefaultFilterListControlOptions": { "additionalProperties": false, "properties": { - "CellType": { - "markdownDescription": "The cell type of the table style target.", - "title": "CellType", + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ListControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "Type": { + "markdownDescription": "The type of the `DefaultFilterListControlOptions` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list.", + "title": "Type", "type": "string" } }, - "required": [ - "CellType" - ], "type": "object" }, - "AWS::QuickSight::Analysis.TableUnaggregatedFieldWells": { + "AWS::QuickSight::Dashboard.DefaultFreeFormLayoutConfiguration": { "additionalProperties": false, "properties": { - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.UnaggregatedField" - }, - "markdownDescription": "The values field well for a pivot table. Values are unaggregated for an unaggregated table.", - "title": "Values", - "type": "array" + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutCanvasSizeOptions", + "markdownDescription": "Determines the screen canvas size options for a free-form layout.", + "title": "CanvasSizeOptions" } }, + "required": [ + "CanvasSizeOptions" + ], "type": "object" }, - "AWS::QuickSight::Analysis.TableVisual": { + "AWS::QuickSight::Dashboard.DefaultGridLayoutConfiguration": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" - }, - "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableConditionalFormatting", - "markdownDescription": "The conditional formatting for a `PivotTableVisual` .", - "title": "ConditionalFormatting" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" - }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", - "type": "string" + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GridLayoutCanvasSizeOptions", + "markdownDescription": "Determines the screen canvas size options for a grid layout.", + "title": "CanvasSizeOptions" } }, "required": [ - "VisualId" + "CanvasSizeOptions" ], "type": "object" }, - "AWS::QuickSight::Analysis.TextAreaControlDisplayOptions": { + "AWS::QuickSight::Dashboard.DefaultInteractiveLayoutConfiguration": { "additionalProperties": false, "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" - }, - "PlaceholderOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TextControlPlaceholderOptions", - "markdownDescription": "The configuration of the placeholder options in a text area control.", - "title": "PlaceholderOptions" + "FreeForm": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFreeFormLayoutConfiguration", + "markdownDescription": "The options that determine the default settings of a free-form layout configuration.", + "title": "FreeForm" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" + "Grid": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultGridLayoutConfiguration", + "markdownDescription": "The options that determine the default settings for a grid layout configuration.", + "title": "Grid" } }, "type": "object" }, - "AWS::QuickSight::Analysis.TextConditionalFormat": { + "AWS::QuickSight::Dashboard.DefaultNewSheetConfiguration": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting for the text background color.", - "title": "BackgroundColor" + "InteractiveLayoutConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultInteractiveLayoutConfiguration", + "markdownDescription": "The options that determine the default settings for interactive layout configuration.", + "title": "InteractiveLayoutConfiguration" }, - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting for the icon.", - "title": "Icon" + "PaginatedLayoutConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultPaginatedLayoutConfiguration", + "markdownDescription": "The options that determine the default settings for a paginated layout configuration.", + "title": "PaginatedLayoutConfiguration" }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting for the text color.", - "title": "TextColor" + "SheetContentType": { + "markdownDescription": "The option that determines the sheet content type.", + "title": "SheetContentType", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.TextControlPlaceholderOptions": { + "AWS::QuickSight::Dashboard.DefaultPaginatedLayoutConfiguration": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility configuration of the placeholder options in a text control.", - "title": "Visibility", - "type": "string" + "SectionBased": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultSectionBasedLayoutConfiguration", + "markdownDescription": "The options that determine the default settings for a section-based layout configuration.", + "title": "SectionBased" } }, "type": "object" }, - "AWS::QuickSight::Analysis.TextFieldControlDisplayOptions": { + "AWS::QuickSight::Dashboard.DefaultRelativeDateTimeControlOptions": { "additionalProperties": false, "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" - }, - "PlaceholderOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TextControlPlaceholderOptions", - "markdownDescription": "The configuration of the placeholder options in a text field control.", - "title": "PlaceholderOptions" + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `RelativeDateTimeControl` .", + "title": "CommitMode", + "type": "string" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RelativeDateTimeControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ThousandSeparatorOptions": { + "AWS::QuickSight::Dashboard.DefaultSectionBasedLayoutConfiguration": { "additionalProperties": false, "properties": { - "Symbol": { - "markdownDescription": "Determines the thousands separator symbol.", - "title": "Symbol", - "type": "string" - }, - "Visibility": { - "markdownDescription": "Determines the visibility of the thousands separator.", - "title": "Visibility", - "type": "string" + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionBasedLayoutCanvasSizeOptions", + "markdownDescription": "Determines the screen canvas size options for a section-based layout.", + "title": "CanvasSizeOptions" } }, + "required": [ + "CanvasSizeOptions" + ], "type": "object" }, - "AWS::QuickSight::Analysis.TimeBasedForecastProperties": { + "AWS::QuickSight::Dashboard.DefaultSliderControlOptions": { "additionalProperties": false, "properties": { - "LowerBoundary": { - "markdownDescription": "The lower boundary setup of a forecast computation.", - "title": "LowerBoundary", - "type": "number" - }, - "PeriodsBackward": { - "markdownDescription": "The periods backward setup of a forecast computation.", - "title": "PeriodsBackward", - "type": "number" - }, - "PeriodsForward": { - "markdownDescription": "The periods forward setup of a forecast computation.", - "title": "PeriodsForward", - "type": "number" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SliderControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" }, - "PredictionInterval": { - "markdownDescription": "The prediction interval setup of a forecast computation.", - "title": "PredictionInterval", + "MaximumValue": { + "markdownDescription": "The larger value that is displayed at the right of the slider.", + "title": "MaximumValue", "type": "number" }, - "Seasonality": { - "markdownDescription": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `NULL` : The input is set to `NULL` .\n- `NON_NULL` : The input is set to a custom value.", - "title": "Seasonality", + "MinimumValue": { + "markdownDescription": "The smaller value that is displayed at the left of the slider.", + "title": "MinimumValue", "type": "number" }, - "UpperBoundary": { - "markdownDescription": "The upper boundary setup of a forecast computation.", - "title": "UpperBoundary", + "StepSize": { + "markdownDescription": "The number of increments that the slider bar is divided into.", + "title": "StepSize", "type": "number" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.TimeEqualityFilter": { - "additionalProperties": false, - "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" - }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", - "type": "string" - }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `Value` and `RollingDate` .", - "title": "ParameterName", - "type": "string" - }, - "RollingDate": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RollingDateConfiguration", - "markdownDescription": "The rolling date input for the `TimeEquality` filter.\n\nThis field is mutually exclusive to `Value` and `ParameterName` .", - "title": "RollingDate" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", - "type": "string" - }, - "Value": { - "markdownDescription": "The value of a `TimeEquality` filter.\n\nThis field is mutually exclusive to `RollingDate` and `ParameterName` .", - "title": "Value", + "Type": { + "markdownDescription": "The type of the `DefaultSliderControlOptions` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range.", + "title": "Type", "type": "string" } }, "required": [ - "Column", - "FilterId" + "MaximumValue", + "MinimumValue", + "StepSize" ], "type": "object" }, - "AWS::QuickSight::Analysis.TimeRangeDrillDownFilter": { + "AWS::QuickSight::Dashboard.DefaultTextAreaControlOptions": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "RangeMaximum": { - "markdownDescription": "The maximum value for the filter value range.", - "title": "RangeMaximum", - "type": "string" - }, - "RangeMinimum": { - "markdownDescription": "The minimum value for the filter value range.", - "title": "RangeMinimum", + "Delimiter": { + "markdownDescription": "The delimiter that is used to separate the lines in text.", + "title": "Delimiter", "type": "string" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", - "type": "string" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextAreaControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" } }, - "required": [ - "Column", - "RangeMaximum", - "RangeMinimum", - "TimeGranularity" - ], "type": "object" }, - "AWS::QuickSight::Analysis.TimeRangeFilter": { + "AWS::QuickSight::Dashboard.DefaultTextFieldControlOptions": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" - }, - "ExcludePeriodConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ExcludePeriodConfiguration", - "markdownDescription": "The exclude period of the time range filter.", - "title": "ExcludePeriodConfiguration" - }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", - "type": "string" - }, - "IncludeMaximum": { - "markdownDescription": "Determines whether the maximum value in the filter value range should be included in the filtered results.", - "title": "IncludeMaximum", - "type": "boolean" - }, - "IncludeMinimum": { - "markdownDescription": "Determines whether the minimum value in the filter value range should be included in the filtered results.", - "title": "IncludeMinimum", - "type": "boolean" - }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", - "type": "string" - }, - "RangeMaximumValue": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TimeRangeFilterValue", - "markdownDescription": "The maximum value for the filter value range.", - "title": "RangeMaximumValue" - }, - "RangeMinimumValue": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TimeRangeFilterValue", - "markdownDescription": "The minimum value for the filter value range.", - "title": "RangeMinimumValue" - }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", - "type": "string" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextFieldControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" } }, - "required": [ - "Column", - "FilterId", - "NullOption" - ], "type": "object" }, - "AWS::QuickSight::Analysis.TimeRangeFilterValue": { + "AWS::QuickSight::Dashboard.DestinationParameterValueConfiguration": { "additionalProperties": false, "properties": { - "Parameter": { - "markdownDescription": "The parameter type input value.", - "title": "Parameter", + "CustomValuesConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomValuesConfiguration", + "markdownDescription": "The configuration of custom values for destination parameter in `DestinationParameterValueConfiguration` .", + "title": "CustomValuesConfiguration" + }, + "SelectAllValueOptions": { + "markdownDescription": "The configuration that selects all options.", + "title": "SelectAllValueOptions", "type": "string" }, - "RollingDate": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RollingDateConfiguration", - "markdownDescription": "The rolling date input value.", - "title": "RollingDate" + "SourceColumn": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "A column of a data set.", + "title": "SourceColumn" }, - "StaticValue": { - "markdownDescription": "The static input value.", - "title": "StaticValue", + "SourceField": { + "markdownDescription": "The source field ID of the destination parameter.", + "title": "SourceField", + "type": "string" + }, + "SourceParameterName": { + "markdownDescription": "The source parameter name of the destination parameter.", + "title": "SourceParameterName", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.TooltipItem": { + "AWS::QuickSight::Dashboard.DimensionField": { "additionalProperties": false, "properties": { - "ColumnTooltipItem": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnTooltipItem", - "markdownDescription": "The tooltip item for the columns that are not part of a field well.", - "title": "ColumnTooltipItem" + "CategoricalDimensionField": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CategoricalDimensionField", + "markdownDescription": "The dimension type field with categorical type columns.", + "title": "CategoricalDimensionField" }, - "FieldTooltipItem": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldTooltipItem", - "markdownDescription": "The tooltip item for the fields.", - "title": "FieldTooltipItem" + "DateDimensionField": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateDimensionField", + "markdownDescription": "The dimension type field with date type columns.", + "title": "DateDimensionField" + }, + "NumericalDimensionField": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericalDimensionField", + "markdownDescription": "The dimension type field with numerical type columns.", + "title": "NumericalDimensionField" } }, "type": "object" }, - "AWS::QuickSight::Analysis.TooltipOptions": { + "AWS::QuickSight::Dashboard.DonutCenterOptions": { "additionalProperties": false, "properties": { - "FieldBasedTooltip": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldBasedTooltip", - "markdownDescription": "The setup for the detailed tooltip. The tooltip setup is always saved. The display type is decided based on the tooltip type.", - "title": "FieldBasedTooltip" - }, - "SelectedTooltipType": { - "markdownDescription": "The selected type for the tooltip. Choose one of the following options:\n\n- `BASIC` : A basic tooltip.\n- `DETAILED` : A detailed tooltip.", - "title": "SelectedTooltipType", - "type": "string" - }, - "TooltipVisibility": { - "markdownDescription": "Determines whether or not the tooltip is visible.", - "title": "TooltipVisibility", + "LabelVisibility": { + "markdownDescription": "Determines the visibility of the label in a donut chart. In the Amazon QuickSight console, this option is called `'Show total'` .", + "title": "LabelVisibility", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.TopBottomFilter": { + "AWS::QuickSight::Dashboard.DonutOptions": { "additionalProperties": false, "properties": { - "AggregationSortConfigurations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationSortConfiguration" - }, - "markdownDescription": "The aggregation and sort configuration of the top bottom filter.", - "title": "AggregationSortConfigurations", - "type": "array" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" - }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", - "type": "string" - }, - "Limit": { - "markdownDescription": "The number of items to include in the top bottom filter results.", - "title": "Limit", - "type": "number" - }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.", - "title": "ParameterName", - "type": "string" + "ArcOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ArcOptions", + "markdownDescription": "The option for define the arc of the chart shape. Valid values are as follows:\n\n- `WHOLE` - A pie chart\n- `SMALL` - A small-sized donut chart\n- `MEDIUM` - A medium-sized donut chart\n- `LARGE` - A large-sized donut chart", + "title": "ArcOptions" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", - "type": "string" + "DonutCenterOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DonutCenterOptions", + "markdownDescription": "The label options of the label that is displayed in the center of a donut chart. This option isn't available for pie charts.", + "title": "DonutCenterOptions" } }, - "required": [ - "AggregationSortConfigurations", - "Column", - "FilterId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.TopBottomMoversComputation": { + "AWS::QuickSight::Dashboard.DrillDownFilter": { "additionalProperties": false, "properties": { - "Category": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", - "markdownDescription": "The category field that is used in a computation.", - "title": "Category" - }, - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" - }, - "MoverSize": { - "markdownDescription": "The mover size setup of the top and bottom movers computation.", - "title": "MoverSize", - "type": "number" - }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", - "type": "string" - }, - "SortOrder": { - "markdownDescription": "The sort order setup of the top and bottom movers computation.", - "title": "SortOrder", - "type": "string" - }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" + "CategoryFilter": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CategoryDrillDownFilter", + "markdownDescription": "The category type drill down filter. This filter is used for string type columns.", + "title": "CategoryFilter" }, - "Type": { - "markdownDescription": "The computation type. Choose from the following options:\n\n- TOP: Top movers computation.\n- BOTTOM: Bottom movers computation.", - "title": "Type", - "type": "string" + "NumericEqualityFilter": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericEqualityDrillDownFilter", + "markdownDescription": "The numeric equality type drill down filter. This filter is used for number type columns.", + "title": "NumericEqualityFilter" }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "TimeRangeFilter": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TimeRangeDrillDownFilter", + "markdownDescription": "The time range drill down filter. This filter is used for date time columns.", + "title": "TimeRangeFilter" } }, - "required": [ - "ComputationId", - "Type" - ], "type": "object" }, - "AWS::QuickSight::Analysis.TopBottomRankedComputation": { + "AWS::QuickSight::Dashboard.DropDownControlDisplayOptions": { "additionalProperties": false, "properties": { - "Category": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", - "markdownDescription": "The category field that is used in a computation.", - "title": "Category" - }, - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", - "type": "string" - }, - "ResultSize": { - "markdownDescription": "The result size of a top and bottom ranked computation.", - "title": "ResultSize", - "type": "number" + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" }, - "Type": { - "markdownDescription": "The computation type. Choose one of the following options:\n\n- TOP: A top ranked computation.\n- BOTTOM: A bottom ranked computation.", - "title": "Type", - "type": "string" + "SelectAllOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ListControlSelectAllOptions", + "markdownDescription": "The configuration of the `Select all` options in a dropdown control.", + "title": "SelectAllOptions" }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" } }, - "required": [ - "ComputationId", - "Type" - ], "type": "object" }, - "AWS::QuickSight::Analysis.TotalAggregationComputation": { + "AWS::QuickSight::Dashboard.DynamicDefaultValue": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" + "DefaultValueColumn": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that contains the default value of each user or group.", + "title": "DefaultValueColumn" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", - "type": "string" + "GroupNameColumn": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that contains the group name.", + "title": "GroupNameColumn" }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "UserNameColumn": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that contains the username.", + "title": "UserNameColumn" } }, "required": [ - "ComputationId" + "DefaultValueColumn" ], "type": "object" }, - "AWS::QuickSight::Analysis.TotalAggregationFunction": { + "AWS::QuickSight::Dashboard.EmptyVisual": { "additionalProperties": false, "properties": { - "SimpleTotalAggregationFunction": { - "markdownDescription": "A built in aggregation function for total values.", - "title": "SimpleTotalAggregationFunction", + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "DataSetIdentifier": { + "markdownDescription": "The data set that is used in the empty visual. Every visual requires a dataset to render.", + "title": "DataSetIdentifier", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", "type": "string" } }, + "required": [ + "DataSetIdentifier", + "VisualId" + ], "type": "object" }, - "AWS::QuickSight::Analysis.TotalAggregationOption": { + "AWS::QuickSight::Dashboard.Entity": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field id that's associated with the total aggregation option.", - "title": "FieldId", + "Path": { + "markdownDescription": "The hierarchical path of the entity within the analysis, template, or dashboard definition tree.", + "title": "Path", "type": "string" - }, - "TotalAggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TotalAggregationFunction", - "markdownDescription": "The total aggregation function that you want to set for a specified field id.", - "title": "TotalAggregationFunction" } }, - "required": [ - "FieldId", - "TotalAggregationFunction" - ], "type": "object" }, - "AWS::QuickSight::Analysis.TotalOptions": { + "AWS::QuickSight::Dashboard.ExcludePeriodConfiguration": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label string for the total cells.", - "title": "CustomLabel", - "type": "string" - }, - "Placement": { - "markdownDescription": "The placement (start, end) for the total cells.", - "title": "Placement", - "type": "string" + "Amount": { + "markdownDescription": "The amount or number of the exclude period.", + "title": "Amount", + "type": "number" }, - "ScrollStatus": { - "markdownDescription": "The scroll status (pinned, scrolled) for the total cells.", - "title": "ScrollStatus", + "Granularity": { + "markdownDescription": "The granularity or unit (day, month, year) of the exclude period.", + "title": "Granularity", "type": "string" }, - "TotalAggregationOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TotalAggregationOption" - }, - "markdownDescription": "The total aggregation settings for each value field.", - "title": "TotalAggregationOptions", - "type": "array" - }, - "TotalCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", - "markdownDescription": "Cell styling options for the total cells.", - "title": "TotalCellStyle" - }, - "TotalsVisibility": { - "markdownDescription": "The visibility configuration for the total cells.", - "title": "TotalsVisibility", + "Status": { + "markdownDescription": "The status of the exclude period. Choose from the following options:\n\n- `ENABLED`\n- `DISABLED`", + "title": "Status", "type": "string" } }, + "required": [ + "Amount", + "Granularity" + ], "type": "object" }, - "AWS::QuickSight::Analysis.TreeMapAggregatedFieldWells": { + "AWS::QuickSight::Dashboard.ExplicitHierarchy": { "additionalProperties": false, "properties": { - "Colors": { + "Columns": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier" }, - "markdownDescription": "The color field well of a tree map. Values are grouped by aggregations based on group by fields.", - "title": "Colors", + "markdownDescription": "The list of columns that define the explicit hierarchy.", + "title": "Columns", "type": "array" }, - "Groups": { + "DrillDownFilters": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DrillDownFilter" }, - "markdownDescription": "The group by field well of a tree map. Values are grouped based on group by fields.", - "title": "Groups", + "markdownDescription": "The option that determines the drill down filters for the explicit hierarchy.", + "title": "DrillDownFilters", "type": "array" }, - "Sizes": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The size field well of a tree map. Values are aggregated based on group by fields.", - "title": "Sizes", - "type": "array" + "HierarchyId": { + "markdownDescription": "The hierarchy ID of the explicit hierarchy.", + "title": "HierarchyId", + "type": "string" } }, + "required": [ + "Columns", + "HierarchyId" + ], "type": "object" }, - "AWS::QuickSight::Analysis.TreeMapConfiguration": { + "AWS::QuickSight::Dashboard.ExportHiddenFieldsOption": { "additionalProperties": false, "properties": { - "ColorLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility) for the colors displayed in a tree map.", - "title": "ColorLabelOptions" - }, - "ColorScale": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColorScale", - "markdownDescription": "The color options (gradient color, point of divergence) of a tree map.", - "title": "ColorScale" - }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.", - "title": "DataLabels" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TreeMapFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "GroupLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility) of the groups that are displayed in a tree map.", - "title": "GroupLabelOptions" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" - }, - "SizeLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility) of the sizes that are displayed in a tree map.", - "title": "SizeLabelOptions" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TreeMapSortConfiguration", - "markdownDescription": "The sort configuration of a tree map.", - "title": "SortConfiguration" - }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" + "AvailabilityStatus": { + "markdownDescription": "The status of the export hidden fields options of a dashbaord.", + "title": "AvailabilityStatus", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.TreeMapFieldWells": { + "AWS::QuickSight::Dashboard.ExportToCSVOption": { "additionalProperties": false, "properties": { - "TreeMapAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TreeMapAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a tree map.", - "title": "TreeMapAggregatedFieldWells" + "AvailabilityStatus": { + "markdownDescription": "Availability status.", + "title": "AvailabilityStatus", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.TreeMapSortConfiguration": { + "AWS::QuickSight::Dashboard.ExportWithHiddenFieldsOption": { "additionalProperties": false, "properties": { - "TreeMapGroupItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of groups that are displayed.", - "title": "TreeMapGroupItemsLimitConfiguration" - }, - "TreeMapSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of group by fields.", - "title": "TreeMapSort", - "type": "array" + "AvailabilityStatus": { + "markdownDescription": "The status of the export with hidden fields options.", + "title": "AvailabilityStatus", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.TreeMapVisual": { + "AWS::QuickSight::Dashboard.FieldBasedTooltip": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TreeMapConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "AggregationVisibility": { + "markdownDescription": "The visibility of `Show aggregations` .", + "title": "AggregationVisibility", + "type": "string" }, - "ColumnHierarchies": { + "TooltipFields": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipItem" }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", + "markdownDescription": "The fields configuration in the tooltip.", + "title": "TooltipFields", "type": "array" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" - }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "TooltipTitleType": { + "markdownDescription": "The type for the >tooltip title. Choose one of the following options:\n\n- `NONE` : Doesn't use the primary value as the title.\n- `PRIMARY_VALUE` : Uses primary value as the title.", + "title": "TooltipTitleType", "type": "string" } }, - "required": [ - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.TrendArrowOptions": { + "AWS::QuickSight::Dashboard.FieldLabelType": { "additionalProperties": false, "properties": { + "FieldId": { + "markdownDescription": "Indicates the field that is targeted by the field label.", + "title": "FieldId", + "type": "string" + }, "Visibility": { - "markdownDescription": "The visibility of the trend arrows.", + "markdownDescription": "The visibility of the field label.", "title": "Visibility", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.UnaggregatedField": { + "AWS::QuickSight::Dashboard.FieldSeriesItem": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that is used in the `UnaggregatedField` .", - "title": "Column" + "AxisBinding": { + "markdownDescription": "The axis that you are binding the field to.", + "title": "AxisBinding", + "type": "string" }, "FieldId": { - "markdownDescription": "The custom field ID.", + "markdownDescription": "The field ID of the field for which you are setting the axis binding.", "title": "FieldId", "type": "string" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" + "Settings": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartSeriesSettings", + "markdownDescription": "The options that determine the presentation of line series associated to the field.", + "title": "Settings" } }, "required": [ - "Column", + "AxisBinding", "FieldId" ], "type": "object" }, - "AWS::QuickSight::Analysis.UniqueValuesComputation": { + "AWS::QuickSight::Dashboard.FieldSort": { "additionalProperties": false, "properties": { - "Category": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", - "markdownDescription": "The category field that is used in a computation.", - "title": "Category" - }, - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", + "Direction": { + "markdownDescription": "The sort direction. Choose one of the following options:\n\n- `ASC` : Ascending\n- `DESC` : Descending", + "title": "Direction", "type": "string" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "FieldId": { + "markdownDescription": "The sort configuration target field.", + "title": "FieldId", "type": "string" } }, "required": [ - "ComputationId" + "Direction", + "FieldId" ], "type": "object" }, - "AWS::QuickSight::Analysis.ValidationStrategy": { + "AWS::QuickSight::Dashboard.FieldSortOptions": { "additionalProperties": false, "properties": { - "Mode": { - "markdownDescription": "The mode of validation for the asset to be created or updated. When you set this value to `STRICT` , strict validation for every error is enforced. When you set this value to `LENIENT` , validation is skipped for specific UI errors.", - "title": "Mode", - "type": "string" + "ColumnSort": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnSort", + "markdownDescription": "The sort configuration for a column that is not used in a field well.", + "title": "ColumnSort" + }, + "FieldSort": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSort", + "markdownDescription": "The sort configuration for a field in a field well.", + "title": "FieldSort" } }, - "required": [ - "Mode" - ], "type": "object" }, - "AWS::QuickSight::Analysis.VisibleRangeOptions": { + "AWS::QuickSight::Dashboard.FieldTooltipItem": { "additionalProperties": false, "properties": { - "PercentRange": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PercentVisibleRange", - "markdownDescription": "The percent range in the visible range.", - "title": "PercentRange" + "FieldId": { + "markdownDescription": "The unique ID of the field that is targeted by the tooltip.", + "title": "FieldId", + "type": "string" + }, + "Label": { + "markdownDescription": "The label of the tooltip item.", + "title": "Label", + "type": "string" + }, + "TooltipTarget": { + "markdownDescription": "Determines the target of the field tooltip item in a combo chart visual.", + "title": "TooltipTarget", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the tooltip item.", + "title": "Visibility", + "type": "string" } }, + "required": [ + "FieldId" + ], "type": "object" }, - "AWS::QuickSight::Analysis.Visual": { + "AWS::QuickSight::Dashboard.FilledMapAggregatedFieldWells": { "additionalProperties": false, "properties": { - "BarChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BarChartVisual", - "markdownDescription": "A bar chart.\n\nFor more information, see [Using bar charts](https://docs.aws.amazon.com/quicksight/latest/user/bar-charts.html) in the *Amazon QuickSight User Guide* .", - "title": "BarChartVisual" - }, - "BoxPlotVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotVisual", - "markdownDescription": "A box plot.\n\nFor more information, see [Using box plots](https://docs.aws.amazon.com/quicksight/latest/user/box-plots.html) in the *Amazon QuickSight User Guide* .", - "title": "BoxPlotVisual" - }, - "ComboChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ComboChartVisual", - "markdownDescription": "A combo chart.\n\nFor more information, see [Using combo charts](https://docs.aws.amazon.com/quicksight/latest/user/combo-charts.html) in the *Amazon QuickSight User Guide* .", - "title": "ComboChartVisual" - }, - "CustomContentVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomContentVisual", - "markdownDescription": "A visual that contains custom content.\n\nFor more information, see [Using custom visual content](https://docs.aws.amazon.com/quicksight/latest/user/custom-visual-content.html) in the *Amazon QuickSight User Guide* .", - "title": "CustomContentVisual" - }, - "EmptyVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.EmptyVisual", - "markdownDescription": "An empty visual.", - "title": "EmptyVisual" - }, - "FilledMapVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapVisual", - "markdownDescription": "A filled map.\n\nFor more information, see [Creating filled maps](https://docs.aws.amazon.com/quicksight/latest/user/filled-maps.html) in the *Amazon QuickSight User Guide* .", - "title": "FilledMapVisual" - }, - "FunnelChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FunnelChartVisual", - "markdownDescription": "A funnel chart.\n\nFor more information, see [Using funnel charts](https://docs.aws.amazon.com/quicksight/latest/user/funnel-visual-content.html) in the *Amazon QuickSight User Guide* .", - "title": "FunnelChartVisual" - }, - "GaugeChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartVisual", - "markdownDescription": "A gauge chart.\n\nFor more information, see [Using gauge charts](https://docs.aws.amazon.com/quicksight/latest/user/gauge-chart.html) in the *Amazon QuickSight User Guide* .", - "title": "GaugeChartVisual" - }, - "GeospatialMapVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapVisual", - "markdownDescription": "A geospatial map or a points on map visual.\n\nFor more information, see [Creating point maps](https://docs.aws.amazon.com/quicksight/latest/user/point-maps.html) in the *Amazon QuickSight User Guide* .", - "title": "GeospatialMapVisual" - }, - "HeatMapVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.HeatMapVisual", - "markdownDescription": "A heat map.\n\nFor more information, see [Using heat maps](https://docs.aws.amazon.com/quicksight/latest/user/heat-map.html) in the *Amazon QuickSight User Guide* .", - "title": "HeatMapVisual" - }, - "HistogramVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.HistogramVisual", - "markdownDescription": "A histogram.\n\nFor more information, see [Using histograms](https://docs.aws.amazon.com/quicksight/latest/user/histogram-charts.html) in the *Amazon QuickSight User Guide* .", - "title": "HistogramVisual" - }, - "InsightVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.InsightVisual", - "markdownDescription": "An insight visual.\n\nFor more information, see [Working with insights](https://docs.aws.amazon.com/quicksight/latest/user/computational-insights.html) in the *Amazon QuickSight User Guide* .", - "title": "InsightVisual" - }, - "KPIVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIVisual", - "markdownDescription": "A key performance indicator (KPI).\n\nFor more information, see [Using KPIs](https://docs.aws.amazon.com/quicksight/latest/user/kpi.html) in the *Amazon QuickSight User Guide* .", - "title": "KPIVisual" - }, - "LineChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartVisual", - "markdownDescription": "A line chart.\n\nFor more information, see [Using line charts](https://docs.aws.amazon.com/quicksight/latest/user/line-charts.html) in the *Amazon QuickSight User Guide* .", - "title": "LineChartVisual" - }, - "PieChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PieChartVisual", - "markdownDescription": "A pie or donut chart.\n\nFor more information, see [Using pie charts](https://docs.aws.amazon.com/quicksight/latest/user/pie-chart.html) in the *Amazon QuickSight User Guide* .", - "title": "PieChartVisual" - }, - "PivotTableVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableVisual", - "markdownDescription": "A pivot table.\n\nFor more information, see [Using pivot tables](https://docs.aws.amazon.com/quicksight/latest/user/pivot-table.html) in the *Amazon QuickSight User Guide* .", - "title": "PivotTableVisual" - }, - "RadarChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartVisual", - "markdownDescription": "A radar chart visual.\n\nFor more information, see [Using radar charts](https://docs.aws.amazon.com/quicksight/latest/user/radar-chart.html) in the *Amazon QuickSight User Guide* .", - "title": "RadarChartVisual" - }, - "SankeyDiagramVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SankeyDiagramVisual", - "markdownDescription": "A sankey diagram.\n\nFor more information, see [Using Sankey diagrams](https://docs.aws.amazon.com/quicksight/latest/user/sankey-diagram.html) in the *Amazon QuickSight User Guide* .", - "title": "SankeyDiagramVisual" - }, - "ScatterPlotVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ScatterPlotVisual", - "markdownDescription": "A scatter plot.\n\nFor more information, see [Using scatter plots](https://docs.aws.amazon.com/quicksight/latest/user/scatter-plot.html) in the *Amazon QuickSight User Guide* .", - "title": "ScatterPlotVisual" - }, - "TableVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableVisual", - "markdownDescription": "A table visual.\n\nFor more information, see [Using tables as visuals](https://docs.aws.amazon.com/quicksight/latest/user/tabular.html) in the *Amazon QuickSight User Guide* .", - "title": "TableVisual" - }, - "TreeMapVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TreeMapVisual", - "markdownDescription": "A tree map.\n\nFor more information, see [Using tree maps](https://docs.aws.amazon.com/quicksight/latest/user/tree-map.html) in the *Amazon QuickSight User Guide* .", - "title": "TreeMapVisual" - }, - "WaterfallVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallVisual", - "markdownDescription": "A waterfall chart.\n\nFor more information, see [Using waterfall charts](https://docs.aws.amazon.com/quicksight/latest/user/waterfall-chart.html) in the *Amazon QuickSight User Guide* .", - "title": "WaterfallVisual" + "Geospatial": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The aggregated location field well of the filled map. Values are grouped by location fields.", + "title": "Geospatial", + "type": "array" }, - "WordCloudVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WordCloudVisual", - "markdownDescription": "A word cloud.\n\nFor more information, see [Using word clouds](https://docs.aws.amazon.com/quicksight/latest/user/word-cloud.html) in the *Amazon QuickSight User Guide* .", - "title": "WordCloudVisual" + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The aggregated color field well of a filled map. Values are aggregated based on location fields.", + "title": "Values", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.VisualCustomAction": { + "AWS::QuickSight::Dashboard.FilledMapConditionalFormatting": { "additionalProperties": false, "properties": { - "ActionOperations": { + "ConditionalFormattingOptions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomActionOperation" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapConditionalFormattingOption" }, - "markdownDescription": "A list of `VisualCustomActionOperations` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", - "title": "ActionOperations", + "markdownDescription": "Conditional formatting options of a `FilledMapVisual` .", + "title": "ConditionalFormattingOptions", "type": "array" - }, - "CustomActionId": { - "markdownDescription": "The ID of the `VisualCustomAction` .", - "title": "CustomActionId", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the `VisualCustomAction` .", - "title": "Name", - "type": "string" - }, - "Status": { - "markdownDescription": "The status of the `VisualCustomAction` .", - "title": "Status", - "type": "string" - }, - "Trigger": { - "markdownDescription": "The trigger of the `VisualCustomAction` .\n\nValid values are defined as follows:\n\n- `DATA_POINT_CLICK` : Initiates a custom action by a left pointer click on a data point.\n- `DATA_POINT_MENU` : Initiates a custom action by right pointer click from the menu.", - "title": "Trigger", - "type": "string" } }, "required": [ - "ActionOperations", - "CustomActionId", - "Name", - "Trigger" + "ConditionalFormattingOptions" ], "type": "object" }, - "AWS::QuickSight::Analysis.VisualCustomActionOperation": { + "AWS::QuickSight::Dashboard.FilledMapConditionalFormattingOption": { "additionalProperties": false, "properties": { - "FilterOperation": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionFilterOperation", - "markdownDescription": "The filter operation that filters data included in a visual or in an entire sheet.", - "title": "FilterOperation" - }, - "NavigationOperation": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionNavigationOperation", - "markdownDescription": "The navigation operation that navigates between different sheets in the same analysis.", - "title": "NavigationOperation" - }, - "SetParametersOperation": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionSetParametersOperation", - "markdownDescription": "The set parameter operation that sets parameters in custom action.", - "title": "SetParametersOperation" - }, - "URLOperation": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionURLOperation", - "markdownDescription": "The URL operation that opens a link to another webpage.", - "title": "URLOperation" + "Shape": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapShapeConditionalFormatting", + "markdownDescription": "The conditional formatting that determines the shape of the filled map.", + "title": "Shape" } }, + "required": [ + "Shape" + ], "type": "object" }, - "AWS::QuickSight::Analysis.VisualPalette": { + "AWS::QuickSight::Dashboard.FilledMapConfiguration": { "additionalProperties": false, "properties": { - "ChartColor": { - "markdownDescription": "The chart color options for the visual palette.", - "title": "ChartColor", - "type": "string" + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" }, - "ColorMap": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathColor" - }, - "markdownDescription": "The color map options for the visual palette.", - "title": "ColorMap", - "type": "array" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "MapStyleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapStyleOptions", + "markdownDescription": "The map style options of the filled map visual.", + "title": "MapStyleOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapSortConfiguration", + "markdownDescription": "The sort configuration of a `FilledMapVisual` .", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + }, + "WindowOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialWindowOptions", + "markdownDescription": "The window options of the filled map visual.", + "title": "WindowOptions" } }, "type": "object" }, - "AWS::QuickSight::Analysis.VisualSubtitleLabelOptions": { + "AWS::QuickSight::Dashboard.FilledMapFieldWells": { "additionalProperties": false, "properties": { - "FormatText": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LongFormatText", - "markdownDescription": "The long text format of the subtitle label, such as plain text or rich text.", - "title": "FormatText" - }, - "Visibility": { - "markdownDescription": "The visibility of the subtitle label.", - "title": "Visibility", - "type": "string" + "FilledMapAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapAggregatedFieldWells", + "markdownDescription": "The aggregated field well of the filled map.", + "title": "FilledMapAggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Analysis.VisualTitleLabelOptions": { + "AWS::QuickSight::Dashboard.FilledMapShapeConditionalFormatting": { "additionalProperties": false, "properties": { - "FormatText": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ShortFormatText", - "markdownDescription": "The short text format of the title label, such as plain text or rich text.", - "title": "FormatText" - }, - "Visibility": { - "markdownDescription": "The visibility of the title label.", - "title": "Visibility", + "FieldId": { + "markdownDescription": "The field ID of the filled map shape.", + "title": "FieldId", "type": "string" + }, + "Format": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ShapeConditionalFormat", + "markdownDescription": "The conditional formatting that determines the background color of a filled map's shape.", + "title": "Format" } }, + "required": [ + "FieldId" + ], "type": "object" }, - "AWS::QuickSight::Analysis.WaterfallChartAggregatedFieldWells": { + "AWS::QuickSight::Dashboard.FilledMapSortConfiguration": { "additionalProperties": false, "properties": { - "Breakdowns": { + "CategorySort": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" }, - "markdownDescription": "The breakdown field wells of a waterfall visual.", - "title": "Breakdowns", + "markdownDescription": "The sort configuration of the location fields.", + "title": "CategorySort", "type": "array" - }, - "Categories": { + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FilledMapVisual": { + "additionalProperties": false, + "properties": { + "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" }, - "markdownDescription": "The category field wells of a waterfall visual.", - "title": "Categories", + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", "type": "array" }, - "Values": { + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" }, - "markdownDescription": "The value field wells of a waterfall visual.", - "title": "Values", + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", "type": "array" + }, + "ConditionalFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapConditionalFormatting", + "markdownDescription": "The conditional formatting of a `FilledMapVisual` .", + "title": "ConditionalFormatting" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", + "type": "string" } }, + "required": [ + "VisualId" + ], "type": "object" }, - "AWS::QuickSight::Analysis.WaterfallChartConfiguration": { + "AWS::QuickSight::Dashboard.Filter": { "additionalProperties": false, "properties": { - "CategoryAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the category axis.", - "title": "CategoryAxisDisplayOptions" + "CategoryFilter": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CategoryFilter", + "markdownDescription": "A `CategoryFilter` filters text values.\n\nFor more information, see [Adding text filters](https://docs.aws.amazon.com/quicksight/latest/user/add-a-text-filter-data-prep.html) in the *Amazon QuickSight User Guide* .", + "title": "CategoryFilter" }, - "CategoryAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the category axis label.", - "title": "CategoryAxisLabelOptions" + "NestedFilter": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NestedFilter", + "markdownDescription": "A `NestedFilter` filters data with a subset of data that is defined by the nested inner filter.", + "title": "NestedFilter" }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", - "markdownDescription": "The data label configuration of a waterfall visual.", - "title": "DataLabels" + "NumericEqualityFilter": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericEqualityFilter", + "markdownDescription": "A `NumericEqualityFilter` filters numeric values that equal or do not equal a given numeric value.", + "title": "NumericEqualityFilter" }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallChartFieldWells", - "markdownDescription": "The field well configuration of a waterfall visual.", - "title": "FieldWells" + "NumericRangeFilter": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericRangeFilter", + "markdownDescription": "A `NumericRangeFilter` filters numeric values that are either inside or outside a given numeric range.", + "title": "NumericRangeFilter" }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", - "markdownDescription": "The legend configuration of a waterfall visual.", - "title": "Legend" + "RelativeDatesFilter": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RelativeDatesFilter", + "markdownDescription": "A `RelativeDatesFilter` filters date values that are relative to a given date.", + "title": "RelativeDatesFilter" }, - "PrimaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the y-axis.", - "title": "PrimaryYAxisDisplayOptions" + "TimeEqualityFilter": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TimeEqualityFilter", + "markdownDescription": "A `TimeEqualityFilter` filters date-time values that equal or do not equal a given date/time value.", + "title": "TimeEqualityFilter" }, - "PrimaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the y-axis label.", - "title": "PrimaryYAxisLabelOptions" + "TimeRangeFilter": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TimeRangeFilter", + "markdownDescription": "A `TimeRangeFilter` filters date-time values that are either inside or outside a given date/time range.", + "title": "TimeRangeFilter" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallChartSortConfiguration", - "markdownDescription": "The sort configuration of a waterfall visual.", - "title": "SortConfiguration" + "TopBottomFilter": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TopBottomFilter", + "markdownDescription": "A `TopBottomFilter` filters data to the top or bottom values for a given column.", + "title": "TopBottomFilter" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FilterControl": { + "additionalProperties": false, + "properties": { + "CrossSheet": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterCrossSheetControl", + "markdownDescription": "A control from a filter that is scoped across more than one sheet. This represents your filter control on a sheet", + "title": "CrossSheet" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", - "markdownDescription": "The visual palette configuration of a waterfall visual.", - "title": "VisualPalette" + "DateTimePicker": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterDateTimePickerControl", + "markdownDescription": "A control from a date filter that is used to specify date and time.", + "title": "DateTimePicker" }, - "WaterfallChartOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallChartOptions", - "markdownDescription": "The options that determine the presentation of a waterfall visual.", - "title": "WaterfallChartOptions" + "Dropdown": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterDropDownControl", + "markdownDescription": "A control to display a dropdown list with buttons that are used to select a single value.", + "title": "Dropdown" + }, + "List": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterListControl", + "markdownDescription": "A control to display a list of buttons or boxes. This is used to select either a single value or multiple values.", + "title": "List" + }, + "RelativeDateTime": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterRelativeDateTimeControl", + "markdownDescription": "A control from a date filter that is used to specify the relative date.", + "title": "RelativeDateTime" + }, + "Slider": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterSliderControl", + "markdownDescription": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle.", + "title": "Slider" + }, + "TextArea": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterTextAreaControl", + "markdownDescription": "A control to display a text box that is used to enter multiple entries.", + "title": "TextArea" + }, + "TextField": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterTextFieldControl", + "markdownDescription": "A control to display a text box that is used to enter a single entry.", + "title": "TextField" } }, "type": "object" }, - "AWS::QuickSight::Analysis.WaterfallChartFieldWells": { + "AWS::QuickSight::Dashboard.FilterCrossSheetControl": { "additionalProperties": false, "properties": { - "WaterfallChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallChartAggregatedFieldWells", - "markdownDescription": "The field well configuration of a waterfall visual.", - "title": "WaterfallChartAggregatedFieldWells" + "CascadingControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CascadingControlConfiguration", + "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", + "title": "CascadingControlConfiguration" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterCrossSheetControl` .", + "title": "FilterControlId", + "type": "string" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterCrossSheetControl` .", + "title": "SourceFilterId", + "type": "string" } }, + "required": [ + "FilterControlId", + "SourceFilterId" + ], "type": "object" }, - "AWS::QuickSight::Analysis.WaterfallChartOptions": { + "AWS::QuickSight::Dashboard.FilterDateTimePickerControl": { "additionalProperties": false, "properties": { - "TotalBarLabel": { - "markdownDescription": "This option determines the total bar label of a waterfall visual.", - "title": "TotalBarLabel", + "CommitMode": { + "markdownDescription": "The visibility configurationof the Apply button on a `DateTimePickerControl` .", + "title": "CommitMode", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimePickerControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterDateTimePickerControl` .", + "title": "FilterControlId", + "type": "string" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterDateTimePickerControl` .", + "title": "SourceFilterId", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `FilterDateTimePickerControl` .", + "title": "Title", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", + "title": "Type", "type": "string" } }, + "required": [ + "FilterControlId", + "SourceFilterId", + "Title" + ], "type": "object" }, - "AWS::QuickSight::Analysis.WaterfallChartSortConfiguration": { + "AWS::QuickSight::Dashboard.FilterDropDownControl": { "additionalProperties": false, "properties": { - "BreakdownItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of bar groups that are displayed.", - "title": "BreakdownItemsLimit" + "CascadingControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CascadingControlConfiguration", + "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", + "title": "CascadingControlConfiguration" }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the category fields.", - "title": "CategorySort", - "type": "array" + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `FilterDropDownControl` .", + "title": "CommitMode", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DropDownControlDisplayOptions", + "markdownDescription": "The display options of the `FilterDropDownControl` .", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterDropDownControl` .", + "title": "FilterControlId", + "type": "string" + }, + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterDropDownControl` .", + "title": "SourceFilterId", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `FilterDropDownControl` .", + "title": "Title", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", + "title": "Type", + "type": "string" } }, + "required": [ + "FilterControlId", + "SourceFilterId", + "Title" + ], "type": "object" }, - "AWS::QuickSight::Analysis.WaterfallVisual": { + "AWS::QuickSight::Dashboard.FilterGroup": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "CrossDataset": { + "markdownDescription": "The filter new feature which can apply filter group to all data sets. Choose one of the following options:\n\n- `ALL_DATASETS`\n- `SINGLE_DATASET`", + "title": "CrossDataset", + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallChartConfiguration", - "markdownDescription": "The configuration for a waterfall visual.", - "title": "ChartConfiguration" + "FilterGroupId": { + "markdownDescription": "The value that uniquely identifies a `FilterGroup` within a dashboard, template, or analysis.", + "title": "FilterGroupId", + "type": "string" }, - "ColumnHierarchies": { + "Filters": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.Filter" }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", + "markdownDescription": "The list of filters that are present in a `FilterGroup` .", + "title": "Filters", "type": "array" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "ScopeConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterScopeConfiguration", + "markdownDescription": "The configuration that specifies what scope to apply to a `FilterGroup` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", + "title": "ScopeConfiguration" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "Status": { + "markdownDescription": "The status of the `FilterGroup` .", + "title": "Status", "type": "string" } }, "required": [ - "VisualId" + "CrossDataset", + "FilterGroupId", + "Filters", + "ScopeConfiguration" ], "type": "object" }, - "AWS::QuickSight::Analysis.WhatIfPointScenario": { + "AWS::QuickSight::Dashboard.FilterListConfiguration": { "additionalProperties": false, "properties": { - "Date": { - "markdownDescription": "The date that you need the forecast results for.", - "title": "Date", + "CategoryValues": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of category values for the filter.", + "title": "CategoryValues", + "type": "array" + }, + "MatchOperator": { + "markdownDescription": "The match operator that is used to determine if a filter should be applied.", + "title": "MatchOperator", "type": "string" }, - "Value": { - "markdownDescription": "The target value that you want to meet for the provided date.", - "title": "Value", - "type": "number" + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" + }, + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", + "type": "string" } }, "required": [ - "Date", - "Value" + "MatchOperator" ], "type": "object" }, - "AWS::QuickSight::Analysis.WhatIfRangeScenario": { + "AWS::QuickSight::Dashboard.FilterListControl": { "additionalProperties": false, "properties": { - "EndDate": { - "markdownDescription": "The end date in the date range that you need the forecast results for.", - "title": "EndDate", + "CascadingControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CascadingControlConfiguration", + "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", + "title": "CascadingControlConfiguration" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ListControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterListControl` .", + "title": "FilterControlId", "type": "string" }, - "StartDate": { - "markdownDescription": "The start date in the date range that you need the forecast results for.", - "title": "StartDate", + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterListControl` .", + "title": "SourceFilterId", "type": "string" }, - "Value": { - "markdownDescription": "The target value that you want to meet for the provided date range.", - "title": "Value", - "type": "number" + "Title": { + "markdownDescription": "The title of the `FilterListControl` .", + "title": "Title", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the `FilterListControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list.", + "title": "Type", + "type": "string" } }, "required": [ - "EndDate", - "StartDate", - "Value" + "FilterControlId", + "SourceFilterId", + "Title" ], "type": "object" }, - "AWS::QuickSight::Analysis.WordCloudAggregatedFieldWells": { + "AWS::QuickSight::Dashboard.FilterOperationSelectedFieldsConfiguration": { "additionalProperties": false, "properties": { - "GroupBy": { + "SelectedColumns": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier" }, - "markdownDescription": "The group by field well of a word cloud. Values are grouped by group by fields.", - "title": "GroupBy", + "markdownDescription": "The selected columns of a dataset.", + "title": "SelectedColumns", "type": "array" }, - "Size": { + "SelectedFieldOptions": { + "markdownDescription": "A structure that contains the options that choose which fields are filtered in the `CustomActionFilterOperation` .\n\nValid values are defined as follows:\n\n- `ALL_FIELDS` : Applies the filter operation to all fields.", + "title": "SelectedFieldOptions", + "type": "string" + }, + "SelectedFields": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + "type": "string" }, - "markdownDescription": "The size field well of a word cloud. Values are aggregated based on group by fields.", - "title": "Size", + "markdownDescription": "Chooses the fields that are filtered in `CustomActionFilterOperation` .", + "title": "SelectedFields", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.WordCloudChartConfiguration": { - "additionalProperties": false, - "properties": { - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) for the word cloud category.", - "title": "CategoryLabelOptions" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WordCloudFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WordCloudSortConfiguration", - "markdownDescription": "The sort configuration of a word cloud visual.", - "title": "SortConfiguration" - }, - "WordCloudOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WordCloudOptions", - "markdownDescription": "The options for a word cloud visual.", - "title": "WordCloudOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.WordCloudFieldWells": { + "AWS::QuickSight::Dashboard.FilterOperationTargetVisualsConfiguration": { "additionalProperties": false, "properties": { - "WordCloudAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WordCloudAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a word cloud.", - "title": "WordCloudAggregatedFieldWells" + "SameSheetTargetVisualConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SameSheetTargetVisualConfiguration", + "markdownDescription": "The configuration of the same-sheet target visuals that you want to be filtered.", + "title": "SameSheetTargetVisualConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Analysis.WordCloudOptions": { + "AWS::QuickSight::Dashboard.FilterRelativeDateTimeControl": { "additionalProperties": false, "properties": { - "CloudLayout": { - "markdownDescription": "The cloud layout options (fluid, normal) of a word cloud.", - "title": "CloudLayout", + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `FilterRelativeDateTimeControl` .", + "title": "CommitMode", "type": "string" }, - "MaximumStringLength": { - "markdownDescription": "The length limit of each word from 1-100.", - "title": "MaximumStringLength", - "type": "number" - }, - "WordCasing": { - "markdownDescription": "The word casing options (lower_case, existing_case) for the words in a word cloud.", - "title": "WordCasing", - "type": "string" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RelativeDateTimeControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" }, - "WordOrientation": { - "markdownDescription": "The word orientation options (horizontal, horizontal_and_vertical) for the words in a word cloud.", - "title": "WordOrientation", + "FilterControlId": { + "markdownDescription": "The ID of the `FilterTextAreaControl` .", + "title": "FilterControlId", "type": "string" }, - "WordPadding": { - "markdownDescription": "The word padding options (none, small, medium, large) for the words in a word cloud.", - "title": "WordPadding", + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterTextAreaControl` .", + "title": "SourceFilterId", "type": "string" }, - "WordScaling": { - "markdownDescription": "The word scaling options (emphasize, normal) for the words in a word cloud.", - "title": "WordScaling", + "Title": { + "markdownDescription": "The title of the `FilterTextAreaControl` .", + "title": "Title", "type": "string" } }, + "required": [ + "FilterControlId", + "SourceFilterId", + "Title" + ], "type": "object" }, - "AWS::QuickSight::Analysis.WordCloudSortConfiguration": { + "AWS::QuickSight::Dashboard.FilterScopeConfiguration": { "additionalProperties": false, "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of groups that are displayed in a word cloud.", - "title": "CategoryItemsLimit" + "AllSheets": { + "markdownDescription": "The configuration that applies a filter to all sheets. When you choose `AllSheets` as the value for a `FilterScopeConfiguration` , this filter is applied to all visuals of all sheets in an Analysis, Dashboard, or Template. The `AllSheetsFilterScopeConfiguration` is chosen.", + "title": "AllSheets", + "type": "object" }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of group by fields.", - "title": "CategorySort", - "type": "array" + "SelectedSheets": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SelectedSheetsFilterScopeConfiguration", + "markdownDescription": "The configuration for applying a filter to specific sheets.", + "title": "SelectedSheets" } }, "type": "object" }, - "AWS::QuickSight::Analysis.WordCloudVisual": { + "AWS::QuickSight::Dashboard.FilterSelectableValues": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WordCloudChartConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" - }, - "ColumnHierarchies": { + "Values": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" + "type": "string" }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", + "markdownDescription": "The values that are used in the `FilterSelectableValues` .", + "title": "Values", "type": "array" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" - }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", - "type": "string" } }, - "required": [ - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard": { + "AWS::QuickSight::Dashboard.FilterSliderControl": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SliderControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FilterControlId": { + "markdownDescription": "The ID of the `FilterSliderControl` .", + "title": "FilterControlId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "MaximumValue": { + "markdownDescription": "The larger value that is displayed at the right of the slider.", + "title": "MaximumValue", + "type": "number" }, - "Metadata": { - "type": "object" + "MinimumValue": { + "markdownDescription": "The smaller value that is displayed at the left of the slider.", + "title": "MinimumValue", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AwsAccountId": { - "markdownDescription": "The ID of the AWS account where you want to create the dashboard.", - "title": "AwsAccountId", - "type": "string" - }, - "DashboardId": { - "markdownDescription": "The ID for the dashboard, also added to the IAM policy.", - "title": "DashboardId", - "type": "string" - }, - "DashboardPublishOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DashboardPublishOptions", - "markdownDescription": "Options for publishing the dashboard when you create it:\n\n- `AvailabilityStatus` for `AdHocFilteringOption` - This status can be either `ENABLED` or `DISABLED` . When this is set to `DISABLED` , Amazon QuickSight disables the left filter pane on the published dashboard, which can be used for ad hoc (one-time) filtering. This option is `ENABLED` by default.\n- `AvailabilityStatus` for `ExportToCSVOption` - This status can be either `ENABLED` or `DISABLED` . The visual option to export data to .CSV format isn't enabled when this is set to `DISABLED` . This option is `ENABLED` by default.\n- `VisibilityState` for `SheetControlsOption` - This visibility state can be either `COLLAPSED` or `EXPANDED` . This option is `COLLAPSED` by default.", - "title": "DashboardPublishOptions" - }, - "Definition": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DashboardVersionDefinition", - "markdownDescription": "", - "title": "Definition" - }, - "LinkEntities": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of analysis Amazon Resource Names (ARNs) to be linked to the dashboard.", - "title": "LinkEntities", - "type": "array" - }, - "LinkSharingConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LinkSharingConfiguration", - "markdownDescription": "A structure that contains the link sharing configurations that you want to apply overrides to.", - "title": "LinkSharingConfiguration" - }, - "Name": { - "markdownDescription": "The display name of the dashboard.", - "title": "Name", - "type": "string" - }, - "Parameters": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.Parameters", - "markdownDescription": "The parameters for the creation of the dashboard, which you want to use to override the default settings. A dashboard can have any type of parameters, and some parameters might accept multiple values.", - "title": "Parameters" - }, - "Permissions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ResourcePermission" - }, - "markdownDescription": "A structure that contains the permissions of the dashboard. You can use this structure for granting permissions by providing a list of IAM action information for each principal ARN.\n\nTo specify no permissions, omit the permissions list.", - "title": "Permissions", - "type": "array" - }, - "SourceEntity": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DashboardSourceEntity", - "markdownDescription": "The entity that you are using as a source when you create the dashboard. In `SourceEntity` , you specify the type of object that you want to use. You can only create a dashboard from a template, so you use a `SourceTemplate` entity. If you need to create a dashboard from an analysis, first convert the analysis to a template by using the `CreateTemplate` API operation. For `SourceTemplate` , specify the Amazon Resource Name (ARN) of the source template. The `SourceTemplate` ARN can contain any AWS account; and any QuickSight-supported AWS Region .\n\nUse the `DataSetReferences` entity within `SourceTemplate` to list the replacement datasets for the placeholders listed in the original. The schema in each dataset must match its placeholder.", - "title": "SourceEntity" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Contains a map of the key-value pairs for the resource tag or tags assigned to the dashboard.", - "title": "Tags", - "type": "array" - }, - "ThemeArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the theme that is being used for this dashboard. If you add a value for this field, it overrides the value that is used in the source entity. The theme ARN must exist in the same AWS account where you create the dashboard.", - "title": "ThemeArn", - "type": "string" - }, - "ValidationStrategy": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ValidationStrategy", - "markdownDescription": "The option to relax the validation that is required to create and update analyses, dashboards, and templates with definition objects. When you set this value to `LENIENT` , validation is skipped for specific errors.", - "title": "ValidationStrategy" - }, - "VersionDescription": { - "markdownDescription": "A description for the first version of the dashboard being created.", - "title": "VersionDescription", - "type": "string" - } - }, - "required": [ - "AwsAccountId", - "DashboardId", - "Name" - ], - "type": "object" + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterSliderControl` .", + "title": "SourceFilterId", + "type": "string" }, - "Type": { - "enum": [ - "AWS::QuickSight::Dashboard" - ], + "StepSize": { + "markdownDescription": "The number of increments that the slider bar is divided into.", + "title": "StepSize", + "type": "number" + }, + "Title": { + "markdownDescription": "The title of the `FilterSliderControl` .", + "title": "Title", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Type": { + "markdownDescription": "The type of the `FilterSliderControl` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range.", + "title": "Type", "type": "string" } }, "required": [ - "Type", - "Properties" + "FilterControlId", + "MaximumValue", + "MinimumValue", + "SourceFilterId", + "StepSize", + "Title" ], "type": "object" }, - "AWS::QuickSight::Dashboard.AdHocFilteringOption": { + "AWS::QuickSight::Dashboard.FilterTextAreaControl": { "additionalProperties": false, "properties": { - "AvailabilityStatus": { - "markdownDescription": "Availability status.", - "title": "AvailabilityStatus", + "Delimiter": { + "markdownDescription": "The delimiter that is used to separate the lines in text.", + "title": "Delimiter", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.AggregationFunction": { - "additionalProperties": false, - "properties": { - "AttributeAggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AttributeAggregationFunction", - "markdownDescription": "Aggregation for attributes.", - "title": "AttributeAggregationFunction" }, - "CategoricalAggregationFunction": { - "markdownDescription": "Aggregation for categorical values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values.", - "title": "CategoricalAggregationFunction", + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextAreaControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterTextAreaControl` .", + "title": "FilterControlId", "type": "string" }, - "DateAggregationFunction": { - "markdownDescription": "Aggregation for date values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values.\n- `MIN` : Select the smallest date value.\n- `MAX` : Select the largest date value.", - "title": "DateAggregationFunction", + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterTextAreaControl` .", + "title": "SourceFilterId", "type": "string" }, - "NumericalAggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericalAggregationFunction", - "markdownDescription": "Aggregation for numerical values.", - "title": "NumericalAggregationFunction" + "Title": { + "markdownDescription": "The title of the `FilterTextAreaControl` .", + "title": "Title", + "type": "string" } }, + "required": [ + "FilterControlId", + "SourceFilterId", + "Title" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.AggregationSortConfiguration": { + "AWS::QuickSight::Dashboard.FilterTextFieldControl": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationFunction", - "markdownDescription": "The function that aggregates the values in `Column` .", - "title": "AggregationFunction" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextFieldControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that determines the sort order of aggregated values.", - "title": "Column" + "FilterControlId": { + "markdownDescription": "The ID of the `FilterTextFieldControl` .", + "title": "FilterControlId", + "type": "string" }, - "SortDirection": { - "markdownDescription": "The sort direction of values.\n\n- `ASC` : Sort in ascending order.\n- `DESC` : Sort in descending order.", - "title": "SortDirection", + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterTextFieldControl` .", + "title": "SourceFilterId", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `FilterTextFieldControl` .", + "title": "Title", "type": "string" } }, "required": [ - "Column", - "SortDirection" + "FilterControlId", + "SourceFilterId", + "Title" ], "type": "object" }, - "AWS::QuickSight::Dashboard.AnalysisDefaults": { + "AWS::QuickSight::Dashboard.FontConfiguration": { "additionalProperties": false, "properties": { - "DefaultNewSheetConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultNewSheetConfiguration", - "markdownDescription": "The configuration for default new sheet settings.", - "title": "DefaultNewSheetConfiguration" + "FontColor": { + "markdownDescription": "Determines the color of the text.", + "title": "FontColor", + "type": "string" + }, + "FontDecoration": { + "markdownDescription": "Determines the appearance of decorative lines on the text.", + "title": "FontDecoration", + "type": "string" + }, + "FontFamily": { + "markdownDescription": "The font family that you want to use.", + "title": "FontFamily", + "type": "string" + }, + "FontSize": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontSize", + "markdownDescription": "The option that determines the text display size.", + "title": "FontSize" + }, + "FontStyle": { + "markdownDescription": "Determines the text display face that is inherited by the given font family.", + "title": "FontStyle", + "type": "string" + }, + "FontWeight": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontWeight", + "markdownDescription": "The option that determines the text display weight, or boldness.", + "title": "FontWeight" } }, - "required": [ - "DefaultNewSheetConfiguration" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.AnchorDateConfiguration": { + "AWS::QuickSight::Dashboard.FontSize": { "additionalProperties": false, "properties": { - "AnchorOption": { - "markdownDescription": "The options for the date configuration. Choose one of the options below:\n\n- `NOW`", - "title": "AnchorOption", + "Absolute": { + "markdownDescription": "The font size that you want to use in px.", + "title": "Absolute", "type": "string" }, - "ParameterName": { - "markdownDescription": "The name of the parameter that is used for the anchor date configuration.", - "title": "ParameterName", + "Relative": { + "markdownDescription": "The lexical name for the text size, proportional to its surrounding context.", + "title": "Relative", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ArcAxisConfiguration": { + "AWS::QuickSight::Dashboard.FontWeight": { "additionalProperties": false, "properties": { - "Range": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ArcAxisDisplayRange", - "markdownDescription": "The arc axis range of a `GaugeChartVisual` .", - "title": "Range" - }, - "ReserveRange": { - "markdownDescription": "The reserved range of the arc axis.", - "title": "ReserveRange", - "type": "number" + "Name": { + "markdownDescription": "The lexical name for the level of boldness of the text display.", + "title": "Name", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ArcAxisDisplayRange": { + "AWS::QuickSight::Dashboard.ForecastComputation": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum value of the arc axis range.", - "title": "Max", + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "CustomSeasonalityValue": { + "markdownDescription": "The custom seasonality value setup of a forecast computation.", + "title": "CustomSeasonalityValue", "type": "number" }, - "Min": { - "markdownDescription": "The minimum value of the arc axis range.", - "title": "Min", + "LowerBoundary": { + "markdownDescription": "The lower boundary setup of a forecast computation.", + "title": "LowerBoundary", "type": "number" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.ArcConfiguration": { - "additionalProperties": false, - "properties": { - "ArcAngle": { - "markdownDescription": "The option that determines the arc angle of a `GaugeChartVisual` .", - "title": "ArcAngle", + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "PeriodsBackward": { + "markdownDescription": "The periods backward setup of a forecast computation.", + "title": "PeriodsBackward", "type": "number" }, - "ArcThickness": { - "markdownDescription": "The options that determine the arc thickness of a `GaugeChartVisual` .", - "title": "ArcThickness", + "PeriodsForward": { + "markdownDescription": "The periods forward setup of a forecast computation.", + "title": "PeriodsForward", + "type": "number" + }, + "PredictionInterval": { + "markdownDescription": "The prediction interval setup of a forecast computation.", + "title": "PredictionInterval", + "type": "number" + }, + "Seasonality": { + "markdownDescription": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `AUTOMATIC`\n- `CUSTOM` : Checks the custom seasonality value.", + "title": "Seasonality", "type": "string" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + }, + "UpperBoundary": { + "markdownDescription": "The upper boundary setup of a forecast computation.", + "title": "UpperBoundary", + "type": "number" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" } }, + "required": [ + "ComputationId" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.ArcOptions": { + "AWS::QuickSight::Dashboard.ForecastConfiguration": { "additionalProperties": false, "properties": { - "ArcThickness": { - "markdownDescription": "The arc thickness of a `GaugeChartVisual` .", - "title": "ArcThickness", - "type": "string" + "ForecastProperties": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TimeBasedForecastProperties", + "markdownDescription": "The forecast properties setup of a forecast in the line chart.", + "title": "ForecastProperties" + }, + "Scenario": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ForecastScenario", + "markdownDescription": "The forecast scenario of a forecast in the line chart.", + "title": "Scenario" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.AssetOptions": { + "AWS::QuickSight::Dashboard.ForecastScenario": { "additionalProperties": false, "properties": { - "Timezone": { - "markdownDescription": "Determines the timezone for the analysis.", - "title": "Timezone", - "type": "string" + "WhatIfPointScenario": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WhatIfPointScenario", + "markdownDescription": "The what-if analysis forecast setup with the target date.", + "title": "WhatIfPointScenario" }, - "WeekStart": { - "markdownDescription": "Determines the week start day for an analysis.", - "title": "WeekStart", - "type": "string" + "WhatIfRangeScenario": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WhatIfRangeScenario", + "markdownDescription": "The what-if analysis forecast setup with the date range.", + "title": "WhatIfRangeScenario" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.AttributeAggregationFunction": { + "AWS::QuickSight::Dashboard.FormatConfiguration": { "additionalProperties": false, "properties": { - "SimpleAttributeAggregation": { - "markdownDescription": "The built-in aggregation functions for attributes.\n\n- `UNIQUE_VALUE` : Returns the unique value for a field, aggregated by the dimension fields.", - "title": "SimpleAttributeAggregation", - "type": "string" + "DateTimeFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeFormatConfiguration", + "markdownDescription": "Formatting configuration for `DateTime` fields.", + "title": "DateTimeFormatConfiguration" }, - "ValueForMultipleValues": { - "markdownDescription": "Used by the `UNIQUE_VALUE` aggregation function. If there are multiple values for the field used by the aggregation, the value for this property will be returned instead. Defaults to '*'.", - "title": "ValueForMultipleValues", - "type": "string" + "NumberFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumberFormatConfiguration", + "markdownDescription": "Formatting configuration for number fields.", + "title": "NumberFormatConfiguration" + }, + "StringFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringFormatConfiguration", + "markdownDescription": "Formatting configuration for string fields.", + "title": "StringFormatConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.AxisDataOptions": { + "AWS::QuickSight::Dashboard.FreeFormLayoutCanvasSizeOptions": { "additionalProperties": false, "properties": { - "DateAxisOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateAxisOptions", - "markdownDescription": "The options for an axis with a date field.", - "title": "DateAxisOptions" - }, - "NumericAxisOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericAxisOptions", - "markdownDescription": "The options for an axis with a numeric field.", - "title": "NumericAxisOptions" + "ScreenCanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutScreenCanvasSizeOptions", + "markdownDescription": "The options that determine the sizing of the canvas used in a free-form layout.", + "title": "ScreenCanvasSizeOptions" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.AxisDisplayMinMaxRange": { + "AWS::QuickSight::Dashboard.FreeFormLayoutConfiguration": { "additionalProperties": false, "properties": { - "Maximum": { - "markdownDescription": "The maximum setup for an axis display range.", - "title": "Maximum", - "type": "number" + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutCanvasSizeOptions", + "markdownDescription": "", + "title": "CanvasSizeOptions" }, - "Minimum": { - "markdownDescription": "The minimum setup for an axis display range.", - "title": "Minimum", - "type": "number" + "Elements": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutElement" + }, + "markdownDescription": "The elements that are included in a free-form layout.", + "title": "Elements", + "type": "array" } }, + "required": [ + "Elements" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.AxisDisplayOptions": { + "AWS::QuickSight::Dashboard.FreeFormLayoutElement": { "additionalProperties": false, "properties": { - "AxisLineVisibility": { - "markdownDescription": "Determines whether or not the axis line is visible.", - "title": "AxisLineVisibility", - "type": "string" + "BackgroundStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutElementBackgroundStyle", + "markdownDescription": "The background style configuration of a free-form layout element.", + "title": "BackgroundStyle" }, - "AxisOffset": { - "markdownDescription": "The offset value that determines the starting placement of the axis within a visual's bounds.", - "title": "AxisOffset", + "BorderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutElementBorderStyle", + "markdownDescription": "The border style configuration of a free-form layout element.", + "title": "BorderStyle" + }, + "ElementId": { + "markdownDescription": "A unique identifier for an element within a free-form layout.", + "title": "ElementId", "type": "string" }, - "DataOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDataOptions", - "markdownDescription": "The data options for an axis.", - "title": "DataOptions" + "ElementType": { + "markdownDescription": "The type of element.", + "title": "ElementType", + "type": "string" }, - "GridLineVisibility": { - "markdownDescription": "Determines whether or not the grid line is visible.", - "title": "GridLineVisibility", + "Height": { + "markdownDescription": "The height of an element within a free-form layout.", + "title": "Height", "type": "string" }, - "ScrollbarOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScrollBarOptions", - "markdownDescription": "The scroll bar options for an axis.", - "title": "ScrollbarOptions" + "LoadingAnimation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LoadingAnimation", + "markdownDescription": "The loading animation configuration of a free-form layout element.", + "title": "LoadingAnimation" }, - "TickLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisTickLabelOptions", - "markdownDescription": "The tick label options of an axis.", - "title": "TickLabelOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.AxisDisplayRange": { - "additionalProperties": false, - "properties": { - "DataDriven": { - "markdownDescription": "The data-driven setup of an axis display range.", - "title": "DataDriven", - "type": "object" + "RenderingRules": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetElementRenderingRule" + }, + "markdownDescription": "The rendering rules that determine when an element should be displayed within a free-form layout.", + "title": "RenderingRules", + "type": "array" }, - "MinMax": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayMinMaxRange", - "markdownDescription": "The minimum and maximum setup of an axis display range.", - "title": "MinMax" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.AxisLabelOptions": { - "additionalProperties": false, - "properties": { - "ApplyTo": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisLabelReferenceOptions", - "markdownDescription": "The options that indicate which field the label belongs to.", - "title": "ApplyTo" + "SelectedBorderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutElementBorderStyle", + "markdownDescription": "The border style configuration of a free-form layout element. This border style is used when the element is selected.", + "title": "SelectedBorderStyle" }, - "CustomLabel": { - "markdownDescription": "The text for the axis label.", - "title": "CustomLabel", + "Visibility": { + "markdownDescription": "The visibility of an element within a free-form layout.", + "title": "Visibility", "type": "string" }, - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", - "markdownDescription": "The font configuration of the axis label.", - "title": "FontConfiguration" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.AxisLabelReferenceOptions": { - "additionalProperties": false, - "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that the axis label is targeted to.", - "title": "Column" + "Width": { + "markdownDescription": "The width of an element within a free-form layout.", + "title": "Width", + "type": "string" }, - "FieldId": { - "markdownDescription": "The field that the axis label is targeted to.", - "title": "FieldId", + "XAxisLocation": { + "markdownDescription": "The x-axis coordinate of the element.", + "title": "XAxisLocation", + "type": "string" + }, + "YAxisLocation": { + "markdownDescription": "The y-axis coordinate of the element.", + "title": "YAxisLocation", "type": "string" } }, "required": [ - "Column", - "FieldId" + "ElementId", + "ElementType", + "Height", + "Width", + "XAxisLocation", + "YAxisLocation" ], "type": "object" }, - "AWS::QuickSight::Dashboard.AxisLinearScale": { + "AWS::QuickSight::Dashboard.FreeFormLayoutElementBackgroundStyle": { "additionalProperties": false, "properties": { - "StepCount": { - "markdownDescription": "The step count setup of a linear axis.", - "title": "StepCount", - "type": "number" + "Color": { + "markdownDescription": "The background color of a free-form layout element.", + "title": "Color", + "type": "string" }, - "StepSize": { - "markdownDescription": "The step size setup of a linear axis.", - "title": "StepSize", - "type": "number" + "Visibility": { + "markdownDescription": "The background visibility of a free-form layout element.", + "title": "Visibility", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.AxisLogarithmicScale": { + "AWS::QuickSight::Dashboard.FreeFormLayoutElementBorderStyle": { "additionalProperties": false, "properties": { - "Base": { - "markdownDescription": "The base setup of a logarithmic axis scale.", - "title": "Base", - "type": "number" + "Color": { + "markdownDescription": "The border color of a free-form layout element.", + "title": "Color", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The border visibility of a free-form layout element.", + "title": "Visibility", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.AxisScale": { + "AWS::QuickSight::Dashboard.FreeFormLayoutScreenCanvasSizeOptions": { "additionalProperties": false, "properties": { - "Linear": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisLinearScale", - "markdownDescription": "The linear axis scale setup.", - "title": "Linear" - }, - "Logarithmic": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisLogarithmicScale", - "markdownDescription": "The logarithmic axis scale setup.", - "title": "Logarithmic" + "OptimizedViewPortWidth": { + "markdownDescription": "The width that the view port will be optimized for when the layout renders.", + "title": "OptimizedViewPortWidth", + "type": "string" } }, + "required": [ + "OptimizedViewPortWidth" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.AxisTickLabelOptions": { + "AWS::QuickSight::Dashboard.FreeFormSectionLayoutConfiguration": { "additionalProperties": false, "properties": { - "LabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", - "markdownDescription": "Determines whether or not the axis ticks are visible.", - "title": "LabelOptions" - }, - "RotationAngle": { - "markdownDescription": "The rotation angle of the axis tick labels.", - "title": "RotationAngle", - "type": "number" + "Elements": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutElement" + }, + "markdownDescription": "The elements that are included in the free-form layout.", + "title": "Elements", + "type": "array" } }, + "required": [ + "Elements" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.BarChartAggregatedFieldWells": { + "AWS::QuickSight::Dashboard.FunnelChartAggregatedFieldWells": { "additionalProperties": false, "properties": { "Category": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, - "markdownDescription": "The category (y-axis) field well of a bar chart.", + "markdownDescription": "The category field wells of a funnel chart. Values are grouped by category fields.", "title": "Category", "type": "array" }, - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The color (group/color) field well of a bar chart.", - "title": "Colors", - "type": "array" - }, - "SmallMultiples": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The small multiples field well of a bar chart.", - "title": "SmallMultiples", - "type": "array" - }, "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" }, - "markdownDescription": "The value field wells of a bar chart. Values are aggregated by category.", + "markdownDescription": "The value field wells of a funnel chart. Values are aggregated based on categories.", "title": "Values", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.BarChartConfiguration": { + "AWS::QuickSight::Dashboard.FunnelChartConfiguration": { "additionalProperties": false, "properties": { - "BarsArrangement": { - "markdownDescription": "Determines the arrangement of the bars. The orientation and arrangement of bars determine the type of bar that is used in the visual.", - "title": "BarsArrangement", - "type": "string" - }, - "CategoryAxis": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) for bar chart category.", - "title": "CategoryAxis" - }, "CategoryLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a bar chart.", + "markdownDescription": "The label options of the categories that are displayed in a `FunnelChartVisual` .", "title": "CategoryLabelOptions" }, - "ColorLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a color that is used in a bar chart.", - "title": "ColorLabelOptions" - }, - "ContributionAnalysisDefaults": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ContributionAnalysisDefault" - }, - "markdownDescription": "The contribution analysis (anomaly configuration) setup of the visual.", - "title": "ContributionAnalysisDefaults", - "type": "array" - }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.", - "title": "DataLabels" + "DataLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FunnelChartDataLabelOptions", + "markdownDescription": "The options that determine the presentation of the data labels.", + "title": "DataLabelOptions" }, "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BarChartFieldWells", - "markdownDescription": "The field wells of the visual.", + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FunnelChartFieldWells", + "markdownDescription": "The field well configuration of a `FunnelChartVisual` .", "title": "FieldWells" }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" - }, - "Orientation": { - "markdownDescription": "The orientation of the bars in a bar chart visual. There are two valid values in this structure:\n\n- `HORIZONTAL` : Used for charts that have horizontal bars. Visuals that use this value are horizontal bar charts, horizontal stacked bar charts, and horizontal stacked 100% bar charts.\n- `VERTICAL` : Used for charts that have vertical bars. Visuals that use this value are vertical bar charts, vertical stacked bar charts, and vertical stacked 100% bar charts.", - "title": "Orientation", - "type": "string" - }, - "ReferenceLines": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLine" - }, - "markdownDescription": "The reference line setup of the visual.", - "title": "ReferenceLines", - "type": "array" - }, - "SmallMultiplesOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SmallMultiplesOptions", - "markdownDescription": "The small multiples setup for the visual.", - "title": "SmallMultiplesOptions" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" }, "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BarChartSortConfiguration", - "markdownDescription": "The sort configuration of a `BarChartVisual` .", + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FunnelChartSortConfiguration", + "markdownDescription": "The sort configuration of a `FunnelChartVisual` .", "title": "SortConfiguration" }, "Tooltip": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", + "markdownDescription": "The tooltip configuration of a `FunnelChartVisual` .", "title": "Tooltip" }, - "ValueAxis": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) for a bar chart value.", - "title": "ValueAxis" - }, "ValueLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a bar chart value.", + "markdownDescription": "The label options for the values that are displayed in a `FunnelChartVisual` .", "title": "ValueLabelOptions" }, "VisualPalette": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", + "markdownDescription": "The visual palette configuration of a `FunnelChartVisual` .", "title": "VisualPalette" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.BarChartFieldWells": { + "AWS::QuickSight::Dashboard.FunnelChartDataLabelOptions": { "additionalProperties": false, "properties": { - "BarChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BarChartAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a bar chart.", - "title": "BarChartAggregatedFieldWells" + "CategoryLabelVisibility": { + "markdownDescription": "The visibility of the category labels within the data labels.", + "title": "CategoryLabelVisibility", + "type": "string" + }, + "LabelColor": { + "markdownDescription": "The color of the data label text.", + "title": "LabelColor", + "type": "string" + }, + "LabelFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", + "markdownDescription": "The font configuration for the data labels.\n\nOnly the `FontSize` attribute of the font configuration is used for data labels.", + "title": "LabelFontConfiguration" + }, + "MeasureDataLabelStyle": { + "markdownDescription": "Determines the style of the metric labels.", + "title": "MeasureDataLabelStyle", + "type": "string" + }, + "MeasureLabelVisibility": { + "markdownDescription": "The visibility of the measure labels within the data labels.", + "title": "MeasureLabelVisibility", + "type": "string" + }, + "Position": { + "markdownDescription": "Determines the positioning of the data label relative to a section of the funnel.", + "title": "Position", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility option that determines if data labels are displayed.", + "title": "Visibility", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.BarChartSortConfiguration": { + "AWS::QuickSight::Dashboard.FunnelChartFieldWells": { + "additionalProperties": false, + "properties": { + "FunnelChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FunnelChartAggregatedFieldWells", + "markdownDescription": "The field well configuration of a `FunnelChartVisual` .", + "title": "FunnelChartAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FunnelChartSortConfiguration": { "additionalProperties": false, "properties": { "CategoryItemsLimit": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of categories displayed in a bar chart.", + "markdownDescription": "The limit on the number of categories displayed.", "title": "CategoryItemsLimit" }, "CategorySort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" }, - "markdownDescription": "The sort configuration of category fields.", + "markdownDescription": "The sort configuration of the category fields.", "title": "CategorySort", "type": "array" - }, - "ColorItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of values displayed in a bar chart.", - "title": "ColorItemsLimit" - }, - "ColorSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of color fields in a bar chart.", - "title": "ColorSort", - "type": "array" - }, - "SmallMultiplesLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of small multiples panels that are displayed.", - "title": "SmallMultiplesLimitConfiguration" - }, - "SmallMultiplesSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the small multiples field.", - "title": "SmallMultiplesSort", - "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.BarChartVisual": { + "AWS::QuickSight::Dashboard.FunnelChartVisual": { "additionalProperties": false, "properties": { "Actions": { @@ -196054,8 +239403,8 @@ "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BarChartConfiguration", - "markdownDescription": "The configuration settings of the visual.", + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FunnelChartConfiguration", + "markdownDescription": "The configuration of a `FunnelChartVisual` .", "title": "ChartConfiguration" }, "ColumnHierarchies": { @@ -196076,8 +239425,13 @@ "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", "title": "VisualId", "type": "string" } @@ -196087,223 +239441,174 @@ ], "type": "object" }, - "AWS::QuickSight::Dashboard.BinCountOptions": { - "additionalProperties": false, - "properties": { - "Value": { - "markdownDescription": "The options that determine the bin count value.", - "title": "Value", - "type": "number" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.BinWidthOptions": { + "AWS::QuickSight::Dashboard.GaugeChartArcConditionalFormatting": { "additionalProperties": false, "properties": { - "BinCountLimit": { - "markdownDescription": "The options that determine the bin count limit.", - "title": "BinCountLimit", - "type": "number" - }, - "Value": { - "markdownDescription": "The options that determine the bin width value.", - "title": "Value", - "type": "number" + "ForegroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the arc foreground color.", + "title": "ForegroundColor" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.BodySectionConfiguration": { + "AWS::QuickSight::Dashboard.GaugeChartColorConfiguration": { "additionalProperties": false, "properties": { - "Content": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BodySectionContent", - "markdownDescription": "The configuration of content in a body section.", - "title": "Content" - }, - "PageBreakConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionPageBreakConfiguration", - "markdownDescription": "The configuration of a page break for a section.", - "title": "PageBreakConfiguration" - }, - "SectionId": { - "markdownDescription": "The unique identifier of a body section.", - "title": "SectionId", + "BackgroundColor": { + "markdownDescription": "The background color configuration of a `GaugeChartVisual` .", + "title": "BackgroundColor", "type": "string" }, - "Style": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionStyle", - "markdownDescription": "The style options of a body section.", - "title": "Style" + "ForegroundColor": { + "markdownDescription": "The foreground color configuration of a `GaugeChartVisual` .", + "title": "ForegroundColor", + "type": "string" } }, - "required": [ - "Content", - "SectionId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.BodySectionContent": { + "AWS::QuickSight::Dashboard.GaugeChartConditionalFormatting": { "additionalProperties": false, "properties": { - "Layout": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionLayoutConfiguration", - "markdownDescription": "The layout configuration of a body section.", - "title": "Layout" + "ConditionalFormattingOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartConditionalFormattingOption" + }, + "markdownDescription": "Conditional formatting options of a `GaugeChartVisual` .", + "title": "ConditionalFormattingOptions", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.BoxPlotAggregatedFieldWells": { + "AWS::QuickSight::Dashboard.GaugeChartConditionalFormattingOption": { "additionalProperties": false, "properties": { - "GroupBy": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The group by field well of a box plot chart. Values are grouped based on group by fields.", - "title": "GroupBy", - "type": "array" + "Arc": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartArcConditionalFormatting", + "markdownDescription": "The options that determine the presentation of the arc of a `GaugeChartVisual` .", + "title": "Arc" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The value field well of a box plot chart. Values are aggregated based on group by fields.", - "title": "Values", - "type": "array" + "PrimaryValue": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartPrimaryValueConditionalFormatting", + "markdownDescription": "The conditional formatting for the primary value of a `GaugeChartVisual` .", + "title": "PrimaryValue" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.BoxPlotChartConfiguration": { + "AWS::QuickSight::Dashboard.GaugeChartConfiguration": { "additionalProperties": false, "properties": { - "BoxPlotOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotOptions", - "markdownDescription": "The box plot chart options for a box plot visual", - "title": "BoxPlotOptions" - }, - "CategoryAxis": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) of a box plot category.", - "title": "CategoryAxis" + "ColorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartColorConfiguration", + "markdownDescription": "The color configuration of a `GaugeChartVisual` .", + "title": "ColorConfiguration" }, - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort Icon visibility) of a box plot category.", - "title": "CategoryLabelOptions" + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", + "markdownDescription": "The data label configuration of a `GaugeChartVisual` .", + "title": "DataLabels" }, "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotFieldWells", - "markdownDescription": "The field wells of the visual.", + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartFieldWells", + "markdownDescription": "The field well configuration of a `GaugeChartVisual` .", "title": "FieldWells" }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", - "markdownDescription": "", - "title": "Legend" - }, - "PrimaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) of a box plot category.", - "title": "PrimaryYAxisDisplayOptions" - }, - "PrimaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort icon visibility) of a box plot value.", - "title": "PrimaryYAxisLabelOptions" - }, - "ReferenceLines": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLine" - }, - "markdownDescription": "The reference line setup of the visual.", - "title": "ReferenceLines", - "type": "array" + "GaugeChartOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartOptions", + "markdownDescription": "The options that determine the presentation of the `GaugeChartVisual` .", + "title": "GaugeChartOptions" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotSortConfiguration", - "markdownDescription": "The sort configuration of a `BoxPlotVisual` .", - "title": "SortConfiguration" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" }, - "Tooltip": { + "TooltipOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" + "markdownDescription": "The tooltip configuration of a `GaugeChartVisual` .", + "title": "TooltipOptions" }, "VisualPalette": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", + "markdownDescription": "The visual palette configuration of a `GaugeChartVisual` .", "title": "VisualPalette" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.BoxPlotFieldWells": { + "AWS::QuickSight::Dashboard.GaugeChartFieldWells": { "additionalProperties": false, "properties": { - "BoxPlotAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a box plot.", - "title": "BoxPlotAggregatedFieldWells" + "TargetValues": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The target value field wells of a `GaugeChartVisual` .", + "title": "TargetValues", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The value field wells of a `GaugeChartVisual` .", + "title": "Values", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.BoxPlotOptions": { + "AWS::QuickSight::Dashboard.GaugeChartOptions": { "additionalProperties": false, "properties": { - "AllDataPointsVisibility": { - "markdownDescription": "Determines the visibility of all data points of the box plot.", - "title": "AllDataPointsVisibility", - "type": "string" + "Arc": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ArcConfiguration", + "markdownDescription": "The arc configuration of a `GaugeChartVisual` .", + "title": "Arc" }, - "OutlierVisibility": { - "markdownDescription": "Determines the visibility of the outlier in a box plot.", - "title": "OutlierVisibility", + "ArcAxis": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ArcAxisConfiguration", + "markdownDescription": "The arc axis configuration of a `GaugeChartVisual` .", + "title": "ArcAxis" + }, + "Comparison": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComparisonConfiguration", + "markdownDescription": "The comparison configuration of a `GaugeChartVisual` .", + "title": "Comparison" + }, + "PrimaryValueDisplayType": { + "markdownDescription": "The options that determine the primary value display type.", + "title": "PrimaryValueDisplayType", "type": "string" }, - "StyleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotStyleOptions", - "markdownDescription": "The style options of the box plot.", - "title": "StyleOptions" + "PrimaryValueFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", + "markdownDescription": "The options that determine the primary value font configuration.", + "title": "PrimaryValueFontConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.BoxPlotSortConfiguration": { + "AWS::QuickSight::Dashboard.GaugeChartPrimaryValueConditionalFormatting": { "additionalProperties": false, "properties": { - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of a group by fields.", - "title": "CategorySort", - "type": "array" + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting of the primary value icon.", + "title": "Icon" }, - "PaginationConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PaginationConfiguration", - "markdownDescription": "The pagination configuration of a table visual or box plot.", - "title": "PaginationConfiguration" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.BoxPlotStyleOptions": { - "additionalProperties": false, - "properties": { - "FillStyle": { - "markdownDescription": "The fill styles (solid, transparent) of the box plot.", - "title": "FillStyle", - "type": "string" + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the primary value text color.", + "title": "TextColor" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.BoxPlotVisual": { + "AWS::QuickSight::Dashboard.GaugeChartVisual": { "additionalProperties": false, "properties": { "Actions": { @@ -196315,17 +239620,14 @@ "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotChartConfiguration", - "markdownDescription": "The configuration settings of the visual.", + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartConfiguration", + "markdownDescription": "The configuration of a `GaugeChartVisual` .", "title": "ChartConfiguration" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "ConditionalFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartConditionalFormatting", + "markdownDescription": "The conditional formatting of a `GaugeChartVisual` .", + "title": "ConditionalFormatting" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", @@ -196337,8 +239639,13 @@ "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } @@ -196348,600 +239655,593 @@ ], "type": "object" }, - "AWS::QuickSight::Dashboard.CalculatedField": { + "AWS::QuickSight::Dashboard.GeospatialCategoricalColor": { "additionalProperties": false, "properties": { - "DataSetIdentifier": { - "markdownDescription": "The data set that is used in this calculated field.", - "title": "DataSetIdentifier", - "type": "string" + "CategoryDataColors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialCategoricalDataColor" + }, + "markdownDescription": "A list of categorical data colors for each category.", + "title": "CategoryDataColors", + "type": "array" }, - "Expression": { - "markdownDescription": "The expression of the calculated field.", - "title": "Expression", - "type": "string" + "DefaultOpacity": { + "markdownDescription": "The default opacity of a categorical color.", + "title": "DefaultOpacity", + "type": "number" }, - "Name": { - "markdownDescription": "The name of the calculated field.", - "title": "Name", + "NullDataSettings": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialNullDataSettings", + "markdownDescription": "The null data visualization settings.", + "title": "NullDataSettings" + }, + "NullDataVisibility": { + "markdownDescription": "The state of visibility for null data.", + "title": "NullDataVisibility", "type": "string" } }, "required": [ - "DataSetIdentifier", - "Expression", - "Name" + "CategoryDataColors" ], "type": "object" }, - "AWS::QuickSight::Dashboard.CalculatedMeasureField": { + "AWS::QuickSight::Dashboard.GeospatialCategoricalDataColor": { "additionalProperties": false, "properties": { - "Expression": { - "markdownDescription": "The expression in the table calculation.", - "title": "Expression", + "Color": { + "markdownDescription": "The color and opacity values for the category data color.", + "title": "Color", "type": "string" }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "DataValue": { + "markdownDescription": "The data value for the category data color.", + "title": "DataValue", "type": "string" } }, "required": [ - "Expression", - "FieldId" + "Color", + "DataValue" ], "type": "object" }, - "AWS::QuickSight::Dashboard.CascadingControlConfiguration": { + "AWS::QuickSight::Dashboard.GeospatialCircleRadius": { "additionalProperties": false, "properties": { - "SourceControls": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CascadingControlSource" - }, - "markdownDescription": "A list of source controls that determine the values that are used in the current control.", - "title": "SourceControls", - "type": "array" + "Radius": { + "markdownDescription": "The positive value for the radius of a circle.", + "title": "Radius", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.CascadingControlSource": { + "AWS::QuickSight::Dashboard.GeospatialCircleSymbolStyle": { "additionalProperties": false, "properties": { - "ColumnToMatch": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column identifier that determines which column to look up for the source sheet control.", - "title": "ColumnToMatch" + "CircleRadius": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialCircleRadius", + "markdownDescription": "The radius of the circle.", + "title": "CircleRadius" }, - "SourceSheetControlId": { - "markdownDescription": "The source sheet control ID of a `CascadingControlSource` .", - "title": "SourceSheetControlId", - "type": "string" + "FillColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialColor", + "markdownDescription": "The color and opacity values for the fill color.", + "title": "FillColor" + }, + "StrokeColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialColor", + "markdownDescription": "The color and opacity values for the stroke color.", + "title": "StrokeColor" + }, + "StrokeWidth": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialLineWidth", + "markdownDescription": "The width of the stroke (border).", + "title": "StrokeWidth" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.CategoricalDimensionField": { + "AWS::QuickSight::Dashboard.GeospatialColor": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that is used in the `CategoricalDimensionField` .", - "title": "Column" - }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", - "type": "string" + "Categorical": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialCategoricalColor", + "markdownDescription": "The visualization properties for the categorical color.", + "title": "Categorical" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" + "Gradient": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialGradientColor", + "markdownDescription": "The visualization properties for the gradient color.", + "title": "Gradient" }, - "HierarchyId": { - "markdownDescription": "The custom hierarchy ID.", - "title": "HierarchyId", - "type": "string" + "Solid": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialSolidColor", + "markdownDescription": "The visualization properties for the solid color.", + "title": "Solid" } }, - "required": [ - "Column", - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.CategoricalMeasureField": { + "AWS::QuickSight::Dashboard.GeospatialCoordinateBounds": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "markdownDescription": "The aggregation function of the measure field.", - "title": "AggregationFunction", - "type": "string" + "East": { + "markdownDescription": "The longitude of the east bound of the geospatial coordinate bounds.", + "title": "East", + "type": "number" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that is used in the `CategoricalMeasureField` .", - "title": "Column" + "North": { + "markdownDescription": "The latitude of the north bound of the geospatial coordinate bounds.", + "title": "North", + "type": "number" }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", - "type": "string" + "South": { + "markdownDescription": "The latitude of the south bound of the geospatial coordinate bounds.", + "title": "South", + "type": "number" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" + "West": { + "markdownDescription": "The longitude of the west bound of the geospatial coordinate bounds.", + "title": "West", + "type": "number" } }, "required": [ - "Column", - "FieldId" + "East", + "North", + "South", + "West" ], "type": "object" }, - "AWS::QuickSight::Dashboard.CategoryDrillDownFilter": { + "AWS::QuickSight::Dashboard.GeospatialDataSourceItem": { "additionalProperties": false, "properties": { - "CategoryValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the string inputs that are the values of the category drill down filter.", - "title": "CategoryValues", - "type": "array" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" + "StaticFileDataSource": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialStaticFileSource", + "markdownDescription": "The static file data source properties for the geospatial data.", + "title": "StaticFileDataSource" } }, - "required": [ - "CategoryValues", - "Column" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.CategoryFilter": { + "AWS::QuickSight::Dashboard.GeospatialGradientColor": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "Configuration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CategoryFilterConfiguration", - "markdownDescription": "The configuration for a `CategoryFilter` .", - "title": "Configuration" + "DefaultOpacity": { + "markdownDescription": "The default opacity for the gradient color.", + "title": "DefaultOpacity", + "type": "number" }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" + "NullDataSettings": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialNullDataSettings", + "markdownDescription": "The null data visualization settings.", + "title": "NullDataSettings" }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", + "NullDataVisibility": { + "markdownDescription": "The state of visibility for null data.", + "title": "NullDataVisibility", "type": "string" + }, + "StepColors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialGradientStepColor" + }, + "markdownDescription": "A list of gradient step colors for the gradient.", + "title": "StepColors", + "type": "array" } }, "required": [ - "Column", - "Configuration", - "FilterId" + "StepColors" ], "type": "object" }, - "AWS::QuickSight::Dashboard.CategoryFilterConfiguration": { + "AWS::QuickSight::Dashboard.GeospatialGradientStepColor": { "additionalProperties": false, "properties": { - "CustomFilterConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomFilterConfiguration", - "markdownDescription": "A custom filter that filters based on a single value. This filter can be partially matched.", - "title": "CustomFilterConfiguration" - }, - "CustomFilterListConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomFilterListConfiguration", - "markdownDescription": "A list of custom filter values. In the Amazon QuickSight console, this filter type is called a custom filter list.", - "title": "CustomFilterListConfiguration" + "Color": { + "markdownDescription": "The color and opacity values for the gradient step color.", + "title": "Color", + "type": "string" }, - "FilterListConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterListConfiguration", - "markdownDescription": "A list of filter configurations. In the Amazon QuickSight console, this filter type is called a filter list.", - "title": "FilterListConfiguration" + "DataValue": { + "markdownDescription": "The data value for the gradient step color.", + "title": "DataValue", + "type": "number" } }, + "required": [ + "Color", + "DataValue" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.ChartAxisLabelOptions": { + "AWS::QuickSight::Dashboard.GeospatialHeatmapColorScale": { "additionalProperties": false, "properties": { - "AxisLabelOptions": { + "Colors": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisLabelOptions" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialHeatmapDataColor" }, - "markdownDescription": "The label options for a chart axis.", - "title": "AxisLabelOptions", + "markdownDescription": "The list of colors to be used in heatmap point style.", + "title": "Colors", "type": "array" - }, - "SortIconVisibility": { - "markdownDescription": "The visibility configuration of the sort icon on a chart's axis label.", - "title": "SortIconVisibility", - "type": "string" - }, - "Visibility": { - "markdownDescription": "The visibility of an axis label on a chart. Choose one of the following options:\n\n- `VISIBLE` : Shows the axis.\n- `HIDDEN` : Hides the axis.", - "title": "Visibility", - "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ClusterMarker": { + "AWS::QuickSight::Dashboard.GeospatialHeatmapConfiguration": { "additionalProperties": false, "properties": { - "SimpleClusterMarker": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SimpleClusterMarker", - "markdownDescription": "The simple cluster marker of the cluster marker.", - "title": "SimpleClusterMarker" + "HeatmapColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialHeatmapColorScale", + "markdownDescription": "The color scale specification for the heatmap point style.", + "title": "HeatmapColor" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ClusterMarkerConfiguration": { + "AWS::QuickSight::Dashboard.GeospatialHeatmapDataColor": { "additionalProperties": false, "properties": { - "ClusterMarker": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ClusterMarker", - "markdownDescription": "The cluster marker that is a part of the cluster marker configuration.", - "title": "ClusterMarker" + "Color": { + "markdownDescription": "The hex color to be used in the heatmap point style.", + "title": "Color", + "type": "string" } }, + "required": [ + "Color" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.ColorScale": { + "AWS::QuickSight::Dashboard.GeospatialLayerColorField": { "additionalProperties": false, "properties": { - "ColorFillType": { - "markdownDescription": "Determines the color fill type.", - "title": "ColorFillType", - "type": "string" - }, - "Colors": { + "ColorDimensionsFields": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataColor" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, - "markdownDescription": "Determines the list of colors that are applied to the visual.", - "title": "Colors", + "markdownDescription": "A list of color dimension fields.", + "title": "ColorDimensionsFields", "type": "array" }, - "NullValueColor": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataColor", - "markdownDescription": "Determines the color that is applied to null values.", - "title": "NullValueColor" + "ColorValuesFields": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "A list of color measure fields.", + "title": "ColorValuesFields", + "type": "array" } }, - "required": [ - "ColorFillType", - "Colors" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.ColorsConfiguration": { + "AWS::QuickSight::Dashboard.GeospatialLayerDefinition": { "additionalProperties": false, "properties": { - "CustomColors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomColor" - }, - "markdownDescription": "A list of up to 50 custom colors.", - "title": "CustomColors", - "type": "array" + "LineLayer": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialLineLayer", + "markdownDescription": "The definition for a line layer.", + "title": "LineLayer" + }, + "PointLayer": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialPointLayer", + "markdownDescription": "The definition for a point layer.", + "title": "PointLayer" + }, + "PolygonLayer": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialPolygonLayer", + "markdownDescription": "The definition for a polygon layer.", + "title": "PolygonLayer" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ColumnConfiguration": { + "AWS::QuickSight::Dashboard.GeospatialLayerItem": { "additionalProperties": false, "properties": { - "ColorsConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColorsConfiguration", - "markdownDescription": "The color configurations of the column.", - "title": "ColorsConfiguration" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LayerCustomAction" + }, + "markdownDescription": "A list of custom actions for a layer.", + "title": "Actions", + "type": "array" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column.", - "title": "Column" + "DataSource": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialDataSourceItem", + "markdownDescription": "The data source for the layer.", + "title": "DataSource" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FormatConfiguration", - "markdownDescription": "The format configuration of a column.", - "title": "FormatConfiguration" + "JoinDefinition": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialLayerJoinDefinition", + "markdownDescription": "The join definition properties for a layer.", + "title": "JoinDefinition" }, - "Role": { - "markdownDescription": "The role of the column.", - "title": "Role", + "Label": { + "markdownDescription": "The label that is displayed for the layer.", + "title": "Label", + "type": "string" + }, + "LayerDefinition": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialLayerDefinition", + "markdownDescription": "The definition properties for a layer.", + "title": "LayerDefinition" + }, + "LayerId": { + "markdownDescription": "The ID of the layer.", + "title": "LayerId", + "type": "string" + }, + "LayerType": { + "markdownDescription": "The layer type.", + "title": "LayerType", + "type": "string" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", + "markdownDescription": "", + "title": "Tooltip" + }, + "Visibility": { + "markdownDescription": "The state of visibility for the layer.", + "title": "Visibility", "type": "string" } }, "required": [ - "Column" + "LayerId" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ColumnHierarchy": { + "AWS::QuickSight::Dashboard.GeospatialLayerJoinDefinition": { "additionalProperties": false, "properties": { - "DateTimeHierarchy": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeHierarchy", - "markdownDescription": "The option that determines the hierarchy of any `DateTime` fields.", - "title": "DateTimeHierarchy" + "ColorField": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialLayerColorField", + "markdownDescription": "The geospatial color field for the join definition.", + "title": "ColorField" }, - "ExplicitHierarchy": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ExplicitHierarchy", - "markdownDescription": "The option that determines the hierarchy of the fields that are built within a visual's field wells. These fields can't be duplicated to other visuals.", - "title": "ExplicitHierarchy" + "DatasetKeyField": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.UnaggregatedField", + "markdownDescription": "", + "title": "DatasetKeyField" }, - "PredefinedHierarchy": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PredefinedHierarchy", - "markdownDescription": "The option that determines the hierarchy of the fields that are defined during data preparation. These fields are available to use in any analysis that uses the data source.", - "title": "PredefinedHierarchy" + "ShapeKeyField": { + "markdownDescription": "The name of the field or property in the geospatial data source.", + "title": "ShapeKeyField", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ColumnIdentifier": { + "AWS::QuickSight::Dashboard.GeospatialLayerMapConfiguration": { "additionalProperties": false, "properties": { - "ColumnName": { - "markdownDescription": "The name of the column.", - "title": "ColumnName", - "type": "string" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "", + "title": "Interactions" }, - "DataSetIdentifier": { - "markdownDescription": "The data set that the column belongs to.", - "title": "DataSetIdentifier", - "type": "string" + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", + "markdownDescription": "", + "title": "Legend" + }, + "MapLayers": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialLayerItem" + }, + "markdownDescription": "The geospatial layers to visualize on the map.", + "title": "MapLayers", + "type": "array" + }, + "MapState": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapState", + "markdownDescription": "The map state properties for the map.", + "title": "MapState" + }, + "MapStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapStyle", + "markdownDescription": "The map style properties for the map.", + "title": "MapStyle" } }, - "required": [ - "ColumnName", - "DataSetIdentifier" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.ColumnSort": { + "AWS::QuickSight::Dashboard.GeospatialLineLayer": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationFunction", - "markdownDescription": "The aggregation function that is defined in the column sort.", - "title": "AggregationFunction" - }, - "Direction": { - "markdownDescription": "The sort direction.", - "title": "Direction", - "type": "string" - }, - "SortBy": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "", - "title": "SortBy" + "Style": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialLineStyle", + "markdownDescription": "The visualization style for a line layer.", + "title": "Style" } }, "required": [ - "Direction", - "SortBy" + "Style" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ColumnTooltipItem": { + "AWS::QuickSight::Dashboard.GeospatialLineStyle": { "additionalProperties": false, "properties": { - "Aggregation": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationFunction", - "markdownDescription": "The aggregation function of the column tooltip item.", - "title": "Aggregation" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The target column of the tooltip item.", - "title": "Column" - }, - "Label": { - "markdownDescription": "The label of the tooltip item.", - "title": "Label", - "type": "string" - }, - "Visibility": { - "markdownDescription": "The visibility of the tooltip item.", - "title": "Visibility", - "type": "string" + "LineSymbolStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialLineSymbolStyle", + "markdownDescription": "The symbol style for a line style.", + "title": "LineSymbolStyle" } }, - "required": [ - "Column" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.ComboChartAggregatedFieldWells": { + "AWS::QuickSight::Dashboard.GeospatialLineSymbolStyle": { "additionalProperties": false, "properties": { - "BarValues": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The aggregated `BarValues` field well of a combo chart.", - "title": "BarValues", - "type": "array" + "FillColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialColor", + "markdownDescription": "The color and opacity values for the fill color.", + "title": "FillColor" }, - "Category": { + "LineWidth": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialLineWidth", + "markdownDescription": "The width value for a line.", + "title": "LineWidth" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialLineWidth": { + "additionalProperties": false, + "properties": { + "LineWidth": { + "markdownDescription": "The positive value for the width of a line.", + "title": "LineWidth", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialMapAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Colors": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, - "markdownDescription": "The aggregated category field wells of a combo chart.", - "title": "Category", + "markdownDescription": "The color field wells of a geospatial map.", + "title": "Colors", "type": "array" }, - "Colors": { + "Geospatial": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, - "markdownDescription": "The aggregated colors field well of a combo chart.", - "title": "Colors", + "markdownDescription": "The geospatial field wells of a geospatial map. Values are grouped by geospatial fields.", + "title": "Geospatial", "type": "array" }, - "LineValues": { + "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" }, - "markdownDescription": "The aggregated `LineValues` field well of a combo chart.", - "title": "LineValues", + "markdownDescription": "The size field wells of a geospatial map. Values are aggregated based on geospatial fields.", + "title": "Values", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ComboChartConfiguration": { + "AWS::QuickSight::Dashboard.GeospatialMapConfiguration": { "additionalProperties": false, "properties": { - "BarDataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.\n\nThe data label options for a bar in a combo chart.", - "title": "BarDataLabels" - }, - "BarsArrangement": { - "markdownDescription": "Determines the bar arrangement in a combo chart. The following are valid values in this structure:\n\n- `CLUSTERED` : For clustered bar combo charts.\n- `STACKED` : For stacked bar combo charts.\n- `STACKED_PERCENT` : Do not use. If you use this value, the operation returns a validation error.", - "title": "BarsArrangement", - "type": "string" - }, - "CategoryAxis": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The category axis of a combo chart.", - "title": "CategoryAxis" - }, - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart category (group/color) field well.", - "title": "CategoryLabelOptions" - }, - "ColorLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's color field well.", - "title": "ColorLabelOptions" - }, "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComboChartFieldWells", + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, "Legend": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Legend" }, - "LineDataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.\n\nThe data label options for a line in a combo chart.", - "title": "LineDataLabels" - }, - "PrimaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, and axis step) of a combo chart's primary y-axis (bar) field well.", - "title": "PrimaryYAxisDisplayOptions" - }, - "PrimaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's primary y-axis (bar) field well.", - "title": "PrimaryYAxisLabelOptions" - }, - "ReferenceLines": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLine" - }, - "markdownDescription": "The reference line setup of the visual.", - "title": "ReferenceLines", - "type": "array" - }, - "SecondaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) of a combo chart's secondary y-axis (line) field well.", - "title": "SecondaryYAxisDisplayOptions" - }, - "SecondaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's secondary y-axis(line) field well.", - "title": "SecondaryYAxisLabelOptions" + "MapStyleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapStyleOptions", + "markdownDescription": "The map style options of the geospatial map.", + "title": "MapStyleOptions" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComboChartSortConfiguration", - "markdownDescription": "The sort configuration of a `ComboChartVisual` .", - "title": "SortConfiguration" + "PointStyleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialPointStyleOptions", + "markdownDescription": "The point style options of the geospatial map.", + "title": "PointStyleOptions" }, "Tooltip": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", - "markdownDescription": "The legend display setup of the visual.", + "markdownDescription": "The tooltip display setup of the visual.", "title": "Tooltip" }, "VisualPalette": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", + "markdownDescription": "", "title": "VisualPalette" + }, + "WindowOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialWindowOptions", + "markdownDescription": "The window options of the geospatial map.", + "title": "WindowOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialMapFieldWells": { + "additionalProperties": false, + "properties": { + "GeospatialMapAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapAggregatedFieldWells", + "markdownDescription": "The aggregated field well for a geospatial map.", + "title": "GeospatialMapAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialMapState": { + "additionalProperties": false, + "properties": { + "Bounds": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialCoordinateBounds", + "markdownDescription": "", + "title": "Bounds" + }, + "MapNavigation": { + "markdownDescription": "Enables or disables map navigation for a map.", + "title": "MapNavigation", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ComboChartFieldWells": { + "AWS::QuickSight::Dashboard.GeospatialMapStyle": { "additionalProperties": false, "properties": { - "ComboChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComboChartAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a combo chart. Combo charts only have aggregated field wells. Columns in a combo chart are aggregated by category.", - "title": "ComboChartAggregatedFieldWells" + "BackgroundColor": { + "markdownDescription": "The background color and opacity values for a map.", + "title": "BackgroundColor", + "type": "string" + }, + "BaseMapStyle": { + "markdownDescription": "The selected base map style.", + "title": "BaseMapStyle", + "type": "string" + }, + "BaseMapVisibility": { + "markdownDescription": "The state of visibility for the base map.", + "title": "BaseMapVisibility", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ComboChartSortConfiguration": { + "AWS::QuickSight::Dashboard.GeospatialMapStyleOptions": { "additionalProperties": false, "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The item limit configuration for the category field well of a combo chart.", - "title": "CategoryItemsLimit" - }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the category field well in a combo chart.", - "title": "CategorySort", - "type": "array" - }, - "ColorItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The item limit configuration of the color field well in a combo chart.", - "title": "ColorItemsLimit" - }, - "ColorSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the color field well in a combo chart.", - "title": "ColorSort", - "type": "array" + "BaseMapStyle": { + "markdownDescription": "The base map style of the geospatial map.", + "title": "BaseMapStyle", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ComboChartVisual": { + "AWS::QuickSight::Dashboard.GeospatialMapVisual": { "additionalProperties": false, "properties": { "Actions": { @@ -196953,7 +240253,7 @@ "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComboChartConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, @@ -196975,8 +240275,13 @@ "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", "title": "VisualId", "type": "string" } @@ -196986,2528 +240291,2673 @@ ], "type": "object" }, - "AWS::QuickSight::Dashboard.ComparisonConfiguration": { + "AWS::QuickSight::Dashboard.GeospatialNullDataSettings": { "additionalProperties": false, "properties": { - "ComparisonFormat": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComparisonFormatConfiguration", - "markdownDescription": "The format of the comparison.", - "title": "ComparisonFormat" - }, - "ComparisonMethod": { - "markdownDescription": "The method of the comparison. Choose from the following options:\n\n- `DIFFERENCE`\n- `PERCENT_DIFFERENCE`\n- `PERCENT`", - "title": "ComparisonMethod", - "type": "string" + "SymbolStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialNullSymbolStyle", + "markdownDescription": "The symbol style for null data.", + "title": "SymbolStyle" } }, + "required": [ + "SymbolStyle" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.ComparisonFormatConfiguration": { + "AWS::QuickSight::Dashboard.GeospatialNullSymbolStyle": { "additionalProperties": false, "properties": { - "NumberDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumberDisplayFormatConfiguration", - "markdownDescription": "The number display format.", - "title": "NumberDisplayFormatConfiguration" + "FillColor": { + "markdownDescription": "The color and opacity values for the fill color.", + "title": "FillColor", + "type": "string" }, - "PercentageDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PercentageDisplayFormatConfiguration", - "markdownDescription": "The percentage display format.", - "title": "PercentageDisplayFormatConfiguration" + "StrokeColor": { + "markdownDescription": "The color and opacity values for the stroke color.", + "title": "StrokeColor", + "type": "string" + }, + "StrokeWidth": { + "markdownDescription": "The width of the border stroke.", + "title": "StrokeWidth", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.Computation": { + "AWS::QuickSight::Dashboard.GeospatialPointLayer": { "additionalProperties": false, "properties": { - "Forecast": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ForecastComputation", - "markdownDescription": "The forecast computation configuration.", - "title": "Forecast" - }, - "GrowthRate": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GrowthRateComputation", - "markdownDescription": "The growth rate computation configuration.", - "title": "GrowthRate" - }, - "MaximumMinimum": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MaximumMinimumComputation", - "markdownDescription": "The maximum and minimum computation configuration.", - "title": "MaximumMinimum" - }, - "MetricComparison": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MetricComparisonComputation", - "markdownDescription": "The metric comparison computation configuration.", - "title": "MetricComparison" - }, - "PeriodOverPeriod": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PeriodOverPeriodComputation", - "markdownDescription": "The period over period computation configuration.", - "title": "PeriodOverPeriod" - }, - "PeriodToDate": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PeriodToDateComputation", - "markdownDescription": "The period to `DataSetIdentifier` computation configuration.", - "title": "PeriodToDate" - }, - "TopBottomMovers": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TopBottomMoversComputation", - "markdownDescription": "The top movers and bottom movers computation configuration.", - "title": "TopBottomMovers" - }, - "TopBottomRanked": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TopBottomRankedComputation", - "markdownDescription": "The top ranked and bottom ranked computation configuration.", - "title": "TopBottomRanked" - }, - "TotalAggregation": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TotalAggregationComputation", - "markdownDescription": "The total aggregation computation configuration.", - "title": "TotalAggregation" - }, - "UniqueValues": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.UniqueValuesComputation", - "markdownDescription": "The unique values computation configuration.", - "title": "UniqueValues" + "Style": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialPointStyle", + "markdownDescription": "The visualization style for a point layer.", + "title": "Style" } }, + "required": [ + "Style" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.ConditionalFormattingColor": { + "AWS::QuickSight::Dashboard.GeospatialPointStyle": { "additionalProperties": false, "properties": { - "Gradient": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingGradientColor", - "markdownDescription": "Formatting configuration for gradient color.", - "title": "Gradient" - }, - "Solid": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingSolidColor", - "markdownDescription": "Formatting configuration for solid color.", - "title": "Solid" + "CircleSymbolStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialCircleSymbolStyle", + "markdownDescription": "The circle symbol style for a point layer.", + "title": "CircleSymbolStyle" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ConditionalFormattingCustomIconCondition": { + "AWS::QuickSight::Dashboard.GeospatialPointStyleOptions": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "Determines the color of the icon.", - "title": "Color", - "type": "string" + "ClusterMarkerConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ClusterMarkerConfiguration", + "markdownDescription": "The cluster marker configuration of the geospatial point style.", + "title": "ClusterMarkerConfiguration" }, - "DisplayConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIconDisplayConfiguration", - "markdownDescription": "Determines the icon display configuration.", - "title": "DisplayConfiguration" + "HeatmapConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialHeatmapConfiguration", + "markdownDescription": "The heatmap configuration of the geospatial point style.", + "title": "HeatmapConfiguration" }, - "Expression": { - "markdownDescription": "The expression that determines the condition of the icon set.", - "title": "Expression", + "SelectedPointStyle": { + "markdownDescription": "The selected point styles (point, cluster) of the geospatial map.", + "title": "SelectedPointStyle", "type": "string" - }, - "IconOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingCustomIconOptions", - "markdownDescription": "Custom icon options for an icon set.", - "title": "IconOptions" } }, - "required": [ - "Expression", - "IconOptions" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.ConditionalFormattingCustomIconOptions": { + "AWS::QuickSight::Dashboard.GeospatialPolygonLayer": { "additionalProperties": false, "properties": { - "Icon": { - "markdownDescription": "Determines the type of icon.", - "title": "Icon", - "type": "string" - }, - "UnicodeIcon": { - "markdownDescription": "Determines the Unicode icon type.", - "title": "UnicodeIcon", - "type": "string" + "Style": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialPolygonStyle", + "markdownDescription": "The visualization style for a polygon layer.", + "title": "Style" } }, + "required": [ + "Style" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.ConditionalFormattingGradientColor": { + "AWS::QuickSight::Dashboard.GeospatialPolygonStyle": { "additionalProperties": false, "properties": { - "Color": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GradientColor", - "markdownDescription": "Determines the color.", - "title": "Color" - }, - "Expression": { - "markdownDescription": "The expression that determines the formatting configuration for gradient color.", - "title": "Expression", - "type": "string" + "PolygonSymbolStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialPolygonSymbolStyle", + "markdownDescription": "The polygon symbol style for a polygon layer.", + "title": "PolygonSymbolStyle" } }, - "required": [ - "Color", - "Expression" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.ConditionalFormattingIcon": { + "AWS::QuickSight::Dashboard.GeospatialPolygonSymbolStyle": { "additionalProperties": false, "properties": { - "CustomCondition": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingCustomIconCondition", - "markdownDescription": "Determines the custom condition for an icon set.", - "title": "CustomCondition" + "FillColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialColor", + "markdownDescription": "The color and opacity values for the fill color.", + "title": "FillColor" }, - "IconSet": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIconSet", - "markdownDescription": "Formatting configuration for icon set.", - "title": "IconSet" + "StrokeColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialColor", + "markdownDescription": "The color and opacity values for the stroke color.", + "title": "StrokeColor" + }, + "StrokeWidth": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialLineWidth", + "markdownDescription": "The width of the border stroke.", + "title": "StrokeWidth" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ConditionalFormattingIconDisplayConfiguration": { + "AWS::QuickSight::Dashboard.GeospatialSolidColor": { "additionalProperties": false, "properties": { - "IconDisplayOption": { - "markdownDescription": "Determines the icon display configuration.", - "title": "IconDisplayOption", + "Color": { + "markdownDescription": "The color and opacity values for the color.", + "title": "Color", + "type": "string" + }, + "State": { + "markdownDescription": "Enables and disables the view state of the color.", + "title": "State", "type": "string" } }, + "required": [ + "Color" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.ConditionalFormattingIconSet": { + "AWS::QuickSight::Dashboard.GeospatialStaticFileSource": { "additionalProperties": false, "properties": { - "Expression": { - "markdownDescription": "The expression that determines the formatting configuration for the icon set.", - "title": "Expression", - "type": "string" - }, - "IconSetType": { - "markdownDescription": "Determines the icon set type.", - "title": "IconSetType", + "StaticFileId": { + "markdownDescription": "The ID of the static file.", + "title": "StaticFileId", "type": "string" } }, "required": [ - "Expression" + "StaticFileId" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ConditionalFormattingSolidColor": { + "AWS::QuickSight::Dashboard.GeospatialWindowOptions": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "Determines the color.", - "title": "Color", - "type": "string" + "Bounds": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialCoordinateBounds", + "markdownDescription": "The bounds options (north, south, west, east) of the geospatial window options.", + "title": "Bounds" }, - "Expression": { - "markdownDescription": "The expression that determines the formatting configuration for solid color.", - "title": "Expression", + "MapZoomMode": { + "markdownDescription": "The map zoom modes (manual, auto) of the geospatial window options.", + "title": "MapZoomMode", "type": "string" } }, - "required": [ - "Expression" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.ContributionAnalysisDefault": { + "AWS::QuickSight::Dashboard.GlobalTableBorderOptions": { "additionalProperties": false, "properties": { - "ContributorDimensions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier" - }, - "markdownDescription": "The dimensions columns that are used in the contribution analysis, usually a list of `ColumnIdentifiers` .", - "title": "ContributorDimensions", - "type": "array" + "SideSpecificBorder": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableSideBorderOptions", + "markdownDescription": "Determines the options for side specific border.", + "title": "SideSpecificBorder" }, - "MeasureFieldId": { - "markdownDescription": "The measure field that is used in the contribution analysis.", - "title": "MeasureFieldId", - "type": "string" + "UniformBorder": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", + "markdownDescription": "Determines the options for uniform border.", + "title": "UniformBorder" } }, - "required": [ - "ContributorDimensions", - "MeasureFieldId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.CurrencyDisplayFormatConfiguration": { + "AWS::QuickSight::Dashboard.GradientColor": { "additionalProperties": false, "properties": { - "DecimalPlacesConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalPlacesConfiguration", - "markdownDescription": "The option that determines the decimal places configuration.", - "title": "DecimalPlacesConfiguration" - }, - "NegativeValueConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NegativeValueConfiguration", - "markdownDescription": "The options that determine the negative value configuration.", - "title": "NegativeValueConfiguration" - }, - "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NullValueFormatConfiguration", - "markdownDescription": "The options that determine the null value format configuration.", - "title": "NullValueFormatConfiguration" - }, - "NumberScale": { - "markdownDescription": "Determines the number scale value for the currency format.", - "title": "NumberScale", - "type": "string" - }, - "Prefix": { - "markdownDescription": "Determines the prefix value of the currency format.", - "title": "Prefix", - "type": "string" - }, - "SeparatorConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericSeparatorConfiguration", - "markdownDescription": "The options that determine the numeric separator configuration.", - "title": "SeparatorConfiguration" - }, - "Suffix": { - "markdownDescription": "Determines the suffix value of the currency format.", - "title": "Suffix", - "type": "string" - }, - "Symbol": { - "markdownDescription": "Determines the symbol for the currency format.", - "title": "Symbol", - "type": "string" + "Stops": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GradientStop" + }, + "markdownDescription": "The list of gradient color stops.", + "title": "Stops", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.CustomActionFilterOperation": { + "AWS::QuickSight::Dashboard.GradientStop": { "additionalProperties": false, "properties": { - "SelectedFieldsConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterOperationSelectedFieldsConfiguration", - "markdownDescription": "The configuration that chooses the fields to be filtered.", - "title": "SelectedFieldsConfiguration" + "Color": { + "markdownDescription": "Determines the color.", + "title": "Color", + "type": "string" }, - "TargetVisualsConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterOperationTargetVisualsConfiguration", - "markdownDescription": "The configuration that chooses the target visuals to be filtered.", - "title": "TargetVisualsConfiguration" + "DataValue": { + "markdownDescription": "Determines the data value.", + "title": "DataValue", + "type": "number" + }, + "GradientOffset": { + "markdownDescription": "Determines gradient offset value.", + "title": "GradientOffset", + "type": "number" } }, "required": [ - "SelectedFieldsConfiguration", - "TargetVisualsConfiguration" + "GradientOffset" ], "type": "object" }, - "AWS::QuickSight::Dashboard.CustomActionNavigationOperation": { + "AWS::QuickSight::Dashboard.GridLayoutCanvasSizeOptions": { "additionalProperties": false, "properties": { - "LocalNavigationConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LocalNavigationConfiguration", - "markdownDescription": "The configuration that chooses the navigation target.", - "title": "LocalNavigationConfiguration" + "ScreenCanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GridLayoutScreenCanvasSizeOptions", + "markdownDescription": "The options that determine the sizing of the canvas used in a grid layout.", + "title": "ScreenCanvasSizeOptions" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.CustomActionSetParametersOperation": { + "AWS::QuickSight::Dashboard.GridLayoutConfiguration": { "additionalProperties": false, "properties": { - "ParameterValueConfigurations": { + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GridLayoutCanvasSizeOptions", + "markdownDescription": "", + "title": "CanvasSizeOptions" + }, + "Elements": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SetParameterValueConfiguration" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GridLayoutElement" }, - "markdownDescription": "The parameter that determines the value configuration.", - "title": "ParameterValueConfigurations", + "markdownDescription": "The elements that are included in a grid layout.", + "title": "Elements", "type": "array" } }, "required": [ - "ParameterValueConfigurations" + "Elements" ], "type": "object" }, - "AWS::QuickSight::Dashboard.CustomActionURLOperation": { + "AWS::QuickSight::Dashboard.GridLayoutElement": { "additionalProperties": false, "properties": { - "URLTarget": { - "markdownDescription": "The target of the `CustomActionURLOperation` .\n\nValid values are defined as follows:\n\n- `NEW_TAB` : Opens the target URL in a new browser tab.\n- `NEW_WINDOW` : Opens the target URL in a new browser window.\n- `SAME_TAB` : Opens the target URL in the same browser tab.", - "title": "URLTarget", + "ColumnIndex": { + "markdownDescription": "The column index for the upper left corner of an element.", + "title": "ColumnIndex", + "type": "number" + }, + "ColumnSpan": { + "markdownDescription": "The width of a grid element expressed as a number of grid columns.", + "title": "ColumnSpan", + "type": "number" + }, + "ElementId": { + "markdownDescription": "A unique identifier for an element within a grid layout.", + "title": "ElementId", "type": "string" }, - "URLTemplate": { - "markdownDescription": "THe URL link of the `CustomActionURLOperation` .", - "title": "URLTemplate", + "ElementType": { + "markdownDescription": "The type of element.", + "title": "ElementType", "type": "string" + }, + "RowIndex": { + "markdownDescription": "The row index for the upper left corner of an element.", + "title": "RowIndex", + "type": "number" + }, + "RowSpan": { + "markdownDescription": "The height of a grid element expressed as a number of grid rows.", + "title": "RowSpan", + "type": "number" } }, "required": [ - "URLTarget", - "URLTemplate" + "ColumnSpan", + "ElementId", + "ElementType", + "RowSpan" ], "type": "object" }, - "AWS::QuickSight::Dashboard.CustomColor": { + "AWS::QuickSight::Dashboard.GridLayoutScreenCanvasSizeOptions": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The color that is applied to the data value.", - "title": "Color", - "type": "string" - }, - "FieldValue": { - "markdownDescription": "The data value that the color is applied to.", - "title": "FieldValue", + "OptimizedViewPortWidth": { + "markdownDescription": "The width that the view port will be optimized for when the layout renders.", + "title": "OptimizedViewPortWidth", "type": "string" }, - "SpecialValue": { - "markdownDescription": "The value of a special data value.", - "title": "SpecialValue", + "ResizeOption": { + "markdownDescription": "This value determines the layout behavior when the viewport is resized.\n\n- `FIXED` : A fixed width will be used when optimizing the layout. In the Amazon QuickSight console, this option is called `Classic` .\n- `RESPONSIVE` : The width of the canvas will be responsive and optimized to the view port. In the Amazon QuickSight console, this option is called `Tiled` .", + "title": "ResizeOption", "type": "string" } }, "required": [ - "Color" + "ResizeOption" ], "type": "object" }, - "AWS::QuickSight::Dashboard.CustomContentConfiguration": { + "AWS::QuickSight::Dashboard.GrowthRateComputation": { "additionalProperties": false, "properties": { - "ContentType": { - "markdownDescription": "The content type of the custom content visual. You can use this to have the visual render as an image.", - "title": "ContentType", + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", "type": "string" }, - "ContentUrl": { - "markdownDescription": "The input URL that links to the custom content that you want in the custom visual.", - "title": "ContentUrl", + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", "type": "string" }, - "ImageScaling": { - "markdownDescription": "The sizing options for the size of the custom content visual. This structure is required when the `ContentType` of the visual is `'IMAGE'` .", - "title": "ImageScaling", - "type": "string" + "PeriodSize": { + "markdownDescription": "The period size setup of a growth rate computation.", + "title": "PeriodSize", + "type": "number" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" } }, + "required": [ + "ComputationId" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.CustomContentVisual": { + "AWS::QuickSight::Dashboard.HeaderFooterSectionConfiguration": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomContentConfiguration", - "markdownDescription": "The configuration of a `CustomContentVisual` .", - "title": "ChartConfiguration" + "Layout": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionLayoutConfiguration", + "markdownDescription": "The layout configuration of the header or footer section.", + "title": "Layout" }, - "DataSetIdentifier": { - "markdownDescription": "The dataset that is used to create the custom content visual. You can't create a visual without a dataset.", - "title": "DataSetIdentifier", + "SectionId": { + "markdownDescription": "The unique identifier of the header or footer section.", + "title": "SectionId", "type": "string" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" - }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", - "type": "string" + "Style": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionStyle", + "markdownDescription": "The style options of a header or footer section.", + "title": "Style" } }, "required": [ - "DataSetIdentifier", - "VisualId" + "Layout", + "SectionId" ], "type": "object" }, - "AWS::QuickSight::Dashboard.CustomFilterConfiguration": { + "AWS::QuickSight::Dashboard.HeatMapAggregatedFieldWells": { "additionalProperties": false, "properties": { - "CategoryValue": { - "markdownDescription": "The category value for the filter.\n\nThis field is mutually exclusive to `ParameterName` .", - "title": "CategoryValue", - "type": "string" - }, - "MatchOperator": { - "markdownDescription": "The match operator that is used to determine if a filter should be applied.", - "title": "MatchOperator", - "type": "string" - }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", - "type": "string" + "Columns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The columns field well of a heat map.", + "title": "Columns", + "type": "array" }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `CategoryValue` .", - "title": "ParameterName", - "type": "string" + "Rows": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The rows field well of a heat map.", + "title": "Rows", + "type": "array" }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", - "type": "string" + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The values field well of a heat map.", + "title": "Values", + "type": "array" } }, - "required": [ - "MatchOperator", - "NullOption" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.CustomFilterListConfiguration": { + "AWS::QuickSight::Dashboard.HeatMapConfiguration": { "additionalProperties": false, "properties": { - "CategoryValues": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of category values for the filter.", - "title": "CategoryValues", - "type": "array" + "ColorScale": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColorScale", + "markdownDescription": "The color options (gradient color, point of divergence) in a heat map.", + "title": "ColorScale" }, - "MatchOperator": { - "markdownDescription": "The match operator that is used to determine if a filter should be applied.", - "title": "MatchOperator", - "type": "string" + "ColumnLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options of the column that is displayed in a heat map.", + "title": "ColumnLabelOptions" }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", - "type": "string" + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.", + "title": "DataLabels" }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", - "type": "string" + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeatMapFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "RowLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options of the row that is displayed in a `heat map` .", + "title": "RowLabelOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeatMapSortConfiguration", + "markdownDescription": "The sort configuration of a heat map.", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" } }, - "required": [ - "MatchOperator", - "NullOption" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.CustomNarrativeOptions": { + "AWS::QuickSight::Dashboard.HeatMapFieldWells": { "additionalProperties": false, "properties": { - "Narrative": { - "markdownDescription": "The string input of custom narrative.", - "title": "Narrative", - "type": "string" + "HeatMapAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeatMapAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a heat map.", + "title": "HeatMapAggregatedFieldWells" } }, - "required": [ - "Narrative" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.CustomParameterValues": { + "AWS::QuickSight::Dashboard.HeatMapSortConfiguration": { "additionalProperties": false, "properties": { - "DateTimeValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of datetime-type parameter values.", - "title": "DateTimeValues", - "type": "array" + "HeatMapColumnItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of columns that are displayed in a heat map.", + "title": "HeatMapColumnItemsLimitConfiguration" }, - "DecimalValues": { + "HeatMapColumnSort": { "items": { - "type": "number" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" }, - "markdownDescription": "A list of decimal-type parameter values.", - "title": "DecimalValues", + "markdownDescription": "The column sort configuration for heat map for columns that aren't a part of a field well.", + "title": "HeatMapColumnSort", "type": "array" }, - "IntegerValues": { - "items": { - "type": "number" - }, - "markdownDescription": "A list of integer-type parameter values.", - "title": "IntegerValues", - "type": "array" + "HeatMapRowItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of rows that are displayed in a heat map.", + "title": "HeatMapRowItemsLimitConfiguration" }, - "StringValues": { + "HeatMapRowSort": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" }, - "markdownDescription": "A list of string-type parameter values.", - "title": "StringValues", + "markdownDescription": "The field sort configuration of the rows fields.", + "title": "HeatMapRowSort", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.CustomValuesConfiguration": { + "AWS::QuickSight::Dashboard.HeatMapVisual": { "additionalProperties": false, "properties": { - "CustomValues": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomParameterValues", - "markdownDescription": "", - "title": "CustomValues" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" }, - "IncludeNullValue": { - "markdownDescription": "Includes the null value in custom action parameter values.", - "title": "IncludeNullValue", - "type": "boolean" + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeatMapConfiguration", + "markdownDescription": "The configuration of a heat map.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" } }, "required": [ - "CustomValues" + "VisualId" ], "type": "object" }, - "AWS::QuickSight::Dashboard.DashboardError": { + "AWS::QuickSight::Dashboard.HistogramAggregatedFieldWells": { "additionalProperties": false, "properties": { - "Message": { - "markdownDescription": "Message.", - "title": "Message", - "type": "string" - }, - "Type": { - "markdownDescription": "Type.", - "title": "Type", - "type": "string" - }, - "ViolatedEntities": { + "Values": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.Entity" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" }, - "markdownDescription": "Lists the violated entities that caused the dashboard error.", - "title": "ViolatedEntities", + "markdownDescription": "The value field wells of a histogram. Values are aggregated by `COUNT` or `DISTINCT_COUNT` .", + "title": "Values", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DashboardPublishOptions": { + "AWS::QuickSight::Dashboard.HistogramBinOptions": { "additionalProperties": false, "properties": { - "AdHocFilteringOption": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AdHocFilteringOption", - "markdownDescription": "Ad hoc (one-time) filtering option.", - "title": "AdHocFilteringOption" + "BinCount": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BinCountOptions", + "markdownDescription": "The options that determine the bin count of a histogram.", + "title": "BinCount" }, - "DataPointDrillUpDownOption": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPointDrillUpDownOption", - "markdownDescription": "The drill-down options of data points in a dashboard.", - "title": "DataPointDrillUpDownOption" + "BinWidth": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BinWidthOptions", + "markdownDescription": "The options that determine the bin width of a histogram.", + "title": "BinWidth" }, - "DataPointMenuLabelOption": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPointMenuLabelOption", - "markdownDescription": "The data point menu label options of a dashboard.", - "title": "DataPointMenuLabelOption" + "SelectedBinType": { + "markdownDescription": "The options that determine the selected bin type.", + "title": "SelectedBinType", + "type": "string" }, - "DataPointTooltipOption": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPointTooltipOption", - "markdownDescription": "The data point tool tip options of a dashboard.", - "title": "DataPointTooltipOption" + "StartValue": { + "markdownDescription": "The options that determine the bin start value.", + "title": "StartValue", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.HistogramConfiguration": { + "additionalProperties": false, + "properties": { + "BinOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.HistogramBinOptions", + "markdownDescription": "The options that determine the presentation of histogram bins.", + "title": "BinOptions" }, - "ExportToCSVOption": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ExportToCSVOption", - "markdownDescription": "Export to .csv option.", - "title": "ExportToCSVOption" + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", + "markdownDescription": "The data label configuration of a histogram.", + "title": "DataLabels" }, - "ExportWithHiddenFieldsOption": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ExportWithHiddenFieldsOption", - "markdownDescription": "Determines if hidden fields are exported with a dashboard.", - "title": "ExportWithHiddenFieldsOption" + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.HistogramFieldWells", + "markdownDescription": "The field well configuration of a histogram.", + "title": "FieldWells" }, - "SheetControlsOption": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlsOption", - "markdownDescription": "Sheet controls option.", - "title": "SheetControlsOption" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" }, - "SheetLayoutElementMaximizationOption": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetLayoutElementMaximizationOption", - "markdownDescription": "The sheet layout maximization options of a dashbaord.", - "title": "SheetLayoutElementMaximizationOption" + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", + "markdownDescription": "The tooltip configuration of a histogram.", + "title": "Tooltip" }, - "VisualAxisSortOption": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualAxisSortOption", - "markdownDescription": "The axis sort options of a dashboard.", - "title": "VisualAxisSortOption" + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", + "markdownDescription": "The visual palette configuration of a histogram.", + "title": "VisualPalette" }, - "VisualMenuOption": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualMenuOption", - "markdownDescription": "The menu options of a visual in a dashboard.", - "title": "VisualMenuOption" + "XAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the x-axis.", + "title": "XAxisDisplayOptions" }, - "VisualPublishOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DashboardVisualPublishOptions", - "markdownDescription": "The visual publish options of a visual in a dashboard.", - "title": "VisualPublishOptions" + "XAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the x-axis label.", + "title": "XAxisLabelOptions" + }, + "YAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the y-axis.", + "title": "YAxisDisplayOptions" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DashboardSourceEntity": { + "AWS::QuickSight::Dashboard.HistogramFieldWells": { "additionalProperties": false, "properties": { - "SourceTemplate": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DashboardSourceTemplate", - "markdownDescription": "Source template.", - "title": "SourceTemplate" + "HistogramAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.HistogramAggregatedFieldWells", + "markdownDescription": "The field well configuration of a histogram.", + "title": "HistogramAggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DashboardSourceTemplate": { + "AWS::QuickSight::Dashboard.HistogramVisual": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", - "title": "Arn", - "type": "string" - }, - "DataSetReferences": { + "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataSetReference" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" }, - "markdownDescription": "Dataset references.", - "title": "DataSetReferences", + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.HistogramConfiguration", + "markdownDescription": "The configuration for a `HistogramVisual` .", + "title": "ChartConfiguration" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" } }, "required": [ - "Arn", - "DataSetReferences" + "VisualId" ], "type": "object" }, - "AWS::QuickSight::Dashboard.DashboardVersion": { + "AWS::QuickSight::Dashboard.ImageCustomAction": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", - "title": "Arn", - "type": "string" - }, - "CreatedTime": { - "markdownDescription": "The time that this dashboard version was created.", - "title": "CreatedTime", - "type": "string" - }, - "DataSetArns": { + "ActionOperations": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ImageCustomActionOperation" }, - "markdownDescription": "The Amazon Resource Numbers (ARNs) for the datasets that are associated with this version of the dashboard.", - "title": "DataSetArns", + "markdownDescription": "A list of `ImageCustomActionOperations` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", + "title": "ActionOperations", "type": "array" }, - "Description": { - "markdownDescription": "Description.", - "title": "Description", + "CustomActionId": { + "markdownDescription": "The ID of the custom action.", + "title": "CustomActionId", "type": "string" }, - "Errors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DashboardError" - }, - "markdownDescription": "Errors associated with this dashboard version.", - "title": "Errors", - "type": "array" - }, - "Sheets": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.Sheet" - }, - "markdownDescription": "A list of the associated sheets with the unique identifier and name of each sheet.", - "title": "Sheets", - "type": "array" - }, - "SourceEntityArn": { - "markdownDescription": "Source entity ARN.", - "title": "SourceEntityArn", + "Name": { + "markdownDescription": "The name of the custom action.", + "title": "Name", "type": "string" }, "Status": { - "markdownDescription": "The HTTP status of the request.", + "markdownDescription": "The status of the custom action.", "title": "Status", "type": "string" }, - "ThemeArn": { - "markdownDescription": "The ARN of the theme associated with a version of the dashboard.", - "title": "ThemeArn", + "Trigger": { + "markdownDescription": "The trigger of the `VisualCustomAction` .\n\nValid values are defined as follows:\n\n- `CLICK` : Initiates a custom action by a left pointer click on a data point.\n- `MENU` : Initiates a custom action by right pointer click from the menu.", + "title": "Trigger", "type": "string" - }, - "VersionNumber": { - "markdownDescription": "Version number for this version of the dashboard.", - "title": "VersionNumber", - "type": "number" } }, + "required": [ + "ActionOperations", + "CustomActionId", + "Name", + "Trigger" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.DashboardVersionDefinition": { + "AWS::QuickSight::Dashboard.ImageCustomActionOperation": { "additionalProperties": false, "properties": { - "AnalysisDefaults": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AnalysisDefaults", + "NavigationOperation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionNavigationOperation", "markdownDescription": "", - "title": "AnalysisDefaults" - }, - "CalculatedFields": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CalculatedField" - }, - "markdownDescription": "An array of calculated field definitions for the dashboard.", - "title": "CalculatedFields", - "type": "array" - }, - "ColumnConfigurations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnConfiguration" - }, - "markdownDescription": "An array of dashboard-level column configurations. Column configurations are used to set the default formatting for a column that is used throughout a dashboard.", - "title": "ColumnConfigurations", - "type": "array" - }, - "DataSetIdentifierDeclarations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataSetIdentifierDeclaration" - }, - "markdownDescription": "An array of dataset identifier declarations. With this mapping,you can use dataset identifiers instead of dataset Amazon Resource Names (ARNs) throughout the dashboard's sub-structures.", - "title": "DataSetIdentifierDeclarations", - "type": "array" - }, - "FilterGroups": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterGroup" - }, - "markdownDescription": "The filter definitions for a dashboard.\n\nFor more information, see [Filtering Data in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/adding-a-filter.html) in the *Amazon QuickSight User Guide* .", - "title": "FilterGroups", - "type": "array" - }, - "Options": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AssetOptions", - "markdownDescription": "An array of option definitions for a dashboard.", - "title": "Options" + "title": "NavigationOperation" }, - "ParameterDeclarations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterDeclaration" - }, - "markdownDescription": "The parameter declarations for a dashboard. Parameters are named variables that can transfer a value for use by an action or an object.\n\nFor more information, see [Parameters in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-in-quicksight.html) in the *Amazon QuickSight User Guide* .", - "title": "ParameterDeclarations", - "type": "array" + "SetParametersOperation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionSetParametersOperation", + "markdownDescription": "", + "title": "SetParametersOperation" }, - "Sheets": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetDefinition" - }, - "markdownDescription": "An array of sheet definitions for a dashboard.", - "title": "Sheets", - "type": "array" + "URLOperation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionURLOperation", + "markdownDescription": "", + "title": "URLOperation" } }, - "required": [ - "DataSetIdentifierDeclarations" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.DashboardVisualPublishOptions": { + "AWS::QuickSight::Dashboard.ImageInteractionOptions": { "additionalProperties": false, "properties": { - "ExportHiddenFieldsOption": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ExportHiddenFieldsOption", - "markdownDescription": "Determines if hidden fields are included in an exported dashboard.", - "title": "ExportHiddenFieldsOption" + "ImageMenuOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ImageMenuOption", + "markdownDescription": "The menu options for the image.", + "title": "ImageMenuOption" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DataBarsOptions": { + "AWS::QuickSight::Dashboard.ImageMenuOption": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID for the data bars options.", - "title": "FieldId", - "type": "string" - }, - "NegativeColor": { - "markdownDescription": "The color of the negative data bar.", - "title": "NegativeColor", + "AvailabilityStatus": { + "markdownDescription": "The availability status of the image menu. If the value of this property is set to `ENABLED` , dashboard readers can interact with the image menu.", + "title": "AvailabilityStatus", "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ImageStaticFile": { + "additionalProperties": false, + "properties": { + "Source": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.StaticFileSource", + "markdownDescription": "The source of the image static file.", + "title": "Source" }, - "PositiveColor": { - "markdownDescription": "The color of the positive data bar.", - "title": "PositiveColor", + "StaticFileId": { + "markdownDescription": "The ID of the static file that contains an image.", + "title": "StaticFileId", "type": "string" } }, "required": [ - "FieldId" + "StaticFileId" ], "type": "object" }, - "AWS::QuickSight::Dashboard.DataColor": { + "AWS::QuickSight::Dashboard.InnerFilter": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The color that is applied to the data value.", - "title": "Color", - "type": "string" - }, - "DataValue": { - "markdownDescription": "The data value that the color is applied to.", - "title": "DataValue", - "type": "number" + "CategoryInnerFilter": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CategoryInnerFilter", + "markdownDescription": "A `CategoryInnerFilter` filters text values for the `NestedFilter` .", + "title": "CategoryInnerFilter" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DataFieldSeriesItem": { + "AWS::QuickSight::Dashboard.InsightConfiguration": { "additionalProperties": false, "properties": { - "AxisBinding": { - "markdownDescription": "The axis that you are binding the field to.", - "title": "AxisBinding", - "type": "string" - }, - "FieldId": { - "markdownDescription": "The field ID of the field that you are setting the axis binding to.", - "title": "FieldId", - "type": "string" + "Computations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.Computation" + }, + "markdownDescription": "The computations configurations of the insight visual", + "title": "Computations", + "type": "array" }, - "FieldValue": { - "markdownDescription": "The field value of the field that you are setting the axis binding to.", - "title": "FieldValue", - "type": "string" + "CustomNarrative": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomNarrativeOptions", + "markdownDescription": "The custom narrative of the insight visual.", + "title": "CustomNarrative" }, - "Settings": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartSeriesSettings", - "markdownDescription": "The options that determine the presentation of line series associated to the field.", - "title": "Settings" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" } }, - "required": [ - "AxisBinding", - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.DataLabelOptions": { + "AWS::QuickSight::Dashboard.InsightVisual": { "additionalProperties": false, "properties": { - "CategoryLabelVisibility": { - "markdownDescription": "Determines the visibility of the category field labels.", - "title": "CategoryLabelVisibility", - "type": "string" - }, - "DataLabelTypes": { + "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelType" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" }, - "markdownDescription": "The option that determines the data label type.", - "title": "DataLabelTypes", + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", "type": "array" }, - "LabelColor": { - "markdownDescription": "Determines the color of the data labels.", - "title": "LabelColor", - "type": "string" - }, - "LabelContent": { - "markdownDescription": "Determines the content of the data labels.", - "title": "LabelContent", + "DataSetIdentifier": { + "markdownDescription": "The dataset that is used in the insight visual.", + "title": "DataSetIdentifier", "type": "string" }, - "LabelFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", - "markdownDescription": "Determines the font configuration of the data labels.", - "title": "LabelFontConfiguration" - }, - "MeasureLabelVisibility": { - "markdownDescription": "Determines the visibility of the measure field labels.", - "title": "MeasureLabelVisibility", - "type": "string" + "InsightConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.InsightConfiguration", + "markdownDescription": "The configuration of an insight visual.", + "title": "InsightConfiguration" }, - "Overlap": { - "markdownDescription": "Determines whether overlap is enabled or disabled for the data labels.", - "title": "Overlap", - "type": "string" + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" }, - "Position": { - "markdownDescription": "Determines the position of the data labels.", - "title": "Position", - "type": "string" + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" }, - "TotalsVisibility": { - "markdownDescription": "Determines the visibility of the total.", - "title": "TotalsVisibility", + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", "type": "string" }, - "Visibility": { - "markdownDescription": "Determines the visibility of the data labels.", - "title": "Visibility", + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", "type": "string" } }, + "required": [ + "DataSetIdentifier", + "VisualId" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.DataLabelType": { + "AWS::QuickSight::Dashboard.IntegerDefaultValues": { "additionalProperties": false, "properties": { - "DataPathLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathLabelType", - "markdownDescription": "The option that specifies individual data values for labels.", - "title": "DataPathLabelType" - }, - "FieldLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldLabelType", - "markdownDescription": "Determines the label configuration for the entire field.", - "title": "FieldLabelType" - }, - "MaximumLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MaximumLabelType", - "markdownDescription": "Determines the label configuration for the maximum value in a visual.", - "title": "MaximumLabelType" - }, - "MinimumLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MinimumLabelType", - "markdownDescription": "Determines the label configuration for the minimum value in a visual.", - "title": "MinimumLabelType" + "DynamicValue": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DynamicDefaultValue", + "markdownDescription": "The dynamic value of the `IntegerDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", + "title": "DynamicValue" }, - "RangeEndsLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RangeEndsLabelType", - "markdownDescription": "Determines the label configuration for range end value in a visual.", - "title": "RangeEndsLabelType" + "StaticValues": { + "items": { + "type": "number" + }, + "markdownDescription": "The static values of the `IntegerDefaultValues` .", + "title": "StaticValues", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DataPathColor": { + "AWS::QuickSight::Dashboard.IntegerParameter": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The color that needs to be applied to the element.", - "title": "Color", + "Name": { + "markdownDescription": "The name of the integer parameter.", + "title": "Name", "type": "string" }, - "Element": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathValue", - "markdownDescription": "The element that the color needs to be applied to.", - "title": "Element" - }, - "TimeGranularity": { - "markdownDescription": "The time granularity of the field that the color needs to be applied to.", - "title": "TimeGranularity", - "type": "string" + "Values": { + "items": { + "type": "number" + }, + "markdownDescription": "The values for the integer parameter.", + "title": "Values", + "type": "array" } }, "required": [ - "Color", - "Element" + "Name", + "Values" ], "type": "object" }, - "AWS::QuickSight::Dashboard.DataPathLabelType": { + "AWS::QuickSight::Dashboard.IntegerParameterDeclaration": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID of the field that the data label needs to be applied to.", - "title": "FieldId", - "type": "string" + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.IntegerDefaultValues", + "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", + "title": "DefaultValues" }, - "FieldValue": { - "markdownDescription": "The actual value of the field that is labeled.", - "title": "FieldValue", - "type": "string" + "MappedDataSetParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MappedDataSetParameter" + }, + "markdownDescription": "", + "title": "MappedDataSetParameters", + "type": "array" }, - "Visibility": { - "markdownDescription": "The visibility of the data label.", - "title": "Visibility", + "Name": { + "markdownDescription": "The name of the parameter that is being declared.", + "title": "Name", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.DataPathSort": { - "additionalProperties": false, - "properties": { - "Direction": { - "markdownDescription": "Determines the sort direction.", - "title": "Direction", + }, + "ParameterValueType": { + "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", + "title": "ParameterValueType", "type": "string" }, - "SortPaths": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathValue" - }, - "markdownDescription": "The list of data paths that need to be sorted.", - "title": "SortPaths", - "type": "array" + "ValueWhenUnset": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.IntegerValueWhenUnsetConfiguration", + "markdownDescription": "A parameter declaration for the `Integer` data type.", + "title": "ValueWhenUnset" } }, "required": [ - "Direction", - "SortPaths" + "Name", + "ParameterValueType" ], "type": "object" }, - "AWS::QuickSight::Dashboard.DataPathType": { + "AWS::QuickSight::Dashboard.IntegerValueWhenUnsetConfiguration": { "additionalProperties": false, "properties": { - "PivotTableDataPathType": { - "markdownDescription": "The type of data path value utilized in a pivot table. Choose one of the following options:\n\n- `HIERARCHY_ROWS_LAYOUT_COLUMN` - The type of data path for the rows layout column, when `RowsLayout` is set to `HIERARCHY` .\n- `MULTIPLE_ROW_METRICS_COLUMN` - The type of data path for the metric column when the row is set to Metric Placement.\n- `EMPTY_COLUMN_HEADER` - The type of data path for the column with empty column header, when there is no field in `ColumnsFieldWell` and the row is set to Metric Placement.\n- `COUNT_METRIC_COLUMN` - The type of data path for the column with `COUNT` as the metric, when there is no field in the `ValuesFieldWell` .", - "title": "PivotTableDataPathType", + "CustomValue": { + "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", + "title": "CustomValue", + "type": "number" + }, + "ValueWhenUnsetOption": { + "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", + "title": "ValueWhenUnsetOption", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DataPathValue": { + "AWS::QuickSight::Dashboard.ItemsLimitConfiguration": { "additionalProperties": false, "properties": { - "DataPathType": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathType", - "markdownDescription": "The type configuration of the field.", - "title": "DataPathType" - }, - "FieldId": { - "markdownDescription": "The field ID of the field that needs to be sorted.", - "title": "FieldId", - "type": "string" + "ItemsLimit": { + "markdownDescription": "The limit on how many items of a field are showed in the chart. For example, the number of slices that are displayed in a pie chart.", + "title": "ItemsLimit", + "type": "number" }, - "FieldValue": { - "markdownDescription": "The actual value of the field that needs to be sorted.", - "title": "FieldValue", + "OtherCategories": { + "markdownDescription": "The `Show other` of an axis in the chart. Choose one of the following options:\n\n- `INCLUDE`\n- `EXCLUDE`", + "title": "OtherCategories", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DataPointDrillUpDownOption": { + "AWS::QuickSight::Dashboard.KPIActualValueConditionalFormatting": { "additionalProperties": false, "properties": { - "AvailabilityStatus": { - "markdownDescription": "The status of the drill down options of data points.", - "title": "AvailabilityStatus", - "type": "string" + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting of the actual value's icon.", + "title": "Icon" + }, + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the actual value's text color.", + "title": "TextColor" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DataPointMenuLabelOption": { + "AWS::QuickSight::Dashboard.KPIComparisonValueConditionalFormatting": { "additionalProperties": false, "properties": { - "AvailabilityStatus": { - "markdownDescription": "The status of the data point menu options.", - "title": "AvailabilityStatus", - "type": "string" + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting of the comparison value's icon.", + "title": "Icon" + }, + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the comparison value's text color.", + "title": "TextColor" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DataPointTooltipOption": { + "AWS::QuickSight::Dashboard.KPIConditionalFormatting": { "additionalProperties": false, "properties": { - "AvailabilityStatus": { - "markdownDescription": "The status of the data point tool tip options.", - "title": "AvailabilityStatus", - "type": "string" + "ConditionalFormattingOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIConditionalFormattingOption" + }, + "markdownDescription": "The conditional formatting options of a KPI visual.", + "title": "ConditionalFormattingOptions", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DataSetIdentifierDeclaration": { + "AWS::QuickSight::Dashboard.KPIConditionalFormattingOption": { "additionalProperties": false, "properties": { - "DataSetArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the data set.", - "title": "DataSetArn", - "type": "string" + "ActualValue": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIActualValueConditionalFormatting", + "markdownDescription": "The conditional formatting for the actual value of a KPI visual.", + "title": "ActualValue" }, - "Identifier": { - "markdownDescription": "The identifier of the data set, typically the data set's name.", - "title": "Identifier", - "type": "string" + "ComparisonValue": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIComparisonValueConditionalFormatting", + "markdownDescription": "The conditional formatting for the comparison value of a KPI visual.", + "title": "ComparisonValue" + }, + "PrimaryValue": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIPrimaryValueConditionalFormatting", + "markdownDescription": "The conditional formatting for the primary value of a KPI visual.", + "title": "PrimaryValue" + }, + "ProgressBar": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIProgressBarConditionalFormatting", + "markdownDescription": "The conditional formatting for the progress bar of a KPI visual.", + "title": "ProgressBar" } }, - "required": [ - "DataSetArn", - "Identifier" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.DataSetReference": { + "AWS::QuickSight::Dashboard.KPIConfiguration": { "additionalProperties": false, "properties": { - "DataSetArn": { - "markdownDescription": "Dataset Amazon Resource Name (ARN).", - "title": "DataSetArn", - "type": "string" + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIFieldWells", + "markdownDescription": "The field well configuration of a KPI visual.", + "title": "FieldWells" }, - "DataSetPlaceholder": { - "markdownDescription": "Dataset placeholder.", - "title": "DataSetPlaceholder", - "type": "string" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "KPIOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIOptions", + "markdownDescription": "The options that determine the presentation of a KPI visual.", + "title": "KPIOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPISortConfiguration", + "markdownDescription": "The sort configuration of a KPI visual.", + "title": "SortConfiguration" } }, - "required": [ - "DataSetArn", - "DataSetPlaceholder" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.DateAxisOptions": { + "AWS::QuickSight::Dashboard.KPIFieldWells": { "additionalProperties": false, "properties": { - "MissingDateVisibility": { - "markdownDescription": "Determines whether or not missing dates are displayed.", - "title": "MissingDateVisibility", - "type": "string" + "TargetValues": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The target value field wells of a KPI visual.", + "title": "TargetValues", + "type": "array" + }, + "TrendGroups": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The trend group field wells of a KPI visual.", + "title": "TrendGroups", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The value field wells of a KPI visual.", + "title": "Values", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DateDimensionField": { + "AWS::QuickSight::Dashboard.KPIOptions": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that is used in the `DateDimensionField` .", - "title": "Column" + "Comparison": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComparisonConfiguration", + "markdownDescription": "The comparison configuration of a KPI visual.", + "title": "Comparison" }, - "DateGranularity": { - "markdownDescription": "The date granularity of the `DateDimensionField` . Choose one of the following options:\n\n- `YEAR`\n- `QUARTER`\n- `MONTH`\n- `WEEK`\n- `DAY`\n- `HOUR`\n- `MINUTE`\n- `SECOND`\n- `MILLISECOND`", - "title": "DateGranularity", + "PrimaryValueDisplayType": { + "markdownDescription": "The options that determine the primary value display type.", + "title": "PrimaryValueDisplayType", "type": "string" }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", - "type": "string" + "PrimaryValueFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", + "markdownDescription": "The options that determine the primary value font configuration.", + "title": "PrimaryValueFontConfiguration" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" + "ProgressBar": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ProgressBarOptions", + "markdownDescription": "The options that determine the presentation of the progress bar of a KPI visual.", + "title": "ProgressBar" }, - "HierarchyId": { - "markdownDescription": "The custom hierarchy ID.", - "title": "HierarchyId", - "type": "string" + "SecondaryValue": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SecondaryValueOptions", + "markdownDescription": "The options that determine the presentation of the secondary value of a KPI visual.", + "title": "SecondaryValue" + }, + "SecondaryValueFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", + "markdownDescription": "The options that determine the secondary value font configuration.", + "title": "SecondaryValueFontConfiguration" + }, + "Sparkline": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPISparklineOptions", + "markdownDescription": "The options that determine the visibility, color, type, and tooltip visibility of the sparkline of a KPI visual.", + "title": "Sparkline" + }, + "TrendArrows": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TrendArrowOptions", + "markdownDescription": "The options that determine the presentation of trend arrows in a KPI visual.", + "title": "TrendArrows" + }, + "VisualLayoutOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIVisualLayoutOptions", + "markdownDescription": "The options that determine the layout a KPI visual.", + "title": "VisualLayoutOptions" } }, - "required": [ - "Column", - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.DateMeasureField": { + "AWS::QuickSight::Dashboard.KPIPrimaryValueConditionalFormatting": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "markdownDescription": "The aggregation function of the measure field.", - "title": "AggregationFunction", - "type": "string" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that is used in the `DateMeasureField` .", - "title": "Column" - }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", - "type": "string" + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting of the primary value's icon.", + "title": "Icon" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the primary value's text color.", + "title": "TextColor" } }, - "required": [ - "Column", - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.DateTimeDefaultValues": { + "AWS::QuickSight::Dashboard.KPIProgressBarConditionalFormatting": { "additionalProperties": false, "properties": { - "DynamicValue": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DynamicDefaultValue", - "markdownDescription": "The dynamic value of the `DataTimeDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", - "title": "DynamicValue" - }, - "RollingDate": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RollingDateConfiguration", - "markdownDescription": "The rolling date of the `DataTimeDefaultValues` . The date is determined from the dataset based on input expression.", - "title": "RollingDate" - }, - "StaticValues": { + "ForegroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the progress bar's foreground color.", + "title": "ForegroundColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.KPISortConfiguration": { + "additionalProperties": false, + "properties": { + "TrendGroupSort": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" }, - "markdownDescription": "The static values of the `DataTimeDefaultValues` .", - "title": "StaticValues", + "markdownDescription": "The sort configuration of the trend group fields.", + "title": "TrendGroupSort", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DateTimeFormatConfiguration": { + "AWS::QuickSight::Dashboard.KPISparklineOptions": { "additionalProperties": false, "properties": { - "DateTimeFormat": { - "markdownDescription": "Determines the `DateTime` format.", - "title": "DateTimeFormat", + "Color": { + "markdownDescription": "The color of the sparkline.", + "title": "Color", "type": "string" }, - "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NullValueFormatConfiguration", - "markdownDescription": "The options that determine the null value format configuration.", - "title": "NullValueFormatConfiguration" + "TooltipVisibility": { + "markdownDescription": "The tooltip visibility of the sparkline.", + "title": "TooltipVisibility", + "type": "string" }, - "NumericFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericFormatConfiguration", - "markdownDescription": "The formatting configuration for numeric `DateTime` fields.", - "title": "NumericFormatConfiguration" + "Type": { + "markdownDescription": "The type of the sparkline.", + "title": "Type", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the sparkline.", + "title": "Visibility", + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.DateTimeHierarchy": { + "AWS::QuickSight::Dashboard.KPIVisual": { "additionalProperties": false, "properties": { - "DrillDownFilters": { + "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DrillDownFilter" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" }, - "markdownDescription": "The option that determines the drill down filters for the `DateTime` hierarchy.", - "title": "DrillDownFilters", + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", "type": "array" }, - "HierarchyId": { - "markdownDescription": "The hierarchy ID of the `DateTime` hierarchy.", - "title": "HierarchyId", + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIConfiguration", + "markdownDescription": "The configuration of a KPI visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "ConditionalFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIConditionalFormatting", + "markdownDescription": "The conditional formatting of a KPI visual.", + "title": "ConditionalFormatting" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", "type": "string" } }, "required": [ - "HierarchyId" + "VisualId" ], "type": "object" }, - "AWS::QuickSight::Dashboard.DateTimeParameter": { + "AWS::QuickSight::Dashboard.KPIVisualLayoutOptions": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "A display name for the date-time parameter.", - "title": "Name", + "StandardLayout": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIVisualStandardLayout", + "markdownDescription": "The standard layout of the KPI visual.", + "title": "StandardLayout" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.KPIVisualStandardLayout": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "The standard layout type.", + "title": "Type", "type": "string" - }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The values for the date-time parameter.", - "title": "Values", - "type": "array" } }, "required": [ - "Name", - "Values" + "Type" ], "type": "object" }, - "AWS::QuickSight::Dashboard.DateTimeParameterDeclaration": { + "AWS::QuickSight::Dashboard.LabelOptions": { "additionalProperties": false, "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeDefaultValues", - "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", - "title": "DefaultValues" + "CustomLabel": { + "markdownDescription": "The text for the label.", + "title": "CustomLabel", + "type": "string" }, - "MappedDataSetParameters": { + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", + "markdownDescription": "The font configuration of the label.", + "title": "FontConfiguration" + }, + "Visibility": { + "markdownDescription": "Determines whether or not the label is visible.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.LayerCustomAction": { + "additionalProperties": false, + "properties": { + "ActionOperations": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MappedDataSetParameter" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LayerCustomActionOperation" }, - "markdownDescription": "", - "title": "MappedDataSetParameters", + "markdownDescription": "A list of `LayerCustomActionOperations` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", + "title": "ActionOperations", "type": "array" }, + "CustomActionId": { + "markdownDescription": "The ID of the custom action.", + "title": "CustomActionId", + "type": "string" + }, "Name": { - "markdownDescription": "The name of the parameter that is being declared.", + "markdownDescription": "The name of the custom action.", "title": "Name", "type": "string" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", + "Status": { + "markdownDescription": "The status of the `LayerCustomAction` .", + "title": "Status", "type": "string" }, - "ValueWhenUnset": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeValueWhenUnsetConfiguration", - "markdownDescription": "The configuration that defines the default value of a `DateTime` parameter when a value has not been set.", - "title": "ValueWhenUnset" + "Trigger": { + "markdownDescription": "The trigger of the `LayerCustomAction` .\n\nValid values are defined as follows:\n\n- `DATA_POINT_CLICK` : Initiates a custom action by a left pointer click on a data point.\n- `DATA_POINT_MENU` : Initiates a custom action by right pointer click from the menu.", + "title": "Trigger", + "type": "string" } }, "required": [ - "Name" + "ActionOperations", + "CustomActionId", + "Name", + "Trigger" ], "type": "object" }, - "AWS::QuickSight::Dashboard.DateTimePickerControlDisplayOptions": { + "AWS::QuickSight::Dashboard.LayerCustomActionOperation": { "additionalProperties": false, "properties": { - "DateTimeFormat": { - "markdownDescription": "Customize how dates are formatted in controls.", - "title": "DateTimeFormat", - "type": "string" + "FilterOperation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionFilterOperation", + "markdownDescription": "", + "title": "FilterOperation" }, - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" + "NavigationOperation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionNavigationOperation", + "markdownDescription": "", + "title": "NavigationOperation" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" + "SetParametersOperation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionSetParametersOperation", + "markdownDescription": "", + "title": "SetParametersOperation" + }, + "URLOperation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionURLOperation", + "markdownDescription": "", + "title": "URLOperation" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DateTimeValueWhenUnsetConfiguration": { + "AWS::QuickSight::Dashboard.LayerMapVisual": { "additionalProperties": false, "properties": { - "CustomValue": { - "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", - "title": "CustomValue", + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialLayerMapConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "DataSetIdentifier": { + "markdownDescription": "The dataset that is used to create the layer map visual. You can't create a visual without a dataset.", + "title": "DataSetIdentifier", "type": "string" }, - "ValueWhenUnsetOption": { - "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", - "title": "ValueWhenUnsetOption", + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The ID of the visual.", + "title": "VisualId", "type": "string" } }, + "required": [ + "DataSetIdentifier", + "VisualId" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.DecimalDefaultValues": { + "AWS::QuickSight::Dashboard.Layout": { "additionalProperties": false, "properties": { - "DynamicValue": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DynamicDefaultValue", - "markdownDescription": "The dynamic value of the `DecimalDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", - "title": "DynamicValue" + "Configuration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LayoutConfiguration", + "markdownDescription": "The configuration that determines what the type of layout for a sheet.", + "title": "Configuration" + } + }, + "required": [ + "Configuration" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.LayoutConfiguration": { + "additionalProperties": false, + "properties": { + "FreeFormLayout": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutConfiguration", + "markdownDescription": "A free-form is optimized for a fixed width and has more control over the exact placement of layout elements.", + "title": "FreeFormLayout" }, - "StaticValues": { - "items": { - "type": "number" - }, - "markdownDescription": "The static values of the `DecimalDefaultValues` .", - "title": "StaticValues", - "type": "array" + "GridLayout": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GridLayoutConfiguration", + "markdownDescription": "A type of layout that can be used on a sheet. In a grid layout, visuals snap to a grid with standard spacing and alignment. Dashboards are displayed as designed, with options to fit to screen or view at actual size. A grid layout can be configured to behave in one of two ways when the viewport is resized: `FIXED` or `RESPONSIVE` .", + "title": "GridLayout" + }, + "SectionBasedLayout": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionBasedLayoutConfiguration", + "markdownDescription": "A section based layout organizes visuals into multiple sections and has customized header, footer and page break.", + "title": "SectionBasedLayout" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DecimalParameter": { + "AWS::QuickSight::Dashboard.LegendOptions": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "A display name for the decimal parameter.", - "title": "Name", + "Height": { + "markdownDescription": "The height of the legend. If this value is omitted, a default height is used when rendering.", + "title": "Height", + "type": "string" + }, + "Position": { + "markdownDescription": "The positions for the legend. Choose one of the following options:\n\n- `AUTO`\n- `RIGHT`\n- `BOTTOM`\n- `LEFT`", + "title": "Position", + "type": "string" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", + "markdownDescription": "The custom title for the legend.", + "title": "Title" + }, + "ValueFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", + "markdownDescription": "", + "title": "ValueFontConfiguration" + }, + "Visibility": { + "markdownDescription": "Determines whether or not the legend is visible.", + "title": "Visibility", + "type": "string" + }, + "Width": { + "markdownDescription": "The width of the legend. If this value is omitted, a default width is used when rendering.", + "title": "Width", "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.LineChartAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The category field wells of a line chart. Values are grouped by category fields.", + "title": "Category", + "type": "array" + }, + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The color field wells of a line chart. Values are grouped by category fields.", + "title": "Colors", + "type": "array" + }, + "SmallMultiples": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The small multiples field well of a line chart.", + "title": "SmallMultiples", + "type": "array" }, "Values": { "items": { - "type": "number" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" }, - "markdownDescription": "The values for the decimal parameter.", + "markdownDescription": "The value field wells of a line chart. Values are aggregated based on categories.", "title": "Values", "type": "array" } }, - "required": [ - "Name", - "Values" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.DecimalParameterDeclaration": { + "AWS::QuickSight::Dashboard.LineChartConfiguration": { "additionalProperties": false, "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalDefaultValues", - "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", - "title": "DefaultValues" + "ContributionAnalysisDefaults": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ContributionAnalysisDefault" + }, + "markdownDescription": "The default configuration of a line chart's contribution analysis.", + "title": "ContributionAnalysisDefaults", + "type": "array" }, - "MappedDataSetParameters": { + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", + "markdownDescription": "The data label configuration of a line chart.", + "title": "DataLabels" + }, + "DefaultSeriesSettings": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartDefaultSeriesSettings", + "markdownDescription": "The options that determine the default presentation of all line series in `LineChartVisual` .", + "title": "DefaultSeriesSettings" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartFieldWells", + "markdownDescription": "The field well configuration of a line chart.", + "title": "FieldWells" + }, + "ForecastConfigurations": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MappedDataSetParameter" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ForecastConfiguration" }, - "markdownDescription": "", - "title": "MappedDataSetParameters", + "markdownDescription": "The forecast configuration of a line chart.", + "title": "ForecastConfigurations", "type": "array" }, - "Name": { - "markdownDescription": "The name of the parameter that is being declared.", - "title": "Name", + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", + "markdownDescription": "The legend configuration of a line chart.", + "title": "Legend" + }, + "PrimaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineSeriesAxisDisplayOptions", + "markdownDescription": "The series axis configuration of a line chart.", + "title": "PrimaryYAxisDisplayOptions" + }, + "PrimaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the y-axis label.", + "title": "PrimaryYAxisLabelOptions" + }, + "ReferenceLines": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLine" + }, + "markdownDescription": "The reference lines configuration of a line chart.", + "title": "ReferenceLines", + "type": "array" + }, + "SecondaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineSeriesAxisDisplayOptions", + "markdownDescription": "The series axis configuration of a line chart.", + "title": "SecondaryYAxisDisplayOptions" + }, + "SecondaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the secondary y-axis label.", + "title": "SecondaryYAxisLabelOptions" + }, + "Series": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SeriesItem" + }, + "markdownDescription": "The series item configuration of a line chart.", + "title": "Series", + "type": "array" + }, + "SingleAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SingleAxisOptions", + "markdownDescription": "", + "title": "SingleAxisOptions" + }, + "SmallMultiplesOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SmallMultiplesOptions", + "markdownDescription": "The small multiples setup for the visual.", + "title": "SmallMultiplesOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartSortConfiguration", + "markdownDescription": "The sort configuration of a line chart.", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", + "markdownDescription": "The tooltip configuration of a line chart.", + "title": "Tooltip" + }, + "Type": { + "markdownDescription": "Determines the type of the line chart.", + "title": "Type", + "type": "string" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", + "markdownDescription": "The visual palette configuration of a line chart.", + "title": "VisualPalette" + }, + "XAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the x-axis.", + "title": "XAxisDisplayOptions" + }, + "XAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the x-axis label.", + "title": "XAxisLabelOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.LineChartDefaultSeriesSettings": { + "additionalProperties": false, + "properties": { + "AxisBinding": { + "markdownDescription": "The axis to which you are binding all line series to.", + "title": "AxisBinding", "type": "string" }, - "ParameterValueType": { - "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", - "title": "ParameterValueType", - "type": "string" + "LineStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartLineStyleSettings", + "markdownDescription": "Line styles options for all line series in the visual.", + "title": "LineStyleSettings" }, - "ValueWhenUnset": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalValueWhenUnsetConfiguration", - "markdownDescription": "The configuration that defines the default value of a `Decimal` parameter when a value has not been set.", - "title": "ValueWhenUnset" + "MarkerStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartMarkerStyleSettings", + "markdownDescription": "Marker styles options for all line series in the visual.", + "title": "MarkerStyleSettings" } }, - "required": [ - "Name", - "ParameterValueType" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.DecimalPlacesConfiguration": { + "AWS::QuickSight::Dashboard.LineChartFieldWells": { "additionalProperties": false, "properties": { - "DecimalPlaces": { - "markdownDescription": "The values of the decimal places.", - "title": "DecimalPlaces", - "type": "number" + "LineChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartAggregatedFieldWells", + "markdownDescription": "The field well configuration of a line chart.", + "title": "LineChartAggregatedFieldWells" } }, - "required": [ - "DecimalPlaces" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.DecimalValueWhenUnsetConfiguration": { + "AWS::QuickSight::Dashboard.LineChartLineStyleSettings": { "additionalProperties": false, "properties": { - "CustomValue": { - "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", - "title": "CustomValue", - "type": "number" + "LineInterpolation": { + "markdownDescription": "Interpolation style for line series.\n\n- `LINEAR` : Show as default, linear style.\n- `SMOOTH` : Show as a smooth curve.\n- `STEPPED` : Show steps in line.", + "title": "LineInterpolation", + "type": "string" }, - "ValueWhenUnsetOption": { - "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", - "title": "ValueWhenUnsetOption", + "LineStyle": { + "markdownDescription": "Line style for line series.\n\n- `SOLID` : Show as a solid line.\n- `DOTTED` : Show as a dotted line.\n- `DASHED` : Show as a dashed line.", + "title": "LineStyle", + "type": "string" + }, + "LineVisibility": { + "markdownDescription": "Configuration option that determines whether to show the line for the series.", + "title": "LineVisibility", + "type": "string" + }, + "LineWidth": { + "markdownDescription": "Width that determines the line thickness.", + "title": "LineWidth", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DefaultDateTimePickerControlOptions": { + "AWS::QuickSight::Dashboard.LineChartMarkerStyleSettings": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimePickerControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "MarkerColor": { + "markdownDescription": "Color of marker in the series.", + "title": "MarkerColor", + "type": "string" }, - "Type": { - "markdownDescription": "The date time picker type of the `DefaultDateTimePickerControlOptions` . Choose one of the following options:\n\n- `SINGLE_VALUED` : The filter condition is a fixed date.\n- `DATE_RANGE` : The filter condition is a date time range.", - "title": "Type", + "MarkerShape": { + "markdownDescription": "Shape option for markers in the series.\n\n- `CIRCLE` : Show marker as a circle.\n- `TRIANGLE` : Show marker as a triangle.\n- `SQUARE` : Show marker as a square.\n- `DIAMOND` : Show marker as a diamond.\n- `ROUNDED_SQUARE` : Show marker as a rounded square.", + "title": "MarkerShape", + "type": "string" + }, + "MarkerSize": { + "markdownDescription": "Size of marker in the series.", + "title": "MarkerSize", + "type": "string" + }, + "MarkerVisibility": { + "markdownDescription": "Configuration option that determines whether to show the markers in the series.", + "title": "MarkerVisibility", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration": { + "AWS::QuickSight::Dashboard.LineChartSeriesSettings": { "additionalProperties": false, "properties": { - "ControlOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlOptions", - "markdownDescription": "The control option for the `DefaultFilterControlConfiguration` .", - "title": "ControlOptions" + "LineStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartLineStyleSettings", + "markdownDescription": "Line styles options for a line series in `LineChartVisual` .", + "title": "LineStyleSettings" }, - "Title": { - "markdownDescription": "The title of the `DefaultFilterControlConfiguration` . This title is shared by all controls that are tied to this filter.", - "title": "Title", - "type": "string" + "MarkerStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartMarkerStyleSettings", + "markdownDescription": "Marker styles options for a line series in `LineChartVisual` .", + "title": "MarkerStyleSettings" } }, - "required": [ - "ControlOptions", - "Title" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.DefaultFilterControlOptions": { + "AWS::QuickSight::Dashboard.LineChartSortConfiguration": { "additionalProperties": false, "properties": { - "DefaultDateTimePickerOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultDateTimePickerControlOptions", - "markdownDescription": "The default options that correspond to the filter control type of a `DateTimePicker` .", - "title": "DefaultDateTimePickerOptions" - }, - "DefaultDropdownOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterDropDownControlOptions", - "markdownDescription": "The default options that correspond to the `Dropdown` filter control type.", - "title": "DefaultDropdownOptions" - }, - "DefaultListOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterListControlOptions", - "markdownDescription": "The default options that correspond to the `List` filter control type.", - "title": "DefaultListOptions" + "CategoryItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of categories that are displayed in a line chart.", + "title": "CategoryItemsLimitConfiguration" }, - "DefaultRelativeDateTimeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultRelativeDateTimeControlOptions", - "markdownDescription": "The default options that correspond to the `RelativeDateTime` filter control type.", - "title": "DefaultRelativeDateTimeOptions" + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the category fields.", + "title": "CategorySort", + "type": "array" }, - "DefaultSliderOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultSliderControlOptions", - "markdownDescription": "The default options that correspond to the `Slider` filter control type.", - "title": "DefaultSliderOptions" + "ColorItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of lines that are displayed in a line chart.", + "title": "ColorItemsLimitConfiguration" }, - "DefaultTextAreaOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultTextAreaControlOptions", - "markdownDescription": "The default options that correspond to the `TextArea` filter control type.", - "title": "DefaultTextAreaOptions" + "SmallMultiplesLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of small multiples panels that are displayed.", + "title": "SmallMultiplesLimitConfiguration" }, - "DefaultTextFieldOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultTextFieldControlOptions", - "markdownDescription": "The default options that correspond to the `TextField` filter control type.", - "title": "DefaultTextFieldOptions" + "SmallMultiplesSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the small multiples field.", + "title": "SmallMultiplesSort", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DefaultFilterDropDownControlOptions": { + "AWS::QuickSight::Dashboard.LineChartVisual": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DropDownControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartConfiguration", + "markdownDescription": "The configuration of a line chart.", + "title": "ChartConfiguration" }, - "Type": { - "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", - "title": "Type", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.DefaultFilterListControlOptions": { - "additionalProperties": false, - "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ListControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" }, - "Type": { - "markdownDescription": "The type of the `DefaultFilterListControlOptions` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list.", - "title": "Type", + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", "type": "string" } }, + "required": [ + "VisualId" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.DefaultFreeFormLayoutConfiguration": { + "AWS::QuickSight::Dashboard.LineSeriesAxisDisplayOptions": { "additionalProperties": false, "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutCanvasSizeOptions", - "markdownDescription": "Determines the screen canvas size options for a free-form layout.", - "title": "CanvasSizeOptions" + "AxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the line series axis.", + "title": "AxisOptions" + }, + "MissingDataConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MissingDataConfiguration" + }, + "markdownDescription": "The configuration options that determine how missing data is treated during the rendering of a line chart.", + "title": "MissingDataConfigurations", + "type": "array" } }, - "required": [ - "CanvasSizeOptions" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.DefaultGridLayoutConfiguration": { + "AWS::QuickSight::Dashboard.LinkSharingConfiguration": { "additionalProperties": false, "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GridLayoutCanvasSizeOptions", - "markdownDescription": "Determines the screen canvas size options for a grid layout.", - "title": "CanvasSizeOptions" + "Permissions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ResourcePermission" + }, + "markdownDescription": "A structure that contains the permissions of a shareable link.", + "title": "Permissions", + "type": "array" } }, - "required": [ - "CanvasSizeOptions" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.DefaultInteractiveLayoutConfiguration": { + "AWS::QuickSight::Dashboard.ListControlDisplayOptions": { "additionalProperties": false, "properties": { - "FreeForm": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFreeFormLayoutConfiguration", - "markdownDescription": "The options that determine the default settings of a free-form layout configuration.", - "title": "FreeForm" + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" }, - "Grid": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultGridLayoutConfiguration", - "markdownDescription": "The options that determine the default settings for a grid layout configuration.", - "title": "Grid" + "SearchOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ListControlSearchOptions", + "markdownDescription": "The configuration of the search options in a list control.", + "title": "SearchOptions" + }, + "SelectAllOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ListControlSelectAllOptions", + "markdownDescription": "The configuration of the `Select all` options in a list control.", + "title": "SelectAllOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DefaultNewSheetConfiguration": { + "AWS::QuickSight::Dashboard.ListControlSearchOptions": { "additionalProperties": false, "properties": { - "InteractiveLayoutConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultInteractiveLayoutConfiguration", - "markdownDescription": "The options that determine the default settings for interactive layout configuration.", - "title": "InteractiveLayoutConfiguration" - }, - "PaginatedLayoutConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultPaginatedLayoutConfiguration", - "markdownDescription": "The options that determine the default settings for a paginated layout configuration.", - "title": "PaginatedLayoutConfiguration" - }, - "SheetContentType": { - "markdownDescription": "The option that determines the sheet content type.", - "title": "SheetContentType", + "Visibility": { + "markdownDescription": "The visibility configuration of the search options in a list control.", + "title": "Visibility", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DefaultPaginatedLayoutConfiguration": { + "AWS::QuickSight::Dashboard.ListControlSelectAllOptions": { "additionalProperties": false, "properties": { - "SectionBased": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultSectionBasedLayoutConfiguration", - "markdownDescription": "The options that determine the default settings for a section-based layout configuration.", - "title": "SectionBased" + "Visibility": { + "markdownDescription": "The visibility configuration of the `Select all` options in a list control.", + "title": "Visibility", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DefaultRelativeDateTimeControlOptions": { + "AWS::QuickSight::Dashboard.LoadingAnimation": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RelativeDateTimeControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "Visibility": { + "markdownDescription": "The visibility configuration of `LoadingAnimation` .", + "title": "Visibility", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DefaultSectionBasedLayoutConfiguration": { + "AWS::QuickSight::Dashboard.LocalNavigationConfiguration": { "additionalProperties": false, "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionBasedLayoutCanvasSizeOptions", - "markdownDescription": "Determines the screen canvas size options for a section-based layout.", - "title": "CanvasSizeOptions" + "TargetSheetId": { + "markdownDescription": "The sheet that is targeted for navigation in the same analysis.", + "title": "TargetSheetId", + "type": "string" } }, "required": [ - "CanvasSizeOptions" + "TargetSheetId" ], "type": "object" }, - "AWS::QuickSight::Dashboard.DefaultSliderControlOptions": { + "AWS::QuickSight::Dashboard.LongFormatText": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SliderControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "MaximumValue": { - "markdownDescription": "The larger value that is displayed at the right of the slider.", - "title": "MaximumValue", - "type": "number" - }, - "MinimumValue": { - "markdownDescription": "The smaller value that is displayed at the left of the slider.", - "title": "MinimumValue", - "type": "number" - }, - "StepSize": { - "markdownDescription": "The number of increments that the slider bar is divided into.", - "title": "StepSize", - "type": "number" + "PlainText": { + "markdownDescription": "Plain text format.", + "title": "PlainText", + "type": "string" }, - "Type": { - "markdownDescription": "The type of the `DefaultSliderControlOptions` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range.", - "title": "Type", + "RichText": { + "markdownDescription": "Rich text. Examples of rich text include bold, underline, and italics.", + "title": "RichText", "type": "string" } }, - "required": [ - "MaximumValue", - "MinimumValue", - "StepSize" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.DefaultTextAreaControlOptions": { + "AWS::QuickSight::Dashboard.MappedDataSetParameter": { "additionalProperties": false, "properties": { - "Delimiter": { - "markdownDescription": "The delimiter that is used to separate the lines in text.", - "title": "Delimiter", + "DataSetIdentifier": { + "markdownDescription": "A unique name that identifies a dataset within the analysis or dashboard.", + "title": "DataSetIdentifier", "type": "string" }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextAreaControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "DataSetParameterName": { + "markdownDescription": "The name of the dataset parameter.", + "title": "DataSetParameterName", + "type": "string" } }, + "required": [ + "DataSetIdentifier", + "DataSetParameterName" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.DefaultTextFieldControlOptions": { + "AWS::QuickSight::Dashboard.MaximumLabelType": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextFieldControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "Visibility": { + "markdownDescription": "The visibility of the maximum label.", + "title": "Visibility", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DestinationParameterValueConfiguration": { + "AWS::QuickSight::Dashboard.MaximumMinimumComputation": { "additionalProperties": false, "properties": { - "CustomValuesConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomValuesConfiguration", - "markdownDescription": "The configuration of custom values for destination parameter in `DestinationParameterValueConfiguration` .", - "title": "CustomValuesConfiguration" + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" }, - "SelectAllValueOptions": { - "markdownDescription": "The configuration that selects all options.", - "title": "SelectAllValueOptions", + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", "type": "string" }, - "SourceColumn": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "A column of a data set.", - "title": "SourceColumn" + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" }, - "SourceField": { - "markdownDescription": "The source field ID of the destination parameter.", - "title": "SourceField", + "Type": { + "markdownDescription": "The type of computation. Choose one of the following options:\n\n- MAXIMUM: A maximum computation.\n- MINIMUM: A minimum computation.", + "title": "Type", "type": "string" }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the destination parameter.", - "title": "SourceParameterName", - "type": "string" + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" } }, + "required": [ + "ComputationId", + "Type" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.DimensionField": { + "AWS::QuickSight::Dashboard.MeasureField": { "additionalProperties": false, "properties": { - "CategoricalDimensionField": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CategoricalDimensionField", - "markdownDescription": "The dimension type field with categorical type columns.", - "title": "CategoricalDimensionField" + "CalculatedMeasureField": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CalculatedMeasureField", + "markdownDescription": "The calculated measure field only used in pivot tables.", + "title": "CalculatedMeasureField" }, - "DateDimensionField": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateDimensionField", - "markdownDescription": "The dimension type field with date type columns.", - "title": "DateDimensionField" + "CategoricalMeasureField": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CategoricalMeasureField", + "markdownDescription": "The measure type field with categorical type columns.", + "title": "CategoricalMeasureField" }, - "NumericalDimensionField": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericalDimensionField", - "markdownDescription": "The dimension type field with numerical type columns.", - "title": "NumericalDimensionField" + "DateMeasureField": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateMeasureField", + "markdownDescription": "The measure type field with date type columns.", + "title": "DateMeasureField" + }, + "NumericalMeasureField": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericalMeasureField", + "markdownDescription": "The measure type field with numerical type columns.", + "title": "NumericalMeasureField" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DonutCenterOptions": { + "AWS::QuickSight::Dashboard.MetricComparisonComputation": { "additionalProperties": false, "properties": { - "LabelVisibility": { - "markdownDescription": "Determines the visibility of the label in a donut chart. In the Amazon QuickSight console, this option is called `'Show total'` .", - "title": "LabelVisibility", + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.DonutOptions": { - "additionalProperties": false, - "properties": { - "ArcOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ArcOptions", - "markdownDescription": "The option for define the arc of the chart shape. Valid values are as follows:\n\n- `WHOLE` - A pie chart\n- `SMALL` - A small-sized donut chart\n- `MEDIUM` - A medium-sized donut chart\n- `LARGE` - A large-sized donut chart", - "title": "ArcOptions" }, - "DonutCenterOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DonutCenterOptions", - "markdownDescription": "The label options of the label that is displayed in the center of a donut chart. This option isn't available for pie charts.", - "title": "DonutCenterOptions" + "FromValue": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", + "markdownDescription": "The field that is used in a metric comparison from value setup.", + "title": "FromValue" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "TargetValue": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", + "markdownDescription": "The field that is used in a metric comparison to value setup.", + "title": "TargetValue" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" } }, + "required": [ + "ComputationId" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.DrillDownFilter": { + "AWS::QuickSight::Dashboard.MinimumLabelType": { "additionalProperties": false, "properties": { - "CategoryFilter": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CategoryDrillDownFilter", - "markdownDescription": "The category type drill down filter. This filter is used for string type columns.", - "title": "CategoryFilter" - }, - "NumericEqualityFilter": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericEqualityDrillDownFilter", - "markdownDescription": "The numeric equality type drill down filter. This filter is used for number type columns.", - "title": "NumericEqualityFilter" - }, - "TimeRangeFilter": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TimeRangeDrillDownFilter", - "markdownDescription": "The time range drill down filter. This filter is used for date time columns.", - "title": "TimeRangeFilter" + "Visibility": { + "markdownDescription": "The visibility of the minimum label.", + "title": "Visibility", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DropDownControlDisplayOptions": { + "AWS::QuickSight::Dashboard.MissingDataConfiguration": { "additionalProperties": false, "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" - }, - "SelectAllOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ListControlSelectAllOptions", - "markdownDescription": "The configuration of the `Select all` options in a dropdown control.", - "title": "SelectAllOptions" - }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" + "TreatmentOption": { + "markdownDescription": "The treatment option that determines how missing data should be rendered. Choose from the following options:\n\n- `INTERPOLATE` : Interpolate missing values between the prior and the next known value.\n- `SHOW_AS_ZERO` : Show missing values as the value `0` .\n- `SHOW_AS_BLANK` : Display a blank space when rendering missing data.", + "title": "TreatmentOption", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DynamicDefaultValue": { + "AWS::QuickSight::Dashboard.NegativeValueConfiguration": { "additionalProperties": false, "properties": { - "DefaultValueColumn": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that contains the default value of each user or group.", - "title": "DefaultValueColumn" - }, - "GroupNameColumn": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that contains the group name.", - "title": "GroupNameColumn" - }, - "UserNameColumn": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that contains the username.", - "title": "UserNameColumn" + "DisplayMode": { + "markdownDescription": "Determines the display mode of the negative value configuration.", + "title": "DisplayMode", + "type": "string" } }, "required": [ - "DefaultValueColumn" + "DisplayMode" ], "type": "object" }, - "AWS::QuickSight::Dashboard.EmptyVisual": { + "AWS::QuickSight::Dashboard.NestedFilter": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" }, - "DataSetIdentifier": { - "markdownDescription": "The data set that is used in the empty visual. Every visual requires a dataset to render.", - "title": "DataSetIdentifier", + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", - "type": "string" + "IncludeInnerSet": { + "markdownDescription": "A boolean condition to include or exclude the subset that is defined by the values of the nested inner filter.", + "title": "IncludeInnerSet", + "type": "boolean" + }, + "InnerFilter": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.InnerFilter", + "markdownDescription": "The `InnerFilter` defines the subset of data to be used with the `NestedFilter` .", + "title": "InnerFilter" } }, "required": [ - "DataSetIdentifier", - "VisualId" + "Column", + "FilterId", + "IncludeInnerSet", + "InnerFilter" ], "type": "object" }, - "AWS::QuickSight::Dashboard.Entity": { + "AWS::QuickSight::Dashboard.NullValueFormatConfiguration": { "additionalProperties": false, "properties": { - "Path": { - "markdownDescription": "The hierarchical path of the entity within the analysis, template, or dashboard definition tree.", - "title": "Path", + "NullString": { + "markdownDescription": "Determines the null string of null values.", + "title": "NullString", "type": "string" } }, + "required": [ + "NullString" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.ExcludePeriodConfiguration": { + "AWS::QuickSight::Dashboard.NumberDisplayFormatConfiguration": { "additionalProperties": false, "properties": { - "Amount": { - "markdownDescription": "The amount or number of the exclude period.", - "title": "Amount", - "type": "number" + "DecimalPlacesConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalPlacesConfiguration", + "markdownDescription": "The option that determines the decimal places configuration.", + "title": "DecimalPlacesConfiguration" }, - "Granularity": { - "markdownDescription": "The granularity or unit (day, month, year) of the exclude period.", - "title": "Granularity", + "NegativeValueConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NegativeValueConfiguration", + "markdownDescription": "The options that determine the negative value configuration.", + "title": "NegativeValueConfiguration" + }, + "NullValueFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NullValueFormatConfiguration", + "markdownDescription": "The options that determine the null value format configuration.", + "title": "NullValueFormatConfiguration" + }, + "NumberScale": { + "markdownDescription": "Determines the number scale value of the number format.", + "title": "NumberScale", "type": "string" }, - "Status": { - "markdownDescription": "The status of the exclude period. Choose from the following options:\n\n- `ENABLED`\n- `DISABLED`", - "title": "Status", + "Prefix": { + "markdownDescription": "Determines the prefix value of the number format.", + "title": "Prefix", "type": "string" - } - }, - "required": [ - "Amount", - "Granularity" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.ExplicitHierarchy": { - "additionalProperties": false, - "properties": { - "Columns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier" - }, - "markdownDescription": "The list of columns that define the explicit hierarchy.", - "title": "Columns", - "type": "array" }, - "DrillDownFilters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DrillDownFilter" - }, - "markdownDescription": "The option that determines the drill down filters for the explicit hierarchy.", - "title": "DrillDownFilters", - "type": "array" + "SeparatorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericSeparatorConfiguration", + "markdownDescription": "The options that determine the numeric separator configuration.", + "title": "SeparatorConfiguration" }, - "HierarchyId": { - "markdownDescription": "The hierarchy ID of the explicit hierarchy.", - "title": "HierarchyId", + "Suffix": { + "markdownDescription": "Determines the suffix value of the number format.", + "title": "Suffix", "type": "string" } }, - "required": [ - "Columns", - "HierarchyId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.ExportHiddenFieldsOption": { + "AWS::QuickSight::Dashboard.NumberFormatConfiguration": { "additionalProperties": false, "properties": { - "AvailabilityStatus": { - "markdownDescription": "The status of the export hidden fields options of a dashbaord.", - "title": "AvailabilityStatus", - "type": "string" + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericFormatConfiguration", + "markdownDescription": "The options that determine the numeric format configuration.", + "title": "FormatConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ExportToCSVOption": { + "AWS::QuickSight::Dashboard.NumericAxisOptions": { "additionalProperties": false, "properties": { - "AvailabilityStatus": { - "markdownDescription": "Availability status.", - "title": "AvailabilityStatus", - "type": "string" + "Range": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayRange", + "markdownDescription": "The range setup of a numeric axis.", + "title": "Range" + }, + "Scale": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisScale", + "markdownDescription": "The scale setup of a numeric axis.", + "title": "Scale" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ExportWithHiddenFieldsOption": { + "AWS::QuickSight::Dashboard.NumericEqualityDrillDownFilter": { "additionalProperties": false, "properties": { - "AvailabilityStatus": { - "markdownDescription": "The status of the export with hidden fields options.", - "title": "AvailabilityStatus", - "type": "string" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "Value": { + "markdownDescription": "The value of the double input numeric drill down filter.", + "title": "Value", + "type": "number" } }, + "required": [ + "Column", + "Value" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.FieldBasedTooltip": { + "AWS::QuickSight::Dashboard.NumericEqualityFilter": { "additionalProperties": false, "properties": { - "AggregationVisibility": { - "markdownDescription": "The visibility of `Show aggregations` .", - "title": "AggregationVisibility", - "type": "string" + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationFunction", + "markdownDescription": "The aggregation function of the filter.", + "title": "AggregationFunction" }, - "TooltipFields": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipItem" - }, - "markdownDescription": "The fields configuration in the tooltip.", - "title": "TooltipFields", - "type": "array" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" }, - "TooltipTitleType": { - "markdownDescription": "The type for the >tooltip title. Choose one of the following options:\n\n- `NONE` : Doesn't use the primary value as the title.\n- `PRIMARY_VALUE` : Uses primary value as the title.", - "title": "TooltipTitleType", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.FieldLabelType": { - "additionalProperties": false, - "properties": { - "FieldId": { - "markdownDescription": "Indicates the field that is targeted by the field label.", - "title": "FieldId", - "type": "string" + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" }, - "Visibility": { - "markdownDescription": "The visibility of the field label.", - "title": "Visibility", + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.FieldSeriesItem": { - "additionalProperties": false, - "properties": { - "AxisBinding": { - "markdownDescription": "The axis that you are binding the field to.", - "title": "AxisBinding", + }, + "MatchOperator": { + "markdownDescription": "The match operator that is used to determine if a filter should be applied.", + "title": "MatchOperator", "type": "string" }, - "FieldId": { - "markdownDescription": "The field ID of the field for which you are setting the axis binding.", - "title": "FieldId", + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", "type": "string" }, - "Settings": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartSeriesSettings", - "markdownDescription": "The options that determine the presentation of line series associated to the field.", - "title": "Settings" - } - }, - "required": [ - "AxisBinding", - "FieldId" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.FieldSort": { - "additionalProperties": false, - "properties": { - "Direction": { - "markdownDescription": "The sort direction. Choose one of the following options:\n\n- `ASC` : Ascending\n- `DESC` : Descending", - "title": "Direction", + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.", + "title": "ParameterName", "type": "string" }, - "FieldId": { - "markdownDescription": "The sort configuration target field.", - "title": "FieldId", + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", "type": "string" + }, + "Value": { + "markdownDescription": "The input value.", + "title": "Value", + "type": "number" } }, "required": [ - "Direction", - "FieldId" + "Column", + "FilterId", + "MatchOperator", + "NullOption" ], "type": "object" }, - "AWS::QuickSight::Dashboard.FieldSortOptions": { + "AWS::QuickSight::Dashboard.NumericFormatConfiguration": { "additionalProperties": false, "properties": { - "ColumnSort": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnSort", - "markdownDescription": "The sort configuration for a column that is not used in a field well.", - "title": "ColumnSort" + "CurrencyDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CurrencyDisplayFormatConfiguration", + "markdownDescription": "The options that determine the currency display format configuration.", + "title": "CurrencyDisplayFormatConfiguration" }, - "FieldSort": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSort", - "markdownDescription": "The sort configuration for a field in a field well.", - "title": "FieldSort" + "NumberDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumberDisplayFormatConfiguration", + "markdownDescription": "The options that determine the number display format configuration.", + "title": "NumberDisplayFormatConfiguration" + }, + "PercentageDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PercentageDisplayFormatConfiguration", + "markdownDescription": "The options that determine the percentage display format configuration.", + "title": "PercentageDisplayFormatConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FieldTooltipItem": { + "AWS::QuickSight::Dashboard.NumericRangeFilter": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The unique ID of the field that is targeted by the tooltip.", - "title": "FieldId", + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationFunction", + "markdownDescription": "The aggregation function of the filter.", + "title": "AggregationFunction" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", "type": "string" }, - "Label": { - "markdownDescription": "The label of the tooltip item.", - "title": "Label", + "IncludeMaximum": { + "markdownDescription": "Determines whether the maximum value in the filter value range should be included in the filtered results.", + "title": "IncludeMaximum", + "type": "boolean" + }, + "IncludeMinimum": { + "markdownDescription": "Determines whether the minimum value in the filter value range should be included in the filtered results.", + "title": "IncludeMinimum", + "type": "boolean" + }, + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the tooltip item.", - "title": "Visibility", + "RangeMaximum": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericRangeFilterValue", + "markdownDescription": "The maximum value for the filter value range.", + "title": "RangeMaximum" + }, + "RangeMinimum": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericRangeFilterValue", + "markdownDescription": "The minimum value for the filter value range.", + "title": "RangeMinimum" + }, + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", "type": "string" } }, "required": [ - "FieldId" + "Column", + "FilterId", + "NullOption" ], "type": "object" }, - "AWS::QuickSight::Dashboard.FilledMapAggregatedFieldWells": { + "AWS::QuickSight::Dashboard.NumericRangeFilterValue": { "additionalProperties": false, "properties": { - "Geospatial": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The aggregated location field well of the filled map. Values are grouped by location fields.", - "title": "Geospatial", - "type": "array" + "Parameter": { + "markdownDescription": "The parameter that is used in the numeric range.", + "title": "Parameter", + "type": "string" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The aggregated color field well of a filled map. Values are aggregated based on location fields.", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.FilledMapConditionalFormatting": { - "additionalProperties": false, - "properties": { - "ConditionalFormattingOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapConditionalFormattingOption" - }, - "markdownDescription": "Conditional formatting options of a `FilledMapVisual` .", - "title": "ConditionalFormattingOptions", - "type": "array" + "StaticValue": { + "markdownDescription": "The static value of the numeric range filter.", + "title": "StaticValue", + "type": "number" } }, - "required": [ - "ConditionalFormattingOptions" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.FilledMapConditionalFormattingOption": { + "AWS::QuickSight::Dashboard.NumericSeparatorConfiguration": { "additionalProperties": false, "properties": { - "Shape": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapShapeConditionalFormatting", - "markdownDescription": "The conditional formatting that determines the shape of the filled map.", - "title": "Shape" + "DecimalSeparator": { + "markdownDescription": "Determines the decimal separator.", + "title": "DecimalSeparator", + "type": "string" + }, + "ThousandsSeparator": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ThousandSeparatorOptions", + "markdownDescription": "The options that determine the thousands separator configuration.", + "title": "ThousandsSeparator" } }, - "required": [ - "Shape" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.FilledMapConfiguration": { + "AWS::QuickSight::Dashboard.NumericalAggregationFunction": { "additionalProperties": false, - "properties": { - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" - }, - "MapStyleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapStyleOptions", - "markdownDescription": "The map style options of the filled map visual.", - "title": "MapStyleOptions" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapSortConfiguration", - "markdownDescription": "The sort configuration of a `FilledMapVisual` .", - "title": "SortConfiguration" - }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" + "properties": { + "PercentileAggregation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PercentileAggregation", + "markdownDescription": "An aggregation based on the percentile of values in a dimension or measure.", + "title": "PercentileAggregation" }, - "WindowOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialWindowOptions", - "markdownDescription": "The window options of the filled map visual.", - "title": "WindowOptions" + "SimpleNumericalAggregation": { + "markdownDescription": "Built-in aggregation functions for numerical values.\n\n- `SUM` : The sum of a dimension or measure.\n- `AVERAGE` : The average of a dimension or measure.\n- `MIN` : The minimum value of a dimension or measure.\n- `MAX` : The maximum value of a dimension or measure.\n- `COUNT` : The count of a dimension or measure.\n- `DISTINCT_COUNT` : The count of distinct values in a dimension or measure.\n- `VAR` : The variance of a dimension or measure.\n- `VARP` : The partitioned variance of a dimension or measure.\n- `STDEV` : The standard deviation of a dimension or measure.\n- `STDEVP` : The partitioned standard deviation of a dimension or measure.\n- `MEDIAN` : The median value of a dimension or measure.", + "title": "SimpleNumericalAggregation", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FilledMapFieldWells": { + "AWS::QuickSight::Dashboard.NumericalDimensionField": { "additionalProperties": false, "properties": { - "FilledMapAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapAggregatedFieldWells", - "markdownDescription": "The aggregated field well of the filled map.", - "title": "FilledMapAggregatedFieldWells" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that is used in the `NumericalDimensionField` .", + "title": "Column" + }, + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumberFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" + }, + "HierarchyId": { + "markdownDescription": "The custom hierarchy ID.", + "title": "HierarchyId", + "type": "string" } }, + "required": [ + "Column", + "FieldId" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.FilledMapShapeConditionalFormatting": { + "AWS::QuickSight::Dashboard.NumericalMeasureField": { "additionalProperties": false, "properties": { + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericalAggregationFunction", + "markdownDescription": "The aggregation function of the measure field.", + "title": "AggregationFunction" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that is used in the `NumericalMeasureField` .", + "title": "Column" + }, "FieldId": { - "markdownDescription": "The field ID of the filled map shape.", + "markdownDescription": "The custom field ID.", "title": "FieldId", "type": "string" }, - "Format": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ShapeConditionalFormat", - "markdownDescription": "The conditional formatting that determines the background color of a filled map's shape.", - "title": "Format" + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumberFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" } }, "required": [ + "Column", "FieldId" ], "type": "object" }, - "AWS::QuickSight::Dashboard.FilledMapSortConfiguration": { + "AWS::QuickSight::Dashboard.PaginationConfiguration": { "additionalProperties": false, "properties": { - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the location fields.", - "title": "CategorySort", - "type": "array" + "PageNumber": { + "markdownDescription": "Indicates the page number.", + "title": "PageNumber", + "type": "number" + }, + "PageSize": { + "markdownDescription": "Indicates how many items render in one page.", + "title": "PageSize", + "type": "number" } }, + "required": [ + "PageNumber", + "PageSize" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.FilledMapVisual": { + "AWS::QuickSight::Dashboard.PanelConfiguration": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "BackgroundColor": { + "markdownDescription": "Sets the background color for each panel.", + "title": "BackgroundColor", + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "BackgroundVisibility": { + "markdownDescription": "Determines whether or not a background for each small multiples panel is rendered.", + "title": "BackgroundVisibility", + "type": "string" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "BorderColor": { + "markdownDescription": "Sets the line color of panel borders.", + "title": "BorderColor", + "type": "string" }, - "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapConditionalFormatting", - "markdownDescription": "The conditional formatting of a `FilledMapVisual` .", - "title": "ConditionalFormatting" + "BorderStyle": { + "markdownDescription": "Sets the line style of panel borders.", + "title": "BorderStyle", + "type": "string" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "BorderThickness": { + "markdownDescription": "Sets the line thickness of panel borders.", + "title": "BorderThickness", + "type": "string" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "BorderVisibility": { + "markdownDescription": "Determines whether or not each panel displays a border.", + "title": "BorderVisibility", + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "GutterSpacing": { + "markdownDescription": "Sets the total amount of negative space to display between sibling panels.", + "title": "GutterSpacing", + "type": "string" + }, + "GutterVisibility": { + "markdownDescription": "Determines whether or not negative space between sibling panels is rendered.", + "title": "GutterVisibility", "type": "string" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PanelTitleOptions", + "markdownDescription": "Configures the title display within each small multiples panel.", + "title": "Title" } }, - "required": [ - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.Filter": { + "AWS::QuickSight::Dashboard.PanelTitleOptions": { "additionalProperties": false, "properties": { - "CategoryFilter": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CategoryFilter", - "markdownDescription": "A `CategoryFilter` filters text values.\n\nFor more information, see [Adding text filters](https://docs.aws.amazon.com/quicksight/latest/user/add-a-text-filter-data-prep.html) in the *Amazon QuickSight User Guide* .", - "title": "CategoryFilter" - }, - "NumericEqualityFilter": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericEqualityFilter", - "markdownDescription": "A `NumericEqualityFilter` filters numeric values that equal or do not equal a given numeric value.", - "title": "NumericEqualityFilter" - }, - "NumericRangeFilter": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericRangeFilter", - "markdownDescription": "A `NumericRangeFilter` filters numeric values that are either inside or outside a given numeric range.", - "title": "NumericRangeFilter" - }, - "RelativeDatesFilter": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RelativeDatesFilter", - "markdownDescription": "A `RelativeDatesFilter` filters date values that are relative to a given date.", - "title": "RelativeDatesFilter" - }, - "TimeEqualityFilter": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TimeEqualityFilter", - "markdownDescription": "A `TimeEqualityFilter` filters date-time values that equal or do not equal a given date/time value.", - "title": "TimeEqualityFilter" + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", + "markdownDescription": "", + "title": "FontConfiguration" }, - "TimeRangeFilter": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TimeRangeFilter", - "markdownDescription": "A `TimeRangeFilter` filters date-time values that are either inside or outside a given date/time range.", - "title": "TimeRangeFilter" + "HorizontalTextAlignment": { + "markdownDescription": "Sets the horizontal text alignment of the title within each panel.", + "title": "HorizontalTextAlignment", + "type": "string" }, - "TopBottomFilter": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TopBottomFilter", - "markdownDescription": "A `TopBottomFilter` filters data to the top or bottom values for a given column.", - "title": "TopBottomFilter" + "Visibility": { + "markdownDescription": "Determines whether or not panel titles are displayed.", + "title": "Visibility", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FilterControl": { + "AWS::QuickSight::Dashboard.ParameterControl": { "additionalProperties": false, "properties": { - "CrossSheet": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterCrossSheetControl", - "markdownDescription": "A control from a filter that is scoped across more than one sheet. This represents your filter control on a sheet", - "title": "CrossSheet" - }, "DateTimePicker": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterDateTimePickerControl", - "markdownDescription": "A control from a date filter that is used to specify date and time.", + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterDateTimePickerControl", + "markdownDescription": "A control from a date parameter that specifies date and time.", "title": "DateTimePicker" }, "Dropdown": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterDropDownControl", + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterDropDownControl", "markdownDescription": "A control to display a dropdown list with buttons that are used to select a single value.", "title": "Dropdown" }, "List": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterListControl", - "markdownDescription": "A control to display a list of buttons or boxes. This is used to select either a single value or multiple values.", + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterListControl", + "markdownDescription": "A control to display a list with buttons or boxes that are used to select either a single value or multiple values.", "title": "List" }, - "RelativeDateTime": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterRelativeDateTimeControl", - "markdownDescription": "A control from a date filter that is used to specify the relative date.", - "title": "RelativeDateTime" - }, "Slider": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterSliderControl", + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterSliderControl", "markdownDescription": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle.", "title": "Slider" }, "TextArea": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterTextAreaControl", + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterTextAreaControl", "markdownDescription": "A control to display a text box that is used to enter multiple entries.", "title": "TextArea" }, "TextField": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterTextFieldControl", + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterTextFieldControl", "markdownDescription": "A control to display a text box that is used to enter a single entry.", "title": "TextField" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FilterCrossSheetControl": { - "additionalProperties": false, - "properties": { - "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CascadingControlConfiguration", - "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", - "title": "CascadingControlConfiguration" - }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterCrossSheetControl` .", - "title": "FilterControlId", - "type": "string" - }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterCrossSheetControl` .", - "title": "SourceFilterId", - "type": "string" - } - }, - "required": [ - "FilterControlId", - "SourceFilterId" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.FilterDateTimePickerControl": { + "AWS::QuickSight::Dashboard.ParameterDateTimePickerControl": { "additionalProperties": false, "properties": { "DisplayOptions": { @@ -199515,35 +242965,56 @@ "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterDateTimePickerControl` .", - "title": "FilterControlId", + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterDateTimePickerControl` .", + "title": "ParameterControlId", "type": "string" }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterDateTimePickerControl` .", - "title": "SourceFilterId", + "SourceParameterName": { + "markdownDescription": "The name of the `ParameterDateTimePickerControl` .", + "title": "SourceParameterName", "type": "string" }, "Title": { - "markdownDescription": "The title of the `FilterDateTimePickerControl` .", + "markdownDescription": "The title of the `ParameterDateTimePickerControl` .", "title": "Title", "type": "string" - }, - "Type": { - "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", - "title": "Type", - "type": "string" } }, "required": [ - "FilterControlId", - "SourceFilterId", + "ParameterControlId", + "SourceParameterName", "Title" ], "type": "object" }, - "AWS::QuickSight::Dashboard.FilterDropDownControl": { + "AWS::QuickSight::Dashboard.ParameterDeclaration": { + "additionalProperties": false, + "properties": { + "DateTimeParameterDeclaration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeParameterDeclaration", + "markdownDescription": "A parameter declaration for the `DateTime` data type.", + "title": "DateTimeParameterDeclaration" + }, + "DecimalParameterDeclaration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalParameterDeclaration", + "markdownDescription": "A parameter declaration for the `Decimal` data type.", + "title": "DecimalParameterDeclaration" + }, + "IntegerParameterDeclaration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.IntegerParameterDeclaration", + "markdownDescription": "A parameter declaration for the `Integer` data type.", + "title": "IntegerParameterDeclaration" + }, + "StringParameterDeclaration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringParameterDeclaration", + "markdownDescription": "A parameter declaration for the `String` data type.", + "title": "StringParameterDeclaration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ParameterDropDownControl": { "additionalProperties": false, "properties": { "CascadingControlConfiguration": { @@ -199551,117 +243022,50 @@ "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", "title": "CascadingControlConfiguration" }, + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `ParameterDropDownControl` .", + "title": "CommitMode", + "type": "string" + }, "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DropDownControlDisplayOptions", - "markdownDescription": "The display options of the `FilterDropDownControl` .", + "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterDropDownControl` .", - "title": "FilterControlId", + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterDropDownControl` .", + "title": "ParameterControlId", "type": "string" }, "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterSelectableValues", + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterSelectableValues", "markdownDescription": "A list of selectable values that are used in a control.", "title": "SelectableValues" }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterDropDownControl` .", - "title": "SourceFilterId", + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterDropDownControl` .", + "title": "SourceParameterName", "type": "string" }, "Title": { - "markdownDescription": "The title of the `FilterDropDownControl` .", + "markdownDescription": "The title of the `ParameterDropDownControl` .", "title": "Title", "type": "string" }, "Type": { - "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", + "markdownDescription": "The type parameter name of the `ParameterDropDownControl` .", "title": "Type", "type": "string" } }, "required": [ - "FilterControlId", - "SourceFilterId", + "ParameterControlId", + "SourceParameterName", "Title" ], "type": "object" }, - "AWS::QuickSight::Dashboard.FilterGroup": { - "additionalProperties": false, - "properties": { - "CrossDataset": { - "markdownDescription": "The filter new feature which can apply filter group to all data sets. Choose one of the following options:\n\n- `ALL_DATASETS`\n- `SINGLE_DATASET`", - "title": "CrossDataset", - "type": "string" - }, - "FilterGroupId": { - "markdownDescription": "The value that uniquely identifies a `FilterGroup` within a dashboard, template, or analysis.", - "title": "FilterGroupId", - "type": "string" - }, - "Filters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.Filter" - }, - "markdownDescription": "The list of filters that are present in a `FilterGroup` .", - "title": "Filters", - "type": "array" - }, - "ScopeConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterScopeConfiguration", - "markdownDescription": "The configuration that specifies what scope to apply to a `FilterGroup` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", - "title": "ScopeConfiguration" - }, - "Status": { - "markdownDescription": "The status of the `FilterGroup` .", - "title": "Status", - "type": "string" - } - }, - "required": [ - "CrossDataset", - "FilterGroupId", - "Filters", - "ScopeConfiguration" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.FilterListConfiguration": { - "additionalProperties": false, - "properties": { - "CategoryValues": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of category values for the filter.", - "title": "CategoryValues", - "type": "array" - }, - "MatchOperator": { - "markdownDescription": "The match operator that is used to determine if a filter should be applied.", - "title": "MatchOperator", - "type": "string" - }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", - "type": "string" - }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", - "type": "string" - } - }, - "required": [ - "MatchOperator" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.FilterListControl": { + "AWS::QuickSight::Dashboard.ParameterListControl": { "additionalProperties": false, "properties": { "CascadingControlConfiguration": { @@ -199674,139 +243078,59 @@ "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterListControl` .", - "title": "FilterControlId", + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterListControl` .", + "title": "ParameterControlId", "type": "string" }, "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterSelectableValues", + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterSelectableValues", "markdownDescription": "A list of selectable values that are used in a control.", "title": "SelectableValues" }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterListControl` .", - "title": "SourceFilterId", + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterListControl` .", + "title": "SourceParameterName", "type": "string" }, "Title": { - "markdownDescription": "The title of the `FilterListControl` .", + "markdownDescription": "The title of the `ParameterListControl` .", "title": "Title", "type": "string" }, "Type": { - "markdownDescription": "The type of the `FilterListControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list.", + "markdownDescription": "The type of `ParameterListControl` .", "title": "Type", "type": "string" } }, "required": [ - "FilterControlId", - "SourceFilterId", - "Title" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.FilterOperationSelectedFieldsConfiguration": { - "additionalProperties": false, - "properties": { - "SelectedColumns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier" - }, - "markdownDescription": "The selected columns of a dataset.", - "title": "SelectedColumns", - "type": "array" - }, - "SelectedFieldOptions": { - "markdownDescription": "A structure that contains the options that choose which fields are filtered in the `CustomActionFilterOperation` .\n\nValid values are defined as follows:\n\n- `ALL_FIELDS` : Applies the filter operation to all fields.", - "title": "SelectedFieldOptions", - "type": "string" - }, - "SelectedFields": { - "items": { - "type": "string" - }, - "markdownDescription": "Chooses the fields that are filtered in `CustomActionFilterOperation` .", - "title": "SelectedFields", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.FilterOperationTargetVisualsConfiguration": { - "additionalProperties": false, - "properties": { - "SameSheetTargetVisualConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SameSheetTargetVisualConfiguration", - "markdownDescription": "The configuration of the same-sheet target visuals that you want to be filtered.", - "title": "SameSheetTargetVisualConfiguration" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.FilterRelativeDateTimeControl": { - "additionalProperties": false, - "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RelativeDateTimeControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterTextAreaControl` .", - "title": "FilterControlId", - "type": "string" - }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterTextAreaControl` .", - "title": "SourceFilterId", - "type": "string" - }, - "Title": { - "markdownDescription": "The title of the `FilterTextAreaControl` .", - "title": "Title", - "type": "string" - } - }, - "required": [ - "FilterControlId", - "SourceFilterId", + "ParameterControlId", + "SourceParameterName", "Title" ], "type": "object" }, - "AWS::QuickSight::Dashboard.FilterScopeConfiguration": { + "AWS::QuickSight::Dashboard.ParameterSelectableValues": { "additionalProperties": false, "properties": { - "AllSheets": { - "markdownDescription": "The configuration that applies a filter to all sheets. When you choose `AllSheets` as the value for a `FilterScopeConfiguration` , this filter is applied to all visuals of all sheets in an Analysis, Dashboard, or Template. The `AllSheetsFilterScopeConfiguration` is chosen.", - "title": "AllSheets", - "type": "object" + "LinkToDataSetColumn": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column identifier that fetches values from the data set.", + "title": "LinkToDataSetColumn" }, - "SelectedSheets": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SelectedSheetsFilterScopeConfiguration", - "markdownDescription": "The configuration for applying a filter to specific sheets.", - "title": "SelectedSheets" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.FilterSelectableValues": { - "additionalProperties": false, - "properties": { "Values": { "items": { "type": "string" }, - "markdownDescription": "The values that are used in the `FilterSelectableValues` .", + "markdownDescription": "The values that are used in `ParameterSelectableValues` .", "title": "Values", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FilterSliderControl": { + "AWS::QuickSight::Dashboard.ParameterSliderControl": { "additionalProperties": false, "properties": { "DisplayOptions": { @@ -199814,11 +243138,6 @@ "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterSliderControl` .", - "title": "FilterControlId", - "type": "string" - }, "MaximumValue": { "markdownDescription": "The larger value that is displayed at the right of the slider.", "title": "MaximumValue", @@ -199829,9 +243148,14 @@ "title": "MinimumValue", "type": "number" }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterSliderControl` .", - "title": "SourceFilterId", + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterSliderControl` .", + "title": "ParameterControlId", + "type": "string" + }, + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterSliderControl` .", + "title": "SourceParameterName", "type": "string" }, "StepSize": { @@ -199840,27 +243164,22 @@ "type": "number" }, "Title": { - "markdownDescription": "The title of the `FilterSliderControl` .", + "markdownDescription": "The title of the `ParameterSliderControl` .", "title": "Title", "type": "string" - }, - "Type": { - "markdownDescription": "The type of the `FilterSliderControl` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range.", - "title": "Type", - "type": "string" } }, "required": [ - "FilterControlId", "MaximumValue", "MinimumValue", - "SourceFilterId", + "ParameterControlId", + "SourceParameterName", "StepSize", "Title" ], "type": "object" }, - "AWS::QuickSight::Dashboard.FilterTextAreaControl": { + "AWS::QuickSight::Dashboard.ParameterTextAreaControl": { "additionalProperties": false, "properties": { "Delimiter": { @@ -199873,30 +243192,30 @@ "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterTextAreaControl` .", - "title": "FilterControlId", + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterTextAreaControl` .", + "title": "ParameterControlId", "type": "string" }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterTextAreaControl` .", - "title": "SourceFilterId", + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterTextAreaControl` .", + "title": "SourceParameterName", "type": "string" }, "Title": { - "markdownDescription": "The title of the `FilterTextAreaControl` .", + "markdownDescription": "The title of the `ParameterTextAreaControl` .", "title": "Title", "type": "string" } }, "required": [ - "FilterControlId", - "SourceFilterId", + "ParameterControlId", + "SourceParameterName", "Title" ], "type": "object" }, - "AWS::QuickSight::Dashboard.FilterTextFieldControl": { + "AWS::QuickSight::Dashboard.ParameterTextFieldControl": { "additionalProperties": false, "properties": { "DisplayOptions": { @@ -199904,83 +243223,131 @@ "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterTextFieldControl` .", - "title": "FilterControlId", + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterTextFieldControl` .", + "title": "ParameterControlId", "type": "string" }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterTextFieldControl` .", - "title": "SourceFilterId", + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterTextFieldControl` .", + "title": "SourceParameterName", "type": "string" }, "Title": { - "markdownDescription": "The title of the `FilterTextFieldControl` .", + "markdownDescription": "The title of the `ParameterTextFieldControl` .", "title": "Title", "type": "string" } }, "required": [ - "FilterControlId", - "SourceFilterId", + "ParameterControlId", + "SourceParameterName", "Title" ], "type": "object" }, - "AWS::QuickSight::Dashboard.FontConfiguration": { + "AWS::QuickSight::Dashboard.Parameters": { "additionalProperties": false, "properties": { - "FontColor": { - "markdownDescription": "Determines the color of the text.", - "title": "FontColor", - "type": "string" + "DateTimeParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeParameter" + }, + "markdownDescription": "The parameters that have a data type of date-time.", + "title": "DateTimeParameters", + "type": "array" }, - "FontDecoration": { - "markdownDescription": "Determines the appearance of decorative lines on the text.", - "title": "FontDecoration", - "type": "string" + "DecimalParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalParameter" + }, + "markdownDescription": "The parameters that have a data type of decimal.", + "title": "DecimalParameters", + "type": "array" }, - "FontSize": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontSize", - "markdownDescription": "The option that determines the text display size.", - "title": "FontSize" + "IntegerParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.IntegerParameter" + }, + "markdownDescription": "The parameters that have a data type of integer.", + "title": "IntegerParameters", + "type": "array" }, - "FontStyle": { - "markdownDescription": "Determines the text display face that is inherited by the given font family.", - "title": "FontStyle", - "type": "string" + "StringParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringParameter" + }, + "markdownDescription": "The parameters that have a data type of string.", + "title": "StringParameters", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PercentVisibleRange": { + "additionalProperties": false, + "properties": { + "From": { + "markdownDescription": "The lower bound of the range.", + "title": "From", + "type": "number" }, - "FontWeight": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontWeight", - "markdownDescription": "The option that determines the text display weight, or boldness.", - "title": "FontWeight" + "To": { + "markdownDescription": "The top bound of the range.", + "title": "To", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FontSize": { + "AWS::QuickSight::Dashboard.PercentageDisplayFormatConfiguration": { "additionalProperties": false, "properties": { - "Relative": { - "markdownDescription": "The lexical name for the text size, proportional to its surrounding context.", - "title": "Relative", + "DecimalPlacesConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalPlacesConfiguration", + "markdownDescription": "The option that determines the decimal places configuration.", + "title": "DecimalPlacesConfiguration" + }, + "NegativeValueConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NegativeValueConfiguration", + "markdownDescription": "The options that determine the negative value configuration.", + "title": "NegativeValueConfiguration" + }, + "NullValueFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NullValueFormatConfiguration", + "markdownDescription": "The options that determine the null value format configuration.", + "title": "NullValueFormatConfiguration" + }, + "Prefix": { + "markdownDescription": "Determines the prefix value of the percentage format.", + "title": "Prefix", + "type": "string" + }, + "SeparatorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericSeparatorConfiguration", + "markdownDescription": "The options that determine the numeric separator configuration.", + "title": "SeparatorConfiguration" + }, + "Suffix": { + "markdownDescription": "Determines the suffix value of the percentage format.", + "title": "Suffix", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FontWeight": { + "AWS::QuickSight::Dashboard.PercentileAggregation": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The lexical name for the level of boldness of the text display.", - "title": "Name", - "type": "string" + "PercentileValue": { + "markdownDescription": "The percentile value. This value can be any numeric constant 0\u2013100. A percentile value of 50 computes the median value of the measure.", + "title": "PercentileValue", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ForecastComputation": { + "AWS::QuickSight::Dashboard.PeriodOverPeriodComputation": { "additionalProperties": false, "properties": { "ComputationId": { @@ -199988,39 +243355,43 @@ "title": "ComputationId", "type": "string" }, - "CustomSeasonalityValue": { - "markdownDescription": "The custom seasonality value setup of a forecast computation.", - "title": "CustomSeasonalityValue", - "type": "number" - }, - "LowerBoundary": { - "markdownDescription": "The lower boundary setup of a forecast computation.", - "title": "LowerBoundary", - "type": "number" - }, "Name": { "markdownDescription": "The name of a computation.", "title": "Name", "type": "string" }, - "PeriodsBackward": { - "markdownDescription": "The periods backward setup of a forecast computation.", - "title": "PeriodsBackward", - "type": "number" + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" }, - "PeriodsForward": { - "markdownDescription": "The periods forward setup of a forecast computation.", - "title": "PeriodsForward", - "type": "number" + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" + } + }, + "required": [ + "ComputationId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.PeriodToDateComputation": { + "additionalProperties": false, + "properties": { + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" }, - "PredictionInterval": { - "markdownDescription": "The prediction interval setup of a forecast computation.", - "title": "PredictionInterval", - "type": "number" + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" }, - "Seasonality": { - "markdownDescription": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `AUTOMATIC`\n- `CUSTOM` : Checks the custom seasonality value.", - "title": "Seasonality", + "PeriodTimeGranularity": { + "markdownDescription": "The time granularity setup of period to date computation. Choose from the following options:\n\n- YEAR: Year to date.\n- MONTH: Month to date.", + "title": "PeriodTimeGranularity", "type": "string" }, "Time": { @@ -200028,11 +243399,6 @@ "markdownDescription": "The time field that is used in a computation.", "title": "Time" }, - "UpperBoundary": { - "markdownDescription": "The upper boundary setup of a forecast computation.", - "title": "UpperBoundary", - "type": "number" - }, "Value": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", "markdownDescription": "The value field that is used in a computation.", @@ -200044,367 +243410,658 @@ ], "type": "object" }, - "AWS::QuickSight::Dashboard.ForecastConfiguration": { + "AWS::QuickSight::Dashboard.PieChartAggregatedFieldWells": { "additionalProperties": false, "properties": { - "ForecastProperties": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TimeBasedForecastProperties", - "markdownDescription": "The forecast properties setup of a forecast in the line chart.", - "title": "ForecastProperties" + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The category (group/color) field wells of a pie chart.", + "title": "Category", + "type": "array" }, - "Scenario": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ForecastScenario", - "markdownDescription": "The forecast scenario of a forecast in the line chart.", - "title": "Scenario" + "SmallMultiples": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The small multiples field well of a pie chart.", + "title": "SmallMultiples", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The value field wells of a pie chart. Values are aggregated based on categories.", + "title": "Values", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ForecastScenario": { + "AWS::QuickSight::Dashboard.PieChartConfiguration": { "additionalProperties": false, "properties": { - "WhatIfPointScenario": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WhatIfPointScenario", - "markdownDescription": "The what-if analysis forecast setup with the target date.", - "title": "WhatIfPointScenario" + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options of the group/color that is displayed in a pie chart.", + "title": "CategoryLabelOptions" + }, + "ContributionAnalysisDefaults": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ContributionAnalysisDefault" + }, + "markdownDescription": "The contribution analysis (anomaly configuration) setup of the visual.", + "title": "ContributionAnalysisDefaults", + "type": "array" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.", + "title": "DataLabels" + }, + "DonutOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DonutOptions", + "markdownDescription": "The options that determine the shape of the chart. This option determines whether the chart is a pie chart or a donut chart.", + "title": "DonutOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PieChartFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "SmallMultiplesOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SmallMultiplesOptions", + "markdownDescription": "The small multiples setup for the visual.", + "title": "SmallMultiplesOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PieChartSortConfiguration", + "markdownDescription": "The sort configuration of a pie chart.", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + }, + "ValueLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options for the value that is displayed in a pie chart.", + "title": "ValueLabelOptions" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PieChartFieldWells": { + "additionalProperties": false, + "properties": { + "PieChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PieChartAggregatedFieldWells", + "markdownDescription": "The field well configuration of a pie chart.", + "title": "PieChartAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PieChartSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of categories that are displayed in a pie chart.", + "title": "CategoryItemsLimit" + }, + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the category fields.", + "title": "CategorySort", + "type": "array" + }, + "SmallMultiplesLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of small multiples panels that are displayed.", + "title": "SmallMultiplesLimitConfiguration" + }, + "SmallMultiplesSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the small multiples field.", + "title": "SmallMultiplesSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PieChartVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PieChartConfiguration", + "markdownDescription": "The configuration of a pie chart.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotFieldSortOptions": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The field ID for the field sort options.", + "title": "FieldId", + "type": "string" + }, + "SortBy": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableSortBy", + "markdownDescription": "The sort by field for the field sort options.", + "title": "SortBy" + } + }, + "required": [ + "FieldId", + "SortBy" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotTableAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Columns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The columns field well for a pivot table. Values are grouped by columns fields.", + "title": "Columns", + "type": "array" + }, + "Rows": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The rows field well for a pivot table. Values are grouped by rows fields.", + "title": "Rows", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The values field well for a pivot table. Values are aggregated based on rows and columns fields.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotTableCellConditionalFormatting": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The field ID of the cell for conditional formatting.", + "title": "FieldId", + "type": "string" + }, + "Scope": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableConditionalFormattingScope", + "markdownDescription": "The scope of the cell for conditional formatting.", + "title": "Scope" + }, + "Scopes": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableConditionalFormattingScope" + }, + "markdownDescription": "A list of cell scopes for conditional formatting.", + "title": "Scopes", + "type": "array" }, - "WhatIfRangeScenario": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WhatIfRangeScenario", - "markdownDescription": "The what-if analysis forecast setup with the date range.", - "title": "WhatIfRangeScenario" + "TextFormat": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextConditionalFormat", + "markdownDescription": "The text format of the cell for conditional formatting.", + "title": "TextFormat" } }, + "required": [ + "FieldId" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.FormatConfiguration": { + "AWS::QuickSight::Dashboard.PivotTableConditionalFormatting": { "additionalProperties": false, "properties": { - "DateTimeFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeFormatConfiguration", - "markdownDescription": "Formatting configuration for `DateTime` fields.", - "title": "DateTimeFormatConfiguration" - }, - "NumberFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumberFormatConfiguration", - "markdownDescription": "Formatting configuration for number fields.", - "title": "NumberFormatConfiguration" - }, - "StringFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringFormatConfiguration", - "markdownDescription": "Formatting configuration for string fields.", - "title": "StringFormatConfiguration" + "ConditionalFormattingOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableConditionalFormattingOption" + }, + "markdownDescription": "Conditional formatting options for a `PivotTableVisual` .", + "title": "ConditionalFormattingOptions", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FreeFormLayoutCanvasSizeOptions": { + "AWS::QuickSight::Dashboard.PivotTableConditionalFormattingOption": { "additionalProperties": false, "properties": { - "ScreenCanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutScreenCanvasSizeOptions", - "markdownDescription": "The options that determine the sizing of the canvas used in a free-form layout.", - "title": "ScreenCanvasSizeOptions" + "Cell": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableCellConditionalFormatting", + "markdownDescription": "The cell conditional formatting option for a pivot table.", + "title": "Cell" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FreeFormLayoutConfiguration": { + "AWS::QuickSight::Dashboard.PivotTableConditionalFormattingScope": { "additionalProperties": false, "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutCanvasSizeOptions", - "markdownDescription": "", - "title": "CanvasSizeOptions" - }, - "Elements": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutElement" - }, - "markdownDescription": "The elements that are included in a free-form layout.", - "title": "Elements", - "type": "array" + "Role": { + "markdownDescription": "The role (field, field total, grand total) of the cell for conditional formatting.", + "title": "Role", + "type": "string" } }, - "required": [ - "Elements" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.FreeFormLayoutElement": { + "AWS::QuickSight::Dashboard.PivotTableConfiguration": { "additionalProperties": false, "properties": { - "BackgroundStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutElementBackgroundStyle", - "markdownDescription": "The background style configuration of a free-form layout element.", - "title": "BackgroundStyle" + "FieldOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableFieldOptions", + "markdownDescription": "The field options for a pivot table visual.", + "title": "FieldOptions" }, - "BorderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutElementBorderStyle", - "markdownDescription": "The border style configuration of a free-form layout element.", - "title": "BorderStyle" + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" }, - "ElementId": { - "markdownDescription": "A unique identifier for an element within a free-form layout.", - "title": "ElementId", - "type": "string" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" }, - "ElementType": { - "markdownDescription": "The type of element.", - "title": "ElementType", - "type": "string" + "PaginatedReportOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTablePaginatedReportOptions", + "markdownDescription": "The paginated report options for a pivot table visual.", + "title": "PaginatedReportOptions" }, - "Height": { - "markdownDescription": "The height of an element within a free-form layout.", - "title": "Height", - "type": "string" + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableSortConfiguration", + "markdownDescription": "The sort configuration for a `PivotTableVisual` .", + "title": "SortConfiguration" }, - "LoadingAnimation": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LoadingAnimation", - "markdownDescription": "The loading animation configuration of a free-form layout element.", - "title": "LoadingAnimation" + "TableOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableOptions", + "markdownDescription": "The table options for a pivot table visual.", + "title": "TableOptions" }, - "RenderingRules": { + "TotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableTotalOptions", + "markdownDescription": "The total options for a pivot table visual.", + "title": "TotalOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotTableDataPathOption": { + "additionalProperties": false, + "properties": { + "DataPathList": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetElementRenderingRule" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathValue" }, - "markdownDescription": "The rendering rules that determine when an element should be displayed within a free-form layout.", - "title": "RenderingRules", + "markdownDescription": "The list of data path values for the data path options.", + "title": "DataPathList", "type": "array" }, - "SelectedBorderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutElementBorderStyle", - "markdownDescription": "The border style configuration of a free-form layout element. This border style is used when the element is selected.", - "title": "SelectedBorderStyle" - }, - "Visibility": { - "markdownDescription": "The visibility of an element within a free-form layout.", - "title": "Visibility", - "type": "string" - }, "Width": { - "markdownDescription": "The width of an element within a free-form layout.", + "markdownDescription": "The width of the data path option.", "title": "Width", "type": "string" - }, - "XAxisLocation": { - "markdownDescription": "The x-axis coordinate of the element.", - "title": "XAxisLocation", - "type": "string" - }, - "YAxisLocation": { - "markdownDescription": "The y-axis coordinate of the element.", - "title": "YAxisLocation", - "type": "string" } }, "required": [ - "ElementId", - "ElementType", - "Height", - "Width", - "XAxisLocation", - "YAxisLocation" + "DataPathList" ], "type": "object" }, - "AWS::QuickSight::Dashboard.FreeFormLayoutElementBackgroundStyle": { + "AWS::QuickSight::Dashboard.PivotTableFieldCollapseStateOption": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The background color of a free-form layout element.", - "title": "Color", + "State": { + "markdownDescription": "The state of the field target of a pivot table. Choose one of the following options:\n\n- `COLLAPSED`\n- `EXPANDED`", + "title": "State", "type": "string" }, - "Visibility": { - "markdownDescription": "The background visibility of a free-form layout element.", - "title": "Visibility", - "type": "string" + "Target": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableFieldCollapseStateTarget", + "markdownDescription": "A tagged-union object that sets the collapse state.", + "title": "Target" } }, + "required": [ + "Target" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.FreeFormLayoutElementBorderStyle": { + "AWS::QuickSight::Dashboard.PivotTableFieldCollapseStateTarget": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The border color of a free-form layout element.", - "title": "Color", - "type": "string" + "FieldDataPathValues": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathValue" + }, + "markdownDescription": "The data path of the pivot table's header. Used to set the collapse state.", + "title": "FieldDataPathValues", + "type": "array" }, - "Visibility": { - "markdownDescription": "The border visibility of a free-form layout element.", - "title": "Visibility", + "FieldId": { + "markdownDescription": "The field ID of the pivot table that the collapse state needs to be set to.", + "title": "FieldId", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FreeFormLayoutScreenCanvasSizeOptions": { + "AWS::QuickSight::Dashboard.PivotTableFieldOption": { "additionalProperties": false, "properties": { - "OptimizedViewPortWidth": { - "markdownDescription": "The width that the view port will be optimized for when the layout renders.", - "title": "OptimizedViewPortWidth", + "CustomLabel": { + "markdownDescription": "The custom label of the pivot table field.", + "title": "CustomLabel", + "type": "string" + }, + "FieldId": { + "markdownDescription": "The field ID of the pivot table field.", + "title": "FieldId", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the pivot table field.", + "title": "Visibility", "type": "string" } }, "required": [ - "OptimizedViewPortWidth" + "FieldId" ], "type": "object" }, - "AWS::QuickSight::Dashboard.FreeFormSectionLayoutConfiguration": { + "AWS::QuickSight::Dashboard.PivotTableFieldOptions": { "additionalProperties": false, "properties": { - "Elements": { + "CollapseStateOptions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutElement" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableFieldCollapseStateOption" }, - "markdownDescription": "The elements that are included in the free-form layout.", - "title": "Elements", + "markdownDescription": "The collapse state options for the pivot table field options.", + "title": "CollapseStateOptions", "type": "array" - } - }, - "required": [ - "Elements" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.FunnelChartAggregatedFieldWells": { - "additionalProperties": false, - "properties": { - "Category": { + }, + "DataPathOptions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableDataPathOption" }, - "markdownDescription": "The category field wells of a funnel chart. Values are grouped by category fields.", - "title": "Category", + "markdownDescription": "The data path options for the pivot table field options.", + "title": "DataPathOptions", "type": "array" }, - "Values": { + "SelectedFieldOptions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableFieldOption" }, - "markdownDescription": "The value field wells of a funnel chart. Values are aggregated based on categories.", - "title": "Values", + "markdownDescription": "The selected field options for the pivot table field options.", + "title": "SelectedFieldOptions", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FunnelChartConfiguration": { + "AWS::QuickSight::Dashboard.PivotTableFieldSubtotalOptions": { "additionalProperties": false, "properties": { - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options of the categories that are displayed in a `FunnelChartVisual` .", - "title": "CategoryLabelOptions" - }, - "DataLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FunnelChartDataLabelOptions", - "markdownDescription": "The options that determine the presentation of the data labels.", - "title": "DataLabelOptions" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FunnelChartFieldWells", - "markdownDescription": "The field well configuration of a `FunnelChartVisual` .", - "title": "FieldWells" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FunnelChartSortConfiguration", - "markdownDescription": "The sort configuration of a `FunnelChartVisual` .", - "title": "SortConfiguration" - }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", - "markdownDescription": "The tooltip configuration of a `FunnelChartVisual` .", - "title": "Tooltip" - }, - "ValueLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options for the values that are displayed in a `FunnelChartVisual` .", - "title": "ValueLabelOptions" - }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", - "markdownDescription": "The visual palette configuration of a `FunnelChartVisual` .", - "title": "VisualPalette" + "FieldId": { + "markdownDescription": "The field ID of the subtotal options.", + "title": "FieldId", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FunnelChartDataLabelOptions": { + "AWS::QuickSight::Dashboard.PivotTableFieldWells": { "additionalProperties": false, "properties": { - "CategoryLabelVisibility": { - "markdownDescription": "The visibility of the category labels within the data labels.", - "title": "CategoryLabelVisibility", + "PivotTableAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableAggregatedFieldWells", + "markdownDescription": "The aggregated field well for the pivot table.", + "title": "PivotTableAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotTableOptions": { + "additionalProperties": false, + "properties": { + "CellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", + "markdownDescription": "The table cell style of cells.", + "title": "CellStyle" + }, + "CollapsedRowDimensionsVisibility": { + "markdownDescription": "The visibility setting of a pivot table's collapsed row dimension fields. If the value of this structure is `HIDDEN` , all collapsed columns in a pivot table are automatically hidden. The default value is `VISIBLE` .", + "title": "CollapsedRowDimensionsVisibility", "type": "string" }, - "LabelColor": { - "markdownDescription": "The color of the data label text.", - "title": "LabelColor", + "ColumnHeaderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", + "markdownDescription": "The table cell style of the column header.", + "title": "ColumnHeaderStyle" + }, + "ColumnNamesVisibility": { + "markdownDescription": "The visibility of the column names.", + "title": "ColumnNamesVisibility", "type": "string" }, - "LabelFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", - "markdownDescription": "The font configuration for the data labels.\n\nOnly the `FontSize` attribute of the font configuration is used for data labels.", - "title": "LabelFontConfiguration" + "DefaultCellWidth": { + "markdownDescription": "The default cell width of the pivot table.", + "title": "DefaultCellWidth", + "type": "string" }, - "MeasureDataLabelStyle": { - "markdownDescription": "Determines the style of the metric labels.", - "title": "MeasureDataLabelStyle", + "MetricPlacement": { + "markdownDescription": "The metric placement (row, column) options.", + "title": "MetricPlacement", "type": "string" }, - "MeasureLabelVisibility": { - "markdownDescription": "The visibility of the measure labels within the data labels.", - "title": "MeasureLabelVisibility", + "RowAlternateColorOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RowAlternateColorOptions", + "markdownDescription": "The row alternate color options (widget status, row alternate colors).", + "title": "RowAlternateColorOptions" + }, + "RowFieldNamesStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", + "markdownDescription": "The table cell style of row field names.", + "title": "RowFieldNamesStyle" + }, + "RowHeaderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", + "markdownDescription": "The table cell style of the row headers.", + "title": "RowHeaderStyle" + }, + "RowsLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableRowsLabelOptions", + "markdownDescription": "The options for the label that is located above the row headers. This option is only applicable when `RowsLayout` is set to `HIERARCHY` .", + "title": "RowsLabelOptions" + }, + "RowsLayout": { + "markdownDescription": "The layout for the row dimension headers of a pivot table. Choose one of the following options.\n\n- `TABULAR` : (Default) Each row field is displayed in a separate column.\n- `HIERARCHY` : All row fields are displayed in a single column. Indentation is used to differentiate row headers of different fields.", + "title": "RowsLayout", "type": "string" }, - "Position": { - "markdownDescription": "Determines the positioning of the data label relative to a section of the funnel.", - "title": "Position", + "SingleMetricVisibility": { + "markdownDescription": "The visibility of the single metric options.", + "title": "SingleMetricVisibility", + "type": "string" + }, + "ToggleButtonsVisibility": { + "markdownDescription": "Determines the visibility of the pivot table.", + "title": "ToggleButtonsVisibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotTablePaginatedReportOptions": { + "additionalProperties": false, + "properties": { + "OverflowColumnHeaderVisibility": { + "markdownDescription": "The visibility of the repeating header rows on each page.", + "title": "OverflowColumnHeaderVisibility", + "type": "string" + }, + "VerticalOverflowVisibility": { + "markdownDescription": "The visibility of the printing table overflow across pages.", + "title": "VerticalOverflowVisibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotTableRowsLabelOptions": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The custom label string for the rows label.", + "title": "CustomLabel", "type": "string" }, "Visibility": { - "markdownDescription": "The visibility option that determines if data labels are displayed.", + "markdownDescription": "The visibility of the rows label.", "title": "Visibility", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FunnelChartFieldWells": { + "AWS::QuickSight::Dashboard.PivotTableSortBy": { "additionalProperties": false, "properties": { - "FunnelChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FunnelChartAggregatedFieldWells", - "markdownDescription": "The field well configuration of a `FunnelChartVisual` .", - "title": "FunnelChartAggregatedFieldWells" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnSort", + "markdownDescription": "The column sort (field id, direction) for the pivot table sort by options.", + "title": "Column" + }, + "DataPath": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathSort", + "markdownDescription": "The data path sort (data path value, direction) for the pivot table sort by options.", + "title": "DataPath" + }, + "Field": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSort", + "markdownDescription": "The field sort (field id, direction) for the pivot table sort by options.", + "title": "Field" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FunnelChartSortConfiguration": { + "AWS::QuickSight::Dashboard.PivotTableSortConfiguration": { "additionalProperties": false, "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of categories displayed.", - "title": "CategoryItemsLimit" - }, - "CategorySort": { + "FieldSortOptions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotFieldSortOptions" }, - "markdownDescription": "The sort configuration of the category fields.", - "title": "CategorySort", + "markdownDescription": "The field sort options for a pivot table sort configuration.", + "title": "FieldSortOptions", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FunnelChartVisual": { + "AWS::QuickSight::Dashboard.PivotTableTotalOptions": { + "additionalProperties": false, + "properties": { + "ColumnSubtotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SubtotalOptions", + "markdownDescription": "The column subtotal options.", + "title": "ColumnSubtotalOptions" + }, + "ColumnTotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTotalOptions", + "markdownDescription": "The column total options.", + "title": "ColumnTotalOptions" + }, + "RowSubtotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SubtotalOptions", + "markdownDescription": "The row subtotal options.", + "title": "RowSubtotalOptions" + }, + "RowTotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTotalOptions", + "markdownDescription": "The row total options.", + "title": "RowTotalOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotTableVisual": { "additionalProperties": false, "properties": { "Actions": { @@ -200416,17 +244073,14 @@ "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FunnelChartConfiguration", - "markdownDescription": "The configuration of a `FunnelChartVisual` .", + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableConfiguration", + "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "ConditionalFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableConditionalFormatting", + "markdownDescription": "The conditional formatting for a `PivotTableVisual` .", + "title": "ConditionalFormatting" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", @@ -200438,6 +244092,11 @@ "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", "title": "VisualId", @@ -200449,354 +244108,449 @@ ], "type": "object" }, - "AWS::QuickSight::Dashboard.GaugeChartArcConditionalFormatting": { - "additionalProperties": false, - "properties": { - "ForegroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the arc foreground color.", - "title": "ForegroundColor" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.GaugeChartConditionalFormatting": { + "AWS::QuickSight::Dashboard.PivotTotalOptions": { "additionalProperties": false, "properties": { - "ConditionalFormattingOptions": { + "CustomLabel": { + "markdownDescription": "The custom label string for the total cells.", + "title": "CustomLabel", + "type": "string" + }, + "MetricHeaderCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", + "markdownDescription": "The cell styling options for the total of header cells.", + "title": "MetricHeaderCellStyle" + }, + "Placement": { + "markdownDescription": "The placement (start, end) for the total cells.", + "title": "Placement", + "type": "string" + }, + "ScrollStatus": { + "markdownDescription": "The scroll status (pinned, scrolled) for the total cells.", + "title": "ScrollStatus", + "type": "string" + }, + "TotalAggregationOptions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartConditionalFormattingOption" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TotalAggregationOption" }, - "markdownDescription": "Conditional formatting options of a `GaugeChartVisual` .", - "title": "ConditionalFormattingOptions", + "markdownDescription": "The total aggregation options for each value field.", + "title": "TotalAggregationOptions", "type": "array" + }, + "TotalCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", + "markdownDescription": "The cell styling options for the total cells.", + "title": "TotalCellStyle" + }, + "TotalsVisibility": { + "markdownDescription": "The visibility configuration for the total cells.", + "title": "TotalsVisibility", + "type": "string" + }, + "ValueCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", + "markdownDescription": "The cell styling options for the totals of value cells.", + "title": "ValueCellStyle" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.GaugeChartConditionalFormattingOption": { + "AWS::QuickSight::Dashboard.PluginVisual": { "additionalProperties": false, "properties": { - "Arc": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartArcConditionalFormatting", - "markdownDescription": "The options that determine the presentation of the arc of a `GaugeChartVisual` .", - "title": "Arc" + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PluginVisualConfiguration", + "markdownDescription": "A description of the plugin field wells and their persisted properties.", + "title": "ChartConfiguration" }, - "PrimaryValue": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartPrimaryValueConditionalFormatting", - "markdownDescription": "The conditional formatting for the primary value of a `GaugeChartVisual` .", - "title": "PrimaryValue" + "PluginArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that reflects the plugin and version.", + "title": "PluginArn", + "type": "string" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The ID of the visual that you want to use.", + "title": "VisualId", + "type": "string" } }, + "required": [ + "PluginArn", + "VisualId" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.GaugeChartConfiguration": { + "AWS::QuickSight::Dashboard.PluginVisualConfiguration": { "additionalProperties": false, "properties": { - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", - "markdownDescription": "The data label configuration of a `GaugeChartVisual` .", - "title": "DataLabels" - }, "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartFieldWells", - "markdownDescription": "The field well configuration of a `GaugeChartVisual` .", - "title": "FieldWells" - }, - "GaugeChartOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartOptions", - "markdownDescription": "The options that determine the presentation of the `GaugeChartVisual` .", - "title": "GaugeChartOptions" + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PluginVisualFieldWell" + }, + "markdownDescription": "The field wells configuration of the plugin visual.", + "title": "FieldWells", + "type": "array" }, - "TooltipOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", - "markdownDescription": "The tooltip configuration of a `GaugeChartVisual` .", - "title": "TooltipOptions" + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PluginVisualSortConfiguration", + "markdownDescription": "The sort configuration of the plugin visual.", + "title": "SortConfiguration" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", - "markdownDescription": "The visual palette configuration of a `GaugeChartVisual` .", - "title": "VisualPalette" + "VisualOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PluginVisualOptions", + "markdownDescription": "The persisted properties of the plugin visual.", + "title": "VisualOptions" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.GaugeChartFieldWells": { + "AWS::QuickSight::Dashboard.PluginVisualFieldWell": { "additionalProperties": false, "properties": { - "TargetValues": { + "AxisName": { + "markdownDescription": "The semantic axis name for the field well.", + "title": "AxisName", + "type": "string" + }, + "Dimensions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, - "markdownDescription": "The target value field wells of a `GaugeChartVisual` .", - "title": "TargetValues", + "markdownDescription": "A list of dimensions for the field well.", + "title": "Dimensions", "type": "array" }, - "Values": { + "Measures": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" }, - "markdownDescription": "The value field wells of a `GaugeChartVisual` .", - "title": "Values", + "markdownDescription": "A list of measures that exist in the field well.", + "title": "Measures", + "type": "array" + }, + "Unaggregated": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.UnaggregatedField" + }, + "markdownDescription": "A list of unaggregated fields that exist in the field well.", + "title": "Unaggregated", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.GaugeChartOptions": { + "AWS::QuickSight::Dashboard.PluginVisualItemsLimitConfiguration": { "additionalProperties": false, "properties": { - "Arc": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ArcConfiguration", - "markdownDescription": "The arc configuration of a `GaugeChartVisual` .", - "title": "Arc" - }, - "ArcAxis": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ArcAxisConfiguration", - "markdownDescription": "The arc axis configuration of a `GaugeChartVisual` .", - "title": "ArcAxis" - }, - "Comparison": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComparisonConfiguration", - "markdownDescription": "The comparison configuration of a `GaugeChartVisual` .", - "title": "Comparison" - }, - "PrimaryValueDisplayType": { - "markdownDescription": "The options that determine the primary value display type.", - "title": "PrimaryValueDisplayType", - "type": "string" - }, - "PrimaryValueFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", - "markdownDescription": "The options that determine the primary value font configuration.", - "title": "PrimaryValueFontConfiguration" + "ItemsLimit": { + "markdownDescription": "Determines how many values are be fetched at once.", + "title": "ItemsLimit", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.GaugeChartPrimaryValueConditionalFormatting": { + "AWS::QuickSight::Dashboard.PluginVisualOptions": { "additionalProperties": false, "properties": { - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting of the primary value icon.", - "title": "Icon" - }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the primary value text color.", - "title": "TextColor" + "VisualProperties": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PluginVisualProperty" + }, + "markdownDescription": "The persisted properties and their values.", + "title": "VisualProperties", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.GaugeChartVisual": { + "AWS::QuickSight::Dashboard.PluginVisualProperty": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartConfiguration", - "markdownDescription": "The configuration of a `GaugeChartVisual` .", - "title": "ChartConfiguration" - }, - "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartConditionalFormatting", - "markdownDescription": "The conditional formatting of a `GaugeChartVisual` .", - "title": "ConditionalFormatting" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Name": { + "markdownDescription": "The name of the plugin visual property.", + "title": "Name", + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "Value": { + "markdownDescription": "The value of the plugin visual property.", + "title": "Value", "type": "string" } }, - "required": [ - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.GeospatialCoordinateBounds": { + "AWS::QuickSight::Dashboard.PluginVisualSortConfiguration": { "additionalProperties": false, "properties": { - "East": { - "markdownDescription": "The longitude of the east bound of the geospatial coordinate bounds.", - "title": "East", - "type": "number" - }, - "North": { - "markdownDescription": "The latitude of the north bound of the geospatial coordinate bounds.", - "title": "North", - "type": "number" - }, - "South": { - "markdownDescription": "The latitude of the south bound of the geospatial coordinate bounds.", - "title": "South", - "type": "number" - }, - "West": { - "markdownDescription": "The longitude of the west bound of the geospatial coordinate bounds.", - "title": "West", - "type": "number" + "PluginVisualTableQuerySort": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PluginVisualTableQuerySort", + "markdownDescription": "The table query sorting options for the plugin visual.", + "title": "PluginVisualTableQuerySort" } }, - "required": [ - "East", - "North", - "South", - "West" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.GeospatialHeatmapColorScale": { + "AWS::QuickSight::Dashboard.PluginVisualTableQuerySort": { "additionalProperties": false, "properties": { - "Colors": { + "ItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PluginVisualItemsLimitConfiguration", + "markdownDescription": "The maximum amount of data to be returned by a query.", + "title": "ItemsLimitConfiguration" + }, + "RowSort": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialHeatmapDataColor" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" }, - "markdownDescription": "The list of colors to be used in heatmap point style.", - "title": "Colors", + "markdownDescription": "Determines how data is sorted in the response.", + "title": "RowSort", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.GeospatialHeatmapConfiguration": { + "AWS::QuickSight::Dashboard.PredefinedHierarchy": { "additionalProperties": false, "properties": { - "HeatmapColor": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialHeatmapColorScale", - "markdownDescription": "The color scale specification for the heatmap point style.", - "title": "HeatmapColor" + "Columns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier" + }, + "markdownDescription": "The list of columns that define the predefined hierarchy.", + "title": "Columns", + "type": "array" + }, + "DrillDownFilters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DrillDownFilter" + }, + "markdownDescription": "The option that determines the drill down filters for the predefined hierarchy.", + "title": "DrillDownFilters", + "type": "array" + }, + "HierarchyId": { + "markdownDescription": "The hierarchy ID of the predefined hierarchy.", + "title": "HierarchyId", + "type": "string" } }, + "required": [ + "Columns", + "HierarchyId" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.GeospatialHeatmapDataColor": { + "AWS::QuickSight::Dashboard.ProgressBarOptions": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The hex color to be used in the heatmap point style.", - "title": "Color", + "Visibility": { + "markdownDescription": "The visibility of the progress bar.", + "title": "Visibility", "type": "string" } }, - "required": [ - "Color" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.GeospatialMapAggregatedFieldWells": { + "AWS::QuickSight::Dashboard.RadarChartAggregatedFieldWells": { "additionalProperties": false, "properties": { - "Colors": { + "Category": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, - "markdownDescription": "The color field wells of a geospatial map.", - "title": "Colors", + "markdownDescription": "The aggregated field well categories of a radar chart.", + "title": "Category", "type": "array" }, - "Geospatial": { + "Color": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, - "markdownDescription": "The geospatial field wells of a geospatial map. Values are grouped by geospatial fields.", - "title": "Geospatial", + "markdownDescription": "The color that are assigned to the aggregated field wells of a radar chart.", + "title": "Color", "type": "array" }, "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" }, - "markdownDescription": "The size field wells of a geospatial map. Values are aggregated based on geospatial fields.", + "markdownDescription": "The values that are assigned to the aggregated field wells of a radar chart.", "title": "Values", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.GeospatialMapConfiguration": { + "AWS::QuickSight::Dashboard.RadarChartAreaStyleSettings": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility settings of a radar chart.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.RadarChartConfiguration": { "additionalProperties": false, "properties": { + "AlternateBandColorsVisibility": { + "markdownDescription": "Determines the visibility of the colors of alternatign bands in a radar chart.", + "title": "AlternateBandColorsVisibility", + "type": "string" + }, + "AlternateBandEvenColor": { + "markdownDescription": "The color of the even-numbered alternate bands of a radar chart.", + "title": "AlternateBandEvenColor", + "type": "string" + }, + "AlternateBandOddColor": { + "markdownDescription": "The color of the odd-numbered alternate bands of a radar chart.", + "title": "AlternateBandOddColor", + "type": "string" + }, + "AxesRangeScale": { + "markdownDescription": "The axis behavior options of a radar chart.", + "title": "AxesRangeScale", + "type": "string" + }, + "BaseSeriesSettings": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartSeriesSettings", + "markdownDescription": "The base sreies settings of a radar chart.", + "title": "BaseSeriesSettings" + }, + "CategoryAxis": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The category axis of a radar chart.", + "title": "CategoryAxis" + }, + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The category label options of a radar chart.", + "title": "CategoryLabelOptions" + }, + "ColorAxis": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The color axis of a radar chart.", + "title": "ColorAxis" + }, + "ColorLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The color label options of a radar chart.", + "title": "ColorLabelOptions" + }, "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapFieldWells", - "markdownDescription": "The field wells of the visual.", + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartFieldWells", + "markdownDescription": "The field well configuration of a `RadarChartVisual` .", "title": "FieldWells" }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, "Legend": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Legend" }, - "MapStyleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapStyleOptions", - "markdownDescription": "The map style options of the geospatial map.", - "title": "MapStyleOptions" + "Shape": { + "markdownDescription": "The shape of the radar chart.", + "title": "Shape", + "type": "string" }, - "PointStyleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialPointStyleOptions", - "markdownDescription": "The point style options of the geospatial map.", - "title": "PointStyleOptions" + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartSortConfiguration", + "markdownDescription": "The sort configuration of a `RadarChartVisual` .", + "title": "SortConfiguration" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" + "StartAngle": { + "markdownDescription": "The start angle of a radar chart's axis.", + "title": "StartAngle", + "type": "number" }, "VisualPalette": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", - "markdownDescription": "", + "markdownDescription": "The palette (chart color) display setup of the visual.", "title": "VisualPalette" - }, - "WindowOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialWindowOptions", - "markdownDescription": "The window options of the geospatial map.", - "title": "WindowOptions" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.GeospatialMapFieldWells": { + "AWS::QuickSight::Dashboard.RadarChartFieldWells": { "additionalProperties": false, "properties": { - "GeospatialMapAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapAggregatedFieldWells", - "markdownDescription": "The aggregated field well for a geospatial map.", - "title": "GeospatialMapAggregatedFieldWells" + "RadarChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a radar chart visual.", + "title": "RadarChartAggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.GeospatialMapStyleOptions": { + "AWS::QuickSight::Dashboard.RadarChartSeriesSettings": { "additionalProperties": false, "properties": { - "BaseMapStyle": { - "markdownDescription": "The base map style of the geospatial map.", - "title": "BaseMapStyle", - "type": "string" + "AreaStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartAreaStyleSettings", + "markdownDescription": "The area style settings of a radar chart.", + "title": "AreaStyleSettings" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.GeospatialMapVisual": { + "AWS::QuickSight::Dashboard.RadarChartSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The category items limit for a radar chart.", + "title": "CategoryItemsLimit" + }, + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The category sort options of a radar chart.", + "title": "CategorySort", + "type": "array" + }, + "ColorItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The color items limit of a radar chart.", + "title": "ColorItemsLimit" + }, + "ColorSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The color sort configuration of a radar chart.", + "title": "ColorSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.RadarChartVisual": { "additionalProperties": false, "properties": { "Actions": { @@ -200808,7 +244562,7 @@ "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, @@ -200830,8 +244584,13 @@ "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } @@ -200841,370 +244600,460 @@ ], "type": "object" }, - "AWS::QuickSight::Dashboard.GeospatialPointStyleOptions": { + "AWS::QuickSight::Dashboard.RangeEndsLabelType": { "additionalProperties": false, "properties": { - "ClusterMarkerConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ClusterMarkerConfiguration", - "markdownDescription": "The cluster marker configuration of the geospatial point style.", - "title": "ClusterMarkerConfiguration" + "Visibility": { + "markdownDescription": "The visibility of the range ends label.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ReferenceLine": { + "additionalProperties": false, + "properties": { + "DataConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineDataConfiguration", + "markdownDescription": "The data configuration of the reference line.", + "title": "DataConfiguration" }, - "HeatmapConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialHeatmapConfiguration", - "markdownDescription": "The heatmap configuration of the geospatial point style.", - "title": "HeatmapConfiguration" + "LabelConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineLabelConfiguration", + "markdownDescription": "The label configuration of the reference line.", + "title": "LabelConfiguration" }, - "SelectedPointStyle": { - "markdownDescription": "The selected point styles (point, cluster) of the geospatial map.", - "title": "SelectedPointStyle", + "Status": { + "markdownDescription": "The status of the reference line. Choose one of the following options:\n\n- `ENABLE`\n- `DISABLE`", + "title": "Status", + "type": "string" + }, + "StyleConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineStyleConfiguration", + "markdownDescription": "The style configuration of the reference line.", + "title": "StyleConfiguration" + } + }, + "required": [ + "DataConfiguration" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ReferenceLineCustomLabelConfiguration": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The string text of the custom label.", + "title": "CustomLabel", + "type": "string" + } + }, + "required": [ + "CustomLabel" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ReferenceLineDataConfiguration": { + "additionalProperties": false, + "properties": { + "AxisBinding": { + "markdownDescription": "The axis binding type of the reference line. Choose one of the following options:\n\n- `PrimaryY`\n- `SecondaryY`", + "title": "AxisBinding", + "type": "string" + }, + "DynamicConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineDynamicDataConfiguration", + "markdownDescription": "The dynamic configuration of the reference line data configuration.", + "title": "DynamicConfiguration" + }, + "SeriesType": { + "markdownDescription": "The series type of the reference line data configuration. Choose one of the following options:\n\n- `BAR`\n- `LINE`", + "title": "SeriesType", "type": "string" + }, + "StaticConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineStaticDataConfiguration", + "markdownDescription": "The static data configuration of the reference line data configuration.", + "title": "StaticConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.GeospatialWindowOptions": { + "AWS::QuickSight::Dashboard.ReferenceLineDynamicDataConfiguration": { "additionalProperties": false, "properties": { - "Bounds": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialCoordinateBounds", - "markdownDescription": "The bounds options (north, south, west, east) of the geospatial window options.", - "title": "Bounds" + "Calculation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericalAggregationFunction", + "markdownDescription": "The calculation that is used in the dynamic data.", + "title": "Calculation" }, - "MapZoomMode": { - "markdownDescription": "The map zoom modes (manual, auto) of the geospatial window options.", - "title": "MapZoomMode", - "type": "string" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that the dynamic data targets.", + "title": "Column" + }, + "MeasureAggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationFunction", + "markdownDescription": "The aggregation function that is used in the dynamic data.", + "title": "MeasureAggregationFunction" } }, + "required": [ + "Calculation", + "Column" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.GlobalTableBorderOptions": { + "AWS::QuickSight::Dashboard.ReferenceLineLabelConfiguration": { "additionalProperties": false, "properties": { - "SideSpecificBorder": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableSideBorderOptions", - "markdownDescription": "Determines the options for side specific border.", - "title": "SideSpecificBorder" + "CustomLabelConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineCustomLabelConfiguration", + "markdownDescription": "The custom label configuration of the label in a reference line.", + "title": "CustomLabelConfiguration" }, - "UniformBorder": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", - "markdownDescription": "Determines the options for uniform border.", - "title": "UniformBorder" + "FontColor": { + "markdownDescription": "The font color configuration of the label in a reference line.", + "title": "FontColor", + "type": "string" + }, + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", + "markdownDescription": "The font configuration of the label in a reference line.", + "title": "FontConfiguration" + }, + "HorizontalPosition": { + "markdownDescription": "The horizontal position configuration of the label in a reference line. Choose one of the following options:\n\n- `LEFT`\n- `CENTER`\n- `RIGHT`", + "title": "HorizontalPosition", + "type": "string" + }, + "ValueLabelConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineValueLabelConfiguration", + "markdownDescription": "The value label configuration of the label in a reference line.", + "title": "ValueLabelConfiguration" + }, + "VerticalPosition": { + "markdownDescription": "The vertical position configuration of the label in a reference line. Choose one of the following options:\n\n- `ABOVE`\n- `BELOW`", + "title": "VerticalPosition", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.GradientColor": { + "AWS::QuickSight::Dashboard.ReferenceLineStaticDataConfiguration": { "additionalProperties": false, "properties": { - "Stops": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GradientStop" - }, - "markdownDescription": "The list of gradient color stops.", - "title": "Stops", - "type": "array" + "Value": { + "markdownDescription": "The double input of the static data.", + "title": "Value", + "type": "number" } }, + "required": [ + "Value" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.GradientStop": { + "AWS::QuickSight::Dashboard.ReferenceLineStyleConfiguration": { "additionalProperties": false, "properties": { "Color": { - "markdownDescription": "Determines the color.", + "markdownDescription": "The hex color of the reference line.", "title": "Color", "type": "string" }, - "DataValue": { - "markdownDescription": "Determines the data value.", - "title": "DataValue", - "type": "number" - }, - "GradientOffset": { - "markdownDescription": "Determines gradient offset value.", - "title": "GradientOffset", - "type": "number" + "Pattern": { + "markdownDescription": "The pattern type of the line style. Choose one of the following options:\n\n- `SOLID`\n- `DASHED`\n- `DOTTED`", + "title": "Pattern", + "type": "string" } }, - "required": [ - "GradientOffset" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.GridLayoutCanvasSizeOptions": { + "AWS::QuickSight::Dashboard.ReferenceLineValueLabelConfiguration": { "additionalProperties": false, "properties": { - "ScreenCanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GridLayoutScreenCanvasSizeOptions", - "markdownDescription": "The options that determine the sizing of the canvas used in a grid layout.", - "title": "ScreenCanvasSizeOptions" + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericFormatConfiguration", + "markdownDescription": "The format configuration of the value label.", + "title": "FormatConfiguration" + }, + "RelativePosition": { + "markdownDescription": "The relative position of the value label. Choose one of the following options:\n\n- `BEFORE_CUSTOM_LABEL`\n- `AFTER_CUSTOM_LABEL`", + "title": "RelativePosition", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.GridLayoutConfiguration": { + "AWS::QuickSight::Dashboard.RelativeDateTimeControlDisplayOptions": { "additionalProperties": false, "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GridLayoutCanvasSizeOptions", - "markdownDescription": "", - "title": "CanvasSizeOptions" + "DateTimeFormat": { + "markdownDescription": "Customize how dates are formatted in controls.", + "title": "DateTimeFormat", + "type": "string" }, - "Elements": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GridLayoutElement" - }, - "markdownDescription": "The elements that are included in a grid layout.", - "title": "Elements", - "type": "array" + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" } }, - "required": [ - "Elements" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.GridLayoutElement": { + "AWS::QuickSight::Dashboard.RelativeDatesFilter": { "additionalProperties": false, "properties": { - "ColumnIndex": { - "markdownDescription": "The column index for the upper left corner of an element.", - "title": "ColumnIndex", - "type": "number" + "AnchorDateConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AnchorDateConfiguration", + "markdownDescription": "The date configuration of the filter.", + "title": "AnchorDateConfiguration" }, - "ColumnSpan": { - "markdownDescription": "The width of a grid element expressed as a number of grid columns.", - "title": "ColumnSpan", - "type": "number" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" }, - "ElementId": { - "markdownDescription": "A unique identifier for an element within a grid layout.", - "title": "ElementId", + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "ExcludePeriodConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ExcludePeriodConfiguration", + "markdownDescription": "The configuration for the exclude period of the filter.", + "title": "ExcludePeriodConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", "type": "string" }, - "ElementType": { - "markdownDescription": "The type of element.", - "title": "ElementType", + "MinimumGranularity": { + "markdownDescription": "The minimum granularity (period granularity) of the relative dates filter.", + "title": "MinimumGranularity", "type": "string" }, - "RowIndex": { - "markdownDescription": "The row index for the upper left corner of an element.", - "title": "RowIndex", - "type": "number" + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" }, - "RowSpan": { - "markdownDescription": "The height of a grid element expressed as a number of grid rows.", - "title": "RowSpan", + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.", + "title": "ParameterName", + "type": "string" + }, + "RelativeDateType": { + "markdownDescription": "The range date type of the filter. Choose one of the options below:\n\n- `PREVIOUS`\n- `THIS`\n- `LAST`\n- `NOW`\n- `NEXT`", + "title": "RelativeDateType", + "type": "string" + }, + "RelativeDateValue": { + "markdownDescription": "The date value of the filter.", + "title": "RelativeDateValue", "type": "number" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" } }, "required": [ - "ColumnSpan", - "ElementId", - "ElementType", - "RowSpan" + "AnchorDateConfiguration", + "Column", + "FilterId", + "NullOption", + "RelativeDateType", + "TimeGranularity" ], "type": "object" }, - "AWS::QuickSight::Dashboard.GridLayoutScreenCanvasSizeOptions": { + "AWS::QuickSight::Dashboard.ResourcePermission": { "additionalProperties": false, "properties": { - "OptimizedViewPortWidth": { - "markdownDescription": "The width that the view port will be optimized for when the layout renders.", - "title": "OptimizedViewPortWidth", - "type": "string" + "Actions": { + "items": { + "type": "string" + }, + "markdownDescription": "The IAM action to grant or revoke permissions on.", + "title": "Actions", + "type": "array" }, - "ResizeOption": { - "markdownDescription": "This value determines the layout behavior when the viewport is resized.\n\n- `FIXED` : A fixed width will be used when optimizing the layout. In the Amazon QuickSight console, this option is called `Classic` .\n- `RESPONSIVE` : The width of the canvas will be responsive and optimized to the view port. In the Amazon QuickSight console, this option is called `Tiled` .", - "title": "ResizeOption", + "Principal": { + "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", + "title": "Principal", "type": "string" } }, "required": [ - "ResizeOption" + "Actions", + "Principal" ], "type": "object" }, - "AWS::QuickSight::Dashboard.GrowthRateComputation": { + "AWS::QuickSight::Dashboard.RollingDateConfiguration": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", + "DataSetIdentifier": { + "markdownDescription": "The data set that is used in the rolling date configuration.", + "title": "DataSetIdentifier", "type": "string" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "Expression": { + "markdownDescription": "The expression of the rolling date configuration.", + "title": "Expression", "type": "string" - }, - "PeriodSize": { - "markdownDescription": "The period size setup of a growth rate computation.", - "title": "PeriodSize", - "type": "number" - }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" - }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" } }, "required": [ - "ComputationId" + "Expression" ], "type": "object" }, - "AWS::QuickSight::Dashboard.HeaderFooterSectionConfiguration": { + "AWS::QuickSight::Dashboard.RowAlternateColorOptions": { "additionalProperties": false, "properties": { - "Layout": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionLayoutConfiguration", - "markdownDescription": "The layout configuration of the header or footer section.", - "title": "Layout" + "RowAlternateColors": { + "items": { + "type": "string" + }, + "markdownDescription": "Determines the list of row alternate colors.", + "title": "RowAlternateColors", + "type": "array" }, - "SectionId": { - "markdownDescription": "The unique identifier of the header or footer section.", - "title": "SectionId", + "Status": { + "markdownDescription": "Determines the widget status.", + "title": "Status", "type": "string" }, - "Style": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionStyle", - "markdownDescription": "The style options of a header or footer section.", - "title": "Style" + "UsePrimaryBackgroundColor": { + "markdownDescription": "The primary background color options for alternate rows.", + "title": "UsePrimaryBackgroundColor", + "type": "string" } }, - "required": [ - "Layout", - "SectionId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.HeatMapAggregatedFieldWells": { + "AWS::QuickSight::Dashboard.SameSheetTargetVisualConfiguration": { "additionalProperties": false, "properties": { - "Columns": { + "TargetVisualOptions": { + "markdownDescription": "The options that choose the target visual in the same sheet.\n\nValid values are defined as follows:\n\n- `ALL_VISUALS` : Applies the filter operation to all visuals in the same sheet.", + "title": "TargetVisualOptions", + "type": "string" + }, + "TargetVisuals": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the target visual IDs that are located in the same sheet of the analysis.", + "title": "TargetVisuals", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SankeyDiagramAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Destination": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, - "markdownDescription": "The columns field well of a heat map.", - "title": "Columns", + "markdownDescription": "The destination field wells of a sankey diagram.", + "title": "Destination", "type": "array" }, - "Rows": { + "Source": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, - "markdownDescription": "The rows field well of a heat map.", - "title": "Rows", + "markdownDescription": "The source field wells of a sankey diagram.", + "title": "Source", "type": "array" }, - "Values": { + "Weight": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" }, - "markdownDescription": "The values field well of a heat map.", - "title": "Values", + "markdownDescription": "The weight field wells of a sankey diagram.", + "title": "Weight", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.HeatMapConfiguration": { + "AWS::QuickSight::Dashboard.SankeyDiagramChartConfiguration": { "additionalProperties": false, "properties": { - "ColorScale": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColorScale", - "markdownDescription": "The color options (gradient color, point of divergence) in a heat map.", - "title": "ColorScale" - }, - "ColumnLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options of the column that is displayed in a heat map.", - "title": "ColumnLabelOptions" - }, "DataLabels": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.", + "markdownDescription": "The data label configuration of a sankey diagram.", "title": "DataLabels" }, "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeatMapFieldWells", - "markdownDescription": "The field wells of the visual.", + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SankeyDiagramFieldWells", + "markdownDescription": "The field well configuration of a sankey diagram.", "title": "FieldWells" }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" - }, - "RowLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options of the row that is displayed in a `heat map` .", - "title": "RowLabelOptions" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" }, "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeatMapSortConfiguration", - "markdownDescription": "The sort configuration of a heat map.", + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SankeyDiagramSortConfiguration", + "markdownDescription": "The sort configuration of a sankey diagram.", "title": "SortConfiguration" - }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.HeatMapFieldWells": { + "AWS::QuickSight::Dashboard.SankeyDiagramFieldWells": { "additionalProperties": false, "properties": { - "HeatMapAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeatMapAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a heat map.", - "title": "HeatMapAggregatedFieldWells" + "SankeyDiagramAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SankeyDiagramAggregatedFieldWells", + "markdownDescription": "The field well configuration of a sankey diagram.", + "title": "SankeyDiagramAggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.HeatMapSortConfiguration": { + "AWS::QuickSight::Dashboard.SankeyDiagramSortConfiguration": { "additionalProperties": false, "properties": { - "HeatMapColumnItemsLimitConfiguration": { + "DestinationItemsLimit": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of columns that are displayed in a heat map.", - "title": "HeatMapColumnItemsLimitConfiguration" - }, - "HeatMapColumnSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The column sort configuration for heat map for columns that aren't a part of a field well.", - "title": "HeatMapColumnSort", - "type": "array" + "markdownDescription": "The limit on the number of destination nodes that are displayed in a sankey diagram.", + "title": "DestinationItemsLimit" }, - "HeatMapRowItemsLimitConfiguration": { + "SourceItemsLimit": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of rows that are displayed in a heat map.", - "title": "HeatMapRowItemsLimitConfiguration" + "markdownDescription": "The limit on the number of source nodes that are displayed in a sankey diagram.", + "title": "SourceItemsLimit" }, - "HeatMapRowSort": { + "WeightSort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" }, - "markdownDescription": "The field sort configuration of the rows fields.", - "title": "HeatMapRowSort", + "markdownDescription": "The sort configuration of the weight fields.", + "title": "WeightSort", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.HeatMapVisual": { + "AWS::QuickSight::Dashboard.SankeyDiagramVisual": { "additionalProperties": false, "properties": { "Actions": { @@ -201216,18 +245065,10 @@ "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeatMapConfiguration", - "markdownDescription": "The configuration of a heat map.", + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SankeyDiagramChartConfiguration", + "markdownDescription": "The configuration of a sankey diagram.", "title": "ChartConfiguration" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" - }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", @@ -201238,6 +245079,11 @@ "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", @@ -201249,160 +245095,187 @@ ], "type": "object" }, - "AWS::QuickSight::Dashboard.HistogramAggregatedFieldWells": { + "AWS::QuickSight::Dashboard.ScatterPlotCategoricallyAggregatedFieldWells": { "additionalProperties": false, "properties": { - "Values": { + "Category": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, - "markdownDescription": "The value field wells of a histogram. Values are aggregated by `COUNT` or `DISTINCT_COUNT` .", - "title": "Values", + "markdownDescription": "The category field well of a scatter plot.", + "title": "Category", "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.HistogramBinOptions": { - "additionalProperties": false, - "properties": { - "BinCount": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BinCountOptions", - "markdownDescription": "The options that determine the bin count of a histogram.", - "title": "BinCount" }, - "BinWidth": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BinWidthOptions", - "markdownDescription": "The options that determine the bin width of a histogram.", - "title": "BinWidth" + "Label": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The label field well of a scatter plot.", + "title": "Label", + "type": "array" }, - "SelectedBinType": { - "markdownDescription": "The options that determine the selected bin type.", - "title": "SelectedBinType", - "type": "string" + "Size": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The size field well of a scatter plot.", + "title": "Size", + "type": "array" }, - "StartValue": { - "markdownDescription": "The options that determine the bin start value.", - "title": "StartValue", - "type": "number" + "XAxis": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The x-axis field well of a scatter plot.\n\nThe x-axis is aggregated by category.", + "title": "XAxis", + "type": "array" + }, + "YAxis": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The y-axis field well of a scatter plot.\n\nThe y-axis is aggregated by category.", + "title": "YAxis", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.HistogramConfiguration": { + "AWS::QuickSight::Dashboard.ScatterPlotConfiguration": { "additionalProperties": false, "properties": { - "BinOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.HistogramBinOptions", - "markdownDescription": "The options that determine the presentation of histogram bins.", - "title": "BinOptions" - }, "DataLabels": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", - "markdownDescription": "The data label configuration of a histogram.", + "markdownDescription": "The options that determine if visual data labels are displayed.", "title": "DataLabels" }, "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.HistogramFieldWells", - "markdownDescription": "The field well configuration of a histogram.", + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScatterPlotFieldWells", + "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScatterPlotSortConfiguration", + "markdownDescription": "The sort configuration of a scatter plot.", + "title": "SortConfiguration" + }, "Tooltip": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", - "markdownDescription": "The tooltip configuration of a histogram.", + "markdownDescription": "The legend display setup of the visual.", "title": "Tooltip" }, "VisualPalette": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", - "markdownDescription": "The visual palette configuration of a histogram.", + "markdownDescription": "The palette (chart color) display setup of the visual.", "title": "VisualPalette" }, "XAxisDisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the x-axis.", + "markdownDescription": "The label display options (grid line, range, scale, and axis step) of the scatter plot's x-axis.", "title": "XAxisDisplayOptions" }, "XAxisLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the x-axis label.", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's x-axis.", "title": "XAxisLabelOptions" }, "YAxisDisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the y-axis.", + "markdownDescription": "The label display options (grid line, range, scale, and axis step) of the scatter plot's y-axis.", "title": "YAxisDisplayOptions" + }, + "YAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's y-axis.", + "title": "YAxisLabelOptions" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.HistogramFieldWells": { + "AWS::QuickSight::Dashboard.ScatterPlotFieldWells": { "additionalProperties": false, "properties": { - "HistogramAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.HistogramAggregatedFieldWells", - "markdownDescription": "The field well configuration of a histogram.", - "title": "HistogramAggregatedFieldWells" + "ScatterPlotCategoricallyAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScatterPlotCategoricallyAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a scatter plot. The x and y-axes of scatter plots with aggregated field wells are aggregated by category, label, or both.", + "title": "ScatterPlotCategoricallyAggregatedFieldWells" + }, + "ScatterPlotUnaggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScatterPlotUnaggregatedFieldWells", + "markdownDescription": "The unaggregated field wells of a scatter plot. The x and y-axes of these scatter plots are unaggregated.", + "title": "ScatterPlotUnaggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.HistogramVisual": { + "AWS::QuickSight::Dashboard.ScatterPlotSortConfiguration": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.HistogramConfiguration", - "markdownDescription": "The configuration for a `HistogramVisual` .", - "title": "ChartConfiguration" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" - }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", - "type": "string" + "ScatterPlotLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "", + "title": "ScatterPlotLimitConfiguration" } }, - "required": [ - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.InsightConfiguration": { + "AWS::QuickSight::Dashboard.ScatterPlotUnaggregatedFieldWells": { "additionalProperties": false, "properties": { - "Computations": { + "Category": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.Computation" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, - "markdownDescription": "The computations configurations of the insight visual", - "title": "Computations", + "markdownDescription": "The category field well of a scatter plot.", + "title": "Category", "type": "array" }, - "CustomNarrative": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomNarrativeOptions", - "markdownDescription": "The custom narrative of the insight visual.", - "title": "CustomNarrative" + "Label": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The label field well of a scatter plot.", + "title": "Label", + "type": "array" + }, + "Size": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The size field well of a scatter plot.", + "title": "Size", + "type": "array" + }, + "XAxis": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The x-axis field well of a scatter plot.\n\nThe x-axis is a dimension field and cannot be aggregated.", + "title": "XAxis", + "type": "array" + }, + "YAxis": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The y-axis field well of a scatter plot.\n\nThe y-axis is a dimension field and cannot be aggregated.", + "title": "YAxis", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.InsightVisual": { + "AWS::QuickSight::Dashboard.ScatterPlotVisual": { "additionalProperties": false, "properties": { "Actions": { @@ -201413,15 +245286,18 @@ "title": "Actions", "type": "array" }, - "DataSetIdentifier": { - "markdownDescription": "The dataset that is used in the insight visual.", - "title": "DataSetIdentifier", - "type": "string" + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScatterPlotConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" }, - "InsightConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.InsightConfiguration", - "markdownDescription": "The configuration of an insight visual.", - "title": "InsightConfiguration" + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", @@ -201433,6 +245309,11 @@ "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", @@ -201440,2026 +245321,1969 @@ } }, "required": [ - "DataSetIdentifier", "VisualId" ], "type": "object" }, - "AWS::QuickSight::Dashboard.IntegerDefaultValues": { + "AWS::QuickSight::Dashboard.ScrollBarOptions": { "additionalProperties": false, "properties": { - "DynamicValue": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DynamicDefaultValue", - "markdownDescription": "The dynamic value of the `IntegerDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", - "title": "DynamicValue" + "Visibility": { + "markdownDescription": "The visibility of the data zoom scroll bar.", + "title": "Visibility", + "type": "string" }, - "StaticValues": { - "items": { - "type": "number" - }, - "markdownDescription": "The static values of the `IntegerDefaultValues` .", - "title": "StaticValues", - "type": "array" + "VisibleRange": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisibleRangeOptions", + "markdownDescription": "The visibility range for the data zoom scroll bar.", + "title": "VisibleRange" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.IntegerParameter": { + "AWS::QuickSight::Dashboard.SecondaryValueOptions": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the integer parameter.", - "title": "Name", + "Visibility": { + "markdownDescription": "Determines the visibility of the secondary value.", + "title": "Visibility", "type": "string" - }, - "Values": { - "items": { - "type": "number" - }, - "markdownDescription": "The values for the integer parameter.", - "title": "Values", - "type": "array" } }, - "required": [ - "Name", - "Values" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.IntegerParameterDeclaration": { + "AWS::QuickSight::Dashboard.SectionAfterPageBreak": { "additionalProperties": false, "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.IntegerDefaultValues", - "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", - "title": "DefaultValues" - }, - "MappedDataSetParameters": { + "Status": { + "markdownDescription": "The option that enables or disables a page break at the end of a section.", + "title": "Status", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SectionBasedLayoutCanvasSizeOptions": { + "additionalProperties": false, + "properties": { + "PaperCanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionBasedLayoutPaperCanvasSizeOptions", + "markdownDescription": "The options for a paper canvas of a section-based layout.", + "title": "PaperCanvasSizeOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SectionBasedLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "BodySections": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MappedDataSetParameter" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BodySectionConfiguration" }, - "markdownDescription": "", - "title": "MappedDataSetParameters", + "markdownDescription": "A list of body section configurations.", + "title": "BodySections", "type": "array" }, - "Name": { - "markdownDescription": "The name of the parameter that is being declared.", - "title": "Name", - "type": "string" + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionBasedLayoutCanvasSizeOptions", + "markdownDescription": "The options for the canvas of a section-based layout.", + "title": "CanvasSizeOptions" }, - "ParameterValueType": { - "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", - "title": "ParameterValueType", - "type": "string" + "FooterSections": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeaderFooterSectionConfiguration" + }, + "markdownDescription": "A list of footer section configurations.", + "title": "FooterSections", + "type": "array" }, - "ValueWhenUnset": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.IntegerValueWhenUnsetConfiguration", - "markdownDescription": "A parameter declaration for the `Integer` data type.", - "title": "ValueWhenUnset" + "HeaderSections": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeaderFooterSectionConfiguration" + }, + "markdownDescription": "A list of header section configurations.", + "title": "HeaderSections", + "type": "array" } }, "required": [ - "Name", - "ParameterValueType" + "BodySections", + "CanvasSizeOptions", + "FooterSections", + "HeaderSections" ], "type": "object" }, - "AWS::QuickSight::Dashboard.IntegerValueWhenUnsetConfiguration": { + "AWS::QuickSight::Dashboard.SectionBasedLayoutPaperCanvasSizeOptions": { "additionalProperties": false, "properties": { - "CustomValue": { - "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", - "title": "CustomValue", - "type": "number" + "PaperMargin": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.Spacing", + "markdownDescription": "Defines the spacing between the canvas content and the top, bottom, left, and right edges.", + "title": "PaperMargin" }, - "ValueWhenUnsetOption": { - "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", - "title": "ValueWhenUnsetOption", + "PaperOrientation": { + "markdownDescription": "The paper orientation that is used to define canvas dimensions. Choose one of the following options:\n\n- PORTRAIT\n- LANDSCAPE", + "title": "PaperOrientation", + "type": "string" + }, + "PaperSize": { + "markdownDescription": "The paper size that is used to define canvas dimensions.", + "title": "PaperSize", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ItemsLimitConfiguration": { + "AWS::QuickSight::Dashboard.SectionLayoutConfiguration": { "additionalProperties": false, "properties": { - "ItemsLimit": { - "markdownDescription": "The limit on how many items of a field are showed in the chart. For example, the number of slices that are displayed in a pie chart.", - "title": "ItemsLimit", - "type": "number" - }, - "OtherCategories": { - "markdownDescription": "The `Show other` of an axis in the chart. Choose one of the following options:\n\n- `INCLUDE`\n- `EXCLUDE`", - "title": "OtherCategories", - "type": "string" + "FreeFormLayout": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormSectionLayoutConfiguration", + "markdownDescription": "The free-form layout configuration of a section.", + "title": "FreeFormLayout" } }, + "required": [ + "FreeFormLayout" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.KPIActualValueConditionalFormatting": { + "AWS::QuickSight::Dashboard.SectionPageBreakConfiguration": { "additionalProperties": false, "properties": { - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting of the actual value's icon.", - "title": "Icon" - }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the actual value's text color.", - "title": "TextColor" + "After": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionAfterPageBreak", + "markdownDescription": "The configuration of a page break after a section.", + "title": "After" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.KPIComparisonValueConditionalFormatting": { + "AWS::QuickSight::Dashboard.SectionStyle": { "additionalProperties": false, "properties": { - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting of the comparison value's icon.", - "title": "Icon" + "Height": { + "markdownDescription": "The height of a section.\n\nHeights can only be defined for header and footer sections. The default height margin is 0.5 inches.", + "title": "Height", + "type": "string" }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the comparison value's text color.", - "title": "TextColor" + "Padding": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.Spacing", + "markdownDescription": "The spacing between section content and its top, bottom, left, and right edges.\n\nThere is no padding by default.", + "title": "Padding" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.KPIConditionalFormatting": { + "AWS::QuickSight::Dashboard.SelectedSheetsFilterScopeConfiguration": { "additionalProperties": false, "properties": { - "ConditionalFormattingOptions": { + "SheetVisualScopingConfigurations": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIConditionalFormattingOption" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetVisualScopingConfiguration" }, - "markdownDescription": "The conditional formatting options of a KPI visual.", - "title": "ConditionalFormattingOptions", + "markdownDescription": "The sheet ID and visual IDs of the sheet and visuals that the filter is applied to.", + "title": "SheetVisualScopingConfigurations", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.KPIConditionalFormattingOption": { + "AWS::QuickSight::Dashboard.SeriesItem": { "additionalProperties": false, "properties": { - "ActualValue": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIActualValueConditionalFormatting", - "markdownDescription": "The conditional formatting for the actual value of a KPI visual.", - "title": "ActualValue" - }, - "ComparisonValue": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIComparisonValueConditionalFormatting", - "markdownDescription": "The conditional formatting for the comparison value of a KPI visual.", - "title": "ComparisonValue" - }, - "PrimaryValue": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIPrimaryValueConditionalFormatting", - "markdownDescription": "The conditional formatting for the primary value of a KPI visual.", - "title": "PrimaryValue" + "DataFieldSeriesItem": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataFieldSeriesItem", + "markdownDescription": "The data field series item configuration of a line chart.", + "title": "DataFieldSeriesItem" }, - "ProgressBar": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIProgressBarConditionalFormatting", - "markdownDescription": "The conditional formatting for the progress bar of a KPI visual.", - "title": "ProgressBar" + "FieldSeriesItem": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSeriesItem", + "markdownDescription": "The field series item configuration of a line chart.", + "title": "FieldSeriesItem" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.KPIConfiguration": { + "AWS::QuickSight::Dashboard.SetParameterValueConfiguration": { "additionalProperties": false, "properties": { - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIFieldWells", - "markdownDescription": "The field well configuration of a KPI visual.", - "title": "FieldWells" - }, - "KPIOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIOptions", - "markdownDescription": "The options that determine the presentation of a KPI visual.", - "title": "KPIOptions" + "DestinationParameterName": { + "markdownDescription": "The destination parameter name of the `SetParameterValueConfiguration` .", + "title": "DestinationParameterName", + "type": "string" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPISortConfiguration", - "markdownDescription": "The sort configuration of a KPI visual.", - "title": "SortConfiguration" + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DestinationParameterValueConfiguration", + "markdownDescription": "", + "title": "Value" } }, + "required": [ + "DestinationParameterName", + "Value" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.KPIFieldWells": { + "AWS::QuickSight::Dashboard.ShapeConditionalFormat": { "additionalProperties": false, "properties": { - "TargetValues": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The target value field wells of a KPI visual.", - "title": "TargetValues", - "type": "array" - }, - "TrendGroups": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The trend group field wells of a KPI visual.", - "title": "TrendGroups", - "type": "array" - }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The value field wells of a KPI visual.", - "title": "Values", - "type": "array" + "BackgroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting for the shape background color of a filled map visual.", + "title": "BackgroundColor" } }, + "required": [ + "BackgroundColor" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.KPIOptions": { + "AWS::QuickSight::Dashboard.Sheet": { "additionalProperties": false, "properties": { - "Comparison": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComparisonConfiguration", - "markdownDescription": "The comparison configuration of a KPI visual.", - "title": "Comparison" - }, - "PrimaryValueDisplayType": { - "markdownDescription": "The options that determine the primary value display type.", - "title": "PrimaryValueDisplayType", + "Name": { + "markdownDescription": "The name of a sheet. This name is displayed on the sheet's tab in the Amazon QuickSight console.", + "title": "Name", "type": "string" }, - "PrimaryValueFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", - "markdownDescription": "The options that determine the primary value font configuration.", - "title": "PrimaryValueFontConfiguration" - }, - "ProgressBar": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ProgressBarOptions", - "markdownDescription": "The options that determine the presentation of the progress bar of a KPI visual.", - "title": "ProgressBar" - }, - "SecondaryValue": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SecondaryValueOptions", - "markdownDescription": "The options that determine the presentation of the secondary value of a KPI visual.", - "title": "SecondaryValue" - }, - "SecondaryValueFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", - "markdownDescription": "The options that determine the secondary value font configuration.", - "title": "SecondaryValueFontConfiguration" - }, - "Sparkline": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPISparklineOptions", - "markdownDescription": "The options that determine the visibility, color, type, and tooltip visibility of the sparkline of a KPI visual.", - "title": "Sparkline" - }, - "TrendArrows": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TrendArrowOptions", - "markdownDescription": "The options that determine the presentation of trend arrows in a KPI visual.", - "title": "TrendArrows" - }, - "VisualLayoutOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIVisualLayoutOptions", - "markdownDescription": "The options that determine the layout a KPI visual.", - "title": "VisualLayoutOptions" + "SheetId": { + "markdownDescription": "The unique identifier associated with a sheet.", + "title": "SheetId", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.KPIPrimaryValueConditionalFormatting": { + "AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions": { "additionalProperties": false, "properties": { - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting of the primary value's icon.", - "title": "Icon" + "InfoIconText": { + "markdownDescription": "The text content of info icon.", + "title": "InfoIconText", + "type": "string" }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the primary value's text color.", - "title": "TextColor" + "Visibility": { + "markdownDescription": "The visibility configuration of info icon label options.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SheetControlLayout": { + "additionalProperties": false, + "properties": { + "Configuration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlLayoutConfiguration", + "markdownDescription": "The configuration that determines the elements and canvas size options of sheet control.", + "title": "Configuration" } }, + "required": [ + "Configuration" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.KPIProgressBarConditionalFormatting": { + "AWS::QuickSight::Dashboard.SheetControlLayoutConfiguration": { "additionalProperties": false, "properties": { - "ForegroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the progress bar's foreground color.", - "title": "ForegroundColor" + "GridLayout": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GridLayoutConfiguration", + "markdownDescription": "The configuration that determines the elements and canvas size options of sheet control.", + "title": "GridLayout" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.KPISortConfiguration": { + "AWS::QuickSight::Dashboard.SheetControlsOption": { "additionalProperties": false, "properties": { - "TrendGroupSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the trend group fields.", - "title": "TrendGroupSort", - "type": "array" + "VisibilityState": { + "markdownDescription": "Visibility state.", + "title": "VisibilityState", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.KPISparklineOptions": { + "AWS::QuickSight::Dashboard.SheetDefinition": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The color of the sparkline.", - "title": "Color", + "ContentType": { + "markdownDescription": "The layout content type of the sheet. Choose one of the following options:\n\n- `PAGINATED` : Creates a sheet for a paginated report.\n- `INTERACTIVE` : Creates a sheet for an interactive dashboard.", + "title": "ContentType", "type": "string" }, - "TooltipVisibility": { - "markdownDescription": "The tooltip visibility of the sparkline.", - "title": "TooltipVisibility", + "Description": { + "markdownDescription": "A description of the sheet.", + "title": "Description", "type": "string" }, - "Type": { - "markdownDescription": "The type of the sparkline.", - "title": "Type", + "FilterControls": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterControl" + }, + "markdownDescription": "The list of filter controls that are on a sheet.\n\nFor more information, see [Adding filter controls to analysis sheets](https://docs.aws.amazon.com/quicksight/latest/user/filter-controls.html) in the *Amazon QuickSight User Guide* .", + "title": "FilterControls", + "type": "array" + }, + "Images": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetImage" + }, + "markdownDescription": "A list of images on a sheet.", + "title": "Images", + "type": "array" + }, + "Layouts": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.Layout" + }, + "markdownDescription": "Layouts define how the components of a sheet are arranged.\n\nFor more information, see [Types of layout](https://docs.aws.amazon.com/quicksight/latest/user/types-of-layout.html) in the *Amazon QuickSight User Guide* .", + "title": "Layouts", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the sheet. This name is displayed on the sheet's tab in the Amazon QuickSight console.", + "title": "Name", + "type": "string" + }, + "ParameterControls": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterControl" + }, + "markdownDescription": "The list of parameter controls that are on a sheet.\n\nFor more information, see [Using a Control with a Parameter in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-controls.html) in the *Amazon QuickSight User Guide* .", + "title": "ParameterControls", + "type": "array" + }, + "SheetControlLayouts": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlLayout" + }, + "markdownDescription": "The control layouts of the sheet.", + "title": "SheetControlLayouts", + "type": "array" + }, + "SheetId": { + "markdownDescription": "The unique identifier of a sheet.", + "title": "SheetId", + "type": "string" + }, + "TextBoxes": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetTextBox" + }, + "markdownDescription": "The text boxes that are on a sheet.", + "title": "TextBoxes", + "type": "array" + }, + "Title": { + "markdownDescription": "The title of the sheet.", + "title": "Title", "type": "string" }, + "Visuals": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.Visual" + }, + "markdownDescription": "A list of the visuals that are on a sheet. Visual placement is determined by the layout of the sheet.", + "title": "Visuals", + "type": "array" + } + }, + "required": [ + "SheetId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.SheetElementConfigurationOverrides": { + "additionalProperties": false, + "properties": { "Visibility": { - "markdownDescription": "The visibility of the sparkline.", + "markdownDescription": "Determines whether or not the overrides are visible. Choose one of the following options:\n\n- `VISIBLE`\n- `HIDDEN`", "title": "Visibility", "type": "string" } }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SheetElementRenderingRule": { + "additionalProperties": false, + "properties": { + "ConfigurationOverrides": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetElementConfigurationOverrides", + "markdownDescription": "The override configuration of the rendering rules of a sheet.", + "title": "ConfigurationOverrides" + }, + "Expression": { + "markdownDescription": "The expression of the rendering rules of a sheet.", + "title": "Expression", + "type": "string" + } + }, "required": [ - "Type" + "ConfigurationOverrides", + "Expression" ], "type": "object" }, - "AWS::QuickSight::Dashboard.KPIVisual": { + "AWS::QuickSight::Dashboard.SheetImage": { "additionalProperties": false, "properties": { "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ImageCustomAction" }, - "markdownDescription": "The list of custom actions that are configured for a visual.", + "markdownDescription": "A list of custom actions that are configured for an image.", "title": "Actions", "type": "array" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIConfiguration", - "markdownDescription": "The configuration of a KPI visual.", - "title": "ChartConfiguration" + "ImageContentAltText": { + "markdownDescription": "The alt text for the image.", + "title": "ImageContentAltText", + "type": "string" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ImageInteractionOptions", + "markdownDescription": "The general image interactions setup for an image.", + "title": "Interactions" }, - "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIConditionalFormatting", - "markdownDescription": "The conditional formatting of a KPI visual.", - "title": "ConditionalFormatting" + "Scaling": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetImageScalingConfiguration", + "markdownDescription": "Determines how the image is scaled.", + "title": "Scaling" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "SheetImageId": { + "markdownDescription": "The ID of the sheet image.", + "title": "SheetImageId", + "type": "string" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Source": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetImageSource", + "markdownDescription": "The source of the image.", + "title": "Source" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", - "type": "string" + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetImageTooltipConfiguration", + "markdownDescription": "The tooltip to be shown when hovering over the image.", + "title": "Tooltip" } }, "required": [ - "VisualId" + "SheetImageId", + "Source" ], "type": "object" }, - "AWS::QuickSight::Dashboard.KPIVisualLayoutOptions": { + "AWS::QuickSight::Dashboard.SheetImageScalingConfiguration": { "additionalProperties": false, "properties": { - "StandardLayout": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIVisualStandardLayout", - "markdownDescription": "The standard layout of the KPI visual.", - "title": "StandardLayout" + "ScalingType": { + "markdownDescription": "The scaling option to use when fitting the image inside the container.\n\nValid values are defined as follows:\n\n- `SCALE_TO_WIDTH` : The image takes up the entire width of the container. The image aspect ratio is preserved.\n- `SCALE_TO_HEIGHT` : The image takes up the entire height of the container. The image aspect ratio is preserved.\n- `SCALE_TO_CONTAINER` : The image takes up the entire width and height of the container. The image aspect ratio is not preserved.\n- `SCALE_NONE` : The image is displayed in its original size and is not scaled to the container.", + "title": "ScalingType", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.KPIVisualStandardLayout": { + "AWS::QuickSight::Dashboard.SheetImageSource": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The standard layout type.", - "title": "Type", + "SheetImageStaticFileSource": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetImageStaticFileSource", + "markdownDescription": "The source of the static file that contains the image.", + "title": "SheetImageStaticFileSource" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SheetImageStaticFileSource": { + "additionalProperties": false, + "properties": { + "StaticFileId": { + "markdownDescription": "The ID of the static file that contains the image.", + "title": "StaticFileId", "type": "string" } }, "required": [ - "Type" + "StaticFileId" ], "type": "object" }, - "AWS::QuickSight::Dashboard.LabelOptions": { + "AWS::QuickSight::Dashboard.SheetImageTooltipConfiguration": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The text for the label.", - "title": "CustomLabel", - "type": "string" - }, - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", - "markdownDescription": "The font configuration of the label.", - "title": "FontConfiguration" + "TooltipText": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetImageTooltipText", + "markdownDescription": "The text that appears in the tooltip.", + "title": "TooltipText" }, "Visibility": { - "markdownDescription": "Determines whether or not the label is visible.", + "markdownDescription": "The visibility of the tooltip.", "title": "Visibility", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.Layout": { + "AWS::QuickSight::Dashboard.SheetImageTooltipText": { "additionalProperties": false, "properties": { - "Configuration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LayoutConfiguration", - "markdownDescription": "The configuration that determines what the type of layout for a sheet.", - "title": "Configuration" + "PlainText": { + "markdownDescription": "The plain text format.", + "title": "PlainText", + "type": "string" } }, - "required": [ - "Configuration" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.LayoutConfiguration": { + "AWS::QuickSight::Dashboard.SheetLayoutElementMaximizationOption": { "additionalProperties": false, "properties": { - "FreeFormLayout": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutConfiguration", - "markdownDescription": "A free-form is optimized for a fixed width and has more control over the exact placement of layout elements.", - "title": "FreeFormLayout" - }, - "GridLayout": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GridLayoutConfiguration", - "markdownDescription": "A type of layout that can be used on a sheet. In a grid layout, visuals snap to a grid with standard spacing and alignment. Dashboards are displayed as designed, with options to fit to screen or view at actual size. A grid layout can be configured to behave in one of two ways when the viewport is resized: `FIXED` or `RESPONSIVE` .", - "title": "GridLayout" - }, - "SectionBasedLayout": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionBasedLayoutConfiguration", - "markdownDescription": "A section based layout organizes visuals into multiple sections and has customized header, footer and page break.", - "title": "SectionBasedLayout" + "AvailabilityStatus": { + "markdownDescription": "The status of the sheet layout maximization options of a dashbaord.", + "title": "AvailabilityStatus", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.LegendOptions": { + "AWS::QuickSight::Dashboard.SheetTextBox": { "additionalProperties": false, "properties": { - "Height": { - "markdownDescription": "The height of the legend. If this value is omitted, a default height is used when rendering.", - "title": "Height", - "type": "string" - }, - "Position": { - "markdownDescription": "The positions for the legend. Choose one of the following options:\n\n- `AUTO`\n- `RIGHT`\n- `BOTTOM`\n- `LEFT`", - "title": "Position", - "type": "string" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", - "markdownDescription": "The custom title for the legend.", - "title": "Title" - }, - "Visibility": { - "markdownDescription": "Determines whether or not the legend is visible.", - "title": "Visibility", + "Content": { + "markdownDescription": "The content that is displayed in the text box.", + "title": "Content", "type": "string" }, - "Width": { - "markdownDescription": "The width of the legend. If this value is omitted, a default width is used when rendering.", - "title": "Width", + "SheetTextBoxId": { + "markdownDescription": "The unique identifier for a text box. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have text boxes that share identifiers.", + "title": "SheetTextBoxId", "type": "string" } }, + "required": [ + "SheetTextBoxId" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.LineChartAggregatedFieldWells": { + "AWS::QuickSight::Dashboard.SheetVisualScopingConfiguration": { "additionalProperties": false, "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The category field wells of a line chart. Values are grouped by category fields.", - "title": "Category", - "type": "array" - }, - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The color field wells of a line chart. Values are grouped by category fields.", - "title": "Colors", - "type": "array" + "Scope": { + "markdownDescription": "The scope of the applied entities. Choose one of the following options:\n\n- `ALL_VISUALS`\n- `SELECTED_VISUALS`", + "title": "Scope", + "type": "string" }, - "SmallMultiples": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The small multiples field well of a line chart.", - "title": "SmallMultiples", - "type": "array" + "SheetId": { + "markdownDescription": "The selected sheet that the filter is applied to.", + "title": "SheetId", + "type": "string" }, - "Values": { + "VisualIds": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + "type": "string" }, - "markdownDescription": "The value field wells of a line chart. Values are aggregated based on categories.", - "title": "Values", + "markdownDescription": "The selected visuals that the filter is applied to.", + "title": "VisualIds", "type": "array" } }, + "required": [ + "Scope", + "SheetId" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.LineChartConfiguration": { + "AWS::QuickSight::Dashboard.ShortFormatText": { "additionalProperties": false, "properties": { - "ContributionAnalysisDefaults": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ContributionAnalysisDefault" - }, - "markdownDescription": "The default configuration of a line chart's contribution analysis.", - "title": "ContributionAnalysisDefaults", - "type": "array" - }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", - "markdownDescription": "The data label configuration of a line chart.", - "title": "DataLabels" - }, - "DefaultSeriesSettings": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartDefaultSeriesSettings", - "markdownDescription": "The options that determine the default presentation of all line series in `LineChartVisual` .", - "title": "DefaultSeriesSettings" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartFieldWells", - "markdownDescription": "The field well configuration of a line chart.", - "title": "FieldWells" - }, - "ForecastConfigurations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ForecastConfiguration" - }, - "markdownDescription": "The forecast configuration of a line chart.", - "title": "ForecastConfigurations", - "type": "array" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", - "markdownDescription": "The legend configuration of a line chart.", - "title": "Legend" - }, - "PrimaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineSeriesAxisDisplayOptions", - "markdownDescription": "The series axis configuration of a line chart.", - "title": "PrimaryYAxisDisplayOptions" - }, - "PrimaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the y-axis label.", - "title": "PrimaryYAxisLabelOptions" - }, - "ReferenceLines": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLine" - }, - "markdownDescription": "The reference lines configuration of a line chart.", - "title": "ReferenceLines", - "type": "array" - }, - "SecondaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineSeriesAxisDisplayOptions", - "markdownDescription": "The series axis configuration of a line chart.", - "title": "SecondaryYAxisDisplayOptions" - }, - "SecondaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the secondary y-axis label.", - "title": "SecondaryYAxisLabelOptions" - }, - "Series": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SeriesItem" - }, - "markdownDescription": "The series item configuration of a line chart.", - "title": "Series", - "type": "array" - }, - "SmallMultiplesOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SmallMultiplesOptions", - "markdownDescription": "The small multiples setup for the visual.", - "title": "SmallMultiplesOptions" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartSortConfiguration", - "markdownDescription": "The sort configuration of a line chart.", - "title": "SortConfiguration" - }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", - "markdownDescription": "The tooltip configuration of a line chart.", - "title": "Tooltip" - }, - "Type": { - "markdownDescription": "Determines the type of the line chart.", - "title": "Type", + "PlainText": { + "markdownDescription": "Plain text format.", + "title": "PlainText", "type": "string" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", - "markdownDescription": "The visual palette configuration of a line chart.", - "title": "VisualPalette" - }, - "XAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the x-axis.", - "title": "XAxisDisplayOptions" - }, - "XAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the x-axis label.", - "title": "XAxisLabelOptions" + "RichText": { + "markdownDescription": "Rich text. Examples of rich text include bold, underline, and italics.", + "title": "RichText", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.LineChartDefaultSeriesSettings": { + "AWS::QuickSight::Dashboard.SimpleClusterMarker": { "additionalProperties": false, "properties": { - "AxisBinding": { - "markdownDescription": "The axis to which you are binding all line series to.", - "title": "AxisBinding", + "Color": { + "markdownDescription": "The color of the simple cluster marker.", + "title": "Color", "type": "string" - }, - "LineStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartLineStyleSettings", - "markdownDescription": "Line styles options for all line series in the visual.", - "title": "LineStyleSettings" - }, - "MarkerStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartMarkerStyleSettings", - "markdownDescription": "Marker styles options for all line series in the visual.", - "title": "MarkerStyleSettings" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.LineChartFieldWells": { + "AWS::QuickSight::Dashboard.SingleAxisOptions": { "additionalProperties": false, "properties": { - "LineChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartAggregatedFieldWells", - "markdownDescription": "The field well configuration of a line chart.", - "title": "LineChartAggregatedFieldWells" + "YAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.YAxisOptions", + "markdownDescription": "The Y axis options of a single axis configuration.", + "title": "YAxisOptions" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.LineChartLineStyleSettings": { + "AWS::QuickSight::Dashboard.SliderControlDisplayOptions": { "additionalProperties": false, "properties": { - "LineInterpolation": { - "markdownDescription": "Interpolation style for line series.\n\n- `LINEAR` : Show as default, linear style.\n- `SMOOTH` : Show as a smooth curve.\n- `STEPPED` : Show steps in line.", - "title": "LineInterpolation", - "type": "string" + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" }, - "LineStyle": { - "markdownDescription": "Line style for line series.\n\n- `SOLID` : Show as a solid line.\n- `DOTTED` : Show as a dotted line.\n- `DASHED` : Show as a dashed line.", - "title": "LineStyle", + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SmallMultiplesAxisProperties": { + "additionalProperties": false, + "properties": { + "Placement": { + "markdownDescription": "Defines the placement of the axis. By default, axes are rendered `OUTSIDE` of the panels. Axes with `INDEPENDENT` scale are rendered `INSIDE` the panels.", + "title": "Placement", "type": "string" }, - "LineVisibility": { - "markdownDescription": "Configuration option that determines whether to show the line for the series.", - "title": "LineVisibility", + "Scale": { + "markdownDescription": "Determines whether scale of the axes are shared or independent. The default value is `SHARED` .", + "title": "Scale", "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SmallMultiplesOptions": { + "additionalProperties": false, + "properties": { + "MaxVisibleColumns": { + "markdownDescription": "Sets the maximum number of visible columns to display in the grid of small multiples panels.\n\nThe default is `Auto` , which automatically adjusts the columns in the grid to fit the overall layout and size of the given chart.", + "title": "MaxVisibleColumns", + "type": "number" }, - "LineWidth": { - "markdownDescription": "Width that determines the line thickness.", - "title": "LineWidth", - "type": "string" + "MaxVisibleRows": { + "markdownDescription": "Sets the maximum number of visible rows to display in the grid of small multiples panels.\n\nThe default value is `Auto` , which automatically adjusts the rows in the grid to fit the overall layout and size of the given chart.", + "title": "MaxVisibleRows", + "type": "number" + }, + "PanelConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PanelConfiguration", + "markdownDescription": "Configures the display options for each small multiples panel.", + "title": "PanelConfiguration" + }, + "XAxis": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SmallMultiplesAxisProperties", + "markdownDescription": "The properties of a small multiples X axis.", + "title": "XAxis" + }, + "YAxis": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SmallMultiplesAxisProperties", + "markdownDescription": "The properties of a small multiples Y axis.", + "title": "YAxis" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.LineChartMarkerStyleSettings": { + "AWS::QuickSight::Dashboard.Spacing": { "additionalProperties": false, "properties": { - "MarkerColor": { - "markdownDescription": "Color of marker in the series.", - "title": "MarkerColor", + "Bottom": { + "markdownDescription": "Define the bottom spacing.", + "title": "Bottom", "type": "string" }, - "MarkerShape": { - "markdownDescription": "Shape option for markers in the series.\n\n- `CIRCLE` : Show marker as a circle.\n- `TRIANGLE` : Show marker as a triangle.\n- `SQUARE` : Show marker as a square.\n- `DIAMOND` : Show marker as a diamond.\n- `ROUNDED_SQUARE` : Show marker as a rounded square.", - "title": "MarkerShape", + "Left": { + "markdownDescription": "Define the left spacing.", + "title": "Left", "type": "string" }, - "MarkerSize": { - "markdownDescription": "Size of marker in the series.", - "title": "MarkerSize", + "Right": { + "markdownDescription": "Define the right spacing.", + "title": "Right", "type": "string" }, - "MarkerVisibility": { - "markdownDescription": "Configuration option that determines whether to show the markers in the series.", - "title": "MarkerVisibility", + "Top": { + "markdownDescription": "Define the top spacing.", + "title": "Top", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.LineChartSeriesSettings": { + "AWS::QuickSight::Dashboard.SpatialStaticFile": { "additionalProperties": false, "properties": { - "LineStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartLineStyleSettings", - "markdownDescription": "Line styles options for a line series in `LineChartVisual` .", - "title": "LineStyleSettings" + "Source": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.StaticFileSource", + "markdownDescription": "The source of the spatial static file.", + "title": "Source" }, - "MarkerStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartMarkerStyleSettings", - "markdownDescription": "Marker styles options for a line series in `LineChartVisual` .", - "title": "MarkerStyleSettings" + "StaticFileId": { + "markdownDescription": "The ID of the spatial static file.", + "title": "StaticFileId", + "type": "string" } }, + "required": [ + "StaticFileId" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.LineChartSortConfiguration": { + "AWS::QuickSight::Dashboard.StaticFile": { "additionalProperties": false, "properties": { - "CategoryItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of categories that are displayed in a line chart.", - "title": "CategoryItemsLimitConfiguration" - }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the category fields.", - "title": "CategorySort", - "type": "array" - }, - "ColorItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of lines that are displayed in a line chart.", - "title": "ColorItemsLimitConfiguration" - }, - "SmallMultiplesLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of small multiples panels that are displayed.", - "title": "SmallMultiplesLimitConfiguration" + "ImageStaticFile": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ImageStaticFile", + "markdownDescription": "The image static file.", + "title": "ImageStaticFile" }, - "SmallMultiplesSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the small multiples field.", - "title": "SmallMultiplesSort", - "type": "array" + "SpatialStaticFile": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SpatialStaticFile", + "markdownDescription": "The spacial static file.", + "title": "SpatialStaticFile" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.LineChartVisual": { + "AWS::QuickSight::Dashboard.StaticFileS3SourceOptions": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartConfiguration", - "markdownDescription": "The configuration of a line chart.", - "title": "ChartConfiguration" - }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "BucketName": { + "markdownDescription": "The name of the Amazon S3 bucket.", + "title": "BucketName", + "type": "string" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "ObjectKey": { + "markdownDescription": "The identifier of the static file in the Amazon S3 bucket.", + "title": "ObjectKey", + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "Region": { + "markdownDescription": "The Region of the Amazon S3 account that contains the bucket.", + "title": "Region", "type": "string" } }, "required": [ - "VisualId" + "BucketName", + "ObjectKey", + "Region" ], "type": "object" }, - "AWS::QuickSight::Dashboard.LineSeriesAxisDisplayOptions": { + "AWS::QuickSight::Dashboard.StaticFileSource": { "additionalProperties": false, "properties": { - "AxisOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the line series axis.", - "title": "AxisOptions" + "S3Options": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.StaticFileS3SourceOptions", + "markdownDescription": "The structure that contains the Amazon S3 location to download the static file from.", + "title": "S3Options" }, - "MissingDataConfigurations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MissingDataConfiguration" - }, - "markdownDescription": "The configuration options that determine how missing data is treated during the rendering of a line chart.", - "title": "MissingDataConfigurations", - "type": "array" + "UrlOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.StaticFileUrlSourceOptions", + "markdownDescription": "The structure that contains the URL to download the static file from.", + "title": "UrlOptions" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.LinkSharingConfiguration": { + "AWS::QuickSight::Dashboard.StaticFileUrlSourceOptions": { "additionalProperties": false, "properties": { - "Permissions": { + "Url": { + "markdownDescription": "The URL to download the static file from.", + "title": "Url", + "type": "string" + } + }, + "required": [ + "Url" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.StringDefaultValues": { + "additionalProperties": false, + "properties": { + "DynamicValue": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DynamicDefaultValue", + "markdownDescription": "The dynamic value of the `StringDefaultValues` . Different defaults displayed according to users, groups, and values mapping.", + "title": "DynamicValue" + }, + "StaticValues": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ResourcePermission" + "type": "string" }, - "markdownDescription": "A structure that contains the permissions of a shareable link.", - "title": "Permissions", + "markdownDescription": "The static values of the `DecimalDefaultValues` .", + "title": "StaticValues", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ListControlDisplayOptions": { + "AWS::QuickSight::Dashboard.StringFormatConfiguration": { "additionalProperties": false, "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" - }, - "SearchOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ListControlSearchOptions", - "markdownDescription": "The configuration of the search options in a list control.", - "title": "SearchOptions" - }, - "SelectAllOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ListControlSelectAllOptions", - "markdownDescription": "The configuration of the `Select all` options in a list control.", - "title": "SelectAllOptions" + "NullValueFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NullValueFormatConfiguration", + "markdownDescription": "The options that determine the null value format configuration.", + "title": "NullValueFormatConfiguration" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" + "NumericFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericFormatConfiguration", + "markdownDescription": "The formatting configuration for numeric strings.", + "title": "NumericFormatConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ListControlSearchOptions": { + "AWS::QuickSight::Dashboard.StringParameter": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility configuration of the search options in a list control.", - "title": "Visibility", + "Name": { + "markdownDescription": "A display name for a string parameter.", + "title": "Name", "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The values of a string parameter.", + "title": "Values", + "type": "array" } }, + "required": [ + "Name", + "Values" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.ListControlSelectAllOptions": { + "AWS::QuickSight::Dashboard.StringParameterDeclaration": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility configuration of the `Select all` options in a list control.", - "title": "Visibility", + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringDefaultValues", + "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", + "title": "DefaultValues" + }, + "MappedDataSetParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MappedDataSetParameter" + }, + "markdownDescription": "", + "title": "MappedDataSetParameters", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the parameter that is being declared.", + "title": "Name", + "type": "string" + }, + "ParameterValueType": { + "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", + "title": "ParameterValueType", "type": "string" + }, + "ValueWhenUnset": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringValueWhenUnsetConfiguration", + "markdownDescription": "The configuration that defines the default value of a `String` parameter when a value has not been set.", + "title": "ValueWhenUnset" } }, + "required": [ + "Name", + "ParameterValueType" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.LoadingAnimation": { + "AWS::QuickSight::Dashboard.StringValueWhenUnsetConfiguration": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility configuration of `LoadingAnimation` .", - "title": "Visibility", + "CustomValue": { + "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", + "title": "CustomValue", + "type": "string" + }, + "ValueWhenUnsetOption": { + "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", + "title": "ValueWhenUnsetOption", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.LocalNavigationConfiguration": { + "AWS::QuickSight::Dashboard.SubtotalOptions": { "additionalProperties": false, "properties": { - "TargetSheetId": { - "markdownDescription": "The sheet that is targeted for navigation in the same analysis.", - "title": "TargetSheetId", + "CustomLabel": { + "markdownDescription": "The custom label string for the subtotal cells.", + "title": "CustomLabel", + "type": "string" + }, + "FieldLevel": { + "markdownDescription": "The field level (all, custom, last) for the subtotal cells.", + "title": "FieldLevel", + "type": "string" + }, + "FieldLevelOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableFieldSubtotalOptions" + }, + "markdownDescription": "The optional configuration of subtotal cells.", + "title": "FieldLevelOptions", + "type": "array" + }, + "MetricHeaderCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", + "markdownDescription": "The cell styling options for the subtotals of header cells.", + "title": "MetricHeaderCellStyle" + }, + "StyleTargets": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableStyleTarget" + }, + "markdownDescription": "The style targets options for subtotals.", + "title": "StyleTargets", + "type": "array" + }, + "TotalCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", + "markdownDescription": "The cell styling options for the subtotal cells.", + "title": "TotalCellStyle" + }, + "TotalsVisibility": { + "markdownDescription": "The visibility configuration for the subtotal cells.", + "title": "TotalsVisibility", "type": "string" + }, + "ValueCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", + "markdownDescription": "The cell styling options for the subtotals of value cells.", + "title": "ValueCellStyle" } }, - "required": [ - "TargetSheetId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.LongFormatText": { + "AWS::QuickSight::Dashboard.TableAggregatedFieldWells": { "additionalProperties": false, "properties": { - "PlainText": { - "markdownDescription": "Plain text format.", - "title": "PlainText", + "GroupBy": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The group by field well for a pivot table. Values are grouped by group by fields.", + "title": "GroupBy", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The values field well for a pivot table. Values are aggregated based on group by fields.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableBorderOptions": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The color of a table border.", + "title": "Color", "type": "string" }, - "RichText": { - "markdownDescription": "Rich text. Examples of rich text include bold, underline, and italics.", - "title": "RichText", + "Style": { + "markdownDescription": "The style (none, solid) of a table border.", + "title": "Style", "type": "string" + }, + "Thickness": { + "markdownDescription": "The thickness of a table border.", + "title": "Thickness", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.MappedDataSetParameter": { + "AWS::QuickSight::Dashboard.TableCellConditionalFormatting": { "additionalProperties": false, "properties": { - "DataSetIdentifier": { - "markdownDescription": "A unique name that identifies a dataset within the analysis or dashboard.", - "title": "DataSetIdentifier", + "FieldId": { + "markdownDescription": "The field ID of the cell for conditional formatting.", + "title": "FieldId", "type": "string" }, - "DataSetParameterName": { - "markdownDescription": "The name of the dataset parameter.", - "title": "DataSetParameterName", - "type": "string" + "TextFormat": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextConditionalFormat", + "markdownDescription": "The text format of the cell for conditional formatting.", + "title": "TextFormat" } }, "required": [ - "DataSetIdentifier", - "DataSetParameterName" + "FieldId" ], "type": "object" }, - "AWS::QuickSight::Dashboard.MaximumLabelType": { + "AWS::QuickSight::Dashboard.TableCellImageSizingConfiguration": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility of the maximum label.", - "title": "Visibility", + "TableCellImageScalingConfiguration": { + "markdownDescription": "The cell scaling configuration of the sizing options for the table image configuration.", + "title": "TableCellImageScalingConfiguration", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.MaximumMinimumComputation": { + "AWS::QuickSight::Dashboard.TableCellStyle": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", + "BackgroundColor": { + "markdownDescription": "The background color for the table cells.", + "title": "BackgroundColor", "type": "string" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "Border": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GlobalTableBorderOptions", + "markdownDescription": "The borders for the table cells.", + "title": "Border" + }, + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", + "markdownDescription": "The font configuration of the table cells.", + "title": "FontConfiguration" + }, + "Height": { + "markdownDescription": "The height color for the table cells.", + "title": "Height", + "type": "number" + }, + "HorizontalTextAlignment": { + "markdownDescription": "The horizontal text alignment (left, center, right, auto) for the table cells.", + "title": "HorizontalTextAlignment", "type": "string" }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" + "TextWrap": { + "markdownDescription": "The text wrap (none, wrap) for the table cells.", + "title": "TextWrap", + "type": "string" }, - "Type": { - "markdownDescription": "The type of computation. Choose one of the following options:\n\n- MAXIMUM: A maximum computation.\n- MINIMUM: A minimum computation.", - "title": "Type", + "VerticalTextAlignment": { + "markdownDescription": "The vertical text alignment (top, middle, bottom) for the table cells.", + "title": "VerticalTextAlignment", "type": "string" }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "Visibility": { + "markdownDescription": "The visibility of the table cells.", + "title": "Visibility", + "type": "string" } }, - "required": [ - "ComputationId", - "Type" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.MeasureField": { + "AWS::QuickSight::Dashboard.TableConditionalFormatting": { "additionalProperties": false, "properties": { - "CalculatedMeasureField": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CalculatedMeasureField", - "markdownDescription": "The calculated measure field only used in pivot tables.", - "title": "CalculatedMeasureField" - }, - "CategoricalMeasureField": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CategoricalMeasureField", - "markdownDescription": "The measure type field with categorical type columns.", - "title": "CategoricalMeasureField" - }, - "DateMeasureField": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateMeasureField", - "markdownDescription": "The measure type field with date type columns.", - "title": "DateMeasureField" + "ConditionalFormattingOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableConditionalFormattingOption" + }, + "markdownDescription": "Conditional formatting options for a `PivotTableVisual` .", + "title": "ConditionalFormattingOptions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableConditionalFormattingOption": { + "additionalProperties": false, + "properties": { + "Cell": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellConditionalFormatting", + "markdownDescription": "The cell conditional formatting option for a table.", + "title": "Cell" }, - "NumericalMeasureField": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericalMeasureField", - "markdownDescription": "The measure type field with numerical type columns.", - "title": "NumericalMeasureField" + "Row": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableRowConditionalFormatting", + "markdownDescription": "The row conditional formatting option for a table.", + "title": "Row" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.MetricComparisonComputation": { + "AWS::QuickSight::Dashboard.TableConfiguration": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" + "FieldOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldOptions", + "markdownDescription": "The field options for a table visual.", + "title": "FieldOptions" }, - "FromValue": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", - "markdownDescription": "The field that is used in a metric comparison from value setup.", - "title": "FromValue" + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", - "type": "string" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "PaginatedReportOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TablePaginatedReportOptions", + "markdownDescription": "The paginated report options for a table visual.", + "title": "PaginatedReportOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableSortConfiguration", + "markdownDescription": "The sort configuration for a `TableVisual` .", + "title": "SortConfiguration" + }, + "TableInlineVisualizations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableInlineVisualization" + }, + "markdownDescription": "A collection of inline visualizations to display within a chart.", + "title": "TableInlineVisualizations", + "type": "array" }, - "TargetValue": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", - "markdownDescription": "The field that is used in a metric comparison to value setup.", - "title": "TargetValue" + "TableOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableOptions", + "markdownDescription": "The table options for a table visual.", + "title": "TableOptions" }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" + "TotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TotalOptions", + "markdownDescription": "The total options for a table visual.", + "title": "TotalOptions" } }, - "required": [ - "ComputationId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.MinimumLabelType": { + "AWS::QuickSight::Dashboard.TableFieldCustomIconContent": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility of the minimum label.", - "title": "Visibility", + "Icon": { + "markdownDescription": "The icon set type (link) of the custom icon content for table URL link content.", + "title": "Icon", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.MissingDataConfiguration": { + "AWS::QuickSight::Dashboard.TableFieldCustomTextContent": { "additionalProperties": false, "properties": { - "TreatmentOption": { - "markdownDescription": "The treatment option that determines how missing data should be rendered. Choose from the following options:\n\n- `INTERPOLATE` : Interpolate missing values between the prior and the next known value.\n- `SHOW_AS_ZERO` : Show missing values as the value `0` .\n- `SHOW_AS_BLANK` : Display a blank space when rendering missing data.", - "title": "TreatmentOption", + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", + "markdownDescription": "The font configuration of the custom text content for the table URL link content.", + "title": "FontConfiguration" + }, + "Value": { + "markdownDescription": "The string value of the custom text content for the table URL link content.", + "title": "Value", "type": "string" } }, + "required": [ + "FontConfiguration" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.NegativeValueConfiguration": { + "AWS::QuickSight::Dashboard.TableFieldImageConfiguration": { "additionalProperties": false, "properties": { - "DisplayMode": { - "markdownDescription": "Determines the display mode of the negative value configuration.", - "title": "DisplayMode", - "type": "string" + "SizingOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellImageSizingConfiguration", + "markdownDescription": "The sizing options for the table image configuration.", + "title": "SizingOptions" } }, - "required": [ - "DisplayMode" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.NullValueFormatConfiguration": { + "AWS::QuickSight::Dashboard.TableFieldLinkConfiguration": { "additionalProperties": false, "properties": { - "NullString": { - "markdownDescription": "Determines the null string of null values.", - "title": "NullString", + "Content": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldLinkContentConfiguration", + "markdownDescription": "The URL content (text, icon) for the table link configuration.", + "title": "Content" + }, + "Target": { + "markdownDescription": "The URL target (new tab, new window, same tab) for the table link configuration.", + "title": "Target", "type": "string" } }, "required": [ - "NullString" + "Content", + "Target" ], "type": "object" }, - "AWS::QuickSight::Dashboard.NumberDisplayFormatConfiguration": { + "AWS::QuickSight::Dashboard.TableFieldLinkContentConfiguration": { "additionalProperties": false, "properties": { - "DecimalPlacesConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalPlacesConfiguration", - "markdownDescription": "The option that determines the decimal places configuration.", - "title": "DecimalPlacesConfiguration" - }, - "NegativeValueConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NegativeValueConfiguration", - "markdownDescription": "The options that determine the negative value configuration.", - "title": "NegativeValueConfiguration" - }, - "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NullValueFormatConfiguration", - "markdownDescription": "The options that determine the null value format configuration.", - "title": "NullValueFormatConfiguration" + "CustomIconContent": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldCustomIconContent", + "markdownDescription": "The custom icon content for the table link content configuration.", + "title": "CustomIconContent" }, - "NumberScale": { - "markdownDescription": "Determines the number scale value of the number format.", - "title": "NumberScale", + "CustomTextContent": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldCustomTextContent", + "markdownDescription": "The custom text content (value, font configuration) for the table link content configuration.", + "title": "CustomTextContent" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableFieldOption": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The custom label for a table field.", + "title": "CustomLabel", "type": "string" }, - "Prefix": { - "markdownDescription": "Determines the prefix value of the number format.", - "title": "Prefix", + "FieldId": { + "markdownDescription": "The field ID for a table field.", + "title": "FieldId", "type": "string" }, - "SeparatorConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericSeparatorConfiguration", - "markdownDescription": "The options that determine the numeric separator configuration.", - "title": "SeparatorConfiguration" + "URLStyling": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldURLConfiguration", + "markdownDescription": "The URL configuration for a table field.", + "title": "URLStyling" }, - "Suffix": { - "markdownDescription": "Determines the suffix value of the number format.", - "title": "Suffix", + "Visibility": { + "markdownDescription": "The visibility of a table field.", + "title": "Visibility", + "type": "string" + }, + "Width": { + "markdownDescription": "The width for a table field.", + "title": "Width", "type": "string" } }, + "required": [ + "FieldId" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.NumberFormatConfiguration": { + "AWS::QuickSight::Dashboard.TableFieldOptions": { "additionalProperties": false, "properties": { - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericFormatConfiguration", - "markdownDescription": "The options that determine the numeric format configuration.", - "title": "FormatConfiguration" + "Order": { + "items": { + "type": "string" + }, + "markdownDescription": "The order of the field IDs that are configured as field options for a table visual.", + "title": "Order", + "type": "array" + }, + "PinnedFieldOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TablePinnedFieldOptions", + "markdownDescription": "The settings for the pinned columns of a table visual.", + "title": "PinnedFieldOptions" + }, + "SelectedFieldOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldOption" + }, + "markdownDescription": "The field options to be configured to a table.", + "title": "SelectedFieldOptions", + "type": "array" + }, + "TransposedTableOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TransposedTableOption" + }, + "markdownDescription": "The `TableOptions` of a transposed table.", + "title": "TransposedTableOptions", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.NumericAxisOptions": { + "AWS::QuickSight::Dashboard.TableFieldURLConfiguration": { "additionalProperties": false, "properties": { - "Range": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayRange", - "markdownDescription": "The range setup of a numeric axis.", - "title": "Range" + "ImageConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldImageConfiguration", + "markdownDescription": "The image configuration of a table field URL.", + "title": "ImageConfiguration" }, - "Scale": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisScale", - "markdownDescription": "The scale setup of a numeric axis.", - "title": "Scale" + "LinkConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldLinkConfiguration", + "markdownDescription": "The link configuration of a table field URL.", + "title": "LinkConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.NumericEqualityDrillDownFilter": { + "AWS::QuickSight::Dashboard.TableFieldWells": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" + "TableAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableAggregatedFieldWells", + "markdownDescription": "The aggregated field well for the table.", + "title": "TableAggregatedFieldWells" }, - "Value": { - "markdownDescription": "The value of the double input numeric drill down filter.", - "title": "Value", - "type": "number" + "TableUnaggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableUnaggregatedFieldWells", + "markdownDescription": "The unaggregated field well for the table.", + "title": "TableUnaggregatedFieldWells" } }, - "required": [ - "Column", - "Value" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.NumericEqualityFilter": { + "AWS::QuickSight::Dashboard.TableInlineVisualization": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationFunction", - "markdownDescription": "The aggregation function of the filter.", - "title": "AggregationFunction" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" - }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", - "type": "string" - }, - "MatchOperator": { - "markdownDescription": "The match operator that is used to determine if a filter should be applied.", - "title": "MatchOperator", - "type": "string" - }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", - "type": "string" - }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.", - "title": "ParameterName", - "type": "string" - }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", - "type": "string" - }, - "Value": { - "markdownDescription": "The input value.", - "title": "Value", - "type": "number" + "DataBars": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataBarsOptions", + "markdownDescription": "The configuration of the inline visualization of the data bars within a chart.", + "title": "DataBars" } }, - "required": [ - "Column", - "FilterId", - "MatchOperator", - "NullOption" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.NumericFormatConfiguration": { + "AWS::QuickSight::Dashboard.TableOptions": { "additionalProperties": false, "properties": { - "CurrencyDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CurrencyDisplayFormatConfiguration", - "markdownDescription": "The options that determine the currency display format configuration.", - "title": "CurrencyDisplayFormatConfiguration" + "CellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", + "markdownDescription": "The table cell style of table cells.", + "title": "CellStyle" }, - "NumberDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumberDisplayFormatConfiguration", - "markdownDescription": "The options that determine the number display format configuration.", - "title": "NumberDisplayFormatConfiguration" + "HeaderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", + "markdownDescription": "The table cell style of a table header.", + "title": "HeaderStyle" }, - "PercentageDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PercentageDisplayFormatConfiguration", - "markdownDescription": "The options that determine the percentage display format configuration.", - "title": "PercentageDisplayFormatConfiguration" + "Orientation": { + "markdownDescription": "The orientation (vertical, horizontal) for a table.", + "title": "Orientation", + "type": "string" + }, + "RowAlternateColorOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RowAlternateColorOptions", + "markdownDescription": "The row alternate color options (widget status, row alternate colors) for a table.", + "title": "RowAlternateColorOptions" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.NumericRangeFilter": { + "AWS::QuickSight::Dashboard.TablePaginatedReportOptions": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationFunction", - "markdownDescription": "The aggregation function of the filter.", - "title": "AggregationFunction" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" - }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", - "type": "string" - }, - "IncludeMaximum": { - "markdownDescription": "Determines whether the maximum value in the filter value range should be included in the filtered results.", - "title": "IncludeMaximum", - "type": "boolean" - }, - "IncludeMinimum": { - "markdownDescription": "Determines whether the minimum value in the filter value range should be included in the filtered results.", - "title": "IncludeMinimum", - "type": "boolean" - }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", + "OverflowColumnHeaderVisibility": { + "markdownDescription": "The visibility of repeating header rows on each page.", + "title": "OverflowColumnHeaderVisibility", "type": "string" }, - "RangeMaximum": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericRangeFilterValue", - "markdownDescription": "The maximum value for the filter value range.", - "title": "RangeMaximum" - }, - "RangeMinimum": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericRangeFilterValue", - "markdownDescription": "The minimum value for the filter value range.", - "title": "RangeMinimum" - }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", + "VerticalOverflowVisibility": { + "markdownDescription": "The visibility of printing table overflow across pages.", + "title": "VerticalOverflowVisibility", "type": "string" } }, - "required": [ - "Column", - "FilterId", - "NullOption" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.NumericRangeFilterValue": { + "AWS::QuickSight::Dashboard.TablePinnedFieldOptions": { "additionalProperties": false, "properties": { - "Parameter": { - "markdownDescription": "The parameter that is used in the numeric range.", - "title": "Parameter", - "type": "string" - }, - "StaticValue": { - "markdownDescription": "The static value of the numeric range filter.", - "title": "StaticValue", - "type": "number" + "PinnedLeftFields": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of columns to be pinned to the left of a table visual.", + "title": "PinnedLeftFields", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.NumericSeparatorConfiguration": { + "AWS::QuickSight::Dashboard.TableRowConditionalFormatting": { "additionalProperties": false, "properties": { - "DecimalSeparator": { - "markdownDescription": "Determines the decimal separator.", - "title": "DecimalSeparator", - "type": "string" + "BackgroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting color (solid, gradient) of the background for a table row.", + "title": "BackgroundColor" }, - "ThousandsSeparator": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ThousandSeparatorOptions", - "markdownDescription": "The options that determine the thousands separator configuration.", - "title": "ThousandsSeparator" + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting color (solid, gradient) of the text for a table row.", + "title": "TextColor" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.NumericalAggregationFunction": { + "AWS::QuickSight::Dashboard.TableSideBorderOptions": { "additionalProperties": false, "properties": { - "PercentileAggregation": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PercentileAggregation", - "markdownDescription": "An aggregation based on the percentile of values in a dimension or measure.", - "title": "PercentileAggregation" + "Bottom": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", + "markdownDescription": "The table border options of the bottom border.", + "title": "Bottom" }, - "SimpleNumericalAggregation": { - "markdownDescription": "Built-in aggregation functions for numerical values.\n\n- `SUM` : The sum of a dimension or measure.\n- `AVERAGE` : The average of a dimension or measure.\n- `MIN` : The minimum value of a dimension or measure.\n- `MAX` : The maximum value of a dimension or measure.\n- `COUNT` : The count of a dimension or measure.\n- `DISTINCT_COUNT` : The count of distinct values in a dimension or measure.\n- `VAR` : The variance of a dimension or measure.\n- `VARP` : The partitioned variance of a dimension or measure.\n- `STDEV` : The standard deviation of a dimension or measure.\n- `STDEVP` : The partitioned standard deviation of a dimension or measure.\n- `MEDIAN` : The median value of a dimension or measure.", - "title": "SimpleNumericalAggregation", - "type": "string" + "InnerHorizontal": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", + "markdownDescription": "The table border options of the inner horizontal border.", + "title": "InnerHorizontal" + }, + "InnerVertical": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", + "markdownDescription": "The table border options of the inner vertical border.", + "title": "InnerVertical" + }, + "Left": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", + "markdownDescription": "The table border options of the left border.", + "title": "Left" + }, + "Right": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", + "markdownDescription": "The table border options of the right border.", + "title": "Right" + }, + "Top": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", + "markdownDescription": "The table border options of the top border.", + "title": "Top" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.NumericalDimensionField": { + "AWS::QuickSight::Dashboard.TableSortConfiguration": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that is used in the `NumericalDimensionField` .", - "title": "Column" - }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", - "type": "string" - }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumberFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" + "PaginationConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PaginationConfiguration", + "markdownDescription": "The pagination configuration (page size, page number) for the table.", + "title": "PaginationConfiguration" }, - "HierarchyId": { - "markdownDescription": "The custom hierarchy ID.", - "title": "HierarchyId", - "type": "string" + "RowSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The field sort options for rows in the table.", + "title": "RowSort", + "type": "array" } }, - "required": [ - "Column", - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.NumericalMeasureField": { + "AWS::QuickSight::Dashboard.TableStyleTarget": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericalAggregationFunction", - "markdownDescription": "The aggregation function of the measure field.", - "title": "AggregationFunction" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that is used in the `NumericalMeasureField` .", - "title": "Column" - }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "CellType": { + "markdownDescription": "The cell type of the table style target.", + "title": "CellType", "type": "string" - }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumberFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" } }, "required": [ - "Column", - "FieldId" + "CellType" ], "type": "object" }, - "AWS::QuickSight::Dashboard.PaginationConfiguration": { + "AWS::QuickSight::Dashboard.TableUnaggregatedFieldWells": { "additionalProperties": false, "properties": { - "PageNumber": { - "markdownDescription": "Indicates the page number.", - "title": "PageNumber", - "type": "number" - }, - "PageSize": { - "markdownDescription": "Indicates how many items render in one page.", - "title": "PageSize", - "type": "number" + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.UnaggregatedField" + }, + "markdownDescription": "The values field well for a pivot table. Values are unaggregated for an unaggregated table.", + "title": "Values", + "type": "array" } }, - "required": [ - "PageNumber", - "PageSize" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.PanelConfiguration": { + "AWS::QuickSight::Dashboard.TableVisual": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "markdownDescription": "Sets the background color for each panel.", - "title": "BackgroundColor", - "type": "string" - }, - "BackgroundVisibility": { - "markdownDescription": "Determines whether or not a background for each small multiples panel is rendered.", - "title": "BackgroundVisibility", - "type": "string" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" }, - "BorderColor": { - "markdownDescription": "Sets the line color of panel borders.", - "title": "BorderColor", - "type": "string" + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" }, - "BorderStyle": { - "markdownDescription": "Sets the line style of panel borders.", - "title": "BorderStyle", - "type": "string" + "ConditionalFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableConditionalFormatting", + "markdownDescription": "The conditional formatting for a `PivotTableVisual` .", + "title": "ConditionalFormatting" }, - "BorderThickness": { - "markdownDescription": "Sets the line thickness of panel borders.", - "title": "BorderThickness", - "type": "string" + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" }, - "BorderVisibility": { - "markdownDescription": "Determines whether or not each panel displays a border.", - "title": "BorderVisibility", - "type": "string" + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" }, - "GutterSpacing": { - "markdownDescription": "Sets the total amount of negative space to display between sibling panels.", - "title": "GutterSpacing", + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", "type": "string" }, - "GutterVisibility": { - "markdownDescription": "Determines whether or not negative space between sibling panels is rendered.", - "title": "GutterVisibility", + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", "type": "string" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PanelTitleOptions", - "markdownDescription": "Configures the title display within each small multiples panel.", - "title": "Title" } }, + "required": [ + "VisualId" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.PanelTitleOptions": { + "AWS::QuickSight::Dashboard.TextAreaControlDisplayOptions": { "additionalProperties": false, "properties": { - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", - "markdownDescription": "", - "title": "FontConfiguration" + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" }, - "HorizontalTextAlignment": { - "markdownDescription": "Sets the horizontal text alignment of the title within each panel.", - "title": "HorizontalTextAlignment", - "type": "string" + "PlaceholderOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextControlPlaceholderOptions", + "markdownDescription": "The configuration of the placeholder options in a text area control.", + "title": "PlaceholderOptions" }, - "Visibility": { - "markdownDescription": "Determines whether or not panel titles are displayed.", - "title": "Visibility", - "type": "string" + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ParameterControl": { + "AWS::QuickSight::Dashboard.TextConditionalFormat": { "additionalProperties": false, "properties": { - "DateTimePicker": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterDateTimePickerControl", - "markdownDescription": "A control from a date parameter that specifies date and time.", - "title": "DateTimePicker" - }, - "Dropdown": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterDropDownControl", - "markdownDescription": "A control to display a dropdown list with buttons that are used to select a single value.", - "title": "Dropdown" - }, - "List": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterListControl", - "markdownDescription": "A control to display a list with buttons or boxes that are used to select either a single value or multiple values.", - "title": "List" - }, - "Slider": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterSliderControl", - "markdownDescription": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle.", - "title": "Slider" + "BackgroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting for the text background color.", + "title": "BackgroundColor" }, - "TextArea": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterTextAreaControl", - "markdownDescription": "A control to display a text box that is used to enter multiple entries.", - "title": "TextArea" + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting for the icon.", + "title": "Icon" }, - "TextField": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterTextFieldControl", - "markdownDescription": "A control to display a text box that is used to enter a single entry.", - "title": "TextField" + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting for the text color.", + "title": "TextColor" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ParameterDateTimePickerControl": { + "AWS::QuickSight::Dashboard.TextControlPlaceholderOptions": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimePickerControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterDateTimePickerControl` .", - "title": "ParameterControlId", - "type": "string" - }, - "SourceParameterName": { - "markdownDescription": "The name of the `ParameterDateTimePickerControl` .", - "title": "SourceParameterName", - "type": "string" - }, - "Title": { - "markdownDescription": "The title of the `ParameterDateTimePickerControl` .", - "title": "Title", + "Visibility": { + "markdownDescription": "The visibility configuration of the placeholder options in a text control.", + "title": "Visibility", "type": "string" } }, - "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.ParameterDeclaration": { + "AWS::QuickSight::Dashboard.TextFieldControlDisplayOptions": { "additionalProperties": false, "properties": { - "DateTimeParameterDeclaration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeParameterDeclaration", - "markdownDescription": "A parameter declaration for the `DateTime` data type.", - "title": "DateTimeParameterDeclaration" - }, - "DecimalParameterDeclaration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalParameterDeclaration", - "markdownDescription": "A parameter declaration for the `Decimal` data type.", - "title": "DecimalParameterDeclaration" + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" }, - "IntegerParameterDeclaration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.IntegerParameterDeclaration", - "markdownDescription": "A parameter declaration for the `Integer` data type.", - "title": "IntegerParameterDeclaration" + "PlaceholderOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextControlPlaceholderOptions", + "markdownDescription": "The configuration of the placeholder options in a text field control.", + "title": "PlaceholderOptions" }, - "StringParameterDeclaration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringParameterDeclaration", - "markdownDescription": "A parameter declaration for the `String` data type.", - "title": "StringParameterDeclaration" + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ParameterDropDownControl": { + "AWS::QuickSight::Dashboard.ThousandSeparatorOptions": { "additionalProperties": false, "properties": { - "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CascadingControlConfiguration", - "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", - "title": "CascadingControlConfiguration" - }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DropDownControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterDropDownControl` .", - "title": "ParameterControlId", - "type": "string" - }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" - }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterDropDownControl` .", - "title": "SourceParameterName", + "GroupingStyle": { + "markdownDescription": "Determines the way numbers are styled to accommodate different readability standards. The `DEFAULT` value uses the standard international grouping system and groups numbers by the thousands. The `LAKHS` value uses the Indian numbering system and groups numbers by lakhs and crores.", + "title": "GroupingStyle", "type": "string" }, - "Title": { - "markdownDescription": "The title of the `ParameterDropDownControl` .", - "title": "Title", + "Symbol": { + "markdownDescription": "Determines the thousands separator symbol.", + "title": "Symbol", "type": "string" }, - "Type": { - "markdownDescription": "The type parameter name of the `ParameterDropDownControl` .", - "title": "Type", + "Visibility": { + "markdownDescription": "Determines the visibility of the thousands separator.", + "title": "Visibility", "type": "string" } }, - "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.ParameterListControl": { + "AWS::QuickSight::Dashboard.TimeBasedForecastProperties": { "additionalProperties": false, "properties": { - "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CascadingControlConfiguration", - "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", - "title": "CascadingControlConfiguration" - }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ListControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "LowerBoundary": { + "markdownDescription": "The lower boundary setup of a forecast computation.", + "title": "LowerBoundary", + "type": "number" }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterListControl` .", - "title": "ParameterControlId", - "type": "string" + "PeriodsBackward": { + "markdownDescription": "The periods backward setup of a forecast computation.", + "title": "PeriodsBackward", + "type": "number" }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" + "PeriodsForward": { + "markdownDescription": "The periods forward setup of a forecast computation.", + "title": "PeriodsForward", + "type": "number" }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterListControl` .", - "title": "SourceParameterName", - "type": "string" + "PredictionInterval": { + "markdownDescription": "The prediction interval setup of a forecast computation.", + "title": "PredictionInterval", + "type": "number" }, - "Title": { - "markdownDescription": "The title of the `ParameterListControl` .", - "title": "Title", - "type": "string" + "Seasonality": { + "markdownDescription": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `NULL` : The input is set to `NULL` .\n- `NON_NULL` : The input is set to a custom value.", + "title": "Seasonality", + "type": "number" }, - "Type": { - "markdownDescription": "The type of `ParameterListControl` .", - "title": "Type", - "type": "string" + "UpperBoundary": { + "markdownDescription": "The upper boundary setup of a forecast computation.", + "title": "UpperBoundary", + "type": "number" } }, - "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.ParameterSelectableValues": { + "AWS::QuickSight::Dashboard.TimeEqualityFilter": { "additionalProperties": false, "properties": { - "LinkToDataSetColumn": { + "Column": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column identifier that fetches values from the data set.", - "title": "LinkToDataSetColumn" - }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The values that are used in `ParameterSelectableValues` .", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.ParameterSliderControl": { - "additionalProperties": false, - "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SliderControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "MaximumValue": { - "markdownDescription": "The larger value that is displayed at the right of the slider.", - "title": "MaximumValue", - "type": "number" + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" }, - "MinimumValue": { - "markdownDescription": "The smaller value that is displayed at the left of the slider.", - "title": "MinimumValue", - "type": "number" + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterSliderControl` .", - "title": "ParameterControlId", + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", "type": "string" }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterSliderControl` .", - "title": "SourceParameterName", + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `Value` and `RollingDate` .", + "title": "ParameterName", "type": "string" }, - "StepSize": { - "markdownDescription": "The number of increments that the slider bar is divided into.", - "title": "StepSize", - "type": "number" + "RollingDate": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RollingDateConfiguration", + "markdownDescription": "The rolling date input for the `TimeEquality` filter.\n\nThis field is mutually exclusive to `Value` and `ParameterName` .", + "title": "RollingDate" }, - "Title": { - "markdownDescription": "The title of the `ParameterSliderControl` .", - "title": "Title", + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of a `TimeEquality` filter.\n\nThis field is mutually exclusive to `RollingDate` and `ParameterName` .", + "title": "Value", "type": "string" } }, "required": [ - "MaximumValue", - "MinimumValue", - "ParameterControlId", - "SourceParameterName", - "StepSize", - "Title" + "Column", + "FilterId" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ParameterTextAreaControl": { + "AWS::QuickSight::Dashboard.TimeRangeDrillDownFilter": { "additionalProperties": false, "properties": { - "Delimiter": { - "markdownDescription": "The delimiter that is used to separate the lines in text.", - "title": "Delimiter", - "type": "string" - }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextAreaControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterTextAreaControl` .", - "title": "ParameterControlId", + "RangeMaximum": { + "markdownDescription": "The maximum value for the filter value range.", + "title": "RangeMaximum", "type": "string" }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterTextAreaControl` .", - "title": "SourceParameterName", + "RangeMinimum": { + "markdownDescription": "The minimum value for the filter value range.", + "title": "RangeMinimum", "type": "string" }, - "Title": { - "markdownDescription": "The title of the `ParameterTextAreaControl` .", - "title": "Title", + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", "type": "string" } }, "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" + "Column", + "RangeMaximum", + "RangeMinimum", + "TimeGranularity" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ParameterTextFieldControl": { + "AWS::QuickSight::Dashboard.TimeRangeFilter": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextFieldControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterTextFieldControl` .", - "title": "ParameterControlId", + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "ExcludePeriodConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ExcludePeriodConfiguration", + "markdownDescription": "The exclude period of the time range filter.", + "title": "ExcludePeriodConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", "type": "string" }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterTextFieldControl` .", - "title": "SourceParameterName", + "IncludeMaximum": { + "markdownDescription": "Determines whether the maximum value in the filter value range should be included in the filtered results.", + "title": "IncludeMaximum", + "type": "boolean" + }, + "IncludeMinimum": { + "markdownDescription": "Determines whether the minimum value in the filter value range should be included in the filtered results.", + "title": "IncludeMinimum", + "type": "boolean" + }, + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", "type": "string" }, - "Title": { - "markdownDescription": "The title of the `ParameterTextFieldControl` .", - "title": "Title", + "RangeMaximumValue": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TimeRangeFilterValue", + "markdownDescription": "The maximum value for the filter value range.", + "title": "RangeMaximumValue" + }, + "RangeMinimumValue": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TimeRangeFilterValue", + "markdownDescription": "The minimum value for the filter value range.", + "title": "RangeMinimumValue" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", "type": "string" } }, "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" + "Column", + "FilterId", + "NullOption" ], "type": "object" }, - "AWS::QuickSight::Dashboard.Parameters": { + "AWS::QuickSight::Dashboard.TimeRangeFilterValue": { "additionalProperties": false, "properties": { - "DateTimeParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeParameter" - }, - "markdownDescription": "The parameters that have a data type of date-time.", - "title": "DateTimeParameters", - "type": "array" - }, - "DecimalParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalParameter" - }, - "markdownDescription": "The parameters that have a data type of decimal.", - "title": "DecimalParameters", - "type": "array" - }, - "IntegerParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.IntegerParameter" - }, - "markdownDescription": "The parameters that have a data type of integer.", - "title": "IntegerParameters", - "type": "array" + "Parameter": { + "markdownDescription": "The parameter type input value.", + "title": "Parameter", + "type": "string" }, - "StringParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringParameter" - }, - "markdownDescription": "The parameters that have a data type of string.", - "title": "StringParameters", - "type": "array" + "RollingDate": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RollingDateConfiguration", + "markdownDescription": "The rolling date input value.", + "title": "RollingDate" + }, + "StaticValue": { + "markdownDescription": "The static input value.", + "title": "StaticValue", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.PercentVisibleRange": { + "AWS::QuickSight::Dashboard.TooltipItem": { "additionalProperties": false, "properties": { - "From": { - "markdownDescription": "The lower bound of the range.", - "title": "From", - "type": "number" + "ColumnTooltipItem": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnTooltipItem", + "markdownDescription": "The tooltip item for the columns that are not part of a field well.", + "title": "ColumnTooltipItem" }, - "To": { - "markdownDescription": "The top bound of the range.", - "title": "To", - "type": "number" + "FieldTooltipItem": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldTooltipItem", + "markdownDescription": "The tooltip item for the fields.", + "title": "FieldTooltipItem" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.PercentageDisplayFormatConfiguration": { + "AWS::QuickSight::Dashboard.TooltipOptions": { "additionalProperties": false, "properties": { - "DecimalPlacesConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalPlacesConfiguration", - "markdownDescription": "The option that determines the decimal places configuration.", - "title": "DecimalPlacesConfiguration" - }, - "NegativeValueConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NegativeValueConfiguration", - "markdownDescription": "The options that determine the negative value configuration.", - "title": "NegativeValueConfiguration" - }, - "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NullValueFormatConfiguration", - "markdownDescription": "The options that determine the null value format configuration.", - "title": "NullValueFormatConfiguration" + "FieldBasedTooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldBasedTooltip", + "markdownDescription": "The setup for the detailed tooltip. The tooltip setup is always saved. The display type is decided based on the tooltip type.", + "title": "FieldBasedTooltip" }, - "Prefix": { - "markdownDescription": "Determines the prefix value of the percentage format.", - "title": "Prefix", + "SelectedTooltipType": { + "markdownDescription": "The selected type for the tooltip. Choose one of the following options:\n\n- `BASIC` : A basic tooltip.\n- `DETAILED` : A detailed tooltip.", + "title": "SelectedTooltipType", "type": "string" }, - "SeparatorConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericSeparatorConfiguration", - "markdownDescription": "The options that determine the numeric separator configuration.", - "title": "SeparatorConfiguration" - }, - "Suffix": { - "markdownDescription": "Determines the suffix value of the percentage format.", - "title": "Suffix", + "TooltipVisibility": { + "markdownDescription": "Determines whether or not the tooltip is visible.", + "title": "TooltipVisibility", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.PercentileAggregation": { + "AWS::QuickSight::Dashboard.TopBottomFilter": { "additionalProperties": false, "properties": { - "PercentileValue": { - "markdownDescription": "The percentile value. This value can be any numeric constant 0\u2013100. A percentile value of 50 computes the median value of the measure.", - "title": "PercentileValue", + "AggregationSortConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationSortConfiguration" + }, + "markdownDescription": "The aggregation and sort configuration of the top bottom filter.", + "title": "AggregationSortConfigurations", + "type": "array" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + }, + "Limit": { + "markdownDescription": "The number of items to include in the top bottom filter results.", + "title": "Limit", "type": "number" + }, + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.", + "title": "ParameterName", + "type": "string" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" } }, + "required": [ + "AggregationSortConfigurations", + "Column", + "FilterId" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.PeriodOverPeriodComputation": { + "AWS::QuickSight::Dashboard.TopBottomMoversComputation": { "additionalProperties": false, "properties": { + "Category": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", + "markdownDescription": "The category field that is used in a computation.", + "title": "Category" + }, "ComputationId": { "markdownDescription": "The ID for a computation.", "title": "ComputationId", "type": "string" }, + "MoverSize": { + "markdownDescription": "The mover size setup of the top and bottom movers computation.", + "title": "MoverSize", + "type": "number" + }, "Name": { "markdownDescription": "The name of a computation.", "title": "Name", "type": "string" }, + "SortOrder": { + "markdownDescription": "The sort order setup of the top and bottom movers computation.", + "title": "SortOrder", + "type": "string" + }, "Time": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", "markdownDescription": "The time field that is used in a computation.", "title": "Time" }, + "Type": { + "markdownDescription": "The computation type. Choose from the following options:\n\n- TOP: Top movers computation.\n- BOTTOM: Bottom movers computation.", + "title": "Type", + "type": "string" + }, "Value": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", "markdownDescription": "The value field that is used in a computation.", @@ -203467,13 +247291,19 @@ } }, "required": [ - "ComputationId" + "ComputationId", + "Type" ], "type": "object" }, - "AWS::QuickSight::Dashboard.PeriodToDateComputation": { + "AWS::QuickSight::Dashboard.TopBottomRankedComputation": { "additionalProperties": false, "properties": { + "Category": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", + "markdownDescription": "The category field that is used in a computation.", + "title": "Category" + }, "ComputationId": { "markdownDescription": "The ID for a computation.", "title": "ComputationId", @@ -203484,15 +247314,40 @@ "title": "Name", "type": "string" }, - "PeriodTimeGranularity": { - "markdownDescription": "The time granularity setup of period to date computation. Choose from the following options:\n\n- YEAR: Year to date.\n- MONTH: Month to date.", - "title": "PeriodTimeGranularity", + "ResultSize": { + "markdownDescription": "The result size of a top and bottom ranked computation.", + "title": "ResultSize", + "type": "number" + }, + "Type": { + "markdownDescription": "The computation type. Choose one of the following options:\n\n- TOP: A top ranked computation.\n- BOTTOM: A bottom ranked computation.", + "title": "Type", "type": "string" }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" + } + }, + "required": [ + "ComputationId", + "Type" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.TotalAggregationComputation": { + "additionalProperties": false, + "properties": { + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" }, "Value": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", @@ -203505,144 +247360,217 @@ ], "type": "object" }, - "AWS::QuickSight::Dashboard.PieChartAggregatedFieldWells": { + "AWS::QuickSight::Dashboard.TotalAggregationFunction": { "additionalProperties": false, "properties": { - "Category": { + "SimpleTotalAggregationFunction": { + "markdownDescription": "A built in aggregation function for total values.", + "title": "SimpleTotalAggregationFunction", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TotalAggregationOption": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The field id that's associated with the total aggregation option.", + "title": "FieldId", + "type": "string" + }, + "TotalAggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TotalAggregationFunction", + "markdownDescription": "The total aggregation function that you want to set for a specified field id.", + "title": "TotalAggregationFunction" + } + }, + "required": [ + "FieldId", + "TotalAggregationFunction" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.TotalOptions": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The custom label string for the total cells.", + "title": "CustomLabel", + "type": "string" + }, + "Placement": { + "markdownDescription": "The placement (start, end) for the total cells.", + "title": "Placement", + "type": "string" + }, + "ScrollStatus": { + "markdownDescription": "The scroll status (pinned, scrolled) for the total cells.", + "title": "ScrollStatus", + "type": "string" + }, + "TotalAggregationOptions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TotalAggregationOption" }, - "markdownDescription": "The category (group/color) field wells of a pie chart.", - "title": "Category", + "markdownDescription": "The total aggregation settings for each value field.", + "title": "TotalAggregationOptions", "type": "array" }, - "SmallMultiples": { + "TotalCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", + "markdownDescription": "Cell styling options for the total cells.", + "title": "TotalCellStyle" + }, + "TotalsVisibility": { + "markdownDescription": "The visibility configuration for the total cells.", + "title": "TotalsVisibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TransposedTableOption": { + "additionalProperties": false, + "properties": { + "ColumnIndex": { + "markdownDescription": "The index of a columns in a transposed table. The index range is 0-9999.", + "title": "ColumnIndex", + "type": "number" + }, + "ColumnType": { + "markdownDescription": "The column type of the column in a transposed table. Choose one of the following options:\n\n- `ROW_HEADER_COLUMN` : Refers to the leftmost column of the row header in the transposed table.\n- `VALUE_COLUMN` : Refers to all value columns in the transposed table.", + "title": "ColumnType", + "type": "string" + }, + "ColumnWidth": { + "markdownDescription": "The width of a column in a transposed table.", + "title": "ColumnWidth", + "type": "string" + } + }, + "required": [ + "ColumnType" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.TreeMapAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The color field well of a tree map. Values are grouped by aggregations based on group by fields.", + "title": "Colors", + "type": "array" + }, + "Groups": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, - "markdownDescription": "The small multiples field well of a pie chart.", - "title": "SmallMultiples", + "markdownDescription": "The group by field well of a tree map. Values are grouped based on group by fields.", + "title": "Groups", "type": "array" }, - "Values": { + "Sizes": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" }, - "markdownDescription": "The value field wells of a pie chart. Values are aggregated based on categories.", - "title": "Values", + "markdownDescription": "The size field well of a tree map. Values are aggregated based on group by fields.", + "title": "Sizes", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.PieChartConfiguration": { + "AWS::QuickSight::Dashboard.TreeMapConfiguration": { "additionalProperties": false, "properties": { - "CategoryLabelOptions": { + "ColorLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options of the group/color that is displayed in a pie chart.", - "title": "CategoryLabelOptions" + "markdownDescription": "The label options (label text, label visibility) for the colors displayed in a tree map.", + "title": "ColorLabelOptions" }, - "ContributionAnalysisDefaults": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ContributionAnalysisDefault" - }, - "markdownDescription": "The contribution analysis (anomaly configuration) setup of the visual.", - "title": "ContributionAnalysisDefaults", - "type": "array" + "ColorScale": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColorScale", + "markdownDescription": "The color options (gradient color, point of divergence) of a tree map.", + "title": "ColorScale" }, "DataLabels": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", "markdownDescription": "The options that determine if visual data labels are displayed.", "title": "DataLabels" }, - "DonutOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DonutOptions", - "markdownDescription": "The options that determine the shape of the chart. This option determines whether the chart is a pie chart or a donut chart.", - "title": "DonutOptions" - }, "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PieChartFieldWells", + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TreeMapFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, + "GroupLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility) of the groups that are displayed in a tree map.", + "title": "GroupLabelOptions" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, "Legend": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Legend" }, - "SmallMultiplesOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SmallMultiplesOptions", - "markdownDescription": "The small multiples setup for the visual.", - "title": "SmallMultiplesOptions" + "SizeLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility) of the sizes that are displayed in a tree map.", + "title": "SizeLabelOptions" }, "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PieChartSortConfiguration", - "markdownDescription": "The sort configuration of a pie chart.", + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TreeMapSortConfiguration", + "markdownDescription": "The sort configuration of a tree map.", "title": "SortConfiguration" }, "Tooltip": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", "markdownDescription": "The tooltip display setup of the visual.", "title": "Tooltip" - }, - "ValueLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options for the value that is displayed in a pie chart.", - "title": "ValueLabelOptions" - }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.PieChartFieldWells": { + "AWS::QuickSight::Dashboard.TreeMapFieldWells": { "additionalProperties": false, "properties": { - "PieChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PieChartAggregatedFieldWells", - "markdownDescription": "The field well configuration of a pie chart.", - "title": "PieChartAggregatedFieldWells" + "TreeMapAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TreeMapAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a tree map.", + "title": "TreeMapAggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.PieChartSortConfiguration": { + "AWS::QuickSight::Dashboard.TreeMapSortConfiguration": { "additionalProperties": false, "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of categories that are displayed in a pie chart.", - "title": "CategoryItemsLimit" - }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the category fields.", - "title": "CategorySort", - "type": "array" - }, - "SmallMultiplesLimitConfiguration": { + "TreeMapGroupItemsLimitConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of small multiples panels that are displayed.", - "title": "SmallMultiplesLimitConfiguration" + "markdownDescription": "The limit on the number of groups that are displayed.", + "title": "TreeMapGroupItemsLimitConfiguration" }, - "SmallMultiplesSort": { + "TreeMapSort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" }, - "markdownDescription": "The sort configuration of the small multiples field.", - "title": "SmallMultiplesSort", + "markdownDescription": "The sort configuration of group by fields.", + "title": "TreeMapSort", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.PieChartVisual": { + "AWS::QuickSight::Dashboard.TreeMapVisual": { "additionalProperties": false, "properties": { "Actions": { @@ -203654,8 +247582,8 @@ "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PieChartConfiguration", - "markdownDescription": "The configuration of a pie chart.", + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TreeMapConfiguration", + "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { @@ -203676,8 +247604,13 @@ "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", "title": "VisualId", "type": "string" } @@ -203687,770 +247620,547 @@ ], "type": "object" }, - "AWS::QuickSight::Dashboard.PivotFieldSortOptions": { + "AWS::QuickSight::Dashboard.TrendArrowOptions": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID for the field sort options.", - "title": "FieldId", + "Visibility": { + "markdownDescription": "The visibility of the trend arrows.", + "title": "Visibility", "type": "string" - }, - "SortBy": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableSortBy", - "markdownDescription": "The sort by field for the field sort options.", - "title": "SortBy" } }, - "required": [ - "FieldId", - "SortBy" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableAggregatedFieldWells": { + "AWS::QuickSight::Dashboard.UnaggregatedField": { "additionalProperties": false, "properties": { - "Columns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The columns field well for a pivot table. Values are grouped by columns fields.", - "title": "Columns", - "type": "array" - }, - "Rows": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The rows field well for a pivot table. Values are grouped by rows fields.", - "title": "Rows", - "type": "array" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that is used in the `UnaggregatedField` .", + "title": "Column" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The values field well for a pivot table. Values are aggregated based on rows and columns fields.", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.PivotTableCellConditionalFormatting": { - "additionalProperties": false, - "properties": { "FieldId": { - "markdownDescription": "The field ID of the cell for conditional formatting.", + "markdownDescription": "The custom field ID.", "title": "FieldId", "type": "string" }, - "Scope": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableConditionalFormattingScope", - "markdownDescription": "The scope of the cell for conditional formatting.", - "title": "Scope" - }, - "Scopes": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableConditionalFormattingScope" - }, - "markdownDescription": "A list of cell scopes for conditional formatting.", - "title": "Scopes", - "type": "array" - }, - "TextFormat": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextConditionalFormat", - "markdownDescription": "The text format of the cell for conditional formatting.", - "title": "TextFormat" + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" } }, "required": [ + "Column", "FieldId" ], "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableConditionalFormatting": { - "additionalProperties": false, - "properties": { - "ConditionalFormattingOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableConditionalFormattingOption" - }, - "markdownDescription": "Conditional formatting options for a `PivotTableVisual` .", - "title": "ConditionalFormattingOptions", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.PivotTableConditionalFormattingOption": { - "additionalProperties": false, - "properties": { - "Cell": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableCellConditionalFormatting", - "markdownDescription": "The cell conditional formatting option for a pivot table.", - "title": "Cell" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.PivotTableConditionalFormattingScope": { - "additionalProperties": false, - "properties": { - "Role": { - "markdownDescription": "The role (field, field total, grand total) of the cell for conditional formatting.", - "title": "Role", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.PivotTableConfiguration": { + "AWS::QuickSight::Dashboard.UniqueValuesComputation": { "additionalProperties": false, "properties": { - "FieldOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableFieldOptions", - "markdownDescription": "The field options for a pivot table visual.", - "title": "FieldOptions" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "PaginatedReportOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTablePaginatedReportOptions", - "markdownDescription": "The paginated report options for a pivot table visual.", - "title": "PaginatedReportOptions" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableSortConfiguration", - "markdownDescription": "The sort configuration for a `PivotTableVisual` .", - "title": "SortConfiguration" - }, - "TableOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableOptions", - "markdownDescription": "The table options for a pivot table visual.", - "title": "TableOptions" + "Category": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", + "markdownDescription": "The category field that is used in a computation.", + "title": "Category" }, - "TotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableTotalOptions", - "markdownDescription": "The total options for a pivot table visual.", - "title": "TotalOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.PivotTableDataPathOption": { - "additionalProperties": false, - "properties": { - "DataPathList": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathValue" - }, - "markdownDescription": "The list of data path values for the data path options.", - "title": "DataPathList", - "type": "array" + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" }, - "Width": { - "markdownDescription": "The width of the data path option.", - "title": "Width", + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", "type": "string" } }, "required": [ - "DataPathList" + "ComputationId" ], "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableFieldCollapseStateOption": { + "AWS::QuickSight::Dashboard.ValidationStrategy": { "additionalProperties": false, "properties": { - "State": { - "markdownDescription": "The state of the field target of a pivot table. Choose one of the following options:\n\n- `COLLAPSED`\n- `EXPANDED`", - "title": "State", + "Mode": { + "markdownDescription": "The mode of validation for the asset to be created or updated. When you set this value to `STRICT` , strict validation for every error is enforced. When you set this value to `LENIENT` , validation is skipped for specific UI errors.", + "title": "Mode", "type": "string" - }, - "Target": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableFieldCollapseStateTarget", - "markdownDescription": "A tagged-union object that sets the collapse state.", - "title": "Target" } }, "required": [ - "Target" + "Mode" ], "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableFieldCollapseStateTarget": { + "AWS::QuickSight::Dashboard.VisibleRangeOptions": { "additionalProperties": false, "properties": { - "FieldDataPathValues": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathValue" - }, - "markdownDescription": "The data path of the pivot table's header. Used to set the collapse state.", - "title": "FieldDataPathValues", - "type": "array" - }, - "FieldId": { - "markdownDescription": "The field ID of the pivot table that the collapse state needs to be set to.", - "title": "FieldId", - "type": "string" + "PercentRange": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PercentVisibleRange", + "markdownDescription": "The percent range in the visible range.", + "title": "PercentRange" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableFieldOption": { + "AWS::QuickSight::Dashboard.Visual": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label of the pivot table field.", - "title": "CustomLabel", - "type": "string" + "BarChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BarChartVisual", + "markdownDescription": "A bar chart.\n\nFor more information, see [Using bar charts](https://docs.aws.amazon.com/quicksight/latest/user/bar-charts.html) in the *Amazon QuickSight User Guide* .", + "title": "BarChartVisual" }, - "FieldId": { - "markdownDescription": "The field ID of the pivot table field.", - "title": "FieldId", - "type": "string" + "BoxPlotVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotVisual", + "markdownDescription": "A box plot.\n\nFor more information, see [Using box plots](https://docs.aws.amazon.com/quicksight/latest/user/box-plots.html) in the *Amazon QuickSight User Guide* .", + "title": "BoxPlotVisual" }, - "Visibility": { - "markdownDescription": "The visibility of the pivot table field.", - "title": "Visibility", - "type": "string" - } - }, - "required": [ - "FieldId" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.PivotTableFieldOptions": { - "additionalProperties": false, - "properties": { - "CollapseStateOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableFieldCollapseStateOption" - }, - "markdownDescription": "The collapse state options for the pivot table field options.", - "title": "CollapseStateOptions", - "type": "array" + "ComboChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComboChartVisual", + "markdownDescription": "A combo chart.\n\nFor more information, see [Using combo charts](https://docs.aws.amazon.com/quicksight/latest/user/combo-charts.html) in the *Amazon QuickSight User Guide* .", + "title": "ComboChartVisual" }, - "DataPathOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableDataPathOption" - }, - "markdownDescription": "The data path options for the pivot table field options.", - "title": "DataPathOptions", - "type": "array" + "CustomContentVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomContentVisual", + "markdownDescription": "A visual that contains custom content.\n\nFor more information, see [Using custom visual content](https://docs.aws.amazon.com/quicksight/latest/user/custom-visual-content.html) in the *Amazon QuickSight User Guide* .", + "title": "CustomContentVisual" }, - "SelectedFieldOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableFieldOption" - }, - "markdownDescription": "The selected field options for the pivot table field options.", - "title": "SelectedFieldOptions", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.PivotTableFieldSubtotalOptions": { - "additionalProperties": false, - "properties": { - "FieldId": { - "markdownDescription": "The field ID of the subtotal options.", - "title": "FieldId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.PivotTableFieldWells": { - "additionalProperties": false, - "properties": { - "PivotTableAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableAggregatedFieldWells", - "markdownDescription": "The aggregated field well for the pivot table.", - "title": "PivotTableAggregatedFieldWells" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.PivotTableOptions": { - "additionalProperties": false, - "properties": { - "CellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", - "markdownDescription": "The table cell style of cells.", - "title": "CellStyle" + "EmptyVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.EmptyVisual", + "markdownDescription": "An empty visual.", + "title": "EmptyVisual" }, - "CollapsedRowDimensionsVisibility": { - "markdownDescription": "The visibility setting of a pivot table's collapsed row dimension fields. If the value of this structure is `HIDDEN` , all collapsed columns in a pivot table are automatically hidden. The default value is `VISIBLE` .", - "title": "CollapsedRowDimensionsVisibility", - "type": "string" + "FilledMapVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapVisual", + "markdownDescription": "A filled map.\n\nFor more information, see [Creating filled maps](https://docs.aws.amazon.com/quicksight/latest/user/filled-maps.html) in the *Amazon QuickSight User Guide* .", + "title": "FilledMapVisual" }, - "ColumnHeaderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", - "markdownDescription": "The table cell style of the column header.", - "title": "ColumnHeaderStyle" + "FunnelChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FunnelChartVisual", + "markdownDescription": "A funnel chart.\n\nFor more information, see [Using funnel charts](https://docs.aws.amazon.com/quicksight/latest/user/funnel-visual-content.html) in the *Amazon QuickSight User Guide* .", + "title": "FunnelChartVisual" }, - "ColumnNamesVisibility": { - "markdownDescription": "The visibility of the column names.", - "title": "ColumnNamesVisibility", - "type": "string" + "GaugeChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartVisual", + "markdownDescription": "A gauge chart.\n\nFor more information, see [Using gauge charts](https://docs.aws.amazon.com/quicksight/latest/user/gauge-chart.html) in the *Amazon QuickSight User Guide* .", + "title": "GaugeChartVisual" }, - "DefaultCellWidth": { - "markdownDescription": "The default cell width of the pivot table.", - "title": "DefaultCellWidth", - "type": "string" + "GeospatialMapVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapVisual", + "markdownDescription": "A geospatial map or a points on map visual.\n\nFor more information, see [Creating point maps](https://docs.aws.amazon.com/quicksight/latest/user/point-maps.html) in the *Amazon QuickSight User Guide* .", + "title": "GeospatialMapVisual" }, - "MetricPlacement": { - "markdownDescription": "The metric placement (row, column) options.", - "title": "MetricPlacement", - "type": "string" + "HeatMapVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeatMapVisual", + "markdownDescription": "A heat map.\n\nFor more information, see [Using heat maps](https://docs.aws.amazon.com/quicksight/latest/user/heat-map.html) in the *Amazon QuickSight User Guide* .", + "title": "HeatMapVisual" }, - "RowAlternateColorOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RowAlternateColorOptions", - "markdownDescription": "The row alternate color options (widget status, row alternate colors).", - "title": "RowAlternateColorOptions" + "HistogramVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.HistogramVisual", + "markdownDescription": "A histogram.\n\nFor more information, see [Using histograms](https://docs.aws.amazon.com/quicksight/latest/user/histogram-charts.html) in the *Amazon QuickSight User Guide* .", + "title": "HistogramVisual" }, - "RowFieldNamesStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", - "markdownDescription": "The table cell style of row field names.", - "title": "RowFieldNamesStyle" + "InsightVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.InsightVisual", + "markdownDescription": "An insight visual.\n\nFor more information, see [Working with insights](https://docs.aws.amazon.com/quicksight/latest/user/computational-insights.html) in the *Amazon QuickSight User Guide* .", + "title": "InsightVisual" }, - "RowHeaderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", - "markdownDescription": "The table cell style of the row headers.", - "title": "RowHeaderStyle" + "KPIVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIVisual", + "markdownDescription": "A key performance indicator (KPI).\n\nFor more information, see [Using KPIs](https://docs.aws.amazon.com/quicksight/latest/user/kpi.html) in the *Amazon QuickSight User Guide* .", + "title": "KPIVisual" }, - "RowsLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableRowsLabelOptions", - "markdownDescription": "The options for the label that is located above the row headers. This option is only applicable when `RowsLayout` is set to `HIERARCHY` .", - "title": "RowsLabelOptions" + "LayerMapVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LayerMapVisual", + "markdownDescription": "The properties for a layer map visual", + "title": "LayerMapVisual" }, - "RowsLayout": { - "markdownDescription": "The layout for the row dimension headers of a pivot table. Choose one of the following options.\n\n- `TABULAR` : (Default) Each row field is displayed in a separate column.\n- `HIERARCHY` : All row fields are displayed in a single column. Indentation is used to differentiate row headers of different fields.", - "title": "RowsLayout", - "type": "string" + "LineChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartVisual", + "markdownDescription": "A line chart.\n\nFor more information, see [Using line charts](https://docs.aws.amazon.com/quicksight/latest/user/line-charts.html) in the *Amazon QuickSight User Guide* .", + "title": "LineChartVisual" }, - "SingleMetricVisibility": { - "markdownDescription": "The visibility of the single metric options.", - "title": "SingleMetricVisibility", - "type": "string" + "PieChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PieChartVisual", + "markdownDescription": "A pie or donut chart.\n\nFor more information, see [Using pie charts](https://docs.aws.amazon.com/quicksight/latest/user/pie-chart.html) in the *Amazon QuickSight User Guide* .", + "title": "PieChartVisual" }, - "ToggleButtonsVisibility": { - "markdownDescription": "Determines the visibility of the pivot table.", - "title": "ToggleButtonsVisibility", - "type": "string" + "PivotTableVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableVisual", + "markdownDescription": "A pivot table.\n\nFor more information, see [Using pivot tables](https://docs.aws.amazon.com/quicksight/latest/user/pivot-table.html) in the *Amazon QuickSight User Guide* .", + "title": "PivotTableVisual" + }, + "PluginVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PluginVisual", + "markdownDescription": "The custom plugin visual type.", + "title": "PluginVisual" + }, + "RadarChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartVisual", + "markdownDescription": "A radar chart visual.\n\nFor more information, see [Using radar charts](https://docs.aws.amazon.com/quicksight/latest/user/radar-chart.html) in the *Amazon QuickSight User Guide* .", + "title": "RadarChartVisual" + }, + "SankeyDiagramVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SankeyDiagramVisual", + "markdownDescription": "A sankey diagram.\n\nFor more information, see [Using Sankey diagrams](https://docs.aws.amazon.com/quicksight/latest/user/sankey-diagram.html) in the *Amazon QuickSight User Guide* .", + "title": "SankeyDiagramVisual" + }, + "ScatterPlotVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScatterPlotVisual", + "markdownDescription": "A scatter plot.\n\nFor more information, see [Using scatter plots](https://docs.aws.amazon.com/quicksight/latest/user/scatter-plot.html) in the *Amazon QuickSight User Guide* .", + "title": "ScatterPlotVisual" + }, + "TableVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableVisual", + "markdownDescription": "A table visual.\n\nFor more information, see [Using tables as visuals](https://docs.aws.amazon.com/quicksight/latest/user/tabular.html) in the *Amazon QuickSight User Guide* .", + "title": "TableVisual" + }, + "TreeMapVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TreeMapVisual", + "markdownDescription": "A tree map.\n\nFor more information, see [Using tree maps](https://docs.aws.amazon.com/quicksight/latest/user/tree-map.html) in the *Amazon QuickSight User Guide* .", + "title": "TreeMapVisual" + }, + "WaterfallVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallVisual", + "markdownDescription": "A waterfall chart.\n\nFor more information, see [Using waterfall charts](https://docs.aws.amazon.com/quicksight/latest/user/waterfall-chart.html) in the *Amazon QuickSight User Guide* .", + "title": "WaterfallVisual" + }, + "WordCloudVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WordCloudVisual", + "markdownDescription": "A word cloud.\n\nFor more information, see [Using word clouds](https://docs.aws.amazon.com/quicksight/latest/user/word-cloud.html) in the *Amazon QuickSight User Guide* .", + "title": "WordCloudVisual" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTablePaginatedReportOptions": { + "AWS::QuickSight::Dashboard.VisualAxisSortOption": { "additionalProperties": false, "properties": { - "OverflowColumnHeaderVisibility": { - "markdownDescription": "The visibility of the repeating header rows on each page.", - "title": "OverflowColumnHeaderVisibility", - "type": "string" - }, - "VerticalOverflowVisibility": { - "markdownDescription": "The visibility of the printing table overflow across pages.", - "title": "VerticalOverflowVisibility", + "AvailabilityStatus": { + "markdownDescription": "The availaiblity status of a visual's axis sort options.", + "title": "AvailabilityStatus", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableRowsLabelOptions": { + "AWS::QuickSight::Dashboard.VisualCustomAction": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label string for the rows label.", - "title": "CustomLabel", + "ActionOperations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomActionOperation" + }, + "markdownDescription": "A list of `VisualCustomActionOperations` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", + "title": "ActionOperations", + "type": "array" + }, + "CustomActionId": { + "markdownDescription": "The ID of the `VisualCustomAction` .", + "title": "CustomActionId", "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the rows label.", - "title": "Visibility", + "Name": { + "markdownDescription": "The name of the `VisualCustomAction` .", + "title": "Name", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.PivotTableSortBy": { - "additionalProperties": false, - "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnSort", - "markdownDescription": "The column sort (field id, direction) for the pivot table sort by options.", - "title": "Column" }, - "DataPath": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathSort", - "markdownDescription": "The data path sort (data path value, direction) for the pivot table sort by options.", - "title": "DataPath" + "Status": { + "markdownDescription": "The status of the `VisualCustomAction` .", + "title": "Status", + "type": "string" }, - "Field": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSort", - "markdownDescription": "The field sort (field id, direction) for the pivot table sort by options.", - "title": "Field" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.PivotTableSortConfiguration": { - "additionalProperties": false, - "properties": { - "FieldSortOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotFieldSortOptions" - }, - "markdownDescription": "The field sort options for a pivot table sort configuration.", - "title": "FieldSortOptions", - "type": "array" + "Trigger": { + "markdownDescription": "The trigger of the `VisualCustomAction` .\n\nValid values are defined as follows:\n\n- `DATA_POINT_CLICK` : Initiates a custom action by a left pointer click on a data point.\n- `DATA_POINT_MENU` : Initiates a custom action by right pointer click from the menu.", + "title": "Trigger", + "type": "string" } }, + "required": [ + "ActionOperations", + "CustomActionId", + "Name", + "Trigger" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableTotalOptions": { + "AWS::QuickSight::Dashboard.VisualCustomActionOperation": { "additionalProperties": false, "properties": { - "ColumnSubtotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SubtotalOptions", - "markdownDescription": "The column subtotal options.", - "title": "ColumnSubtotalOptions" + "FilterOperation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionFilterOperation", + "markdownDescription": "The filter operation that filters data included in a visual or in an entire sheet.", + "title": "FilterOperation" }, - "ColumnTotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTotalOptions", - "markdownDescription": "The column total options.", - "title": "ColumnTotalOptions" + "NavigationOperation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionNavigationOperation", + "markdownDescription": "The navigation operation that navigates between different sheets in the same analysis.", + "title": "NavigationOperation" }, - "RowSubtotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SubtotalOptions", - "markdownDescription": "The row subtotal options.", - "title": "RowSubtotalOptions" + "SetParametersOperation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionSetParametersOperation", + "markdownDescription": "The set parameter operation that sets parameters in custom action.", + "title": "SetParametersOperation" }, - "RowTotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTotalOptions", - "markdownDescription": "The row total options.", - "title": "RowTotalOptions" + "URLOperation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionURLOperation", + "markdownDescription": "The URL operation that opens a link to another webpage.", + "title": "URLOperation" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableVisual": { + "AWS::QuickSight::Dashboard.VisualInteractionOptions": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" - }, - "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableConditionalFormatting", - "markdownDescription": "The conditional formatting for a `PivotTableVisual` .", - "title": "ConditionalFormatting" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "ContextMenuOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ContextMenuOption", + "markdownDescription": "The context menu options for a visual.", + "title": "ContextMenuOption" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", - "type": "string" + "VisualMenuOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualMenuOption", + "markdownDescription": "The on-visual menu options for a visual.", + "title": "VisualMenuOption" } }, - "required": [ - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTotalOptions": { + "AWS::QuickSight::Dashboard.VisualMenuOption": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label string for the total cells.", - "title": "CustomLabel", - "type": "string" - }, - "MetricHeaderCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", - "markdownDescription": "The cell styling options for the total of header cells.", - "title": "MetricHeaderCellStyle" - }, - "Placement": { - "markdownDescription": "The placement (start, end) for the total cells.", - "title": "Placement", - "type": "string" - }, - "ScrollStatus": { - "markdownDescription": "The scroll status (pinned, scrolled) for the total cells.", - "title": "ScrollStatus", - "type": "string" - }, - "TotalAggregationOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TotalAggregationOption" - }, - "markdownDescription": "The total aggregation options for each value field.", - "title": "TotalAggregationOptions", - "type": "array" - }, - "TotalCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", - "markdownDescription": "The cell styling options for the total cells.", - "title": "TotalCellStyle" - }, - "TotalsVisibility": { - "markdownDescription": "The visibility configuration for the total cells.", - "title": "TotalsVisibility", - "type": "string" - }, - "ValueCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", - "markdownDescription": "The cell styling options for the totals of value cells.", - "title": "ValueCellStyle" + "AvailabilityStatus": { + "markdownDescription": "The availaiblity status of a visual's menu options.", + "title": "AvailabilityStatus", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.PredefinedHierarchy": { + "AWS::QuickSight::Dashboard.VisualPalette": { "additionalProperties": false, "properties": { - "Columns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier" - }, - "markdownDescription": "The list of columns that define the predefined hierarchy.", - "title": "Columns", - "type": "array" + "ChartColor": { + "markdownDescription": "The chart color options for the visual palette.", + "title": "ChartColor", + "type": "string" }, - "DrillDownFilters": { + "ColorMap": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DrillDownFilter" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathColor" }, - "markdownDescription": "The option that determines the drill down filters for the predefined hierarchy.", - "title": "DrillDownFilters", + "markdownDescription": "The color map options for the visual palette.", + "title": "ColorMap", "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions": { + "additionalProperties": false, + "properties": { + "FormatText": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LongFormatText", + "markdownDescription": "The long text format of the subtitle label, such as plain text or rich text.", + "title": "FormatText" }, - "HierarchyId": { - "markdownDescription": "The hierarchy ID of the predefined hierarchy.", - "title": "HierarchyId", + "Visibility": { + "markdownDescription": "The visibility of the subtitle label.", + "title": "Visibility", "type": "string" } }, - "required": [ - "Columns", - "HierarchyId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.ProgressBarOptions": { + "AWS::QuickSight::Dashboard.VisualTitleLabelOptions": { "additionalProperties": false, "properties": { + "FormatText": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ShortFormatText", + "markdownDescription": "The short text format of the title label, such as plain text or rich text.", + "title": "FormatText" + }, "Visibility": { - "markdownDescription": "The visibility of the progress bar.", + "markdownDescription": "The visibility of the title label.", "title": "Visibility", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.RadarChartAggregatedFieldWells": { + "AWS::QuickSight::Dashboard.WaterfallChartAggregatedFieldWells": { "additionalProperties": false, "properties": { - "Category": { + "Breakdowns": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, - "markdownDescription": "The aggregated field well categories of a radar chart.", - "title": "Category", + "markdownDescription": "The breakdown field wells of a waterfall visual.", + "title": "Breakdowns", "type": "array" }, - "Color": { + "Categories": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, - "markdownDescription": "The color that are assigned to the aggregated field wells of a radar chart.", - "title": "Color", + "markdownDescription": "The category field wells of a waterfall visual.", + "title": "Categories", "type": "array" }, "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" }, - "markdownDescription": "The values that are assigned to the aggregated field wells of a radar chart.", + "markdownDescription": "The value field wells of a waterfall visual.", "title": "Values", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.RadarChartAreaStyleSettings": { + "AWS::QuickSight::Dashboard.WaterfallChartColorConfiguration": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility settings of a radar chart.", - "title": "Visibility", - "type": "string" + "GroupColorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallChartGroupColorConfiguration", + "markdownDescription": "The color configuration for individual groups within a waterfall visual.", + "title": "GroupColorConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.RadarChartConfiguration": { + "AWS::QuickSight::Dashboard.WaterfallChartConfiguration": { "additionalProperties": false, "properties": { - "AlternateBandColorsVisibility": { - "markdownDescription": "Determines the visibility of the colors of alternatign bands in a radar chart.", - "title": "AlternateBandColorsVisibility", - "type": "string" - }, - "AlternateBandEvenColor": { - "markdownDescription": "The color of the even-numbered alternate bands of a radar chart.", - "title": "AlternateBandEvenColor", - "type": "string" - }, - "AlternateBandOddColor": { - "markdownDescription": "The color of the odd-numbered alternate bands of a radar chart.", - "title": "AlternateBandOddColor", - "type": "string" - }, - "AxesRangeScale": { - "markdownDescription": "The axis behavior options of a radar chart.", - "title": "AxesRangeScale", - "type": "string" - }, - "BaseSeriesSettings": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartSeriesSettings", - "markdownDescription": "The base sreies settings of a radar chart.", - "title": "BaseSeriesSettings" - }, - "CategoryAxis": { + "CategoryAxisDisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The category axis of a radar chart.", - "title": "CategoryAxis" + "markdownDescription": "The options that determine the presentation of the category axis.", + "title": "CategoryAxisDisplayOptions" }, - "CategoryLabelOptions": { + "CategoryAxisLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The category label options of a radar chart.", - "title": "CategoryLabelOptions" + "markdownDescription": "The options that determine the presentation of the category axis label.", + "title": "CategoryAxisLabelOptions" }, - "ColorAxis": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The color axis of a radar chart.", - "title": "ColorAxis" + "ColorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallChartColorConfiguration", + "markdownDescription": "The color configuration of a waterfall visual.", + "title": "ColorConfiguration" }, - "ColorLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The color label options of a radar chart.", - "title": "ColorLabelOptions" + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", + "markdownDescription": "The data label configuration of a waterfall visual.", + "title": "DataLabels" }, "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartFieldWells", - "markdownDescription": "The field well configuration of a `RadarChartVisual` .", + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallChartFieldWells", + "markdownDescription": "The field well configuration of a waterfall visual.", "title": "FieldWells" }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, "Legend": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", + "markdownDescription": "The legend configuration of a waterfall visual.", "title": "Legend" }, - "Shape": { - "markdownDescription": "The shape of the radar chart.", - "title": "Shape", - "type": "string" + "PrimaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the y-axis.", + "title": "PrimaryYAxisDisplayOptions" + }, + "PrimaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the y-axis label.", + "title": "PrimaryYAxisLabelOptions" }, "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartSortConfiguration", - "markdownDescription": "The sort configuration of a `RadarChartVisual` .", + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallChartSortConfiguration", + "markdownDescription": "The sort configuration of a waterfall visual.", "title": "SortConfiguration" }, - "StartAngle": { - "markdownDescription": "The start angle of a radar chart's axis.", - "title": "StartAngle", - "type": "number" - }, "VisualPalette": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", + "markdownDescription": "The visual palette configuration of a waterfall visual.", "title": "VisualPalette" + }, + "WaterfallChartOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallChartOptions", + "markdownDescription": "The options that determine the presentation of a waterfall visual.", + "title": "WaterfallChartOptions" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.RadarChartFieldWells": { + "AWS::QuickSight::Dashboard.WaterfallChartFieldWells": { "additionalProperties": false, "properties": { - "RadarChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a radar chart visual.", - "title": "RadarChartAggregatedFieldWells" + "WaterfallChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallChartAggregatedFieldWells", + "markdownDescription": "The field well configuration of a waterfall visual.", + "title": "WaterfallChartAggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.RadarChartSeriesSettings": { + "AWS::QuickSight::Dashboard.WaterfallChartGroupColorConfiguration": { "additionalProperties": false, "properties": { - "AreaStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartAreaStyleSettings", - "markdownDescription": "The area style settings of a radar chart.", - "title": "AreaStyleSettings" + "NegativeBarColor": { + "markdownDescription": "Defines the color for the negative bars of a waterfall chart.", + "title": "NegativeBarColor", + "type": "string" + }, + "PositiveBarColor": { + "markdownDescription": "Defines the color for the positive bars of a waterfall chart.", + "title": "PositiveBarColor", + "type": "string" + }, + "TotalBarColor": { + "markdownDescription": "Defines the color for the total bars of a waterfall chart.", + "title": "TotalBarColor", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.RadarChartSortConfiguration": { + "AWS::QuickSight::Dashboard.WaterfallChartOptions": { "additionalProperties": false, "properties": { - "CategoryItemsLimit": { + "TotalBarLabel": { + "markdownDescription": "This option determines the total bar label of a waterfall visual.", + "title": "TotalBarLabel", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.WaterfallChartSortConfiguration": { + "additionalProperties": false, + "properties": { + "BreakdownItemsLimit": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The category items limit for a radar chart.", - "title": "CategoryItemsLimit" + "markdownDescription": "The limit on the number of bar groups that are displayed.", + "title": "BreakdownItemsLimit" }, "CategorySort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" }, - "markdownDescription": "The category sort options of a radar chart.", + "markdownDescription": "The sort configuration of the category fields.", "title": "CategorySort", "type": "array" - }, - "ColorItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The color items limit of a radar chart.", - "title": "ColorItemsLimit" - }, - "ColorSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The color sort configuration of a radar chart.", - "title": "ColorSort", - "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.RadarChartVisual": { + "AWS::QuickSight::Dashboard.WaterfallVisual": { "additionalProperties": false, "properties": { "Actions": { @@ -204462,8 +248172,8 @@ "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartConfiguration", - "markdownDescription": "The configuration settings of the visual.", + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallChartConfiguration", + "markdownDescription": "The configuration for a waterfall visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { @@ -204484,6 +248194,11 @@ "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", @@ -204495,3218 +248210,3543 @@ ], "type": "object" }, - "AWS::QuickSight::Dashboard.RangeEndsLabelType": { + "AWS::QuickSight::Dashboard.WhatIfPointScenario": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility of the range ends label.", - "title": "Visibility", + "Date": { + "markdownDescription": "The date that you need the forecast results for.", + "title": "Date", "type": "string" + }, + "Value": { + "markdownDescription": "The target value that you want to meet for the provided date.", + "title": "Value", + "type": "number" } }, + "required": [ + "Date", + "Value" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.ReferenceLine": { + "AWS::QuickSight::Dashboard.WhatIfRangeScenario": { "additionalProperties": false, "properties": { - "DataConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineDataConfiguration", - "markdownDescription": "The data configuration of the reference line.", - "title": "DataConfiguration" - }, - "LabelConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineLabelConfiguration", - "markdownDescription": "The label configuration of the reference line.", - "title": "LabelConfiguration" + "EndDate": { + "markdownDescription": "The end date in the date range that you need the forecast results for.", + "title": "EndDate", + "type": "string" }, - "Status": { - "markdownDescription": "The status of the reference line. Choose one of the following options:\n\n- `ENABLE`\n- `DISABLE`", - "title": "Status", + "StartDate": { + "markdownDescription": "The start date in the date range that you need the forecast results for.", + "title": "StartDate", "type": "string" }, - "StyleConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineStyleConfiguration", - "markdownDescription": "The style configuration of the reference line.", - "title": "StyleConfiguration" + "Value": { + "markdownDescription": "The target value that you want to meet for the provided date range.", + "title": "Value", + "type": "number" } }, "required": [ - "DataConfiguration" + "EndDate", + "StartDate", + "Value" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ReferenceLineCustomLabelConfiguration": { + "AWS::QuickSight::Dashboard.WordCloudAggregatedFieldWells": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The string text of the custom label.", - "title": "CustomLabel", - "type": "string" + "GroupBy": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The group by field well of a word cloud. Values are grouped by group by fields.", + "title": "GroupBy", + "type": "array" + }, + "Size": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The size field well of a word cloud. Values are aggregated based on group by fields.", + "title": "Size", + "type": "array" } }, - "required": [ - "CustomLabel" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.ReferenceLineDataConfiguration": { + "AWS::QuickSight::Dashboard.WordCloudChartConfiguration": { "additionalProperties": false, "properties": { - "AxisBinding": { - "markdownDescription": "The axis binding type of the reference line. Choose one of the following options:\n\n- `PrimaryY`\n- `SecondaryY`", - "title": "AxisBinding", - "type": "string" + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) for the word cloud category.", + "title": "CategoryLabelOptions" }, - "DynamicConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineDynamicDataConfiguration", - "markdownDescription": "The dynamic configuration of the reference line data configuration.", - "title": "DynamicConfiguration" + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WordCloudFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" }, - "SeriesType": { - "markdownDescription": "The series type of the reference line data configuration. Choose one of the following options:\n\n- `BAR`\n- `LINE`", - "title": "SeriesType", - "type": "string" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" }, - "StaticConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineStaticDataConfiguration", - "markdownDescription": "The static data configuration of the reference line data configuration.", - "title": "StaticConfiguration" + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WordCloudSortConfiguration", + "markdownDescription": "The sort configuration of a word cloud visual.", + "title": "SortConfiguration" + }, + "WordCloudOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WordCloudOptions", + "markdownDescription": "The options for a word cloud visual.", + "title": "WordCloudOptions" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ReferenceLineDynamicDataConfiguration": { + "AWS::QuickSight::Dashboard.WordCloudFieldWells": { "additionalProperties": false, "properties": { - "Calculation": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericalAggregationFunction", - "markdownDescription": "The calculation that is used in the dynamic data.", - "title": "Calculation" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that the dynamic data targets.", - "title": "Column" - }, - "MeasureAggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationFunction", - "markdownDescription": "The aggregation function that is used in the dynamic data.", - "title": "MeasureAggregationFunction" + "WordCloudAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WordCloudAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a word cloud.", + "title": "WordCloudAggregatedFieldWells" } }, - "required": [ - "Calculation", - "Column" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.ReferenceLineLabelConfiguration": { + "AWS::QuickSight::Dashboard.WordCloudOptions": { "additionalProperties": false, "properties": { - "CustomLabelConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineCustomLabelConfiguration", - "markdownDescription": "The custom label configuration of the label in a reference line.", - "title": "CustomLabelConfiguration" - }, - "FontColor": { - "markdownDescription": "The font color configuration of the label in a reference line.", - "title": "FontColor", + "CloudLayout": { + "markdownDescription": "The cloud layout options (fluid, normal) of a word cloud.", + "title": "CloudLayout", "type": "string" }, - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", - "markdownDescription": "The font configuration of the label in a reference line.", - "title": "FontConfiguration" + "MaximumStringLength": { + "markdownDescription": "The length limit of each word from 1-100.", + "title": "MaximumStringLength", + "type": "number" }, - "HorizontalPosition": { - "markdownDescription": "The horizontal position configuration of the label in a reference line. Choose one of the following options:\n\n- `LEFT`\n- `CENTER`\n- `RIGHT`", - "title": "HorizontalPosition", + "WordCasing": { + "markdownDescription": "The word casing options (lower_case, existing_case) for the words in a word cloud.", + "title": "WordCasing", "type": "string" }, - "ValueLabelConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineValueLabelConfiguration", - "markdownDescription": "The value label configuration of the label in a reference line.", - "title": "ValueLabelConfiguration" - }, - "VerticalPosition": { - "markdownDescription": "The vertical position configuration of the label in a reference line. Choose one of the following options:\n\n- `ABOVE`\n- `BELOW`", - "title": "VerticalPosition", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.ReferenceLineStaticDataConfiguration": { - "additionalProperties": false, - "properties": { - "Value": { - "markdownDescription": "The double input of the static data.", - "title": "Value", - "type": "number" - } - }, - "required": [ - "Value" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.ReferenceLineStyleConfiguration": { - "additionalProperties": false, - "properties": { - "Color": { - "markdownDescription": "The hex color of the reference line.", - "title": "Color", + "WordOrientation": { + "markdownDescription": "The word orientation options (horizontal, horizontal_and_vertical) for the words in a word cloud.", + "title": "WordOrientation", "type": "string" }, - "Pattern": { - "markdownDescription": "The pattern type of the line style. Choose one of the following options:\n\n- `SOLID`\n- `DASHED`\n- `DOTTED`", - "title": "Pattern", + "WordPadding": { + "markdownDescription": "The word padding options (none, small, medium, large) for the words in a word cloud.", + "title": "WordPadding", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.ReferenceLineValueLabelConfiguration": { - "additionalProperties": false, - "properties": { - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericFormatConfiguration", - "markdownDescription": "The format configuration of the value label.", - "title": "FormatConfiguration" }, - "RelativePosition": { - "markdownDescription": "The relative position of the value label. Choose one of the following options:\n\n- `BEFORE_CUSTOM_LABEL`\n- `AFTER_CUSTOM_LABEL`", - "title": "RelativePosition", + "WordScaling": { + "markdownDescription": "The word scaling options (emphasize, normal) for the words in a word cloud.", + "title": "WordScaling", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.RelativeDateTimeControlDisplayOptions": { + "AWS::QuickSight::Dashboard.WordCloudSortConfiguration": { "additionalProperties": false, "properties": { - "DateTimeFormat": { - "markdownDescription": "Customize how dates are formatted in controls.", - "title": "DateTimeFormat", - "type": "string" - }, - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of groups that are displayed in a word cloud.", + "title": "CategoryItemsLimit" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of group by fields.", + "title": "CategorySort", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.RelativeDatesFilter": { + "AWS::QuickSight::Dashboard.WordCloudVisual": { "additionalProperties": false, "properties": { - "AnchorDateConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AnchorDateConfiguration", - "markdownDescription": "The date configuration of the filter.", - "title": "AnchorDateConfiguration" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" - }, - "ExcludePeriodConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ExcludePeriodConfiguration", - "markdownDescription": "The configuration for the exclude period of the filter.", - "title": "ExcludePeriodConfiguration" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", - "type": "string" + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WordCloudChartConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" }, - "MinimumGranularity": { - "markdownDescription": "The minimum granularity (period granularity) of the relative dates filter.", - "title": "MinimumGranularity", - "type": "string" + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", - "type": "string" + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.", - "title": "ParameterName", - "type": "string" + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" }, - "RelativeDateType": { - "markdownDescription": "The range date type of the filter. Choose one of the options below:\n\n- `PREVIOUS`\n- `THIS`\n- `LAST`\n- `NOW`\n- `NEXT`", - "title": "RelativeDateType", + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", "type": "string" }, - "RelativeDateValue": { - "markdownDescription": "The date value of the filter.", - "title": "RelativeDateValue", - "type": "number" - }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", "type": "string" } }, "required": [ - "AnchorDateConfiguration", - "Column", - "FilterId", - "NullOption", - "RelativeDateType", - "TimeGranularity" + "VisualId" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ResourcePermission": { + "AWS::QuickSight::Dashboard.YAxisOptions": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "type": "string" - }, - "markdownDescription": "The IAM action to grant or revoke permissions on.", - "title": "Actions", - "type": "array" - }, - "Principal": { - "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", - "title": "Principal", + "YAxis": { + "markdownDescription": "The Y axis type to be used in the chart.\n\nIf you choose `PRIMARY_Y_AXIS` , the primary Y Axis is located on the leftmost vertical axis of the chart.", + "title": "YAxis", "type": "string" } }, "required": [ - "Actions", - "Principal" + "YAxis" ], "type": "object" }, - "AWS::QuickSight::Dashboard.RollingDateConfiguration": { + "AWS::QuickSight::DataSet": { "additionalProperties": false, "properties": { - "DataSetIdentifier": { - "markdownDescription": "The data set that is used in the rolling date configuration.", - "title": "DataSetIdentifier", + "Condition": { "type": "string" }, - "Expression": { - "markdownDescription": "The expression of the rolling date configuration.", - "title": "Expression", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "required": [ - "Expression" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.RowAlternateColorOptions": { - "additionalProperties": false, - "properties": { - "RowAlternateColors": { - "items": { - "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AwsAccountId": { + "markdownDescription": "The AWS account ID.", + "title": "AwsAccountId", + "type": "string" + }, + "ColumnGroups": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.ColumnGroup" + }, + "markdownDescription": "Groupings of columns that work together in certain Amazon QuickSight features. Currently, only geospatial hierarchy is supported.", + "title": "ColumnGroups", + "type": "array" + }, + "ColumnLevelPermissionRules": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.ColumnLevelPermissionRule" + }, + "markdownDescription": "A set of one or more definitions of a `ColumnLevelPermissionRule` .", + "title": "ColumnLevelPermissionRules", + "type": "array" + }, + "DataSetId": { + "markdownDescription": "An ID for the dataset that you want to create. This ID is unique per AWS Region for each AWS account.", + "title": "DataSetId", + "type": "string" + }, + "DataSetRefreshProperties": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.DataSetRefreshProperties", + "markdownDescription": "The refresh properties of a dataset.", + "title": "DataSetRefreshProperties" + }, + "DataSetUsageConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.DataSetUsageConfiguration", + "markdownDescription": "The usage configuration to apply to child datasets that reference this dataset as a source.", + "title": "DataSetUsageConfiguration" + }, + "DatasetParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.DatasetParameter" + }, + "markdownDescription": "The parameters that are declared in a dataset.", + "title": "DatasetParameters", + "type": "array" + }, + "FieldFolders": { + "additionalProperties": false, + "markdownDescription": "The folder that contains fields and nested subfolders for your dataset.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.FieldFolder" + } + }, + "title": "FieldFolders", + "type": "object" + }, + "FolderArns": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "FolderArns", + "type": "array" + }, + "ImportMode": { + "markdownDescription": "Indicates whether you want to import the data into SPICE.", + "title": "ImportMode", + "type": "string" + }, + "IngestionWaitPolicy": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.IngestionWaitPolicy", + "markdownDescription": "The wait policy to use when creating or updating a Dataset. The default is to wait for SPICE ingestion to finish with timeout of 36 hours.", + "title": "IngestionWaitPolicy" + }, + "LogicalTableMap": { + "additionalProperties": false, + "markdownDescription": "Configures the combination and transformation of the data from the physical tables.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.LogicalTable" + } + }, + "title": "LogicalTableMap", + "type": "object" + }, + "Name": { + "markdownDescription": "The display name for the dataset.", + "title": "Name", + "type": "string" + }, + "PerformanceConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.PerformanceConfiguration", + "markdownDescription": "The performance optimization configuration of a dataset.", + "title": "PerformanceConfiguration" + }, + "Permissions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.ResourcePermission" + }, + "markdownDescription": "A list of resource permissions on the dataset.", + "title": "Permissions", + "type": "array" + }, + "PhysicalTableMap": { + "additionalProperties": false, + "markdownDescription": "Declares the physical tables that are available in the underlying data sources.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.PhysicalTable" + } + }, + "title": "PhysicalTableMap", + "type": "object" + }, + "RowLevelPermissionDataSet": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.RowLevelPermissionDataSet", + "markdownDescription": "The row-level security configuration for the data that you want to create.", + "title": "RowLevelPermissionDataSet" + }, + "RowLevelPermissionTagConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.RowLevelPermissionTagConfiguration", + "markdownDescription": "The element you can use to define tags for row-level security.", + "title": "RowLevelPermissionTagConfiguration" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Contains a map of the key-value pairs for the resource tag or tags assigned to the dataset.", + "title": "Tags", + "type": "array" + }, + "UseAs": { + "markdownDescription": "The usage of the dataset.", + "title": "UseAs", + "type": "string" + } }, - "markdownDescription": "Determines the list of row alternate colors.", - "title": "RowAlternateColors", - "type": "array" + "type": "object" }, - "Status": { - "markdownDescription": "Determines the widget status.", - "title": "Status", + "Type": { + "enum": [ + "AWS::QuickSight::DataSet" + ], "type": "string" }, - "UsePrimaryBackgroundColor": { - "markdownDescription": "The primary background color options for alternate rows.", - "title": "UsePrimaryBackgroundColor", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.SameSheetTargetVisualConfiguration": { + "AWS::QuickSight::DataSet.CalculatedColumn": { "additionalProperties": false, "properties": { - "TargetVisualOptions": { - "markdownDescription": "The options that choose the target visual in the same sheet.\n\nValid values are defined as follows:\n\n- `ALL_VISUALS` : Applies the filter operation to all visuals in the same sheet.", - "title": "TargetVisualOptions", + "ColumnId": { + "markdownDescription": "A unique ID to identify a calculated column. During a dataset update, if the column ID of a calculated column matches that of an existing calculated column, Amazon QuickSight preserves the existing calculated column.", + "title": "ColumnId", "type": "string" }, - "TargetVisuals": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the target visual IDs that are located in the same sheet of the analysis.", - "title": "TargetVisuals", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.SankeyDiagramAggregatedFieldWells": { - "additionalProperties": false, - "properties": { - "Destination": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The destination field wells of a sankey diagram.", - "title": "Destination", - "type": "array" - }, - "Source": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The source field wells of a sankey diagram.", - "title": "Source", - "type": "array" + "ColumnName": { + "markdownDescription": "Column name.", + "title": "ColumnName", + "type": "string" }, - "Weight": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The weight field wells of a sankey diagram.", - "title": "Weight", - "type": "array" + "Expression": { + "markdownDescription": "An expression that defines the calculated column.", + "title": "Expression", + "type": "string" } }, + "required": [ + "ColumnId", + "ColumnName", + "Expression" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.SankeyDiagramChartConfiguration": { + "AWS::QuickSight::DataSet.CastColumnTypeOperation": { "additionalProperties": false, "properties": { - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", - "markdownDescription": "The data label configuration of a sankey diagram.", - "title": "DataLabels" + "ColumnName": { + "markdownDescription": "Column name.", + "title": "ColumnName", + "type": "string" }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SankeyDiagramFieldWells", - "markdownDescription": "The field well configuration of a sankey diagram.", - "title": "FieldWells" + "Format": { + "markdownDescription": "When casting a column from string to datetime type, you can supply a string in a format supported by Amazon QuickSight to denote the source data format.", + "title": "Format", + "type": "string" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SankeyDiagramSortConfiguration", - "markdownDescription": "The sort configuration of a sankey diagram.", - "title": "SortConfiguration" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.SankeyDiagramFieldWells": { - "additionalProperties": false, - "properties": { - "SankeyDiagramAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SankeyDiagramAggregatedFieldWells", - "markdownDescription": "The field well configuration of a sankey diagram.", - "title": "SankeyDiagramAggregatedFieldWells" + "NewColumnType": { + "markdownDescription": "New column data type.", + "title": "NewColumnType", + "type": "string" + }, + "SubType": { + "markdownDescription": "The sub data type of the new column. Sub types are only available for decimal columns that are part of a SPICE dataset.", + "title": "SubType", + "type": "string" } }, + "required": [ + "ColumnName", + "NewColumnType" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.SankeyDiagramSortConfiguration": { + "AWS::QuickSight::DataSet.ColumnDescription": { "additionalProperties": false, "properties": { - "DestinationItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of destination nodes that are displayed in a sankey diagram.", - "title": "DestinationItemsLimit" - }, - "SourceItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of source nodes that are displayed in a sankey diagram.", - "title": "SourceItemsLimit" - }, - "WeightSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the weight fields.", - "title": "WeightSort", - "type": "array" + "Text": { + "markdownDescription": "The text of a description for a column.", + "title": "Text", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SankeyDiagramVisual": { + "AWS::QuickSight::DataSet.ColumnGroup": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SankeyDiagramChartConfiguration", - "markdownDescription": "The configuration of a sankey diagram.", - "title": "ChartConfiguration" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" - }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", - "type": "string" + "GeoSpatialColumnGroup": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.GeoSpatialColumnGroup", + "markdownDescription": "Geospatial column group that denotes a hierarchy.", + "title": "GeoSpatialColumnGroup" } }, - "required": [ - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.ScatterPlotCategoricallyAggregatedFieldWells": { + "AWS::QuickSight::DataSet.ColumnLevelPermissionRule": { "additionalProperties": false, "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The category field well of a scatter plot.", - "title": "Category", - "type": "array" - }, - "Label": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The label field well of a scatter plot.", - "title": "Label", - "type": "array" - }, - "Size": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The size field well of a scatter plot.", - "title": "Size", - "type": "array" - }, - "XAxis": { + "ColumnNames": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + "type": "string" }, - "markdownDescription": "The x-axis field well of a scatter plot.\n\nThe x-axis is aggregated by category.", - "title": "XAxis", + "markdownDescription": "An array of column names.", + "title": "ColumnNames", "type": "array" }, - "YAxis": { + "Principals": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + "type": "string" }, - "markdownDescription": "The y-axis field well of a scatter plot.\n\nThe y-axis is aggregated by category.", - "title": "YAxis", + "markdownDescription": "An array of Amazon Resource Names (ARNs) for QuickSight users or groups.", + "title": "Principals", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ScatterPlotConfiguration": { - "additionalProperties": false, - "properties": { - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.", - "title": "DataLabels" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScatterPlotFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" - }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Tooltip" - }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" - }, - "XAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, and axis step) of the scatter plot's x-axis.", - "title": "XAxisDisplayOptions" - }, - "XAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's x-axis.", - "title": "XAxisLabelOptions" - }, - "YAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, and axis step) of the scatter plot's y-axis.", - "title": "YAxisDisplayOptions" - }, - "YAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's y-axis.", - "title": "YAxisLabelOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.ScatterPlotFieldWells": { + "AWS::QuickSight::DataSet.ColumnTag": { "additionalProperties": false, "properties": { - "ScatterPlotCategoricallyAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScatterPlotCategoricallyAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a scatter plot. The x and y-axes of scatter plots with aggregated field wells are aggregated by category, label, or both.", - "title": "ScatterPlotCategoricallyAggregatedFieldWells" + "ColumnDescription": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.ColumnDescription", + "markdownDescription": "A description for a column.", + "title": "ColumnDescription" }, - "ScatterPlotUnaggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScatterPlotUnaggregatedFieldWells", - "markdownDescription": "The unaggregated field wells of a scatter plot. The x and y-axes of these scatter plots are unaggregated.", - "title": "ScatterPlotUnaggregatedFieldWells" + "ColumnGeographicRole": { + "markdownDescription": "A geospatial role for a column.", + "title": "ColumnGeographicRole", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ScatterPlotUnaggregatedFieldWells": { + "AWS::QuickSight::DataSet.CreateColumnsOperation": { "additionalProperties": false, "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The category field well of a scatter plot.", - "title": "Category", - "type": "array" - }, - "Label": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The label field well of a scatter plot.", - "title": "Label", - "type": "array" - }, - "Size": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The size field well of a scatter plot.", - "title": "Size", - "type": "array" - }, - "XAxis": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The x-axis field well of a scatter plot.\n\nThe x-axis is a dimension field and cannot be aggregated.", - "title": "XAxis", - "type": "array" - }, - "YAxis": { + "Columns": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::DataSet.CalculatedColumn" }, - "markdownDescription": "The y-axis field well of a scatter plot.\n\nThe y-axis is a dimension field and cannot be aggregated.", - "title": "YAxis", + "markdownDescription": "Calculated columns to create.", + "title": "Columns", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ScatterPlotVisual": { + "AWS::QuickSight::DataSet.CustomSql": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScatterPlotConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" - }, - "ColumnHierarchies": { + "Columns": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + "$ref": "#/definitions/AWS::QuickSight::DataSet.InputColumn" }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", + "markdownDescription": "The column schema from the SQL query result set.", + "title": "Columns", "type": "array" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "DataSourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the data source.", + "title": "DataSourceArn", + "type": "string" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Name": { + "markdownDescription": "A display name for the SQL query result.", + "title": "Name", + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "SqlQuery": { + "markdownDescription": "The SQL query.", + "title": "SqlQuery", "type": "string" } }, "required": [ - "VisualId" + "DataSourceArn", + "Name", + "SqlQuery" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ScrollBarOptions": { + "AWS::QuickSight::DataSet.DataSetRefreshProperties": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility of the data zoom scroll bar.", - "title": "Visibility", - "type": "string" + "FailureConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.RefreshFailureConfiguration", + "markdownDescription": "The failure configuration for a dataset.", + "title": "FailureConfiguration" }, - "VisibleRange": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisibleRangeOptions", - "markdownDescription": "The visibility range for the data zoom scroll bar.", - "title": "VisibleRange" + "RefreshConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.RefreshConfiguration", + "markdownDescription": "The refresh configuration for a dataset.", + "title": "RefreshConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SecondaryValueOptions": { + "AWS::QuickSight::DataSet.DataSetUsageConfiguration": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "Determines the visibility of the secondary value.", - "title": "Visibility", - "type": "string" + "DisableUseAsDirectQuerySource": { + "markdownDescription": "An option that controls whether a child dataset of a direct query can use this dataset as a source.", + "title": "DisableUseAsDirectQuerySource", + "type": "boolean" + }, + "DisableUseAsImportedSource": { + "markdownDescription": "An option that controls whether a child dataset that's stored in QuickSight can use this dataset as a source.", + "title": "DisableUseAsImportedSource", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SectionAfterPageBreak": { + "AWS::QuickSight::DataSet.DatasetParameter": { "additionalProperties": false, "properties": { - "Status": { - "markdownDescription": "The option that enables or disables a page break at the end of a section.", - "title": "Status", - "type": "string" + "DateTimeDatasetParameter": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.DateTimeDatasetParameter", + "markdownDescription": "A date time parameter that is created in the dataset.", + "title": "DateTimeDatasetParameter" + }, + "DecimalDatasetParameter": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.DecimalDatasetParameter", + "markdownDescription": "A decimal parameter that is created in the dataset.", + "title": "DecimalDatasetParameter" + }, + "IntegerDatasetParameter": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.IntegerDatasetParameter", + "markdownDescription": "An integer parameter that is created in the dataset.", + "title": "IntegerDatasetParameter" + }, + "StringDatasetParameter": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.StringDatasetParameter", + "markdownDescription": "A string parameter that is created in the dataset.", + "title": "StringDatasetParameter" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SectionBasedLayoutCanvasSizeOptions": { + "AWS::QuickSight::DataSet.DateTimeDatasetParameter": { "additionalProperties": false, "properties": { - "PaperCanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionBasedLayoutPaperCanvasSizeOptions", - "markdownDescription": "The options for a paper canvas of a section-based layout.", - "title": "PaperCanvasSizeOptions" + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.DateTimeDatasetParameterDefaultValues", + "markdownDescription": "A list of default values for a given date time parameter. This structure only accepts static values.", + "title": "DefaultValues" + }, + "Id": { + "markdownDescription": "An identifier for the parameter that is created in the dataset.", + "title": "Id", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the date time parameter that is created in the dataset.", + "title": "Name", + "type": "string" + }, + "TimeGranularity": { + "markdownDescription": "The time granularity of the date time parameter.", + "title": "TimeGranularity", + "type": "string" + }, + "ValueType": { + "markdownDescription": "The value type of the dataset parameter. Valid values are `single value` or `multi value` .", + "title": "ValueType", + "type": "string" } }, + "required": [ + "Id", + "Name", + "ValueType" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.SectionBasedLayoutConfiguration": { + "AWS::QuickSight::DataSet.DateTimeDatasetParameterDefaultValues": { "additionalProperties": false, "properties": { - "BodySections": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BodySectionConfiguration" - }, - "markdownDescription": "A list of body section configurations.", - "title": "BodySections", - "type": "array" - }, - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionBasedLayoutCanvasSizeOptions", - "markdownDescription": "The options for the canvas of a section-based layout.", - "title": "CanvasSizeOptions" - }, - "FooterSections": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeaderFooterSectionConfiguration" - }, - "markdownDescription": "A list of footer section configurations.", - "title": "FooterSections", - "type": "array" - }, - "HeaderSections": { + "StaticValues": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeaderFooterSectionConfiguration" + "type": "string" }, - "markdownDescription": "A list of header section configurations.", - "title": "HeaderSections", + "markdownDescription": "A list of static default values for a given date time parameter. The valid format for this property is `yyyy-MM-dd\u2019T\u2019HH:mm:ss\u2019Z\u2019` .", + "title": "StaticValues", "type": "array" } }, - "required": [ - "BodySections", - "CanvasSizeOptions", - "FooterSections", - "HeaderSections" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.SectionBasedLayoutPaperCanvasSizeOptions": { + "AWS::QuickSight::DataSet.DecimalDatasetParameter": { "additionalProperties": false, "properties": { - "PaperMargin": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.Spacing", - "markdownDescription": "Defines the spacing between the canvas content and the top, bottom, left, and right edges.", - "title": "PaperMargin" + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.DecimalDatasetParameterDefaultValues", + "markdownDescription": "A list of default values for a given decimal parameter. This structure only accepts static values.", + "title": "DefaultValues" }, - "PaperOrientation": { - "markdownDescription": "The paper orientation that is used to define canvas dimensions. Choose one of the following options:\n\n- PORTRAIT\n- LANDSCAPE", - "title": "PaperOrientation", + "Id": { + "markdownDescription": "An identifier for the decimal parameter created in the dataset.", + "title": "Id", "type": "string" }, - "PaperSize": { - "markdownDescription": "The paper size that is used to define canvas dimensions.", - "title": "PaperSize", + "Name": { + "markdownDescription": "The name of the decimal parameter that is created in the dataset.", + "title": "Name", + "type": "string" + }, + "ValueType": { + "markdownDescription": "The value type of the dataset parameter. Valid values are `single value` or `multi value` .", + "title": "ValueType", "type": "string" } }, + "required": [ + "Id", + "Name", + "ValueType" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.SectionLayoutConfiguration": { + "AWS::QuickSight::DataSet.DecimalDatasetParameterDefaultValues": { "additionalProperties": false, "properties": { - "FreeFormLayout": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormSectionLayoutConfiguration", - "markdownDescription": "The free-form layout configuration of a section.", - "title": "FreeFormLayout" + "StaticValues": { + "items": { + "type": "number" + }, + "markdownDescription": "A list of static default values for a given decimal parameter.", + "title": "StaticValues", + "type": "array" } }, - "required": [ - "FreeFormLayout" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.SectionPageBreakConfiguration": { + "AWS::QuickSight::DataSet.FieldFolder": { "additionalProperties": false, "properties": { - "After": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionAfterPageBreak", - "markdownDescription": "The configuration of a page break after a section.", - "title": "After" + "Columns": { + "items": { + "type": "string" + }, + "markdownDescription": "A folder has a list of columns. A column can only be in one folder.", + "title": "Columns", + "type": "array" + }, + "Description": { + "markdownDescription": "The description for a field folder.", + "title": "Description", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SectionStyle": { + "AWS::QuickSight::DataSet.FilterOperation": { "additionalProperties": false, "properties": { - "Height": { - "markdownDescription": "The height of a section.\n\nHeights can only be defined for header and footer sections. The default height margin is 0.5 inches.", - "title": "Height", + "ConditionExpression": { + "markdownDescription": "An expression that must evaluate to a Boolean value. Rows for which the expression evaluates to true are kept in the dataset.", + "title": "ConditionExpression", "type": "string" - }, - "Padding": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.Spacing", - "markdownDescription": "The spacing between section content and its top, bottom, left, and right edges.\n\nThere is no padding by default.", - "title": "Padding" } }, + "required": [ + "ConditionExpression" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.SelectedSheetsFilterScopeConfiguration": { + "AWS::QuickSight::DataSet.GeoSpatialColumnGroup": { "additionalProperties": false, "properties": { - "SheetVisualScopingConfigurations": { + "Columns": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetVisualScopingConfiguration" + "type": "string" }, - "markdownDescription": "The sheet ID and visual IDs of the sheet and visuals that the filter is applied to.", - "title": "SheetVisualScopingConfigurations", + "markdownDescription": "Columns in this hierarchy.", + "title": "Columns", "type": "array" + }, + "CountryCode": { + "markdownDescription": "Country code.", + "title": "CountryCode", + "type": "string" + }, + "Name": { + "markdownDescription": "A display name for the hierarchy.", + "title": "Name", + "type": "string" } }, + "required": [ + "Columns", + "Name" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.SeriesItem": { + "AWS::QuickSight::DataSet.IncrementalRefresh": { "additionalProperties": false, "properties": { - "DataFieldSeriesItem": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataFieldSeriesItem", - "markdownDescription": "The data field series item configuration of a line chart.", - "title": "DataFieldSeriesItem" - }, - "FieldSeriesItem": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSeriesItem", - "markdownDescription": "The field series item configuration of a line chart.", - "title": "FieldSeriesItem" + "LookbackWindow": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.LookbackWindow", + "markdownDescription": "The lookback window setup for an incremental refresh configuration.", + "title": "LookbackWindow" } }, + "required": [ + "LookbackWindow" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.SetParameterValueConfiguration": { + "AWS::QuickSight::DataSet.IngestionWaitPolicy": { "additionalProperties": false, "properties": { - "DestinationParameterName": { - "markdownDescription": "The destination parameter name of the `SetParameterValueConfiguration` .", - "title": "DestinationParameterName", - "type": "string" + "IngestionWaitTimeInHours": { + "markdownDescription": "The maximum time (in hours) to wait for Ingestion to complete. Default timeout is 36 hours. Applicable only when `DataSetImportMode` mode is set to SPICE and `WaitForSpiceIngestion` is set to true.", + "title": "IngestionWaitTimeInHours", + "type": "number" }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DestinationParameterValueConfiguration", - "markdownDescription": "", - "title": "Value" + "WaitForSpiceIngestion": { + "markdownDescription": "Wait for SPICE ingestion to finish to mark dataset creation or update as successful. Default (true). Applicable only when `DataSetImportMode` mode is set to SPICE.", + "title": "WaitForSpiceIngestion", + "type": "boolean" } }, - "required": [ - "DestinationParameterName", - "Value" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.ShapeConditionalFormat": { + "AWS::QuickSight::DataSet.InputColumn": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting for the shape background color of a filled map visual.", - "title": "BackgroundColor" + "Name": { + "markdownDescription": "The name of this column in the underlying data source.", + "title": "Name", + "type": "string" + }, + "SubType": { + "markdownDescription": "The sub data type of the column. Sub types are only available for decimal columns that are part of a SPICE dataset.", + "title": "SubType", + "type": "string" + }, + "Type": { + "markdownDescription": "The data type of the column.", + "title": "Type", + "type": "string" } }, "required": [ - "BackgroundColor" + "Name", + "Type" ], "type": "object" }, - "AWS::QuickSight::Dashboard.Sheet": { + "AWS::QuickSight::DataSet.IntegerDatasetParameter": { "additionalProperties": false, "properties": { + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.IntegerDatasetParameterDefaultValues", + "markdownDescription": "A list of default values for a given integer parameter. This structure only accepts static values.", + "title": "DefaultValues" + }, + "Id": { + "markdownDescription": "An identifier for the integer parameter created in the dataset.", + "title": "Id", + "type": "string" + }, "Name": { - "markdownDescription": "The name of a sheet. This name is displayed on the sheet's tab in the Amazon QuickSight console.", + "markdownDescription": "The name of the integer parameter that is created in the dataset.", "title": "Name", "type": "string" }, - "SheetId": { - "markdownDescription": "The unique identifier associated with a sheet.", - "title": "SheetId", + "ValueType": { + "markdownDescription": "The value type of the dataset parameter. Valid values are `single value` or `multi value` .", + "title": "ValueType", "type": "string" } }, + "required": [ + "Id", + "Name", + "ValueType" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions": { + "AWS::QuickSight::DataSet.IntegerDatasetParameterDefaultValues": { "additionalProperties": false, "properties": { - "InfoIconText": { - "markdownDescription": "The text content of info icon.", - "title": "InfoIconText", - "type": "string" - }, - "Visibility": { - "markdownDescription": "The visibility configuration of info icon label options.", - "title": "Visibility", - "type": "string" + "StaticValues": { + "items": { + "type": "number" + }, + "markdownDescription": "A list of static default values for a given integer parameter.", + "title": "StaticValues", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SheetControlLayout": { + "AWS::QuickSight::DataSet.JoinInstruction": { "additionalProperties": false, "properties": { - "Configuration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlLayoutConfiguration", - "markdownDescription": "The configuration that determines the elements and canvas size options of sheet control.", - "title": "Configuration" + "LeftJoinKeyProperties": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.JoinKeyProperties", + "markdownDescription": "Join key properties of the left operand.", + "title": "LeftJoinKeyProperties" + }, + "LeftOperand": { + "markdownDescription": "The operand on the left side of a join.", + "title": "LeftOperand", + "type": "string" + }, + "OnClause": { + "markdownDescription": "The join instructions provided in the `ON` clause of a join.", + "title": "OnClause", + "type": "string" + }, + "RightJoinKeyProperties": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.JoinKeyProperties", + "markdownDescription": "Join key properties of the right operand.", + "title": "RightJoinKeyProperties" + }, + "RightOperand": { + "markdownDescription": "The operand on the right side of a join.", + "title": "RightOperand", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of join that it is.", + "title": "Type", + "type": "string" } }, "required": [ - "Configuration" + "LeftOperand", + "OnClause", + "RightOperand", + "Type" ], "type": "object" }, - "AWS::QuickSight::Dashboard.SheetControlLayoutConfiguration": { + "AWS::QuickSight::DataSet.JoinKeyProperties": { "additionalProperties": false, "properties": { - "GridLayout": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GridLayoutConfiguration", - "markdownDescription": "The configuration that determines the elements and canvas size options of sheet control.", - "title": "GridLayout" + "UniqueKey": { + "markdownDescription": "A value that indicates that a row in a table is uniquely identified by the columns in a join key. This is used by QuickSight to optimize query performance.", + "title": "UniqueKey", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SheetControlsOption": { + "AWS::QuickSight::DataSet.LogicalTable": { "additionalProperties": false, "properties": { - "VisibilityState": { - "markdownDescription": "Visibility state.", - "title": "VisibilityState", + "Alias": { + "markdownDescription": "A display name for the logical table.", + "title": "Alias", "type": "string" + }, + "DataTransforms": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.TransformOperation" + }, + "markdownDescription": "Transform operations that act on this logical table. For this structure to be valid, only one of the attributes can be non-null.", + "title": "DataTransforms", + "type": "array" + }, + "Source": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.LogicalTableSource", + "markdownDescription": "Source of this logical table.", + "title": "Source" } }, + "required": [ + "Alias" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.SheetDefinition": { + "AWS::QuickSight::DataSet.LogicalTableSource": { "additionalProperties": false, "properties": { - "ContentType": { - "markdownDescription": "The layout content type of the sheet. Choose one of the following options:\n\n- `PAGINATED` : Creates a sheet for a paginated report.\n- `INTERACTIVE` : Creates a sheet for an interactive dashboard.", - "title": "ContentType", + "DataSetArn": { + "markdownDescription": "The Amazon Resource Number (ARN) of the parent dataset.", + "title": "DataSetArn", "type": "string" }, - "Description": { - "markdownDescription": "A description of the sheet.", - "title": "Description", - "type": "string" + "JoinInstruction": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.JoinInstruction", + "markdownDescription": "Specifies the result of a join of two logical tables.", + "title": "JoinInstruction" }, - "FilterControls": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterControl" - }, - "markdownDescription": "The list of filter controls that are on a sheet.\n\nFor more information, see [Adding filter controls to analysis sheets](https://docs.aws.amazon.com/quicksight/latest/user/filter-controls.html) in the *Amazon QuickSight User Guide* .", - "title": "FilterControls", - "type": "array" + "PhysicalTableId": { + "markdownDescription": "Physical table ID.", + "title": "PhysicalTableId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.LookbackWindow": { + "additionalProperties": false, + "properties": { + "ColumnName": { + "markdownDescription": "The name of the lookback window column.", + "title": "ColumnName", + "type": "string" }, - "Layouts": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.Layout" - }, - "markdownDescription": "Layouts define how the components of a sheet are arranged.\n\nFor more information, see [Types of layout](https://docs.aws.amazon.com/quicksight/latest/user/types-of-layout.html) in the *Amazon QuickSight User Guide* .", - "title": "Layouts", - "type": "array" + "Size": { + "markdownDescription": "The lookback window column size.", + "title": "Size", + "type": "number" }, - "Name": { - "markdownDescription": "The name of the sheet. This name is displayed on the sheet's tab in the Amazon QuickSight console.", - "title": "Name", + "SizeUnit": { + "markdownDescription": "The size unit that is used for the lookback window column. Valid values for this structure are `HOUR` , `DAY` , and `WEEK` .", + "title": "SizeUnit", "type": "string" - }, - "ParameterControls": { + } + }, + "required": [ + "ColumnName", + "Size", + "SizeUnit" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.NewDefaultValues": { + "additionalProperties": false, + "properties": { + "DateTimeStaticValues": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterControl" + "type": "string" }, - "markdownDescription": "The list of parameter controls that are on a sheet.\n\nFor more information, see [Using a Control with a Parameter in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-controls.html) in the *Amazon QuickSight User Guide* .", - "title": "ParameterControls", + "markdownDescription": "A list of static default values for a given date time parameter. The valid format for this property is `yyyy-MM-dd\u2019T\u2019HH:mm:ss\u2019Z\u2019` .", + "title": "DateTimeStaticValues", "type": "array" }, - "SheetControlLayouts": { + "DecimalStaticValues": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlLayout" + "type": "number" }, - "markdownDescription": "The control layouts of the sheet.", - "title": "SheetControlLayouts", + "markdownDescription": "A list of static default values for a given decimal parameter.", + "title": "DecimalStaticValues", "type": "array" }, - "SheetId": { - "markdownDescription": "The unique identifier of a sheet.", - "title": "SheetId", - "type": "string" - }, - "TextBoxes": { + "IntegerStaticValues": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetTextBox" + "type": "number" }, - "markdownDescription": "The text boxes that are on a sheet.", - "title": "TextBoxes", + "markdownDescription": "A list of static default values for a given integer parameter.", + "title": "IntegerStaticValues", "type": "array" }, - "Title": { - "markdownDescription": "The title of the sheet.", - "title": "Title", - "type": "string" - }, - "Visuals": { + "StringStaticValues": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.Visual" + "type": "string" }, - "markdownDescription": "A list of the visuals that are on a sheet. Visual placement is determined by the layout of the sheet.", - "title": "Visuals", + "markdownDescription": "A list of static default values for a given string parameter.", + "title": "StringStaticValues", "type": "array" } }, - "required": [ - "SheetId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.SheetElementConfigurationOverrides": { + "AWS::QuickSight::DataSet.OutputColumn": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "Determines whether or not the overrides are visible. Choose one of the following options:\n\n- `VISIBLE`\n- `HIDDEN`", - "title": "Visibility", + "Description": { + "markdownDescription": "A description for a column.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The display name of the column..", + "title": "Name", + "type": "string" + }, + "SubType": { + "markdownDescription": "The sub data type of the column.", + "title": "SubType", + "type": "string" + }, + "Type": { + "markdownDescription": "The data type of the column.", + "title": "Type", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SheetElementRenderingRule": { + "AWS::QuickSight::DataSet.OverrideDatasetParameterOperation": { "additionalProperties": false, "properties": { - "ConfigurationOverrides": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetElementConfigurationOverrides", - "markdownDescription": "The override configuration of the rendering rules of a sheet.", - "title": "ConfigurationOverrides" + "NewDefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.NewDefaultValues", + "markdownDescription": "The new default values for the parameter.", + "title": "NewDefaultValues" }, - "Expression": { - "markdownDescription": "The expression of the rendering rules of a sheet.", - "title": "Expression", + "NewParameterName": { + "markdownDescription": "The new name for the parameter.", + "title": "NewParameterName", + "type": "string" + }, + "ParameterName": { + "markdownDescription": "The name of the parameter to be overridden with different values.", + "title": "ParameterName", "type": "string" } }, "required": [ - "ConfigurationOverrides", - "Expression" + "ParameterName" ], "type": "object" }, - "AWS::QuickSight::Dashboard.SheetLayoutElementMaximizationOption": { + "AWS::QuickSight::DataSet.PerformanceConfiguration": { "additionalProperties": false, "properties": { - "AvailabilityStatus": { - "markdownDescription": "The status of the sheet layout maximization options of a dashbaord.", - "title": "AvailabilityStatus", - "type": "string" + "UniqueKeys": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.UniqueKey" + }, + "markdownDescription": "", + "title": "UniqueKeys", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SheetTextBox": { + "AWS::QuickSight::DataSet.PhysicalTable": { "additionalProperties": false, "properties": { - "Content": { - "markdownDescription": "The content that is displayed in the text box.", - "title": "Content", - "type": "string" + "CustomSql": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.CustomSql", + "markdownDescription": "A physical table type built from the results of the custom SQL query.", + "title": "CustomSql" }, - "SheetTextBoxId": { - "markdownDescription": "The unique identifier for a text box. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have text boxes that share identifiers.", - "title": "SheetTextBoxId", - "type": "string" + "RelationalTable": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.RelationalTable", + "markdownDescription": "A physical table type for relational data sources.", + "title": "RelationalTable" + }, + "S3Source": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.S3Source", + "markdownDescription": "A physical table type for as S3 data source.", + "title": "S3Source" } }, - "required": [ - "SheetTextBoxId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.SheetVisualScopingConfiguration": { + "AWS::QuickSight::DataSet.ProjectOperation": { "additionalProperties": false, "properties": { - "Scope": { - "markdownDescription": "The scope of the applied entities. Choose one of the following options:\n\n- `ALL_VISUALS`\n- `SELECTED_VISUALS`", - "title": "Scope", - "type": "string" - }, - "SheetId": { - "markdownDescription": "The selected sheet that the filter is applied to.", - "title": "SheetId", - "type": "string" - }, - "VisualIds": { + "ProjectedColumns": { "items": { "type": "string" }, - "markdownDescription": "The selected visuals that the filter is applied to.", - "title": "VisualIds", + "markdownDescription": "Projected columns.", + "title": "ProjectedColumns", "type": "array" } }, "required": [ - "Scope", - "SheetId" + "ProjectedColumns" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ShortFormatText": { + "AWS::QuickSight::DataSet.RefreshConfiguration": { "additionalProperties": false, "properties": { - "PlainText": { - "markdownDescription": "Plain text format.", - "title": "PlainText", - "type": "string" - }, - "RichText": { - "markdownDescription": "Rich text. Examples of rich text include bold, underline, and italics.", - "title": "RichText", - "type": "string" + "IncrementalRefresh": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.IncrementalRefresh", + "markdownDescription": "The incremental refresh for the dataset.", + "title": "IncrementalRefresh" } }, + "required": [ + "IncrementalRefresh" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.SimpleClusterMarker": { + "AWS::QuickSight::DataSet.RefreshFailureConfiguration": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The color of the simple cluster marker.", - "title": "Color", - "type": "string" + "EmailAlert": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.RefreshFailureEmailAlert", + "markdownDescription": "The email alert configuration for a dataset refresh failure.", + "title": "EmailAlert" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SliderControlDisplayOptions": { + "AWS::QuickSight::DataSet.RefreshFailureEmailAlert": { "additionalProperties": false, "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" - }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" + "AlertStatus": { + "markdownDescription": "The status value that determines if email alerts are sent.", + "title": "AlertStatus", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SmallMultiplesAxisProperties": { + "AWS::QuickSight::DataSet.RelationalTable": { "additionalProperties": false, "properties": { - "Placement": { - "markdownDescription": "Defines the placement of the axis. By default, axes are rendered `OUTSIDE` of the panels. Axes with `INDEPENDENT` scale are rendered `INSIDE` the panels.", - "title": "Placement", + "Catalog": { + "markdownDescription": "The catalog associated with a table.", + "title": "Catalog", "type": "string" }, - "Scale": { - "markdownDescription": "Determines whether scale of the axes are shared or independent. The default value is `SHARED` .", - "title": "Scale", + "DataSourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the data source.", + "title": "DataSourceArn", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.SmallMultiplesOptions": { - "additionalProperties": false, - "properties": { - "MaxVisibleColumns": { - "markdownDescription": "Sets the maximum number of visible columns to display in the grid of small multiples panels.\n\nThe default is `Auto` , which automatically adjusts the columns in the grid to fit the overall layout and size of the given chart.", - "title": "MaxVisibleColumns", - "type": "number" - }, - "MaxVisibleRows": { - "markdownDescription": "Sets the maximum number of visible rows to display in the grid of small multiples panels.\n\nThe default value is `Auto` , which automatically adjusts the rows in the grid to fit the overall layout and size of the given chart.", - "title": "MaxVisibleRows", - "type": "number" }, - "PanelConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PanelConfiguration", - "markdownDescription": "Configures the display options for each small multiples panel.", - "title": "PanelConfiguration" + "InputColumns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.InputColumn" + }, + "markdownDescription": "The column schema of the table.", + "title": "InputColumns", + "type": "array" }, - "XAxis": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SmallMultiplesAxisProperties", - "markdownDescription": "The properties of a small multiples X axis.", - "title": "XAxis" + "Name": { + "markdownDescription": "The name of the relational table.", + "title": "Name", + "type": "string" }, - "YAxis": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SmallMultiplesAxisProperties", - "markdownDescription": "The properties of a small multiples Y axis.", - "title": "YAxis" + "Schema": { + "markdownDescription": "The schema name. This name applies to certain relational database engines.", + "title": "Schema", + "type": "string" } }, + "required": [ + "DataSourceArn", + "Name" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.Spacing": { + "AWS::QuickSight::DataSet.RenameColumnOperation": { "additionalProperties": false, "properties": { - "Bottom": { - "markdownDescription": "Define the bottom spacing.", - "title": "Bottom", - "type": "string" - }, - "Left": { - "markdownDescription": "Define the left spacing.", - "title": "Left", - "type": "string" - }, - "Right": { - "markdownDescription": "Define the right spacing.", - "title": "Right", + "ColumnName": { + "markdownDescription": "The name of the column to be renamed.", + "title": "ColumnName", "type": "string" }, - "Top": { - "markdownDescription": "Define the top spacing.", - "title": "Top", + "NewColumnName": { + "markdownDescription": "The new name for the column.", + "title": "NewColumnName", "type": "string" } }, + "required": [ + "ColumnName" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.StringDefaultValues": { + "AWS::QuickSight::DataSet.ResourcePermission": { "additionalProperties": false, "properties": { - "DynamicValue": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DynamicDefaultValue", - "markdownDescription": "The dynamic value of the `StringDefaultValues` . Different defaults displayed according to users, groups, and values mapping.", - "title": "DynamicValue" - }, - "StaticValues": { + "Actions": { "items": { "type": "string" }, - "markdownDescription": "The static values of the `DecimalDefaultValues` .", - "title": "StaticValues", + "markdownDescription": "The IAM action to grant or revoke permisions on", + "title": "Actions", "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.StringFormatConfiguration": { - "additionalProperties": false, - "properties": { - "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NullValueFormatConfiguration", - "markdownDescription": "The options that determine the null value format configuration.", - "title": "NullValueFormatConfiguration" }, - "NumericFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericFormatConfiguration", - "markdownDescription": "The formatting configuration for numeric strings.", - "title": "NumericFormatConfiguration" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.StringParameter": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "A display name for a string parameter.", - "title": "Name", + "Principal": { + "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", + "title": "Principal", "type": "string" - }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The values of a string parameter.", - "title": "Values", - "type": "array" } }, "required": [ - "Name", - "Values" + "Actions", + "Principal" ], "type": "object" }, - "AWS::QuickSight::Dashboard.StringParameterDeclaration": { + "AWS::QuickSight::DataSet.RowLevelPermissionDataSet": { "additionalProperties": false, "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringDefaultValues", - "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", - "title": "DefaultValues" + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the dataset that contains permissions for RLS.", + "title": "Arn", + "type": "string" }, - "MappedDataSetParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MappedDataSetParameter" - }, - "markdownDescription": "", - "title": "MappedDataSetParameters", - "type": "array" + "FormatVersion": { + "markdownDescription": "The user or group rules associated with the dataset that contains permissions for RLS.\n\nBy default, `FormatVersion` is `VERSION_1` . When `FormatVersion` is `VERSION_1` , `UserName` and `GroupName` are required. When `FormatVersion` is `VERSION_2` , `UserARN` and `GroupARN` are required, and `Namespace` must not exist.", + "title": "FormatVersion", + "type": "string" }, - "Name": { - "markdownDescription": "The name of the parameter that is being declared.", - "title": "Name", + "Namespace": { + "markdownDescription": "The namespace associated with the dataset that contains permissions for RLS.", + "title": "Namespace", "type": "string" }, - "ParameterValueType": { - "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", - "title": "ParameterValueType", + "PermissionPolicy": { + "markdownDescription": "The type of permissions to use when interpreting the permissions for RLS. `DENY_ACCESS` is included for backward compatibility only.", + "title": "PermissionPolicy", "type": "string" }, - "ValueWhenUnset": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringValueWhenUnsetConfiguration", - "markdownDescription": "The configuration that defines the default value of a `String` parameter when a value has not been set.", - "title": "ValueWhenUnset" + "Status": { + "markdownDescription": "The status of the row-level security permission dataset. If enabled, the status is `ENABLED` . If disabled, the status is `DISABLED` .", + "title": "Status", + "type": "string" } }, "required": [ - "Name", - "ParameterValueType" + "Arn", + "PermissionPolicy" ], "type": "object" }, - "AWS::QuickSight::Dashboard.StringValueWhenUnsetConfiguration": { + "AWS::QuickSight::DataSet.RowLevelPermissionTagConfiguration": { "additionalProperties": false, "properties": { - "CustomValue": { - "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", - "title": "CustomValue", + "Status": { + "markdownDescription": "The status of row-level security tags. If enabled, the status is `ENABLED` . If disabled, the status is `DISABLED` .", + "title": "Status", "type": "string" }, - "ValueWhenUnsetOption": { - "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", - "title": "ValueWhenUnsetOption", - "type": "string" + "TagRuleConfigurations": { + "markdownDescription": "The configuration of tags on a dataset to set row-level security.", + "title": "TagRuleConfigurations", + "type": "object" + }, + "TagRules": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.RowLevelPermissionTagRule" + }, + "markdownDescription": "A set of rules associated with row-level security, such as the tag names and columns that they are assigned to.", + "title": "TagRules", + "type": "array" } }, + "required": [ + "TagRules" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.SubtotalOptions": { + "AWS::QuickSight::DataSet.RowLevelPermissionTagRule": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label string for the subtotal cells.", - "title": "CustomLabel", + "ColumnName": { + "markdownDescription": "The column name that a tag key is assigned to.", + "title": "ColumnName", "type": "string" }, - "FieldLevel": { - "markdownDescription": "The field level (all, custom, last) for the subtotal cells.", - "title": "FieldLevel", + "MatchAllValue": { + "markdownDescription": "A string that you want to use to filter by all the values in a column in the dataset and don\u2019t want to list the values one by one. For example, you can use an asterisk as your match all value.", + "title": "MatchAllValue", "type": "string" }, - "FieldLevelOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableFieldSubtotalOptions" - }, - "markdownDescription": "The optional configuration of subtotal cells.", - "title": "FieldLevelOptions", - "type": "array" - }, - "MetricHeaderCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", - "markdownDescription": "The cell styling options for the subtotals of header cells.", - "title": "MetricHeaderCellStyle" - }, - "StyleTargets": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableStyleTarget" - }, - "markdownDescription": "The style targets options for subtotals.", - "title": "StyleTargets", - "type": "array" - }, - "TotalCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", - "markdownDescription": "The cell styling options for the subtotal cells.", - "title": "TotalCellStyle" - }, - "TotalsVisibility": { - "markdownDescription": "The visibility configuration for the subtotal cells.", - "title": "TotalsVisibility", + "TagKey": { + "markdownDescription": "The unique key for a tag.", + "title": "TagKey", "type": "string" }, - "ValueCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", - "markdownDescription": "The cell styling options for the subtotals of value cells.", - "title": "ValueCellStyle" + "TagMultiValueDelimiter": { + "markdownDescription": "A string that you want to use to delimit the values when you pass the values at run time. For example, you can delimit the values with a comma.", + "title": "TagMultiValueDelimiter", + "type": "string" } }, + "required": [ + "ColumnName", + "TagKey" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TableAggregatedFieldWells": { + "AWS::QuickSight::DataSet.S3Source": { "additionalProperties": false, "properties": { - "GroupBy": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The group by field well for a pivot table. Values are grouped by group by fields.", - "title": "GroupBy", - "type": "array" + "DataSourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the data source.", + "title": "DataSourceArn", + "type": "string" }, - "Values": { + "InputColumns": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::DataSet.InputColumn" }, - "markdownDescription": "The values field well for a pivot table. Values are aggregated based on group by fields.", - "title": "Values", + "markdownDescription": "A physical table type for an S3 data source.\n\n> For files that aren't JSON, only `STRING` data types are supported in input columns.", + "title": "InputColumns", "type": "array" + }, + "UploadSettings": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.UploadSettings", + "markdownDescription": "Information about the format for the S3 source file or files.", + "title": "UploadSettings" } }, + "required": [ + "DataSourceArn" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TableBorderOptions": { + "AWS::QuickSight::DataSet.StringDatasetParameter": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The color of a table border.", - "title": "Color", + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.StringDatasetParameterDefaultValues", + "markdownDescription": "A list of default values for a given string dataset parameter type. This structure only accepts static values.", + "title": "DefaultValues" + }, + "Id": { + "markdownDescription": "An identifier for the string parameter that is created in the dataset.", + "title": "Id", "type": "string" }, - "Style": { - "markdownDescription": "The style (none, solid) of a table border.", - "title": "Style", + "Name": { + "markdownDescription": "The name of the string parameter that is created in the dataset.", + "title": "Name", "type": "string" }, - "Thickness": { - "markdownDescription": "The thickness of a table border.", - "title": "Thickness", - "type": "number" + "ValueType": { + "markdownDescription": "The value type of the dataset parameter. Valid values are `single value` or `multi value` .", + "title": "ValueType", + "type": "string" } }, + "required": [ + "Id", + "Name", + "ValueType" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TableCellConditionalFormatting": { + "AWS::QuickSight::DataSet.StringDatasetParameterDefaultValues": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID of the cell for conditional formatting.", - "title": "FieldId", - "type": "string" - }, - "TextFormat": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextConditionalFormat", - "markdownDescription": "The text format of the cell for conditional formatting.", - "title": "TextFormat" + "StaticValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of static default values for a given string parameter.", + "title": "StaticValues", + "type": "array" } }, - "required": [ - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.TableCellImageSizingConfiguration": { + "AWS::QuickSight::DataSet.TagColumnOperation": { "additionalProperties": false, "properties": { - "TableCellImageScalingConfiguration": { - "markdownDescription": "The cell scaling configuration of the sizing options for the table image configuration.", - "title": "TableCellImageScalingConfiguration", + "ColumnName": { + "markdownDescription": "The column that this operation acts on.", + "title": "ColumnName", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.ColumnTag" + }, + "markdownDescription": "The dataset column tag, currently only used for geospatial type tagging.\n\n> This is not tags for the AWS tagging feature.", + "title": "Tags", + "type": "array" } }, + "required": [ + "ColumnName", + "Tags" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TableCellStyle": { + "AWS::QuickSight::DataSet.TransformOperation": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "markdownDescription": "The background color for the table cells.", - "title": "BackgroundColor", - "type": "string" + "CastColumnTypeOperation": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.CastColumnTypeOperation", + "markdownDescription": "A transform operation that casts a column to a different type.", + "title": "CastColumnTypeOperation" }, - "Border": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GlobalTableBorderOptions", - "markdownDescription": "The borders for the table cells.", - "title": "Border" + "CreateColumnsOperation": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.CreateColumnsOperation", + "markdownDescription": "An operation that creates calculated columns. Columns created in one such operation form a lexical closure.", + "title": "CreateColumnsOperation" }, - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", - "markdownDescription": "The font configuration of the table cells.", - "title": "FontConfiguration" + "FilterOperation": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.FilterOperation", + "markdownDescription": "An operation that filters rows based on some condition.", + "title": "FilterOperation" }, - "Height": { - "markdownDescription": "The height color for the table cells.", - "title": "Height", - "type": "number" + "OverrideDatasetParameterOperation": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.OverrideDatasetParameterOperation", + "markdownDescription": "A transform operation that overrides the dataset parameter values that are defined in another dataset.", + "title": "OverrideDatasetParameterOperation" }, - "HorizontalTextAlignment": { - "markdownDescription": "The horizontal text alignment (left, center, right, auto) for the table cells.", - "title": "HorizontalTextAlignment", - "type": "string" + "ProjectOperation": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.ProjectOperation", + "markdownDescription": "An operation that projects columns. Operations that come after a projection can only refer to projected columns.", + "title": "ProjectOperation" }, - "TextWrap": { - "markdownDescription": "The text wrap (none, wrap) for the table cells.", - "title": "TextWrap", - "type": "string" + "RenameColumnOperation": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.RenameColumnOperation", + "markdownDescription": "An operation that renames a column.", + "title": "RenameColumnOperation" }, - "VerticalTextAlignment": { - "markdownDescription": "The vertical text alignment (top, middle, bottom) for the table cells.", - "title": "VerticalTextAlignment", - "type": "string" + "TagColumnOperation": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.TagColumnOperation", + "markdownDescription": "An operation that tags a column with additional information.", + "title": "TagColumnOperation" }, - "Visibility": { - "markdownDescription": "The visibility of the table cells.", - "title": "Visibility", - "type": "string" + "UntagColumnOperation": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.UntagColumnOperation", + "markdownDescription": "", + "title": "UntagColumnOperation" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TableConditionalFormatting": { + "AWS::QuickSight::DataSet.UniqueKey": { "additionalProperties": false, "properties": { - "ConditionalFormattingOptions": { + "ColumnNames": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableConditionalFormattingOption" + "type": "string" }, - "markdownDescription": "Conditional formatting options for a `PivotTableVisual` .", - "title": "ConditionalFormattingOptions", + "markdownDescription": "", + "title": "ColumnNames", "type": "array" } }, + "required": [ + "ColumnNames" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TableConditionalFormattingOption": { + "AWS::QuickSight::DataSet.UntagColumnOperation": { "additionalProperties": false, "properties": { - "Cell": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellConditionalFormatting", - "markdownDescription": "The cell conditional formatting option for a table.", - "title": "Cell" + "ColumnName": { + "markdownDescription": "The column that this operation acts on.", + "title": "ColumnName", + "type": "string" }, - "Row": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableRowConditionalFormatting", - "markdownDescription": "The row conditional formatting option for a table.", - "title": "Row" + "TagNames": { + "items": { + "type": "string" + }, + "markdownDescription": "The column tags to remove from this column.", + "title": "TagNames", + "type": "array" } }, + "required": [ + "ColumnName", + "TagNames" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TableConfiguration": { + "AWS::QuickSight::DataSet.UploadSettings": { "additionalProperties": false, "properties": { - "FieldOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldOptions", - "markdownDescription": "The field options for a table visual.", - "title": "FieldOptions" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "PaginatedReportOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TablePaginatedReportOptions", - "markdownDescription": "The paginated report options for a table visual.", - "title": "PaginatedReportOptions" + "ContainsHeader": { + "markdownDescription": "Whether the file has a header row, or the files each have a header row.", + "title": "ContainsHeader", + "type": "boolean" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableSortConfiguration", - "markdownDescription": "The sort configuration for a `TableVisual` .", - "title": "SortConfiguration" + "Delimiter": { + "markdownDescription": "The delimiter between values in the file.", + "title": "Delimiter", + "type": "string" }, - "TableInlineVisualizations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableInlineVisualization" - }, - "markdownDescription": "A collection of inline visualizations to display within a chart.", - "title": "TableInlineVisualizations", - "type": "array" + "Format": { + "markdownDescription": "File format.", + "title": "Format", + "type": "string" }, - "TableOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableOptions", - "markdownDescription": "The table options for a table visual.", - "title": "TableOptions" + "StartFromRow": { + "markdownDescription": "A row number to start reading data from.", + "title": "StartFromRow", + "type": "number" }, - "TotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TotalOptions", - "markdownDescription": "The total options for a table visual.", - "title": "TotalOptions" + "TextQualifier": { + "markdownDescription": "Text qualifier.", + "title": "TextQualifier", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TableFieldCustomIconContent": { + "AWS::QuickSight::DataSource": { "additionalProperties": false, "properties": { - "Icon": { - "markdownDescription": "The icon set type (link) of the custom icon content for table URL link content.", - "title": "Icon", + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AlternateDataSourceParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.DataSourceParameters" + }, + "markdownDescription": "A set of alternate data source parameters that you want to share for the credentials stored with this data source. The credentials are applied in tandem with the data source parameters when you copy a data source by using a create or update request. The API operation compares the `DataSourceParameters` structure that's in the request with the structures in the `AlternateDataSourceParameters` allow list. If the structures are an exact match, the request is allowed to use the credentials from this existing data source. If the `AlternateDataSourceParameters` list is null, the `Credentials` originally used with this `DataSourceParameters` are automatically allowed.", + "title": "AlternateDataSourceParameters", + "type": "array" + }, + "AwsAccountId": { + "markdownDescription": "The AWS account ID.", + "title": "AwsAccountId", + "type": "string" + }, + "Credentials": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.DataSourceCredentials", + "markdownDescription": "The credentials Amazon QuickSight that uses to connect to your underlying source. Currently, only credentials based on user name and password are supported.", + "title": "Credentials" + }, + "DataSourceId": { + "markdownDescription": "An ID for the data source. This ID is unique per AWS Region for each AWS account.", + "title": "DataSourceId", + "type": "string" + }, + "DataSourceParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.DataSourceParameters", + "markdownDescription": "The parameters that Amazon QuickSight uses to connect to your underlying source.", + "title": "DataSourceParameters" + }, + "ErrorInfo": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.DataSourceErrorInfo", + "markdownDescription": "Error information from the last update or the creation of the data source.", + "title": "ErrorInfo" + }, + "FolderArns": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "FolderArns", + "type": "array" + }, + "Name": { + "markdownDescription": "A display name for the data source.", + "title": "Name", + "type": "string" + }, + "Permissions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.ResourcePermission" + }, + "markdownDescription": "A list of resource permissions on the data source.", + "title": "Permissions", + "type": "array" + }, + "SslProperties": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.SslProperties", + "markdownDescription": "Secure Socket Layer (SSL) properties that apply when Amazon QuickSight connects to your underlying source.", + "title": "SslProperties" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Contains a map of the key-value pairs for the resource tag or tags assigned to the data source.", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of the data source. To return a list of all data sources, use `ListDataSources` .\n\nUse `AMAZON_ELASTICSEARCH` for Amazon OpenSearch Service.", + "title": "Type", + "type": "string" + }, + "VpcConnectionProperties": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.VpcConnectionProperties", + "markdownDescription": "Use this parameter only when you want Amazon QuickSight to use a VPC connection when connecting to your underlying source.", + "title": "VpcConnectionProperties" + } + }, + "required": [ + "Name", + "Type" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QuickSight::DataSource" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TableFieldCustomTextContent": { + "AWS::QuickSight::DataSource.AmazonElasticsearchParameters": { "additionalProperties": false, "properties": { - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", - "markdownDescription": "The font configuration of the custom text content for the table URL link content.", - "title": "FontConfiguration" - }, - "Value": { - "markdownDescription": "The string value of the custom text content for the table URL link content.", - "title": "Value", + "Domain": { + "markdownDescription": "The OpenSearch domain.", + "title": "Domain", "type": "string" } }, "required": [ - "FontConfiguration" + "Domain" ], "type": "object" }, - "AWS::QuickSight::Dashboard.TableFieldImageConfiguration": { + "AWS::QuickSight::DataSource.AmazonOpenSearchParameters": { "additionalProperties": false, "properties": { - "SizingOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellImageSizingConfiguration", - "markdownDescription": "The sizing options for the table image configuration.", - "title": "SizingOptions" + "Domain": { + "markdownDescription": "The OpenSearch domain.", + "title": "Domain", + "type": "string" } }, + "required": [ + "Domain" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TableFieldLinkConfiguration": { + "AWS::QuickSight::DataSource.AthenaParameters": { "additionalProperties": false, "properties": { - "Content": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldLinkContentConfiguration", - "markdownDescription": "The URL content (text, icon) for the table link configuration.", - "title": "Content" + "IdentityCenterConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.IdentityCenterConfiguration", + "markdownDescription": "An optional parameter that configures IAM Identity Center authentication to grant Amazon QuickSight access to your workgroup.\n\nThis parameter can only be specified if your Amazon QuickSight account is configured with IAM Identity Center.", + "title": "IdentityCenterConfiguration" }, - "Target": { - "markdownDescription": "The URL target (new tab, new window, same tab) for the table link configuration.", - "title": "Target", + "RoleArn": { + "markdownDescription": "Use the `RoleArn` structure to override an account-wide role for a specific Athena data source. For example, say an account administrator has turned off all Athena access with an account-wide role. The administrator can then use `RoleArn` to bypass the account-wide role and allow Athena access for the single Athena data source that is specified in the structure, even if the account-wide role forbidding Athena access is still active.", + "title": "RoleArn", + "type": "string" + }, + "WorkGroup": { + "markdownDescription": "The workgroup that Amazon Athena uses.", + "title": "WorkGroup", "type": "string" } }, - "required": [ - "Content", - "Target" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.TableFieldLinkContentConfiguration": { + "AWS::QuickSight::DataSource.AuroraParameters": { "additionalProperties": false, "properties": { - "CustomIconContent": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldCustomIconContent", - "markdownDescription": "The custom icon content for the table link content configuration.", - "title": "CustomIconContent" + "Database": { + "markdownDescription": "Database.", + "title": "Database", + "type": "string" }, - "CustomTextContent": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldCustomTextContent", - "markdownDescription": "The custom text content (value, font configuration) for the table link content configuration.", - "title": "CustomTextContent" + "Host": { + "markdownDescription": "Host.", + "title": "Host", + "type": "string" + }, + "Port": { + "markdownDescription": "Port.", + "title": "Port", + "type": "number" } }, + "required": [ + "Database", + "Host", + "Port" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TableFieldOption": { + "AWS::QuickSight::DataSource.AuroraPostgreSqlParameters": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label for a table field.", - "title": "CustomLabel", - "type": "string" - }, - "FieldId": { - "markdownDescription": "The field ID for a table field.", - "title": "FieldId", + "Database": { + "markdownDescription": "The Amazon Aurora PostgreSQL database to connect to.", + "title": "Database", "type": "string" }, - "URLStyling": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldURLConfiguration", - "markdownDescription": "The URL configuration for a table field.", - "title": "URLStyling" - }, - "Visibility": { - "markdownDescription": "The visibility of a table field.", - "title": "Visibility", + "Host": { + "markdownDescription": "The Amazon Aurora PostgreSQL-Compatible host to connect to.", + "title": "Host", "type": "string" }, - "Width": { - "markdownDescription": "The width for a table field.", - "title": "Width", - "type": "string" + "Port": { + "markdownDescription": "The port that Amazon Aurora PostgreSQL is listening on.", + "title": "Port", + "type": "number" } }, "required": [ - "FieldId" + "Database", + "Host", + "Port" ], "type": "object" }, - "AWS::QuickSight::Dashboard.TableFieldOptions": { + "AWS::QuickSight::DataSource.CredentialPair": { "additionalProperties": false, "properties": { - "Order": { + "AlternateDataSourceParameters": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::DataSource.DataSourceParameters" }, - "markdownDescription": "The order of the field IDs that are configured as field options for a table visual.", - "title": "Order", + "markdownDescription": "A set of alternate data source parameters that you want to share for these credentials. The credentials are applied in tandem with the data source parameters when you copy a data source by using a create or update request. The API operation compares the `DataSourceParameters` structure that's in the request with the structures in the `AlternateDataSourceParameters` allow list. If the structures are an exact match, the request is allowed to use the new data source with the existing credentials. If the `AlternateDataSourceParameters` list is null, the `DataSourceParameters` originally used with these `Credentials` is automatically allowed.", + "title": "AlternateDataSourceParameters", "type": "array" }, - "PinnedFieldOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TablePinnedFieldOptions", - "markdownDescription": "The settings for the pinned columns of a table visual.", - "title": "PinnedFieldOptions" + "Password": { + "markdownDescription": "Password.", + "title": "Password", + "type": "string" }, - "SelectedFieldOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldOption" - }, - "markdownDescription": "The field options to be configured to a table.", - "title": "SelectedFieldOptions", - "type": "array" + "Username": { + "markdownDescription": "User name.", + "title": "Username", + "type": "string" } }, + "required": [ + "Password", + "Username" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TableFieldURLConfiguration": { + "AWS::QuickSight::DataSource.DataSourceCredentials": { "additionalProperties": false, "properties": { - "ImageConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldImageConfiguration", - "markdownDescription": "The image configuration of a table field URL.", - "title": "ImageConfiguration" + "CopySourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of a data source that has the credential pair that you want to use. When `CopySourceArn` is not null, the credential pair from the data source in the ARN is used as the credentials for the `DataSourceCredentials` structure.", + "title": "CopySourceArn", + "type": "string" }, - "LinkConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldLinkConfiguration", - "markdownDescription": "The link configuration of a table field URL.", - "title": "LinkConfiguration" + "CredentialPair": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.CredentialPair", + "markdownDescription": "Credential pair. For more information, see `[CredentialPair](https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CredentialPair.html)` .", + "title": "CredentialPair" + }, + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the secret associated with the data source in AWS Secrets Manager .", + "title": "SecretArn", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TableFieldWells": { + "AWS::QuickSight::DataSource.DataSourceErrorInfo": { "additionalProperties": false, "properties": { - "TableAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableAggregatedFieldWells", - "markdownDescription": "The aggregated field well for the table.", - "title": "TableAggregatedFieldWells" + "Message": { + "markdownDescription": "Error message.", + "title": "Message", + "type": "string" }, - "TableUnaggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableUnaggregatedFieldWells", - "markdownDescription": "The unaggregated field well for the table.", - "title": "TableUnaggregatedFieldWells" + "Type": { + "markdownDescription": "Error type.", + "title": "Type", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TableInlineVisualization": { + "AWS::QuickSight::DataSource.DataSourceParameters": { "additionalProperties": false, "properties": { - "DataBars": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataBarsOptions", - "markdownDescription": "The configuration of the inline visualization of the data bars within a chart.", - "title": "DataBars" + "AmazonElasticsearchParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.AmazonElasticsearchParameters", + "markdownDescription": "The parameters for OpenSearch.", + "title": "AmazonElasticsearchParameters" + }, + "AmazonOpenSearchParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.AmazonOpenSearchParameters", + "markdownDescription": "The parameters for OpenSearch.", + "title": "AmazonOpenSearchParameters" + }, + "AthenaParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.AthenaParameters", + "markdownDescription": "The parameters for Amazon Athena.", + "title": "AthenaParameters" + }, + "AuroraParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.AuroraParameters", + "markdownDescription": "The parameters for Amazon Aurora MySQL.", + "title": "AuroraParameters" + }, + "AuroraPostgreSqlParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.AuroraPostgreSqlParameters", + "markdownDescription": "The parameters for Amazon Aurora.", + "title": "AuroraPostgreSqlParameters" + }, + "DatabricksParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.DatabricksParameters", + "markdownDescription": "The required parameters that are needed to connect to a Databricks data source.", + "title": "DatabricksParameters" + }, + "MariaDbParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.MariaDbParameters", + "markdownDescription": "The parameters for MariaDB.", + "title": "MariaDbParameters" + }, + "MySqlParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.MySqlParameters", + "markdownDescription": "The parameters for MySQL.", + "title": "MySqlParameters" + }, + "OracleParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.OracleParameters", + "markdownDescription": "Oracle parameters.", + "title": "OracleParameters" + }, + "PostgreSqlParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.PostgreSqlParameters", + "markdownDescription": "The parameters for PostgreSQL.", + "title": "PostgreSqlParameters" + }, + "PrestoParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.PrestoParameters", + "markdownDescription": "The parameters for Presto.", + "title": "PrestoParameters" + }, + "RdsParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.RdsParameters", + "markdownDescription": "The parameters for Amazon RDS.", + "title": "RdsParameters" + }, + "RedshiftParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.RedshiftParameters", + "markdownDescription": "The parameters for Amazon Redshift.", + "title": "RedshiftParameters" + }, + "S3Parameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.S3Parameters", + "markdownDescription": "The parameters for S3.", + "title": "S3Parameters" + }, + "SnowflakeParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.SnowflakeParameters", + "markdownDescription": "The parameters for Snowflake.", + "title": "SnowflakeParameters" + }, + "SparkParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.SparkParameters", + "markdownDescription": "The parameters for Spark.", + "title": "SparkParameters" + }, + "SqlServerParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.SqlServerParameters", + "markdownDescription": "The parameters for SQL Server.", + "title": "SqlServerParameters" + }, + "StarburstParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.StarburstParameters", + "markdownDescription": "The parameters that are required to connect to a Starburst data source.", + "title": "StarburstParameters" + }, + "TeradataParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.TeradataParameters", + "markdownDescription": "The parameters for Teradata.", + "title": "TeradataParameters" + }, + "TrinoParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.TrinoParameters", + "markdownDescription": "The parameters that are required to connect to a Trino data source.", + "title": "TrinoParameters" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TableOptions": { + "AWS::QuickSight::DataSource.DatabricksParameters": { "additionalProperties": false, "properties": { - "CellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", - "markdownDescription": "The table cell style of table cells.", - "title": "CellStyle" + "Host": { + "markdownDescription": "The host name of the Databricks data source.", + "title": "Host", + "type": "string" }, - "HeaderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", - "markdownDescription": "The table cell style of a table header.", - "title": "HeaderStyle" + "Port": { + "markdownDescription": "The port for the Databricks data source.", + "title": "Port", + "type": "number" }, - "Orientation": { - "markdownDescription": "The orientation (vertical, horizontal) for a table.", - "title": "Orientation", + "SqlEndpointPath": { + "markdownDescription": "The HTTP path of the Databricks data source.", + "title": "SqlEndpointPath", "type": "string" - }, - "RowAlternateColorOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RowAlternateColorOptions", - "markdownDescription": "The row alternate color options (widget status, row alternate colors) for a table.", - "title": "RowAlternateColorOptions" } }, + "required": [ + "Host", + "Port", + "SqlEndpointPath" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TablePaginatedReportOptions": { + "AWS::QuickSight::DataSource.IdentityCenterConfiguration": { "additionalProperties": false, "properties": { - "OverflowColumnHeaderVisibility": { - "markdownDescription": "The visibility of repeating header rows on each page.", - "title": "OverflowColumnHeaderVisibility", - "type": "string" - }, - "VerticalOverflowVisibility": { - "markdownDescription": "The visibility of printing table overflow across pages.", - "title": "VerticalOverflowVisibility", - "type": "string" + "EnableIdentityPropagation": { + "markdownDescription": "A Boolean option that controls whether Trusted Identity Propagation should be used.", + "title": "EnableIdentityPropagation", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TablePinnedFieldOptions": { + "AWS::QuickSight::DataSource.ManifestFileLocation": { "additionalProperties": false, "properties": { - "PinnedLeftFields": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of columns to be pinned to the left of a table visual.", - "title": "PinnedLeftFields", - "type": "array" + "Bucket": { + "markdownDescription": "Amazon S3 bucket.", + "title": "Bucket", + "type": "string" + }, + "Key": { + "markdownDescription": "Amazon S3 key that identifies an object.", + "title": "Key", + "type": "string" } }, + "required": [ + "Bucket", + "Key" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TableRowConditionalFormatting": { + "AWS::QuickSight::DataSource.MariaDbParameters": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting color (solid, gradient) of the background for a table row.", - "title": "BackgroundColor" + "Database": { + "markdownDescription": "Database.", + "title": "Database", + "type": "string" }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting color (solid, gradient) of the text for a table row.", - "title": "TextColor" + "Host": { + "markdownDescription": "Host.", + "title": "Host", + "type": "string" + }, + "Port": { + "markdownDescription": "Port.", + "title": "Port", + "type": "number" } }, + "required": [ + "Database", + "Host", + "Port" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TableSideBorderOptions": { + "AWS::QuickSight::DataSource.MySqlParameters": { "additionalProperties": false, "properties": { - "Bottom": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", - "markdownDescription": "The table border options of the bottom border.", - "title": "Bottom" - }, - "InnerHorizontal": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", - "markdownDescription": "The table border options of the inner horizontal border.", - "title": "InnerHorizontal" - }, - "InnerVertical": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", - "markdownDescription": "The table border options of the inner vertical border.", - "title": "InnerVertical" - }, - "Left": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", - "markdownDescription": "The table border options of the left border.", - "title": "Left" + "Database": { + "markdownDescription": "Database.", + "title": "Database", + "type": "string" }, - "Right": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", - "markdownDescription": "The table border options of the right border.", - "title": "Right" + "Host": { + "markdownDescription": "Host.", + "title": "Host", + "type": "string" }, - "Top": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", - "markdownDescription": "The table border options of the top border.", - "title": "Top" + "Port": { + "markdownDescription": "Port.", + "title": "Port", + "type": "number" } }, + "required": [ + "Database", + "Host", + "Port" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TableSortConfiguration": { + "AWS::QuickSight::DataSource.OAuthParameters": { "additionalProperties": false, "properties": { - "PaginationConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PaginationConfiguration", - "markdownDescription": "The pagination configuration (page size, page number) for the table.", - "title": "PaginationConfiguration" + "IdentityProviderResourceUri": { + "markdownDescription": "The resource uri of the identity provider.", + "title": "IdentityProviderResourceUri", + "type": "string" }, - "RowSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The field sort options for rows in the table.", - "title": "RowSort", - "type": "array" + "IdentityProviderVpcConnectionProperties": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.VpcConnectionProperties", + "markdownDescription": "", + "title": "IdentityProviderVpcConnectionProperties" + }, + "OAuthScope": { + "markdownDescription": "The OAuth scope.", + "title": "OAuthScope", + "type": "string" + }, + "TokenProviderUrl": { + "markdownDescription": "The token endpoint URL of the identity provider.", + "title": "TokenProviderUrl", + "type": "string" } }, + "required": [ + "TokenProviderUrl" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TableStyleTarget": { + "AWS::QuickSight::DataSource.OracleParameters": { "additionalProperties": false, "properties": { - "CellType": { - "markdownDescription": "The cell type of the table style target.", - "title": "CellType", + "Database": { + "markdownDescription": "Database.", + "title": "Database", + "type": "string" + }, + "Host": { + "markdownDescription": "Host.", + "title": "Host", "type": "string" + }, + "Port": { + "markdownDescription": "Port.", + "title": "Port", + "type": "number" + }, + "UseServiceName": { + "markdownDescription": "A Boolean value that indicates whether the `Database` uses a service name or an SID. If this value is left blank, the default value is `SID` . If this value is set to `false` , the value is `SID` .", + "title": "UseServiceName", + "type": "boolean" } }, "required": [ - "CellType" + "Database", + "Host", + "Port" ], "type": "object" }, - "AWS::QuickSight::Dashboard.TableUnaggregatedFieldWells": { + "AWS::QuickSight::DataSource.PostgreSqlParameters": { "additionalProperties": false, "properties": { - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.UnaggregatedField" - }, - "markdownDescription": "The values field well for a pivot table. Values are unaggregated for an unaggregated table.", - "title": "Values", - "type": "array" + "Database": { + "markdownDescription": "Database.", + "title": "Database", + "type": "string" + }, + "Host": { + "markdownDescription": "Host.", + "title": "Host", + "type": "string" + }, + "Port": { + "markdownDescription": "Port.", + "title": "Port", + "type": "number" } }, + "required": [ + "Database", + "Host", + "Port" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TableVisual": { + "AWS::QuickSight::DataSource.PrestoParameters": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" - }, - "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableConditionalFormatting", - "markdownDescription": "The conditional formatting for a `PivotTableVisual` .", - "title": "ConditionalFormatting" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Catalog": { + "markdownDescription": "Catalog.", + "title": "Catalog", + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "Host": { + "markdownDescription": "Host.", + "title": "Host", "type": "string" + }, + "Port": { + "markdownDescription": "Port.", + "title": "Port", + "type": "number" } }, "required": [ - "VisualId" + "Catalog", + "Host", + "Port" ], "type": "object" }, - "AWS::QuickSight::Dashboard.TextAreaControlDisplayOptions": { + "AWS::QuickSight::DataSource.RdsParameters": { "additionalProperties": false, "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" - }, - "PlaceholderOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextControlPlaceholderOptions", - "markdownDescription": "The configuration of the placeholder options in a text area control.", - "title": "PlaceholderOptions" + "Database": { + "markdownDescription": "Database.", + "title": "Database", + "type": "string" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" + "InstanceId": { + "markdownDescription": "Instance ID.", + "title": "InstanceId", + "type": "string" } }, + "required": [ + "Database", + "InstanceId" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TextConditionalFormat": { + "AWS::QuickSight::DataSource.RedshiftIAMParameters": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting for the text background color.", - "title": "BackgroundColor" + "AutoCreateDatabaseUser": { + "markdownDescription": "Automatically creates a database user. If your database doesn't have a `DatabaseUser` , set this parameter to `True` . If there is no `DatabaseUser` , Amazon QuickSight can't connect to your cluster. The `RoleArn` that you use for this operation must grant access to `redshift:CreateClusterUser` to successfully create the user.", + "title": "AutoCreateDatabaseUser", + "type": "boolean" }, - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting for the icon.", - "title": "Icon" + "DatabaseGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of groups whose permissions will be granted to Amazon QuickSight to access the cluster. These permissions are combined with the permissions granted to Amazon QuickSight by the `DatabaseUser` . If you choose to include this parameter, the `RoleArn` must grant access to `redshift:JoinGroup` .", + "title": "DatabaseGroups", + "type": "array" }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting for the text color.", - "title": "TextColor" + "DatabaseUser": { + "markdownDescription": "The user whose permissions and group memberships will be used by Amazon QuickSight to access the cluster. If this user already exists in your database, Amazon QuickSight is granted the same permissions that the user has. If the user doesn't exist, set the value of `AutoCreateDatabaseUser` to `True` to create a new user with PUBLIC permissions.", + "title": "DatabaseUser", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "Use the `RoleArn` structure to allow Amazon QuickSight to call `redshift:GetClusterCredentials` on your cluster. The calling principal must have `iam:PassRole` access to pass the role to Amazon QuickSight. The role's trust policy must allow the Amazon QuickSight service principal to assume the role.", + "title": "RoleArn", + "type": "string" } }, + "required": [ + "RoleArn" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TextControlPlaceholderOptions": { + "AWS::QuickSight::DataSource.RedshiftParameters": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility configuration of the placeholder options in a text control.", - "title": "Visibility", + "ClusterId": { + "markdownDescription": "Cluster ID. This field can be blank if the `Host` and `Port` are provided.", + "title": "ClusterId", + "type": "string" + }, + "Database": { + "markdownDescription": "Database.", + "title": "Database", "type": "string" + }, + "Host": { + "markdownDescription": "Host. This field can be blank if `ClusterId` is provided.", + "title": "Host", + "type": "string" + }, + "IAMParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.RedshiftIAMParameters", + "markdownDescription": "An optional parameter that uses IAM authentication to grant Amazon QuickSight access to your cluster. This parameter can be used instead of [DataSourceCredentials](https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DataSourceCredentials.html) .", + "title": "IAMParameters" + }, + "IdentityCenterConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.IdentityCenterConfiguration", + "markdownDescription": "An optional parameter that configures IAM Identity Center authentication to grant Amazon QuickSight access to your cluster.\n\nThis parameter can only be specified if your Amazon QuickSight account is configured with IAM Identity Center.", + "title": "IdentityCenterConfiguration" + }, + "Port": { + "markdownDescription": "Port. This field can be blank if the `ClusterId` is provided.", + "title": "Port", + "type": "number" } }, + "required": [ + "Database" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TextFieldControlDisplayOptions": { + "AWS::QuickSight::DataSource.ResourcePermission": { "additionalProperties": false, "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" + "Actions": { + "items": { + "type": "string" + }, + "markdownDescription": "The IAM action to grant or revoke permissions on.", + "title": "Actions", + "type": "array" }, - "PlaceholderOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextControlPlaceholderOptions", - "markdownDescription": "The configuration of the placeholder options in a text field control.", - "title": "PlaceholderOptions" + "Principal": { + "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", + "title": "Principal", + "type": "string" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" + "Resource": { + "markdownDescription": "", + "title": "Resource", + "type": "string" } }, + "required": [ + "Actions", + "Principal" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.ThousandSeparatorOptions": { + "AWS::QuickSight::DataSource.S3Parameters": { "additionalProperties": false, "properties": { - "Symbol": { - "markdownDescription": "Determines the thousands separator symbol.", - "title": "Symbol", - "type": "string" + "ManifestFileLocation": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.ManifestFileLocation", + "markdownDescription": "Location of the Amazon S3 manifest file. This is NULL if the manifest file was uploaded into Amazon QuickSight.", + "title": "ManifestFileLocation" }, - "Visibility": { - "markdownDescription": "Determines the visibility of the thousands separator.", - "title": "Visibility", + "RoleArn": { + "markdownDescription": "Use the `RoleArn` structure to override an account-wide role for a specific S3 data source. For example, say an account administrator has turned off all S3 access with an account-wide role. The administrator can then use `RoleArn` to bypass the account-wide role and allow S3 access for the single S3 data source that is specified in the structure, even if the account-wide role forbidding S3 access is still active.", + "title": "RoleArn", "type": "string" } }, + "required": [ + "ManifestFileLocation" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TimeBasedForecastProperties": { + "AWS::QuickSight::DataSource.SnowflakeParameters": { "additionalProperties": false, "properties": { - "LowerBoundary": { - "markdownDescription": "The lower boundary setup of a forecast computation.", - "title": "LowerBoundary", - "type": "number" + "AuthenticationType": { + "markdownDescription": "The authentication type that you want to use for your connection. This parameter accepts OAuth and non-OAuth authentication types.", + "title": "AuthenticationType", + "type": "string" }, - "PeriodsBackward": { - "markdownDescription": "The periods backward setup of a forecast computation.", - "title": "PeriodsBackward", - "type": "number" + "Database": { + "markdownDescription": "Database.", + "title": "Database", + "type": "string" }, - "PeriodsForward": { - "markdownDescription": "The periods forward setup of a forecast computation.", - "title": "PeriodsForward", - "type": "number" + "DatabaseAccessControlRole": { + "markdownDescription": "The database access control role.", + "title": "DatabaseAccessControlRole", + "type": "string" }, - "PredictionInterval": { - "markdownDescription": "The prediction interval setup of a forecast computation.", - "title": "PredictionInterval", - "type": "number" + "Host": { + "markdownDescription": "Host.", + "title": "Host", + "type": "string" }, - "Seasonality": { - "markdownDescription": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `NULL` : The input is set to `NULL` .\n- `NON_NULL` : The input is set to a custom value.", - "title": "Seasonality", - "type": "number" + "OAuthParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.OAuthParameters", + "markdownDescription": "An object that contains information needed to create a data source connection between an Amazon QuickSight account and Snowflake.", + "title": "OAuthParameters" }, - "UpperBoundary": { - "markdownDescription": "The upper boundary setup of a forecast computation.", - "title": "UpperBoundary", - "type": "number" + "Warehouse": { + "markdownDescription": "Warehouse.", + "title": "Warehouse", + "type": "string" } }, + "required": [ + "Database", + "Host", + "Warehouse" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TimeEqualityFilter": { + "AWS::QuickSight::DataSource.SparkParameters": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" - }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", - "type": "string" - }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `Value` and `RollingDate` .", - "title": "ParameterName", - "type": "string" - }, - "RollingDate": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RollingDateConfiguration", - "markdownDescription": "The rolling date input for the `TimeEquality` filter.\n\nThis field is mutually exclusive to `Value` and `ParameterName` .", - "title": "RollingDate" - }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", + "Host": { + "markdownDescription": "Host.", + "title": "Host", "type": "string" }, - "Value": { - "markdownDescription": "The value of a `TimeEquality` filter.\n\nThis field is mutually exclusive to `RollingDate` and `ParameterName` .", - "title": "Value", - "type": "string" + "Port": { + "markdownDescription": "Port.", + "title": "Port", + "type": "number" } }, "required": [ - "Column", - "FilterId" + "Host", + "Port" ], "type": "object" }, - "AWS::QuickSight::Dashboard.TimeRangeDrillDownFilter": { + "AWS::QuickSight::DataSource.SqlServerParameters": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "RangeMaximum": { - "markdownDescription": "The maximum value for the filter value range.", - "title": "RangeMaximum", + "Database": { + "markdownDescription": "Database.", + "title": "Database", "type": "string" }, - "RangeMinimum": { - "markdownDescription": "The minimum value for the filter value range.", - "title": "RangeMinimum", + "Host": { + "markdownDescription": "Host.", + "title": "Host", "type": "string" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", - "type": "string" + "Port": { + "markdownDescription": "Port.", + "title": "Port", + "type": "number" } }, "required": [ - "Column", - "RangeMaximum", - "RangeMinimum", - "TimeGranularity" + "Database", + "Host", + "Port" ], "type": "object" }, - "AWS::QuickSight::Dashboard.TimeRangeFilter": { + "AWS::QuickSight::DataSource.SslProperties": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" - }, - "ExcludePeriodConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ExcludePeriodConfiguration", - "markdownDescription": "The exclude period of the time range filter.", - "title": "ExcludePeriodConfiguration" - }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", + "DisableSsl": { + "markdownDescription": "A Boolean option to control whether SSL should be disabled.", + "title": "DisableSsl", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSource.StarburstParameters": { + "additionalProperties": false, + "properties": { + "AuthenticationType": { + "markdownDescription": "The authentication type that you want to use for your connection. This parameter accepts OAuth and non-OAuth authentication types.", + "title": "AuthenticationType", "type": "string" }, - "IncludeMaximum": { - "markdownDescription": "Determines whether the maximum value in the filter value range should be included in the filtered results.", - "title": "IncludeMaximum", - "type": "boolean" + "Catalog": { + "markdownDescription": "The catalog name for the Starburst data source.", + "title": "Catalog", + "type": "string" }, - "IncludeMinimum": { - "markdownDescription": "Determines whether the minimum value in the filter value range should be included in the filtered results.", - "title": "IncludeMinimum", - "type": "boolean" + "DatabaseAccessControlRole": { + "markdownDescription": "The database access control role.", + "title": "DatabaseAccessControlRole", + "type": "string" }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", + "Host": { + "markdownDescription": "The host name of the Starburst data source.", + "title": "Host", "type": "string" }, - "RangeMaximumValue": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TimeRangeFilterValue", - "markdownDescription": "The maximum value for the filter value range.", - "title": "RangeMaximumValue" + "OAuthParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.OAuthParameters", + "markdownDescription": "An object that contains information needed to create a data source connection between an Amazon QuickSight account and Starburst.", + "title": "OAuthParameters" }, - "RangeMinimumValue": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TimeRangeFilterValue", - "markdownDescription": "The minimum value for the filter value range.", - "title": "RangeMinimumValue" + "Port": { + "markdownDescription": "The port for the Starburst data source.", + "title": "Port", + "type": "number" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", + "ProductType": { + "markdownDescription": "The product type for the Starburst data source.", + "title": "ProductType", "type": "string" } }, "required": [ - "Column", - "FilterId", - "NullOption" + "Catalog", + "Host", + "Port" ], "type": "object" }, - "AWS::QuickSight::Dashboard.TimeRangeFilterValue": { + "AWS::QuickSight::DataSource.TeradataParameters": { "additionalProperties": false, "properties": { - "Parameter": { - "markdownDescription": "The parameter type input value.", - "title": "Parameter", + "Database": { + "markdownDescription": "Database.", + "title": "Database", "type": "string" }, - "RollingDate": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RollingDateConfiguration", - "markdownDescription": "The rolling date input value.", - "title": "RollingDate" - }, - "StaticValue": { - "markdownDescription": "The static input value.", - "title": "StaticValue", + "Host": { + "markdownDescription": "Host.", + "title": "Host", "type": "string" + }, + "Port": { + "markdownDescription": "Port.", + "title": "Port", + "type": "number" } }, + "required": [ + "Database", + "Host", + "Port" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TooltipItem": { + "AWS::QuickSight::DataSource.TrinoParameters": { "additionalProperties": false, "properties": { - "ColumnTooltipItem": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnTooltipItem", - "markdownDescription": "The tooltip item for the columns that are not part of a field well.", - "title": "ColumnTooltipItem" + "Catalog": { + "markdownDescription": "The catalog name for the Trino data source.", + "title": "Catalog", + "type": "string" }, - "FieldTooltipItem": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldTooltipItem", - "markdownDescription": "The tooltip item for the fields.", - "title": "FieldTooltipItem" + "Host": { + "markdownDescription": "The host name of the Trino data source.", + "title": "Host", + "type": "string" + }, + "Port": { + "markdownDescription": "The port for the Trino data source.", + "title": "Port", + "type": "number" } }, + "required": [ + "Catalog", + "Host", + "Port" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TooltipOptions": { + "AWS::QuickSight::DataSource.VpcConnectionProperties": { "additionalProperties": false, "properties": { - "FieldBasedTooltip": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldBasedTooltip", - "markdownDescription": "The setup for the detailed tooltip. The tooltip setup is always saved. The display type is decided based on the tooltip type.", - "title": "FieldBasedTooltip" - }, - "SelectedTooltipType": { - "markdownDescription": "The selected type for the tooltip. Choose one of the following options:\n\n- `BASIC` : A basic tooltip.\n- `DETAILED` : A detailed tooltip.", - "title": "SelectedTooltipType", - "type": "string" - }, - "TooltipVisibility": { - "markdownDescription": "Determines whether or not the tooltip is visible.", - "title": "TooltipVisibility", + "VpcConnectionArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the VPC connection.", + "title": "VpcConnectionArn", "type": "string" } }, + "required": [ + "VpcConnectionArn" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TopBottomFilter": { + "AWS::QuickSight::Folder": { "additionalProperties": false, "properties": { - "AggregationSortConfigurations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationSortConfiguration" - }, - "markdownDescription": "The aggregation and sort configuration of the top bottom filter.", - "title": "AggregationSortConfigurations", - "type": "array" + "Condition": { + "type": "string" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", - "type": "string" + "Metadata": { + "type": "object" }, - "Limit": { - "markdownDescription": "The number of items to include in the top bottom filter results.", - "title": "Limit", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "AwsAccountId": { + "markdownDescription": "The ID for the AWS account where you want to create the folder.", + "title": "AwsAccountId", + "type": "string" + }, + "FolderId": { + "markdownDescription": "The ID of the folder.", + "title": "FolderId", + "type": "string" + }, + "FolderType": { + "markdownDescription": "The type of folder it is.", + "title": "FolderType", + "type": "string" + }, + "Name": { + "markdownDescription": "A display name for the folder.", + "title": "Name", + "type": "string" + }, + "ParentFolderArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the folder.", + "title": "ParentFolderArn", + "type": "string" + }, + "Permissions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Folder.ResourcePermission" + }, + "markdownDescription": "A structure that describes the principals and the resource-level permissions of a folder.\n\nTo specify no permissions, omit `Permissions` .", + "title": "Permissions", + "type": "array" + }, + "SharingModel": { + "markdownDescription": "The sharing scope of the folder.", + "title": "SharingModel", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags for the folders that you want to apply overrides to.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.", - "title": "ParameterName", + "Type": { + "enum": [ + "AWS::QuickSight::Folder" + ], "type": "string" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "AggregationSortConfigurations", - "Column", - "FilterId" + "Type" ], "type": "object" }, - "AWS::QuickSight::Dashboard.TopBottomMoversComputation": { + "AWS::QuickSight::Folder.ResourcePermission": { "additionalProperties": false, "properties": { - "Category": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", - "markdownDescription": "The category field that is used in a computation.", - "title": "Category" - }, - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" - }, - "MoverSize": { - "markdownDescription": "The mover size setup of the top and bottom movers computation.", - "title": "MoverSize", - "type": "number" - }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", - "type": "string" - }, - "SortOrder": { - "markdownDescription": "The sort order setup of the top and bottom movers computation.", - "title": "SortOrder", - "type": "string" - }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" + "Actions": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "Actions", + "type": "array" }, - "Type": { - "markdownDescription": "The computation type. Choose from the following options:\n\n- TOP: Top movers computation.\n- BOTTOM: Bottom movers computation.", - "title": "Type", + "Principal": { + "markdownDescription": "", + "title": "Principal", "type": "string" - }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" } }, "required": [ - "ComputationId", - "Type" + "Actions", + "Principal" ], "type": "object" }, - "AWS::QuickSight::Dashboard.TopBottomRankedComputation": { + "AWS::QuickSight::RefreshSchedule": { "additionalProperties": false, "properties": { - "Category": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", - "markdownDescription": "The category field that is used in a computation.", - "title": "Category" - }, - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", + "Condition": { "type": "string" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ResultSize": { - "markdownDescription": "The result size of a top and bottom ranked computation.", - "title": "ResultSize", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AwsAccountId": { + "markdownDescription": "The AWS account ID of the account that you are creating a schedule in.", + "title": "AwsAccountId", + "type": "string" + }, + "DataSetId": { + "markdownDescription": "The ID of the dataset that you are creating a refresh schedule for.", + "title": "DataSetId", + "type": "string" + }, + "Schedule": { + "$ref": "#/definitions/AWS::QuickSight::RefreshSchedule.RefreshScheduleMap", + "markdownDescription": "The refresh schedule of a dataset.", + "title": "Schedule" + } + }, + "type": "object" }, "Type": { - "markdownDescription": "The computation type. Choose one of the following options:\n\n- TOP: A top ranked computation.\n- BOTTOM: A bottom ranked computation.", - "title": "Type", + "enum": [ + "AWS::QuickSight::RefreshSchedule" + ], "type": "string" }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "ComputationId", "Type" ], "type": "object" }, - "AWS::QuickSight::Dashboard.TotalAggregationComputation": { + "AWS::QuickSight::RefreshSchedule.RefreshOnDay": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", + "DayOfMonth": { + "markdownDescription": "The day of the month that you want your dataset to refresh. This value is required for monthly refresh intervals.", + "title": "DayOfMonth", "type": "string" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "DayOfWeek": { + "markdownDescription": "The day of the week that you want to schedule the refresh on. This value is required for weekly and monthly refresh intervals.", + "title": "DayOfWeek", "type": "string" - }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" } }, - "required": [ - "ComputationId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.TotalAggregationFunction": { + "AWS::QuickSight::RefreshSchedule.RefreshScheduleMap": { "additionalProperties": false, "properties": { - "SimpleTotalAggregationFunction": { - "markdownDescription": "A built in aggregation function for total values.", - "title": "SimpleTotalAggregationFunction", + "RefreshType": { + "markdownDescription": "The type of refresh that a dataset undergoes. Valid values are as follows:\n\n- `FULL_REFRESH` : A complete refresh of a dataset.\n- `INCREMENTAL_REFRESH` : A partial refresh of some rows of a dataset, based on the time window specified.\n\nFor more information on full and incremental refreshes, see [Refreshing SPICE data](https://docs.aws.amazon.com/quicksight/latest/user/refreshing-imported-data.html) in the *QuickSight User Guide* .", + "title": "RefreshType", + "type": "string" + }, + "ScheduleFrequency": { + "$ref": "#/definitions/AWS::QuickSight::RefreshSchedule.ScheduleFrequency", + "markdownDescription": "The frequency for the refresh schedule.", + "title": "ScheduleFrequency" + }, + "ScheduleId": { + "markdownDescription": "An identifier for the refresh schedule.", + "title": "ScheduleId", + "type": "string" + }, + "StartAfterDateTime": { + "markdownDescription": "Time after which the refresh schedule can be started, expressed in `YYYY-MM-DDTHH:MM:SS` format.", + "title": "StartAfterDateTime", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TotalAggregationOption": { + "AWS::QuickSight::RefreshSchedule.ScheduleFrequency": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field id that's associated with the total aggregation option.", - "title": "FieldId", + "Interval": { + "markdownDescription": "The interval between scheduled refreshes. Valid values are as follows:\n\n- `MINUTE15` : The dataset refreshes every 15 minutes. This value is only supported for incremental refreshes. This interval can only be used for one schedule per dataset.\n- `MINUTE30` : The dataset refreshes every 30 minutes. This value is only supported for incremental refreshes. This interval can only be used for one schedule per dataset.\n- `HOURLY` : The dataset refreshes every hour. This interval can only be used for one schedule per dataset.\n- `DAILY` : The dataset refreshes every day.\n- `WEEKLY` : The dataset refreshes every week.\n- `MONTHLY` : The dataset refreshes every month.", + "title": "Interval", "type": "string" }, - "TotalAggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TotalAggregationFunction", - "markdownDescription": "The total aggregation function that you want to set for a specified field id.", - "title": "TotalAggregationFunction" + "RefreshOnDay": { + "$ref": "#/definitions/AWS::QuickSight::RefreshSchedule.RefreshOnDay", + "markdownDescription": "The day of the week that you want to schedule the refresh on. This value is required for weekly and monthly refresh intervals.", + "title": "RefreshOnDay" + }, + "TimeOfTheDay": { + "markdownDescription": "The time of day that you want the dataset to refresh. This value is expressed in HH:MM format. This field is not required for schedules that refresh hourly.", + "title": "TimeOfTheDay", + "type": "string" + }, + "TimeZone": { + "markdownDescription": "The timezone that you want the refresh schedule to use. The timezone ID must match a corresponding ID found on `java.util.time.getAvailableIDs()` .", + "title": "TimeZone", + "type": "string" } }, - "required": [ - "FieldId", - "TotalAggregationFunction" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.TotalOptions": { + "AWS::QuickSight::Template": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label string for the total cells.", - "title": "CustomLabel", + "Condition": { "type": "string" }, - "Placement": { - "markdownDescription": "The placement (start, end) for the total cells.", - "title": "Placement", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ScrollStatus": { - "markdownDescription": "The scroll status (pinned, scrolled) for the total cells.", - "title": "ScrollStatus", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "TotalAggregationOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TotalAggregationOption" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AwsAccountId": { + "markdownDescription": "The ID for the AWS account that the group is in. You use the ID for the AWS account that contains your Amazon QuickSight account.", + "title": "AwsAccountId", + "type": "string" + }, + "Definition": { + "$ref": "#/definitions/AWS::QuickSight::Template.TemplateVersionDefinition", + "markdownDescription": "", + "title": "Definition" + }, + "Name": { + "markdownDescription": "A display name for the template.", + "title": "Name", + "type": "string" + }, + "Permissions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ResourcePermission" + }, + "markdownDescription": "A list of resource permissions to be set on the template.", + "title": "Permissions", + "type": "array" + }, + "SourceEntity": { + "$ref": "#/definitions/AWS::QuickSight::Template.TemplateSourceEntity", + "markdownDescription": "The entity that you are using as a source when you create the template. In `SourceEntity` , you specify the type of object you're using as source: `SourceTemplate` for a template or `SourceAnalysis` for an analysis. Both of these require an Amazon Resource Name (ARN). For `SourceTemplate` , specify the ARN of the source template. For `SourceAnalysis` , specify the ARN of the source analysis. The `SourceTemplate` ARN can contain any AWS account and any Amazon QuickSight-supported AWS Region .\n\nUse the `DataSetReferences` entity within `SourceTemplate` or `SourceAnalysis` to list the replacement datasets for the placeholders listed in the original. The schema in each dataset must match its placeholder.\n\nEither a `SourceEntity` or a `Definition` must be provided in order for the request to be valid.", + "title": "SourceEntity" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Contains a map of the key-value pairs for the resource tag or tags assigned to the resource.", + "title": "Tags", + "type": "array" + }, + "TemplateId": { + "markdownDescription": "An ID for the template that you want to create. This template is unique per AWS Region ; in each AWS account.", + "title": "TemplateId", + "type": "string" + }, + "ValidationStrategy": { + "$ref": "#/definitions/AWS::QuickSight::Template.ValidationStrategy", + "markdownDescription": "The option to relax the validation that is required to create and update analyses, dashboards, and templates with definition objects. When you set this value to `LENIENT` , validation is skipped for specific errors.", + "title": "ValidationStrategy" + }, + "VersionDescription": { + "markdownDescription": "A description of the current template version being created. This API operation creates the first version of the template. Every time `UpdateTemplate` is called, a new version is created. Each version of the template maintains a description of the version in the `VersionDescription` field.", + "title": "VersionDescription", + "type": "string" + } }, - "markdownDescription": "The total aggregation settings for each value field.", - "title": "TotalAggregationOptions", - "type": "array" + "required": [ + "AwsAccountId", + "TemplateId" + ], + "type": "object" }, - "TotalCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", - "markdownDescription": "Cell styling options for the total cells.", - "title": "TotalCellStyle" + "Type": { + "enum": [ + "AWS::QuickSight::Template" + ], + "type": "string" }, - "TotalsVisibility": { - "markdownDescription": "The visibility configuration for the total cells.", - "title": "TotalsVisibility", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TreeMapAggregatedFieldWells": { + "AWS::QuickSight::Template.AggregationFunction": { "additionalProperties": false, "properties": { - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The color field well of a tree map. Values are grouped by aggregations based on group by fields.", - "title": "Colors", - "type": "array" + "AttributeAggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Template.AttributeAggregationFunction", + "markdownDescription": "Aggregation for attributes.", + "title": "AttributeAggregationFunction" }, - "Groups": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The group by field well of a tree map. Values are grouped based on group by fields.", - "title": "Groups", - "type": "array" + "CategoricalAggregationFunction": { + "markdownDescription": "Aggregation for categorical values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values.", + "title": "CategoricalAggregationFunction", + "type": "string" }, - "Sizes": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The size field well of a tree map. Values are aggregated based on group by fields.", - "title": "Sizes", - "type": "array" + "DateAggregationFunction": { + "markdownDescription": "Aggregation for date values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values.\n- `MIN` : Select the smallest date value.\n- `MAX` : Select the largest date value.", + "title": "DateAggregationFunction", + "type": "string" + }, + "NumericalAggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericalAggregationFunction", + "markdownDescription": "Aggregation for numerical values.", + "title": "NumericalAggregationFunction" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TreeMapConfiguration": { + "AWS::QuickSight::Template.AggregationSortConfiguration": { "additionalProperties": false, "properties": { - "ColorLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility) for the colors displayed in a tree map.", - "title": "ColorLabelOptions" - }, - "ColorScale": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColorScale", - "markdownDescription": "The color options (gradient color, point of divergence) of a tree map.", - "title": "ColorScale" - }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.", - "title": "DataLabels" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TreeMapFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "GroupLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility) of the groups that are displayed in a tree map.", - "title": "GroupLabelOptions" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" - }, - "SizeLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility) of the sizes that are displayed in a tree map.", - "title": "SizeLabelOptions" + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Template.AggregationFunction", + "markdownDescription": "The function that aggregates the values in `Column` .", + "title": "AggregationFunction" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TreeMapSortConfiguration", - "markdownDescription": "The sort configuration of a tree map.", - "title": "SortConfiguration" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that determines the sort order of aggregated values.", + "title": "Column" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" + "SortDirection": { + "markdownDescription": "The sort direction of values.\n\n- `ASC` : Sort in ascending order.\n- `DESC` : Sort in descending order.", + "title": "SortDirection", + "type": "string" } }, + "required": [ + "Column", + "SortDirection" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TreeMapFieldWells": { + "AWS::QuickSight::Template.AnalysisDefaults": { "additionalProperties": false, "properties": { - "TreeMapAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TreeMapAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a tree map.", - "title": "TreeMapAggregatedFieldWells" + "DefaultNewSheetConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultNewSheetConfiguration", + "markdownDescription": "The configuration for default new sheet settings.", + "title": "DefaultNewSheetConfiguration" } }, + "required": [ + "DefaultNewSheetConfiguration" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TreeMapSortConfiguration": { + "AWS::QuickSight::Template.AnchorDateConfiguration": { "additionalProperties": false, "properties": { - "TreeMapGroupItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of groups that are displayed.", - "title": "TreeMapGroupItemsLimitConfiguration" + "AnchorOption": { + "markdownDescription": "The options for the date configuration. Choose one of the options below:\n\n- `NOW`", + "title": "AnchorOption", + "type": "string" }, - "TreeMapSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of group by fields.", - "title": "TreeMapSort", - "type": "array" + "ParameterName": { + "markdownDescription": "The name of the parameter that is used for the anchor date configuration.", + "title": "ParameterName", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TreeMapVisual": { + "AWS::QuickSight::Template.ArcAxisConfiguration": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TreeMapConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" - }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "Range": { + "$ref": "#/definitions/AWS::QuickSight::Template.ArcAxisDisplayRange", + "markdownDescription": "The arc axis range of a `GaugeChartVisual` .", + "title": "Range" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "ReserveRange": { + "markdownDescription": "The reserved range of the arc axis.", + "title": "ReserveRange", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ArcAxisDisplayRange": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum value of the arc axis range.", + "title": "Max", + "type": "number" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Min": { + "markdownDescription": "The minimum value of the arc axis range.", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ArcConfiguration": { + "additionalProperties": false, + "properties": { + "ArcAngle": { + "markdownDescription": "The option that determines the arc angle of a `GaugeChartVisual` .", + "title": "ArcAngle", + "type": "number" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "ArcThickness": { + "markdownDescription": "The options that determine the arc thickness of a `GaugeChartVisual` .", + "title": "ArcThickness", "type": "string" } }, - "required": [ - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.TrendArrowOptions": { + "AWS::QuickSight::Template.ArcOptions": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility of the trend arrows.", - "title": "Visibility", + "ArcThickness": { + "markdownDescription": "The arc thickness of a `GaugeChartVisual` .", + "title": "ArcThickness", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.UnaggregatedField": { + "AWS::QuickSight::Template.AssetOptions": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that is used in the `UnaggregatedField` .", - "title": "Column" - }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "Timezone": { + "markdownDescription": "Determines the timezone for the analysis.", + "title": "Timezone", "type": "string" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" + "WeekStart": { + "markdownDescription": "Determines the week start day for an analysis.", + "title": "WeekStart", + "type": "string" } }, - "required": [ - "Column", - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.UniqueValuesComputation": { + "AWS::QuickSight::Template.AttributeAggregationFunction": { "additionalProperties": false, "properties": { - "Category": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", - "markdownDescription": "The category field that is used in a computation.", - "title": "Category" - }, - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", + "SimpleAttributeAggregation": { + "markdownDescription": "The built-in aggregation functions for attributes.\n\n- `UNIQUE_VALUE` : Returns the unique value for a field, aggregated by the dimension fields.", + "title": "SimpleAttributeAggregation", "type": "string" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "ValueForMultipleValues": { + "markdownDescription": "Used by the `UNIQUE_VALUE` aggregation function. If there are multiple values for the field used by the aggregation, the value for this property will be returned instead. Defaults to '*'.", + "title": "ValueForMultipleValues", "type": "string" } }, - "required": [ - "ComputationId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.ValidationStrategy": { + "AWS::QuickSight::Template.AxisDataOptions": { "additionalProperties": false, "properties": { - "Mode": { - "markdownDescription": "The mode of validation for the asset to be created or updated. When you set this value to `STRICT` , strict validation for every error is enforced. When you set this value to `LENIENT` , validation is skipped for specific UI errors.", - "title": "Mode", - "type": "string" + "DateAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DateAxisOptions", + "markdownDescription": "The options for an axis with a date field.", + "title": "DateAxisOptions" + }, + "NumericAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericAxisOptions", + "markdownDescription": "The options for an axis with a numeric field.", + "title": "NumericAxisOptions" } }, - "required": [ - "Mode" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.VisibleRangeOptions": { + "AWS::QuickSight::Template.AxisDisplayMinMaxRange": { "additionalProperties": false, "properties": { - "PercentRange": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PercentVisibleRange", - "markdownDescription": "The percent range in the visible range.", - "title": "PercentRange" + "Maximum": { + "markdownDescription": "The maximum setup for an axis display range.", + "title": "Maximum", + "type": "number" + }, + "Minimum": { + "markdownDescription": "The minimum setup for an axis display range.", + "title": "Minimum", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.Visual": { + "AWS::QuickSight::Template.AxisDisplayOptions": { "additionalProperties": false, "properties": { - "BarChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BarChartVisual", - "markdownDescription": "A bar chart.\n\nFor more information, see [Using bar charts](https://docs.aws.amazon.com/quicksight/latest/user/bar-charts.html) in the *Amazon QuickSight User Guide* .", - "title": "BarChartVisual" - }, - "BoxPlotVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotVisual", - "markdownDescription": "A box plot.\n\nFor more information, see [Using box plots](https://docs.aws.amazon.com/quicksight/latest/user/box-plots.html) in the *Amazon QuickSight User Guide* .", - "title": "BoxPlotVisual" - }, - "ComboChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComboChartVisual", - "markdownDescription": "A combo chart.\n\nFor more information, see [Using combo charts](https://docs.aws.amazon.com/quicksight/latest/user/combo-charts.html) in the *Amazon QuickSight User Guide* .", - "title": "ComboChartVisual" - }, - "CustomContentVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomContentVisual", - "markdownDescription": "A visual that contains custom content.\n\nFor more information, see [Using custom visual content](https://docs.aws.amazon.com/quicksight/latest/user/custom-visual-content.html) in the *Amazon QuickSight User Guide* .", - "title": "CustomContentVisual" - }, - "EmptyVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.EmptyVisual", - "markdownDescription": "An empty visual.", - "title": "EmptyVisual" - }, - "FilledMapVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapVisual", - "markdownDescription": "A filled map.\n\nFor more information, see [Creating filled maps](https://docs.aws.amazon.com/quicksight/latest/user/filled-maps.html) in the *Amazon QuickSight User Guide* .", - "title": "FilledMapVisual" - }, - "FunnelChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FunnelChartVisual", - "markdownDescription": "A funnel chart.\n\nFor more information, see [Using funnel charts](https://docs.aws.amazon.com/quicksight/latest/user/funnel-visual-content.html) in the *Amazon QuickSight User Guide* .", - "title": "FunnelChartVisual" - }, - "GaugeChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartVisual", - "markdownDescription": "A gauge chart.\n\nFor more information, see [Using gauge charts](https://docs.aws.amazon.com/quicksight/latest/user/gauge-chart.html) in the *Amazon QuickSight User Guide* .", - "title": "GaugeChartVisual" - }, - "GeospatialMapVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapVisual", - "markdownDescription": "A geospatial map or a points on map visual.\n\nFor more information, see [Creating point maps](https://docs.aws.amazon.com/quicksight/latest/user/point-maps.html) in the *Amazon QuickSight User Guide* .", - "title": "GeospatialMapVisual" - }, - "HeatMapVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeatMapVisual", - "markdownDescription": "A heat map.\n\nFor more information, see [Using heat maps](https://docs.aws.amazon.com/quicksight/latest/user/heat-map.html) in the *Amazon QuickSight User Guide* .", - "title": "HeatMapVisual" - }, - "HistogramVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.HistogramVisual", - "markdownDescription": "A histogram.\n\nFor more information, see [Using histograms](https://docs.aws.amazon.com/quicksight/latest/user/histogram-charts.html) in the *Amazon QuickSight User Guide* .", - "title": "HistogramVisual" - }, - "InsightVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.InsightVisual", - "markdownDescription": "An insight visual.\n\nFor more information, see [Working with insights](https://docs.aws.amazon.com/quicksight/latest/user/computational-insights.html) in the *Amazon QuickSight User Guide* .", - "title": "InsightVisual" - }, - "KPIVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIVisual", - "markdownDescription": "A key performance indicator (KPI).\n\nFor more information, see [Using KPIs](https://docs.aws.amazon.com/quicksight/latest/user/kpi.html) in the *Amazon QuickSight User Guide* .", - "title": "KPIVisual" - }, - "LineChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartVisual", - "markdownDescription": "A line chart.\n\nFor more information, see [Using line charts](https://docs.aws.amazon.com/quicksight/latest/user/line-charts.html) in the *Amazon QuickSight User Guide* .", - "title": "LineChartVisual" - }, - "PieChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PieChartVisual", - "markdownDescription": "A pie or donut chart.\n\nFor more information, see [Using pie charts](https://docs.aws.amazon.com/quicksight/latest/user/pie-chart.html) in the *Amazon QuickSight User Guide* .", - "title": "PieChartVisual" - }, - "PivotTableVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableVisual", - "markdownDescription": "A pivot table.\n\nFor more information, see [Using pivot tables](https://docs.aws.amazon.com/quicksight/latest/user/pivot-table.html) in the *Amazon QuickSight User Guide* .", - "title": "PivotTableVisual" - }, - "RadarChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartVisual", - "markdownDescription": "A radar chart visual.\n\nFor more information, see [Using radar charts](https://docs.aws.amazon.com/quicksight/latest/user/radar-chart.html) in the *Amazon QuickSight User Guide* .", - "title": "RadarChartVisual" - }, - "SankeyDiagramVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SankeyDiagramVisual", - "markdownDescription": "A sankey diagram.\n\nFor more information, see [Using Sankey diagrams](https://docs.aws.amazon.com/quicksight/latest/user/sankey-diagram.html) in the *Amazon QuickSight User Guide* .", - "title": "SankeyDiagramVisual" + "AxisLineVisibility": { + "markdownDescription": "Determines whether or not the axis line is visible.", + "title": "AxisLineVisibility", + "type": "object" }, - "ScatterPlotVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScatterPlotVisual", - "markdownDescription": "A scatter plot.\n\nFor more information, see [Using scatter plots](https://docs.aws.amazon.com/quicksight/latest/user/scatter-plot.html) in the *Amazon QuickSight User Guide* .", - "title": "ScatterPlotVisual" + "AxisOffset": { + "markdownDescription": "The offset value that determines the starting placement of the axis within a visual's bounds.", + "title": "AxisOffset", + "type": "string" }, - "TableVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableVisual", - "markdownDescription": "A table visual.\n\nFor more information, see [Using tables as visuals](https://docs.aws.amazon.com/quicksight/latest/user/tabular.html) in the *Amazon QuickSight User Guide* .", - "title": "TableVisual" + "DataOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDataOptions", + "markdownDescription": "The data options for an axis.", + "title": "DataOptions" }, - "TreeMapVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TreeMapVisual", - "markdownDescription": "A tree map.\n\nFor more information, see [Using tree maps](https://docs.aws.amazon.com/quicksight/latest/user/tree-map.html) in the *Amazon QuickSight User Guide* .", - "title": "TreeMapVisual" + "GridLineVisibility": { + "markdownDescription": "Determines whether or not the grid line is visible.", + "title": "GridLineVisibility", + "type": "object" }, - "WaterfallVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallVisual", - "markdownDescription": "A waterfall chart.\n\nFor more information, see [Using waterfall charts](https://docs.aws.amazon.com/quicksight/latest/user/waterfall-chart.html) in the *Amazon QuickSight User Guide* .", - "title": "WaterfallVisual" + "ScrollbarOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ScrollBarOptions", + "markdownDescription": "The scroll bar options for an axis.", + "title": "ScrollbarOptions" }, - "WordCloudVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WordCloudVisual", - "markdownDescription": "A word cloud.\n\nFor more information, see [Using word clouds](https://docs.aws.amazon.com/quicksight/latest/user/word-cloud.html) in the *Amazon QuickSight User Guide* .", - "title": "WordCloudVisual" + "TickLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisTickLabelOptions", + "markdownDescription": "The tick label options of an axis.", + "title": "TickLabelOptions" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.VisualAxisSortOption": { + "AWS::QuickSight::Template.AxisDisplayRange": { "additionalProperties": false, "properties": { - "AvailabilityStatus": { - "markdownDescription": "The availaiblity status of a visual's axis sort options.", - "title": "AvailabilityStatus", - "type": "string" + "DataDriven": { + "markdownDescription": "The data-driven setup of an axis display range.", + "title": "DataDriven", + "type": "object" + }, + "MinMax": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayMinMaxRange", + "markdownDescription": "The minimum and maximum setup of an axis display range.", + "title": "MinMax" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.VisualCustomAction": { + "AWS::QuickSight::Template.AxisLabelOptions": { "additionalProperties": false, "properties": { - "ActionOperations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomActionOperation" - }, - "markdownDescription": "A list of `VisualCustomActionOperations` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", - "title": "ActionOperations", - "type": "array" - }, - "CustomActionId": { - "markdownDescription": "The ID of the `VisualCustomAction` .", - "title": "CustomActionId", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the `VisualCustomAction` .", - "title": "Name", - "type": "string" + "ApplyTo": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisLabelReferenceOptions", + "markdownDescription": "The options that indicate which field the label belongs to.", + "title": "ApplyTo" }, - "Status": { - "markdownDescription": "The status of the `VisualCustomAction` .", - "title": "Status", + "CustomLabel": { + "markdownDescription": "The text for the axis label.", + "title": "CustomLabel", "type": "string" }, - "Trigger": { - "markdownDescription": "The trigger of the `VisualCustomAction` .\n\nValid values are defined as follows:\n\n- `DATA_POINT_CLICK` : Initiates a custom action by a left pointer click on a data point.\n- `DATA_POINT_MENU` : Initiates a custom action by right pointer click from the menu.", - "title": "Trigger", - "type": "string" + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "markdownDescription": "The font configuration of the axis label.", + "title": "FontConfiguration" } }, - "required": [ - "ActionOperations", - "CustomActionId", - "Name", - "Trigger" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.VisualCustomActionOperation": { + "AWS::QuickSight::Template.AxisLabelReferenceOptions": { "additionalProperties": false, "properties": { - "FilterOperation": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionFilterOperation", - "markdownDescription": "The filter operation that filters data included in a visual or in an entire sheet.", - "title": "FilterOperation" - }, - "NavigationOperation": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionNavigationOperation", - "markdownDescription": "The navigation operation that navigates between different sheets in the same analysis.", - "title": "NavigationOperation" - }, - "SetParametersOperation": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionSetParametersOperation", - "markdownDescription": "The set parameter operation that sets parameters in custom action.", - "title": "SetParametersOperation" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that the axis label is targeted to.", + "title": "Column" }, - "URLOperation": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionURLOperation", - "markdownDescription": "The URL operation that opens a link to another webpage.", - "title": "URLOperation" + "FieldId": { + "markdownDescription": "The field that the axis label is targeted to.", + "title": "FieldId", + "type": "string" } }, + "required": [ + "Column", + "FieldId" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.VisualMenuOption": { + "AWS::QuickSight::Template.AxisLinearScale": { "additionalProperties": false, "properties": { - "AvailabilityStatus": { - "markdownDescription": "The availaiblity status of a visual's menu options.", - "title": "AvailabilityStatus", - "type": "string" + "StepCount": { + "markdownDescription": "The step count setup of a linear axis.", + "title": "StepCount", + "type": "number" + }, + "StepSize": { + "markdownDescription": "The step size setup of a linear axis.", + "title": "StepSize", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.VisualPalette": { + "AWS::QuickSight::Template.AxisLogarithmicScale": { "additionalProperties": false, "properties": { - "ChartColor": { - "markdownDescription": "The chart color options for the visual palette.", - "title": "ChartColor", - "type": "string" - }, - "ColorMap": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathColor" - }, - "markdownDescription": "The color map options for the visual palette.", - "title": "ColorMap", - "type": "array" + "Base": { + "markdownDescription": "The base setup of a logarithmic axis scale.", + "title": "Base", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions": { + "AWS::QuickSight::Template.AxisScale": { "additionalProperties": false, "properties": { - "FormatText": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LongFormatText", - "markdownDescription": "The long text format of the subtitle label, such as plain text or rich text.", - "title": "FormatText" + "Linear": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisLinearScale", + "markdownDescription": "The linear axis scale setup.", + "title": "Linear" }, - "Visibility": { - "markdownDescription": "The visibility of the subtitle label.", - "title": "Visibility", - "type": "string" + "Logarithmic": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisLogarithmicScale", + "markdownDescription": "The logarithmic axis scale setup.", + "title": "Logarithmic" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.VisualTitleLabelOptions": { + "AWS::QuickSight::Template.AxisTickLabelOptions": { "additionalProperties": false, "properties": { - "FormatText": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ShortFormatText", - "markdownDescription": "The short text format of the title label, such as plain text or rich text.", - "title": "FormatText" + "LabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", + "markdownDescription": "Determines whether or not the axis ticks are visible.", + "title": "LabelOptions" }, - "Visibility": { - "markdownDescription": "The visibility of the title label.", - "title": "Visibility", - "type": "string" + "RotationAngle": { + "markdownDescription": "The rotation angle of the axis tick labels.", + "title": "RotationAngle", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.WaterfallChartAggregatedFieldWells": { + "AWS::QuickSight::Template.BarChartAggregatedFieldWells": { "additionalProperties": false, "properties": { - "Breakdowns": { + "Category": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, - "markdownDescription": "The breakdown field wells of a waterfall visual.", - "title": "Breakdowns", + "markdownDescription": "The category (y-axis) field well of a bar chart.", + "title": "Category", "type": "array" }, - "Categories": { + "Colors": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, - "markdownDescription": "The category field wells of a waterfall visual.", - "title": "Categories", + "markdownDescription": "The color (group/color) field well of a bar chart.", + "title": "Colors", + "type": "array" + }, + "SmallMultiples": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The small multiples field well of a bar chart.", + "title": "SmallMultiples", "type": "array" }, "Values": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" }, - "markdownDescription": "The value field wells of a waterfall visual.", + "markdownDescription": "The value field wells of a bar chart. Values are aggregated by category.", "title": "Values", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.WaterfallChartConfiguration": { + "AWS::QuickSight::Template.BarChartConfiguration": { "additionalProperties": false, "properties": { - "CategoryAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the category axis.", - "title": "CategoryAxisDisplayOptions" + "BarsArrangement": { + "markdownDescription": "Determines the arrangement of the bars. The orientation and arrangement of bars determine the type of bar that is used in the visual.", + "title": "BarsArrangement", + "type": "string" }, - "CategoryAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the category axis label.", - "title": "CategoryAxisLabelOptions" + "CategoryAxis": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) for bar chart category.", + "title": "CategoryAxis" + }, + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a bar chart.", + "title": "CategoryLabelOptions" + }, + "ColorLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a color that is used in a bar chart.", + "title": "ColorLabelOptions" + }, + "ContributionAnalysisDefaults": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ContributionAnalysisDefault" + }, + "markdownDescription": "The contribution analysis (anomaly configuration) setup of the visual.", + "title": "ContributionAnalysisDefaults", + "type": "array" }, "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", - "markdownDescription": "The data label configuration of a waterfall visual.", + "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.", "title": "DataLabels" }, "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallChartFieldWells", - "markdownDescription": "The field well configuration of a waterfall visual.", + "$ref": "#/definitions/AWS::QuickSight::Template.BarChartFieldWells", + "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", - "markdownDescription": "The legend configuration of a waterfall visual.", + "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", "title": "Legend" }, - "PrimaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the y-axis.", - "title": "PrimaryYAxisDisplayOptions" + "Orientation": { + "markdownDescription": "The orientation of the bars in a bar chart visual. There are two valid values in this structure:\n\n- `HORIZONTAL` : Used for charts that have horizontal bars. Visuals that use this value are horizontal bar charts, horizontal stacked bar charts, and horizontal stacked 100% bar charts.\n- `VERTICAL` : Used for charts that have vertical bars. Visuals that use this value are vertical bar charts, vertical stacked bar charts, and vertical stacked 100% bar charts.", + "title": "Orientation", + "type": "string" }, - "PrimaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the y-axis label.", - "title": "PrimaryYAxisLabelOptions" + "ReferenceLines": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLine" + }, + "markdownDescription": "The reference line setup of the visual.", + "title": "ReferenceLines", + "type": "array" + }, + "SmallMultiplesOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SmallMultiplesOptions", + "markdownDescription": "The small multiples setup for the visual.", + "title": "SmallMultiplesOptions" }, "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallChartSortConfiguration", - "markdownDescription": "The sort configuration of a waterfall visual.", + "$ref": "#/definitions/AWS::QuickSight::Template.BarChartSortConfiguration", + "markdownDescription": "The sort configuration of a `BarChartVisual` .", "title": "SortConfiguration" }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + }, + "ValueAxis": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) for a bar chart value.", + "title": "ValueAxis" + }, + "ValueLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a bar chart value.", + "title": "ValueLabelOptions" + }, "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", - "markdownDescription": "The visual palette configuration of a waterfall visual.", + "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", "title": "VisualPalette" - }, - "WaterfallChartOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallChartOptions", - "markdownDescription": "The options that determine the presentation of a waterfall visual.", - "title": "WaterfallChartOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.WaterfallChartFieldWells": { - "additionalProperties": false, - "properties": { - "WaterfallChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallChartAggregatedFieldWells", - "markdownDescription": "The field well configuration of a waterfall visual.", - "title": "WaterfallChartAggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.WaterfallChartOptions": { + "AWS::QuickSight::Template.BarChartFieldWells": { "additionalProperties": false, "properties": { - "TotalBarLabel": { - "markdownDescription": "This option determines the total bar label of a waterfall visual.", - "title": "TotalBarLabel", - "type": "string" + "BarChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.BarChartAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a bar chart.", + "title": "BarChartAggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.WaterfallChartSortConfiguration": { + "AWS::QuickSight::Template.BarChartSortConfiguration": { "additionalProperties": false, "properties": { - "BreakdownItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of bar groups that are displayed.", - "title": "BreakdownItemsLimit" + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of categories displayed in a bar chart.", + "title": "CategoryItemsLimit" }, "CategorySort": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" }, - "markdownDescription": "The sort configuration of the category fields.", + "markdownDescription": "The sort configuration of category fields.", "title": "CategorySort", "type": "array" + }, + "ColorItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of values displayed in a bar chart.", + "title": "ColorItemsLimit" + }, + "ColorSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of color fields in a bar chart.", + "title": "ColorSort", + "type": "array" + }, + "SmallMultiplesLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of small multiples panels that are displayed.", + "title": "SmallMultiplesLimitConfiguration" + }, + "SmallMultiplesSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the small multiples field.", + "title": "SmallMultiplesSort", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.WaterfallVisual": { + "AWS::QuickSight::Template.BarChartVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallChartConfiguration", - "markdownDescription": "The configuration for a waterfall visual.", + "$ref": "#/definitions/AWS::QuickSight::Template.BarChartConfiguration", + "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", @@ -207718,200 +251758,379 @@ ], "type": "object" }, - "AWS::QuickSight::Dashboard.WhatIfPointScenario": { + "AWS::QuickSight::Template.BinCountOptions": { "additionalProperties": false, "properties": { - "Date": { - "markdownDescription": "The date that you need the forecast results for.", - "title": "Date", - "type": "string" + "Value": { + "markdownDescription": "The options that determine the bin count value.", + "title": "Value", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.BinWidthOptions": { + "additionalProperties": false, + "properties": { + "BinCountLimit": { + "markdownDescription": "The options that determine the bin count limit.", + "title": "BinCountLimit", + "type": "number" }, "Value": { - "markdownDescription": "The target value that you want to meet for the provided date.", + "markdownDescription": "The options that determine the bin width value.", "title": "Value", "type": "number" } }, + "type": "object" + }, + "AWS::QuickSight::Template.BodySectionConfiguration": { + "additionalProperties": false, + "properties": { + "Content": { + "$ref": "#/definitions/AWS::QuickSight::Template.BodySectionContent", + "markdownDescription": "The configuration of content in a body section.", + "title": "Content" + }, + "PageBreakConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.SectionPageBreakConfiguration", + "markdownDescription": "The configuration of a page break for a section.", + "title": "PageBreakConfiguration" + }, + "RepeatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.BodySectionRepeatConfiguration", + "markdownDescription": "Describes the configurations that are required to declare a section as repeating.", + "title": "RepeatConfiguration" + }, + "SectionId": { + "markdownDescription": "The unique identifier of a body section.", + "title": "SectionId", + "type": "string" + }, + "Style": { + "$ref": "#/definitions/AWS::QuickSight::Template.SectionStyle", + "markdownDescription": "The style options of a body section.", + "title": "Style" + } + }, "required": [ - "Date", - "Value" + "Content", + "SectionId" ], "type": "object" }, - "AWS::QuickSight::Dashboard.WhatIfRangeScenario": { + "AWS::QuickSight::Template.BodySectionContent": { "additionalProperties": false, "properties": { - "EndDate": { - "markdownDescription": "The end date in the date range that you need the forecast results for.", - "title": "EndDate", - "type": "string" + "Layout": { + "$ref": "#/definitions/AWS::QuickSight::Template.SectionLayoutConfiguration", + "markdownDescription": "The layout configuration of a body section.", + "title": "Layout" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.BodySectionDynamicCategoryDimensionConfiguration": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "", + "title": "Column" }, - "StartDate": { - "markdownDescription": "The start date in the date range that you need the forecast results for.", - "title": "StartDate", - "type": "string" + "Limit": { + "markdownDescription": "Number of values to use from the column for repetition.", + "title": "Limit", + "type": "number" }, - "Value": { - "markdownDescription": "The target value that you want to meet for the provided date range.", - "title": "Value", + "SortByMetrics": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnSort" + }, + "markdownDescription": "Sort criteria on the column values that you use for repetition.", + "title": "SortByMetrics", + "type": "array" + } + }, + "required": [ + "Column" + ], + "type": "object" + }, + "AWS::QuickSight::Template.BodySectionDynamicNumericDimensionConfiguration": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "", + "title": "Column" + }, + "Limit": { + "markdownDescription": "Number of values to use from the column for repetition.", + "title": "Limit", "type": "number" + }, + "SortByMetrics": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnSort" + }, + "markdownDescription": "Sort criteria on the column values that you use for repetition.", + "title": "SortByMetrics", + "type": "array" } }, "required": [ - "EndDate", - "StartDate", - "Value" + "Column" ], "type": "object" }, - "AWS::QuickSight::Dashboard.WordCloudAggregatedFieldWells": { + "AWS::QuickSight::Template.BodySectionRepeatConfiguration": { + "additionalProperties": false, + "properties": { + "DimensionConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.BodySectionRepeatDimensionConfiguration" + }, + "markdownDescription": "List of `BodySectionRepeatDimensionConfiguration` values that describe the dataset column and constraints for the column used to repeat the contents of a section.", + "title": "DimensionConfigurations", + "type": "array" + }, + "NonRepeatingVisuals": { + "items": { + "type": "string" + }, + "markdownDescription": "List of visuals to exclude from repetition in repeating sections. The visuals will render identically, and ignore the repeating configurations in all repeating instances.", + "title": "NonRepeatingVisuals", + "type": "array" + }, + "PageBreakConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.BodySectionRepeatPageBreakConfiguration", + "markdownDescription": "Page break configuration to apply for each repeating instance.", + "title": "PageBreakConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.BodySectionRepeatDimensionConfiguration": { + "additionalProperties": false, + "properties": { + "DynamicCategoryDimensionConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.BodySectionDynamicCategoryDimensionConfiguration", + "markdownDescription": "Describes the *Category* dataset column and constraints around the dynamic values that will be used in repeating the section contents.", + "title": "DynamicCategoryDimensionConfiguration" + }, + "DynamicNumericDimensionConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.BodySectionDynamicNumericDimensionConfiguration", + "markdownDescription": "Describes the *Numeric* dataset column and constraints around the dynamic values used to repeat the contents of a section.", + "title": "DynamicNumericDimensionConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.BodySectionRepeatPageBreakConfiguration": { + "additionalProperties": false, + "properties": { + "After": { + "$ref": "#/definitions/AWS::QuickSight::Template.SectionAfterPageBreak", + "markdownDescription": "", + "title": "After" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.BoxPlotAggregatedFieldWells": { "additionalProperties": false, "properties": { "GroupBy": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, - "markdownDescription": "The group by field well of a word cloud. Values are grouped by group by fields.", + "markdownDescription": "The group by field well of a box plot chart. Values are grouped based on group by fields.", "title": "GroupBy", "type": "array" }, - "Size": { + "Values": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" }, - "markdownDescription": "The size field well of a word cloud. Values are aggregated based on group by fields.", - "title": "Size", + "markdownDescription": "The value field well of a box plot chart. Values are aggregated based on group by fields.", + "title": "Values", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.WordCloudChartConfiguration": { + "AWS::QuickSight::Template.BoxPlotChartConfiguration": { "additionalProperties": false, "properties": { + "BoxPlotOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotOptions", + "markdownDescription": "The box plot chart options for a box plot visual", + "title": "BoxPlotOptions" + }, + "CategoryAxis": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) of a box plot category.", + "title": "CategoryAxis" + }, "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) for the word cloud category.", + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort Icon visibility) of a box plot category.", "title": "CategoryLabelOptions" }, "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WordCloudFieldWells", + "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "markdownDescription": "", + "title": "Legend" + }, + "PrimaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) of a box plot category.", + "title": "PrimaryYAxisDisplayOptions" + }, + "PrimaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort icon visibility) of a box plot value.", + "title": "PrimaryYAxisLabelOptions" + }, + "ReferenceLines": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLine" + }, + "markdownDescription": "The reference line setup of the visual.", + "title": "ReferenceLines", + "type": "array" + }, "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WordCloudSortConfiguration", - "markdownDescription": "The sort configuration of a word cloud visual.", + "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotSortConfiguration", + "markdownDescription": "The sort configuration of a `BoxPlotVisual` .", "title": "SortConfiguration" }, - "WordCloudOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WordCloudOptions", - "markdownDescription": "The options for a word cloud visual.", - "title": "WordCloudOptions" + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.WordCloudFieldWells": { + "AWS::QuickSight::Template.BoxPlotFieldWells": { "additionalProperties": false, "properties": { - "WordCloudAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WordCloudAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a word cloud.", - "title": "WordCloudAggregatedFieldWells" + "BoxPlotAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a box plot.", + "title": "BoxPlotAggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.WordCloudOptions": { + "AWS::QuickSight::Template.BoxPlotOptions": { "additionalProperties": false, "properties": { - "CloudLayout": { - "markdownDescription": "The cloud layout options (fluid, normal) of a word cloud.", - "title": "CloudLayout", - "type": "string" - }, - "MaximumStringLength": { - "markdownDescription": "The length limit of each word from 1-100.", - "title": "MaximumStringLength", - "type": "number" - }, - "WordCasing": { - "markdownDescription": "The word casing options (lower_case, existing_case) for the words in a word cloud.", - "title": "WordCasing", - "type": "string" - }, - "WordOrientation": { - "markdownDescription": "The word orientation options (horizontal, horizontal_and_vertical) for the words in a word cloud.", - "title": "WordOrientation", - "type": "string" + "AllDataPointsVisibility": { + "markdownDescription": "Determines the visibility of all data points of the box plot.", + "title": "AllDataPointsVisibility", + "type": "object" }, - "WordPadding": { - "markdownDescription": "The word padding options (none, small, medium, large) for the words in a word cloud.", - "title": "WordPadding", - "type": "string" + "OutlierVisibility": { + "markdownDescription": "Determines the visibility of the outlier in a box plot.", + "title": "OutlierVisibility", + "type": "object" }, - "WordScaling": { - "markdownDescription": "The word scaling options (emphasize, normal) for the words in a word cloud.", - "title": "WordScaling", - "type": "string" + "StyleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotStyleOptions", + "markdownDescription": "The style options of the box plot.", + "title": "StyleOptions" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.WordCloudSortConfiguration": { + "AWS::QuickSight::Template.BoxPlotSortConfiguration": { "additionalProperties": false, "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of groups that are displayed in a word cloud.", - "title": "CategoryItemsLimit" - }, "CategorySort": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" }, - "markdownDescription": "The sort configuration of group by fields.", + "markdownDescription": "The sort configuration of a group by fields.", "title": "CategorySort", "type": "array" + }, + "PaginationConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.PaginationConfiguration", + "markdownDescription": "The pagination configuration of a table visual or box plot.", + "title": "PaginationConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.WordCloudVisual": { + "AWS::QuickSight::Template.BoxPlotStyleOptions": { + "additionalProperties": false, + "properties": { + "FillStyle": { + "markdownDescription": "The fill styles (solid, transparent) of the box plot.", + "title": "FillStyle", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.BoxPlotVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WordCloudChartConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotChartConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", "title": "VisualId", @@ -207923,2815 +252142,2740 @@ ], "type": "object" }, - "AWS::QuickSight::DataSet": { + "AWS::QuickSight::Template.CalculatedField": { "additionalProperties": false, "properties": { - "Condition": { + "DataSetIdentifier": { + "markdownDescription": "The data set that is used in this calculated field.", + "title": "DataSetIdentifier", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Expression": { + "markdownDescription": "The expression of the calculated field.", + "title": "Expression", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AwsAccountId": { - "markdownDescription": "The AWS account ID.", - "title": "AwsAccountId", - "type": "string" - }, - "ColumnGroups": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.ColumnGroup" - }, - "markdownDescription": "Groupings of columns that work together in certain Amazon QuickSight features. Currently, only geospatial hierarchy is supported.", - "title": "ColumnGroups", - "type": "array" - }, - "ColumnLevelPermissionRules": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.ColumnLevelPermissionRule" - }, - "markdownDescription": "A set of one or more definitions of a `ColumnLevelPermissionRule` .", - "title": "ColumnLevelPermissionRules", - "type": "array" - }, - "DataSetId": { - "markdownDescription": "An ID for the dataset that you want to create. This ID is unique per AWS Region for each AWS account.", - "title": "DataSetId", - "type": "string" - }, - "DataSetRefreshProperties": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.DataSetRefreshProperties", - "markdownDescription": "The refresh properties of a dataset.", - "title": "DataSetRefreshProperties" - }, - "DataSetUsageConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.DataSetUsageConfiguration", - "markdownDescription": "The usage configuration to apply to child datasets that reference this dataset as a source.", - "title": "DataSetUsageConfiguration" - }, - "DatasetParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.DatasetParameter" - }, - "markdownDescription": "The parameters that are declared in a dataset.", - "title": "DatasetParameters", - "type": "array" - }, - "FieldFolders": { - "additionalProperties": false, - "markdownDescription": "The folder that contains fields and nested subfolders for your dataset.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.FieldFolder" - } - }, - "title": "FieldFolders", - "type": "object" - }, - "ImportMode": { - "markdownDescription": "Indicates whether you want to import the data into SPICE.", - "title": "ImportMode", - "type": "string" - }, - "IngestionWaitPolicy": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.IngestionWaitPolicy", - "markdownDescription": "The wait policy to use when creating or updating a Dataset. The default is to wait for SPICE ingestion to finish with timeout of 36 hours.", - "title": "IngestionWaitPolicy" - }, - "LogicalTableMap": { - "additionalProperties": false, - "markdownDescription": "Configures the combination and transformation of the data from the physical tables.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.LogicalTable" - } - }, - "title": "LogicalTableMap", - "type": "object" - }, - "Name": { - "markdownDescription": "The display name for the dataset.", - "title": "Name", - "type": "string" - }, - "Permissions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.ResourcePermission" - }, - "markdownDescription": "A list of resource permissions on the dataset.", - "title": "Permissions", - "type": "array" - }, - "PhysicalTableMap": { - "additionalProperties": false, - "markdownDescription": "Declares the physical tables that are available in the underlying data sources.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.PhysicalTable" - } - }, - "title": "PhysicalTableMap", - "type": "object" - }, - "RowLevelPermissionDataSet": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.RowLevelPermissionDataSet", - "markdownDescription": "The row-level security configuration for the data that you want to create.", - "title": "RowLevelPermissionDataSet" - }, - "RowLevelPermissionTagConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.RowLevelPermissionTagConfiguration", - "markdownDescription": "The element you can use to define tags for row-level security.", - "title": "RowLevelPermissionTagConfiguration" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Contains a map of the key-value pairs for the resource tag or tags assigned to the dataset.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::QuickSight::DataSet" - ], + "Name": { + "markdownDescription": "The name of the calculated field.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "DataSetIdentifier", + "Expression", + "Name" + ], + "type": "object" + }, + "AWS::QuickSight::Template.CalculatedMeasureField": { + "additionalProperties": false, + "properties": { + "Expression": { + "markdownDescription": "The expression in the table calculation.", + "title": "Expression", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", "type": "string" } }, "required": [ - "Type" + "Expression", + "FieldId" ], "type": "object" }, - "AWS::QuickSight::DataSet.CalculatedColumn": { + "AWS::QuickSight::Template.CascadingControlConfiguration": { "additionalProperties": false, "properties": { - "ColumnId": { - "markdownDescription": "A unique ID to identify a calculated column. During a dataset update, if the column ID of a calculated column matches that of an existing calculated column, Amazon QuickSight preserves the existing calculated column.", - "title": "ColumnId", + "SourceControls": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.CascadingControlSource" + }, + "markdownDescription": "A list of source controls that determine the values that are used in the current control.", + "title": "SourceControls", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.CascadingControlSource": { + "additionalProperties": false, + "properties": { + "ColumnToMatch": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column identifier that determines which column to look up for the source sheet control.", + "title": "ColumnToMatch" + }, + "SourceSheetControlId": { + "markdownDescription": "The source sheet control ID of a `CascadingControlSource` .", + "title": "SourceSheetControlId", "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.CategoricalDimensionField": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that is used in the `CategoricalDimensionField` .", + "title": "Column" }, - "ColumnName": { - "markdownDescription": "Column name.", - "title": "ColumnName", + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", "type": "string" }, - "Expression": { - "markdownDescription": "An expression that defines the calculated column.", - "title": "Expression", + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.StringFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" + }, + "HierarchyId": { + "markdownDescription": "The custom hierarchy ID.", + "title": "HierarchyId", "type": "string" } }, "required": [ - "ColumnId", - "ColumnName", - "Expression" + "Column", + "FieldId" ], "type": "object" }, - "AWS::QuickSight::DataSet.CastColumnTypeOperation": { + "AWS::QuickSight::Template.CategoricalMeasureField": { "additionalProperties": false, "properties": { - "ColumnName": { - "markdownDescription": "Column name.", - "title": "ColumnName", + "AggregationFunction": { + "markdownDescription": "The aggregation function of the measure field.", + "title": "AggregationFunction", "type": "string" }, - "Format": { - "markdownDescription": "When casting a column from string to datetime type, you can supply a string in a format supported by Amazon QuickSight to denote the source data format.", - "title": "Format", - "type": "string" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that is used in the `CategoricalMeasureField` .", + "title": "Column" }, - "NewColumnType": { - "markdownDescription": "New column data type.", - "title": "NewColumnType", + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", "type": "string" }, - "SubType": { - "markdownDescription": "The sub data type of the new column. Sub types are only available for decimal columns that are part of a SPICE dataset.", - "title": "SubType", - "type": "string" + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.StringFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" } }, "required": [ - "ColumnName", - "NewColumnType" + "Column", + "FieldId" ], "type": "object" }, - "AWS::QuickSight::DataSet.ColumnDescription": { + "AWS::QuickSight::Template.CategoryDrillDownFilter": { "additionalProperties": false, "properties": { - "Text": { - "markdownDescription": "The text of a description for a column.", - "title": "Text", + "CategoryValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the string inputs that are the values of the category drill down filter.", + "title": "CategoryValues", + "type": "array" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + } + }, + "required": [ + "CategoryValues", + "Column" + ], + "type": "object" + }, + "AWS::QuickSight::Template.CategoryFilter": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "Configuration": { + "$ref": "#/definitions/AWS::QuickSight::Template.CategoryFilterConfiguration", + "markdownDescription": "The configuration for a `CategoryFilter` .", + "title": "Configuration" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", "type": "string" } }, + "required": [ + "Column", + "Configuration", + "FilterId" + ], "type": "object" }, - "AWS::QuickSight::DataSet.ColumnGroup": { + "AWS::QuickSight::Template.CategoryFilterConfiguration": { "additionalProperties": false, "properties": { - "GeoSpatialColumnGroup": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.GeoSpatialColumnGroup", - "markdownDescription": "Geospatial column group that denotes a hierarchy.", - "title": "GeoSpatialColumnGroup" + "CustomFilterConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomFilterConfiguration", + "markdownDescription": "A custom filter that filters based on a single value. This filter can be partially matched.", + "title": "CustomFilterConfiguration" + }, + "CustomFilterListConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomFilterListConfiguration", + "markdownDescription": "A list of custom filter values. In the Amazon QuickSight console, this filter type is called a custom filter list.", + "title": "CustomFilterListConfiguration" + }, + "FilterListConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterListConfiguration", + "markdownDescription": "A list of filter configurations. In the Amazon QuickSight console, this filter type is called a filter list.", + "title": "FilterListConfiguration" } }, "type": "object" }, - "AWS::QuickSight::DataSet.ColumnLevelPermissionRule": { + "AWS::QuickSight::Template.CategoryInnerFilter": { "additionalProperties": false, "properties": { - "ColumnNames": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of column names.", - "title": "ColumnNames", - "type": "array" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "", + "title": "Column" }, - "Principals": { + "Configuration": { + "$ref": "#/definitions/AWS::QuickSight::Template.CategoryFilterConfiguration", + "markdownDescription": "", + "title": "Configuration" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", + "markdownDescription": "", + "title": "DefaultFilterControlConfiguration" + } + }, + "required": [ + "Column", + "Configuration" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ChartAxisLabelOptions": { + "additionalProperties": false, + "properties": { + "AxisLabelOptions": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Template.AxisLabelOptions" }, - "markdownDescription": "An array of Amazon Resource Names (ARNs) for QuickSight users or groups.", - "title": "Principals", + "markdownDescription": "The label options for a chart axis.", + "title": "AxisLabelOptions", "type": "array" + }, + "SortIconVisibility": { + "markdownDescription": "The visibility configuration of the sort icon on a chart's axis label.", + "title": "SortIconVisibility", + "type": "object" + }, + "Visibility": { + "markdownDescription": "The visibility of an axis label on a chart. Choose one of the following options:\n\n- `VISIBLE` : Shows the axis.\n- `HIDDEN` : Hides the axis.", + "title": "Visibility", + "type": "object" } }, "type": "object" }, - "AWS::QuickSight::DataSet.ColumnTag": { + "AWS::QuickSight::Template.ClusterMarker": { "additionalProperties": false, "properties": { - "ColumnDescription": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.ColumnDescription", - "markdownDescription": "A description for a column.", - "title": "ColumnDescription" - }, - "ColumnGeographicRole": { - "markdownDescription": "A geospatial role for a column.", - "title": "ColumnGeographicRole", - "type": "string" + "SimpleClusterMarker": { + "$ref": "#/definitions/AWS::QuickSight::Template.SimpleClusterMarker", + "markdownDescription": "The simple cluster marker of the cluster marker.", + "title": "SimpleClusterMarker" } }, "type": "object" }, - "AWS::QuickSight::DataSet.CreateColumnsOperation": { + "AWS::QuickSight::Template.ClusterMarkerConfiguration": { "additionalProperties": false, "properties": { - "Columns": { + "ClusterMarker": { + "$ref": "#/definitions/AWS::QuickSight::Template.ClusterMarker", + "markdownDescription": "The cluster marker that is a part of the cluster marker configuration.", + "title": "ClusterMarker" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ColorScale": { + "additionalProperties": false, + "properties": { + "ColorFillType": { + "markdownDescription": "Determines the color fill type.", + "title": "ColorFillType", + "type": "string" + }, + "Colors": { "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.CalculatedColumn" + "$ref": "#/definitions/AWS::QuickSight::Template.DataColor" }, - "markdownDescription": "Calculated columns to create.", - "title": "Columns", + "markdownDescription": "Determines the list of colors that are applied to the visual.", + "title": "Colors", "type": "array" + }, + "NullValueColor": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataColor", + "markdownDescription": "Determines the color that is applied to null values.", + "title": "NullValueColor" } }, "required": [ - "Columns" + "ColorFillType", + "Colors" ], "type": "object" }, - "AWS::QuickSight::DataSet.CustomSql": { + "AWS::QuickSight::Template.ColorsConfiguration": { "additionalProperties": false, "properties": { - "Columns": { + "CustomColors": { "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.InputColumn" + "$ref": "#/definitions/AWS::QuickSight::Template.CustomColor" }, - "markdownDescription": "The column schema from the SQL query result set.", - "title": "Columns", + "markdownDescription": "A list of up to 50 custom colors.", + "title": "CustomColors", "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ColumnConfiguration": { + "additionalProperties": false, + "properties": { + "ColorsConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColorsConfiguration", + "markdownDescription": "The color configurations of the column.", + "title": "ColorsConfiguration" }, - "DataSourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the data source.", - "title": "DataSourceArn", - "type": "string" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column.", + "title": "Column" }, - "Name": { - "markdownDescription": "A display name for the SQL query result.", - "title": "Name", - "type": "string" + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FormatConfiguration", + "markdownDescription": "The format configuration of a column.", + "title": "FormatConfiguration" }, - "SqlQuery": { - "markdownDescription": "The SQL query.", - "title": "SqlQuery", + "Role": { + "markdownDescription": "The role of the column.", + "title": "Role", "type": "string" } }, "required": [ - "Columns", - "DataSourceArn", - "Name", - "SqlQuery" + "Column" ], "type": "object" }, - "AWS::QuickSight::DataSet.DataSetRefreshProperties": { + "AWS::QuickSight::Template.ColumnGroupColumnSchema": { "additionalProperties": false, "properties": { - "RefreshConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.RefreshConfiguration", - "markdownDescription": "The refresh configuration for a dataset.", - "title": "RefreshConfiguration" + "Name": { + "markdownDescription": "The name of the column group's column schema.", + "title": "Name", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::DataSet.DataSetUsageConfiguration": { + "AWS::QuickSight::Template.ColumnGroupSchema": { "additionalProperties": false, "properties": { - "DisableUseAsDirectQuerySource": { - "markdownDescription": "An option that controls whether a child dataset of a direct query can use this dataset as a source.", - "title": "DisableUseAsDirectQuerySource", - "type": "boolean" + "ColumnGroupColumnSchemaList": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnGroupColumnSchema" + }, + "markdownDescription": "A structure containing the list of schemas for column group columns.", + "title": "ColumnGroupColumnSchemaList", + "type": "array" }, - "DisableUseAsImportedSource": { - "markdownDescription": "An option that controls whether a child dataset that's stored in QuickSight can use this dataset as a source.", - "title": "DisableUseAsImportedSource", - "type": "boolean" + "Name": { + "markdownDescription": "The name of the column group schema.", + "title": "Name", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::DataSet.DatasetParameter": { + "AWS::QuickSight::Template.ColumnHierarchy": { "additionalProperties": false, "properties": { - "DateTimeDatasetParameter": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.DateTimeDatasetParameter", - "markdownDescription": "A date time parameter that is created in the dataset.", - "title": "DateTimeDatasetParameter" - }, - "DecimalDatasetParameter": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.DecimalDatasetParameter", - "markdownDescription": "A decimal parameter that is created in the dataset.", - "title": "DecimalDatasetParameter" + "DateTimeHierarchy": { + "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeHierarchy", + "markdownDescription": "The option that determines the hierarchy of any `DateTime` fields.", + "title": "DateTimeHierarchy" }, - "IntegerDatasetParameter": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.IntegerDatasetParameter", - "markdownDescription": "An integer parameter that is created in the dataset.", - "title": "IntegerDatasetParameter" + "ExplicitHierarchy": { + "$ref": "#/definitions/AWS::QuickSight::Template.ExplicitHierarchy", + "markdownDescription": "The option that determines the hierarchy of the fields that are built within a visual's field wells. These fields can't be duplicated to other visuals.", + "title": "ExplicitHierarchy" }, - "StringDatasetParameter": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.StringDatasetParameter", - "markdownDescription": "A string parameter that is created in the dataset.", - "title": "StringDatasetParameter" + "PredefinedHierarchy": { + "$ref": "#/definitions/AWS::QuickSight::Template.PredefinedHierarchy", + "markdownDescription": "The option that determines the hierarchy of the fields that are defined during data preparation. These fields are available to use in any analysis that uses the data source.", + "title": "PredefinedHierarchy" } }, "type": "object" }, - "AWS::QuickSight::DataSet.DateTimeDatasetParameter": { + "AWS::QuickSight::Template.ColumnIdentifier": { "additionalProperties": false, "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.DateTimeDatasetParameterDefaultValues", - "markdownDescription": "A list of default values for a given date time parameter. This structure only accepts static values.", - "title": "DefaultValues" - }, - "Id": { - "markdownDescription": "An identifier for the parameter that is created in the dataset.", - "title": "Id", + "ColumnName": { + "markdownDescription": "The name of the column.", + "title": "ColumnName", "type": "string" }, - "Name": { - "markdownDescription": "The name of the date time parameter that is created in the dataset.", - "title": "Name", + "DataSetIdentifier": { + "markdownDescription": "The data set that the column belongs to.", + "title": "DataSetIdentifier", + "type": "string" + } + }, + "required": [ + "ColumnName", + "DataSetIdentifier" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ColumnSchema": { + "additionalProperties": false, + "properties": { + "DataType": { + "markdownDescription": "The data type of the column schema.", + "title": "DataType", "type": "string" }, - "TimeGranularity": { - "markdownDescription": "The time granularity of the date time parameter.", - "title": "TimeGranularity", + "GeographicRole": { + "markdownDescription": "The geographic role of the column schema.", + "title": "GeographicRole", "type": "string" }, - "ValueType": { - "markdownDescription": "The value type of the dataset parameter. Valid values are `single value` or `multi value` .", - "title": "ValueType", + "Name": { + "markdownDescription": "The name of the column schema.", + "title": "Name", "type": "string" } }, - "required": [ - "Id", - "Name", - "ValueType" - ], "type": "object" }, - "AWS::QuickSight::DataSet.DateTimeDatasetParameterDefaultValues": { + "AWS::QuickSight::Template.ColumnSort": { "additionalProperties": false, "properties": { - "StaticValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of static default values for a given date time parameter. The valid format for this property is `yyyy-MM-dd\u2019T\u2019HH:mm:ss\u2019Z\u2019` .", - "title": "StaticValues", - "type": "array" + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Template.AggregationFunction", + "markdownDescription": "The aggregation function that is defined in the column sort.", + "title": "AggregationFunction" + }, + "Direction": { + "markdownDescription": "The sort direction.", + "title": "Direction", + "type": "string" + }, + "SortBy": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "", + "title": "SortBy" } }, + "required": [ + "Direction", + "SortBy" + ], "type": "object" }, - "AWS::QuickSight::DataSet.DecimalDatasetParameter": { + "AWS::QuickSight::Template.ColumnTooltipItem": { "additionalProperties": false, "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.DecimalDatasetParameterDefaultValues", - "markdownDescription": "A list of default values for a given decimal parameter. This structure only accepts static values.", - "title": "DefaultValues" + "Aggregation": { + "$ref": "#/definitions/AWS::QuickSight::Template.AggregationFunction", + "markdownDescription": "The aggregation function of the column tooltip item.", + "title": "Aggregation" }, - "Id": { - "markdownDescription": "An identifier for the decimal parameter created in the dataset.", - "title": "Id", - "type": "string" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The target column of the tooltip item.", + "title": "Column" }, - "Name": { - "markdownDescription": "The name of the decimal parameter that is created in the dataset.", - "title": "Name", + "Label": { + "markdownDescription": "The label of the tooltip item.", + "title": "Label", "type": "string" }, - "ValueType": { - "markdownDescription": "The value type of the dataset parameter. Valid values are `single value` or `multi value` .", - "title": "ValueType", + "TooltipTarget": { + "markdownDescription": "Determines the target of the column tooltip item in a combo chart visual.", + "title": "TooltipTarget", "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the tooltip item.", + "title": "Visibility", + "type": "object" } }, "required": [ - "Id", - "Name", - "ValueType" + "Column" ], "type": "object" }, - "AWS::QuickSight::DataSet.DecimalDatasetParameterDefaultValues": { + "AWS::QuickSight::Template.ComboChartAggregatedFieldWells": { "additionalProperties": false, "properties": { - "StaticValues": { + "BarValues": { "items": { - "type": "number" + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" }, - "markdownDescription": "A list of static default values for a given decimal parameter.", - "title": "StaticValues", + "markdownDescription": "The aggregated `BarValues` field well of a combo chart.", + "title": "BarValues", + "type": "array" + }, + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The aggregated category field wells of a combo chart.", + "title": "Category", + "type": "array" + }, + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The aggregated colors field well of a combo chart.", + "title": "Colors", + "type": "array" + }, + "LineValues": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The aggregated `LineValues` field well of a combo chart.", + "title": "LineValues", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::DataSet.FieldFolder": { + "AWS::QuickSight::Template.ComboChartConfiguration": { "additionalProperties": false, "properties": { - "Columns": { + "BarDataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.\n\nThe data label options for a bar in a combo chart.", + "title": "BarDataLabels" + }, + "BarsArrangement": { + "markdownDescription": "Determines the bar arrangement in a combo chart. The following are valid values in this structure:\n\n- `CLUSTERED` : For clustered bar combo charts.\n- `STACKED` : For stacked bar combo charts.\n- `STACKED_PERCENT` : Do not use. If you use this value, the operation returns a validation error.", + "title": "BarsArrangement", + "type": "string" + }, + "CategoryAxis": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The category axis of a combo chart.", + "title": "CategoryAxis" + }, + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart category (group/color) field well.", + "title": "CategoryLabelOptions" + }, + "ColorLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's color field well.", + "title": "ColorLabelOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.ComboChartFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "LineDataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.\n\nThe data label options for a line in a combo chart.", + "title": "LineDataLabels" + }, + "PrimaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, and axis step) of a combo chart's primary y-axis (bar) field well.", + "title": "PrimaryYAxisDisplayOptions" + }, + "PrimaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's primary y-axis (bar) field well.", + "title": "PrimaryYAxisLabelOptions" + }, + "ReferenceLines": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLine" }, - "markdownDescription": "A folder has a list of columns. A column can only be in one folder.", - "title": "Columns", + "markdownDescription": "The reference line setup of the visual.", + "title": "ReferenceLines", "type": "array" }, - "Description": { - "markdownDescription": "The description for a field folder.", - "title": "Description", - "type": "string" + "SecondaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) of a combo chart's secondary y-axis (line) field well.", + "title": "SecondaryYAxisDisplayOptions" + }, + "SecondaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's secondary y-axis(line) field well.", + "title": "SecondaryYAxisLabelOptions" + }, + "SingleAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SingleAxisOptions", + "markdownDescription": "", + "title": "SingleAxisOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ComboChartSortConfiguration", + "markdownDescription": "The sort configuration of a `ComboChartVisual` .", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Tooltip" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" } }, "type": "object" }, - "AWS::QuickSight::DataSet.FilterOperation": { + "AWS::QuickSight::Template.ComboChartFieldWells": { "additionalProperties": false, "properties": { - "ConditionExpression": { - "markdownDescription": "An expression that must evaluate to a Boolean value. Rows for which the expression evaluates to true are kept in the dataset.", - "title": "ConditionExpression", - "type": "string" + "ComboChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.ComboChartAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a combo chart. Combo charts only have aggregated field wells. Columns in a combo chart are aggregated by category.", + "title": "ComboChartAggregatedFieldWells" } }, - "required": [ - "ConditionExpression" - ], "type": "object" }, - "AWS::QuickSight::DataSet.GeoSpatialColumnGroup": { + "AWS::QuickSight::Template.ComboChartSortConfiguration": { "additionalProperties": false, "properties": { - "Columns": { + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The item limit configuration for the category field well of a combo chart.", + "title": "CategoryItemsLimit" + }, + "CategorySort": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" }, - "markdownDescription": "Columns in this hierarchy.", - "title": "Columns", + "markdownDescription": "The sort configuration of the category field well in a combo chart.", + "title": "CategorySort", "type": "array" }, - "CountryCode": { - "markdownDescription": "Country code.", - "title": "CountryCode", + "ColorItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The item limit configuration of the color field well in a combo chart.", + "title": "ColorItemsLimit" + }, + "ColorSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the color field well in a combo chart.", + "title": "ColorSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ComboChartVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ComboChartConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", "type": "string" }, - "Name": { - "markdownDescription": "A display name for the hierarchy.", - "title": "Name", + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", "type": "string" } }, "required": [ - "Columns", - "Name" + "VisualId" ], "type": "object" }, - "AWS::QuickSight::DataSet.IncrementalRefresh": { + "AWS::QuickSight::Template.ComparisonConfiguration": { "additionalProperties": false, "properties": { - "LookbackWindow": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.LookbackWindow", - "markdownDescription": "The lookback window setup for an incremental refresh configuration.", - "title": "LookbackWindow" + "ComparisonFormat": { + "$ref": "#/definitions/AWS::QuickSight::Template.ComparisonFormatConfiguration", + "markdownDescription": "The format of the comparison.", + "title": "ComparisonFormat" + }, + "ComparisonMethod": { + "markdownDescription": "The method of the comparison. Choose from the following options:\n\n- `DIFFERENCE`\n- `PERCENT_DIFFERENCE`\n- `PERCENT`", + "title": "ComparisonMethod", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::DataSet.IngestionWaitPolicy": { + "AWS::QuickSight::Template.ComparisonFormatConfiguration": { "additionalProperties": false, "properties": { - "IngestionWaitTimeInHours": { - "markdownDescription": "The maximum time (in hours) to wait for Ingestion to complete. Default timeout is 36 hours. Applicable only when `DataSetImportMode` mode is set to SPICE and `WaitForSpiceIngestion` is set to true.", - "title": "IngestionWaitTimeInHours", - "type": "number" + "NumberDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumberDisplayFormatConfiguration", + "markdownDescription": "The number display format.", + "title": "NumberDisplayFormatConfiguration" }, - "WaitForSpiceIngestion": { - "markdownDescription": "Wait for SPICE ingestion to finish to mark dataset creation or update as successful. Default (true). Applicable only when `DataSetImportMode` mode is set to SPICE.", - "title": "WaitForSpiceIngestion", - "type": "boolean" + "PercentageDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.PercentageDisplayFormatConfiguration", + "markdownDescription": "The percentage display format.", + "title": "PercentageDisplayFormatConfiguration" } }, "type": "object" }, - "AWS::QuickSight::DataSet.InputColumn": { + "AWS::QuickSight::Template.Computation": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of this column in the underlying data source.", - "title": "Name", - "type": "string" + "Forecast": { + "$ref": "#/definitions/AWS::QuickSight::Template.ForecastComputation", + "markdownDescription": "The forecast computation configuration.", + "title": "Forecast" }, - "SubType": { - "markdownDescription": "The sub data type of the column. Sub types are only available for decimal columns that are part of a SPICE dataset.", - "title": "SubType", - "type": "string" + "GrowthRate": { + "$ref": "#/definitions/AWS::QuickSight::Template.GrowthRateComputation", + "markdownDescription": "The growth rate computation configuration.", + "title": "GrowthRate" }, - "Type": { - "markdownDescription": "The data type of the column.", - "title": "Type", - "type": "string" + "MaximumMinimum": { + "$ref": "#/definitions/AWS::QuickSight::Template.MaximumMinimumComputation", + "markdownDescription": "The maximum and minimum computation configuration.", + "title": "MaximumMinimum" + }, + "MetricComparison": { + "$ref": "#/definitions/AWS::QuickSight::Template.MetricComparisonComputation", + "markdownDescription": "The metric comparison computation configuration.", + "title": "MetricComparison" + }, + "PeriodOverPeriod": { + "$ref": "#/definitions/AWS::QuickSight::Template.PeriodOverPeriodComputation", + "markdownDescription": "The period over period computation configuration.", + "title": "PeriodOverPeriod" + }, + "PeriodToDate": { + "$ref": "#/definitions/AWS::QuickSight::Template.PeriodToDateComputation", + "markdownDescription": "The period to `DataSetIdentifier` computation configuration.", + "title": "PeriodToDate" + }, + "TopBottomMovers": { + "$ref": "#/definitions/AWS::QuickSight::Template.TopBottomMoversComputation", + "markdownDescription": "The top movers and bottom movers computation configuration.", + "title": "TopBottomMovers" + }, + "TopBottomRanked": { + "$ref": "#/definitions/AWS::QuickSight::Template.TopBottomRankedComputation", + "markdownDescription": "The top ranked and bottom ranked computation configuration.", + "title": "TopBottomRanked" + }, + "TotalAggregation": { + "$ref": "#/definitions/AWS::QuickSight::Template.TotalAggregationComputation", + "markdownDescription": "The total aggregation computation configuration.", + "title": "TotalAggregation" + }, + "UniqueValues": { + "$ref": "#/definitions/AWS::QuickSight::Template.UniqueValuesComputation", + "markdownDescription": "The unique values computation configuration.", + "title": "UniqueValues" } }, - "required": [ - "Name", - "Type" - ], "type": "object" }, - "AWS::QuickSight::DataSet.IntegerDatasetParameter": { + "AWS::QuickSight::Template.ConditionalFormattingColor": { "additionalProperties": false, "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.IntegerDatasetParameterDefaultValues", - "markdownDescription": "A list of default values for a given integer parameter. This structure only accepts static values.", - "title": "DefaultValues" + "Gradient": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingGradientColor", + "markdownDescription": "Formatting configuration for gradient color.", + "title": "Gradient" }, - "Id": { - "markdownDescription": "An identifier for the integer parameter created in the dataset.", - "title": "Id", + "Solid": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingSolidColor", + "markdownDescription": "Formatting configuration for solid color.", + "title": "Solid" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ConditionalFormattingCustomIconCondition": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "Determines the color of the icon.", + "title": "Color", "type": "string" }, - "Name": { - "markdownDescription": "The name of the integer parameter that is created in the dataset.", - "title": "Name", - "type": "string" + "DisplayConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIconDisplayConfiguration", + "markdownDescription": "Determines the icon display configuration.", + "title": "DisplayConfiguration" }, - "ValueType": { - "markdownDescription": "The value type of the dataset parameter. Valid values are `single value` or `multi value` .", - "title": "ValueType", + "Expression": { + "markdownDescription": "The expression that determines the condition of the icon set.", + "title": "Expression", "type": "string" + }, + "IconOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingCustomIconOptions", + "markdownDescription": "Custom icon options for an icon set.", + "title": "IconOptions" } }, "required": [ - "Id", - "Name", - "ValueType" + "Expression", + "IconOptions" ], "type": "object" }, - "AWS::QuickSight::DataSet.IntegerDatasetParameterDefaultValues": { + "AWS::QuickSight::Template.ConditionalFormattingCustomIconOptions": { "additionalProperties": false, "properties": { - "StaticValues": { - "items": { - "type": "number" - }, - "markdownDescription": "A list of static default values for a given integer parameter.", - "title": "StaticValues", - "type": "array" + "Icon": { + "markdownDescription": "Determines the type of icon.", + "title": "Icon", + "type": "string" + }, + "UnicodeIcon": { + "markdownDescription": "Determines the Unicode icon type.", + "title": "UnicodeIcon", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::DataSet.JoinInstruction": { + "AWS::QuickSight::Template.ConditionalFormattingGradientColor": { "additionalProperties": false, "properties": { - "LeftJoinKeyProperties": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.JoinKeyProperties", - "markdownDescription": "Join key properties of the left operand.", - "title": "LeftJoinKeyProperties" - }, - "LeftOperand": { - "markdownDescription": "The operand on the left side of a join.", - "title": "LeftOperand", - "type": "string" - }, - "OnClause": { - "markdownDescription": "The join instructions provided in the `ON` clause of a join.", - "title": "OnClause", - "type": "string" - }, - "RightJoinKeyProperties": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.JoinKeyProperties", - "markdownDescription": "Join key properties of the right operand.", - "title": "RightJoinKeyProperties" - }, - "RightOperand": { - "markdownDescription": "The operand on the right side of a join.", - "title": "RightOperand", - "type": "string" + "Color": { + "$ref": "#/definitions/AWS::QuickSight::Template.GradientColor", + "markdownDescription": "Determines the color.", + "title": "Color" }, - "Type": { - "markdownDescription": "The type of join that it is.", - "title": "Type", + "Expression": { + "markdownDescription": "The expression that determines the formatting configuration for gradient color.", + "title": "Expression", "type": "string" } }, "required": [ - "LeftOperand", - "OnClause", - "RightOperand", - "Type" + "Color", + "Expression" ], "type": "object" }, - "AWS::QuickSight::DataSet.JoinKeyProperties": { + "AWS::QuickSight::Template.ConditionalFormattingIcon": { "additionalProperties": false, "properties": { - "UniqueKey": { - "markdownDescription": "A value that indicates that a row in a table is uniquely identified by the columns in a join key. This is used by QuickSight to optimize query performance.", - "title": "UniqueKey", - "type": "boolean" + "CustomCondition": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingCustomIconCondition", + "markdownDescription": "Determines the custom condition for an icon set.", + "title": "CustomCondition" + }, + "IconSet": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIconSet", + "markdownDescription": "Formatting configuration for icon set.", + "title": "IconSet" } }, "type": "object" }, - "AWS::QuickSight::DataSet.LogicalTable": { + "AWS::QuickSight::Template.ConditionalFormattingIconDisplayConfiguration": { "additionalProperties": false, "properties": { - "Alias": { - "markdownDescription": "A display name for the logical table.", - "title": "Alias", + "IconDisplayOption": { + "markdownDescription": "Determines the icon display configuration.", + "title": "IconDisplayOption", "type": "string" - }, - "DataTransforms": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.TransformOperation" - }, - "markdownDescription": "Transform operations that act on this logical table. For this structure to be valid, only one of the attributes can be non-null.", - "title": "DataTransforms", - "type": "array" - }, - "Source": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.LogicalTableSource", - "markdownDescription": "Source of this logical table.", - "title": "Source" } }, - "required": [ - "Alias", - "Source" - ], "type": "object" }, - "AWS::QuickSight::DataSet.LogicalTableSource": { + "AWS::QuickSight::Template.ConditionalFormattingIconSet": { "additionalProperties": false, "properties": { - "DataSetArn": { - "markdownDescription": "The Amazon Resource Number (ARN) of the parent dataset.", - "title": "DataSetArn", + "Expression": { + "markdownDescription": "The expression that determines the formatting configuration for the icon set.", + "title": "Expression", "type": "string" }, - "JoinInstruction": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.JoinInstruction", - "markdownDescription": "Specifies the result of a join of two logical tables.", - "title": "JoinInstruction" - }, - "PhysicalTableId": { - "markdownDescription": "Physical table ID.", - "title": "PhysicalTableId", + "IconSetType": { + "markdownDescription": "Determines the icon set type.", + "title": "IconSetType", "type": "string" } }, + "required": [ + "Expression" + ], "type": "object" }, - "AWS::QuickSight::DataSet.LookbackWindow": { + "AWS::QuickSight::Template.ConditionalFormattingSolidColor": { "additionalProperties": false, "properties": { - "ColumnName": { - "markdownDescription": "The name of the lookback window column.", - "title": "ColumnName", + "Color": { + "markdownDescription": "Determines the color.", + "title": "Color", "type": "string" }, - "Size": { - "markdownDescription": "The lookback window column size.", - "title": "Size", - "type": "number" - }, - "SizeUnit": { - "markdownDescription": "The size unit that is used for the lookback window column. Valid values for this structure are `HOUR` , `DAY` , and `WEEK` .", - "title": "SizeUnit", + "Expression": { + "markdownDescription": "The expression that determines the formatting configuration for solid color.", + "title": "Expression", + "type": "string" + } + }, + "required": [ + "Expression" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ContextMenuOption": { + "additionalProperties": false, + "properties": { + "AvailabilityStatus": { + "markdownDescription": "The availability status of the context menu options. If the value of this property is set to `ENABLED` , dashboard readers can interact with the context menu.", + "title": "AvailabilityStatus", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::DataSet.NewDefaultValues": { + "AWS::QuickSight::Template.ContributionAnalysisDefault": { "additionalProperties": false, "properties": { - "DateTimeStaticValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of static default values for a given date time parameter. The valid format for this property is `yyyy-MM-dd\u2019T\u2019HH:mm:ss\u2019Z\u2019` .", - "title": "DateTimeStaticValues", - "type": "array" - }, - "DecimalStaticValues": { - "items": { - "type": "number" - }, - "markdownDescription": "A list of static default values for a given decimal parameter.", - "title": "DecimalStaticValues", - "type": "array" - }, - "IntegerStaticValues": { + "ContributorDimensions": { "items": { - "type": "number" + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier" }, - "markdownDescription": "A list of static default values for a given integer parameter.", - "title": "IntegerStaticValues", + "markdownDescription": "The dimensions columns that are used in the contribution analysis, usually a list of `ColumnIdentifiers` .", + "title": "ContributorDimensions", "type": "array" }, - "StringStaticValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of static default values for a given string parameter.", - "title": "StringStaticValues", - "type": "array" + "MeasureFieldId": { + "markdownDescription": "The measure field that is used in the contribution analysis.", + "title": "MeasureFieldId", + "type": "string" } }, + "required": [ + "ContributorDimensions", + "MeasureFieldId" + ], "type": "object" }, - "AWS::QuickSight::DataSet.OutputColumn": { + "AWS::QuickSight::Template.CurrencyDisplayFormatConfiguration": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description for a column.", - "title": "Description", + "DecimalPlacesConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DecimalPlacesConfiguration", + "markdownDescription": "The option that determines the decimal places configuration.", + "title": "DecimalPlacesConfiguration" + }, + "NegativeValueConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NegativeValueConfiguration", + "markdownDescription": "The options that determine the negative value configuration.", + "title": "NegativeValueConfiguration" + }, + "NullValueFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NullValueFormatConfiguration", + "markdownDescription": "The options that determine the null value format configuration.", + "title": "NullValueFormatConfiguration" + }, + "NumberScale": { + "markdownDescription": "Determines the number scale value for the currency format.", + "title": "NumberScale", "type": "string" }, - "Name": { - "markdownDescription": "The display name of the column..", - "title": "Name", + "Prefix": { + "markdownDescription": "Determines the prefix value of the currency format.", + "title": "Prefix", "type": "string" }, - "SubType": { - "markdownDescription": "The sub data type of the column.", - "title": "SubType", + "SeparatorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericSeparatorConfiguration", + "markdownDescription": "The options that determine the numeric separator configuration.", + "title": "SeparatorConfiguration" + }, + "Suffix": { + "markdownDescription": "Determines the suffix value of the currency format.", + "title": "Suffix", "type": "string" }, - "Type": { - "markdownDescription": "The data type of the column.", - "title": "Type", + "Symbol": { + "markdownDescription": "Determines the symbol for the currency format.", + "title": "Symbol", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::DataSet.OverrideDatasetParameterOperation": { + "AWS::QuickSight::Template.CustomActionFilterOperation": { "additionalProperties": false, "properties": { - "NewDefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.NewDefaultValues", - "markdownDescription": "The new default values for the parameter.", - "title": "NewDefaultValues" - }, - "NewParameterName": { - "markdownDescription": "The new name for the parameter.", - "title": "NewParameterName", - "type": "string" + "SelectedFieldsConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterOperationSelectedFieldsConfiguration", + "markdownDescription": "The configuration that chooses the fields to be filtered.", + "title": "SelectedFieldsConfiguration" }, - "ParameterName": { - "markdownDescription": "The name of the parameter to be overridden with different values.", - "title": "ParameterName", - "type": "string" + "TargetVisualsConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterOperationTargetVisualsConfiguration", + "markdownDescription": "The configuration that chooses the target visuals to be filtered.", + "title": "TargetVisualsConfiguration" } }, "required": [ - "ParameterName" + "SelectedFieldsConfiguration", + "TargetVisualsConfiguration" ], "type": "object" }, - "AWS::QuickSight::DataSet.PhysicalTable": { + "AWS::QuickSight::Template.CustomActionNavigationOperation": { "additionalProperties": false, "properties": { - "CustomSql": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.CustomSql", - "markdownDescription": "A physical table type built from the results of the custom SQL query.", - "title": "CustomSql" - }, - "RelationalTable": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.RelationalTable", - "markdownDescription": "A physical table type for relational data sources.", - "title": "RelationalTable" - }, - "S3Source": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.S3Source", - "markdownDescription": "A physical table type for as S3 data source.", - "title": "S3Source" + "LocalNavigationConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.LocalNavigationConfiguration", + "markdownDescription": "The configuration that chooses the navigation target.", + "title": "LocalNavigationConfiguration" } }, "type": "object" }, - "AWS::QuickSight::DataSet.ProjectOperation": { + "AWS::QuickSight::Template.CustomActionSetParametersOperation": { "additionalProperties": false, "properties": { - "ProjectedColumns": { + "ParameterValueConfigurations": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Template.SetParameterValueConfiguration" }, - "markdownDescription": "Projected columns.", - "title": "ProjectedColumns", + "markdownDescription": "The parameter that determines the value configuration.", + "title": "ParameterValueConfigurations", "type": "array" } }, "required": [ - "ProjectedColumns" + "ParameterValueConfigurations" ], "type": "object" }, - "AWS::QuickSight::DataSet.RefreshConfiguration": { + "AWS::QuickSight::Template.CustomActionURLOperation": { "additionalProperties": false, "properties": { - "IncrementalRefresh": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.IncrementalRefresh", - "markdownDescription": "The incremental refresh for the dataset.", - "title": "IncrementalRefresh" + "URLTarget": { + "markdownDescription": "The target of the `CustomActionURLOperation` .\n\nValid values are defined as follows:\n\n- `NEW_TAB` : Opens the target URL in a new browser tab.\n- `NEW_WINDOW` : Opens the target URL in a new browser window.\n- `SAME_TAB` : Opens the target URL in the same browser tab.", + "title": "URLTarget", + "type": "string" + }, + "URLTemplate": { + "markdownDescription": "THe URL link of the `CustomActionURLOperation` .", + "title": "URLTemplate", + "type": "string" } }, + "required": [ + "URLTarget", + "URLTemplate" + ], "type": "object" }, - "AWS::QuickSight::DataSet.RelationalTable": { + "AWS::QuickSight::Template.CustomColor": { "additionalProperties": false, "properties": { - "Catalog": { - "markdownDescription": "The catalog associated with a table.", - "title": "Catalog", - "type": "string" - }, - "DataSourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the data source.", - "title": "DataSourceArn", + "Color": { + "markdownDescription": "The color that is applied to the data value.", + "title": "Color", "type": "string" }, - "InputColumns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.InputColumn" - }, - "markdownDescription": "The column schema of the table.", - "title": "InputColumns", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the relational table.", - "title": "Name", + "FieldValue": { + "markdownDescription": "The data value that the color is applied to.", + "title": "FieldValue", "type": "string" }, - "Schema": { - "markdownDescription": "The schema name. This name applies to certain relational database engines.", - "title": "Schema", + "SpecialValue": { + "markdownDescription": "The value of a special data value.", + "title": "SpecialValue", "type": "string" } }, "required": [ - "DataSourceArn", - "InputColumns", - "Name" + "Color" ], "type": "object" }, - "AWS::QuickSight::DataSet.RenameColumnOperation": { + "AWS::QuickSight::Template.CustomContentConfiguration": { "additionalProperties": false, "properties": { - "ColumnName": { - "markdownDescription": "The name of the column to be renamed.", - "title": "ColumnName", + "ContentType": { + "markdownDescription": "The content type of the custom content visual. You can use this to have the visual render as an image.", + "title": "ContentType", "type": "string" }, - "NewColumnName": { - "markdownDescription": "The new name for the column.", - "title": "NewColumnName", + "ContentUrl": { + "markdownDescription": "The input URL that links to the custom content that you want in the custom visual.", + "title": "ContentUrl", + "type": "string" + }, + "ImageScaling": { + "markdownDescription": "The sizing options for the size of the custom content visual. This structure is required when the `ContentType` of the visual is `'IMAGE'` .", + "title": "ImageScaling", "type": "string" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" } }, - "required": [ - "ColumnName", - "NewColumnName" - ], "type": "object" }, - "AWS::QuickSight::DataSet.ResourcePermission": { + "AWS::QuickSight::Template.CustomContentVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" }, - "markdownDescription": "The IAM action to grant or revoke permisions on", + "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, - "Principal": { - "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", - "title": "Principal", + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomContentConfiguration", + "markdownDescription": "The configuration of a `CustomContentVisual` .", + "title": "ChartConfiguration" + }, + "DataSetIdentifier": { + "markdownDescription": "The dataset that is used to create the custom content visual. You can't create a visual without a dataset.", + "title": "DataSetIdentifier", + "type": "string" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", "type": "string" } }, "required": [ - "Actions", - "Principal" + "DataSetIdentifier", + "VisualId" ], "type": "object" }, - "AWS::QuickSight::DataSet.RowLevelPermissionDataSet": { + "AWS::QuickSight::Template.CustomFilterConfiguration": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the dataset that contains permissions for RLS.", - "title": "Arn", + "CategoryValue": { + "markdownDescription": "The category value for the filter.\n\nThis field is mutually exclusive to `ParameterName` .", + "title": "CategoryValue", "type": "string" }, - "FormatVersion": { - "markdownDescription": "The user or group rules associated with the dataset that contains permissions for RLS.\n\nBy default, `FormatVersion` is `VERSION_1` . When `FormatVersion` is `VERSION_1` , `UserName` and `GroupName` are required. When `FormatVersion` is `VERSION_2` , `UserARN` and `GroupARN` are required, and `Namespace` must not exist.", - "title": "FormatVersion", + "MatchOperator": { + "markdownDescription": "The match operator that is used to determine if a filter should be applied.", + "title": "MatchOperator", "type": "string" }, - "Namespace": { - "markdownDescription": "The namespace associated with the dataset that contains permissions for RLS.", - "title": "Namespace", + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", "type": "string" }, - "PermissionPolicy": { - "markdownDescription": "The type of permissions to use when interpreting the permissions for RLS. `DENY_ACCESS` is included for backward compatibility only.", - "title": "PermissionPolicy", + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `CategoryValue` .", + "title": "ParameterName", "type": "string" }, - "Status": { - "markdownDescription": "The status of the row-level security permission dataset. If enabled, the status is `ENABLED` . If disabled, the status is `DISABLED` .", - "title": "Status", + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", "type": "string" } }, "required": [ - "Arn", - "PermissionPolicy" + "MatchOperator", + "NullOption" ], "type": "object" }, - "AWS::QuickSight::DataSet.RowLevelPermissionTagConfiguration": { + "AWS::QuickSight::Template.CustomFilterListConfiguration": { "additionalProperties": false, "properties": { - "Status": { - "markdownDescription": "The status of row-level security tags. If enabled, the status is `ENABLED` . If disabled, the status is `DISABLED` .", - "title": "Status", - "type": "string" - }, - "TagRuleConfigurations": { - "markdownDescription": "The configuration of tags on a dataset to set row-level security.", - "title": "TagRuleConfigurations", - "type": "object" - }, - "TagRules": { + "CategoryValues": { "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.RowLevelPermissionTagRule" + "type": "string" }, - "markdownDescription": "A set of rules associated with row-level security, such as the tag names and columns that they are assigned to.", - "title": "TagRules", + "markdownDescription": "The list of category values for the filter.", + "title": "CategoryValues", "type": "array" - } - }, - "required": [ - "TagRules" - ], - "type": "object" - }, - "AWS::QuickSight::DataSet.RowLevelPermissionTagRule": { - "additionalProperties": false, - "properties": { - "ColumnName": { - "markdownDescription": "The column name that a tag key is assigned to.", - "title": "ColumnName", - "type": "string" }, - "MatchAllValue": { - "markdownDescription": "A string that you want to use to filter by all the values in a column in the dataset and don\u2019t want to list the values one by one. For example, you can use an asterisk as your match all value.", - "title": "MatchAllValue", + "MatchOperator": { + "markdownDescription": "The match operator that is used to determine if a filter should be applied.", + "title": "MatchOperator", "type": "string" }, - "TagKey": { - "markdownDescription": "The unique key for a tag.", - "title": "TagKey", + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", "type": "string" }, - "TagMultiValueDelimiter": { - "markdownDescription": "A string that you want to use to delimit the values when you pass the values at run time. For example, you can delimit the values with a comma.", - "title": "TagMultiValueDelimiter", + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", "type": "string" } }, "required": [ - "ColumnName", - "TagKey" + "MatchOperator", + "NullOption" ], "type": "object" }, - "AWS::QuickSight::DataSet.S3Source": { + "AWS::QuickSight::Template.CustomNarrativeOptions": { "additionalProperties": false, "properties": { - "DataSourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the data source.", - "title": "DataSourceArn", + "Narrative": { + "markdownDescription": "The string input of custom narrative.", + "title": "Narrative", "type": "string" - }, - "InputColumns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.InputColumn" - }, - "markdownDescription": "A physical table type for an S3 data source.\n\n> For files that aren't JSON, only `STRING` data types are supported in input columns.", - "title": "InputColumns", - "type": "array" - }, - "UploadSettings": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.UploadSettings", - "markdownDescription": "Information about the format for the S3 source file or files.", - "title": "UploadSettings" } }, "required": [ - "DataSourceArn", - "InputColumns" + "Narrative" ], "type": "object" }, - "AWS::QuickSight::DataSet.StringDatasetParameter": { + "AWS::QuickSight::Template.CustomParameterValues": { "additionalProperties": false, "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.StringDatasetParameterDefaultValues", - "markdownDescription": "A list of default values for a given string dataset parameter type. This structure only accepts static values.", - "title": "DefaultValues" + "DateTimeValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of datetime-type parameter values.", + "title": "DateTimeValues", + "type": "array" }, - "Id": { - "markdownDescription": "An identifier for the string parameter that is created in the dataset.", - "title": "Id", - "type": "string" + "DecimalValues": { + "items": { + "type": "number" + }, + "markdownDescription": "A list of decimal-type parameter values.", + "title": "DecimalValues", + "type": "array" }, - "Name": { - "markdownDescription": "The name of the string parameter that is created in the dataset.", - "title": "Name", - "type": "string" + "IntegerValues": { + "items": { + "type": "number" + }, + "markdownDescription": "A list of integer-type parameter values.", + "title": "IntegerValues", + "type": "array" }, - "ValueType": { - "markdownDescription": "The value type of the dataset parameter. Valid values are `single value` or `multi value` .", - "title": "ValueType", - "type": "string" + "StringValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of string-type parameter values.", + "title": "StringValues", + "type": "array" } }, - "required": [ - "Id", - "Name", - "ValueType" - ], "type": "object" }, - "AWS::QuickSight::DataSet.StringDatasetParameterDefaultValues": { + "AWS::QuickSight::Template.CustomValuesConfiguration": { "additionalProperties": false, "properties": { - "StaticValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of static default values for a given string parameter.", - "title": "StaticValues", - "type": "array" + "CustomValues": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomParameterValues", + "markdownDescription": "", + "title": "CustomValues" + }, + "IncludeNullValue": { + "markdownDescription": "Includes the null value in custom action parameter values.", + "title": "IncludeNullValue", + "type": "boolean" } }, + "required": [ + "CustomValues" + ], "type": "object" }, - "AWS::QuickSight::DataSet.TagColumnOperation": { + "AWS::QuickSight::Template.DataBarsOptions": { "additionalProperties": false, "properties": { - "ColumnName": { - "markdownDescription": "The column that this operation acts on.", - "title": "ColumnName", + "FieldId": { + "markdownDescription": "The field ID for the data bars options.", + "title": "FieldId", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.ColumnTag" - }, - "markdownDescription": "The dataset column tag, currently only used for geospatial type tagging.\n\n> This is not tags for the AWS tagging feature.", - "title": "Tags", - "type": "array" + "NegativeColor": { + "markdownDescription": "The color of the negative data bar.", + "title": "NegativeColor", + "type": "string" + }, + "PositiveColor": { + "markdownDescription": "The color of the positive data bar.", + "title": "PositiveColor", + "type": "string" } }, "required": [ - "ColumnName", - "Tags" + "FieldId" ], "type": "object" }, - "AWS::QuickSight::DataSet.TransformOperation": { + "AWS::QuickSight::Template.DataColor": { "additionalProperties": false, "properties": { - "CastColumnTypeOperation": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.CastColumnTypeOperation", - "markdownDescription": "A transform operation that casts a column to a different type.", - "title": "CastColumnTypeOperation" - }, - "CreateColumnsOperation": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.CreateColumnsOperation", - "markdownDescription": "An operation that creates calculated columns. Columns created in one such operation form a lexical closure.", - "title": "CreateColumnsOperation" - }, - "FilterOperation": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.FilterOperation", - "markdownDescription": "An operation that filters rows based on some condition.", - "title": "FilterOperation" - }, - "OverrideDatasetParameterOperation": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.OverrideDatasetParameterOperation", - "markdownDescription": "A transform operation that overrides the dataset parameter values that are defined in another dataset.", - "title": "OverrideDatasetParameterOperation" - }, - "ProjectOperation": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.ProjectOperation", - "markdownDescription": "An operation that projects columns. Operations that come after a projection can only refer to projected columns.", - "title": "ProjectOperation" - }, - "RenameColumnOperation": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.RenameColumnOperation", - "markdownDescription": "An operation that renames a column.", - "title": "RenameColumnOperation" + "Color": { + "markdownDescription": "The color that is applied to the data value.", + "title": "Color", + "type": "string" }, - "TagColumnOperation": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.TagColumnOperation", - "markdownDescription": "An operation that tags a column with additional information.", - "title": "TagColumnOperation" + "DataValue": { + "markdownDescription": "The data value that the color is applied to.", + "title": "DataValue", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::DataSet.UploadSettings": { + "AWS::QuickSight::Template.DataFieldSeriesItem": { "additionalProperties": false, "properties": { - "ContainsHeader": { - "markdownDescription": "Whether the file has a header row, or the files each have a header row.", - "title": "ContainsHeader", - "type": "boolean" - }, - "Delimiter": { - "markdownDescription": "The delimiter between values in the file.", - "title": "Delimiter", + "AxisBinding": { + "markdownDescription": "The axis that you are binding the field to.", + "title": "AxisBinding", "type": "string" }, - "Format": { - "markdownDescription": "File format.", - "title": "Format", + "FieldId": { + "markdownDescription": "The field ID of the field that you are setting the axis binding to.", + "title": "FieldId", "type": "string" }, - "StartFromRow": { - "markdownDescription": "A row number to start reading data from.", - "title": "StartFromRow", - "type": "number" - }, - "TextQualifier": { - "markdownDescription": "Text qualifier.", - "title": "TextQualifier", + "FieldValue": { + "markdownDescription": "The field value of the field that you are setting the axis binding to.", + "title": "FieldValue", "type": "string" + }, + "Settings": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineChartSeriesSettings", + "markdownDescription": "The options that determine the presentation of line series associated to the field.", + "title": "Settings" } }, + "required": [ + "AxisBinding", + "FieldId" + ], "type": "object" }, - "AWS::QuickSight::DataSource": { + "AWS::QuickSight::Template.DataLabelOptions": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "CategoryLabelVisibility": { + "markdownDescription": "Determines the visibility of the category field labels.", + "title": "CategoryLabelVisibility", + "type": "object" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DataLabelTypes": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelType" + }, + "markdownDescription": "The option that determines the data label type.", + "title": "DataLabelTypes", + "type": "array" + }, + "LabelColor": { + "markdownDescription": "Determines the color of the data labels.", + "title": "LabelColor", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "LabelContent": { + "markdownDescription": "Determines the content of the data labels.", + "title": "LabelContent", + "type": "string" }, - "Metadata": { - "type": "object" + "LabelFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "markdownDescription": "Determines the font configuration of the data labels.", + "title": "LabelFontConfiguration" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AlternateDataSourceParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.DataSourceParameters" - }, - "markdownDescription": "A set of alternate data source parameters that you want to share for the credentials stored with this data source. The credentials are applied in tandem with the data source parameters when you copy a data source by using a create or update request. The API operation compares the `DataSourceParameters` structure that's in the request with the structures in the `AlternateDataSourceParameters` allow list. If the structures are an exact match, the request is allowed to use the credentials from this existing data source. If the `AlternateDataSourceParameters` list is null, the `Credentials` originally used with this `DataSourceParameters` are automatically allowed.", - "title": "AlternateDataSourceParameters", - "type": "array" - }, - "AwsAccountId": { - "markdownDescription": "The AWS account ID.", - "title": "AwsAccountId", - "type": "string" - }, - "Credentials": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.DataSourceCredentials", - "markdownDescription": "The credentials Amazon QuickSight that uses to connect to your underlying source. Currently, only credentials based on user name and password are supported.", - "title": "Credentials" - }, - "DataSourceId": { - "markdownDescription": "An ID for the data source. This ID is unique per AWS Region for each AWS account.", - "title": "DataSourceId", - "type": "string" - }, - "DataSourceParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.DataSourceParameters", - "markdownDescription": "The parameters that Amazon QuickSight uses to connect to your underlying source.", - "title": "DataSourceParameters" - }, - "ErrorInfo": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.DataSourceErrorInfo", - "markdownDescription": "Error information from the last update or the creation of the data source.", - "title": "ErrorInfo" - }, - "Name": { - "markdownDescription": "A display name for the data source.", - "title": "Name", - "type": "string" - }, - "Permissions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.ResourcePermission" - }, - "markdownDescription": "A list of resource permissions on the data source.", - "title": "Permissions", - "type": "array" - }, - "SslProperties": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.SslProperties", - "markdownDescription": "Secure Socket Layer (SSL) properties that apply when Amazon QuickSight connects to your underlying source.", - "title": "SslProperties" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Contains a map of the key-value pairs for the resource tag or tags assigned to the data source.", - "title": "Tags", - "type": "array" - }, - "Type": { - "markdownDescription": "The type of the data source. To return a list of all data sources, use `ListDataSources` .\n\nUse `AMAZON_ELASTICSEARCH` for Amazon OpenSearch Service.", - "title": "Type", - "type": "string" - }, - "VpcConnectionProperties": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.VpcConnectionProperties", - "markdownDescription": "Use this parameter only when you want Amazon QuickSight to use a VPC connection when connecting to your underlying source.", - "title": "VpcConnectionProperties" - } - }, + "MeasureLabelVisibility": { + "markdownDescription": "Determines the visibility of the measure field labels.", + "title": "MeasureLabelVisibility", "type": "object" }, - "Type": { - "enum": [ - "AWS::QuickSight::DataSource" - ], + "Overlap": { + "markdownDescription": "Determines whether overlap is enabled or disabled for the data labels.", + "title": "Overlap", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Position": { + "markdownDescription": "Determines the position of the data labels.", + "title": "Position", "type": "string" + }, + "TotalsVisibility": { + "markdownDescription": "Determines the visibility of the total.", + "title": "TotalsVisibility", + "type": "object" + }, + "Visibility": { + "markdownDescription": "Determines the visibility of the data labels.", + "title": "Visibility", + "type": "object" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::QuickSight::DataSource.AmazonElasticsearchParameters": { + "AWS::QuickSight::Template.DataLabelType": { "additionalProperties": false, "properties": { - "Domain": { - "markdownDescription": "The OpenSearch domain.", - "title": "Domain", - "type": "string" + "DataPathLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataPathLabelType", + "markdownDescription": "The option that specifies individual data values for labels.", + "title": "DataPathLabelType" + }, + "FieldLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldLabelType", + "markdownDescription": "Determines the label configuration for the entire field.", + "title": "FieldLabelType" + }, + "MaximumLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Template.MaximumLabelType", + "markdownDescription": "Determines the label configuration for the maximum value in a visual.", + "title": "MaximumLabelType" + }, + "MinimumLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Template.MinimumLabelType", + "markdownDescription": "Determines the label configuration for the minimum value in a visual.", + "title": "MinimumLabelType" + }, + "RangeEndsLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Template.RangeEndsLabelType", + "markdownDescription": "Determines the label configuration for range end value in a visual.", + "title": "RangeEndsLabelType" } }, - "required": [ - "Domain" - ], "type": "object" }, - "AWS::QuickSight::DataSource.AmazonOpenSearchParameters": { + "AWS::QuickSight::Template.DataPathColor": { "additionalProperties": false, "properties": { - "Domain": { - "markdownDescription": "The OpenSearch domain.", - "title": "Domain", + "Color": { + "markdownDescription": "The color that needs to be applied to the element.", + "title": "Color", + "type": "string" + }, + "Element": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataPathValue", + "markdownDescription": "The element that the color needs to be applied to.", + "title": "Element" + }, + "TimeGranularity": { + "markdownDescription": "The time granularity of the field that the color needs to be applied to.", + "title": "TimeGranularity", "type": "string" } }, "required": [ - "Domain" + "Color", + "Element" ], "type": "object" }, - "AWS::QuickSight::DataSource.AthenaParameters": { + "AWS::QuickSight::Template.DataPathLabelType": { "additionalProperties": false, "properties": { - "RoleArn": { - "markdownDescription": "Use the `RoleArn` structure to override an account-wide role for a specific Athena data source. For example, say an account administrator has turned off all Athena access with an account-wide role. The administrator can then use `RoleArn` to bypass the account-wide role and allow Athena access for the single Athena data source that is specified in the structure, even if the account-wide role forbidding Athena access is still active.", - "title": "RoleArn", + "FieldId": { + "markdownDescription": "The field ID of the field that the data label needs to be applied to.", + "title": "FieldId", "type": "string" }, - "WorkGroup": { - "markdownDescription": "The workgroup that Amazon Athena uses.", - "title": "WorkGroup", + "FieldValue": { + "markdownDescription": "The actual value of the field that is labeled.", + "title": "FieldValue", "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the data label.", + "title": "Visibility", + "type": "object" } }, "type": "object" }, - "AWS::QuickSight::DataSource.AuroraParameters": { + "AWS::QuickSight::Template.DataPathSort": { "additionalProperties": false, "properties": { - "Database": { - "markdownDescription": "Database.", - "title": "Database", - "type": "string" - }, - "Host": { - "markdownDescription": "Host.", - "title": "Host", + "Direction": { + "markdownDescription": "Determines the sort direction.", + "title": "Direction", "type": "string" }, - "Port": { - "markdownDescription": "Port.", - "title": "Port", - "type": "number" + "SortPaths": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataPathValue" + }, + "markdownDescription": "The list of data paths that need to be sorted.", + "title": "SortPaths", + "type": "array" } }, "required": [ - "Database", - "Host", - "Port" + "Direction", + "SortPaths" ], "type": "object" }, - "AWS::QuickSight::DataSource.AuroraPostgreSqlParameters": { + "AWS::QuickSight::Template.DataPathType": { "additionalProperties": false, "properties": { - "Database": { - "markdownDescription": "The Amazon Aurora PostgreSQL database to connect to.", - "title": "Database", - "type": "string" - }, - "Host": { - "markdownDescription": "The Amazon Aurora PostgreSQL-Compatible host to connect to.", - "title": "Host", + "PivotTableDataPathType": { + "markdownDescription": "The type of data path value utilized in a pivot table. Choose one of the following options:\n\n- `HIERARCHY_ROWS_LAYOUT_COLUMN` - The type of data path for the rows layout column, when `RowsLayout` is set to `HIERARCHY` .\n- `MULTIPLE_ROW_METRICS_COLUMN` - The type of data path for the metric column when the row is set to Metric Placement.\n- `EMPTY_COLUMN_HEADER` - The type of data path for the column with empty column header, when there is no field in `ColumnsFieldWell` and the row is set to Metric Placement.\n- `COUNT_METRIC_COLUMN` - The type of data path for the column with `COUNT` as the metric, when there is no field in the `ValuesFieldWell` .", + "title": "PivotTableDataPathType", "type": "string" - }, - "Port": { - "markdownDescription": "The port that Amazon Aurora PostgreSQL is listening on.", - "title": "Port", - "type": "number" } }, - "required": [ - "Database", - "Host", - "Port" - ], "type": "object" }, - "AWS::QuickSight::DataSource.CredentialPair": { + "AWS::QuickSight::Template.DataPathValue": { "additionalProperties": false, "properties": { - "AlternateDataSourceParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.DataSourceParameters" - }, - "markdownDescription": "A set of alternate data source parameters that you want to share for these credentials. The credentials are applied in tandem with the data source parameters when you copy a data source by using a create or update request. The API operation compares the `DataSourceParameters` structure that's in the request with the structures in the `AlternateDataSourceParameters` allow list. If the structures are an exact match, the request is allowed to use the new data source with the existing credentials. If the `AlternateDataSourceParameters` list is null, the `DataSourceParameters` originally used with these `Credentials` is automatically allowed.", - "title": "AlternateDataSourceParameters", - "type": "array" + "DataPathType": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataPathType", + "markdownDescription": "The type configuration of the field.", + "title": "DataPathType" }, - "Password": { - "markdownDescription": "Password.", - "title": "Password", + "FieldId": { + "markdownDescription": "The field ID of the field that needs to be sorted.", + "title": "FieldId", "type": "string" }, - "Username": { - "markdownDescription": "User name.", - "title": "Username", + "FieldValue": { + "markdownDescription": "The actual value of the field that needs to be sorted.", + "title": "FieldValue", "type": "string" } }, - "required": [ - "Password", - "Username" - ], "type": "object" }, - "AWS::QuickSight::DataSource.DataSourceCredentials": { + "AWS::QuickSight::Template.DataSetConfiguration": { "additionalProperties": false, "properties": { - "CopySourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of a data source that has the credential pair that you want to use. When `CopySourceArn` is not null, the credential pair from the data source in the ARN is used as the credentials for the `DataSourceCredentials` structure.", - "title": "CopySourceArn", - "type": "string" + "ColumnGroupSchemaList": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnGroupSchema" + }, + "markdownDescription": "A structure containing the list of column group schemas.", + "title": "ColumnGroupSchemaList", + "type": "array" }, - "CredentialPair": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.CredentialPair", - "markdownDescription": "Credential pair. For more information, see `[CredentialPair](https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CredentialPair.html)` .", - "title": "CredentialPair" + "DataSetSchema": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataSetSchema", + "markdownDescription": "Dataset schema.", + "title": "DataSetSchema" }, - "SecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the secret associated with the data source in AWS Secrets Manager .", - "title": "SecretArn", + "Placeholder": { + "markdownDescription": "Placeholder.", + "title": "Placeholder", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::DataSource.DataSourceErrorInfo": { + "AWS::QuickSight::Template.DataSetReference": { "additionalProperties": false, "properties": { - "Message": { - "markdownDescription": "Error message.", - "title": "Message", + "DataSetArn": { + "markdownDescription": "Dataset Amazon Resource Name (ARN).", + "title": "DataSetArn", "type": "string" }, - "Type": { - "markdownDescription": "Error type.", - "title": "Type", + "DataSetPlaceholder": { + "markdownDescription": "Dataset placeholder.", + "title": "DataSetPlaceholder", "type": "string" } }, + "required": [ + "DataSetArn", + "DataSetPlaceholder" + ], "type": "object" }, - "AWS::QuickSight::DataSource.DataSourceParameters": { + "AWS::QuickSight::Template.DataSetSchema": { "additionalProperties": false, "properties": { - "AmazonElasticsearchParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.AmazonElasticsearchParameters", - "markdownDescription": "The parameters for OpenSearch.", - "title": "AmazonElasticsearchParameters" - }, - "AmazonOpenSearchParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.AmazonOpenSearchParameters", - "markdownDescription": "The parameters for OpenSearch.", - "title": "AmazonOpenSearchParameters" - }, - "AthenaParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.AthenaParameters", - "markdownDescription": "The parameters for Amazon Athena.", - "title": "AthenaParameters" - }, - "AuroraParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.AuroraParameters", - "markdownDescription": "The parameters for Amazon Aurora MySQL.", - "title": "AuroraParameters" - }, - "AuroraPostgreSqlParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.AuroraPostgreSqlParameters", - "markdownDescription": "The parameters for Amazon Aurora.", - "title": "AuroraPostgreSqlParameters" - }, - "DatabricksParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.DatabricksParameters", - "markdownDescription": "The required parameters that are needed to connect to a Databricks data source.", - "title": "DatabricksParameters" - }, - "MariaDbParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.MariaDbParameters", - "markdownDescription": "The parameters for MariaDB.", - "title": "MariaDbParameters" - }, - "MySqlParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.MySqlParameters", - "markdownDescription": "The parameters for MySQL.", - "title": "MySqlParameters" - }, - "OracleParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.OracleParameters", - "markdownDescription": "Oracle parameters.", - "title": "OracleParameters" - }, - "PostgreSqlParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.PostgreSqlParameters", - "markdownDescription": "The parameters for PostgreSQL.", - "title": "PostgreSqlParameters" - }, - "PrestoParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.PrestoParameters", - "markdownDescription": "The parameters for Presto.", - "title": "PrestoParameters" - }, - "RdsParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.RdsParameters", - "markdownDescription": "The parameters for Amazon RDS.", - "title": "RdsParameters" - }, - "RedshiftParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.RedshiftParameters", - "markdownDescription": "The parameters for Amazon Redshift.", - "title": "RedshiftParameters" - }, - "S3Parameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.S3Parameters", - "markdownDescription": "The parameters for S3.", - "title": "S3Parameters" - }, - "SnowflakeParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.SnowflakeParameters", - "markdownDescription": "The parameters for Snowflake.", - "title": "SnowflakeParameters" - }, - "SparkParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.SparkParameters", - "markdownDescription": "The parameters for Spark.", - "title": "SparkParameters" - }, - "SqlServerParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.SqlServerParameters", - "markdownDescription": "The parameters for SQL Server.", - "title": "SqlServerParameters" - }, - "StarburstParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.StarburstParameters", - "markdownDescription": "The parameters that are required to connect to a Starburst data source.", - "title": "StarburstParameters" - }, - "TeradataParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.TeradataParameters", - "markdownDescription": "The parameters for Teradata.", - "title": "TeradataParameters" - }, - "TrinoParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.TrinoParameters", - "markdownDescription": "The parameters that are required to connect to a Trino data source.", - "title": "TrinoParameters" + "ColumnSchemaList": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnSchema" + }, + "markdownDescription": "A structure containing the list of column schemas.", + "title": "ColumnSchemaList", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::DataSource.DatabricksParameters": { + "AWS::QuickSight::Template.DateAxisOptions": { "additionalProperties": false, "properties": { - "Host": { - "markdownDescription": "The host name of the Databricks data source.", - "title": "Host", + "MissingDateVisibility": { + "markdownDescription": "Determines whether or not missing dates are displayed.", + "title": "MissingDateVisibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DateDimensionField": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that is used in the `DateDimensionField` .", + "title": "Column" + }, + "DateGranularity": { + "markdownDescription": "The date granularity of the `DateDimensionField` . Choose one of the following options:\n\n- `YEAR`\n- `QUARTER`\n- `MONTH`\n- `WEEK`\n- `DAY`\n- `HOUR`\n- `MINUTE`\n- `SECOND`\n- `MILLISECOND`", + "title": "DateGranularity", "type": "string" }, - "Port": { - "markdownDescription": "The port for the Databricks data source.", - "title": "Port", - "type": "number" + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" }, - "SqlEndpointPath": { - "markdownDescription": "The HTTP path of the Databricks data source.", - "title": "SqlEndpointPath", + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" + }, + "HierarchyId": { + "markdownDescription": "The custom hierarchy ID.", + "title": "HierarchyId", "type": "string" } }, "required": [ - "Host", - "Port", - "SqlEndpointPath" + "Column", + "FieldId" ], "type": "object" }, - "AWS::QuickSight::DataSource.ManifestFileLocation": { + "AWS::QuickSight::Template.DateMeasureField": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "Amazon S3 bucket.", - "title": "Bucket", + "AggregationFunction": { + "markdownDescription": "The aggregation function of the measure field.", + "title": "AggregationFunction", "type": "string" }, - "Key": { - "markdownDescription": "Amazon S3 key that identifies an object.", - "title": "Key", + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that is used in the `DateMeasureField` .", + "title": "Column" + }, + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", "type": "string" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" } }, "required": [ - "Bucket", - "Key" + "Column", + "FieldId" ], "type": "object" }, - "AWS::QuickSight::DataSource.MariaDbParameters": { + "AWS::QuickSight::Template.DateTimeDefaultValues": { "additionalProperties": false, "properties": { - "Database": { - "markdownDescription": "Database.", - "title": "Database", - "type": "string" + "DynamicValue": { + "$ref": "#/definitions/AWS::QuickSight::Template.DynamicDefaultValue", + "markdownDescription": "The dynamic value of the `DataTimeDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", + "title": "DynamicValue" }, - "Host": { - "markdownDescription": "Host.", - "title": "Host", - "type": "string" + "RollingDate": { + "$ref": "#/definitions/AWS::QuickSight::Template.RollingDateConfiguration", + "markdownDescription": "The rolling date of the `DataTimeDefaultValues` . The date is determined from the dataset based on input expression.", + "title": "RollingDate" }, - "Port": { - "markdownDescription": "Port.", - "title": "Port", - "type": "number" + "StaticValues": { + "items": { + "type": "string" + }, + "markdownDescription": "The static values of the `DataTimeDefaultValues` .", + "title": "StaticValues", + "type": "array" } }, - "required": [ - "Database", - "Host", - "Port" - ], "type": "object" }, - "AWS::QuickSight::DataSource.MySqlParameters": { + "AWS::QuickSight::Template.DateTimeFormatConfiguration": { "additionalProperties": false, "properties": { - "Database": { - "markdownDescription": "Database.", - "title": "Database", + "DateTimeFormat": { + "markdownDescription": "Determines the `DateTime` format.", + "title": "DateTimeFormat", "type": "string" }, - "Host": { - "markdownDescription": "Host.", - "title": "Host", - "type": "string" + "NullValueFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NullValueFormatConfiguration", + "markdownDescription": "The options that determine the null value format configuration.", + "title": "NullValueFormatConfiguration" }, - "Port": { - "markdownDescription": "Port.", - "title": "Port", - "type": "number" + "NumericFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericFormatConfiguration", + "markdownDescription": "The formatting configuration for numeric `DateTime` fields.", + "title": "NumericFormatConfiguration" } }, - "required": [ - "Database", - "Host", - "Port" - ], "type": "object" }, - "AWS::QuickSight::DataSource.OracleParameters": { + "AWS::QuickSight::Template.DateTimeHierarchy": { "additionalProperties": false, "properties": { - "Database": { - "markdownDescription": "Database.", - "title": "Database", - "type": "string" + "DrillDownFilters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DrillDownFilter" + }, + "markdownDescription": "The option that determines the drill down filters for the `DateTime` hierarchy.", + "title": "DrillDownFilters", + "type": "array" }, - "Host": { - "markdownDescription": "Host.", - "title": "Host", + "HierarchyId": { + "markdownDescription": "The hierarchy ID of the `DateTime` hierarchy.", + "title": "HierarchyId", "type": "string" - }, - "Port": { - "markdownDescription": "Port.", - "title": "Port", - "type": "number" } }, "required": [ - "Database", - "Host", - "Port" + "HierarchyId" ], "type": "object" }, - "AWS::QuickSight::DataSource.PostgreSqlParameters": { + "AWS::QuickSight::Template.DateTimeParameterDeclaration": { "additionalProperties": false, "properties": { - "Database": { - "markdownDescription": "Database.", - "title": "Database", + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeDefaultValues", + "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", + "title": "DefaultValues" + }, + "MappedDataSetParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MappedDataSetParameter" + }, + "markdownDescription": "", + "title": "MappedDataSetParameters", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the parameter that is being declared.", + "title": "Name", "type": "string" }, - "Host": { - "markdownDescription": "Host.", - "title": "Host", + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", "type": "string" }, - "Port": { - "markdownDescription": "Port.", - "title": "Port", - "type": "number" + "ValueWhenUnset": { + "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeValueWhenUnsetConfiguration", + "markdownDescription": "The configuration that defines the default value of a `DateTime` parameter when a value has not been set.", + "title": "ValueWhenUnset" } }, "required": [ - "Database", - "Host", - "Port" + "Name" ], "type": "object" }, - "AWS::QuickSight::DataSource.PrestoParameters": { + "AWS::QuickSight::Template.DateTimePickerControlDisplayOptions": { "additionalProperties": false, "properties": { - "Catalog": { - "markdownDescription": "Catalog.", - "title": "Catalog", - "type": "string" + "DateIconVisibility": { + "markdownDescription": "The date icon visibility of the `DateTimePickerControlDisplayOptions` .", + "title": "DateIconVisibility", + "type": "object" }, - "Host": { - "markdownDescription": "Host.", - "title": "Host", + "DateTimeFormat": { + "markdownDescription": "Customize how dates are formatted in controls.", + "title": "DateTimeFormat", "type": "string" }, - "Port": { - "markdownDescription": "Port.", - "title": "Port", - "type": "number" + "HelperTextVisibility": { + "markdownDescription": "The helper text visibility of the `DateTimePickerControlDisplayOptions` .", + "title": "HelperTextVisibility", + "type": "object" + }, + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" } }, - "required": [ - "Catalog", - "Host", - "Port" - ], "type": "object" }, - "AWS::QuickSight::DataSource.RdsParameters": { + "AWS::QuickSight::Template.DateTimeValueWhenUnsetConfiguration": { "additionalProperties": false, "properties": { - "Database": { - "markdownDescription": "Database.", - "title": "Database", + "CustomValue": { + "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", + "title": "CustomValue", "type": "string" }, - "InstanceId": { - "markdownDescription": "Instance ID.", - "title": "InstanceId", + "ValueWhenUnsetOption": { + "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", + "title": "ValueWhenUnsetOption", "type": "string" } }, - "required": [ - "Database", - "InstanceId" - ], "type": "object" }, - "AWS::QuickSight::DataSource.RedshiftParameters": { + "AWS::QuickSight::Template.DecimalDefaultValues": { "additionalProperties": false, "properties": { - "ClusterId": { - "markdownDescription": "Cluster ID. This field can be blank if the `Host` and `Port` are provided.", - "title": "ClusterId", - "type": "string" - }, - "Database": { - "markdownDescription": "Database.", - "title": "Database", - "type": "string" - }, - "Host": { - "markdownDescription": "Host. This field can be blank if `ClusterId` is provided.", - "title": "Host", - "type": "string" + "DynamicValue": { + "$ref": "#/definitions/AWS::QuickSight::Template.DynamicDefaultValue", + "markdownDescription": "The dynamic value of the `DecimalDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", + "title": "DynamicValue" }, - "Port": { - "markdownDescription": "Port. This field can be blank if the `ClusterId` is provided.", - "title": "Port", - "type": "number" + "StaticValues": { + "items": { + "type": "number" + }, + "markdownDescription": "The static values of the `DecimalDefaultValues` .", + "title": "StaticValues", + "type": "array" } }, - "required": [ - "Database" - ], "type": "object" }, - "AWS::QuickSight::DataSource.ResourcePermission": { + "AWS::QuickSight::Template.DecimalParameterDeclaration": { "additionalProperties": false, "properties": { - "Actions": { + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::Template.DecimalDefaultValues", + "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", + "title": "DefaultValues" + }, + "MappedDataSetParameters": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Template.MappedDataSetParameter" }, - "markdownDescription": "The IAM action to grant or revoke permissions on.", - "title": "Actions", + "markdownDescription": "", + "title": "MappedDataSetParameters", "type": "array" }, - "Principal": { - "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", - "title": "Principal", + "Name": { + "markdownDescription": "The name of the parameter that is being declared.", + "title": "Name", + "type": "string" + }, + "ParameterValueType": { + "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", + "title": "ParameterValueType", "type": "string" + }, + "ValueWhenUnset": { + "$ref": "#/definitions/AWS::QuickSight::Template.DecimalValueWhenUnsetConfiguration", + "markdownDescription": "The configuration that defines the default value of a `Decimal` parameter when a value has not been set.", + "title": "ValueWhenUnset" } }, "required": [ - "Actions", - "Principal" + "Name", + "ParameterValueType" ], "type": "object" }, - "AWS::QuickSight::DataSource.S3Parameters": { + "AWS::QuickSight::Template.DecimalPlacesConfiguration": { "additionalProperties": false, "properties": { - "ManifestFileLocation": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.ManifestFileLocation", - "markdownDescription": "Location of the Amazon S3 manifest file. This is NULL if the manifest file was uploaded into Amazon QuickSight.", - "title": "ManifestFileLocation" - }, - "RoleArn": { - "markdownDescription": "Use the `RoleArn` structure to override an account-wide role for a specific S3 data source. For example, say an account administrator has turned off all S3 access with an account-wide role. The administrator can then use `RoleArn` to bypass the account-wide role and allow S3 access for the single S3 data source that is specified in the structure, even if the account-wide role forbidding S3 access is still active.", - "title": "RoleArn", - "type": "string" + "DecimalPlaces": { + "markdownDescription": "The values of the decimal places.", + "title": "DecimalPlaces", + "type": "number" } }, "required": [ - "ManifestFileLocation" + "DecimalPlaces" ], "type": "object" }, - "AWS::QuickSight::DataSource.SnowflakeParameters": { + "AWS::QuickSight::Template.DecimalValueWhenUnsetConfiguration": { "additionalProperties": false, "properties": { - "Database": { - "markdownDescription": "Database.", - "title": "Database", - "type": "string" - }, - "Host": { - "markdownDescription": "Host.", - "title": "Host", - "type": "string" + "CustomValue": { + "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", + "title": "CustomValue", + "type": "number" }, - "Warehouse": { - "markdownDescription": "Warehouse.", - "title": "Warehouse", + "ValueWhenUnsetOption": { + "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", + "title": "ValueWhenUnsetOption", "type": "string" } }, - "required": [ - "Database", - "Host", - "Warehouse" - ], "type": "object" }, - "AWS::QuickSight::DataSource.SparkParameters": { + "AWS::QuickSight::Template.DefaultDateTimePickerControlOptions": { "additionalProperties": false, "properties": { - "Host": { - "markdownDescription": "Host.", - "title": "Host", + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `DateTimePickerControl` .", + "title": "CommitMode", "type": "string" }, - "Port": { - "markdownDescription": "Port.", - "title": "Port", - "type": "number" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DateTimePickerControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "Type": { + "markdownDescription": "The date time picker type of the `DefaultDateTimePickerControlOptions` . Choose one of the following options:\n\n- `SINGLE_VALUED` : The filter condition is a fixed date.\n- `DATE_RANGE` : The filter condition is a date time range.", + "title": "Type", + "type": "string" } }, - "required": [ - "Host", - "Port" - ], "type": "object" }, - "AWS::QuickSight::DataSource.SqlServerParameters": { + "AWS::QuickSight::Template.DefaultFilterControlConfiguration": { "additionalProperties": false, "properties": { - "Database": { - "markdownDescription": "Database.", - "title": "Database", - "type": "string" + "ControlOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlOptions", + "markdownDescription": "The control option for the `DefaultFilterControlConfiguration` .", + "title": "ControlOptions" }, - "Host": { - "markdownDescription": "Host.", - "title": "Host", + "Title": { + "markdownDescription": "The title of the `DefaultFilterControlConfiguration` . This title is shared by all controls that are tied to this filter.", + "title": "Title", "type": "string" - }, - "Port": { - "markdownDescription": "Port.", - "title": "Port", - "type": "number" } }, "required": [ - "Database", - "Host", - "Port" + "ControlOptions", + "Title" ], "type": "object" }, - "AWS::QuickSight::DataSource.SslProperties": { + "AWS::QuickSight::Template.DefaultFilterControlOptions": { "additionalProperties": false, "properties": { - "DisableSsl": { - "markdownDescription": "A Boolean option to control whether SSL should be disabled.", - "title": "DisableSsl", - "type": "boolean" + "DefaultDateTimePickerOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultDateTimePickerControlOptions", + "markdownDescription": "The default options that correspond to the filter control type of a `DateTimePicker` .", + "title": "DefaultDateTimePickerOptions" + }, + "DefaultDropdownOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterDropDownControlOptions", + "markdownDescription": "The default options that correspond to the `Dropdown` filter control type.", + "title": "DefaultDropdownOptions" + }, + "DefaultListOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterListControlOptions", + "markdownDescription": "The default options that correspond to the `List` filter control type.", + "title": "DefaultListOptions" + }, + "DefaultRelativeDateTimeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultRelativeDateTimeControlOptions", + "markdownDescription": "The default options that correspond to the `RelativeDateTime` filter control type.", + "title": "DefaultRelativeDateTimeOptions" + }, + "DefaultSliderOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultSliderControlOptions", + "markdownDescription": "The default options that correspond to the `Slider` filter control type.", + "title": "DefaultSliderOptions" + }, + "DefaultTextAreaOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultTextAreaControlOptions", + "markdownDescription": "The default options that correspond to the `TextArea` filter control type.", + "title": "DefaultTextAreaOptions" + }, + "DefaultTextFieldOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultTextFieldControlOptions", + "markdownDescription": "The default options that correspond to the `TextField` filter control type.", + "title": "DefaultTextFieldOptions" } }, "type": "object" }, - "AWS::QuickSight::DataSource.StarburstParameters": { + "AWS::QuickSight::Template.DefaultFilterDropDownControlOptions": { "additionalProperties": false, "properties": { - "Catalog": { - "markdownDescription": "The catalog name for the Starburst data source.", - "title": "Catalog", + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `FilterDropDownControl` .", + "title": "CommitMode", "type": "string" }, - "Host": { - "markdownDescription": "The host name of the Starburst data source.", - "title": "Host", - "type": "string" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DropDownControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" }, - "Port": { - "markdownDescription": "The port for the Starburst data source.", - "title": "Port", - "type": "number" + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" }, - "ProductType": { - "markdownDescription": "The product type for the Starburst data source.", - "title": "ProductType", + "Type": { + "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", + "title": "Type", "type": "string" } }, - "required": [ - "Catalog", - "Host", - "Port" - ], "type": "object" }, - "AWS::QuickSight::DataSource.TeradataParameters": { + "AWS::QuickSight::Template.DefaultFilterListControlOptions": { "additionalProperties": false, "properties": { - "Database": { - "markdownDescription": "Database.", - "title": "Database", - "type": "string" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ListControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" }, - "Host": { - "markdownDescription": "Host.", - "title": "Host", - "type": "string" + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" }, - "Port": { - "markdownDescription": "Port.", - "title": "Port", - "type": "number" + "Type": { + "markdownDescription": "The type of the `DefaultFilterListControlOptions` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list.", + "title": "Type", + "type": "string" } }, - "required": [ - "Database", - "Host", - "Port" - ], "type": "object" }, - "AWS::QuickSight::DataSource.TrinoParameters": { + "AWS::QuickSight::Template.DefaultFreeFormLayoutConfiguration": { "additionalProperties": false, "properties": { - "Catalog": { - "markdownDescription": "The catalog name for the Trino data source.", - "title": "Catalog", - "type": "string" - }, - "Host": { - "markdownDescription": "The host name of the Trino data source.", - "title": "Host", - "type": "string" - }, - "Port": { - "markdownDescription": "The port for the Trino data source.", - "title": "Port", - "type": "number" + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutCanvasSizeOptions", + "markdownDescription": "Determines the screen canvas size options for a free-form layout.", + "title": "CanvasSizeOptions" } }, "required": [ - "Catalog", - "Host", - "Port" + "CanvasSizeOptions" ], "type": "object" }, - "AWS::QuickSight::DataSource.VpcConnectionProperties": { + "AWS::QuickSight::Template.DefaultGridLayoutConfiguration": { "additionalProperties": false, "properties": { - "VpcConnectionArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the VPC connection.", - "title": "VpcConnectionArn", - "type": "string" + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.GridLayoutCanvasSizeOptions", + "markdownDescription": "Determines the screen canvas size options for a grid layout.", + "title": "CanvasSizeOptions" } }, "required": [ - "VpcConnectionArn" + "CanvasSizeOptions" ], "type": "object" }, - "AWS::QuickSight::RefreshSchedule": { + "AWS::QuickSight::Template.DefaultInteractiveLayoutConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "FreeForm": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFreeFormLayoutConfiguration", + "markdownDescription": "The options that determine the default settings of a free-form layout configuration.", + "title": "FreeForm" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AwsAccountId": { - "markdownDescription": "The AWS account ID of the account that you are creating a schedule in.", - "title": "AwsAccountId", - "type": "string" - }, - "DataSetId": { - "markdownDescription": "The ID of the dataset that you are creating a refresh schedule for.", - "title": "DataSetId", - "type": "string" - }, - "Schedule": { - "$ref": "#/definitions/AWS::QuickSight::RefreshSchedule.RefreshScheduleMap", - "markdownDescription": "The refresh schedule of a dataset.", - "title": "Schedule" - } - }, - "type": "object" + "Grid": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultGridLayoutConfiguration", + "markdownDescription": "The options that determine the default settings for a grid layout configuration.", + "title": "Grid" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DefaultNewSheetConfiguration": { + "additionalProperties": false, + "properties": { + "InteractiveLayoutConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultInteractiveLayoutConfiguration", + "markdownDescription": "The options that determine the default settings for interactive layout configuration.", + "title": "InteractiveLayoutConfiguration" }, - "Type": { - "enum": [ - "AWS::QuickSight::RefreshSchedule" - ], - "type": "string" + "PaginatedLayoutConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultPaginatedLayoutConfiguration", + "markdownDescription": "The options that determine the default settings for a paginated layout configuration.", + "title": "PaginatedLayoutConfiguration" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SheetContentType": { + "markdownDescription": "The option that determines the sheet content type.", + "title": "SheetContentType", "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::QuickSight::RefreshSchedule.RefreshOnDay": { + "AWS::QuickSight::Template.DefaultPaginatedLayoutConfiguration": { "additionalProperties": false, "properties": { - "DayOfMonth": { - "markdownDescription": "The day of the month that you want your dataset to refresh. This value is required for monthly refresh intervals.", - "title": "DayOfMonth", - "type": "string" - }, - "DayOfWeek": { - "markdownDescription": "The day of the week that you want to schedule the refresh on. This value is required for weekly and monthly refresh intervals.", - "title": "DayOfWeek", - "type": "string" + "SectionBased": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultSectionBasedLayoutConfiguration", + "markdownDescription": "The options that determine the default settings for a section-based layout configuration.", + "title": "SectionBased" } }, "type": "object" }, - "AWS::QuickSight::RefreshSchedule.RefreshScheduleMap": { + "AWS::QuickSight::Template.DefaultRelativeDateTimeControlOptions": { "additionalProperties": false, "properties": { - "RefreshType": { - "markdownDescription": "The type of refresh that a dataset undergoes. Valid values are as follows:\n\n- `FULL_REFRESH` : A complete refresh of a dataset.\n- `INCREMENTAL_REFRESH` : A partial refresh of some rows of a dataset, based on the time window specified.\n\nFor more information on full and incremental refreshes, see [Refreshing SPICE data](https://docs.aws.amazon.com/quicksight/latest/user/refreshing-imported-data.html) in the *QuickSight User Guide* .", - "title": "RefreshType", - "type": "string" - }, - "ScheduleFrequency": { - "$ref": "#/definitions/AWS::QuickSight::RefreshSchedule.ScheduleFrequency", - "markdownDescription": "The frequency for the refresh schedule.", - "title": "ScheduleFrequency" - }, - "ScheduleId": { - "markdownDescription": "An identifier for the refresh schedule.", - "title": "ScheduleId", + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `RelativeDateTimeControl` .", + "title": "CommitMode", "type": "string" }, - "StartAfterDateTime": { - "markdownDescription": "Time after which the refresh schedule can be started, expressed in `YYYY-MM-DDTHH:MM:SS` format.", - "title": "StartAfterDateTime", - "type": "string" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.RelativeDateTimeControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" } }, "type": "object" }, - "AWS::QuickSight::RefreshSchedule.ScheduleFrequency": { + "AWS::QuickSight::Template.DefaultSectionBasedLayoutConfiguration": { "additionalProperties": false, "properties": { - "Interval": { - "markdownDescription": "The interval between scheduled refreshes. Valid values are as follows:\n\n- `MINUTE15` : The dataset refreshes every 15 minutes. This value is only supported for incremental refreshes. This interval can only be used for one schedule per dataset.\n- `MINUTE30` : The dataset refreshes every 30 minutes. This value is only supported for incremental refreshes. This interval can only be used for one schedule per dataset.\n- `HOURLY` : The dataset refreshes every hour. This interval can only be used for one schedule per dataset.\n- `DAILY` : The dataset refreshes every day.\n- `WEEKLY` : The dataset refreshes every week.\n- `MONTHLY` : The dataset refreshes every month.", - "title": "Interval", - "type": "string" - }, - "RefreshOnDay": { - "$ref": "#/definitions/AWS::QuickSight::RefreshSchedule.RefreshOnDay", - "markdownDescription": "The day of the week that you want to schedule the refresh on. This value is required for weekly and monthly refresh intervals.", - "title": "RefreshOnDay" - }, - "TimeOfTheDay": { - "markdownDescription": "The time of day that you want the dataset to refresh. This value is expressed in HH:MM format. This field is not required for schedules that refresh hourly.", - "title": "TimeOfTheDay", - "type": "string" - }, - "TimeZone": { - "markdownDescription": "The timezone that you want the refresh schedule to use. The timezone ID must match a corresponding ID found on `java.util.time.getAvailableIDs()` .", - "title": "TimeZone", - "type": "string" + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SectionBasedLayoutCanvasSizeOptions", + "markdownDescription": "Determines the screen canvas size options for a section-based layout.", + "title": "CanvasSizeOptions" } }, + "required": [ + "CanvasSizeOptions" + ], "type": "object" }, - "AWS::QuickSight::Template": { + "AWS::QuickSight::Template.DefaultSliderControlOptions": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SliderControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "MaximumValue": { + "markdownDescription": "The larger value that is displayed at the right of the slider.", + "title": "MaximumValue", + "type": "number" }, - "Metadata": { - "type": "object" + "MinimumValue": { + "markdownDescription": "The smaller value that is displayed at the left of the slider.", + "title": "MinimumValue", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AwsAccountId": { - "markdownDescription": "The ID for the AWS account that the group is in. You use the ID for the AWS account that contains your Amazon QuickSight account.", - "title": "AwsAccountId", - "type": "string" - }, - "Definition": { - "$ref": "#/definitions/AWS::QuickSight::Template.TemplateVersionDefinition", - "markdownDescription": "", - "title": "Definition" - }, - "Name": { - "markdownDescription": "A display name for the template.", - "title": "Name", - "type": "string" - }, - "Permissions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ResourcePermission" - }, - "markdownDescription": "A list of resource permissions to be set on the template.", - "title": "Permissions", - "type": "array" - }, - "SourceEntity": { - "$ref": "#/definitions/AWS::QuickSight::Template.TemplateSourceEntity", - "markdownDescription": "The entity that you are using as a source when you create the template. In `SourceEntity` , you specify the type of object you're using as source: `SourceTemplate` for a template or `SourceAnalysis` for an analysis. Both of these require an Amazon Resource Name (ARN). For `SourceTemplate` , specify the ARN of the source template. For `SourceAnalysis` , specify the ARN of the source analysis. The `SourceTemplate` ARN can contain any AWS account and any Amazon QuickSight-supported AWS Region .\n\nUse the `DataSetReferences` entity within `SourceTemplate` or `SourceAnalysis` to list the replacement datasets for the placeholders listed in the original. The schema in each dataset must match its placeholder.\n\nEither a `SourceEntity` or a `Definition` must be provided in order for the request to be valid.", - "title": "SourceEntity" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Contains a map of the key-value pairs for the resource tag or tags assigned to the resource.", - "title": "Tags", - "type": "array" - }, - "TemplateId": { - "markdownDescription": "An ID for the template that you want to create. This template is unique per AWS Region ; in each AWS account.", - "title": "TemplateId", - "type": "string" - }, - "ValidationStrategy": { - "$ref": "#/definitions/AWS::QuickSight::Template.ValidationStrategy", - "markdownDescription": "The option to relax the validation that is required to create and update analyses, dashboards, and templates with definition objects. When you set this value to `LENIENT` , validation is skipped for specific errors.", - "title": "ValidationStrategy" - }, - "VersionDescription": { - "markdownDescription": "A description of the current template version being created. This API operation creates the first version of the template. Every time `UpdateTemplate` is called, a new version is created. Each version of the template maintains a description of the version in the `VersionDescription` field.", - "title": "VersionDescription", - "type": "string" - } - }, - "required": [ - "AwsAccountId", - "TemplateId" - ], - "type": "object" + "StepSize": { + "markdownDescription": "The number of increments that the slider bar is divided into.", + "title": "StepSize", + "type": "number" }, "Type": { - "enum": [ - "AWS::QuickSight::Template" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "markdownDescription": "The type of the `DefaultSliderControlOptions` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range.", + "title": "Type", "type": "string" } }, "required": [ - "Type", - "Properties" + "MaximumValue", + "MinimumValue", + "StepSize" ], "type": "object" }, - "AWS::QuickSight::Template.AggregationFunction": { + "AWS::QuickSight::Template.DefaultTextAreaControlOptions": { "additionalProperties": false, "properties": { - "AttributeAggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Template.AttributeAggregationFunction", - "markdownDescription": "Aggregation for attributes.", - "title": "AttributeAggregationFunction" - }, - "CategoricalAggregationFunction": { - "markdownDescription": "Aggregation for categorical values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values.", - "title": "CategoricalAggregationFunction", - "type": "string" - }, - "DateAggregationFunction": { - "markdownDescription": "Aggregation for date values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values.\n- `MIN` : Select the smallest date value.\n- `MAX` : Select the largest date value.", - "title": "DateAggregationFunction", + "Delimiter": { + "markdownDescription": "The delimiter that is used to separate the lines in text.", + "title": "Delimiter", "type": "string" }, - "NumericalAggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericalAggregationFunction", - "markdownDescription": "Aggregation for numerical values.", - "title": "NumericalAggregationFunction" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TextAreaControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.AggregationSortConfiguration": { + "AWS::QuickSight::Template.DefaultTextFieldControlOptions": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Template.AggregationFunction", - "markdownDescription": "The function that aggregates the values in `Column` .", - "title": "AggregationFunction" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that determines the sort order of aggregated values.", - "title": "Column" - }, - "SortDirection": { - "markdownDescription": "The sort direction of values.\n\n- `ASC` : Sort in ascending order.\n- `DESC` : Sort in descending order.", - "title": "SortDirection", - "type": "string" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TextFieldControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" } }, - "required": [ - "Column", - "SortDirection" - ], "type": "object" }, - "AWS::QuickSight::Template.AnalysisDefaults": { + "AWS::QuickSight::Template.DestinationParameterValueConfiguration": { "additionalProperties": false, "properties": { - "DefaultNewSheetConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultNewSheetConfiguration", - "markdownDescription": "The configuration for default new sheet settings.", - "title": "DefaultNewSheetConfiguration" + "CustomValuesConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomValuesConfiguration", + "markdownDescription": "The configuration of custom values for destination parameter in `DestinationParameterValueConfiguration` .", + "title": "CustomValuesConfiguration" + }, + "SelectAllValueOptions": { + "markdownDescription": "The configuration that selects all options.", + "title": "SelectAllValueOptions", + "type": "string" + }, + "SourceColumn": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "A column of a data set.", + "title": "SourceColumn" + }, + "SourceField": { + "markdownDescription": "The source field ID of the destination parameter.", + "title": "SourceField", + "type": "string" + }, + "SourceParameterName": { + "markdownDescription": "The source parameter name of the destination parameter.", + "title": "SourceParameterName", + "type": "string" } }, - "required": [ - "DefaultNewSheetConfiguration" - ], "type": "object" }, - "AWS::QuickSight::Template.AnchorDateConfiguration": { + "AWS::QuickSight::Template.DimensionField": { "additionalProperties": false, "properties": { - "AnchorOption": { - "markdownDescription": "The options for the date configuration. Choose one of the options below:\n\n- `NOW`", - "title": "AnchorOption", - "type": "string" + "CategoricalDimensionField": { + "$ref": "#/definitions/AWS::QuickSight::Template.CategoricalDimensionField", + "markdownDescription": "The dimension type field with categorical type columns.", + "title": "CategoricalDimensionField" }, - "ParameterName": { - "markdownDescription": "The name of the parameter that is used for the anchor date configuration.", - "title": "ParameterName", - "type": "string" + "DateDimensionField": { + "$ref": "#/definitions/AWS::QuickSight::Template.DateDimensionField", + "markdownDescription": "The dimension type field with date type columns.", + "title": "DateDimensionField" + }, + "NumericalDimensionField": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericalDimensionField", + "markdownDescription": "The dimension type field with numerical type columns.", + "title": "NumericalDimensionField" } }, "type": "object" }, - "AWS::QuickSight::Template.ArcAxisConfiguration": { + "AWS::QuickSight::Template.DonutCenterOptions": { "additionalProperties": false, "properties": { - "Range": { - "$ref": "#/definitions/AWS::QuickSight::Template.ArcAxisDisplayRange", - "markdownDescription": "The arc axis range of a `GaugeChartVisual` .", - "title": "Range" - }, - "ReserveRange": { - "markdownDescription": "The reserved range of the arc axis.", - "title": "ReserveRange", - "type": "number" + "LabelVisibility": { + "markdownDescription": "Determines the visibility of the label in a donut chart. In the Amazon QuickSight console, this option is called `'Show total'` .", + "title": "LabelVisibility", + "type": "object" } }, "type": "object" }, - "AWS::QuickSight::Template.ArcAxisDisplayRange": { + "AWS::QuickSight::Template.DonutOptions": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum value of the arc axis range.", - "title": "Max", - "type": "number" + "ArcOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ArcOptions", + "markdownDescription": "The option for define the arc of the chart shape. Valid values are as follows:\n\n- `WHOLE` - A pie chart\n- `SMALL` - A small-sized donut chart\n- `MEDIUM` - A medium-sized donut chart\n- `LARGE` - A large-sized donut chart", + "title": "ArcOptions" }, - "Min": { - "markdownDescription": "The minimum value of the arc axis range.", - "title": "Min", - "type": "number" + "DonutCenterOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DonutCenterOptions", + "markdownDescription": "The label options of the label that is displayed in the center of a donut chart. This option isn't available for pie charts.", + "title": "DonutCenterOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.ArcConfiguration": { + "AWS::QuickSight::Template.DrillDownFilter": { "additionalProperties": false, "properties": { - "ArcAngle": { - "markdownDescription": "The option that determines the arc angle of a `GaugeChartVisual` .", - "title": "ArcAngle", - "type": "number" + "CategoryFilter": { + "$ref": "#/definitions/AWS::QuickSight::Template.CategoryDrillDownFilter", + "markdownDescription": "The category type drill down filter. This filter is used for string type columns.", + "title": "CategoryFilter" }, - "ArcThickness": { - "markdownDescription": "The options that determine the arc thickness of a `GaugeChartVisual` .", - "title": "ArcThickness", - "type": "string" + "NumericEqualityFilter": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericEqualityDrillDownFilter", + "markdownDescription": "The numeric equality type drill down filter. This filter is used for number type columns.", + "title": "NumericEqualityFilter" + }, + "TimeRangeFilter": { + "$ref": "#/definitions/AWS::QuickSight::Template.TimeRangeDrillDownFilter", + "markdownDescription": "The time range drill down filter. This filter is used for date time columns.", + "title": "TimeRangeFilter" } }, "type": "object" }, - "AWS::QuickSight::Template.ArcOptions": { + "AWS::QuickSight::Template.DropDownControlDisplayOptions": { "additionalProperties": false, "properties": { - "ArcThickness": { - "markdownDescription": "The arc thickness of a `GaugeChartVisual` .", - "title": "ArcThickness", - "type": "string" + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "SelectAllOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ListControlSelectAllOptions", + "markdownDescription": "The configuration of the `Select all` options in a dropdown control.", + "title": "SelectAllOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.AssetOptions": { + "AWS::QuickSight::Template.DynamicDefaultValue": { "additionalProperties": false, - "properties": { - "Timezone": { - "markdownDescription": "Determines the timezone for the analysis.", - "title": "Timezone", - "type": "string" + "properties": { + "DefaultValueColumn": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that contains the default value of each user or group.", + "title": "DefaultValueColumn" }, - "WeekStart": { - "markdownDescription": "Determines the week start day for an analysis.", - "title": "WeekStart", - "type": "string" + "GroupNameColumn": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that contains the group name.", + "title": "GroupNameColumn" + }, + "UserNameColumn": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that contains the username.", + "title": "UserNameColumn" } }, + "required": [ + "DefaultValueColumn" + ], "type": "object" }, - "AWS::QuickSight::Template.AttributeAggregationFunction": { + "AWS::QuickSight::Template.EmptyVisual": { "additionalProperties": false, "properties": { - "SimpleAttributeAggregation": { - "markdownDescription": "The built-in aggregation functions for attributes.\n\n- `UNIQUE_VALUE` : Returns the unique value for a field, aggregated by the dimension fields.", - "title": "SimpleAttributeAggregation", + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "DataSetIdentifier": { + "markdownDescription": "The data set that is used in the empty visual. Every visual requires a dataset to render.", + "title": "DataSetIdentifier", "type": "string" }, - "ValueForMultipleValues": { - "markdownDescription": "Used by the `UNIQUE_VALUE` aggregation function. If there are multiple values for the field used by the aggregation, the value for this property will be returned instead. Defaults to '*'.", - "title": "ValueForMultipleValues", + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", "type": "string" } }, + "required": [ + "DataSetIdentifier", + "VisualId" + ], "type": "object" }, - "AWS::QuickSight::Template.AxisDataOptions": { + "AWS::QuickSight::Template.Entity": { "additionalProperties": false, "properties": { - "DateAxisOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DateAxisOptions", - "markdownDescription": "The options for an axis with a date field.", - "title": "DateAxisOptions" - }, - "NumericAxisOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericAxisOptions", - "markdownDescription": "The options for an axis with a numeric field.", - "title": "NumericAxisOptions" + "Path": { + "markdownDescription": "The hierarchical path of the entity within the analysis, template, or dashboard definition tree.", + "title": "Path", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.AxisDisplayMinMaxRange": { + "AWS::QuickSight::Template.ExcludePeriodConfiguration": { "additionalProperties": false, "properties": { - "Maximum": { - "markdownDescription": "The maximum setup for an axis display range.", - "title": "Maximum", + "Amount": { + "markdownDescription": "The amount or number of the exclude period.", + "title": "Amount", "type": "number" }, - "Minimum": { - "markdownDescription": "The minimum setup for an axis display range.", - "title": "Minimum", - "type": "number" + "Granularity": { + "markdownDescription": "The granularity or unit (day, month, year) of the exclude period.", + "title": "Granularity", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the exclude period. Choose from the following options:\n\n- `ENABLED`\n- `DISABLED`", + "title": "Status", + "type": "string" } }, + "required": [ + "Amount", + "Granularity" + ], "type": "object" }, - "AWS::QuickSight::Template.AxisDisplayOptions": { + "AWS::QuickSight::Template.ExplicitHierarchy": { "additionalProperties": false, "properties": { - "AxisLineVisibility": { - "markdownDescription": "Determines whether or not the axis line is visible.", - "title": "AxisLineVisibility", - "type": "string" - }, - "AxisOffset": { - "markdownDescription": "The offset value that determines the starting placement of the axis within a visual's bounds.", - "title": "AxisOffset", - "type": "string" + "Columns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier" + }, + "markdownDescription": "The list of columns that define the explicit hierarchy.", + "title": "Columns", + "type": "array" }, - "DataOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDataOptions", - "markdownDescription": "The data options for an axis.", - "title": "DataOptions" + "DrillDownFilters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DrillDownFilter" + }, + "markdownDescription": "The option that determines the drill down filters for the explicit hierarchy.", + "title": "DrillDownFilters", + "type": "array" }, - "GridLineVisibility": { - "markdownDescription": "Determines whether or not the grid line is visible.", - "title": "GridLineVisibility", + "HierarchyId": { + "markdownDescription": "The hierarchy ID of the explicit hierarchy.", + "title": "HierarchyId", "type": "string" - }, - "ScrollbarOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ScrollBarOptions", - "markdownDescription": "The scroll bar options for an axis.", - "title": "ScrollbarOptions" - }, - "TickLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisTickLabelOptions", - "markdownDescription": "The tick label options of an axis.", - "title": "TickLabelOptions" } }, + "required": [ + "Columns", + "HierarchyId" + ], "type": "object" }, - "AWS::QuickSight::Template.AxisDisplayRange": { + "AWS::QuickSight::Template.FieldBasedTooltip": { "additionalProperties": false, "properties": { - "DataDriven": { - "markdownDescription": "The data-driven setup of an axis display range.", - "title": "DataDriven", + "AggregationVisibility": { + "markdownDescription": "The visibility of `Show aggregations` .", + "title": "AggregationVisibility", "type": "object" }, - "MinMax": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayMinMaxRange", - "markdownDescription": "The minimum and maximum setup of an axis display range.", - "title": "MinMax" + "TooltipFields": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.TooltipItem" + }, + "markdownDescription": "The fields configuration in the tooltip.", + "title": "TooltipFields", + "type": "array" + }, + "TooltipTitleType": { + "markdownDescription": "The type for the >tooltip title. Choose one of the following options:\n\n- `NONE` : Doesn't use the primary value as the title.\n- `PRIMARY_VALUE` : Uses primary value as the title.", + "title": "TooltipTitleType", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.AxisLabelOptions": { + "AWS::QuickSight::Template.FieldLabelType": { "additionalProperties": false, "properties": { - "ApplyTo": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisLabelReferenceOptions", - "markdownDescription": "The options that indicate which field the label belongs to.", - "title": "ApplyTo" - }, - "CustomLabel": { - "markdownDescription": "The text for the axis label.", - "title": "CustomLabel", + "FieldId": { + "markdownDescription": "Indicates the field that is targeted by the field label.", + "title": "FieldId", "type": "string" }, - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", - "markdownDescription": "The font configuration of the axis label.", - "title": "FontConfiguration" + "Visibility": { + "markdownDescription": "The visibility of the field label.", + "title": "Visibility", + "type": "object" } }, "type": "object" }, - "AWS::QuickSight::Template.AxisLabelReferenceOptions": { + "AWS::QuickSight::Template.FieldSeriesItem": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that the axis label is targeted to.", - "title": "Column" + "AxisBinding": { + "markdownDescription": "The axis that you are binding the field to.", + "title": "AxisBinding", + "type": "string" }, "FieldId": { - "markdownDescription": "The field that the axis label is targeted to.", + "markdownDescription": "The field ID of the field for which you are setting the axis binding.", "title": "FieldId", "type": "string" + }, + "Settings": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineChartSeriesSettings", + "markdownDescription": "The options that determine the presentation of line series associated to the field.", + "title": "Settings" } }, "required": [ - "Column", + "AxisBinding", "FieldId" ], "type": "object" }, - "AWS::QuickSight::Template.AxisLinearScale": { + "AWS::QuickSight::Template.FieldSort": { "additionalProperties": false, "properties": { - "StepCount": { - "markdownDescription": "The step count setup of a linear axis.", - "title": "StepCount", - "type": "number" + "Direction": { + "markdownDescription": "The sort direction. Choose one of the following options:\n\n- `ASC` : Ascending\n- `DESC` : Descending", + "title": "Direction", + "type": "string" }, - "StepSize": { - "markdownDescription": "The step size setup of a linear axis.", - "title": "StepSize", - "type": "number" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.AxisLogarithmicScale": { - "additionalProperties": false, - "properties": { - "Base": { - "markdownDescription": "The base setup of a logarithmic axis scale.", - "title": "Base", - "type": "number" + "FieldId": { + "markdownDescription": "The sort configuration target field.", + "title": "FieldId", + "type": "string" } }, + "required": [ + "Direction", + "FieldId" + ], "type": "object" }, - "AWS::QuickSight::Template.AxisScale": { + "AWS::QuickSight::Template.FieldSortOptions": { "additionalProperties": false, "properties": { - "Linear": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisLinearScale", - "markdownDescription": "The linear axis scale setup.", - "title": "Linear" + "ColumnSort": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnSort", + "markdownDescription": "The sort configuration for a column that is not used in a field well.", + "title": "ColumnSort" }, - "Logarithmic": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisLogarithmicScale", - "markdownDescription": "The logarithmic axis scale setup.", - "title": "Logarithmic" + "FieldSort": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSort", + "markdownDescription": "The sort configuration for a field in a field well.", + "title": "FieldSort" } }, "type": "object" }, - "AWS::QuickSight::Template.AxisTickLabelOptions": { + "AWS::QuickSight::Template.FieldTooltipItem": { "additionalProperties": false, "properties": { - "LabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", - "markdownDescription": "Determines whether or not the axis ticks are visible.", - "title": "LabelOptions" + "FieldId": { + "markdownDescription": "The unique ID of the field that is targeted by the tooltip.", + "title": "FieldId", + "type": "string" }, - "RotationAngle": { - "markdownDescription": "The rotation angle of the axis tick labels.", - "title": "RotationAngle", - "type": "number" + "Label": { + "markdownDescription": "The label of the tooltip item.", + "title": "Label", + "type": "string" + }, + "TooltipTarget": { + "markdownDescription": "Determines the target of the field tooltip item in a combo chart visual.", + "title": "TooltipTarget", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the tooltip item.", + "title": "Visibility", + "type": "object" } }, + "required": [ + "FieldId" + ], "type": "object" }, - "AWS::QuickSight::Template.BarChartAggregatedFieldWells": { + "AWS::QuickSight::Template.FilledMapAggregatedFieldWells": { "additionalProperties": false, "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The category (y-axis) field well of a bar chart.", - "title": "Category", - "type": "array" - }, - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The color (group/color) field well of a bar chart.", - "title": "Colors", - "type": "array" - }, - "SmallMultiples": { + "Geospatial": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, - "markdownDescription": "The small multiples field well of a bar chart.", - "title": "SmallMultiples", + "markdownDescription": "The aggregated location field well of the filled map. Values are grouped by location fields.", + "title": "Geospatial", "type": "array" }, "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" }, - "markdownDescription": "The value field wells of a bar chart. Values are aggregated by category.", + "markdownDescription": "The aggregated color field well of a filled map. Values are aggregated based on location fields.", "title": "Values", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.BarChartConfiguration": { + "AWS::QuickSight::Template.FilledMapConditionalFormatting": { "additionalProperties": false, "properties": { - "BarsArrangement": { - "markdownDescription": "Determines the arrangement of the bars. The orientation and arrangement of bars determine the type of bar that is used in the visual.", - "title": "BarsArrangement", - "type": "string" - }, - "CategoryAxis": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) for bar chart category.", - "title": "CategoryAxis" - }, - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a bar chart.", - "title": "CategoryLabelOptions" - }, - "ColorLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a color that is used in a bar chart.", - "title": "ColorLabelOptions" - }, - "ContributionAnalysisDefaults": { + "ConditionalFormattingOptions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ContributionAnalysisDefault" + "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapConditionalFormattingOption" }, - "markdownDescription": "The contribution analysis (anomaly configuration) setup of the visual.", - "title": "ContributionAnalysisDefaults", + "markdownDescription": "Conditional formatting options of a `FilledMapVisual` .", + "title": "ConditionalFormattingOptions", "type": "array" - }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.", - "title": "DataLabels" - }, + } + }, + "required": [ + "ConditionalFormattingOptions" + ], + "type": "object" + }, + "AWS::QuickSight::Template.FilledMapConditionalFormattingOption": { + "additionalProperties": false, + "properties": { + "Shape": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapShapeConditionalFormatting", + "markdownDescription": "The conditional formatting that determines the shape of the filled map.", + "title": "Shape" + } + }, + "required": [ + "Shape" + ], + "type": "object" + }, + "AWS::QuickSight::Template.FilledMapConfiguration": { + "additionalProperties": false, + "properties": { "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.BarChartFieldWells", + "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, "Legend": { "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Legend" }, - "Orientation": { - "markdownDescription": "The orientation of the bars in a bar chart visual. There are two valid values in this structure:\n\n- `HORIZONTAL` : Used for charts that have horizontal bars. Visuals that use this value are horizontal bar charts, horizontal stacked bar charts, and horizontal stacked 100% bar charts.\n- `VERTICAL` : Used for charts that have vertical bars. Visuals that use this value are vertical bar charts, vertical stacked bar charts, and vertical stacked 100% bar charts.", - "title": "Orientation", - "type": "string" - }, - "ReferenceLines": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLine" - }, - "markdownDescription": "The reference line setup of the visual.", - "title": "ReferenceLines", - "type": "array" - }, - "SmallMultiplesOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SmallMultiplesOptions", - "markdownDescription": "The small multiples setup for the visual.", - "title": "SmallMultiplesOptions" + "MapStyleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialMapStyleOptions", + "markdownDescription": "The map style options of the filled map visual.", + "title": "MapStyleOptions" }, "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.BarChartSortConfiguration", - "markdownDescription": "The sort configuration of a `BarChartVisual` .", + "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapSortConfiguration", + "markdownDescription": "The sort configuration of a `FilledMapVisual` .", "title": "SortConfiguration" }, "Tooltip": { @@ -210739,81 +254883,59 @@ "markdownDescription": "The tooltip display setup of the visual.", "title": "Tooltip" }, - "ValueAxis": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) for a bar chart value.", - "title": "ValueAxis" - }, - "ValueLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a bar chart value.", - "title": "ValueLabelOptions" - }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" + "WindowOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialWindowOptions", + "markdownDescription": "The window options of the filled map visual.", + "title": "WindowOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.BarChartFieldWells": { + "AWS::QuickSight::Template.FilledMapFieldWells": { "additionalProperties": false, "properties": { - "BarChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.BarChartAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a bar chart.", - "title": "BarChartAggregatedFieldWells" + "FilledMapAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapAggregatedFieldWells", + "markdownDescription": "The aggregated field well of the filled map.", + "title": "FilledMapAggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Template.BarChartSortConfiguration": { + "AWS::QuickSight::Template.FilledMapShapeConditionalFormatting": { "additionalProperties": false, "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of categories displayed in a bar chart.", - "title": "CategoryItemsLimit" + "FieldId": { + "markdownDescription": "The field ID of the filled map shape.", + "title": "FieldId", + "type": "string" }, + "Format": { + "$ref": "#/definitions/AWS::QuickSight::Template.ShapeConditionalFormat", + "markdownDescription": "The conditional formatting that determines the background color of a filled map's shape.", + "title": "Format" + } + }, + "required": [ + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.FilledMapSortConfiguration": { + "additionalProperties": false, + "properties": { "CategorySort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" }, - "markdownDescription": "The sort configuration of category fields.", + "markdownDescription": "The sort configuration of the location fields.", "title": "CategorySort", "type": "array" - }, - "ColorItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of values displayed in a bar chart.", - "title": "ColorItemsLimit" - }, - "ColorSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of color fields in a bar chart.", - "title": "ColorSort", - "type": "array" - }, - "SmallMultiplesLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of small multiples panels that are displayed.", - "title": "SmallMultiplesLimitConfiguration" - }, - "SmallMultiplesSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the small multiples field.", - "title": "SmallMultiplesSort", - "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.BarChartVisual": { + "AWS::QuickSight::Template.FilledMapVisual": { "additionalProperties": false, "properties": { "Actions": { @@ -210825,7 +254947,7 @@ "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.BarChartConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, @@ -210837,6 +254959,11 @@ "title": "ColumnHierarchies", "type": "array" }, + "ConditionalFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapConditionalFormatting", + "markdownDescription": "The conditional formatting of a `FilledMapVisual` .", + "title": "ConditionalFormatting" + }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", @@ -210847,8 +254974,13 @@ "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", "title": "VisualId", "type": "string" } @@ -210858,912 +254990,1051 @@ ], "type": "object" }, - "AWS::QuickSight::Template.BinCountOptions": { + "AWS::QuickSight::Template.Filter": { "additionalProperties": false, "properties": { - "Value": { - "markdownDescription": "The options that determine the bin count value.", - "title": "Value", - "type": "number" + "CategoryFilter": { + "$ref": "#/definitions/AWS::QuickSight::Template.CategoryFilter", + "markdownDescription": "A `CategoryFilter` filters text values.\n\nFor more information, see [Adding text filters](https://docs.aws.amazon.com/quicksight/latest/user/add-a-text-filter-data-prep.html) in the *Amazon QuickSight User Guide* .", + "title": "CategoryFilter" + }, + "NestedFilter": { + "$ref": "#/definitions/AWS::QuickSight::Template.NestedFilter", + "markdownDescription": "A `NestedFilter` filters data with a subset of data that is defined by the nested inner filter.", + "title": "NestedFilter" + }, + "NumericEqualityFilter": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericEqualityFilter", + "markdownDescription": "A `NumericEqualityFilter` filters numeric values that equal or do not equal a given numeric value.", + "title": "NumericEqualityFilter" + }, + "NumericRangeFilter": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericRangeFilter", + "markdownDescription": "A `NumericRangeFilter` filters numeric values that are either inside or outside a given numeric range.", + "title": "NumericRangeFilter" + }, + "RelativeDatesFilter": { + "$ref": "#/definitions/AWS::QuickSight::Template.RelativeDatesFilter", + "markdownDescription": "A `RelativeDatesFilter` filters date values that are relative to a given date.", + "title": "RelativeDatesFilter" + }, + "TimeEqualityFilter": { + "$ref": "#/definitions/AWS::QuickSight::Template.TimeEqualityFilter", + "markdownDescription": "A `TimeEqualityFilter` filters date-time values that equal or do not equal a given date/time value.", + "title": "TimeEqualityFilter" + }, + "TimeRangeFilter": { + "$ref": "#/definitions/AWS::QuickSight::Template.TimeRangeFilter", + "markdownDescription": "A `TimeRangeFilter` filters date-time values that are either inside or outside a given date/time range.", + "title": "TimeRangeFilter" + }, + "TopBottomFilter": { + "$ref": "#/definitions/AWS::QuickSight::Template.TopBottomFilter", + "markdownDescription": "A `TopBottomFilter` filters data to the top or bottom values for a given column.", + "title": "TopBottomFilter" } }, "type": "object" }, - "AWS::QuickSight::Template.BinWidthOptions": { + "AWS::QuickSight::Template.FilterControl": { "additionalProperties": false, "properties": { - "BinCountLimit": { - "markdownDescription": "The options that determine the bin count limit.", - "title": "BinCountLimit", - "type": "number" + "CrossSheet": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterCrossSheetControl", + "markdownDescription": "A control from a filter that is scoped across more than one sheet. This represents your filter control on a sheet", + "title": "CrossSheet" }, - "Value": { - "markdownDescription": "The options that determine the bin width value.", - "title": "Value", - "type": "number" + "DateTimePicker": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterDateTimePickerControl", + "markdownDescription": "A control from a date filter that is used to specify date and time.", + "title": "DateTimePicker" + }, + "Dropdown": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterDropDownControl", + "markdownDescription": "A control to display a dropdown list with buttons that are used to select a single value.", + "title": "Dropdown" + }, + "List": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterListControl", + "markdownDescription": "A control to display a list of buttons or boxes. This is used to select either a single value or multiple values.", + "title": "List" + }, + "RelativeDateTime": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterRelativeDateTimeControl", + "markdownDescription": "A control from a date filter that is used to specify the relative date.", + "title": "RelativeDateTime" + }, + "Slider": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterSliderControl", + "markdownDescription": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle.", + "title": "Slider" + }, + "TextArea": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterTextAreaControl", + "markdownDescription": "A control to display a text box that is used to enter multiple entries.", + "title": "TextArea" + }, + "TextField": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterTextFieldControl", + "markdownDescription": "A control to display a text box that is used to enter a single entry.", + "title": "TextField" } }, "type": "object" }, - "AWS::QuickSight::Template.BodySectionConfiguration": { + "AWS::QuickSight::Template.FilterCrossSheetControl": { "additionalProperties": false, "properties": { - "Content": { - "$ref": "#/definitions/AWS::QuickSight::Template.BodySectionContent", - "markdownDescription": "The configuration of content in a body section.", - "title": "Content" + "CascadingControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.CascadingControlConfiguration", + "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", + "title": "CascadingControlConfiguration" }, - "PageBreakConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.SectionPageBreakConfiguration", - "markdownDescription": "The configuration of a page break for a section.", - "title": "PageBreakConfiguration" + "FilterControlId": { + "markdownDescription": "The ID of the `FilterCrossSheetControl` .", + "title": "FilterControlId", + "type": "string" }, - "SectionId": { - "markdownDescription": "The unique identifier of a body section.", - "title": "SectionId", + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterCrossSheetControl` .", + "title": "SourceFilterId", + "type": "string" + } + }, + "required": [ + "FilterControlId", + "SourceFilterId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.FilterDateTimePickerControl": { + "additionalProperties": false, + "properties": { + "CommitMode": { + "markdownDescription": "The visibility configurationof the Apply button on a `DateTimePickerControl` .", + "title": "CommitMode", "type": "string" }, - "Style": { - "$ref": "#/definitions/AWS::QuickSight::Template.SectionStyle", - "markdownDescription": "The style options of a body section.", - "title": "Style" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DateTimePickerControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterDateTimePickerControl` .", + "title": "FilterControlId", + "type": "string" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterDateTimePickerControl` .", + "title": "SourceFilterId", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `FilterDateTimePickerControl` .", + "title": "Title", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", + "title": "Type", + "type": "string" } }, "required": [ - "Content", - "SectionId" + "FilterControlId", + "SourceFilterId", + "Title" ], "type": "object" }, - "AWS::QuickSight::Template.BodySectionContent": { + "AWS::QuickSight::Template.FilterDropDownControl": { "additionalProperties": false, "properties": { - "Layout": { - "$ref": "#/definitions/AWS::QuickSight::Template.SectionLayoutConfiguration", - "markdownDescription": "The layout configuration of a body section.", - "title": "Layout" + "CascadingControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.CascadingControlConfiguration", + "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", + "title": "CascadingControlConfiguration" + }, + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `FilterDropDownControl` .", + "title": "CommitMode", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DropDownControlDisplayOptions", + "markdownDescription": "The display options of the `FilterDropDownControl` .", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterDropDownControl` .", + "title": "FilterControlId", + "type": "string" + }, + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterDropDownControl` .", + "title": "SourceFilterId", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `FilterDropDownControl` .", + "title": "Title", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", + "title": "Type", + "type": "string" } }, + "required": [ + "FilterControlId", + "SourceFilterId", + "Title" + ], "type": "object" }, - "AWS::QuickSight::Template.BoxPlotAggregatedFieldWells": { + "AWS::QuickSight::Template.FilterGroup": { "additionalProperties": false, "properties": { - "GroupBy": { + "CrossDataset": { + "markdownDescription": "The filter new feature which can apply filter group to all data sets. Choose one of the following options:\n\n- `ALL_DATASETS`\n- `SINGLE_DATASET`", + "title": "CrossDataset", + "type": "string" + }, + "FilterGroupId": { + "markdownDescription": "The value that uniquely identifies a `FilterGroup` within a dashboard, template, or analysis.", + "title": "FilterGroupId", + "type": "string" + }, + "Filters": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Template.Filter" }, - "markdownDescription": "The group by field well of a box plot chart. Values are grouped based on group by fields.", - "title": "GroupBy", + "markdownDescription": "The list of filters that are present in a `FilterGroup` .", + "title": "Filters", "type": "array" }, - "Values": { + "ScopeConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterScopeConfiguration", + "markdownDescription": "The configuration that specifies what scope to apply to a `FilterGroup` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", + "title": "ScopeConfiguration" + }, + "Status": { + "markdownDescription": "The status of the `FilterGroup` .", + "title": "Status", + "type": "string" + } + }, + "required": [ + "CrossDataset", + "FilterGroupId", + "Filters", + "ScopeConfiguration" + ], + "type": "object" + }, + "AWS::QuickSight::Template.FilterListConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryValues": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "type": "string" }, - "markdownDescription": "The value field well of a box plot chart. Values are aggregated based on group by fields.", - "title": "Values", + "markdownDescription": "The list of category values for the filter.", + "title": "CategoryValues", "type": "array" + }, + "MatchOperator": { + "markdownDescription": "The match operator that is used to determine if a filter should be applied.", + "title": "MatchOperator", + "type": "string" + }, + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" + }, + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", + "type": "string" } }, + "required": [ + "MatchOperator" + ], "type": "object" }, - "AWS::QuickSight::Template.BoxPlotChartConfiguration": { + "AWS::QuickSight::Template.FilterListControl": { "additionalProperties": false, "properties": { - "BoxPlotOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotOptions", - "markdownDescription": "The box plot chart options for a box plot visual", - "title": "BoxPlotOptions" - }, - "CategoryAxis": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) of a box plot category.", - "title": "CategoryAxis" + "CascadingControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.CascadingControlConfiguration", + "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", + "title": "CascadingControlConfiguration" }, - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort Icon visibility) of a box plot category.", - "title": "CategoryLabelOptions" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ListControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" + "FilterControlId": { + "markdownDescription": "The ID of the `FilterListControl` .", + "title": "FilterControlId", + "type": "string" }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", - "markdownDescription": "", - "title": "Legend" + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" }, - "PrimaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) of a box plot category.", - "title": "PrimaryYAxisDisplayOptions" + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterListControl` .", + "title": "SourceFilterId", + "type": "string" }, - "PrimaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort icon visibility) of a box plot value.", - "title": "PrimaryYAxisLabelOptions" + "Title": { + "markdownDescription": "The title of the `FilterListControl` .", + "title": "Title", + "type": "string" }, - "ReferenceLines": { + "Type": { + "markdownDescription": "The type of the `FilterListControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "FilterControlId", + "SourceFilterId", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Template.FilterOperationSelectedFieldsConfiguration": { + "additionalProperties": false, + "properties": { + "SelectedColumns": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLine" + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier" }, - "markdownDescription": "The reference line setup of the visual.", - "title": "ReferenceLines", + "markdownDescription": "The selected columns of a dataset.", + "title": "SelectedColumns", "type": "array" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotSortConfiguration", - "markdownDescription": "The sort configuration of a `BoxPlotVisual` .", - "title": "SortConfiguration" - }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" + "SelectedFieldOptions": { + "markdownDescription": "A structure that contains the options that choose which fields are filtered in the `CustomActionFilterOperation` .\n\nValid values are defined as follows:\n\n- `ALL_FIELDS` : Applies the filter operation to all fields.", + "title": "SelectedFieldOptions", + "type": "string" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" + "SelectedFields": { + "items": { + "type": "string" + }, + "markdownDescription": "Chooses the fields that are filtered in `CustomActionFilterOperation` .", + "title": "SelectedFields", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.BoxPlotFieldWells": { + "AWS::QuickSight::Template.FilterOperationTargetVisualsConfiguration": { "additionalProperties": false, "properties": { - "BoxPlotAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a box plot.", - "title": "BoxPlotAggregatedFieldWells" + "SameSheetTargetVisualConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.SameSheetTargetVisualConfiguration", + "markdownDescription": "The configuration of the same-sheet target visuals that you want to be filtered.", + "title": "SameSheetTargetVisualConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Template.BoxPlotOptions": { + "AWS::QuickSight::Template.FilterRelativeDateTimeControl": { "additionalProperties": false, "properties": { - "AllDataPointsVisibility": { - "markdownDescription": "Determines the visibility of all data points of the box plot.", - "title": "AllDataPointsVisibility", + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `FilterRelativeDateTimeControl` .", + "title": "CommitMode", "type": "string" }, - "OutlierVisibility": { - "markdownDescription": "Determines the visibility of the outlier in a box plot.", - "title": "OutlierVisibility", + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.RelativeDateTimeControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterTextAreaControl` .", + "title": "FilterControlId", "type": "string" }, - "StyleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotStyleOptions", - "markdownDescription": "The style options of the box plot.", - "title": "StyleOptions" + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterTextAreaControl` .", + "title": "SourceFilterId", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `FilterTextAreaControl` .", + "title": "Title", + "type": "string" } }, + "required": [ + "FilterControlId", + "SourceFilterId", + "Title" + ], "type": "object" }, - "AWS::QuickSight::Template.BoxPlotSortConfiguration": { + "AWS::QuickSight::Template.FilterScopeConfiguration": { "additionalProperties": false, "properties": { - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of a group by fields.", - "title": "CategorySort", - "type": "array" + "AllSheets": { + "markdownDescription": "The configuration that applies a filter to all sheets. When you choose `AllSheets` as the value for a `FilterScopeConfiguration` , this filter is applied to all visuals of all sheets in an Analysis, Dashboard, or Template. The `AllSheetsFilterScopeConfiguration` is chosen.", + "title": "AllSheets", + "type": "object" }, - "PaginationConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.PaginationConfiguration", - "markdownDescription": "The pagination configuration of a table visual or box plot.", - "title": "PaginationConfiguration" + "SelectedSheets": { + "$ref": "#/definitions/AWS::QuickSight::Template.SelectedSheetsFilterScopeConfiguration", + "markdownDescription": "The configuration for applying a filter to specific sheets.", + "title": "SelectedSheets" } }, "type": "object" }, - "AWS::QuickSight::Template.BoxPlotStyleOptions": { + "AWS::QuickSight::Template.FilterSelectableValues": { "additionalProperties": false, "properties": { - "FillStyle": { - "markdownDescription": "The fill styles (solid, transparent) of the box plot.", - "title": "FillStyle", - "type": "string" + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The values that are used in the `FilterSelectableValues` .", + "title": "Values", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.BoxPlotVisual": { + "AWS::QuickSight::Template.FilterSliderControl": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SliderControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotChartConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "FilterControlId": { + "markdownDescription": "The ID of the `FilterSliderControl` .", + "title": "FilterControlId", + "type": "string" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "MaximumValue": { + "markdownDescription": "The larger value that is displayed at the right of the slider.", + "title": "MaximumValue", + "type": "number" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "MinimumValue": { + "markdownDescription": "The smaller value that is displayed at the left of the slider.", + "title": "MinimumValue", + "type": "number" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterSliderControl` .", + "title": "SourceFilterId", + "type": "string" + }, + "StepSize": { + "markdownDescription": "The number of increments that the slider bar is divided into.", + "title": "StepSize", + "type": "number" }, "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "markdownDescription": "The title of the `FilterSliderControl` .", + "title": "Title", + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "Type": { + "markdownDescription": "The type of the `FilterSliderControl` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range.", + "title": "Type", "type": "string" } }, "required": [ - "VisualId" + "FilterControlId", + "MaximumValue", + "MinimumValue", + "SourceFilterId", + "StepSize", + "Title" ], "type": "object" }, - "AWS::QuickSight::Template.CalculatedField": { + "AWS::QuickSight::Template.FilterTextAreaControl": { "additionalProperties": false, "properties": { - "DataSetIdentifier": { - "markdownDescription": "The data set that is used in this calculated field.", - "title": "DataSetIdentifier", + "Delimiter": { + "markdownDescription": "The delimiter that is used to separate the lines in text.", + "title": "Delimiter", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TextAreaControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterTextAreaControl` .", + "title": "FilterControlId", "type": "string" }, - "Expression": { - "markdownDescription": "The expression of the calculated field.", - "title": "Expression", + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterTextAreaControl` .", + "title": "SourceFilterId", "type": "string" }, - "Name": { - "markdownDescription": "The name of the calculated field.", - "title": "Name", + "Title": { + "markdownDescription": "The title of the `FilterTextAreaControl` .", + "title": "Title", "type": "string" } }, "required": [ - "DataSetIdentifier", - "Expression", - "Name" + "FilterControlId", + "SourceFilterId", + "Title" ], "type": "object" }, - "AWS::QuickSight::Template.CalculatedMeasureField": { + "AWS::QuickSight::Template.FilterTextFieldControl": { "additionalProperties": false, "properties": { - "Expression": { - "markdownDescription": "The expression in the table calculation.", - "title": "Expression", + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TextFieldControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterTextFieldControl` .", + "title": "FilterControlId", "type": "string" }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterTextFieldControl` .", + "title": "SourceFilterId", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `FilterTextFieldControl` .", + "title": "Title", "type": "string" } }, "required": [ - "Expression", - "FieldId" + "FilterControlId", + "SourceFilterId", + "Title" ], "type": "object" }, - "AWS::QuickSight::Template.CascadingControlConfiguration": { - "additionalProperties": false, - "properties": { - "SourceControls": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.CascadingControlSource" - }, - "markdownDescription": "A list of source controls that determine the values that are used in the current control.", - "title": "SourceControls", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.CascadingControlSource": { + "AWS::QuickSight::Template.FontConfiguration": { "additionalProperties": false, "properties": { - "ColumnToMatch": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column identifier that determines which column to look up for the source sheet control.", - "title": "ColumnToMatch" + "FontColor": { + "markdownDescription": "Determines the color of the text.", + "title": "FontColor", + "type": "string" }, - "SourceSheetControlId": { - "markdownDescription": "The source sheet control ID of a `CascadingControlSource` .", - "title": "SourceSheetControlId", + "FontDecoration": { + "markdownDescription": "Determines the appearance of decorative lines on the text.", + "title": "FontDecoration", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.CategoricalDimensionField": { - "additionalProperties": false, - "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that is used in the `CategoricalDimensionField` .", - "title": "Column" }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "FontFamily": { + "markdownDescription": "The font family that you want to use.", + "title": "FontFamily", "type": "string" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.StringFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" + "FontSize": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontSize", + "markdownDescription": "The option that determines the text display size.", + "title": "FontSize" }, - "HierarchyId": { - "markdownDescription": "The custom hierarchy ID.", - "title": "HierarchyId", + "FontStyle": { + "markdownDescription": "Determines the text display face that is inherited by the given font family.", + "title": "FontStyle", "type": "string" + }, + "FontWeight": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontWeight", + "markdownDescription": "The option that determines the text display weight, or boldness.", + "title": "FontWeight" } }, - "required": [ - "Column", - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Template.CategoricalMeasureField": { + "AWS::QuickSight::Template.FontSize": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "markdownDescription": "The aggregation function of the measure field.", - "title": "AggregationFunction", + "Absolute": { + "markdownDescription": "The font size that you want to use in px.", + "title": "Absolute", "type": "string" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that is used in the `CategoricalMeasureField` .", - "title": "Column" - }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "Relative": { + "markdownDescription": "The lexical name for the text size, proportional to its surrounding context.", + "title": "Relative", "type": "string" - }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.StringFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" } }, - "required": [ - "Column", - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Template.CategoryDrillDownFilter": { + "AWS::QuickSight::Template.FontWeight": { "additionalProperties": false, "properties": { - "CategoryValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the string inputs that are the values of the category drill down filter.", - "title": "CategoryValues", - "type": "array" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" + "Name": { + "markdownDescription": "The lexical name for the level of boldness of the text display.", + "title": "Name", + "type": "string" } }, - "required": [ - "CategoryValues", - "Column" - ], "type": "object" }, - "AWS::QuickSight::Template.CategoryFilter": { + "AWS::QuickSight::Template.ForecastComputation": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" }, - "Configuration": { - "$ref": "#/definitions/AWS::QuickSight::Template.CategoryFilterConfiguration", - "markdownDescription": "The configuration for a `CategoryFilter` .", - "title": "Configuration" + "CustomSeasonalityValue": { + "markdownDescription": "The custom seasonality value setup of a forecast computation.", + "title": "CustomSeasonalityValue", + "type": "number" }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" + "LowerBoundary": { + "markdownDescription": "The lower boundary setup of a forecast computation.", + "title": "LowerBoundary", + "type": "number" }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "PeriodsBackward": { + "markdownDescription": "The periods backward setup of a forecast computation.", + "title": "PeriodsBackward", + "type": "number" + }, + "PeriodsForward": { + "markdownDescription": "The periods forward setup of a forecast computation.", + "title": "PeriodsForward", + "type": "number" + }, + "PredictionInterval": { + "markdownDescription": "The prediction interval setup of a forecast computation.", + "title": "PredictionInterval", + "type": "number" + }, + "Seasonality": { + "markdownDescription": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `AUTOMATIC`\n- `CUSTOM` : Checks the custom seasonality value.", + "title": "Seasonality", "type": "string" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + }, + "UpperBoundary": { + "markdownDescription": "The upper boundary setup of a forecast computation.", + "title": "UpperBoundary", + "type": "number" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" } }, "required": [ - "Column", - "Configuration", - "FilterId" + "ComputationId" ], "type": "object" }, - "AWS::QuickSight::Template.CategoryFilterConfiguration": { + "AWS::QuickSight::Template.ForecastConfiguration": { "additionalProperties": false, "properties": { - "CustomFilterConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.CustomFilterConfiguration", - "markdownDescription": "A custom filter that filters based on a single value. This filter can be partially matched.", - "title": "CustomFilterConfiguration" - }, - "CustomFilterListConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.CustomFilterListConfiguration", - "markdownDescription": "A list of custom filter values. In the Amazon QuickSight console, this filter type is called a custom filter list.", - "title": "CustomFilterListConfiguration" + "ForecastProperties": { + "$ref": "#/definitions/AWS::QuickSight::Template.TimeBasedForecastProperties", + "markdownDescription": "The forecast properties setup of a forecast in the line chart.", + "title": "ForecastProperties" }, - "FilterListConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterListConfiguration", - "markdownDescription": "A list of filter configurations. In the Amazon QuickSight console, this filter type is called a filter list.", - "title": "FilterListConfiguration" + "Scenario": { + "$ref": "#/definitions/AWS::QuickSight::Template.ForecastScenario", + "markdownDescription": "The forecast scenario of a forecast in the line chart.", + "title": "Scenario" } }, "type": "object" }, - "AWS::QuickSight::Template.ChartAxisLabelOptions": { + "AWS::QuickSight::Template.ForecastScenario": { "additionalProperties": false, "properties": { - "AxisLabelOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisLabelOptions" - }, - "markdownDescription": "The label options for a chart axis.", - "title": "AxisLabelOptions", - "type": "array" - }, - "SortIconVisibility": { - "markdownDescription": "The visibility configuration of the sort icon on a chart's axis label.", - "title": "SortIconVisibility", - "type": "string" + "WhatIfPointScenario": { + "$ref": "#/definitions/AWS::QuickSight::Template.WhatIfPointScenario", + "markdownDescription": "The what-if analysis forecast setup with the target date.", + "title": "WhatIfPointScenario" }, - "Visibility": { - "markdownDescription": "The visibility of an axis label on a chart. Choose one of the following options:\n\n- `VISIBLE` : Shows the axis.\n- `HIDDEN` : Hides the axis.", - "title": "Visibility", - "type": "string" + "WhatIfRangeScenario": { + "$ref": "#/definitions/AWS::QuickSight::Template.WhatIfRangeScenario", + "markdownDescription": "The what-if analysis forecast setup with the date range.", + "title": "WhatIfRangeScenario" } }, "type": "object" }, - "AWS::QuickSight::Template.ClusterMarker": { + "AWS::QuickSight::Template.FormatConfiguration": { "additionalProperties": false, "properties": { - "SimpleClusterMarker": { - "$ref": "#/definitions/AWS::QuickSight::Template.SimpleClusterMarker", - "markdownDescription": "The simple cluster marker of the cluster marker.", - "title": "SimpleClusterMarker" + "DateTimeFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeFormatConfiguration", + "markdownDescription": "Formatting configuration for `DateTime` fields.", + "title": "DateTimeFormatConfiguration" + }, + "NumberFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumberFormatConfiguration", + "markdownDescription": "Formatting configuration for number fields.", + "title": "NumberFormatConfiguration" + }, + "StringFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.StringFormatConfiguration", + "markdownDescription": "Formatting configuration for string fields.", + "title": "StringFormatConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Template.ClusterMarkerConfiguration": { + "AWS::QuickSight::Template.FreeFormLayoutCanvasSizeOptions": { "additionalProperties": false, "properties": { - "ClusterMarker": { - "$ref": "#/definitions/AWS::QuickSight::Template.ClusterMarker", - "markdownDescription": "The cluster marker that is a part of the cluster marker configuration.", - "title": "ClusterMarker" + "ScreenCanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutScreenCanvasSizeOptions", + "markdownDescription": "The options that determine the sizing of the canvas used in a free-form layout.", + "title": "ScreenCanvasSizeOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.ColorScale": { + "AWS::QuickSight::Template.FreeFormLayoutConfiguration": { "additionalProperties": false, "properties": { - "ColorFillType": { - "markdownDescription": "Determines the color fill type.", - "title": "ColorFillType", - "type": "string" + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutCanvasSizeOptions", + "markdownDescription": "", + "title": "CanvasSizeOptions" }, - "Colors": { + "Elements": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataColor" + "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutElement" }, - "markdownDescription": "Determines the list of colors that are applied to the visual.", - "title": "Colors", + "markdownDescription": "The elements that are included in a free-form layout.", + "title": "Elements", "type": "array" - }, - "NullValueColor": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataColor", - "markdownDescription": "Determines the color that is applied to null values.", - "title": "NullValueColor" } }, "required": [ - "ColorFillType", - "Colors" + "Elements" ], "type": "object" }, - "AWS::QuickSight::Template.ColorsConfiguration": { - "additionalProperties": false, - "properties": { - "CustomColors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.CustomColor" - }, - "markdownDescription": "A list of up to 50 custom colors.", - "title": "CustomColors", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.ColumnConfiguration": { + "AWS::QuickSight::Template.FreeFormLayoutElement": { "additionalProperties": false, "properties": { - "ColorsConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColorsConfiguration", - "markdownDescription": "The color configurations of the column.", - "title": "ColorsConfiguration" + "BackgroundStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutElementBackgroundStyle", + "markdownDescription": "The background style configuration of a free-form layout element.", + "title": "BackgroundStyle" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column.", - "title": "Column" + "BorderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutElementBorderStyle", + "markdownDescription": "The border style configuration of a free-form layout element.", + "title": "BorderStyle" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FormatConfiguration", - "markdownDescription": "The format configuration of a column.", - "title": "FormatConfiguration" + "ElementId": { + "markdownDescription": "A unique identifier for an element within a free-form layout.", + "title": "ElementId", + "type": "string" }, - "Role": { - "markdownDescription": "The role of the column.", - "title": "Role", + "ElementType": { + "markdownDescription": "The type of element.", + "title": "ElementType", "type": "string" - } - }, - "required": [ - "Column" - ], - "type": "object" - }, - "AWS::QuickSight::Template.ColumnGroupColumnSchema": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the column group's column schema.", - "title": "Name", + }, + "Height": { + "markdownDescription": "The height of an element within a free-form layout.", + "title": "Height", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.ColumnGroupSchema": { - "additionalProperties": false, - "properties": { - "ColumnGroupColumnSchemaList": { + }, + "LoadingAnimation": { + "$ref": "#/definitions/AWS::QuickSight::Template.LoadingAnimation", + "markdownDescription": "The loading animation configuration of a free-form layout element.", + "title": "LoadingAnimation" + }, + "RenderingRules": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnGroupColumnSchema" + "$ref": "#/definitions/AWS::QuickSight::Template.SheetElementRenderingRule" }, - "markdownDescription": "A structure containing the list of schemas for column group columns.", - "title": "ColumnGroupColumnSchemaList", + "markdownDescription": "The rendering rules that determine when an element should be displayed within a free-form layout.", + "title": "RenderingRules", "type": "array" }, - "Name": { - "markdownDescription": "The name of the column group schema.", - "title": "Name", + "SelectedBorderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutElementBorderStyle", + "markdownDescription": "The border style configuration of a free-form layout element. This border style is used when the element is selected.", + "title": "SelectedBorderStyle" + }, + "Visibility": { + "markdownDescription": "The visibility of an element within a free-form layout.", + "title": "Visibility", + "type": "object" + }, + "Width": { + "markdownDescription": "The width of an element within a free-form layout.", + "title": "Width", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.ColumnHierarchy": { - "additionalProperties": false, - "properties": { - "DateTimeHierarchy": { - "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeHierarchy", - "markdownDescription": "The option that determines the hierarchy of any `DateTime` fields.", - "title": "DateTimeHierarchy" }, - "ExplicitHierarchy": { - "$ref": "#/definitions/AWS::QuickSight::Template.ExplicitHierarchy", - "markdownDescription": "The option that determines the hierarchy of the fields that are built within a visual's field wells. These fields can't be duplicated to other visuals.", - "title": "ExplicitHierarchy" + "XAxisLocation": { + "markdownDescription": "The x-axis coordinate of the element.", + "title": "XAxisLocation", + "type": "string" }, - "PredefinedHierarchy": { - "$ref": "#/definitions/AWS::QuickSight::Template.PredefinedHierarchy", - "markdownDescription": "The option that determines the hierarchy of the fields that are defined during data preparation. These fields are available to use in any analysis that uses the data source.", - "title": "PredefinedHierarchy" + "YAxisLocation": { + "markdownDescription": "The y-axis coordinate of the element.", + "title": "YAxisLocation", + "type": "string" } }, + "required": [ + "ElementId", + "ElementType", + "Height", + "Width", + "XAxisLocation", + "YAxisLocation" + ], "type": "object" }, - "AWS::QuickSight::Template.ColumnIdentifier": { + "AWS::QuickSight::Template.FreeFormLayoutElementBackgroundStyle": { "additionalProperties": false, "properties": { - "ColumnName": { - "markdownDescription": "The name of the column.", - "title": "ColumnName", + "Color": { + "markdownDescription": "The background color of a free-form layout element.", + "title": "Color", "type": "string" }, - "DataSetIdentifier": { - "markdownDescription": "The data set that the column belongs to.", - "title": "DataSetIdentifier", - "type": "string" + "Visibility": { + "markdownDescription": "The background visibility of a free-form layout element.", + "title": "Visibility", + "type": "object" } }, - "required": [ - "ColumnName", - "DataSetIdentifier" - ], "type": "object" }, - "AWS::QuickSight::Template.ColumnSchema": { + "AWS::QuickSight::Template.FreeFormLayoutElementBorderStyle": { "additionalProperties": false, "properties": { - "DataType": { - "markdownDescription": "The data type of the column schema.", - "title": "DataType", - "type": "string" - }, - "GeographicRole": { - "markdownDescription": "The geographic role of the column schema.", - "title": "GeographicRole", + "Color": { + "markdownDescription": "The border color of a free-form layout element.", + "title": "Color", "type": "string" }, - "Name": { - "markdownDescription": "The name of the column schema.", - "title": "Name", - "type": "string" + "Visibility": { + "markdownDescription": "The border visibility of a free-form layout element.", + "title": "Visibility", + "type": "object" } }, "type": "object" }, - "AWS::QuickSight::Template.ColumnSort": { + "AWS::QuickSight::Template.FreeFormLayoutScreenCanvasSizeOptions": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Template.AggregationFunction", - "markdownDescription": "The aggregation function that is defined in the column sort.", - "title": "AggregationFunction" - }, - "Direction": { - "markdownDescription": "The sort direction.", - "title": "Direction", + "OptimizedViewPortWidth": { + "markdownDescription": "The width that the view port will be optimized for when the layout renders.", + "title": "OptimizedViewPortWidth", "type": "string" - }, - "SortBy": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "", - "title": "SortBy" } }, "required": [ - "Direction", - "SortBy" + "OptimizedViewPortWidth" ], "type": "object" }, - "AWS::QuickSight::Template.ColumnTooltipItem": { + "AWS::QuickSight::Template.FreeFormSectionLayoutConfiguration": { "additionalProperties": false, "properties": { - "Aggregation": { - "$ref": "#/definitions/AWS::QuickSight::Template.AggregationFunction", - "markdownDescription": "The aggregation function of the column tooltip item.", - "title": "Aggregation" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The target column of the tooltip item.", - "title": "Column" - }, - "Label": { - "markdownDescription": "The label of the tooltip item.", - "title": "Label", - "type": "string" - }, - "Visibility": { - "markdownDescription": "The visibility of the tooltip item.", - "title": "Visibility", - "type": "string" + "Elements": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutElement" + }, + "markdownDescription": "The elements that are included in the free-form layout.", + "title": "Elements", + "type": "array" } }, "required": [ - "Column" + "Elements" ], "type": "object" }, - "AWS::QuickSight::Template.ComboChartAggregatedFieldWells": { + "AWS::QuickSight::Template.FunnelChartAggregatedFieldWells": { "additionalProperties": false, "properties": { - "BarValues": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" - }, - "markdownDescription": "The aggregated `BarValues` field well of a combo chart.", - "title": "BarValues", - "type": "array" - }, "Category": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, - "markdownDescription": "The aggregated category field wells of a combo chart.", + "markdownDescription": "The category field wells of a funnel chart. Values are grouped by category fields.", "title": "Category", "type": "array" }, - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The aggregated colors field well of a combo chart.", - "title": "Colors", - "type": "array" - }, - "LineValues": { + "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" }, - "markdownDescription": "The aggregated `LineValues` field well of a combo chart.", - "title": "LineValues", + "markdownDescription": "The value field wells of a funnel chart. Values are aggregated based on categories.", + "title": "Values", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.ComboChartConfiguration": { + "AWS::QuickSight::Template.FunnelChartConfiguration": { "additionalProperties": false, "properties": { - "BarDataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.\n\nThe data label options for a bar in a combo chart.", - "title": "BarDataLabels" - }, - "BarsArrangement": { - "markdownDescription": "Determines the bar arrangement in a combo chart. The following are valid values in this structure:\n\n- `CLUSTERED` : For clustered bar combo charts.\n- `STACKED` : For stacked bar combo charts.\n- `STACKED_PERCENT` : Do not use. If you use this value, the operation returns a validation error.", - "title": "BarsArrangement", - "type": "string" - }, - "CategoryAxis": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", - "markdownDescription": "The category axis of a combo chart.", - "title": "CategoryAxis" - }, "CategoryLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart category (group/color) field well.", + "markdownDescription": "The label options of the categories that are displayed in a `FunnelChartVisual` .", "title": "CategoryLabelOptions" }, - "ColorLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's color field well.", - "title": "ColorLabelOptions" + "DataLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.FunnelChartDataLabelOptions", + "markdownDescription": "The options that determine the presentation of the data labels.", + "title": "DataLabelOptions" }, "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.ComboChartFieldWells", - "markdownDescription": "The field wells of the visual.", + "$ref": "#/definitions/AWS::QuickSight::Template.FunnelChartFieldWells", + "markdownDescription": "The field well configuration of a `FunnelChartVisual` .", "title": "FieldWells" }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" - }, - "LineDataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.\n\nThe data label options for a line in a combo chart.", - "title": "LineDataLabels" - }, - "PrimaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, and axis step) of a combo chart's primary y-axis (bar) field well.", - "title": "PrimaryYAxisDisplayOptions" - }, - "PrimaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's primary y-axis (bar) field well.", - "title": "PrimaryYAxisLabelOptions" - }, - "ReferenceLines": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLine" - }, - "markdownDescription": "The reference line setup of the visual.", - "title": "ReferenceLines", - "type": "array" - }, - "SecondaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) of a combo chart's secondary y-axis (line) field well.", - "title": "SecondaryYAxisDisplayOptions" - }, - "SecondaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's secondary y-axis(line) field well.", - "title": "SecondaryYAxisLabelOptions" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" }, "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ComboChartSortConfiguration", - "markdownDescription": "The sort configuration of a `ComboChartVisual` .", + "$ref": "#/definitions/AWS::QuickSight::Template.FunnelChartSortConfiguration", + "markdownDescription": "The sort configuration of a `FunnelChartVisual` .", "title": "SortConfiguration" }, "Tooltip": { "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", - "markdownDescription": "The legend display setup of the visual.", + "markdownDescription": "The tooltip configuration of a `FunnelChartVisual` .", "title": "Tooltip" }, + "ValueLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options for the values that are displayed in a `FunnelChartVisual` .", + "title": "ValueLabelOptions" + }, "VisualPalette": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", + "markdownDescription": "The visual palette configuration of a `FunnelChartVisual` .", "title": "VisualPalette" } }, "type": "object" }, - "AWS::QuickSight::Template.ComboChartFieldWells": { + "AWS::QuickSight::Template.FunnelChartDataLabelOptions": { "additionalProperties": false, "properties": { - "ComboChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.ComboChartAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a combo chart. Combo charts only have aggregated field wells. Columns in a combo chart are aggregated by category.", - "title": "ComboChartAggregatedFieldWells" + "CategoryLabelVisibility": { + "markdownDescription": "The visibility of the category labels within the data labels.", + "title": "CategoryLabelVisibility", + "type": "object" + }, + "LabelColor": { + "markdownDescription": "The color of the data label text.", + "title": "LabelColor", + "type": "string" + }, + "LabelFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "markdownDescription": "The font configuration for the data labels.\n\nOnly the `FontSize` attribute of the font configuration is used for data labels.", + "title": "LabelFontConfiguration" + }, + "MeasureDataLabelStyle": { + "markdownDescription": "Determines the style of the metric labels.", + "title": "MeasureDataLabelStyle", + "type": "string" + }, + "MeasureLabelVisibility": { + "markdownDescription": "The visibility of the measure labels within the data labels.", + "title": "MeasureLabelVisibility", + "type": "object" + }, + "Position": { + "markdownDescription": "Determines the positioning of the data label relative to a section of the funnel.", + "title": "Position", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility option that determines if data labels are displayed.", + "title": "Visibility", + "type": "object" } }, "type": "object" }, - "AWS::QuickSight::Template.ComboChartSortConfiguration": { + "AWS::QuickSight::Template.FunnelChartFieldWells": { + "additionalProperties": false, + "properties": { + "FunnelChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.FunnelChartAggregatedFieldWells", + "markdownDescription": "The field well configuration of a `FunnelChartVisual` .", + "title": "FunnelChartAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FunnelChartSortConfiguration": { "additionalProperties": false, "properties": { "CategoryItemsLimit": { "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The item limit configuration for the category field well of a combo chart.", + "markdownDescription": "The limit on the number of categories displayed.", "title": "CategoryItemsLimit" }, "CategorySort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" }, - "markdownDescription": "The sort configuration of the category field well in a combo chart.", + "markdownDescription": "The sort configuration of the category fields.", "title": "CategorySort", "type": "array" - }, - "ColorItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The item limit configuration of the color field well in a combo chart.", - "title": "ColorItemsLimit" - }, - "ColorSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the color field well in a combo chart.", - "title": "ColorSort", - "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.ComboChartVisual": { + "AWS::QuickSight::Template.FunnelChartVisual": { "additionalProperties": false, "properties": { "Actions": { @@ -211775,8 +256046,8 @@ "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ComboChartConfiguration", - "markdownDescription": "The configuration settings of the visual.", + "$ref": "#/definitions/AWS::QuickSight::Template.FunnelChartConfiguration", + "markdownDescription": "The configuration of a `FunnelChartVisual` .", "title": "ChartConfiguration" }, "ColumnHierarchies": { @@ -211797,8 +256068,13 @@ "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", "title": "VisualId", "type": "string" } @@ -211808,424 +256084,385 @@ ], "type": "object" }, - "AWS::QuickSight::Template.ComparisonConfiguration": { + "AWS::QuickSight::Template.GaugeChartArcConditionalFormatting": { "additionalProperties": false, "properties": { - "ComparisonFormat": { - "$ref": "#/definitions/AWS::QuickSight::Template.ComparisonFormatConfiguration", - "markdownDescription": "The format of the comparison.", - "title": "ComparisonFormat" - }, - "ComparisonMethod": { - "markdownDescription": "The method of the comparison. Choose from the following options:\n\n- `DIFFERENCE`\n- `PERCENT_DIFFERENCE`\n- `PERCENT`", - "title": "ComparisonMethod", - "type": "string" + "ForegroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the arc foreground color.", + "title": "ForegroundColor" } }, "type": "object" }, - "AWS::QuickSight::Template.ComparisonFormatConfiguration": { + "AWS::QuickSight::Template.GaugeChartColorConfiguration": { "additionalProperties": false, "properties": { - "NumberDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumberDisplayFormatConfiguration", - "markdownDescription": "The number display format.", - "title": "NumberDisplayFormatConfiguration" + "BackgroundColor": { + "markdownDescription": "The background color configuration of a `GaugeChartVisual` .", + "title": "BackgroundColor", + "type": "string" }, - "PercentageDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.PercentageDisplayFormatConfiguration", - "markdownDescription": "The percentage display format.", - "title": "PercentageDisplayFormatConfiguration" + "ForegroundColor": { + "markdownDescription": "The foreground color configuration of a `GaugeChartVisual` .", + "title": "ForegroundColor", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.Computation": { + "AWS::QuickSight::Template.GaugeChartConditionalFormatting": { "additionalProperties": false, "properties": { - "Forecast": { - "$ref": "#/definitions/AWS::QuickSight::Template.ForecastComputation", - "markdownDescription": "The forecast computation configuration.", - "title": "Forecast" - }, - "GrowthRate": { - "$ref": "#/definitions/AWS::QuickSight::Template.GrowthRateComputation", - "markdownDescription": "The growth rate computation configuration.", - "title": "GrowthRate" - }, - "MaximumMinimum": { - "$ref": "#/definitions/AWS::QuickSight::Template.MaximumMinimumComputation", - "markdownDescription": "The maximum and minimum computation configuration.", - "title": "MaximumMinimum" - }, - "MetricComparison": { - "$ref": "#/definitions/AWS::QuickSight::Template.MetricComparisonComputation", - "markdownDescription": "The metric comparison computation configuration.", - "title": "MetricComparison" - }, - "PeriodOverPeriod": { - "$ref": "#/definitions/AWS::QuickSight::Template.PeriodOverPeriodComputation", - "markdownDescription": "The period over period computation configuration.", - "title": "PeriodOverPeriod" - }, - "PeriodToDate": { - "$ref": "#/definitions/AWS::QuickSight::Template.PeriodToDateComputation", - "markdownDescription": "The period to `DataSetIdentifier` computation configuration.", - "title": "PeriodToDate" - }, - "TopBottomMovers": { - "$ref": "#/definitions/AWS::QuickSight::Template.TopBottomMoversComputation", - "markdownDescription": "The top movers and bottom movers computation configuration.", - "title": "TopBottomMovers" - }, - "TopBottomRanked": { - "$ref": "#/definitions/AWS::QuickSight::Template.TopBottomRankedComputation", - "markdownDescription": "The top ranked and bottom ranked computation configuration.", - "title": "TopBottomRanked" - }, - "TotalAggregation": { - "$ref": "#/definitions/AWS::QuickSight::Template.TotalAggregationComputation", - "markdownDescription": "The total aggregation computation configuration.", - "title": "TotalAggregation" - }, - "UniqueValues": { - "$ref": "#/definitions/AWS::QuickSight::Template.UniqueValuesComputation", - "markdownDescription": "The unique values computation configuration.", - "title": "UniqueValues" + "ConditionalFormattingOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartConditionalFormattingOption" + }, + "markdownDescription": "Conditional formatting options of a `GaugeChartVisual` .", + "title": "ConditionalFormattingOptions", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.ConditionalFormattingColor": { + "AWS::QuickSight::Template.GaugeChartConditionalFormattingOption": { "additionalProperties": false, "properties": { - "Gradient": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingGradientColor", - "markdownDescription": "Formatting configuration for gradient color.", - "title": "Gradient" + "Arc": { + "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartArcConditionalFormatting", + "markdownDescription": "The options that determine the presentation of the arc of a `GaugeChartVisual` .", + "title": "Arc" }, - "Solid": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingSolidColor", - "markdownDescription": "Formatting configuration for solid color.", - "title": "Solid" + "PrimaryValue": { + "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartPrimaryValueConditionalFormatting", + "markdownDescription": "The conditional formatting for the primary value of a `GaugeChartVisual` .", + "title": "PrimaryValue" } }, "type": "object" }, - "AWS::QuickSight::Template.ConditionalFormattingCustomIconCondition": { + "AWS::QuickSight::Template.GaugeChartConfiguration": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "Determines the color of the icon.", - "title": "Color", - "type": "string" + "ColorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartColorConfiguration", + "markdownDescription": "The color configuration of a `GaugeChartVisual` .", + "title": "ColorConfiguration" }, - "DisplayConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIconDisplayConfiguration", - "markdownDescription": "Determines the icon display configuration.", - "title": "DisplayConfiguration" + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "markdownDescription": "The data label configuration of a `GaugeChartVisual` .", + "title": "DataLabels" }, - "Expression": { - "markdownDescription": "The expression that determines the condition of the icon set.", - "title": "Expression", - "type": "string" + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartFieldWells", + "markdownDescription": "The field well configuration of a `GaugeChartVisual` .", + "title": "FieldWells" }, - "IconOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingCustomIconOptions", - "markdownDescription": "Custom icon options for an icon set.", - "title": "IconOptions" - } - }, - "required": [ - "Expression", - "IconOptions" - ], - "type": "object" - }, - "AWS::QuickSight::Template.ConditionalFormattingCustomIconOptions": { - "additionalProperties": false, - "properties": { - "Icon": { - "markdownDescription": "Determines the type of icon.", - "title": "Icon", - "type": "string" + "GaugeChartOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartOptions", + "markdownDescription": "The options that determine the presentation of the `GaugeChartVisual` .", + "title": "GaugeChartOptions" }, - "UnicodeIcon": { - "markdownDescription": "Determines the Unicode icon type.", - "title": "UnicodeIcon", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.ConditionalFormattingGradientColor": { - "additionalProperties": false, - "properties": { - "Color": { - "$ref": "#/definitions/AWS::QuickSight::Template.GradientColor", - "markdownDescription": "Determines the color.", - "title": "Color" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" }, - "Expression": { - "markdownDescription": "The expression that determines the formatting configuration for gradient color.", - "title": "Expression", - "type": "string" - } - }, - "required": [ - "Color", - "Expression" - ], - "type": "object" - }, - "AWS::QuickSight::Template.ConditionalFormattingIcon": { - "additionalProperties": false, - "properties": { - "CustomCondition": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingCustomIconCondition", - "markdownDescription": "Determines the custom condition for an icon set.", - "title": "CustomCondition" + "TooltipOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "markdownDescription": "The tooltip configuration of a `GaugeChartVisual` .", + "title": "TooltipOptions" }, - "IconSet": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIconSet", - "markdownDescription": "Formatting configuration for icon set.", - "title": "IconSet" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.ConditionalFormattingIconDisplayConfiguration": { - "additionalProperties": false, - "properties": { - "IconDisplayOption": { - "markdownDescription": "Determines the icon display configuration.", - "title": "IconDisplayOption", - "type": "string" + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "markdownDescription": "The visual palette configuration of a `GaugeChartVisual` .", + "title": "VisualPalette" } }, "type": "object" }, - "AWS::QuickSight::Template.ConditionalFormattingIconSet": { + "AWS::QuickSight::Template.GaugeChartFieldWells": { "additionalProperties": false, "properties": { - "Expression": { - "markdownDescription": "The expression that determines the formatting configuration for the icon set.", - "title": "Expression", - "type": "string" + "TargetValues": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The target value field wells of a `GaugeChartVisual` .", + "title": "TargetValues", + "type": "array" }, - "IconSetType": { - "markdownDescription": "Determines the icon set type.", - "title": "IconSetType", - "type": "string" + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The value field wells of a `GaugeChartVisual` .", + "title": "Values", + "type": "array" } }, - "required": [ - "Expression" - ], "type": "object" }, - "AWS::QuickSight::Template.ConditionalFormattingSolidColor": { + "AWS::QuickSight::Template.GaugeChartOptions": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "Determines the color.", - "title": "Color", - "type": "string" + "Arc": { + "$ref": "#/definitions/AWS::QuickSight::Template.ArcConfiguration", + "markdownDescription": "The arc configuration of a `GaugeChartVisual` .", + "title": "Arc" }, - "Expression": { - "markdownDescription": "The expression that determines the formatting configuration for solid color.", - "title": "Expression", + "ArcAxis": { + "$ref": "#/definitions/AWS::QuickSight::Template.ArcAxisConfiguration", + "markdownDescription": "The arc axis configuration of a `GaugeChartVisual` .", + "title": "ArcAxis" + }, + "Comparison": { + "$ref": "#/definitions/AWS::QuickSight::Template.ComparisonConfiguration", + "markdownDescription": "The comparison configuration of a `GaugeChartVisual` .", + "title": "Comparison" + }, + "PrimaryValueDisplayType": { + "markdownDescription": "The options that determine the primary value display type.", + "title": "PrimaryValueDisplayType", "type": "string" + }, + "PrimaryValueFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "markdownDescription": "The options that determine the primary value font configuration.", + "title": "PrimaryValueFontConfiguration" } }, - "required": [ - "Expression" - ], "type": "object" }, - "AWS::QuickSight::Template.ContributionAnalysisDefault": { + "AWS::QuickSight::Template.GaugeChartPrimaryValueConditionalFormatting": { "additionalProperties": false, "properties": { - "ContributorDimensions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier" - }, - "markdownDescription": "The dimensions columns that are used in the contribution analysis, usually a list of `ColumnIdentifiers` .", - "title": "ContributorDimensions", - "type": "array" + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting of the primary value icon.", + "title": "Icon" }, - "MeasureFieldId": { - "markdownDescription": "The measure field that is used in the contribution analysis.", - "title": "MeasureFieldId", - "type": "string" + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the primary value text color.", + "title": "TextColor" } }, - "required": [ - "ContributorDimensions", - "MeasureFieldId" - ], "type": "object" }, - "AWS::QuickSight::Template.CurrencyDisplayFormatConfiguration": { + "AWS::QuickSight::Template.GaugeChartVisual": { "additionalProperties": false, "properties": { - "DecimalPlacesConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DecimalPlacesConfiguration", - "markdownDescription": "The option that determines the decimal places configuration.", - "title": "DecimalPlacesConfiguration" - }, - "NegativeValueConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NegativeValueConfiguration", - "markdownDescription": "The options that determine the negative value configuration.", - "title": "NegativeValueConfiguration" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" }, - "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NullValueFormatConfiguration", - "markdownDescription": "The options that determine the null value format configuration.", - "title": "NullValueFormatConfiguration" + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartConfiguration", + "markdownDescription": "The configuration of a `GaugeChartVisual` .", + "title": "ChartConfiguration" }, - "NumberScale": { - "markdownDescription": "Determines the number scale value for the currency format.", - "title": "NumberScale", - "type": "string" + "ConditionalFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartConditionalFormatting", + "markdownDescription": "The conditional formatting of a `GaugeChartVisual` .", + "title": "ConditionalFormatting" }, - "Prefix": { - "markdownDescription": "Determines the prefix value of the currency format.", - "title": "Prefix", - "type": "string" + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" }, - "SeparatorConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericSeparatorConfiguration", - "markdownDescription": "The options that determine the numeric separator configuration.", - "title": "SeparatorConfiguration" + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" }, - "Suffix": { - "markdownDescription": "Determines the suffix value of the currency format.", - "title": "Suffix", + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", "type": "string" }, - "Symbol": { - "markdownDescription": "Determines the symbol for the currency format.", - "title": "Symbol", + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", "type": "string" } }, + "required": [ + "VisualId" + ], "type": "object" }, - "AWS::QuickSight::Template.CustomActionFilterOperation": { + "AWS::QuickSight::Template.GeospatialCoordinateBounds": { "additionalProperties": false, "properties": { - "SelectedFieldsConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterOperationSelectedFieldsConfiguration", - "markdownDescription": "The configuration that chooses the fields to be filtered.", - "title": "SelectedFieldsConfiguration" + "East": { + "markdownDescription": "The longitude of the east bound of the geospatial coordinate bounds.", + "title": "East", + "type": "number" }, - "TargetVisualsConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterOperationTargetVisualsConfiguration", - "markdownDescription": "The configuration that chooses the target visuals to be filtered.", - "title": "TargetVisualsConfiguration" + "North": { + "markdownDescription": "The latitude of the north bound of the geospatial coordinate bounds.", + "title": "North", + "type": "number" + }, + "South": { + "markdownDescription": "The latitude of the south bound of the geospatial coordinate bounds.", + "title": "South", + "type": "number" + }, + "West": { + "markdownDescription": "The longitude of the west bound of the geospatial coordinate bounds.", + "title": "West", + "type": "number" } }, "required": [ - "SelectedFieldsConfiguration", - "TargetVisualsConfiguration" + "East", + "North", + "South", + "West" ], "type": "object" }, - "AWS::QuickSight::Template.CustomActionNavigationOperation": { + "AWS::QuickSight::Template.GeospatialHeatmapColorScale": { "additionalProperties": false, "properties": { - "LocalNavigationConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.LocalNavigationConfiguration", - "markdownDescription": "The configuration that chooses the navigation target.", - "title": "LocalNavigationConfiguration" + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialHeatmapDataColor" + }, + "markdownDescription": "The list of colors to be used in heatmap point style.", + "title": "Colors", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.CustomActionSetParametersOperation": { + "AWS::QuickSight::Template.GeospatialHeatmapConfiguration": { "additionalProperties": false, "properties": { - "ParameterValueConfigurations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.SetParameterValueConfiguration" - }, - "markdownDescription": "The parameter that determines the value configuration.", - "title": "ParameterValueConfigurations", - "type": "array" + "HeatmapColor": { + "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialHeatmapColorScale", + "markdownDescription": "The color scale specification for the heatmap point style.", + "title": "HeatmapColor" } }, - "required": [ - "ParameterValueConfigurations" - ], "type": "object" }, - "AWS::QuickSight::Template.CustomActionURLOperation": { + "AWS::QuickSight::Template.GeospatialHeatmapDataColor": { "additionalProperties": false, "properties": { - "URLTarget": { - "markdownDescription": "The target of the `CustomActionURLOperation` .\n\nValid values are defined as follows:\n\n- `NEW_TAB` : Opens the target URL in a new browser tab.\n- `NEW_WINDOW` : Opens the target URL in a new browser window.\n- `SAME_TAB` : Opens the target URL in the same browser tab.", - "title": "URLTarget", - "type": "string" - }, - "URLTemplate": { - "markdownDescription": "THe URL link of the `CustomActionURLOperation` .", - "title": "URLTemplate", + "Color": { + "markdownDescription": "The hex color to be used in the heatmap point style.", + "title": "Color", "type": "string" } }, "required": [ - "URLTarget", - "URLTemplate" + "Color" ], "type": "object" }, - "AWS::QuickSight::Template.CustomColor": { + "AWS::QuickSight::Template.GeospatialMapAggregatedFieldWells": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The color that is applied to the data value.", - "title": "Color", - "type": "string" + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The color field wells of a geospatial map.", + "title": "Colors", + "type": "array" }, - "FieldValue": { - "markdownDescription": "The data value that the color is applied to.", - "title": "FieldValue", - "type": "string" + "Geospatial": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The geospatial field wells of a geospatial map. Values are grouped by geospatial fields.", + "title": "Geospatial", + "type": "array" }, - "SpecialValue": { - "markdownDescription": "The value of a special data value.", - "title": "SpecialValue", - "type": "string" + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The size field wells of a geospatial map. Values are aggregated based on geospatial fields.", + "title": "Values", + "type": "array" } }, - "required": [ - "Color" - ], "type": "object" }, - "AWS::QuickSight::Template.CustomContentConfiguration": { + "AWS::QuickSight::Template.GeospatialMapConfiguration": { "additionalProperties": false, "properties": { - "ContentType": { - "markdownDescription": "The content type of the custom content visual. You can use this to have the visual render as an image.", - "title": "ContentType", - "type": "string" + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialMapFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" }, - "ContentUrl": { - "markdownDescription": "The input URL that links to the custom content that you want in the custom visual.", - "title": "ContentUrl", - "type": "string" + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" }, - "ImageScaling": { - "markdownDescription": "The sizing options for the size of the custom content visual. This structure is required when the `ContentType` of the visual is `'IMAGE'` .", - "title": "ImageScaling", + "MapStyleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialMapStyleOptions", + "markdownDescription": "The map style options of the geospatial map.", + "title": "MapStyleOptions" + }, + "PointStyleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialPointStyleOptions", + "markdownDescription": "The point style options of the geospatial map.", + "title": "PointStyleOptions" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "markdownDescription": "", + "title": "VisualPalette" + }, + "WindowOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialWindowOptions", + "markdownDescription": "The window options of the geospatial map.", + "title": "WindowOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.GeospatialMapFieldWells": { + "additionalProperties": false, + "properties": { + "GeospatialMapAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialMapAggregatedFieldWells", + "markdownDescription": "The aggregated field well for a geospatial map.", + "title": "GeospatialMapAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.GeospatialMapStyleOptions": { + "additionalProperties": false, + "properties": { + "BaseMapStyle": { + "markdownDescription": "The base map style of the geospatial map.", + "title": "BaseMapStyle", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.CustomContentVisual": { + "AWS::QuickSight::Template.GeospatialMapVisual": { "additionalProperties": false, "properties": { "Actions": { @@ -212237,14 +256474,17 @@ "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.CustomContentConfiguration", - "markdownDescription": "The configuration of a `CustomContentVisual` .", + "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialMapConfiguration", + "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, - "DataSetIdentifier": { - "markdownDescription": "The dataset that is used to create the custom content visual. You can't create a visual without a dataset.", - "title": "DataSetIdentifier", - "type": "string" + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", @@ -212256,717 +256496,774 @@ "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", "title": "VisualId", "type": "string" } }, "required": [ - "DataSetIdentifier", "VisualId" ], "type": "object" }, - "AWS::QuickSight::Template.CustomFilterConfiguration": { + "AWS::QuickSight::Template.GeospatialPointStyleOptions": { "additionalProperties": false, "properties": { - "CategoryValue": { - "markdownDescription": "The category value for the filter.\n\nThis field is mutually exclusive to `ParameterName` .", - "title": "CategoryValue", - "type": "string" + "ClusterMarkerConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ClusterMarkerConfiguration", + "markdownDescription": "The cluster marker configuration of the geospatial point style.", + "title": "ClusterMarkerConfiguration" }, - "MatchOperator": { - "markdownDescription": "The match operator that is used to determine if a filter should be applied.", - "title": "MatchOperator", - "type": "string" + "HeatmapConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialHeatmapConfiguration", + "markdownDescription": "The heatmap configuration of the geospatial point style.", + "title": "HeatmapConfiguration" }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", + "SelectedPointStyle": { + "markdownDescription": "The selected point styles (point, cluster) of the geospatial map.", + "title": "SelectedPointStyle", "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.GeospatialWindowOptions": { + "additionalProperties": false, + "properties": { + "Bounds": { + "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialCoordinateBounds", + "markdownDescription": "The bounds options (north, south, west, east) of the geospatial window options.", + "title": "Bounds" }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `CategoryValue` .", - "title": "ParameterName", + "MapZoomMode": { + "markdownDescription": "The map zoom modes (manual, auto) of the geospatial window options.", + "title": "MapZoomMode", "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.GlobalTableBorderOptions": { + "additionalProperties": false, + "properties": { + "SideSpecificBorder": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableSideBorderOptions", + "markdownDescription": "Determines the options for side specific border.", + "title": "SideSpecificBorder" }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", - "type": "string" + "UniformBorder": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", + "markdownDescription": "Determines the options for uniform border.", + "title": "UniformBorder" } }, - "required": [ - "MatchOperator", - "NullOption" - ], "type": "object" }, - "AWS::QuickSight::Template.CustomFilterListConfiguration": { + "AWS::QuickSight::Template.GradientColor": { "additionalProperties": false, "properties": { - "CategoryValues": { + "Stops": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Template.GradientStop" }, - "markdownDescription": "The list of category values for the filter.", - "title": "CategoryValues", + "markdownDescription": "The list of gradient color stops.", + "title": "Stops", "type": "array" - }, - "MatchOperator": { - "markdownDescription": "The match operator that is used to determine if a filter should be applied.", - "title": "MatchOperator", + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.GradientStop": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "Determines the color.", + "title": "Color", "type": "string" }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", - "type": "string" + "DataValue": { + "markdownDescription": "Determines the data value.", + "title": "DataValue", + "type": "number" }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", - "type": "string" + "GradientOffset": { + "markdownDescription": "Determines gradient offset value.", + "title": "GradientOffset", + "type": "number" } }, "required": [ - "MatchOperator", - "NullOption" + "GradientOffset" ], "type": "object" }, - "AWS::QuickSight::Template.CustomNarrativeOptions": { + "AWS::QuickSight::Template.GridLayoutCanvasSizeOptions": { "additionalProperties": false, "properties": { - "Narrative": { - "markdownDescription": "The string input of custom narrative.", - "title": "Narrative", - "type": "string" + "ScreenCanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.GridLayoutScreenCanvasSizeOptions", + "markdownDescription": "The options that determine the sizing of the canvas used in a grid layout.", + "title": "ScreenCanvasSizeOptions" } }, - "required": [ - "Narrative" - ], "type": "object" }, - "AWS::QuickSight::Template.CustomParameterValues": { + "AWS::QuickSight::Template.GridLayoutConfiguration": { "additionalProperties": false, "properties": { - "DateTimeValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of datetime-type parameter values.", - "title": "DateTimeValues", - "type": "array" - }, - "DecimalValues": { - "items": { - "type": "number" - }, - "markdownDescription": "A list of decimal-type parameter values.", - "title": "DecimalValues", - "type": "array" - }, - "IntegerValues": { - "items": { - "type": "number" - }, - "markdownDescription": "A list of integer-type parameter values.", - "title": "IntegerValues", - "type": "array" + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.GridLayoutCanvasSizeOptions", + "markdownDescription": "", + "title": "CanvasSizeOptions" }, - "StringValues": { + "Elements": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Template.GridLayoutElement" }, - "markdownDescription": "A list of string-type parameter values.", - "title": "StringValues", + "markdownDescription": "The elements that are included in a grid layout.", + "title": "Elements", "type": "array" } }, + "required": [ + "Elements" + ], "type": "object" }, - "AWS::QuickSight::Template.CustomValuesConfiguration": { + "AWS::QuickSight::Template.GridLayoutElement": { "additionalProperties": false, "properties": { - "CustomValues": { - "$ref": "#/definitions/AWS::QuickSight::Template.CustomParameterValues", - "markdownDescription": "", - "title": "CustomValues" + "ColumnIndex": { + "markdownDescription": "The column index for the upper left corner of an element.", + "title": "ColumnIndex", + "type": "number" }, - "IncludeNullValue": { - "markdownDescription": "Includes the null value in custom action parameter values.", - "title": "IncludeNullValue", - "type": "boolean" + "ColumnSpan": { + "markdownDescription": "The width of a grid element expressed as a number of grid columns.", + "title": "ColumnSpan", + "type": "number" + }, + "ElementId": { + "markdownDescription": "A unique identifier for an element within a grid layout.", + "title": "ElementId", + "type": "string" + }, + "ElementType": { + "markdownDescription": "The type of element.", + "title": "ElementType", + "type": "string" + }, + "RowIndex": { + "markdownDescription": "The row index for the upper left corner of an element.", + "title": "RowIndex", + "type": "number" + }, + "RowSpan": { + "markdownDescription": "The height of a grid element expressed as a number of grid rows.", + "title": "RowSpan", + "type": "number" } }, "required": [ - "CustomValues" + "ColumnSpan", + "ElementId", + "ElementType", + "RowSpan" ], "type": "object" }, - "AWS::QuickSight::Template.DataBarsOptions": { + "AWS::QuickSight::Template.GridLayoutScreenCanvasSizeOptions": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID for the data bars options.", - "title": "FieldId", - "type": "string" - }, - "NegativeColor": { - "markdownDescription": "The color of the negative data bar.", - "title": "NegativeColor", + "OptimizedViewPortWidth": { + "markdownDescription": "The width that the view port will be optimized for when the layout renders.", + "title": "OptimizedViewPortWidth", "type": "string" }, - "PositiveColor": { - "markdownDescription": "The color of the positive data bar.", - "title": "PositiveColor", + "ResizeOption": { + "markdownDescription": "This value determines the layout behavior when the viewport is resized.\n\n- `FIXED` : A fixed width will be used when optimizing the layout. In the Amazon QuickSight console, this option is called `Classic` .\n- `RESPONSIVE` : The width of the canvas will be responsive and optimized to the view port. In the Amazon QuickSight console, this option is called `Tiled` .", + "title": "ResizeOption", "type": "string" } }, "required": [ - "FieldId" + "ResizeOption" ], "type": "object" }, - "AWS::QuickSight::Template.DataColor": { + "AWS::QuickSight::Template.GrowthRateComputation": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The color that is applied to the data value.", - "title": "Color", + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", "type": "string" }, - "DataValue": { - "markdownDescription": "The data value that the color is applied to.", - "title": "DataValue", + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "PeriodSize": { + "markdownDescription": "The period size setup of a growth rate computation.", + "title": "PeriodSize", "type": "number" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" } }, + "required": [ + "ComputationId" + ], "type": "object" }, - "AWS::QuickSight::Template.DataFieldSeriesItem": { + "AWS::QuickSight::Template.HeaderFooterSectionConfiguration": { "additionalProperties": false, "properties": { - "AxisBinding": { - "markdownDescription": "The axis that you are binding the field to.", - "title": "AxisBinding", - "type": "string" - }, - "FieldId": { - "markdownDescription": "The field ID of the field that you are setting the axis binding to.", - "title": "FieldId", - "type": "string" + "Layout": { + "$ref": "#/definitions/AWS::QuickSight::Template.SectionLayoutConfiguration", + "markdownDescription": "The layout configuration of the header or footer section.", + "title": "Layout" }, - "FieldValue": { - "markdownDescription": "The field value of the field that you are setting the axis binding to.", - "title": "FieldValue", + "SectionId": { + "markdownDescription": "The unique identifier of the header or footer section.", + "title": "SectionId", "type": "string" }, - "Settings": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineChartSeriesSettings", - "markdownDescription": "The options that determine the presentation of line series associated to the field.", - "title": "Settings" + "Style": { + "$ref": "#/definitions/AWS::QuickSight::Template.SectionStyle", + "markdownDescription": "The style options of a header or footer section.", + "title": "Style" } }, "required": [ - "AxisBinding", - "FieldId" + "Layout", + "SectionId" ], "type": "object" }, - "AWS::QuickSight::Template.DataLabelOptions": { + "AWS::QuickSight::Template.HeatMapAggregatedFieldWells": { "additionalProperties": false, "properties": { - "CategoryLabelVisibility": { - "markdownDescription": "Determines the visibility of the category field labels.", - "title": "CategoryLabelVisibility", - "type": "string" - }, - "DataLabelTypes": { + "Columns": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelType" + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, - "markdownDescription": "The option that determines the data label type.", - "title": "DataLabelTypes", + "markdownDescription": "The columns field well of a heat map.", + "title": "Columns", "type": "array" }, - "LabelColor": { - "markdownDescription": "Determines the color of the data labels.", - "title": "LabelColor", - "type": "string" - }, - "LabelContent": { - "markdownDescription": "Determines the content of the data labels.", - "title": "LabelContent", - "type": "string" - }, - "LabelFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", - "markdownDescription": "Determines the font configuration of the data labels.", - "title": "LabelFontConfiguration" - }, - "MeasureLabelVisibility": { - "markdownDescription": "Determines the visibility of the measure field labels.", - "title": "MeasureLabelVisibility", - "type": "string" - }, - "Overlap": { - "markdownDescription": "Determines whether overlap is enabled or disabled for the data labels.", - "title": "Overlap", - "type": "string" - }, - "Position": { - "markdownDescription": "Determines the position of the data labels.", - "title": "Position", - "type": "string" - }, - "TotalsVisibility": { - "markdownDescription": "Determines the visibility of the total.", - "title": "TotalsVisibility", - "type": "string" + "Rows": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The rows field well of a heat map.", + "title": "Rows", + "type": "array" }, - "Visibility": { - "markdownDescription": "Determines the visibility of the data labels.", - "title": "Visibility", - "type": "string" + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The values field well of a heat map.", + "title": "Values", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.DataLabelType": { + "AWS::QuickSight::Template.HeatMapConfiguration": { "additionalProperties": false, "properties": { - "DataPathLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataPathLabelType", - "markdownDescription": "The option that specifies individual data values for labels.", - "title": "DataPathLabelType" + "ColorScale": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColorScale", + "markdownDescription": "The color options (gradient color, point of divergence) in a heat map.", + "title": "ColorScale" }, - "FieldLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldLabelType", - "markdownDescription": "Determines the label configuration for the entire field.", - "title": "FieldLabelType" + "ColumnLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options of the column that is displayed in a heat map.", + "title": "ColumnLabelOptions" }, - "MaximumLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Template.MaximumLabelType", - "markdownDescription": "Determines the label configuration for the maximum value in a visual.", - "title": "MaximumLabelType" + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.", + "title": "DataLabels" }, - "MinimumLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Template.MinimumLabelType", - "markdownDescription": "Determines the label configuration for the minimum value in a visual.", - "title": "MinimumLabelType" + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.HeatMapFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" }, - "RangeEndsLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Template.RangeEndsLabelType", - "markdownDescription": "Determines the label configuration for range end value in a visual.", - "title": "RangeEndsLabelType" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "RowLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options of the row that is displayed in a `heat map` .", + "title": "RowLabelOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.HeatMapSortConfiguration", + "markdownDescription": "The sort configuration of a heat map.", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" } }, "type": "object" }, - "AWS::QuickSight::Template.DataPathColor": { + "AWS::QuickSight::Template.HeatMapFieldWells": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The color that needs to be applied to the element.", - "title": "Color", - "type": "string" - }, - "Element": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataPathValue", - "markdownDescription": "The element that the color needs to be applied to.", - "title": "Element" - }, - "TimeGranularity": { - "markdownDescription": "The time granularity of the field that the color needs to be applied to.", - "title": "TimeGranularity", - "type": "string" + "HeatMapAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.HeatMapAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a heat map.", + "title": "HeatMapAggregatedFieldWells" } }, - "required": [ - "Color", - "Element" - ], "type": "object" }, - "AWS::QuickSight::Template.DataPathLabelType": { + "AWS::QuickSight::Template.HeatMapSortConfiguration": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID of the field that the data label needs to be applied to.", - "title": "FieldId", - "type": "string" + "HeatMapColumnItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of columns that are displayed in a heat map.", + "title": "HeatMapColumnItemsLimitConfiguration" }, - "FieldValue": { - "markdownDescription": "The actual value of the field that is labeled.", - "title": "FieldValue", - "type": "string" + "HeatMapColumnSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The column sort configuration for heat map for columns that aren't a part of a field well.", + "title": "HeatMapColumnSort", + "type": "array" }, - "Visibility": { - "markdownDescription": "The visibility of the data label.", - "title": "Visibility", - "type": "string" + "HeatMapRowItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of rows that are displayed in a heat map.", + "title": "HeatMapRowItemsLimitConfiguration" + }, + "HeatMapRowSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The field sort configuration of the rows fields.", + "title": "HeatMapRowSort", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.DataPathSort": { + "AWS::QuickSight::Template.HeatMapVisual": { "additionalProperties": false, "properties": { - "Direction": { - "markdownDescription": "Determines the sort direction.", - "title": "Direction", - "type": "string" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" }, - "SortPaths": { + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.HeatMapConfiguration", + "markdownDescription": "The configuration of a heat map.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataPathValue" + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" }, - "markdownDescription": "The list of data paths that need to be sorted.", - "title": "SortPaths", + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" } }, "required": [ - "Direction", - "SortPaths" + "VisualId" ], "type": "object" }, - "AWS::QuickSight::Template.DataPathType": { + "AWS::QuickSight::Template.HistogramAggregatedFieldWells": { "additionalProperties": false, "properties": { - "PivotTableDataPathType": { - "markdownDescription": "The type of data path value utilized in a pivot table. Choose one of the following options:\n\n- `HIERARCHY_ROWS_LAYOUT_COLUMN` - The type of data path for the rows layout column, when `RowsLayout` is set to `HIERARCHY` .\n- `MULTIPLE_ROW_METRICS_COLUMN` - The type of data path for the metric column when the row is set to Metric Placement.\n- `EMPTY_COLUMN_HEADER` - The type of data path for the column with empty column header, when there is no field in `ColumnsFieldWell` and the row is set to Metric Placement.\n- `COUNT_METRIC_COLUMN` - The type of data path for the column with `COUNT` as the metric, when there is no field in the `ValuesFieldWell` .", - "title": "PivotTableDataPathType", - "type": "string" + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The value field wells of a histogram. Values are aggregated by `COUNT` or `DISTINCT_COUNT` .", + "title": "Values", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.DataPathValue": { + "AWS::QuickSight::Template.HistogramBinOptions": { "additionalProperties": false, "properties": { - "DataPathType": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataPathType", - "markdownDescription": "The type configuration of the field.", - "title": "DataPathType" + "BinCount": { + "$ref": "#/definitions/AWS::QuickSight::Template.BinCountOptions", + "markdownDescription": "The options that determine the bin count of a histogram.", + "title": "BinCount" }, - "FieldId": { - "markdownDescription": "The field ID of the field that needs to be sorted.", - "title": "FieldId", - "type": "string" + "BinWidth": { + "$ref": "#/definitions/AWS::QuickSight::Template.BinWidthOptions", + "markdownDescription": "The options that determine the bin width of a histogram.", + "title": "BinWidth" }, - "FieldValue": { - "markdownDescription": "The actual value of the field that needs to be sorted.", - "title": "FieldValue", + "SelectedBinType": { + "markdownDescription": "The options that determine the selected bin type.", + "title": "SelectedBinType", "type": "string" + }, + "StartValue": { + "markdownDescription": "The options that determine the bin start value.", + "title": "StartValue", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Template.DataSetConfiguration": { + "AWS::QuickSight::Template.HistogramConfiguration": { "additionalProperties": false, "properties": { - "ColumnGroupSchemaList": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnGroupSchema" - }, - "markdownDescription": "A structure containing the list of column group schemas.", - "title": "ColumnGroupSchemaList", - "type": "array" + "BinOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.HistogramBinOptions", + "markdownDescription": "The options that determine the presentation of histogram bins.", + "title": "BinOptions" }, - "DataSetSchema": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataSetSchema", - "markdownDescription": "Dataset schema.", - "title": "DataSetSchema" + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "markdownDescription": "The data label configuration of a histogram.", + "title": "DataLabels" }, - "Placeholder": { - "markdownDescription": "Placeholder.", - "title": "Placeholder", - "type": "string" + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.HistogramFieldWells", + "markdownDescription": "The field well configuration of a histogram.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "markdownDescription": "The tooltip configuration of a histogram.", + "title": "Tooltip" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "markdownDescription": "The visual palette configuration of a histogram.", + "title": "VisualPalette" + }, + "XAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the x-axis.", + "title": "XAxisDisplayOptions" + }, + "XAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the x-axis label.", + "title": "XAxisLabelOptions" + }, + "YAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the y-axis.", + "title": "YAxisDisplayOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.DataSetReference": { + "AWS::QuickSight::Template.HistogramFieldWells": { "additionalProperties": false, "properties": { - "DataSetArn": { - "markdownDescription": "Dataset Amazon Resource Name (ARN).", - "title": "DataSetArn", - "type": "string" - }, - "DataSetPlaceholder": { - "markdownDescription": "Dataset placeholder.", - "title": "DataSetPlaceholder", - "type": "string" + "HistogramAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.HistogramAggregatedFieldWells", + "markdownDescription": "The field well configuration of a histogram.", + "title": "HistogramAggregatedFieldWells" } }, - "required": [ - "DataSetArn", - "DataSetPlaceholder" - ], "type": "object" }, - "AWS::QuickSight::Template.DataSetSchema": { + "AWS::QuickSight::Template.HistogramVisual": { "additionalProperties": false, "properties": { - "ColumnSchemaList": { + "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnSchema" + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" }, - "markdownDescription": "A structure containing the list of column schemas.", - "title": "ColumnSchemaList", + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.DateAxisOptions": { - "additionalProperties": false, - "properties": { - "MissingDateVisibility": { - "markdownDescription": "Determines whether or not missing dates are displayed.", - "title": "MissingDateVisibility", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.DateDimensionField": { - "additionalProperties": false, - "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that is used in the `DateDimensionField` .", - "title": "Column" }, - "DateGranularity": { - "markdownDescription": "The date granularity of the `DateDimensionField` . Choose one of the following options:\n\n- `YEAR`\n- `QUARTER`\n- `MONTH`\n- `WEEK`\n- `DAY`\n- `HOUR`\n- `MINUTE`\n- `SECOND`\n- `MILLISECOND`", - "title": "DateGranularity", - "type": "string" + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.HistogramConfiguration", + "markdownDescription": "The configuration for a `HistogramVisual` .", + "title": "ChartConfiguration" }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", - "type": "string" + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" }, - "HierarchyId": { - "markdownDescription": "The custom hierarchy ID.", - "title": "HierarchyId", + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", "type": "string" } }, "required": [ - "Column", - "FieldId" + "VisualId" ], "type": "object" }, - "AWS::QuickSight::Template.DateMeasureField": { + "AWS::QuickSight::Template.ImageCustomAction": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "markdownDescription": "The aggregation function of the measure field.", - "title": "AggregationFunction", + "ActionOperations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ImageCustomActionOperation" + }, + "markdownDescription": "A list of `ImageCustomActionOperations` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", + "title": "ActionOperations", + "type": "array" + }, + "CustomActionId": { + "markdownDescription": "The ID of the custom action.", + "title": "CustomActionId", "type": "string" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that is used in the `DateMeasureField` .", - "title": "Column" + "Name": { + "markdownDescription": "The name of the custom action.", + "title": "Name", + "type": "string" }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "Status": { + "markdownDescription": "The status of the custom action.", + "title": "Status", "type": "string" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" + "Trigger": { + "markdownDescription": "The trigger of the `VisualCustomAction` .\n\nValid values are defined as follows:\n\n- `CLICK` : Initiates a custom action by a left pointer click on a data point.\n- `MENU` : Initiates a custom action by right pointer click from the menu.", + "title": "Trigger", + "type": "string" } }, "required": [ - "Column", - "FieldId" + "ActionOperations", + "CustomActionId", + "Name", + "Trigger" ], "type": "object" }, - "AWS::QuickSight::Template.DateTimeDefaultValues": { + "AWS::QuickSight::Template.ImageCustomActionOperation": { "additionalProperties": false, "properties": { - "DynamicValue": { - "$ref": "#/definitions/AWS::QuickSight::Template.DynamicDefaultValue", - "markdownDescription": "The dynamic value of the `DataTimeDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", - "title": "DynamicValue" + "NavigationOperation": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomActionNavigationOperation", + "markdownDescription": "", + "title": "NavigationOperation" }, - "RollingDate": { - "$ref": "#/definitions/AWS::QuickSight::Template.RollingDateConfiguration", - "markdownDescription": "The rolling date of the `DataTimeDefaultValues` . The date is determined from the dataset based on input expression.", - "title": "RollingDate" + "SetParametersOperation": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomActionSetParametersOperation", + "markdownDescription": "", + "title": "SetParametersOperation" }, - "StaticValues": { - "items": { - "type": "string" - }, - "markdownDescription": "The static values of the `DataTimeDefaultValues` .", - "title": "StaticValues", - "type": "array" + "URLOperation": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomActionURLOperation", + "markdownDescription": "", + "title": "URLOperation" } }, "type": "object" }, - "AWS::QuickSight::Template.DateTimeFormatConfiguration": { + "AWS::QuickSight::Template.ImageInteractionOptions": { "additionalProperties": false, "properties": { - "DateTimeFormat": { - "markdownDescription": "Determines the `DateTime` format.", - "title": "DateTimeFormat", - "type": "string" - }, - "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NullValueFormatConfiguration", - "markdownDescription": "The options that determine the null value format configuration.", - "title": "NullValueFormatConfiguration" - }, - "NumericFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericFormatConfiguration", - "markdownDescription": "The formatting configuration for numeric `DateTime` fields.", - "title": "NumericFormatConfiguration" + "ImageMenuOption": { + "$ref": "#/definitions/AWS::QuickSight::Template.ImageMenuOption", + "markdownDescription": "The menu options for the image.", + "title": "ImageMenuOption" } }, "type": "object" }, - "AWS::QuickSight::Template.DateTimeHierarchy": { + "AWS::QuickSight::Template.ImageMenuOption": { "additionalProperties": false, "properties": { - "DrillDownFilters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DrillDownFilter" - }, - "markdownDescription": "The option that determines the drill down filters for the `DateTime` hierarchy.", - "title": "DrillDownFilters", - "type": "array" - }, - "HierarchyId": { - "markdownDescription": "The hierarchy ID of the `DateTime` hierarchy.", - "title": "HierarchyId", + "AvailabilityStatus": { + "markdownDescription": "The availability status of the image menu. If the value of this property is set to `ENABLED` , dashboard readers can interact with the image menu.", + "title": "AvailabilityStatus", "type": "string" } }, - "required": [ - "HierarchyId" - ], "type": "object" }, - "AWS::QuickSight::Template.DateTimeParameterDeclaration": { + "AWS::QuickSight::Template.InnerFilter": { "additionalProperties": false, "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeDefaultValues", - "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", - "title": "DefaultValues" - }, - "MappedDataSetParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MappedDataSetParameter" - }, - "markdownDescription": "", - "title": "MappedDataSetParameters", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the parameter that is being declared.", - "title": "Name", - "type": "string" - }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", - "type": "string" - }, - "ValueWhenUnset": { - "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeValueWhenUnsetConfiguration", - "markdownDescription": "The configuration that defines the default value of a `DateTime` parameter when a value has not been set.", - "title": "ValueWhenUnset" + "CategoryInnerFilter": { + "$ref": "#/definitions/AWS::QuickSight::Template.CategoryInnerFilter", + "markdownDescription": "A `CategoryInnerFilter` filters text values for the `NestedFilter` .", + "title": "CategoryInnerFilter" } }, - "required": [ - "Name" - ], "type": "object" }, - "AWS::QuickSight::Template.DateTimePickerControlDisplayOptions": { + "AWS::QuickSight::Template.InsightConfiguration": { "additionalProperties": false, "properties": { - "DateTimeFormat": { - "markdownDescription": "Customize how dates are formatted in controls.", - "title": "DateTimeFormat", - "type": "string" + "Computations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.Computation" + }, + "markdownDescription": "The computations configurations of the insight visual", + "title": "Computations", + "type": "array" }, - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" + "CustomNarrative": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomNarrativeOptions", + "markdownDescription": "The custom narrative of the insight visual.", + "title": "CustomNarrative" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" } }, "type": "object" }, - "AWS::QuickSight::Template.DateTimeValueWhenUnsetConfiguration": { + "AWS::QuickSight::Template.InsightVisual": { "additionalProperties": false, "properties": { - "CustomValue": { - "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", - "title": "CustomValue", + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "DataSetIdentifier": { + "markdownDescription": "The dataset that is used in the insight visual.", + "title": "DataSetIdentifier", "type": "string" }, - "ValueWhenUnsetOption": { - "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", - "title": "ValueWhenUnsetOption", + "InsightConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.InsightConfiguration", + "markdownDescription": "The configuration of an insight visual.", + "title": "InsightConfiguration" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", "type": "string" } }, + "required": [ + "DataSetIdentifier", + "VisualId" + ], "type": "object" }, - "AWS::QuickSight::Template.DecimalDefaultValues": { + "AWS::QuickSight::Template.IntegerDefaultValues": { "additionalProperties": false, "properties": { "DynamicValue": { "$ref": "#/definitions/AWS::QuickSight::Template.DynamicDefaultValue", - "markdownDescription": "The dynamic value of the `DecimalDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", + "markdownDescription": "The dynamic value of the `IntegerDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", "title": "DynamicValue" }, "StaticValues": { "items": { "type": "number" }, - "markdownDescription": "The static values of the `DecimalDefaultValues` .", + "markdownDescription": "The static values of the `IntegerDefaultValues` .", "title": "StaticValues", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.DecimalParameterDeclaration": { + "AWS::QuickSight::Template.IntegerParameterDeclaration": { "additionalProperties": false, "properties": { "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::Template.DecimalDefaultValues", + "$ref": "#/definitions/AWS::QuickSight::Template.IntegerDefaultValues", "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", "title": "DefaultValues" }, @@ -212989,8 +257286,8 @@ "type": "string" }, "ValueWhenUnset": { - "$ref": "#/definitions/AWS::QuickSight::Template.DecimalValueWhenUnsetConfiguration", - "markdownDescription": "The configuration that defines the default value of a `Decimal` parameter when a value has not been set.", + "$ref": "#/definitions/AWS::QuickSight::Template.IntegerValueWhenUnsetConfiguration", + "markdownDescription": "A parameter declaration for the `Integer` data type.", "title": "ValueWhenUnset" } }, @@ -213000,21 +257297,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.DecimalPlacesConfiguration": { - "additionalProperties": false, - "properties": { - "DecimalPlaces": { - "markdownDescription": "The values of the decimal places.", - "title": "DecimalPlaces", - "type": "number" - } - }, - "required": [ - "DecimalPlaces" - ], - "type": "object" - }, - "AWS::QuickSight::Template.DecimalValueWhenUnsetConfiguration": { + "AWS::QuickSight::Template.IntegerValueWhenUnsetConfiguration": { "additionalProperties": false, "properties": { "CustomValue": { @@ -213030,1104 +257313,1628 @@ }, "type": "object" }, - "AWS::QuickSight::Template.DefaultDateTimePickerControlOptions": { + "AWS::QuickSight::Template.ItemsLimitConfiguration": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DateTimePickerControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "ItemsLimit": { + "markdownDescription": "The limit on how many items of a field are showed in the chart. For example, the number of slices that are displayed in a pie chart.", + "title": "ItemsLimit", + "type": "number" }, - "Type": { - "markdownDescription": "The date time picker type of the `DefaultDateTimePickerControlOptions` . Choose one of the following options:\n\n- `SINGLE_VALUED` : The filter condition is a fixed date.\n- `DATE_RANGE` : The filter condition is a date time range.", - "title": "Type", + "OtherCategories": { + "markdownDescription": "The `Show other` of an axis in the chart. Choose one of the following options:\n\n- `INCLUDE`\n- `EXCLUDE`", + "title": "OtherCategories", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.DefaultFilterControlConfiguration": { + "AWS::QuickSight::Template.KPIActualValueConditionalFormatting": { "additionalProperties": false, "properties": { - "ControlOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlOptions", - "markdownDescription": "The control option for the `DefaultFilterControlConfiguration` .", - "title": "ControlOptions" + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting of the actual value's icon.", + "title": "Icon" }, - "Title": { - "markdownDescription": "The title of the `DefaultFilterControlConfiguration` . This title is shared by all controls that are tied to this filter.", - "title": "Title", - "type": "string" + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the actual value's text color.", + "title": "TextColor" } }, - "required": [ - "ControlOptions", - "Title" - ], "type": "object" }, - "AWS::QuickSight::Template.DefaultFilterControlOptions": { + "AWS::QuickSight::Template.KPIComparisonValueConditionalFormatting": { "additionalProperties": false, "properties": { - "DefaultDateTimePickerOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultDateTimePickerControlOptions", - "markdownDescription": "The default options that correspond to the filter control type of a `DateTimePicker` .", - "title": "DefaultDateTimePickerOptions" + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting of the comparison value's icon.", + "title": "Icon" }, - "DefaultDropdownOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterDropDownControlOptions", - "markdownDescription": "The default options that correspond to the `Dropdown` filter control type.", - "title": "DefaultDropdownOptions" + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the comparison value's text color.", + "title": "TextColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.KPIConditionalFormatting": { + "additionalProperties": false, + "properties": { + "ConditionalFormattingOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPIConditionalFormattingOption" + }, + "markdownDescription": "The conditional formatting options of a KPI visual.", + "title": "ConditionalFormattingOptions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.KPIConditionalFormattingOption": { + "additionalProperties": false, + "properties": { + "ActualValue": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPIActualValueConditionalFormatting", + "markdownDescription": "The conditional formatting for the actual value of a KPI visual.", + "title": "ActualValue" }, - "DefaultListOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterListControlOptions", - "markdownDescription": "The default options that correspond to the `List` filter control type.", - "title": "DefaultListOptions" + "ComparisonValue": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPIComparisonValueConditionalFormatting", + "markdownDescription": "The conditional formatting for the comparison value of a KPI visual.", + "title": "ComparisonValue" }, - "DefaultRelativeDateTimeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultRelativeDateTimeControlOptions", - "markdownDescription": "The default options that correspond to the `RelativeDateTime` filter control type.", - "title": "DefaultRelativeDateTimeOptions" + "PrimaryValue": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPIPrimaryValueConditionalFormatting", + "markdownDescription": "The conditional formatting for the primary value of a KPI visual.", + "title": "PrimaryValue" }, - "DefaultSliderOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultSliderControlOptions", - "markdownDescription": "The default options that correspond to the `Slider` filter control type.", - "title": "DefaultSliderOptions" + "ProgressBar": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPIProgressBarConditionalFormatting", + "markdownDescription": "The conditional formatting for the progress bar of a KPI visual.", + "title": "ProgressBar" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.KPIConfiguration": { + "additionalProperties": false, + "properties": { + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPIFieldWells", + "markdownDescription": "The field well configuration of a KPI visual.", + "title": "FieldWells" }, - "DefaultTextAreaOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultTextAreaControlOptions", - "markdownDescription": "The default options that correspond to the `TextArea` filter control type.", - "title": "DefaultTextAreaOptions" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" }, - "DefaultTextFieldOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultTextFieldControlOptions", - "markdownDescription": "The default options that correspond to the `TextField` filter control type.", - "title": "DefaultTextFieldOptions" + "KPIOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPIOptions", + "markdownDescription": "The options that determine the presentation of a KPI visual.", + "title": "KPIOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPISortConfiguration", + "markdownDescription": "The sort configuration of a KPI visual.", + "title": "SortConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Template.DefaultFilterDropDownControlOptions": { + "AWS::QuickSight::Template.KPIFieldWells": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DropDownControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "TargetValues": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The target value field wells of a KPI visual.", + "title": "TargetValues", + "type": "array" }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" + "TrendGroups": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The trend group field wells of a KPI visual.", + "title": "TrendGroups", + "type": "array" }, - "Type": { - "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", - "title": "Type", + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The value field wells of a KPI visual.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.KPIOptions": { + "additionalProperties": false, + "properties": { + "Comparison": { + "$ref": "#/definitions/AWS::QuickSight::Template.ComparisonConfiguration", + "markdownDescription": "The comparison configuration of a KPI visual.", + "title": "Comparison" + }, + "PrimaryValueDisplayType": { + "markdownDescription": "The options that determine the primary value display type.", + "title": "PrimaryValueDisplayType", "type": "string" + }, + "PrimaryValueFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "markdownDescription": "The options that determine the primary value font configuration.", + "title": "PrimaryValueFontConfiguration" + }, + "ProgressBar": { + "$ref": "#/definitions/AWS::QuickSight::Template.ProgressBarOptions", + "markdownDescription": "The options that determine the presentation of the progress bar of a KPI visual.", + "title": "ProgressBar" + }, + "SecondaryValue": { + "$ref": "#/definitions/AWS::QuickSight::Template.SecondaryValueOptions", + "markdownDescription": "The options that determine the presentation of the secondary value of a KPI visual.", + "title": "SecondaryValue" + }, + "SecondaryValueFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "markdownDescription": "The options that determine the secondary value font configuration.", + "title": "SecondaryValueFontConfiguration" + }, + "Sparkline": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPISparklineOptions", + "markdownDescription": "The options that determine the visibility, color, type, and tooltip visibility of the sparkline of a KPI visual.", + "title": "Sparkline" + }, + "TrendArrows": { + "$ref": "#/definitions/AWS::QuickSight::Template.TrendArrowOptions", + "markdownDescription": "The options that determine the presentation of trend arrows in a KPI visual.", + "title": "TrendArrows" + }, + "VisualLayoutOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPIVisualLayoutOptions", + "markdownDescription": "The options that determine the layout a KPI visual.", + "title": "VisualLayoutOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.DefaultFilterListControlOptions": { + "AWS::QuickSight::Template.KPIPrimaryValueConditionalFormatting": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ListControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting of the primary value's icon.", + "title": "Icon" }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the primary value's text color.", + "title": "TextColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.KPIProgressBarConditionalFormatting": { + "additionalProperties": false, + "properties": { + "ForegroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the progress bar's foreground color.", + "title": "ForegroundColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.KPISortConfiguration": { + "additionalProperties": false, + "properties": { + "TrendGroupSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the trend group fields.", + "title": "TrendGroupSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.KPISparklineOptions": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The color of the sparkline.", + "title": "Color", + "type": "string" + }, + "TooltipVisibility": { + "markdownDescription": "The tooltip visibility of the sparkline.", + "title": "TooltipVisibility", + "type": "object" }, "Type": { - "markdownDescription": "The type of the `DefaultFilterListControlOptions` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list.", + "markdownDescription": "The type of the sparkline.", "title": "Type", "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the sparkline.", + "title": "Visibility", + "type": "object" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::QuickSight::Template.DefaultFreeFormLayoutConfiguration": { + "AWS::QuickSight::Template.KPIVisual": { "additionalProperties": false, "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutCanvasSizeOptions", - "markdownDescription": "Determines the screen canvas size options for a free-form layout.", - "title": "CanvasSizeOptions" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPIConfiguration", + "markdownDescription": "The configuration of a KPI visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "ConditionalFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPIConditionalFormatting", + "markdownDescription": "The conditional formatting of a KPI visual.", + "title": "ConditionalFormatting" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" } }, "required": [ - "CanvasSizeOptions" + "VisualId" ], "type": "object" }, - "AWS::QuickSight::Template.DefaultGridLayoutConfiguration": { + "AWS::QuickSight::Template.KPIVisualLayoutOptions": { "additionalProperties": false, "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.GridLayoutCanvasSizeOptions", - "markdownDescription": "Determines the screen canvas size options for a grid layout.", - "title": "CanvasSizeOptions" + "StandardLayout": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPIVisualStandardLayout", + "markdownDescription": "The standard layout of the KPI visual.", + "title": "StandardLayout" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.KPIVisualStandardLayout": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "The standard layout type.", + "title": "Type", + "type": "string" } }, "required": [ - "CanvasSizeOptions" + "Type" ], "type": "object" }, - "AWS::QuickSight::Template.DefaultInteractiveLayoutConfiguration": { + "AWS::QuickSight::Template.LabelOptions": { "additionalProperties": false, "properties": { - "FreeForm": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFreeFormLayoutConfiguration", - "markdownDescription": "The options that determine the default settings of a free-form layout configuration.", - "title": "FreeForm" + "CustomLabel": { + "markdownDescription": "The text for the label.", + "title": "CustomLabel", + "type": "string" }, - "Grid": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultGridLayoutConfiguration", - "markdownDescription": "The options that determine the default settings for a grid layout configuration.", - "title": "Grid" + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "markdownDescription": "The font configuration of the label.", + "title": "FontConfiguration" + }, + "Visibility": { + "markdownDescription": "Determines whether or not the label is visible.", + "title": "Visibility", + "type": "object" } }, "type": "object" }, - "AWS::QuickSight::Template.DefaultNewSheetConfiguration": { + "AWS::QuickSight::Template.Layout": { "additionalProperties": false, "properties": { - "InteractiveLayoutConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultInteractiveLayoutConfiguration", - "markdownDescription": "The options that determine the default settings for interactive layout configuration.", - "title": "InteractiveLayoutConfiguration" - }, - "PaginatedLayoutConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultPaginatedLayoutConfiguration", - "markdownDescription": "The options that determine the default settings for a paginated layout configuration.", - "title": "PaginatedLayoutConfiguration" - }, - "SheetContentType": { - "markdownDescription": "The option that determines the sheet content type.", - "title": "SheetContentType", - "type": "string" + "Configuration": { + "$ref": "#/definitions/AWS::QuickSight::Template.LayoutConfiguration", + "markdownDescription": "The configuration that determines what the type of layout for a sheet.", + "title": "Configuration" } }, + "required": [ + "Configuration" + ], "type": "object" }, - "AWS::QuickSight::Template.DefaultPaginatedLayoutConfiguration": { + "AWS::QuickSight::Template.LayoutConfiguration": { "additionalProperties": false, "properties": { - "SectionBased": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultSectionBasedLayoutConfiguration", - "markdownDescription": "The options that determine the default settings for a section-based layout configuration.", - "title": "SectionBased" + "FreeFormLayout": { + "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutConfiguration", + "markdownDescription": "A free-form is optimized for a fixed width and has more control over the exact placement of layout elements.", + "title": "FreeFormLayout" + }, + "GridLayout": { + "$ref": "#/definitions/AWS::QuickSight::Template.GridLayoutConfiguration", + "markdownDescription": "A type of layout that can be used on a sheet. In a grid layout, visuals snap to a grid with standard spacing and alignment. Dashboards are displayed as designed, with options to fit to screen or view at actual size. A grid layout can be configured to behave in one of two ways when the viewport is resized: `FIXED` or `RESPONSIVE` .", + "title": "GridLayout" + }, + "SectionBasedLayout": { + "$ref": "#/definitions/AWS::QuickSight::Template.SectionBasedLayoutConfiguration", + "markdownDescription": "A section based layout organizes visuals into multiple sections and has customized header, footer and page break.", + "title": "SectionBasedLayout" } }, "type": "object" }, - "AWS::QuickSight::Template.DefaultRelativeDateTimeControlOptions": { + "AWS::QuickSight::Template.LegendOptions": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.RelativeDateTimeControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "Height": { + "markdownDescription": "The height of the legend. If this value is omitted, a default height is used when rendering.", + "title": "Height", + "type": "string" + }, + "Position": { + "markdownDescription": "The positions for the legend. Choose one of the following options:\n\n- `AUTO`\n- `RIGHT`\n- `BOTTOM`\n- `LEFT`", + "title": "Position", + "type": "string" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", + "markdownDescription": "The custom title for the legend.", + "title": "Title" + }, + "ValueFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "markdownDescription": "", + "title": "ValueFontConfiguration" + }, + "Visibility": { + "markdownDescription": "Determines whether or not the legend is visible.", + "title": "Visibility", + "type": "object" + }, + "Width": { + "markdownDescription": "The width of the legend. If this value is omitted, a default width is used when rendering.", + "title": "Width", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.DefaultSectionBasedLayoutConfiguration": { + "AWS::QuickSight::Template.LineChartAggregatedFieldWells": { "additionalProperties": false, "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SectionBasedLayoutCanvasSizeOptions", - "markdownDescription": "Determines the screen canvas size options for a section-based layout.", - "title": "CanvasSizeOptions" + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The category field wells of a line chart. Values are grouped by category fields.", + "title": "Category", + "type": "array" + }, + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The color field wells of a line chart. Values are grouped by category fields.", + "title": "Colors", + "type": "array" + }, + "SmallMultiples": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The small multiples field well of a line chart.", + "title": "SmallMultiples", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The value field wells of a line chart. Values are aggregated based on categories.", + "title": "Values", + "type": "array" } }, - "required": [ - "CanvasSizeOptions" - ], "type": "object" }, - "AWS::QuickSight::Template.DefaultSliderControlOptions": { + "AWS::QuickSight::Template.LineChartConfiguration": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SliderControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "ContributionAnalysisDefaults": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ContributionAnalysisDefault" + }, + "markdownDescription": "The default configuration of a line chart's contribution analysis.", + "title": "ContributionAnalysisDefaults", + "type": "array" }, - "MaximumValue": { - "markdownDescription": "The larger value that is displayed at the right of the slider.", - "title": "MaximumValue", - "type": "number" + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "markdownDescription": "The data label configuration of a line chart.", + "title": "DataLabels" }, - "MinimumValue": { - "markdownDescription": "The smaller value that is displayed at the left of the slider.", - "title": "MinimumValue", - "type": "number" + "DefaultSeriesSettings": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineChartDefaultSeriesSettings", + "markdownDescription": "The options that determine the default presentation of all line series in `LineChartVisual` .", + "title": "DefaultSeriesSettings" }, - "StepSize": { - "markdownDescription": "The number of increments that the slider bar is divided into.", - "title": "StepSize", - "type": "number" + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineChartFieldWells", + "markdownDescription": "The field well configuration of a line chart.", + "title": "FieldWells" + }, + "ForecastConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ForecastConfiguration" + }, + "markdownDescription": "The forecast configuration of a line chart.", + "title": "ForecastConfigurations", + "type": "array" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "markdownDescription": "The legend configuration of a line chart.", + "title": "Legend" + }, + "PrimaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineSeriesAxisDisplayOptions", + "markdownDescription": "The series axis configuration of a line chart.", + "title": "PrimaryYAxisDisplayOptions" + }, + "PrimaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the y-axis label.", + "title": "PrimaryYAxisLabelOptions" + }, + "ReferenceLines": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLine" + }, + "markdownDescription": "The reference lines configuration of a line chart.", + "title": "ReferenceLines", + "type": "array" + }, + "SecondaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineSeriesAxisDisplayOptions", + "markdownDescription": "The series axis configuration of a line chart.", + "title": "SecondaryYAxisDisplayOptions" + }, + "SecondaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the secondary y-axis label.", + "title": "SecondaryYAxisLabelOptions" + }, + "Series": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.SeriesItem" + }, + "markdownDescription": "The series item configuration of a line chart.", + "title": "Series", + "type": "array" + }, + "SingleAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SingleAxisOptions", + "markdownDescription": "", + "title": "SingleAxisOptions" + }, + "SmallMultiplesOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SmallMultiplesOptions", + "markdownDescription": "The small multiples setup for the visual.", + "title": "SmallMultiplesOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineChartSortConfiguration", + "markdownDescription": "The sort configuration of a line chart.", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "markdownDescription": "The tooltip configuration of a line chart.", + "title": "Tooltip" }, "Type": { - "markdownDescription": "The type of the `DefaultSliderControlOptions` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range.", + "markdownDescription": "Determines the type of the line chart.", "title": "Type", "type": "string" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "markdownDescription": "The visual palette configuration of a line chart.", + "title": "VisualPalette" + }, + "XAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the x-axis.", + "title": "XAxisDisplayOptions" + }, + "XAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the x-axis label.", + "title": "XAxisLabelOptions" } }, - "required": [ - "MaximumValue", - "MinimumValue", - "StepSize" - ], "type": "object" }, - "AWS::QuickSight::Template.DefaultTextAreaControlOptions": { + "AWS::QuickSight::Template.LineChartDefaultSeriesSettings": { "additionalProperties": false, "properties": { - "Delimiter": { - "markdownDescription": "The delimiter that is used to separate the lines in text.", - "title": "Delimiter", + "AxisBinding": { + "markdownDescription": "The axis to which you are binding all line series to.", + "title": "AxisBinding", "type": "string" }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TextAreaControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "LineStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineChartLineStyleSettings", + "markdownDescription": "Line styles options for all line series in the visual.", + "title": "LineStyleSettings" + }, + "MarkerStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineChartMarkerStyleSettings", + "markdownDescription": "Marker styles options for all line series in the visual.", + "title": "MarkerStyleSettings" } }, "type": "object" }, - "AWS::QuickSight::Template.DefaultTextFieldControlOptions": { + "AWS::QuickSight::Template.LineChartFieldWells": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TextFieldControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "LineChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineChartAggregatedFieldWells", + "markdownDescription": "The field well configuration of a line chart.", + "title": "LineChartAggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Template.DestinationParameterValueConfiguration": { + "AWS::QuickSight::Template.LineChartLineStyleSettings": { "additionalProperties": false, "properties": { - "CustomValuesConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.CustomValuesConfiguration", - "markdownDescription": "The configuration of custom values for destination parameter in `DestinationParameterValueConfiguration` .", - "title": "CustomValuesConfiguration" + "LineInterpolation": { + "markdownDescription": "Interpolation style for line series.\n\n- `LINEAR` : Show as default, linear style.\n- `SMOOTH` : Show as a smooth curve.\n- `STEPPED` : Show steps in line.", + "title": "LineInterpolation", + "type": "string" }, - "SelectAllValueOptions": { - "markdownDescription": "The configuration that selects all options.", - "title": "SelectAllValueOptions", + "LineStyle": { + "markdownDescription": "Line style for line series.\n\n- `SOLID` : Show as a solid line.\n- `DOTTED` : Show as a dotted line.\n- `DASHED` : Show as a dashed line.", + "title": "LineStyle", "type": "string" }, - "SourceColumn": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "A column of a data set.", - "title": "SourceColumn" + "LineVisibility": { + "markdownDescription": "Configuration option that determines whether to show the line for the series.", + "title": "LineVisibility", + "type": "object" }, - "SourceField": { - "markdownDescription": "The source field ID of the destination parameter.", - "title": "SourceField", + "LineWidth": { + "markdownDescription": "Width that determines the line thickness.", + "title": "LineWidth", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.LineChartMarkerStyleSettings": { + "additionalProperties": false, + "properties": { + "MarkerColor": { + "markdownDescription": "Color of marker in the series.", + "title": "MarkerColor", "type": "string" }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the destination parameter.", - "title": "SourceParameterName", + "MarkerShape": { + "markdownDescription": "Shape option for markers in the series.\n\n- `CIRCLE` : Show marker as a circle.\n- `TRIANGLE` : Show marker as a triangle.\n- `SQUARE` : Show marker as a square.\n- `DIAMOND` : Show marker as a diamond.\n- `ROUNDED_SQUARE` : Show marker as a rounded square.", + "title": "MarkerShape", + "type": "string" + }, + "MarkerSize": { + "markdownDescription": "Size of marker in the series.", + "title": "MarkerSize", + "type": "string" + }, + "MarkerVisibility": { + "markdownDescription": "Configuration option that determines whether to show the markers in the series.", + "title": "MarkerVisibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.LineChartSeriesSettings": { + "additionalProperties": false, + "properties": { + "LineStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineChartLineStyleSettings", + "markdownDescription": "Line styles options for a line series in `LineChartVisual` .", + "title": "LineStyleSettings" + }, + "MarkerStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineChartMarkerStyleSettings", + "markdownDescription": "Marker styles options for a line series in `LineChartVisual` .", + "title": "MarkerStyleSettings" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.LineChartSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of categories that are displayed in a line chart.", + "title": "CategoryItemsLimitConfiguration" + }, + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the category fields.", + "title": "CategorySort", + "type": "array" + }, + "ColorItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of lines that are displayed in a line chart.", + "title": "ColorItemsLimitConfiguration" + }, + "SmallMultiplesLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of small multiples panels that are displayed.", + "title": "SmallMultiplesLimitConfiguration" + }, + "SmallMultiplesSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the small multiples field.", + "title": "SmallMultiplesSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.LineChartVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineChartConfiguration", + "markdownDescription": "The configuration of a line chart.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", "type": "string" } }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.LineSeriesAxisDisplayOptions": { + "additionalProperties": false, + "properties": { + "AxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the line series axis.", + "title": "AxisOptions" + }, + "MissingDataConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MissingDataConfiguration" + }, + "markdownDescription": "The configuration options that determine how missing data is treated during the rendering of a line chart.", + "title": "MissingDataConfigurations", + "type": "array" + } + }, "type": "object" }, - "AWS::QuickSight::Template.DimensionField": { + "AWS::QuickSight::Template.ListControlDisplayOptions": { "additionalProperties": false, "properties": { - "CategoricalDimensionField": { - "$ref": "#/definitions/AWS::QuickSight::Template.CategoricalDimensionField", - "markdownDescription": "The dimension type field with categorical type columns.", - "title": "CategoricalDimensionField" + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" }, - "DateDimensionField": { - "$ref": "#/definitions/AWS::QuickSight::Template.DateDimensionField", - "markdownDescription": "The dimension type field with date type columns.", - "title": "DateDimensionField" + "SearchOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ListControlSearchOptions", + "markdownDescription": "The configuration of the search options in a list control.", + "title": "SearchOptions" }, - "NumericalDimensionField": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericalDimensionField", - "markdownDescription": "The dimension type field with numerical type columns.", - "title": "NumericalDimensionField" + "SelectAllOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ListControlSelectAllOptions", + "markdownDescription": "The configuration of the `Select all` options in a list control.", + "title": "SelectAllOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.DonutCenterOptions": { + "AWS::QuickSight::Template.ListControlSearchOptions": { "additionalProperties": false, "properties": { - "LabelVisibility": { - "markdownDescription": "Determines the visibility of the label in a donut chart. In the Amazon QuickSight console, this option is called `'Show total'` .", - "title": "LabelVisibility", - "type": "string" + "Visibility": { + "markdownDescription": "The visibility configuration of the search options in a list control.", + "title": "Visibility", + "type": "object" } }, "type": "object" }, - "AWS::QuickSight::Template.DonutOptions": { + "AWS::QuickSight::Template.ListControlSelectAllOptions": { "additionalProperties": false, "properties": { - "ArcOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ArcOptions", - "markdownDescription": "The option for define the arc of the chart shape. Valid values are as follows:\n\n- `WHOLE` - A pie chart\n- `SMALL` - A small-sized donut chart\n- `MEDIUM` - A medium-sized donut chart\n- `LARGE` - A large-sized donut chart", - "title": "ArcOptions" - }, - "DonutCenterOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DonutCenterOptions", - "markdownDescription": "The label options of the label that is displayed in the center of a donut chart. This option isn't available for pie charts.", - "title": "DonutCenterOptions" + "Visibility": { + "markdownDescription": "The visibility configuration of the `Select all` options in a list control.", + "title": "Visibility", + "type": "object" } }, "type": "object" }, - "AWS::QuickSight::Template.DrillDownFilter": { + "AWS::QuickSight::Template.LoadingAnimation": { "additionalProperties": false, "properties": { - "CategoryFilter": { - "$ref": "#/definitions/AWS::QuickSight::Template.CategoryDrillDownFilter", - "markdownDescription": "The category type drill down filter. This filter is used for string type columns.", - "title": "CategoryFilter" - }, - "NumericEqualityFilter": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericEqualityDrillDownFilter", - "markdownDescription": "The numeric equality type drill down filter. This filter is used for number type columns.", - "title": "NumericEqualityFilter" - }, - "TimeRangeFilter": { - "$ref": "#/definitions/AWS::QuickSight::Template.TimeRangeDrillDownFilter", - "markdownDescription": "The time range drill down filter. This filter is used for date time columns.", - "title": "TimeRangeFilter" + "Visibility": { + "markdownDescription": "The visibility configuration of `LoadingAnimation` .", + "title": "Visibility", + "type": "object" } }, "type": "object" }, - "AWS::QuickSight::Template.DropDownControlDisplayOptions": { + "AWS::QuickSight::Template.LocalNavigationConfiguration": { "additionalProperties": false, "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" - }, - "SelectAllOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ListControlSelectAllOptions", - "markdownDescription": "The configuration of the `Select all` options in a dropdown control.", - "title": "SelectAllOptions" - }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" + "TargetSheetId": { + "markdownDescription": "The sheet that is targeted for navigation in the same analysis.", + "title": "TargetSheetId", + "type": "string" } }, + "required": [ + "TargetSheetId" + ], "type": "object" }, - "AWS::QuickSight::Template.DynamicDefaultValue": { + "AWS::QuickSight::Template.LongFormatText": { "additionalProperties": false, "properties": { - "DefaultValueColumn": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that contains the default value of each user or group.", - "title": "DefaultValueColumn" - }, - "GroupNameColumn": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that contains the group name.", - "title": "GroupNameColumn" + "PlainText": { + "markdownDescription": "Plain text format.", + "title": "PlainText", + "type": "string" }, - "UserNameColumn": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that contains the username.", - "title": "UserNameColumn" + "RichText": { + "markdownDescription": "Rich text. Examples of rich text include bold, underline, and italics.", + "title": "RichText", + "type": "string" } }, - "required": [ - "DefaultValueColumn" - ], "type": "object" }, - "AWS::QuickSight::Template.EmptyVisual": { + "AWS::QuickSight::Template.MappedDataSetParameter": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, "DataSetIdentifier": { - "markdownDescription": "The data set that is used in the empty visual. Every visual requires a dataset to render.", + "markdownDescription": "A unique name that identifies a dataset within the analysis or dashboard.", "title": "DataSetIdentifier", "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "DataSetParameterName": { + "markdownDescription": "The name of the dataset parameter.", + "title": "DataSetParameterName", "type": "string" } }, "required": [ "DataSetIdentifier", - "VisualId" + "DataSetParameterName" ], "type": "object" }, - "AWS::QuickSight::Template.Entity": { + "AWS::QuickSight::Template.MaximumLabelType": { "additionalProperties": false, "properties": { - "Path": { - "markdownDescription": "The hierarchical path of the entity within the analysis, template, or dashboard definition tree.", - "title": "Path", - "type": "string" + "Visibility": { + "markdownDescription": "The visibility of the maximum label.", + "title": "Visibility", + "type": "object" } }, "type": "object" }, - "AWS::QuickSight::Template.ExcludePeriodConfiguration": { + "AWS::QuickSight::Template.MaximumMinimumComputation": { "additionalProperties": false, "properties": { - "Amount": { - "markdownDescription": "The amount or number of the exclude period.", - "title": "Amount", - "type": "number" + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" }, - "Granularity": { - "markdownDescription": "The granularity or unit (day, month, year) of the exclude period.", - "title": "Granularity", + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", "type": "string" }, - "Status": { - "markdownDescription": "The status of the exclude period. Choose from the following options:\n\n- `ENABLED`\n- `DISABLED`", - "title": "Status", + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + }, + "Type": { + "markdownDescription": "The type of computation. Choose one of the following options:\n\n- MAXIMUM: A maximum computation.\n- MINIMUM: A minimum computation.", + "title": "Type", "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" } }, "required": [ - "Amount", - "Granularity" + "ComputationId", + "Type" ], "type": "object" }, - "AWS::QuickSight::Template.ExplicitHierarchy": { + "AWS::QuickSight::Template.MeasureField": { "additionalProperties": false, "properties": { - "Columns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier" - }, - "markdownDescription": "The list of columns that define the explicit hierarchy.", - "title": "Columns", - "type": "array" + "CalculatedMeasureField": { + "$ref": "#/definitions/AWS::QuickSight::Template.CalculatedMeasureField", + "markdownDescription": "The calculated measure field only used in pivot tables.", + "title": "CalculatedMeasureField" }, - "DrillDownFilters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DrillDownFilter" - }, - "markdownDescription": "The option that determines the drill down filters for the explicit hierarchy.", - "title": "DrillDownFilters", - "type": "array" + "CategoricalMeasureField": { + "$ref": "#/definitions/AWS::QuickSight::Template.CategoricalMeasureField", + "markdownDescription": "The measure type field with categorical type columns.", + "title": "CategoricalMeasureField" }, - "HierarchyId": { - "markdownDescription": "The hierarchy ID of the explicit hierarchy.", - "title": "HierarchyId", - "type": "string" + "DateMeasureField": { + "$ref": "#/definitions/AWS::QuickSight::Template.DateMeasureField", + "markdownDescription": "The measure type field with date type columns.", + "title": "DateMeasureField" + }, + "NumericalMeasureField": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericalMeasureField", + "markdownDescription": "The measure type field with numerical type columns.", + "title": "NumericalMeasureField" } }, - "required": [ - "Columns", - "HierarchyId" - ], "type": "object" }, - "AWS::QuickSight::Template.FieldBasedTooltip": { + "AWS::QuickSight::Template.MetricComparisonComputation": { "additionalProperties": false, "properties": { - "AggregationVisibility": { - "markdownDescription": "The visibility of `Show aggregations` .", - "title": "AggregationVisibility", + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", "type": "string" }, - "TooltipFields": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.TooltipItem" - }, - "markdownDescription": "The fields configuration in the tooltip.", - "title": "TooltipFields", - "type": "array" + "FromValue": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", + "markdownDescription": "The field that is used in a metric comparison from value setup.", + "title": "FromValue" }, - "TooltipTitleType": { - "markdownDescription": "The type for the >tooltip title. Choose one of the following options:\n\n- `NONE` : Doesn't use the primary value as the title.\n- `PRIMARY_VALUE` : Uses primary value as the title.", - "title": "TooltipTitleType", + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", "type": "string" + }, + "TargetValue": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", + "markdownDescription": "The field that is used in a metric comparison to value setup.", + "title": "TargetValue" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" } }, + "required": [ + "ComputationId" + ], "type": "object" }, - "AWS::QuickSight::Template.FieldLabelType": { + "AWS::QuickSight::Template.MinimumLabelType": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "Indicates the field that is targeted by the field label.", - "title": "FieldId", - "type": "string" - }, "Visibility": { - "markdownDescription": "The visibility of the field label.", + "markdownDescription": "The visibility of the minimum label.", "title": "Visibility", - "type": "string" + "type": "object" } }, "type": "object" }, - "AWS::QuickSight::Template.FieldSeriesItem": { + "AWS::QuickSight::Template.MissingDataConfiguration": { "additionalProperties": false, "properties": { - "AxisBinding": { - "markdownDescription": "The axis that you are binding the field to.", - "title": "AxisBinding", + "TreatmentOption": { + "markdownDescription": "The treatment option that determines how missing data should be rendered. Choose from the following options:\n\n- `INTERPOLATE` : Interpolate missing values between the prior and the next known value.\n- `SHOW_AS_ZERO` : Show missing values as the value `0` .\n- `SHOW_AS_BLANK` : Display a blank space when rendering missing data.", + "title": "TreatmentOption", "type": "string" - }, - "FieldId": { - "markdownDescription": "The field ID of the field for which you are setting the axis binding.", - "title": "FieldId", + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.NegativeValueConfiguration": { + "additionalProperties": false, + "properties": { + "DisplayMode": { + "markdownDescription": "Determines the display mode of the negative value configuration.", + "title": "DisplayMode", "type": "string" - }, - "Settings": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineChartSeriesSettings", - "markdownDescription": "The options that determine the presentation of line series associated to the field.", - "title": "Settings" } }, "required": [ - "AxisBinding", - "FieldId" + "DisplayMode" ], "type": "object" }, - "AWS::QuickSight::Template.FieldSort": { + "AWS::QuickSight::Template.NestedFilter": { "additionalProperties": false, "properties": { - "Direction": { - "markdownDescription": "The sort direction. Choose one of the following options:\n\n- `ASC` : Ascending\n- `DESC` : Descending", - "title": "Direction", - "type": "string" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" }, - "FieldId": { - "markdownDescription": "The sort configuration target field.", - "title": "FieldId", + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", "type": "string" + }, + "IncludeInnerSet": { + "markdownDescription": "A boolean condition to include or exclude the subset that is defined by the values of the nested inner filter.", + "title": "IncludeInnerSet", + "type": "boolean" + }, + "InnerFilter": { + "$ref": "#/definitions/AWS::QuickSight::Template.InnerFilter", + "markdownDescription": "The `InnerFilter` defines the subset of data to be used with the `NestedFilter` .", + "title": "InnerFilter" } }, "required": [ - "Direction", - "FieldId" + "Column", + "FilterId", + "IncludeInnerSet", + "InnerFilter" ], "type": "object" }, - "AWS::QuickSight::Template.FieldSortOptions": { + "AWS::QuickSight::Template.NullValueFormatConfiguration": { "additionalProperties": false, "properties": { - "ColumnSort": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnSort", - "markdownDescription": "The sort configuration for a column that is not used in a field well.", - "title": "ColumnSort" - }, - "FieldSort": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSort", - "markdownDescription": "The sort configuration for a field in a field well.", - "title": "FieldSort" + "NullString": { + "markdownDescription": "Determines the null string of null values.", + "title": "NullString", + "type": "string" } }, + "required": [ + "NullString" + ], "type": "object" }, - "AWS::QuickSight::Template.FieldTooltipItem": { + "AWS::QuickSight::Template.NumberDisplayFormatConfiguration": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The unique ID of the field that is targeted by the tooltip.", - "title": "FieldId", + "DecimalPlacesConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DecimalPlacesConfiguration", + "markdownDescription": "The option that determines the decimal places configuration.", + "title": "DecimalPlacesConfiguration" + }, + "NegativeValueConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NegativeValueConfiguration", + "markdownDescription": "The options that determine the negative value configuration.", + "title": "NegativeValueConfiguration" + }, + "NullValueFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NullValueFormatConfiguration", + "markdownDescription": "The options that determine the null value format configuration.", + "title": "NullValueFormatConfiguration" + }, + "NumberScale": { + "markdownDescription": "Determines the number scale value of the number format.", + "title": "NumberScale", "type": "string" }, - "Label": { - "markdownDescription": "The label of the tooltip item.", - "title": "Label", + "Prefix": { + "markdownDescription": "Determines the prefix value of the number format.", + "title": "Prefix", "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the tooltip item.", - "title": "Visibility", + "SeparatorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericSeparatorConfiguration", + "markdownDescription": "The options that determine the numeric separator configuration.", + "title": "SeparatorConfiguration" + }, + "Suffix": { + "markdownDescription": "Determines the suffix value of the number format.", + "title": "Suffix", "type": "string" } }, - "required": [ - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Template.FilledMapAggregatedFieldWells": { + "AWS::QuickSight::Template.NumberFormatConfiguration": { "additionalProperties": false, "properties": { - "Geospatial": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The aggregated location field well of the filled map. Values are grouped by location fields.", - "title": "Geospatial", - "type": "array" - }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" - }, - "markdownDescription": "The aggregated color field well of a filled map. Values are aggregated based on location fields.", - "title": "Values", - "type": "array" + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericFormatConfiguration", + "markdownDescription": "The options that determine the numeric format configuration.", + "title": "FormatConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Template.FilledMapConditionalFormatting": { + "AWS::QuickSight::Template.NumericAxisOptions": { "additionalProperties": false, "properties": { - "ConditionalFormattingOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapConditionalFormattingOption" - }, - "markdownDescription": "Conditional formatting options of a `FilledMapVisual` .", - "title": "ConditionalFormattingOptions", - "type": "array" + "Range": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayRange", + "markdownDescription": "The range setup of a numeric axis.", + "title": "Range" + }, + "Scale": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisScale", + "markdownDescription": "The scale setup of a numeric axis.", + "title": "Scale" } }, - "required": [ - "ConditionalFormattingOptions" - ], "type": "object" }, - "AWS::QuickSight::Template.FilledMapConditionalFormattingOption": { + "AWS::QuickSight::Template.NumericEqualityDrillDownFilter": { "additionalProperties": false, "properties": { - "Shape": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapShapeConditionalFormatting", - "markdownDescription": "The conditional formatting that determines the shape of the filled map.", - "title": "Shape" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "Value": { + "markdownDescription": "The value of the double input numeric drill down filter.", + "title": "Value", + "type": "number" } }, "required": [ - "Shape" + "Column", + "Value" ], "type": "object" }, - "AWS::QuickSight::Template.FilledMapConfiguration": { + "AWS::QuickSight::Template.NumericEqualityFilter": { "additionalProperties": false, "properties": { - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Template.AggregationFunction", + "markdownDescription": "The aggregation function of the filter.", + "title": "AggregationFunction" }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" }, - "MapStyleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialMapStyleOptions", - "markdownDescription": "The map style options of the filled map visual.", - "title": "MapStyleOptions" + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapSortConfiguration", - "markdownDescription": "The sort configuration of a `FilledMapVisual` .", - "title": "SortConfiguration" + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" + "MatchOperator": { + "markdownDescription": "The match operator that is used to determine if a filter should be applied.", + "title": "MatchOperator", + "type": "string" }, - "WindowOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialWindowOptions", - "markdownDescription": "The window options of the filled map visual.", - "title": "WindowOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.FilledMapFieldWells": { - "additionalProperties": false, - "properties": { - "FilledMapAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapAggregatedFieldWells", - "markdownDescription": "The aggregated field well of the filled map.", - "title": "FilledMapAggregatedFieldWells" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.FilledMapShapeConditionalFormatting": { - "additionalProperties": false, - "properties": { - "FieldId": { - "markdownDescription": "The field ID of the filled map shape.", - "title": "FieldId", + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", "type": "string" }, - "Format": { - "$ref": "#/definitions/AWS::QuickSight::Template.ShapeConditionalFormat", - "markdownDescription": "The conditional formatting that determines the background color of a filled map's shape.", - "title": "Format" + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.", + "title": "ParameterName", + "type": "string" + }, + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", + "type": "string" + }, + "Value": { + "markdownDescription": "The input value.", + "title": "Value", + "type": "number" } }, "required": [ - "FieldId" + "Column", + "FilterId", + "MatchOperator", + "NullOption" ], "type": "object" }, - "AWS::QuickSight::Template.FilledMapSortConfiguration": { + "AWS::QuickSight::Template.NumericFormatConfiguration": { "additionalProperties": false, "properties": { - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the location fields.", - "title": "CategorySort", - "type": "array" + "CurrencyDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.CurrencyDisplayFormatConfiguration", + "markdownDescription": "The options that determine the currency display format configuration.", + "title": "CurrencyDisplayFormatConfiguration" + }, + "NumberDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumberDisplayFormatConfiguration", + "markdownDescription": "The options that determine the number display format configuration.", + "title": "NumberDisplayFormatConfiguration" + }, + "PercentageDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.PercentageDisplayFormatConfiguration", + "markdownDescription": "The options that determine the percentage display format configuration.", + "title": "PercentageDisplayFormatConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Template.FilledMapVisual": { + "AWS::QuickSight::Template.NumericRangeFilter": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Template.AggregationFunction", + "markdownDescription": "The aggregation function of the filter.", + "title": "AggregationFunction" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" }, - "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapConditionalFormatting", - "markdownDescription": "The conditional formatting of a `FilledMapVisual` .", - "title": "ConditionalFormatting" + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "IncludeMaximum": { + "markdownDescription": "Determines whether the maximum value in the filter value range should be included in the filtered results.", + "title": "IncludeMaximum", + "type": "boolean" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "IncludeMinimum": { + "markdownDescription": "Determines whether the minimum value in the filter value range should be included in the filtered results.", + "title": "IncludeMinimum", + "type": "boolean" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" + }, + "RangeMaximum": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericRangeFilterValue", + "markdownDescription": "The maximum value for the filter value range.", + "title": "RangeMaximum" + }, + "RangeMinimum": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericRangeFilterValue", + "markdownDescription": "The minimum value for the filter value range.", + "title": "RangeMinimum" + }, + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", "type": "string" } }, "required": [ - "VisualId" + "Column", + "FilterId", + "NullOption" ], "type": "object" }, - "AWS::QuickSight::Template.Filter": { + "AWS::QuickSight::Template.NumericRangeFilterValue": { "additionalProperties": false, "properties": { - "CategoryFilter": { - "$ref": "#/definitions/AWS::QuickSight::Template.CategoryFilter", - "markdownDescription": "A `CategoryFilter` filters text values.\n\nFor more information, see [Adding text filters](https://docs.aws.amazon.com/quicksight/latest/user/add-a-text-filter-data-prep.html) in the *Amazon QuickSight User Guide* .", - "title": "CategoryFilter" - }, - "NumericEqualityFilter": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericEqualityFilter", - "markdownDescription": "A `NumericEqualityFilter` filters numeric values that equal or do not equal a given numeric value.", - "title": "NumericEqualityFilter" - }, - "NumericRangeFilter": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericRangeFilter", - "markdownDescription": "A `NumericRangeFilter` filters numeric values that are either inside or outside a given numeric range.", - "title": "NumericRangeFilter" - }, - "RelativeDatesFilter": { - "$ref": "#/definitions/AWS::QuickSight::Template.RelativeDatesFilter", - "markdownDescription": "A `RelativeDatesFilter` filters date values that are relative to a given date.", - "title": "RelativeDatesFilter" - }, - "TimeEqualityFilter": { - "$ref": "#/definitions/AWS::QuickSight::Template.TimeEqualityFilter", - "markdownDescription": "A `TimeEqualityFilter` filters date-time values that equal or do not equal a given date/time value.", - "title": "TimeEqualityFilter" - }, - "TimeRangeFilter": { - "$ref": "#/definitions/AWS::QuickSight::Template.TimeRangeFilter", - "markdownDescription": "A `TimeRangeFilter` filters date-time values that are either inside or outside a given date/time range.", - "title": "TimeRangeFilter" + "Parameter": { + "markdownDescription": "The parameter that is used in the numeric range.", + "title": "Parameter", + "type": "string" }, - "TopBottomFilter": { - "$ref": "#/definitions/AWS::QuickSight::Template.TopBottomFilter", - "markdownDescription": "A `TopBottomFilter` filters data to the top or bottom values for a given column.", - "title": "TopBottomFilter" + "StaticValue": { + "markdownDescription": "The static value of the numeric range filter.", + "title": "StaticValue", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Template.FilterControl": { + "AWS::QuickSight::Template.NumericSeparatorConfiguration": { "additionalProperties": false, "properties": { - "CrossSheet": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterCrossSheetControl", - "markdownDescription": "A control from a filter that is scoped across more than one sheet. This represents your filter control on a sheet", - "title": "CrossSheet" - }, - "DateTimePicker": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterDateTimePickerControl", - "markdownDescription": "A control from a date filter that is used to specify date and time.", - "title": "DateTimePicker" - }, - "Dropdown": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterDropDownControl", - "markdownDescription": "A control to display a dropdown list with buttons that are used to select a single value.", - "title": "Dropdown" - }, - "List": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterListControl", - "markdownDescription": "A control to display a list of buttons or boxes. This is used to select either a single value or multiple values.", - "title": "List" - }, - "RelativeDateTime": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterRelativeDateTimeControl", - "markdownDescription": "A control from a date filter that is used to specify the relative date.", - "title": "RelativeDateTime" - }, - "Slider": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterSliderControl", - "markdownDescription": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle.", - "title": "Slider" + "DecimalSeparator": { + "markdownDescription": "Determines the decimal separator.", + "title": "DecimalSeparator", + "type": "string" }, - "TextArea": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterTextAreaControl", - "markdownDescription": "A control to display a text box that is used to enter multiple entries.", - "title": "TextArea" + "ThousandsSeparator": { + "$ref": "#/definitions/AWS::QuickSight::Template.ThousandSeparatorOptions", + "markdownDescription": "The options that determine the thousands separator configuration.", + "title": "ThousandsSeparator" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.NumericalAggregationFunction": { + "additionalProperties": false, + "properties": { + "PercentileAggregation": { + "$ref": "#/definitions/AWS::QuickSight::Template.PercentileAggregation", + "markdownDescription": "An aggregation based on the percentile of values in a dimension or measure.", + "title": "PercentileAggregation" }, - "TextField": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterTextFieldControl", - "markdownDescription": "A control to display a text box that is used to enter a single entry.", - "title": "TextField" + "SimpleNumericalAggregation": { + "markdownDescription": "Built-in aggregation functions for numerical values.\n\n- `SUM` : The sum of a dimension or measure.\n- `AVERAGE` : The average of a dimension or measure.\n- `MIN` : The minimum value of a dimension or measure.\n- `MAX` : The maximum value of a dimension or measure.\n- `COUNT` : The count of a dimension or measure.\n- `DISTINCT_COUNT` : The count of distinct values in a dimension or measure.\n- `VAR` : The variance of a dimension or measure.\n- `VARP` : The partitioned variance of a dimension or measure.\n- `STDEV` : The standard deviation of a dimension or measure.\n- `STDEVP` : The partitioned standard deviation of a dimension or measure.\n- `MEDIAN` : The median value of a dimension or measure.", + "title": "SimpleNumericalAggregation", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.FilterCrossSheetControl": { + "AWS::QuickSight::Template.NumericalDimensionField": { "additionalProperties": false, "properties": { - "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.CascadingControlConfiguration", - "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", - "title": "CascadingControlConfiguration" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that is used in the `NumericalDimensionField` .", + "title": "Column" }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterCrossSheetControl` .", - "title": "FilterControlId", + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", "type": "string" }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterCrossSheetControl` .", - "title": "SourceFilterId", + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumberFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" + }, + "HierarchyId": { + "markdownDescription": "The custom hierarchy ID.", + "title": "HierarchyId", "type": "string" } }, "required": [ - "FilterControlId", - "SourceFilterId" + "Column", + "FieldId" ], "type": "object" }, - "AWS::QuickSight::Template.FilterDateTimePickerControl": { + "AWS::QuickSight::Template.NumericalMeasureField": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DateTimePickerControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericalAggregationFunction", + "markdownDescription": "The aggregation function of the measure field.", + "title": "AggregationFunction" }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterDateTimePickerControl` .", - "title": "FilterControlId", - "type": "string" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that is used in the `NumericalMeasureField` .", + "title": "Column" }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterDateTimePickerControl` .", - "title": "SourceFilterId", + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", "type": "string" }, - "Title": { - "markdownDescription": "The title of the `FilterDateTimePickerControl` .", - "title": "Title", - "type": "string" + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumberFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" + } + }, + "required": [ + "Column", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.PaginationConfiguration": { + "additionalProperties": false, + "properties": { + "PageNumber": { + "markdownDescription": "Indicates the page number.", + "title": "PageNumber", + "type": "number" }, - "Type": { - "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", - "title": "Type", - "type": "string" + "PageSize": { + "markdownDescription": "Indicates how many items render in one page.", + "title": "PageSize", + "type": "number" } }, "required": [ - "FilterControlId", - "SourceFilterId", - "Title" + "PageNumber", + "PageSize" ], "type": "object" }, - "AWS::QuickSight::Template.FilterDropDownControl": { + "AWS::QuickSight::Template.PanelConfiguration": { "additionalProperties": false, "properties": { - "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.CascadingControlConfiguration", - "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", - "title": "CascadingControlConfiguration" + "BackgroundColor": { + "markdownDescription": "Sets the background color for each panel.", + "title": "BackgroundColor", + "type": "string" }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DropDownControlDisplayOptions", - "markdownDescription": "The display options of the `FilterDropDownControl` .", - "title": "DisplayOptions" + "BackgroundVisibility": { + "markdownDescription": "Determines whether or not a background for each small multiples panel is rendered.", + "title": "BackgroundVisibility", + "type": "object" }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterDropDownControl` .", - "title": "FilterControlId", + "BorderColor": { + "markdownDescription": "Sets the line color of panel borders.", + "title": "BorderColor", "type": "string" }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" - }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterDropDownControl` .", - "title": "SourceFilterId", + "BorderStyle": { + "markdownDescription": "Sets the line style of panel borders.", + "title": "BorderStyle", "type": "string" }, - "Title": { - "markdownDescription": "The title of the `FilterDropDownControl` .", - "title": "Title", + "BorderThickness": { + "markdownDescription": "Sets the line thickness of panel borders.", + "title": "BorderThickness", "type": "string" }, - "Type": { - "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", - "title": "Type", + "BorderVisibility": { + "markdownDescription": "Determines whether or not each panel displays a border.", + "title": "BorderVisibility", + "type": "object" + }, + "GutterSpacing": { + "markdownDescription": "Sets the total amount of negative space to display between sibling panels.", + "title": "GutterSpacing", "type": "string" + }, + "GutterVisibility": { + "markdownDescription": "Determines whether or not negative space between sibling panels is rendered.", + "title": "GutterVisibility", + "type": "object" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.PanelTitleOptions", + "markdownDescription": "Configures the title display within each small multiples panel.", + "title": "Title" } }, - "required": [ - "FilterControlId", - "SourceFilterId", - "Title" - ], "type": "object" }, - "AWS::QuickSight::Template.FilterGroup": { + "AWS::QuickSight::Template.PanelTitleOptions": { "additionalProperties": false, "properties": { - "CrossDataset": { - "markdownDescription": "The filter new feature which can apply filter group to all data sets. Choose one of the following options:\n\n- `ALL_DATASETS`\n- `SINGLE_DATASET`", - "title": "CrossDataset", - "type": "string" + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "markdownDescription": "", + "title": "FontConfiguration" }, - "FilterGroupId": { - "markdownDescription": "The value that uniquely identifies a `FilterGroup` within a dashboard, template, or analysis.", - "title": "FilterGroupId", + "HorizontalTextAlignment": { + "markdownDescription": "Sets the horizontal text alignment of the title within each panel.", + "title": "HorizontalTextAlignment", "type": "string" }, - "Filters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.Filter" - }, - "markdownDescription": "The list of filters that are present in a `FilterGroup` .", - "title": "Filters", - "type": "array" + "Visibility": { + "markdownDescription": "Determines whether or not panel titles are displayed.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ParameterControl": { + "additionalProperties": false, + "properties": { + "DateTimePicker": { + "$ref": "#/definitions/AWS::QuickSight::Template.ParameterDateTimePickerControl", + "markdownDescription": "A control from a date parameter that specifies date and time.", + "title": "DateTimePicker" }, - "ScopeConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterScopeConfiguration", - "markdownDescription": "The configuration that specifies what scope to apply to a `FilterGroup` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", - "title": "ScopeConfiguration" + "Dropdown": { + "$ref": "#/definitions/AWS::QuickSight::Template.ParameterDropDownControl", + "markdownDescription": "A control to display a dropdown list with buttons that are used to select a single value.", + "title": "Dropdown" }, - "Status": { - "markdownDescription": "The status of the `FilterGroup` .", - "title": "Status", - "type": "string" + "List": { + "$ref": "#/definitions/AWS::QuickSight::Template.ParameterListControl", + "markdownDescription": "A control to display a list with buttons or boxes that are used to select either a single value or multiple values.", + "title": "List" + }, + "Slider": { + "$ref": "#/definitions/AWS::QuickSight::Template.ParameterSliderControl", + "markdownDescription": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle.", + "title": "Slider" + }, + "TextArea": { + "$ref": "#/definitions/AWS::QuickSight::Template.ParameterTextAreaControl", + "markdownDescription": "A control to display a text box that is used to enter multiple entries.", + "title": "TextArea" + }, + "TextField": { + "$ref": "#/definitions/AWS::QuickSight::Template.ParameterTextFieldControl", + "markdownDescription": "A control to display a text box that is used to enter a single entry.", + "title": "TextField" } }, - "required": [ - "CrossDataset", - "FilterGroupId", - "Filters", - "ScopeConfiguration" - ], "type": "object" }, - "AWS::QuickSight::Template.FilterListConfiguration": { + "AWS::QuickSight::Template.ParameterDateTimePickerControl": { "additionalProperties": false, "properties": { - "CategoryValues": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of category values for the filter.", - "title": "CategoryValues", - "type": "array" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DateTimePickerControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" }, - "MatchOperator": { - "markdownDescription": "The match operator that is used to determine if a filter should be applied.", - "title": "MatchOperator", + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterDateTimePickerControl` .", + "title": "ParameterControlId", "type": "string" }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", + "SourceParameterName": { + "markdownDescription": "The name of the `ParameterDateTimePickerControl` .", + "title": "SourceParameterName", "type": "string" }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", + "Title": { + "markdownDescription": "The title of the `ParameterDateTimePickerControl` .", + "title": "Title", "type": "string" } }, "required": [ - "MatchOperator" + "ParameterControlId", + "SourceParameterName", + "Title" ], "type": "object" }, - "AWS::QuickSight::Template.FilterListControl": { + "AWS::QuickSight::Template.ParameterDeclaration": { + "additionalProperties": false, + "properties": { + "DateTimeParameterDeclaration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeParameterDeclaration", + "markdownDescription": "A parameter declaration for the `DateTime` data type.", + "title": "DateTimeParameterDeclaration" + }, + "DecimalParameterDeclaration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DecimalParameterDeclaration", + "markdownDescription": "A parameter declaration for the `Decimal` data type.", + "title": "DecimalParameterDeclaration" + }, + "IntegerParameterDeclaration": { + "$ref": "#/definitions/AWS::QuickSight::Template.IntegerParameterDeclaration", + "markdownDescription": "A parameter declaration for the `Integer` data type.", + "title": "IntegerParameterDeclaration" + }, + "StringParameterDeclaration": { + "$ref": "#/definitions/AWS::QuickSight::Template.StringParameterDeclaration", + "markdownDescription": "A parameter declaration for the `String` data type.", + "title": "StringParameterDeclaration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ParameterDropDownControl": { "additionalProperties": false, "properties": { "CascadingControlConfiguration": { @@ -214135,144 +258942,115 @@ "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", "title": "CascadingControlConfiguration" }, + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `ParameterDropDownControl` .", + "title": "CommitMode", + "type": "string" + }, "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ListControlDisplayOptions", + "$ref": "#/definitions/AWS::QuickSight::Template.DropDownControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterListControl` .", - "title": "FilterControlId", + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterDropDownControl` .", + "title": "ParameterControlId", "type": "string" }, "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterSelectableValues", + "$ref": "#/definitions/AWS::QuickSight::Template.ParameterSelectableValues", "markdownDescription": "A list of selectable values that are used in a control.", "title": "SelectableValues" }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterListControl` .", - "title": "SourceFilterId", + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterDropDownControl` .", + "title": "SourceParameterName", "type": "string" }, "Title": { - "markdownDescription": "The title of the `FilterListControl` .", + "markdownDescription": "The title of the `ParameterDropDownControl` .", "title": "Title", "type": "string" }, "Type": { - "markdownDescription": "The type of the `FilterListControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list.", + "markdownDescription": "The type parameter name of the `ParameterDropDownControl` .", "title": "Type", "type": "string" } }, "required": [ - "FilterControlId", - "SourceFilterId", + "ParameterControlId", + "SourceParameterName", "Title" ], "type": "object" }, - "AWS::QuickSight::Template.FilterOperationSelectedFieldsConfiguration": { + "AWS::QuickSight::Template.ParameterListControl": { "additionalProperties": false, "properties": { - "SelectedColumns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier" - }, - "markdownDescription": "The selected columns of a dataset.", - "title": "SelectedColumns", - "type": "array" - }, - "SelectedFieldOptions": { - "markdownDescription": "A structure that contains the options that choose which fields are filtered in the `CustomActionFilterOperation` .\n\nValid values are defined as follows:\n\n- `ALL_FIELDS` : Applies the filter operation to all fields.", - "title": "SelectedFieldOptions", - "type": "string" + "CascadingControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.CascadingControlConfiguration", + "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", + "title": "CascadingControlConfiguration" }, - "SelectedFields": { - "items": { - "type": "string" - }, - "markdownDescription": "Chooses the fields that are filtered in `CustomActionFilterOperation` .", - "title": "SelectedFields", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.FilterOperationTargetVisualsConfiguration": { - "additionalProperties": false, - "properties": { - "SameSheetTargetVisualConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.SameSheetTargetVisualConfiguration", - "markdownDescription": "The configuration of the same-sheet target visuals that you want to be filtered.", - "title": "SameSheetTargetVisualConfiguration" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.FilterRelativeDateTimeControl": { - "additionalProperties": false, - "properties": { "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.RelativeDateTimeControlDisplayOptions", + "$ref": "#/definitions/AWS::QuickSight::Template.ListControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterTextAreaControl` .", - "title": "FilterControlId", + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterListControl` .", + "title": "ParameterControlId", "type": "string" }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterTextAreaControl` .", - "title": "SourceFilterId", + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Template.ParameterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterListControl` .", + "title": "SourceParameterName", "type": "string" }, "Title": { - "markdownDescription": "The title of the `FilterTextAreaControl` .", + "markdownDescription": "The title of the `ParameterListControl` .", "title": "Title", "type": "string" + }, + "Type": { + "markdownDescription": "The type of `ParameterListControl` .", + "title": "Type", + "type": "string" } }, "required": [ - "FilterControlId", - "SourceFilterId", + "ParameterControlId", + "SourceParameterName", "Title" ], "type": "object" }, - "AWS::QuickSight::Template.FilterScopeConfiguration": { + "AWS::QuickSight::Template.ParameterSelectableValues": { "additionalProperties": false, "properties": { - "AllSheets": { - "markdownDescription": "The configuration that applies a filter to all sheets. When you choose `AllSheets` as the value for a `FilterScopeConfiguration` , this filter is applied to all visuals of all sheets in an Analysis, Dashboard, or Template. The `AllSheetsFilterScopeConfiguration` is chosen.", - "title": "AllSheets", - "type": "object" + "LinkToDataSetColumn": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column identifier that fetches values from the data set.", + "title": "LinkToDataSetColumn" }, - "SelectedSheets": { - "$ref": "#/definitions/AWS::QuickSight::Template.SelectedSheetsFilterScopeConfiguration", - "markdownDescription": "The configuration for applying a filter to specific sheets.", - "title": "SelectedSheets" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.FilterSelectableValues": { - "additionalProperties": false, - "properties": { "Values": { "items": { "type": "string" }, - "markdownDescription": "The values that are used in the `FilterSelectableValues` .", + "markdownDescription": "The values that are used in `ParameterSelectableValues` .", "title": "Values", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.FilterSliderControl": { + "AWS::QuickSight::Template.ParameterSliderControl": { "additionalProperties": false, "properties": { "DisplayOptions": { @@ -214280,11 +259058,6 @@ "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterSliderControl` .", - "title": "FilterControlId", - "type": "string" - }, "MaximumValue": { "markdownDescription": "The larger value that is displayed at the right of the slider.", "title": "MaximumValue", @@ -214295,9 +259068,14 @@ "title": "MinimumValue", "type": "number" }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterSliderControl` .", - "title": "SourceFilterId", + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterSliderControl` .", + "title": "ParameterControlId", + "type": "string" + }, + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterSliderControl` .", + "title": "SourceParameterName", "type": "string" }, "StepSize": { @@ -214306,27 +259084,22 @@ "type": "number" }, "Title": { - "markdownDescription": "The title of the `FilterSliderControl` .", + "markdownDescription": "The title of the `ParameterSliderControl` .", "title": "Title", "type": "string" - }, - "Type": { - "markdownDescription": "The type of the `FilterSliderControl` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range.", - "title": "Type", - "type": "string" } }, "required": [ - "FilterControlId", "MaximumValue", "MinimumValue", - "SourceFilterId", + "ParameterControlId", + "SourceParameterName", "StepSize", "Title" ], "type": "object" }, - "AWS::QuickSight::Template.FilterTextAreaControl": { + "AWS::QuickSight::Template.ParameterTextAreaControl": { "additionalProperties": false, "properties": { "Delimiter": { @@ -214339,30 +259112,30 @@ "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterTextAreaControl` .", - "title": "FilterControlId", + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterTextAreaControl` .", + "title": "ParameterControlId", "type": "string" }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterTextAreaControl` .", - "title": "SourceFilterId", + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterTextAreaControl` .", + "title": "SourceParameterName", "type": "string" }, "Title": { - "markdownDescription": "The title of the `FilterTextAreaControl` .", + "markdownDescription": "The title of the `ParameterTextAreaControl` .", "title": "Title", "type": "string" } }, "required": [ - "FilterControlId", - "SourceFilterId", + "ParameterControlId", + "SourceParameterName", "Title" ], "type": "object" }, - "AWS::QuickSight::Template.FilterTextFieldControl": { + "AWS::QuickSight::Template.ParameterTextFieldControl": { "additionalProperties": false, "properties": { "DisplayOptions": { @@ -214370,83 +259143,122 @@ "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterTextFieldControl` .", - "title": "FilterControlId", + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterTextFieldControl` .", + "title": "ParameterControlId", "type": "string" }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterTextFieldControl` .", - "title": "SourceFilterId", + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterTextFieldControl` .", + "title": "SourceParameterName", "type": "string" }, "Title": { - "markdownDescription": "The title of the `FilterTextFieldControl` .", + "markdownDescription": "The title of the `ParameterTextFieldControl` .", "title": "Title", "type": "string" } }, "required": [ - "FilterControlId", - "SourceFilterId", + "ParameterControlId", + "SourceParameterName", "Title" ], "type": "object" }, - "AWS::QuickSight::Template.FontConfiguration": { + "AWS::QuickSight::Template.PercentVisibleRange": { "additionalProperties": false, "properties": { - "FontColor": { - "markdownDescription": "Determines the color of the text.", - "title": "FontColor", - "type": "string" + "From": { + "markdownDescription": "The lower bound of the range.", + "title": "From", + "type": "number" }, - "FontDecoration": { - "markdownDescription": "Determines the appearance of decorative lines on the text.", - "title": "FontDecoration", - "type": "string" + "To": { + "markdownDescription": "The top bound of the range.", + "title": "To", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PercentageDisplayFormatConfiguration": { + "additionalProperties": false, + "properties": { + "DecimalPlacesConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DecimalPlacesConfiguration", + "markdownDescription": "The option that determines the decimal places configuration.", + "title": "DecimalPlacesConfiguration" }, - "FontSize": { - "$ref": "#/definitions/AWS::QuickSight::Template.FontSize", - "markdownDescription": "The option that determines the text display size.", - "title": "FontSize" + "NegativeValueConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NegativeValueConfiguration", + "markdownDescription": "The options that determine the negative value configuration.", + "title": "NegativeValueConfiguration" }, - "FontStyle": { - "markdownDescription": "Determines the text display face that is inherited by the given font family.", - "title": "FontStyle", + "NullValueFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NullValueFormatConfiguration", + "markdownDescription": "The options that determine the null value format configuration.", + "title": "NullValueFormatConfiguration" + }, + "Prefix": { + "markdownDescription": "Determines the prefix value of the percentage format.", + "title": "Prefix", "type": "string" }, - "FontWeight": { - "$ref": "#/definitions/AWS::QuickSight::Template.FontWeight", - "markdownDescription": "The option that determines the text display weight, or boldness.", - "title": "FontWeight" + "SeparatorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericSeparatorConfiguration", + "markdownDescription": "The options that determine the numeric separator configuration.", + "title": "SeparatorConfiguration" + }, + "Suffix": { + "markdownDescription": "Determines the suffix value of the percentage format.", + "title": "Suffix", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.FontSize": { + "AWS::QuickSight::Template.PercentileAggregation": { "additionalProperties": false, "properties": { - "Relative": { - "markdownDescription": "The lexical name for the text size, proportional to its surrounding context.", - "title": "Relative", - "type": "string" + "PercentileValue": { + "markdownDescription": "The percentile value. This value can be any numeric constant 0\u2013100. A percentile value of 50 computes the median value of the measure.", + "title": "PercentileValue", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Template.FontWeight": { + "AWS::QuickSight::Template.PeriodOverPeriodComputation": { "additionalProperties": false, "properties": { + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, "Name": { - "markdownDescription": "The lexical name for the level of boldness of the text display.", + "markdownDescription": "The name of a computation.", "title": "Name", "type": "string" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" } }, + "required": [ + "ComputationId" + ], "type": "object" }, - "AWS::QuickSight::Template.ForecastComputation": { + "AWS::QuickSight::Template.PeriodToDateComputation": { "additionalProperties": false, "properties": { "ComputationId": { @@ -214454,39 +259266,14 @@ "title": "ComputationId", "type": "string" }, - "CustomSeasonalityValue": { - "markdownDescription": "The custom seasonality value setup of a forecast computation.", - "title": "CustomSeasonalityValue", - "type": "number" - }, - "LowerBoundary": { - "markdownDescription": "The lower boundary setup of a forecast computation.", - "title": "LowerBoundary", - "type": "number" - }, "Name": { "markdownDescription": "The name of a computation.", "title": "Name", "type": "string" }, - "PeriodsBackward": { - "markdownDescription": "The periods backward setup of a forecast computation.", - "title": "PeriodsBackward", - "type": "number" - }, - "PeriodsForward": { - "markdownDescription": "The periods forward setup of a forecast computation.", - "title": "PeriodsForward", - "type": "number" - }, - "PredictionInterval": { - "markdownDescription": "The prediction interval setup of a forecast computation.", - "title": "PredictionInterval", - "type": "number" - }, - "Seasonality": { - "markdownDescription": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `AUTOMATIC`\n- `CUSTOM` : Checks the custom seasonality value.", - "title": "Seasonality", + "PeriodTimeGranularity": { + "markdownDescription": "The time granularity setup of period to date computation. Choose from the following options:\n\n- YEAR: Year to date.\n- MONTH: Month to date.", + "title": "PeriodTimeGranularity", "type": "string" }, "Time": { @@ -214494,11 +259281,6 @@ "markdownDescription": "The time field that is used in a computation.", "title": "Time" }, - "UpperBoundary": { - "markdownDescription": "The upper boundary setup of a forecast computation.", - "title": "UpperBoundary", - "type": "number" - }, "Value": { "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", "markdownDescription": "The value field that is used in a computation.", @@ -214510,553 +259292,658 @@ ], "type": "object" }, - "AWS::QuickSight::Template.ForecastConfiguration": { + "AWS::QuickSight::Template.PieChartAggregatedFieldWells": { "additionalProperties": false, "properties": { - "ForecastProperties": { - "$ref": "#/definitions/AWS::QuickSight::Template.TimeBasedForecastProperties", - "markdownDescription": "The forecast properties setup of a forecast in the line chart.", - "title": "ForecastProperties" + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The category (group/color) field wells of a pie chart.", + "title": "Category", + "type": "array" }, - "Scenario": { - "$ref": "#/definitions/AWS::QuickSight::Template.ForecastScenario", - "markdownDescription": "The forecast scenario of a forecast in the line chart.", - "title": "Scenario" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.ForecastScenario": { - "additionalProperties": false, - "properties": { - "WhatIfPointScenario": { - "$ref": "#/definitions/AWS::QuickSight::Template.WhatIfPointScenario", - "markdownDescription": "The what-if analysis forecast setup with the target date.", - "title": "WhatIfPointScenario" + "SmallMultiples": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The small multiples field well of a pie chart.", + "title": "SmallMultiples", + "type": "array" }, - "WhatIfRangeScenario": { - "$ref": "#/definitions/AWS::QuickSight::Template.WhatIfRangeScenario", - "markdownDescription": "The what-if analysis forecast setup with the date range.", - "title": "WhatIfRangeScenario" + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The value field wells of a pie chart. Values are aggregated based on categories.", + "title": "Values", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.FormatConfiguration": { + "AWS::QuickSight::Template.PieChartConfiguration": { "additionalProperties": false, "properties": { - "DateTimeFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeFormatConfiguration", - "markdownDescription": "Formatting configuration for `DateTime` fields.", - "title": "DateTimeFormatConfiguration" + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options of the group/color that is displayed in a pie chart.", + "title": "CategoryLabelOptions" }, - "NumberFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumberFormatConfiguration", - "markdownDescription": "Formatting configuration for number fields.", - "title": "NumberFormatConfiguration" + "ContributionAnalysisDefaults": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ContributionAnalysisDefault" + }, + "markdownDescription": "The contribution analysis (anomaly configuration) setup of the visual.", + "title": "ContributionAnalysisDefaults", + "type": "array" }, - "StringFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.StringFormatConfiguration", - "markdownDescription": "Formatting configuration for string fields.", - "title": "StringFormatConfiguration" + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.", + "title": "DataLabels" + }, + "DonutOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DonutOptions", + "markdownDescription": "The options that determine the shape of the chart. This option determines whether the chart is a pie chart or a donut chart.", + "title": "DonutOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.PieChartFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "SmallMultiplesOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SmallMultiplesOptions", + "markdownDescription": "The small multiples setup for the visual.", + "title": "SmallMultiplesOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.PieChartSortConfiguration", + "markdownDescription": "The sort configuration of a pie chart.", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + }, + "ValueLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options for the value that is displayed in a pie chart.", + "title": "ValueLabelOptions" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" } }, "type": "object" }, - "AWS::QuickSight::Template.FreeFormLayoutCanvasSizeOptions": { + "AWS::QuickSight::Template.PieChartFieldWells": { "additionalProperties": false, "properties": { - "ScreenCanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutScreenCanvasSizeOptions", - "markdownDescription": "The options that determine the sizing of the canvas used in a free-form layout.", - "title": "ScreenCanvasSizeOptions" + "PieChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.PieChartAggregatedFieldWells", + "markdownDescription": "The field well configuration of a pie chart.", + "title": "PieChartAggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Template.FreeFormLayoutConfiguration": { + "AWS::QuickSight::Template.PieChartSortConfiguration": { "additionalProperties": false, "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutCanvasSizeOptions", - "markdownDescription": "", - "title": "CanvasSizeOptions" + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of categories that are displayed in a pie chart.", + "title": "CategoryItemsLimit" }, - "Elements": { + "CategorySort": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutElement" + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" }, - "markdownDescription": "The elements that are included in a free-form layout.", - "title": "Elements", + "markdownDescription": "The sort configuration of the category fields.", + "title": "CategorySort", + "type": "array" + }, + "SmallMultiplesLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of small multiples panels that are displayed.", + "title": "SmallMultiplesLimitConfiguration" + }, + "SmallMultiplesSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the small multiples field.", + "title": "SmallMultiplesSort", "type": "array" } }, - "required": [ - "Elements" - ], "type": "object" }, - "AWS::QuickSight::Template.FreeFormLayoutElement": { + "AWS::QuickSight::Template.PieChartVisual": { "additionalProperties": false, "properties": { - "BackgroundStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutElementBackgroundStyle", - "markdownDescription": "The background style configuration of a free-form layout element.", - "title": "BackgroundStyle" - }, - "BorderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutElementBorderStyle", - "markdownDescription": "The border style configuration of a free-form layout element.", - "title": "BorderStyle" - }, - "ElementId": { - "markdownDescription": "A unique identifier for an element within a free-form layout.", - "title": "ElementId", - "type": "string" - }, - "ElementType": { - "markdownDescription": "The type of element.", - "title": "ElementType", - "type": "string" - }, - "Height": { - "markdownDescription": "The height of an element within a free-form layout.", - "title": "Height", - "type": "string" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" }, - "LoadingAnimation": { - "$ref": "#/definitions/AWS::QuickSight::Template.LoadingAnimation", - "markdownDescription": "The loading animation configuration of a free-form layout element.", - "title": "LoadingAnimation" + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.PieChartConfiguration", + "markdownDescription": "The configuration of a pie chart.", + "title": "ChartConfiguration" }, - "RenderingRules": { + "ColumnHierarchies": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetElementRenderingRule" + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" }, - "markdownDescription": "The rendering rules that determine when an element should be displayed within a free-form layout.", - "title": "RenderingRules", + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", "type": "array" }, - "SelectedBorderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutElementBorderStyle", - "markdownDescription": "The border style configuration of a free-form layout element. This border style is used when the element is selected.", - "title": "SelectedBorderStyle" - }, - "Visibility": { - "markdownDescription": "The visibility of an element within a free-form layout.", - "title": "Visibility", - "type": "string" + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" }, - "Width": { - "markdownDescription": "The width of an element within a free-form layout.", - "title": "Width", - "type": "string" + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" }, - "XAxisLocation": { - "markdownDescription": "The x-axis coordinate of the element.", - "title": "XAxisLocation", + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", "type": "string" }, - "YAxisLocation": { - "markdownDescription": "The y-axis coordinate of the element.", - "title": "YAxisLocation", + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", "type": "string" } }, "required": [ - "ElementId", - "ElementType", - "Height", - "Width", - "XAxisLocation", - "YAxisLocation" + "VisualId" ], "type": "object" }, - "AWS::QuickSight::Template.FreeFormLayoutElementBackgroundStyle": { + "AWS::QuickSight::Template.PivotFieldSortOptions": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The background color of a free-form layout element.", - "title": "Color", + "FieldId": { + "markdownDescription": "The field ID for the field sort options.", + "title": "FieldId", "type": "string" }, - "Visibility": { - "markdownDescription": "The background visibility of a free-form layout element.", - "title": "Visibility", - "type": "string" + "SortBy": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableSortBy", + "markdownDescription": "The sort by field for the field sort options.", + "title": "SortBy" } }, + "required": [ + "FieldId", + "SortBy" + ], "type": "object" }, - "AWS::QuickSight::Template.FreeFormLayoutElementBorderStyle": { + "AWS::QuickSight::Template.PivotTableAggregatedFieldWells": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The border color of a free-form layout element.", - "title": "Color", - "type": "string" + "Columns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The columns field well for a pivot table. Values are grouped by columns fields.", + "title": "Columns", + "type": "array" }, - "Visibility": { - "markdownDescription": "The border visibility of a free-form layout element.", - "title": "Visibility", - "type": "string" + "Rows": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The rows field well for a pivot table. Values are grouped by rows fields.", + "title": "Rows", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The values field well for a pivot table. Values are aggregated based on rows and columns fields.", + "title": "Values", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.FreeFormLayoutScreenCanvasSizeOptions": { + "AWS::QuickSight::Template.PivotTableCellConditionalFormatting": { "additionalProperties": false, "properties": { - "OptimizedViewPortWidth": { - "markdownDescription": "The width that the view port will be optimized for when the layout renders.", - "title": "OptimizedViewPortWidth", + "FieldId": { + "markdownDescription": "The field ID of the cell for conditional formatting.", + "title": "FieldId", "type": "string" + }, + "Scope": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableConditionalFormattingScope", + "markdownDescription": "The scope of the cell for conditional formatting.", + "title": "Scope" + }, + "Scopes": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableConditionalFormattingScope" + }, + "markdownDescription": "A list of cell scopes for conditional formatting.", + "title": "Scopes", + "type": "array" + }, + "TextFormat": { + "$ref": "#/definitions/AWS::QuickSight::Template.TextConditionalFormat", + "markdownDescription": "The text format of the cell for conditional formatting.", + "title": "TextFormat" } }, "required": [ - "OptimizedViewPortWidth" + "FieldId" ], "type": "object" }, - "AWS::QuickSight::Template.FreeFormSectionLayoutConfiguration": { + "AWS::QuickSight::Template.PivotTableConditionalFormatting": { "additionalProperties": false, "properties": { - "Elements": { + "ConditionalFormattingOptions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutElement" + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableConditionalFormattingOption" }, - "markdownDescription": "The elements that are included in the free-form layout.", - "title": "Elements", + "markdownDescription": "Conditional formatting options for a `PivotTableVisual` .", + "title": "ConditionalFormattingOptions", "type": "array" } }, - "required": [ - "Elements" - ], "type": "object" }, - "AWS::QuickSight::Template.FunnelChartAggregatedFieldWells": { + "AWS::QuickSight::Template.PivotTableConditionalFormattingOption": { "additionalProperties": false, "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The category field wells of a funnel chart. Values are grouped by category fields.", - "title": "Category", - "type": "array" - }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" - }, - "markdownDescription": "The value field wells of a funnel chart. Values are aggregated based on categories.", - "title": "Values", - "type": "array" + "Cell": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableCellConditionalFormatting", + "markdownDescription": "The cell conditional formatting option for a pivot table.", + "title": "Cell" } }, "type": "object" }, - "AWS::QuickSight::Template.FunnelChartConfiguration": { + "AWS::QuickSight::Template.PivotTableConditionalFormattingScope": { "additionalProperties": false, "properties": { - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options of the categories that are displayed in a `FunnelChartVisual` .", - "title": "CategoryLabelOptions" - }, - "DataLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.FunnelChartDataLabelOptions", - "markdownDescription": "The options that determine the presentation of the data labels.", - "title": "DataLabelOptions" + "Role": { + "markdownDescription": "The role (field, field total, grand total) of the cell for conditional formatting.", + "title": "Role", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PivotTableConfiguration": { + "additionalProperties": false, + "properties": { + "FieldOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableFieldOptions", + "markdownDescription": "The field options for a pivot table visual.", + "title": "FieldOptions" }, "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.FunnelChartFieldWells", - "markdownDescription": "The field well configuration of a `FunnelChartVisual` .", + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableFieldWells", + "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "PaginatedReportOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTablePaginatedReportOptions", + "markdownDescription": "The paginated report options for a pivot table visual.", + "title": "PaginatedReportOptions" + }, "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FunnelChartSortConfiguration", - "markdownDescription": "The sort configuration of a `FunnelChartVisual` .", + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableSortConfiguration", + "markdownDescription": "The sort configuration for a `PivotTableVisual` .", "title": "SortConfiguration" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", - "markdownDescription": "The tooltip configuration of a `FunnelChartVisual` .", - "title": "Tooltip" - }, - "ValueLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options for the values that are displayed in a `FunnelChartVisual` .", - "title": "ValueLabelOptions" + "TableOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableOptions", + "markdownDescription": "The table options for a pivot table visual.", + "title": "TableOptions" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", - "markdownDescription": "The visual palette configuration of a `FunnelChartVisual` .", - "title": "VisualPalette" + "TotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableTotalOptions", + "markdownDescription": "The total options for a pivot table visual.", + "title": "TotalOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.FunnelChartDataLabelOptions": { + "AWS::QuickSight::Template.PivotTableDataPathOption": { "additionalProperties": false, "properties": { - "CategoryLabelVisibility": { - "markdownDescription": "The visibility of the category labels within the data labels.", - "title": "CategoryLabelVisibility", - "type": "string" - }, - "LabelColor": { - "markdownDescription": "The color of the data label text.", - "title": "LabelColor", - "type": "string" - }, - "LabelFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", - "markdownDescription": "The font configuration for the data labels.\n\nOnly the `FontSize` attribute of the font configuration is used for data labels.", - "title": "LabelFontConfiguration" - }, - "MeasureDataLabelStyle": { - "markdownDescription": "Determines the style of the metric labels.", - "title": "MeasureDataLabelStyle", - "type": "string" - }, - "MeasureLabelVisibility": { - "markdownDescription": "The visibility of the measure labels within the data labels.", - "title": "MeasureLabelVisibility", - "type": "string" - }, - "Position": { - "markdownDescription": "Determines the positioning of the data label relative to a section of the funnel.", - "title": "Position", - "type": "string" + "DataPathList": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataPathValue" + }, + "markdownDescription": "The list of data path values for the data path options.", + "title": "DataPathList", + "type": "array" }, - "Visibility": { - "markdownDescription": "The visibility option that determines if data labels are displayed.", - "title": "Visibility", + "Width": { + "markdownDescription": "The width of the data path option.", + "title": "Width", "type": "string" } }, + "required": [ + "DataPathList" + ], "type": "object" }, - "AWS::QuickSight::Template.FunnelChartFieldWells": { + "AWS::QuickSight::Template.PivotTableFieldCollapseStateOption": { "additionalProperties": false, "properties": { - "FunnelChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.FunnelChartAggregatedFieldWells", - "markdownDescription": "The field well configuration of a `FunnelChartVisual` .", - "title": "FunnelChartAggregatedFieldWells" + "State": { + "markdownDescription": "The state of the field target of a pivot table. Choose one of the following options:\n\n- `COLLAPSED`\n- `EXPANDED`", + "title": "State", + "type": "string" + }, + "Target": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableFieldCollapseStateTarget", + "markdownDescription": "A tagged-union object that sets the collapse state.", + "title": "Target" } }, + "required": [ + "Target" + ], "type": "object" }, - "AWS::QuickSight::Template.FunnelChartSortConfiguration": { + "AWS::QuickSight::Template.PivotTableFieldCollapseStateTarget": { "additionalProperties": false, "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of categories displayed.", - "title": "CategoryItemsLimit" - }, - "CategorySort": { + "FieldDataPathValues": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + "$ref": "#/definitions/AWS::QuickSight::Template.DataPathValue" }, - "markdownDescription": "The sort configuration of the category fields.", - "title": "CategorySort", + "markdownDescription": "The data path of the pivot table's header. Used to set the collapse state.", + "title": "FieldDataPathValues", "type": "array" + }, + "FieldId": { + "markdownDescription": "The field ID of the pivot table that the collapse state needs to be set to.", + "title": "FieldId", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.FunnelChartVisual": { + "AWS::QuickSight::Template.PivotTableFieldOption": { "additionalProperties": false, "properties": { - "Actions": { + "CustomLabel": { + "markdownDescription": "The custom label of the pivot table field.", + "title": "CustomLabel", + "type": "string" + }, + "FieldId": { + "markdownDescription": "The field ID of the pivot table field.", + "title": "FieldId", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the pivot table field.", + "title": "Visibility", + "type": "object" + } + }, + "required": [ + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.PivotTableFieldOptions": { + "additionalProperties": false, + "properties": { + "CollapseStateOptions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableFieldCollapseStateOption" }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", + "markdownDescription": "The collapse state options for the pivot table field options.", + "title": "CollapseStateOptions", "type": "array" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FunnelChartConfiguration", - "markdownDescription": "The configuration of a `FunnelChartVisual` .", - "title": "ChartConfiguration" - }, - "ColumnHierarchies": { + "DataPathOptions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableDataPathOption" }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", + "markdownDescription": "The data path options for the pivot table field options.", + "title": "DataPathOptions", "type": "array" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" - }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "SelectedFieldOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableFieldOption" + }, + "markdownDescription": "The selected field options for the pivot table field options.", + "title": "SelectedFieldOptions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PivotTableFieldSubtotalOptions": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The field ID of the subtotal options.", + "title": "FieldId", "type": "string" } }, - "required": [ - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Template.GaugeChartArcConditionalFormatting": { + "AWS::QuickSight::Template.PivotTableFieldWells": { "additionalProperties": false, "properties": { - "ForegroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the arc foreground color.", - "title": "ForegroundColor" + "PivotTableAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableAggregatedFieldWells", + "markdownDescription": "The aggregated field well for the pivot table.", + "title": "PivotTableAggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Template.GaugeChartConditionalFormatting": { + "AWS::QuickSight::Template.PivotTableOptions": { "additionalProperties": false, "properties": { - "ConditionalFormattingOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartConditionalFormattingOption" - }, - "markdownDescription": "Conditional formatting options of a `GaugeChartVisual` .", - "title": "ConditionalFormattingOptions", - "type": "array" + "CellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "markdownDescription": "The table cell style of cells.", + "title": "CellStyle" + }, + "CollapsedRowDimensionsVisibility": { + "markdownDescription": "The visibility setting of a pivot table's collapsed row dimension fields. If the value of this structure is `HIDDEN` , all collapsed columns in a pivot table are automatically hidden. The default value is `VISIBLE` .", + "title": "CollapsedRowDimensionsVisibility", + "type": "object" + }, + "ColumnHeaderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "markdownDescription": "The table cell style of the column header.", + "title": "ColumnHeaderStyle" + }, + "ColumnNamesVisibility": { + "markdownDescription": "The visibility of the column names.", + "title": "ColumnNamesVisibility", + "type": "object" + }, + "DefaultCellWidth": { + "markdownDescription": "The default cell width of the pivot table.", + "title": "DefaultCellWidth", + "type": "string" + }, + "MetricPlacement": { + "markdownDescription": "The metric placement (row, column) options.", + "title": "MetricPlacement", + "type": "string" + }, + "RowAlternateColorOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.RowAlternateColorOptions", + "markdownDescription": "The row alternate color options (widget status, row alternate colors).", + "title": "RowAlternateColorOptions" + }, + "RowFieldNamesStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "markdownDescription": "The table cell style of row field names.", + "title": "RowFieldNamesStyle" + }, + "RowHeaderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "markdownDescription": "The table cell style of the row headers.", + "title": "RowHeaderStyle" + }, + "RowsLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableRowsLabelOptions", + "markdownDescription": "The options for the label that is located above the row headers. This option is only applicable when `RowsLayout` is set to `HIERARCHY` .", + "title": "RowsLabelOptions" + }, + "RowsLayout": { + "markdownDescription": "The layout for the row dimension headers of a pivot table. Choose one of the following options.\n\n- `TABULAR` : (Default) Each row field is displayed in a separate column.\n- `HIERARCHY` : All row fields are displayed in a single column. Indentation is used to differentiate row headers of different fields.", + "title": "RowsLayout", + "type": "string" + }, + "SingleMetricVisibility": { + "markdownDescription": "The visibility of the single metric options.", + "title": "SingleMetricVisibility", + "type": "object" + }, + "ToggleButtonsVisibility": { + "markdownDescription": "Determines the visibility of the pivot table.", + "title": "ToggleButtonsVisibility", + "type": "object" } }, "type": "object" }, - "AWS::QuickSight::Template.GaugeChartConditionalFormattingOption": { + "AWS::QuickSight::Template.PivotTablePaginatedReportOptions": { "additionalProperties": false, "properties": { - "Arc": { - "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartArcConditionalFormatting", - "markdownDescription": "The options that determine the presentation of the arc of a `GaugeChartVisual` .", - "title": "Arc" + "OverflowColumnHeaderVisibility": { + "markdownDescription": "The visibility of the repeating header rows on each page.", + "title": "OverflowColumnHeaderVisibility", + "type": "object" }, - "PrimaryValue": { - "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartPrimaryValueConditionalFormatting", - "markdownDescription": "The conditional formatting for the primary value of a `GaugeChartVisual` .", - "title": "PrimaryValue" + "VerticalOverflowVisibility": { + "markdownDescription": "The visibility of the printing table overflow across pages.", + "title": "VerticalOverflowVisibility", + "type": "object" } }, "type": "object" }, - "AWS::QuickSight::Template.GaugeChartConfiguration": { + "AWS::QuickSight::Template.PivotTableRowsLabelOptions": { "additionalProperties": false, "properties": { - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", - "markdownDescription": "The data label configuration of a `GaugeChartVisual` .", - "title": "DataLabels" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartFieldWells", - "markdownDescription": "The field well configuration of a `GaugeChartVisual` .", - "title": "FieldWells" - }, - "GaugeChartOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartOptions", - "markdownDescription": "The options that determine the presentation of the `GaugeChartVisual` .", - "title": "GaugeChartOptions" - }, - "TooltipOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", - "markdownDescription": "The tooltip configuration of a `GaugeChartVisual` .", - "title": "TooltipOptions" + "CustomLabel": { + "markdownDescription": "The custom label string for the rows label.", + "title": "CustomLabel", + "type": "string" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", - "markdownDescription": "The visual palette configuration of a `GaugeChartVisual` .", - "title": "VisualPalette" + "Visibility": { + "markdownDescription": "The visibility of the rows label.", + "title": "Visibility", + "type": "object" } }, "type": "object" }, - "AWS::QuickSight::Template.GaugeChartFieldWells": { + "AWS::QuickSight::Template.PivotTableSortBy": { "additionalProperties": false, "properties": { - "TargetValues": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" - }, - "markdownDescription": "The target value field wells of a `GaugeChartVisual` .", - "title": "TargetValues", - "type": "array" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnSort", + "markdownDescription": "The column sort (field id, direction) for the pivot table sort by options.", + "title": "Column" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" - }, - "markdownDescription": "The value field wells of a `GaugeChartVisual` .", - "title": "Values", - "type": "array" + "DataPath": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataPathSort", + "markdownDescription": "The data path sort (data path value, direction) for the pivot table sort by options.", + "title": "DataPath" + }, + "Field": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSort", + "markdownDescription": "The field sort (field id, direction) for the pivot table sort by options.", + "title": "Field" } }, "type": "object" }, - "AWS::QuickSight::Template.GaugeChartOptions": { + "AWS::QuickSight::Template.PivotTableSortConfiguration": { "additionalProperties": false, "properties": { - "Arc": { - "$ref": "#/definitions/AWS::QuickSight::Template.ArcConfiguration", - "markdownDescription": "The arc configuration of a `GaugeChartVisual` .", - "title": "Arc" - }, - "ArcAxis": { - "$ref": "#/definitions/AWS::QuickSight::Template.ArcAxisConfiguration", - "markdownDescription": "The arc axis configuration of a `GaugeChartVisual` .", - "title": "ArcAxis" - }, - "Comparison": { - "$ref": "#/definitions/AWS::QuickSight::Template.ComparisonConfiguration", - "markdownDescription": "The comparison configuration of a `GaugeChartVisual` .", - "title": "Comparison" - }, - "PrimaryValueDisplayType": { - "markdownDescription": "The options that determine the primary value display type.", - "title": "PrimaryValueDisplayType", - "type": "string" - }, - "PrimaryValueFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", - "markdownDescription": "The options that determine the primary value font configuration.", - "title": "PrimaryValueFontConfiguration" + "FieldSortOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotFieldSortOptions" + }, + "markdownDescription": "The field sort options for a pivot table sort configuration.", + "title": "FieldSortOptions", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.GaugeChartPrimaryValueConditionalFormatting": { + "AWS::QuickSight::Template.PivotTableTotalOptions": { "additionalProperties": false, "properties": { - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting of the primary value icon.", - "title": "Icon" + "ColumnSubtotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SubtotalOptions", + "markdownDescription": "The column subtotal options.", + "title": "ColumnSubtotalOptions" }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the primary value text color.", - "title": "TextColor" + "ColumnTotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTotalOptions", + "markdownDescription": "The column total options.", + "title": "ColumnTotalOptions" + }, + "RowSubtotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SubtotalOptions", + "markdownDescription": "The row subtotal options.", + "title": "RowSubtotalOptions" + }, + "RowTotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTotalOptions", + "markdownDescription": "The row total options.", + "title": "RowTotalOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.GaugeChartVisual": { + "AWS::QuickSight::Template.PivotTableVisual": { "additionalProperties": false, "properties": { "Actions": { @@ -215068,13 +259955,13 @@ "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartConfiguration", - "markdownDescription": "The configuration of a `GaugeChartVisual` .", + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableConfiguration", + "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartConditionalFormatting", - "markdownDescription": "The conditional formatting of a `GaugeChartVisual` .", + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableConditionalFormatting", + "markdownDescription": "The conditional formatting for a `PivotTableVisual` .", "title": "ConditionalFormatting" }, "Subtitle": { @@ -215087,8 +259974,13 @@ "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", "title": "VisualId", "type": "string" } @@ -215098,579 +259990,460 @@ ], "type": "object" }, - "AWS::QuickSight::Template.GeospatialCoordinateBounds": { + "AWS::QuickSight::Template.PivotTotalOptions": { "additionalProperties": false, "properties": { - "East": { - "markdownDescription": "The longitude of the east bound of the geospatial coordinate bounds.", - "title": "East", - "type": "number" - }, - "North": { - "markdownDescription": "The latitude of the north bound of the geospatial coordinate bounds.", - "title": "North", - "type": "number" + "CustomLabel": { + "markdownDescription": "The custom label string for the total cells.", + "title": "CustomLabel", + "type": "string" }, - "South": { - "markdownDescription": "The latitude of the south bound of the geospatial coordinate bounds.", - "title": "South", - "type": "number" + "MetricHeaderCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "markdownDescription": "The cell styling options for the total of header cells.", + "title": "MetricHeaderCellStyle" }, - "West": { - "markdownDescription": "The longitude of the west bound of the geospatial coordinate bounds.", - "title": "West", - "type": "number" - } - }, - "required": [ - "East", - "North", - "South", - "West" - ], - "type": "object" - }, - "AWS::QuickSight::Template.GeospatialHeatmapColorScale": { - "additionalProperties": false, - "properties": { - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialHeatmapDataColor" - }, - "markdownDescription": "The list of colors to be used in heatmap point style.", - "title": "Colors", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.GeospatialHeatmapConfiguration": { - "additionalProperties": false, - "properties": { - "HeatmapColor": { - "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialHeatmapColorScale", - "markdownDescription": "The color scale specification for the heatmap point style.", - "title": "HeatmapColor" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.GeospatialHeatmapDataColor": { - "additionalProperties": false, - "properties": { - "Color": { - "markdownDescription": "The hex color to be used in the heatmap point style.", - "title": "Color", + "Placement": { + "markdownDescription": "The placement (start, end) for the total cells.", + "title": "Placement", "type": "string" - } - }, - "required": [ - "Color" - ], - "type": "object" - }, - "AWS::QuickSight::Template.GeospatialMapAggregatedFieldWells": { - "additionalProperties": false, - "properties": { - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The color field wells of a geospatial map.", - "title": "Colors", - "type": "array" }, - "Geospatial": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The geospatial field wells of a geospatial map. Values are grouped by geospatial fields.", - "title": "Geospatial", - "type": "array" + "ScrollStatus": { + "markdownDescription": "The scroll status (pinned, scrolled) for the total cells.", + "title": "ScrollStatus", + "type": "string" }, - "Values": { + "TotalAggregationOptions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Template.TotalAggregationOption" }, - "markdownDescription": "The size field wells of a geospatial map. Values are aggregated based on geospatial fields.", - "title": "Values", + "markdownDescription": "The total aggregation options for each value field.", + "title": "TotalAggregationOptions", "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.GeospatialMapConfiguration": { - "additionalProperties": false, - "properties": { - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialMapFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" - }, - "MapStyleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialMapStyleOptions", - "markdownDescription": "The map style options of the geospatial map.", - "title": "MapStyleOptions" - }, - "PointStyleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialPointStyleOptions", - "markdownDescription": "The point style options of the geospatial map.", - "title": "PointStyleOptions" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" + "TotalCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "markdownDescription": "The cell styling options for the total cells.", + "title": "TotalCellStyle" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", - "markdownDescription": "", - "title": "VisualPalette" + "TotalsVisibility": { + "markdownDescription": "The visibility configuration for the total cells.", + "title": "TotalsVisibility", + "type": "object" }, - "WindowOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialWindowOptions", - "markdownDescription": "The window options of the geospatial map.", - "title": "WindowOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.GeospatialMapFieldWells": { - "additionalProperties": false, - "properties": { - "GeospatialMapAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialMapAggregatedFieldWells", - "markdownDescription": "The aggregated field well for a geospatial map.", - "title": "GeospatialMapAggregatedFieldWells" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.GeospatialMapStyleOptions": { - "additionalProperties": false, - "properties": { - "BaseMapStyle": { - "markdownDescription": "The base map style of the geospatial map.", - "title": "BaseMapStyle", - "type": "string" + "ValueCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "markdownDescription": "The cell styling options for the totals of value cells.", + "title": "ValueCellStyle" } }, "type": "object" }, - "AWS::QuickSight::Template.GeospatialMapVisual": { + "AWS::QuickSight::Template.PluginVisual": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialMapConfiguration", - "markdownDescription": "The configuration settings of the visual.", + "$ref": "#/definitions/AWS::QuickSight::Template.PluginVisualConfiguration", + "markdownDescription": "A description of the plugin field wells and their persisted properties.", "title": "ChartConfiguration" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "PluginArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that reflects the plugin and version.", + "title": "PluginArn", + "type": "string" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", + "markdownDescription": "", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", + "markdownDescription": "", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "markdownDescription": "The ID of the visual that you want to use.", "title": "VisualId", "type": "string" } }, "required": [ + "PluginArn", "VisualId" ], "type": "object" }, - "AWS::QuickSight::Template.GeospatialPointStyleOptions": { + "AWS::QuickSight::Template.PluginVisualConfiguration": { "additionalProperties": false, "properties": { - "ClusterMarkerConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ClusterMarkerConfiguration", - "markdownDescription": "The cluster marker configuration of the geospatial point style.", - "title": "ClusterMarkerConfiguration" + "FieldWells": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.PluginVisualFieldWell" + }, + "markdownDescription": "The field wells configuration of the plugin visual.", + "title": "FieldWells", + "type": "array" }, - "HeatmapConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialHeatmapConfiguration", - "markdownDescription": "The heatmap configuration of the geospatial point style.", - "title": "HeatmapConfiguration" + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.PluginVisualSortConfiguration", + "markdownDescription": "The sort configuration of the plugin visual.", + "title": "SortConfiguration" }, - "SelectedPointStyle": { - "markdownDescription": "The selected point styles (point, cluster) of the geospatial map.", - "title": "SelectedPointStyle", - "type": "string" + "VisualOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.PluginVisualOptions", + "markdownDescription": "The persisted properties of the plugin visual.", + "title": "VisualOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.GeospatialWindowOptions": { + "AWS::QuickSight::Template.PluginVisualFieldWell": { "additionalProperties": false, "properties": { - "Bounds": { - "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialCoordinateBounds", - "markdownDescription": "The bounds options (north, south, west, east) of the geospatial window options.", - "title": "Bounds" - }, - "MapZoomMode": { - "markdownDescription": "The map zoom modes (manual, auto) of the geospatial window options.", - "title": "MapZoomMode", + "AxisName": { + "markdownDescription": "The semantic axis name for the field well.", + "title": "AxisName", "type": "string" + }, + "Dimensions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "A list of dimensions for the field well.", + "title": "Dimensions", + "type": "array" + }, + "Measures": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "A list of measures that exist in the field well.", + "title": "Measures", + "type": "array" + }, + "Unaggregated": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.UnaggregatedField" + }, + "markdownDescription": "A list of unaggregated fields that exist in the field well.", + "title": "Unaggregated", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.GlobalTableBorderOptions": { + "AWS::QuickSight::Template.PluginVisualItemsLimitConfiguration": { "additionalProperties": false, "properties": { - "SideSpecificBorder": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableSideBorderOptions", - "markdownDescription": "Determines the options for side specific border.", - "title": "SideSpecificBorder" - }, - "UniformBorder": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", - "markdownDescription": "Determines the options for uniform border.", - "title": "UniformBorder" + "ItemsLimit": { + "markdownDescription": "Determines how many values are be fetched at once.", + "title": "ItemsLimit", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Template.GradientColor": { + "AWS::QuickSight::Template.PluginVisualOptions": { "additionalProperties": false, "properties": { - "Stops": { + "VisualProperties": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.GradientStop" + "$ref": "#/definitions/AWS::QuickSight::Template.PluginVisualProperty" }, - "markdownDescription": "The list of gradient color stops.", - "title": "Stops", + "markdownDescription": "The persisted properties and their values.", + "title": "VisualProperties", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.GradientStop": { + "AWS::QuickSight::Template.PluginVisualProperty": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "Determines the color.", - "title": "Color", + "Name": { + "markdownDescription": "The name of the plugin visual property.", + "title": "Name", "type": "string" }, - "DataValue": { - "markdownDescription": "Determines the data value.", - "title": "DataValue", - "type": "number" - }, - "GradientOffset": { - "markdownDescription": "Determines gradient offset value.", - "title": "GradientOffset", - "type": "number" + "Value": { + "markdownDescription": "The value of the plugin visual property.", + "title": "Value", + "type": "string" } }, - "required": [ - "GradientOffset" - ], "type": "object" }, - "AWS::QuickSight::Template.GridLayoutCanvasSizeOptions": { + "AWS::QuickSight::Template.PluginVisualSortConfiguration": { "additionalProperties": false, "properties": { - "ScreenCanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.GridLayoutScreenCanvasSizeOptions", - "markdownDescription": "The options that determine the sizing of the canvas used in a grid layout.", - "title": "ScreenCanvasSizeOptions" + "PluginVisualTableQuerySort": { + "$ref": "#/definitions/AWS::QuickSight::Template.PluginVisualTableQuerySort", + "markdownDescription": "The table query sorting options for the plugin visual.", + "title": "PluginVisualTableQuerySort" } }, "type": "object" }, - "AWS::QuickSight::Template.GridLayoutConfiguration": { + "AWS::QuickSight::Template.PluginVisualTableQuerySort": { "additionalProperties": false, "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.GridLayoutCanvasSizeOptions", - "markdownDescription": "", - "title": "CanvasSizeOptions" + "ItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.PluginVisualItemsLimitConfiguration", + "markdownDescription": "The maximum amount of data to be returned by a query.", + "title": "ItemsLimitConfiguration" }, - "Elements": { + "RowSort": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.GridLayoutElement" + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" }, - "markdownDescription": "The elements that are included in a grid layout.", - "title": "Elements", + "markdownDescription": "Determines how data is sorted in the response.", + "title": "RowSort", "type": "array" } }, - "required": [ - "Elements" - ], "type": "object" }, - "AWS::QuickSight::Template.GridLayoutElement": { + "AWS::QuickSight::Template.PredefinedHierarchy": { "additionalProperties": false, "properties": { - "ColumnIndex": { - "markdownDescription": "The column index for the upper left corner of an element.", - "title": "ColumnIndex", - "type": "number" - }, - "ColumnSpan": { - "markdownDescription": "The width of a grid element expressed as a number of grid columns.", - "title": "ColumnSpan", - "type": "number" - }, - "ElementId": { - "markdownDescription": "A unique identifier for an element within a grid layout.", - "title": "ElementId", - "type": "string" - }, - "ElementType": { - "markdownDescription": "The type of element.", - "title": "ElementType", - "type": "string" - }, - "RowIndex": { - "markdownDescription": "The row index for the upper left corner of an element.", - "title": "RowIndex", - "type": "number" + "Columns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier" + }, + "markdownDescription": "The list of columns that define the predefined hierarchy.", + "title": "Columns", + "type": "array" }, - "RowSpan": { - "markdownDescription": "The height of a grid element expressed as a number of grid rows.", - "title": "RowSpan", - "type": "number" - } - }, - "required": [ - "ColumnSpan", - "ElementId", - "ElementType", - "RowSpan" - ], - "type": "object" - }, - "AWS::QuickSight::Template.GridLayoutScreenCanvasSizeOptions": { - "additionalProperties": false, - "properties": { - "OptimizedViewPortWidth": { - "markdownDescription": "The width that the view port will be optimized for when the layout renders.", - "title": "OptimizedViewPortWidth", - "type": "string" + "DrillDownFilters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DrillDownFilter" + }, + "markdownDescription": "The option that determines the drill down filters for the predefined hierarchy.", + "title": "DrillDownFilters", + "type": "array" }, - "ResizeOption": { - "markdownDescription": "This value determines the layout behavior when the viewport is resized.\n\n- `FIXED` : A fixed width will be used when optimizing the layout. In the Amazon QuickSight console, this option is called `Classic` .\n- `RESPONSIVE` : The width of the canvas will be responsive and optimized to the view port. In the Amazon QuickSight console, this option is called `Tiled` .", - "title": "ResizeOption", + "HierarchyId": { + "markdownDescription": "The hierarchy ID of the predefined hierarchy.", + "title": "HierarchyId", "type": "string" } }, "required": [ - "ResizeOption" + "Columns", + "HierarchyId" ], "type": "object" }, - "AWS::QuickSight::Template.GrowthRateComputation": { + "AWS::QuickSight::Template.ProgressBarOptions": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", - "type": "string" - }, - "PeriodSize": { - "markdownDescription": "The period size setup of a growth rate computation.", - "title": "PeriodSize", - "type": "number" - }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" - }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "Visibility": { + "markdownDescription": "The visibility of the progress bar.", + "title": "Visibility", + "type": "object" } }, - "required": [ - "ComputationId" - ], "type": "object" }, - "AWS::QuickSight::Template.HeaderFooterSectionConfiguration": { + "AWS::QuickSight::Template.QueryExecutionOptions": { "additionalProperties": false, "properties": { - "Layout": { - "$ref": "#/definitions/AWS::QuickSight::Template.SectionLayoutConfiguration", - "markdownDescription": "The layout configuration of the header or footer section.", - "title": "Layout" - }, - "SectionId": { - "markdownDescription": "The unique identifier of the header or footer section.", - "title": "SectionId", + "QueryExecutionMode": { + "markdownDescription": "A structure that describes the query execution mode.", + "title": "QueryExecutionMode", "type": "string" - }, - "Style": { - "$ref": "#/definitions/AWS::QuickSight::Template.SectionStyle", - "markdownDescription": "The style options of a header or footer section.", - "title": "Style" } }, - "required": [ - "Layout", - "SectionId" - ], "type": "object" }, - "AWS::QuickSight::Template.HeatMapAggregatedFieldWells": { + "AWS::QuickSight::Template.RadarChartAggregatedFieldWells": { "additionalProperties": false, "properties": { - "Columns": { + "Category": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, - "markdownDescription": "The columns field well of a heat map.", - "title": "Columns", + "markdownDescription": "The aggregated field well categories of a radar chart.", + "title": "Category", "type": "array" }, - "Rows": { + "Color": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, - "markdownDescription": "The rows field well of a heat map.", - "title": "Rows", + "markdownDescription": "The color that are assigned to the aggregated field wells of a radar chart.", + "title": "Color", "type": "array" }, "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" }, - "markdownDescription": "The values field well of a heat map.", + "markdownDescription": "The values that are assigned to the aggregated field wells of a radar chart.", "title": "Values", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.HeatMapConfiguration": { + "AWS::QuickSight::Template.RadarChartAreaStyleSettings": { "additionalProperties": false, "properties": { - "ColorScale": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColorScale", - "markdownDescription": "The color options (gradient color, point of divergence) in a heat map.", - "title": "ColorScale" + "Visibility": { + "markdownDescription": "The visibility settings of a radar chart.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.RadarChartConfiguration": { + "additionalProperties": false, + "properties": { + "AlternateBandColorsVisibility": { + "markdownDescription": "Determines the visibility of the colors of alternatign bands in a radar chart.", + "title": "AlternateBandColorsVisibility", + "type": "object" }, - "ColumnLabelOptions": { + "AlternateBandEvenColor": { + "markdownDescription": "The color of the even-numbered alternate bands of a radar chart.", + "title": "AlternateBandEvenColor", + "type": "string" + }, + "AlternateBandOddColor": { + "markdownDescription": "The color of the odd-numbered alternate bands of a radar chart.", + "title": "AlternateBandOddColor", + "type": "string" + }, + "AxesRangeScale": { + "markdownDescription": "The axis behavior options of a radar chart.", + "title": "AxesRangeScale", + "type": "string" + }, + "BaseSeriesSettings": { + "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartSeriesSettings", + "markdownDescription": "The base sreies settings of a radar chart.", + "title": "BaseSeriesSettings" + }, + "CategoryAxis": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The category axis of a radar chart.", + "title": "CategoryAxis" + }, + "CategoryLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options of the column that is displayed in a heat map.", - "title": "ColumnLabelOptions" + "markdownDescription": "The category label options of a radar chart.", + "title": "CategoryLabelOptions" }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.", - "title": "DataLabels" + "ColorAxis": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The color axis of a radar chart.", + "title": "ColorAxis" + }, + "ColorLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The color label options of a radar chart.", + "title": "ColorLabelOptions" }, "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.HeatMapFieldWells", - "markdownDescription": "The field wells of the visual.", + "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartFieldWells", + "markdownDescription": "The field well configuration of a `RadarChartVisual` .", "title": "FieldWells" }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, "Legend": { "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Legend" }, - "RowLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options of the row that is displayed in a `heat map` .", - "title": "RowLabelOptions" + "Shape": { + "markdownDescription": "The shape of the radar chart.", + "title": "Shape", + "type": "string" }, "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.HeatMapSortConfiguration", - "markdownDescription": "The sort configuration of a heat map.", + "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartSortConfiguration", + "markdownDescription": "The sort configuration of a `RadarChartVisual` .", "title": "SortConfiguration" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" + "StartAngle": { + "markdownDescription": "The start angle of a radar chart's axis.", + "title": "StartAngle", + "type": "number" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" } }, "type": "object" }, - "AWS::QuickSight::Template.HeatMapFieldWells": { + "AWS::QuickSight::Template.RadarChartFieldWells": { "additionalProperties": false, "properties": { - "HeatMapAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.HeatMapAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a heat map.", - "title": "HeatMapAggregatedFieldWells" + "RadarChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a radar chart visual.", + "title": "RadarChartAggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Template.HeatMapSortConfiguration": { + "AWS::QuickSight::Template.RadarChartSeriesSettings": { "additionalProperties": false, "properties": { - "HeatMapColumnItemsLimitConfiguration": { + "AreaStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartAreaStyleSettings", + "markdownDescription": "The area style settings of a radar chart.", + "title": "AreaStyleSettings" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.RadarChartSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryItemsLimit": { "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of columns that are displayed in a heat map.", - "title": "HeatMapColumnItemsLimitConfiguration" + "markdownDescription": "The category items limit for a radar chart.", + "title": "CategoryItemsLimit" }, - "HeatMapColumnSort": { + "CategorySort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" }, - "markdownDescription": "The column sort configuration for heat map for columns that aren't a part of a field well.", - "title": "HeatMapColumnSort", + "markdownDescription": "The category sort options of a radar chart.", + "title": "CategorySort", "type": "array" }, - "HeatMapRowItemsLimitConfiguration": { + "ColorItemsLimit": { "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of rows that are displayed in a heat map.", - "title": "HeatMapRowItemsLimitConfiguration" + "markdownDescription": "The color items limit of a radar chart.", + "title": "ColorItemsLimit" }, - "HeatMapRowSort": { + "ColorSort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" }, - "markdownDescription": "The field sort configuration of the rows fields.", - "title": "HeatMapRowSort", + "markdownDescription": "The color sort configuration of a radar chart.", + "title": "ColorSort", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.HeatMapVisual": { + "AWS::QuickSight::Template.RadarChartVisual": { "additionalProperties": false, "properties": { "Actions": { @@ -215682,8 +260455,8 @@ "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.HeatMapConfiguration", - "markdownDescription": "The configuration of a heat map.", + "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartConfiguration", + "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { @@ -215704,6 +260477,11 @@ "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", @@ -215715,536 +260493,460 @@ ], "type": "object" }, - "AWS::QuickSight::Template.HistogramAggregatedFieldWells": { + "AWS::QuickSight::Template.RangeEndsLabelType": { "additionalProperties": false, "properties": { - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" - }, - "markdownDescription": "The value field wells of a histogram. Values are aggregated by `COUNT` or `DISTINCT_COUNT` .", - "title": "Values", - "type": "array" + "Visibility": { + "markdownDescription": "The visibility of the range ends label.", + "title": "Visibility", + "type": "object" } }, "type": "object" }, - "AWS::QuickSight::Template.HistogramBinOptions": { + "AWS::QuickSight::Template.ReferenceLine": { "additionalProperties": false, "properties": { - "BinCount": { - "$ref": "#/definitions/AWS::QuickSight::Template.BinCountOptions", - "markdownDescription": "The options that determine the bin count of a histogram.", - "title": "BinCount" + "DataConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineDataConfiguration", + "markdownDescription": "The data configuration of the reference line.", + "title": "DataConfiguration" }, - "BinWidth": { - "$ref": "#/definitions/AWS::QuickSight::Template.BinWidthOptions", - "markdownDescription": "The options that determine the bin width of a histogram.", - "title": "BinWidth" + "LabelConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineLabelConfiguration", + "markdownDescription": "The label configuration of the reference line.", + "title": "LabelConfiguration" }, - "SelectedBinType": { - "markdownDescription": "The options that determine the selected bin type.", - "title": "SelectedBinType", + "Status": { + "markdownDescription": "The status of the reference line. Choose one of the following options:\n\n- `ENABLE`\n- `DISABLE`", + "title": "Status", "type": "string" }, - "StartValue": { - "markdownDescription": "The options that determine the bin start value.", - "title": "StartValue", - "type": "number" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.HistogramConfiguration": { - "additionalProperties": false, - "properties": { - "BinOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.HistogramBinOptions", - "markdownDescription": "The options that determine the presentation of histogram bins.", - "title": "BinOptions" - }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", - "markdownDescription": "The data label configuration of a histogram.", - "title": "DataLabels" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.HistogramFieldWells", - "markdownDescription": "The field well configuration of a histogram.", - "title": "FieldWells" - }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", - "markdownDescription": "The tooltip configuration of a histogram.", - "title": "Tooltip" - }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", - "markdownDescription": "The visual palette configuration of a histogram.", - "title": "VisualPalette" - }, - "XAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the x-axis.", - "title": "XAxisDisplayOptions" - }, - "XAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the x-axis label.", - "title": "XAxisLabelOptions" - }, - "YAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the y-axis.", - "title": "YAxisDisplayOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.HistogramFieldWells": { - "additionalProperties": false, - "properties": { - "HistogramAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.HistogramAggregatedFieldWells", - "markdownDescription": "The field well configuration of a histogram.", - "title": "HistogramAggregatedFieldWells" + "StyleConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineStyleConfiguration", + "markdownDescription": "The style configuration of the reference line.", + "title": "StyleConfiguration" } }, + "required": [ + "DataConfiguration" + ], "type": "object" }, - "AWS::QuickSight::Template.HistogramVisual": { + "AWS::QuickSight::Template.ReferenceLineCustomLabelConfiguration": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.HistogramConfiguration", - "markdownDescription": "The configuration for a `HistogramVisual` .", - "title": "ChartConfiguration" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" - }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "CustomLabel": { + "markdownDescription": "The string text of the custom label.", + "title": "CustomLabel", "type": "string" } }, "required": [ - "VisualId" + "CustomLabel" ], "type": "object" }, - "AWS::QuickSight::Template.InsightConfiguration": { + "AWS::QuickSight::Template.ReferenceLineDataConfiguration": { "additionalProperties": false, "properties": { - "Computations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.Computation" - }, - "markdownDescription": "The computations configurations of the insight visual", - "title": "Computations", - "type": "array" + "AxisBinding": { + "markdownDescription": "The axis binding type of the reference line. Choose one of the following options:\n\n- `PrimaryY`\n- `SecondaryY`", + "title": "AxisBinding", + "type": "string" }, - "CustomNarrative": { - "$ref": "#/definitions/AWS::QuickSight::Template.CustomNarrativeOptions", - "markdownDescription": "The custom narrative of the insight visual.", - "title": "CustomNarrative" + "DynamicConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineDynamicDataConfiguration", + "markdownDescription": "The dynamic configuration of the reference line data configuration.", + "title": "DynamicConfiguration" + }, + "SeriesType": { + "markdownDescription": "The series type of the reference line data configuration. Choose one of the following options:\n\n- `BAR`\n- `LINE`", + "title": "SeriesType", + "type": "string" + }, + "StaticConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineStaticDataConfiguration", + "markdownDescription": "The static data configuration of the reference line data configuration.", + "title": "StaticConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Template.InsightVisual": { + "AWS::QuickSight::Template.ReferenceLineDynamicDataConfiguration": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "DataSetIdentifier": { - "markdownDescription": "The dataset that is used in the insight visual.", - "title": "DataSetIdentifier", - "type": "string" - }, - "InsightConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.InsightConfiguration", - "markdownDescription": "The configuration of an insight visual.", - "title": "InsightConfiguration" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Calculation": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericalAggregationFunction", + "markdownDescription": "The calculation that is used in the dynamic data.", + "title": "Calculation" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that the dynamic data targets.", + "title": "Column" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", - "type": "string" + "MeasureAggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Template.AggregationFunction", + "markdownDescription": "The aggregation function that is used in the dynamic data.", + "title": "MeasureAggregationFunction" } }, "required": [ - "DataSetIdentifier", - "VisualId" + "Calculation", + "Column" ], "type": "object" }, - "AWS::QuickSight::Template.IntegerDefaultValues": { + "AWS::QuickSight::Template.ReferenceLineLabelConfiguration": { "additionalProperties": false, "properties": { - "DynamicValue": { - "$ref": "#/definitions/AWS::QuickSight::Template.DynamicDefaultValue", - "markdownDescription": "The dynamic value of the `IntegerDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", - "title": "DynamicValue" + "CustomLabelConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineCustomLabelConfiguration", + "markdownDescription": "The custom label configuration of the label in a reference line.", + "title": "CustomLabelConfiguration" }, - "StaticValues": { - "items": { - "type": "number" - }, - "markdownDescription": "The static values of the `IntegerDefaultValues` .", - "title": "StaticValues", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.IntegerParameterDeclaration": { - "additionalProperties": false, - "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::Template.IntegerDefaultValues", - "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", - "title": "DefaultValues" + "FontColor": { + "markdownDescription": "The font color configuration of the label in a reference line.", + "title": "FontColor", + "type": "string" }, - "MappedDataSetParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MappedDataSetParameter" - }, - "markdownDescription": "", - "title": "MappedDataSetParameters", - "type": "array" + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "markdownDescription": "The font configuration of the label in a reference line.", + "title": "FontConfiguration" }, - "Name": { - "markdownDescription": "The name of the parameter that is being declared.", - "title": "Name", + "HorizontalPosition": { + "markdownDescription": "The horizontal position configuration of the label in a reference line. Choose one of the following options:\n\n- `LEFT`\n- `CENTER`\n- `RIGHT`", + "title": "HorizontalPosition", "type": "string" }, - "ParameterValueType": { - "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", - "title": "ParameterValueType", - "type": "string" + "ValueLabelConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineValueLabelConfiguration", + "markdownDescription": "The value label configuration of the label in a reference line.", + "title": "ValueLabelConfiguration" }, - "ValueWhenUnset": { - "$ref": "#/definitions/AWS::QuickSight::Template.IntegerValueWhenUnsetConfiguration", - "markdownDescription": "A parameter declaration for the `Integer` data type.", - "title": "ValueWhenUnset" + "VerticalPosition": { + "markdownDescription": "The vertical position configuration of the label in a reference line. Choose one of the following options:\n\n- `ABOVE`\n- `BELOW`", + "title": "VerticalPosition", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ReferenceLineStaticDataConfiguration": { + "additionalProperties": false, + "properties": { + "Value": { + "markdownDescription": "The double input of the static data.", + "title": "Value", + "type": "number" } }, "required": [ - "Name", - "ParameterValueType" + "Value" ], "type": "object" }, - "AWS::QuickSight::Template.IntegerValueWhenUnsetConfiguration": { + "AWS::QuickSight::Template.ReferenceLineStyleConfiguration": { "additionalProperties": false, "properties": { - "CustomValue": { - "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", - "title": "CustomValue", - "type": "number" + "Color": { + "markdownDescription": "The hex color of the reference line.", + "title": "Color", + "type": "string" }, - "ValueWhenUnsetOption": { - "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", - "title": "ValueWhenUnsetOption", + "Pattern": { + "markdownDescription": "The pattern type of the line style. Choose one of the following options:\n\n- `SOLID`\n- `DASHED`\n- `DOTTED`", + "title": "Pattern", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.ItemsLimitConfiguration": { + "AWS::QuickSight::Template.ReferenceLineValueLabelConfiguration": { "additionalProperties": false, "properties": { - "ItemsLimit": { - "markdownDescription": "The limit on how many items of a field are showed in the chart. For example, the number of slices that are displayed in a pie chart.", - "title": "ItemsLimit", - "type": "number" + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericFormatConfiguration", + "markdownDescription": "The format configuration of the value label.", + "title": "FormatConfiguration" }, - "OtherCategories": { - "markdownDescription": "The `Show other` of an axis in the chart. Choose one of the following options:\n\n- `INCLUDE`\n- `EXCLUDE`", - "title": "OtherCategories", + "RelativePosition": { + "markdownDescription": "The relative position of the value label. Choose one of the following options:\n\n- `BEFORE_CUSTOM_LABEL`\n- `AFTER_CUSTOM_LABEL`", + "title": "RelativePosition", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.KPIActualValueConditionalFormatting": { + "AWS::QuickSight::Template.RelativeDateTimeControlDisplayOptions": { "additionalProperties": false, "properties": { - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting of the actual value's icon.", - "title": "Icon" + "DateTimeFormat": { + "markdownDescription": "Customize how dates are formatted in controls.", + "title": "DateTimeFormat", + "type": "string" }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the actual value's text color.", - "title": "TextColor" + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.KPIComparisonValueConditionalFormatting": { + "AWS::QuickSight::Template.RelativeDatesFilter": { "additionalProperties": false, "properties": { - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting of the comparison value's icon.", - "title": "Icon" + "AnchorDateConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.AnchorDateConfiguration", + "markdownDescription": "The date configuration of the filter.", + "title": "AnchorDateConfiguration" }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the comparison value's text color.", - "title": "TextColor" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "ExcludePeriodConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ExcludePeriodConfiguration", + "markdownDescription": "The configuration for the exclude period of the filter.", + "title": "ExcludePeriodConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + }, + "MinimumGranularity": { + "markdownDescription": "The minimum granularity (period granularity) of the relative dates filter.", + "title": "MinimumGranularity", + "type": "string" + }, + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" + }, + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.", + "title": "ParameterName", + "type": "string" + }, + "RelativeDateType": { + "markdownDescription": "The range date type of the filter. Choose one of the options below:\n\n- `PREVIOUS`\n- `THIS`\n- `LAST`\n- `NOW`\n- `NEXT`", + "title": "RelativeDateType", + "type": "string" + }, + "RelativeDateValue": { + "markdownDescription": "The date value of the filter.", + "title": "RelativeDateValue", + "type": "number" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" } }, + "required": [ + "AnchorDateConfiguration", + "Column", + "FilterId", + "NullOption", + "RelativeDateType", + "TimeGranularity" + ], "type": "object" }, - "AWS::QuickSight::Template.KPIConditionalFormatting": { + "AWS::QuickSight::Template.ResourcePermission": { "additionalProperties": false, "properties": { - "ConditionalFormattingOptions": { + "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPIConditionalFormattingOption" + "type": "string" }, - "markdownDescription": "The conditional formatting options of a KPI visual.", - "title": "ConditionalFormattingOptions", + "markdownDescription": "The IAM action to grant or revoke permissions on.", + "title": "Actions", "type": "array" + }, + "Principal": { + "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", + "title": "Principal", + "type": "string" } }, + "required": [ + "Actions", + "Principal" + ], "type": "object" }, - "AWS::QuickSight::Template.KPIConditionalFormattingOption": { + "AWS::QuickSight::Template.RollingDateConfiguration": { "additionalProperties": false, "properties": { - "ActualValue": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPIActualValueConditionalFormatting", - "markdownDescription": "The conditional formatting for the actual value of a KPI visual.", - "title": "ActualValue" + "DataSetIdentifier": { + "markdownDescription": "The data set that is used in the rolling date configuration.", + "title": "DataSetIdentifier", + "type": "string" }, - "ComparisonValue": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPIComparisonValueConditionalFormatting", - "markdownDescription": "The conditional formatting for the comparison value of a KPI visual.", - "title": "ComparisonValue" + "Expression": { + "markdownDescription": "The expression of the rolling date configuration.", + "title": "Expression", + "type": "string" + } + }, + "required": [ + "Expression" + ], + "type": "object" + }, + "AWS::QuickSight::Template.RowAlternateColorOptions": { + "additionalProperties": false, + "properties": { + "RowAlternateColors": { + "items": { + "type": "string" + }, + "markdownDescription": "Determines the list of row alternate colors.", + "title": "RowAlternateColors", + "type": "array" }, - "PrimaryValue": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPIPrimaryValueConditionalFormatting", - "markdownDescription": "The conditional formatting for the primary value of a KPI visual.", - "title": "PrimaryValue" + "Status": { + "markdownDescription": "Determines the widget status.", + "title": "Status", + "type": "string" }, - "ProgressBar": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPIProgressBarConditionalFormatting", - "markdownDescription": "The conditional formatting for the progress bar of a KPI visual.", - "title": "ProgressBar" + "UsePrimaryBackgroundColor": { + "markdownDescription": "The primary background color options for alternate rows.", + "title": "UsePrimaryBackgroundColor", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.KPIConfiguration": { + "AWS::QuickSight::Template.SameSheetTargetVisualConfiguration": { "additionalProperties": false, "properties": { - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPIFieldWells", - "markdownDescription": "The field well configuration of a KPI visual.", - "title": "FieldWells" - }, - "KPIOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPIOptions", - "markdownDescription": "The options that determine the presentation of a KPI visual.", - "title": "KPIOptions" + "TargetVisualOptions": { + "markdownDescription": "The options that choose the target visual in the same sheet.\n\nValid values are defined as follows:\n\n- `ALL_VISUALS` : Applies the filter operation to all visuals in the same sheet.", + "title": "TargetVisualOptions", + "type": "string" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPISortConfiguration", - "markdownDescription": "The sort configuration of a KPI visual.", - "title": "SortConfiguration" + "TargetVisuals": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the target visual IDs that are located in the same sheet of the analysis.", + "title": "TargetVisuals", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.KPIFieldWells": { + "AWS::QuickSight::Template.SankeyDiagramAggregatedFieldWells": { "additionalProperties": false, "properties": { - "TargetValues": { + "Destination": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, - "markdownDescription": "The target value field wells of a KPI visual.", - "title": "TargetValues", + "markdownDescription": "The destination field wells of a sankey diagram.", + "title": "Destination", "type": "array" }, - "TrendGroups": { + "Source": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, - "markdownDescription": "The trend group field wells of a KPI visual.", - "title": "TrendGroups", + "markdownDescription": "The source field wells of a sankey diagram.", + "title": "Source", "type": "array" }, - "Values": { + "Weight": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" }, - "markdownDescription": "The value field wells of a KPI visual.", - "title": "Values", + "markdownDescription": "The weight field wells of a sankey diagram.", + "title": "Weight", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.KPIOptions": { + "AWS::QuickSight::Template.SankeyDiagramChartConfiguration": { "additionalProperties": false, "properties": { - "Comparison": { - "$ref": "#/definitions/AWS::QuickSight::Template.ComparisonConfiguration", - "markdownDescription": "The comparison configuration of a KPI visual.", - "title": "Comparison" - }, - "PrimaryValueDisplayType": { - "markdownDescription": "The options that determine the primary value display type.", - "title": "PrimaryValueDisplayType", - "type": "string" - }, - "PrimaryValueFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", - "markdownDescription": "The options that determine the primary value font configuration.", - "title": "PrimaryValueFontConfiguration" - }, - "ProgressBar": { - "$ref": "#/definitions/AWS::QuickSight::Template.ProgressBarOptions", - "markdownDescription": "The options that determine the presentation of the progress bar of a KPI visual.", - "title": "ProgressBar" - }, - "SecondaryValue": { - "$ref": "#/definitions/AWS::QuickSight::Template.SecondaryValueOptions", - "markdownDescription": "The options that determine the presentation of the secondary value of a KPI visual.", - "title": "SecondaryValue" - }, - "SecondaryValueFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", - "markdownDescription": "The options that determine the secondary value font configuration.", - "title": "SecondaryValueFontConfiguration" - }, - "Sparkline": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPISparklineOptions", - "markdownDescription": "The options that determine the visibility, color, type, and tooltip visibility of the sparkline of a KPI visual.", - "title": "Sparkline" + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "markdownDescription": "The data label configuration of a sankey diagram.", + "title": "DataLabels" }, - "TrendArrows": { - "$ref": "#/definitions/AWS::QuickSight::Template.TrendArrowOptions", - "markdownDescription": "The options that determine the presentation of trend arrows in a KPI visual.", - "title": "TrendArrows" + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.SankeyDiagramFieldWells", + "markdownDescription": "The field well configuration of a sankey diagram.", + "title": "FieldWells" }, - "VisualLayoutOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPIVisualLayoutOptions", - "markdownDescription": "The options that determine the layout a KPI visual.", - "title": "VisualLayoutOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.KPIPrimaryValueConditionalFormatting": { - "additionalProperties": false, - "properties": { - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting of the primary value's icon.", - "title": "Icon" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the primary value's text color.", - "title": "TextColor" + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.SankeyDiagramSortConfiguration", + "markdownDescription": "The sort configuration of a sankey diagram.", + "title": "SortConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Template.KPIProgressBarConditionalFormatting": { + "AWS::QuickSight::Template.SankeyDiagramFieldWells": { "additionalProperties": false, "properties": { - "ForegroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the progress bar's foreground color.", - "title": "ForegroundColor" + "SankeyDiagramAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.SankeyDiagramAggregatedFieldWells", + "markdownDescription": "The field well configuration of a sankey diagram.", + "title": "SankeyDiagramAggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Template.KPISortConfiguration": { + "AWS::QuickSight::Template.SankeyDiagramSortConfiguration": { "additionalProperties": false, "properties": { - "TrendGroupSort": { + "DestinationItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of destination nodes that are displayed in a sankey diagram.", + "title": "DestinationItemsLimit" + }, + "SourceItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of source nodes that are displayed in a sankey diagram.", + "title": "SourceItemsLimit" + }, + "WeightSort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" }, - "markdownDescription": "The sort configuration of the trend group fields.", - "title": "TrendGroupSort", + "markdownDescription": "The sort configuration of the weight fields.", + "title": "WeightSort", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.KPISparklineOptions": { - "additionalProperties": false, - "properties": { - "Color": { - "markdownDescription": "The color of the sparkline.", - "title": "Color", - "type": "string" - }, - "TooltipVisibility": { - "markdownDescription": "The tooltip visibility of the sparkline.", - "title": "TooltipVisibility", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of the sparkline.", - "title": "Type", - "type": "string" - }, - "Visibility": { - "markdownDescription": "The visibility of the sparkline.", - "title": "Visibility", - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::QuickSight::Template.KPIVisual": { + "AWS::QuickSight::Template.SankeyDiagramVisual": { "additionalProperties": false, "properties": { "Actions": { @@ -216256,23 +260958,10 @@ "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPIConfiguration", - "markdownDescription": "The configuration of a KPI visual.", + "$ref": "#/definitions/AWS::QuickSight::Template.SankeyDiagramChartConfiguration", + "markdownDescription": "The configuration of a sankey diagram.", "title": "ChartConfiguration" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" - }, - "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPIConditionalFormatting", - "markdownDescription": "The conditional formatting of a KPI visual.", - "title": "ConditionalFormatting" - }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", @@ -216283,6 +260972,11 @@ "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", @@ -216294,407 +260988,187 @@ ], "type": "object" }, - "AWS::QuickSight::Template.KPIVisualLayoutOptions": { - "additionalProperties": false, - "properties": { - "StandardLayout": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPIVisualStandardLayout", - "markdownDescription": "The standard layout of the KPI visual.", - "title": "StandardLayout" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.KPIVisualStandardLayout": { - "additionalProperties": false, - "properties": { - "Type": { - "markdownDescription": "The standard layout type.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::QuickSight::Template.LabelOptions": { - "additionalProperties": false, - "properties": { - "CustomLabel": { - "markdownDescription": "The text for the label.", - "title": "CustomLabel", - "type": "string" - }, - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", - "markdownDescription": "The font configuration of the label.", - "title": "FontConfiguration" - }, - "Visibility": { - "markdownDescription": "Determines whether or not the label is visible.", - "title": "Visibility", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.Layout": { - "additionalProperties": false, - "properties": { - "Configuration": { - "$ref": "#/definitions/AWS::QuickSight::Template.LayoutConfiguration", - "markdownDescription": "The configuration that determines what the type of layout for a sheet.", - "title": "Configuration" - } - }, - "required": [ - "Configuration" - ], - "type": "object" - }, - "AWS::QuickSight::Template.LayoutConfiguration": { - "additionalProperties": false, - "properties": { - "FreeFormLayout": { - "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutConfiguration", - "markdownDescription": "A free-form is optimized for a fixed width and has more control over the exact placement of layout elements.", - "title": "FreeFormLayout" - }, - "GridLayout": { - "$ref": "#/definitions/AWS::QuickSight::Template.GridLayoutConfiguration", - "markdownDescription": "A type of layout that can be used on a sheet. In a grid layout, visuals snap to a grid with standard spacing and alignment. Dashboards are displayed as designed, with options to fit to screen or view at actual size. A grid layout can be configured to behave in one of two ways when the viewport is resized: `FIXED` or `RESPONSIVE` .", - "title": "GridLayout" - }, - "SectionBasedLayout": { - "$ref": "#/definitions/AWS::QuickSight::Template.SectionBasedLayoutConfiguration", - "markdownDescription": "A section based layout organizes visuals into multiple sections and has customized header, footer and page break.", - "title": "SectionBasedLayout" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.LegendOptions": { - "additionalProperties": false, - "properties": { - "Height": { - "markdownDescription": "The height of the legend. If this value is omitted, a default height is used when rendering.", - "title": "Height", - "type": "string" - }, - "Position": { - "markdownDescription": "The positions for the legend. Choose one of the following options:\n\n- `AUTO`\n- `RIGHT`\n- `BOTTOM`\n- `LEFT`", - "title": "Position", - "type": "string" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", - "markdownDescription": "The custom title for the legend.", - "title": "Title" - }, - "Visibility": { - "markdownDescription": "Determines whether or not the legend is visible.", - "title": "Visibility", - "type": "string" - }, - "Width": { - "markdownDescription": "The width of the legend. If this value is omitted, a default width is used when rendering.", - "title": "Width", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.LineChartAggregatedFieldWells": { + "AWS::QuickSight::Template.ScatterPlotCategoricallyAggregatedFieldWells": { "additionalProperties": false, "properties": { "Category": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, - "markdownDescription": "The category field wells of a line chart. Values are grouped by category fields.", + "markdownDescription": "The category field well of a scatter plot.", "title": "Category", "type": "array" }, - "Colors": { + "Label": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, - "markdownDescription": "The color field wells of a line chart. Values are grouped by category fields.", - "title": "Colors", + "markdownDescription": "The label field well of a scatter plot.", + "title": "Label", "type": "array" }, - "SmallMultiples": { + "Size": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" }, - "markdownDescription": "The small multiples field well of a line chart.", - "title": "SmallMultiples", + "markdownDescription": "The size field well of a scatter plot.", + "title": "Size", "type": "array" }, - "Values": { + "XAxis": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" }, - "markdownDescription": "The value field wells of a line chart. Values are aggregated based on categories.", - "title": "Values", + "markdownDescription": "The x-axis field well of a scatter plot.\n\nThe x-axis is aggregated by category.", + "title": "XAxis", + "type": "array" + }, + "YAxis": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The y-axis field well of a scatter plot.\n\nThe y-axis is aggregated by category.", + "title": "YAxis", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.LineChartConfiguration": { + "AWS::QuickSight::Template.ScatterPlotConfiguration": { "additionalProperties": false, "properties": { - "ContributionAnalysisDefaults": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ContributionAnalysisDefault" - }, - "markdownDescription": "The default configuration of a line chart's contribution analysis.", - "title": "ContributionAnalysisDefaults", - "type": "array" - }, "DataLabels": { "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", - "markdownDescription": "The data label configuration of a line chart.", + "markdownDescription": "The options that determine if visual data labels are displayed.", "title": "DataLabels" }, - "DefaultSeriesSettings": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineChartDefaultSeriesSettings", - "markdownDescription": "The options that determine the default presentation of all line series in `LineChartVisual` .", - "title": "DefaultSeriesSettings" - }, "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineChartFieldWells", - "markdownDescription": "The field well configuration of a line chart.", + "$ref": "#/definitions/AWS::QuickSight::Template.ScatterPlotFieldWells", + "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, - "ForecastConfigurations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ForecastConfiguration" - }, - "markdownDescription": "The forecast configuration of a line chart.", - "title": "ForecastConfigurations", - "type": "array" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" }, "Legend": { "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", - "markdownDescription": "The legend configuration of a line chart.", + "markdownDescription": "The legend display setup of the visual.", "title": "Legend" }, - "PrimaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineSeriesAxisDisplayOptions", - "markdownDescription": "The series axis configuration of a line chart.", - "title": "PrimaryYAxisDisplayOptions" - }, - "PrimaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the y-axis label.", - "title": "PrimaryYAxisLabelOptions" - }, - "ReferenceLines": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLine" - }, - "markdownDescription": "The reference lines configuration of a line chart.", - "title": "ReferenceLines", - "type": "array" - }, - "SecondaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineSeriesAxisDisplayOptions", - "markdownDescription": "The series axis configuration of a line chart.", - "title": "SecondaryYAxisDisplayOptions" - }, - "SecondaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the secondary y-axis label.", - "title": "SecondaryYAxisLabelOptions" - }, - "Series": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.SeriesItem" - }, - "markdownDescription": "The series item configuration of a line chart.", - "title": "Series", - "type": "array" - }, - "SmallMultiplesOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SmallMultiplesOptions", - "markdownDescription": "The small multiples setup for the visual.", - "title": "SmallMultiplesOptions" - }, "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineChartSortConfiguration", - "markdownDescription": "The sort configuration of a line chart.", + "$ref": "#/definitions/AWS::QuickSight::Template.ScatterPlotSortConfiguration", + "markdownDescription": "The sort configuration of a scatter plot.", "title": "SortConfiguration" }, "Tooltip": { "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", - "markdownDescription": "The tooltip configuration of a line chart.", + "markdownDescription": "The legend display setup of the visual.", "title": "Tooltip" }, - "Type": { - "markdownDescription": "Determines the type of the line chart.", - "title": "Type", - "type": "string" - }, "VisualPalette": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", - "markdownDescription": "The visual palette configuration of a line chart.", + "markdownDescription": "The palette (chart color) display setup of the visual.", "title": "VisualPalette" }, "XAxisDisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the x-axis.", + "markdownDescription": "The label display options (grid line, range, scale, and axis step) of the scatter plot's x-axis.", "title": "XAxisDisplayOptions" }, "XAxisLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the x-axis label.", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's x-axis.", "title": "XAxisLabelOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.LineChartDefaultSeriesSettings": { - "additionalProperties": false, - "properties": { - "AxisBinding": { - "markdownDescription": "The axis to which you are binding all line series to.", - "title": "AxisBinding", - "type": "string" - }, - "LineStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineChartLineStyleSettings", - "markdownDescription": "Line styles options for all line series in the visual.", - "title": "LineStyleSettings" - }, - "MarkerStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineChartMarkerStyleSettings", - "markdownDescription": "Marker styles options for all line series in the visual.", - "title": "MarkerStyleSettings" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.LineChartFieldWells": { - "additionalProperties": false, - "properties": { - "LineChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineChartAggregatedFieldWells", - "markdownDescription": "The field well configuration of a line chart.", - "title": "LineChartAggregatedFieldWells" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.LineChartLineStyleSettings": { - "additionalProperties": false, - "properties": { - "LineInterpolation": { - "markdownDescription": "Interpolation style for line series.\n\n- `LINEAR` : Show as default, linear style.\n- `SMOOTH` : Show as a smooth curve.\n- `STEPPED` : Show steps in line.", - "title": "LineInterpolation", - "type": "string" - }, - "LineStyle": { - "markdownDescription": "Line style for line series.\n\n- `SOLID` : Show as a solid line.\n- `DOTTED` : Show as a dotted line.\n- `DASHED` : Show as a dashed line.", - "title": "LineStyle", - "type": "string" }, - "LineVisibility": { - "markdownDescription": "Configuration option that determines whether to show the line for the series.", - "title": "LineVisibility", - "type": "string" + "YAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, and axis step) of the scatter plot's y-axis.", + "title": "YAxisDisplayOptions" }, - "LineWidth": { - "markdownDescription": "Width that determines the line thickness.", - "title": "LineWidth", - "type": "string" + "YAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's y-axis.", + "title": "YAxisLabelOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.LineChartMarkerStyleSettings": { + "AWS::QuickSight::Template.ScatterPlotFieldWells": { "additionalProperties": false, "properties": { - "MarkerColor": { - "markdownDescription": "Color of marker in the series.", - "title": "MarkerColor", - "type": "string" - }, - "MarkerShape": { - "markdownDescription": "Shape option for markers in the series.\n\n- `CIRCLE` : Show marker as a circle.\n- `TRIANGLE` : Show marker as a triangle.\n- `SQUARE` : Show marker as a square.\n- `DIAMOND` : Show marker as a diamond.\n- `ROUNDED_SQUARE` : Show marker as a rounded square.", - "title": "MarkerShape", - "type": "string" - }, - "MarkerSize": { - "markdownDescription": "Size of marker in the series.", - "title": "MarkerSize", - "type": "string" + "ScatterPlotCategoricallyAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.ScatterPlotCategoricallyAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a scatter plot. The x and y-axes of scatter plots with aggregated field wells are aggregated by category, label, or both.", + "title": "ScatterPlotCategoricallyAggregatedFieldWells" }, - "MarkerVisibility": { - "markdownDescription": "Configuration option that determines whether to show the markers in the series.", - "title": "MarkerVisibility", - "type": "string" + "ScatterPlotUnaggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.ScatterPlotUnaggregatedFieldWells", + "markdownDescription": "The unaggregated field wells of a scatter plot. The x and y-axes of these scatter plots are unaggregated.", + "title": "ScatterPlotUnaggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Template.LineChartSeriesSettings": { + "AWS::QuickSight::Template.ScatterPlotSortConfiguration": { "additionalProperties": false, "properties": { - "LineStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineChartLineStyleSettings", - "markdownDescription": "Line styles options for a line series in `LineChartVisual` .", - "title": "LineStyleSettings" - }, - "MarkerStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineChartMarkerStyleSettings", - "markdownDescription": "Marker styles options for a line series in `LineChartVisual` .", - "title": "MarkerStyleSettings" + "ScatterPlotLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "", + "title": "ScatterPlotLimitConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Template.LineChartSortConfiguration": { + "AWS::QuickSight::Template.ScatterPlotUnaggregatedFieldWells": { "additionalProperties": false, "properties": { - "CategoryItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of categories that are displayed in a line chart.", - "title": "CategoryItemsLimitConfiguration" + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The category field well of a scatter plot.", + "title": "Category", + "type": "array" }, - "CategorySort": { + "Label": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, - "markdownDescription": "The sort configuration of the category fields.", - "title": "CategorySort", + "markdownDescription": "The label field well of a scatter plot.", + "title": "Label", "type": "array" }, - "ColorItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of lines that are displayed in a line chart.", - "title": "ColorItemsLimitConfiguration" + "Size": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The size field well of a scatter plot.", + "title": "Size", + "type": "array" }, - "SmallMultiplesLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of small multiples panels that are displayed.", - "title": "SmallMultiplesLimitConfiguration" + "XAxis": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The x-axis field well of a scatter plot.\n\nThe x-axis is a dimension field and cannot be aggregated.", + "title": "XAxis", + "type": "array" }, - "SmallMultiplesSort": { + "YAxis": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, - "markdownDescription": "The sort configuration of the small multiples field.", - "title": "SmallMultiplesSort", + "markdownDescription": "The y-axis field well of a scatter plot.\n\nThe y-axis is a dimension field and cannot be aggregated.", + "title": "YAxis", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.LineChartVisual": { + "AWS::QuickSight::Template.ScatterPlotVisual": { "additionalProperties": false, "properties": { "Actions": { @@ -216706,8 +261180,8 @@ "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineChartConfiguration", - "markdownDescription": "The configuration of a line chart.", + "$ref": "#/definitions/AWS::QuickSight::Template.ScatterPlotConfiguration", + "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { @@ -216728,6 +261202,11 @@ "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", @@ -216739,1301 +261218,1369 @@ ], "type": "object" }, - "AWS::QuickSight::Template.LineSeriesAxisDisplayOptions": { + "AWS::QuickSight::Template.ScrollBarOptions": { "additionalProperties": false, "properties": { - "AxisOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the line series axis.", - "title": "AxisOptions" + "Visibility": { + "markdownDescription": "The visibility of the data zoom scroll bar.", + "title": "Visibility", + "type": "object" }, - "MissingDataConfigurations": { + "VisibleRange": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisibleRangeOptions", + "markdownDescription": "The visibility range for the data zoom scroll bar.", + "title": "VisibleRange" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SecondaryValueOptions": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "Determines the visibility of the secondary value.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SectionAfterPageBreak": { + "additionalProperties": false, + "properties": { + "Status": { + "markdownDescription": "The option that enables or disables a page break at the end of a section.", + "title": "Status", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SectionBasedLayoutCanvasSizeOptions": { + "additionalProperties": false, + "properties": { + "PaperCanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SectionBasedLayoutPaperCanvasSizeOptions", + "markdownDescription": "The options for a paper canvas of a section-based layout.", + "title": "PaperCanvasSizeOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SectionBasedLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "BodySections": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MissingDataConfiguration" + "$ref": "#/definitions/AWS::QuickSight::Template.BodySectionConfiguration" }, - "markdownDescription": "The configuration options that determine how missing data is treated during the rendering of a line chart.", - "title": "MissingDataConfigurations", + "markdownDescription": "A list of body section configurations.", + "title": "BodySections", + "type": "array" + }, + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SectionBasedLayoutCanvasSizeOptions", + "markdownDescription": "The options for the canvas of a section-based layout.", + "title": "CanvasSizeOptions" + }, + "FooterSections": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.HeaderFooterSectionConfiguration" + }, + "markdownDescription": "A list of footer section configurations.", + "title": "FooterSections", + "type": "array" + }, + "HeaderSections": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.HeaderFooterSectionConfiguration" + }, + "markdownDescription": "A list of header section configurations.", + "title": "HeaderSections", "type": "array" } }, + "required": [ + "BodySections", + "CanvasSizeOptions", + "FooterSections", + "HeaderSections" + ], "type": "object" }, - "AWS::QuickSight::Template.ListControlDisplayOptions": { + "AWS::QuickSight::Template.SectionBasedLayoutPaperCanvasSizeOptions": { "additionalProperties": false, "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" + "PaperMargin": { + "$ref": "#/definitions/AWS::QuickSight::Template.Spacing", + "markdownDescription": "Defines the spacing between the canvas content and the top, bottom, left, and right edges.", + "title": "PaperMargin" }, - "SearchOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ListControlSearchOptions", - "markdownDescription": "The configuration of the search options in a list control.", - "title": "SearchOptions" + "PaperOrientation": { + "markdownDescription": "The paper orientation that is used to define canvas dimensions. Choose one of the following options:\n\n- PORTRAIT\n- LANDSCAPE", + "title": "PaperOrientation", + "type": "string" }, - "SelectAllOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ListControlSelectAllOptions", - "markdownDescription": "The configuration of the `Select all` options in a list control.", - "title": "SelectAllOptions" + "PaperSize": { + "markdownDescription": "The paper size that is used to define canvas dimensions.", + "title": "PaperSize", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SectionLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "FreeFormLayout": { + "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormSectionLayoutConfiguration", + "markdownDescription": "The free-form layout configuration of a section.", + "title": "FreeFormLayout" + } + }, + "required": [ + "FreeFormLayout" + ], + "type": "object" + }, + "AWS::QuickSight::Template.SectionPageBreakConfiguration": { + "additionalProperties": false, + "properties": { + "After": { + "$ref": "#/definitions/AWS::QuickSight::Template.SectionAfterPageBreak", + "markdownDescription": "The configuration of a page break after a section.", + "title": "After" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SectionStyle": { + "additionalProperties": false, + "properties": { + "Height": { + "markdownDescription": "The height of a section.\n\nHeights can only be defined for header and footer sections. The default height margin is 0.5 inches.", + "title": "Height", + "type": "string" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" + "Padding": { + "$ref": "#/definitions/AWS::QuickSight::Template.Spacing", + "markdownDescription": "The spacing between section content and its top, bottom, left, and right edges.\n\nThere is no padding by default.", + "title": "Padding" } }, "type": "object" }, - "AWS::QuickSight::Template.ListControlSearchOptions": { + "AWS::QuickSight::Template.SelectedSheetsFilterScopeConfiguration": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility configuration of the search options in a list control.", - "title": "Visibility", + "SheetVisualScopingConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetVisualScopingConfiguration" + }, + "markdownDescription": "The sheet ID and visual IDs of the sheet and visuals that the filter is applied to.", + "title": "SheetVisualScopingConfigurations", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SeriesItem": { + "additionalProperties": false, + "properties": { + "DataFieldSeriesItem": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataFieldSeriesItem", + "markdownDescription": "The data field series item configuration of a line chart.", + "title": "DataFieldSeriesItem" + }, + "FieldSeriesItem": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSeriesItem", + "markdownDescription": "The field series item configuration of a line chart.", + "title": "FieldSeriesItem" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SetParameterValueConfiguration": { + "additionalProperties": false, + "properties": { + "DestinationParameterName": { + "markdownDescription": "The destination parameter name of the `SetParameterValueConfiguration` .", + "title": "DestinationParameterName", "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Template.DestinationParameterValueConfiguration", + "markdownDescription": "", + "title": "Value" + } + }, + "required": [ + "DestinationParameterName", + "Value" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ShapeConditionalFormat": { + "additionalProperties": false, + "properties": { + "BackgroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting for the shape background color of a filled map visual.", + "title": "BackgroundColor" } }, + "required": [ + "BackgroundColor" + ], "type": "object" }, - "AWS::QuickSight::Template.ListControlSelectAllOptions": { + "AWS::QuickSight::Template.Sheet": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility configuration of the `Select all` options in a list control.", - "title": "Visibility", + "Name": { + "markdownDescription": "The name of a sheet. This name is displayed on the sheet's tab in the Amazon QuickSight console.", + "title": "Name", + "type": "string" + }, + "SheetId": { + "markdownDescription": "The unique identifier associated with a sheet.", + "title": "SheetId", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.LoadingAnimation": { + "AWS::QuickSight::Template.SheetControlInfoIconLabelOptions": { "additionalProperties": false, "properties": { + "InfoIconText": { + "markdownDescription": "The text content of info icon.", + "title": "InfoIconText", + "type": "string" + }, "Visibility": { - "markdownDescription": "The visibility configuration of `LoadingAnimation` .", + "markdownDescription": "The visibility configuration of info icon label options.", "title": "Visibility", - "type": "string" + "type": "object" } }, "type": "object" }, - "AWS::QuickSight::Template.LocalNavigationConfiguration": { + "AWS::QuickSight::Template.SheetControlLayout": { "additionalProperties": false, "properties": { - "TargetSheetId": { - "markdownDescription": "The sheet that is targeted for navigation in the same analysis.", - "title": "TargetSheetId", - "type": "string" + "Configuration": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlLayoutConfiguration", + "markdownDescription": "The configuration that determines the elements and canvas size options of sheet control.", + "title": "Configuration" } }, "required": [ - "TargetSheetId" + "Configuration" ], "type": "object" }, - "AWS::QuickSight::Template.LongFormatText": { + "AWS::QuickSight::Template.SheetControlLayoutConfiguration": { "additionalProperties": false, "properties": { - "PlainText": { - "markdownDescription": "Plain text format.", - "title": "PlainText", - "type": "string" - }, - "RichText": { - "markdownDescription": "Rich text. Examples of rich text include bold, underline, and italics.", - "title": "RichText", - "type": "string" + "GridLayout": { + "$ref": "#/definitions/AWS::QuickSight::Template.GridLayoutConfiguration", + "markdownDescription": "The configuration that determines the elements and canvas size options of sheet control.", + "title": "GridLayout" } }, "type": "object" }, - "AWS::QuickSight::Template.MappedDataSetParameter": { + "AWS::QuickSight::Template.SheetDefinition": { "additionalProperties": false, "properties": { - "DataSetIdentifier": { - "markdownDescription": "A unique name that identifies a dataset within the analysis or dashboard.", - "title": "DataSetIdentifier", + "ContentType": { + "markdownDescription": "The layout content type of the sheet. Choose one of the following options:\n\n- `PAGINATED` : Creates a sheet for a paginated report.\n- `INTERACTIVE` : Creates a sheet for an interactive dashboard.", + "title": "ContentType", "type": "string" }, - "DataSetParameterName": { - "markdownDescription": "The name of the dataset parameter.", - "title": "DataSetParameterName", + "Description": { + "markdownDescription": "A description of the sheet.", + "title": "Description", + "type": "string" + }, + "FilterControls": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterControl" + }, + "markdownDescription": "The list of filter controls that are on a sheet.\n\nFor more information, see [Adding filter controls to analysis sheets](https://docs.aws.amazon.com/quicksight/latest/user/filter-controls.html) in the *Amazon QuickSight User Guide* .", + "title": "FilterControls", + "type": "array" + }, + "Images": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetImage" + }, + "markdownDescription": "A list of images on a sheet.", + "title": "Images", + "type": "array" + }, + "Layouts": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.Layout" + }, + "markdownDescription": "Layouts define how the components of a sheet are arranged.\n\nFor more information, see [Types of layout](https://docs.aws.amazon.com/quicksight/latest/user/types-of-layout.html) in the *Amazon QuickSight User Guide* .", + "title": "Layouts", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the sheet. This name is displayed on the sheet's tab in the Amazon QuickSight console.", + "title": "Name", + "type": "string" + }, + "ParameterControls": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ParameterControl" + }, + "markdownDescription": "The list of parameter controls that are on a sheet.\n\nFor more information, see [Using a Control with a Parameter in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-controls.html) in the *Amazon QuickSight User Guide* .", + "title": "ParameterControls", + "type": "array" + }, + "SheetControlLayouts": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlLayout" + }, + "markdownDescription": "The control layouts of the sheet.", + "title": "SheetControlLayouts", + "type": "array" + }, + "SheetId": { + "markdownDescription": "The unique identifier of a sheet.", + "title": "SheetId", + "type": "string" + }, + "TextBoxes": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetTextBox" + }, + "markdownDescription": "The text boxes that are on a sheet.", + "title": "TextBoxes", + "type": "array" + }, + "Title": { + "markdownDescription": "The title of the sheet.", + "title": "Title", "type": "string" + }, + "Visuals": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.Visual" + }, + "markdownDescription": "A list of the visuals that are on a sheet. Visual placement is determined by the layout of the sheet.", + "title": "Visuals", + "type": "array" } }, "required": [ - "DataSetIdentifier", - "DataSetParameterName" + "SheetId" ], "type": "object" }, - "AWS::QuickSight::Template.MaximumLabelType": { + "AWS::QuickSight::Template.SheetElementConfigurationOverrides": { "additionalProperties": false, "properties": { "Visibility": { - "markdownDescription": "The visibility of the maximum label.", + "markdownDescription": "Determines whether or not the overrides are visible. Choose one of the following options:\n\n- `VISIBLE`\n- `HIDDEN`", "title": "Visibility", - "type": "string" + "type": "object" } }, "type": "object" }, - "AWS::QuickSight::Template.MaximumMinimumComputation": { + "AWS::QuickSight::Template.SheetElementRenderingRule": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", + "ConfigurationOverrides": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetElementConfigurationOverrides", + "markdownDescription": "The override configuration of the rendering rules of a sheet.", + "title": "ConfigurationOverrides" + }, + "Expression": { + "markdownDescription": "The expression of the rendering rules of a sheet.", + "title": "Expression", "type": "string" + } + }, + "required": [ + "ConfigurationOverrides", + "Expression" + ], + "type": "object" + }, + "AWS::QuickSight::Template.SheetImage": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ImageCustomAction" + }, + "markdownDescription": "A list of custom actions that are configured for an image.", + "title": "Actions", + "type": "array" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "ImageContentAltText": { + "markdownDescription": "The alt text for the image.", + "title": "ImageContentAltText", "type": "string" }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ImageInteractionOptions", + "markdownDescription": "The general image interactions setup for an image.", + "title": "Interactions" }, - "Type": { - "markdownDescription": "The type of computation. Choose one of the following options:\n\n- MAXIMUM: A maximum computation.\n- MINIMUM: A minimum computation.", - "title": "Type", + "Scaling": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetImageScalingConfiguration", + "markdownDescription": "Determines how the image is scaled.", + "title": "Scaling" + }, + "SheetImageId": { + "markdownDescription": "The ID of the sheet image.", + "title": "SheetImageId", "type": "string" }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "Source": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetImageSource", + "markdownDescription": "The source of the image.", + "title": "Source" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetImageTooltipConfiguration", + "markdownDescription": "The tooltip to be shown when hovering over the image.", + "title": "Tooltip" } }, "required": [ - "ComputationId", - "Type" + "SheetImageId", + "Source" ], "type": "object" }, - "AWS::QuickSight::Template.MeasureField": { + "AWS::QuickSight::Template.SheetImageScalingConfiguration": { "additionalProperties": false, "properties": { - "CalculatedMeasureField": { - "$ref": "#/definitions/AWS::QuickSight::Template.CalculatedMeasureField", - "markdownDescription": "The calculated measure field only used in pivot tables.", - "title": "CalculatedMeasureField" - }, - "CategoricalMeasureField": { - "$ref": "#/definitions/AWS::QuickSight::Template.CategoricalMeasureField", - "markdownDescription": "The measure type field with categorical type columns.", - "title": "CategoricalMeasureField" - }, - "DateMeasureField": { - "$ref": "#/definitions/AWS::QuickSight::Template.DateMeasureField", - "markdownDescription": "The measure type field with date type columns.", - "title": "DateMeasureField" - }, - "NumericalMeasureField": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericalMeasureField", - "markdownDescription": "The measure type field with numerical type columns.", - "title": "NumericalMeasureField" + "ScalingType": { + "markdownDescription": "The scaling option to use when fitting the image inside the container.\n\nValid values are defined as follows:\n\n- `SCALE_TO_WIDTH` : The image takes up the entire width of the container. The image aspect ratio is preserved.\n- `SCALE_TO_HEIGHT` : The image takes up the entire height of the container. The image aspect ratio is preserved.\n- `SCALE_TO_CONTAINER` : The image takes up the entire width and height of the container. The image aspect ratio is not preserved.\n- `SCALE_NONE` : The image is displayed in its original size and is not scaled to the container.", + "title": "ScalingType", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.MetricComparisonComputation": { + "AWS::QuickSight::Template.SheetImageSource": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" - }, - "FromValue": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", - "markdownDescription": "The field that is used in a metric comparison from value setup.", - "title": "FromValue" - }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "SheetImageStaticFileSource": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetImageStaticFileSource", + "markdownDescription": "The source of the static file that contains the image.", + "title": "SheetImageStaticFileSource" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SheetImageStaticFileSource": { + "additionalProperties": false, + "properties": { + "StaticFileId": { + "markdownDescription": "The ID of the static file that contains the image.", + "title": "StaticFileId", "type": "string" - }, - "TargetValue": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", - "markdownDescription": "The field that is used in a metric comparison to value setup.", - "title": "TargetValue" - }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" } }, "required": [ - "ComputationId" + "StaticFileId" ], "type": "object" }, - "AWS::QuickSight::Template.MinimumLabelType": { + "AWS::QuickSight::Template.SheetImageTooltipConfiguration": { "additionalProperties": false, "properties": { + "TooltipText": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetImageTooltipText", + "markdownDescription": "The text that appears in the tooltip.", + "title": "TooltipText" + }, "Visibility": { - "markdownDescription": "The visibility of the minimum label.", + "markdownDescription": "The visibility of the tooltip.", "title": "Visibility", - "type": "string" + "type": "object" } }, "type": "object" }, - "AWS::QuickSight::Template.MissingDataConfiguration": { + "AWS::QuickSight::Template.SheetImageTooltipText": { "additionalProperties": false, "properties": { - "TreatmentOption": { - "markdownDescription": "The treatment option that determines how missing data should be rendered. Choose from the following options:\n\n- `INTERPOLATE` : Interpolate missing values between the prior and the next known value.\n- `SHOW_AS_ZERO` : Show missing values as the value `0` .\n- `SHOW_AS_BLANK` : Display a blank space when rendering missing data.", - "title": "TreatmentOption", + "PlainText": { + "markdownDescription": "The plain text format.", + "title": "PlainText", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.NegativeValueConfiguration": { + "AWS::QuickSight::Template.SheetTextBox": { "additionalProperties": false, "properties": { - "DisplayMode": { - "markdownDescription": "Determines the display mode of the negative value configuration.", - "title": "DisplayMode", + "Content": { + "markdownDescription": "The content that is displayed in the text box.", + "title": "Content", + "type": "string" + }, + "SheetTextBoxId": { + "markdownDescription": "The unique identifier for a text box. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have text boxes that share identifiers.", + "title": "SheetTextBoxId", "type": "string" } }, "required": [ - "DisplayMode" + "SheetTextBoxId" ], "type": "object" }, - "AWS::QuickSight::Template.NullValueFormatConfiguration": { + "AWS::QuickSight::Template.SheetVisualScopingConfiguration": { "additionalProperties": false, "properties": { - "NullString": { - "markdownDescription": "Determines the null string of null values.", - "title": "NullString", + "Scope": { + "markdownDescription": "The scope of the applied entities. Choose one of the following options:\n\n- `ALL_VISUALS`\n- `SELECTED_VISUALS`", + "title": "Scope", + "type": "string" + }, + "SheetId": { + "markdownDescription": "The selected sheet that the filter is applied to.", + "title": "SheetId", "type": "string" + }, + "VisualIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The selected visuals that the filter is applied to.", + "title": "VisualIds", + "type": "array" } }, "required": [ - "NullString" + "Scope", + "SheetId" ], "type": "object" }, - "AWS::QuickSight::Template.NumberDisplayFormatConfiguration": { + "AWS::QuickSight::Template.ShortFormatText": { "additionalProperties": false, "properties": { - "DecimalPlacesConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DecimalPlacesConfiguration", - "markdownDescription": "The option that determines the decimal places configuration.", - "title": "DecimalPlacesConfiguration" - }, - "NegativeValueConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NegativeValueConfiguration", - "markdownDescription": "The options that determine the negative value configuration.", - "title": "NegativeValueConfiguration" - }, - "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NullValueFormatConfiguration", - "markdownDescription": "The options that determine the null value format configuration.", - "title": "NullValueFormatConfiguration" - }, - "NumberScale": { - "markdownDescription": "Determines the number scale value of the number format.", - "title": "NumberScale", + "PlainText": { + "markdownDescription": "Plain text format.", + "title": "PlainText", "type": "string" }, - "Prefix": { - "markdownDescription": "Determines the prefix value of the number format.", - "title": "Prefix", + "RichText": { + "markdownDescription": "Rich text. Examples of rich text include bold, underline, and italics.", + "title": "RichText", "type": "string" - }, - "SeparatorConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericSeparatorConfiguration", - "markdownDescription": "The options that determine the numeric separator configuration.", - "title": "SeparatorConfiguration" - }, - "Suffix": { - "markdownDescription": "Determines the suffix value of the number format.", - "title": "Suffix", + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SimpleClusterMarker": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The color of the simple cluster marker.", + "title": "Color", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.NumberFormatConfiguration": { + "AWS::QuickSight::Template.SingleAxisOptions": { "additionalProperties": false, "properties": { - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericFormatConfiguration", - "markdownDescription": "The options that determine the numeric format configuration.", - "title": "FormatConfiguration" + "YAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.YAxisOptions", + "markdownDescription": "The Y axis options of a single axis configuration.", + "title": "YAxisOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.NumericAxisOptions": { + "AWS::QuickSight::Template.SliderControlDisplayOptions": { "additionalProperties": false, "properties": { - "Range": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayRange", - "markdownDescription": "The range setup of a numeric axis.", - "title": "Range" + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" }, - "Scale": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisScale", - "markdownDescription": "The scale setup of a numeric axis.", - "title": "Scale" + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.NumericEqualityDrillDownFilter": { + "AWS::QuickSight::Template.SmallMultiplesAxisProperties": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" + "Placement": { + "markdownDescription": "Defines the placement of the axis. By default, axes are rendered `OUTSIDE` of the panels. Axes with `INDEPENDENT` scale are rendered `INSIDE` the panels.", + "title": "Placement", + "type": "string" }, - "Value": { - "markdownDescription": "The value of the double input numeric drill down filter.", - "title": "Value", - "type": "number" + "Scale": { + "markdownDescription": "Determines whether scale of the axes are shared or independent. The default value is `SHARED` .", + "title": "Scale", + "type": "string" } }, - "required": [ - "Column", - "Value" - ], "type": "object" }, - "AWS::QuickSight::Template.NumericEqualityFilter": { + "AWS::QuickSight::Template.SmallMultiplesOptions": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Template.AggregationFunction", - "markdownDescription": "The aggregation function of the filter.", - "title": "AggregationFunction" + "MaxVisibleColumns": { + "markdownDescription": "Sets the maximum number of visible columns to display in the grid of small multiples panels.\n\nThe default is `Auto` , which automatically adjusts the columns in the grid to fit the overall layout and size of the given chart.", + "title": "MaxVisibleColumns", + "type": "number" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" + "MaxVisibleRows": { + "markdownDescription": "Sets the maximum number of visible rows to display in the grid of small multiples panels.\n\nThe default value is `Auto` , which automatically adjusts the rows in the grid to fit the overall layout and size of the given chart.", + "title": "MaxVisibleRows", + "type": "number" }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" + "PanelConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.PanelConfiguration", + "markdownDescription": "Configures the display options for each small multiples panel.", + "title": "PanelConfiguration" }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", - "type": "string" + "XAxis": { + "$ref": "#/definitions/AWS::QuickSight::Template.SmallMultiplesAxisProperties", + "markdownDescription": "The properties of a small multiples X axis.", + "title": "XAxis" }, - "MatchOperator": { - "markdownDescription": "The match operator that is used to determine if a filter should be applied.", - "title": "MatchOperator", + "YAxis": { + "$ref": "#/definitions/AWS::QuickSight::Template.SmallMultiplesAxisProperties", + "markdownDescription": "The properties of a small multiples Y axis.", + "title": "YAxis" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.Spacing": { + "additionalProperties": false, + "properties": { + "Bottom": { + "markdownDescription": "Define the bottom spacing.", + "title": "Bottom", "type": "string" }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", + "Left": { + "markdownDescription": "Define the left spacing.", + "title": "Left", "type": "string" }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.", - "title": "ParameterName", + "Right": { + "markdownDescription": "Define the right spacing.", + "title": "Right", "type": "string" }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", + "Top": { + "markdownDescription": "Define the top spacing.", + "title": "Top", "type": "string" - }, - "Value": { - "markdownDescription": "The input value.", - "title": "Value", - "type": "number" } }, - "required": [ - "Column", - "FilterId", - "MatchOperator", - "NullOption" - ], "type": "object" }, - "AWS::QuickSight::Template.NumericFormatConfiguration": { + "AWS::QuickSight::Template.StringDefaultValues": { "additionalProperties": false, "properties": { - "CurrencyDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.CurrencyDisplayFormatConfiguration", - "markdownDescription": "The options that determine the currency display format configuration.", - "title": "CurrencyDisplayFormatConfiguration" - }, - "NumberDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumberDisplayFormatConfiguration", - "markdownDescription": "The options that determine the number display format configuration.", - "title": "NumberDisplayFormatConfiguration" + "DynamicValue": { + "$ref": "#/definitions/AWS::QuickSight::Template.DynamicDefaultValue", + "markdownDescription": "The dynamic value of the `StringDefaultValues` . Different defaults displayed according to users, groups, and values mapping.", + "title": "DynamicValue" }, - "PercentageDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.PercentageDisplayFormatConfiguration", - "markdownDescription": "The options that determine the percentage display format configuration.", - "title": "PercentageDisplayFormatConfiguration" + "StaticValues": { + "items": { + "type": "string" + }, + "markdownDescription": "The static values of the `DecimalDefaultValues` .", + "title": "StaticValues", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.NumericRangeFilter": { + "AWS::QuickSight::Template.StringFormatConfiguration": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Template.AggregationFunction", - "markdownDescription": "The aggregation function of the filter.", - "title": "AggregationFunction" + "NullValueFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NullValueFormatConfiguration", + "markdownDescription": "The options that determine the null value format configuration.", + "title": "NullValueFormatConfiguration" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" + "NumericFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericFormatConfiguration", + "markdownDescription": "The formatting configuration for numeric strings.", + "title": "NumericFormatConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.StringParameterDeclaration": { + "additionalProperties": false, + "properties": { + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::Template.StringDefaultValues", + "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", + "title": "DefaultValues" }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" + "MappedDataSetParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MappedDataSetParameter" + }, + "markdownDescription": "", + "title": "MappedDataSetParameters", + "type": "array" }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", + "Name": { + "markdownDescription": "The name of the parameter that is being declared.", + "title": "Name", "type": "string" }, - "IncludeMaximum": { - "markdownDescription": "Determines whether the maximum value in the filter value range should be included in the filtered results.", - "title": "IncludeMaximum", - "type": "boolean" - }, - "IncludeMinimum": { - "markdownDescription": "Determines whether the minimum value in the filter value range should be included in the filtered results.", - "title": "IncludeMinimum", - "type": "boolean" - }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", + "ParameterValueType": { + "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", + "title": "ParameterValueType", "type": "string" }, - "RangeMaximum": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericRangeFilterValue", - "markdownDescription": "The maximum value for the filter value range.", - "title": "RangeMaximum" - }, - "RangeMinimum": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericRangeFilterValue", - "markdownDescription": "The minimum value for the filter value range.", - "title": "RangeMinimum" - }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", - "type": "string" + "ValueWhenUnset": { + "$ref": "#/definitions/AWS::QuickSight::Template.StringValueWhenUnsetConfiguration", + "markdownDescription": "The configuration that defines the default value of a `String` parameter when a value has not been set.", + "title": "ValueWhenUnset" } }, "required": [ - "Column", - "FilterId", - "NullOption" + "Name", + "ParameterValueType" ], "type": "object" }, - "AWS::QuickSight::Template.NumericRangeFilterValue": { + "AWS::QuickSight::Template.StringValueWhenUnsetConfiguration": { "additionalProperties": false, "properties": { - "Parameter": { - "markdownDescription": "The parameter that is used in the numeric range.", - "title": "Parameter", + "CustomValue": { + "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", + "title": "CustomValue", "type": "string" }, - "StaticValue": { - "markdownDescription": "The static value of the numeric range filter.", - "title": "StaticValue", - "type": "number" + "ValueWhenUnsetOption": { + "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", + "title": "ValueWhenUnsetOption", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.NumericSeparatorConfiguration": { + "AWS::QuickSight::Template.SubtotalOptions": { "additionalProperties": false, "properties": { - "DecimalSeparator": { - "markdownDescription": "Determines the decimal separator.", - "title": "DecimalSeparator", + "CustomLabel": { + "markdownDescription": "The custom label string for the subtotal cells.", + "title": "CustomLabel", "type": "string" }, - "ThousandsSeparator": { - "$ref": "#/definitions/AWS::QuickSight::Template.ThousandSeparatorOptions", - "markdownDescription": "The options that determine the thousands separator configuration.", - "title": "ThousandsSeparator" + "FieldLevel": { + "markdownDescription": "The field level (all, custom, last) for the subtotal cells.", + "title": "FieldLevel", + "type": "string" + }, + "FieldLevelOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableFieldSubtotalOptions" + }, + "markdownDescription": "The optional configuration of subtotal cells.", + "title": "FieldLevelOptions", + "type": "array" + }, + "MetricHeaderCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "markdownDescription": "The cell styling options for the subtotals of header cells.", + "title": "MetricHeaderCellStyle" + }, + "StyleTargets": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableStyleTarget" + }, + "markdownDescription": "The style targets options for subtotals.", + "title": "StyleTargets", + "type": "array" + }, + "TotalCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "markdownDescription": "The cell styling options for the subtotal cells.", + "title": "TotalCellStyle" + }, + "TotalsVisibility": { + "markdownDescription": "The visibility configuration for the subtotal cells.", + "title": "TotalsVisibility", + "type": "object" + }, + "ValueCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "markdownDescription": "The cell styling options for the subtotals of value cells.", + "title": "ValueCellStyle" } }, "type": "object" }, - "AWS::QuickSight::Template.NumericalAggregationFunction": { + "AWS::QuickSight::Template.TableAggregatedFieldWells": { "additionalProperties": false, "properties": { - "PercentileAggregation": { - "$ref": "#/definitions/AWS::QuickSight::Template.PercentileAggregation", - "markdownDescription": "An aggregation based on the percentile of values in a dimension or measure.", - "title": "PercentileAggregation" + "GroupBy": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The group by field well for a pivot table. Values are grouped by group by fields.", + "title": "GroupBy", + "type": "array" }, - "SimpleNumericalAggregation": { - "markdownDescription": "Built-in aggregation functions for numerical values.\n\n- `SUM` : The sum of a dimension or measure.\n- `AVERAGE` : The average of a dimension or measure.\n- `MIN` : The minimum value of a dimension or measure.\n- `MAX` : The maximum value of a dimension or measure.\n- `COUNT` : The count of a dimension or measure.\n- `DISTINCT_COUNT` : The count of distinct values in a dimension or measure.\n- `VAR` : The variance of a dimension or measure.\n- `VARP` : The partitioned variance of a dimension or measure.\n- `STDEV` : The standard deviation of a dimension or measure.\n- `STDEVP` : The partitioned standard deviation of a dimension or measure.\n- `MEDIAN` : The median value of a dimension or measure.", - "title": "SimpleNumericalAggregation", - "type": "string" + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The values field well for a pivot table. Values are aggregated based on group by fields.", + "title": "Values", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.NumericalDimensionField": { + "AWS::QuickSight::Template.TableBorderOptions": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that is used in the `NumericalDimensionField` .", - "title": "Column" - }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "Color": { + "markdownDescription": "The color of a table border.", + "title": "Color", "type": "string" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumberFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" - }, - "HierarchyId": { - "markdownDescription": "The custom hierarchy ID.", - "title": "HierarchyId", + "Style": { + "markdownDescription": "The style (none, solid) of a table border.", + "title": "Style", "type": "string" + }, + "Thickness": { + "markdownDescription": "The thickness of a table border.", + "title": "Thickness", + "type": "number" } }, - "required": [ - "Column", - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Template.NumericalMeasureField": { + "AWS::QuickSight::Template.TableCellConditionalFormatting": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericalAggregationFunction", - "markdownDescription": "The aggregation function of the measure field.", - "title": "AggregationFunction" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that is used in the `NumericalMeasureField` .", - "title": "Column" - }, "FieldId": { - "markdownDescription": "The custom field ID.", + "markdownDescription": "The field ID of the cell for conditional formatting.", "title": "FieldId", "type": "string" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumberFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" + "TextFormat": { + "$ref": "#/definitions/AWS::QuickSight::Template.TextConditionalFormat", + "markdownDescription": "The text format of the cell for conditional formatting.", + "title": "TextFormat" } }, "required": [ - "Column", "FieldId" ], "type": "object" }, - "AWS::QuickSight::Template.PaginationConfiguration": { + "AWS::QuickSight::Template.TableCellImageSizingConfiguration": { "additionalProperties": false, "properties": { - "PageNumber": { - "markdownDescription": "Indicates the page number.", - "title": "PageNumber", - "type": "number" - }, - "PageSize": { - "markdownDescription": "Indicates how many items render in one page.", - "title": "PageSize", - "type": "number" + "TableCellImageScalingConfiguration": { + "markdownDescription": "The cell scaling configuration of the sizing options for the table image configuration.", + "title": "TableCellImageScalingConfiguration", + "type": "string" } }, - "required": [ - "PageNumber", - "PageSize" - ], "type": "object" }, - "AWS::QuickSight::Template.PanelConfiguration": { + "AWS::QuickSight::Template.TableCellStyle": { "additionalProperties": false, "properties": { "BackgroundColor": { - "markdownDescription": "Sets the background color for each panel.", + "markdownDescription": "The background color for the table cells.", "title": "BackgroundColor", "type": "string" }, - "BackgroundVisibility": { - "markdownDescription": "Determines whether or not a background for each small multiples panel is rendered.", - "title": "BackgroundVisibility", - "type": "string" - }, - "BorderColor": { - "markdownDescription": "Sets the line color of panel borders.", - "title": "BorderColor", - "type": "string" + "Border": { + "$ref": "#/definitions/AWS::QuickSight::Template.GlobalTableBorderOptions", + "markdownDescription": "The borders for the table cells.", + "title": "Border" }, - "BorderStyle": { - "markdownDescription": "Sets the line style of panel borders.", - "title": "BorderStyle", - "type": "string" + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "markdownDescription": "The font configuration of the table cells.", + "title": "FontConfiguration" }, - "BorderThickness": { - "markdownDescription": "Sets the line thickness of panel borders.", - "title": "BorderThickness", - "type": "string" + "Height": { + "markdownDescription": "The height color for the table cells.", + "title": "Height", + "type": "number" }, - "BorderVisibility": { - "markdownDescription": "Determines whether or not each panel displays a border.", - "title": "BorderVisibility", + "HorizontalTextAlignment": { + "markdownDescription": "The horizontal text alignment (left, center, right, auto) for the table cells.", + "title": "HorizontalTextAlignment", "type": "string" }, - "GutterSpacing": { - "markdownDescription": "Sets the total amount of negative space to display between sibling panels.", - "title": "GutterSpacing", + "TextWrap": { + "markdownDescription": "The text wrap (none, wrap) for the table cells.", + "title": "TextWrap", "type": "string" }, - "GutterVisibility": { - "markdownDescription": "Determines whether or not negative space between sibling panels is rendered.", - "title": "GutterVisibility", + "VerticalTextAlignment": { + "markdownDescription": "The vertical text alignment (top, middle, bottom) for the table cells.", + "title": "VerticalTextAlignment", "type": "string" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.PanelTitleOptions", - "markdownDescription": "Configures the title display within each small multiples panel.", - "title": "Title" + "Visibility": { + "markdownDescription": "The visibility of the table cells.", + "title": "Visibility", + "type": "object" } }, "type": "object" }, - "AWS::QuickSight::Template.PanelTitleOptions": { + "AWS::QuickSight::Template.TableConditionalFormatting": { "additionalProperties": false, "properties": { - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", - "markdownDescription": "", - "title": "FontConfiguration" - }, - "HorizontalTextAlignment": { - "markdownDescription": "Sets the horizontal text alignment of the title within each panel.", - "title": "HorizontalTextAlignment", - "type": "string" - }, - "Visibility": { - "markdownDescription": "Determines whether or not panel titles are displayed.", - "title": "Visibility", - "type": "string" + "ConditionalFormattingOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableConditionalFormattingOption" + }, + "markdownDescription": "Conditional formatting options for a `PivotTableVisual` .", + "title": "ConditionalFormattingOptions", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.ParameterControl": { + "AWS::QuickSight::Template.TableConditionalFormattingOption": { "additionalProperties": false, "properties": { - "DateTimePicker": { - "$ref": "#/definitions/AWS::QuickSight::Template.ParameterDateTimePickerControl", - "markdownDescription": "A control from a date parameter that specifies date and time.", - "title": "DateTimePicker" - }, - "Dropdown": { - "$ref": "#/definitions/AWS::QuickSight::Template.ParameterDropDownControl", - "markdownDescription": "A control to display a dropdown list with buttons that are used to select a single value.", - "title": "Dropdown" - }, - "List": { - "$ref": "#/definitions/AWS::QuickSight::Template.ParameterListControl", - "markdownDescription": "A control to display a list with buttons or boxes that are used to select either a single value or multiple values.", - "title": "List" - }, - "Slider": { - "$ref": "#/definitions/AWS::QuickSight::Template.ParameterSliderControl", - "markdownDescription": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle.", - "title": "Slider" - }, - "TextArea": { - "$ref": "#/definitions/AWS::QuickSight::Template.ParameterTextAreaControl", - "markdownDescription": "A control to display a text box that is used to enter multiple entries.", - "title": "TextArea" + "Cell": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellConditionalFormatting", + "markdownDescription": "The cell conditional formatting option for a table.", + "title": "Cell" }, - "TextField": { - "$ref": "#/definitions/AWS::QuickSight::Template.ParameterTextFieldControl", - "markdownDescription": "A control to display a text box that is used to enter a single entry.", - "title": "TextField" + "Row": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableRowConditionalFormatting", + "markdownDescription": "The row conditional formatting option for a table.", + "title": "Row" } }, "type": "object" }, - "AWS::QuickSight::Template.ParameterDateTimePickerControl": { + "AWS::QuickSight::Template.TableConfiguration": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DateTimePickerControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "FieldOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldOptions", + "markdownDescription": "The field options for a table visual.", + "title": "FieldOptions" }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterDateTimePickerControl` .", - "title": "ParameterControlId", - "type": "string" + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" }, - "SourceParameterName": { - "markdownDescription": "The name of the `ParameterDateTimePickerControl` .", - "title": "SourceParameterName", - "type": "string" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" }, - "Title": { - "markdownDescription": "The title of the `ParameterDateTimePickerControl` .", - "title": "Title", - "type": "string" - } - }, - "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" - ], - "type": "object" - }, - "AWS::QuickSight::Template.ParameterDeclaration": { - "additionalProperties": false, - "properties": { - "DateTimeParameterDeclaration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeParameterDeclaration", - "markdownDescription": "A parameter declaration for the `DateTime` data type.", - "title": "DateTimeParameterDeclaration" + "PaginatedReportOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TablePaginatedReportOptions", + "markdownDescription": "The paginated report options for a table visual.", + "title": "PaginatedReportOptions" }, - "DecimalParameterDeclaration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DecimalParameterDeclaration", - "markdownDescription": "A parameter declaration for the `Decimal` data type.", - "title": "DecimalParameterDeclaration" + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableSortConfiguration", + "markdownDescription": "The sort configuration for a `TableVisual` .", + "title": "SortConfiguration" }, - "IntegerParameterDeclaration": { - "$ref": "#/definitions/AWS::QuickSight::Template.IntegerParameterDeclaration", - "markdownDescription": "A parameter declaration for the `Integer` data type.", - "title": "IntegerParameterDeclaration" + "TableInlineVisualizations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableInlineVisualization" + }, + "markdownDescription": "A collection of inline visualizations to display within a chart.", + "title": "TableInlineVisualizations", + "type": "array" }, - "StringParameterDeclaration": { - "$ref": "#/definitions/AWS::QuickSight::Template.StringParameterDeclaration", - "markdownDescription": "A parameter declaration for the `String` data type.", - "title": "StringParameterDeclaration" + "TableOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableOptions", + "markdownDescription": "The table options for a table visual.", + "title": "TableOptions" + }, + "TotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TotalOptions", + "markdownDescription": "The total options for a table visual.", + "title": "TotalOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.ParameterDropDownControl": { + "AWS::QuickSight::Template.TableFieldCustomIconContent": { "additionalProperties": false, "properties": { - "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.CascadingControlConfiguration", - "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", - "title": "CascadingControlConfiguration" - }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DropDownControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterDropDownControl` .", - "title": "ParameterControlId", - "type": "string" - }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Template.ParameterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" - }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterDropDownControl` .", - "title": "SourceParameterName", - "type": "string" - }, - "Title": { - "markdownDescription": "The title of the `ParameterDropDownControl` .", - "title": "Title", - "type": "string" - }, - "Type": { - "markdownDescription": "The type parameter name of the `ParameterDropDownControl` .", - "title": "Type", + "Icon": { + "markdownDescription": "The icon set type (link) of the custom icon content for table URL link content.", + "title": "Icon", "type": "string" } }, - "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" - ], "type": "object" }, - "AWS::QuickSight::Template.ParameterListControl": { - "additionalProperties": false, - "properties": { - "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.CascadingControlConfiguration", - "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", - "title": "CascadingControlConfiguration" - }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ListControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterListControl` .", - "title": "ParameterControlId", - "type": "string" - }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Template.ParameterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" - }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterListControl` .", - "title": "SourceParameterName", - "type": "string" - }, - "Title": { - "markdownDescription": "The title of the `ParameterListControl` .", - "title": "Title", - "type": "string" + "AWS::QuickSight::Template.TableFieldCustomTextContent": { + "additionalProperties": false, + "properties": { + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "markdownDescription": "The font configuration of the custom text content for the table URL link content.", + "title": "FontConfiguration" }, - "Type": { - "markdownDescription": "The type of `ParameterListControl` .", - "title": "Type", + "Value": { + "markdownDescription": "The string value of the custom text content for the table URL link content.", + "title": "Value", "type": "string" } }, "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" + "FontConfiguration" ], "type": "object" }, - "AWS::QuickSight::Template.ParameterSelectableValues": { + "AWS::QuickSight::Template.TableFieldImageConfiguration": { "additionalProperties": false, "properties": { - "LinkToDataSetColumn": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column identifier that fetches values from the data set.", - "title": "LinkToDataSetColumn" - }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The values that are used in `ParameterSelectableValues` .", - "title": "Values", - "type": "array" + "SizingOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellImageSizingConfiguration", + "markdownDescription": "The sizing options for the table image configuration.", + "title": "SizingOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.ParameterSliderControl": { + "AWS::QuickSight::Template.TableFieldLinkConfiguration": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SliderControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "MaximumValue": { - "markdownDescription": "The larger value that is displayed at the right of the slider.", - "title": "MaximumValue", - "type": "number" - }, - "MinimumValue": { - "markdownDescription": "The smaller value that is displayed at the left of the slider.", - "title": "MinimumValue", - "type": "number" - }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterSliderControl` .", - "title": "ParameterControlId", - "type": "string" - }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterSliderControl` .", - "title": "SourceParameterName", - "type": "string" - }, - "StepSize": { - "markdownDescription": "The number of increments that the slider bar is divided into.", - "title": "StepSize", - "type": "number" + "Content": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldLinkContentConfiguration", + "markdownDescription": "The URL content (text, icon) for the table link configuration.", + "title": "Content" }, - "Title": { - "markdownDescription": "The title of the `ParameterSliderControl` .", - "title": "Title", + "Target": { + "markdownDescription": "The URL target (new tab, new window, same tab) for the table link configuration.", + "title": "Target", "type": "string" } }, "required": [ - "MaximumValue", - "MinimumValue", - "ParameterControlId", - "SourceParameterName", - "StepSize", - "Title" + "Content", + "Target" ], "type": "object" }, - "AWS::QuickSight::Template.ParameterTextAreaControl": { + "AWS::QuickSight::Template.TableFieldLinkContentConfiguration": { "additionalProperties": false, "properties": { - "Delimiter": { - "markdownDescription": "The delimiter that is used to separate the lines in text.", - "title": "Delimiter", - "type": "string" - }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TextAreaControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "CustomIconContent": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldCustomIconContent", + "markdownDescription": "The custom icon content for the table link content configuration.", + "title": "CustomIconContent" }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterTextAreaControl` .", - "title": "ParameterControlId", + "CustomTextContent": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldCustomTextContent", + "markdownDescription": "The custom text content (value, font configuration) for the table link content configuration.", + "title": "CustomTextContent" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableFieldOption": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The custom label for a table field.", + "title": "CustomLabel", "type": "string" }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterTextAreaControl` .", - "title": "SourceParameterName", + "FieldId": { + "markdownDescription": "The field ID for a table field.", + "title": "FieldId", "type": "string" }, - "Title": { - "markdownDescription": "The title of the `ParameterTextAreaControl` .", - "title": "Title", + "URLStyling": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldURLConfiguration", + "markdownDescription": "The URL configuration for a table field.", + "title": "URLStyling" + }, + "Visibility": { + "markdownDescription": "The visibility of a table field.", + "title": "Visibility", + "type": "object" + }, + "Width": { + "markdownDescription": "The width for a table field.", + "title": "Width", "type": "string" } }, "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" + "FieldId" ], "type": "object" }, - "AWS::QuickSight::Template.ParameterTextFieldControl": { + "AWS::QuickSight::Template.TableFieldOptions": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TextFieldControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "Order": { + "items": { + "type": "string" + }, + "markdownDescription": "The order of the field IDs that are configured as field options for a table visual.", + "title": "Order", + "type": "array" }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterTextFieldControl` .", - "title": "ParameterControlId", - "type": "string" + "PinnedFieldOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TablePinnedFieldOptions", + "markdownDescription": "The settings for the pinned columns of a table visual.", + "title": "PinnedFieldOptions" }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterTextFieldControl` .", - "title": "SourceParameterName", - "type": "string" + "SelectedFieldOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldOption" + }, + "markdownDescription": "The field options to be configured to a table.", + "title": "SelectedFieldOptions", + "type": "array" }, - "Title": { - "markdownDescription": "The title of the `ParameterTextFieldControl` .", - "title": "Title", - "type": "string" + "TransposedTableOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.TransposedTableOption" + }, + "markdownDescription": "The `TableOptions` of a transposed table.", + "title": "TransposedTableOptions", + "type": "array" } }, - "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" - ], "type": "object" }, - "AWS::QuickSight::Template.PercentVisibleRange": { + "AWS::QuickSight::Template.TableFieldURLConfiguration": { "additionalProperties": false, "properties": { - "From": { - "markdownDescription": "The lower bound of the range.", - "title": "From", - "type": "number" + "ImageConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldImageConfiguration", + "markdownDescription": "The image configuration of a table field URL.", + "title": "ImageConfiguration" }, - "To": { - "markdownDescription": "The top bound of the range.", - "title": "To", - "type": "number" + "LinkConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldLinkConfiguration", + "markdownDescription": "The link configuration of a table field URL.", + "title": "LinkConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Template.PercentageDisplayFormatConfiguration": { + "AWS::QuickSight::Template.TableFieldWells": { "additionalProperties": false, "properties": { - "DecimalPlacesConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DecimalPlacesConfiguration", - "markdownDescription": "The option that determines the decimal places configuration.", - "title": "DecimalPlacesConfiguration" - }, - "NegativeValueConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NegativeValueConfiguration", - "markdownDescription": "The options that determine the negative value configuration.", - "title": "NegativeValueConfiguration" - }, - "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NullValueFormatConfiguration", - "markdownDescription": "The options that determine the null value format configuration.", - "title": "NullValueFormatConfiguration" - }, - "Prefix": { - "markdownDescription": "Determines the prefix value of the percentage format.", - "title": "Prefix", - "type": "string" - }, - "SeparatorConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericSeparatorConfiguration", - "markdownDescription": "The options that determine the numeric separator configuration.", - "title": "SeparatorConfiguration" + "TableAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableAggregatedFieldWells", + "markdownDescription": "The aggregated field well for the table.", + "title": "TableAggregatedFieldWells" }, - "Suffix": { - "markdownDescription": "Determines the suffix value of the percentage format.", - "title": "Suffix", - "type": "string" + "TableUnaggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableUnaggregatedFieldWells", + "markdownDescription": "The unaggregated field well for the table.", + "title": "TableUnaggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Template.PercentileAggregation": { + "AWS::QuickSight::Template.TableInlineVisualization": { "additionalProperties": false, "properties": { - "PercentileValue": { - "markdownDescription": "The percentile value. This value can be any numeric constant 0\u2013100. A percentile value of 50 computes the median value of the measure.", - "title": "PercentileValue", - "type": "number" + "DataBars": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataBarsOptions", + "markdownDescription": "The configuration of the inline visualization of the data bars within a chart.", + "title": "DataBars" } }, "type": "object" }, - "AWS::QuickSight::Template.PeriodOverPeriodComputation": { + "AWS::QuickSight::Template.TableOptions": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" + "CellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "markdownDescription": "The table cell style of table cells.", + "title": "CellStyle" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", - "type": "string" + "HeaderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "markdownDescription": "The table cell style of a table header.", + "title": "HeaderStyle" }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" + "Orientation": { + "markdownDescription": "The orientation (vertical, horizontal) for a table.", + "title": "Orientation", + "type": "string" }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "RowAlternateColorOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.RowAlternateColorOptions", + "markdownDescription": "The row alternate color options (widget status, row alternate colors) for a table.", + "title": "RowAlternateColorOptions" } }, - "required": [ - "ComputationId" - ], "type": "object" }, - "AWS::QuickSight::Template.PeriodToDateComputation": { + "AWS::QuickSight::Template.TablePaginatedReportOptions": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", - "type": "string" - }, - "PeriodTimeGranularity": { - "markdownDescription": "The time granularity setup of period to date computation. Choose from the following options:\n\n- YEAR: Year to date.\n- MONTH: Month to date.", - "title": "PeriodTimeGranularity", - "type": "string" - }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" + "OverflowColumnHeaderVisibility": { + "markdownDescription": "The visibility of repeating header rows on each page.", + "title": "OverflowColumnHeaderVisibility", + "type": "object" }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "VerticalOverflowVisibility": { + "markdownDescription": "The visibility of printing table overflow across pages.", + "title": "VerticalOverflowVisibility", + "type": "object" } }, - "required": [ - "ComputationId" - ], "type": "object" }, - "AWS::QuickSight::Template.PieChartAggregatedFieldWells": { + "AWS::QuickSight::Template.TablePinnedFieldOptions": { "additionalProperties": false, "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The category (group/color) field wells of a pie chart.", - "title": "Category", - "type": "array" - }, - "SmallMultiples": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The small multiples field well of a pie chart.", - "title": "SmallMultiples", - "type": "array" - }, - "Values": { + "PinnedLeftFields": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "type": "string" }, - "markdownDescription": "The value field wells of a pie chart. Values are aggregated based on categories.", - "title": "Values", + "markdownDescription": "A list of columns to be pinned to the left of a table visual.", + "title": "PinnedLeftFields", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.PieChartConfiguration": { + "AWS::QuickSight::Template.TableRowConditionalFormatting": { "additionalProperties": false, "properties": { - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options of the group/color that is displayed in a pie chart.", - "title": "CategoryLabelOptions" - }, - "ContributionAnalysisDefaults": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ContributionAnalysisDefault" - }, - "markdownDescription": "The contribution analysis (anomaly configuration) setup of the visual.", - "title": "ContributionAnalysisDefaults", - "type": "array" - }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.", - "title": "DataLabels" - }, - "DonutOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DonutOptions", - "markdownDescription": "The options that determine the shape of the chart. This option determines whether the chart is a pie chart or a donut chart.", - "title": "DonutOptions" + "BackgroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting color (solid, gradient) of the background for a table row.", + "title": "BackgroundColor" }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.PieChartFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting color (solid, gradient) of the text for a table row.", + "title": "TextColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableSideBorderOptions": { + "additionalProperties": false, + "properties": { + "Bottom": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", + "markdownDescription": "The table border options of the bottom border.", + "title": "Bottom" }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" + "InnerHorizontal": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", + "markdownDescription": "The table border options of the inner horizontal border.", + "title": "InnerHorizontal" }, - "SmallMultiplesOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SmallMultiplesOptions", - "markdownDescription": "The small multiples setup for the visual.", - "title": "SmallMultiplesOptions" + "InnerVertical": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", + "markdownDescription": "The table border options of the inner vertical border.", + "title": "InnerVertical" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.PieChartSortConfiguration", - "markdownDescription": "The sort configuration of a pie chart.", - "title": "SortConfiguration" + "Left": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", + "markdownDescription": "The table border options of the left border.", + "title": "Left" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" + "Right": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", + "markdownDescription": "The table border options of the right border.", + "title": "Right" }, - "ValueLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options for the value that is displayed in a pie chart.", - "title": "ValueLabelOptions" + "Top": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", + "markdownDescription": "The table border options of the top border.", + "title": "Top" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableSortConfiguration": { + "additionalProperties": false, + "properties": { + "PaginationConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.PaginationConfiguration", + "markdownDescription": "The pagination configuration (page size, page number) for the table.", + "title": "PaginationConfiguration" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" + "RowSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The field sort options for rows in the table.", + "title": "RowSort", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.PieChartFieldWells": { + "AWS::QuickSight::Template.TableStyleTarget": { "additionalProperties": false, "properties": { - "PieChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.PieChartAggregatedFieldWells", - "markdownDescription": "The field well configuration of a pie chart.", - "title": "PieChartAggregatedFieldWells" + "CellType": { + "markdownDescription": "The cell type of the table style target.", + "title": "CellType", + "type": "string" } }, + "required": [ + "CellType" + ], "type": "object" }, - "AWS::QuickSight::Template.PieChartSortConfiguration": { + "AWS::QuickSight::Template.TableUnaggregatedFieldWells": { "additionalProperties": false, "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of categories that are displayed in a pie chart.", - "title": "CategoryItemsLimit" - }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the category fields.", - "title": "CategorySort", - "type": "array" - }, - "SmallMultiplesLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of small multiples panels that are displayed.", - "title": "SmallMultiplesLimitConfiguration" - }, - "SmallMultiplesSort": { + "Values": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + "$ref": "#/definitions/AWS::QuickSight::Template.UnaggregatedField" }, - "markdownDescription": "The sort configuration of the small multiples field.", - "title": "SmallMultiplesSort", + "markdownDescription": "The values field well for a pivot table. Values are unaggregated for an unaggregated table.", + "title": "Values", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.PieChartVisual": { + "AWS::QuickSight::Template.TableVisual": { "additionalProperties": false, "properties": { "Actions": { @@ -218045,17 +262592,14 @@ "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.PieChartConfiguration", - "markdownDescription": "The configuration of a pie chart.", + "$ref": "#/definitions/AWS::QuickSight::Template.TableConfiguration", + "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "ConditionalFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableConditionalFormatting", + "markdownDescription": "The conditional formatting for a `PivotTableVisual` .", + "title": "ConditionalFormatting" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", @@ -218067,8 +262611,13 @@ "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", "title": "VisualId", "type": "string" } @@ -218078,503 +262627,737 @@ ], "type": "object" }, - "AWS::QuickSight::Template.PivotFieldSortOptions": { + "AWS::QuickSight::Template.TemplateError": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID for the field sort options.", - "title": "FieldId", + "Message": { + "markdownDescription": "Description of the error type.", + "title": "Message", "type": "string" }, - "SortBy": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableSortBy", - "markdownDescription": "The sort by field for the field sort options.", - "title": "SortBy" + "Type": { + "markdownDescription": "Type of error.", + "title": "Type", + "type": "string" + }, + "ViolatedEntities": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.Entity" + }, + "markdownDescription": "An error path that shows which entities caused the template error.", + "title": "ViolatedEntities", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TemplateSourceAnalysis": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", + "title": "Arn", + "type": "string" + }, + "DataSetReferences": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataSetReference" + }, + "markdownDescription": "A structure containing information about the dataset references used as placeholders in the template.", + "title": "DataSetReferences", + "type": "array" } }, "required": [ - "FieldId", - "SortBy" + "Arn", + "DataSetReferences" ], "type": "object" }, - "AWS::QuickSight::Template.PivotTableAggregatedFieldWells": { + "AWS::QuickSight::Template.TemplateSourceEntity": { "additionalProperties": false, "properties": { - "Columns": { + "SourceAnalysis": { + "$ref": "#/definitions/AWS::QuickSight::Template.TemplateSourceAnalysis", + "markdownDescription": "The source analysis, if it is based on an analysis.", + "title": "SourceAnalysis" + }, + "SourceTemplate": { + "$ref": "#/definitions/AWS::QuickSight::Template.TemplateSourceTemplate", + "markdownDescription": "The source template, if it is based on an template.", + "title": "SourceTemplate" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TemplateSourceTemplate": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", + "title": "Arn", + "type": "string" + } + }, + "required": [ + "Arn" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TemplateVersion": { + "additionalProperties": false, + "properties": { + "CreatedTime": { + "markdownDescription": "The time that this template version was created.", + "title": "CreatedTime", + "type": "string" + }, + "DataSetConfigurations": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Template.DataSetConfiguration" }, - "markdownDescription": "The columns field well for a pivot table. Values are grouped by columns fields.", - "title": "Columns", + "markdownDescription": "Schema of the dataset identified by the placeholder. Any dashboard created from this template should be bound to new datasets matching the same schema described through this API operation.", + "title": "DataSetConfigurations", "type": "array" }, - "Rows": { + "Description": { + "markdownDescription": "The description of the template.", + "title": "Description", + "type": "string" + }, + "Errors": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Template.TemplateError" }, - "markdownDescription": "The rows field well for a pivot table. Values are grouped by rows fields.", - "title": "Rows", + "markdownDescription": "Errors associated with this template version.", + "title": "Errors", "type": "array" }, - "Values": { + "Sheets": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Template.Sheet" }, - "markdownDescription": "The values field well for a pivot table. Values are aggregated based on rows and columns fields.", - "title": "Values", + "markdownDescription": "A list of the associated sheets with the unique identifier and name of each sheet.", + "title": "Sheets", "type": "array" + }, + "SourceEntityArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an analysis or template that was used to create this template.", + "title": "SourceEntityArn", + "type": "string" + }, + "Status": { + "markdownDescription": "The status that is associated with the template.\n\n- `CREATION_IN_PROGRESS`\n- `CREATION_SUCCESSFUL`\n- `CREATION_FAILED`\n- `UPDATE_IN_PROGRESS`\n- `UPDATE_SUCCESSFUL`\n- `UPDATE_FAILED`\n- `DELETED`", + "title": "Status", + "type": "string" + }, + "ThemeArn": { + "markdownDescription": "The ARN of the theme associated with this version of the template.", + "title": "ThemeArn", + "type": "string" + }, + "VersionNumber": { + "markdownDescription": "The version number of the template version.", + "title": "VersionNumber", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Template.PivotTableCellConditionalFormatting": { + "AWS::QuickSight::Template.TemplateVersionDefinition": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID of the cell for conditional formatting.", - "title": "FieldId", - "type": "string" + "AnalysisDefaults": { + "$ref": "#/definitions/AWS::QuickSight::Template.AnalysisDefaults", + "markdownDescription": "", + "title": "AnalysisDefaults" }, - "Scope": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableConditionalFormattingScope", - "markdownDescription": "The scope of the cell for conditional formatting.", - "title": "Scope" + "CalculatedFields": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.CalculatedField" + }, + "markdownDescription": "An array of calculated field definitions for the template.", + "title": "CalculatedFields", + "type": "array" }, - "Scopes": { + "ColumnConfigurations": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableConditionalFormattingScope" + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnConfiguration" }, - "markdownDescription": "A list of cell scopes for conditional formatting.", - "title": "Scopes", + "markdownDescription": "An array of template-level column configurations. Column configurations are used to set default formatting for a column that's used throughout a template.", + "title": "ColumnConfigurations", "type": "array" }, - "TextFormat": { - "$ref": "#/definitions/AWS::QuickSight::Template.TextConditionalFormat", - "markdownDescription": "The text format of the cell for conditional formatting.", - "title": "TextFormat" + "DataSetConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataSetConfiguration" + }, + "markdownDescription": "An array of dataset configurations. These configurations define the required columns for each dataset used within a template.", + "title": "DataSetConfigurations", + "type": "array" + }, + "FilterGroups": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterGroup" + }, + "markdownDescription": "Filter definitions for a template.\n\nFor more information, see [Filtering Data](https://docs.aws.amazon.com/quicksight/latest/user/filtering-visual-data.html) in the *Amazon QuickSight User Guide* .", + "title": "FilterGroups", + "type": "array" + }, + "Options": { + "$ref": "#/definitions/AWS::QuickSight::Template.AssetOptions", + "markdownDescription": "An array of option definitions for a template.", + "title": "Options" + }, + "ParameterDeclarations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ParameterDeclaration" + }, + "markdownDescription": "An array of parameter declarations for a template.\n\n*Parameters* are named variables that can transfer a value for use by an action or an object.\n\nFor more information, see [Parameters in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-in-quicksight.html) in the *Amazon QuickSight User Guide* .", + "title": "ParameterDeclarations", + "type": "array" + }, + "QueryExecutionOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.QueryExecutionOptions", + "markdownDescription": "", + "title": "QueryExecutionOptions" + }, + "Sheets": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetDefinition" + }, + "markdownDescription": "An array of sheet definitions for a template.", + "title": "Sheets", + "type": "array" } }, "required": [ - "FieldId" + "DataSetConfigurations" ], "type": "object" }, - "AWS::QuickSight::Template.PivotTableConditionalFormatting": { + "AWS::QuickSight::Template.TextAreaControlDisplayOptions": { "additionalProperties": false, "properties": { - "ConditionalFormattingOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableConditionalFormattingOption" - }, - "markdownDescription": "Conditional formatting options for a `PivotTableVisual` .", - "title": "ConditionalFormattingOptions", - "type": "array" + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "PlaceholderOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TextControlPlaceholderOptions", + "markdownDescription": "The configuration of the placeholder options in a text area control.", + "title": "PlaceholderOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.PivotTableConditionalFormattingOption": { + "AWS::QuickSight::Template.TextConditionalFormat": { "additionalProperties": false, "properties": { - "Cell": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableCellConditionalFormatting", - "markdownDescription": "The cell conditional formatting option for a pivot table.", - "title": "Cell" + "BackgroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting for the text background color.", + "title": "BackgroundColor" + }, + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting for the icon.", + "title": "Icon" + }, + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting for the text color.", + "title": "TextColor" } }, "type": "object" }, - "AWS::QuickSight::Template.PivotTableConditionalFormattingScope": { + "AWS::QuickSight::Template.TextControlPlaceholderOptions": { "additionalProperties": false, "properties": { - "Role": { - "markdownDescription": "The role (field, field total, grand total) of the cell for conditional formatting.", - "title": "Role", - "type": "string" + "Visibility": { + "markdownDescription": "The visibility configuration of the placeholder options in a text control.", + "title": "Visibility", + "type": "object" } }, "type": "object" }, - "AWS::QuickSight::Template.PivotTableConfiguration": { + "AWS::QuickSight::Template.TextFieldControlDisplayOptions": { "additionalProperties": false, "properties": { - "FieldOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableFieldOptions", - "markdownDescription": "The field options for a pivot table visual.", - "title": "FieldOptions" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "PaginatedReportOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTablePaginatedReportOptions", - "markdownDescription": "The paginated report options for a pivot table visual.", - "title": "PaginatedReportOptions" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableSortConfiguration", - "markdownDescription": "The sort configuration for a `PivotTableVisual` .", - "title": "SortConfiguration" + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" }, - "TableOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableOptions", - "markdownDescription": "The table options for a pivot table visual.", - "title": "TableOptions" + "PlaceholderOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TextControlPlaceholderOptions", + "markdownDescription": "The configuration of the placeholder options in a text field control.", + "title": "PlaceholderOptions" }, - "TotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableTotalOptions", - "markdownDescription": "The total options for a pivot table visual.", - "title": "TotalOptions" + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.PivotTableDataPathOption": { + "AWS::QuickSight::Template.ThousandSeparatorOptions": { "additionalProperties": false, "properties": { - "DataPathList": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataPathValue" - }, - "markdownDescription": "The list of data path values for the data path options.", - "title": "DataPathList", - "type": "array" + "GroupingStyle": { + "markdownDescription": "Determines the way numbers are styled to accommodate different readability standards. The `DEFAULT` value uses the standard international grouping system and groups numbers by the thousands. The `LAKHS` value uses the Indian numbering system and groups numbers by lakhs and crores.", + "title": "GroupingStyle", + "type": "string" }, - "Width": { - "markdownDescription": "The width of the data path option.", - "title": "Width", + "Symbol": { + "markdownDescription": "Determines the thousands separator symbol.", + "title": "Symbol", "type": "string" + }, + "Visibility": { + "markdownDescription": "Determines the visibility of the thousands separator.", + "title": "Visibility", + "type": "object" } }, - "required": [ - "DataPathList" - ], "type": "object" }, - "AWS::QuickSight::Template.PivotTableFieldCollapseStateOption": { + "AWS::QuickSight::Template.TimeBasedForecastProperties": { "additionalProperties": false, "properties": { - "State": { - "markdownDescription": "The state of the field target of a pivot table. Choose one of the following options:\n\n- `COLLAPSED`\n- `EXPANDED`", - "title": "State", - "type": "string" + "LowerBoundary": { + "markdownDescription": "The lower boundary setup of a forecast computation.", + "title": "LowerBoundary", + "type": "number" }, - "Target": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableFieldCollapseStateTarget", - "markdownDescription": "A tagged-union object that sets the collapse state.", - "title": "Target" + "PeriodsBackward": { + "markdownDescription": "The periods backward setup of a forecast computation.", + "title": "PeriodsBackward", + "type": "number" + }, + "PeriodsForward": { + "markdownDescription": "The periods forward setup of a forecast computation.", + "title": "PeriodsForward", + "type": "number" + }, + "PredictionInterval": { + "markdownDescription": "The prediction interval setup of a forecast computation.", + "title": "PredictionInterval", + "type": "number" + }, + "Seasonality": { + "markdownDescription": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `NULL` : The input is set to `NULL` .\n- `NON_NULL` : The input is set to a custom value.", + "title": "Seasonality", + "type": "number" + }, + "UpperBoundary": { + "markdownDescription": "The upper boundary setup of a forecast computation.", + "title": "UpperBoundary", + "type": "number" } }, - "required": [ - "Target" - ], "type": "object" }, - "AWS::QuickSight::Template.PivotTableFieldCollapseStateTarget": { + "AWS::QuickSight::Template.TimeEqualityFilter": { "additionalProperties": false, "properties": { - "FieldDataPathValues": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataPathValue" - }, - "markdownDescription": "The data path of the pivot table's header. Used to set the collapse state.", - "title": "FieldDataPathValues", - "type": "array" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" }, - "FieldId": { - "markdownDescription": "The field ID of the pivot table that the collapse state needs to be set to.", - "title": "FieldId", + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + }, + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `Value` and `RollingDate` .", + "title": "ParameterName", + "type": "string" + }, + "RollingDate": { + "$ref": "#/definitions/AWS::QuickSight::Template.RollingDateConfiguration", + "markdownDescription": "The rolling date input for the `TimeEquality` filter.\n\nThis field is mutually exclusive to `Value` and `ParameterName` .", + "title": "RollingDate" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of a `TimeEquality` filter.\n\nThis field is mutually exclusive to `RollingDate` and `ParameterName` .", + "title": "Value", "type": "string" } }, + "required": [ + "Column", + "FilterId" + ], "type": "object" }, - "AWS::QuickSight::Template.PivotTableFieldOption": { + "AWS::QuickSight::Template.TimeRangeDrillDownFilter": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label of the pivot table field.", - "title": "CustomLabel", + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "RangeMaximum": { + "markdownDescription": "The maximum value for the filter value range.", + "title": "RangeMaximum", "type": "string" }, - "FieldId": { - "markdownDescription": "The field ID of the pivot table field.", - "title": "FieldId", + "RangeMinimum": { + "markdownDescription": "The minimum value for the filter value range.", + "title": "RangeMinimum", "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the pivot table field.", - "title": "Visibility", + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", "type": "string" } }, "required": [ - "FieldId" + "Column", + "RangeMaximum", + "RangeMinimum", + "TimeGranularity" ], "type": "object" }, - "AWS::QuickSight::Template.PivotTableFieldOptions": { + "AWS::QuickSight::Template.TimeRangeFilter": { "additionalProperties": false, "properties": { - "CollapseStateOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableFieldCollapseStateOption" - }, - "markdownDescription": "The collapse state options for the pivot table field options.", - "title": "CollapseStateOptions", - "type": "array" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" }, - "DataPathOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableDataPathOption" - }, - "markdownDescription": "The data path options for the pivot table field options.", - "title": "DataPathOptions", - "type": "array" + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "ExcludePeriodConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ExcludePeriodConfiguration", + "markdownDescription": "The exclude period of the time range filter.", + "title": "ExcludePeriodConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + }, + "IncludeMaximum": { + "markdownDescription": "Determines whether the maximum value in the filter value range should be included in the filtered results.", + "title": "IncludeMaximum", + "type": "boolean" + }, + "IncludeMinimum": { + "markdownDescription": "Determines whether the minimum value in the filter value range should be included in the filtered results.", + "title": "IncludeMinimum", + "type": "boolean" + }, + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" + }, + "RangeMaximumValue": { + "$ref": "#/definitions/AWS::QuickSight::Template.TimeRangeFilterValue", + "markdownDescription": "The maximum value for the filter value range.", + "title": "RangeMaximumValue" + }, + "RangeMinimumValue": { + "$ref": "#/definitions/AWS::QuickSight::Template.TimeRangeFilterValue", + "markdownDescription": "The minimum value for the filter value range.", + "title": "RangeMinimumValue" }, - "SelectedFieldOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableFieldOption" - }, - "markdownDescription": "The selected field options for the pivot table field options.", - "title": "SelectedFieldOptions", - "type": "array" + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" } }, + "required": [ + "Column", + "FilterId", + "NullOption" + ], "type": "object" }, - "AWS::QuickSight::Template.PivotTableFieldSubtotalOptions": { + "AWS::QuickSight::Template.TimeRangeFilterValue": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID of the subtotal options.", - "title": "FieldId", + "Parameter": { + "markdownDescription": "The parameter type input value.", + "title": "Parameter", + "type": "string" + }, + "RollingDate": { + "$ref": "#/definitions/AWS::QuickSight::Template.RollingDateConfiguration", + "markdownDescription": "The rolling date input value.", + "title": "RollingDate" + }, + "StaticValue": { + "markdownDescription": "The static input value.", + "title": "StaticValue", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.PivotTableFieldWells": { + "AWS::QuickSight::Template.TooltipItem": { "additionalProperties": false, "properties": { - "PivotTableAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableAggregatedFieldWells", - "markdownDescription": "The aggregated field well for the pivot table.", - "title": "PivotTableAggregatedFieldWells" + "ColumnTooltipItem": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnTooltipItem", + "markdownDescription": "The tooltip item for the columns that are not part of a field well.", + "title": "ColumnTooltipItem" + }, + "FieldTooltipItem": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldTooltipItem", + "markdownDescription": "The tooltip item for the fields.", + "title": "FieldTooltipItem" } }, "type": "object" }, - "AWS::QuickSight::Template.PivotTableOptions": { + "AWS::QuickSight::Template.TooltipOptions": { "additionalProperties": false, "properties": { - "CellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", - "markdownDescription": "The table cell style of cells.", - "title": "CellStyle" + "FieldBasedTooltip": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldBasedTooltip", + "markdownDescription": "The setup for the detailed tooltip. The tooltip setup is always saved. The display type is decided based on the tooltip type.", + "title": "FieldBasedTooltip" }, - "CollapsedRowDimensionsVisibility": { - "markdownDescription": "The visibility setting of a pivot table's collapsed row dimension fields. If the value of this structure is `HIDDEN` , all collapsed columns in a pivot table are automatically hidden. The default value is `VISIBLE` .", - "title": "CollapsedRowDimensionsVisibility", + "SelectedTooltipType": { + "markdownDescription": "The selected type for the tooltip. Choose one of the following options:\n\n- `BASIC` : A basic tooltip.\n- `DETAILED` : A detailed tooltip.", + "title": "SelectedTooltipType", "type": "string" }, - "ColumnHeaderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", - "markdownDescription": "The table cell style of the column header.", - "title": "ColumnHeaderStyle" + "TooltipVisibility": { + "markdownDescription": "Determines whether or not the tooltip is visible.", + "title": "TooltipVisibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TopBottomFilter": { + "additionalProperties": false, + "properties": { + "AggregationSortConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.AggregationSortConfiguration" + }, + "markdownDescription": "The aggregation and sort configuration of the top bottom filter.", + "title": "AggregationSortConfigurations", + "type": "array" }, - "ColumnNamesVisibility": { - "markdownDescription": "The visibility of the column names.", - "title": "ColumnNamesVisibility", - "type": "string" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" }, - "DefaultCellWidth": { - "markdownDescription": "The default cell width of the pivot table.", - "title": "DefaultCellWidth", - "type": "string" + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" }, - "MetricPlacement": { - "markdownDescription": "The metric placement (row, column) options.", - "title": "MetricPlacement", + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", "type": "string" }, - "RowAlternateColorOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.RowAlternateColorOptions", - "markdownDescription": "The row alternate color options (widget status, row alternate colors).", - "title": "RowAlternateColorOptions" - }, - "RowFieldNamesStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", - "markdownDescription": "The table cell style of row field names.", - "title": "RowFieldNamesStyle" - }, - "RowHeaderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", - "markdownDescription": "The table cell style of the row headers.", - "title": "RowHeaderStyle" - }, - "RowsLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableRowsLabelOptions", - "markdownDescription": "The options for the label that is located above the row headers. This option is only applicable when `RowsLayout` is set to `HIERARCHY` .", - "title": "RowsLabelOptions" - }, - "RowsLayout": { - "markdownDescription": "The layout for the row dimension headers of a pivot table. Choose one of the following options.\n\n- `TABULAR` : (Default) Each row field is displayed in a separate column.\n- `HIERARCHY` : All row fields are displayed in a single column. Indentation is used to differentiate row headers of different fields.", - "title": "RowsLayout", - "type": "string" + "Limit": { + "markdownDescription": "The number of items to include in the top bottom filter results.", + "title": "Limit", + "type": "number" }, - "SingleMetricVisibility": { - "markdownDescription": "The visibility of the single metric options.", - "title": "SingleMetricVisibility", + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.", + "title": "ParameterName", "type": "string" }, - "ToggleButtonsVisibility": { - "markdownDescription": "Determines the visibility of the pivot table.", - "title": "ToggleButtonsVisibility", + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", "type": "string" } }, + "required": [ + "AggregationSortConfigurations", + "Column", + "FilterId" + ], "type": "object" }, - "AWS::QuickSight::Template.PivotTablePaginatedReportOptions": { + "AWS::QuickSight::Template.TopBottomMoversComputation": { "additionalProperties": false, "properties": { - "OverflowColumnHeaderVisibility": { - "markdownDescription": "The visibility of the repeating header rows on each page.", - "title": "OverflowColumnHeaderVisibility", + "Category": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", + "markdownDescription": "The category field that is used in a computation.", + "title": "Category" + }, + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", "type": "string" }, - "VerticalOverflowVisibility": { - "markdownDescription": "The visibility of the printing table overflow across pages.", - "title": "VerticalOverflowVisibility", + "MoverSize": { + "markdownDescription": "The mover size setup of the top and bottom movers computation.", + "title": "MoverSize", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.PivotTableRowsLabelOptions": { - "additionalProperties": false, - "properties": { - "CustomLabel": { - "markdownDescription": "The custom label string for the rows label.", - "title": "CustomLabel", + }, + "SortOrder": { + "markdownDescription": "The sort order setup of the top and bottom movers computation.", + "title": "SortOrder", "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the rows label.", - "title": "Visibility", + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + }, + "Type": { + "markdownDescription": "The computation type. Choose from the following options:\n\n- TOP: Top movers computation.\n- BOTTOM: Bottom movers computation.", + "title": "Type", "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" } }, + "required": [ + "ComputationId", + "Type" + ], "type": "object" }, - "AWS::QuickSight::Template.PivotTableSortBy": { + "AWS::QuickSight::Template.TopBottomRankedComputation": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnSort", - "markdownDescription": "The column sort (field id, direction) for the pivot table sort by options.", - "title": "Column" + "Category": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", + "markdownDescription": "The category field that is used in a computation.", + "title": "Category" }, - "DataPath": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataPathSort", - "markdownDescription": "The data path sort (data path value, direction) for the pivot table sort by options.", - "title": "DataPath" + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" }, - "Field": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSort", - "markdownDescription": "The field sort (field id, direction) for the pivot table sort by options.", - "title": "Field" + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "ResultSize": { + "markdownDescription": "The result size of a top and bottom ranked computation.", + "title": "ResultSize", + "type": "number" + }, + "Type": { + "markdownDescription": "The computation type. Choose one of the following options:\n\n- TOP: A top ranked computation.\n- BOTTOM: A bottom ranked computation.", + "title": "Type", + "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" } }, + "required": [ + "ComputationId", + "Type" + ], "type": "object" }, - "AWS::QuickSight::Template.PivotTableSortConfiguration": { + "AWS::QuickSight::Template.TotalAggregationComputation": { "additionalProperties": false, "properties": { - "FieldSortOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotFieldSortOptions" - }, - "markdownDescription": "The field sort options for a pivot table sort configuration.", - "title": "FieldSortOptions", - "type": "array" + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" } }, + "required": [ + "ComputationId" + ], "type": "object" }, - "AWS::QuickSight::Template.PivotTableTotalOptions": { + "AWS::QuickSight::Template.TotalAggregationFunction": { "additionalProperties": false, "properties": { - "ColumnSubtotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SubtotalOptions", - "markdownDescription": "The column subtotal options.", - "title": "ColumnSubtotalOptions" - }, - "ColumnTotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTotalOptions", - "markdownDescription": "The column total options.", - "title": "ColumnTotalOptions" - }, - "RowSubtotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SubtotalOptions", - "markdownDescription": "The row subtotal options.", - "title": "RowSubtotalOptions" - }, - "RowTotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTotalOptions", - "markdownDescription": "The row total options.", - "title": "RowTotalOptions" + "SimpleTotalAggregationFunction": { + "markdownDescription": "A built in aggregation function for total values.", + "title": "SimpleTotalAggregationFunction", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.PivotTableVisual": { + "AWS::QuickSight::Template.TotalAggregationOption": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" - }, - "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableConditionalFormatting", - "markdownDescription": "The conditional formatting for a `PivotTableVisual` .", - "title": "ConditionalFormatting" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" - }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "FieldId": { + "markdownDescription": "The field id that's associated with the total aggregation option.", + "title": "FieldId", "type": "string" + }, + "TotalAggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Template.TotalAggregationFunction", + "markdownDescription": "The total aggregation function that you want to set for a specified field id.", + "title": "TotalAggregationFunction" } }, "required": [ - "VisualId" + "FieldId", + "TotalAggregationFunction" ], "type": "object" }, - "AWS::QuickSight::Template.PivotTotalOptions": { + "AWS::QuickSight::Template.TotalOptions": { "additionalProperties": false, "properties": { "CustomLabel": { @@ -218582,11 +263365,6 @@ "title": "CustomLabel", "type": "string" }, - "MetricHeaderCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", - "markdownDescription": "The cell styling options for the total of header cells.", - "title": "MetricHeaderCellStyle" - }, "Placement": { "markdownDescription": "The placement (start, end) for the total cells.", "title": "Placement", @@ -218601,247 +263379,164 @@ "items": { "$ref": "#/definitions/AWS::QuickSight::Template.TotalAggregationOption" }, - "markdownDescription": "The total aggregation options for each value field.", + "markdownDescription": "The total aggregation settings for each value field.", "title": "TotalAggregationOptions", "type": "array" }, "TotalCellStyle": { "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", - "markdownDescription": "The cell styling options for the total cells.", + "markdownDescription": "Cell styling options for the total cells.", "title": "TotalCellStyle" }, "TotalsVisibility": { "markdownDescription": "The visibility configuration for the total cells.", "title": "TotalsVisibility", - "type": "string" - }, - "ValueCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", - "markdownDescription": "The cell styling options for the totals of value cells.", - "title": "ValueCellStyle" + "type": "object" } }, "type": "object" }, - "AWS::QuickSight::Template.PredefinedHierarchy": { + "AWS::QuickSight::Template.TransposedTableOption": { "additionalProperties": false, "properties": { - "Columns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier" - }, - "markdownDescription": "The list of columns that define the predefined hierarchy.", - "title": "Columns", - "type": "array" + "ColumnIndex": { + "markdownDescription": "The index of a columns in a transposed table. The index range is 0-9999.", + "title": "ColumnIndex", + "type": "number" }, - "DrillDownFilters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DrillDownFilter" - }, - "markdownDescription": "The option that determines the drill down filters for the predefined hierarchy.", - "title": "DrillDownFilters", - "type": "array" + "ColumnType": { + "markdownDescription": "The column type of the column in a transposed table. Choose one of the following options:\n\n- `ROW_HEADER_COLUMN` : Refers to the leftmost column of the row header in the transposed table.\n- `VALUE_COLUMN` : Refers to all value columns in the transposed table.", + "title": "ColumnType", + "type": "string" }, - "HierarchyId": { - "markdownDescription": "The hierarchy ID of the predefined hierarchy.", - "title": "HierarchyId", + "ColumnWidth": { + "markdownDescription": "The width of a column in a transposed table.", + "title": "ColumnWidth", "type": "string" } }, "required": [ - "Columns", - "HierarchyId" + "ColumnType" ], "type": "object" }, - "AWS::QuickSight::Template.ProgressBarOptions": { - "additionalProperties": false, - "properties": { - "Visibility": { - "markdownDescription": "The visibility of the progress bar.", - "title": "Visibility", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.RadarChartAggregatedFieldWells": { + "AWS::QuickSight::Template.TreeMapAggregatedFieldWells": { "additionalProperties": false, "properties": { - "Category": { + "Colors": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" }, - "markdownDescription": "The aggregated field well categories of a radar chart.", - "title": "Category", + "markdownDescription": "The color field well of a tree map. Values are grouped by aggregations based on group by fields.", + "title": "Colors", "type": "array" }, - "Color": { + "Groups": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, - "markdownDescription": "The color that are assigned to the aggregated field wells of a radar chart.", - "title": "Color", + "markdownDescription": "The group by field well of a tree map. Values are grouped based on group by fields.", + "title": "Groups", "type": "array" }, - "Values": { + "Sizes": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" }, - "markdownDescription": "The values that are assigned to the aggregated field wells of a radar chart.", - "title": "Values", + "markdownDescription": "The size field well of a tree map. Values are aggregated based on group by fields.", + "title": "Sizes", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.RadarChartAreaStyleSettings": { - "additionalProperties": false, - "properties": { - "Visibility": { - "markdownDescription": "The visibility settings of a radar chart.", - "title": "Visibility", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.RadarChartConfiguration": { + "AWS::QuickSight::Template.TreeMapConfiguration": { "additionalProperties": false, "properties": { - "AlternateBandColorsVisibility": { - "markdownDescription": "Determines the visibility of the colors of alternatign bands in a radar chart.", - "title": "AlternateBandColorsVisibility", - "type": "string" - }, - "AlternateBandEvenColor": { - "markdownDescription": "The color of the even-numbered alternate bands of a radar chart.", - "title": "AlternateBandEvenColor", - "type": "string" - }, - "AlternateBandOddColor": { - "markdownDescription": "The color of the odd-numbered alternate bands of a radar chart.", - "title": "AlternateBandOddColor", - "type": "string" - }, - "AxesRangeScale": { - "markdownDescription": "The axis behavior options of a radar chart.", - "title": "AxesRangeScale", - "type": "string" - }, - "BaseSeriesSettings": { - "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartSeriesSettings", - "markdownDescription": "The base sreies settings of a radar chart.", - "title": "BaseSeriesSettings" - }, - "CategoryAxis": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", - "markdownDescription": "The category axis of a radar chart.", - "title": "CategoryAxis" - }, - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The category label options of a radar chart.", - "title": "CategoryLabelOptions" - }, - "ColorAxis": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", - "markdownDescription": "The color axis of a radar chart.", - "title": "ColorAxis" - }, "ColorLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The color label options of a radar chart.", + "markdownDescription": "The label options (label text, label visibility) for the colors displayed in a tree map.", "title": "ColorLabelOptions" }, + "ColorScale": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColorScale", + "markdownDescription": "The color options (gradient color, point of divergence) of a tree map.", + "title": "ColorScale" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.", + "title": "DataLabels" + }, "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartFieldWells", - "markdownDescription": "The field well configuration of a `RadarChartVisual` .", + "$ref": "#/definitions/AWS::QuickSight::Template.TreeMapFieldWells", + "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, + "GroupLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility) of the groups that are displayed in a tree map.", + "title": "GroupLabelOptions" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, "Legend": { "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Legend" }, - "Shape": { - "markdownDescription": "The shape of the radar chart.", - "title": "Shape", - "type": "string" + "SizeLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility) of the sizes that are displayed in a tree map.", + "title": "SizeLabelOptions" }, "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartSortConfiguration", - "markdownDescription": "The sort configuration of a `RadarChartVisual` .", + "$ref": "#/definitions/AWS::QuickSight::Template.TreeMapSortConfiguration", + "markdownDescription": "The sort configuration of a tree map.", "title": "SortConfiguration" }, - "StartAngle": { - "markdownDescription": "The start angle of a radar chart's axis.", - "title": "StartAngle", - "type": "number" - }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.RadarChartFieldWells": { - "additionalProperties": false, - "properties": { - "RadarChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a radar chart visual.", - "title": "RadarChartAggregatedFieldWells" + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" } }, "type": "object" }, - "AWS::QuickSight::Template.RadarChartSeriesSettings": { + "AWS::QuickSight::Template.TreeMapFieldWells": { "additionalProperties": false, "properties": { - "AreaStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartAreaStyleSettings", - "markdownDescription": "The area style settings of a radar chart.", - "title": "AreaStyleSettings" + "TreeMapAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.TreeMapAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a tree map.", + "title": "TreeMapAggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Template.RadarChartSortConfiguration": { + "AWS::QuickSight::Template.TreeMapSortConfiguration": { "additionalProperties": false, "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The category items limit for a radar chart.", - "title": "CategoryItemsLimit" - }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" - }, - "markdownDescription": "The category sort options of a radar chart.", - "title": "CategorySort", - "type": "array" - }, - "ColorItemsLimit": { + "TreeMapGroupItemsLimitConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The color items limit of a radar chart.", - "title": "ColorItemsLimit" + "markdownDescription": "The limit on the number of groups that are displayed.", + "title": "TreeMapGroupItemsLimitConfiguration" }, - "ColorSort": { + "TreeMapSort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" }, - "markdownDescription": "The color sort configuration of a radar chart.", - "title": "ColorSort", + "markdownDescription": "The sort configuration of group by fields.", + "title": "TreeMapSort", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.RadarChartVisual": { + "AWS::QuickSight::Template.TreeMapVisual": { "additionalProperties": false, "properties": { "Actions": { @@ -218853,7 +263548,7 @@ "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Template.TreeMapConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, @@ -218875,8 +263570,13 @@ "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", "title": "VisualId", "type": "string" } @@ -218886,455 +263586,531 @@ ], "type": "object" }, - "AWS::QuickSight::Template.RangeEndsLabelType": { + "AWS::QuickSight::Template.TrendArrowOptions": { "additionalProperties": false, "properties": { "Visibility": { - "markdownDescription": "The visibility of the range ends label.", + "markdownDescription": "The visibility of the trend arrows.", "title": "Visibility", - "type": "string" + "type": "object" } }, "type": "object" }, - "AWS::QuickSight::Template.ReferenceLine": { + "AWS::QuickSight::Template.UnaggregatedField": { "additionalProperties": false, "properties": { - "DataConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineDataConfiguration", - "markdownDescription": "The data configuration of the reference line.", - "title": "DataConfiguration" - }, - "LabelConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineLabelConfiguration", - "markdownDescription": "The label configuration of the reference line.", - "title": "LabelConfiguration" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that is used in the `UnaggregatedField` .", + "title": "Column" }, - "Status": { - "markdownDescription": "The status of the reference line. Choose one of the following options:\n\n- `ENABLE`\n- `DISABLE`", - "title": "Status", + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", "type": "string" }, - "StyleConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineStyleConfiguration", - "markdownDescription": "The style configuration of the reference line.", - "title": "StyleConfiguration" + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" } }, "required": [ - "DataConfiguration" + "Column", + "FieldId" ], "type": "object" }, - "AWS::QuickSight::Template.ReferenceLineCustomLabelConfiguration": { + "AWS::QuickSight::Template.UniqueValuesComputation": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The string text of the custom label.", - "title": "CustomLabel", + "Category": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", + "markdownDescription": "The category field that is used in a computation.", + "title": "Category" + }, + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", "type": "string" } }, "required": [ - "CustomLabel" + "ComputationId" ], "type": "object" }, - "AWS::QuickSight::Template.ReferenceLineDataConfiguration": { + "AWS::QuickSight::Template.ValidationStrategy": { "additionalProperties": false, "properties": { - "AxisBinding": { - "markdownDescription": "The axis binding type of the reference line. Choose one of the following options:\n\n- `PrimaryY`\n- `SecondaryY`", - "title": "AxisBinding", - "type": "string" - }, - "DynamicConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineDynamicDataConfiguration", - "markdownDescription": "The dynamic configuration of the reference line data configuration.", - "title": "DynamicConfiguration" - }, - "SeriesType": { - "markdownDescription": "The series type of the reference line data configuration. Choose one of the following options:\n\n- `BAR`\n- `LINE`", - "title": "SeriesType", + "Mode": { + "markdownDescription": "The mode of validation for the asset to be created or updated. When you set this value to `STRICT` , strict validation for every error is enforced. When you set this value to `LENIENT` , validation is skipped for specific UI errors.", + "title": "Mode", "type": "string" - }, - "StaticConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineStaticDataConfiguration", - "markdownDescription": "The static data configuration of the reference line data configuration.", - "title": "StaticConfiguration" } }, + "required": [ + "Mode" + ], "type": "object" }, - "AWS::QuickSight::Template.ReferenceLineDynamicDataConfiguration": { + "AWS::QuickSight::Template.VisibleRangeOptions": { "additionalProperties": false, "properties": { - "Calculation": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericalAggregationFunction", - "markdownDescription": "The calculation that is used in the dynamic data.", - "title": "Calculation" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that the dynamic data targets.", - "title": "Column" - }, - "MeasureAggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Template.AggregationFunction", - "markdownDescription": "The aggregation function that is used in the dynamic data.", - "title": "MeasureAggregationFunction" + "PercentRange": { + "$ref": "#/definitions/AWS::QuickSight::Template.PercentVisibleRange", + "markdownDescription": "The percent range in the visible range.", + "title": "PercentRange" } }, - "required": [ - "Calculation", - "Column" - ], "type": "object" }, - "AWS::QuickSight::Template.ReferenceLineLabelConfiguration": { + "AWS::QuickSight::Template.Visual": { "additionalProperties": false, "properties": { - "CustomLabelConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineCustomLabelConfiguration", - "markdownDescription": "The custom label configuration of the label in a reference line.", - "title": "CustomLabelConfiguration" + "BarChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.BarChartVisual", + "markdownDescription": "A bar chart.\n\nFor more information, see [Using bar charts](https://docs.aws.amazon.com/quicksight/latest/user/bar-charts.html) in the *Amazon QuickSight User Guide* .", + "title": "BarChartVisual" }, - "FontColor": { - "markdownDescription": "The font color configuration of the label in a reference line.", - "title": "FontColor", - "type": "string" + "BoxPlotVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotVisual", + "markdownDescription": "A box plot.\n\nFor more information, see [Using box plots](https://docs.aws.amazon.com/quicksight/latest/user/box-plots.html) in the *Amazon QuickSight User Guide* .", + "title": "BoxPlotVisual" }, - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", - "markdownDescription": "The font configuration of the label in a reference line.", - "title": "FontConfiguration" + "ComboChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.ComboChartVisual", + "markdownDescription": "A combo chart.\n\nFor more information, see [Using combo charts](https://docs.aws.amazon.com/quicksight/latest/user/combo-charts.html) in the *Amazon QuickSight User Guide* .", + "title": "ComboChartVisual" }, - "HorizontalPosition": { - "markdownDescription": "The horizontal position configuration of the label in a reference line. Choose one of the following options:\n\n- `LEFT`\n- `CENTER`\n- `RIGHT`", - "title": "HorizontalPosition", - "type": "string" + "CustomContentVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomContentVisual", + "markdownDescription": "A visual that contains custom content.\n\nFor more information, see [Using custom visual content](https://docs.aws.amazon.com/quicksight/latest/user/custom-visual-content.html) in the *Amazon QuickSight User Guide* .", + "title": "CustomContentVisual" }, - "ValueLabelConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineValueLabelConfiguration", - "markdownDescription": "The value label configuration of the label in a reference line.", - "title": "ValueLabelConfiguration" + "EmptyVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.EmptyVisual", + "markdownDescription": "An empty visual.", + "title": "EmptyVisual" }, - "VerticalPosition": { - "markdownDescription": "The vertical position configuration of the label in a reference line. Choose one of the following options:\n\n- `ABOVE`\n- `BELOW`", - "title": "VerticalPosition", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.ReferenceLineStaticDataConfiguration": { - "additionalProperties": false, - "properties": { - "Value": { - "markdownDescription": "The double input of the static data.", - "title": "Value", - "type": "number" + "FilledMapVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapVisual", + "markdownDescription": "A filled map.\n\nFor more information, see [Creating filled maps](https://docs.aws.amazon.com/quicksight/latest/user/filled-maps.html) in the *Amazon QuickSight User Guide* .", + "title": "FilledMapVisual" + }, + "FunnelChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.FunnelChartVisual", + "markdownDescription": "A funnel chart.\n\nFor more information, see [Using funnel charts](https://docs.aws.amazon.com/quicksight/latest/user/funnel-visual-content.html) in the *Amazon QuickSight User Guide* .", + "title": "FunnelChartVisual" + }, + "GaugeChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartVisual", + "markdownDescription": "A gauge chart.\n\nFor more information, see [Using gauge charts](https://docs.aws.amazon.com/quicksight/latest/user/gauge-chart.html) in the *Amazon QuickSight User Guide* .", + "title": "GaugeChartVisual" + }, + "GeospatialMapVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialMapVisual", + "markdownDescription": "A geospatial map or a points on map visual.\n\nFor more information, see [Creating point maps](https://docs.aws.amazon.com/quicksight/latest/user/point-maps.html) in the *Amazon QuickSight User Guide* .", + "title": "GeospatialMapVisual" + }, + "HeatMapVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.HeatMapVisual", + "markdownDescription": "A heat map.\n\nFor more information, see [Using heat maps](https://docs.aws.amazon.com/quicksight/latest/user/heat-map.html) in the *Amazon QuickSight User Guide* .", + "title": "HeatMapVisual" + }, + "HistogramVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.HistogramVisual", + "markdownDescription": "A histogram.\n\nFor more information, see [Using histograms](https://docs.aws.amazon.com/quicksight/latest/user/histogram-charts.html) in the *Amazon QuickSight User Guide* .", + "title": "HistogramVisual" + }, + "InsightVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.InsightVisual", + "markdownDescription": "An insight visual.\n\nFor more information, see [Working with insights](https://docs.aws.amazon.com/quicksight/latest/user/computational-insights.html) in the *Amazon QuickSight User Guide* .", + "title": "InsightVisual" + }, + "KPIVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPIVisual", + "markdownDescription": "A key performance indicator (KPI).\n\nFor more information, see [Using KPIs](https://docs.aws.amazon.com/quicksight/latest/user/kpi.html) in the *Amazon QuickSight User Guide* .", + "title": "KPIVisual" + }, + "LineChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineChartVisual", + "markdownDescription": "A line chart.\n\nFor more information, see [Using line charts](https://docs.aws.amazon.com/quicksight/latest/user/line-charts.html) in the *Amazon QuickSight User Guide* .", + "title": "LineChartVisual" + }, + "PieChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.PieChartVisual", + "markdownDescription": "A pie or donut chart.\n\nFor more information, see [Using pie charts](https://docs.aws.amazon.com/quicksight/latest/user/pie-chart.html) in the *Amazon QuickSight User Guide* .", + "title": "PieChartVisual" + }, + "PivotTableVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableVisual", + "markdownDescription": "A pivot table.\n\nFor more information, see [Using pivot tables](https://docs.aws.amazon.com/quicksight/latest/user/pivot-table.html) in the *Amazon QuickSight User Guide* .", + "title": "PivotTableVisual" + }, + "PluginVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.PluginVisual", + "markdownDescription": "The custom plugin visual type.", + "title": "PluginVisual" + }, + "RadarChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartVisual", + "markdownDescription": "A radar chart visual.\n\nFor more information, see [Using radar charts](https://docs.aws.amazon.com/quicksight/latest/user/radar-chart.html) in the *Amazon QuickSight User Guide* .", + "title": "RadarChartVisual" + }, + "SankeyDiagramVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.SankeyDiagramVisual", + "markdownDescription": "A sankey diagram.\n\nFor more information, see [Using Sankey diagrams](https://docs.aws.amazon.com/quicksight/latest/user/sankey-diagram.html) in the *Amazon QuickSight User Guide* .", + "title": "SankeyDiagramVisual" + }, + "ScatterPlotVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.ScatterPlotVisual", + "markdownDescription": "A scatter plot.\n\nFor more information, see [Using scatter plots](https://docs.aws.amazon.com/quicksight/latest/user/scatter-plot.html) in the *Amazon QuickSight User Guide* .", + "title": "ScatterPlotVisual" + }, + "TableVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableVisual", + "markdownDescription": "A table visual.\n\nFor more information, see [Using tables as visuals](https://docs.aws.amazon.com/quicksight/latest/user/tabular.html) in the *Amazon QuickSight User Guide* .", + "title": "TableVisual" + }, + "TreeMapVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.TreeMapVisual", + "markdownDescription": "A tree map.\n\nFor more information, see [Using tree maps](https://docs.aws.amazon.com/quicksight/latest/user/tree-map.html) in the *Amazon QuickSight User Guide* .", + "title": "TreeMapVisual" + }, + "WaterfallVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallVisual", + "markdownDescription": "A waterfall chart.\n\nFor more information, see [Using waterfall charts](https://docs.aws.amazon.com/quicksight/latest/user/waterfall-chart.html) in the *Amazon QuickSight User Guide* .", + "title": "WaterfallVisual" + }, + "WordCloudVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.WordCloudVisual", + "markdownDescription": "A word cloud.\n\nFor more information, see [Using word clouds](https://docs.aws.amazon.com/quicksight/latest/user/word-cloud.html) in the *Amazon QuickSight User Guide* .", + "title": "WordCloudVisual" } }, - "required": [ - "Value" - ], "type": "object" }, - "AWS::QuickSight::Template.ReferenceLineStyleConfiguration": { + "AWS::QuickSight::Template.VisualCustomAction": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The hex color of the reference line.", - "title": "Color", + "ActionOperations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomActionOperation" + }, + "markdownDescription": "A list of `VisualCustomActionOperations` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", + "title": "ActionOperations", + "type": "array" + }, + "CustomActionId": { + "markdownDescription": "The ID of the `VisualCustomAction` .", + "title": "CustomActionId", "type": "string" }, - "Pattern": { - "markdownDescription": "The pattern type of the line style. Choose one of the following options:\n\n- `SOLID`\n- `DASHED`\n- `DOTTED`", - "title": "Pattern", + "Name": { + "markdownDescription": "The name of the `VisualCustomAction` .", + "title": "Name", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.ReferenceLineValueLabelConfiguration": { - "additionalProperties": false, - "properties": { - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericFormatConfiguration", - "markdownDescription": "The format configuration of the value label.", - "title": "FormatConfiguration" }, - "RelativePosition": { - "markdownDescription": "The relative position of the value label. Choose one of the following options:\n\n- `BEFORE_CUSTOM_LABEL`\n- `AFTER_CUSTOM_LABEL`", - "title": "RelativePosition", + "Status": { + "markdownDescription": "The status of the `VisualCustomAction` .", + "title": "Status", + "type": "string" + }, + "Trigger": { + "markdownDescription": "The trigger of the `VisualCustomAction` .\n\nValid values are defined as follows:\n\n- `DATA_POINT_CLICK` : Initiates a custom action by a left pointer click on a data point.\n- `DATA_POINT_MENU` : Initiates a custom action by right pointer click from the menu.", + "title": "Trigger", "type": "string" } }, + "required": [ + "ActionOperations", + "CustomActionId", + "Name", + "Trigger" + ], "type": "object" }, - "AWS::QuickSight::Template.RelativeDateTimeControlDisplayOptions": { + "AWS::QuickSight::Template.VisualCustomActionOperation": { "additionalProperties": false, "properties": { - "DateTimeFormat": { - "markdownDescription": "Customize how dates are formatted in controls.", - "title": "DateTimeFormat", - "type": "string" + "FilterOperation": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomActionFilterOperation", + "markdownDescription": "The filter operation that filters data included in a visual or in an entire sheet.", + "title": "FilterOperation" }, - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" + "NavigationOperation": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomActionNavigationOperation", + "markdownDescription": "The navigation operation that navigates between different sheets in the same analysis.", + "title": "NavigationOperation" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" + "SetParametersOperation": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomActionSetParametersOperation", + "markdownDescription": "The set parameter operation that sets parameters in custom action.", + "title": "SetParametersOperation" + }, + "URLOperation": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomActionURLOperation", + "markdownDescription": "The URL operation that opens a link to another webpage.", + "title": "URLOperation" } }, "type": "object" }, - "AWS::QuickSight::Template.RelativeDatesFilter": { + "AWS::QuickSight::Template.VisualInteractionOptions": { "additionalProperties": false, "properties": { - "AnchorDateConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.AnchorDateConfiguration", - "markdownDescription": "The date configuration of the filter.", - "title": "AnchorDateConfiguration" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" - }, - "ExcludePeriodConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ExcludePeriodConfiguration", - "markdownDescription": "The configuration for the exclude period of the filter.", - "title": "ExcludePeriodConfiguration" - }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", - "type": "string" - }, - "MinimumGranularity": { - "markdownDescription": "The minimum granularity (period granularity) of the relative dates filter.", - "title": "MinimumGranularity", - "type": "string" - }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", - "type": "string" + "ContextMenuOption": { + "$ref": "#/definitions/AWS::QuickSight::Template.ContextMenuOption", + "markdownDescription": "The context menu options for a visual.", + "title": "ContextMenuOption" }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.", - "title": "ParameterName", - "type": "string" - }, - "RelativeDateType": { - "markdownDescription": "The range date type of the filter. Choose one of the options below:\n\n- `PREVIOUS`\n- `THIS`\n- `LAST`\n- `NOW`\n- `NEXT`", - "title": "RelativeDateType", - "type": "string" - }, - "RelativeDateValue": { - "markdownDescription": "The date value of the filter.", - "title": "RelativeDateValue", - "type": "number" - }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", - "type": "string" + "VisualMenuOption": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualMenuOption", + "markdownDescription": "The on-visual menu options for a visual.", + "title": "VisualMenuOption" } }, - "required": [ - "AnchorDateConfiguration", - "Column", - "FilterId", - "NullOption", - "RelativeDateType", - "TimeGranularity" - ], "type": "object" }, - "AWS::QuickSight::Template.ResourcePermission": { + "AWS::QuickSight::Template.VisualMenuOption": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "type": "string" - }, - "markdownDescription": "The IAM action to grant or revoke permissions on.", - "title": "Actions", - "type": "array" - }, - "Principal": { - "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", - "title": "Principal", + "AvailabilityStatus": { + "markdownDescription": "The availaiblity status of a visual's menu options.", + "title": "AvailabilityStatus", "type": "string" } }, - "required": [ - "Actions", - "Principal" - ], "type": "object" }, - "AWS::QuickSight::Template.RollingDateConfiguration": { + "AWS::QuickSight::Template.VisualPalette": { "additionalProperties": false, "properties": { - "DataSetIdentifier": { - "markdownDescription": "The data set that is used in the rolling date configuration.", - "title": "DataSetIdentifier", + "ChartColor": { + "markdownDescription": "The chart color options for the visual palette.", + "title": "ChartColor", "type": "string" }, - "Expression": { - "markdownDescription": "The expression of the rolling date configuration.", - "title": "Expression", - "type": "string" + "ColorMap": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataPathColor" + }, + "markdownDescription": "The color map options for the visual palette.", + "title": "ColorMap", + "type": "array" } }, - "required": [ - "Expression" - ], "type": "object" }, - "AWS::QuickSight::Template.RowAlternateColorOptions": { + "AWS::QuickSight::Template.VisualSubtitleLabelOptions": { "additionalProperties": false, "properties": { - "RowAlternateColors": { - "items": { - "type": "string" - }, - "markdownDescription": "Determines the list of row alternate colors.", - "title": "RowAlternateColors", - "type": "array" - }, - "Status": { - "markdownDescription": "Determines the widget status.", - "title": "Status", - "type": "string" + "FormatText": { + "$ref": "#/definitions/AWS::QuickSight::Template.LongFormatText", + "markdownDescription": "The long text format of the subtitle label, such as plain text or rich text.", + "title": "FormatText" }, - "UsePrimaryBackgroundColor": { - "markdownDescription": "The primary background color options for alternate rows.", - "title": "UsePrimaryBackgroundColor", - "type": "string" + "Visibility": { + "markdownDescription": "The visibility of the subtitle label.", + "title": "Visibility", + "type": "object" } }, "type": "object" }, - "AWS::QuickSight::Template.SameSheetTargetVisualConfiguration": { + "AWS::QuickSight::Template.VisualTitleLabelOptions": { "additionalProperties": false, "properties": { - "TargetVisualOptions": { - "markdownDescription": "The options that choose the target visual in the same sheet.\n\nValid values are defined as follows:\n\n- `ALL_VISUALS` : Applies the filter operation to all visuals in the same sheet.", - "title": "TargetVisualOptions", - "type": "string" + "FormatText": { + "$ref": "#/definitions/AWS::QuickSight::Template.ShortFormatText", + "markdownDescription": "The short text format of the title label, such as plain text or rich text.", + "title": "FormatText" }, - "TargetVisuals": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the target visual IDs that are located in the same sheet of the analysis.", - "title": "TargetVisuals", - "type": "array" + "Visibility": { + "markdownDescription": "The visibility of the title label.", + "title": "Visibility", + "type": "object" } }, "type": "object" }, - "AWS::QuickSight::Template.SankeyDiagramAggregatedFieldWells": { + "AWS::QuickSight::Template.WaterfallChartAggregatedFieldWells": { "additionalProperties": false, "properties": { - "Destination": { + "Breakdowns": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, - "markdownDescription": "The destination field wells of a sankey diagram.", - "title": "Destination", + "markdownDescription": "The breakdown field wells of a waterfall visual.", + "title": "Breakdowns", "type": "array" }, - "Source": { + "Categories": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, - "markdownDescription": "The source field wells of a sankey diagram.", - "title": "Source", + "markdownDescription": "The category field wells of a waterfall visual.", + "title": "Categories", "type": "array" }, - "Weight": { + "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" }, - "markdownDescription": "The weight field wells of a sankey diagram.", - "title": "Weight", + "markdownDescription": "The value field wells of a waterfall visual.", + "title": "Values", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.SankeyDiagramChartConfiguration": { + "AWS::QuickSight::Template.WaterfallChartColorConfiguration": { + "additionalProperties": false, + "properties": { + "GroupColorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallChartGroupColorConfiguration", + "markdownDescription": "The color configuration for individual groups within a waterfall visual.", + "title": "GroupColorConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.WaterfallChartConfiguration": { "additionalProperties": false, "properties": { + "CategoryAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the category axis.", + "title": "CategoryAxisDisplayOptions" + }, + "CategoryAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the category axis label.", + "title": "CategoryAxisLabelOptions" + }, + "ColorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallChartColorConfiguration", + "markdownDescription": "The color configuration of a waterfall visual.", + "title": "ColorConfiguration" + }, "DataLabels": { "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", - "markdownDescription": "The data label configuration of a sankey diagram.", + "markdownDescription": "The data label configuration of a waterfall visual.", "title": "DataLabels" }, "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.SankeyDiagramFieldWells", - "markdownDescription": "The field well configuration of a sankey diagram.", + "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallChartFieldWells", + "markdownDescription": "The field well configuration of a waterfall visual.", "title": "FieldWells" }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "markdownDescription": "The legend configuration of a waterfall visual.", + "title": "Legend" + }, + "PrimaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the y-axis.", + "title": "PrimaryYAxisDisplayOptions" + }, + "PrimaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the y-axis label.", + "title": "PrimaryYAxisLabelOptions" + }, "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.SankeyDiagramSortConfiguration", - "markdownDescription": "The sort configuration of a sankey diagram.", + "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallChartSortConfiguration", + "markdownDescription": "The sort configuration of a waterfall visual.", "title": "SortConfiguration" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "markdownDescription": "The visual palette configuration of a waterfall visual.", + "title": "VisualPalette" + }, + "WaterfallChartOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallChartOptions", + "markdownDescription": "The options that determine the presentation of a waterfall visual.", + "title": "WaterfallChartOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.SankeyDiagramFieldWells": { + "AWS::QuickSight::Template.WaterfallChartFieldWells": { "additionalProperties": false, "properties": { - "SankeyDiagramAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.SankeyDiagramAggregatedFieldWells", - "markdownDescription": "The field well configuration of a sankey diagram.", - "title": "SankeyDiagramAggregatedFieldWells" + "WaterfallChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallChartAggregatedFieldWells", + "markdownDescription": "The field well configuration of a waterfall visual.", + "title": "WaterfallChartAggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Template.SankeyDiagramSortConfiguration": { + "AWS::QuickSight::Template.WaterfallChartGroupColorConfiguration": { "additionalProperties": false, "properties": { - "DestinationItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of destination nodes that are displayed in a sankey diagram.", - "title": "DestinationItemsLimit" + "NegativeBarColor": { + "markdownDescription": "Defines the color for the negative bars of a waterfall chart.", + "title": "NegativeBarColor", + "type": "string" }, - "SourceItemsLimit": { + "PositiveBarColor": { + "markdownDescription": "Defines the color for the positive bars of a waterfall chart.", + "title": "PositiveBarColor", + "type": "string" + }, + "TotalBarColor": { + "markdownDescription": "Defines the color for the total bars of a waterfall chart.", + "title": "TotalBarColor", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.WaterfallChartOptions": { + "additionalProperties": false, + "properties": { + "TotalBarLabel": { + "markdownDescription": "This option determines the total bar label of a waterfall visual.", + "title": "TotalBarLabel", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.WaterfallChartSortConfiguration": { + "additionalProperties": false, + "properties": { + "BreakdownItemsLimit": { "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of source nodes that are displayed in a sankey diagram.", - "title": "SourceItemsLimit" + "markdownDescription": "The limit on the number of bar groups that are displayed.", + "title": "BreakdownItemsLimit" }, - "WeightSort": { + "CategorySort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" }, - "markdownDescription": "The sort configuration of the weight fields.", - "title": "WeightSort", + "markdownDescription": "The sort configuration of the category fields.", + "title": "CategorySort", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.SankeyDiagramVisual": { + "AWS::QuickSight::Template.WaterfallVisual": { "additionalProperties": false, "properties": { "Actions": { @@ -219346,10 +264122,18 @@ "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.SankeyDiagramChartConfiguration", - "markdownDescription": "The configuration of a sankey diagram.", + "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallChartConfiguration", + "markdownDescription": "The configuration for a waterfall visual.", "title": "ChartConfiguration" }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", @@ -219360,6 +264144,11 @@ "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", @@ -219371,166 +264160,172 @@ ], "type": "object" }, - "AWS::QuickSight::Template.ScatterPlotCategoricallyAggregatedFieldWells": { + "AWS::QuickSight::Template.WhatIfPointScenario": { "additionalProperties": false, "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The category field well of a scatter plot.", - "title": "Category", - "type": "array" + "Date": { + "markdownDescription": "The date that you need the forecast results for.", + "title": "Date", + "type": "string" }, - "Label": { + "Value": { + "markdownDescription": "The target value that you want to meet for the provided date.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "Date", + "Value" + ], + "type": "object" + }, + "AWS::QuickSight::Template.WhatIfRangeScenario": { + "additionalProperties": false, + "properties": { + "EndDate": { + "markdownDescription": "The end date in the date range that you need the forecast results for.", + "title": "EndDate", + "type": "string" + }, + "StartDate": { + "markdownDescription": "The start date in the date range that you need the forecast results for.", + "title": "StartDate", + "type": "string" + }, + "Value": { + "markdownDescription": "The target value that you want to meet for the provided date range.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "EndDate", + "StartDate", + "Value" + ], + "type": "object" + }, + "AWS::QuickSight::Template.WordCloudAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "GroupBy": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, - "markdownDescription": "The label field well of a scatter plot.", - "title": "Label", + "markdownDescription": "The group by field well of a word cloud. Values are grouped by group by fields.", + "title": "GroupBy", "type": "array" }, "Size": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" }, - "markdownDescription": "The size field well of a scatter plot.", + "markdownDescription": "The size field well of a word cloud. Values are aggregated based on group by fields.", "title": "Size", "type": "array" - }, - "XAxis": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" - }, - "markdownDescription": "The x-axis field well of a scatter plot.\n\nThe x-axis is aggregated by category.", - "title": "XAxis", - "type": "array" - }, - "YAxis": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" - }, - "markdownDescription": "The y-axis field well of a scatter plot.\n\nThe y-axis is aggregated by category.", - "title": "YAxis", - "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.ScatterPlotConfiguration": { + "AWS::QuickSight::Template.WordCloudChartConfiguration": { "additionalProperties": false, "properties": { - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.", - "title": "DataLabels" + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) for the word cloud category.", + "title": "CategoryLabelOptions" }, "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.ScatterPlotFieldWells", + "$ref": "#/definitions/AWS::QuickSight::Template.WordCloudFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" - }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Tooltip" - }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" - }, - "XAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, and axis step) of the scatter plot's x-axis.", - "title": "XAxisDisplayOptions" - }, - "XAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's x-axis.", - "title": "XAxisLabelOptions" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" }, - "YAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, and axis step) of the scatter plot's y-axis.", - "title": "YAxisDisplayOptions" + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.WordCloudSortConfiguration", + "markdownDescription": "The sort configuration of a word cloud visual.", + "title": "SortConfiguration" }, - "YAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's y-axis.", - "title": "YAxisLabelOptions" + "WordCloudOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.WordCloudOptions", + "markdownDescription": "The options for a word cloud visual.", + "title": "WordCloudOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.ScatterPlotFieldWells": { + "AWS::QuickSight::Template.WordCloudFieldWells": { "additionalProperties": false, "properties": { - "ScatterPlotCategoricallyAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.ScatterPlotCategoricallyAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a scatter plot. The x and y-axes of scatter plots with aggregated field wells are aggregated by category, label, or both.", - "title": "ScatterPlotCategoricallyAggregatedFieldWells" - }, - "ScatterPlotUnaggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.ScatterPlotUnaggregatedFieldWells", - "markdownDescription": "The unaggregated field wells of a scatter plot. The x and y-axes of these scatter plots are unaggregated.", - "title": "ScatterPlotUnaggregatedFieldWells" + "WordCloudAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.WordCloudAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a word cloud.", + "title": "WordCloudAggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Template.ScatterPlotUnaggregatedFieldWells": { + "AWS::QuickSight::Template.WordCloudOptions": { "additionalProperties": false, "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The category field well of a scatter plot.", - "title": "Category", - "type": "array" + "CloudLayout": { + "markdownDescription": "The cloud layout options (fluid, normal) of a word cloud.", + "title": "CloudLayout", + "type": "string" }, - "Label": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The label field well of a scatter plot.", - "title": "Label", - "type": "array" + "MaximumStringLength": { + "markdownDescription": "The length limit of each word from 1-100.", + "title": "MaximumStringLength", + "type": "number" }, - "Size": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" - }, - "markdownDescription": "The size field well of a scatter plot.", - "title": "Size", - "type": "array" + "WordCasing": { + "markdownDescription": "The word casing options (lower_case, existing_case) for the words in a word cloud.", + "title": "WordCasing", + "type": "string" }, - "XAxis": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The x-axis field well of a scatter plot.\n\nThe x-axis is a dimension field and cannot be aggregated.", - "title": "XAxis", - "type": "array" + "WordOrientation": { + "markdownDescription": "The word orientation options (horizontal, horizontal_and_vertical) for the words in a word cloud.", + "title": "WordOrientation", + "type": "string" }, - "YAxis": { + "WordPadding": { + "markdownDescription": "The word padding options (none, small, medium, large) for the words in a word cloud.", + "title": "WordPadding", + "type": "string" + }, + "WordScaling": { + "markdownDescription": "The word scaling options (emphasize, normal) for the words in a word cloud.", + "title": "WordScaling", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.WordCloudSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of groups that are displayed in a word cloud.", + "title": "CategoryItemsLimit" + }, + "CategorySort": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" }, - "markdownDescription": "The y-axis field well of a scatter plot.\n\nThe y-axis is a dimension field and cannot be aggregated.", - "title": "YAxis", + "markdownDescription": "The sort configuration of group by fields.", + "title": "CategorySort", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.ScatterPlotVisual": { + "AWS::QuickSight::Template.WordCloudVisual": { "additionalProperties": false, "properties": { "Actions": { @@ -219542,7 +264337,7 @@ "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ScatterPlotConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Template.WordCloudChartConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, @@ -219564,8 +264359,13 @@ "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", "title": "VisualId", "type": "string" } @@ -219575,2883 +264375,4772 @@ ], "type": "object" }, - "AWS::QuickSight::Template.ScrollBarOptions": { + "AWS::QuickSight::Template.YAxisOptions": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility of the data zoom scroll bar.", - "title": "Visibility", + "YAxis": { + "markdownDescription": "The Y axis type to be used in the chart.\n\nIf you choose `PRIMARY_Y_AXIS` , the primary Y Axis is located on the leftmost vertical axis of the chart.", + "title": "YAxis", "type": "string" - }, - "VisibleRange": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisibleRangeOptions", - "markdownDescription": "The visibility range for the data zoom scroll bar.", - "title": "VisibleRange" } }, + "required": [ + "YAxis" + ], "type": "object" }, - "AWS::QuickSight::Template.SecondaryValueOptions": { + "AWS::QuickSight::Theme": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "Determines the visibility of the secondary value.", - "title": "Visibility", + "Condition": { "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.SectionAfterPageBreak": { - "additionalProperties": false, - "properties": { - "Status": { - "markdownDescription": "The option that enables or disables a page break at the end of a section.", - "title": "Status", + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AwsAccountId": { + "markdownDescription": "The ID of the AWS account where you want to store the new theme.", + "title": "AwsAccountId", + "type": "string" + }, + "BaseThemeId": { + "markdownDescription": "The ID of the theme that a custom theme will inherit from. All themes inherit from one of the starting themes defined by Amazon QuickSight. For a list of the starting themes, use `ListThemes` or choose *Themes* from within an analysis.", + "title": "BaseThemeId", + "type": "string" + }, + "Configuration": { + "$ref": "#/definitions/AWS::QuickSight::Theme.ThemeConfiguration", + "markdownDescription": "The theme configuration, which contains the theme display properties.", + "title": "Configuration" + }, + "Name": { + "markdownDescription": "A display name for the theme.", + "title": "Name", + "type": "string" + }, + "Permissions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Theme.ResourcePermission" + }, + "markdownDescription": "A valid grouping of resource permissions to apply to the new theme.", + "title": "Permissions", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A map of the key-value pairs for the resource tag or tags that you want to add to the resource.", + "title": "Tags", + "type": "array" + }, + "ThemeId": { + "markdownDescription": "An ID for the theme that you want to create. The theme ID is unique per AWS Region in each AWS account.", + "title": "ThemeId", + "type": "string" + }, + "VersionDescription": { + "markdownDescription": "A description of the first version of the theme that you're creating. Every time `UpdateTheme` is called, a new version is created. Each version of the theme has a description of the version in the `VersionDescription` field.", + "title": "VersionDescription", + "type": "string" + } + }, + "required": [ + "AwsAccountId", + "BaseThemeId", + "Configuration", + "Name", + "ThemeId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QuickSight::Theme" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Template.SectionBasedLayoutCanvasSizeOptions": { + "AWS::QuickSight::Theme.BorderStyle": { "additionalProperties": false, "properties": { - "PaperCanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SectionBasedLayoutPaperCanvasSizeOptions", - "markdownDescription": "The options for a paper canvas of a section-based layout.", - "title": "PaperCanvasSizeOptions" + "Show": { + "markdownDescription": "The option to enable display of borders for visuals.", + "title": "Show", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Template.SectionBasedLayoutConfiguration": { + "AWS::QuickSight::Theme.DataColorPalette": { "additionalProperties": false, "properties": { - "BodySections": { + "Colors": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.BodySectionConfiguration" + "type": "string" }, - "markdownDescription": "A list of body section configurations.", - "title": "BodySections", + "markdownDescription": "The hexadecimal codes for the colors.", + "title": "Colors", "type": "array" }, - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SectionBasedLayoutCanvasSizeOptions", - "markdownDescription": "The options for the canvas of a section-based layout.", - "title": "CanvasSizeOptions" - }, - "FooterSections": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.HeaderFooterSectionConfiguration" - }, - "markdownDescription": "A list of footer section configurations.", - "title": "FooterSections", - "type": "array" + "EmptyFillColor": { + "markdownDescription": "The hexadecimal code of a color that applies to charts where a lack of data is highlighted.", + "title": "EmptyFillColor", + "type": "string" }, - "HeaderSections": { + "MinMaxGradient": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.HeaderFooterSectionConfiguration" + "type": "string" }, - "markdownDescription": "A list of header section configurations.", - "title": "HeaderSections", + "markdownDescription": "The minimum and maximum hexadecimal codes that describe a color gradient.", + "title": "MinMaxGradient", "type": "array" } }, - "required": [ - "BodySections", - "CanvasSizeOptions", - "FooterSections", - "HeaderSections" - ], "type": "object" }, - "AWS::QuickSight::Template.SectionBasedLayoutPaperCanvasSizeOptions": { + "AWS::QuickSight::Theme.Font": { "additionalProperties": false, "properties": { - "PaperMargin": { - "$ref": "#/definitions/AWS::QuickSight::Template.Spacing", - "markdownDescription": "Defines the spacing between the canvas content and the top, bottom, left, and right edges.", - "title": "PaperMargin" - }, - "PaperOrientation": { - "markdownDescription": "The paper orientation that is used to define canvas dimensions. Choose one of the following options:\n\n- PORTRAIT\n- LANDSCAPE", - "title": "PaperOrientation", - "type": "string" - }, - "PaperSize": { - "markdownDescription": "The paper size that is used to define canvas dimensions.", - "title": "PaperSize", + "FontFamily": { + "markdownDescription": "Determines the font family settings.", + "title": "FontFamily", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.SectionLayoutConfiguration": { - "additionalProperties": false, - "properties": { - "FreeFormLayout": { - "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormSectionLayoutConfiguration", - "markdownDescription": "The free-form layout configuration of a section.", - "title": "FreeFormLayout" - } - }, - "required": [ - "FreeFormLayout" - ], - "type": "object" - }, - "AWS::QuickSight::Template.SectionPageBreakConfiguration": { + "AWS::QuickSight::Theme.GutterStyle": { "additionalProperties": false, "properties": { - "After": { - "$ref": "#/definitions/AWS::QuickSight::Template.SectionAfterPageBreak", - "markdownDescription": "The configuration of a page break after a section.", - "title": "After" + "Show": { + "markdownDescription": "This Boolean value controls whether to display a gutter space between sheet tiles.", + "title": "Show", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Template.SectionStyle": { + "AWS::QuickSight::Theme.MarginStyle": { "additionalProperties": false, "properties": { - "Height": { - "markdownDescription": "The height of a section.\n\nHeights can only be defined for header and footer sections. The default height margin is 0.5 inches.", - "title": "Height", - "type": "string" - }, - "Padding": { - "$ref": "#/definitions/AWS::QuickSight::Template.Spacing", - "markdownDescription": "The spacing between section content and its top, bottom, left, and right edges.\n\nThere is no padding by default.", - "title": "Padding" + "Show": { + "markdownDescription": "This Boolean value controls whether to display sheet margins.", + "title": "Show", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Template.SelectedSheetsFilterScopeConfiguration": { + "AWS::QuickSight::Theme.ResourcePermission": { "additionalProperties": false, "properties": { - "SheetVisualScopingConfigurations": { + "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetVisualScopingConfiguration" + "type": "string" }, - "markdownDescription": "The sheet ID and visual IDs of the sheet and visuals that the filter is applied to.", - "title": "SheetVisualScopingConfigurations", + "markdownDescription": "The IAM action to grant or revoke permissions on.", + "title": "Actions", "type": "array" + }, + "Principal": { + "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", + "title": "Principal", + "type": "string" } }, + "required": [ + "Actions", + "Principal" + ], "type": "object" }, - "AWS::QuickSight::Template.SeriesItem": { + "AWS::QuickSight::Theme.SheetStyle": { "additionalProperties": false, "properties": { - "DataFieldSeriesItem": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataFieldSeriesItem", - "markdownDescription": "The data field series item configuration of a line chart.", - "title": "DataFieldSeriesItem" + "Tile": { + "$ref": "#/definitions/AWS::QuickSight::Theme.TileStyle", + "markdownDescription": "The display options for tiles.", + "title": "Tile" }, - "FieldSeriesItem": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSeriesItem", - "markdownDescription": "The field series item configuration of a line chart.", - "title": "FieldSeriesItem" + "TileLayout": { + "$ref": "#/definitions/AWS::QuickSight::Theme.TileLayoutStyle", + "markdownDescription": "The layout options for tiles.", + "title": "TileLayout" } }, "type": "object" }, - "AWS::QuickSight::Template.SetParameterValueConfiguration": { + "AWS::QuickSight::Theme.ThemeConfiguration": { "additionalProperties": false, "properties": { - "DestinationParameterName": { - "markdownDescription": "The destination parameter name of the `SetParameterValueConfiguration` .", - "title": "DestinationParameterName", - "type": "string" + "DataColorPalette": { + "$ref": "#/definitions/AWS::QuickSight::Theme.DataColorPalette", + "markdownDescription": "Color properties that apply to chart data colors.", + "title": "DataColorPalette" }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Template.DestinationParameterValueConfiguration", - "markdownDescription": "", - "title": "Value" + "Sheet": { + "$ref": "#/definitions/AWS::QuickSight::Theme.SheetStyle", + "markdownDescription": "Display options related to sheets.", + "title": "Sheet" + }, + "Typography": { + "$ref": "#/definitions/AWS::QuickSight::Theme.Typography", + "markdownDescription": "Determines the typography options.", + "title": "Typography" + }, + "UIColorPalette": { + "$ref": "#/definitions/AWS::QuickSight::Theme.UIColorPalette", + "markdownDescription": "Color properties that apply to the UI and to charts, excluding the colors that apply to data.", + "title": "UIColorPalette" } }, - "required": [ - "DestinationParameterName", - "Value" - ], "type": "object" }, - "AWS::QuickSight::Template.ShapeConditionalFormat": { + "AWS::QuickSight::Theme.ThemeError": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting for the shape background color of a filled map visual.", - "title": "BackgroundColor" + "Message": { + "markdownDescription": "The error message.", + "title": "Message", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of error.", + "title": "Type", + "type": "string" } }, - "required": [ - "BackgroundColor" - ], "type": "object" }, - "AWS::QuickSight::Template.Sheet": { + "AWS::QuickSight::Theme.ThemeVersion": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of a sheet. This name is displayed on the sheet's tab in the Amazon QuickSight console.", - "title": "Name", + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", + "title": "Arn", "type": "string" }, - "SheetId": { - "markdownDescription": "The unique identifier associated with a sheet.", - "title": "SheetId", + "BaseThemeId": { + "markdownDescription": "The Amazon QuickSight-defined ID of the theme that a custom theme inherits from. All themes initially inherit from a default Amazon QuickSight theme.", + "title": "BaseThemeId", + "type": "string" + }, + "Configuration": { + "$ref": "#/definitions/AWS::QuickSight::Theme.ThemeConfiguration", + "markdownDescription": "The theme configuration, which contains all the theme display properties.", + "title": "Configuration" + }, + "CreatedTime": { + "markdownDescription": "The date and time that this theme version was created.", + "title": "CreatedTime", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the theme.", + "title": "Description", + "type": "string" + }, + "Errors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Theme.ThemeError" + }, + "markdownDescription": "Errors associated with the theme.", + "title": "Errors", + "type": "array" + }, + "Status": { + "markdownDescription": "The status of the theme version.", + "title": "Status", "type": "string" + }, + "VersionNumber": { + "markdownDescription": "The version number of the theme.", + "title": "VersionNumber", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Template.SheetControlInfoIconLabelOptions": { + "AWS::QuickSight::Theme.TileLayoutStyle": { "additionalProperties": false, "properties": { - "InfoIconText": { - "markdownDescription": "The text content of info icon.", - "title": "InfoIconText", - "type": "string" + "Gutter": { + "$ref": "#/definitions/AWS::QuickSight::Theme.GutterStyle", + "markdownDescription": "The gutter settings that apply between tiles.", + "title": "Gutter" }, - "Visibility": { - "markdownDescription": "The visibility configuration of info icon label options.", - "title": "Visibility", - "type": "string" + "Margin": { + "$ref": "#/definitions/AWS::QuickSight::Theme.MarginStyle", + "markdownDescription": "The margin settings that apply around the outside edge of sheets.", + "title": "Margin" } }, "type": "object" }, - "AWS::QuickSight::Template.SheetControlLayout": { + "AWS::QuickSight::Theme.TileStyle": { "additionalProperties": false, "properties": { - "Configuration": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlLayoutConfiguration", - "markdownDescription": "The configuration that determines the elements and canvas size options of sheet control.", - "title": "Configuration" + "Border": { + "$ref": "#/definitions/AWS::QuickSight::Theme.BorderStyle", + "markdownDescription": "The border around a tile.", + "title": "Border" } }, - "required": [ - "Configuration" - ], "type": "object" }, - "AWS::QuickSight::Template.SheetControlLayoutConfiguration": { + "AWS::QuickSight::Theme.Typography": { "additionalProperties": false, "properties": { - "GridLayout": { - "$ref": "#/definitions/AWS::QuickSight::Template.GridLayoutConfiguration", - "markdownDescription": "The configuration that determines the elements and canvas size options of sheet control.", - "title": "GridLayout" + "FontFamilies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Theme.Font" + }, + "markdownDescription": "Determines the list of font families.", + "title": "FontFamilies", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.SheetDefinition": { + "AWS::QuickSight::Theme.UIColorPalette": { "additionalProperties": false, "properties": { - "ContentType": { - "markdownDescription": "The layout content type of the sheet. Choose one of the following options:\n\n- `PAGINATED` : Creates a sheet for a paginated report.\n- `INTERACTIVE` : Creates a sheet for an interactive dashboard.", - "title": "ContentType", + "Accent": { + "markdownDescription": "This color is that applies to selected states and buttons.", + "title": "Accent", "type": "string" }, - "Description": { - "markdownDescription": "A description of the sheet.", - "title": "Description", + "AccentForeground": { + "markdownDescription": "The foreground color that applies to any text or other elements that appear over the accent color.", + "title": "AccentForeground", "type": "string" }, - "FilterControls": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterControl" - }, - "markdownDescription": "The list of filter controls that are on a sheet.\n\nFor more information, see [Adding filter controls to analysis sheets](https://docs.aws.amazon.com/quicksight/latest/user/filter-controls.html) in the *Amazon QuickSight User Guide* .", - "title": "FilterControls", - "type": "array" + "Danger": { + "markdownDescription": "The color that applies to error messages.", + "title": "Danger", + "type": "string" }, - "Layouts": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.Layout" - }, - "markdownDescription": "Layouts define how the components of a sheet are arranged.\n\nFor more information, see [Types of layout](https://docs.aws.amazon.com/quicksight/latest/user/types-of-layout.html) in the *Amazon QuickSight User Guide* .", - "title": "Layouts", - "type": "array" + "DangerForeground": { + "markdownDescription": "The foreground color that applies to any text or other elements that appear over the error color.", + "title": "DangerForeground", + "type": "string" }, - "Name": { - "markdownDescription": "The name of the sheet. This name is displayed on the sheet's tab in the Amazon QuickSight console.", - "title": "Name", + "Dimension": { + "markdownDescription": "The color that applies to the names of fields that are identified as dimensions.", + "title": "Dimension", "type": "string" }, - "ParameterControls": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ParameterControl" - }, - "markdownDescription": "The list of parameter controls that are on a sheet.\n\nFor more information, see [Using a Control with a Parameter in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-controls.html) in the *Amazon QuickSight User Guide* .", - "title": "ParameterControls", - "type": "array" + "DimensionForeground": { + "markdownDescription": "The foreground color that applies to any text or other elements that appear over the dimension color.", + "title": "DimensionForeground", + "type": "string" }, - "SheetControlLayouts": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlLayout" + "Measure": { + "markdownDescription": "The color that applies to the names of fields that are identified as measures.", + "title": "Measure", + "type": "string" + }, + "MeasureForeground": { + "markdownDescription": "The foreground color that applies to any text or other elements that appear over the measure color.", + "title": "MeasureForeground", + "type": "string" + }, + "PrimaryBackground": { + "markdownDescription": "The background color that applies to visuals and other high emphasis UI.", + "title": "PrimaryBackground", + "type": "string" + }, + "PrimaryForeground": { + "markdownDescription": "The color of text and other foreground elements that appear over the primary background regions, such as grid lines, borders, table banding, icons, and so on.", + "title": "PrimaryForeground", + "type": "string" + }, + "SecondaryBackground": { + "markdownDescription": "The background color that applies to the sheet background and sheet controls.", + "title": "SecondaryBackground", + "type": "string" + }, + "SecondaryForeground": { + "markdownDescription": "The foreground color that applies to any sheet title, sheet control text, or UI that appears over the secondary background.", + "title": "SecondaryForeground", + "type": "string" + }, + "Success": { + "markdownDescription": "The color that applies to success messages, for example the check mark for a successful download.", + "title": "Success", + "type": "string" + }, + "SuccessForeground": { + "markdownDescription": "The foreground color that applies to any text or other elements that appear over the success color.", + "title": "SuccessForeground", + "type": "string" + }, + "Warning": { + "markdownDescription": "This color that applies to warning and informational messages.", + "title": "Warning", + "type": "string" + }, + "WarningForeground": { + "markdownDescription": "The foreground color that applies to any text or other elements that appear over the warning color.", + "title": "WarningForeground", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AwsAccountId": { + "markdownDescription": "The ID of the AWS account that you want to create a topic in.", + "title": "AwsAccountId", + "type": "string" + }, + "ConfigOptions": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicConfigOptions", + "markdownDescription": "Configuration options for a `Topic` .", + "title": "ConfigOptions" + }, + "DataSets": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Topic.DatasetMetadata" + }, + "markdownDescription": "The data sets that the topic is associated with.", + "title": "DataSets", + "type": "array" + }, + "Description": { + "markdownDescription": "The description of the topic.", + "title": "Description", + "type": "string" + }, + "FolderArns": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "FolderArns", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the topic.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + }, + "TopicId": { + "markdownDescription": "The ID for the topic. This ID is unique per AWS Region for each AWS account.", + "title": "TopicId", + "type": "string" + }, + "UserExperienceVersion": { + "markdownDescription": "The user experience version of the topic.", + "title": "UserExperienceVersion", + "type": "string" + } }, - "markdownDescription": "The control layouts of the sheet.", - "title": "SheetControlLayouts", - "type": "array" + "type": "object" }, - "SheetId": { - "markdownDescription": "The unique identifier of a sheet.", - "title": "SheetId", + "Type": { + "enum": [ + "AWS::QuickSight::Topic" + ], "type": "string" }, - "TextBoxes": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetTextBox" - }, - "markdownDescription": "The text boxes that are on a sheet.", - "title": "TextBoxes", - "type": "array" - }, - "Title": { - "markdownDescription": "The title of the sheet.", - "title": "Title", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::QuickSight::Topic.CellValueSynonym": { + "additionalProperties": false, + "properties": { + "CellValue": { + "markdownDescription": "The cell value.", + "title": "CellValue", "type": "string" }, - "Visuals": { + "Synonyms": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.Visual" + "type": "string" }, - "markdownDescription": "A list of the visuals that are on a sheet. Visual placement is determined by the layout of the sheet.", - "title": "Visuals", + "markdownDescription": "Other names or aliases for the cell value.", + "title": "Synonyms", "type": "array" } }, - "required": [ - "SheetId" - ], "type": "object" }, - "AWS::QuickSight::Template.SheetElementConfigurationOverrides": { + "AWS::QuickSight::Topic.CollectiveConstant": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "Determines whether or not the overrides are visible. Choose one of the following options:\n\n- `VISIBLE`\n- `HIDDEN`", - "title": "Visibility", - "type": "string" + "ValueList": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of values for the collective constant.", + "title": "ValueList", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.SheetElementRenderingRule": { + "AWS::QuickSight::Topic.ComparativeOrder": { "additionalProperties": false, "properties": { - "ConfigurationOverrides": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetElementConfigurationOverrides", - "markdownDescription": "The override configuration of the rendering rules of a sheet.", - "title": "ConfigurationOverrides" + "SpecifedOrder": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of columns to be used in the ordering.", + "title": "SpecifedOrder", + "type": "array" }, - "Expression": { - "markdownDescription": "The expression of the rendering rules of a sheet.", - "title": "Expression", + "TreatUndefinedSpecifiedValues": { + "markdownDescription": "The treat of undefined specified values. Valid values for this structure are `LEAST` and `MOST` .", + "title": "TreatUndefinedSpecifiedValues", + "type": "string" + }, + "UseOrdering": { + "markdownDescription": "The ordering type for a column. Valid values for this structure are `GREATER_IS_BETTER` , `LESSER_IS_BETTER` and `SPECIFIED` .", + "title": "UseOrdering", "type": "string" } }, - "required": [ - "ConfigurationOverrides", - "Expression" - ], "type": "object" }, - "AWS::QuickSight::Template.SheetTextBox": { + "AWS::QuickSight::Topic.DataAggregation": { "additionalProperties": false, "properties": { - "Content": { - "markdownDescription": "The content that is displayed in the text box.", - "title": "Content", + "DatasetRowDateGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "DatasetRowDateGranularity", "type": "string" }, - "SheetTextBoxId": { - "markdownDescription": "The unique identifier for a text box. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have text boxes that share identifiers.", - "title": "SheetTextBoxId", + "DefaultDateColumnName": { + "markdownDescription": "The column name for the default date.", + "title": "DefaultDateColumnName", "type": "string" } }, - "required": [ - "SheetTextBoxId" - ], "type": "object" }, - "AWS::QuickSight::Template.SheetVisualScopingConfiguration": { + "AWS::QuickSight::Topic.DatasetMetadata": { "additionalProperties": false, "properties": { - "Scope": { - "markdownDescription": "The scope of the applied entities. Choose one of the following options:\n\n- `ALL_VISUALS`\n- `SELECTED_VISUALS`", - "title": "Scope", + "CalculatedFields": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicCalculatedField" + }, + "markdownDescription": "The list of calculated field definitions.", + "title": "CalculatedFields", + "type": "array" + }, + "Columns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicColumn" + }, + "markdownDescription": "The list of column definitions.", + "title": "Columns", + "type": "array" + }, + "DataAggregation": { + "$ref": "#/definitions/AWS::QuickSight::Topic.DataAggregation", + "markdownDescription": "The definition of a data aggregation.", + "title": "DataAggregation" + }, + "DatasetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the dataset.", + "title": "DatasetArn", "type": "string" }, - "SheetId": { - "markdownDescription": "The selected sheet that the filter is applied to.", - "title": "SheetId", + "DatasetDescription": { + "markdownDescription": "The description of the dataset.", + "title": "DatasetDescription", "type": "string" }, - "VisualIds": { + "DatasetName": { + "markdownDescription": "The name of the dataset.", + "title": "DatasetName", + "type": "string" + }, + "Filters": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicFilter" }, - "markdownDescription": "The selected visuals that the filter is applied to.", - "title": "VisualIds", + "markdownDescription": "The list of filter definitions.", + "title": "Filters", + "type": "array" + }, + "NamedEntities": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicNamedEntity" + }, + "markdownDescription": "The list of named entities definitions.", + "title": "NamedEntities", "type": "array" } }, "required": [ - "Scope", - "SheetId" + "DatasetArn" ], "type": "object" }, - "AWS::QuickSight::Template.ShortFormatText": { + "AWS::QuickSight::Topic.DefaultFormatting": { "additionalProperties": false, "properties": { - "PlainText": { - "markdownDescription": "Plain text format.", - "title": "PlainText", + "DisplayFormat": { + "markdownDescription": "The display format. Valid values for this structure are `AUTO` , `PERCENT` , `CURRENCY` , `NUMBER` , `DATE` , and `STRING` .", + "title": "DisplayFormat", "type": "string" }, - "RichText": { - "markdownDescription": "Rich text. Examples of rich text include bold, underline, and italics.", - "title": "RichText", - "type": "string" + "DisplayFormatOptions": { + "$ref": "#/definitions/AWS::QuickSight::Topic.DisplayFormatOptions", + "markdownDescription": "The additional options for display formatting.", + "title": "DisplayFormatOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.SimpleClusterMarker": { + "AWS::QuickSight::Topic.DisplayFormatOptions": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The color of the simple cluster marker.", - "title": "Color", + "BlankCellFormat": { + "markdownDescription": "Determines the blank cell format.", + "title": "BlankCellFormat", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.SliderControlDisplayOptions": { - "additionalProperties": false, - "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.SmallMultiplesAxisProperties": { - "additionalProperties": false, - "properties": { - "Placement": { - "markdownDescription": "Defines the placement of the axis. By default, axes are rendered `OUTSIDE` of the panels. Axes with `INDEPENDENT` scale are rendered `INSIDE` the panels.", - "title": "Placement", + "CurrencySymbol": { + "markdownDescription": "The currency symbol, such as `USD` .", + "title": "CurrencySymbol", "type": "string" }, - "Scale": { - "markdownDescription": "Determines whether scale of the axes are shared or independent. The default value is `SHARED` .", - "title": "Scale", + "DateFormat": { + "markdownDescription": "Determines the `DateTime` format.", + "title": "DateFormat", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.SmallMultiplesOptions": { - "additionalProperties": false, - "properties": { - "MaxVisibleColumns": { - "markdownDescription": "Sets the maximum number of visible columns to display in the grid of small multiples panels.\n\nThe default is `Auto` , which automatically adjusts the columns in the grid to fit the overall layout and size of the given chart.", - "title": "MaxVisibleColumns", - "type": "number" }, - "MaxVisibleRows": { - "markdownDescription": "Sets the maximum number of visible rows to display in the grid of small multiples panels.\n\nThe default value is `Auto` , which automatically adjusts the rows in the grid to fit the overall layout and size of the given chart.", - "title": "MaxVisibleRows", + "DecimalSeparator": { + "markdownDescription": "Determines the decimal separator.", + "title": "DecimalSeparator", + "type": "string" + }, + "FractionDigits": { + "markdownDescription": "Determines the number of fraction digits.", + "title": "FractionDigits", "type": "number" }, - "PanelConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.PanelConfiguration", - "markdownDescription": "Configures the display options for each small multiples panel.", - "title": "PanelConfiguration" + "GroupingSeparator": { + "markdownDescription": "Determines the grouping separator.", + "title": "GroupingSeparator", + "type": "string" }, - "XAxis": { - "$ref": "#/definitions/AWS::QuickSight::Template.SmallMultiplesAxisProperties", - "markdownDescription": "The properties of a small multiples X axis.", - "title": "XAxis" + "NegativeFormat": { + "$ref": "#/definitions/AWS::QuickSight::Topic.NegativeFormat", + "markdownDescription": "The negative format.", + "title": "NegativeFormat" }, - "YAxis": { - "$ref": "#/definitions/AWS::QuickSight::Template.SmallMultiplesAxisProperties", - "markdownDescription": "The properties of a small multiples Y axis.", - "title": "YAxis" + "Prefix": { + "markdownDescription": "The prefix value for a display format.", + "title": "Prefix", + "type": "string" + }, + "Suffix": { + "markdownDescription": "The suffix value for a display format.", + "title": "Suffix", + "type": "string" + }, + "UnitScaler": { + "markdownDescription": "The unit scaler. Valid values for this structure are: `NONE` , `AUTO` , `THOUSANDS` , `MILLIONS` , `BILLIONS` , and `TRILLIONS` .", + "title": "UnitScaler", + "type": "string" + }, + "UseBlankCellFormat": { + "markdownDescription": "A Boolean value that indicates whether to use blank cell format.", + "title": "UseBlankCellFormat", + "type": "boolean" + }, + "UseGrouping": { + "markdownDescription": "A Boolean value that indicates whether to use grouping.", + "title": "UseGrouping", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Template.Spacing": { + "AWS::QuickSight::Topic.NamedEntityDefinition": { "additionalProperties": false, "properties": { - "Bottom": { - "markdownDescription": "Define the bottom spacing.", - "title": "Bottom", + "FieldName": { + "markdownDescription": "The name of the entity.", + "title": "FieldName", "type": "string" }, - "Left": { - "markdownDescription": "Define the left spacing.", - "title": "Left", + "Metric": { + "$ref": "#/definitions/AWS::QuickSight::Topic.NamedEntityDefinitionMetric", + "markdownDescription": "The definition of a metric.", + "title": "Metric" + }, + "PropertyName": { + "markdownDescription": "The property name to be used for the named entity.", + "title": "PropertyName", "type": "string" }, - "Right": { - "markdownDescription": "Define the right spacing.", - "title": "Right", + "PropertyRole": { + "markdownDescription": "The property role. Valid values for this structure are `PRIMARY` and `ID` .", + "title": "PropertyRole", "type": "string" }, - "Top": { - "markdownDescription": "Define the top spacing.", - "title": "Top", + "PropertyUsage": { + "markdownDescription": "The property usage. Valid values for this structure are `INHERIT` , `DIMENSION` , and `MEASURE` .", + "title": "PropertyUsage", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.StringDefaultValues": { + "AWS::QuickSight::Topic.NamedEntityDefinitionMetric": { "additionalProperties": false, "properties": { - "DynamicValue": { - "$ref": "#/definitions/AWS::QuickSight::Template.DynamicDefaultValue", - "markdownDescription": "The dynamic value of the `StringDefaultValues` . Different defaults displayed according to users, groups, and values mapping.", - "title": "DynamicValue" + "Aggregation": { + "markdownDescription": "The aggregation of a named entity. Valid values for this structure are `SUM` , `MIN` , `MAX` , `COUNT` , `AVERAGE` , `DISTINCT_COUNT` , `STDEV` , `STDEVP` , `VAR` , `VARP` , `PERCENTILE` , `MEDIAN` , and `CUSTOM` .", + "title": "Aggregation", + "type": "string" }, - "StaticValues": { - "items": { - "type": "string" + "AggregationFunctionParameters": { + "additionalProperties": true, + "markdownDescription": "The additional parameters for an aggregation function.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "The static values of the `DecimalDefaultValues` .", - "title": "StaticValues", - "type": "array" + "title": "AggregationFunctionParameters", + "type": "object" } }, "type": "object" }, - "AWS::QuickSight::Template.StringFormatConfiguration": { + "AWS::QuickSight::Topic.NegativeFormat": { "additionalProperties": false, "properties": { - "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NullValueFormatConfiguration", - "markdownDescription": "The options that determine the null value format configuration.", - "title": "NullValueFormatConfiguration" + "Prefix": { + "markdownDescription": "The prefix for a negative format.", + "title": "Prefix", + "type": "string" }, - "NumericFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericFormatConfiguration", - "markdownDescription": "The formatting configuration for numeric strings.", - "title": "NumericFormatConfiguration" + "Suffix": { + "markdownDescription": "The suffix for a negative format.", + "title": "Suffix", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.StringParameterDeclaration": { + "AWS::QuickSight::Topic.RangeConstant": { "additionalProperties": false, "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::Template.StringDefaultValues", - "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", - "title": "DefaultValues" - }, - "MappedDataSetParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MappedDataSetParameter" - }, - "markdownDescription": "", - "title": "MappedDataSetParameters", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the parameter that is being declared.", - "title": "Name", + "Maximum": { + "markdownDescription": "The maximum value for a range constant.", + "title": "Maximum", "type": "string" }, - "ParameterValueType": { - "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", - "title": "ParameterValueType", + "Minimum": { + "markdownDescription": "The minimum value for a range constant.", + "title": "Minimum", "type": "string" - }, - "ValueWhenUnset": { - "$ref": "#/definitions/AWS::QuickSight::Template.StringValueWhenUnsetConfiguration", - "markdownDescription": "The configuration that defines the default value of a `String` parameter when a value has not been set.", - "title": "ValueWhenUnset" } }, - "required": [ - "Name", - "ParameterValueType" - ], "type": "object" }, - "AWS::QuickSight::Template.StringValueWhenUnsetConfiguration": { + "AWS::QuickSight::Topic.SemanticEntityType": { "additionalProperties": false, "properties": { - "CustomValue": { - "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", - "title": "CustomValue", + "SubTypeName": { + "markdownDescription": "The semantic entity sub type name.", + "title": "SubTypeName", "type": "string" }, - "ValueWhenUnsetOption": { - "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", - "title": "ValueWhenUnsetOption", + "TypeName": { + "markdownDescription": "The semantic entity type name.", + "title": "TypeName", "type": "string" + }, + "TypeParameters": { + "additionalProperties": true, + "markdownDescription": "The semantic entity type parameters.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "TypeParameters", + "type": "object" } }, "type": "object" }, - "AWS::QuickSight::Template.SubtotalOptions": { + "AWS::QuickSight::Topic.SemanticType": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label string for the subtotal cells.", - "title": "CustomLabel", - "type": "string" - }, - "FieldLevel": { - "markdownDescription": "The field level (all, custom, last) for the subtotal cells.", - "title": "FieldLevel", + "FalseyCellValue": { + "markdownDescription": "The semantic type falsey cell value.", + "title": "FalseyCellValue", "type": "string" }, - "FieldLevelOptions": { + "FalseyCellValueSynonyms": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableFieldSubtotalOptions" + "type": "string" }, - "markdownDescription": "The optional configuration of subtotal cells.", - "title": "FieldLevelOptions", + "markdownDescription": "The other names or aliases for the false cell value.", + "title": "FalseyCellValueSynonyms", "type": "array" }, - "MetricHeaderCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", - "markdownDescription": "The cell styling options for the subtotals of header cells.", - "title": "MetricHeaderCellStyle" + "SubTypeName": { + "markdownDescription": "The semantic type sub type name.", + "title": "SubTypeName", + "type": "string" }, - "StyleTargets": { + "TruthyCellValue": { + "markdownDescription": "The semantic type truthy cell value.", + "title": "TruthyCellValue", + "type": "string" + }, + "TruthyCellValueSynonyms": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableStyleTarget" + "type": "string" }, - "markdownDescription": "The style targets options for subtotals.", - "title": "StyleTargets", + "markdownDescription": "The other names or aliases for the true cell value.", + "title": "TruthyCellValueSynonyms", "type": "array" }, - "TotalCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", - "markdownDescription": "The cell styling options for the subtotal cells.", - "title": "TotalCellStyle" - }, - "TotalsVisibility": { - "markdownDescription": "The visibility configuration for the subtotal cells.", - "title": "TotalsVisibility", + "TypeName": { + "markdownDescription": "The semantic type name.", + "title": "TypeName", "type": "string" }, - "ValueCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", - "markdownDescription": "The cell styling options for the subtotals of value cells.", - "title": "ValueCellStyle" + "TypeParameters": { + "additionalProperties": true, + "markdownDescription": "The semantic type parameters.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "TypeParameters", + "type": "object" } }, "type": "object" }, - "AWS::QuickSight::Template.TableAggregatedFieldWells": { + "AWS::QuickSight::Topic.TopicCalculatedField": { "additionalProperties": false, "properties": { - "GroupBy": { + "Aggregation": { + "markdownDescription": "The default aggregation. Valid values for this structure are `SUM` , `MAX` , `MIN` , `COUNT` , `DISTINCT_COUNT` , and `AVERAGE` .", + "title": "Aggregation", + "type": "string" + }, + "AllowedAggregations": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "type": "string" }, - "markdownDescription": "The group by field well for a pivot table. Values are grouped by group by fields.", - "title": "GroupBy", + "markdownDescription": "The list of aggregation types that are allowed for the calculated field. Valid values for this structure are `COUNT` , `DISTINCT_COUNT` , `MIN` , `MAX` , `MEDIAN` , `SUM` , `AVERAGE` , `STDEV` , `STDEVP` , `VAR` , `VARP` , and `PERCENTILE` .", + "title": "AllowedAggregations", "type": "array" }, - "Values": { + "CalculatedFieldDescription": { + "markdownDescription": "The calculated field description.", + "title": "CalculatedFieldDescription", + "type": "string" + }, + "CalculatedFieldName": { + "markdownDescription": "The calculated field name.", + "title": "CalculatedFieldName", + "type": "string" + }, + "CalculatedFieldSynonyms": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "type": "string" }, - "markdownDescription": "The values field well for a pivot table. Values are aggregated based on group by fields.", - "title": "Values", + "markdownDescription": "The other names or aliases for the calculated field.", + "title": "CalculatedFieldSynonyms", "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.TableBorderOptions": { - "additionalProperties": false, - "properties": { - "Color": { - "markdownDescription": "The color of a table border.", - "title": "Color", + }, + "CellValueSynonyms": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Topic.CellValueSynonym" + }, + "markdownDescription": "The other names or aliases for the calculated field cell value.", + "title": "CellValueSynonyms", + "type": "array" + }, + "ColumnDataRole": { + "markdownDescription": "The column data role for a calculated field. Valid values for this structure are `DIMENSION` and `MEASURE` .", + "title": "ColumnDataRole", "type": "string" }, - "Style": { - "markdownDescription": "The style (none, solid) of a table border.", - "title": "Style", + "ComparativeOrder": { + "$ref": "#/definitions/AWS::QuickSight::Topic.ComparativeOrder", + "markdownDescription": "The order in which data is displayed for the calculated field when it's used in a comparative context.", + "title": "ComparativeOrder" + }, + "DefaultFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Topic.DefaultFormatting", + "markdownDescription": "The default formatting definition.", + "title": "DefaultFormatting" + }, + "DisableIndexing": { + "markdownDescription": "A Boolean value that indicates if a calculated field is visible in the autocomplete.", + "title": "DisableIndexing", + "type": "boolean" + }, + "Expression": { + "markdownDescription": "The calculated field expression.", + "title": "Expression", "type": "string" }, - "Thickness": { - "markdownDescription": "The thickness of a table border.", - "title": "Thickness", - "type": "number" + "IsIncludedInTopic": { + "markdownDescription": "A boolean value that indicates if a calculated field is included in the topic.", + "title": "IsIncludedInTopic", + "type": "boolean" + }, + "NeverAggregateInFilter": { + "markdownDescription": "A Boolean value that indicates whether to never aggregate calculated field in filters.", + "title": "NeverAggregateInFilter", + "type": "boolean" + }, + "NonAdditive": { + "markdownDescription": "The non additive for the table style target.", + "title": "NonAdditive", + "type": "boolean" + }, + "NotAllowedAggregations": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of aggregation types that are not allowed for the calculated field. Valid values for this structure are `COUNT` , `DISTINCT_COUNT` , `MIN` , `MAX` , `MEDIAN` , `SUM` , `AVERAGE` , `STDEV` , `STDEVP` , `VAR` , `VARP` , and `PERCENTILE` .", + "title": "NotAllowedAggregations", + "type": "array" + }, + "SemanticType": { + "$ref": "#/definitions/AWS::QuickSight::Topic.SemanticType", + "markdownDescription": "The semantic type.", + "title": "SemanticType" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" } }, + "required": [ + "CalculatedFieldName", + "Expression" + ], "type": "object" }, - "AWS::QuickSight::Template.TableCellConditionalFormatting": { + "AWS::QuickSight::Topic.TopicCategoryFilter": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID of the cell for conditional formatting.", - "title": "FieldId", + "CategoryFilterFunction": { + "markdownDescription": "The category filter function. Valid values for this structure are `EXACT` and `CONTAINS` .", + "title": "CategoryFilterFunction", "type": "string" }, - "TextFormat": { - "$ref": "#/definitions/AWS::QuickSight::Template.TextConditionalFormat", - "markdownDescription": "The text format of the cell for conditional formatting.", - "title": "TextFormat" + "CategoryFilterType": { + "markdownDescription": "The category filter type. This element is used to specify whether a filter is a simple category filter or an inverse category filter.", + "title": "CategoryFilterType", + "type": "string" + }, + "Constant": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicCategoryFilterConstant", + "markdownDescription": "The constant used in a category filter.", + "title": "Constant" + }, + "Inverse": { + "markdownDescription": "A Boolean value that indicates if the filter is inverse.", + "title": "Inverse", + "type": "boolean" } }, - "required": [ - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Template.TableCellImageSizingConfiguration": { + "AWS::QuickSight::Topic.TopicCategoryFilterConstant": { "additionalProperties": false, "properties": { - "TableCellImageScalingConfiguration": { - "markdownDescription": "The cell scaling configuration of the sizing options for the table image configuration.", - "title": "TableCellImageScalingConfiguration", + "CollectiveConstant": { + "$ref": "#/definitions/AWS::QuickSight::Topic.CollectiveConstant", + "markdownDescription": "A collective constant used in a category filter. This element is used to specify a list of values for the constant.", + "title": "CollectiveConstant" + }, + "ConstantType": { + "markdownDescription": "The type of category filter constant. This element is used to specify whether a constant is a singular or collective. Valid values are `SINGULAR` and `COLLECTIVE` .", + "title": "ConstantType", + "type": "string" + }, + "SingularConstant": { + "markdownDescription": "A singular constant used in a category filter. This element is used to specify a single value for the constant.", + "title": "SingularConstant", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.TableCellStyle": { + "AWS::QuickSight::Topic.TopicColumn": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "markdownDescription": "The background color for the table cells.", - "title": "BackgroundColor", + "Aggregation": { + "markdownDescription": "The type of aggregation that is performed on the column data when it's queried.", + "title": "Aggregation", "type": "string" }, - "Border": { - "$ref": "#/definitions/AWS::QuickSight::Template.GlobalTableBorderOptions", - "markdownDescription": "The borders for the table cells.", - "title": "Border" - }, - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", - "markdownDescription": "The font configuration of the table cells.", - "title": "FontConfiguration" + "AllowedAggregations": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of aggregation types that are allowed for the column. Valid values for this structure are `COUNT` , `DISTINCT_COUNT` , `MIN` , `MAX` , `MEDIAN` , `SUM` , `AVERAGE` , `STDEV` , `STDEVP` , `VAR` , `VARP` , and `PERCENTILE` .", + "title": "AllowedAggregations", + "type": "array" }, - "Height": { - "markdownDescription": "The height color for the table cells.", - "title": "Height", - "type": "number" + "CellValueSynonyms": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Topic.CellValueSynonym" + }, + "markdownDescription": "The other names or aliases for the column cell value.", + "title": "CellValueSynonyms", + "type": "array" }, - "HorizontalTextAlignment": { - "markdownDescription": "The horizontal text alignment (left, center, right, auto) for the table cells.", - "title": "HorizontalTextAlignment", + "ColumnDataRole": { + "markdownDescription": "The role of the column in the data. Valid values are `DIMENSION` and `MEASURE` .", + "title": "ColumnDataRole", "type": "string" }, - "TextWrap": { - "markdownDescription": "The text wrap (none, wrap) for the table cells.", - "title": "TextWrap", + "ColumnDescription": { + "markdownDescription": "A description of the column and its contents.", + "title": "ColumnDescription", "type": "string" }, - "VerticalTextAlignment": { - "markdownDescription": "The vertical text alignment (top, middle, bottom) for the table cells.", - "title": "VerticalTextAlignment", + "ColumnFriendlyName": { + "markdownDescription": "A user-friendly name for the column.", + "title": "ColumnFriendlyName", "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the table cells.", - "title": "Visibility", + "ColumnName": { + "markdownDescription": "The name of the column.", + "title": "ColumnName", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.TableConditionalFormatting": { - "additionalProperties": false, - "properties": { - "ConditionalFormattingOptions": { + }, + "ColumnSynonyms": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableConditionalFormattingOption" + "type": "string" }, - "markdownDescription": "Conditional formatting options for a `PivotTableVisual` .", - "title": "ConditionalFormattingOptions", + "markdownDescription": "The other names or aliases for the column.", + "title": "ColumnSynonyms", "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.TableConditionalFormattingOption": { - "additionalProperties": false, - "properties": { - "Cell": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellConditionalFormatting", - "markdownDescription": "The cell conditional formatting option for a table.", - "title": "Cell" }, - "Row": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableRowConditionalFormatting", - "markdownDescription": "The row conditional formatting option for a table.", - "title": "Row" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.TableConfiguration": { - "additionalProperties": false, - "properties": { - "FieldOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldOptions", - "markdownDescription": "The field options for a table visual.", - "title": "FieldOptions" + "ComparativeOrder": { + "$ref": "#/definitions/AWS::QuickSight::Topic.ComparativeOrder", + "markdownDescription": "The order in which data is displayed for the column when it's used in a comparative context.", + "title": "ComparativeOrder" }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" + "DefaultFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Topic.DefaultFormatting", + "markdownDescription": "The default formatting used for values in the column.", + "title": "DefaultFormatting" }, - "PaginatedReportOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TablePaginatedReportOptions", - "markdownDescription": "The paginated report options for a table visual.", - "title": "PaginatedReportOptions" + "DisableIndexing": { + "markdownDescription": "A Boolean value that indicates whether the column shows in the autocomplete functionality.", + "title": "DisableIndexing", + "type": "boolean" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableSortConfiguration", - "markdownDescription": "The sort configuration for a `TableVisual` .", - "title": "SortConfiguration" + "IsIncludedInTopic": { + "markdownDescription": "A Boolean value that indicates whether the column is included in the query results.", + "title": "IsIncludedInTopic", + "type": "boolean" }, - "TableInlineVisualizations": { + "NeverAggregateInFilter": { + "markdownDescription": "A Boolean value that indicates whether to aggregate the column data when it's used in a filter context.", + "title": "NeverAggregateInFilter", + "type": "boolean" + }, + "NonAdditive": { + "markdownDescription": "The non additive value for the column.", + "title": "NonAdditive", + "type": "boolean" + }, + "NotAllowedAggregations": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableInlineVisualization" + "type": "string" }, - "markdownDescription": "A collection of inline visualizations to display within a chart.", - "title": "TableInlineVisualizations", + "markdownDescription": "The list of aggregation types that are not allowed for the column. Valid values for this structure are `COUNT` , `DISTINCT_COUNT` , `MIN` , `MAX` , `MEDIAN` , `SUM` , `AVERAGE` , `STDEV` , `STDEVP` , `VAR` , `VARP` , and `PERCENTILE` .", + "title": "NotAllowedAggregations", "type": "array" }, - "TableOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableOptions", - "markdownDescription": "The table options for a table visual.", - "title": "TableOptions" - }, - "TotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TotalOptions", - "markdownDescription": "The total options for a table visual.", - "title": "TotalOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.TableFieldCustomIconContent": { - "additionalProperties": false, - "properties": { - "Icon": { - "markdownDescription": "The icon set type (link) of the custom icon content for table URL link content.", - "title": "Icon", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.TableFieldCustomTextContent": { - "additionalProperties": false, - "properties": { - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", - "markdownDescription": "The font configuration of the custom text content for the table URL link content.", - "title": "FontConfiguration" + "SemanticType": { + "$ref": "#/definitions/AWS::QuickSight::Topic.SemanticType", + "markdownDescription": "The semantic type of data contained in the column.", + "title": "SemanticType" }, - "Value": { - "markdownDescription": "The string value of the custom text content for the table URL link content.", - "title": "Value", + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", "type": "string" } }, "required": [ - "FontConfiguration" + "ColumnName" ], "type": "object" }, - "AWS::QuickSight::Template.TableFieldImageConfiguration": { + "AWS::QuickSight::Topic.TopicConfigOptions": { "additionalProperties": false, "properties": { - "SizingOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellImageSizingConfiguration", - "markdownDescription": "The sizing options for the table image configuration.", - "title": "SizingOptions" + "QBusinessInsightsEnabled": { + "markdownDescription": "Enables Amazon Q Business Insights for a `Topic` .", + "title": "QBusinessInsightsEnabled", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Template.TableFieldLinkConfiguration": { + "AWS::QuickSight::Topic.TopicDateRangeFilter": { "additionalProperties": false, "properties": { - "Content": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldLinkContentConfiguration", - "markdownDescription": "The URL content (text, icon) for the table link configuration.", - "title": "Content" + "Constant": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicRangeFilterConstant", + "markdownDescription": "The constant used in a date range filter.", + "title": "Constant" }, - "Target": { - "markdownDescription": "The URL target (new tab, new window, same tab) for the table link configuration.", - "title": "Target", - "type": "string" + "Inclusive": { + "markdownDescription": "A Boolean value that indicates whether the date range filter should include the boundary values. If set to true, the filter includes the start and end dates. If set to false, the filter excludes them.", + "title": "Inclusive", + "type": "boolean" } }, - "required": [ - "Content", - "Target" - ], "type": "object" }, - "AWS::QuickSight::Template.TableFieldLinkContentConfiguration": { + "AWS::QuickSight::Topic.TopicFilter": { "additionalProperties": false, "properties": { - "CustomIconContent": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldCustomIconContent", - "markdownDescription": "The custom icon content for the table link content configuration.", - "title": "CustomIconContent" + "CategoryFilter": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicCategoryFilter", + "markdownDescription": "The category filter that is associated with this filter.", + "title": "CategoryFilter" }, - "CustomTextContent": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldCustomTextContent", - "markdownDescription": "The custom text content (value, font configuration) for the table link content configuration.", - "title": "CustomTextContent" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.TableFieldOption": { - "additionalProperties": false, - "properties": { - "CustomLabel": { - "markdownDescription": "The custom label for a table field.", - "title": "CustomLabel", - "type": "string" + "DateRangeFilter": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicDateRangeFilter", + "markdownDescription": "The date range filter.", + "title": "DateRangeFilter" }, - "FieldId": { - "markdownDescription": "The field ID for a table field.", - "title": "FieldId", + "FilterClass": { + "markdownDescription": "The class of the filter. Valid values for this structure are `ENFORCED_VALUE_FILTER` , `CONDITIONAL_VALUE_FILTER` , and `NAMED_VALUE_FILTER` .", + "title": "FilterClass", "type": "string" }, - "URLStyling": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldURLConfiguration", - "markdownDescription": "The URL configuration for a table field.", - "title": "URLStyling" - }, - "Visibility": { - "markdownDescription": "The visibility of a table field.", - "title": "Visibility", + "FilterDescription": { + "markdownDescription": "A description of the filter used to select items for a topic.", + "title": "FilterDescription", "type": "string" }, - "Width": { - "markdownDescription": "The width for a table field.", - "title": "Width", + "FilterName": { + "markdownDescription": "The name of the filter.", + "title": "FilterName", "type": "string" - } - }, - "required": [ - "FieldId" - ], - "type": "object" - }, - "AWS::QuickSight::Template.TableFieldOptions": { - "additionalProperties": false, - "properties": { - "Order": { - "items": { - "type": "string" - }, - "markdownDescription": "The order of the field IDs that are configured as field options for a table visual.", - "title": "Order", - "type": "array" - }, - "PinnedFieldOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TablePinnedFieldOptions", - "markdownDescription": "The settings for the pinned columns of a table visual.", - "title": "PinnedFieldOptions" }, - "SelectedFieldOptions": { + "FilterSynonyms": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldOption" + "type": "string" }, - "markdownDescription": "The field options to be configured to a table.", - "title": "SelectedFieldOptions", + "markdownDescription": "The other names or aliases for the filter.", + "title": "FilterSynonyms", "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.TableFieldURLConfiguration": { - "additionalProperties": false, - "properties": { - "ImageConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldImageConfiguration", - "markdownDescription": "The image configuration of a table field URL.", - "title": "ImageConfiguration" }, - "LinkConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldLinkConfiguration", - "markdownDescription": "The link configuration of a table field URL.", - "title": "LinkConfiguration" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.TableFieldWells": { - "additionalProperties": false, - "properties": { - "TableAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableAggregatedFieldWells", - "markdownDescription": "The aggregated field well for the table.", - "title": "TableAggregatedFieldWells" + "FilterType": { + "markdownDescription": "The type of the filter. Valid values for this structure are `CATEGORY_FILTER` , `NUMERIC_EQUALITY_FILTER` , `NUMERIC_RANGE_FILTER` , `DATE_RANGE_FILTER` , and `RELATIVE_DATE_FILTER` .", + "title": "FilterType", + "type": "string" }, - "TableUnaggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableUnaggregatedFieldWells", - "markdownDescription": "The unaggregated field well for the table.", - "title": "TableUnaggregatedFieldWells" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.TableInlineVisualization": { - "additionalProperties": false, - "properties": { - "DataBars": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataBarsOptions", - "markdownDescription": "The configuration of the inline visualization of the data bars within a chart.", - "title": "DataBars" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.TableOptions": { - "additionalProperties": false, - "properties": { - "CellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", - "markdownDescription": "The table cell style of table cells.", - "title": "CellStyle" + "NumericEqualityFilter": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicNumericEqualityFilter", + "markdownDescription": "The numeric equality filter.", + "title": "NumericEqualityFilter" }, - "HeaderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", - "markdownDescription": "The table cell style of a table header.", - "title": "HeaderStyle" + "NumericRangeFilter": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicNumericRangeFilter", + "markdownDescription": "The numeric range filter.", + "title": "NumericRangeFilter" }, - "Orientation": { - "markdownDescription": "The orientation (vertical, horizontal) for a table.", - "title": "Orientation", + "OperandFieldName": { + "markdownDescription": "The name of the field that the filter operates on.", + "title": "OperandFieldName", "type": "string" }, - "RowAlternateColorOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.RowAlternateColorOptions", - "markdownDescription": "The row alternate color options (widget status, row alternate colors) for a table.", - "title": "RowAlternateColorOptions" + "RelativeDateFilter": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicRelativeDateFilter", + "markdownDescription": "The relative date filter.", + "title": "RelativeDateFilter" } }, + "required": [ + "FilterName", + "OperandFieldName" + ], "type": "object" }, - "AWS::QuickSight::Template.TablePaginatedReportOptions": { + "AWS::QuickSight::Topic.TopicNamedEntity": { "additionalProperties": false, "properties": { - "OverflowColumnHeaderVisibility": { - "markdownDescription": "The visibility of repeating header rows on each page.", - "title": "OverflowColumnHeaderVisibility", + "Definition": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Topic.NamedEntityDefinition" + }, + "markdownDescription": "The definition of a named entity.", + "title": "Definition", + "type": "array" + }, + "EntityDescription": { + "markdownDescription": "The description of the named entity.", + "title": "EntityDescription", "type": "string" }, - "VerticalOverflowVisibility": { - "markdownDescription": "The visibility of printing table overflow across pages.", - "title": "VerticalOverflowVisibility", + "EntityName": { + "markdownDescription": "The name of the named entity.", + "title": "EntityName", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.TablePinnedFieldOptions": { - "additionalProperties": false, - "properties": { - "PinnedLeftFields": { + }, + "EntitySynonyms": { "items": { "type": "string" }, - "markdownDescription": "A list of columns to be pinned to the left of a table visual.", - "title": "PinnedLeftFields", + "markdownDescription": "The other names or aliases for the named entity.", + "title": "EntitySynonyms", "type": "array" + }, + "SemanticEntityType": { + "$ref": "#/definitions/AWS::QuickSight::Topic.SemanticEntityType", + "markdownDescription": "The type of named entity that a topic represents.", + "title": "SemanticEntityType" } }, + "required": [ + "EntityName" + ], "type": "object" }, - "AWS::QuickSight::Template.TableRowConditionalFormatting": { + "AWS::QuickSight::Topic.TopicNumericEqualityFilter": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting color (solid, gradient) of the background for a table row.", - "title": "BackgroundColor" + "Aggregation": { + "markdownDescription": "An aggregation function that specifies how to calculate the value of a numeric field for a topic. Valid values for this structure are `NO_AGGREGATION` , `SUM` , `AVERAGE` , `COUNT` , `DISTINCT_COUNT` , `MAX` , `MEDIAN` , `MIN` , `STDEV` , `STDEVP` , `VAR` , and `VARP` .", + "title": "Aggregation", + "type": "string" }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting color (solid, gradient) of the text for a table row.", - "title": "TextColor" + "Constant": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicSingularFilterConstant", + "markdownDescription": "The constant used in a numeric equality filter.", + "title": "Constant" } }, "type": "object" }, - "AWS::QuickSight::Template.TableSideBorderOptions": { + "AWS::QuickSight::Topic.TopicNumericRangeFilter": { "additionalProperties": false, "properties": { - "Bottom": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", - "markdownDescription": "The table border options of the bottom border.", - "title": "Bottom" - }, - "InnerHorizontal": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", - "markdownDescription": "The table border options of the inner horizontal border.", - "title": "InnerHorizontal" - }, - "InnerVertical": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", - "markdownDescription": "The table border options of the inner vertical border.", - "title": "InnerVertical" - }, - "Left": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", - "markdownDescription": "The table border options of the left border.", - "title": "Left" + "Aggregation": { + "markdownDescription": "An aggregation function that specifies how to calculate the value of a numeric field for a topic, Valid values for this structure are `NO_AGGREGATION` , `SUM` , `AVERAGE` , `COUNT` , `DISTINCT_COUNT` , `MAX` , `MEDIAN` , `MIN` , `STDEV` , `STDEVP` , `VAR` , and `VARP` .", + "title": "Aggregation", + "type": "string" }, - "Right": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", - "markdownDescription": "The table border options of the right border.", - "title": "Right" + "Constant": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicRangeFilterConstant", + "markdownDescription": "The constant used in a numeric range filter.", + "title": "Constant" }, - "Top": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", - "markdownDescription": "The table border options of the top border.", - "title": "Top" + "Inclusive": { + "markdownDescription": "A Boolean value that indicates whether the endpoints of the numeric range are included in the filter. If set to true, topics whose numeric field value is equal to the endpoint values will be included in the filter. If set to false, topics whose numeric field value is equal to the endpoint values will be excluded from the filter.", + "title": "Inclusive", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Template.TableSortConfiguration": { + "AWS::QuickSight::Topic.TopicRangeFilterConstant": { "additionalProperties": false, "properties": { - "PaginationConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.PaginationConfiguration", - "markdownDescription": "The pagination configuration (page size, page number) for the table.", - "title": "PaginationConfiguration" + "ConstantType": { + "markdownDescription": "The data type of the constant value that is used in a range filter. Valid values for this structure are `RANGE` .", + "title": "ConstantType", + "type": "string" }, - "RowSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" - }, - "markdownDescription": "The field sort options for rows in the table.", - "title": "RowSort", - "type": "array" + "RangeConstant": { + "$ref": "#/definitions/AWS::QuickSight::Topic.RangeConstant", + "markdownDescription": "The value of the constant that is used to specify the endpoints of a range filter.", + "title": "RangeConstant" } }, "type": "object" }, - "AWS::QuickSight::Template.TableStyleTarget": { + "AWS::QuickSight::Topic.TopicRelativeDateFilter": { "additionalProperties": false, "properties": { - "CellType": { - "markdownDescription": "The cell type of the table style target.", - "title": "CellType", + "Constant": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicSingularFilterConstant", + "markdownDescription": "The constant used in a relative date filter.", + "title": "Constant" + }, + "RelativeDateFilterFunction": { + "markdownDescription": "The function to be used in a relative date filter to determine the range of dates to include in the results. Valid values for this structure are `BEFORE` , `AFTER` , and `BETWEEN` .", + "title": "RelativeDateFilterFunction", + "type": "string" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", "type": "string" } }, - "required": [ - "CellType" - ], "type": "object" }, - "AWS::QuickSight::Template.TableUnaggregatedFieldWells": { + "AWS::QuickSight::Topic.TopicSingularFilterConstant": { "additionalProperties": false, "properties": { - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.UnaggregatedField" - }, - "markdownDescription": "The values field well for a pivot table. Values are unaggregated for an unaggregated table.", - "title": "Values", - "type": "array" + "ConstantType": { + "markdownDescription": "The type of the singular filter constant. Valid values for this structure are `SINGULAR` .", + "title": "ConstantType", + "type": "string" + }, + "SingularConstant": { + "markdownDescription": "The value of the singular filter constant.", + "title": "SingularConstant", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.TableVisual": { + "AWS::QuickSight::VPCConnection": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableConditionalFormatting", - "markdownDescription": "The conditional formatting for a `PivotTableVisual` .", - "title": "ConditionalFormatting" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Metadata": { + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Properties": { + "additionalProperties": false, + "properties": { + "AvailabilityStatus": { + "markdownDescription": "The availability status of the VPC connection.", + "title": "AvailabilityStatus", + "type": "string" + }, + "AwsAccountId": { + "markdownDescription": "The AWS account ID of the account where you want to create a new VPC connection.", + "title": "AwsAccountId", + "type": "string" + }, + "DnsResolvers": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of IP addresses of DNS resolver endpoints for the VPC connection.", + "title": "DnsResolvers", + "type": "array" + }, + "Name": { + "markdownDescription": "The display name for the VPC connection.", + "title": "Name", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the IAM role associated with the VPC connection.", + "title": "RoleArn", + "type": "string" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon EC2 security group IDs associated with the VPC connection.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of subnet IDs for the VPC connection.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A map of the key-value pairs for the resource tag or tags assigned to the VPC connection.", + "title": "Tags", + "type": "array" + }, + "VPCConnectionId": { + "markdownDescription": "The ID of the VPC connection that you're creating. This ID is a unique identifier for each AWS Region in an AWS account.", + "title": "VPCConnectionId", + "type": "string" + } + }, + "type": "object" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "Type": { + "enum": [ + "AWS::QuickSight::VPCConnection" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type" ], "type": "object" }, - "AWS::QuickSight::Template.TemplateError": { + "AWS::QuickSight::VPCConnection.NetworkInterface": { "additionalProperties": false, "properties": { - "Message": { - "markdownDescription": "Description of the error type.", - "title": "Message", + "AvailabilityZone": { + "markdownDescription": "The availability zone that the network interface resides in.", + "title": "AvailabilityZone", "type": "string" }, - "Type": { - "markdownDescription": "Type of error.", - "title": "Type", + "ErrorMessage": { + "markdownDescription": "An error message.", + "title": "ErrorMessage", "type": "string" }, - "ViolatedEntities": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.Entity" - }, - "markdownDescription": "An error path that shows which entities caused the template error.", - "title": "ViolatedEntities", - "type": "array" + "NetworkInterfaceId": { + "markdownDescription": "The network interface ID.", + "title": "NetworkInterfaceId", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the network interface.", + "title": "Status", + "type": "string" + }, + "SubnetId": { + "markdownDescription": "The subnet ID associated with the network interface.", + "title": "SubnetId", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.TemplateSourceAnalysis": { + "AWS::RAM::Permission": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", - "title": "Arn", + "Condition": { "type": "string" }, - "DataSetReferences": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataSetReference" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "Specifies the name of the customer managed permission. The name must be unique within the AWS Region .", + "title": "Name", + "type": "string" + }, + "PolicyTemplate": { + "markdownDescription": "A string in JSON format string that contains the following elements of a resource-based policy:\n\n- *Effect* : must be set to `ALLOW` .\n- *Action* : specifies the actions that are allowed by this customer managed permission. The list must contain only actions that are supported by the specified resource type. For a list of all actions supported by each resource type, see [Actions, resources, and condition keys for AWS services](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html) in the *AWS Identity and Access Management User Guide* .\n- *Condition* : (optional) specifies conditional parameters that must evaluate to true when a user attempts an action for that action to be allowed. For more information about the Condition element, see [IAM policies: Condition element](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition.html) in the *AWS Identity and Access Management User Guide* .\n\nThis template can't include either the `Resource` or `Principal` elements. Those are both filled in by AWS RAM when it instantiates the resource-based policy on each resource shared using this managed permission. The `Resource` comes from the ARN of the specific resource that you are sharing. The `Principal` comes from the list of identities added to the resource share.", + "title": "PolicyTemplate", + "type": "object" + }, + "ResourceType": { + "markdownDescription": "Specifies the name of the resource type that this customer managed permission applies to.\n\nThe format is `** : **` and is not case sensitive. For example, to specify an Amazon EC2 Subnet, you can use the string `ec2:subnet` . To see the list of valid values for this parameter, query the [ListResourceTypes](https://docs.aws.amazon.com/ram/latest/APIReference/API_ListResourceTypes.html) operation.", + "title": "ResourceType", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies a list of one or more tag key and value pairs to attach to the permission.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "A structure containing information about the dataset references used as placeholders in the template.", - "title": "DataSetReferences", - "type": "array" + "required": [ + "Name", + "PolicyTemplate", + "ResourceType" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RAM::Permission" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Arn", - "DataSetReferences" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Template.TemplateSourceEntity": { + "AWS::RAM::ResourceShare": { "additionalProperties": false, "properties": { - "SourceAnalysis": { - "$ref": "#/definitions/AWS::QuickSight::Template.TemplateSourceAnalysis", - "markdownDescription": "The source analysis, if it is based on an analysis.", - "title": "SourceAnalysis" + "Condition": { + "type": "string" }, - "SourceTemplate": { - "$ref": "#/definitions/AWS::QuickSight::Template.TemplateSourceTemplate", - "markdownDescription": "The source template, if it is based on an template.", - "title": "SourceTemplate" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AllowExternalPrincipals": { + "markdownDescription": "Specifies whether principals outside your organization in AWS Organizations can be associated with a resource share. A value of `true` lets you share with individual AWS accounts that are *not* in your organization. A value of `false` only has meaning if your account is a member of an AWS Organization. The default value is `true` .", + "title": "AllowExternalPrincipals", + "type": "boolean" + }, + "Name": { + "markdownDescription": "Specifies the name of the resource share.", + "title": "Name", + "type": "string" + }, + "PermissionArns": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html) of the AWS RAM permission to associate with the resource share. If you do not specify an ARN for the permission, AWS RAM automatically attaches the default version of the permission for each resource type. You can associate only one permission with each resource type included in the resource share.", + "title": "PermissionArns", + "type": "array" + }, + "Principals": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the principals to associate with the resource share. The possible values are:\n\n- An AWS account ID\n- An Amazon Resource Name (ARN) of an organization in AWS Organizations\n- An ARN of an organizational unit (OU) in AWS Organizations\n- An ARN of an IAM role\n- An ARN of an IAM user\n\n> Not all resource types can be shared with IAM roles and users. For more information, see the column *Can share with IAM roles and users* in the tables on [Shareable AWS resources](https://docs.aws.amazon.com/ram/latest/userguide/shareable.html) in the *AWS Resource Access Manager User Guide* .", + "title": "Principals", + "type": "array" + }, + "ResourceArns": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies a list of one or more ARNs of the resources to associate with the resource share.", + "title": "ResourceArns", + "type": "array" + }, + "Sources": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies from which source accounts the service principal has access to the resources in this resource share.", + "title": "Sources", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies one or more tags to attach to the resource share itself. It doesn't attach the tags to the resources associated with the resource share.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RAM::ResourceShare" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Template.TemplateSourceTemplate": { + "AWS::RDS::CustomDBEngineVersion": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", - "title": "Arn", + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DatabaseInstallationFilesS3BucketName": { + "markdownDescription": "The name of an Amazon S3 bucket that contains database installation files for your CEV. For example, a valid bucket name is `my-custom-installation-files` .", + "title": "DatabaseInstallationFilesS3BucketName", + "type": "string" + }, + "DatabaseInstallationFilesS3Prefix": { + "markdownDescription": "The Amazon S3 directory that contains the database installation files for your CEV. For example, a valid bucket name is `123456789012/cev1` . If this setting isn't specified, no prefix is assumed.", + "title": "DatabaseInstallationFilesS3Prefix", + "type": "string" + }, + "Description": { + "markdownDescription": "An optional description of your CEV.", + "title": "Description", + "type": "string" + }, + "Engine": { + "markdownDescription": "The database engine to use for your custom engine version (CEV).\n\nValid values:\n\n- `custom-oracle-ee`\n- `custom-oracle-ee-cdb`", + "title": "Engine", + "type": "string" + }, + "EngineVersion": { + "markdownDescription": "The name of your CEV. The name format is `major version.customized_string` . For example, a valid CEV name is `19.my_cev1` . This setting is required for RDS Custom for Oracle, but optional for Amazon RDS. The combination of `Engine` and `EngineVersion` is unique per customer per Region.\n\n*Constraints:* Minimum length is 1. Maximum length is 60.\n\n*Pattern:* `^[a-z0-9_.-]{1,60$` }", + "title": "EngineVersion", + "type": "string" + }, + "ImageId": { + "markdownDescription": "A value that indicates the ID of the AMI.", + "title": "ImageId", + "type": "string" + }, + "KMSKeyId": { + "markdownDescription": "The AWS KMS key identifier for an encrypted CEV. A symmetric encryption KMS key is required for RDS Custom, but optional for Amazon RDS.\n\nIf you have an existing symmetric encryption KMS key in your account, you can use it with RDS Custom. No further action is necessary. If you don't already have a symmetric encryption KMS key in your account, follow the instructions in [Creating a symmetric encryption KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/create-keys.html#create-symmetric-cmk) in the *AWS Key Management Service Developer Guide* .\n\nYou can choose the same symmetric encryption key when you create a CEV and a DB instance, or choose different keys.", + "title": "KMSKeyId", + "type": "string" + }, + "Manifest": { + "markdownDescription": "The CEV manifest, which is a JSON document that describes the installation .zip files stored in Amazon S3. Specify the name/value pairs in a file or a quoted string. RDS Custom applies the patches in the order in which they are listed.\n\nThe following JSON fields are valid:\n\n- **MediaImportTemplateVersion** - Version of the CEV manifest. The date is in the format `YYYY-MM-DD` .\n- **databaseInstallationFileNames** - Ordered list of installation files for the CEV.\n- **opatchFileNames** - Ordered list of OPatch installers used for the Oracle DB engine.\n- **psuRuPatchFileNames** - The PSU and RU patches for this CEV.\n- **OtherPatchFileNames** - The patches that are not in the list of PSU and RU patches. Amazon RDS applies these patches after applying the PSU and RU patches.\n\nFor more information, see [Creating the CEV manifest](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-cev.html#custom-cev.preparing.manifest) in the *Amazon RDS User Guide* .", + "title": "Manifest", + "type": "string" + }, + "SourceCustomDbEngineVersionIdentifier": { + "markdownDescription": "The ARN of a CEV to use as a source for creating a new CEV. You can specify a different Amazon Machine Imagine (AMI) by using either `Source` or `UseAwsProvidedLatestImage` . You can't specify a different JSON manifest when you specify `SourceCustomDbEngineVersionIdentifier` .", + "title": "SourceCustomDbEngineVersionIdentifier", + "type": "string" + }, + "Status": { + "markdownDescription": "A value that indicates the status of a custom engine version (CEV).", + "title": "Status", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags. For more information, see [Tagging Amazon RDS Resources](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) in the *Amazon RDS User Guide.*", + "title": "Tags", + "type": "array" + }, + "UseAwsProvidedLatestImage": { + "markdownDescription": "Specifies whether to use the latest service-provided Amazon Machine Image (AMI) for the CEV. If you specify `UseAwsProvidedLatestImage` , you can't also specify `ImageId` .", + "title": "UseAwsProvidedLatestImage", + "type": "boolean" + } + }, + "required": [ + "Engine", + "EngineVersion" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RDS::CustomDBEngineVersion" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Arn" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Template.TemplateVersion": { + "AWS::RDS::DBCluster": { "additionalProperties": false, "properties": { - "CreatedTime": { - "markdownDescription": "The time that this template version was created.", - "title": "CreatedTime", + "Condition": { "type": "string" }, - "DataSetConfigurations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataSetConfiguration" - }, - "markdownDescription": "Schema of the dataset identified by the placeholder. Any dashboard created from this template should be bound to new datasets matching the same schema described through this API operation.", - "title": "DataSetConfigurations", - "type": "array" - }, - "Description": { - "markdownDescription": "The description of the template.", - "title": "Description", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Errors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.TemplateError" - }, - "markdownDescription": "Errors associated with this template version.", - "title": "Errors", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Sheets": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.Sheet" - }, - "markdownDescription": "A list of the associated sheets with the unique identifier and name of each sheet.", - "title": "Sheets", - "type": "array" + "Metadata": { + "type": "object" }, - "SourceEntityArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an analysis or template that was used to create this template.", - "title": "SourceEntityArn", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "AllocatedStorage": { + "markdownDescription": "The amount of storage in gibibytes (GiB) to allocate to each DB instance in the Multi-AZ DB cluster.\n\nValid for Cluster Type: Multi-AZ DB clusters only\n\nThis setting is required to create a Multi-AZ DB cluster.", + "title": "AllocatedStorage", + "type": "number" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/AWS::RDS::DBCluster.DBClusterRole" + }, + "markdownDescription": "Provides a list of the AWS Identity and Access Management (IAM) roles that are associated with the DB cluster. IAM roles that are associated with a DB cluster grant permission for the DB cluster to access other Amazon Web Services on your behalf.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "AssociatedRoles", + "type": "array" + }, + "AutoMinorVersionUpgrade": { + "markdownDescription": "Specifies whether minor engine upgrades are applied automatically to the DB cluster during the maintenance window. By default, minor engine upgrades are applied automatically.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB cluster.\n\nFor more information about automatic minor version upgrades, see [Automatically upgrading the minor engine version](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Upgrading.html#USER_UpgradeDBInstance.Upgrading.AutoMinorVersionUpgrades) .", + "title": "AutoMinorVersionUpgrade", + "type": "boolean" + }, + "AvailabilityZones": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of Availability Zones (AZs) where instances in the DB cluster can be created. For information on AWS Regions and Availability Zones, see [Choosing the Regions and Availability Zones](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.RegionsAndAvailabilityZones.html) in the *Amazon Aurora User Guide* .\n\nValid for: Aurora DB clusters only", + "title": "AvailabilityZones", + "type": "array" + }, + "BacktrackWindow": { + "markdownDescription": "The target backtrack window, in seconds. To disable backtracking, set this value to `0` .\n\nValid for Cluster Type: Aurora MySQL DB clusters only\n\nDefault: `0`\n\nConstraints:\n\n- If specified, this value must be set to a number from 0 to 259,200 (72 hours).", + "title": "BacktrackWindow", + "type": "number" + }, + "BackupRetentionPeriod": { + "markdownDescription": "The number of days for which automated backups are retained.\n\nDefault: 1\n\nConstraints:\n\n- Must be a value from 1 to 35\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "BackupRetentionPeriod", + "type": "number" + }, + "ClusterScalabilityType": { + "markdownDescription": "Specifies the scalability mode of the Aurora DB cluster. When set to `limitless` , the cluster operates as an Aurora Limitless Database, allowing you to create a DB shard group for horizontal scaling (sharding) capabilities. When set to `standard` (the default), the cluster uses normal DB instance creation.\n\n*Important:* Automated backup retention isn't supported with Aurora Limitless Database clusters. If you set this property to `limitless` , you cannot set `DeleteAutomatedBackups` to `false` . To create a backup, use manual snapshots instead.", + "title": "ClusterScalabilityType", + "type": "string" + }, + "CopyTagsToSnapshot": { + "markdownDescription": "A value that indicates whether to copy all tags from the DB cluster to snapshots of the DB cluster. The default is not to copy them.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "CopyTagsToSnapshot", + "type": "boolean" + }, + "DBClusterIdentifier": { + "markdownDescription": "The DB cluster identifier. This parameter is stored as a lowercase string.\n\nConstraints:\n\n- Must contain from 1 to 63 letters, numbers, or hyphens.\n- First character must be a letter.\n- Can't end with a hyphen or contain two consecutive hyphens.\n\nExample: `my-cluster1`\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "DBClusterIdentifier", + "type": "string" + }, + "DBClusterInstanceClass": { + "markdownDescription": "The compute and memory capacity of each DB instance in the Multi-AZ DB cluster, for example `db.m6gd.xlarge` . Not all DB instance classes are available in all AWS Regions , or for all database engines.\n\nFor the full list of DB instance classes and availability for your engine, see [DB instance class](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html) in the *Amazon RDS User Guide* .\n\nThis setting is required to create a Multi-AZ DB cluster.\n\nValid for Cluster Type: Multi-AZ DB clusters only", + "title": "DBClusterInstanceClass", + "type": "string" + }, + "DBClusterParameterGroupName": { + "markdownDescription": "The name of the DB cluster parameter group to associate with this DB cluster.\n\n> If you apply a parameter group to an existing DB cluster, then its DB instances might need to reboot. This can result in an outage while the DB instances are rebooting.\n> \n> If you apply a change to parameter group associated with a stopped DB cluster, then the update stack waits until the DB cluster is started. \n\nTo list all of the available DB cluster parameter group names, use the following command:\n\n`aws rds describe-db-cluster-parameter-groups --query \"DBClusterParameterGroups[].DBClusterParameterGroupName\" --output text`\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "DBClusterParameterGroupName", + "type": "string" + }, + "DBInstanceParameterGroupName": { + "markdownDescription": "The name of the DB parameter group to apply to all instances of the DB cluster.\n\n> When you apply a parameter group using the `DBInstanceParameterGroupName` parameter, the DB cluster isn't rebooted automatically. Also, parameter changes are applied immediately rather than during the next maintenance window. \n\nValid for Cluster Type: Aurora DB clusters only\n\nDefault: The existing name setting\n\nConstraints:\n\n- The DB parameter group must be in the same DB parameter group family as this DB cluster.\n- The `DBInstanceParameterGroupName` parameter is valid in combination with the `AllowMajorVersionUpgrade` parameter for a major version upgrade only.", + "title": "DBInstanceParameterGroupName", + "type": "string" + }, + "DBSubnetGroupName": { + "markdownDescription": "A DB subnet group that you want to associate with this DB cluster.\n\nIf you are restoring a DB cluster to a point in time with `RestoreType` set to `copy-on-write` , and don't specify a DB subnet group name, then the DB cluster is restored with a default DB subnet group.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "DBSubnetGroupName", + "type": "string" + }, + "DBSystemId": { + "markdownDescription": "Reserved for future use.", + "title": "DBSystemId", + "type": "string" + }, + "DatabaseInsightsMode": { + "markdownDescription": "The mode of Database Insights to enable for the DB cluster.\n\nIf you set this value to `advanced` , you must also set the `PerformanceInsightsEnabled` parameter to `true` and the `PerformanceInsightsRetentionPeriod` parameter to 465.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters", + "title": "DatabaseInsightsMode", + "type": "string" + }, + "DatabaseName": { + "markdownDescription": "The name of your database. If you don't provide a name, then Amazon RDS won't create a database in this DB cluster. For naming constraints, see [Naming Constraints](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/CHAP_Limits.html#RDS_Limits.Constraints) in the *Amazon Aurora User Guide* .\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "DatabaseName", + "type": "string" + }, + "DeleteAutomatedBackups": { + "markdownDescription": "Specifies whether to remove automated backups immediately after the DB cluster is deleted. This parameter isn't case-sensitive. The default is to remove automated backups immediately after the DB cluster is deleted, unless the AWS Backup policy specifies a point-in-time restore rule.", + "title": "DeleteAutomatedBackups", + "type": "boolean" + }, + "DeletionProtection": { + "markdownDescription": "A value that indicates whether the DB cluster has deletion protection enabled. The database can't be deleted when deletion protection is enabled. By default, deletion protection is disabled.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "DeletionProtection", + "type": "boolean" + }, + "Domain": { + "markdownDescription": "Indicates the directory ID of the Active Directory to create the DB cluster.\n\nFor Amazon Aurora DB clusters, Amazon RDS can use Kerberos authentication to authenticate users that connect to the DB cluster.\n\nFor more information, see [Kerberos authentication](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/kerberos-authentication.html) in the *Amazon Aurora User Guide* .\n\nValid for: Aurora DB clusters only", + "title": "Domain", + "type": "string" + }, + "DomainIAMRoleName": { + "markdownDescription": "Specifies the name of the IAM role to use when making API calls to the Directory Service.\n\nValid for: Aurora DB clusters only", + "title": "DomainIAMRoleName", + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of log types that need to be enabled for exporting to CloudWatch Logs. The values in the list depend on the DB engine being used. For more information, see [Publishing Database Logs to Amazon CloudWatch Logs](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_LogAccess.html#USER_LogAccess.Procedural.UploadtoCloudWatch) in the *Amazon Aurora User Guide* .\n\n*Aurora MySQL*\n\nValid values: `audit` , `error` , `general` , `slowquery`\n\n*Aurora PostgreSQL*\n\nValid values: `postgresql`\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "EnableCloudwatchLogsExports", + "type": "array" + }, + "EnableGlobalWriteForwarding": { + "markdownDescription": "Specifies whether to enable this DB cluster to forward write operations to the primary cluster of a global cluster (Aurora global database). By default, write operations are not allowed on Aurora DB clusters that are secondary clusters in an Aurora global database.\n\nYou can set this value only on Aurora DB clusters that are members of an Aurora global database. With this parameter enabled, a secondary cluster can forward writes to the current primary cluster, and the resulting changes are replicated back to this cluster. For the primary DB cluster of an Aurora global database, this value is used immediately if the primary is demoted by a global cluster API operation, but it does nothing until then.\n\nValid for Cluster Type: Aurora DB clusters only", + "title": "EnableGlobalWriteForwarding", + "type": "boolean" + }, + "EnableHttpEndpoint": { + "markdownDescription": "Specifies whether to enable the HTTP endpoint for the DB cluster. By default, the HTTP endpoint isn't enabled.\n\nWhen enabled, the HTTP endpoint provides a connectionless web service API (RDS Data API) for running SQL queries on the DB cluster. You can also query your database from inside the RDS console with the RDS query editor.\n\nFor more information, see [Using RDS Data API](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/data-api.html) in the *Amazon Aurora User Guide* .\n\nValid for Cluster Type: Aurora DB clusters only", + "title": "EnableHttpEndpoint", + "type": "boolean" + }, + "EnableIAMDatabaseAuthentication": { + "markdownDescription": "A value that indicates whether to enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts. By default, mapping is disabled.\n\nFor more information, see [IAM Database Authentication](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.IAMDBAuth.html) in the *Amazon Aurora User Guide.*\n\nValid for: Aurora DB clusters only", + "title": "EnableIAMDatabaseAuthentication", + "type": "boolean" + }, + "EnableLocalWriteForwarding": { + "markdownDescription": "Specifies whether read replicas can forward write operations to the writer DB instance in the DB cluster. By default, write operations aren't allowed on reader DB instances.\n\nValid for: Aurora DB clusters only", + "title": "EnableLocalWriteForwarding", + "type": "boolean" + }, + "Engine": { + "markdownDescription": "The name of the database engine to be used for this DB cluster.\n\nValid Values:\n\n- `aurora-mysql`\n- `aurora-postgresql`\n- `mysql`\n- `postgres`\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "Engine", + "type": "string" + }, + "EngineLifecycleSupport": { + "markdownDescription": "The life cycle type for this DB cluster.\n\n> By default, this value is set to `open-source-rds-extended-support` , which enrolls your DB cluster into Amazon RDS Extended Support. At the end of standard support, you can avoid charges for Extended Support by setting the value to `open-source-rds-extended-support-disabled` . In this case, creating the DB cluster will fail if the DB major version is past its end of standard support date. \n\nYou can use this setting to enroll your DB cluster into Amazon RDS Extended Support. With RDS Extended Support, you can run the selected major engine version on your DB cluster past the end of standard support for that engine version. For more information, see the following sections:\n\n- Amazon Aurora - [Amazon RDS Extended Support with Amazon Aurora](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/extended-support.html) in the *Amazon Aurora User Guide*\n- Amazon RDS - [Amazon RDS Extended Support with Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/extended-support.html) in the *Amazon RDS User Guide*\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n\nValid Values: `open-source-rds-extended-support | open-source-rds-extended-support-disabled`\n\nDefault: `open-source-rds-extended-support`", + "title": "EngineLifecycleSupport", + "type": "string" + }, + "EngineMode": { + "markdownDescription": "The DB engine mode of the DB cluster, either `provisioned` or `serverless` .\n\nThe `serverless` engine mode only applies for Aurora Serverless v1 DB clusters. Aurora Serverless v2 DB clusters use the `provisioned` engine mode.\n\nFor information about limitations and requirements for Serverless DB clusters, see the following sections in the *Amazon Aurora User Guide* :\n\n- [Limitations of Aurora Serverless v1](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.html#aurora-serverless.limitations)\n- [Requirements for Aurora Serverless v2](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless-v2.requirements.html)\n\nValid for Cluster Type: Aurora DB clusters only", + "title": "EngineMode", + "type": "string" + }, + "EngineVersion": { + "markdownDescription": "The version number of the database engine to use.\n\nTo list all of the available engine versions for Aurora MySQL version 2 (5.7-compatible) and version 3 (8.0-compatible), use the following command:\n\n`aws rds describe-db-engine-versions --engine aurora-mysql --query \"DBEngineVersions[].EngineVersion\"`\n\nYou can supply either `5.7` or `8.0` to use the default engine version for Aurora MySQL version 2 or version 3, respectively.\n\nTo list all of the available engine versions for Aurora PostgreSQL, use the following command:\n\n`aws rds describe-db-engine-versions --engine aurora-postgresql --query \"DBEngineVersions[].EngineVersion\"`\n\nTo list all of the available engine versions for RDS for MySQL, use the following command:\n\n`aws rds describe-db-engine-versions --engine mysql --query \"DBEngineVersions[].EngineVersion\"`\n\nTo list all of the available engine versions for RDS for PostgreSQL, use the following command:\n\n`aws rds describe-db-engine-versions --engine postgres --query \"DBEngineVersions[].EngineVersion\"`\n\n*Aurora MySQL*\n\nFor information, see [Database engine updates for Amazon Aurora MySQL](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraMySQL.Updates.html) in the *Amazon Aurora User Guide* .\n\n*Aurora PostgreSQL*\n\nFor information, see [Amazon Aurora PostgreSQL releases and engine versions](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraPostgreSQL.Updates.20180305.html) in the *Amazon Aurora User Guide* .\n\n*MySQL*\n\nFor information, see [Amazon RDS for MySQL](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MySQL.html#MySQL.Concepts.VersionMgmt) in the *Amazon RDS User Guide* .\n\n*PostgreSQL*\n\nFor information, see [Amazon RDS for PostgreSQL](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_PostgreSQL.html#PostgreSQL.Concepts) in the *Amazon RDS User Guide* .\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "EngineVersion", + "type": "string" + }, + "GlobalClusterIdentifier": { + "markdownDescription": "If you are configuring an Aurora global database cluster and want your Aurora DB cluster to be a secondary member in the global database cluster, specify the global cluster ID of the global database cluster. To define the primary database cluster of the global cluster, use the [AWS::RDS::GlobalCluster](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-globalcluster.html) resource.\n\nIf you aren't configuring a global database cluster, don't specify this property.\n\n> To remove the DB cluster from a global database cluster, specify an empty value for the `GlobalClusterIdentifier` property. \n\nFor information about Aurora global databases, see [Working with Amazon Aurora Global Databases](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database.html) in the *Amazon Aurora User Guide* .\n\nValid for: Aurora DB clusters only", + "title": "GlobalClusterIdentifier", + "type": "string" + }, + "Iops": { + "markdownDescription": "The amount of Provisioned IOPS (input/output operations per second) to be initially allocated for each DB instance in the Multi-AZ DB cluster.\n\nFor information about valid IOPS values, see [Provisioned IOPS storage](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#USER_PIOPS) in the *Amazon RDS User Guide* .\n\nThis setting is required to create a Multi-AZ DB cluster.\n\nValid for Cluster Type: Multi-AZ DB clusters only\n\nConstraints:\n\n- Must be a multiple between .5 and 50 of the storage amount for the DB cluster.", + "title": "Iops", + "type": "number" + }, + "KmsKeyId": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key that is used to encrypt the database instances in the DB cluster, such as `arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef` . If you enable the `StorageEncrypted` property but don't specify this property, the default KMS key is used. If you specify this property, you must set the `StorageEncrypted` property to `true` .\n\nIf you specify the `SnapshotIdentifier` property, the `StorageEncrypted` property value is inherited from the snapshot, and if the DB cluster is encrypted, the specified `KmsKeyId` property is used.\n\nIf you create a read replica of an encrypted DB cluster in another AWS Region, make sure to set `KmsKeyId` to a KMS key identifier that is valid in the destination AWS Region. This KMS key is used to encrypt the read replica in that AWS Region.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "KmsKeyId", + "type": "string" + }, + "ManageMasterUserPassword": { + "markdownDescription": "Specifies whether to manage the master user password with AWS Secrets Manager.\n\nFor more information, see [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide* and [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html) in the *Amazon Aurora User Guide.*\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n\nConstraints:\n\n- Can't manage the master user password with AWS Secrets Manager if `MasterUserPassword` is specified.", + "title": "ManageMasterUserPassword", + "type": "boolean" + }, + "MasterUserPassword": { + "markdownDescription": "The master password for the DB instance.\n\n> If you specify the `SourceDBClusterIdentifier` , `SnapshotIdentifier` , or `GlobalClusterIdentifier` property, don't specify this property. The value is inherited from the source DB cluster, the snapshot, or the primary DB cluster for the global database cluster, respectively. \n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "MasterUserPassword", + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/AWS::RDS::DBCluster.MasterUserSecret", + "markdownDescription": "The secret managed by RDS in AWS Secrets Manager for the master user password.\n\n> When you restore a DB cluster from a snapshot, Amazon RDS generates a new secret instead of reusing the secret specified in the `SecretArn` property. This ensures that the restored DB cluster is securely managed with a dedicated secret. To maintain consistent integration with your application, you might need to update resource configurations to reference the newly created secret. \n\nFor more information, see [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide* and [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html) in the *Amazon Aurora User Guide.*", + "title": "MasterUserSecret" + }, + "MasterUsername": { + "markdownDescription": "The name of the master user for the DB cluster.\n\n> If you specify the `SourceDBClusterIdentifier` , `SnapshotIdentifier` , or `GlobalClusterIdentifier` property, don't specify this property. The value is inherited from the source DB cluster, the snapshot, or the primary DB cluster for the global database cluster, respectively. \n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "MasterUsername", + "type": "string" + }, + "MonitoringInterval": { + "markdownDescription": "The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB cluster. To turn off collecting Enhanced Monitoring metrics, specify `0` .\n\nIf `MonitoringRoleArn` is specified, also set `MonitoringInterval` to a value other than `0` .\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n\nValid Values: `0 | 1 | 5 | 10 | 15 | 30 | 60`\n\nDefault: `0`", + "title": "MonitoringInterval", + "type": "number" + }, + "MonitoringRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the IAM role that permits RDS to send Enhanced Monitoring metrics to Amazon CloudWatch Logs. An example is `arn:aws:iam:123456789012:role/emaccess` . For information on creating a monitoring role, see [Setting up and enabling Enhanced Monitoring](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.OS.html#USER_Monitoring.OS.Enabling) in the *Amazon RDS User Guide* .\n\nIf `MonitoringInterval` is set to a value other than `0` , supply a `MonitoringRoleArn` value.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters", + "title": "MonitoringRoleArn", + "type": "string" + }, + "NetworkType": { + "markdownDescription": "The network type of the DB cluster.\n\nValid values:\n\n- `IPV4`\n- `DUAL`\n\nThe network type is determined by the `DBSubnetGroup` specified for the DB cluster. A `DBSubnetGroup` can support only the IPv4 protocol or the IPv4 and IPv6 protocols ( `DUAL` ).\n\nFor more information, see [Working with a DB instance in a VPC](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_VPC.WorkingWithRDSInstanceinaVPC.html) in the *Amazon Aurora User Guide.*\n\nValid for: Aurora DB clusters only", + "title": "NetworkType", + "type": "string" + }, + "PerformanceInsightsEnabled": { + "markdownDescription": "Specifies whether to turn on Performance Insights for the DB cluster.\n\nFor more information, see [Using Amazon Performance Insights](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.html) in the *Amazon RDS User Guide* .\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters", + "title": "PerformanceInsightsEnabled", + "type": "boolean" + }, + "PerformanceInsightsKmsKeyId": { + "markdownDescription": "The AWS KMS key identifier for encryption of Performance Insights data.\n\nThe AWS KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.\n\nIf you don't specify a value for `PerformanceInsightsKMSKeyId` , then Amazon RDS uses your default KMS key. There is a default KMS key for your AWS account . Your AWS account has a different default KMS key for each AWS Region .\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters", + "title": "PerformanceInsightsKmsKeyId", + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "markdownDescription": "The number of days to retain Performance Insights data. When creating a DB cluster without enabling Performance Insights, you can't specify the parameter `PerformanceInsightsRetentionPeriod` .\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n\nValid Values:\n\n- `7`\n- *month* * 31, where *month* is a number of months from 1-23. Examples: `93` (3 months * 31), `341` (11 months * 31), `589` (19 months * 31)\n- `731`\n\nDefault: `7` days\n\nIf you specify a retention period that isn't valid, such as `94` , Amazon RDS issues an error.", + "title": "PerformanceInsightsRetentionPeriod", + "type": "number" + }, + "Port": { + "markdownDescription": "The port number on which the DB instances in the DB cluster accept connections.\n\nDefault:\n\n- When `EngineMode` is `provisioned` , `3306` (for both Aurora MySQL and Aurora PostgreSQL)\n- When `EngineMode` is `serverless` :\n\n- `3306` when `Engine` is `aurora` or `aurora-mysql`\n- `5432` when `Engine` is `aurora-postgresql`\n\n> The `No interruption` on update behavior only applies to DB clusters. If you are updating a DB instance, see [Port](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-port) for the AWS::RDS::DBInstance resource. \n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "Port", + "type": "number" + }, + "PreferredBackupWindow": { + "markdownDescription": "The daily time range during which automated backups are created. For more information, see [Backup Window](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Managing.Backups.html#Aurora.Managing.Backups.BackupWindow) in the *Amazon Aurora User Guide.*\n\nConstraints:\n\n- Must be in the format `hh24:mi-hh24:mi` .\n- Must be in Universal Coordinated Time (UTC).\n- Must not conflict with the preferred maintenance window.\n- Must be at least 30 minutes.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "PreferredBackupWindow", + "type": "string" + }, + "PreferredMaintenanceWindow": { + "markdownDescription": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n\nFormat: `ddd:hh24:mi-ddd:hh24:mi`\n\nThe default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region, occurring on a random day of the week. To see the time blocks available, see [Maintaining an Amazon Aurora DB cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_UpgradeDBInstance.Maintenance.html#AdjustingTheMaintenanceWindow.Aurora) in the *Amazon Aurora User Guide.*\n\nValid Days: Mon, Tue, Wed, Thu, Fri, Sat, Sun.\n\nConstraints: Minimum 30-minute window.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "PreferredMaintenanceWindow", + "type": "string" + }, + "PubliclyAccessible": { + "markdownDescription": "Specifies whether the DB cluster is publicly accessible.\n\nWhen the DB cluster is publicly accessible and you connect from outside of the DB cluster's virtual private cloud (VPC), its Domain Name System (DNS) endpoint resolves to the public IP address. When you connect from within the same VPC as the DB cluster, the endpoint resolves to the private IP address. Access to the DB cluster is ultimately controlled by the security group it uses. That public access isn't permitted if the security group assigned to the DB cluster doesn't permit it.\n\nWhen the DB cluster isn't publicly accessible, it is an internal DB cluster with a DNS name that resolves to a private IP address.\n\nValid for Cluster Type: Multi-AZ DB clusters only\n\nDefault: The default behavior varies depending on whether `DBSubnetGroupName` is specified.\n\nIf `DBSubnetGroupName` isn't specified, and `PubliclyAccessible` isn't specified, the following applies:\n\n- If the default VPC in the target Region doesn\u2019t have an internet gateway attached to it, the DB cluster is private.\n- If the default VPC in the target Region has an internet gateway attached to it, the DB cluster is public.\n\nIf `DBSubnetGroupName` is specified, and `PubliclyAccessible` isn't specified, the following applies:\n\n- If the subnets are part of a VPC that doesn\u2019t have an internet gateway attached to it, the DB cluster is private.\n- If the subnets are part of a VPC that has an internet gateway attached to it, the DB cluster is public.", + "title": "PubliclyAccessible", + "type": "boolean" + }, + "ReplicationSourceIdentifier": { + "markdownDescription": "The Amazon Resource Name (ARN) of the source DB instance or DB cluster if this DB cluster is created as a read replica.\n\nValid for: Aurora DB clusters only", + "title": "ReplicationSourceIdentifier", + "type": "string" + }, + "RestoreToTime": { + "markdownDescription": "The date and time to restore the DB cluster to.\n\nValid Values: Value must be a time in Universal Coordinated Time (UTC) format\n\nConstraints:\n\n- Must be before the latest restorable time for the DB instance\n- Must be specified if `UseLatestRestorableTime` parameter isn't provided\n- Can't be specified if the `UseLatestRestorableTime` parameter is enabled\n- Can't be specified if the `RestoreType` parameter is `copy-on-write`\n\nThis property must be used with `SourceDBClusterIdentifier` property. The resulting cluster will have the identifier that matches the value of the `DBclusterIdentifier` property.\n\nExample: `2015-03-07T23:45:00Z`\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "RestoreToTime", + "type": "string" + }, + "RestoreType": { + "markdownDescription": "The type of restore to be performed. You can specify one of the following values:\n\n- `full-copy` - The new DB cluster is restored as a full copy of the source DB cluster.\n- `copy-on-write` - The new DB cluster is restored as a clone of the source DB cluster.\n\nIf you don't specify a `RestoreType` value, then the new DB cluster is restored as a full copy of the source DB cluster.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "RestoreType", + "type": "string" + }, + "ScalingConfiguration": { + "$ref": "#/definitions/AWS::RDS::DBCluster.ScalingConfiguration", + "markdownDescription": "The scaling configuration of an Aurora Serverless v1 DB cluster.\n\nThis property is only supported for Aurora Serverless v1. For Aurora Serverless v2, Use the `ServerlessV2ScalingConfiguration` property.\n\nValid for: Aurora Serverless v1 DB clusters only", + "title": "ScalingConfiguration" + }, + "ServerlessV2ScalingConfiguration": { + "$ref": "#/definitions/AWS::RDS::DBCluster.ServerlessV2ScalingConfiguration", + "markdownDescription": "The scaling configuration of an Aurora Serverless V2 DB cluster.\n\nThis property is only supported for Aurora Serverless v2. For Aurora Serverless v1, Use the `ScalingConfiguration` property.\n\nValid for: Aurora Serverless v2 DB clusters only", + "title": "ServerlessV2ScalingConfiguration" + }, + "SnapshotIdentifier": { + "markdownDescription": "The identifier for the DB snapshot or DB cluster snapshot to restore from.\n\nYou can use either the name or the Amazon Resource Name (ARN) to specify a DB cluster snapshot. However, you can use only the ARN to specify a DB snapshot.\n\nAfter you restore a DB cluster with a `SnapshotIdentifier` property, you must specify the same `SnapshotIdentifier` property for any future updates to the DB cluster. When you specify this property for an update, the DB cluster is not restored from the snapshot again, and the data in the database is not changed. However, if you don't specify the `SnapshotIdentifier` property, an empty DB cluster is created, and the original DB cluster is deleted. If you specify a property that is different from the previous snapshot restore property, a new DB cluster is restored from the specified `SnapshotIdentifier` property, and the original DB cluster is deleted.\n\nIf you specify the `SnapshotIdentifier` property to restore a DB cluster (as opposed to specifying it for DB cluster updates), then don't specify the following properties:\n\n- `GlobalClusterIdentifier`\n- `MasterUsername`\n- `MasterUserPassword`\n- `ReplicationSourceIdentifier`\n- `RestoreType`\n- `SourceDBClusterIdentifier`\n- `SourceRegion`\n- `StorageEncrypted` (for an encrypted snapshot)\n- `UseLatestRestorableTime`\n\nConstraints:\n\n- Must match the identifier of an existing Snapshot.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "SnapshotIdentifier", + "type": "string" + }, + "SourceDBClusterIdentifier": { + "markdownDescription": "When restoring a DB cluster to a point in time, the identifier of the source DB cluster from which to restore.\n\nConstraints:\n\n- Must match the identifier of an existing DBCluster.\n- Cannot be specified if `SourceDbClusterResourceId` is specified. You must specify either `SourceDBClusterIdentifier` or `SourceDbClusterResourceId` , but not both.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "SourceDBClusterIdentifier", + "type": "string" + }, + "SourceRegion": { + "markdownDescription": "The AWS Region which contains the source DB cluster when replicating a DB cluster. For example, `us-east-1` .\n\nValid for: Aurora DB clusters only", + "title": "SourceRegion", + "type": "string" + }, + "StorageEncrypted": { + "markdownDescription": "Indicates whether the DB cluster is encrypted.\n\nIf you specify the `KmsKeyId` property, then you must enable encryption.\n\nIf you specify the `SourceDBClusterIdentifier` property, don't specify this property. The value is inherited from the source DB cluster, and if the DB cluster is encrypted, the specified `KmsKeyId` property is used.\n\nIf you specify the `SnapshotIdentifier` and the specified snapshot is encrypted, don't specify this property. The value is inherited from the snapshot, and the specified `KmsKeyId` property is used.\n\nIf you specify the `SnapshotIdentifier` and the specified snapshot isn't encrypted, you can use this property to specify that the restored DB cluster is encrypted. Specify the `KmsKeyId` property for the KMS key to use for encryption. If you don't want the restored DB cluster to be encrypted, then don't set this property or set it to `false` .\n\n> If you specify both the `StorageEncrypted` and `SnapshotIdentifier` properties without specifying the `KmsKeyId` property, then the restored DB cluster inherits the encryption settings from the DB snapshot that provide. \n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "StorageEncrypted", + "type": "boolean" + }, + "StorageType": { + "markdownDescription": "The storage type to associate with the DB cluster.\n\nFor information on storage types for Aurora DB clusters, see [Storage configurations for Amazon Aurora DB clusters](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Overview.StorageReliability.html#aurora-storage-type) . For information on storage types for Multi-AZ DB clusters, see [Settings for creating Multi-AZ DB clusters](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/create-multi-az-db-cluster.html#create-multi-az-db-cluster-settings) .\n\nThis setting is required to create a Multi-AZ DB cluster.\n\nWhen specified for a Multi-AZ DB cluster, a value for the `Iops` parameter is required.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n\nValid Values:\n\n- Aurora DB clusters - `aurora | aurora-iopt1`\n- Multi-AZ DB clusters - `io1 | io2 | gp3`\n\nDefault:\n\n- Aurora DB clusters - `aurora`\n- Multi-AZ DB clusters - `io1`\n\n> When you create an Aurora DB cluster with the storage type set to `aurora-iopt1` , the storage type is returned in the response. The storage type isn't returned when you set it to `aurora` .", + "title": "StorageType", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags to assign to the DB cluster.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters", + "title": "Tags", + "type": "array" + }, + "UseLatestRestorableTime": { + "markdownDescription": "A value that indicates whether to restore the DB cluster to the latest restorable backup time. By default, the DB cluster is not restored to the latest restorable backup time.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "UseLatestRestorableTime", + "type": "boolean" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of EC2 VPC security groups to associate with this DB cluster.\n\nIf you plan to update the resource, don't specify VPC security groups in a shared VPC.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "VpcSecurityGroupIds", + "type": "array" + } + }, + "type": "object" }, - "Status": { - "markdownDescription": "The status that is associated with the template.\n\n- `CREATION_IN_PROGRESS`\n- `CREATION_SUCCESSFUL`\n- `CREATION_FAILED`\n- `UPDATE_IN_PROGRESS`\n- `UPDATE_SUCCESSFUL`\n- `UPDATE_FAILED`\n- `DELETED`", - "title": "Status", + "Type": { + "enum": [ + "AWS::RDS::DBCluster" + ], "type": "string" }, - "ThemeArn": { - "markdownDescription": "The ARN of the theme associated with this version of the template.", - "title": "ThemeArn", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "VersionNumber": { - "markdownDescription": "The version number of the template version.", - "title": "VersionNumber", - "type": "number" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.TemplateVersionDefinition": { - "additionalProperties": false, - "properties": { - "AnalysisDefaults": { - "$ref": "#/definitions/AWS::QuickSight::Template.AnalysisDefaults", - "markdownDescription": "", - "title": "AnalysisDefaults" - }, - "CalculatedFields": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.CalculatedField" - }, - "markdownDescription": "An array of calculated field definitions for the template.", - "title": "CalculatedFields", - "type": "array" - }, - "ColumnConfigurations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnConfiguration" - }, - "markdownDescription": "An array of template-level column configurations. Column configurations are used to set default formatting for a column that's used throughout a template.", - "title": "ColumnConfigurations", - "type": "array" - }, - "DataSetConfigurations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataSetConfiguration" - }, - "markdownDescription": "An array of dataset configurations. These configurations define the required columns for each dataset used within a template.", - "title": "DataSetConfigurations", - "type": "array" - }, - "FilterGroups": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterGroup" - }, - "markdownDescription": "Filter definitions for a template.\n\nFor more information, see [Filtering Data](https://docs.aws.amazon.com/quicksight/latest/user/filtering-visual-data.html) in the *Amazon QuickSight User Guide* .", - "title": "FilterGroups", - "type": "array" - }, - "Options": { - "$ref": "#/definitions/AWS::QuickSight::Template.AssetOptions", - "markdownDescription": "An array of option definitions for a template.", - "title": "Options" - }, - "ParameterDeclarations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ParameterDeclaration" - }, - "markdownDescription": "An array of parameter declarations for a template.\n\n*Parameters* are named variables that can transfer a value for use by an action or an object.\n\nFor more information, see [Parameters in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-in-quicksight.html) in the *Amazon QuickSight User Guide* .", - "title": "ParameterDeclarations", - "type": "array" - }, - "Sheets": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetDefinition" - }, - "markdownDescription": "An array of sheet definitions for a template.", - "title": "Sheets", - "type": "array" } }, "required": [ - "DataSetConfigurations" + "Type" ], "type": "object" }, - "AWS::QuickSight::Template.TextAreaControlDisplayOptions": { + "AWS::RDS::DBCluster.DBClusterRole": { "additionalProperties": false, "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" - }, - "PlaceholderOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TextControlPlaceholderOptions", - "markdownDescription": "The configuration of the placeholder options in a text area control.", - "title": "PlaceholderOptions" + "FeatureName": { + "markdownDescription": "The name of the feature associated with the AWS Identity and Access Management (IAM) role. IAM roles that are associated with a DB cluster grant permission for the DB cluster to access other AWS services on your behalf. For the list of supported feature names, see the `SupportedFeatureNames` description in [DBEngineVersion](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DBEngineVersion.html) in the *Amazon RDS API Reference* .", + "title": "FeatureName", + "type": "string" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that is associated with the DB cluster.", + "title": "RoleArn", + "type": "string" } }, + "required": [ + "RoleArn" + ], "type": "object" }, - "AWS::QuickSight::Template.TextConditionalFormat": { + "AWS::RDS::DBCluster.Endpoint": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting for the text background color.", - "title": "BackgroundColor" - }, - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting for the icon.", - "title": "Icon" + "Address": { + "markdownDescription": "Specifies the connection endpoint for the primary instance of the DB cluster.", + "title": "Address", + "type": "string" }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting for the text color.", - "title": "TextColor" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.TextControlPlaceholderOptions": { - "additionalProperties": false, - "properties": { - "Visibility": { - "markdownDescription": "The visibility configuration of the placeholder options in a text control.", - "title": "Visibility", + "Port": { + "markdownDescription": "Specifies the port that the database engine is listening on.", + "title": "Port", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.TextFieldControlDisplayOptions": { + "AWS::RDS::DBCluster.MasterUserSecret": { "additionalProperties": false, "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" - }, - "PlaceholderOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TextControlPlaceholderOptions", - "markdownDescription": "The configuration of the placeholder options in a text field control.", - "title": "PlaceholderOptions" + "KmsKeyId": { + "markdownDescription": "The AWS KMS key identifier that is used to encrypt the secret.", + "title": "KmsKeyId", + "type": "string" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the secret. This parameter is a return value that you can retrieve using the `Fn::GetAtt` intrinsic function. For more information, see [Return values](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#aws-resource-rds-dbcluster-return-values) .", + "title": "SecretArn", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.ThousandSeparatorOptions": { + "AWS::RDS::DBCluster.ReadEndpoint": { "additionalProperties": false, "properties": { - "Symbol": { - "markdownDescription": "Determines the thousands separator symbol.", - "title": "Symbol", - "type": "string" - }, - "Visibility": { - "markdownDescription": "Determines the visibility of the thousands separator.", - "title": "Visibility", + "Address": { + "markdownDescription": "The host address of the reader endpoint.", + "title": "Address", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.TimeBasedForecastProperties": { + "AWS::RDS::DBCluster.ScalingConfiguration": { "additionalProperties": false, "properties": { - "LowerBoundary": { - "markdownDescription": "The lower boundary setup of a forecast computation.", - "title": "LowerBoundary", - "type": "number" + "AutoPause": { + "markdownDescription": "Indicates whether to allow or disallow automatic pause for an Aurora DB cluster in `serverless` DB engine mode. A DB cluster can be paused only when it's idle (it has no connections).\n\n> If a DB cluster is paused for more than seven days, the DB cluster might be backed up with a snapshot. In this case, the DB cluster is restored when there is a request to connect to it.", + "title": "AutoPause", + "type": "boolean" }, - "PeriodsBackward": { - "markdownDescription": "The periods backward setup of a forecast computation.", - "title": "PeriodsBackward", + "MaxCapacity": { + "markdownDescription": "The maximum capacity for an Aurora DB cluster in `serverless` DB engine mode.\n\nFor Aurora MySQL, valid capacity values are `1` , `2` , `4` , `8` , `16` , `32` , `64` , `128` , and `256` .\n\nFor Aurora PostgreSQL, valid capacity values are `2` , `4` , `8` , `16` , `32` , `64` , `192` , and `384` .\n\nThe maximum capacity must be greater than or equal to the minimum capacity.", + "title": "MaxCapacity", "type": "number" }, - "PeriodsForward": { - "markdownDescription": "The periods forward setup of a forecast computation.", - "title": "PeriodsForward", + "MinCapacity": { + "markdownDescription": "The minimum capacity for an Aurora DB cluster in `serverless` DB engine mode.\n\nFor Aurora MySQL, valid capacity values are `1` , `2` , `4` , `8` , `16` , `32` , `64` , `128` , and `256` .\n\nFor Aurora PostgreSQL, valid capacity values are `2` , `4` , `8` , `16` , `32` , `64` , `192` , and `384` .\n\nThe minimum capacity must be less than or equal to the maximum capacity.", + "title": "MinCapacity", "type": "number" }, - "PredictionInterval": { - "markdownDescription": "The prediction interval setup of a forecast computation.", - "title": "PredictionInterval", + "SecondsBeforeTimeout": { + "markdownDescription": "The amount of time, in seconds, that Aurora Serverless v1 tries to find a scaling point to perform seamless scaling before enforcing the timeout action. The default is 300.\n\nSpecify a value between 60 and 600 seconds.", + "title": "SecondsBeforeTimeout", "type": "number" }, - "Seasonality": { - "markdownDescription": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `NULL` : The input is set to `NULL` .\n- `NON_NULL` : The input is set to a custom value.", - "title": "Seasonality", + "SecondsUntilAutoPause": { + "markdownDescription": "The time, in seconds, before an Aurora DB cluster in `serverless` mode is paused.\n\nSpecify a value between 300 and 86,400 seconds.", + "title": "SecondsUntilAutoPause", "type": "number" }, - "UpperBoundary": { - "markdownDescription": "The upper boundary setup of a forecast computation.", - "title": "UpperBoundary", - "type": "number" + "TimeoutAction": { + "markdownDescription": "The action to take when the timeout is reached, either `ForceApplyCapacityChange` or `RollbackCapacityChange` .\n\n`ForceApplyCapacityChange` sets the capacity to the specified value as soon as possible.\n\n`RollbackCapacityChange` , the default, ignores the capacity change if a scaling point isn't found in the timeout period.\n\n> If you specify `ForceApplyCapacityChange` , connections that prevent Aurora Serverless v1 from finding a scaling point might be dropped. \n\nFor more information, see [Autoscaling for Aurora Serverless v1](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.how-it-works.html#aurora-serverless.how-it-works.auto-scaling) in the *Amazon Aurora User Guide* .", + "title": "TimeoutAction", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.TimeEqualityFilter": { + "AWS::RDS::DBCluster.ServerlessV2ScalingConfiguration": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" - }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", - "type": "string" - }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `Value` and `RollingDate` .", - "title": "ParameterName", - "type": "string" - }, - "RollingDate": { - "$ref": "#/definitions/AWS::QuickSight::Template.RollingDateConfiguration", - "markdownDescription": "The rolling date input for the `TimeEquality` filter.\n\nThis field is mutually exclusive to `Value` and `ParameterName` .", - "title": "RollingDate" + "MaxCapacity": { + "markdownDescription": "The maximum number of Aurora capacity units (ACUs) for a DB instance in an Aurora Serverless v2 cluster. You can specify ACU values in half-step increments, such as 40, 40.5, 41, and so on. The largest value that you can use is 128.\n\nThe maximum capacity must be higher than 0.5 ACUs. For more information, see [Choosing the maximum Aurora Serverless v2 capacity setting for a cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless-v2.setting-capacity.html#aurora-serverless-v2.max_capacity_considerations) in the *Amazon Aurora User Guide* .\n\nAurora automatically sets certain parameters for Aurora Serverless V2 DB instances to values that depend on the maximum ACU value in the capacity range. When you update the maximum capacity value, the `ParameterApplyStatus` value for the DB instance changes to `pending-reboot` . You can update the parameter values by rebooting the DB instance after changing the capacity range.", + "title": "MaxCapacity", + "type": "number" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", - "type": "string" + "MinCapacity": { + "markdownDescription": "The minimum number of Aurora capacity units (ACUs) for a DB instance in an Aurora Serverless v2 cluster. You can specify ACU values in half-step increments, such as 8, 8.5, 9, and so on. For Aurora versions that support the Aurora Serverless v2 auto-pause feature, the smallest value that you can use is 0. For versions that don't support Aurora Serverless v2 auto-pause, the smallest value that you can use is 0.5.", + "title": "MinCapacity", + "type": "number" }, - "Value": { - "markdownDescription": "The value of a `TimeEquality` filter.\n\nThis field is mutually exclusive to `RollingDate` and `ParameterName` .", - "title": "Value", - "type": "string" + "SecondsUntilAutoPause": { + "markdownDescription": "Specifies the number of seconds an Aurora Serverless v2 DB instance must be idle before Aurora attempts to automatically pause it.\n\nSpecify a value between 300 seconds (five minutes) and 86,400 seconds (one day). The default is 300 seconds.", + "title": "SecondsUntilAutoPause", + "type": "number" } }, - "required": [ - "Column", - "FilterId" - ], "type": "object" }, - "AWS::QuickSight::Template.TimeRangeDrillDownFilter": { + "AWS::RDS::DBClusterParameterGroup": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "RangeMaximum": { - "markdownDescription": "The maximum value for the filter value range.", - "title": "RangeMaximum", - "type": "string" - }, - "RangeMinimum": { - "markdownDescription": "The minimum value for the filter value range.", - "title": "RangeMinimum", + "Condition": { "type": "string" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "required": [ - "Column", - "RangeMaximum", - "RangeMinimum", - "TimeGranularity" - ], - "type": "object" - }, - "AWS::QuickSight::Template.TimeRangeFilter": { - "additionalProperties": false, - "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" - }, - "ExcludePeriodConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ExcludePeriodConfiguration", - "markdownDescription": "The exclude period of the time range filter.", - "title": "ExcludePeriodConfiguration" }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "IncludeMaximum": { - "markdownDescription": "Determines whether the maximum value in the filter value range should be included in the filtered results.", - "title": "IncludeMaximum", - "type": "boolean" + "Metadata": { + "type": "object" }, - "IncludeMinimum": { - "markdownDescription": "Determines whether the minimum value in the filter value range should be included in the filtered results.", - "title": "IncludeMinimum", - "type": "boolean" + "Properties": { + "additionalProperties": false, + "properties": { + "DBClusterParameterGroupName": { + "markdownDescription": "The name of the DB cluster parameter group.\n\nConstraints:\n\n- Must not match the name of an existing DB cluster parameter group.\n\n> This value is stored as a lowercase string.", + "title": "DBClusterParameterGroupName", + "type": "string" + }, + "Description": { + "markdownDescription": "The description for the DB cluster parameter group.", + "title": "Description", + "type": "string" + }, + "Family": { + "markdownDescription": "The DB cluster parameter group family name. A DB cluster parameter group can be associated with one and only one DB cluster parameter group family, and can be applied only to a DB cluster running a database engine and engine version compatible with that DB cluster parameter group family.\n\n*Aurora MySQL*\n\nExample: `aurora-mysql5.7` , `aurora-mysql8.0`\n\n*Aurora PostgreSQL*\n\nExample: `aurora-postgresql14`\n\n*RDS for MySQL*\n\nExample: `mysql8.0`\n\n*RDS for PostgreSQL*\n\nExample: `postgres13`\n\nTo list all of the available parameter group families for a DB engine, use the following command:\n\n`aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine `\n\nFor example, to list all of the available parameter group families for the Aurora PostgreSQL DB engine, use the following command:\n\n`aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine aurora-postgresql`\n\n> The output contains duplicates. \n\nThe following are the valid DB engine values:\n\n- `aurora-mysql`\n- `aurora-postgresql`\n- `mysql`\n- `postgres`", + "title": "Family", + "type": "string" + }, + "Parameters": { + "markdownDescription": "Provides a list of parameters for the DB cluster parameter group.", + "title": "Parameters", + "type": "object" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags to assign to the DB cluster parameter group.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Description", + "Family", + "Parameters" + ], + "type": "object" }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", + "Type": { + "enum": [ + "AWS::RDS::DBClusterParameterGroup" + ], "type": "string" }, - "RangeMaximumValue": { - "$ref": "#/definitions/AWS::QuickSight::Template.TimeRangeFilterValue", - "markdownDescription": "The maximum value for the filter value range.", - "title": "RangeMaximumValue" - }, - "RangeMinimumValue": { - "$ref": "#/definitions/AWS::QuickSight::Template.TimeRangeFilterValue", - "markdownDescription": "The minimum value for the filter value range.", - "title": "RangeMinimumValue" - }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Column", - "FilterId", - "NullOption" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Template.TimeRangeFilterValue": { + "AWS::RDS::DBInstance": { "additionalProperties": false, "properties": { - "Parameter": { - "markdownDescription": "The parameter type input value.", - "title": "Parameter", + "Condition": { "type": "string" }, - "RollingDate": { - "$ref": "#/definitions/AWS::QuickSight::Template.RollingDateConfiguration", - "markdownDescription": "The rolling date input value.", - "title": "RollingDate" - }, - "StaticValue": { - "markdownDescription": "The static input value.", - "title": "StaticValue", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.TooltipItem": { - "additionalProperties": false, - "properties": { - "ColumnTooltipItem": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnTooltipItem", - "markdownDescription": "The tooltip item for the columns that are not part of a field well.", - "title": "ColumnTooltipItem" }, - "FieldTooltipItem": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldTooltipItem", - "markdownDescription": "The tooltip item for the fields.", - "title": "FieldTooltipItem" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.TooltipOptions": { - "additionalProperties": false, - "properties": { - "FieldBasedTooltip": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldBasedTooltip", - "markdownDescription": "The setup for the detailed tooltip. The tooltip setup is always saved. The display type is decided based on the tooltip type.", - "title": "FieldBasedTooltip" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SelectedTooltipType": { - "markdownDescription": "The selected type for the tooltip. Choose one of the following options:\n\n- `BASIC` : A basic tooltip.\n- `DETAILED` : A detailed tooltip.", - "title": "SelectedTooltipType", - "type": "string" + "Metadata": { + "type": "object" }, - "TooltipVisibility": { - "markdownDescription": "Determines whether or not the tooltip is visible.", - "title": "TooltipVisibility", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.TopBottomFilter": { - "additionalProperties": false, - "properties": { - "AggregationSortConfigurations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.AggregationSortConfiguration" + "Properties": { + "additionalProperties": false, + "properties": { + "AllocatedStorage": { + "markdownDescription": "The amount of storage in gibibytes (GiB) to be initially allocated for the database instance.\n\n> If any value is set in the `Iops` parameter, `AllocatedStorage` must be at least 100 GiB, which corresponds to the minimum Iops value of 1,000. If you increase the `Iops` value (in 1,000 IOPS increments), then you must also increase the `AllocatedStorage` value (in 100-GiB increments). \n\n*Amazon Aurora*\n\nNot applicable. Aurora cluster volumes automatically grow as the amount of data in your database increases, though you are only charged for the space that you use in an Aurora cluster volume.\n\n*Db2*\n\nConstraints to the amount of storage for each storage type are the following:\n\n- General Purpose (SSD) storage (gp3): Must be an integer from 20 to 64000.\n- Provisioned IOPS storage (io1): Must be an integer from 100 to 64000.\n\n*MySQL*\n\nConstraints to the amount of storage for each storage type are the following:\n\n- General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.\n- Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.\n- Magnetic storage (standard): Must be an integer from 5 to 3072.\n\n*MariaDB*\n\nConstraints to the amount of storage for each storage type are the following:\n\n- General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.\n- Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.\n- Magnetic storage (standard): Must be an integer from 5 to 3072.\n\n*PostgreSQL*\n\nConstraints to the amount of storage for each storage type are the following:\n\n- General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.\n- Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.\n- Magnetic storage (standard): Must be an integer from 5 to 3072.\n\n*Oracle*\n\nConstraints to the amount of storage for each storage type are the following:\n\n- General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.\n- Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.\n- Magnetic storage (standard): Must be an integer from 10 to 3072.\n\n*SQL Server*\n\nConstraints to the amount of storage for each storage type are the following:\n\n- General Purpose (SSD) storage (gp2):\n\n- Enterprise and Standard editions: Must be an integer from 20 to 16384.\n- Web and Express editions: Must be an integer from 20 to 16384.\n- Provisioned IOPS storage (io1):\n\n- Enterprise and Standard editions: Must be an integer from 20 to 16384.\n- Web and Express editions: Must be an integer from 20 to 16384.\n- Magnetic storage (standard):\n\n- Enterprise and Standard editions: Must be an integer from 20 to 1024.\n- Web and Express editions: Must be an integer from 20 to 1024.", + "title": "AllocatedStorage", + "type": "string" + }, + "AllowMajorVersionUpgrade": { + "markdownDescription": "A value that indicates whether major version upgrades are allowed. Changing this parameter doesn't result in an outage and the change is asynchronously applied as soon as possible.\n\nConstraints: Major version upgrades must be allowed when specifying a value for the `EngineVersion` parameter that is a different major version than the DB instance's current version.", + "title": "AllowMajorVersionUpgrade", + "type": "boolean" + }, + "ApplyImmediately": { + "markdownDescription": "Specifies whether changes to the DB instance and any pending modifications are applied immediately, regardless of the `PreferredMaintenanceWindow` setting. If set to `false` , changes are applied during the next maintenance window. Until RDS applies the changes, the DB instance remains in a drift state. As a result, the configuration doesn't fully reflect the requested modifications and temporarily diverges from the intended state.\n\nIn addition to the settings described in [Modifying a DB instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.DBInstance.Modifying.html) , this property also determines whether the DB instance reboots when a static parameter is modified in the associated DB parameter group.\n\nDefault: `true`", + "title": "ApplyImmediately", + "type": "boolean" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/AWS::RDS::DBInstance.DBInstanceRole" + }, + "markdownDescription": "The AWS Identity and Access Management (IAM) roles associated with the DB instance.\n\n*Amazon Aurora*\n\nNot applicable. The associated roles are managed by the DB cluster.", + "title": "AssociatedRoles", + "type": "array" + }, + "AutoMinorVersionUpgrade": { + "markdownDescription": "A value that indicates whether minor engine upgrades are applied automatically to the DB instance during the maintenance window. By default, minor engine upgrades are applied automatically.", + "title": "AutoMinorVersionUpgrade", + "type": "boolean" + }, + "AutomaticBackupReplicationKmsKeyId": { + "markdownDescription": "The AWS KMS key identifier for encryption of the replicated automated backups. The KMS key ID is the Amazon Resource Name (ARN) for the KMS encryption key in the destination AWS Region , for example, `arn:aws:kms:us-east-1:123456789012:key/AKIAIOSFODNN7EXAMPLE` .", + "title": "AutomaticBackupReplicationKmsKeyId", + "type": "string" + }, + "AutomaticBackupReplicationRegion": { + "markdownDescription": "The AWS Region associated with the automated backup.", + "title": "AutomaticBackupReplicationRegion", + "type": "string" + }, + "AutomaticBackupReplicationRetentionPeriod": { + "markdownDescription": "The retention period for automated backups in a different AWS Region. Use this parameter to set a unique retention period that only applies to cross-Region automated backups. To enable automated backups in a different Region, specify a positive value for the `AutomaticBackupReplicationRegion` parameter.\n\nIf not specified, this parameter defaults to the value of the `BackupRetentionPeriod` parameter. The maximum allowed value is 35.", + "title": "AutomaticBackupReplicationRetentionPeriod", + "type": "number" + }, + "AvailabilityZone": { + "markdownDescription": "The Availability Zone (AZ) where the database will be created. For information on AWS Regions and Availability Zones, see [Regions and Availability Zones](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html) .\n\nFor Amazon Aurora, each Aurora DB cluster hosts copies of its storage in three separate Availability Zones. Specify one of these Availability Zones. Aurora automatically chooses an appropriate Availability Zone if you don't specify one.\n\nDefault: A random, system-chosen Availability Zone in the endpoint's AWS Region .\n\nConstraints:\n\n- The `AvailabilityZone` parameter can't be specified if the DB instance is a Multi-AZ deployment.\n- The specified Availability Zone must be in the same AWS Region as the current endpoint.\n\nExample: `us-east-1d`", + "title": "AvailabilityZone", + "type": "string" + }, + "BackupRetentionPeriod": { + "markdownDescription": "The number of days for which automated backups are retained. Setting this parameter to a positive number enables backups. Setting this parameter to 0 disables automated backups.\n\n*Amazon Aurora*\n\nNot applicable. The retention period for automated backups is managed by the DB cluster.\n\nDefault: 1\n\nConstraints:\n\n- Must be a value from 0 to 35\n- Can't be set to 0 if the DB instance is a source to read replicas", + "title": "BackupRetentionPeriod", + "type": "number" + }, + "BackupTarget": { + "markdownDescription": "The location for storing automated backups and manual snapshots.\n\nValid Values:\n\n- `local` (Dedicated Local Zone)\n- `outposts` ( AWS Outposts)\n- `region` ( AWS Region )\n\nDefault: `region`\n\nFor more information, see [Working with Amazon RDS on AWS Outposts](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-on-outposts.html) in the *Amazon RDS User Guide* .", + "title": "BackupTarget", + "type": "string" + }, + "CACertificateIdentifier": { + "markdownDescription": "The identifier of the CA certificate for this DB instance.\n\nFor more information, see [Using SSL/TLS to encrypt a connection to a DB instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html) in the *Amazon RDS User Guide* and [Using SSL/TLS to encrypt a connection to a DB cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL.html) in the *Amazon Aurora User Guide* .", + "title": "CACertificateIdentifier", + "type": "string" + }, + "CertificateRotationRestart": { + "markdownDescription": "Specifies whether the DB instance is restarted when you rotate your SSL/TLS certificate.\n\nBy default, the DB instance is restarted when you rotate your SSL/TLS certificate. The certificate is not updated until the DB instance is restarted.\n\n> Set this parameter only if you are *not* using SSL/TLS to connect to the DB instance. \n\nIf you are using SSL/TLS to connect to the DB instance, follow the appropriate instructions for your DB engine to rotate your SSL/TLS certificate:\n\n- For more information about rotating your SSL/TLS certificate for RDS DB engines, see [Rotating Your SSL/TLS Certificate.](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL-certificate-rotation.html) in the *Amazon RDS User Guide.*\n- For more information about rotating your SSL/TLS certificate for Aurora DB engines, see [Rotating Your SSL/TLS Certificate](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL-certificate-rotation.html) in the *Amazon Aurora User Guide* .\n\nThis setting doesn't apply to RDS Custom DB instances.", + "title": "CertificateRotationRestart", + "type": "boolean" + }, + "CharacterSetName": { + "markdownDescription": "For supported engines, indicates that the DB instance should be associated with the specified character set.\n\n*Amazon Aurora*\n\nNot applicable. The character set is managed by the DB cluster. For more information, see [AWS::RDS::DBCluster](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html) .", + "title": "CharacterSetName", + "type": "string" + }, + "CopyTagsToSnapshot": { + "markdownDescription": "Specifies whether to copy tags from the DB instance to snapshots of the DB instance. By default, tags are not copied.\n\nThis setting doesn't apply to Amazon Aurora DB instances. Copying tags to snapshots is managed by the DB cluster. Setting this value for an Aurora DB instance has no effect on the DB cluster setting.", + "title": "CopyTagsToSnapshot", + "type": "boolean" + }, + "CustomIAMInstanceProfile": { + "markdownDescription": "The instance profile associated with the underlying Amazon EC2 instance of an RDS Custom DB instance.\n\nThis setting is required for RDS Custom.\n\nConstraints:\n\n- The profile must exist in your account.\n- The profile must have an IAM role that Amazon EC2 has permissions to assume.\n- The instance profile name and the associated IAM role name must start with the prefix `AWSRDSCustom` .\n\nFor the list of permissions required for the IAM role, see [Configure IAM and your VPC](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-setup-orcl.html#custom-setup-orcl.iam-vpc) in the *Amazon RDS User Guide* .", + "title": "CustomIAMInstanceProfile", + "type": "string" + }, + "DBClusterIdentifier": { + "markdownDescription": "The identifier of the DB cluster that this DB instance will belong to.\n\nThis setting doesn't apply to RDS Custom DB instances.", + "title": "DBClusterIdentifier", + "type": "string" + }, + "DBClusterSnapshotIdentifier": { + "markdownDescription": "The identifier for the Multi-AZ DB cluster snapshot to restore from.\n\nFor more information on Multi-AZ DB clusters, see [Multi-AZ DB cluster deployments](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) in the *Amazon RDS User Guide* .\n\nConstraints:\n\n- Must match the identifier of an existing Multi-AZ DB cluster snapshot.\n- Can't be specified when `DBSnapshotIdentifier` is specified.\n- Must be specified when `DBSnapshotIdentifier` isn't specified.\n- If you are restoring from a shared manual Multi-AZ DB cluster snapshot, the `DBClusterSnapshotIdentifier` must be the ARN of the shared snapshot.\n- Can't be the identifier of an Aurora DB cluster snapshot.", + "title": "DBClusterSnapshotIdentifier", + "type": "string" + }, + "DBInstanceClass": { + "markdownDescription": "The compute and memory capacity of the DB instance, for example `db.m5.large` . Not all DB instance classes are available in all AWS Regions , or for all database engines. For the full list of DB instance classes, and availability for your engine, see [DB instance classes](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html) in the *Amazon RDS User Guide* or [Aurora DB instance classes](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.DBInstanceClass.html) in the *Amazon Aurora User Guide* .", + "title": "DBInstanceClass", + "type": "string" + }, + "DBInstanceIdentifier": { + "markdownDescription": "A name for the DB instance. If you specify a name, AWS CloudFormation converts it to lowercase. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the DB instance. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nFor information about constraints that apply to DB instance identifiers, see [Naming constraints in Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints) in the *Amazon RDS User Guide* .\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "DBInstanceIdentifier", + "type": "string" + }, + "DBName": { + "markdownDescription": "The meaning of this parameter differs according to the database engine you use.\n\n> If you specify the `[DBSnapshotIdentifier](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-dbsnapshotidentifier)` property, this property only applies to RDS for Oracle. \n\n*Amazon Aurora*\n\nNot applicable. The database name is managed by the DB cluster.\n\n*Db2*\n\nThe name of the database to create when the DB instance is created. If this parameter isn't specified, no database is created in the DB instance.\n\nConstraints:\n\n- Must contain 1 to 64 letters or numbers.\n- Must begin with a letter. Subsequent characters can be letters, underscores, or digits (0-9).\n- Can't be a word reserved by the specified database engine.\n\n*MySQL*\n\nThe name of the database to create when the DB instance is created. If this parameter is not specified, no database is created in the DB instance.\n\nConstraints:\n\n- Must contain 1 to 64 letters or numbers.\n- Can't be a word reserved by the specified database engine\n\n*MariaDB*\n\nThe name of the database to create when the DB instance is created. If this parameter is not specified, no database is created in the DB instance.\n\nConstraints:\n\n- Must contain 1 to 64 letters or numbers.\n- Can't be a word reserved by the specified database engine\n\n*PostgreSQL*\n\nThe name of the database to create when the DB instance is created. If this parameter is not specified, the default `postgres` database is created in the DB instance.\n\nConstraints:\n\n- Must begin with a letter. Subsequent characters can be letters, underscores, or digits (0-9).\n- Must contain 1 to 63 characters.\n- Can't be a word reserved by the specified database engine\n\n*Oracle*\n\nThe Oracle System ID (SID) of the created DB instance. If you specify `null` , the default value `ORCL` is used. You can't specify the string NULL, or any other reserved word, for `DBName` .\n\nDefault: `ORCL`\n\nConstraints:\n\n- Can't be longer than 8 characters\n\n*SQL Server*\n\nNot applicable. Must be null.", + "title": "DBName", + "type": "string" + }, + "DBParameterGroupName": { + "markdownDescription": "The name of an existing DB parameter group or a reference to an [AWS::RDS::DBParameterGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-dbparametergroup.html) resource created in the template.\n\nTo list all of the available DB parameter group names, use the following command:\n\n`aws rds describe-db-parameter-groups --query \"DBParameterGroups[].DBParameterGroupName\" --output text`\n\n> If any of the data members of the referenced parameter group are changed during an update, the DB instance might need to be restarted, which causes some interruption. If the parameter group contains static parameters, whether they were changed or not, an update triggers a reboot. \n\nIf you don't specify a value for `DBParameterGroupName` property, the default DB parameter group for the specified engine and engine version is used.", + "title": "DBParameterGroupName", + "type": "string" + }, + "DBSecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the DB security groups to assign to the DB instance. The list can include both the name of existing DB security groups or references to AWS::RDS::DBSecurityGroup resources created in the template.\n\nIf you set DBSecurityGroups, you must not set VPCSecurityGroups, and vice versa. Also, note that the DBSecurityGroups property exists only for backwards compatibility with older regions and is no longer recommended for providing security information to an RDS DB instance. Instead, use VPCSecurityGroups.\n\n> If you specify this property, AWS CloudFormation sends only the following properties (if specified) to Amazon RDS during create operations:\n> \n> - `AllocatedStorage`\n> - `AutoMinorVersionUpgrade`\n> - `AvailabilityZone`\n> - `BackupRetentionPeriod`\n> - `CharacterSetName`\n> - `DBInstanceClass`\n> - `DBName`\n> - `DBParameterGroupName`\n> - `DBSecurityGroups`\n> - `DBSubnetGroupName`\n> - `Engine`\n> - `EngineVersion`\n> - `Iops`\n> - `LicenseModel`\n> - `MasterUsername`\n> - `MasterUserPassword`\n> - `MultiAZ`\n> - `OptionGroupName`\n> - `PreferredBackupWindow`\n> - `PreferredMaintenanceWindow`\n> \n> All other properties are ignored. Specify a virtual private cloud (VPC) security group if you want to submit other properties, such as `StorageType` , `StorageEncrypted` , or `KmsKeyId` . If you're already using the `DBSecurityGroups` property, you can't use these other properties by updating your DB instance to use a VPC security group. You must recreate the DB instance.", + "title": "DBSecurityGroups", + "type": "array" + }, + "DBSnapshotIdentifier": { + "markdownDescription": "The name or Amazon Resource Name (ARN) of the DB snapshot that's used to restore the DB instance. If you're restoring from a shared manual DB snapshot, you must specify the ARN of the snapshot.\n\nBy specifying this property, you can create a DB instance from the specified DB snapshot. If the `DBSnapshotIdentifier` property is an empty string or the `AWS::RDS::DBInstance` declaration has no `DBSnapshotIdentifier` property, AWS CloudFormation creates a new database. If the property contains a value (other than an empty string), AWS CloudFormation creates a database from the specified snapshot. If a snapshot with the specified name doesn't exist, AWS CloudFormation can't create the database and it rolls back the stack.\n\nSome DB instance properties aren't valid when you restore from a snapshot, such as the `MasterUsername` and `MasterUserPassword` properties, and the point-in-time recovery properties `RestoreTime` and `UseLatestRestorableTime` . For information about the properties that you can specify, see the [`RestoreDBInstanceFromDBSnapshot`](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_RestoreDBInstanceFromDBSnapshot.html) action in the *Amazon RDS API Reference* .\n\nAfter you restore a DB instance with a `DBSnapshotIdentifier` property, you must specify the same `DBSnapshotIdentifier` property for any future updates to the DB instance. When you specify this property for an update, the DB instance is not restored from the DB snapshot again, and the data in the database is not changed. However, if you don't specify the `DBSnapshotIdentifier` property, an empty DB instance is created, and the original DB instance is deleted. If you specify a property that is different from the previous snapshot restore property, a new DB instance is restored from the specified `DBSnapshotIdentifier` property, and the original DB instance is deleted.\n\nIf you specify the `DBSnapshotIdentifier` property to restore a DB instance (as opposed to specifying it for DB instance updates), then don't specify the following properties:\n\n- `CharacterSetName`\n- `DBClusterIdentifier`\n- `DBName`\n- `KmsKeyId`\n- `MasterUsername`\n- `MasterUserPassword`\n- `PromotionTier`\n- `SourceDBInstanceIdentifier`\n- `SourceRegion`\n- `StorageEncrypted` (for an unencrypted snapshot)\n- `Timezone`\n\n*Amazon Aurora*\n\nNot applicable. Snapshot restore is managed by the DB cluster.", + "title": "DBSnapshotIdentifier", + "type": "string" + }, + "DBSubnetGroupName": { + "markdownDescription": "A DB subnet group to associate with the DB instance. If you update this value, the new subnet group must be a subnet group in a new VPC.\n\nIf you don't specify a DB subnet group, RDS uses the default DB subnet group if one exists. If a default DB subnet group does not exist, and you don't specify a `DBSubnetGroupName` , the DB instance fails to launch.\n\nFor more information about using Amazon RDS in a VPC, see [Amazon VPC and Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.html) in the *Amazon RDS User Guide* .\n\nThis setting doesn't apply to Amazon Aurora DB instances. The DB subnet group is managed by the DB cluster. If specified, the setting must match the DB cluster setting.", + "title": "DBSubnetGroupName", + "type": "string" + }, + "DBSystemId": { + "markdownDescription": "The Oracle system identifier (SID), which is the name of the Oracle database instance that manages your database files. In this context, the term \"Oracle database instance\" refers exclusively to the system global area (SGA) and Oracle background processes. If you don't specify a SID, the value defaults to `RDSCDB` . The Oracle SID is also the name of your CDB.", + "title": "DBSystemId", + "type": "string" + }, + "DatabaseInsightsMode": { + "markdownDescription": "The mode of Database Insights to enable for the DB instance.\n\n> Aurora DB instances inherit this value from the DB cluster, so you can't change this value.", + "title": "DatabaseInsightsMode", + "type": "string" + }, + "DedicatedLogVolume": { + "markdownDescription": "Indicates whether the DB instance has a dedicated log volume (DLV) enabled.", + "title": "DedicatedLogVolume", + "type": "boolean" + }, + "DeleteAutomatedBackups": { + "markdownDescription": "A value that indicates whether to remove automated backups immediately after the DB instance is deleted. This parameter isn't case-sensitive. The default is to remove automated backups immediately after the DB instance is deleted.\n\n*Amazon Aurora*\n\nNot applicable. When you delete a DB cluster, all automated backups for that DB cluster are deleted and can't be recovered. Manual DB cluster snapshots of the DB cluster are not deleted.", + "title": "DeleteAutomatedBackups", + "type": "boolean" + }, + "DeletionProtection": { + "markdownDescription": "Specifies whether the DB instance has deletion protection enabled. The database can't be deleted when deletion protection is enabled. By default, deletion protection isn't enabled. For more information, see [Deleting a DB Instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_DeleteInstance.html) .\n\nThis setting doesn't apply to Amazon Aurora DB instances. You can enable or disable deletion protection for the DB cluster. For more information, see `CreateDBCluster` . DB instances in a DB cluster can be deleted even when deletion protection is enabled for the DB cluster.", + "title": "DeletionProtection", + "type": "boolean" + }, + "Domain": { + "markdownDescription": "The Active Directory directory ID to create the DB instance in. Currently, only Db2, MySQL, Microsoft SQL Server, Oracle, and PostgreSQL DB instances can be created in an Active Directory Domain.\n\nFor more information, see [Kerberos Authentication](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/kerberos-authentication.html) in the *Amazon RDS User Guide* .", + "title": "Domain", + "type": "string" + }, + "DomainAuthSecretArn": { + "markdownDescription": "The ARN for the Secrets Manager secret with the credentials for the user joining the domain.\n\nExample: `arn:aws:secretsmanager:region:account-number:secret:myselfmanagedADtestsecret-123456`", + "title": "DomainAuthSecretArn", + "type": "string" + }, + "DomainDnsIps": { + "items": { + "type": "string" + }, + "markdownDescription": "The IPv4 DNS IP addresses of your primary and secondary Active Directory domain controllers.\n\nConstraints:\n\n- Two IP addresses must be provided. If there isn't a secondary domain controller, use the IP address of the primary domain controller for both entries in the list.\n\nExample: `123.124.125.126,234.235.236.237`", + "title": "DomainDnsIps", + "type": "array" + }, + "DomainFqdn": { + "markdownDescription": "The fully qualified domain name (FQDN) of an Active Directory domain.\n\nConstraints:\n\n- Can't be longer than 64 characters.\n\nExample: `mymanagedADtest.mymanagedAD.mydomain`", + "title": "DomainFqdn", + "type": "string" + }, + "DomainIAMRoleName": { + "markdownDescription": "The name of the IAM role to use when making API calls to the Directory Service.\n\nThis setting doesn't apply to the following DB instances:\n\n- Amazon Aurora (The domain is managed by the DB cluster.)\n- RDS Custom", + "title": "DomainIAMRoleName", + "type": "string" + }, + "DomainOu": { + "markdownDescription": "The Active Directory organizational unit for your DB instance to join.\n\nConstraints:\n\n- Must be in the distinguished name format.\n- Can't be longer than 64 characters.\n\nExample: `OU=mymanagedADtestOU,DC=mymanagedADtest,DC=mymanagedAD,DC=mydomain`", + "title": "DomainOu", + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of log types that need to be enabled for exporting to CloudWatch Logs. The values in the list depend on the DB engine being used. For more information, see [Publishing Database Logs to Amazon CloudWatch Logs](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_LogAccess.html#USER_LogAccess.Procedural.UploadtoCloudWatch) in the *Amazon Relational Database Service User Guide* .\n\n*Amazon Aurora*\n\nNot applicable. CloudWatch Logs exports are managed by the DB cluster.\n\n*Db2*\n\nValid values: `diag.log` , `notify.log`\n\n*MariaDB*\n\nValid values: `audit` , `error` , `general` , `slowquery`\n\n*Microsoft SQL Server*\n\nValid values: `agent` , `error`\n\n*MySQL*\n\nValid values: `audit` , `error` , `general` , `slowquery`\n\n*Oracle*\n\nValid values: `alert` , `audit` , `listener` , `trace` , `oemagent`\n\n*PostgreSQL*\n\nValid values: `postgresql` , `upgrade`", + "title": "EnableCloudwatchLogsExports", + "type": "array" + }, + "EnableIAMDatabaseAuthentication": { + "markdownDescription": "A value that indicates whether to enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts. By default, mapping is disabled.\n\nThis property is supported for RDS for MariaDB, RDS for MySQL, and RDS for PostgreSQL. For more information, see [IAM Database Authentication for MariaDB, MySQL, and PostgreSQL](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAMDBAuth.html) in the *Amazon RDS User Guide.*\n\n*Amazon Aurora*\n\nNot applicable. Mapping AWS IAM accounts to database accounts is managed by the DB cluster.", + "title": "EnableIAMDatabaseAuthentication", + "type": "boolean" + }, + "EnablePerformanceInsights": { + "markdownDescription": "Specifies whether to enable Performance Insights for the DB instance. For more information, see [Using Amazon Performance Insights](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.html) in the *Amazon RDS User Guide* .\n\nThis setting doesn't apply to RDS Custom DB instances.", + "title": "EnablePerformanceInsights", + "type": "boolean" + }, + "Engine": { + "markdownDescription": "The name of the database engine to use for this DB instance. Not every database engine is available in every AWS Region.\n\nThis property is required when creating a DB instance.\n\n> You can convert an Oracle database from the non-CDB architecture to the container database (CDB) architecture by updating the `Engine` value in your templates from `oracle-ee` to `oracle-ee-cdb` or from `oracle-se2` to `oracle-se2-cdb` . Converting to the CDB architecture requires an interruption. \n\nValid Values:\n\n- `aurora-mysql` (for Aurora MySQL DB instances)\n- `aurora-postgresql` (for Aurora PostgreSQL DB instances)\n- `custom-oracle-ee` (for RDS Custom for Oracle DB instances)\n- `custom-oracle-ee-cdb` (for RDS Custom for Oracle DB instances)\n- `custom-sqlserver-ee` (for RDS Custom for SQL Server DB instances)\n- `custom-sqlserver-se` (for RDS Custom for SQL Server DB instances)\n- `custom-sqlserver-web` (for RDS Custom for SQL Server DB instances)\n- `db2-ae`\n- `db2-se`\n- `mariadb`\n- `mysql`\n- `oracle-ee`\n- `oracle-ee-cdb`\n- `oracle-se2`\n- `oracle-se2-cdb`\n- `postgres`\n- `sqlserver-ee`\n- `sqlserver-se`\n- `sqlserver-ex`\n- `sqlserver-web`", + "title": "Engine", + "type": "string" + }, + "EngineLifecycleSupport": { + "markdownDescription": "The life cycle type for this DB instance.\n\n> By default, this value is set to `open-source-rds-extended-support` , which enrolls your DB instance into Amazon RDS Extended Support. At the end of standard support, you can avoid charges for Extended Support by setting the value to `open-source-rds-extended-support-disabled` . In this case, creating the DB instance will fail if the DB major version is past its end of standard support date. \n\nThis setting applies only to RDS for MySQL and RDS for PostgreSQL. For Amazon Aurora DB instances, the life cycle type is managed by the DB cluster.\n\nYou can use this setting to enroll your DB instance into Amazon RDS Extended Support. With RDS Extended Support, you can run the selected major engine version on your DB instance past the end of standard support for that engine version. For more information, see [Amazon RDS Extended Support with Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/extended-support.html) in the *Amazon RDS User Guide* .\n\nValid Values: `open-source-rds-extended-support | open-source-rds-extended-support-disabled`\n\nDefault: `open-source-rds-extended-support`", + "title": "EngineLifecycleSupport", + "type": "string" + }, + "EngineVersion": { + "markdownDescription": "The version number of the database engine to use.\n\nFor a list of valid engine versions, use the `DescribeDBEngineVersions` action.\n\nThe following are the database engines and links to information about the major and minor versions that are available with Amazon RDS. Not every database engine is available for every AWS Region.\n\n*Amazon Aurora*\n\nNot applicable. The version number of the database engine to be used by the DB instance is managed by the DB cluster.\n\n*Db2*\n\nSee [Amazon RDS for Db2](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Db2.html#Db2.Concepts.VersionMgmt) in the *Amazon RDS User Guide.*\n\n*MariaDB*\n\nSee [MariaDB on Amazon RDS Versions](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MariaDB.html#MariaDB.Concepts.VersionMgmt) in the *Amazon RDS User Guide.*\n\n*Microsoft SQL Server*\n\nSee [Microsoft SQL Server Versions on Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.VersionSupport) in the *Amazon RDS User Guide.*\n\n*MySQL*\n\nSee [MySQL on Amazon RDS Versions](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MySQL.html#MySQL.Concepts.VersionMgmt) in the *Amazon RDS User Guide.*\n\n*Oracle*\n\nSee [Oracle Database Engine Release Notes](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.Oracle.PatchComposition.html) in the *Amazon RDS User Guide.*\n\n*PostgreSQL*\n\nSee [Supported PostgreSQL Database Versions](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_PostgreSQL.html#PostgreSQL.Concepts.General.DBVersions) in the *Amazon RDS User Guide.*", + "title": "EngineVersion", + "type": "string" + }, + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS) that the database provisions. The value must be equal to or greater than 1000.\n\nIf you specify this property, you must follow the range of allowed ratios of your requested IOPS rate to the amount of storage that you allocate (IOPS to allocated storage). For example, you can provision an Oracle database instance with 1000 IOPS and 200 GiB of storage (a ratio of 5:1), or specify 2000 IOPS with 200 GiB of storage (a ratio of 10:1). For more information, see [Amazon RDS Provisioned IOPS Storage to Improve Performance](https://docs.aws.amazon.com/AmazonRDS/latest/DeveloperGuide/CHAP_Storage.html#USER_PIOPS) in the *Amazon RDS User Guide* .\n\n> If you specify `io1` for the `StorageType` property, then you must also specify the `Iops` property. \n\nConstraints:\n\n- For RDS for Db2, MariaDB, MySQL, Oracle, and PostgreSQL - Must be a multiple between .5 and 50 of the storage amount for the DB instance.\n- For RDS for SQL Server - Must be a multiple between 1 and 50 of the storage amount for the DB instance.", + "title": "Iops", + "type": "number" + }, + "KmsKeyId": { + "markdownDescription": "The ARN of the AWS KMS key that's used to encrypt the DB instance, such as `arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef` . If you enable the StorageEncrypted property but don't specify this property, AWS CloudFormation uses the default KMS key. If you specify this property, you must set the StorageEncrypted property to true.\n\nIf you specify the `SourceDBInstanceIdentifier` or `SourceDbiResourceId` property, don't specify this property. The value is inherited from the source DB instance, and if the DB instance is encrypted, the specified `KmsKeyId` property is used. However, if the source DB instance is in a different AWS Region, you must specify a KMS key ID.\n\nIf you specify the `SourceDBInstanceAutomatedBackupsArn` property, don't specify this property. The value is inherited from the source DB instance automated backup, and if the automated backup is encrypted, the specified `KmsKeyId` property is used.\n\nIf you create an encrypted read replica in a different AWS Region, then you must specify a KMS key for the destination AWS Region. KMS encryption keys are specific to the region that they're created in, and you can't use encryption keys from one region in another region.\n\nIf you specify the `DBSnapshotIdentifier` property, don't specify this property. The `StorageEncrypted` property value is inherited from the snapshot. If the DB instance is encrypted, the specified `KmsKeyId` property is also inherited from the snapshot.\n\nIf you specify `DBSecurityGroups` , AWS CloudFormation ignores this property. To specify both a security group and this property, you must use a VPC security group. For more information about Amazon RDS and VPC, see [Using Amazon RDS with Amazon VPC](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.html) in the *Amazon RDS User Guide* .\n\n*Amazon Aurora*\n\nNot applicable. The KMS key identifier is managed by the DB cluster.", + "title": "KmsKeyId", + "type": "string" + }, + "LicenseModel": { + "markdownDescription": "License model information for this DB instance.\n\nValid Values:\n\n- Aurora MySQL - `general-public-license`\n- Aurora PostgreSQL - `postgresql-license`\n- RDS for Db2 - `bring-your-own-license` . For more information about RDS for Db2 licensing, see [](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/db2-licensing.html) in the *Amazon RDS User Guide.*\n- RDS for MariaDB - `general-public-license`\n- RDS for Microsoft SQL Server - `license-included`\n- RDS for MySQL - `general-public-license`\n- RDS for Oracle - `bring-your-own-license` or `license-included`\n- RDS for PostgreSQL - `postgresql-license`\n\n> If you've specified `DBSecurityGroups` and then you update the license model, AWS CloudFormation replaces the underlying DB instance. This will incur some interruptions to database availability.", + "title": "LicenseModel", + "type": "string" + }, + "ManageMasterUserPassword": { + "markdownDescription": "Specifies whether to manage the master user password with AWS Secrets Manager.\n\nFor more information, see [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide.*\n\nConstraints:\n\n- Can't manage the master user password with AWS Secrets Manager if `MasterUserPassword` is specified.", + "title": "ManageMasterUserPassword", + "type": "boolean" + }, + "MasterUserPassword": { + "markdownDescription": "The password for the master user. The password can include any printable ASCII character except \"/\", \"\"\", or \"@\".\n\n*Amazon Aurora*\n\nNot applicable. The password for the master user is managed by the DB cluster.\n\n*RDS for Db2*\n\nMust contain from 8 to 255 characters.\n\n*RDS for MariaDB*\n\nConstraints: Must contain from 8 to 41 characters.\n\n*RDS for Microsoft SQL Server*\n\nConstraints: Must contain from 8 to 128 characters.\n\n*RDS for MySQL*\n\nConstraints: Must contain from 8 to 41 characters.\n\n*RDS for Oracle*\n\nConstraints: Must contain from 8 to 30 characters.\n\n*RDS for PostgreSQL*\n\nConstraints: Must contain from 8 to 128 characters.", + "title": "MasterUserPassword", + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/AWS::RDS::DBInstance.MasterUserSecret", + "markdownDescription": "The secret managed by RDS in AWS Secrets Manager for the master user password.\n\nFor more information, see [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide.*", + "title": "MasterUserSecret" + }, + "MasterUsername": { + "markdownDescription": "The master user name for the DB instance.\n\n> If you specify the `SourceDBInstanceIdentifier` or `DBSnapshotIdentifier` property, don't specify this property. The value is inherited from the source DB instance or snapshot.\n> \n> When migrating a self-managed Db2 database, we recommend that you use the same master username as your self-managed Db2 instance name. \n\n*Amazon Aurora*\n\nNot applicable. The name for the master user is managed by the DB cluster.\n\n*RDS for Db2*\n\nConstraints:\n\n- Must be 1 to 16 letters or numbers.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.\n\n*RDS for MariaDB*\n\nConstraints:\n\n- Must be 1 to 16 letters or numbers.\n- Can't be a reserved word for the chosen database engine.\n\n*RDS for Microsoft SQL Server*\n\nConstraints:\n\n- Must be 1 to 128 letters or numbers.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.\n\n*RDS for MySQL*\n\nConstraints:\n\n- Must be 1 to 16 letters or numbers.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.\n\n*RDS for Oracle*\n\nConstraints:\n\n- Must be 1 to 30 letters or numbers.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.\n\n*RDS for PostgreSQL*\n\nConstraints:\n\n- Must be 1 to 63 letters or numbers.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.", + "title": "MasterUsername", + "type": "string" + }, + "MaxAllocatedStorage": { + "markdownDescription": "The upper limit in gibibytes (GiB) to which Amazon RDS can automatically scale the storage of the DB instance.\n\nFor more information about this setting, including limitations that apply to it, see [Managing capacity automatically with Amazon RDS storage autoscaling](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIOPS.StorageTypes.html#USER_PIOPS.Autoscaling) in the *Amazon RDS User Guide* .\n\nThis setting doesn't apply to the following DB instances:\n\n- Amazon Aurora (Storage is managed by the DB cluster.)\n- RDS Custom", + "title": "MaxAllocatedStorage", + "type": "number" + }, + "MonitoringInterval": { + "markdownDescription": "The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance. To disable collection of Enhanced Monitoring metrics, specify `0` .\n\nIf `MonitoringRoleArn` is specified, then you must set `MonitoringInterval` to a value other than `0` .\n\nThis setting doesn't apply to RDS Custom DB instances.\n\nValid Values: `0 | 1 | 5 | 10 | 15 | 30 | 60`\n\nDefault: `0`", + "title": "MonitoringInterval", + "type": "number" + }, + "MonitoringRoleArn": { + "markdownDescription": "The ARN for the IAM role that permits RDS to send enhanced monitoring metrics to Amazon CloudWatch Logs. For example, `arn:aws:iam:123456789012:role/emaccess` . For information on creating a monitoring role, see [Setting Up and Enabling Enhanced Monitoring](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.OS.html#USER_Monitoring.OS.Enabling) in the *Amazon RDS User Guide* .\n\nIf `MonitoringInterval` is set to a value other than `0` , then you must supply a `MonitoringRoleArn` value.\n\nThis setting doesn't apply to RDS Custom DB instances.", + "title": "MonitoringRoleArn", + "type": "string" + }, + "MultiAZ": { + "markdownDescription": "Specifies whether the DB instance is a Multi-AZ deployment. You can't set the `AvailabilityZone` parameter if the DB instance is a Multi-AZ deployment.\n\nThis setting doesn't apply to Amazon Aurora because the DB instance Availability Zones (AZs) are managed by the DB cluster.", + "title": "MultiAZ", + "type": "boolean" + }, + "NcharCharacterSetName": { + "markdownDescription": "The name of the NCHAR character set for the Oracle DB instance.\n\nThis setting doesn't apply to RDS Custom DB instances.", + "title": "NcharCharacterSetName", + "type": "string" + }, + "NetworkType": { + "markdownDescription": "The network type of the DB instance.\n\nValid values:\n\n- `IPV4`\n- `DUAL`\n\nThe network type is determined by the `DBSubnetGroup` specified for the DB instance. A `DBSubnetGroup` can support only the IPv4 protocol or the IPv4 and IPv6 protocols ( `DUAL` ).\n\nFor more information, see [Working with a DB instance in a VPC](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.WorkingWithRDSInstanceinaVPC.html) in the *Amazon RDS User Guide.*", + "title": "NetworkType", + "type": "string" + }, + "OptionGroupName": { + "markdownDescription": "Indicates that the DB instance should be associated with the specified option group.\n\nPermanent options, such as the TDE option for Oracle Advanced Security TDE, can't be removed from an option group. Also, that option group can't be removed from a DB instance once it is associated with a DB instance.", + "title": "OptionGroupName", + "type": "string" + }, + "PerformanceInsightsKMSKeyId": { + "markdownDescription": "The AWS KMS key identifier for encryption of Performance Insights data.\n\nThe KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.\n\nIf you do not specify a value for `PerformanceInsightsKMSKeyId` , then Amazon RDS uses your default KMS key. There is a default KMS key for your AWS account. Your AWS account has a different default KMS key for each AWS Region.\n\nFor information about enabling Performance Insights, see [EnablePerformanceInsights](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-enableperformanceinsights) .", + "title": "PerformanceInsightsKMSKeyId", + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "markdownDescription": "The number of days to retain Performance Insights data. When creating a DB instance without enabling Performance Insights, you can't specify the parameter `PerformanceInsightsRetentionPeriod` .\n\nThis setting doesn't apply to RDS Custom DB instances.\n\nValid Values:\n\n- `7`\n- *month* * 31, where *month* is a number of months from 1-23. Examples: `93` (3 months * 31), `341` (11 months * 31), `589` (19 months * 31)\n- `731`\n\nDefault: `7` days\n\nIf you specify a retention period that isn't valid, such as `94` , Amazon RDS returns an error.", + "title": "PerformanceInsightsRetentionPeriod", + "type": "number" + }, + "Port": { + "markdownDescription": "The port number on which the database accepts connections.\n\nThis setting doesn't apply to Aurora DB instances. The port number is managed by the cluster.\n\nValid Values: `1150-65535`\n\nDefault:\n\n- RDS for Db2 - `50000`\n- RDS for MariaDB - `3306`\n- RDS for Microsoft SQL Server - `1433`\n- RDS for MySQL - `3306`\n- RDS for Oracle - `1521`\n- RDS for PostgreSQL - `5432`\n\nConstraints:\n\n- For RDS for Microsoft SQL Server, the value can't be `1234` , `1434` , `3260` , `3343` , `3389` , `47001` , or `49152-49156` .", + "title": "Port", + "type": "string" + }, + "PreferredBackupWindow": { + "markdownDescription": "The daily time range during which automated backups are created if automated backups are enabled, using the `BackupRetentionPeriod` parameter. For more information, see [Backup Window](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithAutomatedBackups.html#USER_WorkingWithAutomatedBackups.BackupWindow) in the *Amazon RDS User Guide.*\n\nConstraints:\n\n- Must be in the format `hh24:mi-hh24:mi` .\n- Must be in Universal Coordinated Time (UTC).\n- Must not conflict with the preferred maintenance window.\n- Must be at least 30 minutes.\n\n*Amazon Aurora*\n\nNot applicable. The daily time range for creating automated backups is managed by the DB cluster.", + "title": "PreferredBackupWindow", + "type": "string" + }, + "PreferredMaintenanceWindow": { + "markdownDescription": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n\nFormat: `ddd:hh24:mi-ddd:hh24:mi`\n\nThe default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region, occurring on a random day of the week. To see the time blocks available, see [Maintaining a DB instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Maintenance.html#AdjustingTheMaintenanceWindow) in the *Amazon RDS User Guide.*\n\n> This property applies when AWS CloudFormation initially creates the DB instance. If you use AWS CloudFormation to update the DB instance, those updates are applied immediately. \n\nConstraints: Minimum 30-minute window.", + "title": "PreferredMaintenanceWindow", + "type": "string" + }, + "ProcessorFeatures": { + "items": { + "$ref": "#/definitions/AWS::RDS::DBInstance.ProcessorFeature" + }, + "markdownDescription": "The number of CPU cores and the number of threads per core for the DB instance class of the DB instance.\n\nThis setting doesn't apply to Amazon Aurora or RDS Custom DB instances.", + "title": "ProcessorFeatures", + "type": "array" + }, + "PromotionTier": { + "markdownDescription": "The order of priority in which an Aurora Replica is promoted to the primary instance after a failure of the existing primary instance. For more information, see [Fault Tolerance for an Aurora DB Cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.AuroraHighAvailability.html#Aurora.Managing.FaultTolerance) in the *Amazon Aurora User Guide* .\n\nThis setting doesn't apply to RDS Custom DB instances.\n\nDefault: `1`\n\nValid Values: `0 - 15`", + "title": "PromotionTier", + "type": "number" + }, + "PubliclyAccessible": { + "markdownDescription": "Indicates whether the DB instance is an internet-facing instance. If you specify true, AWS CloudFormation creates an instance with a publicly resolvable DNS name, which resolves to a public IP address. If you specify false, AWS CloudFormation creates an internal instance with a DNS name that resolves to a private IP address.\n\nThe default behavior value depends on your VPC setup and the database subnet group. For more information, see the `PubliclyAccessible` parameter in the [CreateDBInstance](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html) in the *Amazon RDS API Reference* .", + "title": "PubliclyAccessible", + "type": "boolean" + }, + "ReplicaMode": { + "markdownDescription": "The open mode of an Oracle read replica. For more information, see [Working with Oracle Read Replicas for Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/oracle-read-replicas.html) in the *Amazon RDS User Guide* .\n\nThis setting is only supported in RDS for Oracle.\n\nDefault: `open-read-only`\n\nValid Values: `open-read-only` or `mounted`", + "title": "ReplicaMode", + "type": "string" + }, + "RestoreTime": { + "markdownDescription": "The date and time to restore from. This parameter applies to point-in-time recovery. For more information, see [Restoring a DB instance to a specified time](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIT.html) in the in the *Amazon RDS User Guide* .\n\nConstraints:\n\n- Must be a time in Universal Coordinated Time (UTC) format.\n- Must be before the latest restorable time for the DB instance.\n- Can't be specified if the `UseLatestRestorableTime` parameter is enabled.\n\nExample: `2009-09-07T23:45:00Z`", + "title": "RestoreTime", + "type": "string" + }, + "SourceDBClusterIdentifier": { + "markdownDescription": "The identifier of the Multi-AZ DB cluster that will act as the source for the read replica. Each DB cluster can have up to 15 read replicas.\n\nConstraints:\n\n- Must be the identifier of an existing Multi-AZ DB cluster.\n- Can't be specified if the `SourceDBInstanceIdentifier` parameter is also specified.\n- The specified DB cluster must have automatic backups enabled, that is, its backup retention period must be greater than 0.\n- The source DB cluster must be in the same AWS Region as the read replica. Cross-Region replication isn't supported.", + "title": "SourceDBClusterIdentifier", + "type": "string" + }, + "SourceDBInstanceAutomatedBackupsArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the replicated automated backups from which to restore, for example, `arn:aws:rds:us-east-1:123456789012:auto-backup:ab-L2IJCEXJP7XQ7HOJ4SIEXAMPLE` .\n\nThis setting doesn't apply to RDS Custom.", + "title": "SourceDBInstanceAutomatedBackupsArn", + "type": "string" + }, + "SourceDBInstanceIdentifier": { + "markdownDescription": "If you want to create a read replica DB instance, specify the ID of the source DB instance. Each DB instance can have a limited number of read replicas. For more information, see [Working with Read Replicas](https://docs.aws.amazon.com/AmazonRDS/latest/DeveloperGuide/USER_ReadRepl.html) in the *Amazon RDS User Guide* .\n\nFor information about constraints that apply to DB instance identifiers, see [Naming constraints in Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints) in the *Amazon RDS User Guide* .\n\nThe `SourceDBInstanceIdentifier` property determines whether a DB instance is a read replica. If you remove the `SourceDBInstanceIdentifier` property from your template and then update your stack, AWS CloudFormation promotes the read replica to a standalone DB instance.\n\nIf you specify the `UseLatestRestorableTime` or `RestoreTime` properties in conjunction with the `SourceDBInstanceIdentifier` property, RDS restores the DB instance to the requested point in time, thereby creating a new DB instance.\n\n> - If you specify a source DB instance that uses VPC security groups, we recommend that you specify the `VPCSecurityGroups` property. If you don't specify the property, the read replica inherits the value of the `VPCSecurityGroups` property from the source DB when you create the replica. However, if you update the stack, AWS CloudFormation reverts the replica's `VPCSecurityGroups` property to the default value because it's not defined in the stack's template. This change might cause unexpected issues.\n> - Read replicas don't support deletion policies. AWS CloudFormation ignores any deletion policy that's associated with a read replica.\n> - If you specify `SourceDBInstanceIdentifier` , don't specify the `DBSnapshotIdentifier` property. You can't create a read replica from a snapshot.\n> - Don't set the `BackupRetentionPeriod` , `DBName` , `MasterUsername` , `MasterUserPassword` , and `PreferredBackupWindow` properties. The database attributes are inherited from the source DB instance, and backups are disabled for read replicas.\n> - If the source DB instance is in a different region than the read replica, specify the source region in `SourceRegion` , and specify an ARN for a valid DB instance in `SourceDBInstanceIdentifier` . For more information, see [Constructing a Amazon RDS Amazon Resource Name (ARN)](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html#USER_Tagging.ARN) in the *Amazon RDS User Guide* .\n> - For DB instances in Amazon Aurora clusters, don't specify this property. Amazon RDS automatically assigns writer and reader DB instances.", + "title": "SourceDBInstanceIdentifier", + "type": "string" + }, + "SourceDbiResourceId": { + "markdownDescription": "The resource ID of the source DB instance from which to restore.", + "title": "SourceDbiResourceId", + "type": "string" + }, + "SourceRegion": { + "markdownDescription": "The ID of the region that contains the source DB instance for the read replica.", + "title": "SourceRegion", + "type": "string" + }, + "StorageEncrypted": { + "markdownDescription": "A value that indicates whether the DB instance is encrypted. By default, it isn't encrypted.\n\nIf you specify the `KmsKeyId` property, then you must enable encryption.\n\nIf you specify the `SourceDBInstanceIdentifier` or `SourceDbiResourceId` property, don't specify this property. The value is inherited from the source DB instance, and if the DB instance is encrypted, the specified `KmsKeyId` property is used.\n\nIf you specify the `SourceDBInstanceAutomatedBackupsArn` property, don't specify this property. The value is inherited from the source DB instance automated backup.\n\nIf you specify `DBSnapshotIdentifier` property, don't specify this property. The value is inherited from the snapshot.\n\n*Amazon Aurora*\n\nNot applicable. The encryption for DB instances is managed by the DB cluster.", + "title": "StorageEncrypted", + "type": "boolean" + }, + "StorageThroughput": { + "markdownDescription": "Specifies the storage throughput value, in mebibyte per second (MiBps), for the DB instance. This setting applies only to the `gp3` storage type.\n\nThis setting doesn't apply to RDS Custom or Amazon Aurora.", + "title": "StorageThroughput", + "type": "number" + }, + "StorageType": { + "markdownDescription": "The storage type to associate with the DB instance.\n\nIf you specify `io1` , `io2` , or `gp3` , you must also include a value for the `Iops` parameter.\n\nThis setting doesn't apply to Amazon Aurora DB instances. Storage is managed by the DB cluster.\n\nValid Values: `gp2 | gp3 | io1 | io2 | standard`\n\nDefault: `io1` , if the `Iops` parameter is specified. Otherwise, `gp3` .", + "title": "StorageType", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags to assign to the DB instance.", + "title": "Tags", + "type": "array" + }, + "Timezone": { + "markdownDescription": "The time zone of the DB instance. The time zone parameter is currently supported only by [RDS for Db2](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/db2-time-zone) and [RDS for SQL Server](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.TimeZone) .", + "title": "Timezone", + "type": "string" + }, + "UseDefaultProcessorFeatures": { + "markdownDescription": "Specifies whether the DB instance class of the DB instance uses its default processor features.\n\nThis setting doesn't apply to RDS Custom DB instances.", + "title": "UseDefaultProcessorFeatures", + "type": "boolean" + }, + "UseLatestRestorableTime": { + "markdownDescription": "Specifies whether the DB instance is restored from the latest backup time. By default, the DB instance isn't restored from the latest backup time. This parameter applies to point-in-time recovery. For more information, see [Restoring a DB instance to a specified time](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIT.html) in the in the *Amazon RDS User Guide* .\n\nConstraints:\n\n- Can't be specified if the `RestoreTime` parameter is provided.", + "title": "UseLatestRestorableTime", + "type": "boolean" + }, + "VPCSecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the VPC security group IDs to assign to the DB instance. The list can include both the physical IDs of existing VPC security groups and references to [AWS::EC2::SecurityGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html) resources created in the template.\n\nIf you plan to update the resource, don't specify VPC security groups in a shared VPC.\n\nIf you set `VPCSecurityGroups` , you must not set [`DBSecurityGroups`](https://docs.aws.amazon.com//AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-dbsecuritygroups) , and vice versa.\n\n> You can migrate a DB instance in your stack from an RDS DB security group to a VPC security group, but keep the following in mind:\n> \n> - You can't revert to using an RDS security group after you establish a VPC security group membership.\n> - When you migrate your DB instance to VPC security groups, if your stack update rolls back because the DB instance update fails or because an update fails in another AWS CloudFormation resource, the rollback fails because it can't revert to an RDS security group.\n> - To use the properties that are available when you use a VPC security group, you must recreate the DB instance. If you don't, AWS CloudFormation submits only the property values that are listed in the [`DBSecurityGroups`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-dbsecuritygroups) property. \n\nTo avoid this situation, migrate your DB instance to using VPC security groups only when that is the only change in your stack template.\n\n*Amazon Aurora*\n\nNot applicable. The associated list of EC2 VPC security groups is managed by the DB cluster. If specified, the setting must match the DB cluster setting.", + "title": "VPCSecurityGroups", + "type": "array" + } }, - "markdownDescription": "The aggregation and sort configuration of the top bottom filter.", - "title": "AggregationSortConfigurations", - "type": "array" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" - }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", - "type": "string" - }, - "Limit": { - "markdownDescription": "The number of items to include in the top bottom filter results.", - "title": "Limit", - "type": "number" + "type": "object" }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.", - "title": "ParameterName", + "Type": { + "enum": [ + "AWS::RDS::DBInstance" + ], "type": "string" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "AggregationSortConfigurations", - "Column", - "FilterId" + "Type" ], "type": "object" }, - "AWS::QuickSight::Template.TopBottomMoversComputation": { + "AWS::RDS::DBInstance.CertificateDetails": { "additionalProperties": false, "properties": { - "Category": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", - "markdownDescription": "The category field that is used in a computation.", - "title": "Category" - }, - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" - }, - "MoverSize": { - "markdownDescription": "The mover size setup of the top and bottom movers computation.", - "title": "MoverSize", - "type": "number" - }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", - "type": "string" - }, - "SortOrder": { - "markdownDescription": "The sort order setup of the top and bottom movers computation.", - "title": "SortOrder", + "CAIdentifier": { + "markdownDescription": "The CA identifier of the CA certificate used for the DB instance's server certificate.", + "title": "CAIdentifier", "type": "string" }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" - }, - "Type": { - "markdownDescription": "The computation type. Choose from the following options:\n\n- TOP: Top movers computation.\n- BOTTOM: Bottom movers computation.", - "title": "Type", + "ValidTill": { + "markdownDescription": "The expiration date of the DB instance\u2019s server certificate.", + "title": "ValidTill", "type": "string" - }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" } }, - "required": [ - "ComputationId", - "Type" - ], "type": "object" }, - "AWS::QuickSight::Template.TopBottomRankedComputation": { + "AWS::RDS::DBInstance.DBInstanceRole": { "additionalProperties": false, "properties": { - "Category": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", - "markdownDescription": "The category field that is used in a computation.", - "title": "Category" - }, - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", - "type": "string" - }, - "ResultSize": { - "markdownDescription": "The result size of a top and bottom ranked computation.", - "title": "ResultSize", - "type": "number" - }, - "Type": { - "markdownDescription": "The computation type. Choose one of the following options:\n\n- TOP: A top ranked computation.\n- BOTTOM: A bottom ranked computation.", - "title": "Type", + "FeatureName": { + "markdownDescription": "The name of the feature associated with the AWS Identity and Access Management (IAM) role. IAM roles that are associated with a DB instance grant permission for the DB instance to access other AWS services on your behalf. For the list of supported feature names, see the `SupportedFeatureNames` description in [DBEngineVersion](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DBEngineVersion.html) in the *Amazon RDS API Reference* .", + "title": "FeatureName", "type": "string" }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that is associated with the DB instance.", + "title": "RoleArn", + "type": "string" } }, "required": [ - "ComputationId", - "Type" + "FeatureName", + "RoleArn" ], "type": "object" }, - "AWS::QuickSight::Template.TotalAggregationComputation": { + "AWS::RDS::DBInstance.Endpoint": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", + "Address": { + "markdownDescription": "Specifies the DNS address of the DB instance.", + "title": "Address", "type": "string" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "HostedZoneId": { + "markdownDescription": "Specifies the ID that Amazon Route 53 assigns when you create a hosted zone.", + "title": "HostedZoneId", "type": "string" }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "Port": { + "markdownDescription": "Specifies the port that the database engine is listening on.", + "title": "Port", + "type": "string" } }, - "required": [ - "ComputationId" - ], "type": "object" }, - "AWS::QuickSight::Template.TotalAggregationFunction": { + "AWS::RDS::DBInstance.MasterUserSecret": { "additionalProperties": false, "properties": { - "SimpleTotalAggregationFunction": { - "markdownDescription": "A built in aggregation function for total values.", - "title": "SimpleTotalAggregationFunction", + "KmsKeyId": { + "markdownDescription": "The AWS KMS key identifier that is used to encrypt the secret.", + "title": "KmsKeyId", + "type": "string" + }, + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the secret. This parameter is a return value that you can retrieve using the `Fn::GetAtt` intrinsic function. For more information, see [Return values](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbinstance.html#aws-resource-rds-dbinstance-return-values) .", + "title": "SecretArn", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.TotalAggregationOption": { + "AWS::RDS::DBInstance.ProcessorFeature": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field id that's associated with the total aggregation option.", - "title": "FieldId", + "Name": { + "markdownDescription": "The name of the processor feature. Valid names are `coreCount` and `threadsPerCore` .", + "title": "Name", "type": "string" }, - "TotalAggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Template.TotalAggregationFunction", - "markdownDescription": "The total aggregation function that you want to set for a specified field id.", - "title": "TotalAggregationFunction" + "Value": { + "markdownDescription": "The value of a processor feature.", + "title": "Value", + "type": "string" } }, - "required": [ - "FieldId", - "TotalAggregationFunction" - ], "type": "object" }, - "AWS::QuickSight::Template.TotalOptions": { + "AWS::RDS::DBParameterGroup": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label string for the total cells.", - "title": "CustomLabel", + "Condition": { "type": "string" }, - "Placement": { - "markdownDescription": "The placement (start, end) for the total cells.", - "title": "Placement", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ScrollStatus": { - "markdownDescription": "The scroll status (pinned, scrolled) for the total cells.", - "title": "ScrollStatus", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "TotalAggregationOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.TotalAggregationOption" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DBParameterGroupName": { + "markdownDescription": "The name of the DB parameter group.\n\nConstraints:\n\n- Must be 1 to 255 letters, numbers, or hyphens.\n- First character must be a letter\n- Can't end with a hyphen or contain two consecutive hyphens\n\nIf you don't specify a value for `DBParameterGroupName` property, a name is automatically created for the DB parameter group.\n\n> This value is stored as a lowercase string.", + "title": "DBParameterGroupName", + "type": "string" + }, + "Description": { + "markdownDescription": "Provides the customer-specified description for this DB parameter group.", + "title": "Description", + "type": "string" + }, + "Family": { + "markdownDescription": "The DB parameter group family name. A DB parameter group can be associated with one and only one DB parameter group family, and can be applied only to a DB instance running a database engine and engine version compatible with that DB parameter group family.\n\nTo list all of the available parameter group families for a DB engine, use the following command:\n\n`aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine `\n\nFor example, to list all of the available parameter group families for the MySQL DB engine, use the following command:\n\n`aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine mysql`\n\n> The output contains duplicates. \n\nThe following are the valid DB engine values:\n\n- `aurora-mysql`\n- `aurora-postgresql`\n- `db2-ae`\n- `db2-se`\n- `mysql`\n- `oracle-ee`\n- `oracle-ee-cdb`\n- `oracle-se2`\n- `oracle-se2-cdb`\n- `postgres`\n- `sqlserver-ee`\n- `sqlserver-se`\n- `sqlserver-ex`\n- `sqlserver-web`", + "title": "Family", + "type": "string" + }, + "Parameters": { + "markdownDescription": "A mapping of parameter names and values for the parameter update. You must specify at least one parameter name and value.\n\nFor more information about parameter groups, see [Working with parameter groups](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithParamGroups.html) in the *Amazon RDS User Guide* , or [Working with parameter groups](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_WorkingWithParamGroups.html) in the *Amazon Aurora User Guide* .\n\n> AWS CloudFormation doesn't support specifying an apply method for each individual parameter. The default apply method for each parameter is used.", + "title": "Parameters", + "type": "object" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags to assign to the DB parameter group.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The total aggregation settings for each value field.", - "title": "TotalAggregationOptions", - "type": "array" + "required": [ + "Description", + "Family" + ], + "type": "object" }, - "TotalCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", - "markdownDescription": "Cell styling options for the total cells.", - "title": "TotalCellStyle" + "Type": { + "enum": [ + "AWS::RDS::DBParameterGroup" + ], + "type": "string" }, - "TotalsVisibility": { - "markdownDescription": "The visibility configuration for the total cells.", - "title": "TotalsVisibility", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Template.TreeMapAggregatedFieldWells": { + "AWS::RDS::DBProxy": { "additionalProperties": false, "properties": { - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" - }, - "markdownDescription": "The color field well of a tree map. Values are grouped by aggregations based on group by fields.", - "title": "Colors", - "type": "array" + "Condition": { + "type": "string" }, - "Groups": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The group by field well of a tree map. Values are grouped based on group by fields.", - "title": "Groups", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Sizes": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Auth": { + "items": { + "$ref": "#/definitions/AWS::RDS::DBProxy.AuthFormat" + }, + "markdownDescription": "The authorization mechanism that the proxy uses.", + "title": "Auth", + "type": "array" + }, + "DBProxyName": { + "markdownDescription": "The identifier for the proxy. This name must be unique for all proxies owned by your AWS account in the specified AWS Region . An identifier must begin with a letter and must contain only ASCII letters, digits, and hyphens; it can't end with a hyphen or contain two consecutive hyphens.", + "title": "DBProxyName", + "type": "string" + }, + "DebugLogging": { + "markdownDescription": "Specifies whether the proxy includes detailed information about SQL statements in its logs. This information helps you to debug issues involving SQL behavior or the performance and scalability of the proxy connections. The debug information includes the text of SQL statements that you submit through the proxy. Thus, only enable this setting when needed for debugging, and only when you have security measures in place to safeguard any sensitive information that appears in the logs.", + "title": "DebugLogging", + "type": "boolean" + }, + "EngineFamily": { + "markdownDescription": "The kinds of databases that the proxy can connect to. This value determines which database network protocol the proxy recognizes when it interprets network traffic to and from the database. For Aurora MySQL, RDS for MariaDB, and RDS for MySQL databases, specify `MYSQL` . For Aurora PostgreSQL and RDS for PostgreSQL databases, specify `POSTGRESQL` . For RDS for Microsoft SQL Server, specify `SQLSERVER` .", + "title": "EngineFamily", + "type": "string" + }, + "IdleClientTimeout": { + "markdownDescription": "The number of seconds that a connection to the proxy can be inactive before the proxy disconnects it. You can set this value higher or lower than the connection timeout limit for the associated database.", + "title": "IdleClientTimeout", + "type": "number" + }, + "RequireTLS": { + "markdownDescription": "Specifies whether Transport Layer Security (TLS) encryption is required for connections to the proxy. By enabling this setting, you can enforce encrypted TLS connections to the proxy.", + "title": "RequireTLS", + "type": "boolean" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that the proxy uses to access secrets in AWS Secrets Manager.", + "title": "RoleArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::RDS::DBProxy.TagFormat" + }, + "markdownDescription": "An optional set of key-value pairs to associate arbitrary data of your choosing with the proxy.", + "title": "Tags", + "type": "array" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more VPC security group IDs to associate with the new proxy.\n\nIf you plan to update the resource, don't specify VPC security groups in a shared VPC.", + "title": "VpcSecurityGroupIds", + "type": "array" + }, + "VpcSubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more VPC subnet IDs to associate with the new proxy.", + "title": "VpcSubnetIds", + "type": "array" + } }, - "markdownDescription": "The size field well of a tree map. Values are aggregated based on group by fields.", - "title": "Sizes", - "type": "array" + "required": [ + "Auth", + "DBProxyName", + "EngineFamily", + "RoleArn", + "VpcSubnetIds" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RDS::DBProxy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Template.TreeMapConfiguration": { + "AWS::RDS::DBProxy.AuthFormat": { "additionalProperties": false, "properties": { - "ColorLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility) for the colors displayed in a tree map.", - "title": "ColorLabelOptions" - }, - "ColorScale": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColorScale", - "markdownDescription": "The color options (gradient color, point of divergence) of a tree map.", - "title": "ColorScale" - }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.", - "title": "DataLabels" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.TreeMapFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "GroupLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility) of the groups that are displayed in a tree map.", - "title": "GroupLabelOptions" + "AuthScheme": { + "markdownDescription": "The type of authentication that the proxy uses for connections from the proxy to the underlying database.", + "title": "AuthScheme", + "type": "string" }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" + "ClientPasswordAuthType": { + "markdownDescription": "Specifies the details of authentication used by a proxy to log in as a specific database user.", + "title": "ClientPasswordAuthType", + "type": "string" }, - "SizeLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility) of the sizes that are displayed in a tree map.", - "title": "SizeLabelOptions" + "Description": { + "markdownDescription": "A user-specified description about the authentication used by a proxy to log in as a specific database user.", + "title": "Description", + "type": "string" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.TreeMapSortConfiguration", - "markdownDescription": "The sort configuration of a tree map.", - "title": "SortConfiguration" + "IAMAuth": { + "markdownDescription": "A value that indicates whether to require or disallow AWS Identity and Access Management (IAM) authentication for connections to the proxy. The `ENABLED` value is valid only for proxies with RDS for Microsoft SQL Server.", + "title": "IAMAuth", + "type": "string" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.TreeMapFieldWells": { - "additionalProperties": false, - "properties": { - "TreeMapAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.TreeMapAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a tree map.", - "title": "TreeMapAggregatedFieldWells" + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) representing the secret that the proxy uses to authenticate to the RDS DB instance or Aurora DB cluster. These secrets are stored within Amazon Secrets Manager.", + "title": "SecretArn", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.TreeMapSortConfiguration": { + "AWS::RDS::DBProxy.TagFormat": { "additionalProperties": false, "properties": { - "TreeMapGroupItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of groups that are displayed.", - "title": "TreeMapGroupItemsLimitConfiguration" + "Key": { + "markdownDescription": "A key is the required name of the tag. The string value can be from 1 to 128 Unicode characters in length and can't be prefixed with `aws:` or `rds:` . The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\").", + "title": "Key", + "type": "string" }, - "TreeMapSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of group by fields.", - "title": "TreeMapSort", - "type": "array" + "Value": { + "markdownDescription": "A value is the optional value of the tag. The string value can be from 1 to 256 Unicode characters in length and can't be prefixed with `aws:` or `rds:` . The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\").", + "title": "Value", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.TreeMapVisual": { + "AWS::RDS::DBProxyEndpoint": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.TreeMapConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Metadata": { + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Properties": { + "additionalProperties": false, + "properties": { + "DBProxyEndpointName": { + "markdownDescription": "The name of the DB proxy endpoint to create.", + "title": "DBProxyEndpointName", + "type": "string" + }, + "DBProxyName": { + "markdownDescription": "The name of the DB proxy associated with the DB proxy endpoint that you create.", + "title": "DBProxyName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::RDS::DBProxyEndpoint.TagFormat" + }, + "markdownDescription": "An optional set of key-value pairs to associate arbitrary data of your choosing with the proxy.", + "title": "Tags", + "type": "array" + }, + "TargetRole": { + "markdownDescription": "A value that indicates whether the DB proxy endpoint can be used for read/write or read-only operations.", + "title": "TargetRole", + "type": "string" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The VPC security group IDs for the DB proxy endpoint that you create. You can specify a different set of security group IDs than for the original DB proxy. The default is the default security group for the VPC.", + "title": "VpcSecurityGroupIds", + "type": "array" + }, + "VpcSubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The VPC subnet IDs for the DB proxy endpoint that you create. You can specify a different set of subnet IDs than for the original DB proxy.", + "title": "VpcSubnetIds", + "type": "array" + } + }, + "required": [ + "DBProxyEndpointName", + "DBProxyName", + "VpcSubnetIds" + ], + "type": "object" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "Type": { + "enum": [ + "AWS::RDS::DBProxyEndpoint" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Template.TrendArrowOptions": { + "AWS::RDS::DBProxyEndpoint.TagFormat": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility of the trend arrows.", - "title": "Visibility", + "Key": { + "markdownDescription": "A key is the required name of the tag. The string value can be from 1 to 128 Unicode characters in length and can't be prefixed with `aws:` or `rds:` . The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\").", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "A value is the optional value of the tag. The string value can be from 1 to 256 Unicode characters in length and can't be prefixed with `aws:` or `rds:` . The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\").", + "title": "Value", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.UnaggregatedField": { + "AWS::RDS::DBProxyTargetGroup": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that is used in the `UnaggregatedField` .", - "title": "Column" + "Condition": { + "type": "string" }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ConnectionPoolConfigurationInfo": { + "$ref": "#/definitions/AWS::RDS::DBProxyTargetGroup.ConnectionPoolConfigurationInfoFormat", + "markdownDescription": "Displays the settings that control the size and behavior of the connection pool associated with a `DBProxyTarget` .", + "title": "ConnectionPoolConfigurationInfo" + }, + "DBClusterIdentifiers": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more DB cluster identifiers.", + "title": "DBClusterIdentifiers", + "type": "array" + }, + "DBInstanceIdentifiers": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more DB instance identifiers.", + "title": "DBInstanceIdentifiers", + "type": "array" + }, + "DBProxyName": { + "markdownDescription": "The identifier of the `DBProxy` that is associated with the `DBProxyTargetGroup` .", + "title": "DBProxyName", + "type": "string" + }, + "TargetGroupName": { + "markdownDescription": "The identifier for the target group.\n\n> Currently, this property must be set to `default` .", + "title": "TargetGroupName", + "type": "string" + } + }, + "required": [ + "DBProxyName", + "TargetGroupName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RDS::DBProxyTargetGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Column", - "FieldId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Template.UniqueValuesComputation": { + "AWS::RDS::DBProxyTargetGroup.ConnectionPoolConfigurationInfoFormat": { "additionalProperties": false, "properties": { - "Category": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", - "markdownDescription": "The category field that is used in a computation.", - "title": "Category" + "ConnectionBorrowTimeout": { + "markdownDescription": "The number of seconds for a proxy to wait for a connection to become available in the connection pool. This setting only applies when the proxy has opened its maximum number of connections and all connections are busy with client sessions.\n\nDefault: `120`\n\nConstraints:\n\n- Must be between 0 and 300.", + "title": "ConnectionBorrowTimeout", + "type": "number" }, - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", + "InitQuery": { + "markdownDescription": "Add an initialization query, or modify the current one. You can specify one or more SQL statements for the proxy to run when opening each new database connection. The setting is typically used with `SET` statements to make sure that each connection has identical settings. Make sure the query added here is valid. This is an optional field, so you can choose to leave it empty. For including multiple variables in a single SET statement, use a comma separator.\n\nFor example: `SET variable1=value1, variable2=value2`\n\nDefault: no initialization query\n\n> Since you can access initialization query as part of target group configuration, it is not protected by authentication or cryptographic methods. Anyone with access to view or manage your proxy target group configuration can view the initialization query. You should not add sensitive data, such as passwords or long-lived encryption keys, to this option.", + "title": "InitQuery", "type": "string" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", - "type": "string" + "MaxConnectionsPercent": { + "markdownDescription": "The maximum size of the connection pool for each target in a target group. The value is expressed as a percentage of the `max_connections` setting for the RDS DB instance or Aurora DB cluster used by the target group.\n\nIf you specify `MaxIdleConnectionsPercent` , then you must also include a value for this parameter.\n\nDefault: `10` for RDS for Microsoft SQL Server, and `100` for all other engines\n\nConstraints:\n\n- Must be between 1 and 100.", + "title": "MaxConnectionsPercent", + "type": "number" + }, + "MaxIdleConnectionsPercent": { + "markdownDescription": "A value that controls how actively the proxy closes idle database connections in the connection pool. The value is expressed as a percentage of the `max_connections` setting for the RDS DB instance or Aurora DB cluster used by the target group. With a high value, the proxy leaves a high percentage of idle database connections open. A low value causes the proxy to close more idle connections and return them to the database.\n\nIf you specify this parameter, then you must also include a value for `MaxConnectionsPercent` .\n\nDefault: The default value is half of the value of `MaxConnectionsPercent` . For example, if `MaxConnectionsPercent` is 80, then the default value of `MaxIdleConnectionsPercent` is 40. If the value of `MaxConnectionsPercent` isn't specified, then for SQL Server, `MaxIdleConnectionsPercent` is `5` , and for all other engines, the default is `50` .\n\nConstraints:\n\n- Must be between 0 and the value of `MaxConnectionsPercent` .", + "title": "MaxIdleConnectionsPercent", + "type": "number" + }, + "SessionPinningFilters": { + "items": { + "type": "string" + }, + "markdownDescription": "Each item in the list represents a class of SQL operations that normally cause all later statements in a session using a proxy to be pinned to the same underlying database connection. Including an item in the list exempts that class of SQL operations from the pinning behavior.\n\nDefault: no session pinning filters", + "title": "SessionPinningFilters", + "type": "array" } }, - "required": [ - "ComputationId" - ], "type": "object" }, - "AWS::QuickSight::Template.ValidationStrategy": { + "AWS::RDS::DBSecurityGroup": { "additionalProperties": false, "properties": { - "Mode": { - "markdownDescription": "The mode of validation for the asset to be created or updated. When you set this value to `STRICT` , strict validation for every error is enforced. When you set this value to `LENIENT` , validation is skipped for specific UI errors.", - "title": "Mode", + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DBSecurityGroupIngress": { + "items": { + "$ref": "#/definitions/AWS::RDS::DBSecurityGroup.Ingress" + }, + "markdownDescription": "Ingress rules to be applied to the DB security group.", + "title": "DBSecurityGroupIngress", + "type": "array" + }, + "EC2VpcId": { + "markdownDescription": "The identifier of an Amazon virtual private cloud (VPC). This property indicates the VPC that this DB security group belongs to.\n\n> This property is included for backwards compatibility and is no longer recommended for providing security information to an RDS DB instance.", + "title": "EC2VpcId", + "type": "string" + }, + "GroupDescription": { + "markdownDescription": "Provides the description of the DB security group.", + "title": "GroupDescription", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata assigned to an Amazon RDS resource consisting of a key-value pair.\n\nFor more information, see [Tagging Amazon RDS resources](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) in the *Amazon RDS User Guide* or [Tagging Amazon Aurora and Amazon RDS resources](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Tagging.html) in the *Amazon Aurora User Guide* .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "DBSecurityGroupIngress", + "GroupDescription" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RDS::DBSecurityGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Mode" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Template.VisibleRangeOptions": { + "AWS::RDS::DBSecurityGroup.Ingress": { "additionalProperties": false, "properties": { - "PercentRange": { - "$ref": "#/definitions/AWS::QuickSight::Template.PercentVisibleRange", - "markdownDescription": "The percent range in the visible range.", - "title": "PercentRange" + "CIDRIP": { + "markdownDescription": "The IP range to authorize.", + "title": "CIDRIP", + "type": "string" + }, + "EC2SecurityGroupId": { + "markdownDescription": "Id of the EC2 security group to authorize. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.", + "title": "EC2SecurityGroupId", + "type": "string" + }, + "EC2SecurityGroupName": { + "markdownDescription": "Name of the EC2 security group to authorize. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.", + "title": "EC2SecurityGroupName", + "type": "string" + }, + "EC2SecurityGroupOwnerId": { + "markdownDescription": "AWS account number of the owner of the EC2 security group specified in the `EC2SecurityGroupName` parameter. The AWS access key ID isn't an acceptable value. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.", + "title": "EC2SecurityGroupOwnerId", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.Visual": { + "AWS::RDS::DBSecurityGroupIngress": { "additionalProperties": false, "properties": { - "BarChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.BarChartVisual", - "markdownDescription": "A bar chart.\n\nFor more information, see [Using bar charts](https://docs.aws.amazon.com/quicksight/latest/user/bar-charts.html) in the *Amazon QuickSight User Guide* .", - "title": "BarChartVisual" - }, - "BoxPlotVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotVisual", - "markdownDescription": "A box plot.\n\nFor more information, see [Using box plots](https://docs.aws.amazon.com/quicksight/latest/user/box-plots.html) in the *Amazon QuickSight User Guide* .", - "title": "BoxPlotVisual" - }, - "ComboChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.ComboChartVisual", - "markdownDescription": "A combo chart.\n\nFor more information, see [Using combo charts](https://docs.aws.amazon.com/quicksight/latest/user/combo-charts.html) in the *Amazon QuickSight User Guide* .", - "title": "ComboChartVisual" - }, - "CustomContentVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.CustomContentVisual", - "markdownDescription": "A visual that contains custom content.\n\nFor more information, see [Using custom visual content](https://docs.aws.amazon.com/quicksight/latest/user/custom-visual-content.html) in the *Amazon QuickSight User Guide* .", - "title": "CustomContentVisual" - }, - "EmptyVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.EmptyVisual", - "markdownDescription": "An empty visual.", - "title": "EmptyVisual" - }, - "FilledMapVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapVisual", - "markdownDescription": "A filled map.\n\nFor more information, see [Creating filled maps](https://docs.aws.amazon.com/quicksight/latest/user/filled-maps.html) in the *Amazon QuickSight User Guide* .", - "title": "FilledMapVisual" - }, - "FunnelChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.FunnelChartVisual", - "markdownDescription": "A funnel chart.\n\nFor more information, see [Using funnel charts](https://docs.aws.amazon.com/quicksight/latest/user/funnel-visual-content.html) in the *Amazon QuickSight User Guide* .", - "title": "FunnelChartVisual" - }, - "GaugeChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartVisual", - "markdownDescription": "A gauge chart.\n\nFor more information, see [Using gauge charts](https://docs.aws.amazon.com/quicksight/latest/user/gauge-chart.html) in the *Amazon QuickSight User Guide* .", - "title": "GaugeChartVisual" - }, - "GeospatialMapVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialMapVisual", - "markdownDescription": "A geospatial map or a points on map visual.\n\nFor more information, see [Creating point maps](https://docs.aws.amazon.com/quicksight/latest/user/point-maps.html) in the *Amazon QuickSight User Guide* .", - "title": "GeospatialMapVisual" - }, - "HeatMapVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.HeatMapVisual", - "markdownDescription": "A heat map.\n\nFor more information, see [Using heat maps](https://docs.aws.amazon.com/quicksight/latest/user/heat-map.html) in the *Amazon QuickSight User Guide* .", - "title": "HeatMapVisual" - }, - "HistogramVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.HistogramVisual", - "markdownDescription": "A histogram.\n\nFor more information, see [Using histograms](https://docs.aws.amazon.com/quicksight/latest/user/histogram-charts.html) in the *Amazon QuickSight User Guide* .", - "title": "HistogramVisual" + "Condition": { + "type": "string" }, - "InsightVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.InsightVisual", - "markdownDescription": "An insight visual.\n\nFor more information, see [Working with insights](https://docs.aws.amazon.com/quicksight/latest/user/computational-insights.html) in the *Amazon QuickSight User Guide* .", - "title": "InsightVisual" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "KPIVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPIVisual", - "markdownDescription": "A key performance indicator (KPI).\n\nFor more information, see [Using KPIs](https://docs.aws.amazon.com/quicksight/latest/user/kpi.html) in the *Amazon QuickSight User Guide* .", - "title": "KPIVisual" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "LineChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineChartVisual", - "markdownDescription": "A line chart.\n\nFor more information, see [Using line charts](https://docs.aws.amazon.com/quicksight/latest/user/line-charts.html) in the *Amazon QuickSight User Guide* .", - "title": "LineChartVisual" + "Metadata": { + "type": "object" }, - "PieChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.PieChartVisual", - "markdownDescription": "A pie or donut chart.\n\nFor more information, see [Using pie charts](https://docs.aws.amazon.com/quicksight/latest/user/pie-chart.html) in the *Amazon QuickSight User Guide* .", - "title": "PieChartVisual" + "Properties": { + "additionalProperties": false, + "properties": { + "CIDRIP": { + "markdownDescription": "The IP range to authorize.", + "title": "CIDRIP", + "type": "string" + }, + "DBSecurityGroupName": { + "markdownDescription": "The name of the DB security group to add authorization to.", + "title": "DBSecurityGroupName", + "type": "string" + }, + "EC2SecurityGroupId": { + "markdownDescription": "Id of the EC2 security group to authorize. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.", + "title": "EC2SecurityGroupId", + "type": "string" + }, + "EC2SecurityGroupName": { + "markdownDescription": "Name of the EC2 security group to authorize. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.", + "title": "EC2SecurityGroupName", + "type": "string" + }, + "EC2SecurityGroupOwnerId": { + "markdownDescription": "AWS account number of the owner of the EC2 security group specified in the `EC2SecurityGroupName` parameter. The AWS access key ID isn't an acceptable value. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.", + "title": "EC2SecurityGroupOwnerId", + "type": "string" + } + }, + "required": [ + "DBSecurityGroupName" + ], + "type": "object" }, - "PivotTableVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableVisual", - "markdownDescription": "A pivot table.\n\nFor more information, see [Using pivot tables](https://docs.aws.amazon.com/quicksight/latest/user/pivot-table.html) in the *Amazon QuickSight User Guide* .", - "title": "PivotTableVisual" + "Type": { + "enum": [ + "AWS::RDS::DBSecurityGroupIngress" + ], + "type": "string" }, - "RadarChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartVisual", - "markdownDescription": "A radar chart visual.\n\nFor more information, see [Using radar charts](https://docs.aws.amazon.com/quicksight/latest/user/radar-chart.html) in the *Amazon QuickSight User Guide* .", - "title": "RadarChartVisual" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::RDS::DBShardGroup": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" }, - "SankeyDiagramVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.SankeyDiagramVisual", - "markdownDescription": "A sankey diagram.\n\nFor more information, see [Using Sankey diagrams](https://docs.aws.amazon.com/quicksight/latest/user/sankey-diagram.html) in the *Amazon QuickSight User Guide* .", - "title": "SankeyDiagramVisual" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ScatterPlotVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.ScatterPlotVisual", - "markdownDescription": "A scatter plot.\n\nFor more information, see [Using scatter plots](https://docs.aws.amazon.com/quicksight/latest/user/scatter-plot.html) in the *Amazon QuickSight User Guide* .", - "title": "ScatterPlotVisual" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "TableVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableVisual", - "markdownDescription": "A table visual.\n\nFor more information, see [Using tables as visuals](https://docs.aws.amazon.com/quicksight/latest/user/tabular.html) in the *Amazon QuickSight User Guide* .", - "title": "TableVisual" + "Metadata": { + "type": "object" }, - "TreeMapVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.TreeMapVisual", - "markdownDescription": "A tree map.\n\nFor more information, see [Using tree maps](https://docs.aws.amazon.com/quicksight/latest/user/tree-map.html) in the *Amazon QuickSight User Guide* .", - "title": "TreeMapVisual" + "Properties": { + "additionalProperties": false, + "properties": { + "ComputeRedundancy": { + "markdownDescription": "Specifies whether to create standby standby DB data access shard for the DB shard group. Valid values are the following:\n\n- 0 - Creates a DB shard group without a standby DB data access shard. This is the default value.\n- 1 - Creates a DB shard group with a standby DB data access shard in a different Availability Zone (AZ).\n- 2 - Creates a DB shard group with two standby DB data access shard in two different AZs.", + "title": "ComputeRedundancy", + "type": "number" + }, + "DBClusterIdentifier": { + "markdownDescription": "The name of the primary DB cluster for the DB shard group.", + "title": "DBClusterIdentifier", + "type": "string" + }, + "DBShardGroupIdentifier": { + "markdownDescription": "The name of the DB shard group.", + "title": "DBShardGroupIdentifier", + "type": "string" + }, + "MaxACU": { + "markdownDescription": "The maximum capacity of the DB shard group in Aurora capacity units (ACUs).", + "title": "MaxACU", + "type": "number" + }, + "MinACU": { + "markdownDescription": "The minimum capacity of the DB shard group in Aurora capacity units (ACUs).", + "title": "MinACU", + "type": "number" + }, + "PubliclyAccessible": { + "markdownDescription": "Specifies whether the DB shard group is publicly accessible.\n\nWhen the DB shard group is publicly accessible, its Domain Name System (DNS) endpoint resolves to the private IP address from within the DB shard group's virtual private cloud (VPC). It resolves to the public IP address from outside of the DB shard group's VPC. Access to the DB shard group is ultimately controlled by the security group it uses. That public access is not permitted if the security group assigned to the DB shard group doesn't permit it.\n\nWhen the DB shard group isn't publicly accessible, it is an internal DB shard group with a DNS name that resolves to a private IP address.\n\nDefault: The default behavior varies depending on whether `DBSubnetGroupName` is specified.\n\nIf `DBSubnetGroupName` isn't specified, and `PubliclyAccessible` isn't specified, the following applies:\n\n- If the default VPC in the target Region doesn\u2019t have an internet gateway attached to it, the DB shard group is private.\n- If the default VPC in the target Region has an internet gateway attached to it, the DB shard group is public.\n\nIf `DBSubnetGroupName` is specified, and `PubliclyAccessible` isn't specified, the following applies:\n\n- If the subnets are part of a VPC that doesn\u2019t have an internet gateway attached to it, the DB shard group is private.\n- If the subnets are part of a VPC that has an internet gateway attached to it, the DB shard group is public.", + "title": "PubliclyAccessible", + "type": "boolean" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An optional set of key-value pairs to associate arbitrary data of your choosing with the DB shard group.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "DBClusterIdentifier", + "MaxACU" + ], + "type": "object" }, - "WaterfallVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallVisual", - "markdownDescription": "A waterfall chart.\n\nFor more information, see [Using waterfall charts](https://docs.aws.amazon.com/quicksight/latest/user/waterfall-chart.html) in the *Amazon QuickSight User Guide* .", - "title": "WaterfallVisual" + "Type": { + "enum": [ + "AWS::RDS::DBShardGroup" + ], + "type": "string" }, - "WordCloudVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.WordCloudVisual", - "markdownDescription": "A word cloud.\n\nFor more information, see [Using word clouds](https://docs.aws.amazon.com/quicksight/latest/user/word-cloud.html) in the *Amazon QuickSight User Guide* .", - "title": "WordCloudVisual" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Template.VisualCustomAction": { + "AWS::RDS::DBSubnetGroup": { "additionalProperties": false, "properties": { - "ActionOperations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomActionOperation" - }, - "markdownDescription": "A list of `VisualCustomActionOperations` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", - "title": "ActionOperations", - "type": "array" - }, - "CustomActionId": { - "markdownDescription": "The ID of the `VisualCustomAction` .", - "title": "CustomActionId", + "Condition": { "type": "string" }, - "Name": { - "markdownDescription": "The name of the `VisualCustomAction` .", - "title": "Name", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Status": { - "markdownDescription": "The status of the `VisualCustomAction` .", - "title": "Status", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DBSubnetGroupDescription": { + "markdownDescription": "The description for the DB subnet group.", + "title": "DBSubnetGroupDescription", + "type": "string" + }, + "DBSubnetGroupName": { + "markdownDescription": "The name for the DB subnet group. This value is stored as a lowercase string.\n\nConstraints:\n\n- Must contain no more than 255 letters, numbers, periods, underscores, spaces, or hyphens.\n- Must not be default.\n- First character must be a letter.\n\nExample: `mydbsubnetgroup`", + "title": "DBSubnetGroupName", + "type": "string" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The EC2 Subnet IDs for the DB subnet group.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags to assign to the DB subnet group.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "DBSubnetGroupDescription", + "SubnetIds" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RDS::DBSubnetGroup" + ], "type": "string" }, - "Trigger": { - "markdownDescription": "The trigger of the `VisualCustomAction` .\n\nValid values are defined as follows:\n\n- `DATA_POINT_CLICK` : Initiates a custom action by a left pointer click on a data point.\n- `DATA_POINT_MENU` : Initiates a custom action by right pointer click from the menu.", - "title": "Trigger", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ActionOperations", - "CustomActionId", - "Name", - "Trigger" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Template.VisualCustomActionOperation": { + "AWS::RDS::EventSubscription": { "additionalProperties": false, "properties": { - "FilterOperation": { - "$ref": "#/definitions/AWS::QuickSight::Template.CustomActionFilterOperation", - "markdownDescription": "The filter operation that filters data included in a visual or in an entire sheet.", - "title": "FilterOperation" + "Condition": { + "type": "string" }, - "NavigationOperation": { - "$ref": "#/definitions/AWS::QuickSight::Template.CustomActionNavigationOperation", - "markdownDescription": "The navigation operation that navigates between different sheets in the same analysis.", - "title": "NavigationOperation" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "SetParametersOperation": { - "$ref": "#/definitions/AWS::QuickSight::Template.CustomActionSetParametersOperation", - "markdownDescription": "The set parameter operation that sets parameters in custom action.", - "title": "SetParametersOperation" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "URLOperation": { - "$ref": "#/definitions/AWS::QuickSight::Template.CustomActionURLOperation", - "markdownDescription": "The URL operation that opens a link to another webpage.", - "title": "URLOperation" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Specifies whether to activate the subscription. If the event notification subscription isn't activated, the subscription is created but not active.", + "title": "Enabled", + "type": "boolean" + }, + "EventCategories": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of event categories for a particular source type ( `SourceType` ) that you want to subscribe to. You can see a list of the categories for a given source type in the \"Amazon RDS event categories and event messages\" section of the [*Amazon RDS User Guide*](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Events.Messages.html) or the [*Amazon Aurora User Guide*](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Events.Messages.html) . You can also see this list by using the `DescribeEventCategories` operation.", + "title": "EventCategories", + "type": "array" + }, + "SnsTopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the SNS topic created for event notification. SNS automatically creates the ARN when you create a topic and subscribe to it.\n\n> RDS doesn't support FIFO (first in, first out) topics. For more information, see [Message ordering and deduplication (FIFO topics)](https://docs.aws.amazon.com/sns/latest/dg/sns-fifo-topics.html) in the *Amazon Simple Notification Service Developer Guide* .", + "title": "SnsTopicArn", + "type": "string" + }, + "SourceIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of identifiers of the event sources for which events are returned. If not specified, then all sources are included in the response. An identifier must begin with a letter and must contain only ASCII letters, digits, and hyphens. It can't end with a hyphen or contain two consecutive hyphens.\n\nConstraints:\n\n- If `SourceIds` are supplied, `SourceType` must also be provided.\n- If the source type is a DB instance, a `DBInstanceIdentifier` value must be supplied.\n- If the source type is a DB cluster, a `DBClusterIdentifier` value must be supplied.\n- If the source type is a DB parameter group, a `DBParameterGroupName` value must be supplied.\n- If the source type is a DB security group, a `DBSecurityGroupName` value must be supplied.\n- If the source type is a DB snapshot, a `DBSnapshotIdentifier` value must be supplied.\n- If the source type is a DB cluster snapshot, a `DBClusterSnapshotIdentifier` value must be supplied.\n- If the source type is an RDS Proxy, a `DBProxyName` value must be supplied.", + "title": "SourceIds", + "type": "array" + }, + "SourceType": { + "markdownDescription": "The type of source that is generating the events. For example, if you want to be notified of events generated by a DB instance, you set this parameter to `db-instance` . For RDS Proxy events, specify `db-proxy` . If this value isn't specified, all events are returned.\n\nValid Values: `db-instance | db-cluster | db-parameter-group | db-security-group | db-snapshot | db-cluster-snapshot | db-proxy | zero-etl | custom-engine-version | blue-green-deployment`", + "title": "SourceType", + "type": "string" + }, + "SubscriptionName": { + "markdownDescription": "The name of the subscription.\n\nConstraints: The name must be less than 255 characters.", + "title": "SubscriptionName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An optional array of key-value pairs to apply to this subscription.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "SnsTopicArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RDS::EventSubscription" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Template.VisualPalette": { + "AWS::RDS::GlobalCluster": { "additionalProperties": false, "properties": { - "ChartColor": { - "markdownDescription": "The chart color options for the visual palette.", - "title": "ChartColor", + "Condition": { "type": "string" }, - "ColorMap": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataPathColor" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DeletionProtection": { + "markdownDescription": "Specifies whether to enable deletion protection for the new global database cluster. The global database can't be deleted when deletion protection is enabled.", + "title": "DeletionProtection", + "type": "boolean" + }, + "Engine": { + "markdownDescription": "The database engine to use for this global database cluster.\n\nValid Values: `aurora-mysql | aurora-postgresql`\n\nConstraints:\n\n- Can't be specified if `SourceDBClusterIdentifier` is specified. In this case, Amazon Aurora uses the engine of the source DB cluster.", + "title": "Engine", + "type": "string" + }, + "EngineLifecycleSupport": { + "markdownDescription": "The life cycle type for this global database cluster.\n\n> By default, this value is set to `open-source-rds-extended-support` , which enrolls your global cluster into Amazon RDS Extended Support. At the end of standard support, you can avoid charges for Extended Support by setting the value to `open-source-rds-extended-support-disabled` . In this case, creating the global cluster will fail if the DB major version is past its end of standard support date. \n\nThis setting only applies to Aurora PostgreSQL-based global databases.\n\nYou can use this setting to enroll your global cluster into Amazon RDS Extended Support. With RDS Extended Support, you can run the selected major engine version on your global cluster past the end of standard support for that engine version. For more information, see [Amazon RDS Extended Support with Amazon Aurora](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/extended-support.html) in the *Amazon Aurora User Guide* .\n\nValid Values: `open-source-rds-extended-support | open-source-rds-extended-support-disabled`\n\nDefault: `open-source-rds-extended-support`", + "title": "EngineLifecycleSupport", + "type": "string" + }, + "EngineVersion": { + "markdownDescription": "The engine version to use for this global database cluster.\n\nConstraints:\n\n- Can't be specified if `SourceDBClusterIdentifier` is specified. In this case, Amazon Aurora uses the engine version of the source DB cluster.", + "title": "EngineVersion", + "type": "string" + }, + "GlobalClusterIdentifier": { + "markdownDescription": "The cluster identifier for this global database cluster. This parameter is stored as a lowercase string.", + "title": "GlobalClusterIdentifier", + "type": "string" + }, + "SourceDBClusterIdentifier": { + "markdownDescription": "The Amazon Resource Name (ARN) to use as the primary cluster of the global database.\n\nIf you provide a value for this parameter, don't specify values for the following settings because Amazon Aurora uses the values from the specified source DB cluster:\n\n- `DatabaseName`\n- `Engine`\n- `EngineVersion`\n- `StorageEncrypted`", + "title": "SourceDBClusterIdentifier", + "type": "string" + }, + "StorageEncrypted": { + "markdownDescription": "Specifies whether to enable storage encryption for the new global database cluster.\n\nConstraints:\n\n- Can't be specified if `SourceDBClusterIdentifier` is specified. In this case, Amazon Aurora uses the setting from the source DB cluster.", + "title": "StorageEncrypted", + "type": "boolean" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata assigned to an Amazon RDS resource consisting of a key-value pair.\n\nFor more information, see [Tagging Amazon RDS resources](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) in the *Amazon RDS User Guide* or [Tagging Amazon Aurora and Amazon RDS resources](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Tagging.html) in the *Amazon Aurora User Guide* .", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The color map options for the visual palette.", - "title": "ColorMap", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.VisualSubtitleLabelOptions": { - "additionalProperties": false, - "properties": { - "FormatText": { - "$ref": "#/definitions/AWS::QuickSight::Template.LongFormatText", - "markdownDescription": "The long text format of the subtitle label, such as plain text or rich text.", - "title": "FormatText" + "type": "object" }, - "Visibility": { - "markdownDescription": "The visibility of the subtitle label.", - "title": "Visibility", + "Type": { + "enum": [ + "AWS::RDS::GlobalCluster" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.VisualTitleLabelOptions": { - "additionalProperties": false, - "properties": { - "FormatText": { - "$ref": "#/definitions/AWS::QuickSight::Template.ShortFormatText", - "markdownDescription": "The short text format of the title label, such as plain text or rich text.", - "title": "FormatText" }, - "Visibility": { - "markdownDescription": "The visibility of the title label.", - "title": "Visibility", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::QuickSight::Template.WaterfallChartAggregatedFieldWells": { + "AWS::RDS::GlobalCluster.GlobalEndpoint": { "additionalProperties": false, "properties": { - "Breakdowns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The breakdown field wells of a waterfall visual.", - "title": "Breakdowns", - "type": "array" - }, - "Categories": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The category field wells of a waterfall visual.", - "title": "Categories", - "type": "array" - }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" - }, - "markdownDescription": "The value field wells of a waterfall visual.", - "title": "Values", - "type": "array" + "Address": { + "markdownDescription": "The writer endpoint for the new global database cluster. This endpoint always points to the writer DB instance in the current primary cluster.", + "title": "Address", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.WaterfallChartConfiguration": { + "AWS::RDS::Integration": { "additionalProperties": false, "properties": { - "CategoryAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the category axis.", - "title": "CategoryAxisDisplayOptions" - }, - "CategoryAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the category axis label.", - "title": "CategoryAxisLabelOptions" - }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", - "markdownDescription": "The data label configuration of a waterfall visual.", - "title": "DataLabels" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallChartFieldWells", - "markdownDescription": "The field well configuration of a waterfall visual.", - "title": "FieldWells" + "Condition": { + "type": "string" }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", - "markdownDescription": "The legend configuration of a waterfall visual.", - "title": "Legend" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "PrimaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the y-axis.", - "title": "PrimaryYAxisDisplayOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "PrimaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the y-axis label.", - "title": "PrimaryYAxisLabelOptions" + "Metadata": { + "type": "object" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallChartSortConfiguration", - "markdownDescription": "The sort configuration of a waterfall visual.", - "title": "SortConfiguration" + "Properties": { + "additionalProperties": false, + "properties": { + "AdditionalEncryptionContext": { + "additionalProperties": true, + "markdownDescription": "An optional set of non-secret key\u2013value pairs that contains additional contextual information about the data. For more information, see [Encryption context](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context) in the *AWS Key Management Service Developer Guide* .\n\nYou can only include this parameter if you specify the `KMSKeyId` parameter.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AdditionalEncryptionContext", + "type": "object" + }, + "DataFilter": { + "markdownDescription": "Data filters for the integration. These filters determine which tables from the source database are sent to the target Amazon Redshift data warehouse.", + "title": "DataFilter", + "type": "string" + }, + "Description": { + "markdownDescription": "A description of the integration.", + "title": "Description", + "type": "string" + }, + "IntegrationName": { + "markdownDescription": "The name of the integration.", + "title": "IntegrationName", + "type": "string" + }, + "KMSKeyId": { + "markdownDescription": "The AWS Key Management System ( AWS KMS) key identifier for the key to use to encrypt the integration. If you don't specify an encryption key, RDS uses a default AWS owned key.", + "title": "KMSKeyId", + "type": "string" + }, + "SourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the database to use as the source for replication.", + "title": "SourceArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An optional array of key-value pairs to apply to this integration.", + "title": "Tags", + "type": "array" + }, + "TargetArn": { + "markdownDescription": "The ARN of the Redshift data warehouse to use as the target for replication.", + "title": "TargetArn", + "type": "string" + } + }, + "required": [ + "SourceArn", + "TargetArn" + ], + "type": "object" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", - "markdownDescription": "The visual palette configuration of a waterfall visual.", - "title": "VisualPalette" + "Type": { + "enum": [ + "AWS::RDS::Integration" + ], + "type": "string" }, - "WaterfallChartOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallChartOptions", - "markdownDescription": "The options that determine the presentation of a waterfall visual.", - "title": "WaterfallChartOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.WaterfallChartFieldWells": { - "additionalProperties": false, - "properties": { - "WaterfallChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallChartAggregatedFieldWells", - "markdownDescription": "The field well configuration of a waterfall visual.", - "title": "WaterfallChartAggregatedFieldWells" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.WaterfallChartOptions": { - "additionalProperties": false, - "properties": { - "TotalBarLabel": { - "markdownDescription": "This option determines the total bar label of a waterfall visual.", - "title": "TotalBarLabel", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Template.WaterfallChartSortConfiguration": { + "AWS::RDS::OptionGroup": { "additionalProperties": false, "properties": { - "BreakdownItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of bar groups that are displayed.", - "title": "BreakdownItemsLimit" + "Condition": { + "type": "string" }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "EngineName": { + "markdownDescription": "Specifies the name of the engine that this option group should be associated with.\n\nValid Values:\n\n- `mariadb`\n- `mysql`\n- `oracle-ee`\n- `oracle-ee-cdb`\n- `oracle-se2`\n- `oracle-se2-cdb`\n- `postgres`\n- `sqlserver-ee`\n- `sqlserver-se`\n- `sqlserver-ex`\n- `sqlserver-web`", + "title": "EngineName", + "type": "string" + }, + "MajorEngineVersion": { + "markdownDescription": "Specifies the major version of the engine that this option group should be associated with.", + "title": "MajorEngineVersion", + "type": "string" + }, + "OptionConfigurations": { + "items": { + "$ref": "#/definitions/AWS::RDS::OptionGroup.OptionConfiguration" + }, + "markdownDescription": "A list of all available options for an option group.", + "title": "OptionConfigurations", + "type": "array" + }, + "OptionGroupDescription": { + "markdownDescription": "The description of the option group.", + "title": "OptionGroupDescription", + "type": "string" + }, + "OptionGroupName": { + "markdownDescription": "The name of the option group to be created.\n\nConstraints:\n\n- Must be 1 to 255 letters, numbers, or hyphens\n- First character must be a letter\n- Can't end with a hyphen or contain two consecutive hyphens\n\nExample: `myoptiongroup`\n\nIf you don't specify a value for `OptionGroupName` property, a name is automatically created for the option group.\n\n> This value is stored as a lowercase string.", + "title": "OptionGroupName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags to assign to the option group.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The sort configuration of the category fields.", - "title": "CategorySort", - "type": "array" + "required": [ + "EngineName", + "MajorEngineVersion", + "OptionGroupDescription" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RDS::OptionGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Template.WaterfallVisual": { + "AWS::RDS::OptionGroup.OptionConfiguration": { "additionalProperties": false, "properties": { - "Actions": { + "DBSecurityGroupMemberships": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + "type": "string" }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", + "markdownDescription": "A list of DB security groups used for this option.", + "title": "DBSecurityGroupMemberships", "type": "array" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallChartConfiguration", - "markdownDescription": "The configuration for a waterfall visual.", - "title": "ChartConfiguration" + "OptionName": { + "markdownDescription": "The configuration of options to include in a group.", + "title": "OptionName", + "type": "string" }, - "ColumnHierarchies": { + "OptionSettings": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + "$ref": "#/definitions/AWS::RDS::OptionGroup.OptionSetting" }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", + "markdownDescription": "The option settings to include in an option group.", + "title": "OptionSettings", "type": "array" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "OptionVersion": { + "markdownDescription": "The version for the option.", + "title": "OptionVersion", + "type": "string" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Port": { + "markdownDescription": "The optional port for the option.", + "title": "Port", + "type": "number" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", - "type": "string" + "VpcSecurityGroupMemberships": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of VPC security group names used for this option.", + "title": "VpcSecurityGroupMemberships", + "type": "array" } }, "required": [ - "VisualId" + "OptionName" ], "type": "object" }, - "AWS::QuickSight::Template.WhatIfPointScenario": { + "AWS::RDS::OptionGroup.OptionSetting": { "additionalProperties": false, "properties": { - "Date": { - "markdownDescription": "The date that you need the forecast results for.", - "title": "Date", + "Name": { + "markdownDescription": "The name of the option that has settings that you can set.", + "title": "Name", "type": "string" }, "Value": { - "markdownDescription": "The target value that you want to meet for the provided date.", + "markdownDescription": "The current value of the option setting.", "title": "Value", - "type": "number" + "type": "string" } }, - "required": [ - "Date", - "Value" - ], "type": "object" }, - "AWS::QuickSight::Template.WhatIfRangeScenario": { + "AWS::RUM::AppMonitor": { "additionalProperties": false, "properties": { - "EndDate": { - "markdownDescription": "The end date in the date range that you need the forecast results for.", - "title": "EndDate", + "Condition": { "type": "string" }, - "StartDate": { - "markdownDescription": "The start date in the date range that you need the forecast results for.", - "title": "StartDate", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Value": { - "markdownDescription": "The target value that you want to meet for the provided date range.", - "title": "Value", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AppMonitorConfiguration": { + "$ref": "#/definitions/AWS::RUM::AppMonitor.AppMonitorConfiguration", + "markdownDescription": "A structure that contains much of the configuration data for the app monitor. If you are using Amazon Cognito for authorization, you must include this structure in your request, and it must include the ID of the Amazon Cognito identity pool to use for authorization. If you don't include `AppMonitorConfiguration` , you must set up your own authorization method. For more information, see [Authorize your application to send data to AWS](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-RUM-get-started-authorization.html) .\n\nIf you omit this argument, the sample rate used for CloudWatch RUM is set to 10% of the user sessions.", + "title": "AppMonitorConfiguration" + }, + "CustomEvents": { + "$ref": "#/definitions/AWS::RUM::AppMonitor.CustomEvents", + "markdownDescription": "Specifies whether this app monitor allows the web client to define and send custom events. If you omit this parameter, custom events are `DISABLED` .", + "title": "CustomEvents" + }, + "CwLogEnabled": { + "markdownDescription": "Data collected by CloudWatch RUM is kept by RUM for 30 days and then deleted. This parameter specifies whether CloudWatch RUM sends a copy of this telemetry data to Amazon CloudWatch Logs in your account. This enables you to keep the telemetry data for more than 30 days, but it does incur Amazon CloudWatch Logs charges.\n\nIf you omit this parameter, the default is `false` .", + "title": "CwLogEnabled", + "type": "boolean" + }, + "DeobfuscationConfiguration": { + "$ref": "#/definitions/AWS::RUM::AppMonitor.DeobfuscationConfiguration", + "markdownDescription": "A structure that contains the configuration for how an app monitor can deobfuscate stack traces.", + "title": "DeobfuscationConfiguration" + }, + "Domain": { + "markdownDescription": "The top-level internet domain name for which your application has administrative authority. This parameter or the `DomainList` parameter is required.", + "title": "Domain", + "type": "string" + }, + "DomainList": { + "items": { + "type": "string" + }, + "markdownDescription": "List the domain names for which your application has administrative authority. This parameter or the `Domain` parameter is required.\n\nYou can have a minimum of 1 and a maximum of 5 `Domain` under `DomainList` . Each `Domain` must be a minimum length of 1 and a maximum of 253 characters.", + "title": "DomainList", + "type": "array" + }, + "Name": { + "markdownDescription": "A name for the app monitor. This parameter is required.", + "title": "Name", + "type": "string" + }, + "ResourcePolicy": { + "$ref": "#/definitions/AWS::RUM::AppMonitor.ResourcePolicy", + "markdownDescription": "Use this structure to assign a resource-based policy to a CloudWatch RUM app monitor to control access to it. Each app monitor can have one resource-based policy. The maximum size of the policy is 4 KB. To learn more about using resource policies with RUM, see [Using resource-based policies with CloudWatch RUM](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-RUM-resource-policies.html) .", + "title": "ResourcePolicy" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Assigns one or more tags (key-value pairs) to the app monitor.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with an app monitor.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RUM::AppMonitor" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "EndDate", - "StartDate", - "Value" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Template.WordCloudAggregatedFieldWells": { + "AWS::RUM::AppMonitor.AppMonitorConfiguration": { "additionalProperties": false, "properties": { - "GroupBy": { + "AllowCookies": { + "markdownDescription": "If you set this to `true` , the CloudWatch RUM web client sets two cookies, a session cookie and a user cookie. The cookies allow the CloudWatch RUM web client to collect data relating to the number of users an application has and the behavior of the application across a sequence of events. Cookies are stored in the top-level domain of the current page.", + "title": "AllowCookies", + "type": "boolean" + }, + "EnableXRay": { + "markdownDescription": "If you set this to `true` , CloudWatch RUM sends client-side traces to X-Ray for each sampled session. You can then see traces and segments from these user sessions in the RUM dashboard and the CloudWatch ServiceLens console. For more information, see [What is AWS X-Ray ?](https://docs.aws.amazon.com/xray/latest/devguide/aws-xray.html)", + "title": "EnableXRay", + "type": "boolean" + }, + "ExcludedPages": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "type": "string" }, - "markdownDescription": "The group by field well of a word cloud. Values are grouped by group by fields.", - "title": "GroupBy", + "markdownDescription": "A list of URLs in your website or application to exclude from RUM data collection.\n\nYou can't include both `ExcludedPages` and `IncludedPages` in the same app monitor.", + "title": "ExcludedPages", "type": "array" }, - "Size": { + "FavoritePages": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "type": "string" }, - "markdownDescription": "The size field well of a word cloud. Values are aggregated based on group by fields.", - "title": "Size", + "markdownDescription": "A list of pages in your application that are to be displayed with a \"favorite\" icon in the CloudWatch RUM console.", + "title": "FavoritePages", + "type": "array" + }, + "GuestRoleArn": { + "markdownDescription": "The ARN of the guest IAM role that is attached to the Amazon Cognito identity pool that is used to authorize the sending of data to CloudWatch RUM.", + "title": "GuestRoleArn", + "type": "string" + }, + "IdentityPoolId": { + "markdownDescription": "The ID of the Amazon Cognito identity pool that is used to authorize the sending of data to CloudWatch RUM.", + "title": "IdentityPoolId", + "type": "string" + }, + "IncludedPages": { + "items": { + "type": "string" + }, + "markdownDescription": "If this app monitor is to collect data from only certain pages in your application, this structure lists those pages.\n\nYou can't include both `ExcludedPages` and `IncludedPages` in the same app monitor.", + "title": "IncludedPages", + "type": "array" + }, + "MetricDestinations": { + "items": { + "$ref": "#/definitions/AWS::RUM::AppMonitor.MetricDestination" + }, + "markdownDescription": "An array of structures that each define a destination that this app monitor will send extended metrics to.", + "title": "MetricDestinations", + "type": "array" + }, + "SessionSampleRate": { + "markdownDescription": "Specifies the portion of user sessions to use for CloudWatch RUM data collection. Choosing a higher portion gives you more data but also incurs more costs.\n\nThe range for this value is 0 to 1 inclusive. Setting this to 1 means that 100% of user sessions are sampled, and setting it to 0.1 means that 10% of user sessions are sampled.\n\nIf you omit this parameter, the default of 0.1 is used, and 10% of sessions will be sampled.", + "title": "SessionSampleRate", + "type": "number" + }, + "Telemetries": { + "items": { + "type": "string" + }, + "markdownDescription": "An array that lists the types of telemetry data that this app monitor is to collect.\n\n- `errors` indicates that RUM collects data about unhandled JavaScript errors raised by your application.\n- `performance` indicates that RUM collects performance data about how your application and its resources are loaded and rendered. This includes Core Web Vitals.\n- `http` indicates that RUM collects data about HTTP errors thrown by your application.", + "title": "Telemetries", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.WordCloudChartConfiguration": { + "AWS::RUM::AppMonitor.CustomEvents": { "additionalProperties": false, "properties": { - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) for the word cloud category.", - "title": "CategoryLabelOptions" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.WordCloudFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.WordCloudSortConfiguration", - "markdownDescription": "The sort configuration of a word cloud visual.", - "title": "SortConfiguration" - }, - "WordCloudOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.WordCloudOptions", - "markdownDescription": "The options for a word cloud visual.", - "title": "WordCloudOptions" + "Status": { + "markdownDescription": "Set this to `ENABLED` to allow the web client to send custom events for this app monitor.\n\nValid values are `ENABLED` and `DISABLED` .", + "title": "Status", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.WordCloudFieldWells": { + "AWS::RUM::AppMonitor.DeobfuscationConfiguration": { "additionalProperties": false, "properties": { - "WordCloudAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.WordCloudAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a word cloud.", - "title": "WordCloudAggregatedFieldWells" + "JavaScriptSourceMaps": { + "$ref": "#/definitions/AWS::RUM::AppMonitor.JavaScriptSourceMaps", + "markdownDescription": "A structure that contains the configuration for how an app monitor can unminify JavaScript error stack traces using source maps.", + "title": "JavaScriptSourceMaps" } }, "type": "object" }, - "AWS::QuickSight::Template.WordCloudOptions": { + "AWS::RUM::AppMonitor.JavaScriptSourceMaps": { "additionalProperties": false, "properties": { - "CloudLayout": { - "markdownDescription": "The cloud layout options (fluid, normal) of a word cloud.", - "title": "CloudLayout", + "S3Uri": { + "markdownDescription": "The S3Uri of the bucket or folder that stores the source map files. It is required if status is ENABLED.", + "title": "S3Uri", "type": "string" }, - "MaximumStringLength": { - "markdownDescription": "The length limit of each word from 1-100.", - "title": "MaximumStringLength", - "type": "number" + "Status": { + "markdownDescription": "Specifies whether JavaScript error stack traces should be unminified for this app monitor. The default is for JavaScript error stack trace unminification to be `DISABLED` .", + "title": "Status", + "type": "string" + } + }, + "required": [ + "Status" + ], + "type": "object" + }, + "AWS::RUM::AppMonitor.MetricDefinition": { + "additionalProperties": false, + "properties": { + "DimensionKeys": { + "additionalProperties": true, + "markdownDescription": "This field is a map of field paths to dimension names. It defines the dimensions to associate with this metric in CloudWatch . The value of this field is used only if the metric destination is `CloudWatch` . If the metric destination is `Evidently` , the value of `DimensionKeys` is ignored.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "DimensionKeys", + "type": "object" }, - "WordCasing": { - "markdownDescription": "The word casing options (lower_case, existing_case) for the words in a word cloud.", - "title": "WordCasing", + "EventPattern": { + "markdownDescription": "The pattern that defines the metric. RUM checks events that happen in a user's session against the pattern, and events that match the pattern are sent to the metric destination.\n\nIf the metrics destination is `CloudWatch` and the event also matches a value in `DimensionKeys` , then the metric is published with the specified dimensions.", + "title": "EventPattern", "type": "string" }, - "WordOrientation": { - "markdownDescription": "The word orientation options (horizontal, horizontal_and_vertical) for the words in a word cloud.", - "title": "WordOrientation", + "Name": { + "markdownDescription": "The name of the metric that is defined in this structure.", + "title": "Name", "type": "string" }, - "WordPadding": { - "markdownDescription": "The word padding options (none, small, medium, large) for the words in a word cloud.", - "title": "WordPadding", + "Namespace": { + "markdownDescription": "If you are creating a custom metric instead of an extended metrics, use this parameter to define the metric namespace for that custom metric. Do not specify this parameter if you are creating an extended metric.\n\nYou can't use any string that starts with `AWS/` for your namespace.", + "title": "Namespace", "type": "string" }, - "WordScaling": { - "markdownDescription": "The word scaling options (emphasize, normal) for the words in a word cloud.", - "title": "WordScaling", + "UnitLabel": { + "markdownDescription": "Use this field only if you are sending this metric to CloudWatch . It defines the CloudWatch metric unit that this metric is measured in.", + "title": "UnitLabel", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.WordCloudSortConfiguration": { - "additionalProperties": false, - "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of groups that are displayed in a word cloud.", - "title": "CategoryItemsLimit" }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of group by fields.", - "title": "CategorySort", - "type": "array" + "ValueKey": { + "markdownDescription": "The field within the event object that the metric value is sourced from.", + "title": "ValueKey", + "type": "string" } }, + "required": [ + "Name" + ], "type": "object" }, - "AWS::QuickSight::Template.WordCloudVisual": { + "AWS::RUM::AppMonitor.MetricDestination": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Destination": { + "markdownDescription": "Defines the destination to send the metrics to. Valid values are `CloudWatch` and `Evidently` . If you specify `Evidently` , you must also specify the ARN of the CloudWatch Evidently experiment that is to be the destination and an IAM role that has permission to write to the experiment.", + "title": "Destination", + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.WordCloudChartConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "DestinationArn": { + "markdownDescription": "Use this parameter only if `Destination` is `Evidently` . This parameter specifies the ARN of the Evidently experiment that will receive the extended metrics.", + "title": "DestinationArn", + "type": "string" }, - "ColumnHierarchies": { + "IamRoleArn": { + "markdownDescription": "This parameter is required if `Destination` is `Evidently` . If `Destination` is `CloudWatch` , do not use this parameter.\n\nThis parameter specifies the ARN of an IAM role that RUM will assume to write to the Evidently experiment that you are sending metrics to. This role must have permission to write to that experiment.", + "title": "IamRoleArn", + "type": "string" + }, + "MetricDefinitions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + "$ref": "#/definitions/AWS::RUM::AppMonitor.MetricDefinition" }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", + "markdownDescription": "An array of structures which define the metrics that you want to send.", + "title": "MetricDefinitions", "type": "array" + } + }, + "required": [ + "Destination" + ], + "type": "object" + }, + "AWS::RUM::AppMonitor.ResourcePolicy": { + "additionalProperties": false, + "properties": { + "PolicyDocument": { + "markdownDescription": "The JSON to use as the resource policy. The document can be up to 4 KB in size. For more information about the contents and syntax for this policy, see [Using resource-based policies with CloudWatch RUM](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-RUM-resource-policies.html) .", + "title": "PolicyDocument", + "type": "string" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" - }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "PolicyRevisionId": { + "markdownDescription": "A string value that you can use to conditionally update your policy. You can provide the revision ID of your existing policy to make mutating requests against that policy.\n\nWhen you assign a policy revision ID, then later requests about that policy will be rejected with an `InvalidPolicyRevisionIdException` error if they don't provide the correct current revision ID.", + "title": "PolicyRevisionId", "type": "string" } }, "required": [ - "VisualId" + "PolicyDocument" ], "type": "object" }, - "AWS::QuickSight::Theme": { + "AWS::Rbin::Rule": { "additionalProperties": false, "properties": { "Condition": { @@ -222486,65 +269175,65 @@ "Properties": { "additionalProperties": false, "properties": { - "AwsAccountId": { - "markdownDescription": "The ID of the AWS account where you want to store the new theme.", - "title": "AwsAccountId", - "type": "string" - }, - "BaseThemeId": { - "markdownDescription": "The ID of the theme that a custom theme will inherit from. All themes inherit from one of the starting themes defined by Amazon QuickSight. For a list of the starting themes, use `ListThemes` or choose *Themes* from within an analysis.", - "title": "BaseThemeId", + "Description": { + "markdownDescription": "The retention rule description.", + "title": "Description", "type": "string" }, - "Configuration": { - "$ref": "#/definitions/AWS::QuickSight::Theme.ThemeConfiguration", - "markdownDescription": "The theme configuration, which contains the theme display properties.", - "title": "Configuration" + "ExcludeResourceTags": { + "items": { + "$ref": "#/definitions/AWS::Rbin::Rule.ResourceTag" + }, + "markdownDescription": "[Region-level retention rules only] Specifies the exclusion tags to use to identify resources that are to be excluded, or ignored, by a Region-level retention rule. Resources that have any of these tags are not retained by the retention rule upon deletion.\n\nYou can't specify exclusion tags for tag-level retention rules.", + "title": "ExcludeResourceTags", + "type": "array" }, - "Name": { - "markdownDescription": "A display name for the theme.", - "title": "Name", - "type": "string" + "LockConfiguration": { + "$ref": "#/definitions/AWS::Rbin::Rule.UnlockDelay", + "markdownDescription": "Information about the retention rule lock configuration.", + "title": "LockConfiguration" }, - "Permissions": { + "ResourceTags": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Theme.ResourcePermission" + "$ref": "#/definitions/AWS::Rbin::Rule.ResourceTag" }, - "markdownDescription": "A valid grouping of resource permissions to apply to the new theme.", - "title": "Permissions", + "markdownDescription": "[Tag-level retention rules only] Specifies the resource tags to use to identify resources that are to be retained by a tag-level retention rule. For tag-level retention rules, only deleted resources, of the specified resource type, that have one or more of the specified tag key and value pairs are retained. If a resource is deleted, but it does not have any of the specified tag key and value pairs, it is immediately deleted without being retained by the retention rule.\n\nYou can add the same tag key and value pair to a maximum or five retention rules.\n\nTo create a Region-level retention rule, omit this parameter. A Region-level retention rule does not have any resource tags specified. It retains all deleted resources of the specified resource type in the Region in which the rule is created, even if the resources are not tagged.", + "title": "ResourceTags", "type": "array" }, + "ResourceType": { + "markdownDescription": "The resource type to be retained by the retention rule. Currently, only Amazon EBS snapshots and EBS-backed AMIs are supported. To retain snapshots, specify `EBS_SNAPSHOT` . To retain EBS-backed AMIs, specify `EC2_IMAGE` .", + "title": "ResourceType", + "type": "string" + }, + "RetentionPeriod": { + "$ref": "#/definitions/AWS::Rbin::Rule.RetentionPeriod", + "markdownDescription": "Information about the retention period for which the retention rule is to retain resources.", + "title": "RetentionPeriod" + }, + "Status": { + "markdownDescription": "The state of the retention rule. Only retention rules that are in the `available` state retain resources.", + "title": "Status", + "type": "string" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A map of the key-value pairs for the resource tag or tags that you want to add to the resource.", + "markdownDescription": "Information about the tags to assign to the retention rule.", "title": "Tags", "type": "array" - }, - "ThemeId": { - "markdownDescription": "An ID for the theme that you want to create. The theme ID is unique per AWS Region in each AWS account.", - "title": "ThemeId", - "type": "string" - }, - "VersionDescription": { - "markdownDescription": "A description of the first version of the theme that you're creating. Every time `UpdateTheme` is called, a new version is created. Each version of the theme has a description of the version in the `VersionDescription` field.", - "title": "VersionDescription", - "type": "string" } }, "required": [ - "AwsAccountId", - "BaseThemeId", - "Configuration", - "Name", - "ThemeId" + "ResourceType", + "RetentionPeriod" ], "type": "object" }, "Type": { "enum": [ - "AWS::QuickSight::Theme" + "AWS::Rbin::Rule" ], "type": "string" }, @@ -222563,335 +269252,63 @@ ], "type": "object" }, - "AWS::QuickSight::Theme.BorderStyle": { - "additionalProperties": false, - "properties": { - "Show": { - "markdownDescription": "The option to enable display of borders for visuals.", - "title": "Show", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::QuickSight::Theme.DataColorPalette": { - "additionalProperties": false, - "properties": { - "Colors": { - "items": { - "type": "string" - }, - "markdownDescription": "The hexadecimal codes for the colors.", - "title": "Colors", - "type": "array" - }, - "EmptyFillColor": { - "markdownDescription": "The hexadecimal code of a color that applies to charts where a lack of data is highlighted.", - "title": "EmptyFillColor", - "type": "string" - }, - "MinMaxGradient": { - "items": { - "type": "string" - }, - "markdownDescription": "The minimum and maximum hexadecimal codes that describe a color gradient.", - "title": "MinMaxGradient", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Theme.Font": { + "AWS::Rbin::Rule.ResourceTag": { "additionalProperties": false, "properties": { - "FontFamily": { - "markdownDescription": "Determines the font family settings.", - "title": "FontFamily", + "ResourceTagKey": { + "markdownDescription": "The tag key.", + "title": "ResourceTagKey", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Theme.GutterStyle": { - "additionalProperties": false, - "properties": { - "Show": { - "markdownDescription": "This Boolean value controls whether to display a gutter space between sheet tiles.", - "title": "Show", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::QuickSight::Theme.MarginStyle": { - "additionalProperties": false, - "properties": { - "Show": { - "markdownDescription": "This Boolean value controls whether to display sheet margins.", - "title": "Show", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::QuickSight::Theme.ResourcePermission": { - "additionalProperties": false, - "properties": { - "Actions": { - "items": { - "type": "string" - }, - "markdownDescription": "The IAM action to grant or revoke permissions on.", - "title": "Actions", - "type": "array" }, - "Principal": { - "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", - "title": "Principal", + "ResourceTagValue": { + "markdownDescription": "The tag value.", + "title": "ResourceTagValue", "type": "string" } }, "required": [ - "Actions", - "Principal" + "ResourceTagKey", + "ResourceTagValue" ], "type": "object" }, - "AWS::QuickSight::Theme.SheetStyle": { - "additionalProperties": false, - "properties": { - "Tile": { - "$ref": "#/definitions/AWS::QuickSight::Theme.TileStyle", - "markdownDescription": "The display options for tiles.", - "title": "Tile" - }, - "TileLayout": { - "$ref": "#/definitions/AWS::QuickSight::Theme.TileLayoutStyle", - "markdownDescription": "The layout options for tiles.", - "title": "TileLayout" - } - }, - "type": "object" - }, - "AWS::QuickSight::Theme.ThemeConfiguration": { - "additionalProperties": false, - "properties": { - "DataColorPalette": { - "$ref": "#/definitions/AWS::QuickSight::Theme.DataColorPalette", - "markdownDescription": "Color properties that apply to chart data colors.", - "title": "DataColorPalette" - }, - "Sheet": { - "$ref": "#/definitions/AWS::QuickSight::Theme.SheetStyle", - "markdownDescription": "Display options related to sheets.", - "title": "Sheet" - }, - "Typography": { - "$ref": "#/definitions/AWS::QuickSight::Theme.Typography", - "markdownDescription": "Determines the typography options.", - "title": "Typography" - }, - "UIColorPalette": { - "$ref": "#/definitions/AWS::QuickSight::Theme.UIColorPalette", - "markdownDescription": "Color properties that apply to the UI and to charts, excluding the colors that apply to data.", - "title": "UIColorPalette" - } - }, - "type": "object" - }, - "AWS::QuickSight::Theme.ThemeError": { - "additionalProperties": false, - "properties": { - "Message": { - "markdownDescription": "The error message.", - "title": "Message", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of error.", - "title": "Type", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Theme.ThemeVersion": { + "AWS::Rbin::Rule.RetentionPeriod": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", - "title": "Arn", - "type": "string" - }, - "BaseThemeId": { - "markdownDescription": "The Amazon QuickSight-defined ID of the theme that a custom theme inherits from. All themes initially inherit from a default Amazon QuickSight theme.", - "title": "BaseThemeId", - "type": "string" - }, - "Configuration": { - "$ref": "#/definitions/AWS::QuickSight::Theme.ThemeConfiguration", - "markdownDescription": "The theme configuration, which contains all the theme display properties.", - "title": "Configuration" - }, - "CreatedTime": { - "markdownDescription": "The date and time that this theme version was created.", - "title": "CreatedTime", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the theme.", - "title": "Description", - "type": "string" - }, - "Errors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Theme.ThemeError" - }, - "markdownDescription": "Errors associated with the theme.", - "title": "Errors", - "type": "array" - }, - "Status": { - "markdownDescription": "The status of the theme version.", - "title": "Status", + "RetentionPeriodUnit": { + "markdownDescription": "The unit of time in which the retention period is measured. Currently, only `DAYS` is supported.", + "title": "RetentionPeriodUnit", "type": "string" }, - "VersionNumber": { - "markdownDescription": "The version number of the theme.", - "title": "VersionNumber", + "RetentionPeriodValue": { + "markdownDescription": "The period value for which the retention rule is to retain resources. The period is measured using the unit specified for *RetentionPeriodUnit* .", + "title": "RetentionPeriodValue", "type": "number" } }, + "required": [ + "RetentionPeriodUnit", + "RetentionPeriodValue" + ], "type": "object" }, - "AWS::QuickSight::Theme.TileLayoutStyle": { - "additionalProperties": false, - "properties": { - "Gutter": { - "$ref": "#/definitions/AWS::QuickSight::Theme.GutterStyle", - "markdownDescription": "The gutter settings that apply between tiles.", - "title": "Gutter" - }, - "Margin": { - "$ref": "#/definitions/AWS::QuickSight::Theme.MarginStyle", - "markdownDescription": "The margin settings that apply around the outside edge of sheets.", - "title": "Margin" - } - }, - "type": "object" - }, - "AWS::QuickSight::Theme.TileStyle": { - "additionalProperties": false, - "properties": { - "Border": { - "$ref": "#/definitions/AWS::QuickSight::Theme.BorderStyle", - "markdownDescription": "The border around a tile.", - "title": "Border" - } - }, - "type": "object" - }, - "AWS::QuickSight::Theme.Typography": { - "additionalProperties": false, - "properties": { - "FontFamilies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Theme.Font" - }, - "markdownDescription": "Determines the list of font families.", - "title": "FontFamilies", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Theme.UIColorPalette": { + "AWS::Rbin::Rule.UnlockDelay": { "additionalProperties": false, "properties": { - "Accent": { - "markdownDescription": "This color is that applies to selected states and buttons.", - "title": "Accent", - "type": "string" - }, - "AccentForeground": { - "markdownDescription": "The foreground color that applies to any text or other elements that appear over the accent color.", - "title": "AccentForeground", - "type": "string" - }, - "Danger": { - "markdownDescription": "The color that applies to error messages.", - "title": "Danger", - "type": "string" - }, - "DangerForeground": { - "markdownDescription": "The foreground color that applies to any text or other elements that appear over the error color.", - "title": "DangerForeground", - "type": "string" - }, - "Dimension": { - "markdownDescription": "The color that applies to the names of fields that are identified as dimensions.", - "title": "Dimension", - "type": "string" - }, - "DimensionForeground": { - "markdownDescription": "The foreground color that applies to any text or other elements that appear over the dimension color.", - "title": "DimensionForeground", - "type": "string" - }, - "Measure": { - "markdownDescription": "The color that applies to the names of fields that are identified as measures.", - "title": "Measure", - "type": "string" - }, - "MeasureForeground": { - "markdownDescription": "The foreground color that applies to any text or other elements that appear over the measure color.", - "title": "MeasureForeground", - "type": "string" - }, - "PrimaryBackground": { - "markdownDescription": "The background color that applies to visuals and other high emphasis UI.", - "title": "PrimaryBackground", - "type": "string" - }, - "PrimaryForeground": { - "markdownDescription": "The color of text and other foreground elements that appear over the primary background regions, such as grid lines, borders, table banding, icons, and so on.", - "title": "PrimaryForeground", - "type": "string" - }, - "SecondaryBackground": { - "markdownDescription": "The background color that applies to the sheet background and sheet controls.", - "title": "SecondaryBackground", - "type": "string" - }, - "SecondaryForeground": { - "markdownDescription": "The foreground color that applies to any sheet title, sheet control text, or UI that appears over the secondary background.", - "title": "SecondaryForeground", - "type": "string" - }, - "Success": { - "markdownDescription": "The color that applies to success messages, for example the check mark for a successful download.", - "title": "Success", - "type": "string" - }, - "SuccessForeground": { - "markdownDescription": "The foreground color that applies to any text or other elements that appear over the success color.", - "title": "SuccessForeground", - "type": "string" - }, - "Warning": { - "markdownDescription": "This color that applies to warning and informational messages.", - "title": "Warning", + "UnlockDelayUnit": { + "markdownDescription": "The unit of time in which to measure the unlock delay. Currently, the unlock delay can be measure only in days.", + "title": "UnlockDelayUnit", "type": "string" }, - "WarningForeground": { - "markdownDescription": "The foreground color that applies to any text or other elements that appear over the warning color.", - "title": "WarningForeground", - "type": "string" + "UnlockDelayValue": { + "markdownDescription": "The unlock delay period, measured in the unit specified for *UnlockDelayUnit* .", + "title": "UnlockDelayValue", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Topic": { + "AWS::Redshift::Cluster": { "additionalProperties": false, "properties": { "Condition": { @@ -222926,45 +269343,290 @@ "Properties": { "additionalProperties": false, "properties": { - "AwsAccountId": { - "markdownDescription": "The ID of the AWS account that you want to create a topic in.", - "title": "AwsAccountId", + "AllowVersionUpgrade": { + "markdownDescription": "If `true` , major version upgrades can be applied during the maintenance window to the Amazon Redshift engine that is running on the cluster.\n\nWhen a new major version of the Amazon Redshift engine is released, you can request that the service automatically apply upgrades during the maintenance window to the Amazon Redshift engine that is running on your cluster.\n\nDefault: `true`", + "title": "AllowVersionUpgrade", + "type": "boolean" + }, + "AquaConfigurationStatus": { + "markdownDescription": "This parameter is retired. It does not set the AQUA configuration status. Amazon Redshift automatically determines whether to use AQUA (Advanced Query Accelerator).", + "title": "AquaConfigurationStatus", "type": "string" }, - "DataSets": { + "AutomatedSnapshotRetentionPeriod": { + "markdownDescription": "The number of days that automated snapshots are retained. If the value is 0, automated snapshots are disabled. Even if automated snapshots are disabled, you can still create manual snapshots when you want with [CreateClusterSnapshot](https://docs.aws.amazon.com/redshift/latest/APIReference/API_CreateClusterSnapshot.html) in the *Amazon Redshift API Reference* .\n\nDefault: `1`\n\nConstraints: Must be a value from 0 to 35.", + "title": "AutomatedSnapshotRetentionPeriod", + "type": "number" + }, + "AvailabilityZone": { + "markdownDescription": "The EC2 Availability Zone (AZ) in which you want Amazon Redshift to provision the cluster. For example, if you have several EC2 instances running in a specific Availability Zone, then you might want the cluster to be provisioned in the same zone in order to decrease network latency.\n\nDefault: A random, system-chosen Availability Zone in the region that is specified by the endpoint.\n\nExample: `us-east-2d`\n\nConstraint: The specified Availability Zone must be in the same region as the current endpoint.", + "title": "AvailabilityZone", + "type": "string" + }, + "AvailabilityZoneRelocation": { + "markdownDescription": "The option to enable relocation for an Amazon Redshift cluster between Availability Zones after the cluster is created.", + "title": "AvailabilityZoneRelocation", + "type": "boolean" + }, + "AvailabilityZoneRelocationStatus": { + "markdownDescription": "Describes the status of the Availability Zone relocation operation.", + "title": "AvailabilityZoneRelocationStatus", + "type": "string" + }, + "Classic": { + "markdownDescription": "A boolean value indicating whether the resize operation is using the classic resize process. If you don't provide this parameter or set the value to `false` , the resize type is elastic.", + "title": "Classic", + "type": "boolean" + }, + "ClusterIdentifier": { + "markdownDescription": "A unique identifier for the cluster. You use this identifier to refer to the cluster for any subsequent cluster operations such as deleting or modifying. The identifier also appears in the Amazon Redshift console.\n\nConstraints:\n\n- Must contain from 1 to 63 alphanumeric characters or hyphens.\n- Alphabetic characters must be lowercase.\n- First character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.\n- Must be unique for all clusters within an AWS account .\n\nExample: `myexamplecluster`", + "title": "ClusterIdentifier", + "type": "string" + }, + "ClusterParameterGroupName": { + "markdownDescription": "The name of the parameter group to be associated with this cluster.\n\nDefault: The default Amazon Redshift cluster parameter group. For information about the default parameter group, go to [Working with Amazon Redshift Parameter Groups](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-parameter-groups.html)\n\nConstraints:\n\n- Must be 1 to 255 alphanumeric characters or hyphens.\n- First character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.", + "title": "ClusterParameterGroupName", + "type": "string" + }, + "ClusterSecurityGroups": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Topic.DatasetMetadata" + "type": "string" }, - "markdownDescription": "The data sets that the topic is associated with.", - "title": "DataSets", + "markdownDescription": "A list of security groups to be associated with this cluster.\n\nDefault: The default cluster security group for Amazon Redshift.", + "title": "ClusterSecurityGroups", "type": "array" }, - "Description": { - "markdownDescription": "The description of the topic.", - "title": "Description", + "ClusterSubnetGroupName": { + "markdownDescription": "The name of a cluster subnet group to be associated with this cluster.\n\nIf this parameter is not provided the resulting cluster will be deployed outside virtual private cloud (VPC).", + "title": "ClusterSubnetGroupName", "type": "string" }, - "Name": { - "markdownDescription": "The name of the topic.", - "title": "Name", + "ClusterType": { + "markdownDescription": "The type of the cluster. When cluster type is specified as\n\n- `single-node` , the *NumberOfNodes* parameter is not required.\n- `multi-node` , the *NumberOfNodes* parameter is required.\n\nValid Values: `multi-node` | `single-node`\n\nDefault: `multi-node`", + "title": "ClusterType", "type": "string" }, - "TopicId": { - "markdownDescription": "The ID for the topic. This ID is unique per AWS Region for each AWS account.", - "title": "TopicId", + "ClusterVersion": { + "markdownDescription": "The version of the Amazon Redshift engine software that you want to deploy on the cluster.\n\nThe version selected runs on all the nodes in the cluster.\n\nConstraints: Only version 1.0 is currently available.\n\nExample: `1.0`", + "title": "ClusterVersion", "type": "string" }, - "UserExperienceVersion": { - "markdownDescription": "The user experience version of the topic.", - "title": "UserExperienceVersion", + "DBName": { + "markdownDescription": "The name of the first database to be created when the cluster is created.\n\nTo create additional databases after the cluster is created, connect to the cluster with a SQL client and use SQL commands to create a database. For more information, go to [Create a Database](https://docs.aws.amazon.com/redshift/latest/dg/t_creating_database.html) in the Amazon Redshift Database Developer Guide.\n\nDefault: `dev`\n\nConstraints:\n\n- Must contain 1 to 64 alphanumeric characters.\n- Must contain only lowercase letters.\n- Cannot be a word that is reserved by the service. A list of reserved words can be found in [Reserved Words](https://docs.aws.amazon.com/redshift/latest/dg/r_pg_keywords.html) in the Amazon Redshift Database Developer Guide.", + "title": "DBName", + "type": "string" + }, + "DeferMaintenance": { + "markdownDescription": "A Boolean indicating whether to enable the deferred maintenance window.", + "title": "DeferMaintenance", + "type": "boolean" + }, + "DeferMaintenanceDuration": { + "markdownDescription": "An integer indicating the duration of the maintenance window in days. If you specify a duration, you can't specify an end time. The duration must be 45 days or less.", + "title": "DeferMaintenanceDuration", + "type": "number" + }, + "DeferMaintenanceEndTime": { + "markdownDescription": "A timestamp for the end of the time period when we defer maintenance.", + "title": "DeferMaintenanceEndTime", + "type": "string" + }, + "DeferMaintenanceStartTime": { + "markdownDescription": "A timestamp indicating the start time for the deferred maintenance window.", + "title": "DeferMaintenanceStartTime", + "type": "string" + }, + "DestinationRegion": { + "markdownDescription": "The destination region that snapshots are automatically copied to when cross-region snapshot copy is enabled.", + "title": "DestinationRegion", + "type": "string" + }, + "ElasticIp": { + "markdownDescription": "The Elastic IP (EIP) address for the cluster.\n\nConstraints: The cluster must be provisioned in EC2-VPC and publicly-accessible through an Internet gateway. Don't specify the Elastic IP address for a publicly accessible cluster with availability zone relocation turned on. For more information about provisioning clusters in EC2-VPC, go to [Supported Platforms to Launch Your Cluster](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-clusters.html#cluster-platforms) in the Amazon Redshift Cluster Management Guide.", + "title": "ElasticIp", + "type": "string" + }, + "Encrypted": { + "markdownDescription": "If `true` , the data in the cluster is encrypted at rest. If you set the value on this parameter to `false` , the request will fail.\n\nDefault: true", + "title": "Encrypted", + "type": "boolean" + }, + "Endpoint": { + "$ref": "#/definitions/AWS::Redshift::Cluster.Endpoint", + "markdownDescription": "The connection endpoint.", + "title": "Endpoint" + }, + "EnhancedVpcRouting": { + "markdownDescription": "An option that specifies whether to create the cluster with enhanced VPC routing enabled. To create a cluster that uses enhanced VPC routing, the cluster must be in a VPC. For more information, see [Enhanced VPC Routing](https://docs.aws.amazon.com/redshift/latest/mgmt/enhanced-vpc-routing.html) in the Amazon Redshift Cluster Management Guide.\n\nIf this option is `true` , enhanced VPC routing is enabled.\n\nDefault: false", + "title": "EnhancedVpcRouting", + "type": "boolean" + }, + "HsmClientCertificateIdentifier": { + "markdownDescription": "Specifies the name of the HSM client certificate the Amazon Redshift cluster uses to retrieve the data encryption keys stored in an HSM.", + "title": "HsmClientCertificateIdentifier", + "type": "string" + }, + "HsmConfigurationIdentifier": { + "markdownDescription": "Specifies the name of the HSM configuration that contains the information the Amazon Redshift cluster can use to retrieve and store keys in an HSM.", + "title": "HsmConfigurationIdentifier", + "type": "string" + }, + "IamRoles": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of AWS Identity and Access Management (IAM) roles that can be used by the cluster to access other AWS services. You must supply the IAM roles in their Amazon Resource Name (ARN) format.\n\nThe maximum number of IAM roles that you can associate is subject to a quota. For more information, go to [Quotas and limits](https://docs.aws.amazon.com/redshift/latest/mgmt/amazon-redshift-limits.html) in the *Amazon Redshift Cluster Management Guide* .", + "title": "IamRoles", + "type": "array" + }, + "KmsKeyId": { + "markdownDescription": "The AWS Key Management Service (KMS) key ID of the encryption key that you want to use to encrypt data in the cluster.", + "title": "KmsKeyId", + "type": "string" + }, + "LoggingProperties": { + "$ref": "#/definitions/AWS::Redshift::Cluster.LoggingProperties", + "markdownDescription": "Specifies logging information, such as queries and connection attempts, for the specified Amazon Redshift cluster.", + "title": "LoggingProperties" + }, + "MaintenanceTrackName": { + "markdownDescription": "An optional parameter for the name of the maintenance track for the cluster. If you don't provide a maintenance track name, the cluster is assigned to the `current` track.", + "title": "MaintenanceTrackName", + "type": "string" + }, + "ManageMasterPassword": { + "markdownDescription": "If `true` , Amazon Redshift uses AWS Secrets Manager to manage this cluster's admin credentials. You can't use `MasterUserPassword` if `ManageMasterPassword` is true. If `ManageMasterPassword` is false or not set, Amazon Redshift uses `MasterUserPassword` for the admin user account's password.", + "title": "ManageMasterPassword", + "type": "boolean" + }, + "ManualSnapshotRetentionPeriod": { + "markdownDescription": "The default number of days to retain a manual snapshot. If the value is -1, the snapshot is retained indefinitely. This setting doesn't change the retention period of existing snapshots.\n\nThe value must be either -1 or an integer between 1 and 3,653.", + "title": "ManualSnapshotRetentionPeriod", + "type": "number" + }, + "MasterPasswordSecretKmsKeyId": { + "markdownDescription": "The ID of the AWS Key Management Service (KMS) key used to encrypt and store the cluster's admin credentials secret. You can only use this parameter if `ManageMasterPassword` is true.", + "title": "MasterPasswordSecretKmsKeyId", + "type": "string" + }, + "MasterUserPassword": { + "markdownDescription": "The password associated with the admin user account for the cluster that is being created.\n\nYou can't use `MasterUserPassword` if `ManageMasterPassword` is `true` .\n\nConstraints:\n\n- Must be between 8 and 64 characters in length.\n- Must contain at least one uppercase letter.\n- Must contain at least one lowercase letter.\n- Must contain one number.\n- Can be any printable ASCII character (ASCII code 33-126) except `'` (single quote), `\"` (double quote), `\\` , `/` , or `@` .", + "title": "MasterUserPassword", + "type": "string" + }, + "MasterUsername": { + "markdownDescription": "The user name associated with the admin user account for the cluster that is being created.\n\nConstraints:\n\n- Must be 1 - 128 alphanumeric characters or hyphens. The user name can't be `PUBLIC` .\n- Must contain only lowercase letters, numbers, underscore, plus sign, period (dot), at symbol (@), or hyphen.\n- The first character must be a letter.\n- Must not contain a colon (:) or a slash (/).\n- Cannot be a reserved word. A list of reserved words can be found in [Reserved Words](https://docs.aws.amazon.com/redshift/latest/dg/r_pg_keywords.html) in the Amazon Redshift Database Developer Guide.", + "title": "MasterUsername", + "type": "string" + }, + "MultiAZ": { + "markdownDescription": "A boolean indicating whether Amazon Redshift should deploy the cluster in two Availability Zones. The default is false.", + "title": "MultiAZ", + "type": "boolean" + }, + "NamespaceResourcePolicy": { + "markdownDescription": "The policy that is attached to a resource.", + "title": "NamespaceResourcePolicy", + "type": "object" + }, + "NodeType": { + "markdownDescription": "The node type to be provisioned for the cluster. For information about node types, go to [Working with Clusters](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-clusters.html#how-many-nodes) in the *Amazon Redshift Cluster Management Guide* .\n\nValid Values: `dc2.large` | `dc2.8xlarge` | `ra3.large` | `ra3.xlplus` | `ra3.4xlarge` | `ra3.16xlarge`", + "title": "NodeType", + "type": "string" + }, + "NumberOfNodes": { + "markdownDescription": "The number of compute nodes in the cluster. This parameter is required when the *ClusterType* parameter is specified as `multi-node` .\n\nFor information about determining how many nodes you need, go to [Working with Clusters](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-clusters.html#how-many-nodes) in the *Amazon Redshift Cluster Management Guide* .\n\nIf you don't specify this parameter, you get a single-node cluster. When requesting a multi-node cluster, you must specify the number of nodes that you want in the cluster.\n\nDefault: `1`\n\nConstraints: Value must be at least 1 and no more than 100.", + "title": "NumberOfNodes", + "type": "number" + }, + "OwnerAccount": { + "markdownDescription": "The AWS account used to create or copy the snapshot. Required if you are restoring a snapshot you do not own, optional if you own the snapshot.", + "title": "OwnerAccount", + "type": "string" + }, + "Port": { + "markdownDescription": "The port number on which the cluster accepts incoming connections.\n\nThe cluster is accessible only via the JDBC and ODBC connection strings. Part of the connection string requires the port on which the cluster will listen for incoming connections.\n\nDefault: `5439`\n\nValid Values:\n\n- For clusters with ra3 nodes - Select a port within the ranges `5431-5455` or `8191-8215` . (If you have an existing cluster with ra3 nodes, it isn't required that you change the port to these ranges.)\n- For clusters with dc2 nodes - Select a port within the range `1150-65535` .", + "title": "Port", + "type": "number" + }, + "PreferredMaintenanceWindow": { + "markdownDescription": "The weekly time range (in UTC) during which automated cluster maintenance can occur.\n\nFormat: `ddd:hh24:mi-ddd:hh24:mi`\n\nDefault: A 30-minute window selected at random from an 8-hour block of time per region, occurring on a random day of the week. For more information about the time blocks for each region, see [Maintenance Windows](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-clusters.html#rs-maintenance-windows) in Amazon Redshift Cluster Management Guide.\n\nValid Days: Mon | Tue | Wed | Thu | Fri | Sat | Sun\n\nConstraints: Minimum 30-minute window.", + "title": "PreferredMaintenanceWindow", + "type": "string" + }, + "PubliclyAccessible": { + "markdownDescription": "If `true` , the cluster can be accessed from a public network.\n\nDefault: false", + "title": "PubliclyAccessible", + "type": "boolean" + }, + "ResourceAction": { + "markdownDescription": "The Amazon Redshift operation to be performed. Supported operations are `pause-cluster` , `resume-cluster` , and `failover-primary-compute` .", + "title": "ResourceAction", + "type": "string" + }, + "RevisionTarget": { + "markdownDescription": "Describes a `RevisionTarget` object.", + "title": "RevisionTarget", + "type": "string" + }, + "RotateEncryptionKey": { + "markdownDescription": "Rotates the encryption keys for a cluster.", + "title": "RotateEncryptionKey", + "type": "boolean" + }, + "SnapshotClusterIdentifier": { + "markdownDescription": "The name of the cluster the source snapshot was created from. This parameter is required if your user or role has a policy containing a snapshot resource element that specifies anything other than * for the cluster name.", + "title": "SnapshotClusterIdentifier", + "type": "string" + }, + "SnapshotCopyGrantName": { + "markdownDescription": "The name of the snapshot copy grant.", + "title": "SnapshotCopyGrantName", + "type": "string" + }, + "SnapshotCopyManual": { + "markdownDescription": "Indicates whether to apply the snapshot retention period to newly copied manual snapshots instead of automated snapshots.", + "title": "SnapshotCopyManual", + "type": "boolean" + }, + "SnapshotCopyRetentionPeriod": { + "markdownDescription": "The number of days to retain automated snapshots in the destination AWS Region after they are copied from the source AWS Region .\n\nBy default, this only changes the retention period of copied automated snapshots.\n\nIf you decrease the retention period for automated snapshots that are copied to a destination AWS Region , Amazon Redshift deletes any existing automated snapshots that were copied to the destination AWS Region and that fall outside of the new retention period.\n\nConstraints: Must be at least 1 and no more than 35 for automated snapshots.\n\nIf you specify the `manual` option, only newly copied manual snapshots will have the new retention period.\n\nIf you specify the value of -1 newly copied manual snapshots are retained indefinitely.\n\nConstraints: The number of days must be either -1 or an integer between 1 and 3,653 for manual snapshots.", + "title": "SnapshotCopyRetentionPeriod", + "type": "number" + }, + "SnapshotIdentifier": { + "markdownDescription": "The name of the snapshot from which to create the new cluster. This parameter isn't case sensitive. You must specify this parameter or `snapshotArn` , but not both.\n\nExample: `my-snapshot-id`", + "title": "SnapshotIdentifier", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tag instances.", + "title": "Tags", + "type": "array" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of Virtual Private Cloud (VPC) security groups to be associated with the cluster.\n\nDefault: The default VPC security group is associated with the cluster.", + "title": "VpcSecurityGroupIds", + "type": "array" } }, + "required": [ + "ClusterType", + "DBName", + "MasterUsername", + "NodeType" + ], "type": "object" }, "Type": { "enum": [ - "AWS::QuickSight::Topic" + "AWS::Redshift::Cluster" ], "type": "string" }, @@ -222978,856 +269640,1055 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Topic.CellValueSynonym": { - "additionalProperties": false, - "properties": { - "CellValue": { - "markdownDescription": "The cell value.", - "title": "CellValue", - "type": "string" - }, - "Synonyms": { - "items": { - "type": "string" - }, - "markdownDescription": "Other names or aliases for the cell value.", - "title": "Synonyms", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Topic.CollectiveConstant": { - "additionalProperties": false, - "properties": { - "ValueList": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of values for the collective constant.", - "title": "ValueList", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Topic.ComparativeOrder": { - "additionalProperties": false, - "properties": { - "SpecifedOrder": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of columns to be used in the ordering.", - "title": "SpecifedOrder", - "type": "array" - }, - "TreatUndefinedSpecifiedValues": { - "markdownDescription": "The treat of undefined specified values. Valid values for this structure are `LEAST` and `MOST` .", - "title": "TreatUndefinedSpecifiedValues", - "type": "string" - }, - "UseOrdering": { - "markdownDescription": "The ordering type for a column. Valid values for this structure are `GREATER_IS_BETTER` , `LESSER_IS_BETTER` and `SPECIFIED` .", - "title": "UseOrdering", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Topic.DataAggregation": { + "AWS::Redshift::Cluster.Endpoint": { "additionalProperties": false, "properties": { - "DatasetRowDateGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "DatasetRowDateGranularity", + "Address": { + "markdownDescription": "The DNS address of the cluster. This property is read only.", + "title": "Address", "type": "string" }, - "DefaultDateColumnName": { - "markdownDescription": "The column name for the default date.", - "title": "DefaultDateColumnName", + "Port": { + "markdownDescription": "The port that the database engine is listening on. This property is read only.", + "title": "Port", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Topic.DatasetMetadata": { + "AWS::Redshift::Cluster.LoggingProperties": { "additionalProperties": false, "properties": { - "CalculatedFields": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicCalculatedField" - }, - "markdownDescription": "The list of calculated field definitions.", - "title": "CalculatedFields", - "type": "array" - }, - "Columns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicColumn" - }, - "markdownDescription": "The list of column definitions.", - "title": "Columns", - "type": "array" - }, - "DataAggregation": { - "$ref": "#/definitions/AWS::QuickSight::Topic.DataAggregation", - "markdownDescription": "The definition of a data aggregation.", - "title": "DataAggregation" - }, - "DatasetArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the dataset.", - "title": "DatasetArn", - "type": "string" - }, - "DatasetDescription": { - "markdownDescription": "The description of the dataset.", - "title": "DatasetDescription", + "BucketName": { + "markdownDescription": "The name of an existing S3 bucket where the log files are to be stored.\n\nConstraints:\n\n- Must be in the same region as the cluster\n- The cluster must have read bucket and put object permissions", + "title": "BucketName", "type": "string" }, - "DatasetName": { - "markdownDescription": "The name of the dataset.", - "title": "DatasetName", + "LogDestinationType": { + "markdownDescription": "The log destination type. An enum with possible values of `s3` and `cloudwatch` .", + "title": "LogDestinationType", "type": "string" }, - "Filters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicFilter" - }, - "markdownDescription": "The list of filter definitions.", - "title": "Filters", - "type": "array" - }, - "NamedEntities": { + "LogExports": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicNamedEntity" + "type": "string" }, - "markdownDescription": "The list of named entities definitions.", - "title": "NamedEntities", + "markdownDescription": "The collection of exported log types. Possible values are `connectionlog` , `useractivitylog` , and `userlog` .", + "title": "LogExports", "type": "array" - } - }, - "required": [ - "DatasetArn" - ], - "type": "object" - }, - "AWS::QuickSight::Topic.DefaultFormatting": { - "additionalProperties": false, - "properties": { - "DisplayFormat": { - "markdownDescription": "The display format. Valid values for this structure are `AUTO` , `PERCENT` , `CURRENCY` , `NUMBER` , `DATE` , and `STRING` .", - "title": "DisplayFormat", - "type": "string" - }, - "DisplayFormatOptions": { - "$ref": "#/definitions/AWS::QuickSight::Topic.DisplayFormatOptions", - "markdownDescription": "The additional options for display formatting.", - "title": "DisplayFormatOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Topic.DisplayFormatOptions": { - "additionalProperties": false, - "properties": { - "BlankCellFormat": { - "markdownDescription": "Determines the blank cell format.", - "title": "BlankCellFormat", - "type": "string" - }, - "CurrencySymbol": { - "markdownDescription": "The currency symbol, such as `USD` .", - "title": "CurrencySymbol", - "type": "string" - }, - "DateFormat": { - "markdownDescription": "Determines the `DateTime` format.", - "title": "DateFormat", - "type": "string" - }, - "DecimalSeparator": { - "markdownDescription": "Determines the decimal separator.", - "title": "DecimalSeparator", - "type": "string" - }, - "FractionDigits": { - "markdownDescription": "Determines the number of fraction digits.", - "title": "FractionDigits", - "type": "number" - }, - "GroupingSeparator": { - "markdownDescription": "Determines the grouping separator.", - "title": "GroupingSeparator", - "type": "string" - }, - "NegativeFormat": { - "$ref": "#/definitions/AWS::QuickSight::Topic.NegativeFormat", - "markdownDescription": "The negative format.", - "title": "NegativeFormat" - }, - "Prefix": { - "markdownDescription": "The prefix value for a display format.", - "title": "Prefix", - "type": "string" - }, - "Suffix": { - "markdownDescription": "The suffix value for a display format.", - "title": "Suffix", - "type": "string" }, - "UnitScaler": { - "markdownDescription": "The unit scaler. Valid values for this structure are: `NONE` , `AUTO` , `THOUSANDS` , `MILLIONS` , `BILLIONS` , and `TRILLIONS` .", - "title": "UnitScaler", + "S3KeyPrefix": { + "markdownDescription": "The prefix applied to the log file names.\n\nValid characters are any letter from any language, any whitespace character, any numeric character, and the following characters: underscore ( `_` ), period ( `.` ), colon ( `:` ), slash ( `/` ), equal ( `=` ), plus ( `+` ), backslash ( `\\` ), hyphen ( `-` ), at symbol ( `@` ).", + "title": "S3KeyPrefix", "type": "string" - }, - "UseBlankCellFormat": { - "markdownDescription": "A Boolean value that indicates whether to use blank cell format.", - "title": "UseBlankCellFormat", - "type": "boolean" - }, - "UseGrouping": { - "markdownDescription": "A Boolean value that indicates whether to use grouping.", - "title": "UseGrouping", - "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Topic.NamedEntityDefinition": { + "AWS::Redshift::ClusterParameterGroup": { "additionalProperties": false, "properties": { - "FieldName": { - "markdownDescription": "The name of the entity.", - "title": "FieldName", + "Condition": { "type": "string" }, - "Metric": { - "$ref": "#/definitions/AWS::QuickSight::Topic.NamedEntityDefinitionMetric", - "markdownDescription": "The definition of a metric.", - "title": "Metric" - }, - "PropertyName": { - "markdownDescription": "The property name to be used for the named entity.", - "title": "PropertyName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "PropertyRole": { - "markdownDescription": "The property role. Valid values for this structure are `PRIMARY` and `ID` .", - "title": "PropertyRole", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "PropertyUsage": { - "markdownDescription": "The property usage. Valid values for this structure are `INHERIT` , `DIMENSION` , and `MEASURE` .", - "title": "PropertyUsage", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Topic.NamedEntityDefinitionMetric": { - "additionalProperties": false, - "properties": { - "Aggregation": { - "markdownDescription": "The aggregation of a named entity. Valid values for this structure are `SUM` , `MIN` , `MAX` , `COUNT` , `AVERAGE` , `DISTINCT_COUNT` , `STDEV` , `STDEVP` , `VAR` , `VARP` , `PERCENTILE` , `MEDIAN` , and `CUSTOM` .", - "title": "Aggregation", - "type": "string" + "Metadata": { + "type": "object" }, - "AggregationFunctionParameters": { - "additionalProperties": true, - "markdownDescription": "The additional parameters for an aggregation function.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the parameter group.", + "title": "Description", + "type": "string" + }, + "ParameterGroupFamily": { + "markdownDescription": "The name of the cluster parameter group family that this cluster parameter group is compatible with. You can create a custom parameter group and then associate your cluster with it. For more information, see [Amazon Redshift parameter groups](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-parameter-groups.html) .", + "title": "ParameterGroupFamily", + "type": "string" + }, + "ParameterGroupName": { + "markdownDescription": "The name of the cluster parameter group.", + "title": "ParameterGroupName", "type": "string" + }, + "Parameters": { + "items": { + "$ref": "#/definitions/AWS::Redshift::ClusterParameterGroup.Parameter" + }, + "markdownDescription": "An array of parameters to be modified. A maximum of 20 parameters can be modified in a single request.\n\nFor each parameter to be modified, you must supply at least the parameter name and parameter value; other name-value pairs of the parameter are optional.\n\nFor the workload management (WLM) configuration, you must supply all the name-value pairs in the wlm_json_configuration parameter.", + "title": "Parameters", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of tags for the cluster parameter group.", + "title": "Tags", + "type": "array" } }, - "title": "AggregationFunctionParameters", + "required": [ + "Description", + "ParameterGroupFamily" + ], "type": "object" - } - }, - "type": "object" - }, - "AWS::QuickSight::Topic.NegativeFormat": { - "additionalProperties": false, - "properties": { - "Prefix": { - "markdownDescription": "The prefix for a negative format.", - "title": "Prefix", + }, + "Type": { + "enum": [ + "AWS::Redshift::ClusterParameterGroup" + ], "type": "string" }, - "Suffix": { - "markdownDescription": "The suffix for a negative format.", - "title": "Suffix", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Topic.RangeConstant": { + "AWS::Redshift::ClusterParameterGroup.Parameter": { "additionalProperties": false, "properties": { - "Maximum": { - "markdownDescription": "The maximum value for a range constant.", - "title": "Maximum", + "ParameterName": { + "markdownDescription": "The name of the parameter.", + "title": "ParameterName", "type": "string" }, - "Minimum": { - "markdownDescription": "The minimum value for a range constant.", - "title": "Minimum", + "ParameterValue": { + "markdownDescription": "The value of the parameter. If `ParameterName` is `wlm_json_configuration` , then the maximum size of `ParameterValue` is 8000 characters.", + "title": "ParameterValue", "type": "string" } }, + "required": [ + "ParameterName", + "ParameterValue" + ], "type": "object" }, - "AWS::QuickSight::Topic.SemanticEntityType": { + "AWS::Redshift::ClusterSecurityGroup": { "additionalProperties": false, "properties": { - "SubTypeName": { - "markdownDescription": "The semantic entity sub type name.", - "title": "SubTypeName", + "Condition": { "type": "string" }, - "TypeName": { - "markdownDescription": "The semantic entity type name.", - "title": "TypeName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "TypeParameters": { - "additionalProperties": true, - "markdownDescription": "The semantic entity type parameters.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description for the security group.", + "title": "Description", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies an arbitrary set of tags (key\u2013value pairs) to associate with this security group. Use tags to manage your resources.", + "title": "Tags", + "type": "array" } }, - "title": "TypeParameters", + "required": [ + "Description" + ], "type": "object" + }, + "Type": { + "enum": [ + "AWS::Redshift::ClusterSecurityGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Topic.SemanticType": { + "AWS::Redshift::ClusterSecurityGroupIngress": { "additionalProperties": false, "properties": { - "FalseyCellValue": { - "markdownDescription": "The semantic type falsey cell value.", - "title": "FalseyCellValue", - "type": "string" - }, - "FalseyCellValueSynonyms": { - "items": { - "type": "string" - }, - "markdownDescription": "The other names or aliases for the false cell value.", - "title": "FalseyCellValueSynonyms", - "type": "array" - }, - "SubTypeName": { - "markdownDescription": "The semantic type sub type name.", - "title": "SubTypeName", + "Condition": { "type": "string" }, - "TruthyCellValue": { - "markdownDescription": "The semantic type truthy cell value.", - "title": "TruthyCellValue", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "TruthyCellValueSynonyms": { - "items": { - "type": "string" - }, - "markdownDescription": "The other names or aliases for the true cell value.", - "title": "TruthyCellValueSynonyms", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "TypeName": { - "markdownDescription": "The semantic type name.", - "title": "TypeName", - "type": "string" + "Metadata": { + "type": "object" }, - "TypeParameters": { - "additionalProperties": true, - "markdownDescription": "The semantic type parameters.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { + "Properties": { + "additionalProperties": false, + "properties": { + "CIDRIP": { + "markdownDescription": "The IP range to be added the Amazon Redshift security group.", + "title": "CIDRIP", + "type": "string" + }, + "ClusterSecurityGroupName": { + "markdownDescription": "The name of the security group to which the ingress rule is added.", + "title": "ClusterSecurityGroupName", + "type": "string" + }, + "EC2SecurityGroupName": { + "markdownDescription": "The EC2 security group to be added the Amazon Redshift security group.", + "title": "EC2SecurityGroupName", + "type": "string" + }, + "EC2SecurityGroupOwnerId": { + "markdownDescription": "The AWS account number of the owner of the security group specified by the *EC2SecurityGroupName* parameter. The AWS Access Key ID is not an acceptable value.\n\nExample: `111122223333`\n\nConditional. If you specify the `EC2SecurityGroupName` property, you must specify this property.", + "title": "EC2SecurityGroupOwnerId", "type": "string" } }, - "title": "TypeParameters", + "required": [ + "ClusterSecurityGroupName" + ], "type": "object" + }, + "Type": { + "enum": [ + "AWS::Redshift::ClusterSecurityGroupIngress" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Topic.TopicCalculatedField": { + "AWS::Redshift::ClusterSubnetGroup": { "additionalProperties": false, "properties": { - "Aggregation": { - "markdownDescription": "The default aggregation. Valid values for this structure are `SUM` , `MAX` , `MIN` , `COUNT` , `DISTINCT_COUNT` , and `AVERAGE` .", - "title": "Aggregation", + "Condition": { "type": "string" }, - "AllowedAggregations": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of aggregation types that are allowed for the calculated field. Valid values for this structure are `COUNT` , `DISTINCT_COUNT` , `MIN` , `MAX` , `MEDIAN` , `SUM` , `AVERAGE` , `STDEV` , `STDEVP` , `VAR` , `VARP` , and `PERCENTILE` .", - "title": "AllowedAggregations", - "type": "array" - }, - "CalculatedFieldDescription": { - "markdownDescription": "The calculated field description.", - "title": "CalculatedFieldDescription", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "CalculatedFieldName": { - "markdownDescription": "The calculated field name.", - "title": "CalculatedFieldName", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "CalculatedFieldSynonyms": { - "items": { - "type": "string" - }, - "markdownDescription": "The other names or aliases for the calculated field.", - "title": "CalculatedFieldSynonyms", - "type": "array" + "Metadata": { + "type": "object" }, - "CellValueSynonyms": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Topic.CellValueSynonym" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description for the subnet group.", + "title": "Description", + "type": "string" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of VPC subnet IDs. A maximum of 20 subnets can be modified in a single request.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies an arbitrary set of tags (key\u2013value pairs) to associate with this subnet group. Use tags to manage your resources.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The other names or aliases for the calculated field cell value.", - "title": "CellValueSynonyms", - "type": "array" + "required": [ + "Description", + "SubnetIds" + ], + "type": "object" }, - "ColumnDataRole": { - "markdownDescription": "The column data role for a calculated field. Valid values for this structure are `DIMENSION` and `MEASURE` .", - "title": "ColumnDataRole", + "Type": { + "enum": [ + "AWS::Redshift::ClusterSubnetGroup" + ], "type": "string" }, - "ComparativeOrder": { - "$ref": "#/definitions/AWS::QuickSight::Topic.ComparativeOrder", - "markdownDescription": "The order in which data is displayed for the calculated field when it's used in a comparative context.", - "title": "ComparativeOrder" - }, - "DefaultFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Topic.DefaultFormatting", - "markdownDescription": "The default formatting definition.", - "title": "DefaultFormatting" - }, - "Expression": { - "markdownDescription": "The calculated field expression.", - "title": "Expression", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Redshift::EndpointAccess": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "IsIncludedInTopic": { - "markdownDescription": "A boolean value that indicates if a calculated field is included in the topic.", - "title": "IsIncludedInTopic", - "type": "boolean" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "NeverAggregateInFilter": { - "markdownDescription": "A Boolean value that indicates whether to never aggregate calculated field in filters.", - "title": "NeverAggregateInFilter", - "type": "boolean" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "NonAdditive": { - "markdownDescription": "The non additive for the table style target.", - "title": "NonAdditive", - "type": "boolean" + "Metadata": { + "type": "object" }, - "NotAllowedAggregations": { - "items": { - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "ClusterIdentifier": { + "markdownDescription": "The cluster identifier of the cluster associated with the endpoint.", + "title": "ClusterIdentifier", + "type": "string" + }, + "EndpointName": { + "markdownDescription": "The name of the endpoint.", + "title": "EndpointName", + "type": "string" + }, + "ResourceOwner": { + "markdownDescription": "The AWS account ID of the owner of the cluster.", + "title": "ResourceOwner", + "type": "string" + }, + "SubnetGroupName": { + "markdownDescription": "The subnet group name where Amazon Redshift chooses to deploy the endpoint.", + "title": "SubnetGroupName", + "type": "string" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The security group that defines the ports, protocols, and sources for inbound traffic that you are authorizing into your endpoint.", + "title": "VpcSecurityGroupIds", + "type": "array" + } }, - "markdownDescription": "The list of aggregation types that are not allowed for the calculated field. Valid values for this structure are `COUNT` , `DISTINCT_COUNT` , `MIN` , `MAX` , `MEDIAN` , `SUM` , `AVERAGE` , `STDEV` , `STDEVP` , `VAR` , `VARP` , and `PERCENTILE` .", - "title": "NotAllowedAggregations", - "type": "array" + "required": [ + "ClusterIdentifier", + "EndpointName", + "SubnetGroupName", + "VpcSecurityGroupIds" + ], + "type": "object" }, - "SemanticType": { - "$ref": "#/definitions/AWS::QuickSight::Topic.SemanticType", - "markdownDescription": "The semantic type.", - "title": "SemanticType" + "Type": { + "enum": [ + "AWS::Redshift::EndpointAccess" + ], + "type": "string" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "CalculatedFieldName", - "Expression" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Topic.TopicCategoryFilter": { + "AWS::Redshift::EndpointAccess.NetworkInterface": { "additionalProperties": false, "properties": { - "CategoryFilterFunction": { - "markdownDescription": "The category filter function. Valid values for this structure are `EXACT` and `CONTAINS` .", - "title": "CategoryFilterFunction", + "AvailabilityZone": { + "markdownDescription": "The Availability Zone.", + "title": "AvailabilityZone", "type": "string" }, - "CategoryFilterType": { - "markdownDescription": "The category filter type. This element is used to specify whether a filter is a simple category filter or an inverse category filter.", - "title": "CategoryFilterType", + "NetworkInterfaceId": { + "markdownDescription": "The network interface identifier.", + "title": "NetworkInterfaceId", "type": "string" }, - "Constant": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicCategoryFilterConstant", - "markdownDescription": "The constant used in a category filter.", - "title": "Constant" + "PrivateIpAddress": { + "markdownDescription": "The IPv4 address of the network interface within the subnet.", + "title": "PrivateIpAddress", + "type": "string" }, - "Inverse": { - "markdownDescription": "A Boolean value that indicates if the filter is inverse.", - "title": "Inverse", - "type": "boolean" + "SubnetId": { + "markdownDescription": "The subnet identifier.", + "title": "SubnetId", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Topic.TopicCategoryFilterConstant": { + "AWS::Redshift::EndpointAccess.VpcEndpoint": { "additionalProperties": false, "properties": { - "CollectiveConstant": { - "$ref": "#/definitions/AWS::QuickSight::Topic.CollectiveConstant", - "markdownDescription": "A collective constant used in a category filter. This element is used to specify a list of values for the constant.", - "title": "CollectiveConstant" + "NetworkInterfaces": { + "items": { + "$ref": "#/definitions/AWS::Redshift::EndpointAccess.NetworkInterface" + }, + "markdownDescription": "One or more network interfaces of the endpoint. Also known as an interface endpoint.", + "title": "NetworkInterfaces", + "type": "array" }, - "ConstantType": { - "markdownDescription": "The type of category filter constant. This element is used to specify whether a constant is a singular or collective. Valid values are `SINGULAR` and `COLLECTIVE` .", - "title": "ConstantType", + "VpcEndpointId": { + "markdownDescription": "The connection endpoint ID for connecting an Amazon Redshift cluster through the proxy.", + "title": "VpcEndpointId", "type": "string" }, - "SingularConstant": { - "markdownDescription": "A singular constant used in a category filter. This element is used to specify a single value for the constant.", - "title": "SingularConstant", + "VpcId": { + "markdownDescription": "The VPC identifier that the endpoint is associated.", + "title": "VpcId", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Topic.TopicColumn": { + "AWS::Redshift::EndpointAccess.VpcSecurityGroup": { "additionalProperties": false, "properties": { - "Aggregation": { - "markdownDescription": "The type of aggregation that is performed on the column data when it's queried.", - "title": "Aggregation", - "type": "string" - }, - "AllowedAggregations": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of aggregation types that are allowed for the column. Valid values for this structure are `COUNT` , `DISTINCT_COUNT` , `MIN` , `MAX` , `MEDIAN` , `SUM` , `AVERAGE` , `STDEV` , `STDEVP` , `VAR` , `VARP` , and `PERCENTILE` .", - "title": "AllowedAggregations", - "type": "array" - }, - "CellValueSynonyms": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Topic.CellValueSynonym" - }, - "markdownDescription": "The other names or aliases for the column cell value.", - "title": "CellValueSynonyms", - "type": "array" - }, - "ColumnDataRole": { - "markdownDescription": "The role of the column in the data. Valid values are `DIMENSION` and `MEASURE` .", - "title": "ColumnDataRole", + "Status": { + "markdownDescription": "The status of the endpoint.", + "title": "Status", "type": "string" }, - "ColumnDescription": { - "markdownDescription": "A description of the column and its contents.", - "title": "ColumnDescription", + "VpcSecurityGroupId": { + "markdownDescription": "The identifier of the VPC security group.", + "title": "VpcSecurityGroupId", "type": "string" - }, - "ColumnFriendlyName": { - "markdownDescription": "A user-friendly name for the column.", - "title": "ColumnFriendlyName", + } + }, + "type": "object" + }, + "AWS::Redshift::EndpointAuthorization": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "ColumnName": { - "markdownDescription": "The name of the column.", - "title": "ColumnName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ColumnSynonyms": { - "items": { - "type": "string" - }, - "markdownDescription": "The other names or aliases for the column.", - "title": "ColumnSynonyms", - "type": "array" - }, - "ComparativeOrder": { - "$ref": "#/definitions/AWS::QuickSight::Topic.ComparativeOrder", - "markdownDescription": "The order in which data is displayed for the column when it's used in a comparative context.", - "title": "ComparativeOrder" - }, - "DefaultFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Topic.DefaultFormatting", - "markdownDescription": "The default formatting used for values in the column.", - "title": "DefaultFormatting" - }, - "IsIncludedInTopic": { - "markdownDescription": "A Boolean value that indicates whether the column is included in the query results.", - "title": "IsIncludedInTopic", - "type": "boolean" - }, - "NeverAggregateInFilter": { - "markdownDescription": "A Boolean value that indicates whether to aggregate the column data when it's used in a filter context.", - "title": "NeverAggregateInFilter", - "type": "boolean" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "NonAdditive": { - "markdownDescription": "The non additive value for the column.", - "title": "NonAdditive", - "type": "boolean" + "Metadata": { + "type": "object" }, - "NotAllowedAggregations": { - "items": { - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Account": { + "markdownDescription": "The AWS account ID of either the cluster owner (grantor) or grantee. If `Grantee` parameter is true, then the `Account` value is of the grantor.", + "title": "Account", + "type": "string" + }, + "ClusterIdentifier": { + "markdownDescription": "The cluster identifier.", + "title": "ClusterIdentifier", + "type": "string" + }, + "Force": { + "markdownDescription": "Indicates whether to force the revoke action. If true, the Redshift-managed VPC endpoints associated with the endpoint authorization are also deleted.", + "title": "Force", + "type": "boolean" + }, + "VpcIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The virtual private cloud (VPC) identifiers to grant access to.", + "title": "VpcIds", + "type": "array" + } }, - "markdownDescription": "The list of aggregation types that are not allowed for the column. Valid values for this structure are `COUNT` , `DISTINCT_COUNT` , `MIN` , `MAX` , `MEDIAN` , `SUM` , `AVERAGE` , `STDEV` , `STDEVP` , `VAR` , `VARP` , and `PERCENTILE` .", - "title": "NotAllowedAggregations", - "type": "array" + "required": [ + "Account", + "ClusterIdentifier" + ], + "type": "object" }, - "SemanticType": { - "$ref": "#/definitions/AWS::QuickSight::Topic.SemanticType", - "markdownDescription": "The semantic type of data contained in the column.", - "title": "SemanticType" + "Type": { + "enum": [ + "AWS::Redshift::EndpointAuthorization" + ], + "type": "string" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ColumnName" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Topic.TopicDateRangeFilter": { - "additionalProperties": false, - "properties": { - "Constant": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicRangeFilterConstant", - "markdownDescription": "The constant used in a date range filter.", - "title": "Constant" - }, - "Inclusive": { - "markdownDescription": "A Boolean value that indicates whether the date range filter should include the boundary values. If set to true, the filter includes the start and end dates. If set to false, the filter excludes them.", - "title": "Inclusive", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::QuickSight::Topic.TopicFilter": { + "AWS::Redshift::EventSubscription": { "additionalProperties": false, "properties": { - "CategoryFilter": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicCategoryFilter", - "markdownDescription": "The category filter that is associated with this filter.", - "title": "CategoryFilter" - }, - "DateRangeFilter": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicDateRangeFilter", - "markdownDescription": "The date range filter.", - "title": "DateRangeFilter" - }, - "FilterClass": { - "markdownDescription": "The class of the filter. Valid values for this structure are `ENFORCED_VALUE_FILTER` , `CONDITIONAL_VALUE_FILTER` , and `NAMED_VALUE_FILTER` .", - "title": "FilterClass", + "Condition": { "type": "string" }, - "FilterDescription": { - "markdownDescription": "A description of the filter used to select items for a topic.", - "title": "FilterDescription", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "FilterName": { - "markdownDescription": "The name of the filter.", - "title": "FilterName", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "FilterSynonyms": { - "items": { - "type": "string" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "A boolean value; set to `true` to activate the subscription, and set to `false` to create the subscription but not activate it.", + "title": "Enabled", + "type": "boolean" + }, + "EventCategories": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the Amazon Redshift event categories to be published by the event notification subscription.\n\nValues: configuration, management, monitoring, security, pending", + "title": "EventCategories", + "type": "array" + }, + "Severity": { + "markdownDescription": "Specifies the Amazon Redshift event severity to be published by the event notification subscription.\n\nValues: ERROR, INFO", + "title": "Severity", + "type": "string" + }, + "SnsTopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic used to transmit the event notifications. The ARN is created by Amazon SNS when you create a topic and subscribe to it.", + "title": "SnsTopicArn", + "type": "string" + }, + "SourceIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of one or more identifiers of Amazon Redshift source objects. All of the objects must be of the same type as was specified in the source type parameter. The event subscription will return only events generated by the specified objects. If not specified, then events are returned for all objects within the source type specified.\n\nExample: my-cluster-1, my-cluster-2\n\nExample: my-snapshot-20131010", + "title": "SourceIds", + "type": "array" + }, + "SourceType": { + "markdownDescription": "The type of source that will be generating the events. For example, if you want to be notified of events generated by a cluster, you would set this parameter to cluster. If this value is not specified, events are returned for all Amazon Redshift objects in your AWS account . You must specify a source type in order to specify source IDs.\n\nValid values: cluster, cluster-parameter-group, cluster-security-group, cluster-snapshot, and scheduled-action.", + "title": "SourceType", + "type": "string" + }, + "SubscriptionName": { + "markdownDescription": "The name of the event subscription to be created.\n\nConstraints:\n\n- Cannot be null, empty, or blank.\n- Must contain from 1 to 255 alphanumeric characters or hyphens.\n- First character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.", + "title": "SubscriptionName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tag instances.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The other names or aliases for the filter.", - "title": "FilterSynonyms", - "type": "array" + "required": [ + "SubscriptionName" + ], + "type": "object" }, - "FilterType": { - "markdownDescription": "The type of the filter. Valid values for this structure are `CATEGORY_FILTER` , `NUMERIC_EQUALITY_FILTER` , `NUMERIC_RANGE_FILTER` , `DATE_RANGE_FILTER` , and `RELATIVE_DATE_FILTER` .", - "title": "FilterType", + "Type": { + "enum": [ + "AWS::Redshift::EventSubscription" + ], "type": "string" }, - "NumericEqualityFilter": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicNumericEqualityFilter", - "markdownDescription": "The numeric equality filter.", - "title": "NumericEqualityFilter" - }, - "NumericRangeFilter": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicNumericRangeFilter", - "markdownDescription": "The numeric range filter.", - "title": "NumericRangeFilter" - }, - "OperandFieldName": { - "markdownDescription": "The name of the field that the filter operates on.", - "title": "OperandFieldName", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "RelativeDateFilter": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicRelativeDateFilter", - "markdownDescription": "The relative date filter.", - "title": "RelativeDateFilter" } }, "required": [ - "FilterName", - "OperandFieldName" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Topic.TopicNamedEntity": { + "AWS::Redshift::Integration": { "additionalProperties": false, "properties": { - "Definition": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Topic.NamedEntityDefinition" - }, - "markdownDescription": "The definition of a named entity.", - "title": "Definition", - "type": "array" - }, - "EntityDescription": { - "markdownDescription": "The description of the named entity.", - "title": "EntityDescription", + "Condition": { "type": "string" }, - "EntityName": { - "markdownDescription": "The name of the named entity.", - "title": "EntityName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "EntitySynonyms": { - "items": { - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AdditionalEncryptionContext": { + "additionalProperties": true, + "markdownDescription": "The encryption context for the integration. For more information, see [Encryption context](https://docs.aws.amazon.com/) in the *AWS Key Management Service Developer Guide* .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AdditionalEncryptionContext", + "type": "object" + }, + "IntegrationName": { + "markdownDescription": "The name of the integration.", + "title": "IntegrationName", + "type": "string" + }, + "KMSKeyId": { + "markdownDescription": "The AWS Key Management Service ( AWS KMS) key identifier for the key used to encrypt the integration.", + "title": "KMSKeyId", + "type": "string" + }, + "SourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the database used as the source for replication.", + "title": "SourceArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of tags associated with the integration.", + "title": "Tags", + "type": "array" + }, + "TargetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Redshift data warehouse to use as the target for replication.", + "title": "TargetArn", + "type": "string" + } }, - "markdownDescription": "The other names or aliases for the named entity.", - "title": "EntitySynonyms", - "type": "array" + "required": [ + "SourceArn", + "TargetArn" + ], + "type": "object" }, - "SemanticEntityType": { - "$ref": "#/definitions/AWS::QuickSight::Topic.SemanticEntityType", - "markdownDescription": "The type of named entity that a topic represents.", - "title": "SemanticEntityType" + "Type": { + "enum": [ + "AWS::Redshift::Integration" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "EntityName" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Topic.TopicNumericEqualityFilter": { + "AWS::Redshift::ScheduledAction": { "additionalProperties": false, "properties": { - "Aggregation": { - "markdownDescription": "An aggregation function that specifies how to calculate the value of a numeric field for a topic. Valid values for this structure are `NO_AGGREGATION` , `SUM` , `AVERAGE` , `COUNT` , `DISTINCT_COUNT` , `MAX` , `MEDIAN` , `MIN` , `STDEV` , `STDEVP` , `VAR` , and `VARP` .", - "title": "Aggregation", + "Condition": { "type": "string" }, - "Constant": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicSingularFilterConstant", - "markdownDescription": "The constant used in a numeric equality filter.", - "title": "Constant" - } - }, - "type": "object" - }, - "AWS::QuickSight::Topic.TopicNumericRangeFilter": { - "additionalProperties": false, - "properties": { - "Aggregation": { - "markdownDescription": "An aggregation function that specifies how to calculate the value of a numeric field for a topic, Valid values for this structure are `NO_AGGREGATION` , `SUM` , `AVERAGE` , `COUNT` , `DISTINCT_COUNT` , `MAX` , `MEDIAN` , `MIN` , `STDEV` , `STDEVP` , `VAR` , and `VARP` .", - "title": "Aggregation", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Constant": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicRangeFilterConstant", - "markdownDescription": "The constant used in a numeric range filter.", - "title": "Constant" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Inclusive": { - "markdownDescription": "A Boolean value that indicates whether the endpoints of the numeric range are included in the filter. If set to true, topics whose numeric field value is equal to the endpoint values will be included in the filter. If set to false, topics whose numeric field value is equal to the endpoint values will be excluded from the filter.", - "title": "Inclusive", - "type": "boolean" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Enable": { + "markdownDescription": "If true, the schedule is enabled. If false, the scheduled action does not trigger. For more information about `state` of the scheduled action, see `ScheduledAction` .", + "title": "Enable", + "type": "boolean" + }, + "EndTime": { + "markdownDescription": "The end time in UTC when the schedule is no longer active. After this time, the scheduled action does not trigger.", + "title": "EndTime", + "type": "string" + }, + "IamRole": { + "markdownDescription": "The IAM role to assume to run the scheduled action. This IAM role must have permission to run the Amazon Redshift API operation in the scheduled action. This IAM role must allow the Amazon Redshift scheduler (Principal scheduler.redshift.amazonaws.com) to assume permissions on your behalf. For more information about the IAM role to use with the Amazon Redshift scheduler, see [Using Identity-Based Policies for Amazon Redshift](https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-iam-access-control-identity-based.html) in the *Amazon Redshift Cluster Management Guide* .", + "title": "IamRole", + "type": "string" + }, + "Schedule": { + "markdownDescription": "The schedule for a one-time (at format) or recurring (cron format) scheduled action. Schedule invocations must be separated by at least one hour.\n\nFormat of at expressions is \" `at(yyyy-mm-ddThh:mm:ss)` \". For example, \" `at(2016-03-04T17:27:00)` \".\n\nFormat of cron expressions is \" `cron(Minutes Hours Day-of-month Month Day-of-week Year)` \". For example, \" `cron(0 10 ? * MON *)` \". For more information, see [Cron Expressions](https://docs.aws.amazon.com//AmazonCloudWatch/latest/events/ScheduledEvents.html#CronExpressions) in the *Amazon CloudWatch Events User Guide* .", + "title": "Schedule", + "type": "string" + }, + "ScheduledActionDescription": { + "markdownDescription": "The description of the scheduled action.", + "title": "ScheduledActionDescription", + "type": "string" + }, + "ScheduledActionName": { + "markdownDescription": "The name of the scheduled action.", + "title": "ScheduledActionName", + "type": "string" + }, + "StartTime": { + "markdownDescription": "The start time in UTC when the schedule is active. Before this time, the scheduled action does not trigger.", + "title": "StartTime", + "type": "string" + }, + "TargetAction": { + "$ref": "#/definitions/AWS::Redshift::ScheduledAction.ScheduledActionType", + "markdownDescription": "A JSON format string of the Amazon Redshift API operation with input parameters.\n\n\" `{\\\"ResizeCluster\\\":{\\\"NodeType\\\":\\\"ra3.4xlarge\\\",\\\"ClusterIdentifier\\\":\\\"my-test-cluster\\\",\\\"NumberOfNodes\\\":3}}` \".", + "title": "TargetAction" + } + }, + "required": [ + "ScheduledActionName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Redshift::ScheduledAction" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Topic.TopicRangeFilterConstant": { + "AWS::Redshift::ScheduledAction.PauseClusterMessage": { "additionalProperties": false, "properties": { - "ConstantType": { - "markdownDescription": "The data type of the constant value that is used in a range filter. Valid values for this structure are `RANGE` .", - "title": "ConstantType", + "ClusterIdentifier": { + "markdownDescription": "The identifier of the cluster to be paused.", + "title": "ClusterIdentifier", "type": "string" - }, - "RangeConstant": { - "$ref": "#/definitions/AWS::QuickSight::Topic.RangeConstant", - "markdownDescription": "The value of the constant that is used to specify the endpoints of a range filter.", - "title": "RangeConstant" } }, + "required": [ + "ClusterIdentifier" + ], "type": "object" }, - "AWS::QuickSight::Topic.TopicRelativeDateFilter": { + "AWS::Redshift::ScheduledAction.ResizeClusterMessage": { "additionalProperties": false, "properties": { - "Constant": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicSingularFilterConstant", - "markdownDescription": "The constant used in a relative date filter.", - "title": "Constant" + "Classic": { + "markdownDescription": "A boolean value indicating whether the resize operation is using the classic resize process. If you don't provide this parameter or set the value to `false` , the resize type is elastic.", + "title": "Classic", + "type": "boolean" }, - "RelativeDateFilterFunction": { - "markdownDescription": "The function to be used in a relative date filter to determine the range of dates to include in the results. Valid values for this structure are `BEFORE` , `AFTER` , and `BETWEEN` .", - "title": "RelativeDateFilterFunction", + "ClusterIdentifier": { + "markdownDescription": "The unique identifier for the cluster to resize.", + "title": "ClusterIdentifier", "type": "string" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", + "ClusterType": { + "markdownDescription": "The new cluster type for the specified cluster.", + "title": "ClusterType", + "type": "string" + }, + "NodeType": { + "markdownDescription": "The new node type for the nodes you are adding. If not specified, the cluster's current node type is used.", + "title": "NodeType", "type": "string" + }, + "NumberOfNodes": { + "markdownDescription": "The new number of nodes for the cluster. If not specified, the cluster's current number of nodes is used.", + "title": "NumberOfNodes", + "type": "number" } }, + "required": [ + "ClusterIdentifier" + ], "type": "object" }, - "AWS::QuickSight::Topic.TopicSingularFilterConstant": { + "AWS::Redshift::ScheduledAction.ResumeClusterMessage": { "additionalProperties": false, "properties": { - "ConstantType": { - "markdownDescription": "The type of the singular filter constant. Valid values for this structure are `SINGULAR` .", - "title": "ConstantType", + "ClusterIdentifier": { + "markdownDescription": "The identifier of the cluster to be resumed.", + "title": "ClusterIdentifier", "type": "string" + } + }, + "required": [ + "ClusterIdentifier" + ], + "type": "object" + }, + "AWS::Redshift::ScheduledAction.ScheduledActionType": { + "additionalProperties": false, + "properties": { + "PauseCluster": { + "$ref": "#/definitions/AWS::Redshift::ScheduledAction.PauseClusterMessage", + "markdownDescription": "An action that runs a `PauseCluster` API operation.", + "title": "PauseCluster" }, - "SingularConstant": { - "markdownDescription": "The value of the singular filter constant.", - "title": "SingularConstant", - "type": "string" + "ResizeCluster": { + "$ref": "#/definitions/AWS::Redshift::ScheduledAction.ResizeClusterMessage", + "markdownDescription": "An action that runs a `ResizeCluster` API operation.", + "title": "ResizeCluster" + }, + "ResumeCluster": { + "$ref": "#/definitions/AWS::Redshift::ScheduledAction.ResumeClusterMessage", + "markdownDescription": "An action that runs a `ResumeCluster` API operation.", + "title": "ResumeCluster" } }, "type": "object" }, - "AWS::QuickSight::VPCConnection": { + "AWS::RedshiftServerless::Namespace": { "additionalProperties": false, "properties": { "Condition": { @@ -223862,69 +270723,107 @@ "Properties": { "additionalProperties": false, "properties": { - "AvailabilityStatus": { - "markdownDescription": "The availability status of the VPC connection.", - "title": "AvailabilityStatus", + "AdminPasswordSecretKmsKeyId": { + "markdownDescription": "The ID of the AWS Key Management Service (KMS) key used to encrypt and store the namespace's admin credentials secret. You can only use this parameter if `ManageAdminPassword` is `true` .", + "title": "AdminPasswordSecretKmsKeyId", "type": "string" }, - "AwsAccountId": { - "markdownDescription": "The AWS account ID of the account where you want to create a new VPC connection.", - "title": "AwsAccountId", + "AdminUserPassword": { + "markdownDescription": "The password of the administrator for the primary database created in the namespace.", + "title": "AdminUserPassword", "type": "string" }, - "DnsResolvers": { + "AdminUsername": { + "markdownDescription": "The username of the administrator for the primary database created in the namespace.", + "title": "AdminUsername", + "type": "string" + }, + "DbName": { + "markdownDescription": "The name of the primary database created in the namespace.", + "title": "DbName", + "type": "string" + }, + "DefaultIamRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to set as a default in the namespace.", + "title": "DefaultIamRoleArn", + "type": "string" + }, + "FinalSnapshotName": { + "markdownDescription": "The name of the snapshot to be created before the namespace is deleted.", + "title": "FinalSnapshotName", + "type": "string" + }, + "FinalSnapshotRetentionPeriod": { + "markdownDescription": "How long to retain the final snapshot.", + "title": "FinalSnapshotRetentionPeriod", + "type": "number" + }, + "IamRoles": { "items": { "type": "string" }, - "markdownDescription": "A list of IP addresses of DNS resolver endpoints for the VPC connection.", - "title": "DnsResolvers", + "markdownDescription": "A list of IAM roles to associate with the namespace.", + "title": "IamRoles", "type": "array" }, - "Name": { - "markdownDescription": "The display name for the VPC connection.", - "title": "Name", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role associated with the VPC connection.", - "title": "RoleArn", + "KmsKeyId": { + "markdownDescription": "The ID of the AWS Key Management Service key used to encrypt your data.", + "title": "KmsKeyId", "type": "string" }, - "SecurityGroupIds": { + "LogExports": { "items": { "type": "string" }, - "markdownDescription": "The Amazon EC2 security group IDs associated with the VPC connection.", - "title": "SecurityGroupIds", + "markdownDescription": "The types of logs the namespace can export. Available export types are `userlog` , `connectionlog` , and `useractivitylog` .", + "title": "LogExports", "type": "array" }, - "SubnetIds": { + "ManageAdminPassword": { + "markdownDescription": "If true, Amazon Redshift uses AWS Secrets Manager to manage the namespace's admin credentials. You can't use `AdminUserPassword` if `ManageAdminPassword` is true. If `ManageAdminPassword` is `false` or not set, Amazon Redshift uses `AdminUserPassword` for the admin user account's password.", + "title": "ManageAdminPassword", + "type": "boolean" + }, + "NamespaceName": { + "markdownDescription": "The name of the namespace. Must be between 3-64 alphanumeric characters in lowercase, and it cannot be a reserved word. A list of reserved words can be found in [Reserved Words](https://docs.aws.amazon.com//redshift/latest/dg/r_pg_keywords.html) in the Amazon Redshift Database Developer Guide.", + "title": "NamespaceName", + "type": "string" + }, + "NamespaceResourcePolicy": { + "markdownDescription": "The resource policy that will be attached to the namespace.", + "title": "NamespaceResourcePolicy", + "type": "object" + }, + "RedshiftIdcApplicationArn": { + "markdownDescription": "The ARN for the Redshift application that integrates with IAM Identity Center.", + "title": "RedshiftIdcApplicationArn", + "type": "string" + }, + "SnapshotCopyConfigurations": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::RedshiftServerless::Namespace.SnapshotCopyConfiguration" }, - "markdownDescription": "A list of subnet IDs for the VPC connection.", - "title": "SubnetIds", + "markdownDescription": "", + "title": "SnapshotCopyConfigurations", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A map of the key-value pairs for the resource tag or tags assigned to the VPC connection.", + "markdownDescription": "The map of the key-value pairs used to tag the namespace.", "title": "Tags", "type": "array" - }, - "VPCConnectionId": { - "markdownDescription": "The ID of the VPC connection that you're creating. This ID is a unique identifier for each AWS Region in an AWS account.", - "title": "VPCConnectionId", - "type": "string" } }, + "required": [ + "NamespaceName" + ], "type": "object" }, "Type": { "enum": [ - "AWS::QuickSight::VPCConnection" + "AWS::RedshiftServerless::Namespace" ], "type": "string" }, @@ -223938,42 +270837,113 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::VPCConnection.NetworkInterface": { + "AWS::RedshiftServerless::Namespace.Namespace": { "additionalProperties": false, "properties": { - "AvailabilityZone": { - "markdownDescription": "The availability zone that the network interface resides in.", - "title": "AvailabilityZone", + "AdminPasswordSecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the namespace's admin user credentials secret.", + "title": "AdminPasswordSecretArn", "type": "string" }, - "ErrorMessage": { - "markdownDescription": "An error message.", - "title": "ErrorMessage", + "AdminPasswordSecretKmsKeyId": { + "markdownDescription": "The ID of the AWS Key Management Service (KMS) key used to encrypt and store the namespace's admin credentials secret.", + "title": "AdminPasswordSecretKmsKeyId", "type": "string" }, - "NetworkInterfaceId": { - "markdownDescription": "The network interface ID.", - "title": "NetworkInterfaceId", + "AdminUsername": { + "markdownDescription": "The username of the administrator for the first database created in the namespace.", + "title": "AdminUsername", + "type": "string" + }, + "CreationDate": { + "markdownDescription": "The date of when the namespace was created.", + "title": "CreationDate", + "type": "string" + }, + "DbName": { + "markdownDescription": "The name of the first database created in the namespace.", + "title": "DbName", + "type": "string" + }, + "DefaultIamRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to set as a default in the namespace.", + "title": "DefaultIamRoleArn", + "type": "string" + }, + "IamRoles": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of IAM roles to associate with the namespace.", + "title": "IamRoles", + "type": "array" + }, + "KmsKeyId": { + "markdownDescription": "The ID of the AWS Key Management Service key used to encrypt your data.", + "title": "KmsKeyId", + "type": "string" + }, + "LogExports": { + "items": { + "type": "string" + }, + "markdownDescription": "The types of logs the namespace can export. Available export types are User log, Connection log, and User activity log.", + "title": "LogExports", + "type": "array" + }, + "NamespaceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) associated with a namespace.", + "title": "NamespaceArn", + "type": "string" + }, + "NamespaceId": { + "markdownDescription": "The unique identifier of a namespace.", + "title": "NamespaceId", + "type": "string" + }, + "NamespaceName": { + "markdownDescription": "The name of the namespace. Must be between 3-64 alphanumeric characters in lowercase, and it cannot be a reserved word. A list of reserved words can be found in [Reserved Words](https://docs.aws.amazon.com//redshift/latest/dg/r_pg_keywords.html) in the Amazon Redshift Database Developer Guide.", + "title": "NamespaceName", "type": "string" }, "Status": { - "markdownDescription": "The status of the network interface.", + "markdownDescription": "The status of the namespace.", "title": "Status", "type": "string" + } + }, + "type": "object" + }, + "AWS::RedshiftServerless::Namespace.SnapshotCopyConfiguration": { + "additionalProperties": false, + "properties": { + "DestinationKmsKeyId": { + "markdownDescription": "The ID of the KMS key to use to encrypt your snapshots in the destination AWS Region .", + "title": "DestinationKmsKeyId", + "type": "string" }, - "SubnetId": { - "markdownDescription": "The subnet ID associated with the network interface.", - "title": "SubnetId", + "DestinationRegion": { + "markdownDescription": "The destination AWS Region to copy snapshots to.", + "title": "DestinationRegion", "type": "string" + }, + "SnapshotRetentionPeriod": { + "markdownDescription": "The retention period of snapshots that are copied to the destination AWS Region .", + "title": "SnapshotRetentionPeriod", + "type": "number" } }, + "required": [ + "DestinationRegion" + ], "type": "object" }, - "AWS::RAM::Permission": { + "AWS::RedshiftServerless::Snapshot": { "additionalProperties": false, "properties": { "Condition": { @@ -224008,40 +270978,38 @@ "Properties": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "Specifies the name of the customer managed permission. The name must be unique within the AWS Region .", - "title": "Name", + "NamespaceName": { + "markdownDescription": "The name of the namepsace.", + "title": "NamespaceName", "type": "string" }, - "PolicyTemplate": { - "markdownDescription": "A string in JSON format string that contains the following elements of a resource-based policy:\n\n- *Effect* : must be set to `ALLOW` .\n- *Action* : specifies the actions that are allowed by this customer managed permission. The list must contain only actions that are supported by the specified resource type. For a list of all actions supported by each resource type, see [Actions, resources, and condition keys for AWS services](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html) in the *AWS Identity and Access Management User Guide* .\n- *Condition* : (optional) specifies conditional parameters that must evaluate to true when a user attempts an action for that action to be allowed. For more information about the Condition element, see [IAM policies: Condition element](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition.html) in the *AWS Identity and Access Management User Guide* .\n\nThis template can't include either the `Resource` or `Principal` elements. Those are both filled in by AWS RAM when it instantiates the resource-based policy on each resource shared using this managed permission. The `Resource` comes from the ARN of the specific resource that you are sharing. The `Principal` comes from the list of identities added to the resource share.", - "title": "PolicyTemplate", - "type": "object" + "RetentionPeriod": { + "markdownDescription": "The retention period of the snapshot created by the scheduled action.", + "title": "RetentionPeriod", + "type": "number" }, - "ResourceType": { - "markdownDescription": "Specifies the name of the resource type that this customer managed permission applies to.\n\nThe format is `** : **` and is not case sensitive. For example, to specify an Amazon EC2 Subnet, you can use the string `ec2:subnet` . To see the list of valid values for this parameter, query the [ListResourceTypes](https://docs.aws.amazon.com/ram/latest/APIReference/API_ListResourceTypes.html) operation.", - "title": "ResourceType", + "SnapshotName": { + "markdownDescription": "The name of the snapshot.", + "title": "SnapshotName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Specifies a list of one or more tag key and value pairs to attach to the permission.", + "markdownDescription": "An array of [Tag objects](https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_Tag.html) to associate with the snapshot.", "title": "Tags", "type": "array" } }, "required": [ - "Name", - "PolicyTemplate", - "ResourceType" + "SnapshotName" ], "type": "object" }, "Type": { "enum": [ - "AWS::RAM::Permission" + "AWS::RedshiftServerless::Snapshot" ], "type": "string" }, @@ -224060,7 +271028,63 @@ ], "type": "object" }, - "AWS::RAM::ResourceShare": { + "AWS::RedshiftServerless::Snapshot.Snapshot": { + "additionalProperties": false, + "properties": { + "AdminUsername": { + "markdownDescription": "The username of the database within a snapshot.", + "title": "AdminUsername", + "type": "string" + }, + "KmsKeyId": { + "markdownDescription": "The unique identifier of the KMS key used to encrypt the snapshot.", + "title": "KmsKeyId", + "type": "string" + }, + "NamespaceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the namespace the snapshot was created from.", + "title": "NamespaceArn", + "type": "string" + }, + "NamespaceName": { + "markdownDescription": "The name of the namepsace.", + "title": "NamespaceName", + "type": "string" + }, + "OwnerAccount": { + "markdownDescription": "The owner AWS ; account of the snapshot.", + "title": "OwnerAccount", + "type": "string" + }, + "RetentionPeriod": { + "markdownDescription": "", + "title": "RetentionPeriod", + "type": "number" + }, + "SnapshotArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the snapshot.", + "title": "SnapshotArn", + "type": "string" + }, + "SnapshotCreateTime": { + "markdownDescription": "The timestamp of when the snapshot was created.", + "title": "SnapshotCreateTime", + "type": "string" + }, + "SnapshotName": { + "markdownDescription": "The name of the snapshot.", + "title": "SnapshotName", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the snapshot.", + "title": "Status", + "type": "string" + } + }, + "type": "object" + }, + "AWS::RedshiftServerless::Workgroup": { "additionalProperties": false, "properties": { "Condition": { @@ -224095,65 +271119,117 @@ "Properties": { "additionalProperties": false, "properties": { - "AllowExternalPrincipals": { - "markdownDescription": "Specifies whether principals outside your organization in AWS Organizations can be associated with a resource share. A value of `true` lets you share with individual AWS accounts that are *not* in your organization. A value of `false` only has meaning if your account is a member of an AWS Organization. The default value is `true` .", - "title": "AllowExternalPrincipals", - "type": "boolean" - }, - "Name": { - "markdownDescription": "Specifies the name of the resource share.", - "title": "Name", - "type": "string" + "BaseCapacity": { + "markdownDescription": "The base compute capacity of the workgroup in Redshift Processing Units (RPUs).", + "title": "BaseCapacity", + "type": "number" }, - "PermissionArns": { + "ConfigParameters": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.ConfigParameter" }, - "markdownDescription": "Specifies the [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html) of the AWS RAM permission to associate with the resource share. If you do not specify an ARN for the permission, AWS RAM automatically attaches the default version of the permission for each resource type. You can associate only one permission with each resource type included in the resource share.", - "title": "PermissionArns", + "markdownDescription": "The key of the parameter. The options are `auto_mv` , `datestyle` , `enable_case_sensitive_identifier` , `enable_user_activity_logging` , `query_group` , `search_path` , `require_ssl` , `use_fips_ssl` , and query monitoring metrics that let you define performance boundaries. For more information about query monitoring rules and available metrics, see [Query monitoring metrics for Amazon Redshift Serverless](https://docs.aws.amazon.com/redshift/latest/dg/cm-c-wlm-query-monitoring-rules.html#cm-c-wlm-query-monitoring-metrics-serverless) .", + "title": "ConfigParameters", "type": "array" }, - "Principals": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the principals to associate with the resource share. The possible values are:\n\n- An AWS account ID\n- An Amazon Resource Name (ARN) of an organization in AWS Organizations\n- An ARN of an organizational unit (OU) in AWS Organizations\n- An ARN of an IAM role\n- An ARN of an IAM user\n\n> Not all resource types can be shared with IAM roles and users. For more information, see the column *Can share with IAM roles and users* in the tables on [Shareable AWS resources](https://docs.aws.amazon.com/ram/latest/userguide/shareable.html) in the *AWS Resource Access Manager User Guide* .", - "title": "Principals", - "type": "array" + "EnhancedVpcRouting": { + "markdownDescription": "The value that specifies whether to enable enhanced virtual private cloud (VPC) routing, which forces Amazon Redshift Serverless to route traffic through your VPC.", + "title": "EnhancedVpcRouting", + "type": "boolean" }, - "ResourceArns": { + "MaxCapacity": { + "markdownDescription": "The maximum data-warehouse capacity Amazon Redshift Serverless uses to serve queries. The max capacity is specified in RPUs.", + "title": "MaxCapacity", + "type": "number" + }, + "NamespaceName": { + "markdownDescription": "The namespace the workgroup is associated with.", + "title": "NamespaceName", + "type": "string" + }, + "Port": { + "markdownDescription": "The custom port to use when connecting to a workgroup. Valid port ranges are 5431-5455 and 8191-8215. The default is 5439.", + "title": "Port", + "type": "number" + }, + "PricePerformanceTarget": { + "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.PerformanceTarget", + "markdownDescription": "An object that represents the price performance target settings for the workgroup.", + "title": "PricePerformanceTarget" + }, + "PubliclyAccessible": { + "markdownDescription": "A value that specifies whether the workgroup can be accessible from a public network.", + "title": "PubliclyAccessible", + "type": "boolean" + }, + "RecoveryPointId": { + "markdownDescription": "The recovery point id to restore from.", + "title": "RecoveryPointId", + "type": "string" + }, + "SecurityGroupIds": { "items": { "type": "string" }, - "markdownDescription": "Specifies a list of one or more ARNs of the resources to associate with the resource share.", - "title": "ResourceArns", + "markdownDescription": "A list of security group IDs to associate with the workgroup.", + "title": "SecurityGroupIds", "type": "array" }, - "Sources": { + "SnapshotArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the snapshot to restore from.", + "title": "SnapshotArn", + "type": "string" + }, + "SnapshotName": { + "markdownDescription": "The snapshot name to restore from.", + "title": "SnapshotName", + "type": "string" + }, + "SnapshotOwnerAccount": { + "markdownDescription": "The Amazon Web Services account that owns the snapshot.", + "title": "SnapshotOwnerAccount", + "type": "string" + }, + "SubnetIds": { "items": { "type": "string" }, - "markdownDescription": "", - "title": "Sources", + "markdownDescription": "A list of subnet IDs the workgroup is associated with.", + "title": "SubnetIds", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Specifies one or more tags to attach to the resource share itself. It doesn't attach the tags to the resources associated with the resource share.", + "markdownDescription": "The map of the key-value pairs used to tag the workgroup.", "title": "Tags", "type": "array" + }, + "TrackName": { + "markdownDescription": "An optional parameter for the name of the track for the workgroup. If you don't provide a track name, the workgroup is assigned to the current track.", + "title": "TrackName", + "type": "string" + }, + "Workgroup": { + "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.Workgroup", + "markdownDescription": "The collection of computing resources from which an endpoint is created.", + "title": "Workgroup" + }, + "WorkgroupName": { + "markdownDescription": "The name of the workgroup.", + "title": "WorkgroupName", + "type": "string" } }, "required": [ - "Name" + "WorkgroupName" ], "type": "object" }, "Type": { "enum": [ - "AWS::RAM::ResourceShare" + "AWS::RedshiftServerless::Workgroup" ], "type": "string" }, @@ -224172,7 +271248,208 @@ ], "type": "object" }, - "AWS::RDS::CustomDBEngineVersion": { + "AWS::RedshiftServerless::Workgroup.ConfigParameter": { + "additionalProperties": false, + "properties": { + "ParameterKey": { + "markdownDescription": "The key of the parameter. The options are `auto_mv` , `datestyle` , `enable_case_sensitive_identifier` , `enable_user_activity_logging` , `query_group` , `search_path` , `require_ssl` , `use_fips_ssl` , and query monitoring metrics that let you define performance boundaries. For more information about query monitoring rules and available metrics, see [Query monitoring metrics for Amazon Redshift Serverless](https://docs.aws.amazon.com/redshift/latest/dg/cm-c-wlm-query-monitoring-rules.html#cm-c-wlm-query-monitoring-metrics-serverless) .", + "title": "ParameterKey", + "type": "string" + }, + "ParameterValue": { + "markdownDescription": "The value of the parameter to set.", + "title": "ParameterValue", + "type": "string" + } + }, + "type": "object" + }, + "AWS::RedshiftServerless::Workgroup.Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "markdownDescription": "The DNS address of the VPC endpoint.", + "title": "Address", + "type": "string" + }, + "Port": { + "markdownDescription": "The port that Amazon Redshift Serverless listens on.", + "title": "Port", + "type": "number" + }, + "VpcEndpoints": { + "items": { + "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.VpcEndpoint" + }, + "markdownDescription": "An array of `VpcEndpoint` objects.", + "title": "VpcEndpoints", + "type": "array" + } + }, + "type": "object" + }, + "AWS::RedshiftServerless::Workgroup.NetworkInterface": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "markdownDescription": "The availability Zone.", + "title": "AvailabilityZone", + "type": "string" + }, + "NetworkInterfaceId": { + "markdownDescription": "The unique identifier of the network interface.", + "title": "NetworkInterfaceId", + "type": "string" + }, + "PrivateIpAddress": { + "markdownDescription": "The IPv4 address of the network interface within the subnet.", + "title": "PrivateIpAddress", + "type": "string" + }, + "SubnetId": { + "markdownDescription": "The unique identifier of the subnet.", + "title": "SubnetId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::RedshiftServerless::Workgroup.PerformanceTarget": { + "additionalProperties": false, + "properties": { + "Level": { + "markdownDescription": "The target price performance level for the workgroup. Valid values include 1, 25, 50, 75, and 100. These correspond to the price performance levels LOW_COST, ECONOMICAL, BALANCED, RESOURCEFUL, and HIGH_PERFORMANCE.", + "title": "Level", + "type": "number" + }, + "Status": { + "markdownDescription": "Whether the price performance target is enabled for the workgroup.", + "title": "Status", + "type": "string" + } + }, + "type": "object" + }, + "AWS::RedshiftServerless::Workgroup.VpcEndpoint": { + "additionalProperties": false, + "properties": { + "NetworkInterfaces": { + "items": { + "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.NetworkInterface" + }, + "markdownDescription": "One or more network interfaces of the endpoint. Also known as an interface endpoint.", + "title": "NetworkInterfaces", + "type": "array" + }, + "VpcEndpointId": { + "markdownDescription": "The connection endpoint ID for connecting to Amazon Redshift Serverless.", + "title": "VpcEndpointId", + "type": "string" + }, + "VpcId": { + "markdownDescription": "The VPC identifier that the endpoint is associated with.", + "title": "VpcId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::RedshiftServerless::Workgroup.Workgroup": { + "additionalProperties": false, + "properties": { + "BaseCapacity": { + "markdownDescription": "The base data warehouse capacity of the workgroup in Redshift Processing Units (RPUs).", + "title": "BaseCapacity", + "type": "number" + }, + "ConfigParameters": { + "items": { + "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.ConfigParameter" + }, + "markdownDescription": "An array of parameters to set for advanced control over a database. The options are `auto_mv` , `datestyle` , `enable_case_sensitive_identifier` , `enable_user_activity_logging` , `query_group` , `search_path` , `require_ssl` , `use_fips_ssl` , and query monitoring metrics that let you define performance boundaries. For more information about query monitoring rules and available metrics, see [Query monitoring metrics for Amazon Redshift Serverless](https://docs.aws.amazon.com/redshift/latest/dg/cm-c-wlm-query-monitoring-rules.html#cm-c-wlm-query-monitoring-metrics-serverless) .", + "title": "ConfigParameters", + "type": "array" + }, + "CreationDate": { + "markdownDescription": "The creation date of the workgroup.", + "title": "CreationDate", + "type": "string" + }, + "Endpoint": { + "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.Endpoint", + "markdownDescription": "The endpoint that is created from the workgroup.", + "title": "Endpoint" + }, + "EnhancedVpcRouting": { + "markdownDescription": "The value that specifies whether to enable enhanced virtual private cloud (VPC) routing, which forces Amazon Redshift Serverless to route traffic through your VPC.", + "title": "EnhancedVpcRouting", + "type": "boolean" + }, + "MaxCapacity": { + "markdownDescription": "The maximum data-warehouse capacity Amazon Redshift Serverless uses to serve queries. The max capacity is specified in RPUs.", + "title": "MaxCapacity", + "type": "number" + }, + "NamespaceName": { + "markdownDescription": "The namespace the workgroup is associated with.", + "title": "NamespaceName", + "type": "string" + }, + "PricePerformanceTarget": { + "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.PerformanceTarget", + "markdownDescription": "An object that represents the price performance target settings for the workgroup.", + "title": "PricePerformanceTarget" + }, + "PubliclyAccessible": { + "markdownDescription": "A value that specifies whether the workgroup can be accessible from a public network.", + "title": "PubliclyAccessible", + "type": "boolean" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of security group IDs to associate with the workgroup.", + "title": "SecurityGroupIds", + "type": "array" + }, + "Status": { + "markdownDescription": "The status of the workgroup.", + "title": "Status", + "type": "string" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of subnet IDs the workgroup is associated with.", + "title": "SubnetIds", + "type": "array" + }, + "TrackName": { + "markdownDescription": "The name of the track for the workgroup.", + "title": "TrackName", + "type": "string" + }, + "WorkgroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that links to the workgroup.", + "title": "WorkgroupArn", + "type": "string" + }, + "WorkgroupId": { + "markdownDescription": "The unique identifier of the workgroup.", + "title": "WorkgroupId", + "type": "string" + }, + "WorkgroupName": { + "markdownDescription": "The name of the workgroup.", + "title": "WorkgroupName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::RefactorSpaces::Application": { "additionalProperties": false, "properties": { "Condition": { @@ -224207,79 +271484,51 @@ "Properties": { "additionalProperties": false, "properties": { - "DatabaseInstallationFilesS3BucketName": { - "markdownDescription": "The name of an Amazon S3 bucket that contains database installation files for your CEV. For example, a valid bucket name is `my-custom-installation-files` .", - "title": "DatabaseInstallationFilesS3BucketName", - "type": "string" - }, - "DatabaseInstallationFilesS3Prefix": { - "markdownDescription": "The Amazon S3 directory that contains the database installation files for your CEV. For example, a valid bucket name is `123456789012/cev1` . If this setting isn't specified, no prefix is assumed.", - "title": "DatabaseInstallationFilesS3Prefix", - "type": "string" - }, - "Description": { - "markdownDescription": "An optional description of your CEV.", - "title": "Description", - "type": "string" - }, - "Engine": { - "markdownDescription": "The database engine to use for your custom engine version (CEV).\n\nValid values:\n\n- `custom-oracle-ee`\n- `custom-oracle-ee-cdb`", - "title": "Engine", - "type": "string" - }, - "EngineVersion": { - "markdownDescription": "The name of your CEV. The name format is `major version.customized_string` . For example, a valid CEV name is `19.my_cev1` . This setting is required for RDS Custom for Oracle, but optional for Amazon RDS. The combination of `Engine` and `EngineVersion` is unique per customer per Region.\n\n*Constraints:* Minimum length is 1. Maximum length is 60.\n\n*Pattern:* `^[a-z0-9_.-]{1,60$` }", - "title": "EngineVersion", - "type": "string" - }, - "ImageId": { - "markdownDescription": "A value that indicates the ID of the AMI.", - "title": "ImageId", - "type": "string" - }, - "KMSKeyId": { - "markdownDescription": "The AWS KMS key identifier for an encrypted CEV. A symmetric encryption KMS key is required for RDS Custom, but optional for Amazon RDS.\n\nIf you have an existing symmetric encryption KMS key in your account, you can use it with RDS Custom. No further action is necessary. If you don't already have a symmetric encryption KMS key in your account, follow the instructions in [Creating a symmetric encryption KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/create-keys.html#create-symmetric-cmk) in the *AWS Key Management Service Developer Guide* .\n\nYou can choose the same symmetric encryption key when you create a CEV and a DB instance, or choose different keys.", - "title": "KMSKeyId", - "type": "string" + "ApiGatewayProxy": { + "$ref": "#/definitions/AWS::RefactorSpaces::Application.ApiGatewayProxyInput", + "markdownDescription": "The endpoint URL of the Amazon API Gateway proxy.", + "title": "ApiGatewayProxy" }, - "Manifest": { - "markdownDescription": "The CEV manifest, which is a JSON document that describes the installation .zip files stored in Amazon S3. Specify the name/value pairs in a file or a quoted string. RDS Custom applies the patches in the order in which they are listed.\n\nThe following JSON fields are valid:\n\n- **MediaImportTemplateVersion** - Version of the CEV manifest. The date is in the format `YYYY-MM-DD` .\n- **databaseInstallationFileNames** - Ordered list of installation files for the CEV.\n- **opatchFileNames** - Ordered list of OPatch installers used for the Oracle DB engine.\n- **psuRuPatchFileNames** - The PSU and RU patches for this CEV.\n- **OtherPatchFileNames** - The patches that are not in the list of PSU and RU patches. Amazon RDS applies these patches after applying the PSU and RU patches.\n\nFor more information, see [Creating the CEV manifest](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-cev.html#custom-cev.preparing.manifest) in the *Amazon RDS User Guide* .", - "title": "Manifest", + "EnvironmentIdentifier": { + "markdownDescription": "The unique identifier of the environment.", + "title": "EnvironmentIdentifier", "type": "string" }, - "SourceCustomDbEngineVersionIdentifier": { - "markdownDescription": "The ARN of a CEV to use as a source for creating a new CEV. You can specify a different Amazon Machine Imagine (AMI) by using either `Source` or `UseAwsProvidedLatestImage` . You can't specify a different JSON manifest when you specify `SourceCustomDbEngineVersionIdentifier` .", - "title": "SourceCustomDbEngineVersionIdentifier", + "Name": { + "markdownDescription": "The name of the application.", + "title": "Name", "type": "string" }, - "Status": { - "markdownDescription": "A value that indicates the status of a custom engine version (CEV).", - "title": "Status", + "ProxyType": { + "markdownDescription": "The proxy type of the proxy created within the application.", + "title": "ProxyType", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tags. For more information, see [Tagging Amazon RDS Resources](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) in the *Amazon RDS User Guide.*", + "markdownDescription": "The tags assigned to the application.", "title": "Tags", "type": "array" }, - "UseAwsProvidedLatestImage": { - "markdownDescription": "Specifies whether to use the latest service-provided Amazon Machine Image (AMI) for the CEV. If you specify `UseAwsProvidedLatestImage` , you can't also specify `ImageId` .", - "title": "UseAwsProvidedLatestImage", - "type": "boolean" + "VpcId": { + "markdownDescription": "The ID of the virtual private cloud (VPC).", + "title": "VpcId", + "type": "string" } }, "required": [ - "Engine", - "EngineVersion" + "EnvironmentIdentifier", + "Name", + "ProxyType", + "VpcId" ], "type": "object" }, "Type": { "enum": [ - "AWS::RDS::CustomDBEngineVersion" + "AWS::RefactorSpaces::Application" ], "type": "string" }, @@ -224298,7 +271547,23 @@ ], "type": "object" }, - "AWS::RDS::DBCluster": { + "AWS::RefactorSpaces::Application.ApiGatewayProxyInput": { + "additionalProperties": false, + "properties": { + "EndpointType": { + "markdownDescription": "The type of endpoint to use for the API Gateway proxy. If no value is specified in the request, the value is set to `REGIONAL` by default.\n\nIf the value is set to `PRIVATE` in the request, this creates a private API endpoint that is isolated from the public internet. The private endpoint can only be accessed by using Amazon Virtual Private Cloud (Amazon VPC) interface endpoints for the Amazon API Gateway that has been granted access. For more information about creating a private connection with Refactor Spaces and interface endpoint ( AWS PrivateLink ) availability, see [Access Refactor Spaces using an interface endpoint ( AWS PrivateLink )](https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/userguide/vpc-interface-endpoints.html) .", + "title": "EndpointType", + "type": "string" + }, + "StageName": { + "markdownDescription": "The name of the API Gateway stage. The name defaults to `prod` .", + "title": "StageName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::RefactorSpaces::Environment": { "additionalProperties": false, "properties": { "Condition": { @@ -224333,297 +271598,137 @@ "Properties": { "additionalProperties": false, "properties": { - "AllocatedStorage": { - "markdownDescription": "The amount of storage in gibibytes (GiB) to allocate to each DB instance in the Multi-AZ DB cluster.\n\nValid for Cluster Type: Multi-AZ DB clusters only\n\nThis setting is required to create a Multi-AZ DB cluster.", - "title": "AllocatedStorage", - "type": "number" - }, - "AssociatedRoles": { - "items": { - "$ref": "#/definitions/AWS::RDS::DBCluster.DBClusterRole" - }, - "markdownDescription": "Provides a list of the AWS Identity and Access Management (IAM) roles that are associated with the DB cluster. IAM roles that are associated with a DB cluster grant permission for the DB cluster to access other Amazon Web Services on your behalf.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "AssociatedRoles", - "type": "array" - }, - "AutoMinorVersionUpgrade": { - "markdownDescription": "Specifies whether minor engine upgrades are applied automatically to the DB cluster during the maintenance window. By default, minor engine upgrades are applied automatically.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB cluster.\n\nFor more information about automatic minor version upgrades, see [Automatically upgrading the minor engine version](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Upgrading.html#USER_UpgradeDBInstance.Upgrading.AutoMinorVersionUpgrades) .", - "title": "AutoMinorVersionUpgrade", - "type": "boolean" - }, - "AvailabilityZones": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of Availability Zones (AZs) where instances in the DB cluster can be created. For information on AWS Regions and Availability Zones, see [Choosing the Regions and Availability Zones](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.RegionsAndAvailabilityZones.html) in the *Amazon Aurora User Guide* .\n\nValid for: Aurora DB clusters only", - "title": "AvailabilityZones", - "type": "array" - }, - "BacktrackWindow": { - "markdownDescription": "The target backtrack window, in seconds. To disable backtracking, set this value to `0` .\n\nValid for Cluster Type: Aurora MySQL DB clusters only\n\nDefault: `0`\n\nConstraints:\n\n- If specified, this value must be set to a number from 0 to 259,200 (72 hours).", - "title": "BacktrackWindow", - "type": "number" - }, - "BackupRetentionPeriod": { - "markdownDescription": "The number of days for which automated backups are retained.\n\nDefault: 1\n\nConstraints:\n\n- Must be a value from 1 to 35\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "BackupRetentionPeriod", - "type": "number" - }, - "CopyTagsToSnapshot": { - "markdownDescription": "A value that indicates whether to copy all tags from the DB cluster to snapshots of the DB cluster. The default is not to copy them.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "CopyTagsToSnapshot", - "type": "boolean" - }, - "DBClusterIdentifier": { - "markdownDescription": "The DB cluster identifier. This parameter is stored as a lowercase string.\n\nConstraints:\n\n- Must contain from 1 to 63 letters, numbers, or hyphens.\n- First character must be a letter.\n- Can't end with a hyphen or contain two consecutive hyphens.\n\nExample: `my-cluster1`\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "DBClusterIdentifier", - "type": "string" - }, - "DBClusterInstanceClass": { - "markdownDescription": "The compute and memory capacity of each DB instance in the Multi-AZ DB cluster, for example `db.m6gd.xlarge` . Not all DB instance classes are available in all AWS Regions , or for all database engines.\n\nFor the full list of DB instance classes and availability for your engine, see [DB instance class](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html) in the *Amazon RDS User Guide* .\n\nThis setting is required to create a Multi-AZ DB cluster.\n\nValid for Cluster Type: Multi-AZ DB clusters only", - "title": "DBClusterInstanceClass", - "type": "string" - }, - "DBClusterParameterGroupName": { - "markdownDescription": "The name of the DB cluster parameter group to associate with this DB cluster.\n\n> If you apply a parameter group to an existing DB cluster, then its DB instances might need to reboot. This can result in an outage while the DB instances are rebooting.\n> \n> If you apply a change to parameter group associated with a stopped DB cluster, then the update stack waits until the DB cluster is started. \n\nTo list all of the available DB cluster parameter group names, use the following command:\n\n`aws rds describe-db-cluster-parameter-groups --query \"DBClusterParameterGroups[].DBClusterParameterGroupName\" --output text`\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "DBClusterParameterGroupName", - "type": "string" - }, - "DBInstanceParameterGroupName": { - "markdownDescription": "The name of the DB parameter group to apply to all instances of the DB cluster.\n\n> When you apply a parameter group using the `DBInstanceParameterGroupName` parameter, the DB cluster isn't rebooted automatically. Also, parameter changes are applied immediately rather than during the next maintenance window. \n\nValid for Cluster Type: Aurora DB clusters only\n\nDefault: The existing name setting\n\nConstraints:\n\n- The DB parameter group must be in the same DB parameter group family as this DB cluster.\n- The `DBInstanceParameterGroupName` parameter is valid in combination with the `AllowMajorVersionUpgrade` parameter for a major version upgrade only.", - "title": "DBInstanceParameterGroupName", - "type": "string" - }, - "DBSubnetGroupName": { - "markdownDescription": "A DB subnet group that you want to associate with this DB cluster.\n\nIf you are restoring a DB cluster to a point in time with `RestoreType` set to `copy-on-write` , and don't specify a DB subnet group name, then the DB cluster is restored with a default DB subnet group.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "DBSubnetGroupName", - "type": "string" - }, - "DBSystemId": { - "markdownDescription": "Reserved for future use.", - "title": "DBSystemId", + "Description": { + "markdownDescription": "A description of the environment.", + "title": "Description", "type": "string" }, - "DatabaseName": { - "markdownDescription": "The name of your database. If you don't provide a name, then Amazon RDS won't create a database in this DB cluster. For naming constraints, see [Naming Constraints](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/CHAP_Limits.html#RDS_Limits.Constraints) in the *Amazon Aurora User Guide* .\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "DatabaseName", + "Name": { + "markdownDescription": "The name of the environment.", + "title": "Name", "type": "string" }, - "DeletionProtection": { - "markdownDescription": "A value that indicates whether the DB cluster has deletion protection enabled. The database can't be deleted when deletion protection is enabled. By default, deletion protection is disabled.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "DeletionProtection", - "type": "boolean" - }, - "Domain": { - "markdownDescription": "Indicates the directory ID of the Active Directory to create the DB cluster.\n\nFor Amazon Aurora DB clusters, Amazon RDS can use Kerberos authentication to authenticate users that connect to the DB cluster.\n\nFor more information, see [Kerberos authentication](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/kerberos-authentication.html) in the *Amazon Aurora User Guide* .\n\nValid for: Aurora DB clusters only", - "title": "Domain", + "NetworkFabricType": { + "markdownDescription": "The network fabric type of the environment.", + "title": "NetworkFabricType", "type": "string" }, - "DomainIAMRoleName": { - "markdownDescription": "Specifies the name of the IAM role to use when making API calls to the Directory Service.\n\nValid for: Aurora DB clusters only", - "title": "DomainIAMRoleName", + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags assigned to the environment.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RefactorSpaces::Environment" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::RefactorSpaces::Route": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, - "EnableCloudwatchLogsExports": { + { "items": { + "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, - "markdownDescription": "The list of log types that need to be enabled for exporting to CloudWatch Logs. The values in the list depend on the DB engine being used. For more information, see [Publishing Database Logs to Amazon CloudWatch Logs](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_LogAccess.html#USER_LogAccess.Procedural.UploadtoCloudWatch) in the *Amazon Aurora User Guide* .\n\n*Aurora MySQL*\n\nValid values: `audit` , `error` , `general` , `slowquery`\n\n*Aurora PostgreSQL*\n\nValid values: `postgresql`\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "EnableCloudwatchLogsExports", "type": "array" - }, - "EnableGlobalWriteForwarding": { - "markdownDescription": "Specifies whether to enable this DB cluster to forward write operations to the primary cluster of a global cluster (Aurora global database). By default, write operations are not allowed on Aurora DB clusters that are secondary clusters in an Aurora global database.\n\nYou can set this value only on Aurora DB clusters that are members of an Aurora global database. With this parameter enabled, a secondary cluster can forward writes to the current primary cluster, and the resulting changes are replicated back to this cluster. For the primary DB cluster of an Aurora global database, this value is used immediately if the primary is demoted by a global cluster API operation, but it does nothing until then.\n\nValid for Cluster Type: Aurora DB clusters only", - "title": "EnableGlobalWriteForwarding", - "type": "boolean" - }, - "EnableHttpEndpoint": { - "markdownDescription": "Specifies whether to enable the HTTP endpoint for the DB cluster. By default, the HTTP endpoint isn't enabled.\n\nWhen enabled, the HTTP endpoint provides a connectionless web service API (RDS Data API) for running SQL queries on the DB cluster. You can also query your database from inside the RDS console with the RDS query editor.\n\nFor more information, see [Using RDS Data API](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/data-api.html) in the *Amazon Aurora User Guide* .\n\nValid for Cluster Type: Aurora DB clusters only", - "title": "EnableHttpEndpoint", - "type": "boolean" - }, - "EnableIAMDatabaseAuthentication": { - "markdownDescription": "A value that indicates whether to enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts. By default, mapping is disabled.\n\nFor more information, see [IAM Database Authentication](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.IAMDBAuth.html) in the *Amazon Aurora User Guide.*\n\nValid for: Aurora DB clusters only", - "title": "EnableIAMDatabaseAuthentication", - "type": "boolean" - }, - "Engine": { - "markdownDescription": "The name of the database engine to be used for this DB cluster.\n\nValid Values:\n\n- `aurora-mysql`\n- `aurora-postgresql`\n- `mysql`\n- `postgres`\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "Engine", - "type": "string" - }, - "EngineMode": { - "markdownDescription": "The DB engine mode of the DB cluster, either `provisioned` or `serverless` .\n\nThe `serverless` engine mode only applies for Aurora Serverless v1 DB clusters. Aurora Serverless v2 DB clusters use the `provisioned` engine mode.\n\nFor information about limitations and requirements for Serverless DB clusters, see the following sections in the *Amazon Aurora User Guide* :\n\n- [Limitations of Aurora Serverless v1](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.html#aurora-serverless.limitations)\n- [Requirements for Aurora Serverless v2](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless-v2.requirements.html)\n\nValid for Cluster Type: Aurora DB clusters only", - "title": "EngineMode", - "type": "string" - }, - "EngineVersion": { - "markdownDescription": "The version number of the database engine to use.\n\nTo list all of the available engine versions for Aurora MySQL version 2 (5.7-compatible) and version 3 (8.0-compatible), use the following command:\n\n`aws rds describe-db-engine-versions --engine aurora-mysql --query \"DBEngineVersions[].EngineVersion\"`\n\nYou can supply either `5.7` or `8.0` to use the default engine version for Aurora MySQL version 2 or version 3, respectively.\n\nTo list all of the available engine versions for Aurora PostgreSQL, use the following command:\n\n`aws rds describe-db-engine-versions --engine aurora-postgresql --query \"DBEngineVersions[].EngineVersion\"`\n\nTo list all of the available engine versions for RDS for MySQL, use the following command:\n\n`aws rds describe-db-engine-versions --engine mysql --query \"DBEngineVersions[].EngineVersion\"`\n\nTo list all of the available engine versions for RDS for PostgreSQL, use the following command:\n\n`aws rds describe-db-engine-versions --engine postgres --query \"DBEngineVersions[].EngineVersion\"`\n\n*Aurora MySQL*\n\nFor information, see [Database engine updates for Amazon Aurora MySQL](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraMySQL.Updates.html) in the *Amazon Aurora User Guide* .\n\n*Aurora PostgreSQL*\n\nFor information, see [Amazon Aurora PostgreSQL releases and engine versions](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraPostgreSQL.Updates.20180305.html) in the *Amazon Aurora User Guide* .\n\n*MySQL*\n\nFor information, see [Amazon RDS for MySQL](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MySQL.html#MySQL.Concepts.VersionMgmt) in the *Amazon RDS User Guide* .\n\n*PostgreSQL*\n\nFor information, see [Amazon RDS for PostgreSQL](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_PostgreSQL.html#PostgreSQL.Concepts) in the *Amazon RDS User Guide* .\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "EngineVersion", - "type": "string" - }, - "GlobalClusterIdentifier": { - "markdownDescription": "If you are configuring an Aurora global database cluster and want your Aurora DB cluster to be a secondary member in the global database cluster, specify the global cluster ID of the global database cluster. To define the primary database cluster of the global cluster, use the [AWS::RDS::GlobalCluster](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-globalcluster.html) resource.\n\nIf you aren't configuring a global database cluster, don't specify this property.\n\n> To remove the DB cluster from a global database cluster, specify an empty value for the `GlobalClusterIdentifier` property. \n\nFor information about Aurora global databases, see [Working with Amazon Aurora Global Databases](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database.html) in the *Amazon Aurora User Guide* .\n\nValid for: Aurora DB clusters only", - "title": "GlobalClusterIdentifier", - "type": "string" - }, - "Iops": { - "markdownDescription": "The amount of Provisioned IOPS (input/output operations per second) to be initially allocated for each DB instance in the Multi-AZ DB cluster.\n\nFor information about valid IOPS values, see [Provisioned IOPS storage](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#USER_PIOPS) in the *Amazon RDS User Guide* .\n\nThis setting is required to create a Multi-AZ DB cluster.\n\nValid for Cluster Type: Multi-AZ DB clusters only\n\nConstraints:\n\n- Must be a multiple between .5 and 50 of the storage amount for the DB cluster.", - "title": "Iops", - "type": "number" - }, - "KmsKeyId": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key that is used to encrypt the database instances in the DB cluster, such as `arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef` . If you enable the `StorageEncrypted` property but don't specify this property, the default KMS key is used. If you specify this property, you must set the `StorageEncrypted` property to `true` .\n\nIf you specify the `SnapshotIdentifier` property, the `StorageEncrypted` property value is inherited from the snapshot, and if the DB cluster is encrypted, the specified `KmsKeyId` property is used.\n\nIf you create a read replica of an encrypted DB cluster in another AWS Region, make sure to set `KmsKeyId` to a KMS key identifier that is valid in the destination AWS Region. This KMS key is used to encrypt the read replica in that AWS Region.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "KmsKeyId", - "type": "string" - }, - "ManageMasterUserPassword": { - "markdownDescription": "Specifies whether to manage the master user password with AWS Secrets Manager.\n\nFor more information, see [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide* and [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html) in the *Amazon Aurora User Guide.*\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n\nConstraints:\n\n- Can't manage the master user password with AWS Secrets Manager if `MasterUserPassword` is specified.", - "title": "ManageMasterUserPassword", - "type": "boolean" - }, - "MasterUserPassword": { - "markdownDescription": "The master password for the DB instance.\n\n> If you specify the `SourceDBClusterIdentifier` , `SnapshotIdentifier` , or `GlobalClusterIdentifier` property, don't specify this property. The value is inherited from the source DB cluster, the snapshot, or the primary DB cluster for the global database cluster, respectively. \n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "MasterUserPassword", - "type": "string" - }, - "MasterUserSecret": { - "$ref": "#/definitions/AWS::RDS::DBCluster.MasterUserSecret", - "markdownDescription": "The secret managed by RDS in AWS Secrets Manager for the master user password.\n\n> When you restore a DB cluster from a snapshot, Amazon RDS generates a new secret instead of reusing the secret specified in the `SecretArn` property. This ensures that the restored DB cluster is securely managed with a dedicated secret. To maintain consistent integration with your application, you might need to update resource configurations to reference the newly created secret. \n\nFor more information, see [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide* and [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html) in the *Amazon Aurora User Guide.*", - "title": "MasterUserSecret" - }, - "MasterUsername": { - "markdownDescription": "The name of the master user for the DB cluster.\n\n> If you specify the `SourceDBClusterIdentifier` , `SnapshotIdentifier` , or `GlobalClusterIdentifier` property, don't specify this property. The value is inherited from the source DB cluster, the snapshot, or the primary DB cluster for the global database cluster, respectively. \n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "MasterUsername", - "type": "string" - }, - "MonitoringInterval": { - "markdownDescription": "The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB cluster. To turn off collecting Enhanced Monitoring metrics, specify `0` .\n\nIf `MonitoringRoleArn` is specified, also set `MonitoringInterval` to a value other than `0` .\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n\nValid Values: `0 | 1 | 5 | 10 | 15 | 30 | 60`\n\nDefault: `0`", - "title": "MonitoringInterval", - "type": "number" - }, - "MonitoringRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the IAM role that permits RDS to send Enhanced Monitoring metrics to Amazon CloudWatch Logs. An example is `arn:aws:iam:123456789012:role/emaccess` . For information on creating a monitoring role, see [Setting up and enabling Enhanced Monitoring](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.OS.html#USER_Monitoring.OS.Enabling) in the *Amazon RDS User Guide* .\n\nIf `MonitoringInterval` is set to a value other than `0` , supply a `MonitoringRoleArn` value.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters", - "title": "MonitoringRoleArn", - "type": "string" - }, - "NetworkType": { - "markdownDescription": "The network type of the DB cluster.\n\nValid values:\n\n- `IPV4`\n- `DUAL`\n\nThe network type is determined by the `DBSubnetGroup` specified for the DB cluster. A `DBSubnetGroup` can support only the IPv4 protocol or the IPv4 and IPv6 protocols ( `DUAL` ).\n\nFor more information, see [Working with a DB instance in a VPC](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_VPC.WorkingWithRDSInstanceinaVPC.html) in the *Amazon Aurora User Guide.*\n\nValid for: Aurora DB clusters only", - "title": "NetworkType", - "type": "string" - }, - "PerformanceInsightsEnabled": { - "markdownDescription": "Specifies whether to turn on Performance Insights for the DB cluster.\n\nFor more information, see [Using Amazon Performance Insights](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.html) in the *Amazon RDS User Guide* .\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters", - "title": "PerformanceInsightsEnabled", - "type": "boolean" - }, - "PerformanceInsightsKmsKeyId": { - "markdownDescription": "The AWS KMS key identifier for encryption of Performance Insights data.\n\nThe AWS KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.\n\nIf you don't specify a value for `PerformanceInsightsKMSKeyId` , then Amazon RDS uses your default KMS key. There is a default KMS key for your AWS account . Your AWS account has a different default KMS key for each AWS Region .\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters", - "title": "PerformanceInsightsKmsKeyId", - "type": "string" - }, - "PerformanceInsightsRetentionPeriod": { - "markdownDescription": "The number of days to retain Performance Insights data. When creating a DB cluster without enabling Performance Insights, you can't specify the parameter `PerformanceInsightsRetentionPeriod` .\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n\nValid Values:\n\n- `7`\n- *month* * 31, where *month* is a number of months from 1-23. Examples: `93` (3 months * 31), `341` (11 months * 31), `589` (19 months * 31)\n- `731`\n\nDefault: `7` days\n\nIf you specify a retention period that isn't valid, such as `94` , Amazon RDS issues an error.", - "title": "PerformanceInsightsRetentionPeriod", - "type": "number" - }, - "Port": { - "markdownDescription": "The port number on which the DB instances in the DB cluster accept connections.\n\nDefault:\n\n- When `EngineMode` is `provisioned` , `3306` (for both Aurora MySQL and Aurora PostgreSQL)\n- When `EngineMode` is `serverless` :\n\n- `3306` when `Engine` is `aurora` or `aurora-mysql`\n- `5432` when `Engine` is `aurora-postgresql`\n\n> The `No interruption` on update behavior only applies to DB clusters. If you are updating a DB instance, see [Port](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-port) for the AWS::RDS::DBInstance resource. \n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "Port", - "type": "number" - }, - "PreferredBackupWindow": { - "markdownDescription": "The daily time range during which automated backups are created. For more information, see [Backup Window](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Managing.Backups.html#Aurora.Managing.Backups.BackupWindow) in the *Amazon Aurora User Guide.*\n\nConstraints:\n\n- Must be in the format `hh24:mi-hh24:mi` .\n- Must be in Universal Coordinated Time (UTC).\n- Must not conflict with the preferred maintenance window.\n- Must be at least 30 minutes.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "PreferredBackupWindow", - "type": "string" - }, - "PreferredMaintenanceWindow": { - "markdownDescription": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n\nFormat: `ddd:hh24:mi-ddd:hh24:mi`\n\nThe default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region, occurring on a random day of the week. To see the time blocks available, see [Maintaining an Amazon Aurora DB cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_UpgradeDBInstance.Maintenance.html#AdjustingTheMaintenanceWindow.Aurora) in the *Amazon Aurora User Guide.*\n\nValid Days: Mon, Tue, Wed, Thu, Fri, Sat, Sun.\n\nConstraints: Minimum 30-minute window.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "PreferredMaintenanceWindow", - "type": "string" - }, - "PubliclyAccessible": { - "markdownDescription": "Specifies whether the DB cluster is publicly accessible.\n\nWhen the DB cluster is publicly accessible and you connect from outside of the DB cluster's virtual private cloud (VPC), its Domain Name System (DNS) endpoint resolves to the public IP address. When you connect from within the same VPC as the DB cluster, the endpoint resolves to the private IP address. Access to the DB cluster is ultimately controlled by the security group it uses. That public access isn't permitted if the security group assigned to the DB cluster doesn't permit it.\n\nWhen the DB cluster isn't publicly accessible, it is an internal DB cluster with a DNS name that resolves to a private IP address.\n\nValid for Cluster Type: Multi-AZ DB clusters only\n\nDefault: The default behavior varies depending on whether `DBSubnetGroupName` is specified.\n\nIf `DBSubnetGroupName` isn't specified, and `PubliclyAccessible` isn't specified, the following applies:\n\n- If the default VPC in the target Region doesn\u2019t have an internet gateway attached to it, the DB cluster is private.\n- If the default VPC in the target Region has an internet gateway attached to it, the DB cluster is public.\n\nIf `DBSubnetGroupName` is specified, and `PubliclyAccessible` isn't specified, the following applies:\n\n- If the subnets are part of a VPC that doesn\u2019t have an internet gateway attached to it, the DB cluster is private.\n- If the subnets are part of a VPC that has an internet gateway attached to it, the DB cluster is public.", - "title": "PubliclyAccessible", - "type": "boolean" - }, - "ReplicationSourceIdentifier": { - "markdownDescription": "The Amazon Resource Name (ARN) of the source DB instance or DB cluster if this DB cluster is created as a read replica.\n\nValid for: Aurora DB clusters only", - "title": "ReplicationSourceIdentifier", - "type": "string" - }, - "RestoreToTime": { - "markdownDescription": "The date and time to restore the DB cluster to.\n\nValid Values: Value must be a time in Universal Coordinated Time (UTC) format\n\nConstraints:\n\n- Must be before the latest restorable time for the DB instance\n- Must be specified if `UseLatestRestorableTime` parameter isn't provided\n- Can't be specified if the `UseLatestRestorableTime` parameter is enabled\n- Can't be specified if the `RestoreType` parameter is `copy-on-write`\n\nThis property must be used with `SourceDBClusterIdentifier` property. The resulting cluster will have the identifier that matches the value of the `DBclusterIdentifier` property.\n\nExample: `2015-03-07T23:45:00Z`\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "RestoreToTime", - "type": "string" - }, - "RestoreType": { - "markdownDescription": "The type of restore to be performed. You can specify one of the following values:\n\n- `full-copy` - The new DB cluster is restored as a full copy of the source DB cluster.\n- `copy-on-write` - The new DB cluster is restored as a clone of the source DB cluster.\n\nIf you don't specify a `RestoreType` value, then the new DB cluster is restored as a full copy of the source DB cluster.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "RestoreType", - "type": "string" - }, - "ScalingConfiguration": { - "$ref": "#/definitions/AWS::RDS::DBCluster.ScalingConfiguration", - "markdownDescription": "The scaling configuration of an Aurora Serverless v1 DB cluster.\n\nThis property is only supported for Aurora Serverless v1. For Aurora Serverless v2, Use the `ServerlessV2ScalingConfiguration` property.\n\nValid for: Aurora Serverless v1 DB clusters only", - "title": "ScalingConfiguration" - }, - "ServerlessV2ScalingConfiguration": { - "$ref": "#/definitions/AWS::RDS::DBCluster.ServerlessV2ScalingConfiguration", - "markdownDescription": "The scaling configuration of an Aurora Serverless V2 DB cluster.\n\nThis property is only supported for Aurora Serverless v2. For Aurora Serverless v1, Use the `ScalingConfiguration` property.\n\nValid for: Aurora Serverless v2 DB clusters only", - "title": "ServerlessV2ScalingConfiguration" - }, - "SnapshotIdentifier": { - "markdownDescription": "The identifier for the DB snapshot or DB cluster snapshot to restore from.\n\nYou can use either the name or the Amazon Resource Name (ARN) to specify a DB cluster snapshot. However, you can use only the ARN to specify a DB snapshot.\n\nAfter you restore a DB cluster with a `SnapshotIdentifier` property, you must specify the same `SnapshotIdentifier` property for any future updates to the DB cluster. When you specify this property for an update, the DB cluster is not restored from the snapshot again, and the data in the database is not changed. However, if you don't specify the `SnapshotIdentifier` property, an empty DB cluster is created, and the original DB cluster is deleted. If you specify a property that is different from the previous snapshot restore property, a new DB cluster is restored from the specified `SnapshotIdentifier` property, and the original DB cluster is deleted.\n\nIf you specify the `SnapshotIdentifier` property to restore a DB cluster (as opposed to specifying it for DB cluster updates), then don't specify the following properties:\n\n- `GlobalClusterIdentifier`\n- `MasterUsername`\n- `MasterUserPassword`\n- `ReplicationSourceIdentifier`\n- `RestoreType`\n- `SourceDBClusterIdentifier`\n- `SourceRegion`\n- `StorageEncrypted` (for an encrypted snapshot)\n- `UseLatestRestorableTime`\n\nConstraints:\n\n- Must match the identifier of an existing Snapshot.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "SnapshotIdentifier", + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationIdentifier": { + "markdownDescription": "The unique identifier of the application.", + "title": "ApplicationIdentifier", "type": "string" }, - "SourceDBClusterIdentifier": { - "markdownDescription": "When restoring a DB cluster to a point in time, the identifier of the source DB cluster from which to restore.\n\nConstraints:\n\n- Must match the identifier of an existing DBCluster.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "SourceDBClusterIdentifier", - "type": "string" + "DefaultRoute": { + "$ref": "#/definitions/AWS::RefactorSpaces::Route.DefaultRouteInput", + "markdownDescription": "Configuration for the default route type.", + "title": "DefaultRoute" }, - "SourceRegion": { - "markdownDescription": "The AWS Region which contains the source DB cluster when replicating a DB cluster. For example, `us-east-1` .\n\nValid for: Aurora DB clusters only", - "title": "SourceRegion", + "EnvironmentIdentifier": { + "markdownDescription": "The unique identifier of the environment.", + "title": "EnvironmentIdentifier", "type": "string" }, - "StorageEncrypted": { - "markdownDescription": "Indicates whether the DB cluster is encrypted.\n\nIf you specify the `KmsKeyId` property, then you must enable encryption.\n\nIf you specify the `SourceDBClusterIdentifier` property, don't specify this property. The value is inherited from the source DB cluster, and if the DB cluster is encrypted, the specified `KmsKeyId` property is used.\n\nIf you specify the `SnapshotIdentifier` and the specified snapshot is encrypted, don't specify this property. The value is inherited from the snapshot, and the specified `KmsKeyId` property is used.\n\nIf you specify the `SnapshotIdentifier` and the specified snapshot isn't encrypted, you can use this property to specify that the restored DB cluster is encrypted. Specify the `KmsKeyId` property for the KMS key to use for encryption. If you don't want the restored DB cluster to be encrypted, then don't set this property or set it to `false` .\n\n> If you specify both the `StorageEncrypted` and `SnapshotIdentifier` properties without specifying the `KmsKeyId` property, then the restored DB cluster inherits the encryption settings from the DB snapshot that provide. \n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "StorageEncrypted", - "type": "boolean" + "RouteType": { + "markdownDescription": "The route type of the route.", + "title": "RouteType", + "type": "string" }, - "StorageType": { - "markdownDescription": "The storage type to associate with the DB cluster.\n\nFor information on storage types for Aurora DB clusters, see [Storage configurations for Amazon Aurora DB clusters](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Overview.StorageReliability.html#aurora-storage-type) . For information on storage types for Multi-AZ DB clusters, see [Settings for creating Multi-AZ DB clusters](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/create-multi-az-db-cluster.html#create-multi-az-db-cluster-settings) .\n\nThis setting is required to create a Multi-AZ DB cluster.\n\nWhen specified for a Multi-AZ DB cluster, a value for the `Iops` parameter is required.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n\nValid Values:\n\n- Aurora DB clusters - `aurora | aurora-iopt1`\n- Multi-AZ DB clusters - `io1 | io2 | gp3`\n\nDefault:\n\n- Aurora DB clusters - `aurora`\n- Multi-AZ DB clusters - `io1`\n\n> When you create an Aurora DB cluster with the storage type set to `aurora-iopt1` , the storage type is returned in the response. The storage type isn't returned when you set it to `aurora` .", - "title": "StorageType", + "ServiceIdentifier": { + "markdownDescription": "The unique identifier of the service.", + "title": "ServiceIdentifier", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Tags to assign to the DB cluster.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters", + "markdownDescription": "The tags assigned to the route.", "title": "Tags", "type": "array" }, - "UseLatestRestorableTime": { - "markdownDescription": "A value that indicates whether to restore the DB cluster to the latest restorable backup time. By default, the DB cluster is not restored to the latest restorable backup time.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "UseLatestRestorableTime", - "type": "boolean" - }, - "VpcSecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of EC2 VPC security groups to associate with this DB cluster.\n\nIf you plan to update the resource, don't specify VPC security groups in a shared VPC.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "VpcSecurityGroupIds", - "type": "array" + "UriPathRoute": { + "$ref": "#/definitions/AWS::RefactorSpaces::Route.UriPathRouteInput", + "markdownDescription": "The configuration for the URI path route type.", + "title": "UriPathRoute" } }, + "required": [ + "ApplicationIdentifier", + "EnvironmentIdentifier", + "RouteType", + "ServiceIdentifier" + ], "type": "object" }, "Type": { "enum": [ - "AWS::RDS::DBCluster" + "AWS::RefactorSpaces::Route" ], "type": "string" }, @@ -224637,125 +271742,209 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::RDS::DBCluster.DBClusterRole": { + "AWS::RefactorSpaces::Route.DefaultRouteInput": { "additionalProperties": false, "properties": { - "FeatureName": { - "markdownDescription": "The name of the feature associated with the AWS Identity and Access Management (IAM) role. IAM roles that are associated with a DB cluster grant permission for the DB cluster to access other AWS services on your behalf. For the list of supported feature names, see the `SupportedFeatureNames` description in [DBEngineVersion](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DBEngineVersion.html) in the *Amazon RDS API Reference* .", - "title": "FeatureName", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that is associated with the DB cluster.", - "title": "RoleArn", + "ActivationState": { + "markdownDescription": "If set to `ACTIVE` , traffic is forwarded to this route\u2019s service after the route is created.", + "title": "ActivationState", "type": "string" } }, "required": [ - "RoleArn" + "ActivationState" ], "type": "object" }, - "AWS::RDS::DBCluster.Endpoint": { + "AWS::RefactorSpaces::Route.UriPathRouteInput": { "additionalProperties": false, "properties": { - "Address": { - "markdownDescription": "Specifies the connection endpoint for the primary instance of the DB cluster.", - "title": "Address", + "ActivationState": { + "markdownDescription": "If set to `ACTIVE` , traffic is forwarded to this route\u2019s service after the route is created.", + "title": "ActivationState", "type": "string" }, - "Port": { - "markdownDescription": "Specifies the port that the database engine is listening on.", - "title": "Port", + "AppendSourcePath": { + "markdownDescription": "If set to `true` , this option appends the source path to the service URL endpoint.", + "title": "AppendSourcePath", + "type": "boolean" + }, + "IncludeChildPaths": { + "markdownDescription": "Indicates whether to match all subpaths of the given source path. If this value is `false` , requests must match the source path exactly before they are forwarded to this route's service.", + "title": "IncludeChildPaths", + "type": "boolean" + }, + "Methods": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of HTTP methods to match. An empty list matches all values. If a method is present, only HTTP requests using that method are forwarded to this route\u2019s service.", + "title": "Methods", + "type": "array" + }, + "SourcePath": { + "markdownDescription": "This is the path that Refactor Spaces uses to match traffic. Paths must start with `/` and are relative to the base of the application. To use path parameters in the source path, add a variable in curly braces. For example, the resource path {user} represents a path parameter called 'user'.", + "title": "SourcePath", "type": "string" } }, + "required": [ + "ActivationState" + ], "type": "object" }, - "AWS::RDS::DBCluster.MasterUserSecret": { + "AWS::RefactorSpaces::Service": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "The AWS KMS key identifier that is used to encrypt the secret.", - "title": "KmsKeyId", + "Condition": { "type": "string" }, - "SecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the secret. This parameter is a return value that you can retrieve using the `Fn::GetAtt` intrinsic function. For more information, see [Return values](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#aws-resource-rds-dbcluster-return-values) .", - "title": "SecretArn", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::RDS::DBCluster.ReadEndpoint": { - "additionalProperties": false, - "properties": { - "Address": { - "markdownDescription": "The host address of the reader endpoint.", - "title": "Address", + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationIdentifier": { + "markdownDescription": "The unique identifier of the application.", + "title": "ApplicationIdentifier", + "type": "string" + }, + "Description": { + "markdownDescription": "A description of the service.", + "title": "Description", + "type": "string" + }, + "EndpointType": { + "markdownDescription": "The endpoint type of the service.", + "title": "EndpointType", + "type": "string" + }, + "EnvironmentIdentifier": { + "markdownDescription": "The unique identifier of the environment.", + "title": "EnvironmentIdentifier", + "type": "string" + }, + "LambdaEndpoint": { + "$ref": "#/definitions/AWS::RefactorSpaces::Service.LambdaEndpointInput", + "markdownDescription": "A summary of the configuration for the AWS Lambda endpoint type.", + "title": "LambdaEndpoint" + }, + "Name": { + "markdownDescription": "The name of the service.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags assigned to the service.", + "title": "Tags", + "type": "array" + }, + "UrlEndpoint": { + "$ref": "#/definitions/AWS::RefactorSpaces::Service.UrlEndpointInput", + "markdownDescription": "The summary of the configuration for the URL endpoint type.", + "title": "UrlEndpoint" + }, + "VpcId": { + "markdownDescription": "The ID of the virtual private cloud (VPC).", + "title": "VpcId", + "type": "string" + } + }, + "required": [ + "ApplicationIdentifier", + "EndpointType", + "EnvironmentIdentifier", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RefactorSpaces::Service" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::RDS::DBCluster.ScalingConfiguration": { + "AWS::RefactorSpaces::Service.LambdaEndpointInput": { "additionalProperties": false, "properties": { - "AutoPause": { - "markdownDescription": "Indicates whether to allow or disallow automatic pause for an Aurora DB cluster in `serverless` DB engine mode. A DB cluster can be paused only when it's idle (it has no connections).\n\n> If a DB cluster is paused for more than seven days, the DB cluster might be backed up with a snapshot. In this case, the DB cluster is restored when there is a request to connect to it.", - "title": "AutoPause", - "type": "boolean" - }, - "MaxCapacity": { - "markdownDescription": "The maximum capacity for an Aurora DB cluster in `serverless` DB engine mode.\n\nFor Aurora MySQL, valid capacity values are `1` , `2` , `4` , `8` , `16` , `32` , `64` , `128` , and `256` .\n\nFor Aurora PostgreSQL, valid capacity values are `2` , `4` , `8` , `16` , `32` , `64` , `192` , and `384` .\n\nThe maximum capacity must be greater than or equal to the minimum capacity.", - "title": "MaxCapacity", - "type": "number" - }, - "MinCapacity": { - "markdownDescription": "The minimum capacity for an Aurora DB cluster in `serverless` DB engine mode.\n\nFor Aurora MySQL, valid capacity values are `1` , `2` , `4` , `8` , `16` , `32` , `64` , `128` , and `256` .\n\nFor Aurora PostgreSQL, valid capacity values are `2` , `4` , `8` , `16` , `32` , `64` , `192` , and `384` .\n\nThe minimum capacity must be less than or equal to the maximum capacity.", - "title": "MinCapacity", - "type": "number" - }, - "SecondsBeforeTimeout": { - "markdownDescription": "The amount of time, in seconds, that Aurora Serverless v1 tries to find a scaling point to perform seamless scaling before enforcing the timeout action. The default is 300.\n\nSpecify a value between 60 and 600 seconds.", - "title": "SecondsBeforeTimeout", - "type": "number" - }, - "SecondsUntilAutoPause": { - "markdownDescription": "The time, in seconds, before an Aurora DB cluster in `serverless` mode is paused.\n\nSpecify a value between 300 and 86,400 seconds.", - "title": "SecondsUntilAutoPause", - "type": "number" - }, - "TimeoutAction": { - "markdownDescription": "The action to take when the timeout is reached, either `ForceApplyCapacityChange` or `RollbackCapacityChange` .\n\n`ForceApplyCapacityChange` sets the capacity to the specified value as soon as possible.\n\n`RollbackCapacityChange` , the default, ignores the capacity change if a scaling point isn't found in the timeout period.\n\n> If you specify `ForceApplyCapacityChange` , connections that prevent Aurora Serverless v1 from finding a scaling point might be dropped. \n\nFor more information, see [Autoscaling for Aurora Serverless v1](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.how-it-works.html#aurora-serverless.how-it-works.auto-scaling) in the *Amazon Aurora User Guide* .", - "title": "TimeoutAction", + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function or alias.", + "title": "Arn", "type": "string" } }, + "required": [ + "Arn" + ], "type": "object" }, - "AWS::RDS::DBCluster.ServerlessV2ScalingConfiguration": { + "AWS::RefactorSpaces::Service.UrlEndpointInput": { "additionalProperties": false, "properties": { - "MaxCapacity": { - "markdownDescription": "The maximum number of Aurora capacity units (ACUs) for a DB instance in an Aurora Serverless v2 cluster. You can specify ACU values in half-step increments, such as 40, 40.5, 41, and so on. The largest value that you can use is 128.\n\nThe maximum capacity must be higher than 0.5 ACUs. For more information, see [Choosing the maximum Aurora Serverless v2 capacity setting for a cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless-v2.setting-capacity.html#aurora-serverless-v2.max_capacity_considerations) in the *Amazon Aurora User Guide* .\n\nAurora automatically sets certain parameters for Aurora Serverless V2 DB instances to values that depend on the maximum ACU value in the capacity range. When you update the maximum capacity value, the `ParameterApplyStatus` value for the DB instance changes to `pending-reboot` . You can update the parameter values by rebooting the DB instance after changing the capacity range.", - "title": "MaxCapacity", - "type": "number" + "HealthUrl": { + "markdownDescription": "The health check URL of the URL endpoint type. If the URL is a public endpoint, the `HealthUrl` must also be a public endpoint. If the URL is a private endpoint inside a virtual private cloud (VPC), the health URL must also be a private endpoint, and the host must be the same as the URL.", + "title": "HealthUrl", + "type": "string" }, - "MinCapacity": { - "markdownDescription": "The minimum number of Aurora capacity units (ACUs) for a DB instance in an Aurora Serverless v2 cluster. You can specify ACU values in half-step increments, such as 8, 8.5, 9, and so on. For Aurora versions that support the Aurora Serverless v2 auto-pause feature, the smallest value that you can use is 0. For versions that don't support Aurora Serverless v2 auto-pause, the smallest value that you can use is 0.5.", - "title": "MinCapacity", - "type": "number" + "Url": { + "markdownDescription": "The URL to route traffic to. The URL must be an [rfc3986-formatted URL](https://docs.aws.amazon.com/https://datatracker.ietf.org/doc/html/rfc3986) . If the host is a domain name, the name must be resolvable over the public internet. If the scheme is `https` , the top level domain of the host must be listed in the [IANA root zone database](https://docs.aws.amazon.com/https://www.iana.org/domains/root/db) .", + "title": "Url", + "type": "string" } }, + "required": [ + "Url" + ], "type": "object" }, - "AWS::RDS::DBClusterParameterGroup": { + "AWS::Rekognition::Collection": { "additionalProperties": false, "properties": { "Condition": { @@ -224790,45 +271979,28 @@ "Properties": { "additionalProperties": false, "properties": { - "DBClusterParameterGroupName": { - "markdownDescription": "The name of the DB cluster parameter group.\n\nConstraints:\n\n- Must not match the name of an existing DB cluster parameter group.\n\n> This value is stored as a lowercase string.", - "title": "DBClusterParameterGroupName", - "type": "string" - }, - "Description": { - "markdownDescription": "The description for the DB cluster parameter group.", - "title": "Description", - "type": "string" - }, - "Family": { - "markdownDescription": "The DB cluster parameter group family name. A DB cluster parameter group can be associated with one and only one DB cluster parameter group family, and can be applied only to a DB cluster running a database engine and engine version compatible with that DB cluster parameter group family.\n\n*Aurora MySQL*\n\nExample: `aurora-mysql5.7` , `aurora-mysql8.0`\n\n*Aurora PostgreSQL*\n\nExample: `aurora-postgresql14`\n\n*RDS for MySQL*\n\nExample: `mysql8.0`\n\n*RDS for PostgreSQL*\n\nExample: `postgres13`\n\nTo list all of the available parameter group families for a DB engine, use the following command:\n\n`aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine `\n\nFor example, to list all of the available parameter group families for the Aurora PostgreSQL DB engine, use the following command:\n\n`aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine aurora-postgresql`\n\n> The output contains duplicates. \n\nThe following are the valid DB engine values:\n\n- `aurora-mysql`\n- `aurora-postgresql`\n- `mysql`\n- `postgres`", - "title": "Family", + "CollectionId": { + "markdownDescription": "ID for the collection that you are creating.", + "title": "CollectionId", "type": "string" }, - "Parameters": { - "markdownDescription": "Provides a list of parameters for the DB cluster parameter group.", - "title": "Parameters", - "type": "object" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Tags to assign to the DB cluster parameter group.", + "markdownDescription": "A set of tags (key-value pairs) that you want to attach to the collection.", "title": "Tags", "type": "array" } }, "required": [ - "Description", - "Family", - "Parameters" + "CollectionId" ], "type": "object" }, "Type": { "enum": [ - "AWS::RDS::DBClusterParameterGroup" + "AWS::Rekognition::Collection" ], "type": "string" }, @@ -224847,7 +272019,7 @@ ], "type": "object" }, - "AWS::RDS::DBInstance": { + "AWS::Rekognition::Project": { "additionalProperties": false, "properties": { "Condition": { @@ -224882,404 +272054,423 @@ "Properties": { "additionalProperties": false, "properties": { - "AllocatedStorage": { - "markdownDescription": "The amount of storage in gibibytes (GiB) to be initially allocated for the database instance.\n\n> If any value is set in the `Iops` parameter, `AllocatedStorage` must be at least 100 GiB, which corresponds to the minimum Iops value of 1,000. If you increase the `Iops` value (in 1,000 IOPS increments), then you must also increase the `AllocatedStorage` value (in 100-GiB increments). \n\n*Amazon Aurora*\n\nNot applicable. Aurora cluster volumes automatically grow as the amount of data in your database increases, though you are only charged for the space that you use in an Aurora cluster volume.\n\n*Db2*\n\nConstraints to the amount of storage for each storage type are the following:\n\n- General Purpose (SSD) storage (gp3): Must be an integer from 20 to 64000.\n- Provisioned IOPS storage (io1): Must be an integer from 100 to 64000.\n\n*MySQL*\n\nConstraints to the amount of storage for each storage type are the following:\n\n- General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.\n- Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.\n- Magnetic storage (standard): Must be an integer from 5 to 3072.\n\n*MariaDB*\n\nConstraints to the amount of storage for each storage type are the following:\n\n- General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.\n- Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.\n- Magnetic storage (standard): Must be an integer from 5 to 3072.\n\n*PostgreSQL*\n\nConstraints to the amount of storage for each storage type are the following:\n\n- General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.\n- Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.\n- Magnetic storage (standard): Must be an integer from 5 to 3072.\n\n*Oracle*\n\nConstraints to the amount of storage for each storage type are the following:\n\n- General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.\n- Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.\n- Magnetic storage (standard): Must be an integer from 10 to 3072.\n\n*SQL Server*\n\nConstraints to the amount of storage for each storage type are the following:\n\n- General Purpose (SSD) storage (gp2):\n\n- Enterprise and Standard editions: Must be an integer from 20 to 16384.\n- Web and Express editions: Must be an integer from 20 to 16384.\n- Provisioned IOPS storage (io1):\n\n- Enterprise and Standard editions: Must be an integer from 20 to 16384.\n- Web and Express editions: Must be an integer from 20 to 16384.\n- Magnetic storage (standard):\n\n- Enterprise and Standard editions: Must be an integer from 20 to 1024.\n- Web and Express editions: Must be an integer from 20 to 1024.", - "title": "AllocatedStorage", + "ProjectName": { + "markdownDescription": "The name of the project to create.", + "title": "ProjectName", + "type": "string" + } + }, + "required": [ + "ProjectName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Rekognition::Project" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Rekognition::StreamProcessor": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, - "AllowMajorVersionUpgrade": { - "markdownDescription": "A value that indicates whether major version upgrades are allowed. Changing this parameter doesn't result in an outage and the change is asynchronously applied as soon as possible.\n\nConstraints: Major version upgrades must be allowed when specifying a value for the `EngineVersion` parameter that is a different major version than the DB instance's current version.", - "title": "AllowMajorVersionUpgrade", - "type": "boolean" - }, - "AssociatedRoles": { + { "items": { - "$ref": "#/definitions/AWS::RDS::DBInstance.DBInstanceRole" + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" }, - "markdownDescription": "The AWS Identity and Access Management (IAM) roles associated with the DB instance.\n\n*Amazon Aurora*\n\nNot applicable. The associated roles are managed by the DB cluster.", - "title": "AssociatedRoles", + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "BoundingBoxRegionsOfInterest": { + "items": { + "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.BoundingBox" + }, + "markdownDescription": "List of BoundingBox objects, each of which denotes a region of interest on screen. For more information, see the BoundingBox field of [RegionOfInterest](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_RegionOfInterest) .", + "title": "BoundingBoxRegionsOfInterest", "type": "array" }, - "AutoMinorVersionUpgrade": { - "markdownDescription": "A value that indicates whether minor engine upgrades are applied automatically to the DB instance during the maintenance window. By default, minor engine upgrades are applied automatically.", - "title": "AutoMinorVersionUpgrade", - "type": "boolean" - }, - "AutomaticBackupReplicationKmsKeyId": { - "markdownDescription": "The AWS KMS key identifier for encryption of the replicated automated backups. The KMS key ID is the Amazon Resource Name (ARN) for the KMS encryption key in the destination AWS Region , for example, `arn:aws:kms:us-east-1:123456789012:key/AKIAIOSFODNN7EXAMPLE` .", - "title": "AutomaticBackupReplicationKmsKeyId", - "type": "string" - }, - "AutomaticBackupReplicationRegion": { - "markdownDescription": "The AWS Region associated with the automated backup.", - "title": "AutomaticBackupReplicationRegion", - "type": "string" - }, - "AvailabilityZone": { - "markdownDescription": "The Availability Zone (AZ) where the database will be created. For information on AWS Regions and Availability Zones, see [Regions and Availability Zones](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html) .\n\nFor Amazon Aurora, each Aurora DB cluster hosts copies of its storage in three separate Availability Zones. Specify one of these Availability Zones. Aurora automatically chooses an appropriate Availability Zone if you don't specify one.\n\nDefault: A random, system-chosen Availability Zone in the endpoint's AWS Region .\n\nConstraints:\n\n- The `AvailabilityZone` parameter can't be specified if the DB instance is a Multi-AZ deployment.\n- The specified Availability Zone must be in the same AWS Region as the current endpoint.\n\nExample: `us-east-1d`", - "title": "AvailabilityZone", - "type": "string" - }, - "BackupRetentionPeriod": { - "markdownDescription": "The number of days for which automated backups are retained. Setting this parameter to a positive number enables backups. Setting this parameter to 0 disables automated backups.\n\n*Amazon Aurora*\n\nNot applicable. The retention period for automated backups is managed by the DB cluster.\n\nDefault: 1\n\nConstraints:\n\n- Must be a value from 0 to 35\n- Can't be set to 0 if the DB instance is a source to read replicas", - "title": "BackupRetentionPeriod", - "type": "number" - }, - "CACertificateIdentifier": { - "markdownDescription": "The identifier of the CA certificate for this DB instance.\n\nFor more information, see [Using SSL/TLS to encrypt a connection to a DB instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html) in the *Amazon RDS User Guide* and [Using SSL/TLS to encrypt a connection to a DB cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL.html) in the *Amazon Aurora User Guide* .", - "title": "CACertificateIdentifier", - "type": "string" - }, - "CertificateDetails": { - "$ref": "#/definitions/AWS::RDS::DBInstance.CertificateDetails" + "ConnectedHomeSettings": { + "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.ConnectedHomeSettings", + "markdownDescription": "Connected home settings to use on a streaming video. You can use a stream processor for connected home features and select what you want the stream processor to detect, such as people or pets. When the stream processor has started, one notification is sent for each object class specified. For more information, see the ConnectedHome section of [StreamProcessorSettings](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StreamProcessorSettings) .", + "title": "ConnectedHomeSettings" }, - "CertificateRotationRestart": { - "markdownDescription": "Specifies whether the DB instance is restarted when you rotate your SSL/TLS certificate.\n\nBy default, the DB instance is restarted when you rotate your SSL/TLS certificate. The certificate is not updated until the DB instance is restarted.\n\n> Set this parameter only if you are *not* using SSL/TLS to connect to the DB instance. \n\nIf you are using SSL/TLS to connect to the DB instance, follow the appropriate instructions for your DB engine to rotate your SSL/TLS certificate:\n\n- For more information about rotating your SSL/TLS certificate for RDS DB engines, see [Rotating Your SSL/TLS Certificate.](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL-certificate-rotation.html) in the *Amazon RDS User Guide.*\n- For more information about rotating your SSL/TLS certificate for Aurora DB engines, see [Rotating Your SSL/TLS Certificate](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL-certificate-rotation.html) in the *Amazon Aurora User Guide* .\n\nThis setting doesn't apply to RDS Custom DB instances.", - "title": "CertificateRotationRestart", - "type": "boolean" + "DataSharingPreference": { + "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.DataSharingPreference", + "markdownDescription": "Allows you to opt in or opt out to share data with Rekognition to improve model performance. You can choose this option at the account level or on a per-stream basis. Note that if you opt out at the account level this setting is ignored on individual streams. For more information, see [StreamProcessorDataSharingPreference](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StreamProcessorDataSharingPreference) .", + "title": "DataSharingPreference" }, - "CharacterSetName": { - "markdownDescription": "For supported engines, indicates that the DB instance should be associated with the specified character set.\n\n*Amazon Aurora*\n\nNot applicable. The character set is managed by the DB cluster. For more information, see [AWS::RDS::DBCluster](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html) .", - "title": "CharacterSetName", - "type": "string" + "FaceSearchSettings": { + "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.FaceSearchSettings", + "markdownDescription": "The input parameters used to recognize faces in a streaming video analyzed by an Amazon Rekognition stream processor. For more information regarding the contents of the parameters, see [FaceSearchSettings](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_FaceSearchSettings) .", + "title": "FaceSearchSettings" }, - "CopyTagsToSnapshot": { - "markdownDescription": "Specifies whether to copy tags from the DB instance to snapshots of the DB instance. By default, tags are not copied.\n\nThis setting doesn't apply to Amazon Aurora DB instances. Copying tags to snapshots is managed by the DB cluster. Setting this value for an Aurora DB instance has no effect on the DB cluster setting.", - "title": "CopyTagsToSnapshot", - "type": "boolean" + "KinesisDataStream": { + "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.KinesisDataStream", + "markdownDescription": "Amazon Rekognition's Video Stream Processor takes a Kinesis video stream as input. This is the Amazon Kinesis Data Streams instance to which the Amazon Rekognition stream processor streams the analysis results. This must be created within the constraints specified at [KinesisDataStream](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_KinesisDataStream) .", + "title": "KinesisDataStream" }, - "CustomIAMInstanceProfile": { - "markdownDescription": "The instance profile associated with the underlying Amazon EC2 instance of an RDS Custom DB instance.\n\nThis setting is required for RDS Custom.\n\nConstraints:\n\n- The profile must exist in your account.\n- The profile must have an IAM role that Amazon EC2 has permissions to assume.\n- The instance profile name and the associated IAM role name must start with the prefix `AWSRDSCustom` .\n\nFor the list of permissions required for the IAM role, see [Configure IAM and your VPC](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-setup-orcl.html#custom-setup-orcl.iam-vpc) in the *Amazon RDS User Guide* .", - "title": "CustomIAMInstanceProfile", - "type": "string" + "KinesisVideoStream": { + "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.KinesisVideoStream", + "markdownDescription": "The Kinesis video stream that provides the source of the streaming video for an Amazon Rekognition Video stream processor. For more information, see [KinesisVideoStream](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_KinesisVideoStream) .", + "title": "KinesisVideoStream" }, - "DBClusterIdentifier": { - "markdownDescription": "The identifier of the DB cluster that this DB instance will belong to.\n\nThis setting doesn't apply to RDS Custom DB instances.", - "title": "DBClusterIdentifier", + "KmsKeyId": { + "markdownDescription": "The identifier for your Amazon Key Management Service key (Amazon KMS key). Optional parameter for connected home stream processors used to encrypt results and data published to your Amazon S3 bucket. For more information, see the KMSKeyId section of [CreateStreamProcessor](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_CreateStreamProcessor) .", + "title": "KmsKeyId", "type": "string" }, - "DBClusterSnapshotIdentifier": { - "markdownDescription": "The identifier for the Multi-AZ DB cluster snapshot to restore from.\n\nFor more information on Multi-AZ DB clusters, see [Multi-AZ DB cluster deployments](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) in the *Amazon RDS User Guide* .\n\nConstraints:\n\n- Must match the identifier of an existing Multi-AZ DB cluster snapshot.\n- Can't be specified when `DBSnapshotIdentifier` is specified.\n- Must be specified when `DBSnapshotIdentifier` isn't specified.\n- If you are restoring from a shared manual Multi-AZ DB cluster snapshot, the `DBClusterSnapshotIdentifier` must be the ARN of the shared snapshot.\n- Can't be the identifier of an Aurora DB cluster snapshot.", - "title": "DBClusterSnapshotIdentifier", + "Name": { + "markdownDescription": "The Name attribute specifies the name of the stream processor and it must be within the constraints described in the Name section of [StreamProcessor](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StreamProcessor) . If you don't specify a name, Amazon CloudFormation generates a unique ID and uses that ID for the stream processor name.", + "title": "Name", "type": "string" }, - "DBInstanceClass": { - "markdownDescription": "The compute and memory capacity of the DB instance, for example `db.m5.large` . Not all DB instance classes are available in all AWS Regions , or for all database engines. For the full list of DB instance classes, and availability for your engine, see [DB instance classes](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html) in the *Amazon RDS User Guide* or [Aurora DB instance classes](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.DBInstanceClass.html) in the *Amazon Aurora User Guide* .", - "title": "DBInstanceClass", - "type": "string" + "NotificationChannel": { + "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.NotificationChannel", + "markdownDescription": "The Amazon Simple Notification Service topic to which Amazon Rekognition publishes the object detection results and completion status of a video analysis operation. Amazon Rekognition publishes a notification the first time an object of interest or a person is detected in the video stream. Amazon Rekognition also publishes an end-of-session notification with a summary when the stream processing session is complete. For more information, see [StreamProcessorNotificationChannel](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StreamProcessorNotificationChannel) .", + "title": "NotificationChannel" }, - "DBInstanceIdentifier": { - "markdownDescription": "A name for the DB instance. If you specify a name, AWS CloudFormation converts it to lowercase. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the DB instance. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nFor information about constraints that apply to DB instance identifiers, see [Naming constraints in Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints) in the *Amazon RDS User Guide* .\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "DBInstanceIdentifier", - "type": "string" + "PolygonRegionsOfInterest": { + "markdownDescription": "A set of ordered lists of [Point](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_Point) objects. Each entry of the set contains a polygon denoting a region of interest on the screen. Each polygon is an ordered list of [Point](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_Point) objects. For more information, see the Polygon field of [RegionOfInterest](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_RegionOfInterest) .", + "title": "PolygonRegionsOfInterest", + "type": "object" }, - "DBName": { - "markdownDescription": "The meaning of this parameter differs according to the database engine you use.\n\n> If you specify the `[DBSnapshotIdentifier](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-dbsnapshotidentifier)` property, this property only applies to RDS for Oracle. \n\n*Amazon Aurora*\n\nNot applicable. The database name is managed by the DB cluster.\n\n*Db2*\n\nThe name of the database to create when the DB instance is created. If this parameter isn't specified, no database is created in the DB instance.\n\nConstraints:\n\n- Must contain 1 to 64 letters or numbers.\n- Must begin with a letter. Subsequent characters can be letters, underscores, or digits (0-9).\n- Can't be a word reserved by the specified database engine.\n\n*MySQL*\n\nThe name of the database to create when the DB instance is created. If this parameter is not specified, no database is created in the DB instance.\n\nConstraints:\n\n- Must contain 1 to 64 letters or numbers.\n- Can't be a word reserved by the specified database engine\n\n*MariaDB*\n\nThe name of the database to create when the DB instance is created. If this parameter is not specified, no database is created in the DB instance.\n\nConstraints:\n\n- Must contain 1 to 64 letters or numbers.\n- Can't be a word reserved by the specified database engine\n\n*PostgreSQL*\n\nThe name of the database to create when the DB instance is created. If this parameter is not specified, the default `postgres` database is created in the DB instance.\n\nConstraints:\n\n- Must begin with a letter. Subsequent characters can be letters, underscores, or digits (0-9).\n- Must contain 1 to 63 characters.\n- Can't be a word reserved by the specified database engine\n\n*Oracle*\n\nThe Oracle System ID (SID) of the created DB instance. If you specify `null` , the default value `ORCL` is used. You can't specify the string NULL, or any other reserved word, for `DBName` .\n\nDefault: `ORCL`\n\nConstraints:\n\n- Can't be longer than 8 characters\n\n*SQL Server*\n\nNot applicable. Must be null.", - "title": "DBName", + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that allows access to the stream processor. The IAM role provides Rekognition read permissions to the Kinesis stream. It also provides write permissions to an Amazon S3 bucket and Amazon Simple Notification Service topic for a connected home stream processor. This is required for both face search and connected home stream processors. For information about constraints, see the RoleArn section of [CreateStreamProcessor](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_CreateStreamProcessor) .", + "title": "RoleArn", "type": "string" }, - "DBParameterGroupName": { - "markdownDescription": "The name of an existing DB parameter group or a reference to an [AWS::RDS::DBParameterGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-dbparametergroup.html) resource created in the template.\n\nTo list all of the available DB parameter group names, use the following command:\n\n`aws rds describe-db-parameter-groups --query \"DBParameterGroups[].DBParameterGroupName\" --output text`\n\n> If any of the data members of the referenced parameter group are changed during an update, the DB instance might need to be restarted, which causes some interruption. If the parameter group contains static parameters, whether they were changed or not, an update triggers a reboot. \n\nIf you don't specify a value for `DBParameterGroupName` property, the default DB parameter group for the specified engine and engine version is used.", - "title": "DBParameterGroupName", - "type": "string" + "S3Destination": { + "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.S3Destination", + "markdownDescription": "The Amazon S3 bucket location to which Amazon Rekognition publishes the detailed inference results of a video analysis operation. For more information, see the S3Destination section of [StreamProcessorOutput](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StreamProcessorOutput) .", + "title": "S3Destination" }, - "DBSecurityGroups": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of the DB security groups to assign to the DB instance. The list can include both the name of existing DB security groups or references to AWS::RDS::DBSecurityGroup resources created in the template.\n\nIf you set DBSecurityGroups, you must not set VPCSecurityGroups, and vice versa. Also, note that the DBSecurityGroups property exists only for backwards compatibility with older regions and is no longer recommended for providing security information to an RDS DB instance. Instead, use VPCSecurityGroups.\n\n> If you specify this property, AWS CloudFormation sends only the following properties (if specified) to Amazon RDS during create operations:\n> \n> - `AllocatedStorage`\n> - `AutoMinorVersionUpgrade`\n> - `AvailabilityZone`\n> - `BackupRetentionPeriod`\n> - `CharacterSetName`\n> - `DBInstanceClass`\n> - `DBName`\n> - `DBParameterGroupName`\n> - `DBSecurityGroups`\n> - `DBSubnetGroupName`\n> - `Engine`\n> - `EngineVersion`\n> - `Iops`\n> - `LicenseModel`\n> - `MasterUsername`\n> - `MasterUserPassword`\n> - `MultiAZ`\n> - `OptionGroupName`\n> - `PreferredBackupWindow`\n> - `PreferredMaintenanceWindow`\n> \n> All other properties are ignored. Specify a virtual private cloud (VPC) security group if you want to submit other properties, such as `StorageType` , `StorageEncrypted` , or `KmsKeyId` . If you're already using the `DBSecurityGroups` property, you can't use these other properties by updating your DB instance to use a VPC security group. You must recreate the DB instance.", - "title": "DBSecurityGroups", + "markdownDescription": "A set of tags (key-value pairs) that you want to attach to the stream processor. For more information, see the Tags section of [CreateStreamProcessor](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_CreateStreamProcessor) .", + "title": "Tags", "type": "array" - }, - "DBSnapshotIdentifier": { - "markdownDescription": "The name or Amazon Resource Name (ARN) of the DB snapshot that's used to restore the DB instance. If you're restoring from a shared manual DB snapshot, you must specify the ARN of the snapshot.\n\nBy specifying this property, you can create a DB instance from the specified DB snapshot. If the `DBSnapshotIdentifier` property is an empty string or the `AWS::RDS::DBInstance` declaration has no `DBSnapshotIdentifier` property, AWS CloudFormation creates a new database. If the property contains a value (other than an empty string), AWS CloudFormation creates a database from the specified snapshot. If a snapshot with the specified name doesn't exist, AWS CloudFormation can't create the database and it rolls back the stack.\n\nSome DB instance properties aren't valid when you restore from a snapshot, such as the `MasterUsername` and `MasterUserPassword` properties, and the point-in-time recovery properties `RestoreTime` and `UseLatestRestorableTime` . For information about the properties that you can specify, see the [`RestoreDBInstanceFromDBSnapshot`](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_RestoreDBInstanceFromDBSnapshot.html) action in the *Amazon RDS API Reference* .\n\nAfter you restore a DB instance with a `DBSnapshotIdentifier` property, you must specify the same `DBSnapshotIdentifier` property for any future updates to the DB instance. When you specify this property for an update, the DB instance is not restored from the DB snapshot again, and the data in the database is not changed. However, if you don't specify the `DBSnapshotIdentifier` property, an empty DB instance is created, and the original DB instance is deleted. If you specify a property that is different from the previous snapshot restore property, a new DB instance is restored from the specified `DBSnapshotIdentifier` property, and the original DB instance is deleted.\n\nIf you specify the `DBSnapshotIdentifier` property to restore a DB instance (as opposed to specifying it for DB instance updates), then don't specify the following properties:\n\n- `CharacterSetName`\n- `DBClusterIdentifier`\n- `DBName`\n- `KmsKeyId`\n- `MasterUsername`\n- `MasterUserPassword`\n- `PromotionTier`\n- `SourceDBInstanceIdentifier`\n- `SourceRegion`\n- `StorageEncrypted` (for an unencrypted snapshot)\n- `Timezone`\n\n*Amazon Aurora*\n\nNot applicable. Snapshot restore is managed by the DB cluster.", - "title": "DBSnapshotIdentifier", - "type": "string" - }, - "DBSubnetGroupName": { - "markdownDescription": "A DB subnet group to associate with the DB instance. If you update this value, the new subnet group must be a subnet group in a new VPC.\n\nIf you don't specify a DB subnet group, RDS uses the default DB subnet group if one exists. If a default DB subnet group does not exist, and you don't specify a `DBSubnetGroupName` , the DB instance fails to launch.\n\nFor more information about using Amazon RDS in a VPC, see [Amazon VPC and Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.html) in the *Amazon RDS User Guide* .\n\nThis setting doesn't apply to Amazon Aurora DB instances. The DB subnet group is managed by the DB cluster. If specified, the setting must match the DB cluster setting.", - "title": "DBSubnetGroupName", - "type": "string" - }, - "DedicatedLogVolume": { - "markdownDescription": "Indicates whether the DB instance has a dedicated log volume (DLV) enabled.", - "title": "DedicatedLogVolume", - "type": "boolean" - }, - "DeleteAutomatedBackups": { - "markdownDescription": "A value that indicates whether to remove automated backups immediately after the DB instance is deleted. This parameter isn't case-sensitive. The default is to remove automated backups immediately after the DB instance is deleted.\n\n*Amazon Aurora*\n\nNot applicable. When you delete a DB cluster, all automated backups for that DB cluster are deleted and can't be recovered. Manual DB cluster snapshots of the DB cluster are not deleted.", - "title": "DeleteAutomatedBackups", - "type": "boolean" - }, - "DeletionProtection": { - "markdownDescription": "Specifies whether the DB instance has deletion protection enabled. The database can't be deleted when deletion protection is enabled. By default, deletion protection isn't enabled. For more information, see [Deleting a DB Instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_DeleteInstance.html) .\n\nThis setting doesn't apply to Amazon Aurora DB instances. You can enable or disable deletion protection for the DB cluster. For more information, see `CreateDBCluster` . DB instances in a DB cluster can be deleted even when deletion protection is enabled for the DB cluster.", - "title": "DeletionProtection", - "type": "boolean" - }, - "Domain": { - "markdownDescription": "The Active Directory directory ID to create the DB instance in. Currently, only Db2, MySQL, Microsoft SQL Server, Oracle, and PostgreSQL DB instances can be created in an Active Directory Domain.\n\nFor more information, see [Kerberos Authentication](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/kerberos-authentication.html) in the *Amazon RDS User Guide* .", - "title": "Domain", - "type": "string" - }, - "DomainAuthSecretArn": { - "markdownDescription": "The ARN for the Secrets Manager secret with the credentials for the user joining the domain.\n\nExample: `arn:aws:secretsmanager:region:account-number:secret:myselfmanagedADtestsecret-123456`", - "title": "DomainAuthSecretArn", + } + }, + "required": [ + "KinesisVideoStream", + "RoleArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Rekognition::StreamProcessor" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Rekognition::StreamProcessor.BoundingBox": { + "additionalProperties": false, + "properties": { + "Height": { + "markdownDescription": "Height of the bounding box as a ratio of the overall image height.", + "title": "Height", + "type": "number" + }, + "Left": { + "markdownDescription": "Left coordinate of the bounding box as a ratio of overall image width.", + "title": "Left", + "type": "number" + }, + "Top": { + "markdownDescription": "Top coordinate of the bounding box as a ratio of overall image height.", + "title": "Top", + "type": "number" + }, + "Width": { + "markdownDescription": "Width of the bounding box as a ratio of the overall image width.", + "title": "Width", + "type": "number" + } + }, + "required": [ + "Height", + "Left", + "Top", + "Width" + ], + "type": "object" + }, + "AWS::Rekognition::StreamProcessor.ConnectedHomeSettings": { + "additionalProperties": false, + "properties": { + "Labels": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies what you want to detect in the video, such as people, packages, or pets. The current valid labels you can include in this list are: \"PERSON\", \"PET\", \"PACKAGE\", and \"ALL\".", + "title": "Labels", + "type": "array" + }, + "MinConfidence": { + "markdownDescription": "The minimum confidence required to label an object in the video.", + "title": "MinConfidence", + "type": "number" + } + }, + "required": [ + "Labels" + ], + "type": "object" + }, + "AWS::Rekognition::StreamProcessor.DataSharingPreference": { + "additionalProperties": false, + "properties": { + "OptIn": { + "markdownDescription": "Describes the opt-in status applied to a stream processor's data sharing policy.", + "title": "OptIn", + "type": "boolean" + } + }, + "required": [ + "OptIn" + ], + "type": "object" + }, + "AWS::Rekognition::StreamProcessor.FaceSearchSettings": { + "additionalProperties": false, + "properties": { + "CollectionId": { + "markdownDescription": "The ID of a collection that contains faces that you want to search for.", + "title": "CollectionId", + "type": "string" + }, + "FaceMatchThreshold": { + "markdownDescription": "Minimum face match confidence score that must be met to return a result for a recognized face. The default is 80. 0 is the lowest confidence. 100 is the highest confidence. Values between 0 and 100 are accepted, and values lower than 80 are set to 80.", + "title": "FaceMatchThreshold", + "type": "number" + } + }, + "required": [ + "CollectionId" + ], + "type": "object" + }, + "AWS::Rekognition::StreamProcessor.KinesisDataStream": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "ARN of the output Amazon Kinesis Data Streams stream.", + "title": "Arn", + "type": "string" + } + }, + "required": [ + "Arn" + ], + "type": "object" + }, + "AWS::Rekognition::StreamProcessor.KinesisVideoStream": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "ARN of the Kinesis video stream stream that streams the source video.", + "title": "Arn", + "type": "string" + } + }, + "required": [ + "Arn" + ], + "type": "object" + }, + "AWS::Rekognition::StreamProcessor.NotificationChannel": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The ARN of the SNS topic that receives notifications.", + "title": "Arn", + "type": "string" + } + }, + "required": [ + "Arn" + ], + "type": "object" + }, + "AWS::Rekognition::StreamProcessor.S3Destination": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "Describes the destination Amazon Simple Storage Service (Amazon S3) bucket name of a stream processor's exports.", + "title": "BucketName", + "type": "string" + }, + "ObjectKeyPrefix": { + "markdownDescription": "Describes the destination Amazon Simple Storage Service (Amazon S3) object keys of a stream processor's exports.", + "title": "ObjectKeyPrefix", + "type": "string" + } + }, + "required": [ + "BucketName" + ], + "type": "object" + }, + "AWS::ResilienceHub::App": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, - "DomainDnsIps": { + { "items": { + "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, - "markdownDescription": "The IPv4 DNS IP addresses of your primary and secondary Active Directory domain controllers.\n\nConstraints:\n\n- Two IP addresses must be provided. If there isn't a secondary domain controller, use the IP address of the primary domain controller for both entries in the list.\n\nExample: `123.124.125.126,234.235.236.237`", - "title": "DomainDnsIps", "type": "array" - }, - "DomainFqdn": { - "markdownDescription": "The fully qualified domain name (FQDN) of an Active Directory domain.\n\nConstraints:\n\n- Can't be longer than 64 characters.\n\nExample: `mymanagedADtest.mymanagedAD.mydomain`", - "title": "DomainFqdn", + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AppAssessmentSchedule": { + "markdownDescription": "Assessment execution schedule with 'Daily' or 'Disabled' values.", + "title": "AppAssessmentSchedule", "type": "string" }, - "DomainIAMRoleName": { - "markdownDescription": "The name of the IAM role to use when making API calls to the Directory Service.\n\nThis setting doesn't apply to the following DB instances:\n\n- Amazon Aurora (The domain is managed by the DB cluster.)\n- RDS Custom", - "title": "DomainIAMRoleName", + "AppTemplateBody": { + "markdownDescription": "A JSON string that provides information about your application structure. To learn more about the `appTemplateBody` template, see the sample template in [Sample appTemplateBody template](https://docs.aws.amazon.com//resilience-hub/latest/APIReference/API_PutDraftAppVersionTemplate.html#API_PutDraftAppVersionTemplate_Examples) .\n\nThe `appTemplateBody` JSON string has the following structure:\n\n- *`resources`*\n\nThe list of logical resources that needs to be included in the AWS Resilience Hub application.\n\nType: Array\n\n> Don't add the resources that you want to exclude. \n\nEach `resources` array item includes the following fields:\n\n- *`logicalResourceId`*\n\nThe logical identifier of the resource.\n\nType: Object\n\nEach `logicalResourceId` object includes the following fields:\n\n- `identifier`\n\nIdentifier of the resource.\n\nType: String\n- `logicalStackName`\n\nName of the AWS CloudFormation stack this resource belongs to.\n\nType: String\n- `resourceGroupName`\n\nName of the resource group this resource belongs to.\n\nType: String\n- `terraformSourceName`\n\nName of the Terraform S3 state file this resource belongs to.\n\nType: String\n- `eksSourceName`\n\nName of the Amazon Elastic Kubernetes Service cluster and namespace this resource belongs to.\n\n> This parameter accepts values in \"eks-cluster/namespace\" format. \n\nType: String\n- *`type`*\n\nThe type of resource.\n\nType: string\n- *`name`*\n\nName of the resource.\n\nType: String\n- `additionalInfo`\n\nAdditional configuration parameters for an AWS Resilience Hub application. If you want to implement `additionalInfo` through the AWS Resilience Hub console rather than using an API call, see [Configure the application configuration parameters](https://docs.aws.amazon.com//resilience-hub/latest/userguide/app-config-param.html) .\n\n> Currently, this parameter accepts a key-value mapping (in a string format) of only one failover region and one associated account.\n> \n> Key: `\"failover-regions\"`\n> \n> Value: `\"[{\"region\":\"\", \"accounts\":[{\"id\":\"\"}]}]\"`\n- *`appComponents`*\n\nThe list of Application Components (AppComponent) that this resource belongs to. If an AppComponent is not part of the AWS Resilience Hub application, it will be added.\n\nType: Array\n\nEach `appComponents` array item includes the following fields:\n\n- `name`\n\nName of the AppComponent.\n\nType: String\n- `type`\n\nThe type of AppComponent. For more information about the types of AppComponent, see [Grouping resources in an AppComponent](https://docs.aws.amazon.com/resilience-hub/latest/userguide/AppComponent.grouping.html) .\n\nType: String\n- `resourceNames`\n\nThe list of included resources that are assigned to the AppComponent.\n\nType: Array of strings\n- `additionalInfo`\n\nAdditional configuration parameters for an AWS Resilience Hub application. If you want to implement `additionalInfo` through the AWS Resilience Hub console rather than using an API call, see [Configure the application configuration parameters](https://docs.aws.amazon.com//resilience-hub/latest/userguide/app-config-param.html) .\n\n> Currently, this parameter accepts a key-value mapping (in a string format) of only one failover region and one associated account.\n> \n> Key: `\"failover-regions\"`\n> \n> Value: `\"[{\"region\":\"\", \"accounts\":[{\"id\":\"\"}]}]\"`\n- *`excludedResources`*\n\nThe list of logical resource identifiers to be excluded from the application.\n\nType: Array\n\n> Don't add the resources that you want to include. \n\nEach `excludedResources` array item includes the following fields:\n\n- *`logicalResourceIds`*\n\nThe logical identifier of the resource.\n\nType: Object\n\n> You can configure only one of the following fields:\n> \n> - `logicalStackName`\n> - `resourceGroupName`\n> - `terraformSourceName`\n> - `eksSourceName` \n\nEach `logicalResourceIds` object includes the following fields:\n\n- `identifier`\n\nThe identifier of the resource.\n\nType: String\n- `logicalStackName`\n\nName of the AWS CloudFormation stack this resource belongs to.\n\nType: String\n- `resourceGroupName`\n\nName of the resource group this resource belongs to.\n\nType: String\n- `terraformSourceName`\n\nName of the Terraform S3 state file this resource belongs to.\n\nType: String\n- `eksSourceName`\n\nName of the Amazon Elastic Kubernetes Service cluster and namespace this resource belongs to.\n\n> This parameter accepts values in \"eks-cluster/namespace\" format. \n\nType: String\n- *`version`*\n\nThe AWS Resilience Hub application version.\n- `additionalInfo`\n\nAdditional configuration parameters for an AWS Resilience Hub application. If you want to implement `additionalInfo` through the AWS Resilience Hub console rather than using an API call, see [Configure the application configuration parameters](https://docs.aws.amazon.com//resilience-hub/latest/userguide/app-config-param.html) .\n\n> Currently, this parameter accepts a key-value mapping (in a string format) of only one failover region and one associated account.\n> \n> Key: `\"failover-regions\"`\n> \n> Value: `\"[{\"region\":\"\", \"accounts\":[{\"id\":\"\"}]}]\"`", + "title": "AppTemplateBody", "type": "string" }, - "DomainOu": { - "markdownDescription": "The Active Directory organizational unit for your DB instance to join.\n\nConstraints:\n\n- Must be in the distinguished name format.\n- Can't be longer than 64 characters.\n\nExample: `OU=mymanagedADtestOU,DC=mymanagedADtest,DC=mymanagedAD,DC=mydomain`", - "title": "DomainOu", + "Description": { + "markdownDescription": "Optional description for an application.", + "title": "Description", "type": "string" }, - "EnableCloudwatchLogsExports": { + "EventSubscriptions": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::ResilienceHub::App.EventSubscription" }, - "markdownDescription": "The list of log types that need to be enabled for exporting to CloudWatch Logs. The values in the list depend on the DB engine being used. For more information, see [Publishing Database Logs to Amazon CloudWatch Logs](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_LogAccess.html#USER_LogAccess.Procedural.UploadtoCloudWatch) in the *Amazon Relational Database Service User Guide* .\n\n*Amazon Aurora*\n\nNot applicable. CloudWatch Logs exports are managed by the DB cluster.\n\n*Db2*\n\nValid values: `diag.log` , `notify.log`\n\n*MariaDB*\n\nValid values: `audit` , `error` , `general` , `slowquery`\n\n*Microsoft SQL Server*\n\nValid values: `agent` , `error`\n\n*MySQL*\n\nValid values: `audit` , `error` , `general` , `slowquery`\n\n*Oracle*\n\nValid values: `alert` , `audit` , `listener` , `trace` , `oemagent`\n\n*PostgreSQL*\n\nValid values: `postgresql` , `upgrade`", - "title": "EnableCloudwatchLogsExports", + "markdownDescription": "The list of events you would like to subscribe and get notification for. Currently, AWS Resilience Hub supports notifications only for *Drift detected* and *Scheduled assessment failure* events.", + "title": "EventSubscriptions", "type": "array" }, - "EnableIAMDatabaseAuthentication": { - "markdownDescription": "A value that indicates whether to enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts. By default, mapping is disabled.\n\nThis property is supported for RDS for MariaDB, RDS for MySQL, and RDS for PostgreSQL. For more information, see [IAM Database Authentication for MariaDB, MySQL, and PostgreSQL](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAMDBAuth.html) in the *Amazon RDS User Guide.*\n\n*Amazon Aurora*\n\nNot applicable. Mapping AWS IAM accounts to database accounts is managed by the DB cluster.", - "title": "EnableIAMDatabaseAuthentication", - "type": "boolean" - }, - "EnablePerformanceInsights": { - "markdownDescription": "Specifies whether to enable Performance Insights for the DB instance. For more information, see [Using Amazon Performance Insights](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.html) in the *Amazon RDS User Guide* .\n\nThis setting doesn't apply to RDS Custom DB instances.", - "title": "EnablePerformanceInsights", - "type": "boolean" - }, - "Endpoint": { - "$ref": "#/definitions/AWS::RDS::DBInstance.Endpoint" - }, - "Engine": { - "markdownDescription": "The name of the database engine to use for this DB instance. Not every database engine is available in every AWS Region.\n\nThis property is required when creating a DB instance.\n\n> You can convert an Oracle database from the non-CDB architecture to the container database (CDB) architecture by updating the `Engine` value in your templates from `oracle-ee` to `oracle-ee-cdb` or from `oracle-se2` to `oracle-se2-cdb` . Converting to the CDB architecture requires an interruption. \n\nValid Values:\n\n- `aurora-mysql` (for Aurora MySQL DB instances)\n- `aurora-postgresql` (for Aurora PostgreSQL DB instances)\n- `custom-oracle-ee` (for RDS Custom for Oracle DB instances)\n- `custom-oracle-ee-cdb` (for RDS Custom for Oracle DB instances)\n- `custom-sqlserver-ee` (for RDS Custom for SQL Server DB instances)\n- `custom-sqlserver-se` (for RDS Custom for SQL Server DB instances)\n- `custom-sqlserver-web` (for RDS Custom for SQL Server DB instances)\n- `db2-ae`\n- `db2-se`\n- `mariadb`\n- `mysql`\n- `oracle-ee`\n- `oracle-ee-cdb`\n- `oracle-se2`\n- `oracle-se2-cdb`\n- `postgres`\n- `sqlserver-ee`\n- `sqlserver-se`\n- `sqlserver-ex`\n- `sqlserver-web`", - "title": "Engine", - "type": "string" - }, - "EngineVersion": { - "markdownDescription": "The version number of the database engine to use.\n\nFor a list of valid engine versions, use the `DescribeDBEngineVersions` action.\n\nThe following are the database engines and links to information about the major and minor versions that are available with Amazon RDS. Not every database engine is available for every AWS Region.\n\n*Amazon Aurora*\n\nNot applicable. The version number of the database engine to be used by the DB instance is managed by the DB cluster.\n\n*Db2*\n\nSee [Amazon RDS for Db2](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Db2.html#Db2.Concepts.VersionMgmt) in the *Amazon RDS User Guide.*\n\n*MariaDB*\n\nSee [MariaDB on Amazon RDS Versions](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MariaDB.html#MariaDB.Concepts.VersionMgmt) in the *Amazon RDS User Guide.*\n\n*Microsoft SQL Server*\n\nSee [Microsoft SQL Server Versions on Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.VersionSupport) in the *Amazon RDS User Guide.*\n\n*MySQL*\n\nSee [MySQL on Amazon RDS Versions](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MySQL.html#MySQL.Concepts.VersionMgmt) in the *Amazon RDS User Guide.*\n\n*Oracle*\n\nSee [Oracle Database Engine Release Notes](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.Oracle.PatchComposition.html) in the *Amazon RDS User Guide.*\n\n*PostgreSQL*\n\nSee [Supported PostgreSQL Database Versions](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_PostgreSQL.html#PostgreSQL.Concepts.General.DBVersions) in the *Amazon RDS User Guide.*", - "title": "EngineVersion", - "type": "string" - }, - "Iops": { - "markdownDescription": "The number of I/O operations per second (IOPS) that the database provisions. The value must be equal to or greater than 1000.\n\nIf you specify this property, you must follow the range of allowed ratios of your requested IOPS rate to the amount of storage that you allocate (IOPS to allocated storage). For example, you can provision an Oracle database instance with 1000 IOPS and 200 GiB of storage (a ratio of 5:1), or specify 2000 IOPS with 200 GiB of storage (a ratio of 10:1). For more information, see [Amazon RDS Provisioned IOPS Storage to Improve Performance](https://docs.aws.amazon.com/AmazonRDS/latest/DeveloperGuide/CHAP_Storage.html#USER_PIOPS) in the *Amazon RDS User Guide* .\n\n> If you specify `io1` for the `StorageType` property, then you must also specify the `Iops` property. \n\nConstraints:\n\n- For RDS for Db2, MariaDB, MySQL, Oracle, and PostgreSQL - Must be a multiple between .5 and 50 of the storage amount for the DB instance.\n- For RDS for SQL Server - Must be a multiple between 1 and 50 of the storage amount for the DB instance.", - "title": "Iops", - "type": "number" - }, - "KmsKeyId": { - "markdownDescription": "The ARN of the AWS KMS key that's used to encrypt the DB instance, such as `arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef` . If you enable the StorageEncrypted property but don't specify this property, AWS CloudFormation uses the default KMS key. If you specify this property, you must set the StorageEncrypted property to true.\n\nIf you specify the `SourceDBInstanceIdentifier` or `SourceDbiResourceId` property, don't specify this property. The value is inherited from the source DB instance, and if the DB instance is encrypted, the specified `KmsKeyId` property is used. However, if the source DB instance is in a different AWS Region, you must specify a KMS key ID.\n\nIf you specify the `SourceDBInstanceAutomatedBackupsArn` property, don't specify this property. The value is inherited from the source DB instance automated backup, and if the automated backup is encrypted, the specified `KmsKeyId` property is used.\n\nIf you create an encrypted read replica in a different AWS Region, then you must specify a KMS key for the destination AWS Region. KMS encryption keys are specific to the region that they're created in, and you can't use encryption keys from one region in another region.\n\nIf you specify the `DBSnapshotIdentifier` property, don't specify this property. The `StorageEncrypted` property value is inherited from the snapshot. If the DB instance is encrypted, the specified `KmsKeyId` property is also inherited from the snapshot.\n\nIf you specify `DBSecurityGroups` , AWS CloudFormation ignores this property. To specify both a security group and this property, you must use a VPC security group. For more information about Amazon RDS and VPC, see [Using Amazon RDS with Amazon VPC](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.html) in the *Amazon RDS User Guide* .\n\n*Amazon Aurora*\n\nNot applicable. The KMS key identifier is managed by the DB cluster.", - "title": "KmsKeyId", - "type": "string" - }, - "LicenseModel": { - "markdownDescription": "License model information for this DB instance.\n\nValid Values:\n\n- Aurora MySQL - `general-public-license`\n- Aurora PostgreSQL - `postgresql-license`\n- RDS for Db2 - `bring-your-own-license` . For more information about RDS for Db2 licensing, see [](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/db2-licensing.html) in the *Amazon RDS User Guide.*\n- RDS for MariaDB - `general-public-license`\n- RDS for Microsoft SQL Server - `license-included`\n- RDS for MySQL - `general-public-license`\n- RDS for Oracle - `bring-your-own-license` or `license-included`\n- RDS for PostgreSQL - `postgresql-license`\n\n> If you've specified `DBSecurityGroups` and then you update the license model, AWS CloudFormation replaces the underlying DB instance. This will incur some interruptions to database availability.", - "title": "LicenseModel", - "type": "string" - }, - "ManageMasterUserPassword": { - "markdownDescription": "Specifies whether to manage the master user password with AWS Secrets Manager.\n\nFor more information, see [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide.*\n\nConstraints:\n\n- Can't manage the master user password with AWS Secrets Manager if `MasterUserPassword` is specified.", - "title": "ManageMasterUserPassword", - "type": "boolean" - }, - "MasterUserPassword": { - "markdownDescription": "The password for the master user. The password can include any printable ASCII character except \"/\", \"\"\", or \"@\".\n\n*Amazon Aurora*\n\nNot applicable. The password for the master user is managed by the DB cluster.\n\n*RDS for Db2*\n\nMust contain from 8 to 255 characters.\n\n*RDS for MariaDB*\n\nConstraints: Must contain from 8 to 41 characters.\n\n*RDS for Microsoft SQL Server*\n\nConstraints: Must contain from 8 to 128 characters.\n\n*RDS for MySQL*\n\nConstraints: Must contain from 8 to 41 characters.\n\n*RDS for Oracle*\n\nConstraints: Must contain from 8 to 30 characters.\n\n*RDS for PostgreSQL*\n\nConstraints: Must contain from 8 to 128 characters.", - "title": "MasterUserPassword", - "type": "string" - }, - "MasterUserSecret": { - "$ref": "#/definitions/AWS::RDS::DBInstance.MasterUserSecret", - "markdownDescription": "The secret managed by RDS in AWS Secrets Manager for the master user password.\n\nFor more information, see [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide.*", - "title": "MasterUserSecret" - }, - "MasterUsername": { - "markdownDescription": "The master user name for the DB instance.\n\n> If you specify the `SourceDBInstanceIdentifier` or `DBSnapshotIdentifier` property, don't specify this property. The value is inherited from the source DB instance or snapshot.\n> \n> When migrating a self-managed Db2 database, we recommend that you use the same master username as your self-managed Db2 instance name. \n\n*Amazon Aurora*\n\nNot applicable. The name for the master user is managed by the DB cluster.\n\n*RDS for Db2*\n\nConstraints:\n\n- Must be 1 to 16 letters or numbers.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.\n\n*RDS for MariaDB*\n\nConstraints:\n\n- Must be 1 to 16 letters or numbers.\n- Can't be a reserved word for the chosen database engine.\n\n*RDS for Microsoft SQL Server*\n\nConstraints:\n\n- Must be 1 to 128 letters or numbers.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.\n\n*RDS for MySQL*\n\nConstraints:\n\n- Must be 1 to 16 letters or numbers.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.\n\n*RDS for Oracle*\n\nConstraints:\n\n- Must be 1 to 30 letters or numbers.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.\n\n*RDS for PostgreSQL*\n\nConstraints:\n\n- Must be 1 to 63 letters or numbers.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.", - "title": "MasterUsername", - "type": "string" - }, - "MaxAllocatedStorage": { - "markdownDescription": "The upper limit in gibibytes (GiB) to which Amazon RDS can automatically scale the storage of the DB instance.\n\nFor more information about this setting, including limitations that apply to it, see [Managing capacity automatically with Amazon RDS storage autoscaling](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIOPS.StorageTypes.html#USER_PIOPS.Autoscaling) in the *Amazon RDS User Guide* .\n\nThis setting doesn't apply to the following DB instances:\n\n- Amazon Aurora (Storage is managed by the DB cluster.)\n- RDS Custom", - "title": "MaxAllocatedStorage", - "type": "number" - }, - "MonitoringInterval": { - "markdownDescription": "The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance. To disable collection of Enhanced Monitoring metrics, specify `0` .\n\nIf `MonitoringRoleArn` is specified, then you must set `MonitoringInterval` to a value other than `0` .\n\nThis setting doesn't apply to RDS Custom DB instances.\n\nValid Values: `0 | 1 | 5 | 10 | 15 | 30 | 60`\n\nDefault: `0`", - "title": "MonitoringInterval", - "type": "number" - }, - "MonitoringRoleArn": { - "markdownDescription": "The ARN for the IAM role that permits RDS to send enhanced monitoring metrics to Amazon CloudWatch Logs. For example, `arn:aws:iam:123456789012:role/emaccess` . For information on creating a monitoring role, see [Setting Up and Enabling Enhanced Monitoring](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.OS.html#USER_Monitoring.OS.Enabling) in the *Amazon RDS User Guide* .\n\nIf `MonitoringInterval` is set to a value other than `0` , then you must supply a `MonitoringRoleArn` value.\n\nThis setting doesn't apply to RDS Custom DB instances.", - "title": "MonitoringRoleArn", - "type": "string" - }, - "MultiAZ": { - "markdownDescription": "Specifies whether the DB instance is a Multi-AZ deployment. You can't set the `AvailabilityZone` parameter if the DB instance is a Multi-AZ deployment.\n\nThis setting doesn't apply to the following DB instances:\n\n- Amazon Aurora (DB instance Availability Zones (AZs) are managed by the DB cluster.)\n- RDS Custom", - "title": "MultiAZ", - "type": "boolean" - }, - "NcharCharacterSetName": { - "markdownDescription": "The name of the NCHAR character set for the Oracle DB instance.\n\nThis setting doesn't apply to RDS Custom DB instances.", - "title": "NcharCharacterSetName", - "type": "string" - }, - "NetworkType": { - "markdownDescription": "The network type of the DB instance.\n\nValid values:\n\n- `IPV4`\n- `DUAL`\n\nThe network type is determined by the `DBSubnetGroup` specified for the DB instance. A `DBSubnetGroup` can support only the IPv4 protocol or the IPv4 and IPv6 protocols ( `DUAL` ).\n\nFor more information, see [Working with a DB instance in a VPC](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.WorkingWithRDSInstanceinaVPC.html) in the *Amazon RDS User Guide.*", - "title": "NetworkType", - "type": "string" - }, - "OptionGroupName": { - "markdownDescription": "Indicates that the DB instance should be associated with the specified option group.\n\nPermanent options, such as the TDE option for Oracle Advanced Security TDE, can't be removed from an option group. Also, that option group can't be removed from a DB instance once it is associated with a DB instance.", - "title": "OptionGroupName", - "type": "string" - }, - "PerformanceInsightsKMSKeyId": { - "markdownDescription": "The AWS KMS key identifier for encryption of Performance Insights data.\n\nThe KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.\n\nIf you do not specify a value for `PerformanceInsightsKMSKeyId` , then Amazon RDS uses your default KMS key. There is a default KMS key for your AWS account. Your AWS account has a different default KMS key for each AWS Region.\n\nFor information about enabling Performance Insights, see [EnablePerformanceInsights](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-enableperformanceinsights) .", - "title": "PerformanceInsightsKMSKeyId", - "type": "string" - }, - "PerformanceInsightsRetentionPeriod": { - "markdownDescription": "The number of days to retain Performance Insights data. When creating a DB instance without enabling Performance Insights, you can't specify the parameter `PerformanceInsightsRetentionPeriod` .\n\nThis setting doesn't apply to RDS Custom DB instances.\n\nValid Values:\n\n- `7`\n- *month* * 31, where *month* is a number of months from 1-23. Examples: `93` (3 months * 31), `341` (11 months * 31), `589` (19 months * 31)\n- `731`\n\nDefault: `7` days\n\nIf you specify a retention period that isn't valid, such as `94` , Amazon RDS returns an error.", - "title": "PerformanceInsightsRetentionPeriod", - "type": "number" - }, - "Port": { - "markdownDescription": "The port number on which the database accepts connections.\n\nThis setting doesn't apply to Aurora DB instances. The port number is managed by the cluster.\n\nValid Values: `1150-65535`\n\nDefault:\n\n- RDS for Db2 - `50000`\n- RDS for MariaDB - `3306`\n- RDS for Microsoft SQL Server - `1433`\n- RDS for MySQL - `3306`\n- RDS for Oracle - `1521`\n- RDS for PostgreSQL - `5432`\n\nConstraints:\n\n- For RDS for Microsoft SQL Server, the value can't be `1234` , `1434` , `3260` , `3343` , `3389` , `47001` , or `49152-49156` .", - "title": "Port", + "Name": { + "markdownDescription": "Name for the application.", + "title": "Name", "type": "string" }, - "PreferredBackupWindow": { - "markdownDescription": "The daily time range during which automated backups are created if automated backups are enabled, using the `BackupRetentionPeriod` parameter. For more information, see [Backup Window](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithAutomatedBackups.html#USER_WorkingWithAutomatedBackups.BackupWindow) in the *Amazon RDS User Guide.*\n\nConstraints:\n\n- Must be in the format `hh24:mi-hh24:mi` .\n- Must be in Universal Coordinated Time (UTC).\n- Must not conflict with the preferred maintenance window.\n- Must be at least 30 minutes.\n\n*Amazon Aurora*\n\nNot applicable. The daily time range for creating automated backups is managed by the DB cluster.", - "title": "PreferredBackupWindow", - "type": "string" + "PermissionModel": { + "$ref": "#/definitions/AWS::ResilienceHub::App.PermissionModel", + "markdownDescription": "Defines the roles and credentials that AWS Resilience Hub would use while creating the application, importing its resources, and running an assessment.", + "title": "PermissionModel" }, - "PreferredMaintenanceWindow": { - "markdownDescription": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n\nFormat: `ddd:hh24:mi-ddd:hh24:mi`\n\nThe default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region, occurring on a random day of the week. To see the time blocks available, see [Maintaining a DB instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Maintenance.html#AdjustingTheMaintenanceWindow) in the *Amazon RDS User Guide.*\n\n> This property applies when AWS CloudFormation initially creates the DB instance. If you use AWS CloudFormation to update the DB instance, those updates are applied immediately. \n\nConstraints: Minimum 30-minute window.", - "title": "PreferredMaintenanceWindow", + "ResiliencyPolicyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resiliency policy.", + "title": "ResiliencyPolicyArn", "type": "string" }, - "ProcessorFeatures": { + "ResourceMappings": { "items": { - "$ref": "#/definitions/AWS::RDS::DBInstance.ProcessorFeature" + "$ref": "#/definitions/AWS::ResilienceHub::App.ResourceMapping" }, - "markdownDescription": "The number of CPU cores and the number of threads per core for the DB instance class of the DB instance.\n\nThis setting doesn't apply to Amazon Aurora or RDS Custom DB instances.", - "title": "ProcessorFeatures", + "markdownDescription": "An array of `ResourceMapping` objects.", + "title": "ResourceMappings", "type": "array" }, - "PromotionTier": { - "markdownDescription": "The order of priority in which an Aurora Replica is promoted to the primary instance after a failure of the existing primary instance. For more information, see [Fault Tolerance for an Aurora DB Cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.AuroraHighAvailability.html#Aurora.Managing.FaultTolerance) in the *Amazon Aurora User Guide* .\n\nThis setting doesn't apply to RDS Custom DB instances.\n\nDefault: `1`\n\nValid Values: `0 - 15`", - "title": "PromotionTier", - "type": "number" - }, - "PubliclyAccessible": { - "markdownDescription": "Indicates whether the DB instance is an internet-facing instance. If you specify true, AWS CloudFormation creates an instance with a publicly resolvable DNS name, which resolves to a public IP address. If you specify false, AWS CloudFormation creates an internal instance with a DNS name that resolves to a private IP address.\n\nThe default behavior value depends on your VPC setup and the database subnet group. For more information, see the `PubliclyAccessible` parameter in the [CreateDBInstance](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html) in the *Amazon RDS API Reference* .", - "title": "PubliclyAccessible", - "type": "boolean" - }, - "ReplicaMode": { - "markdownDescription": "The open mode of an Oracle read replica. For more information, see [Working with Oracle Read Replicas for Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/oracle-read-replicas.html) in the *Amazon RDS User Guide* .\n\nThis setting is only supported in RDS for Oracle.\n\nDefault: `open-read-only`\n\nValid Values: `open-read-only` or `mounted`", - "title": "ReplicaMode", - "type": "string" - }, - "RestoreTime": { - "markdownDescription": "The date and time to restore from. This parameter applies to point-in-time recovery. For more information, see [Restoring a DB instance to a specified time](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIT.html) in the in the *Amazon RDS User Guide* .\n\nConstraints:\n\n- Must be a time in Universal Coordinated Time (UTC) format.\n- Must be before the latest restorable time for the DB instance.\n- Can't be specified if the `UseLatestRestorableTime` parameter is enabled.\n\nExample: `2009-09-07T23:45:00Z`", - "title": "RestoreTime", - "type": "string" - }, - "SourceDBClusterIdentifier": { - "markdownDescription": "The identifier of the Multi-AZ DB cluster that will act as the source for the read replica. Each DB cluster can have up to 15 read replicas.\n\nConstraints:\n\n- Must be the identifier of an existing Multi-AZ DB cluster.\n- Can't be specified if the `SourceDBInstanceIdentifier` parameter is also specified.\n- The specified DB cluster must have automatic backups enabled, that is, its backup retention period must be greater than 0.\n- The source DB cluster must be in the same AWS Region as the read replica. Cross-Region replication isn't supported.", - "title": "SourceDBClusterIdentifier", - "type": "string" - }, - "SourceDBInstanceAutomatedBackupsArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the replicated automated backups from which to restore, for example, `arn:aws:rds:us-east-1:123456789012:auto-backup:ab-L2IJCEXJP7XQ7HOJ4SIEXAMPLE` .\n\nThis setting doesn't apply to RDS Custom.", - "title": "SourceDBInstanceAutomatedBackupsArn", - "type": "string" - }, - "SourceDBInstanceIdentifier": { - "markdownDescription": "If you want to create a read replica DB instance, specify the ID of the source DB instance. Each DB instance can have a limited number of read replicas. For more information, see [Working with Read Replicas](https://docs.aws.amazon.com/AmazonRDS/latest/DeveloperGuide/USER_ReadRepl.html) in the *Amazon RDS User Guide* .\n\nFor information about constraints that apply to DB instance identifiers, see [Naming constraints in Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints) in the *Amazon RDS User Guide* .\n\nThe `SourceDBInstanceIdentifier` property determines whether a DB instance is a read replica. If you remove the `SourceDBInstanceIdentifier` property from your template and then update your stack, AWS CloudFormation promotes the read replica to a standalone DB instance.\n\nIf you specify the `UseLatestRestorableTime` or `RestoreTime` properties in conjunction with the `SourceDBInstanceIdentifier` property, RDS restores the DB instance to the requested point in time, thereby creating a new DB instance.\n\n> - If you specify a source DB instance that uses VPC security groups, we recommend that you specify the `VPCSecurityGroups` property. If you don't specify the property, the read replica inherits the value of the `VPCSecurityGroups` property from the source DB when you create the replica. However, if you update the stack, AWS CloudFormation reverts the replica's `VPCSecurityGroups` property to the default value because it's not defined in the stack's template. This change might cause unexpected issues.\n> - Read replicas don't support deletion policies. AWS CloudFormation ignores any deletion policy that's associated with a read replica.\n> - If you specify `SourceDBInstanceIdentifier` , don't specify the `DBSnapshotIdentifier` property. You can't create a read replica from a snapshot.\n> - Don't set the `BackupRetentionPeriod` , `DBName` , `MasterUsername` , `MasterUserPassword` , and `PreferredBackupWindow` properties. The database attributes are inherited from the source DB instance, and backups are disabled for read replicas.\n> - If the source DB instance is in a different region than the read replica, specify the source region in `SourceRegion` , and specify an ARN for a valid DB instance in `SourceDBInstanceIdentifier` . For more information, see [Constructing a Amazon RDS Amazon Resource Name (ARN)](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html#USER_Tagging.ARN) in the *Amazon RDS User Guide* .\n> - For DB instances in Amazon Aurora clusters, don't specify this property. Amazon RDS automatically assigns writer and reader DB instances.", - "title": "SourceDBInstanceIdentifier", - "type": "string" - }, - "SourceDbiResourceId": { - "markdownDescription": "The resource ID of the source DB instance from which to restore.", - "title": "SourceDbiResourceId", - "type": "string" - }, - "SourceRegion": { - "markdownDescription": "The ID of the region that contains the source DB instance for the read replica.", - "title": "SourceRegion", - "type": "string" - }, - "StorageEncrypted": { - "markdownDescription": "A value that indicates whether the DB instance is encrypted. By default, it isn't encrypted.\n\nIf you specify the `KmsKeyId` property, then you must enable encryption.\n\nIf you specify the `SourceDBInstanceIdentifier` or `SourceDbiResourceId` property, don't specify this property. The value is inherited from the source DB instance, and if the DB instance is encrypted, the specified `KmsKeyId` property is used.\n\nIf you specify the `SourceDBInstanceAutomatedBackupsArn` property, don't specify this property. The value is inherited from the source DB instance automated backup.\n\nIf you specify `DBSnapshotIdentifier` property, don't specify this property. The value is inherited from the snapshot.\n\n*Amazon Aurora*\n\nNot applicable. The encryption for DB instances is managed by the DB cluster.", - "title": "StorageEncrypted", - "type": "boolean" - }, - "StorageThroughput": { - "markdownDescription": "Specifies the storage throughput value, in mebibyte per second (MiBps), for the DB instance. This setting applies only to the `gp3` storage type.\n\nThis setting doesn't apply to RDS Custom or Amazon Aurora.", - "title": "StorageThroughput", - "type": "number" - }, - "StorageType": { - "markdownDescription": "The storage type to associate with the DB instance.\n\nIf you specify `io1` , `io2` , or `gp3` , you must also include a value for the `Iops` parameter.\n\nThis setting doesn't apply to Amazon Aurora DB instances. Storage is managed by the DB cluster.\n\nValid Values: `gp2 | gp3 | io1 | io2 | standard`\n\nDefault: `io1` , if the `Iops` parameter is specified. Otherwise, `gp3` .", - "title": "StorageType", - "type": "string" - }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "Tags assigned to the resource. A tag is a label that you assign to an AWS resource. Each tag consists of a key/value pair.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "Tags to assign to the DB instance.", "title": "Tags", - "type": "array" - }, - "Timezone": { - "markdownDescription": "The time zone of the DB instance. The time zone parameter is currently supported only by [RDS for Db2](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/db2-time-zone) and [RDS for SQL Server](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.TimeZone) .", - "title": "Timezone", - "type": "string" - }, - "UseDefaultProcessorFeatures": { - "markdownDescription": "Specifies whether the DB instance class of the DB instance uses its default processor features.\n\nThis setting doesn't apply to RDS Custom DB instances.", - "title": "UseDefaultProcessorFeatures", - "type": "boolean" - }, - "UseLatestRestorableTime": { - "markdownDescription": "Specifies whether the DB instance is restored from the latest backup time. By default, the DB instance isn't restored from the latest backup time. This parameter applies to point-in-time recovery. For more information, see [Restoring a DB instance to a specified time](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIT.html) in the in the *Amazon RDS User Guide* .\n\nConstraints:\n\n- Can't be specified if the `RestoreTime` parameter is provided.", - "title": "UseLatestRestorableTime", - "type": "boolean" - }, - "VPCSecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the VPC security group IDs to assign to the DB instance. The list can include both the physical IDs of existing VPC security groups and references to [AWS::EC2::SecurityGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html) resources created in the template.\n\nIf you plan to update the resource, don't specify VPC security groups in a shared VPC.\n\nIf you set `VPCSecurityGroups` , you must not set [`DBSecurityGroups`](https://docs.aws.amazon.com//AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-dbsecuritygroups) , and vice versa.\n\n> You can migrate a DB instance in your stack from an RDS DB security group to a VPC security group, but keep the following in mind:\n> \n> - You can't revert to using an RDS security group after you establish a VPC security group membership.\n> - When you migrate your DB instance to VPC security groups, if your stack update rolls back because the DB instance update fails or because an update fails in another AWS CloudFormation resource, the rollback fails because it can't revert to an RDS security group.\n> - To use the properties that are available when you use a VPC security group, you must recreate the DB instance. If you don't, AWS CloudFormation submits only the property values that are listed in the [`DBSecurityGroups`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-dbsecuritygroups) property. \n\nTo avoid this situation, migrate your DB instance to using VPC security groups only when that is the only change in your stack template.\n\n*Amazon Aurora*\n\nNot applicable. The associated list of EC2 VPC security groups is managed by the DB cluster. If specified, the setting must match the DB cluster setting.", - "title": "VPCSecurityGroups", - "type": "array" + "type": "object" } }, + "required": [ + "AppTemplateBody", + "Name", + "ResourceMappings" + ], "type": "object" }, "Type": { "enum": [ - "AWS::RDS::DBInstance" + "AWS::ResilienceHub::App" ], "type": "string" }, @@ -225293,100 +272484,134 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::RDS::DBInstance.CertificateDetails": { + "AWS::ResilienceHub::App.EventSubscription": { "additionalProperties": false, "properties": { - "CAIdentifier": { - "markdownDescription": "The CA identifier of the CA certificate used for the DB instance's server certificate.", - "title": "CAIdentifier", + "EventType": { + "markdownDescription": "The type of event you would like to subscribe and get notification for. Currently, AWS Resilience Hub supports notifications only for *Drift detected* ( `DriftDetected` ) and *Scheduled assessment failure* ( `ScheduledAssessmentFailure` ) events.", + "title": "EventType", "type": "string" }, - "ValidTill": { - "markdownDescription": "The expiration date of the DB instance\u2019s server certificate.", - "title": "ValidTill", + "Name": { + "markdownDescription": "Unique name to identify an event subscription.", + "title": "Name", + "type": "string" + }, + "SnsTopicArn": { + "markdownDescription": "Amazon Resource Name (ARN) of the Amazon Simple Notification Service topic. The format for this ARN is: `arn:partition:sns:region:account:topic-name` . For more information about ARNs, see [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* guide.", + "title": "SnsTopicArn", "type": "string" } }, + "required": [ + "EventType", + "Name" + ], "type": "object" }, - "AWS::RDS::DBInstance.DBInstanceRole": { + "AWS::ResilienceHub::App.PermissionModel": { "additionalProperties": false, "properties": { - "FeatureName": { - "markdownDescription": "The name of the feature associated with the AWS Identity and Access Management (IAM) role. IAM roles that are associated with a DB instance grant permission for the DB instance to access other AWS services on your behalf. For the list of supported feature names, see the `SupportedFeatureNames` description in [DBEngineVersion](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DBEngineVersion.html) in the *Amazon RDS API Reference* .", - "title": "FeatureName", + "CrossAccountRoleArns": { + "items": { + "type": "string" + }, + "markdownDescription": "Defines a list of role Amazon Resource Names (ARNs) to be used in other accounts. These ARNs are used for querying purposes while importing resources and assessing your application.\n\n> - These ARNs are required only when your resources are in other accounts and you have different role name in these accounts. Else, the invoker role name will be used in the other accounts.\n> - These roles must have a trust policy with `iam:AssumeRole` permission to the invoker role in the primary account.", + "title": "CrossAccountRoleArns", + "type": "array" + }, + "InvokerRoleName": { + "markdownDescription": "Existing AWS IAM role name in the primary AWS account that will be assumed by AWS Resilience Hub Service Principle to obtain a read-only access to your application resources while running an assessment.\n\nIf your IAM role includes a path, you must include the path in the `invokerRoleName` parameter. For example, if your IAM role's ARN is `arn:aws:iam:123456789012:role/my-path/role-name` , you should pass `my-path/role-name` .\n\n> - You must have `iam:passRole` permission for this role while creating or updating the application.\n> - Currently, `invokerRoleName` accepts only `[A-Za-z0-9_+=,.@-]` characters.", + "title": "InvokerRoleName", "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that is associated with the DB instance.", - "title": "RoleArn", + "Type": { + "markdownDescription": "Defines how AWS Resilience Hub scans your resources. It can scan for the resources by using a pre-existing role in your AWS account, or by using the credentials of the current IAM user.", + "title": "Type", "type": "string" } }, "required": [ - "FeatureName", - "RoleArn" + "Type" ], "type": "object" }, - "AWS::RDS::DBInstance.Endpoint": { + "AWS::ResilienceHub::App.PhysicalResourceId": { "additionalProperties": false, "properties": { - "Address": { - "markdownDescription": "Specifies the DNS address of the DB instance.", - "title": "Address", + "AwsAccountId": { + "markdownDescription": "The AWS account that owns the physical resource.", + "title": "AwsAccountId", "type": "string" }, - "HostedZoneId": { - "markdownDescription": "Specifies the ID that Amazon Route 53 assigns when you create a hosted zone.", - "title": "HostedZoneId", + "AwsRegion": { + "markdownDescription": "The AWS Region that the physical resource is located in.", + "title": "AwsRegion", "type": "string" }, - "Port": { - "markdownDescription": "Specifies the port that the database engine is listening on.", - "title": "Port", + "Identifier": { + "markdownDescription": "Identifier of the physical resource.", + "title": "Identifier", + "type": "string" + }, + "Type": { + "markdownDescription": "Specifies the type of physical resource identifier.\n\n- **Arn** - The resource identifier is an Amazon Resource Name (ARN) and it can identify the following list of resources:\n\n- `AWS::ECS::Service`\n- `AWS::EFS::FileSystem`\n- `AWS::ElasticLoadBalancingV2::LoadBalancer`\n- `AWS::Lambda::Function`\n- `AWS::SNS::Topic`\n- **Native** - The resource identifier is an AWS Resilience Hub -native identifier and it can identify the following list of resources:\n\n- `AWS::ApiGateway::RestApi`\n- `AWS::ApiGatewayV2::Api`\n- `AWS::AutoScaling::AutoScalingGroup`\n- `AWS::DocDB::DBCluster`\n- `AWS::DocDB::DBGlobalCluster`\n- `AWS::DocDB::DBInstance`\n- `AWS::DynamoDB::GlobalTable`\n- `AWS::DynamoDB::Table`\n- `AWS::EC2::EC2Fleet`\n- `AWS::EC2::Instance`\n- `AWS::EC2::NatGateway`\n- `AWS::EC2::Volume`\n- `AWS::ElasticLoadBalancing::LoadBalancer`\n- `AWS::RDS::DBCluster`\n- `AWS::RDS::DBInstance`\n- `AWS::RDS::GlobalCluster`\n- `AWS::Route53::RecordSet`\n- `AWS::S3::Bucket`\n- `AWS::SQS::Queue`", + "title": "Type", "type": "string" } }, + "required": [ + "Identifier", + "Type" + ], "type": "object" }, - "AWS::RDS::DBInstance.MasterUserSecret": { + "AWS::ResilienceHub::App.ResourceMapping": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "The AWS KMS key identifier that is used to encrypt the secret.", - "title": "KmsKeyId", + "EksSourceName": { + "markdownDescription": "Name of the Amazon Elastic Kubernetes Service cluster and namespace that this resource is mapped to when the `mappingType` is `EKS` .\n\n> This parameter accepts values in \"eks-cluster/namespace\" format.", + "title": "EksSourceName", "type": "string" }, - "SecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the secret. This parameter is a return value that you can retrieve using the `Fn::GetAtt` intrinsic function. For more information, see [Return values](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbinstance.html#aws-resource-rds-dbinstance-return-values) .", - "title": "SecretArn", + "LogicalStackName": { + "markdownDescription": "Name of the AWS CloudFormation stack this resource is mapped to when the `mappingType` is `CfnStack` .", + "title": "LogicalStackName", "type": "string" - } - }, - "type": "object" - }, - "AWS::RDS::DBInstance.ProcessorFeature": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the processor feature. Valid names are `coreCount` and `threadsPerCore` .", - "title": "Name", + }, + "MappingType": { + "markdownDescription": "Specifies the type of resource mapping.", + "title": "MappingType", "type": "string" }, - "Value": { - "markdownDescription": "The value of a processor feature.", - "title": "Value", + "PhysicalResourceId": { + "$ref": "#/definitions/AWS::ResilienceHub::App.PhysicalResourceId", + "markdownDescription": "Identifier of the physical resource.", + "title": "PhysicalResourceId" + }, + "ResourceName": { + "markdownDescription": "Name of the resource that this resource is mapped to when the `mappingType` is `Resource` .", + "title": "ResourceName", + "type": "string" + }, + "TerraformSourceName": { + "markdownDescription": "Name of the Terraform source that this resource is mapped to when the `mappingType` is `Terraform` .", + "title": "TerraformSourceName", "type": "string" } }, + "required": [ + "MappingType", + "PhysicalResourceId" + ], "type": "object" }, - "AWS::RDS::DBParameterGroup": { + "AWS::ResilienceHub::ResiliencyPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -225421,44 +272646,53 @@ "Properties": { "additionalProperties": false, "properties": { - "DBParameterGroupName": { - "markdownDescription": "The name of the DB parameter group.\n\nConstraints:\n\n- Must be 1 to 255 letters, numbers, or hyphens.\n- First character must be a letter\n- Can't end with a hyphen or contain two consecutive hyphens\n\nIf you don't specify a value for `DBParameterGroupName` property, a name is automatically created for the DB parameter group.\n\n> This value is stored as a lowercase string.", - "title": "DBParameterGroupName", + "DataLocationConstraint": { + "markdownDescription": "Specifies a high-level geographical location constraint for where your resilience policy data can be stored.", + "title": "DataLocationConstraint", "type": "string" }, - "Description": { - "markdownDescription": "Provides the customer-specified description for this DB parameter group.", - "title": "Description", - "type": "string" + "Policy": { + "$ref": "#/definitions/AWS::ResilienceHub::ResiliencyPolicy.PolicyMap", + "markdownDescription": "The resiliency policy.", + "title": "Policy" }, - "Family": { - "markdownDescription": "The DB parameter group family name. A DB parameter group can be associated with one and only one DB parameter group family, and can be applied only to a DB instance running a database engine and engine version compatible with that DB parameter group family.\n\nTo list all of the available parameter group families for a DB engine, use the following command:\n\n`aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine `\n\nFor example, to list all of the available parameter group families for the MySQL DB engine, use the following command:\n\n`aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine mysql`\n\n> The output contains duplicates. \n\nThe following are the valid DB engine values:\n\n- `aurora-mysql`\n- `aurora-postgresql`\n- `db2-ae`\n- `db2-se`\n- `mysql`\n- `oracle-ee`\n- `oracle-ee-cdb`\n- `oracle-se2`\n- `oracle-se2-cdb`\n- `postgres`\n- `sqlserver-ee`\n- `sqlserver-se`\n- `sqlserver-ex`\n- `sqlserver-web`", - "title": "Family", + "PolicyDescription": { + "markdownDescription": "Description of the resiliency policy.", + "title": "PolicyDescription", "type": "string" }, - "Parameters": { - "markdownDescription": "A mapping of parameter names and values for the parameter update. You must specify at least one parameter name and value.\n\nFor more information about parameter groups, see [Working with parameter groups](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithParamGroups.html) in the *Amazon RDS User Guide* , or [Working with parameter groups](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_WorkingWithParamGroups.html) in the *Amazon Aurora User Guide* .\n\n> AWS CloudFormation doesn't support specifying an apply method for each individual parameter. The default apply method for each parameter is used.", - "title": "Parameters", - "type": "object" + "PolicyName": { + "markdownDescription": "The name of the policy", + "title": "PolicyName", + "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "Tags assigned to the resource. A tag is a label that you assign to an AWS resource. Each tag consists of a key/value pair.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "Tags to assign to the DB parameter group.", "title": "Tags", - "type": "array" + "type": "object" + }, + "Tier": { + "markdownDescription": "The tier for this resiliency policy, ranging from the highest severity ( `MissionCritical` ) to lowest ( `NonCritical` ).", + "title": "Tier", + "type": "string" } }, "required": [ - "Description", - "Family" + "Policy", + "PolicyName", + "Tier" ], "type": "object" }, "Type": { "enum": [ - "AWS::RDS::DBParameterGroup" + "AWS::ResilienceHub::ResiliencyPolicy" ], "type": "string" }, @@ -225477,7 +272711,58 @@ ], "type": "object" }, - "AWS::RDS::DBProxy": { + "AWS::ResilienceHub::ResiliencyPolicy.FailurePolicy": { + "additionalProperties": false, + "properties": { + "RpoInSecs": { + "markdownDescription": "Recovery Point Objective (RPO) in seconds.", + "title": "RpoInSecs", + "type": "number" + }, + "RtoInSecs": { + "markdownDescription": "Recovery Time Objective (RTO) in seconds.", + "title": "RtoInSecs", + "type": "number" + } + }, + "required": [ + "RpoInSecs", + "RtoInSecs" + ], + "type": "object" + }, + "AWS::ResilienceHub::ResiliencyPolicy.PolicyMap": { + "additionalProperties": false, + "properties": { + "AZ": { + "$ref": "#/definitions/AWS::ResilienceHub::ResiliencyPolicy.FailurePolicy", + "markdownDescription": "Defines the RTO and RPO targets for Availability Zone disruption.", + "title": "AZ" + }, + "Hardware": { + "$ref": "#/definitions/AWS::ResilienceHub::ResiliencyPolicy.FailurePolicy", + "markdownDescription": "Defines the RTO and RPO targets for hardware disruption.", + "title": "Hardware" + }, + "Region": { + "$ref": "#/definitions/AWS::ResilienceHub::ResiliencyPolicy.FailurePolicy", + "markdownDescription": "Defines the RTO and RPO targets for Regional disruption.", + "title": "Region" + }, + "Software": { + "$ref": "#/definitions/AWS::ResilienceHub::ResiliencyPolicy.FailurePolicy", + "markdownDescription": "Defines the RTO and RPO targets for software disruption.", + "title": "Software" + } + }, + "required": [ + "AZ", + "Hardware", + "Software" + ], + "type": "object" + }, + "AWS::ResourceExplorer2::DefaultViewAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -225512,81 +272797,20 @@ "Properties": { "additionalProperties": false, "properties": { - "Auth": { - "items": { - "$ref": "#/definitions/AWS::RDS::DBProxy.AuthFormat" - }, - "markdownDescription": "The authorization mechanism that the proxy uses.", - "title": "Auth", - "type": "array" - }, - "DBProxyName": { - "markdownDescription": "The identifier for the proxy. This name must be unique for all proxies owned by your AWS account in the specified AWS Region . An identifier must begin with a letter and must contain only ASCII letters, digits, and hyphens; it can't end with a hyphen or contain two consecutive hyphens.", - "title": "DBProxyName", - "type": "string" - }, - "DebugLogging": { - "markdownDescription": "Specifies whether the proxy includes detailed information about SQL statements in its logs. This information helps you to debug issues involving SQL behavior or the performance and scalability of the proxy connections. The debug information includes the text of SQL statements that you submit through the proxy. Thus, only enable this setting when needed for debugging, and only when you have security measures in place to safeguard any sensitive information that appears in the logs.", - "title": "DebugLogging", - "type": "boolean" - }, - "EngineFamily": { - "markdownDescription": "The kinds of databases that the proxy can connect to. This value determines which database network protocol the proxy recognizes when it interprets network traffic to and from the database. For Aurora MySQL, RDS for MariaDB, and RDS for MySQL databases, specify `MYSQL` . For Aurora PostgreSQL and RDS for PostgreSQL databases, specify `POSTGRESQL` . For RDS for Microsoft SQL Server, specify `SQLSERVER` .", - "title": "EngineFamily", - "type": "string" - }, - "IdleClientTimeout": { - "markdownDescription": "The number of seconds that a connection to the proxy can be inactive before the proxy disconnects it. You can set this value higher or lower than the connection timeout limit for the associated database.", - "title": "IdleClientTimeout", - "type": "number" - }, - "RequireTLS": { - "markdownDescription": "Specifies whether Transport Layer Security (TLS) encryption is required for connections to the proxy. By enabling this setting, you can enforce encrypted TLS connections to the proxy.", - "title": "RequireTLS", - "type": "boolean" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that the proxy uses to access secrets in AWS Secrets Manager.", - "title": "RoleArn", + "ViewArn": { + "markdownDescription": "The ARN of the view to set as the default for the AWS Region and AWS account in which you call this operation. The specified view must already exist in the specified Region.", + "title": "ViewArn", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/AWS::RDS::DBProxy.TagFormat" - }, - "markdownDescription": "An optional set of key-value pairs to associate arbitrary data of your choosing with the proxy.", - "title": "Tags", - "type": "array" - }, - "VpcSecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more VPC security group IDs to associate with the new proxy.\n\nIf you plan to update the resource, don't specify VPC security groups in a shared VPC.", - "title": "VpcSecurityGroupIds", - "type": "array" - }, - "VpcSubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more VPC subnet IDs to associate with the new proxy.", - "title": "VpcSubnetIds", - "type": "array" } }, "required": [ - "Auth", - "DBProxyName", - "EngineFamily", - "RoleArn", - "VpcSubnetIds" + "ViewArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::RDS::DBProxy" + "AWS::ResourceExplorer2::DefaultViewAssociation" ], "type": "string" }, @@ -225605,54 +272829,7 @@ ], "type": "object" }, - "AWS::RDS::DBProxy.AuthFormat": { - "additionalProperties": false, - "properties": { - "AuthScheme": { - "markdownDescription": "The type of authentication that the proxy uses for connections from the proxy to the underlying database.", - "title": "AuthScheme", - "type": "string" - }, - "ClientPasswordAuthType": { - "markdownDescription": "Specifies the details of authentication used by a proxy to log in as a specific database user.", - "title": "ClientPasswordAuthType", - "type": "string" - }, - "Description": { - "markdownDescription": "A user-specified description about the authentication used by a proxy to log in as a specific database user.", - "title": "Description", - "type": "string" - }, - "IAMAuth": { - "markdownDescription": "A value that indicates whether to require or disallow AWS Identity and Access Management (IAM) authentication for connections to the proxy. The `ENABLED` value is valid only for proxies with RDS for Microsoft SQL Server.", - "title": "IAMAuth", - "type": "string" - }, - "SecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) representing the secret that the proxy uses to authenticate to the RDS DB instance or Aurora DB cluster. These secrets are stored within Amazon Secrets Manager.", - "title": "SecretArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::RDS::DBProxy.TagFormat": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "A key is the required name of the tag. The string value can be from 1 to 128 Unicode characters in length and can't be prefixed with `aws:` or `rds:` . The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\").", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "A value is the optional value of the tag. The string value can be from 1 to 256 Unicode characters in length and can't be prefixed with `aws:` or `rds:` . The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\").", - "title": "Value", - "type": "string" - } - }, - "type": "object" - }, - "AWS::RDS::DBProxyEndpoint": { + "AWS::ResourceExplorer2::Index": { "additionalProperties": false, "properties": { "Condition": { @@ -225687,56 +272864,31 @@ "Properties": { "additionalProperties": false, "properties": { - "DBProxyEndpointName": { - "markdownDescription": "The name of the DB proxy endpoint to create.", - "title": "DBProxyEndpointName", - "type": "string" - }, - "DBProxyName": { - "markdownDescription": "The name of the DB proxy associated with the DB proxy endpoint that you create.", - "title": "DBProxyName", - "type": "string" - }, "Tags": { - "items": { - "$ref": "#/definitions/AWS::RDS::DBProxyEndpoint.TagFormat" + "additionalProperties": true, + "markdownDescription": "The specified tags are attached to only the index created in this AWS Region . The tags don't attach to any of the resources listed in the index.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "An optional set of key-value pairs to associate arbitrary data of your choosing with the proxy.", "title": "Tags", - "type": "array" + "type": "object" }, - "TargetRole": { - "markdownDescription": "A value that indicates whether the DB proxy endpoint can be used for read/write or read-only operations.", - "title": "TargetRole", + "Type": { + "markdownDescription": "Specifies the type of the index in this Region. For information about the aggregator index and how it differs from a local index, see [Turning on cross-Region search by creating an aggregator index](https://docs.aws.amazon.com/resource-explorer/latest/userguide/manage-aggregator-region.html) in the *AWS Resource Explorer User Guide.* .", + "title": "Type", "type": "string" - }, - "VpcSecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The VPC security group IDs for the DB proxy endpoint that you create. You can specify a different set of security group IDs than for the original DB proxy. The default is the default security group for the VPC.", - "title": "VpcSecurityGroupIds", - "type": "array" - }, - "VpcSubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The VPC subnet IDs for the DB proxy endpoint that you create. You can specify a different set of subnet IDs than for the original DB proxy.", - "title": "VpcSubnetIds", - "type": "array" } }, "required": [ - "DBProxyEndpointName", - "DBProxyName", - "VpcSubnetIds" + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::RDS::DBProxyEndpoint" + "AWS::ResourceExplorer2::Index" ], "type": "string" }, @@ -225755,23 +272907,7 @@ ], "type": "object" }, - "AWS::RDS::DBProxyEndpoint.TagFormat": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "A key is the required name of the tag. The string value can be from 1 to 128 Unicode characters in length and can't be prefixed with `aws:` or `rds:` . The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\").", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "A value is the optional value of the tag. The string value can be from 1 to 256 Unicode characters in length and can't be prefixed with `aws:` or `rds:` . The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\").", - "title": "Value", - "type": "string" - } - }, - "type": "object" - }, - "AWS::RDS::DBProxyTargetGroup": { + "AWS::ResourceExplorer2::View": { "additionalProperties": false, "properties": { "Condition": { @@ -225806,47 +272942,49 @@ "Properties": { "additionalProperties": false, "properties": { - "ConnectionPoolConfigurationInfo": { - "$ref": "#/definitions/AWS::RDS::DBProxyTargetGroup.ConnectionPoolConfigurationInfoFormat", - "markdownDescription": "Displays the settings that control the size and behavior of the connection pool associated with a `DBProxyTarget` .", - "title": "ConnectionPoolConfigurationInfo" - }, - "DBClusterIdentifiers": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more DB cluster identifiers.", - "title": "DBClusterIdentifiers", - "type": "array" + "Filters": { + "$ref": "#/definitions/AWS::ResourceExplorer2::View.SearchFilter", + "markdownDescription": "An array of strings that include search keywords, prefixes, and operators that filter the results that are returned for queries made using this view. When you use this view in a [Search](https://docs.aws.amazon.com/resource-explorer/latest/apireference/API_Search.html) operation, the filter string is combined with the search's `QueryString` parameter using a logical `AND` operator.\n\nFor information about the supported syntax, see [Search query reference for Resource Explorer](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html) in the *AWS Resource Explorer User Guide* .\n\n> This query string in the context of this operation supports only [filter prefixes](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html#query-syntax-filters) with optional [operators](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html#query-syntax-operators) . It doesn't support free-form text. For example, the string `region:us* service:ec2 -tag:stage=prod` includes all Amazon EC2 resources in any AWS Region that begin with the letters `us` and are *not* tagged with a key `Stage` that has the value `prod` .", + "title": "Filters" }, - "DBInstanceIdentifiers": { + "IncludedProperties": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::ResourceExplorer2::View.IncludedProperty" }, - "markdownDescription": "One or more DB instance identifiers.", - "title": "DBInstanceIdentifiers", + "markdownDescription": "A list of fields that provide additional information about the view.", + "title": "IncludedProperties", "type": "array" }, - "DBProxyName": { - "markdownDescription": "The identifier of the `DBProxy` that is associated with the `DBProxyTargetGroup` .", - "title": "DBProxyName", + "Scope": { + "markdownDescription": "The root ARN of the account, an organizational unit (OU), or an organization ARN. If left empty, the default is account.", + "title": "Scope", "type": "string" }, - "TargetGroupName": { - "markdownDescription": "The identifier for the target group.\n\n> Currently, this property must be set to `default` .", - "title": "TargetGroupName", + "Tags": { + "additionalProperties": true, + "markdownDescription": "Tag key and value pairs that are attached to the view.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "ViewName": { + "markdownDescription": "The name of the new view.", + "title": "ViewName", "type": "string" } }, "required": [ - "DBProxyName", - "TargetGroupName" + "ViewName" ], "type": "object" }, "Type": { "enum": [ - "AWS::RDS::DBProxyTargetGroup" + "AWS::ResourceExplorer2::View" ], "type": "string" }, @@ -225865,41 +273003,35 @@ ], "type": "object" }, - "AWS::RDS::DBProxyTargetGroup.ConnectionPoolConfigurationInfoFormat": { + "AWS::ResourceExplorer2::View.IncludedProperty": { "additionalProperties": false, "properties": { - "ConnectionBorrowTimeout": { - "markdownDescription": "The number of seconds for a proxy to wait for a connection to become available in the connection pool. This setting only applies when the proxy has opened its maximum number of connections and all connections are busy with client sessions.\n\nDefault: `120`\n\nConstraints:\n\n- Must be between 0 and 300.", - "title": "ConnectionBorrowTimeout", - "type": "number" - }, - "InitQuery": { - "markdownDescription": "Add an initialization query, or modify the current one. You can specify one or more SQL statements for the proxy to run when opening each new database connection. The setting is typically used with `SET` statements to make sure that each connection has identical settings. Make sure the query added here is valid. This is an optional field, so you can choose to leave it empty. For including multiple variables in a single SET statement, use a comma separator.\n\nFor example: `SET variable1=value1, variable2=value2`\n\nDefault: no initialization query", - "title": "InitQuery", + "Name": { + "markdownDescription": "The name of the property that is included in this view.", + "title": "Name", "type": "string" - }, - "MaxConnectionsPercent": { - "markdownDescription": "The maximum size of the connection pool for each target in a target group. The value is expressed as a percentage of the `max_connections` setting for the RDS DB instance or Aurora DB cluster used by the target group.\n\nIf you specify `MaxIdleConnectionsPercent` , then you must also include a value for this parameter.\n\nDefault: `10` for RDS for Microsoft SQL Server, and `100` for all other engines\n\nConstraints:\n\n- Must be between 1 and 100.", - "title": "MaxConnectionsPercent", - "type": "number" - }, - "MaxIdleConnectionsPercent": { - "markdownDescription": "A value that controls how actively the proxy closes idle database connections in the connection pool. The value is expressed as a percentage of the `max_connections` setting for the RDS DB instance or Aurora DB cluster used by the target group. With a high value, the proxy leaves a high percentage of idle database connections open. A low value causes the proxy to close more idle connections and return them to the database.\n\nIf you specify this parameter, then you must also include a value for `MaxConnectionsPercent` .\n\nDefault: The default value is half of the value of `MaxConnectionsPercent` . For example, if `MaxConnectionsPercent` is 80, then the default value of `MaxIdleConnectionsPercent` is 40. If the value of `MaxConnectionsPercent` isn't specified, then for SQL Server, `MaxIdleConnectionsPercent` is `5` , and for all other engines, the default is `50` .\n\nConstraints:\n\n- Must be between 0 and the value of `MaxConnectionsPercent` .", - "title": "MaxIdleConnectionsPercent", - "type": "number" - }, - "SessionPinningFilters": { - "items": { - "type": "string" - }, - "markdownDescription": "Each item in the list represents a class of SQL operations that normally cause all later statements in a session using a proxy to be pinned to the same underlying database connection. Including an item in the list exempts that class of SQL operations from the pinning behavior.\n\nDefault: no session pinning filters", - "title": "SessionPinningFilters", - "type": "array" } }, + "required": [ + "Name" + ], "type": "object" }, - "AWS::RDS::DBSecurityGroup": { + "AWS::ResourceExplorer2::View.SearchFilter": { + "additionalProperties": false, + "properties": { + "FilterString": { + "markdownDescription": "The string that contains the search keywords, prefixes, and operators to control the results that can be returned by a Search operation.\n\nFor information about the supported syntax, see [Search query reference](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html) in the *AWS Resource Explorer User Guide* .\n\n> This query string in the context of this operation supports only [filter prefixes](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html#query-syntax-filters) with optional [operators](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html#query-syntax-operators) . It doesn't support free-form text. For example, the string `region:us* service:ec2 -tag:stage=prod` includes all Amazon EC2 resources in any AWS Region that begin with the letters `us` and are *not* tagged with a key `Stage` that has the value `prod` .", + "title": "FilterString", + "type": "string" + } + }, + "required": [ + "FilterString" + ], + "type": "object" + }, + "AWS::ResourceGroups::Group": { "additionalProperties": false, "properties": { "Condition": { @@ -225934,42 +273066,54 @@ "Properties": { "additionalProperties": false, "properties": { - "DBSecurityGroupIngress": { + "Configuration": { "items": { - "$ref": "#/definitions/AWS::RDS::DBSecurityGroup.Ingress" + "$ref": "#/definitions/AWS::ResourceGroups::Group.ConfigurationItem" }, - "markdownDescription": "Ingress rules to be applied to the DB security group.", - "title": "DBSecurityGroupIngress", + "markdownDescription": "The service configuration currently associated with the resource group and in effect for the members of the resource group. A `Configuration` consists of one or more `ConfigurationItem` entries. For information about service configurations for resource groups and how to construct them, see [Service configurations for resource groups](https://docs.aws.amazon.com//ARG/latest/APIReference/about-slg.html) in the *AWS Resource Groups User Guide* .\n\n> You can include either a `Configuration` or a `ResourceQuery` , but not both.", + "title": "Configuration", "type": "array" }, - "EC2VpcId": { - "markdownDescription": "The identifier of an Amazon virtual private cloud (VPC). This property indicates the VPC that this DB security group belongs to.\n\n> This property is included for backwards compatibility and is no longer recommended for providing security information to an RDS DB instance.", - "title": "EC2VpcId", + "Description": { + "markdownDescription": "The description of the resource group.", + "title": "Description", "type": "string" }, - "GroupDescription": { - "markdownDescription": "Provides the description of the DB security group.", - "title": "GroupDescription", + "Name": { + "markdownDescription": "The name of a resource group. The name must be unique within the AWS Region in which you create the resource. To create multiple resource groups based on the same CloudFormation stack, you must generate unique names for each.", + "title": "Name", "type": "string" }, + "ResourceQuery": { + "$ref": "#/definitions/AWS::ResourceGroups::Group.ResourceQuery", + "markdownDescription": "The resource query structure that is used to dynamically determine which AWS resources are members of the associated resource group. For more information about queries and how to construct them, see [Build queries and groups in AWS Resource Groups](https://docs.aws.amazon.com//ARG/latest/userguide/gettingstarted-query.html) in the *AWS Resource Groups User Guide*\n\n> - You can include either a `ResourceQuery` or a `Configuration` , but not both.\n> - You can specify the group's membership either by using a `ResourceQuery` or by using a list of `Resources` , but not both.", + "title": "ResourceQuery" + }, + "Resources": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the Amazon Resource Names (ARNs) of AWS resources that you want to add to the specified group.\n\n> - You can specify the group membership either by using a list of `Resources` or by using a `ResourceQuery` , but not both.\n> - You can include a `Resources` property only if you also specify a `Configuration` property.", + "title": "Resources", + "type": "array" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata assigned to an Amazon RDS resource consisting of a key-value pair.\n\nFor more information, see [Tagging Amazon RDS resources](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) in the *Amazon RDS User Guide* or [Tagging Amazon Aurora and Amazon RDS resources](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Tagging.html) in the *Amazon Aurora User Guide* .", + "markdownDescription": "The tag key and value pairs that are attached to the resource group.", "title": "Tags", "type": "array" } }, "required": [ - "DBSecurityGroupIngress", - "GroupDescription" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::RDS::DBSecurityGroup" + "AWS::ResourceGroups::Group" ], "type": "string" }, @@ -225988,33 +273132,107 @@ ], "type": "object" }, - "AWS::RDS::DBSecurityGroup.Ingress": { + "AWS::ResourceGroups::Group.ConfigurationItem": { "additionalProperties": false, "properties": { - "CIDRIP": { - "markdownDescription": "The IP range to authorize.", - "title": "CIDRIP", - "type": "string" + "Parameters": { + "items": { + "$ref": "#/definitions/AWS::ResourceGroups::Group.ConfigurationParameter" + }, + "markdownDescription": "A collection of parameters for this configuration item. For the list of parameters that you can use with each configuration item `Type` , see [Supported resource types and parameters](https://docs.aws.amazon.com//ARG/latest/APIReference/about-slg.html#about-slg-types) in the *AWS Resource Groups User Guide* .", + "title": "Parameters", + "type": "array" }, - "EC2SecurityGroupId": { - "markdownDescription": "Id of the EC2 security group to authorize. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.", - "title": "EC2SecurityGroupId", + "Type": { + "markdownDescription": "Specifies the type of configuration item. Each item must have a unique value for type. For the list of the types that you can specify for a configuration item, see [Supported resource types and parameters](https://docs.aws.amazon.com//ARG/latest/APIReference/about-slg.html#about-slg-types) in the *AWS Resource Groups User Guide* .", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ResourceGroups::Group.ConfigurationParameter": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the group configuration parameter. For the list of parameters that you can use with each configuration item type, see [Supported resource types and parameters](https://docs.aws.amazon.com//ARG/latest/APIReference/about-slg.html#about-slg-types) in the *AWS Resource Groups User Guide* .", + "title": "Name", "type": "string" }, - "EC2SecurityGroupName": { - "markdownDescription": "Name of the EC2 security group to authorize. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.", - "title": "EC2SecurityGroupName", + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The value or values to be used for the specified parameter. For the list of values you can use with each parameter, see [Supported resource types and parameters](https://docs.aws.amazon.com//ARG/latest/APIReference/about-slg.html#about-slg-types) .", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ResourceGroups::Group.Query": { + "additionalProperties": false, + "properties": { + "ResourceTypeFilters": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies limits to the types of resources that can be included in the resource group. For example, if `ResourceTypeFilters` is `[\"AWS::EC2::Instance\", \"AWS::DynamoDB::Table\"]` , only EC2 instances or DynamoDB tables can be members of this resource group. The default value is `[\"AWS::AllSupported\"]` .", + "title": "ResourceTypeFilters", + "type": "array" + }, + "StackIdentifier": { + "markdownDescription": "Specifies the ARN of a CloudFormation stack. All supported resources of the CloudFormation stack are members of the resource group. If you don't specify an ARN, this parameter defaults to the current stack that you are defining, which means that all the resources of the current stack are grouped.\n\nYou can specify a value for `StackIdentifier` only when the `ResourceQuery.Type` property is `CLOUDFORMATION_STACK_1_0.`", + "title": "StackIdentifier", "type": "string" }, - "EC2SecurityGroupOwnerId": { - "markdownDescription": "AWS account number of the owner of the EC2 security group specified in the `EC2SecurityGroupName` parameter. The AWS access key ID isn't an acceptable value. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.", - "title": "EC2SecurityGroupOwnerId", + "TagFilters": { + "items": { + "$ref": "#/definitions/AWS::ResourceGroups::Group.TagFilter" + }, + "markdownDescription": "A list of key-value pair objects that limit which resources can be members of the resource group. This property is required when the `ResourceQuery.Type` property is `TAG_FILTERS_1_0` .\n\nA resource must have a tag that matches every filter that is provided in the `TagFilters` list.", + "title": "TagFilters", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ResourceGroups::Group.ResourceQuery": { + "additionalProperties": false, + "properties": { + "Query": { + "$ref": "#/definitions/AWS::ResourceGroups::Group.Query", + "markdownDescription": "The query that defines the membership of the group. This is a structure with properties that depend on the `Type` .\n\nThe `Query` structure must be included in the following scenarios:\n\n- When the `Type` is `TAG_FILTERS_1_0` , you must specify a `Query` structure that contains a `TagFilters` list of tags. Resources with tags that match those in the `TagFilter` list become members of the resource group.\n- When the `Type` is `CLOUDFORMATION_STACK_1_0` then this field is required only when you must specify a CloudFormation stack other than the one you are defining. To do this, the `Query` structure must contain the `StackIdentifier` property. If you don't specify either a `Query` structure or a `StackIdentifier` within that `Query` , then it defaults to the CloudFormation stack that you're currently constructing.", + "title": "Query" + }, + "Type": { + "markdownDescription": "Specifies the type of resource query that determines this group's membership. There are two valid query types:\n\n- `TAG_FILTERS_1_0` indicates that the group is a tag-based group. To complete the group membership, you must include the `TagFilters` property to specify the tag filters to use in the query.\n- `CLOUDFORMATION_STACK_1_0` , the default, indicates that the group is a CloudFormation stack-based group. Group membership is based on the CloudFormation stack. You must specify the `StackIdentifier` property in the query to define which stack to associate the group with, or leave it empty to default to the stack where the group is defined.", + "title": "Type", "type": "string" } }, "type": "object" }, - "AWS::RDS::DBSecurityGroupIngress": { + "AWS::ResourceGroups::Group.TagFilter": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "A string that defines a tag key. Only resources in the account that are tagged with a specified tag key are members of the tag-based resource group.\n\nThis field is required when the `ResourceQuery` structure's `Type` property is `TAG_FILTERS_1_0` . You must specify at least one tag key.", + "title": "Key", + "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of tag values that can be included in the tag-based resource group. This is optional. If you don't specify a value or values for a key, then an AWS resource with any value for that key is a member.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ResourceGroups::TagSyncTask": { "additionalProperties": false, "properties": { "Condition": { @@ -226049,40 +273267,38 @@ "Properties": { "additionalProperties": false, "properties": { - "CIDRIP": { - "markdownDescription": "The IP range to authorize.", - "title": "CIDRIP", - "type": "string" - }, - "DBSecurityGroupName": { - "markdownDescription": "The name of the DB security group to add authorization to.", - "title": "DBSecurityGroupName", + "Group": { + "markdownDescription": "The Amazon resource name (ARN) or name of the application group for which you want to create a tag-sync task.", + "title": "Group", "type": "string" }, - "EC2SecurityGroupId": { - "markdownDescription": "Id of the EC2 security group to authorize. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.", - "title": "EC2SecurityGroupId", + "RoleArn": { + "markdownDescription": "The Amazon resource name (ARN) of the role assumed by the service to tag and untag resources on your behalf.", + "title": "RoleArn", "type": "string" }, - "EC2SecurityGroupName": { - "markdownDescription": "Name of the EC2 security group to authorize. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.", - "title": "EC2SecurityGroupName", + "TagKey": { + "markdownDescription": "The tag key.", + "title": "TagKey", "type": "string" }, - "EC2SecurityGroupOwnerId": { - "markdownDescription": "AWS account number of the owner of the EC2 security group specified in the `EC2SecurityGroupName` parameter. The AWS access key ID isn't an acceptable value. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.", - "title": "EC2SecurityGroupOwnerId", + "TagValue": { + "markdownDescription": "The tag value.", + "title": "TagValue", "type": "string" } }, "required": [ - "DBSecurityGroupName" + "Group", + "RoleArn", + "TagKey", + "TagValue" ], "type": "object" }, "Type": { "enum": [ - "AWS::RDS::DBSecurityGroupIngress" + "AWS::ResourceGroups::TagSyncTask" ], "type": "string" }, @@ -226101,7 +273317,7 @@ ], "type": "object" }, - "AWS::RDS::DBSubnetGroup": { + "AWS::RoboMaker::Fleet": { "additionalProperties": false, "properties": { "Condition": { @@ -226136,42 +273352,28 @@ "Properties": { "additionalProperties": false, "properties": { - "DBSubnetGroupDescription": { - "markdownDescription": "The description for the DB subnet group.", - "title": "DBSubnetGroupDescription", - "type": "string" - }, - "DBSubnetGroupName": { - "markdownDescription": "The name for the DB subnet group. This value is stored as a lowercase string.\n\nConstraints:\n\n- Must contain no more than 255 letters, numbers, periods, underscores, spaces, or hyphens.\n- Must not be default.\n- First character must be a letter.\n\nExample: `mydbsubnetgroup`", - "title": "DBSubnetGroupName", + "Name": { + "markdownDescription": "The name of the fleet.", + "title": "Name", "type": "string" }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The EC2 Subnet IDs for the DB subnet group.", - "title": "SubnetIds", - "type": "array" - }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "The list of all tags added to the fleet.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "Tags to assign to the DB subnet group.", "title": "Tags", - "type": "array" + "type": "object" } }, - "required": [ - "DBSubnetGroupDescription", - "SubnetIds" - ], "type": "object" }, "Type": { "enum": [ - "AWS::RDS::DBSubnetGroup" + "AWS::RoboMaker::Fleet" ], "type": "string" }, @@ -226185,12 +273387,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::RDS::EventSubscription": { + "AWS::RoboMaker::Robot": { "additionalProperties": false, "properties": { "Condition": { @@ -226225,59 +273426,47 @@ "Properties": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Specifies whether to activate the subscription. If the event notification subscription isn't activated, the subscription is created but not active.", - "title": "Enabled", - "type": "boolean" - }, - "EventCategories": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of event categories for a particular source type ( `SourceType` ) that you want to subscribe to. You can see a list of the categories for a given source type in the \"Amazon RDS event categories and event messages\" section of the [*Amazon RDS User Guide*](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Events.Messages.html) or the [*Amazon Aurora User Guide*](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Events.Messages.html) . You can also see this list by using the `DescribeEventCategories` operation.", - "title": "EventCategories", - "type": "array" - }, - "SnsTopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the SNS topic created for event notification. SNS automatically creates the ARN when you create a topic and subscribe to it.\n\n> RDS doesn't support FIFO (first in, first out) topics. For more information, see [Message ordering and deduplication (FIFO topics)](https://docs.aws.amazon.com/sns/latest/dg/sns-fifo-topics.html) in the *Amazon Simple Notification Service Developer Guide* .", - "title": "SnsTopicArn", + "Architecture": { + "markdownDescription": "The architecture of the robot.", + "title": "Architecture", "type": "string" }, - "SourceIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of identifiers of the event sources for which events are returned. If not specified, then all sources are included in the response. An identifier must begin with a letter and must contain only ASCII letters, digits, and hyphens. It can't end with a hyphen or contain two consecutive hyphens.\n\nConstraints:\n\n- If `SourceIds` are supplied, `SourceType` must also be provided.\n- If the source type is a DB instance, a `DBInstanceIdentifier` value must be supplied.\n- If the source type is a DB cluster, a `DBClusterIdentifier` value must be supplied.\n- If the source type is a DB parameter group, a `DBParameterGroupName` value must be supplied.\n- If the source type is a DB security group, a `DBSecurityGroupName` value must be supplied.\n- If the source type is a DB snapshot, a `DBSnapshotIdentifier` value must be supplied.\n- If the source type is a DB cluster snapshot, a `DBClusterSnapshotIdentifier` value must be supplied.\n- If the source type is an RDS Proxy, a `DBProxyName` value must be supplied.", - "title": "SourceIds", - "type": "array" + "Fleet": { + "markdownDescription": "The Amazon Resource Name (ARN) of the fleet to which the robot will be registered.", + "title": "Fleet", + "type": "string" }, - "SourceType": { - "markdownDescription": "The type of source that is generating the events. For example, if you want to be notified of events generated by a DB instance, you set this parameter to `db-instance` . For RDS Proxy events, specify `db-proxy` . If this value isn't specified, all events are returned.\n\nValid Values: `db-instance | db-cluster | db-parameter-group | db-security-group | db-snapshot | db-cluster-snapshot | db-proxy | zero-etl | custom-engine-version | blue-green-deployment`", - "title": "SourceType", + "GreengrassGroupId": { + "markdownDescription": "The Greengrass group associated with the robot.", + "title": "GreengrassGroupId", "type": "string" }, - "SubscriptionName": { - "markdownDescription": "The name of the subscription.\n\nConstraints: The name must be less than 255 characters.", - "title": "SubscriptionName", + "Name": { + "markdownDescription": "The name of the robot.", + "title": "Name", "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "A map that contains tag keys and tag values that are attached to the robot.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "An optional array of key-value pairs to apply to this subscription.", "title": "Tags", - "type": "array" + "type": "object" } }, "required": [ - "SnsTopicArn" + "Architecture", + "GreengrassGroupId" ], "type": "object" }, "Type": { "enum": [ - "AWS::RDS::EventSubscription" + "AWS::RoboMaker::Robot" ], "type": "string" }, @@ -226296,7 +273485,7 @@ ], "type": "object" }, - "AWS::RDS::GlobalCluster": { + "AWS::RoboMaker::RobotApplication": { "additionalProperties": false, "properties": { "Condition": { @@ -226331,42 +273520,54 @@ "Properties": { "additionalProperties": false, "properties": { - "DeletionProtection": { - "markdownDescription": "Specifies whether to enable deletion protection for the new global database cluster. The global database can't be deleted when deletion protection is enabled.", - "title": "DeletionProtection", - "type": "boolean" - }, - "Engine": { - "markdownDescription": "The database engine to use for this global database cluster.\n\nValid Values: `aurora-mysql | aurora-postgresql`\n\nConstraints:\n\n- Can't be specified if `SourceDBClusterIdentifier` is specified. In this case, Amazon Aurora uses the engine of the source DB cluster.", - "title": "Engine", + "CurrentRevisionId": { + "markdownDescription": "The current revision id.", + "title": "CurrentRevisionId", "type": "string" }, - "EngineVersion": { - "markdownDescription": "The engine version to use for this global database cluster.\n\nConstraints:\n\n- Can't be specified if `SourceDBClusterIdentifier` is specified. In this case, Amazon Aurora uses the engine version of the source DB cluster.", - "title": "EngineVersion", + "Environment": { + "markdownDescription": "The environment of the robot application.", + "title": "Environment", "type": "string" }, - "GlobalClusterIdentifier": { - "markdownDescription": "The cluster identifier for this global database cluster. This parameter is stored as a lowercase string.", - "title": "GlobalClusterIdentifier", + "Name": { + "markdownDescription": "The name of the robot application.", + "title": "Name", "type": "string" }, - "SourceDBClusterIdentifier": { - "markdownDescription": "The Amazon Resource Name (ARN) to use as the primary cluster of the global database.\n\nIf you provide a value for this parameter, don't specify values for the following settings because Amazon Aurora uses the values from the specified source DB cluster:\n\n- `DatabaseName`\n- `Engine`\n- `EngineVersion`\n- `StorageEncrypted`", - "title": "SourceDBClusterIdentifier", - "type": "string" + "RobotSoftwareSuite": { + "$ref": "#/definitions/AWS::RoboMaker::RobotApplication.RobotSoftwareSuite", + "markdownDescription": "The robot software suite used by the robot application.", + "title": "RobotSoftwareSuite" }, - "StorageEncrypted": { - "markdownDescription": "Specifies whether to enable storage encryption for the new global database cluster.\n\nConstraints:\n\n- Can't be specified if `SourceDBClusterIdentifier` is specified. In this case, Amazon Aurora uses the setting from the source DB cluster.", - "title": "StorageEncrypted", - "type": "boolean" + "Sources": { + "items": { + "$ref": "#/definitions/AWS::RoboMaker::RobotApplication.SourceConfig" + }, + "markdownDescription": "The sources of the robot application.", + "title": "Sources", + "type": "array" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "A map that contains tag keys and tag values that are attached to the robot application.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" } }, + "required": [ + "RobotSoftwareSuite" + ], "type": "object" }, "Type": { "enum": [ - "AWS::RDS::GlobalCluster" + "AWS::RoboMaker::RobotApplication" ], "type": "string" }, @@ -226380,123 +273581,57 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::RDS::Integration": { + "AWS::RoboMaker::RobotApplication.RobotSoftwareSuite": { "additionalProperties": false, "properties": { - "Condition": { + "Name": { + "markdownDescription": "The name of the robot software suite. `General` is the only supported value.", + "title": "Name", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Version": { + "markdownDescription": "The version of the robot software suite. Not applicable for General software suite.", + "title": "Version", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::RoboMaker::RobotApplication.SourceConfig": { + "additionalProperties": false, + "properties": { + "Architecture": { + "markdownDescription": "The target processor architecture for the application.", + "title": "Architecture", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AdditionalEncryptionContext": { - "additionalProperties": true, - "markdownDescription": "An optional set of non-secret key\u2013value pairs that contains additional contextual information about the data. For more information, see [Encryption context](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context) in the *AWS Key Management Service Developer Guide* .\n\nYou can only include this parameter if you specify the `KMSKeyId` parameter.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "AdditionalEncryptionContext", - "type": "object" - }, - "DataFilter": { - "markdownDescription": "Data filters for the integration. These filters determine which tables from the source database are sent to the target Amazon Redshift data warehouse.", - "title": "DataFilter", - "type": "string" - }, - "Description": { - "markdownDescription": "A description of the integration.", - "title": "Description", - "type": "string" - }, - "IntegrationName": { - "markdownDescription": "The name of the integration.", - "title": "IntegrationName", - "type": "string" - }, - "KMSKeyId": { - "markdownDescription": "The AWS Key Management System ( AWS KMS) key identifier for the key to use to encrypt the integration. If you don't specify an encryption key, RDS uses a default AWS owned key.", - "title": "KMSKeyId", - "type": "string" - }, - "SourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the database to use as the source for replication.", - "title": "SourceArn", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An optional array of key-value pairs to apply to this integration.", - "title": "Tags", - "type": "array" - }, - "TargetArn": { - "markdownDescription": "The ARN of the Redshift data warehouse to use as the target for replication.", - "title": "TargetArn", - "type": "string" - } - }, - "required": [ - "SourceArn", - "TargetArn" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::RDS::Integration" - ], + "S3Bucket": { + "markdownDescription": "The Amazon S3 bucket name.", + "title": "S3Bucket", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "S3Key": { + "markdownDescription": "The s3 object key.", + "title": "S3Key", "type": "string" } }, "required": [ - "Type", - "Properties" + "Architecture", + "S3Bucket", + "S3Key" ], "type": "object" }, - "AWS::RDS::OptionGroup": { + "AWS::RoboMaker::RobotApplicationVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -226531,53 +273666,25 @@ "Properties": { "additionalProperties": false, "properties": { - "EngineName": { - "markdownDescription": "Specifies the name of the engine that this option group should be associated with.\n\nValid Values:\n\n- `mariadb`\n- `mysql`\n- `oracle-ee`\n- `oracle-ee-cdb`\n- `oracle-se2`\n- `oracle-se2-cdb`\n- `postgres`\n- `sqlserver-ee`\n- `sqlserver-se`\n- `sqlserver-ex`\n- `sqlserver-web`", - "title": "EngineName", - "type": "string" - }, - "MajorEngineVersion": { - "markdownDescription": "Specifies the major version of the engine that this option group should be associated with.", - "title": "MajorEngineVersion", - "type": "string" - }, - "OptionConfigurations": { - "items": { - "$ref": "#/definitions/AWS::RDS::OptionGroup.OptionConfiguration" - }, - "markdownDescription": "A list of all available options for an option group.", - "title": "OptionConfigurations", - "type": "array" - }, - "OptionGroupDescription": { - "markdownDescription": "The description of the option group.", - "title": "OptionGroupDescription", + "Application": { + "markdownDescription": "The application information for the robot application.", + "title": "Application", "type": "string" }, - "OptionGroupName": { - "markdownDescription": "The name of the option group to be created.\n\nConstraints:\n\n- Must be 1 to 255 letters, numbers, or hyphens\n- First character must be a letter\n- Can't end with a hyphen or contain two consecutive hyphens\n\nExample: `myoptiongroup`\n\nIf you don't specify a value for `OptionGroupName` property, a name is automatically created for the option group.\n\n> This value is stored as a lowercase string.", - "title": "OptionGroupName", + "CurrentRevisionId": { + "markdownDescription": "The current revision id for the robot application. If you provide a value and it matches the latest revision ID, a new version will be created.", + "title": "CurrentRevisionId", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Tags to assign to the option group.", - "title": "Tags", - "type": "array" } }, "required": [ - "EngineName", - "MajorEngineVersion", - "OptionGroupDescription" + "Application" ], "type": "object" }, "Type": { "enum": [ - "AWS::RDS::OptionGroup" + "AWS::RoboMaker::RobotApplicationVersion" ], "type": "string" }, @@ -226596,71 +273703,7 @@ ], "type": "object" }, - "AWS::RDS::OptionGroup.OptionConfiguration": { - "additionalProperties": false, - "properties": { - "DBSecurityGroupMemberships": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of DB security groups used for this option.", - "title": "DBSecurityGroupMemberships", - "type": "array" - }, - "OptionName": { - "markdownDescription": "The configuration of options to include in a group.", - "title": "OptionName", - "type": "string" - }, - "OptionSettings": { - "items": { - "$ref": "#/definitions/AWS::RDS::OptionGroup.OptionSetting" - }, - "markdownDescription": "The option settings to include in an option group.", - "title": "OptionSettings", - "type": "array" - }, - "OptionVersion": { - "markdownDescription": "The version for the option.", - "title": "OptionVersion", - "type": "string" - }, - "Port": { - "markdownDescription": "The optional port for the option.", - "title": "Port", - "type": "number" - }, - "VpcSecurityGroupMemberships": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of VPC security group names used for this option.", - "title": "VpcSecurityGroupMemberships", - "type": "array" - } - }, - "required": [ - "OptionName" - ], - "type": "object" - }, - "AWS::RDS::OptionGroup.OptionSetting": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the option that has settings that you can set.", - "title": "Name", - "type": "string" - }, - "Value": { - "markdownDescription": "The current value of the option setting.", - "title": "Value", - "type": "string" - } - }, - "type": "object" - }, - "AWS::RUM::AppMonitor": { + "AWS::RoboMaker::SimulationApplication": { "additionalProperties": false, "properties": { "Condition": { @@ -226695,49 +273738,65 @@ "Properties": { "additionalProperties": false, "properties": { - "AppMonitorConfiguration": { - "$ref": "#/definitions/AWS::RUM::AppMonitor.AppMonitorConfiguration", - "markdownDescription": "A structure that contains much of the configuration data for the app monitor. If you are using Amazon Cognito for authorization, you must include this structure in your request, and it must include the ID of the Amazon Cognito identity pool to use for authorization. If you don't include `AppMonitorConfiguration` , you must set up your own authorization method. For more information, see [Authorize your application to send data to AWS](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-RUM-get-started-authorization.html) .\n\nIf you omit this argument, the sample rate used for CloudWatch RUM is set to 10% of the user sessions.", - "title": "AppMonitorConfiguration" - }, - "CustomEvents": { - "$ref": "#/definitions/AWS::RUM::AppMonitor.CustomEvents", - "markdownDescription": "Specifies whether this app monitor allows the web client to define and send custom events. If you omit this parameter, custom events are `DISABLED` .", - "title": "CustomEvents" - }, - "CwLogEnabled": { - "markdownDescription": "Data collected by CloudWatch RUM is kept by RUM for 30 days and then deleted. This parameter specifies whether CloudWatch RUM sends a copy of this telemetry data to Amazon CloudWatch Logs in your account. This enables you to keep the telemetry data for more than 30 days, but it does incur Amazon CloudWatch Logs charges.\n\nIf you omit this parameter, the default is `false` .", - "title": "CwLogEnabled", - "type": "boolean" + "CurrentRevisionId": { + "markdownDescription": "The current revision id.", + "title": "CurrentRevisionId", + "type": "string" }, - "Domain": { - "markdownDescription": "The top-level internet domain name for which your application has administrative authority. This parameter or the `DomainList` parameter is required.", - "title": "Domain", + "Environment": { + "markdownDescription": "The environment of the simulation application.", + "title": "Environment", "type": "string" }, "Name": { - "markdownDescription": "A name for the app monitor. This parameter is required.", + "markdownDescription": "The name of the simulation application.", "title": "Name", "type": "string" }, - "Tags": { + "RenderingEngine": { + "$ref": "#/definitions/AWS::RoboMaker::SimulationApplication.RenderingEngine", + "markdownDescription": "The rendering engine for the simulation application.", + "title": "RenderingEngine" + }, + "RobotSoftwareSuite": { + "$ref": "#/definitions/AWS::RoboMaker::SimulationApplication.RobotSoftwareSuite", + "markdownDescription": "The robot software suite used by the simulation application.", + "title": "RobotSoftwareSuite" + }, + "SimulationSoftwareSuite": { + "$ref": "#/definitions/AWS::RoboMaker::SimulationApplication.SimulationSoftwareSuite", + "markdownDescription": "The simulation software suite used by the simulation application.", + "title": "SimulationSoftwareSuite" + }, + "Sources": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::RoboMaker::SimulationApplication.SourceConfig" }, - "markdownDescription": "Assigns one or more tags (key-value pairs) to the app monitor.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with an app monitor.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .", - "title": "Tags", + "markdownDescription": "The sources of the simulation application.", + "title": "Sources", "type": "array" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "A map that contains tag keys and tag values that are attached to the simulation application.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" } }, "required": [ - "Domain", - "Name" + "RobotSoftwareSuite", + "SimulationSoftwareSuite" ], "type": "object" }, "Type": { "enum": [ - "AWS::RUM::AppMonitor" + "AWS::RoboMaker::SimulationApplication" ], "type": "string" }, @@ -226756,125 +273815,56 @@ ], "type": "object" }, - "AWS::RUM::AppMonitor.AppMonitorConfiguration": { + "AWS::RoboMaker::SimulationApplication.RenderingEngine": { "additionalProperties": false, "properties": { - "AllowCookies": { - "markdownDescription": "If you set this to `true` , the CloudWatch RUM web client sets two cookies, a session cookie and a user cookie. The cookies allow the CloudWatch RUM web client to collect data relating to the number of users an application has and the behavior of the application across a sequence of events. Cookies are stored in the top-level domain of the current page.", - "title": "AllowCookies", - "type": "boolean" - }, - "EnableXRay": { - "markdownDescription": "If you set this to `true` , CloudWatch RUM sends client-side traces to X-Ray for each sampled session. You can then see traces and segments from these user sessions in the RUM dashboard and the CloudWatch ServiceLens console. For more information, see [What is AWS X-Ray ?](https://docs.aws.amazon.com/xray/latest/devguide/aws-xray.html)", - "title": "EnableXRay", - "type": "boolean" - }, - "ExcludedPages": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of URLs in your website or application to exclude from RUM data collection.\n\nYou can't include both `ExcludedPages` and `IncludedPages` in the same app monitor.", - "title": "ExcludedPages", - "type": "array" - }, - "FavoritePages": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of pages in your application that are to be displayed with a \"favorite\" icon in the CloudWatch RUM console.", - "title": "FavoritePages", - "type": "array" - }, - "GuestRoleArn": { - "markdownDescription": "The ARN of the guest IAM role that is attached to the Amazon Cognito identity pool that is used to authorize the sending of data to CloudWatch RUM.", - "title": "GuestRoleArn", + "Name": { + "markdownDescription": "The name of the rendering engine.", + "title": "Name", "type": "string" }, - "IdentityPoolId": { - "markdownDescription": "The ID of the Amazon Cognito identity pool that is used to authorize the sending of data to CloudWatch RUM.", - "title": "IdentityPoolId", + "Version": { + "markdownDescription": "The version of the rendering engine.", + "title": "Version", "type": "string" - }, - "IncludedPages": { - "items": { - "type": "string" - }, - "markdownDescription": "If this app monitor is to collect data from only certain pages in your application, this structure lists those pages.\n\nYou can't include both `ExcludedPages` and `IncludedPages` in the same app monitor.", - "title": "IncludedPages", - "type": "array" - }, - "MetricDestinations": { - "items": { - "$ref": "#/definitions/AWS::RUM::AppMonitor.MetricDestination" - }, - "markdownDescription": "An array of structures that each define a destination that this app monitor will send extended metrics to.", - "title": "MetricDestinations", - "type": "array" - }, - "SessionSampleRate": { - "markdownDescription": "Specifies the portion of user sessions to use for CloudWatch RUM data collection. Choosing a higher portion gives you more data but also incurs more costs.\n\nThe range for this value is 0 to 1 inclusive. Setting this to 1 means that 100% of user sessions are sampled, and setting it to 0.1 means that 10% of user sessions are sampled.\n\nIf you omit this parameter, the default of 0.1 is used, and 10% of sessions will be sampled.", - "title": "SessionSampleRate", - "type": "number" - }, - "Telemetries": { - "items": { - "type": "string" - }, - "markdownDescription": "An array that lists the types of telemetry data that this app monitor is to collect.\n\n- `errors` indicates that RUM collects data about unhandled JavaScript errors raised by your application.\n- `performance` indicates that RUM collects performance data about how your application and its resources are loaded and rendered. This includes Core Web Vitals.\n- `http` indicates that RUM collects data about HTTP errors thrown by your application.", - "title": "Telemetries", - "type": "array" } }, + "required": [ + "Name", + "Version" + ], "type": "object" }, - "AWS::RUM::AppMonitor.CustomEvents": { + "AWS::RoboMaker::SimulationApplication.RobotSoftwareSuite": { "additionalProperties": false, "properties": { - "Status": { - "markdownDescription": "Set this to `ENABLED` to allow the web client to send custom events for this app monitor.\n\nValid values are `ENABLED` and `DISABLED` .", - "title": "Status", + "Name": { + "markdownDescription": "The name of the robot software suite. `General` is the only supported value.", + "title": "Name", + "type": "string" + }, + "Version": { + "markdownDescription": "The version of the robot software suite. Not applicable for General software suite.", + "title": "Version", "type": "string" } }, + "required": [ + "Name" + ], "type": "object" }, - "AWS::RUM::AppMonitor.MetricDefinition": { + "AWS::RoboMaker::SimulationApplication.SimulationSoftwareSuite": { "additionalProperties": false, "properties": { - "DimensionKeys": { - "additionalProperties": true, - "markdownDescription": "This field is a map of field paths to dimension names. It defines the dimensions to associate with this metric in CloudWatch . The value of this field is used only if the metric destination is `CloudWatch` . If the metric destination is `Evidently` , the value of `DimensionKeys` is ignored.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "DimensionKeys", - "type": "object" - }, - "EventPattern": { - "markdownDescription": "The pattern that defines the metric. RUM checks events that happen in a user's session against the pattern, and events that match the pattern are sent to the metric destination.\n\nIf the metrics destination is `CloudWatch` and the event also matches a value in `DimensionKeys` , then the metric is published with the specified dimensions.", - "title": "EventPattern", - "type": "string" - }, "Name": { - "markdownDescription": "The name of the metric that is defined in this structure.", + "markdownDescription": "The name of the simulation software suite. `SimulationRuntime` is the only supported value.", "title": "Name", "type": "string" }, - "Namespace": { - "markdownDescription": "If you are creating a custom metric instead of an extended metrics, use this parameter to define the metric namespace for that custom metric. Do not specify this parameter if you are creating an extended metric.\n\nYou can't use any string that starts with `AWS/` for your namespace.", - "title": "Namespace", - "type": "string" - }, - "UnitLabel": { - "markdownDescription": "Use this field only if you are sending this metric to CloudWatch . It defines the CloudWatch metric unit that this metric is measured in.", - "title": "UnitLabel", - "type": "string" - }, - "ValueKey": { - "markdownDescription": "The field within the event object that the metric value is sourced from.", - "title": "ValueKey", + "Version": { + "markdownDescription": "The version of the simulation software suite. Not applicable for `SimulationRuntime` .", + "title": "Version", "type": "string" } }, @@ -226883,39 +273873,33 @@ ], "type": "object" }, - "AWS::RUM::AppMonitor.MetricDestination": { + "AWS::RoboMaker::SimulationApplication.SourceConfig": { "additionalProperties": false, "properties": { - "Destination": { - "markdownDescription": "Defines the destination to send the metrics to. Valid values are `CloudWatch` and `Evidently` . If you specify `Evidently` , you must also specify the ARN of the CloudWatch Evidently experiment that is to be the destination and an IAM role that has permission to write to the experiment.", - "title": "Destination", + "Architecture": { + "markdownDescription": "The target processor architecture for the application.", + "title": "Architecture", "type": "string" }, - "DestinationArn": { - "markdownDescription": "Use this parameter only if `Destination` is `Evidently` . This parameter specifies the ARN of the Evidently experiment that will receive the extended metrics.", - "title": "DestinationArn", + "S3Bucket": { + "markdownDescription": "The Amazon S3 bucket name.", + "title": "S3Bucket", "type": "string" }, - "IamRoleArn": { - "markdownDescription": "This parameter is required if `Destination` is `Evidently` . If `Destination` is `CloudWatch` , do not use this parameter.\n\nThis parameter specifies the ARN of an IAM role that RUM will assume to write to the Evidently experiment that you are sending metrics to. This role must have permission to write to that experiment.", - "title": "IamRoleArn", + "S3Key": { + "markdownDescription": "The s3 object key.", + "title": "S3Key", "type": "string" - }, - "MetricDefinitions": { - "items": { - "$ref": "#/definitions/AWS::RUM::AppMonitor.MetricDefinition" - }, - "markdownDescription": "An array of structures which define the metrics that you want to send.", - "title": "MetricDefinitions", - "type": "array" } }, "required": [ - "Destination" + "Architecture", + "S3Bucket", + "S3Key" ], "type": "object" }, - "AWS::Redshift::Cluster": { + "AWS::RoboMaker::SimulationApplicationVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -226950,290 +273934,25 @@ "Properties": { "additionalProperties": false, "properties": { - "AllowVersionUpgrade": { - "markdownDescription": "If `true` , major version upgrades can be applied during the maintenance window to the Amazon Redshift engine that is running on the cluster.\n\nWhen a new major version of the Amazon Redshift engine is released, you can request that the service automatically apply upgrades during the maintenance window to the Amazon Redshift engine that is running on your cluster.\n\nDefault: `true`", - "title": "AllowVersionUpgrade", - "type": "boolean" - }, - "AquaConfigurationStatus": { - "markdownDescription": "This parameter is retired. It does not set the AQUA configuration status. Amazon Redshift automatically determines whether to use AQUA (Advanced Query Accelerator).", - "title": "AquaConfigurationStatus", - "type": "string" - }, - "AutomatedSnapshotRetentionPeriod": { - "markdownDescription": "The number of days that automated snapshots are retained. If the value is 0, automated snapshots are disabled. Even if automated snapshots are disabled, you can still create manual snapshots when you want with [CreateClusterSnapshot](https://docs.aws.amazon.com/redshift/latest/APIReference/API_CreateClusterSnapshot.html) in the *Amazon Redshift API Reference* .\n\nDefault: `1`\n\nConstraints: Must be a value from 0 to 35.", - "title": "AutomatedSnapshotRetentionPeriod", - "type": "number" - }, - "AvailabilityZone": { - "markdownDescription": "The EC2 Availability Zone (AZ) in which you want Amazon Redshift to provision the cluster. For example, if you have several EC2 instances running in a specific Availability Zone, then you might want the cluster to be provisioned in the same zone in order to decrease network latency.\n\nDefault: A random, system-chosen Availability Zone in the region that is specified by the endpoint.\n\nExample: `us-east-2d`\n\nConstraint: The specified Availability Zone must be in the same region as the current endpoint.", - "title": "AvailabilityZone", - "type": "string" - }, - "AvailabilityZoneRelocation": { - "markdownDescription": "The option to enable relocation for an Amazon Redshift cluster between Availability Zones after the cluster is created.", - "title": "AvailabilityZoneRelocation", - "type": "boolean" - }, - "AvailabilityZoneRelocationStatus": { - "markdownDescription": "Describes the status of the Availability Zone relocation operation.", - "title": "AvailabilityZoneRelocationStatus", - "type": "string" - }, - "Classic": { - "markdownDescription": "A boolean value indicating whether the resize operation is using the classic resize process. If you don't provide this parameter or set the value to `false` , the resize type is elastic.", - "title": "Classic", - "type": "boolean" - }, - "ClusterIdentifier": { - "markdownDescription": "A unique identifier for the cluster. You use this identifier to refer to the cluster for any subsequent cluster operations such as deleting or modifying. The identifier also appears in the Amazon Redshift console.\n\nConstraints:\n\n- Must contain from 1 to 63 alphanumeric characters or hyphens.\n- Alphabetic characters must be lowercase.\n- First character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.\n- Must be unique for all clusters within an AWS account .\n\nExample: `myexamplecluster`", - "title": "ClusterIdentifier", - "type": "string" - }, - "ClusterParameterGroupName": { - "markdownDescription": "The name of the parameter group to be associated with this cluster.\n\nDefault: The default Amazon Redshift cluster parameter group. For information about the default parameter group, go to [Working with Amazon Redshift Parameter Groups](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-parameter-groups.html)\n\nConstraints:\n\n- Must be 1 to 255 alphanumeric characters or hyphens.\n- First character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.", - "title": "ClusterParameterGroupName", - "type": "string" - }, - "ClusterSecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of security groups to be associated with this cluster.\n\nDefault: The default cluster security group for Amazon Redshift.", - "title": "ClusterSecurityGroups", - "type": "array" - }, - "ClusterSubnetGroupName": { - "markdownDescription": "The name of a cluster subnet group to be associated with this cluster.\n\nIf this parameter is not provided the resulting cluster will be deployed outside virtual private cloud (VPC).", - "title": "ClusterSubnetGroupName", - "type": "string" - }, - "ClusterType": { - "markdownDescription": "The type of the cluster. When cluster type is specified as\n\n- `single-node` , the *NumberOfNodes* parameter is not required.\n- `multi-node` , the *NumberOfNodes* parameter is required.\n\nValid Values: `multi-node` | `single-node`\n\nDefault: `multi-node`", - "title": "ClusterType", - "type": "string" - }, - "ClusterVersion": { - "markdownDescription": "The version of the Amazon Redshift engine software that you want to deploy on the cluster.\n\nThe version selected runs on all the nodes in the cluster.\n\nConstraints: Only version 1.0 is currently available.\n\nExample: `1.0`", - "title": "ClusterVersion", - "type": "string" - }, - "DBName": { - "markdownDescription": "The name of the first database to be created when the cluster is created.\n\nTo create additional databases after the cluster is created, connect to the cluster with a SQL client and use SQL commands to create a database. For more information, go to [Create a Database](https://docs.aws.amazon.com/redshift/latest/dg/t_creating_database.html) in the Amazon Redshift Database Developer Guide.\n\nDefault: `dev`\n\nConstraints:\n\n- Must contain 1 to 64 alphanumeric characters.\n- Must contain only lowercase letters.\n- Cannot be a word that is reserved by the service. A list of reserved words can be found in [Reserved Words](https://docs.aws.amazon.com/redshift/latest/dg/r_pg_keywords.html) in the Amazon Redshift Database Developer Guide.", - "title": "DBName", - "type": "string" - }, - "DeferMaintenance": { - "markdownDescription": "A Boolean indicating whether to enable the deferred maintenance window.", - "title": "DeferMaintenance", - "type": "boolean" - }, - "DeferMaintenanceDuration": { - "markdownDescription": "An integer indicating the duration of the maintenance window in days. If you specify a duration, you can't specify an end time. The duration must be 45 days or less.", - "title": "DeferMaintenanceDuration", - "type": "number" - }, - "DeferMaintenanceEndTime": { - "markdownDescription": "A timestamp for the end of the time period when we defer maintenance.", - "title": "DeferMaintenanceEndTime", - "type": "string" - }, - "DeferMaintenanceStartTime": { - "markdownDescription": "A timestamp indicating the start time for the deferred maintenance window.", - "title": "DeferMaintenanceStartTime", - "type": "string" - }, - "DestinationRegion": { - "markdownDescription": "The destination region that snapshots are automatically copied to when cross-region snapshot copy is enabled.", - "title": "DestinationRegion", - "type": "string" - }, - "ElasticIp": { - "markdownDescription": "The Elastic IP (EIP) address for the cluster.\n\nConstraints: The cluster must be provisioned in EC2-VPC and publicly-accessible through an Internet gateway. Don't specify the Elastic IP address for a publicly accessible cluster with availability zone relocation turned on. For more information about provisioning clusters in EC2-VPC, go to [Supported Platforms to Launch Your Cluster](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-clusters.html#cluster-platforms) in the Amazon Redshift Cluster Management Guide.", - "title": "ElasticIp", - "type": "string" - }, - "Encrypted": { - "markdownDescription": "If `true` , the data in the cluster is encrypted at rest. If you set the value on this parameter to `false` , the request will fail.\n\nDefault: true", - "title": "Encrypted", - "type": "boolean" - }, - "Endpoint": { - "$ref": "#/definitions/AWS::Redshift::Cluster.Endpoint", - "markdownDescription": "The connection endpoint.", - "title": "Endpoint" - }, - "EnhancedVpcRouting": { - "markdownDescription": "An option that specifies whether to create the cluster with enhanced VPC routing enabled. To create a cluster that uses enhanced VPC routing, the cluster must be in a VPC. For more information, see [Enhanced VPC Routing](https://docs.aws.amazon.com/redshift/latest/mgmt/enhanced-vpc-routing.html) in the Amazon Redshift Cluster Management Guide.\n\nIf this option is `true` , enhanced VPC routing is enabled.\n\nDefault: false", - "title": "EnhancedVpcRouting", - "type": "boolean" - }, - "HsmClientCertificateIdentifier": { - "markdownDescription": "Specifies the name of the HSM client certificate the Amazon Redshift cluster uses to retrieve the data encryption keys stored in an HSM.", - "title": "HsmClientCertificateIdentifier", - "type": "string" - }, - "HsmConfigurationIdentifier": { - "markdownDescription": "Specifies the name of the HSM configuration that contains the information the Amazon Redshift cluster can use to retrieve and store keys in an HSM.", - "title": "HsmConfigurationIdentifier", - "type": "string" - }, - "IamRoles": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of AWS Identity and Access Management (IAM) roles that can be used by the cluster to access other AWS services. You must supply the IAM roles in their Amazon Resource Name (ARN) format.\n\nThe maximum number of IAM roles that you can associate is subject to a quota. For more information, go to [Quotas and limits](https://docs.aws.amazon.com/redshift/latest/mgmt/amazon-redshift-limits.html) in the *Amazon Redshift Cluster Management Guide* .", - "title": "IamRoles", - "type": "array" - }, - "KmsKeyId": { - "markdownDescription": "The AWS Key Management Service (KMS) key ID of the encryption key that you want to use to encrypt data in the cluster.", - "title": "KmsKeyId", - "type": "string" - }, - "LoggingProperties": { - "$ref": "#/definitions/AWS::Redshift::Cluster.LoggingProperties", - "markdownDescription": "Specifies logging information, such as queries and connection attempts, for the specified Amazon Redshift cluster.", - "title": "LoggingProperties" - }, - "MaintenanceTrackName": { - "markdownDescription": "An optional parameter for the name of the maintenance track for the cluster. If you don't provide a maintenance track name, the cluster is assigned to the `current` track.", - "title": "MaintenanceTrackName", - "type": "string" - }, - "ManageMasterPassword": { - "markdownDescription": "If `true` , Amazon Redshift uses AWS Secrets Manager to manage this cluster's admin credentials. You can't use `MasterUserPassword` if `ManageMasterPassword` is true. If `ManageMasterPassword` is false or not set, Amazon Redshift uses `MasterUserPassword` for the admin user account's password.", - "title": "ManageMasterPassword", - "type": "boolean" - }, - "ManualSnapshotRetentionPeriod": { - "markdownDescription": "The default number of days to retain a manual snapshot. If the value is -1, the snapshot is retained indefinitely. This setting doesn't change the retention period of existing snapshots.\n\nThe value must be either -1 or an integer between 1 and 3,653.", - "title": "ManualSnapshotRetentionPeriod", - "type": "number" - }, - "MasterPasswordSecretKmsKeyId": { - "markdownDescription": "The ID of the AWS Key Management Service (KMS) key used to encrypt and store the cluster's admin credentials secret. You can only use this parameter if `ManageMasterPassword` is true.", - "title": "MasterPasswordSecretKmsKeyId", - "type": "string" - }, - "MasterUserPassword": { - "markdownDescription": "The password associated with the admin user account for the cluster that is being created.\n\nYou can't use `MasterUserPassword` if `ManageMasterPassword` is `true` .\n\nConstraints:\n\n- Must be between 8 and 64 characters in length.\n- Must contain at least one uppercase letter.\n- Must contain at least one lowercase letter.\n- Must contain one number.\n- Can be any printable ASCII character (ASCII code 33-126) except `'` (single quote), `\"` (double quote), `\\` , `/` , or `@` .", - "title": "MasterUserPassword", - "type": "string" - }, - "MasterUsername": { - "markdownDescription": "The user name associated with the admin user account for the cluster that is being created.\n\nConstraints:\n\n- Must be 1 - 128 alphanumeric characters or hyphens. The user name can't be `PUBLIC` .\n- Must contain only lowercase letters, numbers, underscore, plus sign, period (dot), at symbol (@), or hyphen.\n- The first character must be a letter.\n- Must not contain a colon (:) or a slash (/).\n- Cannot be a reserved word. A list of reserved words can be found in [Reserved Words](https://docs.aws.amazon.com/redshift/latest/dg/r_pg_keywords.html) in the Amazon Redshift Database Developer Guide.", - "title": "MasterUsername", - "type": "string" - }, - "MultiAZ": { - "markdownDescription": "A boolean indicating whether Amazon Redshift should deploy the cluster in two Availability Zones. The default is false.", - "title": "MultiAZ", - "type": "boolean" - }, - "NamespaceResourcePolicy": { - "markdownDescription": "The policy that is attached to a resource.", - "title": "NamespaceResourcePolicy", - "type": "object" - }, - "NodeType": { - "markdownDescription": "The node type to be provisioned for the cluster. For information about node types, go to [Working with Clusters](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-clusters.html#how-many-nodes) in the *Amazon Redshift Cluster Management Guide* .\n\nValid Values: `dc2.large` | `dc2.8xlarge` | `ra3.large` | `ra3.xlplus` | `ra3.4xlarge` | `ra3.16xlarge`", - "title": "NodeType", - "type": "string" - }, - "NumberOfNodes": { - "markdownDescription": "The number of compute nodes in the cluster. This parameter is required when the *ClusterType* parameter is specified as `multi-node` .\n\nFor information about determining how many nodes you need, go to [Working with Clusters](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-clusters.html#how-many-nodes) in the *Amazon Redshift Cluster Management Guide* .\n\nIf you don't specify this parameter, you get a single-node cluster. When requesting a multi-node cluster, you must specify the number of nodes that you want in the cluster.\n\nDefault: `1`\n\nConstraints: Value must be at least 1 and no more than 100.", - "title": "NumberOfNodes", - "type": "number" - }, - "OwnerAccount": { - "markdownDescription": "The AWS account used to create or copy the snapshot. Required if you are restoring a snapshot you do not own, optional if you own the snapshot.", - "title": "OwnerAccount", - "type": "string" - }, - "Port": { - "markdownDescription": "The port number on which the cluster accepts incoming connections.\n\nThe cluster is accessible only via the JDBC and ODBC connection strings. Part of the connection string requires the port on which the cluster will listen for incoming connections.\n\nDefault: `5439`\n\nValid Values:\n\n- For clusters with ra3 nodes - Select a port within the ranges `5431-5455` or `8191-8215` . (If you have an existing cluster with ra3 nodes, it isn't required that you change the port to these ranges.)\n- For clusters with dc2 nodes - Select a port within the range `1150-65535` .", - "title": "Port", - "type": "number" - }, - "PreferredMaintenanceWindow": { - "markdownDescription": "The weekly time range (in UTC) during which automated cluster maintenance can occur.\n\nFormat: `ddd:hh24:mi-ddd:hh24:mi`\n\nDefault: A 30-minute window selected at random from an 8-hour block of time per region, occurring on a random day of the week. For more information about the time blocks for each region, see [Maintenance Windows](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-clusters.html#rs-maintenance-windows) in Amazon Redshift Cluster Management Guide.\n\nValid Days: Mon | Tue | Wed | Thu | Fri | Sat | Sun\n\nConstraints: Minimum 30-minute window.", - "title": "PreferredMaintenanceWindow", - "type": "string" - }, - "PubliclyAccessible": { - "markdownDescription": "If `true` , the cluster can be accessed from a public network.\n\nDefault: false", - "title": "PubliclyAccessible", - "type": "boolean" - }, - "ResourceAction": { - "markdownDescription": "The Amazon Redshift operation to be performed. Supported operations are `pause-cluster` , `resume-cluster` , and `failover-primary-compute` .", - "title": "ResourceAction", - "type": "string" - }, - "RevisionTarget": { - "markdownDescription": "Describes a `RevisionTarget` object.", - "title": "RevisionTarget", - "type": "string" - }, - "RotateEncryptionKey": { - "markdownDescription": "Rotates the encryption keys for a cluster.", - "title": "RotateEncryptionKey", - "type": "boolean" - }, - "SnapshotClusterIdentifier": { - "markdownDescription": "The name of the cluster the source snapshot was created from. This parameter is required if your user or role has a policy containing a snapshot resource element that specifies anything other than * for the cluster name.", - "title": "SnapshotClusterIdentifier", - "type": "string" - }, - "SnapshotCopyGrantName": { - "markdownDescription": "The name of the snapshot copy grant.", - "title": "SnapshotCopyGrantName", + "Application": { + "markdownDescription": "The application information for the simulation application.", + "title": "Application", "type": "string" }, - "SnapshotCopyManual": { - "markdownDescription": "Indicates whether to apply the snapshot retention period to newly copied manual snapshots instead of automated snapshots.", - "title": "SnapshotCopyManual", - "type": "boolean" - }, - "SnapshotCopyRetentionPeriod": { - "markdownDescription": "The number of days to retain automated snapshots in the destination AWS Region after they are copied from the source AWS Region .\n\nBy default, this only changes the retention period of copied automated snapshots.\n\nIf you decrease the retention period for automated snapshots that are copied to a destination AWS Region , Amazon Redshift deletes any existing automated snapshots that were copied to the destination AWS Region and that fall outside of the new retention period.\n\nConstraints: Must be at least 1 and no more than 35 for automated snapshots.\n\nIf you specify the `manual` option, only newly copied manual snapshots will have the new retention period.\n\nIf you specify the value of -1 newly copied manual snapshots are retained indefinitely.\n\nConstraints: The number of days must be either -1 or an integer between 1 and 3,653 for manual snapshots.", - "title": "SnapshotCopyRetentionPeriod", - "type": "number" - }, - "SnapshotIdentifier": { - "markdownDescription": "The name of the snapshot from which to create the new cluster. This parameter isn't case sensitive. You must specify this parameter or `snapshotArn` , but not both.\n\nExample: `my-snapshot-id`", - "title": "SnapshotIdentifier", + "CurrentRevisionId": { + "markdownDescription": "The current revision id for the simulation application. If you provide a value and it matches the latest revision ID, a new version will be created.", + "title": "CurrentRevisionId", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of tag instances.", - "title": "Tags", - "type": "array" - }, - "VpcSecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of Virtual Private Cloud (VPC) security groups to be associated with the cluster.\n\nDefault: The default VPC security group is associated with the cluster.", - "title": "VpcSecurityGroupIds", - "type": "array" } }, "required": [ - "ClusterType", - "DBName", - "MasterUsername", - "NodeType" + "Application" ], "type": "object" }, "Type": { "enum": [ - "AWS::Redshift::Cluster" + "AWS::RoboMaker::SimulationApplicationVersion" ], "type": "string" }, @@ -227252,39 +273971,7 @@ ], "type": "object" }, - "AWS::Redshift::Cluster.Endpoint": { - "additionalProperties": false, - "properties": { - "Address": { - "markdownDescription": "The DNS address of the cluster. This property is read only.", - "title": "Address", - "type": "string" - }, - "Port": { - "markdownDescription": "The port that the database engine is listening on. This property is read only.", - "title": "Port", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Redshift::Cluster.LoggingProperties": { - "additionalProperties": false, - "properties": { - "BucketName": { - "markdownDescription": "The name of an existing S3 bucket where the log files are to be stored.\n\nConstraints:\n\n- Must be in the same region as the cluster\n- The cluster must have read bucket and put object permissions", - "title": "BucketName", - "type": "string" - }, - "S3KeyPrefix": { - "markdownDescription": "The prefix applied to the log file names.\n\nValid characters are any letter from any language, any whitespace character, any numeric character, and the following characters: underscore ( `_` ), period ( `.` ), colon ( `:` ), slash ( `/` ), equal ( `=` ), plus ( `+` ), backslash ( `\\` ), hyphen ( `-` ), at symbol ( `@` ).", - "title": "S3KeyPrefix", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Redshift::ClusterParameterGroup": { + "AWS::RolesAnywhere::CRL": { "additionalProperties": false, "properties": { "Condition": { @@ -227319,47 +274006,44 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the parameter group.", - "title": "Description", + "CrlData": { + "markdownDescription": "The x509 v3 specified certificate revocation list (CRL).", + "title": "CrlData", "type": "string" }, - "ParameterGroupFamily": { - "markdownDescription": "The name of the cluster parameter group family that this cluster parameter group is compatible with. You can create a custom parameter group and then associate your cluster with it. For more information, see [Amazon Redshift parameter groups](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-parameter-groups.html) .", - "title": "ParameterGroupFamily", - "type": "string" + "Enabled": { + "markdownDescription": "Specifies whether the certificate revocation list (CRL) is enabled.", + "title": "Enabled", + "type": "boolean" }, - "ParameterGroupName": { - "markdownDescription": "The name of the cluster parameter group.", - "title": "ParameterGroupName", + "Name": { + "markdownDescription": "The name of the certificate revocation list (CRL).", + "title": "Name", "type": "string" }, - "Parameters": { - "items": { - "$ref": "#/definitions/AWS::Redshift::ClusterParameterGroup.Parameter" - }, - "markdownDescription": "An array of parameters to be modified. A maximum of 20 parameters can be modified in a single request.\n\nFor each parameter to be modified, you must supply at least the parameter name and parameter value; other name-value pairs of the parameter are optional.\n\nFor the workload management (WLM) configuration, you must supply all the name-value pairs in the wlm_json_configuration parameter.", - "title": "Parameters", - "type": "array" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The list of tags for the cluster parameter group.", + "markdownDescription": "A list of tags to attach to the certificate revocation list (CRL).", "title": "Tags", "type": "array" + }, + "TrustAnchorArn": { + "markdownDescription": "The ARN of the TrustAnchor the certificate revocation list (CRL) will provide revocation for.", + "title": "TrustAnchorArn", + "type": "string" } }, "required": [ - "Description", - "ParameterGroupFamily" + "CrlData", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Redshift::ClusterParameterGroup" + "AWS::RolesAnywhere::CRL" ], "type": "string" }, @@ -227378,27 +274062,7 @@ ], "type": "object" }, - "AWS::Redshift::ClusterParameterGroup.Parameter": { - "additionalProperties": false, - "properties": { - "ParameterName": { - "markdownDescription": "The name of the parameter.", - "title": "ParameterName", - "type": "string" - }, - "ParameterValue": { - "markdownDescription": "The value of the parameter. If `ParameterName` is `wlm_json_configuration` , then the maximum size of `ParameterValue` is 8000 characters.", - "title": "ParameterValue", - "type": "string" - } - }, - "required": [ - "ParameterName", - "ParameterValue" - ], - "type": "object" - }, - "AWS::Redshift::ClusterSecurityGroup": { + "AWS::RolesAnywhere::Profile": { "additionalProperties": false, "properties": { "Condition": { @@ -227433,28 +274097,78 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description for the security group.", - "title": "Description", + "AcceptRoleSessionName": { + "markdownDescription": "Used to determine if a custom role session name will be accepted in a temporary credential request.", + "title": "AcceptRoleSessionName", + "type": "boolean" + }, + "AttributeMappings": { + "items": { + "$ref": "#/definitions/AWS::RolesAnywhere::Profile.AttributeMapping" + }, + "markdownDescription": "A mapping applied to the authenticating end-entity certificate.", + "title": "AttributeMappings", + "type": "array" + }, + "DurationSeconds": { + "markdownDescription": "The number of seconds vended session credentials will be valid for", + "title": "DurationSeconds", + "type": "number" + }, + "Enabled": { + "markdownDescription": "The enabled status of the resource.", + "title": "Enabled", + "type": "boolean" + }, + "ManagedPolicyArns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of managed policy ARNs. Managed policies identified by this list will be applied to the vended session credentials.", + "title": "ManagedPolicyArns", + "type": "array" + }, + "Name": { + "markdownDescription": "The customer specified name of the resource.", + "title": "Name", + "type": "string" + }, + "RequireInstanceProperties": { + "markdownDescription": "Specifies whether instance properties are required in CreateSession requests with this profile.", + "title": "RequireInstanceProperties", + "type": "boolean" + }, + "RoleArns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of IAM role ARNs that can be assumed when this profile is specified in a CreateSession request.", + "title": "RoleArns", + "type": "array" + }, + "SessionPolicy": { + "markdownDescription": "A session policy that will applied to the trust boundary of the vended session credentials.", + "title": "SessionPolicy", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Specifies an arbitrary set of tags (key\u2013value pairs) to associate with this security group. Use tags to manage your resources.", + "markdownDescription": "A list of Tags.", "title": "Tags", "type": "array" } }, "required": [ - "Description" + "Name", + "RoleArns" ], "type": "object" }, "Type": { "enum": [ - "AWS::Redshift::ClusterSecurityGroup" + "AWS::RolesAnywhere::Profile" ], "type": "string" }, @@ -227473,7 +274187,44 @@ ], "type": "object" }, - "AWS::Redshift::ClusterSecurityGroupIngress": { + "AWS::RolesAnywhere::Profile.AttributeMapping": { + "additionalProperties": false, + "properties": { + "CertificateField": { + "markdownDescription": "Fields (x509Subject, x509Issuer and x509SAN) within X.509 certificates.", + "title": "CertificateField", + "type": "string" + }, + "MappingRules": { + "items": { + "$ref": "#/definitions/AWS::RolesAnywhere::Profile.MappingRule" + }, + "markdownDescription": "A list of mapping entries for every supported specifier or sub-field.", + "title": "MappingRules", + "type": "array" + } + }, + "required": [ + "CertificateField", + "MappingRules" + ], + "type": "object" + }, + "AWS::RolesAnywhere::Profile.MappingRule": { + "additionalProperties": false, + "properties": { + "Specifier": { + "markdownDescription": "Specifier within a certificate field, such as CN, OU, or UID from the Subject field.", + "title": "Specifier", + "type": "string" + } + }, + "required": [ + "Specifier" + ], + "type": "object" + }, + "AWS::RolesAnywhere::TrustAnchor": { "additionalProperties": false, "properties": { "Condition": { @@ -227508,35 +274259,47 @@ "Properties": { "additionalProperties": false, "properties": { - "CIDRIP": { - "markdownDescription": "The IP range to be added the Amazon Redshift security group.", - "title": "CIDRIP", - "type": "string" + "Enabled": { + "markdownDescription": "Indicates whether the trust anchor is enabled.", + "title": "Enabled", + "type": "boolean" }, - "ClusterSecurityGroupName": { - "markdownDescription": "The name of the security group to which the ingress rule is added.", - "title": "ClusterSecurityGroupName", + "Name": { + "markdownDescription": "The name of the trust anchor.", + "title": "Name", "type": "string" }, - "EC2SecurityGroupName": { - "markdownDescription": "The EC2 security group to be added the Amazon Redshift security group.", - "title": "EC2SecurityGroupName", - "type": "string" + "NotificationSettings": { + "items": { + "$ref": "#/definitions/AWS::RolesAnywhere::TrustAnchor.NotificationSetting" + }, + "markdownDescription": "A list of notification settings to be associated to the trust anchor.", + "title": "NotificationSettings", + "type": "array" }, - "EC2SecurityGroupOwnerId": { - "markdownDescription": "The AWS account number of the owner of the security group specified by the *EC2SecurityGroupName* parameter. The AWS Access Key ID is not an acceptable value.\n\nExample: `111122223333`\n\nConditional. If you specify the `EC2SecurityGroupName` property, you must specify this property.", - "title": "EC2SecurityGroupOwnerId", - "type": "string" + "Source": { + "$ref": "#/definitions/AWS::RolesAnywhere::TrustAnchor.Source", + "markdownDescription": "The trust anchor type and its related certificate data.", + "title": "Source" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to attach to the trust anchor.", + "title": "Tags", + "type": "array" } }, "required": [ - "ClusterSecurityGroupName" + "Name", + "Source" ], "type": "object" }, "Type": { "enum": [ - "AWS::Redshift::ClusterSecurityGroupIngress" + "AWS::RolesAnywhere::TrustAnchor" ], "type": "string" }, @@ -227555,7 +274318,73 @@ ], "type": "object" }, - "AWS::Redshift::ClusterSubnetGroup": { + "AWS::RolesAnywhere::TrustAnchor.NotificationSetting": { + "additionalProperties": false, + "properties": { + "Channel": { + "markdownDescription": "The specified channel of notification. IAM Roles Anywhere uses CloudWatch metrics, EventBridge, and AWS Health Dashboard to notify for an event.\n\n> In the absence of a specific channel, IAM Roles Anywhere applies this setting to 'ALL' channels.", + "title": "Channel", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Indicates whether the notification setting is enabled.", + "title": "Enabled", + "type": "boolean" + }, + "Event": { + "markdownDescription": "The event to which this notification setting is applied.", + "title": "Event", + "type": "string" + }, + "Threshold": { + "markdownDescription": "The number of days before a notification event. This value is required for a notification setting that is enabled.", + "title": "Threshold", + "type": "number" + } + }, + "required": [ + "Enabled", + "Event" + ], + "type": "object" + }, + "AWS::RolesAnywhere::TrustAnchor.Source": { + "additionalProperties": false, + "properties": { + "SourceData": { + "$ref": "#/definitions/AWS::RolesAnywhere::TrustAnchor.SourceData", + "markdownDescription": "A union object representing the data field of the TrustAnchor depending on its type", + "title": "SourceData" + }, + "SourceType": { + "markdownDescription": "The type of the TrustAnchor.", + "title": "SourceType", + "type": "string" + } + }, + "required": [ + "SourceData", + "SourceType" + ], + "type": "object" + }, + "AWS::RolesAnywhere::TrustAnchor.SourceData": { + "additionalProperties": false, + "properties": { + "AcmPcaArn": { + "markdownDescription": "The root certificate of the AWS Private Certificate Authority specified by this ARN is used in trust validation for temporary credential requests. Included for trust anchors of type `AWS_ACM_PCA` .\n\n> This field is not supported in your region.", + "title": "AcmPcaArn", + "type": "string" + }, + "X509CertificateData": { + "markdownDescription": "The PEM-encoded data for the certificate anchor. Included for trust anchors of type `CERTIFICATE_BUNDLE` .", + "title": "X509CertificateData", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Route53::CidrCollection": { "additionalProperties": false, "properties": { "Condition": { @@ -227590,37 +274419,28 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description for the subnet group.", - "title": "Description", - "type": "string" - }, - "SubnetIds": { + "Locations": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Route53::CidrCollection.Location" }, - "markdownDescription": "An array of VPC subnet IDs. A maximum of 20 subnets can be modified in a single request.", - "title": "SubnetIds", + "markdownDescription": "A complex type that contains information about the list of CIDR locations.", + "title": "Locations", "type": "array" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Specifies an arbitrary set of tags (key\u2013value pairs) to associate with this subnet group. Use tags to manage your resources.", - "title": "Tags", - "type": "array" + "Name": { + "markdownDescription": "The name of a CIDR collection.", + "title": "Name", + "type": "string" } }, "required": [ - "Description", - "SubnetIds" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Redshift::ClusterSubnetGroup" + "AWS::Route53::CidrCollection" ], "type": "string" }, @@ -227639,7 +274459,30 @@ ], "type": "object" }, - "AWS::Redshift::EndpointAccess": { + "AWS::Route53::CidrCollection.Location": { + "additionalProperties": false, + "properties": { + "CidrList": { + "items": { + "type": "string" + }, + "markdownDescription": "List of CIDR blocks.", + "title": "CidrList", + "type": "array" + }, + "LocationName": { + "markdownDescription": "The CIDR collection location name.", + "title": "LocationName", + "type": "string" + } + }, + "required": [ + "CidrList", + "LocationName" + ], + "type": "object" + }, + "AWS::Route53::DNSSEC": { "additionalProperties": false, "properties": { "Condition": { @@ -227674,46 +274517,20 @@ "Properties": { "additionalProperties": false, "properties": { - "ClusterIdentifier": { - "markdownDescription": "The cluster identifier of the cluster associated with the endpoint.", - "title": "ClusterIdentifier", - "type": "string" - }, - "EndpointName": { - "markdownDescription": "The name of the endpoint.", - "title": "EndpointName", - "type": "string" - }, - "ResourceOwner": { - "markdownDescription": "The AWS account ID of the owner of the cluster.", - "title": "ResourceOwner", - "type": "string" - }, - "SubnetGroupName": { - "markdownDescription": "The subnet group name where Amazon Redshift chooses to deploy the endpoint.", - "title": "SubnetGroupName", + "HostedZoneId": { + "markdownDescription": "A unique string (ID) that is used to identify a hosted zone. For example: `Z00001111A1ABCaaABC11` .", + "title": "HostedZoneId", "type": "string" - }, - "VpcSecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The security group that defines the ports, protocols, and sources for inbound traffic that you are authorizing into your endpoint.", - "title": "VpcSecurityGroupIds", - "type": "array" } }, "required": [ - "ClusterIdentifier", - "EndpointName", - "SubnetGroupName", - "VpcSecurityGroupIds" + "HostedZoneId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Redshift::EndpointAccess" + "AWS::Route53::DNSSEC" ], "type": "string" }, @@ -227721,84 +274538,18 @@ "enum": [ "Delete", "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::Redshift::EndpointAccess.NetworkInterface": { - "additionalProperties": false, - "properties": { - "AvailabilityZone": { - "markdownDescription": "The Availability Zone.", - "title": "AvailabilityZone", - "type": "string" - }, - "NetworkInterfaceId": { - "markdownDescription": "The network interface identifier.", - "title": "NetworkInterfaceId", - "type": "string" - }, - "PrivateIpAddress": { - "markdownDescription": "The IPv4 address of the network interface within the subnet.", - "title": "PrivateIpAddress", - "type": "string" - }, - "SubnetId": { - "markdownDescription": "The subnet identifier.", - "title": "SubnetId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Redshift::EndpointAccess.VpcEndpoint": { - "additionalProperties": false, - "properties": { - "NetworkInterfaces": { - "items": { - "$ref": "#/definitions/AWS::Redshift::EndpointAccess.NetworkInterface" - }, - "markdownDescription": "One or more network interfaces of the endpoint. Also known as an interface endpoint.", - "title": "NetworkInterfaces", - "type": "array" - }, - "VpcEndpointId": { - "markdownDescription": "The connection endpoint ID for connecting an Amazon Redshift cluster through the proxy.", - "title": "VpcEndpointId", - "type": "string" - }, - "VpcId": { - "markdownDescription": "The VPC identifier that the endpoint is associated.", - "title": "VpcId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Redshift::EndpointAccess.VpcSecurityGroup": { - "additionalProperties": false, - "properties": { - "Status": { - "markdownDescription": "The status of the endpoint.", - "title": "Status", - "type": "string" - }, - "VpcSecurityGroupId": { - "markdownDescription": "The identifier of the VPC security group.", - "title": "VpcSecurityGroupId", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::Redshift::EndpointAuthorization": { + "AWS::Route53::HealthCheck": { "additionalProperties": false, "properties": { "Condition": { @@ -227833,39 +274584,28 @@ "Properties": { "additionalProperties": false, "properties": { - "Account": { - "markdownDescription": "The AWS account ID of either the cluster owner (grantor) or grantee. If `Grantee` parameter is true, then the `Account` value is of the grantor.", - "title": "Account", - "type": "string" - }, - "ClusterIdentifier": { - "markdownDescription": "The cluster identifier.", - "title": "ClusterIdentifier", - "type": "string" - }, - "Force": { - "markdownDescription": "Indicates whether to force the revoke action. If true, the Redshift-managed VPC endpoints associated with the endpoint authorization are also deleted.", - "title": "Force", - "type": "boolean" + "HealthCheckConfig": { + "$ref": "#/definitions/AWS::Route53::HealthCheck.HealthCheckConfig", + "markdownDescription": "A complex type that contains detailed information about one health check.\n\nFor the values to enter for `HealthCheckConfig` , see [HealthCheckConfig](https://docs.aws.amazon.com/Route53/latest/APIReference/API_HealthCheckConfig.html)", + "title": "HealthCheckConfig" }, - "VpcIds": { + "HealthCheckTags": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Route53::HealthCheck.HealthCheckTag" }, - "markdownDescription": "The virtual private cloud (VPC) identifiers to grant access to.", - "title": "VpcIds", + "markdownDescription": "The `HealthCheckTags` property describes key-value pairs that are associated with an `AWS::Route53::HealthCheck` resource.", + "title": "HealthCheckTags", "type": "array" } }, "required": [ - "Account", - "ClusterIdentifier" + "HealthCheckConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::Redshift::EndpointAuthorization" + "AWS::Route53::HealthCheck" ], "type": "string" }, @@ -227884,7 +274624,147 @@ ], "type": "object" }, - "AWS::Redshift::EventSubscription": { + "AWS::Route53::HealthCheck.AlarmIdentifier": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the CloudWatch alarm that you want Amazon Route 53 health checkers to use to determine whether this health check is healthy.\n\n> Route 53 supports CloudWatch alarms with the following features:\n> \n> - Standard-resolution metrics. High-resolution metrics aren't supported. For more information, see [High-Resolution Metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/publishingMetrics.html#high-resolution-metrics) in the *Amazon CloudWatch User Guide* .\n> - Statistics: Average, Minimum, Maximum, Sum, and SampleCount. Extended statistics aren't supported.", + "title": "Name", + "type": "string" + }, + "Region": { + "markdownDescription": "For the CloudWatch alarm that you want Route 53 health checkers to use to determine whether this health check is healthy, the region that the alarm was created in.\n\nFor the current list of CloudWatch regions, see [Amazon CloudWatch endpoints and quotas](https://docs.aws.amazon.com/general/latest/gr/cw_region.html) in the *Amazon Web Services General Reference* .", + "title": "Region", + "type": "string" + } + }, + "required": [ + "Name", + "Region" + ], + "type": "object" + }, + "AWS::Route53::HealthCheck.HealthCheckConfig": { + "additionalProperties": false, + "properties": { + "AlarmIdentifier": { + "$ref": "#/definitions/AWS::Route53::HealthCheck.AlarmIdentifier", + "markdownDescription": "A complex type that identifies the CloudWatch alarm that you want Amazon Route 53 health checkers to use to determine whether the specified health check is healthy.", + "title": "AlarmIdentifier" + }, + "ChildHealthChecks": { + "items": { + "type": "string" + }, + "markdownDescription": "(CALCULATED Health Checks Only) A complex type that contains one `ChildHealthCheck` element for each health check that you want to associate with a `CALCULATED` health check.", + "title": "ChildHealthChecks", + "type": "array" + }, + "EnableSNI": { + "markdownDescription": "Specify whether you want Amazon Route 53 to send the value of `FullyQualifiedDomainName` to the endpoint in the `client_hello` message during TLS negotiation. This allows the endpoint to respond to `HTTPS` health check requests with the applicable SSL/TLS certificate.\n\nSome endpoints require that `HTTPS` requests include the host name in the `client_hello` message. If you don't enable SNI, the status of the health check will be `SSL alert handshake_failure` . A health check can also have that status for other reasons. If SNI is enabled and you're still getting the error, check the SSL/TLS configuration on your endpoint and confirm that your certificate is valid.\n\nThe SSL/TLS certificate on your endpoint includes a domain name in the `Common Name` field and possibly several more in the `Subject Alternative Names` field. One of the domain names in the certificate should match the value that you specify for `FullyQualifiedDomainName` . If the endpoint responds to the `client_hello` message with a certificate that does not include the domain name that you specified in `FullyQualifiedDomainName` , a health checker will retry the handshake. In the second attempt, the health checker will omit `FullyQualifiedDomainName` from the `client_hello` message.", + "title": "EnableSNI", + "type": "boolean" + }, + "FailureThreshold": { + "markdownDescription": "The number of consecutive health checks that an endpoint must pass or fail for Amazon Route 53 to change the current status of the endpoint from unhealthy to healthy or vice versa. For more information, see [How Amazon Route 53 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html) in the *Amazon Route 53 Developer Guide* .\n\nIf you don't specify a value for `FailureThreshold` , the default value is three health checks.", + "title": "FailureThreshold", + "type": "number" + }, + "FullyQualifiedDomainName": { + "markdownDescription": "Amazon Route 53 behavior depends on whether you specify a value for `IPAddress` .\n\n*If you specify a value for* `IPAddress` :\n\nAmazon Route 53 sends health check requests to the specified IPv4 or IPv6 address and passes the value of `FullyQualifiedDomainName` in the `Host` header for all health checks except TCP health checks. This is typically the fully qualified DNS name of the endpoint on which you want Route 53 to perform health checks.\n\nWhen Route 53 checks the health of an endpoint, here is how it constructs the `Host` header:\n\n- If you specify a value of `80` for `Port` and `HTTP` or `HTTP_STR_MATCH` for `Type` , Route 53 passes the value of `FullyQualifiedDomainName` to the endpoint in the Host header.\n- If you specify a value of `443` for `Port` and `HTTPS` or `HTTPS_STR_MATCH` for `Type` , Route 53 passes the value of `FullyQualifiedDomainName` to the endpoint in the `Host` header.\n- If you specify another value for `Port` and any value except `TCP` for `Type` , Route 53 passes `FullyQualifiedDomainName:Port` to the endpoint in the `Host` header.\n\nIf you don't specify a value for `FullyQualifiedDomainName` , Route 53 substitutes the value of `IPAddress` in the `Host` header in each of the preceding cases.\n\n*If you don't specify a value for `IPAddress`* :\n\nRoute 53 sends a DNS request to the domain that you specify for `FullyQualifiedDomainName` at the interval that you specify for `RequestInterval` . Using an IPv4 address that DNS returns, Route 53 then checks the health of the endpoint.\n\n> If you don't specify a value for `IPAddress` , Route 53 uses only IPv4 to send health checks to the endpoint. If there's no record with a type of A for the name that you specify for `FullyQualifiedDomainName` , the health check fails with a \"DNS resolution failed\" error. \n\nIf you want to check the health of multiple records that have the same name and type, such as multiple weighted records, and if you choose to specify the endpoint only by `FullyQualifiedDomainName` , we recommend that you create a separate health check for each endpoint. For example, create a health check for each HTTP server that is serving content for www.example.com. For the value of `FullyQualifiedDomainName` , specify the domain name of the server (such as us-east-2-www.example.com), not the name of the records (www.example.com).\n\n> In this configuration, if you create a health check for which the value of `FullyQualifiedDomainName` matches the name of the records and you then associate the health check with those records, health check results will be unpredictable. \n\nIn addition, if the value that you specify for `Type` is `HTTP` , `HTTPS` , `HTTP_STR_MATCH` , or `HTTPS_STR_MATCH` , Route 53 passes the value of `FullyQualifiedDomainName` in the `Host` header, as it does when you specify a value for `IPAddress` . If the value of `Type` is `TCP` , Route 53 doesn't pass a `Host` header.", + "title": "FullyQualifiedDomainName", + "type": "string" + }, + "HealthThreshold": { + "markdownDescription": "The number of child health checks that are associated with a `CALCULATED` health check that Amazon Route 53 must consider healthy for the `CALCULATED` health check to be considered healthy. To specify the child health checks that you want to associate with a `CALCULATED` health check, use the [ChildHealthChecks](https://docs.aws.amazon.com/Route53/latest/APIReference/API_UpdateHealthCheck.html#Route53-UpdateHealthCheck-request-ChildHealthChecks) element.\n\nNote the following:\n\n- If you specify a number greater than the number of child health checks, Route 53 always considers this health check to be unhealthy.\n- If you specify `0` , Route 53 always considers this health check to be healthy.", + "title": "HealthThreshold", + "type": "number" + }, + "IPAddress": { + "markdownDescription": "The IPv4 or IPv6 IP address of the endpoint that you want Amazon Route 53 to perform health checks on. If you don't specify a value for `IPAddress` , Route 53 sends a DNS request to resolve the domain name that you specify in `FullyQualifiedDomainName` at the interval that you specify in `RequestInterval` . Using an IP address returned by DNS, Route 53 then checks the health of the endpoint.\n\nUse one of the following formats for the value of `IPAddress` :\n\n- *IPv4 address* : four values between 0 and 255, separated by periods (.), for example, `192.0.2.44` .\n- *IPv6 address* : eight groups of four hexadecimal values, separated by colons (:), for example, `2001:0db8:85a3:0000:0000:abcd:0001:2345` . You can also shorten IPv6 addresses as described in RFC 5952, for example, `2001:db8:85a3::abcd:1:2345` .\n\nIf the endpoint is an EC2 instance, we recommend that you create an Elastic IP address, associate it with your EC2 instance, and specify the Elastic IP address for `IPAddress` . This ensures that the IP address of your instance will never change.\n\nFor more information, see [FullyQualifiedDomainName](https://docs.aws.amazon.com/Route53/latest/APIReference/API_UpdateHealthCheck.html#Route53-UpdateHealthCheck-request-FullyQualifiedDomainName) .\n\nConstraints: Route 53 can't check the health of endpoints for which the IP address is in local, private, non-routable, or multicast ranges. For more information about IP addresses for which you can't create health checks, see the following documents:\n\n- [RFC 5735, Special Use IPv4 Addresses](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc5735)\n- [RFC 6598, IANA-Reserved IPv4 Prefix for Shared Address Space](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6598)\n- [RFC 5156, Special-Use IPv6 Addresses](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc5156)\n\nWhen the value of `Type` is `CALCULATED` or `CLOUDWATCH_METRIC` , omit `IPAddress` .", + "title": "IPAddress", + "type": "string" + }, + "InsufficientDataHealthStatus": { + "markdownDescription": "When CloudWatch has insufficient data about the metric to determine the alarm state, the status that you want Amazon Route 53 to assign to the health check:\n\n- `Healthy` : Route 53 considers the health check to be healthy.\n- `Unhealthy` : Route 53 considers the health check to be unhealthy.\n- `LastKnownStatus` : Route 53 uses the status of the health check from the last time that CloudWatch had sufficient data to determine the alarm state. For new health checks that have no last known status, the default status for the health check is healthy.", + "title": "InsufficientDataHealthStatus", + "type": "string" + }, + "Inverted": { + "markdownDescription": "Specify whether you want Amazon Route 53 to invert the status of a health check, for example, to consider a health check unhealthy when it otherwise would be considered healthy.", + "title": "Inverted", + "type": "boolean" + }, + "MeasureLatency": { + "markdownDescription": "Specify whether you want Amazon Route 53 to measure the latency between health checkers in multiple AWS regions and your endpoint, and to display CloudWatch latency graphs on the *Health Checks* page in the Route 53 console.\n\n> You can't change the value of `MeasureLatency` after you create a health check.", + "title": "MeasureLatency", + "type": "boolean" + }, + "Port": { + "markdownDescription": "The port on the endpoint that you want Amazon Route 53 to perform health checks on.\n\n> Don't specify a value for `Port` when you specify a value for [Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-healthcheck-healthcheckconfig.html#cfn-route53-healthcheck-healthcheckconfig-type) of `CLOUDWATCH_METRIC` or `CALCULATED` .", + "title": "Port", + "type": "number" + }, + "Regions": { + "items": { + "type": "string" + }, + "markdownDescription": "A complex type that contains one `Region` element for each region from which you want Amazon Route 53 health checkers to check the specified endpoint.\n\nIf you don't specify any regions, Route 53 health checkers automatically performs checks from all of the regions that are listed under *Valid Values* .\n\nIf you update a health check to remove a region that has been performing health checks, Route 53 will briefly continue to perform checks from that region to ensure that some health checkers are always checking the endpoint (for example, if you replace three regions with four different regions).", + "title": "Regions", + "type": "array" + }, + "RequestInterval": { + "markdownDescription": "The number of seconds between the time that Amazon Route 53 gets a response from your endpoint and the time that it sends the next health check request. Each Route 53 health checker makes requests at this interval.\n\n> You can't change the value of `RequestInterval` after you create a health check. \n\nIf you don't specify a value for `RequestInterval` , the default value is `30` seconds.", + "title": "RequestInterval", + "type": "number" + }, + "ResourcePath": { + "markdownDescription": "The path, if any, that you want Amazon Route 53 to request when performing health checks. The path can be any value for which your endpoint will return an HTTP status code of 2xx or 3xx when the endpoint is healthy, for example, the file /docs/route53-health-check.html. You can also include query string parameters, for example, `/welcome.html?language=jp&login=y` .", + "title": "ResourcePath", + "type": "string" + }, + "RoutingControlArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the Route 53 Application Recovery Controller routing control.\n\nFor more information about Route 53 Application Recovery Controller, see [Route 53 Application Recovery Controller Developer Guide.](https://docs.aws.amazon.com/r53recovery/latest/dg/what-is-route-53-recovery.html) .", + "title": "RoutingControlArn", + "type": "string" + }, + "SearchString": { + "markdownDescription": "If the value of Type is `HTTP_STR_MATCH` or `HTTPS_STR_MATCH` , the string that you want Amazon Route 53 to search for in the response body from the specified resource. If the string appears in the response body, Route 53 considers the resource healthy.\n\nRoute 53 considers case when searching for `SearchString` in the response body.", + "title": "SearchString", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of health check that you want to create, which indicates how Amazon Route 53 determines whether an endpoint is healthy.\n\n> You can't change the value of `Type` after you create a health check. \n\nYou can create the following types of health checks:\n\n- *HTTP* : Route 53 tries to establish a TCP connection. If successful, Route 53 submits an HTTP request and waits for an HTTP status code of 200 or greater and less than 400.\n- *HTTPS* : Route 53 tries to establish a TCP connection. If successful, Route 53 submits an HTTPS request and waits for an HTTP status code of 200 or greater and less than 400.\n\n> If you specify `HTTPS` for the value of `Type` , the endpoint must support TLS v1.0 or later.\n- *HTTP_STR_MATCH* : Route 53 tries to establish a TCP connection. If successful, Route 53 submits an HTTP request and searches the first 5,120 bytes of the response body for the string that you specify in `SearchString` .\n- *HTTPS_STR_MATCH* : Route 53 tries to establish a TCP connection. If successful, Route 53 submits an `HTTPS` request and searches the first 5,120 bytes of the response body for the string that you specify in `SearchString` .\n- *TCP* : Route 53 tries to establish a TCP connection.\n- *CLOUDWATCH_METRIC* : The health check is associated with a CloudWatch alarm. If the state of the alarm is `OK` , the health check is considered healthy. If the state is `ALARM` , the health check is considered unhealthy. If CloudWatch doesn't have sufficient data to determine whether the state is `OK` or `ALARM` , the health check status depends on the setting for `InsufficientDataHealthStatus` : `Healthy` , `Unhealthy` , or `LastKnownStatus` .\n\n> Route 53 supports CloudWatch alarms with the following features:\n> \n> - Standard-resolution metrics. High-resolution metrics aren't supported. For more information, see [High-Resolution Metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/publishingMetrics.html#high-resolution-metrics) in the *Amazon CloudWatch User Guide* .\n> - Statistics: Average, Minimum, Maximum, Sum, and SampleCount. Extended statistics aren't supported.\n- *CALCULATED* : For health checks that monitor the status of other health checks, Route 53 adds up the number of health checks that Route 53 health checkers consider to be healthy and compares that number with the value of `HealthThreshold` .\n- *RECOVERY_CONTROL* : The health check is assocated with a Route53 Application Recovery Controller routing control. If the routing control state is `ON` , the health check is considered healthy. If the state is `OFF` , the health check is considered unhealthy.\n\nFor more information, see [How Route 53 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html) in the *Amazon Route 53 Developer Guide* .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Route53::HealthCheck.HealthCheckTag": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The value of `Key` depends on the operation that you want to perform:\n\n- *Add a tag to a health check or hosted zone* : `Key` is the name that you want to give the new tag.\n- *Edit a tag* : `Key` is the name of the tag that you want to change the `Value` for.\n- *Delete a key* : `Key` is the name of the tag you want to remove.\n- *Give a name to a health check* : Edit the default `Name` tag. In the Amazon Route 53 console, the list of your health checks includes a *Name* column that lets you see the name that you've given to each health check.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of `Value` depends on the operation that you want to perform:\n\n- *Add a tag to a health check or hosted zone* : `Value` is the value that you want to give the new tag.\n- *Edit a tag* : `Value` is the new value that you want to assign the tag.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::Route53::HostedZone": { "additionalProperties": false, "properties": { "Condition": { @@ -227919,64 +274799,43 @@ "Properties": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "A boolean value; set to `true` to activate the subscription, and set to `false` to create the subscription but not activate it.", - "title": "Enabled", - "type": "boolean" - }, - "EventCategories": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the Amazon Redshift event categories to be published by the event notification subscription.\n\nValues: configuration, management, monitoring, security, pending", - "title": "EventCategories", - "type": "array" - }, - "Severity": { - "markdownDescription": "Specifies the Amazon Redshift event severity to be published by the event notification subscription.\n\nValues: ERROR, INFO", - "title": "Severity", - "type": "string" - }, - "SnsTopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic used to transmit the event notifications. The ARN is created by Amazon SNS when you create a topic and subscribe to it.", - "title": "SnsTopicArn", - "type": "string" + "HostedZoneConfig": { + "$ref": "#/definitions/AWS::Route53::HostedZone.HostedZoneConfig", + "markdownDescription": "A complex type that contains an optional comment.\n\nIf you don't want to specify a comment, omit the `HostedZoneConfig` and `Comment` elements.", + "title": "HostedZoneConfig" }, - "SourceIds": { + "HostedZoneTags": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Route53::HostedZone.HostedZoneTag" }, - "markdownDescription": "A list of one or more identifiers of Amazon Redshift source objects. All of the objects must be of the same type as was specified in the source type parameter. The event subscription will return only events generated by the specified objects. If not specified, then events are returned for all objects within the source type specified.\n\nExample: my-cluster-1, my-cluster-2\n\nExample: my-snapshot-20131010", - "title": "SourceIds", + "markdownDescription": "Adds, edits, or deletes tags for a health check or a hosted zone.\n\nFor information about using tags for cost allocation, see [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html) in the *Billing and Cost Management User Guide* .", + "title": "HostedZoneTags", "type": "array" }, - "SourceType": { - "markdownDescription": "The type of source that will be generating the events. For example, if you want to be notified of events generated by a cluster, you would set this parameter to cluster. If this value is not specified, events are returned for all Amazon Redshift objects in your AWS account . You must specify a source type in order to specify source IDs.\n\nValid values: cluster, cluster-parameter-group, cluster-security-group, cluster-snapshot, and scheduled-action.", - "title": "SourceType", + "Name": { + "markdownDescription": "The name of the domain. Specify a fully qualified domain name, for example, *www.example.com* . The trailing dot is optional; Amazon Route 53 assumes that the domain name is fully qualified. This means that Route 53 treats *www.example.com* (without a trailing dot) and *www.example.com.* (with a trailing dot) as identical.\n\nIf you're creating a public hosted zone, this is the name you have registered with your DNS registrar. If your domain name is registered with a registrar other than Route 53, change the name servers for your domain to the set of `NameServers` that are returned by the `Fn::GetAtt` intrinsic function.", + "title": "Name", "type": "string" }, - "SubscriptionName": { - "markdownDescription": "The name of the event subscription to be created.\n\nConstraints:\n\n- Cannot be null, empty, or blank.\n- Must contain from 1 to 255 alphanumeric characters or hyphens.\n- First character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.", - "title": "SubscriptionName", - "type": "string" + "QueryLoggingConfig": { + "$ref": "#/definitions/AWS::Route53::HostedZone.QueryLoggingConfig", + "markdownDescription": "Creates a configuration for DNS query logging. After you create a query logging configuration, Amazon Route 53 begins to publish log data to an Amazon CloudWatch Logs log group.\n\nDNS query logs contain information about the queries that Route 53 receives for a specified public hosted zone, such as the following:\n\n- Route 53 edge location that responded to the DNS query\n- Domain or subdomain that was requested\n- DNS record type, such as A or AAAA\n- DNS response code, such as `NoError` or `ServFail`\n\n- **Log Group and Resource Policy** - Before you create a query logging configuration, perform the following operations.\n\n> If you create a query logging configuration using the Route 53 console, Route 53 performs these operations automatically. \n\n- Create a CloudWatch Logs log group, and make note of the ARN, which you specify when you create a query logging configuration. Note the following:\n\n- You must create the log group in the us-east-1 region.\n- You must use the same AWS account to create the log group and the hosted zone that you want to configure query logging for.\n- When you create log groups for query logging, we recommend that you use a consistent prefix, for example:\n\n`/aws/route53/ *hosted zone name*`\n\nIn the next step, you'll create a resource policy, which controls access to one or more log groups and the associated AWS resources, such as Route 53 hosted zones. There's a limit on the number of resource policies that you can create, so we recommend that you use a consistent prefix so you can use the same resource policy for all the log groups that you create for query logging.\n- Create a CloudWatch Logs resource policy, and give it the permissions that Route 53 needs to create log streams and to send query logs to log streams. You must create the CloudWatch Logs resource policy in the us-east-1 region. For the value of `Resource` , specify the ARN for the log group that you created in the previous step. To use the same resource policy for all the CloudWatch Logs log groups that you created for query logging configurations, replace the hosted zone name with `*` , for example:\n\n`arn:aws:logs:us-east-1:123412341234:log-group:/aws/route53/*`\n\nTo avoid the confused deputy problem, a security issue where an entity without a permission for an action can coerce a more-privileged entity to perform it, you can optionally limit the permissions that a service has to a resource in a resource-based policy by supplying the following values:\n\n- For `aws:SourceArn` , supply the hosted zone ARN used in creating the query logging configuration. For example, `aws:SourceArn: arn:aws:route53:::hostedzone/hosted zone ID` .\n- For `aws:SourceAccount` , supply the account ID for the account that creates the query logging configuration. For example, `aws:SourceAccount:111111111111` .\n\nFor more information, see [The confused deputy problem](https://docs.aws.amazon.com/IAM/latest/UserGuide/confused-deputy.html) in the *AWS IAM User Guide* .\n\n> You can't use the CloudWatch console to create or edit a resource policy. You must use the CloudWatch API, one of the AWS SDKs, or the AWS CLI .\n- **Log Streams and Edge Locations** - When Route 53 finishes creating the configuration for DNS query logging, it does the following:\n\n- Creates a log stream for an edge location the first time that the edge location responds to DNS queries for the specified hosted zone. That log stream is used to log all queries that Route 53 responds to for that edge location.\n- Begins to send query logs to the applicable log stream.\n\nThe name of each log stream is in the following format:\n\n`*hosted zone ID* / *edge location code*`\n\nThe edge location code is a three-letter code and an arbitrarily assigned number, for example, DFW3. The three-letter code typically corresponds with the International Air Transport Association airport code for an airport near the edge location. (These abbreviations might change in the future.) For a list of edge locations, see \"The Route 53 Global Network\" on the [Route 53 Product Details](https://docs.aws.amazon.com/route53/details/) page.\n- **Queries That Are Logged** - Query logs contain only the queries that DNS resolvers forward to Route 53. If a DNS resolver has already cached the response to a query (such as the IP address for a load balancer for example.com), the resolver will continue to return the cached response. It doesn't forward another query to Route 53 until the TTL for the corresponding resource record set expires. Depending on how many DNS queries are submitted for a resource record set, and depending on the TTL for that resource record set, query logs might contain information about only one query out of every several thousand queries that are submitted to DNS. For more information about how DNS works, see [Routing Internet Traffic to Your Website or Web Application](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/welcome-dns-service.html) in the *Amazon Route 53 Developer Guide* .\n- **Log File Format** - For a list of the values in each query log and the format of each value, see [Logging DNS Queries](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/query-logs.html) in the *Amazon Route 53 Developer Guide* .\n- **Pricing** - For information about charges for query logs, see [Amazon CloudWatch Pricing](https://docs.aws.amazon.com/cloudwatch/pricing/) .\n- **How to Stop Logging** - If you want Route 53 to stop sending query logs to CloudWatch Logs, delete the query logging configuration. For more information, see [DeleteQueryLoggingConfig](https://docs.aws.amazon.com/Route53/latest/APIReference/API_DeleteQueryLoggingConfig.html) .", + "title": "QueryLoggingConfig" }, - "Tags": { + "VPCs": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Route53::HostedZone.VPC" }, - "markdownDescription": "A list of tag instances.", - "title": "Tags", + "markdownDescription": "*Private hosted zones:* A complex type that contains information about the VPCs that are associated with the specified hosted zone.\n\n> For public hosted zones, omit `VPCs` , `VPCId` , and `VPCRegion` .", + "title": "VPCs", "type": "array" } }, - "required": [ - "SubscriptionName" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Redshift::EventSubscription" + "AWS::Route53::HostedZone" ], "type": "string" }, @@ -227990,12 +274849,76 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Redshift::ScheduledAction": { + "AWS::Route53::HostedZone.HostedZoneConfig": { + "additionalProperties": false, + "properties": { + "Comment": { + "markdownDescription": "Any comments that you want to include about the hosted zone.", + "title": "Comment", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Route53::HostedZone.HostedZoneTag": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The value of `Key` depends on the operation that you want to perform:\n\n- *Add a tag to a health check or hosted zone* : `Key` is the name that you want to give the new tag.\n- *Edit a tag* : `Key` is the name of the tag that you want to change the `Value` for.\n- *Delete a key* : `Key` is the name of the tag you want to remove.\n- *Give a name to a health check* : Edit the default `Name` tag. In the Amazon Route 53 console, the list of your health checks includes a *Name* column that lets you see the name that you've given to each health check.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of `Value` depends on the operation that you want to perform:\n\n- *Add a tag to a health check or hosted zone* : `Value` is the value that you want to give the new tag.\n- *Edit a tag* : `Value` is the new value that you want to assign the tag.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::Route53::HostedZone.QueryLoggingConfig": { + "additionalProperties": false, + "properties": { + "CloudWatchLogsLogGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the CloudWatch Logs log group that Amazon Route 53 is publishing logs to.", + "title": "CloudWatchLogsLogGroupArn", + "type": "string" + } + }, + "required": [ + "CloudWatchLogsLogGroupArn" + ], + "type": "object" + }, + "AWS::Route53::HostedZone.VPC": { + "additionalProperties": false, + "properties": { + "VPCId": { + "markdownDescription": "*Private hosted zones only:* The ID of an Amazon VPC.\n\n> For public hosted zones, omit `VPCs` , `VPCId` , and `VPCRegion` .", + "title": "VPCId", + "type": "string" + }, + "VPCRegion": { + "markdownDescription": "*Private hosted zones only:* The region that an Amazon VPC was created in.\n\n> For public hosted zones, omit `VPCs` , `VPCId` , and `VPCRegion` .", + "title": "VPCRegion", + "type": "string" + } + }, + "required": [ + "VPCId", + "VPCRegion" + ], + "type": "object" + }, + "AWS::Route53::KeySigningKey": { "additionalProperties": false, "properties": { "Condition": { @@ -228030,55 +274953,38 @@ "Properties": { "additionalProperties": false, "properties": { - "Enable": { - "markdownDescription": "If true, the schedule is enabled. If false, the scheduled action does not trigger. For more information about `state` of the scheduled action, see `ScheduledAction` .", - "title": "Enable", - "type": "boolean" - }, - "EndTime": { - "markdownDescription": "The end time in UTC when the schedule is no longer active. After this time, the scheduled action does not trigger.", - "title": "EndTime", - "type": "string" - }, - "IamRole": { - "markdownDescription": "The IAM role to assume to run the scheduled action. This IAM role must have permission to run the Amazon Redshift API operation in the scheduled action. This IAM role must allow the Amazon Redshift scheduler (Principal scheduler.redshift.amazonaws.com) to assume permissions on your behalf. For more information about the IAM role to use with the Amazon Redshift scheduler, see [Using Identity-Based Policies for Amazon Redshift](https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-iam-access-control-identity-based.html) in the *Amazon Redshift Cluster Management Guide* .", - "title": "IamRole", - "type": "string" - }, - "Schedule": { - "markdownDescription": "The schedule for a one-time (at format) or recurring (cron format) scheduled action. Schedule invocations must be separated by at least one hour.\n\nFormat of at expressions is \" `at(yyyy-mm-ddThh:mm:ss)` \". For example, \" `at(2016-03-04T17:27:00)` \".\n\nFormat of cron expressions is \" `cron(Minutes Hours Day-of-month Month Day-of-week Year)` \". For example, \" `cron(0 10 ? * MON *)` \". For more information, see [Cron Expressions](https://docs.aws.amazon.com//AmazonCloudWatch/latest/events/ScheduledEvents.html#CronExpressions) in the *Amazon CloudWatch Events User Guide* .", - "title": "Schedule", + "HostedZoneId": { + "markdownDescription": "The unique string (ID) that is used to identify a hosted zone. For example: `Z00001111A1ABCaaABC11` .", + "title": "HostedZoneId", "type": "string" }, - "ScheduledActionDescription": { - "markdownDescription": "The description of the scheduled action.", - "title": "ScheduledActionDescription", + "KeyManagementServiceArn": { + "markdownDescription": "The Amazon resource name (ARN) for a customer managed customer master key (CMK) in AWS Key Management Service ( AWS KMS ). The `KeyManagementServiceArn` must be unique for each key-signing key (KSK) in a single hosted zone. For example: `arn:aws:kms:us-east-1:111122223333:key/111a2222-a11b-1ab1-2ab2-1ab21a2b3a111` .", + "title": "KeyManagementServiceArn", "type": "string" }, - "ScheduledActionName": { - "markdownDescription": "The name of the scheduled action.", - "title": "ScheduledActionName", + "Name": { + "markdownDescription": "A string used to identify a key-signing key (KSK). `Name` can include numbers, letters, and underscores (_). `Name` must be unique for each key-signing key in the same hosted zone.", + "title": "Name", "type": "string" }, - "StartTime": { - "markdownDescription": "The start time in UTC when the schedule is active. Before this time, the scheduled action does not trigger.", - "title": "StartTime", + "Status": { + "markdownDescription": "A string that represents the current key-signing key (KSK) status.\n\nStatus can have one of the following values:\n\n- **ACTIVE** - The KSK is being used for signing.\n- **INACTIVE** - The KSK is not being used for signing.\n- **DELETING** - The KSK is in the process of being deleted.\n- **ACTION_NEEDED** - There is a problem with the KSK that requires you to take action to resolve. For example, the customer managed key might have been deleted, or the permissions for the customer managed key might have been changed.\n- **INTERNAL_FAILURE** - There was an error during a request. Before you can continue to work with DNSSEC signing, including actions that involve this KSK, you must correct the problem. For example, you may need to activate or deactivate the KSK.", + "title": "Status", "type": "string" - }, - "TargetAction": { - "$ref": "#/definitions/AWS::Redshift::ScheduledAction.ScheduledActionType", - "markdownDescription": "A JSON format string of the Amazon Redshift API operation with input parameters.\n\n\" `{\\\"ResizeCluster\\\":{\\\"NodeType\\\":\\\"ra3.4xlarge\\\",\\\"ClusterIdentifier\\\":\\\"my-test-cluster\\\",\\\"NumberOfNodes\\\":3}}` \".", - "title": "TargetAction" } }, "required": [ - "ScheduledActionName" + "HostedZoneId", + "KeyManagementServiceArn", + "Name", + "Status" ], "type": "object" }, "Type": { "enum": [ - "AWS::Redshift::ScheduledAction" + "AWS::Route53::KeySigningKey" ], "type": "string" }, @@ -228097,90 +275003,7 @@ ], "type": "object" }, - "AWS::Redshift::ScheduledAction.PauseClusterMessage": { - "additionalProperties": false, - "properties": { - "ClusterIdentifier": { - "markdownDescription": "The identifier of the cluster to be paused.", - "title": "ClusterIdentifier", - "type": "string" - } - }, - "required": [ - "ClusterIdentifier" - ], - "type": "object" - }, - "AWS::Redshift::ScheduledAction.ResizeClusterMessage": { - "additionalProperties": false, - "properties": { - "Classic": { - "markdownDescription": "A boolean value indicating whether the resize operation is using the classic resize process. If you don't provide this parameter or set the value to `false` , the resize type is elastic.", - "title": "Classic", - "type": "boolean" - }, - "ClusterIdentifier": { - "markdownDescription": "The unique identifier for the cluster to resize.", - "title": "ClusterIdentifier", - "type": "string" - }, - "ClusterType": { - "markdownDescription": "The new cluster type for the specified cluster.", - "title": "ClusterType", - "type": "string" - }, - "NodeType": { - "markdownDescription": "The new node type for the nodes you are adding. If not specified, the cluster's current node type is used.", - "title": "NodeType", - "type": "string" - }, - "NumberOfNodes": { - "markdownDescription": "The new number of nodes for the cluster. If not specified, the cluster's current number of nodes is used.", - "title": "NumberOfNodes", - "type": "number" - } - }, - "required": [ - "ClusterIdentifier" - ], - "type": "object" - }, - "AWS::Redshift::ScheduledAction.ResumeClusterMessage": { - "additionalProperties": false, - "properties": { - "ClusterIdentifier": { - "markdownDescription": "The identifier of the cluster to be resumed.", - "title": "ClusterIdentifier", - "type": "string" - } - }, - "required": [ - "ClusterIdentifier" - ], - "type": "object" - }, - "AWS::Redshift::ScheduledAction.ScheduledActionType": { - "additionalProperties": false, - "properties": { - "PauseCluster": { - "$ref": "#/definitions/AWS::Redshift::ScheduledAction.PauseClusterMessage", - "markdownDescription": "An action that runs a `PauseCluster` API operation.", - "title": "PauseCluster" - }, - "ResizeCluster": { - "$ref": "#/definitions/AWS::Redshift::ScheduledAction.ResizeClusterMessage", - "markdownDescription": "An action that runs a `ResizeCluster` API operation.", - "title": "ResizeCluster" - }, - "ResumeCluster": { - "$ref": "#/definitions/AWS::Redshift::ScheduledAction.ResumeClusterMessage", - "markdownDescription": "An action that runs a `ResumeCluster` API operation.", - "title": "ResumeCluster" - } - }, - "type": "object" - }, - "AWS::RedshiftServerless::Namespace": { + "AWS::Route53::RecordSet": { "additionalProperties": false, "properties": { "Condition": { @@ -228215,107 +275038,104 @@ "Properties": { "additionalProperties": false, "properties": { - "AdminPasswordSecretKmsKeyId": { - "markdownDescription": "The ID of the AWS Key Management Service (KMS) key used to encrypt and store the namespace's admin credentials secret. You can only use this parameter if `ManageAdminPassword` is `true` .", - "title": "AdminPasswordSecretKmsKeyId", - "type": "string" + "AliasTarget": { + "$ref": "#/definitions/AWS::Route53::RecordSet.AliasTarget", + "markdownDescription": "*Alias resource record sets only:* Information about the AWS resource, such as a CloudFront distribution or an Amazon S3 bucket, that you want to route traffic to.\n\nIf you're creating resource records sets for a private hosted zone, note the following:\n\n- You can't create an alias resource record set in a private hosted zone to route traffic to a CloudFront distribution.\n- For information about creating failover resource record sets in a private hosted zone, see [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html) in the *Amazon Route 53 Developer Guide* .", + "title": "AliasTarget" }, - "AdminUserPassword": { - "markdownDescription": "The password of the administrator for the primary database created in the namespace.", - "title": "AdminUserPassword", + "CidrRoutingConfig": { + "$ref": "#/definitions/AWS::Route53::RecordSet.CidrRoutingConfig", + "markdownDescription": "The object that is specified in resource record set object when you are linking a resource record set to a CIDR location.\n\nA `LocationName` with an asterisk \u201c*\u201d can be used to create a default CIDR record. `CollectionId` is still required for default record.", + "title": "CidrRoutingConfig" + }, + "Comment": { + "markdownDescription": "*Optional:* Any comments you want to include about a change batch request.", + "title": "Comment", "type": "string" }, - "AdminUsername": { - "markdownDescription": "The username of the administrator for the primary database created in the namespace.", - "title": "AdminUsername", + "Failover": { + "markdownDescription": "*Failover resource record sets only:* To configure failover, you add the `Failover` element to two resource record sets. For one resource record set, you specify `PRIMARY` as the value for `Failover` ; for the other resource record set, you specify `SECONDARY` . In addition, you include the `HealthCheckId` element and specify the health check that you want Amazon Route 53 to perform for each resource record set.\n\nExcept where noted, the following failover behaviors assume that you have included the `HealthCheckId` element in both resource record sets:\n\n- When the primary resource record set is healthy, Route 53 responds to DNS queries with the applicable value from the primary resource record set regardless of the health of the secondary resource record set.\n- When the primary resource record set is unhealthy and the secondary resource record set is healthy, Route 53 responds to DNS queries with the applicable value from the secondary resource record set.\n- When the secondary resource record set is unhealthy, Route 53 responds to DNS queries with the applicable value from the primary resource record set regardless of the health of the primary resource record set.\n- If you omit the `HealthCheckId` element for the secondary resource record set, and if the primary resource record set is unhealthy, Route 53 always responds to DNS queries with the applicable value from the secondary resource record set. This is true regardless of the health of the associated endpoint.\n\nYou can't create non-failover resource record sets that have the same values for the `Name` and `Type` elements as failover resource record sets.\n\nFor failover alias resource record sets, you must also include the `EvaluateTargetHealth` element and set the value to true.\n\nFor more information about configuring failover for Route 53, see the following topics in the *Amazon Route 53 Developer Guide* :\n\n- [Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html)\n- [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html)", + "title": "Failover", "type": "string" }, - "DbName": { - "markdownDescription": "The name of the primary database created in the namespace.", - "title": "DbName", + "GeoLocation": { + "$ref": "#/definitions/AWS::Route53::RecordSet.GeoLocation", + "markdownDescription": "*Geolocation resource record sets only:* A complex type that lets you control how Amazon Route 53 responds to DNS queries based on the geographic origin of the query. For example, if you want all queries from Africa to be routed to a web server with an IP address of `192.0.2.111` , create a resource record set with a `Type` of `A` and a `ContinentCode` of `AF` .\n\nIf you create separate resource record sets for overlapping geographic regions (for example, one resource record set for a continent and one for a country on the same continent), priority goes to the smallest geographic region. This allows you to route most queries for a continent to one resource and to route queries for a country on that continent to a different resource.\n\nYou can't create two geolocation resource record sets that specify the same geographic location.\n\nThe value `*` in the `CountryCode` element matches all geographic locations that aren't specified in other geolocation resource record sets that have the same values for the `Name` and `Type` elements.\n\n> Geolocation works by mapping IP addresses to locations. However, some IP addresses aren't mapped to geographic locations, so even if you create geolocation resource record sets that cover all seven continents, Route 53 will receive some DNS queries from locations that it can't identify. We recommend that you create a resource record set for which the value of `CountryCode` is `*` . Two groups of queries are routed to the resource that you specify in this record: queries that come from locations for which you haven't created geolocation resource record sets and queries from IP addresses that aren't mapped to a location. If you don't create a `*` resource record set, Route 53 returns a \"no answer\" response for queries from those locations. \n\nYou can't create non-geolocation resource record sets that have the same values for the `Name` and `Type` elements as geolocation resource record sets.", + "title": "GeoLocation" + }, + "GeoProximityLocation": { + "$ref": "#/definitions/AWS::Route53::RecordSet.GeoProximityLocation", + "markdownDescription": "*GeoproximityLocation resource record sets only:* A complex type that lets you control how Route\u00a053 responds to DNS queries based on the geographic origin of the query and your resources.", + "title": "GeoProximityLocation" + }, + "HealthCheckId": { + "markdownDescription": "If you want Amazon Route 53 to return this resource record set in response to a DNS query only when the status of a health check is healthy, include the `HealthCheckId` element and specify the ID of the applicable health check.\n\nRoute 53 determines whether a resource record set is healthy based on one of the following:\n\n- By periodically sending a request to the endpoint that is specified in the health check\n- By aggregating the status of a specified group of health checks (calculated health checks)\n- By determining the current state of a CloudWatch alarm (CloudWatch metric health checks)\n\n> Route 53 doesn't check the health of the endpoint that is specified in the resource record set, for example, the endpoint specified by the IP address in the `Value` element. When you add a `HealthCheckId` element to a resource record set, Route 53 checks the health of the endpoint that you specified in the health check. \n\nFor more information, see the following topics in the *Amazon Route 53 Developer Guide* :\n\n- [How Amazon Route 53 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html)\n- [Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html)\n- [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html)\n\n*When to Specify HealthCheckId*\n\nSpecifying a value for `HealthCheckId` is useful only when Route 53 is choosing between two or more resource record sets to respond to a DNS query, and you want Route 53 to base the choice in part on the status of a health check. Configuring health checks makes sense only in the following configurations:\n\n- *Non-alias resource record sets* : You're checking the health of a group of non-alias resource record sets that have the same routing policy, name, and type (such as multiple weighted records named www.example.com with a type of A) and you specify health check IDs for all the resource record sets.\n\nIf the health check status for a resource record set is healthy, Route 53 includes the record among the records that it responds to DNS queries with.\n\nIf the health check status for a resource record set is unhealthy, Route 53 stops responding to DNS queries using the value for that resource record set.\n\nIf the health check status for all resource record sets in the group is unhealthy, Route 53 considers all resource record sets in the group healthy and responds to DNS queries accordingly.\n- *Alias resource record sets* : You specify the following settings:\n\n- You set `EvaluateTargetHealth` to true for an alias resource record set in a group of resource record sets that have the same routing policy, name, and type (such as multiple weighted records named www.example.com with a type of A).\n- You configure the alias resource record set to route traffic to a non-alias resource record set in the same hosted zone.\n- You specify a health check ID for the non-alias resource record set.\n\nIf the health check status is healthy, Route 53 considers the alias resource record set to be healthy and includes the alias record among the records that it responds to DNS queries with.\n\nIf the health check status is unhealthy, Route 53 stops responding to DNS queries using the alias resource record set.\n\n> The alias resource record set can also route traffic to a *group* of non-alias resource record sets that have the same routing policy, name, and type. In that configuration, associate health checks with all of the resource record sets in the group of non-alias resource record sets.\n\n*Geolocation Routing*\n\nFor geolocation resource record sets, if an endpoint is unhealthy, Route 53 looks for a resource record set for the larger, associated geographic region. For example, suppose you have resource record sets for a state in the United States, for the entire United States, for North America, and a resource record set that has `*` for `CountryCode` is `*` , which applies to all locations. If the endpoint for the state resource record set is unhealthy, Route 53 checks for healthy resource record sets in the following order until it finds a resource record set for which the endpoint is healthy:\n\n- The United States\n- North America\n- The default resource record set\n\n*Specifying the Health Check Endpoint by Domain Name*\n\nIf your health checks specify the endpoint only by domain name, we recommend that you create a separate health check for each endpoint. For example, create a health check for each `HTTP` server that is serving content for `www.example.com` . For the value of `FullyQualifiedDomainName` , specify the domain name of the server (such as `us-east-2-www.example.com` ), not the name of the resource record sets ( `www.example.com` ).\n\n> Health check results will be unpredictable if you do the following:\n> \n> - Create a health check that has the same value for `FullyQualifiedDomainName` as the name of a resource record set.\n> - Associate that health check with the resource record set.", + "title": "HealthCheckId", "type": "string" }, - "DefaultIamRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to set as a default in the namespace.", - "title": "DefaultIamRoleArn", + "HostedZoneId": { + "markdownDescription": "The ID of the hosted zone that you want to create records in.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", + "title": "HostedZoneId", "type": "string" }, - "FinalSnapshotName": { - "markdownDescription": "The name of the snapshot to be created before the namespace is deleted.", - "title": "FinalSnapshotName", + "HostedZoneName": { + "markdownDescription": "The name of the hosted zone that you want to create records in. You must include a trailing dot (for example, `www.example.com.` ) as part of the `HostedZoneName` .\n\nWhen you create a stack using an AWS::Route53::RecordSet that specifies `HostedZoneName` , AWS CloudFormation attempts to find a hosted zone whose name matches the HostedZoneName. If AWS CloudFormation cannot find a hosted zone with a matching domain name, or if there is more than one hosted zone with the specified domain name, AWS CloudFormation will not create the stack.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", + "title": "HostedZoneName", "type": "string" }, - "FinalSnapshotRetentionPeriod": { - "markdownDescription": "How long to retain the final snapshot.", - "title": "FinalSnapshotRetentionPeriod", - "type": "number" + "MultiValueAnswer": { + "markdownDescription": "*Multivalue answer resource record sets only* : To route traffic approximately randomly to multiple resources, such as web servers, create one multivalue answer record for each resource and specify `true` for `MultiValueAnswer` . Note the following:\n\n- If you associate a health check with a multivalue answer resource record set, Amazon Route 53 responds to DNS queries with the corresponding IP address only when the health check is healthy.\n- If you don't associate a health check with a multivalue answer record, Route 53 always considers the record to be healthy.\n- Route 53 responds to DNS queries with up to eight healthy records; if you have eight or fewer healthy records, Route 53 responds to all DNS queries with all the healthy records.\n- If you have more than eight healthy records, Route 53 responds to different DNS resolvers with different combinations of healthy records.\n- When all records are unhealthy, Route 53 responds to DNS queries with up to eight unhealthy records.\n- If a resource becomes unavailable after a resolver caches a response, client software typically tries another of the IP addresses in the response.\n\nYou can't create multivalue answer alias records.", + "title": "MultiValueAnswer", + "type": "boolean" }, - "IamRoles": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of IAM roles to associate with the namespace.", - "title": "IamRoles", - "type": "array" + "Name": { + "markdownDescription": "For `ChangeResourceRecordSets` requests, the name of the record that you want to create, update, or delete. For `ListResourceRecordSets` responses, the name of a record in the specified hosted zone.\n\n*ChangeResourceRecordSets Only*\n\nEnter a fully qualified domain name, for example, `www.example.com` . You can optionally include a trailing dot. If you omit the trailing dot, Amazon Route 53 assumes that the domain name that you specify is fully qualified. This means that Route 53 treats `www.example.com` (without a trailing dot) and `www.example.com.` (with a trailing dot) as identical.\n\nFor information about how to specify characters other than `a-z` , `0-9` , and `-` (hyphen) and how to specify internationalized domain names, see [DNS Domain Name Format](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/DomainNameFormat.html) in the *Amazon Route 53 Developer Guide* .\n\nYou can use the asterisk (*) wildcard to replace the leftmost label in a domain name, for example, `*.example.com` . Note the following:\n\n- The * must replace the entire label. For example, you can't specify `*prod.example.com` or `prod*.example.com` .\n- The * can't replace any of the middle labels, for example, marketing.*.example.com.\n- If you include * in any position other than the leftmost label in a domain name, DNS treats it as an * character (ASCII 42), not as a wildcard.\n\n> You can't use the * wildcard for resource records sets that have a type of NS.", + "title": "Name", + "type": "string" }, - "KmsKeyId": { - "markdownDescription": "The ID of the AWS Key Management Service key used to encrypt your data.", - "title": "KmsKeyId", + "Region": { + "markdownDescription": "*Latency-based resource record sets only:* The Amazon EC2 Region where you created the resource that this resource record set refers to. The resource typically is an AWS resource, such as an EC2 instance or an ELB load balancer, and is referred to by an IP address or a DNS domain name, depending on the record type.\n\nWhen Amazon Route 53 receives a DNS query for a domain name and type for which you have created latency resource record sets, Route 53 selects the latency resource record set that has the lowest latency between the end user and the associated Amazon EC2 Region. Route 53 then returns the value that is associated with the selected resource record set.\n\nNote the following:\n\n- You can only specify one `ResourceRecord` per latency resource record set.\n- You can only create one latency resource record set for each Amazon EC2 Region.\n- You aren't required to create latency resource record sets for all Amazon EC2 Regions. Route 53 will choose the region with the best latency from among the regions that you create latency resource record sets for.\n- You can't create non-latency resource record sets that have the same values for the `Name` and `Type` elements as latency resource record sets.", + "title": "Region", "type": "string" }, - "LogExports": { + "ResourceRecords": { "items": { "type": "string" }, - "markdownDescription": "The types of logs the namespace can export. Available export types are `userlog` , `connectionlog` , and `useractivitylog` .", - "title": "LogExports", + "markdownDescription": "One or more values that correspond with the value that you specified for the `Type` property. For example, if you specified `A` for `Type` , you specify one or more IP addresses in IPv4 format for `ResourceRecords` . For information about the format of values for each record type, see [Supported DNS Resource Record Types](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ResourceRecordTypes.html) in the *Amazon Route 53 Developer Guide* .\n\nNote the following:\n\n- You can specify more than one value for all record types except CNAME and SOA.\n- The maximum length of a value is 4000 characters.\n- If you're creating an alias record, omit `ResourceRecords` .", + "title": "ResourceRecords", "type": "array" }, - "ManageAdminPassword": { - "markdownDescription": "If true, Amazon Redshift uses AWS Secrets Manager to manage the namespace's admin credentials. You can't use `AdminUserPassword` if `ManageAdminPassword` is true. If `ManageAdminPassword` is `false` or not set, Amazon Redshift uses `AdminUserPassword` for the admin user account's password.", - "title": "ManageAdminPassword", - "type": "boolean" - }, - "NamespaceName": { - "markdownDescription": "The name of the namespace. Must be between 3-64 alphanumeric characters in lowercase, and it cannot be a reserved word. A list of reserved words can be found in [Reserved Words](https://docs.aws.amazon.com//redshift/latest/dg/r_pg_keywords.html) in the Amazon Redshift Database Developer Guide.", - "title": "NamespaceName", + "SetIdentifier": { + "markdownDescription": "*Resource record sets that have a routing policy other than simple:* An identifier that differentiates among multiple resource record sets that have the same combination of name and type, such as multiple weighted resource record sets named acme.example.com that have a type of A. In a group of resource record sets that have the same name and type, the value of `SetIdentifier` must be unique for each resource record set.\n\nFor information about routing policies, see [Choosing a Routing Policy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html) in the *Amazon Route 53 Developer Guide* .", + "title": "SetIdentifier", "type": "string" }, - "NamespaceResourcePolicy": { - "markdownDescription": "The resource policy that will be attached to the namespace.", - "title": "NamespaceResourcePolicy", - "type": "object" - }, - "RedshiftIdcApplicationArn": { - "markdownDescription": "The ARN for the Redshift application that integrates with IAM Identity Center.", - "title": "RedshiftIdcApplicationArn", + "TTL": { + "markdownDescription": "The resource record cache time to live (TTL), in seconds. Note the following:\n\n- If you're creating or updating an alias resource record set, omit `TTL` . Amazon Route 53 uses the value of `TTL` for the alias target.\n- If you're associating this resource record set with a health check (if you're adding a `HealthCheckId` element), we recommend that you specify a `TTL` of 60 seconds or less so clients respond quickly to changes in health status.\n- All of the resource record sets in a group of weighted resource record sets must have the same value for `TTL` .\n- If a group of weighted resource record sets includes one or more weighted alias resource record sets for which the alias target is an ELB load balancer, we recommend that you specify a `TTL` of 60 seconds for all of the non-alias weighted resource record sets that have the same name and type. Values other than 60 seconds (the TTL for load balancers) will change the effect of the values that you specify for `Weight` .", + "title": "TTL", "type": "string" }, - "SnapshotCopyConfigurations": { - "items": { - "$ref": "#/definitions/AWS::RedshiftServerless::Namespace.SnapshotCopyConfiguration" - }, - "markdownDescription": "", - "title": "SnapshotCopyConfigurations", - "type": "array" + "Type": { + "markdownDescription": "The DNS record type. For information about different record types and how data is encoded for them, see [Supported DNS Resource Record Types](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ResourceRecordTypes.html) in the *Amazon Route 53 Developer Guide* .\n\nValid values for basic resource record sets: `A` | `AAAA` | `CAA` | `CNAME` | `DS` | `MX` | `NAPTR` | `NS` | `PTR` | `SOA` | `SPF` | `SRV` | `TXT` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS`\n\nValues for weighted, latency, geolocation, and failover resource record sets: `A` | `AAAA` | `CAA` | `CNAME` | `MX` | `NAPTR` | `PTR` | `SPF` | `SRV` | `TXT` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS` . When creating a group of weighted, latency, geolocation, or failover resource record sets, specify the same value for all of the resource record sets in the group.\n\nValid values for multivalue answer resource record sets: `A` | `AAAA` | `MX` | `NAPTR` | `PTR` | `SPF` | `SRV` | `TXT` | `CAA` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS`\n\n> SPF records were formerly used to verify the identity of the sender of email messages. However, we no longer recommend that you create resource record sets for which the value of `Type` is `SPF` . RFC 7208, *Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1* , has been updated to say, \"...[I]ts existence and mechanism defined in [RFC4408] have led to some interoperability issues. Accordingly, its use is no longer appropriate for SPF version 1; implementations are not to use it.\" In RFC 7208, see section 14.1, [The SPF DNS Record Type](https://docs.aws.amazon.com/http://tools.ietf.org/html/rfc7208#section-14.1) . \n\nValues for alias resource record sets:\n\n- *Amazon API Gateway custom regional APIs and edge-optimized APIs:* `A`\n- *CloudFront distributions:* `A`\n\nIf IPv6 is enabled for the distribution, create two resource record sets to route traffic to your distribution, one with a value of `A` and one with a value of `AAAA` .\n- *Amazon API Gateway environment that has a regionalized subdomain* : `A`\n- *ELB load balancers:* `A` | `AAAA`\n- *Amazon S3 buckets:* `A`\n- *Amazon Virtual Private Cloud interface VPC endpoints* `A`\n- *Another resource record set in this hosted zone:* Specify the type of the resource record set that you're creating the alias for. All values are supported except `NS` and `SOA` .\n\n> If you're creating an alias record that has the same name as the hosted zone (known as the zone apex), you can't route traffic to a record for which the value of `Type` is `CNAME` . This is because the alias record must have the same type as the record you're routing traffic to, and creating a CNAME record for the zone apex isn't supported even for an alias record.", + "title": "Type", + "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The map of the key-value pairs used to tag the namespace.", - "title": "Tags", - "type": "array" + "Weight": { + "markdownDescription": "*Weighted resource record sets only:* Among resource record sets that have the same combination of DNS name and type, a value that determines the proportion of DNS queries that Amazon Route 53 responds to using the current resource record set. Route 53 calculates the sum of the weights for the resource record sets that have the same combination of DNS name and type. Route 53 then responds to queries based on the ratio of a resource's weight to the total. Note the following:\n\n- You must specify a value for the `Weight` element for every weighted resource record set.\n- You can only specify one `ResourceRecord` per weighted resource record set.\n- You can't create latency, failover, or geolocation resource record sets that have the same values for the `Name` and `Type` elements as weighted resource record sets.\n- You can create a maximum of 100 weighted resource record sets that have the same values for the `Name` and `Type` elements.\n- For weighted (but not weighted alias) resource record sets, if you set `Weight` to `0` for a resource record set, Route 53 never responds to queries with the applicable value for that resource record set. However, if you set `Weight` to `0` for all resource record sets that have the same combination of DNS name and type, traffic is routed to all resources with equal probability.\n\nThe effect of setting `Weight` to `0` is different when you associate health checks with weighted resource record sets. For more information, see [Options for Configuring Route 53 Active-Active and Active-Passive Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-configuring-options.html) in the *Amazon Route 53 Developer Guide* .", + "title": "Weight", + "type": "number" } }, "required": [ - "NamespaceName" + "Name", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::RedshiftServerless::Namespace" + "AWS::Route53::RecordSet" ], "type": "string" }, @@ -228334,108 +275154,119 @@ ], "type": "object" }, - "AWS::RedshiftServerless::Namespace.Namespace": { + "AWS::Route53::RecordSet.AliasTarget": { "additionalProperties": false, "properties": { - "AdminPasswordSecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the namespace's admin user credentials secret.", - "title": "AdminPasswordSecretArn", - "type": "string" - }, - "AdminPasswordSecretKmsKeyId": { - "markdownDescription": "The ID of the AWS Key Management Service (KMS) key used to encrypt and store the namespace's admin credentials secret.", - "title": "AdminPasswordSecretKmsKeyId", + "DNSName": { + "markdownDescription": "*Alias records only:* The value that you specify depends on where you want to route queries:\n\n- **Amazon API Gateway custom regional APIs and edge-optimized APIs** - Specify the applicable domain name for your API. You can get the applicable value using the AWS CLI command [get-domain-names](https://docs.aws.amazon.com/cli/latest/reference/apigateway/get-domain-names.html) :\n\n- For regional APIs, specify the value of `regionalDomainName` .\n- For edge-optimized APIs, specify the value of `distributionDomainName` . This is the name of the associated CloudFront distribution, such as `da1b2c3d4e5.cloudfront.net` .\n\n> The name of the record that you're creating must match a custom domain name for your API, such as `api.example.com` .\n- **Amazon Virtual Private Cloud interface VPC endpoint** - Enter the API endpoint for the interface endpoint, such as `vpce-123456789abcdef01-example-us-east-1a.elasticloadbalancing.us-east-1.vpce.amazonaws.com` . For edge-optimized APIs, this is the domain name for the corresponding CloudFront distribution. You can get the value of `DnsName` using the AWS CLI command [describe-vpc-endpoints](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-vpc-endpoints.html) .\n- **CloudFront distribution** - Specify the domain name that CloudFront assigned when you created your distribution.\n\nYour CloudFront distribution must include an alternate domain name that matches the name of the record. For example, if the name of the record is *acme.example.com* , your CloudFront distribution must include *acme.example.com* as one of the alternate domain names. For more information, see [Using Alternate Domain Names (CNAMEs)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/CNAMEs.html) in the *Amazon CloudFront Developer Guide* .\n\nYou can't create a record in a private hosted zone to route traffic to a CloudFront distribution.\n\n> For failover alias records, you can't specify a CloudFront distribution for both the primary and secondary records. A distribution must include an alternate domain name that matches the name of the record. However, the primary and secondary records have the same name, and you can't include the same alternate domain name in more than one distribution.\n- **Elastic Beanstalk environment** - If the domain name for your Elastic Beanstalk environment includes the region that you deployed the environment in, you can create an alias record that routes traffic to the environment. For example, the domain name `my-environment. *us-west-2* .elasticbeanstalk.com` is a regionalized domain name.\n\n> For environments that were created before early 2016, the domain name doesn't include the region. To route traffic to these environments, you must create a CNAME record instead of an alias record. Note that you can't create a CNAME record for the root domain name. For example, if your domain name is example.com, you can create a record that routes traffic for acme.example.com to your Elastic Beanstalk environment, but you can't create a record that routes traffic for example.com to your Elastic Beanstalk environment. \n\nFor Elastic Beanstalk environments that have regionalized subdomains, specify the `CNAME` attribute for the environment. You can use the following methods to get the value of the CNAME attribute:\n\n- *AWS Management Console* : For information about how to get the value by using the console, see [Using Custom Domains with AWS Elastic Beanstalk](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/customdomains.html) in the *AWS Elastic Beanstalk Developer Guide* .\n- *Elastic Beanstalk API* : Use the `DescribeEnvironments` action to get the value of the `CNAME` attribute. For more information, see [DescribeEnvironments](https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DescribeEnvironments.html) in the *AWS Elastic Beanstalk API Reference* .\n- *AWS CLI* : Use the `describe-environments` command to get the value of the `CNAME` attribute. For more information, see [describe-environments](https://docs.aws.amazon.com/cli/latest/reference/elasticbeanstalk/describe-environments.html) in the *AWS CLI* .\n- **ELB load balancer** - Specify the DNS name that is associated with the load balancer. Get the DNS name by using the AWS Management Console , the ELB API, or the AWS CLI .\n\n- *AWS Management Console* : Go to the EC2 page, choose *Load Balancers* in the navigation pane, choose the load balancer, choose the *Description* tab, and get the value of the *DNS name* field.\n\nIf you're routing traffic to a Classic Load Balancer, get the value that begins with *dualstack* . If you're routing traffic to another type of load balancer, get the value that applies to the record type, A or AAAA.\n- *Elastic Load Balancing API* : Use `DescribeLoadBalancers` to get the value of `DNSName` . For more information, see the applicable guide:\n\n- Classic Load Balancers: [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DescribeLoadBalancers.html)\n- Application and Network Load Balancers: [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html)\n- *CloudFormation Fn::GetAtt intrinsic function* : Use the [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-getatt.html) intrinsic function to get the value of `DNSName` :\n\n- [Classic Load Balancers](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html#aws-properties-ec2-elb-return-values) .\n- [Application and Network Load Balancers](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#aws-resource-elasticloadbalancingv2-loadbalancer-return-values) .\n- *AWS CLI* : Use `describe-load-balancers` to get the value of `DNSName` . For more information, see the applicable guide:\n\n- Classic Load Balancers: [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elb/describe-load-balancers.html)\n- Application and Network Load Balancers: [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elbv2/describe-load-balancers.html)\n- **Global Accelerator accelerator** - Specify the DNS name for your accelerator:\n\n- *Global Accelerator API* : To get the DNS name, use [DescribeAccelerator](https://docs.aws.amazon.com/global-accelerator/latest/api/API_DescribeAccelerator.html) .\n- *AWS CLI* : To get the DNS name, use [describe-accelerator](https://docs.aws.amazon.com/cli/latest/reference/globalaccelerator/describe-accelerator.html) .\n- **Amazon S3 bucket that is configured as a static website** - Specify the domain name of the Amazon S3 website endpoint that you created the bucket in, for example, `s3-website.us-east-2.amazonaws.com` . For more information about valid values, see the table [Amazon S3 Website Endpoints](https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_website_region_endpoints) in the *Amazon Web Services General Reference* . For more information about using S3 buckets for websites, see [Getting Started with Amazon Route 53](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/getting-started.html) in the *Amazon Route 53 Developer Guide.*\n- **Another Route 53 record** - Specify the value of the `Name` element for a record in the current hosted zone.\n\n> If you're creating an alias record that has the same name as the hosted zone (known as the zone apex), you can't specify the domain name for a record for which the value of `Type` is `CNAME` . This is because the alias record must have the same type as the record that you're routing traffic to, and creating a CNAME record for the zone apex isn't supported even for an alias record.", + "title": "DNSName", "type": "string" }, - "AdminUsername": { - "markdownDescription": "The username of the administrator for the first database created in the namespace.", - "title": "AdminUsername", - "type": "string" + "EvaluateTargetHealth": { + "markdownDescription": "*Applies only to alias, failover alias, geolocation alias, latency alias, and weighted alias resource record sets:* When `EvaluateTargetHealth` is `true` , an alias resource record set inherits the health of the referenced AWS resource, such as an ELB load balancer or another resource record set in the hosted zone.\n\nNote the following:\n\n- **CloudFront distributions** - You can't set `EvaluateTargetHealth` to `true` when the alias target is a CloudFront distribution.\n- **Elastic Beanstalk environments that have regionalized subdomains** - If you specify an Elastic Beanstalk environment in `DNSName` and the environment contains an ELB load balancer, Elastic Load Balancing routes queries only to the healthy Amazon EC2 instances that are registered with the load balancer. (An environment automatically contains an ELB load balancer if it includes more than one Amazon EC2 instance.) If you set `EvaluateTargetHealth` to `true` and either no Amazon EC2 instances are healthy or the load balancer itself is unhealthy, Route 53 routes queries to other available resources that are healthy, if any.\n\nIf the environment contains a single Amazon EC2 instance, there are no special requirements.\n- **ELB load balancers** - Health checking behavior depends on the type of load balancer:\n\n- *Classic Load Balancers* : If you specify an ELB Classic Load Balancer in `DNSName` , Elastic Load Balancing routes queries only to the healthy Amazon EC2 instances that are registered with the load balancer. If you set `EvaluateTargetHealth` to `true` and either no EC2 instances are healthy or the load balancer itself is unhealthy, Route 53 routes queries to other resources.\n- *Application and Network Load Balancers* : If you specify an ELB Application or Network Load Balancer and you set `EvaluateTargetHealth` to `true` , Route 53 routes queries to the load balancer based on the health of the target groups that are associated with the load balancer:\n\n- For an Application or Network Load Balancer to be considered healthy, every target group that contains targets must contain at least one healthy target. If any target group contains only unhealthy targets, the load balancer is considered unhealthy, and Route 53 routes queries to other resources.\n- A target group that has no registered targets is considered unhealthy.\n\n> When you create a load balancer, you configure settings for Elastic Load Balancing health checks; they're not Route 53 health checks, but they perform a similar function. Do not create Route 53 health checks for the EC2 instances that you register with an ELB load balancer.\n- **S3 buckets** - There are no special requirements for setting `EvaluateTargetHealth` to `true` when the alias target is an S3 bucket.\n- **Other records in the same hosted zone** - If the AWS resource that you specify in `DNSName` is a record or a group of records (for example, a group of weighted records) but is not another alias record, we recommend that you associate a health check with all of the records in the alias target. For more information, see [What Happens When You Omit Health Checks?](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-complex-configs.html#dns-failover-complex-configs-hc-omitting) in the *Amazon Route 53 Developer Guide* .\n\nFor more information and examples, see [Amazon Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html) in the *Amazon Route 53 Developer Guide* .", + "title": "EvaluateTargetHealth", + "type": "boolean" }, - "CreationDate": { - "markdownDescription": "The date of when the namespace was created.", - "title": "CreationDate", + "HostedZoneId": { + "markdownDescription": "*Alias resource records sets only* : The value used depends on where you want to route traffic:\n\n- **Amazon API Gateway custom regional APIs and edge-optimized APIs** - Specify the hosted zone ID for your API. You can get the applicable value using the AWS CLI command [get-domain-names](https://docs.aws.amazon.com/cli/latest/reference/apigateway/get-domain-names.html) :\n\n- For regional APIs, specify the value of `regionalHostedZoneId` .\n- For edge-optimized APIs, specify the value of `distributionHostedZoneId` .\n- **Amazon Virtual Private Cloud interface VPC endpoint** - Specify the hosted zone ID for your interface endpoint. You can get the value of `HostedZoneId` using the AWS CLI command [describe-vpc-endpoints](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-vpc-endpoints.html) .\n- **CloudFront distribution** - Specify `Z2FDTNDATAQYW2` . This is always the hosted zone ID when you create an alias record that routes traffic to a CloudFront distribution.\n\n> Alias records for CloudFront can't be created in a private zone.\n- **Elastic Beanstalk environment** - Specify the hosted zone ID for the region that you created the environment in. The environment must have a regionalized subdomain. For a list of regions and the corresponding hosted zone IDs, see [AWS Elastic Beanstalk endpoints and quotas](https://docs.aws.amazon.com/general/latest/gr/elasticbeanstalk.html) in the *Amazon Web Services General Reference* .\n- **ELB load balancer** - Specify the value of the hosted zone ID for the load balancer. Use the following methods to get the hosted zone ID:\n\n- [Service Endpoints](https://docs.aws.amazon.com/general/latest/gr/elb.html) table in the \"Elastic Load Balancing Endpoints and Quotas\" topic in the *Amazon Web Services General Reference* : Use the value that corresponds with the region that you created your load balancer in. Note that there are separate columns for Application and Classic Load Balancers and for Network Load Balancers.\n- *AWS Management Console* : Go to the Amazon EC2 page, choose *Load Balancers* in the navigation pane, select the load balancer, and get the value of the *Hosted zone* field on the *Description* tab.\n- *Elastic Load Balancing API* : Use `DescribeLoadBalancers` to get the applicable value. For more information, see the applicable guide:\n\n- Classic Load Balancers: Use [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DescribeLoadBalancers.html) to get the value of `CanonicalHostedZoneNameID` .\n- Application and Network Load Balancers: Use [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html) to get the value of `CanonicalHostedZoneID` .\n- *CloudFormation Fn::GetAtt intrinsic function* : Use the [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-getatt.html) intrinsic function to get the applicable value:\n\n- Classic Load Balancers: Get [CanonicalHostedZoneNameID](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html#aws-properties-ec2-elb-return-values) .\n- Application and Network Load Balancers: Get [CanonicalHostedZoneID](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#aws-resource-elasticloadbalancingv2-loadbalancer-return-values) .\n- *AWS CLI* : Use `describe-load-balancers` to get the applicable value. For more information, see the applicable guide:\n\n- Classic Load Balancers: Use [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elb/describe-load-balancers.html) to get the value of `CanonicalHostedZoneNameID` .\n- Application and Network Load Balancers: Use [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elbv2/describe-load-balancers.html) to get the value of `CanonicalHostedZoneID` .\n- **Global Accelerator accelerator** - Specify `Z2BJ6XQ5FK7U4H` .\n- **An Amazon S3 bucket configured as a static website** - Specify the hosted zone ID for the region that you created the bucket in. For more information about valid values, see the table [Amazon S3 Website Endpoints](https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_website_region_endpoints) in the *Amazon Web Services General Reference* .\n- **Another Route 53 record in your hosted zone** - Specify the hosted zone ID of your hosted zone. (An alias record can't reference a record in a different hosted zone.)", + "title": "HostedZoneId", "type": "string" - }, - "DbName": { - "markdownDescription": "The name of the first database created in the namespace.", - "title": "DbName", + } + }, + "required": [ + "DNSName", + "HostedZoneId" + ], + "type": "object" + }, + "AWS::Route53::RecordSet.CidrRoutingConfig": { + "additionalProperties": false, + "properties": { + "CollectionId": { + "markdownDescription": "The CIDR collection ID.", + "title": "CollectionId", "type": "string" }, - "DefaultIamRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to set as a default in the namespace.", - "title": "DefaultIamRoleArn", + "LocationName": { + "markdownDescription": "The CIDR collection location name.", + "title": "LocationName", "type": "string" - }, - "IamRoles": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of IAM roles to associate with the namespace.", - "title": "IamRoles", - "type": "array" - }, - "KmsKeyId": { - "markdownDescription": "The ID of the AWS Key Management Service key used to encrypt your data.", - "title": "KmsKeyId", + } + }, + "required": [ + "CollectionId", + "LocationName" + ], + "type": "object" + }, + "AWS::Route53::RecordSet.Coordinates": { + "additionalProperties": false, + "properties": { + "Latitude": { + "markdownDescription": "Specifies a coordinate of the north\u2013south position of a geographic point on the surface of the Earth (-90 - 90).", + "title": "Latitude", "type": "string" }, - "LogExports": { - "items": { - "type": "string" - }, - "markdownDescription": "The types of logs the namespace can export. Available export types are User log, Connection log, and User activity log.", - "title": "LogExports", - "type": "array" - }, - "NamespaceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) associated with a namespace.", - "title": "NamespaceArn", + "Longitude": { + "markdownDescription": "Specifies a coordinate of the east\u2013west position of a geographic point on the surface of the Earth (-180 - 180).", + "title": "Longitude", "type": "string" - }, - "NamespaceId": { - "markdownDescription": "The unique identifier of a namespace.", - "title": "NamespaceId", + } + }, + "required": [ + "Latitude", + "Longitude" + ], + "type": "object" + }, + "AWS::Route53::RecordSet.GeoLocation": { + "additionalProperties": false, + "properties": { + "ContinentCode": { + "markdownDescription": "For geolocation resource record sets, a two-letter abbreviation that identifies a continent. Route 53 supports the following continent codes:\n\n- *AF* : Africa\n- *AN* : Antarctica\n- *AS* : Asia\n- *EU* : Europe\n- *OC* : Oceania\n- *NA* : North America\n- *SA* : South America\n\nConstraint: Specifying `ContinentCode` with either `CountryCode` or `SubdivisionCode` returns an `InvalidInput` error.", + "title": "ContinentCode", "type": "string" }, - "NamespaceName": { - "markdownDescription": "The name of the namespace. Must be between 3-64 alphanumeric characters in lowercase, and it cannot be a reserved word. A list of reserved words can be found in [Reserved Words](https://docs.aws.amazon.com//redshift/latest/dg/r_pg_keywords.html) in the Amazon Redshift Database Developer Guide.", - "title": "NamespaceName", + "CountryCode": { + "markdownDescription": "For geolocation resource record sets, the two-letter code for a country.\n\nRoute 53 uses the two-letter country codes that are specified in [ISO standard 3166-1 alpha-2](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2) .", + "title": "CountryCode", "type": "string" }, - "Status": { - "markdownDescription": "The status of the namespace.", - "title": "Status", + "SubdivisionCode": { + "markdownDescription": "For geolocation resource record sets, the two-letter code for a state of the United States. Route 53 doesn't support any other values for `SubdivisionCode` . For a list of state abbreviations, see [Appendix B: Two\u2013Letter State and Possession Abbreviations](https://docs.aws.amazon.com/https://pe.usps.com/text/pub28/28apb.htm) on the United States Postal Service website.\n\nIf you specify `subdivisioncode` , you must also specify `US` for `CountryCode` .", + "title": "SubdivisionCode", "type": "string" } }, "type": "object" }, - "AWS::RedshiftServerless::Namespace.SnapshotCopyConfiguration": { + "AWS::Route53::RecordSet.GeoProximityLocation": { "additionalProperties": false, "properties": { - "DestinationKmsKeyId": { - "markdownDescription": "The ID of the KMS key to use to encrypt your snapshots in the destination AWS Region .", - "title": "DestinationKmsKeyId", - "type": "string" - }, - "DestinationRegion": { - "markdownDescription": "The destination AWS Region to copy snapshots to.", - "title": "DestinationRegion", + "AWSRegion": { + "markdownDescription": "The AWS Region the resource you are directing DNS traffic to, is in.", + "title": "AWSRegion", "type": "string" }, - "SnapshotRetentionPeriod": { - "markdownDescription": "The retention period of snapshots that are copied to the destination AWS Region .", - "title": "SnapshotRetentionPeriod", + "Bias": { + "markdownDescription": "The bias increases or decreases the size of the geographic region from which Route\u00a053 routes traffic to a resource.\n\nTo use `Bias` to change the size of the geographic region, specify the applicable value for the bias:\n\n- To expand the size of the geographic region from which Route\u00a053 routes traffic to a resource, specify a positive integer from 1 to 99 for the bias. Route\u00a053 shrinks the size of adjacent regions.\n- To shrink the size of the geographic region from which Route\u00a053 routes traffic to a resource, specify a negative bias of -1 to -99. Route\u00a053 expands the size of adjacent regions.", + "title": "Bias", "type": "number" + }, + "Coordinates": { + "$ref": "#/definitions/AWS::Route53::RecordSet.Coordinates", + "markdownDescription": "Contains the longitude and latitude for a geographic region.", + "title": "Coordinates" + }, + "LocalZoneGroup": { + "markdownDescription": "Specifies an AWS Local Zone Group.\n\nA local Zone Group is usually the Local Zone code without the ending character. For example, if the Local Zone is `us-east-1-bue-1a` the Local Zone Group is `us-east-1-bue-1` .\n\nYou can identify the Local Zones Group for a specific Local Zone by using the [describe-availability-zones](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-availability-zones.html) CLI command:\n\nThis command returns: `\"GroupName\": \"us-west-2-den-1\"` , specifying that the Local Zone `us-west-2-den-1a` belongs to the Local Zone Group `us-west-2-den-1` .", + "title": "LocalZoneGroup", + "type": "string" } }, - "required": [ - "DestinationRegion" - ], "type": "object" }, - "AWS::RedshiftServerless::Workgroup": { + "AWS::Route53::RecordSetGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -228470,82 +275301,35 @@ "Properties": { "additionalProperties": false, "properties": { - "BaseCapacity": { - "markdownDescription": "The base compute capacity of the workgroup in Redshift Processing Units (RPUs).", - "title": "BaseCapacity", - "type": "number" - }, - "ConfigParameters": { - "items": { - "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.ConfigParameter" - }, - "markdownDescription": "The key of the parameter. The options are `auto_mv` , `datestyle` , `enable_case_sensitive_identifier` , `enable_user_activity_logging` , `query_group` , `search_path` , `require_ssl` , `use_fips_ssl` , and query monitoring metrics that let you define performance boundaries. For more information about query monitoring rules and available metrics, see [Query monitoring metrics for Amazon Redshift Serverless](https://docs.aws.amazon.com/redshift/latest/dg/cm-c-wlm-query-monitoring-rules.html#cm-c-wlm-query-monitoring-metrics-serverless) .", - "title": "ConfigParameters", - "type": "array" - }, - "EnhancedVpcRouting": { - "markdownDescription": "The value that specifies whether to enable enhanced virtual private cloud (VPC) routing, which forces Amazon Redshift Serverless to route traffic through your VPC.", - "title": "EnhancedVpcRouting", - "type": "boolean" - }, - "MaxCapacity": { - "markdownDescription": "The maximum data-warehouse capacity Amazon Redshift Serverless uses to serve queries. The max capacity is specified in RPUs.", - "title": "MaxCapacity", - "type": "number" - }, - "NamespaceName": { - "markdownDescription": "The namespace the workgroup is associated with.", - "title": "NamespaceName", + "Comment": { + "markdownDescription": "*Optional:* Any comments you want to include about a change batch request.", + "title": "Comment", "type": "string" }, - "Port": { - "markdownDescription": "The custom port to use when connecting to a workgroup. Valid port ranges are 5431-5455 and 8191-8215. The default is 5439.", - "title": "Port", - "type": "number" - }, - "PubliclyAccessible": { - "markdownDescription": "A value that specifies whether the workgroup can be accessible from a public network.", - "title": "PubliclyAccessible", - "type": "boolean" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of security group IDs to associate with the workgroup.", - "title": "SecurityGroupIds", - "type": "array" + "HostedZoneId": { + "markdownDescription": "The ID of the hosted zone that you want to create records in.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", + "title": "HostedZoneId", + "type": "string" }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of subnet IDs the workgroup is associated with.", - "title": "SubnetIds", - "type": "array" + "HostedZoneName": { + "markdownDescription": "The name of the hosted zone that you want to create records in. You must include a trailing dot (for example, `www.example.com.` ) as part of the `HostedZoneName` .\n\nWhen you create a stack using an `AWS::Route53::RecordSet` that specifies `HostedZoneName` , AWS CloudFormation attempts to find a hosted zone whose name matches the `HostedZoneName` . If AWS CloudFormation can't find a hosted zone with a matching domain name, or if there is more than one hosted zone with the specified domain name, AWS CloudFormation will not create the stack.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", + "title": "HostedZoneName", + "type": "string" }, - "Tags": { + "RecordSets": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Route53::RecordSetGroup.RecordSet" }, - "markdownDescription": "The map of the key-value pairs used to tag the workgroup.", - "title": "Tags", + "markdownDescription": "A complex type that contains one `RecordSet` element for each record that you want to create.", + "title": "RecordSets", "type": "array" - }, - "WorkgroupName": { - "markdownDescription": "The name of the workgroup.", - "title": "WorkgroupName", - "type": "string" } }, - "required": [ - "WorkgroupName" - ], "type": "object" }, "Type": { "enum": [ - "AWS::RedshiftServerless::Workgroup" + "AWS::Route53::RecordSetGroup" ], "type": "string" }, @@ -228559,187 +275343,216 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::RedshiftServerless::Workgroup.ConfigParameter": { + "AWS::Route53::RecordSetGroup.AliasTarget": { "additionalProperties": false, "properties": { - "ParameterKey": { - "markdownDescription": "The key of the parameter. The options are `auto_mv` , `datestyle` , `enable_case_sensitive_identifier` , `enable_user_activity_logging` , `query_group` , `search_path` , `require_ssl` , `use_fips_ssl` , and query monitoring metrics that let you define performance boundaries. For more information about query monitoring rules and available metrics, see [Query monitoring metrics for Amazon Redshift Serverless](https://docs.aws.amazon.com/redshift/latest/dg/cm-c-wlm-query-monitoring-rules.html#cm-c-wlm-query-monitoring-metrics-serverless) .", - "title": "ParameterKey", + "DNSName": { + "markdownDescription": "*Alias records only:* The value that you specify depends on where you want to route queries:\n\n- **Amazon API Gateway custom regional APIs and edge-optimized APIs** - Specify the applicable domain name for your API. You can get the applicable value using the AWS CLI command [get-domain-names](https://docs.aws.amazon.com/cli/latest/reference/apigateway/get-domain-names.html) :\n\n- For regional APIs, specify the value of `regionalDomainName` .\n- For edge-optimized APIs, specify the value of `distributionDomainName` . This is the name of the associated CloudFront distribution, such as `da1b2c3d4e5.cloudfront.net` .\n\n> The name of the record that you're creating must match a custom domain name for your API, such as `api.example.com` .\n- **Amazon Virtual Private Cloud interface VPC endpoint** - Enter the API endpoint for the interface endpoint, such as `vpce-123456789abcdef01-example-us-east-1a.elasticloadbalancing.us-east-1.vpce.amazonaws.com` . For edge-optimized APIs, this is the domain name for the corresponding CloudFront distribution. You can get the value of `DnsName` using the AWS CLI command [describe-vpc-endpoints](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-vpc-endpoints.html) .\n- **CloudFront distribution** - Specify the domain name that CloudFront assigned when you created your distribution.\n\nYour CloudFront distribution must include an alternate domain name that matches the name of the record. For example, if the name of the record is *acme.example.com* , your CloudFront distribution must include *acme.example.com* as one of the alternate domain names. For more information, see [Using Alternate Domain Names (CNAMEs)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/CNAMEs.html) in the *Amazon CloudFront Developer Guide* .\n\nYou can't create a record in a private hosted zone to route traffic to a CloudFront distribution.\n\n> For failover alias records, you can't specify a CloudFront distribution for both the primary and secondary records. A distribution must include an alternate domain name that matches the name of the record. However, the primary and secondary records have the same name, and you can't include the same alternate domain name in more than one distribution.\n- **Elastic Beanstalk environment** - If the domain name for your Elastic Beanstalk environment includes the region that you deployed the environment in, you can create an alias record that routes traffic to the environment. For example, the domain name `my-environment. *us-west-2* .elasticbeanstalk.com` is a regionalized domain name.\n\n> For environments that were created before early 2016, the domain name doesn't include the region. To route traffic to these environments, you must create a CNAME record instead of an alias record. Note that you can't create a CNAME record for the root domain name. For example, if your domain name is example.com, you can create a record that routes traffic for acme.example.com to your Elastic Beanstalk environment, but you can't create a record that routes traffic for example.com to your Elastic Beanstalk environment. \n\nFor Elastic Beanstalk environments that have regionalized subdomains, specify the `CNAME` attribute for the environment. You can use the following methods to get the value of the CNAME attribute:\n\n- *AWS Management Console* : For information about how to get the value by using the console, see [Using Custom Domains with AWS Elastic Beanstalk](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/customdomains.html) in the *AWS Elastic Beanstalk Developer Guide* .\n- *Elastic Beanstalk API* : Use the `DescribeEnvironments` action to get the value of the `CNAME` attribute. For more information, see [DescribeEnvironments](https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DescribeEnvironments.html) in the *AWS Elastic Beanstalk API Reference* .\n- *AWS CLI* : Use the `describe-environments` command to get the value of the `CNAME` attribute. For more information, see [describe-environments](https://docs.aws.amazon.com/cli/latest/reference/elasticbeanstalk/describe-environments.html) in the *AWS CLI* .\n- **ELB load balancer** - Specify the DNS name that is associated with the load balancer. Get the DNS name by using the AWS Management Console , the ELB API, or the AWS CLI .\n\n- *AWS Management Console* : Go to the EC2 page, choose *Load Balancers* in the navigation pane, choose the load balancer, choose the *Description* tab, and get the value of the *DNS name* field.\n\nIf you're routing traffic to a Classic Load Balancer, get the value that begins with *dualstack* . If you're routing traffic to another type of load balancer, get the value that applies to the record type, A or AAAA.\n- *Elastic Load Balancing API* : Use `DescribeLoadBalancers` to get the value of `DNSName` . For more information, see the applicable guide:\n\n- Classic Load Balancers: [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DescribeLoadBalancers.html)\n- Application and Network Load Balancers: [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html)\n- *CloudFormation Fn::GetAtt intrinsic function* : Use the [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-getatt.html) intrinsic function to get the value of `DNSName` :\n\n- [Classic Load Balancers](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html#aws-properties-ec2-elb-return-values) .\n- [Application and Network Load Balancers](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#aws-resource-elasticloadbalancingv2-loadbalancer-return-values) .\n- *AWS CLI* : Use `describe-load-balancers` to get the value of `DNSName` . For more information, see the applicable guide:\n\n- Classic Load Balancers: [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elb/describe-load-balancers.html)\n- Application and Network Load Balancers: [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elbv2/describe-load-balancers.html)\n- **Global Accelerator accelerator** - Specify the DNS name for your accelerator:\n\n- *Global Accelerator API* : To get the DNS name, use [DescribeAccelerator](https://docs.aws.amazon.com/global-accelerator/latest/api/API_DescribeAccelerator.html) .\n- *AWS CLI* : To get the DNS name, use [describe-accelerator](https://docs.aws.amazon.com/cli/latest/reference/globalaccelerator/describe-accelerator.html) .\n- **Amazon S3 bucket that is configured as a static website** - Specify the domain name of the Amazon S3 website endpoint that you created the bucket in, for example, `s3-website.us-east-2.amazonaws.com` . For more information about valid values, see the table [Amazon S3 Website Endpoints](https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_website_region_endpoints) in the *Amazon Web Services General Reference* . For more information about using S3 buckets for websites, see [Getting Started with Amazon Route 53](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/getting-started.html) in the *Amazon Route 53 Developer Guide.*\n- **Another Route 53 record** - Specify the value of the `Name` element for a record in the current hosted zone.\n\n> If you're creating an alias record that has the same name as the hosted zone (known as the zone apex), you can't specify the domain name for a record for which the value of `Type` is `CNAME` . This is because the alias record must have the same type as the record that you're routing traffic to, and creating a CNAME record for the zone apex isn't supported even for an alias record.", + "title": "DNSName", "type": "string" }, - "ParameterValue": { - "markdownDescription": "The value of the parameter to set.", - "title": "ParameterValue", + "EvaluateTargetHealth": { + "markdownDescription": "*Applies only to alias records with any routing policy:* When `EvaluateTargetHealth` is `true` , an alias record inherits the health of the referenced AWS resource, such as an ELB load balancer or another record in the hosted zone.\n\nNote the following:\n\n- **CloudFront distributions** - You can't set `EvaluateTargetHealth` to `true` when the alias target is a CloudFront distribution.\n- **Elastic Beanstalk environments that have regionalized subdomains** - If you specify an Elastic Beanstalk environment in `DNSName` and the environment contains an ELB load balancer, Elastic Load Balancing routes queries only to the healthy Amazon EC2 instances that are registered with the load balancer. (An environment automatically contains an ELB load balancer if it includes more than one Amazon EC2 instance.) If you set `EvaluateTargetHealth` to `true` and either no Amazon EC2 instances are healthy or the load balancer itself is unhealthy, Route 53 routes queries to other available resources that are healthy, if any.\n\nIf the environment contains a single Amazon EC2 instance, there are no special requirements.\n- **ELB load balancers** - Health checking behavior depends on the type of load balancer:\n\n- *Classic Load Balancers* : If you specify an ELB Classic Load Balancer in `DNSName` , Elastic Load Balancing routes queries only to the healthy Amazon EC2 instances that are registered with the load balancer. If you set `EvaluateTargetHealth` to `true` and either no EC2 instances are healthy or the load balancer itself is unhealthy, Route 53 routes queries to other resources.\n- *Application and Network Load Balancers* : If you specify an ELB Application or Network Load Balancer and you set `EvaluateTargetHealth` to `true` , Route 53 routes queries to the load balancer based on the health of the target groups that are associated with the load balancer:\n\n- For an Application or Network Load Balancer to be considered healthy, every target group that contains targets must contain at least one healthy target. If any target group contains only unhealthy targets, the load balancer is considered unhealthy, and Route 53 routes queries to other resources.\n- A target group that has no registered targets is considered unhealthy.\n\n> When you create a load balancer, you configure settings for Elastic Load Balancing health checks; they're not Route 53 health checks, but they perform a similar function. Do not create Route 53 health checks for the EC2 instances that you register with an ELB load balancer.\n- **S3 buckets** - There are no special requirements for setting `EvaluateTargetHealth` to `true` when the alias target is an S3 bucket.\n- **Other records in the same hosted zone** - If the AWS resource that you specify in `DNSName` is a record or a group of records (for example, a group of weighted records) but is not another alias record, we recommend that you associate a health check with all of the records in the alias target. For more information, see [What Happens When You Omit Health Checks?](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-complex-configs.html#dns-failover-complex-configs-hc-omitting) in the *Amazon Route 53 Developer Guide* .\n\nFor more information and examples, see [Amazon Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html) in the *Amazon Route 53 Developer Guide* .", + "title": "EvaluateTargetHealth", + "type": "boolean" + }, + "HostedZoneId": { + "markdownDescription": "*Alias resource records sets only* : The value used depends on where you want to route traffic:\n\n- **Amazon API Gateway custom regional APIs and edge-optimized APIs** - Specify the hosted zone ID for your API. You can get the applicable value using the AWS CLI command [get-domain-names](https://docs.aws.amazon.com/cli/latest/reference/apigateway/get-domain-names.html) :\n\n- For regional APIs, specify the value of `regionalHostedZoneId` .\n- For edge-optimized APIs, specify the value of `distributionHostedZoneId` .\n- **Amazon Virtual Private Cloud interface VPC endpoint** - Specify the hosted zone ID for your interface endpoint. You can get the value of `HostedZoneId` using the AWS CLI command [describe-vpc-endpoints](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-vpc-endpoints.html) .\n- **CloudFront distribution** - Specify `Z2FDTNDATAQYW2` . This is always the hosted zone ID when you create an alias record that routes traffic to a CloudFront distribution.\n\n> Alias records for CloudFront can't be created in a private zone.\n- **Elastic Beanstalk environment** - Specify the hosted zone ID for the region that you created the environment in. The environment must have a regionalized subdomain. For a list of regions and the corresponding hosted zone IDs, see [AWS Elastic Beanstalk endpoints and quotas](https://docs.aws.amazon.com/general/latest/gr/elasticbeanstalk.html) in the *Amazon Web Services General Reference* .\n- **ELB load balancer** - Specify the value of the hosted zone ID for the load balancer. Use the following methods to get the hosted zone ID:\n\n- [Service Endpoints](https://docs.aws.amazon.com/general/latest/gr/elb.html) table in the \"Elastic Load Balancing endpoints and quotas\" topic in the *Amazon Web Services General Reference* : Use the value that corresponds with the region that you created your load balancer in. Note that there are separate columns for Application and Classic Load Balancers and for Network Load Balancers.\n- *AWS Management Console* : Go to the Amazon EC2 page, choose *Load Balancers* in the navigation pane, select the load balancer, and get the value of the *Hosted zone* field on the *Description* tab.\n- *Elastic Load Balancing API* : Use `DescribeLoadBalancers` to get the applicable value. For more information, see the applicable guide:\n\n- Classic Load Balancers: Use [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DescribeLoadBalancers.html) to get the value of `CanonicalHostedZoneNameID` .\n- Application and Network Load Balancers: Use [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html) to get the value of `CanonicalHostedZoneID` .\n- *CloudFormation Fn::GetAtt intrinsic function* : Use the [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-getatt.html) intrinsic function to get the applicable value:\n\n- Classic Load Balancers: Get [CanonicalHostedZoneNameID](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html#aws-properties-ec2-elb-return-values) .\n- Application and Network Load Balancers: Get [CanonicalHostedZoneID](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#aws-resource-elasticloadbalancingv2-loadbalancer-return-values) .\n- *AWS CLI* : Use `describe-load-balancers` to get the applicable value. For more information, see the applicable guide:\n\n- Classic Load Balancers: Use [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elb/describe-load-balancers.html) to get the value of `CanonicalHostedZoneNameID` .\n- Application and Network Load Balancers: Use [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elbv2/describe-load-balancers.html) to get the value of `CanonicalHostedZoneID` .\n- **Global Accelerator accelerator** - Specify `Z2BJ6XQ5FK7U4H` .\n- **An Amazon S3 bucket configured as a static website** - Specify the hosted zone ID for the region that you created the bucket in. For more information about valid values, see the table [Amazon S3 Website Endpoints](https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_website_region_endpoints) in the *Amazon Web Services General Reference* .\n- **Another Route 53 record in your hosted zone** - Specify the hosted zone ID of your hosted zone. (An alias record can't reference a record in a different hosted zone.)", + "title": "HostedZoneId", "type": "string" } }, + "required": [ + "DNSName", + "HostedZoneId" + ], "type": "object" }, - "AWS::RedshiftServerless::Workgroup.Endpoint": { + "AWS::Route53::RecordSetGroup.CidrRoutingConfig": { "additionalProperties": false, "properties": { - "Address": { - "markdownDescription": "The DNS address of the VPC endpoint.", - "title": "Address", + "CollectionId": { + "markdownDescription": "The CIDR collection ID.", + "title": "CollectionId", "type": "string" }, - "Port": { - "markdownDescription": "The port that Amazon Redshift Serverless listens on.", - "title": "Port", - "type": "number" - }, - "VpcEndpoints": { - "items": { - "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.VpcEndpoint" - }, - "markdownDescription": "An array of `VpcEndpoint` objects.", - "title": "VpcEndpoints", - "type": "array" + "LocationName": { + "markdownDescription": "The CIDR collection location name.", + "title": "LocationName", + "type": "string" } }, + "required": [ + "CollectionId", + "LocationName" + ], "type": "object" }, - "AWS::RedshiftServerless::Workgroup.NetworkInterface": { + "AWS::Route53::RecordSetGroup.Coordinates": { "additionalProperties": false, "properties": { - "AvailabilityZone": { - "markdownDescription": "The availability Zone.", - "title": "AvailabilityZone", + "Latitude": { + "markdownDescription": "Specifies a coordinate of the north\u2013south position of a geographic point on the surface of the Earth (-90 - 90).", + "title": "Latitude", "type": "string" }, - "NetworkInterfaceId": { - "markdownDescription": "The unique identifier of the network interface.", - "title": "NetworkInterfaceId", + "Longitude": { + "markdownDescription": "Specifies a coordinate of the east\u2013west position of a geographic point on the surface of the Earth (-180 - 180).", + "title": "Longitude", + "type": "string" + } + }, + "required": [ + "Latitude", + "Longitude" + ], + "type": "object" + }, + "AWS::Route53::RecordSetGroup.GeoLocation": { + "additionalProperties": false, + "properties": { + "ContinentCode": { + "markdownDescription": "For geolocation resource record sets, a two-letter abbreviation that identifies a continent. Route 53 supports the following continent codes:\n\n- *AF* : Africa\n- *AN* : Antarctica\n- *AS* : Asia\n- *EU* : Europe\n- *OC* : Oceania\n- *NA* : North America\n- *SA* : South America\n\nConstraint: Specifying `ContinentCode` with either `CountryCode` or `SubdivisionCode` returns an `InvalidInput` error.", + "title": "ContinentCode", "type": "string" }, - "PrivateIpAddress": { - "markdownDescription": "The IPv4 address of the network interface within the subnet.", - "title": "PrivateIpAddress", + "CountryCode": { + "markdownDescription": "For geolocation resource record sets, the two-letter code for a country.\n\nRoute 53 uses the two-letter country codes that are specified in [ISO standard 3166-1 alpha-2](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2) .", + "title": "CountryCode", "type": "string" }, - "SubnetId": { - "markdownDescription": "The unique identifier of the subnet.", - "title": "SubnetId", + "SubdivisionCode": { + "markdownDescription": "For geolocation resource record sets, the two-letter code for a state of the United States. Route 53 doesn't support any other values for `SubdivisionCode` . For a list of state abbreviations, see [Appendix B: Two\u2013Letter State and Possession Abbreviations](https://docs.aws.amazon.com/https://pe.usps.com/text/pub28/28apb.htm) on the United States Postal Service website.\n\nIf you specify `subdivisioncode` , you must also specify `US` for `CountryCode` .", + "title": "SubdivisionCode", "type": "string" } }, "type": "object" }, - "AWS::RedshiftServerless::Workgroup.VpcEndpoint": { + "AWS::Route53::RecordSetGroup.GeoProximityLocation": { "additionalProperties": false, "properties": { - "NetworkInterfaces": { - "items": { - "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.NetworkInterface" - }, - "markdownDescription": "One or more network interfaces of the endpoint. Also known as an interface endpoint.", - "title": "NetworkInterfaces", - "type": "array" - }, - "VpcEndpointId": { - "markdownDescription": "The connection endpoint ID for connecting to Amazon Redshift Serverless.", - "title": "VpcEndpointId", + "AWSRegion": { + "markdownDescription": "The AWS Region the resource you are directing DNS traffic to, is in.", + "title": "AWSRegion", "type": "string" }, - "VpcId": { - "markdownDescription": "The VPC identifier that the endpoint is associated with.", - "title": "VpcId", + "Bias": { + "markdownDescription": "The bias increases or decreases the size of the geographic region from which Route\u00a053 routes traffic to a resource.\n\nTo use `Bias` to change the size of the geographic region, specify the applicable value for the bias:\n\n- To expand the size of the geographic region from which Route\u00a053 routes traffic to a resource, specify a positive integer from 1 to 99 for the bias. Route\u00a053 shrinks the size of adjacent regions.\n- To shrink the size of the geographic region from which Route\u00a053 routes traffic to a resource, specify a negative bias of -1 to -99. Route\u00a053 expands the size of adjacent regions.", + "title": "Bias", + "type": "number" + }, + "Coordinates": { + "$ref": "#/definitions/AWS::Route53::RecordSetGroup.Coordinates", + "markdownDescription": "Contains the longitude and latitude for a geographic region.", + "title": "Coordinates" + }, + "LocalZoneGroup": { + "markdownDescription": "Specifies an AWS Local Zone Group.\n\nA local Zone Group is usually the Local Zone code without the ending character. For example, if the Local Zone is `us-east-1-bue-1a` the Local Zone Group is `us-east-1-bue-1` .\n\nYou can identify the Local Zones Group for a specific Local Zone by using the [describe-availability-zones](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-availability-zones.html) CLI command:\n\nThis command returns: `\"GroupName\": \"us-west-2-den-1\"` , specifying that the Local Zone `us-west-2-den-1a` belongs to the Local Zone Group `us-west-2-den-1` .", + "title": "LocalZoneGroup", "type": "string" } }, "type": "object" }, - "AWS::RedshiftServerless::Workgroup.Workgroup": { + "AWS::Route53::RecordSetGroup.RecordSet": { "additionalProperties": false, "properties": { - "BaseCapacity": { - "markdownDescription": "The base data warehouse capacity of the workgroup in Redshift Processing Units (RPUs).", - "title": "BaseCapacity", - "type": "number" + "AliasTarget": { + "$ref": "#/definitions/AWS::Route53::RecordSetGroup.AliasTarget", + "markdownDescription": "*Alias resource record sets only:* Information about the AWS resource, such as a CloudFront distribution or an Amazon S3 bucket, that you want to route traffic to.\n\nIf you're creating resource records sets for a private hosted zone, note the following:\n\n- You can't create an alias resource record set in a private hosted zone to route traffic to a CloudFront distribution.\n- For information about creating failover resource record sets in a private hosted zone, see [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html) in the *Amazon Route 53 Developer Guide* .", + "title": "AliasTarget" }, - "ConfigParameters": { - "items": { - "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.ConfigParameter" - }, - "markdownDescription": "An array of parameters to set for advanced control over a database. The options are `auto_mv` , `datestyle` , `enable_case_sensitive_identifier` , `enable_user_activity_logging` , `query_group` , `search_path` , `require_ssl` , `use_fips_ssl` , and query monitoring metrics that let you define performance boundaries. For more information about query monitoring rules and available metrics, see [Query monitoring metrics for Amazon Redshift Serverless](https://docs.aws.amazon.com/redshift/latest/dg/cm-c-wlm-query-monitoring-rules.html#cm-c-wlm-query-monitoring-metrics-serverless) .", - "title": "ConfigParameters", - "type": "array" + "CidrRoutingConfig": { + "$ref": "#/definitions/AWS::Route53::RecordSetGroup.CidrRoutingConfig", + "markdownDescription": "", + "title": "CidrRoutingConfig" }, - "CreationDate": { - "markdownDescription": "The creation date of the workgroup.", - "title": "CreationDate", + "Failover": { + "markdownDescription": "*Failover resource record sets only:* To configure failover, you add the `Failover` element to two resource record sets. For one resource record set, you specify `PRIMARY` as the value for `Failover` ; for the other resource record set, you specify `SECONDARY` . In addition, you include the `HealthCheckId` element and specify the health check that you want Amazon Route 53 to perform for each resource record set.\n\nExcept where noted, the following failover behaviors assume that you have included the `HealthCheckId` element in both resource record sets:\n\n- When the primary resource record set is healthy, Route 53 responds to DNS queries with the applicable value from the primary resource record set regardless of the health of the secondary resource record set.\n- When the primary resource record set is unhealthy and the secondary resource record set is healthy, Route 53 responds to DNS queries with the applicable value from the secondary resource record set.\n- When the secondary resource record set is unhealthy, Route 53 responds to DNS queries with the applicable value from the primary resource record set regardless of the health of the primary resource record set.\n- If you omit the `HealthCheckId` element for the secondary resource record set, and if the primary resource record set is unhealthy, Route 53 always responds to DNS queries with the applicable value from the secondary resource record set. This is true regardless of the health of the associated endpoint.\n\nYou can't create non-failover resource record sets that have the same values for the `Name` and `Type` elements as failover resource record sets.\n\nFor failover alias resource record sets, you must also include the `EvaluateTargetHealth` element and set the value to true.\n\nFor more information about configuring failover for Route 53, see the following topics in the *Amazon Route 53 Developer Guide* :\n\n- [Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html)\n- [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html)", + "title": "Failover", "type": "string" }, - "Endpoint": { - "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.Endpoint", - "markdownDescription": "The endpoint that is created from the workgroup.", - "title": "Endpoint" + "GeoLocation": { + "$ref": "#/definitions/AWS::Route53::RecordSetGroup.GeoLocation", + "markdownDescription": "*Geolocation resource record sets only:* A complex type that lets you control how Amazon Route 53 responds to DNS queries based on the geographic origin of the query. For example, if you want all queries from Africa to be routed to a web server with an IP address of `192.0.2.111` , create a resource record set with a `Type` of `A` and a `ContinentCode` of `AF` .\n\nIf you create separate resource record sets for overlapping geographic regions (for example, one resource record set for a continent and one for a country on the same continent), priority goes to the smallest geographic region. This allows you to route most queries for a continent to one resource and to route queries for a country on that continent to a different resource.\n\nYou can't create two geolocation resource record sets that specify the same geographic location.\n\nThe value `*` in the `CountryCode` element matches all geographic locations that aren't specified in other geolocation resource record sets that have the same values for the `Name` and `Type` elements.\n\n> Geolocation works by mapping IP addresses to locations. However, some IP addresses aren't mapped to geographic locations, so even if you create geolocation resource record sets that cover all seven continents, Route 53 will receive some DNS queries from locations that it can't identify. We recommend that you create a resource record set for which the value of `CountryCode` is `*` . Two groups of queries are routed to the resource that you specify in this record: queries that come from locations for which you haven't created geolocation resource record sets and queries from IP addresses that aren't mapped to a location. If you don't create a `*` resource record set, Route 53 returns a \"no answer\" response for queries from those locations. \n\nYou can't create non-geolocation resource record sets that have the same values for the `Name` and `Type` elements as geolocation resource record sets.", + "title": "GeoLocation" }, - "EnhancedVpcRouting": { - "markdownDescription": "The value that specifies whether to enable enhanced virtual private cloud (VPC) routing, which forces Amazon Redshift Serverless to route traffic through your VPC.", - "title": "EnhancedVpcRouting", - "type": "boolean" + "GeoProximityLocation": { + "$ref": "#/definitions/AWS::Route53::RecordSetGroup.GeoProximityLocation", + "markdownDescription": "A complex type that contains information about a geographic location.", + "title": "GeoProximityLocation" }, - "MaxCapacity": { - "markdownDescription": "The maximum data-warehouse capacity Amazon Redshift Serverless uses to serve queries. The max capacity is specified in RPUs.", - "title": "MaxCapacity", - "type": "number" + "HealthCheckId": { + "markdownDescription": "If you want Amazon Route 53 to return this resource record set in response to a DNS query only when the status of a health check is healthy, include the `HealthCheckId` element and specify the ID of the applicable health check.\n\nRoute 53 determines whether a resource record set is healthy based on one of the following:\n\n- By periodically sending a request to the endpoint that is specified in the health check\n- By aggregating the status of a specified group of health checks (calculated health checks)\n- By determining the current state of a CloudWatch alarm (CloudWatch metric health checks)\n\n> Route 53 doesn't check the health of the endpoint that is specified in the resource record set, for example, the endpoint specified by the IP address in the `Value` element. When you add a `HealthCheckId` element to a resource record set, Route 53 checks the health of the endpoint that you specified in the health check. \n\nFor more information, see the following topics in the *Amazon Route 53 Developer Guide* :\n\n- [How Amazon Route 53 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html)\n- [Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html)\n- [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html)\n\n*When to Specify HealthCheckId*\n\nSpecifying a value for `HealthCheckId` is useful only when Route 53 is choosing between two or more resource record sets to respond to a DNS query, and you want Route 53 to base the choice in part on the status of a health check. Configuring health checks makes sense only in the following configurations:\n\n- *Non-alias resource record sets* : You're checking the health of a group of non-alias resource record sets that have the same routing policy, name, and type (such as multiple weighted records named www.example.com with a type of A) and you specify health check IDs for all the resource record sets.\n\nIf the health check status for a resource record set is healthy, Route 53 includes the record among the records that it responds to DNS queries with.\n\nIf the health check status for a resource record set is unhealthy, Route 53 stops responding to DNS queries using the value for that resource record set.\n\nIf the health check status for all resource record sets in the group is unhealthy, Route 53 considers all resource record sets in the group healthy and responds to DNS queries accordingly.\n- *Alias resource record sets* : You specify the following settings:\n\n- You set `EvaluateTargetHealth` to true for an alias resource record set in a group of resource record sets that have the same routing policy, name, and type (such as multiple weighted records named www.example.com with a type of A).\n- You configure the alias resource record set to route traffic to a non-alias resource record set in the same hosted zone.\n- You specify a health check ID for the non-alias resource record set.\n\nIf the health check status is healthy, Route 53 considers the alias resource record set to be healthy and includes the alias record among the records that it responds to DNS queries with.\n\nIf the health check status is unhealthy, Route 53 stops responding to DNS queries using the alias resource record set.\n\n> The alias resource record set can also route traffic to a *group* of non-alias resource record sets that have the same routing policy, name, and type. In that configuration, associate health checks with all of the resource record sets in the group of non-alias resource record sets.\n\n*Geolocation Routing*\n\nFor geolocation resource record sets, if an endpoint is unhealthy, Route 53 looks for a resource record set for the larger, associated geographic region. For example, suppose you have resource record sets for a state in the United States, for the entire United States, for North America, and a resource record set that has `*` for `CountryCode` is `*` , which applies to all locations. If the endpoint for the state resource record set is unhealthy, Route 53 checks for healthy resource record sets in the following order until it finds a resource record set for which the endpoint is healthy:\n\n- The United States\n- North America\n- The default resource record set\n\n*Specifying the Health Check Endpoint by Domain Name*\n\nIf your health checks specify the endpoint only by domain name, we recommend that you create a separate health check for each endpoint. For example, create a health check for each `HTTP` server that is serving content for `www.example.com` . For the value of `FullyQualifiedDomainName` , specify the domain name of the server (such as `us-east-2-www.example.com` ), not the name of the resource record sets ( `www.example.com` ).\n\n> Health check results will be unpredictable if you do the following:\n> \n> - Create a health check that has the same value for `FullyQualifiedDomainName` as the name of a resource record set.\n> - Associate that health check with the resource record set.", + "title": "HealthCheckId", + "type": "string" }, - "NamespaceName": { - "markdownDescription": "The namespace the workgroup is associated with.", - "title": "NamespaceName", + "HostedZoneId": { + "markdownDescription": "The ID of the hosted zone that you want to create records in.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .\n\nDo not provide the `HostedZoneId` if it is already defined in `AWS::Route53::RecordSetGroup` . The creation fails if `HostedZoneId` is defined in both.", + "title": "HostedZoneId", "type": "string" }, - "PubliclyAccessible": { - "markdownDescription": "A value that specifies whether the workgroup can be accessible from a public network.", - "title": "PubliclyAccessible", + "HostedZoneName": { + "markdownDescription": "The name of the hosted zone that you want to create records in. You must include a trailing dot (for example, `www.example.com.` ) as part of the `HostedZoneName` .\n\nWhen you create a stack using an `AWS::Route53::RecordSet` that specifies `HostedZoneName` , AWS CloudFormation attempts to find a hosted zone whose name matches the `HostedZoneName` . If AWS CloudFormation can't find a hosted zone with a matching domain name, or if there is more than one hosted zone with the specified domain name, AWS CloudFormation will not create the stack.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", + "title": "HostedZoneName", + "type": "string" + }, + "MultiValueAnswer": { + "markdownDescription": "*Multivalue answer resource record sets only* : To route traffic approximately randomly to multiple resources, such as web servers, create one multivalue answer record for each resource and specify `true` for `MultiValueAnswer` . Note the following:\n\n- If you associate a health check with a multivalue answer resource record set, Amazon Route 53 responds to DNS queries with the corresponding IP address only when the health check is healthy.\n- If you don't associate a health check with a multivalue answer record, Route 53 always considers the record to be healthy.\n- Route 53 responds to DNS queries with up to eight healthy records; if you have eight or fewer healthy records, Route 53 responds to all DNS queries with all the healthy records.\n- If you have more than eight healthy records, Route 53 responds to different DNS resolvers with different combinations of healthy records.\n- When all records are unhealthy, Route 53 responds to DNS queries with up to eight unhealthy records.\n- If a resource becomes unavailable after a resolver caches a response, client software typically tries another of the IP addresses in the response.\n\nYou can't create multivalue answer alias records.", + "title": "MultiValueAnswer", "type": "boolean" }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of security group IDs to associate with the workgroup.", - "title": "SecurityGroupIds", - "type": "array" + "Name": { + "markdownDescription": "For `ChangeResourceRecordSets` requests, the name of the record that you want to create, update, or delete. For `ListResourceRecordSets` responses, the name of a record in the specified hosted zone.\n\n*ChangeResourceRecordSets Only*\n\nEnter a fully qualified domain name, for example, `www.example.com` . You can optionally include a trailing dot. If you omit the trailing dot, Amazon Route 53 assumes that the domain name that you specify is fully qualified. This means that Route 53 treats `www.example.com` (without a trailing dot) and `www.example.com.` (with a trailing dot) as identical.\n\nFor information about how to specify characters other than `a-z` , `0-9` , and `-` (hyphen) and how to specify internationalized domain names, see [DNS Domain Name Format](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/DomainNameFormat.html) in the *Amazon Route 53 Developer Guide* .\n\nYou can use the asterisk (*) wildcard to replace the leftmost label in a domain name, for example, `*.example.com` . Note the following:\n\n- The * must replace the entire label. For example, you can't specify `*prod.example.com` or `prod*.example.com` .\n- The * can't replace any of the middle labels, for example, marketing.*.example.com.\n- If you include * in any position other than the leftmost label in a domain name, DNS treats it as an * character (ASCII 42), not as a wildcard.\n\n> You can't use the * wildcard for resource records sets that have a type of NS.", + "title": "Name", + "type": "string" }, - "Status": { - "markdownDescription": "The status of the workgroup.", - "title": "Status", + "Region": { + "markdownDescription": "*Latency-based resource record sets only:* The Amazon EC2 Region where you created the resource that this resource record set refers to. The resource typically is an AWS resource, such as an EC2 instance or an ELB load balancer, and is referred to by an IP address or a DNS domain name, depending on the record type.\n\nWhen Amazon Route 53 receives a DNS query for a domain name and type for which you have created latency resource record sets, Route 53 selects the latency resource record set that has the lowest latency between the end user and the associated Amazon EC2 Region. Route 53 then returns the value that is associated with the selected resource record set.\n\nNote the following:\n\n- You can only specify one `ResourceRecord` per latency resource record set.\n- You can only create one latency resource record set for each Amazon EC2 Region.\n- You aren't required to create latency resource record sets for all Amazon EC2 Regions. Route 53 will choose the region with the best latency from among the regions that you create latency resource record sets for.\n- You can't create non-latency resource record sets that have the same values for the `Name` and `Type` elements as latency resource record sets.", + "title": "Region", "type": "string" }, - "SubnetIds": { + "ResourceRecords": { "items": { "type": "string" }, - "markdownDescription": "An array of subnet IDs the workgroup is associated with.", - "title": "SubnetIds", + "markdownDescription": "Information about the records that you want to create. Each record should be in the format appropriate for the record type specified by the `Type` property. For information about different record types and their record formats, see [Values That You Specify When You Create or Edit Amazon Route 53 Records](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/resource-record-sets-values.html) in the *Amazon Route 53 Developer Guide* .", + "title": "ResourceRecords", "type": "array" }, - "WorkgroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) that links to the workgroup.", - "title": "WorkgroupArn", + "SetIdentifier": { + "markdownDescription": "*Resource record sets that have a routing policy other than simple:* An identifier that differentiates among multiple resource record sets that have the same combination of name and type, such as multiple weighted resource record sets named acme.example.com that have a type of A. In a group of resource record sets that have the same name and type, the value of `SetIdentifier` must be unique for each resource record set.\n\nFor information about routing policies, see [Choosing a Routing Policy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html) in the *Amazon Route 53 Developer Guide* .", + "title": "SetIdentifier", "type": "string" }, - "WorkgroupId": { - "markdownDescription": "The unique identifier of the workgroup.", - "title": "WorkgroupId", + "TTL": { + "markdownDescription": "The resource record cache time to live (TTL), in seconds. Note the following:\n\n- If you're creating or updating an alias resource record set, omit `TTL` . Amazon Route 53 uses the value of `TTL` for the alias target.\n- If you're associating this resource record set with a health check (if you're adding a `HealthCheckId` element), we recommend that you specify a `TTL` of 60 seconds or less so clients respond quickly to changes in health status.\n- All of the resource record sets in a group of weighted resource record sets must have the same value for `TTL` .\n- If a group of weighted resource record sets includes one or more weighted alias resource record sets for which the alias target is an ELB load balancer, we recommend that you specify a `TTL` of 60 seconds for all of the non-alias weighted resource record sets that have the same name and type. Values other than 60 seconds (the TTL for load balancers) will change the effect of the values that you specify for `Weight` .", + "title": "TTL", "type": "string" }, - "WorkgroupName": { - "markdownDescription": "The name of the workgroup.", - "title": "WorkgroupName", + "Type": { + "markdownDescription": "The DNS record type. For information about different record types and how data is encoded for them, see [Supported DNS Resource Record Types](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ResourceRecordTypes.html) in the *Amazon Route 53 Developer Guide* .\n\nValid values for basic resource record sets: `A` | `AAAA` | `CAA` | `CNAME` | `DS` | `MX` | `NAPTR` | `NS` | `PTR` | `SOA` | `SPF` | `SRV` | `TXT` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS`\n\nValues for weighted, latency, geolocation, and failover resource record sets: `A` | `AAAA` | `CAA` | `CNAME` | `MX` | `NAPTR` | `PTR` | `SPF` | `SRV` | `TXT` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS` . When creating a group of weighted, latency, geolocation, or failover resource record sets, specify the same value for all of the resource record sets in the group.\n\nValid values for multivalue answer resource record sets: `A` | `AAAA` | `MX` | `NAPTR` | `PTR` | `SPF` | `SRV` | `TXT` | `CAA` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS`\n\n> SPF records were formerly used to verify the identity of the sender of email messages. However, we no longer recommend that you create resource record sets for which the value of `Type` is `SPF` . RFC 7208, *Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1* , has been updated to say, \"...[I]ts existence and mechanism defined in [RFC4408] have led to some interoperability issues. Accordingly, its use is no longer appropriate for SPF version 1; implementations are not to use it.\" In RFC 7208, see section 14.1, [The SPF DNS Record Type](https://docs.aws.amazon.com/http://tools.ietf.org/html/rfc7208#section-14.1) . \n\nValues for alias resource record sets:\n\n- *Amazon API Gateway custom regional APIs and edge-optimized APIs:* `A`\n- *CloudFront distributions:* `A`\n\nIf IPv6 is enabled for the distribution, create two resource record sets to route traffic to your distribution, one with a value of `A` and one with a value of `AAAA` .\n- *Amazon API Gateway environment that has a regionalized subdomain* : `A`\n- *ELB load balancers:* `A` | `AAAA`\n- *Amazon S3 buckets:* `A`\n- *Amazon Virtual Private Cloud interface VPC endpoints* `A`\n- *Another resource record set in this hosted zone:* Specify the type of the resource record set that you're creating the alias for. All values are supported except `NS` and `SOA` .\n\n> If you're creating an alias record that has the same name as the hosted zone (known as the zone apex), you can't route traffic to a record for which the value of `Type` is `CNAME` . This is because the alias record must have the same type as the record you're routing traffic to, and creating a CNAME record for the zone apex isn't supported even for an alias record.", + "title": "Type", "type": "string" + }, + "Weight": { + "markdownDescription": "*Weighted resource record sets only:* Among resource record sets that have the same combination of DNS name and type, a value that determines the proportion of DNS queries that Amazon Route 53 responds to using the current resource record set. Route 53 calculates the sum of the weights for the resource record sets that have the same combination of DNS name and type. Route 53 then responds to queries based on the ratio of a resource's weight to the total. Note the following:\n\n- You must specify a value for the `Weight` element for every weighted resource record set.\n- You can only specify one `ResourceRecord` per weighted resource record set.\n- You can't create latency, failover, or geolocation resource record sets that have the same values for the `Name` and `Type` elements as weighted resource record sets.\n- You can create a maximum of 100 weighted resource record sets that have the same values for the `Name` and `Type` elements.\n- For weighted (but not weighted alias) resource record sets, if you set `Weight` to `0` for a resource record set, Route 53 never responds to queries with the applicable value for that resource record set. However, if you set `Weight` to `0` for all resource record sets that have the same combination of DNS name and type, traffic is routed to all resources with equal probability.\n\nThe effect of setting `Weight` to `0` is different when you associate health checks with weighted resource record sets. For more information, see [Options for Configuring Route 53 Active-Active and Active-Passive Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-configuring-options.html) in the *Amazon Route 53 Developer Guide* .", + "title": "Weight", + "type": "number" } }, + "required": [ + "Name", + "Type" + ], "type": "object" }, - "AWS::RefactorSpaces::Application": { + "AWS::Route53Profiles::Profile": { "additionalProperties": false, "properties": { "Condition": { @@ -228774,51 +275587,28 @@ "Properties": { "additionalProperties": false, "properties": { - "ApiGatewayProxy": { - "$ref": "#/definitions/AWS::RefactorSpaces::Application.ApiGatewayProxyInput", - "markdownDescription": "The endpoint URL of the Amazon API Gateway proxy.", - "title": "ApiGatewayProxy" - }, - "EnvironmentIdentifier": { - "markdownDescription": "The unique identifier of the environment.", - "title": "EnvironmentIdentifier", - "type": "string" - }, "Name": { - "markdownDescription": "The name of the application.", + "markdownDescription": "Name of the Profile.", "title": "Name", "type": "string" }, - "ProxyType": { - "markdownDescription": "The proxy type of the proxy created within the application.", - "title": "ProxyType", - "type": "string" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags assigned to the application.", + "markdownDescription": "A list of the tag keys and values that you want to associate with the profile.", "title": "Tags", "type": "array" - }, - "VpcId": { - "markdownDescription": "The ID of the virtual private cloud (VPC).", - "title": "VpcId", - "type": "string" } }, "required": [ - "EnvironmentIdentifier", - "Name", - "ProxyType", - "VpcId" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::RefactorSpaces::Application" + "AWS::Route53Profiles::Profile" ], "type": "string" }, @@ -228837,23 +275627,7 @@ ], "type": "object" }, - "AWS::RefactorSpaces::Application.ApiGatewayProxyInput": { - "additionalProperties": false, - "properties": { - "EndpointType": { - "markdownDescription": "The type of endpoint to use for the API Gateway proxy. If no value is specified in the request, the value is set to `REGIONAL` by default.\n\nIf the value is set to `PRIVATE` in the request, this creates a private API endpoint that is isolated from the public internet. The private endpoint can only be accessed by using Amazon Virtual Private Cloud (Amazon VPC) interface endpoints for the Amazon API Gateway that has been granted access. For more information about creating a private connection with Refactor Spaces and interface endpoint ( AWS PrivateLink ) availability, see [Access Refactor Spaces using an interface endpoint ( AWS PrivateLink )](https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/userguide/vpc-interface-endpoints.html) .", - "title": "EndpointType", - "type": "string" - }, - "StageName": { - "markdownDescription": "The name of the API Gateway stage. The name defaults to `prod` .", - "title": "StageName", - "type": "string" - } - }, - "type": "object" - }, - "AWS::RefactorSpaces::Environment": { + "AWS::Route53Profiles::ProfileAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -228888,39 +275662,45 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the environment.", - "title": "Description", + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the profile association to a VPC.", + "title": "Arn", "type": "string" }, "Name": { - "markdownDescription": "The name of the environment.", + "markdownDescription": "Name of the Profile association.", "title": "Name", "type": "string" }, - "NetworkFabricType": { - "markdownDescription": "The network fabric type of the environment.", - "title": "NetworkFabricType", + "ProfileId": { + "markdownDescription": "ID of the Profile.\n\nUpdate to this property requires update to the `ResourceId` property as well, because you can only associate one Profile per VPC. For more information, see [Route 53 Profiles](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/profiles.html) .", + "title": "ProfileId", + "type": "string" + }, + "ResourceId": { + "markdownDescription": "The ID of the VPC.", + "title": "ResourceId", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags assigned to the environment.", + "markdownDescription": "", "title": "Tags", "type": "array" } }, "required": [ "Name", - "NetworkFabricType" + "ProfileId", + "ResourceId" ], "type": "object" }, "Type": { "enum": [ - "AWS::RefactorSpaces::Environment" + "AWS::Route53Profiles::ProfileAssociation" ], "type": "string" }, @@ -228939,7 +275719,7 @@ ], "type": "object" }, - "AWS::RefactorSpaces::Route": { + "AWS::Route53Profiles::ProfileResourceAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -228974,56 +275754,37 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationIdentifier": { - "markdownDescription": "The unique identifier of the application.", - "title": "ApplicationIdentifier", + "Name": { + "markdownDescription": "Name of the Profile resource association.", + "title": "Name", "type": "string" }, - "DefaultRoute": { - "$ref": "#/definitions/AWS::RefactorSpaces::Route.DefaultRouteInput", - "markdownDescription": "Configuration for the default route type.", - "title": "DefaultRoute" - }, - "EnvironmentIdentifier": { - "markdownDescription": "The unique identifier of the environment.", - "title": "EnvironmentIdentifier", + "ProfileId": { + "markdownDescription": "Profile ID of the Profile that the resources are associated with.", + "title": "ProfileId", "type": "string" }, - "RouteType": { - "markdownDescription": "The route type of the route.", - "title": "RouteType", + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource association.", + "title": "ResourceArn", "type": "string" }, - "ServiceIdentifier": { - "markdownDescription": "The unique identifier of the service.", - "title": "ServiceIdentifier", + "ResourceProperties": { + "markdownDescription": "If the DNS resource is a DNS Firewall rule group, this indicates the priority.", + "title": "ResourceProperties", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags assigned to the route.", - "title": "Tags", - "type": "array" - }, - "UriPathRoute": { - "$ref": "#/definitions/AWS::RefactorSpaces::Route.UriPathRouteInput", - "markdownDescription": "The configuration for the URI path route type.", - "title": "UriPathRoute" } }, "required": [ - "ApplicationIdentifier", - "EnvironmentIdentifier", - "RouteType", - "ServiceIdentifier" + "Name", + "ProfileId", + "ResourceArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::RefactorSpaces::Route" + "AWS::Route53Profiles::ProfileResourceAssociation" ], "type": "string" }, @@ -229042,58 +275803,7 @@ ], "type": "object" }, - "AWS::RefactorSpaces::Route.DefaultRouteInput": { - "additionalProperties": false, - "properties": { - "ActivationState": { - "markdownDescription": "If set to `ACTIVE` , traffic is forwarded to this route\u2019s service after the route is created.", - "title": "ActivationState", - "type": "string" - } - }, - "required": [ - "ActivationState" - ], - "type": "object" - }, - "AWS::RefactorSpaces::Route.UriPathRouteInput": { - "additionalProperties": false, - "properties": { - "ActivationState": { - "markdownDescription": "If set to `ACTIVE` , traffic is forwarded to this route\u2019s service after the route is created.", - "title": "ActivationState", - "type": "string" - }, - "AppendSourcePath": { - "markdownDescription": "If set to `true` , this option appends the source path to the service URL endpoint.", - "title": "AppendSourcePath", - "type": "boolean" - }, - "IncludeChildPaths": { - "markdownDescription": "Indicates whether to match all subpaths of the given source path. If this value is `false` , requests must match the source path exactly before they are forwarded to this route's service.", - "title": "IncludeChildPaths", - "type": "boolean" - }, - "Methods": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of HTTP methods to match. An empty list matches all values. If a method is present, only HTTP requests using that method are forwarded to this route\u2019s service.", - "title": "Methods", - "type": "array" - }, - "SourcePath": { - "markdownDescription": "This is the path that Refactor Spaces uses to match traffic. Paths must start with `/` and are relative to the base of the application. To use path parameters in the source path, add a variable in curly braces. For example, the resource path {user} represents a path parameter called 'user'.", - "title": "SourcePath", - "type": "string" - } - }, - "required": [ - "ActivationState" - ], - "type": "object" - }, - "AWS::RefactorSpaces::Service": { + "AWS::Route53RecoveryControl::Cluster": { "additionalProperties": false, "properties": { "Condition": { @@ -229128,66 +275838,33 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationIdentifier": { - "markdownDescription": "The unique identifier of the application.", - "title": "ApplicationIdentifier", - "type": "string" - }, - "Description": { - "markdownDescription": "A description of the service.", - "title": "Description", - "type": "string" - }, - "EndpointType": { - "markdownDescription": "The endpoint type of the service.", - "title": "EndpointType", - "type": "string" - }, - "EnvironmentIdentifier": { - "markdownDescription": "The unique identifier of the environment.", - "title": "EnvironmentIdentifier", - "type": "string" - }, - "LambdaEndpoint": { - "$ref": "#/definitions/AWS::RefactorSpaces::Service.LambdaEndpointInput", - "markdownDescription": "A summary of the configuration for the AWS Lambda endpoint type.", - "title": "LambdaEndpoint" - }, "Name": { - "markdownDescription": "The name of the service.", + "markdownDescription": "Name of the cluster. You can use any non-white space character in the name except the following: & > < ' (single quote) \" (double quote) ; (semicolon).", "title": "Name", "type": "string" }, + "NetworkType": { + "markdownDescription": "The network-type can either be IPV4 or DUALSTACK.", + "title": "NetworkType", + "type": "string" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags assigned to the service.", + "markdownDescription": "The tags associated with the cluster.", "title": "Tags", "type": "array" - }, - "UrlEndpoint": { - "$ref": "#/definitions/AWS::RefactorSpaces::Service.UrlEndpointInput", - "markdownDescription": "The summary of the configuration for the URL endpoint type.", - "title": "UrlEndpoint" - }, - "VpcId": { - "markdownDescription": "The ID of the virtual private cloud (VPC).", - "title": "VpcId", - "type": "string" } }, "required": [ - "ApplicationIdentifier", - "EndpointType", - "EnvironmentIdentifier", "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::RefactorSpaces::Service" + "AWS::Route53RecoveryControl::Cluster" ], "type": "string" }, @@ -229206,40 +275883,23 @@ ], "type": "object" }, - "AWS::RefactorSpaces::Service.LambdaEndpointInput": { - "additionalProperties": false, - "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function or alias.", - "title": "Arn", - "type": "string" - } - }, - "required": [ - "Arn" - ], - "type": "object" - }, - "AWS::RefactorSpaces::Service.UrlEndpointInput": { + "AWS::Route53RecoveryControl::Cluster.ClusterEndpoint": { "additionalProperties": false, "properties": { - "HealthUrl": { - "markdownDescription": "The health check URL of the URL endpoint type. If the URL is a public endpoint, the `HealthUrl` must also be a public endpoint. If the URL is a private endpoint inside a virtual private cloud (VPC), the health URL must also be a private endpoint, and the host must be the same as the URL.", - "title": "HealthUrl", + "Endpoint": { + "markdownDescription": "A cluster endpoint URL for one of the five redundant clusters that you specify to set or retrieve a routing control state.", + "title": "Endpoint", "type": "string" }, - "Url": { - "markdownDescription": "The URL to route traffic to. The URL must be an [rfc3986-formatted URL](https://docs.aws.amazon.com/https://datatracker.ietf.org/doc/html/rfc3986) . If the host is a domain name, the name must be resolvable over the public internet. If the scheme is `https` , the top level domain of the host must be listed in the [IANA root zone database](https://docs.aws.amazon.com/https://www.iana.org/domains/root/db) .", - "title": "Url", + "Region": { + "markdownDescription": "The AWS Region for a cluster endpoint.", + "title": "Region", "type": "string" } }, - "required": [ - "Url" - ], "type": "object" }, - "AWS::Rekognition::Collection": { + "AWS::Route53RecoveryControl::ControlPanel": { "additionalProperties": false, "properties": { "Condition": { @@ -229274,28 +275934,33 @@ "Properties": { "additionalProperties": false, "properties": { - "CollectionId": { - "markdownDescription": "ID for the collection that you are creating.", - "title": "CollectionId", + "ClusterArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the cluster for the control panel.", + "title": "ClusterArn", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the control panel. You can use any non-white space character in the name.", + "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A set of tags (key-value pairs) that you want to attach to the collection.", + "markdownDescription": "The tags associated with the control panel.", "title": "Tags", "type": "array" } }, "required": [ - "CollectionId" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Rekognition::Collection" + "AWS::Route53RecoveryControl::ControlPanel" ], "type": "string" }, @@ -229314,7 +275979,7 @@ ], "type": "object" }, - "AWS::Rekognition::Project": { + "AWS::Route53RecoveryControl::RoutingControl": { "additionalProperties": false, "properties": { "Condition": { @@ -229349,20 +276014,30 @@ "Properties": { "additionalProperties": false, "properties": { - "ProjectName": { - "markdownDescription": "The name of the project to create.", - "title": "ProjectName", + "ClusterArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the cluster that hosts the routing control.", + "title": "ClusterArn", + "type": "string" + }, + "ControlPanelArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the control panel that includes the routing control.", + "title": "ControlPanelArn", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the routing control. You can use any non-white space character in the name.", + "title": "Name", "type": "string" } }, "required": [ - "ProjectName" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Rekognition::Project" + "AWS::Route53RecoveryControl::RoutingControl" ], "type": "string" }, @@ -229381,7 +276056,7 @@ ], "type": "object" }, - "AWS::Rekognition::StreamProcessor": { + "AWS::Route53RecoveryControl::SafetyRule": { "additionalProperties": false, "properties": { "Condition": { @@ -229416,87 +276091,50 @@ "Properties": { "additionalProperties": false, "properties": { - "BoundingBoxRegionsOfInterest": { - "items": { - "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.BoundingBox" - }, - "markdownDescription": "List of BoundingBox objects, each of which denotes a region of interest on screen. For more information, see the BoundingBox field of [RegionOfInterest](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_RegionOfInterest) .", - "title": "BoundingBoxRegionsOfInterest", - "type": "array" - }, - "ConnectedHomeSettings": { - "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.ConnectedHomeSettings", - "markdownDescription": "Connected home settings to use on a streaming video. You can use a stream processor for connected home features and select what you want the stream processor to detect, such as people or pets. When the stream processor has started, one notification is sent for each object class specified. For more information, see the ConnectedHome section of [StreamProcessorSettings](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StreamProcessorSettings) .", - "title": "ConnectedHomeSettings" - }, - "DataSharingPreference": { - "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.DataSharingPreference", - "markdownDescription": "Allows you to opt in or opt out to share data with Rekognition to improve model performance. You can choose this option at the account level or on a per-stream basis. Note that if you opt out at the account level this setting is ignored on individual streams. For more information, see [StreamProcessorDataSharingPreference](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StreamProcessorDataSharingPreference) .", - "title": "DataSharingPreference" - }, - "FaceSearchSettings": { - "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.FaceSearchSettings", - "markdownDescription": "The input parameters used to recognize faces in a streaming video analyzed by an Amazon Rekognition stream processor. For more information regarding the contents of the parameters, see [FaceSearchSettings](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_FaceSearchSettings) .", - "title": "FaceSearchSettings" - }, - "KinesisDataStream": { - "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.KinesisDataStream", - "markdownDescription": "Amazon Rekognition's Video Stream Processor takes a Kinesis video stream as input. This is the Amazon Kinesis Data Streams instance to which the Amazon Rekognition stream processor streams the analysis results. This must be created within the constraints specified at [KinesisDataStream](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_KinesisDataStream) .", - "title": "KinesisDataStream" - }, - "KinesisVideoStream": { - "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.KinesisVideoStream", - "markdownDescription": "The Kinesis video stream that provides the source of the streaming video for an Amazon Rekognition Video stream processor. For more information, see [KinesisVideoStream](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_KinesisVideoStream) .", - "title": "KinesisVideoStream" + "AssertionRule": { + "$ref": "#/definitions/AWS::Route53RecoveryControl::SafetyRule.AssertionRule", + "markdownDescription": "An assertion rule enforces that, when you change a routing control state, that the criteria that you set in the rule configuration is met. Otherwise, the change to the routing control is not accepted. For example, the criteria might be that at least one routing control state is `On` after the transaction so that traffic continues to flow to at least one cell for the application. This ensures that you avoid a fail-open scenario.", + "title": "AssertionRule" }, - "KmsKeyId": { - "markdownDescription": "The identifier for your Amazon Key Management Service key (Amazon KMS key). Optional parameter for connected home stream processors used to encrypt results and data published to your Amazon S3 bucket. For more information, see the KMSKeyId section of [CreateStreamProcessor](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_CreateStreamProcessor) .", - "title": "KmsKeyId", + "ControlPanelArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the control panel.", + "title": "ControlPanelArn", "type": "string" }, + "GatingRule": { + "$ref": "#/definitions/AWS::Route53RecoveryControl::SafetyRule.GatingRule", + "markdownDescription": "A gating rule verifies that a gating routing control or set of gating routing controls, evaluates as true, based on a rule configuration that you specify, which allows a set of routing control state changes to complete.\n\nFor example, if you specify one gating routing control and you set the `Type` in the rule configuration to `OR` , that indicates that you must set the gating routing control to `On` for the rule to evaluate as true; that is, for the gating control switch to be On. When you do that, then you can update the routing control states for the target routing controls that you specify in the gating rule.", + "title": "GatingRule" + }, "Name": { - "markdownDescription": "The Name attribute specifies the name of the stream processor and it must be within the constraints described in the Name section of [StreamProcessor](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StreamProcessor) . If you don't specify a name, Amazon CloudFormation generates a unique ID and uses that ID for the stream processor name.", + "markdownDescription": "The name of the assertion rule. The name must be unique within a control panel. You can use any non-white space character in the name except the following: & > < ' (single quote) \" (double quote) ; (semicolon)", "title": "Name", "type": "string" }, - "NotificationChannel": { - "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.NotificationChannel", - "markdownDescription": "The Amazon Simple Notification Service topic to which Amazon Rekognition publishes the object detection results and completion status of a video analysis operation. Amazon Rekognition publishes a notification the first time an object of interest or a person is detected in the video stream. Amazon Rekognition also publishes an end-of-session notification with a summary when the stream processing session is complete. For more information, see [StreamProcessorNotificationChannel](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StreamProcessorNotificationChannel) .", - "title": "NotificationChannel" - }, - "PolygonRegionsOfInterest": { - "markdownDescription": "A set of ordered lists of [Point](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_Point) objects. Each entry of the set contains a polygon denoting a region of interest on the screen. Each polygon is an ordered list of [Point](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_Point) objects. For more information, see the Polygon field of [RegionOfInterest](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_RegionOfInterest) .", - "title": "PolygonRegionsOfInterest", - "type": "object" - }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role that allows access to the stream processor. The IAM role provides Rekognition read permissions to the Kinesis stream. It also provides write permissions to an Amazon S3 bucket and Amazon Simple Notification Service topic for a connected home stream processor. This is required for both face search and connected home stream processors. For information about constraints, see the RoleArn section of [CreateStreamProcessor](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_CreateStreamProcessor) .", - "title": "RoleArn", - "type": "string" - }, - "S3Destination": { - "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.S3Destination", - "markdownDescription": "The Amazon S3 bucket location to which Amazon Rekognition publishes the detailed inference results of a video analysis operation. For more information, see the S3Destination section of [StreamProcessorOutput](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StreamProcessorOutput) .", - "title": "S3Destination" + "RuleConfig": { + "$ref": "#/definitions/AWS::Route53RecoveryControl::SafetyRule.RuleConfig", + "markdownDescription": "The criteria that you set for specific assertion controls (routing controls) that designate how many control states must be `ON` as the result of a transaction. For example, if you have three assertion controls, you might specify `ATLEAST 2` for your rule configuration. This means that at least two assertion controls must be `ON` , so that at least two AWS Regions have traffic flowing to them.", + "title": "RuleConfig" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A set of tags (key-value pairs) that you want to attach to the stream processor. For more information, see the Tags section of [CreateStreamProcessor](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_CreateStreamProcessor) .", + "markdownDescription": "The tags associated with the safety rule.", "title": "Tags", "type": "array" } }, "required": [ - "KinesisVideoStream", - "RoleArn" + "ControlPanelArn", + "Name", + "RuleConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::Rekognition::StreamProcessor" + "AWS::Route53RecoveryControl::SafetyRule" ], "type": "string" }, @@ -229515,155 +276153,88 @@ ], "type": "object" }, - "AWS::Rekognition::StreamProcessor.BoundingBox": { + "AWS::Route53RecoveryControl::SafetyRule.AssertionRule": { "additionalProperties": false, "properties": { - "Height": { - "markdownDescription": "Height of the bounding box as a ratio of the overall image height.", - "title": "Height", - "type": "number" - }, - "Left": { - "markdownDescription": "Left coordinate of the bounding box as a ratio of overall image width.", - "title": "Left", - "type": "number" - }, - "Top": { - "markdownDescription": "Top coordinate of the bounding box as a ratio of overall image height.", - "title": "Top", - "type": "number" + "AssertedControls": { + "items": { + "type": "string" + }, + "markdownDescription": "The routing controls that are part of transactions that are evaluated to determine if a request to change a routing control state is allowed. For example, you might include three routing controls, one for each of three AWS Regions.", + "title": "AssertedControls", + "type": "array" }, - "Width": { - "markdownDescription": "Width of the bounding box as a ratio of the overall image width.", - "title": "Width", + "WaitPeriodMs": { + "markdownDescription": "An evaluation period, in milliseconds (ms), during which any request against the target routing controls will fail. This helps prevent flapping of state. The wait period is 5000 ms by default, but you can choose a custom value.", + "title": "WaitPeriodMs", "type": "number" } }, "required": [ - "Height", - "Left", - "Top", - "Width" + "AssertedControls", + "WaitPeriodMs" ], "type": "object" }, - "AWS::Rekognition::StreamProcessor.ConnectedHomeSettings": { + "AWS::Route53RecoveryControl::SafetyRule.GatingRule": { "additionalProperties": false, "properties": { - "Labels": { + "GatingControls": { "items": { "type": "string" }, - "markdownDescription": "Specifies what you want to detect in the video, such as people, packages, or pets. The current valid labels you can include in this list are: \"PERSON\", \"PET\", \"PACKAGE\", and \"ALL\".", - "title": "Labels", + "markdownDescription": "An array of gating routing control Amazon Resource Names (ARNs). For a simple on-off switch, specify the ARN for one routing control. The gating routing controls are evaluated by the rule configuration that you specify to determine if the target routing control states can be changed.", + "title": "GatingControls", "type": "array" }, - "MinConfidence": { - "markdownDescription": "The minimum confidence required to label an object in the video.", - "title": "MinConfidence", + "TargetControls": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of target routing control Amazon Resource Names (ARNs) for which the states can only be updated if the rule configuration that you specify evaluates to true for the gating routing control. As a simple example, if you have a single gating control, it acts as an overall on-off switch for a set of target routing controls. You can use this to manually override automated failover, for example.", + "title": "TargetControls", + "type": "array" + }, + "WaitPeriodMs": { + "markdownDescription": "An evaluation period, in milliseconds (ms), during which any request against the target routing controls will fail. This helps prevent flapping of state. The wait period is 5000 ms by default, but you can choose a custom value.", + "title": "WaitPeriodMs", "type": "number" } }, "required": [ - "Labels" + "GatingControls", + "TargetControls", + "WaitPeriodMs" ], "type": "object" }, - "AWS::Rekognition::StreamProcessor.DataSharingPreference": { + "AWS::Route53RecoveryControl::SafetyRule.RuleConfig": { "additionalProperties": false, "properties": { - "OptIn": { - "markdownDescription": "Describes the opt-in status applied to a stream processor's data sharing policy.", - "title": "OptIn", + "Inverted": { + "markdownDescription": "Logical negation of the rule. If the rule would usually evaluate true, it's evaluated as false, and vice versa.", + "title": "Inverted", "type": "boolean" - } - }, - "required": [ - "OptIn" - ], - "type": "object" - }, - "AWS::Rekognition::StreamProcessor.FaceSearchSettings": { - "additionalProperties": false, - "properties": { - "CollectionId": { - "markdownDescription": "The ID of a collection that contains faces that you want to search for.", - "title": "CollectionId", - "type": "string" }, - "FaceMatchThreshold": { - "markdownDescription": "Minimum face match confidence score that must be met to return a result for a recognized face. The default is 80. 0 is the lowest confidence. 100 is the highest confidence. Values between 0 and 100 are accepted, and values lower than 80 are set to 80.", - "title": "FaceMatchThreshold", + "Threshold": { + "markdownDescription": "The value of N, when you specify an `ATLEAST` rule type. That is, `Threshold` is the number of controls that must be set when you specify an `ATLEAST` type.", + "title": "Threshold", "type": "number" - } - }, - "required": [ - "CollectionId" - ], - "type": "object" - }, - "AWS::Rekognition::StreamProcessor.KinesisDataStream": { - "additionalProperties": false, - "properties": { - "Arn": { - "markdownDescription": "ARN of the output Amazon Kinesis Data Streams stream.", - "title": "Arn", - "type": "string" - } - }, - "required": [ - "Arn" - ], - "type": "object" - }, - "AWS::Rekognition::StreamProcessor.KinesisVideoStream": { - "additionalProperties": false, - "properties": { - "Arn": { - "markdownDescription": "ARN of the Kinesis video stream stream that streams the source video.", - "title": "Arn", - "type": "string" - } - }, - "required": [ - "Arn" - ], - "type": "object" - }, - "AWS::Rekognition::StreamProcessor.NotificationChannel": { - "additionalProperties": false, - "properties": { - "Arn": { - "markdownDescription": "The ARN of the SNS topic that receives notifications.", - "title": "Arn", - "type": "string" - } - }, - "required": [ - "Arn" - ], - "type": "object" - }, - "AWS::Rekognition::StreamProcessor.S3Destination": { - "additionalProperties": false, - "properties": { - "BucketName": { - "markdownDescription": "Describes the destination Amazon Simple Storage Service (Amazon S3) bucket name of a stream processor's exports.", - "title": "BucketName", - "type": "string" }, - "ObjectKeyPrefix": { - "markdownDescription": "Describes the destination Amazon Simple Storage Service (Amazon S3) object keys of a stream processor's exports.", - "title": "ObjectKeyPrefix", + "Type": { + "markdownDescription": "A rule can be one of the following: `ATLEAST` , `AND` , or `OR` .", + "title": "Type", "type": "string" } }, "required": [ - "BucketName" + "Inverted", + "Threshold", + "Type" ], "type": "object" }, - "AWS::ResilienceHub::App": { + "AWS::Route53RecoveryReadiness::Cell": { "additionalProperties": false, "properties": { "Condition": { @@ -229698,74 +276269,33 @@ "Properties": { "additionalProperties": false, "properties": { - "AppAssessmentSchedule": { - "markdownDescription": "Assessment execution schedule with 'Daily' or 'Disabled' values.", - "title": "AppAssessmentSchedule", - "type": "string" - }, - "AppTemplateBody": { - "markdownDescription": "A JSON string that provides information about your application structure. To learn more about the `appTemplateBody` template, see the sample template in [Sample appTemplateBody template](https://docs.aws.amazon.com//resilience-hub/latest/APIReference/API_PutDraftAppVersionTemplate.html#API_PutDraftAppVersionTemplate_Examples) .\n\nThe `appTemplateBody` JSON string has the following structure:\n\n- *`resources`*\n\nThe list of logical resources that needs to be included in the AWS Resilience Hub application.\n\nType: Array\n\n> Don't add the resources that you want to exclude. \n\nEach `resources` array item includes the following fields:\n\n- *`logicalResourceId`*\n\nThe logical identifier of the resource.\n\nType: Object\n\nEach `logicalResourceId` object includes the following fields:\n\n- `identifier`\n\nIdentifier of the resource.\n\nType: String\n- `logicalStackName`\n\nName of the AWS CloudFormation stack this resource belongs to.\n\nType: String\n- `resourceGroupName`\n\nName of the resource group this resource belongs to.\n\nType: String\n- `terraformSourceName`\n\nName of the Terraform S3 state file this resource belongs to.\n\nType: String\n- `eksSourceName`\n\nName of the Amazon Elastic Kubernetes Service cluster and namespace this resource belongs to.\n\n> This parameter accepts values in \"eks-cluster/namespace\" format. \n\nType: String\n- *`type`*\n\nThe type of resource.\n\nType: string\n- *`name`*\n\nName of the resource.\n\nType: String\n- `additionalInfo`\n\nAdditional configuration parameters for an AWS Resilience Hub application. If you want to implement `additionalInfo` through the AWS Resilience Hub console rather than using an API call, see [Configure the application configuration parameters](https://docs.aws.amazon.com//resilience-hub/latest/userguide/app-config-param.html) .\n\n> Currently, this parameter accepts a key-value mapping (in a string format) of only one failover region and one associated account.\n> \n> Key: `\"failover-regions\"`\n> \n> Value: `\"[{\"region\":\"\", \"accounts\":[{\"id\":\"\"}]}]\"`\n- *`appComponents`*\n\nThe list of Application Components (AppComponent) that this resource belongs to. If an AppComponent is not part of the AWS Resilience Hub application, it will be added.\n\nType: Array\n\nEach `appComponents` array item includes the following fields:\n\n- `name`\n\nName of the AppComponent.\n\nType: String\n- `type`\n\nThe type of AppComponent. For more information about the types of AppComponent, see [Grouping resources in an AppComponent](https://docs.aws.amazon.com/resilience-hub/latest/userguide/AppComponent.grouping.html) .\n\nType: String\n- `resourceNames`\n\nThe list of included resources that are assigned to the AppComponent.\n\nType: Array of strings\n- `additionalInfo`\n\nAdditional configuration parameters for an AWS Resilience Hub application. If you want to implement `additionalInfo` through the AWS Resilience Hub console rather than using an API call, see [Configure the application configuration parameters](https://docs.aws.amazon.com//resilience-hub/latest/userguide/app-config-param.html) .\n\n> Currently, this parameter accepts a key-value mapping (in a string format) of only one failover region and one associated account.\n> \n> Key: `\"failover-regions\"`\n> \n> Value: `\"[{\"region\":\"\", \"accounts\":[{\"id\":\"\"}]}]\"`\n- *`excludedResources`*\n\nThe list of logical resource identifiers to be excluded from the application.\n\nType: Array\n\n> Don't add the resources that you want to include. \n\nEach `excludedResources` array item includes the following fields:\n\n- *`logicalResourceIds`*\n\nThe logical identifier of the resource.\n\nType: Object\n\n> You can configure only one of the following fields:\n> \n> - `logicalStackName`\n> - `resourceGroupName`\n> - `terraformSourceName`\n> - `eksSourceName` \n\nEach `logicalResourceIds` object includes the following fields:\n\n- `identifier`\n\nThe identifier of the resource.\n\nType: String\n- `logicalStackName`\n\nName of the AWS CloudFormation stack this resource belongs to.\n\nType: String\n- `resourceGroupName`\n\nName of the resource group this resource belongs to.\n\nType: String\n- `terraformSourceName`\n\nName of the Terraform S3 state file this resource belongs to.\n\nType: String\n- `eksSourceName`\n\nName of the Amazon Elastic Kubernetes Service cluster and namespace this resource belongs to.\n\n> This parameter accepts values in \"eks-cluster/namespace\" format. \n\nType: String\n- *`version`*\n\nThe AWS Resilience Hub application version.\n- `additionalInfo`\n\nAdditional configuration parameters for an AWS Resilience Hub application. If you want to implement `additionalInfo` through the AWS Resilience Hub console rather than using an API call, see [Configure the application configuration parameters](https://docs.aws.amazon.com//resilience-hub/latest/userguide/app-config-param.html) .\n\n> Currently, this parameter accepts a key-value mapping (in a string format) of only one failover region and one associated account.\n> \n> Key: `\"failover-regions\"`\n> \n> Value: `\"[{\"region\":\"\", \"accounts\":[{\"id\":\"\"}]}]\"`", - "title": "AppTemplateBody", - "type": "string" - }, - "Description": { - "markdownDescription": "Optional description for an application.", - "title": "Description", - "type": "string" - }, - "EventSubscriptions": { - "items": { - "$ref": "#/definitions/AWS::ResilienceHub::App.EventSubscription" - }, - "markdownDescription": "The list of events you would like to subscribe and get notification for. Currently, AWS Resilience Hub supports notifications only for *Drift detected* and *Scheduled assessment failure* events.", - "title": "EventSubscriptions", - "type": "array" - }, - "Name": { - "markdownDescription": "Name for the application.", - "title": "Name", - "type": "string" - }, - "PermissionModel": { - "$ref": "#/definitions/AWS::ResilienceHub::App.PermissionModel", - "markdownDescription": "Defines the roles and credentials that AWS Resilience Hub would use while creating the application, importing its resources, and running an assessment.", - "title": "PermissionModel" - }, - "ResiliencyPolicyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resiliency policy.", - "title": "ResiliencyPolicyArn", + "CellName": { + "markdownDescription": "The name of the cell to create.", + "title": "CellName", "type": "string" }, - "ResourceMappings": { + "Cells": { "items": { - "$ref": "#/definitions/AWS::ResilienceHub::App.ResourceMapping" + "type": "string" }, - "markdownDescription": "An array of `ResourceMapping` objects.", - "title": "ResourceMappings", + "markdownDescription": "A list of cell Amazon Resource Names (ARNs) contained within this cell, for use in nested cells. For example, Availability Zones within specific AWS Regions .", + "title": "Cells", "type": "array" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "Tags assigned to the resource. A tag is a label that you assign to an AWS resource. Each tag consists of a key/value pair.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "A collection of tags associated with a resource.", "title": "Tags", - "type": "object" + "type": "array" } }, - "required": [ - "AppTemplateBody", - "Name", - "ResourceMappings" - ], "type": "object" }, "Type": { "enum": [ - "AWS::ResilienceHub::App" + "AWS::Route53RecoveryReadiness::Cell" ], "type": "string" }, @@ -229779,134 +276309,11 @@ } }, "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::ResilienceHub::App.EventSubscription": { - "additionalProperties": false, - "properties": { - "EventType": { - "markdownDescription": "The type of event you would like to subscribe and get notification for. Currently, AWS Resilience Hub supports notifications only for *Drift detected* ( `DriftDetected` ) and *Scheduled assessment failure* ( `ScheduledAssessmentFailure` ) events.", - "title": "EventType", - "type": "string" - }, - "Name": { - "markdownDescription": "Unique name to identify an event subscription.", - "title": "Name", - "type": "string" - }, - "SnsTopicArn": { - "markdownDescription": "Amazon Resource Name (ARN) of the Amazon Simple Notification Service topic. The format for this ARN is: `arn:partition:sns:region:account:topic-name` . For more information about ARNs, see [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* guide.", - "title": "SnsTopicArn", - "type": "string" - } - }, - "required": [ - "EventType", - "Name" - ], - "type": "object" - }, - "AWS::ResilienceHub::App.PermissionModel": { - "additionalProperties": false, - "properties": { - "CrossAccountRoleArns": { - "items": { - "type": "string" - }, - "markdownDescription": "Defines a list of role Amazon Resource Names (ARNs) to be used in other accounts. These ARNs are used for querying purposes while importing resources and assessing your application.\n\n> - These ARNs are required only when your resources are in other accounts and you have different role name in these accounts. Else, the invoker role name will be used in the other accounts.\n> - These roles must have a trust policy with `iam:AssumeRole` permission to the invoker role in the primary account.", - "title": "CrossAccountRoleArns", - "type": "array" - }, - "InvokerRoleName": { - "markdownDescription": "Existing AWS IAM role name in the primary AWS account that will be assumed by AWS Resilience Hub Service Principle to obtain a read-only access to your application resources while running an assessment.\n\nIf your IAM role includes a path, you must include the path in the `invokerRoleName` parameter. For example, if your IAM role's ARN is `arn:aws:iam:123456789012:role/my-path/role-name` , you should pass `my-path/role-name` .\n\n> - You must have `iam:passRole` permission for this role while creating or updating the application.\n> - Currently, `invokerRoleName` accepts only `[A-Za-z0-9_+=,.@-]` characters.", - "title": "InvokerRoleName", - "type": "string" - }, - "Type": { - "markdownDescription": "Defines how AWS Resilience Hub scans your resources. It can scan for the resources by using a pre-existing role in your AWS account, or by using the credentials of the current IAM user.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::ResilienceHub::App.PhysicalResourceId": { - "additionalProperties": false, - "properties": { - "AwsAccountId": { - "markdownDescription": "The AWS account that owns the physical resource.", - "title": "AwsAccountId", - "type": "string" - }, - "AwsRegion": { - "markdownDescription": "The AWS Region that the physical resource is located in.", - "title": "AwsRegion", - "type": "string" - }, - "Identifier": { - "markdownDescription": "Identifier of the physical resource.", - "title": "Identifier", - "type": "string" - }, - "Type": { - "markdownDescription": "Specifies the type of physical resource identifier.\n\n- **Arn** - The resource identifier is an Amazon Resource Name (ARN) and it can identify the following list of resources:\n\n- `AWS::ECS::Service`\n- `AWS::EFS::FileSystem`\n- `AWS::ElasticLoadBalancingV2::LoadBalancer`\n- `AWS::Lambda::Function`\n- `AWS::SNS::Topic`\n- **Native** - The resource identifier is an AWS Resilience Hub -native identifier and it can identify the following list of resources:\n\n- `AWS::ApiGateway::RestApi`\n- `AWS::ApiGatewayV2::Api`\n- `AWS::AutoScaling::AutoScalingGroup`\n- `AWS::DocDB::DBCluster`\n- `AWS::DocDB::DBGlobalCluster`\n- `AWS::DocDB::DBInstance`\n- `AWS::DynamoDB::GlobalTable`\n- `AWS::DynamoDB::Table`\n- `AWS::EC2::EC2Fleet`\n- `AWS::EC2::Instance`\n- `AWS::EC2::NatGateway`\n- `AWS::EC2::Volume`\n- `AWS::ElasticLoadBalancing::LoadBalancer`\n- `AWS::RDS::DBCluster`\n- `AWS::RDS::DBInstance`\n- `AWS::RDS::GlobalCluster`\n- `AWS::Route53::RecordSet`\n- `AWS::S3::Bucket`\n- `AWS::SQS::Queue`", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Identifier", "Type" ], "type": "object" }, - "AWS::ResilienceHub::App.ResourceMapping": { - "additionalProperties": false, - "properties": { - "EksSourceName": { - "markdownDescription": "Name of the Amazon Elastic Kubernetes Service cluster and namespace that this resource is mapped to when the `mappingType` is `EKS` .\n\n> This parameter accepts values in \"eks-cluster/namespace\" format.", - "title": "EksSourceName", - "type": "string" - }, - "LogicalStackName": { - "markdownDescription": "Name of the AWS CloudFormation stack this resource is mapped to when the `mappingType` is `CfnStack` .", - "title": "LogicalStackName", - "type": "string" - }, - "MappingType": { - "markdownDescription": "Specifies the type of resource mapping.", - "title": "MappingType", - "type": "string" - }, - "PhysicalResourceId": { - "$ref": "#/definitions/AWS::ResilienceHub::App.PhysicalResourceId", - "markdownDescription": "Identifier of the physical resource.", - "title": "PhysicalResourceId" - }, - "ResourceName": { - "markdownDescription": "Name of the resource that this resource is mapped to when the `mappingType` is `Resource` .", - "title": "ResourceName", - "type": "string" - }, - "TerraformSourceName": { - "markdownDescription": "Name of the Terraform source that this resource is mapped to when the `mappingType` is `Terraform` .", - "title": "TerraformSourceName", - "type": "string" - } - }, - "required": [ - "MappingType", - "PhysicalResourceId" - ], - "type": "object" - }, - "AWS::ResilienceHub::ResiliencyPolicy": { + "AWS::Route53RecoveryReadiness::ReadinessCheck": { "additionalProperties": false, "properties": { "Condition": { @@ -229941,53 +276348,30 @@ "Properties": { "additionalProperties": false, "properties": { - "DataLocationConstraint": { - "markdownDescription": "Specifies a high-level geographical location constraint for where your resilience policy data can be stored.", - "title": "DataLocationConstraint", - "type": "string" - }, - "Policy": { - "$ref": "#/definitions/AWS::ResilienceHub::ResiliencyPolicy.PolicyMap", - "markdownDescription": "The resiliency policy.", - "title": "Policy" - }, - "PolicyDescription": { - "markdownDescription": "Description of the resiliency policy.", - "title": "PolicyDescription", + "ReadinessCheckName": { + "markdownDescription": "The name of the readiness check to create.", + "title": "ReadinessCheckName", "type": "string" }, - "PolicyName": { - "markdownDescription": "The name of the policy", - "title": "PolicyName", + "ResourceSetName": { + "markdownDescription": "The name of the resource set to check.", + "title": "ResourceSetName", "type": "string" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "Tags assigned to the resource. A tag is a label that you assign to an AWS resource. Each tag consists of a key/value pair.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "A collection of tags associated with a resource.", "title": "Tags", - "type": "object" - }, - "Tier": { - "markdownDescription": "The tier for this resiliency policy, ranging from the highest severity ( `MissionCritical` ) to lowest ( `NonCritical` ).", - "title": "Tier", - "type": "string" + "type": "array" } }, - "required": [ - "Policy", - "PolicyName", - "Tier" - ], "type": "object" }, "Type": { "enum": [ - "AWS::ResilienceHub::ResiliencyPolicy" + "AWS::Route53RecoveryReadiness::ReadinessCheck" ], "type": "string" }, @@ -230001,63 +276385,11 @@ } }, "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::ResilienceHub::ResiliencyPolicy.FailurePolicy": { - "additionalProperties": false, - "properties": { - "RpoInSecs": { - "markdownDescription": "Recovery Point Objective (RPO) in seconds.", - "title": "RpoInSecs", - "type": "number" - }, - "RtoInSecs": { - "markdownDescription": "Recovery Time Objective (RTO) in seconds.", - "title": "RtoInSecs", - "type": "number" - } - }, - "required": [ - "RpoInSecs", - "RtoInSecs" - ], - "type": "object" - }, - "AWS::ResilienceHub::ResiliencyPolicy.PolicyMap": { - "additionalProperties": false, - "properties": { - "AZ": { - "$ref": "#/definitions/AWS::ResilienceHub::ResiliencyPolicy.FailurePolicy", - "markdownDescription": "Defines the RTO and RPO targets for Availability Zone disruption.", - "title": "AZ" - }, - "Hardware": { - "$ref": "#/definitions/AWS::ResilienceHub::ResiliencyPolicy.FailurePolicy", - "markdownDescription": "Defines the RTO and RPO targets for hardware disruption.", - "title": "Hardware" - }, - "Region": { - "$ref": "#/definitions/AWS::ResilienceHub::ResiliencyPolicy.FailurePolicy", - "markdownDescription": "Defines the RTO and RPO targets for Regional disruption.", - "title": "Region" - }, - "Software": { - "$ref": "#/definitions/AWS::ResilienceHub::ResiliencyPolicy.FailurePolicy", - "markdownDescription": "Defines the RTO and RPO targets for software disruption.", - "title": "Software" - } - }, - "required": [ - "AZ", - "Hardware", - "Software" + "Type" ], "type": "object" }, - "AWS::ResourceExplorer2::DefaultViewAssociation": { + "AWS::Route53RecoveryReadiness::RecoveryGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -230092,20 +276424,33 @@ "Properties": { "additionalProperties": false, "properties": { - "ViewArn": { - "markdownDescription": "The ARN of the view to set as the default for the AWS Region and AWS account in which you call this operation. The specified view must already exist in the specified Region.", - "title": "ViewArn", + "Cells": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the cell Amazon Resource Names (ARNs) in the recovery group.", + "title": "Cells", + "type": "array" + }, + "RecoveryGroupName": { + "markdownDescription": "The name of the recovery group to create.", + "title": "RecoveryGroupName", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A collection of tags associated with a resource.", + "title": "Tags", + "type": "array" } }, - "required": [ - "ViewArn" - ], "type": "object" }, "Type": { "enum": [ - "AWS::ResourceExplorer2::DefaultViewAssociation" + "AWS::Route53RecoveryReadiness::RecoveryGroup" ], "type": "string" }, @@ -230119,12 +276464,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::ResourceExplorer2::Index": { + "AWS::Route53RecoveryReadiness::ResourceSet": { "additionalProperties": false, "properties": { "Condition": { @@ -230159,50 +276503,164 @@ "Properties": { "additionalProperties": false, "properties": { + "ResourceSetName": { + "markdownDescription": "The name of the resource set to create.", + "title": "ResourceSetName", + "type": "string" + }, + "ResourceSetType": { + "markdownDescription": "The resource type of the resources in the resource set. Enter one of the following values for resource type:\n\nAWS::ApiGateway::Stage, AWS::ApiGatewayV2::Stage, AWS::AutoScaling::AutoScalingGroup, AWS::CloudWatch::Alarm, AWS::EC2::CustomerGateway, AWS::DynamoDB::Table, AWS::EC2::Volume, AWS::ElasticLoadBalancing::LoadBalancer, AWS::ElasticLoadBalancingV2::LoadBalancer, AWS::Lambda::Function, AWS::MSK::Cluster, AWS::RDS::DBCluster, AWS::Route53::HealthCheck, AWS::SQS::Queue, AWS::SNS::Topic, AWS::SNS::Subscription, AWS::EC2::VPC, AWS::EC2::VPNConnection, AWS::EC2::VPNGateway, AWS::Route53RecoveryReadiness::DNSTargetResource.\n\nNote that AWS::Route53RecoveryReadiness::DNSTargetResource is only used for this setting. It isn't an actual AWS CloudFormation resource type.", + "title": "ResourceSetType", + "type": "string" + }, + "Resources": { + "items": { + "$ref": "#/definitions/AWS::Route53RecoveryReadiness::ResourceSet.Resource" + }, + "markdownDescription": "A list of resource objects in the resource set.", + "title": "Resources", + "type": "array" + }, "Tags": { - "additionalProperties": true, - "markdownDescription": "The specified tags are attached to only the index created in this AWS Region . The tags don't attach to any of the resources listed in the index.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "A tag to associate with the parameters for a resource set.", "title": "Tags", - "type": "object" - }, - "Type": { - "markdownDescription": "Specifies the type of the index in this Region. For information about the aggregator index and how it differs from a local index, see [Turning on cross-Region search by creating an aggregator index](https://docs.aws.amazon.com/resource-explorer/latest/userguide/manage-aggregator-region.html) in the *AWS Resource Explorer User Guide.* .", - "title": "Type", - "type": "string" + "type": "array" } }, - "required": [ - "Type" - ], - "type": "object" + "required": [ + "ResourceSetType", + "Resources" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53RecoveryReadiness::ResourceSet" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Route53RecoveryReadiness::ResourceSet.DNSTargetResource": { + "additionalProperties": false, + "properties": { + "DomainName": { + "markdownDescription": "The domain name that acts as an ingress point to a portion of the customer application.", + "title": "DomainName", + "type": "string" + }, + "HostedZoneArn": { + "markdownDescription": "The hosted zone Amazon Resource Name (ARN) that contains the DNS record with the provided name of the target resource.", + "title": "HostedZoneArn", + "type": "string" + }, + "RecordSetId": { + "markdownDescription": "The Amazon Route 53 record set ID that uniquely identifies a DNS record, given a name and a type.", + "title": "RecordSetId", + "type": "string" + }, + "RecordType": { + "markdownDescription": "The type of DNS record of the target resource.", + "title": "RecordType", + "type": "string" + }, + "TargetResource": { + "$ref": "#/definitions/AWS::Route53RecoveryReadiness::ResourceSet.TargetResource", + "markdownDescription": "The target resource that the Route 53 record points to.", + "title": "TargetResource" + } + }, + "type": "object" + }, + "AWS::Route53RecoveryReadiness::ResourceSet.NLBResource": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Network Load Balancer resource Amazon Resource Name (ARN).", + "title": "Arn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Route53RecoveryReadiness::ResourceSet.R53ResourceRecord": { + "additionalProperties": false, + "properties": { + "DomainName": { + "markdownDescription": "The DNS target domain name.", + "title": "DomainName", + "type": "string" + }, + "RecordSetId": { + "markdownDescription": "The Amazon Route 53 Resource Record Set ID.", + "title": "RecordSetId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Route53RecoveryReadiness::ResourceSet.Resource": { + "additionalProperties": false, + "properties": { + "ComponentId": { + "markdownDescription": "The component identifier of the resource, generated when DNS target resource is used.", + "title": "ComponentId", + "type": "string" + }, + "DnsTargetResource": { + "$ref": "#/definitions/AWS::Route53RecoveryReadiness::ResourceSet.DNSTargetResource", + "markdownDescription": "A component for DNS/routing control readiness checks. This is a required setting when `ResourceSet` `ResourceSetType` is set to `AWS::Route53RecoveryReadiness::DNSTargetResource` . Do not set it for any other `ResourceSetType` setting.", + "title": "DnsTargetResource" + }, + "ReadinessScopes": { + "items": { + "type": "string" + }, + "markdownDescription": "The recovery group Amazon Resource Name (ARN) or the cell ARN that the readiness checks for this resource set are scoped to.", + "title": "ReadinessScopes", + "type": "array" }, - "Type": { - "enum": [ - "AWS::ResourceExplorer2::Index" - ], + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS resource. This is a required setting for all `ResourceSet` `ResourceSetType` settings except `AWS::Route53RecoveryReadiness::DNSTargetResource` . Do not set this when `ResourceSetType` is set to `AWS::Route53RecoveryReadiness::DNSTargetResource` .", + "title": "ResourceArn", "type": "string" + } + }, + "type": "object" + }, + "AWS::Route53RecoveryReadiness::ResourceSet.TargetResource": { + "additionalProperties": false, + "properties": { + "NLBResource": { + "$ref": "#/definitions/AWS::Route53RecoveryReadiness::ResourceSet.NLBResource", + "markdownDescription": "The Network Load Balancer resource that a DNS target resource points to.", + "title": "NLBResource" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "R53Resource": { + "$ref": "#/definitions/AWS::Route53RecoveryReadiness::ResourceSet.R53ResourceRecord", + "markdownDescription": "The Route 53 resource that a DNS target resource record points to.", + "title": "R53Resource" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::ResourceExplorer2::View": { + "AWS::Route53Resolver::FirewallDomainList": { "additionalProperties": false, "properties": { "Condition": { @@ -230237,49 +276695,38 @@ "Properties": { "additionalProperties": false, "properties": { - "Filters": { - "$ref": "#/definitions/AWS::ResourceExplorer2::View.SearchFilter", - "markdownDescription": "An array of strings that include search keywords, prefixes, and operators that filter the results that are returned for queries made using this view. When you use this view in a [Search](https://docs.aws.amazon.com/resource-explorer/latest/apireference/API_Search.html) operation, the filter string is combined with the search's `QueryString` parameter using a logical `AND` operator.\n\nFor information about the supported syntax, see [Search query reference for Resource Explorer](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html) in the *AWS Resource Explorer User Guide* .\n\n> This query string in the context of this operation supports only [filter prefixes](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html#query-syntax-filters) with optional [operators](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html#query-syntax-operators) . It doesn't support free-form text. For example, the string `region:us* service:ec2 -tag:stage=prod` includes all Amazon EC2 resources in any AWS Region that begin with the letters `us` and are *not* tagged with a key `Stage` that has the value `prod` .", - "title": "Filters" + "DomainFileUrl": { + "markdownDescription": "The fully qualified URL or URI of the file stored in Amazon Simple Storage Service (Amazon S3) that contains the list of domains to import.\n\nThe file must be in an S3 bucket that's in the same Region as your DNS Firewall. The file must be a text file and must contain a single domain per line.", + "title": "DomainFileUrl", + "type": "string" }, - "IncludedProperties": { + "Domains": { "items": { - "$ref": "#/definitions/AWS::ResourceExplorer2::View.IncludedProperty" + "type": "string" }, - "markdownDescription": "A list of fields that provide additional information about the view.", - "title": "IncludedProperties", + "markdownDescription": "A list of the domain lists that you have defined.", + "title": "Domains", "type": "array" }, - "Scope": { - "markdownDescription": "The root ARN of the account, an organizational unit (OU), or an organization ARN. If left empty, the default is account.", - "title": "Scope", + "Name": { + "markdownDescription": "The name of the domain list.", + "title": "Name", "type": "string" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "Tag key and value pairs that are attached to the view.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "A list of the tag keys and values that you want to associate with the domain list.", "title": "Tags", - "type": "object" - }, - "ViewName": { - "markdownDescription": "The name of the new view.", - "title": "ViewName", - "type": "string" + "type": "array" } }, - "required": [ - "ViewName" - ], "type": "object" }, "Type": { "enum": [ - "AWS::ResourceExplorer2::View" + "AWS::Route53Resolver::FirewallDomainList" ], "type": "string" }, @@ -230293,40 +276740,11 @@ } }, "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::ResourceExplorer2::View.IncludedProperty": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the property that is included in this view.", - "title": "Name", - "type": "string" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "AWS::ResourceExplorer2::View.SearchFilter": { - "additionalProperties": false, - "properties": { - "FilterString": { - "markdownDescription": "The string that contains the search keywords, prefixes, and operators to control the results that can be returned by a Search operation.\n\nFor information about the supported syntax, see [Search query reference](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html) in the *AWS Resource Explorer User Guide* .\n\n> This query string in the context of this operation supports only [filter prefixes](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html#query-syntax-filters) with optional [operators](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html#query-syntax-operators) . It doesn't support free-form text. For example, the string `region:us* service:ec2 -tag:stage=prod` includes all Amazon EC2 resources in any AWS Region that begin with the letters `us` and are *not* tagged with a key `Stage` that has the value `prod` .", - "title": "FilterString", - "type": "string" - } - }, - "required": [ - "FilterString" + "Type" ], "type": "object" }, - "AWS::ResourceGroups::Group": { + "AWS::Route53Resolver::FirewallRuleGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -230361,54 +276779,33 @@ "Properties": { "additionalProperties": false, "properties": { - "Configuration": { + "FirewallRules": { "items": { - "$ref": "#/definitions/AWS::ResourceGroups::Group.ConfigurationItem" + "$ref": "#/definitions/AWS::Route53Resolver::FirewallRuleGroup.FirewallRule" }, - "markdownDescription": "The service configuration currently associated with the resource group and in effect for the members of the resource group. A `Configuration` consists of one or more `ConfigurationItem` entries. For information about service configurations for resource groups and how to construct them, see [Service configurations for resource groups](https://docs.aws.amazon.com//ARG/latest/APIReference/about-slg.html) in the *AWS Resource Groups User Guide* .\n\n> You can include either a `Configuration` or a `ResourceQuery` , but not both.", - "title": "Configuration", + "markdownDescription": "A list of the rules that you have defined.", + "title": "FirewallRules", "type": "array" }, - "Description": { - "markdownDescription": "The description of the resource group.", - "title": "Description", - "type": "string" - }, "Name": { - "markdownDescription": "The name of a resource group. The name must be unique within the AWS Region in which you create the resource. To create multiple resource groups based on the same CloudFormation stack, you must generate unique names for each.", + "markdownDescription": "The name of the rule group.", "title": "Name", "type": "string" }, - "ResourceQuery": { - "$ref": "#/definitions/AWS::ResourceGroups::Group.ResourceQuery", - "markdownDescription": "The resource query structure that is used to dynamically determine which AWS resources are members of the associated resource group. For more information about queries and how to construct them, see [Build queries and groups in AWS Resource Groups](https://docs.aws.amazon.com//ARG/latest/userguide/gettingstarted-query.html) in the *AWS Resource Groups User Guide*\n\n> - You can include either a `ResourceQuery` or a `Configuration` , but not both.\n> - You can specify the group's membership either by using a `ResourceQuery` or by using a list of `Resources` , but not both.", - "title": "ResourceQuery" - }, - "Resources": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the Amazon Resource Names (ARNs) of AWS resources that you want to add to the specified group.\n\n> - You can specify the group membership either by using a list of `Resources` or by using a `ResourceQuery` , but not both.\n> - You can include a `Resources` property only if you also specify a `Configuration` property.", - "title": "Resources", - "type": "array" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tag key and value pairs that are attached to the resource group.", + "markdownDescription": "A list of the tag keys and values that you want to associate with the rule group.", "title": "Tags", "type": "array" } }, - "required": [ - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::ResourceGroups::Group" + "AWS::Route53Resolver::FirewallRuleGroup" ], "type": "string" }, @@ -230422,112 +276819,81 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::ResourceGroups::Group.ConfigurationItem": { + "AWS::Route53Resolver::FirewallRuleGroup.FirewallRule": { "additionalProperties": false, "properties": { - "Parameters": { - "items": { - "$ref": "#/definitions/AWS::ResourceGroups::Group.ConfigurationParameter" - }, - "markdownDescription": "A collection of parameters for this configuration item. For the list of parameters that you can use with each configuration item `Type` , see [Supported resource types and parameters](https://docs.aws.amazon.com//ARG/latest/APIReference/about-slg.html#about-slg-types) in the *AWS Resource Groups User Guide* .", - "title": "Parameters", - "type": "array" + "Action": { + "markdownDescription": "The action that DNS Firewall should take on a DNS query when it matches one of the domains in the rule's domain list, or a threat in a DNS Firewall Advvanced rule:\n\n- `ALLOW` - Permit the request to go through. Not available for DNS Firewall Advanced rules.\n- `ALERT` - Permit the request to go through but send an alert to the logs.\n- `BLOCK` - Disallow the request. If this is specified,then `BlockResponse` must also be specified.\n\nif `BlockResponse` is `OVERRIDE` , then all of the following `OVERRIDE` attributes must be specified:\n\n- `BlockOverrideDnsType`\n- `BlockOverrideDomain`\n- `BlockOverrideTtl`", + "title": "Action", + "type": "string" }, - "Type": { - "markdownDescription": "Specifies the type of configuration item. Each item must have a unique value for type. For the list of the types that you can specify for a configuration item, see [Supported resource types and parameters](https://docs.aws.amazon.com//ARG/latest/APIReference/about-slg.html#about-slg-types) in the *AWS Resource Groups User Guide* .", - "title": "Type", + "BlockOverrideDnsType": { + "markdownDescription": "The DNS record's type. This determines the format of the record value that you provided in `BlockOverrideDomain` . Used for the rule action `BLOCK` with a `BlockResponse` setting of `OVERRIDE` .", + "title": "BlockOverrideDnsType", "type": "string" - } - }, - "type": "object" - }, - "AWS::ResourceGroups::Group.ConfigurationParameter": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the group configuration parameter. For the list of parameters that you can use with each configuration item type, see [Supported resource types and parameters](https://docs.aws.amazon.com//ARG/latest/APIReference/about-slg.html#about-slg-types) in the *AWS Resource Groups User Guide* .", - "title": "Name", + }, + "BlockOverrideDomain": { + "markdownDescription": "The custom DNS record to send back in response to the query. Used for the rule action `BLOCK` with a `BlockResponse` setting of `OVERRIDE` .", + "title": "BlockOverrideDomain", "type": "string" }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The value or values to be used for the specified parameter. For the list of values you can use with each parameter, see [Supported resource types and parameters](https://docs.aws.amazon.com//ARG/latest/APIReference/about-slg.html#about-slg-types) .", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ResourceGroups::Group.Query": { - "additionalProperties": false, - "properties": { - "ResourceTypeFilters": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies limits to the types of resources that can be included in the resource group. For example, if `ResourceTypeFilters` is `[\"AWS::EC2::Instance\", \"AWS::DynamoDB::Table\"]` , only EC2 instances or DynamoDB tables can be members of this resource group. The default value is `[\"AWS::AllSupported\"]` .", - "title": "ResourceTypeFilters", - "type": "array" + "BlockOverrideTtl": { + "markdownDescription": "The recommended amount of time, in seconds, for the DNS resolver or web browser to cache the provided override record. Used for the rule action `BLOCK` with a `BlockResponse` setting of `OVERRIDE` .", + "title": "BlockOverrideTtl", + "type": "number" }, - "StackIdentifier": { - "markdownDescription": "Specifies the ARN of a CloudFormation stack. All supported resources of the CloudFormation stack are members of the resource group. If you don't specify an ARN, this parameter defaults to the current stack that you are defining, which means that all the resources of the current stack are grouped.\n\nYou can specify a value for `StackIdentifier` only when the `ResourceQuery.Type` property is `CLOUDFORMATION_STACK_1_0.`", - "title": "StackIdentifier", + "BlockResponse": { + "markdownDescription": "The way that you want DNS Firewall to block the request. Used for the rule action setting `BLOCK` .\n\n- `NODATA` - Respond indicating that the query was successful, but no response is available for it.\n- `NXDOMAIN` - Respond indicating that the domain name that's in the query doesn't exist.\n- `OVERRIDE` - Provide a custom override in the response. This option requires custom handling details in the rule's `BlockOverride*` settings.", + "title": "BlockResponse", "type": "string" }, - "TagFilters": { - "items": { - "$ref": "#/definitions/AWS::ResourceGroups::Group.TagFilter" - }, - "markdownDescription": "A list of key-value pair objects that limit which resources can be members of the resource group. This property is required when the `ResourceQuery.Type` property is `TAG_FILTERS_1_0` .\n\nA resource must have a tag that matches every filter that is provided in the `TagFilters` list.", - "title": "TagFilters", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ResourceGroups::Group.ResourceQuery": { - "additionalProperties": false, - "properties": { - "Query": { - "$ref": "#/definitions/AWS::ResourceGroups::Group.Query", - "markdownDescription": "The query that defines the membership of the group. This is a structure with properties that depend on the `Type` .\n\nThe `Query` structure must be included in the following scenarios:\n\n- When the `Type` is `TAG_FILTERS_1_0` , you must specify a `Query` structure that contains a `TagFilters` list of tags. Resources with tags that match those in the `TagFilter` list become members of the resource group.\n- When the `Type` is `CLOUDFORMATION_STACK_1_0` then this field is required only when you must specify a CloudFormation stack other than the one you are defining. To do this, the `Query` structure must contain the `StackIdentifier` property. If you don't specify either a `Query` structure or a `StackIdentifier` within that `Query` , then it defaults to the CloudFormation stack that you're currently constructing.", - "title": "Query" + "ConfidenceThreshold": { + "markdownDescription": "The confidence threshold for DNS Firewall Advanced. You must provide this value when you create a DNS Firewall Advanced rule. The confidence level values mean:\n\n- `LOW` : Provides the highest detection rate for threats, but also increases false positives.\n- `MEDIUM` : Provides a balance between detecting threats and false positives.\n- `HIGH` : Detects only the most well corroborated threats with a low rate of false positives.", + "title": "ConfidenceThreshold", + "type": "string" }, - "Type": { - "markdownDescription": "Specifies the type of resource query that determines this group's membership. There are two valid query types:\n\n- `TAG_FILTERS_1_0` indicates that the group is a tag-based group. To complete the group membership, you must include the `TagFilters` property to specify the tag filters to use in the query.\n- `CLOUDFORMATION_STACK_1_0` , the default, indicates that the group is a CloudFormation stack-based group. Group membership is based on the CloudFormation stack. You must specify the `StackIdentifier` property in the query to define which stack to associate the group with, or leave it empty to default to the stack where the group is defined.", - "title": "Type", + "DnsThreatProtection": { + "markdownDescription": "The type of the DNS Firewall Advanced rule. Valid values are:\n\n- `DGA` : Domain generation algorithms detection. DGAs are used by attackers to generate a large number of domains to to launch malware attacks.\n- `DNS_TUNNELING` : DNS tunneling detection. DNS tunneling is used by attackers to exfiltrate data from the client by using the DNS tunnel without making a network connection to the client.", + "title": "DnsThreatProtection", "type": "string" - } - }, - "type": "object" - }, - "AWS::ResourceGroups::Group.TagFilter": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "A string that defines a tag key. Only resources in the account that are tagged with a specified tag key are members of the tag-based resource group.\n\nThis field is required when the `ResourceQuery` structure's `Type` property is `TAG_FILTERS_1_0` . You must specify at least one tag key.", - "title": "Key", + }, + "FirewallDomainListId": { + "markdownDescription": "The ID of the domain list that's used in the rule.", + "title": "FirewallDomainListId", "type": "string" }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of tag values that can be included in the tag-based resource group. This is optional. If you don't specify a value or values for a key, then an AWS resource with any value for that key is a member.", - "title": "Values", - "type": "array" + "FirewallDomainRedirectionAction": { + "markdownDescription": "How you want the the rule to evaluate DNS redirection in the DNS redirection chain, such as CNAME, or DNAME.\n\n`Inspect_Redirection_Domain` (Default) inspects all domains in the redirection chain. The individual domains in the redirection chain must be added to the domain list.\n\n`Trust_Redirection_Domain` inspects only the first domain in the redirection chain. You don't need to add the subsequent domains in the domain in the redirection list to the domain list.", + "title": "FirewallDomainRedirectionAction", + "type": "string" + }, + "FirewallThreatProtectionId": { + "markdownDescription": "ID of the DNS Firewall Advanced rule.", + "title": "FirewallThreatProtectionId", + "type": "string" + }, + "Priority": { + "markdownDescription": "The priority of the rule in the rule group. This value must be unique within the rule group. DNS Firewall processes the rules in a rule group by order of priority, starting from the lowest setting.", + "title": "Priority", + "type": "number" + }, + "Qtype": { + "markdownDescription": "The DNS query type you want the rule to evaluate. Allowed values are;\n\n- A: Returns an IPv4 address.\n- AAAA: Returns an Ipv6 address.\n- CAA: Restricts CAs that can create SSL/TLS certifications for the domain.\n- CNAME: Returns another domain name.\n- DS: Record that identifies the DNSSEC signing key of a delegated zone.\n- MX: Specifies mail servers.\n- NAPTR: Regular-expression-based rewriting of domain names.\n- NS: Authoritative name servers.\n- PTR: Maps an IP address to a domain name.\n- SOA: Start of authority record for the zone.\n- SPF: Lists the servers authorized to send emails from a domain.\n- SRV: Application specific values that identify servers.\n- TXT: Verifies email senders and application-specific values.\n- A query type you define by using the DNS type ID, for example 28 for AAAA. The values must be defined as TYPE NUMBER , where the NUMBER can be 1-65334, for example, TYPE28. For more information, see [List of DNS record types](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/List_of_DNS_record_types) .", + "title": "Qtype", + "type": "string" } }, + "required": [ + "Action", + "Priority" + ], "type": "object" }, - "AWS::RoboMaker::Fleet": { + "AWS::Route53Resolver::FirewallRuleGroupAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -230562,28 +276928,50 @@ "Properties": { "additionalProperties": false, "properties": { + "FirewallRuleGroupId": { + "markdownDescription": "The unique identifier of the firewall rule group.", + "title": "FirewallRuleGroupId", + "type": "string" + }, + "MutationProtection": { + "markdownDescription": "If enabled, this setting disallows modification or removal of the association, to help prevent against accidentally altering DNS firewall protections.", + "title": "MutationProtection", + "type": "string" + }, "Name": { - "markdownDescription": "The name of the fleet.", + "markdownDescription": "The name of the association.", "title": "Name", "type": "string" }, + "Priority": { + "markdownDescription": "The setting that determines the processing order of the rule group among the rule groups that are associated with a single VPC. DNS Firewall filters VPC traffic starting from rule group with the lowest numeric priority setting.\n\nYou must specify a unique priority for each rule group that you associate with a single VPC. To make it easier to insert rule groups later, leave space between the numbers, for example, use 101, 200, and so on. You can change the priority setting for a rule group association after you create it.\n\nThe allowed values for `Priority` are between 100 and 9900 (excluding 100 and 9900).", + "title": "Priority", + "type": "number" + }, "Tags": { - "additionalProperties": true, - "markdownDescription": "The list of all tags added to the fleet.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "A list of the tag keys and values that you want to associate with the rule group.", "title": "Tags", - "type": "object" + "type": "array" + }, + "VpcId": { + "markdownDescription": "The unique identifier of the VPC that is associated with the rule group.", + "title": "VpcId", + "type": "string" } }, + "required": [ + "FirewallRuleGroupId", + "Priority", + "VpcId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::RoboMaker::Fleet" + "AWS::Route53Resolver::FirewallRuleGroupAssociation" ], "type": "string" }, @@ -230597,11 +276985,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::RoboMaker::Robot": { + "AWS::Route53Resolver::OutpostResolver": { "additionalProperties": false, "properties": { "Condition": { @@ -230636,47 +277025,45 @@ "Properties": { "additionalProperties": false, "properties": { - "Architecture": { - "markdownDescription": "The architecture of the robot.", - "title": "Architecture", - "type": "string" + "InstanceCount": { + "markdownDescription": "Amazon EC2 instance count for the Resolver on the Outpost.", + "title": "InstanceCount", + "type": "number" }, - "Fleet": { - "markdownDescription": "The Amazon Resource Name (ARN) of the fleet to which the robot will be registered.", - "title": "Fleet", + "Name": { + "markdownDescription": "Name of the Resolver.", + "title": "Name", "type": "string" }, - "GreengrassGroupId": { - "markdownDescription": "The Greengrass group associated with the robot.", - "title": "GreengrassGroupId", + "OutpostArn": { + "markdownDescription": "The ARN (Amazon Resource Name) for the Outpost.", + "title": "OutpostArn", "type": "string" }, - "Name": { - "markdownDescription": "The name of the robot.", - "title": "Name", + "PreferredInstanceType": { + "markdownDescription": "The Amazon EC2 instance type. If you specify this, you must also specify a value for the `OutpostArn` .", + "title": "PreferredInstanceType", "type": "string" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "A map that contains tag keys and tag values that are attached to the robot.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "A key value pair that helps you identify a Route\u00a053 Resolver .", "title": "Tags", - "type": "object" + "type": "array" } }, "required": [ - "Architecture", - "GreengrassGroupId" + "Name", + "OutpostArn", + "PreferredInstanceType" ], "type": "object" }, "Type": { "enum": [ - "AWS::RoboMaker::Robot" + "AWS::Route53Resolver::OutpostResolver" ], "type": "string" }, @@ -230695,7 +277082,7 @@ ], "type": "object" }, - "AWS::RoboMaker::RobotApplication": { + "AWS::Route53Resolver::ResolverConfig": { "additionalProperties": false, "properties": { "Condition": { @@ -230730,54 +277117,26 @@ "Properties": { "additionalProperties": false, "properties": { - "CurrentRevisionId": { - "markdownDescription": "The current revision id.", - "title": "CurrentRevisionId", - "type": "string" - }, - "Environment": { - "markdownDescription": "The environment of the robot application.", - "title": "Environment", + "AutodefinedReverseFlag": { + "markdownDescription": "Represents the desired status of `AutodefinedReverse` . The only supported value on creation is `DISABLE` . Deletion of this resource will return `AutodefinedReverse` to its default value of `ENABLED` .", + "title": "AutodefinedReverseFlag", "type": "string" }, - "Name": { - "markdownDescription": "The name of the robot application.", - "title": "Name", + "ResourceId": { + "markdownDescription": "The ID of the Amazon Virtual Private Cloud VPC or a Route 53 Profile that you're configuring Resolver for.", + "title": "ResourceId", "type": "string" - }, - "RobotSoftwareSuite": { - "$ref": "#/definitions/AWS::RoboMaker::RobotApplication.RobotSoftwareSuite", - "markdownDescription": "The robot software suite used by the robot application.", - "title": "RobotSoftwareSuite" - }, - "Sources": { - "items": { - "$ref": "#/definitions/AWS::RoboMaker::RobotApplication.SourceConfig" - }, - "markdownDescription": "The sources of the robot application.", - "title": "Sources", - "type": "array" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "A map that contains tag keys and tag values that are attached to the robot application.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" } }, "required": [ - "RobotSoftwareSuite" + "AutodefinedReverseFlag", + "ResourceId" ], "type": "object" }, "Type": { "enum": [ - "AWS::RoboMaker::RobotApplication" + "AWS::Route53Resolver::ResolverConfig" ], "type": "string" }, @@ -230796,52 +277155,7 @@ ], "type": "object" }, - "AWS::RoboMaker::RobotApplication.RobotSoftwareSuite": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the robot software suite. `General` is the only supported value.", - "title": "Name", - "type": "string" - }, - "Version": { - "markdownDescription": "The version of the robot software suite. Not applicable for General software suite.", - "title": "Version", - "type": "string" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "AWS::RoboMaker::RobotApplication.SourceConfig": { - "additionalProperties": false, - "properties": { - "Architecture": { - "markdownDescription": "The target processor architecture for the application.", - "title": "Architecture", - "type": "string" - }, - "S3Bucket": { - "markdownDescription": "The Amazon S3 bucket name.", - "title": "S3Bucket", - "type": "string" - }, - "S3Key": { - "markdownDescription": "The s3 object key.", - "title": "S3Key", - "type": "string" - } - }, - "required": [ - "Architecture", - "S3Bucket", - "S3Key" - ], - "type": "object" - }, - "AWS::RoboMaker::RobotApplicationVersion": { + "AWS::Route53Resolver::ResolverDNSSECConfig": { "additionalProperties": false, "properties": { "Condition": { @@ -230876,25 +277190,17 @@ "Properties": { "additionalProperties": false, "properties": { - "Application": { - "markdownDescription": "The application information for the robot application.", - "title": "Application", - "type": "string" - }, - "CurrentRevisionId": { - "markdownDescription": "The current revision id for the robot application. If you provide a value and it matches the latest revision ID, a new version will be created.", - "title": "CurrentRevisionId", + "ResourceId": { + "markdownDescription": "The ID of the virtual private cloud (VPC) that you're configuring the DNSSEC validation status for.", + "title": "ResourceId", "type": "string" } }, - "required": [ - "Application" - ], "type": "object" }, "Type": { "enum": [ - "AWS::RoboMaker::RobotApplicationVersion" + "AWS::Route53Resolver::ResolverDNSSECConfig" ], "type": "string" }, @@ -230908,12 +277214,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::RoboMaker::SimulationApplication": { + "AWS::Route53Resolver::ResolverEndpoint": { "additionalProperties": false, "properties": { "Condition": { @@ -230948,65 +277253,74 @@ "Properties": { "additionalProperties": false, "properties": { - "CurrentRevisionId": { - "markdownDescription": "The current revision id.", - "title": "CurrentRevisionId", + "Direction": { + "markdownDescription": "Indicates whether the Resolver endpoint allows inbound or outbound DNS queries:\n\n- `INBOUND` : allows DNS queries to your VPC from your network\n- `OUTBOUND` : allows DNS queries from your VPC to your network\n- `INBOUND_DELEGATION` : Resolver delegates queries to Route 53 private hosted zones from your network.", + "title": "Direction", "type": "string" }, - "Environment": { - "markdownDescription": "The environment of the simulation application.", - "title": "Environment", - "type": "string" + "IpAddresses": { + "items": { + "$ref": "#/definitions/AWS::Route53Resolver::ResolverEndpoint.IpAddressRequest" + }, + "markdownDescription": "The subnets and IP addresses in your VPC that DNS queries originate from (for outbound endpoints) or that you forward DNS queries to (for inbound endpoints). The subnet ID uniquely identifies a VPC.\n\n> Even though the minimum is 1, Route\u00a053 requires that you create at least two.", + "title": "IpAddresses", + "type": "array" }, "Name": { - "markdownDescription": "The name of the simulation application.", + "markdownDescription": "A friendly name that lets you easily find a configuration in the Resolver dashboard in the Route 53 console.", "title": "Name", "type": "string" }, - "RenderingEngine": { - "$ref": "#/definitions/AWS::RoboMaker::SimulationApplication.RenderingEngine", - "markdownDescription": "The rendering engine for the simulation application.", - "title": "RenderingEngine" + "OutpostArn": { + "markdownDescription": "The ARN (Amazon Resource Name) for the Outpost.", + "title": "OutpostArn", + "type": "string" }, - "RobotSoftwareSuite": { - "$ref": "#/definitions/AWS::RoboMaker::SimulationApplication.RobotSoftwareSuite", - "markdownDescription": "The robot software suite used by the simulation application.", - "title": "RobotSoftwareSuite" + "PreferredInstanceType": { + "markdownDescription": "The Amazon EC2 instance type.", + "title": "PreferredInstanceType", + "type": "string" }, - "SimulationSoftwareSuite": { - "$ref": "#/definitions/AWS::RoboMaker::SimulationApplication.SimulationSoftwareSuite", - "markdownDescription": "The simulation software suite used by the simulation application.", - "title": "SimulationSoftwareSuite" + "Protocols": { + "items": { + "type": "string" + }, + "markdownDescription": "Protocols used for the endpoint. DoH-FIPS is applicable for a default inbound endpoints only.\n\nFor an inbound endpoint you can apply the protocols as follows:\n\n- Do53 and DoH in combination.\n- Do53 and DoH-FIPS in combination.\n- Do53 alone.\n- DoH alone.\n- DoH-FIPS alone.\n- None, which is treated as Do53.\n\nFor a delegation inbound endpoint you can use Do53 only.\n\nFor an outbound endpoint you can apply the protocols as follows:\n\n- Do53 and DoH in combination.\n- Do53 alone.\n- DoH alone.\n- None, which is treated as Do53.", + "title": "Protocols", + "type": "array" }, - "Sources": { + "ResolverEndpointType": { + "markdownDescription": "The Resolver endpoint IP address type.", + "title": "ResolverEndpointType", + "type": "string" + }, + "SecurityGroupIds": { "items": { - "$ref": "#/definitions/AWS::RoboMaker::SimulationApplication.SourceConfig" + "type": "string" }, - "markdownDescription": "The sources of the simulation application.", - "title": "Sources", + "markdownDescription": "The ID of one or more security groups that control access to this VPC. The security group must include one or more inbound rules (for inbound endpoints) or outbound rules (for outbound endpoints). Inbound and outbound rules must allow TCP and UDP access. For inbound access, open port 53. For outbound access, open the port that you're using for DNS queries on your network.", + "title": "SecurityGroupIds", "type": "array" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "A map that contains tag keys and tag values that are attached to the simulation application.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "Route 53 Resolver doesn't support updating tags through CloudFormation.", "title": "Tags", - "type": "object" + "type": "array" } }, "required": [ - "RobotSoftwareSuite", - "SimulationSoftwareSuite" + "Direction", + "IpAddresses", + "SecurityGroupIds" ], "type": "object" }, "Type": { "enum": [ - "AWS::RoboMaker::SimulationApplication" + "AWS::Route53Resolver::ResolverEndpoint" ], "type": "string" }, @@ -231025,91 +277339,107 @@ ], "type": "object" }, - "AWS::RoboMaker::SimulationApplication.RenderingEngine": { + "AWS::Route53Resolver::ResolverEndpoint.IpAddressRequest": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the rendering engine.", - "title": "Name", + "Ip": { + "markdownDescription": "The IPv4 address that you want to use for DNS queries.", + "title": "Ip", "type": "string" }, - "Version": { - "markdownDescription": "The version of the rendering engine.", - "title": "Version", - "type": "string" - } - }, - "required": [ - "Name", - "Version" - ], - "type": "object" - }, - "AWS::RoboMaker::SimulationApplication.RobotSoftwareSuite": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the robot software suite. `General` is the only supported value.", - "title": "Name", + "Ipv6": { + "markdownDescription": "The IPv6 address that you want to use for DNS queries.", + "title": "Ipv6", "type": "string" }, - "Version": { - "markdownDescription": "The version of the robot software suite. Not applicable for General software suite.", - "title": "Version", + "SubnetId": { + "markdownDescription": "The ID of the subnet that contains the IP address.", + "title": "SubnetId", "type": "string" } }, "required": [ - "Name" + "SubnetId" ], "type": "object" }, - "AWS::RoboMaker::SimulationApplication.SimulationSoftwareSuite": { + "AWS::Route53Resolver::ResolverQueryLoggingConfig": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the simulation software suite. `SimulationRuntime` is the only supported value.", - "title": "Name", + "Condition": { "type": "string" }, - "Version": { - "markdownDescription": "The version of the simulation software suite. Not applicable for `SimulationRuntime` .", - "title": "Version", - "type": "string" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "AWS::RoboMaker::SimulationApplication.SourceConfig": { - "additionalProperties": false, - "properties": { - "Architecture": { - "markdownDescription": "The target processor architecture for the application.", - "title": "Architecture", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "S3Bucket": { - "markdownDescription": "The Amazon S3 bucket name.", - "title": "S3Bucket", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DestinationArn": { + "markdownDescription": "The ARN of the resource that you want Resolver to send query logs: an Amazon S3 bucket, a CloudWatch Logs log group, or a Kinesis Data Firehose delivery stream.", + "title": "DestinationArn", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the query logging configuration.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53Resolver::ResolverQueryLoggingConfig" + ], "type": "string" }, - "S3Key": { - "markdownDescription": "The s3 object key.", - "title": "S3Key", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Architecture", - "S3Bucket", - "S3Key" + "Type" ], "type": "object" }, - "AWS::RoboMaker::SimulationApplicationVersion": { + "AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -231144,25 +277474,22 @@ "Properties": { "additionalProperties": false, "properties": { - "Application": { - "markdownDescription": "The application information for the simulation application.", - "title": "Application", + "ResolverQueryLogConfigId": { + "markdownDescription": "The ID of the query logging configuration that a VPC is associated with.", + "title": "ResolverQueryLogConfigId", "type": "string" }, - "CurrentRevisionId": { - "markdownDescription": "The current revision id for the simulation application. If you provide a value and it matches the latest revision ID, a new version will be created.", - "title": "CurrentRevisionId", + "ResourceId": { + "markdownDescription": "The ID of the Amazon VPC that is associated with the query logging configuration.", + "title": "ResourceId", "type": "string" } }, - "required": [ - "Application" - ], "type": "object" }, "Type": { "enum": [ - "AWS::RoboMaker::SimulationApplicationVersion" + "AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation" ], "type": "string" }, @@ -231176,12 +277503,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::RolesAnywhere::CRL": { + "AWS::Route53Resolver::ResolverRule": { "additionalProperties": false, "properties": { "Condition": { @@ -231216,44 +277542,56 @@ "Properties": { "additionalProperties": false, "properties": { - "CrlData": { - "markdownDescription": "The x509 v3 specified certificate revocation list (CRL).", - "title": "CrlData", + "DelegationRecord": { + "markdownDescription": "DNS queries with delegation records that point to this domain name are forwarded to resolvers on your network.", + "title": "DelegationRecord", "type": "string" }, - "Enabled": { - "markdownDescription": "Specifies whether the certificate revocation list (CRL) is enabled.", - "title": "Enabled", - "type": "boolean" + "DomainName": { + "markdownDescription": "DNS queries for this domain name are forwarded to the IP addresses that are specified in `TargetIps` . If a query matches multiple Resolver rules (example.com and www.example.com), the query is routed using the Resolver rule that contains the most specific domain name (www.example.com).", + "title": "DomainName", + "type": "string" }, "Name": { - "markdownDescription": "The name of the certificate revocation list (CRL).", + "markdownDescription": "The name for the Resolver rule, which you specified when you created the Resolver rule.", "title": "Name", "type": "string" }, + "ResolverEndpointId": { + "markdownDescription": "The ID of the endpoint that the rule is associated with.", + "title": "ResolverEndpointId", + "type": "string" + }, + "RuleType": { + "markdownDescription": "When you want to forward DNS queries for specified domain name to resolvers on your network, specify `FORWARD` or `DELEGATE` . If a query matches multiple Resolver rules (example.com and www.example.com), outbound DNS queries are routed using the Resolver rule that contains the most specific domain name (www.example.com).\n\nWhen you have a forwarding rule to forward DNS queries for a domain to your network and you want Resolver to process queries for a subdomain of that domain, specify `SYSTEM` .\n\nFor example, to forward DNS queries for example.com to resolvers on your network, you create a rule and specify `FORWARD` for `RuleType` . To then have Resolver process queries for apex.example.com, you create a rule and specify `SYSTEM` for `RuleType` .\n\nCurrently, only Resolver can create rules that have a value of `RECURSIVE` for `RuleType` .", + "title": "RuleType", + "type": "string" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tags to attach to the certificate revocation list (CRL).", + "markdownDescription": "Tags help organize and categorize your Resolver rules. Each tag consists of a key and an optional value, both of which you define.", "title": "Tags", "type": "array" }, - "TrustAnchorArn": { - "markdownDescription": "The ARN of the TrustAnchor the certificate revocation list (CRL) will provide revocation for.", - "title": "TrustAnchorArn", - "type": "string" + "TargetIps": { + "items": { + "$ref": "#/definitions/AWS::Route53Resolver::ResolverRule.TargetAddress" + }, + "markdownDescription": "An array that contains the IP addresses and ports that an outbound endpoint forwards DNS queries to. Typically, these are the IP addresses of DNS resolvers on your network.", + "title": "TargetIps", + "type": "array" } }, "required": [ - "CrlData", - "Name" + "RuleType" ], "type": "object" }, "Type": { "enum": [ - "AWS::RolesAnywhere::CRL" + "AWS::Route53Resolver::ResolverRule" ], "type": "string" }, @@ -231272,7 +277610,38 @@ ], "type": "object" }, - "AWS::RolesAnywhere::Profile": { + "AWS::Route53Resolver::ResolverRule.TargetAddress": { + "additionalProperties": false, + "properties": { + "Ip": { + "markdownDescription": "One IPv4 address that you want to forward DNS queries to.", + "title": "Ip", + "type": "string" + }, + "Ipv6": { + "markdownDescription": "One IPv6 address that you want to forward DNS queries to.", + "title": "Ipv6", + "type": "string" + }, + "Port": { + "markdownDescription": "The port at `Ip` that you want to forward DNS queries to.", + "title": "Port", + "type": "string" + }, + "Protocol": { + "markdownDescription": "The protocols for the target address. The protocol you choose needs to be supported by the outbound endpoint of the Resolver rule.", + "title": "Protocol", + "type": "string" + }, + "ServerNameIndication": { + "markdownDescription": "The Server Name Indication of the DoH server that you want to forward queries to. This is only used if the Protocol of the `TargetAddress` is `DoH` .", + "title": "ServerNameIndication", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Route53Resolver::ResolverRuleAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -231307,65 +277676,31 @@ "Properties": { "additionalProperties": false, "properties": { - "DurationSeconds": { - "markdownDescription": "The number of seconds vended session credentials will be valid for", - "title": "DurationSeconds", - "type": "number" - }, - "Enabled": { - "markdownDescription": "The enabled status of the resource.", - "title": "Enabled", - "type": "boolean" - }, - "ManagedPolicyArns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of managed policy ARNs. Managed policies identified by this list will be applied to the vended session credentials.", - "title": "ManagedPolicyArns", - "type": "array" - }, "Name": { - "markdownDescription": "The customer specified name of the resource.", + "markdownDescription": "The name of an association between a Resolver rule and a VPC.", "title": "Name", "type": "string" }, - "RequireInstanceProperties": { - "markdownDescription": "Specifies whether instance properties are required in CreateSession requests with this profile.", - "title": "RequireInstanceProperties", - "type": "boolean" - }, - "RoleArns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of IAM role ARNs that can be assumed when this profile is specified in a CreateSession request.", - "title": "RoleArns", - "type": "array" - }, - "SessionPolicy": { - "markdownDescription": "A session policy that will applied to the trust boundary of the vended session credentials.", - "title": "SessionPolicy", + "ResolverRuleId": { + "markdownDescription": "The ID of the Resolver rule that you associated with the VPC that is specified by `VPCId` .", + "title": "ResolverRuleId", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of Tags.", - "title": "Tags", - "type": "array" + "VPCId": { + "markdownDescription": "The ID of the VPC that you associated the Resolver rule with.", + "title": "VPCId", + "type": "string" } }, "required": [ - "Name", - "RoleArns" + "ResolverRuleId", + "VPCId" ], "type": "object" }, "Type": { "enum": [ - "AWS::RolesAnywhere::Profile" + "AWS::Route53Resolver::ResolverRuleAssociation" ], "type": "string" }, @@ -231384,7 +277719,7 @@ ], "type": "object" }, - "AWS::RolesAnywhere::TrustAnchor": { + "AWS::S3::AccessGrant": { "additionalProperties": false, "properties": { "Condition": { @@ -231419,47 +277754,55 @@ "Properties": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Indicates whether the trust anchor is enabled.", - "title": "Enabled", - "type": "boolean" + "AccessGrantsLocationConfiguration": { + "$ref": "#/definitions/AWS::S3::AccessGrant.AccessGrantsLocationConfiguration", + "markdownDescription": "The configuration options of the grant location. The grant location is the S3 path to the data to which you are granting access. It contains the `S3SubPrefix` field. The grant scope is the result of appending the subprefix to the location scope of the registered location.", + "title": "AccessGrantsLocationConfiguration" }, - "Name": { - "markdownDescription": "The name of the trust anchor.", - "title": "Name", + "AccessGrantsLocationId": { + "markdownDescription": "The ID of the registered location to which you are granting access. S3 Access Grants assigns this ID when you register the location. S3 Access Grants assigns the ID `default` to the default location `s3://` and assigns an auto-generated ID to other locations that you register.", + "title": "AccessGrantsLocationId", "type": "string" }, - "NotificationSettings": { - "items": { - "$ref": "#/definitions/AWS::RolesAnywhere::TrustAnchor.NotificationSetting" - }, - "markdownDescription": "A list of notification settings to be associated to the trust anchor.", - "title": "NotificationSettings", - "type": "array" + "ApplicationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS IAM Identity Center application associated with your Identity Center instance. If the grant includes an application ARN, the grantee can only access the S3 data through this application.", + "title": "ApplicationArn", + "type": "string" }, - "Source": { - "$ref": "#/definitions/AWS::RolesAnywhere::TrustAnchor.Source", - "markdownDescription": "The trust anchor type and its related certificate data.", - "title": "Source" + "Grantee": { + "$ref": "#/definitions/AWS::S3::AccessGrant.Grantee", + "markdownDescription": "The user, group, or role to which you are granting access. You can grant access to an IAM user or role. If you have added your corporate directory to AWS IAM Identity Center and associated your Identity Center instance with your S3 Access Grants instance, the grantee can also be a corporate directory user or group.", + "title": "Grantee" + }, + "Permission": { + "markdownDescription": "The type of access that you are granting to your S3 data, which can be set to one of the following values:\n\n- `READ` \u2013 Grant read-only access to the S3 data.\n- `WRITE` \u2013 Grant write-only access to the S3 data.\n- `READWRITE` \u2013 Grant both read and write access to the S3 data.", + "title": "Permission", + "type": "string" + }, + "S3PrefixType": { + "markdownDescription": "The type of `S3SubPrefix` . The only possible value is `Object` . Pass this value if the access grant scope is an object. Do not pass this value if the access grant scope is a bucket or a bucket and a prefix.", + "title": "S3PrefixType", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to attach to the trust anchor.", + "markdownDescription": "The AWS resource tags that you are adding to the access grant. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.", "title": "Tags", "type": "array" } }, "required": [ - "Name", - "Source" + "AccessGrantsLocationId", + "Grantee", + "Permission" ], "type": "object" }, "Type": { "enum": [ - "AWS::RolesAnywhere::TrustAnchor" + "AWS::S3::AccessGrant" ], "type": "string" }, @@ -231478,69 +277821,112 @@ ], "type": "object" }, - "AWS::RolesAnywhere::TrustAnchor.NotificationSetting": { + "AWS::S3::AccessGrant.AccessGrantsLocationConfiguration": { "additionalProperties": false, "properties": { - "Channel": { - "markdownDescription": "The specified channel of notification. IAM Roles Anywhere uses CloudWatch metrics, EventBridge, and AWS Health Dashboard to notify for an event.\n\n> In the absence of a specific channel, IAM Roles Anywhere applies this setting to 'ALL' channels.", - "title": "Channel", - "type": "string" - }, - "Enabled": { - "markdownDescription": "Indicates whether the notification setting is enabled.", - "title": "Enabled", - "type": "boolean" - }, - "Event": { - "markdownDescription": "The event to which this notification setting is applied.", - "title": "Event", + "S3SubPrefix": { + "markdownDescription": "The `S3SubPrefix` is appended to the location scope creating the grant scope. Use this field to narrow the scope of the grant to a subset of the location scope. This field is required if the location scope is the default location `s3://` because you cannot create a grant for all of your S3 data in the Region and must narrow the scope. For example, if the location scope is the default location `s3://` , the `S3SubPrefx` can be a `/*` , so the full grant scope path would be `s3:///*` . Or the `S3SubPrefx` can be `/*` , so the full grant scope path would be `s3:///*` .\n\nIf the `S3SubPrefix` includes a prefix, append the wildcard character `*` after the prefix to indicate that you want to include all object key names in the bucket that start with that prefix.", + "title": "S3SubPrefix", "type": "string" - }, - "Threshold": { - "markdownDescription": "The number of days before a notification event. This value is required for a notification setting that is enabled.", - "title": "Threshold", - "type": "number" } }, "required": [ - "Enabled", - "Event" + "S3SubPrefix" ], "type": "object" }, - "AWS::RolesAnywhere::TrustAnchor.Source": { + "AWS::S3::AccessGrant.Grantee": { "additionalProperties": false, "properties": { - "SourceData": { - "$ref": "#/definitions/AWS::RolesAnywhere::TrustAnchor.SourceData", - "markdownDescription": "A union object representing the data field of the TrustAnchor depending on its type", - "title": "SourceData" + "GranteeIdentifier": { + "markdownDescription": "The unique identifier of the `Grantee` . If the grantee type is `IAM` , the identifier is the IAM Amazon Resource Name (ARN) of the user or role. If the grantee type is a directory user or group, the identifier is 128-bit universally unique identifier (UUID) in the format `a1b2c3d4-5678-90ab-cdef-EXAMPLE11111` . You can obtain this UUID from your AWS IAM Identity Center instance.", + "title": "GranteeIdentifier", + "type": "string" }, - "SourceType": { - "markdownDescription": "The type of the TrustAnchor.", - "title": "SourceType", + "GranteeType": { + "markdownDescription": "The type of the grantee to which access has been granted. It can be one of the following values:\n\n- `IAM` - An IAM user or role.\n- `DIRECTORY_USER` - Your corporate directory user. You can use this option if you have added your corporate identity directory to IAM Identity Center and associated the IAM Identity Center instance with your S3 Access Grants instance.\n- `DIRECTORY_GROUP` - Your corporate directory group. You can use this option if you have added your corporate identity directory to IAM Identity Center and associated the IAM Identity Center instance with your S3 Access Grants instance.", + "title": "GranteeType", "type": "string" } }, + "required": [ + "GranteeIdentifier", + "GranteeType" + ], "type": "object" }, - "AWS::RolesAnywhere::TrustAnchor.SourceData": { + "AWS::S3::AccessGrantsInstance": { "additionalProperties": false, "properties": { - "AcmPcaArn": { - "markdownDescription": "The root certificate of the AWS Private Certificate Authority specified by this ARN is used in trust validation for temporary credential requests. Included for trust anchors of type `AWS_ACM_PCA` .\n\n> This field is not supported in your region.", - "title": "AcmPcaArn", + "Condition": { "type": "string" }, - "X509CertificateData": { - "markdownDescription": "The PEM-encoded data for the certificate anchor. Included for trust anchors of type `CERTIFICATE_BUNDLE` .", - "title": "X509CertificateData", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "IdentityCenterArn": { + "markdownDescription": "If you would like to associate your S3 Access Grants instance with an AWS IAM Identity Center instance, use this field to pass the Amazon Resource Name (ARN) of the AWS IAM Identity Center instance that you are associating with your S3 Access Grants instance. An IAM Identity Center instance is your corporate identity directory that you added to the IAM Identity Center.", + "title": "IdentityCenterArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The AWS resource tags that you are adding to the S3 Access Grants instance. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::S3::AccessGrantsInstance" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::Route53::CidrCollection": { + "AWS::S3::AccessGrantsLocation": { "additionalProperties": false, "properties": { "Condition": { @@ -231575,28 +277961,30 @@ "Properties": { "additionalProperties": false, "properties": { - "Locations": { + "IamRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role for the registered location. S3 Access Grants assumes this role to manage access to the registered location.", + "title": "IamRoleArn", + "type": "string" + }, + "LocationScope": { + "markdownDescription": "The S3 URI path to the location that you are registering. The location scope can be the default S3 location `s3://` , the S3 path to a bucket, or the S3 path to a bucket and prefix. A prefix in S3 is a string of characters at the beginning of an object key name used to organize the objects that you store in your S3 buckets. For example, object key names that start with the `engineering/` prefix or object key names that start with the `marketing/campaigns/` prefix.", + "title": "LocationScope", + "type": "string" + }, + "Tags": { "items": { - "$ref": "#/definitions/AWS::Route53::CidrCollection.Location" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "A complex type that contains information about the list of CIDR locations.", - "title": "Locations", + "markdownDescription": "The AWS resource tags that you are adding to the S3 Access Grants location. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.", + "title": "Tags", "type": "array" - }, - "Name": { - "markdownDescription": "The name of a CIDR collection.", - "title": "Name", - "type": "string" } }, - "required": [ - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Route53::CidrCollection" + "AWS::S3::AccessGrantsLocation" ], "type": "string" }, @@ -231610,35 +277998,11 @@ } }, "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::Route53::CidrCollection.Location": { - "additionalProperties": false, - "properties": { - "CidrList": { - "items": { - "type": "string" - }, - "markdownDescription": "List of CIDR blocks.", - "title": "CidrList", - "type": "array" - }, - "LocationName": { - "markdownDescription": "The CIDR collection location name.", - "title": "LocationName", - "type": "string" - } - }, - "required": [ - "CidrList", - "LocationName" + "Type" ], "type": "object" }, - "AWS::Route53::DNSSEC": { + "AWS::S3::AccessPoint": { "additionalProperties": false, "properties": { "Condition": { @@ -231673,20 +278037,45 @@ "Properties": { "additionalProperties": false, "properties": { - "HostedZoneId": { - "markdownDescription": "A unique string (ID) that is used to identify a hosted zone. For example: `Z00001111A1ABCaaABC11` .", - "title": "HostedZoneId", + "Bucket": { + "markdownDescription": "The name of the bucket associated with this access point.", + "title": "Bucket", + "type": "string" + }, + "BucketAccountId": { + "markdownDescription": "The AWS account ID associated with the S3 bucket associated with this access point.", + "title": "BucketAccountId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of this access point. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the access point name.", + "title": "Name", "type": "string" + }, + "Policy": { + "markdownDescription": "The access point policy associated with this access point.", + "title": "Policy", + "type": "object" + }, + "PublicAccessBlockConfiguration": { + "$ref": "#/definitions/AWS::S3::AccessPoint.PublicAccessBlockConfiguration", + "markdownDescription": "The PublicAccessBlock configuration that you want to apply to this Amazon S3 bucket. You can enable the configuration options in any combination. For more information about when Amazon S3 considers a bucket or object public, see [The Meaning of \"Public\"](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status) in the *Amazon S3 User Guide* .", + "title": "PublicAccessBlockConfiguration" + }, + "VpcConfiguration": { + "$ref": "#/definitions/AWS::S3::AccessPoint.VpcConfiguration", + "markdownDescription": "The Virtual Private Cloud (VPC) configuration for this access point, if one exists.", + "title": "VpcConfiguration" } }, "required": [ - "HostedZoneId" + "Bucket" ], "type": "object" }, "Type": { "enum": [ - "AWS::Route53::DNSSEC" + "AWS::S3::AccessPoint" ], "type": "string" }, @@ -231705,12 +278094,56 @@ ], "type": "object" }, - "AWS::Route53::HealthCheck": { + "AWS::S3::AccessPoint.PublicAccessBlockConfiguration": { + "additionalProperties": false, + "properties": { + "BlockPublicAcls": { + "markdownDescription": "Specifies whether Amazon S3 should block public access control lists (ACLs) for this bucket and objects in this bucket. Setting this element to `TRUE` causes the following behavior:\n\n- PUT Bucket ACL and PUT Object ACL calls fail if the specified ACL is public.\n- PUT Object calls fail if the request includes a public ACL.\n- PUT Bucket calls fail if the request includes a public ACL.\n\nEnabling this setting doesn't affect existing policies or ACLs.", + "title": "BlockPublicAcls", + "type": "boolean" + }, + "BlockPublicPolicy": { + "markdownDescription": "Specifies whether Amazon S3 should block public bucket policies for this bucket. Setting this element to `TRUE` causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.\n\nEnabling this setting doesn't affect existing bucket policies.", + "title": "BlockPublicPolicy", + "type": "boolean" + }, + "IgnorePublicAcls": { + "markdownDescription": "Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects in this bucket. Setting this element to `TRUE` causes Amazon S3 to ignore all public ACLs on this bucket and objects in this bucket.\n\nEnabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.", + "title": "IgnorePublicAcls", + "type": "boolean" + }, + "RestrictPublicBuckets": { + "markdownDescription": "Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to `TRUE` restricts access to this bucket to only AWS service principals and authorized users within this account if the bucket has a public policy.\n\nEnabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.", + "title": "RestrictPublicBuckets", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::S3::AccessPoint.VpcConfiguration": { + "additionalProperties": false, + "properties": { + "VpcId": { + "markdownDescription": "If this field is specified, the access point will only allow connections from the specified VPC ID.", + "title": "VpcId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::S3::Bucket": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, + "Connectors": { + "additionalProperties": { + "$ref": "#/definitions/EmbeddedConnector" + }, + "title": "Connectors", + "type": "object" + }, "DeletionPolicy": { "enum": [ "Delete", @@ -231740,28 +278173,137 @@ "Properties": { "additionalProperties": false, "properties": { - "HealthCheckConfig": { - "$ref": "#/definitions/AWS::Route53::HealthCheck.HealthCheckConfig", - "markdownDescription": "A complex type that contains detailed information about one health check.\n\nFor the values to enter for `HealthCheckConfig` , see [HealthCheckConfig](https://docs.aws.amazon.com/Route53/latest/APIReference/API_HealthCheckConfig.html)", - "title": "HealthCheckConfig" + "AccelerateConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.AccelerateConfiguration", + "markdownDescription": "Configures the transfer acceleration state for an Amazon S3 bucket. For more information, see [Amazon S3 Transfer Acceleration](https://docs.aws.amazon.com/AmazonS3/latest/dev/transfer-acceleration.html) in the *Amazon S3 User Guide* .", + "title": "AccelerateConfiguration" }, - "HealthCheckTags": { + "AccessControl": { + "markdownDescription": "> This is a legacy property, and it is not recommended for most use cases. A majority of modern use cases in Amazon S3 no longer require the use of ACLs, and we recommend that you keep ACLs disabled. For more information, see [Controlling object ownership](https://docs.aws.amazon.com//AmazonS3/latest/userguide/about-object-ownership.html) in the *Amazon S3 User Guide* . \n\nA canned access control list (ACL) that grants predefined permissions to the bucket. For more information about canned ACLs, see [Canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) in the *Amazon S3 User Guide* .\n\nS3 buckets are created with ACLs disabled by default. Therefore, unless you explicitly set the [AWS::S3::OwnershipControls](https://docs.aws.amazon.com//AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-ownershipcontrols.html) property to enable ACLs, your resource will fail to deploy with any value other than Private. Use cases requiring ACLs are uncommon.\n\nThe majority of access control configurations can be successfully and more easily achieved with bucket policies. For more information, see [AWS::S3::BucketPolicy](https://docs.aws.amazon.com//AWSCloudFormation/latest/UserGuide/aws-properties-s3-policy.html) . For examples of common policy configurations, including S3 Server Access Logs buckets and more, see [Bucket policy examples](https://docs.aws.amazon.com/AmazonS3/latest/userguide/example-bucket-policies.html) in the *Amazon S3 User Guide* .", + "title": "AccessControl", + "type": "string" + }, + "AnalyticsConfigurations": { "items": { - "$ref": "#/definitions/AWS::Route53::HealthCheck.HealthCheckTag" + "$ref": "#/definitions/AWS::S3::Bucket.AnalyticsConfiguration" }, - "markdownDescription": "The `HealthCheckTags` property describes key-value pairs that are associated with an `AWS::Route53::HealthCheck` resource.", - "title": "HealthCheckTags", + "markdownDescription": "Specifies the configuration and any analyses for the analytics filter of an Amazon S3 bucket.", + "title": "AnalyticsConfigurations", + "type": "array" + }, + "BucketEncryption": { + "$ref": "#/definitions/AWS::S3::Bucket.BucketEncryption", + "markdownDescription": "Specifies default encryption for a bucket using server-side encryption with Amazon S3-managed keys (SSE-S3), AWS KMS-managed keys (SSE-KMS), or dual-layer server-side encryption with KMS-managed keys (DSSE-KMS). For information about the Amazon S3 default encryption feature, see [Amazon S3 Default Encryption for S3 Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html) in the *Amazon S3 User Guide* .", + "title": "BucketEncryption" + }, + "BucketName": { + "markdownDescription": "A name for the bucket. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the bucket name. The bucket name must contain only lowercase letters, numbers, periods (.), and dashes (-) and must follow [Amazon S3 bucket restrictions and limitations](https://docs.aws.amazon.com/AmazonS3/latest/dev/BucketRestrictions.html) . For more information, see [Rules for naming Amazon S3 buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html) in the *Amazon S3 User Guide* .\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you need to replace the resource, specify a new name.", + "title": "BucketName", + "type": "string" + }, + "CorsConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.CorsConfiguration", + "markdownDescription": "Describes the cross-origin access configuration for objects in an Amazon S3 bucket. For more information, see [Enabling Cross-Origin Resource Sharing](https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html) in the *Amazon S3 User Guide* .", + "title": "CorsConfiguration" + }, + "IntelligentTieringConfigurations": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.IntelligentTieringConfiguration" + }, + "markdownDescription": "Defines how Amazon S3 handles Intelligent-Tiering storage.", + "title": "IntelligentTieringConfigurations", + "type": "array" + }, + "InventoryConfigurations": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.InventoryConfiguration" + }, + "markdownDescription": "Specifies the S3 Inventory configuration for an Amazon S3 bucket. For more information, see [GET Bucket inventory](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketGETInventoryConfig.html) in the *Amazon S3 API Reference* .", + "title": "InventoryConfigurations", + "type": "array" + }, + "LifecycleConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.LifecycleConfiguration", + "markdownDescription": "Specifies the lifecycle configuration for objects in an Amazon S3 bucket. For more information, see [Object Lifecycle Management](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html) in the *Amazon S3 User Guide* .", + "title": "LifecycleConfiguration" + }, + "LoggingConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.LoggingConfiguration", + "markdownDescription": "Settings that define where logs are stored.", + "title": "LoggingConfiguration" + }, + "MetadataConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.MetadataConfiguration", + "markdownDescription": "The S3 Metadata configuration for a general purpose bucket.", + "title": "MetadataConfiguration" + }, + "MetadataTableConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.MetadataTableConfiguration", + "markdownDescription": "The metadata table configuration of an Amazon S3 general purpose bucket.", + "title": "MetadataTableConfiguration" + }, + "MetricsConfigurations": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.MetricsConfiguration" + }, + "markdownDescription": "Specifies a metrics configuration for the CloudWatch request metrics (specified by the metrics configuration ID) from an Amazon S3 bucket. If you're updating an existing metrics configuration, note that this is a full replacement of the existing metrics configuration. If you don't include the elements you want to keep, they are erased. For more information, see [PutBucketMetricsConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTMetricConfiguration.html) .", + "title": "MetricsConfigurations", + "type": "array" + }, + "NotificationConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.NotificationConfiguration", + "markdownDescription": "Configuration that defines how Amazon S3 handles bucket notifications.", + "title": "NotificationConfiguration" + }, + "ObjectLockConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.ObjectLockConfiguration", + "markdownDescription": "> This operation is not supported for directory buckets. \n\nPlaces an Object Lock configuration on the specified bucket. The rule specified in the Object Lock configuration will be applied by default to every new object placed in the specified bucket. For more information, see [Locking Objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html) .\n\n> - The `DefaultRetention` settings require both a mode and a period.\n> - The `DefaultRetention` period can be either `Days` or `Years` but you must select one. You cannot specify `Days` and `Years` at the same time.\n> - You can enable Object Lock for new or existing buckets. For more information, see [Configuring Object Lock](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock-configure.html) .", + "title": "ObjectLockConfiguration" + }, + "ObjectLockEnabled": { + "markdownDescription": "Indicates whether this bucket has an Object Lock configuration enabled. Enable `ObjectLockEnabled` when you apply `ObjectLockConfiguration` to a bucket.", + "title": "ObjectLockEnabled", + "type": "boolean" + }, + "OwnershipControls": { + "$ref": "#/definitions/AWS::S3::Bucket.OwnershipControls", + "markdownDescription": "Configuration that defines how Amazon S3 handles Object Ownership rules.", + "title": "OwnershipControls" + }, + "PublicAccessBlockConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.PublicAccessBlockConfiguration", + "markdownDescription": "Configuration that defines how Amazon S3 handles public access.", + "title": "PublicAccessBlockConfiguration" + }, + "ReplicationConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.ReplicationConfiguration", + "markdownDescription": "Configuration for replicating objects in an S3 bucket. To enable replication, you must also enable versioning by using the `VersioningConfiguration` property.\n\nAmazon S3 can store replicated objects in a single destination bucket or multiple destination buckets. The destination bucket or buckets must already exist.", + "title": "ReplicationConfiguration" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An arbitrary set of tags (key-value pairs) for this S3 bucket.", + "title": "Tags", "type": "array" + }, + "VersioningConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.VersioningConfiguration", + "markdownDescription": "Enables multiple versions of all objects in this bucket. You might enable versioning to prevent objects from being deleted or overwritten by mistake or to archive objects so that you can retrieve previous versions of them.\n\n> When you enable versioning on a bucket for the first time, it might take a short amount of time for the change to be fully propagated. We recommend that you wait for 15 minutes after enabling versioning before issuing write operations ( `PUT` or `DELETE` ) on objects in the bucket.", + "title": "VersioningConfiguration" + }, + "WebsiteConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.WebsiteConfiguration", + "markdownDescription": "Information used to configure the bucket as a static website. For more information, see [Hosting Websites on Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html) .", + "title": "WebsiteConfiguration" } }, - "required": [ - "HealthCheckConfig" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Route53::HealthCheck" + "AWS::S3::Bucket" ], "type": "string" }, @@ -231775,2519 +278317,1541 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Route53::HealthCheck.AlarmIdentifier": { + "AWS::S3::Bucket.AbortIncompleteMultipartUpload": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the CloudWatch alarm that you want Amazon Route 53 health checkers to use to determine whether this health check is healthy.\n\n> Route 53 supports CloudWatch alarms with the following features:\n> \n> - Standard-resolution metrics. High-resolution metrics aren't supported. For more information, see [High-Resolution Metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/publishingMetrics.html#high-resolution-metrics) in the *Amazon CloudWatch User Guide* .\n> - Statistics: Average, Minimum, Maximum, Sum, and SampleCount. Extended statistics aren't supported.", - "title": "Name", - "type": "string" - }, - "Region": { - "markdownDescription": "For the CloudWatch alarm that you want Route 53 health checkers to use to determine whether this health check is healthy, the region that the alarm was created in.\n\nFor the current list of CloudWatch regions, see [Amazon CloudWatch endpoints and quotas](https://docs.aws.amazon.com/general/latest/gr/cw_region.html) in the *Amazon Web Services General Reference* .", - "title": "Region", + "DaysAfterInitiation": { + "markdownDescription": "Specifies the number of days after which Amazon S3 stops an incomplete multipart upload.", + "title": "DaysAfterInitiation", + "type": "number" + } + }, + "required": [ + "DaysAfterInitiation" + ], + "type": "object" + }, + "AWS::S3::Bucket.AccelerateConfiguration": { + "additionalProperties": false, + "properties": { + "AccelerationStatus": { + "markdownDescription": "Specifies the transfer acceleration status of the bucket.", + "title": "AccelerationStatus", "type": "string" } }, "required": [ - "Name", - "Region" + "AccelerationStatus" ], "type": "object" }, - "AWS::Route53::HealthCheck.HealthCheckConfig": { + "AWS::S3::Bucket.AccessControlTranslation": { "additionalProperties": false, "properties": { - "AlarmIdentifier": { - "$ref": "#/definitions/AWS::Route53::HealthCheck.AlarmIdentifier", - "markdownDescription": "A complex type that identifies the CloudWatch alarm that you want Amazon Route 53 health checkers to use to determine whether the specified health check is healthy.", - "title": "AlarmIdentifier" - }, - "ChildHealthChecks": { - "items": { - "type": "string" - }, - "markdownDescription": "(CALCULATED Health Checks Only) A complex type that contains one `ChildHealthCheck` element for each health check that you want to associate with a `CALCULATED` health check.", - "title": "ChildHealthChecks", - "type": "array" - }, - "EnableSNI": { - "markdownDescription": "Specify whether you want Amazon Route 53 to send the value of `FullyQualifiedDomainName` to the endpoint in the `client_hello` message during TLS negotiation. This allows the endpoint to respond to `HTTPS` health check requests with the applicable SSL/TLS certificate.\n\nSome endpoints require that `HTTPS` requests include the host name in the `client_hello` message. If you don't enable SNI, the status of the health check will be `SSL alert handshake_failure` . A health check can also have that status for other reasons. If SNI is enabled and you're still getting the error, check the SSL/TLS configuration on your endpoint and confirm that your certificate is valid.\n\nThe SSL/TLS certificate on your endpoint includes a domain name in the `Common Name` field and possibly several more in the `Subject Alternative Names` field. One of the domain names in the certificate should match the value that you specify for `FullyQualifiedDomainName` . If the endpoint responds to the `client_hello` message with a certificate that does not include the domain name that you specified in `FullyQualifiedDomainName` , a health checker will retry the handshake. In the second attempt, the health checker will omit `FullyQualifiedDomainName` from the `client_hello` message.", - "title": "EnableSNI", - "type": "boolean" - }, - "FailureThreshold": { - "markdownDescription": "The number of consecutive health checks that an endpoint must pass or fail for Amazon Route 53 to change the current status of the endpoint from unhealthy to healthy or vice versa. For more information, see [How Amazon Route 53 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html) in the *Amazon Route 53 Developer Guide* .\n\nIf you don't specify a value for `FailureThreshold` , the default value is three health checks.", - "title": "FailureThreshold", - "type": "number" - }, - "FullyQualifiedDomainName": { - "markdownDescription": "Amazon Route 53 behavior depends on whether you specify a value for `IPAddress` .\n\n*If you specify a value for* `IPAddress` :\n\nAmazon Route 53 sends health check requests to the specified IPv4 or IPv6 address and passes the value of `FullyQualifiedDomainName` in the `Host` header for all health checks except TCP health checks. This is typically the fully qualified DNS name of the endpoint on which you want Route 53 to perform health checks.\n\nWhen Route 53 checks the health of an endpoint, here is how it constructs the `Host` header:\n\n- If you specify a value of `80` for `Port` and `HTTP` or `HTTP_STR_MATCH` for `Type` , Route 53 passes the value of `FullyQualifiedDomainName` to the endpoint in the Host header.\n- If you specify a value of `443` for `Port` and `HTTPS` or `HTTPS_STR_MATCH` for `Type` , Route 53 passes the value of `FullyQualifiedDomainName` to the endpoint in the `Host` header.\n- If you specify another value for `Port` and any value except `TCP` for `Type` , Route 53 passes `FullyQualifiedDomainName:Port` to the endpoint in the `Host` header.\n\nIf you don't specify a value for `FullyQualifiedDomainName` , Route 53 substitutes the value of `IPAddress` in the `Host` header in each of the preceding cases.\n\n*If you don't specify a value for `IPAddress`* :\n\nRoute 53 sends a DNS request to the domain that you specify for `FullyQualifiedDomainName` at the interval that you specify for `RequestInterval` . Using an IPv4 address that DNS returns, Route 53 then checks the health of the endpoint.\n\n> If you don't specify a value for `IPAddress` , Route 53 uses only IPv4 to send health checks to the endpoint. If there's no record with a type of A for the name that you specify for `FullyQualifiedDomainName` , the health check fails with a \"DNS resolution failed\" error. \n\nIf you want to check the health of multiple records that have the same name and type, such as multiple weighted records, and if you choose to specify the endpoint only by `FullyQualifiedDomainName` , we recommend that you create a separate health check for each endpoint. For example, create a health check for each HTTP server that is serving content for www.example.com. For the value of `FullyQualifiedDomainName` , specify the domain name of the server (such as us-east-2-www.example.com), not the name of the records (www.example.com).\n\n> In this configuration, if you create a health check for which the value of `FullyQualifiedDomainName` matches the name of the records and you then associate the health check with those records, health check results will be unpredictable. \n\nIn addition, if the value that you specify for `Type` is `HTTP` , `HTTPS` , `HTTP_STR_MATCH` , or `HTTPS_STR_MATCH` , Route 53 passes the value of `FullyQualifiedDomainName` in the `Host` header, as it does when you specify a value for `IPAddress` . If the value of `Type` is `TCP` , Route 53 doesn't pass a `Host` header.", - "title": "FullyQualifiedDomainName", + "Owner": { + "markdownDescription": "Specifies the replica ownership. For default and valid values, see [PUT bucket replication](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTreplication.html) in the *Amazon S3 API Reference* .", + "title": "Owner", "type": "string" - }, - "HealthThreshold": { - "markdownDescription": "The number of child health checks that are associated with a `CALCULATED` health check that Amazon Route 53 must consider healthy for the `CALCULATED` health check to be considered healthy. To specify the child health checks that you want to associate with a `CALCULATED` health check, use the [ChildHealthChecks](https://docs.aws.amazon.com/Route53/latest/APIReference/API_UpdateHealthCheck.html#Route53-UpdateHealthCheck-request-ChildHealthChecks) element.\n\nNote the following:\n\n- If you specify a number greater than the number of child health checks, Route 53 always considers this health check to be unhealthy.\n- If you specify `0` , Route 53 always considers this health check to be healthy.", - "title": "HealthThreshold", - "type": "number" - }, - "IPAddress": { - "markdownDescription": "The IPv4 or IPv6 IP address of the endpoint that you want Amazon Route 53 to perform health checks on. If you don't specify a value for `IPAddress` , Route 53 sends a DNS request to resolve the domain name that you specify in `FullyQualifiedDomainName` at the interval that you specify in `RequestInterval` . Using an IP address returned by DNS, Route 53 then checks the health of the endpoint.\n\nUse one of the following formats for the value of `IPAddress` :\n\n- *IPv4 address* : four values between 0 and 255, separated by periods (.), for example, `192.0.2.44` .\n- *IPv6 address* : eight groups of four hexadecimal values, separated by colons (:), for example, `2001:0db8:85a3:0000:0000:abcd:0001:2345` . You can also shorten IPv6 addresses as described in RFC 5952, for example, `2001:db8:85a3::abcd:1:2345` .\n\nIf the endpoint is an EC2 instance, we recommend that you create an Elastic IP address, associate it with your EC2 instance, and specify the Elastic IP address for `IPAddress` . This ensures that the IP address of your instance will never change.\n\nFor more information, see [FullyQualifiedDomainName](https://docs.aws.amazon.com/Route53/latest/APIReference/API_UpdateHealthCheck.html#Route53-UpdateHealthCheck-request-FullyQualifiedDomainName) .\n\nConstraints: Route 53 can't check the health of endpoints for which the IP address is in local, private, non-routable, or multicast ranges. For more information about IP addresses for which you can't create health checks, see the following documents:\n\n- [RFC 5735, Special Use IPv4 Addresses](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc5735)\n- [RFC 6598, IANA-Reserved IPv4 Prefix for Shared Address Space](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6598)\n- [RFC 5156, Special-Use IPv6 Addresses](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc5156)\n\nWhen the value of `Type` is `CALCULATED` or `CLOUDWATCH_METRIC` , omit `IPAddress` .", - "title": "IPAddress", + } + }, + "required": [ + "Owner" + ], + "type": "object" + }, + "AWS::S3::Bucket.AnalyticsConfiguration": { + "additionalProperties": false, + "properties": { + "Id": { + "markdownDescription": "The ID that identifies the analytics configuration.", + "title": "Id", "type": "string" }, - "InsufficientDataHealthStatus": { - "markdownDescription": "When CloudWatch has insufficient data about the metric to determine the alarm state, the status that you want Amazon Route 53 to assign to the health check:\n\n- `Healthy` : Route 53 considers the health check to be healthy.\n- `Unhealthy` : Route 53 considers the health check to be unhealthy.\n- `LastKnownStatus` : Route 53 uses the status of the health check from the last time that CloudWatch had sufficient data to determine the alarm state. For new health checks that have no last known status, the default status for the health check is healthy.", - "title": "InsufficientDataHealthStatus", + "Prefix": { + "markdownDescription": "The prefix that an object must have to be included in the analytics results.", + "title": "Prefix", "type": "string" }, - "Inverted": { - "markdownDescription": "Specify whether you want Amazon Route 53 to invert the status of a health check, for example, to consider a health check unhealthy when it otherwise would be considered healthy.", - "title": "Inverted", - "type": "boolean" - }, - "MeasureLatency": { - "markdownDescription": "Specify whether you want Amazon Route 53 to measure the latency between health checkers in multiple AWS regions and your endpoint, and to display CloudWatch latency graphs on the *Health Checks* page in the Route 53 console.\n\n> You can't change the value of `MeasureLatency` after you create a health check.", - "title": "MeasureLatency", - "type": "boolean" - }, - "Port": { - "markdownDescription": "The port on the endpoint that you want Amazon Route 53 to perform health checks on.\n\n> Don't specify a value for `Port` when you specify a value for [Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-healthcheck-healthcheckconfig.html#cfn-route53-healthcheck-healthcheckconfig-type) of `CLOUDWATCH_METRIC` or `CALCULATED` .", - "title": "Port", - "type": "number" + "StorageClassAnalysis": { + "$ref": "#/definitions/AWS::S3::Bucket.StorageClassAnalysis", + "markdownDescription": "Contains data related to access patterns to be collected and made available to analyze the tradeoffs between different storage classes.", + "title": "StorageClassAnalysis" }, - "Regions": { + "TagFilters": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.TagFilter" + }, + "markdownDescription": "The tags to use when evaluating an analytics filter.\n\nThe analytics only includes objects that meet the filter's criteria. If no filter is specified, all of the contents of the bucket are included in the analysis.", + "title": "TagFilters", + "type": "array" + } + }, + "required": [ + "Id", + "StorageClassAnalysis" + ], + "type": "object" + }, + "AWS::S3::Bucket.BucketEncryption": { + "additionalProperties": false, + "properties": { + "ServerSideEncryptionConfiguration": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.ServerSideEncryptionRule" + }, + "markdownDescription": "Specifies the default server-side-encryption configuration.", + "title": "ServerSideEncryptionConfiguration", + "type": "array" + } + }, + "required": [ + "ServerSideEncryptionConfiguration" + ], + "type": "object" + }, + "AWS::S3::Bucket.CorsConfiguration": { + "additionalProperties": false, + "properties": { + "CorsRules": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.CorsRule" + }, + "markdownDescription": "A set of origins and methods (cross-origin access that you want to allow). You can add up to 100 rules to the configuration.", + "title": "CorsRules", + "type": "array" + } + }, + "required": [ + "CorsRules" + ], + "type": "object" + }, + "AWS::S3::Bucket.CorsRule": { + "additionalProperties": false, + "properties": { + "AllowedHeaders": { "items": { "type": "string" }, - "markdownDescription": "A complex type that contains one `Region` element for each region from which you want Amazon Route 53 health checkers to check the specified endpoint.\n\nIf you don't specify any regions, Route 53 health checkers automatically performs checks from all of the regions that are listed under *Valid Values* .\n\nIf you update a health check to remove a region that has been performing health checks, Route 53 will briefly continue to perform checks from that region to ensure that some health checkers are always checking the endpoint (for example, if you replace three regions with four different regions).", - "title": "Regions", + "markdownDescription": "Headers that are specified in the `Access-Control-Request-Headers` header. These headers are allowed in a preflight OPTIONS request. In response to any preflight OPTIONS request, Amazon S3 returns any requested headers that are allowed.", + "title": "AllowedHeaders", "type": "array" }, - "RequestInterval": { - "markdownDescription": "The number of seconds between the time that Amazon Route 53 gets a response from your endpoint and the time that it sends the next health check request. Each Route 53 health checker makes requests at this interval.\n\n> You can't change the value of `RequestInterval` after you create a health check. \n\nIf you don't specify a value for `RequestInterval` , the default value is `30` seconds.", - "title": "RequestInterval", - "type": "number" + "AllowedMethods": { + "items": { + "type": "string" + }, + "markdownDescription": "An HTTP method that you allow the origin to run.\n\n*Allowed values* : `GET` | `PUT` | `HEAD` | `POST` | `DELETE`", + "title": "AllowedMethods", + "type": "array" }, - "ResourcePath": { - "markdownDescription": "The path, if any, that you want Amazon Route 53 to request when performing health checks. The path can be any value for which your endpoint will return an HTTP status code of 2xx or 3xx when the endpoint is healthy, for example, the file /docs/route53-health-check.html. You can also include query string parameters, for example, `/welcome.html?language=jp&login=y` .", - "title": "ResourcePath", - "type": "string" + "AllowedOrigins": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more origins you want customers to be able to access the bucket from.", + "title": "AllowedOrigins", + "type": "array" }, - "RoutingControlArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the Route 53 Application Recovery Controller routing control.\n\nFor more information about Route 53 Application Recovery Controller, see [Route 53 Application Recovery Controller Developer Guide.](https://docs.aws.amazon.com/r53recovery/latest/dg/what-is-route-53-recovery.html) .", - "title": "RoutingControlArn", - "type": "string" + "ExposedHeaders": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript `XMLHttpRequest` object).", + "title": "ExposedHeaders", + "type": "array" }, - "SearchString": { - "markdownDescription": "If the value of Type is `HTTP_STR_MATCH` or `HTTPS_STR_MATCH` , the string that you want Amazon Route 53 to search for in the response body from the specified resource. If the string appears in the response body, Route 53 considers the resource healthy.\n\nRoute 53 considers case when searching for `SearchString` in the response body.", - "title": "SearchString", + "Id": { + "markdownDescription": "A unique identifier for this rule. The value must be no more than 255 characters.", + "title": "Id", "type": "string" }, - "Type": { - "markdownDescription": "The type of health check that you want to create, which indicates how Amazon Route 53 determines whether an endpoint is healthy.\n\n> You can't change the value of `Type` after you create a health check. \n\nYou can create the following types of health checks:\n\n- *HTTP* : Route 53 tries to establish a TCP connection. If successful, Route 53 submits an HTTP request and waits for an HTTP status code of 200 or greater and less than 400.\n- *HTTPS* : Route 53 tries to establish a TCP connection. If successful, Route 53 submits an HTTPS request and waits for an HTTP status code of 200 or greater and less than 400.\n\n> If you specify `HTTPS` for the value of `Type` , the endpoint must support TLS v1.0 or later.\n- *HTTP_STR_MATCH* : Route 53 tries to establish a TCP connection. If successful, Route 53 submits an HTTP request and searches the first 5,120 bytes of the response body for the string that you specify in `SearchString` .\n- *HTTPS_STR_MATCH* : Route 53 tries to establish a TCP connection. If successful, Route 53 submits an `HTTPS` request and searches the first 5,120 bytes of the response body for the string that you specify in `SearchString` .\n- *TCP* : Route 53 tries to establish a TCP connection.\n- *CLOUDWATCH_METRIC* : The health check is associated with a CloudWatch alarm. If the state of the alarm is `OK` , the health check is considered healthy. If the state is `ALARM` , the health check is considered unhealthy. If CloudWatch doesn't have sufficient data to determine whether the state is `OK` or `ALARM` , the health check status depends on the setting for `InsufficientDataHealthStatus` : `Healthy` , `Unhealthy` , or `LastKnownStatus` .\n\n> Route 53 supports CloudWatch alarms with the following features:\n> \n> - Standard-resolution metrics. High-resolution metrics aren't supported. For more information, see [High-Resolution Metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/publishingMetrics.html#high-resolution-metrics) in the *Amazon CloudWatch User Guide* .\n> - Statistics: Average, Minimum, Maximum, Sum, and SampleCount. Extended statistics aren't supported.\n- *CALCULATED* : For health checks that monitor the status of other health checks, Route 53 adds up the number of health checks that Route 53 health checkers consider to be healthy and compares that number with the value of `HealthThreshold` .\n- *RECOVERY_CONTROL* : The health check is assocated with a Route53 Application Recovery Controller routing control. If the routing control state is `ON` , the health check is considered healthy. If the state is `OFF` , the health check is considered unhealthy.\n\nFor more information, see [How Route 53 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html) in the *Amazon Route 53 Developer Guide* .", - "title": "Type", - "type": "string" + "MaxAge": { + "markdownDescription": "The time in seconds that your browser is to cache the preflight response for the specified resource.", + "title": "MaxAge", + "type": "number" } }, "required": [ - "Type" + "AllowedMethods", + "AllowedOrigins" ], "type": "object" }, - "AWS::Route53::HealthCheck.HealthCheckTag": { + "AWS::S3::Bucket.DataExport": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The value of `Key` depends on the operation that you want to perform:\n\n- *Add a tag to a health check or hosted zone* : `Key` is the name that you want to give the new tag.\n- *Edit a tag* : `Key` is the name of the tag that you want to change the `Value` for.\n- *Delete a key* : `Key` is the name of the tag you want to remove.\n- *Give a name to a health check* : Edit the default `Name` tag. In the Amazon Route 53 console, the list of your health checks includes a *Name* column that lets you see the name that you've given to each health check.", - "title": "Key", - "type": "string" + "Destination": { + "$ref": "#/definitions/AWS::S3::Bucket.Destination", + "markdownDescription": "The place to store the data for an analysis.", + "title": "Destination" }, - "Value": { - "markdownDescription": "The value of `Value` depends on the operation that you want to perform:\n\n- *Add a tag to a health check or hosted zone* : `Value` is the value that you want to give the new tag.\n- *Edit a tag* : `Value` is the new value that you want to assign the tag.", - "title": "Value", + "OutputSchemaVersion": { + "markdownDescription": "The version of the output schema to use when exporting data. Must be `V_1` .", + "title": "OutputSchemaVersion", "type": "string" } }, "required": [ - "Key", - "Value" + "Destination", + "OutputSchemaVersion" ], "type": "object" }, - "AWS::Route53::HostedZone": { + "AWS::S3::Bucket.DefaultRetention": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Days": { + "markdownDescription": "The number of days that you want to specify for the default retention period. If Object Lock is turned on, you must specify `Mode` and specify either `Days` or `Years` .", + "title": "Days", + "type": "number" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Mode": { + "markdownDescription": "The default Object Lock retention mode you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, you must specify `Mode` and specify either `Days` or `Years` .", + "title": "Mode", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "Years": { + "markdownDescription": "The number of years that you want to specify for the default retention period. If Object Lock is turned on, you must specify `Mode` and specify either `Days` or `Years` .", + "title": "Years", + "type": "number" + } + }, + "type": "object" + }, + "AWS::S3::Bucket.DeleteMarkerReplication": { + "additionalProperties": false, + "properties": { + "Status": { + "markdownDescription": "Indicates whether to replicate delete markers. Disabled by default.", + "title": "Status", + "type": "string" + } + }, + "type": "object" + }, + "AWS::S3::Bucket.Destination": { + "additionalProperties": false, + "properties": { + "BucketAccountId": { + "markdownDescription": "The account ID that owns the destination S3 bucket. If no account ID is provided, the owner is not validated before exporting data.\n\n> Although this value is optional, we strongly recommend that you set it to help prevent problems if the destination bucket ownership changes.", + "title": "BucketAccountId", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "HostedZoneConfig": { - "$ref": "#/definitions/AWS::Route53::HostedZone.HostedZoneConfig", - "markdownDescription": "A complex type that contains an optional comment.\n\nIf you don't want to specify a comment, omit the `HostedZoneConfig` and `Comment` elements.", - "title": "HostedZoneConfig" - }, - "HostedZoneTags": { - "items": { - "$ref": "#/definitions/AWS::Route53::HostedZone.HostedZoneTag" - }, - "markdownDescription": "Adds, edits, or deletes tags for a health check or a hosted zone.\n\nFor information about using tags for cost allocation, see [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html) in the *Billing and Cost Management User Guide* .", - "title": "HostedZoneTags", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the domain. Specify a fully qualified domain name, for example, *www.example.com* . The trailing dot is optional; Amazon Route 53 assumes that the domain name is fully qualified. This means that Route 53 treats *www.example.com* (without a trailing dot) and *www.example.com.* (with a trailing dot) as identical.\n\nIf you're creating a public hosted zone, this is the name you have registered with your DNS registrar. If your domain name is registered with a registrar other than Route 53, change the name servers for your domain to the set of `NameServers` that are returned by the `Fn::GetAtt` intrinsic function.", - "title": "Name", - "type": "string" - }, - "QueryLoggingConfig": { - "$ref": "#/definitions/AWS::Route53::HostedZone.QueryLoggingConfig", - "markdownDescription": "Creates a configuration for DNS query logging. After you create a query logging configuration, Amazon Route 53 begins to publish log data to an Amazon CloudWatch Logs log group.\n\nDNS query logs contain information about the queries that Route 53 receives for a specified public hosted zone, such as the following:\n\n- Route 53 edge location that responded to the DNS query\n- Domain or subdomain that was requested\n- DNS record type, such as A or AAAA\n- DNS response code, such as `NoError` or `ServFail`\n\n- **Log Group and Resource Policy** - Before you create a query logging configuration, perform the following operations.\n\n> If you create a query logging configuration using the Route 53 console, Route 53 performs these operations automatically. \n\n- Create a CloudWatch Logs log group, and make note of the ARN, which you specify when you create a query logging configuration. Note the following:\n\n- You must create the log group in the us-east-1 region.\n- You must use the same AWS account to create the log group and the hosted zone that you want to configure query logging for.\n- When you create log groups for query logging, we recommend that you use a consistent prefix, for example:\n\n`/aws/route53/ *hosted zone name*`\n\nIn the next step, you'll create a resource policy, which controls access to one or more log groups and the associated AWS resources, such as Route 53 hosted zones. There's a limit on the number of resource policies that you can create, so we recommend that you use a consistent prefix so you can use the same resource policy for all the log groups that you create for query logging.\n- Create a CloudWatch Logs resource policy, and give it the permissions that Route 53 needs to create log streams and to send query logs to log streams. You must create the CloudWatch Logs resource policy in the us-east-1 region. For the value of `Resource` , specify the ARN for the log group that you created in the previous step. To use the same resource policy for all the CloudWatch Logs log groups that you created for query logging configurations, replace the hosted zone name with `*` , for example:\n\n`arn:aws:logs:us-east-1:123412341234:log-group:/aws/route53/*`\n\nTo avoid the confused deputy problem, a security issue where an entity without a permission for an action can coerce a more-privileged entity to perform it, you can optionally limit the permissions that a service has to a resource in a resource-based policy by supplying the following values:\n\n- For `aws:SourceArn` , supply the hosted zone ARN used in creating the query logging configuration. For example, `aws:SourceArn: arn:aws:route53:::hostedzone/hosted zone ID` .\n- For `aws:SourceAccount` , supply the account ID for the account that creates the query logging configuration. For example, `aws:SourceAccount:111111111111` .\n\nFor more information, see [The confused deputy problem](https://docs.aws.amazon.com/IAM/latest/UserGuide/confused-deputy.html) in the *AWS IAM User Guide* .\n\n> You can't use the CloudWatch console to create or edit a resource policy. You must use the CloudWatch API, one of the AWS SDKs, or the AWS CLI .\n- **Log Streams and Edge Locations** - When Route 53 finishes creating the configuration for DNS query logging, it does the following:\n\n- Creates a log stream for an edge location the first time that the edge location responds to DNS queries for the specified hosted zone. That log stream is used to log all queries that Route 53 responds to for that edge location.\n- Begins to send query logs to the applicable log stream.\n\nThe name of each log stream is in the following format:\n\n`*hosted zone ID* / *edge location code*`\n\nThe edge location code is a three-letter code and an arbitrarily assigned number, for example, DFW3. The three-letter code typically corresponds with the International Air Transport Association airport code for an airport near the edge location. (These abbreviations might change in the future.) For a list of edge locations, see \"The Route 53 Global Network\" on the [Route 53 Product Details](https://docs.aws.amazon.com/route53/details/) page.\n- **Queries That Are Logged** - Query logs contain only the queries that DNS resolvers forward to Route 53. If a DNS resolver has already cached the response to a query (such as the IP address for a load balancer for example.com), the resolver will continue to return the cached response. It doesn't forward another query to Route 53 until the TTL for the corresponding resource record set expires. Depending on how many DNS queries are submitted for a resource record set, and depending on the TTL for that resource record set, query logs might contain information about only one query out of every several thousand queries that are submitted to DNS. For more information about how DNS works, see [Routing Internet Traffic to Your Website or Web Application](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/welcome-dns-service.html) in the *Amazon Route 53 Developer Guide* .\n- **Log File Format** - For a list of the values in each query log and the format of each value, see [Logging DNS Queries](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/query-logs.html) in the *Amazon Route 53 Developer Guide* .\n- **Pricing** - For information about charges for query logs, see [Amazon CloudWatch Pricing](https://docs.aws.amazon.com/cloudwatch/pricing/) .\n- **How to Stop Logging** - If you want Route 53 to stop sending query logs to CloudWatch Logs, delete the query logging configuration. For more information, see [DeleteQueryLoggingConfig](https://docs.aws.amazon.com/Route53/latest/APIReference/API_DeleteQueryLoggingConfig.html) .", - "title": "QueryLoggingConfig" - }, - "VPCs": { - "items": { - "$ref": "#/definitions/AWS::Route53::HostedZone.VPC" - }, - "markdownDescription": "*Private hosted zones:* A complex type that contains information about the VPCs that are associated with the specified hosted zone.\n\n> For public hosted zones, omit `VPCs` , `VPCId` , and `VPCRegion` .", - "title": "VPCs", - "type": "array" - } - }, - "type": "object" + "BucketArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the bucket to which data is exported.", + "title": "BucketArn", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Route53::HostedZone" - ], + "Format": { + "markdownDescription": "Specifies the file format used when exporting data to Amazon S3.\n\n*Allowed values* : `CSV` | `ORC` | `Parquet`", + "title": "Format", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Prefix": { + "markdownDescription": "The prefix to use when exporting data. The prefix is prepended to all results.", + "title": "Prefix", "type": "string" } }, "required": [ - "Type" + "BucketArn", + "Format" ], "type": "object" }, - "AWS::Route53::HostedZone.HostedZoneConfig": { + "AWS::S3::Bucket.EncryptionConfiguration": { "additionalProperties": false, "properties": { - "Comment": { - "markdownDescription": "Any comments that you want to include about the hosted zone.", - "title": "Comment", + "ReplicaKmsKeyID": { + "markdownDescription": "Specifies the ID (Key ARN or Alias ARN) of the customer managed AWS KMS key stored in AWS Key Management Service (KMS) for the destination bucket. Amazon S3 uses this key to encrypt replica objects. Amazon S3 only supports symmetric encryption KMS keys. For more information, see [Asymmetric keys in AWS KMS](https://docs.aws.amazon.com//kms/latest/developerguide/symmetric-asymmetric.html) in the *AWS Key Management Service Developer Guide* .", + "title": "ReplicaKmsKeyID", "type": "string" } }, + "required": [ + "ReplicaKmsKeyID" + ], "type": "object" }, - "AWS::Route53::HostedZone.HostedZoneTag": { + "AWS::S3::Bucket.EventBridgeConfiguration": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The value of `Key` depends on the operation that you want to perform:\n\n- *Add a tag to a health check or hosted zone* : `Key` is the name that you want to give the new tag.\n- *Edit a tag* : `Key` is the name of the tag that you want to change the `Value` for.\n- *Delete a key* : `Key` is the name of the tag you want to remove.\n- *Give a name to a health check* : Edit the default `Name` tag. In the Amazon Route 53 console, the list of your health checks includes a *Name* column that lets you see the name that you've given to each health check.", - "title": "Key", + "EventBridgeEnabled": { + "markdownDescription": "Enables delivery of events to Amazon EventBridge.", + "title": "EventBridgeEnabled", + "type": "boolean" + } + }, + "required": [ + "EventBridgeEnabled" + ], + "type": "object" + }, + "AWS::S3::Bucket.FilterRule": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The object key name prefix or suffix identifying one or more objects to which the filtering rule applies. The maximum length is 1,024 characters. Overlapping prefixes and suffixes are not supported. For more information, see [Configuring Event Notifications](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide* .", + "title": "Name", "type": "string" }, "Value": { - "markdownDescription": "The value of `Value` depends on the operation that you want to perform:\n\n- *Add a tag to a health check or hosted zone* : `Value` is the value that you want to give the new tag.\n- *Edit a tag* : `Value` is the new value that you want to assign the tag.", + "markdownDescription": "The value that the filter searches for in object key names.", "title": "Value", "type": "string" } }, "required": [ - "Key", + "Name", "Value" ], "type": "object" }, - "AWS::Route53::HostedZone.QueryLoggingConfig": { + "AWS::S3::Bucket.IntelligentTieringConfiguration": { "additionalProperties": false, "properties": { - "CloudWatchLogsLogGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the CloudWatch Logs log group that Amazon Route 53 is publishing logs to.", - "title": "CloudWatchLogsLogGroupArn", + "Id": { + "markdownDescription": "The ID used to identify the S3 Intelligent-Tiering configuration.", + "title": "Id", + "type": "string" + }, + "Prefix": { + "markdownDescription": "An object key name prefix that identifies the subset of objects to which the rule applies.", + "title": "Prefix", + "type": "string" + }, + "Status": { + "markdownDescription": "Specifies the status of the configuration.", + "title": "Status", "type": "string" + }, + "TagFilters": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.TagFilter" + }, + "markdownDescription": "A container for a key-value pair.", + "title": "TagFilters", + "type": "array" + }, + "Tierings": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.Tiering" + }, + "markdownDescription": "Specifies a list of S3 Intelligent-Tiering storage class tiers in the configuration. At least one tier must be defined in the list. At most, you can specify two tiers in the list, one for each available AccessTier: `ARCHIVE_ACCESS` and `DEEP_ARCHIVE_ACCESS` .\n\n> You only need Intelligent Tiering Configuration enabled on a bucket if you want to automatically move objects stored in the Intelligent-Tiering storage class to Archive Access or Deep Archive Access tiers.", + "title": "Tierings", + "type": "array" } }, "required": [ - "CloudWatchLogsLogGroupArn" + "Id", + "Status", + "Tierings" ], "type": "object" }, - "AWS::Route53::HostedZone.VPC": { + "AWS::S3::Bucket.InventoryConfiguration": { "additionalProperties": false, "properties": { - "VPCId": { - "markdownDescription": "*Private hosted zones only:* The ID of an Amazon VPC.\n\n> For public hosted zones, omit `VPCs` , `VPCId` , and `VPCRegion` .", - "title": "VPCId", + "Destination": { + "$ref": "#/definitions/AWS::S3::Bucket.Destination", + "markdownDescription": "Contains information about where to publish the inventory results.", + "title": "Destination" + }, + "Enabled": { + "markdownDescription": "Specifies whether the inventory is enabled or disabled. If set to `True` , an inventory list is generated. If set to `False` , no inventory list is generated.", + "title": "Enabled", + "type": "boolean" + }, + "Id": { + "markdownDescription": "The ID used to identify the inventory configuration.", + "title": "Id", "type": "string" }, - "VPCRegion": { - "markdownDescription": "*Private hosted zones only:* The region that an Amazon VPC was created in.\n\n> For public hosted zones, omit `VPCs` , `VPCId` , and `VPCRegion` .", - "title": "VPCRegion", + "IncludedObjectVersions": { + "markdownDescription": "Object versions to include in the inventory list. If set to `All` , the list includes all the object versions, which adds the version-related fields `VersionId` , `IsLatest` , and `DeleteMarker` to the list. If set to `Current` , the list does not contain these version-related fields.", + "title": "IncludedObjectVersions", + "type": "string" + }, + "OptionalFields": { + "items": { + "type": "string" + }, + "markdownDescription": "Contains the optional fields that are included in the inventory results.", + "title": "OptionalFields", + "type": "array" + }, + "Prefix": { + "markdownDescription": "Specifies the inventory filter prefix.", + "title": "Prefix", + "type": "string" + }, + "ScheduleFrequency": { + "markdownDescription": "Specifies the schedule for generating inventory results.", + "title": "ScheduleFrequency", "type": "string" } }, "required": [ - "VPCId", - "VPCRegion" + "Destination", + "Enabled", + "Id", + "IncludedObjectVersions", + "ScheduleFrequency" ], "type": "object" }, - "AWS::Route53::KeySigningKey": { + "AWS::S3::Bucket.InventoryTableConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "ConfigurationState": { + "markdownDescription": "The configuration state of the inventory table, indicating whether the inventory table is enabled or disabled.", + "title": "ConfigurationState", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.MetadataTableEncryptionConfiguration", + "markdownDescription": "The encryption configuration for the inventory table.", + "title": "EncryptionConfiguration" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "TableArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the inventory table.", + "title": "TableArn", + "type": "string" }, - "Metadata": { - "type": "object" + "TableName": { + "markdownDescription": "The name of the inventory table.", + "title": "TableName", + "type": "string" + } + }, + "required": [ + "ConfigurationState" + ], + "type": "object" + }, + "AWS::S3::Bucket.JournalTableConfiguration": { + "additionalProperties": false, + "properties": { + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.MetadataTableEncryptionConfiguration", + "markdownDescription": "The encryption configuration for the journal table.", + "title": "EncryptionConfiguration" }, - "Properties": { - "additionalProperties": false, - "properties": { - "HostedZoneId": { - "markdownDescription": "The unique string (ID) that is used to identify a hosted zone. For example: `Z00001111A1ABCaaABC11` .", - "title": "HostedZoneId", - "type": "string" - }, - "KeyManagementServiceArn": { - "markdownDescription": "The Amazon resource name (ARN) for a customer managed customer master key (CMK) in AWS Key Management Service ( AWS KMS ). The `KeyManagementServiceArn` must be unique for each key-signing key (KSK) in a single hosted zone. For example: `arn:aws:kms:us-east-1:111122223333:key/111a2222-a11b-1ab1-2ab2-1ab21a2b3a111` .", - "title": "KeyManagementServiceArn", - "type": "string" - }, - "Name": { - "markdownDescription": "A string used to identify a key-signing key (KSK). `Name` can include numbers, letters, and underscores (_). `Name` must be unique for each key-signing key in the same hosted zone.", - "title": "Name", - "type": "string" - }, - "Status": { - "markdownDescription": "A string that represents the current key-signing key (KSK) status.\n\nStatus can have one of the following values:\n\n- **ACTIVE** - The KSK is being used for signing.\n- **INACTIVE** - The KSK is not being used for signing.\n- **DELETING** - The KSK is in the process of being deleted.\n- **ACTION_NEEDED** - There is a problem with the KSK that requires you to take action to resolve. For example, the customer managed key might have been deleted, or the permissions for the customer managed key might have been changed.\n- **INTERNAL_FAILURE** - There was an error during a request. Before you can continue to work with DNSSEC signing, including actions that involve this KSK, you must correct the problem. For example, you may need to activate or deactivate the KSK.", - "title": "Status", - "type": "string" - } - }, - "required": [ - "HostedZoneId", - "KeyManagementServiceArn", - "Name", - "Status" - ], - "type": "object" + "RecordExpiration": { + "$ref": "#/definitions/AWS::S3::Bucket.RecordExpiration", + "markdownDescription": "The journal table record expiration settings for the journal table.", + "title": "RecordExpiration" }, - "Type": { - "enum": [ - "AWS::Route53::KeySigningKey" - ], + "TableArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the journal table.", + "title": "TableArn", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TableName": { + "markdownDescription": "The name of the journal table.", + "title": "TableName", "type": "string" } }, "required": [ - "Type", - "Properties" + "RecordExpiration" ], "type": "object" }, - "AWS::Route53::RecordSet": { + "AWS::S3::Bucket.LambdaConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Event": { + "markdownDescription": "The Amazon S3 bucket event for which to invoke the AWS Lambda function. For more information, see [Supported Event Types](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide* .", + "title": "Event", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AliasTarget": { - "$ref": "#/definitions/AWS::Route53::RecordSet.AliasTarget", - "markdownDescription": "*Alias resource record sets only:* Information about the AWS resource, such as a CloudFront distribution or an Amazon S3 bucket, that you want to route traffic to.\n\nIf you're creating resource records sets for a private hosted zone, note the following:\n\n- You can't create an alias resource record set in a private hosted zone to route traffic to a CloudFront distribution.\n- For information about creating failover resource record sets in a private hosted zone, see [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html) in the *Amazon Route 53 Developer Guide* .", - "title": "AliasTarget" - }, - "CidrRoutingConfig": { - "$ref": "#/definitions/AWS::Route53::RecordSet.CidrRoutingConfig", - "markdownDescription": "The object that is specified in resource record set object when you are linking a resource record set to a CIDR location.\n\nA `LocationName` with an asterisk \u201c*\u201d can be used to create a default CIDR record. `CollectionId` is still required for default record.", - "title": "CidrRoutingConfig" - }, - "Comment": { - "markdownDescription": "*Optional:* Any comments you want to include about a change batch request.", - "title": "Comment", - "type": "string" - }, - "Failover": { - "markdownDescription": "*Failover resource record sets only:* To configure failover, you add the `Failover` element to two resource record sets. For one resource record set, you specify `PRIMARY` as the value for `Failover` ; for the other resource record set, you specify `SECONDARY` . In addition, you include the `HealthCheckId` element and specify the health check that you want Amazon Route 53 to perform for each resource record set.\n\nExcept where noted, the following failover behaviors assume that you have included the `HealthCheckId` element in both resource record sets:\n\n- When the primary resource record set is healthy, Route 53 responds to DNS queries with the applicable value from the primary resource record set regardless of the health of the secondary resource record set.\n- When the primary resource record set is unhealthy and the secondary resource record set is healthy, Route 53 responds to DNS queries with the applicable value from the secondary resource record set.\n- When the secondary resource record set is unhealthy, Route 53 responds to DNS queries with the applicable value from the primary resource record set regardless of the health of the primary resource record set.\n- If you omit the `HealthCheckId` element for the secondary resource record set, and if the primary resource record set is unhealthy, Route 53 always responds to DNS queries with the applicable value from the secondary resource record set. This is true regardless of the health of the associated endpoint.\n\nYou can't create non-failover resource record sets that have the same values for the `Name` and `Type` elements as failover resource record sets.\n\nFor failover alias resource record sets, you must also include the `EvaluateTargetHealth` element and set the value to true.\n\nFor more information about configuring failover for Route 53, see the following topics in the *Amazon Route 53 Developer Guide* :\n\n- [Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html)\n- [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html)", - "title": "Failover", - "type": "string" - }, - "GeoLocation": { - "$ref": "#/definitions/AWS::Route53::RecordSet.GeoLocation", - "markdownDescription": "*Geolocation resource record sets only:* A complex type that lets you control how Amazon Route 53 responds to DNS queries based on the geographic origin of the query. For example, if you want all queries from Africa to be routed to a web server with an IP address of `192.0.2.111` , create a resource record set with a `Type` of `A` and a `ContinentCode` of `AF` .\n\nIf you create separate resource record sets for overlapping geographic regions (for example, one resource record set for a continent and one for a country on the same continent), priority goes to the smallest geographic region. This allows you to route most queries for a continent to one resource and to route queries for a country on that continent to a different resource.\n\nYou can't create two geolocation resource record sets that specify the same geographic location.\n\nThe value `*` in the `CountryCode` element matches all geographic locations that aren't specified in other geolocation resource record sets that have the same values for the `Name` and `Type` elements.\n\n> Geolocation works by mapping IP addresses to locations. However, some IP addresses aren't mapped to geographic locations, so even if you create geolocation resource record sets that cover all seven continents, Route 53 will receive some DNS queries from locations that it can't identify. We recommend that you create a resource record set for which the value of `CountryCode` is `*` . Two groups of queries are routed to the resource that you specify in this record: queries that come from locations for which you haven't created geolocation resource record sets and queries from IP addresses that aren't mapped to a location. If you don't create a `*` resource record set, Route 53 returns a \"no answer\" response for queries from those locations. \n\nYou can't create non-geolocation resource record sets that have the same values for the `Name` and `Type` elements as geolocation resource record sets.", - "title": "GeoLocation" - }, - "GeoProximityLocation": { - "$ref": "#/definitions/AWS::Route53::RecordSet.GeoProximityLocation", - "markdownDescription": "*GeoproximityLocation resource record sets only:* A complex type that lets you control how Route\u00a053 responds to DNS queries based on the geographic origin of the query and your resources.", - "title": "GeoProximityLocation" - }, - "HealthCheckId": { - "markdownDescription": "If you want Amazon Route 53 to return this resource record set in response to a DNS query only when the status of a health check is healthy, include the `HealthCheckId` element and specify the ID of the applicable health check.\n\nRoute 53 determines whether a resource record set is healthy based on one of the following:\n\n- By periodically sending a request to the endpoint that is specified in the health check\n- By aggregating the status of a specified group of health checks (calculated health checks)\n- By determining the current state of a CloudWatch alarm (CloudWatch metric health checks)\n\n> Route 53 doesn't check the health of the endpoint that is specified in the resource record set, for example, the endpoint specified by the IP address in the `Value` element. When you add a `HealthCheckId` element to a resource record set, Route 53 checks the health of the endpoint that you specified in the health check. \n\nFor more information, see the following topics in the *Amazon Route 53 Developer Guide* :\n\n- [How Amazon Route 53 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html)\n- [Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html)\n- [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html)\n\n*When to Specify HealthCheckId*\n\nSpecifying a value for `HealthCheckId` is useful only when Route 53 is choosing between two or more resource record sets to respond to a DNS query, and you want Route 53 to base the choice in part on the status of a health check. Configuring health checks makes sense only in the following configurations:\n\n- *Non-alias resource record sets* : You're checking the health of a group of non-alias resource record sets that have the same routing policy, name, and type (such as multiple weighted records named www.example.com with a type of A) and you specify health check IDs for all the resource record sets.\n\nIf the health check status for a resource record set is healthy, Route 53 includes the record among the records that it responds to DNS queries with.\n\nIf the health check status for a resource record set is unhealthy, Route 53 stops responding to DNS queries using the value for that resource record set.\n\nIf the health check status for all resource record sets in the group is unhealthy, Route 53 considers all resource record sets in the group healthy and responds to DNS queries accordingly.\n- *Alias resource record sets* : You specify the following settings:\n\n- You set `EvaluateTargetHealth` to true for an alias resource record set in a group of resource record sets that have the same routing policy, name, and type (such as multiple weighted records named www.example.com with a type of A).\n- You configure the alias resource record set to route traffic to a non-alias resource record set in the same hosted zone.\n- You specify a health check ID for the non-alias resource record set.\n\nIf the health check status is healthy, Route 53 considers the alias resource record set to be healthy and includes the alias record among the records that it responds to DNS queries with.\n\nIf the health check status is unhealthy, Route 53 stops responding to DNS queries using the alias resource record set.\n\n> The alias resource record set can also route traffic to a *group* of non-alias resource record sets that have the same routing policy, name, and type. In that configuration, associate health checks with all of the resource record sets in the group of non-alias resource record sets.\n\n*Geolocation Routing*\n\nFor geolocation resource record sets, if an endpoint is unhealthy, Route 53 looks for a resource record set for the larger, associated geographic region. For example, suppose you have resource record sets for a state in the United States, for the entire United States, for North America, and a resource record set that has `*` for `CountryCode` is `*` , which applies to all locations. If the endpoint for the state resource record set is unhealthy, Route 53 checks for healthy resource record sets in the following order until it finds a resource record set for which the endpoint is healthy:\n\n- The United States\n- North America\n- The default resource record set\n\n*Specifying the Health Check Endpoint by Domain Name*\n\nIf your health checks specify the endpoint only by domain name, we recommend that you create a separate health check for each endpoint. For example, create a health check for each `HTTP` server that is serving content for `www.example.com` . For the value of `FullyQualifiedDomainName` , specify the domain name of the server (such as `us-east-2-www.example.com` ), not the name of the resource record sets ( `www.example.com` ).\n\n> Health check results will be unpredictable if you do the following:\n> \n> - Create a health check that has the same value for `FullyQualifiedDomainName` as the name of a resource record set.\n> - Associate that health check with the resource record set.", - "title": "HealthCheckId", - "type": "string" - }, - "HostedZoneId": { - "markdownDescription": "The ID of the hosted zone that you want to create records in.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", - "title": "HostedZoneId", - "type": "string" - }, - "HostedZoneName": { - "markdownDescription": "The name of the hosted zone that you want to create records in. You must include a trailing dot (for example, `www.example.com.` ) as part of the `HostedZoneName` .\n\nWhen you create a stack using an AWS::Route53::RecordSet that specifies `HostedZoneName` , AWS CloudFormation attempts to find a hosted zone whose name matches the HostedZoneName. If AWS CloudFormation cannot find a hosted zone with a matching domain name, or if there is more than one hosted zone with the specified domain name, AWS CloudFormation will not create the stack.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", - "title": "HostedZoneName", - "type": "string" - }, - "MultiValueAnswer": { - "markdownDescription": "*Multivalue answer resource record sets only* : To route traffic approximately randomly to multiple resources, such as web servers, create one multivalue answer record for each resource and specify `true` for `MultiValueAnswer` . Note the following:\n\n- If you associate a health check with a multivalue answer resource record set, Amazon Route 53 responds to DNS queries with the corresponding IP address only when the health check is healthy.\n- If you don't associate a health check with a multivalue answer record, Route 53 always considers the record to be healthy.\n- Route 53 responds to DNS queries with up to eight healthy records; if you have eight or fewer healthy records, Route 53 responds to all DNS queries with all the healthy records.\n- If you have more than eight healthy records, Route 53 responds to different DNS resolvers with different combinations of healthy records.\n- When all records are unhealthy, Route 53 responds to DNS queries with up to eight unhealthy records.\n- If a resource becomes unavailable after a resolver caches a response, client software typically tries another of the IP addresses in the response.\n\nYou can't create multivalue answer alias records.", - "title": "MultiValueAnswer", - "type": "boolean" - }, - "Name": { - "markdownDescription": "For `ChangeResourceRecordSets` requests, the name of the record that you want to create, update, or delete. For `ListResourceRecordSets` responses, the name of a record in the specified hosted zone.\n\n*ChangeResourceRecordSets Only*\n\nEnter a fully qualified domain name, for example, `www.example.com` . You can optionally include a trailing dot. If you omit the trailing dot, Amazon Route 53 assumes that the domain name that you specify is fully qualified. This means that Route 53 treats `www.example.com` (without a trailing dot) and `www.example.com.` (with a trailing dot) as identical.\n\nFor information about how to specify characters other than `a-z` , `0-9` , and `-` (hyphen) and how to specify internationalized domain names, see [DNS Domain Name Format](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/DomainNameFormat.html) in the *Amazon Route 53 Developer Guide* .\n\nYou can use the asterisk (*) wildcard to replace the leftmost label in a domain name, for example, `*.example.com` . Note the following:\n\n- The * must replace the entire label. For example, you can't specify `*prod.example.com` or `prod*.example.com` .\n- The * can't replace any of the middle labels, for example, marketing.*.example.com.\n- If you include * in any position other than the leftmost label in a domain name, DNS treats it as an * character (ASCII 42), not as a wildcard.\n\n> You can't use the * wildcard for resource records sets that have a type of NS.", - "title": "Name", - "type": "string" - }, - "Region": { - "markdownDescription": "*Latency-based resource record sets only:* The Amazon EC2 Region where you created the resource that this resource record set refers to. The resource typically is an AWS resource, such as an EC2 instance or an ELB load balancer, and is referred to by an IP address or a DNS domain name, depending on the record type.\n\nWhen Amazon Route 53 receives a DNS query for a domain name and type for which you have created latency resource record sets, Route 53 selects the latency resource record set that has the lowest latency between the end user and the associated Amazon EC2 Region. Route 53 then returns the value that is associated with the selected resource record set.\n\nNote the following:\n\n- You can only specify one `ResourceRecord` per latency resource record set.\n- You can only create one latency resource record set for each Amazon EC2 Region.\n- You aren't required to create latency resource record sets for all Amazon EC2 Regions. Route 53 will choose the region with the best latency from among the regions that you create latency resource record sets for.\n- You can't create non-latency resource record sets that have the same values for the `Name` and `Type` elements as latency resource record sets.", - "title": "Region", - "type": "string" - }, - "ResourceRecords": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more values that correspond with the value that you specified for the `Type` property. For example, if you specified `A` for `Type` , you specify one or more IP addresses in IPv4 format for `ResourceRecords` . For information about the format of values for each record type, see [Supported DNS Resource Record Types](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ResourceRecordTypes.html) in the *Amazon Route 53 Developer Guide* .\n\nNote the following:\n\n- You can specify more than one value for all record types except CNAME and SOA.\n- The maximum length of a value is 4000 characters.\n- If you're creating an alias record, omit `ResourceRecords` .", - "title": "ResourceRecords", - "type": "array" - }, - "SetIdentifier": { - "markdownDescription": "*Resource record sets that have a routing policy other than simple:* An identifier that differentiates among multiple resource record sets that have the same combination of name and type, such as multiple weighted resource record sets named acme.example.com that have a type of A. In a group of resource record sets that have the same name and type, the value of `SetIdentifier` must be unique for each resource record set.\n\nFor information about routing policies, see [Choosing a Routing Policy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html) in the *Amazon Route 53 Developer Guide* .", - "title": "SetIdentifier", - "type": "string" - }, - "TTL": { - "markdownDescription": "The resource record cache time to live (TTL), in seconds. Note the following:\n\n- If you're creating or updating an alias resource record set, omit `TTL` . Amazon Route 53 uses the value of `TTL` for the alias target.\n- If you're associating this resource record set with a health check (if you're adding a `HealthCheckId` element), we recommend that you specify a `TTL` of 60 seconds or less so clients respond quickly to changes in health status.\n- All of the resource record sets in a group of weighted resource record sets must have the same value for `TTL` .\n- If a group of weighted resource record sets includes one or more weighted alias resource record sets for which the alias target is an ELB load balancer, we recommend that you specify a `TTL` of 60 seconds for all of the non-alias weighted resource record sets that have the same name and type. Values other than 60 seconds (the TTL for load balancers) will change the effect of the values that you specify for `Weight` .", - "title": "TTL", - "type": "string" - }, - "Type": { - "markdownDescription": "The DNS record type. For information about different record types and how data is encoded for them, see [Supported DNS Resource Record Types](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ResourceRecordTypes.html) in the *Amazon Route 53 Developer Guide* .\n\nValid values for basic resource record sets: `A` | `AAAA` | `CAA` | `CNAME` | `DS` | `MX` | `NAPTR` | `NS` | `PTR` | `SOA` | `SPF` | `SRV` | `TXT` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS`\n\nValues for weighted, latency, geolocation, and failover resource record sets: `A` | `AAAA` | `CAA` | `CNAME` | `MX` | `NAPTR` | `PTR` | `SPF` | `SRV` | `TXT` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS` . When creating a group of weighted, latency, geolocation, or failover resource record sets, specify the same value for all of the resource record sets in the group.\n\nValid values for multivalue answer resource record sets: `A` | `AAAA` | `MX` | `NAPTR` | `PTR` | `SPF` | `SRV` | `TXT` | `CAA` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS`\n\n> SPF records were formerly used to verify the identity of the sender of email messages. However, we no longer recommend that you create resource record sets for which the value of `Type` is `SPF` . RFC 7208, *Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1* , has been updated to say, \"...[I]ts existence and mechanism defined in [RFC4408] have led to some interoperability issues. Accordingly, its use is no longer appropriate for SPF version 1; implementations are not to use it.\" In RFC 7208, see section 14.1, [The SPF DNS Record Type](https://docs.aws.amazon.com/http://tools.ietf.org/html/rfc7208#section-14.1) . \n\nValues for alias resource record sets:\n\n- *Amazon API Gateway custom regional APIs and edge-optimized APIs:* `A`\n- *CloudFront distributions:* `A`\n\nIf IPv6 is enabled for the distribution, create two resource record sets to route traffic to your distribution, one with a value of `A` and one with a value of `AAAA` .\n- *Amazon API Gateway environment that has a regionalized subdomain* : `A`\n- *ELB load balancers:* `A` | `AAAA`\n- *Amazon S3 buckets:* `A`\n- *Amazon Virtual Private Cloud interface VPC endpoints* `A`\n- *Another resource record set in this hosted zone:* Specify the type of the resource record set that you're creating the alias for. All values are supported except `NS` and `SOA` .\n\n> If you're creating an alias record that has the same name as the hosted zone (known as the zone apex), you can't route traffic to a record for which the value of `Type` is `CNAME` . This is because the alias record must have the same type as the record you're routing traffic to, and creating a CNAME record for the zone apex isn't supported even for an alias record.", - "title": "Type", - "type": "string" - }, - "Weight": { - "markdownDescription": "*Weighted resource record sets only:* Among resource record sets that have the same combination of DNS name and type, a value that determines the proportion of DNS queries that Amazon Route 53 responds to using the current resource record set. Route 53 calculates the sum of the weights for the resource record sets that have the same combination of DNS name and type. Route 53 then responds to queries based on the ratio of a resource's weight to the total. Note the following:\n\n- You must specify a value for the `Weight` element for every weighted resource record set.\n- You can only specify one `ResourceRecord` per weighted resource record set.\n- You can't create latency, failover, or geolocation resource record sets that have the same values for the `Name` and `Type` elements as weighted resource record sets.\n- You can create a maximum of 100 weighted resource record sets that have the same values for the `Name` and `Type` elements.\n- For weighted (but not weighted alias) resource record sets, if you set `Weight` to `0` for a resource record set, Route 53 never responds to queries with the applicable value for that resource record set. However, if you set `Weight` to `0` for all resource record sets that have the same combination of DNS name and type, traffic is routed to all resources with equal probability.\n\nThe effect of setting `Weight` to `0` is different when you associate health checks with weighted resource record sets. For more information, see [Options for Configuring Route 53 Active-Active and Active-Passive Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-configuring-options.html) in the *Amazon Route 53 Developer Guide* .", - "title": "Weight", - "type": "number" - } - }, - "required": [ - "Name", - "Type" - ], - "type": "object" + "Filter": { + "$ref": "#/definitions/AWS::S3::Bucket.NotificationFilter", + "markdownDescription": "The filtering rules that determine which objects invoke the AWS Lambda function. For example, you can create a filter so that only image files with a `.jpg` extension invoke the function when they are added to the Amazon S3 bucket.", + "title": "Filter" }, - "Type": { - "enum": [ - "AWS::Route53::RecordSet" - ], + "Function": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Lambda function that Amazon S3 invokes when the specified event type occurs.", + "title": "Function", "type": "string" + } + }, + "required": [ + "Event", + "Function" + ], + "type": "object" + }, + "AWS::S3::Bucket.LifecycleConfiguration": { + "additionalProperties": false, + "properties": { + "Rules": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.Rule" + }, + "markdownDescription": "A lifecycle rule for individual objects in an Amazon S3 bucket.", + "title": "Rules", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TransitionDefaultMinimumObjectSize": { + "markdownDescription": "Indicates which default minimum object size behavior is applied to the lifecycle configuration.\n\n> This parameter applies to general purpose buckets only. It isn't supported for directory bucket lifecycle configurations. \n\n- `all_storage_classes_128K` - Objects smaller than 128 KB will not transition to any storage class by default.\n- `varies_by_storage_class` - Objects smaller than 128 KB will transition to Glacier Flexible Retrieval or Glacier Deep Archive storage classes. By default, all other storage classes will prevent transitions smaller than 128 KB.\n\nTo customize the minimum object size for any transition you can add a filter that specifies a custom `ObjectSizeGreaterThan` or `ObjectSizeLessThan` in the body of your transition rule. Custom filters always take precedence over the default transition behavior.", + "title": "TransitionDefaultMinimumObjectSize", "type": "string" } }, "required": [ - "Type", - "Properties" + "Rules" ], "type": "object" }, - "AWS::Route53::RecordSet.AliasTarget": { + "AWS::S3::Bucket.LoggingConfiguration": { "additionalProperties": false, "properties": { - "DNSName": { - "markdownDescription": "*Alias records only:* The value that you specify depends on where you want to route queries:\n\n- **Amazon API Gateway custom regional APIs and edge-optimized APIs** - Specify the applicable domain name for your API. You can get the applicable value using the AWS CLI command [get-domain-names](https://docs.aws.amazon.com/cli/latest/reference/apigateway/get-domain-names.html) :\n\n- For regional APIs, specify the value of `regionalDomainName` .\n- For edge-optimized APIs, specify the value of `distributionDomainName` . This is the name of the associated CloudFront distribution, such as `da1b2c3d4e5.cloudfront.net` .\n\n> The name of the record that you're creating must match a custom domain name for your API, such as `api.example.com` .\n- **Amazon Virtual Private Cloud interface VPC endpoint** - Enter the API endpoint for the interface endpoint, such as `vpce-123456789abcdef01-example-us-east-1a.elasticloadbalancing.us-east-1.vpce.amazonaws.com` . For edge-optimized APIs, this is the domain name for the corresponding CloudFront distribution. You can get the value of `DnsName` using the AWS CLI command [describe-vpc-endpoints](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-vpc-endpoints.html) .\n- **CloudFront distribution** - Specify the domain name that CloudFront assigned when you created your distribution.\n\nYour CloudFront distribution must include an alternate domain name that matches the name of the record. For example, if the name of the record is *acme.example.com* , your CloudFront distribution must include *acme.example.com* as one of the alternate domain names. For more information, see [Using Alternate Domain Names (CNAMEs)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/CNAMEs.html) in the *Amazon CloudFront Developer Guide* .\n\nYou can't create a record in a private hosted zone to route traffic to a CloudFront distribution.\n\n> For failover alias records, you can't specify a CloudFront distribution for both the primary and secondary records. A distribution must include an alternate domain name that matches the name of the record. However, the primary and secondary records have the same name, and you can't include the same alternate domain name in more than one distribution.\n- **Elastic Beanstalk environment** - If the domain name for your Elastic Beanstalk environment includes the region that you deployed the environment in, you can create an alias record that routes traffic to the environment. For example, the domain name `my-environment. *us-west-2* .elasticbeanstalk.com` is a regionalized domain name.\n\n> For environments that were created before early 2016, the domain name doesn't include the region. To route traffic to these environments, you must create a CNAME record instead of an alias record. Note that you can't create a CNAME record for the root domain name. For example, if your domain name is example.com, you can create a record that routes traffic for acme.example.com to your Elastic Beanstalk environment, but you can't create a record that routes traffic for example.com to your Elastic Beanstalk environment. \n\nFor Elastic Beanstalk environments that have regionalized subdomains, specify the `CNAME` attribute for the environment. You can use the following methods to get the value of the CNAME attribute:\n\n- *AWS Management Console* : For information about how to get the value by using the console, see [Using Custom Domains with AWS Elastic Beanstalk](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/customdomains.html) in the *AWS Elastic Beanstalk Developer Guide* .\n- *Elastic Beanstalk API* : Use the `DescribeEnvironments` action to get the value of the `CNAME` attribute. For more information, see [DescribeEnvironments](https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DescribeEnvironments.html) in the *AWS Elastic Beanstalk API Reference* .\n- *AWS CLI* : Use the `describe-environments` command to get the value of the `CNAME` attribute. For more information, see [describe-environments](https://docs.aws.amazon.com/cli/latest/reference/elasticbeanstalk/describe-environments.html) in the *AWS CLI* .\n- **ELB load balancer** - Specify the DNS name that is associated with the load balancer. Get the DNS name by using the AWS Management Console , the ELB API, or the AWS CLI .\n\n- *AWS Management Console* : Go to the EC2 page, choose *Load Balancers* in the navigation pane, choose the load balancer, choose the *Description* tab, and get the value of the *DNS name* field.\n\nIf you're routing traffic to a Classic Load Balancer, get the value that begins with *dualstack* . If you're routing traffic to another type of load balancer, get the value that applies to the record type, A or AAAA.\n- *Elastic Load Balancing API* : Use `DescribeLoadBalancers` to get the value of `DNSName` . For more information, see the applicable guide:\n\n- Classic Load Balancers: [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DescribeLoadBalancers.html)\n- Application and Network Load Balancers: [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html)\n- *CloudFormation Fn::GetAtt intrinsic function* : Use the [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-getatt.html) intrinsic function to get the value of `DNSName` :\n\n- [Classic Load Balancers](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html#aws-properties-ec2-elb-return-values) .\n- [Application and Network Load Balancers](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#aws-resource-elasticloadbalancingv2-loadbalancer-return-values) .\n- *AWS CLI* : Use `describe-load-balancers` to get the value of `DNSName` . For more information, see the applicable guide:\n\n- Classic Load Balancers: [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elb/describe-load-balancers.html)\n- Application and Network Load Balancers: [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elbv2/describe-load-balancers.html)\n- **Global Accelerator accelerator** - Specify the DNS name for your accelerator:\n\n- *Global Accelerator API* : To get the DNS name, use [DescribeAccelerator](https://docs.aws.amazon.com/global-accelerator/latest/api/API_DescribeAccelerator.html) .\n- *AWS CLI* : To get the DNS name, use [describe-accelerator](https://docs.aws.amazon.com/cli/latest/reference/globalaccelerator/describe-accelerator.html) .\n- **Amazon S3 bucket that is configured as a static website** - Specify the domain name of the Amazon S3 website endpoint that you created the bucket in, for example, `s3-website.us-east-2.amazonaws.com` . For more information about valid values, see the table [Amazon S3 Website Endpoints](https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_website_region_endpoints) in the *Amazon Web Services General Reference* . For more information about using S3 buckets for websites, see [Getting Started with Amazon Route 53](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/getting-started.html) in the *Amazon Route 53 Developer Guide.*\n- **Another Route 53 record** - Specify the value of the `Name` element for a record in the current hosted zone.\n\n> If you're creating an alias record that has the same name as the hosted zone (known as the zone apex), you can't specify the domain name for a record for which the value of `Type` is `CNAME` . This is because the alias record must have the same type as the record that you're routing traffic to, and creating a CNAME record for the zone apex isn't supported even for an alias record.", - "title": "DNSName", + "DestinationBucketName": { + "markdownDescription": "The name of the bucket where Amazon S3 should store server access log files. You can store log files in any bucket that you own. By default, logs are stored in the bucket where the `LoggingConfiguration` property is defined.", + "title": "DestinationBucketName", "type": "string" }, - "EvaluateTargetHealth": { - "markdownDescription": "*Applies only to alias, failover alias, geolocation alias, latency alias, and weighted alias resource record sets:* When `EvaluateTargetHealth` is `true` , an alias resource record set inherits the health of the referenced AWS resource, such as an ELB load balancer or another resource record set in the hosted zone.\n\nNote the following:\n\n- **CloudFront distributions** - You can't set `EvaluateTargetHealth` to `true` when the alias target is a CloudFront distribution.\n- **Elastic Beanstalk environments that have regionalized subdomains** - If you specify an Elastic Beanstalk environment in `DNSName` and the environment contains an ELB load balancer, Elastic Load Balancing routes queries only to the healthy Amazon EC2 instances that are registered with the load balancer. (An environment automatically contains an ELB load balancer if it includes more than one Amazon EC2 instance.) If you set `EvaluateTargetHealth` to `true` and either no Amazon EC2 instances are healthy or the load balancer itself is unhealthy, Route 53 routes queries to other available resources that are healthy, if any.\n\nIf the environment contains a single Amazon EC2 instance, there are no special requirements.\n- **ELB load balancers** - Health checking behavior depends on the type of load balancer:\n\n- *Classic Load Balancers* : If you specify an ELB Classic Load Balancer in `DNSName` , Elastic Load Balancing routes queries only to the healthy Amazon EC2 instances that are registered with the load balancer. If you set `EvaluateTargetHealth` to `true` and either no EC2 instances are healthy or the load balancer itself is unhealthy, Route 53 routes queries to other resources.\n- *Application and Network Load Balancers* : If you specify an ELB Application or Network Load Balancer and you set `EvaluateTargetHealth` to `true` , Route 53 routes queries to the load balancer based on the health of the target groups that are associated with the load balancer:\n\n- For an Application or Network Load Balancer to be considered healthy, every target group that contains targets must contain at least one healthy target. If any target group contains only unhealthy targets, the load balancer is considered unhealthy, and Route 53 routes queries to other resources.\n- A target group that has no registered targets is considered unhealthy.\n\n> When you create a load balancer, you configure settings for Elastic Load Balancing health checks; they're not Route 53 health checks, but they perform a similar function. Do not create Route 53 health checks for the EC2 instances that you register with an ELB load balancer.\n- **S3 buckets** - There are no special requirements for setting `EvaluateTargetHealth` to `true` when the alias target is an S3 bucket.\n- **Other records in the same hosted zone** - If the AWS resource that you specify in `DNSName` is a record or a group of records (for example, a group of weighted records) but is not another alias record, we recommend that you associate a health check with all of the records in the alias target. For more information, see [What Happens When You Omit Health Checks?](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-complex-configs.html#dns-failover-complex-configs-hc-omitting) in the *Amazon Route 53 Developer Guide* .\n\nFor more information and examples, see [Amazon Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html) in the *Amazon Route 53 Developer Guide* .", - "title": "EvaluateTargetHealth", - "type": "boolean" + "LogFilePrefix": { + "markdownDescription": "A prefix for all log object keys. If you store log files from multiple Amazon S3 buckets in a single bucket, you can use a prefix to distinguish which log files came from which bucket.", + "title": "LogFilePrefix", + "type": "string" + }, + "TargetObjectKeyFormat": { + "$ref": "#/definitions/AWS::S3::Bucket.TargetObjectKeyFormat", + "markdownDescription": "Amazon S3 key format for log objects. Only one format, either PartitionedPrefix or SimplePrefix, is allowed.", + "title": "TargetObjectKeyFormat" + } + }, + "type": "object" + }, + "AWS::S3::Bucket.MetadataConfiguration": { + "additionalProperties": false, + "properties": { + "Destination": { + "$ref": "#/definitions/AWS::S3::Bucket.MetadataDestination", + "markdownDescription": "The destination information for the S3 Metadata configuration.", + "title": "Destination" }, - "HostedZoneId": { - "markdownDescription": "*Alias resource records sets only* : The value used depends on where you want to route traffic:\n\n- **Amazon API Gateway custom regional APIs and edge-optimized APIs** - Specify the hosted zone ID for your API. You can get the applicable value using the AWS CLI command [get-domain-names](https://docs.aws.amazon.com/cli/latest/reference/apigateway/get-domain-names.html) :\n\n- For regional APIs, specify the value of `regionalHostedZoneId` .\n- For edge-optimized APIs, specify the value of `distributionHostedZoneId` .\n- **Amazon Virtual Private Cloud interface VPC endpoint** - Specify the hosted zone ID for your interface endpoint. You can get the value of `HostedZoneId` using the AWS CLI command [describe-vpc-endpoints](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-vpc-endpoints.html) .\n- **CloudFront distribution** - Specify `Z2FDTNDATAQYW2` . This is always the hosted zone ID when you create an alias record that routes traffic to a CloudFront distribution.\n\n> Alias records for CloudFront can't be created in a private zone.\n- **Elastic Beanstalk environment** - Specify the hosted zone ID for the region that you created the environment in. The environment must have a regionalized subdomain. For a list of regions and the corresponding hosted zone IDs, see [AWS Elastic Beanstalk endpoints and quotas](https://docs.aws.amazon.com/general/latest/gr/elasticbeanstalk.html) in the *Amazon Web Services General Reference* .\n- **ELB load balancer** - Specify the value of the hosted zone ID for the load balancer. Use the following methods to get the hosted zone ID:\n\n- [Service Endpoints](https://docs.aws.amazon.com/general/latest/gr/elb.html) table in the \"Elastic Load Balancing Endpoints and Quotas\" topic in the *Amazon Web Services General Reference* : Use the value that corresponds with the region that you created your load balancer in. Note that there are separate columns for Application and Classic Load Balancers and for Network Load Balancers.\n- *AWS Management Console* : Go to the Amazon EC2 page, choose *Load Balancers* in the navigation pane, select the load balancer, and get the value of the *Hosted zone* field on the *Description* tab.\n- *Elastic Load Balancing API* : Use `DescribeLoadBalancers` to get the applicable value. For more information, see the applicable guide:\n\n- Classic Load Balancers: Use [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DescribeLoadBalancers.html) to get the value of `CanonicalHostedZoneNameID` .\n- Application and Network Load Balancers: Use [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html) to get the value of `CanonicalHostedZoneID` .\n- *CloudFormation Fn::GetAtt intrinsic function* : Use the [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-getatt.html) intrinsic function to get the applicable value:\n\n- Classic Load Balancers: Get [CanonicalHostedZoneNameID](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html#aws-properties-ec2-elb-return-values) .\n- Application and Network Load Balancers: Get [CanonicalHostedZoneID](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#aws-resource-elasticloadbalancingv2-loadbalancer-return-values) .\n- *AWS CLI* : Use `describe-load-balancers` to get the applicable value. For more information, see the applicable guide:\n\n- Classic Load Balancers: Use [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elb/describe-load-balancers.html) to get the value of `CanonicalHostedZoneNameID` .\n- Application and Network Load Balancers: Use [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elbv2/describe-load-balancers.html) to get the value of `CanonicalHostedZoneID` .\n- **Global Accelerator accelerator** - Specify `Z2BJ6XQ5FK7U4H` .\n- **An Amazon S3 bucket configured as a static website** - Specify the hosted zone ID for the region that you created the bucket in. For more information about valid values, see the table [Amazon S3 Website Endpoints](https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_website_region_endpoints) in the *Amazon Web Services General Reference* .\n- **Another Route 53 record in your hosted zone** - Specify the hosted zone ID of your hosted zone. (An alias record can't reference a record in a different hosted zone.)", - "title": "HostedZoneId", - "type": "string" + "InventoryTableConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.InventoryTableConfiguration", + "markdownDescription": "The inventory table configuration for a metadata configuration.", + "title": "InventoryTableConfiguration" + }, + "JournalTableConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.JournalTableConfiguration", + "markdownDescription": "The journal table configuration for a metadata configuration.", + "title": "JournalTableConfiguration" } }, "required": [ - "DNSName", - "HostedZoneId" + "JournalTableConfiguration" ], "type": "object" }, - "AWS::Route53::RecordSet.CidrRoutingConfig": { + "AWS::S3::Bucket.MetadataDestination": { "additionalProperties": false, "properties": { - "CollectionId": { - "markdownDescription": "The CIDR collection ID.", - "title": "CollectionId", + "TableBucketArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the table bucket where the metadata configuration is stored.", + "title": "TableBucketArn", "type": "string" }, - "LocationName": { - "markdownDescription": "The CIDR collection location name.", - "title": "LocationName", + "TableBucketType": { + "markdownDescription": "The type of the table bucket where the metadata configuration is stored. The `aws` value indicates an AWS managed table bucket, and the `customer` value indicates a customer-managed table bucket. V2 metadata configurations are stored in AWS managed table buckets, and V1 metadata configurations are stored in customer-managed table buckets.", + "title": "TableBucketType", + "type": "string" + }, + "TableNamespace": { + "markdownDescription": "The namespace in the table bucket where the metadata tables for a metadata configuration are stored.", + "title": "TableNamespace", "type": "string" } }, "required": [ - "CollectionId", - "LocationName" + "TableBucketType" ], "type": "object" }, - "AWS::Route53::RecordSet.Coordinates": { + "AWS::S3::Bucket.MetadataTableConfiguration": { "additionalProperties": false, "properties": { - "Latitude": { - "markdownDescription": "Specifies a coordinate of the north\u2013south position of a geographic point on the surface of the Earth (-90 - 90).", - "title": "Latitude", - "type": "string" - }, - "Longitude": { - "markdownDescription": "Specifies a coordinate of the east\u2013west position of a geographic point on the surface of the Earth (-180 - 180).", - "title": "Longitude", - "type": "string" + "S3TablesDestination": { + "$ref": "#/definitions/AWS::S3::Bucket.S3TablesDestination", + "markdownDescription": "The destination information for the metadata table configuration. The destination table bucket must be in the same Region and AWS account as the general purpose bucket. The specified metadata table name must be unique within the `aws_s3_metadata` namespace in the destination table bucket.", + "title": "S3TablesDestination" } }, "required": [ - "Latitude", - "Longitude" + "S3TablesDestination" ], "type": "object" }, - "AWS::Route53::RecordSet.GeoLocation": { + "AWS::S3::Bucket.MetadataTableEncryptionConfiguration": { "additionalProperties": false, "properties": { - "ContinentCode": { - "markdownDescription": "For geolocation resource record sets, a two-letter abbreviation that identifies a continent. Route 53 supports the following continent codes:\n\n- *AF* : Africa\n- *AN* : Antarctica\n- *AS* : Asia\n- *EU* : Europe\n- *OC* : Oceania\n- *NA* : North America\n- *SA* : South America\n\nConstraint: Specifying `ContinentCode` with either `CountryCode` or `SubdivisionCode` returns an `InvalidInput` error.", - "title": "ContinentCode", - "type": "string" - }, - "CountryCode": { - "markdownDescription": "For geolocation resource record sets, the two-letter code for a country.\n\nRoute 53 uses the two-letter country codes that are specified in [ISO standard 3166-1 alpha-2](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2) .", - "title": "CountryCode", + "KmsKeyArn": { + "markdownDescription": "If server-side encryption with AWS Key Management Service ( AWS KMS ) keys (SSE-KMS) is specified, you must also specify the KMS key Amazon Resource Name (ARN). You must specify a customer-managed KMS key that's located in the same Region as the general purpose bucket that corresponds to the metadata table configuration.", + "title": "KmsKeyArn", "type": "string" }, - "SubdivisionCode": { - "markdownDescription": "For geolocation resource record sets, the two-letter code for a state of the United States. Route 53 doesn't support any other values for `SubdivisionCode` . For a list of state abbreviations, see [Appendix B: Two\u2013Letter State and Possession Abbreviations](https://docs.aws.amazon.com/https://pe.usps.com/text/pub28/28apb.htm) on the United States Postal Service website.\n\nIf you specify `subdivisioncode` , you must also specify `US` for `CountryCode` .", - "title": "SubdivisionCode", + "SseAlgorithm": { + "markdownDescription": "The encryption type specified for a metadata table. To specify server-side encryption with AWS Key Management Service ( AWS KMS ) keys (SSE-KMS), use the `aws:kms` value. To specify server-side encryption with Amazon S3 managed keys (SSE-S3), use the `AES256` value.", + "title": "SseAlgorithm", "type": "string" } }, + "required": [ + "SseAlgorithm" + ], "type": "object" }, - "AWS::Route53::RecordSet.GeoProximityLocation": { + "AWS::S3::Bucket.Metrics": { "additionalProperties": false, "properties": { - "AWSRegion": { - "markdownDescription": "The AWS Region the resource you are directing DNS traffic to, is in.", - "title": "AWSRegion", - "type": "string" - }, - "Bias": { - "markdownDescription": "The bias increases or decreases the size of the geographic region from which Route\u00a053 routes traffic to a resource.\n\nTo use `Bias` to change the size of the geographic region, specify the applicable value for the bias:\n\n- To expand the size of the geographic region from which Route\u00a053 routes traffic to a resource, specify a positive integer from 1 to 99 for the bias. Route\u00a053 shrinks the size of adjacent regions.\n- To shrink the size of the geographic region from which Route\u00a053 routes traffic to a resource, specify a negative bias of -1 to -99. Route\u00a053 expands the size of adjacent regions.", - "title": "Bias", - "type": "number" - }, - "Coordinates": { - "$ref": "#/definitions/AWS::Route53::RecordSet.Coordinates", - "markdownDescription": "Contains the longitude and latitude for a geographic region.", - "title": "Coordinates" + "EventThreshold": { + "$ref": "#/definitions/AWS::S3::Bucket.ReplicationTimeValue", + "markdownDescription": "A container specifying the time threshold for emitting the `s3:Replication:OperationMissedThreshold` event.", + "title": "EventThreshold" }, - "LocalZoneGroup": { - "markdownDescription": "Specifies an AWS Local Zone Group.\n\nA local Zone Group is usually the Local Zone code without the ending character. For example, if the Local Zone is `us-east-1-bue-1a` the Local Zone Group is `us-east-1-bue-1` .\n\nYou can identify the Local Zones Group for a specific Local Zone by using the [describe-availability-zones](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-availability-zones.html) CLI command:\n\nThis command returns: `\"GroupName\": \"us-west-2-den-1\"` , specifying that the Local Zone `us-west-2-den-1a` belongs to the Local Zone Group `us-west-2-den-1` .", - "title": "LocalZoneGroup", + "Status": { + "markdownDescription": "Specifies whether the replication metrics are enabled.", + "title": "Status", "type": "string" } }, + "required": [ + "Status" + ], "type": "object" }, - "AWS::Route53::RecordSetGroup": { + "AWS::S3::Bucket.MetricsConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "AccessPointArn": { + "markdownDescription": "The access point that was used while performing operations on the object. The metrics configuration only includes objects that meet the filter's criteria.", + "title": "AccessPointArn", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Id": { + "markdownDescription": "The ID used to identify the metrics configuration. This can be any value you choose that helps you identify your metrics configuration.", + "title": "Id", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Comment": { - "markdownDescription": "*Optional:* Any comments you want to include about a change batch request.", - "title": "Comment", - "type": "string" - }, - "HostedZoneId": { - "markdownDescription": "The ID of the hosted zone that you want to create records in.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", - "title": "HostedZoneId", - "type": "string" - }, - "HostedZoneName": { - "markdownDescription": "The name of the hosted zone that you want to create records in. You must include a trailing dot (for example, `www.example.com.` ) as part of the `HostedZoneName` .\n\nWhen you create a stack using an `AWS::Route53::RecordSet` that specifies `HostedZoneName` , AWS CloudFormation attempts to find a hosted zone whose name matches the `HostedZoneName` . If AWS CloudFormation can't find a hosted zone with a matching domain name, or if there is more than one hosted zone with the specified domain name, AWS CloudFormation will not create the stack.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", - "title": "HostedZoneName", - "type": "string" - }, - "RecordSets": { - "items": { - "$ref": "#/definitions/AWS::Route53::RecordSetGroup.RecordSet" - }, - "markdownDescription": "A complex type that contains one `RecordSet` element for each record that you want to create.", - "title": "RecordSets", - "type": "array" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Route53::RecordSetGroup" - ], + "Prefix": { + "markdownDescription": "The prefix that an object must have to be included in the metrics results.", + "title": "Prefix", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "TagFilters": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.TagFilter" + }, + "markdownDescription": "Specifies a list of tag filters to use as a metrics configuration filter. The metrics configuration includes only objects that meet the filter's criteria.", + "title": "TagFilters", + "type": "array" } }, "required": [ - "Type" + "Id" ], "type": "object" }, - "AWS::Route53::RecordSetGroup.AliasTarget": { + "AWS::S3::Bucket.NoncurrentVersionExpiration": { "additionalProperties": false, "properties": { - "DNSName": { - "markdownDescription": "*Alias records only:* The value that you specify depends on where you want to route queries:\n\n- **Amazon API Gateway custom regional APIs and edge-optimized APIs** - Specify the applicable domain name for your API. You can get the applicable value using the AWS CLI command [get-domain-names](https://docs.aws.amazon.com/cli/latest/reference/apigateway/get-domain-names.html) :\n\n- For regional APIs, specify the value of `regionalDomainName` .\n- For edge-optimized APIs, specify the value of `distributionDomainName` . This is the name of the associated CloudFront distribution, such as `da1b2c3d4e5.cloudfront.net` .\n\n> The name of the record that you're creating must match a custom domain name for your API, such as `api.example.com` .\n- **Amazon Virtual Private Cloud interface VPC endpoint** - Enter the API endpoint for the interface endpoint, such as `vpce-123456789abcdef01-example-us-east-1a.elasticloadbalancing.us-east-1.vpce.amazonaws.com` . For edge-optimized APIs, this is the domain name for the corresponding CloudFront distribution. You can get the value of `DnsName` using the AWS CLI command [describe-vpc-endpoints](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-vpc-endpoints.html) .\n- **CloudFront distribution** - Specify the domain name that CloudFront assigned when you created your distribution.\n\nYour CloudFront distribution must include an alternate domain name that matches the name of the record. For example, if the name of the record is *acme.example.com* , your CloudFront distribution must include *acme.example.com* as one of the alternate domain names. For more information, see [Using Alternate Domain Names (CNAMEs)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/CNAMEs.html) in the *Amazon CloudFront Developer Guide* .\n\nYou can't create a record in a private hosted zone to route traffic to a CloudFront distribution.\n\n> For failover alias records, you can't specify a CloudFront distribution for both the primary and secondary records. A distribution must include an alternate domain name that matches the name of the record. However, the primary and secondary records have the same name, and you can't include the same alternate domain name in more than one distribution.\n- **Elastic Beanstalk environment** - If the domain name for your Elastic Beanstalk environment includes the region that you deployed the environment in, you can create an alias record that routes traffic to the environment. For example, the domain name `my-environment. *us-west-2* .elasticbeanstalk.com` is a regionalized domain name.\n\n> For environments that were created before early 2016, the domain name doesn't include the region. To route traffic to these environments, you must create a CNAME record instead of an alias record. Note that you can't create a CNAME record for the root domain name. For example, if your domain name is example.com, you can create a record that routes traffic for acme.example.com to your Elastic Beanstalk environment, but you can't create a record that routes traffic for example.com to your Elastic Beanstalk environment. \n\nFor Elastic Beanstalk environments that have regionalized subdomains, specify the `CNAME` attribute for the environment. You can use the following methods to get the value of the CNAME attribute:\n\n- *AWS Management Console* : For information about how to get the value by using the console, see [Using Custom Domains with AWS Elastic Beanstalk](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/customdomains.html) in the *AWS Elastic Beanstalk Developer Guide* .\n- *Elastic Beanstalk API* : Use the `DescribeEnvironments` action to get the value of the `CNAME` attribute. For more information, see [DescribeEnvironments](https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DescribeEnvironments.html) in the *AWS Elastic Beanstalk API Reference* .\n- *AWS CLI* : Use the `describe-environments` command to get the value of the `CNAME` attribute. For more information, see [describe-environments](https://docs.aws.amazon.com/cli/latest/reference/elasticbeanstalk/describe-environments.html) in the *AWS CLI* .\n- **ELB load balancer** - Specify the DNS name that is associated with the load balancer. Get the DNS name by using the AWS Management Console , the ELB API, or the AWS CLI .\n\n- *AWS Management Console* : Go to the EC2 page, choose *Load Balancers* in the navigation pane, choose the load balancer, choose the *Description* tab, and get the value of the *DNS name* field.\n\nIf you're routing traffic to a Classic Load Balancer, get the value that begins with *dualstack* . If you're routing traffic to another type of load balancer, get the value that applies to the record type, A or AAAA.\n- *Elastic Load Balancing API* : Use `DescribeLoadBalancers` to get the value of `DNSName` . For more information, see the applicable guide:\n\n- Classic Load Balancers: [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DescribeLoadBalancers.html)\n- Application and Network Load Balancers: [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html)\n- *CloudFormation Fn::GetAtt intrinsic function* : Use the [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-getatt.html) intrinsic function to get the value of `DNSName` :\n\n- [Classic Load Balancers](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html#aws-properties-ec2-elb-return-values) .\n- [Application and Network Load Balancers](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#aws-resource-elasticloadbalancingv2-loadbalancer-return-values) .\n- *AWS CLI* : Use `describe-load-balancers` to get the value of `DNSName` . For more information, see the applicable guide:\n\n- Classic Load Balancers: [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elb/describe-load-balancers.html)\n- Application and Network Load Balancers: [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elbv2/describe-load-balancers.html)\n- **Global Accelerator accelerator** - Specify the DNS name for your accelerator:\n\n- *Global Accelerator API* : To get the DNS name, use [DescribeAccelerator](https://docs.aws.amazon.com/global-accelerator/latest/api/API_DescribeAccelerator.html) .\n- *AWS CLI* : To get the DNS name, use [describe-accelerator](https://docs.aws.amazon.com/cli/latest/reference/globalaccelerator/describe-accelerator.html) .\n- **Amazon S3 bucket that is configured as a static website** - Specify the domain name of the Amazon S3 website endpoint that you created the bucket in, for example, `s3-website.us-east-2.amazonaws.com` . For more information about valid values, see the table [Amazon S3 Website Endpoints](https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_website_region_endpoints) in the *Amazon Web Services General Reference* . For more information about using S3 buckets for websites, see [Getting Started with Amazon Route 53](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/getting-started.html) in the *Amazon Route 53 Developer Guide.*\n- **Another Route 53 record** - Specify the value of the `Name` element for a record in the current hosted zone.\n\n> If you're creating an alias record that has the same name as the hosted zone (known as the zone apex), you can't specify the domain name for a record for which the value of `Type` is `CNAME` . This is because the alias record must have the same type as the record that you're routing traffic to, and creating a CNAME record for the zone apex isn't supported even for an alias record.", - "title": "DNSName", - "type": "string" - }, - "EvaluateTargetHealth": { - "markdownDescription": "*Applies only to alias records with any routing policy:* When `EvaluateTargetHealth` is `true` , an alias record inherits the health of the referenced AWS resource, such as an ELB load balancer or another record in the hosted zone.\n\nNote the following:\n\n- **CloudFront distributions** - You can't set `EvaluateTargetHealth` to `true` when the alias target is a CloudFront distribution.\n- **Elastic Beanstalk environments that have regionalized subdomains** - If you specify an Elastic Beanstalk environment in `DNSName` and the environment contains an ELB load balancer, Elastic Load Balancing routes queries only to the healthy Amazon EC2 instances that are registered with the load balancer. (An environment automatically contains an ELB load balancer if it includes more than one Amazon EC2 instance.) If you set `EvaluateTargetHealth` to `true` and either no Amazon EC2 instances are healthy or the load balancer itself is unhealthy, Route 53 routes queries to other available resources that are healthy, if any.\n\nIf the environment contains a single Amazon EC2 instance, there are no special requirements.\n- **ELB load balancers** - Health checking behavior depends on the type of load balancer:\n\n- *Classic Load Balancers* : If you specify an ELB Classic Load Balancer in `DNSName` , Elastic Load Balancing routes queries only to the healthy Amazon EC2 instances that are registered with the load balancer. If you set `EvaluateTargetHealth` to `true` and either no EC2 instances are healthy or the load balancer itself is unhealthy, Route 53 routes queries to other resources.\n- *Application and Network Load Balancers* : If you specify an ELB Application or Network Load Balancer and you set `EvaluateTargetHealth` to `true` , Route 53 routes queries to the load balancer based on the health of the target groups that are associated with the load balancer:\n\n- For an Application or Network Load Balancer to be considered healthy, every target group that contains targets must contain at least one healthy target. If any target group contains only unhealthy targets, the load balancer is considered unhealthy, and Route 53 routes queries to other resources.\n- A target group that has no registered targets is considered unhealthy.\n\n> When you create a load balancer, you configure settings for Elastic Load Balancing health checks; they're not Route 53 health checks, but they perform a similar function. Do not create Route 53 health checks for the EC2 instances that you register with an ELB load balancer.\n- **S3 buckets** - There are no special requirements for setting `EvaluateTargetHealth` to `true` when the alias target is an S3 bucket.\n- **Other records in the same hosted zone** - If the AWS resource that you specify in `DNSName` is a record or a group of records (for example, a group of weighted records) but is not another alias record, we recommend that you associate a health check with all of the records in the alias target. For more information, see [What Happens When You Omit Health Checks?](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-complex-configs.html#dns-failover-complex-configs-hc-omitting) in the *Amazon Route 53 Developer Guide* .\n\nFor more information and examples, see [Amazon Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html) in the *Amazon Route 53 Developer Guide* .", - "title": "EvaluateTargetHealth", - "type": "boolean" + "NewerNoncurrentVersions": { + "markdownDescription": "Specifies how many noncurrent versions Amazon S3 will retain. If there are this many more recent noncurrent versions, Amazon S3 will take the associated action. For more information about noncurrent versions, see [Lifecycle configuration elements](https://docs.aws.amazon.com/AmazonS3/latest/userguide/intro-lifecycle-rules.html) in the *Amazon S3 User Guide* .", + "title": "NewerNoncurrentVersions", + "type": "number" }, - "HostedZoneId": { - "markdownDescription": "*Alias resource records sets only* : The value used depends on where you want to route traffic:\n\n- **Amazon API Gateway custom regional APIs and edge-optimized APIs** - Specify the hosted zone ID for your API. You can get the applicable value using the AWS CLI command [get-domain-names](https://docs.aws.amazon.com/cli/latest/reference/apigateway/get-domain-names.html) :\n\n- For regional APIs, specify the value of `regionalHostedZoneId` .\n- For edge-optimized APIs, specify the value of `distributionHostedZoneId` .\n- **Amazon Virtual Private Cloud interface VPC endpoint** - Specify the hosted zone ID for your interface endpoint. You can get the value of `HostedZoneId` using the AWS CLI command [describe-vpc-endpoints](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-vpc-endpoints.html) .\n- **CloudFront distribution** - Specify `Z2FDTNDATAQYW2` . This is always the hosted zone ID when you create an alias record that routes traffic to a CloudFront distribution.\n\n> Alias records for CloudFront can't be created in a private zone.\n- **Elastic Beanstalk environment** - Specify the hosted zone ID for the region that you created the environment in. The environment must have a regionalized subdomain. For a list of regions and the corresponding hosted zone IDs, see [AWS Elastic Beanstalk endpoints and quotas](https://docs.aws.amazon.com/general/latest/gr/elasticbeanstalk.html) in the *Amazon Web Services General Reference* .\n- **ELB load balancer** - Specify the value of the hosted zone ID for the load balancer. Use the following methods to get the hosted zone ID:\n\n- [Service Endpoints](https://docs.aws.amazon.com/general/latest/gr/elb.html) table in the \"Elastic Load Balancing endpoints and quotas\" topic in the *Amazon Web Services General Reference* : Use the value that corresponds with the region that you created your load balancer in. Note that there are separate columns for Application and Classic Load Balancers and for Network Load Balancers.\n- *AWS Management Console* : Go to the Amazon EC2 page, choose *Load Balancers* in the navigation pane, select the load balancer, and get the value of the *Hosted zone* field on the *Description* tab.\n- *Elastic Load Balancing API* : Use `DescribeLoadBalancers` to get the applicable value. For more information, see the applicable guide:\n\n- Classic Load Balancers: Use [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DescribeLoadBalancers.html) to get the value of `CanonicalHostedZoneNameID` .\n- Application and Network Load Balancers: Use [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html) to get the value of `CanonicalHostedZoneID` .\n- *CloudFormation Fn::GetAtt intrinsic function* : Use the [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-getatt.html) intrinsic function to get the applicable value:\n\n- Classic Load Balancers: Get [CanonicalHostedZoneNameID](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html#aws-properties-ec2-elb-return-values) .\n- Application and Network Load Balancers: Get [CanonicalHostedZoneID](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#aws-resource-elasticloadbalancingv2-loadbalancer-return-values) .\n- *AWS CLI* : Use `describe-load-balancers` to get the applicable value. For more information, see the applicable guide:\n\n- Classic Load Balancers: Use [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elb/describe-load-balancers.html) to get the value of `CanonicalHostedZoneNameID` .\n- Application and Network Load Balancers: Use [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elbv2/describe-load-balancers.html) to get the value of `CanonicalHostedZoneID` .\n- **Global Accelerator accelerator** - Specify `Z2BJ6XQ5FK7U4H` .\n- **An Amazon S3 bucket configured as a static website** - Specify the hosted zone ID for the region that you created the bucket in. For more information about valid values, see the table [Amazon S3 Website Endpoints](https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_website_region_endpoints) in the *Amazon Web Services General Reference* .\n- **Another Route 53 record in your hosted zone** - Specify the hosted zone ID of your hosted zone. (An alias record can't reference a record in a different hosted zone.)", - "title": "HostedZoneId", - "type": "string" + "NoncurrentDays": { + "markdownDescription": "Specifies the number of days an object is noncurrent before Amazon S3 can perform the associated action. For information about the noncurrent days calculations, see [How Amazon S3 Calculates When an Object Became Noncurrent](https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecycle-rules.html#non-current-days-calculations) in the *Amazon S3 User Guide* .", + "title": "NoncurrentDays", + "type": "number" } }, "required": [ - "DNSName", - "HostedZoneId" + "NoncurrentDays" ], "type": "object" }, - "AWS::Route53::RecordSetGroup.CidrRoutingConfig": { + "AWS::S3::Bucket.NoncurrentVersionTransition": { "additionalProperties": false, "properties": { - "CollectionId": { - "markdownDescription": "The CIDR collection ID.", - "title": "CollectionId", - "type": "string" + "NewerNoncurrentVersions": { + "markdownDescription": "Specifies how many noncurrent versions Amazon S3 will retain. If there are this many more recent noncurrent versions, Amazon S3 will take the associated action. For more information about noncurrent versions, see [Lifecycle configuration elements](https://docs.aws.amazon.com/AmazonS3/latest/userguide/intro-lifecycle-rules.html) in the *Amazon S3 User Guide* .", + "title": "NewerNoncurrentVersions", + "type": "number" }, - "LocationName": { - "markdownDescription": "The CIDR collection location name.", - "title": "LocationName", + "StorageClass": { + "markdownDescription": "The class of storage used to store the object.", + "title": "StorageClass", "type": "string" + }, + "TransitionInDays": { + "markdownDescription": "Specifies the number of days an object is noncurrent before Amazon S3 can perform the associated action. For information about the noncurrent days calculations, see [How Amazon S3 Calculates How Long an Object Has Been Noncurrent](https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecycle-rules.html#non-current-days-calculations) in the *Amazon S3 User Guide* .", + "title": "TransitionInDays", + "type": "number" } }, "required": [ - "CollectionId", - "LocationName" + "StorageClass", + "TransitionInDays" ], "type": "object" }, - "AWS::Route53::RecordSetGroup.Coordinates": { + "AWS::S3::Bucket.NotificationConfiguration": { "additionalProperties": false, "properties": { - "Latitude": { - "markdownDescription": "Specifies a coordinate of the north\u2013south position of a geographic point on the surface of the Earth (-90 - 90).", - "title": "Latitude", - "type": "string" + "EventBridgeConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.EventBridgeConfiguration", + "markdownDescription": "Enables delivery of events to Amazon EventBridge.", + "title": "EventBridgeConfiguration" }, - "Longitude": { - "markdownDescription": "Specifies a coordinate of the east\u2013west position of a geographic point on the surface of the Earth (-180 - 180).", - "title": "Longitude", - "type": "string" + "LambdaConfigurations": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.LambdaConfiguration" + }, + "markdownDescription": "Describes the AWS Lambda functions to invoke and the events for which to invoke them.", + "title": "LambdaConfigurations", + "type": "array" + }, + "QueueConfigurations": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.QueueConfiguration" + }, + "markdownDescription": "The Amazon Simple Queue Service queues to publish messages to and the events for which to publish messages.", + "title": "QueueConfigurations", + "type": "array" + }, + "TopicConfigurations": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.TopicConfiguration" + }, + "markdownDescription": "The topic to which notifications are sent and the events for which notifications are generated.", + "title": "TopicConfigurations", + "type": "array" + } + }, + "type": "object" + }, + "AWS::S3::Bucket.NotificationFilter": { + "additionalProperties": false, + "properties": { + "S3Key": { + "$ref": "#/definitions/AWS::S3::Bucket.S3KeyFilter", + "markdownDescription": "A container for object key name prefix and suffix filtering rules.", + "title": "S3Key" } }, "required": [ - "Latitude", - "Longitude" + "S3Key" ], "type": "object" }, - "AWS::Route53::RecordSetGroup.GeoLocation": { + "AWS::S3::Bucket.ObjectLockConfiguration": { "additionalProperties": false, "properties": { - "ContinentCode": { - "markdownDescription": "For geolocation resource record sets, a two-letter abbreviation that identifies a continent. Route 53 supports the following continent codes:\n\n- *AF* : Africa\n- *AN* : Antarctica\n- *AS* : Asia\n- *EU* : Europe\n- *OC* : Oceania\n- *NA* : North America\n- *SA* : South America\n\nConstraint: Specifying `ContinentCode` with either `CountryCode` or `SubdivisionCode` returns an `InvalidInput` error.", - "title": "ContinentCode", - "type": "string" - }, - "CountryCode": { - "markdownDescription": "For geolocation resource record sets, the two-letter code for a country.\n\nRoute 53 uses the two-letter country codes that are specified in [ISO standard 3166-1 alpha-2](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2) .", - "title": "CountryCode", + "ObjectLockEnabled": { + "markdownDescription": "Indicates whether this bucket has an Object Lock configuration enabled. Enable `ObjectLockEnabled` when you apply `ObjectLockConfiguration` to a bucket.", + "title": "ObjectLockEnabled", "type": "string" }, - "SubdivisionCode": { - "markdownDescription": "For geolocation resource record sets, the two-letter code for a state of the United States. Route 53 doesn't support any other values for `SubdivisionCode` . For a list of state abbreviations, see [Appendix B: Two\u2013Letter State and Possession Abbreviations](https://docs.aws.amazon.com/https://pe.usps.com/text/pub28/28apb.htm) on the United States Postal Service website.\n\nIf you specify `subdivisioncode` , you must also specify `US` for `CountryCode` .", - "title": "SubdivisionCode", - "type": "string" + "Rule": { + "$ref": "#/definitions/AWS::S3::Bucket.ObjectLockRule", + "markdownDescription": "Specifies the Object Lock rule for the specified object. Enable this rule when you apply `ObjectLockConfiguration` to a bucket. If Object Lock is turned on, bucket settings require both `Mode` and a period of either `Days` or `Years` . You cannot specify `Days` and `Years` at the same time. For more information, see [ObjectLockRule](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-objectlockrule.html) and [DefaultRetention](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-defaultretention.html) .", + "title": "Rule" } }, "type": "object" }, - "AWS::Route53::RecordSetGroup.GeoProximityLocation": { + "AWS::S3::Bucket.ObjectLockRule": { "additionalProperties": false, "properties": { - "AWSRegion": { - "markdownDescription": "The AWS Region the resource you are directing DNS traffic to, is in.", - "title": "AWSRegion", - "type": "string" - }, - "Bias": { - "markdownDescription": "The bias increases or decreases the size of the geographic region from which Route\u00a053 routes traffic to a resource.\n\nTo use `Bias` to change the size of the geographic region, specify the applicable value for the bias:\n\n- To expand the size of the geographic region from which Route\u00a053 routes traffic to a resource, specify a positive integer from 1 to 99 for the bias. Route\u00a053 shrinks the size of adjacent regions.\n- To shrink the size of the geographic region from which Route\u00a053 routes traffic to a resource, specify a negative bias of -1 to -99. Route\u00a053 expands the size of adjacent regions.", - "title": "Bias", - "type": "number" - }, - "Coordinates": { - "$ref": "#/definitions/AWS::Route53::RecordSetGroup.Coordinates", - "markdownDescription": "Contains the longitude and latitude for a geographic region.", - "title": "Coordinates" - }, - "LocalZoneGroup": { - "markdownDescription": "Specifies an AWS Local Zone Group.\n\nA local Zone Group is usually the Local Zone code without the ending character. For example, if the Local Zone is `us-east-1-bue-1a` the Local Zone Group is `us-east-1-bue-1` .\n\nYou can identify the Local Zones Group for a specific Local Zone by using the [describe-availability-zones](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-availability-zones.html) CLI command:\n\nThis command returns: `\"GroupName\": \"us-west-2-den-1\"` , specifying that the Local Zone `us-west-2-den-1a` belongs to the Local Zone Group `us-west-2-den-1` .", - "title": "LocalZoneGroup", - "type": "string" + "DefaultRetention": { + "$ref": "#/definitions/AWS::S3::Bucket.DefaultRetention", + "markdownDescription": "The default Object Lock retention mode and period that you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, bucket settings require both `Mode` and a period of either `Days` or `Years` . You cannot specify `Days` and `Years` at the same time. For more information about allowable values for mode and period, see [DefaultRetention](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-defaultretention.html) .", + "title": "DefaultRetention" } }, "type": "object" }, - "AWS::Route53::RecordSetGroup.RecordSet": { + "AWS::S3::Bucket.OwnershipControls": { "additionalProperties": false, "properties": { - "AliasTarget": { - "$ref": "#/definitions/AWS::Route53::RecordSetGroup.AliasTarget", - "markdownDescription": "*Alias resource record sets only:* Information about the AWS resource, such as a CloudFront distribution or an Amazon S3 bucket, that you want to route traffic to.\n\nIf you're creating resource records sets for a private hosted zone, note the following:\n\n- You can't create an alias resource record set in a private hosted zone to route traffic to a CloudFront distribution.\n- For information about creating failover resource record sets in a private hosted zone, see [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html) in the *Amazon Route 53 Developer Guide* .", - "title": "AliasTarget" - }, - "CidrRoutingConfig": { - "$ref": "#/definitions/AWS::Route53::RecordSetGroup.CidrRoutingConfig", - "markdownDescription": "", - "title": "CidrRoutingConfig" - }, - "Failover": { - "markdownDescription": "*Failover resource record sets only:* To configure failover, you add the `Failover` element to two resource record sets. For one resource record set, you specify `PRIMARY` as the value for `Failover` ; for the other resource record set, you specify `SECONDARY` . In addition, you include the `HealthCheckId` element and specify the health check that you want Amazon Route 53 to perform for each resource record set.\n\nExcept where noted, the following failover behaviors assume that you have included the `HealthCheckId` element in both resource record sets:\n\n- When the primary resource record set is healthy, Route 53 responds to DNS queries with the applicable value from the primary resource record set regardless of the health of the secondary resource record set.\n- When the primary resource record set is unhealthy and the secondary resource record set is healthy, Route 53 responds to DNS queries with the applicable value from the secondary resource record set.\n- When the secondary resource record set is unhealthy, Route 53 responds to DNS queries with the applicable value from the primary resource record set regardless of the health of the primary resource record set.\n- If you omit the `HealthCheckId` element for the secondary resource record set, and if the primary resource record set is unhealthy, Route 53 always responds to DNS queries with the applicable value from the secondary resource record set. This is true regardless of the health of the associated endpoint.\n\nYou can't create non-failover resource record sets that have the same values for the `Name` and `Type` elements as failover resource record sets.\n\nFor failover alias resource record sets, you must also include the `EvaluateTargetHealth` element and set the value to true.\n\nFor more information about configuring failover for Route 53, see the following topics in the *Amazon Route 53 Developer Guide* :\n\n- [Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html)\n- [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html)", - "title": "Failover", - "type": "string" - }, - "GeoLocation": { - "$ref": "#/definitions/AWS::Route53::RecordSetGroup.GeoLocation", - "markdownDescription": "*Geolocation resource record sets only:* A complex type that lets you control how Amazon Route 53 responds to DNS queries based on the geographic origin of the query. For example, if you want all queries from Africa to be routed to a web server with an IP address of `192.0.2.111` , create a resource record set with a `Type` of `A` and a `ContinentCode` of `AF` .\n\nIf you create separate resource record sets for overlapping geographic regions (for example, one resource record set for a continent and one for a country on the same continent), priority goes to the smallest geographic region. This allows you to route most queries for a continent to one resource and to route queries for a country on that continent to a different resource.\n\nYou can't create two geolocation resource record sets that specify the same geographic location.\n\nThe value `*` in the `CountryCode` element matches all geographic locations that aren't specified in other geolocation resource record sets that have the same values for the `Name` and `Type` elements.\n\n> Geolocation works by mapping IP addresses to locations. However, some IP addresses aren't mapped to geographic locations, so even if you create geolocation resource record sets that cover all seven continents, Route 53 will receive some DNS queries from locations that it can't identify. We recommend that you create a resource record set for which the value of `CountryCode` is `*` . Two groups of queries are routed to the resource that you specify in this record: queries that come from locations for which you haven't created geolocation resource record sets and queries from IP addresses that aren't mapped to a location. If you don't create a `*` resource record set, Route 53 returns a \"no answer\" response for queries from those locations. \n\nYou can't create non-geolocation resource record sets that have the same values for the `Name` and `Type` elements as geolocation resource record sets.", - "title": "GeoLocation" - }, - "GeoProximityLocation": { - "$ref": "#/definitions/AWS::Route53::RecordSetGroup.GeoProximityLocation", - "markdownDescription": "A complex type that contains information about a geographic location.", - "title": "GeoProximityLocation" - }, - "HealthCheckId": { - "markdownDescription": "If you want Amazon Route 53 to return this resource record set in response to a DNS query only when the status of a health check is healthy, include the `HealthCheckId` element and specify the ID of the applicable health check.\n\nRoute 53 determines whether a resource record set is healthy based on one of the following:\n\n- By periodically sending a request to the endpoint that is specified in the health check\n- By aggregating the status of a specified group of health checks (calculated health checks)\n- By determining the current state of a CloudWatch alarm (CloudWatch metric health checks)\n\n> Route 53 doesn't check the health of the endpoint that is specified in the resource record set, for example, the endpoint specified by the IP address in the `Value` element. When you add a `HealthCheckId` element to a resource record set, Route 53 checks the health of the endpoint that you specified in the health check. \n\nFor more information, see the following topics in the *Amazon Route 53 Developer Guide* :\n\n- [How Amazon Route 53 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html)\n- [Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html)\n- [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html)\n\n*When to Specify HealthCheckId*\n\nSpecifying a value for `HealthCheckId` is useful only when Route 53 is choosing between two or more resource record sets to respond to a DNS query, and you want Route 53 to base the choice in part on the status of a health check. Configuring health checks makes sense only in the following configurations:\n\n- *Non-alias resource record sets* : You're checking the health of a group of non-alias resource record sets that have the same routing policy, name, and type (such as multiple weighted records named www.example.com with a type of A) and you specify health check IDs for all the resource record sets.\n\nIf the health check status for a resource record set is healthy, Route 53 includes the record among the records that it responds to DNS queries with.\n\nIf the health check status for a resource record set is unhealthy, Route 53 stops responding to DNS queries using the value for that resource record set.\n\nIf the health check status for all resource record sets in the group is unhealthy, Route 53 considers all resource record sets in the group healthy and responds to DNS queries accordingly.\n- *Alias resource record sets* : You specify the following settings:\n\n- You set `EvaluateTargetHealth` to true for an alias resource record set in a group of resource record sets that have the same routing policy, name, and type (such as multiple weighted records named www.example.com with a type of A).\n- You configure the alias resource record set to route traffic to a non-alias resource record set in the same hosted zone.\n- You specify a health check ID for the non-alias resource record set.\n\nIf the health check status is healthy, Route 53 considers the alias resource record set to be healthy and includes the alias record among the records that it responds to DNS queries with.\n\nIf the health check status is unhealthy, Route 53 stops responding to DNS queries using the alias resource record set.\n\n> The alias resource record set can also route traffic to a *group* of non-alias resource record sets that have the same routing policy, name, and type. In that configuration, associate health checks with all of the resource record sets in the group of non-alias resource record sets.\n\n*Geolocation Routing*\n\nFor geolocation resource record sets, if an endpoint is unhealthy, Route 53 looks for a resource record set for the larger, associated geographic region. For example, suppose you have resource record sets for a state in the United States, for the entire United States, for North America, and a resource record set that has `*` for `CountryCode` is `*` , which applies to all locations. If the endpoint for the state resource record set is unhealthy, Route 53 checks for healthy resource record sets in the following order until it finds a resource record set for which the endpoint is healthy:\n\n- The United States\n- North America\n- The default resource record set\n\n*Specifying the Health Check Endpoint by Domain Name*\n\nIf your health checks specify the endpoint only by domain name, we recommend that you create a separate health check for each endpoint. For example, create a health check for each `HTTP` server that is serving content for `www.example.com` . For the value of `FullyQualifiedDomainName` , specify the domain name of the server (such as `us-east-2-www.example.com` ), not the name of the resource record sets ( `www.example.com` ).\n\n> Health check results will be unpredictable if you do the following:\n> \n> - Create a health check that has the same value for `FullyQualifiedDomainName` as the name of a resource record set.\n> - Associate that health check with the resource record set.", - "title": "HealthCheckId", - "type": "string" - }, - "HostedZoneId": { - "markdownDescription": "The ID of the hosted zone that you want to create records in.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .\n\nDo not provide the `HostedZoneId` if it is already defined in `AWS::Route53::RecordSetGroup` . The creation fails if `HostedZoneId` is defined in both.", - "title": "HostedZoneId", - "type": "string" - }, - "HostedZoneName": { - "markdownDescription": "The name of the hosted zone that you want to create records in. You must include a trailing dot (for example, `www.example.com.` ) as part of the `HostedZoneName` .\n\nWhen you create a stack using an `AWS::Route53::RecordSet` that specifies `HostedZoneName` , AWS CloudFormation attempts to find a hosted zone whose name matches the `HostedZoneName` . If AWS CloudFormation can't find a hosted zone with a matching domain name, or if there is more than one hosted zone with the specified domain name, AWS CloudFormation will not create the stack.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", - "title": "HostedZoneName", - "type": "string" - }, - "MultiValueAnswer": { - "markdownDescription": "*Multivalue answer resource record sets only* : To route traffic approximately randomly to multiple resources, such as web servers, create one multivalue answer record for each resource and specify `true` for `MultiValueAnswer` . Note the following:\n\n- If you associate a health check with a multivalue answer resource record set, Amazon Route 53 responds to DNS queries with the corresponding IP address only when the health check is healthy.\n- If you don't associate a health check with a multivalue answer record, Route 53 always considers the record to be healthy.\n- Route 53 responds to DNS queries with up to eight healthy records; if you have eight or fewer healthy records, Route 53 responds to all DNS queries with all the healthy records.\n- If you have more than eight healthy records, Route 53 responds to different DNS resolvers with different combinations of healthy records.\n- When all records are unhealthy, Route 53 responds to DNS queries with up to eight unhealthy records.\n- If a resource becomes unavailable after a resolver caches a response, client software typically tries another of the IP addresses in the response.\n\nYou can't create multivalue answer alias records.", - "title": "MultiValueAnswer", - "type": "boolean" - }, - "Name": { - "markdownDescription": "For `ChangeResourceRecordSets` requests, the name of the record that you want to create, update, or delete. For `ListResourceRecordSets` responses, the name of a record in the specified hosted zone.\n\n*ChangeResourceRecordSets Only*\n\nEnter a fully qualified domain name, for example, `www.example.com` . You can optionally include a trailing dot. If you omit the trailing dot, Amazon Route 53 assumes that the domain name that you specify is fully qualified. This means that Route 53 treats `www.example.com` (without a trailing dot) and `www.example.com.` (with a trailing dot) as identical.\n\nFor information about how to specify characters other than `a-z` , `0-9` , and `-` (hyphen) and how to specify internationalized domain names, see [DNS Domain Name Format](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/DomainNameFormat.html) in the *Amazon Route 53 Developer Guide* .\n\nYou can use the asterisk (*) wildcard to replace the leftmost label in a domain name, for example, `*.example.com` . Note the following:\n\n- The * must replace the entire label. For example, you can't specify `*prod.example.com` or `prod*.example.com` .\n- The * can't replace any of the middle labels, for example, marketing.*.example.com.\n- If you include * in any position other than the leftmost label in a domain name, DNS treats it as an * character (ASCII 42), not as a wildcard.\n\n> You can't use the * wildcard for resource records sets that have a type of NS.", - "title": "Name", - "type": "string" - }, - "Region": { - "markdownDescription": "*Latency-based resource record sets only:* The Amazon EC2 Region where you created the resource that this resource record set refers to. The resource typically is an AWS resource, such as an EC2 instance or an ELB load balancer, and is referred to by an IP address or a DNS domain name, depending on the record type.\n\nWhen Amazon Route 53 receives a DNS query for a domain name and type for which you have created latency resource record sets, Route 53 selects the latency resource record set that has the lowest latency between the end user and the associated Amazon EC2 Region. Route 53 then returns the value that is associated with the selected resource record set.\n\nNote the following:\n\n- You can only specify one `ResourceRecord` per latency resource record set.\n- You can only create one latency resource record set for each Amazon EC2 Region.\n- You aren't required to create latency resource record sets for all Amazon EC2 Regions. Route 53 will choose the region with the best latency from among the regions that you create latency resource record sets for.\n- You can't create non-latency resource record sets that have the same values for the `Name` and `Type` elements as latency resource record sets.", - "title": "Region", - "type": "string" - }, - "ResourceRecords": { + "Rules": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::S3::Bucket.OwnershipControlsRule" }, - "markdownDescription": "Information about the records that you want to create. Each record should be in the format appropriate for the record type specified by the `Type` property. For information about different record types and their record formats, see [Values That You Specify When You Create or Edit Amazon Route 53 Records](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/resource-record-sets-values.html) in the *Amazon Route 53 Developer Guide* .", - "title": "ResourceRecords", + "markdownDescription": "Specifies the container element for Object Ownership rules.", + "title": "Rules", "type": "array" - }, - "SetIdentifier": { - "markdownDescription": "*Resource record sets that have a routing policy other than simple:* An identifier that differentiates among multiple resource record sets that have the same combination of name and type, such as multiple weighted resource record sets named acme.example.com that have a type of A. In a group of resource record sets that have the same name and type, the value of `SetIdentifier` must be unique for each resource record set.\n\nFor information about routing policies, see [Choosing a Routing Policy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html) in the *Amazon Route 53 Developer Guide* .", - "title": "SetIdentifier", - "type": "string" - }, - "TTL": { - "markdownDescription": "The resource record cache time to live (TTL), in seconds. Note the following:\n\n- If you're creating or updating an alias resource record set, omit `TTL` . Amazon Route 53 uses the value of `TTL` for the alias target.\n- If you're associating this resource record set with a health check (if you're adding a `HealthCheckId` element), we recommend that you specify a `TTL` of 60 seconds or less so clients respond quickly to changes in health status.\n- All of the resource record sets in a group of weighted resource record sets must have the same value for `TTL` .\n- If a group of weighted resource record sets includes one or more weighted alias resource record sets for which the alias target is an ELB load balancer, we recommend that you specify a `TTL` of 60 seconds for all of the non-alias weighted resource record sets that have the same name and type. Values other than 60 seconds (the TTL for load balancers) will change the effect of the values that you specify for `Weight` .", - "title": "TTL", - "type": "string" - }, - "Type": { - "markdownDescription": "The DNS record type. For information about different record types and how data is encoded for them, see [Supported DNS Resource Record Types](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ResourceRecordTypes.html) in the *Amazon Route 53 Developer Guide* .\n\nValid values for basic resource record sets: `A` | `AAAA` | `CAA` | `CNAME` | `DS` | `MX` | `NAPTR` | `NS` | `PTR` | `SOA` | `SPF` | `SRV` | `TXT` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS`\n\nValues for weighted, latency, geolocation, and failover resource record sets: `A` | `AAAA` | `CAA` | `CNAME` | `MX` | `NAPTR` | `PTR` | `SPF` | `SRV` | `TXT` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS` . When creating a group of weighted, latency, geolocation, or failover resource record sets, specify the same value for all of the resource record sets in the group.\n\nValid values for multivalue answer resource record sets: `A` | `AAAA` | `MX` | `NAPTR` | `PTR` | `SPF` | `SRV` | `TXT` | `CAA` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS`\n\n> SPF records were formerly used to verify the identity of the sender of email messages. However, we no longer recommend that you create resource record sets for which the value of `Type` is `SPF` . RFC 7208, *Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1* , has been updated to say, \"...[I]ts existence and mechanism defined in [RFC4408] have led to some interoperability issues. Accordingly, its use is no longer appropriate for SPF version 1; implementations are not to use it.\" In RFC 7208, see section 14.1, [The SPF DNS Record Type](https://docs.aws.amazon.com/http://tools.ietf.org/html/rfc7208#section-14.1) . \n\nValues for alias resource record sets:\n\n- *Amazon API Gateway custom regional APIs and edge-optimized APIs:* `A`\n- *CloudFront distributions:* `A`\n\nIf IPv6 is enabled for the distribution, create two resource record sets to route traffic to your distribution, one with a value of `A` and one with a value of `AAAA` .\n- *Amazon API Gateway environment that has a regionalized subdomain* : `A`\n- *ELB load balancers:* `A` | `AAAA`\n- *Amazon S3 buckets:* `A`\n- *Amazon Virtual Private Cloud interface VPC endpoints* `A`\n- *Another resource record set in this hosted zone:* Specify the type of the resource record set that you're creating the alias for. All values are supported except `NS` and `SOA` .\n\n> If you're creating an alias record that has the same name as the hosted zone (known as the zone apex), you can't route traffic to a record for which the value of `Type` is `CNAME` . This is because the alias record must have the same type as the record you're routing traffic to, and creating a CNAME record for the zone apex isn't supported even for an alias record.", - "title": "Type", - "type": "string" - }, - "Weight": { - "markdownDescription": "*Weighted resource record sets only:* Among resource record sets that have the same combination of DNS name and type, a value that determines the proportion of DNS queries that Amazon Route 53 responds to using the current resource record set. Route 53 calculates the sum of the weights for the resource record sets that have the same combination of DNS name and type. Route 53 then responds to queries based on the ratio of a resource's weight to the total. Note the following:\n\n- You must specify a value for the `Weight` element for every weighted resource record set.\n- You can only specify one `ResourceRecord` per weighted resource record set.\n- You can't create latency, failover, or geolocation resource record sets that have the same values for the `Name` and `Type` elements as weighted resource record sets.\n- You can create a maximum of 100 weighted resource record sets that have the same values for the `Name` and `Type` elements.\n- For weighted (but not weighted alias) resource record sets, if you set `Weight` to `0` for a resource record set, Route 53 never responds to queries with the applicable value for that resource record set. However, if you set `Weight` to `0` for all resource record sets that have the same combination of DNS name and type, traffic is routed to all resources with equal probability.\n\nThe effect of setting `Weight` to `0` is different when you associate health checks with weighted resource record sets. For more information, see [Options for Configuring Route 53 Active-Active and Active-Passive Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-configuring-options.html) in the *Amazon Route 53 Developer Guide* .", - "title": "Weight", - "type": "number" } }, "required": [ - "Name", - "Type" + "Rules" ], "type": "object" }, - "AWS::Route53Profiles::Profile": { + "AWS::S3::Bucket.OwnershipControlsRule": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "Name of the Profile.", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of the tag keys and values that you want to associate with the profile.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Route53Profiles::Profile" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ObjectOwnership": { + "markdownDescription": "Specifies an object ownership rule.", + "title": "ObjectOwnership", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Route53Profiles::ProfileAssociation": { + "AWS::S3::Bucket.PartitionedPrefix": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "PartitionDateSource": { + "markdownDescription": "Specifies the partition date source for the partitioned prefix. `PartitionDateSource` can be `EventTime` or `DeliveryTime` .\n\nFor `DeliveryTime` , the time in the log file names corresponds to the delivery time for the log files.\n\nFor `EventTime` , The logs delivered are for a specific day only. The year, month, and day correspond to the day on which the event occurred, and the hour, minutes and seconds are set to 00 in the key.", + "title": "PartitionDateSource", "type": "string" + } + }, + "type": "object" + }, + "AWS::S3::Bucket.PublicAccessBlockConfiguration": { + "additionalProperties": false, + "properties": { + "BlockPublicAcls": { + "markdownDescription": "Specifies whether Amazon S3 should block public access control lists (ACLs) for this bucket and objects in this bucket. Setting this element to `TRUE` causes the following behavior:\n\n- PUT Bucket ACL and PUT Object ACL calls fail if the specified ACL is public.\n- PUT Object calls fail if the request includes a public ACL.\n- PUT Bucket calls fail if the request includes a public ACL.\n\nEnabling this setting doesn't affect existing policies or ACLs.", + "title": "BlockPublicAcls", + "type": "boolean" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the profile association to a VPC.", - "title": "Arn", - "type": "string" - }, - "Name": { - "markdownDescription": "Name of the Profile association.", - "title": "Name", - "type": "string" - }, - "ProfileId": { - "markdownDescription": "ID of the Profile.\n\nUpdate to this property requires update to the `ResourceId` property as well, because you can only associate one Profile per VPC. For more information, see [Route 53 Profiles](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/profiles.html) .", - "title": "ProfileId", - "type": "string" - }, - "ResourceId": { - "markdownDescription": "The ID of the VPC.", - "title": "ResourceId", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Name", - "ProfileId", - "ResourceId" - ], - "type": "object" + "BlockPublicPolicy": { + "markdownDescription": "Specifies whether Amazon S3 should block public bucket policies for this bucket. Setting this element to `TRUE` causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.\n\nEnabling this setting doesn't affect existing bucket policies.", + "title": "BlockPublicPolicy", + "type": "boolean" }, - "Type": { - "enum": [ - "AWS::Route53Profiles::ProfileAssociation" - ], - "type": "string" + "IgnorePublicAcls": { + "markdownDescription": "Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects in this bucket. Setting this element to `TRUE` causes Amazon S3 to ignore all public ACLs on this bucket and objects in this bucket.\n\nEnabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.", + "title": "IgnorePublicAcls", + "type": "boolean" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "RestrictPublicBuckets": { + "markdownDescription": "Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to `TRUE` restricts access to this bucket to only AWS service principals and authorized users within this account if the bucket has a public policy.\n\nEnabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.", + "title": "RestrictPublicBuckets", + "type": "boolean" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Route53Profiles::ProfileResourceAssociation": { + "AWS::S3::Bucket.QueueConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Event": { + "markdownDescription": "The Amazon S3 bucket event about which you want to publish messages to Amazon SQS. For more information, see [Supported Event Types](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide* .", + "title": "Event", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "Name of the Profile resource association.", - "title": "Name", - "type": "string" - }, - "ProfileId": { - "markdownDescription": "Profile ID of the Profile that the resources are associated with.", - "title": "ProfileId", - "type": "string" - }, - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource association.", - "title": "ResourceArn", - "type": "string" - }, - "ResourceProperties": { - "markdownDescription": "If the DNS resource is a DNS Firewall rule group, this indicates the priority.", - "title": "ResourceProperties", - "type": "string" - } - }, - "required": [ - "Name", - "ProfileId", - "ResourceArn" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Route53Profiles::ProfileResourceAssociation" - ], - "type": "string" + "Filter": { + "$ref": "#/definitions/AWS::S3::Bucket.NotificationFilter", + "markdownDescription": "The filtering rules that determine which objects trigger notifications. For example, you can create a filter so that Amazon S3 sends notifications only when image files with a `.jpg` extension are added to the bucket. For more information, see [Configuring event notifications using object key name filtering](https://docs.aws.amazon.com/AmazonS3/latest/user-guide/notification-how-to-filtering.html) in the *Amazon S3 User Guide* .", + "title": "Filter" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Queue": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SQS queue to which Amazon S3 publishes a message when it detects events of the specified type. FIFO queues are not allowed when enabling an SQS queue as the event notification destination.", + "title": "Queue", "type": "string" } }, "required": [ - "Type", - "Properties" + "Event", + "Queue" ], "type": "object" }, - "AWS::Route53RecoveryControl::Cluster": { + "AWS::S3::Bucket.RecordExpiration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "Name of the cluster. You can use any non-white space character in the name except the following: & > < ' (single quote) \" (double quote) ; (semicolon).", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags associated with the cluster.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Route53RecoveryControl::Cluster" - ], - "type": "string" + "Days": { + "markdownDescription": "If you enable journal table record expiration, you can set the number of days to retain your journal table records. Journal table records must be retained for a minimum of 7 days. To set this value, specify any whole number from `7` to `2147483647` . For example, to retain your journal table records for one year, set this value to `365` .", + "title": "Days", + "type": "number" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Expiration": { + "markdownDescription": "Specifies whether journal table record expiration is enabled or disabled.", + "title": "Expiration", "type": "string" } }, "required": [ - "Type", - "Properties" + "Expiration" ], "type": "object" }, - "AWS::Route53RecoveryControl::Cluster.ClusterEndpoint": { + "AWS::S3::Bucket.RedirectAllRequestsTo": { "additionalProperties": false, "properties": { - "Endpoint": { - "markdownDescription": "A cluster endpoint URL for one of the five redundant clusters that you specify to set or retrieve a routing control state.", - "title": "Endpoint", + "HostName": { + "markdownDescription": "Name of the host where requests are redirected.", + "title": "HostName", "type": "string" }, - "Region": { - "markdownDescription": "The AWS Region for a cluster endpoint.", - "title": "Region", + "Protocol": { + "markdownDescription": "Protocol to use when redirecting requests. The default is the protocol that is used in the original request.", + "title": "Protocol", "type": "string" } }, + "required": [ + "HostName" + ], "type": "object" }, - "AWS::Route53RecoveryControl::ControlPanel": { + "AWS::S3::Bucket.RedirectRule": { "additionalProperties": false, "properties": { - "Condition": { + "HostName": { + "markdownDescription": "The host name to use in the redirect request.", + "title": "HostName", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "HttpRedirectCode": { + "markdownDescription": "The HTTP redirect code to use on the response. Not required if one of the siblings is present.", + "title": "HttpRedirectCode", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ClusterArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the cluster for the control panel.", - "title": "ClusterArn", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the control panel. You can use any non-white space character in the name.", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags associated with the control panel.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Name" - ], - "type": "object" + "Protocol": { + "markdownDescription": "Protocol to use when redirecting requests. The default is the protocol that is used in the original request.", + "title": "Protocol", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Route53RecoveryControl::ControlPanel" - ], + "ReplaceKeyPrefixWith": { + "markdownDescription": "The object key prefix to use in the redirect request. For example, to redirect requests for all pages with prefix `docs/` (objects in the `docs/` folder) to `documents/` , you can set a condition block with `KeyPrefixEquals` set to `docs/` and in the Redirect set `ReplaceKeyPrefixWith` to `/documents` . Not required if one of the siblings is present. Can be present only if `ReplaceKeyWith` is not provided.\n\n> Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints) .", + "title": "ReplaceKeyPrefixWith", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ReplaceKeyWith": { + "markdownDescription": "The specific object key to use in the redirect request. For example, redirect request to `error.html` . Not required if one of the siblings is present. Can be present only if `ReplaceKeyPrefixWith` is not provided.\n\n> Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints) .", + "title": "ReplaceKeyWith", + "type": "string" + } + }, + "type": "object" + }, + "AWS::S3::Bucket.ReplicaModifications": { + "additionalProperties": false, + "properties": { + "Status": { + "markdownDescription": "Specifies whether Amazon S3 replicates modifications on replicas.\n\n*Allowed values* : `Enabled` | `Disabled`", + "title": "Status", "type": "string" } }, "required": [ - "Type", - "Properties" + "Status" ], "type": "object" }, - "AWS::Route53RecoveryControl::RoutingControl": { + "AWS::S3::Bucket.ReplicationConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Role": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that Amazon S3 assumes when replicating objects. For more information, see [How to Set Up Replication](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-how-setup.html) in the *Amazon S3 User Guide* .", + "title": "Role", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ClusterArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the cluster that hosts the routing control.", - "title": "ClusterArn", - "type": "string" - }, - "ControlPanelArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the control panel that includes the routing control.", - "title": "ControlPanelArn", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the routing control. You can use any non-white space character in the name.", - "title": "Name", - "type": "string" - } + "Rules": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.ReplicationRule" }, - "required": [ - "Name" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Route53RecoveryControl::RoutingControl" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "markdownDescription": "A container for one or more replication rules. A replication configuration must have at least one rule and can contain a maximum of 1,000 rules.", + "title": "Rules", + "type": "array" } }, "required": [ - "Type", - "Properties" + "Role", + "Rules" ], "type": "object" }, - "AWS::Route53RecoveryControl::SafetyRule": { + "AWS::S3::Bucket.ReplicationDestination": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "AccessControlTranslation": { + "$ref": "#/definitions/AWS::S3::Bucket.AccessControlTranslation", + "markdownDescription": "Specify this only in a cross-account scenario (where source and destination bucket owners are not the same), and you want to change replica ownership to the AWS account that owns the destination bucket. If this is not specified in the replication configuration, the replicas are owned by same AWS account that owns the source object.", + "title": "AccessControlTranslation" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Account": { + "markdownDescription": "Destination bucket owner account ID. In a cross-account scenario, if you direct Amazon S3 to change replica ownership to the AWS account that owns the destination bucket by specifying the `AccessControlTranslation` property, this is the account ID of the destination bucket owner. For more information, see [Cross-Region Replication Additional Configuration: Change Replica Owner](https://docs.aws.amazon.com/AmazonS3/latest/dev/crr-change-owner.html) in the *Amazon S3 User Guide* .\n\nIf you specify the `AccessControlTranslation` property, the `Account` property is required.", + "title": "Account", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Bucket": { + "markdownDescription": "The Amazon Resource Name (ARN) of the bucket where you want Amazon S3 to store the results.", + "title": "Bucket", + "type": "string" }, - "Metadata": { - "type": "object" + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.EncryptionConfiguration", + "markdownDescription": "Specifies encryption-related information.", + "title": "EncryptionConfiguration" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AssertionRule": { - "$ref": "#/definitions/AWS::Route53RecoveryControl::SafetyRule.AssertionRule", - "markdownDescription": "An assertion rule enforces that, when you change a routing control state, that the criteria that you set in the rule configuration is met. Otherwise, the change to the routing control is not accepted. For example, the criteria might be that at least one routing control state is `On` after the transaction so that traffic continues to flow to at least one cell for the application. This ensures that you avoid a fail-open scenario.", - "title": "AssertionRule" - }, - "ControlPanelArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the control panel.", - "title": "ControlPanelArn", - "type": "string" - }, - "GatingRule": { - "$ref": "#/definitions/AWS::Route53RecoveryControl::SafetyRule.GatingRule", - "markdownDescription": "A gating rule verifies that a gating routing control or set of gating routing controls, evaluates as true, based on a rule configuration that you specify, which allows a set of routing control state changes to complete.\n\nFor example, if you specify one gating routing control and you set the `Type` in the rule configuration to `OR` , that indicates that you must set the gating routing control to `On` for the rule to evaluate as true; that is, for the gating control switch to be On. When you do that, then you can update the routing control states for the target routing controls that you specify in the gating rule.", - "title": "GatingRule" - }, - "Name": { - "markdownDescription": "The name of the assertion rule. The name must be unique within a control panel. You can use any non-white space character in the name except the following: & > < ' (single quote) \" (double quote) ; (semicolon)", - "title": "Name", - "type": "string" - }, - "RuleConfig": { - "$ref": "#/definitions/AWS::Route53RecoveryControl::SafetyRule.RuleConfig", - "markdownDescription": "The criteria that you set for specific assertion controls (routing controls) that designate how many control states must be `ON` as the result of a transaction. For example, if you have three assertion controls, you might specify `ATLEAST 2` for your rule configuration. This means that at least two assertion controls must be `ON` , so that at least two AWS Regions have traffic flowing to them.", - "title": "RuleConfig" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags associated with the safety rule.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "ControlPanelArn", - "Name", - "RuleConfig" - ], - "type": "object" + "Metrics": { + "$ref": "#/definitions/AWS::S3::Bucket.Metrics", + "markdownDescription": "A container specifying replication metrics-related settings enabling replication metrics and events.", + "title": "Metrics" }, - "Type": { - "enum": [ - "AWS::Route53RecoveryControl::SafetyRule" - ], - "type": "string" + "ReplicationTime": { + "$ref": "#/definitions/AWS::S3::Bucket.ReplicationTime", + "markdownDescription": "A container specifying S3 Replication Time Control (S3 RTC), including whether S3 RTC is enabled and the time when all objects and operations on objects must be replicated. Must be specified together with a `Metrics` block.", + "title": "ReplicationTime" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "StorageClass": { + "markdownDescription": "The storage class to use when replicating objects, such as S3 Standard or reduced redundancy. By default, Amazon S3 uses the storage class of the source object to create the object replica.\n\nFor valid values, see the `StorageClass` element of the [PUT Bucket replication](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTreplication.html) action in the *Amazon S3 API Reference* .\n\n`FSX_OPENZFS` is not an accepted value when replicating objects.", + "title": "StorageClass", "type": "string" } }, "required": [ - "Type", - "Properties" + "Bucket" ], "type": "object" }, - "AWS::Route53RecoveryControl::SafetyRule.AssertionRule": { + "AWS::S3::Bucket.ReplicationRule": { "additionalProperties": false, "properties": { - "AssertedControls": { - "items": { - "type": "string" - }, - "markdownDescription": "The routing controls that are part of transactions that are evaluated to determine if a request to change a routing control state is allowed. For example, you might include three routing controls, one for each of three AWS Regions.", - "title": "AssertedControls", - "type": "array" + "DeleteMarkerReplication": { + "$ref": "#/definitions/AWS::S3::Bucket.DeleteMarkerReplication", + "markdownDescription": "Specifies whether Amazon S3 replicates delete markers. If you specify a `Filter` in your replication configuration, you must also include a `DeleteMarkerReplication` element. If your `Filter` includes a `Tag` element, the `DeleteMarkerReplication` `Status` must be set to Disabled, because Amazon S3 does not support replicating delete markers for tag-based rules. For an example configuration, see [Basic Rule Configuration](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-config-min-rule-config) .\n\nFor more information about delete marker replication, see [Basic Rule Configuration](https://docs.aws.amazon.com/AmazonS3/latest/dev/delete-marker-replication.html) .\n\n> If you are using an earlier version of the replication configuration, Amazon S3 handles replication of delete markers differently. For more information, see [Backward Compatibility](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-backward-compat-considerations) .", + "title": "DeleteMarkerReplication" }, - "WaitPeriodMs": { - "markdownDescription": "An evaluation period, in milliseconds (ms), during which any request against the target routing controls will fail. This helps prevent flapping of state. The wait period is 5000 ms by default, but you can choose a custom value.", - "title": "WaitPeriodMs", + "Destination": { + "$ref": "#/definitions/AWS::S3::Bucket.ReplicationDestination", + "markdownDescription": "A container for information about the replication destination and its configurations including enabling the S3 Replication Time Control (S3 RTC).", + "title": "Destination" + }, + "Filter": { + "$ref": "#/definitions/AWS::S3::Bucket.ReplicationRuleFilter", + "markdownDescription": "A filter that identifies the subset of objects to which the replication rule applies. A `Filter` must specify exactly one `Prefix` , `TagFilter` , or an `And` child element. The use of the filter field indicates that this is a V2 replication configuration. This field isn't supported in a V1 replication configuration.\n\n> V1 replication configuration only supports filtering by key prefix. To filter using a V1 replication configuration, add the `Prefix` directly as a child element of the `Rule` element.", + "title": "Filter" + }, + "Id": { + "markdownDescription": "A unique identifier for the rule. The maximum value is 255 characters. If you don't specify a value, AWS CloudFormation generates a random ID. When using a V2 replication configuration this property is capitalized as \"ID\".", + "title": "Id", + "type": "string" + }, + "Prefix": { + "markdownDescription": "An object key name prefix that identifies the object or objects to which the rule applies. The maximum prefix length is 1,024 characters. To include all objects in a bucket, specify an empty string. To filter using a V1 replication configuration, add the `Prefix` directly as a child element of the `Rule` element.\n\n> Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints) .", + "title": "Prefix", + "type": "string" + }, + "Priority": { + "markdownDescription": "The priority indicates which rule has precedence whenever two or more replication rules conflict. Amazon S3 will attempt to replicate objects according to all replication rules. However, if there are two or more rules with the same destination bucket, then objects will be replicated according to the rule with the highest priority. The higher the number, the higher the priority.\n\nFor more information, see [Replication](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication.html) in the *Amazon S3 User Guide* .", + "title": "Priority", "type": "number" + }, + "SourceSelectionCriteria": { + "$ref": "#/definitions/AWS::S3::Bucket.SourceSelectionCriteria", + "markdownDescription": "A container that describes additional filters for identifying the source objects that you want to replicate. You can choose to enable or disable the replication of these objects.", + "title": "SourceSelectionCriteria" + }, + "Status": { + "markdownDescription": "Specifies whether the rule is enabled.", + "title": "Status", + "type": "string" } }, "required": [ - "AssertedControls", - "WaitPeriodMs" + "Destination", + "Status" ], "type": "object" }, - "AWS::Route53RecoveryControl::SafetyRule.GatingRule": { + "AWS::S3::Bucket.ReplicationRuleAndOperator": { "additionalProperties": false, "properties": { - "GatingControls": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of gating routing control Amazon Resource Names (ARNs). For a simple on-off switch, specify the ARN for one routing control. The gating routing controls are evaluated by the rule configuration that you specify to determine if the target routing control states can be changed.", - "title": "GatingControls", - "type": "array" + "Prefix": { + "markdownDescription": "An object key name prefix that identifies the subset of objects to which the rule applies.", + "title": "Prefix", + "type": "string" }, - "TargetControls": { + "TagFilters": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::S3::Bucket.TagFilter" }, - "markdownDescription": "An array of target routing control Amazon Resource Names (ARNs) for which the states can only be updated if the rule configuration that you specify evaluates to true for the gating routing control. As a simple example, if you have a single gating control, it acts as an overall on-off switch for a set of target routing controls. You can use this to manually override automated failover, for example.", - "title": "TargetControls", + "markdownDescription": "An array of tags containing key and value pairs.", + "title": "TagFilters", "type": "array" + } + }, + "type": "object" + }, + "AWS::S3::Bucket.ReplicationRuleFilter": { + "additionalProperties": false, + "properties": { + "And": { + "$ref": "#/definitions/AWS::S3::Bucket.ReplicationRuleAndOperator", + "markdownDescription": "A container for specifying rule filters. The filters determine the subset of objects to which the rule applies. This element is required only if you specify more than one filter. For example:\n\n- If you specify both a `Prefix` and a `TagFilter` , wrap these filters in an `And` tag.\n- If you specify a filter based on multiple tags, wrap the `TagFilter` elements in an `And` tag.", + "title": "And" }, - "WaitPeriodMs": { - "markdownDescription": "An evaluation period, in milliseconds (ms), during which any request against the target routing controls will fail. This helps prevent flapping of state. The wait period is 5000 ms by default, but you can choose a custom value.", - "title": "WaitPeriodMs", - "type": "number" + "Prefix": { + "markdownDescription": "An object key name prefix that identifies the subset of objects to which the rule applies.\n\n> Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints) .", + "title": "Prefix", + "type": "string" + }, + "TagFilter": { + "$ref": "#/definitions/AWS::S3::Bucket.TagFilter", + "markdownDescription": "A container for specifying a tag key and value.\n\nThe rule applies only to objects that have the tag in their tag set.", + "title": "TagFilter" + } + }, + "type": "object" + }, + "AWS::S3::Bucket.ReplicationTime": { + "additionalProperties": false, + "properties": { + "Status": { + "markdownDescription": "Specifies whether the replication time is enabled.", + "title": "Status", + "type": "string" + }, + "Time": { + "$ref": "#/definitions/AWS::S3::Bucket.ReplicationTimeValue", + "markdownDescription": "A container specifying the time by which replication should be complete for all objects and operations on objects.", + "title": "Time" } }, "required": [ - "GatingControls", - "TargetControls", - "WaitPeriodMs" + "Status", + "Time" ], "type": "object" }, - "AWS::Route53RecoveryControl::SafetyRule.RuleConfig": { + "AWS::S3::Bucket.ReplicationTimeValue": { "additionalProperties": false, "properties": { - "Inverted": { - "markdownDescription": "Logical negation of the rule. If the rule would usually evaluate true, it's evaluated as false, and vice versa.", - "title": "Inverted", - "type": "boolean" - }, - "Threshold": { - "markdownDescription": "The value of N, when you specify an `ATLEAST` rule type. That is, `Threshold` is the number of controls that must be set when you specify an `ATLEAST` type.", - "title": "Threshold", + "Minutes": { + "markdownDescription": "Contains an integer specifying time in minutes.\n\nValid value: 15", + "title": "Minutes", "type": "number" - }, - "Type": { - "markdownDescription": "A rule can be one of the following: `ATLEAST` , `AND` , or `OR` .", - "title": "Type", - "type": "string" } }, "required": [ - "Inverted", - "Threshold", - "Type" + "Minutes" ], "type": "object" }, - "AWS::Route53RecoveryReadiness::Cell": { + "AWS::S3::Bucket.RoutingRule": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "CellName": { - "markdownDescription": "The name of the cell to create.", - "title": "CellName", - "type": "string" - }, - "Cells": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of cell Amazon Resource Names (ARNs) contained within this cell, for use in nested cells. For example, Availability Zones within specific AWS Regions .", - "title": "Cells", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A collection of tags associated with a resource.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" + "RedirectRule": { + "$ref": "#/definitions/AWS::S3::Bucket.RedirectRule", + "markdownDescription": "Container for redirect information. You can redirect requests to another host, to another page, or with another protocol. In the event of an error, you can specify a different error code to return.", + "title": "RedirectRule" }, - "Type": { - "enum": [ - "AWS::Route53RecoveryReadiness::Cell" - ], + "RoutingRuleCondition": { + "$ref": "#/definitions/AWS::S3::Bucket.RoutingRuleCondition", + "markdownDescription": "A container for describing a condition that must be met for the specified redirect to apply. For example, 1. If request is for pages in the `/docs` folder, redirect to the `/documents` folder. 2. If request results in HTTP error 4xx, redirect request to another host where you might process the error.", + "title": "RoutingRuleCondition" + } + }, + "required": [ + "RedirectRule" + ], + "type": "object" + }, + "AWS::S3::Bucket.RoutingRuleCondition": { + "additionalProperties": false, + "properties": { + "HttpErrorCodeReturnedEquals": { + "markdownDescription": "The HTTP error code when the redirect is applied. In the event of an error, if the error code equals this value, then the specified redirect is applied.\n\nRequired when parent element `Condition` is specified and sibling `KeyPrefixEquals` is not specified. If both are specified, then both must be true for the redirect to be applied.", + "title": "HttpErrorCodeReturnedEquals", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "KeyPrefixEquals": { + "markdownDescription": "The object key name prefix when the redirect is applied. For example, to redirect requests for `ExamplePage.html` , the key prefix will be `ExamplePage.html` . To redirect request for all pages with the prefix `docs/` , the key prefix will be `docs/` , which identifies all objects in the docs/ folder.\n\nRequired when the parent element `Condition` is specified and sibling `HttpErrorCodeReturnedEquals` is not specified. If both conditions are specified, both must be true for the redirect to be applied.", + "title": "KeyPrefixEquals", "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::Route53RecoveryReadiness::ReadinessCheck": { + "AWS::S3::Bucket.Rule": { "additionalProperties": false, "properties": { - "Condition": { + "AbortIncompleteMultipartUpload": { + "$ref": "#/definitions/AWS::S3::Bucket.AbortIncompleteMultipartUpload", + "markdownDescription": "Specifies a lifecycle rule that stops incomplete multipart uploads to an Amazon S3 bucket.", + "title": "AbortIncompleteMultipartUpload" + }, + "ExpirationDate": { + "markdownDescription": "Indicates when objects are deleted from Amazon S3 and Amazon S3 Glacier. The date value must be in ISO 8601 format. The time is always midnight UTC. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time.", + "title": "ExpirationDate", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ExpirationInDays": { + "markdownDescription": "Indicates the number of days after creation when objects are deleted from Amazon S3 and Amazon S3 Glacier. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time.", + "title": "ExpirationInDays", + "type": "number" + }, + "ExpiredObjectDeleteMarker": { + "markdownDescription": "Indicates whether Amazon S3 will remove a delete marker without any noncurrent versions. If set to true, the delete marker will be removed if there are no noncurrent versions. This cannot be specified with `ExpirationInDays` , `ExpirationDate` , or `TagFilters` .", + "title": "ExpiredObjectDeleteMarker", + "type": "boolean" + }, + "Id": { + "markdownDescription": "Unique identifier for the rule. The value can't be longer than 255 characters.", + "title": "Id", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "NoncurrentVersionExpiration": { + "$ref": "#/definitions/AWS::S3::Bucket.NoncurrentVersionExpiration", + "markdownDescription": "Specifies when noncurrent object versions expire. Upon expiration, Amazon S3 permanently deletes the noncurrent object versions. You set this lifecycle configuration action on a bucket that has versioning enabled (or suspended) to request that Amazon S3 delete noncurrent object versions at a specific period in the object's lifetime.", + "title": "NoncurrentVersionExpiration" }, - "Metadata": { - "type": "object" + "NoncurrentVersionExpirationInDays": { + "markdownDescription": "(Deprecated.) For buckets with versioning enabled (or suspended), specifies the time, in days, between when a new version of the object is uploaded to the bucket and when old versions of the object expire. When object versions expire, Amazon S3 permanently deletes them. If you specify a transition and expiration time, the expiration time must be later than the transition time.", + "title": "NoncurrentVersionExpirationInDays", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ReadinessCheckName": { - "markdownDescription": "The name of the readiness check to create.", - "title": "ReadinessCheckName", - "type": "string" - }, - "ResourceSetName": { - "markdownDescription": "The name of the resource set to check.", - "title": "ResourceSetName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A collection of tags associated with a resource.", - "title": "Tags", - "type": "array" - } + "NoncurrentVersionTransition": { + "$ref": "#/definitions/AWS::S3::Bucket.NoncurrentVersionTransition", + "markdownDescription": "(Deprecated.) For buckets with versioning enabled (or suspended), specifies when non-current objects transition to a specified storage class. If you specify a transition and expiration time, the expiration time must be later than the transition time. If you specify this property, don't specify the `NoncurrentVersionTransitions` property.", + "title": "NoncurrentVersionTransition" + }, + "NoncurrentVersionTransitions": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.NoncurrentVersionTransition" }, - "type": "object" + "markdownDescription": "For buckets with versioning enabled (or suspended), one or more transition rules that specify when non-current objects transition to a specified storage class. If you specify a transition and expiration time, the expiration time must be later than the transition time. If you specify this property, don't specify the `NoncurrentVersionTransition` property.", + "title": "NoncurrentVersionTransitions", + "type": "array" }, - "Type": { - "enum": [ - "AWS::Route53RecoveryReadiness::ReadinessCheck" - ], + "ObjectSizeGreaterThan": { + "markdownDescription": "Specifies the minimum object size in bytes for this rule to apply to. Objects must be larger than this value in bytes. For more information about size based rules, see [Lifecycle configuration using size-based rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-configuration-examples.html#lc-size-rules) in the *Amazon S3 User Guide* .", + "title": "ObjectSizeGreaterThan", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ObjectSizeLessThan": { + "markdownDescription": "Specifies the maximum object size in bytes for this rule to apply to. Objects must be smaller than this value in bytes. For more information about sized based rules, see [Lifecycle configuration using size-based rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-configuration-examples.html#lc-size-rules) in the *Amazon S3 User Guide* .", + "title": "ObjectSizeLessThan", + "type": "string" + }, + "Prefix": { + "markdownDescription": "Object key prefix that identifies one or more objects to which this rule applies.\n\n> Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints) .", + "title": "Prefix", + "type": "string" + }, + "Status": { + "markdownDescription": "If `Enabled` , the rule is currently being applied. If `Disabled` , the rule is not currently being applied.", + "title": "Status", "type": "string" + }, + "TagFilters": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.TagFilter" + }, + "markdownDescription": "Tags to use to identify a subset of objects to which the lifecycle rule applies.", + "title": "TagFilters", + "type": "array" + }, + "Transition": { + "$ref": "#/definitions/AWS::S3::Bucket.Transition", + "markdownDescription": "(Deprecated.) Specifies when an object transitions to a specified storage class. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time. If you specify this property, don't specify the `Transitions` property.", + "title": "Transition" + }, + "Transitions": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.Transition" + }, + "markdownDescription": "One or more transition rules that specify when an object transitions to a specified storage class. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time. If you specify this property, don't specify the `Transition` property.", + "title": "Transitions", + "type": "array" } }, "required": [ - "Type" + "Status" ], "type": "object" }, - "AWS::Route53RecoveryReadiness::RecoveryGroup": { + "AWS::S3::Bucket.S3KeyFilter": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Cells": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the cell Amazon Resource Names (ARNs) in the recovery group.", - "title": "Cells", - "type": "array" - }, - "RecoveryGroupName": { - "markdownDescription": "The name of the recovery group to create.", - "title": "RecoveryGroupName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A collection of tags associated with a resource.", - "title": "Tags", - "type": "array" - } + "Rules": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.FilterRule" }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Route53RecoveryReadiness::RecoveryGroup" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "markdownDescription": "A list of containers for the key-value pair that defines the criteria for the filter rule.", + "title": "Rules", + "type": "array" } }, "required": [ - "Type" + "Rules" ], "type": "object" }, - "AWS::Route53RecoveryReadiness::ResourceSet": { + "AWS::S3::Bucket.S3TablesDestination": { "additionalProperties": false, "properties": { - "Condition": { + "TableArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the metadata table in the metadata table configuration. The specified metadata table name must be unique within the `aws_s3_metadata` namespace in the destination table bucket.", + "title": "TableArn", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TableBucketArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the table bucket that's specified as the destination in the metadata table configuration. The destination table bucket must be in the same Region and AWS account as the general purpose bucket.", + "title": "TableBucketArn", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ResourceSetName": { - "markdownDescription": "The name of the resource set to create.", - "title": "ResourceSetName", - "type": "string" - }, - "ResourceSetType": { - "markdownDescription": "The resource type of the resources in the resource set. Enter one of the following values for resource type:\n\nAWS::ApiGateway::Stage, AWS::ApiGatewayV2::Stage, AWS::AutoScaling::AutoScalingGroup, AWS::CloudWatch::Alarm, AWS::EC2::CustomerGateway, AWS::DynamoDB::Table, AWS::EC2::Volume, AWS::ElasticLoadBalancing::LoadBalancer, AWS::ElasticLoadBalancingV2::LoadBalancer, AWS::Lambda::Function, AWS::MSK::Cluster, AWS::RDS::DBCluster, AWS::Route53::HealthCheck, AWS::SQS::Queue, AWS::SNS::Topic, AWS::SNS::Subscription, AWS::EC2::VPC, AWS::EC2::VPNConnection, AWS::EC2::VPNGateway, AWS::Route53RecoveryReadiness::DNSTargetResource.\n\nNote that AWS::Route53RecoveryReadiness::DNSTargetResource is only used for this setting. It isn't an actual AWS CloudFormation resource type.", - "title": "ResourceSetType", - "type": "string" - }, - "Resources": { - "items": { - "$ref": "#/definitions/AWS::Route53RecoveryReadiness::ResourceSet.Resource" - }, - "markdownDescription": "A list of resource objects in the resource set.", - "title": "Resources", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A tag to associate with the parameters for a resource set.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "ResourceSetType", - "Resources" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Route53RecoveryReadiness::ResourceSet" - ], + "TableName": { + "markdownDescription": "The name for the metadata table in your metadata table configuration. The specified metadata table name must be unique within the `aws_s3_metadata` namespace in the destination table bucket.", + "title": "TableName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TableNamespace": { + "markdownDescription": "The table bucket namespace for the metadata table in your metadata table configuration. This value is always `aws_s3_metadata` .", + "title": "TableNamespace", "type": "string" } }, "required": [ - "Type", - "Properties" + "TableBucketArn", + "TableName" ], "type": "object" }, - "AWS::Route53RecoveryReadiness::ResourceSet.DNSTargetResource": { + "AWS::S3::Bucket.ServerSideEncryptionByDefault": { "additionalProperties": false, "properties": { - "DomainName": { - "markdownDescription": "The domain name that acts as an ingress point to a portion of the customer application.", - "title": "DomainName", - "type": "string" - }, - "HostedZoneArn": { - "markdownDescription": "The hosted zone Amazon Resource Name (ARN) that contains the DNS record with the provided name of the target resource.", - "title": "HostedZoneArn", - "type": "string" - }, - "RecordSetId": { - "markdownDescription": "The Amazon Route 53 record set ID that uniquely identifies a DNS record, given a name and a type.", - "title": "RecordSetId", + "KMSMasterKeyID": { + "markdownDescription": "AWS Key Management Service (KMS) customer managed key ID to use for the default encryption.\n\n> - *General purpose buckets* - This parameter is allowed if and only if `SSEAlgorithm` is set to `aws:kms` or `aws:kms:dsse` .\n> - *Directory buckets* - This parameter is allowed if and only if `SSEAlgorithm` is set to `aws:kms` . \n\nYou can specify the key ID, key alias, or the Amazon Resource Name (ARN) of the KMS key.\n\n- Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key ARN: `arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key Alias: `alias/alias-name`\n\nIf you are using encryption with cross-account or AWS service operations, you must use a fully qualified KMS key ARN. For more information, see [Using encryption for cross-account operations](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html#bucket-encryption-update-bucket-policy) .\n\n> - *General purpose buckets* - If you're specifying a customer managed KMS key, we recommend using a fully qualified KMS key ARN. If you use a KMS key alias instead, then AWS KMS resolves the key within the requester\u2019s account. This behavior can result in data that's encrypted with a KMS key that belongs to the requester, and not the bucket owner. Also, if you use a key ID, you can run into a LogDestination undeliverable error when creating a VPC flow log.\n> - *Directory buckets* - When you specify an [AWS KMS customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk) for encryption in your directory bucket, only use the key ID or key ARN. The key alias format of the KMS key isn't supported. > Amazon S3 only supports symmetric encryption KMS keys. For more information, see [Asymmetric keys in AWS KMS](https://docs.aws.amazon.com//kms/latest/developerguide/symmetric-asymmetric.html) in the *AWS Key Management Service Developer Guide* .", + "title": "KMSMasterKeyID", "type": "string" }, - "RecordType": { - "markdownDescription": "The type of DNS record of the target resource.", - "title": "RecordType", + "SSEAlgorithm": { + "markdownDescription": "Server-side encryption algorithm to use for the default encryption.\n\n> For directory buckets, there are only two supported values for server-side encryption: `AES256` and `aws:kms` .", + "title": "SSEAlgorithm", "type": "string" - }, - "TargetResource": { - "$ref": "#/definitions/AWS::Route53RecoveryReadiness::ResourceSet.TargetResource", - "markdownDescription": "The target resource that the Route 53 record points to.", - "title": "TargetResource" } }, + "required": [ + "SSEAlgorithm" + ], "type": "object" }, - "AWS::Route53RecoveryReadiness::ResourceSet.NLBResource": { + "AWS::S3::Bucket.ServerSideEncryptionRule": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Network Load Balancer resource Amazon Resource Name (ARN).", - "title": "Arn", - "type": "string" + "BucketKeyEnabled": { + "markdownDescription": "Specifies whether Amazon S3 should use an S3 Bucket Key with server-side encryption using KMS (SSE-KMS) for new objects in the bucket. Existing objects are not affected. Setting the `BucketKeyEnabled` element to `true` causes Amazon S3 to use an S3 Bucket Key. By default, S3 Bucket Key is not enabled.\n\nFor more information, see [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) in the *Amazon S3 User Guide* .", + "title": "BucketKeyEnabled", + "type": "boolean" + }, + "ServerSideEncryptionByDefault": { + "$ref": "#/definitions/AWS::S3::Bucket.ServerSideEncryptionByDefault", + "markdownDescription": "Specifies the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied.", + "title": "ServerSideEncryptionByDefault" } }, "type": "object" }, - "AWS::Route53RecoveryReadiness::ResourceSet.R53ResourceRecord": { + "AWS::S3::Bucket.SourceSelectionCriteria": { "additionalProperties": false, "properties": { - "DomainName": { - "markdownDescription": "The DNS target domain name.", - "title": "DomainName", - "type": "string" + "ReplicaModifications": { + "$ref": "#/definitions/AWS::S3::Bucket.ReplicaModifications", + "markdownDescription": "A filter that you can specify for selection for modifications on replicas.", + "title": "ReplicaModifications" }, - "RecordSetId": { - "markdownDescription": "The Amazon Route 53 Resource Record Set ID.", - "title": "RecordSetId", - "type": "string" + "SseKmsEncryptedObjects": { + "$ref": "#/definitions/AWS::S3::Bucket.SseKmsEncryptedObjects", + "markdownDescription": "A container for filter information for the selection of Amazon S3 objects encrypted with AWS KMS.", + "title": "SseKmsEncryptedObjects" } }, "type": "object" }, - "AWS::Route53RecoveryReadiness::ResourceSet.Resource": { + "AWS::S3::Bucket.SseKmsEncryptedObjects": { "additionalProperties": false, "properties": { - "ComponentId": { - "markdownDescription": "The component identifier of the resource, generated when DNS target resource is used.", - "title": "ComponentId", - "type": "string" - }, - "DnsTargetResource": { - "$ref": "#/definitions/AWS::Route53RecoveryReadiness::ResourceSet.DNSTargetResource", - "markdownDescription": "A component for DNS/routing control readiness checks. This is a required setting when `ResourceSet` `ResourceSetType` is set to `AWS::Route53RecoveryReadiness::DNSTargetResource` . Do not set it for any other `ResourceSetType` setting.", - "title": "DnsTargetResource" - }, - "ReadinessScopes": { - "items": { - "type": "string" - }, - "markdownDescription": "The recovery group Amazon Resource Name (ARN) or the cell ARN that the readiness checks for this resource set are scoped to.", - "title": "ReadinessScopes", - "type": "array" - }, - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS resource. This is a required setting for all `ResourceSet` `ResourceSetType` settings except `AWS::Route53RecoveryReadiness::DNSTargetResource` . Do not set this when `ResourceSetType` is set to `AWS::Route53RecoveryReadiness::DNSTargetResource` .", - "title": "ResourceArn", + "Status": { + "markdownDescription": "Specifies whether Amazon S3 replicates objects created with server-side encryption using an AWS KMS key stored in AWS Key Management Service.", + "title": "Status", "type": "string" } }, + "required": [ + "Status" + ], "type": "object" }, - "AWS::Route53RecoveryReadiness::ResourceSet.TargetResource": { + "AWS::S3::Bucket.StorageClassAnalysis": { "additionalProperties": false, "properties": { - "NLBResource": { - "$ref": "#/definitions/AWS::Route53RecoveryReadiness::ResourceSet.NLBResource", - "markdownDescription": "The Network Load Balancer resource that a DNS target resource points to.", - "title": "NLBResource" - }, - "R53Resource": { - "$ref": "#/definitions/AWS::Route53RecoveryReadiness::ResourceSet.R53ResourceRecord", - "markdownDescription": "The Route 53 resource that a DNS target resource record points to.", - "title": "R53Resource" + "DataExport": { + "$ref": "#/definitions/AWS::S3::Bucket.DataExport", + "markdownDescription": "Specifies how data related to the storage class analysis for an Amazon S3 bucket should be exported.", + "title": "DataExport" } }, "type": "object" }, - "AWS::Route53Resolver::FirewallDomainList": { + "AWS::S3::Bucket.TagFilter": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DomainFileUrl": { - "markdownDescription": "The fully qualified URL or URI of the file stored in Amazon Simple Storage Service (Amazon S3) that contains the list of domains to import.\n\nThe file must be in an S3 bucket that's in the same Region as your DNS Firewall. The file must be a text file and must contain a single domain per line.", - "title": "DomainFileUrl", - "type": "string" - }, - "Domains": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the domain lists that you have defined.", - "title": "Domains", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the domain list.", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of the tag keys and values that you want to associate with the domain list.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Route53Resolver::FirewallDomainList" - ], + "Key": { + "markdownDescription": "The tag key.", + "title": "Key", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Value": { + "markdownDescription": "The tag value.", + "title": "Value", "type": "string" } }, "required": [ - "Type" + "Key", + "Value" ], "type": "object" }, - "AWS::Route53Resolver::FirewallRuleGroup": { + "AWS::S3::Bucket.TargetObjectKeyFormat": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "PartitionedPrefix": { + "$ref": "#/definitions/AWS::S3::Bucket.PartitionedPrefix", + "markdownDescription": "Partitioned S3 key for log objects.", + "title": "PartitionedPrefix" }, - "Properties": { - "additionalProperties": false, - "properties": { - "FirewallRules": { - "items": { - "$ref": "#/definitions/AWS::Route53Resolver::FirewallRuleGroup.FirewallRule" - }, - "markdownDescription": "A list of the rules that you have defined.", - "title": "FirewallRules", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the rule group.", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of the tag keys and values that you want to associate with the rule group.", - "title": "Tags", - "type": "array" - } - }, + "SimplePrefix": { + "markdownDescription": "To use the simple format for S3 keys for log objects. To specify SimplePrefix format, set SimplePrefix to {}.", + "title": "SimplePrefix", "type": "object" - }, - "Type": { - "enum": [ - "AWS::Route53Resolver::FirewallRuleGroup" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::Route53Resolver::FirewallRuleGroup.FirewallRule": { + "AWS::S3::Bucket.Tiering": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The action that DNS Firewall should take on a DNS query when it matches one of the domains in the rule's domain list, or a threat in a DNS Firewall Advvanced rule:\n\n- `ALLOW` - Permit the request to go through. Not available for DNS Firewall Advanced rules.\n- `ALERT` - Permit the request to go through but send an alert to the logs.\n- `BLOCK` - Disallow the request. If this is specified,then `BlockResponse` must also be specified.\n\nif `BlockResponse` is `OVERRIDE` , then all of the following `OVERRIDE` attributes must be specified:\n\n- `BlockOverrideDnsType`\n- `BlockOverrideDomain`\n- `BlockOverrideTtl`", - "title": "Action", - "type": "string" - }, - "BlockOverrideDnsType": { - "markdownDescription": "The DNS record's type. This determines the format of the record value that you provided in `BlockOverrideDomain` . Used for the rule action `BLOCK` with a `BlockResponse` setting of `OVERRIDE` .", - "title": "BlockOverrideDnsType", - "type": "string" - }, - "BlockOverrideDomain": { - "markdownDescription": "The custom DNS record to send back in response to the query. Used for the rule action `BLOCK` with a `BlockResponse` setting of `OVERRIDE` .", - "title": "BlockOverrideDomain", - "type": "string" - }, - "BlockOverrideTtl": { - "markdownDescription": "The recommended amount of time, in seconds, for the DNS resolver or web browser to cache the provided override record. Used for the rule action `BLOCK` with a `BlockResponse` setting of `OVERRIDE` .", - "title": "BlockOverrideTtl", - "type": "number" - }, - "BlockResponse": { - "markdownDescription": "The way that you want DNS Firewall to block the request. Used for the rule action setting `BLOCK` .\n\n- `NODATA` - Respond indicating that the query was successful, but no response is available for it.\n- `NXDOMAIN` - Respond indicating that the domain name that's in the query doesn't exist.\n- `OVERRIDE` - Provide a custom override in the response. This option requires custom handling details in the rule's `BlockOverride*` settings.", - "title": "BlockResponse", - "type": "string" - }, - "FirewallDomainListId": { - "markdownDescription": "The ID of the domain list that's used in the rule.", - "title": "FirewallDomainListId", + "AccessTier": { + "markdownDescription": "S3 Intelligent-Tiering access tier. See [Storage class for automatically optimizing frequently and infrequently accessed objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html#sc-dynamic-data-access) for a list of access tiers in the S3 Intelligent-Tiering storage class.", + "title": "AccessTier", "type": "string" }, - "Priority": { - "markdownDescription": "The priority of the rule in the rule group. This value must be unique within the rule group. DNS Firewall processes the rules in a rule group by order of priority, starting from the lowest setting.", - "title": "Priority", + "Days": { + "markdownDescription": "The number of consecutive days of no access after which an object will be eligible to be transitioned to the corresponding tier. The minimum number of days specified for Archive Access tier must be at least 90 days and Deep Archive Access tier must be at least 180 days. The maximum can be up to 2 years (730 days).", + "title": "Days", "type": "number" - }, - "Qtype": { - "markdownDescription": "The DNS query type you want the rule to evaluate. Allowed values are;\n\n- A: Returns an IPv4 address.\n- AAAA: Returns an Ipv6 address.\n- CAA: Restricts CAs that can create SSL/TLS certifications for the domain.\n- CNAME: Returns another domain name.\n- DS: Record that identifies the DNSSEC signing key of a delegated zone.\n- MX: Specifies mail servers.\n- NAPTR: Regular-expression-based rewriting of domain names.\n- NS: Authoritative name servers.\n- PTR: Maps an IP address to a domain name.\n- SOA: Start of authority record for the zone.\n- SPF: Lists the servers authorized to send emails from a domain.\n- SRV: Application specific values that identify servers.\n- TXT: Verifies email senders and application-specific values.\n- A query type you define by using the DNS type ID, for example 28 for AAAA. The values must be defined as TYPE NUMBER , where the NUMBER can be 1-65334, for example, TYPE28. For more information, see [List of DNS record types](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/List_of_DNS_record_types) .", - "title": "Qtype", - "type": "string" } }, "required": [ - "Action", - "FirewallDomainListId", - "Priority" + "AccessTier", + "Days" ], "type": "object" }, - "AWS::Route53Resolver::FirewallRuleGroupAssociation": { + "AWS::S3::Bucket.TopicConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Event": { + "markdownDescription": "The Amazon S3 bucket event about which to send notifications. For more information, see [Supported Event Types](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide* .", + "title": "Event", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "FirewallRuleGroupId": { - "markdownDescription": "The unique identifier of the firewall rule group.", - "title": "FirewallRuleGroupId", - "type": "string" - }, - "MutationProtection": { - "markdownDescription": "If enabled, this setting disallows modification or removal of the association, to help prevent against accidentally altering DNS firewall protections.", - "title": "MutationProtection", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the association.", - "title": "Name", - "type": "string" - }, - "Priority": { - "markdownDescription": "The setting that determines the processing order of the rule group among the rule groups that are associated with a single VPC. DNS Firewall filters VPC traffic starting from rule group with the lowest numeric priority setting.\n\nYou must specify a unique priority for each rule group that you associate with a single VPC. To make it easier to insert rule groups later, leave space between the numbers, for example, use 101, 200, and so on. You can change the priority setting for a rule group association after you create it.\n\nThe allowed values for `Priority` are between 100 and 9900 (excluding 100 and 9900).", - "title": "Priority", - "type": "number" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of the tag keys and values that you want to associate with the rule group.", - "title": "Tags", - "type": "array" - }, - "VpcId": { - "markdownDescription": "The unique identifier of the VPC that is associated with the rule group.", - "title": "VpcId", - "type": "string" - } - }, - "required": [ - "FirewallRuleGroupId", - "Priority", - "VpcId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Route53Resolver::FirewallRuleGroupAssociation" - ], - "type": "string" + "Filter": { + "$ref": "#/definitions/AWS::S3::Bucket.NotificationFilter", + "markdownDescription": "The filtering rules that determine for which objects to send notifications. For example, you can create a filter so that Amazon S3 sends notifications only when image files with a `.jpg` extension are added to the bucket.", + "title": "Filter" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Topic": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to which Amazon S3 publishes a message when it detects events of the specified type.", + "title": "Topic", "type": "string" } }, "required": [ - "Type", - "Properties" + "Event", + "Topic" ], "type": "object" }, - "AWS::Route53Resolver::OutpostResolver": { + "AWS::S3::Bucket.Transition": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "StorageClass": { + "markdownDescription": "The storage class to which you want the object to transition.", + "title": "StorageClass", "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "InstanceCount": { - "markdownDescription": "Amazon EC2 instance count for the Resolver on the Outpost.", - "title": "InstanceCount", - "type": "number" - }, - "Name": { - "markdownDescription": "Name of the Resolver.", - "title": "Name", - "type": "string" - }, - "OutpostArn": { - "markdownDescription": "The ARN (Amazon Resource Name) for the Outpost.", - "title": "OutpostArn", - "type": "string" - }, - "PreferredInstanceType": { - "markdownDescription": "The Amazon EC2 instance type. If you specify this, you must also specify a value for the `OutpostArn` .", - "title": "PreferredInstanceType", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A key value pair that helps you identify a Route\u00a053 Resolver .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Name", - "OutpostArn", - "PreferredInstanceType" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Route53Resolver::OutpostResolver" - ], + }, + "TransitionDate": { + "markdownDescription": "Indicates when objects are transitioned to the specified storage class. The date value must be in ISO 8601 format. The time is always midnight UTC.", + "title": "TransitionDate", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TransitionInDays": { + "markdownDescription": "Indicates the number of days after creation when objects are transitioned to the specified storage class. If the specified storage class is `INTELLIGENT_TIERING` , `GLACIER_IR` , `GLACIER` , or `DEEP_ARCHIVE` , valid values are `0` or positive integers. If the specified storage class is `STANDARD_IA` or `ONEZONE_IA` , valid values are positive integers greater than `30` . Be aware that some storage classes have a minimum storage duration and that you're charged for transitioning objects before their minimum storage duration. For more information, see [Constraints and considerations for transitions](https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-transition-general-considerations.html#lifecycle-configuration-constraints) in the *Amazon S3 User Guide* .", + "title": "TransitionInDays", + "type": "number" + } + }, + "required": [ + "StorageClass" + ], + "type": "object" + }, + "AWS::S3::Bucket.VersioningConfiguration": { + "additionalProperties": false, + "properties": { + "Status": { + "markdownDescription": "The versioning state of the bucket.", + "title": "Status", "type": "string" } }, "required": [ - "Type", - "Properties" + "Status" ], "type": "object" }, - "AWS::Route53Resolver::ResolverConfig": { + "AWS::S3::Bucket.WebsiteConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "ErrorDocument": { + "markdownDescription": "The name of the error document for the website.", + "title": "ErrorDocument", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "IndexDocument": { + "markdownDescription": "The name of the index document for the website.", + "title": "IndexDocument", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "RedirectAllRequestsTo": { + "$ref": "#/definitions/AWS::S3::Bucket.RedirectAllRequestsTo", + "markdownDescription": "The redirect behavior for every request to this bucket's website endpoint.\n\n> If you specify this property, you can't specify any other property.", + "title": "RedirectAllRequestsTo" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AutodefinedReverseFlag": { - "markdownDescription": "Represents the desired status of `AutodefinedReverse` . The only supported value on creation is `DISABLE` . Deletion of this resource will return `AutodefinedReverse` to its default value of `ENABLED` .", - "title": "AutodefinedReverseFlag", - "type": "string" - }, - "ResourceId": { - "markdownDescription": "The ID of the Amazon Virtual Private Cloud VPC or a Route 53 Profile that you're configuring Resolver for.", - "title": "ResourceId", - "type": "string" - } + "RoutingRules": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.RoutingRule" }, - "required": [ - "AutodefinedReverseFlag", - "ResourceId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Route53Resolver::ResolverConfig" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "markdownDescription": "Rules that define when a redirect is applied and the redirect behavior.", + "title": "RoutingRules", + "type": "array" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Route53Resolver::ResolverDNSSECConfig": { + "AWS::S3::BucketPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -234322,17 +279886,26 @@ "Properties": { "additionalProperties": false, "properties": { - "ResourceId": { - "markdownDescription": "The ID of the virtual private cloud (VPC) that you're configuring the DNSSEC validation status for.", - "title": "ResourceId", + "Bucket": { + "markdownDescription": "The name of the Amazon S3 bucket to which the policy applies.", + "title": "Bucket", "type": "string" + }, + "PolicyDocument": { + "markdownDescription": "A policy document containing permissions to add to the specified bucket. In IAM, you must provide policy documents in JSON format. However, in CloudFormation you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to IAM. For more information, see the AWS::IAM::Policy [PolicyDocument](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html#cfn-iam-policy-policydocument) resource description in this guide and [Access Policy Language Overview](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-policy-language-overview.html) in the *Amazon S3 User Guide* .", + "title": "PolicyDocument", + "type": "object" } }, + "required": [ + "Bucket", + "PolicyDocument" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Route53Resolver::ResolverDNSSECConfig" + "AWS::S3::BucketPolicy" ], "type": "string" }, @@ -234346,11 +279919,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Route53Resolver::ResolverEndpoint": { + "AWS::S3::MultiRegionAccessPoint": { "additionalProperties": false, "properties": { "Condition": { @@ -234385,74 +279959,33 @@ "Properties": { "additionalProperties": false, "properties": { - "Direction": { - "markdownDescription": "Indicates whether the Resolver endpoint allows inbound or outbound DNS queries:\n\n- `INBOUND` : allows DNS queries to your VPC from your network\n- `OUTBOUND` : allows DNS queries from your VPC to your network", - "title": "Direction", - "type": "string" - }, - "IpAddresses": { - "items": { - "$ref": "#/definitions/AWS::Route53Resolver::ResolverEndpoint.IpAddressRequest" - }, - "markdownDescription": "The subnets and IP addresses in your VPC that DNS queries originate from (for outbound endpoints) or that you forward DNS queries to (for inbound endpoints). The subnet ID uniquely identifies a VPC.\n\n> Even though the minimum is 1, Route\u00a053 requires that you create at least two.", - "title": "IpAddresses", - "type": "array" - }, "Name": { - "markdownDescription": "A friendly name that lets you easily find a configuration in the Resolver dashboard in the Route 53 console.", + "markdownDescription": "The name of the Multi-Region Access Point.", "title": "Name", "type": "string" }, - "OutpostArn": { - "markdownDescription": "The ARN (Amazon Resource Name) for the Outpost.", - "title": "OutpostArn", - "type": "string" - }, - "PreferredInstanceType": { - "markdownDescription": "The Amazon EC2 instance type.", - "title": "PreferredInstanceType", - "type": "string" - }, - "Protocols": { - "items": { - "type": "string" - }, - "markdownDescription": "Protocols used for the endpoint. DoH-FIPS is applicable for inbound endpoints only.\n\nFor an inbound endpoint you can apply the protocols as follows:\n\n- Do53 and DoH in combination.\n- Do53 and DoH-FIPS in combination.\n- Do53 alone.\n- DoH alone.\n- DoH-FIPS alone.\n- None, which is treated as Do53.\n\nFor an outbound endpoint you can apply the protocols as follows:\n\n- Do53 and DoH in combination.\n- Do53 alone.\n- DoH alone.\n- None, which is treated as Do53.", - "title": "Protocols", - "type": "array" - }, - "ResolverEndpointType": { - "markdownDescription": "The Resolver endpoint IP address type.", - "title": "ResolverEndpointType", - "type": "string" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The ID of one or more security groups that control access to this VPC. The security group must include one or more inbound rules (for inbound endpoints) or outbound rules (for outbound endpoints). Inbound and outbound rules must allow TCP and UDP access. For inbound access, open port 53. For outbound access, open the port that you're using for DNS queries on your network.", - "title": "SecurityGroupIds", - "type": "array" + "PublicAccessBlockConfiguration": { + "$ref": "#/definitions/AWS::S3::MultiRegionAccessPoint.PublicAccessBlockConfiguration", + "markdownDescription": "The PublicAccessBlock configuration that you want to apply to this Multi-Region Access Point. You can enable the configuration options in any combination. For more information about when Amazon S3 considers an object public, see [The Meaning of \"Public\"](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status) in the *Amazon S3 User Guide* .", + "title": "PublicAccessBlockConfiguration" }, - "Tags": { + "Regions": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::S3::MultiRegionAccessPoint.Region" }, - "markdownDescription": "Route 53 Resolver doesn't support updating tags through CloudFormation.", - "title": "Tags", + "markdownDescription": "A collection of the Regions and buckets associated with the Multi-Region Access Point.", + "title": "Regions", "type": "array" } }, "required": [ - "Direction", - "IpAddresses", - "SecurityGroupIds" + "Regions" ], "type": "object" }, "Type": { "enum": [ - "AWS::Route53Resolver::ResolverEndpoint" + "AWS::S3::MultiRegionAccessPoint" ], "type": "string" }, @@ -234471,31 +280004,52 @@ ], "type": "object" }, - "AWS::Route53Resolver::ResolverEndpoint.IpAddressRequest": { + "AWS::S3::MultiRegionAccessPoint.PublicAccessBlockConfiguration": { "additionalProperties": false, "properties": { - "Ip": { - "markdownDescription": "The IPv4 address that you want to use for DNS queries.", - "title": "Ip", - "type": "string" + "BlockPublicAcls": { + "markdownDescription": "Specifies whether Amazon S3 should block public access control lists (ACLs) for this bucket and objects in this bucket. Setting this element to `TRUE` causes the following behavior:\n\n- PUT Bucket ACL and PUT Object ACL calls fail if the specified ACL is public.\n- PUT Object calls fail if the request includes a public ACL.\n- PUT Bucket calls fail if the request includes a public ACL.\n\nEnabling this setting doesn't affect existing policies or ACLs.", + "title": "BlockPublicAcls", + "type": "boolean" }, - "Ipv6": { - "markdownDescription": "The IPv6 address that you want to use for DNS queries.", - "title": "Ipv6", + "BlockPublicPolicy": { + "markdownDescription": "Specifies whether Amazon S3 should block public bucket policies for this bucket. Setting this element to `TRUE` causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.\n\nEnabling this setting doesn't affect existing bucket policies.", + "title": "BlockPublicPolicy", + "type": "boolean" + }, + "IgnorePublicAcls": { + "markdownDescription": "Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects in this bucket. Setting this element to `TRUE` causes Amazon S3 to ignore all public ACLs on this bucket and objects in this bucket.\n\nEnabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.", + "title": "IgnorePublicAcls", + "type": "boolean" + }, + "RestrictPublicBuckets": { + "markdownDescription": "Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to `TRUE` restricts access to this bucket to only AWS service principals and authorized users within this account if the bucket has a public policy.\n\nEnabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.", + "title": "RestrictPublicBuckets", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::S3::MultiRegionAccessPoint.Region": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The name of the associated bucket for the Region.", + "title": "Bucket", "type": "string" }, - "SubnetId": { - "markdownDescription": "The ID of the subnet that contains the IP address.", - "title": "SubnetId", + "BucketAccountId": { + "markdownDescription": "The AWS account ID that owns the Amazon S3 bucket that's associated with this Multi-Region Access Point.", + "title": "BucketAccountId", "type": "string" } }, "required": [ - "SubnetId" + "Bucket" ], "type": "object" }, - "AWS::Route53Resolver::ResolverQueryLoggingConfig": { + "AWS::S3::MultiRegionAccessPointPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -234530,22 +280084,26 @@ "Properties": { "additionalProperties": false, "properties": { - "DestinationArn": { - "markdownDescription": "The ARN of the resource that you want Resolver to send query logs: an Amazon S3 bucket, a CloudWatch Logs log group, or a Kinesis Data Firehose delivery stream.", - "title": "DestinationArn", + "MrapName": { + "markdownDescription": "The name of the Multi-Region Access Point.", + "title": "MrapName", "type": "string" }, - "Name": { - "markdownDescription": "The name of the query logging configuration.", - "title": "Name", - "type": "string" + "Policy": { + "markdownDescription": "The access policy associated with the Multi-Region Access Point.", + "title": "Policy", + "type": "object" } }, + "required": [ + "MrapName", + "Policy" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Route53Resolver::ResolverQueryLoggingConfig" + "AWS::S3::MultiRegionAccessPointPolicy" ], "type": "string" }, @@ -234559,79 +280117,26 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation": { + "AWS::S3::MultiRegionAccessPointPolicy.PolicyStatus": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ResolverQueryLogConfigId": { - "markdownDescription": "The ID of the query logging configuration that a VPC is associated with.", - "title": "ResolverQueryLogConfigId", - "type": "string" - }, - "ResourceId": { - "markdownDescription": "The ID of the Amazon VPC that is associated with the query logging configuration.", - "title": "ResourceId", - "type": "string" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "IsPublic": { + "markdownDescription": "The policy status for this bucket. `TRUE` indicates that this bucket is public. `FALSE` indicates that the bucket is not public.", + "title": "IsPublic", "type": "string" } }, "required": [ - "Type" + "IsPublic" ], "type": "object" }, - "AWS::Route53Resolver::ResolverRule": { + "AWS::S3::StorageLens": { "additionalProperties": false, "properties": { "Condition": { @@ -234666,52 +280171,28 @@ "Properties": { "additionalProperties": false, "properties": { - "DomainName": { - "markdownDescription": "DNS queries for this domain name are forwarded to the IP addresses that are specified in `TargetIps` . If a query matches multiple Resolver rules (example.com and www.example.com), the query is routed using the Resolver rule that contains the most specific domain name (www.example.com).", - "title": "DomainName", - "type": "string" - }, - "Name": { - "markdownDescription": "The name for the Resolver rule, which you specified when you created the Resolver rule.", - "title": "Name", - "type": "string" - }, - "ResolverEndpointId": { - "markdownDescription": "The ID of the endpoint that the rule is associated with.", - "title": "ResolverEndpointId", - "type": "string" - }, - "RuleType": { - "markdownDescription": "When you want to forward DNS queries for specified domain name to resolvers on your network, specify `FORWARD` .\n\nWhen you have a forwarding rule to forward DNS queries for a domain to your network and you want Resolver to process queries for a subdomain of that domain, specify `SYSTEM` .\n\nFor example, to forward DNS queries for example.com to resolvers on your network, you create a rule and specify `FORWARD` for `RuleType` . To then have Resolver process queries for apex.example.com, you create a rule and specify `SYSTEM` for `RuleType` .\n\nCurrently, only Resolver can create rules that have a value of `RECURSIVE` for `RuleType` .", - "title": "RuleType", - "type": "string" + "StorageLensConfiguration": { + "$ref": "#/definitions/AWS::S3::StorageLens.StorageLensConfiguration", + "markdownDescription": "This resource contains the details Amazon S3 Storage Lens configuration.", + "title": "StorageLensConfiguration" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Tags help organize and categorize your Resolver rules. Each tag consists of a key and an optional value, both of which you define.", + "markdownDescription": "A set of tags (key\u2013value pairs) to associate with the Storage Lens configuration.", "title": "Tags", "type": "array" - }, - "TargetIps": { - "items": { - "$ref": "#/definitions/AWS::Route53Resolver::ResolverRule.TargetAddress" - }, - "markdownDescription": "An array that contains the IP addresses and ports that an outbound endpoint forwards DNS queries to. Typically, these are the IP addresses of DNS resolvers on your network.", - "title": "TargetIps", - "type": "array" } }, "required": [ - "DomainName", - "RuleType" + "StorageLensConfiguration" ], "type": "object" }, "Type": { "enum": [ - "AWS::Route53Resolver::ResolverRule" + "AWS::S3::StorageLens" ], "type": "string" }, @@ -234730,247 +280211,394 @@ ], "type": "object" }, - "AWS::Route53Resolver::ResolverRule.TargetAddress": { + "AWS::S3::StorageLens.AccountLevel": { "additionalProperties": false, "properties": { - "Ip": { - "markdownDescription": "One IPv4 address that you want to forward DNS queries to.", - "title": "Ip", - "type": "string" + "ActivityMetrics": { + "$ref": "#/definitions/AWS::S3::StorageLens.ActivityMetrics", + "markdownDescription": "This property contains the details of account-level activity metrics for S3 Storage Lens.", + "title": "ActivityMetrics" }, - "Ipv6": { - "markdownDescription": "One IPv6 address that you want to forward DNS queries to.", - "title": "Ipv6", - "type": "string" + "AdvancedCostOptimizationMetrics": { + "$ref": "#/definitions/AWS::S3::StorageLens.AdvancedCostOptimizationMetrics", + "markdownDescription": "This property contains the details of account-level advanced cost optimization metrics for S3 Storage Lens.", + "title": "AdvancedCostOptimizationMetrics" }, - "Port": { - "markdownDescription": "The port at `Ip` that you want to forward DNS queries to.", - "title": "Port", - "type": "string" + "AdvancedDataProtectionMetrics": { + "$ref": "#/definitions/AWS::S3::StorageLens.AdvancedDataProtectionMetrics", + "markdownDescription": "This property contains the details of account-level advanced data protection metrics for S3 Storage Lens.", + "title": "AdvancedDataProtectionMetrics" }, - "Protocol": { - "markdownDescription": "The protocols for the target address. The protocol you choose needs to be supported by the outbound endpoint of the Resolver rule.", - "title": "Protocol", - "type": "string" + "BucketLevel": { + "$ref": "#/definitions/AWS::S3::StorageLens.BucketLevel", + "markdownDescription": "This property contains the details of the account-level bucket-level configurations for Amazon S3 Storage Lens. To enable bucket-level configurations, make sure to also set the same metrics at the account level.", + "title": "BucketLevel" + }, + "DetailedStatusCodesMetrics": { + "$ref": "#/definitions/AWS::S3::StorageLens.DetailedStatusCodesMetrics", + "markdownDescription": "This property contains the details of account-level detailed status code metrics for S3 Storage Lens.", + "title": "DetailedStatusCodesMetrics" + }, + "StorageLensGroupLevel": { + "$ref": "#/definitions/AWS::S3::StorageLens.StorageLensGroupLevel", + "markdownDescription": "This property determines the scope of Storage Lens group data that is displayed in the Storage Lens dashboard.", + "title": "StorageLensGroupLevel" } }, + "required": [ + "BucketLevel" + ], "type": "object" }, - "AWS::Route53Resolver::ResolverRuleAssociation": { + "AWS::S3::StorageLens.ActivityMetrics": { "additionalProperties": false, "properties": { - "Condition": { + "IsEnabled": { + "markdownDescription": "A property that indicates whether the activity metrics is enabled.", + "title": "IsEnabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::S3::StorageLens.AdvancedCostOptimizationMetrics": { + "additionalProperties": false, + "properties": { + "IsEnabled": { + "markdownDescription": "Indicates whether advanced cost optimization metrics are enabled.", + "title": "IsEnabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::S3::StorageLens.AdvancedDataProtectionMetrics": { + "additionalProperties": false, + "properties": { + "IsEnabled": { + "markdownDescription": "Indicates whether advanced data protection metrics are enabled.", + "title": "IsEnabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::S3::StorageLens.AwsOrg": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "This resource contains the ARN of the AWS Organization.", + "title": "Arn", "type": "string" + } + }, + "required": [ + "Arn" + ], + "type": "object" + }, + "AWS::S3::StorageLens.BucketLevel": { + "additionalProperties": false, + "properties": { + "ActivityMetrics": { + "$ref": "#/definitions/AWS::S3::StorageLens.ActivityMetrics", + "markdownDescription": "A property for bucket-level activity metrics for S3 Storage Lens.", + "title": "ActivityMetrics" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "AdvancedCostOptimizationMetrics": { + "$ref": "#/definitions/AWS::S3::StorageLens.AdvancedCostOptimizationMetrics", + "markdownDescription": "A property for bucket-level advanced cost optimization metrics for S3 Storage Lens.", + "title": "AdvancedCostOptimizationMetrics" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "AdvancedDataProtectionMetrics": { + "$ref": "#/definitions/AWS::S3::StorageLens.AdvancedDataProtectionMetrics", + "markdownDescription": "A property for bucket-level advanced data protection metrics for S3 Storage Lens.", + "title": "AdvancedDataProtectionMetrics" }, - "Metadata": { - "type": "object" + "DetailedStatusCodesMetrics": { + "$ref": "#/definitions/AWS::S3::StorageLens.DetailedStatusCodesMetrics", + "markdownDescription": "A property for bucket-level detailed status code metrics for S3 Storage Lens.", + "title": "DetailedStatusCodesMetrics" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of an association between a Resolver rule and a VPC.", - "title": "Name", - "type": "string" - }, - "ResolverRuleId": { - "markdownDescription": "The ID of the Resolver rule that you associated with the VPC that is specified by `VPCId` .", - "title": "ResolverRuleId", - "type": "string" - }, - "VPCId": { - "markdownDescription": "The ID of the VPC that you associated the Resolver rule with.", - "title": "VPCId", - "type": "string" - } + "PrefixLevel": { + "$ref": "#/definitions/AWS::S3::StorageLens.PrefixLevel", + "markdownDescription": "A property for bucket-level prefix-level storage metrics for S3 Storage Lens.", + "title": "PrefixLevel" + } + }, + "type": "object" + }, + "AWS::S3::StorageLens.BucketsAndRegions": { + "additionalProperties": false, + "properties": { + "Buckets": { + "items": { + "type": "string" }, - "required": [ - "ResolverRuleId", - "VPCId" - ], - "type": "object" + "markdownDescription": "This property contains the details of the buckets for the Amazon S3 Storage Lens configuration. This should be the bucket Amazon Resource Name(ARN). For valid values, see [Buckets ARN format here](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_Include.html#API_control_Include_Contents) in the *Amazon S3 API Reference* .", + "title": "Buckets", + "type": "array" }, - "Type": { - "enum": [ - "AWS::Route53Resolver::ResolverRuleAssociation" - ], - "type": "string" + "Regions": { + "items": { + "type": "string" + }, + "markdownDescription": "This property contains the details of the Regions for the S3 Storage Lens configuration.", + "title": "Regions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::S3::StorageLens.CloudWatchMetrics": { + "additionalProperties": false, + "properties": { + "IsEnabled": { + "markdownDescription": "This property identifies whether the CloudWatch publishing option for S3 Storage Lens is enabled.", + "title": "IsEnabled", + "type": "boolean" + } + }, + "required": [ + "IsEnabled" + ], + "type": "object" + }, + "AWS::S3::StorageLens.DataExport": { + "additionalProperties": false, + "properties": { + "CloudWatchMetrics": { + "$ref": "#/definitions/AWS::S3::StorageLens.CloudWatchMetrics", + "markdownDescription": "This property enables the Amazon CloudWatch publishing option for S3 Storage Lens metrics.", + "title": "CloudWatchMetrics" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "S3BucketDestination": { + "$ref": "#/definitions/AWS::S3::StorageLens.S3BucketDestination", + "markdownDescription": "This property contains the details of the bucket where the S3 Storage Lens metrics export will be placed.", + "title": "S3BucketDestination" + } + }, + "type": "object" + }, + "AWS::S3::StorageLens.DetailedStatusCodesMetrics": { + "additionalProperties": false, + "properties": { + "IsEnabled": { + "markdownDescription": "Indicates whether detailed status code metrics are enabled.", + "title": "IsEnabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::S3::StorageLens.Encryption": { + "additionalProperties": false, + "properties": { + "SSEKMS": { + "$ref": "#/definitions/AWS::S3::StorageLens.SSEKMS", + "markdownDescription": "Specifies the use of AWS Key Management Service keys (SSE-KMS) to encrypt the S3 Storage Lens metrics export file.", + "title": "SSEKMS" + }, + "SSES3": { + "markdownDescription": "Specifies the use of an Amazon S3-managed key (SSE-S3) to encrypt the S3 Storage Lens metrics export file.", + "title": "SSES3", + "type": "object" + } + }, + "type": "object" + }, + "AWS::S3::StorageLens.PrefixLevel": { + "additionalProperties": false, + "properties": { + "StorageMetrics": { + "$ref": "#/definitions/AWS::S3::StorageLens.PrefixLevelStorageMetrics", + "markdownDescription": "A property for the prefix-level storage metrics for Amazon S3 Storage Lens.", + "title": "StorageMetrics" } }, "required": [ - "Type", - "Properties" + "StorageMetrics" ], "type": "object" }, - "AWS::S3::AccessGrant": { + "AWS::S3::StorageLens.PrefixLevelStorageMetrics": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "IsEnabled": { + "markdownDescription": "This property identifies whether the details of the prefix-level storage metrics for S3 Storage Lens are enabled.", + "title": "IsEnabled", + "type": "boolean" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SelectionCriteria": { + "$ref": "#/definitions/AWS::S3::StorageLens.SelectionCriteria", + "markdownDescription": "This property identifies whether the details of the prefix-level storage metrics for S3 Storage Lens are enabled.", + "title": "SelectionCriteria" + } + }, + "type": "object" + }, + "AWS::S3::StorageLens.S3BucketDestination": { + "additionalProperties": false, + "properties": { + "AccountId": { + "markdownDescription": "This property contains the details of the AWS account ID of the S3 Storage Lens export bucket destination.", + "title": "AccountId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Arn": { + "markdownDescription": "This property contains the details of the ARN of the bucket destination of the S3 Storage Lens export.", + "title": "Arn", + "type": "string" }, - "Metadata": { - "type": "object" + "Encryption": { + "$ref": "#/definitions/AWS::S3::StorageLens.Encryption", + "markdownDescription": "This property contains the details of the encryption of the bucket destination of the Amazon S3 Storage Lens metrics export.", + "title": "Encryption" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AccessGrantsLocationConfiguration": { - "$ref": "#/definitions/AWS::S3::AccessGrant.AccessGrantsLocationConfiguration", - "markdownDescription": "The configuration options of the grant location. The grant location is the S3 path to the data to which you are granting access. It contains the `S3SubPrefix` field. The grant scope is the result of appending the subprefix to the location scope of the registered location.", - "title": "AccessGrantsLocationConfiguration" - }, - "AccessGrantsLocationId": { - "markdownDescription": "The ID of the registered location to which you are granting access. S3 Access Grants assigns this ID when you register the location. S3 Access Grants assigns the ID `default` to the default location `s3://` and assigns an auto-generated ID to other locations that you register.", - "title": "AccessGrantsLocationId", - "type": "string" - }, - "ApplicationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS IAM Identity Center application associated with your Identity Center instance. If the grant includes an application ARN, the grantee can only access the S3 data through this application.", - "title": "ApplicationArn", - "type": "string" - }, - "Grantee": { - "$ref": "#/definitions/AWS::S3::AccessGrant.Grantee", - "markdownDescription": "The user, group, or role to which you are granting access. You can grant access to an IAM user or role. If you have added your corporate directory to AWS IAM Identity Center and associated your Identity Center instance with your S3 Access Grants instance, the grantee can also be a corporate directory user or group.", - "title": "Grantee" - }, - "Permission": { - "markdownDescription": "The type of access that you are granting to your S3 data, which can be set to one of the following values:\n\n- `READ` \u2013 Grant read-only access to the S3 data.\n- `WRITE` \u2013 Grant write-only access to the S3 data.\n- `READWRITE` \u2013 Grant both read and write access to the S3 data.", - "title": "Permission", - "type": "string" - }, - "S3PrefixType": { - "markdownDescription": "The type of `S3SubPrefix` . The only possible value is `Object` . Pass this value if the access grant scope is an object. Do not pass this value if the access grant scope is a bucket or a bucket and a prefix.", - "title": "S3PrefixType", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The AWS resource tags that you are adding to the access grant. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "AccessGrantsLocationId", - "Grantee", - "Permission" - ], - "type": "object" + "Format": { + "markdownDescription": "This property contains the details of the format of the S3 Storage Lens export bucket destination.", + "title": "Format", + "type": "string" }, - "Type": { - "enum": [ - "AWS::S3::AccessGrant" - ], + "OutputSchemaVersion": { + "markdownDescription": "This property contains the details of the output schema version of the S3 Storage Lens export bucket destination.", + "title": "OutputSchemaVersion", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Prefix": { + "markdownDescription": "This property contains the details of the prefix of the bucket destination of the S3 Storage Lens export .", + "title": "Prefix", "type": "string" } }, "required": [ - "Type", - "Properties" + "AccountId", + "Arn", + "Format", + "OutputSchemaVersion" ], "type": "object" }, - "AWS::S3::AccessGrant.AccessGrantsLocationConfiguration": { + "AWS::S3::StorageLens.SSEKMS": { "additionalProperties": false, "properties": { - "S3SubPrefix": { - "markdownDescription": "The `S3SubPrefix` is appended to the location scope creating the grant scope. Use this field to narrow the scope of the grant to a subset of the location scope. This field is required if the location scope is the default location `s3://` because you cannot create a grant for all of your S3 data in the Region and must narrow the scope. For example, if the location scope is the default location `s3://` , the `S3SubPrefx` can be a `/*` , so the full grant scope path would be `s3:///*` . Or the `S3SubPrefx` can be `/*` , so the full grant scope path would be `s3:///*` .\n\nIf the `S3SubPrefix` includes a prefix, append the wildcard character `*` after the prefix to indicate that you want to include all object key names in the bucket that start with that prefix.", - "title": "S3SubPrefix", + "KeyId": { + "markdownDescription": "Specifies the Amazon Resource Name (ARN) of the customer managed AWS KMS key to use for encrypting the S3 Storage Lens metrics export file. Amazon S3 only supports symmetric encryption keys. For more information, see [Special-purpose keys](https://docs.aws.amazon.com/kms/latest/developerguide/key-types.html) in the *AWS Key Management Service Developer Guide* .", + "title": "KeyId", "type": "string" } }, "required": [ - "S3SubPrefix" + "KeyId" ], "type": "object" }, - "AWS::S3::AccessGrant.Grantee": { + "AWS::S3::StorageLens.SelectionCriteria": { "additionalProperties": false, "properties": { - "GranteeIdentifier": { - "markdownDescription": "The unique identifier of the `Grantee` . If the grantee type is `IAM` , the identifier is the IAM Amazon Resource Name (ARN) of the user or role. If the grantee type is a directory user or group, the identifier is 128-bit universally unique identifier (UUID) in the format `a1b2c3d4-5678-90ab-cdef-EXAMPLE11111` . You can obtain this UUID from your AWS IAM Identity Center instance.", - "title": "GranteeIdentifier", + "Delimiter": { + "markdownDescription": "This property contains the details of the S3 Storage Lens delimiter being used.", + "title": "Delimiter", "type": "string" }, - "GranteeType": { - "markdownDescription": "The type of the grantee to which access has been granted. It can be one of the following values:\n\n- `IAM` - An IAM user or role.\n- `DIRECTORY_USER` - Your corporate directory user. You can use this option if you have added your corporate identity directory to IAM Identity Center and associated the IAM Identity Center instance with your S3 Access Grants instance.\n- `DIRECTORY_GROUP` - Your corporate directory group. You can use this option if you have added your corporate identity directory to IAM Identity Center and associated the IAM Identity Center instance with your S3 Access Grants instance.", - "title": "GranteeType", + "MaxDepth": { + "markdownDescription": "This property contains the details of the max depth that S3 Storage Lens will collect metrics up to.", + "title": "MaxDepth", + "type": "number" + }, + "MinStorageBytesPercentage": { + "markdownDescription": "This property contains the details of the minimum storage bytes percentage threshold that S3 Storage Lens will collect metrics up to.", + "title": "MinStorageBytesPercentage", + "type": "number" + } + }, + "type": "object" + }, + "AWS::S3::StorageLens.StorageLensConfiguration": { + "additionalProperties": false, + "properties": { + "AccountLevel": { + "$ref": "#/definitions/AWS::S3::StorageLens.AccountLevel", + "markdownDescription": "This property contains the details of the account-level metrics for Amazon S3 Storage Lens configuration.", + "title": "AccountLevel" + }, + "AwsOrg": { + "$ref": "#/definitions/AWS::S3::StorageLens.AwsOrg", + "markdownDescription": "This property contains the details of the AWS Organization for the S3 Storage Lens configuration.", + "title": "AwsOrg" + }, + "DataExport": { + "$ref": "#/definitions/AWS::S3::StorageLens.DataExport", + "markdownDescription": "This property contains the details of this S3 Storage Lens configuration's metrics export.", + "title": "DataExport" + }, + "Exclude": { + "$ref": "#/definitions/AWS::S3::StorageLens.BucketsAndRegions", + "markdownDescription": "This property contains the details of the bucket and or Regions excluded for Amazon S3 Storage Lens configuration.", + "title": "Exclude" + }, + "Id": { + "markdownDescription": "This property contains the details of the ID of the S3 Storage Lens configuration.", + "title": "Id", + "type": "string" + }, + "Include": { + "$ref": "#/definitions/AWS::S3::StorageLens.BucketsAndRegions", + "markdownDescription": "This property contains the details of the bucket and or Regions included for Amazon S3 Storage Lens configuration.", + "title": "Include" + }, + "IsEnabled": { + "markdownDescription": "This property contains the details of whether the Amazon S3 Storage Lens configuration is enabled.", + "title": "IsEnabled", + "type": "boolean" + }, + "StorageLensArn": { + "markdownDescription": "This property contains the details of the ARN of the S3 Storage Lens configuration. This property is read-only.", + "title": "StorageLensArn", "type": "string" } }, "required": [ - "GranteeIdentifier", - "GranteeType" + "AccountLevel", + "Id", + "IsEnabled" ], "type": "object" }, - "AWS::S3::AccessGrantsInstance": { + "AWS::S3::StorageLens.StorageLensGroupLevel": { + "additionalProperties": false, + "properties": { + "StorageLensGroupSelectionCriteria": { + "$ref": "#/definitions/AWS::S3::StorageLens.StorageLensGroupSelectionCriteria", + "markdownDescription": "This property indicates which Storage Lens group ARNs to include or exclude in the Storage Lens group aggregation. If this value is left null, then all Storage Lens groups are selected.", + "title": "StorageLensGroupSelectionCriteria" + } + }, + "type": "object" + }, + "AWS::S3::StorageLens.StorageLensGroupSelectionCriteria": { + "additionalProperties": false, + "properties": { + "Exclude": { + "items": { + "type": "string" + }, + "markdownDescription": "This property indicates which Storage Lens group ARNs to exclude from the Storage Lens group aggregation.", + "title": "Exclude", + "type": "array" + }, + "Include": { + "items": { + "type": "string" + }, + "markdownDescription": "This property indicates which Storage Lens group ARNs to include in the Storage Lens group aggregation.", + "title": "Include", + "type": "array" + } + }, + "type": "object" + }, + "AWS::S3::StorageLensGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -235005,25 +280633,34 @@ "Properties": { "additionalProperties": false, "properties": { - "IdentityCenterArn": { - "markdownDescription": "If you would like to associate your S3 Access Grants instance with an AWS IAM Identity Center instance, use this field to pass the Amazon Resource Name (ARN) of the AWS IAM Identity Center instance that you are associating with your S3 Access Grants instance. An IAM Identity Center instance is your corporate identity directory that you added to the IAM Identity Center.", - "title": "IdentityCenterArn", + "Filter": { + "$ref": "#/definitions/AWS::S3::StorageLensGroup.Filter", + "markdownDescription": "This property contains the criteria for the Storage Lens group data that is displayed", + "title": "Filter" + }, + "Name": { + "markdownDescription": "This property contains the Storage Lens group name.", + "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The AWS resource tags that you are adding to the S3 Access Grants instance. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.", + "markdownDescription": "This property contains the AWS resource tags that you're adding to your Storage Lens group. This parameter is optional.", "title": "Tags", "type": "array" } }, + "required": [ + "Filter", + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::S3::AccessGrantsInstance" + "AWS::S3::StorageLensGroup" ], "type": "string" }, @@ -235037,87 +280674,174 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::S3::AccessGrantsLocation": { + "AWS::S3::StorageLensGroup.And": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "MatchAnyPrefix": { + "items": { + "type": "string" + }, + "markdownDescription": "This property contains a list of prefixes. At least one prefix must be specified. Up to 10 prefixes are allowed.", + "title": "MatchAnyPrefix", + "type": "array" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "MatchAnySuffix": { + "items": { + "type": "string" + }, + "markdownDescription": "This property contains a list of suffixes. At least one suffix must be specified. Up to 10 suffixes are allowed.", + "title": "MatchAnySuffix", + "type": "array" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "MatchAnyTag": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "This property contains the list of object tags. At least one object tag must be specified. Up to 10 object tags are allowed.", + "title": "MatchAnyTag", + "type": "array" + }, + "MatchObjectAge": { + "$ref": "#/definitions/AWS::S3::StorageLensGroup.MatchObjectAge", + "markdownDescription": "This property contains `DaysGreaterThan` and `DaysLessThan` properties to define the object age range (minimum and maximum number of days).", + "title": "MatchObjectAge" + }, + "MatchObjectSize": { + "$ref": "#/definitions/AWS::S3::StorageLensGroup.MatchObjectSize", + "markdownDescription": "This property contains `BytesGreaterThan` and `BytesLessThan` to define the object size range (minimum and maximum number of Bytes).", + "title": "MatchObjectSize" + } + }, + "type": "object" + }, + "AWS::S3::StorageLensGroup.Filter": { + "additionalProperties": false, + "properties": { + "And": { + "$ref": "#/definitions/AWS::S3::StorageLensGroup.And", + "markdownDescription": "This property contains the `And` logical operator, which allows multiple filter conditions to be joined for more complex comparisons of Storage Lens group data. Objects must match all of the listed filter conditions that are joined by the `And` logical operator. Only one of each filter condition is allowed.", + "title": "And" + }, + "MatchAnyPrefix": { + "items": { + "type": "string" + }, + "markdownDescription": "This property contains a list of prefixes. At least one prefix must be specified. Up to 10 prefixes are allowed.", + "title": "MatchAnyPrefix", + "type": "array" + }, + "MatchAnySuffix": { + "items": { + "type": "string" + }, + "markdownDescription": "This property contains a list of suffixes. At least one suffix must be specified. Up to 10 suffixes are allowed.", + "title": "MatchAnySuffix", + "type": "array" + }, + "MatchAnyTag": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "This property contains the list of S3 object tags. At least one object tag must be specified. Up to 10 object tags are allowed.", + "title": "MatchAnyTag", + "type": "array" + }, + "MatchObjectAge": { + "$ref": "#/definitions/AWS::S3::StorageLensGroup.MatchObjectAge", + "markdownDescription": "This property contains `DaysGreaterThan` and `DaysLessThan` to define the object age range (minimum and maximum number of days).", + "title": "MatchObjectAge" + }, + "MatchObjectSize": { + "$ref": "#/definitions/AWS::S3::StorageLensGroup.MatchObjectSize", + "markdownDescription": "This property contains `BytesGreaterThan` and `BytesLessThan` to define the object size range (minimum and maximum number of Bytes).", + "title": "MatchObjectSize" + }, + "Or": { + "$ref": "#/definitions/AWS::S3::StorageLensGroup.Or", + "markdownDescription": "This property contains the `Or` logical operator, which allows multiple filter conditions to be joined. Objects can match any of the listed filter conditions, which are joined by the `Or` logical operator. Only one of each filter condition is allowed.", + "title": "Or" + } + }, + "type": "object" + }, + "AWS::S3::StorageLensGroup.MatchObjectAge": { + "additionalProperties": false, + "properties": { + "DaysGreaterThan": { + "markdownDescription": "This property indicates the minimum object age in days.", + "title": "DaysGreaterThan", + "type": "number" + }, + "DaysLessThan": { + "markdownDescription": "This property indicates the maximum object age in days.", + "title": "DaysLessThan", + "type": "number" + } + }, + "type": "object" + }, + "AWS::S3::StorageLensGroup.MatchObjectSize": { + "additionalProperties": false, + "properties": { + "BytesGreaterThan": { + "markdownDescription": "This property specifies the minimum object size in bytes. The value must be a positive number, greater than 0 and less than 5 TB.", + "title": "BytesGreaterThan", + "type": "number" }, - "Metadata": { - "type": "object" + "BytesLessThan": { + "markdownDescription": "This property specifies the maximum object size in bytes. The value must be a positive number, greater than the minimum object size and less than 5 TB.", + "title": "BytesLessThan", + "type": "number" + } + }, + "type": "object" + }, + "AWS::S3::StorageLensGroup.Or": { + "additionalProperties": false, + "properties": { + "MatchAnyPrefix": { + "items": { + "type": "string" + }, + "markdownDescription": "This property contains a list of prefixes. At least one prefix must be specified. Up to 10 prefixes are allowed.", + "title": "MatchAnyPrefix", + "type": "array" }, - "Properties": { - "additionalProperties": false, - "properties": { - "IamRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role for the registered location. S3 Access Grants assumes this role to manage access to the registered location.", - "title": "IamRoleArn", - "type": "string" - }, - "LocationScope": { - "markdownDescription": "The S3 URI path to the location that you are registering. The location scope can be the default S3 location `s3://` , the S3 path to a bucket, or the S3 path to a bucket and prefix. A prefix in S3 is a string of characters at the beginning of an object key name used to organize the objects that you store in your S3 buckets. For example, object key names that start with the `engineering/` prefix or object key names that start with the `marketing/campaigns/` prefix.", - "title": "LocationScope", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The AWS resource tags that you are adding to the S3 Access Grants location. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.", - "title": "Tags", - "type": "array" - } + "MatchAnySuffix": { + "items": { + "type": "string" }, - "type": "object" + "markdownDescription": "This property contains the list of suffixes. At least one suffix must be specified. Up to 10 suffixes are allowed.", + "title": "MatchAnySuffix", + "type": "array" }, - "Type": { - "enum": [ - "AWS::S3::AccessGrantsLocation" - ], - "type": "string" + "MatchAnyTag": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "This property contains the list of S3 object tags. At least one object tag must be specified. Up to 10 object tags are allowed.", + "title": "MatchAnyTag", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "MatchObjectAge": { + "$ref": "#/definitions/AWS::S3::StorageLensGroup.MatchObjectAge", + "markdownDescription": "This property filters objects that match the specified object age range.", + "title": "MatchObjectAge" + }, + "MatchObjectSize": { + "$ref": "#/definitions/AWS::S3::StorageLensGroup.MatchObjectSize", + "markdownDescription": "This property contains the `BytesGreaterThan` and `BytesLessThan` values to define the object size range (minimum and maximum number of Bytes).", + "title": "MatchObjectSize" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::S3::AccessPoint": { + "AWS::S3Express::AccessPoint": { "additionalProperties": false, "properties": { "Condition": { @@ -235153,33 +280877,38 @@ "additionalProperties": false, "properties": { "Bucket": { - "markdownDescription": "The name of the bucket associated with this access point.", + "markdownDescription": "The name of the bucket that you want to associate the access point with.", "title": "Bucket", "type": "string" }, "BucketAccountId": { - "markdownDescription": "The AWS account ID associated with the S3 bucket associated with this access point.", + "markdownDescription": "The AWS account ID that owns the bucket associated with this access point.", "title": "BucketAccountId", "type": "string" }, "Name": { - "markdownDescription": "The name of this access point. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the access point name.", + "markdownDescription": "An access point name consists of a base name you provide, followed by the zoneID ( AWS Local Zone) followed by the prefix `--xa-s3` . For example, accesspointname--zoneID--xa-s3.", "title": "Name", "type": "string" }, "Policy": { - "markdownDescription": "The access point policy associated with this access point.", + "markdownDescription": "The access point policy associated with the specified access point.", "title": "Policy", "type": "object" }, "PublicAccessBlockConfiguration": { - "$ref": "#/definitions/AWS::S3::AccessPoint.PublicAccessBlockConfiguration", - "markdownDescription": "The PublicAccessBlock configuration that you want to apply to this Amazon S3 bucket. You can enable the configuration options in any combination. For more information about when Amazon S3 considers a bucket or object public, see [The Meaning of \"Public\"](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status) in the *Amazon S3 User Guide* .", + "$ref": "#/definitions/AWS::S3Express::AccessPoint.PublicAccessBlockConfiguration", + "markdownDescription": "Public access is blocked by default to access points for directory buckets.", "title": "PublicAccessBlockConfiguration" }, + "Scope": { + "$ref": "#/definitions/AWS::S3Express::AccessPoint.Scope", + "markdownDescription": "You can use the access point scope to restrict access to specific prefixes, API operations, or a combination of both.\n\nFor more information, see [Manage the scope of your access points for directory buckets.](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-points-directory-buckets-manage-scope.html)", + "title": "Scope" + }, "VpcConfiguration": { - "$ref": "#/definitions/AWS::S3::AccessPoint.VpcConfiguration", - "markdownDescription": "The Virtual Private Cloud (VPC) configuration for this access point, if one exists.", + "$ref": "#/definitions/AWS::S3Express::AccessPoint.VpcConfiguration", + "markdownDescription": "If you include this field, Amazon S3 restricts access to this access point to requests from the specified virtual private cloud (VPC).", "title": "VpcConfiguration" } }, @@ -235190,7 +280919,7 @@ }, "Type": { "enum": [ - "AWS::S3::AccessPoint" + "AWS::S3Express::AccessPoint" ], "type": "string" }, @@ -235209,7 +280938,7 @@ ], "type": "object" }, - "AWS::S3::AccessPoint.PublicAccessBlockConfiguration": { + "AWS::S3Express::AccessPoint.PublicAccessBlockConfiguration": { "additionalProperties": false, "properties": { "BlockPublicAcls": { @@ -235235,30 +280964,45 @@ }, "type": "object" }, - "AWS::S3::AccessPoint.VpcConfiguration": { + "AWS::S3Express::AccessPoint.Scope": { + "additionalProperties": false, + "properties": { + "Permissions": { + "items": { + "type": "string" + }, + "markdownDescription": "You can include one or more API operations as permissions.", + "title": "Permissions", + "type": "array" + }, + "Prefixes": { + "items": { + "type": "string" + }, + "markdownDescription": "You can specify any amount of prefixes, but the total length of characters of all prefixes must be less than 256 bytes in size.", + "title": "Prefixes", + "type": "array" + } + }, + "type": "object" + }, + "AWS::S3Express::AccessPoint.VpcConfiguration": { "additionalProperties": false, "properties": { "VpcId": { - "markdownDescription": "If this field is specified, the access point will only allow connections from the specified VPC ID.", + "markdownDescription": "If this field is specified, this access point will only allow connections from the specified VPC ID.", "title": "VpcId", "type": "string" } }, "type": "object" }, - "AWS::S3::Bucket": { + "AWS::S3Express::BucketPolicy": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, - "Connectors": { - "additionalProperties": { - "$ref": "#/definitions/EmbeddedConnector" - }, - "title": "Connectors", - "type": "object" - }, "DeletionPolicy": { "enum": [ "Delete", @@ -235288,127 +281032,122 @@ "Properties": { "additionalProperties": false, "properties": { - "AccelerateConfiguration": { - "$ref": "#/definitions/AWS::S3::Bucket.AccelerateConfiguration", - "markdownDescription": "Configures the transfer acceleration state for an Amazon S3 bucket. For more information, see [Amazon S3 Transfer Acceleration](https://docs.aws.amazon.com/AmazonS3/latest/dev/transfer-acceleration.html) in the *Amazon S3 User Guide* .", - "title": "AccelerateConfiguration" + "Bucket": { + "markdownDescription": "The name of the S3 directory bucket to which the policy applies.", + "title": "Bucket", + "type": "string" }, - "AccessControl": { - "markdownDescription": "> This is a legacy property, and it is not recommended for most use cases. A majority of modern use cases in Amazon S3 no longer require the use of ACLs, and we recommend that you keep ACLs disabled. For more information, see [Controlling object ownership](https://docs.aws.amazon.com//AmazonS3/latest/userguide/about-object-ownership.html) in the *Amazon S3 User Guide* . \n\nA canned access control list (ACL) that grants predefined permissions to the bucket. For more information about canned ACLs, see [Canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) in the *Amazon S3 User Guide* .\n\nS3 buckets are created with ACLs disabled by default. Therefore, unless you explicitly set the [AWS::S3::OwnershipControls](https://docs.aws.amazon.com//AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-ownershipcontrols.html) property to enable ACLs, your resource will fail to deploy with any value other than Private. Use cases requiring ACLs are uncommon.\n\nThe majority of access control configurations can be successfully and more easily achieved with bucket policies. For more information, see [AWS::S3::BucketPolicy](https://docs.aws.amazon.com//AWSCloudFormation/latest/UserGuide/aws-properties-s3-policy.html) . For examples of common policy configurations, including S3 Server Access Logs buckets and more, see [Bucket policy examples](https://docs.aws.amazon.com/AmazonS3/latest/userguide/example-bucket-policies.html) in the *Amazon S3 User Guide* .", - "title": "AccessControl", + "PolicyDocument": { + "markdownDescription": "A policy document containing permissions to add to the specified bucket. In IAM, you must provide policy documents in JSON format. However, in CloudFormation you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to IAM. For more information, see the AWS::IAM::Policy [PolicyDocument](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html#cfn-iam-policy-policydocument) resource description in this guide and [Policies and Permissions in Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-policy-language-overview.html) in the *Amazon S3 User Guide* .", + "title": "PolicyDocument", + "type": "object" + } + }, + "required": [ + "Bucket", + "PolicyDocument" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::S3Express::BucketPolicy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::S3Express::DirectoryBucket": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, - "AnalyticsConfigurations": { + { "items": { - "$ref": "#/definitions/AWS::S3::Bucket.AnalyticsConfiguration" + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" }, - "markdownDescription": "Specifies the configuration and any analyses for the analytics filter of an Amazon S3 bucket.", - "title": "AnalyticsConfigurations", "type": "array" - }, + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { "BucketEncryption": { - "$ref": "#/definitions/AWS::S3::Bucket.BucketEncryption", - "markdownDescription": "Specifies default encryption for a bucket using server-side encryption with Amazon S3-managed keys (SSE-S3), AWS KMS-managed keys (SSE-KMS), or dual-layer server-side encryption with KMS-managed keys (DSSE-KMS). For information about the Amazon S3 default encryption feature, see [Amazon S3 Default Encryption for S3 Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html) in the *Amazon S3 User Guide* .", + "$ref": "#/definitions/AWS::S3Express::DirectoryBucket.BucketEncryption", + "markdownDescription": "Specifies default encryption for a bucket using server-side encryption with Amazon S3 managed keys (SSE-S3) or AWS KMS keys (SSE-KMS). For information about default encryption for directory buckets, see [Setting and monitoring default encryption for directory buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-bucket-encryption.html) in the *Amazon S3 User Guide* .", "title": "BucketEncryption" }, "BucketName": { - "markdownDescription": "A name for the bucket. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the bucket name. The bucket name must contain only lowercase letters, numbers, periods (.), and dashes (-) and must follow [Amazon S3 bucket restrictions and limitations](https://docs.aws.amazon.com/AmazonS3/latest/dev/BucketRestrictions.html) . For more information, see [Rules for naming Amazon S3 buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html) in the *Amazon S3 User Guide* .\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you need to replace the resource, specify a new name.", + "markdownDescription": "A name for the bucket. The bucket name must contain only lowercase letters, numbers, and hyphens (-). A directory bucket name must be unique in the chosen Zone (Availability Zone or Local Zone). The bucket name must also follow the format `*bucket_base_name* -- *zone_id* --x-s3` (for example, `*bucket_base_name* -- *usw2-az1* --x-s3` ). If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the bucket name. For information about bucket naming restrictions, see [Directory bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) in the *Amazon S3 User Guide* .\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you need to replace the resource, specify a new name.", "title": "BucketName", "type": "string" }, - "CorsConfiguration": { - "$ref": "#/definitions/AWS::S3::Bucket.CorsConfiguration", - "markdownDescription": "Describes the cross-origin access configuration for objects in an Amazon S3 bucket. For more information, see [Enabling Cross-Origin Resource Sharing](https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html) in the *Amazon S3 User Guide* .", - "title": "CorsConfiguration" - }, - "IntelligentTieringConfigurations": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.IntelligentTieringConfiguration" - }, - "markdownDescription": "Defines how Amazon S3 handles Intelligent-Tiering storage.", - "title": "IntelligentTieringConfigurations", - "type": "array" - }, - "InventoryConfigurations": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.InventoryConfiguration" - }, - "markdownDescription": "Specifies the inventory configuration for an Amazon S3 bucket. For more information, see [GET Bucket inventory](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketGETInventoryConfig.html) in the *Amazon S3 API Reference* .", - "title": "InventoryConfigurations", - "type": "array" + "DataRedundancy": { + "markdownDescription": "The number of Zone (Availability Zone or Local Zone) that's used for redundancy for the bucket.", + "title": "DataRedundancy", + "type": "string" }, "LifecycleConfiguration": { - "$ref": "#/definitions/AWS::S3::Bucket.LifecycleConfiguration", - "markdownDescription": "Specifies the lifecycle configuration for objects in an Amazon S3 bucket. For more information, see [Object Lifecycle Management](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html) in the *Amazon S3 User Guide* .", + "$ref": "#/definitions/AWS::S3Express::DirectoryBucket.LifecycleConfiguration", + "markdownDescription": "Container for lifecycle rules. You can add as many as 1000 rules.\n\nFor more information see, [Creating and managing a lifecycle configuration for directory buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-objects-lifecycle.html ) in the *Amazon S3 User Guide* .", "title": "LifecycleConfiguration" }, - "LoggingConfiguration": { - "$ref": "#/definitions/AWS::S3::Bucket.LoggingConfiguration", - "markdownDescription": "Settings that define where logs are stored.", - "title": "LoggingConfiguration" - }, - "MetricsConfigurations": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.MetricsConfiguration" - }, - "markdownDescription": "Specifies a metrics configuration for the CloudWatch request metrics (specified by the metrics configuration ID) from an Amazon S3 bucket. If you're updating an existing metrics configuration, note that this is a full replacement of the existing metrics configuration. If you don't include the elements you want to keep, they are erased. For more information, see [PutBucketMetricsConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTMetricConfiguration.html) .", - "title": "MetricsConfigurations", - "type": "array" - }, - "NotificationConfiguration": { - "$ref": "#/definitions/AWS::S3::Bucket.NotificationConfiguration", - "markdownDescription": "Configuration that defines how Amazon S3 handles bucket notifications.", - "title": "NotificationConfiguration" - }, - "ObjectLockConfiguration": { - "$ref": "#/definitions/AWS::S3::Bucket.ObjectLockConfiguration", - "markdownDescription": "> This operation is not supported for directory buckets. \n\nPlaces an Object Lock configuration on the specified bucket. The rule specified in the Object Lock configuration will be applied by default to every new object placed in the specified bucket. For more information, see [Locking Objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html) .\n\n> - The `DefaultRetention` settings require both a mode and a period.\n> - The `DefaultRetention` period can be either `Days` or `Years` but you must select one. You cannot specify `Days` and `Years` at the same time.\n> - You can enable Object Lock for new or existing buckets. For more information, see [Configuring Object Lock](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock-configure.html) .", - "title": "ObjectLockConfiguration" - }, - "ObjectLockEnabled": { - "markdownDescription": "Indicates whether this bucket has an Object Lock configuration enabled. Enable `ObjectLockEnabled` when you apply `ObjectLockConfiguration` to a bucket.", - "title": "ObjectLockEnabled", - "type": "boolean" - }, - "OwnershipControls": { - "$ref": "#/definitions/AWS::S3::Bucket.OwnershipControls", - "markdownDescription": "Configuration that defines how Amazon S3 handles Object Ownership rules.", - "title": "OwnershipControls" - }, - "PublicAccessBlockConfiguration": { - "$ref": "#/definitions/AWS::S3::Bucket.PublicAccessBlockConfiguration", - "markdownDescription": "Configuration that defines how Amazon S3 handles public access.", - "title": "PublicAccessBlockConfiguration" - }, - "ReplicationConfiguration": { - "$ref": "#/definitions/AWS::S3::Bucket.ReplicationConfiguration", - "markdownDescription": "Configuration for replicating objects in an S3 bucket. To enable replication, you must also enable versioning by using the `VersioningConfiguration` property.\n\nAmazon S3 can store replicated objects in a single destination bucket or multiple destination buckets. The destination bucket or buckets must already exist.", - "title": "ReplicationConfiguration" + "LocationName": { + "markdownDescription": "The name of the location where the bucket will be created.\n\nFor directory buckets, the name of the location is the Zone ID of the Availability Zone (AZ) or Local Zone (LZ) where the bucket will be created. An example AZ ID value is `usw2-az1` .", + "title": "LocationName", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An arbitrary set of tags (key-value pairs) for this S3 bucket.", + "markdownDescription": "An array of tags that you can apply to the S3 directory bucket. Tags are key-value pairs of metadata used to categorize and organize your buckets, track costs, and control access. For more information, see [Using tags with directory buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-tagging.html) .", "title": "Tags", "type": "array" - }, - "VersioningConfiguration": { - "$ref": "#/definitions/AWS::S3::Bucket.VersioningConfiguration", - "markdownDescription": "Enables multiple versions of all objects in this bucket. You might enable versioning to prevent objects from being deleted or overwritten by mistake or to archive objects so that you can retrieve previous versions of them.\n\n> When you enable versioning on a bucket for the first time, it might take a short amount of time for the change to be fully propagated. We recommend that you wait for 15 minutes after enabling versioning before issuing write operations ( `PUT` or `DELETE` ) on objects in the bucket.", - "title": "VersioningConfiguration" - }, - "WebsiteConfiguration": { - "$ref": "#/definitions/AWS::S3::Bucket.WebsiteConfiguration", - "markdownDescription": "Information used to configure the bucket as a static website. For more information, see [Hosting Websites on Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html) .", - "title": "WebsiteConfiguration" } }, + "required": [ + "DataRedundancy", + "LocationName" + ], "type": "object" }, "Type": { "enum": [ - "AWS::S3::Bucket" + "AWS::S3Express::DirectoryBucket" ], "type": "string" }, @@ -235422,15 +281161,16 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::S3::Bucket.AbortIncompleteMultipartUpload": { + "AWS::S3Express::DirectoryBucket.AbortIncompleteMultipartUpload": { "additionalProperties": false, "properties": { "DaysAfterInitiation": { - "markdownDescription": "Specifies the number of days after which Amazon S3 stops an incomplete multipart upload.", + "markdownDescription": "Specifies the number of days after which Amazon S3 aborts an incomplete multipart upload.", "title": "DaysAfterInitiation", "type": "number" } @@ -235440,73 +281180,12 @@ ], "type": "object" }, - "AWS::S3::Bucket.AccelerateConfiguration": { - "additionalProperties": false, - "properties": { - "AccelerationStatus": { - "markdownDescription": "Specifies the transfer acceleration status of the bucket.", - "title": "AccelerationStatus", - "type": "string" - } - }, - "required": [ - "AccelerationStatus" - ], - "type": "object" - }, - "AWS::S3::Bucket.AccessControlTranslation": { - "additionalProperties": false, - "properties": { - "Owner": { - "markdownDescription": "Specifies the replica ownership. For default and valid values, see [PUT bucket replication](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTreplication.html) in the *Amazon S3 API Reference* .", - "title": "Owner", - "type": "string" - } - }, - "required": [ - "Owner" - ], - "type": "object" - }, - "AWS::S3::Bucket.AnalyticsConfiguration": { - "additionalProperties": false, - "properties": { - "Id": { - "markdownDescription": "The ID that identifies the analytics configuration.", - "title": "Id", - "type": "string" - }, - "Prefix": { - "markdownDescription": "The prefix that an object must have to be included in the analytics results.", - "title": "Prefix", - "type": "string" - }, - "StorageClassAnalysis": { - "$ref": "#/definitions/AWS::S3::Bucket.StorageClassAnalysis", - "markdownDescription": "Contains data related to access patterns to be collected and made available to analyze the tradeoffs between different storage classes.", - "title": "StorageClassAnalysis" - }, - "TagFilters": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.TagFilter" - }, - "markdownDescription": "The tags to use when evaluating an analytics filter.\n\nThe analytics only includes objects that meet the filter's criteria. If no filter is specified, all of the contents of the bucket are included in the analysis.", - "title": "TagFilters", - "type": "array" - } - }, - "required": [ - "Id", - "StorageClassAnalysis" - ], - "type": "object" - }, - "AWS::S3::Bucket.BucketEncryption": { + "AWS::S3Express::DirectoryBucket.BucketEncryption": { "additionalProperties": false, "properties": { "ServerSideEncryptionConfiguration": { "items": { - "$ref": "#/definitions/AWS::S3::Bucket.ServerSideEncryptionRule" + "$ref": "#/definitions/AWS::S3Express::DirectoryBucket.ServerSideEncryptionRule" }, "markdownDescription": "Specifies the default server-side-encryption configuration.", "title": "ServerSideEncryptionConfiguration", @@ -235518,1003 +281197,691 @@ ], "type": "object" }, - "AWS::S3::Bucket.CorsConfiguration": { + "AWS::S3Express::DirectoryBucket.LifecycleConfiguration": { "additionalProperties": false, "properties": { - "CorsRules": { + "Rules": { "items": { - "$ref": "#/definitions/AWS::S3::Bucket.CorsRule" + "$ref": "#/definitions/AWS::S3Express::DirectoryBucket.Rule" }, - "markdownDescription": "A set of origins and methods (cross-origin access that you want to allow). You can add up to 100 rules to the configuration.", - "title": "CorsRules", + "markdownDescription": "A lifecycle rule for individual objects in an Amazon S3 Express bucket.", + "title": "Rules", "type": "array" } }, "required": [ - "CorsRules" + "Rules" ], "type": "object" }, - "AWS::S3::Bucket.CorsRule": { + "AWS::S3Express::DirectoryBucket.Rule": { "additionalProperties": false, "properties": { - "AllowedHeaders": { - "items": { - "type": "string" - }, - "markdownDescription": "Headers that are specified in the `Access-Control-Request-Headers` header. These headers are allowed in a preflight OPTIONS request. In response to any preflight OPTIONS request, Amazon S3 returns any requested headers that are allowed.", - "title": "AllowedHeaders", - "type": "array" - }, - "AllowedMethods": { - "items": { - "type": "string" - }, - "markdownDescription": "An HTTP method that you allow the origin to run.\n\n*Allowed values* : `GET` | `PUT` | `HEAD` | `POST` | `DELETE`", - "title": "AllowedMethods", - "type": "array" - }, - "AllowedOrigins": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more origins you want customers to be able to access the bucket from.", - "title": "AllowedOrigins", - "type": "array" + "AbortIncompleteMultipartUpload": { + "$ref": "#/definitions/AWS::S3Express::DirectoryBucket.AbortIncompleteMultipartUpload", + "markdownDescription": "Specifies the days since the initiation of an incomplete multipart upload that Amazon S3 will wait before permanently removing all parts of the upload.", + "title": "AbortIncompleteMultipartUpload" }, - "ExposedHeaders": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript `XMLHttpRequest` object).", - "title": "ExposedHeaders", - "type": "array" + "ExpirationInDays": { + "markdownDescription": "Indicates the number of days after creation when objects are deleted from Amazon S3 and Amazon S3 Glacier. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time.", + "title": "ExpirationInDays", + "type": "number" }, "Id": { - "markdownDescription": "A unique identifier for this rule. The value must be no more than 255 characters.", + "markdownDescription": "Unique identifier for the rule. The value can't be longer than 255 characters.", "title": "Id", "type": "string" }, - "MaxAge": { - "markdownDescription": "The time in seconds that your browser is to cache the preflight response for the specified resource.", - "title": "MaxAge", - "type": "number" - } - }, - "required": [ - "AllowedMethods", - "AllowedOrigins" - ], - "type": "object" - }, - "AWS::S3::Bucket.DataExport": { - "additionalProperties": false, - "properties": { - "Destination": { - "$ref": "#/definitions/AWS::S3::Bucket.Destination", - "markdownDescription": "The place to store the data for an analysis.", - "title": "Destination" + "ObjectSizeGreaterThan": { + "markdownDescription": "Specifies the minimum object size in bytes for this rule to apply to. Objects must be larger than this value in bytes. For more information about size based rules, see [Lifecycle configuration using size-based rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-configuration-examples.html#lc-size-rules) in the *Amazon S3 User Guide* .", + "title": "ObjectSizeGreaterThan", + "type": "string" }, - "OutputSchemaVersion": { - "markdownDescription": "The version of the output schema to use when exporting data. Must be `V_1` .", - "title": "OutputSchemaVersion", + "ObjectSizeLessThan": { + "markdownDescription": "Specifies the maximum object size in bytes for this rule to apply to. Objects must be smaller than this value in bytes. For more information about sized based rules, see [Lifecycle configuration using size-based rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-configuration-examples.html#lc-size-rules) in the *Amazon S3 User Guide* .", + "title": "ObjectSizeLessThan", "type": "string" - } - }, - "required": [ - "Destination", - "OutputSchemaVersion" - ], - "type": "object" - }, - "AWS::S3::Bucket.DefaultRetention": { - "additionalProperties": false, - "properties": { - "Days": { - "markdownDescription": "The number of days that you want to specify for the default retention period. If Object Lock is turned on, you must specify `Mode` and specify either `Days` or `Years` .", - "title": "Days", - "type": "number" }, - "Mode": { - "markdownDescription": "The default Object Lock retention mode you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, you must specify `Mode` and specify either `Days` or `Years` .", - "title": "Mode", + "Prefix": { + "markdownDescription": "Object key prefix that identifies one or more objects to which this rule applies.\n\n> Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints) .", + "title": "Prefix", "type": "string" }, - "Years": { - "markdownDescription": "The number of years that you want to specify for the default retention period. If Object Lock is turned on, you must specify `Mode` and specify either `Days` or `Years` .", - "title": "Years", - "type": "number" - } - }, - "type": "object" - }, - "AWS::S3::Bucket.DeleteMarkerReplication": { - "additionalProperties": false, - "properties": { "Status": { - "markdownDescription": "Indicates whether to replicate delete markers. Disabled by default.", + "markdownDescription": "If `Enabled` , the rule is currently being applied. If `Disabled` , the rule is not currently being applied.", "title": "Status", "type": "string" } }, - "type": "object" - }, - "AWS::S3::Bucket.Destination": { - "additionalProperties": false, - "properties": { - "BucketAccountId": { - "markdownDescription": "The account ID that owns the destination S3 bucket. If no account ID is provided, the owner is not validated before exporting data.\n\n> Although this value is optional, we strongly recommend that you set it to help prevent problems if the destination bucket ownership changes.", - "title": "BucketAccountId", - "type": "string" - }, - "BucketArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the bucket to which data is exported.", - "title": "BucketArn", - "type": "string" - }, - "Format": { - "markdownDescription": "Specifies the file format used when exporting data to Amazon S3.\n\n*Allowed values* : `CSV` | `ORC` | `Parquet`", - "title": "Format", - "type": "string" - }, - "Prefix": { - "markdownDescription": "The prefix to use when exporting data. The prefix is prepended to all results.", - "title": "Prefix", - "type": "string" - } - }, "required": [ - "BucketArn", - "Format" + "Status" ], "type": "object" }, - "AWS::S3::Bucket.EncryptionConfiguration": { + "AWS::S3Express::DirectoryBucket.ServerSideEncryptionByDefault": { "additionalProperties": false, "properties": { - "ReplicaKmsKeyID": { - "markdownDescription": "Specifies the ID (Key ARN or Alias ARN) of the customer managed AWS KMS key stored in AWS Key Management Service (KMS) for the destination bucket. Amazon S3 uses this key to encrypt replica objects. Amazon S3 only supports symmetric encryption KMS keys. For more information, see [Asymmetric keys in AWS KMS](https://docs.aws.amazon.com//kms/latest/developerguide/symmetric-asymmetric.html) in the *AWS Key Management Service Developer Guide* .", - "title": "ReplicaKmsKeyID", + "KMSMasterKeyID": { + "markdownDescription": "AWS Key Management Service (KMS) customer managed key ID to use for the default encryption. This parameter is allowed only if `SSEAlgorithm` is set to `aws:kms` .\n\nYou can specify this parameter with the key ID or the Amazon Resource Name (ARN) of the KMS key. You can\u2019t use the key alias of the KMS key.\n\n- Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key ARN: `arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n\nIf you are using encryption with cross-account or AWS service operations, you must use a fully qualified KMS key ARN. For more information, see [Using encryption for cross-account operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-bucket-encryption.html#s3-express-bucket-encryption-update-bucket-policy) .\n\n> Your SSE-KMS configuration can only support 1 [customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk) per directory bucket for the lifetime of the bucket. [AWS managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk) ( `aws/s3` ) isn't supported. Also, after you specify a customer managed key for SSE-KMS and upload objects with this configuration, you can't override the customer managed key for your SSE-KMS configuration. To use a new customer manager key for your data, we recommend copying your existing objects to a new directory bucket with a new customer managed key. > Amazon S3 only supports symmetric encryption KMS keys. For more information, see [Asymmetric keys in AWS KMS](https://docs.aws.amazon.com//kms/latest/developerguide/symmetric-asymmetric.html) in the *AWS Key Management Service Developer Guide* .", + "title": "KMSMasterKeyID", + "type": "string" + }, + "SSEAlgorithm": { + "markdownDescription": "Server-side encryption algorithm to use for the default encryption.\n\n> For directory buckets, there are only two supported values for server-side encryption: `AES256` and `aws:kms` .", + "title": "SSEAlgorithm", "type": "string" } }, "required": [ - "ReplicaKmsKeyID" + "SSEAlgorithm" ], "type": "object" }, - "AWS::S3::Bucket.EventBridgeConfiguration": { + "AWS::S3Express::DirectoryBucket.ServerSideEncryptionRule": { "additionalProperties": false, "properties": { - "EventBridgeEnabled": { - "markdownDescription": "Enables delivery of events to Amazon EventBridge.", - "title": "EventBridgeEnabled", + "BucketKeyEnabled": { + "markdownDescription": "Specifies whether Amazon S3 should use an S3 Bucket Key with server-side encryption using KMS (SSE-KMS) for new objects in the bucket. S3 Bucket Keys are always enabled for `GET` and `PUT` operations on a directory bucket and can\u2019t be disabled. It's only allowed to set the `BucketKeyEnabled` element to `true` .\n\nS3 Bucket Keys aren't supported, when you copy SSE-KMS encrypted objects from general purpose buckets to directory buckets, from directory buckets to general purpose buckets, or between directory buckets, through [CopyObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html) , [UploadPartCopy](https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html) , [the Copy operation in Batch Operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-objects-Batch-Ops) , or [the import jobs](https://docs.aws.amazon.com/AmazonS3/latest/userguide/create-import-job) . In this case, Amazon S3 makes a call to AWS KMS every time a copy request is made for a KMS-encrypted object.\n\nFor more information, see [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-UsingKMSEncryption.html#s3-express-sse-kms-bucket-keys) in the *Amazon S3 User Guide* .", + "title": "BucketKeyEnabled", "type": "boolean" - } - }, - "required": [ - "EventBridgeEnabled" - ], - "type": "object" - }, - "AWS::S3::Bucket.FilterRule": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The object key name prefix or suffix identifying one or more objects to which the filtering rule applies. The maximum length is 1,024 characters. Overlapping prefixes and suffixes are not supported. For more information, see [Configuring Event Notifications](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide* .", - "title": "Name", - "type": "string" }, - "Value": { - "markdownDescription": "The value that the filter searches for in object key names.", - "title": "Value", - "type": "string" + "ServerSideEncryptionByDefault": { + "$ref": "#/definitions/AWS::S3Express::DirectoryBucket.ServerSideEncryptionByDefault", + "markdownDescription": "Specifies the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied.", + "title": "ServerSideEncryptionByDefault" } }, - "required": [ - "Name", - "Value" - ], "type": "object" }, - "AWS::S3::Bucket.IntelligentTieringConfiguration": { + "AWS::S3ObjectLambda::AccessPoint": { "additionalProperties": false, "properties": { - "Id": { - "markdownDescription": "The ID used to identify the S3 Intelligent-Tiering configuration.", - "title": "Id", - "type": "string" - }, - "Prefix": { - "markdownDescription": "An object key name prefix that identifies the subset of objects to which the rule applies.", - "title": "Prefix", + "Condition": { "type": "string" }, - "Status": { - "markdownDescription": "Specifies the status of the configuration.", - "title": "Status", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "TagFilters": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.TagFilter" - }, - "markdownDescription": "A container for a key-value pair.", - "title": "TagFilters", - "type": "array" - }, - "Tierings": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.Tiering" - }, - "markdownDescription": "Specifies a list of S3 Intelligent-Tiering storage class tiers in the configuration. At least one tier must be defined in the list. At most, you can specify two tiers in the list, one for each available AccessTier: `ARCHIVE_ACCESS` and `DEEP_ARCHIVE_ACCESS` .\n\n> You only need Intelligent Tiering Configuration enabled on a bucket if you want to automatically move objects stored in the Intelligent-Tiering storage class to Archive Access or Deep Archive Access tiers.", - "title": "Tierings", - "type": "array" - } - }, - "required": [ - "Id", - "Status", - "Tierings" - ], - "type": "object" - }, - "AWS::S3::Bucket.InventoryConfiguration": { - "additionalProperties": false, - "properties": { - "Destination": { - "$ref": "#/definitions/AWS::S3::Bucket.Destination", - "markdownDescription": "Contains information about where to publish the inventory results.", - "title": "Destination" - }, - "Enabled": { - "markdownDescription": "Specifies whether the inventory is enabled or disabled. If set to `True` , an inventory list is generated. If set to `False` , no inventory list is generated.", - "title": "Enabled", - "type": "boolean" - }, - "Id": { - "markdownDescription": "The ID used to identify the inventory configuration.", - "title": "Id", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "IncludedObjectVersions": { - "markdownDescription": "Object versions to include in the inventory list. If set to `All` , the list includes all the object versions, which adds the version-related fields `VersionId` , `IsLatest` , and `DeleteMarker` to the list. If set to `Current` , the list does not contain these version-related fields.", - "title": "IncludedObjectVersions", - "type": "string" + "Metadata": { + "type": "object" }, - "OptionalFields": { - "items": { - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of this access point.", + "title": "Name", + "type": "string" + }, + "ObjectLambdaConfiguration": { + "$ref": "#/definitions/AWS::S3ObjectLambda::AccessPoint.ObjectLambdaConfiguration", + "markdownDescription": "A configuration used when creating an Object Lambda Access Point.", + "title": "ObjectLambdaConfiguration" + } }, - "markdownDescription": "Contains the optional fields that are included in the inventory results.", - "title": "OptionalFields", - "type": "array" - }, - "Prefix": { - "markdownDescription": "Specifies the inventory filter prefix.", - "title": "Prefix", - "type": "string" + "required": [ + "ObjectLambdaConfiguration" + ], + "type": "object" }, - "ScheduleFrequency": { - "markdownDescription": "Specifies the schedule for generating inventory results.", - "title": "ScheduleFrequency", - "type": "string" - } - }, - "required": [ - "Destination", - "Enabled", - "Id", - "IncludedObjectVersions", - "ScheduleFrequency" - ], - "type": "object" - }, - "AWS::S3::Bucket.LambdaConfiguration": { - "additionalProperties": false, - "properties": { - "Event": { - "markdownDescription": "The Amazon S3 bucket event for which to invoke the AWS Lambda function. For more information, see [Supported Event Types](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide* .", - "title": "Event", + "Type": { + "enum": [ + "AWS::S3ObjectLambda::AccessPoint" + ], "type": "string" }, - "Filter": { - "$ref": "#/definitions/AWS::S3::Bucket.NotificationFilter", - "markdownDescription": "The filtering rules that determine which objects invoke the AWS Lambda function. For example, you can create a filter so that only image files with a `.jpg` extension invoke the function when they are added to the Amazon S3 bucket.", - "title": "Filter" - }, - "Function": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Lambda function that Amazon S3 invokes when the specified event type occurs.", - "title": "Function", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Event", - "Function" - ], - "type": "object" - }, - "AWS::S3::Bucket.LifecycleConfiguration": { - "additionalProperties": false, - "properties": { - "Rules": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.Rule" - }, - "markdownDescription": "A lifecycle rule for individual objects in an Amazon S3 bucket.", - "title": "Rules", - "type": "array" - } - }, - "required": [ - "Rules" + "Type", + "Properties" ], "type": "object" }, - "AWS::S3::Bucket.LoggingConfiguration": { - "additionalProperties": false, - "properties": { - "DestinationBucketName": { - "markdownDescription": "The name of the bucket where Amazon S3 should store server access log files. You can store log files in any bucket that you own. By default, logs are stored in the bucket where the `LoggingConfiguration` property is defined.", - "title": "DestinationBucketName", - "type": "string" - }, - "LogFilePrefix": { - "markdownDescription": "A prefix for all log object keys. If you store log files from multiple Amazon S3 buckets in a single bucket, you can use a prefix to distinguish which log files came from which bucket.", - "title": "LogFilePrefix", - "type": "string" - }, - "TargetObjectKeyFormat": { - "$ref": "#/definitions/AWS::S3::Bucket.TargetObjectKeyFormat", - "markdownDescription": "Amazon S3 key format for log objects. Only one format, either PartitionedPrefix or SimplePrefix, is allowed.", - "title": "TargetObjectKeyFormat" - } - }, - "type": "object" - }, - "AWS::S3::Bucket.Metrics": { + "AWS::S3ObjectLambda::AccessPoint.Alias": { "additionalProperties": false, "properties": { - "EventThreshold": { - "$ref": "#/definitions/AWS::S3::Bucket.ReplicationTimeValue", - "markdownDescription": "A container specifying the time threshold for emitting the `s3:Replication:OperationMissedThreshold` event.", - "title": "EventThreshold" - }, "Status": { - "markdownDescription": "Specifies whether the replication metrics are enabled.", + "markdownDescription": "The status of the Object Lambda Access Point alias. If the status is `PROVISIONING` , the Object Lambda Access Point is provisioning the alias and the alias is not ready for use yet. If the status is `READY` , the Object Lambda Access Point alias is successfully provisioned and ready for use.", "title": "Status", "type": "string" - } - }, - "required": [ - "Status" - ], - "type": "object" - }, - "AWS::S3::Bucket.MetricsConfiguration": { - "additionalProperties": false, - "properties": { - "AccessPointArn": { - "markdownDescription": "The access point that was used while performing operations on the object. The metrics configuration only includes objects that meet the filter's criteria.", - "title": "AccessPointArn", - "type": "string" - }, - "Id": { - "markdownDescription": "The ID used to identify the metrics configuration. This can be any value you choose that helps you identify your metrics configuration.", - "title": "Id", - "type": "string" }, - "Prefix": { - "markdownDescription": "The prefix that an object must have to be included in the metrics results.", - "title": "Prefix", + "Value": { + "markdownDescription": "The alias value of the Object Lambda Access Point.", + "title": "Value", "type": "string" - }, - "TagFilters": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.TagFilter" - }, - "markdownDescription": "Specifies a list of tag filters to use as a metrics configuration filter. The metrics configuration includes only objects that meet the filter's criteria.", - "title": "TagFilters", - "type": "array" } }, "required": [ - "Id" + "Value" ], "type": "object" }, - "AWS::S3::Bucket.NoncurrentVersionExpiration": { + "AWS::S3ObjectLambda::AccessPoint.AwsLambda": { "additionalProperties": false, "properties": { - "NewerNoncurrentVersions": { - "markdownDescription": "Specifies how many noncurrent versions Amazon S3 will retain. If there are this many more recent noncurrent versions, Amazon S3 will take the associated action. For more information about noncurrent versions, see [Lifecycle configuration elements](https://docs.aws.amazon.com/AmazonS3/latest/userguide/intro-lifecycle-rules.html) in the *Amazon S3 User Guide* .", - "title": "NewerNoncurrentVersions", - "type": "number" + "FunctionArn": { + "markdownDescription": "", + "title": "FunctionArn", + "type": "string" }, - "NoncurrentDays": { - "markdownDescription": "Specifies the number of days an object is noncurrent before Amazon S3 can perform the associated action. For information about the noncurrent days calculations, see [How Amazon S3 Calculates When an Object Became Noncurrent](https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecycle-rules.html#non-current-days-calculations) in the *Amazon S3 User Guide* .", - "title": "NoncurrentDays", - "type": "number" + "FunctionPayload": { + "markdownDescription": "", + "title": "FunctionPayload", + "type": "string" } }, "required": [ - "NoncurrentDays" + "FunctionArn" ], "type": "object" }, - "AWS::S3::Bucket.NoncurrentVersionTransition": { + "AWS::S3ObjectLambda::AccessPoint.ContentTransformation": { "additionalProperties": false, "properties": { - "NewerNoncurrentVersions": { - "markdownDescription": "Specifies how many noncurrent versions Amazon S3 will retain. If there are this many more recent noncurrent versions, Amazon S3 will take the associated action. For more information about noncurrent versions, see [Lifecycle configuration elements](https://docs.aws.amazon.com/AmazonS3/latest/userguide/intro-lifecycle-rules.html) in the *Amazon S3 User Guide* .", - "title": "NewerNoncurrentVersions", - "type": "number" - }, - "StorageClass": { - "markdownDescription": "The class of storage used to store the object.", - "title": "StorageClass", - "type": "string" - }, - "TransitionInDays": { - "markdownDescription": "Specifies the number of days an object is noncurrent before Amazon S3 can perform the associated action. For information about the noncurrent days calculations, see [How Amazon S3 Calculates How Long an Object Has Been Noncurrent](https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecycle-rules.html#non-current-days-calculations) in the *Amazon S3 User Guide* .", - "title": "TransitionInDays", - "type": "number" + "AwsLambda": { + "$ref": "#/definitions/AWS::S3ObjectLambda::AccessPoint.AwsLambda", + "markdownDescription": "", + "title": "AwsLambda" } }, "required": [ - "StorageClass", - "TransitionInDays" + "AwsLambda" ], "type": "object" }, - "AWS::S3::Bucket.NotificationConfiguration": { + "AWS::S3ObjectLambda::AccessPoint.ObjectLambdaConfiguration": { "additionalProperties": false, "properties": { - "EventBridgeConfiguration": { - "$ref": "#/definitions/AWS::S3::Bucket.EventBridgeConfiguration", - "markdownDescription": "Enables delivery of events to Amazon EventBridge.", - "title": "EventBridgeConfiguration" - }, - "LambdaConfigurations": { + "AllowedFeatures": { "items": { - "$ref": "#/definitions/AWS::S3::Bucket.LambdaConfiguration" + "type": "string" }, - "markdownDescription": "Describes the AWS Lambda functions to invoke and the events for which to invoke them.", - "title": "LambdaConfigurations", + "markdownDescription": "A container for allowed features. Valid inputs are `GetObject-Range` , `GetObject-PartNumber` , `HeadObject-Range` , and `HeadObject-PartNumber` .", + "title": "AllowedFeatures", "type": "array" }, - "QueueConfigurations": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.QueueConfiguration" - }, - "markdownDescription": "The Amazon Simple Queue Service queues to publish messages to and the events for which to publish messages.", - "title": "QueueConfigurations", - "type": "array" + "CloudWatchMetricsEnabled": { + "markdownDescription": "A container for whether the CloudWatch metrics configuration is enabled.", + "title": "CloudWatchMetricsEnabled", + "type": "boolean" }, - "TopicConfigurations": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.TopicConfiguration" - }, - "markdownDescription": "The topic to which notifications are sent and the events for which notifications are generated.", - "title": "TopicConfigurations", - "type": "array" - } - }, - "type": "object" - }, - "AWS::S3::Bucket.NotificationFilter": { - "additionalProperties": false, - "properties": { - "S3Key": { - "$ref": "#/definitions/AWS::S3::Bucket.S3KeyFilter", - "markdownDescription": "A container for object key name prefix and suffix filtering rules.", - "title": "S3Key" - } - }, - "required": [ - "S3Key" - ], - "type": "object" - }, - "AWS::S3::Bucket.ObjectLockConfiguration": { - "additionalProperties": false, - "properties": { - "ObjectLockEnabled": { - "markdownDescription": "Indicates whether this bucket has an Object Lock configuration enabled. Enable `ObjectLockEnabled` when you apply `ObjectLockConfiguration` to a bucket.", - "title": "ObjectLockEnabled", + "SupportingAccessPoint": { + "markdownDescription": "Standard access point associated with the Object Lambda Access Point.", + "title": "SupportingAccessPoint", "type": "string" }, - "Rule": { - "$ref": "#/definitions/AWS::S3::Bucket.ObjectLockRule", - "markdownDescription": "Specifies the Object Lock rule for the specified object. Enable this rule when you apply `ObjectLockConfiguration` to a bucket. If Object Lock is turned on, bucket settings require both `Mode` and a period of either `Days` or `Years` . You cannot specify `Days` and `Years` at the same time. For more information, see [ObjectLockRule](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-objectlockrule.html) and [DefaultRetention](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-defaultretention.html) .", - "title": "Rule" - } - }, - "type": "object" - }, - "AWS::S3::Bucket.ObjectLockRule": { - "additionalProperties": false, - "properties": { - "DefaultRetention": { - "$ref": "#/definitions/AWS::S3::Bucket.DefaultRetention", - "markdownDescription": "The default Object Lock retention mode and period that you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, bucket settings require both `Mode` and a period of either `Days` or `Years` . You cannot specify `Days` and `Years` at the same time. For more information about allowable values for mode and period, see [DefaultRetention](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-defaultretention.html) .", - "title": "DefaultRetention" - } - }, - "type": "object" - }, - "AWS::S3::Bucket.OwnershipControls": { - "additionalProperties": false, - "properties": { - "Rules": { + "TransformationConfigurations": { "items": { - "$ref": "#/definitions/AWS::S3::Bucket.OwnershipControlsRule" + "$ref": "#/definitions/AWS::S3ObjectLambda::AccessPoint.TransformationConfiguration" }, - "markdownDescription": "Specifies the container element for Object Ownership rules.", - "title": "Rules", + "markdownDescription": "A container for transformation configurations for an Object Lambda Access Point.", + "title": "TransformationConfigurations", "type": "array" } }, "required": [ - "Rules" + "SupportingAccessPoint", + "TransformationConfigurations" ], "type": "object" }, - "AWS::S3::Bucket.OwnershipControlsRule": { - "additionalProperties": false, - "properties": { - "ObjectOwnership": { - "markdownDescription": "Specifies an object ownership rule.", - "title": "ObjectOwnership", - "type": "string" - } - }, - "type": "object" - }, - "AWS::S3::Bucket.PartitionedPrefix": { - "additionalProperties": false, - "properties": { - "PartitionDateSource": { - "markdownDescription": "Specifies the partition date source for the partitioned prefix. `PartitionDateSource` can be `EventTime` or `DeliveryTime` .\n\nFor `DeliveryTime` , the time in the log file names corresponds to the delivery time for the log files.\n\nFor `EventTime` , The logs delivered are for a specific day only. The year, month, and day correspond to the day on which the event occurred, and the hour, minutes and seconds are set to 00 in the key.", - "title": "PartitionDateSource", - "type": "string" - } - }, - "type": "object" - }, - "AWS::S3::Bucket.PublicAccessBlockConfiguration": { + "AWS::S3ObjectLambda::AccessPoint.PublicAccessBlockConfiguration": { "additionalProperties": false, "properties": { "BlockPublicAcls": { - "markdownDescription": "Specifies whether Amazon S3 should block public access control lists (ACLs) for this bucket and objects in this bucket. Setting this element to `TRUE` causes the following behavior:\n\n- PUT Bucket ACL and PUT Object ACL calls fail if the specified ACL is public.\n- PUT Object calls fail if the request includes a public ACL.\n- PUT Bucket calls fail if the request includes a public ACL.\n\nEnabling this setting doesn't affect existing policies or ACLs.", + "markdownDescription": "Specifies whether Amazon S3 should block public access control lists (ACLs) for buckets in this account. Setting this element to `TRUE` causes the following behavior:\n\n- `PutBucketAcl` and `PutObjectAcl` calls fail if the specified ACL is public.\n- PUT Object calls fail if the request includes a public ACL.\n- PUT Bucket calls fail if the request includes a public ACL.\n\nEnabling this setting doesn't affect existing policies or ACLs.\n\nThis property is not supported for Amazon S3 on Outposts.", "title": "BlockPublicAcls", "type": "boolean" }, "BlockPublicPolicy": { - "markdownDescription": "Specifies whether Amazon S3 should block public bucket policies for this bucket. Setting this element to `TRUE` causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.\n\nEnabling this setting doesn't affect existing bucket policies.", + "markdownDescription": "Specifies whether Amazon S3 should block public bucket policies for buckets in this account. Setting this element to `TRUE` causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.\n\nEnabling this setting doesn't affect existing bucket policies.\n\nThis property is not supported for Amazon S3 on Outposts.", "title": "BlockPublicPolicy", "type": "boolean" }, "IgnorePublicAcls": { - "markdownDescription": "Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects in this bucket. Setting this element to `TRUE` causes Amazon S3 to ignore all public ACLs on this bucket and objects in this bucket.\n\nEnabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.", + "markdownDescription": "Specifies whether Amazon S3 should ignore public ACLs for buckets in this account. Setting this element to `TRUE` causes Amazon S3 to ignore all public ACLs on buckets in this account and any objects that they contain.\n\nEnabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.\n\nThis property is not supported for Amazon S3 on Outposts.", "title": "IgnorePublicAcls", "type": "boolean" }, "RestrictPublicBuckets": { - "markdownDescription": "Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to `TRUE` restricts access to this bucket to only AWS service principals and authorized users within this account if the bucket has a public policy.\n\nEnabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.", - "title": "RestrictPublicBuckets", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::S3::Bucket.QueueConfiguration": { - "additionalProperties": false, - "properties": { - "Event": { - "markdownDescription": "The Amazon S3 bucket event about which you want to publish messages to Amazon SQS. For more information, see [Supported Event Types](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide* .", - "title": "Event", - "type": "string" - }, - "Filter": { - "$ref": "#/definitions/AWS::S3::Bucket.NotificationFilter", - "markdownDescription": "The filtering rules that determine which objects trigger notifications. For example, you can create a filter so that Amazon S3 sends notifications only when image files with a `.jpg` extension are added to the bucket. For more information, see [Configuring event notifications using object key name filtering](https://docs.aws.amazon.com/AmazonS3/latest/user-guide/notification-how-to-filtering.html) in the *Amazon S3 User Guide* .", - "title": "Filter" - }, - "Queue": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SQS queue to which Amazon S3 publishes a message when it detects events of the specified type. FIFO queues are not allowed when enabling an SQS queue as the event notification destination.", - "title": "Queue", - "type": "string" - } - }, - "required": [ - "Event", - "Queue" - ], - "type": "object" - }, - "AWS::S3::Bucket.RedirectAllRequestsTo": { - "additionalProperties": false, - "properties": { - "HostName": { - "markdownDescription": "Name of the host where requests are redirected.", - "title": "HostName", - "type": "string" - }, - "Protocol": { - "markdownDescription": "Protocol to use when redirecting requests. The default is the protocol that is used in the original request.", - "title": "Protocol", - "type": "string" - } - }, - "required": [ - "HostName" - ], - "type": "object" - }, - "AWS::S3::Bucket.RedirectRule": { - "additionalProperties": false, - "properties": { - "HostName": { - "markdownDescription": "The host name to use in the redirect request.", - "title": "HostName", - "type": "string" - }, - "HttpRedirectCode": { - "markdownDescription": "The HTTP redirect code to use on the response. Not required if one of the siblings is present.", - "title": "HttpRedirectCode", - "type": "string" - }, - "Protocol": { - "markdownDescription": "Protocol to use when redirecting requests. The default is the protocol that is used in the original request.", - "title": "Protocol", - "type": "string" - }, - "ReplaceKeyPrefixWith": { - "markdownDescription": "The object key prefix to use in the redirect request. For example, to redirect requests for all pages with prefix `docs/` (objects in the `docs/` folder) to `documents/` , you can set a condition block with `KeyPrefixEquals` set to `docs/` and in the Redirect set `ReplaceKeyPrefixWith` to `/documents` . Not required if one of the siblings is present. Can be present only if `ReplaceKeyWith` is not provided.\n\n> Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints) .", - "title": "ReplaceKeyPrefixWith", - "type": "string" - }, - "ReplaceKeyWith": { - "markdownDescription": "The specific object key to use in the redirect request. For example, redirect request to `error.html` . Not required if one of the siblings is present. Can be present only if `ReplaceKeyPrefixWith` is not provided.\n\n> Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints) .", - "title": "ReplaceKeyWith", - "type": "string" + "markdownDescription": "Specifies whether Amazon S3 should restrict public bucket policies for buckets in this account. Setting this element to `TRUE` restricts access to buckets with public policies to only AWS service principals and authorized users within this account.\n\nEnabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.\n\nThis property is not supported for Amazon S3 on Outposts.", + "title": "RestrictPublicBuckets", + "type": "boolean" } }, "type": "object" }, - "AWS::S3::Bucket.ReplicaModifications": { + "AWS::S3ObjectLambda::AccessPoint.TransformationConfiguration": { "additionalProperties": false, "properties": { - "Status": { - "markdownDescription": "Specifies whether Amazon S3 replicates modifications on replicas.\n\n*Allowed values* : `Enabled` | `Disabled`", - "title": "Status", - "type": "string" + "Actions": { + "items": { + "type": "string" + }, + "markdownDescription": "A container for the action of an Object Lambda Access Point configuration. Valid inputs are `GetObject` , `HeadObject` , `ListObject` , and `ListObjectV2` .", + "title": "Actions", + "type": "array" + }, + "ContentTransformation": { + "$ref": "#/definitions/AWS::S3ObjectLambda::AccessPoint.ContentTransformation", + "markdownDescription": "A container for the content transformation of an Object Lambda Access Point configuration. Can include the FunctionArn and FunctionPayload. For more information, see [AwsLambdaTransformation](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_AwsLambdaTransformation.html) in the *Amazon S3 API Reference* .", + "title": "ContentTransformation" } }, "required": [ - "Status" + "Actions", + "ContentTransformation" ], "type": "object" }, - "AWS::S3::Bucket.ReplicationConfiguration": { + "AWS::S3ObjectLambda::AccessPointPolicy": { "additionalProperties": false, "properties": { - "Role": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that Amazon S3 assumes when replicating objects. For more information, see [How to Set Up Replication](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-how-setup.html) in the *Amazon S3 User Guide* .", - "title": "Role", + "Condition": { "type": "string" }, - "Rules": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.ReplicationRule" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ObjectLambdaAccessPoint": { + "markdownDescription": "An access point with an attached AWS Lambda function used to access transformed data from an Amazon S3 bucket.", + "title": "ObjectLambdaAccessPoint", + "type": "string" + }, + "PolicyDocument": { + "markdownDescription": "Object Lambda Access Point resource policy document.", + "title": "PolicyDocument", + "type": "object" + } }, - "markdownDescription": "A container for one or more replication rules. A replication configuration must have at least one rule and can contain a maximum of 1,000 rules.", - "title": "Rules", - "type": "array" + "required": [ + "ObjectLambdaAccessPoint", + "PolicyDocument" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::S3ObjectLambda::AccessPointPolicy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Role", - "Rules" + "Type", + "Properties" ], "type": "object" }, - "AWS::S3::Bucket.ReplicationDestination": { + "AWS::S3Outposts::AccessPoint": { "additionalProperties": false, "properties": { - "AccessControlTranslation": { - "$ref": "#/definitions/AWS::S3::Bucket.AccessControlTranslation", - "markdownDescription": "Specify this only in a cross-account scenario (where source and destination bucket owners are not the same), and you want to change replica ownership to the AWS account that owns the destination bucket. If this is not specified in the replication configuration, the replicas are owned by same AWS account that owns the source object.", - "title": "AccessControlTranslation" - }, - "Account": { - "markdownDescription": "Destination bucket owner account ID. In a cross-account scenario, if you direct Amazon S3 to change replica ownership to the AWS account that owns the destination bucket by specifying the `AccessControlTranslation` property, this is the account ID of the destination bucket owner. For more information, see [Cross-Region Replication Additional Configuration: Change Replica Owner](https://docs.aws.amazon.com/AmazonS3/latest/dev/crr-change-owner.html) in the *Amazon S3 User Guide* .\n\nIf you specify the `AccessControlTranslation` property, the `Account` property is required.", - "title": "Account", + "Condition": { "type": "string" }, - "Bucket": { - "markdownDescription": "The Amazon Resource Name (ARN) of the bucket where you want Amazon S3 to store the results.", - "title": "Bucket", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "EncryptionConfiguration": { - "$ref": "#/definitions/AWS::S3::Bucket.EncryptionConfiguration", - "markdownDescription": "Specifies encryption-related information.", - "title": "EncryptionConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Metrics": { - "$ref": "#/definitions/AWS::S3::Bucket.Metrics", - "markdownDescription": "A container specifying replication metrics-related settings enabling replication metrics and events.", - "title": "Metrics" + "Metadata": { + "type": "object" }, - "ReplicationTime": { - "$ref": "#/definitions/AWS::S3::Bucket.ReplicationTime", - "markdownDescription": "A container specifying S3 Replication Time Control (S3 RTC), including whether S3 RTC is enabled and the time when all objects and operations on objects must be replicated. Must be specified together with a `Metrics` block.", - "title": "ReplicationTime" + "Properties": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The Amazon Resource Name (ARN) of the S3 on Outposts bucket that is associated with this access point.", + "title": "Bucket", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of this access point.", + "title": "Name", + "type": "string" + }, + "Policy": { + "markdownDescription": "The access point policy associated with this access point.", + "title": "Policy", + "type": "object" + }, + "VpcConfiguration": { + "$ref": "#/definitions/AWS::S3Outposts::AccessPoint.VpcConfiguration", + "markdownDescription": "The virtual private cloud (VPC) configuration for this access point, if one exists.", + "title": "VpcConfiguration" + } + }, + "required": [ + "Bucket", + "Name", + "VpcConfiguration" + ], + "type": "object" }, - "StorageClass": { - "markdownDescription": "The storage class to use when replicating objects, such as S3 Standard or reduced redundancy. By default, Amazon S3 uses the storage class of the source object to create the object replica.\n\nFor valid values, see the `StorageClass` element of the [PUT Bucket replication](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTreplication.html) action in the *Amazon S3 API Reference* .", - "title": "StorageClass", + "Type": { + "enum": [ + "AWS::S3Outposts::AccessPoint" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Bucket" + "Type", + "Properties" ], "type": "object" }, - "AWS::S3::Bucket.ReplicationRule": { + "AWS::S3Outposts::AccessPoint.VpcConfiguration": { "additionalProperties": false, "properties": { - "DeleteMarkerReplication": { - "$ref": "#/definitions/AWS::S3::Bucket.DeleteMarkerReplication", - "markdownDescription": "Specifies whether Amazon S3 replicates delete markers. If you specify a `Filter` in your replication configuration, you must also include a `DeleteMarkerReplication` element. If your `Filter` includes a `Tag` element, the `DeleteMarkerReplication` `Status` must be set to Disabled, because Amazon S3 does not support replicating delete markers for tag-based rules. For an example configuration, see [Basic Rule Configuration](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-config-min-rule-config) .\n\nFor more information about delete marker replication, see [Basic Rule Configuration](https://docs.aws.amazon.com/AmazonS3/latest/dev/delete-marker-replication.html) .\n\n> If you are using an earlier version of the replication configuration, Amazon S3 handles replication of delete markers differently. For more information, see [Backward Compatibility](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-backward-compat-considerations) .", - "title": "DeleteMarkerReplication" - }, - "Destination": { - "$ref": "#/definitions/AWS::S3::Bucket.ReplicationDestination", - "markdownDescription": "A container for information about the replication destination and its configurations including enabling the S3 Replication Time Control (S3 RTC).", - "title": "Destination" - }, - "Filter": { - "$ref": "#/definitions/AWS::S3::Bucket.ReplicationRuleFilter", - "markdownDescription": "A filter that identifies the subset of objects to which the replication rule applies. A `Filter` must specify exactly one `Prefix` , `TagFilter` , or an `And` child element. The use of the filter field indicates that this is a V2 replication configuration. This field isn't supported in a V1 replication configuration.\n\n> V1 replication configuration only supports filtering by key prefix. To filter using a V1 replication configuration, add the `Prefix` directly as a child element of the `Rule` element.", - "title": "Filter" - }, - "Id": { - "markdownDescription": "A unique identifier for the rule. The maximum value is 255 characters. If you don't specify a value, AWS CloudFormation generates a random ID. When using a V2 replication configuration this property is capitalized as \"ID\".", - "title": "Id", + "VpcId": { + "markdownDescription": "", + "title": "VpcId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::S3Outposts::Bucket": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "Prefix": { - "markdownDescription": "An object key name prefix that identifies the object or objects to which the rule applies. The maximum prefix length is 1,024 characters. To include all objects in a bucket, specify an empty string. To filter using a V1 replication configuration, add the `Prefix` directly as a child element of the `Rule` element.\n\n> Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints) .", - "title": "Prefix", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Priority": { - "markdownDescription": "The priority indicates which rule has precedence whenever two or more replication rules conflict. Amazon S3 will attempt to replicate objects according to all replication rules. However, if there are two or more rules with the same destination bucket, then objects will be replicated according to the rule with the highest priority. The higher the number, the higher the priority.\n\nFor more information, see [Replication](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication.html) in the *Amazon S3 User Guide* .", - "title": "Priority", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SourceSelectionCriteria": { - "$ref": "#/definitions/AWS::S3::Bucket.SourceSelectionCriteria", - "markdownDescription": "A container that describes additional filters for identifying the source objects that you want to replicate. You can choose to enable or disable the replication of these objects.", - "title": "SourceSelectionCriteria" + "Metadata": { + "type": "object" }, - "Status": { - "markdownDescription": "Specifies whether the rule is enabled.", - "title": "Status", + "Properties": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "A name for the S3 on Outposts bucket. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the bucket name. The bucket name must contain only lowercase letters, numbers, periods (.), and dashes (-) and must follow [Amazon S3 bucket restrictions and limitations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/BucketRestrictions.html) . For more information, see [Bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/BucketRestrictions.html#bucketnamingrules) .\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you need to replace the resource, specify a new name.", + "title": "BucketName", + "type": "string" + }, + "LifecycleConfiguration": { + "$ref": "#/definitions/AWS::S3Outposts::Bucket.LifecycleConfiguration", + "markdownDescription": "Creates a new lifecycle configuration for the S3 on Outposts bucket or replaces an existing lifecycle configuration. Outposts buckets only support lifecycle configurations that delete/expire objects after a certain period of time and abort incomplete multipart uploads.", + "title": "LifecycleConfiguration" + }, + "OutpostId": { + "markdownDescription": "The ID of the Outpost of the specified bucket.", + "title": "OutpostId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Sets the tags for an S3 on Outposts bucket. For more information, see [Using Amazon S3 on Outposts](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) .\n\nUse tags to organize your AWS bill to reflect your own cost structure. To do this, sign up to get your AWS account bill with tag key values included. Then, to see the cost of combined resources, organize your billing information according to resources with the same tag key values. For example, you can tag several resources with a specific application name, and then organize your billing information to see the total cost of that application across several services. For more information, see [Cost allocation and tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html) .\n\n> Within a bucket, if you add a tag that has the same key as an existing tag, the new value overwrites the old value. For more information, see [Using cost allocation and bucket tags](https://docs.aws.amazon.com/AmazonS3/latest/userguide/CostAllocTagging.html) . \n\nTo use this resource, you must have permissions to perform the `s3-outposts:PutBucketTagging` . The S3 on Outposts bucket owner has this permission by default and can grant this permission to others. For more information about permissions, see [Permissions Related to Bucket Subresource Operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) and [Managing access permissions to your Amazon S3 resources](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "BucketName", + "OutpostId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::S3Outposts::Bucket" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Destination", - "Status" + "Type", + "Properties" ], "type": "object" }, - "AWS::S3::Bucket.ReplicationRuleAndOperator": { + "AWS::S3Outposts::Bucket.AbortIncompleteMultipartUpload": { "additionalProperties": false, "properties": { - "Prefix": { - "markdownDescription": "An object key name prefix that identifies the subset of objects to which the rule applies.", - "title": "Prefix", - "type": "string" - }, - "TagFilters": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.TagFilter" - }, - "markdownDescription": "An array of tags containing key and value pairs.", - "title": "TagFilters", - "type": "array" + "DaysAfterInitiation": { + "markdownDescription": "Specifies the number of days after initiation that Amazon S3 on Outposts aborts an incomplete multipart upload.", + "title": "DaysAfterInitiation", + "type": "number" } }, + "required": [ + "DaysAfterInitiation" + ], "type": "object" }, - "AWS::S3::Bucket.ReplicationRuleFilter": { + "AWS::S3Outposts::Bucket.Filter": { "additionalProperties": false, "properties": { - "And": { - "$ref": "#/definitions/AWS::S3::Bucket.ReplicationRuleAndOperator", - "markdownDescription": "A container for specifying rule filters. The filters determine the subset of objects to which the rule applies. This element is required only if you specify more than one filter. For example:\n\n- If you specify both a `Prefix` and a `TagFilter` , wrap these filters in an `And` tag.\n- If you specify a filter based on multiple tags, wrap the `TagFilter` elements in an `And` tag.", - "title": "And" + "AndOperator": { + "$ref": "#/definitions/AWS::S3Outposts::Bucket.FilterAndOperator", + "markdownDescription": "", + "title": "AndOperator" }, "Prefix": { - "markdownDescription": "An object key name prefix that identifies the subset of objects to which the rule applies.\n\n> Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints) .", + "markdownDescription": "", "title": "Prefix", "type": "string" }, - "TagFilter": { - "$ref": "#/definitions/AWS::S3::Bucket.TagFilter", - "markdownDescription": "A container for specifying a tag key and value.\n\nThe rule applies only to objects that have the tag in their tag set.", - "title": "TagFilter" + "Tag": { + "$ref": "#/definitions/AWS::S3Outposts::Bucket.FilterTag", + "markdownDescription": "", + "title": "Tag" } }, "type": "object" }, - "AWS::S3::Bucket.ReplicationTime": { + "AWS::S3Outposts::Bucket.FilterAndOperator": { "additionalProperties": false, "properties": { - "Status": { - "markdownDescription": "Specifies whether the replication time is enabled.", - "title": "Status", + "Prefix": { + "markdownDescription": "", + "title": "Prefix", "type": "string" }, - "Time": { - "$ref": "#/definitions/AWS::S3::Bucket.ReplicationTimeValue", - "markdownDescription": "A container specifying the time by which replication should be complete for all objects and operations on objects.", - "title": "Time" + "Tags": { + "items": { + "$ref": "#/definitions/AWS::S3Outposts::Bucket.FilterTag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" } }, "required": [ - "Status", - "Time" + "Tags" ], "type": "object" }, - "AWS::S3::Bucket.ReplicationTimeValue": { + "AWS::S3Outposts::Bucket.FilterTag": { "additionalProperties": false, "properties": { - "Minutes": { - "markdownDescription": "Contains an integer specifying time in minutes.\n\nValid value: 15", - "title": "Minutes", - "type": "number" + "Key": { + "markdownDescription": "", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "", + "title": "Value", + "type": "string" } }, "required": [ - "Minutes" + "Key", + "Value" ], "type": "object" }, - "AWS::S3::Bucket.RoutingRule": { + "AWS::S3Outposts::Bucket.LifecycleConfiguration": { "additionalProperties": false, "properties": { - "RedirectRule": { - "$ref": "#/definitions/AWS::S3::Bucket.RedirectRule", - "markdownDescription": "Container for redirect information. You can redirect requests to another host, to another page, or with another protocol. In the event of an error, you can specify a different error code to return.", - "title": "RedirectRule" - }, - "RoutingRuleCondition": { - "$ref": "#/definitions/AWS::S3::Bucket.RoutingRuleCondition", - "markdownDescription": "A container for describing a condition that must be met for the specified redirect to apply. For example, 1. If request is for pages in the `/docs` folder, redirect to the `/documents` folder. 2. If request results in HTTP error 4xx, redirect request to another host where you might process the error.", - "title": "RoutingRuleCondition" + "Rules": { + "items": { + "$ref": "#/definitions/AWS::S3Outposts::Bucket.Rule" + }, + "markdownDescription": "The container for the lifecycle configuration rules for the objects stored in the S3 on Outposts bucket.", + "title": "Rules", + "type": "array" } }, "required": [ - "RedirectRule" + "Rules" ], "type": "object" }, - "AWS::S3::Bucket.RoutingRuleCondition": { - "additionalProperties": false, - "properties": { - "HttpErrorCodeReturnedEquals": { - "markdownDescription": "The HTTP error code when the redirect is applied. In the event of an error, if the error code equals this value, then the specified redirect is applied.\n\nRequired when parent element `Condition` is specified and sibling `KeyPrefixEquals` is not specified. If both are specified, then both must be true for the redirect to be applied.", - "title": "HttpErrorCodeReturnedEquals", - "type": "string" - }, - "KeyPrefixEquals": { - "markdownDescription": "The object key name prefix when the redirect is applied. For example, to redirect requests for `ExamplePage.html` , the key prefix will be `ExamplePage.html` . To redirect request for all pages with the prefix `docs/` , the key prefix will be `docs/` , which identifies all objects in the docs/ folder.\n\nRequired when the parent element `Condition` is specified and sibling `HttpErrorCodeReturnedEquals` is not specified. If both conditions are specified, both must be true for the redirect to be applied.", - "title": "KeyPrefixEquals", - "type": "string" - } - }, - "type": "object" - }, - "AWS::S3::Bucket.Rule": { + "AWS::S3Outposts::Bucket.Rule": { "additionalProperties": false, "properties": { "AbortIncompleteMultipartUpload": { - "$ref": "#/definitions/AWS::S3::Bucket.AbortIncompleteMultipartUpload", - "markdownDescription": "Specifies a lifecycle rule that stops incomplete multipart uploads to an Amazon S3 bucket.", + "$ref": "#/definitions/AWS::S3Outposts::Bucket.AbortIncompleteMultipartUpload", + "markdownDescription": "The container for the abort incomplete multipart upload rule.", "title": "AbortIncompleteMultipartUpload" }, "ExpirationDate": { - "markdownDescription": "Indicates when objects are deleted from Amazon S3 and Amazon S3 Glacier. The date value must be in ISO 8601 format. The time is always midnight UTC. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time.", + "markdownDescription": "Specifies the expiration for the lifecycle of the object by specifying an expiry date.", "title": "ExpirationDate", "type": "string" }, "ExpirationInDays": { - "markdownDescription": "Indicates the number of days after creation when objects are deleted from Amazon S3 and Amazon S3 Glacier. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time.", + "markdownDescription": "Specifies the expiration for the lifecycle of the object in the form of days that the object has been in the S3 on Outposts bucket.", "title": "ExpirationInDays", "type": "number" }, - "ExpiredObjectDeleteMarker": { - "markdownDescription": "Indicates whether Amazon S3 will remove a delete marker without any noncurrent versions. If set to true, the delete marker will be removed if there are no noncurrent versions. This cannot be specified with `ExpirationInDays` , `ExpirationDate` , or `TagFilters` .", - "title": "ExpiredObjectDeleteMarker", - "type": "boolean" + "Filter": { + "$ref": "#/definitions/AWS::S3Outposts::Bucket.Filter", + "markdownDescription": "The container for the filter of the lifecycle rule.", + "title": "Filter" }, "Id": { - "markdownDescription": "Unique identifier for the rule. The value can't be longer than 255 characters.", + "markdownDescription": "", "title": "Id", "type": "string" }, - "NoncurrentVersionExpiration": { - "$ref": "#/definitions/AWS::S3::Bucket.NoncurrentVersionExpiration", - "markdownDescription": "Specifies when noncurrent object versions expire. Upon expiration, Amazon S3 permanently deletes the noncurrent object versions. You set this lifecycle configuration action on a bucket that has versioning enabled (or suspended) to request that Amazon S3 delete noncurrent object versions at a specific period in the object's lifetime.", - "title": "NoncurrentVersionExpiration" - }, - "NoncurrentVersionExpirationInDays": { - "markdownDescription": "(Deprecated.) For buckets with versioning enabled (or suspended), specifies the time, in days, between when a new version of the object is uploaded to the bucket and when old versions of the object expire. When object versions expire, Amazon S3 permanently deletes them. If you specify a transition and expiration time, the expiration time must be later than the transition time.", - "title": "NoncurrentVersionExpirationInDays", - "type": "number" - }, - "NoncurrentVersionTransition": { - "$ref": "#/definitions/AWS::S3::Bucket.NoncurrentVersionTransition", - "markdownDescription": "(Deprecated.) For buckets with versioning enabled (or suspended), specifies when non-current objects transition to a specified storage class. If you specify a transition and expiration time, the expiration time must be later than the transition time. If you specify this property, don't specify the `NoncurrentVersionTransitions` property.", - "title": "NoncurrentVersionTransition" - }, - "NoncurrentVersionTransitions": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.NoncurrentVersionTransition" - }, - "markdownDescription": "For buckets with versioning enabled (or suspended), one or more transition rules that specify when non-current objects transition to a specified storage class. If you specify a transition and expiration time, the expiration time must be later than the transition time. If you specify this property, don't specify the `NoncurrentVersionTransition` property.", - "title": "NoncurrentVersionTransitions", - "type": "array" - }, - "ObjectSizeGreaterThan": { - "markdownDescription": "Specifies the minimum object size in bytes for this rule to apply to. Objects must be larger than this value in bytes. For more information about size based rules, see [Lifecycle configuration using size-based rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-configuration-examples.html#lc-size-rules) in the *Amazon S3 User Guide* .", - "title": "ObjectSizeGreaterThan", - "type": "string" - }, - "ObjectSizeLessThan": { - "markdownDescription": "Specifies the maximum object size in bytes for this rule to apply to. Objects must be smaller than this value in bytes. For more information about sized based rules, see [Lifecycle configuration using size-based rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-configuration-examples.html#lc-size-rules) in the *Amazon S3 User Guide* .", - "title": "ObjectSizeLessThan", - "type": "string" - }, - "Prefix": { - "markdownDescription": "Object key prefix that identifies one or more objects to which this rule applies.\n\n> Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints) .", - "title": "Prefix", - "type": "string" - }, "Status": { "markdownDescription": "If `Enabled` , the rule is currently being applied. If `Disabled` , the rule is not currently being applied.", "title": "Status", "type": "string" - }, - "TagFilters": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.TagFilter" - }, - "markdownDescription": "Tags to use to identify a subset of objects to which the lifecycle rule applies.", - "title": "TagFilters", - "type": "array" - }, - "Transition": { - "$ref": "#/definitions/AWS::S3::Bucket.Transition", - "markdownDescription": "(Deprecated.) Specifies when an object transitions to a specified storage class. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time. If you specify this property, don't specify the `Transitions` property.", - "title": "Transition" - }, - "Transitions": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.Transition" - }, - "markdownDescription": "One or more transition rules that specify when an object transitions to a specified storage class. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time. If you specify this property, don't specify the `Transition` property.", - "title": "Transitions", - "type": "array" } }, "required": [ @@ -236522,248 +281889,589 @@ ], "type": "object" }, - "AWS::S3::Bucket.S3KeyFilter": { + "AWS::S3Outposts::BucketPolicy": { "additionalProperties": false, "properties": { - "Rules": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.FilterRule" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The name of the Amazon S3 Outposts bucket to which the policy applies.", + "title": "Bucket", + "type": "string" + }, + "PolicyDocument": { + "markdownDescription": "A policy document containing permissions to add to the specified bucket. In IAM, you must provide policy documents in JSON format. However, in CloudFormation, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to IAM. For more information, see the AWS::IAM::Policy [PolicyDocument](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html#cfn-iam-policy-policydocument) resource description in this guide and [Access Policy Language Overview](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-policy-language-overview.html) .", + "title": "PolicyDocument", + "type": "object" + } }, - "markdownDescription": "A list of containers for the key-value pair that defines the criteria for the filter rule.", - "title": "Rules", - "type": "array" + "required": [ + "Bucket", + "PolicyDocument" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::S3Outposts::BucketPolicy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Rules" + "Type", + "Properties" ], "type": "object" }, - "AWS::S3::Bucket.ServerSideEncryptionByDefault": { + "AWS::S3Outposts::Endpoint": { "additionalProperties": false, "properties": { - "KMSMasterKeyID": { - "markdownDescription": "AWS Key Management Service (KMS) customer managed key ID to use for the default encryption.\n\n> - *General purpose buckets* - This parameter is allowed if and only if `SSEAlgorithm` is set to `aws:kms` or `aws:kms:dsse` .\n> - *Directory buckets* - This parameter is allowed if and only if `SSEAlgorithm` is set to `aws:kms` . \n\nYou can specify the key ID, key alias, or the Amazon Resource Name (ARN) of the KMS key.\n\n- Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key ARN: `arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key Alias: `alias/alias-name`\n\nIf you are using encryption with cross-account or AWS service operations, you must use a fully qualified KMS key ARN. For more information, see [Using encryption for cross-account operations](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html#bucket-encryption-update-bucket-policy) .\n\n> - *General purpose buckets* - If you're specifying a customer managed KMS key, we recommend using a fully qualified KMS key ARN. If you use a KMS key alias instead, then AWS KMS resolves the key within the requester\u2019s account. This behavior can result in data that's encrypted with a KMS key that belongs to the requester, and not the bucket owner. Also, if you use a key ID, you can run into a LogDestination undeliverable error when creating a VPC flow log.\n> - *Directory buckets* - When you specify an [AWS KMS customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk) for encryption in your directory bucket, only use the key ID or key ARN. The key alias format of the KMS key isn't supported. > Amazon S3 only supports symmetric encryption KMS keys. For more information, see [Asymmetric keys in AWS KMS](https://docs.aws.amazon.com//kms/latest/developerguide/symmetric-asymmetric.html) in the *AWS Key Management Service Developer Guide* .", - "title": "KMSMasterKeyID", + "Condition": { "type": "string" }, - "SSEAlgorithm": { - "markdownDescription": "Server-side encryption algorithm to use for the default encryption.\n\n> For directory buckets, there are only two supported values for server-side encryption: `AES256` and `aws:kms` .", - "title": "SSEAlgorithm", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AccessType": { + "markdownDescription": "The container for the type of connectivity used to access the Amazon S3 on Outposts endpoint. To use the Amazon VPC , choose `Private` . To use the endpoint with an on-premises network, choose `CustomerOwnedIp` . If you choose `CustomerOwnedIp` , you must also provide the customer-owned IP address pool (CoIP pool).\n\n> `Private` is the default access type value.", + "title": "AccessType", + "type": "string" + }, + "CustomerOwnedIpv4Pool": { + "markdownDescription": "The ID of the customer-owned IPv4 address pool (CoIP pool) for the endpoint. IP addresses are allocated from this pool for the endpoint.", + "title": "CustomerOwnedIpv4Pool", + "type": "string" + }, + "FailedReason": { + "$ref": "#/definitions/AWS::S3Outposts::Endpoint.FailedReason", + "markdownDescription": "The failure reason, if any, for a create or delete endpoint operation.", + "title": "FailedReason" + }, + "OutpostId": { + "markdownDescription": "The ID of the Outpost.", + "title": "OutpostId", + "type": "string" + }, + "SecurityGroupId": { + "markdownDescription": "The ID of the security group used for the endpoint.", + "title": "SecurityGroupId", + "type": "string" + }, + "SubnetId": { + "markdownDescription": "The ID of the subnet used for the endpoint.", + "title": "SubnetId", + "type": "string" + } + }, + "required": [ + "OutpostId", + "SecurityGroupId", + "SubnetId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::S3Outposts::Endpoint" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "SSEAlgorithm" + "Type", + "Properties" ], "type": "object" }, - "AWS::S3::Bucket.ServerSideEncryptionRule": { + "AWS::S3Outposts::Endpoint.FailedReason": { "additionalProperties": false, "properties": { - "BucketKeyEnabled": { - "markdownDescription": "Specifies whether Amazon S3 should use an S3 Bucket Key with server-side encryption using KMS (SSE-KMS) for new objects in the bucket. Existing objects are not affected. Setting the `BucketKeyEnabled` element to `true` causes Amazon S3 to use an S3 Bucket Key. By default, S3 Bucket Key is not enabled.\n\nFor more information, see [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) in the *Amazon S3 User Guide* .", - "title": "BucketKeyEnabled", - "type": "boolean" + "ErrorCode": { + "markdownDescription": "The failure code, if any, for a create or delete endpoint operation.", + "title": "ErrorCode", + "type": "string" }, - "ServerSideEncryptionByDefault": { - "$ref": "#/definitions/AWS::S3::Bucket.ServerSideEncryptionByDefault", - "markdownDescription": "Specifies the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied.", - "title": "ServerSideEncryptionByDefault" + "Message": { + "markdownDescription": "Additional error details describing the endpoint failure and recommended action.", + "title": "Message", + "type": "string" } }, "type": "object" }, - "AWS::S3::Bucket.SourceSelectionCriteria": { + "AWS::S3Outposts::Endpoint.NetworkInterface": { "additionalProperties": false, "properties": { - "ReplicaModifications": { - "$ref": "#/definitions/AWS::S3::Bucket.ReplicaModifications", - "markdownDescription": "A filter that you can specify for selection for modifications on replicas.", - "title": "ReplicaModifications" - }, - "SseKmsEncryptedObjects": { - "$ref": "#/definitions/AWS::S3::Bucket.SseKmsEncryptedObjects", - "markdownDescription": "A container for filter information for the selection of Amazon S3 objects encrypted with AWS KMS.", - "title": "SseKmsEncryptedObjects" + "NetworkInterfaceId": { + "markdownDescription": "The ID for the network interface.", + "title": "NetworkInterfaceId", + "type": "string" } }, + "required": [ + "NetworkInterfaceId" + ], "type": "object" }, - "AWS::S3::Bucket.SseKmsEncryptedObjects": { + "AWS::S3Tables::Namespace": { "additionalProperties": false, "properties": { - "Status": { - "markdownDescription": "Specifies whether Amazon S3 replicates objects created with server-side encryption using an AWS KMS key stored in AWS Key Management Service.", - "title": "Status", + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Namespace": { + "markdownDescription": "The name of the namespace.", + "title": "Namespace", + "type": "string" + }, + "TableBucketARN": { + "markdownDescription": "", + "title": "TableBucketARN", + "type": "string" + } + }, + "required": [ + "Namespace", + "TableBucketARN" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::S3Tables::Namespace" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Status" + "Type", + "Properties" ], "type": "object" }, - "AWS::S3::Bucket.StorageClassAnalysis": { + "AWS::S3Tables::Table": { "additionalProperties": false, "properties": { - "DataExport": { - "$ref": "#/definitions/AWS::S3::Bucket.DataExport", - "markdownDescription": "Specifies how data related to the storage class analysis for an Amazon S3 bucket should be exported.", - "title": "DataExport" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Compaction": { + "$ref": "#/definitions/AWS::S3Tables::Table.Compaction", + "markdownDescription": "", + "title": "Compaction" + }, + "IcebergMetadata": { + "$ref": "#/definitions/AWS::S3Tables::Table.IcebergMetadata", + "markdownDescription": "Contains details about the metadata for an Iceberg table.", + "title": "IcebergMetadata" + }, + "Namespace": { + "markdownDescription": "The name of the namespace.", + "title": "Namespace", + "type": "string" + }, + "OpenTableFormat": { + "markdownDescription": "", + "title": "OpenTableFormat", + "type": "string" + }, + "SnapshotManagement": { + "$ref": "#/definitions/AWS::S3Tables::Table.SnapshotManagement", + "markdownDescription": "", + "title": "SnapshotManagement" + }, + "TableBucketARN": { + "markdownDescription": "", + "title": "TableBucketARN", + "type": "string" + }, + "TableName": { + "markdownDescription": "", + "title": "TableName", + "type": "string" + }, + "WithoutMetadata": { + "markdownDescription": "", + "title": "WithoutMetadata", + "type": "string" + } + }, + "required": [ + "Namespace", + "OpenTableFormat", + "TableBucketARN", + "TableName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::S3Tables::Table" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::S3::Bucket.TagFilter": { + "AWS::S3Tables::Table.Compaction": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The tag key.", - "title": "Key", + "Status": { + "markdownDescription": "", + "title": "Status", "type": "string" }, - "Value": { - "markdownDescription": "The tag value.", - "title": "Value", - "type": "string" + "TargetFileSizeMB": { + "markdownDescription": "", + "title": "TargetFileSizeMB", + "type": "number" + } + }, + "type": "object" + }, + "AWS::S3Tables::Table.IcebergMetadata": { + "additionalProperties": false, + "properties": { + "IcebergSchema": { + "$ref": "#/definitions/AWS::S3Tables::Table.IcebergSchema", + "markdownDescription": "", + "title": "IcebergSchema" } }, "required": [ - "Key", - "Value" + "IcebergSchema" ], "type": "object" }, - "AWS::S3::Bucket.TargetObjectKeyFormat": { + "AWS::S3Tables::Table.IcebergSchema": { "additionalProperties": false, "properties": { - "PartitionedPrefix": { - "$ref": "#/definitions/AWS::S3::Bucket.PartitionedPrefix", - "markdownDescription": "Partitioned S3 key for log objects.", - "title": "PartitionedPrefix" - }, - "SimplePrefix": { - "markdownDescription": "To use the simple format for S3 keys for log objects. To specify SimplePrefix format, set SimplePrefix to {}.", - "title": "SimplePrefix", - "type": "object" + "SchemaFieldList": { + "items": { + "$ref": "#/definitions/AWS::S3Tables::Table.SchemaField" + }, + "markdownDescription": "", + "title": "SchemaFieldList", + "type": "array" } }, + "required": [ + "SchemaFieldList" + ], "type": "object" }, - "AWS::S3::Bucket.Tiering": { + "AWS::S3Tables::Table.SchemaField": { "additionalProperties": false, "properties": { - "AccessTier": { - "markdownDescription": "S3 Intelligent-Tiering access tier. See [Storage class for automatically optimizing frequently and infrequently accessed objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html#sc-dynamic-data-access) for a list of access tiers in the S3 Intelligent-Tiering storage class.", - "title": "AccessTier", + "Name": { + "markdownDescription": "The name of the field.", + "title": "Name", "type": "string" }, - "Days": { - "markdownDescription": "The number of consecutive days of no access after which an object will be eligible to be transitioned to the corresponding tier. The minimum number of days specified for Archive Access tier must be at least 90 days and Deep Archive Access tier must be at least 180 days. The maximum can be up to 2 years (730 days).", - "title": "Days", - "type": "number" + "Required": { + "markdownDescription": "A Boolean value that specifies whether values are required for each row in this field. By default, this is `false` and null values are allowed in the field. If this is `true` the field does not allow null values.", + "title": "Required", + "type": "boolean" + }, + "Type": { + "markdownDescription": "The field type. S3 Tables supports all Apache Iceberg primitive types. For more information, see the [Apache Iceberg documentation](https://docs.aws.amazon.com/https://iceberg.apache.org/spec/#primitive-types) .", + "title": "Type", + "type": "string" } }, "required": [ - "AccessTier", - "Days" + "Name", + "Type" ], "type": "object" }, - "AWS::S3::Bucket.TopicConfiguration": { + "AWS::S3Tables::Table.SnapshotManagement": { "additionalProperties": false, "properties": { - "Event": { - "markdownDescription": "The Amazon S3 bucket event about which to send notifications. For more information, see [Supported Event Types](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide* .", - "title": "Event", - "type": "string" + "MaxSnapshotAgeHours": { + "markdownDescription": "", + "title": "MaxSnapshotAgeHours", + "type": "number" }, - "Filter": { - "$ref": "#/definitions/AWS::S3::Bucket.NotificationFilter", - "markdownDescription": "The filtering rules that determine for which objects to send notifications. For example, you can create a filter so that Amazon S3 sends notifications only when image files with a `.jpg` extension are added to the bucket.", - "title": "Filter" + "MinSnapshotsToKeep": { + "markdownDescription": "", + "title": "MinSnapshotsToKeep", + "type": "number" }, - "Topic": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to which Amazon S3 publishes a message when it detects events of the specified type.", - "title": "Topic", + "Status": { + "markdownDescription": "", + "title": "Status", "type": "string" } }, - "required": [ - "Event", - "Topic" - ], "type": "object" }, - "AWS::S3::Bucket.Transition": { + "AWS::S3Tables::TableBucket": { "additionalProperties": false, "properties": { - "StorageClass": { - "markdownDescription": "The storage class to which you want the object to transition.", - "title": "StorageClass", + "Condition": { "type": "string" }, - "TransitionDate": { - "markdownDescription": "Indicates when objects are transitioned to the specified storage class. The date value must be in ISO 8601 format. The time is always midnight UTC.", - "title": "TransitionDate", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "TransitionInDays": { - "markdownDescription": "Indicates the number of days after creation when objects are transitioned to the specified storage class. If the specified storage class is `INTELLIGENT_TIERING` , `GLACIER_IR` , `GLACIER` , or `DEEP_ARCHIVE` , valid values are `0` or positive integers. If the specified storage class is `STANDARD_IA` or `ONEZONE_IA` , valid values are positive integers greater than `30` . Be aware that some storage classes have a minimum storage duration and that you're charged for transitioning objects before their minimum storage duration. For more information, see [Constraints and considerations for transitions](https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-transition-general-considerations.html#lifecycle-configuration-constraints) in the *Amazon S3 User Guide* .", - "title": "TransitionInDays", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::S3Tables::TableBucket.EncryptionConfiguration", + "markdownDescription": "Configuration specifying how data should be encrypted. This structure defines the encryption algorithm and optional KMS key to be used for server-side encryption.", + "title": "EncryptionConfiguration" + }, + "TableBucketName": { + "markdownDescription": "The name for the table bucket.", + "title": "TableBucketName", + "type": "string" + }, + "UnreferencedFileRemoval": { + "$ref": "#/definitions/AWS::S3Tables::TableBucket.UnreferencedFileRemoval", + "markdownDescription": "The unreferenced file removal settings for your table bucket. Unreferenced file removal identifies and deletes all objects that are not referenced by any table snapshots. For more information, see the [*Amazon S3 User Guide*](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-table-buckets-maintenance.html) .", + "title": "UnreferencedFileRemoval" + } + }, + "required": [ + "TableBucketName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::S3Tables::TableBucket" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "StorageClass" + "Type", + "Properties" ], "type": "object" }, - "AWS::S3::Bucket.VersioningConfiguration": { + "AWS::S3Tables::TableBucket.EncryptionConfiguration": { "additionalProperties": false, "properties": { - "Status": { - "markdownDescription": "The versioning state of the bucket.", - "title": "Status", + "KMSKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key to use for encryption. This field is required only when `sseAlgorithm` is set to `aws:kms` .", + "title": "KMSKeyArn", + "type": "string" + }, + "SSEAlgorithm": { + "markdownDescription": "The server-side encryption algorithm to use. Valid values are `AES256` for S3-managed encryption keys, or `aws:kms` for AWS KMS-managed encryption keys. If you choose SSE-KMS encryption you must grant the S3 Tables maintenance principal access to your KMS key. For more information, see [Permissions requirements for S3 Tables SSE-KMS encryption](https://docs.aws.amazon.com//AmazonS3/latest/userguide/s3-tables-kms-permissions.html) .", + "title": "SSEAlgorithm", "type": "string" } }, - "required": [ - "Status" - ], "type": "object" }, - "AWS::S3::Bucket.WebsiteConfiguration": { + "AWS::S3Tables::TableBucket.UnreferencedFileRemoval": { "additionalProperties": false, "properties": { - "ErrorDocument": { - "markdownDescription": "The name of the error document for the website.", - "title": "ErrorDocument", - "type": "string" + "NoncurrentDays": { + "markdownDescription": "The number of days an object can be noncurrent before Amazon S3 deletes it.", + "title": "NoncurrentDays", + "type": "number" }, - "IndexDocument": { - "markdownDescription": "The name of the index document for the website.", - "title": "IndexDocument", + "Status": { + "markdownDescription": "The status of the unreferenced file removal configuration for your table bucket.", + "title": "Status", "type": "string" }, - "RedirectAllRequestsTo": { - "$ref": "#/definitions/AWS::S3::Bucket.RedirectAllRequestsTo", - "markdownDescription": "The redirect behavior for every request to this bucket's website endpoint.\n\n> If you specify this property, you can't specify any other property.", - "title": "RedirectAllRequestsTo" - }, - "RoutingRules": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.RoutingRule" - }, - "markdownDescription": "Rules that define when a redirect is applied and the redirect behavior.", - "title": "RoutingRules", - "type": "array" + "UnreferencedDays": { + "markdownDescription": "The number of days an object must be unreferenced by your table before Amazon S3 marks the object as noncurrent.", + "title": "UnreferencedDays", + "type": "number" } }, "type": "object" }, - "AWS::S3::BucketPolicy": { + "AWS::S3Tables::TableBucketPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -236798,26 +282506,26 @@ "Properties": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The name of the Amazon S3 bucket to which the policy applies.", - "title": "Bucket", - "type": "string" - }, - "PolicyDocument": { - "markdownDescription": "A policy document containing permissions to add to the specified bucket. In IAM, you must provide policy documents in JSON format. However, in CloudFormation you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to IAM. For more information, see the AWS::IAM::Policy [PolicyDocument](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html#cfn-iam-policy-policydocument) resource description in this guide and [Access Policy Language Overview](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-policy-language-overview.html) in the *Amazon S3 User Guide* .", - "title": "PolicyDocument", + "ResourcePolicy": { + "markdownDescription": "The bucket policy JSON for the table bucket.", + "title": "ResourcePolicy", "type": "object" + }, + "TableBucketARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the table bucket.", + "title": "TableBucketARN", + "type": "string" } }, "required": [ - "Bucket", - "PolicyDocument" + "ResourcePolicy", + "TableBucketARN" ], "type": "object" }, "Type": { "enum": [ - "AWS::S3::BucketPolicy" + "AWS::S3Tables::TableBucketPolicy" ], "type": "string" }, @@ -236836,7 +282544,7 @@ ], "type": "object" }, - "AWS::S3::MultiRegionAccessPoint": { + "AWS::S3Tables::TablePolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -236871,33 +282579,26 @@ "Properties": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the Multi-Region Access Point.", - "title": "Name", - "type": "string" - }, - "PublicAccessBlockConfiguration": { - "$ref": "#/definitions/AWS::S3::MultiRegionAccessPoint.PublicAccessBlockConfiguration", - "markdownDescription": "The PublicAccessBlock configuration that you want to apply to this Multi-Region Access Point. You can enable the configuration options in any combination. For more information about when Amazon S3 considers an object public, see [The Meaning of \"Public\"](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status) in the *Amazon S3 User Guide* .", - "title": "PublicAccessBlockConfiguration" + "ResourcePolicy": { + "markdownDescription": "", + "title": "ResourcePolicy", + "type": "object" }, - "Regions": { - "items": { - "$ref": "#/definitions/AWS::S3::MultiRegionAccessPoint.Region" - }, - "markdownDescription": "A collection of the Regions and buckets associated with the Multi-Region Access Point.", - "title": "Regions", - "type": "array" + "TableARN": { + "markdownDescription": "", + "title": "TableARN", + "type": "string" } }, "required": [ - "Regions" + "ResourcePolicy", + "TableARN" ], "type": "object" }, "Type": { "enum": [ - "AWS::S3::MultiRegionAccessPoint" + "AWS::S3Tables::TablePolicy" ], "type": "string" }, @@ -236916,52 +282617,7 @@ ], "type": "object" }, - "AWS::S3::MultiRegionAccessPoint.PublicAccessBlockConfiguration": { - "additionalProperties": false, - "properties": { - "BlockPublicAcls": { - "markdownDescription": "Specifies whether Amazon S3 should block public access control lists (ACLs) for this bucket and objects in this bucket. Setting this element to `TRUE` causes the following behavior:\n\n- PUT Bucket ACL and PUT Object ACL calls fail if the specified ACL is public.\n- PUT Object calls fail if the request includes a public ACL.\n- PUT Bucket calls fail if the request includes a public ACL.\n\nEnabling this setting doesn't affect existing policies or ACLs.", - "title": "BlockPublicAcls", - "type": "boolean" - }, - "BlockPublicPolicy": { - "markdownDescription": "Specifies whether Amazon S3 should block public bucket policies for this bucket. Setting this element to `TRUE` causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.\n\nEnabling this setting doesn't affect existing bucket policies.", - "title": "BlockPublicPolicy", - "type": "boolean" - }, - "IgnorePublicAcls": { - "markdownDescription": "Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects in this bucket. Setting this element to `TRUE` causes Amazon S3 to ignore all public ACLs on this bucket and objects in this bucket.\n\nEnabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.", - "title": "IgnorePublicAcls", - "type": "boolean" - }, - "RestrictPublicBuckets": { - "markdownDescription": "Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to `TRUE` restricts access to this bucket to only AWS service principals and authorized users within this account if the bucket has a public policy.\n\nEnabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.", - "title": "RestrictPublicBuckets", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::S3::MultiRegionAccessPoint.Region": { - "additionalProperties": false, - "properties": { - "Bucket": { - "markdownDescription": "The name of the associated bucket for the Region.", - "title": "Bucket", - "type": "string" - }, - "BucketAccountId": { - "markdownDescription": "The AWS account ID that owns the Amazon S3 bucket that's associated with this Multi-Region Access Point.", - "title": "BucketAccountId", - "type": "string" - } - }, - "required": [ - "Bucket" - ], - "type": "object" - }, - "AWS::S3::MultiRegionAccessPointPolicy": { + "AWS::SDB::Domain": { "additionalProperties": false, "properties": { "Condition": { @@ -236996,26 +282652,17 @@ "Properties": { "additionalProperties": false, "properties": { - "MrapName": { - "markdownDescription": "The name of the Multi-Region Access Point.", - "title": "MrapName", + "Description": { + "markdownDescription": "Information about the SimpleDB domain.", + "title": "Description", "type": "string" - }, - "Policy": { - "markdownDescription": "The access policy associated with the Multi-Region Access Point.", - "title": "Policy", - "type": "object" } }, - "required": [ - "MrapName", - "Policy" - ], "type": "object" }, "Type": { "enum": [ - "AWS::S3::MultiRegionAccessPointPolicy" + "AWS::SDB::Domain" ], "type": "string" }, @@ -237029,26 +282676,11 @@ } }, "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::S3::MultiRegionAccessPointPolicy.PolicyStatus": { - "additionalProperties": false, - "properties": { - "IsPublic": { - "markdownDescription": "The policy status for this bucket. `TRUE` indicates that this bucket is public. `FALSE` indicates that the bucket is not public.", - "title": "IsPublic", - "type": "string" - } - }, - "required": [ - "IsPublic" + "Type" ], "type": "object" }, - "AWS::S3::StorageLens": { + "AWS::SES::ConfigurationSet": { "additionalProperties": false, "properties": { "Condition": { @@ -237083,28 +282715,55 @@ "Properties": { "additionalProperties": false, "properties": { - "StorageLensConfiguration": { - "$ref": "#/definitions/AWS::S3::StorageLens.StorageLensConfiguration", - "markdownDescription": "This resource contains the details Amazon S3 Storage Lens configuration.", - "title": "StorageLensConfiguration" + "DeliveryOptions": { + "$ref": "#/definitions/AWS::SES::ConfigurationSet.DeliveryOptions", + "markdownDescription": "Specifies the name of the dedicated IP pool to associate with the configuration set and whether messages that use the configuration set are required to use Transport Layer Security (TLS).", + "title": "DeliveryOptions" + }, + "Name": { + "markdownDescription": "The name of the configuration set. The name must meet the following requirements:\n\n- Contain only letters (a-z, A-Z), numbers (0-9), underscores (_), or dashes (-).\n- Contain 64 characters or fewer.", + "title": "Name", + "type": "string" + }, + "ReputationOptions": { + "$ref": "#/definitions/AWS::SES::ConfigurationSet.ReputationOptions", + "markdownDescription": "An object that defines whether or not Amazon SES collects reputation metrics for the emails that you send that use the configuration set.", + "title": "ReputationOptions" + }, + "SendingOptions": { + "$ref": "#/definitions/AWS::SES::ConfigurationSet.SendingOptions", + "markdownDescription": "An object that defines whether or not Amazon SES can send email that you send using the configuration set.", + "title": "SendingOptions" + }, + "SuppressionOptions": { + "$ref": "#/definitions/AWS::SES::ConfigurationSet.SuppressionOptions", + "markdownDescription": "An object that contains information about the suppression list preferences for your account.", + "title": "SuppressionOptions" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A set of tags (key\u2013value pairs) to associate with the Storage Lens configuration.", + "markdownDescription": "An array of objects that define the tags (keys and values) that are associated with the configuration set.", "title": "Tags", "type": "array" + }, + "TrackingOptions": { + "$ref": "#/definitions/AWS::SES::ConfigurationSet.TrackingOptions", + "markdownDescription": "An object that defines the open and click tracking options for emails that you send using the configuration set.", + "title": "TrackingOptions" + }, + "VdmOptions": { + "$ref": "#/definitions/AWS::SES::ConfigurationSet.VdmOptions", + "markdownDescription": "The Virtual Deliverability Manager (VDM) options that apply to the configuration set.", + "title": "VdmOptions" } }, - "required": [ - "StorageLensConfiguration" - ], "type": "object" }, "Type": { "enum": [ - "AWS::S3::StorageLens" + "AWS::SES::ConfigurationSet" ], "type": "string" }, @@ -237118,399 +282777,128 @@ } }, "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::S3::StorageLens.AccountLevel": { - "additionalProperties": false, - "properties": { - "ActivityMetrics": { - "$ref": "#/definitions/AWS::S3::StorageLens.ActivityMetrics", - "markdownDescription": "This property contains the details of account-level activity metrics for S3 Storage Lens.", - "title": "ActivityMetrics" - }, - "AdvancedCostOptimizationMetrics": { - "$ref": "#/definitions/AWS::S3::StorageLens.AdvancedCostOptimizationMetrics", - "markdownDescription": "This property contains the details of account-level advanced cost optimization metrics for S3 Storage Lens.", - "title": "AdvancedCostOptimizationMetrics" - }, - "AdvancedDataProtectionMetrics": { - "$ref": "#/definitions/AWS::S3::StorageLens.AdvancedDataProtectionMetrics", - "markdownDescription": "This property contains the details of account-level advanced data protection metrics for S3 Storage Lens.", - "title": "AdvancedDataProtectionMetrics" - }, - "BucketLevel": { - "$ref": "#/definitions/AWS::S3::StorageLens.BucketLevel", - "markdownDescription": "This property contains the details of the account-level bucket-level configurations for Amazon S3 Storage Lens. To enable bucket-level configurations, make sure to also set the same metrics at the account level.", - "title": "BucketLevel" - }, - "DetailedStatusCodesMetrics": { - "$ref": "#/definitions/AWS::S3::StorageLens.DetailedStatusCodesMetrics", - "markdownDescription": "This property contains the details of account-level detailed status code metrics for S3 Storage Lens.", - "title": "DetailedStatusCodesMetrics" - }, - "StorageLensGroupLevel": { - "$ref": "#/definitions/AWS::S3::StorageLens.StorageLensGroupLevel", - "markdownDescription": "This property determines the scope of Storage Lens group data that is displayed in the Storage Lens dashboard.", - "title": "StorageLensGroupLevel" - } - }, - "required": [ - "BucketLevel" + "Type" ], "type": "object" }, - "AWS::S3::StorageLens.ActivityMetrics": { - "additionalProperties": false, - "properties": { - "IsEnabled": { - "markdownDescription": "A property that indicates whether the activity metrics is enabled.", - "title": "IsEnabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::S3::StorageLens.AdvancedCostOptimizationMetrics": { - "additionalProperties": false, - "properties": { - "IsEnabled": { - "markdownDescription": "Indicates whether advanced cost optimization metrics are enabled.", - "title": "IsEnabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::S3::StorageLens.AdvancedDataProtectionMetrics": { - "additionalProperties": false, - "properties": { - "IsEnabled": { - "markdownDescription": "Indicates whether advanced data protection metrics are enabled.", - "title": "IsEnabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::S3::StorageLens.AwsOrg": { + "AWS::SES::ConfigurationSet.DashboardOptions": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "This resource contains the ARN of the AWS Organization.", - "title": "Arn", + "EngagementMetrics": { + "markdownDescription": "Specifies the status of your VDM engagement metrics collection. Can be one of the following:\n\n- `ENABLED` \u2013 Amazon SES enables engagement metrics for the configuration set.\n- `DISABLED` \u2013 Amazon SES disables engagement metrics for the configuration set.", + "title": "EngagementMetrics", "type": "string" } }, "required": [ - "Arn" + "EngagementMetrics" ], "type": "object" }, - "AWS::S3::StorageLens.BucketLevel": { + "AWS::SES::ConfigurationSet.DeliveryOptions": { "additionalProperties": false, "properties": { - "ActivityMetrics": { - "$ref": "#/definitions/AWS::S3::StorageLens.ActivityMetrics", - "markdownDescription": "A property for bucket-level activity metrics for S3 Storage Lens.", - "title": "ActivityMetrics" - }, - "AdvancedCostOptimizationMetrics": { - "$ref": "#/definitions/AWS::S3::StorageLens.AdvancedCostOptimizationMetrics", - "markdownDescription": "A property for bucket-level advanced cost optimization metrics for S3 Storage Lens.", - "title": "AdvancedCostOptimizationMetrics" - }, - "AdvancedDataProtectionMetrics": { - "$ref": "#/definitions/AWS::S3::StorageLens.AdvancedDataProtectionMetrics", - "markdownDescription": "A property for bucket-level advanced data protection metrics for S3 Storage Lens.", - "title": "AdvancedDataProtectionMetrics" - }, - "DetailedStatusCodesMetrics": { - "$ref": "#/definitions/AWS::S3::StorageLens.DetailedStatusCodesMetrics", - "markdownDescription": "A property for bucket-level detailed status code metrics for S3 Storage Lens.", - "title": "DetailedStatusCodesMetrics" + "MaxDeliverySeconds": { + "markdownDescription": "The maximum amount of time, in seconds, that Amazon SES API v2 will attempt delivery of email. If specified, the value must greater than or equal to 300 seconds (5 minutes) and less than or equal to 50400 seconds (840 minutes).", + "title": "MaxDeliverySeconds", + "type": "number" }, - "PrefixLevel": { - "$ref": "#/definitions/AWS::S3::StorageLens.PrefixLevel", - "markdownDescription": "A property for bucket-level prefix-level storage metrics for S3 Storage Lens.", - "title": "PrefixLevel" - } - }, - "type": "object" - }, - "AWS::S3::StorageLens.BucketsAndRegions": { - "additionalProperties": false, - "properties": { - "Buckets": { - "items": { - "type": "string" - }, - "markdownDescription": "This property contains the details of the buckets for the Amazon S3 Storage Lens configuration. This should be the bucket Amazon Resource Name(ARN). For valid values, see [Buckets ARN format here](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_Include.html#API_control_Include_Contents) in the *Amazon S3 API Reference* .", - "title": "Buckets", - "type": "array" + "SendingPoolName": { + "markdownDescription": "The name of the dedicated IP pool to associate with the configuration set.", + "title": "SendingPoolName", + "type": "string" }, - "Regions": { - "items": { - "type": "string" - }, - "markdownDescription": "This property contains the details of the Regions for the S3 Storage Lens configuration.", - "title": "Regions", - "type": "array" + "TlsPolicy": { + "markdownDescription": "Specifies whether messages that use the configuration set are required to use Transport Layer Security (TLS). If the value is `REQUIRE` , messages are only delivered if a TLS connection can be established. If the value is `OPTIONAL` , messages can be delivered in plain text if a TLS connection can't be established.\n\nValid Values: `REQUIRE | OPTIONAL`", + "title": "TlsPolicy", + "type": "string" } }, "type": "object" }, - "AWS::S3::StorageLens.CloudWatchMetrics": { + "AWS::SES::ConfigurationSet.GuardianOptions": { "additionalProperties": false, "properties": { - "IsEnabled": { - "markdownDescription": "This property identifies whether the CloudWatch publishing option for S3 Storage Lens is enabled.", - "title": "IsEnabled", - "type": "boolean" + "OptimizedSharedDelivery": { + "markdownDescription": "Specifies the status of your VDM optimized shared delivery. Can be one of the following:\n\n- `ENABLED` \u2013 Amazon SES enables optimized shared delivery for the configuration set.\n- `DISABLED` \u2013 Amazon SES disables optimized shared delivery for the configuration set.", + "title": "OptimizedSharedDelivery", + "type": "string" } }, "required": [ - "IsEnabled" + "OptimizedSharedDelivery" ], "type": "object" }, - "AWS::S3::StorageLens.DataExport": { - "additionalProperties": false, - "properties": { - "CloudWatchMetrics": { - "$ref": "#/definitions/AWS::S3::StorageLens.CloudWatchMetrics", - "markdownDescription": "This property enables the Amazon CloudWatch publishing option for S3 Storage Lens metrics.", - "title": "CloudWatchMetrics" - }, - "S3BucketDestination": { - "$ref": "#/definitions/AWS::S3::StorageLens.S3BucketDestination", - "markdownDescription": "This property contains the details of the bucket where the S3 Storage Lens metrics export will be placed.", - "title": "S3BucketDestination" - } - }, - "type": "object" - }, - "AWS::S3::StorageLens.DetailedStatusCodesMetrics": { + "AWS::SES::ConfigurationSet.ReputationOptions": { "additionalProperties": false, "properties": { - "IsEnabled": { - "markdownDescription": "Indicates whether detailed status code metrics are enabled.", - "title": "IsEnabled", + "ReputationMetricsEnabled": { + "markdownDescription": "If `true` , tracking of reputation metrics is enabled for the configuration set. If `false` , tracking of reputation metrics is disabled for the configuration set.", + "title": "ReputationMetricsEnabled", "type": "boolean" } }, "type": "object" }, - "AWS::S3::StorageLens.Encryption": { - "additionalProperties": false, - "properties": { - "SSEKMS": { - "$ref": "#/definitions/AWS::S3::StorageLens.SSEKMS", - "markdownDescription": "Specifies the use of AWS Key Management Service keys (SSE-KMS) to encrypt the S3 Storage Lens metrics export file.", - "title": "SSEKMS" - }, - "SSES3": { - "markdownDescription": "Specifies the use of an Amazon S3-managed key (SSE-S3) to encrypt the S3 Storage Lens metrics export file.", - "title": "SSES3", - "type": "object" - } - }, - "type": "object" - }, - "AWS::S3::StorageLens.PrefixLevel": { - "additionalProperties": false, - "properties": { - "StorageMetrics": { - "$ref": "#/definitions/AWS::S3::StorageLens.PrefixLevelStorageMetrics", - "markdownDescription": "A property for the prefix-level storage metrics for Amazon S3 Storage Lens.", - "title": "StorageMetrics" - } - }, - "required": [ - "StorageMetrics" - ], - "type": "object" - }, - "AWS::S3::StorageLens.PrefixLevelStorageMetrics": { + "AWS::SES::ConfigurationSet.SendingOptions": { "additionalProperties": false, "properties": { - "IsEnabled": { - "markdownDescription": "This property identifies whether the details of the prefix-level storage metrics for S3 Storage Lens are enabled.", - "title": "IsEnabled", + "SendingEnabled": { + "markdownDescription": "If `true` , email sending is enabled for the configuration set. If `false` , email sending is disabled for the configuration set.", + "title": "SendingEnabled", "type": "boolean" - }, - "SelectionCriteria": { - "$ref": "#/definitions/AWS::S3::StorageLens.SelectionCriteria", - "markdownDescription": "This property identifies whether the details of the prefix-level storage metrics for S3 Storage Lens are enabled.", - "title": "SelectionCriteria" - } - }, - "type": "object" - }, - "AWS::S3::StorageLens.S3BucketDestination": { - "additionalProperties": false, - "properties": { - "AccountId": { - "markdownDescription": "This property contains the details of the AWS account ID of the S3 Storage Lens export bucket destination.", - "title": "AccountId", - "type": "string" - }, - "Arn": { - "markdownDescription": "This property contains the details of the ARN of the bucket destination of the S3 Storage Lens export.", - "title": "Arn", - "type": "string" - }, - "Encryption": { - "$ref": "#/definitions/AWS::S3::StorageLens.Encryption", - "markdownDescription": "This property contains the details of the encryption of the bucket destination of the Amazon S3 Storage Lens metrics export.", - "title": "Encryption" - }, - "Format": { - "markdownDescription": "This property contains the details of the format of the S3 Storage Lens export bucket destination.", - "title": "Format", - "type": "string" - }, - "OutputSchemaVersion": { - "markdownDescription": "This property contains the details of the output schema version of the S3 Storage Lens export bucket destination.", - "title": "OutputSchemaVersion", - "type": "string" - }, - "Prefix": { - "markdownDescription": "This property contains the details of the prefix of the bucket destination of the S3 Storage Lens export .", - "title": "Prefix", - "type": "string" - } - }, - "required": [ - "AccountId", - "Arn", - "Format", - "OutputSchemaVersion" - ], - "type": "object" - }, - "AWS::S3::StorageLens.SSEKMS": { - "additionalProperties": false, - "properties": { - "KeyId": { - "markdownDescription": "Specifies the Amazon Resource Name (ARN) of the customer managed AWS KMS key to use for encrypting the S3 Storage Lens metrics export file. Amazon S3 only supports symmetric encryption keys. For more information, see [Special-purpose keys](https://docs.aws.amazon.com/kms/latest/developerguide/key-types.html) in the *AWS Key Management Service Developer Guide* .", - "title": "KeyId", - "type": "string" } }, - "required": [ - "KeyId" - ], "type": "object" }, - "AWS::S3::StorageLens.SelectionCriteria": { + "AWS::SES::ConfigurationSet.SuppressionOptions": { "additionalProperties": false, "properties": { - "Delimiter": { - "markdownDescription": "This property contains the details of the S3 Storage Lens delimiter being used.", - "title": "Delimiter", - "type": "string" - }, - "MaxDepth": { - "markdownDescription": "This property contains the details of the max depth that S3 Storage Lens will collect metrics up to.", - "title": "MaxDepth", - "type": "number" - }, - "MinStorageBytesPercentage": { - "markdownDescription": "This property contains the details of the minimum storage bytes percentage threshold that S3 Storage Lens will collect metrics up to.", - "title": "MinStorageBytesPercentage", - "type": "number" + "SuppressedReasons": { + "items": { + "type": "string" + }, + "markdownDescription": "A list that contains the reasons that email addresses are automatically added to the suppression list for your account. This list can contain any or all of the following:\n\n- `COMPLAINT` \u2013 Amazon SES adds an email address to the suppression list for your account when a message sent to that address results in a complaint.\n- `BOUNCE` \u2013 Amazon SES adds an email address to the suppression list for your account when a message sent to that address results in a hard bounce.", + "title": "SuppressedReasons", + "type": "array" } }, "type": "object" }, - "AWS::S3::StorageLens.StorageLensConfiguration": { + "AWS::SES::ConfigurationSet.TrackingOptions": { "additionalProperties": false, "properties": { - "AccountLevel": { - "$ref": "#/definitions/AWS::S3::StorageLens.AccountLevel", - "markdownDescription": "This property contains the details of the account-level metrics for Amazon S3 Storage Lens configuration.", - "title": "AccountLevel" - }, - "AwsOrg": { - "$ref": "#/definitions/AWS::S3::StorageLens.AwsOrg", - "markdownDescription": "This property contains the details of the AWS Organization for the S3 Storage Lens configuration.", - "title": "AwsOrg" - }, - "DataExport": { - "$ref": "#/definitions/AWS::S3::StorageLens.DataExport", - "markdownDescription": "This property contains the details of this S3 Storage Lens configuration's metrics export.", - "title": "DataExport" - }, - "Exclude": { - "$ref": "#/definitions/AWS::S3::StorageLens.BucketsAndRegions", - "markdownDescription": "This property contains the details of the bucket and or Regions excluded for Amazon S3 Storage Lens configuration.", - "title": "Exclude" - }, - "Id": { - "markdownDescription": "This property contains the details of the ID of the S3 Storage Lens configuration.", - "title": "Id", + "CustomRedirectDomain": { + "markdownDescription": "The custom subdomain that is used to redirect email recipients to the Amazon SES event tracking domain.", + "title": "CustomRedirectDomain", "type": "string" }, - "Include": { - "$ref": "#/definitions/AWS::S3::StorageLens.BucketsAndRegions", - "markdownDescription": "This property contains the details of the bucket and or Regions included for Amazon S3 Storage Lens configuration.", - "title": "Include" - }, - "IsEnabled": { - "markdownDescription": "This property contains the details of whether the Amazon S3 Storage Lens configuration is enabled.", - "title": "IsEnabled", - "type": "boolean" - }, - "StorageLensArn": { - "markdownDescription": "This property contains the details of the ARN of the S3 Storage Lens configuration. This property is read-only.", - "title": "StorageLensArn", + "HttpsPolicy": { + "markdownDescription": "The https policy to use for tracking open and click events.", + "title": "HttpsPolicy", "type": "string" } }, - "required": [ - "AccountLevel", - "Id", - "IsEnabled" - ], - "type": "object" - }, - "AWS::S3::StorageLens.StorageLensGroupLevel": { - "additionalProperties": false, - "properties": { - "StorageLensGroupSelectionCriteria": { - "$ref": "#/definitions/AWS::S3::StorageLens.StorageLensGroupSelectionCriteria", - "markdownDescription": "This property indicates which Storage Lens group ARNs to include or exclude in the Storage Lens group aggregation. If this value is left null, then all Storage Lens groups are selected.", - "title": "StorageLensGroupSelectionCriteria" - } - }, "type": "object" }, - "AWS::S3::StorageLens.StorageLensGroupSelectionCriteria": { + "AWS::SES::ConfigurationSet.VdmOptions": { "additionalProperties": false, "properties": { - "Exclude": { - "items": { - "type": "string" - }, - "markdownDescription": "This property indicates which Storage Lens group ARNs to exclude from the Storage Lens group aggregation.", - "title": "Exclude", - "type": "array" + "DashboardOptions": { + "$ref": "#/definitions/AWS::SES::ConfigurationSet.DashboardOptions", + "markdownDescription": "Specifies additional settings for your VDM configuration as applicable to the Dashboard.", + "title": "DashboardOptions" }, - "Include": { - "items": { - "type": "string" - }, - "markdownDescription": "This property indicates which Storage Lens group ARNs to include in the Storage Lens group aggregation.", - "title": "Include", - "type": "array" + "GuardianOptions": { + "$ref": "#/definitions/AWS::SES::ConfigurationSet.GuardianOptions", + "markdownDescription": "Specifies additional settings for your VDM configuration as applicable to the Guardian.", + "title": "GuardianOptions" } }, "type": "object" }, - "AWS::S3::StorageLensGroup": { + "AWS::SES::ConfigurationSetEventDestination": { "additionalProperties": false, "properties": { "Condition": { @@ -237545,34 +282933,26 @@ "Properties": { "additionalProperties": false, "properties": { - "Filter": { - "$ref": "#/definitions/AWS::S3::StorageLensGroup.Filter", - "markdownDescription": "This property contains the criteria for the Storage Lens group data that is displayed", - "title": "Filter" - }, - "Name": { - "markdownDescription": "This property contains the Storage Lens group name.", - "title": "Name", + "ConfigurationSetName": { + "markdownDescription": "The name of the configuration set that contains the event destination.", + "title": "ConfigurationSetName", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "This property contains the AWS resource tags that you're adding to your Storage Lens group. This parameter is optional.", - "title": "Tags", - "type": "array" + "EventDestination": { + "$ref": "#/definitions/AWS::SES::ConfigurationSetEventDestination.EventDestination", + "markdownDescription": "An object that defines the event destination.", + "title": "EventDestination" } }, "required": [ - "Filter", - "Name" + "ConfigurationSetName", + "EventDestination" ], "type": "object" }, "Type": { "enum": [ - "AWS::S3::StorageLensGroup" + "AWS::SES::ConfigurationSetEventDestination" ], "type": "string" }, @@ -237591,169 +282971,142 @@ ], "type": "object" }, - "AWS::S3::StorageLensGroup.And": { + "AWS::SES::ConfigurationSetEventDestination.CloudWatchDestination": { "additionalProperties": false, "properties": { - "MatchAnyPrefix": { - "items": { - "type": "string" - }, - "markdownDescription": "This property contains a list of prefixes. At least one prefix must be specified. Up to 10 prefixes are allowed.", - "title": "MatchAnyPrefix", - "type": "array" - }, - "MatchAnySuffix": { - "items": { - "type": "string" - }, - "markdownDescription": "This property contains a list of suffixes. At least one suffix must be specified. Up to 10 suffixes are allowed.", - "title": "MatchAnySuffix", - "type": "array" - }, - "MatchAnyTag": { + "DimensionConfigurations": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::SES::ConfigurationSetEventDestination.DimensionConfiguration" }, - "markdownDescription": "This property contains the list of object tags. At least one object tag must be specified. Up to 10 object tags are allowed.", - "title": "MatchAnyTag", + "markdownDescription": "An array of objects that define the dimensions to use when you send email events to Amazon CloudWatch.", + "title": "DimensionConfigurations", "type": "array" - }, - "MatchObjectAge": { - "$ref": "#/definitions/AWS::S3::StorageLensGroup.MatchObjectAge", - "markdownDescription": "This property contains `DaysGreaterThan` and `DaysLessThan` properties to define the object age range (minimum and maximum number of days).", - "title": "MatchObjectAge" - }, - "MatchObjectSize": { - "$ref": "#/definitions/AWS::S3::StorageLensGroup.MatchObjectSize", - "markdownDescription": "This property contains `BytesGreaterThan` and `BytesLessThan` to define the object size range (minimum and maximum number of Bytes).", - "title": "MatchObjectSize" } }, "type": "object" }, - "AWS::S3::StorageLensGroup.Filter": { + "AWS::SES::ConfigurationSetEventDestination.DimensionConfiguration": { "additionalProperties": false, "properties": { - "And": { - "$ref": "#/definitions/AWS::S3::StorageLensGroup.And", - "markdownDescription": "This property contains the `And` logical operator, which allows multiple filter conditions to be joined for more complex comparisons of Storage Lens group data. Objects must match all of the listed filter conditions that are joined by the `And` logical operator. Only one of each filter condition is allowed.", - "title": "And" - }, - "MatchAnyPrefix": { - "items": { - "type": "string" - }, - "markdownDescription": "This property contains a list of prefixes. At least one prefix must be specified. Up to 10 prefixes are allowed.", - "title": "MatchAnyPrefix", - "type": "array" - }, - "MatchAnySuffix": { - "items": { - "type": "string" - }, - "markdownDescription": "This property contains a list of suffixes. At least one suffix must be specified. Up to 10 suffixes are allowed.", - "title": "MatchAnySuffix", - "type": "array" - }, - "MatchAnyTag": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "This property contains the list of S3 object tags. At least one object tag must be specified. Up to 10 object tags are allowed.", - "title": "MatchAnyTag", - "type": "array" - }, - "MatchObjectAge": { - "$ref": "#/definitions/AWS::S3::StorageLensGroup.MatchObjectAge", - "markdownDescription": "This property contains `DaysGreaterThan` and `DaysLessThan` to define the object age range (minimum and maximum number of days).", - "title": "MatchObjectAge" + "DefaultDimensionValue": { + "markdownDescription": "The default value of the dimension that is published to Amazon CloudWatch if you don't provide the value of the dimension when you send an email. This value has to meet the following criteria:\n\n- Can only contain ASCII letters (a\u2013z, A\u2013Z), numbers (0\u20139), underscores (_), or dashes (-), at signs (@), and periods (.).\n- It can contain no more than 256 characters.", + "title": "DefaultDimensionValue", + "type": "string" }, - "MatchObjectSize": { - "$ref": "#/definitions/AWS::S3::StorageLensGroup.MatchObjectSize", - "markdownDescription": "This property contains `BytesGreaterThan` and `BytesLessThan` to define the object size range (minimum and maximum number of Bytes).", - "title": "MatchObjectSize" + "DimensionName": { + "markdownDescription": "The name of an Amazon CloudWatch dimension associated with an email sending metric. The name has to meet the following criteria:\n\n- It can only contain ASCII letters (a\u2013z, A\u2013Z), numbers (0\u20139), underscores (_), or dashes (-).\n- It can contain no more than 256 characters.", + "title": "DimensionName", + "type": "string" }, - "Or": { - "$ref": "#/definitions/AWS::S3::StorageLensGroup.Or", - "markdownDescription": "This property contains the `Or` logical operator, which allows multiple filter conditions to be joined. Objects can match any of the listed filter conditions, which are joined by the `Or` logical operator. Only one of each filter condition is allowed.", - "title": "Or" + "DimensionValueSource": { + "markdownDescription": "The location where the Amazon SES API v2 finds the value of a dimension to publish to Amazon CloudWatch. To use the message tags that you specify using an `X-SES-MESSAGE-TAGS` header or a parameter to the `SendEmail` or `SendRawEmail` API, choose `messageTag` . To use your own email headers, choose `emailHeader` . To use link tags, choose `linkTag` .", + "title": "DimensionValueSource", + "type": "string" } }, + "required": [ + "DefaultDimensionValue", + "DimensionName", + "DimensionValueSource" + ], "type": "object" }, - "AWS::S3::StorageLensGroup.MatchObjectAge": { + "AWS::SES::ConfigurationSetEventDestination.EventBridgeDestination": { "additionalProperties": false, "properties": { - "DaysGreaterThan": { - "markdownDescription": "This property indicates the minimum object age in days.", - "title": "DaysGreaterThan", - "type": "number" - }, - "DaysLessThan": { - "markdownDescription": "This property indicates the maximum object age in days.", - "title": "DaysLessThan", - "type": "number" + "EventBusArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon EventBridge bus to publish email events to. Only the default bus is supported.", + "title": "EventBusArn", + "type": "string" } }, + "required": [ + "EventBusArn" + ], "type": "object" }, - "AWS::S3::StorageLensGroup.MatchObjectSize": { + "AWS::SES::ConfigurationSetEventDestination.EventDestination": { "additionalProperties": false, "properties": { - "BytesGreaterThan": { - "markdownDescription": "This property specifies the minimum object size in bytes. The value must be a positive number, greater than 0 and less than 5 TB.", - "title": "BytesGreaterThan", - "type": "number" + "CloudWatchDestination": { + "$ref": "#/definitions/AWS::SES::ConfigurationSetEventDestination.CloudWatchDestination", + "markdownDescription": "An object that defines an Amazon CloudWatch destination for email events. You can use Amazon CloudWatch to monitor and gain insights on your email sending metrics.", + "title": "CloudWatchDestination" }, - "BytesLessThan": { - "markdownDescription": "This property specifies the maximum object size in bytes. The value must be a positive number, greater than the minimum object size and less than 5 TB.", - "title": "BytesLessThan", - "type": "number" - } - }, - "type": "object" - }, - "AWS::S3::StorageLensGroup.Or": { - "additionalProperties": false, - "properties": { - "MatchAnyPrefix": { - "items": { - "type": "string" - }, - "markdownDescription": "This property contains a list of prefixes. At least one prefix must be specified. Up to 10 prefixes are allowed.", - "title": "MatchAnyPrefix", - "type": "array" + "Enabled": { + "markdownDescription": "If `true` , the event destination is enabled. When the event destination is enabled, the specified event types are sent to the destinations in this `EventDestinationDefinition` .\n\nIf `false` , the event destination is disabled. When the event destination is disabled, events aren't sent to the specified destinations.", + "title": "Enabled", + "type": "boolean" }, - "MatchAnySuffix": { + "EventBridgeDestination": { + "$ref": "#/definitions/AWS::SES::ConfigurationSetEventDestination.EventBridgeDestination", + "markdownDescription": "An object that defines an Amazon EventBridge destination for email events. You can use Amazon EventBridge to send notifications when certain email events occur.", + "title": "EventBridgeDestination" + }, + "KinesisFirehoseDestination": { + "$ref": "#/definitions/AWS::SES::ConfigurationSetEventDestination.KinesisFirehoseDestination", + "markdownDescription": "An object that contains the delivery stream ARN and the IAM role ARN associated with an Amazon Kinesis Firehose event destination.", + "title": "KinesisFirehoseDestination" + }, + "MatchingEventTypes": { "items": { "type": "string" }, - "markdownDescription": "This property contains the list of suffixes. At least one suffix must be specified. Up to 10 suffixes are allowed.", - "title": "MatchAnySuffix", + "markdownDescription": "The types of events that Amazon SES sends to the specified event destinations.\n\n- `SEND` - The send request was successful and SES will attempt to deliver the message to the recipient\u2019s mail server. (If account-level or global suppression is being used, SES will still count it as a send, but delivery is suppressed.)\n- `REJECT` - SES accepted the email, but determined that it contained a virus and didn\u2019t attempt to deliver it to the recipient\u2019s mail server.\n- `BOUNCE` - ( *Hard bounce* ) The recipient's mail server permanently rejected the email. ( *Soft bounces* are only included when SES fails to deliver the email after retrying for a period of time.)\n- `COMPLAINT` - The email was successfully delivered to the recipient\u2019s mail server, but the recipient marked it as spam.\n- `DELIVERY` - SES successfully delivered the email to the recipient's mail server.\n- `OPEN` - The recipient received the message and opened it in their email client.\n- `CLICK` - The recipient clicked one or more links in the email.\n- `RENDERING_FAILURE` - The email wasn't sent because of a template rendering issue. This event type can occur when template data is missing, or when there is a mismatch between template parameters and data. (This event type only occurs when you send email using the [`SendEmail`](https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_SendEmail.html) or [`SendBulkEmail`](https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_SendBulkEmail.html) API operations.)\n- `DELIVERY_DELAY` - The email couldn't be delivered to the recipient\u2019s mail server because a temporary issue occurred. Delivery delays can occur, for example, when the recipient's inbox is full, or when the receiving email server experiences a transient issue.\n- `SUBSCRIPTION` - The email was successfully delivered, but the recipient updated their subscription preferences by clicking on an *unsubscribe* link as part of your [subscription management](https://docs.aws.amazon.com/ses/latest/dg/sending-email-subscription-management.html) .", + "title": "MatchingEventTypes", "type": "array" }, - "MatchAnyTag": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "This property contains the list of S3 object tags. At least one object tag must be specified. Up to 10 object tags are allowed.", - "title": "MatchAnyTag", - "type": "array" + "Name": { + "markdownDescription": "The name of the event destination. The name must meet the following requirements:\n\n- Contain only ASCII letters (a-z, A-Z), numbers (0-9), underscores (_), or dashes (-).\n- Contain 64 characters or fewer.", + "title": "Name", + "type": "string" }, - "MatchObjectAge": { - "$ref": "#/definitions/AWS::S3::StorageLensGroup.MatchObjectAge", - "markdownDescription": "This property filters objects that match the specified object age range.", - "title": "MatchObjectAge" + "SnsDestination": { + "$ref": "#/definitions/AWS::SES::ConfigurationSetEventDestination.SnsDestination", + "markdownDescription": "An object that contains the topic ARN associated with an Amazon Simple Notification Service (Amazon SNS) event destination.", + "title": "SnsDestination" + } + }, + "required": [ + "MatchingEventTypes" + ], + "type": "object" + }, + "AWS::SES::ConfigurationSetEventDestination.KinesisFirehoseDestination": { + "additionalProperties": false, + "properties": { + "DeliveryStreamARN": { + "markdownDescription": "The ARN of the Amazon Kinesis Firehose stream that email sending events should be published to.", + "title": "DeliveryStreamARN", + "type": "string" }, - "MatchObjectSize": { - "$ref": "#/definitions/AWS::S3::StorageLensGroup.MatchObjectSize", - "markdownDescription": "This property contains the `BytesGreaterThan` and `BytesLessThan` values to define the object size range (minimum and maximum number of Bytes).", - "title": "MatchObjectSize" + "IAMRoleARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that the Amazon SES API v2 uses to send email events to the Amazon Kinesis Data Firehose stream.", + "title": "IAMRoleARN", + "type": "string" } }, + "required": [ + "DeliveryStreamARN", + "IAMRoleARN" + ], "type": "object" }, - "AWS::S3Express::BucketPolicy": { + "AWS::SES::ConfigurationSetEventDestination.SnsDestination": { + "additionalProperties": false, + "properties": { + "TopicARN": { + "markdownDescription": "The ARN of the Amazon SNS topic for email sending events. You can find the ARN of a topic by using the [ListTopics](https://docs.aws.amazon.com/sns/latest/api/API_ListTopics.html) Amazon SNS operation.\n\nFor more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) .", + "title": "TopicARN", + "type": "string" + } + }, + "required": [ + "TopicARN" + ], + "type": "object" + }, + "AWS::SES::ContactList": { "additionalProperties": false, "properties": { "Condition": { @@ -237788,26 +283141,38 @@ "Properties": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The name of the S3 directory bucket to which the policy applies.", - "title": "Bucket", + "ContactListName": { + "markdownDescription": "The name of the contact list.", + "title": "ContactListName", "type": "string" }, - "PolicyDocument": { - "markdownDescription": "A policy document containing permissions to add to the specified bucket. In IAM, you must provide policy documents in JSON format. However, in CloudFormation you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to IAM. For more information, see the AWS::IAM::Policy [PolicyDocument](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html#cfn-iam-policy-policydocument) resource description in this guide and [Policies and Permissions in Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-policy-language-overview.html) in the *Amazon S3 User Guide* .", - "title": "PolicyDocument", - "type": "object" + "Description": { + "markdownDescription": "A description of what the contact list is about.", + "title": "Description", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags associated with a contact list.", + "title": "Tags", + "type": "array" + }, + "Topics": { + "items": { + "$ref": "#/definitions/AWS::SES::ContactList.Topic" + }, + "markdownDescription": "An interest group, theme, or label within a list. A contact list can have multiple topics.", + "title": "Topics", + "type": "array" } }, - "required": [ - "Bucket", - "PolicyDocument" - ], "type": "object" }, "Type": { "enum": [ - "AWS::S3Express::BucketPolicy" + "AWS::SES::ContactList" ], "type": "string" }, @@ -237821,12 +283186,42 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::S3Express::DirectoryBucket": { + "AWS::SES::ContactList.Topic": { + "additionalProperties": false, + "properties": { + "DefaultSubscriptionStatus": { + "markdownDescription": "The default subscription status to be applied to a contact if the contact has not noted their preference for subscribing to a topic.", + "title": "DefaultSubscriptionStatus", + "type": "string" + }, + "Description": { + "markdownDescription": "A description of what the topic is about, which the contact will see.", + "title": "Description", + "type": "string" + }, + "DisplayName": { + "markdownDescription": "The name of the topic the contact will see.", + "title": "DisplayName", + "type": "string" + }, + "TopicName": { + "markdownDescription": "The name of the topic.", + "title": "TopicName", + "type": "string" + } + }, + "required": [ + "DefaultSubscriptionStatus", + "DisplayName", + "TopicName" + ], + "type": "object" + }, + "AWS::SES::DedicatedIpPool": { "additionalProperties": false, "properties": { "Condition": { @@ -237861,31 +283256,30 @@ "Properties": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "A name for the bucket. The bucket name must contain only lowercase letters, numbers, and hyphens (-). A directory bucket name must be unique in the chosen Zone (Availability Zone or Local Zone). The bucket name must also follow the format `*bucket_base_name* -- *zone_id* --x-s3` (for example, `*bucket_base_name* -- *usw2-az1* --x-s3` ). If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the bucket name. For information about bucket naming restrictions, see [Directory bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) in the *Amazon S3 User Guide* .\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you need to replace the resource, specify a new name.", - "title": "BucketName", + "PoolName": { + "markdownDescription": "The name of the dedicated IP pool that the IP address is associated with.", + "title": "PoolName", "type": "string" }, - "DataRedundancy": { - "markdownDescription": "The number of Zone (Availability Zone or Local Zone) that's used for redundancy for the bucket.", - "title": "DataRedundancy", + "ScalingMode": { + "markdownDescription": "The type of scaling mode.\n\nThe following options are available:\n\n- `STANDARD` - The customer controls which IPs are part of the dedicated IP pool.\n- `MANAGED` - The reputation and number of IPs are automatically managed by Amazon SES .\n\nThe `STANDARD` option is selected by default if no value is specified.\n\n> Updating *ScalingMode* doesn't require a replacement if you're updating its value from `STANDARD` to `MANAGED` . However, updating *ScalingMode* from `MANAGED` to `STANDARD` is not supported.", + "title": "ScalingMode", "type": "string" }, - "LocationName": { - "markdownDescription": "The name of the location where the bucket will be created.\n\nFor directory buckets, the name of the location is the Zone ID of the Availability Zone (AZ) or Local Zone (LZ) where the bucket will be created. An example AZ ID value is `usw2-az1` .", - "title": "LocationName", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An object that defines the tags (keys and values) that you want to associate with the pool.", + "title": "Tags", + "type": "array" } }, - "required": [ - "DataRedundancy", - "LocationName" - ], "type": "object" }, "Type": { "enum": [ - "AWS::S3Express::DirectoryBucket" + "AWS::SES::DedicatedIpPool" ], "type": "string" }, @@ -237899,12 +283293,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::S3ObjectLambda::AccessPoint": { + "AWS::SES::EmailIdentity": { "additionalProperties": false, "properties": { "Condition": { @@ -237939,25 +283332,53 @@ "Properties": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of this access point.", - "title": "Name", + "ConfigurationSetAttributes": { + "$ref": "#/definitions/AWS::SES::EmailIdentity.ConfigurationSetAttributes", + "markdownDescription": "Used to associate a configuration set with an email identity.", + "title": "ConfigurationSetAttributes" + }, + "DkimAttributes": { + "$ref": "#/definitions/AWS::SES::EmailIdentity.DkimAttributes", + "markdownDescription": "An object that contains information about the DKIM attributes for the identity.", + "title": "DkimAttributes" + }, + "DkimSigningAttributes": { + "$ref": "#/definitions/AWS::SES::EmailIdentity.DkimSigningAttributes", + "markdownDescription": "If your request includes this object, Amazon SES configures the identity to use Bring Your Own DKIM (BYODKIM) for DKIM authentication purposes, or, configures the key length to be used for [Easy DKIM](https://docs.aws.amazon.com/ses/latest/DeveloperGuide/easy-dkim.html) .\n\nYou can only specify this object if the email identity is a domain, as opposed to an address.", + "title": "DkimSigningAttributes" + }, + "EmailIdentity": { + "markdownDescription": "The email address or domain to verify.", + "title": "EmailIdentity", "type": "string" }, - "ObjectLambdaConfiguration": { - "$ref": "#/definitions/AWS::S3ObjectLambda::AccessPoint.ObjectLambdaConfiguration", - "markdownDescription": "A configuration used when creating an Object Lambda Access Point.", - "title": "ObjectLambdaConfiguration" + "FeedbackAttributes": { + "$ref": "#/definitions/AWS::SES::EmailIdentity.FeedbackAttributes", + "markdownDescription": "Used to enable or disable feedback forwarding for an identity.", + "title": "FeedbackAttributes" + }, + "MailFromAttributes": { + "$ref": "#/definitions/AWS::SES::EmailIdentity.MailFromAttributes", + "markdownDescription": "Used to enable or disable the custom Mail-From domain configuration for an email identity.", + "title": "MailFromAttributes" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of objects that define the tags (keys and values) to associate with the email identity.", + "title": "Tags", + "type": "array" } }, "required": [ - "ObjectLambdaConfiguration" + "EmailIdentity" ], "type": "object" }, "Type": { "enum": [ - "AWS::S3ObjectLambda::AccessPoint" + "AWS::SES::EmailIdentity" ], "type": "string" }, @@ -237976,144 +283397,77 @@ ], "type": "object" }, - "AWS::S3ObjectLambda::AccessPoint.Alias": { - "additionalProperties": false, - "properties": { - "Status": { - "markdownDescription": "The status of the Object Lambda Access Point alias. If the status is `PROVISIONING` , the Object Lambda Access Point is provisioning the alias and the alias is not ready for use yet. If the status is `READY` , the Object Lambda Access Point alias is successfully provisioned and ready for use.", - "title": "Status", - "type": "string" - }, - "Value": { - "markdownDescription": "The alias value of the Object Lambda Access Point.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Value" - ], - "type": "object" - }, - "AWS::S3ObjectLambda::AccessPoint.AwsLambda": { + "AWS::SES::EmailIdentity.ConfigurationSetAttributes": { "additionalProperties": false, "properties": { - "FunctionArn": { - "markdownDescription": "", - "title": "FunctionArn", - "type": "string" - }, - "FunctionPayload": { - "markdownDescription": "", - "title": "FunctionPayload", + "ConfigurationSetName": { + "markdownDescription": "The configuration set to associate with an email identity.", + "title": "ConfigurationSetName", "type": "string" } }, - "required": [ - "FunctionArn" - ], "type": "object" }, - "AWS::S3ObjectLambda::AccessPoint.ContentTransformation": { + "AWS::SES::EmailIdentity.DkimAttributes": { "additionalProperties": false, "properties": { - "AwsLambda": { - "$ref": "#/definitions/AWS::S3ObjectLambda::AccessPoint.AwsLambda", - "markdownDescription": "", - "title": "AwsLambda" + "SigningEnabled": { + "markdownDescription": "Sets the DKIM signing configuration for the identity.\n\nWhen you set this value `true` , then the messages that are sent from the identity are signed using DKIM. If you set this value to `false` , your messages are sent without DKIM signing.", + "title": "SigningEnabled", + "type": "boolean" } }, - "required": [ - "AwsLambda" - ], "type": "object" }, - "AWS::S3ObjectLambda::AccessPoint.ObjectLambdaConfiguration": { - "additionalProperties": false, - "properties": { - "AllowedFeatures": { - "items": { - "type": "string" - }, - "markdownDescription": "A container for allowed features. Valid inputs are `GetObject-Range` , `GetObject-PartNumber` , `HeadObject-Range` , and `HeadObject-PartNumber` .", - "title": "AllowedFeatures", - "type": "array" - }, - "CloudWatchMetricsEnabled": { - "markdownDescription": "A container for whether the CloudWatch metrics configuration is enabled.", - "title": "CloudWatchMetricsEnabled", - "type": "boolean" + "AWS::SES::EmailIdentity.DkimSigningAttributes": { + "additionalProperties": false, + "properties": { + "DomainSigningPrivateKey": { + "markdownDescription": "[Bring Your Own DKIM] A private key that's used to generate a DKIM signature.\n\nThe private key must use 1024 or 2048-bit RSA encryption, and must be encoded using base64 encoding.\n\n> Rather than embedding sensitive information directly in your CFN templates, we recommend you use dynamic parameters in the stack template to reference sensitive information that is stored and managed outside of CFN, such as in the AWS Systems Manager Parameter Store or AWS Secrets Manager.\n> \n> For more information, see the [Do not embed credentials in your templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/best-practices.html#creds) best practice.", + "title": "DomainSigningPrivateKey", + "type": "string" }, - "SupportingAccessPoint": { - "markdownDescription": "Standard access point associated with the Object Lambda Access Point.", - "title": "SupportingAccessPoint", + "DomainSigningSelector": { + "markdownDescription": "[Bring Your Own DKIM] A string that's used to identify a public key in the DNS configuration for a domain.", + "title": "DomainSigningSelector", "type": "string" }, - "TransformationConfigurations": { - "items": { - "$ref": "#/definitions/AWS::S3ObjectLambda::AccessPoint.TransformationConfiguration" - }, - "markdownDescription": "A container for transformation configurations for an Object Lambda Access Point.", - "title": "TransformationConfigurations", - "type": "array" + "NextSigningKeyLength": { + "markdownDescription": "[Easy DKIM] The key length of the future DKIM key pair to be generated. This can be changed at most once per day.\n\nValid Values: `RSA_1024_BIT | RSA_2048_BIT`", + "title": "NextSigningKeyLength", + "type": "string" } }, - "required": [ - "SupportingAccessPoint", - "TransformationConfigurations" - ], "type": "object" }, - "AWS::S3ObjectLambda::AccessPoint.PublicAccessBlockConfiguration": { + "AWS::SES::EmailIdentity.FeedbackAttributes": { "additionalProperties": false, "properties": { - "BlockPublicAcls": { - "markdownDescription": "Specifies whether Amazon S3 should block public access control lists (ACLs) for buckets in this account. Setting this element to `TRUE` causes the following behavior:\n\n- `PutBucketAcl` and `PutObjectAcl` calls fail if the specified ACL is public.\n- PUT Object calls fail if the request includes a public ACL.\n- PUT Bucket calls fail if the request includes a public ACL.\n\nEnabling this setting doesn't affect existing policies or ACLs.\n\nThis property is not supported for Amazon S3 on Outposts.", - "title": "BlockPublicAcls", - "type": "boolean" - }, - "BlockPublicPolicy": { - "markdownDescription": "Specifies whether Amazon S3 should block public bucket policies for buckets in this account. Setting this element to `TRUE` causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.\n\nEnabling this setting doesn't affect existing bucket policies.\n\nThis property is not supported for Amazon S3 on Outposts.", - "title": "BlockPublicPolicy", - "type": "boolean" - }, - "IgnorePublicAcls": { - "markdownDescription": "Specifies whether Amazon S3 should ignore public ACLs for buckets in this account. Setting this element to `TRUE` causes Amazon S3 to ignore all public ACLs on buckets in this account and any objects that they contain.\n\nEnabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.\n\nThis property is not supported for Amazon S3 on Outposts.", - "title": "IgnorePublicAcls", - "type": "boolean" - }, - "RestrictPublicBuckets": { - "markdownDescription": "Specifies whether Amazon S3 should restrict public bucket policies for buckets in this account. Setting this element to `TRUE` restricts access to buckets with public policies to only AWS service principals and authorized users within this account.\n\nEnabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.\n\nThis property is not supported for Amazon S3 on Outposts.", - "title": "RestrictPublicBuckets", + "EmailForwardingEnabled": { + "markdownDescription": "Sets the feedback forwarding configuration for the identity.\n\nIf the value is `true` , you receive email notifications when bounce or complaint events occur. These notifications are sent to the address that you specified in the `Return-Path` header of the original email.\n\nYou're required to have a method of tracking bounces and complaints. If you haven't set up another mechanism for receiving bounce or complaint notifications (for example, by setting up an event destination), you receive an email notification when these events occur (even if this setting is disabled).", + "title": "EmailForwardingEnabled", "type": "boolean" } }, "type": "object" }, - "AWS::S3ObjectLambda::AccessPoint.TransformationConfiguration": { + "AWS::SES::EmailIdentity.MailFromAttributes": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "type": "string" - }, - "markdownDescription": "A container for the action of an Object Lambda Access Point configuration. Valid inputs are `GetObject` , `HeadObject` , `ListObject` , and `ListObjectV2` .", - "title": "Actions", - "type": "array" + "BehaviorOnMxFailure": { + "markdownDescription": "The action to take if the required MX record isn't found when you send an email. When you set this value to `USE_DEFAULT_VALUE` , the mail is sent using *amazonses.com* as the MAIL FROM domain. When you set this value to `REJECT_MESSAGE` , the Amazon SES API v2 returns a `MailFromDomainNotVerified` error, and doesn't attempt to deliver the email.\n\nThese behaviors are taken when the custom MAIL FROM domain configuration is in the `Pending` , `Failed` , and `TemporaryFailure` states.\n\nValid Values: `USE_DEFAULT_VALUE | REJECT_MESSAGE`", + "title": "BehaviorOnMxFailure", + "type": "string" }, - "ContentTransformation": { - "$ref": "#/definitions/AWS::S3ObjectLambda::AccessPoint.ContentTransformation", - "markdownDescription": "A container for the content transformation of an Object Lambda Access Point configuration. Can include the FunctionArn and FunctionPayload. For more information, see [AwsLambdaTransformation](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_AwsLambdaTransformation.html) in the *Amazon S3 API Reference* .", - "title": "ContentTransformation" + "MailFromDomain": { + "markdownDescription": "The custom MAIL FROM domain that you want the verified identity to use. The MAIL FROM domain must meet the following criteria:\n\n- It has to be a subdomain of the verified identity.\n- It can't be used to receive email.\n- It can't be used in a \"From\" address if the MAIL FROM domain is a destination for feedback forwarding emails.", + "title": "MailFromDomain", + "type": "string" } }, - "required": [ - "Actions", - "ContentTransformation" - ], "type": "object" }, - "AWS::S3ObjectLambda::AccessPointPolicy": { + "AWS::SES::MailManagerAddonInstance": { "additionalProperties": false, "properties": { "Condition": { @@ -238148,26 +283502,28 @@ "Properties": { "additionalProperties": false, "properties": { - "ObjectLambdaAccessPoint": { - "markdownDescription": "An access point with an attached AWS Lambda function used to access transformed data from an Amazon S3 bucket.", - "title": "ObjectLambdaAccessPoint", + "AddonSubscriptionId": { + "markdownDescription": "The subscription ID for the instance.", + "title": "AddonSubscriptionId", "type": "string" }, - "PolicyDocument": { - "markdownDescription": "Object Lambda Access Point resource policy document.", - "title": "PolicyDocument", - "type": "object" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for the resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "title": "Tags", + "type": "array" } }, "required": [ - "ObjectLambdaAccessPoint", - "PolicyDocument" + "AddonSubscriptionId" ], "type": "object" }, "Type": { "enum": [ - "AWS::S3ObjectLambda::AccessPointPolicy" + "AWS::SES::MailManagerAddonInstance" ], "type": "string" }, @@ -238186,7 +283542,7 @@ ], "type": "object" }, - "AWS::S3Outposts::AccessPoint": { + "AWS::SES::MailManagerAddonSubscription": { "additionalProperties": false, "properties": { "Condition": { @@ -238221,37 +283577,28 @@ "Properties": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The Amazon Resource Name (ARN) of the S3 on Outposts bucket that is associated with this access point.", - "title": "Bucket", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of this access point.", - "title": "Name", + "AddonName": { + "markdownDescription": "The name of the Add On to subscribe to. You can only have one subscription for each Add On name.\n\nValid Values: `TRENDMICRO_VSAPI | SPAMHAUS_DBL | ABUSIX_MAIL_INTELLIGENCE`", + "title": "AddonName", "type": "string" }, - "Policy": { - "markdownDescription": "The access point policy associated with this access point.", - "title": "Policy", - "type": "object" - }, - "VpcConfiguration": { - "$ref": "#/definitions/AWS::S3Outposts::AccessPoint.VpcConfiguration", - "markdownDescription": "The virtual private cloud (VPC) configuration for this access point, if one exists.", - "title": "VpcConfiguration" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for the resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "title": "Tags", + "type": "array" } }, "required": [ - "Bucket", - "Name", - "VpcConfiguration" + "AddonName" ], "type": "object" }, "Type": { "enum": [ - "AWS::S3Outposts::AccessPoint" + "AWS::SES::MailManagerAddonSubscription" ], "type": "string" }, @@ -238270,18 +283617,7 @@ ], "type": "object" }, - "AWS::S3Outposts::AccessPoint.VpcConfiguration": { - "additionalProperties": false, - "properties": { - "VpcId": { - "markdownDescription": "", - "title": "VpcId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::S3Outposts::Bucket": { + "AWS::SES::MailManagerAddressList": { "additionalProperties": false, "properties": { "Condition": { @@ -238316,39 +283652,25 @@ "Properties": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "A name for the S3 on Outposts bucket. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the bucket name. The bucket name must contain only lowercase letters, numbers, periods (.), and dashes (-) and must follow [Amazon S3 bucket restrictions and limitations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/BucketRestrictions.html) . For more information, see [Bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/BucketRestrictions.html#bucketnamingrules) .\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you need to replace the resource, specify a new name.", - "title": "BucketName", - "type": "string" - }, - "LifecycleConfiguration": { - "$ref": "#/definitions/AWS::S3Outposts::Bucket.LifecycleConfiguration", - "markdownDescription": "Creates a new lifecycle configuration for the S3 on Outposts bucket or replaces an existing lifecycle configuration. Outposts buckets only support lifecycle configurations that delete/expire objects after a certain period of time and abort incomplete multipart uploads.", - "title": "LifecycleConfiguration" - }, - "OutpostId": { - "markdownDescription": "The ID of the Outpost of the specified bucket.", - "title": "OutpostId", + "AddressListName": { + "markdownDescription": "", + "title": "AddressListName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Sets the tags for an S3 on Outposts bucket. For more information, see [Using Amazon S3 on Outposts](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) .\n\nUse tags to organize your AWS bill to reflect your own cost structure. To do this, sign up to get your AWS account bill with tag key values included. Then, to see the cost of combined resources, organize your billing information according to resources with the same tag key values. For example, you can tag several resources with a specific application name, and then organize your billing information to see the total cost of that application across several services. For more information, see [Cost allocation and tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html) .\n\n> Within a bucket, if you add a tag that has the same key as an existing tag, the new value overwrites the old value. For more information, see [Using cost allocation and bucket tags](https://docs.aws.amazon.com/AmazonS3/latest/userguide/CostAllocTagging.html) . \n\nTo use this resource, you must have permissions to perform the `s3-outposts:PutBucketTagging` . The S3 on Outposts bucket owner has this permission by default and can grant this permission to others. For more information about permissions, see [Permissions Related to Bucket Subresource Operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) and [Managing access permissions to your Amazon S3 resources](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html) .", + "markdownDescription": "", "title": "Tags", "type": "array" } }, - "required": [ - "BucketName", - "OutpostId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::S3Outposts::Bucket" + "AWS::SES::MailManagerAddressList" ], "type": "string" }, @@ -238362,145 +283684,11 @@ } }, "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::S3Outposts::Bucket.AbortIncompleteMultipartUpload": { - "additionalProperties": false, - "properties": { - "DaysAfterInitiation": { - "markdownDescription": "Specifies the number of days after initiation that Amazon S3 on Outposts aborts an incomplete multipart upload.", - "title": "DaysAfterInitiation", - "type": "number" - } - }, - "required": [ - "DaysAfterInitiation" - ], - "type": "object" - }, - "AWS::S3Outposts::Bucket.Filter": { - "additionalProperties": false, - "properties": { - "AndOperator": { - "$ref": "#/definitions/AWS::S3Outposts::Bucket.FilterAndOperator", - "markdownDescription": "", - "title": "AndOperator" - }, - "Prefix": { - "markdownDescription": "", - "title": "Prefix", - "type": "string" - }, - "Tag": { - "$ref": "#/definitions/AWS::S3Outposts::Bucket.FilterTag", - "markdownDescription": "", - "title": "Tag" - } - }, - "type": "object" - }, - "AWS::S3Outposts::Bucket.FilterAndOperator": { - "additionalProperties": false, - "properties": { - "Prefix": { - "markdownDescription": "", - "title": "Prefix", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/AWS::S3Outposts::Bucket.FilterTag" - }, - "markdownDescription": "", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Tags" - ], - "type": "object" - }, - "AWS::S3Outposts::Bucket.FilterTag": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - }, - "AWS::S3Outposts::Bucket.LifecycleConfiguration": { - "additionalProperties": false, - "properties": { - "Rules": { - "items": { - "$ref": "#/definitions/AWS::S3Outposts::Bucket.Rule" - }, - "markdownDescription": "The container for the lifecycle configuration rules for the objects stored in the S3 on Outposts bucket.", - "title": "Rules", - "type": "array" - } - }, - "required": [ - "Rules" - ], - "type": "object" - }, - "AWS::S3Outposts::Bucket.Rule": { - "additionalProperties": false, - "properties": { - "AbortIncompleteMultipartUpload": { - "$ref": "#/definitions/AWS::S3Outposts::Bucket.AbortIncompleteMultipartUpload", - "markdownDescription": "The container for the abort incomplete multipart upload rule.", - "title": "AbortIncompleteMultipartUpload" - }, - "ExpirationDate": { - "markdownDescription": "Specifies the expiration for the lifecycle of the object by specifying an expiry date.", - "title": "ExpirationDate", - "type": "string" - }, - "ExpirationInDays": { - "markdownDescription": "Specifies the expiration for the lifecycle of the object in the form of days that the object has been in the S3 on Outposts bucket.", - "title": "ExpirationInDays", - "type": "number" - }, - "Filter": { - "$ref": "#/definitions/AWS::S3Outposts::Bucket.Filter", - "markdownDescription": "The container for the filter of the lifecycle rule.", - "title": "Filter" - }, - "Id": { - "markdownDescription": "", - "title": "Id", - "type": "string" - }, - "Status": { - "markdownDescription": "If `Enabled` , the rule is currently being applied. If `Disabled` , the rule is not currently being applied.", - "title": "Status", - "type": "string" - } - }, - "required": [ - "Status" + "Type" ], "type": "object" }, - "AWS::S3Outposts::BucketPolicy": { + "AWS::SES::MailManagerArchive": { "additionalProperties": false, "properties": { "Condition": { @@ -238535,26 +283723,35 @@ "Properties": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The name of the Amazon S3 Outposts bucket to which the policy applies.", - "title": "Bucket", + "ArchiveName": { + "markdownDescription": "A unique name for the new archive.", + "title": "ArchiveName", "type": "string" }, - "PolicyDocument": { - "markdownDescription": "A policy document containing permissions to add to the specified bucket. In IAM, you must provide policy documents in JSON format. However, in CloudFormation, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to IAM. For more information, see the AWS::IAM::Policy [PolicyDocument](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html#cfn-iam-policy-policydocument) resource description in this guide and [Access Policy Language Overview](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-policy-language-overview.html) .", - "title": "PolicyDocument", - "type": "object" + "KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key for encrypting emails in the archive.", + "title": "KmsKeyArn", + "type": "string" + }, + "Retention": { + "$ref": "#/definitions/AWS::SES::MailManagerArchive.ArchiveRetention", + "markdownDescription": "The period for retaining emails in the archive before automatic deletion.", + "title": "Retention" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for the resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "title": "Tags", + "type": "array" } }, - "required": [ - "Bucket", - "PolicyDocument" - ], "type": "object" }, "Type": { "enum": [ - "AWS::S3Outposts::BucketPolicy" + "AWS::SES::MailManagerArchive" ], "type": "string" }, @@ -238568,12 +283765,25 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::S3Outposts::Endpoint": { + "AWS::SES::MailManagerArchive.ArchiveRetention": { + "additionalProperties": false, + "properties": { + "RetentionPeriod": { + "markdownDescription": "The enum value sets the period for retaining emails in an archive.", + "title": "RetentionPeriod", + "type": "string" + } + }, + "required": [ + "RetentionPeriod" + ], + "type": "object" + }, + "AWS::SES::MailManagerIngressPoint": { "additionalProperties": false, "properties": { "Condition": { @@ -238608,47 +283818,60 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessType": { - "markdownDescription": "The container for the type of connectivity used to access the Amazon S3 on Outposts endpoint. To use the Amazon VPC , choose `Private` . To use the endpoint with an on-premises network, choose `CustomerOwnedIp` . If you choose `CustomerOwnedIp` , you must also provide the customer-owned IP address pool (CoIP pool).\n\n> `Private` is the default access type value.", - "title": "AccessType", - "type": "string" + "IngressPointConfiguration": { + "$ref": "#/definitions/AWS::SES::MailManagerIngressPoint.IngressPointConfiguration", + "markdownDescription": "The configuration of the ingress endpoint resource.", + "title": "IngressPointConfiguration" }, - "CustomerOwnedIpv4Pool": { - "markdownDescription": "The ID of the customer-owned IPv4 address pool (CoIP pool) for the endpoint. IP addresses are allocated from this pool for the endpoint.", - "title": "CustomerOwnedIpv4Pool", + "IngressPointName": { + "markdownDescription": "A user friendly name for an ingress endpoint resource.", + "title": "IngressPointName", "type": "string" }, - "FailedReason": { - "$ref": "#/definitions/AWS::S3Outposts::Endpoint.FailedReason", - "markdownDescription": "The failure reason, if any, for a create or delete endpoint operation.", - "title": "FailedReason" + "NetworkConfiguration": { + "$ref": "#/definitions/AWS::SES::MailManagerIngressPoint.NetworkConfiguration", + "markdownDescription": "The network type (IPv4-only, Dual-Stack, PrivateLink) of the ingress endpoint resource.", + "title": "NetworkConfiguration" }, - "OutpostId": { - "markdownDescription": "The ID of the Outpost.", - "title": "OutpostId", + "RuleSetId": { + "markdownDescription": "The identifier of an existing rule set that you attach to an ingress endpoint resource.", + "title": "RuleSetId", "type": "string" }, - "SecurityGroupId": { - "markdownDescription": "The ID of the security group used for the endpoint.", - "title": "SecurityGroupId", + "StatusToUpdate": { + "markdownDescription": "The update status of an ingress endpoint.", + "title": "StatusToUpdate", "type": "string" }, - "SubnetId": { - "markdownDescription": "The ID of the subnet used for the endpoint.", - "title": "SubnetId", + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for the resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "title": "Tags", + "type": "array" + }, + "TrafficPolicyId": { + "markdownDescription": "The identifier of an existing traffic policy that you attach to an ingress endpoint resource.", + "title": "TrafficPolicyId", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the ingress endpoint to create.", + "title": "Type", "type": "string" } }, "required": [ - "OutpostId", - "SecurityGroupId", - "SubnetId" + "RuleSetId", + "TrafficPolicyId", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::S3Outposts::Endpoint" + "AWS::SES::MailManagerIngressPoint" ], "type": "string" }, @@ -238667,37 +283890,67 @@ ], "type": "object" }, - "AWS::S3Outposts::Endpoint.FailedReason": { + "AWS::SES::MailManagerIngressPoint.IngressPointConfiguration": { "additionalProperties": false, "properties": { - "ErrorCode": { - "markdownDescription": "The failure code, if any, for a create or delete endpoint operation.", - "title": "ErrorCode", + "SecretArn": { + "markdownDescription": "The SecretsManager::Secret ARN of the ingress endpoint resource.", + "title": "SecretArn", "type": "string" }, - "Message": { - "markdownDescription": "Additional error details describing the endpoint failure and recommended action.", - "title": "Message", + "SmtpPassword": { + "markdownDescription": "The password of the ingress endpoint resource.", + "title": "SmtpPassword", "type": "string" } }, "type": "object" }, - "AWS::S3Outposts::Endpoint.NetworkInterface": { + "AWS::SES::MailManagerIngressPoint.NetworkConfiguration": { "additionalProperties": false, "properties": { - "NetworkInterfaceId": { - "markdownDescription": "The ID for the network interface.", - "title": "NetworkInterfaceId", + "PrivateNetworkConfiguration": { + "$ref": "#/definitions/AWS::SES::MailManagerIngressPoint.PrivateNetworkConfiguration", + "markdownDescription": "Specifies the network configuration for the private ingress point.", + "title": "PrivateNetworkConfiguration" + }, + "PublicNetworkConfiguration": { + "$ref": "#/definitions/AWS::SES::MailManagerIngressPoint.PublicNetworkConfiguration", + "markdownDescription": "Specifies the network configuration for the public ingress point.", + "title": "PublicNetworkConfiguration" + } + }, + "type": "object" + }, + "AWS::SES::MailManagerIngressPoint.PrivateNetworkConfiguration": { + "additionalProperties": false, + "properties": { + "VpcEndpointId": { + "markdownDescription": "The identifier of the VPC endpoint to associate with this private ingress point.", + "title": "VpcEndpointId", "type": "string" } }, "required": [ - "NetworkInterfaceId" + "VpcEndpointId" ], "type": "object" }, - "AWS::SDB::Domain": { + "AWS::SES::MailManagerIngressPoint.PublicNetworkConfiguration": { + "additionalProperties": false, + "properties": { + "IpType": { + "markdownDescription": "The IP address type for the public ingress point. Valid values are IPV4 and DUAL_STACK.", + "title": "IpType", + "type": "object" + } + }, + "required": [ + "IpType" + ], + "type": "object" + }, + "AWS::SES::MailManagerRelay": { "additionalProperties": false, "properties": { "Condition": { @@ -238732,17 +283985,45 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "Information about the SimpleDB domain.", - "title": "Description", + "Authentication": { + "$ref": "#/definitions/AWS::SES::MailManagerRelay.RelayAuthentication", + "markdownDescription": "Authentication for the relay destination server\u2014specify the secretARN where the SMTP credentials are stored.", + "title": "Authentication" + }, + "RelayName": { + "markdownDescription": "The unique relay name.", + "title": "RelayName", "type": "string" + }, + "ServerName": { + "markdownDescription": "The destination relay server address.", + "title": "ServerName", + "type": "string" + }, + "ServerPort": { + "markdownDescription": "The destination relay server port.", + "title": "ServerPort", + "type": "number" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for the resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "title": "Tags", + "type": "array" } }, + "required": [ + "Authentication", + "ServerName", + "ServerPort" + ], "type": "object" }, "Type": { "enum": [ - "AWS::SDB::Domain" + "AWS::SES::MailManagerRelay" ], "type": "string" }, @@ -238756,11 +284037,28 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::SES::ConfigurationSet": { + "AWS::SES::MailManagerRelay.RelayAuthentication": { + "additionalProperties": false, + "properties": { + "NoAuthentication": { + "markdownDescription": "Keep an empty structure if the relay destination server does not require SMTP credential authentication.", + "title": "NoAuthentication", + "type": "object" + }, + "SecretArn": { + "markdownDescription": "The ARN of the secret created in secrets manager where the relay server's SMTP credentials are stored.", + "title": "SecretArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SES::MailManagerRuleSet": { "additionalProperties": false, "properties": { "Condition": { @@ -238795,47 +284093,36 @@ "Properties": { "additionalProperties": false, "properties": { - "DeliveryOptions": { - "$ref": "#/definitions/AWS::SES::ConfigurationSet.DeliveryOptions", - "markdownDescription": "Specifies the name of the dedicated IP pool to associate with the configuration set and whether messages that use the configuration set are required to use Transport Layer Security (TLS).", - "title": "DeliveryOptions" - }, - "Name": { - "markdownDescription": "The name of the configuration set. The name must meet the following requirements:\n\n- Contain only letters (a-z, A-Z), numbers (0-9), underscores (_), or dashes (-).\n- Contain 64 characters or fewer.", - "title": "Name", + "RuleSetName": { + "markdownDescription": "A user-friendly name for the rule set.", + "title": "RuleSetName", "type": "string" }, - "ReputationOptions": { - "$ref": "#/definitions/AWS::SES::ConfigurationSet.ReputationOptions", - "markdownDescription": "An object that defines whether or not Amazon SES collects reputation metrics for the emails that you send that use the configuration set.", - "title": "ReputationOptions" - }, - "SendingOptions": { - "$ref": "#/definitions/AWS::SES::ConfigurationSet.SendingOptions", - "markdownDescription": "An object that defines whether or not Amazon SES can send email that you send using the configuration set.", - "title": "SendingOptions" - }, - "SuppressionOptions": { - "$ref": "#/definitions/AWS::SES::ConfigurationSet.SuppressionOptions", - "markdownDescription": "An object that contains information about the suppression list preferences for your account.", - "title": "SuppressionOptions" - }, - "TrackingOptions": { - "$ref": "#/definitions/AWS::SES::ConfigurationSet.TrackingOptions", - "markdownDescription": "An object that defines the open and click tracking options for emails that you send using the configuration set.", - "title": "TrackingOptions" + "Rules": { + "items": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.Rule" + }, + "markdownDescription": "Conditional rules that are evaluated for determining actions on email.", + "title": "Rules", + "type": "array" }, - "VdmOptions": { - "$ref": "#/definitions/AWS::SES::ConfigurationSet.VdmOptions", - "markdownDescription": "The Virtual Deliverability Manager (VDM) options that apply to the configuration set.", - "title": "VdmOptions" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for the resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "title": "Tags", + "type": "array" } }, + "required": [ + "Rules" + ], "type": "object" }, "Type": { "enum": [ - "AWS::SES::ConfigurationSet" + "AWS::SES::MailManagerRuleSet" ], "type": "string" }, @@ -238849,490 +284136,649 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::SES::ConfigurationSet.DashboardOptions": { + "AWS::SES::MailManagerRuleSet.AddHeaderAction": { "additionalProperties": false, "properties": { - "EngagementMetrics": { - "markdownDescription": "Specifies the status of your VDM engagement metrics collection. Can be one of the following:\n\n- `ENABLED` \u2013 Amazon SES enables engagement metrics for the configuration set.\n- `DISABLED` \u2013 Amazon SES disables engagement metrics for the configuration set.", - "title": "EngagementMetrics", + "HeaderName": { + "markdownDescription": "The name of the header to add to an email. The header must be prefixed with \"X-\". Headers are added regardless of whether the header name pre-existed in the email.", + "title": "HeaderName", + "type": "string" + }, + "HeaderValue": { + "markdownDescription": "The value of the header to add to the email.", + "title": "HeaderValue", "type": "string" } }, "required": [ - "EngagementMetrics" + "HeaderName", + "HeaderValue" ], "type": "object" }, - "AWS::SES::ConfigurationSet.DeliveryOptions": { + "AWS::SES::MailManagerRuleSet.Analysis": { "additionalProperties": false, "properties": { - "SendingPoolName": { - "markdownDescription": "The name of the dedicated IP pool to associate with the configuration set.", - "title": "SendingPoolName", + "Analyzer": { + "markdownDescription": "The Amazon Resource Name (ARN) of an Add On.", + "title": "Analyzer", "type": "string" }, - "TlsPolicy": { - "markdownDescription": "Specifies whether messages that use the configuration set are required to use Transport Layer Security (TLS). If the value is `REQUIRE` , messages are only delivered if a TLS connection can be established. If the value is `OPTIONAL` , messages can be delivered in plain text if a TLS connection can't be established.\n\nValid Values: `REQUIRE | OPTIONAL`", - "title": "TlsPolicy", + "ResultField": { + "markdownDescription": "The returned value from an Add On.", + "title": "ResultField", "type": "string" } }, + "required": [ + "Analyzer", + "ResultField" + ], "type": "object" }, - "AWS::SES::ConfigurationSet.GuardianOptions": { + "AWS::SES::MailManagerRuleSet.ArchiveAction": { "additionalProperties": false, "properties": { - "OptimizedSharedDelivery": { - "markdownDescription": "Specifies the status of your VDM optimized shared delivery. Can be one of the following:\n\n- `ENABLED` \u2013 Amazon SES enables optimized shared delivery for the configuration set.\n- `DISABLED` \u2013 Amazon SES disables optimized shared delivery for the configuration set.", - "title": "OptimizedSharedDelivery", + "ActionFailurePolicy": { + "markdownDescription": "A policy that states what to do in the case of failure. The action will fail if there are configuration errors. For example, the specified archive has been deleted.", + "title": "ActionFailurePolicy", + "type": "string" + }, + "TargetArchive": { + "markdownDescription": "The identifier of the archive to send the email to.", + "title": "TargetArchive", "type": "string" } }, "required": [ - "OptimizedSharedDelivery" + "TargetArchive" ], "type": "object" }, - "AWS::SES::ConfigurationSet.ReputationOptions": { + "AWS::SES::MailManagerRuleSet.DeliverToMailboxAction": { "additionalProperties": false, "properties": { - "ReputationMetricsEnabled": { - "markdownDescription": "If `true` , tracking of reputation metrics is enabled for the configuration set. If `false` , tracking of reputation metrics is disabled for the configuration set.", - "title": "ReputationMetricsEnabled", - "type": "boolean" + "ActionFailurePolicy": { + "markdownDescription": "A policy that states what to do in the case of failure. The action will fail if there are configuration errors. For example, the mailbox ARN is no longer valid.", + "title": "ActionFailurePolicy", + "type": "string" + }, + "MailboxArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of a WorkMail organization to deliver the email to.", + "title": "MailboxArn", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role to use to execute this action. The role must have access to the workmail:DeliverToMailbox API.", + "title": "RoleArn", + "type": "string" } }, + "required": [ + "MailboxArn", + "RoleArn" + ], "type": "object" }, - "AWS::SES::ConfigurationSet.SendingOptions": { + "AWS::SES::MailManagerRuleSet.DeliverToQBusinessAction": { "additionalProperties": false, "properties": { - "SendingEnabled": { - "markdownDescription": "If `true` , email sending is enabled for the configuration set. If `false` , email sending is disabled for the configuration set.", - "title": "SendingEnabled", - "type": "boolean" + "ActionFailurePolicy": { + "markdownDescription": "A policy that states what to do in the case of failure. The action will fail if there are configuration errors. For example, the specified application has been deleted or the role lacks necessary permissions to call the `qbusiness:BatchPutDocument` API.", + "title": "ActionFailurePolicy", + "type": "string" + }, + "ApplicationId": { + "markdownDescription": "The unique identifier of the Amazon Q Business application instance where the email content will be delivered.", + "title": "ApplicationId", + "type": "string" + }, + "IndexId": { + "markdownDescription": "The identifier of the knowledge base index within the Amazon Q Business application where the email content will be stored and indexed.", + "title": "IndexId", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM Role to use while delivering to Amazon Q Business. This role must have access to the `qbusiness:BatchPutDocument` API for the given application and index.", + "title": "RoleArn", + "type": "string" } }, + "required": [ + "ApplicationId", + "IndexId", + "RoleArn" + ], "type": "object" }, - "AWS::SES::ConfigurationSet.SuppressionOptions": { + "AWS::SES::MailManagerRuleSet.RelayAction": { "additionalProperties": false, "properties": { - "SuppressedReasons": { + "ActionFailurePolicy": { + "markdownDescription": "A policy that states what to do in the case of failure. The action will fail if there are configuration errors. For example, the specified relay has been deleted.", + "title": "ActionFailurePolicy", + "type": "string" + }, + "MailFrom": { + "markdownDescription": "This action specifies whether to preserve or replace original mail from address while relaying received emails to a destination server.", + "title": "MailFrom", + "type": "string" + }, + "Relay": { + "markdownDescription": "The identifier of the relay resource to be used when relaying an email.", + "title": "Relay", + "type": "string" + } + }, + "required": [ + "Relay" + ], + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.ReplaceRecipientAction": { + "additionalProperties": false, + "properties": { + "ReplaceWith": { "items": { "type": "string" }, - "markdownDescription": "A list that contains the reasons that email addresses are automatically added to the suppression list for your account. This list can contain any or all of the following:\n\n- `COMPLAINT` \u2013 Amazon SES adds an email address to the suppression list for your account when a message sent to that address results in a complaint.\n- `BOUNCE` \u2013 Amazon SES adds an email address to the suppression list for your account when a message sent to that address results in a hard bounce.", - "title": "SuppressedReasons", + "markdownDescription": "This action specifies the replacement recipient email addresses to insert.", + "title": "ReplaceWith", "type": "array" } }, "type": "object" }, - "AWS::SES::ConfigurationSet.TrackingOptions": { + "AWS::SES::MailManagerRuleSet.Rule": { "additionalProperties": false, "properties": { - "CustomRedirectDomain": { - "markdownDescription": "The custom subdomain that is used to redirect email recipients to the Amazon SES event tracking domain.", - "title": "CustomRedirectDomain", + "Actions": { + "items": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleAction" + }, + "markdownDescription": "The list of actions to execute when the conditions match the incoming email, and none of the \"unless conditions\" match.", + "title": "Actions", + "type": "array" + }, + "Conditions": { + "items": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleCondition" + }, + "markdownDescription": "The conditions of this rule. All conditions must match the email for the actions to be executed. An empty list of conditions means that all emails match, but are still subject to any \"unless conditions\"", + "title": "Conditions", + "type": "array" + }, + "Name": { + "markdownDescription": "The user-friendly name of the rule.", + "title": "Name", "type": "string" + }, + "Unless": { + "items": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleCondition" + }, + "markdownDescription": "The \"unless conditions\" of this rule. None of the conditions can match the email for the actions to be executed. If any of these conditions do match the email, then the actions are not executed.", + "title": "Unless", + "type": "array" } }, + "required": [ + "Actions" + ], "type": "object" }, - "AWS::SES::ConfigurationSet.VdmOptions": { + "AWS::SES::MailManagerRuleSet.RuleAction": { "additionalProperties": false, "properties": { - "DashboardOptions": { - "$ref": "#/definitions/AWS::SES::ConfigurationSet.DashboardOptions", - "markdownDescription": "Specifies additional settings for your VDM configuration as applicable to the Dashboard.", - "title": "DashboardOptions" + "AddHeader": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.AddHeaderAction", + "markdownDescription": "This action adds a header. This can be used to add arbitrary email headers.", + "title": "AddHeader" }, - "GuardianOptions": { - "$ref": "#/definitions/AWS::SES::ConfigurationSet.GuardianOptions", - "markdownDescription": "Specifies additional settings for your VDM configuration as applicable to the Guardian.", - "title": "GuardianOptions" + "Archive": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.ArchiveAction", + "markdownDescription": "This action archives the email. This can be used to deliver an email to an archive.", + "title": "Archive" + }, + "DeliverToMailbox": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.DeliverToMailboxAction", + "markdownDescription": "This action delivers an email to a WorkMail mailbox.", + "title": "DeliverToMailbox" + }, + "DeliverToQBusiness": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.DeliverToQBusinessAction", + "markdownDescription": "This action delivers an email to an Amazon Q Business application for ingestion into its knowledge base.", + "title": "DeliverToQBusiness" + }, + "Drop": { + "markdownDescription": "This action terminates the evaluation of rules in the rule set.", + "title": "Drop", + "type": "object" + }, + "PublishToSns": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.SnsAction", + "markdownDescription": "This action publishes the email content to an Amazon SNS topic.", + "title": "PublishToSns" + }, + "Relay": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RelayAction", + "markdownDescription": "This action relays the email to another SMTP server.", + "title": "Relay" + }, + "ReplaceRecipient": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.ReplaceRecipientAction", + "markdownDescription": "The action replaces certain or all recipients with a different set of recipients.", + "title": "ReplaceRecipient" + }, + "Send": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.SendAction", + "markdownDescription": "This action sends the email to the internet.", + "title": "Send" + }, + "WriteToS3": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.S3Action", + "markdownDescription": "This action writes the MIME content of the email to an S3 bucket.", + "title": "WriteToS3" } }, "type": "object" }, - "AWS::SES::ConfigurationSetEventDestination": { + "AWS::SES::MailManagerRuleSet.RuleBooleanExpression": { "additionalProperties": false, "properties": { - "Condition": { + "Evaluate": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleBooleanToEvaluate", + "markdownDescription": "The operand on which to perform a boolean condition operation.", + "title": "Evaluate" + }, + "Operator": { + "markdownDescription": "The matching operator for a boolean condition expression.", + "title": "Operator", "type": "string" + } + }, + "required": [ + "Evaluate", + "Operator" + ], + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.RuleBooleanToEvaluate": { + "additionalProperties": false, + "properties": { + "Analysis": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.Analysis", + "markdownDescription": "The Add On ARN and its returned value to evaluate in a boolean condition expression.", + "title": "Analysis" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Attribute": { + "markdownDescription": "The boolean type representing the allowed attribute types for an email.", + "title": "Attribute", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "IsInAddressList": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleIsInAddressList", + "markdownDescription": "The structure representing the address lists and address list attribute that will be used in evaluation of boolean expression.", + "title": "IsInAddressList" + } + }, + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.RuleCondition": { + "additionalProperties": false, + "properties": { + "BooleanExpression": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleBooleanExpression", + "markdownDescription": "The condition applies to a boolean expression passed in this field.", + "title": "BooleanExpression" }, - "Metadata": { - "type": "object" + "DmarcExpression": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleDmarcExpression", + "markdownDescription": "The condition applies to a DMARC policy expression passed in this field.", + "title": "DmarcExpression" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ConfigurationSetName": { - "markdownDescription": "The name of the configuration set that contains the event destination.", - "title": "ConfigurationSetName", - "type": "string" - }, - "EventDestination": { - "$ref": "#/definitions/AWS::SES::ConfigurationSetEventDestination.EventDestination", - "markdownDescription": "An object that defines the event destination.", - "title": "EventDestination" - } - }, - "required": [ - "ConfigurationSetName", - "EventDestination" - ], - "type": "object" + "IpExpression": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleIpExpression", + "markdownDescription": "The condition applies to an IP address expression passed in this field.", + "title": "IpExpression" }, - "Type": { - "enum": [ - "AWS::SES::ConfigurationSetEventDestination" - ], - "type": "string" + "NumberExpression": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleNumberExpression", + "markdownDescription": "The condition applies to a number expression passed in this field.", + "title": "NumberExpression" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "StringExpression": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleStringExpression", + "markdownDescription": "The condition applies to a string expression passed in this field.", + "title": "StringExpression" + }, + "VerdictExpression": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleVerdictExpression", + "markdownDescription": "The condition applies to a verdict expression passed in this field.", + "title": "VerdictExpression" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::SES::ConfigurationSetEventDestination.CloudWatchDestination": { + "AWS::SES::MailManagerRuleSet.RuleDmarcExpression": { "additionalProperties": false, "properties": { - "DimensionConfigurations": { + "Operator": { + "markdownDescription": "The operator to apply to the DMARC policy of the incoming email.", + "title": "Operator", + "type": "string" + }, + "Values": { "items": { - "$ref": "#/definitions/AWS::SES::ConfigurationSetEventDestination.DimensionConfiguration" + "type": "string" }, - "markdownDescription": "An array of objects that define the dimensions to use when you send email events to Amazon CloudWatch.", - "title": "DimensionConfigurations", + "markdownDescription": "The values to use for the given DMARC policy operator. For the operator EQUALS, if multiple values are given, they are evaluated as an OR. That is, if any of the given values match, the condition is deemed to match. For the operator NOT_EQUALS, if multiple values are given, they are evaluated as an AND. That is, only if the email's DMARC policy is not equal to any of the given values, then the condition is deemed to match.", + "title": "Values", "type": "array" } }, + "required": [ + "Operator", + "Values" + ], "type": "object" }, - "AWS::SES::ConfigurationSetEventDestination.DimensionConfiguration": { + "AWS::SES::MailManagerRuleSet.RuleIpExpression": { "additionalProperties": false, "properties": { - "DefaultDimensionValue": { - "markdownDescription": "The default value of the dimension that is published to Amazon CloudWatch if you don't provide the value of the dimension when you send an email. This value has to meet the following criteria:\n\n- Can only contain ASCII letters (a\u2013z, A\u2013Z), numbers (0\u20139), underscores (_), or dashes (-), at signs (@), and periods (.).\n- It can contain no more than 256 characters.", - "title": "DefaultDimensionValue", - "type": "string" + "Evaluate": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleIpToEvaluate", + "markdownDescription": "The IP address to evaluate in this condition.", + "title": "Evaluate" }, - "DimensionName": { - "markdownDescription": "The name of an Amazon CloudWatch dimension associated with an email sending metric. The name has to meet the following criteria:\n\n- It can only contain ASCII letters (a\u2013z, A\u2013Z), numbers (0\u20139), underscores (_), or dashes (-).\n- It can contain no more than 256 characters.", - "title": "DimensionName", + "Operator": { + "markdownDescription": "The operator to evaluate the IP address.", + "title": "Operator", "type": "string" }, - "DimensionValueSource": { - "markdownDescription": "The location where the Amazon SES API v2 finds the value of a dimension to publish to Amazon CloudWatch. To use the message tags that you specify using an `X-SES-MESSAGE-TAGS` header or a parameter to the `SendEmail` or `SendRawEmail` API, choose `messageTag` . To use your own email headers, choose `emailHeader` . To use link tags, choose `linkTag` .", - "title": "DimensionValueSource", + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The IP CIDR blocks in format \"x.y.z.w/n\" (eg 10.0.0.0/8) to match with the email's IP address. For the operator CIDR_MATCHES, if multiple values are given, they are evaluated as an OR. That is, if the IP address is contained within any of the given CIDR ranges, the condition is deemed to match. For NOT_CIDR_MATCHES, if multiple CIDR ranges are given, the condition is deemed to match if the IP address is not contained in any of the given CIDR ranges.", + "title": "Values", + "type": "array" + } + }, + "required": [ + "Evaluate", + "Operator", + "Values" + ], + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.RuleIpToEvaluate": { + "additionalProperties": false, + "properties": { + "Attribute": { + "markdownDescription": "The attribute of the email to evaluate.", + "title": "Attribute", "type": "string" } }, "required": [ - "DefaultDimensionValue", - "DimensionName", - "DimensionValueSource" + "Attribute" ], "type": "object" }, - "AWS::SES::ConfigurationSetEventDestination.EventDestination": { + "AWS::SES::MailManagerRuleSet.RuleIsInAddressList": { "additionalProperties": false, "properties": { - "CloudWatchDestination": { - "$ref": "#/definitions/AWS::SES::ConfigurationSetEventDestination.CloudWatchDestination", - "markdownDescription": "An object that defines an Amazon CloudWatch destination for email events. You can use Amazon CloudWatch to monitor and gain insights on your email sending metrics.", - "title": "CloudWatchDestination" - }, - "Enabled": { - "markdownDescription": "If `true` , the event destination is enabled. When the event destination is enabled, the specified event types are sent to the destinations in this `EventDestinationDefinition` .\n\nIf `false` , the event destination is disabled. When the event destination is disabled, events aren't sent to the specified destinations.", - "title": "Enabled", - "type": "boolean" - }, - "KinesisFirehoseDestination": { - "$ref": "#/definitions/AWS::SES::ConfigurationSetEventDestination.KinesisFirehoseDestination", - "markdownDescription": "An object that contains the delivery stream ARN and the IAM role ARN associated with an Amazon Kinesis Firehose event destination.", - "title": "KinesisFirehoseDestination" - }, - "MatchingEventTypes": { + "AddressLists": { "items": { "type": "string" }, - "markdownDescription": "The types of events that Amazon SES sends to the specified event destinations.\n\n- `SEND` - The send request was successful and SES will attempt to deliver the message to the recipient\u2019s mail server. (If account-level or global suppression is being used, SES will still count it as a send, but delivery is suppressed.)\n- `REJECT` - SES accepted the email, but determined that it contained a virus and didn\u2019t attempt to deliver it to the recipient\u2019s mail server.\n- `BOUNCE` - ( *Hard bounce* ) The recipient's mail server permanently rejected the email. ( *Soft bounces* are only included when SES fails to deliver the email after retrying for a period of time.)\n- `COMPLAINT` - The email was successfully delivered to the recipient\u2019s mail server, but the recipient marked it as spam.\n- `DELIVERY` - SES successfully delivered the email to the recipient's mail server.\n- `OPEN` - The recipient received the message and opened it in their email client.\n- `CLICK` - The recipient clicked one or more links in the email.\n- `RENDERING_FAILURE` - The email wasn't sent because of a template rendering issue. This event type can occur when template data is missing, or when there is a mismatch between template parameters and data. (This event type only occurs when you send email using the [`SendEmail`](https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_SendEmail.html) or [`SendBulkEmail`](https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_SendBulkEmail.html) API operations.)\n- `DELIVERY_DELAY` - The email couldn't be delivered to the recipient\u2019s mail server because a temporary issue occurred. Delivery delays can occur, for example, when the recipient's inbox is full, or when the receiving email server experiences a transient issue.\n- `SUBSCRIPTION` - The email was successfully delivered, but the recipient updated their subscription preferences by clicking on an *unsubscribe* link as part of your [subscription management](https://docs.aws.amazon.com/ses/latest/dg/sending-email-subscription-management.html) .", - "title": "MatchingEventTypes", + "markdownDescription": "The address lists that will be used for evaluation.", + "title": "AddressLists", "type": "array" }, - "Name": { - "markdownDescription": "The name of the event destination. The name must meet the following requirements:\n\n- Contain only ASCII letters (a-z, A-Z), numbers (0-9), underscores (_), or dashes (-).\n- Contain 64 characters or fewer.", - "title": "Name", + "Attribute": { + "markdownDescription": "The email attribute that needs to be evaluated against the address list.", + "title": "Attribute", "type": "string" - }, - "SnsDestination": { - "$ref": "#/definitions/AWS::SES::ConfigurationSetEventDestination.SnsDestination", - "markdownDescription": "An object that contains the topic ARN associated with an Amazon Simple Notification Service (Amazon SNS) event destination.", - "title": "SnsDestination" } }, "required": [ - "MatchingEventTypes" + "AddressLists", + "Attribute" ], "type": "object" }, - "AWS::SES::ConfigurationSetEventDestination.KinesisFirehoseDestination": { + "AWS::SES::MailManagerRuleSet.RuleNumberExpression": { "additionalProperties": false, "properties": { - "DeliveryStreamARN": { - "markdownDescription": "The ARN of the Amazon Kinesis Firehose stream that email sending events should be published to.", - "title": "DeliveryStreamARN", - "type": "string" + "Evaluate": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleNumberToEvaluate", + "markdownDescription": "The number to evaluate in a numeric condition expression.", + "title": "Evaluate" }, - "IAMRoleARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that the Amazon SES API v2 uses to send email events to the Amazon Kinesis Data Firehose stream.", - "title": "IAMRoleARN", + "Operator": { + "markdownDescription": "The operator for a numeric condition expression.", + "title": "Operator", "type": "string" + }, + "Value": { + "markdownDescription": "The value to evaluate in a numeric condition expression.", + "title": "Value", + "type": "number" } }, "required": [ - "DeliveryStreamARN", - "IAMRoleARN" + "Evaluate", + "Operator", + "Value" ], "type": "object" }, - "AWS::SES::ConfigurationSetEventDestination.SnsDestination": { + "AWS::SES::MailManagerRuleSet.RuleNumberToEvaluate": { "additionalProperties": false, "properties": { - "TopicARN": { - "markdownDescription": "The ARN of the Amazon SNS topic for email sending events. You can find the ARN of a topic by using the [ListTopics](https://docs.aws.amazon.com/sns/latest/api/API_ListTopics.html) Amazon SNS operation.\n\nFor more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) .", - "title": "TopicARN", + "Attribute": { + "markdownDescription": "An email attribute that is used as the number to evaluate.", + "title": "Attribute", "type": "string" } }, "required": [ - "TopicARN" + "Attribute" ], "type": "object" }, - "AWS::SES::ContactList": { + "AWS::SES::MailManagerRuleSet.RuleStringExpression": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Evaluate": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleStringToEvaluate", + "markdownDescription": "The string to evaluate in a string condition expression.", + "title": "Evaluate" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Operator": { + "markdownDescription": "The matching operator for a string condition expression.", + "title": "Operator", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ContactListName": { - "markdownDescription": "The name of the contact list.", - "title": "ContactListName", - "type": "string" - }, - "Description": { - "markdownDescription": "A description of what the contact list is about.", - "title": "Description", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags associated with a contact list.", - "title": "Tags", - "type": "array" - }, - "Topics": { - "items": { - "$ref": "#/definitions/AWS::SES::ContactList.Topic" - }, - "markdownDescription": "An interest group, theme, or label within a list. A contact list can have multiple topics.", - "title": "Topics", - "type": "array" - } + "Values": { + "items": { + "type": "string" }, - "type": "object" + "markdownDescription": "The string(s) to be evaluated in a string condition expression. For all operators, except for NOT_EQUALS, if multiple values are given, the values are processed as an OR. That is, if any of the values match the email's string using the given operator, the condition is deemed to match. However, for NOT_EQUALS, the condition is only deemed to match if none of the given strings match the email's string.", + "title": "Values", + "type": "array" + } + }, + "required": [ + "Evaluate", + "Operator", + "Values" + ], + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.RuleStringToEvaluate": { + "additionalProperties": false, + "properties": { + "Analysis": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.Analysis", + "markdownDescription": "The Add On ARN and its returned value to evaluate in a string condition expression.", + "title": "Analysis" }, - "Type": { - "enum": [ - "AWS::SES::ContactList" - ], + "Attribute": { + "markdownDescription": "The email attribute to evaluate in a string condition expression.", + "title": "Attribute", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "MimeHeaderAttribute": { + "markdownDescription": "The email MIME X-Header attribute to evaluate in a string condition expression.", + "title": "MimeHeaderAttribute", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.RuleVerdictExpression": { + "additionalProperties": false, + "properties": { + "Evaluate": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleVerdictToEvaluate", + "markdownDescription": "The verdict to evaluate in a verdict condition expression.", + "title": "Evaluate" + }, + "Operator": { + "markdownDescription": "The matching operator for a verdict condition expression.", + "title": "Operator", "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The values to match with the email's verdict using the given operator. For the EQUALS operator, if multiple values are given, the condition is deemed to match if any of the given verdicts match that of the email. For the NOT_EQUALS operator, if multiple values are given, the condition is deemed to match of none of the given verdicts match the verdict of the email.", + "title": "Values", + "type": "array" } }, "required": [ - "Type" + "Evaluate", + "Operator", + "Values" ], "type": "object" }, - "AWS::SES::ContactList.Topic": { + "AWS::SES::MailManagerRuleSet.RuleVerdictToEvaluate": { "additionalProperties": false, "properties": { - "DefaultSubscriptionStatus": { - "markdownDescription": "The default subscription status to be applied to a contact if the contact has not noted their preference for subscribing to a topic.", - "title": "DefaultSubscriptionStatus", + "Analysis": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.Analysis", + "markdownDescription": "The Add On ARN and its returned value to evaluate in a verdict condition expression.", + "title": "Analysis" + }, + "Attribute": { + "markdownDescription": "The email verdict attribute to evaluate in a string verdict expression.", + "title": "Attribute", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.S3Action": { + "additionalProperties": false, + "properties": { + "ActionFailurePolicy": { + "markdownDescription": "A policy that states what to do in the case of failure. The action will fail if there are configuration errors. For example, the specified the bucket has been deleted.", + "title": "ActionFailurePolicy", "type": "string" }, - "Description": { - "markdownDescription": "A description of what the topic is about, which the contact will see.", - "title": "Description", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM Role to use while writing to S3. This role must have access to the s3:PutObject, kms:Encrypt, and kms:GenerateDataKey APIs for the given bucket.", + "title": "RoleArn", "type": "string" }, - "DisplayName": { - "markdownDescription": "The name of the topic the contact will see.", - "title": "DisplayName", + "S3Bucket": { + "markdownDescription": "The bucket name of the S3 bucket to write to.", + "title": "S3Bucket", "type": "string" }, - "TopicName": { - "markdownDescription": "The name of the topic.", - "title": "TopicName", + "S3Prefix": { + "markdownDescription": "The S3 prefix to use for the write to the s3 bucket.", + "title": "S3Prefix", + "type": "string" + }, + "S3SseKmsKeyId": { + "markdownDescription": "The KMS Key ID to use to encrypt the message in S3.", + "title": "S3SseKmsKeyId", "type": "string" } }, "required": [ - "DefaultSubscriptionStatus", - "DisplayName", - "TopicName" + "RoleArn", + "S3Bucket" ], "type": "object" }, - "AWS::SES::DedicatedIpPool": { + "AWS::SES::MailManagerRuleSet.SendAction": { "additionalProperties": false, "properties": { - "Condition": { + "ActionFailurePolicy": { + "markdownDescription": "A policy that states what to do in the case of failure. The action will fail if there are configuration errors. For example, the caller does not have the permissions to call the sendRawEmail API.", + "title": "ActionFailurePolicy", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role to use for this action. This role must have access to the ses:SendRawEmail API.", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "RoleArn" + ], + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.SnsAction": { + "additionalProperties": false, + "properties": { + "ActionFailurePolicy": { + "markdownDescription": "A policy that states what to do in the case of failure. The action will fail if there are configuration errors. For example, specified SNS topic has been deleted or the role lacks necessary permissions to call the `sns:Publish` API.", + "title": "ActionFailurePolicy", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "Encoding": { + "markdownDescription": "The encoding to use for the email within the Amazon SNS notification. The default value is `UTF-8` . Use `BASE64` if you need to preserve all special characters, especially when the original message uses a different encoding format.", + "title": "Encoding", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "PoolName": { - "markdownDescription": "The name of the dedicated IP pool that the IP address is associated with.", - "title": "PoolName", - "type": "string" - }, - "ScalingMode": { - "markdownDescription": "The type of scaling mode.\n\nThe following options are available:\n\n- `STANDARD` - The customer controls which IPs are part of the dedicated IP pool.\n- `MANAGED` - The reputation and number of IPs are automatically managed by Amazon SES .\n\nThe `STANDARD` option is selected by default if no value is specified.\n\n> Updating *ScalingMode* doesn't require a replacement if you're updating its value from `STANDARD` to `MANAGED` . However, updating *ScalingMode* from `MANAGED` to `STANDARD` is not supported.", - "title": "ScalingMode", - "type": "string" - } - }, - "type": "object" + "PayloadType": { + "markdownDescription": "The expected payload type within the Amazon SNS notification. `CONTENT` attempts to publish the full email content with 20KB of headers content. `HEADERS` extracts up to 100KB of header content to include in the notification, email content will not be included to the notification. The default value is `CONTENT` .", + "title": "PayloadType", + "type": "string" }, - "Type": { - "enum": [ - "AWS::SES::DedicatedIpPool" - ], + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM Role to use while writing to Amazon SNS. This role must have access to the `sns:Publish` API for the given topic.", + "title": "RoleArn", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS Topic to which notification for the email received will be published.", + "title": "TopicArn", "type": "string" } }, "required": [ - "Type" + "RoleArn", + "TopicArn" ], "type": "object" }, - "AWS::SES::EmailIdentity": { + "AWS::SES::MailManagerTrafficPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -239367,45 +284813,47 @@ "Properties": { "additionalProperties": false, "properties": { - "ConfigurationSetAttributes": { - "$ref": "#/definitions/AWS::SES::EmailIdentity.ConfigurationSetAttributes", - "markdownDescription": "Used to associate a configuration set with an email identity.", - "title": "ConfigurationSetAttributes" - }, - "DkimAttributes": { - "$ref": "#/definitions/AWS::SES::EmailIdentity.DkimAttributes", - "markdownDescription": "An object that contains information about the DKIM attributes for the identity.", - "title": "DkimAttributes" + "DefaultAction": { + "markdownDescription": "Default action instructs the tra\ufb03c policy to either Allow or Deny (block) messages that fall outside of (or not addressed by) the conditions of your policy statements", + "title": "DefaultAction", + "type": "string" }, - "DkimSigningAttributes": { - "$ref": "#/definitions/AWS::SES::EmailIdentity.DkimSigningAttributes", - "markdownDescription": "If your request includes this object, Amazon SES configures the identity to use Bring Your Own DKIM (BYODKIM) for DKIM authentication purposes, or, configures the key length to be used for [Easy DKIM](https://docs.aws.amazon.com/ses/latest/DeveloperGuide/easy-dkim.html) .\n\nYou can only specify this object if the email identity is a domain, as opposed to an address.", - "title": "DkimSigningAttributes" + "MaxMessageSizeBytes": { + "markdownDescription": "The maximum message size in bytes of email which is allowed in by this traffic policy\u2014anything larger will be blocked.", + "title": "MaxMessageSizeBytes", + "type": "number" }, - "EmailIdentity": { - "markdownDescription": "The email address or domain to verify.", - "title": "EmailIdentity", - "type": "string" + "PolicyStatements": { + "items": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.PolicyStatement" + }, + "markdownDescription": "Conditional statements for filtering email traffic.", + "title": "PolicyStatements", + "type": "array" }, - "FeedbackAttributes": { - "$ref": "#/definitions/AWS::SES::EmailIdentity.FeedbackAttributes", - "markdownDescription": "Used to enable or disable feedback forwarding for an identity.", - "title": "FeedbackAttributes" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for the resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "title": "Tags", + "type": "array" }, - "MailFromAttributes": { - "$ref": "#/definitions/AWS::SES::EmailIdentity.MailFromAttributes", - "markdownDescription": "Used to enable or disable the custom Mail-From domain configuration for an email identity.", - "title": "MailFromAttributes" + "TrafficPolicyName": { + "markdownDescription": "The name of the policy.\n\nThe policy name cannot exceed 64 characters and can only include alphanumeric characters, dashes, and underscores.", + "title": "TrafficPolicyName", + "type": "string" } }, "required": [ - "EmailIdentity" + "DefaultAction", + "PolicyStatements" ], "type": "object" }, "Type": { "enum": [ - "AWS::SES::EmailIdentity" + "AWS::SES::MailManagerTrafficPolicy" ], "type": "string" }, @@ -239424,74 +284872,308 @@ ], "type": "object" }, - "AWS::SES::EmailIdentity.ConfigurationSetAttributes": { + "AWS::SES::MailManagerTrafficPolicy.IngressAnalysis": { "additionalProperties": false, "properties": { - "ConfigurationSetName": { - "markdownDescription": "The configuration set to associate with an email identity.", - "title": "ConfigurationSetName", + "Analyzer": { + "markdownDescription": "The Amazon Resource Name (ARN) of an Add On.", + "title": "Analyzer", + "type": "string" + }, + "ResultField": { + "markdownDescription": "The returned value from an Add On.", + "title": "ResultField", "type": "string" } }, + "required": [ + "Analyzer", + "ResultField" + ], "type": "object" }, - "AWS::SES::EmailIdentity.DkimAttributes": { + "AWS::SES::MailManagerTrafficPolicy.IngressBooleanExpression": { "additionalProperties": false, "properties": { - "SigningEnabled": { - "markdownDescription": "Sets the DKIM signing configuration for the identity.\n\nWhen you set this value `true` , then the messages that are sent from the identity are signed using DKIM. If you set this value to `false` , your messages are sent without DKIM signing.", - "title": "SigningEnabled", - "type": "boolean" + "Evaluate": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.IngressBooleanToEvaluate", + "markdownDescription": "The operand on which to perform a boolean condition operation.", + "title": "Evaluate" + }, + "Operator": { + "markdownDescription": "The matching operator for a boolean condition expression.", + "title": "Operator", + "type": "string" } }, + "required": [ + "Evaluate", + "Operator" + ], "type": "object" }, - "AWS::SES::EmailIdentity.DkimSigningAttributes": { + "AWS::SES::MailManagerTrafficPolicy.IngressBooleanToEvaluate": { "additionalProperties": false, "properties": { - "DomainSigningPrivateKey": { - "markdownDescription": "[Bring Your Own DKIM] A private key that's used to generate a DKIM signature.\n\nThe private key must use 1024 or 2048-bit RSA encryption, and must be encoded using base64 encoding.\n\n> Rather than embedding sensitive information directly in your CFN templates, we recommend you use dynamic parameters in the stack template to reference sensitive information that is stored and managed outside of CFN, such as in the AWS Systems Manager Parameter Store or AWS Secrets Manager.\n> \n> For more information, see the [Do not embed credentials in your templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/best-practices.html#creds) best practice.", - "title": "DomainSigningPrivateKey", + "Analysis": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.IngressAnalysis", + "markdownDescription": "The structure type for a boolean condition stating the Add On ARN and its returned value.", + "title": "Analysis" + }, + "IsInAddressList": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.IngressIsInAddressList", + "markdownDescription": "", + "title": "IsInAddressList" + } + }, + "type": "object" + }, + "AWS::SES::MailManagerTrafficPolicy.IngressIpToEvaluate": { + "additionalProperties": false, + "properties": { + "Attribute": { + "markdownDescription": "An enum type representing the allowed attribute types for an IP condition.", + "title": "Attribute", "type": "string" + } + }, + "required": [ + "Attribute" + ], + "type": "object" + }, + "AWS::SES::MailManagerTrafficPolicy.IngressIpv4Expression": { + "additionalProperties": false, + "properties": { + "Evaluate": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.IngressIpToEvaluate", + "markdownDescription": "The left hand side argument of an IP condition expression.", + "title": "Evaluate" }, - "DomainSigningSelector": { - "markdownDescription": "[Bring Your Own DKIM] A string that's used to identify a public key in the DNS configuration for a domain.", - "title": "DomainSigningSelector", + "Operator": { + "markdownDescription": "The matching operator for an IP condition expression.", + "title": "Operator", "type": "string" }, - "NextSigningKeyLength": { - "markdownDescription": "[Easy DKIM] The key length of the future DKIM key pair to be generated. This can be changed at most once per day.\n\nValid Values: `RSA_1024_BIT | RSA_2048_BIT`", - "title": "NextSigningKeyLength", + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The right hand side argument of an IP condition expression.", + "title": "Values", + "type": "array" + } + }, + "required": [ + "Evaluate", + "Operator", + "Values" + ], + "type": "object" + }, + "AWS::SES::MailManagerTrafficPolicy.IngressIpv6Expression": { + "additionalProperties": false, + "properties": { + "Evaluate": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.IngressIpv6ToEvaluate", + "markdownDescription": "", + "title": "Evaluate" + }, + "Operator": { + "markdownDescription": "", + "title": "Operator", "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "Values", + "type": "array" } }, + "required": [ + "Evaluate", + "Operator", + "Values" + ], "type": "object" }, - "AWS::SES::EmailIdentity.FeedbackAttributes": { + "AWS::SES::MailManagerTrafficPolicy.IngressIpv6ToEvaluate": { "additionalProperties": false, "properties": { - "EmailForwardingEnabled": { - "markdownDescription": "Sets the feedback forwarding configuration for the identity.\n\nIf the value is `true` , you receive email notifications when bounce or complaint events occur. These notifications are sent to the address that you specified in the `Return-Path` header of the original email.\n\nYou're required to have a method of tracking bounces and complaints. If you haven't set up another mechanism for receiving bounce or complaint notifications (for example, by setting up an event destination), you receive an email notification when these events occur (even if this setting is disabled).", - "title": "EmailForwardingEnabled", - "type": "boolean" + "Attribute": { + "markdownDescription": "", + "title": "Attribute", + "type": "string" } }, + "required": [ + "Attribute" + ], "type": "object" }, - "AWS::SES::EmailIdentity.MailFromAttributes": { + "AWS::SES::MailManagerTrafficPolicy.IngressIsInAddressList": { "additionalProperties": false, "properties": { - "BehaviorOnMxFailure": { - "markdownDescription": "The action to take if the required MX record isn't found when you send an email. When you set this value to `USE_DEFAULT_VALUE` , the mail is sent using *amazonses.com* as the MAIL FROM domain. When you set this value to `REJECT_MESSAGE` , the Amazon SES API v2 returns a `MailFromDomainNotVerified` error, and doesn't attempt to deliver the email.\n\nThese behaviors are taken when the custom MAIL FROM domain configuration is in the `Pending` , `Failed` , and `TemporaryFailure` states.\n\nValid Values: `USE_DEFAULT_VALUE | REJECT_MESSAGE`", - "title": "BehaviorOnMxFailure", + "AddressLists": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "AddressLists", + "type": "array" + }, + "Attribute": { + "markdownDescription": "", + "title": "Attribute", "type": "string" + } + }, + "required": [ + "AddressLists", + "Attribute" + ], + "type": "object" + }, + "AWS::SES::MailManagerTrafficPolicy.IngressStringExpression": { + "additionalProperties": false, + "properties": { + "Evaluate": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.IngressStringToEvaluate", + "markdownDescription": "The left hand side argument of a string condition expression.", + "title": "Evaluate" }, - "MailFromDomain": { - "markdownDescription": "The custom MAIL FROM domain that you want the verified identity to use. The MAIL FROM domain must meet the following criteria:\n\n- It has to be a subdomain of the verified identity.\n- It can't be used to receive email.\n- It can't be used in a \"From\" address if the MAIL FROM domain is a destination for feedback forwarding emails.", - "title": "MailFromDomain", + "Operator": { + "markdownDescription": "", + "title": "Operator", "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The right hand side argument of a string condition expression.", + "title": "Values", + "type": "array" } }, + "required": [ + "Evaluate", + "Operator", + "Values" + ], + "type": "object" + }, + "AWS::SES::MailManagerTrafficPolicy.IngressStringToEvaluate": { + "additionalProperties": false, + "properties": { + "Analysis": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.IngressAnalysis", + "markdownDescription": "", + "title": "Analysis" + }, + "Attribute": { + "markdownDescription": "The enum type representing the allowed attribute types for a string condition.", + "title": "Attribute", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SES::MailManagerTrafficPolicy.IngressTlsProtocolExpression": { + "additionalProperties": false, + "properties": { + "Evaluate": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.IngressTlsProtocolToEvaluate", + "markdownDescription": "The left hand side argument of a TLS condition expression.", + "title": "Evaluate" + }, + "Operator": { + "markdownDescription": "The matching operator for a TLS condition expression.", + "title": "Operator", + "type": "string" + }, + "Value": { + "markdownDescription": "The right hand side argument of a TLS condition expression.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Evaluate", + "Operator", + "Value" + ], + "type": "object" + }, + "AWS::SES::MailManagerTrafficPolicy.IngressTlsProtocolToEvaluate": { + "additionalProperties": false, + "properties": { + "Attribute": { + "markdownDescription": "The enum type representing the allowed attribute types for the TLS condition.", + "title": "Attribute", + "type": "string" + } + }, + "required": [ + "Attribute" + ], + "type": "object" + }, + "AWS::SES::MailManagerTrafficPolicy.PolicyCondition": { + "additionalProperties": false, + "properties": { + "BooleanExpression": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.IngressBooleanExpression", + "markdownDescription": "This represents a boolean type condition matching on the incoming mail. It performs the boolean operation configured in 'Operator' and evaluates the 'Protocol' object against the 'Value'.", + "title": "BooleanExpression" + }, + "IpExpression": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.IngressIpv4Expression", + "markdownDescription": "This represents an IP based condition matching on the incoming mail. It performs the operation configured in 'Operator' and evaluates the 'Protocol' object against the 'Value'.", + "title": "IpExpression" + }, + "Ipv6Expression": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.IngressIpv6Expression", + "markdownDescription": "", + "title": "Ipv6Expression" + }, + "StringExpression": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.IngressStringExpression", + "markdownDescription": "This represents a string based condition matching on the incoming mail. It performs the string operation configured in 'Operator' and evaluates the 'Protocol' object against the 'Value'.", + "title": "StringExpression" + }, + "TlsExpression": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.IngressTlsProtocolExpression", + "markdownDescription": "This represents a TLS based condition matching on the incoming mail. It performs the operation configured in 'Operator' and evaluates the 'Protocol' object against the 'Value'.", + "title": "TlsExpression" + } + }, + "type": "object" + }, + "AWS::SES::MailManagerTrafficPolicy.PolicyStatement": { + "additionalProperties": false, + "properties": { + "Action": { + "markdownDescription": "The action that informs a traffic policy resource to either allow or block the email if it matches a condition in the policy statement.", + "title": "Action", + "type": "string" + }, + "Conditions": { + "items": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.PolicyCondition" + }, + "markdownDescription": "The list of conditions to apply to incoming messages for filtering email traffic.", + "title": "Conditions", + "type": "array" + } + }, + "required": [ + "Action", + "Conditions" + ], "type": "object" }, "AWS::SES::ReceiptFilter": { @@ -239691,6 +285373,11 @@ "markdownDescription": "Rejects the received email by returning a bounce response to the sender and, optionally, publishes a notification to Amazon Simple Notification Service (Amazon SNS).", "title": "BounceAction" }, + "ConnectAction": { + "$ref": "#/definitions/AWS::SES::ReceiptRule.ConnectAction", + "markdownDescription": "", + "title": "ConnectAction" + }, "LambdaAction": { "$ref": "#/definitions/AWS::SES::ReceiptRule.LambdaAction", "markdownDescription": "Calls an AWS Lambda function, and optionally, publishes a notification to Amazon SNS.", @@ -239775,6 +285462,26 @@ ], "type": "object" }, + "AWS::SES::ReceiptRule.ConnectAction": { + "additionalProperties": false, + "properties": { + "IAMRoleARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to be used by Amazon Simple Email Service while starting email contacts to the Amazon Connect instance. This role should have permission to invoke `connect:StartEmailContact` for the given Amazon Connect instance.", + "title": "IAMRoleARN", + "type": "string" + }, + "InstanceARN": { + "markdownDescription": "The Amazon Resource Name (ARN) for the Amazon Connect instance that Amazon SES integrates with for starting email contacts.\n\nFor more information about Amazon Connect instances, see the [Amazon Connect Administrator Guide](https://docs.aws.amazon.com/connect/latest/adminguide/amazon-connect-instances.html)", + "title": "InstanceARN", + "type": "string" + } + }, + "required": [ + "IAMRoleARN", + "InstanceARN" + ], + "type": "object" + }, "AWS::SES::ReceiptRule.LambdaAction": { "additionalProperties": false, "properties": { @@ -239849,6 +285556,11 @@ "title": "BucketName", "type": "string" }, + "IamRoleArn": { + "markdownDescription": "The ARN of the IAM role to be used by Amazon Simple Email Service while writing to the Amazon S3 bucket, optionally encrypting your mail via the provided customer managed key, and publishing to the Amazon SNS topic. This role should have access to the following APIs:\n\n- `s3:PutObject` , `kms:Encrypt` and `kms:GenerateDataKey` for the given Amazon S3 bucket.\n- `kms:GenerateDataKey` for the given AWS KMS customer managed key.\n- `sns:Publish` for the given Amazon SNS topic.\n\n> If an IAM role ARN is provided, the role (and only the role) is used to access all the given resources (Amazon S3 bucket, AWS KMS customer managed key and Amazon SNS topic). Therefore, setting up individual resource access permissions is not required.", + "title": "IamRoleArn", + "type": "string" + }, "KmsKeyArn": { "markdownDescription": "The customer managed key that Amazon SES should use to encrypt your emails before saving them to the Amazon S3 bucket. You can use the AWS managed key or a customer managed key that you created in AWS KMS as follows:\n\n- To use the AWS managed key, provide an ARN in the form of `arn:aws:kms:REGION:ACCOUNT-ID-WITHOUT-HYPHENS:alias/aws/ses` . For example, if your AWS account ID is 123456789012 and you want to use the AWS managed key in the US West (Oregon) Region, the ARN of the AWS managed key would be `arn:aws:kms:us-west-2:123456789012:alias/aws/ses` . If you use the AWS managed key, you don't need to perform any extra steps to give Amazon SES permission to use the key.\n- To use a customer managed key that you created in AWS KMS, provide the ARN of the customer managed key and ensure that you add a statement to your key's policy to give Amazon SES permission to use it. For more information about giving permissions, see the [Amazon SES Developer Guide](https://docs.aws.amazon.com/ses/latest/dg/receiving-email-permissions.html) .\n\nFor more information about key policies, see the [AWS KMS Developer Guide](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html) . If you do not specify an AWS KMS key, Amazon SES does not encrypt your emails.\n\n> Your mail is encrypted by Amazon SES using the Amazon S3 encryption client before the mail is submitted to Amazon S3 for storage. It is not encrypted using Amazon S3 server-side encryption. This means that you must use the Amazon S3 encryption client to decrypt the email after retrieving it from Amazon S3, as the service has no access to use your AWS KMS keys for decryption. This encryption client is currently available with the [AWS SDK for Java](https://docs.aws.amazon.com/sdk-for-java/) and [AWS SDK for Ruby](https://docs.aws.amazon.com/sdk-for-ruby/) only. For more information about client-side encryption using AWS KMS managed keys, see the [Amazon S3 Developer Guide](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingClientSideEncryption.html) .", "title": "KmsKeyArn", @@ -240357,6 +286069,11 @@ "title": "DisplayName", "type": "string" }, + "FifoThroughputScope": { + "markdownDescription": "Specifies the throughput quota and deduplication behavior to apply for the FIFO topic. Valid values are `Topic` or `MessageGroup` .", + "title": "FifoThroughputScope", + "type": "string" + }, "FifoTopic": { "markdownDescription": "Set to true to create a FIFO topic.", "title": "FifoTopic", @@ -240985,7 +286702,7 @@ "type": "string" }, "InstanceId": { - "markdownDescription": "The ID of the instance that the SSM document is associated with. You must specify the `InstanceId` or `Targets` property.\n\n> `InstanceId` has been deprecated. To specify an instance ID for an association, use the `Targets` parameter. If you use the parameter `InstanceId` , you cannot use the parameters `AssociationName` , `DocumentVersion` , `MaxErrors` , `MaxConcurrency` , `OutputLocation` , or `ScheduleExpression` . To use these parameters, you must use the `Targets` parameter.", + "markdownDescription": "> `InstanceId` has been deprecated. To specify an instance ID for an association, use the `Targets` parameter. If you use the parameter `InstanceId` , you cannot use the parameters `AssociationName` , `DocumentVersion` , `MaxErrors` , `MaxConcurrency` , `OutputLocation` , or `ScheduleExpression` . To use these parameters, you must use the `Targets` parameter.\n> \n> Note that in some examples later in this page, `InstanceIds` is used as the tag-key name in a `Targets` filter. `InstanceId` is not used as a parameter. \n\nThe ID of the instance that the SSM document is associated with. You must specify the `InstanceId` or `Targets` property.", "title": "InstanceId", "type": "string" }, @@ -241576,7 +287293,7 @@ }, "LoggingInfo": { "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.LoggingInfo", - "markdownDescription": "Information about an Amazon S3 bucket to write Run Command task-level logs to.\n\n> `LoggingInfo` has been deprecated. To specify an Amazon S3 bucket to contain logs for Run Command tasks, instead use the `OutputS3BucketName` and `OutputS3KeyPrefix` options in the `TaskInvocationParameters` structure. For information about how Systems Manager handles these options for the supported maintenance window task types, see [AWS ::SSM::MaintenanceWindowTask MaintenanceWindowRunCommandParameters](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-maintenancewindowtask-maintenancewindowruncommandparameters.html) .", + "markdownDescription": "> `LoggingInfo` has been deprecated. To specify an Amazon S3 bucket to contain logs for Run Command tasks, instead use the `OutputS3BucketName` and `OutputS3KeyPrefix` options in the `TaskInvocationParameters` structure. For information about how Systems Manager handles these options for the supported maintenance window task types, see [AWS ::SSM::MaintenanceWindowTask MaintenanceWindowRunCommandParameters](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-maintenancewindowtask-maintenancewindowruncommandparameters.html) . \n\nInformation about an Amazon S3 bucket to write Run Command task-level logs to.", "title": "LoggingInfo" }, "MaxConcurrency": { @@ -241623,7 +287340,7 @@ "title": "TaskInvocationParameters" }, "TaskParameters": { - "markdownDescription": "The parameters to pass to the task when it runs.\n\n> `TaskParameters` has been deprecated. To specify parameters to pass to a task when it runs, instead use the `Parameters` option in the `TaskInvocationParameters` structure. For information about how Systems Manager handles these options for the supported maintenance window task types, see [MaintenanceWindowTaskInvocationParameters](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_MaintenanceWindowTaskInvocationParameters.html) .", + "markdownDescription": "> `TaskParameters` has been deprecated. To specify parameters to pass to a task when it runs, instead use the `Parameters` option in the `TaskInvocationParameters` structure. For information about how Systems Manager handles these options for the supported maintenance window task types, see [MaintenanceWindowTaskInvocationParameters](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_MaintenanceWindowTaskInvocationParameters.html) . \n\nThe parameters to pass to the task when it runs.", "title": "TaskParameters", "type": "object" }, @@ -241949,7 +287666,7 @@ "type": "string" }, "Name": { - "markdownDescription": "The name of the parameter.\n\n> The maximum length constraint listed below includes capacity for additional system attributes that aren't part of the name. The maximum length for a parameter name, including the full length of the parameter Amazon Resource Name (ARN), is 1011 characters. For example, the length of the following parameter name is 65 characters, not 20 characters: `arn:aws:ssm:us-east-2:111222333444:parameter/ExampleParameterName`", + "markdownDescription": "The name of the parameter.\n\n> The reported maximum length of 2048 characters for a parameter name includes 1037 characters that are reserved for internal use by Systems Manager . The maximum length for a parameter name that you specify is 1011 characters.\n> \n> This count of 1011 characters includes the characters in the ARN that precede the name you specify. This ARN length will vary depending on your partition and Region. For example, the following 45 characters count toward the 1011 character maximum for a parameter created in the US East (Ohio) Region: `arn:aws:ssm:us-east-2:111122223333:parameter/` .", "title": "Name", "type": "string" }, @@ -242070,6 +287787,11 @@ "title": "ApprovedPatchesEnableNonSecurity", "type": "boolean" }, + "AvailableSecurityUpdatesComplianceStatus": { + "markdownDescription": "", + "title": "AvailableSecurityUpdatesComplianceStatus", + "type": "string" + }, "DefaultBaseline": { "markdownDescription": "Indicates whether this is the default baseline. AWS Systems Manager supports creating multiple default patch baselines. For example, you can create a default patch baseline for each operating system.", "title": "DefaultBaseline", @@ -242196,7 +287918,7 @@ "additionalProperties": false, "properties": { "Configuration": { - "markdownDescription": "The value of the yum repo configuration. For example:\n\n`[main]`\n\n`name=MyCustomRepository`\n\n`baseurl=https://my-custom-repository`\n\n`enabled=1`\n\n> For information about other options available for your yum repository configuration, see [dnf.conf(5)](https://docs.aws.amazon.com/https://man7.org/linux/man-pages/man5/dnf.conf.5.html) .", + "markdownDescription": "The value of the repo configuration.\n\n*Example for yum repositories*\n\n`[main]`\n\n`name=MyCustomRepository`\n\n`baseurl=https://my-custom-repository`\n\n`enabled=1`\n\nFor information about other options available for your yum repository configuration, see [dnf.conf(5)](https://docs.aws.amazon.com/https://man7.org/linux/man-pages/man5/dnf.conf.5.html) on the *man7.org* website.\n\n*Examples for Ubuntu Server and Debian Server*\n\n`deb http://security.ubuntu.com/ubuntu jammy main`\n\n`deb https://site.example.com/debian distribution component1 component2 component3`\n\nRepo information for Ubuntu Server repositories must be specifed in a single line. For more examples and information, see [jammy (5) sources.list.5.gz](https://docs.aws.amazon.com/https://manpages.ubuntu.com/manpages/jammy/man5/sources.list.5.html) on the *Ubuntu Server Manuals* website and [sources.list format](https://docs.aws.amazon.com/https://wiki.debian.org/SourcesList#sources.list_format) on the *Debian Wiki* .", "title": "Configuration", "type": "string" }, @@ -242585,6 +288307,14 @@ "title": "Plan", "type": "array" }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + }, "Type": { "markdownDescription": "The type of contact.\n\n- `PERSONAL` : A single, individual contact.\n- `ESCALATION` : An escalation plan.\n- `ONCALL_SCHEDULE` : An on-call schedule.", "title": "Type", @@ -243190,6 +288920,126 @@ ], "type": "object" }, + "AWS::SSMGuiConnect::Preferences": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ConnectionRecordingPreferences": { + "$ref": "#/definitions/AWS::SSMGuiConnect::Preferences.ConnectionRecordingPreferences", + "markdownDescription": "The set of preferences used for recording RDP connections in the requesting AWS account and AWS Region . This includes details such as which S3 bucket recordings are stored in.", + "title": "ConnectionRecordingPreferences" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SSMGuiConnect::Preferences" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::SSMGuiConnect::Preferences.ConnectionRecordingPreferences": { + "additionalProperties": false, + "properties": { + "KMSKeyArn": { + "markdownDescription": "The ARN of a AWS KMS key that is used to encrypt data while it is being processed by the service. This key must exist in the same AWS Region as the node you start an RDP connection to.", + "title": "KMSKeyArn", + "type": "string" + }, + "RecordingDestinations": { + "$ref": "#/definitions/AWS::SSMGuiConnect::Preferences.RecordingDestinations", + "markdownDescription": "Determines where recordings of RDP connections are stored.", + "title": "RecordingDestinations" + } + }, + "required": [ + "KMSKeyArn", + "RecordingDestinations" + ], + "type": "object" + }, + "AWS::SSMGuiConnect::Preferences.RecordingDestinations": { + "additionalProperties": false, + "properties": { + "S3Buckets": { + "items": { + "$ref": "#/definitions/AWS::SSMGuiConnect::Preferences.S3Bucket" + }, + "markdownDescription": "The S3 bucket where RDP connection recordings are stored.", + "title": "S3Buckets", + "type": "array" + } + }, + "required": [ + "S3Buckets" + ], + "type": "object" + }, + "AWS::SSMGuiConnect::Preferences.S3Bucket": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "The name of the S3 bucket where RDP connection recordings are stored.", + "title": "BucketName", + "type": "string" + }, + "BucketOwner": { + "markdownDescription": "The AWS account number that owns the S3 bucket.", + "title": "BucketOwner", + "type": "string" + } + }, + "required": [ + "BucketName", + "BucketOwner" + ], + "type": "object" + }, "AWS::SSMIncidents::ReplicationSet": { "additionalProperties": false, "properties": { @@ -243654,6 +289504,400 @@ ], "type": "object" }, + "AWS::SSMQuickSetup::ConfigurationManager": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ConfigurationDefinitions": { + "items": { + "$ref": "#/definitions/AWS::SSMQuickSetup::ConfigurationManager.ConfigurationDefinition" + }, + "markdownDescription": "The definition of the Quick Setup configuration that the configuration manager deploys.", + "title": "ConfigurationDefinitions", + "type": "array" + }, + "Description": { + "markdownDescription": "The description of the configuration.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the configuration", + "title": "Name", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Key-value pairs of metadata to assign to the configuration manager.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "ConfigurationDefinitions" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SSMQuickSetup::ConfigurationManager" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SSMQuickSetup::ConfigurationManager.ConfigurationDefinition": { + "additionalProperties": false, + "properties": { + "LocalDeploymentAdministrationRoleArn": { + "markdownDescription": "The ARN of the IAM role used to administrate local configuration deployments.\n\n> Although this element is listed as \"Required: No\", a value can be omitted only for organizational deployments of types other than `AWSQuickSetupType-PatchPolicy` . A value must be provided when you are running an organizational deployment for a patch policy or running any type of deployment for a single account.", + "title": "LocalDeploymentAdministrationRoleArn", + "type": "string" + }, + "LocalDeploymentExecutionRoleName": { + "markdownDescription": "The name of the IAM role used to deploy local configurations.\n\n> Although this element is listed as \"Required: No\", a value can be omitted only for organizational deployments of types other than `AWSQuickSetupType-PatchPolicy` . A value must be provided when you are running an organizational deployment for a patch policy or running any type of deployment for a single account.", + "title": "LocalDeploymentExecutionRoleName", + "type": "string" + }, + "Parameters": { + "additionalProperties": true, + "markdownDescription": "The parameters for the configuration definition type. Parameters for configuration definitions vary based the configuration type. The following lists outline the parameters for each configuration type.\n\n- **AWS Config Recording (Type: AWS QuickSetupType-CFGRecording)** - - `RecordAllResources`\n\n- Description: (Optional) A boolean value that determines whether all supported resources are recorded. The default value is \" `true` \".\n- `ResourceTypesToRecord`\n\n- Description: (Optional) A comma separated list of resource types you want to record.\n- `RecordGlobalResourceTypes`\n\n- Description: (Optional) A boolean value that determines whether global resources are recorded with all resource configurations. The default value is \" `false` \".\n- `GlobalResourceTypesRegion`\n\n- Description: (Optional) Determines the AWS Region where global resources are recorded.\n- `UseCustomBucket`\n\n- Description: (Optional) A boolean value that determines whether a custom Amazon S3 bucket is used for delivery. The default value is \" `false` \".\n- `DeliveryBucketName`\n\n- Description: (Optional) The name of the Amazon S3 bucket you want AWS Config to deliver configuration snapshots and configuration history files to.\n- `DeliveryBucketPrefix`\n\n- Description: (Optional) The key prefix you want to use in the custom Amazon S3 bucket.\n- `NotificationOptions`\n\n- Description: (Optional) Determines the notification configuration for the recorder. The valid values are `NoStreaming` , `UseExistingTopic` , and `CreateTopic` . The default value is `NoStreaming` .\n- `CustomDeliveryTopicAccountId`\n\n- Description: (Optional) The ID of the AWS account where the Amazon SNS topic you want to use for notifications resides. You must specify a value for this parameter if you use the `UseExistingTopic` notification option.\n- `CustomDeliveryTopicName`\n\n- Description: (Optional) The name of the Amazon SNS topic you want to use for notifications. You must specify a value for this parameter if you use the `UseExistingTopic` notification option.\n- `RemediationSchedule`\n\n- Description: (Optional) A rate expression that defines the schedule for drift remediation. The valid values are `rate(30 days)` , `rate(7 days)` , `rate(1 days)` , and `none` . The default value is \" `none` \".\n- `TargetAccounts`\n\n- Description: (Optional) The ID of the AWS account initiating the configuration deployment. You only need to provide a value for this parameter if you want to deploy the configuration locally. A value must be provided for either `TargetAccounts` or `TargetOrganizationalUnits` .\n- `TargetOrganizationalUnits`\n\n- Description: (Optional) The ID of the root of your Organization. This configuration type doesn't currently support choosing specific OUs. The configuration will be deployed to all the OUs in the Organization.\n- `TargetRegions`\n\n- Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to.\n- **Change Manager (Type: AWS QuickSetupType-SSMChangeMgr)** - - `DelegatedAccountId`\n\n- Description: (Required) The ID of the delegated administrator account.\n- `JobFunction`\n\n- Description: (Required) The name for the Change Manager job function.\n- `PermissionType`\n\n- Description: (Optional) Specifies whether you want to use default administrator permissions for the job function role, or provide a custom IAM policy. The valid values are `CustomPermissions` and `AdminPermissions` . The default value for the parameter is `CustomerPermissions` .\n- `CustomPermissions`\n\n- Description: (Optional) A JSON string containing the IAM policy you want your job function to use. You must provide a value for this parameter if you specify `CustomPermissions` for the `PermissionType` parameter.\n- `TargetOrganizationalUnits`\n\n- Description: (Required) A comma separated list of organizational units (OUs) you want to deploy the configuration to.\n- `TargetRegions`\n\n- Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to.\n- **Conformance Packs (Type: AWS QuickSetupType-CFGCPacks)** - - `DelegatedAccountId`\n\n- Description: (Optional) The ID of the delegated administrator account. This parameter is required for Organization deployments.\n- `RemediationSchedule`\n\n- Description: (Optional) A rate expression that defines the schedule for drift remediation. The valid values are `rate(30 days)` , `rate(14 days)` , `rate(2 days)` , and `none` . The default value is \" `none` \".\n- `CPackNames`\n\n- Description: (Required) A comma separated list of AWS Config conformance packs.\n- `TargetAccounts`\n\n- Description: (Optional) The ID of the AWS account initiating the configuration deployment. You only need to provide a value for this parameter if you want to deploy the configuration locally. A value must be provided for either `TargetAccounts` or `TargetOrganizationalUnits` .\n- `TargetOrganizationalUnits`\n\n- Description: (Optional) The ID of the root of your Organization. This configuration type doesn't currently support choosing specific OUs. The configuration will be deployed to all the OUs in the Organization.\n- `TargetRegions`\n\n- Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to.\n- **Default Host Management Configuration (Type: AWS QuickSetupType-DHMC)** - - `UpdateSSMAgent`\n\n- Description: (Optional) A boolean value that determines whether the SSM Agent is updated on the target instances every 2 weeks. The default value is \" `true` \".\n- `TargetOrganizationalUnits`\n\n- Description: (Required) A comma separated list of organizational units (OUs) you want to deploy the configuration to.\n- `TargetRegions`\n\n- Description: (Required) The AWS Regions to deploy the configuration to. For this type, the parameter only accepts a value of `AllRegions` .\n- **DevOps\u00a0Guru (Type: AWS QuickSetupType-DevOpsGuru)** - - `AnalyseAllResources`\n\n- Description: (Optional) A boolean value that determines whether DevOps\u00a0Guru analyzes all AWS CloudFormation stacks in the account. The default value is \" `false` \".\n- `EnableSnsNotifications`\n\n- Description: (Optional) A boolean value that determines whether DevOps\u00a0Guru sends notifications when an insight is created. The default value is \" `true` \".\n- `EnableSsmOpsItems`\n\n- Description: (Optional) A boolean value that determines whether DevOps\u00a0Guru creates an OpsCenter OpsItem when an insight is created. The default value is \" `true` \".\n- `EnableDriftRemediation`\n\n- Description: (Optional) A boolean value that determines whether a drift remediation schedule is used. The default value is \" `false` \".\n- `RemediationSchedule`\n\n- Description: (Optional) A rate expression that defines the schedule for drift remediation. The valid values are `rate(30 days)` , `rate(14 days)` , `rate(1 days)` , and `none` . The default value is \" `none` \".\n- `TargetAccounts`\n\n- Description: (Optional) The ID of the AWS account initiating the configuration deployment. You only need to provide a value for this parameter if you want to deploy the configuration locally. A value must be provided for either `TargetAccounts` or `TargetOrganizationalUnits` .\n- `TargetOrganizationalUnits`\n\n- Description: (Optional) A comma separated list of organizational units (OUs) you want to deploy the configuration to.\n- `TargetRegions`\n\n- Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to.\n- **Distributor (Type: AWS QuickSetupType-Distributor)** - - `PackagesToInstall`\n\n- Description: (Required) A comma separated list of packages you want to install on the target instances. The valid values are `AWSEFSTools` , `AWSCWAgent` , and `AWSEC2LaunchAgent` .\n- `RemediationSchedule`\n\n- Description: (Optional) A rate expression that defines the schedule for drift remediation. The valid values are `rate(30 days)` , `rate(14 days)` , `rate(2 days)` , and `none` . The default value is \" `rate(30 days)` \".\n- `IsPolicyAttachAllowed`\n\n- Description: (Optional) A boolean value that determines whether Quick Setup attaches policies to instances profiles already associated with the target instances. The default value is \" `false` \".\n- `TargetType`\n\n- Description: (Optional) Determines how instances are targeted for local account deployments. Don't specify a value for this parameter if you're deploying to OUs. The valid values are `*` , `InstanceIds` , `ResourceGroups` , and `Tags` . Use `*` to target all instances in the account.\n- `TargetInstances`\n\n- Description: (Optional) A comma separated list of instance IDs. You must provide a value for this parameter if you specify `InstanceIds` for the `TargetType` parameter.\n- `TargetTagKey`\n\n- Description: (Required) The tag key assigned to the instances you want to target. You must provide a value for this parameter if you specify `Tags` for the `TargetType` parameter.\n- `TargetTagValue`\n\n- Description: (Required) The value of the tag key assigned to the instances you want to target. You must provide a value for this parameter if you specify `Tags` for the `TargetType` parameter.\n- `ResourceGroupName`\n\n- Description: (Required) The name of the resource group associated with the instances you want to target. You must provide a value for this parameter if you specify `ResourceGroups` for the `TargetType` parameter.\n- `TargetAccounts`\n\n- Description: (Optional) The ID of the AWS account initiating the configuration deployment. You only need to provide a value for this parameter if you want to deploy the configuration locally. A value must be provided for either `TargetAccounts` or `TargetOrganizationalUnits` .\n- `TargetOrganizationalUnits`\n\n- Description: (Optional) A comma separated list of organizational units (OUs) you want to deploy the configuration to.\n- `TargetRegions`\n\n- Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to.\n- **Host Management (Type: AWS QuickSetupType-SSMHostMgmt)** - - `UpdateSSMAgent`\n\n- Description: (Optional) A boolean value that determines whether the SSM Agent is updated on the target instances every 2 weeks. The default value is \" `true` \".\n- `UpdateEc2LaunchAgent`\n\n- Description: (Optional) A boolean value that determines whether the EC2 Launch agent is updated on the target instances every month. The default value is \" `false` \".\n- `CollectInventory`\n\n- Description: (Optional) A boolean value that determines whether instance metadata is collected on the target instances every 30 minutes. The default value is \" `true` \".\n- `ScanInstances`\n\n- Description: (Optional) A boolean value that determines whether the target instances are scanned daily for available patches. The default value is \" `true` \".\n- `InstallCloudWatchAgent`\n\n- Description: (Optional) A boolean value that determines whether the Amazon CloudWatch agent is installed on the target instances. The default value is \" `false` \".\n- `UpdateCloudWatchAgent`\n\n- Description: (Optional) A boolean value that determines whether the Amazon CloudWatch agent is updated on the target instances every month. The default value is \" `false` \".\n- `IsPolicyAttachAllowed`\n\n- Description: (Optional) A boolean value that determines whether Quick Setup attaches policies to instances profiles already associated with the target instances. The default value is \" `false` \".\n- `TargetType`\n\n- Description: (Optional) Determines how instances are targeted for local account deployments. Don't specify a value for this parameter if you're deploying to OUs. The valid values are `*` , `InstanceIds` , `ResourceGroups` , and `Tags` . Use `*` to target all instances in the account.\n- `TargetInstances`\n\n- Description: (Optional) A comma separated list of instance IDs. You must provide a value for this parameter if you specify `InstanceIds` for the `TargetType` parameter.\n- `TargetTagKey`\n\n- Description: (Optional) The tag key assigned to the instances you want to target. You must provide a value for this parameter if you specify `Tags` for the `TargetType` parameter.\n- `TargetTagValue`\n\n- Description: (Optional) The value of the tag key assigned to the instances you want to target. You must provide a value for this parameter if you specify `Tags` for the `TargetType` parameter.\n- `ResourceGroupName`\n\n- Description: (Optional) The name of the resource group associated with the instances you want to target. You must provide a value for this parameter if you specify `ResourceGroups` for the `TargetType` parameter.\n- `TargetAccounts`\n\n- Description: (Optional) The ID of the AWS account initiating the configuration deployment. You only need to provide a value for this parameter if you want to deploy the configuration locally. A value must be provided for either `TargetAccounts` or `TargetOrganizationalUnits` .\n- `TargetOrganizationalUnits`\n\n- Description: (Optional) A comma separated list of organizational units (OUs) you want to deploy the configuration to.\n- `TargetRegions`\n\n- Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to.\n- **OpsCenter (Type: AWS QuickSetupType-SSMOpsCenter)** - - `DelegatedAccountId`\n\n- Description: (Required) The ID of the delegated administrator account.\n- `TargetOrganizationalUnits`\n\n- Description: (Required) A comma separated list of organizational units (OUs) you want to deploy the configuration to.\n- `TargetRegions`\n\n- Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to.\n- **Patch Policy (Type: AWS QuickSetupType-PatchPolicy)** - - `PatchPolicyName`\n\n- Description: (Required) A name for the patch policy. The value you provide is applied to target Amazon EC2 instances as a tag.\n- `SelectedPatchBaselines`\n\n- Description: (Required) An array of JSON objects containing the information for the patch baselines to include in your patch policy.\n- `PatchBaselineUseDefault`\n\n- Description: (Optional) A value that determines whether the selected patch baselines are all AWS provided. Supported values are `default` and `custom` .\n- `PatchBaselineRegion`\n\n- Description: (Required) The AWS Region where the patch baseline exist.\n- `ConfigurationOptionsPatchOperation`\n\n- Description: (Optional) Determines whether target instances scan for available patches, or scan and install available patches. The valid values are `Scan` and `ScanAndInstall` . The default value for the parameter is `Scan` .\n- `ConfigurationOptionsScanValue`\n\n- Description: (Optional) A cron expression that is used as the schedule for when instances scan for available patches.\n- `ConfigurationOptionsInstallValue`\n\n- Description: (Optional) A cron expression that is used as the schedule for when instances install available patches.\n- `ConfigurationOptionsScanNextInterval`\n\n- Description: (Optional) A boolean value that determines whether instances should scan for available patches at the next cron interval. The default value is \" `false` \".\n- `ConfigurationOptionsInstallNextInterval`\n\n- Description: (Optional) A boolean value that determines whether instances should scan for available patches at the next cron interval. The default value is \" `false` \".\n- `RebootOption`\n\n- Description: (Optional) Determines whether instances are rebooted after patches are installed. Valid values are `RebootIfNeeded` and `NoReboot` .\n- `IsPolicyAttachAllowed`\n\n- Description: (Optional) A boolean value that determines whether Quick Setup attaches policies to instances profiles already associated with the target instances. The default value is \" `false` \".\n- `OutputLogEnableS3`\n\n- Description: (Optional) A boolean value that determines whether command output logs are sent to Amazon S3.\n- `OutputS3Location`\n\n- Description: (Optional) Information about the Amazon S3 bucket where you want to store the output details of the request.\n\n- `OutputBucketRegion`\n\n- Description: (Optional) The AWS Region where the Amazon S3 bucket you want to deliver command output to is located.\n- `OutputS3BucketName`\n\n- Description: (Optional) The name of the Amazon S3 bucket you want to deliver command output to.\n- `OutputS3KeyPrefix`\n\n- Description: (Optional) The key prefix you want to use in the custom Amazon S3 bucket.\n- `TargetType`\n\n- Description: (Optional) Determines how instances are targeted for local account deployments. Don't specify a value for this parameter if you're deploying to OUs. The valid values are `*` , `InstanceIds` , `ResourceGroups` , and `Tags` . Use `*` to target all instances in the account.\n- `TargetInstances`\n\n- Description: (Optional) A comma separated list of instance IDs. You must provide a value for this parameter if you specify `InstanceIds` for the `TargetType` parameter.\n- `TargetTagKey`\n\n- Description: (Required) The tag key assigned to the instances you want to target. You must provide a value for this parameter if you specify `Tags` for the `TargetType` parameter.\n- `TargetTagValue`\n\n- Description: (Required) The value of the tag key assigned to the instances you want to target. You must provide a value for this parameter if you specify `Tags` for the `TargetType` parameter.\n- `ResourceGroupName`\n\n- Description: (Required) The name of the resource group associated with the instances you want to target. You must provide a value for this parameter if you specify `ResourceGroups` for the `TargetType` parameter.\n- `TargetAccounts`\n\n- Description: (Optional) The ID of the AWS account initiating the configuration deployment. You only need to provide a value for this parameter if you want to deploy the configuration locally. A value must be provided for either `TargetAccounts` or `TargetOrganizationalUnits` .\n- `TargetOrganizationalUnits`\n\n- Description: (Optional) A comma separated list of organizational units (OUs) you want to deploy the configuration to.\n- `TargetRegions`\n\n- Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to.\n- **Resource Explorer (Type: AWS QuickSetupType-ResourceExplorer)** - - `SelectedAggregatorRegion`\n\n- Description: (Required) The AWS Region where you want to create the aggregator index.\n- `ReplaceExistingAggregator`\n\n- Description: (Required) A boolean value that determines whether to demote an existing aggregator if it is in a Region that differs from the value you specify for the `SelectedAggregatorRegion` .\n- `TargetOrganizationalUnits`\n\n- Description: (Required) A comma separated list of organizational units (OUs) you want to deploy the configuration to.\n- `TargetRegions`\n\n- Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to.\n- **Resource Scheduler (Type: AWS QuickSetupType-Scheduler)** - - `TargetTagKey`\n\n- Description: (Required) The tag key assigned to the instances you want to target.\n- `TargetTagValue`\n\n- Description: (Required) The value of the tag key assigned to the instances you want to target.\n- `ICalendarString`\n\n- Description: (Required) An iCalendar formatted string containing the schedule you want Change Manager to use.\n- `TargetAccounts`\n\n- Description: (Optional) The ID of the AWS account initiating the configuration deployment. You only need to provide a value for this parameter if you want to deploy the configuration locally. A value must be provided for either `TargetAccounts` or `TargetOrganizationalUnits` .\n- `TargetOrganizationalUnits`\n\n- Description: (Optional) A comma separated list of organizational units (OUs) you want to deploy the configuration to.\n- `TargetRegions`\n\n- Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Parameters", + "type": "object" + }, + "Type": { + "markdownDescription": "The type of the Quick Setup configuration.", + "title": "Type", + "type": "string" + }, + "TypeVersion": { + "markdownDescription": "The version of the Quick Setup type used.", + "title": "TypeVersion", + "type": "string" + }, + "id": { + "markdownDescription": "The ID of the configuration definition.", + "title": "id", + "type": "string" + } + }, + "required": [ + "Parameters", + "Type" + ], + "type": "object" + }, + "AWS::SSMQuickSetup::ConfigurationManager.StatusSummary": { + "additionalProperties": false, + "properties": { + "LastUpdatedAt": { + "markdownDescription": "The datetime stamp when the status was last updated.", + "title": "LastUpdatedAt", + "type": "string" + }, + "Status": { + "markdownDescription": "The current status.", + "title": "Status", + "type": "string" + }, + "StatusDetails": { + "additionalProperties": true, + "markdownDescription": "Details about the status.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "StatusDetails", + "type": "object" + }, + "StatusMessage": { + "markdownDescription": "When applicable, returns an informational message relevant to the current status and status type of the status summary object. We don't recommend implementing parsing logic around this value since the messages returned can vary in format.", + "title": "StatusMessage", + "type": "string" + }, + "StatusType": { + "markdownDescription": "The type of a status summary.", + "title": "StatusType", + "type": "string" + } + }, + "required": [ + "LastUpdatedAt", + "StatusType" + ], + "type": "object" + }, + "AWS::SSO::Application": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationProviderArn": { + "markdownDescription": "The ARN of the application provider for this application.", + "title": "ApplicationProviderArn", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the application.", + "title": "Description", + "type": "string" + }, + "InstanceArn": { + "markdownDescription": "The ARN of the instance of IAM Identity Center that is configured with this application.", + "title": "InstanceArn", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the application.", + "title": "Name", + "type": "string" + }, + "PortalOptions": { + "$ref": "#/definitions/AWS::SSO::Application.PortalOptionsConfiguration", + "markdownDescription": "A structure that describes the options for the access portal associated with this application.", + "title": "PortalOptions" + }, + "Status": { + "markdownDescription": "The current status of the application in this instance of IAM Identity Center.", + "title": "Status", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies tags to be attached to the application.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "ApplicationProviderArn", + "InstanceArn", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SSO::Application" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SSO::Application.PortalOptionsConfiguration": { + "additionalProperties": false, + "properties": { + "SignInOptions": { + "$ref": "#/definitions/AWS::SSO::Application.SignInOptions", + "markdownDescription": "A structure that describes the sign-in options for the access portal.", + "title": "SignInOptions" + }, + "Visibility": { + "markdownDescription": "Indicates whether this application is visible in the access portal.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SSO::Application.SignInOptions": { + "additionalProperties": false, + "properties": { + "ApplicationUrl": { + "markdownDescription": "The URL that accepts authentication requests for an application. This is a required parameter if the `Origin` parameter is `APPLICATION` .", + "title": "ApplicationUrl", + "type": "string" + }, + "Origin": { + "markdownDescription": "This determines how IAM Identity Center navigates the user to the target application. It can be one of the following values:\n\n- `APPLICATION` : IAM Identity Center redirects the customer to the configured `ApplicationUrl` .\n- `IDENTITY_CENTER` : IAM Identity Center uses SAML identity-provider initiated authentication to sign the customer directly into a SAML-based application.", + "title": "Origin", + "type": "string" + } + }, + "required": [ + "Origin" + ], + "type": "object" + }, + "AWS::SSO::ApplicationAssignment": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationArn": { + "markdownDescription": "The ARN of the application that has principals assigned.", + "title": "ApplicationArn", + "type": "string" + }, + "PrincipalId": { + "markdownDescription": "The unique identifier of the principal assigned to the application.", + "title": "PrincipalId", + "type": "string" + }, + "PrincipalType": { + "markdownDescription": "The type of the principal assigned to the application.", + "title": "PrincipalType", + "type": "string" + } + }, + "required": [ + "ApplicationArn", + "PrincipalId", + "PrincipalType" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SSO::ApplicationAssignment" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, "AWS::SSO::Assignment": { "additionalProperties": false, "properties": { @@ -243751,6 +289995,77 @@ ], "type": "object" }, + "AWS::SSO::Instance": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the Identity Center instance.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies tags to be attached to the instance of IAM Identity Center.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SSO::Instance" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, "AWS::SSO::InstanceAccessControlAttributeConfiguration": { "additionalProperties": false, "properties": { @@ -244070,6 +290385,11 @@ "title": "DomainId", "type": "string" }, + "RecoveryMode": { + "markdownDescription": "", + "title": "RecoveryMode", + "type": "boolean" + }, "ResourceSpec": { "$ref": "#/definitions/AWS::SageMaker::App.ResourceSpec", "markdownDescription": "Specifies the ARNs of a SageMaker image and SageMaker image version, and the instance type that the version runs on.", @@ -244126,6 +290446,11 @@ "title": "InstanceType", "type": "string" }, + "LifecycleConfigArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Lifecycle Configuration attached to the Resource.", + "title": "LifecycleConfigArn", + "type": "string" + }, "SageMakerImageArn": { "markdownDescription": "The ARN of the SageMaker AI image that the image version belongs to.", "title": "SageMakerImageArn", @@ -244174,43 +290499,275 @@ "Properties": { "additionalProperties": false, "properties": { - "AppImageConfigName": { - "markdownDescription": "The name of the AppImageConfig. Must be unique to your account.", - "title": "AppImageConfigName", + "AppImageConfigName": { + "markdownDescription": "The name of the AppImageConfig. Must be unique to your account.", + "title": "AppImageConfigName", + "type": "string" + }, + "CodeEditorAppImageConfig": { + "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.CodeEditorAppImageConfig", + "markdownDescription": "The configuration for the file system and the runtime, such as the environment variables and entry point.", + "title": "CodeEditorAppImageConfig" + }, + "JupyterLabAppImageConfig": { + "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.JupyterLabAppImageConfig", + "markdownDescription": "The configuration for the file system and the runtime, such as the environment variables and entry point.", + "title": "JupyterLabAppImageConfig" + }, + "KernelGatewayImageConfig": { + "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.KernelGatewayImageConfig", + "markdownDescription": "The configuration for the file system and kernels in the SageMaker AI image.", + "title": "KernelGatewayImageConfig" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "AppImageConfigName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SageMaker::AppImageConfig" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SageMaker::AppImageConfig.CodeEditorAppImageConfig": { + "additionalProperties": false, + "properties": { + "ContainerConfig": { + "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.ContainerConfig", + "markdownDescription": "", + "title": "ContainerConfig" + } + }, + "type": "object" + }, + "AWS::SageMaker::AppImageConfig.ContainerConfig": { + "additionalProperties": false, + "properties": { + "ContainerArguments": { + "items": { + "type": "string" + }, + "markdownDescription": "The arguments for the container when you're running the application.", + "title": "ContainerArguments", + "type": "array" + }, + "ContainerEntrypoint": { + "items": { + "type": "string" + }, + "markdownDescription": "The entrypoint used to run the application in the container.", + "title": "ContainerEntrypoint", + "type": "array" + }, + "ContainerEnvironmentVariables": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.CustomImageContainerEnvironmentVariable" + }, + "markdownDescription": "The environment variables to set in the container", + "title": "ContainerEnvironmentVariables", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SageMaker::AppImageConfig.CustomImageContainerEnvironmentVariable": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The key that identifies a container environment variable.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the container environment variable.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::SageMaker::AppImageConfig.FileSystemConfig": { + "additionalProperties": false, + "properties": { + "DefaultGid": { + "markdownDescription": "The default POSIX group ID (GID). If not specified, defaults to `100` .", + "title": "DefaultGid", + "type": "number" + }, + "DefaultUid": { + "markdownDescription": "The default POSIX user ID (UID). If not specified, defaults to `1000` .", + "title": "DefaultUid", + "type": "number" + }, + "MountPath": { + "markdownDescription": "The path within the image to mount the user's EFS home directory. The directory should be empty. If not specified, defaults to */home/sagemaker-user* .", + "title": "MountPath", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::AppImageConfig.JupyterLabAppImageConfig": { + "additionalProperties": false, + "properties": { + "ContainerConfig": { + "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.ContainerConfig", + "markdownDescription": "The configuration used to run the application image container.", + "title": "ContainerConfig" + } + }, + "type": "object" + }, + "AWS::SageMaker::AppImageConfig.KernelGatewayImageConfig": { + "additionalProperties": false, + "properties": { + "FileSystemConfig": { + "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.FileSystemConfig", + "markdownDescription": "The Amazon Elastic File System storage configuration for a SageMaker AI image.", + "title": "FileSystemConfig" + }, + "KernelSpecs": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.KernelSpec" + }, + "markdownDescription": "The specification of the Jupyter kernels in the image.", + "title": "KernelSpecs", + "type": "array" + } + }, + "required": [ + "KernelSpecs" + ], + "type": "object" + }, + "AWS::SageMaker::AppImageConfig.KernelSpec": { + "additionalProperties": false, + "properties": { + "DisplayName": { + "markdownDescription": "The display name of the kernel.", + "title": "DisplayName", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the Jupyter kernel in the image. This value is case sensitive.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::SageMaker::Cluster": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ClusterName": { + "markdownDescription": "The name of the SageMaker HyperPod cluster.", + "title": "ClusterName", "type": "string" }, - "CodeEditorAppImageConfig": { - "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.CodeEditorAppImageConfig", - "markdownDescription": "The configuration for the file system and the runtime, such as the environment variables and entry point.", - "title": "CodeEditorAppImageConfig" + "InstanceGroups": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Cluster.ClusterInstanceGroup" + }, + "markdownDescription": "The instance groups of the SageMaker HyperPod cluster. To delete an instance group, remove it from the array.", + "title": "InstanceGroups", + "type": "array" }, - "JupyterLabAppImageConfig": { - "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.JupyterLabAppImageConfig", - "markdownDescription": "The configuration for the file system and the runtime, such as the environment variables and entry point.", - "title": "JupyterLabAppImageConfig" + "NodeRecovery": { + "markdownDescription": "Specifies whether to enable or disable the automatic node recovery feature of SageMaker HyperPod. Available values are `Automatic` for enabling and `None` for disabling.", + "title": "NodeRecovery", + "type": "string" }, - "KernelGatewayImageConfig": { - "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.KernelGatewayImageConfig", - "markdownDescription": "The configuration for the file system and kernels in the SageMaker AI image.", - "title": "KernelGatewayImageConfig" + "Orchestrator": { + "$ref": "#/definitions/AWS::SageMaker::Cluster.Orchestrator", + "markdownDescription": "The orchestrator type for the SageMaker HyperPod cluster. Currently, `'eks'` is the only available option.", + "title": "Orchestrator" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "A tag object that consists of a key and an optional value, used to manage metadata for SageMaker AWS resources.\n\nYou can add tags to notebook instances, training jobs, hyperparameter tuning jobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations, and endpoints. For more information on adding tags to SageMaker resources, see [AddTags](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html) .\n\nFor more information on adding metadata to your AWS resources with tagging, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) . For advice on best practices for managing AWS resources with tagging, see [Tagging Best Practices: Implement an Effective AWS Resource Tagging Strategy](https://docs.aws.amazon.com/https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf) .", "title": "Tags", "type": "array" + }, + "VpcConfig": { + "$ref": "#/definitions/AWS::SageMaker::Cluster.VpcConfig", + "markdownDescription": "Specifies an Amazon Virtual Private Cloud (VPC) that your SageMaker jobs, hosted models, and compute resources have access to. You can control access to and from your resources by configuring a VPC. For more information, see [Give SageMaker Access to Resources in your Amazon VPC](https://docs.aws.amazon.com/sagemaker/latest/dg/infrastructure-give-access.html) .", + "title": "VpcConfig" } }, "required": [ - "AppImageConfigName" + "InstanceGroups" ], "type": "object" }, "Type": { "enum": [ - "AWS::SageMaker::AppImageConfig" + "AWS::SageMaker::Cluster" ], "type": "string" }, @@ -244229,137 +290786,168 @@ ], "type": "object" }, - "AWS::SageMaker::AppImageConfig.CodeEditorAppImageConfig": { + "AWS::SageMaker::Cluster.ClusterEbsVolumeConfig": { "additionalProperties": false, "properties": { - "ContainerConfig": { - "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.ContainerConfig", - "markdownDescription": "", - "title": "ContainerConfig" + "VolumeSizeInGB": { + "markdownDescription": "The size in gigabytes (GB) of the additional EBS volume to be attached to the instances in the SageMaker HyperPod cluster instance group. The additional EBS volume is attached to each instance within the SageMaker HyperPod cluster instance group and mounted to `/opt/sagemaker` .", + "title": "VolumeSizeInGB", + "type": "number" } }, "type": "object" }, - "AWS::SageMaker::AppImageConfig.ContainerConfig": { + "AWS::SageMaker::Cluster.ClusterInstanceGroup": { "additionalProperties": false, "properties": { - "ContainerArguments": { + "CurrentCount": { + "markdownDescription": "The number of instances that are currently in the instance group of a SageMaker HyperPod cluster.", + "title": "CurrentCount", + "type": "number" + }, + "ExecutionRole": { + "markdownDescription": "The execution role for the instance group to assume.", + "title": "ExecutionRole", + "type": "string" + }, + "InstanceCount": { + "markdownDescription": "The number of instances in an instance group of the SageMaker HyperPod cluster.", + "title": "InstanceCount", + "type": "number" + }, + "InstanceGroupName": { + "markdownDescription": "The name of the instance group of a SageMaker HyperPod cluster.", + "title": "InstanceGroupName", + "type": "string" + }, + "InstanceStorageConfigs": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::SageMaker::Cluster.ClusterInstanceStorageConfig" }, - "markdownDescription": "The arguments for the container when you're running the application.", - "title": "ContainerArguments", + "markdownDescription": "The configurations of additional storage specified to the instance group where the instance (node) is launched.", + "title": "InstanceStorageConfigs", "type": "array" }, - "ContainerEntrypoint": { + "InstanceType": { + "markdownDescription": "The instance type of the instance group of a SageMaker HyperPod cluster.", + "title": "InstanceType", + "type": "string" + }, + "LifeCycleConfig": { + "$ref": "#/definitions/AWS::SageMaker::Cluster.ClusterLifeCycleConfig", + "markdownDescription": "The lifecycle configuration for a SageMaker HyperPod cluster.", + "title": "LifeCycleConfig" + }, + "OnStartDeepHealthChecks": { "items": { "type": "string" }, - "markdownDescription": "The entrypoint used to run the application in the container.", - "title": "ContainerEntrypoint", + "markdownDescription": "A flag indicating whether deep health checks should be performed when the HyperPod cluster instance group is created or updated. Deep health checks are comprehensive, invasive tests that validate the health of the underlying hardware and infrastructure components.", + "title": "OnStartDeepHealthChecks", "type": "array" }, - "ContainerEnvironmentVariables": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.CustomImageContainerEnvironmentVariable" - }, - "markdownDescription": "The environment variables to set in the container", - "title": "ContainerEnvironmentVariables", - "type": "array" + "OverrideVpcConfig": { + "$ref": "#/definitions/AWS::SageMaker::Cluster.VpcConfig", + "markdownDescription": "The customized Amazon VPC configuration at the instance group level that overrides the default Amazon VPC configuration of the SageMaker HyperPod cluster.", + "title": "OverrideVpcConfig" + }, + "ThreadsPerCore": { + "markdownDescription": "The number of threads per CPU core you specified under `CreateCluster` .", + "title": "ThreadsPerCore", + "type": "number" } }, + "required": [ + "ExecutionRole", + "InstanceCount", + "InstanceGroupName", + "InstanceType", + "LifeCycleConfig" + ], "type": "object" }, - "AWS::SageMaker::AppImageConfig.CustomImageContainerEnvironmentVariable": { + "AWS::SageMaker::Cluster.ClusterInstanceStorageConfig": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The key that identifies a container environment variable.", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "The value of the container environment variable.", - "title": "Value", - "type": "string" + "EbsVolumeConfig": { + "$ref": "#/definitions/AWS::SageMaker::Cluster.ClusterEbsVolumeConfig", + "markdownDescription": "Defines the configuration for attaching additional Amazon Elastic Block Store (EBS) volumes to the instances in the SageMaker HyperPod cluster instance group. The additional EBS volume is attached to each instance within the SageMaker HyperPod cluster instance group and mounted to `/opt/sagemaker` .", + "title": "EbsVolumeConfig" } }, - "required": [ - "Key", - "Value" - ], "type": "object" }, - "AWS::SageMaker::AppImageConfig.FileSystemConfig": { + "AWS::SageMaker::Cluster.ClusterLifeCycleConfig": { "additionalProperties": false, "properties": { - "DefaultGid": { - "markdownDescription": "The default POSIX group ID (GID). If not specified, defaults to `100` .", - "title": "DefaultGid", - "type": "number" - }, - "DefaultUid": { - "markdownDescription": "The default POSIX user ID (UID). If not specified, defaults to `1000` .", - "title": "DefaultUid", - "type": "number" + "OnCreate": { + "markdownDescription": "The file name of the entrypoint script of lifecycle scripts under `SourceS3Uri` . This entrypoint script runs during cluster creation.", + "title": "OnCreate", + "type": "string" }, - "MountPath": { - "markdownDescription": "The path within the image to mount the user's EFS home directory. The directory should be empty. If not specified, defaults to */home/sagemaker-user* .", - "title": "MountPath", + "SourceS3Uri": { + "markdownDescription": "An Amazon S3 bucket path where your lifecycle scripts are stored.\n\n> Make sure that the S3 bucket path starts with `s3://sagemaker-` . The [IAM role for SageMaker HyperPod](https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-hyperpod-prerequisites.html#sagemaker-hyperpod-prerequisites-iam-role-for-hyperpod) has the managed [`AmazonSageMakerClusterInstanceRolePolicy`](https://docs.aws.amazon.com/sagemaker/latest/dg/security-iam-awsmanpol-cluster.html) attached, which allows access to S3 buckets with the specific prefix `sagemaker-` .", + "title": "SourceS3Uri", "type": "string" } }, + "required": [ + "OnCreate", + "SourceS3Uri" + ], "type": "object" }, - "AWS::SageMaker::AppImageConfig.JupyterLabAppImageConfig": { + "AWS::SageMaker::Cluster.ClusterOrchestratorEksConfig": { "additionalProperties": false, "properties": { - "ContainerConfig": { - "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.ContainerConfig", - "markdownDescription": "The configuration used to run the application image container.", - "title": "ContainerConfig" + "ClusterArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the SageMaker HyperPod cluster.", + "title": "ClusterArn", + "type": "string" } }, + "required": [ + "ClusterArn" + ], "type": "object" }, - "AWS::SageMaker::AppImageConfig.KernelGatewayImageConfig": { + "AWS::SageMaker::Cluster.Orchestrator": { "additionalProperties": false, "properties": { - "FileSystemConfig": { - "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.FileSystemConfig", - "markdownDescription": "The Amazon Elastic File System storage configuration for a SageMaker AI image.", - "title": "FileSystemConfig" - }, - "KernelSpecs": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.KernelSpec" - }, - "markdownDescription": "The specification of the Jupyter kernels in the image.", - "title": "KernelSpecs", - "type": "array" + "Eks": { + "$ref": "#/definitions/AWS::SageMaker::Cluster.ClusterOrchestratorEksConfig", + "markdownDescription": "The configuration of the Amazon EKS orchestrator cluster for the SageMaker HyperPod cluster.", + "title": "Eks" } }, "required": [ - "KernelSpecs" + "Eks" ], "type": "object" }, - "AWS::SageMaker::AppImageConfig.KernelSpec": { + "AWS::SageMaker::Cluster.VpcConfig": { "additionalProperties": false, "properties": { - "DisplayName": { - "markdownDescription": "The display name of the kernel.", - "title": "DisplayName", - "type": "string" + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The VPC security group IDs, in the form `sg-xxxxxxxx` . Specify the security groups for the VPC that is specified in the `Subnets` field.", + "title": "SecurityGroupIds", + "type": "array" }, - "Name": { - "markdownDescription": "The name of the Jupyter kernel in the image. This value is case sensitive.", - "title": "Name", - "type": "string" + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The ID of the subnets in the VPC to which you want to connect your training job or model. For information about the availability of specific instance types, see [Supported Instance Types and Availability Zones](https://docs.aws.amazon.com/sagemaker/latest/dg/instance-types-az.html) .", + "title": "Subnets", + "type": "array" } }, "required": [ - "Name" + "SecurityGroupIds", + "Subnets" ], "type": "object" }, @@ -245285,6 +291873,11 @@ "title": "SubnetIds", "type": "array" }, + "TagPropagation": { + "markdownDescription": "", + "title": "TagPropagation", + "type": "string" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" @@ -245302,9 +291895,7 @@ "required": [ "AuthMode", "DefaultUserSettings", - "DomainName", - "SubnetIds", - "VpcId" + "DomainName" ], "type": "object" }, @@ -245329,9 +291920,30 @@ ], "type": "object" }, + "AWS::SageMaker::Domain.AppLifecycleManagement": { + "additionalProperties": false, + "properties": { + "IdleSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.IdleSettings", + "markdownDescription": "Settings related to idle shutdown of Studio applications.", + "title": "IdleSettings" + } + }, + "type": "object" + }, "AWS::SageMaker::Domain.CodeEditorAppSettings": { "additionalProperties": false, "properties": { + "AppLifecycleManagement": { + "$ref": "#/definitions/AWS::SageMaker::Domain.AppLifecycleManagement", + "markdownDescription": "Settings that are used to configure and manage the lifecycle of CodeEditor applications.", + "title": "AppLifecycleManagement" + }, + "BuiltInLifecycleConfigArn": { + "markdownDescription": "The lifecycle configuration that runs before the default lifecycle configuration. It can override changes made in the default lifecycle configuration.", + "title": "BuiltInLifecycleConfigArn", + "type": "string" + }, "CustomImages": { "items": { "$ref": "#/definitions/AWS::SageMaker::Domain.CustomImage" @@ -245377,6 +291989,16 @@ "$ref": "#/definitions/AWS::SageMaker::Domain.EFSFileSystemConfig", "markdownDescription": "The settings for a custom Amazon EFS file system.", "title": "EFSFileSystemConfig" + }, + "FSxLustreFileSystemConfig": { + "$ref": "#/definitions/AWS::SageMaker::Domain.FSxLustreFileSystemConfig", + "markdownDescription": "The settings for a custom Amazon FSx for Lustre file system.", + "title": "FSxLustreFileSystemConfig" + }, + "S3FileSystemConfig": { + "$ref": "#/definitions/AWS::SageMaker::Domain.S3FileSystemConfig", + "markdownDescription": "Configuration settings for a custom Amazon S3 file system.", + "title": "S3FileSystemConfig" } }, "type": "object" @@ -245449,11 +292071,29 @@ "AWS::SageMaker::Domain.DefaultSpaceSettings": { "additionalProperties": false, "properties": { + "CustomFileSystemConfigs": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Domain.CustomFileSystemConfig" + }, + "markdownDescription": "The settings for assigning a custom file system to a domain. Permitted users can access this file system in Amazon SageMaker AI Studio.", + "title": "CustomFileSystemConfigs", + "type": "array" + }, + "CustomPosixUserConfig": { + "$ref": "#/definitions/AWS::SageMaker::Domain.CustomPosixUserConfig", + "markdownDescription": "", + "title": "CustomPosixUserConfig" + }, "ExecutionRole": { "markdownDescription": "The ARN of the execution role for the space.", "title": "ExecutionRole", "type": "string" }, + "JupyterLabAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.JupyterLabAppSettings", + "markdownDescription": "", + "title": "JupyterLabAppSettings" + }, "JupyterServerAppSettings": { "$ref": "#/definitions/AWS::SageMaker::Domain.JupyterServerAppSettings", "markdownDescription": "The JupyterServer app settings.", @@ -245471,6 +292111,11 @@ "markdownDescription": "The security group IDs for the Amazon VPC that the space uses for communication.", "title": "SecurityGroups", "type": "array" + }, + "SpaceStorageSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.DefaultSpaceStorageSettings", + "markdownDescription": "", + "title": "SpaceStorageSettings" } }, "required": [ @@ -245516,6 +292161,11 @@ "markdownDescription": "A collection of settings that configure the domain's Docker interaction.", "title": "DockerSettings" }, + "ExecutionRoleIdentityConfig": { + "markdownDescription": "The configuration for attaching a SageMaker AI user profile name to the execution role as a [sts:SourceIdentity key](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_monitor.html) .", + "title": "ExecutionRoleIdentityConfig", + "type": "string" + }, "RStudioServerProDomainSettings": { "$ref": "#/definitions/AWS::SageMaker::Domain.RStudioServerProDomainSettings", "markdownDescription": "A collection of settings that configure the `RStudioServerPro` Domain-level app.", @@ -245528,6 +292178,11 @@ "markdownDescription": "The security groups for the Amazon Virtual Private Cloud that the `Domain` uses for communication between Domain-level apps and user apps.", "title": "SecurityGroupIds", "type": "array" + }, + "UnifiedStudioSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.UnifiedStudioSettings", + "markdownDescription": "The settings that apply to an SageMaker AI domain when you use it in Amazon SageMaker Unified Studio.", + "title": "UnifiedStudioSettings" } }, "type": "object" @@ -245551,9 +292206,83 @@ ], "type": "object" }, + "AWS::SageMaker::Domain.FSxLustreFileSystemConfig": { + "additionalProperties": false, + "properties": { + "FileSystemId": { + "markdownDescription": "The globally unique, 17-digit, ID of the file system, assigned by Amazon FSx for Lustre.", + "title": "FileSystemId", + "type": "string" + }, + "FileSystemPath": { + "markdownDescription": "The path to the file system directory that is accessible in Amazon SageMaker Studio. Permitted users can access only this directory and below.", + "title": "FileSystemPath", + "type": "string" + } + }, + "required": [ + "FileSystemId" + ], + "type": "object" + }, + "AWS::SageMaker::Domain.HiddenSageMakerImage": { + "additionalProperties": false, + "properties": { + "SageMakerImageName": { + "markdownDescription": "The SageMaker image name that you are hiding from the Studio user interface.", + "title": "SageMakerImageName", + "type": "string" + }, + "VersionAliases": { + "items": { + "type": "string" + }, + "markdownDescription": "The version aliases you are hiding from the Studio user interface.", + "title": "VersionAliases", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SageMaker::Domain.IdleSettings": { + "additionalProperties": false, + "properties": { + "IdleTimeoutInMinutes": { + "markdownDescription": "The time that SageMaker waits after the application becomes idle before shutting it down.", + "title": "IdleTimeoutInMinutes", + "type": "number" + }, + "LifecycleManagement": { + "markdownDescription": "Indicates whether idle shutdown is activated for the application type.", + "title": "LifecycleManagement", + "type": "string" + }, + "MaxIdleTimeoutInMinutes": { + "markdownDescription": "The maximum value in minutes that custom idle shutdown can be set to by the user.", + "title": "MaxIdleTimeoutInMinutes", + "type": "number" + }, + "MinIdleTimeoutInMinutes": { + "markdownDescription": "The minimum value in minutes that custom idle shutdown can be set to by the user.", + "title": "MinIdleTimeoutInMinutes", + "type": "number" + } + }, + "type": "object" + }, "AWS::SageMaker::Domain.JupyterLabAppSettings": { "additionalProperties": false, "properties": { + "AppLifecycleManagement": { + "$ref": "#/definitions/AWS::SageMaker::Domain.AppLifecycleManagement", + "markdownDescription": "Indicates whether idle shutdown is activated for JupyterLab applications.", + "title": "AppLifecycleManagement" + }, + "BuiltInLifecycleConfigArn": { + "markdownDescription": "The lifecycle configuration that runs before the default lifecycle configuration. It can override changes made in the default lifecycle configuration.", + "title": "BuiltInLifecycleConfigArn", + "type": "string" + }, "CodeRepositories": { "items": { "$ref": "#/definitions/AWS::SageMaker::Domain.CodeRepository" @@ -245593,6 +292322,14 @@ "$ref": "#/definitions/AWS::SageMaker::Domain.ResourceSpec", "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the JupyterServer app.", "title": "DefaultResourceSpec" + }, + "LifecycleConfigArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Name (ARN) of the Lifecycle Configurations attached to the JupyterServerApp. If you use this parameter, the `DefaultResourceSpec` parameter is also required.\n\n> To remove a Lifecycle Config, you must set `LifecycleConfigArns` to an empty list.", + "title": "LifecycleConfigArns", + "type": "array" } }, "type": "object" @@ -245612,6 +292349,14 @@ "$ref": "#/definitions/AWS::SageMaker::Domain.ResourceSpec", "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker AI image used by the KernelGateway app.\n\n> The Amazon SageMaker AI Studio UI does not use the default instance type value set here. The default instance type set here is used when Apps are created using the AWS CLI or AWS CloudFormation and the instance type parameter value is not passed.", "title": "DefaultResourceSpec" + }, + "LifecycleConfigArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Name (ARN) of the Lifecycle Configurations attached to the the user profile or domain.\n\n> To remove a Lifecycle Config, you must set `LifecycleConfigArns` to an empty list.", + "title": "LifecycleConfigArns", + "type": "array" } }, "type": "object" @@ -245706,6 +292451,22 @@ }, "type": "object" }, + "AWS::SageMaker::Domain.S3FileSystemConfig": { + "additionalProperties": false, + "properties": { + "MountPath": { + "markdownDescription": "The file system path where the Amazon S3 storage location will be mounted within the Amazon SageMaker Studio environment.", + "title": "MountPath", + "type": "string" + }, + "S3Uri": { + "markdownDescription": "The Amazon S3 URI of the S3 file system configuration.", + "title": "S3Uri", + "type": "string" + } + }, + "type": "object" + }, "AWS::SageMaker::Domain.SharingSettings": { "additionalProperties": false, "properties": { @@ -245727,9 +292488,98 @@ }, "type": "object" }, + "AWS::SageMaker::Domain.StudioWebPortalSettings": { + "additionalProperties": false, + "properties": { + "HiddenAppTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The [Applications supported in Studio](https://docs.aws.amazon.com/sagemaker/latest/dg/studio-updated-apps.html) that are hidden from the Studio left navigation pane.", + "title": "HiddenAppTypes", + "type": "array" + }, + "HiddenInstanceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The instance types you are hiding from the Studio user interface.", + "title": "HiddenInstanceTypes", + "type": "array" + }, + "HiddenMlTools": { + "items": { + "type": "string" + }, + "markdownDescription": "The machine learning tools that are hidden from the Studio left navigation pane.", + "title": "HiddenMlTools", + "type": "array" + }, + "HiddenSageMakerImageVersionAliases": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Domain.HiddenSageMakerImage" + }, + "markdownDescription": "The version aliases you are hiding from the Studio user interface.", + "title": "HiddenSageMakerImageVersionAliases", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SageMaker::Domain.UnifiedStudioSettings": { + "additionalProperties": false, + "properties": { + "DomainAccountId": { + "markdownDescription": "The ID of the AWS account that has the Amazon SageMaker Unified Studio domain. The default value, if you don't specify an ID, is the ID of the account that has the Amazon SageMaker AI domain.", + "title": "DomainAccountId", + "type": "string" + }, + "DomainId": { + "markdownDescription": "The ID of the Amazon SageMaker Unified Studio domain associated with this domain.", + "title": "DomainId", + "type": "string" + }, + "DomainRegion": { + "markdownDescription": "The AWS Region where the domain is located in Amazon SageMaker Unified Studio. The default value, if you don't specify a Region, is the Region where the Amazon SageMaker AI domain is located.", + "title": "DomainRegion", + "type": "string" + }, + "EnvironmentId": { + "markdownDescription": "The ID of the environment that Amazon SageMaker Unified Studio associates with the domain.", + "title": "EnvironmentId", + "type": "string" + }, + "ProjectId": { + "markdownDescription": "The ID of the Amazon SageMaker Unified Studio project that corresponds to the domain.", + "title": "ProjectId", + "type": "string" + }, + "ProjectS3Path": { + "markdownDescription": "The location where Amazon S3 stores temporary execution data and other artifacts for the project that corresponds to the domain.", + "title": "ProjectS3Path", + "type": "string" + }, + "SingleSignOnApplicationArn": { + "markdownDescription": "The ARN of the application managed by SageMaker AI and SageMaker Unified Studio in the AWS IAM Identity Center.", + "title": "SingleSignOnApplicationArn", + "type": "string" + }, + "StudioWebPortalAccess": { + "markdownDescription": "Sets whether you can access the domain in Amazon SageMaker Studio:\n\n- **ENABLED** - You can access the domain in Amazon SageMaker Studio. If you migrate the domain to Amazon SageMaker Unified Studio, you can access it in both studio interfaces.\n- **DISABLED** - You can't access the domain in Amazon SageMaker Studio. If you migrate the domain to Amazon SageMaker Unified Studio, you can access it only in that studio interface.\n\nTo migrate a domain to Amazon SageMaker Unified Studio, you specify the UnifiedStudioSettings data type when you use the UpdateDomain action.", + "title": "StudioWebPortalAccess", + "type": "string" + } + }, + "type": "object" + }, "AWS::SageMaker::Domain.UserSettings": { "additionalProperties": false, "properties": { + "AutoMountHomeEFS": { + "markdownDescription": "Indicates whether auto-mounting of an EFS volume is supported for the user profile. The `DefaultAsDomain` value is only supported for user profiles. Do not use the `DefaultAsDomain` value when setting this parameter for a domain.\n\nSageMaker applies this setting only to private spaces that the user creates in the domain. SageMaker doesn't apply this setting to shared spaces.", + "title": "AutoMountHomeEFS", + "type": "string" + }, "CodeEditorAppSettings": { "$ref": "#/definitions/AWS::SageMaker::Domain.CodeEditorAppSettings", "markdownDescription": "The Code Editor application settings.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", @@ -245805,6 +292655,11 @@ "markdownDescription": "Whether the user can access Studio. If this value is set to `DISABLED` , the user cannot access Studio, even if that is the default experience for the domain.", "title": "StudioWebPortal", "type": "string" + }, + "StudioWebPortalSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.StudioWebPortalSettings", + "markdownDescription": "Studio settings. If these settings are applied on a user level, they take priority over the settings applied on a domain level.", + "title": "StudioWebPortalSettings" } }, "required": [ @@ -246569,11 +293424,6 @@ "AWS::SageMaker::EndpointConfig.ProductionVariant": { "additionalProperties": false, "properties": { - "AcceleratorType": { - "markdownDescription": "The size of the Elastic Inference (EI) instance to use for the production variant. EI instances provide on-demand GPU computing for inference. For more information, see [Using Elastic Inference in Amazon SageMaker](https://docs.aws.amazon.com/sagemaker/latest/dg/ei.html) . For more information, see [Using Elastic Inference in Amazon SageMaker](https://docs.aws.amazon.com/sagemaker/latest/dg/ei.html) .", - "title": "AcceleratorType", - "type": "string" - }, "ContainerStartupHealthCheckTimeoutInSeconds": { "markdownDescription": "The timeout value, in seconds, for your inference container to pass health check by SageMaker Hosting. For more information about health check, see [How Your Container Should Respond to Health Check (Ping) Requests](https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms-inference-code.html#your-algorithms-inference-algo-ping-requests) .", "title": "ContainerStartupHealthCheckTimeoutInSeconds", @@ -246584,6 +293434,9 @@ "title": "EnableSSMAccess", "type": "boolean" }, + "InferenceAmiVersion": { + "type": "string" + }, "InitialInstanceCount": { "markdownDescription": "Number of instances to launch initially.", "title": "InitialInstanceCount", @@ -247231,6 +294084,11 @@ "Properties": { "additionalProperties": false, "properties": { + "DeploymentConfig": { + "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.InferenceComponentDeploymentConfig", + "markdownDescription": "The deployment configuration for an endpoint, which contains the desired deployment strategy and rollback configurations.", + "title": "DeploymentConfig" + }, "EndpointArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the endpoint that hosts the inference component.", "title": "EndpointArn", @@ -247272,9 +294130,7 @@ }, "required": [ "EndpointName", - "RuntimeConfig", - "Specification", - "VariantName" + "Specification" ], "type": "object" }, @@ -247299,6 +294155,37 @@ ], "type": "object" }, + "AWS::SageMaker::InferenceComponent.Alarm": { + "additionalProperties": false, + "properties": { + "AlarmName": { + "markdownDescription": "The name of a CloudWatch alarm in your account.", + "title": "AlarmName", + "type": "string" + } + }, + "required": [ + "AlarmName" + ], + "type": "object" + }, + "AWS::SageMaker::InferenceComponent.AutoRollbackConfiguration": { + "additionalProperties": false, + "properties": { + "Alarms": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.Alarm" + }, + "markdownDescription": "", + "title": "Alarms", + "type": "array" + } + }, + "required": [ + "Alarms" + ], + "type": "object" + }, "AWS::SageMaker::InferenceComponent.DeployedImage": { "additionalProperties": false, "properties": { @@ -247320,6 +294207,26 @@ }, "type": "object" }, + "AWS::SageMaker::InferenceComponent.InferenceComponentCapacitySize": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "Specifies the endpoint capacity type.\n\n- **COPY_COUNT** - The endpoint activates based on the number of inference component copies.\n- **CAPACITY_PERCENT** - The endpoint activates based on the specified percentage of capacity.", + "title": "Type", + "type": "string" + }, + "Value": { + "markdownDescription": "Defines the capacity size, either as a number of inference component copies or a capacity percentage.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "Type", + "Value" + ], + "type": "object" + }, "AWS::SageMaker::InferenceComponent.InferenceComponentComputeResourceRequirements": { "additionalProperties": false, "properties": { @@ -247378,6 +294285,48 @@ }, "type": "object" }, + "AWS::SageMaker::InferenceComponent.InferenceComponentDeploymentConfig": { + "additionalProperties": false, + "properties": { + "AutoRollbackConfiguration": { + "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.AutoRollbackConfiguration", + "markdownDescription": "", + "title": "AutoRollbackConfiguration" + }, + "RollingUpdatePolicy": { + "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.InferenceComponentRollingUpdatePolicy", + "markdownDescription": "Specifies a rolling deployment strategy for updating a SageMaker AI endpoint.", + "title": "RollingUpdatePolicy" + } + }, + "type": "object" + }, + "AWS::SageMaker::InferenceComponent.InferenceComponentRollingUpdatePolicy": { + "additionalProperties": false, + "properties": { + "MaximumBatchSize": { + "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.InferenceComponentCapacitySize", + "markdownDescription": "The batch size for each rolling step in the deployment process. For each step, SageMaker AI provisions capacity on the new endpoint fleet, routes traffic to that fleet, and terminates capacity on the old endpoint fleet. The value must be between 5% to 50% of the copy count of the inference component.", + "title": "MaximumBatchSize" + }, + "MaximumExecutionTimeoutInSeconds": { + "markdownDescription": "The time limit for the total deployment. Exceeding this limit causes a timeout.", + "title": "MaximumExecutionTimeoutInSeconds", + "type": "number" + }, + "RollbackMaximumBatchSize": { + "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.InferenceComponentCapacitySize", + "markdownDescription": "The batch size for a rollback to the old endpoint fleet. If this field is absent, the value is set to the default, which is 100% of the total capacity. When the default is used, SageMaker AI provisions the entire capacity of the old fleet at once during rollback.", + "title": "RollbackMaximumBatchSize" + }, + "WaitIntervalInSeconds": { + "markdownDescription": "The length of the baking period, during which SageMaker AI monitors alarms for each batch on the new fleet.", + "title": "WaitIntervalInSeconds", + "type": "number" + } + }, + "type": "object" + }, "AWS::SageMaker::InferenceComponent.InferenceComponentRuntimeConfig": { "additionalProperties": false, "properties": { @@ -247402,6 +294351,11 @@ "AWS::SageMaker::InferenceComponent.InferenceComponentSpecification": { "additionalProperties": false, "properties": { + "BaseInferenceComponentName": { + "markdownDescription": "The name of an existing inference component that is to contain the inference component that you're creating with your request.\n\nSpecify this parameter only if your request is meant to create an adapter inference component. An adapter inference component contains the path to an adapter model. The purpose of the adapter model is to tailor the inference output of a base foundation model, which is hosted by the base inference component. The adapter inference component uses the compute resources that you assigned to the base inference component.\n\nWhen you create an adapter inference component, use the `Container` parameter to specify the location of the adapter artifacts. In the parameter value, use the `ArtifactUrl` parameter of the `InferenceComponentContainerSpecification` data type.\n\nBefore you can create an adapter inference component, you must have an existing inference component that contains the foundation model that you want to adapt.", + "title": "BaseInferenceComponentName", + "type": "string" + }, "ComputeResourceRequirements": { "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.InferenceComponentComputeResourceRequirements", "markdownDescription": "The compute resources allocated to run the model, plus any adapter models, that you assign to the inference component.\n\nOmit this parameter if your request is meant to create an adapter inference component. An adapter inference component is loaded by a base inference component, and it uses the compute resources of the base inference component.", @@ -247423,9 +294377,6 @@ "title": "StartupParameters" } }, - "required": [ - "ComputeResourceRequirements" - ], "type": "object" }, "AWS::SageMaker::InferenceComponent.InferenceComponentStartupParameters": { @@ -247776,6 +294727,113 @@ ], "type": "object" }, + "AWS::SageMaker::MlflowTrackingServer": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ArtifactStoreUri": { + "markdownDescription": "", + "title": "ArtifactStoreUri", + "type": "string" + }, + "AutomaticModelRegistration": { + "markdownDescription": "", + "title": "AutomaticModelRegistration", + "type": "boolean" + }, + "MlflowVersion": { + "markdownDescription": "", + "title": "MlflowVersion", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "", + "title": "RoleArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + }, + "TrackingServerName": { + "markdownDescription": "", + "title": "TrackingServerName", + "type": "string" + }, + "TrackingServerSize": { + "markdownDescription": "", + "title": "TrackingServerSize", + "type": "string" + }, + "WeeklyMaintenanceWindowStart": { + "markdownDescription": "", + "title": "WeeklyMaintenanceWindowStart", + "type": "string" + } + }, + "required": [ + "ArtifactStoreUri", + "RoleArn", + "TrackingServerName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SageMaker::MlflowTrackingServer" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, "AWS::SageMaker::Model": { "additionalProperties": false, "properties": { @@ -247880,6 +294938,22 @@ ], "type": "object" }, + "AWS::SageMaker::Model.AdditionalModelDataSource": { + "additionalProperties": false, + "properties": { + "ChannelName": { + "type": "string" + }, + "S3DataSource": { + "$ref": "#/definitions/AWS::SageMaker::Model.S3DataSource" + } + }, + "required": [ + "ChannelName", + "S3DataSource" + ], + "type": "object" + }, "AWS::SageMaker::Model.ContainerDefinition": { "additionalProperties": false, "properties": { @@ -247936,6 +295010,20 @@ }, "type": "object" }, + "AWS::SageMaker::Model.HubAccessConfig": { + "additionalProperties": false, + "properties": { + "HubContentArn": { + "markdownDescription": "The ARN of your private model hub content. This should be a `ModelReference` resource type that points to a SageMaker JumpStart public hub model.", + "title": "HubContentArn", + "type": "string" + } + }, + "required": [ + "HubContentArn" + ], + "type": "object" + }, "AWS::SageMaker::Model.ImageConfig": { "additionalProperties": false, "properties": { @@ -248030,13 +295118,18 @@ "title": "CompressionType", "type": "string" }, + "HubAccessConfig": { + "$ref": "#/definitions/AWS::SageMaker::Model.HubAccessConfig", + "markdownDescription": "The configuration for a private hub model reference that points to a SageMaker JumpStart public hub model.", + "title": "HubAccessConfig" + }, "ModelAccessConfig": { "$ref": "#/definitions/AWS::SageMaker::Model.ModelAccessConfig", "markdownDescription": "", "title": "ModelAccessConfig" }, "S3DataType": { - "markdownDescription": "If you choose `S3Prefix` , `S3Uri` identifies a key name prefix. SageMaker uses all objects that match the specified key name prefix for model training.\n\nIf you choose `ManifestFile` , `S3Uri` identifies an object that is a manifest file containing a list of object keys that you want SageMaker to use for model training.\n\nIf you choose `AugmentedManifestFile` , `S3Uri` identifies an object that is an augmented manifest file in JSON lines format. This file contains the data you want to use for model training. `AugmentedManifestFile` can only be used if the Channel's input mode is `Pipe` .", + "markdownDescription": "If you choose `S3Prefix` , `S3Uri` identifies a key name prefix. SageMaker uses all objects that match the specified key name prefix for model training.\n\nIf you choose `ManifestFile` , `S3Uri` identifies an object that is a manifest file containing a list of object keys that you want SageMaker to use for model training.\n\nIf you choose `AugmentedManifestFile` , `S3Uri` identifies an object that is an augmented manifest file in JSON lines format. This file contains the data you want to use for model training. `AugmentedManifestFile` can only be used if the Channel's input mode is `Pipe` .\n\nIf you choose `Converse` , `S3Uri` identifies an Amazon S3 location that contains data formatted according to Converse format. This format structures conversational messages with specific roles and content types used for training and fine-tuning foundational models.", "title": "S3DataType", "type": "string" }, @@ -250003,6 +297096,11 @@ "title": "ModelApprovalStatus", "type": "string" }, + "ModelCard": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelCard", + "markdownDescription": "An Amazon SageMaker Model Card.", + "title": "ModelCard" + }, "ModelMetrics": { "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelMetrics", "markdownDescription": "Metrics for the model.", @@ -250038,6 +297136,11 @@ "title": "SamplePayloadUrl", "type": "string" }, + "SecurityConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.SecurityConfig", + "markdownDescription": "", + "title": "SecurityConfig" + }, "SkipModelValidation": { "markdownDescription": "Indicates if you want to skip model validation.", "title": "SkipModelValidation", @@ -250048,6 +297151,11 @@ "markdownDescription": "A list of algorithms that were used to create a model package.", "title": "SourceAlgorithmSpecification" }, + "SourceUri": { + "markdownDescription": "The URI of the source for the model package.", + "title": "SourceUri", + "type": "string" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" @@ -250416,6 +297524,40 @@ ], "type": "object" }, + "AWS::SageMaker::ModelPackage.ModelAccessConfig": { + "additionalProperties": false, + "properties": { + "AcceptEula": { + "markdownDescription": "Specifies agreement to the model end-user license agreement (EULA). The `AcceptEula` value must be explicitly defined as `True` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.", + "title": "AcceptEula", + "type": "boolean" + } + }, + "required": [ + "AcceptEula" + ], + "type": "object" + }, + "AWS::SageMaker::ModelPackage.ModelCard": { + "additionalProperties": false, + "properties": { + "ModelCardContent": { + "markdownDescription": "", + "title": "ModelCardContent", + "type": "string" + }, + "ModelCardStatus": { + "markdownDescription": "The approval status of the model card within your organization. Different organizations might have different criteria for model card review and approval.\n\n- `Draft` : The model card is a work in progress.\n- `PendingReview` : The model card is pending review.\n- `Approved` : The model card is approved.\n- `Archived` : The model card is archived. No more updates should be made to the model card, but it can still be exported.", + "title": "ModelCardStatus", + "type": "string" + } + }, + "required": [ + "ModelCardContent", + "ModelCardStatus" + ], + "type": "object" + }, "AWS::SageMaker::ModelPackage.ModelDataQuality": { "additionalProperties": false, "properties": { @@ -250432,6 +297574,17 @@ }, "type": "object" }, + "AWS::SageMaker::ModelPackage.ModelDataSource": { + "additionalProperties": false, + "properties": { + "S3DataSource": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.S3ModelDataSource", + "markdownDescription": "Specifies the S3 location of ML model data to deploy.", + "title": "S3DataSource" + } + }, + "type": "object" + }, "AWS::SageMaker::ModelPackage.ModelInput": { "additionalProperties": false, "properties": { @@ -250511,6 +297664,11 @@ "title": "ImageDigest", "type": "string" }, + "ModelDataSource": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelDataSource", + "markdownDescription": "Specifies the location of ML model data to deploy during endpoint creation.", + "title": "ModelDataSource" + }, "ModelDataUrl": { "markdownDescription": "The Amazon S3 path where the model artifacts, which result from model training, are stored. This path must point to a single `gzip` compressed tar archive ( `.tar.gz` suffix).\n\n> The model artifacts must be in an S3 bucket that is in the same region as the model package.", "title": "ModelDataUrl", @@ -250591,7 +297749,7 @@ "additionalProperties": false, "properties": { "S3DataType": { - "markdownDescription": "If you choose `S3Prefix` , `S3Uri` identifies a key name prefix. SageMaker uses all objects that match the specified key name prefix for model training.\n\nIf you choose `ManifestFile` , `S3Uri` identifies an object that is a manifest file containing a list of object keys that you want SageMaker to use for model training.\n\nIf you choose `AugmentedManifestFile` , `S3Uri` identifies an object that is an augmented manifest file in JSON lines format. This file contains the data you want to use for model training. `AugmentedManifestFile` can only be used if the Channel's input mode is `Pipe` .", + "markdownDescription": "If you choose `S3Prefix` , `S3Uri` identifies a key name prefix. SageMaker uses all objects that match the specified key name prefix for model training.\n\nIf you choose `ManifestFile` , `S3Uri` identifies an object that is a manifest file containing a list of object keys that you want SageMaker to use for model training.\n\nIf you choose `AugmentedManifestFile` , `S3Uri` identifies an object that is an augmented manifest file in JSON lines format. This file contains the data you want to use for model training. `AugmentedManifestFile` can only be used if the Channel's input mode is `Pipe` .\n\nIf you choose `Converse` , `S3Uri` identifies an Amazon S3 location that contains data formatted according to Converse format. This format structures conversational messages with specific roles and content types used for training and fine-tuning foundational models.", "title": "S3DataType", "type": "string" }, @@ -250607,6 +297765,51 @@ ], "type": "object" }, + "AWS::SageMaker::ModelPackage.S3ModelDataSource": { + "additionalProperties": false, + "properties": { + "CompressionType": { + "markdownDescription": "Specifies how the ML model data is prepared.\n\nIf you choose `Gzip` and choose `S3Object` as the value of `S3DataType` , `S3Uri` identifies an object that is a gzip-compressed TAR archive. SageMaker will attempt to decompress and untar the object during model deployment.\n\nIf you choose `None` and chooose `S3Object` as the value of `S3DataType` , `S3Uri` identifies an object that represents an uncompressed ML model to deploy.\n\nIf you choose None and choose `S3Prefix` as the value of `S3DataType` , `S3Uri` identifies a key name prefix, under which all objects represents the uncompressed ML model to deploy.\n\nIf you choose None, then SageMaker will follow rules below when creating model data files under /opt/ml/model directory for use by your inference code:\n\n- If you choose `S3Object` as the value of `S3DataType` , then SageMaker will split the key of the S3 object referenced by `S3Uri` by slash (/), and use the last part as the filename of the file holding the content of the S3 object.\n- If you choose `S3Prefix` as the value of `S3DataType` , then for each S3 object under the key name pefix referenced by `S3Uri` , SageMaker will trim its key by the prefix, and use the remainder as the path (relative to `/opt/ml/model` ) of the file holding the content of the S3 object. SageMaker will split the remainder by slash (/), using intermediate parts as directory names and the last part as filename of the file holding the content of the S3 object.\n- Do not use any of the following as file names or directory names:\n\n- An empty or blank string\n- A string which contains null bytes\n- A string longer than 255 bytes\n- A single dot ( `.` )\n- A double dot ( `..` )\n- Ambiguous file names will result in model deployment failure. For example, if your uncompressed ML model consists of two S3 objects `s3://mybucket/model/weights` and `s3://mybucket/model/weights/part1` and you specify `s3://mybucket/model/` as the value of `S3Uri` and `S3Prefix` as the value of `S3DataType` , then it will result in name clash between `/opt/ml/model/weights` (a regular file) and `/opt/ml/model/weights/` (a directory).\n- Do not organize the model artifacts in [S3 console using folders](https://docs.aws.amazon.com//AmazonS3/latest/userguide/using-folders.html) . When you create a folder in S3 console, S3 creates a 0-byte object with a key set to the folder name you provide. They key of the 0-byte object ends with a slash (/) which violates SageMaker restrictions on model artifact file names, leading to model deployment failure.", + "title": "CompressionType", + "type": "string" + }, + "ModelAccessConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelAccessConfig", + "markdownDescription": "Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the `ModelAccessConfig` . You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.", + "title": "ModelAccessConfig" + }, + "S3DataType": { + "markdownDescription": "Specifies the type of ML model data to deploy.\n\nIf you choose `S3Prefix` , `S3Uri` identifies a key name prefix. SageMaker uses all objects that match the specified key name prefix as part of the ML model data to deploy. A valid key name prefix identified by `S3Uri` always ends with a forward slash (/).\n\nIf you choose `S3Object` , `S3Uri` identifies an object that is the ML model data to deploy.", + "title": "S3DataType", + "type": "string" + }, + "S3Uri": { + "markdownDescription": "Specifies the S3 path of ML model data to deploy.", + "title": "S3Uri", + "type": "string" + } + }, + "required": [ + "CompressionType", + "S3DataType", + "S3Uri" + ], + "type": "object" + }, + "AWS::SageMaker::ModelPackage.SecurityConfig": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "markdownDescription": "", + "title": "KmsKeyId", + "type": "string" + } + }, + "required": [ + "KmsKeyId" + ], + "type": "object" + }, "AWS::SageMaker::ModelPackage.SourceAlgorithm": { "additionalProperties": false, "properties": { @@ -252388,6 +299591,164 @@ }, "type": "object" }, + "AWS::SageMaker::PartnerApp": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationConfig": { + "$ref": "#/definitions/AWS::SageMaker::PartnerApp.PartnerAppConfig", + "markdownDescription": "Configuration settings for the Partner AI App.", + "title": "ApplicationConfig" + }, + "AuthType": { + "markdownDescription": "Defines the authentication type used for the Partner AI App.", + "title": "AuthType", + "type": "string" + }, + "EnableIamSessionBasedIdentity": { + "markdownDescription": "Enables IAM Session based Identity for PartnerApp.", + "title": "EnableIamSessionBasedIdentity", + "type": "boolean" + }, + "ExecutionRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role of the user.", + "title": "ExecutionRoleArn", + "type": "string" + }, + "KmsKeyId": { + "markdownDescription": "The AWS KMS customer managed key used to encrypt the data associated with the PartnerApp.", + "title": "KmsKeyId", + "type": "string" + }, + "MaintenanceConfig": { + "$ref": "#/definitions/AWS::SageMaker::PartnerApp.PartnerAppMaintenanceConfig", + "markdownDescription": "A collection of settings that specify the maintenance schedule for the PartnerApp.", + "title": "MaintenanceConfig" + }, + "Name": { + "markdownDescription": "The name of the Partner AI App. This name must be unique within your account and region.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags to apply to the PartnerApp.", + "title": "Tags", + "type": "array" + }, + "Tier": { + "markdownDescription": "Specifies the tier or level of the Partner AI App. The tier size impacts the speed and capabilities of the application. For more information, see [Set up Partner AI Apps](https://docs.aws.amazon.com/sagemaker/latest/dg/partner-app-onboard.html) .", + "title": "Tier", + "type": "string" + }, + "Type": { + "markdownDescription": "Specifies the type of Partner AI App being created.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "AuthType", + "ExecutionRoleArn", + "Name", + "Tier", + "Type" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SageMaker::PartnerApp" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SageMaker::PartnerApp.PartnerAppConfig": { + "additionalProperties": false, + "properties": { + "AdminUsers": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of users that will have administrative access to the Partner AI App.", + "title": "AdminUsers", + "type": "array" + }, + "Arguments": { + "additionalProperties": true, + "markdownDescription": "Additional arguments passed to the Partner AI App during initialization or runtime.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Arguments", + "type": "object" + } + }, + "type": "object" + }, + "AWS::SageMaker::PartnerApp.PartnerAppMaintenanceConfig": { + "additionalProperties": false, + "properties": { + "MaintenanceWindowStart": { + "markdownDescription": "The maintenance window start day and time for the PartnerApp.", + "title": "MaintenanceWindowStart", + "type": "string" + } + }, + "required": [ + "MaintenanceWindowStart" + ], + "type": "object" + }, "AWS::SageMaker::Pipeline": { "additionalProperties": false, "properties": { @@ -252612,11 +299973,18 @@ "markdownDescription": "A list of key-value pairs to apply to this resource.\n\nFor more information, see [Resource Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) and [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html#allocation-what) in the *AWS Billing and Cost Management User Guide* .", "title": "Tags", "type": "array" + }, + "TemplateProviderDetails": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Project.TemplateProviderDetail" + }, + "markdownDescription": "An array of template providers associated with the project.", + "title": "TemplateProviderDetails", + "type": "array" } }, "required": [ - "ProjectName", - "ServiceCatalogProvisioningDetails" + "ProjectName" ], "type": "object" }, @@ -252641,6 +300009,59 @@ ], "type": "object" }, + "AWS::SageMaker::Project.CfnStackParameter": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The name of the CloudFormation parameter.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the CloudFormation parameter.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::SageMaker::Project.CfnTemplateProviderDetail": { + "additionalProperties": false, + "properties": { + "Parameters": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Project.CfnStackParameter" + }, + "markdownDescription": "An array of CloudFormation stack parameters.", + "title": "Parameters", + "type": "array" + }, + "RoleARN": { + "markdownDescription": "The IAM role used by CloudFormation to create the stack.", + "title": "RoleARN", + "type": "string" + }, + "TemplateName": { + "markdownDescription": "The unique identifier of the template within the project.", + "title": "TemplateName", + "type": "string" + }, + "TemplateURL": { + "markdownDescription": "The Amazon S3 URL of the CloudFormation template.", + "title": "TemplateURL", + "type": "string" + } + }, + "required": [ + "TemplateName", + "TemplateURL" + ], + "type": "object" + }, "AWS::SageMaker::Project.ProvisioningParameter": { "additionalProperties": false, "properties": { @@ -252709,6 +300130,20 @@ ], "type": "object" }, + "AWS::SageMaker::Project.TemplateProviderDetail": { + "additionalProperties": false, + "properties": { + "CfnTemplateProviderDetail": { + "$ref": "#/definitions/AWS::SageMaker::Project.CfnTemplateProviderDetail", + "markdownDescription": "Details about a CloudFormation template provider configuration and associated provisioning information.", + "title": "CfnTemplateProviderDetail" + } + }, + "required": [ + "CfnTemplateProviderDetail" + ], + "type": "object" + }, "AWS::SageMaker::Space": { "additionalProperties": false, "properties": { @@ -252831,6 +300266,16 @@ "$ref": "#/definitions/AWS::SageMaker::Space.EFSFileSystem", "markdownDescription": "A custom file system in Amazon EFS.", "title": "EFSFileSystem" + }, + "FSxLustreFileSystem": { + "$ref": "#/definitions/AWS::SageMaker::Space.FSxLustreFileSystem", + "markdownDescription": "A custom file system in Amazon FSx for Lustre.", + "title": "FSxLustreFileSystem" + }, + "S3FileSystem": { + "$ref": "#/definitions/AWS::SageMaker::Space.S3FileSystem", + "markdownDescription": "A custom file system in Amazon S3. This is only supported in Amazon SageMaker Unified Studio.", + "title": "S3FileSystem" } }, "type": "object" @@ -252888,6 +300333,20 @@ ], "type": "object" }, + "AWS::SageMaker::Space.FSxLustreFileSystem": { + "additionalProperties": false, + "properties": { + "FileSystemId": { + "markdownDescription": "Amazon FSx for Lustre file system ID.", + "title": "FileSystemId", + "type": "string" + } + }, + "required": [ + "FileSystemId" + ], + "type": "object" + }, "AWS::SageMaker::Space.JupyterServerAppSettings": { "additionalProperties": false, "properties": { @@ -252895,6 +300354,14 @@ "$ref": "#/definitions/AWS::SageMaker::Space.ResourceSpec", "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker AI image used by the JupyterServer app. If you use the `LifecycleConfigArns` parameter, then this parameter is also required.", "title": "DefaultResourceSpec" + }, + "LifecycleConfigArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Name (ARN) of the Lifecycle Configurations attached to the JupyterServerApp. If you use this parameter, the `DefaultResourceSpec` parameter is also required.\n\n> To remove a Lifecycle Config, you must set `LifecycleConfigArns` to an empty list.", + "title": "LifecycleConfigArns", + "type": "array" } }, "type": "object" @@ -252914,6 +300381,14 @@ "$ref": "#/definitions/AWS::SageMaker::Space.ResourceSpec", "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker AI image used by the KernelGateway app.\n\n> The Amazon SageMaker AI Studio UI does not use the default instance type value set here. The default instance type set here is used when Apps are created using the AWS CLI or AWS CloudFormation and the instance type parameter value is not passed.", "title": "DefaultResourceSpec" + }, + "LifecycleConfigArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Name (ARN) of the Lifecycle Configurations attached to the the user profile or domain.\n\n> To remove a Lifecycle Config, you must set `LifecycleConfigArns` to an empty list.", + "title": "LifecycleConfigArns", + "type": "array" } }, "type": "object" @@ -252940,6 +300415,11 @@ "title": "InstanceType", "type": "string" }, + "LifecycleConfigArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Lifecycle Configuration attached to the Resource.", + "title": "LifecycleConfigArn", + "type": "string" + }, "SageMakerImageArn": { "markdownDescription": "The ARN of the SageMaker AI image that the image version belongs to.", "title": "SageMakerImageArn", @@ -252953,9 +300433,36 @@ }, "type": "object" }, + "AWS::SageMaker::Space.S3FileSystem": { + "additionalProperties": false, + "properties": { + "S3Uri": { + "markdownDescription": "The Amazon S3 URI that specifies the location in S3 where files are stored, which is mounted within the Studio environment. For example: `s3:////` .", + "title": "S3Uri", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::Space.SpaceAppLifecycleManagement": { + "additionalProperties": false, + "properties": { + "IdleSettings": { + "$ref": "#/definitions/AWS::SageMaker::Space.SpaceIdleSettings", + "markdownDescription": "Settings related to idle shutdown of Studio applications.", + "title": "IdleSettings" + } + }, + "type": "object" + }, "AWS::SageMaker::Space.SpaceCodeEditorAppSettings": { "additionalProperties": false, "properties": { + "AppLifecycleManagement": { + "$ref": "#/definitions/AWS::SageMaker::Space.SpaceAppLifecycleManagement", + "markdownDescription": "Settings that are used to configure and manage the lifecycle of CodeEditor applications in a space.", + "title": "AppLifecycleManagement" + }, "DefaultResourceSpec": { "$ref": "#/definitions/AWS::SageMaker::Space.ResourceSpec", "markdownDescription": "Specifies the ARNs of a SageMaker image and SageMaker image version, and the instance type that the version runs on.", @@ -252964,9 +300471,25 @@ }, "type": "object" }, + "AWS::SageMaker::Space.SpaceIdleSettings": { + "additionalProperties": false, + "properties": { + "IdleTimeoutInMinutes": { + "markdownDescription": "The time that SageMaker waits after the application becomes idle before shutting it down.", + "title": "IdleTimeoutInMinutes", + "type": "number" + } + }, + "type": "object" + }, "AWS::SageMaker::Space.SpaceJupyterLabAppSettings": { "additionalProperties": false, "properties": { + "AppLifecycleManagement": { + "$ref": "#/definitions/AWS::SageMaker::Space.SpaceAppLifecycleManagement", + "markdownDescription": "Settings that are used to configure and manage the lifecycle of JupyterLab applications in a space.", + "title": "AppLifecycleManagement" + }, "CodeRepositories": { "items": { "$ref": "#/definitions/AWS::SageMaker::Space.CodeRepository" @@ -253019,6 +300542,16 @@ "markdownDescription": "The KernelGateway app settings.", "title": "KernelGatewayAppSettings" }, + "RemoteAccess": { + "markdownDescription": "A setting that enables or disables remote access for a SageMaker space. When enabled, this allows you to connect to the remote space from your local IDE.", + "title": "RemoteAccess", + "type": "string" + }, + "SpaceManagedResources": { + "markdownDescription": "If you enable this option, SageMaker AI creates the following resources on your behalf when you create the space:\n\n- The user profile that possesses the space.\n- The app that the space contains.", + "title": "SpaceManagedResources", + "type": "string" + }, "SpaceStorageSettings": { "$ref": "#/definitions/AWS::SageMaker::Space.SpaceStorageSettings", "markdownDescription": "The storage settings for a space.", @@ -253052,6 +300585,93 @@ }, "type": "object" }, + "AWS::SageMaker::StudioLifecycleConfig": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "StudioLifecycleConfigAppType": { + "markdownDescription": "The App type to which the Lifecycle Configuration is attached.", + "title": "StudioLifecycleConfigAppType", + "type": "string" + }, + "StudioLifecycleConfigContent": { + "markdownDescription": "", + "title": "StudioLifecycleConfigContent", + "type": "string" + }, + "StudioLifecycleConfigName": { + "markdownDescription": "The name of the Amazon SageMaker AI Studio Lifecycle Configuration.", + "title": "StudioLifecycleConfigName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "StudioLifecycleConfigAppType", + "StudioLifecycleConfigContent", + "StudioLifecycleConfigName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SageMaker::StudioLifecycleConfig" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, "AWS::SageMaker::UserProfile": { "additionalProperties": false, "properties": { @@ -253148,9 +300768,30 @@ ], "type": "object" }, + "AWS::SageMaker::UserProfile.AppLifecycleManagement": { + "additionalProperties": false, + "properties": { + "IdleSettings": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.IdleSettings", + "markdownDescription": "Settings related to idle shutdown of Studio applications.", + "title": "IdleSettings" + } + }, + "type": "object" + }, "AWS::SageMaker::UserProfile.CodeEditorAppSettings": { "additionalProperties": false, "properties": { + "AppLifecycleManagement": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.AppLifecycleManagement", + "markdownDescription": "Settings that are used to configure and manage the lifecycle of CodeEditor applications.", + "title": "AppLifecycleManagement" + }, + "BuiltInLifecycleConfigArn": { + "markdownDescription": "The lifecycle configuration that runs before the default lifecycle configuration. It can override changes made in the default lifecycle configuration.", + "title": "BuiltInLifecycleConfigArn", + "type": "string" + }, "CustomImages": { "items": { "$ref": "#/definitions/AWS::SageMaker::UserProfile.CustomImage" @@ -253196,6 +300837,16 @@ "$ref": "#/definitions/AWS::SageMaker::UserProfile.EFSFileSystemConfig", "markdownDescription": "The settings for a custom Amazon EFS file system.", "title": "EFSFileSystemConfig" + }, + "FSxLustreFileSystemConfig": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.FSxLustreFileSystemConfig", + "markdownDescription": "The settings for a custom Amazon FSx for Lustre file system.", + "title": "FSxLustreFileSystemConfig" + }, + "S3FileSystemConfig": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.S3FileSystemConfig", + "markdownDescription": "Configuration settings for a custom Amazon S3 file system.", + "title": "S3FileSystemConfig" } }, "type": "object" @@ -253295,9 +300946,83 @@ ], "type": "object" }, + "AWS::SageMaker::UserProfile.FSxLustreFileSystemConfig": { + "additionalProperties": false, + "properties": { + "FileSystemId": { + "markdownDescription": "The globally unique, 17-digit, ID of the file system, assigned by Amazon FSx for Lustre.", + "title": "FileSystemId", + "type": "string" + }, + "FileSystemPath": { + "markdownDescription": "The path to the file system directory that is accessible in Amazon SageMaker Studio. Permitted users can access only this directory and below.", + "title": "FileSystemPath", + "type": "string" + } + }, + "required": [ + "FileSystemId" + ], + "type": "object" + }, + "AWS::SageMaker::UserProfile.HiddenSageMakerImage": { + "additionalProperties": false, + "properties": { + "SageMakerImageName": { + "markdownDescription": "The SageMaker image name that you are hiding from the Studio user interface.", + "title": "SageMakerImageName", + "type": "string" + }, + "VersionAliases": { + "items": { + "type": "string" + }, + "markdownDescription": "The version aliases you are hiding from the Studio user interface.", + "title": "VersionAliases", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SageMaker::UserProfile.IdleSettings": { + "additionalProperties": false, + "properties": { + "IdleTimeoutInMinutes": { + "markdownDescription": "The time that SageMaker waits after the application becomes idle before shutting it down.", + "title": "IdleTimeoutInMinutes", + "type": "number" + }, + "LifecycleManagement": { + "markdownDescription": "Indicates whether idle shutdown is activated for the application type.", + "title": "LifecycleManagement", + "type": "string" + }, + "MaxIdleTimeoutInMinutes": { + "markdownDescription": "The maximum value in minutes that custom idle shutdown can be set to by the user.", + "title": "MaxIdleTimeoutInMinutes", + "type": "number" + }, + "MinIdleTimeoutInMinutes": { + "markdownDescription": "The minimum value in minutes that custom idle shutdown can be set to by the user.", + "title": "MinIdleTimeoutInMinutes", + "type": "number" + } + }, + "type": "object" + }, "AWS::SageMaker::UserProfile.JupyterLabAppSettings": { "additionalProperties": false, "properties": { + "AppLifecycleManagement": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.AppLifecycleManagement", + "markdownDescription": "Indicates whether idle shutdown is activated for JupyterLab applications.", + "title": "AppLifecycleManagement" + }, + "BuiltInLifecycleConfigArn": { + "markdownDescription": "The lifecycle configuration that runs before the default lifecycle configuration. It can override changes made in the default lifecycle configuration.", + "title": "BuiltInLifecycleConfigArn", + "type": "string" + }, "CodeRepositories": { "items": { "$ref": "#/definitions/AWS::SageMaker::UserProfile.CodeRepository" @@ -253337,6 +301062,14 @@ "$ref": "#/definitions/AWS::SageMaker::UserProfile.ResourceSpec", "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the JupyterServer app.", "title": "DefaultResourceSpec" + }, + "LifecycleConfigArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Name (ARN) of the Lifecycle Configurations attached to the JupyterServerApp. If you use this parameter, the `DefaultResourceSpec` parameter is also required.\n\n> To remove a Lifecycle Config, you must set `LifecycleConfigArns` to an empty list.", + "title": "LifecycleConfigArns", + "type": "array" } }, "type": "object" @@ -253356,6 +301089,14 @@ "$ref": "#/definitions/AWS::SageMaker::UserProfile.ResourceSpec", "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker AI image used by the KernelGateway app.\n\n> The Amazon SageMaker AI Studio UI does not use the default instance type value set here. The default instance type set here is used when Apps are created using the AWS CLI or AWS CloudFormation and the instance type parameter value is not passed.", "title": "DefaultResourceSpec" + }, + "LifecycleConfigArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Name (ARN) of the Lifecycle Configurations attached to the the user profile or domain.\n\n> To remove a Lifecycle Config, you must set `LifecycleConfigArns` to an empty list.", + "title": "LifecycleConfigArns", + "type": "array" } }, "type": "object" @@ -253384,6 +301125,11 @@ "title": "InstanceType", "type": "string" }, + "LifecycleConfigArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Lifecycle Configuration attached to the Resource.", + "title": "LifecycleConfigArn", + "type": "string" + }, "SageMakerImageArn": { "markdownDescription": "The ARN of the SageMaker AI image that the image version belongs to.", "title": "SageMakerImageArn", @@ -253397,6 +301143,22 @@ }, "type": "object" }, + "AWS::SageMaker::UserProfile.S3FileSystemConfig": { + "additionalProperties": false, + "properties": { + "MountPath": { + "markdownDescription": "The file system path where the Amazon S3 storage location will be mounted within the Amazon SageMaker Studio environment.", + "title": "MountPath", + "type": "string" + }, + "S3Uri": { + "markdownDescription": "The Amazon S3 URI of the S3 file system configuration.", + "title": "S3Uri", + "type": "string" + } + }, + "type": "object" + }, "AWS::SageMaker::UserProfile.SharingSettings": { "additionalProperties": false, "properties": { @@ -253418,9 +301180,52 @@ }, "type": "object" }, + "AWS::SageMaker::UserProfile.StudioWebPortalSettings": { + "additionalProperties": false, + "properties": { + "HiddenAppTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The [Applications supported in Studio](https://docs.aws.amazon.com/sagemaker/latest/dg/studio-updated-apps.html) that are hidden from the Studio left navigation pane.", + "title": "HiddenAppTypes", + "type": "array" + }, + "HiddenInstanceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The instance types you are hiding from the Studio user interface.", + "title": "HiddenInstanceTypes", + "type": "array" + }, + "HiddenMlTools": { + "items": { + "type": "string" + }, + "markdownDescription": "The machine learning tools that are hidden from the Studio left navigation pane.", + "title": "HiddenMlTools", + "type": "array" + }, + "HiddenSageMakerImageVersionAliases": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.HiddenSageMakerImage" + }, + "markdownDescription": "The version aliases you are hiding from the Studio user interface.", + "title": "HiddenSageMakerImageVersionAliases", + "type": "array" + } + }, + "type": "object" + }, "AWS::SageMaker::UserProfile.UserSettings": { "additionalProperties": false, "properties": { + "AutoMountHomeEFS": { + "markdownDescription": "Indicates whether auto-mounting of an EFS volume is supported for the user profile. The `DefaultAsDomain` value is only supported for user profiles. Do not use the `DefaultAsDomain` value when setting this parameter for a domain.\n\nSageMaker applies this setting only to private spaces that the user creates in the domain. SageMaker doesn't apply this setting to shared spaces.", + "title": "AutoMountHomeEFS", + "type": "string" + }, "CodeEditorAppSettings": { "$ref": "#/definitions/AWS::SageMaker::UserProfile.CodeEditorAppSettings", "markdownDescription": "The Code Editor application settings.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", @@ -253491,6 +301296,11 @@ "markdownDescription": "Whether the user can access Studio. If this value is set to `DISABLED` , the user cannot access Studio, even if that is the default experience for the domain.", "title": "StudioWebPortal", "type": "string" + }, + "StudioWebPortalSettings": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.StudioWebPortalSettings", + "markdownDescription": "Studio settings. If these settings are applied on a user level, they take priority over the settings applied on a domain level.", + "title": "StudioWebPortalSettings" } }, "type": "object" @@ -254725,6 +302535,93 @@ ], "type": "object" }, + "AWS::SecurityHub::AggregatorV2": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "LinkedRegions": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of Regions that are linked to the aggregation Region.", + "title": "LinkedRegions", + "type": "array" + }, + "RegionLinkingMode": { + "markdownDescription": "Determines how Regions are linked to an Aggregator V2.", + "title": "RegionLinkingMode", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "A list of key-value pairs to be applied to the AggregatorV2.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "LinkedRegions", + "RegionLinkingMode" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SecurityHub::AggregatorV2" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, "AWS::SecurityHub::AutomationRule": { "additionalProperties": false, "properties": { @@ -254810,6 +302707,13 @@ "type": "object" } }, + "required": [ + "Actions", + "Criteria", + "Description", + "RuleName", + "RuleOrder" + ], "type": "object" }, "Type": { @@ -254828,7 +302732,8 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, @@ -255354,7 +303259,7 @@ "additionalProperties": false, "properties": { "Comparison": { - "markdownDescription": "The condition to apply to a string value when filtering Security Hub findings.\n\nTo search for values that have the filter value, use one of the following comparison operators:\n\n- To search for values that include the filter value, use `CONTAINS` . For example, the filter `Title CONTAINS CloudFront` matches findings that have a `Title` that includes the string CloudFront.\n- To search for values that exactly match the filter value, use `EQUALS` . For example, the filter `AwsAccountId EQUALS 123456789012` only matches findings that have an account ID of `123456789012` .\n- To search for values that start with the filter value, use `PREFIX` . For example, the filter `ResourceRegion PREFIX us` matches findings that have a `ResourceRegion` that starts with `us` . A `ResourceRegion` that starts with a different value, such as `af` , `ap` , or `ca` , doesn't match.\n\n`CONTAINS` , `EQUALS` , and `PREFIX` filters on the same field are joined by `OR` . A finding matches if it matches any one of those filters. For example, the filters `Title CONTAINS CloudFront OR Title CONTAINS CloudWatch` match a finding that includes either `CloudFront` , `CloudWatch` , or both strings in the title.\n\nTo search for values that don\u2019t have the filter value, use one of the following comparison operators:\n\n- To search for values that exclude the filter value, use `NOT_CONTAINS` . For example, the filter `Title NOT_CONTAINS CloudFront` matches findings that have a `Title` that excludes the string CloudFront.\n- To search for values other than the filter value, use `NOT_EQUALS` . For example, the filter `AwsAccountId NOT_EQUALS 123456789012` only matches findings that have an account ID other than `123456789012` .\n- To search for values that don't start with the filter value, use `PREFIX_NOT_EQUALS` . For example, the filter `ResourceRegion PREFIX_NOT_EQUALS us` matches findings with a `ResourceRegion` that starts with a value other than `us` .\n\n`NOT_CONTAINS` , `NOT_EQUALS` , and `PREFIX_NOT_EQUALS` filters on the same field are joined by `AND` . A finding matches only if it matches all of those filters. For example, the filters `Title NOT_CONTAINS CloudFront AND Title NOT_CONTAINS CloudWatch` match a finding that excludes both `CloudFront` and `CloudWatch` in the title.\n\nYou can\u2019t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can't provide both an `EQUALS` filter and a `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filter on the same field. Combining filters in this way returns an error. `CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters.\n\nYou can combine `PREFIX` filters with `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters for the same field. Security Hub first processes the `PREFIX` filters, and then the `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters.\n\nFor example, for the following filters, Security Hub first identifies findings that have resource types that start with either `AwsIam` or `AwsEc2` . It then excludes findings that have a resource type of `AwsIamPolicy` and findings that have a resource type of `AwsEc2NetworkInterface` .\n\n- `ResourceType PREFIX AwsIam`\n- `ResourceType PREFIX AwsEc2`\n- `ResourceType NOT_EQUALS AwsIamPolicy`\n- `ResourceType NOT_EQUALS AwsEc2NetworkInterface`\n\n`CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* .", + "markdownDescription": "The condition to apply to a string value when filtering Security Hub findings.\n\nTo search for values that have the filter value, use one of the following comparison operators:\n\n- To search for values that include the filter value, use `CONTAINS` . For example, the filter `Title CONTAINS CloudFront` matches findings that have a `Title` that includes the string CloudFront.\n- To search for values that exactly match the filter value, use `EQUALS` . For example, the filter `AwsAccountId EQUALS 123456789012` only matches findings that have an account ID of `123456789012` .\n- To search for values that start with the filter value, use `PREFIX` . For example, the filter `ResourceRegion PREFIX us` matches findings that have a `ResourceRegion` that starts with `us` . A `ResourceRegion` that starts with a different value, such as `af` , `ap` , or `ca` , doesn't match.\n\n`CONTAINS` , `EQUALS` , and `PREFIX` filters on the same field are joined by `OR` . A finding matches if it matches any one of those filters. For example, the filters `Title CONTAINS CloudFront OR Title CONTAINS CloudWatch` match a finding that includes either `CloudFront` , `CloudWatch` , or both strings in the title.\n\nTo search for values that don\u2019t have the filter value, use one of the following comparison operators:\n\n- To search for values that exclude the filter value, use `NOT_CONTAINS` . For example, the filter `Title NOT_CONTAINS CloudFront` matches findings that have a `Title` that excludes the string CloudFront.\n- To search for values other than the filter value, use `NOT_EQUALS` . For example, the filter `AwsAccountId NOT_EQUALS 123456789012` only matches findings that have an account ID other than `123456789012` .\n- To search for values that don't start with the filter value, use `PREFIX_NOT_EQUALS` . For example, the filter `ResourceRegion PREFIX_NOT_EQUALS us` matches findings with a `ResourceRegion` that starts with a value other than `us` .\n\n`NOT_CONTAINS` , `NOT_EQUALS` , and `PREFIX_NOT_EQUALS` filters on the same field are joined by `AND` . A finding matches only if it matches all of those filters. For example, the filters `Title NOT_CONTAINS CloudFront AND Title NOT_CONTAINS CloudWatch` match a finding that excludes both `CloudFront` and `CloudWatch` in the title.\n\nYou can\u2019t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can't provide both an `EQUALS` filter and a `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filter on the same field. Combining filters in this way returns an error. `CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters.\n\nYou can combine `PREFIX` filters with `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters for the same field. Security Hub first processes the `PREFIX` filters, and then the `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters.\n\nFor example, for the following filters, Security Hub first identifies findings that have resource types that start with either `AwsIam` or `AwsEc2` . It then excludes findings that have a resource type of `AwsIamPolicy` and findings that have a resource type of `AwsEc2NetworkInterface` .\n\n- `ResourceType PREFIX AwsIam`\n- `ResourceType PREFIX AwsEc2`\n- `ResourceType NOT_EQUALS AwsIamPolicy`\n- `ResourceType NOT_EQUALS AwsEc2NetworkInterface`\n\n`CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules V1. `CONTAINS_WORD` operator is only supported in `GetFindingsV2` , `GetFindingStatisticsV2` , `GetResourcesV2` , and `GetResourceStatisticsV2` APIs. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* .", "title": "Comparison", "type": "string" }, @@ -255384,6 +303289,725 @@ ], "type": "object" }, + "AWS::SecurityHub::AutomationRuleV2": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.AutomationRulesActionV2" + }, + "markdownDescription": "A list of actions to be performed when the rule criteria is met.", + "title": "Actions", + "type": "array" + }, + "Criteria": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.Criteria", + "markdownDescription": "The filtering type and configuration of the automation rule.", + "title": "Criteria" + }, + "Description": { + "markdownDescription": "A description of the V2 automation rule.", + "title": "Description", + "type": "string" + }, + "RuleName": { + "markdownDescription": "The name of the V2 automation rule.", + "title": "RuleName", + "type": "string" + }, + "RuleOrder": { + "markdownDescription": "The value for the rule priority.", + "title": "RuleOrder", + "type": "number" + }, + "RuleStatus": { + "markdownDescription": "The status of the V2 automation rule.", + "title": "RuleStatus", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "A list of key-value pairs associated with the V2 automation rule.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "Actions", + "Criteria", + "Description", + "RuleName", + "RuleOrder" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SecurityHub::AutomationRuleV2" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SecurityHub::AutomationRuleV2.AutomationRulesActionV2": { + "additionalProperties": false, + "properties": { + "ExternalIntegrationConfiguration": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.ExternalIntegrationConfiguration", + "markdownDescription": "The settings for integrating automation rule actions with external systems or service.", + "title": "ExternalIntegrationConfiguration" + }, + "FindingFieldsUpdate": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.AutomationRulesFindingFieldsUpdateV2", + "markdownDescription": "Specifies that the automation rule action is an update to a finding field.", + "title": "FindingFieldsUpdate" + }, + "Type": { + "markdownDescription": "Specifies the type of action that Security Hub takes when a finding matches the defined criteria of a rule.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::SecurityHub::AutomationRuleV2.AutomationRulesFindingFieldsUpdateV2": { + "additionalProperties": false, + "properties": { + "Comment": { + "markdownDescription": "Notes or contextual information for findings that are modified by the automation rule.", + "title": "Comment", + "type": "string" + }, + "SeverityId": { + "markdownDescription": "The severity level to be assigned to findings that match the automation rule criteria.", + "title": "SeverityId", + "type": "number" + }, + "StatusId": { + "markdownDescription": "The status to be applied to findings that match automation rule criteria.", + "title": "StatusId", + "type": "number" + } + }, + "type": "object" + }, + "AWS::SecurityHub::AutomationRuleV2.BooleanFilter": { + "additionalProperties": false, + "properties": { + "Value": { + "markdownDescription": "The value of the boolean.", + "title": "Value", + "type": "boolean" + } + }, + "required": [ + "Value" + ], + "type": "object" + }, + "AWS::SecurityHub::AutomationRuleV2.CompositeFilter": { + "additionalProperties": false, + "properties": { + "BooleanFilters": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.OcsfBooleanFilter" + }, + "markdownDescription": "Enables filtering based on boolean field values.", + "title": "BooleanFilters", + "type": "array" + }, + "DateFilters": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.OcsfDateFilter" + }, + "markdownDescription": "Enables filtering based on date and timestamp fields.", + "title": "DateFilters", + "type": "array" + }, + "MapFilters": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.OcsfMapFilter" + }, + "markdownDescription": "Enables the creation of filtering criteria for security findings.", + "title": "MapFilters", + "type": "array" + }, + "NumberFilters": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.OcsfNumberFilter" + }, + "markdownDescription": "Enables filtering based on numerical field values.", + "title": "NumberFilters", + "type": "array" + }, + "Operator": { + "markdownDescription": "The logical operator used to combine multiple filter conditions.", + "title": "Operator", + "type": "string" + }, + "StringFilters": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.OcsfStringFilter" + }, + "markdownDescription": "Enables filtering based on string field values.", + "title": "StringFilters", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SecurityHub::AutomationRuleV2.Criteria": { + "additionalProperties": false, + "properties": { + "OcsfFindingCriteria": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.OcsfFindingFilters", + "markdownDescription": "The filtering conditions that align with OCSF standards.", + "title": "OcsfFindingCriteria" + } + }, + "type": "object" + }, + "AWS::SecurityHub::AutomationRuleV2.DateFilter": { + "additionalProperties": false, + "properties": { + "DateRange": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.DateRange", + "markdownDescription": "A date range for the date filter.", + "title": "DateRange" + }, + "End": { + "markdownDescription": "A timestamp that provides the end date for the date filter.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", + "title": "End", + "type": "string" + }, + "Start": { + "markdownDescription": "A timestamp that provides the start date for the date filter.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", + "title": "Start", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SecurityHub::AutomationRuleV2.DateRange": { + "additionalProperties": false, + "properties": { + "Unit": { + "markdownDescription": "A date range unit for the date filter.", + "title": "Unit", + "type": "string" + }, + "Value": { + "markdownDescription": "A date range value for the date filter.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "Unit", + "Value" + ], + "type": "object" + }, + "AWS::SecurityHub::AutomationRuleV2.ExternalIntegrationConfiguration": { + "additionalProperties": false, + "properties": { + "ConnectorArn": { + "markdownDescription": "The ARN of the connector that establishes the integration.", + "title": "ConnectorArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SecurityHub::AutomationRuleV2.MapFilter": { + "additionalProperties": false, + "properties": { + "Comparison": { + "markdownDescription": "The condition to apply to the key value when filtering Security Hub findings with a map filter.\n\nTo search for values that have the filter value, use one of the following comparison operators:\n\n- To search for values that include the filter value, use `CONTAINS` . For example, for the `ResourceTags` field, the filter `Department CONTAINS Security` matches findings that include the value `Security` for the `Department` tag. In the same example, a finding with a value of `Security team` for the `Department` tag is a match.\n- To search for values that exactly match the filter value, use `EQUALS` . For example, for the `ResourceTags` field, the filter `Department EQUALS Security` matches findings that have the value `Security` for the `Department` tag.\n\n`CONTAINS` and `EQUALS` filters on the same field are joined by `OR` . A finding matches if it matches any one of those filters. For example, the filters `Department CONTAINS Security OR Department CONTAINS Finance` match a finding that includes either `Security` , `Finance` , or both values.\n\nTo search for values that don't have the filter value, use one of the following comparison operators:\n\n- To search for values that exclude the filter value, use `NOT_CONTAINS` . For example, for the `ResourceTags` field, the filter `Department NOT_CONTAINS Finance` matches findings that exclude the value `Finance` for the `Department` tag.\n- To search for values other than the filter value, use `NOT_EQUALS` . For example, for the `ResourceTags` field, the filter `Department NOT_EQUALS Finance` matches findings that don\u2019t have the value `Finance` for the `Department` tag.\n\n`NOT_CONTAINS` and `NOT_EQUALS` filters on the same field are joined by `AND` . A finding matches only if it matches all of those filters. For example, the filters `Department NOT_CONTAINS Security AND Department NOT_CONTAINS Finance` match a finding that excludes both the `Security` and `Finance` values.\n\n`CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters.\n\nYou can\u2019t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can\u2019t have both an `EQUALS` filter and a `NOT_EQUALS` filter on the same field. Combining filters in this way returns an error.\n\n`CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* .", + "title": "Comparison", + "type": "string" + }, + "Key": { + "markdownDescription": "The key of the map filter. For example, for `ResourceTags` , `Key` identifies the name of the tag. For `UserDefinedFields` , `Key` is the name of the field.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The value for the key in the map filter. Filter values are case sensitive. For example, one of the values for a tag called `Department` might be `Security` . If you provide `security` as the filter value, then there's no match.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Comparison", + "Key", + "Value" + ], + "type": "object" + }, + "AWS::SecurityHub::AutomationRuleV2.NumberFilter": { + "additionalProperties": false, + "properties": { + "Eq": { + "markdownDescription": "The equal-to condition to be applied to a single field when querying for findings.", + "title": "Eq", + "type": "number" + }, + "Gte": { + "markdownDescription": "The greater-than-equal condition to be applied to a single field when querying for findings.", + "title": "Gte", + "type": "number" + }, + "Lte": { + "markdownDescription": "The less-than-equal condition to be applied to a single field when querying for findings.", + "title": "Lte", + "type": "number" + } + }, + "type": "object" + }, + "AWS::SecurityHub::AutomationRuleV2.OcsfBooleanFilter": { + "additionalProperties": false, + "properties": { + "FieldName": { + "markdownDescription": "The name of the field.", + "title": "FieldName", + "type": "string" + }, + "Filter": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.BooleanFilter", + "markdownDescription": "Enables filtering of security findings based on boolean field values in OCSF.", + "title": "Filter" + } + }, + "required": [ + "FieldName", + "Filter" + ], + "type": "object" + }, + "AWS::SecurityHub::AutomationRuleV2.OcsfDateFilter": { + "additionalProperties": false, + "properties": { + "FieldName": { + "markdownDescription": "The name of the field.", + "title": "FieldName", + "type": "string" + }, + "Filter": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.DateFilter", + "markdownDescription": "Enables filtering of security findings based on date and timestamp fields in OCSF.", + "title": "Filter" + } + }, + "required": [ + "FieldName", + "Filter" + ], + "type": "object" + }, + "AWS::SecurityHub::AutomationRuleV2.OcsfFindingFilters": { + "additionalProperties": false, + "properties": { + "CompositeFilters": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.CompositeFilter" + }, + "markdownDescription": "Enables the creation of complex filtering conditions by combining filter criteria.", + "title": "CompositeFilters", + "type": "array" + }, + "CompositeOperator": { + "markdownDescription": "The logical operators used to combine the filtering on multiple `CompositeFilters` .", + "title": "CompositeOperator", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SecurityHub::AutomationRuleV2.OcsfMapFilter": { + "additionalProperties": false, + "properties": { + "FieldName": { + "markdownDescription": "The name of the field.", + "title": "FieldName", + "type": "string" + }, + "Filter": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.MapFilter", + "markdownDescription": "Enables filtering of security findings based on map field values in OCSF.", + "title": "Filter" + } + }, + "required": [ + "FieldName", + "Filter" + ], + "type": "object" + }, + "AWS::SecurityHub::AutomationRuleV2.OcsfNumberFilter": { + "additionalProperties": false, + "properties": { + "FieldName": { + "markdownDescription": "The name of the field.", + "title": "FieldName", + "type": "string" + }, + "Filter": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.NumberFilter", + "markdownDescription": "Enables filtering of security findings based on numerical field values in OCSF.", + "title": "Filter" + } + }, + "required": [ + "FieldName", + "Filter" + ], + "type": "object" + }, + "AWS::SecurityHub::AutomationRuleV2.OcsfStringFilter": { + "additionalProperties": false, + "properties": { + "FieldName": { + "markdownDescription": "The name of the field.", + "title": "FieldName", + "type": "string" + }, + "Filter": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.StringFilter", + "markdownDescription": "Enables filtering of security findings based on string field values in OCSF.", + "title": "Filter" + } + }, + "required": [ + "FieldName", + "Filter" + ], + "type": "object" + }, + "AWS::SecurityHub::AutomationRuleV2.StringFilter": { + "additionalProperties": false, + "properties": { + "Comparison": { + "markdownDescription": "The condition to apply to a string value when filtering Security Hub findings.\n\nTo search for values that have the filter value, use one of the following comparison operators:\n\n- To search for values that include the filter value, use `CONTAINS` . For example, the filter `Title CONTAINS CloudFront` matches findings that have a `Title` that includes the string CloudFront.\n- To search for values that exactly match the filter value, use `EQUALS` . For example, the filter `AwsAccountId EQUALS 123456789012` only matches findings that have an account ID of `123456789012` .\n- To search for values that start with the filter value, use `PREFIX` . For example, the filter `ResourceRegion PREFIX us` matches findings that have a `ResourceRegion` that starts with `us` . A `ResourceRegion` that starts with a different value, such as `af` , `ap` , or `ca` , doesn't match.\n\n`CONTAINS` , `EQUALS` , and `PREFIX` filters on the same field are joined by `OR` . A finding matches if it matches any one of those filters. For example, the filters `Title CONTAINS CloudFront OR Title CONTAINS CloudWatch` match a finding that includes either `CloudFront` , `CloudWatch` , or both strings in the title.\n\nTo search for values that don\u2019t have the filter value, use one of the following comparison operators:\n\n- To search for values that exclude the filter value, use `NOT_CONTAINS` . For example, the filter `Title NOT_CONTAINS CloudFront` matches findings that have a `Title` that excludes the string CloudFront.\n- To search for values other than the filter value, use `NOT_EQUALS` . For example, the filter `AwsAccountId NOT_EQUALS 123456789012` only matches findings that have an account ID other than `123456789012` .\n- To search for values that don't start with the filter value, use `PREFIX_NOT_EQUALS` . For example, the filter `ResourceRegion PREFIX_NOT_EQUALS us` matches findings with a `ResourceRegion` that starts with a value other than `us` .\n\n`NOT_CONTAINS` , `NOT_EQUALS` , and `PREFIX_NOT_EQUALS` filters on the same field are joined by `AND` . A finding matches only if it matches all of those filters. For example, the filters `Title NOT_CONTAINS CloudFront AND Title NOT_CONTAINS CloudWatch` match a finding that excludes both `CloudFront` and `CloudWatch` in the title.\n\nYou can\u2019t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can't provide both an `EQUALS` filter and a `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filter on the same field. Combining filters in this way returns an error. `CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters.\n\nYou can combine `PREFIX` filters with `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters for the same field. Security Hub first processes the `PREFIX` filters, and then the `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters.\n\nFor example, for the following filters, Security Hub first identifies findings that have resource types that start with either `AwsIam` or `AwsEc2` . It then excludes findings that have a resource type of `AwsIamPolicy` and findings that have a resource type of `AwsEc2NetworkInterface` .\n\n- `ResourceType PREFIX AwsIam`\n- `ResourceType PREFIX AwsEc2`\n- `ResourceType NOT_EQUALS AwsIamPolicy`\n- `ResourceType NOT_EQUALS AwsEc2NetworkInterface`\n\n`CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules V1. `CONTAINS_WORD` operator is only supported in `GetFindingsV2` , `GetFindingStatisticsV2` , `GetResourcesV2` , and `GetResourceStatisticsV2` APIs. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* .", + "title": "Comparison", + "type": "string" + }, + "Value": { + "markdownDescription": "The string filter value. Filter values are case sensitive. For example, the product name for control-based findings is `Security Hub` . If you provide `security hub` as the filter value, there's no match.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Comparison", + "Value" + ], + "type": "object" + }, + "AWS::SecurityHub::ConfigurationPolicy": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ConfigurationPolicy": { + "$ref": "#/definitions/AWS::SecurityHub::ConfigurationPolicy.Policy", + "markdownDescription": "An object that defines how AWS Security Hub is configured. It includes whether Security Hub is enabled or disabled, a list of enabled security standards, a list of enabled or disabled security controls, and a list of custom parameter values for specified controls. If you provide a list of security controls that are enabled in the configuration policy, Security Hub disables all other controls (including newly released controls). If you provide a list of security controls that are disabled in the configuration policy, Security Hub enables all other controls (including newly released controls).", + "title": "ConfigurationPolicy" + }, + "Description": { + "markdownDescription": "The description of the configuration policy.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the configuration policy. Alphanumeric characters and the following ASCII characters are permitted: `-, ., !, *, /` .", + "title": "Name", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "User-defined tags associated with a configuration policy. For more information, see [Tagging AWS Security Hub resources](https://docs.aws.amazon.com/securityhub/latest/userguide/tagging-resources.html) in the *Security Hub user guide* .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "ConfigurationPolicy", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SecurityHub::ConfigurationPolicy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SecurityHub::ConfigurationPolicy.ParameterConfiguration": { + "additionalProperties": false, + "properties": { + "Value": { + "$ref": "#/definitions/AWS::SecurityHub::ConfigurationPolicy.ParameterValue", + "markdownDescription": "The current value of a control parameter.", + "title": "Value" + }, + "ValueType": { + "markdownDescription": "Identifies whether a control parameter uses a custom user-defined value or subscribes to the default AWS Security Hub behavior.\n\nWhen `ValueType` is set equal to `DEFAULT` , the default behavior can be a specific Security Hub default value, or the default behavior can be to ignore a specific parameter. When `ValueType` is set equal to `DEFAULT` , Security Hub ignores user-provided input for the `Value` field.\n\nWhen `ValueType` is set equal to `CUSTOM` , the `Value` field can't be empty.", + "title": "ValueType", + "type": "string" + } + }, + "required": [ + "ValueType" + ], + "type": "object" + }, + "AWS::SecurityHub::ConfigurationPolicy.ParameterValue": { + "additionalProperties": false, + "properties": { + "Boolean": { + "markdownDescription": "A control parameter that is a boolean.", + "title": "Boolean", + "type": "boolean" + }, + "Double": { + "markdownDescription": "A control parameter that is a double.", + "title": "Double", + "type": "number" + }, + "Enum": { + "markdownDescription": "A control parameter that is an enum.", + "title": "Enum", + "type": "string" + }, + "EnumList": { + "items": { + "type": "string" + }, + "markdownDescription": "A control parameter that is a list of enums.", + "title": "EnumList", + "type": "array" + }, + "Integer": { + "markdownDescription": "A control parameter that is an integer.", + "title": "Integer", + "type": "number" + }, + "IntegerList": { + "items": { + "type": "number" + }, + "markdownDescription": "A control parameter that is a list of integers.", + "title": "IntegerList", + "type": "array" + }, + "String": { + "markdownDescription": "A control parameter that is a string.", + "title": "String", + "type": "string" + }, + "StringList": { + "items": { + "type": "string" + }, + "markdownDescription": "A control parameter that is a list of strings.", + "title": "StringList", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SecurityHub::ConfigurationPolicy.Policy": { + "additionalProperties": false, + "properties": { + "SecurityHub": { + "$ref": "#/definitions/AWS::SecurityHub::ConfigurationPolicy.SecurityHubPolicy", + "markdownDescription": "The AWS service that the configuration policy applies to.", + "title": "SecurityHub" + } + }, + "type": "object" + }, + "AWS::SecurityHub::ConfigurationPolicy.SecurityControlCustomParameter": { + "additionalProperties": false, + "properties": { + "Parameters": { + "additionalProperties": false, + "markdownDescription": "An object that specifies parameter values for a control in a configuration policy.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::SecurityHub::ConfigurationPolicy.ParameterConfiguration" + } + }, + "title": "Parameters", + "type": "object" + }, + "SecurityControlId": { + "markdownDescription": "The ID of the security control.", + "title": "SecurityControlId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SecurityHub::ConfigurationPolicy.SecurityControlsConfiguration": { + "additionalProperties": false, + "properties": { + "DisabledSecurityControlIdentifiers": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of security controls that are disabled in the configuration policy.\n\nProvide only one of `EnabledSecurityControlIdentifiers` or `DisabledSecurityControlIdentifiers` .\n\nIf you provide `DisabledSecurityControlIdentifiers` , Security Hub enables all other controls not in the list, and enables [AutoEnableControls](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_UpdateSecurityHubConfiguration.html#securityhub-UpdateSecurityHubConfiguration-request-AutoEnableControls) .", + "title": "DisabledSecurityControlIdentifiers", + "type": "array" + }, + "EnabledSecurityControlIdentifiers": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of security controls that are enabled in the configuration policy.\n\nProvide only one of `EnabledSecurityControlIdentifiers` or `DisabledSecurityControlIdentifiers` .\n\nIf you provide `EnabledSecurityControlIdentifiers` , Security Hub disables all other controls not in the list, and disables [AutoEnableControls](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_UpdateSecurityHubConfiguration.html#securityhub-UpdateSecurityHubConfiguration-request-AutoEnableControls) .", + "title": "EnabledSecurityControlIdentifiers", + "type": "array" + }, + "SecurityControlCustomParameters": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::ConfigurationPolicy.SecurityControlCustomParameter" + }, + "markdownDescription": "A list of security controls and control parameter values that are included in a configuration policy.", + "title": "SecurityControlCustomParameters", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SecurityHub::ConfigurationPolicy.SecurityHubPolicy": { + "additionalProperties": false, + "properties": { + "EnabledStandardIdentifiers": { + "items": { + "type": "string" + }, + "markdownDescription": "A list that defines which security standards are enabled in the configuration policy.\n\nThis property is required only if `ServiceEnabled` is set to `true` in your configuration policy.", + "title": "EnabledStandardIdentifiers", + "type": "array" + }, + "SecurityControlsConfiguration": { + "$ref": "#/definitions/AWS::SecurityHub::ConfigurationPolicy.SecurityControlsConfiguration", + "markdownDescription": "An object that defines which security controls are enabled in the configuration policy. The enablement status of a control is aligned across all of the enabled standards in an account.\n\nThis property is required only if `ServiceEnabled` is set to true in your configuration policy.", + "title": "SecurityControlsConfiguration" + }, + "ServiceEnabled": { + "markdownDescription": "Indicates whether Security Hub is enabled in the policy.", + "title": "ServiceEnabled", + "type": "boolean" + } + }, + "type": "object" + }, "AWS::SecurityHub::DelegatedAdmin": { "additionalProperties": false, "properties": { @@ -255451,6 +304075,81 @@ ], "type": "object" }, + "AWS::SecurityHub::FindingAggregator": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "RegionLinkingMode": { + "markdownDescription": "Indicates whether to aggregate findings from all of the available Regions in the current partition. Also determines whether to automatically aggregate findings from new Regions as Security Hub supports them and you opt into them.\n\nThe selected option also determines how to use the Regions provided in the Regions list.\n\nIn AWS CloudFormation , the options for this property are as follows:\n\n- `ALL_REGIONS` - Indicates to aggregate findings from all of the Regions where Security Hub is enabled. When you choose this option, Security Hub also automatically aggregates findings from new Regions as Security Hub supports them and you opt into them.\n- `ALL_REGIONS_EXCEPT_SPECIFIED` - Indicates to aggregate findings from all of the Regions where Security Hub is enabled, except for the Regions listed in the `Regions` parameter. When you choose this option, Security Hub also automatically aggregates findings from new Regions as Security Hub supports them and you opt into them.\n- `SPECIFIED_REGIONS` - Indicates to aggregate findings only from the Regions listed in the `Regions` parameter. Security Hub does not automatically aggregate findings from new Regions.", + "title": "RegionLinkingMode", + "type": "string" + }, + "Regions": { + "items": { + "type": "string" + }, + "markdownDescription": "If `RegionLinkingMode` is `ALL_REGIONS_EXCEPT_SPECIFIED` , then this is a space-separated list of Regions that do not aggregate findings to the aggregation Region.\n\nIf `RegionLinkingMode` is `SPECIFIED_REGIONS` , then this is a space-separated list of Regions that do aggregate findings to the aggregation Region.", + "title": "Regions", + "type": "array" + } + }, + "required": [ + "RegionLinkingMode" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SecurityHub::FindingAggregator" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, "AWS::SecurityHub::Hub": { "additionalProperties": false, "properties": { @@ -255535,6 +304234,75 @@ ], "type": "object" }, + "AWS::SecurityHub::HubV2": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Tags": { + "additionalProperties": true, + "markdownDescription": "The tags to add to the hub V2 resource when you enable Security Hub.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SecurityHub::HubV2" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, "AWS::SecurityHub::Insight": { "additionalProperties": false, "properties": { @@ -256540,7 +305308,7 @@ "additionalProperties": false, "properties": { "Comparison": { - "markdownDescription": "The condition to apply to a string value when filtering Security Hub findings.\n\nTo search for values that have the filter value, use one of the following comparison operators:\n\n- To search for values that include the filter value, use `CONTAINS` . For example, the filter `Title CONTAINS CloudFront` matches findings that have a `Title` that includes the string CloudFront.\n- To search for values that exactly match the filter value, use `EQUALS` . For example, the filter `AwsAccountId EQUALS 123456789012` only matches findings that have an account ID of `123456789012` .\n- To search for values that start with the filter value, use `PREFIX` . For example, the filter `ResourceRegion PREFIX us` matches findings that have a `ResourceRegion` that starts with `us` . A `ResourceRegion` that starts with a different value, such as `af` , `ap` , or `ca` , doesn't match.\n\n`CONTAINS` , `EQUALS` , and `PREFIX` filters on the same field are joined by `OR` . A finding matches if it matches any one of those filters. For example, the filters `Title CONTAINS CloudFront OR Title CONTAINS CloudWatch` match a finding that includes either `CloudFront` , `CloudWatch` , or both strings in the title.\n\nTo search for values that don\u2019t have the filter value, use one of the following comparison operators:\n\n- To search for values that exclude the filter value, use `NOT_CONTAINS` . For example, the filter `Title NOT_CONTAINS CloudFront` matches findings that have a `Title` that excludes the string CloudFront.\n- To search for values other than the filter value, use `NOT_EQUALS` . For example, the filter `AwsAccountId NOT_EQUALS 123456789012` only matches findings that have an account ID other than `123456789012` .\n- To search for values that don't start with the filter value, use `PREFIX_NOT_EQUALS` . For example, the filter `ResourceRegion PREFIX_NOT_EQUALS us` matches findings with a `ResourceRegion` that starts with a value other than `us` .\n\n`NOT_CONTAINS` , `NOT_EQUALS` , and `PREFIX_NOT_EQUALS` filters on the same field are joined by `AND` . A finding matches only if it matches all of those filters. For example, the filters `Title NOT_CONTAINS CloudFront AND Title NOT_CONTAINS CloudWatch` match a finding that excludes both `CloudFront` and `CloudWatch` in the title.\n\nYou can\u2019t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can't provide both an `EQUALS` filter and a `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filter on the same field. Combining filters in this way returns an error. `CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters.\n\nYou can combine `PREFIX` filters with `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters for the same field. Security Hub first processes the `PREFIX` filters, and then the `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters.\n\nFor example, for the following filters, Security Hub first identifies findings that have resource types that start with either `AwsIam` or `AwsEc2` . It then excludes findings that have a resource type of `AwsIamPolicy` and findings that have a resource type of `AwsEc2NetworkInterface` .\n\n- `ResourceType PREFIX AwsIam`\n- `ResourceType PREFIX AwsEc2`\n- `ResourceType NOT_EQUALS AwsIamPolicy`\n- `ResourceType NOT_EQUALS AwsEc2NetworkInterface`\n\n`CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* .", + "markdownDescription": "The condition to apply to a string value when filtering Security Hub findings.\n\nTo search for values that have the filter value, use one of the following comparison operators:\n\n- To search for values that include the filter value, use `CONTAINS` . For example, the filter `Title CONTAINS CloudFront` matches findings that have a `Title` that includes the string CloudFront.\n- To search for values that exactly match the filter value, use `EQUALS` . For example, the filter `AwsAccountId EQUALS 123456789012` only matches findings that have an account ID of `123456789012` .\n- To search for values that start with the filter value, use `PREFIX` . For example, the filter `ResourceRegion PREFIX us` matches findings that have a `ResourceRegion` that starts with `us` . A `ResourceRegion` that starts with a different value, such as `af` , `ap` , or `ca` , doesn't match.\n\n`CONTAINS` , `EQUALS` , and `PREFIX` filters on the same field are joined by `OR` . A finding matches if it matches any one of those filters. For example, the filters `Title CONTAINS CloudFront OR Title CONTAINS CloudWatch` match a finding that includes either `CloudFront` , `CloudWatch` , or both strings in the title.\n\nTo search for values that don\u2019t have the filter value, use one of the following comparison operators:\n\n- To search for values that exclude the filter value, use `NOT_CONTAINS` . For example, the filter `Title NOT_CONTAINS CloudFront` matches findings that have a `Title` that excludes the string CloudFront.\n- To search for values other than the filter value, use `NOT_EQUALS` . For example, the filter `AwsAccountId NOT_EQUALS 123456789012` only matches findings that have an account ID other than `123456789012` .\n- To search for values that don't start with the filter value, use `PREFIX_NOT_EQUALS` . For example, the filter `ResourceRegion PREFIX_NOT_EQUALS us` matches findings with a `ResourceRegion` that starts with a value other than `us` .\n\n`NOT_CONTAINS` , `NOT_EQUALS` , and `PREFIX_NOT_EQUALS` filters on the same field are joined by `AND` . A finding matches only if it matches all of those filters. For example, the filters `Title NOT_CONTAINS CloudFront AND Title NOT_CONTAINS CloudWatch` match a finding that excludes both `CloudFront` and `CloudWatch` in the title.\n\nYou can\u2019t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can't provide both an `EQUALS` filter and a `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filter on the same field. Combining filters in this way returns an error. `CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters.\n\nYou can combine `PREFIX` filters with `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters for the same field. Security Hub first processes the `PREFIX` filters, and then the `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters.\n\nFor example, for the following filters, Security Hub first identifies findings that have resource types that start with either `AwsIam` or `AwsEc2` . It then excludes findings that have a resource type of `AwsIamPolicy` and findings that have a resource type of `AwsEc2NetworkInterface` .\n\n- `ResourceType PREFIX AwsIam`\n- `ResourceType PREFIX AwsEc2`\n- `ResourceType NOT_EQUALS AwsIamPolicy`\n- `ResourceType NOT_EQUALS AwsEc2NetworkInterface`\n\n`CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules V1. `CONTAINS_WORD` operator is only supported in `GetFindingsV2` , `GetFindingStatisticsV2` , `GetResourcesV2` , and `GetResourceStatisticsV2` APIs. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* .", "title": "Comparison", "type": "string" }, @@ -256556,6 +305324,162 @@ ], "type": "object" }, + "AWS::SecurityHub::OrganizationConfiguration": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AutoEnable": { + "markdownDescription": "Whether to automatically enable Security Hub in new member accounts when they join the organization.\n\nIf set to `true` , then Security Hub is automatically enabled in new accounts. If set to `false` , then Security Hub isn't enabled in new accounts automatically. The default value is `false` .\n\nIf the `ConfigurationType` of your organization is set to `CENTRAL` , then this field is set to `false` and can't be changed in the home Region and linked Regions. However, in that case, the delegated administrator can create a configuration policy in which Security Hub is enabled and associate the policy with new organization accounts.", + "title": "AutoEnable", + "type": "boolean" + }, + "AutoEnableStandards": { + "markdownDescription": "Whether to automatically enable Security Hub [default standards](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-standards-enable-disable.html) in new member accounts when they join the organization.\n\nThe default value of this parameter is equal to `DEFAULT` .\n\nIf equal to `DEFAULT` , then Security Hub default standards are automatically enabled for new member accounts. If equal to `NONE` , then default standards are not automatically enabled for new member accounts.\n\nIf the `ConfigurationType` of your organization is set to `CENTRAL` , then this field is set to `NONE` and can't be changed in the home Region and linked Regions. However, in that case, the delegated administrator can create a configuration policy in which specific security standards are enabled and associate the policy with new organization accounts.", + "title": "AutoEnableStandards", + "type": "string" + }, + "ConfigurationType": { + "markdownDescription": "Indicates whether the organization uses local or central configuration.\n\nIf you use local configuration, the Security Hub delegated administrator can set `AutoEnable` to `true` and `AutoEnableStandards` to `DEFAULT` . This automatically enables Security Hub and default security standards in new organization accounts. These new account settings must be set separately in each AWS Region , and settings may be different in each Region.\n\nIf you use central configuration, the delegated administrator can create configuration policies. Configuration policies can be used to configure Security Hub, security standards, and security controls in multiple accounts and Regions. If you want new organization accounts to use a specific configuration, you can create a configuration policy and associate it with the root or specific organizational units (OUs). New accounts will inherit the policy from the root or their assigned OU.", + "title": "ConfigurationType", + "type": "string" + } + }, + "required": [ + "AutoEnable" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SecurityHub::OrganizationConfiguration" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SecurityHub::PolicyAssociation": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ConfigurationPolicyId": { + "markdownDescription": "The universally unique identifier (UUID) of the configuration policy. A self-managed configuration has no UUID. The identifier of a self-managed configuration is `SELF_MANAGED_SECURITY_HUB` .", + "title": "ConfigurationPolicyId", + "type": "string" + }, + "TargetId": { + "markdownDescription": "The identifier of the target account, organizational unit, or the root.", + "title": "TargetId", + "type": "string" + }, + "TargetType": { + "markdownDescription": "Specifies whether the target is an AWS account , organizational unit, or the root.", + "title": "TargetType", + "type": "string" + } + }, + "required": [ + "ConfigurationPolicyId", + "TargetId", + "TargetType" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SecurityHub::PolicyAssociation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, "AWS::SecurityHub::ProductSubscription": { "additionalProperties": false, "properties": { @@ -256602,25 +305526,187 @@ ], "type": "object" }, - "Type": { - "enum": [ - "AWS::SecurityHub::ProductSubscription" - ], + "Type": { + "enum": [ + "AWS::SecurityHub::ProductSubscription" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SecurityHub::SecurityControl": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "LastUpdateReason": { + "markdownDescription": "The most recent reason for updating the customizable properties of a security control. This differs from the `UpdateReason` field of the [`BatchUpdateStandardsControlAssociations`](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchUpdateStandardsControlAssociations.html) API, which tracks the reason for updating the enablement status of a control. This field accepts alphanumeric characters in addition to white spaces, dashes, and underscores.", + "title": "LastUpdateReason", + "type": "string" + }, + "Parameters": { + "additionalProperties": false, + "markdownDescription": "An object that identifies the name of a control parameter, its current value, and whether it has been customized.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::SecurityHub::SecurityControl.ParameterConfiguration" + } + }, + "title": "Parameters", + "type": "object" + }, + "SecurityControlArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for a security control across standards, such as `arn:aws:securityhub:eu-central-1:123456789012:security-control/S3.1` . This parameter doesn't mention a specific standard.", + "title": "SecurityControlArn", + "type": "string" + }, + "SecurityControlId": { + "markdownDescription": "The unique identifier of a security control across standards. Values for this field typically consist of an AWS service name and a number, such as APIGateway.3.", + "title": "SecurityControlId", + "type": "string" + } + }, + "required": [ + "Parameters" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SecurityHub::SecurityControl" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SecurityHub::SecurityControl.ParameterConfiguration": { + "additionalProperties": false, + "properties": { + "Value": { + "$ref": "#/definitions/AWS::SecurityHub::SecurityControl.ParameterValue", + "markdownDescription": "The current value of a control parameter.", + "title": "Value" + }, + "ValueType": { + "markdownDescription": "Identifies whether a control parameter uses a custom user-defined value or subscribes to the default AWS Security Hub behavior.\n\nWhen `ValueType` is set equal to `DEFAULT` , the default behavior can be a specific Security Hub default value, or the default behavior can be to ignore a specific parameter. When `ValueType` is set equal to `DEFAULT` , Security Hub ignores user-provided input for the `Value` field.\n\nWhen `ValueType` is set equal to `CUSTOM` , the `Value` field can't be empty.", + "title": "ValueType", + "type": "string" + } + }, + "required": [ + "ValueType" + ], + "type": "object" + }, + "AWS::SecurityHub::SecurityControl.ParameterValue": { + "additionalProperties": false, + "properties": { + "Boolean": { + "markdownDescription": "A control parameter that is a boolean.", + "title": "Boolean", + "type": "boolean" + }, + "Double": { + "markdownDescription": "A control parameter that is a double.", + "title": "Double", + "type": "number" + }, + "Enum": { + "markdownDescription": "A control parameter that is an enum.", + "title": "Enum", + "type": "string" + }, + "EnumList": { + "items": { + "type": "string" + }, + "markdownDescription": "A control parameter that is a list of enums.", + "title": "EnumList", + "type": "array" + }, + "Integer": { + "markdownDescription": "A control parameter that is an integer.", + "title": "Integer", + "type": "number" + }, + "IntegerList": { + "items": { + "type": "number" + }, + "markdownDescription": "A control parameter that is a list of integers.", + "title": "IntegerList", + "type": "array" + }, + "String": { + "markdownDescription": "A control parameter that is a string.", + "title": "String", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "StringList": { + "items": { + "type": "string" + }, + "markdownDescription": "A control parameter that is a list of strings.", + "title": "StringList", + "type": "array" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, "AWS::SecurityHub::Standard": { @@ -257144,6 +306230,130 @@ ], "type": "object" }, + "AWS::SecurityLake::SubscriberNotification": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "NotificationConfiguration": { + "$ref": "#/definitions/AWS::SecurityLake::SubscriberNotification.NotificationConfiguration", + "markdownDescription": "Specify the configurations you want to use for subscriber notification. The subscriber is notified when new data is written to the data lake for sources that the subscriber consumes in Security Lake .", + "title": "NotificationConfiguration" + }, + "SubscriberArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Security Lake subscriber.", + "title": "SubscriberArn", + "type": "string" + } + }, + "required": [ + "NotificationConfiguration", + "SubscriberArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SecurityLake::SubscriberNotification" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SecurityLake::SubscriberNotification.HttpsNotificationConfiguration": { + "additionalProperties": false, + "properties": { + "AuthorizationApiKeyName": { + "markdownDescription": "The key name for the notification subscription.", + "title": "AuthorizationApiKeyName", + "type": "string" + }, + "AuthorizationApiKeyValue": { + "markdownDescription": "The key value for the notification subscription.", + "title": "AuthorizationApiKeyValue", + "type": "string" + }, + "Endpoint": { + "markdownDescription": "The subscription endpoint in Security Lake . If you prefer notification with an HTTPS endpoint, populate this field.", + "title": "Endpoint", + "type": "string" + }, + "HttpMethod": { + "markdownDescription": "The HTTPS method used for the notification subscription.", + "title": "HttpMethod", + "type": "string" + }, + "TargetRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the EventBridge API destinations IAM role that you created. For more information about ARNs and how to use them in policies, see [Managing data access](https://docs.aws.amazon.com///security-lake/latest/userguide/subscriber-data-access.html) and [AWS Managed Policies](https://docs.aws.amazon.com//security-lake/latest/userguide/security-iam-awsmanpol.html) in the *Amazon Security Lake User Guide* .", + "title": "TargetRoleArn", + "type": "string" + } + }, + "required": [ + "Endpoint", + "TargetRoleArn" + ], + "type": "object" + }, + "AWS::SecurityLake::SubscriberNotification.NotificationConfiguration": { + "additionalProperties": false, + "properties": { + "HttpsNotificationConfiguration": { + "$ref": "#/definitions/AWS::SecurityLake::SubscriberNotification.HttpsNotificationConfiguration", + "markdownDescription": "The configurations used for HTTPS subscriber notification.", + "title": "HttpsNotificationConfiguration" + }, + "SqsNotificationConfiguration": { + "markdownDescription": "The configurations for SQS subscriber notification. The members of this structure are context-dependent.", + "title": "SqsNotificationConfiguration", + "type": "object" + } + }, + "type": "object" + }, "AWS::ServiceCatalog::AcceptedPortfolioShare": { "additionalProperties": false, "properties": { @@ -257788,26 +306998,934 @@ "title": "PortfolioId", "type": "string" }, - "ProductId": { - "markdownDescription": "The product identifier.", - "title": "ProductId", + "ProductId": { + "markdownDescription": "The product identifier.", + "title": "ProductId", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the launch role.\n\nYou are required to specify `RoleArn` or `LocalRoleName` but can't use both.", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "PortfolioId", + "ProductId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ServiceCatalog::LaunchRoleConstraint" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::ServiceCatalog::LaunchTemplateConstraint": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AcceptLanguage": { + "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", + "title": "AcceptLanguage", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the constraint.", + "title": "Description", + "type": "string" + }, + "PortfolioId": { + "markdownDescription": "The portfolio identifier.", + "title": "PortfolioId", + "type": "string" + }, + "ProductId": { + "markdownDescription": "The product identifier.", + "title": "ProductId", + "type": "string" + }, + "Rules": { + "markdownDescription": "The constraint rules.", + "title": "Rules", + "type": "string" + } + }, + "required": [ + "PortfolioId", + "ProductId", + "Rules" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ServiceCatalog::LaunchTemplateConstraint" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::ServiceCatalog::Portfolio": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AcceptLanguage": { + "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", + "title": "AcceptLanguage", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the portfolio.", + "title": "Description", + "type": "string" + }, + "DisplayName": { + "markdownDescription": "The name to use for display purposes.", + "title": "DisplayName", + "type": "string" + }, + "ProviderName": { + "markdownDescription": "The name of the portfolio provider.", + "title": "ProviderName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "One or more tags.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "DisplayName", + "ProviderName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ServiceCatalog::Portfolio" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::ServiceCatalog::PortfolioPrincipalAssociation": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AcceptLanguage": { + "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", + "title": "AcceptLanguage", + "type": "string" + }, + "PortfolioId": { + "markdownDescription": "The portfolio identifier.", + "title": "PortfolioId", + "type": "string" + }, + "PrincipalARN": { + "markdownDescription": "The ARN of the principal ( IAM user, role, or group).", + "title": "PrincipalARN", + "type": "string" + }, + "PrincipalType": { + "markdownDescription": "The principal type. The supported values are `IAM` and `IAM_PATTERN` .", + "title": "PrincipalType", + "type": "string" + } + }, + "required": [ + "PortfolioId", + "PrincipalARN", + "PrincipalType" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ServiceCatalog::PortfolioPrincipalAssociation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::ServiceCatalog::PortfolioProductAssociation": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AcceptLanguage": { + "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", + "title": "AcceptLanguage", + "type": "string" + }, + "PortfolioId": { + "markdownDescription": "The portfolio identifier.", + "title": "PortfolioId", + "type": "string" + }, + "ProductId": { + "markdownDescription": "The product identifier.", + "title": "ProductId", + "type": "string" + }, + "SourcePortfolioId": { + "markdownDescription": "The identifier of the source portfolio.", + "title": "SourcePortfolioId", + "type": "string" + } + }, + "required": [ + "PortfolioId", + "ProductId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ServiceCatalog::PortfolioProductAssociation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::ServiceCatalog::PortfolioShare": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AcceptLanguage": { + "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", + "title": "AcceptLanguage", + "type": "string" + }, + "AccountId": { + "markdownDescription": "The AWS account ID. For example, `123456789012` .", + "title": "AccountId", + "type": "string" + }, + "PortfolioId": { + "markdownDescription": "The portfolio identifier.", + "title": "PortfolioId", + "type": "string" + }, + "ShareTagOptions": { + "markdownDescription": "Indicates whether TagOptions sharing is enabled or disabled for the portfolio share.", + "title": "ShareTagOptions", + "type": "boolean" + } + }, + "required": [ + "AccountId", + "PortfolioId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ServiceCatalog::PortfolioShare" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::ServiceCatalog::ResourceUpdateConstraint": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AcceptLanguage": { + "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", + "title": "AcceptLanguage", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the constraint.", + "title": "Description", + "type": "string" + }, + "PortfolioId": { + "markdownDescription": "The portfolio identifier.", + "title": "PortfolioId", + "type": "string" + }, + "ProductId": { + "markdownDescription": "The product identifier.", + "title": "ProductId", + "type": "string" + }, + "TagUpdateOnProvisionedProduct": { + "markdownDescription": "If set to `ALLOWED` , lets users change tags in a [CloudFormationProvisionedProduct](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicecatalog-cloudformationprovisionedproduct.html) resource.\n\nIf set to `NOT_ALLOWED` , prevents users from changing tags in a [CloudFormationProvisionedProduct](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicecatalog-cloudformationprovisionedproduct.html) resource.", + "title": "TagUpdateOnProvisionedProduct", + "type": "string" + } + }, + "required": [ + "PortfolioId", + "ProductId", + "TagUpdateOnProvisionedProduct" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ServiceCatalog::ResourceUpdateConstraint" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::ServiceCatalog::ServiceAction": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AcceptLanguage": { + "markdownDescription": "The language code.\n\n- `en` - English (default)\n- `jp` - Japanese\n- `zh` - Chinese", + "title": "AcceptLanguage", + "type": "string" + }, + "Definition": { + "items": { + "$ref": "#/definitions/AWS::ServiceCatalog::ServiceAction.DefinitionParameter" + }, + "markdownDescription": "A map that defines the self-service action.", + "title": "Definition", + "type": "array" + }, + "DefinitionType": { + "markdownDescription": "The self-service action definition type. For example, `SSM_AUTOMATION` .", + "title": "DefinitionType", + "type": "string" + }, + "Description": { + "markdownDescription": "The self-service action description.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The self-service action name.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Definition", + "DefinitionType", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ServiceCatalog::ServiceAction" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::ServiceCatalog::ServiceAction.DefinitionParameter": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The parameter key.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the parameter.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::ServiceCatalog::ServiceActionAssociation": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ProductId": { + "markdownDescription": "The product identifier. For example, `prod-abcdzk7xy33qa` .", + "title": "ProductId", + "type": "string" + }, + "ProvisioningArtifactId": { + "markdownDescription": "The identifier of the provisioning artifact. For example, `pa-4abcdjnxjj6ne` .", + "title": "ProvisioningArtifactId", + "type": "string" + }, + "ServiceActionId": { + "markdownDescription": "The self-service action identifier. For example, `act-fs7abcd89wxyz` .", + "title": "ServiceActionId", + "type": "string" + } + }, + "required": [ + "ProductId", + "ProvisioningArtifactId", + "ServiceActionId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ServiceCatalog::ServiceActionAssociation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::ServiceCatalog::StackSetConstraint": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AcceptLanguage": { + "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", + "title": "AcceptLanguage", + "type": "string" + }, + "AccountList": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more AWS accounts that will have access to the provisioned product.", + "title": "AccountList", + "type": "array" + }, + "AdminRole": { + "markdownDescription": "AdminRole ARN", + "title": "AdminRole", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the constraint.", + "title": "Description", + "type": "string" + }, + "ExecutionRole": { + "markdownDescription": "ExecutionRole name", + "title": "ExecutionRole", + "type": "string" + }, + "PortfolioId": { + "markdownDescription": "The portfolio identifier.", + "title": "PortfolioId", + "type": "string" + }, + "ProductId": { + "markdownDescription": "The product identifier.", + "title": "ProductId", + "type": "string" + }, + "RegionList": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more AWS Regions where the provisioned product will be available.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nThe specified Regions should be within the list of Regions from the `STACKSET` constraint. To get the list of Regions in the `STACKSET` constraint, use the `DescribeProvisioningParameters` operation.\n\nIf no values are specified, the default value is all Regions from the `STACKSET` constraint.", + "title": "RegionList", + "type": "array" + }, + "StackInstanceControl": { + "markdownDescription": "Permission to create, update, and delete stack instances. Choose from ALLOWED and NOT_ALLOWED.", + "title": "StackInstanceControl", + "type": "string" + } + }, + "required": [ + "AccountList", + "AdminRole", + "Description", + "ExecutionRole", + "PortfolioId", + "ProductId", + "RegionList", + "StackInstanceControl" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ServiceCatalog::StackSetConstraint" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::ServiceCatalog::TagOption": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Active": { + "markdownDescription": "The TagOption active state.", + "title": "Active", + "type": "boolean" + }, + "Key": { + "markdownDescription": "The TagOption key.", + "title": "Key", "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the launch role.\n\nYou are required to specify `RoleArn` or `LocalRoleName` but can't use both.", - "title": "RoleArn", + "Value": { + "markdownDescription": "The TagOption value.", + "title": "Value", "type": "string" } }, "required": [ - "PortfolioId", - "ProductId" + "Key", + "Value" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::LaunchRoleConstraint" + "AWS::ServiceCatalog::TagOption" ], "type": "string" }, @@ -257826,7 +307944,7 @@ ], "type": "object" }, - "AWS::ServiceCatalog::LaunchTemplateConstraint": { + "AWS::ServiceCatalog::TagOptionAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -257861,42 +307979,26 @@ "Properties": { "additionalProperties": false, "properties": { - "AcceptLanguage": { - "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", - "title": "AcceptLanguage", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the constraint.", - "title": "Description", - "type": "string" - }, - "PortfolioId": { - "markdownDescription": "The portfolio identifier.", - "title": "PortfolioId", - "type": "string" - }, - "ProductId": { - "markdownDescription": "The product identifier.", - "title": "ProductId", + "ResourceId": { + "markdownDescription": "The resource identifier.", + "title": "ResourceId", "type": "string" }, - "Rules": { - "markdownDescription": "The constraint rules.", - "title": "Rules", + "TagOptionId": { + "markdownDescription": "The TagOption identifier.", + "title": "TagOptionId", "type": "string" } }, "required": [ - "PortfolioId", - "ProductId", - "Rules" + "ResourceId", + "TagOptionId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::LaunchTemplateConstraint" + "AWS::ServiceCatalog::TagOptionAssociation" ], "type": "string" }, @@ -257915,7 +308017,7 @@ ], "type": "object" }, - "AWS::ServiceCatalog::Portfolio": { + "AWS::ServiceCatalogAppRegistry::Application": { "additionalProperties": false, "properties": { "Condition": { @@ -257950,44 +308052,36 @@ "Properties": { "additionalProperties": false, "properties": { - "AcceptLanguage": { - "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", - "title": "AcceptLanguage", - "type": "string" - }, "Description": { - "markdownDescription": "The description of the portfolio.", + "markdownDescription": "The description of the application.", "title": "Description", "type": "string" }, - "DisplayName": { - "markdownDescription": "The name to use for display purposes.", - "title": "DisplayName", - "type": "string" - }, - "ProviderName": { - "markdownDescription": "The name of the portfolio provider.", - "title": "ProviderName", + "Name": { + "markdownDescription": "The name of the application. The name must be unique in the region in which you are creating the application.", + "title": "Name", "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "Key-value pairs you can use to associate with the application.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "One or more tags.", "title": "Tags", - "type": "array" + "type": "object" } }, "required": [ - "DisplayName", - "ProviderName" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::Portfolio" + "AWS::ServiceCatalogAppRegistry::Application" ], "type": "string" }, @@ -258006,7 +308100,7 @@ ], "type": "object" }, - "AWS::ServiceCatalog::PortfolioPrincipalAssociation": { + "AWS::ServiceCatalogAppRegistry::AttributeGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -258041,37 +308135,42 @@ "Properties": { "additionalProperties": false, "properties": { - "AcceptLanguage": { - "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", - "title": "AcceptLanguage", - "type": "string" + "Attributes": { + "markdownDescription": "A nested object in a JSON or YAML template that supports arbitrary definitions. Represents the attributes in an attribute group that describes an application and its components.", + "title": "Attributes", + "type": "object" }, - "PortfolioId": { - "markdownDescription": "The portfolio identifier.", - "title": "PortfolioId", + "Description": { + "markdownDescription": "The description of the attribute group that the user provides.", + "title": "Description", "type": "string" }, - "PrincipalARN": { - "markdownDescription": "The ARN of the principal ( IAM user, role, or group).", - "title": "PrincipalARN", + "Name": { + "markdownDescription": "The name of the attribute group.", + "title": "Name", "type": "string" }, - "PrincipalType": { - "markdownDescription": "The principal type. The supported values are `IAM` and `IAM_PATTERN` .", - "title": "PrincipalType", - "type": "string" + "Tags": { + "additionalProperties": true, + "markdownDescription": "Key-value pairs you can use to associate with the attribute group.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" } }, "required": [ - "PortfolioId", - "PrincipalARN", - "PrincipalType" + "Attributes", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::PortfolioPrincipalAssociation" + "AWS::ServiceCatalogAppRegistry::AttributeGroup" ], "type": "string" }, @@ -258090,7 +308189,7 @@ ], "type": "object" }, - "AWS::ServiceCatalog::PortfolioProductAssociation": { + "AWS::ServiceCatalogAppRegistry::AttributeGroupAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -258125,36 +308224,26 @@ "Properties": { "additionalProperties": false, "properties": { - "AcceptLanguage": { - "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", - "title": "AcceptLanguage", - "type": "string" - }, - "PortfolioId": { - "markdownDescription": "The portfolio identifier.", - "title": "PortfolioId", - "type": "string" - }, - "ProductId": { - "markdownDescription": "The product identifier.", - "title": "ProductId", + "Application": { + "markdownDescription": "The name or ID of the application.", + "title": "Application", "type": "string" }, - "SourcePortfolioId": { - "markdownDescription": "The identifier of the source portfolio.", - "title": "SourcePortfolioId", + "AttributeGroup": { + "markdownDescription": "The name or ID of the attribute group which holds the attributes that describe the application.", + "title": "AttributeGroup", "type": "string" } }, "required": [ - "PortfolioId", - "ProductId" + "Application", + "AttributeGroup" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::PortfolioProductAssociation" + "AWS::ServiceCatalogAppRegistry::AttributeGroupAssociation" ], "type": "string" }, @@ -258173,7 +308262,7 @@ ], "type": "object" }, - "AWS::ServiceCatalog::PortfolioShare": { + "AWS::ServiceCatalogAppRegistry::ResourceAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -258208,36 +308297,32 @@ "Properties": { "additionalProperties": false, "properties": { - "AcceptLanguage": { - "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", - "title": "AcceptLanguage", + "Application": { + "markdownDescription": "The name or ID of the application.", + "title": "Application", "type": "string" }, - "AccountId": { - "markdownDescription": "The AWS account ID. For example, `123456789012` .", - "title": "AccountId", + "Resource": { + "markdownDescription": "The name or ID of the resource of which the application will be associated.", + "title": "Resource", "type": "string" }, - "PortfolioId": { - "markdownDescription": "The portfolio identifier.", - "title": "PortfolioId", + "ResourceType": { + "markdownDescription": "The type of resource of which the application will be associated.", + "title": "ResourceType", "type": "string" - }, - "ShareTagOptions": { - "markdownDescription": "Indicates whether TagOptions sharing is enabled or disabled for the portfolio share.", - "title": "ShareTagOptions", - "type": "boolean" } }, "required": [ - "AccountId", - "PortfolioId" + "Application", + "Resource", + "ResourceType" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::PortfolioShare" + "AWS::ServiceCatalogAppRegistry::ResourceAssociation" ], "type": "string" }, @@ -258256,7 +308341,7 @@ ], "type": "object" }, - "AWS::ServiceCatalog::ResourceUpdateConstraint": { + "AWS::ServiceDiscovery::HttpNamespace": { "additionalProperties": false, "properties": { "Condition": { @@ -258291,42 +308376,33 @@ "Properties": { "additionalProperties": false, "properties": { - "AcceptLanguage": { - "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", - "title": "AcceptLanguage", - "type": "string" - }, "Description": { - "markdownDescription": "The description of the constraint.", + "markdownDescription": "A description for the namespace.", "title": "Description", "type": "string" }, - "PortfolioId": { - "markdownDescription": "The portfolio identifier.", - "title": "PortfolioId", - "type": "string" - }, - "ProductId": { - "markdownDescription": "The product identifier.", - "title": "ProductId", + "Name": { + "markdownDescription": "The name that you want to assign to this namespace.", + "title": "Name", "type": "string" }, - "TagUpdateOnProvisionedProduct": { - "markdownDescription": "If set to `ALLOWED` , lets users change tags in a [CloudFormationProvisionedProduct](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicecatalog-cloudformationprovisionedproduct.html) resource.\n\nIf set to `NOT_ALLOWED` , prevents users from changing tags in a [CloudFormationProvisionedProduct](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicecatalog-cloudformationprovisionedproduct.html) resource.", - "title": "TagUpdateOnProvisionedProduct", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the namespace. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.", + "title": "Tags", + "type": "array" } }, "required": [ - "PortfolioId", - "ProductId", - "TagUpdateOnProvisionedProduct" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::ResourceUpdateConstraint" + "AWS::ServiceDiscovery::HttpNamespace" ], "type": "string" }, @@ -258345,7 +308421,7 @@ ], "type": "object" }, - "AWS::ServiceCatalog::ServiceAction": { + "AWS::ServiceDiscovery::Instance": { "additionalProperties": false, "properties": { "Condition": { @@ -258380,45 +308456,31 @@ "Properties": { "additionalProperties": false, "properties": { - "AcceptLanguage": { - "markdownDescription": "The language code.\n\n- `en` - English (default)\n- `jp` - Japanese\n- `zh` - Chinese", - "title": "AcceptLanguage", - "type": "string" - }, - "Definition": { - "items": { - "$ref": "#/definitions/AWS::ServiceCatalog::ServiceAction.DefinitionParameter" - }, - "markdownDescription": "A map that defines the self-service action.", - "title": "Definition", - "type": "array" - }, - "DefinitionType": { - "markdownDescription": "The self-service action definition type. For example, `SSM_AUTOMATION` .", - "title": "DefinitionType", - "type": "string" + "InstanceAttributes": { + "markdownDescription": "A string map that contains the following information for the service that you specify in `ServiceId` :\n\n- The attributes that apply to the records that are defined in the service.\n- For each attribute, the applicable value.\n\nSupported attribute keys include the following:\n\n- **AWS_ALIAS_DNS_NAME** - If you want AWS Cloud Map to create a Route\u00a053 alias record that routes traffic to an Elastic Load Balancing load balancer, specify the DNS name that is associated with the load balancer. For information about how to get the DNS name, see [AliasTarget->DNSName](https://docs.aws.amazon.com/Route53/latest/APIReference/API_AliasTarget.html#Route53-Type-AliasTarget-DNSName) in the *Route\u00a053 API Reference* .\n\nNote the following:\n\n- The configuration for the service that is specified by `ServiceId` must include settings for an `A` record, an `AAAA` record, or both.\n- In the service that is specified by `ServiceId` , the value of `RoutingPolicy` must be `WEIGHTED` .\n- If the service that is specified by `ServiceId` includes `HealthCheckConfig` settings, AWS Cloud Map will create the health check, but it won't associate the health check with the alias record.\n- Auto naming currently doesn't support creating alias records that route traffic to AWS resources other than ELB load balancers.\n- If you specify a value for `AWS_ALIAS_DNS_NAME` , don't specify values for any of the `AWS_INSTANCE` attributes.\n- **AWS_EC2_INSTANCE_ID** - *HTTP namespaces only.* The Amazon EC2 instance ID for the instance. The `AWS_INSTANCE_IPV4` attribute contains the primary private IPv4 address. When creating resources with a type of [AWS::ServiceDiscovery::Instance](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicediscovery-instance.html) , if the `AWS_EC2_INSTANCE_ID` attribute is specified, the only other attribute that can be specified is `AWS_INIT_HEALTH_STATUS` . After the resource has been created, the `AWS_INSTANCE_IPV4` attribute contains the primary private IPv4 address.\n- **AWS_INIT_HEALTH_STATUS** - If the service configuration includes `HealthCheckCustomConfig` , when creating resources with a type of [AWS::ServiceDiscovery::Instance](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicediscovery-instance.html) you can optionally use `AWS_INIT_HEALTH_STATUS` to specify the initial status of the custom health check, `HEALTHY` or `UNHEALTHY` . If you don't specify a value for `AWS_INIT_HEALTH_STATUS` , the initial status is `HEALTHY` . This attribute can only be used when creating resources and will not be seen on existing resources.\n- **AWS_INSTANCE_CNAME** - If the service configuration includes a `CNAME` record, the domain name that you want Route\u00a053 to return in response to DNS queries, for example, `example.com` .\n\nThis value is required if the service specified by `ServiceId` includes settings for an `CNAME` record.\n- **AWS_INSTANCE_IPV4** - If the service configuration includes an `A` record, the IPv4 address that you want Route\u00a053 to return in response to DNS queries, for example, `192.0.2.44` .\n\nThis value is required if the service specified by `ServiceId` includes settings for an `A` record. If the service includes settings for an `SRV` record, you must specify a value for `AWS_INSTANCE_IPV4` , `AWS_INSTANCE_IPV6` , or both.\n- **AWS_INSTANCE_IPV6** - If the service configuration includes an `AAAA` record, the IPv6 address that you want Route\u00a053 to return in response to DNS queries, for example, `2001:0db8:85a3:0000:0000:abcd:0001:2345` .\n\nThis value is required if the service specified by `ServiceId` includes settings for an `AAAA` record. If the service includes settings for an `SRV` record, you must specify a value for `AWS_INSTANCE_IPV4` , `AWS_INSTANCE_IPV6` , or both.\n- **AWS_INSTANCE_PORT** - If the service includes an `SRV` record, the value that you want Route\u00a053 to return for the port.\n\nIf the service includes `HealthCheckConfig` , the port on the endpoint that you want Route\u00a053 to send requests to.\n\nThis value is required if you specified settings for an `SRV` record or a Route\u00a053 health check when you created the service.", + "title": "InstanceAttributes", + "type": "object" }, - "Description": { - "markdownDescription": "The self-service action description.", - "title": "Description", + "InstanceId": { + "markdownDescription": "An identifier that you want to associate with the instance. Note the following:\n\n- If the service that's specified by `ServiceId` includes settings for an `SRV` record, the value of `InstanceId` is automatically included as part of the value for the `SRV` record. For more information, see [DnsRecord > Type](https://docs.aws.amazon.com/cloud-map/latest/api/API_DnsRecord.html#cloudmap-Type-DnsRecord-Type) .\n- You can use this value to update an existing instance.\n- To register a new instance, you must specify a value that's unique among instances that you register by using the same service.\n- If you specify an existing `InstanceId` and `ServiceId` , AWS Cloud Map updates the existing DNS records, if any. If there's also an existing health check, AWS Cloud Map deletes the old health check and creates a new one.\n\n> The health check isn't deleted immediately, so it will still appear for a while if you submit a `ListHealthChecks` request, for example.\n\n> Do not include sensitive information in `InstanceId` if the namespace is discoverable by public DNS queries and any `Type` member of `DnsRecord` for the service contains `SRV` because the `InstanceId` is discoverable by public DNS queries.", + "title": "InstanceId", "type": "string" }, - "Name": { - "markdownDescription": "The self-service action name.", - "title": "Name", + "ServiceId": { + "markdownDescription": "The ID of the service that you want to use for settings for the instance.", + "title": "ServiceId", "type": "string" } }, "required": [ - "Definition", - "DefinitionType", - "Name" + "InstanceAttributes", + "ServiceId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::ServiceAction" + "AWS::ServiceDiscovery::Instance" ], "type": "string" }, @@ -258437,27 +308499,7 @@ ], "type": "object" }, - "AWS::ServiceCatalog::ServiceAction.DefinitionParameter": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "The parameter key.", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "The value of the parameter.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - }, - "AWS::ServiceCatalog::ServiceActionAssociation": { + "AWS::ServiceDiscovery::PrivateDnsNamespace": { "additionalProperties": false, "properties": { "Condition": { @@ -258492,32 +308534,44 @@ "Properties": { "additionalProperties": false, "properties": { - "ProductId": { - "markdownDescription": "The product identifier. For example, `prod-abcdzk7xy33qa` .", - "title": "ProductId", + "Description": { + "markdownDescription": "A description for the namespace.", + "title": "Description", "type": "string" }, - "ProvisioningArtifactId": { - "markdownDescription": "The identifier of the provisioning artifact. For example, `pa-4abcdjnxjj6ne` .", - "title": "ProvisioningArtifactId", + "Name": { + "markdownDescription": "The name that you want to assign to this namespace. When you create a private DNS namespace, AWS Cloud Map automatically creates an Amazon Route\u00a053 private hosted zone that has the same name as the namespace.", + "title": "Name", "type": "string" }, - "ServiceActionId": { - "markdownDescription": "The self-service action identifier. For example, `act-fs7abcd89wxyz` .", - "title": "ServiceActionId", + "Properties": { + "$ref": "#/definitions/AWS::ServiceDiscovery::PrivateDnsNamespace.Properties", + "markdownDescription": "Properties for the private DNS namespace.", + "title": "Properties" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the namespace. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.", + "title": "Tags", + "type": "array" + }, + "Vpc": { + "markdownDescription": "The ID of the Amazon VPC that you want to associate the namespace with.", + "title": "Vpc", "type": "string" } }, "required": [ - "ProductId", - "ProvisioningArtifactId", - "ServiceActionId" + "Name", + "Vpc" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::ServiceActionAssociation" + "AWS::ServiceDiscovery::PrivateDnsNamespace" ], "type": "string" }, @@ -258536,7 +308590,40 @@ ], "type": "object" }, - "AWS::ServiceCatalog::StackSetConstraint": { + "AWS::ServiceDiscovery::PrivateDnsNamespace.PrivateDnsPropertiesMutable": { + "additionalProperties": false, + "properties": { + "SOA": { + "$ref": "#/definitions/AWS::ServiceDiscovery::PrivateDnsNamespace.SOA", + "markdownDescription": "Fields for the Start of Authority (SOA) record for the hosted zone for the private DNS namespace.", + "title": "SOA" + } + }, + "type": "object" + }, + "AWS::ServiceDiscovery::PrivateDnsNamespace.Properties": { + "additionalProperties": false, + "properties": { + "DnsProperties": { + "$ref": "#/definitions/AWS::ServiceDiscovery::PrivateDnsNamespace.PrivateDnsPropertiesMutable", + "markdownDescription": "DNS properties for the private DNS namespace.", + "title": "DnsProperties" + } + }, + "type": "object" + }, + "AWS::ServiceDiscovery::PrivateDnsNamespace.SOA": { + "additionalProperties": false, + "properties": { + "TTL": { + "markdownDescription": "The time to live (TTL) for purposes of negative caching.", + "title": "TTL", + "type": "number" + } + }, + "type": "object" + }, + "AWS::ServiceDiscovery::PublicDnsNamespace": { "additionalProperties": false, "properties": { "Condition": { @@ -258571,73 +308658,38 @@ "Properties": { "additionalProperties": false, "properties": { - "AcceptLanguage": { - "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", - "title": "AcceptLanguage", - "type": "string" - }, - "AccountList": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more AWS accounts that will have access to the provisioned product.", - "title": "AccountList", - "type": "array" - }, - "AdminRole": { - "markdownDescription": "AdminRole ARN", - "title": "AdminRole", - "type": "string" - }, "Description": { - "markdownDescription": "The description of the constraint.", + "markdownDescription": "A description for the namespace.", "title": "Description", "type": "string" }, - "ExecutionRole": { - "markdownDescription": "ExecutionRole name", - "title": "ExecutionRole", - "type": "string" - }, - "PortfolioId": { - "markdownDescription": "The portfolio identifier.", - "title": "PortfolioId", + "Name": { + "markdownDescription": "The name that you want to assign to this namespace.\n\n> Do not include sensitive information in the name. The name is publicly available using DNS queries.", + "title": "Name", "type": "string" }, - "ProductId": { - "markdownDescription": "The product identifier.", - "title": "ProductId", - "type": "string" + "Properties": { + "$ref": "#/definitions/AWS::ServiceDiscovery::PublicDnsNamespace.Properties", + "markdownDescription": "Properties for the public DNS namespace.", + "title": "Properties" }, - "RegionList": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "One or more AWS Regions where the provisioned product will be available.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nThe specified Regions should be within the list of Regions from the `STACKSET` constraint. To get the list of Regions in the `STACKSET` constraint, use the `DescribeProvisioningParameters` operation.\n\nIf no values are specified, the default value is all Regions from the `STACKSET` constraint.", - "title": "RegionList", + "markdownDescription": "The tags for the namespace. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.", + "title": "Tags", "type": "array" - }, - "StackInstanceControl": { - "markdownDescription": "Permission to create, update, and delete stack instances. Choose from ALLOWED and NOT_ALLOWED.", - "title": "StackInstanceControl", - "type": "string" } }, "required": [ - "AccountList", - "AdminRole", - "Description", - "ExecutionRole", - "PortfolioId", - "ProductId", - "RegionList", - "StackInstanceControl" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::StackSetConstraint" + "AWS::ServiceDiscovery::PublicDnsNamespace" ], "type": "string" }, @@ -258656,7 +308708,40 @@ ], "type": "object" }, - "AWS::ServiceCatalog::TagOption": { + "AWS::ServiceDiscovery::PublicDnsNamespace.Properties": { + "additionalProperties": false, + "properties": { + "DnsProperties": { + "$ref": "#/definitions/AWS::ServiceDiscovery::PublicDnsNamespace.PublicDnsPropertiesMutable", + "markdownDescription": "DNS properties for the public DNS namespace.", + "title": "DnsProperties" + } + }, + "type": "object" + }, + "AWS::ServiceDiscovery::PublicDnsNamespace.PublicDnsPropertiesMutable": { + "additionalProperties": false, + "properties": { + "SOA": { + "$ref": "#/definitions/AWS::ServiceDiscovery::PublicDnsNamespace.SOA", + "markdownDescription": "Start of Authority (SOA) record for the hosted zone for the public DNS namespace.", + "title": "SOA" + } + }, + "type": "object" + }, + "AWS::ServiceDiscovery::PublicDnsNamespace.SOA": { + "additionalProperties": false, + "properties": { + "TTL": { + "markdownDescription": "The time to live (TTL) for purposes of negative caching.", + "title": "TTL", + "type": "number" + } + }, + "type": "object" + }, + "AWS::ServiceDiscovery::Service": { "additionalProperties": false, "properties": { "Condition": { @@ -258691,31 +308776,60 @@ "Properties": { "additionalProperties": false, "properties": { - "Active": { - "markdownDescription": "The TagOption active state.", - "title": "Active", - "type": "boolean" + "Description": { + "markdownDescription": "The description of the service.", + "title": "Description", + "type": "string" }, - "Key": { - "markdownDescription": "The TagOption key.", - "title": "Key", + "DnsConfig": { + "$ref": "#/definitions/AWS::ServiceDiscovery::Service.DnsConfig", + "markdownDescription": "A complex type that contains information about the Route\u00a053 DNS records that you want AWS Cloud Map to create when you register an instance.\n\n> The record types of a service can only be changed by deleting the service and recreating it with a new `Dnsconfig` .", + "title": "DnsConfig" + }, + "HealthCheckConfig": { + "$ref": "#/definitions/AWS::ServiceDiscovery::Service.HealthCheckConfig", + "markdownDescription": "*Public DNS and HTTP namespaces only.* A complex type that contains settings for an optional health check. If you specify settings for a health check, AWS Cloud Map associates the health check with the records that you specify in `DnsConfig` .\n\nFor information about the charges for health checks, see [Amazon Route\u00a053 Pricing](https://docs.aws.amazon.com/route53/pricing/) .", + "title": "HealthCheckConfig" + }, + "HealthCheckCustomConfig": { + "$ref": "#/definitions/AWS::ServiceDiscovery::Service.HealthCheckCustomConfig", + "markdownDescription": "A complex type that contains information about an optional custom health check.\n\n> If you specify a health check configuration, you can specify either `HealthCheckCustomConfig` or `HealthCheckConfig` but not both.", + "title": "HealthCheckCustomConfig" + }, + "Name": { + "markdownDescription": "The name of the service.", + "title": "Name", "type": "string" }, - "Value": { - "markdownDescription": "The TagOption value.", - "title": "Value", + "NamespaceId": { + "markdownDescription": "The ID of the namespace that was used to create the service.\n\n> You must specify a value for `NamespaceId` either for the service properties or for [DnsConfig](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-servicediscovery-service-dnsconfig.html) . Don't specify a value in both places.", + "title": "NamespaceId", + "type": "string" + }, + "ServiceAttributes": { + "markdownDescription": "A string map that contains the following information for the service:\n\n- The attributes that apply to the service\n- For each attribute, the applicable value.\n\nYou can specify a total of 30 attributes.", + "title": "ServiceAttributes", + "type": "object" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the service. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "If present, specifies that the service instances are only discoverable using the `DiscoverInstances` API operation. No DNS records is registered for the service instances. The only valid value is `HTTP` .", + "title": "Type", "type": "string" } }, - "required": [ - "Key", - "Value" - ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::TagOption" + "AWS::ServiceDiscovery::Service" ], "type": "string" }, @@ -258729,12 +308843,93 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::ServiceCatalog::TagOptionAssociation": { + "AWS::ServiceDiscovery::Service.DnsConfig": { + "additionalProperties": false, + "properties": { + "DnsRecords": { + "items": { + "$ref": "#/definitions/AWS::ServiceDiscovery::Service.DnsRecord" + }, + "markdownDescription": "An array that contains one `DnsRecord` object for each Route\u00a053 DNS record that you want AWS Cloud Map to create when you register an instance.\n\n> The record type of a service can't be updated directly and can only be changed by deleting the service and recreating it with a new `DnsConfig` .", + "title": "DnsRecords", + "type": "array" + }, + "NamespaceId": { + "markdownDescription": "The ID of the namespace to use for DNS configuration.\n\n> You must specify a value for `NamespaceId` either for `DnsConfig` or for the [service properties](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicediscovery-service.html) . Don't specify a value in both places.", + "title": "NamespaceId", + "type": "string" + }, + "RoutingPolicy": { + "markdownDescription": "The routing policy that you want to apply to all Route\u00a053 DNS records that AWS Cloud Map creates when you register an instance and specify this service.\n\n> If you want to use this service to register instances that create alias records, specify `WEIGHTED` for the routing policy. \n\nYou can specify the following values:\n\n- **MULTIVALUE** - If you define a health check for the service and the health check is healthy, Route\u00a053 returns the applicable value for up to eight instances.\n\nFor example, suppose that the service includes configurations for one `A` record and a health check. You use the service to register 10 instances. Route\u00a053 responds to DNS queries with IP addresses for up to eight healthy instances. If fewer than eight instances are healthy, Route\u00a053 responds to every DNS query with the IP addresses for all of the healthy instances.\n\nIf you don't define a health check for the service, Route\u00a053 assumes that all instances are healthy and returns the values for up to eight instances.\n\nFor more information about the multivalue routing policy, see [Multivalue Answer Routing](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html#routing-policy-multivalue) in the *Route\u00a053 Developer Guide* .\n- **WEIGHTED** - Route\u00a053 returns the applicable value from one randomly selected instance from among the instances that you registered using the same service. Currently, all records have the same weight, so you can't route more or less traffic to any instances.\n\nFor example, suppose that the service includes configurations for one `A` record and a health check. You use the service to register 10 instances. Route\u00a053 responds to DNS queries with the IP address for one randomly selected instance from among the healthy instances. If no instances are healthy, Route\u00a053 responds to DNS queries as if all of the instances were healthy.\n\nIf you don't define a health check for the service, Route\u00a053 assumes that all instances are healthy and returns the applicable value for one randomly selected instance.\n\nFor more information about the weighted routing policy, see [Weighted Routing](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html#routing-policy-weighted) in the *Route\u00a053 Developer Guide* .", + "title": "RoutingPolicy", + "type": "string" + } + }, + "required": [ + "DnsRecords" + ], + "type": "object" + }, + "AWS::ServiceDiscovery::Service.DnsRecord": { + "additionalProperties": false, + "properties": { + "TTL": { + "markdownDescription": "The amount of time, in seconds, that you want DNS resolvers to cache the settings for this record.\n\n> Alias records don't include a TTL because Route\u00a053 uses the TTL for the AWS resource that an alias record routes traffic to. If you include the `AWS_ALIAS_DNS_NAME` attribute when you submit a [RegisterInstance](https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html) request, the `TTL` value is ignored. Always specify a TTL for the service; you can use a service to register instances that create either alias or non-alias records.", + "title": "TTL", + "type": "number" + }, + "Type": { + "markdownDescription": "The type of the resource, which indicates the type of value that Route 53 returns in response to DNS queries. You can specify values for `Type` in the following combinations:\n\n- `A`\n- `AAAA`\n- `A` and `AAAA`\n- `SRV`\n- `CNAME`\n\nIf you want AWS Cloud Map to create a Route 53 alias record when you register an instance, specify `A` or `AAAA` for `Type` .\n\nYou specify other settings, such as the IP address for `A` and `AAAA` records, when you register an instance. For more information, see [RegisterInstance](https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html) .\n\nThe following values are supported:\n\n- **A** - Route 53 returns the IP address of the resource in IPv4 format, such as 192.0.2.44.\n- **AAAA** - Route 53 returns the IP address of the resource in IPv6 format, such as 2001:0db8:85a3:0000:0000:abcd:0001:2345.\n- **CNAME** - Route 53 returns the domain name of the resource, such as www.example.com. Note the following:\n\n- You specify the domain name that you want to route traffic to when you register an instance. For more information, see [Attributes](https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html#cloudmap-RegisterInstance-request-Attributes) in the topic [RegisterInstance](https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html) .\n- You must specify `WEIGHTED` for the value of `RoutingPolicy` .\n- You can't specify both `CNAME` for `Type` and settings for `HealthCheckConfig` . If you do, the request will fail with an `InvalidInput` error.\n- **SRV** - Route 53 returns the value for an `SRV` record. The value for an `SRV` record uses the following values:\n\n`priority weight port service-hostname`\n\nNote the following about the values:\n\n- The values of `priority` and `weight` are both set to `1` and can't be changed.\n- The value of `port` comes from the value that you specify for the `AWS_INSTANCE_PORT` attribute when you submit a [RegisterInstance](https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html) request.\n- The value of `service-hostname` is a concatenation of the following values:\n\n- The value that you specify for `InstanceId` when you register an instance.\n- The name of the service.\n- The name of the namespace.\n\nFor example, if the value of `InstanceId` is `test` , the name of the service is `backend` , and the name of the namespace is `example.com` , the value of `service-hostname` is:\n\n`test.backend.example.com`\n\nIf you specify settings for an `SRV` record and if you specify values for `AWS_INSTANCE_IPV4` , `AWS_INSTANCE_IPV6` , or both in the `RegisterInstance` request, AWS Cloud Map automatically creates `A` and/or `AAAA` records that have the same name as the value of `service-hostname` in the `SRV` record. You can ignore these records.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "TTL", + "Type" + ], + "type": "object" + }, + "AWS::ServiceDiscovery::Service.HealthCheckConfig": { + "additionalProperties": false, + "properties": { + "FailureThreshold": { + "markdownDescription": "The number of consecutive health checks that an endpoint must pass or fail for Route\u00a053 to change the current status of the endpoint from unhealthy to healthy or the other way around. For more information, see [How Route\u00a053 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html) in the *Route\u00a053 Developer Guide* .", + "title": "FailureThreshold", + "type": "number" + }, + "ResourcePath": { + "markdownDescription": "The path that you want Route\u00a053 to request when performing health checks. The path can be any value that your endpoint returns an HTTP status code of a 2xx or 3xx format for when the endpoint is healthy. An example file is `/docs/route53-health-check.html` . Route\u00a053 automatically adds the DNS name for the service. If you don't specify a value for `ResourcePath` , the default value is `/` .\n\nIf you specify `TCP` for `Type` , you must *not* specify a value for `ResourcePath` .", + "title": "ResourcePath", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of health check that you want to create, which indicates how Route\u00a053 determines whether an endpoint is healthy.\n\n> You can't change the value of `Type` after you create a health check. \n\nYou can create the following types of health checks:\n\n- *HTTP* : Route\u00a053 tries to establish a TCP connection. If successful, Route\u00a053 submits an HTTP request and waits for an HTTP status code of 200 or greater and less than 400.\n- *HTTPS* : Route\u00a053 tries to establish a TCP connection. If successful, Route\u00a053 submits an HTTPS request and waits for an HTTP status code of 200 or greater and less than 400.\n\n> If you specify HTTPS for the value of `Type` , the endpoint must support TLS v1.0 or later.\n- *TCP* : Route\u00a053 tries to establish a TCP connection.\n\nIf you specify `TCP` for `Type` , don't specify a value for `ResourcePath` .\n\nFor more information, see [How Route\u00a053 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html) in the *Route\u00a053 Developer Guide* .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::ServiceDiscovery::Service.HealthCheckCustomConfig": { + "additionalProperties": false, + "properties": { + "FailureThreshold": { + "markdownDescription": "> This parameter is no longer supported and is always set to 1. AWS Cloud Map waits for approximately 30 seconds after receiving an `UpdateInstanceCustomHealthStatus` request before changing the status of the service instance. \n\nThe number of 30-second intervals that you want AWS Cloud Map to wait after receiving an `UpdateInstanceCustomHealthStatus` request before it changes the health status of a service instance.\n\nSending a second or subsequent `UpdateInstanceCustomHealthStatus` request with the same value before 30 seconds has passed doesn't accelerate the change. AWS Cloud Map still waits `30` seconds after the first request to make the change.", + "title": "FailureThreshold", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Shield::DRTAccess": { "additionalProperties": false, "properties": { "Condition": { @@ -258769,26 +308964,28 @@ "Properties": { "additionalProperties": false, "properties": { - "ResourceId": { - "markdownDescription": "The resource identifier.", - "title": "ResourceId", - "type": "string" + "LogBucketList": { + "items": { + "type": "string" + }, + "markdownDescription": "Authorizes the Shield Response Team (SRT) to access the specified Amazon S3 bucket containing log data such as Application Load Balancer access logs, CloudFront logs, or logs from third party sources. You can associate up to 10 Amazon S3 buckets with your subscription.\n\nUse this to share information with the SRT that's not available in AWS WAF logs.\n\nTo use the services of the SRT, you must be subscribed to the [Business Support plan](https://docs.aws.amazon.com/premiumsupport/business-support/) or the [Enterprise Support plan](https://docs.aws.amazon.com/premiumsupport/enterprise-support/) .", + "title": "LogBucketList", + "type": "array" }, - "TagOptionId": { - "markdownDescription": "The TagOption identifier.", - "title": "TagOptionId", + "RoleArn": { + "markdownDescription": "Authorizes the Shield Response Team (SRT) using the specified role, to access your AWS account to assist with DDoS attack mitigation during potential attacks. This enables the SRT to inspect your AWS WAF configuration and logs and to create or update AWS WAF rules and web ACLs.\n\nYou can associate only one `RoleArn` with your subscription. If you submit this update for an account that already has an associated role, the new `RoleArn` will replace the existing `RoleArn` .\n\nThis change requires the following:\n\n- You must be subscribed to the [Business Support plan](https://docs.aws.amazon.com/premiumsupport/business-support/) or the [Enterprise Support plan](https://docs.aws.amazon.com/premiumsupport/enterprise-support/) .\n- The `AWSShieldDRTAccessPolicy` managed policy must be attached to the role that you specify in the request. You can access this policy in the IAM console at [AWSShieldDRTAccessPolicy](https://docs.aws.amazon.com/iam/home?#/policies/arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy) . For information, see [Adding and removing IAM identity permissions](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_manage-attach-detach.html) .\n- The role must trust the service principal `drt.shield.amazonaws.com` . For information, see [IAM JSON policy elements: Principal](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_principal.html) .\n\nThe SRT will have access only to your AWS WAF and Shield resources. By submitting this request, you provide permissions to the SRT to inspect your AWS WAF and Shield configuration and logs, and to create and update AWS WAF rules and web ACLs on your behalf. The SRT takes these actions only if explicitly authorized by you.", + "title": "RoleArn", "type": "string" } }, "required": [ - "ResourceId", - "TagOptionId" + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::TagOptionAssociation" + "AWS::Shield::DRTAccess" ], "type": "string" }, @@ -258807,7 +309004,7 @@ ], "type": "object" }, - "AWS::ServiceCatalogAppRegistry::Application": { + "AWS::Shield::ProactiveEngagement": { "additionalProperties": false, "properties": { "Condition": { @@ -258842,36 +309039,29 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the application.", - "title": "Description", - "type": "string" + "EmergencyContactList": { + "items": { + "$ref": "#/definitions/AWS::Shield::ProactiveEngagement.EmergencyContact" + }, + "markdownDescription": "The list of email addresses and phone numbers that the Shield Response Team (SRT) can use to contact you for escalations to the SRT and to initiate proactive customer support, plus any relevant notes.\n\nTo enable proactive engagement, the contact list must include at least one phone number.\n\nIf you provide more than one contact, in the notes, indicate the circumstances under which each contact should be used. Include primary and secondary contact designations, and provide the hours of availability and time zones for each contact.\n\nExample contact notes:\n\n- This is a hotline that's staffed 24x7x365. Please work with the responding analyst and they will get the appropriate person on the call.\n- Please contact the secondary phone number if the hotline doesn't respond within 5 minutes.", + "title": "EmergencyContactList", + "type": "array" }, - "Name": { - "markdownDescription": "The name of the application. The name must be unique in the region in which you are creating the application.", - "title": "Name", + "ProactiveEngagementStatus": { + "markdownDescription": "Specifies whether proactive engagement is enabled or disabled.\n\nValid values:\n\n`ENABLED` - The Shield Response Team (SRT) will use email and phone to notify contacts about escalations to the SRT and to initiate proactive customer support.\n\n`DISABLED` - The SRT will not proactively notify contacts about escalations or to initiate proactive customer support.", + "title": "ProactiveEngagementStatus", "type": "string" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Key-value pairs you can use to associate with the application.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" } }, "required": [ - "Name" + "EmergencyContactList", + "ProactiveEngagementStatus" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalogAppRegistry::Application" + "AWS::Shield::ProactiveEngagement" ], "type": "string" }, @@ -258890,7 +309080,31 @@ ], "type": "object" }, - "AWS::ServiceCatalogAppRegistry::AttributeGroup": { + "AWS::Shield::ProactiveEngagement.EmergencyContact": { + "additionalProperties": false, + "properties": { + "ContactNotes": { + "markdownDescription": "Additional notes regarding the contact.", + "title": "ContactNotes", + "type": "string" + }, + "EmailAddress": { + "markdownDescription": "The email address for the contact.", + "title": "EmailAddress", + "type": "string" + }, + "PhoneNumber": { + "markdownDescription": "The phone number for the contact.", + "title": "PhoneNumber", + "type": "string" + } + }, + "required": [ + "EmailAddress" + ], + "type": "object" + }, + "AWS::Shield::Protection": { "additionalProperties": false, "properties": { "Condition": { @@ -258925,42 +309139,47 @@ "Properties": { "additionalProperties": false, "properties": { - "Attributes": { - "markdownDescription": "A nested object in a JSON or YAML template that supports arbitrary definitions. Represents the attributes in an attribute group that describes an application and its components.", - "title": "Attributes", - "type": "object" + "ApplicationLayerAutomaticResponseConfiguration": { + "$ref": "#/definitions/AWS::Shield::Protection.ApplicationLayerAutomaticResponseConfiguration", + "markdownDescription": "The automatic application layer DDoS mitigation settings for the protection. This configuration determines whether Shield Advanced automatically manages rules in the web ACL in order to respond to application layer events that Shield Advanced determines to be DDoS attacks.\n\nIf you use AWS CloudFormation to manage the web ACLs that you use with Shield Advanced automatic mitigation, see the additional guidance about web ACL management in the `AWS::WAFv2::WebACL` resource description.", + "title": "ApplicationLayerAutomaticResponseConfiguration" }, - "Description": { - "markdownDescription": "The description of the attribute group that the user provides.", - "title": "Description", - "type": "string" + "HealthCheckArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The ARN (Amazon Resource Name) of the health check to associate with the protection. Health-based detection provides improved responsiveness and accuracy in attack detection and mitigation.\n\nYou can use this option with any resource type except for Route\u00a053 hosted zones.\n\nFor more information, see [Configuring health-based detection using health checks](https://docs.aws.amazon.com/waf/latest/developerguide/ddos-advanced-health-checks.html) in the *AWS Shield Advanced Developer Guide* .", + "title": "HealthCheckArns", + "type": "array" }, "Name": { - "markdownDescription": "The name of the attribute group.", + "markdownDescription": "The name of the protection. For example, `My CloudFront distributions` .\n\n> If you change the name of an existing protection, Shield Advanced deletes the protection and replaces it with a new one. While this is happening, the protection isn't available on the AWS resource.", "title": "Name", "type": "string" }, + "ResourceArn": { + "markdownDescription": "The ARN (Amazon Resource Name) of the AWS resource that is protected.", + "title": "ResourceArn", + "type": "string" + }, "Tags": { - "additionalProperties": true, - "markdownDescription": "Key-value pairs you can use to associate with the attribute group.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.", "title": "Tags", - "type": "object" + "type": "array" } }, "required": [ - "Attributes", - "Name" + "Name", + "ResourceArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalogAppRegistry::AttributeGroup" + "AWS::Shield::Protection" ], "type": "string" }, @@ -258979,7 +309198,43 @@ ], "type": "object" }, - "AWS::ServiceCatalogAppRegistry::AttributeGroupAssociation": { + "AWS::Shield::Protection.Action": { + "additionalProperties": false, + "properties": { + "Block": { + "markdownDescription": "Specifies that Shield Advanced should configure its AWS WAF rules with the AWS WAF `Block` action.\n\nYou must specify exactly one action, either `Block` or `Count` .\n\nExample JSON: `{ \"Block\": {} }`\n\nExample YAML: `Block: {}`", + "title": "Block", + "type": "object" + }, + "Count": { + "markdownDescription": "Specifies that Shield Advanced should configure its AWS WAF rules with the AWS WAF `Count` action.\n\nYou must specify exactly one action, either `Block` or `Count` .\n\nExample JSON: `{ \"Count\": {} }`\n\nExample YAML: `Count: {}`", + "title": "Count", + "type": "object" + } + }, + "type": "object" + }, + "AWS::Shield::Protection.ApplicationLayerAutomaticResponseConfiguration": { + "additionalProperties": false, + "properties": { + "Action": { + "$ref": "#/definitions/AWS::Shield::Protection.Action", + "markdownDescription": "Specifies the action setting that Shield Advanced should use in the AWS WAF rules that it creates on behalf of the protected resource in response to DDoS attacks. You specify this as part of the configuration for the automatic application layer DDoS mitigation feature, when you enable or update automatic mitigation. Shield Advanced creates the AWS WAF rules in a Shield Advanced-managed rule group, inside the web ACL that you have associated with the resource.", + "title": "Action" + }, + "Status": { + "markdownDescription": "Indicates whether automatic application layer DDoS mitigation is enabled for the protection.", + "title": "Status", + "type": "string" + } + }, + "required": [ + "Action", + "Status" + ], + "type": "object" + }, + "AWS::Shield::ProtectionGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -259014,26 +309269,53 @@ "Properties": { "additionalProperties": false, "properties": { - "Application": { - "markdownDescription": "The name or ID of the application.", - "title": "Application", + "Aggregation": { + "markdownDescription": "Defines how AWS Shield combines resource data for the group in order to detect, mitigate, and report events.\n\n- `Sum` - Use the total traffic across the group. This is a good choice for most cases. Examples include Elastic IP addresses for EC2 instances that scale manually or automatically.\n- `Mean` - Use the average of the traffic across the group. This is a good choice for resources that share traffic uniformly. Examples include accelerators and load balancers.\n- `Max` - Use the highest traffic from each resource. This is useful for resources that don't share traffic and for resources that share that traffic in a non-uniform way. Examples include Amazon CloudFront distributions and origin resources for CloudFront distributions.", + "title": "Aggregation", "type": "string" }, - "AttributeGroup": { - "markdownDescription": "The name or ID of the attribute group which holds the attributes that describe the application.", - "title": "AttributeGroup", + "Members": { + "items": { + "type": "string" + }, + "markdownDescription": "The ARNs (Amazon Resource Names) of the resources to include in the protection group. You must set this when you set `Pattern` to `ARBITRARY` and you must not set it for any other `Pattern` setting.", + "title": "Members", + "type": "array" + }, + "Pattern": { + "markdownDescription": "The criteria to use to choose the protected resources for inclusion in the group. You can include all resources that have protections, provide a list of resource ARNs (Amazon Resource Names), or include all resources of a specified resource type.", + "title": "Pattern", + "type": "string" + }, + "ProtectionGroupId": { + "markdownDescription": "The name of the protection group. You use this to identify the protection group in lists and to manage the protection group, for example to update, delete, or describe it.", + "title": "ProtectionGroupId", + "type": "string" + }, + "ResourceType": { + "markdownDescription": "The resource type to include in the protection group. All protected resources of this type are included in the protection group. You must set this when you set `Pattern` to `BY_RESOURCE_TYPE` and you must not set it for any other `Pattern` setting.", + "title": "ResourceType", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.", + "title": "Tags", + "type": "array" } }, "required": [ - "Application", - "AttributeGroup" + "Aggregation", + "Pattern", + "ProtectionGroupId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalogAppRegistry::AttributeGroupAssociation" + "AWS::Shield::ProtectionGroup" ], "type": "string" }, @@ -259052,7 +309334,7 @@ ], "type": "object" }, - "AWS::ServiceCatalogAppRegistry::ResourceAssociation": { + "AWS::Signer::ProfilePermission": { "additionalProperties": false, "properties": { "Condition": { @@ -259087,32 +309369,43 @@ "Properties": { "additionalProperties": false, "properties": { - "Application": { - "markdownDescription": "The name or ID of the application.", - "title": "Application", + "Action": { + "markdownDescription": "The AWS Signer action permitted as part of cross-account permissions.", + "title": "Action", "type": "string" }, - "Resource": { - "markdownDescription": "The name or ID of the resource of which the application will be associated.", - "title": "Resource", + "Principal": { + "markdownDescription": "The AWS principal receiving cross-account permissions. This may be an IAM role or another AWS account ID.", + "title": "Principal", "type": "string" }, - "ResourceType": { - "markdownDescription": "The type of resource of which the application will be associated.", - "title": "ResourceType", + "ProfileName": { + "markdownDescription": "The human-readable name of the signing profile.", + "title": "ProfileName", + "type": "string" + }, + "ProfileVersion": { + "markdownDescription": "The version of the signing profile.", + "title": "ProfileVersion", + "type": "string" + }, + "StatementId": { + "markdownDescription": "A unique identifier for the cross-account permission statement.", + "title": "StatementId", "type": "string" } }, "required": [ - "Application", - "Resource", - "ResourceType" + "Action", + "Principal", + "ProfileName", + "StatementId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalogAppRegistry::ResourceAssociation" + "AWS::Signer::ProfilePermission" ], "type": "string" }, @@ -259131,7 +309424,7 @@ ], "type": "object" }, - "AWS::ServiceDiscovery::HttpNamespace": { + "AWS::Signer::SigningProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -259166,33 +309459,33 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description for the namespace.", - "title": "Description", + "PlatformId": { + "markdownDescription": "The ID of a platform that is available for use by a signing profile.", + "title": "PlatformId", "type": "string" }, - "Name": { - "markdownDescription": "The name that you want to assign to this namespace.", - "title": "Name", - "type": "string" + "SignatureValidityPeriod": { + "$ref": "#/definitions/AWS::Signer::SigningProfile.SignatureValidityPeriod", + "markdownDescription": "The validity period override for any signature generated using this signing profile. If unspecified, the default is 135 months.", + "title": "SignatureValidityPeriod" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags for the namespace. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.", + "markdownDescription": "A list of tags associated with the signing profile.", "title": "Tags", "type": "array" } }, "required": [ - "Name" + "PlatformId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceDiscovery::HttpNamespace" + "AWS::Signer::SigningProfile" ], "type": "string" }, @@ -259211,7 +309504,23 @@ ], "type": "object" }, - "AWS::ServiceDiscovery::Instance": { + "AWS::Signer::SigningProfile.SignatureValidityPeriod": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "The time unit for signature validity: DAYS | MONTHS | YEARS.", + "title": "Type", + "type": "string" + }, + "Value": { + "markdownDescription": "The numerical value of the time unit for signature validity.", + "title": "Value", + "type": "number" + } + }, + "type": "object" + }, + "AWS::SimSpaceWeaver::Simulation": { "additionalProperties": false, "properties": { "Condition": { @@ -259246,31 +309555,41 @@ "Properties": { "additionalProperties": false, "properties": { - "InstanceAttributes": { - "markdownDescription": "A string map that contains the following information for the service that you specify in `ServiceId` :\n\n- The attributes that apply to the records that are defined in the service.\n- For each attribute, the applicable value.\n\nSupported attribute keys include the following:\n\n- **AWS_ALIAS_DNS_NAME** - If you want AWS Cloud Map to create a Route\u00a053 alias record that routes traffic to an Elastic Load Balancing load balancer, specify the DNS name that is associated with the load balancer. For information about how to get the DNS name, see [AliasTarget->DNSName](https://docs.aws.amazon.com/Route53/latest/APIReference/API_AliasTarget.html#Route53-Type-AliasTarget-DNSName) in the *Route\u00a053 API Reference* .\n\nNote the following:\n\n- The configuration for the service that is specified by `ServiceId` must include settings for an `A` record, an `AAAA` record, or both.\n- In the service that is specified by `ServiceId` , the value of `RoutingPolicy` must be `WEIGHTED` .\n- If the service that is specified by `ServiceId` includes `HealthCheckConfig` settings, AWS Cloud Map will create the health check, but it won't associate the health check with the alias record.\n- Auto naming currently doesn't support creating alias records that route traffic to AWS resources other than ELB load balancers.\n- If you specify a value for `AWS_ALIAS_DNS_NAME` , don't specify values for any of the `AWS_INSTANCE` attributes.\n- **AWS_EC2_INSTANCE_ID** - *HTTP namespaces only.* The Amazon EC2 instance ID for the instance. The `AWS_INSTANCE_IPV4` attribute contains the primary private IPv4 address. When creating resources with a type of [AWS::ServiceDiscovery::Instance](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicediscovery-instance.html) , if the `AWS_EC2_INSTANCE_ID` attribute is specified, the only other attribute that can be specified is `AWS_INIT_HEALTH_STATUS` . After the resource has been created, the `AWS_INSTANCE_IPV4` attribute contains the primary private IPv4 address.\n- **AWS_INIT_HEALTH_STATUS** - If the service configuration includes `HealthCheckCustomConfig` , when creating resources with a type of [AWS::ServiceDiscovery::Instance](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicediscovery-instance.html) you can optionally use `AWS_INIT_HEALTH_STATUS` to specify the initial status of the custom health check, `HEALTHY` or `UNHEALTHY` . If you don't specify a value for `AWS_INIT_HEALTH_STATUS` , the initial status is `HEALTHY` . This attribute can only be used when creating resources and will not be seen on existing resources.\n- **AWS_INSTANCE_CNAME** - If the service configuration includes a `CNAME` record, the domain name that you want Route\u00a053 to return in response to DNS queries, for example, `example.com` .\n\nThis value is required if the service specified by `ServiceId` includes settings for an `CNAME` record.\n- **AWS_INSTANCE_IPV4** - If the service configuration includes an `A` record, the IPv4 address that you want Route\u00a053 to return in response to DNS queries, for example, `192.0.2.44` .\n\nThis value is required if the service specified by `ServiceId` includes settings for an `A` record. If the service includes settings for an `SRV` record, you must specify a value for `AWS_INSTANCE_IPV4` , `AWS_INSTANCE_IPV6` , or both.\n- **AWS_INSTANCE_IPV6** - If the service configuration includes an `AAAA` record, the IPv6 address that you want Route\u00a053 to return in response to DNS queries, for example, `2001:0db8:85a3:0000:0000:abcd:0001:2345` .\n\nThis value is required if the service specified by `ServiceId` includes settings for an `AAAA` record. If the service includes settings for an `SRV` record, you must specify a value for `AWS_INSTANCE_IPV4` , `AWS_INSTANCE_IPV6` , or both.\n- **AWS_INSTANCE_PORT** - If the service includes an `SRV` record, the value that you want Route\u00a053 to return for the port.\n\nIf the service includes `HealthCheckConfig` , the port on the endpoint that you want Route\u00a053 to send requests to.\n\nThis value is required if you specified settings for an `SRV` record or a Route\u00a053 health check when you created the service.", - "title": "InstanceAttributes", - "type": "object" + "MaximumDuration": { + "markdownDescription": "The maximum running time of the simulation, specified as a number of minutes (m or M), hours (h or H), or days (d or D). The simulation stops when it reaches this limit. The maximum value is `14D` , or its equivalent in the other units. The default value is `14D` . A value equivalent to `0` makes the simulation immediately transition to `STOPPING` as soon as it reaches `STARTED` .", + "title": "MaximumDuration", + "type": "string" }, - "InstanceId": { - "markdownDescription": "An identifier that you want to associate with the instance. Note the following:\n\n- If the service that's specified by `ServiceId` includes settings for an `SRV` record, the value of `InstanceId` is automatically included as part of the value for the `SRV` record. For more information, see [DnsRecord > Type](https://docs.aws.amazon.com/cloud-map/latest/api/API_DnsRecord.html#cloudmap-Type-DnsRecord-Type) .\n- You can use this value to update an existing instance.\n- To register a new instance, you must specify a value that's unique among instances that you register by using the same service.\n- If you specify an existing `InstanceId` and `ServiceId` , AWS Cloud Map updates the existing DNS records, if any. If there's also an existing health check, AWS Cloud Map deletes the old health check and creates a new one.\n\n> The health check isn't deleted immediately, so it will still appear for a while if you submit a `ListHealthChecks` request, for example.\n\n> Do not include sensitive information in `InstanceId` if the namespace is discoverable by public DNS queries and any `Type` member of `DnsRecord` for the service contains `SRV` because the `InstanceId` is discoverable by public DNS queries.", - "title": "InstanceId", + "Name": { + "markdownDescription": "The name of the simulation.", + "title": "Name", "type": "string" }, - "ServiceId": { - "markdownDescription": "The ID of the service that you want to use for settings for the instance.", - "title": "ServiceId", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management ( IAM ) role that the simulation assumes to perform actions. For more information about ARNs, see [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* . For more information about IAM roles, see [IAM roles](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html) in the *AWS Identity and Access Management User Guide* .", + "title": "RoleArn", "type": "string" + }, + "SchemaS3Location": { + "$ref": "#/definitions/AWS::SimSpaceWeaver::Simulation.S3Location", + "markdownDescription": "The location of the simulation schema in Amazon Simple Storage Service ( Amazon S3 ). For more information about Amazon S3 , see the [*Amazon Simple Storage Service User Guide*](https://docs.aws.amazon.com/AmazonS3/latest/userguide/Welcome.html) .\n\nProvide a `SchemaS3Location` to start your simulation from a schema.\n\nIf you provide a `SchemaS3Location` then you can't provide a `SnapshotS3Location` .", + "title": "SchemaS3Location" + }, + "SnapshotS3Location": { + "$ref": "#/definitions/AWS::SimSpaceWeaver::Simulation.S3Location", + "markdownDescription": "The location of the snapshot in Amazon Simple Storage Service ( Amazon S3 ). For more information about Amazon S3 , see the [*Amazon Simple Storage Service User Guide*](https://docs.aws.amazon.com/AmazonS3/latest/userguide/Welcome.html) .\n\nProvide a `SnapshotS3Location` to start your simulation from a snapshot.\n\nIf you provide a `SnapshotS3Location` then you can't provide a `SchemaS3Location` .", + "title": "SnapshotS3Location" } }, "required": [ - "InstanceAttributes", - "ServiceId" + "Name", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceDiscovery::Instance" + "AWS::SimSpaceWeaver::Simulation" ], "type": "string" }, @@ -259289,7 +309608,27 @@ ], "type": "object" }, - "AWS::ServiceDiscovery::PrivateDnsNamespace": { + "AWS::SimSpaceWeaver::Simulation.S3Location": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "The name of an Amazon S3 bucket. For more information about buckets, see [Creating, configuring, and working with Amazon S3 buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/creating-buckets-s3.html) in the *Amazon Simple Storage Service User Guide* .", + "title": "BucketName", + "type": "string" + }, + "ObjectKey": { + "markdownDescription": "The key name of an object in Amazon S3. For more information about Amazon S3 objects and object keys, see [Uploading, downloading, and working with objects in Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/userguide/uploading-downloading-objects.html) in the *Amazon Simple Storage Service User Guide* .", + "title": "ObjectKey", + "type": "string" + } + }, + "required": [ + "BucketName", + "ObjectKey" + ], + "type": "object" + }, + "AWS::StepFunctions::Activity": { "additionalProperties": false, "properties": { "Condition": { @@ -259324,44 +309663,33 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description for the namespace.", - "title": "Description", - "type": "string" + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::StepFunctions::Activity.EncryptionConfiguration", + "markdownDescription": "Encryption configuration for the activity.\n\nActivity configuration is immutable, and resource names must be unique. To set customer managed keys for encryption, you must create a *new Activity* . If you attempt to change the configuration in your CFN template for an existing activity, you will receive an `ActivityAlreadyExists` exception.\n\nTo update your activity to include customer managed keys, set a new activity name within your AWS CloudFormation template.", + "title": "EncryptionConfiguration" }, "Name": { - "markdownDescription": "The name that you want to assign to this namespace. When you create a private DNS namespace, AWS Cloud Map automatically creates an Amazon Route\u00a053 private hosted zone that has the same name as the namespace.", + "markdownDescription": "The name of the activity.\n\nA name must *not* contain:\n\n- white space\n- brackets `< > { } [ ]`\n- wildcard characters `? *`\n- special characters `\" # % \\ ^ | ~ ` $ & , ; : /`\n- control characters ( `U+0000-001F` , `U+007F-009F` , `U+FFFE-FFFF` )\n- surrogates ( `U+D800-DFFF` )\n- invalid characters ( `U+10FFFF` )\n\nTo enable logging with CloudWatch Logs, the name should only contain 0-9, A-Z, a-z, - and _.", "title": "Name", "type": "string" }, - "Properties": { - "$ref": "#/definitions/AWS::ServiceDiscovery::PrivateDnsNamespace.Properties", - "markdownDescription": "Properties for the private DNS namespace.", - "title": "Properties" - }, "Tags": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::StepFunctions::Activity.TagsEntry" }, - "markdownDescription": "The tags for the namespace. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.", + "markdownDescription": "The list of tags to add to a resource.\n\nTags may only contain Unicode letters, digits, white space, or these symbols: `_ . : / = + - @` .", "title": "Tags", "type": "array" - }, - "Vpc": { - "markdownDescription": "The ID of the Amazon VPC that you want to associate the namespace with.", - "title": "Vpc", - "type": "string" } }, "required": [ - "Name", - "Vpc" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceDiscovery::PrivateDnsNamespace" + "AWS::StepFunctions::Activity" ], "type": "string" }, @@ -259380,45 +309708,63 @@ ], "type": "object" }, - "AWS::ServiceDiscovery::PrivateDnsNamespace.PrivateDnsPropertiesMutable": { - "additionalProperties": false, - "properties": { - "SOA": { - "$ref": "#/definitions/AWS::ServiceDiscovery::PrivateDnsNamespace.SOA", - "markdownDescription": "Fields for the Start of Authority (SOA) record for the hosted zone for the private DNS namespace.", - "title": "SOA" - } - }, - "type": "object" - }, - "AWS::ServiceDiscovery::PrivateDnsNamespace.Properties": { + "AWS::StepFunctions::Activity.EncryptionConfiguration": { "additionalProperties": false, "properties": { - "DnsProperties": { - "$ref": "#/definitions/AWS::ServiceDiscovery::PrivateDnsNamespace.PrivateDnsPropertiesMutable", - "markdownDescription": "DNS properties for the private DNS namespace.", - "title": "DnsProperties" + "KmsDataKeyReusePeriodSeconds": { + "markdownDescription": "Maximum duration that Step Functions will reuse data keys. When the period expires, Step Functions will call `GenerateDataKey` . Only applies to customer managed keys.", + "title": "KmsDataKeyReusePeriodSeconds", + "type": "number" + }, + "KmsKeyId": { + "markdownDescription": "An alias, alias ARN, key ID, or key ARN of a symmetric encryption AWS KMS key to encrypt data. To specify a AWS KMS key in a different AWS account, you must use the key ARN or alias ARN.", + "title": "KmsKeyId", + "type": "string" + }, + "Type": { + "markdownDescription": "Encryption option for an activity.", + "title": "Type", + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::ServiceDiscovery::PrivateDnsNamespace.SOA": { + "AWS::StepFunctions::Activity.TagsEntry": { "additionalProperties": false, "properties": { - "TTL": { - "markdownDescription": "The time to live (TTL) for purposes of negative caching.", - "title": "TTL", - "type": "number" + "Key": { + "markdownDescription": "The `key` for a key-value pair in a tag entry.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The `value` for a key-value pair in a tag entry.", + "title": "Value", + "type": "string" } }, + "required": [ + "Key", + "Value" + ], "type": "object" }, - "AWS::ServiceDiscovery::PublicDnsNamespace": { + "AWS::StepFunctions::StateMachine": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, + "Connectors": { + "additionalProperties": { + "$ref": "#/definitions/EmbeddedConnector" + }, + "title": "Connectors", + "type": "object" + }, "DeletionPolicy": { "enum": [ "Delete", @@ -259448,38 +309794,79 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description for the namespace.", - "title": "Description", + "Definition": { + "markdownDescription": "The Amazon States Language definition of the state machine. The state machine definition must be in JSON or YAML, and the format of the object must match the format of your CloudFormation template file. See [Amazon States Language](https://docs.aws.amazon.com/step-functions/latest/dg/concepts-amazon-states-language.html) .", + "title": "Definition", + "type": "object" + }, + "DefinitionS3Location": { + "$ref": "#/definitions/AWS::StepFunctions::StateMachine.S3Location", + "markdownDescription": "The name of the S3 bucket where the state machine definition is stored. The state machine definition must be a JSON or YAML file.", + "title": "DefinitionS3Location" + }, + "DefinitionString": { + "markdownDescription": "The Amazon States Language definition of the state machine. The state machine definition must be in JSON. See [Amazon States Language](https://docs.aws.amazon.com/step-functions/latest/dg/concepts-amazon-states-language.html) .", + "title": "DefinitionString", "type": "string" }, - "Name": { - "markdownDescription": "The name that you want to assign to this namespace.\n\n> Do not include sensitive information in the name. The name is publicly available using DNS queries.", - "title": "Name", + "DefinitionSubstitutions": { + "additionalProperties": true, + "markdownDescription": "A map (string to string) that specifies the mappings for placeholder variables in the state machine definition. This enables the customer to inject values obtained at runtime, for example from intrinsic functions, in the state machine definition. Variables can be template parameter names, resource logical IDs, resource attributes, or a variable in a key-value map.\n\nSubstitutions must follow the syntax: `${key_name}` or `${variable_1,variable_2,...}` .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "object" + } + }, + "title": "DefinitionSubstitutions", + "type": "object" + }, + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::StepFunctions::StateMachine.EncryptionConfiguration", + "markdownDescription": "Encryption configuration for the state machine.", + "title": "EncryptionConfiguration" + }, + "LoggingConfiguration": { + "$ref": "#/definitions/AWS::StepFunctions::StateMachine.LoggingConfiguration", + "markdownDescription": "Defines what execution history events are logged and where they are logged.\n\n> By default, the `level` is set to `OFF` . For more information see [Log Levels](https://docs.aws.amazon.com/step-functions/latest/dg/cloudwatch-log-level.html) in the AWS Step Functions User Guide.", + "title": "LoggingConfiguration" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to use for this state machine.", + "title": "RoleArn", "type": "string" }, - "Properties": { - "$ref": "#/definitions/AWS::ServiceDiscovery::PublicDnsNamespace.Properties", - "markdownDescription": "Properties for the public DNS namespace.", - "title": "Properties" + "StateMachineName": { + "markdownDescription": "The name of the state machine.\n\nA name must *not* contain:\n\n- white space\n- brackets `< > { } [ ]`\n- wildcard characters `? *`\n- special characters `\" # % \\ ^ | ~ ` $ & , ; : /`\n- control characters ( `U+0000-001F` , `U+007F-009F` )\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "StateMachineName", + "type": "string" + }, + "StateMachineType": { + "markdownDescription": "Determines whether a `STANDARD` or `EXPRESS` state machine is created. The default is `STANDARD` . You cannot update the `type` of a state machine once it has been created. For more information on `STANDARD` and `EXPRESS` workflows, see [Standard Versus Express Workflows](https://docs.aws.amazon.com/step-functions/latest/dg/concepts-standard-vs-express.html) in the AWS Step Functions Developer Guide.", + "title": "StateMachineType", + "type": "string" }, "Tags": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::StepFunctions::StateMachine.TagsEntry" }, - "markdownDescription": "The tags for the namespace. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.", + "markdownDescription": "The list of tags to add to a resource.\n\nTags may only contain Unicode letters, digits, white space, or these symbols: `_ . : / = + - @` .", "title": "Tags", "type": "array" + }, + "TracingConfiguration": { + "$ref": "#/definitions/AWS::StepFunctions::StateMachine.TracingConfiguration", + "markdownDescription": "Selects whether or not the state machine's AWS X-Ray tracing is enabled.", + "title": "TracingConfiguration" } }, "required": [ - "Name" + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceDiscovery::PublicDnsNamespace" + "AWS::StepFunctions::StateMachine" ], "type": "string" }, @@ -259498,40 +309885,133 @@ ], "type": "object" }, - "AWS::ServiceDiscovery::PublicDnsNamespace.Properties": { + "AWS::StepFunctions::StateMachine.CloudWatchLogsLogGroup": { "additionalProperties": false, "properties": { - "DnsProperties": { - "$ref": "#/definitions/AWS::ServiceDiscovery::PublicDnsNamespace.PublicDnsPropertiesMutable", - "markdownDescription": "DNS properties for the public DNS namespace.", - "title": "DnsProperties" + "LogGroupArn": { + "markdownDescription": "The ARN of the the CloudWatch log group to which you want your logs emitted to. The ARN must end with `:*`", + "title": "LogGroupArn", + "type": "string" } }, "type": "object" }, - "AWS::ServiceDiscovery::PublicDnsNamespace.PublicDnsPropertiesMutable": { + "AWS::StepFunctions::StateMachine.EncryptionConfiguration": { "additionalProperties": false, "properties": { - "SOA": { - "$ref": "#/definitions/AWS::ServiceDiscovery::PublicDnsNamespace.SOA", - "markdownDescription": "Start of Authority (SOA) record for the hosted zone for the public DNS namespace.", - "title": "SOA" + "KmsDataKeyReusePeriodSeconds": { + "markdownDescription": "Maximum duration that Step Functions will reuse data keys. When the period expires, Step Functions will call `GenerateDataKey` . Only applies to customer managed keys.", + "title": "KmsDataKeyReusePeriodSeconds", + "type": "number" + }, + "KmsKeyId": { + "markdownDescription": "An alias, alias ARN, key ID, or key ARN of a symmetric encryption AWS KMS key to encrypt data. To specify a AWS KMS key in a different AWS account, you must use the key ARN or alias ARN.", + "title": "KmsKeyId", + "type": "string" + }, + "Type": { + "markdownDescription": "Encryption option for a state machine.", + "title": "Type", + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::ServiceDiscovery::PublicDnsNamespace.SOA": { + "AWS::StepFunctions::StateMachine.LogDestination": { "additionalProperties": false, "properties": { - "TTL": { - "markdownDescription": "The time to live (TTL) for purposes of negative caching.", - "title": "TTL", - "type": "number" + "CloudWatchLogsLogGroup": { + "$ref": "#/definitions/AWS::StepFunctions::StateMachine.CloudWatchLogsLogGroup", + "markdownDescription": "An object describing a CloudWatch log group. For more information, see [AWS::Logs::LogGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-logs-loggroup.html) in the AWS CloudFormation User Guide.", + "title": "CloudWatchLogsLogGroup" } }, "type": "object" }, - "AWS::ServiceDiscovery::Service": { + "AWS::StepFunctions::StateMachine.LoggingConfiguration": { + "additionalProperties": false, + "properties": { + "Destinations": { + "items": { + "$ref": "#/definitions/AWS::StepFunctions::StateMachine.LogDestination" + }, + "markdownDescription": "An array of objects that describes where your execution history events will be logged. Limited to size 1. Required, if your log level is not set to `OFF` .", + "title": "Destinations", + "type": "array" + }, + "IncludeExecutionData": { + "markdownDescription": "Determines whether execution data is included in your log. When set to `false` , data is excluded.", + "title": "IncludeExecutionData", + "type": "boolean" + }, + "Level": { + "markdownDescription": "Defines which category of execution history events are logged.", + "title": "Level", + "type": "string" + } + }, + "type": "object" + }, + "AWS::StepFunctions::StateMachine.S3Location": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The name of the S3 bucket where the state machine definition JSON or YAML file is stored.", + "title": "Bucket", + "type": "string" + }, + "Key": { + "markdownDescription": "The name of the state machine definition file (Amazon S3 object name).", + "title": "Key", + "type": "string" + }, + "Version": { + "markdownDescription": "For versioning-enabled buckets, a specific version of the state machine definition.", + "title": "Version", + "type": "string" + } + }, + "required": [ + "Bucket", + "Key" + ], + "type": "object" + }, + "AWS::StepFunctions::StateMachine.TagsEntry": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The `key` for a key-value pair in a tag entry.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The `value` for a key-value pair in a tag entry.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::StepFunctions::StateMachine.TracingConfiguration": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "When set to `true` , X-Ray tracing is enabled.", + "title": "Enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::StepFunctions::StateMachineAlias": { "additionalProperties": false, "properties": { "Condition": { @@ -259566,55 +310046,35 @@ "Properties": { "additionalProperties": false, "properties": { + "DeploymentPreference": { + "$ref": "#/definitions/AWS::StepFunctions::StateMachineAlias.DeploymentPreference", + "markdownDescription": "The settings that enable gradual state machine deployments. These settings include [Alarms](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-alarms) , [Interval](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-interval) , [Percentage](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-percentage) , [StateMachineVersionArn](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-statemachineversionarn) , and [Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-type) .\n\nCloudFormation automatically shifts traffic from the version an alias currently points to, to a new state machine version that you specify.\n\n> `RoutingConfiguration` and `DeploymentPreference` are mutually exclusive properties. You must define only one of these properties. \n\nBased on the type of deployment you want to perform, you can specify one of the following settings:\n\n- `LINEAR` - Shifts traffic to the new version in equal increments with an equal number of minutes between each increment.\n\nFor example, if you specify the increment percent as `20` with an interval of `600` minutes, this deployment increases traffic by 20 percent every 600 minutes until the new version receives 100 percent of the traffic. This deployment immediately rolls back the new version if any Amazon CloudWatch alarms are triggered.\n- `ALL_AT_ONCE` - Shifts 100 percent of traffic to the new version immediately. CloudFormation monitors the new version and rolls it back automatically to the previous version if any CloudWatch alarms are triggered.\n- `CANARY` - Shifts traffic in two increments.\n\nIn the first increment, a small percentage of traffic, for example, 10 percent is shifted to the new version. In the second increment, before a specified time interval in seconds gets over, the remaining traffic is shifted to the new version. The shift to the new version for the remaining traffic takes place only if no CloudWatch alarms are triggered during the specified time interval.", + "title": "DeploymentPreference" + }, "Description": { - "markdownDescription": "The description of the service.", + "markdownDescription": "An optional description of the state machine alias.", "title": "Description", "type": "string" }, - "DnsConfig": { - "$ref": "#/definitions/AWS::ServiceDiscovery::Service.DnsConfig", - "markdownDescription": "A complex type that contains information about the Route\u00a053 DNS records that you want AWS Cloud Map to create when you register an instance.\n\n> The record types of a service can only be changed by deleting the service and recreating it with a new `Dnsconfig` .", - "title": "DnsConfig" - }, - "HealthCheckConfig": { - "$ref": "#/definitions/AWS::ServiceDiscovery::Service.HealthCheckConfig", - "markdownDescription": "*Public DNS and HTTP namespaces only.* A complex type that contains settings for an optional health check. If you specify settings for a health check, AWS Cloud Map associates the health check with the records that you specify in `DnsConfig` .\n\nFor information about the charges for health checks, see [Amazon Route\u00a053 Pricing](https://docs.aws.amazon.com/route53/pricing/) .", - "title": "HealthCheckConfig" - }, - "HealthCheckCustomConfig": { - "$ref": "#/definitions/AWS::ServiceDiscovery::Service.HealthCheckCustomConfig", - "markdownDescription": "A complex type that contains information about an optional custom health check.\n\n> If you specify a health check configuration, you can specify either `HealthCheckCustomConfig` or `HealthCheckConfig` but not both.", - "title": "HealthCheckCustomConfig" - }, "Name": { - "markdownDescription": "The name of the service.", + "markdownDescription": "The name of the state machine alias. If you don't provide a name, it uses an automatically generated name based on the logical ID.", "title": "Name", "type": "string" }, - "NamespaceId": { - "markdownDescription": "The ID of the namespace that was used to create the service.\n\n> You must specify a value for `NamespaceId` either for the service properties or for [DnsConfig](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-servicediscovery-service-dnsconfig.html) . Don't specify a value in both places.", - "title": "NamespaceId", - "type": "string" - }, - "Tags": { + "RoutingConfiguration": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::StepFunctions::StateMachineAlias.RoutingConfigurationVersion" }, - "markdownDescription": "The tags for the service. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.", - "title": "Tags", + "markdownDescription": "The routing configuration of an alias. Routing configuration splits [StartExecution](https://docs.aws.amazon.com/step-functions/latest/apireference/API_StartExecution.html) requests between one or two versions of the same state machine.\n\nUse `RoutingConfiguration` if you want to explicitly set the alias [weights](https://docs.aws.amazon.com/step-functions/latest/apireference/API_RoutingConfigurationListItem.html#StepFunctions-Type-RoutingConfigurationListItem-weight) . Weight is the percentage of traffic you want to route to a state machine version.\n\n> `RoutingConfiguration` and `DeploymentPreference` are mutually exclusive properties. You must define only one of these properties.", + "title": "RoutingConfiguration", "type": "array" - }, - "Type": { - "markdownDescription": "If present, specifies that the service instances are only discoverable using the `DiscoverInstances` API operation. No DNS records is registered for the service instances. The only valid value is `HTTP` .", - "title": "Type", - "type": "string" } }, "type": "object" }, "Type": { "enum": [ - "AWS::ServiceDiscovery::Service" + "AWS::StepFunctions::StateMachineAlias" ], "type": "string" }, @@ -259632,89 +310092,65 @@ ], "type": "object" }, - "AWS::ServiceDiscovery::Service.DnsConfig": { + "AWS::StepFunctions::StateMachineAlias.DeploymentPreference": { "additionalProperties": false, "properties": { - "DnsRecords": { + "Alarms": { "items": { - "$ref": "#/definitions/AWS::ServiceDiscovery::Service.DnsRecord" + "type": "string" }, - "markdownDescription": "An array that contains one `DnsRecord` object for each Route\u00a053 DNS record that you want AWS Cloud Map to create when you register an instance.\n\n> The record type of a service can't be updated directly and can only be changed by deleting the service and recreating it with a new `DnsConfig` .", - "title": "DnsRecords", + "markdownDescription": "A list of Amazon CloudWatch alarm names to be monitored during the deployment. The deployment fails and rolls back if any of these alarms go into the `ALARM` state.\n\n> Amazon CloudWatch considers nonexistent alarms to have an `OK` state. If you provide an invalid alarm name or provide the ARN of an alarm instead of its name, your deployment may not roll back correctly.", + "title": "Alarms", "type": "array" }, - "NamespaceId": { - "markdownDescription": "The ID of the namespace to use for DNS configuration.\n\n> You must specify a value for `NamespaceId` either for `DnsConfig` or for the [service properties](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicediscovery-service.html) . Don't specify a value in both places.", - "title": "NamespaceId", - "type": "string" - }, - "RoutingPolicy": { - "markdownDescription": "The routing policy that you want to apply to all Route\u00a053 DNS records that AWS Cloud Map creates when you register an instance and specify this service.\n\n> If you want to use this service to register instances that create alias records, specify `WEIGHTED` for the routing policy. \n\nYou can specify the following values:\n\n- **MULTIVALUE** - If you define a health check for the service and the health check is healthy, Route\u00a053 returns the applicable value for up to eight instances.\n\nFor example, suppose that the service includes configurations for one `A` record and a health check. You use the service to register 10 instances. Route\u00a053 responds to DNS queries with IP addresses for up to eight healthy instances. If fewer than eight instances are healthy, Route\u00a053 responds to every DNS query with the IP addresses for all of the healthy instances.\n\nIf you don't define a health check for the service, Route\u00a053 assumes that all instances are healthy and returns the values for up to eight instances.\n\nFor more information about the multivalue routing policy, see [Multivalue Answer Routing](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html#routing-policy-multivalue) in the *Route\u00a053 Developer Guide* .\n- **WEIGHTED** - Route\u00a053 returns the applicable value from one randomly selected instance from among the instances that you registered using the same service. Currently, all records have the same weight, so you can't route more or less traffic to any instances.\n\nFor example, suppose that the service includes configurations for one `A` record and a health check. You use the service to register 10 instances. Route\u00a053 responds to DNS queries with the IP address for one randomly selected instance from among the healthy instances. If no instances are healthy, Route\u00a053 responds to DNS queries as if all of the instances were healthy.\n\nIf you don't define a health check for the service, Route\u00a053 assumes that all instances are healthy and returns the applicable value for one randomly selected instance.\n\nFor more information about the weighted routing policy, see [Weighted Routing](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html#routing-policy-weighted) in the *Route\u00a053 Developer Guide* .", - "title": "RoutingPolicy", - "type": "string" - } - }, - "required": [ - "DnsRecords" - ], - "type": "object" - }, - "AWS::ServiceDiscovery::Service.DnsRecord": { - "additionalProperties": false, - "properties": { - "TTL": { - "markdownDescription": "The amount of time, in seconds, that you want DNS resolvers to cache the settings for this record.\n\n> Alias records don't include a TTL because Route\u00a053 uses the TTL for the AWS resource that an alias record routes traffic to. If you include the `AWS_ALIAS_DNS_NAME` attribute when you submit a [RegisterInstance](https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html) request, the `TTL` value is ignored. Always specify a TTL for the service; you can use a service to register instances that create either alias or non-alias records.", - "title": "TTL", + "Interval": { + "markdownDescription": "The time in minutes between each traffic shifting increment.", + "title": "Interval", "type": "number" }, - "Type": { - "markdownDescription": "The type of the resource, which indicates the type of value that Route 53 returns in response to DNS queries. You can specify values for `Type` in the following combinations:\n\n- `A`\n- `AAAA`\n- `A` and `AAAA`\n- `SRV`\n- `CNAME`\n\nIf you want AWS Cloud Map to create a Route 53 alias record when you register an instance, specify `A` or `AAAA` for `Type` .\n\nYou specify other settings, such as the IP address for `A` and `AAAA` records, when you register an instance. For more information, see [RegisterInstance](https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html) .\n\nThe following values are supported:\n\n- **A** - Route 53 returns the IP address of the resource in IPv4 format, such as 192.0.2.44.\n- **AAAA** - Route 53 returns the IP address of the resource in IPv6 format, such as 2001:0db8:85a3:0000:0000:abcd:0001:2345.\n- **CNAME** - Route 53 returns the domain name of the resource, such as www.example.com. Note the following:\n\n- You specify the domain name that you want to route traffic to when you register an instance. For more information, see [Attributes](https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html#cloudmap-RegisterInstance-request-Attributes) in the topic [RegisterInstance](https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html) .\n- You must specify `WEIGHTED` for the value of `RoutingPolicy` .\n- You can't specify both `CNAME` for `Type` and settings for `HealthCheckConfig` . If you do, the request will fail with an `InvalidInput` error.\n- **SRV** - Route 53 returns the value for an `SRV` record. The value for an `SRV` record uses the following values:\n\n`priority weight port service-hostname`\n\nNote the following about the values:\n\n- The values of `priority` and `weight` are both set to `1` and can't be changed.\n- The value of `port` comes from the value that you specify for the `AWS_INSTANCE_PORT` attribute when you submit a [RegisterInstance](https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html) request.\n- The value of `service-hostname` is a concatenation of the following values:\n\n- The value that you specify for `InstanceId` when you register an instance.\n- The name of the service.\n- The name of the namespace.\n\nFor example, if the value of `InstanceId` is `test` , the name of the service is `backend` , and the name of the namespace is `example.com` , the value of `service-hostname` is:\n\n`test.backend.example.com`\n\nIf you specify settings for an `SRV` record and if you specify values for `AWS_INSTANCE_IPV4` , `AWS_INSTANCE_IPV6` , or both in the `RegisterInstance` request, AWS Cloud Map automatically creates `A` and/or `AAAA` records that have the same name as the value of `service-hostname` in the `SRV` record. You can ignore these records.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "TTL", - "Type" - ], - "type": "object" - }, - "AWS::ServiceDiscovery::Service.HealthCheckConfig": { - "additionalProperties": false, - "properties": { - "FailureThreshold": { - "markdownDescription": "The number of consecutive health checks that an endpoint must pass or fail for Route\u00a053 to change the current status of the endpoint from unhealthy to healthy or the other way around. For more information, see [How Route\u00a053 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html) in the *Route\u00a053 Developer Guide* .", - "title": "FailureThreshold", + "Percentage": { + "markdownDescription": "The percentage of traffic to shift to the new version in each increment.", + "title": "Percentage", "type": "number" }, - "ResourcePath": { - "markdownDescription": "The path that you want Route\u00a053 to request when performing health checks. The path can be any value that your endpoint returns an HTTP status code of a 2xx or 3xx format for when the endpoint is healthy. An example file is `/docs/route53-health-check.html` . Route\u00a053 automatically adds the DNS name for the service. If you don't specify a value for `ResourcePath` , the default value is `/` .\n\nIf you specify `TCP` for `Type` , you must *not* specify a value for `ResourcePath` .", - "title": "ResourcePath", + "StateMachineVersionArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the [`AWS::StepFunctions::StateMachineVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-stepfunctions-statemachineversion.html) resource that will be the final version to which the alias points to when the traffic shifting is complete.\n\nWhile performing gradual deployments, you can only provide a single state machine version ARN. To explicitly set version weights in a CloudFormation template, use `RoutingConfiguration` instead.", + "title": "StateMachineVersionArn", "type": "string" }, "Type": { - "markdownDescription": "The type of health check that you want to create, which indicates how Route\u00a053 determines whether an endpoint is healthy.\n\n> You can't change the value of `Type` after you create a health check. \n\nYou can create the following types of health checks:\n\n- *HTTP* : Route\u00a053 tries to establish a TCP connection. If successful, Route\u00a053 submits an HTTP request and waits for an HTTP status code of 200 or greater and less than 400.\n- *HTTPS* : Route\u00a053 tries to establish a TCP connection. If successful, Route\u00a053 submits an HTTPS request and waits for an HTTP status code of 200 or greater and less than 400.\n\n> If you specify HTTPS for the value of `Type` , the endpoint must support TLS v1.0 or later.\n- *TCP* : Route\u00a053 tries to establish a TCP connection.\n\nIf you specify `TCP` for `Type` , don't specify a value for `ResourcePath` .\n\nFor more information, see [How Route\u00a053 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html) in the *Route\u00a053 Developer Guide* .", + "markdownDescription": "The type of deployment you want to perform. You can specify one of the following types:\n\n- `LINEAR` - Shifts traffic to the new version in equal increments with an equal number of minutes between each increment.\n\nFor example, if you specify the increment percent as `20` with an interval of `600` minutes, this deployment increases traffic by 20 percent every 600 minutes until the new version receives 100 percent of the traffic. This deployment immediately rolls back the new version if any CloudWatch alarms are triggered.\n- `ALL_AT_ONCE` - Shifts 100 percent of traffic to the new version immediately. CloudFormation monitors the new version and rolls it back automatically to the previous version if any CloudWatch alarms are triggered.\n- `CANARY` - Shifts traffic in two increments.\n\nIn the first increment, a small percentage of traffic, for example, 10 percent is shifted to the new version. In the second increment, before a specified time interval in seconds gets over, the remaining traffic is shifted to the new version. The shift to the new version for the remaining traffic takes place only if no CloudWatch alarms are triggered during the specified time interval.", "title": "Type", "type": "string" } }, "required": [ + "StateMachineVersionArn", "Type" ], "type": "object" }, - "AWS::ServiceDiscovery::Service.HealthCheckCustomConfig": { + "AWS::StepFunctions::StateMachineAlias.RoutingConfigurationVersion": { "additionalProperties": false, "properties": { - "FailureThreshold": { - "markdownDescription": "> This parameter is no longer supported and is always set to 1. AWS Cloud Map waits for approximately 30 seconds after receiving an `UpdateInstanceCustomHealthStatus` request before changing the status of the service instance. \n\nThe number of 30-second intervals that you want AWS Cloud Map to wait after receiving an `UpdateInstanceCustomHealthStatus` request before it changes the health status of a service instance.\n\nSending a second or subsequent `UpdateInstanceCustomHealthStatus` request with the same value before 30 seconds has passed doesn't accelerate the change. AWS Cloud Map still waits `30` seconds after the first request to make the change.", - "title": "FailureThreshold", + "StateMachineVersionArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that identifies one or two state machine versions defined in the routing configuration.\n\nIf you specify the ARN of a second version, it must belong to the same state machine as the first version.", + "title": "StateMachineVersionArn", + "type": "string" + }, + "Weight": { + "markdownDescription": "The percentage of traffic you want to route to the state machine version. The sum of the weights in the routing configuration must be equal to 100.", + "title": "Weight", "type": "number" } }, + "required": [ + "StateMachineVersionArn", + "Weight" + ], "type": "object" }, - "AWS::Shield::DRTAccess": { + "AWS::StepFunctions::StateMachineVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -259749,28 +310185,30 @@ "Properties": { "additionalProperties": false, "properties": { - "LogBucketList": { - "items": { - "type": "string" - }, - "markdownDescription": "Authorizes the Shield Response Team (SRT) to access the specified Amazon S3 bucket containing log data such as Application Load Balancer access logs, CloudFront logs, or logs from third party sources. You can associate up to 10 Amazon S3 buckets with your subscription.\n\nUse this to share information with the SRT that's not available in AWS WAF logs.\n\nTo use the services of the SRT, you must be subscribed to the [Business Support plan](https://docs.aws.amazon.com/premiumsupport/business-support/) or the [Enterprise Support plan](https://docs.aws.amazon.com/premiumsupport/enterprise-support/) .", - "title": "LogBucketList", - "type": "array" + "Description": { + "markdownDescription": "An optional description of the state machine version.", + "title": "Description", + "type": "string" }, - "RoleArn": { - "markdownDescription": "Authorizes the Shield Response Team (SRT) using the specified role, to access your AWS account to assist with DDoS attack mitigation during potential attacks. This enables the SRT to inspect your AWS WAF configuration and logs and to create or update AWS WAF rules and web ACLs.\n\nYou can associate only one `RoleArn` with your subscription. If you submit this update for an account that already has an associated role, the new `RoleArn` will replace the existing `RoleArn` .\n\nThis change requires the following:\n\n- You must be subscribed to the [Business Support plan](https://docs.aws.amazon.com/premiumsupport/business-support/) or the [Enterprise Support plan](https://docs.aws.amazon.com/premiumsupport/enterprise-support/) .\n- The `AWSShieldDRTAccessPolicy` managed policy must be attached to the role that you specify in the request. You can access this policy in the IAM console at [AWSShieldDRTAccessPolicy](https://docs.aws.amazon.com/iam/home?#/policies/arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy) . For information, see [Adding and removing IAM identity permissions](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_manage-attach-detach.html) .\n- The role must trust the service principal `drt.shield.amazonaws.com` . For information, see [IAM JSON policy elements: Principal](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_principal.html) .\n\nThe SRT will have access only to your AWS WAF and Shield resources. By submitting this request, you provide permissions to the SRT to inspect your AWS WAF and Shield configuration and logs, and to create and update AWS WAF rules and web ACLs on your behalf. The SRT takes these actions only if explicitly authorized by you.", - "title": "RoleArn", + "StateMachineArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the state machine.", + "title": "StateMachineArn", + "type": "string" + }, + "StateMachineRevisionId": { + "markdownDescription": "Identifier for a state machine revision, which is an immutable, read-only snapshot of a state machine\u2019s definition and configuration.\n\nOnly publish the state machine version if the current state machine's revision ID matches the specified ID. Use this option to avoid publishing a version if the state machine has changed since you last updated it.\n\nTo specify the initial state machine revision, set the value as `INITIAL` .", + "title": "StateMachineRevisionId", "type": "string" } }, "required": [ - "RoleArn" + "StateMachineArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Shield::DRTAccess" + "AWS::StepFunctions::StateMachineVersion" ], "type": "string" }, @@ -259789,7 +310227,7 @@ ], "type": "object" }, - "AWS::Shield::ProactiveEngagement": { + "AWS::SupportApp::AccountAlias": { "additionalProperties": false, "properties": { "Condition": { @@ -259824,29 +310262,20 @@ "Properties": { "additionalProperties": false, "properties": { - "EmergencyContactList": { - "items": { - "$ref": "#/definitions/AWS::Shield::ProactiveEngagement.EmergencyContact" - }, - "markdownDescription": "The list of email addresses and phone numbers that the Shield Response Team (SRT) can use to contact you for escalations to the SRT and to initiate proactive customer support, plus any relevant notes.\n\nTo enable proactive engagement, the contact list must include at least one phone number.\n\nIf you provide more than one contact, in the notes, indicate the circumstances under which each contact should be used. Include primary and secondary contact designations, and provide the hours of availability and time zones for each contact.\n\nExample contact notes:\n\n- This is a hotline that's staffed 24x7x365. Please work with the responding analyst and they will get the appropriate person on the call.\n- Please contact the secondary phone number if the hotline doesn't respond within 5 minutes.", - "title": "EmergencyContactList", - "type": "array" - }, - "ProactiveEngagementStatus": { - "markdownDescription": "Specifies whether proactive engagement is enabled or disabled.\n\nValid values:\n\n`ENABLED` - The Shield Response Team (SRT) will use email and phone to notify contacts about escalations to the SRT and to initiate proactive customer support.\n\n`DISABLED` - The SRT will not proactively notify contacts about escalations or to initiate proactive customer support.", - "title": "ProactiveEngagementStatus", + "AccountAlias": { + "markdownDescription": "An alias or short name for an AWS account .", + "title": "AccountAlias", "type": "string" } }, "required": [ - "EmergencyContactList", - "ProactiveEngagementStatus" + "AccountAlias" ], "type": "object" }, "Type": { "enum": [ - "AWS::Shield::ProactiveEngagement" + "AWS::SupportApp::AccountAlias" ], "type": "string" }, @@ -259865,31 +310294,7 @@ ], "type": "object" }, - "AWS::Shield::ProactiveEngagement.EmergencyContact": { - "additionalProperties": false, - "properties": { - "ContactNotes": { - "markdownDescription": "Additional notes regarding the contact.", - "title": "ContactNotes", - "type": "string" - }, - "EmailAddress": { - "markdownDescription": "The email address for the contact.", - "title": "EmailAddress", - "type": "string" - }, - "PhoneNumber": { - "markdownDescription": "The phone number for the contact.", - "title": "PhoneNumber", - "type": "string" - } - }, - "required": [ - "EmailAddress" - ], - "type": "object" - }, - "AWS::Shield::Protection": { + "AWS::SupportApp::SlackChannelConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -259924,47 +310329,58 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationLayerAutomaticResponseConfiguration": { - "$ref": "#/definitions/AWS::Shield::Protection.ApplicationLayerAutomaticResponseConfiguration", - "markdownDescription": "The automatic application layer DDoS mitigation settings for the protection. This configuration determines whether Shield Advanced automatically manages rules in the web ACL in order to respond to application layer events that Shield Advanced determines to be DDoS attacks.\n\nIf you use AWS CloudFormation to manage the web ACLs that you use with Shield Advanced automatic mitigation, see the additional guidance about web ACL management in the `AWS::WAFv2::WebACL` resource description.", - "title": "ApplicationLayerAutomaticResponseConfiguration" + "ChannelId": { + "markdownDescription": "The channel ID in Slack. This ID identifies a channel within a Slack workspace.", + "title": "ChannelId", + "type": "string" }, - "HealthCheckArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The ARN (Amazon Resource Name) of the health check to associate with the protection. Health-based detection provides improved responsiveness and accuracy in attack detection and mitigation.\n\nYou can use this option with any resource type except for Route\u00a053 hosted zones.\n\nFor more information, see [Configuring health-based detection using health checks](https://docs.aws.amazon.com/waf/latest/developerguide/ddos-advanced-health-checks.html) in the *AWS Shield Advanced Developer Guide* .", - "title": "HealthCheckArns", - "type": "array" + "ChannelName": { + "markdownDescription": "The channel name in Slack. This is the channel where you invite the AWS Support App .", + "title": "ChannelName", + "type": "string" }, - "Name": { - "markdownDescription": "The name of the protection. For example, `My CloudFront distributions` .\n\n> If you change the name of an existing protection, Shield Advanced deletes the protection and replaces it with a new one. While this is happening, the protection isn't available on the AWS resource.", - "title": "Name", + "ChannelRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role for this Slack channel configuration. The App uses this role to perform and Service Quotas actions on your behalf.", + "title": "ChannelRoleArn", "type": "string" }, - "ResourceArn": { - "markdownDescription": "The ARN (Amazon Resource Name) of the AWS resource that is protected.", - "title": "ResourceArn", + "NotifyOnAddCorrespondenceToCase": { + "markdownDescription": "Whether to get notified when a correspondence is added to your support cases.", + "title": "NotifyOnAddCorrespondenceToCase", + "type": "boolean" + }, + "NotifyOnCaseSeverity": { + "markdownDescription": "The case severity for your support cases that you want to receive notifications. You can specify `none` , `all` , or `high` .", + "title": "NotifyOnCaseSeverity", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.", - "title": "Tags", - "type": "array" + "NotifyOnCreateOrReopenCase": { + "markdownDescription": "Whether to get notified when your support cases are created or reopened", + "title": "NotifyOnCreateOrReopenCase", + "type": "boolean" + }, + "NotifyOnResolveCase": { + "markdownDescription": "Whether to get notified when your support cases are resolved.", + "title": "NotifyOnResolveCase", + "type": "boolean" + }, + "TeamId": { + "markdownDescription": "The team ID in Slack. This ID uniquely identifies a Slack workspace.", + "title": "TeamId", + "type": "string" } }, "required": [ - "Name", - "ResourceArn" + "ChannelId", + "ChannelRoleArn", + "NotifyOnCaseSeverity", + "TeamId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Shield::Protection" + "AWS::SupportApp::SlackChannelConfiguration" ], "type": "string" }, @@ -259983,43 +310399,79 @@ ], "type": "object" }, - "AWS::Shield::Protection.Action": { + "AWS::SupportApp::SlackWorkspaceConfiguration": { "additionalProperties": false, "properties": { - "Block": { - "markdownDescription": "Specifies that Shield Advanced should configure its AWS WAF rules with the AWS WAF `Block` action.\n\nYou must specify exactly one action, either `Block` or `Count` .\n\nExample JSON: `{ \"Block\": {} }`\n\nExample YAML: `Block: {}`", - "title": "Block", + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { "type": "object" }, - "Count": { - "markdownDescription": "Specifies that Shield Advanced should configure its AWS WAF rules with the AWS WAF `Count` action.\n\nYou must specify exactly one action, either `Block` or `Count` .\n\nExample JSON: `{ \"Count\": {} }`\n\nExample YAML: `Count: {}`", - "title": "Count", + "Properties": { + "additionalProperties": false, + "properties": { + "TeamId": { + "markdownDescription": "The team ID in Slack. This ID uniquely identifies a Slack workspace, such as `T012ABCDEFG` .", + "title": "TeamId", + "type": "string" + }, + "VersionId": { + "markdownDescription": "An identifier used to update an existing Slack workspace configuration in AWS CloudFormation , such as `100` .", + "title": "VersionId", + "type": "string" + } + }, + "required": [ + "TeamId" + ], "type": "object" - } - }, - "type": "object" - }, - "AWS::Shield::Protection.ApplicationLayerAutomaticResponseConfiguration": { - "additionalProperties": false, - "properties": { - "Action": { - "$ref": "#/definitions/AWS::Shield::Protection.Action", - "markdownDescription": "Specifies the action setting that Shield Advanced should use in the AWS WAF rules that it creates on behalf of the protected resource in response to DDoS attacks. You specify this as part of the configuration for the automatic application layer DDoS mitigation feature, when you enable or update automatic mitigation. Shield Advanced creates the AWS WAF rules in a Shield Advanced-managed rule group, inside the web ACL that you have associated with the resource.", - "title": "Action" }, - "Status": { - "markdownDescription": "Indicates whether automatic application layer DDoS mitigation is enabled for the protection.", - "title": "Status", + "Type": { + "enum": [ + "AWS::SupportApp::SlackWorkspaceConfiguration" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Action", - "Status" + "Type", + "Properties" ], "type": "object" }, - "AWS::Shield::ProtectionGroup": { + "AWS::Synthetics::Canary": { "additionalProperties": false, "properties": { "Condition": { @@ -260054,53 +310506,111 @@ "Properties": { "additionalProperties": false, "properties": { - "Aggregation": { - "markdownDescription": "Defines how AWS Shield combines resource data for the group in order to detect, mitigate, and report events.\n\n- `Sum` - Use the total traffic across the group. This is a good choice for most cases. Examples include Elastic IP addresses for EC2 instances that scale manually or automatically.\n- `Mean` - Use the average of the traffic across the group. This is a good choice for resources that share traffic uniformly. Examples include accelerators and load balancers.\n- `Max` - Use the highest traffic from each resource. This is useful for resources that don't share traffic and for resources that share that traffic in a non-uniform way. Examples include Amazon CloudFront distributions and origin resources for CloudFront distributions.", - "title": "Aggregation", + "ArtifactConfig": { + "$ref": "#/definitions/AWS::Synthetics::Canary.ArtifactConfig", + "markdownDescription": "A structure that contains the configuration for canary artifacts, including the encryption-at-rest settings for artifacts that the canary uploads to Amazon S3.", + "title": "ArtifactConfig" + }, + "ArtifactS3Location": { + "markdownDescription": "The location in Amazon S3 where Synthetics stores artifacts from the runs of this canary. Artifacts include the log file, screenshots, and HAR files. Specify the full location path, including `s3://` at the beginning of the path.", + "title": "ArtifactS3Location", "type": "string" }, - "Members": { + "Code": { + "$ref": "#/definitions/AWS::Synthetics::Canary.Code", + "markdownDescription": "Use this structure to input your script code for the canary. This structure contains the Lambda handler with the location where the canary should start running the script. If the script is stored in an S3 bucket, the bucket name, key, and version are also included. If the script is passed into the canary directly, the script code is contained in the value of `Script` .", + "title": "Code" + }, + "DryRunAndUpdate": { + "markdownDescription": "Specifies whether to perform a dry run before updating the canary. If set to `true` , CloudFormation will execute a dry run to validate the changes before applying them to the canary. If the dry run succeeds, the canary will be updated with the changes. If the dry run fails, the CloudFormation deployment will fail with the dry run\u2019s failure reason.\n\nIf set to `false` or omitted, the canary will be updated directly without first performing a dry run. The default value is `false` .\n\nFor more information, see [Performing safe canary updates](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/performing-safe-canary-upgrades.html) .", + "title": "DryRunAndUpdate", + "type": "boolean" + }, + "ExecutionRoleArn": { + "markdownDescription": "The ARN of the IAM role to be used to run the canary. This role must already exist, and must include `lambda.amazonaws.com` as a principal in the trust policy. The role must also have the following permissions:\n\n- `s3:PutObject`\n- `s3:GetBucketLocation`\n- `s3:ListAllMyBuckets`\n- `cloudwatch:PutMetricData`\n- `logs:CreateLogGroup`\n- `logs:CreateLogStream`\n- `logs:PutLogEvents`", + "title": "ExecutionRoleArn", + "type": "string" + }, + "FailureRetentionPeriod": { + "markdownDescription": "The number of days to retain data about failed runs of this canary. If you omit this field, the default of 31 days is used. The valid range is 1 to 455 days.\n\nThis setting affects the range of information returned by [GetCanaryRuns](https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_GetCanaryRuns.html) , as well as the range of information displayed in the Synthetics console.", + "title": "FailureRetentionPeriod", + "type": "number" + }, + "Name": { + "markdownDescription": "The name for this canary. Be sure to give it a descriptive name that distinguishes it from other canaries in your account.\n\nDo not include secrets or proprietary information in your canary names. The canary name makes up part of the canary ARN, and the ARN is included in outbound calls over the internet. For more information, see [Security Considerations for Synthetics Canaries](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/servicelens_canaries_security.html) .", + "title": "Name", + "type": "string" + }, + "ProvisionedResourceCleanup": { + "markdownDescription": "Specifies whether to also delete the Lambda functions and layers used by this canary when the canary is deleted. If it is `AUTOMATIC` , the Lambda functions and layers will be deleted when the canary is deleted.\n\nIf the value of this parameter is `OFF` , then the value of the `DeleteLambda` parameter of the [DeleteCanary](https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_DeleteCanary.html) operation determines whether the Lambda functions and layers will be deleted.", + "title": "ProvisionedResourceCleanup", + "type": "string" + }, + "ResourcesToReplicateTags": { "items": { "type": "string" }, - "markdownDescription": "The ARNs (Amazon Resource Names) of the resources to include in the protection group. You must set this when you set `Pattern` to `ARBITRARY` and you must not set it for any other `Pattern` setting.", - "title": "Members", + "markdownDescription": "To have the tags that you apply to this canary also be applied to the Lambda function that the canary uses, specify this property with the value `lambda-function` . If you do this, CloudWatch Synthetics will keep the tags of the canary and the Lambda function synchronized. Any future changes you make to the canary's tags will also be applied to the function.", + "title": "ResourcesToReplicateTags", "type": "array" }, - "Pattern": { - "markdownDescription": "The criteria to use to choose the protected resources for inclusion in the group. You can include all resources that have protections, provide a list of resource ARNs (Amazon Resource Names), or include all resources of a specified resource type.", - "title": "Pattern", - "type": "string" + "RunConfig": { + "$ref": "#/definitions/AWS::Synthetics::Canary.RunConfig", + "markdownDescription": "A structure that contains input information for a canary run. If you omit this structure, the frequency of the canary is used as canary's timeout value, up to a maximum of 900 seconds.", + "title": "RunConfig" }, - "ProtectionGroupId": { - "markdownDescription": "The name of the protection group. You use this to identify the protection group in lists and to manage the protection group, for example to update, delete, or describe it.", - "title": "ProtectionGroupId", + "RuntimeVersion": { + "markdownDescription": "Specifies the runtime version to use for the canary. For more information about runtime versions, see [Canary Runtime Versions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_Library.html) .", + "title": "RuntimeVersion", "type": "string" }, - "ResourceType": { - "markdownDescription": "The resource type to include in the protection group. All protected resources of this type are included in the protection group. You must set this when you set `Pattern` to `BY_RESOURCE_TYPE` and you must not set it for any other `Pattern` setting.", - "title": "ResourceType", - "type": "string" + "Schedule": { + "$ref": "#/definitions/AWS::Synthetics::Canary.Schedule", + "markdownDescription": "A structure that contains information about how often the canary is to run, and when these runs are to stop.", + "title": "Schedule" + }, + "StartCanaryAfterCreation": { + "markdownDescription": "Specify TRUE to have the canary start making runs immediately after it is created.\n\nA canary that you create using CloudFormation can't be used to monitor the CloudFormation stack that creates the canary or to roll back that stack if there is a failure.", + "title": "StartCanaryAfterCreation", + "type": "boolean" + }, + "SuccessRetentionPeriod": { + "markdownDescription": "The number of days to retain data about successful runs of this canary. If you omit this field, the default of 31 days is used. The valid range is 1 to 455 days.\n\nThis setting affects the range of information returned by [GetCanaryRuns](https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_GetCanaryRuns.html) , as well as the range of information displayed in the Synthetics console.", + "title": "SuccessRetentionPeriod", + "type": "number" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.", + "markdownDescription": "The list of key-value pairs that are associated with the canary.", "title": "Tags", "type": "array" + }, + "VPCConfig": { + "$ref": "#/definitions/AWS::Synthetics::Canary.VPCConfig", + "markdownDescription": "If this canary is to test an endpoint in a VPC, this structure contains information about the subnet and security groups of the VPC endpoint. For more information, see [Running a Canary in a VPC](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_VPC.html) .", + "title": "VPCConfig" + }, + "VisualReference": { + "$ref": "#/definitions/AWS::Synthetics::Canary.VisualReference", + "markdownDescription": "If this canary performs visual monitoring by comparing screenshots, this structure contains the ID of the canary run to use as the baseline for screenshots, and the coordinates of any parts of the screen to ignore during the visual monitoring comparison.", + "title": "VisualReference" } }, "required": [ - "Aggregation", - "Pattern", - "ProtectionGroupId" + "ArtifactS3Location", + "Code", + "ExecutionRoleArn", + "Name", + "RuntimeVersion", + "Schedule" ], "type": "object" }, "Type": { "enum": [ - "AWS::Shield::ProtectionGroup" + "AWS::Synthetics::Canary" ], "type": "string" }, @@ -260119,7 +310629,228 @@ ], "type": "object" }, - "AWS::Signer::ProfilePermission": { + "AWS::Synthetics::Canary.ArtifactConfig": { + "additionalProperties": false, + "properties": { + "S3Encryption": { + "$ref": "#/definitions/AWS::Synthetics::Canary.S3Encryption", + "markdownDescription": "A structure that contains the configuration of the encryption-at-rest settings for artifacts that the canary uploads to Amazon S3 . Artifact encryption functionality is available only for canaries that use Synthetics runtime version syn-nodejs-puppeteer-3.3 or later. For more information, see [Encrypting canary artifacts](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_artifact_encryption.html) .", + "title": "S3Encryption" + } + }, + "type": "object" + }, + "AWS::Synthetics::Canary.BaseScreenshot": { + "additionalProperties": false, + "properties": { + "IgnoreCoordinates": { + "items": { + "type": "string" + }, + "markdownDescription": "Coordinates that define the part of a screen to ignore during screenshot comparisons. To obtain the coordinates to use here, use the CloudWatch console to draw the boundaries on the screen. For more information, see [Edit or delete a canary](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/synthetics_canaries_deletion.html) .", + "title": "IgnoreCoordinates", + "type": "array" + }, + "ScreenshotName": { + "markdownDescription": "The name of the screenshot. This is generated the first time the canary is run after the `UpdateCanary` operation that specified for this canary to perform visual monitoring.", + "title": "ScreenshotName", + "type": "string" + } + }, + "required": [ + "ScreenshotName" + ], + "type": "object" + }, + "AWS::Synthetics::Canary.Code": { + "additionalProperties": false, + "properties": { + "Handler": { + "markdownDescription": "The entry point to use for the source code when running the canary. For canaries that use the `syn-python-selenium-1.0` runtime or a `syn-nodejs.puppeteer` runtime earlier than `syn-nodejs.puppeteer-3.4` , the handler must be specified as `*fileName* .handler` . For `syn-python-selenium-1.1` , `syn-nodejs.puppeteer-3.4` , and later runtimes, the handler can be specified as `*fileName* . *functionName*` , or you can specify a folder where canary scripts reside as `*folder* / *fileName* . *functionName*` .", + "title": "Handler", + "type": "string" + }, + "S3Bucket": { + "markdownDescription": "If your canary script is located in S3, specify the bucket name here. The bucket must already exist.", + "title": "S3Bucket", + "type": "string" + }, + "S3Key": { + "markdownDescription": "The Amazon S3 key of your script. For more information, see [Working with Amazon S3 Objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingObjects.html) .", + "title": "S3Key", + "type": "string" + }, + "S3ObjectVersion": { + "markdownDescription": "The Amazon S3 version ID of your script.", + "title": "S3ObjectVersion", + "type": "string" + }, + "Script": { + "markdownDescription": "If you input your canary script directly into the canary instead of referring to an S3 location, the value of this parameter is the script in plain text. It can be up to 5 MB.", + "title": "Script", + "type": "string" + }, + "SourceLocationArn": { + "markdownDescription": "The ARN of the Lambda layer where Synthetics stores the canary script code.", + "title": "SourceLocationArn", + "type": "string" + } + }, + "required": [ + "Handler" + ], + "type": "object" + }, + "AWS::Synthetics::Canary.RetryConfig": { + "additionalProperties": false, + "properties": { + "MaxRetries": { + "markdownDescription": "The maximum number of retries. The value must be less than or equal to two.", + "title": "MaxRetries", + "type": "number" + } + }, + "required": [ + "MaxRetries" + ], + "type": "object" + }, + "AWS::Synthetics::Canary.RunConfig": { + "additionalProperties": false, + "properties": { + "ActiveTracing": { + "markdownDescription": "Specifies whether this canary is to use active AWS X-Ray tracing when it runs. Active tracing enables this canary run to be displayed in the ServiceLens and X-Ray service maps even if the canary does not hit an endpoint that has X-Ray tracing enabled. Using X-Ray tracing incurs charges. For more information, see [Canaries and X-Ray tracing](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_tracing.html) .\n\nYou can enable active tracing only for canaries that use version `syn-nodejs-2.0` or later for their canary runtime.", + "title": "ActiveTracing", + "type": "boolean" + }, + "EnvironmentVariables": { + "additionalProperties": true, + "markdownDescription": "Specifies the keys and values to use for any environment variables used in the canary script. Use the following format:\n\n{ \"key1\" : \"value1\", \"key2\" : \"value2\", ...}\n\nKeys must start with a letter and be at least two characters. The total size of your environment variables cannot exceed 4 KB. You can't specify any Lambda reserved environment variables as the keys for your environment variables. For more information about reserved keys, see [Runtime environment variables](https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html#configuration-envvars-runtime) .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "EnvironmentVariables", + "type": "object" + }, + "EphemeralStorage": { + "markdownDescription": "Specifies the amount of ephemeral storage (in MB) to allocate for the canary run during execution. This temporary storage is used for storing canary run artifacts (which are uploaded to an Amazon S3 bucket at the end of the run), and any canary browser operations. This temporary storage is cleared after the run is completed. Default storage value is 1024 MB.", + "title": "EphemeralStorage", + "type": "number" + }, + "MemoryInMB": { + "markdownDescription": "The maximum amount of memory that the canary can use while running. This value must be a multiple of 64. The range is 960 to 3008.", + "title": "MemoryInMB", + "type": "number" + }, + "TimeoutInSeconds": { + "markdownDescription": "How long the canary is allowed to run before it must stop. You can't set this time to be longer than the frequency of the runs of this canary.\n\nIf you omit this field, the frequency of the canary is used as this value, up to a maximum of 900 seconds.", + "title": "TimeoutInSeconds", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Synthetics::Canary.S3Encryption": { + "additionalProperties": false, + "properties": { + "EncryptionMode": { + "markdownDescription": "The encryption method to use for artifacts created by this canary. Specify `SSE_S3` to use server-side encryption (SSE) with an Amazon S3-managed key. Specify `SSE-KMS` to use server-side encryption with a customer-managed AWS KMS key.\n\nIf you omit this parameter, an AWS -managed AWS KMS key is used.", + "title": "EncryptionMode", + "type": "string" + }, + "KmsKeyArn": { + "markdownDescription": "The ARN of the customer-managed AWS KMS key to use, if you specify `SSE-KMS` for `EncryptionMode`", + "title": "KmsKeyArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Synthetics::Canary.Schedule": { + "additionalProperties": false, + "properties": { + "DurationInSeconds": { + "markdownDescription": "How long, in seconds, for the canary to continue making regular runs according to the schedule in the `Expression` value. If you specify 0, the canary continues making runs until you stop it. If you omit this field, the default of 0 is used.", + "title": "DurationInSeconds", + "type": "string" + }, + "Expression": { + "markdownDescription": "A `rate` expression or a `cron` expression that defines how often the canary is to run.\n\nFor a rate expression, The syntax is `rate( *number unit* )` . *unit* can be `minute` , `minutes` , or `hour` .\n\nFor example, `rate(1 minute)` runs the canary once a minute, `rate(10 minutes)` runs it once every 10 minutes, and `rate(1 hour)` runs it once every hour. You can specify a frequency between `rate(1 minute)` and `rate(1 hour)` .\n\nSpecifying `rate(0 minute)` or `rate(0 hour)` is a special value that causes the canary to run only once when it is started.\n\nUse `cron( *expression* )` to specify a cron expression. You can't schedule a canary to wait for more than a year before running. For information about the syntax for cron expressions, see [Scheduling canary runs using cron](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_cron.html) .", + "title": "Expression", + "type": "string" + }, + "RetryConfig": { + "$ref": "#/definitions/AWS::Synthetics::Canary.RetryConfig", + "markdownDescription": "The canary's retry configuration information.", + "title": "RetryConfig" + } + }, + "required": [ + "Expression" + ], + "type": "object" + }, + "AWS::Synthetics::Canary.VPCConfig": { + "additionalProperties": false, + "properties": { + "Ipv6AllowedForDualStack": { + "markdownDescription": "Set this to `true` to allow outbound IPv6 traffic on VPC canaries that are connected to dual-stack subnets. The default is `false` .", + "title": "Ipv6AllowedForDualStack", + "type": "boolean" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the security groups for this canary.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the subnets where this canary is to run.", + "title": "SubnetIds", + "type": "array" + }, + "VpcId": { + "markdownDescription": "The ID of the VPC where this canary is to run.", + "title": "VpcId", + "type": "string" + } + }, + "required": [ + "SecurityGroupIds", + "SubnetIds" + ], + "type": "object" + }, + "AWS::Synthetics::Canary.VisualReference": { + "additionalProperties": false, + "properties": { + "BaseCanaryRunId": { + "markdownDescription": "Specifies which canary run to use the screenshots from as the baseline for future visual monitoring with this canary. Valid values are `nextrun` to use the screenshots from the next run after this update is made, `lastrun` to use the screenshots from the most recent run before this update was made, or the value of `Id` in the [CanaryRun](https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_CanaryRun.html) from any past run of this canary.", + "title": "BaseCanaryRunId", + "type": "string" + }, + "BaseScreenshots": { + "items": { + "$ref": "#/definitions/AWS::Synthetics::Canary.BaseScreenshot" + }, + "markdownDescription": "An array of screenshots that are used as the baseline for comparisons during visual monitoring.", + "title": "BaseScreenshots", + "type": "array" + } + }, + "required": [ + "BaseCanaryRunId" + ], + "type": "object" + }, + "AWS::Synthetics::Group": { "additionalProperties": false, "properties": { "Condition": { @@ -260154,43 +310885,36 @@ "Properties": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The AWS Signer action permitted as part of cross-account permissions.", - "title": "Action", - "type": "string" - }, - "Principal": { - "markdownDescription": "The AWS principal receiving cross-account permissions. This may be an IAM role or another AWS account ID.", - "title": "Principal", - "type": "string" - }, - "ProfileName": { - "markdownDescription": "The human-readable name of the signing profile.", - "title": "ProfileName", + "Name": { + "markdownDescription": "A name for the group. It can include any Unicode characters.\n\nThe names for all groups in your account, across all Regions, must be unique.", + "title": "Name", "type": "string" }, - "ProfileVersion": { - "markdownDescription": "The version of the signing profile.", - "title": "ProfileVersion", - "type": "string" + "ResourceArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The ARNs of the canaries that you want to associate with this group.", + "title": "ResourceArns", + "type": "array" }, - "StatementId": { - "markdownDescription": "A unique identifier for the cross-account permission statement.", - "title": "StatementId", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of key-value pairs that are associated with the group.", + "title": "Tags", + "type": "array" } }, "required": [ - "Action", - "Principal", - "ProfileName", - "StatementId" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Signer::ProfilePermission" + "AWS::Synthetics::Group" ], "type": "string" }, @@ -260209,7 +310933,7 @@ ], "type": "object" }, - "AWS::Signer::SigningProfile": { + "AWS::SystemsManagerSAP::Application": { "additionalProperties": false, "properties": { "Condition": { @@ -260244,33 +310968,73 @@ "Properties": { "additionalProperties": false, "properties": { - "PlatformId": { - "markdownDescription": "The ID of a platform that is available for use by a signing profile.", - "title": "PlatformId", + "ApplicationId": { + "markdownDescription": "The ID of the application.", + "title": "ApplicationId", "type": "string" }, - "SignatureValidityPeriod": { - "$ref": "#/definitions/AWS::Signer::SigningProfile.SignatureValidityPeriod", - "markdownDescription": "The validity period override for any signature generated using this signing profile. If unspecified, the default is 135 months.", - "title": "SignatureValidityPeriod" + "ApplicationType": { + "markdownDescription": "The type of the application.", + "title": "ApplicationType", + "type": "string" + }, + "ComponentsInfo": { + "items": { + "$ref": "#/definitions/AWS::SystemsManagerSAP::Application.ComponentInfo" + }, + "markdownDescription": "", + "title": "ComponentsInfo", + "type": "array" + }, + "Credentials": { + "items": { + "$ref": "#/definitions/AWS::SystemsManagerSAP::Application.Credential" + }, + "markdownDescription": "The credentials of the SAP application.", + "title": "Credentials", + "type": "array" + }, + "DatabaseArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the database.", + "title": "DatabaseArn", + "type": "string" + }, + "Instances": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon EC2 instances on which your SAP application is running.", + "title": "Instances", + "type": "array" + }, + "SapInstanceNumber": { + "markdownDescription": "The SAP instance number of the application.", + "title": "SapInstanceNumber", + "type": "string" + }, + "Sid": { + "markdownDescription": "The System ID of the application.", + "title": "Sid", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tags associated with the signing profile.", + "markdownDescription": "The tags on the application.", "title": "Tags", "type": "array" } }, "required": [ - "PlatformId" + "ApplicationId", + "ApplicationType" ], "type": "object" }, "Type": { "enum": [ - "AWS::Signer::SigningProfile" + "AWS::SystemsManagerSAP::Application" ], "type": "string" }, @@ -260289,23 +311053,49 @@ ], "type": "object" }, - "AWS::Signer::SigningProfile.SignatureValidityPeriod": { + "AWS::SystemsManagerSAP::Application.ComponentInfo": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The time unit for signature validity: DAYS | MONTHS | YEARS.", - "title": "Type", + "ComponentType": { + "markdownDescription": "This string is the type of the component.\n\nAccepted value is `WD` .", + "title": "ComponentType", "type": "string" }, - "Value": { - "markdownDescription": "The numerical value of the time unit for signature validity.", - "title": "Value", - "type": "number" + "Ec2InstanceId": { + "markdownDescription": "This is the Amazon EC2 instance on which your SAP component is running.\n\nAccepted values are alphanumeric.", + "title": "Ec2InstanceId", + "type": "string" + }, + "Sid": { + "markdownDescription": "This string is the SAP System ID of the component.\n\nAccepted values are alphanumeric.", + "title": "Sid", + "type": "string" } }, "type": "object" }, - "AWS::SimSpaceWeaver::Simulation": { + "AWS::SystemsManagerSAP::Application.Credential": { + "additionalProperties": false, + "properties": { + "CredentialType": { + "markdownDescription": "The type of the application credentials.", + "title": "CredentialType", + "type": "string" + }, + "DatabaseName": { + "markdownDescription": "The name of the SAP HANA database.", + "title": "DatabaseName", + "type": "string" + }, + "SecretId": { + "markdownDescription": "The secret ID created in AWS Secrets Manager to store the credentials of the SAP application.", + "title": "SecretId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Timestream::Database": { "additionalProperties": false, "properties": { "Condition": { @@ -260340,41 +311130,30 @@ "Properties": { "additionalProperties": false, "properties": { - "MaximumDuration": { - "markdownDescription": "The maximum running time of the simulation, specified as a number of minutes (m or M), hours (h or H), or days (d or D). The simulation stops when it reaches this limit. The maximum value is `14D` , or its equivalent in the other units. The default value is `14D` . A value equivalent to `0` makes the simulation immediately transition to `STOPPING` as soon as it reaches `STARTED` .", - "title": "MaximumDuration", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the simulation.", - "title": "Name", + "DatabaseName": { + "markdownDescription": "The name of the Timestream database.\n\n*Length Constraints* : Minimum length of 3 bytes. Maximum length of 256 bytes.", + "title": "DatabaseName", "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management ( IAM ) role that the simulation assumes to perform actions. For more information about ARNs, see [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* . For more information about IAM roles, see [IAM roles](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html) in the *AWS Identity and Access Management User Guide* .", - "title": "RoleArn", + "KmsKeyId": { + "markdownDescription": "The identifier of the AWS KMS key used to encrypt the data stored in the database.", + "title": "KmsKeyId", "type": "string" }, - "SchemaS3Location": { - "$ref": "#/definitions/AWS::SimSpaceWeaver::Simulation.S3Location", - "markdownDescription": "The location of the simulation schema in Amazon Simple Storage Service ( Amazon S3 ). For more information about Amazon S3 , see the [*Amazon Simple Storage Service User Guide*](https://docs.aws.amazon.com/AmazonS3/latest/userguide/Welcome.html) .\n\nProvide a `SchemaS3Location` to start your simulation from a schema.\n\nIf you provide a `SchemaS3Location` then you can't provide a `SnapshotS3Location` .", - "title": "SchemaS3Location" - }, - "SnapshotS3Location": { - "$ref": "#/definitions/AWS::SimSpaceWeaver::Simulation.S3Location", - "markdownDescription": "The location of the snapshot in Amazon Simple Storage Service ( Amazon S3 ). For more information about Amazon S3 , see the [*Amazon Simple Storage Service User Guide*](https://docs.aws.amazon.com/AmazonS3/latest/userguide/Welcome.html) .\n\nProvide a `SnapshotS3Location` to start your simulation from a snapshot.\n\nIf you provide a `SnapshotS3Location` then you can't provide a `SchemaS3Location` .", - "title": "SnapshotS3Location" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to add to the database.", + "title": "Tags", + "type": "array" } }, - "required": [ - "Name", - "RoleArn" - ], "type": "object" }, "Type": { "enum": [ - "AWS::SimSpaceWeaver::Simulation" + "AWS::Timestream::Database" ], "type": "string" }, @@ -260388,32 +311167,11 @@ } }, "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::SimSpaceWeaver::Simulation.S3Location": { - "additionalProperties": false, - "properties": { - "BucketName": { - "markdownDescription": "The name of an Amazon S3 bucket. For more information about buckets, see [Creating, configuring, and working with Amazon S3 buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/creating-buckets-s3.html) in the *Amazon Simple Storage Service User Guide* .", - "title": "BucketName", - "type": "string" - }, - "ObjectKey": { - "markdownDescription": "The key name of an object in Amazon S3. For more information about Amazon S3 objects and object keys, see [Uploading, downloading, and working with objects in Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/userguide/uploading-downloading-objects.html) in the *Amazon Simple Storage Service User Guide* .", - "title": "ObjectKey", - "type": "string" - } - }, - "required": [ - "BucketName", - "ObjectKey" + "Type" ], "type": "object" }, - "AWS::StepFunctions::Activity": { + "AWS::Timestream::InfluxDBInstance": { "additionalProperties": false, "properties": { "Condition": { @@ -260448,28 +311206,106 @@ "Properties": { "additionalProperties": false, "properties": { + "AllocatedStorage": { + "markdownDescription": "The amount of storage to allocate for your DB storage type in GiB (gibibytes).", + "title": "AllocatedStorage", + "type": "number" + }, + "Bucket": { + "markdownDescription": "The name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization.", + "title": "Bucket", + "type": "string" + }, + "DbInstanceType": { + "markdownDescription": "The Timestream for InfluxDB DB instance type to run on.", + "title": "DbInstanceType", + "type": "string" + }, + "DbParameterGroupIdentifier": { + "markdownDescription": "The name or id of the DB parameter group to assign to your DB instance. DB parameter groups specify how the database is configured. For example, DB parameter groups can specify the limit for query concurrency.", + "title": "DbParameterGroupIdentifier", + "type": "string" + }, + "DbStorageType": { + "markdownDescription": "The Timestream for InfluxDB DB storage type to read and write InfluxDB data.\n\nYou can choose between 3 different types of provisioned Influx IOPS included storage according to your workloads requirements:\n\n- Influx IO Included 3000 IOPS\n- Influx IO Included 12000 IOPS\n- Influx IO Included 16000 IOPS", + "title": "DbStorageType", + "type": "string" + }, + "DeploymentType": { + "markdownDescription": "Specifies whether the Timestream for InfluxDB is deployed as Single-AZ or with a MultiAZ Standby for High availability.", + "title": "DeploymentType", + "type": "string" + }, + "LogDeliveryConfiguration": { + "$ref": "#/definitions/AWS::Timestream::InfluxDBInstance.LogDeliveryConfiguration", + "markdownDescription": "Configuration for sending InfluxDB engine logs to a specified S3 bucket.", + "title": "LogDeliveryConfiguration" + }, "Name": { - "markdownDescription": "The name of the activity.\n\nA name must *not* contain:\n\n- white space\n- brackets `< > { } [ ]`\n- wildcard characters `? *`\n- special characters `\" # % \\ ^ | ~ ` $ & , ; : /`\n- control characters ( `U+0000-001F` , `U+007F-009F` , `U+FFFE-FFFF` )\n- surrogates ( `U+D800-DFFF` )\n- invalid characters ( `U+10FFFF` )\n\nTo enable logging with CloudWatch Logs, the name should only contain 0-9, A-Z, a-z, - and _.", + "markdownDescription": "The name that uniquely identifies the DB instance when interacting with the Amazon Timestream for InfluxDB API and CLI commands. This name will also be a prefix included in the endpoint. DB instance names must be unique per customer and per region.", "title": "Name", "type": "string" }, + "NetworkType": { + "markdownDescription": "", + "title": "NetworkType", + "type": "string" + }, + "Organization": { + "markdownDescription": "The name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users.", + "title": "Organization", + "type": "string" + }, + "Password": { + "markdownDescription": "The password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. These attributes will be stored in a Secret created in Amazon SecretManager in your account.", + "title": "Password", + "type": "string" + }, + "Port": { + "markdownDescription": "", + "title": "Port", + "type": "number" + }, + "PubliclyAccessible": { + "markdownDescription": "Configures the DB instance with a public IP to facilitate access.", + "title": "PubliclyAccessible", + "type": "boolean" + }, "Tags": { "items": { - "$ref": "#/definitions/AWS::StepFunctions::Activity.TagsEntry" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The list of tags to add to a resource.\n\nTags may only contain Unicode letters, digits, white space, or these symbols: `_ . : / = + - @` .", + "markdownDescription": "A list of key-value pairs to associate with the DB instance.", "title": "Tags", "type": "array" + }, + "Username": { + "markdownDescription": "The username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. For example, my-user1. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. These attributes will be stored in a Secret created in Amazon Secrets Manager in your account.", + "title": "Username", + "type": "string" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of VPC security group IDs to associate with the DB instance.", + "title": "VpcSecurityGroupIds", + "type": "array" + }, + "VpcSubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of VPC subnet IDs to associate with the DB instance. Provide at least two VPC subnet IDs in different availability zones when deploying with a Multi-AZ standby.", + "title": "VpcSubnetIds", + "type": "array" } }, - "required": [ - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::StepFunctions::Activity" + "AWS::Timestream::InfluxDBInstance" ], "type": "string" }, @@ -260483,44 +311319,50 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::StepFunctions::Activity.TagsEntry": { + "AWS::Timestream::InfluxDBInstance.LogDeliveryConfiguration": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The `key` for a key-value pair in a tag entry.", - "title": "Key", + "S3Configuration": { + "$ref": "#/definitions/AWS::Timestream::InfluxDBInstance.S3Configuration", + "markdownDescription": "Configuration for S3 bucket log delivery", + "title": "S3Configuration" + } + }, + "required": [ + "S3Configuration" + ], + "type": "object" + }, + "AWS::Timestream::InfluxDBInstance.S3Configuration": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "The bucket name of the customer S3 bucket.", + "title": "BucketName", "type": "string" }, - "Value": { - "markdownDescription": "The `value` for a key-value pair in a tag entry.", - "title": "Value", - "type": "string" + "Enabled": { + "markdownDescription": "Indicates whether log delivery to the S3 bucket is enabled.", + "title": "Enabled", + "type": "boolean" } }, "required": [ - "Key", - "Value" + "BucketName", + "Enabled" ], "type": "object" }, - "AWS::StepFunctions::StateMachine": { + "AWS::Timestream::ScheduledQuery": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, - "Connectors": { - "additionalProperties": { - "$ref": "#/definitions/EmbeddedConnector" - }, - "title": "Connectors", - "type": "object" - }, "DeletionPolicy": { "enum": [ "Delete", @@ -260550,74 +311392,72 @@ "Properties": { "additionalProperties": false, "properties": { - "Definition": { - "markdownDescription": "The Amazon States Language definition of the state machine. The state machine definition must be in JSON or YAML, and the format of the object must match the format of your CloudFormation template file. See [Amazon States Language](https://docs.aws.amazon.com/step-functions/latest/dg/concepts-amazon-states-language.html) .", - "title": "Definition", - "type": "object" + "ClientToken": { + "markdownDescription": "Using a ClientToken makes the call to CreateScheduledQuery idempotent, in other words, making the same request repeatedly will produce the same result. Making multiple identical CreateScheduledQuery requests has the same effect as making a single request.\n\n- If CreateScheduledQuery is called without a `ClientToken` , the Query SDK generates a `ClientToken` on your behalf.\n- After 8 hours, any request with the same `ClientToken` is treated as a new request.", + "title": "ClientToken", + "type": "string" }, - "DefinitionS3Location": { - "$ref": "#/definitions/AWS::StepFunctions::StateMachine.S3Location", - "markdownDescription": "The name of the S3 bucket where the state machine definition is stored. The state machine definition must be a JSON or YAML file.", - "title": "DefinitionS3Location" + "ErrorReportConfiguration": { + "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.ErrorReportConfiguration", + "markdownDescription": "Configuration for error reporting. Error reports will be generated when a problem is encountered when writing the query results.", + "title": "ErrorReportConfiguration" }, - "DefinitionString": { - "markdownDescription": "The Amazon States Language definition of the state machine. The state machine definition must be in JSON. See [Amazon States Language](https://docs.aws.amazon.com/step-functions/latest/dg/concepts-amazon-states-language.html) .", - "title": "DefinitionString", + "KmsKeyId": { + "markdownDescription": "The Amazon KMS key used to encrypt the scheduled query resource, at-rest. If the Amazon KMS key is not specified, the scheduled query resource will be encrypted with a Timestream owned Amazon KMS key. To specify a KMS key, use the key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix the name with *alias/*\n\nIf ErrorReportConfiguration uses `SSE_KMS` as encryption type, the same KmsKeyId is used to encrypt the error report at rest.", + "title": "KmsKeyId", "type": "string" }, - "DefinitionSubstitutions": { - "additionalProperties": true, - "markdownDescription": "A map (string to string) that specifies the mappings for placeholder variables in the state machine definition. This enables the customer to inject values obtained at runtime, for example from intrinsic functions, in the state machine definition. Variables can be template parameter names, resource logical IDs, resource attributes, or a variable in a key-value map.\n\nSubstitutions must follow the syntax: `${key_name}` or `${variable_1,variable_2,...}` .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "object" - } - }, - "title": "DefinitionSubstitutions", - "type": "object" - }, - "LoggingConfiguration": { - "$ref": "#/definitions/AWS::StepFunctions::StateMachine.LoggingConfiguration", - "markdownDescription": "Defines what execution history events are logged and where they are logged.\n\n> By default, the `level` is set to `OFF` . For more information see [Log Levels](https://docs.aws.amazon.com/step-functions/latest/dg/cloudwatch-log-level.html) in the AWS Step Functions User Guide.", - "title": "LoggingConfiguration" + "NotificationConfiguration": { + "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.NotificationConfiguration", + "markdownDescription": "Notification configuration for the scheduled query. A notification is sent by Timestream when a query run finishes, when the state is updated or when you delete it.", + "title": "NotificationConfiguration" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to use for this state machine.", - "title": "RoleArn", + "QueryString": { + "markdownDescription": "The query string to run. Parameter names can be specified in the query string `@` character followed by an identifier. The named Parameter `@scheduled_runtime` is reserved and can be used in the query to get the time at which the query is scheduled to run.\n\nThe timestamp calculated according to the ScheduleConfiguration parameter, will be the value of `@scheduled_runtime` paramater for each query run. For example, consider an instance of a scheduled query executing on 2021-12-01 00:00:00. For this instance, the `@scheduled_runtime` parameter is initialized to the timestamp 2021-12-01 00:00:00 when invoking the query.", + "title": "QueryString", "type": "string" }, - "StateMachineName": { - "markdownDescription": "The name of the state machine.\n\nA name must *not* contain:\n\n- white space\n- brackets `< > { } [ ]`\n- wildcard characters `? *`\n- special characters `\" # % \\ ^ | ~ ` $ & , ; : /`\n- control characters ( `U+0000-001F` , `U+007F-009F` )\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "StateMachineName", + "ScheduleConfiguration": { + "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.ScheduleConfiguration", + "markdownDescription": "Schedule configuration.", + "title": "ScheduleConfiguration" + }, + "ScheduledQueryExecutionRoleArn": { + "markdownDescription": "The ARN for the IAM role that Timestream will assume when running the scheduled query.", + "title": "ScheduledQueryExecutionRoleArn", "type": "string" }, - "StateMachineType": { - "markdownDescription": "Determines whether a `STANDARD` or `EXPRESS` state machine is created. The default is `STANDARD` . You cannot update the `type` of a state machine once it has been created. For more information on `STANDARD` and `EXPRESS` workflows, see [Standard Versus Express Workflows](https://docs.aws.amazon.com/step-functions/latest/dg/concepts-standard-vs-express.html) in the AWS Step Functions Developer Guide.", - "title": "StateMachineType", + "ScheduledQueryName": { + "markdownDescription": "A name for the query. Scheduled query names must be unique within each Region.", + "title": "ScheduledQueryName", "type": "string" }, "Tags": { "items": { - "$ref": "#/definitions/AWS::StepFunctions::StateMachine.TagsEntry" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The list of tags to add to a resource.\n\nTags may only contain Unicode letters, digits, white space, or these symbols: `_ . : / = + - @` .", + "markdownDescription": "A list of key-value pairs to label the scheduled query.", "title": "Tags", "type": "array" }, - "TracingConfiguration": { - "$ref": "#/definitions/AWS::StepFunctions::StateMachine.TracingConfiguration", - "markdownDescription": "Selects whether or not the state machine's AWS X-Ray tracing is enabled.", - "title": "TracingConfiguration" + "TargetConfiguration": { + "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.TargetConfiguration", + "markdownDescription": "Scheduled query target store configuration.", + "title": "TargetConfiguration" } }, "required": [ - "RoleArn" + "ErrorReportConfiguration", + "NotificationConfiguration", + "QueryString", + "ScheduleConfiguration", + "ScheduledQueryExecutionRoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::StepFunctions::StateMachine" + "AWS::Timestream::ScheduledQuery" ], "type": "string" }, @@ -260636,109 +311476,258 @@ ], "type": "object" }, - "AWS::StepFunctions::StateMachine.CloudWatchLogsLogGroup": { + "AWS::Timestream::ScheduledQuery.DimensionMapping": { "additionalProperties": false, "properties": { - "LogGroupArn": { - "markdownDescription": "The ARN of the the CloudWatch log group to which you want your logs emitted to. The ARN must end with `:*`", - "title": "LogGroupArn", + "DimensionValueType": { + "markdownDescription": "Type for the dimension: VARCHAR", + "title": "DimensionValueType", + "type": "string" + }, + "Name": { + "markdownDescription": "Column name from query result.", + "title": "Name", "type": "string" } }, + "required": [ + "DimensionValueType", + "Name" + ], "type": "object" }, - "AWS::StepFunctions::StateMachine.LogDestination": { + "AWS::Timestream::ScheduledQuery.ErrorReportConfiguration": { "additionalProperties": false, "properties": { - "CloudWatchLogsLogGroup": { - "$ref": "#/definitions/AWS::StepFunctions::StateMachine.CloudWatchLogsLogGroup", - "markdownDescription": "An object describing a CloudWatch log group. For more information, see [AWS::Logs::LogGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-logs-loggroup.html) in the AWS CloudFormation User Guide.", - "title": "CloudWatchLogsLogGroup" + "S3Configuration": { + "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.S3Configuration", + "markdownDescription": "The S3 configuration for the error reports.", + "title": "S3Configuration" } }, + "required": [ + "S3Configuration" + ], "type": "object" }, - "AWS::StepFunctions::StateMachine.LoggingConfiguration": { + "AWS::Timestream::ScheduledQuery.MixedMeasureMapping": { "additionalProperties": false, "properties": { - "Destinations": { + "MeasureName": { + "markdownDescription": "Refers to the value of measure_name in a result row. This field is required if MeasureNameColumn is provided.", + "title": "MeasureName", + "type": "string" + }, + "MeasureValueType": { + "markdownDescription": "Type of the value that is to be read from sourceColumn. If the mapping is for MULTI, use MeasureValueType.MULTI.", + "title": "MeasureValueType", + "type": "string" + }, + "MultiMeasureAttributeMappings": { "items": { - "$ref": "#/definitions/AWS::StepFunctions::StateMachine.LogDestination" + "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.MultiMeasureAttributeMapping" }, - "markdownDescription": "An array of objects that describes where your execution history events will be logged. Limited to size 1. Required, if your log level is not set to `OFF` .", - "title": "Destinations", + "markdownDescription": "Required when measureValueType is MULTI. Attribute mappings for MULTI value measures.", + "title": "MultiMeasureAttributeMappings", "type": "array" }, - "IncludeExecutionData": { - "markdownDescription": "Determines whether execution data is included in your log. When set to `false` , data is excluded.", - "title": "IncludeExecutionData", - "type": "boolean" + "SourceColumn": { + "markdownDescription": "This field refers to the source column from which measure-value is to be read for result materialization.", + "title": "SourceColumn", + "type": "string" }, - "Level": { - "markdownDescription": "Defines which category of execution history events are logged.", - "title": "Level", + "TargetMeasureName": { + "markdownDescription": "Target measure name to be used. If not provided, the target measure name by default would be measure-name if provided, or sourceColumn otherwise.", + "title": "TargetMeasureName", "type": "string" } }, + "required": [ + "MeasureValueType" + ], "type": "object" }, - "AWS::StepFunctions::StateMachine.S3Location": { + "AWS::Timestream::ScheduledQuery.MultiMeasureAttributeMapping": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The name of the S3 bucket where the state machine definition JSON or YAML file is stored.", - "title": "Bucket", + "MeasureValueType": { + "markdownDescription": "Type of the attribute to be read from the source column.", + "title": "MeasureValueType", "type": "string" }, - "Key": { - "markdownDescription": "The name of the state machine definition file (Amazon S3 object name).", - "title": "Key", + "SourceColumn": { + "markdownDescription": "Source column from where the attribute value is to be read.", + "title": "SourceColumn", "type": "string" }, - "Version": { - "markdownDescription": "For versioning-enabled buckets, a specific version of the state machine definition.", - "title": "Version", + "TargetMultiMeasureAttributeName": { + "markdownDescription": "Custom name to be used for attribute name in derived table. If not provided, source column name would be used.", + "title": "TargetMultiMeasureAttributeName", "type": "string" } }, "required": [ - "Bucket", - "Key" + "MeasureValueType", + "SourceColumn" ], "type": "object" }, - "AWS::StepFunctions::StateMachine.TagsEntry": { + "AWS::Timestream::ScheduledQuery.MultiMeasureMappings": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The `key` for a key-value pair in a tag entry.", - "title": "Key", + "MultiMeasureAttributeMappings": { + "items": { + "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.MultiMeasureAttributeMapping" + }, + "markdownDescription": "Required. Attribute mappings to be used for mapping query results to ingest data for multi-measure attributes.", + "title": "MultiMeasureAttributeMappings", + "type": "array" + }, + "TargetMultiMeasureName": { + "markdownDescription": "The name of the target multi-measure name in the derived table. This input is required when measureNameColumn is not provided. If MeasureNameColumn is provided, then value from that column will be used as multi-measure name.", + "title": "TargetMultiMeasureName", + "type": "string" + } + }, + "required": [ + "MultiMeasureAttributeMappings" + ], + "type": "object" + }, + "AWS::Timestream::ScheduledQuery.NotificationConfiguration": { + "additionalProperties": false, + "properties": { + "SnsConfiguration": { + "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.SnsConfiguration", + "markdownDescription": "Details on SNS configuration.", + "title": "SnsConfiguration" + } + }, + "required": [ + "SnsConfiguration" + ], + "type": "object" + }, + "AWS::Timestream::ScheduledQuery.S3Configuration": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "Name of the S3 bucket under which error reports will be created.", + "title": "BucketName", "type": "string" }, - "Value": { - "markdownDescription": "The `value` for a key-value pair in a tag entry.", - "title": "Value", + "EncryptionOption": { + "markdownDescription": "Encryption at rest options for the error reports. If no encryption option is specified, Timestream will choose SSE_S3 as default.", + "title": "EncryptionOption", + "type": "string" + }, + "ObjectKeyPrefix": { + "markdownDescription": "Prefix for the error report key. Timestream by default adds the following prefix to the error report path.", + "title": "ObjectKeyPrefix", "type": "string" } }, "required": [ - "Key", - "Value" + "BucketName" ], "type": "object" }, - "AWS::StepFunctions::StateMachine.TracingConfiguration": { + "AWS::Timestream::ScheduledQuery.ScheduleConfiguration": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "When set to `true` , X-Ray tracing is enabled.", - "title": "Enabled", - "type": "boolean" + "ScheduleExpression": { + "markdownDescription": "An expression that denotes when to trigger the scheduled query run. This can be a cron expression or a rate expression.", + "title": "ScheduleExpression", + "type": "string" } }, + "required": [ + "ScheduleExpression" + ], "type": "object" }, - "AWS::StepFunctions::StateMachineAlias": { + "AWS::Timestream::ScheduledQuery.SnsConfiguration": { + "additionalProperties": false, + "properties": { + "TopicArn": { + "markdownDescription": "SNS topic ARN that the scheduled query status notifications will be sent to.", + "title": "TopicArn", + "type": "string" + } + }, + "required": [ + "TopicArn" + ], + "type": "object" + }, + "AWS::Timestream::ScheduledQuery.TargetConfiguration": { + "additionalProperties": false, + "properties": { + "TimestreamConfiguration": { + "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.TimestreamConfiguration", + "markdownDescription": "Configuration needed to write data into the Timestream database and table.", + "title": "TimestreamConfiguration" + } + }, + "required": [ + "TimestreamConfiguration" + ], + "type": "object" + }, + "AWS::Timestream::ScheduledQuery.TimestreamConfiguration": { + "additionalProperties": false, + "properties": { + "DatabaseName": { + "markdownDescription": "Name of Timestream database to which the query result will be written.", + "title": "DatabaseName", + "type": "string" + }, + "DimensionMappings": { + "items": { + "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.DimensionMapping" + }, + "markdownDescription": "This is to allow mapping column(s) from the query result to the dimension in the destination table.", + "title": "DimensionMappings", + "type": "array" + }, + "MeasureNameColumn": { + "markdownDescription": "Name of the measure column. Also see `MultiMeasureMappings` and `MixedMeasureMappings` for how measure name properties on those relate to `MeasureNameColumn` .", + "title": "MeasureNameColumn", + "type": "string" + }, + "MixedMeasureMappings": { + "items": { + "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.MixedMeasureMapping" + }, + "markdownDescription": "Specifies how to map measures to multi-measure records.", + "title": "MixedMeasureMappings", + "type": "array" + }, + "MultiMeasureMappings": { + "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.MultiMeasureMappings", + "markdownDescription": "Multi-measure mappings.", + "title": "MultiMeasureMappings" + }, + "TableName": { + "markdownDescription": "Name of Timestream table that the query result will be written to. The table should be within the same database that is provided in Timestream configuration.", + "title": "TableName", + "type": "string" + }, + "TimeColumn": { + "markdownDescription": "Column from query result that should be used as the time column in destination table. Column type for this should be TIMESTAMP.", + "title": "TimeColumn", + "type": "string" + } + }, + "required": [ + "DatabaseName", + "DimensionMappings", + "TableName", + "TimeColumn" + ], + "type": "object" + }, + "AWS::Timestream::Table": { "additionalProperties": false, "properties": { "Condition": { @@ -260773,35 +311762,48 @@ "Properties": { "additionalProperties": false, "properties": { - "DeploymentPreference": { - "$ref": "#/definitions/AWS::StepFunctions::StateMachineAlias.DeploymentPreference", - "markdownDescription": "The settings that enable gradual state machine deployments. These settings include [Alarms](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-alarms) , [Interval](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-interval) , [Percentage](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-percentage) , [StateMachineVersionArn](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-statemachineversionarn) , and [Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-type) .\n\nCloudFormation automatically shifts traffic from the version an alias currently points to, to a new state machine version that you specify.\n\n> `RoutingConfiguration` and `DeploymentPreference` are mutually exclusive properties. You must define only one of these properties. \n\nBased on the type of deployment you want to perform, you can specify one of the following settings:\n\n- `LINEAR` - Shifts traffic to the new version in equal increments with an equal number of minutes between each increment.\n\nFor example, if you specify the increment percent as `20` with an interval of `600` minutes, this deployment increases traffic by 20 percent every 600 minutes until the new version receives 100 percent of the traffic. This deployment immediately rolls back the new version if any Amazon CloudWatch alarms are triggered.\n- `ALL_AT_ONCE` - Shifts 100 percent of traffic to the new version immediately. CloudFormation monitors the new version and rolls it back automatically to the previous version if any CloudWatch alarms are triggered.\n- `CANARY` - Shifts traffic in two increments.\n\nIn the first increment, a small percentage of traffic, for example, 10 percent is shifted to the new version. In the second increment, before a specified time interval in seconds gets over, the remaining traffic is shifted to the new version. The shift to the new version for the remaining traffic takes place only if no CloudWatch alarms are triggered during the specified time interval.", - "title": "DeploymentPreference" - }, - "Description": { - "markdownDescription": "An optional description of the state machine alias.", - "title": "Description", + "DatabaseName": { + "markdownDescription": "The name of the Timestream database that contains this table.\n\n*Length Constraints* : Minimum length of 3 bytes. Maximum length of 256 bytes.", + "title": "DatabaseName", "type": "string" }, - "Name": { - "markdownDescription": "The name of the state machine alias. If you don't provide a name, it uses an automatically generated name based on the logical ID.", - "title": "Name", + "MagneticStoreWriteProperties": { + "$ref": "#/definitions/AWS::Timestream::Table.MagneticStoreWriteProperties", + "markdownDescription": "Contains properties to set on the table when enabling magnetic store writes.\n\nThis object has the following attributes:\n\n- *EnableMagneticStoreWrites* : A `boolean` flag to enable magnetic store writes.\n- *MagneticStoreRejectedDataLocation* : The location to write error reports for records rejected, asynchronously, during magnetic store writes. Only `S3Configuration` objects are allowed. The `S3Configuration` object has the following attributes:\n\n- *BucketName* : The name of the S3 bucket.\n- *EncryptionOption* : The encryption option for the S3 location. Valid values are S3 server-side encryption with an S3 managed key ( `SSE_S3` ) or AWS managed key ( `SSE_KMS` ).\n- *KmsKeyId* : The AWS KMS key ID to use when encrypting with an AWS managed key.\n- *ObjectKeyPrefix* : The prefix to use option for the objects stored in S3.\n\nBoth `BucketName` and `EncryptionOption` are *required* when `S3Configuration` is specified. If you specify `SSE_KMS` as your `EncryptionOption` then `KmsKeyId` is *required* .\n\n`EnableMagneticStoreWrites` attribute is *required* when `MagneticStoreWriteProperties` is specified. `MagneticStoreRejectedDataLocation` attribute is *required* when `EnableMagneticStoreWrites` is set to `true` .\n\nSee the following examples:\n\n*JSON*\n\n```json\n{ \"Type\" : AWS::Timestream::Table\", \"Properties\":{ \"DatabaseName\":\"TestDatabase\", \"TableName\":\"TestTable\", \"MagneticStoreWriteProperties\":{ \"EnableMagneticStoreWrites\":true, \"MagneticStoreRejectedDataLocation\":{ \"S3Configuration\":{ \"BucketName\":\" amzn-s3-demo-bucket \", \"EncryptionOption\":\"SSE_KMS\", \"KmsKeyId\":\"1234abcd-12ab-34cd-56ef-1234567890ab\", \"ObjectKeyPrefix\":\"prefix\" } } } }\n}\n```\n\n*YAML*\n\n```\nType: AWS::Timestream::Table\nDependsOn: TestDatabase\nProperties: TableName: \"TestTable\" DatabaseName: \"TestDatabase\" MagneticStoreWriteProperties: EnableMagneticStoreWrites: true MagneticStoreRejectedDataLocation: S3Configuration: BucketName: \" amzn-s3-demo-bucket \" EncryptionOption: \"SSE_KMS\" KmsKeyId: \"1234abcd-12ab-34cd-56ef-1234567890ab\" ObjectKeyPrefix: \"prefix\"\n```", + "title": "MagneticStoreWriteProperties" + }, + "RetentionProperties": { + "$ref": "#/definitions/AWS::Timestream::Table.RetentionProperties", + "markdownDescription": "The retention duration for the memory store and magnetic store. This object has the following attributes:\n\n- *MemoryStoreRetentionPeriodInHours* : Retention duration for memory store, in hours.\n- *MagneticStoreRetentionPeriodInDays* : Retention duration for magnetic store, in days.\n\nBoth attributes are of type `string` . Both attributes are *required* when `RetentionProperties` is specified.\n\nSee the following examples:\n\n*JSON*\n\n`{ \"Type\" : AWS::Timestream::Table\", \"Properties\" : { \"DatabaseName\" : \"TestDatabase\", \"TableName\" : \"TestTable\", \"RetentionProperties\" : { \"MemoryStoreRetentionPeriodInHours\": \"24\", \"MagneticStoreRetentionPeriodInDays\": \"7\" } } }` \n\n*YAML*\n\n```\nType: AWS::Timestream::Table\nDependsOn: TestDatabase\nProperties: TableName: \"TestTable\" DatabaseName: \"TestDatabase\" RetentionProperties: MemoryStoreRetentionPeriodInHours: \"24\" MagneticStoreRetentionPeriodInDays: \"7\"\n```", + "title": "RetentionProperties" + }, + "Schema": { + "$ref": "#/definitions/AWS::Timestream::Table.Schema", + "markdownDescription": "The schema of the table.", + "title": "Schema" + }, + "TableName": { + "markdownDescription": "The name of the Timestream table.\n\n*Length Constraints* : Minimum length of 3 bytes. Maximum length of 256 bytes.", + "title": "TableName", "type": "string" }, - "RoutingConfiguration": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::StepFunctions::StateMachineAlias.RoutingConfigurationVersion" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The routing configuration of an alias. Routing configuration splits [StartExecution](https://docs.aws.amazon.com/step-functions/latest/apireference/API_StartExecution.html) requests between one or two versions of the same state machine.\n\nUse `RoutingConfiguration` if you want to explicitly set the alias [weights](https://docs.aws.amazon.com/step-functions/latest/apireference/API_RoutingConfigurationListItem.html#StepFunctions-Type-RoutingConfigurationListItem-weight) . Weight is the percentage of traffic you want to route to a state machine version.\n\n> `RoutingConfiguration` and `DeploymentPreference` are mutually exclusive properties. You must define only one of these properties.", - "title": "RoutingConfiguration", + "markdownDescription": "The tags to add to the table", + "title": "Tags", "type": "array" } }, + "required": [ + "DatabaseName" + ], "type": "object" }, "Type": { "enum": [ - "AWS::StepFunctions::StateMachineAlias" + "AWS::Timestream::Table" ], "type": "string" }, @@ -260815,69 +311817,126 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::StepFunctions::StateMachineAlias.DeploymentPreference": { + "AWS::Timestream::Table.MagneticStoreRejectedDataLocation": { "additionalProperties": false, "properties": { - "Alarms": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of Amazon CloudWatch alarm names to be monitored during the deployment. The deployment fails and rolls back if any of these alarms go into the `ALARM` state.\n\n> Amazon CloudWatch considers nonexistent alarms to have an `OK` state. If you provide an invalid alarm name or provide the ARN of an alarm instead of its name, your deployment may not roll back correctly.", - "title": "Alarms", - "type": "array" - }, - "Interval": { - "markdownDescription": "The time in minutes between each traffic shifting increment.", - "title": "Interval", - "type": "number" + "S3Configuration": { + "$ref": "#/definitions/AWS::Timestream::Table.S3Configuration", + "markdownDescription": "Configuration of an S3 location to write error reports for records rejected, asynchronously, during magnetic store writes.", + "title": "S3Configuration" + } + }, + "type": "object" + }, + "AWS::Timestream::Table.MagneticStoreWriteProperties": { + "additionalProperties": false, + "properties": { + "EnableMagneticStoreWrites": { + "markdownDescription": "A flag to enable magnetic store writes.", + "title": "EnableMagneticStoreWrites", + "type": "boolean" }, - "Percentage": { - "markdownDescription": "The percentage of traffic to shift to the new version in each increment.", - "title": "Percentage", - "type": "number" + "MagneticStoreRejectedDataLocation": { + "$ref": "#/definitions/AWS::Timestream::Table.MagneticStoreRejectedDataLocation", + "markdownDescription": "The location to write error reports for records rejected asynchronously during magnetic store writes.", + "title": "MagneticStoreRejectedDataLocation" + } + }, + "required": [ + "EnableMagneticStoreWrites" + ], + "type": "object" + }, + "AWS::Timestream::Table.PartitionKey": { + "additionalProperties": false, + "properties": { + "EnforcementInRecord": { + "markdownDescription": "The level of enforcement for the specification of a dimension key in ingested records. Options are REQUIRED (dimension key must be specified) and OPTIONAL (dimension key does not have to be specified).", + "title": "EnforcementInRecord", + "type": "string" }, - "StateMachineVersionArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the [`AWS::StepFunctions::StateMachineVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-stepfunctions-statemachineversion.html) resource that will be the final version to which the alias points to when the traffic shifting is complete.\n\nWhile performing gradual deployments, you can only provide a single state machine version ARN. To explicitly set version weights in a CloudFormation template, use `RoutingConfiguration` instead.", - "title": "StateMachineVersionArn", + "Name": { + "markdownDescription": "The name of the attribute used for a dimension key.", + "title": "Name", "type": "string" }, "Type": { - "markdownDescription": "The type of deployment you want to perform. You can specify one of the following types:\n\n- `LINEAR` - Shifts traffic to the new version in equal increments with an equal number of minutes between each increment.\n\nFor example, if you specify the increment percent as `20` with an interval of `600` minutes, this deployment increases traffic by 20 percent every 600 minutes until the new version receives 100 percent of the traffic. This deployment immediately rolls back the new version if any CloudWatch alarms are triggered.\n- `ALL_AT_ONCE` - Shifts 100 percent of traffic to the new version immediately. CloudFormation monitors the new version and rolls it back automatically to the previous version if any CloudWatch alarms are triggered.\n- `CANARY` - Shifts traffic in two increments.\n\nIn the first increment, a small percentage of traffic, for example, 10 percent is shifted to the new version. In the second increment, before a specified time interval in seconds gets over, the remaining traffic is shifted to the new version. The shift to the new version for the remaining traffic takes place only if no CloudWatch alarms are triggered during the specified time interval.", + "markdownDescription": "The type of the partition key. Options are DIMENSION (dimension key) and MEASURE (measure key).", "title": "Type", "type": "string" } }, "required": [ - "StateMachineVersionArn", "Type" ], "type": "object" }, - "AWS::StepFunctions::StateMachineAlias.RoutingConfigurationVersion": { + "AWS::Timestream::Table.RetentionProperties": { "additionalProperties": false, "properties": { - "StateMachineVersionArn": { - "markdownDescription": "The Amazon Resource Name (ARN) that identifies one or two state machine versions defined in the routing configuration.\n\nIf you specify the ARN of a second version, it must belong to the same state machine as the first version.", - "title": "StateMachineVersionArn", + "MagneticStoreRetentionPeriodInDays": { + "markdownDescription": "The duration for which data must be stored in the magnetic store.", + "title": "MagneticStoreRetentionPeriodInDays", "type": "string" }, - "Weight": { - "markdownDescription": "The percentage of traffic you want to route to the state machine version. The sum of the weights in the routing configuration must be equal to 100.", - "title": "Weight", - "type": "number" + "MemoryStoreRetentionPeriodInHours": { + "markdownDescription": "The duration for which data must be stored in the memory store.", + "title": "MemoryStoreRetentionPeriodInHours", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Timestream::Table.S3Configuration": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "The bucket name of the customer S3 bucket.", + "title": "BucketName", + "type": "string" + }, + "EncryptionOption": { + "markdownDescription": "The encryption option for the customer S3 location. Options are S3 server-side encryption with an S3 managed key or AWS managed key.", + "title": "EncryptionOption", + "type": "string" + }, + "KmsKeyId": { + "markdownDescription": "The AWS KMS key ID for the customer S3 location when encrypting with an AWS managed key.", + "title": "KmsKeyId", + "type": "string" + }, + "ObjectKeyPrefix": { + "markdownDescription": "The object key preview for the customer S3 location.", + "title": "ObjectKeyPrefix", + "type": "string" } }, "required": [ - "StateMachineVersionArn", - "Weight" + "BucketName", + "EncryptionOption" ], "type": "object" }, - "AWS::StepFunctions::StateMachineVersion": { + "AWS::Timestream::Table.Schema": { + "additionalProperties": false, + "properties": { + "CompositePartitionKey": { + "items": { + "$ref": "#/definitions/AWS::Timestream::Table.PartitionKey" + }, + "markdownDescription": "A non-empty list of partition keys defining the attributes used to partition the table data. The order of the list determines the partition hierarchy. The name and type of each partition key as well as the partition key order cannot be changed after the table is created. However, the enforcement level of each partition key can be changed.", + "title": "CompositePartitionKey", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Transfer::Agreement": { "additionalProperties": false, "properties": { "Condition": { @@ -260912,30 +311971,76 @@ "Properties": { "additionalProperties": false, "properties": { + "AccessRole": { + "markdownDescription": "Connectors are used to send files using either the AS2 or SFTP protocol. For the access role, provide the Amazon Resource Name (ARN) of the AWS Identity and Access Management role to use.\n\n*For AS2 connectors*\n\nWith AS2, you can send files by calling `StartFileTransfer` and specifying the file paths in the request parameter, `SendFilePaths` . We use the file\u2019s parent directory (for example, for `--send-file-paths /bucket/dir/file.txt` , parent directory is `/bucket/dir/` ) to temporarily store a processed AS2 message file, store the MDN when we receive them from the partner, and write a final JSON file containing relevant metadata of the transmission. So, the `AccessRole` needs to provide read and write access to the parent directory of the file location used in the `StartFileTransfer` request. Additionally, you need to provide read and write access to the parent directory of the files that you intend to send with `StartFileTransfer` .\n\nIf you are using Basic authentication for your AS2 connector, the access role requires the `secretsmanager:GetSecretValue` permission for the secret. If the secret is encrypted using a customer-managed key instead of the AWS managed key in Secrets Manager, then the role also needs the `kms:Decrypt` permission for that key.\n\n*For SFTP connectors*\n\nMake sure that the access role provides read and write access to the parent directory of the file location that's used in the `StartFileTransfer` request. Additionally, make sure that the role provides `secretsmanager:GetSecretValue` permission to AWS Secrets Manager .", + "title": "AccessRole", + "type": "string" + }, + "BaseDirectory": { + "markdownDescription": "The landing directory (folder) for files that are transferred by using the AS2 protocol.", + "title": "BaseDirectory", + "type": "string" + }, + "CustomDirectories": { + "$ref": "#/definitions/AWS::Transfer::Agreement.CustomDirectories", + "markdownDescription": "A `CustomDirectoriesType` structure. This structure specifies custom directories for storing various AS2 message files. You can specify directories for the following types of files.\n\n- Failed files\n- MDN files\n- Payload files\n- Status files\n- Temporary files", + "title": "CustomDirectories" + }, "Description": { - "markdownDescription": "An optional description of the state machine version.", + "markdownDescription": "The name or short description that's used to identify the agreement.", "title": "Description", "type": "string" }, - "StateMachineArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the state machine.", - "title": "StateMachineArn", + "EnforceMessageSigning": { + "markdownDescription": "Determines whether or not unsigned messages from your trading partners will be accepted.\n\n- `ENABLED` : Transfer Family rejects unsigned messages from your trading partner.\n- `DISABLED` (default value): Transfer Family accepts unsigned messages from your trading partner.", + "title": "EnforceMessageSigning", "type": "string" }, - "StateMachineRevisionId": { - "markdownDescription": "Identifier for a state machine revision, which is an immutable, read-only snapshot of a state machine\u2019s definition and configuration.\n\nOnly publish the state machine version if the current state machine's revision ID matches the specified ID. Use this option to avoid publishing a version if the state machine has changed since you last updated it.\n\nTo specify the initial state machine revision, set the value as `INITIAL` .", - "title": "StateMachineRevisionId", + "LocalProfileId": { + "markdownDescription": "A unique identifier for the AS2 local profile.", + "title": "LocalProfileId", + "type": "string" + }, + "PartnerProfileId": { + "markdownDescription": "A unique identifier for the partner profile used in the agreement.", + "title": "PartnerProfileId", + "type": "string" + }, + "PreserveFilename": { + "markdownDescription": "Determines whether or not Transfer Family appends a unique string of characters to the end of the AS2 message payload filename when saving it.\n\n- `ENABLED` : the filename provided by your trading parter is preserved when the file is saved.\n- `DISABLED` (default value): when Transfer Family saves the file, the filename is adjusted, as described in [File names and locations](https://docs.aws.amazon.com/transfer/latest/userguide/send-as2-messages.html#file-names-as2) .", + "title": "PreserveFilename", + "type": "string" + }, + "ServerId": { + "markdownDescription": "A system-assigned unique identifier for a server instance. This identifier indicates the specific server that the agreement uses.", + "title": "ServerId", + "type": "string" + }, + "Status": { + "markdownDescription": "The current status of the agreement, either `ACTIVE` or `INACTIVE` .", + "title": "Status", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Key-value pairs that can be used to group and search for agreements.", + "title": "Tags", + "type": "array" } }, "required": [ - "StateMachineArn" + "AccessRole", + "LocalProfileId", + "PartnerProfileId", + "ServerId" ], "type": "object" }, "Type": { "enum": [ - "AWS::StepFunctions::StateMachineVersion" + "AWS::Transfer::Agreement" ], "type": "string" }, @@ -260954,7 +312059,45 @@ ], "type": "object" }, - "AWS::SupportApp::AccountAlias": { + "AWS::Transfer::Agreement.CustomDirectories": { + "additionalProperties": false, + "properties": { + "FailedFilesDirectory": { + "markdownDescription": "", + "title": "FailedFilesDirectory", + "type": "string" + }, + "MdnFilesDirectory": { + "markdownDescription": "", + "title": "MdnFilesDirectory", + "type": "string" + }, + "PayloadFilesDirectory": { + "markdownDescription": "", + "title": "PayloadFilesDirectory", + "type": "string" + }, + "StatusFilesDirectory": { + "markdownDescription": "", + "title": "StatusFilesDirectory", + "type": "string" + }, + "TemporaryFilesDirectory": { + "markdownDescription": "", + "title": "TemporaryFilesDirectory", + "type": "string" + } + }, + "required": [ + "FailedFilesDirectory", + "MdnFilesDirectory", + "PayloadFilesDirectory", + "StatusFilesDirectory", + "TemporaryFilesDirectory" + ], + "type": "object" + }, + "AWS::Transfer::Certificate": { "additionalProperties": false, "properties": { "Condition": { @@ -260989,20 +312132,59 @@ "Properties": { "additionalProperties": false, "properties": { - "AccountAlias": { - "markdownDescription": "An alias or short name for an AWS account .", - "title": "AccountAlias", + "ActiveDate": { + "markdownDescription": "An optional date that specifies when the certificate becomes active. If you do not specify a value, `ActiveDate` takes the same value as `NotBeforeDate` , which is specified by the CA.", + "title": "ActiveDate", + "type": "string" + }, + "Certificate": { + "markdownDescription": "The file name for the certificate.", + "title": "Certificate", + "type": "string" + }, + "CertificateChain": { + "markdownDescription": "The list of certificates that make up the chain for the certificate.", + "title": "CertificateChain", + "type": "string" + }, + "Description": { + "markdownDescription": "The name or description that's used to identity the certificate.", + "title": "Description", + "type": "string" + }, + "InactiveDate": { + "markdownDescription": "An optional date that specifies when the certificate becomes inactive. If you do not specify a value, `InactiveDate` takes the same value as `NotAfterDate` , which is specified by the CA.", + "title": "InactiveDate", + "type": "string" + }, + "PrivateKey": { + "markdownDescription": "The file that contains the private key for the certificate that's being imported.", + "title": "PrivateKey", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Key-value pairs that can be used to group and search for certificates.", + "title": "Tags", + "type": "array" + }, + "Usage": { + "markdownDescription": "Specifies how this certificate is used. It can be used in the following ways:\n\n- `SIGNING` : For signing AS2 messages\n- `ENCRYPTION` : For encrypting AS2 messages\n- `TLS` : For securing AS2 communications sent over HTTPS", + "title": "Usage", "type": "string" } }, "required": [ - "AccountAlias" + "Certificate", + "Usage" ], "type": "object" }, "Type": { "enum": [ - "AWS::SupportApp::AccountAlias" + "AWS::Transfer::Certificate" ], "type": "string" }, @@ -261021,7 +312203,7 @@ ], "type": "object" }, - "AWS::SupportApp::SlackChannelConfiguration": { + "AWS::Transfer::Connector": { "additionalProperties": false, "properties": { "Condition": { @@ -261056,58 +312238,54 @@ "Properties": { "additionalProperties": false, "properties": { - "ChannelId": { - "markdownDescription": "The channel ID in Slack. This ID identifies a channel within a Slack workspace.", - "title": "ChannelId", + "AccessRole": { + "markdownDescription": "Connectors are used to send files using either the AS2 or SFTP protocol. For the access role, provide the Amazon Resource Name (ARN) of the AWS Identity and Access Management role to use.\n\n*For AS2 connectors*\n\nWith AS2, you can send files by calling `StartFileTransfer` and specifying the file paths in the request parameter, `SendFilePaths` . We use the file\u2019s parent directory (for example, for `--send-file-paths /bucket/dir/file.txt` , parent directory is `/bucket/dir/` ) to temporarily store a processed AS2 message file, store the MDN when we receive them from the partner, and write a final JSON file containing relevant metadata of the transmission. So, the `AccessRole` needs to provide read and write access to the parent directory of the file location used in the `StartFileTransfer` request. Additionally, you need to provide read and write access to the parent directory of the files that you intend to send with `StartFileTransfer` .\n\nIf you are using Basic authentication for your AS2 connector, the access role requires the `secretsmanager:GetSecretValue` permission for the secret. If the secret is encrypted using a customer-managed key instead of the AWS managed key in Secrets Manager, then the role also needs the `kms:Decrypt` permission for that key.\n\n*For SFTP connectors*\n\nMake sure that the access role provides read and write access to the parent directory of the file location that's used in the `StartFileTransfer` request. Additionally, make sure that the role provides `secretsmanager:GetSecretValue` permission to AWS Secrets Manager .", + "title": "AccessRole", "type": "string" }, - "ChannelName": { - "markdownDescription": "The channel name in Slack. This is the channel where you invite the AWS Support App .", - "title": "ChannelName", - "type": "string" + "As2Config": { + "$ref": "#/definitions/AWS::Transfer::Connector.As2Config", + "markdownDescription": "A structure that contains the parameters for an AS2 connector object.", + "title": "As2Config" }, - "ChannelRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role for this Slack channel configuration. The App uses this role to perform and Service Quotas actions on your behalf.", - "title": "ChannelRoleArn", + "LoggingRole": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that allows a connector to turn on CloudWatch logging for Amazon S3 events. When set, you can view connector activity in your CloudWatch logs.", + "title": "LoggingRole", "type": "string" }, - "NotifyOnAddCorrespondenceToCase": { - "markdownDescription": "Whether to get notified when a correspondence is added to your support cases.", - "title": "NotifyOnAddCorrespondenceToCase", - "type": "boolean" - }, - "NotifyOnCaseSeverity": { - "markdownDescription": "The case severity for your support cases that you want to receive notifications. You can specify `none` , `all` , or `high` .", - "title": "NotifyOnCaseSeverity", + "SecurityPolicyName": { + "markdownDescription": "The text name of the security policy for the specified connector.", + "title": "SecurityPolicyName", "type": "string" }, - "NotifyOnCreateOrReopenCase": { - "markdownDescription": "Whether to get notified when your support cases are created or reopened", - "title": "NotifyOnCreateOrReopenCase", - "type": "boolean" + "SftpConfig": { + "$ref": "#/definitions/AWS::Transfer::Connector.SftpConfig", + "markdownDescription": "A structure that contains the parameters for an SFTP connector object.", + "title": "SftpConfig" }, - "NotifyOnResolveCase": { - "markdownDescription": "Whether to get notified when your support cases are resolved.", - "title": "NotifyOnResolveCase", - "type": "boolean" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Key-value pairs that can be used to group and search for connectors.", + "title": "Tags", + "type": "array" }, - "TeamId": { - "markdownDescription": "The team ID in Slack. This ID uniquely identifies a Slack workspace.", - "title": "TeamId", + "Url": { + "markdownDescription": "The URL of the partner's AS2 or SFTP endpoint.", + "title": "Url", "type": "string" } }, "required": [ - "ChannelId", - "ChannelRoleArn", - "NotifyOnCaseSeverity", - "TeamId" + "AccessRole", + "Url" ], "type": "object" }, "Type": { "enum": [ - "AWS::SupportApp::SlackChannelConfiguration" + "AWS::Transfer::Connector" ], "type": "string" }, @@ -261126,7 +312304,87 @@ ], "type": "object" }, - "AWS::SupportApp::SlackWorkspaceConfiguration": { + "AWS::Transfer::Connector.As2Config": { + "additionalProperties": false, + "properties": { + "BasicAuthSecretId": { + "markdownDescription": "Provides Basic authentication support to the AS2 Connectors API. To use Basic authentication, you must provide the name or Amazon Resource Name (ARN) of a secret in AWS Secrets Manager .\n\nThe default value for this parameter is `null` , which indicates that Basic authentication is not enabled for the connector.\n\nIf the connector should use Basic authentication, the secret needs to be in the following format:\n\n`{ \"Username\": \"user-name\", \"Password\": \"user-password\" }`\n\nReplace `user-name` and `user-password` with the credentials for the actual user that is being authenticated.\n\nNote the following:\n\n- You are storing these credentials in Secrets Manager, *not passing them directly* into this API.\n- If you are using the API, SDKs, or CloudFormation to configure your connector, then you must create the secret before you can enable Basic authentication. However, if you are using the AWS management console, you can have the system create the secret for you.\n\nIf you have previously enabled Basic authentication for a connector, you can disable it by using the `UpdateConnector` API call. For example, if you are using the CLI, you can run the following command to remove Basic authentication:\n\n`update-connector --connector-id my-connector-id --as2-config 'BasicAuthSecretId=\"\"'`", + "title": "BasicAuthSecretId", + "type": "string" + }, + "Compression": { + "markdownDescription": "Specifies whether the AS2 file is compressed.", + "title": "Compression", + "type": "string" + }, + "EncryptionAlgorithm": { + "markdownDescription": "The algorithm that is used to encrypt the file.\n\nNote the following:\n\n- Do not use the `DES_EDE3_CBC` algorithm unless you must support a legacy client that requires it, as it is a weak encryption algorithm.\n- You can only specify `NONE` if the URL for your connector uses HTTPS. Using HTTPS ensures that no traffic is sent in clear text.", + "title": "EncryptionAlgorithm", + "type": "string" + }, + "LocalProfileId": { + "markdownDescription": "A unique identifier for the AS2 local profile.", + "title": "LocalProfileId", + "type": "string" + }, + "MdnResponse": { + "markdownDescription": "Used for outbound requests (from an AWS Transfer Family connector to a partner AS2 server) to determine whether the partner response for transfers is synchronous or asynchronous. Specify either of the following values:\n\n- `SYNC` : The system expects a synchronous MDN response, confirming that the file was transferred successfully (or not).\n- `NONE` : Specifies that no MDN response is required.", + "title": "MdnResponse", + "type": "string" + }, + "MdnSigningAlgorithm": { + "markdownDescription": "The signing algorithm for the MDN response.\n\n> If set to DEFAULT (or not set at all), the value for `SigningAlgorithm` is used.", + "title": "MdnSigningAlgorithm", + "type": "string" + }, + "MessageSubject": { + "markdownDescription": "Used as the `Subject` HTTP header attribute in AS2 messages that are being sent with the connector.", + "title": "MessageSubject", + "type": "string" + }, + "PartnerProfileId": { + "markdownDescription": "A unique identifier for the partner profile for the connector.", + "title": "PartnerProfileId", + "type": "string" + }, + "PreserveContentType": { + "markdownDescription": "", + "title": "PreserveContentType", + "type": "string" + }, + "SigningAlgorithm": { + "markdownDescription": "The algorithm that is used to sign the AS2 messages sent with the connector.", + "title": "SigningAlgorithm", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Transfer::Connector.SftpConfig": { + "additionalProperties": false, + "properties": { + "MaxConcurrentConnections": { + "markdownDescription": "Specify the number of concurrent connections that your connector creates to the remote server. The default value is `1` . The maximum values is `5` .\n\n> If you are using the AWS Management Console , the default value is `5` . \n\nThis parameter specifies the number of active connections that your connector can establish with the remote server at the same time. Increasing this value can enhance connector performance when transferring large file batches by enabling parallel operations.", + "title": "MaxConcurrentConnections", + "type": "number" + }, + "TrustedHostKeys": { + "items": { + "type": "string" + }, + "markdownDescription": "The public portion of the host key, or keys, that are used to identify the external server to which you are connecting. You can use the `ssh-keyscan` command against the SFTP server to retrieve the necessary key.\n\n> `TrustedHostKeys` is optional for `CreateConnector` . If not provided, you can use `TestConnection` to retrieve the server host key during the initial connection attempt, and subsequently update the connector with the observed host key. \n\nThe three standard SSH public key format elements are `` , `` , and an optional `` , with spaces between each element. Specify only the `` and `` : do not enter the `` portion of the key.\n\nFor the trusted host key, AWS Transfer Family accepts RSA and ECDSA keys.\n\n- For RSA keys, the `` string is `ssh-rsa` .\n- For ECDSA keys, the `` string is either `ecdsa-sha2-nistp256` , `ecdsa-sha2-nistp384` , or `ecdsa-sha2-nistp521` , depending on the size of the key you generated.\n\nRun this command to retrieve the SFTP server host key, where your SFTP server name is `ftp.host.com` .\n\n`ssh-keyscan ftp.host.com`\n\nThis prints the public host key to standard output.\n\n`ftp.host.com ssh-rsa AAAAB3Nza... - Required when creating an SFTP connector\n> - Optional when updating an existing SFTP connector", + "title": "UserSecretId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Transfer::Profile": { "additionalProperties": false, "properties": { "Condition": { @@ -261161,25 +312419,42 @@ "Properties": { "additionalProperties": false, "properties": { - "TeamId": { - "markdownDescription": "The team ID in Slack. This ID uniquely identifies a Slack workspace, such as `T012ABCDEFG` .", - "title": "TeamId", + "As2Id": { + "markdownDescription": "The `As2Id` is the *AS2-name* , as defined in the [RFC 4130](https://docs.aws.amazon.com/https://datatracker.ietf.org/doc/html/rfc4130) . For inbound transfers, this is the `AS2-From` header for the AS2 messages sent from the partner. For outbound connectors, this is the `AS2-To` header for the AS2 messages sent to the partner using the `StartFileTransfer` API operation. This ID cannot include spaces.", + "title": "As2Id", "type": "string" }, - "VersionId": { - "markdownDescription": "An identifier used to update an existing Slack workspace configuration in AWS CloudFormation , such as `100` .", - "title": "VersionId", + "CertificateIds": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of identifiers for the imported certificates. You use this identifier for working with profiles and partner profiles.", + "title": "CertificateIds", + "type": "array" + }, + "ProfileType": { + "markdownDescription": "Indicates whether to list only `LOCAL` type profiles or only `PARTNER` type profiles. If not supplied in the request, the command lists all types of profiles.", + "title": "ProfileType", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Key-value pairs that can be used to group and search for profiles.", + "title": "Tags", + "type": "array" } }, "required": [ - "TeamId" + "As2Id", + "ProfileType" ], "type": "object" }, "Type": { "enum": [ - "AWS::SupportApp::SlackWorkspaceConfiguration" + "AWS::Transfer::Profile" ], "type": "string" }, @@ -261198,7 +312473,7 @@ ], "type": "object" }, - "AWS::Synthetics::Canary": { + "AWS::Transfer::Server": { "additionalProperties": false, "properties": { "Condition": { @@ -261233,93 +312508,106 @@ "Properties": { "additionalProperties": false, "properties": { - "ArtifactConfig": { - "$ref": "#/definitions/AWS::Synthetics::Canary.ArtifactConfig", - "markdownDescription": "A structure that contains the configuration for canary artifacts, including the encryption-at-rest settings for artifacts that the canary uploads to Amazon S3.", - "title": "ArtifactConfig" + "Certificate": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Certificate Manager (ACM) certificate. Required when `Protocols` is set to `FTPS` .\n\nTo request a new public certificate, see [Request a public certificate](https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-public.html) in the *AWS Certificate Manager User Guide* .\n\nTo import an existing certificate into ACM, see [Importing certificates into ACM](https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html) in the *AWS Certificate Manager User Guide* .\n\nTo request a private certificate to use FTPS through private IP addresses, see [Request a private certificate](https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-private.html) in the *AWS Certificate Manager User Guide* .\n\nCertificates with the following cryptographic algorithms and key sizes are supported:\n\n- 2048-bit RSA (RSA_2048)\n- 4096-bit RSA (RSA_4096)\n- Elliptic Prime Curve 256 bit (EC_prime256v1)\n- Elliptic Prime Curve 384 bit (EC_secp384r1)\n- Elliptic Prime Curve 521 bit (EC_secp521r1)\n\n> The certificate must be a valid SSL/TLS X.509 version 3 certificate with FQDN or IP address specified and information about the issuer.", + "title": "Certificate", + "type": "string" }, - "ArtifactS3Location": { - "markdownDescription": "The location in Amazon S3 where Synthetics stores artifacts from the runs of this canary. Artifacts include the log file, screenshots, and HAR files. Specify the full location path, including `s3://` at the beginning of the path.", - "title": "ArtifactS3Location", + "Domain": { + "markdownDescription": "Specifies the domain of the storage system that is used for file transfers. There are two domains available: Amazon Simple Storage Service (Amazon S3) and Amazon Elastic File System (Amazon EFS). The default value is S3.", + "title": "Domain", "type": "string" }, - "Code": { - "$ref": "#/definitions/AWS::Synthetics::Canary.Code", - "markdownDescription": "Use this structure to input your script code for the canary. This structure contains the Lambda handler with the location where the canary should start running the script. If the script is stored in an S3 bucket, the bucket name, key, and version are also included. If the script is passed into the canary directly, the script code is contained in the value of `Script` .", - "title": "Code" + "EndpointDetails": { + "$ref": "#/definitions/AWS::Transfer::Server.EndpointDetails", + "markdownDescription": "The virtual private cloud (VPC) endpoint settings that are configured for your server. When you host your endpoint within your VPC, you can make your endpoint accessible only to resources within your VPC, or you can attach Elastic IP addresses and make your endpoint accessible to clients over the internet. Your VPC's default security groups are automatically assigned to your endpoint.", + "title": "EndpointDetails" }, - "ExecutionRoleArn": { - "markdownDescription": "The ARN of the IAM role to be used to run the canary. This role must already exist, and must include `lambda.amazonaws.com` as a principal in the trust policy. The role must also have the following permissions:\n\n- `s3:PutObject`\n- `s3:GetBucketLocation`\n- `s3:ListAllMyBuckets`\n- `cloudwatch:PutMetricData`\n- `logs:CreateLogGroup`\n- `logs:CreateLogStream`\n- `logs:PutLogEvents`", - "title": "ExecutionRoleArn", + "EndpointType": { + "markdownDescription": "The type of endpoint that you want your server to use. You can choose to make your server's endpoint publicly accessible (PUBLIC) or host it inside your VPC. With an endpoint that is hosted in a VPC, you can restrict access to your server and resources only within your VPC or choose to make it internet facing by attaching Elastic IP addresses directly to it.\n\n> After May 19, 2021, you won't be able to create a server using `EndpointType=VPC_ENDPOINT` in your AWS account if your account hasn't already done so before May 19, 2021. If you have already created servers with `EndpointType=VPC_ENDPOINT` in your AWS account on or before May 19, 2021, you will not be affected. After this date, use `EndpointType` = `VPC` .\n> \n> For more information, see [Discontinuing the use of VPC_ENDPOINT](https://docs.aws.amazon.com//transfer/latest/userguide/create-server-in-vpc.html#deprecate-vpc-endpoint) .\n> \n> It is recommended that you use `VPC` as the `EndpointType` . With this endpoint type, you have the option to directly associate up to three Elastic IPv4 addresses (BYO IP included) with your server's endpoint and use VPC security groups to restrict traffic by the client's public IP address. This is not possible with `EndpointType` set to `VPC_ENDPOINT` .", + "title": "EndpointType", + "type": "string" + }, + "IdentityProviderDetails": { + "$ref": "#/definitions/AWS::Transfer::Server.IdentityProviderDetails", + "markdownDescription": "Required when `IdentityProviderType` is set to `AWS_DIRECTORY_SERVICE` , `AWS _LAMBDA` or `API_GATEWAY` . Accepts an array containing all of the information required to use a directory in `AWS_DIRECTORY_SERVICE` or invoke a customer-supplied authentication API, including the API Gateway URL. Cannot be specified when `IdentityProviderType` is set to `SERVICE_MANAGED` .", + "title": "IdentityProviderDetails" + }, + "IdentityProviderType": { + "markdownDescription": "The mode of authentication for a server. The default value is `SERVICE_MANAGED` , which allows you to store and access user credentials within the AWS Transfer Family service.\n\nUse `AWS_DIRECTORY_SERVICE` to provide access to Active Directory groups in AWS Directory Service for Microsoft Active Directory or Microsoft Active Directory in your on-premises environment or in AWS using AD Connector. This option also requires you to provide a Directory ID by using the `IdentityProviderDetails` parameter.\n\nUse the `API_GATEWAY` value to integrate with an identity provider of your choosing. The `API_GATEWAY` setting requires you to provide an Amazon API Gateway endpoint URL to call for authentication by using the `IdentityProviderDetails` parameter.\n\nUse the `AWS_LAMBDA` value to directly use an AWS Lambda function as your identity provider. If you choose this value, you must specify the ARN for the Lambda function in the `Function` parameter for the `IdentityProviderDetails` data type.", + "title": "IdentityProviderType", + "type": "string" + }, + "IpAddressType": { + "markdownDescription": "Specifies whether to use IPv4 only, or to use dual-stack (IPv4 and IPv6) for your AWS Transfer Family endpoint. The default value is `IPV4` .\n\n> The `IpAddressType` parameter has the following limitations:\n> \n> - It cannot be changed while the server is online. You must stop the server before modifying this parameter.\n> - It cannot be updated to `DUALSTACK` if the server has `AddressAllocationIds` specified. > When using `DUALSTACK` as the `IpAddressType` , you cannot set the `AddressAllocationIds` parameter for the [EndpointDetails](https://docs.aws.amazon.com/transfer/latest/APIReference/API_EndpointDetails.html) for the server.", + "title": "IpAddressType", + "type": "string" + }, + "LoggingRole": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that allows a server to turn on Amazon CloudWatch logging for Amazon S3 or Amazon EFS events. When set, you can view user activity in your CloudWatch logs.", + "title": "LoggingRole", "type": "string" }, - "FailureRetentionPeriod": { - "markdownDescription": "The number of days to retain data about failed runs of this canary. If you omit this field, the default of 31 days is used. The valid range is 1 to 455 days.\n\nThis setting affects the range of information returned by [GetCanaryRuns](https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_GetCanaryRuns.html) , as well as the range of information displayed in the Synthetics console.", - "title": "FailureRetentionPeriod", - "type": "number" + "PostAuthenticationLoginBanner": { + "markdownDescription": "Specifies a string to display when users connect to a server. This string is displayed after the user authenticates.\n\n> The SFTP protocol does not support post-authentication display banners.", + "title": "PostAuthenticationLoginBanner", + "type": "string" }, - "Name": { - "markdownDescription": "The name for this canary. Be sure to give it a descriptive name that distinguishes it from other canaries in your account.\n\nDo not include secrets or proprietary information in your canary names. The canary name makes up part of the canary ARN, and the ARN is included in outbound calls over the internet. For more information, see [Security Considerations for Synthetics Canaries](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/servicelens_canaries_security.html) .", - "title": "Name", + "PreAuthenticationLoginBanner": { + "markdownDescription": "Specifies a string to display when users connect to a server. This string is displayed before the user authenticates. For example, the following banner displays details about using the system:\n\n`This system is for the use of authorized users only. Individuals using this computer system without authority, or in excess of their authority, are subject to having all of their activities on this system monitored and recorded by system personnel.`", + "title": "PreAuthenticationLoginBanner", "type": "string" }, - "RunConfig": { - "$ref": "#/definitions/AWS::Synthetics::Canary.RunConfig", - "markdownDescription": "A structure that contains input information for a canary run. If you omit this structure, the frequency of the canary is used as canary's timeout value, up to a maximum of 900 seconds.", - "title": "RunConfig" + "ProtocolDetails": { + "$ref": "#/definitions/AWS::Transfer::Server.ProtocolDetails", + "markdownDescription": "The protocol settings that are configured for your server.\n\n- To indicate passive mode (for FTP and FTPS protocols), use the `PassiveIp` parameter. Enter a single dotted-quad IPv4 address, such as the external IP address of a firewall, router, or load balancer.\n- To ignore the error that is generated when the client attempts to use the `SETSTAT` command on a file that you are uploading to an Amazon S3 bucket, use the `SetStatOption` parameter. To have the AWS Transfer Family server ignore the `SETSTAT` command and upload files without needing to make any changes to your SFTP client, set the value to `ENABLE_NO_OP` . If you set the `SetStatOption` parameter to `ENABLE_NO_OP` , Transfer Family generates a log entry to Amazon CloudWatch Logs, so that you can determine when the client is making a `SETSTAT` call.\n- To determine whether your AWS Transfer Family server resumes recent, negotiated sessions through a unique session ID, use the `TlsSessionResumptionMode` parameter.\n- `As2Transports` indicates the transport method for the AS2 messages. Currently, only HTTP is supported.\n\nThe `Protocols` parameter is an array of strings.\n\n*Allowed values* : One or more of `SFTP` , `FTPS` , `FTP` , `AS2`", + "title": "ProtocolDetails" }, - "RuntimeVersion": { - "markdownDescription": "Specifies the runtime version to use for the canary. For more information about runtime versions, see [Canary Runtime Versions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_Library.html) .", - "title": "RuntimeVersion", - "type": "string" + "Protocols": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the file transfer protocol or protocols over which your file transfer protocol client can connect to your server's endpoint. The available protocols are:\n\n- `SFTP` (Secure Shell (SSH) File Transfer Protocol): File transfer over SSH\n- `FTPS` (File Transfer Protocol Secure): File transfer with TLS encryption\n- `FTP` (File Transfer Protocol): Unencrypted file transfer\n- `AS2` (Applicability Statement 2): used for transporting structured business-to-business data\n\n> - If you select `FTPS` , you must choose a certificate stored in AWS Certificate Manager (ACM) which is used to identify your server when clients connect to it over FTPS.\n> - If `Protocol` includes either `FTP` or `FTPS` , then the `EndpointType` must be `VPC` and the `IdentityProviderType` must be either `AWS_DIRECTORY_SERVICE` , `AWS_LAMBDA` , or `API_GATEWAY` .\n> - If `Protocol` includes `FTP` , then `AddressAllocationIds` cannot be associated.\n> - If `Protocol` is set only to `SFTP` , the `EndpointType` can be set to `PUBLIC` and the `IdentityProviderType` can be set any of the supported identity types: `SERVICE_MANAGED` , `AWS_DIRECTORY_SERVICE` , `AWS_LAMBDA` , or `API_GATEWAY` .\n> - If `Protocol` includes `AS2` , then the `EndpointType` must be `VPC` , and domain must be Amazon S3. \n\nThe `Protocols` parameter is an array of strings.\n\n*Allowed values* : One or more of `SFTP` , `FTPS` , `FTP` , `AS2`", + "title": "Protocols", + "type": "array" }, - "Schedule": { - "$ref": "#/definitions/AWS::Synthetics::Canary.Schedule", - "markdownDescription": "A structure that contains information about how often the canary is to run, and when these runs are to stop.", - "title": "Schedule" + "S3StorageOptions": { + "$ref": "#/definitions/AWS::Transfer::Server.S3StorageOptions", + "markdownDescription": "Specifies whether or not performance for your Amazon S3 directories is optimized.\n\n- If using the console, this is enabled by default.\n- If using the API or CLI, this is disabled by default.\n\nBy default, home directory mappings have a `TYPE` of `DIRECTORY` . If you enable this option, you would then need to explicitly set the `HomeDirectoryMapEntry` `Type` to `FILE` if you want a mapping to have a file target.", + "title": "S3StorageOptions" }, - "StartCanaryAfterCreation": { - "markdownDescription": "Specify TRUE to have the canary start making runs immediately after it is created.\n\nA canary that you create using CloudFormation can't be used to monitor the CloudFormation stack that creates the canary or to roll back that stack if there is a failure.", - "title": "StartCanaryAfterCreation", - "type": "boolean" + "SecurityPolicyName": { + "markdownDescription": "Specifies the name of the security policy for the server.", + "title": "SecurityPolicyName", + "type": "string" }, - "SuccessRetentionPeriod": { - "markdownDescription": "The number of days to retain data about successful runs of this canary. If you omit this field, the default of 31 days is used. The valid range is 1 to 455 days.\n\nThis setting affects the range of information returned by [GetCanaryRuns](https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_GetCanaryRuns.html) , as well as the range of information displayed in the Synthetics console.", - "title": "SuccessRetentionPeriod", - "type": "number" + "StructuredLogDestinations": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the log groups to which your server logs are sent.\n\nTo specify a log group, you must provide the ARN for an existing log group. In this case, the format of the log group is as follows:\n\n`arn:aws:logs:region-name:amazon-account-id:log-group:log-group-name:*`\n\nFor example, `arn:aws:logs:us-east-1:111122223333:log-group:mytestgroup:*`\n\nIf you have previously specified a log group for a server, you can clear it, and in effect turn off structured logging, by providing an empty value for this parameter in an `update-server` call. For example:\n\n`update-server --server-id s-1234567890abcdef0 --structured-log-destinations`", + "title": "StructuredLogDestinations", + "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The list of key-value pairs that are associated with the canary.", + "markdownDescription": "Key-value pairs that can be used to group and search for servers.", "title": "Tags", "type": "array" }, - "VPCConfig": { - "$ref": "#/definitions/AWS::Synthetics::Canary.VPCConfig", - "markdownDescription": "If this canary is to test an endpoint in a VPC, this structure contains information about the subnet and security groups of the VPC endpoint. For more information, see [Running a Canary in a VPC](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_VPC.html) .", - "title": "VPCConfig" - }, - "VisualReference": { - "$ref": "#/definitions/AWS::Synthetics::Canary.VisualReference", - "markdownDescription": "If this canary performs visual monitoring by comparing screenshots, this structure contains the ID of the canary run to use as the baseline for screenshots, and the coordinates of any parts of the screen to ignore during the visual monitoring comparison.", - "title": "VisualReference" + "WorkflowDetails": { + "$ref": "#/definitions/AWS::Transfer::Server.WorkflowDetails", + "markdownDescription": "Specifies the workflow ID for the workflow to assign and the execution role that's used for executing the workflow.\n\nIn addition to a workflow to execute when a file is uploaded completely, `WorkflowDetails` can also contain a workflow ID (and execution role) for a workflow to execute on partial upload. A partial upload occurs when a file is open when the session disconnects.", + "title": "WorkflowDetails" } }, - "required": [ - "ArtifactS3Location", - "Code", - "ExecutionRoleArn", - "Name", - "RuntimeVersion", - "Schedule" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Synthetics::Canary" + "AWS::Transfer::Server" ], "type": "string" }, @@ -261333,204 +312621,164 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Synthetics::Canary.ArtifactConfig": { - "additionalProperties": false, - "properties": { - "S3Encryption": { - "$ref": "#/definitions/AWS::Synthetics::Canary.S3Encryption", - "markdownDescription": "A structure that contains the configuration of the encryption-at-rest settings for artifacts that the canary uploads to Amazon S3 . Artifact encryption functionality is available only for canaries that use Synthetics runtime version syn-nodejs-puppeteer-3.3 or later. For more information, see [Encrypting canary artifacts](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_artifact_encryption.html) .", - "title": "S3Encryption" - } - }, - "type": "object" - }, - "AWS::Synthetics::Canary.BaseScreenshot": { + "AWS::Transfer::Server.EndpointDetails": { "additionalProperties": false, "properties": { - "IgnoreCoordinates": { + "AddressAllocationIds": { "items": { "type": "string" }, - "markdownDescription": "Coordinates that define the part of a screen to ignore during screenshot comparisons. To obtain the coordinates to use here, use the CloudWatch console to draw the boundaries on the screen. For more information, see [Edit or delete a canary](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/synthetics_canaries_deletion.html) .", - "title": "IgnoreCoordinates", + "markdownDescription": "A list of address allocation IDs that are required to attach an Elastic IP address to your server's endpoint.\n\nAn address allocation ID corresponds to the allocation ID of an Elastic IP address. This value can be retrieved from the `allocationId` field from the Amazon EC2 [Address](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_Address.html) data type. One way to retrieve this value is by calling the EC2 [DescribeAddresses](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAddresses.html) API.\n\nThis parameter is optional. Set this parameter if you want to make your VPC endpoint public-facing. For details, see [Create an internet-facing endpoint for your server](https://docs.aws.amazon.com/transfer/latest/userguide/create-server-in-vpc.html#create-internet-facing-endpoint) .\n\n> This property can only be set as follows:\n> \n> - `EndpointType` must be set to `VPC`\n> - The Transfer Family server must be offline.\n> - You cannot set this parameter for Transfer Family servers that use the FTP protocol.\n> - The server must already have `SubnetIds` populated ( `SubnetIds` and `AddressAllocationIds` cannot be updated simultaneously).\n> - `AddressAllocationIds` can't contain duplicates, and must be equal in length to `SubnetIds` . For example, if you have three subnet IDs, you must also specify three address allocation IDs.\n> - Call the `UpdateServer` API to set or change this parameter.\n> - You can't set address allocation IDs for servers that have an `IpAddressType` set to `DUALSTACK` You can only set this property if `IpAddressType` is set to `IPV4` .", + "title": "AddressAllocationIds", "type": "array" }, - "ScreenshotName": { - "markdownDescription": "The name of the screenshot. This is generated the first time the canary is run after the `UpdateCanary` operation that specified for this canary to perform visual monitoring.", - "title": "ScreenshotName", + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of security groups IDs that are available to attach to your server's endpoint.\n\n> This property can only be set when `EndpointType` is set to `VPC` .\n> \n> You can edit the `SecurityGroupIds` property in the [UpdateServer](https://docs.aws.amazon.com/transfer/latest/userguide/API_UpdateServer.html) API only if you are changing the `EndpointType` from `PUBLIC` or `VPC_ENDPOINT` to `VPC` . To change security groups associated with your server's VPC endpoint after creation, use the Amazon EC2 [ModifyVpcEndpoint](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVpcEndpoint.html) API.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of subnet IDs that are required to host your server endpoint in your VPC.\n\n> This property can only be set when `EndpointType` is set to `VPC` .", + "title": "SubnetIds", + "type": "array" + }, + "VpcEndpointId": { + "markdownDescription": "The ID of the VPC endpoint.\n\n> This property can only be set when `EndpointType` is set to `VPC_ENDPOINT` .", + "title": "VpcEndpointId", + "type": "string" + }, + "VpcId": { + "markdownDescription": "The VPC ID of the virtual private cloud in which the server's endpoint will be hosted.\n\n> This property can only be set when `EndpointType` is set to `VPC` .", + "title": "VpcId", "type": "string" } }, - "required": [ - "ScreenshotName" - ], "type": "object" }, - "AWS::Synthetics::Canary.Code": { + "AWS::Transfer::Server.IdentityProviderDetails": { "additionalProperties": false, "properties": { - "Handler": { - "markdownDescription": "The entry point to use for the source code when running the canary. For canaries that use the `syn-python-selenium-1.0` runtime or a `syn-nodejs.puppeteer` runtime earlier than `syn-nodejs.puppeteer-3.4` , the handler must be specified as `*fileName* .handler` . For `syn-python-selenium-1.1` , `syn-nodejs.puppeteer-3.4` , and later runtimes, the handler can be specified as `*fileName* . *functionName*` , or you can specify a folder where canary scripts reside as `*folder* / *fileName* . *functionName*` .", - "title": "Handler", - "type": "string" - }, - "S3Bucket": { - "markdownDescription": "If your canary script is located in S3, specify the bucket name here. The bucket must already exist.", - "title": "S3Bucket", + "DirectoryId": { + "markdownDescription": "The identifier of the AWS Directory Service directory that you want to use as your identity provider.", + "title": "DirectoryId", "type": "string" }, - "S3Key": { - "markdownDescription": "The Amazon S3 key of your script. For more information, see [Working with Amazon S3 Objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingObjects.html) .", - "title": "S3Key", + "Function": { + "markdownDescription": "The ARN for a Lambda function to use for the Identity provider.", + "title": "Function", "type": "string" }, - "S3ObjectVersion": { - "markdownDescription": "The Amazon S3 version ID of your script.", - "title": "S3ObjectVersion", + "InvocationRole": { + "markdownDescription": "This parameter is only applicable if your `IdentityProviderType` is `API_GATEWAY` . Provides the type of `InvocationRole` used to authenticate the user account.", + "title": "InvocationRole", "type": "string" }, - "Script": { - "markdownDescription": "If you input your canary script directly into the canary instead of referring to an S3 location, the value of this parameter is the script in plain text. It can be up to 5 MB.", - "title": "Script", + "SftpAuthenticationMethods": { + "markdownDescription": "For SFTP-enabled servers, and for custom identity providers *only* , you can specify whether to authenticate using a password, SSH key pair, or both.\n\n- `PASSWORD` - users must provide their password to connect.\n- `PUBLIC_KEY` - users must provide their private key to connect.\n- `PUBLIC_KEY_OR_PASSWORD` - users can authenticate with either their password or their key. This is the default value.\n- `PUBLIC_KEY_AND_PASSWORD` - users must provide both their private key and their password to connect. The server checks the key first, and then if the key is valid, the system prompts for a password. If the private key provided does not match the public key that is stored, authentication fails.", + "title": "SftpAuthenticationMethods", "type": "string" }, - "SourceLocationArn": { - "markdownDescription": "The ARN of the Lambda layer where Synthetics stores the canary script code.", - "title": "SourceLocationArn", + "Url": { + "markdownDescription": "Provides the location of the service endpoint used to authenticate users.", + "title": "Url", "type": "string" } }, - "required": [ - "Handler" - ], "type": "object" }, - "AWS::Synthetics::Canary.RunConfig": { + "AWS::Transfer::Server.ProtocolDetails": { "additionalProperties": false, "properties": { - "ActiveTracing": { - "markdownDescription": "Specifies whether this canary is to use active AWS X-Ray tracing when it runs. Active tracing enables this canary run to be displayed in the ServiceLens and X-Ray service maps even if the canary does not hit an endpoint that has X-Ray tracing enabled. Using X-Ray tracing incurs charges. For more information, see [Canaries and X-Ray tracing](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_tracing.html) .\n\nYou can enable active tracing only for canaries that use version `syn-nodejs-2.0` or later for their canary runtime.", - "title": "ActiveTracing", - "type": "boolean" - }, - "EnvironmentVariables": { - "additionalProperties": true, - "markdownDescription": "Specifies the keys and values to use for any environment variables used in the canary script. Use the following format:\n\n{ \"key1\" : \"value1\", \"key2\" : \"value2\", ...}\n\nKeys must start with a letter and be at least two characters. The total size of your environment variables cannot exceed 4 KB. You can't specify any Lambda reserved environment variables as the keys for your environment variables. For more information about reserved keys, see [Runtime environment variables](https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html#configuration-envvars-runtime) .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "As2Transports": { + "items": { + "type": "string" }, - "title": "EnvironmentVariables", - "type": "object" + "markdownDescription": "List of `As2Transport` objects.", + "title": "As2Transports", + "type": "array" }, - "MemoryInMB": { - "markdownDescription": "The maximum amount of memory that the canary can use while running. This value must be a multiple of 64. The range is 960 to 3008.", - "title": "MemoryInMB", - "type": "number" + "PassiveIp": { + "markdownDescription": "Indicates passive mode, for FTP and FTPS protocols. Enter a single IPv4 address, such as the public IP address of a firewall, router, or load balancer. For example:\n\n`aws transfer update-server --protocol-details PassiveIp=0.0.0.0`\n\nReplace `0.0.0.0` in the example above with the actual IP address you want to use.\n\n> If you change the `PassiveIp` value, you must stop and then restart your Transfer Family server for the change to take effect. For details on using passive mode (PASV) in a NAT environment, see [Configuring your FTPS server behind a firewall or NAT with AWS Transfer Family](https://docs.aws.amazon.com/storage/configuring-your-ftps-server-behind-a-firewall-or-nat-with-aws-transfer-family/) . \n\n*Special values*\n\nThe `AUTO` and `0.0.0.0` are special values for the `PassiveIp` parameter. The value `PassiveIp=AUTO` is assigned by default to FTP and FTPS type servers. In this case, the server automatically responds with one of the endpoint IPs within the PASV response. `PassiveIp=0.0.0.0` has a more unique application for its usage. For example, if you have a High Availability (HA) Network Load Balancer (NLB) environment, where you have 3 subnets, you can only specify a single IP address using the `PassiveIp` parameter. This reduces the effectiveness of having High Availability. In this case, you can specify `PassiveIp=0.0.0.0` . This tells the client to use the same IP address as the Control connection and utilize all AZs for their connections. Note, however, that not all FTP clients support the `PassiveIp=0.0.0.0` response. FileZilla and WinSCP do support it. If you are using other clients, check to see if your client supports the `PassiveIp=0.0.0.0` response.", + "title": "PassiveIp", + "type": "string" }, - "TimeoutInSeconds": { - "markdownDescription": "How long the canary is allowed to run before it must stop. You can't set this time to be longer than the frequency of the runs of this canary.\n\nIf you omit this field, the frequency of the canary is used as this value, up to a maximum of 900 seconds.", - "title": "TimeoutInSeconds", - "type": "number" + "SetStatOption": { + "markdownDescription": "Use the `SetStatOption` to ignore the error that is generated when the client attempts to use `SETSTAT` on a file you are uploading to an S3 bucket.\n\nSome SFTP file transfer clients can attempt to change the attributes of remote files, including timestamp and permissions, using commands, such as `SETSTAT` when uploading the file. However, these commands are not compatible with object storage systems, such as Amazon S3. Due to this incompatibility, file uploads from these clients can result in errors even when the file is otherwise successfully uploaded.\n\nSet the value to `ENABLE_NO_OP` to have the Transfer Family server ignore the `SETSTAT` command, and upload files without needing to make any changes to your SFTP client. While the `SetStatOption` `ENABLE_NO_OP` setting ignores the error, it does generate a log entry in Amazon CloudWatch Logs, so you can determine when the client is making a `SETSTAT` call.\n\n> If you want to preserve the original timestamp for your file, and modify other file attributes using `SETSTAT` , you can use Amazon EFS as backend storage with Transfer Family.", + "title": "SetStatOption", + "type": "string" + }, + "TlsSessionResumptionMode": { + "markdownDescription": "A property used with Transfer Family servers that use the FTPS protocol. TLS Session Resumption provides a mechanism to resume or share a negotiated secret key between the control and data connection for an FTPS session. `TlsSessionResumptionMode` determines whether or not the server resumes recent, negotiated sessions through a unique session ID. This property is available during `CreateServer` and `UpdateServer` calls. If a `TlsSessionResumptionMode` value is not specified during `CreateServer` , it is set to `ENFORCED` by default.\n\n- `DISABLED` : the server does not process TLS session resumption client requests and creates a new TLS session for each request.\n- `ENABLED` : the server processes and accepts clients that are performing TLS session resumption. The server doesn't reject client data connections that do not perform the TLS session resumption client processing.\n- `ENFORCED` : the server processes and accepts clients that are performing TLS session resumption. The server rejects client data connections that do not perform the TLS session resumption client processing. Before you set the value to `ENFORCED` , test your clients.\n\n> Not all FTPS clients perform TLS session resumption. So, if you choose to enforce TLS session resumption, you prevent any connections from FTPS clients that don't perform the protocol negotiation. To determine whether or not you can use the `ENFORCED` value, you need to test your clients.", + "title": "TlsSessionResumptionMode", + "type": "string" } }, "type": "object" }, - "AWS::Synthetics::Canary.S3Encryption": { + "AWS::Transfer::Server.S3StorageOptions": { "additionalProperties": false, "properties": { - "EncryptionMode": { - "markdownDescription": "The encryption method to use for artifacts created by this canary. Specify `SSE_S3` to use server-side encryption (SSE) with an Amazon S3-managed key. Specify `SSE-KMS` to use server-side encryption with a customer-managed AWS KMS key.\n\nIf you omit this parameter, an AWS -managed AWS KMS key is used.", - "title": "EncryptionMode", - "type": "string" - }, - "KmsKeyArn": { - "markdownDescription": "The ARN of the customer-managed AWS KMS key to use, if you specify `SSE-KMS` for `EncryptionMode`", - "title": "KmsKeyArn", + "DirectoryListingOptimization": { + "markdownDescription": "Specifies whether or not performance for your Amazon S3 directories is optimized.\n\n- If using the console, this is enabled by default.\n- If using the API or CLI, this is disabled by default.\n\nBy default, home directory mappings have a `TYPE` of `DIRECTORY` . If you enable this option, you would then need to explicitly set the `HomeDirectoryMapEntry` `Type` to `FILE` if you want a mapping to have a file target.", + "title": "DirectoryListingOptimization", "type": "string" } }, "type": "object" }, - "AWS::Synthetics::Canary.Schedule": { + "AWS::Transfer::Server.WorkflowDetail": { "additionalProperties": false, "properties": { - "DurationInSeconds": { - "markdownDescription": "How long, in seconds, for the canary to continue making regular runs according to the schedule in the `Expression` value. If you specify 0, the canary continues making runs until you stop it. If you omit this field, the default of 0 is used.", - "title": "DurationInSeconds", + "ExecutionRole": { + "markdownDescription": "Includes the necessary permissions for S3, EFS, and Lambda operations that Transfer can assume, so that all workflow steps can operate on the required resources", + "title": "ExecutionRole", "type": "string" }, - "Expression": { - "markdownDescription": "A `rate` expression or a `cron` expression that defines how often the canary is to run.\n\nFor a rate expression, The syntax is `rate( *number unit* )` . *unit* can be `minute` , `minutes` , or `hour` .\n\nFor example, `rate(1 minute)` runs the canary once a minute, `rate(10 minutes)` runs it once every 10 minutes, and `rate(1 hour)` runs it once every hour. You can specify a frequency between `rate(1 minute)` and `rate(1 hour)` .\n\nSpecifying `rate(0 minute)` or `rate(0 hour)` is a special value that causes the canary to run only once when it is started.\n\nUse `cron( *expression* )` to specify a cron expression. You can't schedule a canary to wait for more than a year before running. For information about the syntax for cron expressions, see [Scheduling canary runs using cron](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_cron.html) .", - "title": "Expression", + "WorkflowId": { + "markdownDescription": "A unique identifier for the workflow.", + "title": "WorkflowId", "type": "string" } }, "required": [ - "Expression" + "ExecutionRole", + "WorkflowId" ], "type": "object" }, - "AWS::Synthetics::Canary.VPCConfig": { + "AWS::Transfer::Server.WorkflowDetails": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the security groups for this canary.", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetIds": { + "OnPartialUpload": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Transfer::Server.WorkflowDetail" }, - "markdownDescription": "The IDs of the subnets where this canary is to run.", - "title": "SubnetIds", + "markdownDescription": "A trigger that starts a workflow if a file is only partially uploaded. You can attach a workflow to a server that executes whenever there is a partial upload.\n\nA *partial upload* occurs when a file is open when the session disconnects.\n\n> `OnPartialUpload` can contain a maximum of one `WorkflowDetail` object.", + "title": "OnPartialUpload", "type": "array" }, - "VpcId": { - "markdownDescription": "The ID of the VPC where this canary is to run.", - "title": "VpcId", - "type": "string" - } - }, - "required": [ - "SecurityGroupIds", - "SubnetIds" - ], - "type": "object" - }, - "AWS::Synthetics::Canary.VisualReference": { - "additionalProperties": false, - "properties": { - "BaseCanaryRunId": { - "markdownDescription": "Specifies which canary run to use the screenshots from as the baseline for future visual monitoring with this canary. Valid values are `nextrun` to use the screenshots from the next run after this update is made, `lastrun` to use the screenshots from the most recent run before this update was made, or the value of `Id` in the [CanaryRun](https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_CanaryRun.html) from any past run of this canary.", - "title": "BaseCanaryRunId", - "type": "string" - }, - "BaseScreenshots": { + "OnUpload": { "items": { - "$ref": "#/definitions/AWS::Synthetics::Canary.BaseScreenshot" + "$ref": "#/definitions/AWS::Transfer::Server.WorkflowDetail" }, - "markdownDescription": "An array of screenshots that are used as the baseline for comparisons during visual monitoring.", - "title": "BaseScreenshots", + "markdownDescription": "A trigger that starts a workflow: the workflow begins to execute after a file is uploaded.\n\nTo remove an associated workflow from a server, you can provide an empty `OnUpload` object, as in the following example.\n\n`aws transfer update-server --server-id s-01234567890abcdef --workflow-details '{\"OnUpload\":[]}'`\n\n> `OnUpload` can contain a maximum of one `WorkflowDetail` object.", + "title": "OnUpload", "type": "array" } }, - "required": [ - "BaseCanaryRunId" - ], "type": "object" }, - "AWS::Synthetics::Group": { + "AWS::Transfer::User": { "additionalProperties": false, "properties": { "Condition": { @@ -261565,36 +312813,76 @@ "Properties": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "A name for the group. It can include any Unicode characters.\n\nThe names for all groups in your account, across all Regions, must be unique.", - "title": "Name", + "HomeDirectory": { + "markdownDescription": "The landing directory (folder) for a user when they log in to the server using the client.\n\nA `HomeDirectory` example is `/bucket_name/home/mydirectory` .\n\n> You can use the `HomeDirectory` parameter for `HomeDirectoryType` when it is set to either `PATH` or `LOGICAL` .", + "title": "HomeDirectory", "type": "string" }, - "ResourceArns": { + "HomeDirectoryMappings": { + "items": { + "$ref": "#/definitions/AWS::Transfer::User.HomeDirectoryMapEntry" + }, + "markdownDescription": "Logical directory mappings that specify what Amazon S3 or Amazon EFS paths and keys should be visible to your user and how you want to make them visible. You must specify the `Entry` and `Target` pair, where `Entry` shows how the path is made visible and `Target` is the actual Amazon S3 or Amazon EFS path. If you only specify a target, it is displayed as is. You also must ensure that your AWS Identity and Access Management (IAM) role provides access to paths in `Target` . This value can be set only when `HomeDirectoryType` is set to *LOGICAL* .\n\nThe following is an `Entry` and `Target` pair example.\n\n`[ { \"Entry\": \"/directory1\", \"Target\": \"/bucket_name/home/mydirectory\" } ]`\n\nIn most cases, you can use this value instead of the session policy to lock your user down to the designated home directory (\" `chroot` \"). To do this, you can set `Entry` to `/` and set `Target` to the value the user should see for their home directory when they log in.\n\nThe following is an `Entry` and `Target` pair example for `chroot` .\n\n`[ { \"Entry\": \"/\", \"Target\": \"/bucket_name/home/mydirectory\" } ]`", + "title": "HomeDirectoryMappings", + "type": "array" + }, + "HomeDirectoryType": { + "markdownDescription": "The type of landing directory (folder) that you want your users' home directory to be when they log in to the server. If you set it to `PATH` , the user will see the absolute Amazon S3 bucket or Amazon EFS path as is in their file transfer protocol clients. If you set it to `LOGICAL` , you need to provide mappings in the `HomeDirectoryMappings` for how you want to make Amazon S3 or Amazon EFS paths visible to your users.\n\n> If `HomeDirectoryType` is `LOGICAL` , you must provide mappings, using the `HomeDirectoryMappings` parameter. If, on the other hand, `HomeDirectoryType` is `PATH` , you provide an absolute path using the `HomeDirectory` parameter. You cannot have both `HomeDirectory` and `HomeDirectoryMappings` in your template.", + "title": "HomeDirectoryType", + "type": "string" + }, + "Policy": { + "markdownDescription": "A session policy for your user so you can use the same IAM role across multiple users. This policy restricts user access to portions of their Amazon S3 bucket. Variables that you can use inside this policy include `${Transfer:UserName}` , `${Transfer:HomeDirectory}` , and `${Transfer:HomeBucket}` .\n\n> For session policies, AWS Transfer Family stores the policy as a JSON blob, instead of the Amazon Resource Name (ARN) of the policy. You save the policy as a JSON blob and pass it in the `Policy` argument.\n> \n> For an example of a session policy, see [Example session policy](https://docs.aws.amazon.com/transfer/latest/userguide/session-policy.html) .\n> \n> For more information, see [AssumeRole](https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html) in the *AWS Security Token Service API Reference* .", + "title": "Policy", + "type": "string" + }, + "PosixProfile": { + "$ref": "#/definitions/AWS::Transfer::User.PosixProfile", + "markdownDescription": "Specifies the full POSIX identity, including user ID ( `Uid` ), group ID ( `Gid` ), and any secondary groups IDs ( `SecondaryGids` ), that controls your users' access to your Amazon Elastic File System (Amazon EFS) file systems. The POSIX permissions that are set on files and directories in your file system determine the level of access your users get when transferring files into and out of your Amazon EFS file systems.", + "title": "PosixProfile" + }, + "Role": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that controls your users' access to your Amazon S3 bucket or Amazon EFS file system. The policies attached to this role determine the level of access that you want to provide your users when transferring files into and out of your Amazon S3 bucket or Amazon EFS file system. The IAM role should also contain a trust relationship that allows the server to access your resources when servicing your users' transfer requests.", + "title": "Role", + "type": "string" + }, + "ServerId": { + "markdownDescription": "A system-assigned unique identifier for a server instance. This is the specific server that you added your user to.", + "title": "ServerId", + "type": "string" + }, + "SshPublicKeys": { "items": { "type": "string" }, - "markdownDescription": "The ARNs of the canaries that you want to associate with this group.", - "title": "ResourceArns", + "markdownDescription": "Specifies the public key portion of the Secure Shell (SSH) keys stored for the described user.\n\n> To delete the public key body, set its value to zero keys, as shown here:\n> \n> `SshPublicKeys: []`", + "title": "SshPublicKeys", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The list of key-value pairs that are associated with the group.", + "markdownDescription": "Key-value pairs that can be used to group and search for users. Tags are metadata attached to users for any purpose.", "title": "Tags", "type": "array" + }, + "UserName": { + "markdownDescription": "A unique string that identifies a user and is associated with a `ServerId` . This user name must be a minimum of 3 and a maximum of 100 characters long. The following are valid characters: a-z, A-Z, 0-9, underscore '_', hyphen '-', period '.', and at sign '@'. The user name can't start with a hyphen, period, or at sign.", + "title": "UserName", + "type": "string" } }, "required": [ - "Name" + "Role", + "ServerId", + "UserName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Synthetics::Group" + "AWS::Transfer::User" ], "type": "string" }, @@ -261613,7 +312901,60 @@ ], "type": "object" }, - "AWS::SystemsManagerSAP::Application": { + "AWS::Transfer::User.HomeDirectoryMapEntry": { + "additionalProperties": false, + "properties": { + "Entry": { + "markdownDescription": "Represents an entry for `HomeDirectoryMappings` .", + "title": "Entry", + "type": "string" + }, + "Target": { + "markdownDescription": "Represents the map target that is used in a `HomeDirectoryMapEntry` .", + "title": "Target", + "type": "string" + }, + "Type": { + "markdownDescription": "Specifies the type of mapping. Set the type to `FILE` if you want the mapping to point to a file, or `DIRECTORY` for the directory to point to a directory.\n\n> By default, home directory mappings have a `Type` of `DIRECTORY` when you create a Transfer Family server. You would need to explicitly set `Type` to `FILE` if you want a mapping to have a file target.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Entry", + "Target" + ], + "type": "object" + }, + "AWS::Transfer::User.PosixProfile": { + "additionalProperties": false, + "properties": { + "Gid": { + "markdownDescription": "The POSIX group ID used for all EFS operations by this user.", + "title": "Gid", + "type": "number" + }, + "SecondaryGids": { + "items": { + "type": "number" + }, + "markdownDescription": "The secondary POSIX group IDs used for all EFS operations by this user.", + "title": "SecondaryGids", + "type": "array" + }, + "Uid": { + "markdownDescription": "The POSIX user ID used for all EFS operations by this user.", + "title": "Uid", + "type": "number" + } + }, + "required": [ + "Gid", + "Uid" + ], + "type": "object" + }, + "AWS::Transfer::WebApp": { "additionalProperties": false, "properties": { "Condition": { @@ -261648,60 +312989,48 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationId": { - "markdownDescription": "The ID of the application.", - "title": "ApplicationId", - "type": "string" - }, - "ApplicationType": { - "markdownDescription": "The type of the application.", - "title": "ApplicationType", + "AccessEndpoint": { + "markdownDescription": "The `AccessEndpoint` is the URL that you provide to your users for them to interact with the Transfer Family web app. You can specify a custom URL or use the default value.\n\nBefore you enter a custom URL for this parameter, follow the steps described in [Update your access endpoint with a custom URL](https://docs.aws.amazon.com//transfer/latest/userguide/webapp-customize.html) .", + "title": "AccessEndpoint", "type": "string" }, - "Credentials": { - "items": { - "$ref": "#/definitions/AWS::SystemsManagerSAP::Application.Credential" - }, - "markdownDescription": "The credentials of the SAP application.", - "title": "Credentials", - "type": "array" + "IdentityProviderDetails": { + "$ref": "#/definitions/AWS::Transfer::WebApp.IdentityProviderDetails", + "markdownDescription": "You can provide a structure that contains the details for the identity provider to use with your web app.\n\nFor more details about this parameter, see [Configure your identity provider for Transfer Family web apps](https://docs.aws.amazon.com//transfer/latest/userguide/webapp-identity-center.html) .", + "title": "IdentityProviderDetails" }, - "Instances": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The Amazon EC2 instances on which your SAP application is running.", - "title": "Instances", + "markdownDescription": "Key-value pairs that can be used to group and search for web apps. Tags are metadata attached to web apps for any purpose.", + "title": "Tags", "type": "array" }, - "SapInstanceNumber": { - "markdownDescription": "The SAP instance number of the application.", - "title": "SapInstanceNumber", - "type": "string" + "WebAppCustomization": { + "$ref": "#/definitions/AWS::Transfer::WebApp.WebAppCustomization", + "markdownDescription": "A structure that contains the customization fields for the web app. You can provide a title, logo, and icon to customize the appearance of your web app.", + "title": "WebAppCustomization" }, - "Sid": { - "markdownDescription": "The System ID of the application.", - "title": "Sid", + "WebAppEndpointPolicy": { + "markdownDescription": "Setting for the type of endpoint policy for the web app. The default value is `STANDARD` .\n\nIf your web app was created in an AWS GovCloud (US) Region , the value of this parameter can be `FIPS` , which indicates the web app endpoint is FIPS-compliant.", + "title": "WebAppEndpointPolicy", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags on the application.", - "title": "Tags", - "type": "array" + "WebAppUnits": { + "$ref": "#/definitions/AWS::Transfer::WebApp.WebAppUnits", + "markdownDescription": "A union that contains the value for number of concurrent connections or the user sessions on your web app.", + "title": "WebAppUnits" } }, "required": [ - "ApplicationId", - "ApplicationType" + "IdentityProviderDetails" ], "type": "object" }, "Type": { "enum": [ - "AWS::SystemsManagerSAP::Application" + "AWS::Transfer::WebApp" ], "type": "string" }, @@ -261720,104 +313049,63 @@ ], "type": "object" }, - "AWS::SystemsManagerSAP::Application.Credential": { + "AWS::Transfer::WebApp.IdentityProviderDetails": { "additionalProperties": false, "properties": { - "CredentialType": { - "markdownDescription": "The type of the application credentials.", - "title": "CredentialType", + "ApplicationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the IAM Identity Center application: this value is set automatically when you create your web app.", + "title": "ApplicationArn", "type": "string" }, - "DatabaseName": { - "markdownDescription": "The name of the SAP HANA database.", - "title": "DatabaseName", + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the IAM Identity Center used for the web app.", + "title": "InstanceArn", "type": "string" }, - "SecretId": { - "markdownDescription": "The secret ID created in AWS Secrets Manager to store the credentials of the SAP application.", - "title": "SecretId", + "Role": { + "markdownDescription": "The IAM role in IAM Identity Center used for the web app.", + "title": "Role", "type": "string" } }, "type": "object" }, - "AWS::Timestream::Database": { + "AWS::Transfer::WebApp.WebAppCustomization": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FaviconFile": { + "markdownDescription": "Returns an icon file data string (in base64 encoding).", + "title": "FaviconFile", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DatabaseName": { - "markdownDescription": "The name of the Timestream database.\n\n*Length Constraints* : Minimum length of 3 bytes. Maximum length of 256 bytes.", - "title": "DatabaseName", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "The identifier of the AWS KMS key used to encrypt the data stored in the database.", - "title": "KmsKeyId", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to add to the database.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Timestream::Database" - ], + "LogoFile": { + "markdownDescription": "Returns a logo file data string (in base64 encoding).", + "title": "LogoFile", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Title": { + "markdownDescription": "Returns the page title that you defined for your web app.", + "title": "Title", "type": "string" } }, + "type": "object" + }, + "AWS::Transfer::WebApp.WebAppUnits": { + "additionalProperties": false, + "properties": { + "Provisioned": { + "markdownDescription": "An integer that represents the number of units for your desired number of concurrent connections, or the number of user sessions on your web app at the same time.\n\nEach increment allows an additional 250 concurrent sessions: a value of `1` sets the number of concurrent sessions to 250; `2` sets a value of 500, and so on.", + "title": "Provisioned", + "type": "number" + } + }, "required": [ - "Type" + "Provisioned" ], "type": "object" }, - "AWS::Timestream::InfluxDBInstance": { + "AWS::Transfer::Workflow": { "additionalProperties": false, "properties": { "Condition": { @@ -261852,96 +313140,44 @@ "Properties": { "additionalProperties": false, "properties": { - "AllocatedStorage": { - "markdownDescription": "The amount of storage to allocate for your DB storage type in GiB (gibibytes).", - "title": "AllocatedStorage", - "type": "number" - }, - "Bucket": { - "markdownDescription": "The name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization.", - "title": "Bucket", - "type": "string" - }, - "DbInstanceType": { - "markdownDescription": "The Timestream for InfluxDB DB instance type to run on.", - "title": "DbInstanceType", - "type": "string" - }, - "DbParameterGroupIdentifier": { - "markdownDescription": "The name or id of the DB parameter group to assign to your DB instance. DB parameter groups specify how the database is configured. For example, DB parameter groups can specify the limit for query concurrency.", - "title": "DbParameterGroupIdentifier", - "type": "string" - }, - "DbStorageType": { - "markdownDescription": "The Timestream for InfluxDB DB storage type to read and write InfluxDB data.\n\nYou can choose between 3 different types of provisioned Influx IOPS included storage according to your workloads requirements:\n\n- Influx IO Included 3000 IOPS\n- Influx IO Included 12000 IOPS\n- Influx IO Included 16000 IOPS", - "title": "DbStorageType", - "type": "string" - }, - "DeploymentType": { - "markdownDescription": "Specifies whether the Timestream for InfluxDB is deployed as Single-AZ or with a MultiAZ Standby for High availability.", - "title": "DeploymentType", - "type": "string" - }, - "LogDeliveryConfiguration": { - "$ref": "#/definitions/AWS::Timestream::InfluxDBInstance.LogDeliveryConfiguration", - "markdownDescription": "Configuration for sending InfluxDB engine logs to a specified S3 bucket.", - "title": "LogDeliveryConfiguration" - }, - "Name": { - "markdownDescription": "The name that uniquely identifies the DB instance when interacting with the Amazon Timestream for InfluxDB API and CLI commands. This name will also be a prefix included in the endpoint. DB instance names must be unique per customer and per region.", - "title": "Name", - "type": "string" - }, - "Organization": { - "markdownDescription": "The name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users.", - "title": "Organization", - "type": "string" - }, - "Password": { - "markdownDescription": "The password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. These attributes will be stored in a Secret created in Amazon SecretManager in your account.", - "title": "Password", + "Description": { + "markdownDescription": "Specifies the text description for the workflow.", + "title": "Description", "type": "string" }, - "PubliclyAccessible": { - "markdownDescription": "Configures the DB instance with a public IP to facilitate access.", - "title": "PubliclyAccessible", - "type": "boolean" - }, - "Tags": { + "OnExceptionSteps": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Transfer::Workflow.WorkflowStep" }, - "markdownDescription": "A list of key-value pairs to associate with the DB instance.", - "title": "Tags", + "markdownDescription": "Specifies the steps (actions) to take if errors are encountered during execution of the workflow.", + "title": "OnExceptionSteps", "type": "array" }, - "Username": { - "markdownDescription": "The username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. For example, my-user1. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. These attributes will be stored in a Secret created in Amazon Secrets Manager in your account.", - "title": "Username", - "type": "string" - }, - "VpcSecurityGroupIds": { + "Steps": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Transfer::Workflow.WorkflowStep" }, - "markdownDescription": "A list of VPC security group IDs to associate with the DB instance.", - "title": "VpcSecurityGroupIds", + "markdownDescription": "Specifies the details for the steps that are in the specified workflow.", + "title": "Steps", "type": "array" }, - "VpcSubnetIds": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of VPC subnet IDs to associate with the DB instance. Provide at least two VPC subnet IDs in different availability zones when deploying with a Multi-AZ standby.", - "title": "VpcSubnetIds", + "markdownDescription": "Key-value pairs that can be used to group and search for workflows. Tags are metadata attached to workflows for any purpose.", + "title": "Tags", "type": "array" } }, + "required": [ + "Steps" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Timestream::InfluxDBInstance" + "AWS::Transfer::Workflow" ], "type": "string" }, @@ -261955,45 +313191,254 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Timestream::InfluxDBInstance.LogDeliveryConfiguration": { + "AWS::Transfer::Workflow.CopyStepDetails": { "additionalProperties": false, "properties": { - "S3Configuration": { - "$ref": "#/definitions/AWS::Timestream::InfluxDBInstance.S3Configuration", - "markdownDescription": "Configuration for S3 bucket log delivery", - "title": "S3Configuration" + "DestinationFileLocation": { + "$ref": "#/definitions/AWS::Transfer::Workflow.S3FileLocation", + "markdownDescription": "Specifies the location for the file being copied. Use `${Transfer:UserName}` or `${Transfer:UploadDate}` in this field to parametrize the destination prefix by username or uploaded date.\n\n- Set the value of `DestinationFileLocation` to `${Transfer:UserName}` to copy uploaded files to an Amazon S3 bucket that is prefixed with the name of the Transfer Family user that uploaded the file.\n- Set the value of `DestinationFileLocation` to `${Transfer:UploadDate}` to copy uploaded files to an Amazon S3 bucket that is prefixed with the date of the upload.\n\n> The system resolves `UploadDate` to a date format of *YYYY-MM-DD* , based on the date the file is uploaded in UTC.", + "title": "DestinationFileLocation" + }, + "Name": { + "markdownDescription": "The name of the step, used as an identifier.", + "title": "Name", + "type": "string" + }, + "OverwriteExisting": { + "markdownDescription": "A flag that indicates whether to overwrite an existing file of the same name. The default is `FALSE` .\n\nIf the workflow is processing a file that has the same name as an existing file, the behavior is as follows:\n\n- If `OverwriteExisting` is `TRUE` , the existing file is replaced with the file being processed.\n- If `OverwriteExisting` is `FALSE` , nothing happens, and the workflow processing stops.", + "title": "OverwriteExisting", + "type": "string" + }, + "SourceFileLocation": { + "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", + "title": "SourceFileLocation", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Transfer::Workflow.CustomStepDetails": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the step, used as an identifier.", + "title": "Name", + "type": "string" + }, + "SourceFileLocation": { + "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", + "title": "SourceFileLocation", + "type": "string" + }, + "Target": { + "markdownDescription": "The ARN for the Lambda function that is being called.", + "title": "Target", + "type": "string" + }, + "TimeoutSeconds": { + "markdownDescription": "Timeout, in seconds, for the step.", + "title": "TimeoutSeconds", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Transfer::Workflow.DecryptStepDetails": { + "additionalProperties": false, + "properties": { + "DestinationFileLocation": { + "$ref": "#/definitions/AWS::Transfer::Workflow.InputFileLocation", + "markdownDescription": "Specifies the location for the file being decrypted. Use `${Transfer:UserName}` or `${Transfer:UploadDate}` in this field to parametrize the destination prefix by username or uploaded date.\n\n- Set the value of `DestinationFileLocation` to `${Transfer:UserName}` to decrypt uploaded files to an Amazon S3 bucket that is prefixed with the name of the Transfer Family user that uploaded the file.\n- Set the value of `DestinationFileLocation` to `${Transfer:UploadDate}` to decrypt uploaded files to an Amazon S3 bucket that is prefixed with the date of the upload.\n\n> The system resolves `UploadDate` to a date format of *YYYY-MM-DD* , based on the date the file is uploaded in UTC.", + "title": "DestinationFileLocation" + }, + "Name": { + "markdownDescription": "The name of the step, used as an identifier.", + "title": "Name", + "type": "string" + }, + "OverwriteExisting": { + "markdownDescription": "A flag that indicates whether to overwrite an existing file of the same name. The default is `FALSE` .\n\nIf the workflow is processing a file that has the same name as an existing file, the behavior is as follows:\n\n- If `OverwriteExisting` is `TRUE` , the existing file is replaced with the file being processed.\n- If `OverwriteExisting` is `FALSE` , nothing happens, and the workflow processing stops.", + "title": "OverwriteExisting", + "type": "string" + }, + "SourceFileLocation": { + "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", + "title": "SourceFileLocation", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of encryption used. Currently, this value must be `PGP` .", + "title": "Type", + "type": "string" } }, "required": [ - "S3Configuration" + "DestinationFileLocation", + "Type" ], "type": "object" }, - "AWS::Timestream::InfluxDBInstance.S3Configuration": { + "AWS::Transfer::Workflow.DeleteStepDetails": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "The bucket name of the customer S3 bucket.", - "title": "BucketName", + "Name": { + "markdownDescription": "The name of the step, used as an identifier.", + "title": "Name", "type": "string" }, - "Enabled": { - "markdownDescription": "Indicates whether log delivery to the S3 bucket is enabled.", - "title": "Enabled", - "type": "boolean" + "SourceFileLocation": { + "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", + "title": "SourceFileLocation", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Transfer::Workflow.EfsInputFileLocation": { + "additionalProperties": false, + "properties": { + "FileSystemId": { + "markdownDescription": "The identifier of the file system, assigned by Amazon EFS.", + "title": "FileSystemId", + "type": "string" + }, + "Path": { + "markdownDescription": "The pathname for the folder being used by a workflow.", + "title": "Path", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Transfer::Workflow.InputFileLocation": { + "additionalProperties": false, + "properties": { + "EfsFileLocation": { + "$ref": "#/definitions/AWS::Transfer::Workflow.EfsInputFileLocation", + "markdownDescription": "Specifies the details for the Amazon Elastic File System (Amazon EFS) file that's being decrypted.", + "title": "EfsFileLocation" + }, + "S3FileLocation": { + "$ref": "#/definitions/AWS::Transfer::Workflow.S3InputFileLocation", + "markdownDescription": "Specifies the details for the Amazon S3 file that's being copied or decrypted.", + "title": "S3FileLocation" + } + }, + "type": "object" + }, + "AWS::Transfer::Workflow.S3FileLocation": { + "additionalProperties": false, + "properties": { + "S3FileLocation": { + "$ref": "#/definitions/AWS::Transfer::Workflow.S3InputFileLocation", + "markdownDescription": "Specifies the details for the file location for the file that's being used in the workflow. Only applicable if you are using Amazon S3 storage.", + "title": "S3FileLocation" + } + }, + "type": "object" + }, + "AWS::Transfer::Workflow.S3InputFileLocation": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "Specifies the S3 bucket for the customer input file.", + "title": "Bucket", + "type": "string" + }, + "Key": { + "markdownDescription": "The name assigned to the file when it was created in Amazon S3. You use the object key to retrieve the object.", + "title": "Key", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Transfer::Workflow.S3Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The name assigned to the tag that you create.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The value that corresponds to the key.", + "title": "Value", + "type": "string" } }, "required": [ - "BucketName", - "Enabled" + "Key", + "Value" ], "type": "object" }, - "AWS::Timestream::ScheduledQuery": { + "AWS::Transfer::Workflow.TagStepDetails": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the step, used as an identifier.", + "title": "Name", + "type": "string" + }, + "SourceFileLocation": { + "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", + "title": "SourceFileLocation", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::Transfer::Workflow.S3Tag" + }, + "markdownDescription": "Array that contains from 1 to 10 key/value pairs.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Transfer::Workflow.WorkflowStep": { + "additionalProperties": false, + "properties": { + "CopyStepDetails": { + "$ref": "#/definitions/AWS::Transfer::Workflow.CopyStepDetails", + "markdownDescription": "Details for a step that performs a file copy.\n\nConsists of the following values:\n\n- A description\n- An Amazon S3 location for the destination of the file copy.\n- A flag that indicates whether to overwrite an existing file of the same name. The default is `FALSE` .", + "title": "CopyStepDetails" + }, + "CustomStepDetails": { + "$ref": "#/definitions/AWS::Transfer::Workflow.CustomStepDetails", + "markdownDescription": "Details for a step that invokes an AWS Lambda function.\n\nConsists of the Lambda function's name, target, and timeout (in seconds).", + "title": "CustomStepDetails" + }, + "DecryptStepDetails": { + "$ref": "#/definitions/AWS::Transfer::Workflow.DecryptStepDetails", + "markdownDescription": "Details for a step that decrypts an encrypted file.\n\nConsists of the following values:\n\n- A descriptive name\n- An Amazon S3 or Amazon Elastic File System (Amazon EFS) location for the source file to decrypt.\n- An S3 or Amazon EFS location for the destination of the file decryption.\n- A flag that indicates whether to overwrite an existing file of the same name. The default is `FALSE` .\n- The type of encryption that's used. Currently, only PGP encryption is supported.", + "title": "DecryptStepDetails" + }, + "DeleteStepDetails": { + "$ref": "#/definitions/AWS::Transfer::Workflow.DeleteStepDetails", + "markdownDescription": "Details for a step that deletes the file.", + "title": "DeleteStepDetails" + }, + "TagStepDetails": { + "$ref": "#/definitions/AWS::Transfer::Workflow.TagStepDetails", + "markdownDescription": "Details for a step that creates one or more tags.\n\nYou specify one or more tags. Each tag contains a key-value pair.", + "title": "TagStepDetails" + }, + "Type": { + "markdownDescription": "Currently, the following step types are supported.\n\n- *`COPY`* - Copy the file to another location.\n- *`CUSTOM`* - Perform a custom step with an AWS Lambda function target.\n- *`DECRYPT`* - Decrypt a file that was encrypted before it was uploaded.\n- *`DELETE`* - Delete the file.\n- *`TAG`* - Add a tag to the file.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::VerifiedPermissions::IdentitySource": { "additionalProperties": false, "properties": { "Condition": { @@ -262028,72 +313473,31 @@ "Properties": { "additionalProperties": false, "properties": { - "ClientToken": { - "markdownDescription": "Using a ClientToken makes the call to CreateScheduledQuery idempotent, in other words, making the same request repeatedly will produce the same result. Making multiple identical CreateScheduledQuery requests has the same effect as making a single request.\n\n- If CreateScheduledQuery is called without a `ClientToken` , the Query SDK generates a `ClientToken` on your behalf.\n- After 8 hours, any request with the same `ClientToken` is treated as a new request.", - "title": "ClientToken", - "type": "string" - }, - "ErrorReportConfiguration": { - "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.ErrorReportConfiguration", - "markdownDescription": "Configuration for error reporting. Error reports will be generated when a problem is encountered when writing the query results.", - "title": "ErrorReportConfiguration" - }, - "KmsKeyId": { - "markdownDescription": "The Amazon KMS key used to encrypt the scheduled query resource, at-rest. If the Amazon KMS key is not specified, the scheduled query resource will be encrypted with a Timestream owned Amazon KMS key. To specify a KMS key, use the key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix the name with *alias/*\n\nIf ErrorReportConfiguration uses `SSE_KMS` as encryption type, the same KmsKeyId is used to encrypt the error report at rest.", - "title": "KmsKeyId", - "type": "string" - }, - "NotificationConfiguration": { - "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.NotificationConfiguration", - "markdownDescription": "Notification configuration for the scheduled query. A notification is sent by Timestream when a query run finishes, when the state is updated or when you delete it.", - "title": "NotificationConfiguration" - }, - "QueryString": { - "markdownDescription": "The query string to run. Parameter names can be specified in the query string `@` character followed by an identifier. The named Parameter `@scheduled_runtime` is reserved and can be used in the query to get the time at which the query is scheduled to run.\n\nThe timestamp calculated according to the ScheduleConfiguration parameter, will be the value of `@scheduled_runtime` paramater for each query run. For example, consider an instance of a scheduled query executing on 2021-12-01 00:00:00. For this instance, the `@scheduled_runtime` parameter is initialized to the timestamp 2021-12-01 00:00:00 when invoking the query.", - "title": "QueryString", - "type": "string" - }, - "ScheduleConfiguration": { - "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.ScheduleConfiguration", - "markdownDescription": "Schedule configuration.", - "title": "ScheduleConfiguration" + "Configuration": { + "$ref": "#/definitions/AWS::VerifiedPermissions::IdentitySource.IdentitySourceConfiguration", + "markdownDescription": "Contains configuration information used when creating a new identity source.", + "title": "Configuration" }, - "ScheduledQueryExecutionRoleArn": { - "markdownDescription": "The ARN for the IAM role that Timestream will assume when running the scheduled query.", - "title": "ScheduledQueryExecutionRoleArn", + "PolicyStoreId": { + "markdownDescription": "Specifies the ID of the policy store in which you want to store this identity source. Only policies and requests made using this policy store can reference identities from the identity provider configured in the new identity source.", + "title": "PolicyStoreId", "type": "string" }, - "ScheduledQueryName": { - "markdownDescription": "A name for the query. Scheduled query names must be unique within each Region.", - "title": "ScheduledQueryName", + "PrincipalEntityType": { + "markdownDescription": "Specifies the namespace and data type of the principals generated for identities authenticated by the new identity source.", + "title": "PrincipalEntityType", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of key-value pairs to label the scheduled query.", - "title": "Tags", - "type": "array" - }, - "TargetConfiguration": { - "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.TargetConfiguration", - "markdownDescription": "Scheduled query target store configuration.", - "title": "TargetConfiguration" } }, "required": [ - "ErrorReportConfiguration", - "NotificationConfiguration", - "QueryString", - "ScheduleConfiguration", - "ScheduledQueryExecutionRoleArn" + "Configuration", + "PolicyStoreId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Timestream::ScheduledQuery" + "AWS::VerifiedPermissions::IdentitySource" ], "type": "string" }, @@ -262112,258 +313516,320 @@ ], "type": "object" }, - "AWS::Timestream::ScheduledQuery.DimensionMapping": { + "AWS::VerifiedPermissions::IdentitySource.CognitoGroupConfiguration": { "additionalProperties": false, "properties": { - "DimensionValueType": { - "markdownDescription": "Type for the dimension: VARCHAR", - "title": "DimensionValueType", - "type": "string" - }, - "Name": { - "markdownDescription": "Column name from query result.", - "title": "Name", + "GroupEntityType": { + "markdownDescription": "The name of the schema entity type that's mapped to the user pool group. Defaults to `AWS::CognitoGroup` .", + "title": "GroupEntityType", "type": "string" } }, "required": [ - "DimensionValueType", - "Name" + "GroupEntityType" ], "type": "object" }, - "AWS::Timestream::ScheduledQuery.ErrorReportConfiguration": { + "AWS::VerifiedPermissions::IdentitySource.CognitoUserPoolConfiguration": { "additionalProperties": false, "properties": { - "S3Configuration": { - "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.S3Configuration", - "markdownDescription": "The S3 configuration for the error reports.", - "title": "S3Configuration" + "ClientIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The unique application client IDs that are associated with the specified Amazon Cognito user pool.\n\nExample: `\"ClientIds\": [\"&ExampleCogClientId;\"]`", + "title": "ClientIds", + "type": "array" + }, + "GroupConfiguration": { + "$ref": "#/definitions/AWS::VerifiedPermissions::IdentitySource.CognitoGroupConfiguration", + "markdownDescription": "The type of entity that a policy store maps to groups from an Amazon Cognito user pool identity source.", + "title": "GroupConfiguration" + }, + "UserPoolArn": { + "markdownDescription": "The [Amazon Resource Name (ARN)](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html) of the Amazon Cognito user pool that contains the identities to be authorized.", + "title": "UserPoolArn", + "type": "string" } }, "required": [ - "S3Configuration" + "UserPoolArn" ], "type": "object" }, - "AWS::Timestream::ScheduledQuery.MixedMeasureMapping": { + "AWS::VerifiedPermissions::IdentitySource.IdentitySourceConfiguration": { "additionalProperties": false, "properties": { - "MeasureName": { - "markdownDescription": "Refers to the value of measure_name in a result row. This field is required if MeasureNameColumn is provided.", - "title": "MeasureName", - "type": "string" - }, - "MeasureValueType": { - "markdownDescription": "Type of the value that is to be read from sourceColumn. If the mapping is for MULTI, use MeasureValueType.MULTI.", - "title": "MeasureValueType", - "type": "string" + "CognitoUserPoolConfiguration": { + "$ref": "#/definitions/AWS::VerifiedPermissions::IdentitySource.CognitoUserPoolConfiguration", + "markdownDescription": "A structure that contains configuration information used when creating or updating an identity source that represents a connection to an Amazon Cognito user pool used as an identity provider for Verified Permissions .", + "title": "CognitoUserPoolConfiguration" }, - "MultiMeasureAttributeMappings": { + "OpenIdConnectConfiguration": { + "$ref": "#/definitions/AWS::VerifiedPermissions::IdentitySource.OpenIdConnectConfiguration", + "markdownDescription": "", + "title": "OpenIdConnectConfiguration" + } + }, + "type": "object" + }, + "AWS::VerifiedPermissions::IdentitySource.OpenIdConnectAccessTokenConfiguration": { + "additionalProperties": false, + "properties": { + "Audiences": { "items": { - "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.MultiMeasureAttributeMapping" + "type": "string" }, - "markdownDescription": "Required when measureValueType is MULTI. Attribute mappings for MULTI value measures.", - "title": "MultiMeasureAttributeMappings", + "markdownDescription": "The access token `aud` claim values that you want to accept in your policy store. For example, `https://myapp.example.com, https://myapp2.example.com` .", + "title": "Audiences", "type": "array" }, - "SourceColumn": { - "markdownDescription": "This field refers to the source column from which measure-value is to be read for result materialization.", - "title": "SourceColumn", + "PrincipalIdClaim": { + "markdownDescription": "The claim that determines the principal in OIDC access tokens. For example, `sub` .", + "title": "PrincipalIdClaim", + "type": "string" + } + }, + "type": "object" + }, + "AWS::VerifiedPermissions::IdentitySource.OpenIdConnectConfiguration": { + "additionalProperties": false, + "properties": { + "EntityIdPrefix": { + "markdownDescription": "A descriptive string that you want to prefix to user entities from your OIDC identity provider. For example, if you set an `entityIdPrefix` of `MyOIDCProvider` , you can reference principals in your policies in the format `MyCorp::User::MyOIDCProvider|Carlos` .", + "title": "EntityIdPrefix", + "type": "string" + }, + "GroupConfiguration": { + "$ref": "#/definitions/AWS::VerifiedPermissions::IdentitySource.OpenIdConnectGroupConfiguration", + "markdownDescription": "The claim in OIDC identity provider tokens that indicates a user's group membership, and the entity type that you want to map it to. For example, this object can map the contents of a `groups` claim to `MyCorp::UserGroup` .", + "title": "GroupConfiguration" + }, + "Issuer": { + "markdownDescription": "The issuer URL of an OIDC identity provider. This URL must have an OIDC discovery endpoint at the path `.well-known/openid-configuration` .", + "title": "Issuer", "type": "string" }, - "TargetMeasureName": { - "markdownDescription": "Target measure name to be used. If not provided, the target measure name by default would be measure-name if provided, or sourceColumn otherwise.", - "title": "TargetMeasureName", - "type": "string" + "TokenSelection": { + "$ref": "#/definitions/AWS::VerifiedPermissions::IdentitySource.OpenIdConnectTokenSelection", + "markdownDescription": "The token type that you want to process from your OIDC identity provider. Your policy store can process either identity (ID) or access tokens from a given OIDC identity source.", + "title": "TokenSelection" } }, "required": [ - "MeasureValueType" + "Issuer", + "TokenSelection" ], "type": "object" }, - "AWS::Timestream::ScheduledQuery.MultiMeasureAttributeMapping": { + "AWS::VerifiedPermissions::IdentitySource.OpenIdConnectGroupConfiguration": { "additionalProperties": false, "properties": { - "MeasureValueType": { - "markdownDescription": "Type of the attribute to be read from the source column.", - "title": "MeasureValueType", - "type": "string" - }, - "SourceColumn": { - "markdownDescription": "Source column from where the attribute value is to be read.", - "title": "SourceColumn", + "GroupClaim": { + "markdownDescription": "The token claim that you want Verified Permissions to interpret as group membership. For example, `groups` .", + "title": "GroupClaim", "type": "string" }, - "TargetMultiMeasureAttributeName": { - "markdownDescription": "Custom name to be used for attribute name in derived table. If not provided, source column name would be used.", - "title": "TargetMultiMeasureAttributeName", + "GroupEntityType": { + "markdownDescription": "The policy store entity type that you want to map your users' group claim to. For example, `MyCorp::UserGroup` . A group entity type is an entity that can have a user entity type as a member.", + "title": "GroupEntityType", "type": "string" } }, "required": [ - "MeasureValueType", - "SourceColumn" + "GroupClaim", + "GroupEntityType" ], "type": "object" }, - "AWS::Timestream::ScheduledQuery.MultiMeasureMappings": { + "AWS::VerifiedPermissions::IdentitySource.OpenIdConnectIdentityTokenConfiguration": { "additionalProperties": false, "properties": { - "MultiMeasureAttributeMappings": { + "ClientIds": { "items": { - "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.MultiMeasureAttributeMapping" + "type": "string" }, - "markdownDescription": "Required. Attribute mappings to be used for mapping query results to ingest data for multi-measure attributes.", - "title": "MultiMeasureAttributeMappings", + "markdownDescription": "The ID token audience, or client ID, claim values that you want to accept in your policy store from an OIDC identity provider. For example, `1example23456789, 2example10111213` .", + "title": "ClientIds", "type": "array" }, - "TargetMultiMeasureName": { - "markdownDescription": "The name of the target multi-measure name in the derived table. This input is required when measureNameColumn is not provided. If MeasureNameColumn is provided, then value from that column will be used as multi-measure name.", - "title": "TargetMultiMeasureName", + "PrincipalIdClaim": { + "markdownDescription": "The claim that determines the principal in OIDC access tokens. For example, `sub` .", + "title": "PrincipalIdClaim", "type": "string" } }, - "required": [ - "MultiMeasureAttributeMappings" - ], "type": "object" }, - "AWS::Timestream::ScheduledQuery.NotificationConfiguration": { + "AWS::VerifiedPermissions::IdentitySource.OpenIdConnectTokenSelection": { "additionalProperties": false, "properties": { - "SnsConfiguration": { - "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.SnsConfiguration", - "markdownDescription": "Details on SNS configuration.", - "title": "SnsConfiguration" + "AccessTokenOnly": { + "$ref": "#/definitions/AWS::VerifiedPermissions::IdentitySource.OpenIdConnectAccessTokenConfiguration", + "markdownDescription": "The OIDC configuration for processing access tokens. Contains allowed audience claims, for example `https://auth.example.com` , and the claim that you want to map to the principal, for example `sub` .", + "title": "AccessTokenOnly" + }, + "IdentityTokenOnly": { + "$ref": "#/definitions/AWS::VerifiedPermissions::IdentitySource.OpenIdConnectIdentityTokenConfiguration", + "markdownDescription": "The OIDC configuration for processing identity (ID) tokens. Contains allowed client ID claims, for example `1example23456789` , and the claim that you want to map to the principal, for example `sub` .", + "title": "IdentityTokenOnly" } }, - "required": [ - "SnsConfiguration" - ], "type": "object" }, - "AWS::Timestream::ScheduledQuery.S3Configuration": { + "AWS::VerifiedPermissions::Policy": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "Name of the S3 bucket under which error reports will be created.", - "title": "BucketName", + "Condition": { "type": "string" }, - "EncryptionOption": { - "markdownDescription": "Encryption at rest options for the error reports. If no encryption option is specified, Timestream will choose SSE_S3 as default.", - "title": "EncryptionOption", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ObjectKeyPrefix": { - "markdownDescription": "Prefix for the error report key. Timestream by default adds the following prefix to the error report path.", - "title": "ObjectKeyPrefix", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Definition": { + "$ref": "#/definitions/AWS::VerifiedPermissions::Policy.PolicyDefinition", + "markdownDescription": "Specifies the policy type and content to use for the new or updated policy. The definition structure must include either a `Static` or a `TemplateLinked` element.", + "title": "Definition" + }, + "PolicyStoreId": { + "markdownDescription": "Specifies the `PolicyStoreId` of the policy store you want to store the policy in.", + "title": "PolicyStoreId", + "type": "string" + } + }, + "required": [ + "Definition", + "PolicyStoreId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::VerifiedPermissions::Policy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "BucketName" + "Type", + "Properties" ], "type": "object" }, - "AWS::Timestream::ScheduledQuery.ScheduleConfiguration": { + "AWS::VerifiedPermissions::Policy.EntityIdentifier": { "additionalProperties": false, "properties": { - "ScheduleExpression": { - "markdownDescription": "An expression that denotes when to trigger the scheduled query run. This can be a cron expression or a rate expression.", - "title": "ScheduleExpression", + "EntityId": { + "markdownDescription": "The identifier of an entity.\n\n`\"entityId\":\" *identifier* \"`", + "title": "EntityId", + "type": "string" + }, + "EntityType": { + "markdownDescription": "The type of an entity.\n\nExample: `\"entityType\":\" *typeName* \"`", + "title": "EntityType", "type": "string" } }, "required": [ - "ScheduleExpression" + "EntityId", + "EntityType" ], "type": "object" }, - "AWS::Timestream::ScheduledQuery.SnsConfiguration": { + "AWS::VerifiedPermissions::Policy.PolicyDefinition": { "additionalProperties": false, "properties": { - "TopicArn": { - "markdownDescription": "SNS topic ARN that the scheduled query status notifications will be sent to.", - "title": "TopicArn", - "type": "string" + "Static": { + "$ref": "#/definitions/AWS::VerifiedPermissions::Policy.StaticPolicyDefinition", + "markdownDescription": "A structure that describes a static policy. An static policy doesn't use a template or allow placeholders for entities.", + "title": "Static" + }, + "TemplateLinked": { + "$ref": "#/definitions/AWS::VerifiedPermissions::Policy.TemplateLinkedPolicyDefinition", + "markdownDescription": "A structure that describes a policy that was instantiated from a template. The template can specify placeholders for `principal` and `resource` . When you use [CreatePolicy](https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicy.html) to create a policy from a template, you specify the exact principal and resource to use for the instantiated policy.", + "title": "TemplateLinked" } }, - "required": [ - "TopicArn" - ], "type": "object" }, - "AWS::Timestream::ScheduledQuery.TargetConfiguration": { + "AWS::VerifiedPermissions::Policy.StaticPolicyDefinition": { "additionalProperties": false, "properties": { - "TimestreamConfiguration": { - "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.TimestreamConfiguration", - "markdownDescription": "Configuration needed to write data into the Timestream database and table.", - "title": "TimestreamConfiguration" + "Description": { + "markdownDescription": "The description of the static policy.", + "title": "Description", + "type": "string" + }, + "Statement": { + "markdownDescription": "The policy content of the static policy, written in the Cedar policy language.", + "title": "Statement", + "type": "string" } }, "required": [ - "TimestreamConfiguration" + "Statement" ], "type": "object" }, - "AWS::Timestream::ScheduledQuery.TimestreamConfiguration": { + "AWS::VerifiedPermissions::Policy.TemplateLinkedPolicyDefinition": { "additionalProperties": false, "properties": { - "DatabaseName": { - "markdownDescription": "Name of Timestream database to which the query result will be written.", - "title": "DatabaseName", - "type": "string" - }, - "DimensionMappings": { - "items": { - "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.DimensionMapping" - }, - "markdownDescription": "This is to allow mapping column(s) from the query result to the dimension in the destination table.", - "title": "DimensionMappings", - "type": "array" - }, - "MeasureNameColumn": { - "markdownDescription": "Name of the measure column. Also see `MultiMeasureMappings` and `MixedMeasureMappings` for how measure name properties on those relate to `MeasureNameColumn` .", - "title": "MeasureNameColumn", + "PolicyTemplateId": { + "markdownDescription": "The unique identifier of the policy template used to create this policy.", + "title": "PolicyTemplateId", "type": "string" }, - "MixedMeasureMappings": { - "items": { - "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.MixedMeasureMapping" - }, - "markdownDescription": "Specifies how to map measures to multi-measure records.", - "title": "MixedMeasureMappings", - "type": "array" - }, - "MultiMeasureMappings": { - "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.MultiMeasureMappings", - "markdownDescription": "Multi-measure mappings.", - "title": "MultiMeasureMappings" - }, - "TableName": { - "markdownDescription": "Name of Timestream table that the query result will be written to. The table should be within the same database that is provided in Timestream configuration.", - "title": "TableName", - "type": "string" + "Principal": { + "$ref": "#/definitions/AWS::VerifiedPermissions::Policy.EntityIdentifier", + "markdownDescription": "The principal associated with this template-linked policy. Verified Permissions substitutes this principal for the `?principal` placeholder in the policy template when it evaluates an authorization request.", + "title": "Principal" }, - "TimeColumn": { - "markdownDescription": "Column from query result that should be used as the time column in destination table. Column type for this should be TIMESTAMP.", - "title": "TimeColumn", - "type": "string" + "Resource": { + "$ref": "#/definitions/AWS::VerifiedPermissions::Policy.EntityIdentifier", + "markdownDescription": "The resource associated with this template-linked policy. Verified Permissions substitutes this resource for the `?resource` placeholder in the policy template when it evaluates an authorization request.", + "title": "Resource" } }, "required": [ - "DatabaseName", - "DimensionMappings", - "TableName", - "TimeColumn" + "PolicyTemplateId" ], "type": "object" }, - "AWS::Timestream::Table": { + "AWS::VerifiedPermissions::PolicyStore": { "additionalProperties": false, "properties": { "Condition": { @@ -262398,48 +313864,43 @@ "Properties": { "additionalProperties": false, "properties": { - "DatabaseName": { - "markdownDescription": "The name of the Timestream database that contains this table.\n\n*Length Constraints* : Minimum length of 3 bytes. Maximum length of 256 bytes.", - "title": "DatabaseName", - "type": "string" - }, - "MagneticStoreWriteProperties": { - "$ref": "#/definitions/AWS::Timestream::Table.MagneticStoreWriteProperties", - "markdownDescription": "Contains properties to set on the table when enabling magnetic store writes.\n\nThis object has the following attributes:\n\n- *EnableMagneticStoreWrites* : A `boolean` flag to enable magnetic store writes.\n- *MagneticStoreRejectedDataLocation* : The location to write error reports for records rejected, asynchronously, during magnetic store writes. Only `S3Configuration` objects are allowed. The `S3Configuration` object has the following attributes:\n\n- *BucketName* : The name of the S3 bucket.\n- *EncryptionOption* : The encryption option for the S3 location. Valid values are S3 server-side encryption with an S3 managed key ( `SSE_S3` ) or AWS managed key ( `SSE_KMS` ).\n- *KmsKeyId* : The AWS KMS key ID to use when encrypting with an AWS managed key.\n- *ObjectKeyPrefix* : The prefix to use option for the objects stored in S3.\n\nBoth `BucketName` and `EncryptionOption` are *required* when `S3Configuration` is specified. If you specify `SSE_KMS` as your `EncryptionOption` then `KmsKeyId` is *required* .\n\n`EnableMagneticStoreWrites` attribute is *required* when `MagneticStoreWriteProperties` is specified. `MagneticStoreRejectedDataLocation` attribute is *required* when `EnableMagneticStoreWrites` is set to `true` .\n\nSee the following examples:\n\n*JSON*\n\n```json\n{ \"Type\" : AWS::Timestream::Table\", \"Properties\":{ \"DatabaseName\":\"TestDatabase\", \"TableName\":\"TestTable\", \"MagneticStoreWriteProperties\":{ \"EnableMagneticStoreWrites\":true, \"MagneticStoreRejectedDataLocation\":{ \"S3Configuration\":{ \"BucketName\":\" amzn-s3-demo-bucket \", \"EncryptionOption\":\"SSE_KMS\", \"KmsKeyId\":\"1234abcd-12ab-34cd-56ef-1234567890ab\", \"ObjectKeyPrefix\":\"prefix\" } } } }\n}\n```\n\n*YAML*\n\n```\nType: AWS::Timestream::Table\nDependsOn: TestDatabase\nProperties: TableName: \"TestTable\" DatabaseName: \"TestDatabase\" MagneticStoreWriteProperties: EnableMagneticStoreWrites: true MagneticStoreRejectedDataLocation: S3Configuration: BucketName: \" amzn-s3-demo-bucket \" EncryptionOption: \"SSE_KMS\" KmsKeyId: \"1234abcd-12ab-34cd-56ef-1234567890ab\" ObjectKeyPrefix: \"prefix\"\n```", - "title": "MagneticStoreWriteProperties" + "DeletionProtection": { + "$ref": "#/definitions/AWS::VerifiedPermissions::PolicyStore.DeletionProtection", + "markdownDescription": "Specifies whether the policy store can be deleted. If enabled, the policy store can't be deleted.\n\nThe default state is `DISABLED` .", + "title": "DeletionProtection" }, - "RetentionProperties": { - "$ref": "#/definitions/AWS::Timestream::Table.RetentionProperties", - "markdownDescription": "The retention duration for the memory store and magnetic store. This object has the following attributes:\n\n- *MemoryStoreRetentionPeriodInHours* : Retention duration for memory store, in hours.\n- *MagneticStoreRetentionPeriodInDays* : Retention duration for magnetic store, in days.\n\nBoth attributes are of type `string` . Both attributes are *required* when `RetentionProperties` is specified.\n\nSee the following examples:\n\n*JSON*\n\n`{ \"Type\" : AWS::Timestream::Table\", \"Properties\" : { \"DatabaseName\" : \"TestDatabase\", \"TableName\" : \"TestTable\", \"RetentionProperties\" : { \"MemoryStoreRetentionPeriodInHours\": \"24\", \"MagneticStoreRetentionPeriodInDays\": \"7\" } } }` \n\n*YAML*\n\n```\nType: AWS::Timestream::Table\nDependsOn: TestDatabase\nProperties: TableName: \"TestTable\" DatabaseName: \"TestDatabase\" RetentionProperties: MemoryStoreRetentionPeriodInHours: \"24\" MagneticStoreRetentionPeriodInDays: \"7\"\n```", - "title": "RetentionProperties" + "Description": { + "markdownDescription": "Descriptive text that you can provide to help with identification of the current policy store.", + "title": "Description", + "type": "string" }, "Schema": { - "$ref": "#/definitions/AWS::Timestream::Table.Schema", - "markdownDescription": "The schema of the table.", + "$ref": "#/definitions/AWS::VerifiedPermissions::PolicyStore.SchemaDefinition", + "markdownDescription": "Creates or updates the policy schema in a policy store. Cedar can use the schema to validate any Cedar policies and policy templates submitted to the policy store. Any changes to the schema validate only policies and templates submitted after the schema change. Existing policies and templates are not re-evaluated against the changed schema. If you later update a policy, then it is evaluated against the new schema at that time.", "title": "Schema" }, - "TableName": { - "markdownDescription": "The name of the Timestream table.\n\n*Length Constraints* : Minimum length of 3 bytes. Maximum length of 256 bytes.", - "title": "TableName", - "type": "string" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to add to the table", + "markdownDescription": "The list of key-value pairs to associate with the policy store.", "title": "Tags", "type": "array" + }, + "ValidationSettings": { + "$ref": "#/definitions/AWS::VerifiedPermissions::PolicyStore.ValidationSettings", + "markdownDescription": "Specifies the validation setting for this policy store.\n\nCurrently, the only valid and required value is `Mode` .\n\n> We recommend that you turn on `STRICT` mode only after you define a schema. If a schema doesn't exist, then `STRICT` mode causes any policy to fail validation, and Verified Permissions rejects the policy. You can turn off validation by using the [UpdatePolicyStore](https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyStore) . Then, when you have a schema defined, use [UpdatePolicyStore](https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyStore) again to turn validation back on.", + "title": "ValidationSettings" } }, "required": [ - "DatabaseName" + "ValidationSettings" ], "type": "object" }, "Type": { "enum": [ - "AWS::Timestream::Table" + "AWS::VerifiedPermissions::PolicyStore" ], "type": "string" }, @@ -262458,121 +313919,46 @@ ], "type": "object" }, - "AWS::Timestream::Table.MagneticStoreRejectedDataLocation": { - "additionalProperties": false, - "properties": { - "S3Configuration": { - "$ref": "#/definitions/AWS::Timestream::Table.S3Configuration", - "markdownDescription": "Configuration of an S3 location to write error reports for records rejected, asynchronously, during magnetic store writes.", - "title": "S3Configuration" - } - }, - "type": "object" - }, - "AWS::Timestream::Table.MagneticStoreWriteProperties": { - "additionalProperties": false, - "properties": { - "EnableMagneticStoreWrites": { - "markdownDescription": "A flag to enable magnetic store writes.", - "title": "EnableMagneticStoreWrites", - "type": "boolean" - }, - "MagneticStoreRejectedDataLocation": { - "$ref": "#/definitions/AWS::Timestream::Table.MagneticStoreRejectedDataLocation", - "markdownDescription": "The location to write error reports for records rejected asynchronously during magnetic store writes.", - "title": "MagneticStoreRejectedDataLocation" - } - }, - "required": [ - "EnableMagneticStoreWrites" - ], - "type": "object" - }, - "AWS::Timestream::Table.PartitionKey": { + "AWS::VerifiedPermissions::PolicyStore.DeletionProtection": { "additionalProperties": false, "properties": { - "EnforcementInRecord": { - "markdownDescription": "The level of enforcement for the specification of a dimension key in ingested records. Options are REQUIRED (dimension key must be specified) and OPTIONAL (dimension key does not have to be specified).", - "title": "EnforcementInRecord", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the attribute used for a dimension key.", - "title": "Name", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of the partition key. Options are DIMENSION (dimension key) and MEASURE (measure key).", - "title": "Type", + "Mode": { + "markdownDescription": "Specifies whether the policy store can be deleted. If enabled, the policy store can't be deleted.\n\nThe default state is `DISABLED` .", + "title": "Mode", "type": "string" } }, "required": [ - "Type" + "Mode" ], "type": "object" }, - "AWS::Timestream::Table.RetentionProperties": { + "AWS::VerifiedPermissions::PolicyStore.SchemaDefinition": { "additionalProperties": false, "properties": { - "MagneticStoreRetentionPeriodInDays": { - "markdownDescription": "The duration for which data must be stored in the magnetic store.", - "title": "MagneticStoreRetentionPeriodInDays", - "type": "string" - }, - "MemoryStoreRetentionPeriodInHours": { - "markdownDescription": "The duration for which data must be stored in the memory store.", - "title": "MemoryStoreRetentionPeriodInHours", + "CedarJson": { + "markdownDescription": "A JSON string representation of the schema supported by applications that use this policy store. For more information, see [Policy store schema](https://docs.aws.amazon.com/verifiedpermissions/latest/userguide/schema.html) in the AVP User Guide.", + "title": "CedarJson", "type": "string" } }, "type": "object" }, - "AWS::Timestream::Table.S3Configuration": { + "AWS::VerifiedPermissions::PolicyStore.ValidationSettings": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "The bucket name of the customer S3 bucket.", - "title": "BucketName", - "type": "string" - }, - "EncryptionOption": { - "markdownDescription": "The encryption option for the customer S3 location. Options are S3 server-side encryption with an S3 managed key or AWS managed key.", - "title": "EncryptionOption", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "The AWS KMS key ID for the customer S3 location when encrypting with an AWS managed key.", - "title": "KmsKeyId", - "type": "string" - }, - "ObjectKeyPrefix": { - "markdownDescription": "The object key preview for the customer S3 location.", - "title": "ObjectKeyPrefix", + "Mode": { + "markdownDescription": "The validation mode currently configured for this policy store. The valid values are:\n\n- *OFF* \u2013 Neither Verified Permissions nor Cedar perform any validation on policies. No validation errors are reported by either service.\n- *STRICT* \u2013 Requires a schema to be present in the policy store. Cedar performs validation on all submitted new or updated static policies and policy templates. Any that fail validation are rejected and Cedar doesn't store them in the policy store.\n\n> If `Mode=STRICT` and the policy store doesn't contain a schema, Verified Permissions rejects all static policies and policy templates because there is no schema to validate against.\n> \n> To submit a static policy or policy template without a schema, you must turn off validation.", + "title": "Mode", "type": "string" } }, "required": [ - "BucketName", - "EncryptionOption" + "Mode" ], "type": "object" }, - "AWS::Timestream::Table.Schema": { - "additionalProperties": false, - "properties": { - "CompositePartitionKey": { - "items": { - "$ref": "#/definitions/AWS::Timestream::Table.PartitionKey" - }, - "markdownDescription": "A non-empty list of partition keys defining the attributes used to partition the table data. The order of the list determines the partition hierarchy. The name and type of each partition key as well as the partition key order cannot be changed after the table is created. However, the enforcement level of each partition key can be changed.", - "title": "CompositePartitionKey", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Transfer::Agreement": { + "AWS::VerifiedPermissions::PolicyTemplate": { "additionalProperties": false, "properties": { "Condition": { @@ -262607,62 +313993,31 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessRole": { - "markdownDescription": "Connectors are used to send files using either the AS2 or SFTP protocol. For the access role, provide the Amazon Resource Name (ARN) of the AWS Identity and Access Management role to use.\n\n*For AS2 connectors*\n\nWith AS2, you can send files by calling `StartFileTransfer` and specifying the file paths in the request parameter, `SendFilePaths` . We use the file\u2019s parent directory (for example, for `--send-file-paths /bucket/dir/file.txt` , parent directory is `/bucket/dir/` ) to temporarily store a processed AS2 message file, store the MDN when we receive them from the partner, and write a final JSON file containing relevant metadata of the transmission. So, the `AccessRole` needs to provide read and write access to the parent directory of the file location used in the `StartFileTransfer` request. Additionally, you need to provide read and write access to the parent directory of the files that you intend to send with `StartFileTransfer` .\n\nIf you are using Basic authentication for your AS2 connector, the access role requires the `secretsmanager:GetSecretValue` permission for the secret. If the secret is encrypted using a customer-managed key instead of the AWS managed key in Secrets Manager, then the role also needs the `kms:Decrypt` permission for that key.\n\n*For SFTP connectors*\n\nMake sure that the access role provides read and write access to the parent directory of the file location that's used in the `StartFileTransfer` request. Additionally, make sure that the role provides `secretsmanager:GetSecretValue` permission to AWS Secrets Manager .", - "title": "AccessRole", - "type": "string" - }, - "BaseDirectory": { - "markdownDescription": "The landing directory (folder) for files that are transferred by using the AS2 protocol.", - "title": "BaseDirectory", - "type": "string" - }, "Description": { - "markdownDescription": "The name or short description that's used to identify the agreement.", + "markdownDescription": "The description to attach to the new or updated policy template.", "title": "Description", "type": "string" }, - "LocalProfileId": { - "markdownDescription": "A unique identifier for the AS2 local profile.", - "title": "LocalProfileId", - "type": "string" - }, - "PartnerProfileId": { - "markdownDescription": "A unique identifier for the partner profile used in the agreement.", - "title": "PartnerProfileId", - "type": "string" - }, - "ServerId": { - "markdownDescription": "A system-assigned unique identifier for a server instance. This identifier indicates the specific server that the agreement uses.", - "title": "ServerId", + "PolicyStoreId": { + "markdownDescription": "The unique identifier of the policy store that contains the template.", + "title": "PolicyStoreId", "type": "string" }, - "Status": { - "markdownDescription": "The current status of the agreement, either `ACTIVE` or `INACTIVE` .", - "title": "Status", + "Statement": { + "markdownDescription": "Specifies the content that you want to use for the new policy template, written in the Cedar policy language.", + "title": "Statement", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Key-value pairs that can be used to group and search for agreements.", - "title": "Tags", - "type": "array" } }, "required": [ - "AccessRole", - "BaseDirectory", - "LocalProfileId", - "PartnerProfileId", - "ServerId" + "PolicyStoreId", + "Statement" ], "type": "object" }, "Type": { "enum": [ - "AWS::Transfer::Agreement" + "AWS::VerifiedPermissions::PolicyTemplate" ], "type": "string" }, @@ -262681,7 +314036,7 @@ ], "type": "object" }, - "AWS::Transfer::Certificate": { + "AWS::VoiceID::Domain": { "additionalProperties": false, "properties": { "Condition": { @@ -262716,59 +314071,39 @@ "Properties": { "additionalProperties": false, "properties": { - "ActiveDate": { - "markdownDescription": "An optional date that specifies when the certificate becomes active. If you do not specify a value, `ActiveDate` takes the same value as `NotBeforeDate` , which is specified by the CA.", - "title": "ActiveDate", - "type": "string" - }, - "Certificate": { - "markdownDescription": "The file name for the certificate.", - "title": "Certificate", - "type": "string" - }, - "CertificateChain": { - "markdownDescription": "The list of certificates that make up the chain for the certificate.", - "title": "CertificateChain", - "type": "string" - }, "Description": { - "markdownDescription": "The name or description that's used to identity the certificate.", + "markdownDescription": "The description of the domain.", "title": "Description", "type": "string" }, - "InactiveDate": { - "markdownDescription": "An optional date that specifies when the certificate becomes inactive. If you do not specify a value, `InactiveDate` takes the same value as `NotAfterDate` , which is specified by the CA.", - "title": "InactiveDate", + "Name": { + "markdownDescription": "The name for the domain.", + "title": "Name", "type": "string" }, - "PrivateKey": { - "markdownDescription": "The file that contains the private key for the certificate that's being imported.", - "title": "PrivateKey", - "type": "string" + "ServerSideEncryptionConfiguration": { + "$ref": "#/definitions/AWS::VoiceID::Domain.ServerSideEncryptionConfiguration", + "markdownDescription": "The server-side encryption configuration containing the KMS key identifier you want Voice ID to use to encrypt your data.", + "title": "ServerSideEncryptionConfiguration" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Key-value pairs that can be used to group and search for certificates.", + "markdownDescription": "The tags used to organize, track, or control access for this resource.", "title": "Tags", "type": "array" - }, - "Usage": { - "markdownDescription": "Specifies how this certificate is used. It can be used in the following ways:\n\n- `SIGNING` : For signing AS2 messages\n- `ENCRYPTION` : For encrypting AS2 messages\n- `TLS` : For securing AS2 communications sent over HTTPS", - "title": "Usage", - "type": "string" } }, "required": [ - "Certificate", - "Usage" + "Name", + "ServerSideEncryptionConfiguration" ], "type": "object" }, "Type": { "enum": [ - "AWS::Transfer::Certificate" + "AWS::VoiceID::Domain" ], "type": "string" }, @@ -262787,7 +314122,21 @@ ], "type": "object" }, - "AWS::Transfer::Connector": { + "AWS::VoiceID::Domain.ServerSideEncryptionConfiguration": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "markdownDescription": "The identifier of the KMS key to use to encrypt data stored by Voice ID. Voice ID doesn't support asymmetric customer managed keys.", + "title": "KmsKeyId", + "type": "string" + } + }, + "required": [ + "KmsKeyId" + ], + "type": "object" + }, + "AWS::VpcLattice::AccessLogSubscription": { "additionalProperties": false, "properties": { "Condition": { @@ -262822,49 +314171,38 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessRole": { - "markdownDescription": "Connectors are used to send files using either the AS2 or SFTP protocol. For the access role, provide the Amazon Resource Name (ARN) of the AWS Identity and Access Management role to use.\n\n*For AS2 connectors*\n\nWith AS2, you can send files by calling `StartFileTransfer` and specifying the file paths in the request parameter, `SendFilePaths` . We use the file\u2019s parent directory (for example, for `--send-file-paths /bucket/dir/file.txt` , parent directory is `/bucket/dir/` ) to temporarily store a processed AS2 message file, store the MDN when we receive them from the partner, and write a final JSON file containing relevant metadata of the transmission. So, the `AccessRole` needs to provide read and write access to the parent directory of the file location used in the `StartFileTransfer` request. Additionally, you need to provide read and write access to the parent directory of the files that you intend to send with `StartFileTransfer` .\n\nIf you are using Basic authentication for your AS2 connector, the access role requires the `secretsmanager:GetSecretValue` permission for the secret. If the secret is encrypted using a customer-managed key instead of the AWS managed key in Secrets Manager, then the role also needs the `kms:Decrypt` permission for that key.\n\n*For SFTP connectors*\n\nMake sure that the access role provides read and write access to the parent directory of the file location that's used in the `StartFileTransfer` request. Additionally, make sure that the role provides `secretsmanager:GetSecretValue` permission to AWS Secrets Manager .", - "title": "AccessRole", + "DestinationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the destination. The supported destination types are CloudWatch Log groups, Kinesis Data Firehose delivery streams, and Amazon S3 buckets.", + "title": "DestinationArn", "type": "string" }, - "As2Config": { - "$ref": "#/definitions/AWS::Transfer::Connector.As2Config", - "markdownDescription": "A structure that contains the parameters for an AS2 connector object.", - "title": "As2Config" - }, - "LoggingRole": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that allows a connector to turn on CloudWatch logging for Amazon S3 events. When set, you can view connector activity in your CloudWatch logs.", - "title": "LoggingRole", + "ResourceIdentifier": { + "markdownDescription": "The ID or ARN of the service network or service.", + "title": "ResourceIdentifier", "type": "string" }, - "SftpConfig": { - "$ref": "#/definitions/AWS::Transfer::Connector.SftpConfig", - "markdownDescription": "A structure that contains the parameters for an SFTP connector object.", - "title": "SftpConfig" + "ServiceNetworkLogType": { + "markdownDescription": "Log type of the service network.", + "title": "ServiceNetworkLogType", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Key-value pairs that can be used to group and search for connectors.", + "markdownDescription": "The tags for the access log subscription.", "title": "Tags", "type": "array" - }, - "Url": { - "markdownDescription": "The URL of the partner's AS2 or SFTP endpoint.", - "title": "Url", - "type": "string" } }, "required": [ - "AccessRole", - "Url" + "DestinationArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Transfer::Connector" + "AWS::VpcLattice::AccessLogSubscription" ], "type": "string" }, @@ -262883,77 +314221,80 @@ ], "type": "object" }, - "AWS::Transfer::Connector.As2Config": { + "AWS::VpcLattice::AuthPolicy": { "additionalProperties": false, "properties": { - "BasicAuthSecretId": { - "markdownDescription": "Provides Basic authentication support to the AS2 Connectors API. To use Basic authentication, you must provide the name or Amazon Resource Name (ARN) of a secret in AWS Secrets Manager .\n\nThe default value for this parameter is `null` , which indicates that Basic authentication is not enabled for the connector.\n\nIf the connector should use Basic authentication, the secret needs to be in the following format:\n\n`{ \"Username\": \"user-name\", \"Password\": \"user-password\" }`\n\nReplace `user-name` and `user-password` with the credentials for the actual user that is being authenticated.\n\nNote the following:\n\n- You are storing these credentials in Secrets Manager, *not passing them directly* into this API.\n- If you are using the API, SDKs, or CloudFormation to configure your connector, then you must create the secret before you can enable Basic authentication. However, if you are using the AWS management console, you can have the system create the secret for you.\n\nIf you have previously enabled Basic authentication for a connector, you can disable it by using the `UpdateConnector` API call. For example, if you are using the CLI, you can run the following command to remove Basic authentication:\n\n`update-connector --connector-id my-connector-id --as2-config 'BasicAuthSecretId=\"\"'`", - "title": "BasicAuthSecretId", - "type": "string" - }, - "Compression": { - "markdownDescription": "Specifies whether the AS2 file is compressed.", - "title": "Compression", - "type": "string" - }, - "EncryptionAlgorithm": { - "markdownDescription": "The algorithm that is used to encrypt the file.\n\nNote the following:\n\n- Do not use the `DES_EDE3_CBC` algorithm unless you must support a legacy client that requires it, as it is a weak encryption algorithm.\n- You can only specify `NONE` if the URL for your connector uses HTTPS. Using HTTPS ensures that no traffic is sent in clear text.", - "title": "EncryptionAlgorithm", - "type": "string" - }, - "LocalProfileId": { - "markdownDescription": "A unique identifier for the AS2 local profile.", - "title": "LocalProfileId", + "Condition": { "type": "string" }, - "MdnResponse": { - "markdownDescription": "Used for outbound requests (from an AWS Transfer Family connector to a partner AS2 server) to determine whether the partner response for transfers is synchronous or asynchronous. Specify either of the following values:\n\n- `SYNC` : The system expects a synchronous MDN response, confirming that the file was transferred successfully (or not).\n- `NONE` : Specifies that no MDN response is required.", - "title": "MdnResponse", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "MdnSigningAlgorithm": { - "markdownDescription": "The signing algorithm for the MDN response.\n\n> If set to DEFAULT (or not set at all), the value for `SigningAlgorithm` is used.", - "title": "MdnSigningAlgorithm", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "MessageSubject": { - "markdownDescription": "Used as the `Subject` HTTP header attribute in AS2 messages that are being sent with the connector.", - "title": "MessageSubject", - "type": "string" + "Metadata": { + "type": "object" }, - "PartnerProfileId": { - "markdownDescription": "A unique identifier for the partner profile for the connector.", - "title": "PartnerProfileId", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Policy": { + "markdownDescription": "The auth policy.", + "title": "Policy", + "type": "object" + }, + "ResourceIdentifier": { + "markdownDescription": "The ID or ARN of the service network or service for which the policy is created.", + "title": "ResourceIdentifier", + "type": "string" + } + }, + "required": [ + "Policy", + "ResourceIdentifier" + ], + "type": "object" }, - "SigningAlgorithm": { - "markdownDescription": "The algorithm that is used to sign the AS2 messages sent with the connector.", - "title": "SigningAlgorithm", + "Type": { + "enum": [ + "AWS::VpcLattice::AuthPolicy" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::Transfer::Connector.SftpConfig": { - "additionalProperties": false, - "properties": { - "TrustedHostKeys": { - "items": { - "type": "string" - }, - "markdownDescription": "The public portion of the host key, or keys, that are used to identify the external server to which you are connecting. You can use the `ssh-keyscan` command against the SFTP server to retrieve the necessary key.\n\n> `TrustedHostKeys` is optional for `CreateConnector` . If not provided, you can use `TestConnection` to retrieve the server host key during the initial connection attempt, and subsequently update the connector with the observed host key. \n\nThe three standard SSH public key format elements are `` , `` , and an optional `` , with spaces between each element. Specify only the `` and `` : do not enter the `` portion of the key.\n\nFor the trusted host key, AWS Transfer Family accepts RSA and ECDSA keys.\n\n- For RSA keys, the `` string is `ssh-rsa` .\n- For ECDSA keys, the `` string is either `ecdsa-sha2-nistp256` , `ecdsa-sha2-nistp384` , or `ecdsa-sha2-nistp521` , depending on the size of the key you generated.\n\nRun this command to retrieve the SFTP server host key, where your SFTP server name is `ftp.host.com` .\n\n`ssh-keyscan ftp.host.com`\n\nThis prints the public host key to standard output.\n\n`ftp.host.com ssh-rsa AAAAB3Nza... - Required when creating an SFTP connector\n> - Optional when updating an existing SFTP connector", - "title": "UserSecretId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::Transfer::Profile": { + "AWS::VpcLattice::Listener": { "additionalProperties": false, "properties": { "Condition": { @@ -262988,42 +314329,49 @@ "Properties": { "additionalProperties": false, "properties": { - "As2Id": { - "markdownDescription": "The `As2Id` is the *AS2-name* , as defined in the [RFC 4130](https://docs.aws.amazon.com/https://datatracker.ietf.org/doc/html/rfc4130) . For inbound transfers, this is the `AS2-From` header for the AS2 messages sent from the partner. For outbound connectors, this is the `AS2-To` header for the AS2 messages sent to the partner using the `StartFileTransfer` API operation. This ID cannot include spaces.", - "title": "As2Id", + "DefaultAction": { + "$ref": "#/definitions/AWS::VpcLattice::Listener.DefaultAction", + "markdownDescription": "The action for the default rule. Each listener has a default rule. The default rule is used if no other rules match.", + "title": "DefaultAction" + }, + "Name": { + "markdownDescription": "The name of the listener. A listener name must be unique within a service. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name.", + "title": "Name", "type": "string" }, - "CertificateIds": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of identifiers for the imported certificates. You use this identifier for working with profiles and partner profiles.", - "title": "CertificateIds", - "type": "array" + "Port": { + "markdownDescription": "The listener port. You can specify a value from 1 to 65535. For HTTP, the default is 80. For HTTPS, the default is 443.", + "title": "Port", + "type": "number" }, - "ProfileType": { - "markdownDescription": "Indicates whether to list only `LOCAL` type profiles or only `PARTNER` type profiles. If not supplied in the request, the command lists all types of profiles.", - "title": "ProfileType", + "Protocol": { + "markdownDescription": "The listener protocol.", + "title": "Protocol", + "type": "string" + }, + "ServiceIdentifier": { + "markdownDescription": "The ID or ARN of the service.", + "title": "ServiceIdentifier", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Key-value pairs that can be used to group and search for profiles.", + "markdownDescription": "The tags for the listener.", "title": "Tags", "type": "array" } }, "required": [ - "As2Id", - "ProfileType" + "DefaultAction", + "Protocol" ], "type": "object" }, "Type": { "enum": [ - "AWS::Transfer::Profile" + "AWS::VpcLattice::Listener" ], "type": "string" }, @@ -263042,7 +314390,73 @@ ], "type": "object" }, - "AWS::Transfer::Server": { + "AWS::VpcLattice::Listener.DefaultAction": { + "additionalProperties": false, + "properties": { + "FixedResponse": { + "$ref": "#/definitions/AWS::VpcLattice::Listener.FixedResponse", + "markdownDescription": "Describes an action that returns a custom HTTP response.", + "title": "FixedResponse" + }, + "Forward": { + "$ref": "#/definitions/AWS::VpcLattice::Listener.Forward", + "markdownDescription": "Describes a forward action. You can use forward actions to route requests to one or more target groups.", + "title": "Forward" + } + }, + "type": "object" + }, + "AWS::VpcLattice::Listener.FixedResponse": { + "additionalProperties": false, + "properties": { + "StatusCode": { + "markdownDescription": "The HTTP response code. Only `404` and `500` status codes are supported.", + "title": "StatusCode", + "type": "number" + } + }, + "required": [ + "StatusCode" + ], + "type": "object" + }, + "AWS::VpcLattice::Listener.Forward": { + "additionalProperties": false, + "properties": { + "TargetGroups": { + "items": { + "$ref": "#/definitions/AWS::VpcLattice::Listener.WeightedTargetGroup" + }, + "markdownDescription": "The target groups. Traffic matching the rule is forwarded to the specified target groups. With forward actions, you can assign a weight that controls the prioritization and selection of each target group. This means that requests are distributed to individual target groups based on their weights. For example, if two target groups have the same weight, each target group receives half of the traffic.\n\nThe default value is 1. This means that if only one target group is provided, there is no need to set the weight; 100% of the traffic goes to that target group.", + "title": "TargetGroups", + "type": "array" + } + }, + "required": [ + "TargetGroups" + ], + "type": "object" + }, + "AWS::VpcLattice::Listener.WeightedTargetGroup": { + "additionalProperties": false, + "properties": { + "TargetGroupIdentifier": { + "markdownDescription": "The ID of the target group.", + "title": "TargetGroupIdentifier", + "type": "string" + }, + "Weight": { + "markdownDescription": "Only required if you specify multiple target groups for a forward action. The weight determines how requests are distributed to the target group. For example, if you specify two target groups, each with a weight of 10, each target group receives half the requests. If you specify two target groups, one with a weight of 10 and the other with a weight of 20, the target group with a weight of 20 receives twice as many requests as the other target group. If there's only one target group specified, then the default value is 100.", + "title": "Weight", + "type": "number" + } + }, + "required": [ + "TargetGroupIdentifier" + ], + "type": "object" + }, + "AWS::VpcLattice::ResourceConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -263077,101 +314491,72 @@ "Properties": { "additionalProperties": false, "properties": { - "Certificate": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Certificate Manager (ACM) certificate. Required when `Protocols` is set to `FTPS` .\n\nTo request a new public certificate, see [Request a public certificate](https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-public.html) in the *AWS Certificate Manager User Guide* .\n\nTo import an existing certificate into ACM, see [Importing certificates into ACM](https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html) in the *AWS Certificate Manager User Guide* .\n\nTo request a private certificate to use FTPS through private IP addresses, see [Request a private certificate](https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-private.html) in the *AWS Certificate Manager User Guide* .\n\nCertificates with the following cryptographic algorithms and key sizes are supported:\n\n- 2048-bit RSA (RSA_2048)\n- 4096-bit RSA (RSA_4096)\n- Elliptic Prime Curve 256 bit (EC_prime256v1)\n- Elliptic Prime Curve 384 bit (EC_secp384r1)\n- Elliptic Prime Curve 521 bit (EC_secp521r1)\n\n> The certificate must be a valid SSL/TLS X.509 version 3 certificate with FQDN or IP address specified and information about the issuer.", - "title": "Certificate", - "type": "string" + "AllowAssociationToSharableServiceNetwork": { + "markdownDescription": "Specifies whether the resource configuration can be associated with a sharable service network.", + "title": "AllowAssociationToSharableServiceNetwork", + "type": "boolean" }, - "Domain": { - "markdownDescription": "Specifies the domain of the storage system that is used for file transfers. There are two domains available: Amazon Simple Storage Service (Amazon S3) and Amazon Elastic File System (Amazon EFS). The default value is S3.", - "title": "Domain", + "Name": { + "markdownDescription": "The name of the resource configuration.", + "title": "Name", "type": "string" }, - "EndpointDetails": { - "$ref": "#/definitions/AWS::Transfer::Server.EndpointDetails", - "markdownDescription": "The virtual private cloud (VPC) endpoint settings that are configured for your server. When you host your endpoint within your VPC, you can make your endpoint accessible only to resources within your VPC, or you can attach Elastic IP addresses and make your endpoint accessible to clients over the internet. Your VPC's default security groups are automatically assigned to your endpoint.", - "title": "EndpointDetails" + "PortRanges": { + "items": { + "type": "string" + }, + "markdownDescription": "(SINGLE, GROUP, CHILD) The TCP port ranges that a consumer can use to access a resource configuration (for example: 1-65535). You can separate port ranges using commas (for example: 1,2,22-30).", + "title": "PortRanges", + "type": "array" }, - "EndpointType": { - "markdownDescription": "The type of endpoint that you want your server to use. You can choose to make your server's endpoint publicly accessible (PUBLIC) or host it inside your VPC. With an endpoint that is hosted in a VPC, you can restrict access to your server and resources only within your VPC or choose to make it internet facing by attaching Elastic IP addresses directly to it.\n\n> After May 19, 2021, you won't be able to create a server using `EndpointType=VPC_ENDPOINT` in your AWS account if your account hasn't already done so before May 19, 2021. If you have already created servers with `EndpointType=VPC_ENDPOINT` in your AWS account on or before May 19, 2021, you will not be affected. After this date, use `EndpointType` = `VPC` .\n> \n> For more information, see [Discontinuing the use of VPC_ENDPOINT](https://docs.aws.amazon.com//transfer/latest/userguide/create-server-in-vpc.html#deprecate-vpc-endpoint) .\n> \n> It is recommended that you use `VPC` as the `EndpointType` . With this endpoint type, you have the option to directly associate up to three Elastic IPv4 addresses (BYO IP included) with your server's endpoint and use VPC security groups to restrict traffic by the client's public IP address. This is not possible with `EndpointType` set to `VPC_ENDPOINT` .", - "title": "EndpointType", + "ProtocolType": { + "markdownDescription": "(SINGLE, GROUP) The protocol accepted by the resource configuration.", + "title": "ProtocolType", "type": "string" }, - "IdentityProviderDetails": { - "$ref": "#/definitions/AWS::Transfer::Server.IdentityProviderDetails", - "markdownDescription": "Required when `IdentityProviderType` is set to `AWS_DIRECTORY_SERVICE` , `AWS _LAMBDA` or `API_GATEWAY` . Accepts an array containing all of the information required to use a directory in `AWS_DIRECTORY_SERVICE` or invoke a customer-supplied authentication API, including the API Gateway URL. Cannot be specified when `IdentityProviderType` is set to `SERVICE_MANAGED` .", - "title": "IdentityProviderDetails" - }, - "IdentityProviderType": { - "markdownDescription": "The mode of authentication for a server. The default value is `SERVICE_MANAGED` , which allows you to store and access user credentials within the AWS Transfer Family service.\n\nUse `AWS_DIRECTORY_SERVICE` to provide access to Active Directory groups in AWS Directory Service for Microsoft Active Directory or Microsoft Active Directory in your on-premises environment or in AWS using AD Connector. This option also requires you to provide a Directory ID by using the `IdentityProviderDetails` parameter.\n\nUse the `API_GATEWAY` value to integrate with an identity provider of your choosing. The `API_GATEWAY` setting requires you to provide an Amazon API Gateway endpoint URL to call for authentication by using the `IdentityProviderDetails` parameter.\n\nUse the `AWS_LAMBDA` value to directly use an AWS Lambda function as your identity provider. If you choose this value, you must specify the ARN for the Lambda function in the `Function` parameter for the `IdentityProviderDetails` data type.", - "title": "IdentityProviderType", + "ResourceConfigurationAuthType": { + "markdownDescription": "The auth type for the resource configuration.", + "title": "ResourceConfigurationAuthType", "type": "string" }, - "LoggingRole": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that allows a server to turn on Amazon CloudWatch logging for Amazon S3 or Amazon EFS events. When set, you can view user activity in your CloudWatch logs.", - "title": "LoggingRole", - "type": "string" + "ResourceConfigurationDefinition": { + "$ref": "#/definitions/AWS::VpcLattice::ResourceConfiguration.ResourceConfigurationDefinition", + "markdownDescription": "Identifies the resource configuration in one of the following ways:\n\n- *Amazon Resource Name (ARN)* - Supported resource-types that are provisioned by AWS services, such as RDS databases, can be identified by their ARN.\n- *Domain name* - Any domain name that is publicly resolvable.\n- *IP address* - For IPv4 and IPv6, only IP addresses in the VPC are supported.", + "title": "ResourceConfigurationDefinition" }, - "PostAuthenticationLoginBanner": { - "markdownDescription": "Specifies a string to display when users connect to a server. This string is displayed after the user authenticates.\n\n> The SFTP protocol does not support post-authentication display banners.", - "title": "PostAuthenticationLoginBanner", + "ResourceConfigurationGroupId": { + "markdownDescription": "The ID of the group resource configuration.", + "title": "ResourceConfigurationGroupId", "type": "string" }, - "PreAuthenticationLoginBanner": { - "markdownDescription": "Specifies a string to display when users connect to a server. This string is displayed before the user authenticates. For example, the following banner displays details about using the system:\n\n`This system is for the use of authorized users only. Individuals using this computer system without authority, or in excess of their authority, are subject to having all of their activities on this system monitored and recorded by system personnel.`", - "title": "PreAuthenticationLoginBanner", + "ResourceConfigurationType": { + "markdownDescription": "The type of resource configuration. A resource configuration can be one of the following types:\n\n- *SINGLE* - A single resource.\n- *GROUP* - A group of resources. You must create a group resource configuration before you create a child resource configuration.\n- *CHILD* - A single resource that is part of a group resource configuration.\n- *ARN* - An AWS resource.", + "title": "ResourceConfigurationType", "type": "string" }, - "ProtocolDetails": { - "$ref": "#/definitions/AWS::Transfer::Server.ProtocolDetails", - "markdownDescription": "The protocol settings that are configured for your server.\n\n- To indicate passive mode (for FTP and FTPS protocols), use the `PassiveIp` parameter. Enter a single dotted-quad IPv4 address, such as the external IP address of a firewall, router, or load balancer.\n- To ignore the error that is generated when the client attempts to use the `SETSTAT` command on a file that you are uploading to an Amazon S3 bucket, use the `SetStatOption` parameter. To have the AWS Transfer Family server ignore the `SETSTAT` command and upload files without needing to make any changes to your SFTP client, set the value to `ENABLE_NO_OP` . If you set the `SetStatOption` parameter to `ENABLE_NO_OP` , Transfer Family generates a log entry to Amazon CloudWatch Logs, so that you can determine when the client is making a `SETSTAT` call.\n- To determine whether your AWS Transfer Family server resumes recent, negotiated sessions through a unique session ID, use the `TlsSessionResumptionMode` parameter.\n- `As2Transports` indicates the transport method for the AS2 messages. Currently, only HTTP is supported.\n\nThe `Protocols` parameter is an array of strings.\n\n*Allowed values* : One or more of `SFTP` , `FTPS` , `FTP` , `AS2`", - "title": "ProtocolDetails" - }, - "Protocols": { - "items": { - "$ref": "#/definitions/AWS::Transfer::Server.Protocol" - }, - "markdownDescription": "Specifies the file transfer protocol or protocols over which your file transfer protocol client can connect to your server's endpoint. The available protocols are:\n\n- `SFTP` (Secure Shell (SSH) File Transfer Protocol): File transfer over SSH\n- `FTPS` (File Transfer Protocol Secure): File transfer with TLS encryption\n- `FTP` (File Transfer Protocol): Unencrypted file transfer\n- `AS2` (Applicability Statement 2): used for transporting structured business-to-business data\n\n> - If you select `FTPS` , you must choose a certificate stored in AWS Certificate Manager (ACM) which is used to identify your server when clients connect to it over FTPS.\n> - If `Protocol` includes either `FTP` or `FTPS` , then the `EndpointType` must be `VPC` and the `IdentityProviderType` must be either `AWS_DIRECTORY_SERVICE` , `AWS_LAMBDA` , or `API_GATEWAY` .\n> - If `Protocol` includes `FTP` , then `AddressAllocationIds` cannot be associated.\n> - If `Protocol` is set only to `SFTP` , the `EndpointType` can be set to `PUBLIC` and the `IdentityProviderType` can be set any of the supported identity types: `SERVICE_MANAGED` , `AWS_DIRECTORY_SERVICE` , `AWS_LAMBDA` , or `API_GATEWAY` .\n> - If `Protocol` includes `AS2` , then the `EndpointType` must be `VPC` , and domain must be Amazon S3. \n\nThe `Protocols` parameter is an array of strings.\n\n*Allowed values* : One or more of `SFTP` , `FTPS` , `FTP` , `AS2`", - "title": "Protocols", - "type": "array" - }, - "S3StorageOptions": { - "$ref": "#/definitions/AWS::Transfer::Server.S3StorageOptions", - "markdownDescription": "Specifies whether or not performance for your Amazon S3 directories is optimized. This is disabled by default.\n\nBy default, home directory mappings have a `TYPE` of `DIRECTORY` . If you enable this option, you would then need to explicitly set the `HomeDirectoryMapEntry` `Type` to `FILE` if you want a mapping to have a file target.", - "title": "S3StorageOptions" - }, - "SecurityPolicyName": { - "markdownDescription": "Specifies the name of the security policy for the server.", - "title": "SecurityPolicyName", + "ResourceGatewayId": { + "markdownDescription": "The ID of the resource gateway.", + "title": "ResourceGatewayId", "type": "string" }, - "StructuredLogDestinations": { - "items": { - "$ref": "#/definitions/AWS::Transfer::Server.StructuredLogDestination" - }, - "markdownDescription": "Specifies the log groups to which your server logs are sent.\n\nTo specify a log group, you must provide the ARN for an existing log group. In this case, the format of the log group is as follows:\n\n`arn:aws:logs:region-name:amazon-account-id:log-group:log-group-name:*`\n\nFor example, `arn:aws:logs:us-east-1:111122223333:log-group:mytestgroup:*`\n\nIf you have previously specified a log group for a server, you can clear it, and in effect turn off structured logging, by providing an empty value for this parameter in an `update-server` call. For example:\n\n`update-server --server-id s-1234567890abcdef0 --structured-log-destinations`", - "title": "StructuredLogDestinations", - "type": "array" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Key-value pairs that can be used to group and search for servers.", + "markdownDescription": "The tags for the resource configuration.", "title": "Tags", "type": "array" - }, - "WorkflowDetails": { - "$ref": "#/definitions/AWS::Transfer::Server.WorkflowDetails", - "markdownDescription": "Specifies the workflow ID for the workflow to assign and the execution role that's used for executing the workflow.\n\nIn addition to a workflow to execute when a file is uploaded completely, `WorkflowDetails` can also contain a workflow ID (and execution role) for a workflow to execute on partial upload. A partial upload occurs when a file is open when the session disconnects.", - "title": "WorkflowDetails" } }, + "required": [ + "Name", + "ResourceConfigurationType" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Transfer::Server" + "AWS::VpcLattice::ResourceConfiguration" ], "type": "string" }, @@ -263185,179 +314570,53 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Transfer::Server.As2Transport": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::Transfer::Server.EndpointDetails": { - "additionalProperties": false, - "properties": { - "AddressAllocationIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of address allocation IDs that are required to attach an Elastic IP address to your server's endpoint.\n\nAn address allocation ID corresponds to the allocation ID of an Elastic IP address. This value can be retrieved from the `allocationId` field from the Amazon EC2 [Address](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_Address.html) data type. One way to retrieve this value is by calling the EC2 [DescribeAddresses](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAddresses.html) API.\n\nThis parameter is optional. Set this parameter if you want to make your VPC endpoint public-facing. For details, see [Create an internet-facing endpoint for your server](https://docs.aws.amazon.com/transfer/latest/userguide/create-server-in-vpc.html#create-internet-facing-endpoint) .\n\n> This property can only be set as follows:\n> \n> - `EndpointType` must be set to `VPC`\n> - The Transfer Family server must be offline.\n> - You cannot set this parameter for Transfer Family servers that use the FTP protocol.\n> - The server must already have `SubnetIds` populated ( `SubnetIds` and `AddressAllocationIds` cannot be updated simultaneously).\n> - `AddressAllocationIds` can't contain duplicates, and must be equal in length to `SubnetIds` . For example, if you have three subnet IDs, you must also specify three address allocation IDs.\n> - Call the `UpdateServer` API to set or change this parameter.", - "title": "AddressAllocationIds", - "type": "array" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of security groups IDs that are available to attach to your server's endpoint.\n\n> This property can only be set when `EndpointType` is set to `VPC` .\n> \n> You can edit the `SecurityGroupIds` property in the [UpdateServer](https://docs.aws.amazon.com/transfer/latest/userguide/API_UpdateServer.html) API only if you are changing the `EndpointType` from `PUBLIC` or `VPC_ENDPOINT` to `VPC` . To change security groups associated with your server's VPC endpoint after creation, use the Amazon EC2 [ModifyVpcEndpoint](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVpcEndpoint.html) API.", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of subnet IDs that are required to host your server endpoint in your VPC.\n\n> This property can only be set when `EndpointType` is set to `VPC` .", - "title": "SubnetIds", - "type": "array" - }, - "VpcEndpointId": { - "markdownDescription": "The ID of the VPC endpoint.\n\n> This property can only be set when `EndpointType` is set to `VPC_ENDPOINT` .", - "title": "VpcEndpointId", - "type": "string" - }, - "VpcId": { - "markdownDescription": "The VPC ID of the virtual private cloud in which the server's endpoint will be hosted.\n\n> This property can only be set when `EndpointType` is set to `VPC` .", - "title": "VpcId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Transfer::Server.IdentityProviderDetails": { + "AWS::VpcLattice::ResourceConfiguration.DnsResource": { "additionalProperties": false, "properties": { - "DirectoryId": { - "markdownDescription": "The identifier of the AWS Directory Service directory that you want to use as your identity provider.", - "title": "DirectoryId", - "type": "string" - }, - "Function": { - "markdownDescription": "The ARN for a Lambda function to use for the Identity provider.", - "title": "Function", - "type": "string" - }, - "InvocationRole": { - "markdownDescription": "This parameter is only applicable if your `IdentityProviderType` is `API_GATEWAY` . Provides the type of `InvocationRole` used to authenticate the user account.", - "title": "InvocationRole", - "type": "string" - }, - "SftpAuthenticationMethods": { - "markdownDescription": "For SFTP-enabled servers, and for custom identity providers *only* , you can specify whether to authenticate using a password, SSH key pair, or both.\n\n- `PASSWORD` - users must provide their password to connect.\n- `PUBLIC_KEY` - users must provide their private key to connect.\n- `PUBLIC_KEY_OR_PASSWORD` - users can authenticate with either their password or their key. This is the default value.\n- `PUBLIC_KEY_AND_PASSWORD` - users must provide both their private key and their password to connect. The server checks the key first, and then if the key is valid, the system prompts for a password. If the private key provided does not match the public key that is stored, authentication fails.", - "title": "SftpAuthenticationMethods", + "DomainName": { + "markdownDescription": "The domain name of the resource configuration.", + "title": "DomainName", "type": "string" }, - "Url": { - "markdownDescription": "Provides the location of the service endpoint used to authenticate users.", - "title": "Url", + "IpAddressType": { + "markdownDescription": "The IP address type for the resource configuration. Dualstack is not currently supported.", + "title": "IpAddressType", "type": "string" } }, + "required": [ + "DomainName", + "IpAddressType" + ], "type": "object" }, - "AWS::Transfer::Server.Protocol": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::Transfer::Server.ProtocolDetails": { + "AWS::VpcLattice::ResourceConfiguration.ResourceConfigurationDefinition": { "additionalProperties": false, "properties": { - "As2Transports": { - "items": { - "$ref": "#/definitions/AWS::Transfer::Server.As2Transport" - }, - "markdownDescription": "List of `As2Transport` objects.", - "title": "As2Transports", - "type": "array" - }, - "PassiveIp": { - "markdownDescription": "Indicates passive mode, for FTP and FTPS protocols. Enter a single IPv4 address, such as the public IP address of a firewall, router, or load balancer. For example:\n\n`aws transfer update-server --protocol-details PassiveIp=0.0.0.0`\n\nReplace `0.0.0.0` in the example above with the actual IP address you want to use.\n\n> If you change the `PassiveIp` value, you must stop and then restart your Transfer Family server for the change to take effect. For details on using passive mode (PASV) in a NAT environment, see [Configuring your FTPS server behind a firewall or NAT with AWS Transfer Family](https://docs.aws.amazon.com/storage/configuring-your-ftps-server-behind-a-firewall-or-nat-with-aws-transfer-family/) . \n\n*Special values*\n\nThe `AUTO` and `0.0.0.0` are special values for the `PassiveIp` parameter. The value `PassiveIp=AUTO` is assigned by default to FTP and FTPS type servers. In this case, the server automatically responds with one of the endpoint IPs within the PASV response. `PassiveIp=0.0.0.0` has a more unique application for its usage. For example, if you have a High Availability (HA) Network Load Balancer (NLB) environment, where you have 3 subnets, you can only specify a single IP address using the `PassiveIp` parameter. This reduces the effectiveness of having High Availability. In this case, you can specify `PassiveIp=0.0.0.0` . This tells the client to use the same IP address as the Control connection and utilize all AZs for their connections. Note, however, that not all FTP clients support the `PassiveIp=0.0.0.0` response. FileZilla and WinSCP do support it. If you are using other clients, check to see if your client supports the `PassiveIp=0.0.0.0` response.", - "title": "PassiveIp", - "type": "string" - }, - "SetStatOption": { - "markdownDescription": "Use the `SetStatOption` to ignore the error that is generated when the client attempts to use `SETSTAT` on a file you are uploading to an S3 bucket.\n\nSome SFTP file transfer clients can attempt to change the attributes of remote files, including timestamp and permissions, using commands, such as `SETSTAT` when uploading the file. However, these commands are not compatible with object storage systems, such as Amazon S3. Due to this incompatibility, file uploads from these clients can result in errors even when the file is otherwise successfully uploaded.\n\nSet the value to `ENABLE_NO_OP` to have the Transfer Family server ignore the `SETSTAT` command, and upload files without needing to make any changes to your SFTP client. While the `SetStatOption` `ENABLE_NO_OP` setting ignores the error, it does generate a log entry in Amazon CloudWatch Logs, so you can determine when the client is making a `SETSTAT` call.\n\n> If you want to preserve the original timestamp for your file, and modify other file attributes using `SETSTAT` , you can use Amazon EFS as backend storage with Transfer Family.", - "title": "SetStatOption", + "ArnResource": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource configuration. For the ARN syntax and format, see [ARN format](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference-arns.html#arns-syntax) in the *AWS Identity and Access Management user guide* .", + "title": "ArnResource", "type": "string" }, - "TlsSessionResumptionMode": { - "markdownDescription": "A property used with Transfer Family servers that use the FTPS protocol. TLS Session Resumption provides a mechanism to resume or share a negotiated secret key between the control and data connection for an FTPS session. `TlsSessionResumptionMode` determines whether or not the server resumes recent, negotiated sessions through a unique session ID. This property is available during `CreateServer` and `UpdateServer` calls. If a `TlsSessionResumptionMode` value is not specified during `CreateServer` , it is set to `ENFORCED` by default.\n\n- `DISABLED` : the server does not process TLS session resumption client requests and creates a new TLS session for each request.\n- `ENABLED` : the server processes and accepts clients that are performing TLS session resumption. The server doesn't reject client data connections that do not perform the TLS session resumption client processing.\n- `ENFORCED` : the server processes and accepts clients that are performing TLS session resumption. The server rejects client data connections that do not perform the TLS session resumption client processing. Before you set the value to `ENFORCED` , test your clients.\n\n> Not all FTPS clients perform TLS session resumption. So, if you choose to enforce TLS session resumption, you prevent any connections from FTPS clients that don't perform the protocol negotiation. To determine whether or not you can use the `ENFORCED` value, you need to test your clients.", - "title": "TlsSessionResumptionMode", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Transfer::Server.S3StorageOptions": { - "additionalProperties": false, - "properties": { - "DirectoryListingOptimization": { - "markdownDescription": "Specifies whether or not performance for your Amazon S3 directories is optimized. This is disabled by default.\n\nBy default, home directory mappings have a `TYPE` of `DIRECTORY` . If you enable this option, you would then need to explicitly set the `HomeDirectoryMapEntry` `Type` to `FILE` if you want a mapping to have a file target.", - "title": "DirectoryListingOptimization", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Transfer::Server.StructuredLogDestination": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::Transfer::Server.WorkflowDetail": { - "additionalProperties": false, - "properties": { - "ExecutionRole": { - "markdownDescription": "Includes the necessary permissions for S3, EFS, and Lambda operations that Transfer can assume, so that all workflow steps can operate on the required resources", - "title": "ExecutionRole", - "type": "string" + "DnsResource": { + "$ref": "#/definitions/AWS::VpcLattice::ResourceConfiguration.DnsResource", + "markdownDescription": "The DNS name of the resource configuration.", + "title": "DnsResource" }, - "WorkflowId": { - "markdownDescription": "A unique identifier for the workflow.", - "title": "WorkflowId", + "IpResource": { + "markdownDescription": "The IP address of the resource configuration.", + "title": "IpResource", "type": "string" } }, - "required": [ - "ExecutionRole", - "WorkflowId" - ], - "type": "object" - }, - "AWS::Transfer::Server.WorkflowDetails": { - "additionalProperties": false, - "properties": { - "OnPartialUpload": { - "items": { - "$ref": "#/definitions/AWS::Transfer::Server.WorkflowDetail" - }, - "markdownDescription": "A trigger that starts a workflow if a file is only partially uploaded. You can attach a workflow to a server that executes whenever there is a partial upload.\n\nA *partial upload* occurs when a file is open when the session disconnects.\n\n> `OnPartialUpload` can contain a maximum of one `WorkflowDetail` object.", - "title": "OnPartialUpload", - "type": "array" - }, - "OnUpload": { - "items": { - "$ref": "#/definitions/AWS::Transfer::Server.WorkflowDetail" - }, - "markdownDescription": "A trigger that starts a workflow: the workflow begins to execute after a file is uploaded.\n\nTo remove an associated workflow from a server, you can provide an empty `OnUpload` object, as in the following example.\n\n`aws transfer update-server --server-id s-01234567890abcdef --workflow-details '{\"OnUpload\":[]}'`\n\n> `OnUpload` can contain a maximum of one `WorkflowDetail` object.", - "title": "OnUpload", - "type": "array" - } - }, "type": "object" }, - "AWS::Transfer::User": { + "AWS::VpcLattice::ResourceGateway": { "additionalProperties": false, "properties": { "Condition": { @@ -263392,76 +314651,56 @@ "Properties": { "additionalProperties": false, "properties": { - "HomeDirectory": { - "markdownDescription": "The landing directory (folder) for a user when they log in to the server using the client.\n\nA `HomeDirectory` example is `/bucket_name/home/mydirectory` .\n\n> You can use the `HomeDirectory` parameter for `HomeDirectoryType` when it is set to either `PATH` or `LOGICAL` .", - "title": "HomeDirectory", + "IpAddressType": { + "markdownDescription": "The type of IP address used by the resource gateway.", + "title": "IpAddressType", "type": "string" }, - "HomeDirectoryMappings": { + "Name": { + "markdownDescription": "The name of the resource gateway.", + "title": "Name", + "type": "string" + }, + "SecurityGroupIds": { "items": { - "$ref": "#/definitions/AWS::Transfer::User.HomeDirectoryMapEntry" + "type": "string" }, - "markdownDescription": "Logical directory mappings that specify what Amazon S3 or Amazon EFS paths and keys should be visible to your user and how you want to make them visible. You must specify the `Entry` and `Target` pair, where `Entry` shows how the path is made visible and `Target` is the actual Amazon S3 or Amazon EFS path. If you only specify a target, it is displayed as is. You also must ensure that your AWS Identity and Access Management (IAM) role provides access to paths in `Target` . This value can be set only when `HomeDirectoryType` is set to *LOGICAL* .\n\nThe following is an `Entry` and `Target` pair example.\n\n`[ { \"Entry\": \"/directory1\", \"Target\": \"/bucket_name/home/mydirectory\" } ]`\n\nIn most cases, you can use this value instead of the session policy to lock your user down to the designated home directory (\" `chroot` \"). To do this, you can set `Entry` to `/` and set `Target` to the value the user should see for their home directory when they log in.\n\nThe following is an `Entry` and `Target` pair example for `chroot` .\n\n`[ { \"Entry\": \"/\", \"Target\": \"/bucket_name/home/mydirectory\" } ]`", - "title": "HomeDirectoryMappings", + "markdownDescription": "The IDs of the security groups applied to the resource gateway.", + "title": "SecurityGroupIds", "type": "array" }, - "HomeDirectoryType": { - "markdownDescription": "The type of landing directory (folder) that you want your users' home directory to be when they log in to the server. If you set it to `PATH` , the user will see the absolute Amazon S3 bucket or Amazon EFS path as is in their file transfer protocol clients. If you set it to `LOGICAL` , you need to provide mappings in the `HomeDirectoryMappings` for how you want to make Amazon S3 or Amazon EFS paths visible to your users.\n\n> If `HomeDirectoryType` is `LOGICAL` , you must provide mappings, using the `HomeDirectoryMappings` parameter. If, on the other hand, `HomeDirectoryType` is `PATH` , you provide an absolute path using the `HomeDirectory` parameter. You cannot have both `HomeDirectory` and `HomeDirectoryMappings` in your template.", - "title": "HomeDirectoryType", - "type": "string" - }, - "Policy": { - "markdownDescription": "A session policy for your user so you can use the same IAM role across multiple users. This policy restricts user access to portions of their Amazon S3 bucket. Variables that you can use inside this policy include `${Transfer:UserName}` , `${Transfer:HomeDirectory}` , and `${Transfer:HomeBucket}` .\n\n> For session policies, AWS Transfer Family stores the policy as a JSON blob, instead of the Amazon Resource Name (ARN) of the policy. You save the policy as a JSON blob and pass it in the `Policy` argument.\n> \n> For an example of a session policy, see [Example session policy](https://docs.aws.amazon.com/transfer/latest/userguide/session-policy.html) .\n> \n> For more information, see [AssumeRole](https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html) in the *AWS Security Token Service API Reference* .", - "title": "Policy", - "type": "string" - }, - "PosixProfile": { - "$ref": "#/definitions/AWS::Transfer::User.PosixProfile", - "markdownDescription": "Specifies the full POSIX identity, including user ID ( `Uid` ), group ID ( `Gid` ), and any secondary groups IDs ( `SecondaryGids` ), that controls your users' access to your Amazon Elastic File System (Amazon EFS) file systems. The POSIX permissions that are set on files and directories in your file system determine the level of access your users get when transferring files into and out of your Amazon EFS file systems.", - "title": "PosixProfile" - }, - "Role": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that controls your users' access to your Amazon S3 bucket or Amazon EFS file system. The policies attached to this role determine the level of access that you want to provide your users when transferring files into and out of your Amazon S3 bucket or Amazon EFS file system. The IAM role should also contain a trust relationship that allows the server to access your resources when servicing your users' transfer requests.", - "title": "Role", - "type": "string" - }, - "ServerId": { - "markdownDescription": "A system-assigned unique identifier for a server instance. This is the specific server that you added your user to.", - "title": "ServerId", - "type": "string" - }, - "SshPublicKeys": { + "SubnetIds": { "items": { - "$ref": "#/definitions/AWS::Transfer::User.SshPublicKey" + "type": "string" }, - "markdownDescription": "Specifies the public key portion of the Secure Shell (SSH) keys stored for the described user.\n\n> To delete the public key body, set its value to zero keys, as shown here:\n> \n> `SshPublicKeys: []`", - "title": "SshPublicKeys", + "markdownDescription": "The IDs of the VPC subnets for the resource gateway.", + "title": "SubnetIds", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Key-value pairs that can be used to group and search for users. Tags are metadata attached to users for any purpose.", + "markdownDescription": "The tags for the resource gateway.", "title": "Tags", "type": "array" }, - "UserName": { - "markdownDescription": "A unique string that identifies a user and is associated with a `ServerId` . This user name must be a minimum of 3 and a maximum of 100 characters long. The following are valid characters: a-z, A-Z, 0-9, underscore '_', hyphen '-', period '.', and at sign '@'. The user name can't start with a hyphen, period, or at sign.", - "title": "UserName", + "VpcIdentifier": { + "markdownDescription": "The ID of the VPC for the resource gateway.", + "title": "VpcIdentifier", "type": "string" } - }, - "required": [ - "Role", - "ServerId", - "UserName" + }, + "required": [ + "Name", + "SubnetIds", + "VpcIdentifier" ], "type": "object" }, "Type": { "enum": [ - "AWS::Transfer::User" + "AWS::VpcLattice::ResourceGateway" ], "type": "string" }, @@ -263480,65 +314719,80 @@ ], "type": "object" }, - "AWS::Transfer::User.HomeDirectoryMapEntry": { + "AWS::VpcLattice::ResourcePolicy": { "additionalProperties": false, "properties": { - "Entry": { - "markdownDescription": "Represents an entry for `HomeDirectoryMappings` .", - "title": "Entry", + "Condition": { "type": "string" }, - "Target": { - "markdownDescription": "Represents the map target that is used in a `HomeDirectoryMapEntry` .", - "title": "Target", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Type": { - "markdownDescription": "Specifies the type of mapping. Set the type to `FILE` if you want the mapping to point to a file, or `DIRECTORY` for the directory to point to a directory.\n\n> By default, home directory mappings have a `Type` of `DIRECTORY` when you create a Transfer Family server. You would need to explicitly set `Type` to `FILE` if you want a mapping to have a file target.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Entry", - "Target" - ], - "type": "object" - }, - "AWS::Transfer::User.PosixProfile": { - "additionalProperties": false, - "properties": { - "Gid": { - "markdownDescription": "The POSIX group ID used for all EFS operations by this user.", - "title": "Gid", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SecondaryGids": { - "items": { - "type": "number" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Policy": { + "markdownDescription": "The Amazon Resource Name (ARN) of the service network or service.", + "title": "Policy", + "type": "object" + }, + "ResourceArn": { + "markdownDescription": "An IAM policy.", + "title": "ResourceArn", + "type": "string" + } }, - "markdownDescription": "The secondary POSIX group IDs used for all EFS operations by this user.", - "title": "SecondaryGids", - "type": "array" + "required": [ + "Policy", + "ResourceArn" + ], + "type": "object" }, - "Uid": { - "markdownDescription": "The POSIX user ID used for all EFS operations by this user.", - "title": "Uid", - "type": "number" + "Type": { + "enum": [ + "AWS::VpcLattice::ResourcePolicy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Gid", - "Uid" + "Type", + "Properties" ], "type": "object" }, - "AWS::Transfer::User.SshPublicKey": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::Transfer::Workflow": { + "AWS::VpcLattice::Rule": { "additionalProperties": false, "properties": { "Condition": { @@ -263573,44 +314827,55 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "Specifies the text description for the workflow.", - "title": "Description", + "Action": { + "$ref": "#/definitions/AWS::VpcLattice::Rule.Action", + "markdownDescription": "Describes the action for a rule.", + "title": "Action" + }, + "ListenerIdentifier": { + "markdownDescription": "The ID or ARN of the listener.", + "title": "ListenerIdentifier", "type": "string" }, - "OnExceptionSteps": { - "items": { - "$ref": "#/definitions/AWS::Transfer::Workflow.WorkflowStep" - }, - "markdownDescription": "Specifies the steps (actions) to take if errors are encountered during execution of the workflow.", - "title": "OnExceptionSteps", - "type": "array" + "Match": { + "$ref": "#/definitions/AWS::VpcLattice::Rule.Match", + "markdownDescription": "The rule match.", + "title": "Match" }, - "Steps": { - "items": { - "$ref": "#/definitions/AWS::Transfer::Workflow.WorkflowStep" - }, - "markdownDescription": "Specifies the details for the steps that are in the specified workflow.", - "title": "Steps", - "type": "array" + "Name": { + "markdownDescription": "The name of the rule. The name must be unique within the listener. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name.", + "title": "Name", + "type": "string" + }, + "Priority": { + "markdownDescription": "The priority assigned to the rule. Each rule for a specific listener must have a unique priority. The lower the priority number the higher the priority.", + "title": "Priority", + "type": "number" + }, + "ServiceIdentifier": { + "markdownDescription": "The ID or ARN of the service.", + "title": "ServiceIdentifier", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Key-value pairs that can be used to group and search for workflows. Tags are metadata attached to workflows for any purpose.", + "markdownDescription": "The tags for the rule.", "title": "Tags", "type": "array" } }, "required": [ - "Steps" + "Action", + "Match", + "Priority" ], "type": "object" }, "Type": { "enum": [ - "AWS::Transfer::Workflow" + "AWS::VpcLattice::Rule" ], "type": "string" }, @@ -263629,245 +314894,192 @@ ], "type": "object" }, - "AWS::Transfer::Workflow.CopyStepDetails": { + "AWS::VpcLattice::Rule.Action": { "additionalProperties": false, "properties": { - "DestinationFileLocation": { - "$ref": "#/definitions/AWS::Transfer::Workflow.S3FileLocation", - "markdownDescription": "Specifies the location for the file being copied. Use `${Transfer:UserName}` or `${Transfer:UploadDate}` in this field to parametrize the destination prefix by username or uploaded date.\n\n- Set the value of `DestinationFileLocation` to `${Transfer:UserName}` to copy uploaded files to an Amazon S3 bucket that is prefixed with the name of the Transfer Family user that uploaded the file.\n- Set the value of `DestinationFileLocation` to `${Transfer:UploadDate}` to copy uploaded files to an Amazon S3 bucket that is prefixed with the date of the upload.\n\n> The system resolves `UploadDate` to a date format of *YYYY-MM-DD* , based on the date the file is uploaded in UTC.", - "title": "DestinationFileLocation" - }, - "Name": { - "markdownDescription": "The name of the step, used as an identifier.", - "title": "Name", - "type": "string" - }, - "OverwriteExisting": { - "markdownDescription": "A flag that indicates whether to overwrite an existing file of the same name. The default is `FALSE` .\n\nIf the workflow is processing a file that has the same name as an existing file, the behavior is as follows:\n\n- If `OverwriteExisting` is `TRUE` , the existing file is replaced with the file being processed.\n- If `OverwriteExisting` is `FALSE` , nothing happens, and the workflow processing stops.", - "title": "OverwriteExisting", - "type": "string" + "FixedResponse": { + "$ref": "#/definitions/AWS::VpcLattice::Rule.FixedResponse", + "markdownDescription": "The fixed response action. The rule returns a custom HTTP response.", + "title": "FixedResponse" }, - "SourceFileLocation": { - "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", - "title": "SourceFileLocation", - "type": "string" + "Forward": { + "$ref": "#/definitions/AWS::VpcLattice::Rule.Forward", + "markdownDescription": "The forward action. Traffic that matches the rule is forwarded to the specified target groups.", + "title": "Forward" } }, "type": "object" }, - "AWS::Transfer::Workflow.CustomStepDetails": { + "AWS::VpcLattice::Rule.FixedResponse": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the step, used as an identifier.", - "title": "Name", - "type": "string" - }, - "SourceFileLocation": { - "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", - "title": "SourceFileLocation", - "type": "string" - }, - "Target": { - "markdownDescription": "The ARN for the Lambda function that is being called.", - "title": "Target", - "type": "string" - }, - "TimeoutSeconds": { - "markdownDescription": "Timeout, in seconds, for the step.", - "title": "TimeoutSeconds", + "StatusCode": { + "markdownDescription": "The HTTP response code. Only `404` and `500` status codes are supported.", + "title": "StatusCode", "type": "number" } }, + "required": [ + "StatusCode" + ], "type": "object" }, - "AWS::Transfer::Workflow.DecryptStepDetails": { + "AWS::VpcLattice::Rule.Forward": { "additionalProperties": false, "properties": { - "DestinationFileLocation": { - "$ref": "#/definitions/AWS::Transfer::Workflow.InputFileLocation", - "markdownDescription": "Specifies the location for the file being decrypted. Use `${Transfer:UserName}` or `${Transfer:UploadDate}` in this field to parametrize the destination prefix by username or uploaded date.\n\n- Set the value of `DestinationFileLocation` to `${Transfer:UserName}` to decrypt uploaded files to an Amazon S3 bucket that is prefixed with the name of the Transfer Family user that uploaded the file.\n- Set the value of `DestinationFileLocation` to `${Transfer:UploadDate}` to decrypt uploaded files to an Amazon S3 bucket that is prefixed with the date of the upload.\n\n> The system resolves `UploadDate` to a date format of *YYYY-MM-DD* , based on the date the file is uploaded in UTC.", - "title": "DestinationFileLocation" - }, - "Name": { - "markdownDescription": "The name of the step, used as an identifier.", - "title": "Name", - "type": "string" - }, - "OverwriteExisting": { - "markdownDescription": "A flag that indicates whether to overwrite an existing file of the same name. The default is `FALSE` .\n\nIf the workflow is processing a file that has the same name as an existing file, the behavior is as follows:\n\n- If `OverwriteExisting` is `TRUE` , the existing file is replaced with the file being processed.\n- If `OverwriteExisting` is `FALSE` , nothing happens, and the workflow processing stops.", - "title": "OverwriteExisting", - "type": "string" - }, - "SourceFileLocation": { - "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", - "title": "SourceFileLocation", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of encryption used. Currently, this value must be `PGP` .", - "title": "Type", - "type": "string" + "TargetGroups": { + "items": { + "$ref": "#/definitions/AWS::VpcLattice::Rule.WeightedTargetGroup" + }, + "markdownDescription": "The target groups. Traffic matching the rule is forwarded to the specified target groups. With forward actions, you can assign a weight that controls the prioritization and selection of each target group. This means that requests are distributed to individual target groups based on their weights. For example, if two target groups have the same weight, each target group receives half of the traffic.\n\nThe default value is 1. This means that if only one target group is provided, there is no need to set the weight; 100% of the traffic goes to that target group.", + "title": "TargetGroups", + "type": "array" } }, + "required": [ + "TargetGroups" + ], "type": "object" }, - "AWS::Transfer::Workflow.DeleteStepDetails": { + "AWS::VpcLattice::Rule.HeaderMatch": { "additionalProperties": false, "properties": { + "CaseSensitive": { + "markdownDescription": "Indicates whether the match is case sensitive.", + "title": "CaseSensitive", + "type": "boolean" + }, + "Match": { + "$ref": "#/definitions/AWS::VpcLattice::Rule.HeaderMatchType", + "markdownDescription": "The header match type.", + "title": "Match" + }, "Name": { - "markdownDescription": "The name of the step, used as an identifier.", + "markdownDescription": "The name of the header.", "title": "Name", "type": "string" - }, - "SourceFileLocation": { - "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", - "title": "SourceFileLocation", - "type": "string" } }, + "required": [ + "Match", + "Name" + ], "type": "object" }, - "AWS::Transfer::Workflow.EfsInputFileLocation": { + "AWS::VpcLattice::Rule.HeaderMatchType": { "additionalProperties": false, "properties": { - "FileSystemId": { - "markdownDescription": "The identifier of the file system, assigned by Amazon EFS.", - "title": "FileSystemId", + "Contains": { + "markdownDescription": "A contains type match.", + "title": "Contains", "type": "string" }, - "Path": { - "markdownDescription": "The pathname for the folder being used by a workflow.", - "title": "Path", + "Exact": { + "markdownDescription": "An exact type match.", + "title": "Exact", "type": "string" - } - }, - "type": "object" - }, - "AWS::Transfer::Workflow.InputFileLocation": { - "additionalProperties": false, - "properties": { - "EfsFileLocation": { - "$ref": "#/definitions/AWS::Transfer::Workflow.EfsInputFileLocation", - "markdownDescription": "Specifies the details for the Amazon Elastic File System (Amazon EFS) file that's being decrypted.", - "title": "EfsFileLocation" }, - "S3FileLocation": { - "$ref": "#/definitions/AWS::Transfer::Workflow.S3InputFileLocation", - "markdownDescription": "Specifies the details for the Amazon S3 file that's being copied or decrypted.", - "title": "S3FileLocation" + "Prefix": { + "markdownDescription": "A prefix type match. Matches the value with the prefix.", + "title": "Prefix", + "type": "string" } }, "type": "object" }, - "AWS::Transfer::Workflow.S3FileLocation": { + "AWS::VpcLattice::Rule.HttpMatch": { "additionalProperties": false, "properties": { - "S3FileLocation": { - "$ref": "#/definitions/AWS::Transfer::Workflow.S3InputFileLocation", - "markdownDescription": "Specifies the details for the file location for the file that's being used in the workflow. Only applicable if you are using Amazon S3 storage.", - "title": "S3FileLocation" + "HeaderMatches": { + "items": { + "$ref": "#/definitions/AWS::VpcLattice::Rule.HeaderMatch" + }, + "markdownDescription": "The header matches. Matches incoming requests with rule based on request header value before applying rule action.", + "title": "HeaderMatches", + "type": "array" + }, + "Method": { + "markdownDescription": "The HTTP method type.", + "title": "Method", + "type": "string" + }, + "PathMatch": { + "$ref": "#/definitions/AWS::VpcLattice::Rule.PathMatch", + "markdownDescription": "The path match.", + "title": "PathMatch" } }, "type": "object" }, - "AWS::Transfer::Workflow.S3InputFileLocation": { + "AWS::VpcLattice::Rule.Match": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "Specifies the S3 bucket for the customer input file.", - "title": "Bucket", - "type": "string" - }, - "Key": { - "markdownDescription": "The name assigned to the file when it was created in Amazon S3. You use the object key to retrieve the object.", - "title": "Key", - "type": "string" + "HttpMatch": { + "$ref": "#/definitions/AWS::VpcLattice::Rule.HttpMatch", + "markdownDescription": "The HTTP criteria that a rule must match.", + "title": "HttpMatch" } }, + "required": [ + "HttpMatch" + ], "type": "object" }, - "AWS::Transfer::Workflow.S3Tag": { + "AWS::VpcLattice::Rule.PathMatch": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The name assigned to the tag that you create.", - "title": "Key", - "type": "string" + "CaseSensitive": { + "markdownDescription": "Indicates whether the match is case sensitive.", + "title": "CaseSensitive", + "type": "boolean" }, - "Value": { - "markdownDescription": "The value that corresponds to the key.", - "title": "Value", - "type": "string" + "Match": { + "$ref": "#/definitions/AWS::VpcLattice::Rule.PathMatchType", + "markdownDescription": "The type of path match.", + "title": "Match" } }, "required": [ - "Key", - "Value" + "Match" ], "type": "object" }, - "AWS::Transfer::Workflow.TagStepDetails": { + "AWS::VpcLattice::Rule.PathMatchType": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the step, used as an identifier.", - "title": "Name", + "Exact": { + "markdownDescription": "An exact match of the path.", + "title": "Exact", "type": "string" }, - "SourceFileLocation": { - "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", - "title": "SourceFileLocation", + "Prefix": { + "markdownDescription": "A prefix match of the path.", + "title": "Prefix", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/AWS::Transfer::Workflow.S3Tag" - }, - "markdownDescription": "Array that contains from 1 to 10 key/value pairs.", - "title": "Tags", - "type": "array" } }, "type": "object" }, - "AWS::Transfer::Workflow.WorkflowStep": { + "AWS::VpcLattice::Rule.WeightedTargetGroup": { "additionalProperties": false, "properties": { - "CopyStepDetails": { - "$ref": "#/definitions/AWS::Transfer::Workflow.CopyStepDetails", - "markdownDescription": "Details for a step that performs a file copy.\n\nConsists of the following values:\n\n- A description\n- An Amazon S3 location for the destination of the file copy.\n- A flag that indicates whether to overwrite an existing file of the same name. The default is `FALSE` .", - "title": "CopyStepDetails" - }, - "CustomStepDetails": { - "$ref": "#/definitions/AWS::Transfer::Workflow.CustomStepDetails", - "markdownDescription": "Details for a step that invokes an AWS Lambda function.\n\nConsists of the Lambda function's name, target, and timeout (in seconds).", - "title": "CustomStepDetails" - }, - "DecryptStepDetails": { - "$ref": "#/definitions/AWS::Transfer::Workflow.DecryptStepDetails", - "markdownDescription": "Details for a step that decrypts an encrypted file.\n\nConsists of the following values:\n\n- A descriptive name\n- An Amazon S3 or Amazon Elastic File System (Amazon EFS) location for the source file to decrypt.\n- An S3 or Amazon EFS location for the destination of the file decryption.\n- A flag that indicates whether to overwrite an existing file of the same name. The default is `FALSE` .\n- The type of encryption that's used. Currently, only PGP encryption is supported.", - "title": "DecryptStepDetails" - }, - "DeleteStepDetails": { - "$ref": "#/definitions/AWS::Transfer::Workflow.DeleteStepDetails", - "markdownDescription": "Details for a step that deletes the file.", - "title": "DeleteStepDetails" - }, - "TagStepDetails": { - "$ref": "#/definitions/AWS::Transfer::Workflow.TagStepDetails", - "markdownDescription": "Details for a step that creates one or more tags.\n\nYou specify one or more tags. Each tag contains a key-value pair.", - "title": "TagStepDetails" - }, - "Type": { - "markdownDescription": "Currently, the following step types are supported.\n\n- *`COPY`* - Copy the file to another location.\n- *`CUSTOM`* - Perform a custom step with an AWS Lambda function target.\n- *`DECRYPT`* - Decrypt a file that was encrypted before it was uploaded.\n- *`DELETE`* - Delete the file.\n- *`TAG`* - Add a tag to the file.", - "title": "Type", + "TargetGroupIdentifier": { + "markdownDescription": "The ID of the target group.", + "title": "TargetGroupIdentifier", "type": "string" + }, + "Weight": { + "markdownDescription": "Only required if you specify multiple target groups for a forward action. The weight determines how requests are distributed to the target group. For example, if you specify two target groups, each with a weight of 10, each target group receives half the requests. If you specify two target groups, one with a weight of 10 and the other with a weight of 20, the target group with a weight of 20 receives twice as many requests as the other target group. If there's only one target group specified, then the default value is 100.", + "title": "Weight", + "type": "number" } }, + "required": [ + "TargetGroupIdentifier" + ], "type": "object" }, - "AWS::VerifiedPermissions::IdentitySource": { + "AWS::VpcLattice::Service": { "additionalProperties": false, "properties": { "Condition": { @@ -263902,31 +315114,45 @@ "Properties": { "additionalProperties": false, "properties": { - "Configuration": { - "$ref": "#/definitions/AWS::VerifiedPermissions::IdentitySource.IdentitySourceConfiguration", - "markdownDescription": "Contains configuration information used when creating a new identity source.", - "title": "Configuration" + "AuthType": { + "markdownDescription": "The type of IAM policy.\n\n- `NONE` : The resource does not use an IAM policy. This is the default.\n- `AWS_IAM` : The resource uses an IAM policy. When this type is used, auth is enabled and an auth policy is required.", + "title": "AuthType", + "type": "string" }, - "PolicyStoreId": { - "markdownDescription": "Specifies the ID of the policy store in which you want to store this identity source. Only policies and requests made using this policy store can reference identities from the identity provider configured in the new identity source.", - "title": "PolicyStoreId", + "CertificateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the certificate.", + "title": "CertificateArn", "type": "string" }, - "PrincipalEntityType": { - "markdownDescription": "Specifies the namespace and data type of the principals generated for identities authenticated by the new identity source.", - "title": "PrincipalEntityType", + "CustomDomainName": { + "markdownDescription": "The custom domain name of the service.", + "title": "CustomDomainName", + "type": "string" + }, + "DnsEntry": { + "$ref": "#/definitions/AWS::VpcLattice::Service.DnsEntry", + "markdownDescription": "Describes the DNS information of the service. This field is read-only.", + "title": "DnsEntry" + }, + "Name": { + "markdownDescription": "The name of the service. The name must be unique within the account. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name.", + "title": "Name", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the service.", + "title": "Tags", + "type": "array" } }, - "required": [ - "Configuration", - "PolicyStoreId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::VerifiedPermissions::IdentitySource" + "AWS::VpcLattice::Service" ], "type": "string" }, @@ -263940,67 +315166,27 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::VerifiedPermissions::IdentitySource.CognitoGroupConfiguration": { + "AWS::VpcLattice::Service.DnsEntry": { "additionalProperties": false, "properties": { - "GroupEntityType": { - "markdownDescription": "The name of the schema entity type that's mapped to the user pool group. Defaults to `AWS::CognitoGroup` .", - "title": "GroupEntityType", + "DomainName": { + "markdownDescription": "The domain name of the service.", + "title": "DomainName", "type": "string" - } - }, - "required": [ - "GroupEntityType" - ], - "type": "object" - }, - "AWS::VerifiedPermissions::IdentitySource.CognitoUserPoolConfiguration": { - "additionalProperties": false, - "properties": { - "ClientIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The unique application client IDs that are associated with the specified Amazon Cognito user pool.\n\nExample: `\"ClientIds\": [\"&ExampleCogClientId;\"]`", - "title": "ClientIds", - "type": "array" - }, - "GroupConfiguration": { - "$ref": "#/definitions/AWS::VerifiedPermissions::IdentitySource.CognitoGroupConfiguration", - "markdownDescription": "The type of entity that a policy store maps to groups from an Amazon Cognito user pool identity source.", - "title": "GroupConfiguration" }, - "UserPoolArn": { - "markdownDescription": "The [Amazon Resource Name (ARN)](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html) of the Amazon Cognito user pool that contains the identities to be authorized.", - "title": "UserPoolArn", + "HostedZoneId": { + "markdownDescription": "The ID of the hosted zone.", + "title": "HostedZoneId", "type": "string" } }, - "required": [ - "UserPoolArn" - ], - "type": "object" - }, - "AWS::VerifiedPermissions::IdentitySource.IdentitySourceConfiguration": { - "additionalProperties": false, - "properties": { - "CognitoUserPoolConfiguration": { - "$ref": "#/definitions/AWS::VerifiedPermissions::IdentitySource.CognitoUserPoolConfiguration", - "markdownDescription": "A structure that contains configuration information used when creating or updating an identity source that represents a connection to an Amazon Cognito user pool used as an identity provider for Verified Permissions .", - "title": "CognitoUserPoolConfiguration" - } - }, - "required": [ - "CognitoUserPoolConfiguration" - ], "type": "object" }, - "AWS::VerifiedPermissions::Policy": { + "AWS::VpcLattice::ServiceNetwork": { "additionalProperties": false, "properties": { "Condition": { @@ -264035,26 +315221,35 @@ "Properties": { "additionalProperties": false, "properties": { - "Definition": { - "$ref": "#/definitions/AWS::VerifiedPermissions::Policy.PolicyDefinition", - "markdownDescription": "Specifies the policy type and content to use for the new or updated policy. The definition structure must include either a `Static` or a `TemplateLinked` element.", - "title": "Definition" + "AuthType": { + "markdownDescription": "The type of IAM policy.\n\n- `NONE` : The resource does not use an IAM policy. This is the default.\n- `AWS_IAM` : The resource uses an IAM policy. When this type is used, auth is enabled and an auth policy is required.", + "title": "AuthType", + "type": "string" }, - "PolicyStoreId": { - "markdownDescription": "Specifies the `PolicyStoreId` of the policy store you want to store the policy in.", - "title": "PolicyStoreId", + "Name": { + "markdownDescription": "The name of the service network. The name must be unique to the account. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name.", + "title": "Name", "type": "string" + }, + "SharingConfig": { + "$ref": "#/definitions/AWS::VpcLattice::ServiceNetwork.SharingConfig", + "markdownDescription": "Specify if the service network should be enabled for sharing.", + "title": "SharingConfig" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the service network.", + "title": "Tags", + "type": "array" } }, - "required": [ - "Definition", - "PolicyStoreId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::VerifiedPermissions::Policy" + "AWS::VpcLattice::ServiceNetwork" ], "type": "string" }, @@ -264068,91 +315263,101 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::VerifiedPermissions::Policy.EntityIdentifier": { + "AWS::VpcLattice::ServiceNetwork.SharingConfig": { "additionalProperties": false, "properties": { - "EntityId": { - "markdownDescription": "The identifier of an entity.\n\n`\"entityId\":\" *identifier* \"`", - "title": "EntityId", - "type": "string" - }, - "EntityType": { - "markdownDescription": "The type of an entity.\n\nExample: `\"entityType\":\" *typeName* \"`", - "title": "EntityType", - "type": "string" + "enabled": { + "markdownDescription": "Specify if the service network should be enabled for sharing.", + "title": "enabled", + "type": "boolean" } }, "required": [ - "EntityId", - "EntityType" + "enabled" ], "type": "object" }, - "AWS::VerifiedPermissions::Policy.PolicyDefinition": { - "additionalProperties": false, - "properties": { - "Static": { - "$ref": "#/definitions/AWS::VerifiedPermissions::Policy.StaticPolicyDefinition", - "markdownDescription": "A structure that describes a static policy. An static policy doesn't use a template or allow placeholders for entities.", - "title": "Static" - }, - "TemplateLinked": { - "$ref": "#/definitions/AWS::VerifiedPermissions::Policy.TemplateLinkedPolicyDefinition", - "markdownDescription": "A structure that describes a policy that was instantiated from a template. The template can specify placeholders for `principal` and `resource` . When you use [CreatePolicy](https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicy.html) to create a policy from a template, you specify the exact principal and resource to use for the instantiated policy.", - "title": "TemplateLinked" - } - }, - "type": "object" - }, - "AWS::VerifiedPermissions::Policy.StaticPolicyDefinition": { + "AWS::VpcLattice::ServiceNetworkResourceAssociation": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the static policy.", - "title": "Description", + "Condition": { "type": "string" }, - "Statement": { - "markdownDescription": "The policy content of the static policy, written in the Cedar policy language.", - "title": "Statement", - "type": "string" - } - }, - "required": [ - "Statement" - ], - "type": "object" - }, - "AWS::VerifiedPermissions::Policy.TemplateLinkedPolicyDefinition": { - "additionalProperties": false, - "properties": { - "PolicyTemplateId": { - "markdownDescription": "The unique identifier of the policy template used to create this policy.", - "title": "PolicyTemplateId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Principal": { - "$ref": "#/definitions/AWS::VerifiedPermissions::Policy.EntityIdentifier", - "markdownDescription": "The principal associated with this template-linked policy. Verified Permissions substitutes this principal for the `?principal` placeholder in the policy template when it evaluates an authorization request.", - "title": "Principal" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Resource": { - "$ref": "#/definitions/AWS::VerifiedPermissions::Policy.EntityIdentifier", - "markdownDescription": "The resource associated with this template-linked policy. Verified Permissions substitutes this resource for the `?resource` placeholder in the policy template when it evaluates an authorization request.", - "title": "Resource" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ResourceConfigurationId": { + "markdownDescription": "The ID of the resource configuration associated with the service network.", + "title": "ResourceConfigurationId", + "type": "string" + }, + "ServiceNetworkId": { + "markdownDescription": "The ID of the service network associated with the resource configuration.", + "title": "ServiceNetworkId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A key-value pair to associate with a resource.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::VpcLattice::ServiceNetworkResourceAssociation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "PolicyTemplateId" + "Type" ], "type": "object" }, - "AWS::VerifiedPermissions::PolicyStore": { + "AWS::VpcLattice::ServiceNetworkServiceAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -264187,30 +315392,35 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "Descriptive text that you can provide to help with identification of the current policy store.", - "title": "Description", + "DnsEntry": { + "$ref": "#/definitions/AWS::VpcLattice::ServiceNetworkServiceAssociation.DnsEntry", + "markdownDescription": "The DNS information of the service.", + "title": "DnsEntry" + }, + "ServiceIdentifier": { + "markdownDescription": "The ID or ARN of the service.", + "title": "ServiceIdentifier", "type": "string" }, - "Schema": { - "$ref": "#/definitions/AWS::VerifiedPermissions::PolicyStore.SchemaDefinition", - "markdownDescription": "Creates or updates the policy schema in a policy store. Cedar can use the schema to validate any Cedar policies and policy templates submitted to the policy store. Any changes to the schema validate only policies and templates submitted after the schema change. Existing policies and templates are not re-evaluated against the changed schema. If you later update a policy, then it is evaluated against the new schema at that time.", - "title": "Schema" + "ServiceNetworkIdentifier": { + "markdownDescription": "The ID or ARN of the service network. You must use an ARN if the resources are in different accounts.", + "title": "ServiceNetworkIdentifier", + "type": "string" }, - "ValidationSettings": { - "$ref": "#/definitions/AWS::VerifiedPermissions::PolicyStore.ValidationSettings", - "markdownDescription": "Specifies the validation setting for this policy store.\n\nCurrently, the only valid and required value is `Mode` .\n\n> We recommend that you turn on `STRICT` mode only after you define a schema. If a schema doesn't exist, then `STRICT` mode causes any policy to fail validation, and Verified Permissions rejects the policy. You can turn off validation by using the [UpdatePolicyStore](https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyStore) . Then, when you have a schema defined, use [UpdatePolicyStore](https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyStore) again to turn validation back on.", - "title": "ValidationSettings" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the association.", + "title": "Tags", + "type": "array" } }, - "required": [ - "ValidationSettings" - ], "type": "object" }, "Type": { "enum": [ - "AWS::VerifiedPermissions::PolicyStore" + "AWS::VpcLattice::ServiceNetworkServiceAssociation" ], "type": "string" }, @@ -264224,37 +315434,27 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::VerifiedPermissions::PolicyStore.SchemaDefinition": { + "AWS::VpcLattice::ServiceNetworkServiceAssociation.DnsEntry": { "additionalProperties": false, "properties": { - "CedarJson": { - "markdownDescription": "A JSON string representation of the schema supported by applications that use this policy store. For more information, see [Policy store schema](https://docs.aws.amazon.com/verifiedpermissions/latest/userguide/schema.html) in the AVP User Guide.", - "title": "CedarJson", + "DomainName": { + "markdownDescription": "The domain name of the service.", + "title": "DomainName", "type": "string" - } - }, - "type": "object" - }, - "AWS::VerifiedPermissions::PolicyStore.ValidationSettings": { - "additionalProperties": false, - "properties": { - "Mode": { - "markdownDescription": "The validation mode currently configured for this policy store. The valid values are:\n\n- *OFF* \u2013 Neither Verified Permissions nor Cedar perform any validation on policies. No validation errors are reported by either service.\n- *STRICT* \u2013 Requires a schema to be present in the policy store. Cedar performs validation on all submitted new or updated static policies and policy templates. Any that fail validation are rejected and Cedar doesn't store them in the policy store.\n\n> If `Mode=STRICT` and the policy store doesn't contain a schema, Verified Permissions rejects all static policies and policy templates because there is no schema to validate against.\n> \n> To submit a static policy or policy template without a schema, you must turn off validation.", - "title": "Mode", + }, + "HostedZoneId": { + "markdownDescription": "The ID of the hosted zone.", + "title": "HostedZoneId", "type": "string" } }, - "required": [ - "Mode" - ], "type": "object" }, - "AWS::VerifiedPermissions::PolicyTemplate": { + "AWS::VpcLattice::ServiceNetworkVpcAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -264289,31 +315489,38 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description to attach to the new or updated policy template.", - "title": "Description", - "type": "string" + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the security groups. Security groups aren't added by default. You can add a security group to apply network level controls to control which resources in a VPC are allowed to access the service network and its services. For more information, see [Control traffic to resources using security groups](https://docs.aws.amazon.com//vpc/latest/userguide/VPC_SecurityGroups.html) in the *Amazon VPC User Guide* .", + "title": "SecurityGroupIds", + "type": "array" }, - "PolicyStoreId": { - "markdownDescription": "The unique identifier of the policy store that contains the template.", - "title": "PolicyStoreId", + "ServiceNetworkIdentifier": { + "markdownDescription": "The ID or ARN of the service network. You must use an ARN if the resources are in different accounts.", + "title": "ServiceNetworkIdentifier", "type": "string" }, - "Statement": { - "markdownDescription": "Specifies the content that you want to use for the new policy template, written in the Cedar policy language.", - "title": "Statement", + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the association.", + "title": "Tags", + "type": "array" + }, + "VpcIdentifier": { + "markdownDescription": "The ID of the VPC.", + "title": "VpcIdentifier", "type": "string" } }, - "required": [ - "PolicyStoreId", - "Statement" - ], "type": "object" }, "Type": { "enum": [ - "AWS::VerifiedPermissions::PolicyTemplate" + "AWS::VpcLattice::ServiceNetworkVpcAssociation" ], "type": "string" }, @@ -264327,12 +315534,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::VoiceID::Domain": { + "AWS::VpcLattice::TargetGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -264367,39 +315573,46 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the domain.", - "title": "Description", - "type": "string" + "Config": { + "$ref": "#/definitions/AWS::VpcLattice::TargetGroup.TargetGroupConfig", + "markdownDescription": "The target group configuration.", + "title": "Config" }, "Name": { - "markdownDescription": "The name for the domain.", + "markdownDescription": "The name of the target group. The name must be unique within the account. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name.", "title": "Name", "type": "string" }, - "ServerSideEncryptionConfiguration": { - "$ref": "#/definitions/AWS::VoiceID::Domain.ServerSideEncryptionConfiguration", - "markdownDescription": "The server-side encryption configuration containing the KMS key identifier you want Voice ID to use to encrypt your data.", - "title": "ServerSideEncryptionConfiguration" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "markdownDescription": "The tags for the target group.", "title": "Tags", "type": "array" + }, + "Targets": { + "items": { + "$ref": "#/definitions/AWS::VpcLattice::TargetGroup.Target" + }, + "markdownDescription": "Describes a target.", + "title": "Targets", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of target group.", + "title": "Type", + "type": "string" } }, "required": [ - "Name", - "ServerSideEncryptionConfiguration" + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::VoiceID::Domain" + "AWS::VpcLattice::TargetGroup" ], "type": "string" }, @@ -264418,21 +315631,137 @@ ], "type": "object" }, - "AWS::VoiceID::Domain.ServerSideEncryptionConfiguration": { + "AWS::VpcLattice::TargetGroup.HealthCheckConfig": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "The identifier of the KMS key to use to encrypt data stored by Voice ID. Voice ID doesn't support asymmetric customer managed keys.", - "title": "KmsKeyId", + "Enabled": { + "markdownDescription": "Indicates whether health checking is enabled.", + "title": "Enabled", + "type": "boolean" + }, + "HealthCheckIntervalSeconds": { + "markdownDescription": "The approximate amount of time, in seconds, between health checks of an individual target. The range is 5\u2013300 seconds. The default is 30 seconds.", + "title": "HealthCheckIntervalSeconds", + "type": "number" + }, + "HealthCheckTimeoutSeconds": { + "markdownDescription": "The amount of time, in seconds, to wait before reporting a target as unhealthy. The range is 1\u2013120 seconds. The default is 5 seconds.", + "title": "HealthCheckTimeoutSeconds", + "type": "number" + }, + "HealthyThresholdCount": { + "markdownDescription": "The number of consecutive successful health checks required before considering an unhealthy target healthy. The range is 2\u201310. The default is 5.", + "title": "HealthyThresholdCount", + "type": "number" + }, + "Matcher": { + "$ref": "#/definitions/AWS::VpcLattice::TargetGroup.Matcher", + "markdownDescription": "The codes to use when checking for a successful response from a target.", + "title": "Matcher" + }, + "Path": { + "markdownDescription": "The destination for health checks on the targets. If the protocol version is `HTTP/1.1` or `HTTP/2` , specify a valid URI (for example, `/path?query` ). The default path is `/` . Health checks are not supported if the protocol version is `gRPC` , however, you can choose `HTTP/1.1` or `HTTP/2` and specify a valid URI.", + "title": "Path", + "type": "string" + }, + "Port": { + "markdownDescription": "The port used when performing health checks on targets. The default setting is the port that a target receives traffic on.", + "title": "Port", + "type": "number" + }, + "Protocol": { + "markdownDescription": "The protocol used when performing health checks on targets. The possible protocols are `HTTP` and `HTTPS` . The default is `HTTP` .", + "title": "Protocol", + "type": "string" + }, + "ProtocolVersion": { + "markdownDescription": "The protocol version used when performing health checks on targets. The possible protocol versions are `HTTP1` and `HTTP2` .", + "title": "ProtocolVersion", + "type": "string" + }, + "UnhealthyThresholdCount": { + "markdownDescription": "The number of consecutive failed health checks required before considering a target unhealthy. The range is 2\u201310. The default is 2.", + "title": "UnhealthyThresholdCount", + "type": "number" + } + }, + "type": "object" + }, + "AWS::VpcLattice::TargetGroup.Matcher": { + "additionalProperties": false, + "properties": { + "HttpCode": { + "markdownDescription": "The HTTP code to use when checking for a successful response from a target.", + "title": "HttpCode", "type": "string" } }, "required": [ - "KmsKeyId" + "HttpCode" ], "type": "object" }, - "AWS::VpcLattice::AccessLogSubscription": { + "AWS::VpcLattice::TargetGroup.Target": { + "additionalProperties": false, + "properties": { + "Id": { + "markdownDescription": "The ID of the target. If the target group type is `INSTANCE` , this is an instance ID. If the target group type is `IP` , this is an IP address. If the target group type is `LAMBDA` , this is the ARN of a Lambda function. If the target group type is `ALB` , this is the ARN of an Application Load Balancer.", + "title": "Id", + "type": "string" + }, + "Port": { + "markdownDescription": "The port on which the target is listening. For HTTP, the default is 80. For HTTPS, the default is 443.", + "title": "Port", + "type": "number" + } + }, + "required": [ + "Id" + ], + "type": "object" + }, + "AWS::VpcLattice::TargetGroup.TargetGroupConfig": { + "additionalProperties": false, + "properties": { + "HealthCheck": { + "$ref": "#/definitions/AWS::VpcLattice::TargetGroup.HealthCheckConfig", + "markdownDescription": "The health check configuration. Not supported if the target group type is `LAMBDA` or `ALB` .", + "title": "HealthCheck" + }, + "IpAddressType": { + "markdownDescription": "The type of IP address used for the target group. Supported only if the target group type is `IP` . The default is `IPV4` .", + "title": "IpAddressType", + "type": "string" + }, + "LambdaEventStructureVersion": { + "markdownDescription": "The version of the event structure that your Lambda function receives. Supported only if the target group type is `LAMBDA` . The default is `V1` .", + "title": "LambdaEventStructureVersion", + "type": "string" + }, + "Port": { + "markdownDescription": "The port on which the targets are listening. For HTTP, the default is 80. For HTTPS, the default is 443. Not supported if the target group type is `LAMBDA` .", + "title": "Port", + "type": "number" + }, + "Protocol": { + "markdownDescription": "The protocol to use for routing traffic to the targets. The default is the protocol of the target group. Not supported if the target group type is `LAMBDA` .", + "title": "Protocol", + "type": "string" + }, + "ProtocolVersion": { + "markdownDescription": "The protocol version. The default is `HTTP1` . Not supported if the target group type is `LAMBDA` .", + "title": "ProtocolVersion", + "type": "string" + }, + "VpcIdentifier": { + "markdownDescription": "The ID of the VPC. Not supported if the target group type is `LAMBDA` .", + "title": "VpcIdentifier", + "type": "string" + } + }, + "type": "object" + }, + "AWS::WAF::ByteMatchSet": { "additionalProperties": false, "properties": { "Condition": { @@ -264467,52 +315796,102 @@ "Properties": { "additionalProperties": false, "properties": { - "DestinationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the destination. The supported destination types are CloudWatch Log groups, Kinesis Data Firehose delivery streams, and Amazon S3 buckets.", - "title": "DestinationArn", - "type": "string" - }, - "ResourceIdentifier": { - "markdownDescription": "The ID or ARN of the service network or service.", - "title": "ResourceIdentifier", - "type": "string" - }, - "Tags": { + "ByteMatchTuples": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::WAF::ByteMatchSet.ByteMatchTuple" }, - "markdownDescription": "The tags for the access log subscription.", - "title": "Tags", + "markdownDescription": "Specifies the bytes (typically a string that corresponds with ASCII characters) that you want AWS WAF to search for in web requests, the location in requests that you want AWS WAF to search, and other settings.", + "title": "ByteMatchTuples", "type": "array" + }, + "Name": { + "markdownDescription": "The name of the `ByteMatchSet` . You can't change `Name` after you create a `ByteMatchSet` .", + "title": "Name", + "type": "string" } }, "required": [ - "DestinationArn" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::VpcLattice::AccessLogSubscription" + "AWS::WAF::ByteMatchSet" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" ], "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::WAF::ByteMatchSet.ByteMatchTuple": { + "additionalProperties": false, + "properties": { + "FieldToMatch": { + "$ref": "#/definitions/AWS::WAF::ByteMatchSet.FieldToMatch", + "markdownDescription": "The part of a web request that you want to inspect, such as a specified header or a query string.", + "title": "FieldToMatch" + }, + "PositionalConstraint": { + "markdownDescription": "Within the portion of a web request that you want to search (for example, in the query string, if any), specify where you want AWS WAF to search. Valid values include the following:\n\n*CONTAINS*\n\nThe specified part of the web request must include the value of `TargetString` , but the location doesn't matter.\n\n*CONTAINS_WORD*\n\nThe specified part of the web request must include the value of `TargetString` , and `TargetString` must contain only alphanumeric characters or underscore (A-Z, a-z, 0-9, or _). In addition, `TargetString` must be a word, which means one of the following:\n\n- `TargetString` exactly matches the value of the specified part of the web request, such as the value of a header.\n- `TargetString` is at the beginning of the specified part of the web request and is followed by a character other than an alphanumeric character or underscore (_), for example, `BadBot;` .\n- `TargetString` is at the end of the specified part of the web request and is preceded by a character other than an alphanumeric character or underscore (_), for example, `;BadBot` .\n- `TargetString` is in the middle of the specified part of the web request and is preceded and followed by characters other than alphanumeric characters or underscore (_), for example, `-BadBot;` .\n\n*EXACTLY*\n\nThe value of the specified part of the web request must exactly match the value of `TargetString` .\n\n*STARTS_WITH*\n\nThe value of `TargetString` must appear at the beginning of the specified part of the web request.\n\n*ENDS_WITH*\n\nThe value of `TargetString` must appear at the end of the specified part of the web request.", + "title": "PositionalConstraint", + "type": "string" + }, + "TargetString": { + "markdownDescription": "The value that you want AWS WAF to search for. AWS WAF searches for the specified string in the part of web requests that you specified in `FieldToMatch` . The maximum length of the value is 50 bytes.\n\nYou must specify this property or the `TargetStringBase64` property.\n\nValid values depend on the values that you specified for `FieldToMatch` :\n\n- `HEADER` : The value that you want AWS WAF to search for in the request header that you specified in `FieldToMatch` , for example, the value of the `User-Agent` or `Referer` header.\n- `METHOD` : The HTTP method, which indicates the type of operation specified in the request. Amazon CloudFront supports the following methods: `DELETE` , `GET` , `HEAD` , `OPTIONS` , `PATCH` , `POST` , and `PUT` .\n- `QUERY_STRING` : The value that you want AWS WAF to search for in the query string, which is the part of a URL that appears after a `?` character.\n- `URI` : The value that you want AWS WAF to search for in the part of a URL that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but instead of inspecting a single parameter, AWS WAF inspects all parameters within the query string for the value or regex pattern that you specify in `TargetString` .\n\nIf `TargetString` includes alphabetic characters A-Z and a-z, note that the value is case sensitive.", + "title": "TargetString", + "type": "string" + }, + "TargetStringBase64": { + "markdownDescription": "The base64-encoded value that AWS WAF searches for. AWS CloudFormation sends this value to AWS WAF without encoding it.\n\nYou must specify this property or the `TargetString` property.\n\nAWS WAF searches for this value in a specific part of web requests, which you define in the `FieldToMatch` property.\n\nValid values depend on the Type value in the `FieldToMatch` property. For example, for a `METHOD` type, you must specify HTTP methods such as `DELETE, GET, HEAD, OPTIONS, PATCH, POST` , and `PUT` .", + "title": "TargetStringBase64", + "type": "string" + }, + "TextTransformation": { + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting it for a match.\n\nYou can only specify a single type of TextTransformation.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.", + "title": "TextTransformation", + "type": "string" + } + }, + "required": [ + "FieldToMatch", + "PositionalConstraint", + "TextTransformation" + ], + "type": "object" + }, + "AWS::WAF::ByteMatchSet.FieldToMatch": { + "additionalProperties": false, + "properties": { + "Data": { + "markdownDescription": "When the value of `Type` is `HEADER` , enter the name of the header that you want AWS WAF to search, for example, `User-Agent` or `Referer` . The name of the header is not case sensitive.\n\nWhen the value of `Type` is `SINGLE_QUERY_ARG` , enter the name of the parameter that you want AWS WAF to search, for example, `UserName` or `SalesRegion` . The parameter name is not case sensitive.\n\nIf the value of `Type` is any other value, omit `Data` .", + "title": "Data", + "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Type": { + "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicated the type of operation that the request is asking the origin to perform. Amazon CloudFront supports the following methods: `DELETE` , `GET` , `HEAD` , `OPTIONS` , `PATCH` , `POST` , and `PUT` .\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", + "title": "Type", "type": "string" } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::VpcLattice::AuthPolicy": { + "AWS::WAF::IPSet": { "additionalProperties": false, "properties": { "Condition": { @@ -264547,26 +315926,28 @@ "Properties": { "additionalProperties": false, "properties": { - "Policy": { - "markdownDescription": "The auth policy.", - "title": "Policy", - "type": "object" + "IPSetDescriptors": { + "items": { + "$ref": "#/definitions/AWS::WAF::IPSet.IPSetDescriptor" + }, + "markdownDescription": "The IP address type ( `IPV4` or `IPV6` ) and the IP address range (in CIDR notation) that web requests originate from. If the `WebACL` is associated with an Amazon CloudFront distribution and the viewer did not use an HTTP proxy or a load balancer to send the request, this is the value of the c-ip field in the CloudFront access logs.", + "title": "IPSetDescriptors", + "type": "array" }, - "ResourceIdentifier": { - "markdownDescription": "The ID or ARN of the service network or service for which the policy is created.", - "title": "ResourceIdentifier", + "Name": { + "markdownDescription": "The name of the `IPSet` . You can't change the name of an `IPSet` after you create it.", + "title": "Name", "type": "string" } }, "required": [ - "Policy", - "ResourceIdentifier" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::VpcLattice::AuthPolicy" + "AWS::WAF::IPSet" ], "type": "string" }, @@ -264585,7 +315966,27 @@ ], "type": "object" }, - "AWS::VpcLattice::Listener": { + "AWS::WAF::IPSet.IPSetDescriptor": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "Specify `IPV4` or `IPV6` .", + "title": "Type", + "type": "string" + }, + "Value": { + "markdownDescription": "Specify an IPv4 address by using CIDR notation. For example:\n\n- To configure AWS WAF to allow, block, or count requests that originated from the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure AWS WAF to allow, block, or count requests that originated from IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .\n\nSpecify an IPv6 address by using CIDR notation. For example:\n\n- To configure AWS WAF to allow, block, or count requests that originated from the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure AWS WAF to allow, block, or count requests that originated from IP addresses 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Type", + "Value" + ], + "type": "object" + }, + "AWS::WAF::Rule": { "additionalProperties": false, "properties": { "Condition": { @@ -264620,49 +316021,34 @@ "Properties": { "additionalProperties": false, "properties": { - "DefaultAction": { - "$ref": "#/definitions/AWS::VpcLattice::Listener.DefaultAction", - "markdownDescription": "The action for the default rule. Each listener has a default rule. The default rule is used if no other rules match.", - "title": "DefaultAction" + "MetricName": { + "markdownDescription": "The name of the metrics for this `Rule` . The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128 and minimum length one. It can't contain whitespace or metric names reserved for AWS WAF , including \"All\" and \"Default_Action.\" You can't change `MetricName` after you create the `Rule` .", + "title": "MetricName", + "type": "string" }, "Name": { - "markdownDescription": "The name of the listener. A listener name must be unique within a service. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name.", + "markdownDescription": "The friendly name or description for the `Rule` . You can't change the name of a `Rule` after you create it.", "title": "Name", "type": "string" }, - "Port": { - "markdownDescription": "The listener port. You can specify a value from 1 to 65535. For HTTP, the default is 80. For HTTPS, the default is 443.", - "title": "Port", - "type": "number" - }, - "Protocol": { - "markdownDescription": "The listener protocol.", - "title": "Protocol", - "type": "string" - }, - "ServiceIdentifier": { - "markdownDescription": "The ID or ARN of the service.", - "title": "ServiceIdentifier", - "type": "string" - }, - "Tags": { + "Predicates": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::WAF::Rule.Predicate" }, - "markdownDescription": "The tags for the listener.", - "title": "Tags", + "markdownDescription": "The `Predicates` object contains one `Predicate` element for each `ByteMatchSet` , `IPSet` , or `SqlInjectionMatchSet` object that you want to include in a `Rule` .", + "title": "Predicates", "type": "array" } }, "required": [ - "DefaultAction", - "Protocol" + "MetricName", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::VpcLattice::Listener" + "AWS::WAF::Rule" ], "type": "string" }, @@ -264681,73 +316067,33 @@ ], "type": "object" }, - "AWS::VpcLattice::Listener.DefaultAction": { - "additionalProperties": false, - "properties": { - "FixedResponse": { - "$ref": "#/definitions/AWS::VpcLattice::Listener.FixedResponse", - "markdownDescription": "Describes an action that returns a custom HTTP response.", - "title": "FixedResponse" - }, - "Forward": { - "$ref": "#/definitions/AWS::VpcLattice::Listener.Forward", - "markdownDescription": "Describes a forward action. You can use forward actions to route requests to one or more target groups.", - "title": "Forward" - } - }, - "type": "object" - }, - "AWS::VpcLattice::Listener.FixedResponse": { - "additionalProperties": false, - "properties": { - "StatusCode": { - "markdownDescription": "The HTTP response code. Only `404` and `500` status codes are supported.", - "title": "StatusCode", - "type": "number" - } - }, - "required": [ - "StatusCode" - ], - "type": "object" - }, - "AWS::VpcLattice::Listener.Forward": { - "additionalProperties": false, - "properties": { - "TargetGroups": { - "items": { - "$ref": "#/definitions/AWS::VpcLattice::Listener.WeightedTargetGroup" - }, - "markdownDescription": "The target groups. Traffic matching the rule is forwarded to the specified target groups. With forward actions, you can assign a weight that controls the prioritization and selection of each target group. This means that requests are distributed to individual target groups based on their weights. For example, if two target groups have the same weight, each target group receives half of the traffic.\n\nThe default value is 1. This means that if only one target group is provided, there is no need to set the weight; 100% of the traffic goes to that target group.", - "title": "TargetGroups", - "type": "array" - } - }, - "required": [ - "TargetGroups" - ], - "type": "object" - }, - "AWS::VpcLattice::Listener.WeightedTargetGroup": { + "AWS::WAF::Rule.Predicate": { "additionalProperties": false, "properties": { - "TargetGroupIdentifier": { - "markdownDescription": "The ID of the target group.", - "title": "TargetGroupIdentifier", + "DataId": { + "markdownDescription": "A unique identifier for a predicate in a `Rule` , such as `ByteMatchSetId` or `IPSetId` . The ID is returned by the corresponding `Create` or `List` command.", + "title": "DataId", "type": "string" }, - "Weight": { - "markdownDescription": "Only required if you specify multiple target groups for a forward action. The weight determines how requests are distributed to the target group. For example, if you specify two target groups, each with a weight of 10, each target group receives half the requests. If you specify two target groups, one with a weight of 10 and the other with a weight of 20, the target group with a weight of 20 receives twice as many requests as the other target group. If there's only one target group specified, then the default value is 100.", - "title": "Weight", - "type": "number" + "Negated": { + "markdownDescription": "Set `Negated` to `False` if you want AWS WAF to allow, block, or count requests based on the settings in the specified `ByteMatchSet` , `IPSet` , `SqlInjectionMatchSet` , `XssMatchSet` , `RegexMatchSet` , `GeoMatchSet` , or `SizeConstraintSet` . For example, if an `IPSet` includes the IP address `192.0.2.44` , AWS WAF will allow or block requests based on that IP address.\n\nSet `Negated` to `True` if you want AWS WAF to allow or block a request based on the negation of the settings in the `ByteMatchSet` , `IPSet` , `SqlInjectionMatchSet` , `XssMatchSet` , `RegexMatchSet` , `GeoMatchSet` , or `SizeConstraintSet` . For example, if an `IPSet` includes the IP address `192.0.2.44` , AWS WAF will allow, block, or count requests based on all IP addresses *except* `192.0.2.44` .", + "title": "Negated", + "type": "boolean" + }, + "Type": { + "markdownDescription": "The type of predicate in a `Rule` , such as `ByteMatch` or `IPSet` .", + "title": "Type", + "type": "string" } }, "required": [ - "TargetGroupIdentifier" + "DataId", + "Negated", + "Type" ], "type": "object" }, - "AWS::VpcLattice::ResourcePolicy": { + "AWS::WAF::SizeConstraintSet": { "additionalProperties": false, "properties": { "Condition": { @@ -264782,26 +316128,29 @@ "Properties": { "additionalProperties": false, "properties": { - "Policy": { - "markdownDescription": "The Amazon Resource Name (ARN) of the service network or service.", - "title": "Policy", - "type": "object" - }, - "ResourceArn": { - "markdownDescription": "An IAM policy.", - "title": "ResourceArn", + "Name": { + "markdownDescription": "The name, if any, of the `SizeConstraintSet` .", + "title": "Name", "type": "string" + }, + "SizeConstraints": { + "items": { + "$ref": "#/definitions/AWS::WAF::SizeConstraintSet.SizeConstraint" + }, + "markdownDescription": "The size constraint and the part of the web request to check.", + "title": "SizeConstraints", + "type": "array" } }, "required": [ - "Policy", - "ResourceArn" + "Name", + "SizeConstraints" ], "type": "object" }, "Type": { "enum": [ - "AWS::VpcLattice::ResourcePolicy" + "AWS::WAF::SizeConstraintSet" ], "type": "string" }, @@ -264820,7 +316169,58 @@ ], "type": "object" }, - "AWS::VpcLattice::Rule": { + "AWS::WAF::SizeConstraintSet.FieldToMatch": { + "additionalProperties": false, + "properties": { + "Data": { + "markdownDescription": "When the value of `Type` is `HEADER` , enter the name of the header that you want AWS WAF to search, for example, `User-Agent` or `Referer` . The name of the header is not case sensitive.\n\nWhen the value of `Type` is `SINGLE_QUERY_ARG` , enter the name of the parameter that you want AWS WAF to search, for example, `UserName` or `SalesRegion` . The parameter name is not case sensitive.\n\nIf the value of `Type` is any other value, omit `Data` .", + "title": "Data", + "type": "string" + }, + "Type": { + "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicated the type of operation that the request is asking the origin to perform. Amazon CloudFront supports the following methods: `DELETE` , `GET` , `HEAD` , `OPTIONS` , `PATCH` , `POST` , and `PUT` .\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::WAF::SizeConstraintSet.SizeConstraint": { + "additionalProperties": false, + "properties": { + "ComparisonOperator": { + "markdownDescription": "The type of comparison you want AWS WAF to perform. AWS WAF uses this in combination with the provided `Size` and `FieldToMatch` to build an expression in the form of \" `Size` `ComparisonOperator` size in bytes of `FieldToMatch` \". If that expression is true, the `SizeConstraint` is considered to match.\n\n*EQ* : Used to test if the `Size` is equal to the size of the `FieldToMatch`\n\n*NE* : Used to test if the `Size` is not equal to the size of the `FieldToMatch`\n\n*LE* : Used to test if the `Size` is less than or equal to the size of the `FieldToMatch`\n\n*LT* : Used to test if the `Size` is strictly less than the size of the `FieldToMatch`\n\n*GE* : Used to test if the `Size` is greater than or equal to the size of the `FieldToMatch`\n\n*GT* : Used to test if the `Size` is strictly greater than the size of the `FieldToMatch`", + "title": "ComparisonOperator", + "type": "string" + }, + "FieldToMatch": { + "$ref": "#/definitions/AWS::WAF::SizeConstraintSet.FieldToMatch", + "markdownDescription": "The part of a web request that you want to inspect, such as a specified header or a query string.", + "title": "FieldToMatch" + }, + "Size": { + "markdownDescription": "The size in bytes that you want AWS WAF to compare against the size of the specified `FieldToMatch` . AWS WAF uses this in combination with `ComparisonOperator` and `FieldToMatch` to build an expression in the form of \" `Size` `ComparisonOperator` size in bytes of `FieldToMatch` \". If that expression is true, the `SizeConstraint` is considered to match.\n\nValid values for size are 0 - 21474836480 bytes (0 - 20 GB).\n\nIf you specify `URI` for the value of `Type` , the / in the URI path that you specify counts as one character. For example, the URI `/logo.jpg` is nine characters long.", + "title": "Size", + "type": "number" + }, + "TextTransformation": { + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting it for a match.\n\nYou can only specify a single type of TextTransformation.\n\nNote that if you choose `BODY` for the value of `Type` , you must choose `NONE` for `TextTransformation` because Amazon CloudFront forwards only the first 8192 bytes for inspection.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.", + "title": "TextTransformation", + "type": "string" + } + }, + "required": [ + "ComparisonOperator", + "FieldToMatch", + "Size", + "TextTransformation" + ], + "type": "object" + }, + "AWS::WAF::SqlInjectionMatchSet": { "additionalProperties": false, "properties": { "Condition": { @@ -264855,55 +316255,28 @@ "Properties": { "additionalProperties": false, "properties": { - "Action": { - "$ref": "#/definitions/AWS::VpcLattice::Rule.Action", - "markdownDescription": "Describes the action for a rule.", - "title": "Action" - }, - "ListenerIdentifier": { - "markdownDescription": "The ID or ARN of the listener.", - "title": "ListenerIdentifier", - "type": "string" - }, - "Match": { - "$ref": "#/definitions/AWS::VpcLattice::Rule.Match", - "markdownDescription": "The rule match.", - "title": "Match" - }, "Name": { - "markdownDescription": "The name of the rule. The name must be unique within the listener. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name.", + "markdownDescription": "The name, if any, of the `SqlInjectionMatchSet` .", "title": "Name", "type": "string" }, - "Priority": { - "markdownDescription": "The priority assigned to the rule. Each rule for a specific listener must have a unique priority. The lower the priority number the higher the priority.", - "title": "Priority", - "type": "number" - }, - "ServiceIdentifier": { - "markdownDescription": "The ID or ARN of the service.", - "title": "ServiceIdentifier", - "type": "string" - }, - "Tags": { + "SqlInjectionMatchTuples": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::WAF::SqlInjectionMatchSet.SqlInjectionMatchTuple" }, - "markdownDescription": "The tags for the rule.", - "title": "Tags", + "markdownDescription": "Specifies the parts of web requests that you want to inspect for snippets of malicious SQL code.", + "title": "SqlInjectionMatchTuples", "type": "array" } }, "required": [ - "Action", - "Match", - "Priority" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::VpcLattice::Rule" + "AWS::WAF::SqlInjectionMatchSet" ], "type": "string" }, @@ -264922,192 +316295,46 @@ ], "type": "object" }, - "AWS::VpcLattice::Rule.Action": { - "additionalProperties": false, - "properties": { - "FixedResponse": { - "$ref": "#/definitions/AWS::VpcLattice::Rule.FixedResponse", - "markdownDescription": "The fixed response action. The rule returns a custom HTTP response.", - "title": "FixedResponse" - }, - "Forward": { - "$ref": "#/definitions/AWS::VpcLattice::Rule.Forward", - "markdownDescription": "The forward action. Traffic that matches the rule is forwarded to the specified target groups.", - "title": "Forward" - } - }, - "type": "object" - }, - "AWS::VpcLattice::Rule.FixedResponse": { - "additionalProperties": false, - "properties": { - "StatusCode": { - "markdownDescription": "The HTTP response code. Only `404` and `500` status codes are supported.", - "title": "StatusCode", - "type": "number" - } - }, - "required": [ - "StatusCode" - ], - "type": "object" - }, - "AWS::VpcLattice::Rule.Forward": { - "additionalProperties": false, - "properties": { - "TargetGroups": { - "items": { - "$ref": "#/definitions/AWS::VpcLattice::Rule.WeightedTargetGroup" - }, - "markdownDescription": "The target groups. Traffic matching the rule is forwarded to the specified target groups. With forward actions, you can assign a weight that controls the prioritization and selection of each target group. This means that requests are distributed to individual target groups based on their weights. For example, if two target groups have the same weight, each target group receives half of the traffic.\n\nThe default value is 1. This means that if only one target group is provided, there is no need to set the weight; 100% of the traffic goes to that target group.", - "title": "TargetGroups", - "type": "array" - } - }, - "required": [ - "TargetGroups" - ], - "type": "object" - }, - "AWS::VpcLattice::Rule.HeaderMatch": { - "additionalProperties": false, - "properties": { - "CaseSensitive": { - "markdownDescription": "Indicates whether the match is case sensitive.", - "title": "CaseSensitive", - "type": "boolean" - }, - "Match": { - "$ref": "#/definitions/AWS::VpcLattice::Rule.HeaderMatchType", - "markdownDescription": "The header match type.", - "title": "Match" - }, - "Name": { - "markdownDescription": "The name of the header.", - "title": "Name", - "type": "string" - } - }, - "required": [ - "Match", - "Name" - ], - "type": "object" - }, - "AWS::VpcLattice::Rule.HeaderMatchType": { + "AWS::WAF::SqlInjectionMatchSet.FieldToMatch": { "additionalProperties": false, "properties": { - "Contains": { - "markdownDescription": "A contains type match.", - "title": "Contains", - "type": "string" - }, - "Exact": { - "markdownDescription": "An exact type match.", - "title": "Exact", - "type": "string" - }, - "Prefix": { - "markdownDescription": "A prefix type match. Matches the value with the prefix.", - "title": "Prefix", + "Data": { + "markdownDescription": "When the value of `Type` is `HEADER` , enter the name of the header that you want AWS WAF to search, for example, `User-Agent` or `Referer` . The name of the header is not case sensitive.\n\nWhen the value of `Type` is `SINGLE_QUERY_ARG` , enter the name of the parameter that you want AWS WAF to search, for example, `UserName` or `SalesRegion` . The parameter name is not case sensitive.\n\nIf the value of `Type` is any other value, omit `Data` .", + "title": "Data", "type": "string" - } - }, - "type": "object" - }, - "AWS::VpcLattice::Rule.HttpMatch": { - "additionalProperties": false, - "properties": { - "HeaderMatches": { - "items": { - "$ref": "#/definitions/AWS::VpcLattice::Rule.HeaderMatch" - }, - "markdownDescription": "The header matches. Matches incoming requests with rule based on request header value before applying rule action.", - "title": "HeaderMatches", - "type": "array" }, - "Method": { - "markdownDescription": "The HTTP method type.", - "title": "Method", + "Type": { + "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicated the type of operation that the request is asking the origin to perform. Amazon CloudFront supports the following methods: `DELETE` , `GET` , `HEAD` , `OPTIONS` , `PATCH` , `POST` , and `PUT` .\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", + "title": "Type", "type": "string" - }, - "PathMatch": { - "$ref": "#/definitions/AWS::VpcLattice::Rule.PathMatch", - "markdownDescription": "The path match.", - "title": "PathMatch" - } - }, - "type": "object" - }, - "AWS::VpcLattice::Rule.Match": { - "additionalProperties": false, - "properties": { - "HttpMatch": { - "$ref": "#/definitions/AWS::VpcLattice::Rule.HttpMatch", - "markdownDescription": "The HTTP criteria that a rule must match.", - "title": "HttpMatch" - } - }, - "required": [ - "HttpMatch" - ], - "type": "object" - }, - "AWS::VpcLattice::Rule.PathMatch": { - "additionalProperties": false, - "properties": { - "CaseSensitive": { - "markdownDescription": "Indicates whether the match is case sensitive.", - "title": "CaseSensitive", - "type": "boolean" - }, - "Match": { - "$ref": "#/definitions/AWS::VpcLattice::Rule.PathMatchType", - "markdownDescription": "The type of path match.", - "title": "Match" } }, "required": [ - "Match" + "Type" ], "type": "object" }, - "AWS::VpcLattice::Rule.PathMatchType": { + "AWS::WAF::SqlInjectionMatchSet.SqlInjectionMatchTuple": { "additionalProperties": false, "properties": { - "Exact": { - "markdownDescription": "An exact match of the path.", - "title": "Exact", - "type": "string" + "FieldToMatch": { + "$ref": "#/definitions/AWS::WAF::SqlInjectionMatchSet.FieldToMatch", + "markdownDescription": "The part of a web request that you want to inspect, such as a specified header or a query string.", + "title": "FieldToMatch" }, - "Prefix": { - "markdownDescription": "A prefix match of the path.", - "title": "Prefix", - "type": "string" - } - }, - "type": "object" - }, - "AWS::VpcLattice::Rule.WeightedTargetGroup": { - "additionalProperties": false, - "properties": { - "TargetGroupIdentifier": { - "markdownDescription": "The ID of the target group.", - "title": "TargetGroupIdentifier", + "TextTransformation": { + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting it for a match.\n\nYou can only specify a single type of TextTransformation.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.", + "title": "TextTransformation", "type": "string" - }, - "Weight": { - "markdownDescription": "Only required if you specify multiple target groups for a forward action. The weight determines how requests are distributed to the target group. For example, if you specify two target groups, each with a weight of 10, each target group receives half the requests. If you specify two target groups, one with a weight of 10 and the other with a weight of 20, the target group with a weight of 20 receives twice as many requests as the other target group. If there's only one target group specified, then the default value is 100.", - "title": "Weight", - "type": "number" } }, "required": [ - "TargetGroupIdentifier" + "FieldToMatch", + "TextTransformation" ], "type": "object" }, - "AWS::VpcLattice::Service": { + "AWS::WAF::WebACL": { "additionalProperties": false, "properties": { "Condition": { @@ -265142,45 +316369,40 @@ "Properties": { "additionalProperties": false, "properties": { - "AuthType": { - "markdownDescription": "The type of IAM policy.\n\n- `NONE` : The resource does not use an IAM policy. This is the default.\n- `AWS_IAM` : The resource uses an IAM policy. When this type is used, auth is enabled and an auth policy is required.", - "title": "AuthType", - "type": "string" - }, - "CertificateArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the certificate.", - "title": "CertificateArn", - "type": "string" + "DefaultAction": { + "$ref": "#/definitions/AWS::WAF::WebACL.WafAction", + "markdownDescription": "The action to perform if none of the `Rules` contained in the `WebACL` match. The action is specified by the `WafAction` object.", + "title": "DefaultAction" }, - "CustomDomainName": { - "markdownDescription": "The custom domain name of the service.", - "title": "CustomDomainName", + "MetricName": { + "markdownDescription": "The name of the metrics for this `WebACL` . The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128 and minimum length one. It can't contain whitespace or metric names reserved for AWS WAF , including \"All\" and \"Default_Action.\" You can't change `MetricName` after you create the `WebACL` .", + "title": "MetricName", "type": "string" }, - "DnsEntry": { - "$ref": "#/definitions/AWS::VpcLattice::Service.DnsEntry", - "markdownDescription": "The DNS information of the service.", - "title": "DnsEntry" - }, "Name": { - "markdownDescription": "The name of the service. The name must be unique within the account. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name.", + "markdownDescription": "A friendly name or description of the `WebACL` . You can't change the name of a `WebACL` after you create it.", "title": "Name", "type": "string" }, - "Tags": { + "Rules": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::WAF::WebACL.ActivatedRule" }, - "markdownDescription": "The tags for the service.", - "title": "Tags", + "markdownDescription": "An array that contains the action for each `Rule` in a `WebACL` , the priority of the `Rule` , and the ID of the `Rule` .", + "title": "Rules", "type": "array" } }, + "required": [ + "DefaultAction", + "MetricName", + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::VpcLattice::Service" + "AWS::WAF::WebACL" ], "type": "string" }, @@ -265194,27 +316416,51 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::VpcLattice::Service.DnsEntry": { + "AWS::WAF::WebACL.ActivatedRule": { "additionalProperties": false, "properties": { - "DomainName": { - "markdownDescription": "The domain name of the service.", - "title": "DomainName", - "type": "string" + "Action": { + "$ref": "#/definitions/AWS::WAF::WebACL.WafAction", + "markdownDescription": "Specifies the action that Amazon CloudFront or AWS WAF takes when a web request matches the conditions in the `Rule` . Valid values for `Action` include the following:\n\n- `ALLOW` : CloudFront responds with the requested object.\n- `BLOCK` : CloudFront responds with an HTTP 403 (Forbidden) status code.\n- `COUNT` : AWS WAF increments a counter of requests that match the conditions in the rule and then continues to inspect the web request based on the remaining rules in the web ACL.\n\n`ActivatedRule|OverrideAction` applies only when updating or adding a `RuleGroup` to a `WebACL` . In this case, you do not use `ActivatedRule|Action` . For all other update requests, `ActivatedRule|Action` is used instead of `ActivatedRule|OverrideAction` .", + "title": "Action" }, - "HostedZoneId": { - "markdownDescription": "The ID of the hosted zone.", - "title": "HostedZoneId", + "Priority": { + "markdownDescription": "Specifies the order in which the `Rules` in a `WebACL` are evaluated. Rules with a lower value for `Priority` are evaluated before `Rules` with a higher value. The value must be a unique integer. If you add multiple `Rules` to a `WebACL` , the values don't need to be consecutive.", + "title": "Priority", + "type": "number" + }, + "RuleId": { + "markdownDescription": "The `RuleId` for a `Rule` . You use `RuleId` to get more information about a `Rule` , update a `Rule` , insert a `Rule` into a `WebACL` or delete a one from a `WebACL` , or delete a `Rule` from AWS WAF .\n\n`RuleId` is returned by `CreateRule` and by `ListRules` .", + "title": "RuleId", "type": "string" } }, + "required": [ + "Priority", + "RuleId" + ], "type": "object" }, - "AWS::VpcLattice::ServiceNetwork": { + "AWS::WAF::WebACL.WafAction": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "Specifies how you want AWS WAF to respond to requests that match the settings in a `Rule` . Valid settings include the following:\n\n- `ALLOW` : AWS WAF allows requests\n- `BLOCK` : AWS WAF blocks requests\n- `COUNT` : AWS WAF increments a counter of the requests that match all of the conditions in the rule. AWS WAF then continues to inspect the web request based on the remaining rules in the web ACL. You can't specify `COUNT` for the default action for a `WebACL` .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::WAF::XssMatchSet": { "additionalProperties": false, "properties": { "Condition": { @@ -265249,30 +316495,29 @@ "Properties": { "additionalProperties": false, "properties": { - "AuthType": { - "markdownDescription": "The type of IAM policy.\n\n- `NONE` : The resource does not use an IAM policy. This is the default.\n- `AWS_IAM` : The resource uses an IAM policy. When this type is used, auth is enabled and an auth policy is required.", - "title": "AuthType", - "type": "string" - }, "Name": { - "markdownDescription": "The name of the service network. The name must be unique to the account. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name.", + "markdownDescription": "The name, if any, of the `XssMatchSet` .", "title": "Name", "type": "string" }, - "Tags": { + "XssMatchTuples": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::WAF::XssMatchSet.XssMatchTuple" }, - "markdownDescription": "The tags for the service network.", - "title": "Tags", + "markdownDescription": "Specifies the parts of web requests that you want to inspect for cross-site scripting attacks.", + "title": "XssMatchTuples", "type": "array" } }, + "required": [ + "Name", + "XssMatchTuples" + ], "type": "object" }, "Type": { "enum": [ - "AWS::VpcLattice::ServiceNetwork" + "AWS::WAF::XssMatchSet" ], "type": "string" }, @@ -265285,12 +316530,52 @@ "type": "string" } }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::WAF::XssMatchSet.FieldToMatch": { + "additionalProperties": false, + "properties": { + "Data": { + "markdownDescription": "When the value of `Type` is `HEADER` , enter the name of the header that you want AWS WAF to search, for example, `User-Agent` or `Referer` . The name of the header is not case sensitive.\n\nWhen the value of `Type` is `SINGLE_QUERY_ARG` , enter the name of the parameter that you want AWS WAF to search, for example, `UserName` or `SalesRegion` . The parameter name is not case sensitive.\n\nIf the value of `Type` is any other value, omit `Data` .", + "title": "Data", + "type": "string" + }, + "Type": { + "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicated the type of operation that the request is asking the origin to perform. Amazon CloudFront supports the following methods: `DELETE` , `GET` , `HEAD` , `OPTIONS` , `PATCH` , `POST` , and `PUT` .\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", + "title": "Type", + "type": "string" + } + }, "required": [ "Type" ], "type": "object" }, - "AWS::VpcLattice::ServiceNetworkServiceAssociation": { + "AWS::WAF::XssMatchSet.XssMatchTuple": { + "additionalProperties": false, + "properties": { + "FieldToMatch": { + "$ref": "#/definitions/AWS::WAF::XssMatchSet.FieldToMatch", + "markdownDescription": "The part of a web request that you want to inspect, such as a specified header or a query string.", + "title": "FieldToMatch" + }, + "TextTransformation": { + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting it for a match.\n\nYou can only specify a single type of TextTransformation.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.", + "title": "TextTransformation", + "type": "string" + } + }, + "required": [ + "FieldToMatch", + "TextTransformation" + ], + "type": "object" + }, + "AWS::WAFRegional::ByteMatchSet": { "additionalProperties": false, "properties": { "Condition": { @@ -265325,35 +316610,28 @@ "Properties": { "additionalProperties": false, "properties": { - "DnsEntry": { - "$ref": "#/definitions/AWS::VpcLattice::ServiceNetworkServiceAssociation.DnsEntry", - "markdownDescription": "The DNS information of the service.", - "title": "DnsEntry" - }, - "ServiceIdentifier": { - "markdownDescription": "The ID or ARN of the service.", - "title": "ServiceIdentifier", - "type": "string" - }, - "ServiceNetworkIdentifier": { - "markdownDescription": "The ID or ARN of the service network. You must use an ARN if the resources are in different accounts.", - "title": "ServiceNetworkIdentifier", - "type": "string" - }, - "Tags": { + "ByteMatchTuples": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::WAFRegional::ByteMatchSet.ByteMatchTuple" }, - "markdownDescription": "The tags for the association.", - "title": "Tags", + "markdownDescription": "Specifies the bytes (typically a string that corresponds with ASCII characters) that you want AWS WAF to search for in web requests, the location in requests that you want AWS WAF to search, and other settings.", + "title": "ByteMatchTuples", "type": "array" + }, + "Name": { + "markdownDescription": "A friendly name or description of the `ByteMatchSet` . You can't change `Name` after you create a `ByteMatchSet` .", + "title": "Name", + "type": "string" } }, + "required": [ + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::VpcLattice::ServiceNetworkServiceAssociation" + "AWS::WAFRegional::ByteMatchSet" ], "type": "string" }, @@ -265367,27 +316645,67 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::VpcLattice::ServiceNetworkServiceAssociation.DnsEntry": { + "AWS::WAFRegional::ByteMatchSet.ByteMatchTuple": { "additionalProperties": false, "properties": { - "DomainName": { - "markdownDescription": "The domain name of the service.", - "title": "DomainName", + "FieldToMatch": { + "$ref": "#/definitions/AWS::WAFRegional::ByteMatchSet.FieldToMatch", + "markdownDescription": "The part of a web request that you want AWS WAF to inspect, such as a specific header or a query string.", + "title": "FieldToMatch" + }, + "PositionalConstraint": { + "markdownDescription": "Within the portion of a web request that you want to search (for example, in the query string, if any), specify where you want AWS WAF to search. Valid values include the following:\n\n*CONTAINS*\n\nThe specified part of the web request must include the value of `TargetString` , but the location doesn't matter.\n\n*CONTAINS_WORD*\n\nThe specified part of the web request must include the value of `TargetString` , and `TargetString` must contain only alphanumeric characters or underscore (A-Z, a-z, 0-9, or _). In addition, `TargetString` must be a word, which means one of the following:\n\n- `TargetString` exactly matches the value of the specified part of the web request, such as the value of a header.\n- `TargetString` is at the beginning of the specified part of the web request and is followed by a character other than an alphanumeric character or underscore (_), for example, `BadBot;` .\n- `TargetString` is at the end of the specified part of the web request and is preceded by a character other than an alphanumeric character or underscore (_), for example, `;BadBot` .\n- `TargetString` is in the middle of the specified part of the web request and is preceded and followed by characters other than alphanumeric characters or underscore (_), for example, `-BadBot;` .\n\n*EXACTLY*\n\nThe value of the specified part of the web request must exactly match the value of `TargetString` .\n\n*STARTS_WITH*\n\nThe value of `TargetString` must appear at the beginning of the specified part of the web request.\n\n*ENDS_WITH*\n\nThe value of `TargetString` must appear at the end of the specified part of the web request.", + "title": "PositionalConstraint", "type": "string" }, - "HostedZoneId": { - "markdownDescription": "The ID of the hosted zone.", - "title": "HostedZoneId", + "TargetString": { + "markdownDescription": "The value that you want AWS WAF to search for. AWS WAF searches for the specified string in the part of web requests that you specified in `FieldToMatch` . The maximum length of the value is 50 bytes.\n\nYou must specify this property or the `TargetStringBase64` property.\n\nValid values depend on the values that you specified for `FieldToMatch` :\n\n- `HEADER` : The value that you want AWS WAF to search for in the request header that you specified in `FieldToMatch` , for example, the value of the `User-Agent` or `Referer` header.\n- `METHOD` : The HTTP method, which indicates the type of operation specified in the request.\n- `QUERY_STRING` : The value that you want AWS WAF to search for in the query string, which is the part of a URL that appears after a `?` character.\n- `URI` : The value that you want AWS WAF to search for in the part of a URL that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but instead of inspecting a single parameter, AWS WAF inspects all parameters within the query string for the value or regex pattern that you specify in `TargetString` .\n\nIf `TargetString` includes alphabetic characters A-Z and a-z, note that the value is case sensitive.", + "title": "TargetString", + "type": "string" + }, + "TargetStringBase64": { + "markdownDescription": "The base64-encoded value that AWS WAF searches for. AWS CloudFormation sends this value to AWS WAF without encoding it.\n\nYou must specify this property or the `TargetString` property.\n\nAWS WAF searches for this value in a specific part of web requests, which you define in the `FieldToMatch` property.\n\nValid values depend on the Type value in the `FieldToMatch` property. For example, for a `METHOD` type, you must specify HTTP methods such as `DELETE, GET, HEAD, OPTIONS, PATCH, POST` , and `PUT` .", + "title": "TargetStringBase64", + "type": "string" + }, + "TextTransformation": { + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting it for a match.\n\nYou can only specify a single type of TextTransformation.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.", + "title": "TextTransformation", "type": "string" } }, + "required": [ + "FieldToMatch", + "PositionalConstraint", + "TextTransformation" + ], "type": "object" }, - "AWS::VpcLattice::ServiceNetworkVpcAssociation": { + "AWS::WAFRegional::ByteMatchSet.FieldToMatch": { + "additionalProperties": false, + "properties": { + "Data": { + "markdownDescription": "When the value of `Type` is `HEADER` , enter the name of the header that you want AWS WAF to search, for example, `User-Agent` or `Referer` . The name of the header is not case sensitive.\n\nWhen the value of `Type` is `SINGLE_QUERY_ARG` , enter the name of the parameter that you want AWS WAF to search, for example, `UserName` or `SalesRegion` . The parameter name is not case sensitive.\n\nIf the value of `Type` is any other value, omit `Data` .", + "title": "Data", + "type": "string" + }, + "Type": { + "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicated the type of operation that the request is asking the origin to perform.\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::WAFRegional::GeoMatchSet": { "additionalProperties": false, "properties": { "Condition": { @@ -265422,38 +316740,28 @@ "Properties": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the security groups. Security groups aren't added by default. You can add a security group to apply network level controls to control which resources in a VPC are allowed to access the service network and its services. For more information, see [Control traffic to resources using security groups](https://docs.aws.amazon.com//vpc/latest/userguide/VPC_SecurityGroups.html) in the *Amazon VPC User Guide* .", - "title": "SecurityGroupIds", - "type": "array" - }, - "ServiceNetworkIdentifier": { - "markdownDescription": "The ID or ARN of the service network. You must use an ARN if the resources are in different accounts.", - "title": "ServiceNetworkIdentifier", - "type": "string" - }, - "Tags": { + "GeoMatchConstraints": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::WAFRegional::GeoMatchSet.GeoMatchConstraint" }, - "markdownDescription": "The tags for the association.", - "title": "Tags", + "markdownDescription": "An array of `GeoMatchConstraint` objects, which contain the country that you want AWS WAF to search for.", + "title": "GeoMatchConstraints", "type": "array" }, - "VpcIdentifier": { - "markdownDescription": "The ID of the VPC.", - "title": "VpcIdentifier", + "Name": { + "markdownDescription": "A friendly name or description of the `GeoMatchSet` . You can't change the name of an `GeoMatchSet` after you create it.", + "title": "Name", "type": "string" } }, + "required": [ + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::VpcLattice::ServiceNetworkVpcAssociation" + "AWS::WAFRegional::GeoMatchSet" ], "type": "string" }, @@ -265467,11 +316775,32 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::VpcLattice::TargetGroup": { + "AWS::WAFRegional::GeoMatchSet.GeoMatchConstraint": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "The type of geographical area you want AWS WAF to search for. Currently `Country` is the only valid value.", + "title": "Type", + "type": "string" + }, + "Value": { + "markdownDescription": "The country that you want AWS WAF to search for.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Type", + "Value" + ], + "type": "object" + }, + "AWS::WAFRegional::IPSet": { "additionalProperties": false, "properties": { "Condition": { @@ -265506,46 +316835,28 @@ "Properties": { "additionalProperties": false, "properties": { - "Config": { - "$ref": "#/definitions/AWS::VpcLattice::TargetGroup.TargetGroupConfig", - "markdownDescription": "The target group configuration.", - "title": "Config" - }, - "Name": { - "markdownDescription": "The name of the target group. The name must be unique within the account. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name.", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags for the target group.", - "title": "Tags", - "type": "array" - }, - "Targets": { + "IPSetDescriptors": { "items": { - "$ref": "#/definitions/AWS::VpcLattice::TargetGroup.Target" + "$ref": "#/definitions/AWS::WAFRegional::IPSet.IPSetDescriptor" }, - "markdownDescription": "Describes a target.", - "title": "Targets", + "markdownDescription": "The IP address type ( `IPV4` or `IPV6` ) and the IP address range (in CIDR notation) that web requests originate from.", + "title": "IPSetDescriptors", "type": "array" }, - "Type": { - "markdownDescription": "The type of target group.", - "title": "Type", + "Name": { + "markdownDescription": "A friendly name or description of the `IPSet` . You can't change the name of an `IPSet` after you create it.", + "title": "Name", "type": "string" } }, "required": [ - "Type" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::VpcLattice::TargetGroup" + "AWS::WAFRegional::IPSet" ], "type": "string" }, @@ -265564,137 +316875,27 @@ ], "type": "object" }, - "AWS::VpcLattice::TargetGroup.HealthCheckConfig": { + "AWS::WAFRegional::IPSet.IPSetDescriptor": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Indicates whether health checking is enabled.", - "title": "Enabled", - "type": "boolean" - }, - "HealthCheckIntervalSeconds": { - "markdownDescription": "The approximate amount of time, in seconds, between health checks of an individual target. The range is 5\u2013300 seconds. The default is 30 seconds.", - "title": "HealthCheckIntervalSeconds", - "type": "number" - }, - "HealthCheckTimeoutSeconds": { - "markdownDescription": "The amount of time, in seconds, to wait before reporting a target as unhealthy. The range is 1\u2013120 seconds. The default is 5 seconds.", - "title": "HealthCheckTimeoutSeconds", - "type": "number" - }, - "HealthyThresholdCount": { - "markdownDescription": "The number of consecutive successful health checks required before considering an unhealthy target healthy. The range is 2\u201310. The default is 5.", - "title": "HealthyThresholdCount", - "type": "number" - }, - "Matcher": { - "$ref": "#/definitions/AWS::VpcLattice::TargetGroup.Matcher", - "markdownDescription": "The codes to use when checking for a successful response from a target.", - "title": "Matcher" - }, - "Path": { - "markdownDescription": "The destination for health checks on the targets. If the protocol version is `HTTP/1.1` or `HTTP/2` , specify a valid URI (for example, `/path?query` ). The default path is `/` . Health checks are not supported if the protocol version is `gRPC` , however, you can choose `HTTP/1.1` or `HTTP/2` and specify a valid URI.", - "title": "Path", - "type": "string" - }, - "Port": { - "markdownDescription": "The port used when performing health checks on targets. The default setting is the port that a target receives traffic on.", - "title": "Port", - "type": "number" - }, - "Protocol": { - "markdownDescription": "The protocol used when performing health checks on targets. The possible protocols are `HTTP` and `HTTPS` . The default is `HTTP` .", - "title": "Protocol", - "type": "string" - }, - "ProtocolVersion": { - "markdownDescription": "The protocol version used when performing health checks on targets. The possible protocol versions are `HTTP1` and `HTTP2` .", - "title": "ProtocolVersion", + "Type": { + "markdownDescription": "Specify `IPV4` or `IPV6` .", + "title": "Type", "type": "string" }, - "UnhealthyThresholdCount": { - "markdownDescription": "The number of consecutive failed health checks required before considering a target unhealthy. The range is 2\u201310. The default is 2.", - "title": "UnhealthyThresholdCount", - "type": "number" - } - }, - "type": "object" - }, - "AWS::VpcLattice::TargetGroup.Matcher": { - "additionalProperties": false, - "properties": { - "HttpCode": { - "markdownDescription": "The HTTP code to use when checking for a successful response from a target.", - "title": "HttpCode", - "type": "string" - } - }, - "required": [ - "HttpCode" - ], - "type": "object" - }, - "AWS::VpcLattice::TargetGroup.Target": { - "additionalProperties": false, - "properties": { - "Id": { - "markdownDescription": "The ID of the target. If the target group type is `INSTANCE` , this is an instance ID. If the target group type is `IP` , this is an IP address. If the target group type is `LAMBDA` , this is the ARN of a Lambda function. If the target group type is `ALB` , this is the ARN of an Application Load Balancer.", - "title": "Id", + "Value": { + "markdownDescription": "Specify an IPv4 address by using CIDR notation. For example:\n\n- To configure AWS WAF to allow, block, or count requests that originated from the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure AWS WAF to allow, block, or count requests that originated from IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .\n\nSpecify an IPv6 address by using CIDR notation. For example:\n\n- To configure AWS WAF to allow, block, or count requests that originated from the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure AWS WAF to allow, block, or count requests that originated from IP addresses 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .", + "title": "Value", "type": "string" - }, - "Port": { - "markdownDescription": "The port on which the target is listening. For HTTP, the default is 80. For HTTPS, the default is 443.", - "title": "Port", - "type": "number" } }, "required": [ - "Id" + "Type", + "Value" ], "type": "object" }, - "AWS::VpcLattice::TargetGroup.TargetGroupConfig": { - "additionalProperties": false, - "properties": { - "HealthCheck": { - "$ref": "#/definitions/AWS::VpcLattice::TargetGroup.HealthCheckConfig", - "markdownDescription": "The health check configuration. Not supported if the target group type is `LAMBDA` or `ALB` .", - "title": "HealthCheck" - }, - "IpAddressType": { - "markdownDescription": "The type of IP address used for the target group. Supported only if the target group type is `IP` . The default is `IPV4` .", - "title": "IpAddressType", - "type": "string" - }, - "LambdaEventStructureVersion": { - "markdownDescription": "The version of the event structure that your Lambda function receives. Supported only if the target group type is `LAMBDA` . The default is `V1` .", - "title": "LambdaEventStructureVersion", - "type": "string" - }, - "Port": { - "markdownDescription": "The port on which the targets are listening. For HTTP, the default is 80. For HTTPS, the default is 443. Not supported if the target group type is `LAMBDA` .", - "title": "Port", - "type": "number" - }, - "Protocol": { - "markdownDescription": "The protocol to use for routing traffic to the targets. The default is the protocol of the target group. Not supported if the target group type is `LAMBDA` .", - "title": "Protocol", - "type": "string" - }, - "ProtocolVersion": { - "markdownDescription": "The protocol version. The default is `HTTP1` . Not supported if the target group type is `LAMBDA` .", - "title": "ProtocolVersion", - "type": "string" - }, - "VpcIdentifier": { - "markdownDescription": "The ID of the VPC. Not supported if the target group type is `LAMBDA` .", - "title": "VpcIdentifier", - "type": "string" - } - }, - "type": "object" - }, - "AWS::WAF::ByteMatchSet": { + "AWS::WAFRegional::RateBasedRule": { "additionalProperties": false, "properties": { "Condition": { @@ -265729,28 +316930,46 @@ "Properties": { "additionalProperties": false, "properties": { - "ByteMatchTuples": { + "MatchPredicates": { "items": { - "$ref": "#/definitions/AWS::WAF::ByteMatchSet.ByteMatchTuple" + "$ref": "#/definitions/AWS::WAFRegional::RateBasedRule.Predicate" }, - "markdownDescription": "Specifies the bytes (typically a string that corresponds with ASCII characters) that you want AWS WAF to search for in web requests, the location in requests that you want AWS WAF to search, and other settings.", - "title": "ByteMatchTuples", + "markdownDescription": "The `Predicates` object contains one `Predicate` element for each `ByteMatchSet` , `IPSet` , or `SqlInjectionMatchSet>` object that you want to include in a `RateBasedRule` .", + "title": "MatchPredicates", "type": "array" }, + "MetricName": { + "markdownDescription": "A name for the metrics for a `RateBasedRule` . The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128 and minimum length one. It can't contain whitespace or metric names reserved for AWS WAF , including \"All\" and \"Default_Action.\" You can't change the name of the metric after you create the `RateBasedRule` .", + "title": "MetricName", + "type": "string" + }, "Name": { - "markdownDescription": "The name of the `ByteMatchSet` . You can't change `Name` after you create a `ByteMatchSet` .", + "markdownDescription": "A friendly name or description for a `RateBasedRule` . You can't change the name of a `RateBasedRule` after you create it.", "title": "Name", "type": "string" + }, + "RateKey": { + "markdownDescription": "The field that AWS WAF uses to determine if requests are likely arriving from single source and thus subject to rate monitoring. The only valid value for `RateKey` is `IP` . `IP` indicates that requests arriving from the same IP address are subject to the `RateLimit` that is specified in the `RateBasedRule` .", + "title": "RateKey", + "type": "string" + }, + "RateLimit": { + "markdownDescription": "The maximum number of requests, which have an identical value in the field specified by the `RateKey` , allowed in a five-minute period. If the number of requests exceeds the `RateLimit` and the other predicates specified in the rule are also met, AWS WAF triggers the action that is specified for this rule.", + "title": "RateLimit", + "type": "number" } }, "required": [ - "Name" + "MetricName", + "Name", + "RateKey", + "RateLimit" ], "type": "object" }, "Type": { "enum": [ - "AWS::WAF::ByteMatchSet" + "AWS::WAFRegional::RateBasedRule" ], "type": "string" }, @@ -265769,62 +316988,33 @@ ], "type": "object" }, - "AWS::WAF::ByteMatchSet.ByteMatchTuple": { + "AWS::WAFRegional::RateBasedRule.Predicate": { "additionalProperties": false, "properties": { - "FieldToMatch": { - "$ref": "#/definitions/AWS::WAF::ByteMatchSet.FieldToMatch", - "markdownDescription": "The part of a web request that you want to inspect, such as a specified header or a query string.", - "title": "FieldToMatch" - }, - "PositionalConstraint": { - "markdownDescription": "Within the portion of a web request that you want to search (for example, in the query string, if any), specify where you want AWS WAF to search. Valid values include the following:\n\n*CONTAINS*\n\nThe specified part of the web request must include the value of `TargetString` , but the location doesn't matter.\n\n*CONTAINS_WORD*\n\nThe specified part of the web request must include the value of `TargetString` , and `TargetString` must contain only alphanumeric characters or underscore (A-Z, a-z, 0-9, or _). In addition, `TargetString` must be a word, which means one of the following:\n\n- `TargetString` exactly matches the value of the specified part of the web request, such as the value of a header.\n- `TargetString` is at the beginning of the specified part of the web request and is followed by a character other than an alphanumeric character or underscore (_), for example, `BadBot;` .\n- `TargetString` is at the end of the specified part of the web request and is preceded by a character other than an alphanumeric character or underscore (_), for example, `;BadBot` .\n- `TargetString` is in the middle of the specified part of the web request and is preceded and followed by characters other than alphanumeric characters or underscore (_), for example, `-BadBot;` .\n\n*EXACTLY*\n\nThe value of the specified part of the web request must exactly match the value of `TargetString` .\n\n*STARTS_WITH*\n\nThe value of `TargetString` must appear at the beginning of the specified part of the web request.\n\n*ENDS_WITH*\n\nThe value of `TargetString` must appear at the end of the specified part of the web request.", - "title": "PositionalConstraint", - "type": "string" - }, - "TargetString": { - "markdownDescription": "The value that you want AWS WAF to search for. AWS WAF searches for the specified string in the part of web requests that you specified in `FieldToMatch` . The maximum length of the value is 50 bytes.\n\nYou must specify this property or the `TargetStringBase64` property.\n\nValid values depend on the values that you specified for `FieldToMatch` :\n\n- `HEADER` : The value that you want AWS WAF to search for in the request header that you specified in `FieldToMatch` , for example, the value of the `User-Agent` or `Referer` header.\n- `METHOD` : The HTTP method, which indicates the type of operation specified in the request. Amazon CloudFront supports the following methods: `DELETE` , `GET` , `HEAD` , `OPTIONS` , `PATCH` , `POST` , and `PUT` .\n- `QUERY_STRING` : The value that you want AWS WAF to search for in the query string, which is the part of a URL that appears after a `?` character.\n- `URI` : The value that you want AWS WAF to search for in the part of a URL that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but instead of inspecting a single parameter, AWS WAF inspects all parameters within the query string for the value or regex pattern that you specify in `TargetString` .\n\nIf `TargetString` includes alphabetic characters A-Z and a-z, note that the value is case sensitive.", - "title": "TargetString", - "type": "string" - }, - "TargetStringBase64": { - "markdownDescription": "The base64-encoded value that AWS WAF searches for. AWS CloudFormation sends this value to AWS WAF without encoding it.\n\nYou must specify this property or the `TargetString` property.\n\nAWS WAF searches for this value in a specific part of web requests, which you define in the `FieldToMatch` property.\n\nValid values depend on the Type value in the `FieldToMatch` property. For example, for a `METHOD` type, you must specify HTTP methods such as `DELETE, GET, HEAD, OPTIONS, PATCH, POST` , and `PUT` .", - "title": "TargetStringBase64", + "DataId": { + "markdownDescription": "A unique identifier for a predicate in a `Rule` , such as `ByteMatchSetId` or `IPSetId` . The ID is returned by the corresponding `Create` or `List` command.", + "title": "DataId", "type": "string" }, - "TextTransformation": { - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting it for a match.\n\nYou can only specify a single type of TextTransformation.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.", - "title": "TextTransformation", - "type": "string" - } - }, - "required": [ - "FieldToMatch", - "PositionalConstraint", - "TextTransformation" - ], - "type": "object" - }, - "AWS::WAF::ByteMatchSet.FieldToMatch": { - "additionalProperties": false, - "properties": { - "Data": { - "markdownDescription": "When the value of `Type` is `HEADER` , enter the name of the header that you want AWS WAF to search, for example, `User-Agent` or `Referer` . The name of the header is not case sensitive.\n\nWhen the value of `Type` is `SINGLE_QUERY_ARG` , enter the name of the parameter that you want AWS WAF to search, for example, `UserName` or `SalesRegion` . The parameter name is not case sensitive.\n\nIf the value of `Type` is any other value, omit `Data` .", - "title": "Data", - "type": "string" + "Negated": { + "markdownDescription": "Set `Negated` to `False` if you want AWS WAF to allow, block, or count requests based on the settings in the specified `ByteMatchSet` , `IPSet` , `SqlInjectionMatchSet` , `XssMatchSet` , `RegexMatchSet` , `GeoMatchSet` , or `SizeConstraintSet` . For example, if an `IPSet` includes the IP address `192.0.2.44` , AWS WAF will allow or block requests based on that IP address.\n\nSet `Negated` to `True` if you want AWS WAF to allow or block a request based on the negation of the settings in the `ByteMatchSet` , `IPSet` , `SqlInjectionMatchSet` , `XssMatchSet` , `RegexMatchSet` , `GeoMatchSet` , or `SizeConstraintSet` >. For example, if an `IPSet` includes the IP address `192.0.2.44` , AWS WAF will allow, block, or count requests based on all IP addresses *except* `192.0.2.44` .", + "title": "Negated", + "type": "boolean" }, "Type": { - "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicated the type of operation that the request is asking the origin to perform. Amazon CloudFront supports the following methods: `DELETE` , `GET` , `HEAD` , `OPTIONS` , `PATCH` , `POST` , and `PUT` .\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", + "markdownDescription": "The type of predicate in a `Rule` , such as `ByteMatch` or `IPSet` .", "title": "Type", "type": "string" } }, "required": [ + "DataId", + "Negated", "Type" ], "type": "object" }, - "AWS::WAF::IPSet": { + "AWS::WAFRegional::RegexPatternSet": { "additionalProperties": false, "properties": { "Condition": { @@ -265859,28 +317049,29 @@ "Properties": { "additionalProperties": false, "properties": { - "IPSetDescriptors": { - "items": { - "$ref": "#/definitions/AWS::WAF::IPSet.IPSetDescriptor" - }, - "markdownDescription": "The IP address type ( `IPV4` or `IPV6` ) and the IP address range (in CIDR notation) that web requests originate from. If the `WebACL` is associated with an Amazon CloudFront distribution and the viewer did not use an HTTP proxy or a load balancer to send the request, this is the value of the c-ip field in the CloudFront access logs.", - "title": "IPSetDescriptors", - "type": "array" - }, "Name": { - "markdownDescription": "The name of the `IPSet` . You can't change the name of an `IPSet` after you create it.", + "markdownDescription": "A friendly name or description of the `RegexPatternSet` . You can't change `Name` after you create a `RegexPatternSet` .", "title": "Name", "type": "string" + }, + "RegexPatternStrings": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the regular expression (regex) patterns that you want AWS WAF to search for, such as `B[a@]dB[o0]t` .", + "title": "RegexPatternStrings", + "type": "array" } }, "required": [ - "Name" + "Name", + "RegexPatternStrings" ], "type": "object" }, "Type": { "enum": [ - "AWS::WAF::IPSet" + "AWS::WAFRegional::RegexPatternSet" ], "type": "string" }, @@ -265899,27 +317090,7 @@ ], "type": "object" }, - "AWS::WAF::IPSet.IPSetDescriptor": { - "additionalProperties": false, - "properties": { - "Type": { - "markdownDescription": "Specify `IPV4` or `IPV6` .", - "title": "Type", - "type": "string" - }, - "Value": { - "markdownDescription": "Specify an IPv4 address by using CIDR notation. For example:\n\n- To configure AWS WAF to allow, block, or count requests that originated from the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure AWS WAF to allow, block, or count requests that originated from IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .\n\nSpecify an IPv6 address by using CIDR notation. For example:\n\n- To configure AWS WAF to allow, block, or count requests that originated from the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure AWS WAF to allow, block, or count requests that originated from IP addresses 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Type", - "Value" - ], - "type": "object" - }, - "AWS::WAF::Rule": { + "AWS::WAFRegional::Rule": { "additionalProperties": false, "properties": { "Condition": { @@ -265955,7 +317126,7 @@ "additionalProperties": false, "properties": { "MetricName": { - "markdownDescription": "The name of the metrics for this `Rule` . The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128 and minimum length one. It can't contain whitespace or metric names reserved for AWS WAF , including \"All\" and \"Default_Action.\" You can't change `MetricName` after you create the `Rule` .", + "markdownDescription": "A name for the metrics for this `Rule` . The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128 and minimum length one. It can't contain whitespace or metric names reserved for AWS WAF, including \"All\" and \"Default_Action.\" You can't change `MetricName` after you create the `Rule` .", "title": "MetricName", "type": "string" }, @@ -265966,7 +317137,7 @@ }, "Predicates": { "items": { - "$ref": "#/definitions/AWS::WAF::Rule.Predicate" + "$ref": "#/definitions/AWS::WAFRegional::Rule.Predicate" }, "markdownDescription": "The `Predicates` object contains one `Predicate` element for each `ByteMatchSet` , `IPSet` , or `SqlInjectionMatchSet` object that you want to include in a `Rule` .", "title": "Predicates", @@ -265981,7 +317152,7 @@ }, "Type": { "enum": [ - "AWS::WAF::Rule" + "AWS::WAFRegional::Rule" ], "type": "string" }, @@ -266000,7 +317171,7 @@ ], "type": "object" }, - "AWS::WAF::Rule.Predicate": { + "AWS::WAFRegional::Rule.Predicate": { "additionalProperties": false, "properties": { "DataId": { @@ -266026,7 +317197,7 @@ ], "type": "object" }, - "AWS::WAF::SizeConstraintSet": { + "AWS::WAFRegional::SizeConstraintSet": { "additionalProperties": false, "properties": { "Condition": { @@ -266068,7 +317239,7 @@ }, "SizeConstraints": { "items": { - "$ref": "#/definitions/AWS::WAF::SizeConstraintSet.SizeConstraint" + "$ref": "#/definitions/AWS::WAFRegional::SizeConstraintSet.SizeConstraint" }, "markdownDescription": "The size constraint and the part of the web request to check.", "title": "SizeConstraints", @@ -266076,14 +317247,13 @@ } }, "required": [ - "Name", - "SizeConstraints" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::WAF::SizeConstraintSet" + "AWS::WAFRegional::SizeConstraintSet" ], "type": "string" }, @@ -266102,7 +317272,7 @@ ], "type": "object" }, - "AWS::WAF::SizeConstraintSet.FieldToMatch": { + "AWS::WAFRegional::SizeConstraintSet.FieldToMatch": { "additionalProperties": false, "properties": { "Data": { @@ -266111,7 +317281,7 @@ "type": "string" }, "Type": { - "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicated the type of operation that the request is asking the origin to perform. Amazon CloudFront supports the following methods: `DELETE` , `GET` , `HEAD` , `OPTIONS` , `PATCH` , `POST` , and `PUT` .\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", + "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicates the type of operation that the request is asking the origin to perform.\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", "title": "Type", "type": "string" } @@ -266121,7 +317291,7 @@ ], "type": "object" }, - "AWS::WAF::SizeConstraintSet.SizeConstraint": { + "AWS::WAFRegional::SizeConstraintSet.SizeConstraint": { "additionalProperties": false, "properties": { "ComparisonOperator": { @@ -266130,8 +317300,8 @@ "type": "string" }, "FieldToMatch": { - "$ref": "#/definitions/AWS::WAF::SizeConstraintSet.FieldToMatch", - "markdownDescription": "The part of a web request that you want to inspect, such as a specified header or a query string.", + "$ref": "#/definitions/AWS::WAFRegional::SizeConstraintSet.FieldToMatch", + "markdownDescription": "The part of a web request that you want AWS WAF to inspect, such as a specific header or a query string.", "title": "FieldToMatch" }, "Size": { @@ -266140,7 +317310,7 @@ "type": "number" }, "TextTransformation": { - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting it for a match.\n\nYou can only specify a single type of TextTransformation.\n\nNote that if you choose `BODY` for the value of `Type` , you must choose `NONE` for `TextTransformation` because Amazon CloudFront forwards only the first 8192 bytes for inspection.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.", + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting a request for a match.\n\nYou can only specify a single type of TextTransformation.\n\nNote that if you choose `BODY` for the value of `Type` , you must choose `NONE` for `TextTransformation` because the API Gateway API or Application Load Balancer forward only the first 8192 bytes for inspection.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.", "title": "TextTransformation", "type": "string" } @@ -266153,7 +317323,7 @@ ], "type": "object" }, - "AWS::WAF::SqlInjectionMatchSet": { + "AWS::WAFRegional::SqlInjectionMatchSet": { "additionalProperties": false, "properties": { "Condition": { @@ -266195,7 +317365,7 @@ }, "SqlInjectionMatchTuples": { "items": { - "$ref": "#/definitions/AWS::WAF::SqlInjectionMatchSet.SqlInjectionMatchTuple" + "$ref": "#/definitions/AWS::WAFRegional::SqlInjectionMatchSet.SqlInjectionMatchTuple" }, "markdownDescription": "Specifies the parts of web requests that you want to inspect for snippets of malicious SQL code.", "title": "SqlInjectionMatchTuples", @@ -266209,7 +317379,7 @@ }, "Type": { "enum": [ - "AWS::WAF::SqlInjectionMatchSet" + "AWS::WAFRegional::SqlInjectionMatchSet" ], "type": "string" }, @@ -266228,7 +317398,7 @@ ], "type": "object" }, - "AWS::WAF::SqlInjectionMatchSet.FieldToMatch": { + "AWS::WAFRegional::SqlInjectionMatchSet.FieldToMatch": { "additionalProperties": false, "properties": { "Data": { @@ -266237,7 +317407,7 @@ "type": "string" }, "Type": { - "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicated the type of operation that the request is asking the origin to perform. Amazon CloudFront supports the following methods: `DELETE` , `GET` , `HEAD` , `OPTIONS` , `PATCH` , `POST` , and `PUT` .\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", + "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicates the type of operation that the request is asking the origin to perform.\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", "title": "Type", "type": "string" } @@ -266247,12 +317417,12 @@ ], "type": "object" }, - "AWS::WAF::SqlInjectionMatchSet.SqlInjectionMatchTuple": { + "AWS::WAFRegional::SqlInjectionMatchSet.SqlInjectionMatchTuple": { "additionalProperties": false, "properties": { "FieldToMatch": { - "$ref": "#/definitions/AWS::WAF::SqlInjectionMatchSet.FieldToMatch", - "markdownDescription": "The part of a web request that you want to inspect, such as a specified header or a query string.", + "$ref": "#/definitions/AWS::WAFRegional::SqlInjectionMatchSet.FieldToMatch", + "markdownDescription": "The part of a web request that you want AWS WAF to inspect, such as a specific header or a query string.", "title": "FieldToMatch" }, "TextTransformation": { @@ -266267,7 +317437,7 @@ ], "type": "object" }, - "AWS::WAF::WebACL": { + "AWS::WAFRegional::WebACL": { "additionalProperties": false, "properties": { "Condition": { @@ -266303,12 +317473,12 @@ "additionalProperties": false, "properties": { "DefaultAction": { - "$ref": "#/definitions/AWS::WAF::WebACL.WafAction", + "$ref": "#/definitions/AWS::WAFRegional::WebACL.Action", "markdownDescription": "The action to perform if none of the `Rules` contained in the `WebACL` match. The action is specified by the `WafAction` object.", "title": "DefaultAction" }, "MetricName": { - "markdownDescription": "The name of the metrics for this `WebACL` . The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128 and minimum length one. It can't contain whitespace or metric names reserved for AWS WAF , including \"All\" and \"Default_Action.\" You can't change `MetricName` after you create the `WebACL` .", + "markdownDescription": "A name for the metrics for this `WebACL` . The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128 and minimum length one. It can't contain whitespace or metric names reserved for AWS WAF, including \"All\" and \"Default_Action.\" You can't change `MetricName` after you create the `WebACL` .", "title": "MetricName", "type": "string" }, @@ -266319,7 +317489,7 @@ }, "Rules": { "items": { - "$ref": "#/definitions/AWS::WAF::WebACL.ActivatedRule" + "$ref": "#/definitions/AWS::WAFRegional::WebACL.Rule" }, "markdownDescription": "An array that contains the action for each `Rule` in a `WebACL` , the priority of the `Rule` , and the ID of the `Rule` .", "title": "Rules", @@ -266335,7 +317505,7 @@ }, "Type": { "enum": [ - "AWS::WAF::WebACL" + "AWS::WAFRegional::WebACL" ], "type": "string" }, @@ -266354,46 +317524,120 @@ ], "type": "object" }, - "AWS::WAF::WebACL.ActivatedRule": { + "AWS::WAFRegional::WebACL.Action": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "For actions that are associated with a rule, the action that AWS WAF takes when a web request matches all conditions in a rule.\n\nFor the default action of a web access control list (ACL), the action that AWS WAF takes when a web request doesn't match all conditions in any rule.\n\nValid settings include the following:\n\n- `ALLOW` : AWS WAF allows requests\n- `BLOCK` : AWS WAF blocks requests\n- `COUNT` : AWS WAF increments a counter of the requests that match all of the conditions in the rule. AWS WAF then continues to inspect the web request based on the remaining rules in the web ACL. You can't specify `COUNT` for the default action for a WebACL.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::WAFRegional::WebACL.Rule": { "additionalProperties": false, "properties": { "Action": { - "$ref": "#/definitions/AWS::WAF::WebACL.WafAction", - "markdownDescription": "Specifies the action that Amazon CloudFront or AWS WAF takes when a web request matches the conditions in the `Rule` . Valid values for `Action` include the following:\n\n- `ALLOW` : CloudFront responds with the requested object.\n- `BLOCK` : CloudFront responds with an HTTP 403 (Forbidden) status code.\n- `COUNT` : AWS WAF increments a counter of requests that match the conditions in the rule and then continues to inspect the web request based on the remaining rules in the web ACL.\n\n`ActivatedRule|OverrideAction` applies only when updating or adding a `RuleGroup` to a `WebACL` . In this case, you do not use `ActivatedRule|Action` . For all other update requests, `ActivatedRule|Action` is used instead of `ActivatedRule|OverrideAction` .", + "$ref": "#/definitions/AWS::WAFRegional::WebACL.Action", + "markdownDescription": "The action that AWS WAF takes when a web request matches all conditions in the rule, such as allow, block, or count the request.", "title": "Action" }, "Priority": { - "markdownDescription": "Specifies the order in which the `Rules` in a `WebACL` are evaluated. Rules with a lower value for `Priority` are evaluated before `Rules` with a higher value. The value must be a unique integer. If you add multiple `Rules` to a `WebACL` , the values don't need to be consecutive.", + "markdownDescription": "The order in which AWS WAF evaluates the rules in a web ACL. AWS WAF evaluates rules with a lower value before rules with a higher value. The value must be a unique integer. If you have multiple rules in a web ACL, the priority numbers do not need to be consecutive.", "title": "Priority", "type": "number" }, "RuleId": { - "markdownDescription": "The `RuleId` for a `Rule` . You use `RuleId` to get more information about a `Rule` , update a `Rule` , insert a `Rule` into a `WebACL` or delete a one from a `WebACL` , or delete a `Rule` from AWS WAF .\n\n`RuleId` is returned by `CreateRule` and by `ListRules` .", + "markdownDescription": "The ID of an AWS WAF Regional rule to associate with a web ACL.", "title": "RuleId", "type": "string" } }, "required": [ + "Action", "Priority", "RuleId" ], "type": "object" }, - "AWS::WAF::WebACL.WafAction": { + "AWS::WAFRegional::WebACLAssociation": { "additionalProperties": false, "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource to protect with the web ACL.", + "title": "ResourceArn", + "type": "string" + }, + "WebACLId": { + "markdownDescription": "A unique identifier (ID) for the web ACL.", + "title": "WebACLId", + "type": "string" + } + }, + "required": [ + "ResourceArn", + "WebACLId" + ], + "type": "object" + }, "Type": { - "markdownDescription": "Specifies how you want AWS WAF to respond to requests that match the settings in a `Rule` . Valid settings include the following:\n\n- `ALLOW` : AWS WAF allows requests\n- `BLOCK` : AWS WAF blocks requests\n- `COUNT` : AWS WAF increments a counter of the requests that match all of the conditions in the rule. AWS WAF then continues to inspect the web request based on the remaining rules in the web ACL. You can't specify `COUNT` for the default action for a `WebACL` .", - "title": "Type", + "enum": [ + "AWS::WAFRegional::WebACLAssociation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::WAF::XssMatchSet": { + "AWS::WAFRegional::XssMatchSet": { "additionalProperties": false, "properties": { "Condition": { @@ -266435,7 +317679,7 @@ }, "XssMatchTuples": { "items": { - "$ref": "#/definitions/AWS::WAF::XssMatchSet.XssMatchTuple" + "$ref": "#/definitions/AWS::WAFRegional::XssMatchSet.XssMatchTuple" }, "markdownDescription": "Specifies the parts of web requests that you want to inspect for cross-site scripting attacks.", "title": "XssMatchTuples", @@ -266443,14 +317687,13 @@ } }, "required": [ - "Name", - "XssMatchTuples" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::WAF::XssMatchSet" + "AWS::WAFRegional::XssMatchSet" ], "type": "string" }, @@ -266469,7 +317712,7 @@ ], "type": "object" }, - "AWS::WAF::XssMatchSet.FieldToMatch": { + "AWS::WAFRegional::XssMatchSet.FieldToMatch": { "additionalProperties": false, "properties": { "Data": { @@ -266478,7 +317721,7 @@ "type": "string" }, "Type": { - "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicated the type of operation that the request is asking the origin to perform. Amazon CloudFront supports the following methods: `DELETE` , `GET` , `HEAD` , `OPTIONS` , `PATCH` , `POST` , and `PUT` .\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", + "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicates the type of operation that the request is asking the origin to perform.\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", "title": "Type", "type": "string" } @@ -266488,12 +317731,12 @@ ], "type": "object" }, - "AWS::WAF::XssMatchSet.XssMatchTuple": { + "AWS::WAFRegional::XssMatchSet.XssMatchTuple": { "additionalProperties": false, "properties": { "FieldToMatch": { - "$ref": "#/definitions/AWS::WAF::XssMatchSet.FieldToMatch", - "markdownDescription": "The part of a web request that you want to inspect, such as a specified header or a query string.", + "$ref": "#/definitions/AWS::WAFRegional::XssMatchSet.FieldToMatch", + "markdownDescription": "The part of a web request that you want AWS WAF to inspect, such as a specified header or a query string.", "title": "FieldToMatch" }, "TextTransformation": { @@ -266508,7 +317751,7 @@ ], "type": "object" }, - "AWS::WAFRegional::ByteMatchSet": { + "AWS::WAFv2::IPSet": { "additionalProperties": false, "properties": { "Condition": { @@ -266543,28 +317786,53 @@ "Properties": { "additionalProperties": false, "properties": { - "ByteMatchTuples": { + "Addresses": { "items": { - "$ref": "#/definitions/AWS::WAFRegional::ByteMatchSet.ByteMatchTuple" + "type": "string" }, - "markdownDescription": "Specifies the bytes (typically a string that corresponds with ASCII characters) that you want AWS WAF to search for in web requests, the location in requests that you want AWS WAF to search, and other settings.", - "title": "ByteMatchTuples", + "markdownDescription": "Contains an array of strings that specifies zero or more IP addresses or blocks of IP addresses that you want AWS WAF to inspect for in incoming requests. All addresses must be specified using Classless Inter-Domain Routing (CIDR) notation. AWS WAF supports all IPv4 and IPv6 CIDR ranges except for `/0` .\n\nExample address strings:\n\n- For requests that originated from the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- For requests that originated from IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n- For requests that originated from the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- For requests that originated from IP addresses 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .\n\nExample JSON `Addresses` specifications:\n\n- Empty array: `\"Addresses\": []`\n- Array with one address: `\"Addresses\": [\"192.0.2.44/32\"]`\n- Array with three addresses: `\"Addresses\": [\"192.0.2.44/32\", \"192.0.2.0/24\", \"192.0.0.0/16\"]`\n- INVALID specification: `\"Addresses\": [\"\"]` INVALID", + "title": "Addresses", "type": "array" }, + "Description": { + "markdownDescription": "A description of the IP set that helps with identification.", + "title": "Description", + "type": "string" + }, + "IPAddressVersion": { + "markdownDescription": "The version of the IP addresses, either `IPV4` or `IPV6` .", + "title": "IPAddressVersion", + "type": "string" + }, "Name": { - "markdownDescription": "A friendly name or description of the `ByteMatchSet` . You can't change `Name` after you create a `ByteMatchSet` .", + "markdownDescription": "The name of the IP set. You cannot change the name of an `IPSet` after you create it.", "title": "Name", "type": "string" + }, + "Scope": { + "markdownDescription": "Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AWS AppSync GraphQL API, an Amazon Cognito user pool, an AWS App Runner service, or an AWS Verified Access instance. Valid Values are `CLOUDFRONT` and `REGIONAL` .\n\n> For `CLOUDFRONT` , you must create your WAFv2 resources in the US East (N. Virginia) Region, `us-east-1` .", + "title": "Scope", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.\n\n> To modify tags on existing resources, use the AWS WAF APIs or command line interface. With AWS CloudFormation , you can only add tags to AWS WAF resources during resource creation.", + "title": "Tags", + "type": "array" } }, "required": [ - "Name" + "Addresses", + "IPAddressVersion", + "Scope" ], "type": "object" }, "Type": { "enum": [ - "AWS::WAFRegional::ByteMatchSet" + "AWS::WAFv2::IPSet" ], "type": "string" }, @@ -266583,62 +317851,326 @@ ], "type": "object" }, - "AWS::WAFRegional::ByteMatchSet.ByteMatchTuple": { + "AWS::WAFv2::LoggingConfiguration": { "additionalProperties": false, "properties": { - "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFRegional::ByteMatchSet.FieldToMatch", - "markdownDescription": "The part of a web request that you want AWS WAF to inspect, such as a specific header or a query string.", - "title": "FieldToMatch" + "Condition": { + "type": "string" }, - "PositionalConstraint": { - "markdownDescription": "Within the portion of a web request that you want to search (for example, in the query string, if any), specify where you want AWS WAF to search. Valid values include the following:\n\n*CONTAINS*\n\nThe specified part of the web request must include the value of `TargetString` , but the location doesn't matter.\n\n*CONTAINS_WORD*\n\nThe specified part of the web request must include the value of `TargetString` , and `TargetString` must contain only alphanumeric characters or underscore (A-Z, a-z, 0-9, or _). In addition, `TargetString` must be a word, which means one of the following:\n\n- `TargetString` exactly matches the value of the specified part of the web request, such as the value of a header.\n- `TargetString` is at the beginning of the specified part of the web request and is followed by a character other than an alphanumeric character or underscore (_), for example, `BadBot;` .\n- `TargetString` is at the end of the specified part of the web request and is preceded by a character other than an alphanumeric character or underscore (_), for example, `;BadBot` .\n- `TargetString` is in the middle of the specified part of the web request and is preceded and followed by characters other than alphanumeric characters or underscore (_), for example, `-BadBot;` .\n\n*EXACTLY*\n\nThe value of the specified part of the web request must exactly match the value of `TargetString` .\n\n*STARTS_WITH*\n\nThe value of `TargetString` must appear at the beginning of the specified part of the web request.\n\n*ENDS_WITH*\n\nThe value of `TargetString` must appear at the end of the specified part of the web request.", - "title": "PositionalConstraint", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "TargetString": { - "markdownDescription": "The value that you want AWS WAF to search for. AWS WAF searches for the specified string in the part of web requests that you specified in `FieldToMatch` . The maximum length of the value is 50 bytes.\n\nYou must specify this property or the `TargetStringBase64` property.\n\nValid values depend on the values that you specified for `FieldToMatch` :\n\n- `HEADER` : The value that you want AWS WAF to search for in the request header that you specified in `FieldToMatch` , for example, the value of the `User-Agent` or `Referer` header.\n- `METHOD` : The HTTP method, which indicates the type of operation specified in the request.\n- `QUERY_STRING` : The value that you want AWS WAF to search for in the query string, which is the part of a URL that appears after a `?` character.\n- `URI` : The value that you want AWS WAF to search for in the part of a URL that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but instead of inspecting a single parameter, AWS WAF inspects all parameters within the query string for the value or regex pattern that you specify in `TargetString` .\n\nIf `TargetString` includes alphabetic characters A-Z and a-z, note that the value is case sensitive.", - "title": "TargetString", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "LogDestinationConfigs": { + "items": { + "type": "string" + }, + "markdownDescription": "The logging destination configuration that you want to associate with the web ACL.\n\n> You can associate one logging destination to a web ACL.", + "title": "LogDestinationConfigs", + "type": "array" + }, + "LoggingFilter": { + "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.LoggingFilter", + "markdownDescription": "Filtering that specifies which web requests are kept in the logs and which are dropped. You can filter on the rule action and on the web request labels that were applied by matching rules during web ACL evaluation.", + "title": "LoggingFilter" + }, + "RedactedFields": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.FieldToMatch" + }, + "markdownDescription": "The parts of the request that you want to keep out of the logs.\n\nFor example, if you redact the `SingleHeader` field, the `HEADER` field in the logs will be `REDACTED` for all rules that use the `SingleHeader` `FieldToMatch` setting.\n\nIf you configure data protection for the web ACL, the protection applies to the data that AWS WAF sends to the logs.\n\nRedaction applies only to the component that's specified in the rule's `FieldToMatch` setting, so the `SingleHeader` redaction doesn't apply to rules that use the `Headers` `FieldToMatch` .\n\n> You can specify only the following fields for redaction: `UriPath` , `QueryString` , `SingleHeader` , and `Method` . > This setting has no impact on request sampling. You can only exclude fields from request sampling by disabling sampling in the web ACL visibility configuration or by configuring data protection for the web ACL.", + "title": "RedactedFields", + "type": "array" + }, + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the web ACL that you want to associate with `LogDestinationConfigs` .", + "title": "ResourceArn", + "type": "string" + } + }, + "required": [ + "LogDestinationConfigs", + "ResourceArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::WAFv2::LoggingConfiguration" + ], "type": "string" }, - "TargetStringBase64": { - "markdownDescription": "The base64-encoded value that AWS WAF searches for. AWS CloudFormation sends this value to AWS WAF without encoding it.\n\nYou must specify this property or the `TargetString` property.\n\nAWS WAF searches for this value in a specific part of web requests, which you define in the `FieldToMatch` property.\n\nValid values depend on the Type value in the `FieldToMatch` property. For example, for a `METHOD` type, you must specify HTTP methods such as `DELETE, GET, HEAD, OPTIONS, PATCH, POST` , and `PUT` .", - "title": "TargetStringBase64", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::WAFv2::LoggingConfiguration.ActionCondition": { + "additionalProperties": false, + "properties": { + "Action": { + "markdownDescription": "The action setting that a log record must contain in order to meet the condition. This is the action that AWS WAF applied to the web request.\n\nFor rule groups, this is either the configured rule action setting, or if you've applied a rule action override to the rule, it's the override action. The value `EXCLUDED_AS_COUNT` matches on excluded rules and also on rules that have a rule action override of Count.", + "title": "Action", "type": "string" + } + }, + "required": [ + "Action" + ], + "type": "object" + }, + "AWS::WAFv2::LoggingConfiguration.Condition": { + "additionalProperties": false, + "properties": { + "ActionCondition": { + "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.ActionCondition", + "markdownDescription": "A single action condition. This is the action setting that a log record must contain in order to meet the condition.", + "title": "ActionCondition" }, - "TextTransformation": { - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting it for a match.\n\nYou can only specify a single type of TextTransformation.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.", - "title": "TextTransformation", + "LabelNameCondition": { + "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.LabelNameCondition", + "markdownDescription": "A single label name condition. This is the fully qualified label name that a log record must contain in order to meet the condition. Fully qualified labels have a prefix, optional namespaces, and label name. The prefix identifies the rule group or web ACL context of the rule that added the label.", + "title": "LabelNameCondition" + } + }, + "type": "object" + }, + "AWS::WAFv2::LoggingConfiguration.FieldToMatch": { + "additionalProperties": false, + "properties": { + "Method": { + "markdownDescription": "Redact the indicated HTTP method. The method indicates the type of operation that the request is asking the origin to perform.", + "title": "Method", + "type": "object" + }, + "QueryString": { + "markdownDescription": "Redact the query string. This is the part of a URL that appears after a `?` character, if any.", + "title": "QueryString", + "type": "object" + }, + "SingleHeader": { + "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.SingleHeader", + "markdownDescription": "Redact a single header. Provide the name of the header to inspect, for example, `User-Agent` or `Referer` . This setting isn't case sensitive.\n\nExample JSON: `\"SingleHeader\": { \"Name\": \"haystack\" }`", + "title": "SingleHeader" + }, + "UriPath": { + "markdownDescription": "Redact the request URI path. This is the part of the web request that identifies a resource, for example, `/images/daily-ad.jpg` .", + "title": "UriPath", + "type": "object" + } + }, + "type": "object" + }, + "AWS::WAFv2::LoggingConfiguration.Filter": { + "additionalProperties": false, + "properties": { + "Behavior": { + "markdownDescription": "How to handle logs that satisfy the filter's conditions and requirement.", + "title": "Behavior", + "type": "string" + }, + "Conditions": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.Condition" + }, + "markdownDescription": "Match conditions for the filter.", + "title": "Conditions", + "type": "array" + }, + "Requirement": { + "markdownDescription": "Logic to apply to the filtering conditions. You can specify that, in order to satisfy the filter, a log must match all conditions or must match at least one condition.", + "title": "Requirement", "type": "string" } }, "required": [ - "FieldToMatch", - "PositionalConstraint", - "TextTransformation" + "Behavior", + "Conditions", + "Requirement" ], "type": "object" }, - "AWS::WAFRegional::ByteMatchSet.FieldToMatch": { + "AWS::WAFv2::LoggingConfiguration.LabelNameCondition": { "additionalProperties": false, "properties": { - "Data": { - "markdownDescription": "When the value of `Type` is `HEADER` , enter the name of the header that you want AWS WAF to search, for example, `User-Agent` or `Referer` . The name of the header is not case sensitive.\n\nWhen the value of `Type` is `SINGLE_QUERY_ARG` , enter the name of the parameter that you want AWS WAF to search, for example, `UserName` or `SalesRegion` . The parameter name is not case sensitive.\n\nIf the value of `Type` is any other value, omit `Data` .", - "title": "Data", + "LabelName": { + "markdownDescription": "The label name that a log record must contain in order to meet the condition. This must be a fully qualified label name. Fully qualified labels have a prefix, optional namespaces, and label name. The prefix identifies the rule group or web ACL context of the rule that added the label.", + "title": "LabelName", + "type": "string" + } + }, + "required": [ + "LabelName" + ], + "type": "object" + }, + "AWS::WAFv2::LoggingConfiguration.LoggingFilter": { + "additionalProperties": false, + "properties": { + "DefaultBehavior": { + "markdownDescription": "Default handling for logs that don't match any of the specified filtering conditions.", + "title": "DefaultBehavior", + "type": "string" + }, + "Filters": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.Filter" + }, + "markdownDescription": "The filters that you want to apply to the logs.", + "title": "Filters", + "type": "array" + } + }, + "required": [ + "DefaultBehavior", + "Filters" + ], + "type": "object" + }, + "AWS::WAFv2::LoggingConfiguration.SingleHeader": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the query header to inspect.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::WAFv2::RegexPatternSet": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the set that helps with identification.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the set. You cannot change the name after you create the set.", + "title": "Name", + "type": "string" + }, + "RegularExpressionList": { + "items": { + "type": "string" + }, + "markdownDescription": "The regular expression patterns in the set.", + "title": "RegularExpressionList", + "type": "array" + }, + "Scope": { + "markdownDescription": "Specifies whether this is for an Amazon CloudFront distribution or for a regional application. For an AWS Amplify application, use `CLOUDFRONT` . A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AWS AppSync GraphQL API, an Amazon Cognito user pool, an AWS App Runner service, or an AWS Verified Access instance. Valid Values are `CLOUDFRONT` and `REGIONAL` .\n\n> For `CLOUDFRONT` , you must create your WAFv2 resources in the US East (N. Virginia) Region, `us-east-1` .", + "title": "Scope", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.\n\n> To modify tags on existing resources, use the AWS WAF APIs or command line interface. With AWS CloudFormation , you can only add tags to AWS WAF resources during resource creation.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "RegularExpressionList", + "Scope" + ], + "type": "object" + }, "Type": { - "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicated the type of operation that the request is asking the origin to perform.\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", - "title": "Type", + "enum": [ + "AWS::WAFv2::RegexPatternSet" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::WAFRegional::GeoMatchSet": { + "AWS::WAFv2::RuleGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -266673,28 +318205,85 @@ "Properties": { "additionalProperties": false, "properties": { - "GeoMatchConstraints": { + "AvailableLabels": { "items": { - "$ref": "#/definitions/AWS::WAFRegional::GeoMatchSet.GeoMatchConstraint" + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.LabelSummary" }, - "markdownDescription": "An array of `GeoMatchConstraint` objects, which contain the country that you want AWS WAF to search for.", - "title": "GeoMatchConstraints", + "markdownDescription": "The labels that one or more rules in this rule group add to matching web requests. These labels are defined in the `RuleLabels` for a `Rule` .", + "title": "AvailableLabels", + "type": "array" + }, + "Capacity": { + "markdownDescription": "The web ACL capacity units (WCUs) required for this rule group.\n\nWhen you create your own rule group, you define this, and you cannot change it after creation. When you add or modify the rules in a rule group, AWS WAF enforces this limit.\n\nAWS WAF uses WCUs to calculate and control the operating resources that are used to run your rules, rule groups, and web ACLs. AWS WAF calculates capacity differently for each rule type, to reflect the relative cost of each rule. Simple rules that cost little to run use fewer WCUs than more complex rules that use more processing power. Rule group capacity is fixed at creation, which helps users plan their web ACL WCU usage when they use a rule group. The WCU limit for web ACLs is 1,500.", + "title": "Capacity", + "type": "number" + }, + "ConsumedLabels": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.LabelSummary" + }, + "markdownDescription": "The labels that one or more rules in this rule group match against in label match statements. These labels are defined in a `LabelMatchStatement` specification, in the `Statement` definition of a rule.", + "title": "ConsumedLabels", "type": "array" }, + "CustomResponseBodies": { + "additionalProperties": false, + "markdownDescription": "A map of custom response keys and content bodies. When you create a rule with a block action, you can send a custom response to the web request. You define these for the rule group, and then use them in the rules that you define in the rule group.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomResponseBody" + } + }, + "title": "CustomResponseBodies", + "type": "object" + }, + "Description": { + "markdownDescription": "A description of the rule group that helps with identification.", + "title": "Description", + "type": "string" + }, "Name": { - "markdownDescription": "A friendly name or description of the `GeoMatchSet` . You can't change the name of an `GeoMatchSet` after you create it.", + "markdownDescription": "The name of the rule group. You cannot change the name of a rule group after you create it.", "title": "Name", "type": "string" + }, + "Rules": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Rule" + }, + "markdownDescription": "The rule statements used to identify the web requests that you want to allow, block, or count. Each rule includes one top-level statement that AWS WAF uses to identify matching web requests, and parameters that govern how AWS WAF handles them.", + "title": "Rules", + "type": "array" + }, + "Scope": { + "markdownDescription": "Specifies whether this is for an Amazon CloudFront distribution or for a regional application. For an AWS Amplify application, use `CLOUDFRONT` . A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AWS AppSync GraphQL API, an Amazon Cognito user pool, an AWS App Runner service, or an AWS Verified Access instance. Valid Values are `CLOUDFRONT` and `REGIONAL` .\n\n> For `CLOUDFRONT` , you must create your WAFv2 resources in the US East (N. Virginia) Region, `us-east-1` .", + "title": "Scope", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.\n\n> To modify tags on existing resources, use the AWS WAF APIs or command line interface. With AWS CloudFormation , you can only add tags to AWS WAF resources during resource creation.", + "title": "Tags", + "type": "array" + }, + "VisibilityConfig": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.VisibilityConfig", + "markdownDescription": "Defines and enables Amazon CloudWatch metrics and web request sample collection.", + "title": "VisibilityConfig" } }, "required": [ - "Name" + "Capacity", + "Scope", + "VisibilityConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::WAFRegional::GeoMatchSet" + "AWS::WAFv2::RuleGroup" ], "type": "string" }, @@ -266708,1402 +318297,1332 @@ } }, "required": [ - "Type", - "Properties" + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.AllowAction": { + "additionalProperties": false, + "properties": { + "CustomRequestHandling": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomRequestHandling", + "markdownDescription": "Defines custom handling for the web request.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", + "title": "CustomRequestHandling" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.AndStatement": { + "additionalProperties": false, + "properties": { + "Statements": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Statement" + }, + "markdownDescription": "The statements to combine with AND logic. You can use any statements that can be nested.", + "title": "Statements", + "type": "array" + } + }, + "required": [ + "Statements" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.AsnMatchStatement": { + "additionalProperties": false, + "properties": { + "AsnList": { + "items": { + "type": "number" + }, + "markdownDescription": "Contains one or more Autonomous System Numbers (ASNs). ASNs are unique identifiers assigned to large internet networks managed by organizations such as internet service providers, enterprises, universities, or government agencies.", + "title": "AsnList", + "type": "array" + }, + "ForwardedIPConfig": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ForwardedIPConfiguration", + "markdownDescription": "The configuration for inspecting IP addresses to match against an ASN in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.", + "title": "ForwardedIPConfig" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.BlockAction": { + "additionalProperties": false, + "properties": { + "CustomResponse": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomResponse", + "markdownDescription": "Defines a custom response for the web request.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", + "title": "CustomResponse" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.Body": { + "additionalProperties": false, + "properties": { + "OversizeHandling": { + "markdownDescription": "What AWS WAF should do if the body is larger than AWS WAF can inspect.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n- For AWS Amplify , use the CloudFront limit.\n\nThe options for oversize handling are the following:\n\n- `CONTINUE` - Inspect the available body contents normally, according to the rule inspection criteria.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.\n\nYou can combine the `MATCH` or `NO_MATCH` settings for oversize handling with your rule and web ACL action settings, so that you block any request whose body is over the limit.\n\nDefault: `CONTINUE`", + "title": "OversizeHandling", + "type": "string" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.ByteMatchStatement": { + "additionalProperties": false, + "properties": { + "FieldToMatch": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.FieldToMatch", + "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", + "title": "FieldToMatch" + }, + "PositionalConstraint": { + "markdownDescription": "The area within the portion of the web request that you want AWS WAF to search for `SearchString` . Valid values include the following:\n\n*CONTAINS*\n\nThe specified part of the web request must include the value of `SearchString` , but the location doesn't matter.\n\n*CONTAINS_WORD*\n\nThe specified part of the web request must include the value of `SearchString` , and `SearchString` must contain only alphanumeric characters or underscore (A-Z, a-z, 0-9, or _). In addition, `SearchString` must be a word, which means that both of the following are true:\n\n- `SearchString` is at the beginning of the specified part of the web request or is preceded by a character other than an alphanumeric character or underscore (_). Examples include the value of a header and `;BadBot` .\n- `SearchString` is at the end of the specified part of the web request or is followed by a character other than an alphanumeric character or underscore (_), for example, `BadBot;` and `-BadBot;` .\n\n*EXACTLY*\n\nThe value of the specified part of the web request must exactly match the value of `SearchString` .\n\n*STARTS_WITH*\n\nThe value of `SearchString` must appear at the beginning of the specified part of the web request.\n\n*ENDS_WITH*\n\nThe value of `SearchString` must appear at the end of the specified part of the web request.", + "title": "PositionalConstraint", + "type": "string" + }, + "SearchString": { + "markdownDescription": "A string value that you want AWS WAF to search for. AWS WAF searches only in the part of web requests that you designate for inspection in `FieldToMatch` . The maximum length of the value is 200 bytes. For alphabetic characters A-Z and a-z, the value is case sensitive.\n\nDon't encode this string. Provide the value that you want AWS WAF to search for. AWS CloudFormation automatically base64 encodes the value for you.\n\nFor example, suppose the value of `Type` is `HEADER` and the value of `Data` is `User-Agent` . If you want to search the `User-Agent` header for the value `BadBot` , you provide the string `BadBot` in the value of `SearchString` .\n\nYou must specify either `SearchString` or `SearchStringBase64` in a `ByteMatchStatement` .", + "title": "SearchString", + "type": "string" + }, + "SearchStringBase64": { + "markdownDescription": "String to search for in a web request component, base64-encoded. If you don't want to encode the string, specify the unencoded value in `SearchString` instead.\n\nYou must specify either `SearchString` or `SearchStringBase64` in a `ByteMatchStatement` .", + "title": "SearchStringBase64", + "type": "string" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + }, + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", + "title": "TextTransformations", + "type": "array" + } + }, + "required": [ + "FieldToMatch", + "PositionalConstraint", + "TextTransformations" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.CaptchaAction": { + "additionalProperties": false, + "properties": { + "CustomRequestHandling": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomRequestHandling", + "markdownDescription": "Defines custom handling for the web request, used when the `CAPTCHA` inspection determines that the request's token is valid and unexpired.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", + "title": "CustomRequestHandling" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.CaptchaConfig": { + "additionalProperties": false, + "properties": { + "ImmunityTimeProperty": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ImmunityTimeProperty", + "markdownDescription": "Determines how long a `CAPTCHA` timestamp in the token remains valid after the client successfully solves a `CAPTCHA` puzzle.", + "title": "ImmunityTimeProperty" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.ChallengeAction": { + "additionalProperties": false, + "properties": { + "CustomRequestHandling": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomRequestHandling", + "markdownDescription": "Defines custom handling for the web request, used when the challenge inspection determines that the request's token is valid and unexpired.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", + "title": "CustomRequestHandling" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.ChallengeConfig": { + "additionalProperties": false, + "properties": { + "ImmunityTimeProperty": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ImmunityTimeProperty", + "markdownDescription": "Determines how long a challenge timestamp in the token remains valid after the client successfully responds to a challenge.", + "title": "ImmunityTimeProperty" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.CookieMatchPattern": { + "additionalProperties": false, + "properties": { + "All": { + "markdownDescription": "Inspect all cookies.", + "title": "All", + "type": "object" + }, + "ExcludedCookies": { + "items": { + "type": "string" + }, + "markdownDescription": "Inspect only the cookies whose keys don't match any of the strings specified here.", + "title": "ExcludedCookies", + "type": "array" + }, + "IncludedCookies": { + "items": { + "type": "string" + }, + "markdownDescription": "Inspect only the cookies that have a key that matches one of the strings specified here.", + "title": "IncludedCookies", + "type": "array" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.Cookies": { + "additionalProperties": false, + "properties": { + "MatchPattern": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CookieMatchPattern", + "markdownDescription": "The filter to use to identify the subset of cookies to inspect in a web request.\n\nYou must specify exactly one setting: either `All` , `IncludedCookies` , or `ExcludedCookies` .\n\nExample JSON: `\"MatchPattern\": { \"IncludedCookies\": [ \"session-id-time\", \"session-id\" ] }`", + "title": "MatchPattern" + }, + "MatchScope": { + "markdownDescription": "The parts of the cookies to inspect with the rule inspection criteria. If you specify `ALL` , AWS WAF inspects both keys and values.\n\n`All` does not require a match to be found in the keys and a match to be found in the values. It requires a match to be found in the keys or the values or both. To require a match in the keys and in the values, use a logical `AND` statement to combine two match rules, one that inspects the keys and another that inspects the values.", + "title": "MatchScope", + "type": "string" + }, + "OversizeHandling": { + "markdownDescription": "What AWS WAF should do if the cookies of the request are more numerous or larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF .\n\nThe options for oversize handling are the following:\n\n- `CONTINUE` - Inspect the available cookies normally, according to the rule inspection criteria.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", + "title": "OversizeHandling", + "type": "string" + } + }, + "required": [ + "MatchPattern", + "MatchScope", + "OversizeHandling" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.CountAction": { + "additionalProperties": false, + "properties": { + "CustomRequestHandling": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomRequestHandling", + "markdownDescription": "Defines custom handling for the web request.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", + "title": "CustomRequestHandling" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.CustomHTTPHeader": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the custom header.\n\nFor custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name `x-amzn-waf-` , to avoid confusion with the headers that are already in the request. For example, for the header name `sample` , AWS WAF inserts the header `x-amzn-waf-sample` .", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the custom header.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Name", + "Value" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.CustomRequestHandling": { + "additionalProperties": false, + "properties": { + "InsertHeaders": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomHTTPHeader" + }, + "markdownDescription": "The HTTP headers to insert into the request. Duplicate header names are not allowed.\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", + "title": "InsertHeaders", + "type": "array" + } + }, + "required": [ + "InsertHeaders" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.CustomResponse": { + "additionalProperties": false, + "properties": { + "CustomResponseBodyKey": { + "markdownDescription": "References the response body that you want AWS WAF to return to the web request client. You can define a custom response for a rule action or a default web ACL action that is set to block. To do this, you first define the response body key and value in the `CustomResponseBodies` setting for the `WebACL` or `RuleGroup` where you want to use it. Then, in the rule action or web ACL default action `BlockAction` setting, you reference the response body using this key.", + "title": "CustomResponseBodyKey", + "type": "string" + }, + "ResponseCode": { + "markdownDescription": "The HTTP status code to return to the client.\n\nFor a list of status codes that you can use in your custom responses, see [Supported status codes for custom response](https://docs.aws.amazon.com/waf/latest/developerguide/customizing-the-response-status-codes.html) in the *AWS WAF Developer Guide* .", + "title": "ResponseCode", + "type": "number" + }, + "ResponseHeaders": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomHTTPHeader" + }, + "markdownDescription": "The HTTP headers to use in the response. You can specify any header name except for `content-type` . Duplicate header names are not allowed.\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", + "title": "ResponseHeaders", + "type": "array" + } + }, + "required": [ + "ResponseCode" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.CustomResponseBody": { + "additionalProperties": false, + "properties": { + "Content": { + "markdownDescription": "The payload of the custom response.\n\nYou can use JSON escape strings in JSON content. To do this, you must specify JSON content in the `ContentType` setting.\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", + "title": "Content", + "type": "string" + }, + "ContentType": { + "markdownDescription": "The type of content in the payload that you are defining in the `Content` string.", + "title": "ContentType", + "type": "string" + } + }, + "required": [ + "Content", + "ContentType" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.FieldToMatch": { + "additionalProperties": false, + "properties": { + "AllQueryArguments": { + "markdownDescription": "Inspect all query arguments.", + "title": "AllQueryArguments", + "type": "object" + }, + "Body": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Body", + "markdownDescription": "Inspect the request body as plain text. The request body immediately follows the request headers. This is the part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n- For AWS Amplify , use the CloudFront limit.\n\nFor information about how to handle oversized request bodies, see the `Body` object configuration.", + "title": "Body" + }, + "Cookies": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Cookies", + "markdownDescription": "Inspect the request cookies. You must configure scope and pattern matching filters in the `Cookies` object, to define the set of cookies and the parts of the cookies that AWS WAF inspects.\n\nOnly the first 8 KB (8192 bytes) of a request's cookies and only the first 200 cookies are forwarded to AWS WAF for inspection by the underlying host service. You must configure how to handle any oversize cookie content in the `Cookies` object. AWS WAF applies the pattern matching filters to the cookies that it receives from the underlying host service.", + "title": "Cookies" + }, + "Headers": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Headers", + "markdownDescription": "Inspect the request headers. You must configure scope and pattern matching filters in the `Headers` object, to define the set of headers to and the parts of the headers that AWS WAF inspects.\n\nOnly the first 8 KB (8192 bytes) of a request's headers and only the first 200 headers are forwarded to AWS WAF for inspection by the underlying host service. You must configure how to handle any oversize header content in the `Headers` object. AWS WAF applies the pattern matching filters to the headers that it receives from the underlying host service.", + "title": "Headers" + }, + "JA3Fingerprint": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.JA3Fingerprint", + "markdownDescription": "Available for use with Amazon CloudFront distributions and Application Load Balancers. Match against the request's JA3 fingerprint. The JA3 fingerprint is a 32-character hash derived from the TLS Client Hello of an incoming request. This fingerprint serves as a unique identifier for the client's TLS configuration. AWS WAF calculates and logs this fingerprint for each request that has enough TLS Client Hello information for the calculation. Almost all web requests include this information.\n\n> You can use this choice only with a string match `ByteMatchStatement` with the `PositionalConstraint` set to `EXACTLY` . \n\nYou can obtain the JA3 fingerprint for client requests from the web ACL logs. If AWS WAF is able to calculate the fingerprint, it includes it in the logs. For information about the logging fields, see [Log fields](https://docs.aws.amazon.com/waf/latest/developerguide/logging-fields.html) in the *AWS WAF Developer Guide* .\n\nProvide the JA3 fingerprint string from the logs in your string match statement specification, to match with any future requests that have the same TLS configuration.", + "title": "JA3Fingerprint" + }, + "JA4Fingerprint": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.JA4Fingerprint", + "markdownDescription": "Available for use with Amazon CloudFront distributions and Application Load Balancers. Match against the request's JA4 fingerprint. The JA4 fingerprint is a 36-character hash derived from the TLS Client Hello of an incoming request. This fingerprint serves as a unique identifier for the client's TLS configuration. AWS WAF calculates and logs this fingerprint for each request that has enough TLS Client Hello information for the calculation. Almost all web requests include this information.\n\n> You can use this choice only with a string match `ByteMatchStatement` with the `PositionalConstraint` set to `EXACTLY` . \n\nYou can obtain the JA4 fingerprint for client requests from the web ACL logs. If AWS WAF is able to calculate the fingerprint, it includes it in the logs. For information about the logging fields, see [Log fields](https://docs.aws.amazon.com/waf/latest/developerguide/logging-fields.html) in the *AWS WAF Developer Guide* .\n\nProvide the JA4 fingerprint string from the logs in your string match statement specification, to match with any future requests that have the same TLS configuration.", + "title": "JA4Fingerprint" + }, + "JsonBody": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.JsonBody", + "markdownDescription": "Inspect the request body as JSON. The request body immediately follows the request headers. This is the part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n- For AWS Amplify , use the CloudFront limit.\n\nFor information about how to handle oversized request bodies, see the `JsonBody` object configuration.", + "title": "JsonBody" + }, + "Method": { + "markdownDescription": "Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.", + "title": "Method", + "type": "object" + }, + "QueryString": { + "markdownDescription": "Inspect the query string. This is the part of a URL that appears after a `?` character, if any.", + "title": "QueryString", + "type": "object" + }, + "SingleHeader": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.SingleHeader", + "markdownDescription": "Inspect a single header. Provide the name of the header to inspect, for example, `User-Agent` or `Referer` . This setting isn't case sensitive.\n\nExample JSON: `\"SingleHeader\": { \"Name\": \"haystack\" }`\n\nAlternately, you can filter and inspect all headers with the `Headers` `FieldToMatch` setting.", + "title": "SingleHeader" + }, + "SingleQueryArgument": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.SingleQueryArgument", + "markdownDescription": "Inspect a single query argument. Provide the name of the query argument to inspect, such as *UserName* or *SalesRegion* . The name can be up to 30 characters long and isn't case sensitive.\n\nExample JSON: `\"SingleQueryArgument\": { \"Name\": \"myArgument\" }`", + "title": "SingleQueryArgument" + }, + "UriFragment": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.UriFragment", + "markdownDescription": "Inspect fragments of the request URI. You must configure scope and pattern matching filters in the `UriFragment` object, to define the fragment of a URI that AWS WAF inspects.\n\nOnly the first 8 KB (8192 bytes) of a request's URI fragments and only the first 200 URI fragments are forwarded to AWS WAF for inspection by the underlying host service. You must configure how to handle any oversize URI fragment content in the `UriFragment` object. AWS WAF applies the pattern matching filters to the cookies that it receives from the underlying host service.", + "title": "UriFragment" + }, + "UriPath": { + "markdownDescription": "Inspect the request URI path. This is the part of the web request that identifies a resource, for example, `/images/daily-ad.jpg` .", + "title": "UriPath", + "type": "object" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.ForwardedIPConfiguration": { + "additionalProperties": false, + "properties": { + "FallbackBehavior": { + "markdownDescription": "The match status to assign to the web request if the request doesn't have a valid IP address in the specified position.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. \n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", + "title": "FallbackBehavior", + "type": "string" + }, + "HeaderName": { + "markdownDescription": "The name of the HTTP header to use for the IP address. For example, to use the X-Forwarded-For (XFF) header, set this to `X-Forwarded-For` .\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all.", + "title": "HeaderName", + "type": "string" + } + }, + "required": [ + "FallbackBehavior", + "HeaderName" ], "type": "object" }, - "AWS::WAFRegional::GeoMatchSet.GeoMatchConstraint": { + "AWS::WAFv2::RuleGroup.GeoMatchStatement": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The type of geographical area you want AWS WAF to search for. Currently `Country` is the only valid value.", - "title": "Type", - "type": "string" + "CountryCodes": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of two-character country codes that you want to match against, for example, `[ \"US\", \"CN\" ]` , from the alpha-2 country ISO codes of the ISO 3166 international standard.\n\nWhen you use a geo match statement just for the region and country labels that it adds to requests, you still have to supply a country code for the rule to evaluate. In this case, you configure the rule to only count matching requests, but it will still generate logging and count metrics for any matches. You can reduce the logging and metrics that the rule produces by specifying a country that's unlikely to be a source of traffic to your site.", + "title": "CountryCodes", + "type": "array" }, - "Value": { - "markdownDescription": "The country that you want AWS WAF to search for.", - "title": "Value", - "type": "string" + "ForwardedIPConfig": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ForwardedIPConfiguration", + "markdownDescription": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all.", + "title": "ForwardedIPConfig" } }, - "required": [ - "Type", - "Value" - ], "type": "object" }, - "AWS::WAFRegional::IPSet": { + "AWS::WAFv2::RuleGroup.HeaderMatchPattern": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { + "All": { + "markdownDescription": "Inspect all headers.", + "title": "All", "type": "object" }, - "Properties": { - "additionalProperties": false, - "properties": { - "IPSetDescriptors": { - "items": { - "$ref": "#/definitions/AWS::WAFRegional::IPSet.IPSetDescriptor" - }, - "markdownDescription": "The IP address type ( `IPV4` or `IPV6` ) and the IP address range (in CIDR notation) that web requests originate from.", - "title": "IPSetDescriptors", - "type": "array" - }, - "Name": { - "markdownDescription": "A friendly name or description of the `IPSet` . You can't change the name of an `IPSet` after you create it.", - "title": "Name", - "type": "string" - } + "ExcludedHeaders": { + "items": { + "type": "string" }, - "required": [ - "Name" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::WAFRegional::IPSet" - ], - "type": "string" + "markdownDescription": "Inspect only the headers whose keys don't match any of the strings specified here.", + "title": "ExcludedHeaders", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "IncludedHeaders": { + "items": { + "type": "string" + }, + "markdownDescription": "Inspect only the headers that have a key that matches one of the strings specified here.", + "title": "IncludedHeaders", + "type": "array" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::WAFRegional::IPSet.IPSetDescriptor": { + "AWS::WAFv2::RuleGroup.Headers": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "Specify `IPV4` or `IPV6` .", - "title": "Type", + "MatchPattern": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.HeaderMatchPattern", + "markdownDescription": "The filter to use to identify the subset of headers to inspect in a web request.\n\nYou must specify exactly one setting: either `All` , `IncludedHeaders` , or `ExcludedHeaders` .\n\nExample JSON: `\"MatchPattern\": { \"ExcludedHeaders\": [ \"KeyToExclude1\", \"KeyToExclude2\" ] }`", + "title": "MatchPattern" + }, + "MatchScope": { + "markdownDescription": "The parts of the headers to match with the rule inspection criteria. If you specify `ALL` , AWS WAF inspects both keys and values.\n\n`All` does not require a match to be found in the keys and a match to be found in the values. It requires a match to be found in the keys or the values or both. To require a match in the keys and in the values, use a logical `AND` statement to combine two match rules, one that inspects the keys and another that inspects the values.", + "title": "MatchScope", "type": "string" }, - "Value": { - "markdownDescription": "Specify an IPv4 address by using CIDR notation. For example:\n\n- To configure AWS WAF to allow, block, or count requests that originated from the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure AWS WAF to allow, block, or count requests that originated from IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .\n\nSpecify an IPv6 address by using CIDR notation. For example:\n\n- To configure AWS WAF to allow, block, or count requests that originated from the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure AWS WAF to allow, block, or count requests that originated from IP addresses 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .", - "title": "Value", + "OversizeHandling": { + "markdownDescription": "What AWS WAF should do if the headers determined by your match scope are more numerous or larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request headers when they exceed 8 KB (8192 bytes) or 200 total headers. The underlying host service forwards a maximum of 200 headers and at most 8 KB of header contents to AWS WAF .\n\nThe options for oversize handling are the following:\n\n- `CONTINUE` - Inspect the available headers normally, according to the rule inspection criteria.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", + "title": "OversizeHandling", "type": "string" } }, "required": [ - "Type", - "Value" + "MatchPattern", + "MatchScope", + "OversizeHandling" ], "type": "object" }, - "AWS::WAFRegional::RateBasedRule": { + "AWS::WAFv2::RuleGroup.IPSetForwardedIPConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FallbackBehavior": { + "markdownDescription": "The match status to assign to the web request if the request doesn't have a valid IP address in the specified position.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. \n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", + "title": "FallbackBehavior", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "MatchPredicates": { - "items": { - "$ref": "#/definitions/AWS::WAFRegional::RateBasedRule.Predicate" - }, - "markdownDescription": "The `Predicates` object contains one `Predicate` element for each `ByteMatchSet` , `IPSet` , or `SqlInjectionMatchSet>` object that you want to include in a `RateBasedRule` .", - "title": "MatchPredicates", - "type": "array" - }, - "MetricName": { - "markdownDescription": "A name for the metrics for a `RateBasedRule` . The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128 and minimum length one. It can't contain whitespace or metric names reserved for AWS WAF , including \"All\" and \"Default_Action.\" You can't change the name of the metric after you create the `RateBasedRule` .", - "title": "MetricName", - "type": "string" - }, - "Name": { - "markdownDescription": "A friendly name or description for a `RateBasedRule` . You can't change the name of a `RateBasedRule` after you create it.", - "title": "Name", - "type": "string" - }, - "RateKey": { - "markdownDescription": "The field that AWS WAF uses to determine if requests are likely arriving from single source and thus subject to rate monitoring. The only valid value for `RateKey` is `IP` . `IP` indicates that requests arriving from the same IP address are subject to the `RateLimit` that is specified in the `RateBasedRule` .", - "title": "RateKey", - "type": "string" - }, - "RateLimit": { - "markdownDescription": "The maximum number of requests, which have an identical value in the field specified by the `RateKey` , allowed in a five-minute period. If the number of requests exceeds the `RateLimit` and the other predicates specified in the rule are also met, AWS WAF triggers the action that is specified for this rule.", - "title": "RateLimit", - "type": "number" - } - }, - "required": [ - "MetricName", - "Name", - "RateKey", - "RateLimit" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::WAFRegional::RateBasedRule" - ], + "HeaderName": { + "markdownDescription": "The name of the HTTP header to use for the IP address. For example, to use the X-Forwarded-For (XFF) header, set this to `X-Forwarded-For` .\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all.", + "title": "HeaderName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Position": { + "markdownDescription": "The position in the header to search for the IP address. The header can contain IP addresses of the original client and also of proxies. For example, the header value could be `10.1.1.1, 127.0.0.0, 10.10.10.10` where the first IP address identifies the original client and the rest identify proxies that the request went through.\n\nThe options for this setting are the following:\n\n- FIRST - Inspect the first IP address in the list of IP addresses in the header. This is usually the client's original IP.\n- LAST - Inspect the last IP address in the list of IP addresses in the header.\n- ANY - Inspect all IP addresses in the header for a match. If the header contains more than 10 IP addresses, AWS WAF inspects the last 10.", + "title": "Position", "type": "string" } }, "required": [ - "Type", - "Properties" + "FallbackBehavior", + "HeaderName", + "Position" ], "type": "object" }, - "AWS::WAFRegional::RateBasedRule.Predicate": { + "AWS::WAFv2::RuleGroup.IPSetReferenceStatement": { "additionalProperties": false, "properties": { - "DataId": { - "markdownDescription": "A unique identifier for a predicate in a `Rule` , such as `ByteMatchSetId` or `IPSetId` . The ID is returned by the corresponding `Create` or `List` command.", - "title": "DataId", + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the `IPSet` that this statement references.", + "title": "Arn", "type": "string" }, - "Negated": { - "markdownDescription": "Set `Negated` to `False` if you want AWS WAF to allow, block, or count requests based on the settings in the specified `ByteMatchSet` , `IPSet` , `SqlInjectionMatchSet` , `XssMatchSet` , `RegexMatchSet` , `GeoMatchSet` , or `SizeConstraintSet` . For example, if an `IPSet` includes the IP address `192.0.2.44` , AWS WAF will allow or block requests based on that IP address.\n\nSet `Negated` to `True` if you want AWS WAF to allow or block a request based on the negation of the settings in the `ByteMatchSet` , `IPSet` , `SqlInjectionMatchSet` , `XssMatchSet` , `RegexMatchSet` , `GeoMatchSet` , or `SizeConstraintSet` >. For example, if an `IPSet` includes the IP address `192.0.2.44` , AWS WAF will allow, block, or count requests based on all IP addresses *except* `192.0.2.44` .", - "title": "Negated", - "type": "boolean" - }, - "Type": { - "markdownDescription": "The type of predicate in a `Rule` , such as `ByteMatch` or `IPSet` .", - "title": "Type", - "type": "string" + "IPSetForwardedIPConfig": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.IPSetForwardedIPConfiguration", + "markdownDescription": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all.", + "title": "IPSetForwardedIPConfig" } }, "required": [ - "DataId", - "Negated", - "Type" + "Arn" ], "type": "object" }, - "AWS::WAFRegional::RegexPatternSet": { + "AWS::WAFv2::RuleGroup.ImmunityTimeProperty": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "A friendly name or description of the `RegexPatternSet` . You can't change `Name` after you create a `RegexPatternSet` .", - "title": "Name", - "type": "string" - }, - "RegexPatternStrings": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the regular expression (regex) patterns that you want AWS WAF to search for, such as `B[a@]dB[o0]t` .", - "title": "RegexPatternStrings", - "type": "array" - } - }, - "required": [ - "Name", - "RegexPatternStrings" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::WAFRegional::RegexPatternSet" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "ImmunityTime": { + "markdownDescription": "The amount of time, in seconds, that a `CAPTCHA` or challenge timestamp is considered valid by AWS WAF . The default setting is 300.\n\nFor the Challenge action, the minimum setting is 300.", + "title": "ImmunityTime", + "type": "number" } }, "required": [ - "Type", - "Properties" + "ImmunityTime" ], "type": "object" }, - "AWS::WAFRegional::Rule": { + "AWS::WAFv2::RuleGroup.JA3Fingerprint": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "MetricName": { - "markdownDescription": "A name for the metrics for this `Rule` . The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128 and minimum length one. It can't contain whitespace or metric names reserved for AWS WAF, including \"All\" and \"Default_Action.\" You can't change `MetricName` after you create the `Rule` .", - "title": "MetricName", - "type": "string" - }, - "Name": { - "markdownDescription": "The friendly name or description for the `Rule` . You can't change the name of a `Rule` after you create it.", - "title": "Name", - "type": "string" - }, - "Predicates": { - "items": { - "$ref": "#/definitions/AWS::WAFRegional::Rule.Predicate" - }, - "markdownDescription": "The `Predicates` object contains one `Predicate` element for each `ByteMatchSet` , `IPSet` , or `SqlInjectionMatchSet` object that you want to include in a `Rule` .", - "title": "Predicates", - "type": "array" - } - }, - "required": [ - "MetricName", - "Name" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::WAFRegional::Rule" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FallbackBehavior": { + "markdownDescription": "The match status to assign to the web request if the request doesn't have a JA3 fingerprint.\n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", + "title": "FallbackBehavior", "type": "string" } }, "required": [ - "Type", - "Properties" + "FallbackBehavior" ], "type": "object" }, - "AWS::WAFRegional::Rule.Predicate": { + "AWS::WAFv2::RuleGroup.JA4Fingerprint": { "additionalProperties": false, "properties": { - "DataId": { - "markdownDescription": "A unique identifier for a predicate in a `Rule` , such as `ByteMatchSetId` or `IPSetId` . The ID is returned by the corresponding `Create` or `List` command.", - "title": "DataId", - "type": "string" - }, - "Negated": { - "markdownDescription": "Set `Negated` to `False` if you want AWS WAF to allow, block, or count requests based on the settings in the specified `ByteMatchSet` , `IPSet` , `SqlInjectionMatchSet` , `XssMatchSet` , `RegexMatchSet` , `GeoMatchSet` , or `SizeConstraintSet` . For example, if an `IPSet` includes the IP address `192.0.2.44` , AWS WAF will allow or block requests based on that IP address.\n\nSet `Negated` to `True` if you want AWS WAF to allow or block a request based on the negation of the settings in the `ByteMatchSet` , `IPSet` , `SqlInjectionMatchSet` , `XssMatchSet` , `RegexMatchSet` , `GeoMatchSet` , or `SizeConstraintSet` . For example, if an `IPSet` includes the IP address `192.0.2.44` , AWS WAF will allow, block, or count requests based on all IP addresses *except* `192.0.2.44` .", - "title": "Negated", - "type": "boolean" - }, - "Type": { - "markdownDescription": "The type of predicate in a `Rule` , such as `ByteMatch` or `IPSet` .", - "title": "Type", + "FallbackBehavior": { + "markdownDescription": "The match status to assign to the web request if the request doesn't have a JA4 fingerprint.\n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", + "title": "FallbackBehavior", "type": "string" } }, "required": [ - "DataId", - "Negated", - "Type" + "FallbackBehavior" ], "type": "object" }, - "AWS::WAFRegional::SizeConstraintSet": { + "AWS::WAFv2::RuleGroup.JsonBody": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "InvalidFallbackBehavior": { + "markdownDescription": "What AWS WAF should do if it fails to completely parse the JSON body. The options are the following:\n\n- `EVALUATE_AS_STRING` - Inspect the body as plain text. AWS WAF applies the text transformations and inspection criteria that you defined for the JSON inspection to the body text string.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.\n\nIf you don't provide this setting, AWS WAF parses and evaluates the content only up to the first parsing failure that it encounters.\n\n> AWS WAF parsing doesn't fully validate the input JSON string, so parsing can succeed even for invalid JSON. When parsing succeeds, AWS WAF doesn't apply the fallback behavior. For more information, see [JSON body](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-fields-list.html#waf-rule-statement-request-component-json-body) in the *AWS WAF Developer Guide* .", + "title": "InvalidFallbackBehavior", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name, if any, of the `SizeConstraintSet` .", - "title": "Name", - "type": "string" - }, - "SizeConstraints": { - "items": { - "$ref": "#/definitions/AWS::WAFRegional::SizeConstraintSet.SizeConstraint" - }, - "markdownDescription": "The size constraint and the part of the web request to check.", - "title": "SizeConstraints", - "type": "array" - } - }, - "required": [ - "Name" - ], - "type": "object" + "MatchPattern": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.JsonMatchPattern", + "markdownDescription": "The patterns to look for in the JSON body. AWS WAF inspects the results of these pattern matches against the rule inspection criteria.", + "title": "MatchPattern" }, - "Type": { - "enum": [ - "AWS::WAFRegional::SizeConstraintSet" - ], + "MatchScope": { + "markdownDescription": "The parts of the JSON to match against using the `MatchPattern` . If you specify `ALL` , AWS WAF matches against keys and values.\n\n`All` does not require a match to be found in the keys and a match to be found in the values. It requires a match to be found in the keys or the values or both. To require a match in the keys and in the values, use a logical `AND` statement to combine two match rules, one that inspects the keys and another that inspects the values.", + "title": "MatchScope", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "OversizeHandling": { + "markdownDescription": "What AWS WAF should do if the body is larger than AWS WAF can inspect.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n- For AWS Amplify , use the CloudFront limit.\n\nThe options for oversize handling are the following:\n\n- `CONTINUE` - Inspect the available body contents normally, according to the rule inspection criteria.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.\n\nYou can combine the `MATCH` or `NO_MATCH` settings for oversize handling with your rule and web ACL action settings, so that you block any request whose body is over the limit.\n\nDefault: `CONTINUE`", + "title": "OversizeHandling", "type": "string" } }, "required": [ - "Type", - "Properties" + "MatchPattern", + "MatchScope" ], "type": "object" }, - "AWS::WAFRegional::SizeConstraintSet.FieldToMatch": { + "AWS::WAFv2::RuleGroup.JsonMatchPattern": { "additionalProperties": false, "properties": { - "Data": { - "markdownDescription": "When the value of `Type` is `HEADER` , enter the name of the header that you want AWS WAF to search, for example, `User-Agent` or `Referer` . The name of the header is not case sensitive.\n\nWhen the value of `Type` is `SINGLE_QUERY_ARG` , enter the name of the parameter that you want AWS WAF to search, for example, `UserName` or `SalesRegion` . The parameter name is not case sensitive.\n\nIf the value of `Type` is any other value, omit `Data` .", - "title": "Data", - "type": "string" + "All": { + "markdownDescription": "Match all of the elements. See also `MatchScope` in the `JsonBody` `FieldToMatch` specification.\n\nYou must specify either this setting or the `IncludedPaths` setting, but not both.", + "title": "All", + "type": "object" }, - "Type": { - "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicates the type of operation that the request is asking the origin to perform.\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", - "title": "Type", + "IncludedPaths": { + "items": { + "type": "string" + }, + "markdownDescription": "Match only the specified include paths. See also `MatchScope` in the `JsonBody` `FieldToMatch` specification.\n\nProvide the include paths using JSON Pointer syntax. For example, `\"IncludedPaths\": [\"/dogs/0/name\", \"/dogs/1/name\"]` . For information about this syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nYou must specify either this setting or the `All` setting, but not both.\n\n> Don't use this option to include all paths. Instead, use the `All` setting.", + "title": "IncludedPaths", + "type": "array" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.Label": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The label string.", + "title": "Name", "type": "string" } }, "required": [ - "Type" + "Name" ], "type": "object" }, - "AWS::WAFRegional::SizeConstraintSet.SizeConstraint": { + "AWS::WAFv2::RuleGroup.LabelMatchStatement": { "additionalProperties": false, "properties": { - "ComparisonOperator": { - "markdownDescription": "The type of comparison you want AWS WAF to perform. AWS WAF uses this in combination with the provided `Size` and `FieldToMatch` to build an expression in the form of \" `Size` `ComparisonOperator` size in bytes of `FieldToMatch` \". If that expression is true, the `SizeConstraint` is considered to match.\n\n*EQ* : Used to test if the `Size` is equal to the size of the `FieldToMatch`\n\n*NE* : Used to test if the `Size` is not equal to the size of the `FieldToMatch`\n\n*LE* : Used to test if the `Size` is less than or equal to the size of the `FieldToMatch`\n\n*LT* : Used to test if the `Size` is strictly less than the size of the `FieldToMatch`\n\n*GE* : Used to test if the `Size` is greater than or equal to the size of the `FieldToMatch`\n\n*GT* : Used to test if the `Size` is strictly greater than the size of the `FieldToMatch`", - "title": "ComparisonOperator", + "Key": { + "markdownDescription": "The string to match against. The setting you provide for this depends on the match statement's `Scope` setting:\n\n- If the `Scope` indicates `LABEL` , then this specification must include the name and can include any number of preceding namespace specifications and prefix up to providing the fully qualified label name.\n- If the `Scope` indicates `NAMESPACE` , then this specification can include any number of contiguous namespace strings, and can include the entire label namespace prefix from the rule group or web ACL where the label originates.\n\nLabels are case sensitive and components of a label must be separated by colon, for example `NS1:NS2:name` .", + "title": "Key", "type": "string" }, - "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFRegional::SizeConstraintSet.FieldToMatch", - "markdownDescription": "The part of a web request that you want AWS WAF to inspect, such as a specific header or a query string.", - "title": "FieldToMatch" - }, - "Size": { - "markdownDescription": "The size in bytes that you want AWS WAF to compare against the size of the specified `FieldToMatch` . AWS WAF uses this in combination with `ComparisonOperator` and `FieldToMatch` to build an expression in the form of \" `Size` `ComparisonOperator` size in bytes of `FieldToMatch` \". If that expression is true, the `SizeConstraint` is considered to match.\n\nValid values for size are 0 - 21474836480 bytes (0 - 20 GB).\n\nIf you specify `URI` for the value of `Type` , the / in the URI path that you specify counts as one character. For example, the URI `/logo.jpg` is nine characters long.", - "title": "Size", - "type": "number" - }, - "TextTransformation": { - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting a request for a match.\n\nYou can only specify a single type of TextTransformation.\n\nNote that if you choose `BODY` for the value of `Type` , you must choose `NONE` for `TextTransformation` because the API Gateway API or Application Load Balancer forward only the first 8192 bytes for inspection.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.", - "title": "TextTransformation", + "Scope": { + "markdownDescription": "Specify whether you want to match using the label name or just the namespace.", + "title": "Scope", "type": "string" } }, "required": [ - "ComparisonOperator", - "FieldToMatch", - "Size", - "TextTransformation" + "Key", + "Scope" ], "type": "object" }, - "AWS::WAFRegional::SqlInjectionMatchSet": { + "AWS::WAFv2::RuleGroup.LabelSummary": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name, if any, of the `SqlInjectionMatchSet` .", - "title": "Name", - "type": "string" - }, - "SqlInjectionMatchTuples": { - "items": { - "$ref": "#/definitions/AWS::WAFRegional::SqlInjectionMatchSet.SqlInjectionMatchTuple" - }, - "markdownDescription": "Specifies the parts of web requests that you want to inspect for snippets of malicious SQL code.", - "title": "SqlInjectionMatchTuples", - "type": "array" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::WAFRegional::SqlInjectionMatchSet" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "An individual label specification.", + "title": "Name", "type": "string" } }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.NotStatement": { + "additionalProperties": false, + "properties": { + "Statement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Statement", + "markdownDescription": "The statement to negate. You can use any statement that can be nested.", + "title": "Statement" + } + }, "required": [ - "Type", - "Properties" + "Statement" ], "type": "object" }, - "AWS::WAFRegional::SqlInjectionMatchSet.FieldToMatch": { + "AWS::WAFv2::RuleGroup.OrStatement": { "additionalProperties": false, "properties": { - "Data": { - "markdownDescription": "When the value of `Type` is `HEADER` , enter the name of the header that you want AWS WAF to search, for example, `User-Agent` or `Referer` . The name of the header is not case sensitive.\n\nWhen the value of `Type` is `SINGLE_QUERY_ARG` , enter the name of the parameter that you want AWS WAF to search, for example, `UserName` or `SalesRegion` . The parameter name is not case sensitive.\n\nIf the value of `Type` is any other value, omit `Data` .", - "title": "Data", - "type": "string" - }, - "Type": { - "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicates the type of operation that the request is asking the origin to perform.\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", - "title": "Type", - "type": "string" + "Statements": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Statement" + }, + "markdownDescription": "The statements to combine with OR logic. You can use any statements that can be nested.", + "title": "Statements", + "type": "array" } }, "required": [ - "Type" + "Statements" ], "type": "object" }, - "AWS::WAFRegional::SqlInjectionMatchSet.SqlInjectionMatchTuple": { + "AWS::WAFv2::RuleGroup.RateBasedStatement": { "additionalProperties": false, "properties": { - "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFRegional::SqlInjectionMatchSet.FieldToMatch", - "markdownDescription": "The part of a web request that you want AWS WAF to inspect, such as a specific header or a query string.", - "title": "FieldToMatch" - }, - "TextTransformation": { - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting it for a match.\n\nYou can only specify a single type of TextTransformation.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.", - "title": "TextTransformation", + "AggregateKeyType": { + "markdownDescription": "Setting that indicates how to aggregate the request counts.\n\n> Web requests that are missing any of the components specified in the aggregation keys are omitted from the rate-based rule evaluation and handling. \n\n- `CONSTANT` - Count and limit the requests that match the rate-based rule's scope-down statement. With this option, the counted requests aren't further aggregated. The scope-down statement is the only specification used. When the count of all requests that satisfy the scope-down statement goes over the limit, AWS WAF applies the rule action to all requests that satisfy the scope-down statement.\n\nWith this option, you must configure the `ScopeDownStatement` property.\n- `CUSTOM_KEYS` - Aggregate the request counts using one or more web request components as the aggregate keys.\n\nWith this option, you must specify the aggregate keys in the `CustomKeys` property.\n\nTo aggregate on only the IP address or only the forwarded IP address, don't use custom keys. Instead, set the aggregate key type to `IP` or `FORWARDED_IP` .\n- `FORWARDED_IP` - Aggregate the request counts on the first IP address in an HTTP header.\n\nWith this option, you must specify the header to use in the `ForwardedIPConfig` property.\n\nTo aggregate on a combination of the forwarded IP address with other aggregate keys, use `CUSTOM_KEYS` .\n- `IP` - Aggregate the request counts on the IP address from the web request origin.\n\nTo aggregate on a combination of the IP address with other aggregate keys, use `CUSTOM_KEYS` .", + "title": "AggregateKeyType", "type": "string" + }, + "CustomKeys": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateBasedStatementCustomKey" + }, + "markdownDescription": "Specifies the aggregate keys to use in a rate-base rule.", + "title": "CustomKeys", + "type": "array" + }, + "EvaluationWindowSec": { + "markdownDescription": "The amount of time, in seconds, that AWS WAF should include in its request counts, looking back from the current time. For example, for a setting of 120, when AWS WAF checks the rate, it counts the requests for the 2 minutes immediately preceding the current time. Valid settings are 60, 120, 300, and 600.\n\nThis setting doesn't determine how often AWS WAF checks the rate, but how far back it looks each time it checks. AWS WAF checks the rate about every 10 seconds.\n\nDefault: `300` (5 minutes)", + "title": "EvaluationWindowSec", + "type": "number" + }, + "ForwardedIPConfig": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ForwardedIPConfiguration", + "markdownDescription": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. \n\nThis is required if you specify a forwarded IP in the rule's aggregate key settings.", + "title": "ForwardedIPConfig" + }, + "Limit": { + "markdownDescription": "The limit on requests during the specified evaluation window for a single aggregation instance for the rate-based rule. If the rate-based statement includes a `ScopeDownStatement` , this limit is applied only to the requests that match the statement.\n\nExamples:\n\n- If you aggregate on just the IP address, this is the limit on requests from any single IP address.\n- If you aggregate on the HTTP method and the query argument name \"city\", then this is the limit on requests for any single method, city pair.", + "title": "Limit", + "type": "number" + }, + "ScopeDownStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Statement", + "markdownDescription": "An optional nested statement that narrows the scope of the web requests that are evaluated and managed by the rate-based statement. When you use a scope-down statement, the rate-based rule only tracks and rate limits requests that match the scope-down statement. You can use any nestable `Statement` in the scope-down statement, and you can nest statements at any level, the same as you can for a rule statement.", + "title": "ScopeDownStatement" } }, "required": [ - "FieldToMatch", - "TextTransformation" + "AggregateKeyType", + "Limit" ], "type": "object" }, - "AWS::WAFRegional::WebACL": { + "AWS::WAFv2::RuleGroup.RateBasedStatementCustomKey": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "ASN": { + "markdownDescription": "Use an Autonomous System Number (ASN) derived from the request's originating or forwarded IP address as an aggregate key. Each distinct ASN contributes to the aggregation instance.", + "title": "ASN", + "type": "object" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Cookie": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitCookie", + "markdownDescription": "Use the value of a cookie in the request as an aggregate key. Each distinct value in the cookie contributes to the aggregation instance. If you use a single cookie as your custom key, then each value fully defines an aggregation instance.", + "title": "Cookie" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ForwardedIP": { + "markdownDescription": "Use the first IP address in an HTTP header as an aggregate key. Each distinct forwarded IP address contributes to the aggregation instance.\n\nWhen you specify an IP or forwarded IP in the custom key settings, you must also specify at least one other key to use. You can aggregate on only the forwarded IP address by specifying `FORWARDED_IP` in your rate-based statement's `AggregateKeyType` .\n\nWith this option, you must specify the header to use in the rate-based rule's `ForwardedIPConfig` property.", + "title": "ForwardedIP", + "type": "object" }, - "Metadata": { + "HTTPMethod": { + "markdownDescription": "Use the request's HTTP method as an aggregate key. Each distinct HTTP method contributes to the aggregation instance. If you use just the HTTP method as your custom key, then each method fully defines an aggregation instance.", + "title": "HTTPMethod", "type": "object" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DefaultAction": { - "$ref": "#/definitions/AWS::WAFRegional::WebACL.Action", - "markdownDescription": "The action to perform if none of the `Rules` contained in the `WebACL` match. The action is specified by the `WafAction` object.", - "title": "DefaultAction" - }, - "MetricName": { - "markdownDescription": "A name for the metrics for this `WebACL` . The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128 and minimum length one. It can't contain whitespace or metric names reserved for AWS WAF, including \"All\" and \"Default_Action.\" You can't change `MetricName` after you create the `WebACL` .", - "title": "MetricName", - "type": "string" - }, - "Name": { - "markdownDescription": "A friendly name or description of the `WebACL` . You can't change the name of a `WebACL` after you create it.", - "title": "Name", - "type": "string" - }, - "Rules": { - "items": { - "$ref": "#/definitions/AWS::WAFRegional::WebACL.Rule" - }, - "markdownDescription": "An array that contains the action for each `Rule` in a `WebACL` , the priority of the `Rule` , and the ID of the `Rule` .", - "title": "Rules", - "type": "array" - } - }, - "required": [ - "DefaultAction", - "MetricName", - "Name" - ], + "Header": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitHeader", + "markdownDescription": "Use the value of a header in the request as an aggregate key. Each distinct value in the header contributes to the aggregation instance. If you use a single header as your custom key, then each value fully defines an aggregation instance.", + "title": "Header" + }, + "IP": { + "markdownDescription": "Use the request's originating IP address as an aggregate key. Each distinct IP address contributes to the aggregation instance.\n\nWhen you specify an IP or forwarded IP in the custom key settings, you must also specify at least one other key to use. You can aggregate on only the IP address by specifying `IP` in your rate-based statement's `AggregateKeyType` .", + "title": "IP", "type": "object" }, - "Type": { - "enum": [ - "AWS::WAFRegional::WebACL" - ], - "type": "string" + "JA3Fingerprint": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitJA3Fingerprint", + "markdownDescription": "Use the request's JA3 fingerprint as an aggregate key. If you use a single JA3 fingerprint as your custom key, then each value fully defines an aggregation instance.", + "title": "JA3Fingerprint" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "JA4Fingerprint": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitJA4Fingerprint", + "markdownDescription": "Use the request's JA4 fingerprint as an aggregate key. If you use a single JA4 fingerprint as your custom key, then each value fully defines an aggregation instance.", + "title": "JA4Fingerprint" + }, + "LabelNamespace": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitLabelNamespace", + "markdownDescription": "Use the specified label namespace as an aggregate key. Each distinct fully qualified label name that has the specified label namespace contributes to the aggregation instance. If you use just one label namespace as your custom key, then each label name fully defines an aggregation instance.\n\nThis uses only labels that have been added to the request by rules that are evaluated before this rate-based rule in the web ACL.\n\nFor information about label namespaces and names, see [Label syntax and naming requirements](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-label-requirements.html) in the *AWS WAF Developer Guide* .", + "title": "LabelNamespace" + }, + "QueryArgument": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitQueryArgument", + "markdownDescription": "Use the specified query argument as an aggregate key. Each distinct value for the named query argument contributes to the aggregation instance. If you use a single query argument as your custom key, then each value fully defines an aggregation instance.", + "title": "QueryArgument" + }, + "QueryString": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitQueryString", + "markdownDescription": "Use the request's query string as an aggregate key. Each distinct string contributes to the aggregation instance. If you use just the query string as your custom key, then each string fully defines an aggregation instance.", + "title": "QueryString" + }, + "UriPath": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitUriPath", + "markdownDescription": "Use the request's URI path as an aggregate key. Each distinct URI path contributes to the aggregation instance. If you use just the URI path as your custom key, then each URI path fully defines an aggregation instance.", + "title": "UriPath" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.RateLimitCookie": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the cookie to use.", + "title": "Name", "type": "string" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + }, + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", + "title": "TextTransformations", + "type": "array" } }, "required": [ - "Type", - "Properties" + "Name", + "TextTransformations" ], "type": "object" }, - "AWS::WAFRegional::WebACL.Action": { + "AWS::WAFv2::RuleGroup.RateLimitHeader": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "For actions that are associated with a rule, the action that AWS WAF takes when a web request matches all conditions in a rule.\n\nFor the default action of a web access control list (ACL), the action that AWS WAF takes when a web request doesn't match all conditions in any rule.\n\nValid settings include the following:\n\n- `ALLOW` : AWS WAF allows requests\n- `BLOCK` : AWS WAF blocks requests\n- `COUNT` : AWS WAF increments a counter of the requests that match all of the conditions in the rule. AWS WAF then continues to inspect the web request based on the remaining rules in the web ACL. You can't specify `COUNT` for the default action for a WebACL.", - "title": "Type", + "Name": { + "markdownDescription": "The name of the header to use.", + "title": "Name", "type": "string" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + }, + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", + "title": "TextTransformations", + "type": "array" } }, "required": [ - "Type" + "Name", + "TextTransformations" ], "type": "object" }, - "AWS::WAFRegional::WebACL.Rule": { + "AWS::WAFv2::RuleGroup.RateLimitJA3Fingerprint": { "additionalProperties": false, "properties": { - "Action": { - "$ref": "#/definitions/AWS::WAFRegional::WebACL.Action", - "markdownDescription": "The action that AWS WAF takes when a web request matches all conditions in the rule, such as allow, block, or count the request.", - "title": "Action" - }, - "Priority": { - "markdownDescription": "The order in which AWS WAF evaluates the rules in a web ACL. AWS WAF evaluates rules with a lower value before rules with a higher value. The value must be a unique integer. If you have multiple rules in a web ACL, the priority numbers do not need to be consecutive.", - "title": "Priority", - "type": "number" - }, - "RuleId": { - "markdownDescription": "The ID of an AWS WAF Regional rule to associate with a web ACL.", - "title": "RuleId", + "FallbackBehavior": { + "markdownDescription": "The match status to assign to the web request if there is insufficient TSL Client Hello information to compute the JA3 fingerprint.\n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", + "title": "FallbackBehavior", "type": "string" } }, "required": [ - "Action", - "Priority", - "RuleId" + "FallbackBehavior" ], "type": "object" }, - "AWS::WAFRegional::WebACLAssociation": { + "AWS::WAFv2::RuleGroup.RateLimitJA4Fingerprint": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource to protect with the web ACL.", - "title": "ResourceArn", - "type": "string" - }, - "WebACLId": { - "markdownDescription": "A unique identifier (ID) for the web ACL.", - "title": "WebACLId", - "type": "string" - } - }, - "required": [ - "ResourceArn", - "WebACLId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::WAFRegional::WebACLAssociation" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FallbackBehavior": { + "markdownDescription": "The match status to assign to the web request if there is insufficient TSL Client Hello information to compute the JA4 fingerprint.\n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", + "title": "FallbackBehavior", "type": "string" } }, "required": [ - "Type", - "Properties" + "FallbackBehavior" ], "type": "object" }, - "AWS::WAFRegional::XssMatchSet": { + "AWS::WAFv2::RuleGroup.RateLimitLabelNamespace": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Namespace": { + "markdownDescription": "The namespace to use for aggregation.", + "title": "Namespace", "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name, if any, of the `XssMatchSet` .", - "title": "Name", - "type": "string" - }, - "XssMatchTuples": { - "items": { - "$ref": "#/definitions/AWS::WAFRegional::XssMatchSet.XssMatchTuple" - }, - "markdownDescription": "Specifies the parts of web requests that you want to inspect for cross-site scripting attacks.", - "title": "XssMatchTuples", - "type": "array" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::WAFRegional::XssMatchSet" - ], + } + }, + "required": [ + "Namespace" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.RateLimitQueryArgument": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the query argument to use.", + "title": "Name", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + }, + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", + "title": "TextTransformations", + "type": "array" } }, "required": [ - "Type", - "Properties" + "Name", + "TextTransformations" ], "type": "object" }, - "AWS::WAFRegional::XssMatchSet.FieldToMatch": { + "AWS::WAFv2::RuleGroup.RateLimitQueryString": { "additionalProperties": false, "properties": { - "Data": { - "markdownDescription": "When the value of `Type` is `HEADER` , enter the name of the header that you want AWS WAF to search, for example, `User-Agent` or `Referer` . The name of the header is not case sensitive.\n\nWhen the value of `Type` is `SINGLE_QUERY_ARG` , enter the name of the parameter that you want AWS WAF to search, for example, `UserName` or `SalesRegion` . The parameter name is not case sensitive.\n\nIf the value of `Type` is any other value, omit `Data` .", - "title": "Data", - "type": "string" - }, - "Type": { - "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicates the type of operation that the request is asking the origin to perform.\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", - "title": "Type", - "type": "string" + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + }, + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", + "title": "TextTransformations", + "type": "array" } }, "required": [ - "Type" + "TextTransformations" ], "type": "object" }, - "AWS::WAFRegional::XssMatchSet.XssMatchTuple": { + "AWS::WAFv2::RuleGroup.RateLimitUriPath": { + "additionalProperties": false, + "properties": { + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + }, + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", + "title": "TextTransformations", + "type": "array" + } + }, + "required": [ + "TextTransformations" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.RegexMatchStatement": { "additionalProperties": false, "properties": { "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFRegional::XssMatchSet.FieldToMatch", - "markdownDescription": "The part of a web request that you want AWS WAF to inspect, such as a specified header or a query string.", + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.FieldToMatch", + "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", "title": "FieldToMatch" }, - "TextTransformation": { - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting it for a match.\n\nYou can only specify a single type of TextTransformation.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.", - "title": "TextTransformation", + "RegexString": { + "markdownDescription": "The string representing the regular expression.", + "title": "RegexString", "type": "string" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + }, + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", + "title": "TextTransformations", + "type": "array" } }, "required": [ "FieldToMatch", - "TextTransformation" + "RegexString", + "TextTransformations" ], "type": "object" }, - "AWS::WAFv2::IPSet": { + "AWS::WAFv2::RuleGroup.RegexPatternSetReferenceStatement": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the `RegexPatternSet` that this statement references.", + "title": "Arn", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "FieldToMatch": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.FieldToMatch", + "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", + "title": "FieldToMatch" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Addresses": { - "items": { - "type": "string" - }, - "markdownDescription": "Contains an array of strings that specifies zero or more IP addresses or blocks of IP addresses that you want AWS WAF to inspect for in incoming requests. All addresses must be specified using Classless Inter-Domain Routing (CIDR) notation. AWS WAF supports all IPv4 and IPv6 CIDR ranges except for `/0` .\n\nExample address strings:\n\n- For requests that originated from the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- For requests that originated from IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n- For requests that originated from the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- For requests that originated from IP addresses 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .\n\nExample JSON `Addresses` specifications:\n\n- Empty array: `\"Addresses\": []`\n- Array with one address: `\"Addresses\": [\"192.0.2.44/32\"]`\n- Array with three addresses: `\"Addresses\": [\"192.0.2.44/32\", \"192.0.2.0/24\", \"192.0.0.0/16\"]`\n- INVALID specification: `\"Addresses\": [\"\"]` INVALID", - "title": "Addresses", - "type": "array" - }, - "Description": { - "markdownDescription": "A description of the IP set that helps with identification.", - "title": "Description", - "type": "string" - }, - "IPAddressVersion": { - "markdownDescription": "The version of the IP addresses, either `IPV4` or `IPV6` .", - "title": "IPAddressVersion", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the IP set. You cannot change the name of an `IPSet` after you create it.", - "title": "Name", - "type": "string" - }, - "Scope": { - "markdownDescription": "Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AWS AppSync GraphQL API, an Amazon Cognito user pool, an AWS App Runner service, or an AWS Verified Access instance. Valid Values are `CLOUDFRONT` and `REGIONAL` .\n\n> For `CLOUDFRONT` , you must create your WAFv2 resources in the US East (N. Virginia) Region, `us-east-1` .", - "title": "Scope", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.\n\n> To modify tags on existing resources, use the AWS WAF APIs or command line interface. With AWS CloudFormation , you can only add tags to AWS WAF resources during resource creation.", - "title": "Tags", - "type": "array" - } + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" }, - "required": [ - "Addresses", - "IPAddressVersion", - "Scope" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::WAFv2::IPSet" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", + "title": "TextTransformations", + "type": "array" } }, "required": [ - "Type", - "Properties" + "Arn", + "FieldToMatch", + "TextTransformations" ], "type": "object" }, - "AWS::WAFv2::LoggingConfiguration": { + "AWS::WAFv2::RuleGroup.Rule": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Action": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RuleAction", + "markdownDescription": "The action that AWS WAF should take on a web request when it matches the rule statement. Settings at the web ACL level can override the rule action setting.", + "title": "Action" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "CaptchaConfig": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CaptchaConfig", + "markdownDescription": "Specifies how AWS WAF should handle `CAPTCHA` evaluations. If you don't specify this, AWS WAF uses the `CAPTCHA` configuration that's defined for the web ACL.", + "title": "CaptchaConfig" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ChallengeConfig": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ChallengeConfig", + "markdownDescription": "Specifies how AWS WAF should handle `Challenge` evaluations. If you don't specify this, AWS WAF uses the challenge configuration that's defined for the web ACL.", + "title": "ChallengeConfig" }, - "Metadata": { - "type": "object" + "Name": { + "markdownDescription": "The name of the rule.\n\nIf you change the name of a `Rule` after you create it and you want the rule's metric name to reflect the change, update the metric name in the rule's `VisibilityConfig` settings. AWS WAF doesn't automatically update the metric name when you update the rule name.", + "title": "Name", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "LogDestinationConfigs": { - "items": { - "type": "string" - }, - "markdownDescription": "The logging destination configuration that you want to associate with the web ACL.\n\n> You can associate one logging destination to a web ACL.", - "title": "LogDestinationConfigs", - "type": "array" - }, - "LoggingFilter": { - "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.LoggingFilter", - "markdownDescription": "Filtering that specifies which web requests are kept in the logs and which are dropped. You can filter on the rule action and on the web request labels that were applied by matching rules during web ACL evaluation.", - "title": "LoggingFilter" - }, - "RedactedFields": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.FieldToMatch" - }, - "markdownDescription": "The parts of the request that you want to keep out of the logs.\n\nFor example, if you redact the `SingleHeader` field, the `HEADER` field in the logs will be `REDACTED` for all rules that use the `SingleHeader` `FieldToMatch` setting.\n\nIf you configure data protection for the web ACL, the protection applies to the data that AWS WAF sends to the logs.\n\nRedaction applies only to the component that's specified in the rule's `FieldToMatch` setting, so the `SingleHeader` redaction doesn't apply to rules that use the `Headers` `FieldToMatch` .\n\n> You can specify only the following fields for redaction: `UriPath` , `QueryString` , `SingleHeader` , and `Method` . > This setting has no impact on request sampling. You can only exclude fields from request sampling by disabling sampling in the web ACL visibility configuration or by configuring data protection for the web ACL.", - "title": "RedactedFields", - "type": "array" - }, - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the web ACL that you want to associate with `LogDestinationConfigs` .", - "title": "ResourceArn", - "type": "string" - } + "Priority": { + "markdownDescription": "If you define more than one `Rule` in a `WebACL` , AWS WAF evaluates each request against the `Rules` in order based on the value of `Priority` . AWS WAF processes rules with lower priority first. The priorities don't need to be consecutive, but they must all be different.", + "title": "Priority", + "type": "number" + }, + "RuleLabels": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Label" }, - "required": [ - "LogDestinationConfigs", - "ResourceArn" - ], - "type": "object" + "markdownDescription": "Labels to apply to web requests that match the rule match statement. AWS WAF applies fully qualified labels to matching web requests. A fully qualified label is the concatenation of a label namespace and a rule label. The rule's rule group or web ACL defines the label namespace.\n\n> Any rule that isn't a rule group reference statement or managed rule group statement can add labels to matching web requests. \n\nRules that run after this rule in the web ACL can match against these labels using a `LabelMatchStatement` .\n\nFor each label, provide a case-sensitive string containing optional namespaces and a label name, according to the following guidelines:\n\n- Separate each component of the label with a colon.\n- Each namespace or name can have up to 128 characters.\n- You can specify up to 5 namespaces in a label.\n- Don't use the following reserved words in your label specification: `aws` , `waf` , `managed` , `rulegroup` , `webacl` , `regexpatternset` , or `ipset` .\n\nFor example, `myLabelName` or `nameSpace1:nameSpace2:myLabelName` .", + "title": "RuleLabels", + "type": "array" }, - "Type": { - "enum": [ - "AWS::WAFv2::LoggingConfiguration" - ], - "type": "string" + "Statement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Statement", + "markdownDescription": "The AWS WAF processing statement for the rule, for example `ByteMatchStatement` or `SizeConstraintStatement` .", + "title": "Statement" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "VisibilityConfig": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.VisibilityConfig", + "markdownDescription": "Defines and enables Amazon CloudWatch metrics and web request sample collection.\n\nIf you change the name of a `Rule` after you create it and you want the rule's metric name to reflect the change, update the metric name as well. AWS WAF doesn't automatically update the metric name.", + "title": "VisibilityConfig" } }, "required": [ - "Type", - "Properties" + "Name", + "Priority", + "Statement", + "VisibilityConfig" ], "type": "object" }, - "AWS::WAFv2::LoggingConfiguration.ActionCondition": { + "AWS::WAFv2::RuleGroup.RuleAction": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The action setting that a log record must contain in order to meet the condition. This is the action that AWS WAF applied to the web request.\n\nFor rule groups, this is either the configured rule action setting, or if you've applied a rule action override to the rule, it's the override action. The value `EXCLUDED_AS_COUNT` matches on excluded rules and also on rules that have a rule action override of Count.", - "title": "Action", + "Allow": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.AllowAction", + "markdownDescription": "Instructs AWS WAF to allow the web request.", + "title": "Allow" + }, + "Block": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.BlockAction", + "markdownDescription": "Instructs AWS WAF to block the web request.", + "title": "Block" + }, + "Captcha": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CaptchaAction", + "markdownDescription": "Specifies that AWS WAF should run a `CAPTCHA` check against the request:\n\n- If the request includes a valid, unexpired `CAPTCHA` token, AWS WAF allows the web request inspection to proceed to the next rule, similar to a `CountAction` .\n- If the request doesn't include a valid, unexpired `CAPTCHA` token, AWS WAF discontinues the web ACL evaluation of the request and blocks it from going to its intended destination.\n\nAWS WAF generates a response that it sends back to the client, which includes the following:\n\n- The header `x-amzn-waf-action` with a value of `captcha` .\n- The HTTP status code `405 Method Not Allowed` .\n- If the request contains an `Accept` header with a value of `text/html` , the response includes a `CAPTCHA` challenge.\n\nYou can configure the expiration time in the `CaptchaConfig` `ImmunityTimeProperty` setting at the rule and web ACL level. The rule setting overrides the web ACL setting.\n\nThis action option is available for rules. It isn't available for web ACL default actions.", + "title": "Captcha" + }, + "Challenge": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ChallengeAction", + "markdownDescription": "Instructs AWS WAF to run a `Challenge` check against the web request.", + "title": "Challenge" + }, + "Count": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CountAction", + "markdownDescription": "Instructs AWS WAF to count the web request and then continue evaluating the request using the remaining rules in the web ACL.", + "title": "Count" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.SingleHeader": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the query header to inspect.", + "title": "Name", "type": "string" } }, "required": [ - "Action" + "Name" ], "type": "object" }, - "AWS::WAFv2::LoggingConfiguration.Condition": { + "AWS::WAFv2::RuleGroup.SingleQueryArgument": { "additionalProperties": false, "properties": { - "ActionCondition": { - "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.ActionCondition", - "markdownDescription": "A single action condition. This is the action setting that a log record must contain in order to meet the condition.", - "title": "ActionCondition" - }, - "LabelNameCondition": { - "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.LabelNameCondition", - "markdownDescription": "A single label name condition. This is the fully qualified label name that a log record must contain in order to meet the condition. Fully qualified labels have a prefix, optional namespaces, and label name. The prefix identifies the rule group or web ACL context of the rule that added the label.", - "title": "LabelNameCondition" + "Name": { + "markdownDescription": "The name of the query argument to inspect.", + "title": "Name", + "type": "string" } }, + "required": [ + "Name" + ], "type": "object" }, - "AWS::WAFv2::LoggingConfiguration.FieldToMatch": { + "AWS::WAFv2::RuleGroup.SizeConstraintStatement": { "additionalProperties": false, "properties": { - "Method": { - "markdownDescription": "Redact the indicated HTTP method. The method indicates the type of operation that the request is asking the origin to perform.", - "title": "Method", - "type": "object" + "ComparisonOperator": { + "markdownDescription": "The operator to use to compare the request part to the size setting.", + "title": "ComparisonOperator", + "type": "string" }, - "QueryString": { - "markdownDescription": "Redact the query string. This is the part of a URL that appears after a `?` character, if any.", - "title": "QueryString", - "type": "object" + "FieldToMatch": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.FieldToMatch", + "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", + "title": "FieldToMatch" }, - "SingleHeader": { - "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.SingleHeader", - "markdownDescription": "Redact a single header. Provide the name of the header to inspect, for example, `User-Agent` or `Referer` . This setting isn't case sensitive.\n\nExample JSON: `\"SingleHeader\": { \"Name\": \"haystack\" }`", - "title": "SingleHeader" + "Size": { + "markdownDescription": "The size, in byte, to compare to the request part, after any transformations.", + "title": "Size", + "type": "number" }, - "UriPath": { - "markdownDescription": "Redact the request URI path. This is the part of the web request that identifies a resource, for example, `/images/daily-ad.jpg` .", - "title": "UriPath", - "type": "object" + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + }, + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", + "title": "TextTransformations", + "type": "array" } }, + "required": [ + "ComparisonOperator", + "FieldToMatch", + "Size", + "TextTransformations" + ], "type": "object" }, - "AWS::WAFv2::LoggingConfiguration.Filter": { + "AWS::WAFv2::RuleGroup.SqliMatchStatement": { "additionalProperties": false, "properties": { - "Behavior": { - "markdownDescription": "How to handle logs that satisfy the filter's conditions and requirement.", - "title": "Behavior", + "FieldToMatch": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.FieldToMatch", + "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", + "title": "FieldToMatch" + }, + "SensitivityLevel": { + "markdownDescription": "The sensitivity that you want AWS WAF to use to inspect for SQL injection attacks.\n\n`HIGH` detects more attacks, but might generate more false positives, especially if your web requests frequently contain unusual strings. For information about identifying and mitigating false positives, see [Testing and tuning](https://docs.aws.amazon.com/waf/latest/developerguide/web-acl-testing.html) in the *AWS WAF Developer Guide* .\n\n`LOW` is generally a better choice for resources that already have other protections against SQL injection attacks or that have a low tolerance for false positives.\n\nDefault: `LOW`", + "title": "SensitivityLevel", "type": "string" }, - "Conditions": { + "TextTransformations": { "items": { - "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.Condition" + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" }, - "markdownDescription": "Match conditions for the filter.", - "title": "Conditions", + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", + "title": "TextTransformations", "type": "array" - }, - "Requirement": { - "markdownDescription": "Logic to apply to the filtering conditions. You can specify that, in order to satisfy the filter, a log must match all conditions or must match at least one condition.", - "title": "Requirement", - "type": "string" } }, "required": [ - "Behavior", - "Conditions", - "Requirement" + "FieldToMatch", + "TextTransformations" ], "type": "object" }, - "AWS::WAFv2::LoggingConfiguration.LabelNameCondition": { + "AWS::WAFv2::RuleGroup.Statement": { "additionalProperties": false, "properties": { - "LabelName": { - "markdownDescription": "The label name that a log record must contain in order to meet the condition. This must be a fully qualified label name. Fully qualified labels have a prefix, optional namespaces, and label name. The prefix identifies the rule group or web ACL context of the rule that added the label.", - "title": "LabelName", - "type": "string" + "AndStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.AndStatement", + "markdownDescription": "A logical rule statement used to combine other rule statements with AND logic. You provide more than one `Statement` within the `AndStatement` .", + "title": "AndStatement" + }, + "AsnMatchStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.AsnMatchStatement", + "markdownDescription": "A rule statement that inspects web traffic based on the Autonomous System Number (ASN) associated with the request's IP address.\n\nFor additional details, see [ASN match rule statement](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-type-asn-match.html) in the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html) .", + "title": "AsnMatchStatement" + }, + "ByteMatchStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ByteMatchStatement", + "markdownDescription": "A rule statement that defines a string match search for AWS WAF to apply to web requests. The byte match statement provides the bytes to search for, the location in requests that you want AWS WAF to search, and other settings. The bytes to search for are typically a string that corresponds with ASCII characters. In the AWS WAF console and the developer guide, this is called a string match statement.", + "title": "ByteMatchStatement" + }, + "GeoMatchStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.GeoMatchStatement", + "markdownDescription": "A rule statement that labels web requests by country and region and that matches against web requests based on country code. A geo match rule labels every request that it inspects regardless of whether it finds a match.\n\n- To manage requests only by country, you can use this statement by itself and specify the countries that you want to match against in the `CountryCodes` array.\n- Otherwise, configure your geo match rule with Count action so that it only labels requests. Then, add one or more label match rules to run after the geo match rule and configure them to match against the geographic labels and handle the requests as needed.\n\nAWS WAF labels requests using the alpha-2 country and region codes from the International Organization for Standardization (ISO) 3166 standard. AWS WAF determines the codes using either the IP address in the web request origin or, if you specify it, the address in the geo match `ForwardedIPConfig` .\n\nIf you use the web request origin, the label formats are `awswaf:clientip:geo:region:-` and `awswaf:clientip:geo:country:` .\n\nIf you use a forwarded IP address, the label formats are `awswaf:forwardedip:geo:region:-` and `awswaf:forwardedip:geo:country:` .\n\nFor additional details, see [Geographic match rule statement](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-type-geo-match.html) in the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html) .", + "title": "GeoMatchStatement" + }, + "IPSetReferenceStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.IPSetReferenceStatement", + "markdownDescription": "A rule statement used to detect web requests coming from particular IP addresses or address ranges. To use this, create an `IPSet` that specifies the addresses you want to detect, then use the ARN of that set in this statement.\n\nEach IP set rule statement references an IP set. You create and maintain the set independent of your rules. This allows you to use the single set in multiple rules. When you update the referenced set, AWS WAF automatically updates all rules that reference it.", + "title": "IPSetReferenceStatement" + }, + "LabelMatchStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.LabelMatchStatement", + "markdownDescription": "A rule statement to match against labels that have been added to the web request by rules that have already run in the web ACL.\n\nThe label match statement provides the label or namespace string to search for. The label string can represent a part or all of the fully qualified label name that had been added to the web request. Fully qualified labels have a prefix, optional namespaces, and label name. The prefix identifies the rule group or web ACL context of the rule that added the label. If you do not provide the fully qualified name in your label match string, AWS WAF performs the search for labels that were added in the same context as the label match statement.", + "title": "LabelMatchStatement" + }, + "NotStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.NotStatement", + "markdownDescription": "A logical rule statement used to negate the results of another rule statement. You provide one `Statement` within the `NotStatement` .", + "title": "NotStatement" + }, + "OrStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.OrStatement", + "markdownDescription": "A logical rule statement used to combine other rule statements with OR logic. You provide more than one `Statement` within the `OrStatement` .", + "title": "OrStatement" + }, + "RateBasedStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateBasedStatement", + "markdownDescription": "A rate-based rule counts incoming requests and rate limits requests when they are coming at too fast a rate. The rule categorizes requests according to your aggregation criteria, collects them into aggregation instances, and counts and rate limits the requests for each instance.\n\n> If you change any of these settings in a rule that's currently in use, the change resets the rule's rate limiting counts. This can pause the rule's rate limiting activities for up to a minute. \n\nYou can specify individual aggregation keys, like IP address or HTTP method. You can also specify aggregation key combinations, like IP address and HTTP method, or HTTP method, query argument, and cookie.\n\nEach unique set of values for the aggregation keys that you specify is a separate aggregation instance, with the value from each key contributing to the aggregation instance definition.\n\nFor example, assume the rule evaluates web requests with the following IP address and HTTP method values:\n\n- IP address 10.1.1.1, HTTP method POST\n- IP address 10.1.1.1, HTTP method GET\n- IP address 127.0.0.0, HTTP method POST\n- IP address 10.1.1.1, HTTP method GET\n\nThe rule would create different aggregation instances according to your aggregation criteria, for example:\n\n- If the aggregation criteria is just the IP address, then each individual address is an aggregation instance, and AWS WAF counts requests separately for each. The aggregation instances and request counts for our example would be the following:\n\n- IP address 10.1.1.1: count 3\n- IP address 127.0.0.0: count 1\n- If the aggregation criteria is HTTP method, then each individual HTTP method is an aggregation instance. The aggregation instances and request counts for our example would be the following:\n\n- HTTP method POST: count 2\n- HTTP method GET: count 2\n- If the aggregation criteria is IP address and HTTP method, then each IP address and each HTTP method would contribute to the combined aggregation instance. The aggregation instances and request counts for our example would be the following:\n\n- IP address 10.1.1.1, HTTP method POST: count 1\n- IP address 10.1.1.1, HTTP method GET: count 2\n- IP address 127.0.0.0, HTTP method POST: count 1\n\nFor any n-tuple of aggregation keys, each unique combination of values for the keys defines a separate aggregation instance, which AWS WAF counts and rate-limits individually.\n\nYou can optionally nest another statement inside the rate-based statement, to narrow the scope of the rule so that it only counts and rate limits requests that match the nested statement. You can use this nested scope-down statement in conjunction with your aggregation key specifications or you can just count and rate limit all requests that match the scope-down statement, without additional aggregation. When you choose to just manage all requests that match a scope-down statement, the aggregation instance is singular for the rule.\n\nYou cannot nest a `RateBasedStatement` inside another statement, for example inside a `NotStatement` or `OrStatement` . You can define a `RateBasedStatement` inside a web ACL and inside a rule group.\n\nFor additional information about the options, see [Rate limiting web requests using rate-based rules](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rate-based-rules.html) in the *AWS WAF Developer Guide* .\n\nIf you only aggregate on the individual IP address or forwarded IP address, you can retrieve the list of IP addresses that AWS WAF is currently rate limiting for a rule through the API call `GetRateBasedStatementManagedKeys` . This option is not available for other aggregation configurations.\n\nAWS WAF tracks and manages web requests separately for each instance of a rate-based rule that you use. For example, if you provide the same rate-based rule settings in two web ACLs, each of the two rule statements represents a separate instance of the rate-based rule and gets its own tracking and management by AWS WAF . If you define a rate-based rule inside a rule group, and then use that rule group in multiple places, each use creates a separate instance of the rate-based rule that gets its own tracking and management by AWS WAF .", + "title": "RateBasedStatement" + }, + "RegexMatchStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RegexMatchStatement", + "markdownDescription": "A rule statement used to search web request components for a match against a single regular expression.", + "title": "RegexMatchStatement" + }, + "RegexPatternSetReferenceStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RegexPatternSetReferenceStatement", + "markdownDescription": "A rule statement used to search web request components for matches with regular expressions. To use this, create a `RegexPatternSet` that specifies the expressions that you want to detect, then use the ARN of that set in this statement. A web request matches the pattern set rule statement if the request component matches any of the patterns in the set.\n\nEach regex pattern set rule statement references a regex pattern set. You create and maintain the set independent of your rules. This allows you to use the single set in multiple rules. When you update the referenced set, AWS WAF automatically updates all rules that reference it.", + "title": "RegexPatternSetReferenceStatement" + }, + "SizeConstraintStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.SizeConstraintStatement", + "markdownDescription": "A rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (>) or less than (<). For example, you can use a size constraint statement to look for query strings that are longer than 100 bytes.\n\nIf you configure AWS WAF to inspect the request body, AWS WAF inspects only the number of bytes in the body up to the limit for the web ACL and protected resource type. If you know that the request body for your web requests should never exceed the inspection limit, you can use a size constraint statement to block requests that have a larger request body size. For more information about the inspection limits, see `Body` and `JsonBody` settings for the `FieldToMatch` data type.\n\nIf you choose URI for the value of Part of the request to filter on, the slash (/) in the URI counts as one character. For example, the URI `/logo.jpg` is nine characters long.", + "title": "SizeConstraintStatement" + }, + "SqliMatchStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.SqliMatchStatement", + "markdownDescription": "A rule statement that inspects for malicious SQL code. Attackers insert malicious SQL code into web requests to do things like modify your database or extract data from it.", + "title": "SqliMatchStatement" + }, + "XssMatchStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.XssMatchStatement", + "markdownDescription": "A rule statement that inspects for cross-site scripting (XSS) attacks. In XSS attacks, the attacker uses vulnerabilities in a benign website as a vehicle to inject malicious client-site scripts into other legitimate web browsers.", + "title": "XssMatchStatement" } }, - "required": [ - "LabelName" - ], "type": "object" }, - "AWS::WAFv2::LoggingConfiguration.LoggingFilter": { + "AWS::WAFv2::RuleGroup.TextTransformation": { "additionalProperties": false, "properties": { - "DefaultBehavior": { - "markdownDescription": "Default handling for logs that don't match any of the specified filtering conditions.", - "title": "DefaultBehavior", - "type": "string" + "Priority": { + "markdownDescription": "Sets the relative processing order for multiple transformations. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content. The priorities don't need to be consecutive, but they must all be different.", + "title": "Priority", + "type": "number" }, - "Filters": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.Filter" - }, - "markdownDescription": "The filters that you want to apply to the logs.", - "title": "Filters", - "type": "array" + "Type": { + "markdownDescription": "For detailed descriptions of each of the transformation types, see [Text transformations](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-transformation.html) in the *AWS WAF Developer Guide* .", + "title": "Type", + "type": "string" } }, "required": [ - "DefaultBehavior", - "Filters" + "Priority", + "Type" ], "type": "object" }, - "AWS::WAFv2::LoggingConfiguration.SingleHeader": { + "AWS::WAFv2::RuleGroup.UriFragment": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the query header to inspect.", - "title": "Name", + "FallbackBehavior": { + "markdownDescription": "What AWS WAF should do if it fails to completely parse the JSON body. The options are the following:\n\n- `EVALUATE_AS_STRING` - Inspect the body as plain text. AWS WAF applies the text transformations and inspection criteria that you defined for the JSON inspection to the body text string.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.\n\nIf you don't provide this setting, AWS WAF parses and evaluates the content only up to the first parsing failure that it encounters.\n\nExample JSON: `{ \"UriFragment\": { \"FallbackBehavior\": \"MATCH\"} }`\n\n> AWS WAF parsing doesn't fully validate the input JSON string, so parsing can succeed even for invalid JSON. When parsing succeeds, AWS WAF doesn't apply the fallback behavior. For more information, see [JSON body](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-fields-list.html#waf-rule-statement-request-component-json-body) in the *AWS WAF Developer Guide* .", + "title": "FallbackBehavior", "type": "string" } }, - "required": [ - "Name" - ], "type": "object" }, - "AWS::WAFv2::RegexPatternSet": { + "AWS::WAFv2::RuleGroup.VisibilityConfig": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "CloudWatchMetricsEnabled": { + "markdownDescription": "Indicates whether the associated resource sends metrics to Amazon CloudWatch. For the list of available metrics, see [AWS WAF Metrics](https://docs.aws.amazon.com/waf/latest/developerguide/monitoring-cloudwatch.html#waf-metrics) in the *AWS WAF Developer Guide* .\n\nFor web ACLs, the metrics are for web requests that have the web ACL default action applied. AWS WAF applies the default action to web requests that pass the inspection of all rules in the web ACL without being either allowed or blocked. For more information,\nsee [The web ACL default action](https://docs.aws.amazon.com/waf/latest/developerguide/web-acl-default-action.html) in the *AWS WAF Developer Guide* .", + "title": "CloudWatchMetricsEnabled", + "type": "boolean" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "MetricName": { + "markdownDescription": "A name of the Amazon CloudWatch metric dimension. The name can contain only the characters: A-Z, a-z, 0-9, - (hyphen), and _ (underscore). The name can be from one to 128 characters long. It can't contain whitespace or metric names that are reserved for AWS WAF , for example `All` and `Default_Action` .", + "title": "MetricName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "SampledRequestsEnabled": { + "markdownDescription": "Indicates whether AWS WAF should store a sampling of the web requests that match the rules. You can view the sampled requests through the AWS WAF console.\n\nIf you configure data protection for the web ACL, the protection applies to the web ACL's sampled web request data.\n\n> Request sampling doesn't provide a field redaction option, and any field redaction that you specify in your logging configuration doesn't affect sampling. You can only exclude fields from request sampling by disabling sampling in the web ACL visibility configuration or by configuring data protection for the web ACL.", + "title": "SampledRequestsEnabled", + "type": "boolean" + } + }, + "required": [ + "CloudWatchMetricsEnabled", + "MetricName", + "SampledRequestsEnabled" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.XssMatchStatement": { + "additionalProperties": false, + "properties": { + "FieldToMatch": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.FieldToMatch", + "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", + "title": "FieldToMatch" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description of the set that helps with identification.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the set. You cannot change the name after you create the set.", - "title": "Name", - "type": "string" - }, - "RegularExpressionList": { - "items": { - "type": "string" - }, - "markdownDescription": "The regular expression patterns in the set.", - "title": "RegularExpressionList", - "type": "array" - }, - "Scope": { - "markdownDescription": "Specifies whether this is for an Amazon CloudFront distribution or for a regional application. For an AWS Amplify application, use `CLOUDFRONT` . A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AWS AppSync GraphQL API, an Amazon Cognito user pool, an AWS App Runner service, or an AWS Verified Access instance. Valid Values are `CLOUDFRONT` and `REGIONAL` .\n\n> For `CLOUDFRONT` , you must create your WAFv2 resources in the US East (N. Virginia) Region, `us-east-1` .", - "title": "Scope", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.\n\n> To modify tags on existing resources, use the AWS WAF APIs or command line interface. With AWS CloudFormation , you can only add tags to AWS WAF resources during resource creation.", - "title": "Tags", - "type": "array" - } + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" }, - "required": [ - "RegularExpressionList", - "Scope" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::WAFv2::RegexPatternSet" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", + "title": "TextTransformations", + "type": "array" } }, "required": [ - "Type", - "Properties" + "FieldToMatch", + "TextTransformations" ], "type": "object" }, - "AWS::WAFv2::RuleGroup": { + "AWS::WAFv2::WebACL": { "additionalProperties": false, "properties": { "Condition": { @@ -268138,58 +319657,67 @@ "Properties": { "additionalProperties": false, "properties": { - "AvailableLabels": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.LabelSummary" - }, - "markdownDescription": "The labels that one or more rules in this rule group add to matching web requests. These labels are defined in the `RuleLabels` for a `Rule` .", - "title": "AvailableLabels", - "type": "array" + "AssociationConfig": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.AssociationConfig", + "markdownDescription": "Specifies custom configurations for the associations between the web ACL and protected resources.\n\nUse this to customize the maximum size of the request body that your protected resources forward to AWS WAF for inspection. You can customize this setting for CloudFront, API Gateway, Amazon Cognito, App Runner, or Verified Access resources. The default setting is 16 KB (16,384 bytes).\n\n> You are charged additional fees when your protected resources forward body sizes that are larger than the default. For more information, see [AWS WAF Pricing](https://docs.aws.amazon.com/waf/pricing/) . \n\nFor Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).", + "title": "AssociationConfig" }, - "Capacity": { - "markdownDescription": "The web ACL capacity units (WCUs) required for this rule group.\n\nWhen you create your own rule group, you define this, and you cannot change it after creation. When you add or modify the rules in a rule group, AWS WAF enforces this limit.\n\nAWS WAF uses WCUs to calculate and control the operating resources that are used to run your rules, rule groups, and web ACLs. AWS WAF calculates capacity differently for each rule type, to reflect the relative cost of each rule. Simple rules that cost little to run use fewer WCUs than more complex rules that use more processing power. Rule group capacity is fixed at creation, which helps users plan their web ACL WCU usage when they use a rule group. The WCU limit for web ACLs is 1,500.", - "title": "Capacity", - "type": "number" + "CaptchaConfig": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.CaptchaConfig", + "markdownDescription": "Specifies how AWS WAF should handle `CAPTCHA` evaluations for rules that don't have their own `CaptchaConfig` settings. If you don't specify this, AWS WAF uses its default settings for `CaptchaConfig` .", + "title": "CaptchaConfig" }, - "ConsumedLabels": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.LabelSummary" - }, - "markdownDescription": "The labels that one or more rules in this rule group match against in label match statements. These labels are defined in a `LabelMatchStatement` specification, in the `Statement` definition of a rule.", - "title": "ConsumedLabels", - "type": "array" + "ChallengeConfig": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ChallengeConfig", + "markdownDescription": "Specifies how AWS WAF should handle challenge evaluations for rules that don't have their own `ChallengeConfig` settings. If you don't specify this, AWS WAF uses its default settings for `ChallengeConfig` .", + "title": "ChallengeConfig" }, "CustomResponseBodies": { "additionalProperties": false, - "markdownDescription": "A map of custom response keys and content bodies. When you create a rule with a block action, you can send a custom response to the web request. You define these for the rule group, and then use them in the rules that you define in the rule group.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", + "markdownDescription": "A map of custom response keys and content bodies. When you create a rule with a block action, you can send a custom response to the web request. You define these for the web ACL, and then use them in the rules and default actions that you define in the web ACL.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", "patternProperties": { "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomResponseBody" + "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomResponseBody" } }, "title": "CustomResponseBodies", "type": "object" }, + "DataProtectionConfig": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.DataProtectionConfig", + "markdownDescription": "Specifies data protection to apply to the web request data for the web ACL. This is a web ACL level data protection option.\n\nThe data protection that you configure for the web ACL alters the data that's available for any other data collection activity, including your AWS WAF logging destinations, web ACL request sampling, and Amazon Security Lake data collection and management. Your other option for data protection is in the logging configuration, which only affects logging.", + "title": "DataProtectionConfig" + }, + "DefaultAction": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.DefaultAction", + "markdownDescription": "The action to perform if none of the `Rules` contained in the `WebACL` match.", + "title": "DefaultAction" + }, "Description": { - "markdownDescription": "A description of the rule group that helps with identification.", + "markdownDescription": "A description of the web ACL that helps with identification.", "title": "Description", "type": "string" }, "Name": { - "markdownDescription": "The name of the rule group. You cannot change the name of a rule group after you create it.", + "markdownDescription": "The name of the web ACL. You cannot change the name of a web ACL after you create it.", "title": "Name", "type": "string" }, + "OnSourceDDoSProtectionConfig": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.OnSourceDDoSProtectionConfig", + "markdownDescription": "Configures the level of DDoS protection that applies to web ACLs associated with Application Load Balancers.", + "title": "OnSourceDDoSProtectionConfig" + }, "Rules": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Rule" + "$ref": "#/definitions/AWS::WAFv2::WebACL.Rule" }, - "markdownDescription": "The rule statements used to identify the web requests that you want to allow, block, or count. Each rule includes one top-level statement that AWS WAF uses to identify matching web requests, and parameters that govern how AWS WAF handles them.", + "markdownDescription": "The rule statements used to identify the web requests that you want to manage. Each rule includes one top-level statement that AWS WAF uses to identify matching web requests, and parameters that govern how AWS WAF handles them.", "title": "Rules", "type": "array" }, "Scope": { - "markdownDescription": "Specifies whether this is for an Amazon CloudFront distribution or for a regional application. For an AWS Amplify application, use `CLOUDFRONT` . A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AWS AppSync GraphQL API, an Amazon Cognito user pool, an AWS App Runner service, or an AWS Verified Access instance. Valid Values are `CLOUDFRONT` and `REGIONAL` .\n\n> For `CLOUDFRONT` , you must create your WAFv2 resources in the US East (N. Virginia) Region, `us-east-1` .", + "markdownDescription": "Specifies whether this is for an Amazon CloudFront distribution or for a regional application. For an AWS Amplify application, use `CLOUDFRONT` . A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AWS AppSync GraphQL API, an Amazon Cognito user pool, an AWS App Runner service, or an AWS Verified Access instance. Valid Values are `CLOUDFRONT` and `REGIONAL` .\n\n> For `CLOUDFRONT` , you must create your WAFv2 resources in the US East (N. Virginia) Region, `us-east-1` . \n\nFor information about how to define the association of the web ACL with your resource, see `WebACLAssociation` .", "title": "Scope", "type": "string" }, @@ -268201,14 +319729,22 @@ "title": "Tags", "type": "array" }, + "TokenDomains": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the domains that AWS WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When AWS WAF provides a token, it uses the domain of the AWS resource that the web ACL is protecting. If you don't specify a list of token domains, AWS WAF accepts tokens only for the domain of the protected resource. With a token domain list, AWS WAF accepts the resource's host domain plus all domains in the token domain list, including their prefixed subdomains.", + "title": "TokenDomains", + "type": "array" + }, "VisibilityConfig": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.VisibilityConfig", + "$ref": "#/definitions/AWS::WAFv2::WebACL.VisibilityConfig", "markdownDescription": "Defines and enables Amazon CloudWatch metrics and web request sample collection.", "title": "VisibilityConfig" } }, "required": [ - "Capacity", + "DefaultAction", "Scope", "VisibilityConfig" ], @@ -268216,7 +319752,7 @@ }, "Type": { "enum": [ - "AWS::WAFv2::RuleGroup" + "AWS::WAFv2::WebACL" ], "type": "string" }, @@ -268235,23 +319771,126 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.AllowAction": { + "AWS::WAFv2::WebACL.AWSManagedRulesACFPRuleSet": { + "additionalProperties": false, + "properties": { + "CreationPath": { + "markdownDescription": "The path of the account creation endpoint for your application. This is the page on your website that accepts the completed registration form for a new user. This page must accept `POST` requests.\n\nFor example, for the URL `https://example.com/web/newaccount` , you would provide the path `/web/newaccount` . Account creation page paths that start with the path that you provide are considered a match. For example `/web/newaccount` matches the account creation paths `/web/newaccount` , `/web/newaccount/` , `/web/newaccountPage` , and `/web/newaccount/thisPage` , but doesn't match the path `/home/web/newaccount` or `/website/newaccount` .", + "title": "CreationPath", + "type": "string" + }, + "EnableRegexInPath": { + "markdownDescription": "Allow the use of regular expressions in the registration page path and the account creation path.", + "title": "EnableRegexInPath", + "type": "boolean" + }, + "RegistrationPagePath": { + "markdownDescription": "The path of the account registration endpoint for your application. This is the page on your website that presents the registration form to new users.\n\n> This page must accept `GET` text/html requests. \n\nFor example, for the URL `https://example.com/web/registration` , you would provide the path `/web/registration` . Registration page paths that start with the path that you provide are considered a match. For example `/web/registration` matches the registration paths `/web/registration` , `/web/registration/` , `/web/registrationPage` , and `/web/registration/thisPage` , but doesn't match the path `/home/web/registration` or `/website/registration` .", + "title": "RegistrationPagePath", + "type": "string" + }, + "RequestInspection": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.RequestInspectionACFP", + "markdownDescription": "The criteria for inspecting account creation requests, used by the ACFP rule group to validate and track account creation attempts.", + "title": "RequestInspection" + }, + "ResponseInspection": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspection", + "markdownDescription": "The criteria for inspecting responses to account creation requests, used by the ACFP rule group to track account creation success rates.\n\n> Response inspection is available only in web ACLs that protect Amazon CloudFront distributions. \n\nThe ACFP rule group evaluates the responses that your protected resources send back to client account creation attempts, keeping count of successful and failed attempts from each IP address and client session. Using this information, the rule group labels and mitigates requests from client sessions and IP addresses that have had too many successful account creation attempts in a short amount of time.", + "title": "ResponseInspection" + } + }, + "required": [ + "CreationPath", + "RegistrationPagePath", + "RequestInspection" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.AWSManagedRulesATPRuleSet": { + "additionalProperties": false, + "properties": { + "EnableRegexInPath": { + "markdownDescription": "Allow the use of regular expressions in the login page path.", + "title": "EnableRegexInPath", + "type": "boolean" + }, + "LoginPath": { + "markdownDescription": "The path of the login endpoint for your application. For example, for the URL `https://example.com/web/login` , you would provide the path `/web/login` . Login paths that start with the path that you provide are considered a match. For example `/web/login` matches the login paths `/web/login` , `/web/login/` , `/web/loginPage` , and `/web/login/thisPage` , but doesn't match the login path `/home/web/login` or `/website/login` .\n\nThe rule group inspects only HTTP `POST` requests to your specified login endpoint.", + "title": "LoginPath", + "type": "string" + }, + "RequestInspection": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.RequestInspection", + "markdownDescription": "The criteria for inspecting login requests, used by the ATP rule group to validate credentials usage.", + "title": "RequestInspection" + }, + "ResponseInspection": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspection", + "markdownDescription": "The criteria for inspecting responses to login requests, used by the ATP rule group to track login failure rates.\n\n> Response inspection is available only in web ACLs that protect Amazon CloudFront distributions. \n\nThe ATP rule group evaluates the responses that your protected resources send back to client login attempts, keeping count of successful and failed attempts for each IP address and client session. Using this information, the rule group labels and mitigates requests from client sessions and IP addresses that have had too many failed login attempts in a short amount of time.", + "title": "ResponseInspection" + } + }, + "required": [ + "LoginPath" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.AWSManagedRulesAntiDDoSRuleSet": { + "additionalProperties": false, + "properties": { + "ClientSideActionConfig": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ClientSideActionConfig", + "markdownDescription": "Configures the request handling that's applied by the managed rule group rules `ChallengeAllDuringEvent` and `ChallengeDDoSRequests` during a distributed denial of service (DDoS) attack.", + "title": "ClientSideActionConfig" + }, + "SensitivityToBlock": { + "markdownDescription": "The sensitivity that the rule group rule `DDoSRequests` uses when matching against the DDoS suspicion labeling on a request. The managed rule group adds the labeling during DDoS events, before the `DDoSRequests` rule runs.\n\nThe higher the sensitivity, the more levels of labeling that the rule matches:\n\n- Low sensitivity is less sensitive, causing the rule to match only on the most likely participants in an attack, which are the requests with the high suspicion label `awswaf:managed:aws:anti-ddos:high-suspicion-ddos-request` .\n- Medium sensitivity causes the rule to match on the medium and high suspicion labels.\n- High sensitivity causes the rule to match on all of the suspicion labels: low, medium, and high.\n\nDefault: `LOW`", + "title": "SensitivityToBlock", + "type": "string" + } + }, + "required": [ + "ClientSideActionConfig" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.AWSManagedRulesBotControlRuleSet": { + "additionalProperties": false, + "properties": { + "EnableMachineLearning": { + "markdownDescription": "Applies only to the targeted inspection level.\n\nDetermines whether to use machine learning (ML) to analyze your web traffic for bot-related activity. Machine learning is required for the Bot Control rules `TGT_ML_CoordinatedActivityLow` and `TGT_ML_CoordinatedActivityMedium` , which\ninspect for anomalous behavior that might indicate distributed, coordinated bot activity.\n\nFor more information about this choice, see the listing for these rules in the table at [Bot Control rules listing](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html#aws-managed-rule-groups-bot-rules) in the *AWS WAF Developer Guide* .\n\nDefault: `TRUE`", + "title": "EnableMachineLearning", + "type": "boolean" + }, + "InspectionLevel": { + "markdownDescription": "The inspection level to use for the Bot Control rule group. The common level is the least expensive. The targeted level includes all common level rules and adds rules with more advanced inspection criteria. For details, see [AWS WAF Bot Control rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html) in the *AWS WAF Developer Guide* .", + "title": "InspectionLevel", + "type": "string" + } + }, + "required": [ + "InspectionLevel" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.AllowAction": { "additionalProperties": false, "properties": { "CustomRequestHandling": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomRequestHandling", + "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomRequestHandling", "markdownDescription": "Defines custom handling for the web request.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", "title": "CustomRequestHandling" } }, "type": "object" }, - "AWS::WAFv2::RuleGroup.AndStatement": { + "AWS::WAFv2::WebACL.AndStatement": { "additionalProperties": false, "properties": { "Statements": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Statement" + "$ref": "#/definitions/AWS::WAFv2::WebACL.Statement" }, "markdownDescription": "The statements to combine with AND logic. You can use any statements that can be nested.", "title": "Statements", @@ -268263,18 +319902,54 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.BlockAction": { + "AWS::WAFv2::WebACL.AsnMatchStatement": { + "additionalProperties": false, + "properties": { + "AsnList": { + "items": { + "type": "number" + }, + "markdownDescription": "Contains one or more Autonomous System Numbers (ASNs). ASNs are unique identifiers assigned to large internet networks managed by organizations such as internet service providers, enterprises, universities, or government agencies.", + "title": "AsnList", + "type": "array" + }, + "ForwardedIPConfig": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ForwardedIPConfiguration", + "markdownDescription": "The configuration for inspecting IP addresses to match against an ASN in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.", + "title": "ForwardedIPConfig" + } + }, + "type": "object" + }, + "AWS::WAFv2::WebACL.AssociationConfig": { + "additionalProperties": false, + "properties": { + "RequestBody": { + "additionalProperties": false, + "markdownDescription": "Customizes the maximum size of the request body that your protected CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access resources forward to AWS WAF for inspection. The default size is 16 KB (16,384 bytes). You can change the setting for any of the available resource types.\n\n> You are charged additional fees when your protected resources forward body sizes that are larger than the default. For more information, see [AWS WAF Pricing](https://docs.aws.amazon.com/waf/pricing/) . \n\nExample JSON: `{ \"API_GATEWAY\": \"KB_48\", \"APP_RUNNER_SERVICE\": \"KB_32\" }`\n\nFor Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.RequestBodyAssociatedResourceTypeConfig" + } + }, + "title": "RequestBody", + "type": "object" + } + }, + "type": "object" + }, + "AWS::WAFv2::WebACL.BlockAction": { "additionalProperties": false, "properties": { "CustomResponse": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomResponse", + "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomResponse", "markdownDescription": "Defines a custom response for the web request.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", "title": "CustomResponse" } }, "type": "object" }, - "AWS::WAFv2::RuleGroup.Body": { + "AWS::WAFv2::WebACL.Body": { "additionalProperties": false, "properties": { "OversizeHandling": { @@ -268285,11 +319960,11 @@ }, "type": "object" }, - "AWS::WAFv2::RuleGroup.ByteMatchStatement": { + "AWS::WAFv2::WebACL.ByteMatchStatement": { "additionalProperties": false, "properties": { "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.FieldToMatch", + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToMatch", "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", "title": "FieldToMatch" }, @@ -268310,7 +319985,7 @@ }, "TextTransformations": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", "title": "TextTransformations", @@ -268324,51 +319999,92 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.CaptchaAction": { + "AWS::WAFv2::WebACL.CaptchaAction": { "additionalProperties": false, "properties": { "CustomRequestHandling": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomRequestHandling", + "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomRequestHandling", "markdownDescription": "Defines custom handling for the web request, used when the `CAPTCHA` inspection determines that the request's token is valid and unexpired.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", "title": "CustomRequestHandling" } }, "type": "object" }, - "AWS::WAFv2::RuleGroup.CaptchaConfig": { + "AWS::WAFv2::WebACL.CaptchaConfig": { "additionalProperties": false, "properties": { "ImmunityTimeProperty": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ImmunityTimeProperty", + "$ref": "#/definitions/AWS::WAFv2::WebACL.ImmunityTimeProperty", "markdownDescription": "Determines how long a `CAPTCHA` timestamp in the token remains valid after the client successfully solves a `CAPTCHA` puzzle.", "title": "ImmunityTimeProperty" } }, "type": "object" }, - "AWS::WAFv2::RuleGroup.ChallengeAction": { + "AWS::WAFv2::WebACL.ChallengeAction": { "additionalProperties": false, "properties": { "CustomRequestHandling": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomRequestHandling", - "markdownDescription": "Defines custom handling for the web request, used when the challenge inspection determines that the request's token is valid and unexpired.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", + "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomRequestHandling", + "markdownDescription": "Defines custom handling for the web request, used when the challenge inspection determines that the request's token is valid and unexpired.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the [AWS WAF developer guide](https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html) .", "title": "CustomRequestHandling" } }, "type": "object" }, - "AWS::WAFv2::RuleGroup.ChallengeConfig": { + "AWS::WAFv2::WebACL.ChallengeConfig": { "additionalProperties": false, "properties": { "ImmunityTimeProperty": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ImmunityTimeProperty", + "$ref": "#/definitions/AWS::WAFv2::WebACL.ImmunityTimeProperty", "markdownDescription": "Determines how long a challenge timestamp in the token remains valid after the client successfully responds to a challenge.", "title": "ImmunityTimeProperty" } }, "type": "object" }, - "AWS::WAFv2::RuleGroup.CookieMatchPattern": { + "AWS::WAFv2::WebACL.ClientSideAction": { + "additionalProperties": false, + "properties": { + "ExemptUriRegularExpressions": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.Regex" + }, + "markdownDescription": "The regular expression to match against the web request URI, used to identify requests that can't handle a silent browser challenge. When the `ClientSideAction` setting `UsageOfAction` is enabled, the managed rule group uses this setting to determine which requests to label with `awswaf:managed:aws:anti-ddos:challengeable-request` . If `UsageOfAction` is disabled, this setting has no effect and the managed rule group doesn't add the label to any requests.\n\nThe anti-DDoS managed rule group doesn't evaluate the rules `ChallengeDDoSRequests` or `ChallengeAllDuringEvent` for web requests whose URIs match this regex. This is true regardless of whether you override the rule action for either of the rules in your web ACL configuration.\n\nAWS recommends using a regular expression.\n\nThis setting is required if `UsageOfAction` is set to `ENABLED` . If required, you can provide between 1 and 5 regex objects in the array of settings.\n\nAWS recommends starting with the following setting. Review and update it for your application's needs:\n\n`\\/api\\/|\\.(acc|avi|css|gif|jpe?g|js|mp[34]|ogg|otf|pdf|png|tiff?|ttf|webm|webp|woff2?)$`", + "title": "ExemptUriRegularExpressions", + "type": "array" + }, + "Sensitivity": { + "markdownDescription": "The sensitivity that the rule group rule `ChallengeDDoSRequests` uses when matching against the DDoS suspicion labeling on a request. The managed rule group adds the labeling during DDoS events, before the `ChallengeDDoSRequests` rule runs.\n\nThe higher the sensitivity, the more levels of labeling that the rule matches:\n\n- Low sensitivity is less sensitive, causing the rule to match only on the most likely participants in an attack, which are the requests with the high suspicion label `awswaf:managed:aws:anti-ddos:high-suspicion-ddos-request` .\n- Medium sensitivity causes the rule to match on the medium and high suspicion labels.\n- High sensitivity causes the rule to match on all of the suspicion labels: low, medium, and high.\n\nDefault: `HIGH`", + "title": "Sensitivity", + "type": "string" + }, + "UsageOfAction": { + "markdownDescription": "Determines whether to use the `AWSManagedRulesAntiDDoSRuleSet` rules `ChallengeAllDuringEvent` and `ChallengeDDoSRequests` in the rule group evaluation and the related label `awswaf:managed:aws:anti-ddos:challengeable-request` .\n\n- If usage is enabled:\n\n- The managed rule group adds the label `awswaf:managed:aws:anti-ddos:challengeable-request` to any web request whose URL does *NOT* match the regular expressions provided in the `ClientSideAction` setting `ExemptUriRegularExpressions` .\n- The two rules are evaluated against web requests for protected resources that are experiencing a DDoS attack. The two rules only apply their action to matching requests that have the label `awswaf:managed:aws:anti-ddos:challengeable-request` .\n- If usage is disabled:\n\n- The managed rule group doesn't add the label `awswaf:managed:aws:anti-ddos:challengeable-request` to any web requests.\n- The two rules are not evaluated.\n- None of the other `ClientSideAction` settings have any effect.\n\n> This setting only enables or disables the use of the two anti-DDOS rules `ChallengeAllDuringEvent` and `ChallengeDDoSRequests` in the anti-DDoS managed rule group.\n> \n> This setting doesn't alter the action setting in the two rules. To override the actions used by the rules `ChallengeAllDuringEvent` and `ChallengeDDoSRequests` , enable this setting, and then override the rule actions in the usual way, in your managed rule group configuration.", + "title": "UsageOfAction", + "type": "string" + } + }, + "required": [ + "UsageOfAction" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.ClientSideActionConfig": { + "additionalProperties": false, + "properties": { + "Challenge": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ClientSideAction", + "markdownDescription": "Configuration for the use of the `AWSManagedRulesAntiDDoSRuleSet` rules `ChallengeAllDuringEvent` and `ChallengeDDoSRequests` .\n\n> This setting isn't related to the configuration of the `Challenge` action itself. It only configures the use of the two anti-DDoS rules named here. \n\nYou can enable or disable the use of these rules, and you can configure how to use them when they are enabled.", + "title": "Challenge" + } + }, + "required": [ + "Challenge" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.CookieMatchPattern": { "additionalProperties": false, "properties": { "All": { @@ -268395,11 +320111,11 @@ }, "type": "object" }, - "AWS::WAFv2::RuleGroup.Cookies": { + "AWS::WAFv2::WebACL.Cookies": { "additionalProperties": false, "properties": { "MatchPattern": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CookieMatchPattern", + "$ref": "#/definitions/AWS::WAFv2::WebACL.CookieMatchPattern", "markdownDescription": "The filter to use to identify the subset of cookies to inspect in a web request.\n\nYou must specify exactly one setting: either `All` , `IncludedCookies` , or `ExcludedCookies` .\n\nExample JSON: `\"MatchPattern\": { \"IncludedCookies\": [ \"session-id-time\", \"session-id\" ] }`", "title": "MatchPattern" }, @@ -268421,18 +320137,18 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.CountAction": { + "AWS::WAFv2::WebACL.CountAction": { "additionalProperties": false, "properties": { "CustomRequestHandling": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomRequestHandling", + "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomRequestHandling", "markdownDescription": "Defines custom handling for the web request.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", "title": "CustomRequestHandling" } }, "type": "object" }, - "AWS::WAFv2::RuleGroup.CustomHTTPHeader": { + "AWS::WAFv2::WebACL.CustomHTTPHeader": { "additionalProperties": false, "properties": { "Name": { @@ -268452,12 +320168,12 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.CustomRequestHandling": { + "AWS::WAFv2::WebACL.CustomRequestHandling": { "additionalProperties": false, "properties": { "InsertHeaders": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomHTTPHeader" + "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomHTTPHeader" }, "markdownDescription": "The HTTP headers to insert into the request. Duplicate header names are not allowed.\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", "title": "InsertHeaders", @@ -268469,54 +320185,145 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.CustomResponse": { + "AWS::WAFv2::WebACL.CustomResponse": { + "additionalProperties": false, + "properties": { + "CustomResponseBodyKey": { + "markdownDescription": "References the response body that you want AWS WAF to return to the web request client. You can define a custom response for a rule action or a default web ACL action that is set to block. To do this, you first define the response body key and value in the `CustomResponseBodies` setting for the `WebACL` or `RuleGroup` where you want to use it. Then, in the rule action or web ACL default action `BlockAction` setting, you reference the response body using this key.", + "title": "CustomResponseBodyKey", + "type": "string" + }, + "ResponseCode": { + "markdownDescription": "The HTTP status code to return to the client.\n\nFor a list of status codes that you can use in your custom responses, see [Supported status codes for custom response](https://docs.aws.amazon.com/waf/latest/developerguide/customizing-the-response-status-codes.html) in the *AWS WAF Developer Guide* .", + "title": "ResponseCode", + "type": "number" + }, + "ResponseHeaders": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomHTTPHeader" + }, + "markdownDescription": "The HTTP headers to use in the response. You can specify any header name except for `content-type` . Duplicate header names are not allowed.\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", + "title": "ResponseHeaders", + "type": "array" + } + }, + "required": [ + "ResponseCode" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.CustomResponseBody": { + "additionalProperties": false, + "properties": { + "Content": { + "markdownDescription": "The payload of the custom response.\n\nYou can use JSON escape strings in JSON content. To do this, you must specify JSON content in the `ContentType` setting.\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", + "title": "Content", + "type": "string" + }, + "ContentType": { + "markdownDescription": "The type of content in the payload that you are defining in the `Content` string.", + "title": "ContentType", + "type": "string" + } + }, + "required": [ + "Content", + "ContentType" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.DataProtect": { + "additionalProperties": false, + "properties": { + "Action": { + "markdownDescription": "", + "title": "Action", + "type": "string" + }, + "ExcludeRateBasedDetails": { + "markdownDescription": "", + "title": "ExcludeRateBasedDetails", + "type": "boolean" + }, + "ExcludeRuleMatchDetails": { + "markdownDescription": "", + "title": "ExcludeRuleMatchDetails", + "type": "boolean" + }, + "Field": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToProtect", + "markdownDescription": "", + "title": "Field" + } + }, + "required": [ + "Action", + "Field" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.DataProtectionConfig": { + "additionalProperties": false, + "properties": { + "DataProtections": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.DataProtect" + }, + "markdownDescription": "An array of data protection configurations for specific web request field types. This is defined for each web ACL. AWS WAF applies the specified protection to all web requests that the web ACL inspects.", + "title": "DataProtections", + "type": "array" + } + }, + "required": [ + "DataProtections" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.DefaultAction": { + "additionalProperties": false, + "properties": { + "Allow": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.AllowAction", + "markdownDescription": "Specifies that AWS WAF should allow requests by default.", + "title": "Allow" + }, + "Block": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.BlockAction", + "markdownDescription": "Specifies that AWS WAF should block requests by default.", + "title": "Block" + } + }, + "type": "object" + }, + "AWS::WAFv2::WebACL.ExcludedRule": { "additionalProperties": false, "properties": { - "CustomResponseBodyKey": { - "markdownDescription": "References the response body that you want AWS WAF to return to the web request client. You can define a custom response for a rule action or a default web ACL action that is set to block. To do this, you first define the response body key and value in the `CustomResponseBodies` setting for the `WebACL` or `RuleGroup` where you want to use it. Then, in the rule action or web ACL default action `BlockAction` setting, you reference the response body using this key.", - "title": "CustomResponseBodyKey", + "Name": { + "markdownDescription": "The name of the rule whose action you want to override to `Count` .", + "title": "Name", "type": "string" - }, - "ResponseCode": { - "markdownDescription": "The HTTP status code to return to the client.\n\nFor a list of status codes that you can use in your custom responses, see [Supported status codes for custom response](https://docs.aws.amazon.com/waf/latest/developerguide/customizing-the-response-status-codes.html) in the *AWS WAF Developer Guide* .", - "title": "ResponseCode", - "type": "number" - }, - "ResponseHeaders": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomHTTPHeader" - }, - "markdownDescription": "The HTTP headers to use in the response. You can specify any header name except for `content-type` . Duplicate header names are not allowed.\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", - "title": "ResponseHeaders", - "type": "array" } }, "required": [ - "ResponseCode" + "Name" ], "type": "object" }, - "AWS::WAFv2::RuleGroup.CustomResponseBody": { + "AWS::WAFv2::WebACL.FieldIdentifier": { "additionalProperties": false, "properties": { - "Content": { - "markdownDescription": "The payload of the custom response.\n\nYou can use JSON escape strings in JSON content. To do this, you must specify JSON content in the `ContentType` setting.\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", - "title": "Content", - "type": "string" - }, - "ContentType": { - "markdownDescription": "The type of content in the payload that you are defining in the `Content` string.", - "title": "ContentType", + "Identifier": { + "markdownDescription": "The name of the field.\n\nWhen the `PayloadType` in the request inspection is `JSON` , this identifier must be in JSON pointer syntax. For example `/form/username` . For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nWhen the `PayloadType` is `FORM_ENCODED` , use the HTML form names. For example, `username` .\n\nFor more information, see the descriptions for each field type in the request inspection properties.", + "title": "Identifier", "type": "string" } }, "required": [ - "Content", - "ContentType" + "Identifier" ], "type": "object" }, - "AWS::WAFv2::RuleGroup.FieldToMatch": { + "AWS::WAFv2::WebACL.FieldToMatch": { "additionalProperties": false, "properties": { "AllQueryArguments": { @@ -268525,27 +320332,32 @@ "type": "object" }, "Body": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Body", + "$ref": "#/definitions/AWS::WAFv2::WebACL.Body", "markdownDescription": "Inspect the request body as plain text. The request body immediately follows the request headers. This is the part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n- For AWS Amplify , use the CloudFront limit.\n\nFor information about how to handle oversized request bodies, see the `Body` object configuration.", "title": "Body" }, "Cookies": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Cookies", + "$ref": "#/definitions/AWS::WAFv2::WebACL.Cookies", "markdownDescription": "Inspect the request cookies. You must configure scope and pattern matching filters in the `Cookies` object, to define the set of cookies and the parts of the cookies that AWS WAF inspects.\n\nOnly the first 8 KB (8192 bytes) of a request's cookies and only the first 200 cookies are forwarded to AWS WAF for inspection by the underlying host service. You must configure how to handle any oversize cookie content in the `Cookies` object. AWS WAF applies the pattern matching filters to the cookies that it receives from the underlying host service.", "title": "Cookies" }, "Headers": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Headers", + "$ref": "#/definitions/AWS::WAFv2::WebACL.Headers", "markdownDescription": "Inspect the request headers. You must configure scope and pattern matching filters in the `Headers` object, to define the set of headers to and the parts of the headers that AWS WAF inspects.\n\nOnly the first 8 KB (8192 bytes) of a request's headers and only the first 200 headers are forwarded to AWS WAF for inspection by the underlying host service. You must configure how to handle any oversize header content in the `Headers` object. AWS WAF applies the pattern matching filters to the headers that it receives from the underlying host service.", "title": "Headers" }, "JA3Fingerprint": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.JA3Fingerprint", + "$ref": "#/definitions/AWS::WAFv2::WebACL.JA3Fingerprint", "markdownDescription": "Available for use with Amazon CloudFront distributions and Application Load Balancers. Match against the request's JA3 fingerprint. The JA3 fingerprint is a 32-character hash derived from the TLS Client Hello of an incoming request. This fingerprint serves as a unique identifier for the client's TLS configuration. AWS WAF calculates and logs this fingerprint for each request that has enough TLS Client Hello information for the calculation. Almost all web requests include this information.\n\n> You can use this choice only with a string match `ByteMatchStatement` with the `PositionalConstraint` set to `EXACTLY` . \n\nYou can obtain the JA3 fingerprint for client requests from the web ACL logs. If AWS WAF is able to calculate the fingerprint, it includes it in the logs. For information about the logging fields, see [Log fields](https://docs.aws.amazon.com/waf/latest/developerguide/logging-fields.html) in the *AWS WAF Developer Guide* .\n\nProvide the JA3 fingerprint string from the logs in your string match statement specification, to match with any future requests that have the same TLS configuration.", "title": "JA3Fingerprint" }, + "JA4Fingerprint": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.JA4Fingerprint", + "markdownDescription": "Available for use with Amazon CloudFront distributions and Application Load Balancers. Match against the request's JA4 fingerprint. The JA4 fingerprint is a 36-character hash derived from the TLS Client Hello of an incoming request. This fingerprint serves as a unique identifier for the client's TLS configuration. AWS WAF calculates and logs this fingerprint for each request that has enough TLS Client Hello information for the calculation. Almost all web requests include this information.\n\n> You can use this choice only with a string match `ByteMatchStatement` with the `PositionalConstraint` set to `EXACTLY` . \n\nYou can obtain the JA4 fingerprint for client requests from the web ACL logs. If AWS WAF is able to calculate the fingerprint, it includes it in the logs. For information about the logging fields, see [Log fields](https://docs.aws.amazon.com/waf/latest/developerguide/logging-fields.html) in the *AWS WAF Developer Guide* .\n\nProvide the JA4 fingerprint string from the logs in your string match statement specification, to match with any future requests that have the same TLS configuration.", + "title": "JA4Fingerprint" + }, "JsonBody": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.JsonBody", + "$ref": "#/definitions/AWS::WAFv2::WebACL.JsonBody", "markdownDescription": "Inspect the request body as JSON. The request body immediately follows the request headers. This is the part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n- For AWS Amplify , use the CloudFront limit.\n\nFor information about how to handle oversized request bodies, see the `JsonBody` object configuration.", "title": "JsonBody" }, @@ -268560,15 +320372,20 @@ "type": "object" }, "SingleHeader": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.SingleHeader", + "$ref": "#/definitions/AWS::WAFv2::WebACL.SingleHeader", "markdownDescription": "Inspect a single header. Provide the name of the header to inspect, for example, `User-Agent` or `Referer` . This setting isn't case sensitive.\n\nExample JSON: `\"SingleHeader\": { \"Name\": \"haystack\" }`\n\nAlternately, you can filter and inspect all headers with the `Headers` `FieldToMatch` setting.", "title": "SingleHeader" }, "SingleQueryArgument": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.SingleQueryArgument", + "$ref": "#/definitions/AWS::WAFv2::WebACL.SingleQueryArgument", "markdownDescription": "Inspect a single query argument. Provide the name of the query argument to inspect, such as *UserName* or *SalesRegion* . The name can be up to 30 characters long and isn't case sensitive.\n\nExample JSON: `\"SingleQueryArgument\": { \"Name\": \"myArgument\" }`", "title": "SingleQueryArgument" }, + "UriFragment": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.UriFragment", + "markdownDescription": "Inspect fragments of the request URI. You must configure scope and pattern matching filters in the `UriFragment` object, to define the fragment of a URI that AWS WAF inspects.\n\nOnly the first 8 KB (8192 bytes) of a request's URI fragments and only the first 200 URI fragments are forwarded to AWS WAF for inspection by the underlying host service. You must configure how to handle any oversize URI fragment content in the `UriFragment` object. AWS WAF applies the pattern matching filters to the cookies that it receives from the underlying host service.", + "title": "UriFragment" + }, "UriPath": { "markdownDescription": "Inspect the request URI path. This is the part of the web request that identifies a resource, for example, `/images/daily-ad.jpg` .", "title": "UriPath", @@ -268577,7 +320394,29 @@ }, "type": "object" }, - "AWS::WAFv2::RuleGroup.ForwardedIPConfiguration": { + "AWS::WAFv2::WebACL.FieldToProtect": { + "additionalProperties": false, + "properties": { + "FieldKeys": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the keys to protect for the specified field type. If you don't specify any key, then all keys for the field type are protected.", + "title": "FieldKeys", + "type": "array" + }, + "FieldType": { + "markdownDescription": "Specifies the web request component type to protect.", + "title": "FieldType", + "type": "string" + } + }, + "required": [ + "FieldType" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.ForwardedIPConfiguration": { "additionalProperties": false, "properties": { "FallbackBehavior": { @@ -268597,7 +320436,7 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.GeoMatchStatement": { + "AWS::WAFv2::WebACL.GeoMatchStatement": { "additionalProperties": false, "properties": { "CountryCodes": { @@ -268609,14 +320448,14 @@ "type": "array" }, "ForwardedIPConfig": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ForwardedIPConfiguration", + "$ref": "#/definitions/AWS::WAFv2::WebACL.ForwardedIPConfiguration", "markdownDescription": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all.", "title": "ForwardedIPConfig" } }, "type": "object" }, - "AWS::WAFv2::RuleGroup.HeaderMatchPattern": { + "AWS::WAFv2::WebACL.HeaderMatchPattern": { "additionalProperties": false, "properties": { "All": { @@ -268643,11 +320482,11 @@ }, "type": "object" }, - "AWS::WAFv2::RuleGroup.Headers": { + "AWS::WAFv2::WebACL.Headers": { "additionalProperties": false, "properties": { "MatchPattern": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.HeaderMatchPattern", + "$ref": "#/definitions/AWS::WAFv2::WebACL.HeaderMatchPattern", "markdownDescription": "The filter to use to identify the subset of headers to inspect in a web request.\n\nYou must specify exactly one setting: either `All` , `IncludedHeaders` , or `ExcludedHeaders` .\n\nExample JSON: `\"MatchPattern\": { \"ExcludedHeaders\": [ \"KeyToExclude1\", \"KeyToExclude2\" ] }`", "title": "MatchPattern" }, @@ -268669,7 +320508,7 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.IPSetForwardedIPConfiguration": { + "AWS::WAFv2::WebACL.IPSetForwardedIPConfiguration": { "additionalProperties": false, "properties": { "FallbackBehavior": { @@ -268695,7 +320534,7 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.IPSetReferenceStatement": { + "AWS::WAFv2::WebACL.IPSetReferenceStatement": { "additionalProperties": false, "properties": { "Arn": { @@ -268704,7 +320543,7 @@ "type": "string" }, "IPSetForwardedIPConfig": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.IPSetForwardedIPConfiguration", + "$ref": "#/definitions/AWS::WAFv2::WebACL.IPSetForwardedIPConfiguration", "markdownDescription": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all.", "title": "IPSetForwardedIPConfig" } @@ -268714,7 +320553,7 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.ImmunityTimeProperty": { + "AWS::WAFv2::WebACL.ImmunityTimeProperty": { "additionalProperties": false, "properties": { "ImmunityTime": { @@ -268728,7 +320567,7 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.JA3Fingerprint": { + "AWS::WAFv2::WebACL.JA3Fingerprint": { "additionalProperties": false, "properties": { "FallbackBehavior": { @@ -268742,7 +320581,21 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.JsonBody": { + "AWS::WAFv2::WebACL.JA4Fingerprint": { + "additionalProperties": false, + "properties": { + "FallbackBehavior": { + "markdownDescription": "The match status to assign to the web request if the request doesn't have a JA4 fingerprint.\n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", + "title": "FallbackBehavior", + "type": "string" + } + }, + "required": [ + "FallbackBehavior" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.JsonBody": { "additionalProperties": false, "properties": { "InvalidFallbackBehavior": { @@ -268751,7 +320604,7 @@ "type": "string" }, "MatchPattern": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.JsonMatchPattern", + "$ref": "#/definitions/AWS::WAFv2::WebACL.JsonMatchPattern", "markdownDescription": "The patterns to look for in the JSON body. AWS WAF inspects the results of these pattern matches against the rule inspection criteria.", "title": "MatchPattern" }, @@ -268772,7 +320625,7 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.JsonMatchPattern": { + "AWS::WAFv2::WebACL.JsonMatchPattern": { "additionalProperties": false, "properties": { "All": { @@ -268791,7 +320644,7 @@ }, "type": "object" }, - "AWS::WAFv2::RuleGroup.Label": { + "AWS::WAFv2::WebACL.Label": { "additionalProperties": false, "properties": { "Name": { @@ -268805,7 +320658,7 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.LabelMatchStatement": { + "AWS::WAFv2::WebACL.LabelMatchStatement": { "additionalProperties": false, "properties": { "Key": { @@ -268825,22 +320678,111 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.LabelSummary": { + "AWS::WAFv2::WebACL.ManagedRuleGroupConfig": { + "additionalProperties": false, + "properties": { + "AWSManagedRulesACFPRuleSet": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.AWSManagedRulesACFPRuleSet", + "markdownDescription": "Additional configuration for using the account creation fraud prevention (ACFP) managed rule group, `AWSManagedRulesACFPRuleSet` . Use this to provide account creation request information to the rule group. For web ACLs that protect CloudFront distributions, use this to also provide the information about how your distribution responds to account creation requests.\n\nFor information about using the ACFP managed rule group, see [AWS WAF Fraud Control account creation fraud prevention (ACFP) rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-acfp.html) and [AWS WAF Fraud Control account creation fraud prevention (ACFP)](https://docs.aws.amazon.com/waf/latest/developerguide/waf-acfp.html) in the *AWS WAF Developer Guide* .", + "title": "AWSManagedRulesACFPRuleSet" + }, + "AWSManagedRulesATPRuleSet": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.AWSManagedRulesATPRuleSet", + "markdownDescription": "Additional configuration for using the account takeover prevention (ATP) managed rule group, `AWSManagedRulesATPRuleSet` . Use this to provide login request information to the rule group. For web ACLs that protect CloudFront distributions, use this to also provide the information about how your distribution responds to login requests.\n\nThis configuration replaces the individual configuration fields in `ManagedRuleGroupConfig` and provides additional feature configuration.\n\nFor information about using the ATP managed rule group, see [AWS WAF Fraud Control account takeover prevention (ATP) rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-atp.html) and [AWS WAF Fraud Control account takeover prevention (ATP)](https://docs.aws.amazon.com/waf/latest/developerguide/waf-atp.html) in the *AWS WAF Developer Guide* .", + "title": "AWSManagedRulesATPRuleSet" + }, + "AWSManagedRulesAntiDDoSRuleSet": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.AWSManagedRulesAntiDDoSRuleSet", + "markdownDescription": "Additional configuration for using the anti-DDoS managed rule group, `AWSManagedRulesAntiDDoSRuleSet` . Use this to configure anti-DDoS behavior for the rule group.\n\nFor information about using the anti-DDoS managed rule group, see [AWS WAF Anti-DDoS rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-anti-ddos.html) and [Distributed Denial of Service (DDoS) prevention](https://docs.aws.amazon.com/waf/latest/developerguide/waf-anti-ddos.html) in the *AWS WAF Developer Guide* .", + "title": "AWSManagedRulesAntiDDoSRuleSet" + }, + "AWSManagedRulesBotControlRuleSet": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.AWSManagedRulesBotControlRuleSet", + "markdownDescription": "Additional configuration for using the Bot Control managed rule group. Use this to specify the inspection level that you want to use. For information about using the Bot Control managed rule group, see [AWS WAF Bot Control rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html) and [AWS WAF Bot Control](https://docs.aws.amazon.com/waf/latest/developerguide/waf-bot-control.html) in the *AWS WAF Developer Guide* .", + "title": "AWSManagedRulesBotControlRuleSet" + }, + "LoginPath": { + "markdownDescription": "> Instead of this setting, provide your configuration under `AWSManagedRulesATPRuleSet` .", + "title": "LoginPath", + "type": "string" + }, + "PasswordField": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", + "markdownDescription": "> Instead of this setting, provide your configuration under the request inspection configuration for `AWSManagedRulesATPRuleSet` or `AWSManagedRulesACFPRuleSet` .", + "title": "PasswordField" + }, + "PayloadType": { + "markdownDescription": "> Instead of this setting, provide your configuration under the request inspection configuration for `AWSManagedRulesATPRuleSet` or `AWSManagedRulesACFPRuleSet` .", + "title": "PayloadType", + "type": "string" + }, + "UsernameField": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", + "markdownDescription": "> Instead of this setting, provide your configuration under the request inspection configuration for `AWSManagedRulesATPRuleSet` or `AWSManagedRulesACFPRuleSet` .", + "title": "UsernameField" + } + }, + "type": "object" + }, + "AWS::WAFv2::WebACL.ManagedRuleGroupStatement": { "additionalProperties": false, "properties": { + "ExcludedRules": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ExcludedRule" + }, + "markdownDescription": "Rules in the referenced rule group whose actions are set to `Count` .\n\n> Instead of this option, use `RuleActionOverrides` . It accepts any valid action setting, including `Count` .", + "title": "ExcludedRules", + "type": "array" + }, + "ManagedRuleGroupConfigs": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ManagedRuleGroupConfig" + }, + "markdownDescription": "Additional information that's used by a managed rule group. Many managed rule groups don't require this.\n\nThe rule groups used for intelligent threat mitigation require additional configuration:\n\n- Use the `AWSManagedRulesACFPRuleSet` configuration object to configure the account creation fraud prevention managed rule group. The configuration includes the registration and sign-up pages of your application and the locations in the account creation request payload of data, such as the user email and phone number fields.\n- Use the `AWSManagedRulesAntiDDoSRuleSet` configuration object to configure the anti-DDoS managed rule group. The configuration includes the sensitivity levels to use in the rules that typically block and challenge requests that might be participating in DDoS attacks and the specification to use to indicate whether a request can handle a silent browser challenge.\n- Use the `AWSManagedRulesATPRuleSet` configuration object to configure the account takeover prevention managed rule group. The configuration includes the sign-in page of your application and the locations in the login request payload of data such as the username and password.\n- Use the `AWSManagedRulesBotControlRuleSet` configuration object to configure the protection level that you want the Bot Control rule group to use.", + "title": "ManagedRuleGroupConfigs", + "type": "array" + }, "Name": { - "markdownDescription": "An individual label specification.", + "markdownDescription": "The name of the managed rule group. You use this, along with the vendor name, to identify the rule group.", "title": "Name", "type": "string" + }, + "RuleActionOverrides": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.RuleActionOverride" + }, + "markdownDescription": "Action settings to use in the place of the rule actions that are configured inside the rule group. You specify one override for each rule whose action you want to change.\n\n> Verify the rule names in your overrides carefully. With managed rule groups, AWS WAF silently ignores any override that uses an invalid rule name. With customer-owned rule groups, invalid rule names in your overrides will cause web ACL updates to fail. An invalid rule name is any name that doesn't exactly match the case-sensitive name of an existing rule in the rule group. \n\nYou can use overrides for testing, for example you can override all of rule actions to `Count` and then monitor the resulting count metrics to understand how the rule group would handle your web traffic. You can also permanently override some or all actions, to modify how the rule group manages your web traffic.", + "title": "RuleActionOverrides", + "type": "array" + }, + "ScopeDownStatement": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.Statement", + "markdownDescription": "An optional nested statement that narrows the scope of the web requests that are evaluated by the managed rule group. Requests are only evaluated by the rule group if they match the scope-down statement. You can use any nestable `Statement` in the scope-down statement, and you can nest statements at any level, the same as you can for a rule statement.", + "title": "ScopeDownStatement" + }, + "VendorName": { + "markdownDescription": "The name of the managed rule group vendor. You use this, along with the rule group name, to identify a rule group.", + "title": "VendorName", + "type": "string" + }, + "Version": { + "markdownDescription": "The version of the managed rule group to use. If you specify this, the version setting is fixed until you change it. If you don't specify this, AWS WAF uses the vendor's default version, and then keeps the version at the vendor's default when the vendor updates the managed rule group settings.", + "title": "Version", + "type": "string" } }, + "required": [ + "Name", + "VendorName" + ], "type": "object" }, - "AWS::WAFv2::RuleGroup.NotStatement": { + "AWS::WAFv2::WebACL.NotStatement": { "additionalProperties": false, "properties": { "Statement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Statement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.Statement", "markdownDescription": "The statement to negate. You can use any statement that can be nested.", "title": "Statement" } @@ -268850,12 +320792,26 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.OrStatement": { + "AWS::WAFv2::WebACL.OnSourceDDoSProtectionConfig": { + "additionalProperties": false, + "properties": { + "ALBLowReputationMode": { + "markdownDescription": "The level of DDoS protection that applies to web ACLs associated with Application Load Balancers. `ACTIVE_UNDER_DDOS` protection is enabled by default whenever a web ACL is associated with an Application Load Balancer. In the event that an Application Load Balancer experiences high-load conditions or suspected DDoS attacks, the `ACTIVE_UNDER_DDOS` protection automatically rate limits traffic from known low reputation sources without disrupting Application Load Balancer availability. `ALWAYS_ON` protection provides constant, always-on monitoring of known low reputation sources for suspected DDoS attacks. While this provides a higher level of protection, there may be potential impacts on legitimate traffic.", + "title": "ALBLowReputationMode", + "type": "string" + } + }, + "required": [ + "ALBLowReputationMode" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.OrStatement": { "additionalProperties": false, "properties": { "Statements": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Statement" + "$ref": "#/definitions/AWS::WAFv2::WebACL.Statement" }, "markdownDescription": "The statements to combine with OR logic. You can use any statements that can be nested.", "title": "Statements", @@ -268867,7 +320823,23 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.RateBasedStatement": { + "AWS::WAFv2::WebACL.OverrideAction": { + "additionalProperties": false, + "properties": { + "Count": { + "markdownDescription": "Override the rule group evaluation result to count only.\n\n> This option is usually set to none. It does not affect how the rules in the rule group are evaluated. If you want the rules in the rule group to only count matches, do not use this and instead use the rule action override option, with `Count` action, in your rule group reference statement settings.", + "title": "Count", + "type": "object" + }, + "None": { + "markdownDescription": "Don't override the rule group evaluation result. This is the most common setting.", + "title": "None", + "type": "object" + } + }, + "type": "object" + }, + "AWS::WAFv2::WebACL.RateBasedStatement": { "additionalProperties": false, "properties": { "AggregateKeyType": { @@ -268877,7 +320849,7 @@ }, "CustomKeys": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateBasedStatementCustomKey" + "$ref": "#/definitions/AWS::WAFv2::WebACL.RateBasedStatementCustomKey" }, "markdownDescription": "Specifies the aggregate keys to use in a rate-base rule.", "title": "CustomKeys", @@ -268889,7 +320861,7 @@ "type": "number" }, "ForwardedIPConfig": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ForwardedIPConfiguration", + "$ref": "#/definitions/AWS::WAFv2::WebACL.ForwardedIPConfiguration", "markdownDescription": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. \n\nThis is required if you specify a forwarded IP in the rule's aggregate key settings.", "title": "ForwardedIPConfig" }, @@ -268899,7 +320871,7 @@ "type": "number" }, "ScopeDownStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Statement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.Statement", "markdownDescription": "An optional nested statement that narrows the scope of the web requests that are evaluated and managed by the rate-based statement. When you use a scope-down statement, the rate-based rule only tracks and rate limits requests that match the scope-down statement. You can use any nestable `Statement` in the scope-down statement, and you can nest statements at any level, the same as you can for a rule statement.", "title": "ScopeDownStatement" } @@ -268910,11 +320882,16 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.RateBasedStatementCustomKey": { + "AWS::WAFv2::WebACL.RateBasedStatementCustomKey": { "additionalProperties": false, "properties": { + "ASN": { + "markdownDescription": "Use an Autonomous System Number (ASN) derived from the request's originating or forwarded IP address as an aggregate key. Each distinct ASN contributes to the aggregation instance.", + "title": "ASN", + "type": "object" + }, "Cookie": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitCookie", + "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitCookie", "markdownDescription": "Use the value of a cookie in the request as an aggregate key. Each distinct value in the cookie contributes to the aggregation instance. If you use a single cookie as your custom key, then each value fully defines an aggregation instance.", "title": "Cookie" }, @@ -268929,7 +320906,7 @@ "type": "object" }, "Header": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitHeader", + "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitHeader", "markdownDescription": "Use the value of a header in the request as an aggregate key. Each distinct value in the header contributes to the aggregation instance. If you use a single header as your custom key, then each value fully defines an aggregation instance.", "title": "Header" }, @@ -268938,30 +320915,40 @@ "title": "IP", "type": "object" }, + "JA3Fingerprint": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitJA3Fingerprint", + "markdownDescription": "Use the request's JA3 fingerprint as an aggregate key. If you use a single JA3 fingerprint as your custom key, then each value fully defines an aggregation instance.", + "title": "JA3Fingerprint" + }, + "JA4Fingerprint": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitJA4Fingerprint", + "markdownDescription": "Use the request's JA4 fingerprint as an aggregate key. If you use a single JA4 fingerprint as your custom key, then each value fully defines an aggregation instance.", + "title": "JA4Fingerprint" + }, "LabelNamespace": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitLabelNamespace", + "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitLabelNamespace", "markdownDescription": "Use the specified label namespace as an aggregate key. Each distinct fully qualified label name that has the specified label namespace contributes to the aggregation instance. If you use just one label namespace as your custom key, then each label name fully defines an aggregation instance.\n\nThis uses only labels that have been added to the request by rules that are evaluated before this rate-based rule in the web ACL.\n\nFor information about label namespaces and names, see [Label syntax and naming requirements](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-label-requirements.html) in the *AWS WAF Developer Guide* .", "title": "LabelNamespace" }, "QueryArgument": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitQueryArgument", + "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitQueryArgument", "markdownDescription": "Use the specified query argument as an aggregate key. Each distinct value for the named query argument contributes to the aggregation instance. If you use a single query argument as your custom key, then each value fully defines an aggregation instance.", "title": "QueryArgument" }, "QueryString": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitQueryString", + "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitQueryString", "markdownDescription": "Use the request's query string as an aggregate key. Each distinct string contributes to the aggregation instance. If you use just the query string as your custom key, then each string fully defines an aggregation instance.", "title": "QueryString" }, "UriPath": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitUriPath", + "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitUriPath", "markdownDescription": "Use the request's URI path as an aggregate key. Each distinct URI path contributes to the aggregation instance. If you use just the URI path as your custom key, then each URI path fully defines an aggregation instance.", "title": "UriPath" } }, "type": "object" }, - "AWS::WAFv2::RuleGroup.RateLimitCookie": { + "AWS::WAFv2::WebACL.RateLimitCookie": { "additionalProperties": false, "properties": { "Name": { @@ -268971,7 +320958,7 @@ }, "TextTransformations": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", "title": "TextTransformations", @@ -268984,7 +320971,7 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.RateLimitHeader": { + "AWS::WAFv2::WebACL.RateLimitHeader": { "additionalProperties": false, "properties": { "Name": { @@ -268994,7 +320981,7 @@ }, "TextTransformations": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", "title": "TextTransformations", @@ -269007,7 +320994,35 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.RateLimitLabelNamespace": { + "AWS::WAFv2::WebACL.RateLimitJA3Fingerprint": { + "additionalProperties": false, + "properties": { + "FallbackBehavior": { + "markdownDescription": "The match status to assign to the web request if there is insufficient TSL Client Hello information to compute the JA3 fingerprint.\n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", + "title": "FallbackBehavior", + "type": "string" + } + }, + "required": [ + "FallbackBehavior" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.RateLimitJA4Fingerprint": { + "additionalProperties": false, + "properties": { + "FallbackBehavior": { + "markdownDescription": "The match status to assign to the web request if there is insufficient TSL Client Hello information to compute the JA4 fingerprint.\n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", + "title": "FallbackBehavior", + "type": "string" + } + }, + "required": [ + "FallbackBehavior" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.RateLimitLabelNamespace": { "additionalProperties": false, "properties": { "Namespace": { @@ -269021,7 +321036,7 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.RateLimitQueryArgument": { + "AWS::WAFv2::WebACL.RateLimitQueryArgument": { "additionalProperties": false, "properties": { "Name": { @@ -269031,7 +321046,7 @@ }, "TextTransformations": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", "title": "TextTransformations", @@ -269044,12 +321059,12 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.RateLimitQueryString": { + "AWS::WAFv2::WebACL.RateLimitQueryString": { "additionalProperties": false, "properties": { "TextTransformations": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", "title": "TextTransformations", @@ -269061,12 +321076,12 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.RateLimitUriPath": { + "AWS::WAFv2::WebACL.RateLimitUriPath": { "additionalProperties": false, "properties": { "TextTransformations": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", "title": "TextTransformations", @@ -269078,11 +321093,22 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.RegexMatchStatement": { + "AWS::WAFv2::WebACL.Regex": { + "additionalProperties": false, + "properties": { + "RegexString": { + "markdownDescription": "The string representing the regular expression.", + "title": "RegexString", + "type": "string" + } + }, + "type": "object" + }, + "AWS::WAFv2::WebACL.RegexMatchStatement": { "additionalProperties": false, "properties": { "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.FieldToMatch", + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToMatch", "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", "title": "FieldToMatch" }, @@ -269093,7 +321119,7 @@ }, "TextTransformations": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", "title": "TextTransformations", @@ -269107,7 +321133,7 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.RegexPatternSetReferenceStatement": { + "AWS::WAFv2::WebACL.RegexPatternSetReferenceStatement": { "additionalProperties": false, "properties": { "Arn": { @@ -269116,13 +321142,13 @@ "type": "string" }, "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.FieldToMatch", + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToMatch", "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", "title": "FieldToMatch" }, "TextTransformations": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", "title": "TextTransformations", @@ -269136,21 +321162,248 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.Rule": { + "AWS::WAFv2::WebACL.RequestBodyAssociatedResourceTypeConfig": { + "additionalProperties": false, + "properties": { + "DefaultSizeInspectionLimit": { + "markdownDescription": "Specifies the maximum size of the web request body component that an associated CloudFront, API Gateway, Amazon Cognito, App Runner, or Verified Access resource should send to AWS WAF for inspection. This applies to statements in the web ACL that inspect the body or JSON body.\n\nDefault: `16 KB (16,384 bytes)`", + "title": "DefaultSizeInspectionLimit", + "type": "string" + } + }, + "required": [ + "DefaultSizeInspectionLimit" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.RequestInspection": { + "additionalProperties": false, + "properties": { + "PasswordField": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", + "markdownDescription": "The name of the field in the request payload that contains your customer's password.\n\nHow you specify this depends on the request inspection payload type.\n\n- For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"password\": \"THE_PASSWORD\" } }` , the password field specification is `/form/password` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with the input element named `password1` , the password field specification is `password1` .", + "title": "PasswordField" + }, + "PayloadType": { + "markdownDescription": "The payload type for your login endpoint, either JSON or form encoded.", + "title": "PayloadType", + "type": "string" + }, + "UsernameField": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", + "markdownDescription": "The name of the field in the request payload that contains your customer's username.\n\nHow you specify this depends on the request inspection payload type.\n\n- For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"username\": \"THE_USERNAME\" } }` , the username field specification is `/form/username` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with the input element named `username1` , the username field specification is `username1`", + "title": "UsernameField" + } + }, + "required": [ + "PasswordField", + "PayloadType", + "UsernameField" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.RequestInspectionACFP": { + "additionalProperties": false, + "properties": { + "AddressFields": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier" + }, + "markdownDescription": "The names of the fields in the request payload that contain your customer's primary physical address.\n\nOrder the address fields in the array exactly as they are ordered in the request payload.\n\nHow you specify the address fields depends on the request inspection payload type.\n\n- For JSON payloads, specify the field identifiers in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"primaryaddressline1\": \"THE_ADDRESS1\", \"primaryaddressline2\": \"THE_ADDRESS2\", \"primaryaddressline3\": \"THE_ADDRESS3\" } }` , the address field idenfiers are `/form/primaryaddressline1` , `/form/primaryaddressline2` , and `/form/primaryaddressline3` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with input elements named `primaryaddressline1` , `primaryaddressline2` , and `primaryaddressline3` , the address fields identifiers are `primaryaddressline1` , `primaryaddressline2` , and `primaryaddressline3` .", + "title": "AddressFields", + "type": "array" + }, + "EmailField": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", + "markdownDescription": "The name of the field in the request payload that contains your customer's email.\n\nHow you specify this depends on the request inspection payload type.\n\n- For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"email\": \"THE_EMAIL\" } }` , the email field specification is `/form/email` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with the input element named `email1` , the email field specification is `email1` .", + "title": "EmailField" + }, + "PasswordField": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", + "markdownDescription": "The name of the field in the request payload that contains your customer's password.\n\nHow you specify this depends on the request inspection payload type.\n\n- For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"password\": \"THE_PASSWORD\" } }` , the password field specification is `/form/password` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with the input element named `password1` , the password field specification is `password1` .", + "title": "PasswordField" + }, + "PayloadType": { + "markdownDescription": "The payload type for your account creation endpoint, either JSON or form encoded.", + "title": "PayloadType", + "type": "string" + }, + "PhoneNumberFields": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier" + }, + "markdownDescription": "The names of the fields in the request payload that contain your customer's primary phone number.\n\nOrder the phone number fields in the array exactly as they are ordered in the request payload.\n\nHow you specify the phone number fields depends on the request inspection payload type.\n\n- For JSON payloads, specify the field identifiers in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"primaryphoneline1\": \"THE_PHONE1\", \"primaryphoneline2\": \"THE_PHONE2\", \"primaryphoneline3\": \"THE_PHONE3\" } }` , the phone number field identifiers are `/form/primaryphoneline1` , `/form/primaryphoneline2` , and `/form/primaryphoneline3` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with input elements named `primaryphoneline1` , `primaryphoneline2` , and `primaryphoneline3` , the phone number field identifiers are `primaryphoneline1` , `primaryphoneline2` , and `primaryphoneline3` .", + "title": "PhoneNumberFields", + "type": "array" + }, + "UsernameField": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", + "markdownDescription": "The name of the field in the request payload that contains your customer's username.\n\nHow you specify this depends on the request inspection payload type.\n\n- For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"username\": \"THE_USERNAME\" } }` , the username field specification is `/form/username` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with the input element named `username1` , the username field specification is `username1`", + "title": "UsernameField" + } + }, + "required": [ + "PayloadType" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.ResponseInspection": { + "additionalProperties": false, + "properties": { + "BodyContains": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspectionBodyContains", + "markdownDescription": "Configures inspection of the response body for success and failure indicators. AWS WAF can inspect the first 65,536 bytes (64 KB) of the response body.", + "title": "BodyContains" + }, + "Header": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspectionHeader", + "markdownDescription": "Configures inspection of the response header for success and failure indicators.", + "title": "Header" + }, + "Json": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspectionJson", + "markdownDescription": "Configures inspection of the response JSON for success and failure indicators. AWS WAF can inspect the first 65,536 bytes (64 KB) of the response JSON.", + "title": "Json" + }, + "StatusCode": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspectionStatusCode", + "markdownDescription": "Configures inspection of the response status code for success and failure indicators.", + "title": "StatusCode" + } + }, + "type": "object" + }, + "AWS::WAFv2::WebACL.ResponseInspectionBodyContains": { + "additionalProperties": false, + "properties": { + "FailureStrings": { + "items": { + "type": "string" + }, + "markdownDescription": "Strings in the body of the response that indicate a failed login or account creation attempt. To be counted as a failure, the string can be anywhere in the body and must be an exact match, including case. Each string must be unique among the success and failure strings.\n\nJSON example: `\"FailureStrings\": [ \"Request failed\" ]`", + "title": "FailureStrings", + "type": "array" + }, + "SuccessStrings": { + "items": { + "type": "string" + }, + "markdownDescription": "Strings in the body of the response that indicate a successful login or account creation attempt. To be counted as a success, the string can be anywhere in the body and must be an exact match, including case. Each string must be unique among the success and failure strings.\n\nJSON examples: `\"SuccessStrings\": [ \"Login successful\" ]` and `\"SuccessStrings\": [ \"Account creation successful\", \"Welcome to our site!\" ]`", + "title": "SuccessStrings", + "type": "array" + } + }, + "required": [ + "FailureStrings", + "SuccessStrings" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.ResponseInspectionHeader": { + "additionalProperties": false, + "properties": { + "FailureValues": { + "items": { + "type": "string" + }, + "markdownDescription": "Values in the response header with the specified name that indicate a failed login or account creation attempt. To be counted as a failure, the value must be an exact match, including case. Each value must be unique among the success and failure values.\n\nJSON examples: `\"FailureValues\": [ \"LoginFailed\", \"Failed login\" ]` and `\"FailureValues\": [ \"AccountCreationFailed\" ]`", + "title": "FailureValues", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the header to match against. The name must be an exact match, including case.\n\nJSON example: `\"Name\": [ \"RequestResult\" ]`", + "title": "Name", + "type": "string" + }, + "SuccessValues": { + "items": { + "type": "string" + }, + "markdownDescription": "Values in the response header with the specified name that indicate a successful login or account creation attempt. To be counted as a success, the value must be an exact match, including case. Each value must be unique among the success and failure values.\n\nJSON examples: `\"SuccessValues\": [ \"LoginPassed\", \"Successful login\" ]` and `\"SuccessValues\": [ \"AccountCreated\", \"Successful account creation\" ]`", + "title": "SuccessValues", + "type": "array" + } + }, + "required": [ + "FailureValues", + "Name", + "SuccessValues" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.ResponseInspectionJson": { + "additionalProperties": false, + "properties": { + "FailureValues": { + "items": { + "type": "string" + }, + "markdownDescription": "Values for the specified identifier in the response JSON that indicate a failed login or account creation attempt. To be counted as a failure, the value must be an exact match, including case. Each value must be unique among the success and failure values.\n\nJSON example: `\"FailureValues\": [ \"False\", \"Failed\" ]`", + "title": "FailureValues", + "type": "array" + }, + "Identifier": { + "markdownDescription": "The identifier for the value to match against in the JSON. The identifier must be an exact match, including case.\n\nJSON examples: `\"Identifier\": [ \"/login/success\" ]` and `\"Identifier\": [ \"/sign-up/success\" ]`", + "title": "Identifier", + "type": "string" + }, + "SuccessValues": { + "items": { + "type": "string" + }, + "markdownDescription": "Values for the specified identifier in the response JSON that indicate a successful login or account creation attempt. To be counted as a success, the value must be an exact match, including case. Each value must be unique among the success and failure values.\n\nJSON example: `\"SuccessValues\": [ \"True\", \"Succeeded\" ]`", + "title": "SuccessValues", + "type": "array" + } + }, + "required": [ + "FailureValues", + "Identifier", + "SuccessValues" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.ResponseInspectionStatusCode": { + "additionalProperties": false, + "properties": { + "FailureCodes": { + "items": { + "type": "number" + }, + "markdownDescription": "Status codes in the response that indicate a failed login or account creation attempt. To be counted as a failure, the response status code must match one of these. Each code must be unique among the success and failure status codes.\n\nJSON example: `\"FailureCodes\": [ 400, 404 ]`", + "title": "FailureCodes", + "type": "array" + }, + "SuccessCodes": { + "items": { + "type": "number" + }, + "markdownDescription": "Status codes in the response that indicate a successful login or account creation attempt. To be counted as a success, the response status code must match one of these. Each code must be unique among the success and failure status codes.\n\nJSON example: `\"SuccessCodes\": [ 200, 201 ]`", + "title": "SuccessCodes", + "type": "array" + } + }, + "required": [ + "FailureCodes", + "SuccessCodes" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.Rule": { "additionalProperties": false, "properties": { "Action": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RuleAction", - "markdownDescription": "The action that AWS WAF should take on a web request when it matches the rule statement. Settings at the web ACL level can override the rule action setting.", + "$ref": "#/definitions/AWS::WAFv2::WebACL.RuleAction", + "markdownDescription": "The action that AWS WAF should take on a web request when it matches the rule's statement. Settings at the web ACL level can override the rule action setting.\n\nThis is used only for rules whose statements don't reference a rule group. Rule statements that reference a rule group are `RuleGroupReferenceStatement` and `ManagedRuleGroupStatement` .\n\nYou must set either this `Action` setting or the rule's `OverrideAction` , but not both:\n\n- If the rule statement doesn't reference a rule group, you must set this rule action setting and you must not set the rule's override action setting.\n- If the rule statement references a rule group, you must not set this action setting, because the actions are already set on the rules inside the rule group. You must set the rule's override action setting to indicate specifically whether to override the actions that are set on the rules in the rule group.", "title": "Action" }, "CaptchaConfig": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CaptchaConfig", + "$ref": "#/definitions/AWS::WAFv2::WebACL.CaptchaConfig", "markdownDescription": "Specifies how AWS WAF should handle `CAPTCHA` evaluations. If you don't specify this, AWS WAF uses the `CAPTCHA` configuration that's defined for the web ACL.", "title": "CaptchaConfig" }, "ChallengeConfig": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ChallengeConfig", + "$ref": "#/definitions/AWS::WAFv2::WebACL.ChallengeConfig", "markdownDescription": "Specifies how AWS WAF should handle `Challenge` evaluations. If you don't specify this, AWS WAF uses the challenge configuration that's defined for the web ACL.", "title": "ChallengeConfig" }, @@ -269159,6 +321412,11 @@ "title": "Name", "type": "string" }, + "OverrideAction": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.OverrideAction", + "markdownDescription": "The override action to apply to the rules in a rule group, instead of the individual rule action settings. This is used only for rules whose statements reference a rule group. Rule statements that reference a rule group are `RuleGroupReferenceStatement` and `ManagedRuleGroupStatement` .\n\nSet the override action to none to leave the rule group rule actions in effect. Set it to count to only count matches, regardless of the rule action settings.\n\nYou must set either this `OverrideAction` setting or the `Action` setting, but not both:\n\n- If the rule statement references a rule group, you must set this override action setting and you must not set the rule's action setting.\n- If the rule statement doesn't reference a rule group, you must set the rule action setting and you must not set the rule's override action setting.", + "title": "OverrideAction" + }, "Priority": { "markdownDescription": "If you define more than one `Rule` in a `WebACL` , AWS WAF evaluates each request against the `Rules` in order based on the value of `Priority` . AWS WAF processes rules with lower priority first. The priorities don't need to be consecutive, but they must all be different.", "title": "Priority", @@ -269166,19 +321424,19 @@ }, "RuleLabels": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Label" + "$ref": "#/definitions/AWS::WAFv2::WebACL.Label" }, "markdownDescription": "Labels to apply to web requests that match the rule match statement. AWS WAF applies fully qualified labels to matching web requests. A fully qualified label is the concatenation of a label namespace and a rule label. The rule's rule group or web ACL defines the label namespace.\n\n> Any rule that isn't a rule group reference statement or managed rule group statement can add labels to matching web requests. \n\nRules that run after this rule in the web ACL can match against these labels using a `LabelMatchStatement` .\n\nFor each label, provide a case-sensitive string containing optional namespaces and a label name, according to the following guidelines:\n\n- Separate each component of the label with a colon.\n- Each namespace or name can have up to 128 characters.\n- You can specify up to 5 namespaces in a label.\n- Don't use the following reserved words in your label specification: `aws` , `waf` , `managed` , `rulegroup` , `webacl` , `regexpatternset` , or `ipset` .\n\nFor example, `myLabelName` or `nameSpace1:nameSpace2:myLabelName` .", "title": "RuleLabels", "type": "array" }, "Statement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Statement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.Statement", "markdownDescription": "The AWS WAF processing statement for the rule, for example `ByteMatchStatement` or `SizeConstraintStatement` .", "title": "Statement" }, "VisibilityConfig": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.VisibilityConfig", + "$ref": "#/definitions/AWS::WAFv2::WebACL.VisibilityConfig", "markdownDescription": "Defines and enables Amazon CloudWatch metrics and web request sample collection.\n\nIf you change the name of a `Rule` after you create it and you want the rule's metric name to reflect the change, update the metric name as well. AWS WAF doesn't automatically update the metric name.", "title": "VisibilityConfig" } @@ -269191,38 +321449,88 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.RuleAction": { + "AWS::WAFv2::WebACL.RuleAction": { "additionalProperties": false, "properties": { "Allow": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.AllowAction", + "$ref": "#/definitions/AWS::WAFv2::WebACL.AllowAction", "markdownDescription": "Instructs AWS WAF to allow the web request.", "title": "Allow" }, "Block": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.BlockAction", + "$ref": "#/definitions/AWS::WAFv2::WebACL.BlockAction", "markdownDescription": "Instructs AWS WAF to block the web request.", "title": "Block" }, "Captcha": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CaptchaAction", + "$ref": "#/definitions/AWS::WAFv2::WebACL.CaptchaAction", "markdownDescription": "Specifies that AWS WAF should run a `CAPTCHA` check against the request:\n\n- If the request includes a valid, unexpired `CAPTCHA` token, AWS WAF allows the web request inspection to proceed to the next rule, similar to a `CountAction` .\n- If the request doesn't include a valid, unexpired `CAPTCHA` token, AWS WAF discontinues the web ACL evaluation of the request and blocks it from going to its intended destination.\n\nAWS WAF generates a response that it sends back to the client, which includes the following:\n\n- The header `x-amzn-waf-action` with a value of `captcha` .\n- The HTTP status code `405 Method Not Allowed` .\n- If the request contains an `Accept` header with a value of `text/html` , the response includes a `CAPTCHA` challenge.\n\nYou can configure the expiration time in the `CaptchaConfig` `ImmunityTimeProperty` setting at the rule and web ACL level. The rule setting overrides the web ACL setting.\n\nThis action option is available for rules. It isn't available for web ACL default actions.", "title": "Captcha" }, "Challenge": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ChallengeAction", + "$ref": "#/definitions/AWS::WAFv2::WebACL.ChallengeAction", "markdownDescription": "Instructs AWS WAF to run a `Challenge` check against the web request.", "title": "Challenge" }, "Count": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CountAction", + "$ref": "#/definitions/AWS::WAFv2::WebACL.CountAction", "markdownDescription": "Instructs AWS WAF to count the web request and then continue evaluating the request using the remaining rules in the web ACL.", "title": "Count" } }, "type": "object" }, - "AWS::WAFv2::RuleGroup.SingleHeader": { + "AWS::WAFv2::WebACL.RuleActionOverride": { + "additionalProperties": false, + "properties": { + "ActionToUse": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.RuleAction", + "markdownDescription": "The override action to use, in place of the configured action of the rule in the rule group.", + "title": "ActionToUse" + }, + "Name": { + "markdownDescription": "The name of the rule to override.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "ActionToUse", + "Name" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.RuleGroupReferenceStatement": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the entity.", + "title": "Arn", + "type": "string" + }, + "ExcludedRules": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ExcludedRule" + }, + "markdownDescription": "Rules in the referenced rule group whose actions are set to `Count` .\n\n> Instead of this option, use `RuleActionOverrides` . It accepts any valid action setting, including `Count` .", + "title": "ExcludedRules", + "type": "array" + }, + "RuleActionOverrides": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.RuleActionOverride" + }, + "markdownDescription": "Action settings to use in the place of the rule actions that are configured inside the rule group. You specify one override for each rule whose action you want to change.\n\n> Verify the rule names in your overrides carefully. With managed rule groups, AWS WAF silently ignores any override that uses an invalid rule name. With customer-owned rule groups, invalid rule names in your overrides will cause web ACL updates to fail. An invalid rule name is any name that doesn't exactly match the case-sensitive name of an existing rule in the rule group. \n\nYou can use overrides for testing, for example you can override all of rule actions to `Count` and then monitor the resulting count metrics to understand how the rule group would handle your web traffic. You can also permanently override some or all actions, to modify how the rule group manages your web traffic.", + "title": "RuleActionOverrides", + "type": "array" + } + }, + "required": [ + "Arn" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.SingleHeader": { "additionalProperties": false, "properties": { "Name": { @@ -269236,7 +321544,7 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.SingleQueryArgument": { + "AWS::WAFv2::WebACL.SingleQueryArgument": { "additionalProperties": false, "properties": { "Name": { @@ -269250,7 +321558,7 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.SizeConstraintStatement": { + "AWS::WAFv2::WebACL.SizeConstraintStatement": { "additionalProperties": false, "properties": { "ComparisonOperator": { @@ -269259,7 +321567,7 @@ "type": "string" }, "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.FieldToMatch", + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToMatch", "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", "title": "FieldToMatch" }, @@ -269270,7 +321578,7 @@ }, "TextTransformations": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", "title": "TextTransformations", @@ -269285,11 +321593,11 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.SqliMatchStatement": { + "AWS::WAFv2::WebACL.SqliMatchStatement": { "additionalProperties": false, "properties": { "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.FieldToMatch", + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToMatch", "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", "title": "FieldToMatch" }, @@ -269300,7 +321608,7 @@ }, "TextTransformations": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", "title": "TextTransformations", @@ -269313,78 +321621,93 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.Statement": { + "AWS::WAFv2::WebACL.Statement": { "additionalProperties": false, "properties": { "AndStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.AndStatement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.AndStatement", "markdownDescription": "A logical rule statement used to combine other rule statements with AND logic. You provide more than one `Statement` within the `AndStatement` .", "title": "AndStatement" }, + "AsnMatchStatement": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.AsnMatchStatement", + "markdownDescription": "A rule statement that inspects web traffic based on the Autonomous System Number (ASN) associated with the request's IP address.\n\nFor additional details, see [ASN match rule statement](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-type-asn-match.html) in the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html) .", + "title": "AsnMatchStatement" + }, "ByteMatchStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ByteMatchStatement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.ByteMatchStatement", "markdownDescription": "A rule statement that defines a string match search for AWS WAF to apply to web requests. The byte match statement provides the bytes to search for, the location in requests that you want AWS WAF to search, and other settings. The bytes to search for are typically a string that corresponds with ASCII characters. In the AWS WAF console and the developer guide, this is called a string match statement.", "title": "ByteMatchStatement" }, "GeoMatchStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.GeoMatchStatement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.GeoMatchStatement", "markdownDescription": "A rule statement that labels web requests by country and region and that matches against web requests based on country code. A geo match rule labels every request that it inspects regardless of whether it finds a match.\n\n- To manage requests only by country, you can use this statement by itself and specify the countries that you want to match against in the `CountryCodes` array.\n- Otherwise, configure your geo match rule with Count action so that it only labels requests. Then, add one or more label match rules to run after the geo match rule and configure them to match against the geographic labels and handle the requests as needed.\n\nAWS WAF labels requests using the alpha-2 country and region codes from the International Organization for Standardization (ISO) 3166 standard. AWS WAF determines the codes using either the IP address in the web request origin or, if you specify it, the address in the geo match `ForwardedIPConfig` .\n\nIf you use the web request origin, the label formats are `awswaf:clientip:geo:region:-` and `awswaf:clientip:geo:country:` .\n\nIf you use a forwarded IP address, the label formats are `awswaf:forwardedip:geo:region:-` and `awswaf:forwardedip:geo:country:` .\n\nFor additional details, see [Geographic match rule statement](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-type-geo-match.html) in the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html) .", "title": "GeoMatchStatement" }, "IPSetReferenceStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.IPSetReferenceStatement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.IPSetReferenceStatement", "markdownDescription": "A rule statement used to detect web requests coming from particular IP addresses or address ranges. To use this, create an `IPSet` that specifies the addresses you want to detect, then use the ARN of that set in this statement.\n\nEach IP set rule statement references an IP set. You create and maintain the set independent of your rules. This allows you to use the single set in multiple rules. When you update the referenced set, AWS WAF automatically updates all rules that reference it.", "title": "IPSetReferenceStatement" }, "LabelMatchStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.LabelMatchStatement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.LabelMatchStatement", "markdownDescription": "A rule statement to match against labels that have been added to the web request by rules that have already run in the web ACL.\n\nThe label match statement provides the label or namespace string to search for. The label string can represent a part or all of the fully qualified label name that had been added to the web request. Fully qualified labels have a prefix, optional namespaces, and label name. The prefix identifies the rule group or web ACL context of the rule that added the label. If you do not provide the fully qualified name in your label match string, AWS WAF performs the search for labels that were added in the same context as the label match statement.", "title": "LabelMatchStatement" }, + "ManagedRuleGroupStatement": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ManagedRuleGroupStatement", + "markdownDescription": "A rule statement used to run the rules that are defined in a managed rule group. To use this, provide the vendor name and the name of the rule group in this statement. You can retrieve the required names through the API call `ListAvailableManagedRuleGroups` .\n\nYou cannot nest a `ManagedRuleGroupStatement` , for example for use inside a `NotStatement` or `OrStatement` . It can only be referenced as a top-level statement within a rule.\n\n> You are charged additional fees when you use the AWS WAF Bot Control managed rule group `AWSManagedRulesBotControlRuleSet` , the AWS WAF Fraud Control account takeover prevention (ATP) managed rule group `AWSManagedRulesATPRuleSet` , or the AWS WAF Fraud Control account creation fraud prevention (ACFP) managed rule group `AWSManagedRulesACFPRuleSet` . For more information, see [AWS WAF Pricing](https://docs.aws.amazon.com/waf/pricing/) .", + "title": "ManagedRuleGroupStatement" + }, "NotStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.NotStatement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.NotStatement", "markdownDescription": "A logical rule statement used to negate the results of another rule statement. You provide one `Statement` within the `NotStatement` .", "title": "NotStatement" }, "OrStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.OrStatement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.OrStatement", "markdownDescription": "A logical rule statement used to combine other rule statements with OR logic. You provide more than one `Statement` within the `OrStatement` .", "title": "OrStatement" }, "RateBasedStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateBasedStatement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.RateBasedStatement", "markdownDescription": "A rate-based rule counts incoming requests and rate limits requests when they are coming at too fast a rate. The rule categorizes requests according to your aggregation criteria, collects them into aggregation instances, and counts and rate limits the requests for each instance.\n\n> If you change any of these settings in a rule that's currently in use, the change resets the rule's rate limiting counts. This can pause the rule's rate limiting activities for up to a minute. \n\nYou can specify individual aggregation keys, like IP address or HTTP method. You can also specify aggregation key combinations, like IP address and HTTP method, or HTTP method, query argument, and cookie.\n\nEach unique set of values for the aggregation keys that you specify is a separate aggregation instance, with the value from each key contributing to the aggregation instance definition.\n\nFor example, assume the rule evaluates web requests with the following IP address and HTTP method values:\n\n- IP address 10.1.1.1, HTTP method POST\n- IP address 10.1.1.1, HTTP method GET\n- IP address 127.0.0.0, HTTP method POST\n- IP address 10.1.1.1, HTTP method GET\n\nThe rule would create different aggregation instances according to your aggregation criteria, for example:\n\n- If the aggregation criteria is just the IP address, then each individual address is an aggregation instance, and AWS WAF counts requests separately for each. The aggregation instances and request counts for our example would be the following:\n\n- IP address 10.1.1.1: count 3\n- IP address 127.0.0.0: count 1\n- If the aggregation criteria is HTTP method, then each individual HTTP method is an aggregation instance. The aggregation instances and request counts for our example would be the following:\n\n- HTTP method POST: count 2\n- HTTP method GET: count 2\n- If the aggregation criteria is IP address and HTTP method, then each IP address and each HTTP method would contribute to the combined aggregation instance. The aggregation instances and request counts for our example would be the following:\n\n- IP address 10.1.1.1, HTTP method POST: count 1\n- IP address 10.1.1.1, HTTP method GET: count 2\n- IP address 127.0.0.0, HTTP method POST: count 1\n\nFor any n-tuple of aggregation keys, each unique combination of values for the keys defines a separate aggregation instance, which AWS WAF counts and rate-limits individually.\n\nYou can optionally nest another statement inside the rate-based statement, to narrow the scope of the rule so that it only counts and rate limits requests that match the nested statement. You can use this nested scope-down statement in conjunction with your aggregation key specifications or you can just count and rate limit all requests that match the scope-down statement, without additional aggregation. When you choose to just manage all requests that match a scope-down statement, the aggregation instance is singular for the rule.\n\nYou cannot nest a `RateBasedStatement` inside another statement, for example inside a `NotStatement` or `OrStatement` . You can define a `RateBasedStatement` inside a web ACL and inside a rule group.\n\nFor additional information about the options, see [Rate limiting web requests using rate-based rules](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rate-based-rules.html) in the *AWS WAF Developer Guide* .\n\nIf you only aggregate on the individual IP address or forwarded IP address, you can retrieve the list of IP addresses that AWS WAF is currently rate limiting for a rule through the API call `GetRateBasedStatementManagedKeys` . This option is not available for other aggregation configurations.\n\nAWS WAF tracks and manages web requests separately for each instance of a rate-based rule that you use. For example, if you provide the same rate-based rule settings in two web ACLs, each of the two rule statements represents a separate instance of the rate-based rule and gets its own tracking and management by AWS WAF . If you define a rate-based rule inside a rule group, and then use that rule group in multiple places, each use creates a separate instance of the rate-based rule that gets its own tracking and management by AWS WAF .", "title": "RateBasedStatement" }, "RegexMatchStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RegexMatchStatement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.RegexMatchStatement", "markdownDescription": "A rule statement used to search web request components for a match against a single regular expression.", "title": "RegexMatchStatement" }, "RegexPatternSetReferenceStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RegexPatternSetReferenceStatement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.RegexPatternSetReferenceStatement", "markdownDescription": "A rule statement used to search web request components for matches with regular expressions. To use this, create a `RegexPatternSet` that specifies the expressions that you want to detect, then use the ARN of that set in this statement. A web request matches the pattern set rule statement if the request component matches any of the patterns in the set.\n\nEach regex pattern set rule statement references a regex pattern set. You create and maintain the set independent of your rules. This allows you to use the single set in multiple rules. When you update the referenced set, AWS WAF automatically updates all rules that reference it.", "title": "RegexPatternSetReferenceStatement" }, + "RuleGroupReferenceStatement": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.RuleGroupReferenceStatement", + "markdownDescription": "A rule statement used to run the rules that are defined in a `RuleGroup` . To use this, create a rule group with your rules, then provide the ARN of the rule group in this statement.\n\nYou cannot nest a `RuleGroupReferenceStatement` , for example for use inside a `NotStatement` or `OrStatement` . You cannot use a rule group reference statement inside another rule group. You can only reference a rule group as a top-level statement within a rule that you define in a web ACL.", + "title": "RuleGroupReferenceStatement" + }, "SizeConstraintStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.SizeConstraintStatement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.SizeConstraintStatement", "markdownDescription": "A rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (>) or less than (<). For example, you can use a size constraint statement to look for query strings that are longer than 100 bytes.\n\nIf you configure AWS WAF to inspect the request body, AWS WAF inspects only the number of bytes in the body up to the limit for the web ACL and protected resource type. If you know that the request body for your web requests should never exceed the inspection limit, you can use a size constraint statement to block requests that have a larger request body size. For more information about the inspection limits, see `Body` and `JsonBody` settings for the `FieldToMatch` data type.\n\nIf you choose URI for the value of Part of the request to filter on, the slash (/) in the URI counts as one character. For example, the URI `/logo.jpg` is nine characters long.", "title": "SizeConstraintStatement" }, "SqliMatchStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.SqliMatchStatement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.SqliMatchStatement", "markdownDescription": "A rule statement that inspects for malicious SQL code. Attackers insert malicious SQL code into web requests to do things like modify your database or extract data from it.", "title": "SqliMatchStatement" }, "XssMatchStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.XssMatchStatement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.XssMatchStatement", "markdownDescription": "A rule statement that inspects for cross-site scripting (XSS) attacks. In XSS attacks, the attacker uses vulnerabilities in a benign website as a vehicle to inject malicious client-site scripts into other legitimate web browsers.", "title": "XssMatchStatement" } }, "type": "object" }, - "AWS::WAFv2::RuleGroup.TextTransformation": { + "AWS::WAFv2::WebACL.TextTransformation": { "additionalProperties": false, "properties": { "Priority": { @@ -269404,7 +321727,18 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.VisibilityConfig": { + "AWS::WAFv2::WebACL.UriFragment": { + "additionalProperties": false, + "properties": { + "FallbackBehavior": { + "markdownDescription": "What AWS WAF should do if it fails to completely parse the JSON body. The options are the following:\n\n- `EVALUATE_AS_STRING` - Inspect the body as plain text. AWS WAF applies the text transformations and inspection criteria that you defined for the JSON inspection to the body text string.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.\n\nIf you don't provide this setting, AWS WAF parses and evaluates the content only up to the first parsing failure that it encounters.\n\nExample JSON: `{ \"UriFragment\": { \"FallbackBehavior\": \"MATCH\"} }`\n\n> AWS WAF parsing doesn't fully validate the input JSON string, so parsing can succeed even for invalid JSON. When parsing succeeds, AWS WAF doesn't apply the fallback behavior. For more information, see [JSON body](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-fields-list.html#waf-rule-statement-request-component-json-body) in the *AWS WAF Developer Guide* .", + "title": "FallbackBehavior", + "type": "string" + } + }, + "type": "object" + }, + "AWS::WAFv2::WebACL.VisibilityConfig": { "additionalProperties": false, "properties": { "CloudWatchMetricsEnabled": { @@ -269430,17 +321764,17 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.XssMatchStatement": { + "AWS::WAFv2::WebACL.XssMatchStatement": { "additionalProperties": false, "properties": { "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.FieldToMatch", + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToMatch", "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", "title": "FieldToMatch" }, "TextTransformations": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", "title": "TextTransformations", @@ -269453,7 +321787,7 @@ ], "type": "object" }, - "AWS::WAFv2::WebACL": { + "AWS::WAFv2::WebACLAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -269488,92 +321822,26 @@ "Properties": { "additionalProperties": false, "properties": { - "AssociationConfig": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.AssociationConfig", - "markdownDescription": "Specifies custom configurations for the associations between the web ACL and protected resources.\n\nUse this to customize the maximum size of the request body that your protected resources forward to AWS WAF for inspection. You can customize this setting for CloudFront, API Gateway, Amazon Cognito, App Runner, or Verified Access resources. The default setting is 16 KB (16,384 bytes).\n\n> You are charged additional fees when your protected resources forward body sizes that are larger than the default. For more information, see [AWS WAF Pricing](https://docs.aws.amazon.com/waf/pricing/) . \n\nFor Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).", - "title": "AssociationConfig" - }, - "CaptchaConfig": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.CaptchaConfig", - "markdownDescription": "Specifies how AWS WAF should handle `CAPTCHA` evaluations for rules that don't have their own `CaptchaConfig` settings. If you don't specify this, AWS WAF uses its default settings for `CaptchaConfig` .", - "title": "CaptchaConfig" - }, - "ChallengeConfig": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ChallengeConfig", - "markdownDescription": "Specifies how AWS WAF should handle challenge evaluations for rules that don't have their own `ChallengeConfig` settings. If you don't specify this, AWS WAF uses its default settings for `ChallengeConfig` .", - "title": "ChallengeConfig" - }, - "CustomResponseBodies": { - "additionalProperties": false, - "markdownDescription": "A map of custom response keys and content bodies. When you create a rule with a block action, you can send a custom response to the web request. You define these for the web ACL, and then use them in the rules and default actions that you define in the web ACL.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomResponseBody" - } - }, - "title": "CustomResponseBodies", - "type": "object" - }, - "DefaultAction": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.DefaultAction", - "markdownDescription": "The action to perform if none of the `Rules` contained in the `WebACL` match.", - "title": "DefaultAction" - }, - "Description": { - "markdownDescription": "A description of the web ACL that helps with identification.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the web ACL. You cannot change the name of a web ACL after you create it.", - "title": "Name", + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource to associate with the web ACL.\n\nThe ARN must be in one of the following formats:\n\n- For an Application Load Balancer: `arn: *partition* :elasticloadbalancing: *region* : *account-id* :loadbalancer/app/ *load-balancer-name* / *load-balancer-id*`\n- For an Amazon API Gateway REST API: `arn: *partition* :apigateway: *region* ::/restapis/ *api-id* /stages/ *stage-name*`\n- For an AWS AppSync GraphQL API: `arn: *partition* :appsync: *region* : *account-id* :apis/ *GraphQLApiId*`\n- For an Amazon Cognito user pool: `arn: *partition* :cognito-idp: *region* : *account-id* :userpool/ *user-pool-id*`\n- For an AWS App Runner service: `arn: *partition* :apprunner: *region* : *account-id* :service/ *apprunner-service-name* / *apprunner-service-id*`\n- For an AWS Verified Access instance: `arn: *partition* :ec2: *region* : *account-id* :verified-access-instance/ *instance-id*`\n- For an AWS Amplify instance: `arn: *partition* :amplify: *region* : *account-id* :apps/ *app-id*`", + "title": "ResourceArn", "type": "string" }, - "Rules": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.Rule" - }, - "markdownDescription": "The rule statements used to identify the web requests that you want to manage. Each rule includes one top-level statement that AWS WAF uses to identify matching web requests, and parameters that govern how AWS WAF handles them.", - "title": "Rules", - "type": "array" - }, - "Scope": { - "markdownDescription": "Specifies whether this is for an Amazon CloudFront distribution or for a regional application. For an AWS Amplify application, use `CLOUDFRONT` . A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AWS AppSync GraphQL API, an Amazon Cognito user pool, an AWS App Runner service, or an AWS Verified Access instance. Valid Values are `CLOUDFRONT` and `REGIONAL` .\n\n> For `CLOUDFRONT` , you must create your WAFv2 resources in the US East (N. Virginia) Region, `us-east-1` . \n\nFor information about how to define the association of the web ACL with your resource, see `WebACLAssociation` .", - "title": "Scope", + "WebACLArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the web ACL that you want to associate with the resource.", + "title": "WebACLArn", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.\n\n> To modify tags on existing resources, use the AWS WAF APIs or command line interface. With AWS CloudFormation , you can only add tags to AWS WAF resources during resource creation.", - "title": "Tags", - "type": "array" - }, - "TokenDomains": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the domains that AWS WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When AWS WAF provides a token, it uses the domain of the AWS resource that the web ACL is protecting. If you don't specify a list of token domains, AWS WAF accepts tokens only for the domain of the protected resource. With a token domain list, AWS WAF accepts the resource's host domain plus all domains in the token domain list, including their prefixed subdomains.", - "title": "TokenDomains", - "type": "array" - }, - "VisibilityConfig": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.VisibilityConfig", - "markdownDescription": "Defines and enables Amazon CloudWatch metrics and web request sample collection.", - "title": "VisibilityConfig" } }, "required": [ - "DefaultAction", - "Scope", - "VisibilityConfig" + "ResourceArn", + "WebACLArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::WAFv2::WebACL" + "AWS::WAFv2::WebACLAssociation" ], "type": "string" }, @@ -269592,1937 +321860,2407 @@ ], "type": "object" }, - "AWS::WAFv2::WebACL.AWSManagedRulesACFPRuleSet": { + "AWS::Wisdom::AIAgent": { "additionalProperties": false, "properties": { - "CreationPath": { - "markdownDescription": "The path of the account creation endpoint for your application. This is the page on your website that accepts the completed registration form for a new user. This page must accept `POST` requests.\n\nFor example, for the URL `https://example.com/web/newaccount` , you would provide the path `/web/newaccount` . Account creation page paths that start with the path that you provide are considered a match. For example `/web/newaccount` matches the account creation paths `/web/newaccount` , `/web/newaccount/` , `/web/newaccountPage` , and `/web/newaccount/thisPage` , but doesn't match the path `/home/web/newaccount` or `/website/newaccount` .", - "title": "CreationPath", + "Condition": { "type": "string" }, - "EnableRegexInPath": { - "markdownDescription": "Allow the use of regular expressions in the registration page path and the account creation path.", - "title": "EnableRegexInPath", - "type": "boolean" - }, - "RegistrationPagePath": { - "markdownDescription": "The path of the account registration endpoint for your application. This is the page on your website that presents the registration form to new users.\n\n> This page must accept `GET` text/html requests. \n\nFor example, for the URL `https://example.com/web/registration` , you would provide the path `/web/registration` . Registration page paths that start with the path that you provide are considered a match. For example `/web/registration` matches the registration paths `/web/registration` , `/web/registration/` , `/web/registrationPage` , and `/web/registration/thisPage` , but doesn't match the path `/home/web/registration` or `/website/registration` .", - "title": "RegistrationPagePath", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "RequestInspection": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RequestInspectionACFP", - "markdownDescription": "The criteria for inspecting account creation requests, used by the ACFP rule group to validate and track account creation attempts.", - "title": "RequestInspection" - }, - "ResponseInspection": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspection", - "markdownDescription": "The criteria for inspecting responses to account creation requests, used by the ACFP rule group to track account creation success rates.\n\n> Response inspection is available only in web ACLs that protect Amazon CloudFront distributions. \n\nThe ACFP rule group evaluates the responses that your protected resources send back to client account creation attempts, keeping count of successful and failed attempts from each IP address and client session. Using this information, the rule group labels and mitigates requests from client sessions and IP addresses that have had too many successful account creation attempts in a short amount of time.", - "title": "ResponseInspection" - } - }, - "required": [ - "CreationPath", - "RegistrationPagePath", - "RequestInspection" - ], - "type": "object" - }, - "AWS::WAFv2::WebACL.AWSManagedRulesATPRuleSet": { - "additionalProperties": false, - "properties": { - "EnableRegexInPath": { - "markdownDescription": "Allow the use of regular expressions in the login page path.", - "title": "EnableRegexInPath", - "type": "boolean" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "LoginPath": { - "markdownDescription": "The path of the login endpoint for your application. For example, for the URL `https://example.com/web/login` , you would provide the path `/web/login` . Login paths that start with the path that you provide are considered a match. For example `/web/login` matches the login paths `/web/login` , `/web/login/` , `/web/loginPage` , and `/web/login/thisPage` , but doesn't match the login path `/home/web/login` or `/website/login` .\n\nThe rule group inspects only HTTP `POST` requests to your specified login endpoint.", - "title": "LoginPath", - "type": "string" + "Metadata": { + "type": "object" }, - "RequestInspection": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RequestInspection", - "markdownDescription": "The criteria for inspecting login requests, used by the ATP rule group to validate credentials usage.", - "title": "RequestInspection" + "Properties": { + "additionalProperties": false, + "properties": { + "AssistantId": { + "markdownDescription": "The identifier of the Amazon Q in Connect assistant. Can be either the ID or the ARN. URLs cannot contain the ARN.", + "title": "AssistantId", + "type": "string" + }, + "Configuration": { + "$ref": "#/definitions/AWS::Wisdom::AIAgent.AIAgentConfiguration", + "markdownDescription": "Configuration for the AI Agent.", + "title": "Configuration" + }, + "Description": { + "markdownDescription": "The description of the AI Agent.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the AI Agent.", + "title": "Name", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "Type": { + "markdownDescription": "The type of the AI Agent.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "AssistantId", + "Configuration", + "Type" + ], + "type": "object" }, - "ResponseInspection": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspection", - "markdownDescription": "The criteria for inspecting responses to login requests, used by the ATP rule group to track login failure rates.\n\n> Response inspection is available only in web ACLs that protect Amazon CloudFront distributions. \n\nThe ATP rule group evaluates the responses that your protected resources send back to client login attempts, keeping count of successful and failed attempts for each IP address and client session. Using this information, the rule group labels and mitigates requests from client sessions and IP addresses that have had too many failed login attempts in a short amount of time.", - "title": "ResponseInspection" - } - }, - "required": [ - "LoginPath" - ], - "type": "object" - }, - "AWS::WAFv2::WebACL.AWSManagedRulesBotControlRuleSet": { - "additionalProperties": false, - "properties": { - "EnableMachineLearning": { - "markdownDescription": "Applies only to the targeted inspection level.\n\nDetermines whether to use machine learning (ML) to analyze your web traffic for bot-related activity. Machine learning is required for the Bot Control rules `TGT_ML_CoordinatedActivityLow` and `TGT_ML_CoordinatedActivityMedium` , which\ninspect for anomalous behavior that might indicate distributed, coordinated bot activity.\n\nFor more information about this choice, see the listing for these rules in the table at [Bot Control rules listing](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html#aws-managed-rule-groups-bot-rules) in the *AWS WAF Developer Guide* .\n\nDefault: `TRUE`", - "title": "EnableMachineLearning", - "type": "boolean" + "Type": { + "enum": [ + "AWS::Wisdom::AIAgent" + ], + "type": "string" }, - "InspectionLevel": { - "markdownDescription": "The inspection level to use for the Bot Control rule group. The common level is the least expensive. The targeted level includes all common level rules and adds rules with more advanced inspection criteria. For details, see [AWS WAF Bot Control rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html) in the *AWS WAF Developer Guide* .", - "title": "InspectionLevel", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "InspectionLevel" - ], - "type": "object" - }, - "AWS::WAFv2::WebACL.AllowAction": { - "additionalProperties": false, - "properties": { - "CustomRequestHandling": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomRequestHandling", - "markdownDescription": "Defines custom handling for the web request.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", - "title": "CustomRequestHandling" - } - }, - "type": "object" - }, - "AWS::WAFv2::WebACL.AndStatement": { - "additionalProperties": false, - "properties": { - "Statements": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.Statement" - }, - "markdownDescription": "The statements to combine with AND logic. You can use any statements that can be nested.", - "title": "Statements", - "type": "array" - } - }, - "required": [ - "Statements" + "Type", + "Properties" ], "type": "object" }, - "AWS::WAFv2::WebACL.AssociationConfig": { - "additionalProperties": false, - "properties": { - "RequestBody": { - "additionalProperties": false, - "markdownDescription": "Customizes the maximum size of the request body that your protected CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access resources forward to AWS WAF for inspection. The default size is 16 KB (16,384 bytes). You can change the setting for any of the available resource types.\n\n> You are charged additional fees when your protected resources forward body sizes that are larger than the default. For more information, see [AWS WAF Pricing](https://docs.aws.amazon.com/waf/pricing/) . \n\nExample JSON: `{ \"API_GATEWAY\": \"KB_48\", \"APP_RUNNER_SERVICE\": \"KB_32\" }`\n\nFor Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RequestBodyAssociatedResourceTypeConfig" - } - }, - "title": "RequestBody", - "type": "object" - } - }, - "type": "object" - }, - "AWS::WAFv2::WebACL.BlockAction": { - "additionalProperties": false, - "properties": { - "CustomResponse": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomResponse", - "markdownDescription": "Defines a custom response for the web request.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", - "title": "CustomResponse" - } - }, - "type": "object" - }, - "AWS::WAFv2::WebACL.Body": { + "AWS::Wisdom::AIAgent.AIAgentConfiguration": { "additionalProperties": false, "properties": { - "OversizeHandling": { - "markdownDescription": "What AWS WAF should do if the body is larger than AWS WAF can inspect.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n- For AWS Amplify , use the CloudFront limit.\n\nThe options for oversize handling are the following:\n\n- `CONTINUE` - Inspect the available body contents normally, according to the rule inspection criteria.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.\n\nYou can combine the `MATCH` or `NO_MATCH` settings for oversize handling with your rule and web ACL action settings, so that you block any request whose body is over the limit.\n\nDefault: `CONTINUE`", - "title": "OversizeHandling", - "type": "string" + "AnswerRecommendationAIAgentConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::AIAgent.AnswerRecommendationAIAgentConfiguration", + "markdownDescription": "The configuration for AI Agents of type `ANSWER_RECOMMENDATION` .", + "title": "AnswerRecommendationAIAgentConfiguration" + }, + "ManualSearchAIAgentConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::AIAgent.ManualSearchAIAgentConfiguration", + "markdownDescription": "The configuration for AI Agents of type `MANUAL_SEARCH` .", + "title": "ManualSearchAIAgentConfiguration" + }, + "SelfServiceAIAgentConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::AIAgent.SelfServiceAIAgentConfiguration", + "markdownDescription": "The self-service AI agent configuration.", + "title": "SelfServiceAIAgentConfiguration" } }, "type": "object" }, - "AWS::WAFv2::WebACL.ByteMatchStatement": { + "AWS::Wisdom::AIAgent.AnswerRecommendationAIAgentConfiguration": { "additionalProperties": false, "properties": { - "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToMatch", - "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", - "title": "FieldToMatch" - }, - "PositionalConstraint": { - "markdownDescription": "The area within the portion of the web request that you want AWS WAF to search for `SearchString` . Valid values include the following:\n\n*CONTAINS*\n\nThe specified part of the web request must include the value of `SearchString` , but the location doesn't matter.\n\n*CONTAINS_WORD*\n\nThe specified part of the web request must include the value of `SearchString` , and `SearchString` must contain only alphanumeric characters or underscore (A-Z, a-z, 0-9, or _). In addition, `SearchString` must be a word, which means that both of the following are true:\n\n- `SearchString` is at the beginning of the specified part of the web request or is preceded by a character other than an alphanumeric character or underscore (_). Examples include the value of a header and `;BadBot` .\n- `SearchString` is at the end of the specified part of the web request or is followed by a character other than an alphanumeric character or underscore (_), for example, `BadBot;` and `-BadBot;` .\n\n*EXACTLY*\n\nThe value of the specified part of the web request must exactly match the value of `SearchString` .\n\n*STARTS_WITH*\n\nThe value of `SearchString` must appear at the beginning of the specified part of the web request.\n\n*ENDS_WITH*\n\nThe value of `SearchString` must appear at the end of the specified part of the web request.", - "title": "PositionalConstraint", - "type": "string" - }, - "SearchString": { - "markdownDescription": "A string value that you want AWS WAF to search for. AWS WAF searches only in the part of web requests that you designate for inspection in `FieldToMatch` . The maximum length of the value is 200 bytes. For alphabetic characters A-Z and a-z, the value is case sensitive.\n\nDon't encode this string. Provide the value that you want AWS WAF to search for. AWS CloudFormation automatically base64 encodes the value for you.\n\nFor example, suppose the value of `Type` is `HEADER` and the value of `Data` is `User-Agent` . If you want to search the `User-Agent` header for the value `BadBot` , you provide the string `BadBot` in the value of `SearchString` .\n\nYou must specify either `SearchString` or `SearchStringBase64` in a `ByteMatchStatement` .", - "title": "SearchString", + "AnswerGenerationAIGuardrailId": { + "markdownDescription": "The ID of the answer generation AI guardrail.", + "title": "AnswerGenerationAIGuardrailId", "type": "string" }, - "SearchStringBase64": { - "markdownDescription": "String to search for in a web request component, base64-encoded. If you don't want to encode the string, specify the unencoded value in `SearchString` instead.\n\nYou must specify either `SearchString` or `SearchStringBase64` in a `ByteMatchStatement` .", - "title": "SearchStringBase64", + "AnswerGenerationAIPromptId": { + "markdownDescription": "The AI Prompt identifier for the Answer Generation prompt used by the `ANSWER_RECOMMENDATION` AI Agent.", + "title": "AnswerGenerationAIPromptId", "type": "string" }, - "TextTransformations": { + "AssociationConfigurations": { "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" + "$ref": "#/definitions/AWS::Wisdom::AIAgent.AssociationConfiguration" }, - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", - "title": "TextTransformations", + "markdownDescription": "The association configurations for overriding behavior on this AI Agent.", + "title": "AssociationConfigurations", "type": "array" + }, + "IntentLabelingGenerationAIPromptId": { + "markdownDescription": "The AI Prompt identifier for the Intent Labeling prompt used by the `ANSWER_RECOMMENDATION` AI Agent.", + "title": "IntentLabelingGenerationAIPromptId", + "type": "string" + }, + "Locale": { + "markdownDescription": "The locale to which specifies the language and region settings that determine the response language for [QueryAssistant](https://docs.aws.amazon.com/connect/latest/APIReference/API_amazon-q-connect_QueryAssistant.html) .", + "title": "Locale", + "type": "string" + }, + "QueryReformulationAIPromptId": { + "markdownDescription": "The AI Prompt identifier for the Query Reformulation prompt used by the `ANSWER_RECOMMENDATION` AI Agent.", + "title": "QueryReformulationAIPromptId", + "type": "string" } }, - "required": [ - "FieldToMatch", - "PositionalConstraint", - "TextTransformations" - ], "type": "object" }, - "AWS::WAFv2::WebACL.CaptchaAction": { + "AWS::Wisdom::AIAgent.AssociationConfiguration": { "additionalProperties": false, "properties": { - "CustomRequestHandling": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomRequestHandling", - "markdownDescription": "Defines custom handling for the web request, used when the `CAPTCHA` inspection determines that the request's token is valid and unexpired.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", - "title": "CustomRequestHandling" + "AssociationConfigurationData": { + "$ref": "#/definitions/AWS::Wisdom::AIAgent.AssociationConfigurationData", + "markdownDescription": "A typed union of the data of the configuration for an Amazon Q in Connect Assistant Association.", + "title": "AssociationConfigurationData" + }, + "AssociationId": { + "markdownDescription": "The identifier of the association for this Association Configuration.", + "title": "AssociationId", + "type": "string" + }, + "AssociationType": { + "markdownDescription": "The type of the association for this Association Configuration.", + "title": "AssociationType", + "type": "string" } }, "type": "object" }, - "AWS::WAFv2::WebACL.CaptchaConfig": { + "AWS::Wisdom::AIAgent.AssociationConfigurationData": { "additionalProperties": false, "properties": { - "ImmunityTimeProperty": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ImmunityTimeProperty", - "markdownDescription": "Determines how long a `CAPTCHA` timestamp in the token remains valid after the client successfully solves a `CAPTCHA` puzzle.", - "title": "ImmunityTimeProperty" + "KnowledgeBaseAssociationConfigurationData": { + "$ref": "#/definitions/AWS::Wisdom::AIAgent.KnowledgeBaseAssociationConfigurationData", + "markdownDescription": "The data of the configuration for a `KNOWLEDGE_BASE` type Amazon Q in Connect Assistant Association.", + "title": "KnowledgeBaseAssociationConfigurationData" } }, + "required": [ + "KnowledgeBaseAssociationConfigurationData" + ], "type": "object" }, - "AWS::WAFv2::WebACL.ChallengeAction": { + "AWS::Wisdom::AIAgent.KnowledgeBaseAssociationConfigurationData": { "additionalProperties": false, "properties": { - "CustomRequestHandling": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomRequestHandling", - "markdownDescription": "Defines custom handling for the web request, used when the challenge inspection determines that the request's token is valid and unexpired.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the [AWS WAF developer guide](https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html) .", - "title": "CustomRequestHandling" + "ContentTagFilter": { + "$ref": "#/definitions/AWS::Wisdom::AIAgent.TagFilter", + "markdownDescription": "An object that can be used to specify Tag conditions.", + "title": "ContentTagFilter" + }, + "MaxResults": { + "markdownDescription": "The maximum number of results to return per page.", + "title": "MaxResults", + "type": "number" + }, + "OverrideKnowledgeBaseSearchType": { + "markdownDescription": "", + "title": "OverrideKnowledgeBaseSearchType", + "type": "string" } }, "type": "object" }, - "AWS::WAFv2::WebACL.ChallengeConfig": { + "AWS::Wisdom::AIAgent.ManualSearchAIAgentConfiguration": { "additionalProperties": false, "properties": { - "ImmunityTimeProperty": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ImmunityTimeProperty", - "markdownDescription": "Determines how long a challenge timestamp in the token remains valid after the client successfully responds to a challenge.", - "title": "ImmunityTimeProperty" + "AnswerGenerationAIGuardrailId": { + "markdownDescription": "The ID of the answer generation AI guardrail.", + "title": "AnswerGenerationAIGuardrailId", + "type": "string" + }, + "AnswerGenerationAIPromptId": { + "markdownDescription": "The AI Prompt identifier for the Answer Generation prompt used by the `ANSWER_RECOMMENDATION` AI Agent.", + "title": "AnswerGenerationAIPromptId", + "type": "string" + }, + "AssociationConfigurations": { + "items": { + "$ref": "#/definitions/AWS::Wisdom::AIAgent.AssociationConfiguration" + }, + "markdownDescription": "The association configurations for overriding behavior on this AI Agent.", + "title": "AssociationConfigurations", + "type": "array" + }, + "Locale": { + "markdownDescription": "The locale to which specifies the language and region settings that determine the response language for [QueryAssistant](https://docs.aws.amazon.com/connect/latest/APIReference/API_amazon-q-connect_QueryAssistant.html) .", + "title": "Locale", + "type": "string" } }, "type": "object" }, - "AWS::WAFv2::WebACL.CookieMatchPattern": { + "AWS::Wisdom::AIAgent.OrCondition": { "additionalProperties": false, "properties": { - "All": { - "markdownDescription": "Inspect all cookies.", - "title": "All", - "type": "object" - }, - "ExcludedCookies": { + "AndConditions": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Wisdom::AIAgent.TagCondition" }, - "markdownDescription": "Inspect only the cookies whose keys don't match any of the strings specified here.", - "title": "ExcludedCookies", + "markdownDescription": "", + "title": "AndConditions", "type": "array" }, - "IncludedCookies": { - "items": { - "type": "string" - }, - "markdownDescription": "Inspect only the cookies that have a key that matches one of the strings specified here.", - "title": "IncludedCookies", - "type": "array" + "TagCondition": { + "$ref": "#/definitions/AWS::Wisdom::AIAgent.TagCondition", + "markdownDescription": "A leaf node condition which can be used to specify a tag condition.", + "title": "TagCondition" } }, "type": "object" }, - "AWS::WAFv2::WebACL.Cookies": { + "AWS::Wisdom::AIAgent.SelfServiceAIAgentConfiguration": { "additionalProperties": false, "properties": { - "MatchPattern": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.CookieMatchPattern", - "markdownDescription": "The filter to use to identify the subset of cookies to inspect in a web request.\n\nYou must specify exactly one setting: either `All` , `IncludedCookies` , or `ExcludedCookies` .\n\nExample JSON: `\"MatchPattern\": { \"IncludedCookies\": [ \"session-id-time\", \"session-id\" ] }`", - "title": "MatchPattern" + "AssociationConfigurations": { + "items": { + "$ref": "#/definitions/AWS::Wisdom::AIAgent.AssociationConfiguration" + }, + "markdownDescription": "The association configuration of the self-service AI agent.", + "title": "AssociationConfigurations", + "type": "array" }, - "MatchScope": { - "markdownDescription": "The parts of the cookies to inspect with the rule inspection criteria. If you specify `ALL` , AWS WAF inspects both keys and values.\n\n`All` does not require a match to be found in the keys and a match to be found in the values. It requires a match to be found in the keys or the values or both. To require a match in the keys and in the values, use a logical `AND` statement to combine two match rules, one that inspects the keys and another that inspects the values.", - "title": "MatchScope", + "SelfServiceAIGuardrailId": { + "markdownDescription": "The ID of the self-service AI guardrail.", + "title": "SelfServiceAIGuardrailId", "type": "string" }, - "OversizeHandling": { - "markdownDescription": "What AWS WAF should do if the cookies of the request are more numerous or larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF .\n\nThe options for oversize handling are the following:\n\n- `CONTINUE` - Inspect the available cookies normally, according to the rule inspection criteria.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", - "title": "OversizeHandling", + "SelfServiceAnswerGenerationAIPromptId": { + "markdownDescription": "The ID of the self-service answer generation AI prompt.", + "title": "SelfServiceAnswerGenerationAIPromptId", + "type": "string" + }, + "SelfServicePreProcessingAIPromptId": { + "markdownDescription": "The ID of the self-service preprocessing AI prompt.", + "title": "SelfServicePreProcessingAIPromptId", "type": "string" - } - }, - "required": [ - "MatchPattern", - "MatchScope", - "OversizeHandling" - ], - "type": "object" - }, - "AWS::WAFv2::WebACL.CountAction": { - "additionalProperties": false, - "properties": { - "CustomRequestHandling": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomRequestHandling", - "markdownDescription": "Defines custom handling for the web request.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", - "title": "CustomRequestHandling" } }, "type": "object" }, - "AWS::WAFv2::WebACL.CustomHTTPHeader": { + "AWS::Wisdom::AIAgent.TagCondition": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the custom header.\n\nFor custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name `x-amzn-waf-` , to avoid confusion with the headers that are already in the request. For example, for the header name `sample` , AWS WAF inserts the header `x-amzn-waf-sample` .", - "title": "Name", + "Key": { + "markdownDescription": "The tag key in the tag condition.", + "title": "Key", "type": "string" }, "Value": { - "markdownDescription": "The value of the custom header.", + "markdownDescription": "The tag value in the tag condition.", "title": "Value", "type": "string" } }, "required": [ - "Name", - "Value" + "Key" ], "type": "object" }, - "AWS::WAFv2::WebACL.CustomRequestHandling": { + "AWS::Wisdom::AIAgent.TagFilter": { "additionalProperties": false, "properties": { - "InsertHeaders": { + "AndConditions": { "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomHTTPHeader" + "$ref": "#/definitions/AWS::Wisdom::AIAgent.TagCondition" }, - "markdownDescription": "The HTTP headers to insert into the request. Duplicate header names are not allowed.\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", - "title": "InsertHeaders", + "markdownDescription": "A list of conditions which would be applied together with an `AND` condition.", + "title": "AndConditions", + "type": "array" + }, + "OrConditions": { + "items": { + "$ref": "#/definitions/AWS::Wisdom::AIAgent.OrCondition" + }, + "markdownDescription": "A list of conditions which would be applied together with an `OR` condition.", + "title": "OrConditions", "type": "array" + }, + "TagCondition": { + "$ref": "#/definitions/AWS::Wisdom::AIAgent.TagCondition", + "markdownDescription": "A leaf node condition which can be used to specify a tag condition.", + "title": "TagCondition" } }, - "required": [ - "InsertHeaders" - ], "type": "object" }, - "AWS::WAFv2::WebACL.CustomResponse": { + "AWS::Wisdom::AIAgentVersion": { "additionalProperties": false, "properties": { - "CustomResponseBodyKey": { - "markdownDescription": "References the response body that you want AWS WAF to return to the web request client. You can define a custom response for a rule action or a default web ACL action that is set to block. To do this, you first define the response body key and value in the `CustomResponseBodies` setting for the `WebACL` or `RuleGroup` where you want to use it. Then, in the rule action or web ACL default action `BlockAction` setting, you reference the response body using this key.", - "title": "CustomResponseBodyKey", + "Condition": { "type": "string" }, - "ResponseCode": { - "markdownDescription": "The HTTP status code to return to the client.\n\nFor a list of status codes that you can use in your custom responses, see [Supported status codes for custom response](https://docs.aws.amazon.com/waf/latest/developerguide/customizing-the-response-status-codes.html) in the *AWS WAF Developer Guide* .", - "title": "ResponseCode", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ResponseHeaders": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomHTTPHeader" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AIAgentId": { + "markdownDescription": "The identifier of the AI Agent.", + "title": "AIAgentId", + "type": "string" + }, + "AssistantId": { + "markdownDescription": "", + "title": "AssistantId", + "type": "string" + }, + "ModifiedTimeSeconds": { + "markdownDescription": "The time the AI Agent version was last modified in seconds.", + "title": "ModifiedTimeSeconds", + "type": "number" + } }, - "markdownDescription": "The HTTP headers to use in the response. You can specify any header name except for `content-type` . Duplicate header names are not allowed.\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", - "title": "ResponseHeaders", - "type": "array" + "required": [ + "AIAgentId", + "AssistantId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Wisdom::AIAgentVersion" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "ResponseCode" + "Type", + "Properties" ], "type": "object" }, - "AWS::WAFv2::WebACL.CustomResponseBody": { + "AWS::Wisdom::AIGuardrail": { "additionalProperties": false, "properties": { - "Content": { - "markdownDescription": "The payload of the custom response.\n\nYou can use JSON escape strings in JSON content. To do this, you must specify JSON content in the `ContentType` setting.\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", - "title": "Content", + "Condition": { "type": "string" }, - "ContentType": { - "markdownDescription": "The type of content in the payload that you are defining in the `Content` string.", - "title": "ContentType", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AssistantId": { + "markdownDescription": "The identifier of the Amazon Q in Connect assistant. Can be either the ID or the ARN. URLs cannot contain the ARN.", + "title": "AssistantId", + "type": "string" + }, + "BlockedInputMessaging": { + "markdownDescription": "The message to return when the AI Guardrail blocks a prompt.", + "title": "BlockedInputMessaging", + "type": "string" + }, + "BlockedOutputsMessaging": { + "markdownDescription": "The message to return when the AI Guardrail blocks a model response.", + "title": "BlockedOutputsMessaging", + "type": "string" + }, + "ContentPolicyConfig": { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrail.AIGuardrailContentPolicyConfig", + "markdownDescription": "Contains details about how to handle harmful content.", + "title": "ContentPolicyConfig" + }, + "ContextualGroundingPolicyConfig": { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrail.AIGuardrailContextualGroundingPolicyConfig", + "markdownDescription": "The policy configuration details for the AI Guardrail's contextual grounding policy.", + "title": "ContextualGroundingPolicyConfig" + }, + "Description": { + "markdownDescription": "A description of the AI Guardrail.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the AI Guardrail.", + "title": "Name", + "type": "string" + }, + "SensitiveInformationPolicyConfig": { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrail.AIGuardrailSensitiveInformationPolicyConfig", + "markdownDescription": "Contains details about PII entities and regular expressions to configure for the AI Guardrail.", + "title": "SensitiveInformationPolicyConfig" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "TopicPolicyConfig": { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrail.AIGuardrailTopicPolicyConfig", + "markdownDescription": "Contains details about topics that the AI Guardrail should identify and deny.", + "title": "TopicPolicyConfig" + }, + "WordPolicyConfig": { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrail.AIGuardrailWordPolicyConfig", + "markdownDescription": "Contains details about the word policy to configured for the AI Guardrail.", + "title": "WordPolicyConfig" + } + }, + "required": [ + "AssistantId", + "BlockedInputMessaging", + "BlockedOutputsMessaging" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Wisdom::AIGuardrail" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Content", - "ContentType" + "Type", + "Properties" ], "type": "object" }, - "AWS::WAFv2::WebACL.DefaultAction": { + "AWS::Wisdom::AIGuardrail.AIGuardrailContentPolicyConfig": { "additionalProperties": false, "properties": { - "Allow": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.AllowAction", - "markdownDescription": "Specifies that AWS WAF should allow requests by default.", - "title": "Allow" - }, - "Block": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.BlockAction", - "markdownDescription": "Specifies that AWS WAF should block requests by default.", - "title": "Block" + "FiltersConfig": { + "items": { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrail.GuardrailContentFilterConfig" + }, + "markdownDescription": "List of content filter configurations in a content policy.", + "title": "FiltersConfig", + "type": "array" } }, + "required": [ + "FiltersConfig" + ], "type": "object" }, - "AWS::WAFv2::WebACL.ExcludedRule": { + "AWS::Wisdom::AIGuardrail.AIGuardrailContextualGroundingPolicyConfig": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the rule whose action you want to override to `Count` .", - "title": "Name", - "type": "string" + "FiltersConfig": { + "items": { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrail.GuardrailContextualGroundingFilterConfig" + }, + "markdownDescription": "List of contextual grounding filter configs.", + "title": "FiltersConfig", + "type": "array" } }, "required": [ - "Name" + "FiltersConfig" ], "type": "object" }, - "AWS::WAFv2::WebACL.FieldIdentifier": { + "AWS::Wisdom::AIGuardrail.AIGuardrailSensitiveInformationPolicyConfig": { "additionalProperties": false, "properties": { - "Identifier": { - "markdownDescription": "The name of the field.\n\nWhen the `PayloadType` in the request inspection is `JSON` , this identifier must be in JSON pointer syntax. For example `/form/username` . For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nWhen the `PayloadType` is `FORM_ENCODED` , use the HTML form names. For example, `username` .\n\nFor more information, see the descriptions for each field type in the request inspection properties.", - "title": "Identifier", - "type": "string" + "PiiEntitiesConfig": { + "items": { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrail.GuardrailPiiEntityConfig" + }, + "markdownDescription": "List of entities.", + "title": "PiiEntitiesConfig", + "type": "array" + }, + "RegexesConfig": { + "items": { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrail.GuardrailRegexConfig" + }, + "markdownDescription": "List of regex.", + "title": "RegexesConfig", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Wisdom::AIGuardrail.AIGuardrailTopicPolicyConfig": { + "additionalProperties": false, + "properties": { + "TopicsConfig": { + "items": { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrail.GuardrailTopicConfig" + }, + "markdownDescription": "List of topic configs in topic policy.", + "title": "TopicsConfig", + "type": "array" } }, "required": [ - "Identifier" + "TopicsConfig" ], "type": "object" }, - "AWS::WAFv2::WebACL.FieldToMatch": { + "AWS::Wisdom::AIGuardrail.AIGuardrailWordPolicyConfig": { "additionalProperties": false, "properties": { - "AllQueryArguments": { - "markdownDescription": "Inspect all query arguments.", - "title": "AllQueryArguments", - "type": "object" - }, - "Body": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.Body", - "markdownDescription": "Inspect the request body as plain text. The request body immediately follows the request headers. This is the part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n- For AWS Amplify , use the CloudFront limit.\n\nFor information about how to handle oversized request bodies, see the `Body` object configuration.", - "title": "Body" - }, - "Cookies": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.Cookies", - "markdownDescription": "Inspect the request cookies. You must configure scope and pattern matching filters in the `Cookies` object, to define the set of cookies and the parts of the cookies that AWS WAF inspects.\n\nOnly the first 8 KB (8192 bytes) of a request's cookies and only the first 200 cookies are forwarded to AWS WAF for inspection by the underlying host service. You must configure how to handle any oversize cookie content in the `Cookies` object. AWS WAF applies the pattern matching filters to the cookies that it receives from the underlying host service.", - "title": "Cookies" - }, - "Headers": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.Headers", - "markdownDescription": "Inspect the request headers. You must configure scope and pattern matching filters in the `Headers` object, to define the set of headers to and the parts of the headers that AWS WAF inspects.\n\nOnly the first 8 KB (8192 bytes) of a request's headers and only the first 200 headers are forwarded to AWS WAF for inspection by the underlying host service. You must configure how to handle any oversize header content in the `Headers` object. AWS WAF applies the pattern matching filters to the headers that it receives from the underlying host service.", - "title": "Headers" - }, - "JA3Fingerprint": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.JA3Fingerprint", - "markdownDescription": "Available for use with Amazon CloudFront distributions and Application Load Balancers. Match against the request's JA3 fingerprint. The JA3 fingerprint is a 32-character hash derived from the TLS Client Hello of an incoming request. This fingerprint serves as a unique identifier for the client's TLS configuration. AWS WAF calculates and logs this fingerprint for each request that has enough TLS Client Hello information for the calculation. Almost all web requests include this information.\n\n> You can use this choice only with a string match `ByteMatchStatement` with the `PositionalConstraint` set to `EXACTLY` . \n\nYou can obtain the JA3 fingerprint for client requests from the web ACL logs. If AWS WAF is able to calculate the fingerprint, it includes it in the logs. For information about the logging fields, see [Log fields](https://docs.aws.amazon.com/waf/latest/developerguide/logging-fields.html) in the *AWS WAF Developer Guide* .\n\nProvide the JA3 fingerprint string from the logs in your string match statement specification, to match with any future requests that have the same TLS configuration.", - "title": "JA3Fingerprint" - }, - "JsonBody": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.JsonBody", - "markdownDescription": "Inspect the request body as JSON. The request body immediately follows the request headers. This is the part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n- For AWS Amplify , use the CloudFront limit.\n\nFor information about how to handle oversized request bodies, see the `JsonBody` object configuration.", - "title": "JsonBody" - }, - "Method": { - "markdownDescription": "Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.", - "title": "Method", - "type": "object" - }, - "QueryString": { - "markdownDescription": "Inspect the query string. This is the part of a URL that appears after a `?` character, if any.", - "title": "QueryString", - "type": "object" - }, - "SingleHeader": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.SingleHeader", - "markdownDescription": "Inspect a single header. Provide the name of the header to inspect, for example, `User-Agent` or `Referer` . This setting isn't case sensitive.\n\nExample JSON: `\"SingleHeader\": { \"Name\": \"haystack\" }`\n\nAlternately, you can filter and inspect all headers with the `Headers` `FieldToMatch` setting.", - "title": "SingleHeader" - }, - "SingleQueryArgument": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.SingleQueryArgument", - "markdownDescription": "Inspect a single query argument. Provide the name of the query argument to inspect, such as *UserName* or *SalesRegion* . The name can be up to 30 characters long and isn't case sensitive.\n\nExample JSON: `\"SingleQueryArgument\": { \"Name\": \"myArgument\" }`", - "title": "SingleQueryArgument" + "ManagedWordListsConfig": { + "items": { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrail.GuardrailManagedWordsConfig" + }, + "markdownDescription": "A config for the list of managed words.", + "title": "ManagedWordListsConfig", + "type": "array" }, - "UriPath": { - "markdownDescription": "Inspect the request URI path. This is the part of the web request that identifies a resource, for example, `/images/daily-ad.jpg` .", - "title": "UriPath", - "type": "object" + "WordsConfig": { + "items": { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrail.GuardrailWordConfig" + }, + "markdownDescription": "List of custom word configurations.", + "title": "WordsConfig", + "type": "array" } }, "type": "object" }, - "AWS::WAFv2::WebACL.ForwardedIPConfiguration": { + "AWS::Wisdom::AIGuardrail.GuardrailContentFilterConfig": { "additionalProperties": false, "properties": { - "FallbackBehavior": { - "markdownDescription": "The match status to assign to the web request if the request doesn't have a valid IP address in the specified position.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. \n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", - "title": "FallbackBehavior", + "InputStrength": { + "markdownDescription": "The strength of the input for the guardrail content filter.", + "title": "InputStrength", "type": "string" }, - "HeaderName": { - "markdownDescription": "The name of the HTTP header to use for the IP address. For example, to use the X-Forwarded-For (XFF) header, set this to `X-Forwarded-For` .\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all.", - "title": "HeaderName", + "OutputStrength": { + "markdownDescription": "The output strength of the guardrail content filter.", + "title": "OutputStrength", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the guardrail content filter.", + "title": "Type", "type": "string" } }, "required": [ - "FallbackBehavior", - "HeaderName" + "InputStrength", + "OutputStrength", + "Type" ], "type": "object" }, - "AWS::WAFv2::WebACL.GeoMatchStatement": { + "AWS::Wisdom::AIGuardrail.GuardrailContextualGroundingFilterConfig": { "additionalProperties": false, "properties": { - "CountryCodes": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of two-character country codes that you want to match against, for example, `[ \"US\", \"CN\" ]` , from the alpha-2 country ISO codes of the ISO 3166 international standard.\n\nWhen you use a geo match statement just for the region and country labels that it adds to requests, you still have to supply a country code for the rule to evaluate. In this case, you configure the rule to only count matching requests, but it will still generate logging and count metrics for any matches. You can reduce the logging and metrics that the rule produces by specifying a country that's unlikely to be a source of traffic to your site.", - "title": "CountryCodes", - "type": "array" + "Threshold": { + "markdownDescription": "The threshold for this filter.", + "title": "Threshold", + "type": "number" }, - "ForwardedIPConfig": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ForwardedIPConfiguration", - "markdownDescription": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all.", - "title": "ForwardedIPConfig" + "Type": { + "markdownDescription": "The type of this filter.", + "title": "Type", + "type": "string" } }, + "required": [ + "Threshold", + "Type" + ], "type": "object" }, - "AWS::WAFv2::WebACL.HeaderMatchPattern": { + "AWS::Wisdom::AIGuardrail.GuardrailManagedWordsConfig": { "additionalProperties": false, "properties": { - "All": { - "markdownDescription": "Inspect all headers.", - "title": "All", - "type": "object" - }, - "ExcludedHeaders": { - "items": { - "type": "string" - }, - "markdownDescription": "Inspect only the headers whose keys don't match any of the strings specified here.", - "title": "ExcludedHeaders", - "type": "array" - }, - "IncludedHeaders": { - "items": { - "type": "string" - }, - "markdownDescription": "Inspect only the headers that have a key that matches one of the strings specified here.", - "title": "IncludedHeaders", - "type": "array" + "Type": { + "markdownDescription": "The type of guardrail managed words.", + "title": "Type", + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::WAFv2::WebACL.Headers": { + "AWS::Wisdom::AIGuardrail.GuardrailPiiEntityConfig": { "additionalProperties": false, "properties": { - "MatchPattern": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.HeaderMatchPattern", - "markdownDescription": "The filter to use to identify the subset of headers to inspect in a web request.\n\nYou must specify exactly one setting: either `All` , `IncludedHeaders` , or `ExcludedHeaders` .\n\nExample JSON: `\"MatchPattern\": { \"ExcludedHeaders\": [ \"KeyToExclude1\", \"KeyToExclude2\" ] }`", - "title": "MatchPattern" - }, - "MatchScope": { - "markdownDescription": "The parts of the headers to match with the rule inspection criteria. If you specify `ALL` , AWS WAF inspects both keys and values.\n\n`All` does not require a match to be found in the keys and a match to be found in the values. It requires a match to be found in the keys or the values or both. To require a match in the keys and in the values, use a logical `AND` statement to combine two match rules, one that inspects the keys and another that inspects the values.", - "title": "MatchScope", + "Action": { + "markdownDescription": "The action of guardrail PII entity configuration.", + "title": "Action", "type": "string" }, - "OversizeHandling": { - "markdownDescription": "What AWS WAF should do if the headers determined by your match scope are more numerous or larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request headers when they exceed 8 KB (8192 bytes) or 200 total headers. The underlying host service forwards a maximum of 200 headers and at most 8 KB of header contents to AWS WAF .\n\nThe options for oversize handling are the following:\n\n- `CONTINUE` - Inspect the available headers normally, according to the rule inspection criteria.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", - "title": "OversizeHandling", + "Type": { + "markdownDescription": "", + "title": "Type", "type": "string" } }, "required": [ - "MatchPattern", - "MatchScope", - "OversizeHandling" + "Action", + "Type" ], "type": "object" }, - "AWS::WAFv2::WebACL.IPSetForwardedIPConfiguration": { + "AWS::Wisdom::AIGuardrail.GuardrailRegexConfig": { "additionalProperties": false, "properties": { - "FallbackBehavior": { - "markdownDescription": "The match status to assign to the web request if the request doesn't have a valid IP address in the specified position.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. \n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", - "title": "FallbackBehavior", + "Action": { + "markdownDescription": "The action of the guardrail regex configuration.", + "title": "Action", "type": "string" }, - "HeaderName": { - "markdownDescription": "The name of the HTTP header to use for the IP address. For example, to use the X-Forwarded-For (XFF) header, set this to `X-Forwarded-For` .\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all.", - "title": "HeaderName", + "Description": { + "markdownDescription": "The regex description.", + "title": "Description", "type": "string" }, - "Position": { - "markdownDescription": "The position in the header to search for the IP address. The header can contain IP addresses of the original client and also of proxies. For example, the header value could be `10.1.1.1, 127.0.0.0, 10.10.10.10` where the first IP address identifies the original client and the rest identify proxies that the request went through.\n\nThe options for this setting are the following:\n\n- FIRST - Inspect the first IP address in the list of IP addresses in the header. This is usually the client's original IP.\n- LAST - Inspect the last IP address in the list of IP addresses in the header.\n- ANY - Inspect all IP addresses in the header for a match. If the header contains more than 10 IP addresses, AWS WAF inspects the last 10.", - "title": "Position", + "Name": { + "markdownDescription": "A regex configuration.", + "title": "Name", + "type": "string" + }, + "Pattern": { + "markdownDescription": "The regex pattern.", + "title": "Pattern", "type": "string" } }, "required": [ - "FallbackBehavior", - "HeaderName", - "Position" + "Action", + "Name", + "Pattern" ], "type": "object" }, - "AWS::WAFv2::WebACL.IPSetReferenceStatement": { + "AWS::Wisdom::AIGuardrail.GuardrailTopicConfig": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the `IPSet` that this statement references.", - "title": "Arn", + "Definition": { + "markdownDescription": "Definition of topic in topic policy.", + "title": "Definition", "type": "string" }, - "IPSetForwardedIPConfig": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.IPSetForwardedIPConfiguration", - "markdownDescription": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all.", - "title": "IPSetForwardedIPConfig" + "Examples": { + "items": { + "type": "string" + }, + "markdownDescription": "Text example in topic policy.", + "title": "Examples", + "type": "array" + }, + "Name": { + "markdownDescription": "Name of topic in topic policy.", + "title": "Name", + "type": "string" + }, + "Type": { + "markdownDescription": "Type of topic in a policy.", + "title": "Type", + "type": "string" } }, "required": [ - "Arn" + "Definition", + "Name", + "Type" ], "type": "object" }, - "AWS::WAFv2::WebACL.ImmunityTimeProperty": { + "AWS::Wisdom::AIGuardrail.GuardrailWordConfig": { "additionalProperties": false, "properties": { - "ImmunityTime": { - "markdownDescription": "The amount of time, in seconds, that a `CAPTCHA` or challenge timestamp is considered valid by AWS WAF . The default setting is 300.\n\nFor the Challenge action, the minimum setting is 300.", - "title": "ImmunityTime", - "type": "number" + "Text": { + "markdownDescription": "The custom word text.", + "title": "Text", + "type": "string" } }, "required": [ - "ImmunityTime" + "Text" ], "type": "object" }, - "AWS::WAFv2::WebACL.JA3Fingerprint": { + "AWS::Wisdom::AIGuardrailVersion": { "additionalProperties": false, "properties": { - "FallbackBehavior": { - "markdownDescription": "The match status to assign to the web request if the request doesn't have a JA3 fingerprint.\n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", - "title": "FallbackBehavior", + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AIGuardrailId": { + "markdownDescription": "The ID of the AI guardrail version.", + "title": "AIGuardrailId", + "type": "string" + }, + "AssistantId": { + "markdownDescription": "The ID of the AI guardrail version assistant.", + "title": "AssistantId", + "type": "string" + }, + "ModifiedTimeSeconds": { + "markdownDescription": "The modified time of the AI guardrail version in seconds.", + "title": "ModifiedTimeSeconds", + "type": "number" + } + }, + "required": [ + "AIGuardrailId", + "AssistantId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Wisdom::AIGuardrailVersion" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "FallbackBehavior" + "Type", + "Properties" ], "type": "object" }, - "AWS::WAFv2::WebACL.JsonBody": { + "AWS::Wisdom::AIPrompt": { "additionalProperties": false, "properties": { - "InvalidFallbackBehavior": { - "markdownDescription": "What AWS WAF should do if it fails to completely parse the JSON body. The options are the following:\n\n- `EVALUATE_AS_STRING` - Inspect the body as plain text. AWS WAF applies the text transformations and inspection criteria that you defined for the JSON inspection to the body text string.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.\n\nIf you don't provide this setting, AWS WAF parses and evaluates the content only up to the first parsing failure that it encounters.\n\n> AWS WAF parsing doesn't fully validate the input JSON string, so parsing can succeed even for invalid JSON. When parsing succeeds, AWS WAF doesn't apply the fallback behavior. For more information, see [JSON body](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-fields-list.html#waf-rule-statement-request-component-json-body) in the *AWS WAF Developer Guide* .", - "title": "InvalidFallbackBehavior", + "Condition": { "type": "string" }, - "MatchPattern": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.JsonMatchPattern", - "markdownDescription": "The patterns to look for in the JSON body. AWS WAF inspects the results of these pattern matches against the rule inspection criteria.", - "title": "MatchPattern" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "MatchScope": { - "markdownDescription": "The parts of the JSON to match against using the `MatchPattern` . If you specify `ALL` , AWS WAF matches against keys and values.\n\n`All` does not require a match to be found in the keys and a match to be found in the values. It requires a match to be found in the keys or the values or both. To require a match in the keys and in the values, use a logical `AND` statement to combine two match rules, one that inspects the keys and another that inspects the values.", - "title": "MatchScope", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApiFormat": { + "markdownDescription": "The API format used for this AI Prompt.", + "title": "ApiFormat", + "type": "string" + }, + "AssistantId": { + "markdownDescription": "The identifier of the Amazon Q in Connect assistant. Can be either the ID or the ARN. URLs cannot contain the ARN.", + "title": "AssistantId", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the AI Prompt.", + "title": "Description", + "type": "string" + }, + "ModelId": { + "markdownDescription": "The identifier of the model used for this AI Prompt. The following model Ids are supported:\n\n- `anthropic.claude-3-haiku--v1:0`\n- `apac.amazon.nova-lite-v1:0`\n- `apac.amazon.nova-micro-v1:0`\n- `apac.amazon.nova-pro-v1:0`\n- `apac.anthropic.claude-3-5-sonnet--v2:0`\n- `apac.anthropic.claude-3-haiku-20240307-v1:0`\n- `eu.amazon.nova-lite-v1:0`\n- `eu.amazon.nova-micro-v1:0`\n- `eu.amazon.nova-pro-v1:0`\n- `eu.anthropic.claude-3-7-sonnet-20250219-v1:0`\n- `eu.anthropic.claude-3-haiku-20240307-v1:0`\n- `us.amazon.nova-lite-v1:0`\n- `us.amazon.nova-micro-v1:0`\n- `us.amazon.nova-pro-v1:0`\n- `us.anthropic.claude-3-5-haiku-20241022-v1:0`\n- `us.anthropic.claude-3-7-sonnet-20250219-v1:0`\n- `us.anthropic.claude-3-haiku-20240307-v1:0`", + "title": "ModelId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the AI Prompt", + "title": "Name", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "TemplateConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::AIPrompt.AIPromptTemplateConfiguration", + "markdownDescription": "The configuration of the prompt template for this AI Prompt.", + "title": "TemplateConfiguration" + }, + "TemplateType": { + "markdownDescription": "The type of the prompt template for this AI Prompt.", + "title": "TemplateType", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of this AI Prompt.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "ApiFormat", + "ModelId", + "TemplateConfiguration", + "TemplateType", + "Type" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Wisdom::AIPrompt" + ], "type": "string" }, - "OversizeHandling": { - "markdownDescription": "What AWS WAF should do if the body is larger than AWS WAF can inspect.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n- For AWS Amplify , use the CloudFront limit.\n\nThe options for oversize handling are the following:\n\n- `CONTINUE` - Inspect the available body contents normally, according to the rule inspection criteria.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.\n\nYou can combine the `MATCH` or `NO_MATCH` settings for oversize handling with your rule and web ACL action settings, so that you block any request whose body is over the limit.\n\nDefault: `CONTINUE`", - "title": "OversizeHandling", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "MatchPattern", - "MatchScope" + "Type", + "Properties" ], "type": "object" }, - "AWS::WAFv2::WebACL.JsonMatchPattern": { + "AWS::Wisdom::AIPrompt.AIPromptTemplateConfiguration": { "additionalProperties": false, "properties": { - "All": { - "markdownDescription": "Match all of the elements. See also `MatchScope` in the `JsonBody` `FieldToMatch` specification.\n\nYou must specify either this setting or the `IncludedPaths` setting, but not both.", - "title": "All", - "type": "object" - }, - "IncludedPaths": { - "items": { - "type": "string" - }, - "markdownDescription": "Match only the specified include paths. See also `MatchScope` in the `JsonBody` `FieldToMatch` specification.\n\nProvide the include paths using JSON Pointer syntax. For example, `\"IncludedPaths\": [\"/dogs/0/name\", \"/dogs/1/name\"]` . For information about this syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nYou must specify either this setting or the `All` setting, but not both.\n\n> Don't use this option to include all paths. Instead, use the `All` setting.", - "title": "IncludedPaths", - "type": "array" + "TextFullAIPromptEditTemplateConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::AIPrompt.TextFullAIPromptEditTemplateConfiguration", + "markdownDescription": "The configuration for a prompt template that supports full textual prompt configuration using a YAML prompt.", + "title": "TextFullAIPromptEditTemplateConfiguration" } }, + "required": [ + "TextFullAIPromptEditTemplateConfiguration" + ], "type": "object" }, - "AWS::WAFv2::WebACL.Label": { + "AWS::Wisdom::AIPrompt.TextFullAIPromptEditTemplateConfiguration": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The label string.", - "title": "Name", + "Text": { + "markdownDescription": "The YAML text for the AI Prompt template.", + "title": "Text", "type": "string" } }, "required": [ - "Name" + "Text" ], "type": "object" }, - "AWS::WAFv2::WebACL.LabelMatchStatement": { + "AWS::Wisdom::AIPromptVersion": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The string to match against. The setting you provide for this depends on the match statement's `Scope` setting:\n\n- If the `Scope` indicates `LABEL` , then this specification must include the name and can include any number of preceding namespace specifications and prefix up to providing the fully qualified label name.\n- If the `Scope` indicates `NAMESPACE` , then this specification can include any number of contiguous namespace strings, and can include the entire label namespace prefix from the rule group or web ACL where the label originates.\n\nLabels are case sensitive and components of a label must be separated by colon, for example `NS1:NS2:name` .", - "title": "Key", + "Condition": { "type": "string" }, - "Scope": { - "markdownDescription": "Specify whether you want to match using the label name or just the namespace.", - "title": "Scope", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AIPromptId": { + "markdownDescription": "The identifier of the Amazon Q in Connect AI prompt.", + "title": "AIPromptId", + "type": "string" + }, + "AssistantId": { + "markdownDescription": "The identifier of the Amazon Q in Connect assistant. Can be either the ID or the ARN. URLs cannot contain the ARN.", + "title": "AssistantId", + "type": "string" + }, + "ModifiedTimeSeconds": { + "markdownDescription": "The time the AI Prompt version was last modified in seconds.", + "title": "ModifiedTimeSeconds", + "type": "number" + } + }, + "required": [ + "AIPromptId", + "AssistantId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Wisdom::AIPromptVersion" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Key", - "Scope" + "Type", + "Properties" ], "type": "object" }, - "AWS::WAFv2::WebACL.ManagedRuleGroupConfig": { + "AWS::Wisdom::Assistant": { "additionalProperties": false, "properties": { - "AWSManagedRulesACFPRuleSet": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.AWSManagedRulesACFPRuleSet", - "markdownDescription": "Additional configuration for using the account creation fraud prevention (ACFP) managed rule group, `AWSManagedRulesACFPRuleSet` . Use this to provide account creation request information to the rule group. For web ACLs that protect CloudFront distributions, use this to also provide the information about how your distribution responds to account creation requests.\n\nFor information about using the ACFP managed rule group, see [AWS WAF Fraud Control account creation fraud prevention (ACFP) rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-acfp.html) and [AWS WAF Fraud Control account creation fraud prevention (ACFP)](https://docs.aws.amazon.com/waf/latest/developerguide/waf-acfp.html) in the *AWS WAF Developer Guide* .", - "title": "AWSManagedRulesACFPRuleSet" + "Condition": { + "type": "string" }, - "AWSManagedRulesATPRuleSet": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.AWSManagedRulesATPRuleSet", - "markdownDescription": "Additional configuration for using the account takeover prevention (ATP) managed rule group, `AWSManagedRulesATPRuleSet` . Use this to provide login request information to the rule group. For web ACLs that protect CloudFront distributions, use this to also provide the information about how your distribution responds to login requests.\n\nThis configuration replaces the individual configuration fields in `ManagedRuleGroupConfig` and provides additional feature configuration.\n\nFor information about using the ATP managed rule group, see [AWS WAF Fraud Control account takeover prevention (ATP) rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-atp.html) and [AWS WAF Fraud Control account takeover prevention (ATP)](https://docs.aws.amazon.com/waf/latest/developerguide/waf-atp.html) in the *AWS WAF Developer Guide* .", - "title": "AWSManagedRulesATPRuleSet" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "AWSManagedRulesBotControlRuleSet": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.AWSManagedRulesBotControlRuleSet", - "markdownDescription": "Additional configuration for using the Bot Control managed rule group. Use this to specify the inspection level that you want to use. For information about using the Bot Control managed rule group, see [AWS WAF Bot Control rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html) and [AWS WAF Bot Control](https://docs.aws.amazon.com/waf/latest/developerguide/waf-bot-control.html) in the *AWS WAF Developer Guide* .", - "title": "AWSManagedRulesBotControlRuleSet" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "LoginPath": { - "markdownDescription": "> Instead of this setting, provide your configuration under `AWSManagedRulesATPRuleSet` .", - "title": "LoginPath", - "type": "string" + "Metadata": { + "type": "object" }, - "PasswordField": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", - "markdownDescription": "> Instead of this setting, provide your configuration under the request inspection configuration for `AWSManagedRulesATPRuleSet` or `AWSManagedRulesACFPRuleSet` .", - "title": "PasswordField" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the assistant.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the assistant.", + "title": "Name", + "type": "string" + }, + "ServerSideEncryptionConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::Assistant.ServerSideEncryptionConfiguration", + "markdownDescription": "The configuration information for the customer managed key used for encryption. The customer managed key must have a policy that allows `kms:CreateGrant` and `kms:DescribeKey` permissions to the IAM identity using the key to invoke Wisdom. To use Wisdom with chat, the key policy must also allow `kms:Decrypt` , `kms:GenerateDataKey*` , and `kms:DescribeKey` permissions to the `connect.amazonaws.com` service principal. For more information about setting up a customer managed key for Wisdom, see [Enable Amazon Connect Wisdom for your instance](https://docs.aws.amazon.com/connect/latest/adminguide/enable-wisdom.html) .", + "title": "ServerSideEncryptionConfiguration" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of assistant.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Name", + "Type" + ], + "type": "object" }, - "PayloadType": { - "markdownDescription": "> Instead of this setting, provide your configuration under the request inspection configuration for `AWSManagedRulesATPRuleSet` or `AWSManagedRulesACFPRuleSet` .", - "title": "PayloadType", + "Type": { + "enum": [ + "AWS::Wisdom::Assistant" + ], "type": "string" }, - "UsernameField": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", - "markdownDescription": "> Instead of this setting, provide your configuration under the request inspection configuration for `AWSManagedRulesATPRuleSet` or `AWSManagedRulesACFPRuleSet` .", - "title": "UsernameField" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::WAFv2::WebACL.ManagedRuleGroupStatement": { + "AWS::Wisdom::Assistant.ServerSideEncryptionConfiguration": { "additionalProperties": false, "properties": { - "ExcludedRules": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ExcludedRule" - }, - "markdownDescription": "Rules in the referenced rule group whose actions are set to `Count` .\n\n> Instead of this option, use `RuleActionOverrides` . It accepts any valid action setting, including `Count` .", - "title": "ExcludedRules", - "type": "array" - }, - "ManagedRuleGroupConfigs": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ManagedRuleGroupConfig" - }, - "markdownDescription": "Additional information that's used by a managed rule group. Many managed rule groups don't require this.\n\nThe rule groups used for intelligent threat mitigation require additional configuration:\n\n- Use the `AWSManagedRulesACFPRuleSet` configuration object to configure the account creation fraud prevention managed rule group. The configuration includes the registration and sign-up pages of your application and the locations in the account creation request payload of data, such as the user email and phone number fields.\n- Use the `AWSManagedRulesATPRuleSet` configuration object to configure the account takeover prevention managed rule group. The configuration includes the sign-in page of your application and the locations in the login request payload of data such as the username and password.\n- Use the `AWSManagedRulesBotControlRuleSet` configuration object to configure the protection level that you want the Bot Control rule group to use.", - "title": "ManagedRuleGroupConfigs", - "type": "array" + "KmsKeyId": { + "markdownDescription": "The customer managed key used for encryption. The customer managed key must have a policy that allows `kms:CreateGrant` and `kms:DescribeKey` permissions to the IAM identity using the key to invoke Wisdom. To use Wisdom with chat, the key policy must also allow `kms:Decrypt` , `kms:GenerateDataKey*` , and `kms:DescribeKey` permissions to the `connect.amazonaws.com` service principal. For more information about setting up a customer managed key for Wisdom, see [Enable Amazon Connect Wisdom for your instance](https://docs.aws.amazon.com/connect/latest/adminguide/enable-wisdom.html) . For information about valid ID values, see [Key identifiers (KeyId)](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id) in the *AWS Key Management Service Developer Guide* .", + "title": "KmsKeyId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Wisdom::AssistantAssociation": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" }, - "Name": { - "markdownDescription": "The name of the managed rule group. You use this, along with the vendor name, to identify the rule group.", - "title": "Name", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "RuleActionOverrides": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RuleActionOverride" - }, - "markdownDescription": "Action settings to use in the place of the rule actions that are configured inside the rule group. You specify one override for each rule whose action you want to change.\n\n> Take care to verify the rule names in your overrides. If you provide a rule name that doesn't match the name of any rule in the rule group, AWS WAF doesn't return an error and doesn't apply the override setting. \n\nYou can use overrides for testing, for example you can override all of rule actions to `Count` and then monitor the resulting count metrics to understand how the rule group would handle your web traffic. You can also permanently override some or all actions, to modify how the rule group manages your web traffic.", - "title": "RuleActionOverrides", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ScopeDownStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.Statement", - "markdownDescription": "An optional nested statement that narrows the scope of the web requests that are evaluated by the managed rule group. Requests are only evaluated by the rule group if they match the scope-down statement. You can use any nestable `Statement` in the scope-down statement, and you can nest statements at any level, the same as you can for a rule statement.", - "title": "ScopeDownStatement" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AssistantId": { + "markdownDescription": "The identifier of the Wisdom assistant.", + "title": "AssistantId", + "type": "string" + }, + "Association": { + "$ref": "#/definitions/AWS::Wisdom::AssistantAssociation.AssociationData", + "markdownDescription": "The identifier of the associated resource.", + "title": "Association" + }, + "AssociationType": { + "markdownDescription": "The type of association.", + "title": "AssociationType", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "AssistantId", + "Association", + "AssociationType" + ], + "type": "object" }, - "VendorName": { - "markdownDescription": "The name of the managed rule group vendor. You use this, along with the rule group name, to identify a rule group.", - "title": "VendorName", + "Type": { + "enum": [ + "AWS::Wisdom::AssistantAssociation" + ], "type": "string" }, - "Version": { - "markdownDescription": "The version of the managed rule group to use. If you specify this, the version setting is fixed until you change it. If you don't specify this, AWS WAF uses the vendor's default version, and then keeps the version at the vendor's default when the vendor updates the managed rule group settings.", - "title": "Version", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Name", - "VendorName" - ], - "type": "object" - }, - "AWS::WAFv2::WebACL.NotStatement": { - "additionalProperties": false, - "properties": { - "Statement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.Statement", - "markdownDescription": "The statement to negate. You can use any statement that can be nested.", - "title": "Statement" - } - }, - "required": [ - "Statement" + "Type", + "Properties" ], "type": "object" }, - "AWS::WAFv2::WebACL.OrStatement": { + "AWS::Wisdom::AssistantAssociation.AssociationData": { "additionalProperties": false, "properties": { - "Statements": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.Statement" - }, - "markdownDescription": "The statements to combine with OR logic. You can use any statements that can be nested.", - "title": "Statements", - "type": "array" + "KnowledgeBaseId": { + "markdownDescription": "The identifier of the knowledge base.", + "title": "KnowledgeBaseId", + "type": "string" } }, "required": [ - "Statements" + "KnowledgeBaseId" ], "type": "object" }, - "AWS::WAFv2::WebACL.OverrideAction": { + "AWS::Wisdom::KnowledgeBase": { "additionalProperties": false, "properties": { - "Count": { - "markdownDescription": "Override the rule group evaluation result to count only.\n\n> This option is usually set to none. It does not affect how the rules in the rule group are evaluated. If you want the rules in the rule group to only count matches, do not use this and instead use the rule action override option, with `Count` action, in your rule group reference statement settings.", - "title": "Count", + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { "type": "object" }, - "None": { - "markdownDescription": "Don't override the rule group evaluation result. This is the most common setting.", - "title": "None", + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description.", + "title": "Description", + "type": "string" + }, + "KnowledgeBaseType": { + "markdownDescription": "The type of knowledge base. Only CUSTOM knowledge bases allow you to upload your own content. EXTERNAL knowledge bases support integrations with third-party systems whose content is synchronized automatically.", + "title": "KnowledgeBaseType", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the knowledge base.", + "title": "Name", + "type": "string" + }, + "RenderingConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.RenderingConfiguration", + "markdownDescription": "Information about how to render the content.", + "title": "RenderingConfiguration" + }, + "ServerSideEncryptionConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.ServerSideEncryptionConfiguration", + "markdownDescription": "This customer managed key must have a policy that allows `kms:CreateGrant` and `kms:DescribeKey` permissions to the IAM identity using the key to invoke Wisdom. For more information about setting up a customer managed key for Wisdom, see [Enable Amazon Connect Wisdom for your instance](https://docs.aws.amazon.com/connect/latest/adminguide/enable-wisdom.html) . For information about valid ID values, see [Key identifiers (KeyId)](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id) in the *AWS Key Management Service Developer Guide* .", + "title": "ServerSideEncryptionConfiguration" + }, + "SourceConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.SourceConfiguration", + "markdownDescription": "The source of the knowledge base content. Only set this argument for EXTERNAL or Managed knowledge bases.", + "title": "SourceConfiguration" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "title": "Tags", + "type": "array" + }, + "VectorIngestionConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.VectorIngestionConfiguration", + "markdownDescription": "Contains details about how to ingest the documents in a data source.", + "title": "VectorIngestionConfiguration" + } + }, + "required": [ + "KnowledgeBaseType", + "Name" + ], "type": "object" + }, + "Type": { + "enum": [ + "AWS::Wisdom::KnowledgeBase" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::WAFv2::WebACL.RateBasedStatement": { + "AWS::Wisdom::KnowledgeBase.AppIntegrationsConfiguration": { "additionalProperties": false, "properties": { - "AggregateKeyType": { - "markdownDescription": "Setting that indicates how to aggregate the request counts.\n\n> Web requests that are missing any of the components specified in the aggregation keys are omitted from the rate-based rule evaluation and handling. \n\n- `CONSTANT` - Count and limit the requests that match the rate-based rule's scope-down statement. With this option, the counted requests aren't further aggregated. The scope-down statement is the only specification used. When the count of all requests that satisfy the scope-down statement goes over the limit, AWS WAF applies the rule action to all requests that satisfy the scope-down statement.\n\nWith this option, you must configure the `ScopeDownStatement` property.\n- `CUSTOM_KEYS` - Aggregate the request counts using one or more web request components as the aggregate keys.\n\nWith this option, you must specify the aggregate keys in the `CustomKeys` property.\n\nTo aggregate on only the IP address or only the forwarded IP address, don't use custom keys. Instead, set the aggregate key type to `IP` or `FORWARDED_IP` .\n- `FORWARDED_IP` - Aggregate the request counts on the first IP address in an HTTP header.\n\nWith this option, you must specify the header to use in the `ForwardedIPConfig` property.\n\nTo aggregate on a combination of the forwarded IP address with other aggregate keys, use `CUSTOM_KEYS` .\n- `IP` - Aggregate the request counts on the IP address from the web request origin.\n\nTo aggregate on a combination of the IP address with other aggregate keys, use `CUSTOM_KEYS` .", - "title": "AggregateKeyType", + "AppIntegrationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AppIntegrations DataIntegration to use for ingesting content.\n\n- For [Salesforce](https://docs.aws.amazon.com/https://developer.salesforce.com/docs/atlas.en-us.knowledge_dev.meta/knowledge_dev/sforce_api_objects_knowledge__kav.htm) , your AppIntegrations DataIntegration must have an ObjectConfiguration if objectFields is not provided, including at least `Id` , `ArticleNumber` , `VersionNumber` , `Title` , `PublishStatus` , and `IsDeleted` as source fields.\n- For [ServiceNow](https://docs.aws.amazon.com/https://developer.servicenow.com/dev.do#!/reference/api/rome/rest/knowledge-management-api) , your AppIntegrations DataIntegration must have an ObjectConfiguration if objectFields is not provided, including at least `number` , `short_description` , `sys_mod_count` , `workflow_state` , and `active` as source fields.\n- For [Zendesk](https://docs.aws.amazon.com/https://developer.zendesk.com/api-reference/help_center/help-center-api/articles/) , your AppIntegrations DataIntegration must have an ObjectConfiguration if `objectFields` is not provided, including at least `id` , `title` , `updated_at` , and `draft` as source fields.\n- For [SharePoint](https://docs.aws.amazon.com/https://learn.microsoft.com/en-us/sharepoint/dev/sp-add-ins/sharepoint-net-server-csom-jsom-and-rest-api-index) , your AppIntegrations DataIntegration must have a FileConfiguration, including only file extensions that are among `docx` , `pdf` , `html` , `htm` , and `txt` .\n- For [Amazon S3](https://docs.aws.amazon.com/s3/) , the ObjectConfiguration and FileConfiguration of your AppIntegrations DataIntegration must be null. The `SourceURI` of your DataIntegration must use the following format: `s3://your_s3_bucket_name` .\n\n> The bucket policy of the corresponding S3 bucket must allow the AWS principal `app-integrations.amazonaws.com` to perform `s3:ListBucket` , `s3:GetObject` , and `s3:GetBucketLocation` against the bucket.", + "title": "AppIntegrationArn", "type": "string" }, - "CustomKeys": { + "ObjectFields": { "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RateBasedStatementCustomKey" + "type": "string" }, - "markdownDescription": "Specifies the aggregate keys to use in a rate-base rule.", - "title": "CustomKeys", + "markdownDescription": "The fields from the source that are made available to your agents in Amazon Q in Connect. Optional if ObjectConfiguration is included in the provided DataIntegration.\n\n- For [Salesforce](https://docs.aws.amazon.com/https://developer.salesforce.com/docs/atlas.en-us.knowledge_dev.meta/knowledge_dev/sforce_api_objects_knowledge__kav.htm) , you must include at least `Id` , `ArticleNumber` , `VersionNumber` , `Title` , `PublishStatus` , and `IsDeleted` .\n- For [ServiceNow](https://docs.aws.amazon.com/https://developer.servicenow.com/dev.do#!/reference/api/rome/rest/knowledge-management-api) , you must include at least `number` , `short_description` , `sys_mod_count` , `workflow_state` , and `active` .\n- For [Zendesk](https://docs.aws.amazon.com/https://developer.zendesk.com/api-reference/help_center/help-center-api/articles/) , you must include at least `id` , `title` , `updated_at` , and `draft` .\n\nMake sure to include additional fields. These fields are indexed and used to source recommendations.", + "title": "ObjectFields", "type": "array" - }, - "EvaluationWindowSec": { - "markdownDescription": "The amount of time, in seconds, that AWS WAF should include in its request counts, looking back from the current time. For example, for a setting of 120, when AWS WAF checks the rate, it counts the requests for the 2 minutes immediately preceding the current time. Valid settings are 60, 120, 300, and 600.\n\nThis setting doesn't determine how often AWS WAF checks the rate, but how far back it looks each time it checks. AWS WAF checks the rate about every 10 seconds.\n\nDefault: `300` (5 minutes)", - "title": "EvaluationWindowSec", - "type": "number" - }, - "ForwardedIPConfig": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ForwardedIPConfiguration", - "markdownDescription": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. \n\nThis is required if you specify a forwarded IP in the rule's aggregate key settings.", - "title": "ForwardedIPConfig" - }, - "Limit": { - "markdownDescription": "The limit on requests during the specified evaluation window for a single aggregation instance for the rate-based rule. If the rate-based statement includes a `ScopeDownStatement` , this limit is applied only to the requests that match the statement.\n\nExamples:\n\n- If you aggregate on just the IP address, this is the limit on requests from any single IP address.\n- If you aggregate on the HTTP method and the query argument name \"city\", then this is the limit on requests for any single method, city pair.", - "title": "Limit", - "type": "number" - }, - "ScopeDownStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.Statement", - "markdownDescription": "An optional nested statement that narrows the scope of the web requests that are evaluated and managed by the rate-based statement. When you use a scope-down statement, the rate-based rule only tracks and rate limits requests that match the scope-down statement. You can use any nestable `Statement` in the scope-down statement, and you can nest statements at any level, the same as you can for a rule statement.", - "title": "ScopeDownStatement" } }, "required": [ - "AggregateKeyType", - "Limit" + "AppIntegrationArn" ], "type": "object" }, - "AWS::WAFv2::WebACL.RateBasedStatementCustomKey": { + "AWS::Wisdom::KnowledgeBase.BedrockFoundationModelConfiguration": { "additionalProperties": false, "properties": { - "Cookie": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitCookie", - "markdownDescription": "Use the value of a cookie in the request as an aggregate key. Each distinct value in the cookie contributes to the aggregation instance. If you use a single cookie as your custom key, then each value fully defines an aggregation instance.", - "title": "Cookie" - }, - "ForwardedIP": { - "markdownDescription": "Use the first IP address in an HTTP header as an aggregate key. Each distinct forwarded IP address contributes to the aggregation instance.\n\nWhen you specify an IP or forwarded IP in the custom key settings, you must also specify at least one other key to use. You can aggregate on only the forwarded IP address by specifying `FORWARDED_IP` in your rate-based statement's `AggregateKeyType` .\n\nWith this option, you must specify the header to use in the rate-based rule's `ForwardedIPConfig` property.", - "title": "ForwardedIP", - "type": "object" - }, - "HTTPMethod": { - "markdownDescription": "Use the request's HTTP method as an aggregate key. Each distinct HTTP method contributes to the aggregation instance. If you use just the HTTP method as your custom key, then each method fully defines an aggregation instance.", - "title": "HTTPMethod", - "type": "object" - }, - "Header": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitHeader", - "markdownDescription": "Use the value of a header in the request as an aggregate key. Each distinct value in the header contributes to the aggregation instance. If you use a single header as your custom key, then each value fully defines an aggregation instance.", - "title": "Header" - }, - "IP": { - "markdownDescription": "Use the request's originating IP address as an aggregate key. Each distinct IP address contributes to the aggregation instance.\n\nWhen you specify an IP or forwarded IP in the custom key settings, you must also specify at least one other key to use. You can aggregate on only the IP address by specifying `IP` in your rate-based statement's `AggregateKeyType` .", - "title": "IP", - "type": "object" - }, - "LabelNamespace": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitLabelNamespace", - "markdownDescription": "Use the specified label namespace as an aggregate key. Each distinct fully qualified label name that has the specified label namespace contributes to the aggregation instance. If you use just one label namespace as your custom key, then each label name fully defines an aggregation instance.\n\nThis uses only labels that have been added to the request by rules that are evaluated before this rate-based rule in the web ACL.\n\nFor information about label namespaces and names, see [Label syntax and naming requirements](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-label-requirements.html) in the *AWS WAF Developer Guide* .", - "title": "LabelNamespace" - }, - "QueryArgument": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitQueryArgument", - "markdownDescription": "Use the specified query argument as an aggregate key. Each distinct value for the named query argument contributes to the aggregation instance. If you use a single query argument as your custom key, then each value fully defines an aggregation instance.", - "title": "QueryArgument" - }, - "QueryString": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitQueryString", - "markdownDescription": "Use the request's query string as an aggregate key. Each distinct string contributes to the aggregation instance. If you use just the query string as your custom key, then each string fully defines an aggregation instance.", - "title": "QueryString" + "ModelArn": { + "markdownDescription": "The model ARN of the Bedrock foundation model.", + "title": "ModelArn", + "type": "string" }, - "UriPath": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitUriPath", - "markdownDescription": "Use the request's URI path as an aggregate key. Each distinct URI path contributes to the aggregation instance. If you use just the URI path as your custom key, then each URI path fully defines an aggregation instance.", - "title": "UriPath" + "ParsingPrompt": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.ParsingPrompt", + "markdownDescription": "The parsing prompt of the Bedrock foundation model configuration.", + "title": "ParsingPrompt" } }, + "required": [ + "ModelArn" + ], "type": "object" }, - "AWS::WAFv2::WebACL.RateLimitCookie": { + "AWS::Wisdom::KnowledgeBase.ChunkingConfiguration": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the cookie to use.", - "title": "Name", + "ChunkingStrategy": { + "markdownDescription": "Knowledge base can split your source data into chunks. A chunk refers to an excerpt from a data source that is returned when the knowledge base that it belongs to is queried. You have the following options for chunking your data. If you opt for `NONE` , then you may want to pre-process your files by splitting them up such that each file corresponds to a chunk.", + "title": "ChunkingStrategy", "type": "string" }, - "TextTransformations": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" - }, - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", - "title": "TextTransformations", - "type": "array" + "FixedSizeChunkingConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.FixedSizeChunkingConfiguration", + "markdownDescription": "Configurations for when you choose fixed-size chunking. If you set the `chunkingStrategy` as `NONE` , exclude this field.", + "title": "FixedSizeChunkingConfiguration" + }, + "HierarchicalChunkingConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.HierarchicalChunkingConfiguration", + "markdownDescription": "Settings for hierarchical document chunking for a data source. Hierarchical chunking splits documents into layers of chunks where the first layer contains large chunks, and the second layer contains smaller chunks derived from the first layer.", + "title": "HierarchicalChunkingConfiguration" + }, + "SemanticChunkingConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.SemanticChunkingConfiguration", + "markdownDescription": "Settings for semantic document chunking for a data source. Semantic chunking splits a document into smaller documents based on groups of similar content derived from the text with natural language processing.", + "title": "SemanticChunkingConfiguration" } }, "required": [ - "Name", - "TextTransformations" + "ChunkingStrategy" ], "type": "object" }, - "AWS::WAFv2::WebACL.RateLimitHeader": { + "AWS::Wisdom::KnowledgeBase.CrawlerLimits": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the header to use.", - "title": "Name", - "type": "string" - }, - "TextTransformations": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" - }, - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", - "title": "TextTransformations", - "type": "array" + "RateLimit": { + "markdownDescription": "The limit rate at which the crawler is configured.", + "title": "RateLimit", + "type": "number" } }, - "required": [ - "Name", - "TextTransformations" - ], "type": "object" }, - "AWS::WAFv2::WebACL.RateLimitLabelNamespace": { + "AWS::Wisdom::KnowledgeBase.FixedSizeChunkingConfiguration": { "additionalProperties": false, "properties": { - "Namespace": { - "markdownDescription": "The namespace to use for aggregation.", - "title": "Namespace", - "type": "string" + "MaxTokens": { + "markdownDescription": "The maximum number of tokens to include in a chunk.", + "title": "MaxTokens", + "type": "number" + }, + "OverlapPercentage": { + "markdownDescription": "The percentage of overlap between adjacent chunks of a data source.", + "title": "OverlapPercentage", + "type": "number" } }, "required": [ - "Namespace" + "MaxTokens", + "OverlapPercentage" ], "type": "object" }, - "AWS::WAFv2::WebACL.RateLimitQueryArgument": { + "AWS::Wisdom::KnowledgeBase.HierarchicalChunkingConfiguration": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the query argument to use.", - "title": "Name", - "type": "string" - }, - "TextTransformations": { + "LevelConfigurations": { "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.HierarchicalChunkingLevelConfiguration" }, - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", - "title": "TextTransformations", + "markdownDescription": "Token settings for each layer.", + "title": "LevelConfigurations", "type": "array" + }, + "OverlapTokens": { + "markdownDescription": "The number of tokens to repeat across chunks in the same layer.", + "title": "OverlapTokens", + "type": "number" } }, "required": [ - "Name", - "TextTransformations" + "LevelConfigurations", + "OverlapTokens" ], "type": "object" }, - "AWS::WAFv2::WebACL.RateLimitQueryString": { + "AWS::Wisdom::KnowledgeBase.HierarchicalChunkingLevelConfiguration": { "additionalProperties": false, "properties": { - "TextTransformations": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" - }, - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", - "title": "TextTransformations", - "type": "array" + "MaxTokens": { + "markdownDescription": "The maximum number of tokens that a chunk can contain in this layer.", + "title": "MaxTokens", + "type": "number" } }, "required": [ - "TextTransformations" + "MaxTokens" ], "type": "object" }, - "AWS::WAFv2::WebACL.RateLimitUriPath": { + "AWS::Wisdom::KnowledgeBase.ManagedSourceConfiguration": { "additionalProperties": false, "properties": { - "TextTransformations": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" - }, - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", - "title": "TextTransformations", - "type": "array" + "WebCrawlerConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.WebCrawlerConfiguration", + "markdownDescription": "Configuration data for web crawler data source.", + "title": "WebCrawlerConfiguration" } }, "required": [ - "TextTransformations" + "WebCrawlerConfiguration" ], "type": "object" }, - "AWS::WAFv2::WebACL.RegexMatchStatement": { + "AWS::Wisdom::KnowledgeBase.ParsingConfiguration": { "additionalProperties": false, "properties": { - "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToMatch", - "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", - "title": "FieldToMatch" + "BedrockFoundationModelConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.BedrockFoundationModelConfiguration", + "markdownDescription": "Settings for a foundation model used to parse documents for a data source.", + "title": "BedrockFoundationModelConfiguration" }, - "RegexString": { - "markdownDescription": "The string representing the regular expression.", - "title": "RegexString", + "ParsingStrategy": { + "markdownDescription": "The parsing strategy for the data source.", + "title": "ParsingStrategy", "type": "string" - }, - "TextTransformations": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" - }, - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", - "title": "TextTransformations", - "type": "array" } }, "required": [ - "FieldToMatch", - "RegexString", - "TextTransformations" + "ParsingStrategy" ], "type": "object" }, - "AWS::WAFv2::WebACL.RegexPatternSetReferenceStatement": { + "AWS::Wisdom::KnowledgeBase.ParsingPrompt": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the `RegexPatternSet` that this statement references.", - "title": "Arn", + "ParsingPromptText": { + "markdownDescription": "Instructions for interpreting the contents of a document.", + "title": "ParsingPromptText", "type": "string" - }, - "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToMatch", - "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", - "title": "FieldToMatch" - }, - "TextTransformations": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" - }, - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", - "title": "TextTransformations", - "type": "array" } }, "required": [ - "Arn", - "FieldToMatch", - "TextTransformations" + "ParsingPromptText" ], "type": "object" }, - "AWS::WAFv2::WebACL.RequestBodyAssociatedResourceTypeConfig": { + "AWS::Wisdom::KnowledgeBase.RenderingConfiguration": { "additionalProperties": false, "properties": { - "DefaultSizeInspectionLimit": { - "markdownDescription": "Specifies the maximum size of the web request body component that an associated CloudFront, API Gateway, Amazon Cognito, App Runner, or Verified Access resource should send to AWS WAF for inspection. This applies to statements in the web ACL that inspect the body or JSON body.\n\nDefault: `16 KB (16,384 bytes)`", - "title": "DefaultSizeInspectionLimit", + "TemplateUri": { + "markdownDescription": "A URI template containing exactly one variable in `${variableName}` format. This can only be set for `EXTERNAL` knowledge bases. For Salesforce, ServiceNow, and Zendesk, the variable must be one of the following:\n\n- Salesforce: `Id` , `ArticleNumber` , `VersionNumber` , `Title` , `PublishStatus` , or `IsDeleted`\n- ServiceNow: `number` , `short_description` , `sys_mod_count` , `workflow_state` , or `active`\n- Zendesk: `id` , `title` , `updated_at` , or `draft`\n\nThe variable is replaced with the actual value for a piece of content when calling [GetContent](https://docs.aws.amazon.com/amazon-q-connect/latest/APIReference/API_GetContent.html) .", + "title": "TemplateUri", "type": "string" } }, - "required": [ - "DefaultSizeInspectionLimit" - ], "type": "object" }, - "AWS::WAFv2::WebACL.RequestInspection": { + "AWS::Wisdom::KnowledgeBase.SeedUrl": { "additionalProperties": false, "properties": { - "PasswordField": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", - "markdownDescription": "The name of the field in the request payload that contains your customer's password.\n\nHow you specify this depends on the request inspection payload type.\n\n- For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"password\": \"THE_PASSWORD\" } }` , the password field specification is `/form/password` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with the input element named `password1` , the password field specification is `password1` .", - "title": "PasswordField" - }, - "PayloadType": { - "markdownDescription": "The payload type for your login endpoint, either JSON or form encoded.", - "title": "PayloadType", + "Url": { + "markdownDescription": "URL for crawling", + "title": "Url", "type": "string" - }, - "UsernameField": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", - "markdownDescription": "The name of the field in the request payload that contains your customer's username.\n\nHow you specify this depends on the request inspection payload type.\n\n- For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"username\": \"THE_USERNAME\" } }` , the username field specification is `/form/username` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with the input element named `username1` , the username field specification is `username1`", - "title": "UsernameField" } }, - "required": [ - "PasswordField", - "PayloadType", - "UsernameField" - ], "type": "object" }, - "AWS::WAFv2::WebACL.RequestInspectionACFP": { + "AWS::Wisdom::KnowledgeBase.SemanticChunkingConfiguration": { "additionalProperties": false, "properties": { - "AddressFields": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier" - }, - "markdownDescription": "The names of the fields in the request payload that contain your customer's primary physical address.\n\nOrder the address fields in the array exactly as they are ordered in the request payload.\n\nHow you specify the address fields depends on the request inspection payload type.\n\n- For JSON payloads, specify the field identifiers in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"primaryaddressline1\": \"THE_ADDRESS1\", \"primaryaddressline2\": \"THE_ADDRESS2\", \"primaryaddressline3\": \"THE_ADDRESS3\" } }` , the address field idenfiers are `/form/primaryaddressline1` , `/form/primaryaddressline2` , and `/form/primaryaddressline3` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with input elements named `primaryaddressline1` , `primaryaddressline2` , and `primaryaddressline3` , the address fields identifiers are `primaryaddressline1` , `primaryaddressline2` , and `primaryaddressline3` .", - "title": "AddressFields", - "type": "array" - }, - "EmailField": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", - "markdownDescription": "The name of the field in the request payload that contains your customer's email.\n\nHow you specify this depends on the request inspection payload type.\n\n- For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"email\": \"THE_EMAIL\" } }` , the email field specification is `/form/email` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with the input element named `email1` , the email field specification is `email1` .", - "title": "EmailField" - }, - "PasswordField": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", - "markdownDescription": "The name of the field in the request payload that contains your customer's password.\n\nHow you specify this depends on the request inspection payload type.\n\n- For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"password\": \"THE_PASSWORD\" } }` , the password field specification is `/form/password` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with the input element named `password1` , the password field specification is `password1` .", - "title": "PasswordField" - }, - "PayloadType": { - "markdownDescription": "The payload type for your account creation endpoint, either JSON or form encoded.", - "title": "PayloadType", - "type": "string" + "BreakpointPercentileThreshold": { + "markdownDescription": "The dissimilarity threshold for splitting chunks.", + "title": "BreakpointPercentileThreshold", + "type": "number" }, - "PhoneNumberFields": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier" - }, - "markdownDescription": "The names of the fields in the request payload that contain your customer's primary phone number.\n\nOrder the phone number fields in the array exactly as they are ordered in the request payload.\n\nHow you specify the phone number fields depends on the request inspection payload type.\n\n- For JSON payloads, specify the field identifiers in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"primaryphoneline1\": \"THE_PHONE1\", \"primaryphoneline2\": \"THE_PHONE2\", \"primaryphoneline3\": \"THE_PHONE3\" } }` , the phone number field identifiers are `/form/primaryphoneline1` , `/form/primaryphoneline2` , and `/form/primaryphoneline3` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with input elements named `primaryphoneline1` , `primaryphoneline2` , and `primaryphoneline3` , the phone number field identifiers are `primaryphoneline1` , `primaryphoneline2` , and `primaryphoneline3` .", - "title": "PhoneNumberFields", - "type": "array" + "BufferSize": { + "markdownDescription": "The buffer size.", + "title": "BufferSize", + "type": "number" }, - "UsernameField": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", - "markdownDescription": "The name of the field in the request payload that contains your customer's username.\n\nHow you specify this depends on the request inspection payload type.\n\n- For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"username\": \"THE_USERNAME\" } }` , the username field specification is `/form/username` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with the input element named `username1` , the username field specification is `username1`", - "title": "UsernameField" + "MaxTokens": { + "markdownDescription": "The maximum number of tokens that a chunk can contain.", + "title": "MaxTokens", + "type": "number" } }, "required": [ - "PayloadType" + "BreakpointPercentileThreshold", + "BufferSize", + "MaxTokens" ], "type": "object" }, - "AWS::WAFv2::WebACL.ResponseInspection": { + "AWS::Wisdom::KnowledgeBase.ServerSideEncryptionConfiguration": { "additionalProperties": false, "properties": { - "BodyContains": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspectionBodyContains", - "markdownDescription": "Configures inspection of the response body for success and failure indicators. AWS WAF can inspect the first 65,536 bytes (64 KB) of the response body.", - "title": "BodyContains" - }, - "Header": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspectionHeader", - "markdownDescription": "Configures inspection of the response header for success and failure indicators.", - "title": "Header" - }, - "Json": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspectionJson", - "markdownDescription": "Configures inspection of the response JSON for success and failure indicators. AWS WAF can inspect the first 65,536 bytes (64 KB) of the response JSON.", - "title": "Json" - }, - "StatusCode": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspectionStatusCode", - "markdownDescription": "Configures inspection of the response status code for success and failure indicators.", - "title": "StatusCode" + "KmsKeyId": { + "markdownDescription": "The customer managed key used for encryption.\n\nThis customer managed key must have a policy that allows `kms:CreateGrant` and `kms:DescribeKey` permissions to the IAM identity using the key to invoke Wisdom.\n\nFor more information about setting up a customer managed key for Wisdom, see [Enable Amazon Connect Wisdom for your instance](https://docs.aws.amazon.com/connect/latest/adminguide/enable-wisdom.html) . For information about valid ID values, see [Key identifiers (KeyId)](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id) .", + "title": "KmsKeyId", + "type": "string" } }, "type": "object" }, - "AWS::WAFv2::WebACL.ResponseInspectionBodyContains": { + "AWS::Wisdom::KnowledgeBase.SourceConfiguration": { "additionalProperties": false, "properties": { - "FailureStrings": { - "items": { - "type": "string" - }, - "markdownDescription": "Strings in the body of the response that indicate a failed login or account creation attempt. To be counted as a failure, the string can be anywhere in the body and must be an exact match, including case. Each string must be unique among the success and failure strings.\n\nJSON example: `\"FailureStrings\": [ \"Request failed\" ]`", - "title": "FailureStrings", - "type": "array" + "AppIntegrations": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.AppIntegrationsConfiguration", + "markdownDescription": "Configuration information for Amazon AppIntegrations to automatically ingest content.", + "title": "AppIntegrations" }, - "SuccessStrings": { - "items": { - "type": "string" - }, - "markdownDescription": "Strings in the body of the response that indicate a successful login or account creation attempt. To be counted as a success, the string can be anywhere in the body and must be an exact match, including case. Each string must be unique among the success and failure strings.\n\nJSON examples: `\"SuccessStrings\": [ \"Login successful\" ]` and `\"SuccessStrings\": [ \"Account creation successful\", \"Welcome to our site!\" ]`", - "title": "SuccessStrings", - "type": "array" + "ManagedSourceConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.ManagedSourceConfiguration", + "markdownDescription": "Source configuration for managed resources.", + "title": "ManagedSourceConfiguration" } }, - "required": [ - "FailureStrings", - "SuccessStrings" - ], "type": "object" }, - "AWS::WAFv2::WebACL.ResponseInspectionHeader": { + "AWS::Wisdom::KnowledgeBase.UrlConfiguration": { "additionalProperties": false, "properties": { - "FailureValues": { - "items": { - "type": "string" - }, - "markdownDescription": "Values in the response header with the specified name that indicate a failed login or account creation attempt. To be counted as a failure, the value must be an exact match, including case. Each value must be unique among the success and failure values.\n\nJSON examples: `\"FailureValues\": [ \"LoginFailed\", \"Failed login\" ]` and `\"FailureValues\": [ \"AccountCreationFailed\" ]`", - "title": "FailureValues", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the header to match against. The name must be an exact match, including case.\n\nJSON example: `\"Name\": [ \"RequestResult\" ]`", - "title": "Name", - "type": "string" - }, - "SuccessValues": { + "SeedUrls": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.SeedUrl" }, - "markdownDescription": "Values in the response header with the specified name that indicate a successful login or account creation attempt. To be counted as a success, the value must be an exact match, including case. Each value must be unique among the success and failure values.\n\nJSON examples: `\"SuccessValues\": [ \"LoginPassed\", \"Successful login\" ]` and `\"SuccessValues\": [ \"AccountCreated\", \"Successful account creation\" ]`", - "title": "SuccessValues", + "markdownDescription": "List of URLs for crawling.", + "title": "SeedUrls", "type": "array" } }, - "required": [ - "FailureValues", - "Name", - "SuccessValues" - ], "type": "object" }, - "AWS::WAFv2::WebACL.ResponseInspectionJson": { + "AWS::Wisdom::KnowledgeBase.VectorIngestionConfiguration": { "additionalProperties": false, "properties": { - "FailureValues": { - "items": { - "type": "string" - }, - "markdownDescription": "Values for the specified identifier in the response JSON that indicate a failed login or account creation attempt. To be counted as a failure, the value must be an exact match, including case. Each value must be unique among the success and failure values.\n\nJSON example: `\"FailureValues\": [ \"False\", \"Failed\" ]`", - "title": "FailureValues", - "type": "array" - }, - "Identifier": { - "markdownDescription": "The identifier for the value to match against in the JSON. The identifier must be an exact match, including case.\n\nJSON examples: `\"Identifier\": [ \"/login/success\" ]` and `\"Identifier\": [ \"/sign-up/success\" ]`", - "title": "Identifier", - "type": "string" + "ChunkingConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.ChunkingConfiguration", + "markdownDescription": "Details about how to chunk the documents in the data source. A chunk refers to an excerpt from a data source that is returned when the knowledge base that it belongs to is queried.", + "title": "ChunkingConfiguration" }, - "SuccessValues": { - "items": { - "type": "string" - }, - "markdownDescription": "Values for the specified identifier in the response JSON that indicate a successful login or account creation attempt. To be counted as a success, the value must be an exact match, including case. Each value must be unique among the success and failure values.\n\nJSON example: `\"SuccessValues\": [ \"True\", \"Succeeded\" ]`", - "title": "SuccessValues", - "type": "array" + "ParsingConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.ParsingConfiguration", + "markdownDescription": "A custom parser for data source documents.", + "title": "ParsingConfiguration" } }, - "required": [ - "FailureValues", - "Identifier", - "SuccessValues" - ], "type": "object" }, - "AWS::WAFv2::WebACL.ResponseInspectionStatusCode": { + "AWS::Wisdom::KnowledgeBase.WebCrawlerConfiguration": { "additionalProperties": false, "properties": { - "FailureCodes": { + "CrawlerLimits": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.CrawlerLimits", + "markdownDescription": "The configuration of crawl limits for the web URLs.", + "title": "CrawlerLimits" + }, + "ExclusionFilters": { "items": { - "type": "number" + "type": "string" }, - "markdownDescription": "Status codes in the response that indicate a failed login or account creation attempt. To be counted as a failure, the response status code must match one of these. Each code must be unique among the success and failure status codes.\n\nJSON example: `\"FailureCodes\": [ 400, 404 ]`", - "title": "FailureCodes", + "markdownDescription": "A list of one or more exclusion regular expression patterns to exclude certain URLs. If you specify an inclusion and exclusion filter/pattern and both match a URL, the exclusion filter takes precedence and the web content of the URL isn\u2019t crawled.", + "title": "ExclusionFilters", "type": "array" }, - "SuccessCodes": { + "InclusionFilters": { "items": { - "type": "number" + "type": "string" }, - "markdownDescription": "Status codes in the response that indicate a successful login or account creation attempt. To be counted as a success, the response status code must match one of these. Each code must be unique among the success and failure status codes.\n\nJSON example: `\"SuccessCodes\": [ 200, 201 ]`", - "title": "SuccessCodes", + "markdownDescription": "A list of one or more inclusion regular expression patterns to include certain URLs. If you specify an inclusion and exclusion filter/pattern and both match a URL, the exclusion filter takes precedence and the web content of the URL isn\u2019t crawled.", + "title": "InclusionFilters", "type": "array" + }, + "Scope": { + "markdownDescription": "The scope of what is crawled for your URLs. You can choose to crawl only web pages that belong to the same host or primary domain. For example, only web pages that contain the seed URL `https://docs.aws.amazon.com/bedrock/latest/userguide/` and no other domains. You can choose to include sub domains in addition to the host or primary domain. For example, web pages that contain `aws.amazon.com` can also include sub domain `docs.aws.amazon.com` .", + "title": "Scope", + "type": "string" + }, + "UrlConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.UrlConfiguration", + "markdownDescription": "The configuration of the URL/URLs for the web content that you want to crawl. You should be authorized to crawl the URLs.", + "title": "UrlConfiguration" } }, "required": [ - "FailureCodes", - "SuccessCodes" + "UrlConfiguration" ], "type": "object" }, - "AWS::WAFv2::WebACL.Rule": { + "AWS::Wisdom::MessageTemplate": { "additionalProperties": false, "properties": { - "Action": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RuleAction", - "markdownDescription": "The action that AWS WAF should take on a web request when it matches the rule's statement. Settings at the web ACL level can override the rule action setting.\n\nThis is used only for rules whose statements don't reference a rule group. Rule statements that reference a rule group are `RuleGroupReferenceStatement` and `ManagedRuleGroupStatement` .\n\nYou must set either this `Action` setting or the rule's `OverrideAction` , but not both:\n\n- If the rule statement doesn't reference a rule group, you must set this rule action setting and you must not set the rule's override action setting.\n- If the rule statement references a rule group, you must not set this action setting, because the actions are already set on the rules inside the rule group. You must set the rule's override action setting to indicate specifically whether to override the actions that are set on the rules in the rule group.", - "title": "Action" - }, - "CaptchaConfig": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.CaptchaConfig", - "markdownDescription": "Specifies how AWS WAF should handle `CAPTCHA` evaluations. If you don't specify this, AWS WAF uses the `CAPTCHA` configuration that's defined for the web ACL.", - "title": "CaptchaConfig" - }, - "ChallengeConfig": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ChallengeConfig", - "markdownDescription": "Specifies how AWS WAF should handle `Challenge` evaluations. If you don't specify this, AWS WAF uses the challenge configuration that's defined for the web ACL.", - "title": "ChallengeConfig" + "Condition": { + "type": "string" }, - "Name": { - "markdownDescription": "The name of the rule.\n\nIf you change the name of a `Rule` after you create it and you want the rule's metric name to reflect the change, update the metric name in the rule's `VisibilityConfig` settings. AWS WAF doesn't automatically update the metric name when you update the rule name.", - "title": "Name", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "OverrideAction": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.OverrideAction", - "markdownDescription": "The override action to apply to the rules in a rule group, instead of the individual rule action settings. This is used only for rules whose statements reference a rule group. Rule statements that reference a rule group are `RuleGroupReferenceStatement` and `ManagedRuleGroupStatement` .\n\nSet the override action to none to leave the rule group rule actions in effect. Set it to count to only count matches, regardless of the rule action settings.\n\nYou must set either this `OverrideAction` setting or the `Action` setting, but not both:\n\n- If the rule statement references a rule group, you must set this override action setting and you must not set the rule's action setting.\n- If the rule statement doesn't reference a rule group, you must set the rule action setting and you must not set the rule's override action setting.", - "title": "OverrideAction" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Priority": { - "markdownDescription": "If you define more than one `Rule` in a `WebACL` , AWS WAF evaluates each request against the `Rules` in order based on the value of `Priority` . AWS WAF processes rules with lower priority first. The priorities don't need to be consecutive, but they must all be different.", - "title": "Priority", - "type": "number" + "Metadata": { + "type": "object" }, - "RuleLabels": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.Label" + "Properties": { + "additionalProperties": false, + "properties": { + "ChannelSubtype": { + "markdownDescription": "The channel subtype this message template applies to.", + "title": "ChannelSubtype", + "type": "string" + }, + "Content": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.Content", + "markdownDescription": "The content of the message template.", + "title": "Content" + }, + "DefaultAttributes": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.MessageTemplateAttributes", + "markdownDescription": "An object that specifies the default values to use for variables in the message template. This object contains different categories of key-value pairs. Each key defines a variable or placeholder in the message template. The corresponding value defines the default value for that variable.", + "title": "DefaultAttributes" + }, + "Description": { + "markdownDescription": "The description of the message template.", + "title": "Description", + "type": "string" + }, + "GroupingConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.GroupingConfiguration", + "markdownDescription": "The configuration information of the external data source.", + "title": "GroupingConfiguration" + }, + "KnowledgeBaseArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the knowledge base.", + "title": "KnowledgeBaseArn", + "type": "string" + }, + "Language": { + "markdownDescription": "The language code value for the language in which the quick response is written. The supported language codes include `de_DE` , `en_US` , `es_ES` , `fr_FR` , `id_ID` , `it_IT` , `ja_JP` , `ko_KR` , `pt_BR` , `zh_CN` , `zh_TW`", + "title": "Language", + "type": "string" + }, + "MessageTemplateAttachments": { + "items": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.MessageTemplateAttachment" + }, + "markdownDescription": "List of message template attachments.", + "title": "MessageTemplateAttachments", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the message template.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "Labels to apply to web requests that match the rule match statement. AWS WAF applies fully qualified labels to matching web requests. A fully qualified label is the concatenation of a label namespace and a rule label. The rule's rule group or web ACL defines the label namespace.\n\n> Any rule that isn't a rule group reference statement or managed rule group statement can add labels to matching web requests. \n\nRules that run after this rule in the web ACL can match against these labels using a `LabelMatchStatement` .\n\nFor each label, provide a case-sensitive string containing optional namespaces and a label name, according to the following guidelines:\n\n- Separate each component of the label with a colon.\n- Each namespace or name can have up to 128 characters.\n- You can specify up to 5 namespaces in a label.\n- Don't use the following reserved words in your label specification: `aws` , `waf` , `managed` , `rulegroup` , `webacl` , `regexpatternset` , or `ipset` .\n\nFor example, `myLabelName` or `nameSpace1:nameSpace2:myLabelName` .", - "title": "RuleLabels", - "type": "array" + "required": [ + "ChannelSubtype", + "Content", + "KnowledgeBaseArn", + "Name" + ], + "type": "object" }, - "Statement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.Statement", - "markdownDescription": "The AWS WAF processing statement for the rule, for example `ByteMatchStatement` or `SizeConstraintStatement` .", - "title": "Statement" + "Type": { + "enum": [ + "AWS::Wisdom::MessageTemplate" + ], + "type": "string" }, - "VisibilityConfig": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.VisibilityConfig", - "markdownDescription": "Defines and enables Amazon CloudWatch metrics and web request sample collection.\n\nIf you change the name of a `Rule` after you create it and you want the rule's metric name to reflect the change, update the metric name as well. AWS WAF doesn't automatically update the metric name.", - "title": "VisibilityConfig" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Name", - "Priority", - "Statement", - "VisibilityConfig" + "Type", + "Properties" ], "type": "object" }, - "AWS::WAFv2::WebACL.RuleAction": { + "AWS::Wisdom::MessageTemplate.AgentAttributes": { "additionalProperties": false, "properties": { - "Allow": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.AllowAction", - "markdownDescription": "Instructs AWS WAF to allow the web request.", - "title": "Allow" - }, - "Block": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.BlockAction", - "markdownDescription": "Instructs AWS WAF to block the web request.", - "title": "Block" - }, - "Captcha": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.CaptchaAction", - "markdownDescription": "Specifies that AWS WAF should run a `CAPTCHA` check against the request:\n\n- If the request includes a valid, unexpired `CAPTCHA` token, AWS WAF allows the web request inspection to proceed to the next rule, similar to a `CountAction` .\n- If the request doesn't include a valid, unexpired `CAPTCHA` token, AWS WAF discontinues the web ACL evaluation of the request and blocks it from going to its intended destination.\n\nAWS WAF generates a response that it sends back to the client, which includes the following:\n\n- The header `x-amzn-waf-action` with a value of `captcha` .\n- The HTTP status code `405 Method Not Allowed` .\n- If the request contains an `Accept` header with a value of `text/html` , the response includes a `CAPTCHA` challenge.\n\nYou can configure the expiration time in the `CaptchaConfig` `ImmunityTimeProperty` setting at the rule and web ACL level. The rule setting overrides the web ACL setting.\n\nThis action option is available for rules. It isn't available for web ACL default actions.", - "title": "Captcha" - }, - "Challenge": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ChallengeAction", - "markdownDescription": "Instructs AWS WAF to run a `Challenge` check against the web request.", - "title": "Challenge" + "FirstName": { + "markdownDescription": "The agent\u2019s first name as entered in their Amazon Connect user account.", + "title": "FirstName", + "type": "string" }, - "Count": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.CountAction", - "markdownDescription": "Instructs AWS WAF to count the web request and then continue evaluating the request using the remaining rules in the web ACL.", - "title": "Count" + "LastName": { + "markdownDescription": "The agent\u2019s last name as entered in their Amazon Connect user account.", + "title": "LastName", + "type": "string" } }, "type": "object" }, - "AWS::WAFv2::WebACL.RuleActionOverride": { + "AWS::Wisdom::MessageTemplate.Content": { "additionalProperties": false, "properties": { - "ActionToUse": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RuleAction", - "markdownDescription": "The override action to use, in place of the configured action of the rule in the rule group.", - "title": "ActionToUse" + "EmailMessageTemplateContent": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.EmailMessageTemplateContent", + "markdownDescription": "The content of the message template that applies to the email channel subtype.", + "title": "EmailMessageTemplateContent" }, - "Name": { - "markdownDescription": "The name of the rule to override.", - "title": "Name", - "type": "string" + "SmsMessageTemplateContent": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.SmsMessageTemplateContent", + "markdownDescription": "The content of message template that applies to SMS channel subtype.", + "title": "SmsMessageTemplateContent" } }, - "required": [ - "ActionToUse", - "Name" - ], "type": "object" }, - "AWS::WAFv2::WebACL.RuleGroupReferenceStatement": { + "AWS::Wisdom::MessageTemplate.CustomerProfileAttributes": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the entity.", - "title": "Arn", + "AccountNumber": { + "markdownDescription": "A unique account number that you have given to the customer.", + "title": "AccountNumber", "type": "string" }, - "ExcludedRules": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ExcludedRule" - }, - "markdownDescription": "Rules in the referenced rule group whose actions are set to `Count` .\n\n> Instead of this option, use `RuleActionOverrides` . It accepts any valid action setting, including `Count` .", - "title": "ExcludedRules", - "type": "array" + "AdditionalInformation": { + "markdownDescription": "Any additional information relevant to the customer's profile.", + "title": "AdditionalInformation", + "type": "string" }, - "RuleActionOverrides": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RuleActionOverride" - }, - "markdownDescription": "Action settings to use in the place of the rule actions that are configured inside the rule group. You specify one override for each rule whose action you want to change.\n\n> Take care to verify the rule names in your overrides. If you provide a rule name that doesn't match the name of any rule in the rule group, AWS WAF doesn't return an error and doesn't apply the override setting. \n\nYou can use overrides for testing, for example you can override all of rule actions to `Count` and then monitor the resulting count metrics to understand how the rule group would handle your web traffic. You can also permanently override some or all actions, to modify how the rule group manages your web traffic.", - "title": "RuleActionOverrides", - "type": "array" - } - }, - "required": [ - "Arn" - ], - "type": "object" - }, - "AWS::WAFv2::WebACL.SingleHeader": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the query header to inspect.", - "title": "Name", + "Address1": { + "markdownDescription": "The first line of a customer address.", + "title": "Address1", "type": "string" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "AWS::WAFv2::WebACL.SingleQueryArgument": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the query argument to inspect.", - "title": "Name", + }, + "Address2": { + "markdownDescription": "The second line of a customer address.", + "title": "Address2", "type": "string" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "AWS::WAFv2::WebACL.SizeConstraintStatement": { - "additionalProperties": false, - "properties": { - "ComparisonOperator": { - "markdownDescription": "The operator to use to compare the request part to the size setting.", - "title": "ComparisonOperator", + }, + "Address3": { + "markdownDescription": "The third line of a customer address.", + "title": "Address3", "type": "string" }, - "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToMatch", - "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", - "title": "FieldToMatch" + "Address4": { + "markdownDescription": "The fourth line of a customer address.", + "title": "Address4", + "type": "string" }, - "Size": { - "markdownDescription": "The size, in byte, to compare to the request part, after any transformations.", - "title": "Size", - "type": "number" + "BillingAddress1": { + "markdownDescription": "The first line of a customer\u2019s billing address.", + "title": "BillingAddress1", + "type": "string" }, - "TextTransformations": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" - }, - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", - "title": "TextTransformations", - "type": "array" - } - }, - "required": [ - "ComparisonOperator", - "FieldToMatch", - "Size", - "TextTransformations" - ], - "type": "object" - }, - "AWS::WAFv2::WebACL.SqliMatchStatement": { - "additionalProperties": false, - "properties": { - "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToMatch", - "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", - "title": "FieldToMatch" + "BillingAddress2": { + "markdownDescription": "The second line of a customer\u2019s billing address.", + "title": "BillingAddress2", + "type": "string" }, - "SensitivityLevel": { - "markdownDescription": "The sensitivity that you want AWS WAF to use to inspect for SQL injection attacks.\n\n`HIGH` detects more attacks, but might generate more false positives, especially if your web requests frequently contain unusual strings. For information about identifying and mitigating false positives, see [Testing and tuning](https://docs.aws.amazon.com/waf/latest/developerguide/web-acl-testing.html) in the *AWS WAF Developer Guide* .\n\n`LOW` is generally a better choice for resources that already have other protections against SQL injection attacks or that have a low tolerance for false positives.\n\nDefault: `LOW`", - "title": "SensitivityLevel", + "BillingAddress3": { + "markdownDescription": "The third line of a customer\u2019s billing address.", + "title": "BillingAddress3", "type": "string" }, - "TextTransformations": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" + "BillingAddress4": { + "markdownDescription": "The fourth line of a customer\u2019s billing address.", + "title": "BillingAddress4", + "type": "string" + }, + "BillingCity": { + "markdownDescription": "The city of a customer\u2019s billing address.", + "title": "BillingCity", + "type": "string" + }, + "BillingCountry": { + "markdownDescription": "The country of a customer\u2019s billing address.", + "title": "BillingCountry", + "type": "string" + }, + "BillingCounty": { + "markdownDescription": "The county of a customer\u2019s billing address.", + "title": "BillingCounty", + "type": "string" + }, + "BillingPostalCode": { + "markdownDescription": "The postal code of a customer\u2019s billing address.", + "title": "BillingPostalCode", + "type": "string" + }, + "BillingProvince": { + "markdownDescription": "The province of a customer\u2019s billing address.", + "title": "BillingProvince", + "type": "string" + }, + "BillingState": { + "markdownDescription": "The state of a customer\u2019s billing address.", + "title": "BillingState", + "type": "string" + }, + "BirthDate": { + "markdownDescription": "The customer's birth date.", + "title": "BirthDate", + "type": "string" + }, + "BusinessEmailAddress": { + "markdownDescription": "The customer's business email address.", + "title": "BusinessEmailAddress", + "type": "string" + }, + "BusinessName": { + "markdownDescription": "The name of the customer's business.", + "title": "BusinessName", + "type": "string" + }, + "BusinessPhoneNumber": { + "markdownDescription": "The customer's business phone number.", + "title": "BusinessPhoneNumber", + "type": "string" + }, + "City": { + "markdownDescription": "The city in which a customer lives.", + "title": "City", + "type": "string" + }, + "Country": { + "markdownDescription": "The country in which a customer lives.", + "title": "Country", + "type": "string" + }, + "County": { + "markdownDescription": "The county in which a customer lives.", + "title": "County", + "type": "string" + }, + "Custom": { + "additionalProperties": true, + "markdownDescription": "The custom attributes in customer profile attributes.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", - "title": "TextTransformations", - "type": "array" - } - }, - "required": [ - "FieldToMatch", - "TextTransformations" - ], - "type": "object" - }, - "AWS::WAFv2::WebACL.Statement": { - "additionalProperties": false, - "properties": { - "AndStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.AndStatement", - "markdownDescription": "A logical rule statement used to combine other rule statements with AND logic. You provide more than one `Statement` within the `AndStatement` .", - "title": "AndStatement" + "title": "Custom", + "type": "object" }, - "ByteMatchStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ByteMatchStatement", - "markdownDescription": "A rule statement that defines a string match search for AWS WAF to apply to web requests. The byte match statement provides the bytes to search for, the location in requests that you want AWS WAF to search, and other settings. The bytes to search for are typically a string that corresponds with ASCII characters. In the AWS WAF console and the developer guide, this is called a string match statement.", - "title": "ByteMatchStatement" + "EmailAddress": { + "markdownDescription": "The customer's email address, which has not been specified as a personal or business address.", + "title": "EmailAddress", + "type": "string" }, - "GeoMatchStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.GeoMatchStatement", - "markdownDescription": "A rule statement that labels web requests by country and region and that matches against web requests based on country code. A geo match rule labels every request that it inspects regardless of whether it finds a match.\n\n- To manage requests only by country, you can use this statement by itself and specify the countries that you want to match against in the `CountryCodes` array.\n- Otherwise, configure your geo match rule with Count action so that it only labels requests. Then, add one or more label match rules to run after the geo match rule and configure them to match against the geographic labels and handle the requests as needed.\n\nAWS WAF labels requests using the alpha-2 country and region codes from the International Organization for Standardization (ISO) 3166 standard. AWS WAF determines the codes using either the IP address in the web request origin or, if you specify it, the address in the geo match `ForwardedIPConfig` .\n\nIf you use the web request origin, the label formats are `awswaf:clientip:geo:region:-` and `awswaf:clientip:geo:country:` .\n\nIf you use a forwarded IP address, the label formats are `awswaf:forwardedip:geo:region:-` and `awswaf:forwardedip:geo:country:` .\n\nFor additional details, see [Geographic match rule statement](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-type-geo-match.html) in the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html) .", - "title": "GeoMatchStatement" + "FirstName": { + "markdownDescription": "The customer's first name.", + "title": "FirstName", + "type": "string" }, - "IPSetReferenceStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.IPSetReferenceStatement", - "markdownDescription": "A rule statement used to detect web requests coming from particular IP addresses or address ranges. To use this, create an `IPSet` that specifies the addresses you want to detect, then use the ARN of that set in this statement.\n\nEach IP set rule statement references an IP set. You create and maintain the set independent of your rules. This allows you to use the single set in multiple rules. When you update the referenced set, AWS WAF automatically updates all rules that reference it.", - "title": "IPSetReferenceStatement" + "Gender": { + "markdownDescription": "The customer's gender.", + "title": "Gender", + "type": "string" }, - "LabelMatchStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.LabelMatchStatement", - "markdownDescription": "A rule statement to match against labels that have been added to the web request by rules that have already run in the web ACL.\n\nThe label match statement provides the label or namespace string to search for. The label string can represent a part or all of the fully qualified label name that had been added to the web request. Fully qualified labels have a prefix, optional namespaces, and label name. The prefix identifies the rule group or web ACL context of the rule that added the label. If you do not provide the fully qualified name in your label match string, AWS WAF performs the search for labels that were added in the same context as the label match statement.", - "title": "LabelMatchStatement" + "HomePhoneNumber": { + "markdownDescription": "The customer's mobile phone number.", + "title": "HomePhoneNumber", + "type": "string" }, - "ManagedRuleGroupStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ManagedRuleGroupStatement", - "markdownDescription": "A rule statement used to run the rules that are defined in a managed rule group. To use this, provide the vendor name and the name of the rule group in this statement. You can retrieve the required names through the API call `ListAvailableManagedRuleGroups` .\n\nYou cannot nest a `ManagedRuleGroupStatement` , for example for use inside a `NotStatement` or `OrStatement` . It can only be referenced as a top-level statement within a rule.\n\n> You are charged additional fees when you use the AWS WAF Bot Control managed rule group `AWSManagedRulesBotControlRuleSet` , the AWS WAF Fraud Control account takeover prevention (ATP) managed rule group `AWSManagedRulesATPRuleSet` , or the AWS WAF Fraud Control account creation fraud prevention (ACFP) managed rule group `AWSManagedRulesACFPRuleSet` . For more information, see [AWS WAF Pricing](https://docs.aws.amazon.com/waf/pricing/) .", - "title": "ManagedRuleGroupStatement" + "LastName": { + "markdownDescription": "The customer's last name.", + "title": "LastName", + "type": "string" }, - "NotStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.NotStatement", - "markdownDescription": "A logical rule statement used to negate the results of another rule statement. You provide one `Statement` within the `NotStatement` .", - "title": "NotStatement" + "MailingAddress1": { + "markdownDescription": "The first line of a customer\u2019s mailing address.", + "title": "MailingAddress1", + "type": "string" }, - "OrStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.OrStatement", - "markdownDescription": "A logical rule statement used to combine other rule statements with OR logic. You provide more than one `Statement` within the `OrStatement` .", - "title": "OrStatement" + "MailingAddress2": { + "markdownDescription": "The second line of a customer\u2019s mailing address.", + "title": "MailingAddress2", + "type": "string" }, - "RateBasedStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RateBasedStatement", - "markdownDescription": "A rate-based rule counts incoming requests and rate limits requests when they are coming at too fast a rate. The rule categorizes requests according to your aggregation criteria, collects them into aggregation instances, and counts and rate limits the requests for each instance.\n\n> If you change any of these settings in a rule that's currently in use, the change resets the rule's rate limiting counts. This can pause the rule's rate limiting activities for up to a minute. \n\nYou can specify individual aggregation keys, like IP address or HTTP method. You can also specify aggregation key combinations, like IP address and HTTP method, or HTTP method, query argument, and cookie.\n\nEach unique set of values for the aggregation keys that you specify is a separate aggregation instance, with the value from each key contributing to the aggregation instance definition.\n\nFor example, assume the rule evaluates web requests with the following IP address and HTTP method values:\n\n- IP address 10.1.1.1, HTTP method POST\n- IP address 10.1.1.1, HTTP method GET\n- IP address 127.0.0.0, HTTP method POST\n- IP address 10.1.1.1, HTTP method GET\n\nThe rule would create different aggregation instances according to your aggregation criteria, for example:\n\n- If the aggregation criteria is just the IP address, then each individual address is an aggregation instance, and AWS WAF counts requests separately for each. The aggregation instances and request counts for our example would be the following:\n\n- IP address 10.1.1.1: count 3\n- IP address 127.0.0.0: count 1\n- If the aggregation criteria is HTTP method, then each individual HTTP method is an aggregation instance. The aggregation instances and request counts for our example would be the following:\n\n- HTTP method POST: count 2\n- HTTP method GET: count 2\n- If the aggregation criteria is IP address and HTTP method, then each IP address and each HTTP method would contribute to the combined aggregation instance. The aggregation instances and request counts for our example would be the following:\n\n- IP address 10.1.1.1, HTTP method POST: count 1\n- IP address 10.1.1.1, HTTP method GET: count 2\n- IP address 127.0.0.0, HTTP method POST: count 1\n\nFor any n-tuple of aggregation keys, each unique combination of values for the keys defines a separate aggregation instance, which AWS WAF counts and rate-limits individually.\n\nYou can optionally nest another statement inside the rate-based statement, to narrow the scope of the rule so that it only counts and rate limits requests that match the nested statement. You can use this nested scope-down statement in conjunction with your aggregation key specifications or you can just count and rate limit all requests that match the scope-down statement, without additional aggregation. When you choose to just manage all requests that match a scope-down statement, the aggregation instance is singular for the rule.\n\nYou cannot nest a `RateBasedStatement` inside another statement, for example inside a `NotStatement` or `OrStatement` . You can define a `RateBasedStatement` inside a web ACL and inside a rule group.\n\nFor additional information about the options, see [Rate limiting web requests using rate-based rules](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rate-based-rules.html) in the *AWS WAF Developer Guide* .\n\nIf you only aggregate on the individual IP address or forwarded IP address, you can retrieve the list of IP addresses that AWS WAF is currently rate limiting for a rule through the API call `GetRateBasedStatementManagedKeys` . This option is not available for other aggregation configurations.\n\nAWS WAF tracks and manages web requests separately for each instance of a rate-based rule that you use. For example, if you provide the same rate-based rule settings in two web ACLs, each of the two rule statements represents a separate instance of the rate-based rule and gets its own tracking and management by AWS WAF . If you define a rate-based rule inside a rule group, and then use that rule group in multiple places, each use creates a separate instance of the rate-based rule that gets its own tracking and management by AWS WAF .", - "title": "RateBasedStatement" + "MailingAddress3": { + "markdownDescription": "The third line of a customer\u2019s mailing address.", + "title": "MailingAddress3", + "type": "string" }, - "RegexMatchStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RegexMatchStatement", - "markdownDescription": "A rule statement used to search web request components for a match against a single regular expression.", - "title": "RegexMatchStatement" + "MailingAddress4": { + "markdownDescription": "The fourth line of a customer\u2019s mailing address.", + "title": "MailingAddress4", + "type": "string" }, - "RegexPatternSetReferenceStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RegexPatternSetReferenceStatement", - "markdownDescription": "A rule statement used to search web request components for matches with regular expressions. To use this, create a `RegexPatternSet` that specifies the expressions that you want to detect, then use the ARN of that set in this statement. A web request matches the pattern set rule statement if the request component matches any of the patterns in the set.\n\nEach regex pattern set rule statement references a regex pattern set. You create and maintain the set independent of your rules. This allows you to use the single set in multiple rules. When you update the referenced set, AWS WAF automatically updates all rules that reference it.", - "title": "RegexPatternSetReferenceStatement" + "MailingCity": { + "markdownDescription": "The city of a customer\u2019s mailing address.", + "title": "MailingCity", + "type": "string" }, - "RuleGroupReferenceStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RuleGroupReferenceStatement", - "markdownDescription": "A rule statement used to run the rules that are defined in a `RuleGroup` . To use this, create a rule group with your rules, then provide the ARN of the rule group in this statement.\n\nYou cannot nest a `RuleGroupReferenceStatement` , for example for use inside a `NotStatement` or `OrStatement` . You cannot use a rule group reference statement inside another rule group. You can only reference a rule group as a top-level statement within a rule that you define in a web ACL.", - "title": "RuleGroupReferenceStatement" + "MailingCountry": { + "markdownDescription": "The country of a customer\u2019s mailing address.", + "title": "MailingCountry", + "type": "string" }, - "SizeConstraintStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.SizeConstraintStatement", - "markdownDescription": "A rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (>) or less than (<). For example, you can use a size constraint statement to look for query strings that are longer than 100 bytes.\n\nIf you configure AWS WAF to inspect the request body, AWS WAF inspects only the number of bytes in the body up to the limit for the web ACL and protected resource type. If you know that the request body for your web requests should never exceed the inspection limit, you can use a size constraint statement to block requests that have a larger request body size. For more information about the inspection limits, see `Body` and `JsonBody` settings for the `FieldToMatch` data type.\n\nIf you choose URI for the value of Part of the request to filter on, the slash (/) in the URI counts as one character. For example, the URI `/logo.jpg` is nine characters long.", - "title": "SizeConstraintStatement" + "MailingCounty": { + "markdownDescription": "The county of a customer\u2019s mailing address.", + "title": "MailingCounty", + "type": "string" }, - "SqliMatchStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.SqliMatchStatement", - "markdownDescription": "A rule statement that inspects for malicious SQL code. Attackers insert malicious SQL code into web requests to do things like modify your database or extract data from it.", - "title": "SqliMatchStatement" + "MailingPostalCode": { + "markdownDescription": "The postal code of a customer\u2019s mailing address.", + "title": "MailingPostalCode", + "type": "string" }, - "XssMatchStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.XssMatchStatement", - "markdownDescription": "A rule statement that inspects for cross-site scripting (XSS) attacks. In XSS attacks, the attacker uses vulnerabilities in a benign website as a vehicle to inject malicious client-site scripts into other legitimate web browsers.", - "title": "XssMatchStatement" + "MailingProvince": { + "markdownDescription": "The province of a customer\u2019s mailing address.", + "title": "MailingProvince", + "type": "string" + }, + "MailingState": { + "markdownDescription": "The state of a customer\u2019s mailing address.", + "title": "MailingState", + "type": "string" + }, + "MiddleName": { + "markdownDescription": "The customer's middle name.", + "title": "MiddleName", + "type": "string" + }, + "MobilePhoneNumber": { + "markdownDescription": "The customer's mobile phone number.", + "title": "MobilePhoneNumber", + "type": "string" + }, + "PartyType": { + "markdownDescription": "The customer's party type.", + "title": "PartyType", + "type": "string" + }, + "PhoneNumber": { + "markdownDescription": "The customer's phone number, which has not been specified as a mobile, home, or business number.", + "title": "PhoneNumber", + "type": "string" + }, + "PostalCode": { + "markdownDescription": "The postal code of a customer address.", + "title": "PostalCode", + "type": "string" + }, + "ProfileARN": { + "markdownDescription": "The ARN of a customer profile.", + "title": "ProfileARN", + "type": "string" + }, + "ProfileId": { + "markdownDescription": "The unique identifier of a customer profile.", + "title": "ProfileId", + "type": "string" + }, + "Province": { + "markdownDescription": "The province in which a customer lives.", + "title": "Province", + "type": "string" + }, + "ShippingAddress1": { + "markdownDescription": "The first line of a customer\u2019s shipping address.", + "title": "ShippingAddress1", + "type": "string" + }, + "ShippingAddress2": { + "markdownDescription": "The second line of a customer\u2019s shipping address.", + "title": "ShippingAddress2", + "type": "string" + }, + "ShippingAddress3": { + "markdownDescription": "The third line of a customer\u2019s shipping address.", + "title": "ShippingAddress3", + "type": "string" + }, + "ShippingAddress4": { + "markdownDescription": "The fourth line of a customer\u2019s shipping address.", + "title": "ShippingAddress4", + "type": "string" + }, + "ShippingCity": { + "markdownDescription": "The city of a customer\u2019s shipping address.", + "title": "ShippingCity", + "type": "string" + }, + "ShippingCountry": { + "markdownDescription": "The country of a customer\u2019s shipping address.", + "title": "ShippingCountry", + "type": "string" + }, + "ShippingCounty": { + "markdownDescription": "The county of a customer\u2019s shipping address.", + "title": "ShippingCounty", + "type": "string" + }, + "ShippingPostalCode": { + "markdownDescription": "The postal code of a customer\u2019s shipping address.", + "title": "ShippingPostalCode", + "type": "string" + }, + "ShippingProvince": { + "markdownDescription": "The province of a customer\u2019s shipping address.", + "title": "ShippingProvince", + "type": "string" + }, + "ShippingState": { + "markdownDescription": "The state of a customer\u2019s shipping address.", + "title": "ShippingState", + "type": "string" + }, + "State": { + "markdownDescription": "The state in which a customer lives.", + "title": "State", + "type": "string" } }, "type": "object" }, - "AWS::WAFv2::WebACL.TextTransformation": { + "AWS::Wisdom::MessageTemplate.EmailMessageTemplateContent": { "additionalProperties": false, "properties": { - "Priority": { - "markdownDescription": "Sets the relative processing order for multiple transformations. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content. The priorities don't need to be consecutive, but they must all be different.", - "title": "Priority", - "type": "number" + "Body": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.EmailMessageTemplateContentBody", + "markdownDescription": "The body to use in email messages.", + "title": "Body" + }, + "Headers": { + "items": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.EmailMessageTemplateHeader" + }, + "markdownDescription": "The email headers to include in email messages.", + "title": "Headers", + "type": "array" }, - "Type": { - "markdownDescription": "For detailed descriptions of each of the transformation types, see [Text transformations](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-transformation.html) in the *AWS WAF Developer Guide* .", - "title": "Type", + "Subject": { + "markdownDescription": "The subject line, or title, to use in email messages.", + "title": "Subject", "type": "string" } }, "required": [ - "Priority", - "Type" + "Body", + "Headers", + "Subject" ], "type": "object" }, - "AWS::WAFv2::WebACL.VisibilityConfig": { + "AWS::Wisdom::MessageTemplate.EmailMessageTemplateContentBody": { "additionalProperties": false, "properties": { - "CloudWatchMetricsEnabled": { - "markdownDescription": "Indicates whether the associated resource sends metrics to Amazon CloudWatch. For the list of available metrics, see [AWS WAF Metrics](https://docs.aws.amazon.com/waf/latest/developerguide/monitoring-cloudwatch.html#waf-metrics) in the *AWS WAF Developer Guide* .\n\nFor web ACLs, the metrics are for web requests that have the web ACL default action applied. AWS WAF applies the default action to web requests that pass the inspection of all rules in the web ACL without being either allowed or blocked. For more information,\nsee [The web ACL default action](https://docs.aws.amazon.com/waf/latest/developerguide/web-acl-default-action.html) in the *AWS WAF Developer Guide* .", - "title": "CloudWatchMetricsEnabled", - "type": "boolean" + "Html": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.MessageTemplateBodyContentProvider", + "markdownDescription": "The message body, in HTML format, to use in email messages that are based on the message template. We recommend using HTML format for email clients that render HTML content. You can include links, formatted text, and more in an HTML message.", + "title": "Html" }, - "MetricName": { - "markdownDescription": "A name of the Amazon CloudWatch metric dimension. The name can contain only the characters: A-Z, a-z, 0-9, - (hyphen), and _ (underscore). The name can be from one to 128 characters long. It can't contain whitespace or metric names that are reserved for AWS WAF , for example `All` and `Default_Action` .", - "title": "MetricName", + "PlainText": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.MessageTemplateBodyContentProvider", + "markdownDescription": "The message body, in plain text format, to use in email messages that are based on the message template. We recommend using plain text format for email clients that don't render HTML content and clients that are connected to high-latency networks, such as mobile devices.", + "title": "PlainText" + } + }, + "type": "object" + }, + "AWS::Wisdom::MessageTemplate.EmailMessageTemplateHeader": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the email header.", + "title": "Name", "type": "string" }, - "SampledRequestsEnabled": { - "markdownDescription": "Indicates whether AWS WAF should store a sampling of the web requests that match the rules. You can view the sampled requests through the AWS WAF console.\n\nIf you configure data protection for the web ACL, the protection applies to the web ACL's sampled web request data.\n\n> Request sampling doesn't provide a field redaction option, and any field redaction that you specify in your logging configuration doesn't affect sampling. You can only exclude fields from request sampling by disabling sampling in the web ACL visibility configuration or by configuring data protection for the web ACL.", - "title": "SampledRequestsEnabled", - "type": "boolean" + "Value": { + "markdownDescription": "The value of the email header.", + "title": "Value", + "type": "string" } }, - "required": [ - "CloudWatchMetricsEnabled", - "MetricName", - "SampledRequestsEnabled" - ], "type": "object" }, - "AWS::WAFv2::WebACL.XssMatchStatement": { + "AWS::Wisdom::MessageTemplate.GroupingConfiguration": { "additionalProperties": false, "properties": { - "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToMatch", - "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", - "title": "FieldToMatch" + "Criteria": { + "markdownDescription": "The criteria used for grouping Amazon Q in Connect users.\n\nThe following is the list of supported criteria values.\n\n- `RoutingProfileArn` : Grouping the users by their [Amazon Connect routing profile ARN](https://docs.aws.amazon.com/connect/latest/APIReference/API_RoutingProfile.html) . User should have [SearchRoutingProfile](https://docs.aws.amazon.com/connect/latest/APIReference/API_SearchRoutingProfiles.html) and [DescribeRoutingProfile](https://docs.aws.amazon.com/connect/latest/APIReference/API_DescribeRoutingProfile.html) permissions when setting criteria to this value.", + "title": "Criteria", + "type": "string" }, - "TextTransformations": { + "Values": { "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" + "type": "string" }, - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", - "title": "TextTransformations", + "markdownDescription": "The list of values that define different groups of Amazon Q in Connect users.\n\n- When setting `criteria` to `RoutingProfileArn` , you need to provide a list of ARNs of [Amazon Connect routing profiles](https://docs.aws.amazon.com/connect/latest/APIReference/API_RoutingProfile.html) as values of this parameter.", + "title": "Values", "type": "array" } }, "required": [ - "FieldToMatch", - "TextTransformations" + "Criteria", + "Values" ], "type": "object" }, - "AWS::WAFv2::WebACLAssociation": { + "AWS::Wisdom::MessageTemplate.MessageTemplateAttachment": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "AttachmentId": { + "markdownDescription": "The identifier of the attachment file.", + "title": "AttachmentId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource to associate with the web ACL.\n\nThe ARN must be in one of the following formats:\n\n- For an Application Load Balancer: `arn: *partition* :elasticloadbalancing: *region* : *account-id* :loadbalancer/app/ *load-balancer-name* / *load-balancer-id*`\n- For an Amazon API Gateway REST API: `arn: *partition* :apigateway: *region* ::/restapis/ *api-id* /stages/ *stage-name*`\n- For an AWS AppSync GraphQL API: `arn: *partition* :appsync: *region* : *account-id* :apis/ *GraphQLApiId*`\n- For an Amazon Cognito user pool: `arn: *partition* :cognito-idp: *region* : *account-id* :userpool/ *user-pool-id*`\n- For an AWS App Runner service: `arn: *partition* :apprunner: *region* : *account-id* :service/ *apprunner-service-name* / *apprunner-service-id*`\n- For an AWS Verified Access instance: `arn: *partition* :ec2: *region* : *account-id* :verified-access-instance/ *instance-id*`\n- For an AWS Amplify instance: `arn: *partition* :amplify: *region* : *account-id* :apps/ *app-id*`", - "title": "ResourceArn", - "type": "string" - }, - "WebACLArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the web ACL that you want to associate with the resource.", - "title": "WebACLArn", - "type": "string" - } - }, - "required": [ - "ResourceArn", - "WebACLArn" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::WAFv2::WebACLAssociation" - ], + "AttachmentName": { + "markdownDescription": "The name of the attachment file being uploaded. The name should include the file extension.", + "title": "AttachmentName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "S3PresignedUrl": { + "markdownDescription": "The S3 Presigned URL for the attachment file. When generating the PreSignedUrl, please ensure that the expires-in time is set to 30 minutes. The URL can be generated through the AWS Console or through the AWS CLI. For more information, see [Sharing objects with presigned URLs](https://docs.aws.amazon.com/AmazonS3/latest/userguide/ShareObjectPreSignedURL.html) .", + "title": "S3PresignedUrl", "type": "string" } }, "required": [ - "Type", - "Properties" + "AttachmentName", + "S3PresignedUrl" ], "type": "object" }, - "AWS::Wisdom::Assistant": { + "AWS::Wisdom::MessageTemplate.MessageTemplateAttributes": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "AgentAttributes": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.AgentAttributes", + "markdownDescription": "The agent attributes that are used with the message template.", + "title": "AgentAttributes" }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The description of the assistant.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the assistant.", - "title": "Name", - "type": "string" - }, - "ServerSideEncryptionConfiguration": { - "$ref": "#/definitions/AWS::Wisdom::Assistant.ServerSideEncryptionConfiguration", - "markdownDescription": "The configuration information for the customer managed key used for encryption. The customer managed key must have a policy that allows `kms:CreateGrant` and `kms:DescribeKey` permissions to the IAM identity using the key to invoke Wisdom. To use Wisdom with chat, the key policy must also allow `kms:Decrypt` , `kms:GenerateDataKey*` , and `kms:DescribeKey` permissions to the `connect.amazonaws.com` service principal. For more information about setting up a customer managed key for Wisdom, see [Enable Amazon Connect Wisdom for your instance](https://docs.aws.amazon.com/connect/latest/adminguide/enable-wisdom.html) .", - "title": "ServerSideEncryptionConfiguration" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags used to organize, track, or control access for this resource.", - "title": "Tags", - "type": "array" - }, - "Type": { - "markdownDescription": "The type of assistant.", - "title": "Type", + "CustomAttributes": { + "additionalProperties": true, + "markdownDescription": "The custom attributes that are used with the message template.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { "type": "string" } }, - "required": [ - "Name", - "Type" - ], + "title": "CustomAttributes", "type": "object" }, - "Type": { - "enum": [ - "AWS::Wisdom::Assistant" - ], - "type": "string" + "CustomerProfileAttributes": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.CustomerProfileAttributes", + "markdownDescription": "The customer profile attributes that are used with the message template.", + "title": "CustomerProfileAttributes" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SystemAttributes": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.SystemAttributes", + "markdownDescription": "The system attributes that are used with the message template.", + "title": "SystemAttributes" + } + }, + "type": "object" + }, + "AWS::Wisdom::MessageTemplate.MessageTemplateBodyContentProvider": { + "additionalProperties": false, + "properties": { + "Content": { + "markdownDescription": "The content of the message template.", + "title": "Content", "type": "string" } }, + "type": "object" + }, + "AWS::Wisdom::MessageTemplate.SmsMessageTemplateContent": { + "additionalProperties": false, + "properties": { + "Body": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.SmsMessageTemplateContentBody", + "markdownDescription": "The body to use in SMS messages.", + "title": "Body" + } + }, "required": [ - "Type", - "Properties" + "Body" ], "type": "object" }, - "AWS::Wisdom::Assistant.ServerSideEncryptionConfiguration": { + "AWS::Wisdom::MessageTemplate.SmsMessageTemplateContentBody": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "The customer managed key used for encryption. The customer managed key must have a policy that allows `kms:CreateGrant` and `kms:DescribeKey` permissions to the IAM identity using the key to invoke Wisdom. To use Wisdom with chat, the key policy must also allow `kms:Decrypt` , `kms:GenerateDataKey*` , and `kms:DescribeKey` permissions to the `connect.amazonaws.com` service principal. For more information about setting up a customer managed key for Wisdom, see [Enable Amazon Connect Wisdom for your instance](https://docs.aws.amazon.com/connect/latest/adminguide/enable-wisdom.html) . For information about valid ID values, see [Key identifiers (KeyId)](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id) in the *AWS Key Management Service Developer Guide* .", - "title": "KmsKeyId", + "PlainText": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.MessageTemplateBodyContentProvider", + "markdownDescription": "The message body to use in SMS messages.", + "title": "PlainText" + } + }, + "type": "object" + }, + "AWS::Wisdom::MessageTemplate.SystemAttributes": { + "additionalProperties": false, + "properties": { + "CustomerEndpoint": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.SystemEndpointAttributes", + "markdownDescription": "The CustomerEndpoint attribute.", + "title": "CustomerEndpoint" + }, + "Name": { + "markdownDescription": "The name of the task.", + "title": "Name", "type": "string" + }, + "SystemEndpoint": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.SystemEndpointAttributes", + "markdownDescription": "The SystemEndpoint attribute.", + "title": "SystemEndpoint" } }, "type": "object" }, - "AWS::Wisdom::AssistantAssociation": { + "AWS::Wisdom::MessageTemplate.SystemEndpointAttributes": { + "additionalProperties": false, + "properties": { + "Address": { + "markdownDescription": "The customer's phone number if used with `customerEndpoint` , or the number the customer dialed to call your contact center if used with `systemEndpoint` .", + "title": "Address", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Wisdom::MessageTemplateVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -271557,40 +324295,25 @@ "Properties": { "additionalProperties": false, "properties": { - "AssistantId": { - "markdownDescription": "The identifier of the Wisdom assistant.", - "title": "AssistantId", + "MessageTemplateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the message template.", + "title": "MessageTemplateArn", "type": "string" }, - "Association": { - "$ref": "#/definitions/AWS::Wisdom::AssistantAssociation.AssociationData", - "markdownDescription": "The identifier of the associated resource.", - "title": "Association" - }, - "AssociationType": { - "markdownDescription": "The type of association.", - "title": "AssociationType", + "MessageTemplateContentSha256": { + "markdownDescription": "The content SHA256 of the message template.", + "title": "MessageTemplateContentSha256", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags used to organize, track, or control access for this resource.", - "title": "Tags", - "type": "array" } }, "required": [ - "AssistantId", - "Association", - "AssociationType" + "MessageTemplateArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Wisdom::AssistantAssociation" + "AWS::Wisdom::MessageTemplateVersion" ], "type": "string" }, @@ -271609,21 +324332,7 @@ ], "type": "object" }, - "AWS::Wisdom::AssistantAssociation.AssociationData": { - "additionalProperties": false, - "properties": { - "KnowledgeBaseId": { - "markdownDescription": "The identifier of the knowledge base.", - "title": "KnowledgeBaseId", - "type": "string" - } - }, - "required": [ - "KnowledgeBaseId" - ], - "type": "object" - }, - "AWS::Wisdom::KnowledgeBase": { + "AWS::Wisdom::QuickResponse": { "additionalProperties": false, "properties": { "Condition": { @@ -271658,35 +324367,58 @@ "Properties": { "additionalProperties": false, "properties": { + "Channels": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Connect contact channels this quick response applies to. The supported contact channel types include `Chat` .", + "title": "Channels", + "type": "array" + }, + "Content": { + "$ref": "#/definitions/AWS::Wisdom::QuickResponse.QuickResponseContentProvider", + "markdownDescription": "The content of the quick response.", + "title": "Content" + }, + "ContentType": { + "markdownDescription": "The media type of the quick response content.\n\n- Use `application/x.quickresponse;format=plain` for quick response written in plain text.\n- Use `application/x.quickresponse;format=markdown` for quick response written in richtext.", + "title": "ContentType", + "type": "string" + }, "Description": { - "markdownDescription": "The description.", + "markdownDescription": "The description of the quick response.", "title": "Description", "type": "string" }, - "KnowledgeBaseType": { - "markdownDescription": "The type of knowledge base. Only CUSTOM knowledge bases allow you to upload your own content. EXTERNAL knowledge bases support integrations with third-party systems whose content is synchronized automatically.", - "title": "KnowledgeBaseType", + "GroupingConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::QuickResponse.GroupingConfiguration", + "markdownDescription": "The configuration information of the user groups that the quick response is accessible to.", + "title": "GroupingConfiguration" + }, + "IsActive": { + "markdownDescription": "Whether the quick response is active.", + "title": "IsActive", + "type": "boolean" + }, + "KnowledgeBaseArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the knowledge base.", + "title": "KnowledgeBaseArn", + "type": "string" + }, + "Language": { + "markdownDescription": "The language code value for the language in which the quick response is written. The supported language codes include `de_DE` , `en_US` , `es_ES` , `fr_FR` , `id_ID` , `it_IT` , `ja_JP` , `ko_KR` , `pt_BR` , `zh_CN` , `zh_TW`", + "title": "Language", "type": "string" }, "Name": { - "markdownDescription": "The name of the knowledge base.", + "markdownDescription": "The name of the quick response.", "title": "Name", "type": "string" }, - "RenderingConfiguration": { - "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.RenderingConfiguration", - "markdownDescription": "Information about how to render the content.", - "title": "RenderingConfiguration" - }, - "ServerSideEncryptionConfiguration": { - "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.ServerSideEncryptionConfiguration", - "markdownDescription": "This customer managed key must have a policy that allows `kms:CreateGrant` and `kms:DescribeKey` permissions to the IAM identity using the key to invoke Wisdom. For more information about setting up a customer managed key for Wisdom, see [Enable Amazon Connect Wisdom for your instance](https://docs.aws.amazon.com/connect/latest/adminguide/enable-wisdom.html) . For information about valid ID values, see [Key identifiers (KeyId)](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id) in the *AWS Key Management Service Developer Guide* .", - "title": "ServerSideEncryptionConfiguration" - }, - "SourceConfiguration": { - "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.SourceConfiguration", - "markdownDescription": "The source of the knowledge base content. Only set this argument for EXTERNAL or Managed knowledge bases.", - "title": "SourceConfiguration" + "ShortcutKey": { + "markdownDescription": "The shortcut key of the quick response. The value should be unique across the knowledge base.", + "title": "ShortcutKey", + "type": "string" }, "Tags": { "items": { @@ -271698,14 +324430,15 @@ } }, "required": [ - "KnowledgeBaseType", + "Content", + "KnowledgeBaseArn", "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Wisdom::KnowledgeBase" + "AWS::Wisdom::QuickResponse" ], "type": "string" }, @@ -271724,62 +324457,54 @@ ], "type": "object" }, - "AWS::Wisdom::KnowledgeBase.AppIntegrationsConfiguration": { + "AWS::Wisdom::QuickResponse.GroupingConfiguration": { "additionalProperties": false, "properties": { - "AppIntegrationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AppIntegrations DataIntegration to use for ingesting content.\n\n- For [Salesforce](https://docs.aws.amazon.com/https://developer.salesforce.com/docs/atlas.en-us.knowledge_dev.meta/knowledge_dev/sforce_api_objects_knowledge__kav.htm) , your AppIntegrations DataIntegration must have an ObjectConfiguration if objectFields is not provided, including at least `Id` , `ArticleNumber` , `VersionNumber` , `Title` , `PublishStatus` , and `IsDeleted` as source fields.\n- For [ServiceNow](https://docs.aws.amazon.com/https://developer.servicenow.com/dev.do#!/reference/api/rome/rest/knowledge-management-api) , your AppIntegrations DataIntegration must have an ObjectConfiguration if objectFields is not provided, including at least `number` , `short_description` , `sys_mod_count` , `workflow_state` , and `active` as source fields.\n- For [Zendesk](https://docs.aws.amazon.com/https://developer.zendesk.com/api-reference/help_center/help-center-api/articles/) , your AppIntegrations DataIntegration must have an ObjectConfiguration if `objectFields` is not provided, including at least `id` , `title` , `updated_at` , and `draft` as source fields.\n- For [SharePoint](https://docs.aws.amazon.com/https://learn.microsoft.com/en-us/sharepoint/dev/sp-add-ins/sharepoint-net-server-csom-jsom-and-rest-api-index) , your AppIntegrations DataIntegration must have a FileConfiguration, including only file extensions that are among `docx` , `pdf` , `html` , `htm` , and `txt` .\n- For [Amazon S3](https://docs.aws.amazon.com/s3/) , the ObjectConfiguration and FileConfiguration of your AppIntegrations DataIntegration must be null. The `SourceURI` of your DataIntegration must use the following format: `s3://your_s3_bucket_name` .\n\n> The bucket policy of the corresponding S3 bucket must allow the AWS principal `app-integrations.amazonaws.com` to perform `s3:ListBucket` , `s3:GetObject` , and `s3:GetBucketLocation` against the bucket.", - "title": "AppIntegrationArn", + "Criteria": { + "markdownDescription": "The criteria used for grouping Amazon Q in Connect users.\n\nThe following is the list of supported criteria values.\n\n- `RoutingProfileArn` : Grouping the users by their [Amazon Connect routing profile ARN](https://docs.aws.amazon.com/connect/latest/APIReference/API_RoutingProfile.html) . User should have [SearchRoutingProfile](https://docs.aws.amazon.com/connect/latest/APIReference/API_SearchRoutingProfiles.html) and [DescribeRoutingProfile](https://docs.aws.amazon.com/connect/latest/APIReference/API_DescribeRoutingProfile.html) permissions when setting criteria to this value.", + "title": "Criteria", "type": "string" }, - "ObjectFields": { + "Values": { "items": { "type": "string" }, - "markdownDescription": "The fields from the source that are made available to your agents in Amazon Q in Connect. Optional if ObjectConfiguration is included in the provided DataIntegration.\n\n- For [Salesforce](https://docs.aws.amazon.com/https://developer.salesforce.com/docs/atlas.en-us.knowledge_dev.meta/knowledge_dev/sforce_api_objects_knowledge__kav.htm) , you must include at least `Id` , `ArticleNumber` , `VersionNumber` , `Title` , `PublishStatus` , and `IsDeleted` .\n- For [ServiceNow](https://docs.aws.amazon.com/https://developer.servicenow.com/dev.do#!/reference/api/rome/rest/knowledge-management-api) , you must include at least `number` , `short_description` , `sys_mod_count` , `workflow_state` , and `active` .\n- For [Zendesk](https://docs.aws.amazon.com/https://developer.zendesk.com/api-reference/help_center/help-center-api/articles/) , you must include at least `id` , `title` , `updated_at` , and `draft` .\n\nMake sure to include additional fields. These fields are indexed and used to source recommendations.", - "title": "ObjectFields", + "markdownDescription": "The list of values that define different groups of Amazon Q in Connect users.\n\n- When setting `criteria` to `RoutingProfileArn` , you need to provide a list of ARNs of [Amazon Connect routing profiles](https://docs.aws.amazon.com/connect/latest/APIReference/API_RoutingProfile.html) as values of this parameter.", + "title": "Values", "type": "array" } }, "required": [ - "AppIntegrationArn" + "Criteria", + "Values" ], "type": "object" }, - "AWS::Wisdom::KnowledgeBase.RenderingConfiguration": { - "additionalProperties": false, - "properties": { - "TemplateUri": { - "markdownDescription": "A URI template containing exactly one variable in `${variableName}` format. This can only be set for `EXTERNAL` knowledge bases. For Salesforce, ServiceNow, and Zendesk, the variable must be one of the following:\n\n- Salesforce: `Id` , `ArticleNumber` , `VersionNumber` , `Title` , `PublishStatus` , or `IsDeleted`\n- ServiceNow: `number` , `short_description` , `sys_mod_count` , `workflow_state` , or `active`\n- Zendesk: `id` , `title` , `updated_at` , or `draft`\n\nThe variable is replaced with the actual value for a piece of content when calling [GetContent](https://docs.aws.amazon.com/amazon-q-connect/latest/APIReference/API_GetContent.html) .", - "title": "TemplateUri", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Wisdom::KnowledgeBase.ServerSideEncryptionConfiguration": { + "AWS::Wisdom::QuickResponse.QuickResponseContentProvider": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "The customer managed key used for encryption.\n\nThis customer managed key must have a policy that allows `kms:CreateGrant` and `kms:DescribeKey` permissions to the IAM identity using the key to invoke Wisdom.\n\nFor more information about setting up a customer managed key for Wisdom, see [Enable Amazon Connect Wisdom for your instance](https://docs.aws.amazon.com/connect/latest/adminguide/enable-wisdom.html) . For information about valid ID values, see [Key identifiers (KeyId)](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id) .", - "title": "KmsKeyId", + "Content": { + "markdownDescription": "The content of the quick response.", + "title": "Content", "type": "string" } }, "type": "object" }, - "AWS::Wisdom::KnowledgeBase.SourceConfiguration": { + "AWS::Wisdom::QuickResponse.QuickResponseContents": { "additionalProperties": false, "properties": { - "AppIntegrations": { - "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.AppIntegrationsConfiguration", - "markdownDescription": "Configuration information for Amazon AppIntegrations to automatically ingest content.", - "title": "AppIntegrations" + "Markdown": { + "$ref": "#/definitions/AWS::Wisdom::QuickResponse.QuickResponseContentProvider", + "markdownDescription": "The quick response content in markdown format.", + "title": "Markdown" + }, + "PlainText": { + "$ref": "#/definitions/AWS::Wisdom::QuickResponse.QuickResponseContentProvider", + "markdownDescription": "The quick response content in plaintext format.", + "title": "PlainText" } }, - "required": [ - "AppIntegrations" - ], "type": "object" }, "AWS::WorkSpaces::ConnectionAlias": { @@ -272021,6 +324746,165 @@ }, "type": "object" }, + "AWS::WorkSpaces::WorkspacesPool": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationSettings": { + "$ref": "#/definitions/AWS::WorkSpaces::WorkspacesPool.ApplicationSettings", + "markdownDescription": "The persistent application settings for users of the pool.", + "title": "ApplicationSettings" + }, + "BundleId": { + "markdownDescription": "The identifier of the bundle used by the pool.", + "title": "BundleId", + "type": "string" + }, + "Capacity": { + "$ref": "#/definitions/AWS::WorkSpaces::WorkspacesPool.Capacity", + "markdownDescription": "Describes the user capacity for the pool.", + "title": "Capacity" + }, + "Description": { + "markdownDescription": "The description of the pool.", + "title": "Description", + "type": "string" + }, + "DirectoryId": { + "markdownDescription": "The identifier of the directory used by the pool.", + "title": "DirectoryId", + "type": "string" + }, + "PoolName": { + "markdownDescription": "The name of the pool.", + "title": "PoolName", + "type": "string" + }, + "RunningMode": { + "markdownDescription": "The running mode of the pool.", + "title": "RunningMode", + "type": "string" + }, + "TimeoutSettings": { + "$ref": "#/definitions/AWS::WorkSpaces::WorkspacesPool.TimeoutSettings", + "markdownDescription": "The amount of time that a pool session remains active after users disconnect. If they try to reconnect to the pool session after a disconnection or network interruption within this time interval, they are connected to their previous session. Otherwise, they are connected to a new session with a new pool instance.", + "title": "TimeoutSettings" + } + }, + "required": [ + "BundleId", + "Capacity", + "DirectoryId", + "PoolName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::WorkSpaces::WorkspacesPool" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::WorkSpaces::WorkspacesPool.ApplicationSettings": { + "additionalProperties": false, + "properties": { + "SettingsGroup": { + "markdownDescription": "The path prefix for the S3 bucket where users\u2019 persistent application settings are stored.", + "title": "SettingsGroup", + "type": "string" + }, + "Status": { + "markdownDescription": "Enables or disables persistent application settings for users during their pool sessions.", + "title": "Status", + "type": "string" + } + }, + "required": [ + "Status" + ], + "type": "object" + }, + "AWS::WorkSpaces::WorkspacesPool.Capacity": { + "additionalProperties": false, + "properties": { + "DesiredUserSessions": { + "markdownDescription": "The desired number of user sessions for the WorkSpaces in the pool.", + "title": "DesiredUserSessions", + "type": "number" + } + }, + "required": [ + "DesiredUserSessions" + ], + "type": "object" + }, + "AWS::WorkSpaces::WorkspacesPool.TimeoutSettings": { + "additionalProperties": false, + "properties": { + "DisconnectTimeoutInSeconds": { + "markdownDescription": "Specifies the amount of time, in seconds, that a streaming session remains active after users disconnect. If users try to reconnect to the streaming session after a disconnection or network interruption within the time set, they are connected to their previous session. Otherwise, they are connected to a new session with a new streaming instance.", + "title": "DisconnectTimeoutInSeconds", + "type": "number" + }, + "IdleDisconnectTimeoutInSeconds": { + "markdownDescription": "The amount of time in seconds a connection will stay active while idle.", + "title": "IdleDisconnectTimeoutInSeconds", + "type": "number" + }, + "MaxUserDurationInSeconds": { + "markdownDescription": "Specifies the maximum amount of time, in seconds, that a streaming session can remain active. If users are still connected to a streaming instance five minutes before this limit is reached, they are prompted to save any open documents before being disconnected. After this time elapses, the instance is terminated and replaced by a new instance.", + "title": "MaxUserDurationInSeconds", + "type": "number" + } + }, + "type": "object" + }, "AWS::WorkSpacesThinClient::Environment": { "additionalProperties": false, "properties": { @@ -272071,6 +324955,14 @@ "title": "DesktopEndpoint", "type": "string" }, + "DeviceCreationTags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to the newly created devices for this environment.", + "title": "DeviceCreationTags", + "type": "array" + }, "KmsKeyArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Key Management Service key used to encrypt the environment.", "title": "KmsKeyArn", @@ -272265,6 +325157,235 @@ ], "type": "object" }, + "AWS::WorkSpacesWeb::DataProtectionSettings": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AdditionalEncryptionContext": { + "additionalProperties": true, + "markdownDescription": "The additional encryption context of the data protection settings.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AdditionalEncryptionContext", + "type": "object" + }, + "CustomerManagedKey": { + "markdownDescription": "The customer managed key used to encrypt sensitive information in the data protection settings.", + "title": "CustomerManagedKey", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the data protection settings.", + "title": "Description", + "type": "string" + }, + "DisplayName": { + "markdownDescription": "The display name of the data protection settings.", + "title": "DisplayName", + "type": "string" + }, + "InlineRedactionConfiguration": { + "$ref": "#/definitions/AWS::WorkSpacesWeb::DataProtectionSettings.InlineRedactionConfiguration", + "markdownDescription": "The inline redaction configuration for the data protection settings.", + "title": "InlineRedactionConfiguration" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags of the data protection settings.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::WorkSpacesWeb::DataProtectionSettings" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::WorkSpacesWeb::DataProtectionSettings.CustomPattern": { + "additionalProperties": false, + "properties": { + "KeywordRegex": { + "markdownDescription": "The keyword regex for the customer pattern. After there is a match to the pattern regex, the keyword regex is used to search within the proximity of the match. If there is a keyword match, then the match is confirmed. If no keyword regex is provided, the pattern regex match will automatically be confirmed. The format must follow JavaScript regex format. The pattern must be enclosed between slashes, and can have flags behind the second slash. For example, \u201c/ab+c/gi\u201d", + "title": "KeywordRegex", + "type": "string" + }, + "PatternDescription": { + "markdownDescription": "The pattern description for the customer pattern.", + "title": "PatternDescription", + "type": "string" + }, + "PatternName": { + "markdownDescription": "The pattern name for the custom pattern.", + "title": "PatternName", + "type": "string" + }, + "PatternRegex": { + "markdownDescription": "The pattern regex for the customer pattern. The format must follow JavaScript regex format. The pattern must be enclosed between slashes, and can have flags behind the second slash. For example: \u201c/ab+c/gi\u201d.", + "title": "PatternRegex", + "type": "string" + } + }, + "required": [ + "PatternName", + "PatternRegex" + ], + "type": "object" + }, + "AWS::WorkSpacesWeb::DataProtectionSettings.InlineRedactionConfiguration": { + "additionalProperties": false, + "properties": { + "GlobalConfidenceLevel": { + "markdownDescription": "The global confidence level for the inline redaction configuration. This indicates the certainty of data type matches in the redaction process. Confidence level 3 means high confidence, and requires a formatted text pattern match in order for content to be redacted. Confidence level 2 means medium confidence, and redaction considers both formatted and unformatted text, and adds keyword associate to the logic. Confidence level 1 means low confidence, and redaction is enforced for both formatted pattern + unformatted pattern without keyword. This is applied to patterns that do not have a pattern-level confidence level. Defaults to confidence level 2.", + "title": "GlobalConfidenceLevel", + "type": "number" + }, + "GlobalEnforcedUrls": { + "items": { + "type": "string" + }, + "markdownDescription": "The global enforced URL configuration for the inline redaction configuration. This is applied to patterns that do not have a pattern-level enforced URL list.", + "title": "GlobalEnforcedUrls", + "type": "array" + }, + "GlobalExemptUrls": { + "items": { + "type": "string" + }, + "markdownDescription": "The global exempt URL configuration for the inline redaction configuration. This is applied to patterns that do not have a pattern-level exempt URL list.", + "title": "GlobalExemptUrls", + "type": "array" + }, + "InlineRedactionPatterns": { + "items": { + "$ref": "#/definitions/AWS::WorkSpacesWeb::DataProtectionSettings.InlineRedactionPattern" + }, + "markdownDescription": "The inline redaction patterns to be enabled for the inline redaction configuration.", + "title": "InlineRedactionPatterns", + "type": "array" + } + }, + "required": [ + "InlineRedactionPatterns" + ], + "type": "object" + }, + "AWS::WorkSpacesWeb::DataProtectionSettings.InlineRedactionPattern": { + "additionalProperties": false, + "properties": { + "BuiltInPatternId": { + "markdownDescription": "The built-in pattern from the list of preconfigured patterns. Either a customPattern or builtInPatternId is required. To view the entire list of data types and their corresponding built-in pattern IDs, see [Base inline redaction](https://docs.aws.amazon.com/workspaces-web/latest/adminguide/base-inline-redaction.html) .", + "title": "BuiltInPatternId", + "type": "string" + }, + "ConfidenceLevel": { + "markdownDescription": "The confidence level for inline redaction pattern. This indicates the certainty of data type matches in the redaction process. Confidence level 3 means high confidence, and requires a formatted text pattern match in order for content to be redacted. Confidence level 2 means medium confidence, and redaction considers both formatted and unformatted text, and adds keyword associate to the logic. Confidence level 1 means low confidence, and redaction is enforced for both formatted pattern + unformatted pattern without keyword. This overrides the global confidence level.", + "title": "ConfidenceLevel", + "type": "number" + }, + "CustomPattern": { + "$ref": "#/definitions/AWS::WorkSpacesWeb::DataProtectionSettings.CustomPattern", + "markdownDescription": "The configuration for a custom pattern. Either a customPattern or builtInPatternId is required.", + "title": "CustomPattern" + }, + "EnforcedUrls": { + "items": { + "type": "string" + }, + "markdownDescription": "The enforced URL configuration for the inline redaction pattern. This will override the global enforced URL configuration.", + "title": "EnforcedUrls", + "type": "array" + }, + "ExemptUrls": { + "items": { + "type": "string" + }, + "markdownDescription": "The exempt URL configuration for the inline redaction pattern. This will override the global exempt URL configuration for the inline redaction pattern.", + "title": "ExemptUrls", + "type": "array" + }, + "RedactionPlaceHolder": { + "$ref": "#/definitions/AWS::WorkSpacesWeb::DataProtectionSettings.RedactionPlaceHolder", + "markdownDescription": "The redaction placeholder that will replace the redacted text in session for the inline redaction pattern.", + "title": "RedactionPlaceHolder" + } + }, + "required": [ + "RedactionPlaceHolder" + ], + "type": "object" + }, + "AWS::WorkSpacesWeb::DataProtectionSettings.RedactionPlaceHolder": { + "additionalProperties": false, + "properties": { + "RedactionPlaceHolderText": { + "markdownDescription": "The redaction placeholder text that will replace the redacted text in session for the custom text redaction placeholder type.", + "title": "RedactionPlaceHolderText", + "type": "string" + }, + "RedactionPlaceHolderType": { + "markdownDescription": "The redaction placeholder type that will replace the redacted text in session.", + "title": "RedactionPlaceHolderType", + "type": "string" + } + }, + "required": [ + "RedactionPlaceHolderType" + ], + "type": "object" + }, "AWS::WorkSpacesWeb::IdentityProvider": { "additionalProperties": false, "properties": { @@ -272325,6 +325446,14 @@ "markdownDescription": "The ARN of the identity provider.", "title": "PortalArn", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" } }, "required": [ @@ -272632,6 +325761,11 @@ "title": "CustomerManagedKey", "type": "string" }, + "DataProtectionSettingsArn": { + "markdownDescription": "The ARN of the data protection settings.", + "title": "DataProtectionSettingsArn", + "type": "string" + }, "DisplayName": { "markdownDescription": "The name of the web portal.", "title": "DisplayName", @@ -272891,83 +326025,422 @@ "Properties": { "additionalProperties": false, "properties": { - "AdditionalEncryptionContext": { - "additionalProperties": true, - "markdownDescription": "The additional encryption context of the user settings.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "AdditionalEncryptionContext", - "type": "object" - }, - "CookieSynchronizationConfiguration": { - "$ref": "#/definitions/AWS::WorkSpacesWeb::UserSettings.CookieSynchronizationConfiguration", - "markdownDescription": "The configuration that specifies which cookies should be synchronized from the end user's local browser to the remote browser.", - "title": "CookieSynchronizationConfiguration" - }, - "CopyAllowed": { - "markdownDescription": "Specifies whether the user can copy text from the streaming session to the local device.", - "title": "CopyAllowed", - "type": "string" - }, - "CustomerManagedKey": { - "markdownDescription": "The customer managed key used to encrypt sensitive information in the user settings.", - "title": "CustomerManagedKey", - "type": "string" - }, - "DisconnectTimeoutInMinutes": { - "markdownDescription": "The amount of time that a streaming session remains active after users disconnect.", - "title": "DisconnectTimeoutInMinutes", - "type": "number" - }, - "DownloadAllowed": { - "markdownDescription": "Specifies whether the user can download files from the streaming session to the local device.", - "title": "DownloadAllowed", - "type": "string" - }, - "IdleDisconnectTimeoutInMinutes": { - "markdownDescription": "The amount of time that users can be idle (inactive) before they are disconnected from their streaming session and the disconnect timeout interval begins.", - "title": "IdleDisconnectTimeoutInMinutes", - "type": "number" - }, - "PasteAllowed": { - "markdownDescription": "Specifies whether the user can paste text from the local device to the streaming session.", - "title": "PasteAllowed", - "type": "string" - }, - "PrintAllowed": { - "markdownDescription": "Specifies whether the user can print to the local device.", - "title": "PrintAllowed", - "type": "string" + "AdditionalEncryptionContext": { + "additionalProperties": true, + "markdownDescription": "The additional encryption context of the user settings.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AdditionalEncryptionContext", + "type": "object" + }, + "CookieSynchronizationConfiguration": { + "$ref": "#/definitions/AWS::WorkSpacesWeb::UserSettings.CookieSynchronizationConfiguration", + "markdownDescription": "The configuration that specifies which cookies should be synchronized from the end user's local browser to the remote browser.", + "title": "CookieSynchronizationConfiguration" + }, + "CopyAllowed": { + "markdownDescription": "Specifies whether the user can copy text from the streaming session to the local device.", + "title": "CopyAllowed", + "type": "string" + }, + "CustomerManagedKey": { + "markdownDescription": "The customer managed key used to encrypt sensitive information in the user settings.", + "title": "CustomerManagedKey", + "type": "string" + }, + "DeepLinkAllowed": { + "markdownDescription": "Specifies whether the user can use deep links that open automatically when connecting to a session.", + "title": "DeepLinkAllowed", + "type": "string" + }, + "DisconnectTimeoutInMinutes": { + "markdownDescription": "The amount of time that a streaming session remains active after users disconnect.", + "title": "DisconnectTimeoutInMinutes", + "type": "number" + }, + "DownloadAllowed": { + "markdownDescription": "Specifies whether the user can download files from the streaming session to the local device.", + "title": "DownloadAllowed", + "type": "string" + }, + "IdleDisconnectTimeoutInMinutes": { + "markdownDescription": "The amount of time that users can be idle (inactive) before they are disconnected from their streaming session and the disconnect timeout interval begins.", + "title": "IdleDisconnectTimeoutInMinutes", + "type": "number" + }, + "PasteAllowed": { + "markdownDescription": "Specifies whether the user can paste text from the local device to the streaming session.", + "title": "PasteAllowed", + "type": "string" + }, + "PrintAllowed": { + "markdownDescription": "Specifies whether the user can print to the local device.", + "title": "PrintAllowed", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to add to the user settings resource. A tag is a key-value pair.", + "title": "Tags", + "type": "array" + }, + "ToolbarConfiguration": { + "$ref": "#/definitions/AWS::WorkSpacesWeb::UserSettings.ToolbarConfiguration", + "markdownDescription": "The configuration of the toolbar. This allows administrators to select the toolbar type and visual mode, set maximum display resolution for sessions, and choose which items are visible to end users during their sessions. If administrators do not modify these settings, end users retain control over their toolbar preferences.", + "title": "ToolbarConfiguration" + }, + "UploadAllowed": { + "markdownDescription": "Specifies whether the user can upload files from the local device to the streaming session.", + "title": "UploadAllowed", + "type": "string" + } + }, + "required": [ + "CopyAllowed", + "DownloadAllowed", + "PasteAllowed", + "PrintAllowed", + "UploadAllowed" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::WorkSpacesWeb::UserSettings" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::WorkSpacesWeb::UserSettings.CookieSpecification": { + "additionalProperties": false, + "properties": { + "Domain": { + "markdownDescription": "The domain of the cookie.", + "title": "Domain", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the cookie.", + "title": "Name", + "type": "string" + }, + "Path": { + "markdownDescription": "The path of the cookie.", + "title": "Path", + "type": "string" + } + }, + "required": [ + "Domain" + ], + "type": "object" + }, + "AWS::WorkSpacesWeb::UserSettings.CookieSynchronizationConfiguration": { + "additionalProperties": false, + "properties": { + "Allowlist": { + "items": { + "$ref": "#/definitions/AWS::WorkSpacesWeb::UserSettings.CookieSpecification" + }, + "markdownDescription": "The list of cookie specifications that are allowed to be synchronized to the remote browser.", + "title": "Allowlist", + "type": "array" + }, + "Blocklist": { + "items": { + "$ref": "#/definitions/AWS::WorkSpacesWeb::UserSettings.CookieSpecification" + }, + "markdownDescription": "The list of cookie specifications that are blocked from being synchronized to the remote browser.", + "title": "Blocklist", + "type": "array" + } + }, + "required": [ + "Allowlist" + ], + "type": "object" + }, + "AWS::WorkSpacesWeb::UserSettings.ToolbarConfiguration": { + "additionalProperties": false, + "properties": { + "HiddenToolbarItems": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of toolbar items to be hidden.", + "title": "HiddenToolbarItems", + "type": "array" + }, + "MaxDisplayResolution": { + "markdownDescription": "The maximum display resolution that is allowed for the session.", + "title": "MaxDisplayResolution", + "type": "string" + }, + "ToolbarType": { + "markdownDescription": "The type of toolbar displayed during the session.", + "title": "ToolbarType", + "type": "string" + }, + "VisualMode": { + "markdownDescription": "The visual mode of the toolbar.", + "title": "VisualMode", + "type": "string" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::Volume": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "type": "string" + }, + "Encrypted": { + "type": "boolean" + }, + "Iops": { + "type": "number" + }, + "KmsKeyId": { + "type": "string" + }, + "SizeInGB": { + "type": "number" + }, + "SnapshotId": { + "type": "string" + }, + "TagSpecifications": { + "items": { + "$ref": "#/definitions/AWS::WorkspacesInstances::Volume.TagSpecification" + }, + "type": "array" + }, + "Throughput": { + "type": "number" + }, + "VolumeType": { + "type": "string" + } + }, + "required": [ + "AvailabilityZone" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::WorkspacesInstances::Volume" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::WorkspacesInstances::Volume.TagSpecification": { + "additionalProperties": false, + "properties": { + "ResourceType": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::VolumeAssociation": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Device": { + "type": "string" + }, + "DisassociateMode": { + "type": "string" + }, + "VolumeId": { + "type": "string" + }, + "WorkspaceInstanceId": { + "type": "string" + } + }, + "required": [ + "Device", + "VolumeId", + "WorkspaceInstanceId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::WorkspacesInstances::VolumeAssociation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ManagedInstance": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.ManagedInstance" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to add to the user settings resource. A tag is a key-value pair.", - "title": "Tags", "type": "array" - }, - "UploadAllowed": { - "markdownDescription": "Specifies whether the user can upload files from the local device to the streaming session.", - "title": "UploadAllowed", - "type": "string" } }, - "required": [ - "CopyAllowed", - "DownloadAllowed", - "PasteAllowed", - "PrintAllowed", - "UploadAllowed" - ], "type": "object" }, "Type": { "enum": [ - "AWS::WorkSpacesWeb::UserSettings" + "AWS::WorkspacesInstances::WorkspaceInstance" ], "type": "string" }, @@ -272981,60 +326454,302 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::WorkSpacesWeb::UserSettings.CookieSpecification": { + "AWS::WorkspacesInstances::WorkspaceInstance.BlockDeviceMapping": { "additionalProperties": false, "properties": { - "Domain": { - "markdownDescription": "The domain of the cookie.", - "title": "Domain", + "DeviceName": { + "type": "string" + }, + "Ebs": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.EbsBlockDevice" + }, + "NoDevice": { "type": "string" }, + "VirtualName": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.CpuOptionsRequest": { + "additionalProperties": false, + "properties": { + "CoreCount": { + "type": "number" + }, + "ThreadsPerCore": { + "type": "number" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.CreditSpecificationRequest": { + "additionalProperties": false, + "properties": { + "CpuCredits": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.EC2ManagedInstance": { + "additionalProperties": false, + "properties": { + "InstanceId": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.EbsBlockDevice": { + "additionalProperties": false, + "properties": { + "Encrypted": { + "type": "boolean" + }, + "Iops": { + "type": "number" + }, + "KmsKeyId": { + "type": "string" + }, + "Throughput": { + "type": "number" + }, + "VolumeSize": { + "type": "number" + }, + "VolumeType": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.EnclaveOptionsRequest": { + "additionalProperties": false, + "properties": { + "Enabled": { + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.HibernationOptionsRequest": { + "additionalProperties": false, + "properties": { + "Configured": { + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.IamInstanceProfileSpecification": { + "additionalProperties": false, + "properties": { "Name": { - "markdownDescription": "The name of the cookie.", - "title": "Name", + "type": "string" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.InstanceMaintenanceOptionsRequest": { + "additionalProperties": false, + "properties": { + "AutoRecovery": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.InstanceMetadataOptionsRequest": { + "additionalProperties": false, + "properties": { + "HttpEndpoint": { "type": "string" }, - "Path": { - "markdownDescription": "The path of the cookie.", - "title": "Path", + "HttpProtocolIpv6": { + "type": "string" + }, + "HttpPutResponseHopLimit": { + "type": "number" + }, + "HttpTokens": { + "type": "string" + }, + "InstanceMetadataTags": { "type": "string" } }, - "required": [ - "Domain" - ], "type": "object" }, - "AWS::WorkSpacesWeb::UserSettings.CookieSynchronizationConfiguration": { + "AWS::WorkspacesInstances::WorkspaceInstance.InstanceNetworkInterfaceSpecification": { "additionalProperties": false, "properties": { - "Allowlist": { + "Description": { + "type": "string" + }, + "DeviceIndex": { + "type": "number" + }, + "Groups": { "items": { - "$ref": "#/definitions/AWS::WorkSpacesWeb::UserSettings.CookieSpecification" + "type": "string" }, - "markdownDescription": "The list of cookie specifications that are allowed to be synchronized to the remote browser.", - "title": "Allowlist", "type": "array" }, - "Blocklist": { + "SubnetId": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.InstanceNetworkPerformanceOptionsRequest": { + "additionalProperties": false, + "properties": { + "BandwidthWeighting": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.ManagedInstance": { + "additionalProperties": false, + "properties": { + "BlockDeviceMappings": { "items": { - "$ref": "#/definitions/AWS::WorkSpacesWeb::UserSettings.CookieSpecification" + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.BlockDeviceMapping" }, - "markdownDescription": "The list of cookie specifications that are blocked from being synchronized to the remote browser.", - "title": "Blocklist", "type": "array" + }, + "CpuOptions": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.CpuOptionsRequest" + }, + "CreditSpecification": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.CreditSpecificationRequest" + }, + "DisableApiStop": { + "type": "boolean" + }, + "EbsOptimized": { + "type": "boolean" + }, + "EnclaveOptions": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.EnclaveOptionsRequest" + }, + "HibernationOptions": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.HibernationOptionsRequest" + }, + "IamInstanceProfile": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.IamInstanceProfileSpecification" + }, + "ImageId": { + "type": "string" + }, + "InstanceType": { + "type": "string" + }, + "KeyName": { + "type": "string" + }, + "MaintenanceOptions": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.InstanceMaintenanceOptionsRequest" + }, + "MetadataOptions": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.InstanceMetadataOptionsRequest" + }, + "Monitoring": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.RunInstancesMonitoringEnabled" + }, + "NetworkInterfaces": { + "items": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.InstanceNetworkInterfaceSpecification" + }, + "type": "array" + }, + "NetworkPerformanceOptions": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.InstanceNetworkPerformanceOptionsRequest" + }, + "Placement": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.Placement" + }, + "PrivateDnsNameOptions": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.PrivateDnsNameOptionsRequest" + }, + "TagSpecifications": { + "items": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.TagSpecification" + }, + "type": "array" + }, + "UserData": { + "type": "string" } }, "required": [ - "Allowlist" + "ImageId", + "InstanceType" ], "type": "object" }, + "AWS::WorkspacesInstances::WorkspaceInstance.Placement": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "type": "string" + }, + "GroupName": { + "type": "string" + }, + "Tenancy": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.PrivateDnsNameOptionsRequest": { + "additionalProperties": false, + "properties": { + "EnableResourceNameDnsAAAARecord": { + "type": "boolean" + }, + "EnableResourceNameDnsARecord": { + "type": "boolean" + }, + "HostnameType": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.RunInstancesMonitoringEnabled": { + "additionalProperties": false, + "properties": { + "Enabled": { + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.TagSpecification": { + "additionalProperties": false, + "properties": { + "ResourceType": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + } + }, + "type": "object" + }, "AWS::XRay::Group": { "additionalProperties": false, "properties": { @@ -273373,6 +327088,69 @@ ], "type": "object" }, + "AWS::XRay::TransactionSearchConfig": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "IndexingPercentage": { + "markdownDescription": "", + "title": "IndexingPercentage", + "type": "number" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::XRay::TransactionSearchConfig" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, "AccessAssociation": { "additionalProperties": false, "properties": { @@ -281364,6 +335142,9 @@ { "$ref": "#/definitions/AWS::ACMPCA::Permission" }, + { + "$ref": "#/definitions/AWS::AIOps::InvestigationGroup" + }, { "$ref": "#/definitions/AWS::APS::RuleGroupsNamespace" }, @@ -281373,6 +335154,9 @@ { "$ref": "#/definitions/AWS::APS::Workspace" }, + { + "$ref": "#/definitions/AWS::ARCZonalShift::AutoshiftObserverNotificationStatus" + }, { "$ref": "#/definitions/AWS::ARCZonalShift::ZonalAutoshiftConfiguration" }, @@ -281418,6 +335202,9 @@ { "$ref": "#/definitions/AWS::ApiGateway::BasePathMapping" }, + { + "$ref": "#/definitions/AWS::ApiGateway::BasePathMappingV2" + }, { "$ref": "#/definitions/AWS::ApiGateway::ClientCertificate" }, @@ -281433,6 +335220,12 @@ { "$ref": "#/definitions/AWS::ApiGateway::DomainName" }, + { + "$ref": "#/definitions/AWS::ApiGateway::DomainNameAccessAssociation" + }, + { + "$ref": "#/definitions/AWS::ApiGateway::DomainNameV2" + }, { "$ref": "#/definitions/AWS::ApiGateway::GatewayResponse" }, @@ -281496,6 +335289,9 @@ { "$ref": "#/definitions/AWS::ApiGatewayV2::RouteResponse" }, + { + "$ref": "#/definitions/AWS::ApiGatewayV2::RoutingRule" + }, { "$ref": "#/definitions/AWS::ApiGatewayV2::Stage" }, @@ -281619,12 +335415,18 @@ { "$ref": "#/definitions/AWS::AppStream::User" }, + { + "$ref": "#/definitions/AWS::AppSync::Api" + }, { "$ref": "#/definitions/AWS::AppSync::ApiCache" }, { "$ref": "#/definitions/AWS::AppSync::ApiKey" }, + { + "$ref": "#/definitions/AWS::AppSync::ChannelNamespace" + }, { "$ref": "#/definitions/AWS::AppSync::DataSource" }, @@ -281649,6 +335451,9 @@ { "$ref": "#/definitions/AWS::AppSync::SourceApiAssociation" }, + { + "$ref": "#/definitions/AWS::AppTest::TestCase" + }, { "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalableTarget" }, @@ -281658,6 +335463,12 @@ { "$ref": "#/definitions/AWS::ApplicationInsights::Application" }, + { + "$ref": "#/definitions/AWS::ApplicationSignals::Discovery" + }, + { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective" + }, { "$ref": "#/definitions/AWS::Athena::CapacityReservation" }, @@ -281724,6 +335535,9 @@ { "$ref": "#/definitions/AWS::Backup::Framework" }, + { + "$ref": "#/definitions/AWS::Backup::LogicallyAirGappedBackupVault" + }, { "$ref": "#/definitions/AWS::Backup::ReportPlan" }, @@ -281739,6 +335553,9 @@ { "$ref": "#/definitions/AWS::Batch::ComputeEnvironment" }, + { + "$ref": "#/definitions/AWS::Batch::ConsumableResource" + }, { "$ref": "#/definitions/AWS::Batch::JobDefinition" }, @@ -281754,15 +335571,48 @@ { "$ref": "#/definitions/AWS::Bedrock::AgentAlias" }, + { + "$ref": "#/definitions/AWS::Bedrock::ApplicationInferenceProfile" + }, + { + "$ref": "#/definitions/AWS::Bedrock::Blueprint" + }, + { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject" + }, { "$ref": "#/definitions/AWS::Bedrock::DataSource" }, + { + "$ref": "#/definitions/AWS::Bedrock::Flow" + }, + { + "$ref": "#/definitions/AWS::Bedrock::FlowAlias" + }, + { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion" + }, { "$ref": "#/definitions/AWS::Bedrock::Guardrail" }, + { + "$ref": "#/definitions/AWS::Bedrock::GuardrailVersion" + }, + { + "$ref": "#/definitions/AWS::Bedrock::IntelligentPromptRouter" + }, { "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase" }, + { + "$ref": "#/definitions/AWS::Bedrock::Prompt" + }, + { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion" + }, + { + "$ref": "#/definitions/AWS::Billing::BillingView" + }, { "$ref": "#/definitions/AWS::BillingConductor::BillingGroup" }, @@ -281799,12 +335649,18 @@ { "$ref": "#/definitions/AWS::Cassandra::Table" }, + { + "$ref": "#/definitions/AWS::Cassandra::Type" + }, { "$ref": "#/definitions/AWS::CertificateManager::Account" }, { "$ref": "#/definitions/AWS::CertificateManager::Certificate" }, + { + "$ref": "#/definitions/AWS::Chatbot::CustomAction" + }, { "$ref": "#/definitions/AWS::Chatbot::MicrosoftTeamsChannelConfiguration" }, @@ -281823,6 +335679,12 @@ { "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTableAssociation" }, + { + "$ref": "#/definitions/AWS::CleanRooms::IdMappingTable" + }, + { + "$ref": "#/definitions/AWS::CleanRooms::IdNamespaceAssociation" + }, { "$ref": "#/definitions/AWS::CleanRooms::Membership" }, @@ -281838,6 +335700,9 @@ { "$ref": "#/definitions/AWS::CloudFormation::CustomResource" }, + { + "$ref": "#/definitions/AWS::CloudFormation::GuardHook" + }, { "$ref": "#/definitions/AWS::CloudFormation::HookDefaultVersion" }, @@ -281847,6 +335712,9 @@ { "$ref": "#/definitions/AWS::CloudFormation::HookVersion" }, + { + "$ref": "#/definitions/AWS::CloudFormation::LambdaHook" + }, { "$ref": "#/definitions/AWS::CloudFormation::Macro" }, @@ -281883,18 +335751,27 @@ { "$ref": "#/definitions/AWS::CloudFormation::WaitConditionHandle" }, + { + "$ref": "#/definitions/AWS::CloudFront::AnycastIpList" + }, { "$ref": "#/definitions/AWS::CloudFront::CachePolicy" }, { "$ref": "#/definitions/AWS::CloudFront::CloudFrontOriginAccessIdentity" }, + { + "$ref": "#/definitions/AWS::CloudFront::ConnectionGroup" + }, { "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy" }, { "$ref": "#/definitions/AWS::CloudFront::Distribution" }, + { + "$ref": "#/definitions/AWS::CloudFront::DistributionTenant" + }, { "$ref": "#/definitions/AWS::CloudFront::Function" }, @@ -281925,9 +335802,15 @@ { "$ref": "#/definitions/AWS::CloudFront::StreamingDistribution" }, + { + "$ref": "#/definitions/AWS::CloudFront::VpcOrigin" + }, { "$ref": "#/definitions/AWS::CloudTrail::Channel" }, + { + "$ref": "#/definitions/AWS::CloudTrail::Dashboard" + }, { "$ref": "#/definitions/AWS::CloudTrail::EventDataStore" }, @@ -282033,6 +335916,9 @@ { "$ref": "#/definitions/AWS::Cognito::LogDeliveryConfiguration" }, + { + "$ref": "#/definitions/AWS::Cognito::ManagedLoginBranding" + }, { "$ref": "#/definitions/AWS::Cognito::UserPool" }, @@ -282099,6 +335985,9 @@ { "$ref": "#/definitions/AWS::Config::StoredQuery" }, + { + "$ref": "#/definitions/AWS::Connect::AgentStatus" + }, { "$ref": "#/definitions/AWS::Connect::ApprovedOrigin" }, @@ -282108,6 +335997,12 @@ { "$ref": "#/definitions/AWS::Connect::ContactFlowModule" }, + { + "$ref": "#/definitions/AWS::Connect::ContactFlowVersion" + }, + { + "$ref": "#/definitions/AWS::Connect::EmailAddress" + }, { "$ref": "#/definitions/AWS::Connect::EvaluationForm" }, @@ -282162,6 +336057,9 @@ { "$ref": "#/definitions/AWS::Connect::UserHierarchyGroup" }, + { + "$ref": "#/definitions/AWS::Connect::UserHierarchyStructure" + }, { "$ref": "#/definitions/AWS::Connect::View" }, @@ -282171,6 +336069,9 @@ { "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign" }, + { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign" + }, { "$ref": "#/definitions/AWS::ControlTower::EnabledBaseline" }, @@ -282189,12 +336090,18 @@ { "$ref": "#/definitions/AWS::CustomerProfiles::EventStream" }, + { + "$ref": "#/definitions/AWS::CustomerProfiles::EventTrigger" + }, { "$ref": "#/definitions/AWS::CustomerProfiles::Integration" }, { "$ref": "#/definitions/AWS::CustomerProfiles::ObjectType" }, + { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition" + }, { "$ref": "#/definitions/AWS::DAX::Cluster" }, @@ -282210,6 +336117,9 @@ { "$ref": "#/definitions/AWS::DMS::Certificate" }, + { + "$ref": "#/definitions/AWS::DMS::DataMigration" + }, { "$ref": "#/definitions/AWS::DMS::DataProvider" }, @@ -282237,6 +336147,9 @@ { "$ref": "#/definitions/AWS::DMS::ReplicationTask" }, + { + "$ref": "#/definitions/AWS::DSQL::Cluster" + }, { "$ref": "#/definitions/AWS::DataBrew::Dataset" }, @@ -282295,10 +336208,10 @@ "$ref": "#/definitions/AWS::DataSync::LocationSMB" }, { - "$ref": "#/definitions/AWS::DataSync::StorageSystem" + "$ref": "#/definitions/AWS::DataSync::Task" }, { - "$ref": "#/definitions/AWS::DataSync::Task" + "$ref": "#/definitions/AWS::DataZone::Connection" }, { "$ref": "#/definitions/AWS::DataZone::DataSource" @@ -282306,21 +336219,42 @@ { "$ref": "#/definitions/AWS::DataZone::Domain" }, + { + "$ref": "#/definitions/AWS::DataZone::DomainUnit" + }, { "$ref": "#/definitions/AWS::DataZone::Environment" }, + { + "$ref": "#/definitions/AWS::DataZone::EnvironmentActions" + }, { "$ref": "#/definitions/AWS::DataZone::EnvironmentBlueprintConfiguration" }, { "$ref": "#/definitions/AWS::DataZone::EnvironmentProfile" }, + { + "$ref": "#/definitions/AWS::DataZone::GroupProfile" + }, + { + "$ref": "#/definitions/AWS::DataZone::Owner" + }, { "$ref": "#/definitions/AWS::DataZone::Project" }, + { + "$ref": "#/definitions/AWS::DataZone::ProjectMembership" + }, + { + "$ref": "#/definitions/AWS::DataZone::ProjectProfile" + }, { "$ref": "#/definitions/AWS::DataZone::SubscriptionTarget" }, + { + "$ref": "#/definitions/AWS::DataZone::UserProfile" + }, { "$ref": "#/definitions/AWS::Deadline::Farm" }, @@ -282330,9 +336264,15 @@ { "$ref": "#/definitions/AWS::Deadline::LicenseEndpoint" }, + { + "$ref": "#/definitions/AWS::Deadline::Limit" + }, { "$ref": "#/definitions/AWS::Deadline::MeteredProduct" }, + { + "$ref": "#/definitions/AWS::Deadline::Monitor" + }, { "$ref": "#/definitions/AWS::Deadline::Queue" }, @@ -282342,6 +336282,9 @@ { "$ref": "#/definitions/AWS::Deadline::QueueFleetAssociation" }, + { + "$ref": "#/definitions/AWS::Deadline::QueueLimitAssociation" + }, { "$ref": "#/definitions/AWS::Deadline::StorageProfile" }, @@ -282534,6 +336477,21 @@ { "$ref": "#/definitions/AWS::EC2::Route" }, + { + "$ref": "#/definitions/AWS::EC2::RouteServer" + }, + { + "$ref": "#/definitions/AWS::EC2::RouteServerAssociation" + }, + { + "$ref": "#/definitions/AWS::EC2::RouteServerEndpoint" + }, + { + "$ref": "#/definitions/AWS::EC2::RouteServerPeer" + }, + { + "$ref": "#/definitions/AWS::EC2::RouteServerPropagation" + }, { "$ref": "#/definitions/AWS::EC2::RouteTable" }, @@ -282546,6 +336504,9 @@ { "$ref": "#/definitions/AWS::EC2::SecurityGroupIngress" }, + { + "$ref": "#/definitions/AWS::EC2::SecurityGroupVpcAssociation" + }, { "$ref": "#/definitions/AWS::EC2::SnapshotBlockPublicAccess" }, @@ -282618,6 +336579,12 @@ { "$ref": "#/definitions/AWS::EC2::VPC" }, + { + "$ref": "#/definitions/AWS::EC2::VPCBlockPublicAccessExclusion" + }, + { + "$ref": "#/definitions/AWS::EC2::VPCBlockPublicAccessOptions" + }, { "$ref": "#/definitions/AWS::EC2::VPCCidrBlock" }, @@ -282681,6 +336648,9 @@ { "$ref": "#/definitions/AWS::ECR::RegistryPolicy" }, + { + "$ref": "#/definitions/AWS::ECR::RegistryScanningConfiguration" + }, { "$ref": "#/definitions/AWS::ECR::ReplicationConfiguration" }, @@ -282771,6 +336741,9 @@ { "$ref": "#/definitions/AWS::EMRServerless::Application" }, + { + "$ref": "#/definitions/AWS::EVS::Environment" + }, { "$ref": "#/definitions/AWS::ElastiCache::CacheCluster" }, @@ -282924,6 +336897,9 @@ { "$ref": "#/definitions/AWS::FSx::FileSystem" }, + { + "$ref": "#/definitions/AWS::FSx::S3AccessPointAttachment" + }, { "$ref": "#/definitions/AWS::FSx::Snapshot" }, @@ -282969,6 +336945,9 @@ { "$ref": "#/definitions/AWS::GameLift::Build" }, + { + "$ref": "#/definitions/AWS::GameLift::ContainerFleet" + }, { "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition" }, @@ -283062,6 +337041,9 @@ { "$ref": "#/definitions/AWS::Glue::Trigger" }, + { + "$ref": "#/definitions/AWS::Glue::UsageProfile" + }, { "$ref": "#/definitions/AWS::Glue::Workflow" }, @@ -283140,12 +337122,18 @@ { "$ref": "#/definitions/AWS::GuardDuty::IPSet" }, + { + "$ref": "#/definitions/AWS::GuardDuty::MalwareProtectionPlan" + }, { "$ref": "#/definitions/AWS::GuardDuty::Master" }, { "$ref": "#/definitions/AWS::GuardDuty::Member" }, + { + "$ref": "#/definitions/AWS::GuardDuty::PublishingDestination" + }, { "$ref": "#/definitions/AWS::GuardDuty::ThreatIntelSet" }, @@ -283209,12 +337197,18 @@ { "$ref": "#/definitions/AWS::IVS::EncoderConfiguration" }, + { + "$ref": "#/definitions/AWS::IVS::IngestConfiguration" + }, { "$ref": "#/definitions/AWS::IVS::PlaybackKeyPair" }, { "$ref": "#/definitions/AWS::IVS::PlaybackRestrictionPolicy" }, + { + "$ref": "#/definitions/AWS::IVS::PublicKey" + }, { "$ref": "#/definitions/AWS::IVS::RecordingConfiguration" }, @@ -283285,13 +337279,7 @@ "$ref": "#/definitions/AWS::InternetMonitor::Monitor" }, { - "$ref": "#/definitions/AWS::IoT1Click::Device" - }, - { - "$ref": "#/definitions/AWS::IoT1Click::Placement" - }, - { - "$ref": "#/definitions/AWS::IoT1Click::Project" + "$ref": "#/definitions/AWS::Invoicing::InvoiceUnit" }, { "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration" @@ -283311,6 +337299,9 @@ { "$ref": "#/definitions/AWS::IoT::CertificateProvider" }, + { + "$ref": "#/definitions/AWS::IoT::Command" + }, { "$ref": "#/definitions/AWS::IoT::CustomMetric" }, @@ -283419,6 +337410,9 @@ { "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog" }, + { + "$ref": "#/definitions/AWS::IoTFleetWise::StateTemplate" + }, { "$ref": "#/definitions/AWS::IoTFleetWise::Vehicle" }, @@ -283434,6 +337428,9 @@ { "$ref": "#/definitions/AWS::IoTSiteWise::Dashboard" }, + { + "$ref": "#/definitions/AWS::IoTSiteWise::Dataset" + }, { "$ref": "#/definitions/AWS::IoTSiteWise::Gateway" }, @@ -283524,6 +337521,9 @@ { "$ref": "#/definitions/AWS::KendraRanking::ExecutionPlan" }, + { + "$ref": "#/definitions/AWS::Kinesis::ResourcePolicy" + }, { "$ref": "#/definitions/AWS::Kinesis::Stream" }, @@ -283611,6 +337611,9 @@ { "$ref": "#/definitions/AWS::Lambda::Version" }, + { + "$ref": "#/definitions/AWS::LaunchWizard::Deployment" + }, { "$ref": "#/definitions/AWS::Lex::Bot" }, @@ -283653,6 +337656,9 @@ { "$ref": "#/definitions/AWS::Lightsail::Instance" }, + { + "$ref": "#/definitions/AWS::Lightsail::InstanceSnapshot" + }, { "$ref": "#/definitions/AWS::Lightsail::LoadBalancer" }, @@ -283698,6 +337704,9 @@ { "$ref": "#/definitions/AWS::Logs::Destination" }, + { + "$ref": "#/definitions/AWS::Logs::Integration" + }, { "$ref": "#/definitions/AWS::Logs::LogAnomalyDetector" }, @@ -283719,6 +337728,9 @@ { "$ref": "#/definitions/AWS::Logs::SubscriptionFilter" }, + { + "$ref": "#/definitions/AWS::Logs::Transformer" + }, { "$ref": "#/definitions/AWS::LookoutEquipment::InferenceScheduler" }, @@ -283734,9 +337746,18 @@ { "$ref": "#/definitions/AWS::M2::Application" }, + { + "$ref": "#/definitions/AWS::M2::Deployment" + }, { "$ref": "#/definitions/AWS::M2::Environment" }, + { + "$ref": "#/definitions/AWS::MPA::ApprovalTeam" + }, + { + "$ref": "#/definitions/AWS::MPA::IdentitySource" + }, { "$ref": "#/definitions/AWS::MSK::BatchScramSecret" }, @@ -283821,6 +337842,24 @@ { "$ref": "#/definitions/AWS::MediaLive::Channel" }, + { + "$ref": "#/definitions/AWS::MediaLive::ChannelPlacementGroup" + }, + { + "$ref": "#/definitions/AWS::MediaLive::CloudWatchAlarmTemplate" + }, + { + "$ref": "#/definitions/AWS::MediaLive::CloudWatchAlarmTemplateGroup" + }, + { + "$ref": "#/definitions/AWS::MediaLive::Cluster" + }, + { + "$ref": "#/definitions/AWS::MediaLive::EventBridgeRuleTemplate" + }, + { + "$ref": "#/definitions/AWS::MediaLive::EventBridgeRuleTemplateGroup" + }, { "$ref": "#/definitions/AWS::MediaLive::Input" }, @@ -283833,6 +337872,15 @@ { "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram" }, + { + "$ref": "#/definitions/AWS::MediaLive::Network" + }, + { + "$ref": "#/definitions/AWS::MediaLive::SdiSource" + }, + { + "$ref": "#/definitions/AWS::MediaLive::SignalMap" + }, { "$ref": "#/definitions/AWS::MediaPackage::Asset" }, @@ -283890,6 +337938,9 @@ { "$ref": "#/definitions/AWS::MemoryDB::Cluster" }, + { + "$ref": "#/definitions/AWS::MemoryDB::MultiRegionCluster" + }, { "$ref": "#/definitions/AWS::MemoryDB::ParameterGroup" }, @@ -283914,6 +337965,9 @@ { "$ref": "#/definitions/AWS::Neptune::DBSubnetGroup" }, + { + "$ref": "#/definitions/AWS::Neptune::EventSubscription" + }, { "$ref": "#/definitions/AWS::NeptuneGraph::Graph" }, @@ -283935,6 +337989,9 @@ { "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration" }, + { + "$ref": "#/definitions/AWS::NetworkFirewall::VpcEndpointAssociation" + }, { "$ref": "#/definitions/AWS::NetworkManager::ConnectAttachment" }, @@ -283950,6 +338007,9 @@ { "$ref": "#/definitions/AWS::NetworkManager::Device" }, + { + "$ref": "#/definitions/AWS::NetworkManager::DirectConnectGatewayAttachment" + }, { "$ref": "#/definitions/AWS::NetworkManager::GlobalNetwork" }, @@ -283978,16 +338038,37 @@ "$ref": "#/definitions/AWS::NetworkManager::VpcAttachment" }, { - "$ref": "#/definitions/AWS::NimbleStudio::LaunchProfile" + "$ref": "#/definitions/AWS::Notifications::ChannelAssociation" + }, + { + "$ref": "#/definitions/AWS::Notifications::EventRule" }, { - "$ref": "#/definitions/AWS::NimbleStudio::StreamingImage" + "$ref": "#/definitions/AWS::Notifications::ManagedNotificationAccountContactAssociation" }, { - "$ref": "#/definitions/AWS::NimbleStudio::Studio" + "$ref": "#/definitions/AWS::Notifications::ManagedNotificationAdditionalChannelAssociation" }, { - "$ref": "#/definitions/AWS::NimbleStudio::StudioComponent" + "$ref": "#/definitions/AWS::Notifications::NotificationConfiguration" + }, + { + "$ref": "#/definitions/AWS::Notifications::NotificationHub" + }, + { + "$ref": "#/definitions/AWS::NotificationsContacts::EmailContact" + }, + { + "$ref": "#/definitions/AWS::ODB::CloudAutonomousVmCluster" + }, + { + "$ref": "#/definitions/AWS::ODB::CloudExadataInfrastructure" + }, + { + "$ref": "#/definitions/AWS::ODB::CloudVmCluster" + }, + { + "$ref": "#/definitions/AWS::ODB::OdbNetwork" }, { "$ref": "#/definitions/AWS::OSIS::Pipeline" @@ -284016,12 +338097,18 @@ { "$ref": "#/definitions/AWS::Omics::Workflow" }, + { + "$ref": "#/definitions/AWS::Omics::WorkflowVersion" + }, { "$ref": "#/definitions/AWS::OpenSearchServerless::AccessPolicy" }, { "$ref": "#/definitions/AWS::OpenSearchServerless::Collection" }, + { + "$ref": "#/definitions/AWS::OpenSearchServerless::Index" + }, { "$ref": "#/definitions/AWS::OpenSearchServerless::LifecyclePolicy" }, @@ -284034,6 +338121,9 @@ { "$ref": "#/definitions/AWS::OpenSearchServerless::VpcEndpoint" }, + { + "$ref": "#/definitions/AWS::OpenSearchService::Application" + }, { "$ref": "#/definitions/AWS::OpenSearchService::Domain" }, @@ -284091,6 +338181,21 @@ { "$ref": "#/definitions/AWS::PCAConnectorAD::TemplateGroupAccessControlEntry" }, + { + "$ref": "#/definitions/AWS::PCAConnectorSCEP::Challenge" + }, + { + "$ref": "#/definitions/AWS::PCAConnectorSCEP::Connector" + }, + { + "$ref": "#/definitions/AWS::PCS::Cluster" + }, + { + "$ref": "#/definitions/AWS::PCS::ComputeNodeGroup" + }, + { + "$ref": "#/definitions/AWS::PCS::Queue" + }, { "$ref": "#/definitions/AWS::Panorama::ApplicationInstance" }, @@ -284199,6 +338304,30 @@ { "$ref": "#/definitions/AWS::Proton::ServiceTemplate" }, + { + "$ref": "#/definitions/AWS::QBusiness::Application" + }, + { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor" + }, + { + "$ref": "#/definitions/AWS::QBusiness::DataSource" + }, + { + "$ref": "#/definitions/AWS::QBusiness::Index" + }, + { + "$ref": "#/definitions/AWS::QBusiness::Permission" + }, + { + "$ref": "#/definitions/AWS::QBusiness::Plugin" + }, + { + "$ref": "#/definitions/AWS::QBusiness::Retriever" + }, + { + "$ref": "#/definitions/AWS::QBusiness::WebExperience" + }, { "$ref": "#/definitions/AWS::QLDB::Ledger" }, @@ -284208,6 +338337,9 @@ { "$ref": "#/definitions/AWS::QuickSight::Analysis" }, + { + "$ref": "#/definitions/AWS::QuickSight::CustomPermissions" + }, { "$ref": "#/definitions/AWS::QuickSight::Dashboard" }, @@ -284217,6 +338349,9 @@ { "$ref": "#/definitions/AWS::QuickSight::DataSource" }, + { + "$ref": "#/definitions/AWS::QuickSight::Folder" + }, { "$ref": "#/definitions/AWS::QuickSight::RefreshSchedule" }, @@ -284268,6 +338403,9 @@ { "$ref": "#/definitions/AWS::RDS::DBSecurityGroupIngress" }, + { + "$ref": "#/definitions/AWS::RDS::DBShardGroup" + }, { "$ref": "#/definitions/AWS::RDS::DBSubnetGroup" }, @@ -284286,6 +338424,9 @@ { "$ref": "#/definitions/AWS::RUM::AppMonitor" }, + { + "$ref": "#/definitions/AWS::Rbin::Rule" + }, { "$ref": "#/definitions/AWS::Redshift::Cluster" }, @@ -284310,12 +338451,18 @@ { "$ref": "#/definitions/AWS::Redshift::EventSubscription" }, + { + "$ref": "#/definitions/AWS::Redshift::Integration" + }, { "$ref": "#/definitions/AWS::Redshift::ScheduledAction" }, { "$ref": "#/definitions/AWS::RedshiftServerless::Namespace" }, + { + "$ref": "#/definitions/AWS::RedshiftServerless::Snapshot" + }, { "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup" }, @@ -284358,6 +338505,9 @@ { "$ref": "#/definitions/AWS::ResourceGroups::Group" }, + { + "$ref": "#/definitions/AWS::ResourceGroups::TagSyncTask" + }, { "$ref": "#/definitions/AWS::RoboMaker::Fleet" }, @@ -284502,6 +338652,9 @@ { "$ref": "#/definitions/AWS::S3::StorageLensGroup" }, + { + "$ref": "#/definitions/AWS::S3Express::AccessPoint" + }, { "$ref": "#/definitions/AWS::S3Express::BucketPolicy" }, @@ -284526,6 +338679,21 @@ { "$ref": "#/definitions/AWS::S3Outposts::Endpoint" }, + { + "$ref": "#/definitions/AWS::S3Tables::Namespace" + }, + { + "$ref": "#/definitions/AWS::S3Tables::Table" + }, + { + "$ref": "#/definitions/AWS::S3Tables::TableBucket" + }, + { + "$ref": "#/definitions/AWS::S3Tables::TableBucketPolicy" + }, + { + "$ref": "#/definitions/AWS::S3Tables::TablePolicy" + }, { "$ref": "#/definitions/AWS::SDB::Domain" }, @@ -284544,6 +338712,30 @@ { "$ref": "#/definitions/AWS::SES::EmailIdentity" }, + { + "$ref": "#/definitions/AWS::SES::MailManagerAddonInstance" + }, + { + "$ref": "#/definitions/AWS::SES::MailManagerAddonSubscription" + }, + { + "$ref": "#/definitions/AWS::SES::MailManagerAddressList" + }, + { + "$ref": "#/definitions/AWS::SES::MailManagerArchive" + }, + { + "$ref": "#/definitions/AWS::SES::MailManagerIngressPoint" + }, + { + "$ref": "#/definitions/AWS::SES::MailManagerRelay" + }, + { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet" + }, + { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy" + }, { "$ref": "#/definitions/AWS::SES::ReceiptFilter" }, @@ -284619,15 +338811,30 @@ { "$ref": "#/definitions/AWS::SSMContacts::Rotation" }, + { + "$ref": "#/definitions/AWS::SSMGuiConnect::Preferences" + }, { "$ref": "#/definitions/AWS::SSMIncidents::ReplicationSet" }, { "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan" }, + { + "$ref": "#/definitions/AWS::SSMQuickSetup::ConfigurationManager" + }, + { + "$ref": "#/definitions/AWS::SSO::Application" + }, + { + "$ref": "#/definitions/AWS::SSO::ApplicationAssignment" + }, { "$ref": "#/definitions/AWS::SSO::Assignment" }, + { + "$ref": "#/definitions/AWS::SSO::Instance" + }, { "$ref": "#/definitions/AWS::SSO::InstanceAccessControlAttributeConfiguration" }, @@ -284640,6 +338847,9 @@ { "$ref": "#/definitions/AWS::SageMaker::AppImageConfig" }, + { + "$ref": "#/definitions/AWS::SageMaker::Cluster" + }, { "$ref": "#/definitions/AWS::SageMaker::CodeRepository" }, @@ -284676,6 +338886,9 @@ { "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment" }, + { + "$ref": "#/definitions/AWS::SageMaker::MlflowTrackingServer" + }, { "$ref": "#/definitions/AWS::SageMaker::Model" }, @@ -284706,6 +338919,9 @@ { "$ref": "#/definitions/AWS::SageMaker::NotebookInstanceLifecycleConfig" }, + { + "$ref": "#/definitions/AWS::SageMaker::PartnerApp" + }, { "$ref": "#/definitions/AWS::SageMaker::Pipeline" }, @@ -284715,6 +338931,9 @@ { "$ref": "#/definitions/AWS::SageMaker::Space" }, + { + "$ref": "#/definitions/AWS::SageMaker::StudioLifecycleConfig" + }, { "$ref": "#/definitions/AWS::SageMaker::UserProfile" }, @@ -284739,21 +338958,45 @@ { "$ref": "#/definitions/AWS::SecretsManager::SecretTargetAttachment" }, + { + "$ref": "#/definitions/AWS::SecurityHub::AggregatorV2" + }, { "$ref": "#/definitions/AWS::SecurityHub::AutomationRule" }, + { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2" + }, + { + "$ref": "#/definitions/AWS::SecurityHub::ConfigurationPolicy" + }, { "$ref": "#/definitions/AWS::SecurityHub::DelegatedAdmin" }, + { + "$ref": "#/definitions/AWS::SecurityHub::FindingAggregator" + }, { "$ref": "#/definitions/AWS::SecurityHub::Hub" }, + { + "$ref": "#/definitions/AWS::SecurityHub::HubV2" + }, { "$ref": "#/definitions/AWS::SecurityHub::Insight" }, + { + "$ref": "#/definitions/AWS::SecurityHub::OrganizationConfiguration" + }, + { + "$ref": "#/definitions/AWS::SecurityHub::PolicyAssociation" + }, { "$ref": "#/definitions/AWS::SecurityHub::ProductSubscription" }, + { + "$ref": "#/definitions/AWS::SecurityHub::SecurityControl" + }, { "$ref": "#/definitions/AWS::SecurityHub::Standard" }, @@ -284766,6 +339009,9 @@ { "$ref": "#/definitions/AWS::SecurityLake::Subscriber" }, + { + "$ref": "#/definitions/AWS::SecurityLake::SubscriberNotification" + }, { "$ref": "#/definitions/AWS::ServiceCatalog::AcceptedPortfolioShare" }, @@ -284922,6 +339168,9 @@ { "$ref": "#/definitions/AWS::Transfer::User" }, + { + "$ref": "#/definitions/AWS::Transfer::WebApp" + }, { "$ref": "#/definitions/AWS::Transfer::Workflow" }, @@ -284949,6 +339198,12 @@ { "$ref": "#/definitions/AWS::VpcLattice::Listener" }, + { + "$ref": "#/definitions/AWS::VpcLattice::ResourceConfiguration" + }, + { + "$ref": "#/definitions/AWS::VpcLattice::ResourceGateway" + }, { "$ref": "#/definitions/AWS::VpcLattice::ResourcePolicy" }, @@ -284961,6 +339216,9 @@ { "$ref": "#/definitions/AWS::VpcLattice::ServiceNetwork" }, + { + "$ref": "#/definitions/AWS::VpcLattice::ServiceNetworkResourceAssociation" + }, { "$ref": "#/definitions/AWS::VpcLattice::ServiceNetworkServiceAssociation" }, @@ -285042,6 +339300,24 @@ { "$ref": "#/definitions/AWS::WAFv2::WebACLAssociation" }, + { + "$ref": "#/definitions/AWS::Wisdom::AIAgent" + }, + { + "$ref": "#/definitions/AWS::Wisdom::AIAgentVersion" + }, + { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrail" + }, + { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrailVersion" + }, + { + "$ref": "#/definitions/AWS::Wisdom::AIPrompt" + }, + { + "$ref": "#/definitions/AWS::Wisdom::AIPromptVersion" + }, { "$ref": "#/definitions/AWS::Wisdom::Assistant" }, @@ -285051,18 +339327,33 @@ { "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase" }, + { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate" + }, + { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplateVersion" + }, + { + "$ref": "#/definitions/AWS::Wisdom::QuickResponse" + }, { "$ref": "#/definitions/AWS::WorkSpaces::ConnectionAlias" }, { "$ref": "#/definitions/AWS::WorkSpaces::Workspace" }, + { + "$ref": "#/definitions/AWS::WorkSpaces::WorkspacesPool" + }, { "$ref": "#/definitions/AWS::WorkSpacesThinClient::Environment" }, { "$ref": "#/definitions/AWS::WorkSpacesWeb::BrowserSettings" }, + { + "$ref": "#/definitions/AWS::WorkSpacesWeb::DataProtectionSettings" + }, { "$ref": "#/definitions/AWS::WorkSpacesWeb::IdentityProvider" }, @@ -285084,6 +339375,15 @@ { "$ref": "#/definitions/AWS::WorkSpacesWeb::UserSettings" }, + { + "$ref": "#/definitions/AWS::WorkspacesInstances::Volume" + }, + { + "$ref": "#/definitions/AWS::WorkspacesInstances::VolumeAssociation" + }, + { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance" + }, { "$ref": "#/definitions/AWS::XRay::Group" }, @@ -285093,6 +339393,9 @@ { "$ref": "#/definitions/AWS::XRay::SamplingRule" }, + { + "$ref": "#/definitions/AWS::XRay::TransactionSearchConfig" + }, { "$ref": "#/definitions/Alexa::ASK::Skill" }, diff --git a/schema_source/cloudformation-docs.json b/schema_source/cloudformation-docs.json index c31581104b..da10bf50bf 100644 --- a/schema_source/cloudformation-docs.json +++ b/schema_source/cloudformation-docs.json @@ -204,6 +204,33 @@ "Principal": "The AWS service or entity that holds the permission. At this time, the only valid principal is `acm.amazonaws.com` .", "SourceAccount": "The ID of the account that assigned the permission." }, + "AWS::AIOps::InvestigationGroup": { + "ChatbotNotificationChannels": "Use this property to integrate CloudWatch investigations with chat applications. This property is an array. For the first string, specify the ARN of an Amazon SNS topic. For the array of strings, specify the ARNs of one or more chat applications configurations that you want to associate with that topic. For more information about these configuration ARNs, see [Getting started with Amazon Q in chat applications](https://docs.aws.amazon.com/chatbot/latest/adminguide/getting-started.html) and [Resource type defined by AWS Chatbot](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awschatbot.html#awschatbot-resources-for-iam-policies) .", + "CrossAccountConfigurations": "List of `sourceRoleArn` values that have been configured for cross-account access.", + "EncryptionConfig": "Specifies the customer managed AWS KMS key that the investigation group uses to encrypt data, if there is one. If not, the investigation group uses an AWS key to encrypt the data.", + "InvestigationGroupPolicy": "Returns the JSON of the IAM resource policy associated with the specified investigation group in a string. For example, `{\\\"Version\\\":\\\"2012-10-17\\\",\\\"Statement\\\":[{\\\"Effect\\\":\\\"Allow\\\",\\\"Principal\\\":{\\\"Service\\\":\\\"aiops.alarms.cloudwatch.amazonaws.com\\\"},\\\"Action\\\":[\\\"aiops:CreateInvestigation\\\",\\\"aiops:CreateInvestigationEvent\\\"],\\\"Resource\\\":\\\"*\\\",\\\"Condition\\\":{\\\"StringEquals\\\":{\\\"aws:SourceAccount\\\":\\\"111122223333\\\"},\\\"ArnLike\\\":{\\\"aws:SourceArn\\\":\\\"arn:aws:cloudwatch:us-east-1:111122223333:alarm:*\\\"}}}]}` .", + "IsCloudTrailEventHistoryEnabled": "Specify `true` to enable CloudWatch investigations to have access to change events that are recorded by CloudTrail. The default is `true` .", + "Name": "Specify either the name or the ARN of the investigation group that you want to view. This is used to set the name of the investigation group.", + "RetentionInDays": "Specifies how long that investigation data is kept.", + "RoleArn": "The ARN of the IAM role that the investigation group uses for permissions to gather data.", + "TagKeyBoundaries": "Displays the custom tag keys for custom applications in your system that you have specified in the investigation group. Resource tags help CloudWatch investigations narrow the search space when it is unable to discover definite relationships between resources.", + "Tags": "The list of key-value pairs to associate with the resource." + }, + "AWS::AIOps::InvestigationGroup ChatbotNotificationChannel": { + "ChatConfigurationArns": "Returns the Amazon Resource Name (ARN) of any third-party chat integrations configured for the account.", + "SNSTopicArn": "Returns the ARN of an Amazon SNS topic used for third-party chat integrations." + }, + "AWS::AIOps::InvestigationGroup CrossAccountConfiguration": { + "SourceRoleArn": "The ARN of an existing role which will be used to do investigations on your behalf." + }, + "AWS::AIOps::InvestigationGroup EncryptionConfigMap": { + "EncryptionConfigurationType": "Displays whether investigation data is encrypted by a customer managed key or an AWS owned key.", + "KmsKeyId": "If the investigation group uses a customer managed key for encryption, this field displays the ID of that key." + }, + "AWS::AIOps::InvestigationGroup Tag": { + "Key": "Assigns one or more tags (key-value pairs) to the specified resource.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with a resource.", + "Value": "A list of key-value pairs to associate with the investigation group. You can associate as many as 50 tags with an investigation group. To be able to associate tags when you create the investigation group, you must have the `cloudwatch:TagResource` permission.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values." + }, "AWS::APS::RuleGroupsNamespace": { "Data": "The rules file used in the namespace.\n\nFor more details about the rules file, see [Creating a rules file](https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-ruler-rulesfile.html) in the *Amazon Managed Service for Prometheus User Guide* .", "Name": "The name of the rule groups namespace.", @@ -296,7 +323,7 @@ }, "AWS::ARCZonalShift::ZonalAutoshiftConfiguration": { "PracticeRunConfiguration": "A practice run configuration for a resource includes the Amazon CloudWatch alarms that you've specified for a practice run, as well as any blocked dates or blocked windows for the practice run. When a resource has a practice run configuration, ARC shifts traffic for the resource weekly for practice runs.\n\nPractice runs are required for zonal autoshift. The zonal shifts that ARC starts for practice runs help you to ensure that shifting away traffic from an Availability Zone during an autoshift is safe for your application.\n\nYou can update or delete a practice run configuration. Before you delete a practice run configuration, you must disable zonal autoshift for the resource. A practice run configuration is required when zonal autoshift is enabled.", - "ResourceIdentifier": "The identifier for the resource that AWS shifts traffic for. The identifier is the Amazon Resource Name (ARN) for the resource.\n\nAt this time, supported resources are Network Load Balancers and Application Load Balancers with cross-zone load balancing turned off.", + "ResourceIdentifier": "The identifier for the resource that AWS shifts traffic for. The identifier is the Amazon Resource Name (ARN) for the resource.\n\nAt this time, supported resources are Network Load Balancers and Application Load Balancers.", "ZonalAutoshiftStatus": "When zonal autoshift is `ENABLED` , you authorize AWS to shift away resource traffic for an application from an Availability Zone during events, on your behalf, to help reduce time to recovery. Traffic is also shifted away for the required weekly practice runs." }, "AWS::ARCZonalShift::ZonalAutoshiftConfiguration ControlCondition": { @@ -305,7 +332,7 @@ }, "AWS::ARCZonalShift::ZonalAutoshiftConfiguration PracticeRunConfiguration": { "BlockedDates": "An array of one or more dates that you can specify when AWS does not start practice runs for a resource. Dates are in UTC.\n\nSpecify blocked dates in the format `YYYY-MM-DD` , separated by spaces.", - "BlockedWindows": "An array of one or more days and times that you can specify when Route 53 ARC does not start practice runs for a resource. Days and times are in UTC.\n\nSpecify blocked windows in the format `DAY:HH:MM-DAY:HH:MM` , separated by spaces. For example, `MON:18:30-MON:19:30 TUE:18:30-TUE:19:30` .", + "BlockedWindows": "An array of one or more days and times that you can specify when ARC does not start practice runs for a resource. Days and times are in UTC.\n\nSpecify blocked windows in the format `DAY:HH:MM-DAY:HH:MM` , separated by spaces. For example, `MON:18:30-MON:19:30 TUE:18:30-TUE:19:30` .\n\n> Blocked windows have to start and end on the same day. Windows that span multiple days aren't supported.", "BlockingAlarms": "An optional alarm that you can specify that blocks practice runs when the alarm is in an `ALARM` state. When a blocking alarm goes into an `ALARM` state, it prevents practice runs from being started, and ends practice runs that are in progress.", "OutcomeAlarms": "The alarm that you specify to monitor the health of your application during practice runs. When the outcome alarm goes into an `ALARM` state, the practice run is ended and the outcome is set to `FAILED` ." }, @@ -314,7 +341,7 @@ "AnalyzerName": "The name of the analyzer.", "ArchiveRules": "Specifies the archive rules to add for the analyzer. Archive rules automatically archive findings that meet the criteria you define for the rule.", "Tags": "An array of key-value pairs to apply to the analyzer. You can use the set of Unicode letters, digits, whitespace, `_` , `.` , `/` , `=` , `+` , and `-` .\n\nFor the tag key, you can specify a value that is 1 to 128 characters in length and cannot be prefixed with `aws:` .\n\nFor the tag value, you can specify a value that is 0 to 256 characters in length.", - "Type": "The type represents the zone of trust for the analyzer.\n\n*Allowed Values* : ACCOUNT | ORGANIZATION | ACCOUNT_UNUSED_ACCESS | ORGANIZATION_UNUSED_ACCESS" + "Type": "The type represents the zone of trust for the analyzer.\n\n*Allowed Values* : ACCOUNT | ORGANIZATION | ACCOUNT_UNUSED_ACCESS | ACCOUNT_INTERNAL_ACCESS | ORGANIZATION_INTERNAL_ACCESS | ORGANIZATION_UNUSED_ACCESS" }, "AWS::AccessAnalyzer::Analyzer AnalysisRule": { "Exclusions": "A list of rules for the analyzer containing criteria to exclude from analysis. Entities that meet the rule criteria will not generate findings." @@ -324,6 +351,7 @@ "ResourceTags": "An array of key-value pairs to match for your resources. You can use the set of Unicode letters, digits, whitespace, `_` , `.` , `/` , `=` , `+` , and `-` .\n\nFor the tag key, you can specify a value that is 1 to 128 characters in length and cannot be prefixed with `aws:` .\n\nFor the tag value, you can specify a value that is 0 to 256 characters in length. If the specified tag value is 0 characters, the rule is applied to all principals with the specified tag key." }, "AWS::AccessAnalyzer::Analyzer AnalyzerConfiguration": { + "InternalAccessConfiguration": "Specifies the configuration of an internal access analyzer for an AWS organization or account. This configuration determines how the analyzer evaluates access within your AWS environment.", "UnusedAccessConfiguration": "Specifies the configuration of an unused access analyzer for an AWS organization or account." }, "AWS::AccessAnalyzer::Analyzer ArchiveRule": { @@ -337,9 +365,20 @@ "Neq": "A \"not equal\" condition to match for the rule.", "Property": "The property used to define the criteria in the filter for the rule." }, + "AWS::AccessAnalyzer::Analyzer InternalAccessAnalysisRule": { + "Inclusions": "A list of rules for the internal access analyzer containing criteria to include in analysis. Only resources that meet the rule criteria will generate findings." + }, + "AWS::AccessAnalyzer::Analyzer InternalAccessAnalysisRuleCriteria": { + "AccountIds": "A list of AWS account IDs to apply to the internal access analysis rule criteria. Account IDs can only be applied to the analysis rule criteria for organization-level analyzers.", + "ResourceArns": "A list of resource ARNs to apply to the internal access analysis rule criteria. The analyzer will only generate findings for resources that match these ARNs.", + "ResourceTypes": "A list of resource types to apply to the internal access analysis rule criteria. The analyzer will only generate findings for resources of these types. These resource types are currently supported for internal access analyzers:\n\n- `AWS::S3::Bucket`\n- `AWS::RDS::DBSnapshot`\n- `AWS::RDS::DBClusterSnapshot`\n- `AWS::S3Express::DirectoryBucket`\n- `AWS::DynamoDB::Table`\n- `AWS::DynamoDB::Stream`" + }, + "AWS::AccessAnalyzer::Analyzer InternalAccessConfiguration": { + "InternalAccessAnalysisRule": "Contains information about analysis rules for the internal access analyzer. These rules determine which resources and access patterns will be analyzed." + }, "AWS::AccessAnalyzer::Analyzer Tag": { - "Key": "The key name of the tag. You can specify a value that's 1 to 128 Unicode characters in length and can't be prefixed with `aws:` . digits, whitespace, `_` , `.` , `:` , `/` , `=` , `+` , `@` , `-` , and `\"` .\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "Value": "The value for the tag. You can specify a value that's 1 to 256 characters in length. You can use any of the following characters: the set of Unicode letters, digits, whitespace, `_` , `.` , `/` , `=` , `+` , and `-` .\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." + "Key": "The key name of the tag. You can specify a value that's 1 to 128 Unicode characters in length and can't be prefixed with `aws:` . digits, whitespace, `_` , `.` , `:` , `/` , `=` , `+` , `@` , `-` , and `\"` .\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/TemplateReference/aws-properties-resource-tags.html) .", + "Value": "The value for the tag. You can specify a value that's 1 to 256 characters in length. You can use any of the following characters: the set of Unicode letters, digits, whitespace, `_` , `.` , `/` , `=` , `+` , and `-` .\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/TemplateReference/aws-properties-resource-tags.html) ." }, "AWS::AccessAnalyzer::Analyzer UnusedAccessConfiguration": { "AnalysisRule": "Contains information about analysis rules for the analyzer. Analysis rules determine which entities will generate findings based on the criteria you define when you create the rule.", @@ -404,7 +443,6 @@ "AWS::AmazonMQ::Broker User": { "ConsoleAccess": "Enables access to the ActiveMQ web console for the ActiveMQ user. Does not apply to RabbitMQ brokers.", "Groups": "The list of groups (20 maximum) to which the ActiveMQ user belongs. This value can contain only alphanumeric characters, dashes, periods, underscores, and tildes (- . _ ~). This value must be 2-100 characters long. Does not apply to RabbitMQ brokers.", - "JolokiaApiAccess": "", "Password": "The password of the user. This value must be at least 12 characters long, must contain at least 4 unique characters, and must not contain commas, colons, or equal signs (,:=).", "ReplicationUser": "Defines if this user is intended for CRDR replication purposes.", "Username": "The username of the broker user. For Amazon MQ for ActiveMQ brokers, this value can contain only alphanumeric characters, dashes, periods, underscores, and tildes (- . _ ~). For Amazon MQ for RabbitMQ brokers, this value can contain only alphanumeric characters, dashes, periods, underscores (- . _). This value must not contain a tilde (~) character. Amazon MQ prohibts using guest as a valid usename. This value must be 2-100 characters long.\n\n> Do not add personally identifiable information (PII) or other confidential or sensitive information in broker usernames. Broker usernames are accessible to other AWS services, including CloudWatch Logs . Broker usernames are not intended to be used for private or sensitive data." @@ -443,6 +481,7 @@ "EnableBranchAutoDeletion": "Automatically disconnect a branch in Amplify Hosting when you delete a branch from your Git repository.", "EnvironmentVariables": "The environment variables for the Amplify app.\n\nFor a list of the environment variables that are accessible to Amplify by default, see [Amplify Environment variables](https://docs.aws.amazon.com/amplify/latest/userguide/amplify-console-environment-variables.html) in the *Amplify Hosting User Guide* .", "IAMServiceRole": "AWS Identity and Access Management ( IAM ) service role for the Amazon Resource Name (ARN) of the Amplify app.", + "JobConfig": "The configuration details that apply to the jobs for an Amplify app.", "Name": "The name of the Amplify app.", "OauthToken": "The OAuth token for a third-party source control system for an Amplify app. The OAuth token is used to create a webhook and a read-only deploy key using SSH cloning. The OAuth token is not stored.\n\nUse `OauthToken` for repository providers other than GitHub, such as Bitbucket or CodeCommit. To authorize access to GitHub as your repository provider, use `AccessToken` .\n\nYou must specify either `OauthToken` or `AccessToken` when you create a new app.\n\nExisting Amplify apps deployed from a GitHub repository using OAuth continue to work with CI/CD. However, we strongly recommend that you migrate these apps to use the GitHub App. For more information, see [Migrating an existing OAuth app to the Amplify GitHub App](https://docs.aws.amazon.com/amplify/latest/userguide/setting-up-GitHub-access.html#migrating-to-github-app-auth) in the *Amplify User Guide* .", "Platform": "The platform for the Amplify app. For a static app, set the platform type to `WEB` . For a dynamic server-side rendered (SSR) app, set the platform type to `WEB_COMPUTE` . For an app requiring Amplify Hosting's original SSR support only, set the platform type to `WEB_DYNAMIC` .\n\nIf you are deploying an SSG only app with Next.js version 14 or later, you must set the platform type to `WEB_COMPUTE` and set the artifacts `baseDirectory` to `.next` in the application's build settings. For an example of the build specification settings, see [Amplify build settings for a Next.js 14 SSG application](https://docs.aws.amazon.com/amplify/latest/userguide/deploy-nextjs-app.html#build-setting-detection-ssg-14) in the *Amplify Hosting User Guide* .", @@ -480,6 +519,9 @@ "Name": "The environment variable name.", "Value": "The environment variable value." }, + "AWS::Amplify::App JobConfig": { + "BuildComputeType": "Specifies the size of the build instance. Amplify supports three instance sizes: `STANDARD_8GB` , `LARGE_16GB` , and `XLARGE_72GB` . If you don't specify a value, Amplify uses the `STANDARD_8GB` default.\n\nThe following list describes the CPU, memory, and storage capacity for each build instance type:\n\n- **STANDARD_8GB** - - vCPUs: 4\n- Memory: 8 GiB\n- Disk space: 128 GB\n- **LARGE_16GB** - - vCPUs: 8\n- Memory: 16 GiB\n- Disk space: 128 GB\n- **XLARGE_72GB** - - vCPUs: 36\n- Memory: 72 GiB\n- Disk space: 256 GB" + }, "AWS::Amplify::App Tag": { "Key": "Specifies the key for the tag.", "Value": "Specifies the value for the tag." @@ -2928,8 +2970,8 @@ "TagItems": "The items of the tag." }, "AWS::AppStream::AppBlock TagItems": { - "Key": "", - "Value": "" + "Key": "The key of the tag items.", + "Value": "The value of the tag items." }, "AWS::AppStream::AppBlockBuilder": { "AccessEndpoints": "The access endpoints of the app block builder.", @@ -2978,8 +3020,8 @@ "TagItems": "The items of the tag." }, "AWS::AppStream::Application TagItems": { - "Key": "", - "Value": "" + "Key": "The key of the tag items.", + "Value": "The value of the tag items." }, "AWS::AppStream::ApplicationEntitlementAssociation": { "ApplicationIdentifier": "The identifier of the application.", @@ -3027,7 +3069,7 @@ "IdleDisconnectTimeoutInSeconds": "The amount of time that users can be idle (inactive) before they are disconnected from their streaming session and the `DisconnectTimeoutInSeconds` time interval begins. Users are notified before they are disconnected due to inactivity. If they try to reconnect to the streaming session before the time interval specified in `DisconnectTimeoutInSeconds` elapses, they are connected to their previous session. Users are considered idle when they stop providing keyboard or mouse input during their streaming session. File uploads and downloads, audio in, audio out, and pixels changing do not qualify as user activity. If users continue to be idle after the time interval in `IdleDisconnectTimeoutInSeconds` elapses, they are disconnected.\n\nTo prevent users from being disconnected due to inactivity, specify a value of 0. Otherwise, specify a value between 60 and 36000.\n\nIf you enable this feature, we recommend that you specify a value that corresponds exactly to a whole number of minutes (for example, 60, 120, and 180). If you don't do this, the value is rounded to the nearest minute. For example, if you specify a value of 70, users are disconnected after 1 minute of inactivity. If you specify a value that is at the midpoint between two different minutes, the value is rounded up. For example, if you specify a value of 90, users are disconnected after 2 minutes of inactivity.", "ImageArn": "The ARN of the public, private, or shared image to use.", "ImageName": "The name of the image used to create the fleet.", - "InstanceType": "The instance type to use when launching fleet instances. The following instance types are available for non-Elastic fleets:\n\n- stream.standard.small\n- stream.standard.medium\n- stream.standard.large\n- stream.compute.large\n- stream.compute.xlarge\n- stream.compute.2xlarge\n- stream.compute.4xlarge\n- stream.compute.8xlarge\n- stream.memory.large\n- stream.memory.xlarge\n- stream.memory.2xlarge\n- stream.memory.4xlarge\n- stream.memory.8xlarge\n- stream.memory.z1d.large\n- stream.memory.z1d.xlarge\n- stream.memory.z1d.2xlarge\n- stream.memory.z1d.3xlarge\n- stream.memory.z1d.6xlarge\n- stream.memory.z1d.12xlarge\n- stream.graphics-design.large\n- stream.graphics-design.xlarge\n- stream.graphics-design.2xlarge\n- stream.graphics-design.4xlarge\n- stream.graphics-desktop.2xlarge\n- stream.graphics.g4dn.xlarge\n- stream.graphics.g4dn.2xlarge\n- stream.graphics.g4dn.4xlarge\n- stream.graphics.g4dn.8xlarge\n- stream.graphics.g4dn.12xlarge\n- stream.graphics.g4dn.16xlarge\n- stream.graphics-pro.4xlarge\n- stream.graphics-pro.8xlarge\n- stream.graphics-pro.16xlarge\n\nThe following instance types are available for Elastic fleets:\n\n- stream.standard.small\n- stream.standard.medium", + "InstanceType": "The instance type to use when launching fleet instances. The following instance types are available for non-Elastic fleets:\n\n- stream.standard.small\n- stream.standard.medium\n- stream.standard.large\n- stream.compute.large\n- stream.compute.xlarge\n- stream.compute.2xlarge\n- stream.compute.4xlarge\n- stream.compute.8xlarge\n- stream.memory.large\n- stream.memory.xlarge\n- stream.memory.2xlarge\n- stream.memory.4xlarge\n- stream.memory.8xlarge\n- stream.memory.z1d.large\n- stream.memory.z1d.xlarge\n- stream.memory.z1d.2xlarge\n- stream.memory.z1d.3xlarge\n- stream.memory.z1d.6xlarge\n- stream.memory.z1d.12xlarge\n- stream.graphics-design.large\n- stream.graphics-design.xlarge\n- stream.graphics-design.2xlarge\n- stream.graphics-design.4xlarge\n- stream.graphics-desktop.2xlarge\n- stream.graphics.g4dn.xlarge\n- stream.graphics.g4dn.2xlarge\n- stream.graphics.g4dn.4xlarge\n- stream.graphics.g4dn.8xlarge\n- stream.graphics.g4dn.12xlarge\n- stream.graphics.g4dn.16xlarge\n- stream.graphics-pro.4xlarge\n- stream.graphics-pro.8xlarge\n- stream.graphics-pro.16xlarge\n- stream.graphics.g5.xlarge\n- stream.graphics.g5.2xlarge\n- stream.graphics.g5.4xlarge\n- stream.graphics.g5.8xlarge\n- stream.graphics.g5.16xlarge\n- stream.graphics.g5.12xlarge\n- stream.graphics.g5.24xlarge\n- stream.graphics.g6.xlarge\n- stream.graphics.g6.2xlarge\n- stream.graphics.g6.4xlarge\n- stream.graphics.g6.8xlarge\n- stream.graphics.g6.16xlarge\n- stream.graphics.g6.12xlarge\n- stream.graphics.g6.24xlarge\n- stream.graphics.gr6.4xlarge\n- stream.graphics.gr6.8xlarge\n\nThe following instance types are available for Elastic fleets:\n\n- stream.standard.small\n- stream.standard.medium", "MaxConcurrentSessions": "The maximum number of concurrent sessions that can be run on an Elastic fleet. This setting is required for Elastic fleets, but is not used for other fleet types.", "MaxSessionsPerInstance": "Max number of user sessions on an instance. This is applicable only for multi-session fleets.", "MaxUserDurationInSeconds": "The maximum amount of time that a streaming session can remain active, in seconds. If users are still connected to a streaming instance five minutes before this limit is reached, they are prompted to save any open documents before being disconnected. After this time elapses, the instance is terminated and replaced by a new instance.\n\nSpecify a value between 600 and 432000.", @@ -3069,7 +3111,7 @@ "IamRoleArn": "The ARN of the IAM role that is applied to the image builder. To assume a role, the image builder calls the AWS Security Token Service `AssumeRole` API operation and passes the ARN of the role to use. The operation creates a new session with temporary credentials. AppStream 2.0 retrieves the temporary credentials and creates the *appstream_machine_role* credential profile on the instance.\n\nFor more information, see [Using an IAM Role to Grant Permissions to Applications and Scripts Running on AppStream 2.0 Streaming Instances](https://docs.aws.amazon.com/appstream2/latest/developerguide/using-iam-roles-to-grant-permissions-to-applications-scripts-streaming-instances.html) in the *Amazon AppStream 2.0 Administration Guide* .", "ImageArn": "The ARN of the public, private, or shared image to use.", "ImageName": "The name of the image used to create the image builder.", - "InstanceType": "The instance type to use when launching the image builder. The following instance types are available:\n\n- stream.standard.small\n- stream.standard.medium\n- stream.standard.large\n- stream.compute.large\n- stream.compute.xlarge\n- stream.compute.2xlarge\n- stream.compute.4xlarge\n- stream.compute.8xlarge\n- stream.memory.large\n- stream.memory.xlarge\n- stream.memory.2xlarge\n- stream.memory.4xlarge\n- stream.memory.8xlarge\n- stream.memory.z1d.large\n- stream.memory.z1d.xlarge\n- stream.memory.z1d.2xlarge\n- stream.memory.z1d.3xlarge\n- stream.memory.z1d.6xlarge\n- stream.memory.z1d.12xlarge\n- stream.graphics-design.large\n- stream.graphics-design.xlarge\n- stream.graphics-design.2xlarge\n- stream.graphics-design.4xlarge\n- stream.graphics-desktop.2xlarge\n- stream.graphics.g4dn.xlarge\n- stream.graphics.g4dn.2xlarge\n- stream.graphics.g4dn.4xlarge\n- stream.graphics.g4dn.8xlarge\n- stream.graphics.g4dn.12xlarge\n- stream.graphics.g4dn.16xlarge\n- stream.graphics-pro.4xlarge\n- stream.graphics-pro.8xlarge\n- stream.graphics-pro.16xlarge", + "InstanceType": "The instance type to use when launching the image builder. The following instance types are available:\n\n- stream.standard.small\n- stream.standard.medium\n- stream.standard.large\n- stream.compute.large\n- stream.compute.xlarge\n- stream.compute.2xlarge\n- stream.compute.4xlarge\n- stream.compute.8xlarge\n- stream.memory.large\n- stream.memory.xlarge\n- stream.memory.2xlarge\n- stream.memory.4xlarge\n- stream.memory.8xlarge\n- stream.memory.z1d.large\n- stream.memory.z1d.xlarge\n- stream.memory.z1d.2xlarge\n- stream.memory.z1d.3xlarge\n- stream.memory.z1d.6xlarge\n- stream.memory.z1d.12xlarge\n- stream.graphics-design.large\n- stream.graphics-design.xlarge\n- stream.graphics-design.2xlarge\n- stream.graphics-design.4xlarge\n- stream.graphics-desktop.2xlarge\n- stream.graphics.g4dn.xlarge\n- stream.graphics.g4dn.2xlarge\n- stream.graphics.g4dn.4xlarge\n- stream.graphics.g4dn.8xlarge\n- stream.graphics.g4dn.12xlarge\n- stream.graphics.g4dn.16xlarge\n- stream.graphics-pro.4xlarge\n- stream.graphics-pro.8xlarge\n- stream.graphics-pro.16xlarge\n- stream.graphics.g5.xlarge\n- stream.graphics.g5.2xlarge\n- stream.graphics.g5.4xlarge\n- stream.graphics.g5.8xlarge\n- stream.graphics.g5.16xlarge\n- stream.graphics.g5.12xlarge\n- stream.graphics.g5.24xlarge\n- stream.graphics.g6.xlarge\n- stream.graphics.g6.2xlarge\n- stream.graphics.g6.4xlarge\n- stream.graphics.g6.8xlarge\n- stream.graphics.g6.16xlarge\n- stream.graphics.g6.12xlarge\n- stream.graphics.g6.24xlarge\n- stream.graphics.gr6.4xlarge\n- stream.graphics.gr6.8xlarge", "Name": "A unique name for the image builder.", "Tags": "An array of key-value pairs.", "VpcConfig": "The VPC configuration for the image builder. You can specify only one subnet." @@ -3201,9 +3243,9 @@ "AWS::AppSync::ApiCache": { "ApiCachingBehavior": "Caching behavior.\n\n- *FULL_REQUEST_CACHING* : All requests from the same user are cached. Individual resolvers are automatically cached. All API calls will try to return responses from the cache.\n- *PER_RESOLVER_CACHING* : Individual resolvers that you specify are cached.\n- *OPERATION_LEVEL_CACHING* : Full requests are cached together and returned without executing resolvers.", "ApiId": "The GraphQL API ID.", - "AtRestEncryptionEnabled": "At-rest encryption flag for cache. You cannot update this setting after creation.", + "AtRestEncryptionEnabled": "*This parameter has been deprecated* .\n\nAt-rest encryption flag for cache. You cannot update this setting after creation.", "HealthMetricsConfig": "Controls how cache health metrics will be emitted to CloudWatch. Cache health metrics include:\n\n- *NetworkBandwidthOutAllowanceExceeded* : The network packets dropped because the throughput exceeded the aggregated bandwidth limit. This is useful for diagnosing bottlenecks in a cache configuration.\n- *EngineCPUUtilization* : The CPU utilization (percentage) allocated to the Redis process. This is useful for diagnosing bottlenecks in a cache configuration.\n\nMetrics will be recorded by API ID. You can set the value to `ENABLED` or `DISABLED` .", - "TransitEncryptionEnabled": "Transit encryption flag when connecting to cache. You cannot update this setting after creation.", + "TransitEncryptionEnabled": "*This parameter has been deprecated* .\n\nTransit encryption flag when connecting to cache. You cannot update this setting after creation.", "Ttl": "TTL in seconds for cache entries.\n\nValid values are 1\u20133,600 seconds.", "Type": "The cache instance type. Valid values are\n\n- `SMALL`\n- `MEDIUM`\n- `LARGE`\n- `XLARGE`\n- `LARGE_2X`\n- `LARGE_4X`\n- `LARGE_8X` (not available in all regions)\n- `LARGE_12X`\n\nHistorically, instance types were identified by an EC2-style value. As of July 2020, this is deprecated, and the generic identifiers above should be used.\n\nThe following legacy instance types are available, but their use is discouraged:\n\n- *T2_SMALL* : A t2.small instance type.\n- *T2_MEDIUM* : A t2.medium instance type.\n- *R4_LARGE* : A r4.large instance type.\n- *R4_XLARGE* : A r4.xlarge instance type.\n- *R4_2XLARGE* : A r4.2xlarge instance type.\n- *R4_4XLARGE* : A r4.4xlarge instance type.\n- *R4_8XLARGE* : A r4.8xlarge instance type." }, @@ -4004,6 +4046,13 @@ "EffectiveEngineVersion": "Read only. The engine version on which the query runs. If the user requests a valid engine version other than Auto, the effective engine version is the same as the engine version that the user requested. If the user requests Auto, the effective engine version is chosen by Athena. When a request to update the engine version is made by a `CreateWorkGroup` or `UpdateWorkGroup` operation, the `EffectiveEngineVersion` field is ignored.", "SelectedEngineVersion": "The engine version requested by the user. Possible values are determined by the output of `ListEngineVersions` , including AUTO. The default is AUTO." }, + "AWS::Athena::WorkGroup ManagedQueryResultsConfiguration": { + "Enabled": "If set to true, allows you to store query results in Athena owned storage. If set to false, workgroup member stores query results in location specified under `ResultConfiguration$OutputLocation` . The default is false. A workgroup cannot have the `ResultConfiguration$OutputLocation` parameter when you set this field to true.", + "EncryptionConfiguration": "If you encrypt query and calculation results in Athena owned storage, this field indicates the encryption option (for example, SSE_KMS or CSE_KMS) and key information." + }, + "AWS::Athena::WorkGroup ManagedStorageEncryptionConfiguration": { + "KmsKey": "" + }, "AWS::Athena::WorkGroup ResultConfiguration": { "AclConfiguration": "Indicates that an Amazon S3 canned ACL should be set to control ownership of stored query results. Currently the only supported canned ACL is `BUCKET_OWNER_FULL_CONTROL` . This is a client-side setting. If workgroup settings override client-side settings, then the query uses the ACL configuration that is specified for the workgroup, and also uses the location for storing query results specified in the workgroup. See `EnforceWorkGroupConfiguration` .", "EncryptionConfiguration": "If query results are encrypted in Amazon S3, indicates the encryption option used (for example, `SSE_KMS` or `CSE_KMS` ) and key information. This is a client-side setting. If workgroup settings override client-side settings, then the query uses the encryption configuration that is specified for the workgroup, and also uses the location for storing query results specified in the workgroup. See `EnforceWorkGroupConfiguration` and [Override client-side settings](https://docs.aws.amazon.com/athena/latest/ug/workgroups-settings-override.html) .", @@ -4031,6 +4080,7 @@ "EnforceWorkGroupConfiguration": "If set to \"true\", the settings for the workgroup override client-side settings. If set to \"false\", client-side settings are used. For more information, see [Override client-side settings](https://docs.aws.amazon.com/athena/latest/ug/workgroups-settings-override.html) .", "EngineVersion": "The engine version that all queries running on the workgroup use.", "ExecutionRole": "Role used to access user resources in an Athena for Apache Spark session. This property applies only to Spark-enabled workgroups in Athena.", + "ManagedQueryResultsConfiguration": "The configuration for storing results in Athena owned storage, which includes whether this feature is enabled; whether encryption configuration, if any, is used for encrypting query results.", "PublishCloudWatchMetricsEnabled": "Indicates that the Amazon CloudWatch metrics are enabled for the workgroup.", "RequesterPaysEnabled": "If set to `true` , allows members assigned to a workgroup to reference Amazon S3 Requester Pays buckets in queries. If set to `false` , workgroup members cannot query data from Requester Pays buckets, and queries that retrieve data from Requester Pays buckets cause an error. The default is `false` . For more information about Requester Pays buckets, see [Requester Pays Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/RequesterPaysBuckets.html) in the *Amazon Simple Storage Service Developer Guide* .", "ResultConfiguration": "Specifies the location in Amazon S3 where query results are stored and the encryption option, if any, used for query results. For more information, see [Work with query results and recent queries](https://docs.aws.amazon.com/athena/latest/ug/querying.html) ." @@ -4542,15 +4592,19 @@ "AWS::B2BI::Partnership": { "Capabilities": "Returns one or more capabilities associated with this partnership.", "CapabilityOptions": "Contains the details for an Outbound EDI capability.", - "Email": "", + "Email": "Specifies the email address associated with this trading partner.", "Name": "Returns the name of the partnership.", - "Phone": "", + "Phone": "Specifies the phone number associated with the partnership.", "ProfileId": "Returns the unique, system-generated identifier for the profile connected to this partnership.", "Tags": "A key-value pair for a specific partnership. Tags are metadata that you can use to search for and group capabilities for various purposes." }, "AWS::B2BI::Partnership CapabilityOptions": { + "InboundEdi": "A structure that contains the inbound EDI options for the capability.", "OutboundEdi": "A structure that contains the outbound EDI options." }, + "AWS::B2BI::Partnership InboundEdiOptions": { + "X12": "A structure that contains X12-specific options for processing inbound X12 EDI files." + }, "AWS::B2BI::Partnership OutboundEdiOptions": { "X12": "A structure that contains an X12 envelope structure." }, @@ -4558,19 +4612,37 @@ "Key": "Specifies the name assigned to the tag that you create.", "Value": "Contains one or more values that you assigned to the key name that you create." }, + "AWS::B2BI::Partnership WrapOptions": { + "LineLength": "", + "LineTerminator": "", + "WrapBy": "" + }, + "AWS::B2BI::Partnership X12AcknowledgmentOptions": { + "FunctionalAcknowledgment": "", + "TechnicalAcknowledgment": "" + }, + "AWS::B2BI::Partnership X12ControlNumbers": { + "StartingFunctionalGroupControlNumber": "", + "StartingInterchangeControlNumber": "", + "StartingTransactionSetControlNumber": "" + }, "AWS::B2BI::Partnership X12Delimiters": { "ComponentSeparator": "", "DataElementSeparator": "", "SegmentTerminator": "" }, "AWS::B2BI::Partnership X12Envelope": { - "Common": "A container for the X12 outbound EDI headers." + "Common": "A container for the X12 outbound EDI headers.", + "WrapOptions": "" }, "AWS::B2BI::Partnership X12FunctionalGroupHeaders": { "ApplicationReceiverCode": "", "ApplicationSenderCode": "", "ResponsibleAgencyCode": "" }, + "AWS::B2BI::Partnership X12InboundEdiOptions": { + "AcknowledgmentOptions": "Specifies acknowledgment options for inbound X12 EDI files. These options control how functional and technical acknowledgments are handled." + }, "AWS::B2BI::Partnership X12InterchangeControlHeaders": { "AcknowledgmentRequestedCode": "", "ReceiverId": "", @@ -4581,8 +4653,10 @@ "UsageIndicatorCode": "" }, "AWS::B2BI::Partnership X12OutboundEdiHeaders": { + "ControlNumbers": "Specifies control number configuration for outbound X12 EDI headers. These settings determine the starting values for interchange, functional group, and transaction set control numbers.", "Delimiters": "The delimiters, for example semicolon ( `;` ), that separates sections of the headers for the X12 object.", "FunctionalGroupHeaders": "The functional group headers for the X12 object.", + "Gs05TimeFormat": "", "InterchangeControlHeaders": "In X12 EDI messages, delimiters are used to mark the end of segments or elements, and are defined in the interchange control header.", "ValidateEdi": "Specifies whether or not to validate the EDI for this X12 object: `TRUE` or `FALSE` ." }, @@ -4607,10 +4681,14 @@ "Status": "Returns the state of the newly created transformer. The transformer can be either `active` or `inactive` . For the transformer to be used in a capability, its status must `active` .", "Tags": "A key-value pair for a specific transformer. Tags are metadata that you can use to search for and group capabilities for various purposes." }, + "AWS::B2BI::Transformer AdvancedOptions": { + "X12": "" + }, "AWS::B2BI::Transformer FormatOptions": { "X12": "" }, "AWS::B2BI::Transformer InputConversion": { + "AdvancedOptions": "", "FormatOptions": "", "FromFormat": "" }, @@ -4634,10 +4712,16 @@ "Key": "Specifies the name assigned to the tag that you create.", "Value": "Contains one or more values that you assigned to the key name that you create." }, + "AWS::B2BI::Transformer X12AdvancedOptions": { + "SplitOptions": "" + }, "AWS::B2BI::Transformer X12Details": { "TransactionSet": "Returns an enumerated type where each value identifies an X12 transaction set. Transaction sets are maintained by the X12 Accredited Standards Committee.", "Version": "Returns the version to use for the specified X12 transaction set." }, + "AWS::B2BI::Transformer X12SplitOptions": { + "SplitBy": "" + }, "AWS::BCMDataExports::Export": { "Export": "The details that are available for an export.", "Tags": "" @@ -4903,7 +4987,7 @@ "AWS::Batch::ComputeEnvironment Ec2ConfigurationObject": { "ImageIdOverride": "The AMI ID used for instances launched in the compute environment that match the image type. This setting overrides the `imageId` set in the `computeResource` object.\n\n> The AMI that you choose for a compute environment must match the architecture of the instance types that you intend to use for that compute environment. For example, if your compute environment uses A1 instance types, the compute resource AMI that you choose must support ARM instances. Amazon ECS vends both x86 and ARM versions of the Amazon ECS-optimized Amazon Linux 2 AMI. For more information, see [Amazon ECS-optimized Amazon Linux 2 AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html#ecs-optimized-ami-linux-variants.html) in the *Amazon Elastic Container Service Developer Guide* .", "ImageKubernetesVersion": "The Kubernetes version for the compute environment. If you don't specify a value, the latest version that AWS Batch supports is used.", - "ImageType": "The image type to match with the instance type to select an AMI. The supported values are different for `ECS` and `EKS` resources.\n\n- **ECS** - If the `imageIdOverride` parameter isn't specified, then a recent [Amazon ECS-optimized Amazon Linux 2 AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html#al2ami) ( `ECS_AL2` ) is used. If a new image type is specified in an update, but neither an `imageId` nor a `imageIdOverride` parameter is specified, then the latest Amazon ECS optimized AMI for that image type that's supported by AWS Batch is used.\n\n- **ECS_AL2** - [Amazon Linux 2](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html#al2ami) : Default for all non-GPU instance families.\n- **ECS_AL2_NVIDIA** - [Amazon Linux 2 (GPU)](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html#gpuami) : Default for all GPU instance families (for example `P4` and `G4` ) and can be used for all non AWS Graviton-based instance types.\n- **ECS_AL2023** - [Amazon Linux 2023](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) : AWS Batch supports Amazon Linux 2023.\n\n> Amazon Linux 2023 does not support `A1` instances.\n- **ECS_AL1** - [Amazon Linux](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html#alami) . Amazon Linux has reached the end-of-life of standard support. For more information, see [Amazon Linux AMI](https://docs.aws.amazon.com/amazon-linux-ami/) .\n- **EKS** - If the `imageIdOverride` parameter isn't specified, then a recent [Amazon EKS-optimized Amazon Linux AMI](https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html) ( `EKS_AL2` ) is used. If a new image type is specified in an update, but neither an `imageId` nor a `imageIdOverride` parameter is specified, then the latest Amazon EKS optimized AMI for that image type that AWS Batch supports is used.\n\n- **EKS_AL2** - [Amazon Linux 2](https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html) : Default for all non-GPU instance families.\n- **EKS_AL2_NVIDIA** - [Amazon Linux 2 (accelerated)](https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html) : Default for all GPU instance families (for example, `P4` and `G4` ) and can be used for all non AWS Graviton-based instance types." + "ImageType": "The image type to match with the instance type to select an AMI. The supported values are different for `ECS` and `EKS` resources.\n\n- **ECS** - If the `imageIdOverride` parameter isn't specified, then a recent [Amazon ECS-optimized Amazon Linux 2 AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html#al2ami) ( `ECS_AL2` ) is used. If a new image type is specified in an update, but neither an `imageId` nor a `imageIdOverride` parameter is specified, then the latest Amazon ECS optimized AMI for that image type that's supported by AWS Batch is used.\n\n- **ECS_AL2** - [Amazon Linux 2](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html#al2ami) : Default for all non-GPU instance families.\n- **ECS_AL2_NVIDIA** - [Amazon Linux 2 (GPU)](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html#gpuami) : Default for all GPU instance families (for example `P4` and `G4` ) and can be used for all non AWS Graviton-based instance types.\n- **ECS_AL2023** - [Amazon Linux 2023](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) : AWS Batch supports Amazon Linux 2023.\n\n> Amazon Linux 2023 does not support `A1` instances.\n- **ECS_AL1** - [Amazon Linux](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html#alami) . Amazon Linux has reached the end-of-life of standard support. For more information, see [Amazon Linux AMI](https://docs.aws.amazon.com/amazon-linux-ami/) .\n- **EKS** - If the `imageIdOverride` parameter isn't specified, then a recent [Amazon EKS-optimized Amazon Linux AMI](https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html) ( `EKS_AL2` ) is used. If a new image type is specified in an update, but neither an `imageId` nor a `imageIdOverride` parameter is specified, then the latest Amazon EKS optimized AMI for that image type that AWS Batch supports is used.\n\n- **EKS_AL2** - [Amazon Linux 2](https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html) : Default for all non-GPU instance families.\n- **EKS_AL2_NVIDIA** - [Amazon Linux 2 (accelerated)](https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html) : Default for all GPU instance families (for example, `P4` and `G4` ) and can be used for all non AWS Graviton-based instance types.\n- **EKS_AL2023** - [Amazon Linux 2023](https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html) : AWS Batch supports Amazon Linux 2023.\n\n> Amazon Linux 2023 does not support `A1` instances.\n- **EKS_AL2023_NVIDIA** - [Amazon Linux 2023 (accelerated)](https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html) : GPU instance families and can be used for all non AWS Graviton-based instance types." }, "AWS::Batch::ComputeEnvironment EksConfiguration": { "EksClusterArn": "The Amazon Resource Name (ARN) of the Amazon EKS cluster. An example is `arn: *aws* :eks: *us-east-1* : *123456789012* :cluster/ *ClusterForBatch*` .", @@ -4913,12 +4997,14 @@ "LaunchTemplateId": "The ID of the launch template.", "LaunchTemplateName": "The name of the launch template.", "Overrides": "A launch template to use in place of the default launch template. You must specify either the launch template ID or launch template name in the request, but not both.\n\nYou can specify up to ten (10) launch template overrides that are associated to unique instance types or families for each compute environment.\n\n> To unset all override templates for a compute environment, you can pass an empty array to the [UpdateComputeEnvironment.overrides](https://docs.aws.amazon.com/batch/latest/APIReference/API_UpdateComputeEnvironment.html) parameter, or not include the `overrides` parameter when submitting the `UpdateComputeEnvironment` API operation.", + "UserdataType": "The EKS node initialization process to use. You only need to specify this value if you are using a custom AMI. The default value is `EKS_BOOTSTRAP_SH` . If *imageType* is a custom AMI based on EKS_AL2023 or EKS_AL2023_NVIDIA then you must choose `EKS_NODEADM` .", "Version": "The version number of the launch template, `$Default` , or `$Latest` .\n\nIf the value is `$Default` , the default version of the launch template is used. If the value is `$Latest` , the latest version of the launch template is used.\n\n> If the AMI ID that's used in a compute environment is from the launch template, the AMI isn't changed when the compute environment is updated. It's only changed if the `updateToLatestImageVersion` parameter for the compute environment is set to `true` . During an infrastructure update, if either `$Default` or `$Latest` is specified, AWS Batch re-evaluates the launch template version, and it might use a different version of the launch template. This is the case even if the launch template isn't specified in the update. When updating a compute environment, changing the launch template requires an infrastructure update of the compute environment. For more information, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the *AWS Batch User Guide* . \n\nDefault: `$Default`\n\nLatest: `$Latest`" }, "AWS::Batch::ComputeEnvironment LaunchTemplateSpecificationOverride": { "LaunchTemplateId": "The ID of the launch template.\n\n*Note:* If you specify the `launchTemplateId` you can't specify the `launchTemplateName` as well.", "LaunchTemplateName": "The name of the launch template.\n\n*Note:* If you specify the `launchTemplateName` you can't specify the `launchTemplateId` as well.", "TargetInstanceTypes": "The instance type or family that this override launch template should be applied to.\n\nThis parameter is required when defining a launch template override.\n\nInformation included in this parameter must meet the following requirements:\n\n- Must be a valid Amazon EC2 instance type or family.\n- `optimal` isn't allowed.\n- `targetInstanceTypes` can target only instance types and families that are included within the [`ComputeResource.instanceTypes`](https://docs.aws.amazon.com/batch/latest/APIReference/API_ComputeResource.html#Batch-Type-ComputeResource-instanceTypes) set. `targetInstanceTypes` doesn't need to include all of the instances from the `instanceType` set, but at least a subset. For example, if `ComputeResource.instanceTypes` includes `[m5, g5]` , `targetInstanceTypes` can include `[m5.2xlarge]` and `[m5.large]` but not `[c5.large]` .\n- `targetInstanceTypes` included within the same launch template override or across launch template overrides can't overlap for the same compute environment. For example, you can't define one launch template override to target an instance family and another define an instance type within this same family.", + "UserdataType": "The EKS node initialization process to use. You only need to specify this value if you are using a custom AMI. The default value is `EKS_BOOTSTRAP_SH` . If *imageType* is a custom AMI based on EKS_AL2023 or EKS_AL2023_NVIDIA then you must choose `EKS_NODEADM` .", "Version": "The version number of the launch template, `$Default` , or `$Latest` .\n\nIf the value is `$Default` , the default version of the launch template is used. If the value is `$Latest` , the latest version of the launch template is used.\n\n> If the AMI ID that's used in a compute environment is from the launch template, the AMI isn't changed when the compute environment is updated. It's only changed if the `updateToLatestImageVersion` parameter for the compute environment is set to `true` . During an infrastructure update, if either `$Default` or `$Latest` is specified, AWS Batch re-evaluates the launch template version, and it might use a different version of the launch template. This is the case even if the launch template isn't specified in the update. When updating a compute environment, changing the launch template requires an infrastructure update of the compute environment. For more information, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the *AWS Batch User Guide* . \n\nDefault: `$Default`\n\nLatest: `$Latest`" }, "AWS::Batch::ComputeEnvironment UpdatePolicy": { @@ -5665,7 +5751,7 @@ "AWS::Bedrock::DataSource S3DataSourceConfiguration": { "BucketArn": "The Amazon Resource Name (ARN) of the S3 bucket that contains your data.", "BucketOwnerAccountId": "The account ID for the owner of the S3 bucket.", - "InclusionPrefixes": "A list of S3 prefixes to include certain files or content. For more information, see [Organizing objects using prefixes](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-prefixes.html) ." + "InclusionPrefixes": "A list of S3 prefixes to include certain files or content. This field is an array with a maximum of one item, which can contain a string that has a maximum length of 300 characters. For more information, see [Organizing objects using prefixes](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-prefixes.html) ." }, "AWS::Bedrock::DataSource S3Location": { "URI": "An object URI starting with `s3://` ." @@ -5765,7 +5851,7 @@ "Conditions": "An array of conditions. Each member contains the name of a condition and an expression that defines the condition." }, "AWS::Bedrock::Flow FieldForReranking": { - "FieldName": "The name of a metadata field to include in or exclude from consideration when reranking." + "FieldName": "The name of the metadata field to be used during the reranking process." }, "AWS::Bedrock::Flow FlowCondition": { "Expression": "Defines the condition. You must refer to at least one of the inputs in the condition. For more information, expand the Condition node section in [Node types in prompt flows](https://docs.aws.amazon.com/bedrock/latest/userguide/flows-how-it-works.html#flows-nodes) .", @@ -5873,8 +5959,8 @@ "Definition": "The definition of the DoWhile loop nodes and connections between nodes in the flow." }, "AWS::Bedrock::Flow MetadataConfigurationForReranking": { - "SelectionMode": "Specifies whether to consider all metadata when reranking, or only the metadata that you select. If you specify `SELECTIVE` , include the `selectiveModeConfiguration` field.", - "SelectiveModeConfiguration": "Contains configurations for the metadata fields to include or exclude when considering reranking." + "SelectionMode": "The mode for selecting which metadata fields to include in the reranking process. Valid values are ALL (use all available metadata fields) or SELECTIVE (use only specified fields).", + "SelectiveModeConfiguration": "Configuration for selective mode, which allows you to explicitly include or exclude specific metadata fields during reranking. This is only used when selectionMode is set to SELECTIVE." }, "AWS::Bedrock::Flow PerformanceConfiguration": { "Latency": "To use a latency-optimized version of the model, set to `optimized` ." @@ -5912,8 +5998,8 @@ "Text": "Contains configurations for the text in a message for a prompt." }, "AWS::Bedrock::Flow RerankingMetadataSelectiveModeConfiguration": { - "FieldsToExclude": "An array of objects, each of which specifies a metadata field to exclude from consideration when reranking.", - "FieldsToInclude": "An array of objects, each of which specifies a metadata field to include in consideration when reranking. The remaining metadata fields are ignored." + "FieldsToExclude": "A list of metadata field names to explicitly exclude from the reranking process. All metadata fields except these will be considered when reordering search results. This parameter cannot be used together with fieldsToInclude.", + "FieldsToInclude": "A list of metadata field names to explicitly include in the reranking process. Only these fields will be considered when reordering search results. This parameter cannot be used together with fieldsToExclude." }, "AWS::Bedrock::Flow RetrievalFlowNodeConfiguration": { "ServiceConfiguration": "Contains configurations for the service to use for retrieving data to return as the output from the node." @@ -5943,17 +6029,17 @@ "Text": "The message for the prompt." }, "AWS::Bedrock::Flow VectorSearchBedrockRerankingConfiguration": { - "MetadataConfiguration": "Contains configurations for the metadata to use in reranking.", - "ModelConfiguration": "Contains configurations for the reranker model.", - "NumberOfRerankedResults": "The number of results to return after reranking." + "MetadataConfiguration": "Configuration for how document metadata should be used during the reranking process. This determines which metadata fields are included when reordering search results.", + "ModelConfiguration": "Configuration for the Amazon Bedrock foundation model used for reranking. This includes the model ARN and any additional request fields required by the model.", + "NumberOfRerankedResults": "The maximum number of results to rerank. This limits how many of the initial vector search results will be processed by the reranking model. A smaller number improves performance but may exclude potentially relevant results." }, "AWS::Bedrock::Flow VectorSearchBedrockRerankingModelConfiguration": { - "AdditionalModelRequestFields": "A JSON object whose keys are request fields for the model and whose values are values for those fields.", - "ModelArn": "The ARN of the reranker model to use." + "AdditionalModelRequestFields": "A list of additional fields to include in the model request during reranking. These fields provide extra context or configuration options specific to the selected foundation model.", + "ModelArn": "The Amazon Resource Name (ARN) of the foundation model to use for reranking. This model processes the query and search results to determine a more relevant ordering." }, "AWS::Bedrock::Flow VectorSearchRerankingConfiguration": { - "BedrockRerankingConfiguration": "Contains configurations for an Amazon Bedrock reranker model.", - "Type": "The type of reranker model." + "BedrockRerankingConfiguration": "Configuration for using Amazon Bedrock foundation models to rerank search results. This is required when the reranking type is set to BEDROCK.", + "Type": "The type of reranking to apply to vector search results. Currently, the only supported value is BEDROCK, which uses Amazon Bedrock foundation models for reranking." }, "AWS::Bedrock::FlowAlias": { "ConcurrencyConfiguration": "The configuration that specifies how nodes in the flow are executed concurrently.", @@ -5981,7 +6067,7 @@ "Conditions": "An array of conditions. Each member contains the name of a condition and an expression that defines the condition." }, "AWS::Bedrock::FlowVersion FieldForReranking": { - "FieldName": "The name of a metadata field to include in or exclude from consideration when reranking." + "FieldName": "The name of the metadata field to be used during the reranking process." }, "AWS::Bedrock::FlowVersion FlowCondition": { "Expression": "Defines the condition. You must refer to at least one of the inputs in the condition. For more information, expand the Condition node section in [Node types in prompt flows](https://docs.aws.amazon.com/bedrock/latest/userguide/flows-how-it-works.html#flows-nodes) .", @@ -6085,8 +6171,8 @@ "Definition": "The definition of the DoWhile loop nodes and connections between nodes in the flow." }, "AWS::Bedrock::FlowVersion MetadataConfigurationForReranking": { - "SelectionMode": "Specifies whether to consider all metadata when reranking, or only the metadata that you select. If you specify `SELECTIVE` , include the `selectiveModeConfiguration` field.", - "SelectiveModeConfiguration": "Contains configurations for the metadata fields to include or exclude when considering reranking." + "SelectionMode": "The mode for selecting which metadata fields to include in the reranking process. Valid values are ALL (use all available metadata fields) or SELECTIVE (use only specified fields).", + "SelectiveModeConfiguration": "Configuration for selective mode, which allows you to explicitly include or exclude specific metadata fields during reranking. This is only used when selectionMode is set to SELECTIVE." }, "AWS::Bedrock::FlowVersion PerformanceConfiguration": { "Latency": "To use a latency-optimized version of the model, set to `optimized` ." @@ -6124,8 +6210,8 @@ "Text": "Contains configurations for the text in a message for a prompt." }, "AWS::Bedrock::FlowVersion RerankingMetadataSelectiveModeConfiguration": { - "FieldsToExclude": "An array of objects, each of which specifies a metadata field to exclude from consideration when reranking.", - "FieldsToInclude": "An array of objects, each of which specifies a metadata field to include in consideration when reranking. The remaining metadata fields are ignored." + "FieldsToExclude": "A list of metadata field names to explicitly exclude from the reranking process. All metadata fields except these will be considered when reordering search results. This parameter cannot be used together with fieldsToInclude.", + "FieldsToInclude": "A list of metadata field names to explicitly include in the reranking process. Only these fields will be considered when reordering search results. This parameter cannot be used together with fieldsToExclude." }, "AWS::Bedrock::FlowVersion RetrievalFlowNodeConfiguration": { "ServiceConfiguration": "Contains configurations for the service to use for retrieving data to return as the output from the node." @@ -6150,23 +6236,24 @@ "Text": "The message for the prompt." }, "AWS::Bedrock::FlowVersion VectorSearchBedrockRerankingConfiguration": { - "MetadataConfiguration": "Contains configurations for the metadata to use in reranking.", - "ModelConfiguration": "Contains configurations for the reranker model.", - "NumberOfRerankedResults": "The number of results to return after reranking." + "MetadataConfiguration": "Configuration for how document metadata should be used during the reranking process. This determines which metadata fields are included when reordering search results.", + "ModelConfiguration": "Configuration for the Amazon Bedrock foundation model used for reranking. This includes the model ARN and any additional request fields required by the model.", + "NumberOfRerankedResults": "The maximum number of results to rerank. This limits how many of the initial vector search results will be processed by the reranking model. A smaller number improves performance but may exclude potentially relevant results." }, "AWS::Bedrock::FlowVersion VectorSearchBedrockRerankingModelConfiguration": { - "AdditionalModelRequestFields": "A JSON object whose keys are request fields for the model and whose values are values for those fields.", - "ModelArn": "The ARN of the reranker model to use." + "AdditionalModelRequestFields": "A list of additional fields to include in the model request during reranking. These fields provide extra context or configuration options specific to the selected foundation model.", + "ModelArn": "The Amazon Resource Name (ARN) of the foundation model to use for reranking. This model processes the query and search results to determine a more relevant ordering." }, "AWS::Bedrock::FlowVersion VectorSearchRerankingConfiguration": { - "BedrockRerankingConfiguration": "Contains configurations for an Amazon Bedrock reranker model.", - "Type": "The type of reranker model." + "BedrockRerankingConfiguration": "Configuration for using Amazon Bedrock foundation models to rerank search results. This is required when the reranking type is set to BEDROCK.", + "Type": "The type of reranking to apply to vector search results. Currently, the only supported value is BEDROCK, which uses Amazon Bedrock foundation models for reranking." }, "AWS::Bedrock::Guardrail": { "BlockedInputMessaging": "The message to return when the guardrail blocks a prompt.", "BlockedOutputsMessaging": "The message to return when the guardrail blocks a model response.", "ContentPolicyConfig": "The content filter policies to configure for the guardrail.", "ContextualGroundingPolicyConfig": "", + "CrossRegionConfig": "The system-defined guardrail profile that you're using with your guardrail. Guardrail profiles define the destination AWS Regions where guardrail inference requests can be automatically routed. Using guardrail profiles helps maintain guardrail performance and reliability when demand increases.\n\nFor more information, see the [Amazon Bedrock User Guide](https://docs.aws.amazon.com/bedrock/latest/userguide/guardrails-cross-region.html) .", "Description": "A description of the guardrail.", "KmsKeyArn": "The ARN of the AWS KMS key that you use to encrypt the guardrail.", "Name": "The name of the guardrail.", @@ -6176,51 +6263,58 @@ "WordPolicyConfig": "The word policy you configure for the guardrail." }, "AWS::Bedrock::Guardrail ContentFilterConfig": { - "InputAction": "", - "InputEnabled": "", - "InputModalities": "", + "InputAction": "Specifies the action to take when harmful content is detected. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "InputEnabled": "Specifies whether to enable guardrail evaluation on the input. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "InputModalities": "The input modalities selected for the guardrail content filter configuration.", "InputStrength": "The strength of the content filter to apply to prompts. As you increase the filter strength, the likelihood of filtering harmful content increases and the probability of seeing harmful content in your application reduces.", - "OutputAction": "", - "OutputEnabled": "", - "OutputModalities": "", + "OutputAction": "Specifies the action to take when harmful content is detected in the output. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "OutputEnabled": "Specifies whether to enable guardrail evaluation on the output. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "OutputModalities": "The output modalities selected for the guardrail content filter configuration.", "OutputStrength": "The strength of the content filter to apply to model responses. As you increase the filter strength, the likelihood of filtering harmful content increases and the probability of seeing harmful content in your application reduces.", "Type": "The harmful category that the content filter is applied to." }, + "AWS::Bedrock::Guardrail ContentFiltersTierConfig": { + "TierName": "The tier that your guardrail uses for content filters. Valid values include:\n\n- `CLASSIC` tier \u2013 Provides established guardrails functionality supporting English, French, and Spanish languages.\n- `STANDARD` tier \u2013 Provides a more robust solution than the `CLASSIC` tier and has more comprehensive language support. This tier requires that your guardrail use [cross-Region inference](https://docs.aws.amazon.com/bedrock/latest/userguide/guardrails-cross-region.html) ." + }, "AWS::Bedrock::Guardrail ContentPolicyConfig": { + "ContentFiltersTierConfig": "The tier that your guardrail uses for content filters. Consider using a tier that balances performance, accuracy, and compatibility with your existing generative AI workflows.", "FiltersConfig": "Contains the type of the content filter and how strongly it should apply to prompts and model responses." }, "AWS::Bedrock::Guardrail ContextualGroundingFilterConfig": { - "Action": "", - "Enabled": "", + "Action": "Specifies the action to take when content fails the contextual grounding evaluation. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "Enabled": "Specifies whether to enable contextual grounding evaluation. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", "Threshold": "The threshold details for the guardrails contextual grounding filter.", "Type": "The filter details for the guardrails contextual grounding filter." }, "AWS::Bedrock::Guardrail ContextualGroundingPolicyConfig": { "FiltersConfig": "" }, + "AWS::Bedrock::Guardrail GuardrailCrossRegionConfig": { + "GuardrailProfileArn": "The Amazon Resource Name (ARN) of the guardrail profile that your guardrail is using. Guardrail profile availability depends on your current AWS Region . For more information, see the [Amazon Bedrock User Guide](https://docs.aws.amazon.com/bedrock/latest/userguide/guardrails-cross-region-support.html) ." + }, "AWS::Bedrock::Guardrail ManagedWordsConfig": { - "InputAction": "", - "InputEnabled": "", - "OutputAction": "", - "OutputEnabled": "", + "InputAction": "Specifies the action to take when harmful content is detected in the input. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "InputEnabled": "Specifies whether to enable guardrail evaluation on the input. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "OutputAction": "Specifies the action to take when harmful content is detected in the output. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "OutputEnabled": "Specifies whether to enable guardrail evaluation on the output. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", "Type": "The managed word type to configure for the guardrail." }, "AWS::Bedrock::Guardrail PiiEntityConfig": { "Action": "Configure guardrail action when the PII entity is detected.", - "InputAction": "", - "InputEnabled": "", - "OutputAction": "", - "OutputEnabled": "", + "InputAction": "Specifies the action to take when harmful content is detected in the input. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `ANONYMIZE` \u2013 Mask the content and replace it with identifier tags.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "InputEnabled": "Specifies whether to enable guardrail evaluation on the input. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "OutputAction": "Specifies the action to take when harmful content is detected in the output. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `ANONYMIZE` \u2013 Mask the content and replace it with identifier tags.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "OutputEnabled": "Indicates whether guardrail evaluation is enabled on the output. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", "Type": "Configure guardrail type when the PII entity is detected.\n\nThe following PIIs are used to block or mask sensitive information:\n\n- *General*\n\n- *ADDRESS*\n\nA physical address, such as \"100 Main Street, Anytown, USA\" or \"Suite #12, Building 123\". An address can include information such as the street, building, location, city, state, country, county, zip code, precinct, and neighborhood.\n- *AGE*\n\nAn individual's age, including the quantity and unit of time. For example, in the phrase \"I am 40 years old,\" Guardrails recognizes \"40 years\" as an age.\n- *NAME*\n\nAn individual's name. This entity type does not include titles, such as Dr., Mr., Mrs., or Miss. guardrails doesn't apply this entity type to names that are part of organizations or addresses. For example, guardrails recognizes the \"John Doe Organization\" as an organization, and it recognizes \"Jane Doe Street\" as an address.\n- *EMAIL*\n\nAn email address, such as *marymajor@email.com* .\n- *PHONE*\n\nA phone number. This entity type also includes fax and pager numbers.\n- *USERNAME*\n\nA user name that identifies an account, such as a login name, screen name, nick name, or handle.\n- *PASSWORD*\n\nAn alphanumeric string that is used as a password, such as \"* *very20special#pass** \".\n- *DRIVER_ID*\n\nThe number assigned to a driver's license, which is an official document permitting an individual to operate one or more motorized vehicles on a public road. A driver's license number consists of alphanumeric characters.\n- *LICENSE_PLATE*\n\nA license plate for a vehicle is issued by the state or country where the vehicle is registered. The format for passenger vehicles is typically five to eight digits, consisting of upper-case letters and numbers. The format varies depending on the location of the issuing state or country.\n- *VEHICLE_IDENTIFICATION_NUMBER*\n\nA Vehicle Identification Number (VIN) uniquely identifies a vehicle. VIN content and format are defined in the *ISO 3779* specification. Each country has specific codes and formats for VINs.\n- *Finance*\n\n- *CREDIT_DEBIT_CARD_CVV*\n\nA three-digit card verification code (CVV) that is present on VISA, MasterCard, and Discover credit and debit cards. For American Express credit or debit cards, the CVV is a four-digit numeric code.\n- *CREDIT_DEBIT_CARD_EXPIRY*\n\nThe expiration date for a credit or debit card. This number is usually four digits long and is often formatted as *month/year* or *MM/YY* . Guardrails recognizes expiration dates such as *01/21* , *01/2021* , and *Jan 2021* .\n- *CREDIT_DEBIT_CARD_NUMBER*\n\nThe number for a credit or debit card. These numbers can vary from 13 to 16 digits in length. However, Amazon Comprehend also recognizes credit or debit card numbers when only the last four digits are present.\n- *PIN*\n\nA four-digit personal identification number (PIN) with which you can access your bank account.\n- *INTERNATIONAL_BANK_ACCOUNT_NUMBER*\n\nAn International Bank Account Number has specific formats in each country. For more information, see [www.iban.com/structure](https://docs.aws.amazon.com/https://www.iban.com/structure) .\n- *SWIFT_CODE*\n\nA SWIFT code is a standard format of Bank Identifier Code (BIC) used to specify a particular bank or branch. Banks use these codes for money transfers such as international wire transfers.\n\nSWIFT codes consist of eight or 11 characters. The 11-digit codes refer to specific branches, while eight-digit codes (or 11-digit codes ending in 'XXX') refer to the head or primary office.\n- *IT*\n\n- *IP_ADDRESS*\n\nAn IPv4 address, such as *198.51.100.0* .\n- *MAC_ADDRESS*\n\nA *media access control* (MAC) address is a unique identifier assigned to a network interface controller (NIC).\n- *URL*\n\nA web address, such as *www.example.com* .\n- *AWS_ACCESS_KEY*\n\nA unique identifier that's associated with a secret access key; you use the access key ID and secret access key to sign programmatic AWS requests cryptographically.\n- *AWS_SECRET_KEY*\n\nA unique identifier that's associated with an access key. You use the access key ID and secret access key to sign programmatic AWS requests cryptographically.\n- *USA specific*\n\n- *US_BANK_ACCOUNT_NUMBER*\n\nA US bank account number, which is typically 10 to 12 digits long.\n- *US_BANK_ROUTING_NUMBER*\n\nA US bank account routing number. These are typically nine digits long,\n- *US_INDIVIDUAL_TAX_IDENTIFICATION_NUMBER*\n\nA US Individual Taxpayer Identification Number (ITIN) is a nine-digit number that starts with a \"9\" and contain a \"7\" or \"8\" as the fourth digit. An ITIN can be formatted with a space or a dash after the third and forth digits.\n- *US_PASSPORT_NUMBER*\n\nA US passport number. Passport numbers range from six to nine alphanumeric characters.\n- *US_SOCIAL_SECURITY_NUMBER*\n\nA US Social Security Number (SSN) is a nine-digit number that is issued to US citizens, permanent residents, and temporary working residents.\n- *Canada specific*\n\n- *CA_HEALTH_NUMBER*\n\nA Canadian Health Service Number is a 10-digit unique identifier, required for individuals to access healthcare benefits.\n- *CA_SOCIAL_INSURANCE_NUMBER*\n\nA Canadian Social Insurance Number (SIN) is a nine-digit unique identifier, required for individuals to access government programs and benefits.\n\nThe SIN is formatted as three groups of three digits, such as *123-456-789* . A SIN can be validated through a simple check-digit process called the [Luhn algorithm](https://docs.aws.amazon.com/https://www.wikipedia.org/wiki/Luhn_algorithm) .\n- *UK Specific*\n\n- *UK_NATIONAL_HEALTH_SERVICE_NUMBER*\n\nA UK National Health Service Number is a 10-17 digit number, such as *485 777 3456* . The current system formats the 10-digit number with spaces after the third and sixth digits. The final digit is an error-detecting checksum.\n- *UK_NATIONAL_INSURANCE_NUMBER*\n\nA UK National Insurance Number (NINO) provides individuals with access to National Insurance (social security) benefits. It is also used for some purposes in the UK tax system.\n\nThe number is nine digits long and starts with two letters, followed by six numbers and one letter. A NINO can be formatted with a space or a dash after the two letters and after the second, forth, and sixth digits.\n- *UK_UNIQUE_TAXPAYER_REFERENCE_NUMBER*\n\nA UK Unique Taxpayer Reference (UTR) is a 10-digit number that identifies a taxpayer or a business.\n- *Custom*\n\n- *Regex filter* - You can use a regular expressions to define patterns for a guardrail to recognize and act upon such as serial number, booking ID etc.." }, "AWS::Bedrock::Guardrail RegexConfig": { "Action": "The guardrail action to configure when matching regular expression is detected.", "Description": "The description of the regular expression to configure for the guardrail.", - "InputAction": "", - "InputEnabled": "", + "InputAction": "Specifies the action to take when harmful content is detected in the input. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "InputEnabled": "Specifies whether to enable guardrail evaluation on the input. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", "Name": "The name of the regular expression to configure for the guardrail.", - "OutputAction": "", - "OutputEnabled": "", + "OutputAction": "Specifies the action to take when harmful content is detected in the output. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "OutputEnabled": "Specifies whether to enable guardrail evaluation on the output. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", "Pattern": "The regular expression pattern to configure for the guardrail." }, "AWS::Bedrock::Guardrail SensitiveInformationPolicyConfig": { @@ -6234,21 +6328,25 @@ "AWS::Bedrock::Guardrail TopicConfig": { "Definition": "A definition of the topic to deny.", "Examples": "A list of prompts, each of which is an example of a prompt that can be categorized as belonging to the topic.", - "InputAction": "", - "InputEnabled": "", + "InputAction": "Specifies the action to take when harmful content is detected in the input. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "InputEnabled": "Specifies whether to enable guardrail evaluation on the input. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", "Name": "The name of the topic to deny.", - "OutputAction": "", - "OutputEnabled": "", + "OutputAction": "Specifies the action to take when harmful content is detected in the output. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "OutputEnabled": "Specifies whether to enable guardrail evaluation on the output. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", "Type": "Specifies to deny the topic." }, "AWS::Bedrock::Guardrail TopicPolicyConfig": { - "TopicsConfig": "A list of policies related to topics that the guardrail should deny." + "TopicsConfig": "A list of policies related to topics that the guardrail should deny.", + "TopicsTierConfig": "The tier that your guardrail uses for denied topic filters." + }, + "AWS::Bedrock::Guardrail TopicsTierConfig": { + "TierName": "The tier that your guardrail uses for denied topic filters. Valid values include:\n\n- `CLASSIC` tier \u2013 Provides established guardrails functionality supporting English, French, and Spanish languages.\n- `STANDARD` tier \u2013 Provides a more robust solution than the `CLASSIC` tier and has more comprehensive language support. This tier requires that your guardrail use [cross-Region inference](https://docs.aws.amazon.com/bedrock/latest/userguide/guardrails-cross-region.html) ." }, "AWS::Bedrock::Guardrail WordConfig": { - "InputAction": "", - "InputEnabled": "", - "OutputAction": "", - "OutputEnabled": "", + "InputAction": "Specifies the action to take when harmful content is detected in the input. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "InputEnabled": "Specifies whether to enable guardrail evaluation on the intput. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "OutputAction": "Specifies the action to take when harmful content is detected in the output. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "OutputEnabled": "Specifies whether to enable guardrail evaluation on the output. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", "Text": "Text of the word configured for the guardrail to block." }, "AWS::Bedrock::Guardrail WordPolicyConfig": { @@ -6544,7 +6642,7 @@ "AWS::Bedrock::Prompt ToolChoice": { "Any": "The model must request at least one tool (no text is generated).", "Auto": "(Default). The Model automatically decides if a tool should be called or whether to generate text instead.", - "Tool": "The Model must request the specified tool. Only supported by Anthropic Claude 3 models." + "Tool": "The Model must request the specified tool. Only supported by Anthropic Claude 3 and Amazon Nova models." }, "AWS::Bedrock::Prompt ToolConfiguration": { "ToolChoice": "If supported by model, forces the model to request a tool.", @@ -6635,7 +6733,7 @@ "AWS::Bedrock::PromptVersion ToolChoice": { "Any": "The model must request at least one tool (no text is generated).", "Auto": "(Default). The Model automatically decides if a tool should be called or whether to generate text instead.", - "Tool": "The Model must request the specified tool. Only supported by Anthropic Claude 3 models." + "Tool": "The Model must request the specified tool. Only supported by Anthropic Claude 3 and Amazon Nova models." }, "AWS::Bedrock::PromptVersion ToolConfiguration": { "ToolChoice": "If supported by model, forces the model to request a tool.", @@ -6649,6 +6747,29 @@ "InputSchema": "The input schema for the tool in JSON format.", "Name": "The name for the tool." }, + "AWS::Billing::BillingView": { + "DataFilterExpression": "See [Expression](https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_billing_Expression.html) . Billing view only supports `LINKED_ACCOUNT` and `Tags` .", + "Description": "The description of the billing view.", + "Name": "The name of the billing view.", + "SourceViews": "A list of billing views used as the data source for the custom billing view.", + "Tags": "A list of key value map specifying tags associated to the billing view being created." + }, + "AWS::Billing::BillingView DataFilterExpression": { + "Dimensions": "The specific `Dimension` to use for `Expression` .", + "Tags": "The specific `Tag` to use for `Expression` ." + }, + "AWS::Billing::BillingView Dimensions": { + "Key": "The key that's associated with the tag.", + "Values": "The metadata that you can use to filter and group your results." + }, + "AWS::Billing::BillingView Tag": { + "Key": "A list of tag key value pairs that are associated with the resource.", + "Value": "The metadata that you can use to filter and group your results." + }, + "AWS::Billing::BillingView Tags": { + "Key": "A list of tag key value pairs that are associated with the resource.", + "Values": "The metadata values that you can use to filter and group your results." + }, "AWS::BillingConductor::BillingGroup": { "AccountGrouping": "The set of accounts that will be under the billing group. The set of accounts resemble the linked accounts in a consolidated billing family.", "ComputationPreference": "The preferences and settings that will be used to compute the AWS charges for a billing group.", @@ -6938,6 +7059,7 @@ "AWS::Cassandra::Table": { "AutoScalingSpecifications": "The optional auto scaling capacity settings for a table in provisioned capacity mode.", "BillingMode": "The billing mode for the table, which determines how you'll be charged for reads and writes:\n\n- *On-demand mode* (default) - You pay based on the actual reads and writes your application performs.\n- *Provisioned mode* - Lets you specify the number of reads and writes per second that you need for your application.\n\nIf you don't specify a value for this property, then the table will use on-demand mode.", + "CdcSpecification": "The settings for the CDC stream of a table. For more information about CDC streams, see [Working with change data capture (CDC) streams in Amazon Keyspaces](https://docs.aws.amazon.com/keyspaces/latest/devguide/cdc.html) in the *Amazon Keyspaces Developer Guide* .", "ClientSideTimestampsEnabled": "Enables client-side timestamps for the table. By default, the setting is disabled. You can enable client-side timestamps with the following option:\n\n- `status: \"enabled\"`\n\nAfter client-side timestamps are enabled for a table, you can't disable this setting.", "ClusteringKeyColumns": "One or more columns that determine how the table data is sorted.", "DefaultTimeToLive": "The default Time To Live (TTL) value for all rows in a table in seconds. The maximum configurable value is 630,720,000 seconds, which is the equivalent of 20 years. By default, the TTL value for a table is 0, which means data does not expire.\n\nFor more information, see [Setting the default TTL value for a table](https://docs.aws.amazon.com/keyspaces/latest/devguide/TTL-how-it-works.html#ttl-howitworks_default_ttl) in the *Amazon Keyspaces Developer Guide* .", @@ -6964,6 +7086,11 @@ "Mode": "The billing mode for the table:\n\n- On-demand mode - `ON_DEMAND`\n- Provisioned mode - `PROVISIONED`\n\n> If you choose `PROVISIONED` mode, then you also need to specify provisioned throughput (read and write capacity) for the table.\n\nValid values: `ON_DEMAND` | `PROVISIONED`", "ProvisionedThroughput": "The provisioned read capacity and write capacity for the table. For more information, see [Provisioned throughput capacity mode](https://docs.aws.amazon.com/keyspaces/latest/devguide/ReadWriteCapacityMode.html#ReadWriteCapacityMode.Provisioned) in the *Amazon Keyspaces Developer Guide* ." }, + "AWS::Cassandra::Table CdcSpecification": { + "Status": "The status of the CDC stream. You can enable or disable a stream for a table.", + "Tags": "The tags (key-value pairs) that you want to apply to the stream.", + "ViewType": "The view type specifies the changes Amazon Keyspaces records for each changed row in the stream. After you create the stream, you can't make changes to this selection.\n\nThe options are:\n\n- `NEW_AND_OLD_IMAGES` - both versions of the row, before and after the change. This is the default.\n- `NEW_IMAGE` - the version of the row after the change.\n- `OLD_IMAGE` - the version of the row before the change.\n- `KEYS_ONLY` - the partition and clustering keys of the row that was changed." + }, "AWS::Cassandra::Table ClusteringKeyColumn": { "Column": "The name and data type of this clustering key column.", "OrderBy": "The order in which this column's data is stored:\n\n- `ASC` (default) - The column's data is stored in ascending order.\n- `DESC` - The column's data is stored in descending order." @@ -7015,10 +7142,11 @@ }, "AWS::CertificateManager::Certificate": { "CertificateAuthorityArn": "The Amazon Resource Name (ARN) of the private certificate authority (CA) that will be used to issue the certificate. If you do not provide an ARN and you are trying to request a private certificate, ACM will attempt to issue a public certificate. For more information about private CAs, see the [AWS Private Certificate Authority](https://docs.aws.amazon.com/privateca/latest/userguide/PcaWelcome.html) user guide. The ARN must have the following form:\n\n`arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012`", + "CertificateExport": "You can opt out of allowing export of your certificate by specifying the `DISABLED` option. Allow export of your certificate by specifying the `ENABLED` option.\n\nIf you do not specify an export preference in a new CloudFormation template, it is the same as explicitly denying export of your certificate.", "CertificateTransparencyLoggingPreference": "You can opt out of certificate transparency logging by specifying the `DISABLED` option. Opt in by specifying `ENABLED` .\n\nIf you do not specify a certificate transparency logging preference on a new CloudFormation template, or if you remove the logging preference from an existing template, this is the same as explicitly enabling the preference.\n\nChanging the certificate transparency logging preference will update the existing resource by calling `UpdateCertificateOptions` on the certificate. This action will not create a new resource.", "DomainName": "The fully qualified domain name (FQDN), such as www.example.com, with which you want to secure an ACM certificate. Use an asterisk (*) to create a wildcard certificate that protects several sites in the same domain. For example, `*.example.com` protects `www.example.com` , `site.example.com` , and `images.example.com.`", "DomainValidationOptions": "Domain information that domain name registrars use to verify your identity.\n\n> In order for a AWS::CertificateManager::Certificate to be provisioned and validated in CloudFormation automatically, the `DomainName` property needs to be identical to one of the `DomainName` property supplied in DomainValidationOptions, if the ValidationMethod is **DNS**. Failing to keep them like-for-like will result in failure to create the domain validation records in Route53.", - "KeyAlgorithm": "Specifies the algorithm of the public and private key pair that your certificate uses to encrypt data. RSA is the default key algorithm for ACM certificates. Elliptic Curve Digital Signature Algorithm (ECDSA) keys are smaller, offering security comparable to RSA keys but with greater computing efficiency. However, ECDSA is not supported by all network clients. Some AWS services may require RSA keys, or only support ECDSA keys of a particular size, while others allow the use of either RSA and ECDSA keys to ensure that compatibility is not broken. Check the requirements for the AWS service where you plan to deploy your certificate. For more information about selecting an algorithm, see [Key algorithms](https://docs.aws.amazon.com/acm/latest/userguide/acm-certificate.html#algorithms) .\n\n> Algorithms supported for an ACM certificate request include:\n> \n> - `RSA_2048`\n> - `EC_prime256v1`\n> - `EC_secp384r1`\n> \n> Other listed algorithms are for imported certificates only. > When you request a private PKI certificate signed by a CA from AWS Private CA, the specified signing algorithm family (RSA or ECDSA) must match the algorithm family of the CA's secret key. \n\nDefault: RSA_2048", + "KeyAlgorithm": "Specifies the algorithm of the public and private key pair that your certificate uses to encrypt data. RSA is the default key algorithm for ACM certificates. Elliptic Curve Digital Signature Algorithm (ECDSA) keys are smaller, offering security comparable to RSA keys but with greater computing efficiency. However, ECDSA is not supported by all network clients. Some AWS services may require RSA keys, or only support ECDSA keys of a particular size, while others allow the use of either RSA and ECDSA keys to ensure that compatibility is not broken. Check the requirements for the AWS service where you plan to deploy your certificate. For more information about selecting an algorithm, see [Key algorithms](https://docs.aws.amazon.com/acm/latest/userguide/acm-certificate-characteristics.html#algorithms-term) .\n\n> Algorithms supported for an ACM certificate request include:\n> \n> - `RSA_2048`\n> - `EC_prime256v1`\n> - `EC_secp384r1`\n> \n> Other listed algorithms are for imported certificates only. > When you request a private PKI certificate signed by a CA from AWS Private CA, the specified signing algorithm family (RSA or ECDSA) must match the algorithm family of the CA's secret key. \n\nDefault: RSA_2048", "SubjectAlternativeNames": "Additional FQDNs to be included in the Subject Alternative Name extension of the ACM certificate. For example, you can add www.example.net to a certificate for which the `DomainName` field is www.example.com if users can reach your site by using either name.", "Tags": "Key-value pairs that can identify the certificate.", "ValidationMethod": "The method you want to use to validate that you own or control the domain associated with a public certificate. You can [validate with DNS](https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-dns.html) or [validate with email](https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-email.html) . We recommend that you use DNS validation.\n\nIf not specified, this property defaults to email validation." @@ -7141,7 +7269,7 @@ "Value": "The value of the tag." }, "AWS::CleanRooms::Collaboration": { - "AnalyticsEngine": "The analytics engine for the collaboration.", + "AnalyticsEngine": "The analytics engine for the collaboration.\n\n> After July 16, 2025, the `CLEAN_ROOMS_SQL` parameter will no longer be available.", "CreatorDisplayName": "A display name of the collaboration creator.", "CreatorMLMemberAbilities": "The ML member abilities for a collaboration member.", "CreatorMemberAbilities": "The abilities granted to the collaboration creator.\n\n*Allowed values* `CAN_QUERY` | `CAN_RECEIVE_RESULTS` | `CAN_RUN_JOB`", @@ -7516,7 +7644,7 @@ "InputParams": "Specifies the S3 location where your input parameters are located." }, "AWS::CloudFormation::GuardHook S3Location": { - "Uri": "Specifies the S3 path to the file containing your Guard rules or input parameters (in the form `s3:///` ).\n\nFor Guard rules, the object stored in S3 must have one of the following file extensions: `.guard` , `.zip` , or `.tar.gz` .\n\nFor input parameters, the object stored in S3 must have one of the following file extensions: `.yaml` , `.json` , `.zip` , or `.tar.gz` .", + "Uri": "Specifies the S3 path to the file that contains your Guard rules or input parameters (in the form `s3:///` ).\n\nFor Guard rules, the object stored in S3 must have one of the following file extensions: `.guard` , `.zip` , or `.tar.gz` .\n\nFor input parameters, the object stored in S3 must have one of the following file extensions: `.yaml` , `.json` , `.zip` , or `.tar.gz` .", "VersionId": "For S3 buckets with versioning enabled, specifies the unique ID of the S3 object version to download your Guard rules or input parameters from.\n\nThe Guard Hook downloads files from S3 every time the Hook is invoked. To prevent accidental changes or deletions, we recommend using a version when configuring your Guard Hook." }, "AWS::CloudFormation::GuardHook StackFilters": { @@ -7554,7 +7682,7 @@ "AWS::CloudFormation::HookVersion": { "ExecutionRoleArn": "The Amazon Resource Name (ARN) of the task execution role that grants the Hook permission.", "LoggingConfig": "Contains logging configuration information for an extension.", - "SchemaHandlerPackage": "A URL to the Amazon S3 bucket containing the Hook project package that contains the necessary files for the Hook you want to register.\n\nFor information on generating a schema handler package, see [Modeling custom CloudFormation Hooks](https://docs.aws.amazon.com/cloudformation-cli/latest/hooks-userguide/hooks-model.html) in the *AWS CloudFormation Hooks User Guide* .\n\n> To register the Hook, you must have `s3:GetObject` permissions to access the S3 objects.", + "SchemaHandlerPackage": "A URL to the Amazon S3 bucket for the Hook project package that contains the necessary files for the Hook you want to register.\n\nFor information on generating a schema handler package, see [Modeling custom CloudFormation Hooks](https://docs.aws.amazon.com/cloudformation-cli/latest/hooks-userguide/hooks-model.html) in the *AWS CloudFormation Hooks User Guide* .\n\n> To register the Hook, you must have `s3:GetObject` permissions to access the S3 objects.", "TypeName": "The unique name for your hook. Specifies a three-part namespace for your hook, with a recommended pattern of `Organization::Service::Hook` .\n\n> The following organization namespaces are reserved and can't be used in your hook type names:\n> \n> - `Alexa`\n> - `AMZN`\n> - `Amazon`\n> - `ASK`\n> - `AWS`\n> - `Custom`\n> - `Dev`" }, "AWS::CloudFormation::HookVersion LoggingConfig": { @@ -7606,7 +7734,7 @@ }, "AWS::CloudFormation::ModuleVersion": { "ModuleName": "The name of the module being registered.", - "ModulePackage": "A URL to the S3 bucket containing the package that contains the template fragment and schema files for the module version to register.\n\nFor more information, see [Module structure and requirements](https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/modules-structure.html) in the *AWS CloudFormation Command Line Interface (CLI) User Guide* .\n\n> To register the module version, you must have `s3:GetObject` permissions to access the S3 objects." + "ModulePackage": "A URL to the S3 bucket for the package that contains the template fragment and schema files for the module version to register.\n\nFor more information, see [Module structure and requirements](https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/modules-structure.html) in the *AWS CloudFormation Command Line Interface (CLI) User Guide* .\n\n> To register the module version, you must have `s3:GetObject` permissions to access the S3 objects." }, "AWS::CloudFormation::PublicTypeVersion": { "Arn": "The Amazon Resource Number (ARN) of the extension.\n\nConditional: You must specify `Arn` , or `TypeName` and `Type` .", @@ -7627,7 +7755,7 @@ "AWS::CloudFormation::ResourceVersion": { "ExecutionRoleArn": "The Amazon Resource Name (ARN) of the IAM role for CloudFormation to assume when invoking the resource. If your resource calls AWS APIs in any of its handlers, you must create an IAM execution role that includes the necessary permissions to call those AWS APIs, and provision that execution role in your account. When CloudFormation needs to invoke the resource type handler, CloudFormation assumes this execution role to create a temporary session token, which it then passes to the resource type handler, thereby supplying your resource type with the appropriate credentials.", "LoggingConfig": "Logging configuration information for a resource.", - "SchemaHandlerPackage": "A URL to the S3 bucket containing the resource project package that contains the necessary files for the resource you want to register.\n\nFor information on generating a schema handler package, see [Modeling resource types to use with AWS CloudFormation](https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/resource-type-model.html) in the *AWS CloudFormation Command Line Interface (CLI) User Guide* .\n\n> To register the resource version, you must have `s3:GetObject` permissions to access the S3 objects.", + "SchemaHandlerPackage": "A URL to the S3 bucket for the resource project package that contains the necessary files for the resource you want to register.\n\nFor information on generating a schema handler package, see [Modeling resource types to use with AWS CloudFormation](https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/resource-type-model.html) in the *AWS CloudFormation Command Line Interface (CLI) User Guide* .\n\n> To register the resource version, you must have `s3:GetObject` permissions to access the S3 objects.", "TypeName": "The name of the resource being registered.\n\nWe recommend that resource names adhere to the following pattern: *company_or_organization* :: *service* :: *type* .\n\n> The following organization namespaces are reserved and can't be used in your resource names:\n> \n> - `Alexa`\n> - `AMZN`\n> - `Amazon`\n> - `AWS`\n> - `Custom`\n> - `Dev`" }, "AWS::CloudFormation::ResourceVersion LoggingConfig": { @@ -7635,7 +7763,7 @@ "LogRoleArn": "The ARN of the role that CloudFormation should assume when sending log entries to CloudWatch logs." }, "AWS::CloudFormation::Stack": { - "Capabilities": "In some cases, you must explicitly acknowledge that your stack template contains certain capabilities in order for CloudFormation to create the stack.\n\n- `CAPABILITY_IAM` and `CAPABILITY_NAMED_IAM`\n\nSome stack templates might include resources that can affect permissions in your AWS account ; for example, by creating new AWS Identity and Access Management (IAM) users. For those stacks, you must explicitly acknowledge this by specifying one of these capabilities.\n\nThe following IAM resources require you to specify either the `CAPABILITY_IAM` or `CAPABILITY_NAMED_IAM` capability.\n\n- If you have IAM resources, you can specify either capability.\n- If you have IAM resources with custom names, you *must* specify `CAPABILITY_NAMED_IAM` .\n- If you don't specify either of these capabilities, CloudFormation returns an `InsufficientCapabilities` error.\n\nIf your stack template contains these resources, we recommend that you review all permissions associated with them and edit their permissions if necessary.\n\n- [AWS::IAM::AccessKey](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-accesskey.html)\n- [AWS::IAM::Group](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-group.html)\n- [AWS::IAM::InstanceProfile](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-instanceprofile.html)\n- [AWS::IAM::Policy](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html)\n- [AWS::IAM::Role](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html)\n- [AWS::IAM::User](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-user.html)\n- [AWS::IAM::UserToGroupAddition](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-usertogroupaddition.html)\n\nFor more information, see [Acknowledging IAM resources in CloudFormation templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/control-access-with-iam.html#using-iam-capabilities) in the *AWS CloudFormation User Guide* .\n- `CAPABILITY_AUTO_EXPAND`\n\nSome template contain macros. Macros perform custom processing on templates; this can include simple actions like find-and-replace operations, all the way to extensive transformations of entire templates. Because of this, users typically create a change set from the processed template, so that they can review the changes resulting from the macros before actually creating the stack. If your stack template contains one or more macros, and you choose to create a stack directly from the processed template, without first reviewing the resulting changes in a change set, you must acknowledge this capability. This includes the [AWS::Include](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/transform-aws-include.html) and [AWS::Serverless](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/transform-aws-serverless.html) transforms, which are macros hosted by CloudFormation .\n\nIf you want to create a stack from a stack template that contains macros *and* nested stacks, you must create the stack directly from the template using this capability.\n\n> You should only create stacks directly from a stack template that contains macros if you know what processing the macro performs.\n> \n> Each macro relies on an underlying Lambda service function for processing stack templates. Be aware that the Lambda function owner can update the function operation without CloudFormation being notified. \n\nFor more information, see [Perform custom processing on CloudFormation templates with template macros](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/template-macros.html) in the *AWS CloudFormation User Guide* .", + "Capabilities": "In some cases, you must explicitly acknowledge that your stack template contains certain capabilities in order for CloudFormation to create the stack.\n\n- `CAPABILITY_IAM` and `CAPABILITY_NAMED_IAM`\n\nSome stack templates might include resources that can affect permissions in your AWS account ; for example, by creating new AWS Identity and Access Management (IAM) users. For those stacks, you must explicitly acknowledge this by specifying one of these capabilities.\n\nThe following IAM resources require you to specify either the `CAPABILITY_IAM` or `CAPABILITY_NAMED_IAM` capability.\n\n- If you have IAM resources, you can specify either capability.\n- If you have IAM resources with custom names, you *must* specify `CAPABILITY_NAMED_IAM` .\n- If you don't specify either of these capabilities, CloudFormation returns an `InsufficientCapabilities` error.\n\nIf your stack template contains these resources, we recommend that you review all permissions associated with them and edit their permissions if necessary.\n\n- [AWS::IAM::AccessKey](https://docs.aws.amazon.com/AWSCloudFormation/latest/TemplateReference/aws-resource-iam-accesskey.html)\n- [AWS::IAM::Group](https://docs.aws.amazon.com/AWSCloudFormation/latest/TemplateReference/aws-resource-iam-group.html)\n- [AWS::IAM::InstanceProfile](https://docs.aws.amazon.com/AWSCloudFormation/latest/TemplateReference/aws-resource-iam-instanceprofile.html)\n- [AWS::IAM::Policy](https://docs.aws.amazon.com/AWSCloudFormation/latest/TemplateReference/aws-resource-iam-policy.html)\n- [AWS::IAM::Role](https://docs.aws.amazon.com/AWSCloudFormation/latest/TemplateReference/aws-resource-iam-role.html)\n- [AWS::IAM::User](https://docs.aws.amazon.com/AWSCloudFormation/latest/TemplateReference/aws-resource-iam-user.html)\n- [AWS::IAM::UserToGroupAddition](https://docs.aws.amazon.com/AWSCloudFormation/latest/TemplateReference/aws-resource-iam-usertogroupaddition.html)\n\nFor more information, see [Acknowledging IAM resources in CloudFormation templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/control-access-with-iam.html#using-iam-capabilities) in the *AWS CloudFormation User Guide* .\n- `CAPABILITY_AUTO_EXPAND`\n\nSome template contain macros. Macros perform custom processing on templates; this can include simple actions like find-and-replace operations, all the way to extensive transformations of entire templates. Because of this, users typically create a change set from the processed template, so that they can review the changes resulting from the macros before actually creating the stack. If your stack template contains one or more macros, and you choose to create a stack directly from the processed template, without first reviewing the resulting changes in a change set, you must acknowledge this capability. This includes the [AWS::Include](https://docs.aws.amazon.com/AWSCloudFormation/latest/TemplateReference/transform-aws-include.html) and [AWS::Serverless](https://docs.aws.amazon.com/AWSCloudFormation/latest/TemplateReference/transform-aws-serverless.html) transforms, which are macros hosted by CloudFormation .\n\nIf you want to create a stack from a stack template that contains macros *and* nested stacks, you must create the stack directly from the template using this capability.\n\n> You should only create stacks directly from a stack template that contains macros if you know what processing the macro performs.\n> \n> Each macro relies on an underlying Lambda service function for processing stack templates. Be aware that the Lambda function owner can update the function operation without CloudFormation being notified. \n\nFor more information, see [Perform custom processing on CloudFormation templates with template macros](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/template-macros.html) in the *AWS CloudFormation User Guide* .", "ChangeSetId": "The unique ID of the change set.", "CreationTime": "The time at which the stack was created.", "Description": "A user-defined description associated with the stack.", @@ -7650,13 +7778,13 @@ "RootId": "For nested stacks, the stack ID of the top-level stack to which the nested stack ultimately belongs.\n\nFor more information, see [Nested stacks](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-nested-stacks.html) in the *AWS CloudFormation User Guide* .", "StackId": "Unique identifier of the stack.", "StackName": "The name that's associated with the stack. The name must be unique in the Region in which you are creating the stack.\n\n> A stack name can contain only alphanumeric characters (case sensitive) and hyphens. It must start with an alphabetical character and can't be longer than 128 characters.", - "StackPolicyBody": "Structure containing the stack policy body. For more information, go to [Prevent updates to stack resources](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/protect-stack-resources.html) in the *AWS CloudFormation User Guide* . You can specify either the `StackPolicyBody` or the `StackPolicyURL` parameter, but not both.", - "StackPolicyURL": "Location of a file containing the stack policy. The URL must point to a policy (maximum size: 16 KB) located in an S3 bucket in the same Region as the stack. You can specify either the `StackPolicyBody` or the `StackPolicyURL` parameter, but not both.", + "StackPolicyBody": "Structure that contains the stack policy body. For more information, see [Prevent updates to stack resources](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/protect-stack-resources.html) in the *AWS CloudFormation User Guide* . You can specify either the `StackPolicyBody` or the `StackPolicyURL` parameter, but not both.", + "StackPolicyURL": "Location of a file that contains the stack policy. The URL must point to a policy (maximum size: 16 KB) located in an S3 bucket in the same Region as the stack. You can specify either the `StackPolicyBody` or the `StackPolicyURL` parameter, but not both.", "StackStatus": "Current status of the stack.", "StackStatusReason": "Success/failure message associated with the stack status.", "Tags": "Key-value pairs to associate with this stack. CloudFormation also propagates these tags to the resources created in the stack. A maximum number of 50 tags can be specified.", - "TemplateBody": "Structure containing the template body with a minimum length of 1 byte and a maximum length of 51,200 bytes.\n\nConditional: You must specify either the `TemplateBody` or the `TemplateURL` parameter, but not both.", - "TemplateURL": "The URL of a file containing the template body. The URL must point to a template (max size: 1 MB) that's located in an Amazon S3 bucket. The location for an Amazon S3 bucket must start with `https://` .\n\nWhether an update causes interruptions depends on the resources that are being updated. An update never causes a nested stack to be replaced.", + "TemplateBody": "Structure that contains the template body with a minimum length of 1 byte and a maximum length of 51,200 bytes.\n\nConditional: You must specify either the `TemplateBody` or the `TemplateURL` parameter, but not both.", + "TemplateURL": "The URL of a file that contains the template body. The URL must point to a template (max size: 1 MB) that's located in an Amazon S3 bucket. The location for an Amazon S3 bucket must start with `https://` .\n\nWhether an update causes interruptions depends on the resources that are being updated. An update never causes a nested stack to be replaced.", "TimeoutInMinutes": "The length of time, in minutes, that CloudFormation waits for the nested stack to reach the `CREATE_COMPLETE` state. The default is no timeout. When CloudFormation detects that the nested stack has reached the `CREATE_COMPLETE` state, it marks the nested stack resource as `CREATE_COMPLETE` in the parent stack and resumes creating the parent stack. If the timeout period expires before the nested stack reaches `CREATE_COMPLETE` , CloudFormation marks the nested stack as failed and rolls back both the nested stack and parent stack.\n\nUpdates aren't supported." }, "AWS::CloudFormation::Stack Output": { @@ -7667,42 +7795,42 @@ }, "AWS::CloudFormation::Stack Tag": { "Key": "*Required* . A string used to identify this tag. You can specify a maximum of 128 characters for a tag key. Tags owned by AWS have the reserved prefix: `aws:` .", - "Value": "*Required* . A string containing the value for this tag. You can specify a maximum of 256 characters for a tag value." + "Value": "*Required* . A string that contains the value for this tag. You can specify a maximum of 256 characters for a tag value." }, "AWS::CloudFormation::StackSet": { - "AdministrationRoleARN": "The Amazon Resource Number (ARN) of the IAM role to use to create this stack set. Specify an IAM role only if you are using customized administrator roles to control which users or groups can manage specific stack sets within the same administrator account.\n\nUse customized administrator roles to control which users or groups can manage specific stack sets within the same administrator account. For more information, see [Grant self-managed permissions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-prereqs-self-managed.html) in the *AWS CloudFormation User Guide* .\n\nValid only if the permissions model is `SELF_MANAGED` .", + "AdministrationRoleARN": "The Amazon Resource Number (ARN) of the IAM role to use to create this StackSet. Specify an IAM role only if you are using customized administrator roles to control which users or groups can manage specific StackSets within the same administrator account.\n\nUse customized administrator roles to control which users or groups can manage specific StackSets within the same administrator account. For more information, see [Grant self-managed permissions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-prereqs-self-managed.html) in the *AWS CloudFormation User Guide* .\n\nValid only if the permissions model is `SELF_MANAGED` .", "AutoDeployment": "Describes whether StackSets automatically deploys to AWS Organizations accounts that are added to a target organization or organizational unit (OU). For more information, see [Enable or disable automatic deployments for StackSets in AWS Organizations](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-orgs-manage-auto-deployment.html) in the *AWS CloudFormation User Guide* .\n\nRequired if the permissions model is `SERVICE_MANAGED` . (Not used with self-managed permissions.)", - "CallAs": "Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.\n\nBy default, `SELF` is specified. Use `SELF` for stack sets with self-managed permissions.\n\n- To create a stack set with service-managed permissions while signed in to the management account, specify `SELF` .\n- To create a stack set with service-managed permissions while signed in to a delegated administrator account, specify `DELEGATED_ADMIN` .\n\nYour AWS account must be registered as a delegated admin in the management account. For more information, see [Register a delegated administrator](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-orgs-delegated-admin.html) in the *AWS CloudFormation User Guide* .\n\nStack sets with service-managed permissions are created in the management account, including stack sets that are created by delegated administrators.\n\nValid only if the permissions model is `SERVICE_MANAGED` .", - "Capabilities": "The capabilities that are allowed in the stack set. Some stack set templates might include resources that can affect permissions in your AWS account \u2014for example, by creating new IAM users. For more information, see [Acknowledging IAM resources in CloudFormation templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/control-access-with-iam.html#using-iam-capabilities) in the *AWS CloudFormation User Guide* .", - "Description": "A description of the stack set.", - "ExecutionRoleName": "The name of the IAM execution role to use to create the stack set. If you don't specify an execution role, CloudFormation uses the `AWSCloudFormationStackSetExecutionRole` role for the stack set operation.\n\nValid only if the permissions model is `SELF_MANAGED` .\n\n*Pattern* : `[a-zA-Z_0-9+=,.@-]+`", - "ManagedExecution": "Describes whether StackSets performs non-conflicting operations concurrently and queues conflicting operations.\n\nWhen active, StackSets performs non-conflicting operations concurrently and queues conflicting operations. After conflicting operations finish, StackSets starts queued operations in request order.\n\n> If there are already running or queued operations, StackSets queues all incoming operations even if they are non-conflicting.\n> \n> You can't modify your stack set's execution configuration while there are running or queued operations for that stack set. \n\nWhen inactive (default), StackSets performs one operation at a time in request order.", - "OperationPreferences": "The user-specified preferences for how CloudFormation performs a stack set operation.", - "Parameters": "The input parameters for the stack set template.", - "PermissionModel": "Describes how the IAM roles required for stack set operations are created.\n\n- With `SELF_MANAGED` permissions, you must create the administrator and execution roles required to deploy to target accounts. For more information, see [Grant self-managed permissions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-prereqs-self-managed.html) in the *AWS CloudFormation User Guide* .\n- With `SERVICE_MANAGED` permissions, StackSets automatically creates the IAM roles required to deploy to accounts managed by AWS Organizations . For more information, see [Activate trusted access for stack sets with AWS Organizations](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-orgs-activate-trusted-access.html) in the *AWS CloudFormation User Guide* .", + "CallAs": "Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.\n\nBy default, `SELF` is specified. Use `SELF` for StackSets with self-managed permissions.\n\n- To create a StackSet with service-managed permissions while signed in to the management account, specify `SELF` .\n- To create a StackSet with service-managed permissions while signed in to a delegated administrator account, specify `DELEGATED_ADMIN` .\n\nYour AWS account must be registered as a delegated admin in the management account. For more information, see [Register a delegated administrator](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-orgs-delegated-admin.html) in the *AWS CloudFormation User Guide* .\n\nStackSets with service-managed permissions are created in the management account, including StackSets that are created by delegated administrators.\n\nValid only if the permissions model is `SERVICE_MANAGED` .", + "Capabilities": "The capabilities that are allowed in the StackSet. Some StackSet templates might include resources that can affect permissions in your AWS account \u2014for example, by creating new IAM users. For more information, see [Acknowledging IAM resources in CloudFormation templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/control-access-with-iam.html#using-iam-capabilities) in the *AWS CloudFormation User Guide* .", + "Description": "A description of the StackSet.", + "ExecutionRoleName": "The name of the IAM execution role to use to create the StackSet. If you don't specify an execution role, CloudFormation uses the `AWSCloudFormationStackSetExecutionRole` role for the StackSet operation.\n\nValid only if the permissions model is `SELF_MANAGED` .\n\n*Pattern* : `[a-zA-Z_0-9+=,.@-]+`", + "ManagedExecution": "Describes whether StackSets performs non-conflicting operations concurrently and queues conflicting operations.\n\nWhen active, StackSets performs non-conflicting operations concurrently and queues conflicting operations. After conflicting operations finish, StackSets starts queued operations in request order.\n\n> If there are already running or queued operations, StackSets queues all incoming operations even if they are non-conflicting.\n> \n> You can't modify your StackSet's execution configuration while there are running or queued operations for that StackSet. \n\nWhen inactive (default), StackSets performs one operation at a time in request order.", + "OperationPreferences": "The user-specified preferences for how CloudFormation performs a StackSet operation.", + "Parameters": "The input parameters for the StackSet template.", + "PermissionModel": "Describes how the IAM roles required for StackSet operations are created.\n\n- With `SELF_MANAGED` permissions, you must create the administrator and execution roles required to deploy to target accounts. For more information, see [Grant self-managed permissions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-prereqs-self-managed.html) in the *AWS CloudFormation User Guide* .\n- With `SERVICE_MANAGED` permissions, StackSets automatically creates the IAM roles required to deploy to accounts managed by AWS Organizations . For more information, see [Activate trusted access for StackSets with AWS Organizations](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-orgs-activate-trusted-access.html) in the *AWS CloudFormation User Guide* .", "StackInstancesGroup": "A group of stack instances with parameters in some specific accounts and Regions.", - "StackSetName": "The name to associate with the stack set. The name must be unique in the Region where you create your stack set.", + "StackSetName": "The name to associate with the StackSet. The name must be unique in the Region where you create your StackSet.", "Tags": "Key-value pairs to associate with this stack. CloudFormation also propagates these tags to supported resources in the stack. You can specify a maximum number of 50 tags.\n\nIf you don't specify this parameter, CloudFormation doesn't modify the stack's tags. If you specify an empty value, CloudFormation removes all associated tags.", - "TemplateBody": "The structure that contains the template body, with a minimum length of 1 byte and a maximum length of 51,200 bytes.\n\nYou must include either `TemplateURL` or `TemplateBody` in a StackSet, but you can't use both. Dynamic references in the `TemplateBody` may not work correctly in all cases. It's recommended to pass templates containing dynamic references through `TemplateUrl` instead.", - "TemplateURL": "The URL of a file containing the template body. The URL must point to a template (max size: 1 MB) that's located in an Amazon S3 bucket or a Systems Manager document. The location for an Amazon S3 bucket must start with `https://` .\n\nConditional: You must specify only one of the following parameters: `TemplateBody` , `TemplateURL` ." + "TemplateBody": "The structure that contains the template body, with a minimum length of 1 byte and a maximum length of 51,200 bytes.\n\nYou must include either `TemplateURL` or `TemplateBody` in a StackSet, but you can't use both. Dynamic references in the `TemplateBody` may not work correctly in all cases. It's recommended to pass templates that contain dynamic references through `TemplateUrl` instead.", + "TemplateURL": "The URL of a file that contains the template body. The URL must point to a template (max size: 1 MB) that's located in an Amazon S3 bucket or a Systems Manager document. The location for an Amazon S3 bucket must start with `https://` .\n\nConditional: You must specify only one of the following parameters: `TemplateBody` , `TemplateURL` ." }, "AWS::CloudFormation::StackSet AutoDeployment": { "Enabled": "If set to `true` , StackSets automatically deploys additional stack instances to AWS Organizations accounts that are added to a target organization or organizational unit (OU) in the specified Regions. If an account is removed from a target organization or OU, StackSets deletes stack instances from the account in the specified Regions.", "RetainStacksOnAccountRemoval": "If set to `true` , stack resources are retained when an account is removed from a target organization or OU. If set to `false` , stack resources are deleted. Specify only if `Enabled` is set to `True` ." }, "AWS::CloudFormation::StackSet DeploymentTargets": { - "AccountFilterType": "Limit deployment targets to individual accounts or include additional accounts with provided OUs.\n\nThe following is a list of possible values for the `AccountFilterType` operation.\n\n- `INTERSECTION` : StackSet deploys to the accounts specified in the `Accounts` parameter.\n- `DIFFERENCE` : StackSet deploys to the OU, excluding the accounts specified in the `Accounts` parameter.\n- `UNION` StackSet deploys to the OU, and the accounts specified in the `Accounts` parameter. `UNION` is not supported for create operations when using StackSet as a resource.", + "AccountFilterType": "Refines which accounts to deploy stacks to by specifying how to use the `Accounts` and `OrganizationalUnitIds` properties together.\n\nThe following values determine how CloudFormation selects target accounts:\n\n- `INTERSECTION` : StackSet deploys to the accounts specified in the `Accounts` property.\n- `DIFFERENCE` : StackSet deploys to the OU, excluding the accounts specified in the `Accounts` property.\n- `UNION` : StackSet deploys to the OU, and the accounts specified in the `Accounts` property. `UNION` is not supported for create operations when using StackSet as a resource or the `CreateStackInstances` API.", "Accounts": "The account IDs of the AWS accounts . If you have many account numbers, you can provide those accounts using the `AccountsUrl` property instead.\n\n*Pattern* : `^[0-9]{12}$`", - "AccountsUrl": "The Amazon S3 URL path to a file that contains a list of AWS account IDs. The file format must be either `.csv` or `.txt` , and the data can be comma-separated or new-line-separated. There is currently a 10MB limit for the data (approximately 800,000 accounts).", + "AccountsUrl": "The Amazon S3 URL path to a file that contains a list of AWS account IDs. The file format must be either `.csv` or `.txt` , and the data can be comma-separated or new-line-separated. There is currently a 10MB limit for the data (approximately 800,000 accounts).\n\nThis property serves the same purpose as `Accounts` but allows you to specify a large number of accounts.", "OrganizationalUnitIds": "The organization root ID or organizational unit (OU) IDs.\n\n*Pattern* : `^(ou-[a-z0-9]{4,32}-[a-z0-9]{8,32}|r-[a-z0-9]{4,32})$`" }, "AWS::CloudFormation::StackSet ManagedExecution": { - "Active": "When `true` , StackSets performs non-conflicting operations concurrently and queues conflicting operations. After conflicting operations finish, StackSets starts queued operations in request order.\n\n> If there are already running or queued operations, StackSets queues all incoming operations even if they are non-conflicting.\n> \n> You can't modify your stack set's execution configuration while there are running or queued operations for that stack set. \n\nWhen `false` (default), StackSets performs one operation at a time in request order." + "Active": "When `true` , CloudFormation performs non-conflicting operations concurrently and queues conflicting operations. After conflicting operations finish, CloudFormation starts queued operations in request order.\n\n> If there are already running or queued operations, CloudFormation queues all incoming operations even if they are non-conflicting.\n> \n> You can't modify your StackSet's execution configuration while there are running or queued operations for that StackSet. \n\nWhen `false` (default), StackSets performs one operation at a time in request order." }, "AWS::CloudFormation::StackSet OperationPreferences": { - "ConcurrencyMode": "Specifies how the concurrency level behaves during the operation execution.\n\n- `STRICT_FAILURE_TOLERANCE` : This option dynamically lowers the concurrency level to ensure the number of failed accounts never exceeds the value of `FailureToleranceCount` +1. The initial actual concurrency is set to the lower of either the value of the `MaxConcurrentCount` , or the value of `FailureToleranceCount` +1. The actual concurrency is then reduced proportionally by the number of failures. This is the default behavior.\n\nIf failure tolerance or Maximum concurrent accounts are set to percentages, the behavior is similar.\n- `SOFT_FAILURE_TOLERANCE` : This option decouples `FailureToleranceCount` from the actual concurrency. This allows stack set operations to run at the concurrency level set by the `MaxConcurrentCount` value, or `MaxConcurrentPercentage` , regardless of the number of failures.", - "FailureToleranceCount": "The number of accounts, per Region, for which this operation can fail before CloudFormation stops the operation in that Region. If the operation is stopped in a Region, CloudFormation doesn't attempt the operation in any subsequent Regions.\n\nConditional: You must specify either `FailureToleranceCount` or `FailureTolerancePercentage` (but not both).", - "FailureTolerancePercentage": "The percentage of accounts, per Region, for which this stack operation can fail before CloudFormation stops the operation in that Region. If the operation is stopped in a Region, CloudFormation doesn't attempt the operation in any subsequent Regions.\n\nWhen calculating the number of accounts based on the specified percentage, CloudFormation rounds *down* to the next whole number.\n\nConditional: You must specify either `FailureToleranceCount` or `FailureTolerancePercentage` , but not both.", + "ConcurrencyMode": "Specifies how the concurrency level behaves during the operation execution.\n\n- `STRICT_FAILURE_TOLERANCE` : This option dynamically lowers the concurrency level to ensure the number of failed accounts never exceeds the value of `FailureToleranceCount` +1. The initial actual concurrency is set to the lower of either the value of the `MaxConcurrentCount` , or the value of `FailureToleranceCount` +1. The actual concurrency is then reduced proportionally by the number of failures. This is the default behavior.\n\nIf failure tolerance or Maximum concurrent accounts are set to percentages, the behavior is similar.\n- `SOFT_FAILURE_TOLERANCE` : This option decouples `FailureToleranceCount` from the actual concurrency. This allows StackSet operations to run at the concurrency level set by the `MaxConcurrentCount` value, or `MaxConcurrentPercentage` , regardless of the number of failures.", + "FailureToleranceCount": "The number of accounts per Region this operation can fail in before CloudFormation stops the operation in that Region. If the operation is stopped in a Region, CloudFormation doesn't attempt the operation in any subsequent Regions.\n\nConditional: You must specify either `FailureToleranceCount` or `FailureTolerancePercentage` (but not both).", + "FailureTolerancePercentage": "The percentage of accounts per Region this stack operation can fail in before CloudFormation stops the operation in that Region. If the operation is stopped in a Region, CloudFormation doesn't attempt the operation in any subsequent Regions.\n\nWhen calculating the number of accounts based on the specified percentage, CloudFormation rounds *down* to the next whole number.\n\nConditional: You must specify either `FailureToleranceCount` or `FailureTolerancePercentage` , but not both.", "MaxConcurrentCount": "The maximum number of accounts in which to perform this operation at one time. This is dependent on the value of `FailureToleranceCount` . `MaxConcurrentCount` is at most one more than the `FailureToleranceCount` .\n\nNote that this setting lets you specify the *maximum* for operations. For large deployments, under certain circumstances the actual number of accounts acted upon concurrently may be lower due to service throttling.\n\nConditional: You must specify either `MaxConcurrentCount` or `MaxConcurrentPercentage` , but not both.", "MaxConcurrentPercentage": "The maximum percentage of accounts in which to perform this operation at one time.\n\nWhen calculating the number of accounts based on the specified percentage, CloudFormation rounds down to the next whole number. This is true except in cases where rounding down would result is zero. In this case, CloudFormation sets the number as one instead.\n\nNote that this setting lets you specify the *maximum* for operations. For large deployments, under certain circumstances the actual number of accounts acted upon concurrently may be lower due to service throttling.\n\nConditional: You must specify either `MaxConcurrentCount` or `MaxConcurrentPercentage` , but not both.", "RegionConcurrencyType": "The concurrency type of deploying StackSets operations in Regions, could be in parallel or one Region at a time.", @@ -7713,13 +7841,13 @@ "ParameterValue": "The input value associated with the parameter." }, "AWS::CloudFormation::StackSet StackInstances": { - "DeploymentTargets": "The AWS `OrganizationalUnitIds` or `Accounts` for which to create stack instances in the specified Regions.", - "ParameterOverrides": "A list of stack set parameters whose values you want to override in the selected stack instances.", + "DeploymentTargets": "The AWS Organizations accounts or AWS accounts to deploy stacks to in the specified Regions.", + "ParameterOverrides": "A list of StackSet parameters whose values you want to override in the selected stack instances.", "Regions": "The names of one or more Regions where you want to create stack instances using the specified AWS accounts ." }, "AWS::CloudFormation::StackSet Tag": { "Key": "*Required* . A string used to identify this tag. You can specify a maximum of 128 characters for a tag key. Tags owned by AWS have the reserved prefix: `aws:` .", - "Value": "*Required* . A string containing the value for this tag. You can specify a maximum of 256 characters for a tag value." + "Value": "*Required* . A string that contains the value for this tag. You can specify a maximum of 256 characters for a tag value." }, "AWS::CloudFormation::TypeActivation": { "AutoUpdate": "Whether to automatically update the extension in this account and Region when a new *minor* version is published by the extension publisher. Major versions released by the publisher must be manually updated.\n\nThe default is `true` .", @@ -7739,7 +7867,7 @@ }, "AWS::CloudFormation::WaitCondition": { "Count": "The number of success signals that CloudFormation must receive before it continues the stack creation process. When the wait condition receives the requisite number of success signals, CloudFormation resumes the creation of the stack. If the wait condition doesn't receive the specified number of success signals before the Timeout period expires, CloudFormation assumes that the wait condition has failed and rolls the stack back.\n\nUpdates aren't supported.", - "Handle": "A reference to the wait condition handle used to signal this wait condition. Use the `Ref` intrinsic function to specify an [AWS::CloudFormation::WaitConditionHandle](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudformation-waitconditionhandle.html) resource.\n\nAnytime you add a `WaitCondition` resource during a stack update, you must associate the wait condition with a new WaitConditionHandle resource. Don't reuse an old wait condition handle that has already been defined in the template. If you reuse a wait condition handle, the wait condition might evaluate old signals from a previous create or update stack command.\n\nUpdates aren't supported.", + "Handle": "A reference to the wait condition handle used to signal this wait condition. Use the `Ref` intrinsic function to specify an [AWS::CloudFormation::WaitConditionHandle](https://docs.aws.amazon.com/AWSCloudFormation/latest/TemplateReference/aws-resource-cloudformation-waitconditionhandle.html) resource.\n\nAnytime you add a `WaitCondition` resource during a stack update, you must associate the wait condition with a new WaitConditionHandle resource. Don't reuse an old wait condition handle that has already been defined in the template. If you reuse a wait condition handle, the wait condition might evaluate old signals from a previous create or update stack command.\n\nUpdates aren't supported.", "Timeout": "The length of time (in seconds) to wait for the number of signals that the `Count` property specifies. `Timeout` is a minimum-bound property, meaning the timeout occurs no sooner than the time you specify, but can occur shortly thereafter. The maximum time that can be specified for this property is 12 hours (43200 seconds).\n\nUpdates aren't supported." }, "AWS::CloudFormation::WaitConditionHandle": {}, @@ -7856,22 +7984,22 @@ "CachePolicyId": "The unique identifier of the cache policy that is attached to this cache behavior. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nA `CacheBehavior` must include either a `CachePolicyId` or `ForwardedValues` . We recommend that you use a `CachePolicyId` .", "CachedMethods": "A complex type that controls whether CloudFront caches the response to requests using the specified HTTP methods. There are two choices:\n\n- CloudFront caches responses to `GET` and `HEAD` requests.\n- CloudFront caches responses to `GET` , `HEAD` , and `OPTIONS` requests.\n\nIf you pick the second choice for your Amazon S3 Origin, you may need to forward Access-Control-Request-Method, Access-Control-Request-Headers, and Origin headers for the responses to be cached correctly.", "Compress": "Whether you want CloudFront to automatically compress certain files for this cache behavior. If so, specify true; if not, specify false. For more information, see [Serving Compressed Files](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/ServingCompressedFiles.html) in the *Amazon CloudFront Developer Guide* .", - "DefaultTTL": "This field is deprecated. We recommend that you use the `DefaultTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe default amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin does not add HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", + "DefaultTTL": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThis field is deprecated. We recommend that you use the `DefaultTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe default amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin does not add HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", "FieldLevelEncryptionId": "The value of `ID` for the field-level encryption configuration that you want CloudFront to use for encrypting specific fields of data for this cache behavior.", "ForwardedValues": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field. For more information, see [Working with policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/working-with-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to include values in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send values to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) or [Using the managed origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nA `CacheBehavior` must include either a `CachePolicyId` or `ForwardedValues` . We recommend that you use a `CachePolicyId` .\n\nA complex type that specifies how CloudFront handles query strings, cookies, and HTTP headers.", "FunctionAssociations": "A list of CloudFront functions that are associated with this cache behavior. CloudFront functions must be published to the `LIVE` stage to associate them with a cache behavior.", "GrpcConfig": "The gRPC configuration for your cache behavior.", "LambdaFunctionAssociations": "A complex type that contains zero or more Lambda@Edge function associations for a cache behavior.", - "MaxTTL": "This field is deprecated. We recommend that you use the `MaxTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe maximum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin adds HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", - "MinTTL": "This field is deprecated. We recommend that you use the `MinTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe minimum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .\n\nYou must specify `0` for `MinTTL` if you configure CloudFront to forward all headers to your origin (under `Headers` , if you specify `1` for `Quantity` and `*` for `Name` ).", + "MaxTTL": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThis field is deprecated. We recommend that you use the `MaxTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe maximum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin adds HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", + "MinTTL": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThis field is deprecated. We recommend that you use the `MinTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe minimum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .\n\nYou must specify `0` for `MinTTL` if you configure CloudFront to forward all headers to your origin (under `Headers` , if you specify `1` for `Quantity` and `*` for `Name` ).", "OriginRequestPolicyId": "The unique identifier of the origin request policy that is attached to this cache behavior. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) or [Using the managed origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html) in the *Amazon CloudFront Developer Guide* .", "PathPattern": "The pattern (for example, `images/*.jpg` ) that specifies which requests to apply the behavior to. When CloudFront receives a viewer request, the requested path is compared with path patterns in the order in which cache behaviors are listed in the distribution.\n\n> You can optionally include a slash ( `/` ) at the beginning of the path pattern. For example, `/images/*.jpg` . CloudFront behavior is the same with or without the leading `/` . \n\nThe path pattern for the default cache behavior is `*` and cannot be changed. If the request for an object does not match the path pattern for any cache behaviors, CloudFront applies the behavior in the default cache behavior.\n\nFor more information, see [Path Pattern](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesPathPattern) in the *Amazon CloudFront Developer Guide* .", "RealtimeLogConfigArn": "The Amazon Resource Name (ARN) of the real-time log configuration that is attached to this cache behavior. For more information, see [Real-time logs](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html) in the *Amazon CloudFront Developer Guide* .", "ResponseHeadersPolicyId": "The identifier for a response headers policy.", - "SmoothStreaming": "Indicates whether you want to distribute media files in the Microsoft Smooth Streaming format using the origin that is associated with this cache behavior. If so, specify `true` ; if not, specify `false` . If you specify `true` for `SmoothStreaming` , you can still distribute other content using this cache behavior if the content matches the value of `PathPattern` .", + "SmoothStreaming": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nIndicates whether you want to distribute media files in the Microsoft Smooth Streaming format using the origin that is associated with this cache behavior. If so, specify `true` ; if not, specify `false` . If you specify `true` for `SmoothStreaming` , you can still distribute other content using this cache behavior if the content matches the value of `PathPattern` .", "TargetOriginId": "The value of `ID` for the origin that you want CloudFront to route requests to when they match this cache behavior.", "TrustedKeyGroups": "A list of key groups that CloudFront can use to validate signed URLs or signed cookies.\n\nWhen a cache behavior contains trusted key groups, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with a private key whose corresponding public key is in the key group. The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", - "TrustedSigners": "> We recommend using `TrustedKeyGroups` instead of `TrustedSigners` . \n\nA list of AWS account IDs whose public keys CloudFront can use to validate signed URLs or signed cookies.\n\nWhen a cache behavior contains trusted signers, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with the private key of a CloudFront key pair in the trusted signer's AWS account . The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", + "TrustedSigners": "> We recommend using `TrustedKeyGroups` instead of `TrustedSigners` . > This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nA list of AWS account IDs whose public keys CloudFront can use to validate signed URLs or signed cookies.\n\nWhen a cache behavior contains trusted signers, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with the private key of a CloudFront key pair in the trusted signer's AWS account . The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", "ViewerProtocolPolicy": "The protocol that viewers can use to access the files in the origin specified by `TargetOriginId` when a request matches the path pattern in `PathPattern` . You can specify the following options:\n\n- `allow-all` : Viewers can use HTTP or HTTPS.\n- `redirect-to-https` : If a viewer submits an HTTP request, CloudFront returns an HTTP status code of 301 (Moved Permanently) to the viewer along with the HTTPS URL. The viewer then resubmits the request using the new URL.\n- `https-only` : If a viewer sends an HTTP request, CloudFront returns an HTTP status code of 403 (Forbidden).\n\nFor more information about requiring the HTTPS protocol, see [Requiring HTTPS Between Viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-https-viewers-to-cloudfront.html) in the *Amazon CloudFront Developer Guide* .\n\n> The only way to guarantee that viewers retrieve an object that was fetched from the origin using HTTPS is never to use any other protocol to fetch the object. If you have recently changed from HTTP to HTTPS, we recommend that you clear your objects' cache because cached objects are protocol agnostic. That means that an edge location will return an object from the cache regardless of whether the current request protocol matches the protocol used previously. For more information, see [Managing Cache Expiration](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* ." }, "AWS::CloudFront::Distribution Cookies": { @@ -7887,61 +8015,61 @@ "AWS::CloudFront::Distribution CustomOriginConfig": { "HTTPPort": "The HTTP port that CloudFront uses to connect to the origin. Specify the HTTP port that the origin listens on.", "HTTPSPort": "The HTTPS port that CloudFront uses to connect to the origin. Specify the HTTPS port that the origin listens on.", - "OriginKeepaliveTimeout": "Specifies how long, in seconds, CloudFront persists its connection to the origin. The minimum timeout is 1 second, the maximum is 60 seconds, and the default (if you don't specify otherwise) is 5 seconds.\n\nFor more information, see [Keep-alive timeout (custom origins only)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginKeepaliveTimeout) in the *Amazon CloudFront Developer Guide* .", + "OriginKeepaliveTimeout": "Specifies how long, in seconds, CloudFront persists its connection to the origin. The minimum timeout is 1 second, the maximum is 120 seconds, and the default (if you don't specify otherwise) is 5 seconds.\n\nFor more information, see [Keep-alive timeout (custom origins only)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DownloadDistValuesOrigin.html#DownloadDistValuesOriginKeepaliveTimeout) in the *Amazon CloudFront Developer Guide* .", "OriginProtocolPolicy": "Specifies the protocol (HTTP or HTTPS) that CloudFront uses to connect to the origin. Valid values are:\n\n- `http-only` \u2013 CloudFront always uses HTTP to connect to the origin.\n- `match-viewer` \u2013 CloudFront connects to the origin using the same protocol that the viewer used to connect to CloudFront.\n- `https-only` \u2013 CloudFront always uses HTTPS to connect to the origin.", - "OriginReadTimeout": "Specifies how long, in seconds, CloudFront waits for a response from the origin. This is also known as the *origin response timeout* . The minimum timeout is 1 second, the maximum is 60 seconds, and the default (if you don't specify otherwise) is 30 seconds.\n\nFor more information, see [Response timeout (custom origins only)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginResponseTimeout) in the *Amazon CloudFront Developer Guide* .", - "OriginSSLProtocols": "Specifies the minimum SSL/TLS protocol that CloudFront uses when connecting to your origin over HTTPS. Valid values include `SSLv3` , `TLSv1` , `TLSv1.1` , and `TLSv1.2` .\n\nFor more information, see [Minimum Origin SSL Protocol](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginSSLProtocols) in the *Amazon CloudFront Developer Guide* ." + "OriginReadTimeout": "Specifies how long, in seconds, CloudFront waits for a response from the origin. This is also known as the *origin response timeout* . The minimum timeout is 1 second, the maximum is 120 seconds, and the default (if you don't specify otherwise) is 30 seconds.\n\nFor more information, see [Response timeout (custom origins only)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DownloadDistValuesOrigin.html#DownloadDistValuesOriginResponseTimeout) in the *Amazon CloudFront Developer Guide* .", + "OriginSSLProtocols": "Specifies the minimum SSL/TLS protocol that CloudFront uses when connecting to your origin over HTTPS. Valid values include `SSLv3` , `TLSv1` , `TLSv1.1` , and `TLSv1.2` .\n\nFor more information, see [Minimum Origin SSL Protocol](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DownloadDistValuesOrigin.html#DownloadDistValuesOriginSSLProtocols) in the *Amazon CloudFront Developer Guide* ." }, "AWS::CloudFront::Distribution DefaultCacheBehavior": { "AllowedMethods": "A complex type that controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin. There are three choices:\n\n- CloudFront forwards only `GET` and `HEAD` requests.\n- CloudFront forwards only `GET` , `HEAD` , and `OPTIONS` requests.\n- CloudFront forwards `GET, HEAD, OPTIONS, PUT, PATCH, POST` , and `DELETE` requests.\n\nIf you pick the third choice, you may need to restrict access to your Amazon S3 bucket or to your custom origin so users can't perform operations that you don't want them to. For example, you might not want users to have permissions to delete objects from your origin.", "CachePolicyId": "The unique identifier of the cache policy that is attached to the default cache behavior. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nA `DefaultCacheBehavior` must include either a `CachePolicyId` or `ForwardedValues` . We recommend that you use a `CachePolicyId` .", "CachedMethods": "A complex type that controls whether CloudFront caches the response to requests using the specified HTTP methods. There are two choices:\n\n- CloudFront caches responses to `GET` and `HEAD` requests.\n- CloudFront caches responses to `GET` , `HEAD` , and `OPTIONS` requests.\n\nIf you pick the second choice for your Amazon S3 Origin, you may need to forward Access-Control-Request-Method, Access-Control-Request-Headers, and Origin headers for the responses to be cached correctly.", "Compress": "Whether you want CloudFront to automatically compress certain files for this cache behavior. If so, specify `true` ; if not, specify `false` . For more information, see [Serving Compressed Files](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/ServingCompressedFiles.html) in the *Amazon CloudFront Developer Guide* .", - "DefaultTTL": "This field is deprecated. We recommend that you use the `DefaultTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe default amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin does not add HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", + "DefaultTTL": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThis field is deprecated. We recommend that you use the `DefaultTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe default amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin does not add HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", "FieldLevelEncryptionId": "The value of `ID` for the field-level encryption configuration that you want CloudFront to use for encrypting specific fields of data for the default cache behavior.", "ForwardedValues": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field. For more information, see [Working with policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/working-with-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to include values in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send values to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) or [Using the managed origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nA `DefaultCacheBehavior` must include either a `CachePolicyId` or `ForwardedValues` . We recommend that you use a `CachePolicyId` .\n\nA complex type that specifies how CloudFront handles query strings, cookies, and HTTP headers.", "FunctionAssociations": "A list of CloudFront functions that are associated with this cache behavior. Your functions must be published to the `LIVE` stage to associate them with a cache behavior.", "GrpcConfig": "The gRPC configuration for your cache behavior.", "LambdaFunctionAssociations": "A complex type that contains zero or more Lambda@Edge function associations for a cache behavior.", - "MaxTTL": "This field is deprecated. We recommend that you use the `MaxTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe maximum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin adds HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", - "MinTTL": "This field is deprecated. We recommend that you use the `MinTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe minimum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .\n\nYou must specify `0` for `MinTTL` if you configure CloudFront to forward all headers to your origin (under `Headers` , if you specify `1` for `Quantity` and `*` for `Name` ).", + "MaxTTL": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThis field is deprecated. We recommend that you use the `MaxTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe maximum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin adds HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", + "MinTTL": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThis field is deprecated. We recommend that you use the `MinTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe minimum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .\n\nYou must specify `0` for `MinTTL` if you configure CloudFront to forward all headers to your origin (under `Headers` , if you specify `1` for `Quantity` and `*` for `Name` ).", "OriginRequestPolicyId": "The unique identifier of the origin request policy that is attached to the default cache behavior. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) or [Using the managed origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html) in the *Amazon CloudFront Developer Guide* .", "RealtimeLogConfigArn": "The Amazon Resource Name (ARN) of the real-time log configuration that is attached to this cache behavior. For more information, see [Real-time logs](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html) in the *Amazon CloudFront Developer Guide* .", "ResponseHeadersPolicyId": "The identifier for a response headers policy.", - "SmoothStreaming": "Indicates whether you want to distribute media files in the Microsoft Smooth Streaming format using the origin that is associated with this cache behavior. If so, specify `true` ; if not, specify `false` . If you specify `true` for `SmoothStreaming` , you can still distribute other content using this cache behavior if the content matches the value of `PathPattern` .", + "SmoothStreaming": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nIndicates whether you want to distribute media files in the Microsoft Smooth Streaming format using the origin that is associated with this cache behavior. If so, specify `true` ; if not, specify `false` . If you specify `true` for `SmoothStreaming` , you can still distribute other content using this cache behavior if the content matches the value of `PathPattern` .", "TargetOriginId": "The value of `ID` for the origin that you want CloudFront to route requests to when they use the default cache behavior.", "TrustedKeyGroups": "A list of key groups that CloudFront can use to validate signed URLs or signed cookies.\n\nWhen a cache behavior contains trusted key groups, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with a private key whose corresponding public key is in the key group. The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", - "TrustedSigners": "> We recommend using `TrustedKeyGroups` instead of `TrustedSigners` . \n\nA list of AWS account IDs whose public keys CloudFront can use to validate signed URLs or signed cookies.\n\nWhen a cache behavior contains trusted signers, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with the private key of a CloudFront key pair in a trusted signer's AWS account . The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", + "TrustedSigners": "> We recommend using `TrustedKeyGroups` instead of `TrustedSigners` . > This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nA list of AWS account IDs whose public keys CloudFront can use to validate signed URLs or signed cookies.\n\nWhen a cache behavior contains trusted signers, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with the private key of a CloudFront key pair in a trusted signer's AWS account . The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", "ViewerProtocolPolicy": "The protocol that viewers can use to access the files in the origin specified by `TargetOriginId` when a request matches the path pattern in `PathPattern` . You can specify the following options:\n\n- `allow-all` : Viewers can use HTTP or HTTPS.\n- `redirect-to-https` : If a viewer submits an HTTP request, CloudFront returns an HTTP status code of 301 (Moved Permanently) to the viewer along with the HTTPS URL. The viewer then resubmits the request using the new URL.\n- `https-only` : If a viewer sends an HTTP request, CloudFront returns an HTTP status code of 403 (Forbidden).\n\nFor more information about requiring the HTTPS protocol, see [Requiring HTTPS Between Viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-https-viewers-to-cloudfront.html) in the *Amazon CloudFront Developer Guide* .\n\n> The only way to guarantee that viewers retrieve an object that was fetched from the origin using HTTPS is never to use any other protocol to fetch the object. If you have recently changed from HTTP to HTTPS, we recommend that you clear your objects' cache because cached objects are protocol agnostic. That means that an edge location will return an object from the cache regardless of whether the current request protocol matches the protocol used previously. For more information, see [Managing Cache Expiration](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* ." }, "AWS::CloudFront::Distribution Definition": { "StringSchema": "" }, "AWS::CloudFront::Distribution DistributionConfig": { - "Aliases": "A complex type that contains information about CNAMEs (alternate domain names), if any, for this distribution.", - "AnycastIpListId": "ID of the Anycast static IP list that is associated with the distribution.", + "Aliases": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nA complex type that contains information about CNAMEs (alternate domain names), if any, for this distribution.", + "AnycastIpListId": "> To use this field for a multi-tenant distribution, use a connection group instead. For more information, see [ConnectionGroup](https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ConnectionGroup.html) . \n\nID of the Anycast static IP list that is associated with the distribution.", "CNAMEs": "An alias for the CloudFront distribution's domain name.\n\n> This property is legacy. We recommend that you use [Aliases](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-distributionconfig.html#cfn-cloudfront-distribution-distributionconfig-aliases) instead.", "CacheBehaviors": "A complex type that contains zero or more `CacheBehavior` elements.", "Comment": "A comment to describe the distribution. The comment cannot be longer than 128 characters.", - "ConnectionMode": "The connection mode to filter distributions by.", - "ContinuousDeploymentPolicyId": "The identifier of a continuous deployment policy. For more information, see `CreateContinuousDeploymentPolicy` .", + "ConnectionMode": "This field specifies whether the connection mode is through a standard distribution (direct) or a multi-tenant distribution with distribution tenants (tenant-only).", + "ContinuousDeploymentPolicyId": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThe identifier of a continuous deployment policy. For more information, see `CreateContinuousDeploymentPolicy` .", "CustomErrorResponses": "A complex type that controls the following:\n\n- Whether CloudFront replaces HTTP status codes in the 4xx and 5xx range with custom error messages before returning the response to the viewer.\n- How long CloudFront caches HTTP status codes in the 4xx and 5xx range.\n\nFor more information about custom error pages, see [Customizing Error Responses](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/custom-error-pages.html) in the *Amazon CloudFront Developer Guide* .", "CustomOrigin": "The user-defined HTTP server that serves as the origin for content that CloudFront distributes.\n\n> This property is legacy. We recommend that you use [Origin](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-origin.html) instead.", "DefaultCacheBehavior": "A complex type that describes the default cache behavior if you don't specify a `CacheBehavior` element or if files don't match any of the values of `PathPattern` in `CacheBehavior` elements. You must create exactly one default cache behavior.", "DefaultRootObject": "When a viewer requests the root URL for your distribution, the default root object is the object that you want CloudFront to request from your origin. For example, if your root URL is `https://www.example.com` , you can specify CloudFront to return the `index.html` file as the default root object. You can specify a default root object so that viewers see a specific file or object, instead of another object in your distribution (for example, `https://www.example.com/product-description.html` ). A default root object avoids exposing the contents of your distribution.\n\nYou can specify the object name or a path to the object name (for example, `index.html` or `exampleFolderName/index.html` ). Your string can't begin with a forward slash ( `/` ). Only specify the object name or the path to the object.\n\nIf you don't want to specify a default root object when you create a distribution, include an empty `DefaultRootObject` element.\n\nTo delete the default root object from an existing distribution, update the distribution configuration and include an empty `DefaultRootObject` element.\n\nTo replace the default root object, update the distribution configuration and specify the new object.\n\nFor more information about the default root object, see [Specify a default root object](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DefaultRootObject.html) in the *Amazon CloudFront Developer Guide* .", "Enabled": "From this field, you can enable or disable the selected distribution.", "HttpVersion": "(Optional) Specify the HTTP version(s) that you want viewers to use to communicate with CloudFront . The default value for new distributions is `http1.1` .\n\nFor viewers and CloudFront to use HTTP/2, viewers must support TLSv1.2 or later, and must support Server Name Indication (SNI).\n\nFor viewers and CloudFront to use HTTP/3, viewers must support TLSv1.3 and Server Name Indication (SNI). CloudFront supports HTTP/3 connection migration to allow the viewer to switch networks without losing connection. For more information about connection migration, see [Connection Migration](https://docs.aws.amazon.com/https://www.rfc-editor.org/rfc/rfc9000.html#name-connection-migration) at RFC 9000. For more information about supported TLSv1.3 ciphers, see [Supported protocols and ciphers between viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/secure-connections-supported-viewer-protocols-ciphers.html) .", - "IPV6Enabled": "If you want CloudFront to respond to IPv6 DNS requests with an IPv6 address for your distribution, specify `true` . If you specify `false` , CloudFront responds to IPv6 DNS requests with the DNS response code `NOERROR` and with no IP addresses. This allows viewers to submit a second request, for an IPv4 address for your distribution.\n\nIn general, you should enable IPv6 if you have users on IPv6 networks who want to access your content. However, if you're using signed URLs or signed cookies to restrict access to your content, and if you're using a custom policy that includes the `IpAddress` parameter to restrict the IP addresses that can access your content, don't enable IPv6. If you want to restrict access to some content by IP address and not restrict access to other content (or restrict access but not by IP address), you can create two distributions. For more information, see [Creating a Signed URL Using a Custom Policy](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-creating-signed-url-custom-policy.html) in the *Amazon CloudFront Developer Guide* .\n\nIf you're using an Amazon Route\u00a053 AWS Integration alias resource record set to route traffic to your CloudFront distribution, you need to create a second alias resource record set when both of the following are true:\n\n- You enable IPv6 for the distribution\n- You're using alternate domain names in the URLs for your objects\n\nFor more information, see [Routing Traffic to an Amazon CloudFront Web Distribution by Using Your Domain Name](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-to-cloudfront-distribution.html) in the *Amazon Route\u00a053 AWS Integration Developer Guide* .\n\nIf you created a CNAME resource record set, either with Amazon Route\u00a053 AWS Integration or with another DNS service, you don't need to make any changes. A CNAME record will route traffic to your distribution regardless of the IP address format of the viewer request.", + "IPV6Enabled": "> To use this field for a multi-tenant distribution, use a connection group instead. For more information, see [ConnectionGroup](https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ConnectionGroup.html) . \n\nIf you want CloudFront to respond to IPv6 DNS requests with an IPv6 address for your distribution, specify `true` . If you specify `false` , CloudFront responds to IPv6 DNS requests with the DNS response code `NOERROR` and with no IP addresses. This allows viewers to submit a second request, for an IPv4 address for your distribution.\n\nIn general, you should enable IPv6 if you have users on IPv6 networks who want to access your content. However, if you're using signed URLs or signed cookies to restrict access to your content, and if you're using a custom policy that includes the `IpAddress` parameter to restrict the IP addresses that can access your content, don't enable IPv6. If you want to restrict access to some content by IP address and not restrict access to other content (or restrict access but not by IP address), you can create two distributions. For more information, see [Creating a Signed URL Using a Custom Policy](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-creating-signed-url-custom-policy.html) in the *Amazon CloudFront Developer Guide* .\n\nIf you're using an Amazon Route\u00a053 AWS Integration alias resource record set to route traffic to your CloudFront distribution, you need to create a second alias resource record set when both of the following are true:\n\n- You enable IPv6 for the distribution\n- You're using alternate domain names in the URLs for your objects\n\nFor more information, see [Routing Traffic to an Amazon CloudFront Web Distribution by Using Your Domain Name](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-to-cloudfront-distribution.html) in the *Amazon Route\u00a053 AWS Integration Developer Guide* .\n\nIf you created a CNAME resource record set, either with Amazon Route\u00a053 AWS Integration or with another DNS service, you don't need to make any changes. A CNAME record will route traffic to your distribution regardless of the IP address format of the viewer request.", "Logging": "A complex type that controls whether access logs are written for the distribution.\n\nFor more information about logging, see [Access Logs](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/AccessLogs.html) in the *Amazon CloudFront Developer Guide* .", "OriginGroups": "A complex type that contains information about origin groups for this distribution.\n\nSpecify a value for either the `Origins` or `OriginGroups` property.", "Origins": "A complex type that contains information about origins for this distribution.\n\nSpecify a value for either the `Origins` or `OriginGroups` property.", - "PriceClass": "The price class that corresponds with the maximum price that you want to pay for CloudFront service. If you specify `PriceClass_All` , CloudFront responds to requests for your objects from all CloudFront edge locations.\n\nIf you specify a price class other than `PriceClass_All` , CloudFront serves your objects from the CloudFront edge location that has the lowest latency among the edge locations in your price class. Viewers who are in or near regions that are excluded from your specified price class may encounter slower performance.\n\nFor more information about price classes, see [Choosing the Price Class for a CloudFront Distribution](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PriceClass.html) in the *Amazon CloudFront Developer Guide* . For information about CloudFront pricing, including how price classes (such as Price Class 100) map to CloudFront regions, see [Amazon CloudFront Pricing](https://docs.aws.amazon.com/cloudfront/pricing/) .", + "PriceClass": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThe price class that corresponds with the maximum price that you want to pay for CloudFront service. If you specify `PriceClass_All` , CloudFront responds to requests for your objects from all CloudFront edge locations.\n\nIf you specify a price class other than `PriceClass_All` , CloudFront serves your objects from the CloudFront edge location that has the lowest latency among the edge locations in your price class. Viewers who are in or near regions that are excluded from your specified price class may encounter slower performance.\n\nFor more information about price classes, see [Choosing the Price Class for a CloudFront Distribution](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PriceClass.html) in the *Amazon CloudFront Developer Guide* . For information about CloudFront pricing, including how price classes (such as Price Class 100) map to CloudFront regions, see [Amazon CloudFront Pricing](https://docs.aws.amazon.com/cloudfront/pricing/) .", "Restrictions": "A complex type that identifies ways in which you want to restrict distribution of your content.", "S3Origin": "The origin as an Amazon S3 bucket.\n\n> This property is legacy. We recommend that you use [Origin](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-origin.html) instead.", - "Staging": "A Boolean that indicates whether this is a staging distribution. When this value is `true` , this is a staging distribution. When this value is `false` , this is not a staging distribution.", - "TenantConfig": "A distribution tenant configuration.", + "Staging": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nA Boolean that indicates whether this is a staging distribution. When this value is `true` , this is a staging distribution. When this value is `false` , this is not a staging distribution.", + "TenantConfig": "> This field only supports multi-tenant distributions. You can't specify this field for standard distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nA distribution tenant configuration.", "ViewerCertificate": "A complex type that determines the distribution's SSL/TLS configuration for communicating with viewers.", - "WebACLId": "A unique identifier that specifies the AWS WAF web ACL, if any, to associate with this distribution. To specify a web ACL created using the latest version of AWS WAF , use the ACL ARN, for example `arn:aws:wafv2:us-east-1:123456789012:global/webacl/ExampleWebACL/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111` . To specify a web ACL created using AWS WAF Classic, use the ACL ID, for example `a1b2c3d4-5678-90ab-cdef-EXAMPLE11111` .\n\nAWS WAF is a web application firewall that lets you monitor the HTTP and HTTPS requests that are forwarded to CloudFront, and lets you control access to your content. Based on conditions that you specify, such as the IP addresses that requests originate from or the values of query strings, CloudFront responds to requests either with the requested content or with an HTTP 403 status code (Forbidden). You can also configure CloudFront to return a custom error page when a request is blocked. For more information about AWS WAF , see the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/what-is-aws-waf.html) ." + "WebACLId": "> Multi-tenant distributions only support AWS WAF V2 web ACLs. \n\nA unique identifier that specifies the AWS WAF web ACL, if any, to associate with this distribution. To specify a web ACL created using the latest version of AWS WAF , use the ACL ARN, for example `arn:aws:wafv2:us-east-1:123456789012:global/webacl/ExampleWebACL/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111` . To specify a web ACL created using AWS WAF Classic, use the ACL ID, for example `a1b2c3d4-5678-90ab-cdef-EXAMPLE11111` .\n\nAWS WAF is a web application firewall that lets you monitor the HTTP and HTTPS requests that are forwarded to CloudFront, and lets you control access to your content. Based on conditions that you specify, such as the IP addresses that requests originate from or the values of query strings, CloudFront responds to requests either with the requested content or with an HTTP 403 status code (Forbidden). You can also configure CloudFront to return a custom error page when a request is blocked. For more information about AWS WAF , see the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/what-is-aws-waf.html) ." }, "AWS::CloudFront::Distribution ForwardedValues": { "Cookies": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include cookies in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send cookies to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nA complex type that specifies whether you want CloudFront to forward cookies to the origin and, if so, which ones. For more information about forwarding cookies to the origin, see [How CloudFront Forwards, Caches, and Logs Cookies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Cookies.html) in the *Amazon CloudFront Developer Guide* .", @@ -7991,6 +8119,7 @@ "OriginCustomHeaders": "A list of HTTP header names and values that CloudFront adds to the requests that it sends to the origin.\n\nFor more information, see [Adding Custom Headers to Origin Requests](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/add-origin-custom-headers.html) in the *Amazon CloudFront Developer Guide* .", "OriginPath": "An optional path that CloudFront appends to the origin domain name when CloudFront requests content from the origin.\n\nFor more information, see [Origin Path](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginPath) in the *Amazon CloudFront Developer Guide* .", "OriginShield": "CloudFront Origin Shield. Using Origin Shield can help reduce the load on your origin.\n\nFor more information, see [Using Origin Shield](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/origin-shield.html) in the *Amazon CloudFront Developer Guide* .", + "ResponseCompletionTimeout": "", "S3OriginConfig": "Use this type to specify an origin that is an Amazon S3 bucket that is not configured with static website hosting. To specify any other type of origin, including an Amazon S3 bucket that is configured with static website hosting, use the `CustomOriginConfig` type instead.", "VpcOriginConfig": "The VPC origin configuration." }, @@ -8030,7 +8159,8 @@ "GeoRestriction": "A complex type that controls the countries in which your content is distributed. CloudFront determines the location of your users using `MaxMind` GeoIP databases. To disable geo restriction, remove the [Restrictions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-distributionconfig.html#cfn-cloudfront-distribution-distributionconfig-restrictions) property from your stack template." }, "AWS::CloudFront::Distribution S3OriginConfig": { - "OriginAccessIdentity": "> If you're using origin access control (OAC) instead of origin access identity, specify an empty `OriginAccessIdentity` element. For more information, see [Restricting access to an AWS](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-origin.html) in the *Amazon CloudFront Developer Guide* . \n\nThe CloudFront origin access identity to associate with the origin. Use an origin access identity to configure the origin so that viewers can *only* access objects in an Amazon S3 bucket through CloudFront. The format of the value is:\n\n`origin-access-identity/cloudfront/ID-of-origin-access-identity`\n\nThe `*ID-of-origin-access-identity*` is the value that CloudFront returned in the `ID` element when you created the origin access identity.\n\nIf you want viewers to be able to access objects using either the CloudFront URL or the Amazon S3 URL, specify an empty `OriginAccessIdentity` element.\n\nTo delete the origin access identity from an existing distribution, update the distribution configuration and include an empty `OriginAccessIdentity` element.\n\nTo replace the origin access identity, update the distribution configuration and specify the new origin access identity.\n\nFor more information about the origin access identity, see [Serving Private Content through CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* ." + "OriginAccessIdentity": "> If you're using origin access control (OAC) instead of origin access identity, specify an empty `OriginAccessIdentity` element. For more information, see [Restricting access to an AWS](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-origin.html) in the *Amazon CloudFront Developer Guide* . \n\nThe CloudFront origin access identity to associate with the origin. Use an origin access identity to configure the origin so that viewers can *only* access objects in an Amazon S3 bucket through CloudFront. The format of the value is:\n\n`origin-access-identity/cloudfront/ID-of-origin-access-identity`\n\nThe `*ID-of-origin-access-identity*` is the value that CloudFront returned in the `ID` element when you created the origin access identity.\n\nIf you want viewers to be able to access objects using either the CloudFront URL or the Amazon S3 URL, specify an empty `OriginAccessIdentity` element.\n\nTo delete the origin access identity from an existing distribution, update the distribution configuration and include an empty `OriginAccessIdentity` element.\n\nTo replace the origin access identity, update the distribution configuration and specify the new origin access identity.\n\nFor more information about the origin access identity, see [Serving Private Content through CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", + "OriginReadTimeout": "" }, "AWS::CloudFront::Distribution StatusCodes": { "Items": "The items (status codes) for an origin group.", @@ -8051,13 +8181,13 @@ "AWS::CloudFront::Distribution ViewerCertificate": { "AcmCertificateArn": "> In CloudFormation, this field name is `AcmCertificateArn` . Note the different capitalization. \n\nIf the distribution uses `Aliases` (alternate domain names or CNAMEs) and the SSL/TLS certificate is stored in [AWS Certificate Manager (ACM)](https://docs.aws.amazon.com/acm/latest/userguide/acm-overview.html) , provide the Amazon Resource Name (ARN) of the ACM certificate. CloudFront only supports ACM certificates in the US East (N. Virginia) Region ( `us-east-1` ).\n\nIf you specify an ACM certificate ARN, you must also specify values for `MinimumProtocolVersion` and `SSLSupportMethod` . (In CloudFormation, the field name is `SslSupportMethod` . Note the different capitalization.)", "CloudFrontDefaultCertificate": "If the distribution uses the CloudFront domain name such as `d111111abcdef8.cloudfront.net` , set this field to `true` .\n\nIf the distribution uses `Aliases` (alternate domain names or CNAMEs), omit this field and specify values for the following fields:\n\n- `AcmCertificateArn` or `IamCertificateId` (specify a value for one, not both)\n- `MinimumProtocolVersion`\n- `SslSupportMethod`", - "IamCertificateId": "> In CloudFormation, this field name is `IamCertificateId` . Note the different capitalization. \n\nIf the distribution uses `Aliases` (alternate domain names or CNAMEs) and the SSL/TLS certificate is stored in [AWS Identity and Access Management (IAM)](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html) , provide the ID of the IAM certificate.\n\nIf you specify an IAM certificate ID, you must also specify values for `MinimumProtocolVersion` and `SSLSupportMethod` . (In CloudFormation, the field name is `SslSupportMethod` . Note the different capitalization.)", + "IamCertificateId": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . > In CloudFormation, this field name is `IamCertificateId` . Note the different capitalization. \n\nIf the distribution uses `Aliases` (alternate domain names or CNAMEs) and the SSL/TLS certificate is stored in [AWS Identity and Access Management (IAM)](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html) , provide the ID of the IAM certificate.\n\nIf you specify an IAM certificate ID, you must also specify values for `MinimumProtocolVersion` and `SSLSupportMethod` . (In CloudFormation, the field name is `SslSupportMethod` . Note the different capitalization.)", "MinimumProtocolVersion": "If the distribution uses `Aliases` (alternate domain names or CNAMEs), specify the security policy that you want CloudFront to use for HTTPS connections with viewers. The security policy determines two settings:\n\n- The minimum SSL/TLS protocol that CloudFront can use to communicate with viewers.\n- The ciphers that CloudFront can use to encrypt the content that it returns to viewers.\n\nFor more information, see [Security Policy](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValues-security-policy) and [Supported Protocols and Ciphers Between Viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/secure-connections-supported-viewer-protocols-ciphers.html#secure-connections-supported-ciphers) in the *Amazon CloudFront Developer Guide* .\n\n> On the CloudFront console, this setting is called *Security Policy* . \n\nWhen you're using SNI only (you set `SSLSupportMethod` to `sni-only` ), you must specify `TLSv1` or higher. (In CloudFormation, the field name is `SslSupportMethod` . Note the different capitalization.)\n\nIf the distribution uses the CloudFront domain name such as `d111111abcdef8.cloudfront.net` (you set `CloudFrontDefaultCertificate` to `true` ), CloudFront automatically sets the security policy to `TLSv1` regardless of the value that you set here.", "SslSupportMethod": "> In CloudFormation, this field name is `SslSupportMethod` . Note the different capitalization. \n\nIf the distribution uses `Aliases` (alternate domain names or CNAMEs), specify which viewers the distribution accepts HTTPS connections from.\n\n- `sni-only` \u2013 The distribution accepts HTTPS connections from only viewers that support [server name indication (SNI)](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Server_Name_Indication) . This is recommended. Most browsers and clients support SNI.\n- `vip` \u2013 The distribution accepts HTTPS connections from all viewers including those that don't support SNI. This is not recommended, and results in additional monthly charges from CloudFront.\n- `static-ip` - Do not specify this value unless your distribution has been enabled for this feature by the CloudFront team. If you have a use case that requires static IP addresses for a distribution, contact CloudFront through the [Support Center](https://docs.aws.amazon.com/support/home) .\n\nIf the distribution uses the CloudFront domain name such as `d111111abcdef8.cloudfront.net` , don't set a value for this field." }, "AWS::CloudFront::Distribution VpcOriginConfig": { - "OriginKeepaliveTimeout": "Specifies how long, in seconds, CloudFront persists its connection to the origin. The minimum timeout is 1 second, the maximum is 60 seconds, and the default (if you don't specify otherwise) is 5 seconds.\n\nFor more information, see [Keep-alive timeout (custom origins only)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginKeepaliveTimeout) in the *Amazon CloudFront Developer Guide* .", - "OriginReadTimeout": "Specifies how long, in seconds, CloudFront waits for a response from the origin. This is also known as the *origin response timeout* . The minimum timeout is 1 second, the maximum is 60 seconds, and the default (if you don't specify otherwise) is 30 seconds.\n\nFor more information, see [Response timeout (custom origins only)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginResponseTimeout) in the *Amazon CloudFront Developer Guide* .", + "OriginKeepaliveTimeout": "Specifies how long, in seconds, CloudFront persists its connection to the origin. The minimum timeout is 1 second, the maximum is 120 seconds, and the default (if you don't specify otherwise) is 5 seconds.\n\nFor more information, see [Keep-alive timeout (custom origins only)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DownloadDistValuesOrigin.html#DownloadDistValuesOriginKeepaliveTimeout) in the *Amazon CloudFront Developer Guide* .", + "OriginReadTimeout": "Specifies how long, in seconds, CloudFront waits for a response from the origin. This is also known as the *origin response timeout* . The minimum timeout is 1 second, the maximum is 120 seconds, and the default (if you don't specify otherwise) is 30 seconds.\n\nFor more information, see [Response timeout (custom origins only)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DownloadDistValuesOrigin.html#DownloadDistValuesOriginResponseTimeout) in the *Amazon CloudFront Developer Guide* .", "VpcOriginId": "The VPC origin ID." }, "AWS::CloudFront::DistributionTenant": { @@ -8334,7 +8464,7 @@ "HTTPSPort": "The HTTPS port of the CloudFront VPC origin endpoint configuration. The default value is `443` .", "Name": "The name of the CloudFront VPC origin endpoint configuration.", "OriginProtocolPolicy": "The origin protocol policy for the CloudFront VPC origin endpoint configuration.", - "OriginSSLProtocols": "Specifies the minimum SSL/TLS protocol that CloudFront uses when connecting to your origin over HTTPS. Valid values include `SSLv3` , `TLSv1` , `TLSv1.1` , and `TLSv1.2` .\n\nFor more information, see [Minimum Origin SSL Protocol](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginSSLProtocols) in the *Amazon CloudFront Developer Guide* ." + "OriginSSLProtocols": "Specifies the minimum SSL/TLS protocol that CloudFront uses when connecting to your origin over HTTPS. Valid values include `SSLv3` , `TLSv1` , `TLSv1.1` , and `TLSv1.2` .\n\nFor more information, see [Minimum Origin SSL Protocol](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DownloadDistValuesOrigin.html#DownloadDistValuesOriginSSLProtocols) in the *Amazon CloudFront Developer Guide* ." }, "AWS::CloudTrail::Channel": { "Destinations": "One or more event data stores to which events arriving through a channel will be logged.", @@ -10151,6 +10281,7 @@ "Value": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -" }, "AWS::Connect::EvaluationForm": { + "AutoEvaluationConfiguration": "", "Description": "The description of the evaluation form.\n\n*Length Constraints* : Minimum length of 0. Maximum length of 1024.", "InstanceArn": "The identifier of the Amazon Connect instance.", "Items": "Items that are part of the evaluation form. The total number of sections and questions must not exceed 100 each. Questions must be contained in a section.\n\n*Minimum size* : 1\n\n*Maximum size* : 100", @@ -10159,6 +10290,9 @@ "Tags": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "Title": "A title of the evaluation form." }, + "AWS::Connect::EvaluationForm AutoEvaluationConfiguration": { + "Enabled": "" + }, "AWS::Connect::EvaluationForm EvaluationFormBaseItem": { "Section": "A subsection or inner section of an item." }, @@ -10167,6 +10301,7 @@ "Section": "The information of the section." }, "AWS::Connect::EvaluationForm EvaluationFormNumericQuestionAutomation": { + "AnswerSource": "", "PropertyValue": "The property value of the automation." }, "AWS::Connect::EvaluationForm EvaluationFormNumericQuestionOption": { @@ -10286,7 +10421,12 @@ "ContactLens": "", "ContactflowLogs": "", "EarlyMedia": "", + "EnhancedChatMonitoring": "", + "EnhancedContactMonitoring": "", + "HighVolumeOutBound": "", "InboundCalls": "", + "MultiPartyChatConference": "", + "MultiPartyConference": "", "OutboundCalls": "", "UseCustomTTSVoices": "" }, @@ -10756,7 +10896,8 @@ "CommunicationLimitList": "The list of CommunicationLimits." }, "AWS::ConnectCampaignsV2::Campaign CommunicationLimitsConfig": { - "AllChannelsSubtypes": "The CommunicationLimits that apply to all channel subtypes defined in an outbound campaign." + "AllChannelsSubtypes": "The CommunicationLimits that apply to all channel subtypes defined in an outbound campaign.", + "InstanceLimitsHandling": "Opt-in or Opt-out from instance-level limits." }, "AWS::ConnectCampaignsV2::Campaign CommunicationTimeConfig": { "Email": "The communication time configuration for the email channel subtype.", @@ -10900,7 +11041,8 @@ "DisplayName": "The display name of the calculated attribute.", "DomainName": "The unique name of the domain.", "Statistic": "The aggregation operation to perform for the calculated attribute.", - "Tags": "An array of key-value pairs to apply to this resource." + "Tags": "An array of key-value pairs to apply to this resource.", + "UseHistoricalData": "Whether historical data ingested before the Calculated Attribute was created should be included in calculations." }, "AWS::CustomerProfiles::CalculatedAttributeDefinition AttributeDetails": { "Attributes": "Mathematical expression and a list of attribute items specified in that expression.", @@ -10915,8 +11057,15 @@ "Threshold": "The threshold for the calculated attribute." }, "AWS::CustomerProfiles::CalculatedAttributeDefinition Range": { + "TimestampFormat": "The format the timestamp field in your JSON object is specified. This value should be one of EPOCHMILLI (for Unix epoch timestamps with second/millisecond level precision) or ISO_8601 (following ISO_8601 format with second/millisecond level precision, with an optional offset of Z or in the format HH:MM or HHMM.). E.g. if your object type is MyType and source JSON is {\"generatedAt\": {\"timestamp\": \"2001-07-04T12:08:56.235-0700\"}}, then TimestampFormat should be \"ISO_8601\"", + "TimestampSource": "An expression specifying the field in your JSON object from which the date should be parsed. The expression should follow the structure of \\\"{ObjectTypeName.}\\\". E.g. if your object type is MyType and source JSON is {\"generatedAt\": {\"timestamp\": \"1737587945945\"}}, then TimestampSource should be \"{MyType.generatedAt.timestamp}\"", "Unit": "The unit of time.", - "Value": "The amount of time of the specified unit." + "Value": "The amount of time of the specified unit.", + "ValueRange": "A structure letting customers specify a relative time window over which over which data is included in the Calculated Attribute. Use positive numbers to indicate that the endpoint is in the past, and negative numbers to indicate it is in the future. ValueRange overrides Value." + }, + "AWS::CustomerProfiles::CalculatedAttributeDefinition Readiness": { + "Message": "Any customer messaging.", + "ProgressPercentage": "Approximately how far the Calculated Attribute creation is from completion." }, "AWS::CustomerProfiles::CalculatedAttributeDefinition Tag": { "Key": "", @@ -10926,6 +11075,10 @@ "Operator": "The operator of the threshold.", "Value": "The value of the threshold." }, + "AWS::CustomerProfiles::CalculatedAttributeDefinition ValueRange": { + "End": "The ending point for this overridden range. Positive numbers indicate how many days in the past data should be included, and negative numbers indicate how many days in the future.", + "Start": "The starting point for this overridden range. Positive numbers indicate how many days in the past data should be included, and negative numbers indicate how many days in the future." + }, "AWS::CustomerProfiles::Domain": { "DeadLetterQueueUrl": "The URL of the SQS dead letter queue, which is used for reporting errors associated with ingesting data from third party applications. You must set up a policy on the `DeadLetterQueue` for the `SendMessage` operation to enable Amazon Connect Customer Profiles to send messages to the `DeadLetterQueue` .", "DefaultEncryptionKey": "The default encryption key, which is an AWS managed key, is used when no specific type of encryption key is specified. It is used to encrypt all data before it is placed in permanent or semi-permanent storage.", @@ -11146,6 +11299,7 @@ "ExpirationDays": "The number of days until the data of this type expires.", "Fields": "A list of field definitions for the object type mapping.", "Keys": "A list of keys that can be used to map data to the profile or search for the profile.", + "MaxProfileObjectCount": "The amount of profile object max count assigned to the object type.", "ObjectTypeName": "The name of the profile object type.", "SourceLastUpdatedTimestampFormat": "The format of your sourceLastUpdatedTimestamp that was previously set up.", "Tags": "The tags used to organize, track, or control access for this resource.", @@ -11239,12 +11393,17 @@ "PartyTypeString": "A field to describe values to segment on within partyTypeString.", "PersonalEmailAddress": "A field to describe values to segment on within personal email address.", "PhoneNumber": "A field to describe values to segment on within phone number.", + "ProfileType": "The type of profile.", "ShippingAddress": "A field to describe values to segment on within shipping address." }, "AWS::CustomerProfiles::SegmentDefinition ProfileDimension": { "DimensionType": "The action to segment on.", "Values": "" }, + "AWS::CustomerProfiles::SegmentDefinition ProfileTypeDimension": { + "DimensionType": "The action to segment on.", + "Values": "The values to apply the DimensionType on." + }, "AWS::CustomerProfiles::SegmentDefinition RangeOverride": { "End": "The end time of when to include objects.", "Start": "The start time of when to include objects.", @@ -12007,9 +12166,15 @@ }, "AWS::DSQL::Cluster": { "DeletionProtectionEnabled": "Whether deletion protection is enabled on this cluster.", + "KmsEncryptionKey": "", "MultiRegionProperties": "Defines the structure for multi-Region cluster configurations, containing the witness Region and peered cluster settings.", "Tags": "A map of key and value pairs this cluster is tagged with." }, + "AWS::DSQL::Cluster EncryptionDetails": { + "EncryptionStatus": "The status of encryption for the cluster.", + "EncryptionType": "The type of encryption that protects the data on your cluster.", + "KmsKeyArn": "The ARN of the AWS KMS key that encrypts data in the cluster." + }, "AWS::DSQL::Cluster MultiRegionProperties": { "Clusters": "The set of peered clusters that form the multi-Region cluster configuration. Each peered cluster represents a database instance in a different Region.", "WitnessRegion": "The Region that serves as the witness Region for a multi-Region cluster. The witness Region helps maintain cluster consistency and quorum." @@ -12513,7 +12678,7 @@ }, "AWS::DataSync::LocationEFS Ec2Config": { "SecurityGroupArns": "Specifies the Amazon Resource Names (ARNs) of the security groups associated with an Amazon EFS file system's mount target.", - "SubnetArn": "Specifies the ARN of a subnet where DataSync creates the [network interfaces](https://docs.aws.amazon.com/datasync/latest/userguide/datasync-network.html#required-network-interfaces) for managing traffic during your transfer.\n\nThe subnet must be located:\n\n- In the same virtual private cloud (VPC) as the Amazon EFS file system.\n- In the same Availability Zone as at least one mount target for the Amazon EFS file system.\n\n> You don't need to specify a subnet that includes a file system mount target." + "SubnetArn": "Specifies the ARN of a subnet where DataSync creates the [network interfaces](https://docs.aws.amazon.com/datasync/latest/userguide/datasync-network.html#required-network-interfaces.html) for managing traffic during your transfer.\n\nThe subnet must be located:\n\n- In the same virtual private cloud (VPC) as the Amazon EFS file system.\n- In the same Availability Zone as at least one mount target for the Amazon EFS file system.\n\n> You don't need to specify a subnet that includes a file system mount target." }, "AWS::DataSync::LocationEFS Tag": { "Key": "", @@ -12622,7 +12787,7 @@ "AWS::DataSync::LocationNFS": { "MountOptions": "Specifies the options that DataSync can use to mount your NFS file server.", "OnPremConfig": "Specifies the Amazon Resource Name (ARN) of the DataSync agent that can connect to your NFS file server.\n\nYou can specify more than one agent. For more information, see [Using multiple DataSync agents](https://docs.aws.amazon.com/datasync/latest/userguide/do-i-need-datasync-agent.html#multiple-agents) .", - "ServerHostname": "Specifies the DNS name or IP version 4 address of the NFS file server that your DataSync agent connects to.", + "ServerHostname": "Specifies the DNS name or IP address (IPv4 or IPv6) of the NFS file server that your DataSync agent connects to.", "Subdirectory": "Specifies the export path in your NFS file server that you want DataSync to mount.\n\nThis path (or a subdirectory of the path) is where DataSync transfers data to or from. For information on configuring an export for DataSync, see [Accessing NFS file servers](https://docs.aws.amazon.com/datasync/latest/userguide/create-nfs-location.html#accessing-nfs) .", "Tags": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your location." }, @@ -12644,7 +12809,7 @@ "CustomSecretConfig": "Specifies configuration information for a customer-managed Secrets Manager secret where the secret key for a specific object storage location is stored in plain text. This configuration includes the secret ARN, and the ARN for an IAM role that provides access to the secret.\n\n> You can use either `CmkSecretConfig` (with `SecretKey` ) or `CustomSecretConfig` (without `SecretKey` ) to provide credentials for a `CreateLocationObjectStorage` request. Do not provide both parameters for the same request.", "SecretKey": "Specifies the secret key (for example, a password) if credentials are required to authenticate with the object storage server.\n\n> If you provide a secret using `SecretKey` , but do not provide secret configuration details using `CmkSecretConfig` or `CustomSecretConfig` , then DataSync stores the token using your AWS account's Secrets Manager secret.", "ServerCertificate": "Specifies a certificate chain for DataSync to authenticate with your object storage system if the system uses a private or self-signed certificate authority (CA). You must specify a single `.pem` file with a full certificate chain (for example, `file:///home/user/.ssh/object_storage_certificates.pem` ).\n\nThe certificate chain might include:\n\n- The object storage system's certificate\n- All intermediate certificates (if there are any)\n- The root certificate of the signing CA\n\nYou can concatenate your certificates into a `.pem` file (which can be up to 32768 bytes before base64 encoding). The following example `cat` command creates an `object_storage_certificates.pem` file that includes three certificates:\n\n`cat object_server_certificate.pem intermediate_certificate.pem ca_root_certificate.pem > object_storage_certificates.pem`\n\nTo use this parameter, configure `ServerProtocol` to `HTTPS` .", - "ServerHostname": "Specifies the domain name or IP version 4 (IPv4) address of the object storage server that your DataSync agent connects to.", + "ServerHostname": "Specifies the domain name or IP address (IPv4 or IPv6) of the object storage server that your DataSync agent connects to.", "ServerPort": "Specifies the port that your object storage server accepts inbound network traffic on (for example, port 443).", "ServerProtocol": "Specifies the protocol that your object storage server uses to communicate. If not specified, the default value is `HTTPS` .", "Subdirectory": "Specifies the object prefix for your object storage server. If this is a source location, DataSync only copies objects with this prefix. If this is a destination location, DataSync writes all objects with this prefix.", @@ -12689,7 +12854,7 @@ "KerberosPrincipal": "", "MountOptions": "Specifies the version of the SMB protocol that DataSync uses to access your SMB file server.", "Password": "Specifies the password of the user who can mount your SMB file server and has permission to access the files and folders involved in your transfer. This parameter applies only if `AuthenticationType` is set to `NTLM` .", - "ServerHostname": "Specifies the domain name or IP address of the SMB file server that your DataSync agent connects to.\n\nRemember the following when configuring this parameter:\n\n- You can't specify an IP version 6 (IPv6) address.\n- If you're using Kerberos authentication, you must specify a domain name.", + "ServerHostname": "Specifies the domain name or IP address (IPv4 or IPv6) of the SMB file server that your DataSync agent connects to.\n\n> If you're using Kerberos authentication, you must specify a domain name.", "Subdirectory": "Specifies the name of the share exported by your SMB file server where DataSync will read or write data. You can include a subdirectory in the share path (for example, `/path/to/subdirectory` ). Make sure that other SMB clients in your network can also mount this path.\n\nTo copy all data in the subdirectory, DataSync must be able to mount the SMB share and access all of its data. For more information, see [Providing DataSync access to SMB file servers](https://docs.aws.amazon.com/datasync/latest/userguide/create-smb-location.html#configuring-smb-permissions) .", "Tags": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your location.", "User": "Specifies the user that can mount and access the files, folders, and file metadata in your SMB file server. This parameter applies only if `AuthenticationType` is set to `NTLM` .\n\nFor information about choosing a user with the right level of access for your transfer, see [Providing DataSync access to SMB file servers](https://docs.aws.amazon.com/datasync/latest/userguide/create-smb-location.html#configuring-smb-permissions) ." @@ -13062,11 +13227,11 @@ "RegionalParameters": "The regional parameters of the environment blueprint." }, "AWS::DataZone::EnvironmentBlueprintConfiguration LakeFormationConfiguration": { - "LocationRegistrationExcludeS3Locations": "", - "LocationRegistrationRole": "" + "LocationRegistrationExcludeS3Locations": "Specifies certain Amazon S3 locations if you do not want Amazon DataZone to automatically register them in hybrid mode.", + "LocationRegistrationRole": "The role that is used to manage read/write access to the chosen Amazon S3 bucket(s) for Data Lake using AWS Lake Formation hybrid access mode." }, "AWS::DataZone::EnvironmentBlueprintConfiguration ProvisioningConfiguration": { - "LakeFormationConfiguration": "" + "LakeFormationConfiguration": "The Lake Formation configuration of the Data Lake blueprint." }, "AWS::DataZone::EnvironmentBlueprintConfiguration RegionalParameter": { "Parameters": "A string to string map containing parameters for the region.", @@ -13113,18 +13278,18 @@ "DomainUnitId": "The ID of the domain unit. This parameter is not required and if it is not specified, then the project is created at the root domain unit level.", "GlossaryTerms": "The glossary terms that can be used in this Amazon DataZone project.", "Name": "The name of a project.", - "ProjectProfileId": "", - "ProjectProfileVersion": "", - "UserParameters": "" + "ProjectProfileId": "The ID of the project profile.", + "ProjectProfileVersion": "The project profile version to which the project should be updated. You can only specify the following string for this parameter: `latest` .", + "UserParameters": "The user parameters of the project." }, "AWS::DataZone::Project EnvironmentConfigurationUserParameter": { - "EnvironmentConfigurationName": "", - "EnvironmentId": "", - "EnvironmentParameters": "" + "EnvironmentConfigurationName": "The environment configuration name.", + "EnvironmentId": "The ID of the environment.", + "EnvironmentParameters": "The environment parameters." }, "AWS::DataZone::Project EnvironmentParameter": { - "Name": "", - "Value": "" + "Name": "The name of an environment profile parameter.", + "Value": "The value of an environment profile parameter." }, "AWS::DataZone::ProjectMembership": { "Designation": "The designated role of a project member.", @@ -13138,11 +13303,39 @@ }, "AWS::DataZone::ProjectProfile": { "Description": "The description of the project profile.", - "DomainIdentifier": "", - "DomainUnitIdentifier": "", + "DomainIdentifier": "A domain ID of the project profile.", + "DomainUnitIdentifier": "A domain unit ID of the project profile.", + "EnvironmentConfigurations": "Environment configurations of a project profile.", "Name": "The name of a project profile.", "Status": "The status of a project profile." }, + "AWS::DataZone::ProjectProfile AwsAccount": { + "AwsAccountId": "The account ID of a project." + }, + "AWS::DataZone::ProjectProfile EnvironmentConfiguration": { + "AwsAccount": "The AWS account of the environment.", + "AwsRegion": "The AWS Region of the environment.", + "ConfigurationParameters": "The configuration parameters of the environment.", + "DeploymentMode": "The deployment mode of the environment.", + "DeploymentOrder": "The deployment order of the environment.", + "Description": "The environment description.", + "EnvironmentBlueprintId": "The environment blueprint ID.", + "Id": "The environment ID.", + "Name": "The environment name." + }, + "AWS::DataZone::ProjectProfile EnvironmentConfigurationParameter": { + "IsEditable": "Specifies whether the environment parameter is editable.", + "Name": "The name of the environment configuration parameter.", + "Value": "The value of the environment configuration parameter." + }, + "AWS::DataZone::ProjectProfile EnvironmentConfigurationParametersDetails": { + "ParameterOverrides": "The parameter overrides.", + "ResolvedParameters": "The resolved environment configuration parameters.", + "SsmPath": "Ssm path environment configuration parameters." + }, + "AWS::DataZone::ProjectProfile Region": { + "RegionName": "The AWS Region name." + }, "AWS::DataZone::SubscriptionTarget": { "ApplicableAssetTypes": "The asset types included in the subscription target.", "AuthorizedPrincipals": "The authorized principals included in the subscription target.", @@ -13206,8 +13399,8 @@ "Min": "The minimum number of GPU accelerators in the worker host." }, "AWS::Deadline::Fleet AcceleratorSelection": { - "Name": "The name of the chip used by the GPU accelerator.\n\nIf you specify `l4` as the name of the accelerator, you must specify `latest` or `grid:r550` as the runtime.\n\nThe available GPU accelerators are:\n\n- `t4` - NVIDIA T4 Tensor Core GPU\n- `a10g` - NVIDIA A10G Tensor Core GPU\n- `l4` - NVIDIA L4 Tensor Core GPU\n- `l40s` - NVIDIA L40S Tensor Core GPU", - "Runtime": "Specifies the runtime driver to use for the GPU accelerator. You must use the same runtime for all GPUs.\n\nYou can choose from the following runtimes:\n\n- `latest` - Use the latest runtime available for the chip. If you specify `latest` and a new version of the runtime is released, the new version of the runtime is used.\n- `grid:r550` - [NVIDIA vGPU software 17](https://docs.aws.amazon.com/https://docs.nvidia.com/vgpu/17.0/index.html)\n- `grid:r535` - [NVIDIA vGPU software 16](https://docs.aws.amazon.com/https://docs.nvidia.com/vgpu/16.0/index.html)\n\nIf you don't specify a runtime, Deadline Cloud uses `latest` as the default. However, if you have multiple accelerators and specify `latest` for some and leave others blank, Deadline Cloud raises an exception." + "Name": "The name of the chip used by the GPU accelerator.\n\nIf you specify `l4` as the name of the accelerator, you must specify `latest` or `grid:r570` as the runtime.\n\nThe available GPU accelerators are:\n\n- `t4` - NVIDIA T4 Tensor Core GPU\n- `a10g` - NVIDIA A10G Tensor Core GPU\n- `l4` - NVIDIA L4 Tensor Core GPU\n- `l40s` - NVIDIA L40S Tensor Core GPU", + "Runtime": "Specifies the runtime driver to use for the GPU accelerator. You must use the same runtime for all GPUs.\n\nYou can choose from the following runtimes:\n\n- `latest` - Use the latest runtime available for the chip. If you specify `latest` and a new version of the runtime is released, the new version of the runtime is used.\n- `grid:r570` - [NVIDIA vGPU software 18](https://docs.aws.amazon.com/https://docs.nvidia.com/vgpu/18.0/index.html)\n- `grid:r535` - [NVIDIA vGPU software 16](https://docs.aws.amazon.com/https://docs.nvidia.com/vgpu/16.0/index.html)\n\nIf you don't specify a runtime, Deadline Cloud uses `latest` as the default. However, if you have multiple accelerators and specify `latest` for some and leave others blank, Deadline Cloud raises an exception." }, "AWS::Deadline::Fleet AcceleratorTotalMemoryMiBRange": { "Max": "The maximum amount of memory to use for the accelerator, measured in MiB.", @@ -13548,11 +13741,13 @@ "DeletionProtection": "Protects clusters from being accidentally deleted. If enabled, the cluster cannot be deleted unless it is modified and `DeletionProtection` is disabled.", "EnableCloudwatchLogsExports": "The list of log types that need to be enabled for exporting to Amazon CloudWatch Logs. You can enable audit logs or profiler logs. For more information, see [Auditing Amazon DocumentDB Events](https://docs.aws.amazon.com/documentdb/latest/developerguide/event-auditing.html) and [Profiling Amazon DocumentDB Operations](https://docs.aws.amazon.com/documentdb/latest/developerguide/profiling.html) .", "EngineVersion": "The version number of the database engine to use. The `--engine-version` will default to the latest major engine version. For production workloads, we recommend explicitly declaring this parameter with the intended major engine version.\n\nIf you intend to trigger an in-place upgrade, please refer to [Amazon DocumentDB in-place major version upgrade](https://docs.aws.amazon.com/documentdb/latest/developerguide/docdb-mvu.html) . Note that for an in-place engine version upgrade, you need to remove other cluster properties changes (e.g. SecurityGroupId) from the CFN template.", + "GlobalClusterIdentifier": "The cluster identifier of the new global cluster.", "KmsKeyId": "The AWS KMS key identifier for an encrypted cluster.\n\nThe AWS KMS key identifier is the Amazon Resource Name (ARN) for the AWS KMS encryption key. If you are creating a cluster using the same AWS account that owns the AWS KMS encryption key that is used to encrypt the new cluster, you can use the AWS KMS key alias instead of the ARN for the AWS KMS encryption key.\n\nIf an encryption key is not specified in `KmsKeyId` :\n\n- If the `StorageEncrypted` parameter is `true` , Amazon DocumentDB uses your default encryption key.\n\nAWS KMS creates the default encryption key for your AWS account . Your AWS account has a different default encryption key for each AWS Regions .", "ManageMasterUserPassword": "Specifies whether to manage the master user password with Amazon Web Services Secrets Manager.\n\nConstraint: You can't manage the master user password with Amazon Web Services Secrets Manager if `MasterUserPassword` is specified.", "MasterUserPassword": "The password for the master database user. This password can contain any printable ASCII character except forward slash (/), double quote (\"), or the \"at\" symbol (@).\n\nConstraints: Must contain from 8 to 100 characters.", "MasterUserSecretKmsKeyId": "The Amazon Web Services KMS key identifier to encrypt a secret that is automatically generated and managed in Amazon Web Services Secrets Manager. This setting is valid only if the master user password is managed by Amazon DocumentDB in Amazon Web Services Secrets Manager for the DB cluster.\n\nThe Amazon Web Services KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key. To use a KMS key in a different Amazon Web Services account, specify the key ARN or alias ARN.\n\nIf you don't specify `MasterUserSecretKmsKeyId` , then the `aws/secretsmanager` KMS key is used to encrypt the secret. If the secret is in a different Amazon Web Services account, then you can't use the `aws/secretsmanager` KMS key to encrypt the secret, and you must use a customer managed KMS key.\n\nThere is a default KMS key for your Amazon Web Services account. Your Amazon Web Services account has a different default KMS key for each Amazon Web Services Region.", "MasterUsername": "The name of the master user for the cluster.\n\nConstraints:\n\n- Must be from 1 to 63 letters or numbers.\n- The first character must be a letter.\n- Cannot be a reserved word for the chosen database engine.", + "NetworkType": "", "Port": "Specifies the port that the database engine is listening on.", "PreferredBackupWindow": "The daily time range during which automated backups are created if automated backups are enabled using the `BackupRetentionPeriod` parameter.\n\nThe default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region .\n\nConstraints:\n\n- Must be in the format `hh24:mi-hh24:mi` .\n- Must be in Universal Coordinated Time (UTC).\n- Must not conflict with the preferred maintenance window.\n- Must be at least 30 minutes.", "PreferredMaintenanceWindow": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n\nFormat: `ddd:hh24:mi-ddd:hh24:mi`\n\nThe default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region , occurring on a random day of the week.\n\nValid days: Mon, Tue, Wed, Thu, Fri, Sat, Sun\n\nConstraints: Minimum 30-minute window.", @@ -13645,11 +13840,13 @@ "AttributeDefinitions": "A list of attributes that describe the key schema for the global table and indexes.", "BillingMode": "Specifies how you are charged for read and write throughput and how you manage capacity. Valid values are:\n\n- `PAY_PER_REQUEST`\n- `PROVISIONED`\n\nAll replicas in your global table will have the same billing mode. If you use `PROVISIONED` billing mode, you must provide an auto scaling configuration via the `WriteProvisionedThroughputSettings` property. The default value of this property is `PROVISIONED` .", "GlobalSecondaryIndexes": "Global secondary indexes to be created on the global table. You can create up to 20 global secondary indexes. Each replica in your global table will have the same global secondary index settings. You can only create or delete one global secondary index in a single stack operation.\n\nSince the backfilling of an index could take a long time, CloudFormation does not wait for the index to become active. If a stack operation rolls back, CloudFormation might not delete an index that has been added. In that case, you will need to delete the index manually.", + "GlobalTableWitnesses": "The list of witnesses of the MRSC global table. Only one witness Region can be configured per MRSC global table.", "KeySchema": "Specifies the attributes that make up the primary key for the table. The attributes in the `KeySchema` property must also be defined in the `AttributeDefinitions` property.", "LocalSecondaryIndexes": "Local secondary indexes to be created on the table. You can create up to five local secondary indexes. Each index is scoped to a given hash key value. The size of each hash key can be up to 10 gigabytes. Each replica in your global table will have the same local secondary index settings.", - "Replicas": "Specifies the list of replicas for your global table. The list must contain at least one element, the region where the stack defining the global table is deployed. For example, if you define your table in a stack deployed to us-east-1, you must have an entry in `Replicas` with the region us-east-1. You cannot remove the replica in the stack region.\n\n> Adding a replica might take a few minutes for an empty table, or up to several hours for large tables. If you want to add or remove a replica, we recommend submitting an `UpdateStack` operation containing only that change.\n> \n> If you add or delete a replica during an update, we recommend that you don't update any other resources. If your stack fails to update and is rolled back while adding a new replica, you might need to manually delete the replica. \n\nYou can create a new global table with as many replicas as needed. You can add or remove replicas after table creation, but you can only add or remove a single replica in each update.", + "MultiRegionConsistency": "Specifies the consistency mode for a new global table.\n\nYou can specify one of the following consistency modes:\n\n- `EVENTUAL` : Configures a new global table for multi-Region eventual consistency (MREC).\n- `STRONG` : Configures a new global table for multi-Region strong consistency (MRSC).\n\nIf you don't specify this field, the global table consistency mode defaults to `EVENTUAL` . For more information about global tables consistency modes, see [Consistency modes](https://docs.aws.amazon.com/V2globaltables_HowItWorks.html#V2globaltables_HowItWorks.consistency-modes) in DynamoDB developer guide.", + "Replicas": "Specifies the list of replicas for your global table. The list must contain at least one element, the region where the stack defining the global table is deployed. For example, if you define your table in a stack deployed to us-east-1, you must have an entry in `Replicas` with the region us-east-1. You cannot remove the replica in the stack region.\n\n> Adding a replica might take a few minutes for an empty table, or up to several hours for large tables. If you want to add or remove a replica, we recommend submitting an `UpdateStack` operation containing only that change.\n> \n> If you add or delete a replica during an update, we recommend that you don't update any other resources. If your stack fails to update and is rolled back while adding a new replica, you might need to manually delete the replica. \n\nYou can create a new global table with as many replicas as needed. You can add or remove replicas after table creation, but you can only add or remove a single replica in each update. For Multi-Region Strong Consistency (MRSC), you can add or remove up to 3 replicas, or 2 replicas plus a witness Region.", "SSESpecification": "Specifies the settings to enable server-side encryption. These settings will be applied to all replicas. If you plan to use customer-managed KMS keys, you must provide a key for each replica using the `ReplicaSpecification.ReplicaSSESpecification` property.", - "StreamSpecification": "Specifies the streams settings on your global table. You must provide a value for this property if your global table contains more than one replica. You can only change the streams settings if your global table has only one replica.", + "StreamSpecification": "Specifies the streams settings on your global table. You must provide a value for this property if your global table contains more than one replica. You can only change the streams settings if your global table has only one replica. For Multi-Region Strong Consistency (MRSC), you do not need to provide a value for this property and can change the settings at any time.", "TableName": "A name for the global table. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID as the table name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", "TimeToLiveSpecification": "Specifies the time to live (TTL) settings for the table. This setting will be applied to all replicas.", "WarmThroughput": "Provides visibility into the number of read and write operations your table or secondary index can instantaneously support. The settings can be modified using the `UpdateTable` operation to meet the throughput requirements of an upcoming peak event.", @@ -13677,6 +13874,9 @@ "WriteOnDemandThroughputSettings": "Sets the write request settings for a global table or a global secondary index. You can only specify this setting if your resource uses the `PAY_PER_REQUEST` `BillingMode` .", "WriteProvisionedThroughputSettings": "Defines write capacity settings for the global secondary index. You must specify a value for this property if the table's `BillingMode` is `PROVISIONED` . All replicas will have the same write capacity settings for this global secondary index." }, + "AWS::DynamoDB::GlobalTable GlobalTableWitness": { + "Region": "The name of the AWS Region that serves as a witness for the MRSC global table." + }, "AWS::DynamoDB::GlobalTable KeySchema": { "AttributeName": "The name of a key attribute.", "KeyType": "The role that this key attribute will assume:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value." @@ -13779,7 +13979,7 @@ "OnDemandThroughput": "Sets the maximum number of read and write units for the specified on-demand table. If you use this property, you must specify `MaxReadRequestUnits` , `MaxWriteRequestUnits` , or both.", "PointInTimeRecoverySpecification": "The settings used to enable point in time recovery.", "ProvisionedThroughput": "Throughput for the specified table, which consists of values for `ReadCapacityUnits` and `WriteCapacityUnits` . For more information about the contents of a provisioned throughput structure, see [Amazon DynamoDB Table ProvisionedThroughput](https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_ProvisionedThroughput.html) .\n\nIf you set `BillingMode` as `PROVISIONED` , you must specify this property. If you set `BillingMode` as `PAY_PER_REQUEST` , you cannot specify this property.", - "ResourcePolicy": "A resource-based policy document that contains permissions to add to the specified table. In a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) .\n\nWhen you attach a resource-based policy while creating a table, the policy creation is *strongly consistent* . For information about the considerations that you should keep in mind while attaching a resource-based policy, see [Resource-based policy considerations](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-considerations.html) .", + "ResourcePolicy": "An AWS resource-based policy document in JSON format that will be attached to the table.\n\nWhen you attach a resource-based policy while creating a table, the policy application is *strongly consistent* .\n\nThe maximum size supported for a resource-based policy document is 20 KB. DynamoDB counts whitespaces when calculating the size of a policy against this limit. For a full list of all considerations that apply for resource-based policies, see [Resource-based policy considerations](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-considerations.html) .\n\n> You need to specify the `CreateTable` and `PutResourcePolicy` IAM actions for authorizing a user to create a table with a resource-based policy.", "SSESpecification": "Specifies the settings to enable server-side encryption.", "StreamSpecification": "The settings for the DynamoDB table stream, which capture changes to items stored in the table.", "TableClass": "The table class of the new table. Valid values are `STANDARD` and `STANDARD_INFREQUENT_ACCESS` .", @@ -13882,10 +14082,10 @@ "EndDate": "The date and time at which the Capacity Reservation expires. When a Capacity Reservation expires, the reserved capacity is released and you can no longer launch instances into it. The Capacity Reservation's state changes to `expired` when it reaches its end date and time.\n\nYou must provide an `EndDate` value if `EndDateType` is `limited` . Omit `EndDate` if `EndDateType` is `unlimited` .\n\nIf the `EndDateType` is `limited` , the Capacity Reservation is cancelled within an hour from the specified time. For example, if you specify 5/31/2019, 13:30:55, the Capacity Reservation is guaranteed to end between 13:30:55 and 14:30:55 on 5/31/2019.\n\nIf you are requesting a future-dated Capacity Reservation, you can't specify an end date and time that is within the commitment duration.", "EndDateType": "Indicates the way in which the Capacity Reservation ends. A Capacity Reservation can have one of the following end types:\n\n- `unlimited` - The Capacity Reservation remains active until you explicitly cancel it. Do not provide an `EndDate` if the `EndDateType` is `unlimited` .\n- `limited` - The Capacity Reservation expires automatically at a specified date and time. You must provide an `EndDate` value if the `EndDateType` value is `limited` .", "EphemeralStorage": "*Deprecated.*", - "InstanceCount": "The number of instances for which to reserve capacity.\n\n> You can request future-dated Capacity Reservations for an instance count with a minimum of 100 vCPUs. For example, if you request a future-dated Capacity Reservation for `m5.xlarge` instances, you must request at least 25 instances ( *25 * m5.xlarge = 100 vCPUs* ). \n\nValid range: 1 - 1000", + "InstanceCount": "The number of instances for which to reserve capacity.\n\n> You can request future-dated Capacity Reservations for an instance count with a minimum of 64 vCPUs. For example, if you request a future-dated Capacity Reservation for `m5.xlarge` instances, you must request at least 25 instances ( *16 * m5.xlarge = 64 vCPUs* ). \n\nValid range: 1 - 1000", "InstanceMatchCriteria": "Indicates the type of instance launches that the Capacity Reservation accepts. The options include:\n\n- `open` - The Capacity Reservation automatically matches all instances that have matching attributes (instance type, platform, and Availability Zone). Instances that have matching attributes run in the Capacity Reservation automatically without specifying any additional parameters.\n- `targeted` - The Capacity Reservation only accepts instances that have matching attributes (instance type, platform, and Availability Zone), and explicitly target the Capacity Reservation. This ensures that only permitted instances can use the reserved capacity.\n\n> If you are requesting a future-dated Capacity Reservation, you must specify `targeted` . \n\nDefault: `open`", "InstancePlatform": "The type of operating system for which to reserve capacity.", - "InstanceType": "The instance type for which to reserve capacity.\n\n> You can request future-dated Capacity Reservations for instance types in the C, M, R, I, and T instance families only. \n\nFor more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .", + "InstanceType": "The instance type for which to reserve capacity.\n\n> You can request future-dated Capacity Reservations for instance types in the C, M, R, I, T, and G instance families only. \n\nFor more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .", "OutPostArn": "> Not supported for future-dated Capacity Reservations. \n\nThe Amazon Resource Name (ARN) of the Outpost on which to create the Capacity Reservation.", "PlacementGroupArn": "> Not supported for future-dated Capacity Reservations. \n\nThe Amazon Resource Name (ARN) of the cluster placement group in which to create the Capacity Reservation. For more information, see [Capacity Reservations for cluster placement groups](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/cr-cpg.html) in the *Amazon EC2 User Guide* .", "TagSpecifications": "The tags to apply to the Capacity Reservation during launch.", @@ -14026,7 +14226,7 @@ "BgpAsnExtended": "For customer gateway devices that support BGP, specify the device's ASN. You must specify either `BgpAsn` or `BgpAsnExtended` when creating the customer gateway. If the ASN is larger than `2,147,483,647` , you must use `BgpAsnExtended` .\n\nValid values: `2,147,483,648` to `4,294,967,295`", "CertificateArn": "The Amazon Resource Name (ARN) for the customer gateway certificate.", "DeviceName": "The name of customer gateway device.", - "IpAddress": "IPv4 address for the customer gateway device's outside interface. The address must be static. If `OutsideIpAddressType` in your VPN connection options is set to `PrivateIpv4` , you can use an RFC6598 or RFC1918 private IPv4 address. If `OutsideIpAddressType` is set to `PublicIpv4` , you can use a public IPv4 address.", + "IpAddress": "The IP address for the customer gateway device's outside interface. The address must be static. If `OutsideIpAddressType` in your VPN connection options is set to `PrivateIpv4` , you can use an RFC6598 or RFC1918 private IPv4 address. If `OutsideIpAddressType` is set to `Ipv6` , you can use an IPv6 address.", "Tags": "One or more tags for the customer gateway.", "Type": "The type of VPN connection that this customer gateway supports ( `ipsec.1` )." }, @@ -14094,7 +14294,7 @@ }, "AWS::EC2::EC2Fleet EbsBlockDevice": { "DeleteOnTermination": "Indicates whether the EBS volume is deleted on instance termination. For more information, see [Preserving Amazon EBS volumes on instance termination](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#preserving-volumes-on-termination) in the *Amazon EC2 User Guide* .", - "Encrypted": "Indicates whether the encryption state of an EBS volume is changed while being restored from a backing snapshot. The effect of setting the encryption state to `true` depends on the volume origin (new or from a snapshot), starting encryption state, ownership, and whether encryption by default is enabled. For more information, see [Amazon EBS encryption](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption.html#encryption-parameters) in the *Amazon EBS User Guide* .\n\nIn no case can you remove encryption from an encrypted volume.\n\nEncrypted volumes can only be attached to instances that support Amazon EBS encryption. For more information, see [Supported instance types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption-requirements.html#ebs-encryption_supported_instances) .\n\nThis parameter is not returned by `DescribeImageAttribute` .\n\nFor `CreateImage` and `RegisterImage` , whether you can include this parameter, and the allowed values differ depending on the type of block device mapping you are creating.\n\n- If you are creating a block device mapping for a *new (empty) volume* , you can include this parameter, and specify either `true` for an encrypted volume, or `false` for an unencrypted volume. If you omit this parameter, it defaults to `false` (unencrypted).\n- If you are creating a block device mapping from an *existing encrypted or unencrypted snapshot* , you must omit this parameter. If you include this parameter, the request will fail, regardless of the value that you specify.\n- If you are creating a block device mapping from an *existing unencrypted volume* , you can include this parameter, but you must specify `false` . If you specify `true` , the request will fail. In this case, we recommend that you omit the parameter.\n- If you are creating a block device mapping from an *existing encrypted volume* , you can include this parameter, and specify either `true` or `false` . However, if you specify `false` , the parameter is ignored and the block device mapping is always encrypted. In this case, we recommend that you omit the parameter.", + "Encrypted": "Indicates whether the encryption state of an EBS volume is changed while being restored from a backing snapshot. The effect of setting the encryption state to `true` depends on the volume origin (new or from a snapshot), starting encryption state, ownership, and whether encryption by default is enabled. For more information, see [Amazon EBS encryption](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption.html#encryption-parameters) in the *Amazon EBS User Guide* .\n\nIn no case can you remove encryption from an encrypted volume.\n\nEncrypted volumes can only be attached to instances that support Amazon EBS encryption. For more information, see [Supported instance types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption-requirements.html#ebs-encryption_supported_instances) .\n\n- If you are creating a block device mapping for a *new (empty) volume* , you can include this parameter, and specify either `true` for an encrypted volume, or `false` for an unencrypted volume. If you omit this parameter, it defaults to `false` (unencrypted).\n- If you are creating a block device mapping from an *existing encrypted or unencrypted snapshot* , you must omit this parameter. If you include this parameter, the request will fail, regardless of the value that you specify.\n- If you are creating a block device mapping from an *existing unencrypted volume* , you can include this parameter, but you must specify `false` . If you specify `true` , the request will fail. In this case, we recommend that you omit the parameter.\n- If you are creating a block device mapping from an *existing encrypted volume* , you can include this parameter, and specify either `true` or `false` . However, if you specify `false` , the parameter is ignored and the block device mapping is always encrypted. In this case, we recommend that you omit the parameter.", "Iops": "The number of I/O operations per second (IOPS). For `gp3` , `io1` , and `io2` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n\nThe following are the supported values for each volume type:\n\n- `gp3` : 3,000 - 16,000 IOPS\n- `io1` : 100 - 64,000 IOPS\n- `io2` : 100 - 256,000 IOPS\n\nFor `io2` volumes, you can achieve up to 256,000 IOPS on [instances built on the Nitro System](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances) . On other instances, you can achieve performance up to 32,000 IOPS.\n\nThis parameter is required for `io1` and `io2` volumes. The default for `gp3` volumes is 3,000 IOPS.", "KmsKeyId": "Identifier (key ID, key alias, key ARN, or alias ARN) of the customer managed KMS key to use for EBS encryption.\n\nThis parameter is only supported on `BlockDeviceMapping` objects called by [RunInstances](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html) , [RequestSpotFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RequestSpotFleet.html) , and [RequestSpotInstances](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RequestSpotInstances.html) .", "SnapshotId": "The ID of the snapshot.", @@ -14242,8 +14442,13 @@ "PrivateIpAddress": "The primary or secondary private IP address to associate with the Elastic IP address. If no private IP address is specified, the Elastic IP address is associated with the primary private IP address." }, "AWS::EC2::EgressOnlyInternetGateway": { + "Tags": "The tags assigned to the egress-only internet gateway.", "VpcId": "The ID of the VPC for which to create the egress-only internet gateway." }, + "AWS::EC2::EgressOnlyInternetGateway Tag": { + "Key": "The key of the tag.\n\nConstraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with `aws:` .", + "Value": "The value of the tag.\n\nConstraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters." + }, "AWS::EC2::EnclaveCertificateIamRoleAssociation": { "CertificateArn": "The ARN of the ACM certificate with which to associate the IAM role.", "RoleArn": "The ARN of the IAM role to associate with the ACM certificate. You can associate up to 16 IAM roles with an ACM certificate." @@ -14294,7 +14499,7 @@ "DefaultResourceDiscoveryOrganizationalUnitExclusions": "If your IPAM is integrated with AWS Organizations, you can exclude an [organizational unit (OU)](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html#organizationalunit) from being managed by IPAM. When you exclude an OU, IPAM will not manage the IP addresses in accounts in that OU. For more information, see [Exclude organizational units from IPAM](https://docs.aws.amazon.com/vpc/latest/ipam/exclude-ous.html) in the *Amazon Virtual Private Cloud IP Address Manager User Guide* .", "Description": "The description for the IPAM.", "EnablePrivateGua": "Enable this option to use your own GUA ranges as private IPv6 addresses. This option is disabled by default.", - "MeteredAccount": "", + "MeteredAccount": "A metered account is an AWS account that is charged for active IP addresses managed in IPAM. For more information, see [Enable cost distribution](https://docs.aws.amazon.com/vpc/latest/ipam/ipam-enable-cost-distro.html) in the *Amazon VPC IPAM User Guide* .\n\nPossible values:\n\n- `ipam-owner` (default): The AWS account which owns the IPAM is charged for all active IP addresses managed in IPAM.\n- `resource-owner` : The AWS account that owns the IP address is charged for the active IP address.", "OperatingRegions": "The operating Regions for an IPAM. Operating Regions are AWS Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only discovers and monitors resources in the AWS Regions you select as operating Regions.\n\nFor more information about operating Regions, see [Create an IPAM](https://docs.aws.amazon.com//vpc/latest/ipam/create-ipam.html) in the *Amazon VPC IPAM User Guide* .", "Tags": "The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key `Owner` and the value `TeamA` , specify `tag:Owner` for the filter name and `TeamA` for the filter value.", "Tier": "IPAM is offered in a Free Tier and an Advanced Tier. For more information about the features available in each tier and the costs associated with the tiers, see the [VPC IPAM product pricing page](https://docs.aws.amazon.com//vpc/pricing/) ." @@ -14407,7 +14612,7 @@ "Ipv6AddressCount": "The number of IPv6 addresses to associate with the primary network interface. Amazon EC2 chooses the IPv6 addresses from the range of your subnet. You cannot specify this option and the option to assign specific IPv6 addresses in the same request. You can specify this option if you've specified a minimum number of instances to launch.\n\nYou cannot specify this option and the network interfaces option in the same request.", "Ipv6Addresses": "The IPv6 addresses from the range of the subnet to associate with the primary network interface. You cannot specify this option and the option to assign a number of IPv6 addresses in the same request. You cannot specify this option if you've specified a minimum number of instances to launch.\n\nYou cannot specify this option and the network interfaces option in the same request.", "KernelId": "The ID of the kernel.\n\n> We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see [PV-GRUB](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) in the *Amazon EC2 User Guide* .", - "KeyName": "The name of the key pair. You can create a key pair using [CreateKeyPair](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateKeyPair.html) or [ImportKeyPair](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportKeyPair.html) .\n\n> If you do not specify a key pair, you can't connect to the instance unless you choose an AMI that is configured to allow users another way to log in.", + "KeyName": "The name of the key pair. For more information, see [Create a key pair for your EC2 instance](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/create-key-pairs.html) .\n\n> If you do not specify a key pair, you can't connect to the instance unless you choose an AMI that is configured to allow users another way to log in.", "LaunchTemplate": "The launch template. Any additional parameters that you specify for the new instance overwrite the corresponding parameters included in the launch template.", "LicenseSpecifications": "The license configurations.", "MetadataOptions": "The metadata options for the instance.", @@ -14535,7 +14740,7 @@ }, "AWS::EC2::InstanceConnectEndpoint": { "ClientToken": "Unique, case-sensitive identifier that you provide to ensure the idempotency of the request.", - "PreserveClientIp": "Indicates whether the client IP address is preserved as the source. The following are the possible values.\n\n- `true` - Use the client IP address as the source.\n- `false` - Use the network interface IP address as the source.\n\nDefault: `false`", + "PreserveClientIp": "Indicates whether the client IP address is preserved as the source. The following are the possible values.\n\n- `true` - Use the client IP address as the source.\n- `false` - Use the network interface IP address as the source.\n\n> `PreserveClientIp` is only supported on IPv4 EC2 Instance Connect Endpoints. To use `PreserveClientIp` , the value for `IpAddressType` must be `ipv4` . \n\nDefault: `false`", "SecurityGroupIds": "One or more security groups to associate with the endpoint. If you don't specify a security group, the default security group for your VPC will be associated with the endpoint.", "SubnetId": "The ID of the subnet in which to create the EC2 Instance Connect Endpoint.", "Tags": "The tags to apply to the EC2 Instance Connect Endpoint during creation." @@ -15589,6 +15794,9 @@ "Tags": "Any tags assigned to the subnet.", "VpcId": "The ID of the VPC the subnet is in.\n\nIf you update this property, you must also update the `CidrBlock` property." }, + "AWS::EC2::Subnet BlockPublicAccessStates": { + "InternetGatewayBlockMode": "The mode of VPC BPA.\n\n- `off` : VPC BPA is not enabled and traffic is allowed to and from internet gateways and egress-only internet gateways in this Region.\n- `block-bidirectional` : Block all traffic to and from internet gateways and egress-only internet gateways in this Region (except for excluded VPCs and subnets).\n- `block-ingress` : Block all internet traffic to the VPCs in this Region (except for VPCs or subnets which are excluded). Only traffic to and from NAT gateways and egress-only internet gateways is allowed because these gateways only allow outbound connections to be established." + }, "AWS::EC2::Subnet PrivateDnsNameOptionsOnLaunch": { "EnableResourceNameDnsAAAARecord": "Indicates whether to respond to DNS queries for instance hostname with DNS AAAA records.", "EnableResourceNameDnsARecord": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records.", @@ -15645,6 +15853,7 @@ "AWS::EC2::TrafficMirrorSession": { "Description": "The description of the Traffic Mirror session.", "NetworkInterfaceId": "The ID of the source network interface.", + "OwnerId": "The ID of the account that owns the Traffic Mirror session.", "PacketLength": "The number of bytes in each packet to mirror. These are bytes after the VXLAN header. Do not specify this parameter when you want to mirror the entire packet. To mirror a subset of the packet, set this to the length (in bytes) that you want to mirror. For example, if you set this value to 100, then the first 100 bytes that meet the filter criteria are copied to the target.\n\nIf you do not want to mirror the entire packet, use the `PacketLength` parameter to specify the number of bytes in each packet to mirror.\n\nFor sessions with Network Load Balancer (NLB) Traffic Mirror targets the default `PacketLength` will be set to 8500. Valid values are 1-8500. Setting a `PacketLength` greater than 8500 will result in an error response.", "SessionNumber": "The session number determines the order in which sessions are evaluated when an interface is used by multiple sessions. The first session with a matching filter is the one that mirrors the packets.\n\nValid values are 1-32766.", "Tags": "The tags to assign to a Traffic Mirror session.", @@ -15912,7 +16121,7 @@ "EnableAcceleration": "Indicate whether to enable acceleration for the VPN connection.\n\nDefault: `false`", "LocalIpv4NetworkCidr": "The IPv4 CIDR on the customer gateway (on-premises) side of the VPN connection.\n\nDefault: `0.0.0.0/0`", "LocalIpv6NetworkCidr": "The IPv6 CIDR on the customer gateway (on-premises) side of the VPN connection.\n\nDefault: `::/0`", - "OutsideIpAddressType": "The type of IPv4 address assigned to the outside interface of the customer gateway device.\n\nValid values: `PrivateIpv4` | `PublicIpv4`\n\nDefault: `PublicIpv4`", + "OutsideIpAddressType": "The type of IP address assigned to the outside interface of the customer gateway device.\n\nValid values: `PrivateIpv4` | `PublicIpv4` | `Ipv6`\n\nDefault: `PublicIpv4`", "RemoteIpv4NetworkCidr": "The IPv4 CIDR on the AWS side of the VPN connection.\n\nDefault: `0.0.0.0/0`", "RemoteIpv6NetworkCidr": "The IPv6 CIDR on the AWS side of the VPN connection.\n\nDefault: `::/0`", "StaticRoutesOnly": "Indicates whether the VPN connection uses static routes only. Static routes must be used for devices that don't support BGP.\n\nIf you are creating a VPN connection for a device that does not support Border Gateway Protocol (BGP), you must specify `true` .", @@ -16266,7 +16475,7 @@ "CustomRoleArn": "The ARN of the role to be assumed by Amazon ECR. Amazon ECR will assume your supplied role when the customRoleArn is specified. When this field isn't specified, Amazon ECR will use the service-linked role for the repository creation template.", "Description": "The description associated with the repository creation template.", "EncryptionConfiguration": "The encryption configuration associated with the repository creation template.", - "ImageTagMutability": "The tag mutability setting for the repository. If this parameter is omitted, the default setting of MUTABLE will be used which will allow image tags to be overwritten. If IMMUTABLE is specified, all image tags within the repository will be immutable which will prevent them from being overwritten.", + "ImageTagMutability": "The tag mutability setting for the repository. If this parameter is omitted, the default setting of `MUTABLE` will be used which will allow image tags to be overwritten. If `IMMUTABLE` is specified, all image tags within the repository will be immutable which will prevent them from being overwritten.", "LifecyclePolicy": "The lifecycle policy to use for repositories created using the template.", "Prefix": "The repository namespace prefix associated with the repository creation template.", "RepositoryPolicy": "The repository policy to apply to repositories created using the template. A repository policy is a permissions policy associated with a repository to control access permissions.", @@ -16367,9 +16576,9 @@ "CapacityProviderStrategy": "The capacity provider strategy to use for the service.\n\nIf a `capacityProviderStrategy` is specified, the `launchType` parameter must be omitted. If no `capacityProviderStrategy` or `launchType` is specified, the `defaultCapacityProviderStrategy` for the cluster is used.\n\nA capacity provider strategy can contain a maximum of 20 capacity providers.\n\n> To remove this property from your service resource, specify an empty `CapacityProviderStrategyItem` array.", "Cluster": "The short name or full Amazon Resource Name (ARN) of the cluster that you run your service on. If you do not specify a cluster, the default cluster is assumed.", "DeploymentConfiguration": "Optional deployment parameters that control how many tasks run during the deployment and the ordering of stopping and starting tasks.", - "DeploymentController": "The deployment controller to use for the service. If no deployment controller is specified, the default value of `ECS` is used.", + "DeploymentController": "The deployment controller to use for the service.", "DesiredCount": "The number of instantiations of the specified task definition to place and keep running in your service.\n\nFor new services, if a desired count is not specified, a default value of `1` is used. When using the `DAEMON` scheduling strategy, the desired count is not required.\n\nFor existing services, if a desired count is not specified, it is omitted from the operation.", - "EnableECSManagedTags": "Specifies whether to turn on Amazon ECS managed tags for the tasks within the service. For more information, see [Tagging your Amazon ECS resources](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-using-tags.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nWhen you use Amazon ECS managed tags, you need to set the `propagateTags` request parameter.", + "EnableECSManagedTags": "Specifies whether to turn on Amazon ECS managed tags for the tasks within the service. For more information, see [Tagging your Amazon ECS resources](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-using-tags.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nWhen you use Amazon ECS managed tags, you must set the `propagateTags` request parameter.", "EnableExecuteCommand": "Determines whether the execute command functionality is turned on for the service. If `true` , the execute command functionality is turned on for all containers in tasks as part of the service.", "HealthCheckGracePeriodSeconds": "The period of time, in seconds, that the Amazon ECS service scheduler ignores unhealthy Elastic Load Balancing, VPC Lattice, and container health checks after a task has first started. If you don't specify a health check grace period value, the default value of `0` is used. If you don't use any of the health checks, then `healthCheckGracePeriodSeconds` is unused.\n\nIf your service's tasks take a while to start and respond to health checks, you can specify a health check grace period of up to 2,147,483,647 seconds (about 69 years). During that time, the Amazon ECS service scheduler ignores health check status. This grace period can prevent the service scheduler from marking tasks as unhealthy and stopping them before they have time to come up.", "LaunchType": "The launch type on which to run your service. For more information, see [Amazon ECS Launch Types](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/launch_types.html) in the *Amazon Elastic Container Service Developer Guide* .", @@ -16389,6 +16598,12 @@ "VolumeConfigurations": "The configuration for a volume specified in the task definition as a volume that is configured at launch time. Currently, the only supported volume type is an Amazon EBS volume.\n\n> To remove this property from your service resource, specify an empty `ServiceVolumeConfiguration` array.", "VpcLatticeConfigurations": "The VPC Lattice configuration for the service being created." }, + "AWS::ECS::Service AdvancedConfiguration": { + "AlternateTargetGroupArn": "The Amazon Resource Name (ARN) of the alternate target group for Amazon ECS blue/green deployments.", + "ProductionListenerRule": "The Amazon Resource Name (ARN) that that identifies the production listener rule (in the case of an Application Load Balancer) or listener (in the case for an Network Load Balancer) for routing production traffic.", + "RoleArn": "The Amazon Resource Name (ARN) of the IAM role that grants Amazon ECS permission to call the Elastic Load Balancing APIs for you.", + "TestListenerRule": "The Amazon Resource Name (ARN) that identifies ) that identifies the test listener rule (in the case of an Application Load Balancer) or listener (in the case for an Network Load Balancer) for routing test traffic." + }, "AWS::ECS::Service AwsVpcConfiguration": { "AssignPublicIp": "Whether the task's elastic network interface receives a public IP address.\n\nConsider the following when you set this value:\n\n- When you use `create-service` or `update-service` , the default is `DISABLED` .\n- When the service `deploymentController` is `ECS` , the value must be `DISABLED` .", "SecurityGroups": "The IDs of the security groups associated with the task or service. If you don't specify a security group, the default security group for the VPC is used. There's a limit of 5 security groups that can be specified.\n\n> All specified security groups must be from the same VPC.", @@ -16410,12 +16625,20 @@ }, "AWS::ECS::Service DeploymentConfiguration": { "Alarms": "Information about the CloudWatch alarms.", + "BakeTimeInMinutes": "The duration when both blue and green service revisions are running simultaneously after the production traffic has shifted.\n\nThe following rules apply when you don't specify a value:\n\n- For rolling deployments, the value is set to 3 hours (180 minutes).\n- When you use an external deployment controller ( `EXTERNAL` ), or the CodeDeploy blue/green deployment controller ( `CODE_DEPLOY` ), the value is set to 3 hours (180 minutes).\n- For all other cases, the value is set to 36 hours (2160 minutes).", "DeploymentCircuitBreaker": "> The deployment circuit breaker can only be used for services using the rolling update ( `ECS` ) deployment type. \n\nThe *deployment circuit breaker* determines whether a service deployment will fail if the service can't reach a steady state. If you use the deployment circuit breaker, a service deployment will transition to a failed state and stop launching new tasks. If you use the rollback option, when a service deployment fails, the service is rolled back to the last deployment that completed successfully. For more information, see [Rolling update](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-type-ecs.html) in the *Amazon Elastic Container Service Developer Guide*", + "LifecycleHooks": "An array of deployment lifecycle hook objects to run custom logic at specific stages of the deployment lifecycle.", "MaximumPercent": "If a service is using the rolling update ( `ECS` ) deployment type, the `maximumPercent` parameter represents an upper limit on the number of your service's tasks that are allowed in the `RUNNING` or `PENDING` state during a deployment, as a percentage of the `desiredCount` (rounded down to the nearest integer). This parameter enables you to define the deployment batch size. For example, if your service is using the `REPLICA` service scheduler and has a `desiredCount` of four tasks and a `maximumPercent` value of 200%, the scheduler may start four new tasks before stopping the four older tasks (provided that the cluster resources required to do this are available). The default `maximumPercent` value for a service using the `REPLICA` service scheduler is 200%.\n\nThe Amazon ECS scheduler uses this parameter to replace unhealthy tasks by starting replacement tasks first and then stopping the unhealthy tasks, as long as cluster resources for starting replacement tasks are available. For more information about how the scheduler replaces unhealthy tasks, see [Amazon ECS services](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs_services.html) .\n\nIf a service is using either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types, and tasks in the service use the EC2 launch type, the *maximum percent* value is set to the default value. The *maximum percent* value is used to define the upper limit on the number of the tasks in the service that remain in the `RUNNING` state while the container instances are in the `DRAINING` state.\n\n> You can't specify a custom `maximumPercent` value for a service that uses either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types and has tasks that use the EC2 launch type. \n\nIf the service uses either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types, and the tasks in the service use the Fargate launch type, the maximum percent value is not used. The value is still returned when describing your service.", - "MinimumHealthyPercent": "If a service is using the rolling update ( `ECS` ) deployment type, the `minimumHealthyPercent` represents a lower limit on the number of your service's tasks that must remain in the `RUNNING` state during a deployment, as a percentage of the `desiredCount` (rounded up to the nearest integer). This parameter enables you to deploy without using additional cluster capacity. For example, if your service has a `desiredCount` of four tasks and a `minimumHealthyPercent` of 50%, the service scheduler may stop two existing tasks to free up cluster capacity before starting two new tasks.\n\nIf any tasks are unhealthy and if `maximumPercent` doesn't allow the Amazon ECS scheduler to start replacement tasks, the scheduler stops the unhealthy tasks one-by-one \u2014 using the `minimumHealthyPercent` as a constraint \u2014 to clear up capacity to launch replacement tasks. For more information about how the scheduler replaces unhealthy tasks, see [Amazon ECS services](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs_services.html) .\n\nFor services that *do not* use a load balancer, the following should be noted:\n\n- A service is considered healthy if all essential containers within the tasks in the service pass their health checks.\n- If a task has no essential containers with a health check defined, the service scheduler will wait for 40 seconds after a task reaches a `RUNNING` state before the task is counted towards the minimum healthy percent total.\n- If a task has one or more essential containers with a health check defined, the service scheduler will wait for the task to reach a healthy status before counting it towards the minimum healthy percent total. A task is considered healthy when all essential containers within the task have passed their health checks. The amount of time the service scheduler can wait for is determined by the container health check settings.\n\nFor services that *do* use a load balancer, the following should be noted:\n\n- If a task has no essential containers with a health check defined, the service scheduler will wait for the load balancer target group health check to return a healthy status before counting the task towards the minimum healthy percent total.\n- If a task has an essential container with a health check defined, the service scheduler will wait for both the task to reach a healthy status and the load balancer target group health check to return a healthy status before counting the task towards the minimum healthy percent total.\n\nThe default value for a replica service for `minimumHealthyPercent` is 100%. The default `minimumHealthyPercent` value for a service using the `DAEMON` service schedule is 0% for the AWS CLI , the AWS SDKs, and the APIs and 50% for the AWS Management Console.\n\nThe minimum number of healthy tasks during a deployment is the `desiredCount` multiplied by the `minimumHealthyPercent` /100, rounded up to the nearest integer value.\n\nIf a service is using either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types and is running tasks that use the EC2 launch type, the *minimum healthy percent* value is set to the default value. The *minimum healthy percent* value is used to define the lower limit on the number of the tasks in the service that remain in the `RUNNING` state while the container instances are in the `DRAINING` state.\n\n> You can't specify a custom `minimumHealthyPercent` value for a service that uses either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types and has tasks that use the EC2 launch type. \n\nIf a service is using either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types and is running tasks that use the Fargate launch type, the minimum healthy percent value is not used, although it is returned when describing your service." + "MinimumHealthyPercent": "If a service is using the rolling update ( `ECS` ) deployment type, the `minimumHealthyPercent` represents a lower limit on the number of your service's tasks that must remain in the `RUNNING` state during a deployment, as a percentage of the `desiredCount` (rounded up to the nearest integer). This parameter enables you to deploy without using additional cluster capacity. For example, if your service has a `desiredCount` of four tasks and a `minimumHealthyPercent` of 50%, the service scheduler may stop two existing tasks to free up cluster capacity before starting two new tasks.\n\nIf any tasks are unhealthy and if `maximumPercent` doesn't allow the Amazon ECS scheduler to start replacement tasks, the scheduler stops the unhealthy tasks one-by-one \u2014 using the `minimumHealthyPercent` as a constraint \u2014 to clear up capacity to launch replacement tasks. For more information about how the scheduler replaces unhealthy tasks, see [Amazon ECS services](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs_services.html) .\n\nFor services that *do not* use a load balancer, the following should be noted:\n\n- A service is considered healthy if all essential containers within the tasks in the service pass their health checks.\n- If a task has no essential containers with a health check defined, the service scheduler will wait for 40 seconds after a task reaches a `RUNNING` state before the task is counted towards the minimum healthy percent total.\n- If a task has one or more essential containers with a health check defined, the service scheduler will wait for the task to reach a healthy status before counting it towards the minimum healthy percent total. A task is considered healthy when all essential containers within the task have passed their health checks. The amount of time the service scheduler can wait for is determined by the container health check settings.\n\nFor services that *do* use a load balancer, the following should be noted:\n\n- If a task has no essential containers with a health check defined, the service scheduler will wait for the load balancer target group health check to return a healthy status before counting the task towards the minimum healthy percent total.\n- If a task has an essential container with a health check defined, the service scheduler will wait for both the task to reach a healthy status and the load balancer target group health check to return a healthy status before counting the task towards the minimum healthy percent total.\n\nThe default value for a replica service for `minimumHealthyPercent` is 100%. The default `minimumHealthyPercent` value for a service using the `DAEMON` service schedule is 0% for the AWS CLI , the AWS SDKs, and the APIs and 50% for the AWS Management Console.\n\nThe minimum number of healthy tasks during a deployment is the `desiredCount` multiplied by the `minimumHealthyPercent` /100, rounded up to the nearest integer value.\n\nIf a service is using either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types and is running tasks that use the EC2 launch type, the *minimum healthy percent* value is set to the default value. The *minimum healthy percent* value is used to define the lower limit on the number of the tasks in the service that remain in the `RUNNING` state while the container instances are in the `DRAINING` state.\n\n> You can't specify a custom `minimumHealthyPercent` value for a service that uses either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types and has tasks that use the EC2 launch type. \n\nIf a service is using either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types and is running tasks that use the Fargate launch type, the minimum healthy percent value is not used, although it is returned when describing your service.", + "Strategy": "The deployment strategy for the service. Choose from these valid values:\n\n- `ROLLING` - When you create a service which uses the rolling update ( `ROLLING` ) deployment strategy, the Amazon ECS service scheduler replaces the currently running tasks with new tasks. The number of tasks that Amazon ECS adds or removes from the service during a rolling update is controlled by the service deployment configuration.\n- `BLUE_GREEN` - A blue/green deployment strategy ( `BLUE_GREEN` ) is a release methodology that reduces downtime and risk by running two identical production environments called blue and green. With Amazon ECS blue/green deployments, you can validate new service revisions before directing production traffic to them. This approach provides a safer way to deploy changes with the ability to quickly roll back if needed." }, "AWS::ECS::Service DeploymentController": { - "Type": "The deployment controller type to use. There are three deployment controller types available:\n\n- **ECS** - The rolling update ( `ECS` ) deployment type involves replacing the current running version of the container with the latest version. The number of containers Amazon ECS adds or removes from the service during a rolling update is controlled by adjusting the minimum and maximum number of healthy tasks allowed during a service deployment, as specified in the [DeploymentConfiguration](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DeploymentConfiguration.html) .\n- **CODE_DEPLOY** - The blue/green ( `CODE_DEPLOY` ) deployment type uses the blue/green deployment model powered by AWS CodeDeploy , which allows you to verify a new deployment of a service before sending production traffic to it.\n- **EXTERNAL** - The external ( `EXTERNAL` ) deployment type enables you to use any third-party deployment controller for full control over the deployment process for an Amazon ECS service." + "Type": "The deployment controller type to use.\n\nThe deployment controller is the mechanism that determines how tasks are deployed for your service. The valid options are:\n\n- ECS\n\nWhen you create a service which uses the `ECS` deployment controller, you can choose between the following deployment strategies:\n\n- `ROLLING` : When you create a service which uses the *rolling update* ( `ROLLING` ) deployment strategy, the Amazon ECS service scheduler replaces the currently running tasks with new tasks. The number of tasks that Amazon ECS adds or removes from the service during a rolling update is controlled by the service deployment configuration.\n\nRolling update deployments are best suited for the following scenarios:\n\n- Gradual service updates: You need to update your service incrementally without taking the entire service offline at once.\n- Limited resource requirements: You want to avoid the additional resource costs of running two complete environments simultaneously (as required by blue/green deployments).\n- Acceptable deployment time: Your application can tolerate a longer deployment process, as rolling updates replace tasks one by one.\n- No need for instant roll back: Your service can tolerate a rollback process that takes minutes rather than seconds.\n- Simple deployment process: You prefer a straightforward deployment approach without the complexity of managing multiple environments, target groups, and listeners.\n- No load balancer requirement: Your service doesn't use or require a load balancer, Application Load Balancer , Network Load Balancer , or Service Connect (which are required for blue/green deployments).\n- Stateful applications: Your application maintains state that makes it difficult to run two parallel environments.\n- Cost sensitivity: You want to minimize deployment costs by not running duplicate environments during deployment.\n\nRolling updates are the default deployment strategy for services and provide a balance between deployment safety and resource efficiency for many common application scenarios.\n- `BLUE_GREEN` : A *blue/green* deployment strategy ( `BLUE_GREEN` ) is a release methodology that reduces downtime and risk by running two identical production environments called blue and green. With Amazon ECS blue/green deployments, you can validate new service revisions before directing production traffic to them. This approach provides a safer way to deploy changes with the ability to quickly roll back if needed.\n\nAmazon ECS blue/green deployments are best suited for the following scenarios:\n\n- Service validation: When you need to validate new service revisions before directing production traffic to them\n- Zero downtime: When your service requires zero-downtime deployments\n- Instant roll back: When you need the ability to quickly roll back if issues are detected\n- Load balancer requirement: When your service uses Application Load Balancer , Network Load Balancer , or Service Connect\n- External\n\nUse a third-party deployment controller.\n- Blue/green deployment (powered by CodeDeploy )\n\nCodeDeploy installs an updated version of the application as a new replacement task set and reroutes production traffic from the original application task set to the replacement task set. The original task set is terminated after a successful deployment. Use this deployment controller to verify a new deployment of a service before sending production traffic to it.\n\nWhen updating the deployment controller for a service, consider the following depending on the type of migration you're performing.\n\n- If you have a template that contains the `EXTERNAL` deployment controller information as well as `TaskSet` and `PrimaryTaskSet` resources, and you remove the task set resources from the template when updating from `EXTERNAL` to `ECS` , the `DescribeTaskSet` and `DeleteTaskSet` API calls will return a 400 error after the deployment controller is updated to `ECS` . This results in a delete failure on the task set resources, even though the stack transitions to `UPDATE_COMPLETE` status. For more information, see [Resource removed from stack but not deleted](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/troubleshooting.html#troubleshooting-errors-resource-removed-not-deleted) in the AWS CloudFormation User Guide. To fix this issue, delete the task sets directly using the Amazon ECS `DeleteTaskSet` API. For more information about how to delete a task set, see [DeleteTaskSet](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DeleteTaskSet.html) in the Amazon Elastic Container Service API Reference.\n- If you're migrating from `CODE_DEPLOY` to `ECS` with a new task definition and AWS CloudFormation performs a rollback operation, the Amazon ECS `UpdateService` request fails with the following error:\n\nResource handler returned message: \"Invalid request provided: Unable to update task definition on services with a CODE_DEPLOY deployment controller.\n- After a successful migration from `ECS` to `EXTERNAL` deployment controller, you need to manually remove the `ACTIVE` task set, because Amazon ECS no longer manages the deployment. For information about how to delete a task set, see [DeleteTaskSet](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DeleteTaskSet.html) in the Amazon Elastic Container Service API Reference." + }, + "AWS::ECS::Service DeploymentLifecycleHook": { + "HookTargetArn": "The Amazon Resource Name (ARN) of the hook target. Currently, only Lambda function ARNs are supported.\n\nYou must provide this parameter when configuring a deployment lifecycle hook.", + "LifecycleStages": "The lifecycle stages at which to run the hook. Choose from these valid values:\n\n- RECONCILE_SERVICE\n\nThe reconciliation stage that only happens when you start a new service deployment with more than 1 service revision in an ACTIVE state.\n\nYou can use a lifecycle hook for this stage.\n- PRE_SCALE_UP\n\nThe green service revision has not started. The blue service revision is handling 100% of the production traffic. There is no test traffic.\n\nYou can use a lifecycle hook for this stage.\n- POST_SCALE_UP\n\nThe green service revision has started. The blue service revision is handling 100% of the production traffic. There is no test traffic.\n\nYou can use a lifecycle hook for this stage.\n- TEST_TRAFFIC_SHIFT\n\nThe blue and green service revisions are running. The blue service revision handles 100% of the production traffic. The green service revision is migrating from 0% to 100% of test traffic.\n\nYou can use a lifecycle hook for this stage.\n- POST_TEST_TRAFFIC_SHIFT\n\nThe test traffic shift is complete. The green service revision handles 100% of the test traffic.\n\nYou can use a lifecycle hook for this stage.\n- PRODUCTION_TRAFFIC_SHIFT\n\nProduction traffic is shifting to the green service revision. The green service revision is migrating from 0% to 100% of production traffic.\n\nYou can use a lifecycle hook for this stage.\n- POST_PRODUCTION_TRAFFIC_SHIFT\n\nThe production traffic shift is complete.\n\nYou can use a lifecycle hook for this stage.\n\nYou must provide this parameter when configuring a deployment lifecycle hook.", + "RoleArn": "The Amazon Resource Name (ARN) of the IAM role that grants Amazon ECS permission to call Lambda functions on your behalf.\n\nFor more information, see [Permissions required for Lambda functions in Amazon ECS blue/green deployments](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/blue-green-permissions.html) in the *Amazon Elastic Container Service Developer Guide* ." }, "AWS::ECS::Service EBSTagSpecification": { "PropagateTags": "Determines whether to propagate the tags from the task definition to the Amazon EBS volume. Tags can only propagate to a `SERVICE` specified in `ServiceVolumeConfiguration` . If no value is specified, the tags aren't propagated.", @@ -16423,6 +16646,7 @@ "Tags": "The tags applied to this Amazon EBS volume. `AmazonECSCreated` and `AmazonECSManaged` are reserved tags that can't be used." }, "AWS::ECS::Service LoadBalancer": { + "AdvancedConfiguration": "The advanced settings for the load balancer used in blue/green deployments. Specify the alternate target group, listener rules, and IAM role required for traffic shifting during blue/green deployments.", "ContainerName": "The name of the container (as it appears in a container definition) to associate with the load balancer.\n\nYou need to specify the container name when configuring the target group for an Amazon ECS load balancer.", "ContainerPort": "The port on the container to associate with the load balancer. This port must correspond to a `containerPort` in the task definition the tasks in the service are using. For tasks that use the EC2 launch type, the container instance they're launched on must allow ingress traffic on the `hostPort` of the port mapping.", "LoadBalancerName": "The name of the load balancer to associate with the Amazon ECS service or task set.\n\nIf you are using an Application Load Balancer or a Network Load Balancer the load balancer name parameter should be omitted.", @@ -16430,7 +16654,7 @@ }, "AWS::ECS::Service LogConfiguration": { "LogDriver": "The log driver to use for the container.\n\nFor tasks on AWS Fargate , the supported log drivers are `awslogs` , `splunk` , and `awsfirelens` .\n\nFor tasks hosted on Amazon EC2 instances, the supported log drivers are `awslogs` , `fluentd` , `gelf` , `json-file` , `journald` , `syslog` , `splunk` , and `awsfirelens` .\n\nFor more information about using the `awslogs` log driver, see [Send Amazon ECS logs to CloudWatch](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_awslogs.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nFor more information about using the `awsfirelens` log driver, see [Send Amazon ECS logs to an AWS service or AWS Partner](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html) .\n\n> If you have a custom driver that isn't listed, you can fork the Amazon ECS container agent project that's [available on GitHub](https://docs.aws.amazon.com/https://github.com/aws/amazon-ecs-agent) and customize it to work with that driver. We encourage you to submit pull requests for changes that you would like to have included. However, we don't currently provide support for running modified copies of this software.", - "Options": "The configuration options to send to the log driver.\n\nThe options you can specify depend on the log driver. Some of the options you can specify when you use the `awslogs` log driver to route logs to Amazon CloudWatch include the following:\n\n- **awslogs-create-group** - Required: No\n\nSpecify whether you want the log group to be created automatically. If this option isn't specified, it defaults to `false` .\n\n> Your IAM policy must include the `logs:CreateLogGroup` permission before you attempt to use `awslogs-create-group` .\n- **awslogs-region** - Required: Yes\n\nSpecify the AWS Region that the `awslogs` log driver is to send your Docker logs to. You can choose to send all of your logs from clusters in different Regions to a single region in CloudWatch Logs. This is so that they're all visible in one location. Otherwise, you can separate them by Region for more granularity. Make sure that the specified log group exists in the Region that you specify with this option.\n- **awslogs-group** - Required: Yes\n\nMake sure to specify a log group that the `awslogs` log driver sends its log streams to.\n- **awslogs-stream-prefix** - Required: Yes, when using Fargate.Optional when using EC2.\n\nUse the `awslogs-stream-prefix` option to associate a log stream with the specified prefix, the container name, and the ID of the Amazon ECS task that the container belongs to. If you specify a prefix with this option, then the log stream takes the format `prefix-name/container-name/ecs-task-id` .\n\nIf you don't specify a prefix with this option, then the log stream is named after the container ID that's assigned by the Docker daemon on the container instance. Because it's difficult to trace logs back to the container that sent them with just the Docker container ID (which is only available on the container instance), we recommend that you specify a prefix with this option.\n\nFor Amazon ECS services, you can use the service name as the prefix. Doing so, you can trace log streams to the service that the container belongs to, the name of the container that sent them, and the ID of the task that the container belongs to.\n\nYou must specify a stream-prefix for your logs to have your logs appear in the Log pane when using the Amazon ECS console.\n- **awslogs-datetime-format** - Required: No\n\nThis option defines a multiline start pattern in Python `strftime` format. A log message consists of a line that matches the pattern and any following lines that don\u2019t match the pattern. The matched line is the delimiter between log messages.\n\nOne example of a use case for using this format is for parsing output such as a stack dump, which might otherwise be logged in multiple entries. The correct pattern allows it to be captured in a single entry.\n\nFor more information, see [awslogs-datetime-format](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/awslogs/#awslogs-datetime-format) .\n\nYou cannot configure both the `awslogs-datetime-format` and `awslogs-multiline-pattern` options.\n\n> Multiline logging performs regular expression parsing and matching of all log messages. This might have a negative impact on logging performance.\n- **awslogs-multiline-pattern** - Required: No\n\nThis option defines a multiline start pattern that uses a regular expression. A log message consists of a line that matches the pattern and any following lines that don\u2019t match the pattern. The matched line is the delimiter between log messages.\n\nFor more information, see [awslogs-multiline-pattern](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/awslogs/#awslogs-multiline-pattern) .\n\nThis option is ignored if `awslogs-datetime-format` is also configured.\n\nYou cannot configure both the `awslogs-datetime-format` and `awslogs-multiline-pattern` options.\n\n> Multiline logging performs regular expression parsing and matching of all log messages. This might have a negative impact on logging performance.\n\nThe following options apply to all supported log drivers.\n\n- **mode** - Required: No\n\nValid values: `non-blocking` | `blocking`\n\nThis option defines the delivery mode of log messages from the container to the log driver specified using `logDriver` . The delivery mode you choose affects application availability when the flow of logs from container is interrupted.\n\nIf you use the `blocking` mode and the flow of logs is interrupted, calls from container code to write to the `stdout` and `stderr` streams will block. The logging thread of the application will block as a result. This may cause the application to become unresponsive and lead to container healthcheck failure.\n\nIf you use the `non-blocking` mode, the container's logs are instead stored in an in-memory intermediate buffer configured with the `max-buffer-size` option. This prevents the application from becoming unresponsive when logs cannot be sent. We recommend using this mode if you want to ensure service availability and are okay with some log loss. For more information, see [Preventing log loss with non-blocking mode in the `awslogs` container log driver](https://docs.aws.amazon.com/containers/preventing-log-loss-with-non-blocking-mode-in-the-awslogs-container-log-driver/) .\n\nYou can set a default `mode` for all containers in a specific AWS Region by using the `defaultLogDriverMode` account setting. If you don't specify the `mode` option or configure the account setting, Amazon ECS will default to the `blocking` mode. For more information about the account setting, see [Default log driver mode](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-account-settings.html#default-log-driver-mode) in the *Amazon Elastic Container Service Developer Guide* .\n\n> On June 25, 2025, Amazon ECS is changing the default log driver mode from `blocking` to `non-blocking` to prioritize task availability over logging. To continue using the `blocking` mode after this change, do one of the following:\n> \n> - Set the `mode` option in your container definition's `logConfiguration` as `blocking` .\n> - Set the `defaultLogDriverMode` account setting to `blocking` .\n- **max-buffer-size** - Required: No\n\nDefault value: `1m`\n\nWhen `non-blocking` mode is used, the `max-buffer-size` log option controls the size of the buffer that's used for intermediate message storage. Make sure to specify an adequate buffer size based on your application. When the buffer fills up, further logs cannot be stored. Logs that cannot be stored are lost.\n\nTo route logs using the `splunk` log router, you need to specify a `splunk-token` and a `splunk-url` .\n\nWhen you use the `awsfirelens` log router to route logs to an AWS Service or AWS Partner Network destination for log storage and analytics, you can set the `log-driver-buffer-limit` option to limit the number of events that are buffered in memory, before being sent to the log router container. It can help to resolve potential log loss issue because high throughput might result in memory running out for the buffer inside of Docker.\n\nOther options you can specify when using `awsfirelens` to route logs depend on the destination. When you export logs to Amazon Data Firehose, you can specify the AWS Region with `region` and a name for the log stream with `delivery_stream` .\n\nWhen you export logs to Amazon Kinesis Data Streams, you can specify an AWS Region with `region` and a data stream name with `stream` .\n\nWhen you export logs to Amazon OpenSearch Service, you can specify options like `Name` , `Host` (OpenSearch Service endpoint without protocol), `Port` , `Index` , `Type` , `Aws_auth` , `Aws_region` , `Suppress_Type_Name` , and `tls` . For more information, see [Under the hood: FireLens for Amazon ECS Tasks](https://docs.aws.amazon.com/containers/under-the-hood-firelens-for-amazon-ecs-tasks/) .\n\nWhen you export logs to Amazon S3, you can specify the bucket using the `bucket` option. You can also specify `region` , `total_file_size` , `upload_timeout` , and `use_put_object` as options.\n\nThis parameter requires version 1.19 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`", + "Options": "The configuration options to send to the log driver.\n\nThe options you can specify depend on the log driver. Some of the options you can specify when you use the `awslogs` log driver to route logs to Amazon CloudWatch include the following:\n\n- **awslogs-create-group** - Required: No\n\nSpecify whether you want the log group to be created automatically. If this option isn't specified, it defaults to `false` .\n\n> Your IAM policy must include the `logs:CreateLogGroup` permission before you attempt to use `awslogs-create-group` .\n- **awslogs-region** - Required: Yes\n\nSpecify the AWS Region that the `awslogs` log driver is to send your Docker logs to. You can choose to send all of your logs from clusters in different Regions to a single region in CloudWatch Logs. This is so that they're all visible in one location. Otherwise, you can separate them by Region for more granularity. Make sure that the specified log group exists in the Region that you specify with this option.\n- **awslogs-group** - Required: Yes\n\nMake sure to specify a log group that the `awslogs` log driver sends its log streams to.\n- **awslogs-stream-prefix** - Required: Yes, when using Fargate.Optional when using EC2.\n\nUse the `awslogs-stream-prefix` option to associate a log stream with the specified prefix, the container name, and the ID of the Amazon ECS task that the container belongs to. If you specify a prefix with this option, then the log stream takes the format `prefix-name/container-name/ecs-task-id` .\n\nIf you don't specify a prefix with this option, then the log stream is named after the container ID that's assigned by the Docker daemon on the container instance. Because it's difficult to trace logs back to the container that sent them with just the Docker container ID (which is only available on the container instance), we recommend that you specify a prefix with this option.\n\nFor Amazon ECS services, you can use the service name as the prefix. Doing so, you can trace log streams to the service that the container belongs to, the name of the container that sent them, and the ID of the task that the container belongs to.\n\nYou must specify a stream-prefix for your logs to have your logs appear in the Log pane when using the Amazon ECS console.\n- **awslogs-datetime-format** - Required: No\n\nThis option defines a multiline start pattern in Python `strftime` format. A log message consists of a line that matches the pattern and any following lines that don\u2019t match the pattern. The matched line is the delimiter between log messages.\n\nOne example of a use case for using this format is for parsing output such as a stack dump, which might otherwise be logged in multiple entries. The correct pattern allows it to be captured in a single entry.\n\nFor more information, see [awslogs-datetime-format](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/awslogs/#awslogs-datetime-format) .\n\nYou cannot configure both the `awslogs-datetime-format` and `awslogs-multiline-pattern` options.\n\n> Multiline logging performs regular expression parsing and matching of all log messages. This might have a negative impact on logging performance.\n- **awslogs-multiline-pattern** - Required: No\n\nThis option defines a multiline start pattern that uses a regular expression. A log message consists of a line that matches the pattern and any following lines that don\u2019t match the pattern. The matched line is the delimiter between log messages.\n\nFor more information, see [awslogs-multiline-pattern](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/awslogs/#awslogs-multiline-pattern) .\n\nThis option is ignored if `awslogs-datetime-format` is also configured.\n\nYou cannot configure both the `awslogs-datetime-format` and `awslogs-multiline-pattern` options.\n\n> Multiline logging performs regular expression parsing and matching of all log messages. This might have a negative impact on logging performance.\n\nThe following options apply to all supported log drivers.\n\n- **mode** - Required: No\n\nValid values: `non-blocking` | `blocking`\n\nThis option defines the delivery mode of log messages from the container to the log driver specified using `logDriver` . The delivery mode you choose affects application availability when the flow of logs from container is interrupted.\n\nIf you use the `blocking` mode and the flow of logs is interrupted, calls from container code to write to the `stdout` and `stderr` streams will block. The logging thread of the application will block as a result. This may cause the application to become unresponsive and lead to container healthcheck failure.\n\nIf you use the `non-blocking` mode, the container's logs are instead stored in an in-memory intermediate buffer configured with the `max-buffer-size` option. This prevents the application from becoming unresponsive when logs cannot be sent. We recommend using this mode if you want to ensure service availability and are okay with some log loss. For more information, see [Preventing log loss with non-blocking mode in the `awslogs` container log driver](https://docs.aws.amazon.com/containers/preventing-log-loss-with-non-blocking-mode-in-the-awslogs-container-log-driver/) .\n\nYou can set a default `mode` for all containers in a specific AWS Region by using the `defaultLogDriverMode` account setting. If you don't specify the `mode` option or configure the account setting, Amazon ECS will default to the `non-blocking` mode. For more information about the account setting, see [Default log driver mode](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-account-settings.html#default-log-driver-mode) in the *Amazon Elastic Container Service Developer Guide* .\n\n> On June 25, 2025, Amazon ECS changed the default log driver mode from `blocking` to `non-blocking` to prioritize task availability over logging. To continue using the `blocking` mode after this change, do one of the following:\n> \n> - Set the `mode` option in your container definition's `logConfiguration` as `blocking` .\n> - Set the `defaultLogDriverMode` account setting to `blocking` .\n- **max-buffer-size** - Required: No\n\nDefault value: `1m`\n\nWhen `non-blocking` mode is used, the `max-buffer-size` log option controls the size of the buffer that's used for intermediate message storage. Make sure to specify an adequate buffer size based on your application. When the buffer fills up, further logs cannot be stored. Logs that cannot be stored are lost.\n\nTo route logs using the `splunk` log router, you need to specify a `splunk-token` and a `splunk-url` .\n\nWhen you use the `awsfirelens` log router to route logs to an AWS Service or AWS Partner Network destination for log storage and analytics, you can set the `log-driver-buffer-limit` option to limit the number of events that are buffered in memory, before being sent to the log router container. It can help to resolve potential log loss issue because high throughput might result in memory running out for the buffer inside of Docker.\n\nOther options you can specify when using `awsfirelens` to route logs depend on the destination. When you export logs to Amazon Data Firehose, you can specify the AWS Region with `region` and a name for the log stream with `delivery_stream` .\n\nWhen you export logs to Amazon Kinesis Data Streams, you can specify an AWS Region with `region` and a data stream name with `stream` .\n\nWhen you export logs to Amazon OpenSearch Service, you can specify options like `Name` , `Host` (OpenSearch Service endpoint without protocol), `Port` , `Index` , `Type` , `Aws_auth` , `Aws_region` , `Suppress_Type_Name` , and `tls` . For more information, see [Under the hood: FireLens for Amazon ECS Tasks](https://docs.aws.amazon.com/containers/under-the-hood-firelens-for-amazon-ecs-tasks/) .\n\nWhen you export logs to Amazon S3, you can specify the bucket using the `bucket` option. You can also specify `region` , `total_file_size` , `upload_timeout` , and `use_put_object` as options.\n\nThis parameter requires version 1.19 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`", "SecretOptions": "The secrets to pass to the log configuration. For more information, see [Specifying sensitive data](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data.html) in the *Amazon Elastic Container Service Developer Guide* ." }, "AWS::ECS::Service NetworkConfiguration": { @@ -16450,7 +16674,8 @@ }, "AWS::ECS::Service ServiceConnectClientAlias": { "DnsName": "The `dnsName` is the name that you use in the applications of client tasks to connect to this service. The name must be a valid DNS name but doesn't need to be fully-qualified. The name can include up to 127 characters. The name can include lowercase letters, numbers, underscores (_), hyphens (-), and periods (.). The name can't start with a hyphen.\n\nIf this parameter isn't specified, the default value of `discoveryName.namespace` is used. If the `discoveryName` isn't specified, the port mapping name from the task definition is used in `portName.namespace` .\n\nTo avoid changing your applications in client Amazon ECS services, set this to the same name that the client application uses by default. For example, a few common names are `database` , `db` , or the lowercase name of a database, such as `mysql` or `redis` . For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide* .", - "Port": "The listening port number for the Service Connect proxy. This port is available inside of all of the tasks within the same namespace.\n\nTo avoid changing your applications in client Amazon ECS services, set this to the same port that the client application uses by default. For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide* ." + "Port": "The listening port number for the Service Connect proxy. This port is available inside of all of the tasks within the same namespace.\n\nTo avoid changing your applications in client Amazon ECS services, set this to the same port that the client application uses by default. For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide* .", + "TestTrafficRules": "The configuration for test traffic routing rules used during blue/green deployments with Amazon ECS Service Connect. This allows you to route a portion of traffic to the new service revision of your service for testing before shifting all production traffic." }, "AWS::ECS::Service ServiceConnectConfiguration": { "Enabled": "Specifies whether to use Service Connect with this service.", @@ -16466,6 +16691,16 @@ "Timeout": "A reference to an object that represents the configured timeouts for Service Connect.", "Tls": "A reference to an object that represents a Transport Layer Security (TLS) configuration." }, + "AWS::ECS::Service ServiceConnectTestTrafficRules": { + "Header": "The HTTP header-based routing rules that determine which requests should be routed to the new service version during blue/green deployment testing. These rules provide fine-grained control over test traffic routing based on request headers." + }, + "AWS::ECS::Service ServiceConnectTestTrafficRulesHeader": { + "Name": "", + "Value": "" + }, + "AWS::ECS::Service ServiceConnectTestTrafficRulesHeaderValue": { + "Exact": "" + }, "AWS::ECS::Service ServiceConnectTlsCertificateAuthority": { "AwsPcaAuthorityArn": "The ARN of the AWS Private Certificate Authority certificate." }, @@ -16517,7 +16752,6 @@ "EphemeralStorage": "The ephemeral storage settings to use for tasks run with the task definition.", "ExecutionRoleArn": "The Amazon Resource Name (ARN) of the task execution role that grants the Amazon ECS container agent permission to make AWS API calls on your behalf. For informationabout the required IAM roles for Amazon ECS, see [IAM roles for Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/security-ecs-iam-role-overview.html) in the *Amazon Elastic Container Service Developer Guide* .", "Family": "The name of a family that this task definition is registered to. Up to 255 letters (uppercase and lowercase), numbers, hyphens, and underscores are allowed.\n\nA family groups multiple versions of a task definition. Amazon ECS gives the first task definition that you registered to a family a revision number of 1. Amazon ECS gives sequential revision numbers to each task definition that you add.\n\n> To use revision numbers when you update a task definition, specify this property. If you don't specify a value, AWS CloudFormation generates a new task definition each time that you update it.", - "InferenceAccelerators": "The Elastic Inference accelerators to use for the containers in the task.", "IpcMode": "The IPC resource namespace to use for the containers in the task. The valid values are `host` , `task` , or `none` . If `host` is specified, then all containers within the tasks that specified the `host` IPC mode on the same container instance share the same IPC resources with the host Amazon EC2 instance. If `task` is specified, all containers within the specified task share the same IPC resources. If `none` is specified, then IPC resources within the containers of a task are private and not shared with other containers in a task or on the container instance. If no value is specified, then the IPC resource namespace sharing depends on the Docker daemon setting on the container instance.\n\nIf the `host` IPC mode is used, be aware that there is a heightened risk of undesired IPC namespace expose.\n\nIf you are setting namespaced kernel parameters using `systemControls` for the containers in the task, the following will apply to your IPC resource namespace. For more information, see [System Controls](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html) in the *Amazon Elastic Container Service Developer Guide* .\n\n- For tasks that use the `host` IPC mode, IPC namespace related `systemControls` are not supported.\n- For tasks that use the `task` IPC mode, IPC namespace related `systemControls` will apply to all containers within a task.\n\n> This parameter is not supported for Windows containers or tasks run on AWS Fargate .", "Memory": "The amount (in MiB) of memory used by the task.\n\nIf your tasks runs on Amazon EC2 instances, you must specify either a task-level memory value or a container-level memory value. This field is optional and any value can be used. If a task-level memory value is specified, the container-level memory value is optional. For more information regarding container-level memory and memory reservation, see [ContainerDefinition](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ContainerDefinition.html) .\n\nIf your tasks runs on AWS Fargate , this field is required. You must use one of the following values. The value you choose determines your range of valid values for the `cpu` parameter.\n\n- 512 (0.5 GB), 1024 (1 GB), 2048 (2 GB) - Available `cpu` values: 256 (.25 vCPU)\n- 1024 (1 GB), 2048 (2 GB), 3072 (3 GB), 4096 (4 GB) - Available `cpu` values: 512 (.5 vCPU)\n- 2048 (2 GB), 3072 (3 GB), 4096 (4 GB), 5120 (5 GB), 6144 (6 GB), 7168 (7 GB), 8192 (8 GB) - Available `cpu` values: 1024 (1 vCPU)\n- Between 4096 (4 GB) and 16384 (16 GB) in increments of 1024 (1 GB) - Available `cpu` values: 2048 (2 vCPU)\n- Between 8192 (8 GB) and 30720 (30 GB) in increments of 1024 (1 GB) - Available `cpu` values: 4096 (4 vCPU)\n- Between 16 GB and 60 GB in 4 GB increments - Available `cpu` values: 8192 (8 vCPU)\n\nThis option requires Linux platform `1.4.0` or later.\n- Between 32GB and 120 GB in 8 GB increments - Available `cpu` values: 16384 (16 vCPU)\n\nThis option requires Linux platform `1.4.0` or later.", "NetworkMode": "The Docker networking mode to use for the containers in the task. The valid values are `none` , `bridge` , `awsvpc` , and `host` . If no network mode is specified, the default is `bridge` .\n\nFor Amazon ECS tasks on Fargate, the `awsvpc` network mode is required. For Amazon ECS tasks on Amazon EC2 Linux instances, any network mode can be used. For Amazon ECS tasks on Amazon EC2 Windows instances, `` or `awsvpc` can be used. If the network mode is set to `none` , you cannot specify port mappings in your container definitions, and the tasks containers do not have external connectivity. The `host` and `awsvpc` network modes offer the highest networking performance for containers because they use the EC2 network stack instead of the virtualized network stack provided by the `bridge` mode.\n\nWith the `host` and `awsvpc` network modes, exposed container ports are mapped directly to the corresponding host port (for the `host` network mode) or the attached elastic network interface port (for the `awsvpc` network mode), so you cannot take advantage of dynamic host port mappings.\n\n> When using the `host` network mode, you should not run containers using the root user (UID 0). It is considered best practice to use a non-root user. \n\nIf the network mode is `awsvpc` , the task is allocated an elastic network interface, and you must specify a [NetworkConfiguration](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_NetworkConfiguration.html) value when you create a service or run a task with the task definition. For more information, see [Task Networking](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-networking.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nIf the network mode is `host` , you cannot run multiple instantiations of the same task on a single container instance when port mappings are used.", @@ -16552,7 +16786,7 @@ "FirelensConfiguration": "The FireLens configuration for the container. This is used to specify and configure a log router for container logs. For more information, see [Custom Log Routing](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html) in the *Amazon Elastic Container Service Developer Guide* .", "HealthCheck": "The container health check command and associated configuration parameters for the container. This parameter maps to `HealthCheck` in the docker container create command and the `HEALTHCHECK` parameter of docker run.", "Hostname": "The hostname to use for your container. This parameter maps to `Hostname` in the docker container create command and the `--hostname` option to docker run.\n\n> The `hostname` parameter is not supported if you're using the `awsvpc` network mode.", - "Image": "The image used to start a container. This string is passed directly to the Docker daemon. By default, images in the Docker Hub registry are available. Other repositories are specified with either `*repository-url* / *image* : *tag*` or `*repository-url* / *image* @ *digest*` . Up to 255 letters (uppercase and lowercase), numbers, hyphens, underscores, colons, periods, forward slashes, and number signs are allowed. This parameter maps to `Image` in the docker container create command and the `IMAGE` parameter of docker run.\n\n- When a new task starts, the Amazon ECS container agent pulls the latest version of the specified image and tag for the container to use. However, subsequent updates to a repository image aren't propagated to already running tasks.\n- Images in Amazon ECR repositories can be specified by either using the full `registry/repository:tag` or `registry/repository@digest` . For example, `012345678910.dkr.ecr..amazonaws.com/:latest` or `012345678910.dkr.ecr..amazonaws.com/@sha256:94afd1f2e64d908bc90dbca0035a5b567EXAMPLE` .\n- Images in official repositories on Docker Hub use a single name (for example, `ubuntu` or `mongo` ).\n- Images in other repositories on Docker Hub are qualified with an organization name (for example, `amazon/amazon-ecs-agent` ).\n- Images in other online repositories are qualified further by a domain name (for example, `quay.io/assemblyline/ubuntu` ).", + "Image": "The image used to start a container. This string is passed directly to the Docker daemon. By default, images in the Docker Hub registry are available. Other repositories are specified with either `*repository-url* / *image* : *tag*` or `*repository-url* / *image* @ *digest*` . For images using tags (repository-url/image:tag), up to 255 characters total are allowed, including letters (uppercase and lowercase), numbers, hyphens, underscores, colons, periods, forward slashes, and number signs (#). For images using digests (repository-url/image@digest), the 255 character limit applies only to the repository URL and image name (everything before the @ sign). The only supported hash function is sha256, and the hash value after sha256: must be exactly 64 characters (only letters A-F, a-f, and numbers 0-9 are allowed). This parameter maps to `Image` in the docker container create command and the `IMAGE` parameter of docker run.\n\n- When a new task starts, the Amazon ECS container agent pulls the latest version of the specified image and tag for the container to use. However, subsequent updates to a repository image aren't propagated to already running tasks.\n- Images in Amazon ECR repositories can be specified by either using the full `registry/repository:tag` or `registry/repository@digest` . For example, `012345678910.dkr.ecr..amazonaws.com/:latest` or `012345678910.dkr.ecr..amazonaws.com/@sha256:94afd1f2e64d908bc90dbca0035a5b567EXAMPLE` .\n- Images in official repositories on Docker Hub use a single name (for example, `ubuntu` or `mongo` ).\n- Images in other repositories on Docker Hub are qualified with an organization name (for example, `amazon/amazon-ecs-agent` ).\n- Images in other online repositories are qualified further by a domain name (for example, `quay.io/assemblyline/ubuntu` ).", "Interactive": "When this parameter is `true` , you can deploy containerized applications that require `stdin` or a `tty` to be allocated. This parameter maps to `OpenStdin` in the docker container create command and the `--interactive` option to docker run.", "Links": "The `links` parameter allows containers to communicate with each other without the need for port mappings. This parameter is only supported if the network mode of a task definition is `bridge` . The `name:internalName` construct is analogous to `name:alias` in Docker links. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed.. This parameter maps to `Links` in the docker container create command and the `--link` option to docker run.\n\n> This parameter is not supported for Windows containers. > Containers that are collocated on a single container instance may be able to communicate with each other without requiring links or host port mappings. Network isolation is achieved on the container instance using security groups and VPC settings.", "LinuxParameters": "Linux-specific modifications that are applied to the container, such as Linux kernel capabilities. For more information see [KernelCapabilities](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_KernelCapabilities.html) .\n\n> This parameter is not supported for Windows containers.", @@ -16635,10 +16869,6 @@ "AWS::ECS::TaskDefinition HostVolumeProperties": { "SourcePath": "When the `host` parameter is used, specify a `sourcePath` to declare the path on the host container instance that's presented to the container. If this parameter is empty, then the Docker daemon has assigned a host path for you. If the `host` parameter contains a `sourcePath` file location, then the data volume persists at the specified location on the host container instance until you delete it manually. If the `sourcePath` value doesn't exist on the host container instance, the Docker daemon creates it. If the location does exist, the contents of the source path folder are exported.\n\nIf you're using the Fargate launch type, the `sourcePath` parameter is not supported." }, - "AWS::ECS::TaskDefinition InferenceAccelerator": { - "DeviceName": "The Elastic Inference accelerator device name. The `deviceName` must also be referenced in a container definition as a [ResourceRequirement](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ResourceRequirement.html) .", - "DeviceType": "The Elastic Inference accelerator type to use." - }, "AWS::ECS::TaskDefinition KernelCapabilities": { "Add": "The Linux capabilities for the container that have been added to the default configuration provided by Docker. This parameter maps to `CapAdd` in the docker container create command and the `--cap-add` option to docker run.\n\n> Tasks launched on AWS Fargate only support adding the `SYS_PTRACE` kernel capability. \n\nValid values: `\"ALL\" | \"AUDIT_CONTROL\" | \"AUDIT_WRITE\" | \"BLOCK_SUSPEND\" | \"CHOWN\" | \"DAC_OVERRIDE\" | \"DAC_READ_SEARCH\" | \"FOWNER\" | \"FSETID\" | \"IPC_LOCK\" | \"IPC_OWNER\" | \"KILL\" | \"LEASE\" | \"LINUX_IMMUTABLE\" | \"MAC_ADMIN\" | \"MAC_OVERRIDE\" | \"MKNOD\" | \"NET_ADMIN\" | \"NET_BIND_SERVICE\" | \"NET_BROADCAST\" | \"NET_RAW\" | \"SETFCAP\" | \"SETGID\" | \"SETPCAP\" | \"SETUID\" | \"SYS_ADMIN\" | \"SYS_BOOT\" | \"SYS_CHROOT\" | \"SYS_MODULE\" | \"SYS_NICE\" | \"SYS_PACCT\" | \"SYS_PTRACE\" | \"SYS_RAWIO\" | \"SYS_RESOURCE\" | \"SYS_TIME\" | \"SYS_TTY_CONFIG\" | \"SYSLOG\" | \"WAKE_ALARM\"`", "Drop": "The Linux capabilities for the container that have been removed from the default configuration provided by Docker. This parameter maps to `CapDrop` in the docker container create command and the `--cap-drop` option to docker run.\n\nValid values: `\"ALL\" | \"AUDIT_CONTROL\" | \"AUDIT_WRITE\" | \"BLOCK_SUSPEND\" | \"CHOWN\" | \"DAC_OVERRIDE\" | \"DAC_READ_SEARCH\" | \"FOWNER\" | \"FSETID\" | \"IPC_LOCK\" | \"IPC_OWNER\" | \"KILL\" | \"LEASE\" | \"LINUX_IMMUTABLE\" | \"MAC_ADMIN\" | \"MAC_OVERRIDE\" | \"MKNOD\" | \"NET_ADMIN\" | \"NET_BIND_SERVICE\" | \"NET_BROADCAST\" | \"NET_RAW\" | \"SETFCAP\" | \"SETGID\" | \"SETPCAP\" | \"SETUID\" | \"SYS_ADMIN\" | \"SYS_BOOT\" | \"SYS_CHROOT\" | \"SYS_MODULE\" | \"SYS_NICE\" | \"SYS_PACCT\" | \"SYS_PTRACE\" | \"SYS_RAWIO\" | \"SYS_RESOURCE\" | \"SYS_TIME\" | \"SYS_TTY_CONFIG\" | \"SYSLOG\" | \"WAKE_ALARM\"`" @@ -16658,7 +16888,7 @@ }, "AWS::ECS::TaskDefinition LogConfiguration": { "LogDriver": "The log driver to use for the container.\n\nFor tasks on AWS Fargate , the supported log drivers are `awslogs` , `splunk` , and `awsfirelens` .\n\nFor tasks hosted on Amazon EC2 instances, the supported log drivers are `awslogs` , `fluentd` , `gelf` , `json-file` , `journald` , `syslog` , `splunk` , and `awsfirelens` .\n\nFor more information about using the `awslogs` log driver, see [Send Amazon ECS logs to CloudWatch](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_awslogs.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nFor more information about using the `awsfirelens` log driver, see [Send Amazon ECS logs to an AWS service or AWS Partner](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html) .\n\n> If you have a custom driver that isn't listed, you can fork the Amazon ECS container agent project that's [available on GitHub](https://docs.aws.amazon.com/https://github.com/aws/amazon-ecs-agent) and customize it to work with that driver. We encourage you to submit pull requests for changes that you would like to have included. However, we don't currently provide support for running modified copies of this software.", - "Options": "The configuration options to send to the log driver.\n\nThe options you can specify depend on the log driver. Some of the options you can specify when you use the `awslogs` log driver to route logs to Amazon CloudWatch include the following:\n\n- **awslogs-create-group** - Required: No\n\nSpecify whether you want the log group to be created automatically. If this option isn't specified, it defaults to `false` .\n\n> Your IAM policy must include the `logs:CreateLogGroup` permission before you attempt to use `awslogs-create-group` .\n- **awslogs-region** - Required: Yes\n\nSpecify the AWS Region that the `awslogs` log driver is to send your Docker logs to. You can choose to send all of your logs from clusters in different Regions to a single region in CloudWatch Logs. This is so that they're all visible in one location. Otherwise, you can separate them by Region for more granularity. Make sure that the specified log group exists in the Region that you specify with this option.\n- **awslogs-group** - Required: Yes\n\nMake sure to specify a log group that the `awslogs` log driver sends its log streams to.\n- **awslogs-stream-prefix** - Required: Yes, when using Fargate.Optional when using EC2.\n\nUse the `awslogs-stream-prefix` option to associate a log stream with the specified prefix, the container name, and the ID of the Amazon ECS task that the container belongs to. If you specify a prefix with this option, then the log stream takes the format `prefix-name/container-name/ecs-task-id` .\n\nIf you don't specify a prefix with this option, then the log stream is named after the container ID that's assigned by the Docker daemon on the container instance. Because it's difficult to trace logs back to the container that sent them with just the Docker container ID (which is only available on the container instance), we recommend that you specify a prefix with this option.\n\nFor Amazon ECS services, you can use the service name as the prefix. Doing so, you can trace log streams to the service that the container belongs to, the name of the container that sent them, and the ID of the task that the container belongs to.\n\nYou must specify a stream-prefix for your logs to have your logs appear in the Log pane when using the Amazon ECS console.\n- **awslogs-datetime-format** - Required: No\n\nThis option defines a multiline start pattern in Python `strftime` format. A log message consists of a line that matches the pattern and any following lines that don\u2019t match the pattern. The matched line is the delimiter between log messages.\n\nOne example of a use case for using this format is for parsing output such as a stack dump, which might otherwise be logged in multiple entries. The correct pattern allows it to be captured in a single entry.\n\nFor more information, see [awslogs-datetime-format](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/awslogs/#awslogs-datetime-format) .\n\nYou cannot configure both the `awslogs-datetime-format` and `awslogs-multiline-pattern` options.\n\n> Multiline logging performs regular expression parsing and matching of all log messages. This might have a negative impact on logging performance.\n- **awslogs-multiline-pattern** - Required: No\n\nThis option defines a multiline start pattern that uses a regular expression. A log message consists of a line that matches the pattern and any following lines that don\u2019t match the pattern. The matched line is the delimiter between log messages.\n\nFor more information, see [awslogs-multiline-pattern](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/awslogs/#awslogs-multiline-pattern) .\n\nThis option is ignored if `awslogs-datetime-format` is also configured.\n\nYou cannot configure both the `awslogs-datetime-format` and `awslogs-multiline-pattern` options.\n\n> Multiline logging performs regular expression parsing and matching of all log messages. This might have a negative impact on logging performance.\n\nThe following options apply to all supported log drivers.\n\n- **mode** - Required: No\n\nValid values: `non-blocking` | `blocking`\n\nThis option defines the delivery mode of log messages from the container to the log driver specified using `logDriver` . The delivery mode you choose affects application availability when the flow of logs from container is interrupted.\n\nIf you use the `blocking` mode and the flow of logs is interrupted, calls from container code to write to the `stdout` and `stderr` streams will block. The logging thread of the application will block as a result. This may cause the application to become unresponsive and lead to container healthcheck failure.\n\nIf you use the `non-blocking` mode, the container's logs are instead stored in an in-memory intermediate buffer configured with the `max-buffer-size` option. This prevents the application from becoming unresponsive when logs cannot be sent. We recommend using this mode if you want to ensure service availability and are okay with some log loss. For more information, see [Preventing log loss with non-blocking mode in the `awslogs` container log driver](https://docs.aws.amazon.com/containers/preventing-log-loss-with-non-blocking-mode-in-the-awslogs-container-log-driver/) .\n\nYou can set a default `mode` for all containers in a specific AWS Region by using the `defaultLogDriverMode` account setting. If you don't specify the `mode` option or configure the account setting, Amazon ECS will default to the `blocking` mode. For more information about the account setting, see [Default log driver mode](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-account-settings.html#default-log-driver-mode) in the *Amazon Elastic Container Service Developer Guide* .\n\n> On June 25, 2025, Amazon ECS is changing the default log driver mode from `blocking` to `non-blocking` to prioritize task availability over logging. To continue using the `blocking` mode after this change, do one of the following:\n> \n> - Set the `mode` option in your container definition's `logConfiguration` as `blocking` .\n> - Set the `defaultLogDriverMode` account setting to `blocking` .\n- **max-buffer-size** - Required: No\n\nDefault value: `1m`\n\nWhen `non-blocking` mode is used, the `max-buffer-size` log option controls the size of the buffer that's used for intermediate message storage. Make sure to specify an adequate buffer size based on your application. When the buffer fills up, further logs cannot be stored. Logs that cannot be stored are lost.\n\nTo route logs using the `splunk` log router, you need to specify a `splunk-token` and a `splunk-url` .\n\nWhen you use the `awsfirelens` log router to route logs to an AWS Service or AWS Partner Network destination for log storage and analytics, you can set the `log-driver-buffer-limit` option to limit the number of events that are buffered in memory, before being sent to the log router container. It can help to resolve potential log loss issue because high throughput might result in memory running out for the buffer inside of Docker.\n\nOther options you can specify when using `awsfirelens` to route logs depend on the destination. When you export logs to Amazon Data Firehose, you can specify the AWS Region with `region` and a name for the log stream with `delivery_stream` .\n\nWhen you export logs to Amazon Kinesis Data Streams, you can specify an AWS Region with `region` and a data stream name with `stream` .\n\nWhen you export logs to Amazon OpenSearch Service, you can specify options like `Name` , `Host` (OpenSearch Service endpoint without protocol), `Port` , `Index` , `Type` , `Aws_auth` , `Aws_region` , `Suppress_Type_Name` , and `tls` . For more information, see [Under the hood: FireLens for Amazon ECS Tasks](https://docs.aws.amazon.com/containers/under-the-hood-firelens-for-amazon-ecs-tasks/) .\n\nWhen you export logs to Amazon S3, you can specify the bucket using the `bucket` option. You can also specify `region` , `total_file_size` , `upload_timeout` , and `use_put_object` as options.\n\nThis parameter requires version 1.19 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`", + "Options": "The configuration options to send to the log driver.\n\nThe options you can specify depend on the log driver. Some of the options you can specify when you use the `awslogs` log driver to route logs to Amazon CloudWatch include the following:\n\n- **awslogs-create-group** - Required: No\n\nSpecify whether you want the log group to be created automatically. If this option isn't specified, it defaults to `false` .\n\n> Your IAM policy must include the `logs:CreateLogGroup` permission before you attempt to use `awslogs-create-group` .\n- **awslogs-region** - Required: Yes\n\nSpecify the AWS Region that the `awslogs` log driver is to send your Docker logs to. You can choose to send all of your logs from clusters in different Regions to a single region in CloudWatch Logs. This is so that they're all visible in one location. Otherwise, you can separate them by Region for more granularity. Make sure that the specified log group exists in the Region that you specify with this option.\n- **awslogs-group** - Required: Yes\n\nMake sure to specify a log group that the `awslogs` log driver sends its log streams to.\n- **awslogs-stream-prefix** - Required: Yes, when using Fargate.Optional when using EC2.\n\nUse the `awslogs-stream-prefix` option to associate a log stream with the specified prefix, the container name, and the ID of the Amazon ECS task that the container belongs to. If you specify a prefix with this option, then the log stream takes the format `prefix-name/container-name/ecs-task-id` .\n\nIf you don't specify a prefix with this option, then the log stream is named after the container ID that's assigned by the Docker daemon on the container instance. Because it's difficult to trace logs back to the container that sent them with just the Docker container ID (which is only available on the container instance), we recommend that you specify a prefix with this option.\n\nFor Amazon ECS services, you can use the service name as the prefix. Doing so, you can trace log streams to the service that the container belongs to, the name of the container that sent them, and the ID of the task that the container belongs to.\n\nYou must specify a stream-prefix for your logs to have your logs appear in the Log pane when using the Amazon ECS console.\n- **awslogs-datetime-format** - Required: No\n\nThis option defines a multiline start pattern in Python `strftime` format. A log message consists of a line that matches the pattern and any following lines that don\u2019t match the pattern. The matched line is the delimiter between log messages.\n\nOne example of a use case for using this format is for parsing output such as a stack dump, which might otherwise be logged in multiple entries. The correct pattern allows it to be captured in a single entry.\n\nFor more information, see [awslogs-datetime-format](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/awslogs/#awslogs-datetime-format) .\n\nYou cannot configure both the `awslogs-datetime-format` and `awslogs-multiline-pattern` options.\n\n> Multiline logging performs regular expression parsing and matching of all log messages. This might have a negative impact on logging performance.\n- **awslogs-multiline-pattern** - Required: No\n\nThis option defines a multiline start pattern that uses a regular expression. A log message consists of a line that matches the pattern and any following lines that don\u2019t match the pattern. The matched line is the delimiter between log messages.\n\nFor more information, see [awslogs-multiline-pattern](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/awslogs/#awslogs-multiline-pattern) .\n\nThis option is ignored if `awslogs-datetime-format` is also configured.\n\nYou cannot configure both the `awslogs-datetime-format` and `awslogs-multiline-pattern` options.\n\n> Multiline logging performs regular expression parsing and matching of all log messages. This might have a negative impact on logging performance.\n\nThe following options apply to all supported log drivers.\n\n- **mode** - Required: No\n\nValid values: `non-blocking` | `blocking`\n\nThis option defines the delivery mode of log messages from the container to the log driver specified using `logDriver` . The delivery mode you choose affects application availability when the flow of logs from container is interrupted.\n\nIf you use the `blocking` mode and the flow of logs is interrupted, calls from container code to write to the `stdout` and `stderr` streams will block. The logging thread of the application will block as a result. This may cause the application to become unresponsive and lead to container healthcheck failure.\n\nIf you use the `non-blocking` mode, the container's logs are instead stored in an in-memory intermediate buffer configured with the `max-buffer-size` option. This prevents the application from becoming unresponsive when logs cannot be sent. We recommend using this mode if you want to ensure service availability and are okay with some log loss. For more information, see [Preventing log loss with non-blocking mode in the `awslogs` container log driver](https://docs.aws.amazon.com/containers/preventing-log-loss-with-non-blocking-mode-in-the-awslogs-container-log-driver/) .\n\nYou can set a default `mode` for all containers in a specific AWS Region by using the `defaultLogDriverMode` account setting. If you don't specify the `mode` option or configure the account setting, Amazon ECS will default to the `non-blocking` mode. For more information about the account setting, see [Default log driver mode](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-account-settings.html#default-log-driver-mode) in the *Amazon Elastic Container Service Developer Guide* .\n\n> On June 25, 2025, Amazon ECS changed the default log driver mode from `blocking` to `non-blocking` to prioritize task availability over logging. To continue using the `blocking` mode after this change, do one of the following:\n> \n> - Set the `mode` option in your container definition's `logConfiguration` as `blocking` .\n> - Set the `defaultLogDriverMode` account setting to `blocking` .\n- **max-buffer-size** - Required: No\n\nDefault value: `1m`\n\nWhen `non-blocking` mode is used, the `max-buffer-size` log option controls the size of the buffer that's used for intermediate message storage. Make sure to specify an adequate buffer size based on your application. When the buffer fills up, further logs cannot be stored. Logs that cannot be stored are lost.\n\nTo route logs using the `splunk` log router, you need to specify a `splunk-token` and a `splunk-url` .\n\nWhen you use the `awsfirelens` log router to route logs to an AWS Service or AWS Partner Network destination for log storage and analytics, you can set the `log-driver-buffer-limit` option to limit the number of events that are buffered in memory, before being sent to the log router container. It can help to resolve potential log loss issue because high throughput might result in memory running out for the buffer inside of Docker.\n\nOther options you can specify when using `awsfirelens` to route logs depend on the destination. When you export logs to Amazon Data Firehose, you can specify the AWS Region with `region` and a name for the log stream with `delivery_stream` .\n\nWhen you export logs to Amazon Kinesis Data Streams, you can specify an AWS Region with `region` and a data stream name with `stream` .\n\nWhen you export logs to Amazon OpenSearch Service, you can specify options like `Name` , `Host` (OpenSearch Service endpoint without protocol), `Port` , `Index` , `Type` , `Aws_auth` , `Aws_region` , `Suppress_Type_Name` , and `tls` . For more information, see [Under the hood: FireLens for Amazon ECS Tasks](https://docs.aws.amazon.com/containers/under-the-hood-firelens-for-amazon-ecs-tasks/) .\n\nWhen you export logs to Amazon S3, you can specify the bucket using the `bucket` option. You can also specify `region` , `total_file_size` , `upload_timeout` , and `use_put_object` as options.\n\nThis parameter requires version 1.19 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`", "SecretOptions": "The secrets to pass to the log configuration. For more information, see [Specifying sensitive data](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data.html) in the *Amazon Elastic Container Service Developer Guide* ." }, "AWS::ECS::TaskDefinition MountPoint": { @@ -16848,9 +17078,11 @@ }, "AWS::EFS::MountTarget": { "FileSystemId": "The ID of the file system for which to create the mount target.", - "IpAddress": "Valid IPv4 address within the address range of the specified subnet.", - "SecurityGroups": "VPC security group IDs, of the form `sg-xxxxxxxx` . These must be for the same VPC as the subnet specified. The maximum number of security groups depends on account quota. For more information, see [Amazon VPC Quotas](https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html) in the *Amazon VPC User Guide* (see the *Security Groups* table).", - "SubnetId": "The ID of the subnet to add the mount target in. For One Zone file systems, use the subnet that is associated with the file system's Availability Zone." + "IpAddress": "If the `IpAddressType` for the mount target is IPv4 ( `IPV4_ONLY` or `DUAL_STACK` ), then specify the IPv4 address to use. If you do not specify an `IpAddress` , then Amazon EFS selects an unused IP address from the subnet specified for `SubnetId` .", + "IpAddressType": "The IP address type for the mount target. The possible values are `IPV4_ONLY` (only IPv4 addresses), `IPV6_ONLY` (only IPv6 addresses), and `DUAL_STACK` (dual-stack, both IPv4 and IPv6 addresses). If you don\u2019t specify an `IpAddressType` , then `IPV4_ONLY` is used.\n\n> The `IPAddressType` must match the IP type of the subnet. Additionally, the `IPAddressType` parameter overrides the value set as the default IP address for the subnet in the VPC. For example, if the `IPAddressType` is `IPV4_ONLY` and `AssignIpv6AddressOnCreation` is `true` , then IPv4 is used for the mount target. For more information, see [Modify the IP addressing attributes of your subnet](https://docs.aws.amazon.com/vpc/latest/userguide/subnet-public-ip.html) .", + "Ipv6Address": "If the `IPAddressType` for the mount target is IPv6 ( `IPV6_ONLY` or `DUAL_STACK` ), then specify the IPv6 address to use. If you do not specify an `Ipv6Address` , then Amazon EFS selects an unused IP address from the subnet specified for `SubnetId` .", + "SecurityGroups": "VPC security group IDs, of the form `sg-xxxxxxxx` . These must be for the same VPC as the subnet specified. The maximum number of security groups depends on account quota. For more information, see [Amazon VPC Quotas](https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html) in the *Amazon VPC User Guide* (see the *Security Groups* table). If you don't specify a security group, then Amazon EFS uses the default security group for the subnet's VPC.", + "SubnetId": "The ID of the subnet to add the mount target in. For One Zone file systems, use the subnet that is associated with the file system's Availability Zone. The subnet type must be the same type as the `IpAddressType` ." }, "AWS::EKS::AccessEntry": { "AccessPolicies": "The access policies to associate to the access entry.", @@ -16878,14 +17110,14 @@ "AddonVersion": "The version of the add-on.", "ClusterName": "The name of your cluster.", "ConfigurationValues": "The configuration values that you provided.", - "PodIdentityAssociations": "An array of Pod Identity Assocations owned by the Addon. Each EKS Pod Identity association maps a role to a service account in a namespace in the cluster.\n\nFor more information, see [Attach an IAM Role to an Amazon EKS add-on using Pod Identity](https://docs.aws.amazon.com/eks/latest/userguide/add-ons-iam.html) in the *Amazon EKS User Guide* .", + "PodIdentityAssociations": "An array of EKS Pod Identity associations owned by the add-on. Each association maps a role to a service account in a namespace in the cluster.\n\nFor more information, see [Attach an IAM Role to an Amazon EKS add-on using EKS Pod Identity](https://docs.aws.amazon.com/eks/latest/userguide/add-ons-iam.html) in the *Amazon EKS User Guide* .", "PreserveOnDelete": "Specifying this option preserves the add-on software on your cluster but Amazon EKS stops managing any settings for the add-on. If an IAM account is associated with the add-on, it isn't removed.", "ResolveConflicts": "How to resolve field value conflicts for an Amazon EKS add-on. Conflicts are handled based on the value you choose:\n\n- *None* \u2013 If the self-managed version of the add-on is installed on your cluster, Amazon EKS doesn't change the value. Creation of the add-on might fail.\n- *Overwrite* \u2013 If the self-managed version of the add-on is installed on your cluster and the Amazon EKS default value is different than the existing value, Amazon EKS changes the value to the Amazon EKS default value.\n- *Preserve* \u2013 This is similar to the NONE option. If the self-managed version of the add-on is installed on your cluster Amazon EKS doesn't change the add-on resource properties. Creation of the add-on might fail if conflicts are detected. This option works differently during the update operation. For more information, see [`UpdateAddon`](https://docs.aws.amazon.com/eks/latest/APIReference/API_UpdateAddon.html) .\n\nIf you don't currently have the self-managed version of the add-on installed on your cluster, the Amazon EKS add-on is installed. Amazon EKS sets all values to default values, regardless of the option that you specify.", "ServiceAccountRoleArn": "The Amazon Resource Name (ARN) of an existing IAM role to bind to the add-on's service account. The role must be assigned the IAM permissions required by the add-on. If you don't specify an existing IAM role, then the add-on uses the permissions assigned to the node IAM role. For more information, see [Amazon EKS node IAM role](https://docs.aws.amazon.com/eks/latest/userguide/create-node-role.html) in the *Amazon EKS User Guide* .\n\n> To specify an existing IAM role, you must have an IAM OpenID Connect (OIDC) provider created for your cluster. For more information, see [Enabling IAM roles for service accounts on your cluster](https://docs.aws.amazon.com/eks/latest/userguide/enable-iam-roles-for-service-accounts.html) in the *Amazon EKS User Guide* .", "Tags": "The metadata that you apply to the add-on to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Add-on tags do not propagate to any other resources associated with the cluster." }, "AWS::EKS::Addon PodIdentityAssociation": { - "RoleArn": "The Amazon Resource Name (ARN) of the IAM role to associate with the service account. The EKS Pod Identity agent manages credentials to assume this role for applications in the containers in the pods that use this service account.", + "RoleArn": "The Amazon Resource Name (ARN) of the IAM role to associate with the service account. The EKS Pod Identity agent manages credentials to assume this role for applications in the containers in the Pods that use this service account.", "ServiceAccount": "The name of the Kubernetes service account inside the cluster to associate the IAM credentials with." }, "AWS::EKS::Addon Tag": { @@ -16894,7 +17126,7 @@ }, "AWS::EKS::Cluster": { "AccessConfig": "The access configuration for the cluster.", - "BootstrapSelfManagedAddons": "If you set this value to `False` when creating a cluster, the default networking add-ons will not be installed.\n\nThe default networking addons include vpc-cni, coredns, and kube-proxy.\n\nUse this option when you plan to install third-party alternative add-ons or self-manage the default networking add-ons.", + "BootstrapSelfManagedAddons": "If you set this value to `False` when creating a cluster, the default networking add-ons will not be installed.\n\nThe default networking add-ons include `vpc-cni` , `coredns` , and `kube-proxy` .\n\nUse this option when you plan to install third-party alternative add-ons or self-manage the default networking add-ons.", "ComputeConfig": "Indicates the current configuration of the compute capability on your EKS Auto Mode cluster. For example, if the capability is enabled or disabled. If the compute capability is enabled, EKS Auto Mode will create and delete EC2 Managed Instances in your AWS account. For more information, see EKS Auto Mode compute capability in the *Amazon EKS User Guide* .", "EncryptionConfig": "The encryption configuration for the cluster.", "Force": "Set this value to `true` to override upgrade-blocking readiness checks when updating a cluster.", @@ -16957,14 +17189,14 @@ "KeyArn": "Amazon Resource Name (ARN) or alias of the KMS key. The KMS key must be symmetric and created in the same AWS Region as the cluster. If the KMS key was created in a different account, the [IAM principal](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html) must have access to the KMS key. For more information, see [Allowing users in other accounts to use a KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-policy-modifying-external-accounts.html) in the *AWS Key Management Service Developer Guide* ." }, "AWS::EKS::Cluster RemoteNetworkConfig": { - "RemoteNodeNetworks": "The list of network CIDRs that can contain hybrid nodes.\n\nThese CIDR blocks define the expected IP address range of the hybrid nodes that join the cluster. These blocks are typically determined by your network administrator.\n\nEnter one or more IPv4 CIDR blocks in decimal dotted-quad notation (for example, `10.2.0.0/16` ).\n\nIt must satisfy the following requirements:\n\n- Each block must be within an `IPv4` RFC-1918 network range. Minimum allowed size is /24, maximum allowed size is /8. Publicly-routable addresses aren't supported.\n- Each block cannot overlap with the range of the VPC CIDR blocks for your EKS resources, or the block of the Kubernetes service IP range.\n- Each block must have a route to the VPC that uses the VPC CIDR blocks, not public IPs or Elastic IPs. There are many options including AWS Transit Gateway , AWS Site-to-Site VPN , or AWS Direct Connect .\n- Each host must allow outbound connection to the EKS cluster control plane on TCP ports `443` and `10250` .\n- Each host must allow inbound connection from the EKS cluster control plane on TCP port 10250 for logs, exec and port-forward operations.\n- Each host must allow TCP and UDP network connectivity to and from other hosts that are running `CoreDNS` on UDP port `53` for service and pod DNS names.", - "RemotePodNetworks": "The list of network CIDRs that can contain pods that run Kubernetes webhooks on hybrid nodes.\n\nThese CIDR blocks are determined by configuring your Container Network Interface (CNI) plugin. We recommend the Calico CNI or Cilium CNI. Note that the Amazon VPC CNI plugin for Kubernetes isn't available for on-premises and edge locations.\n\nEnter one or more IPv4 CIDR blocks in decimal dotted-quad notation (for example, `10.2.0.0/16` ).\n\nIt must satisfy the following requirements:\n\n- Each block must be within an `IPv4` RFC-1918 network range. Minimum allowed size is /24, maximum allowed size is /8. Publicly-routable addresses aren't supported.\n- Each block cannot overlap with the range of the VPC CIDR blocks for your EKS resources, or the block of the Kubernetes service IP range." + "RemoteNodeNetworks": "The list of network CIDRs that can contain hybrid nodes.\n\nThese CIDR blocks define the expected IP address range of the hybrid nodes that join the cluster. These blocks are typically determined by your network administrator.\n\nEnter one or more IPv4 CIDR blocks in decimal dotted-quad notation (for example, `10.2.0.0/16` ).\n\nIt must satisfy the following requirements:\n\n- Each block must be within an `IPv4` RFC-1918 network range. Minimum allowed size is /32, maximum allowed size is /8. Publicly-routable addresses aren't supported.\n- Each block cannot overlap with the range of the VPC CIDR blocks for your EKS resources, or the block of the Kubernetes service IP range.\n- Each block must have a route to the VPC that uses the VPC CIDR blocks, not public IPs or Elastic IPs. There are many options including AWS Transit Gateway , AWS Site-to-Site VPN , or AWS Direct Connect .\n- Each host must allow outbound connection to the EKS cluster control plane on TCP ports `443` and `10250` .\n- Each host must allow inbound connection from the EKS cluster control plane on TCP port 10250 for logs, exec and port-forward operations.\n- Each host must allow TCP and UDP network connectivity to and from other hosts that are running `CoreDNS` on UDP port `53` for service and pod DNS names.", + "RemotePodNetworks": "The list of network CIDRs that can contain pods that run Kubernetes webhooks on hybrid nodes.\n\nThese CIDR blocks are determined by configuring your Container Network Interface (CNI) plugin. We recommend the Calico CNI or Cilium CNI. Note that the Amazon VPC CNI plugin for Kubernetes isn't available for on-premises and edge locations.\n\nEnter one or more IPv4 CIDR blocks in decimal dotted-quad notation (for example, `10.2.0.0/16` ).\n\nIt must satisfy the following requirements:\n\n- Each block must be within an `IPv4` RFC-1918 network range. Minimum allowed size is /32, maximum allowed size is /8. Publicly-routable addresses aren't supported.\n- Each block cannot overlap with the range of the VPC CIDR blocks for your EKS resources, or the block of the Kubernetes service IP range." }, "AWS::EKS::Cluster RemoteNodeNetwork": { - "Cidrs": "A network CIDR that can contain hybrid nodes.\n\nThese CIDR blocks define the expected IP address range of the hybrid nodes that join the cluster. These blocks are typically determined by your network administrator.\n\nEnter one or more IPv4 CIDR blocks in decimal dotted-quad notation (for example, `10.2.0.0/16` ).\n\nIt must satisfy the following requirements:\n\n- Each block must be within an `IPv4` RFC-1918 network range. Minimum allowed size is /24, maximum allowed size is /8. Publicly-routable addresses aren't supported.\n- Each block cannot overlap with the range of the VPC CIDR blocks for your EKS resources, or the block of the Kubernetes service IP range.\n- Each block must have a route to the VPC that uses the VPC CIDR blocks, not public IPs or Elastic IPs. There are many options including AWS Transit Gateway , AWS Site-to-Site VPN , or AWS Direct Connect .\n- Each host must allow outbound connection to the EKS cluster control plane on TCP ports `443` and `10250` .\n- Each host must allow inbound connection from the EKS cluster control plane on TCP port 10250 for logs, exec and port-forward operations.\n- Each host must allow TCP and UDP network connectivity to and from other hosts that are running `CoreDNS` on UDP port `53` for service and pod DNS names." + "Cidrs": "A network CIDR that can contain hybrid nodes.\n\nThese CIDR blocks define the expected IP address range of the hybrid nodes that join the cluster. These blocks are typically determined by your network administrator.\n\nEnter one or more IPv4 CIDR blocks in decimal dotted-quad notation (for example, `10.2.0.0/16` ).\n\nIt must satisfy the following requirements:\n\n- Each block must be within an `IPv4` RFC-1918 network range. Minimum allowed size is /32, maximum allowed size is /8. Publicly-routable addresses aren't supported.\n- Each block cannot overlap with the range of the VPC CIDR blocks for your EKS resources, or the block of the Kubernetes service IP range.\n- Each block must have a route to the VPC that uses the VPC CIDR blocks, not public IPs or Elastic IPs. There are many options including AWS Transit Gateway , AWS Site-to-Site VPN , or AWS Direct Connect .\n- Each host must allow outbound connection to the EKS cluster control plane on TCP ports `443` and `10250` .\n- Each host must allow inbound connection from the EKS cluster control plane on TCP port 10250 for logs, exec and port-forward operations.\n- Each host must allow TCP and UDP network connectivity to and from other hosts that are running `CoreDNS` on UDP port `53` for service and pod DNS names." }, "AWS::EKS::Cluster RemotePodNetwork": { - "Cidrs": "A network CIDR that can contain pods that run Kubernetes webhooks on hybrid nodes.\n\nThese CIDR blocks are determined by configuring your Container Network Interface (CNI) plugin. We recommend the Calico CNI or Cilium CNI. Note that the Amazon VPC CNI plugin for Kubernetes isn't available for on-premises and edge locations.\n\nEnter one or more IPv4 CIDR blocks in decimal dotted-quad notation (for example, `10.2.0.0/16` ).\n\nIt must satisfy the following requirements:\n\n- Each block must be within an `IPv4` RFC-1918 network range. Minimum allowed size is /24, maximum allowed size is /8. Publicly-routable addresses aren't supported.\n- Each block cannot overlap with the range of the VPC CIDR blocks for your EKS resources, or the block of the Kubernetes service IP range." + "Cidrs": "A network CIDR that can contain pods that run Kubernetes webhooks on hybrid nodes.\n\nThese CIDR blocks are determined by configuring your Container Network Interface (CNI) plugin. We recommend the Calico CNI or Cilium CNI. Note that the Amazon VPC CNI plugin for Kubernetes isn't available for on-premises and edge locations.\n\nEnter one or more IPv4 CIDR blocks in decimal dotted-quad notation (for example, `10.2.0.0/16` ).\n\nIt must satisfy the following requirements:\n\n- Each block must be within an `IPv4` RFC-1918 network range. Minimum allowed size is /32, maximum allowed size is /8. Publicly-routable addresses aren't supported.\n- Each block cannot overlap with the range of the VPC CIDR blocks for your EKS resources, or the block of the Kubernetes service IP range." }, "AWS::EKS::Cluster ResourcesVpcConfig": { "EndpointPrivateAccess": "Set this value to `true` to enable private access for your cluster's Kubernetes API server endpoint. If you enable private access, Kubernetes API requests from within your cluster's VPC use the private VPC endpoint. The default value for this parameter is `false` , which disables private access for your Kubernetes API server. If you disable private access and you have nodes or AWS Fargate pods in the cluster, then ensure that `publicAccessCidrs` includes the necessary CIDR blocks for communication with the nodes or Fargate pods. For more information, see [Cluster API server endpoint](https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html) in the **Amazon EKS User Guide** .", @@ -17080,10 +17312,12 @@ }, "AWS::EKS::PodIdentityAssociation": { "ClusterName": "The name of the cluster that the association is in.", - "Namespace": "The name of the Kubernetes namespace inside the cluster to create the association in. The service account and the pods that use the service account must be in this namespace.", - "RoleArn": "The Amazon Resource Name (ARN) of the IAM role to associate with the service account. The EKS Pod Identity agent manages credentials to assume this role for applications in the containers in the pods that use this service account.", + "DisableSessionTags": "The state of the automatic sessions tags. The value of *true* disables these tags.\n\nEKS Pod Identity adds a pre-defined set of session tags when it assumes the role. You can use these tags to author a single role that can work across resources by allowing access to AWS resources based on matching tags. By default, EKS Pod Identity attaches six tags, including tags for cluster name, namespace, and service account name. For the list of tags added by EKS Pod Identity, see [List of session tags added by EKS Pod Identity](https://docs.aws.amazon.com/eks/latest/userguide/pod-id-abac.html#pod-id-abac-tags) in the *Amazon EKS User Guide* .", + "Namespace": "The name of the Kubernetes namespace inside the cluster to create the association in. The service account and the Pods that use the service account must be in this namespace.", + "RoleArn": "The Amazon Resource Name (ARN) of the IAM role to associate with the service account. The EKS Pod Identity agent manages credentials to assume this role for applications in the containers in the Pods that use this service account.", "ServiceAccount": "The name of the Kubernetes service account inside the cluster to associate the IAM credentials with.", - "Tags": "Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or AWS resources.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource \u2013 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length \u2013 128 Unicode characters in UTF-8\n- Maximum value length \u2013 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit." + "Tags": "Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or AWS resources.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource \u2013 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length \u2013 128 Unicode characters in UTF-8\n- Maximum value length \u2013 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", + "TargetRoleArn": "The Amazon Resource Name (ARN) of the target IAM role to associate with the service account. This role is assumed by using the EKS Pod Identity association role, then the credentials for this role are injected into the Pod." }, "AWS::EKS::PodIdentityAssociation Tag": { "Key": "One part of a key-value pair that make up a tag. A `key` is a general label that acts like a category for more specific tag values.", @@ -17548,6 +17782,7 @@ "Architecture": "The CPU architecture of an application.", "AutoStartConfiguration": "The configuration for an application to automatically start on job submission.", "AutoStopConfiguration": "The configuration for an application to automatically stop after a certain amount of time being idle.", + "IdentityCenterConfiguration": "A configuration specification to be used when provisioning an application. A configuration consists of a classification, properties, and optional nested configurations. A classification refers to an application-specific configuration file. Properties are the settings you want to change in that file.", "ImageConfiguration": "The image configuration applied to all worker types.", "InitialCapacity": "The initial capacity of the application.", "InteractiveConfiguration": "The interactive configuration object that enables the interactive use cases for an application.", @@ -17581,6 +17816,9 @@ "Configurations": "A list of additional configurations to apply within a configuration object.", "Properties": "A set of properties specified within a configuration classification." }, + "AWS::EMRServerless::Application IdentityCenterConfiguration": { + "IdentityCenterInstanceArn": "" + }, "AWS::EMRServerless::Application ImageConfigurationInput": { "ImageUri": "The URI of an image in the Amazon ECR registry. This field is required when you create a new application. If you leave this field blank in an update, Amazon EMR will remove the image configuration." }, @@ -17643,6 +17881,77 @@ "AWS::EMRServerless::Application WorkerTypeSpecificationInput": { "ImageConfiguration": "The image configuration for a worker type." }, + "AWS::EVS::Environment": { + "ConnectivityInfo": "The connectivity configuration for the environment. Amazon EVS requires that you specify two route server peer IDs. During environment creation, the route server endpoints peer with the NSX uplink VLAN for connectivity to the NSX overlay network.", + "EnvironmentName": "The name of the environment.", + "Hosts": "Required for environment resource creation.", + "InitialVlans": "> Amazon EVS is in public preview release and is subject to change. \n\nThe initial VLAN subnets for the environment. Amazon EVS VLAN subnets have a minimum CIDR block size of /28 and a maximum size of /24. Amazon EVS VLAN subnet CIDR blocks must not overlap with other subnets in the VPC.\n\nRequired for environment resource creation.", + "KmsKeyId": "The AWS KMS key ID that AWS Secrets Manager uses to encrypt secrets that are associated with the environment. These secrets contain the VCF credentials that are needed to install vCenter Server, NSX, and SDDC Manager.\n\nBy default, Amazon EVS use the AWS Secrets Manager managed key `aws/secretsmanager` . You can also specify a customer managed key.", + "LicenseInfo": "The license information that Amazon EVS requires to create an environment. Amazon EVS requires two license keys: a VCF solution key and a vSAN license key. The VCF solution key must cover a minimum of 256 cores. The vSAN license key must provide at least 110 TiB of vSAN capacity.", + "ServiceAccessSecurityGroups": "The security groups that allow traffic between the Amazon EVS control plane and your VPC for service access. If a security group is not specified, Amazon EVS uses the default security group in your account for service access.", + "ServiceAccessSubnetId": "The subnet that is used to establish connectivity between the Amazon EVS control plane and VPC. Amazon EVS uses this subnet to perform validations and create the environment.", + "SiteId": "The Broadcom Site ID that is associated with your Amazon EVS environment. Amazon EVS uses the Broadcom Site ID that you provide to meet Broadcom VCF license usage reporting requirements for Amazon EVS.", + "Tags": "Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or AWS resources.", + "TermsAccepted": "Customer confirmation that the customer has purchased and will continue to maintain the required number of VCF software licenses to cover all physical processor cores in the Amazon EVS environment. Information about your VCF software in Amazon EVS will be shared with Broadcom to verify license compliance.", + "VcfHostnames": "The DNS hostnames to be used by the VCF management appliances in your environment.\n\nFor environment creation to be successful, each hostname entry must resolve to a domain name that you've registered in your DNS service of choice and configured in the DHCP option set of your VPC. DNS hostnames cannot be changed after environment creation has started.", + "VcfVersion": "The VCF version of the environment.", + "VpcId": "The VPC associated with the environment." + }, + "AWS::EVS::Environment Check": { + "ImpairedSince": "The time when environment health began to be impaired.", + "Result": "The check result.", + "Type": "The check type. Amazon EVS performs the following checks.\n\n- `KEY_REUSE` : checks that the VCF license key is not used by another Amazon EVS environment. This check fails if a used license is added to the environment.\n- `KEY_COVERAGE` : checks that your VCF license key allocates sufficient vCPU cores for all deployed hosts. The check fails when any assigned hosts in the EVS environment are not covered by license keys, or when any unassigned hosts cannot be covered by available vCPU cores in keys.\n- `REACHABILITY` : checks that the Amazon EVS control plane has a persistent connection to SDDC Manager. If Amazon EVS cannot reach the environment, this check fails.\n- `HOST_COUNT` : Checks that your environment has a minimum of 4 hosts, which is a requirement for VCF 5.2.1.\n\nIf this check fails, you will need to add hosts so that your environment meets this minimum requirement. Amazon EVS only supports environments with 4-16 hosts." + }, + "AWS::EVS::Environment ConnectivityInfo": { + "PrivateRouteServerPeerings": "The unique IDs for private route server peers." + }, + "AWS::EVS::Environment HostInfoForCreate": { + "DedicatedHostId": "The unique ID of the Amazon EC2 Dedicated Host.", + "HostName": "The DNS hostname of the host. DNS hostnames for hosts must be unique across Amazon EVS environments and within VCF.", + "InstanceType": "The EC2 instance type that represents the host.", + "KeyName": "The name of the SSH key that is used to access the host.", + "PlacementGroupId": "The unique ID of the placement group where the host is placed." + }, + "AWS::EVS::Environment InitialVlanInfo": { + "Cidr": "The CIDR block that you provide to create an Amazon EVS VLAN subnet. Amazon EVS VLAN subnets have a minimum CIDR block size of /28 and a maximum size of /24. Amazon EVS VLAN subnet CIDR blocks must not overlap with other subnets in the VPC." + }, + "AWS::EVS::Environment InitialVlans": { + "EdgeVTep": "The edge VTEP VLAN subnet. This VLAN subnet manages traffic flowing between the internal network and external networks, including internet access and other site connections.", + "ExpansionVlan1": "An additional VLAN subnet that can be used to extend VCF capabilities once configured. For example, you can configure an expansion VLAN subnet to use NSX Federation for centralized management and synchronization of multiple NSX deployments across different locations.", + "ExpansionVlan2": "An additional VLAN subnet that can be used to extend VCF capabilities once configured. For example, you can configure an expansion VLAN subnet to use NSX Federation for centralized management and synchronization of multiple NSX deployments across different locations.", + "Hcx": "The HCX VLAN subnet. This VLAN subnet allows the HCX Interconnnect (IX) and HCX Network Extension (NE) to reach their peers and enable HCX Service Mesh creation.", + "NsxUpLink": "The NSX uplink VLAN subnet. This VLAN subnet allows connectivity to the NSX overlay network.", + "VMotion": "The vMotion VLAN subnet. This VLAN subnet carries traffic for vSphere vMotion.", + "VSan": "The vSAN VLAN subnet. This VLAN subnet carries the communication between ESXi hosts to implement a vSAN shared storage pool.", + "VTep": "The VTEP VLAN subnet. This VLAN subnet handles internal network traffic between virtual machines within a VCF instance.", + "VmManagement": "The VM management VLAN subnet. This VLAN subnet carries traffic for vSphere virtual machines.", + "VmkManagement": "The host VMkernel management VLAN subnet. This VLAN subnet carries traffic for managing ESXi hosts and communicating with VMware vCenter Server." + }, + "AWS::EVS::Environment LicenseInfo": { + "SolutionKey": "The VCF solution key. This license unlocks VMware VCF product features, including vSphere, NSX, SDDC Manager, and vCenter Server. The VCF solution key must cover a minimum of 256 cores.", + "VsanKey": "The VSAN license key. This license unlocks vSAN features. The vSAN license key must provide at least 110 TiB of vSAN capacity." + }, + "AWS::EVS::Environment Secret": { + "SecretArn": "The Amazon Resource Name (ARN) of the secret." + }, + "AWS::EVS::Environment ServiceAccessSecurityGroups": { + "SecurityGroups": "The security groups that allow service access." + }, + "AWS::EVS::Environment Tag": { + "Key": "The key name of the tag. You can specify a value that's 1 to 128 Unicode characters in length and can't be prefixed with `aws:` . digits, whitespace, `_` , `.` , `:` , `/` , `=` , `+` , `@` , `-` , and `\"` .\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "Value": "The value for the tag. You can specify a value that's 1 to 256 characters in length. You can use any of the following characters: the set of Unicode letters, digits, whitespace, `_` , `.` , `/` , `=` , `+` , and `-` .\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." + }, + "AWS::EVS::Environment VcfHostnames": { + "CloudBuilder": "The hostname for VMware Cloud Builder.", + "Nsx": "The VMware NSX hostname.", + "NsxEdge1": "The hostname for the first NSX Edge node.", + "NsxEdge2": "The hostname for the second NSX Edge node.", + "NsxManager1": "The hostname for the first VMware NSX Manager virtual machine (VM).", + "NsxManager2": "The hostname for the second VMware NSX Manager virtual machine (VM).", + "NsxManager3": "The hostname for the third VMware NSX Manager virtual machine (VM).", + "SddcManager": "The hostname for SDDC Manager.", + "VCenter": "The VMware vCenter hostname." + }, "AWS::ElastiCache::CacheCluster": { "AZMode": "Specifies whether the nodes in this Memcached cluster are created in a single Availability Zone or created across multiple Availability Zones in the cluster's region.\n\nThis parameter is only supported for Memcached clusters.\n\nIf the `AZMode` and `PreferredAvailabilityZones` are not specified, ElastiCache assumes `single-az` mode.", "AutoMinorVersionUpgrade": "If you are running Valkey 7.2 or later, or Redis OSS engine version 6.0 or later, set this parameter to yes if you want to opt-in to the next minor version upgrade campaign. This parameter is disabled for previous versions.", @@ -18031,7 +18340,7 @@ }, "AWS::ElasticLoadBalancingV2::Listener": { "AlpnPolicy": "[TLS listener] The name of the Application-Layer Protocol Negotiation (ALPN) policy.", - "Certificates": "The default SSL server certificate for a secure listener. You must provide exactly one certificate if the listener protocol is HTTPS or TLS.\n\nTo create a certificate list for a secure listener, use [AWS::ElasticLoadBalancingV2::ListenerCertificate](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-listenercertificate.html) .", + "Certificates": "The default SSL server certificate for a secure listener. You must provide exactly one certificate if the listener protocol is HTTPS or TLS.\n\nFor an HTTPS listener, update requires some interruptions. For a TLS listener, update requires no interruption.\n\nTo create a certificate list for a secure listener, use [AWS::ElasticLoadBalancingV2::ListenerCertificate](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-listenercertificate.html) .", "DefaultActions": "The actions for the default rule. You cannot define a condition for a default rule.\n\nTo create additional rules for an Application Load Balancer, use [AWS::ElasticLoadBalancingV2::ListenerRule](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-listenerrule.html) .", "ListenerAttributes": "The listener attributes. Attributes that you do not modify retain their current values.", "LoadBalancerArn": "The Amazon Resource Name (ARN) of the load balancer.", @@ -18486,7 +18795,7 @@ }, "AWS::EntityResolution::MatchingWorkflow": { "Description": "A description of the workflow.", - "IncrementalRunConfig": "An object which defines an incremental run type and has only `incrementalRunType` as a field.", + "IncrementalRunConfig": "Optional. An object that defines the incremental run type. This object contains only the `incrementalRunType` field, which appears as \"Automatic\" in the console.\n\n> For workflows where `resolutionType` is `ML_MATCHING` , incremental processing is not supported.", "InputSourceConfig": "A list of `InputSource` objects, which have the fields `InputSourceARN` and `SchemaName` .", "OutputSourceConfig": "A list of `OutputSource` objects, each of which contains fields `OutputS3Path` , `ApplyNormalization` , and `Output` .", "ResolutionTechniques": "An object which defines the `resolutionType` and the `ruleBasedProperties` .", @@ -18495,7 +18804,7 @@ "WorkflowName": "The name of the workflow. There can't be multiple `MatchingWorkflows` with the same name." }, "AWS::EntityResolution::MatchingWorkflow IncrementalRunConfig": { - "IncrementalRunType": "The type of incremental run. It takes only one value: `IMMEDIATE` ." + "IncrementalRunType": "The type of incremental run. The only valid value is `IMMEDIATE` . This appears as \"Automatic\" in the console.\n\n> For workflows where `resolutionType` is `ML_MATCHING` , incremental processing is not supported." }, "AWS::EntityResolution::MatchingWorkflow InputSource": { "ApplyNormalization": "Normalizes the attributes defined in the schema in the input data. For example, if an attribute has an `AttributeType` of `PHONE_NUMBER` , and the data in the input table is in a format of 1234567890, AWS Entity Resolution will normalize this field in the output to (123)-456-7890.", @@ -18701,6 +19010,7 @@ "Description": "The event bus description.", "EventSourceName": "If you are creating a partner event bus, this specifies the partner event source that the new event bus will be matched with.", "KmsKeyIdentifier": "The identifier of the AWS KMS customer managed key for EventBridge to use, if you choose to use a customer managed key to encrypt events on this event bus. The identifier can be the key Amazon Resource Name (ARN), KeyId, key alias, or key alias ARN.\n\nIf you do not specify a customer managed key identifier, EventBridge uses an AWS owned key to encrypt events on the event bus.\n\nFor more information, see [Identify and view keys](https://docs.aws.amazon.com/kms/latest/developerguide/viewing-keys.html) in the *AWS Key Management Service Developer Guide* .\n\n> Schema discovery is not supported for event buses encrypted using a customer managed key. EventBridge returns an error if:\n> \n> - You call `[CreateDiscoverer](https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-discoverers.html#CreateDiscoverer)` on an event bus set to use a customer managed key for encryption.\n> - You call `[UpdatedEventBus](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_UpdatedEventBus.html)` to set a customer managed key on an event bus with schema discovery enabled.\n> \n> To enable schema discovery on an event bus, choose to use an AWS owned key . For more information, see [Encrypting events](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-encryption-event-bus-cmkey.html) in the *Amazon EventBridge User Guide* . > If you have specified that EventBridge use a customer managed key for encrypting the source event bus, we strongly recommend you also specify a customer managed key for any archives for the event bus as well.\n> \n> For more information, see [Encrypting archives](https://docs.aws.amazon.com/eventbridge/latest/userguide/encryption-archives.html) in the *Amazon EventBridge User Guide* .", + "LogConfig": "The logging configuration settings for the event bus.\n\nFor more information, see [Configuring logs for event buses](https://docs.aws.amazon.com/eb-event-bus-logs.html) in the *EventBridge User Guide* .", "Name": "The name of the new event bus.\n\nCustom event bus names can't contain the `/` character, but you can use the `/` character in partner event bus names. In addition, for partner event buses, the name must exactly match the name of the partner event source that this event bus is matched to.\n\nYou can't use the name `default` for a custom event bus, as this name is already used for your account's default event bus.", "Policy": "The permissions policy of the event bus, describing which other AWS accounts can write events to this event bus.", "Tags": "Tags to associate with the event bus." @@ -18708,6 +19018,10 @@ "AWS::Events::EventBus DeadLetterConfig": { "Arn": "The ARN of the SQS queue specified as the target for the dead-letter queue." }, + "AWS::Events::EventBus LogConfig": { + "IncludeDetail": "Whether EventBridge include detailed event information in the records it generates. Detailed data can be useful for troubleshooting and debugging. This information includes details of the event itself, as well as target details.\n\nFor more information, see [Including detail data in event bus logs](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-event-bus-logs.html#eb-event-logs-data) in the *EventBridge User Guide* .", + "Level": "The level of logging detail to include. This applies to all log destinations for the event bus.\n\nFor more information, see [Specifying event bus log level](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-event-bus-logs.html#eb-event-bus-logs-level) in the *EventBridge User Guide* ." + }, "AWS::Events::EventBus Tag": { "Key": "A string you can use to assign a value. The combination of tag keys and values can help you organize and categorize your resources.", "Value": "The value for the specified tag key." @@ -19194,16 +19508,16 @@ "BackupId": "The ID of the file system backup that you are using to create a file system. For more information, see [CreateFileSystemFromBackup](https://docs.aws.amazon.com/fsx/latest/APIReference/API_CreateFileSystemFromBackup.html) .", "FileSystemType": "The type of Amazon FSx file system, which can be `LUSTRE` , `WINDOWS` , `ONTAP` , or `OPENZFS` .", "FileSystemTypeVersion": "For FSx for Lustre file systems, sets the Lustre version for the file system that you're creating. Valid values are `2.10` , `2.12` , and `2.15` :\n\n- `2.10` is supported by the Scratch and Persistent_1 Lustre deployment types.\n- `2.12` is supported by all Lustre deployment types, except for `PERSISTENT_2` with a metadata configuration mode.\n- `2.15` is supported by all Lustre deployment types and is recommended for all new file systems.\n\nDefault value is `2.10` , except for the following deployments:\n\n- Default value is `2.12` when `DeploymentType` is set to `PERSISTENT_2` without a metadata configuration mode.\n- Default value is `2.15` when `DeploymentType` is set to `PERSISTENT_2` with a metadata configuration mode.", - "KmsKeyId": "The ID of the AWS Key Management Service ( AWS KMS ) key used to encrypt Amazon FSx file system data. Used as follows with Amazon FSx file system types:\n\n- Amazon FSx for Lustre `PERSISTENT_1` and `PERSISTENT_2` deployment types only.\n\n`SCRATCH_1` and `SCRATCH_2` types are encrypted using the Amazon FSx service AWS KMS key for your account.\n- Amazon FSx for NetApp ONTAP\n- Amazon FSx for OpenZFS\n- Amazon FSx for Windows File Server", - "LustreConfiguration": "The Lustre configuration for the file system being created.\n\n> The following parameters are not supported when creating Lustre file systems with a data repository association.\n> \n> - `AutoImportPolicy`\n> - `ExportPath`\n> - `ImportedChunkSize`\n> - `ImportPath`", - "OntapConfiguration": "The ONTAP configuration properties of the FSx for ONTAP file system that you are creating.", - "OpenZFSConfiguration": "The Amazon FSx for OpenZFS configuration properties for the file system that you are creating.", + "KmsKeyId": "The ID of the AWS Key Management Service ( AWS KMS ) key used to encrypt Amazon FSx file system data. Used as follows with Amazon FSx file system types:\n\n- Amazon FSx for Lustre `PERSISTENT_1` and `PERSISTENT_2` deployment types only.\n\n`SCRATCH_1` and `SCRATCH_2` types are encrypted using the Amazon FSx service AWS KMS key for your account.\n- Amazon FSx for NetApp ONTAP\n- Amazon FSx for OpenZFS\n- Amazon FSx for Windows File Server\n\nIf this ID isn't specified, the Amazon FSx-managed key for your account is used. For more information, see [Encrypt](https://docs.aws.amazon.com//kms/latest/APIReference/API_Encrypt.html) in the *AWS Key Management Service API Reference* .", + "LustreConfiguration": "The Lustre configuration for the file system being created. This configuration is required if the `FileSystemType` is set to `LUSTRE` .\n\n> The following parameters are not supported when creating Lustre file systems with a data repository association.\n> \n> - `AutoImportPolicy`\n> - `ExportPath`\n> - `ImportedChunkSize`\n> - `ImportPath`", + "OntapConfiguration": "The ONTAP configuration properties of the FSx for ONTAP file system that you are creating. This configuration is required if the `FileSystemType` is set to `ONTAP` .", + "OpenZFSConfiguration": "The Amazon FSx for OpenZFS configuration properties for the file system that you are creating. This configuration is required if the `FileSystemType` is set to `OPENZFS` .", "SecurityGroupIds": "A list of IDs specifying the security groups to apply to all network interfaces created for file system access. This list isn't returned in later requests to describe the file system.\n\n> You must specify a security group if you are creating a Multi-AZ FSx for ONTAP file system in a VPC subnet that has been shared with you.", "StorageCapacity": "Sets the storage capacity of the file system that you're creating.\n\n`StorageCapacity` is required if you are creating a new file system. It is not required if you are creating a file system by restoring a backup.\n\n*FSx for Lustre file systems* - The amount of storage capacity that you can configure depends on the value that you set for `StorageType` and the Lustre `DeploymentType` , as follows:\n\n- For `SCRATCH_2` , `PERSISTENT_2` and `PERSISTENT_1` deployment types using SSD storage type, the valid values are 1200 GiB, 2400 GiB, and increments of 2400 GiB.\n- For `PERSISTENT_1` HDD file systems, valid values are increments of 6000 GiB for 12 MB/s/TiB file systems and increments of 1800 GiB for 40 MB/s/TiB file systems.\n- For `SCRATCH_1` deployment type, valid values are 1200 GiB, 2400 GiB, and increments of 3600 GiB.\n\n*FSx for ONTAP file systems* - The amount of SSD storage capacity that you can configure depends on the value of the `HAPairs` property. The minimum value is calculated as 1,024 GiB * HAPairs and the maximum is calculated as 524,288 GiB * HAPairs, up to a maximum amount of SSD storage capacity of 1,048,576 GiB (1 pebibyte).\n\n*FSx for OpenZFS file systems* - The amount of storage capacity that you can configure is from 64 GiB up to 524,288 GiB (512 TiB). If you are creating a file system from a backup, you can specify a storage capacity equal to or greater than the original file system's storage capacity.\n\n*FSx for Windows File Server file systems* - The amount of storage capacity that you can configure depends on the value that you set for `StorageType` as follows:\n\n- For SSD storage, valid values are 32 GiB-65,536 GiB (64 TiB).\n- For HDD storage, valid values are 2000 GiB-65,536 GiB (64 TiB).", "StorageType": "Sets the storage class for the file system that you're creating. Valid values are `SSD` , `HDD` , and `INTELLIGENT_TIERING` .\n\n- Set to `SSD` to use solid state drive storage. SSD is supported on all Windows, Lustre, ONTAP, and OpenZFS deployment types.\n- Set to `HDD` to use hard disk drive storage, which is supported on `SINGLE_AZ_2` and `MULTI_AZ_1` Windows file system deployment types, and on `PERSISTENT_1` Lustre file system deployment types.\n- Set to `INTELLIGENT_TIERING` to use fully elastic, intelligently-tiered storage. Intelligent-Tiering is only available for OpenZFS file systems with the Multi-AZ deployment type and for Lustre file systems with the Persistent_2 deployment type.\n\nDefault value is `SSD` . For more information, see [Storage type options](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/optimize-fsx-costs.html#storage-type-options) in the *FSx for Windows File Server User Guide* , [FSx for Lustre storage classes](https://docs.aws.amazon.com/fsx/latest/LustreGuide/using-fsx-lustre.html#lustre-storage-classes) in the *FSx for Lustre User Guide* , and [Working with Intelligent-Tiering](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/performance-intelligent-tiering) in the *Amazon FSx for OpenZFS User Guide* .", "SubnetIds": "Specifies the IDs of the subnets that the file system will be accessible from. For Windows and ONTAP `MULTI_AZ_1` deployment types,provide exactly two subnet IDs, one for the preferred file server and one for the standby file server. You specify one of these subnets as the preferred subnet using the `WindowsConfiguration > PreferredSubnetID` or `OntapConfiguration > PreferredSubnetID` properties. For more information about Multi-AZ file system configuration, see [Availability and durability: Single-AZ and Multi-AZ file systems](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/high-availability-multiAZ.html) in the *Amazon FSx for Windows User Guide* and [Availability and durability](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/high-availability-multiAZ.html) in the *Amazon FSx for ONTAP User Guide* .\n\nFor Windows `SINGLE_AZ_1` and `SINGLE_AZ_2` and all Lustre deployment types, provide exactly one subnet ID. The file server is launched in that subnet's Availability Zone.", "Tags": "The tags to associate with the file system. For more information, see [Tagging your Amazon FSx resources](https://docs.aws.amazon.com/fsx/latest/LustreGuide/tag-resources.html) in the *Amazon FSx for Lustre User Guide* .", - "WindowsConfiguration": "The configuration object for the Microsoft Windows file system you are creating.\n\nThis value is required if `FileSystemType` is set to `WINDOWS` ." + "WindowsConfiguration": "The configuration object for the Microsoft Windows file system you are creating. This configuration is required if `FileSystemType` is set to `WINDOWS` ." }, "AWS::FSx::FileSystem AuditLogConfiguration": { "AuditLogDestination": "The Amazon Resource Name (ARN) for the destination of the audit logs. The destination can be any Amazon CloudWatch Logs log group ARN or Amazon Kinesis Data Firehose delivery stream ARN.\n\nThe name of the Amazon CloudWatch Logs log group must begin with the `/aws/fsx` prefix. The name of the Amazon Kinesis Data Firehose delivery stream must begin with the `aws-fsx` prefix.\n\nThe destination ARN (either CloudWatch Logs log group or Kinesis Data Firehose delivery stream) must be in the same AWS partition, AWS Region , and AWS account as your Amazon FSx file system.", @@ -19215,8 +19529,8 @@ "Options": "The options to use when mounting the file system. For a list of options that you can use with Network File System (NFS), see the [exports(5) - Linux man page](https://docs.aws.amazon.com/https://linux.die.net/man/5/exports) . When choosing your options, consider the following:\n\n- `crossmnt` is used by default. If you don't specify `crossmnt` when changing the client configuration, you won't be able to see or access snapshots in your file system's snapshot directory.\n- `sync` is used by default. If you instead specify `async` , the system acknowledges writes before writing to disk. If the system crashes before the writes are finished, you lose the unwritten data." }, "AWS::FSx::FileSystem DataReadCacheConfiguration": { - "SizeGiB": "", - "SizingMode": "" + "SizeGiB": "Required if `SizingMode` is set to `USER_PROVISIONED` . Specifies the size of the file system's SSD read cache, in gibibytes (GiB).", + "SizingMode": "Specifies how the provisioned SSD read cache is sized, as follows:\n\n- Set to `NO_CACHE` if you do not want to use an SSD read cache with your Intelligent-Tiering file system.\n- Set to `USER_PROVISIONED` to specify the exact size of your SSD read cache.\n- Set to `PROPORTIONAL_TO_THROUGHPUT_CAPACITY` to have your SSD read cache automatically sized based on your throughput capacity." }, "AWS::FSx::FileSystem DiskIopsConfiguration": { "Iops": "The total number of SSD IOPS provisioned for the file system.\n\nThe minimum and maximum values for this property depend on the value of `HAPairs` and `StorageCapacity` . The minimum value is calculated as `StorageCapacity` * 3 * `HAPairs` (3 IOPS per GB of `StorageCapacity` ). The maximum value is calculated as 200,000 * `HAPairs` .\n\nAmazon FSx responds with an HTTP status code 400 (Bad Request) if the value of `Iops` is outside of the minimum or maximum values.", @@ -19228,21 +19542,21 @@ "CopyTagsToBackups": "(Optional) Not available for use with file systems that are linked to a data repository. A boolean flag indicating whether tags for the file system should be copied to backups. The default value is false. If `CopyTagsToBackups` is set to true, all file system tags are copied to all automatic and user-initiated backups when the user doesn't specify any backup-specific tags. If `CopyTagsToBackups` is set to true and you specify one or more backup tags, only the specified tags are copied to backups. If you specify one or more tags when creating a user-initiated backup, no tags are copied from the file system, regardless of this value.\n\n(Default = `false` )\n\nFor more information, see [Working with backups](https://docs.aws.amazon.com/fsx/latest/LustreGuide/using-backups-fsx.html) in the *Amazon FSx for Lustre User Guide* .", "DailyAutomaticBackupStartTime": "A recurring daily time, in the format `HH:MM` . `HH` is the zero-padded hour of the day (0-23), and `MM` is the zero-padded minute of the hour. For example, `05:00` specifies 5 AM daily.", "DataCompressionType": "Sets the data compression configuration for the file system. `DataCompressionType` can have the following values:\n\n- `NONE` - (Default) Data compression is turned off when the file system is created.\n- `LZ4` - Data compression is turned on with the LZ4 algorithm.\n\nFor more information, see [Lustre data compression](https://docs.aws.amazon.com/fsx/latest/LustreGuide/data-compression.html) in the *Amazon FSx for Lustre User Guide* .", - "DataReadCacheConfiguration": "", + "DataReadCacheConfiguration": "Specifies the optional provisioned SSD read cache on FSx for Lustre file systems that use the Intelligent-Tiering storage class. Required when `StorageType` is set to `INTELLIGENT_TIERING` .", "DeploymentType": "(Optional) Choose `SCRATCH_1` and `SCRATCH_2` deployment types when you need temporary storage and shorter-term processing of data. The `SCRATCH_2` deployment type provides in-transit encryption of data and higher burst throughput capacity than `SCRATCH_1` .\n\nChoose `PERSISTENT_1` for longer-term storage and for throughput-focused workloads that aren\u2019t latency-sensitive. `PERSISTENT_1` supports encryption of data in transit, and is available in all AWS Regions in which FSx for Lustre is available.\n\nChoose `PERSISTENT_2` for longer-term storage and for latency-sensitive workloads that require the highest levels of IOPS/throughput. `PERSISTENT_2` supports the SSD and Intelligent-Tiering storage classes. You can optionally specify a metadata configuration mode for `PERSISTENT_2` which supports increasing metadata performance. `PERSISTENT_2` is available in a limited number of AWS Regions . For more information, and an up-to-date list of AWS Regions in which `PERSISTENT_2` is available, see [Deployment and storage class options for FSx for Lustre file systems](https://docs.aws.amazon.com/fsx/latest/LustreGuide/using-fsx-lustre.html) in the *Amazon FSx for Lustre User Guide* .\n\n> If you choose `PERSISTENT_2` , and you set `FileSystemTypeVersion` to `2.10` , the `CreateFileSystem` operation fails. \n\nEncryption of data in transit is automatically turned on when you access `SCRATCH_2` , `PERSISTENT_1` , and `PERSISTENT_2` file systems from Amazon EC2 instances that support automatic encryption in the AWS Regions where they are available. For more information about encryption in transit for FSx for Lustre file systems, see [Encrypting data in transit](https://docs.aws.amazon.com/fsx/latest/LustreGuide/encryption-in-transit-fsxl.html) in the *Amazon FSx for Lustre User Guide* .\n\n(Default = `SCRATCH_1` )", "DriveCacheType": "The type of drive cache used by `PERSISTENT_1` file systems that are provisioned with HDD storage devices. This parameter is required when storage type is HDD. Set this property to `READ` to improve the performance for frequently accessed files by caching up to 20% of the total storage capacity of the file system.\n\nThis parameter is required when `StorageType` is set to `HDD` and `DeploymentType` is `PERSISTENT_1` .", - "EfaEnabled": "", + "EfaEnabled": "(Optional) Specifies whether Elastic Fabric Adapter (EFA) and GPUDirect Storage (GDS) support is enabled for the Amazon FSx for Lustre file system.\n\n(Default = `false` )", "ExportPath": "(Optional) Specifies the path in the Amazon S3 bucket where the root of your Amazon FSx file system is exported. The path must use the same Amazon S3 bucket as specified in ImportPath. You can provide an optional prefix to which new and changed data is to be exported from your Amazon FSx for Lustre file system. If an `ExportPath` value is not provided, Amazon FSx sets a default export path, `s3://import-bucket/FSxLustre[creation-timestamp]` . The timestamp is in UTC format, for example `s3://import-bucket/FSxLustre20181105T222312Z` .\n\nThe Amazon S3 export bucket must be the same as the import bucket specified by `ImportPath` . If you specify only a bucket name, such as `s3://import-bucket` , you get a 1:1 mapping of file system objects to S3 bucket objects. This mapping means that the input data in S3 is overwritten on export. If you provide a custom prefix in the export path, such as `s3://import-bucket/[custom-optional-prefix]` , Amazon FSx exports the contents of your file system to that export prefix in the Amazon S3 bucket.\n\n> This parameter is not supported for file systems with a data repository association.", "ImportPath": "(Optional) The path to the Amazon S3 bucket (including the optional prefix) that you're using as the data repository for your Amazon FSx for Lustre file system. The root of your FSx for Lustre file system will be mapped to the root of the Amazon S3 bucket you select. An example is `s3://import-bucket/optional-prefix` . If you specify a prefix after the Amazon S3 bucket name, only object keys with that prefix are loaded into the file system.\n\n> This parameter is not supported for Lustre file systems with a data repository association.", "ImportedFileChunkSize": "(Optional) For files imported from a data repository, this value determines the stripe count and maximum amount of data per file (in MiB) stored on a single physical disk. The maximum number of disks that a single file can be striped across is limited by the total number of disks that make up the file system.\n\nThe default chunk size is 1,024 MiB (1 GiB) and can go as high as 512,000 MiB (500 GiB). Amazon S3 objects have a maximum size of 5 TB.\n\n> This parameter is not supported for Lustre file systems with a data repository association.", - "MetadataConfiguration": "", + "MetadataConfiguration": "The Lustre metadata performance configuration for the creation of an FSx for Lustre file system using a `PERSISTENT_2` deployment type.", "PerUnitStorageThroughput": "Required with `PERSISTENT_1` and `PERSISTENT_2` deployment types, provisions the amount of read and write throughput for each 1 tebibyte (TiB) of file system storage capacity, in MB/s/TiB. File system throughput capacity is calculated by multiplying \ufb01le system storage capacity (TiB) by the `PerUnitStorageThroughput` (MB/s/TiB). For a 2.4-TiB \ufb01le system, provisioning 50 MB/s/TiB of `PerUnitStorageThroughput` yields 120 MB/s of \ufb01le system throughput. You pay for the amount of throughput that you provision.\n\nValid values:\n\n- For `PERSISTENT_1` SSD storage: 50, 100, 200 MB/s/TiB.\n- For `PERSISTENT_1` HDD storage: 12, 40 MB/s/TiB.\n- For `PERSISTENT_2` SSD storage: 125, 250, 500, 1000 MB/s/TiB.", - "ThroughputCapacity": "", + "ThroughputCapacity": "Specifies the throughput of an FSx for Lustre file system using the Intelligent-Tiering storage class, measured in megabytes per second (MBps). Valid values are 4000 MBps or multiples of 4000 MBps. You pay for the amount of throughput that you provision.", "WeeklyMaintenanceStartTime": "The preferred start time to perform weekly maintenance, formatted d:HH:MM in the UTC time zone, where d is the weekday number, from 1 through 7, beginning with Monday and ending with Sunday.\n\nFor example, `1:05:00` specifies maintenance at 5 AM Monday." }, "AWS::FSx::FileSystem MetadataConfiguration": { - "Iops": "", - "Mode": "" + "Iops": "The number of Metadata IOPS provisioned for the file system.", + "Mode": "Specifies whether the file system is using the AUTOMATIC setting of metadata IOPS or if it is using a USER_PROVISIONED value." }, "AWS::FSx::FileSystem NfsExports": { "ClientConfigurations": "A list of configuration objects that contain the client and options for mounting the OpenZFS file system." @@ -19274,7 +19588,7 @@ "ReadCacheConfiguration": "Specifies the optional provisioned SSD read cache on file systems that use the Intelligent-Tiering storage class.", "RootVolumeConfiguration": "The configuration Amazon FSx uses when creating the root value of the Amazon FSx for OpenZFS file system. All volumes are children of the root volume.", "RouteTableIds": "(Multi-AZ only) Specifies the route tables in which Amazon FSx creates the rules for routing traffic to the correct file server. You should specify all virtual private cloud (VPC) route tables associated with the subnets in which your clients are located. By default, Amazon FSx selects your VPC's default route table.", - "ThroughputCapacity": "Specifies the throughput of an Amazon FSx for OpenZFS file system, measured in megabytes per second (MBps). Valid values depend on the `DeploymentType` that you choose, as follows:\n\n- For `MULTI_AZ_1` and `SINGLE_AZ_2` , valid values are 160, 320, 640, 1280, 2560, 3840, 5120, 7680, or 10240 MBps.\n- For `SINGLE_AZ_1` , valid values are 64, 128, 256, 512, 1024, 2048, 3072, or 4096 MBps.\n\nYou pay for additional throughput capacity that you provision.", + "ThroughputCapacity": "Specifies the throughput of an Amazon FSx for OpenZFS file system, measured in megabytes per second (MBps). Required if you are creating a new file system.\n\nValid values depend on the `DeploymentType` that you choose, as follows:\n\n- For `MULTI_AZ_1` and `SINGLE_AZ_2` , valid values are 160, 320, 640, 1280, 2560, 3840, 5120, 7680, or 10240 MBps.\n- For `SINGLE_AZ_1` , valid values are 64, 128, 256, 512, 1024, 2048, 3072, or 4096 MBps.\n\nYou pay for additional throughput capacity that you provision.", "WeeklyMaintenanceStartTime": "The preferred start time to perform weekly maintenance, formatted d:HH:MM in the UTC time zone, where d is the weekday number, from 1 through 7, beginning with Monday and ending with Sunday.\n\nFor example, `1:05:00` specifies maintenance at 5 AM Monday." }, "AWS::FSx::FileSystem ReadCacheConfiguration": { @@ -19320,6 +19634,37 @@ "ThroughputCapacity": "Sets the throughput capacity of an Amazon FSx file system, measured in megabytes per second (MB/s), in 2 to the *n* th increments, between 2^3 (8) and 2^11 (2048).\n\n> To increase storage capacity, a file system must have a minimum throughput capacity of 16 MB/s.", "WeeklyMaintenanceStartTime": "The preferred start time to perform weekly maintenance, formatted d:HH:MM in the UTC time zone, where d is the weekday number, from 1 through 7, beginning with Monday and ending with Sunday." }, + "AWS::FSx::S3AccessPointAttachment": { + "Name": "The name of the S3 access point attachment; also used for the name of the S3 access point.", + "OpenZFSConfiguration": "The OpenZFSConfiguration of the S3 access point attachment.", + "S3AccessPoint": "The S3 access point configuration of the S3 access point attachment.", + "Type": "The type of Amazon FSx volume that the S3 access point is attached to." + }, + "AWS::FSx::S3AccessPointAttachment FileSystemGID": { + "Gid": "The GID of the file system user." + }, + "AWS::FSx::S3AccessPointAttachment OpenZFSFileSystemIdentity": { + "PosixUser": "Specifies the UID and GIDs of the file system POSIX user.", + "Type": "Specifies the FSx for OpenZFS user identity type, accepts only `POSIX` ." + }, + "AWS::FSx::S3AccessPointAttachment OpenZFSPosixFileSystemUser": { + "Gid": "The GID of the file system user.", + "SecondaryGids": "The list of secondary GIDs for the file system user.", + "Uid": "The UID of the file system user." + }, + "AWS::FSx::S3AccessPointAttachment S3AccessPoint": { + "Alias": "The S3 access point's alias.", + "Policy": "The S3 access point's policy.", + "ResourceARN": "The S3 access point's ARN.", + "VpcConfiguration": "The S3 access point's virtual private cloud (VPC) configuration." + }, + "AWS::FSx::S3AccessPointAttachment S3AccessPointOpenZFSConfiguration": { + "FileSystemIdentity": "The file system identity used to authorize file access requests made using the S3 access point.", + "VolumeId": "The ID of the FSx for OpenZFS volume that the S3 access point is attached to." + }, + "AWS::FSx::S3AccessPointAttachment S3AccessPointVpcConfiguration": { + "VpcId": "Specifies the virtual private cloud (VPC) for the S3 access point VPC configuration, if one exists." + }, "AWS::FSx::Snapshot": { "Name": "The name of the snapshot.", "Tags": "A list of `Tag` values, with a maximum of 50 elements.", @@ -19764,6 +20109,7 @@ }, "AWS::GameLift::ContainerFleet LogConfiguration": { "LogDestination": "The type of log collection to use for a fleet.\n\n- `CLOUDWATCH` -- (default value) Send logs to an Amazon CloudWatch log group that you define. Each container emits a log stream, which is organized in the log group.\n- `S3` -- Store logs in an Amazon S3 bucket that you define. This bucket must reside in the fleet's home AWS Region.\n- `NONE` -- Don't collect container logs.", + "LogGroupArn": "If log destination is `CLOUDWATCH` , logs are sent to the specified log group in Amazon CloudWatch.", "S3BucketName": "If log destination is `S3` , logs are sent to the specified Amazon S3 bucket name." }, "AWS::GameLift::ContainerFleet ScalingPolicy": { @@ -20421,7 +20767,7 @@ "SecurityConfiguration": "The name of the `SecurityConfiguration` structure to be used with this job.", "Tags": "The tags to use with this job.", "Timeout": "The job timeout in minutes. This is the maximum time that a job run can consume resources before it is terminated and enters TIMEOUT status. The default is 2,880 minutes (48 hours).", - "WorkerType": "The type of predefined worker that is allocated when a job runs. Accepts a value of G.1X, G.2X, G.4X, G.8X or G.025X for Spark jobs. Accepts the value Z.2X for Ray jobs.\n\n- For the `G.1X` worker type, each worker maps to 1 DPU (4 vCPUs, 16 GB of memory) with 94GB disk, and provides 1 executor per worker. We recommend this worker type for workloads such as data transforms, joins, and queries, to offers a scalable and cost effective way to run most jobs.\n- For the `G.2X` worker type, each worker maps to 2 DPU (8 vCPUs, 32 GB of memory) with 138GB disk, and provides 1 executor per worker. We recommend this worker type for workloads such as data transforms, joins, and queries, to offers a scalable and cost effective way to run most jobs.\n- For the `G.4X` worker type, each worker maps to 4 DPU (16 vCPUs, 64 GB of memory) with 256GB disk, and provides 1 executor per worker. We recommend this worker type for jobs whose workloads contain your most demanding transforms, aggregations, joins, and queries. This worker type is available only for AWS Glue version 3.0 or later Spark ETL jobs in the following AWS Regions: US East (Ohio), US East (N. Virginia), US West (Oregon), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Canada (Central), Europe (Frankfurt), Europe (Ireland), and Europe (Stockholm).\n- For the `G.8X` worker type, each worker maps to 8 DPU (32 vCPUs, 128 GB of memory) with 512GB disk, and provides 1 executor per worker. We recommend this worker type for jobs whose workloads contain your most demanding transforms, aggregations, joins, and queries. This worker type is available only for AWS Glue version 3.0 or later Spark ETL jobs, in the same AWS Regions as supported for the `G.4X` worker type.\n- For the `G.025X` worker type, each worker maps to 0.25 DPU (2 vCPUs, 4 GB of memory) with 84GB disk, and provides 1 executor per worker. We recommend this worker type for low volume streaming jobs. This worker type is only available for AWS Glue version 3.0 or later streaming jobs.\n- For the `Z.2X` worker type, each worker maps to 2 M-DPU (8vCPUs, 64 GB of memory) with 128 GB disk, and provides up to 8 Ray workers based on the autoscaler." + "WorkerType": "The type of predefined worker that is allocated when a job runs. Accepts a value of G.1X, G.2X, G.4X, G.8X or G.025X for Spark jobs. Accepts the value Z.2X for Ray jobs.\n\n- For the `G.1X` worker type, each worker maps to 1 DPU (4 vCPUs, 16 GB of memory) with 94GB disk, and provides 1 executor per worker. We recommend this worker type for workloads such as data transforms, joins, and queries, to offers a scalable and cost effective way to run most jobs.\n- For the `G.2X` worker type, each worker maps to 2 DPU (8 vCPUs, 32 GB of memory) with 138GB disk, and provides 1 executor per worker. We recommend this worker type for workloads such as data transforms, joins, and queries, to offers a scalable and cost effective way to run most jobs.\n- For the `G.4X` worker type, each worker maps to 4 DPU (16 vCPUs, 64 GB of memory) with 256GB disk, and provides 1 executor per worker. We recommend this worker type for jobs whose workloads contain your most demanding transforms, aggregations, joins, and queries. This worker type is available only for AWS Glue version 3.0 or later Spark ETL jobs in the following AWS Regions: US East (Ohio), US East (N. Virginia), US West (N. California), US West (Oregon), Asia Pacific (Mumbai), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Canada (Central), Europe (Frankfurt), Europe (Ireland), Europe (London), Europe (Spain), Europe (Stockholm), and South America (S\u00e3o Paulo).\n- For the `G.8X` worker type, each worker maps to 8 DPU (32 vCPUs, 128 GB of memory) with 512GB disk, and provides 1 executor per worker. We recommend this worker type for jobs whose workloads contain your most demanding transforms, aggregations, joins, and queries. This worker type is available only for AWS Glue version 3.0 or later Spark ETL jobs, in the same AWS Regions as supported for the `G.4X` worker type.\n- For the `G.025X` worker type, each worker maps to 0.25 DPU (2 vCPUs, 4 GB of memory) with 84GB disk, and provides 1 executor per worker. We recommend this worker type for low volume streaming jobs. This worker type is only available for AWS Glue version 3.0 or later streaming jobs.\n- For the `Z.2X` worker type, each worker maps to 2 M-DPU (8vCPUs, 64 GB of memory) with 128 GB disk, and provides up to 8 Ray workers based on the autoscaler." }, "AWS::Glue::Job ConnectionsList": { "Connections": "A list of connections used by the job." @@ -21497,6 +21843,7 @@ "AWS::GuardDuty::IPSet": { "Activate": "Indicates whether or not GuardDuty uses the `IPSet` .", "DetectorId": "The unique ID of the detector of the GuardDuty account for which you want to create an IPSet.\n\nTo find the `detectorId` in the current Region, see the\nSettings page in the GuardDuty console, or run the [ListDetectors](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListDetectors.html) API.", + "ExpectedBucketOwner": "The AWS account ID that owns the Amazon S3 bucket specified in the *Location* field.\n\nWhen you provide this account ID, GuardDuty will validate that the S3 bucket belongs to this account. If you don't specify an account ID owner, GuardDuty doesn't perform any validation.", "Format": "The format of the file that contains the IPSet.", "Location": "The URI of the file that contains the IPSet.", "Name": "The user-friendly name to identify the IPSet.\n\nAllowed characters are alphanumeric, whitespace, dash (-), and underscores (_).", @@ -21563,6 +21910,7 @@ "AWS::GuardDuty::ThreatIntelSet": { "Activate": "A Boolean value that indicates whether GuardDuty is to start using the uploaded ThreatIntelSet.", "DetectorId": "The unique ID of the detector of the GuardDuty account for which you want to create a `ThreatIntelSet` .\n\nTo find the `detectorId` in the current Region, see the\nSettings page in the GuardDuty console, or run the [ListDetectors](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListDetectors.html) API.", + "ExpectedBucketOwner": "The AWS account ID that owns the Amazon S3 bucket specified in the *Location* field.\n\nWhen you provide this account ID, GuardDuty will validate that the S3 bucket belongs to this account. If you don't specify an account ID owner, GuardDuty doesn't perform any validation.", "Format": "The format of the file that contains the ThreatIntelSet.", "Location": "The URI of the file that contains the ThreatIntelSet.", "Name": "A user-friendly ThreatIntelSet name displayed in all findings that are generated by activity that involves IP addresses included in this ThreatIntelSet.", @@ -22346,7 +22694,8 @@ "Description": "A description of the filter.", "FilterAction": "The action that is to be applied to the findings that match the filter.", "FilterCriteria": "Details on the filter criteria associated with this filter.", - "Name": "The name of the filter." + "Name": "The name of the filter.", + "Tags": "The tags attached to the filter." }, "AWS::InspectorV2::Filter DateFilter": { "EndInclusive": "A timestamp representing the end of the time period filtered on.", @@ -22354,6 +22703,9 @@ }, "AWS::InspectorV2::Filter FilterCriteria": { "AwsAccountId": "Details of the AWS account IDs used to filter findings.", + "CodeVulnerabilityDetectorName": "", + "CodeVulnerabilityDetectorTags": "", + "CodeVulnerabilityFilePath": "", "ComponentId": "Details of the component IDs used to filter findings.", "ComponentType": "Details of the component types used to filter findings.", "Ec2InstanceImageId": "Details of the Amazon EC2 instance image IDs used to filter findings.", @@ -22365,11 +22717,19 @@ "EcrImageRegistry": "Details on the Amazon ECR registry used to filter findings.", "EcrImageRepositoryName": "Details on the name of the Amazon ECR repository used to filter findings.", "EcrImageTags": "The tags attached to the Amazon ECR container image.", + "EpssScore": "", + "ExploitAvailable": "", "FindingArn": "Details on the finding ARNs used to filter findings.", "FindingStatus": "Details on the finding status types used to filter findings.", "FindingType": "Details on the finding types used to filter findings.", "FirstObservedAt": "Details on the date and time a finding was first seen used to filter findings.", + "FixAvailable": "", "InspectorScore": "The Amazon Inspector score to filter on.", + "LambdaFunctionExecutionRoleArn": "", + "LambdaFunctionLastModifiedAt": "", + "LambdaFunctionLayers": "", + "LambdaFunctionName": "", + "LambdaFunctionRuntime": "", "LastObservedAt": "Details on the date and time a finding was last seen used to filter findings.", "NetworkProtocol": "Details on network protocol used to filter findings.", "PortRange": "Details on the port ranges used to filter findings.", @@ -22397,8 +22757,10 @@ "AWS::InspectorV2::Filter PackageFilter": { "Architecture": "An object that contains details on the package architecture type to filter on.", "Epoch": "An object that contains details on the package epoch to filter on.", + "FilePath": "", "Name": "An object that contains details on the name of the package to filter on.", "Release": "An object that contains details on the package release to filter on.", + "SourceLambdaLayerArn": "", "SourceLayerHash": "An object that contains details on the source layer hash to filter on.", "Version": "The package version to filter on." }, @@ -24141,6 +24503,49 @@ "Unit": "A unit of time.", "Value": "A number of time units." }, + "AWS::IoTManagedIntegrations::CredentialLocker": { + "Name": "The name of the credential locker.", + "Tags": "A set of key/value pairs that are used to manage the credential locker." + }, + "AWS::IoTManagedIntegrations::ManagedThing": { + "AuthenticationMaterial": "The authentication material defining the device connectivity setup requests. The authentication materials used are the device bar code.", + "AuthenticationMaterialType": "The type of authentication material used for device connectivity setup requests.", + "Brand": "The brand of the device.", + "CapabilityReport": "A report of the capabilities for the managed thing.", + "Classification": "The classification of the managed thing such as light bulb or thermostat.", + "CredentialLockerId": "The identifier of the credential locker for the managed thing.", + "MetaData": "The metadata for the managed thing.\n\n> The `managedThing metadata` parameter is used for associating attributes with a `managedThing` that can be used for grouping over-the-air (OTA) tasks. Name value pairs in `metadata` can be used in the `OtaTargetQueryString` parameter for the `CreateOtaTask` API operation.", + "Model": "The model of the device.", + "Name": "The name of the managed thing representing the physical device.", + "Owner": "Owner of the device, usually an indication of whom the device belongs to. This value should not contain personal identifiable information.", + "Role": "The type of device used. This will be the hub controller, cloud device, or IoT device.", + "SerialNumber": "The serial number of the device.", + "Tags": "A set of key/value pairs that are used to manage the managed thing." + }, + "AWS::IoTManagedIntegrations::ManagedThing CapabilityReport": { + "Endpoints": "The endpoints used in the capability report.", + "NodeId": "The numeric identifier of the node.", + "Version": "The version of the capability report." + }, + "AWS::IoTManagedIntegrations::ManagedThing CapabilityReportCapability": { + "Actions": "The capability actions used in the capability report.", + "Events": "The capability events used in the capability report.", + "Id": "The id of the schema version.", + "Name": "The name of the capability.", + "Properties": "The capability properties used in the capability report.", + "Version": "The version of the capability." + }, + "AWS::IoTManagedIntegrations::ManagedThing CapabilityReportEndpoint": { + "Capabilities": "The capabilities used in the capability report.", + "DeviceTypes": "The type of device.", + "Id": "The id of the endpoint used in the capability report." + }, + "AWS::IoTManagedIntegrations::ProvisioningProfile": { + "CaCertificate": "The id of the certificate authority (CA) certificate.", + "Name": "The name of the provisioning template.", + "ProvisioningType": "The type of provisioning workflow the device uses for onboarding to IoT managed integrations.", + "Tags": "A set of key/value pairs that are used to manage the provisioning profile." + }, "AWS::IoTSiteWise::AccessPolicy": { "AccessPolicyIdentity": "The identity for this access policy. Choose an IAM Identity Center user, an IAM Identity Center group, or an IAM user.", "AccessPolicyPermission": "The permission level for this access policy. Note that a project `ADMINISTRATOR` is also known as a project owner.", @@ -24317,12 +24722,12 @@ "GatewayCapabilitySummaries": "A list of gateway capability summaries that each contain a namespace and status. Each gateway capability defines data sources for the gateway. To retrieve a capability configuration's definition, use [DescribeGatewayCapabilityConfiguration](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DescribeGatewayCapabilityConfiguration.html) .", "GatewayName": "A unique name for the gateway.", "GatewayPlatform": "The gateway's platform. You can only specify one platform in a gateway.", - "GatewayVersion": "The version of the gateway. A value of `3` indicates an MQTT-enabled, V3 gateway, while `2` indicates a Classic streams, V2 gateway.", + "GatewayVersion": "", "Tags": "A list of key-value pairs that contain metadata for the gateway. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* ." }, "AWS::IoTSiteWise::Gateway GatewayCapabilitySummary": { "CapabilityConfiguration": "The JSON document that defines the configuration for the gateway capability. For more information, see [Configuring data sources (CLI)](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/configure-sources.html#configure-source-cli) in the *AWS IoT SiteWise User Guide* .", - "CapabilityNamespace": "The namespace of the capability configuration. For example, if you configure OPC-UA sources from the AWS IoT SiteWise console, your OPC-UA capability configuration has the namespace `iotsitewise:opcuacollector:version` , where `version` is a number such as `1` ." + "CapabilityNamespace": "The namespace of the capability configuration. For example, if you configure OPC UA sources for an MQTT-enabled gateway, your OPC-UA capability configuration has the namespace `iotsitewise:opcuacollector:3` ." }, "AWS::IoTSiteWise::Gateway GatewayPlatform": { "GreengrassV2": "A gateway that runs on AWS IoT Greengrass V2 .", @@ -24835,10 +25240,10 @@ "EnableKeyRotation": "Enables automatic rotation of the key material for the specified KMS key. By default, automatic key rotation is not enabled.\n\nAWS KMS supports automatic rotation only for symmetric encryption KMS keys ( `KeySpec` = `SYMMETRIC_DEFAULT` ). For asymmetric KMS keys, HMAC KMS keys, and KMS keys with Origin `EXTERNAL` , omit the `EnableKeyRotation` property or set it to `false` .\n\nTo enable automatic key rotation of the key material for a multi-Region KMS key, set `EnableKeyRotation` to `true` on the primary key (created by using `AWS::KMS::Key` ). AWS KMS copies the rotation status to all replica keys. For details, see [Rotating multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-manage.html#multi-region-rotate) in the *AWS Key Management Service Developer Guide* .\n\nWhen you enable automatic rotation, AWS KMS automatically creates new key material for the KMS key one year after the enable date and every year thereafter. AWS KMS retains all key material until you delete the KMS key. For detailed information about automatic key rotation, see [Rotating KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html) in the *AWS Key Management Service Developer Guide* .", "Enabled": "Specifies whether the KMS key is enabled. Disabled KMS keys cannot be used in cryptographic operations.\n\nWhen `Enabled` is `true` , the *key state* of the KMS key is `Enabled` . When `Enabled` is `false` , the key state of the KMS key is `Disabled` . The default value is `true` .\n\nThe actual key state of the KMS key might be affected by actions taken outside of CloudFormation, such as running the [EnableKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_EnableKey.html) , [DisableKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_DisableKey.html) , or [ScheduleKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_ScheduleKeyDeletion.html) operations.\n\nFor information about the key states of a KMS key, see [Key state: Effect on your KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) in the *AWS Key Management Service Developer Guide* .", "KeyPolicy": "The key policy to attach to the KMS key.\n\nIf you provide a key policy, it must meet the following criteria:\n\n- The key policy must allow the caller to make a subsequent [PutKeyPolicy](https://docs.aws.amazon.com/kms/latest/APIReference/API_PutKeyPolicy.html) request on the KMS key. This reduces the risk that the KMS key becomes unmanageable. For more information, see [Default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) in the *AWS Key Management Service Developer Guide* . (To omit this condition, set `BypassPolicyLockoutSafetyCheck` to true.)\n- Each statement in the key policy must contain one or more principals. The principals in the key policy must exist and be visible to AWS KMS . When you create a new AWS principal (for example, an IAM user or role), you might need to enforce a delay before including the new principal in a key policy because the new principal might not be immediately visible to AWS KMS . For more information, see [Changes that I make are not always immediately visible](https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency) in the *AWS Identity and Access Management User Guide* .\n\nIf you do not provide a key policy, AWS KMS attaches a default key policy to the KMS key. For more information, see [Default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default) in the *AWS Key Management Service Developer Guide* .\n\nA key policy document can include only the following characters:\n\n- Printable ASCII characters\n- Printable characters in the Basic Latin and Latin-1 Supplement character set\n- The tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` ) special characters\n\n*Minimum* : `1`\n\n*Maximum* : `32768`", - "KeySpec": "Specifies the type of KMS key to create. The default value, `SYMMETRIC_DEFAULT` , creates a KMS key with a 256-bit symmetric key for encryption and decryption. In China Regions, `SYMMETRIC_DEFAULT` creates a 128-bit symmetric key that uses SM4 encryption. You can't change the `KeySpec` value after the KMS key is created. For help choosing a key spec for your KMS key, see [Choosing a KMS key type](https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-choose.html) in the *AWS Key Management Service Developer Guide* .\n\nThe `KeySpec` property determines the type of key material in the KMS key and the algorithms that the KMS key supports. To further restrict the algorithms that can be used with the KMS key, use a condition key in its key policy or IAM policy. For more information, see [AWS KMS condition keys](https://docs.aws.amazon.com/kms/latest/developerguide/policy-conditions.html#conditions-kms) in the *AWS Key Management Service Developer Guide* .\n\n> If you change the value of the `KeySpec` property on an existing KMS key, the update request fails, regardless of the value of the [`UpdateReplacePolicy` attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html) . This prevents you from accidentally deleting a KMS key by changing an immutable property value. > [AWS services that are integrated with AWS KMS](https://docs.aws.amazon.com/kms/features/#AWS_Service_Integration) use symmetric encryption KMS keys to protect your data. These services do not support encryption with asymmetric KMS keys. For help determining whether a KMS key is asymmetric, see [Identifying asymmetric KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/find-symm-asymm.html) in the *AWS Key Management Service Developer Guide* . \n\nAWS KMS supports the following key specs for KMS keys:\n\n- Symmetric encryption key (default)\n\n- `SYMMETRIC_DEFAULT` (AES-256-GCM)\n- HMAC keys (symmetric)\n\n- `HMAC_224`\n- `HMAC_256`\n- `HMAC_384`\n- `HMAC_512`\n- Asymmetric RSA key pairs (encryption and decryption *or* signing and verification)\n\n- `RSA_2048`\n- `RSA_3072`\n- `RSA_4096`\n- Asymmetric NIST-recommended elliptic curve key pairs (signing and verification *or* deriving shared secrets)\n\n- `ECC_NIST_P256` (secp256r1)\n- `ECC_NIST_P384` (secp384r1)\n- `ECC_NIST_P521` (secp521r1)\n- Other asymmetric elliptic curve key pairs (signing and verification)\n\n- `ECC_SECG_P256K1` (secp256k1), commonly used for cryptocurrencies.\n- SM2 key pairs (encryption and decryption *or* signing and verification *or* deriving shared secrets)\n\n- `SM2` (China Regions only)", - "KeyUsage": "Determines the [cryptographic operations](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations) for which you can use the KMS key. The default value is `ENCRYPT_DECRYPT` . This property is required for asymmetric KMS keys and HMAC KMS keys. You can't change the `KeyUsage` value after the KMS key is created.\n\n> If you change the value of the `KeyUsage` property on an existing KMS key, the update request fails, regardless of the value of the [`UpdateReplacePolicy` attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html) . This prevents you from accidentally deleting a KMS key by changing an immutable property value. \n\nSelect only one valid value.\n\n- For symmetric encryption KMS keys, omit the parameter or specify `ENCRYPT_DECRYPT` .\n- For HMAC KMS keys (symmetric), specify `GENERATE_VERIFY_MAC` .\n- For asymmetric KMS keys with RSA key pairs, specify `ENCRYPT_DECRYPT` or `SIGN_VERIFY` .\n- For asymmetric KMS keys with NIST-recommended elliptic curve key pairs, specify `SIGN_VERIFY` or `KEY_AGREEMENT` .\n- For asymmetric KMS keys with `ECC_SECG_P256K1` key pairs specify `SIGN_VERIFY` .\n- For asymmetric KMS keys with SM2 key pairs (China Regions only), specify `ENCRYPT_DECRYPT` , `SIGN_VERIFY` , or `KEY_AGREEMENT` .", + "KeySpec": "Specifies the type of KMS key to create. The default value, `SYMMETRIC_DEFAULT` , creates a KMS key with a 256-bit symmetric key for encryption and decryption. In China Regions, `SYMMETRIC_DEFAULT` creates a 128-bit symmetric key that uses SM4 encryption. You can't change the `KeySpec` value after the KMS key is created. For help choosing a key spec for your KMS key, see [Choosing a KMS key type](https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-choose.html) in the *AWS Key Management Service Developer Guide* .\n\nThe `KeySpec` property determines the type of key material in the KMS key and the algorithms that the KMS key supports. To further restrict the algorithms that can be used with the KMS key, use a condition key in its key policy or IAM policy. For more information, see [AWS KMS condition keys](https://docs.aws.amazon.com/kms/latest/developerguide/policy-conditions.html#conditions-kms) in the *AWS Key Management Service Developer Guide* .\n\n> If you change the value of the `KeySpec` property on an existing KMS key, the update request fails, regardless of the value of the [`UpdateReplacePolicy` attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html) . This prevents you from accidentally deleting a KMS key by changing an immutable property value. > [AWS services that are integrated with AWS KMS](https://docs.aws.amazon.com/kms/features/#AWS_Service_Integration) use symmetric encryption KMS keys to protect your data. These services do not support encryption with asymmetric KMS keys. For help determining whether a KMS key is asymmetric, see [Identifying asymmetric KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/find-symm-asymm.html) in the *AWS Key Management Service Developer Guide* . \n\nAWS KMS supports the following key specs for KMS keys:\n\n- Symmetric encryption key (default)\n\n- `SYMMETRIC_DEFAULT` (AES-256-GCM)\n- HMAC keys (symmetric)\n\n- `HMAC_224`\n- `HMAC_256`\n- `HMAC_384`\n- `HMAC_512`\n- Asymmetric RSA key pairs (encryption and decryption *or* signing and verification)\n\n- `RSA_2048`\n- `RSA_3072`\n- `RSA_4096`\n- Asymmetric NIST-recommended elliptic curve key pairs (signing and verification *or* deriving shared secrets)\n\n- `ECC_NIST_P256` (secp256r1)\n- `ECC_NIST_P384` (secp384r1)\n- `ECC_NIST_P521` (secp521r1)\n- Other asymmetric elliptic curve key pairs (signing and verification)\n\n- `ECC_SECG_P256K1` (secp256k1), commonly used for cryptocurrencies.\n- Asymmetric ML-DSA key pairs (signing and verification)\n\n- `ML_DSA_44`\n- `ML_DSA_65`\n- `ML_DSA_87`\n- SM2 key pairs (encryption and decryption *or* signing and verification *or* deriving shared secrets)\n\n- `SM2` (China Regions only)", + "KeyUsage": "Determines the [cryptographic operations](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations) for which you can use the KMS key. The default value is `ENCRYPT_DECRYPT` . This property is required for asymmetric KMS keys and HMAC KMS keys. You can't change the `KeyUsage` value after the KMS key is created.\n\n> If you change the value of the `KeyUsage` property on an existing KMS key, the update request fails, regardless of the value of the [`UpdateReplacePolicy` attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html) . This prevents you from accidentally deleting a KMS key by changing an immutable property value. \n\nSelect only one valid value.\n\n- For symmetric encryption KMS keys, omit the parameter or specify `ENCRYPT_DECRYPT` .\n- For HMAC KMS keys (symmetric), specify `GENERATE_VERIFY_MAC` .\n- For asymmetric KMS keys with RSA key pairs, specify `ENCRYPT_DECRYPT` or `SIGN_VERIFY` .\n- For asymmetric KMS keys with NIST-recommended elliptic curve key pairs, specify `SIGN_VERIFY` or `KEY_AGREEMENT` .\n- For asymmetric KMS keys with `ECC_SECG_P256K1` key pairs, specify `SIGN_VERIFY` .\n- For asymmetric KMS keys with ML-DSA key pairs, specify `SIGN_VERIFY` .\n- For asymmetric KMS keys with SM2 key pairs (China Regions only), specify `ENCRYPT_DECRYPT` , `SIGN_VERIFY` , or `KEY_AGREEMENT` .", "MultiRegion": "Creates a multi-Region primary key that you can replicate in other AWS Regions . You can't change the `MultiRegion` value after the KMS key is created.\n\nFor a list of AWS Regions in which multi-Region keys are supported, see [Multi-Region keys in AWS KMS](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the ** .\n\n> If you change the value of the `MultiRegion` property on an existing KMS key, the update request fails, regardless of the value of the [`UpdateReplacePolicy` attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html) . This prevents you from accidentally deleting a KMS key by changing an immutable property value. \n\nFor a multi-Region key, set to this property to `true` . For a single-Region key, omit this property or set it to `false` . The default value is `false` .\n\n*Multi-Region keys* are an AWS KMS feature that lets you create multiple interoperable KMS keys in different AWS Regions . Because these KMS keys have the same key ID, key material, and other metadata, you can use them to encrypt data in one AWS Region and decrypt it in a different AWS Region without making a cross-Region call or exposing the plaintext data. For more information, see [Multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the *AWS Key Management Service Developer Guide* .\n\nYou can create a symmetric encryption, HMAC, or asymmetric multi-Region KMS key, and you can create a multi-Region key with imported key material. However, you cannot create a multi-Region key in a custom key store.\n\nTo create a replica of this primary key in a different AWS Region , create an [AWS::KMS::ReplicaKey](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kms-replicakey.html) resource in a CloudFormation stack in the replica Region. Specify the key ARN of this primary key.", - "Origin": "The source of the key material for the KMS key. You cannot change the origin after you create the KMS key. The default is `AWS_KMS` , which means that AWS KMS creates the key material.\n\nTo [create a KMS key with no key material](https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys-create-cmk.html) (for imported key material), set this value to `EXTERNAL` . For more information about importing key material into AWS KMS , see [Importing Key Material](https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html) in the *AWS Key Management Service Developer Guide* .\n\nYou can ignore `ENABLED` when Origin is `EXTERNAL` . When a KMS key with Origin `EXTERNAL` is created, the key state is `PENDING_IMPORT` and `ENABLED` is `false` . After you import the key material, `ENABLED` updated to `true` . The KMS key can then be used for Cryptographic Operations.\n\n> AWS CloudFormation doesn't support creating an `Origin` parameter of the `AWS_CLOUDHSM` or `EXTERNAL_KEY_STORE` values.", + "Origin": "The source of the key material for the KMS key. You cannot change the origin after you create the KMS key. The default is `AWS_KMS` , which means that AWS KMS creates the key material.\n\nTo [create a KMS key with no key material](https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys-create-cmk.html) (for imported key material), set this value to `EXTERNAL` . For more information about importing key material into AWS KMS , see [Importing Key Material](https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html) in the *AWS Key Management Service Developer Guide* .\n\nYou can ignore `ENABLED` when Origin is `EXTERNAL` . When a KMS key with Origin `EXTERNAL` is created, the key state is `PENDING_IMPORT` and `ENABLED` is `false` . After you import the key material, `ENABLED` updated to `true` . The KMS key can then be used for Cryptographic Operations.\n\n> - AWS CloudFormation doesn't support creating an `Origin` parameter of the `AWS_CLOUDHSM` or `EXTERNAL_KEY_STORE` values.\n> - `EXTERNAL` is not supported for ML-DSA keys.", "PendingWindowInDays": "Specifies the number of days in the waiting period before AWS KMS deletes a KMS key that has been removed from a CloudFormation stack. Enter a value between 7 and 30 days. The default value is 30 days.\n\nWhen you remove a KMS key from a CloudFormation stack, AWS KMS schedules the KMS key for deletion and starts the mandatory waiting period. The `PendingWindowInDays` property determines the length of waiting period. During the waiting period, the key state of KMS key is `Pending Deletion` or `Pending Replica Deletion` , which prevents the KMS key from being used in cryptographic operations. When the waiting period expires, AWS KMS permanently deletes the KMS key.\n\nAWS KMS will not delete a [multi-Region primary key](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) that has replica keys. If you remove a multi-Region primary key from a CloudFormation stack, its key state changes to `PendingReplicaDeletion` so it cannot be replicated or used in cryptographic operations. This state can persist indefinitely. When the last of its replica keys is deleted, the key state of the primary key changes to `PendingDeletion` and the waiting period specified by `PendingWindowInDays` begins. When this waiting period expires, AWS KMS deletes the primary key. For details, see [Deleting multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-delete.html) in the *AWS Key Management Service Developer Guide* .\n\nYou cannot use a CloudFormation template to cancel deletion of the KMS key after you remove it from the stack, regardless of the waiting period. If you specify a KMS key in your template, even one with the same name, CloudFormation creates a new KMS key. To cancel deletion of a KMS key, use the AWS KMS console or the [CancelKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_CancelKeyDeletion.html) operation.\n\nFor information about the `Pending Deletion` and `Pending Replica Deletion` key states, see [Key state: Effect on your KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) in the *AWS Key Management Service Developer Guide* . For more information about deleting KMS keys, see the [ScheduleKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_ScheduleKeyDeletion.html) operation in the *AWS Key Management Service API Reference* and [Deleting KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/deleting-keys.html) in the *AWS Key Management Service Developer Guide* .", "RotationPeriodInDays": "Specifies a custom period of time between each rotation date. If no value is specified, the default value is 365 days.\n\nThe rotation period defines the number of days after you enable automatic key rotation that AWS KMS will rotate your key material, and the number of days between each automatic rotation thereafter.\n\nYou can use the [`kms:RotationPeriodInDays`](https://docs.aws.amazon.com/kms/latest/developerguide/conditions-kms.html#conditions-kms-rotation-period-in-days) condition key to further constrain the values that principals can specify in the `RotationPeriodInDays` parameter.\n\nFor more information about rotating KMS keys and automatic rotation, see [Rotating keys](https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html) in the *AWS Key Management Service Developer Guide* .", "Tags": "Assigns one or more tags to the replica key.\n\n> Tagging or untagging a KMS key can allow or deny permission to the KMS key. For details, see [ABAC for AWS KMS](https://docs.aws.amazon.com/kms/latest/developerguide/abac.html) in the *AWS Key Management Service Developer Guide* . \n\nFor information about tags in AWS KMS , see [Tagging keys](https://docs.aws.amazon.com/kms/latest/developerguide/tagging-keys.html) in the *AWS Key Management Service Developer Guide* . For information about tags in CloudFormation, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." @@ -25077,6 +25482,7 @@ "SalesforceConfiguration": "Provides the configuration information to connect to Salesforce as your data source.", "ServiceNowConfiguration": "Provides the configuration information to connect to ServiceNow as your data source.", "SharePointConfiguration": "Provides the configuration information to connect to Microsoft SharePoint as your data source.", + "TemplateConfiguration": "Provides a template for the configuration information to connect to your data source.", "WebCrawlerConfiguration": "Provides the configuration information required for Amazon Kendra Web Crawler.", "WorkDocsConfiguration": "Provides the configuration information to connect to Amazon WorkDocs as your data source." }, @@ -25254,6 +25660,9 @@ "Key": "The key for the tag. Keys are not case sensitive and must be unique for the index, FAQ, data source, or other resource.", "Value": "The value associated with the tag. The value may be an empty string but it can't be null." }, + "AWS::Kendra::DataSource TemplateConfiguration": { + "Template": "The template schema used for the data source, where templates schemas are supported.\n\nSee [Data source template schemas](https://docs.aws.amazon.com/kendra/latest/dg/ds-schemas.html) ." + }, "AWS::Kendra::DataSource WebCrawlerAuthenticationConfiguration": { "BasicAuthentication": "The list of configuration information that's required to connect to and crawl a website host using basic authentication credentials.\n\nThe list includes the name and port number of the website host." }, @@ -25412,7 +25821,12 @@ }, "AWS::Kinesis::StreamConsumer": { "ConsumerName": "The name of the consumer is something you choose when you register the consumer.", - "StreamARN": "The ARN of the stream with which you registered the consumer." + "StreamARN": "The ARN of the stream with which you registered the consumer.", + "Tags": "An array of tags to be added to a specified Kinesis resource. A tag consists of a required key and an optional value. You can specify up to 50 tag key-value pairs." + }, + "AWS::Kinesis::StreamConsumer Tag": { + "Key": "A unique identifier for the tag. The maximum length for a tag key is 128 characters.\n\nA tag key can only contain the following:\n\n- Unicode letters\n- Digits\n- White space\n- One or more of these symbols: `_` , `.` , `/` , `=` , `+` , `-` , `%` , `@`", + "Value": "An optional string, typically used to describe or define the tag. The maximum length for a tag value is 256 characters.\n\nA tag value can only contain the following:\n\n- Unicode letters\n- Digits\n- White space\n- One or more of these symbols: `_` , `.` , `/` , `=` , `+` , `-` , `%` , `@`" }, "AWS::KinesisAnalytics::Application": { "ApplicationCode": "One or more SQL statements that read input data, transform it, and generate output. For example, you can write a SQL statement that reads data from one in-application stream, generates a running average of the number of advertisement clicks by vendor, and insert resulting rows in another in-application stream using pumps. For more information about the typical pattern, see [Application Code](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/how-it-works-app-code.html) .\n\nYou can provide such series of SQL statements, where output of one statement can be used as the input for the next statement. You store intermediate results by creating in-application streams and pumps.\n\nNote that the application code must create the streams with names specified in the `Outputs` . For example, if your `Outputs` defines output streams named `ExampleOutputStream1` and `ExampleOutputStream2` , then your application code must create these streams.", @@ -25850,7 +26264,8 @@ "SizeInMBs": "The size of the buffer, in MBs, that Kinesis Data Firehose uses for incoming data before delivering it to the destination. For valid values, see the `SizeInMBs` content for the [BufferingHints](https://docs.aws.amazon.com/firehose/latest/APIReference/API_BufferingHints.html) data type in the *Amazon Kinesis Data Firehose API Reference* ." }, "AWS::KinesisFirehose::DeliveryStream CatalogConfiguration": { - "CatalogArn": "Specifies the Glue catalog ARN identifier of the destination Apache Iceberg Tables. You must specify the ARN in the format `arn:aws:glue:region:account-id:catalog` ." + "CatalogArn": "Specifies the Glue catalog ARN identifier of the destination Apache Iceberg Tables. You must specify the ARN in the format `arn:aws:glue:region:account-id:catalog` .", + "WarehouseLocation": "The warehouse location for Apache Iceberg tables. You must configure this when schema evolution and table creation is enabled.\n\nAmazon Data Firehose is in preview release and is subject to change." }, "AWS::KinesisFirehose::DeliveryStream CloudWatchLoggingOptions": { "Enabled": "Indicates whether CloudWatch Logs logging is enabled.", @@ -25912,6 +26327,7 @@ "AWS::KinesisFirehose::DeliveryStream DestinationTableConfiguration": { "DestinationDatabaseName": "The name of the Apache Iceberg database.", "DestinationTableName": "Specifies the name of the Apache Iceberg Table.", + "PartitionSpec": "The partition spec configuration for a table that is used by automatic table creation.\n\nAmazon Data Firehose is in preview release and is subject to change.", "S3ErrorOutputPrefix": "The table specific S3 error output prefix. All the errors that occurred while delivering to this table will be prefixed with this value in S3 destination.", "UniqueKeys": "A list of unique keys for a given Apache Iceberg table. Firehose will use these for running Create, Update, or Delete operations on the given Iceberg table." }, @@ -26007,6 +26423,8 @@ "RetryOptions": "", "RoleARN": "The Amazon Resource Name (ARN) of the IAM role to be assumed by Firehose for calling Apache Iceberg Tables.", "S3Configuration": "", + "SchemaEvolutionConfiguration": "The configuration to enable automatic schema evolution.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "TableCreationConfiguration": "The configuration to enable automatic table creation.\n\nAmazon Data Firehose is in preview release and is subject to change.", "s3BackupMode": "Describes how Firehose will backup records. Currently,S3 backup only supports `FailedDataOnly` ." }, "AWS::KinesisFirehose::DeliveryStream InputFormatConfiguration": { @@ -26053,6 +26471,12 @@ "PageSizeBytes": "The Parquet page size. Column chunks are divided into pages. A page is conceptually an indivisible unit (in terms of compression and encoding). The minimum value is 64 KiB and the default is 1 MiB.", "WriterVersion": "Indicates the version of row format to output. The possible values are `V1` and `V2` . The default is `V1` ." }, + "AWS::KinesisFirehose::DeliveryStream PartitionField": { + "SourceName": "The column name to be configured in partition spec.\n\nAmazon Data Firehose is in preview release and is subject to change." + }, + "AWS::KinesisFirehose::DeliveryStream PartitionSpec": { + "Identity": "List of identity [transforms](https://docs.aws.amazon.com/https://iceberg.apache.org/spec/#partition-transforms) that performs an identity transformation. The transform takes the source value, and does not modify it. Result type is the source type.\n\nAmazon Data Firehose is in preview release and is subject to change." + }, "AWS::KinesisFirehose::DeliveryStream ProcessingConfiguration": { "Enabled": "Indicates whether data processing is enabled (true) or disabled (false).", "Processors": "The data processors." @@ -26103,6 +26527,9 @@ "TableName": "Specifies the AWS Glue table that contains the column information that constitutes your data schema.\n\n> If the `SchemaConfiguration` request parameter is used as part of invoking the `CreateDeliveryStream` API, then the `TableName` property is required and its value must be specified.", "VersionId": "Specifies the table version for the output data schema. If you don't specify this version ID, or if you set it to `LATEST` , Firehose uses the most recent version. This means that any updates to the table are automatically picked up." }, + "AWS::KinesisFirehose::DeliveryStream SchemaEvolutionConfiguration": { + "Enabled": "Specify whether you want to enable schema evolution.\n\nAmazon Data Firehose is in preview release and is subject to change." + }, "AWS::KinesisFirehose::DeliveryStream SecretsManagerConfiguration": { "Enabled": "Specifies whether you want to use the secrets manager feature. When set as `True` the secrets manager configuration overwrites the existing secrets in the destination configuration. When it's set to `False` Firehose falls back to the credentials in the destination configuration.", "RoleARN": "Specifies the role that Firehose assumes when calling the Secrets Manager API operation. When you provide the role, it overrides any destination specific role defined in the destination configuration. If you do not provide the then we use the destination specific role. This parameter is required for Splunk.", @@ -26168,6 +26595,9 @@ "AWS::KinesisFirehose::DeliveryStream SplunkRetryOptions": { "DurationInSeconds": "The total amount of time that Firehose spends on retries. This duration starts after the initial attempt to send data to Splunk fails. It doesn't include the periods during which Firehose waits for acknowledgment from Splunk after each attempt." }, + "AWS::KinesisFirehose::DeliveryStream TableCreationConfiguration": { + "Enabled": "Specify whether you want to enable automatic table creation.\n\nAmazon Data Firehose is in preview release and is subject to change." + }, "AWS::KinesisFirehose::DeliveryStream Tag": { "Key": "A unique identifier for the tag. Maximum length: 128 characters. Valid characters: Unicode letters, digits, white space, _ . / = + - % @", "Value": "An optional string, which you can use to describe or define the tag. Maximum length: 256 characters. Valid characters: Unicode letters, digits, white space, _ . / = + - % @" @@ -26461,7 +26891,8 @@ "TumblingWindowInSeconds": "(Kinesis and DynamoDB Streams only) The duration in seconds of a processing window for DynamoDB and Kinesis Streams event sources. A value of 0 seconds indicates no tumbling window." }, "AWS::Lambda::EventSourceMapping AmazonManagedKafkaEventSourceConfig": { - "ConsumerGroupId": "The identifier for the Kafka consumer group to join. The consumer group ID must be unique among all your Kafka event sources. After creating a Kafka event source mapping with the consumer group ID specified, you cannot update this value. For more information, see [Customizable consumer group ID](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#services-msk-consumer-group-id) ." + "ConsumerGroupId": "The identifier for the Kafka consumer group to join. The consumer group ID must be unique among all your Kafka event sources. After creating a Kafka event source mapping with the consumer group ID specified, you cannot update this value. For more information, see [Customizable consumer group ID](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#services-msk-consumer-group-id) .", + "SchemaRegistryConfig": "Specific configuration settings for a Kafka schema registry." }, "AWS::Lambda::EventSourceMapping DestinationConfig": { "OnFailure": "The destination configuration for failed invocations." @@ -26493,11 +26924,25 @@ "AWS::Lambda::EventSourceMapping ScalingConfig": { "MaximumConcurrency": "Limits the number of concurrent instances that the Amazon SQS event source can invoke." }, + "AWS::Lambda::EventSourceMapping SchemaRegistryAccessConfig": { + "Type": "The type of authentication Lambda uses to access your schema registry.", + "URI": "The URI of the secret (Secrets Manager secret ARN) to authenticate with your schema registry." + }, + "AWS::Lambda::EventSourceMapping SchemaRegistryConfig": { + "AccessConfigs": "An array of access configuration objects that tell Lambda how to authenticate with your schema registry.", + "EventRecordFormat": "The record format that Lambda delivers to your function after schema validation.\n\n- Choose `JSON` to have Lambda deliver the record to your function as a standard JSON object.\n- Choose `SOURCE` to have Lambda deliver the record to your function in its original source format. Lambda removes all schema metadata, such as the schema ID, before sending the record to your function.", + "SchemaRegistryURI": "The URI for your schema registry. The correct URI format depends on the type of schema registry you're using.\n\n- For AWS Glue schema registries, use the ARN of the registry.\n- For Confluent schema registries, use the URL of the registry.", + "SchemaValidationConfigs": "An array of schema validation configuration objects, which tell Lambda the message attributes you want to validate and filter using your schema registry." + }, + "AWS::Lambda::EventSourceMapping SchemaValidationConfig": { + "Attribute": "The attributes you want your schema registry to validate and filter for. If you selected `JSON` as the `EventRecordFormat` , Lambda also deserializes the selected message attributes." + }, "AWS::Lambda::EventSourceMapping SelfManagedEventSource": { "Endpoints": "The list of bootstrap servers for your Kafka brokers in the following format: `\"KafkaBootstrapServers\": [\"abc.xyz.com:xxxx\",\"abc2.xyz.com:xxxx\"]` ." }, "AWS::Lambda::EventSourceMapping SelfManagedKafkaEventSourceConfig": { - "ConsumerGroupId": "The identifier for the Kafka consumer group to join. The consumer group ID must be unique among all your Kafka event sources. After creating a Kafka event source mapping with the consumer group ID specified, you cannot update this value. For more information, see [Customizable consumer group ID](https://docs.aws.amazon.com/lambda/latest/dg/with-kafka-process.html#services-smaa-topic-add) ." + "ConsumerGroupId": "The identifier for the Kafka consumer group to join. The consumer group ID must be unique among all your Kafka event sources. After creating a Kafka event source mapping with the consumer group ID specified, you cannot update this value. For more information, see [Customizable consumer group ID](https://docs.aws.amazon.com/lambda/latest/dg/with-kafka-process.html#services-smaa-topic-add) .", + "SchemaRegistryConfig": "Specific configuration settings for a Kafka schema registry." }, "AWS::Lambda::EventSourceMapping SourceAccessConfiguration": { "Type": "The type of authentication protocol, VPC components, or virtual host for your event source. For example: `\"Type\":\"SASL_SCRAM_512_AUTH\"` .\n\n- `BASIC_AUTH` \u2013 (Amazon MQ) The AWS Secrets Manager secret that stores your broker credentials.\n- `BASIC_AUTH` \u2013 (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL/PLAIN authentication of your Apache Kafka brokers.\n- `VPC_SUBNET` \u2013 (Self-managed Apache Kafka) The subnets associated with your VPC. Lambda connects to these subnets to fetch data from your self-managed Apache Kafka cluster.\n- `VPC_SECURITY_GROUP` \u2013 (Self-managed Apache Kafka) The VPC security group used to manage access to your self-managed Apache Kafka brokers.\n- `SASL_SCRAM_256_AUTH` \u2013 (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-256 authentication of your self-managed Apache Kafka brokers.\n- `SASL_SCRAM_512_AUTH` \u2013 (Amazon MSK, Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-512 authentication of your self-managed Apache Kafka brokers.\n- `VIRTUAL_HOST` \u2013- (RabbitMQ) The name of the virtual host in your RabbitMQ broker. Lambda uses this RabbitMQ host as the event source. This property cannot be specified in an UpdateEventSourceMapping API call.\n- `CLIENT_CERTIFICATE_TLS_AUTH` \u2013 (Amazon MSK, self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the certificate chain (X.509 PEM), private key (PKCS#8 PEM), and private key password (optional) used for mutual TLS authentication of your MSK/Apache Kafka brokers.\n- `SERVER_ROOT_CA_CERTIFICATE` \u2013 (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the root CA certificate (X.509 PEM) used for TLS encryption of your Apache Kafka brokers.", @@ -26737,12 +27182,17 @@ "AWS::Lex::Bot BotLocale": { "CustomVocabulary": "Specifies a custom vocabulary to use with a specific locale.", "Description": "A description of the bot locale. Use this to help identify the bot locale in lists.", + "GenerativeAISettings": "", "Intents": "One or more intents defined for the locale.", "LocaleId": "The identifier of the language and locale that the bot will be used in. The string must match one of the supported locales.", "NluConfidenceThreshold": "Determines the threshold where Amazon Lex will insert the `AMAZON.FallbackIntent` , `AMAZON.KendraSearchIntent` , or both when returning alternative intents. You must configure an `AMAZON.FallbackIntent` . `AMAZON.KendraSearchIntent` is only inserted if it is configured for the bot.", "SlotTypes": "One or more slot types defined for the locale.", "VoiceSettings": "Defines settings for using an Amazon Polly voice to communicate with a user.\n\nValid values include:\n\n- `standard`\n- `neural`\n- `long-form`\n- `generative`" }, + "AWS::Lex::Bot BuildtimeSettings": { + "DescriptiveBotBuilderSpecification": "", + "SampleUtteranceGenerationSpecification": "" + }, "AWS::Lex::Bot Button": { "Text": "The text that appears on the button. Use this to tell the user what value is returned when they choose this button.", "Value": "The value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot." @@ -26804,6 +27254,10 @@ "NextStep": "The next step in the conversation.", "Response": "Specifies a list of message groups that Amazon Lex uses to respond the user input." }, + "AWS::Lex::Bot DescriptiveBotBuilderSpecification": { + "BedrockModelSpecification": "An object containing information about the Amazon Bedrock model used to interpret the prompt used in descriptive bot building.", + "Enabled": "Specifies whether the descriptive bot building feature is activated or not." + }, "AWS::Lex::Bot DialogAction": { "SlotToElicit": "If the dialog action is `ElicitSlot` , defines the slot to elicit from the user.", "SuppressNextMessage": "When true the next message for the intent is not used.", @@ -26856,6 +27310,10 @@ "TimeoutInSeconds": "The length of time that the fulfillment Lambda function should run before it times out.", "UpdateResponse": "Provides configuration information for messages sent periodically to the user while the fulfillment Lambda function is running." }, + "AWS::Lex::Bot GenerativeAISettings": { + "BuildtimeSettings": "", + "RuntimeSettings": "" + }, "AWS::Lex::Bot GrammarSlotTypeSetting": { "Source": "The source of the grammar used to create the slot type." }, @@ -26945,6 +27403,9 @@ "AWS::Lex::Bot MultipleValuesSetting": { "AllowMultipleValues": "Indicates whether a slot can return multiple values. When `true` , the slot may return more than one value in a response. When `false` , the slot returns only a single value.\n\nMulti-value slots are only available in the en-US locale. If you set this value to `true` in any other locale, Amazon Lex throws a `ValidationException` .\n\nIf the `allowMutlipleValues` is not set, the default value is `false` ." }, + "AWS::Lex::Bot NluImprovementSpecification": { + "Enabled": "Determines whether the Assisted NLU feature is enabled for the bot. When set to `true` , Amazon Lex uses advanced models to improve intent recognition and slot resolution, with the default being `false` ." + }, "AWS::Lex::Bot ObfuscationSetting": { "ObfuscationSettingType": "Value that determines whether Amazon Lex obscures slot values in conversation logs. The default is to obscure the values." }, @@ -27021,6 +27482,10 @@ "AllowInterrupt": "Indicates whether the user can interrupt a speech response from Amazon Lex.", "MessageGroupsList": "A collection of responses that Amazon Lex can send to the user. Amazon Lex chooses the actual response to send at runtime." }, + "AWS::Lex::Bot RuntimeSettings": { + "NluImprovementSpecification": "", + "SlotResolutionImprovementSpecification": "" + }, "AWS::Lex::Bot S3BucketLogDestination": { "KmsKeyArn": "The Amazon Resource Name (ARN) of an AWS Key Management Service (KMS) key for encrypting audio log files stored in an Amazon S3 bucket.", "LogPrefix": "The S3 prefix to assign to audio log files.", @@ -27037,6 +27502,10 @@ "AWS::Lex::Bot SampleUtterance": { "Utterance": "A sample utterance that invokes an intent or respond to a slot elicitation prompt." }, + "AWS::Lex::Bot SampleUtteranceGenerationSpecification": { + "BedrockModelSpecification": "", + "Enabled": "Specifies whether to enable sample utterance generation or not." + }, "AWS::Lex::Bot SampleValue": { "Value": "The value that can be used for a slot type." }, @@ -27076,6 +27545,10 @@ "Priority": "The priority that Amazon Lex should apply to the slot.", "SlotName": "The name of the slot." }, + "AWS::Lex::Bot SlotResolutionImprovementSpecification": { + "BedrockModelSpecification": "An object containing information about the Amazon Bedrock model used to assist slot resolution.", + "Enabled": "Specifies whether assisted slot resolution is turned on or off." + }, "AWS::Lex::Bot SlotType": { "CompositeSlotTypeSetting": "", "Description": "A description of the slot type. Use the description to help identify the slot type in lists.", @@ -27909,6 +28382,11 @@ "AWS::Logs::Transformer ParseRoute53": { "Source": "Omit this parameter and the whole log message will be processed by this processor. No other value than `@message` is allowed for `source` ." }, + "AWS::Logs::Transformer ParseToOCSF": { + "EventSource": "Specify the service or process that produces the log events that will be converted with this processor.", + "OcsfVersion": "Specify which version of the OCSF schema to use for the transformed log events.", + "Source": "The path to the field in the log event that you want to parse. If you omit this value, the whole log message is parsed." + }, "AWS::Logs::Transformer ParseVPC": { "Source": "Omit this parameter and the whole log message will be processed by this processor. No other value than `@message` is allowed for `source` ." }, @@ -27930,6 +28408,7 @@ "ParseKeyValue": "Use this parameter to include the [parseKeyValue](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-parseKeyValue) processor in your transformer.", "ParsePostgres": "Use this parameter to include the [parsePostGres](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-parsePostGres) processor in your transformer.\n\nIf you use this processor, it must be the first processor in your transformer.", "ParseRoute53": "Use this parameter to include the [parseRoute53](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-parseRoute53) processor in your transformer.\n\nIf you use this processor, it must be the first processor in your transformer.", + "ParseToOCSF": "Use this parameter to convert logs into Open Cybersecurity Schema (OCSF) format.", "ParseVPC": "Use this parameter to include the [parseVPC](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-parseVPC) processor in your transformer.\n\nIf you use this processor, it must be the first processor in your transformer.", "ParseWAF": "Use this parameter to include the [parseWAF](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-parseWAF) processor in your transformer.\n\nIf you use this processor, it must be the first processor in your transformer.", "RenameKeys": "Use this parameter to include the [renameKeys](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-renameKeys) processor in your transformer.", @@ -28172,6 +28651,50 @@ "Efs": "Defines the storage configuration for an Amazon EFS file system.", "Fsx": "Defines the storage configuration for an Amazon FSx file system." }, + "AWS::MPA::ApprovalTeam": { + "ApprovalStrategy": "Contains details for how an approval team grants approval.", + "Approvers": "Contains details for an approver.", + "Description": "Description for the team.", + "Name": "Name of the team.", + "Policies": "Contains details for a policy. Policies define what operations a team that define the permissions for team resources.", + "Tags": "Tags that you have added to the specified resource." + }, + "AWS::MPA::ApprovalTeam ApprovalStrategy": { + "MofN": "Minimum number of approvals (M) required for a total number of approvers (N)." + }, + "AWS::MPA::ApprovalTeam Approver": { + "ApproverId": "ID for the approver.", + "PrimaryIdentityId": "ID for the user.", + "PrimaryIdentitySourceArn": "Amazon Resource Name (ARN) for the identity source. The identity source manages the user authentication for approvers.", + "PrimaryIdentityStatus": "Status for the identity source. For example, if an approver has accepted a team invitation with a user authentication method managed by the identity source.", + "ResponseTime": "Timestamp when the approver responded to an approval team invitation." + }, + "AWS::MPA::ApprovalTeam MofNApprovalStrategy": { + "MinApprovalsRequired": "Minimum number of approvals (M) required for a total number of approvers (N)." + }, + "AWS::MPA::ApprovalTeam Policy": { + "PolicyArn": "" + }, + "AWS::MPA::ApprovalTeam Tag": { + "Key": "One part of a key-value pair that make up a tag. A key is a general label that acts like a category for more specific tag values.", + "Value": "One part of a key-value pair that make up a tag. A value acts as a descriptor within a tag category (key)." + }, + "AWS::MPA::IdentitySource": { + "IdentitySourceParameters": "A `IdentitySourceParameters` object. Contains details for the resource that provides identities to the identity source. For example, an IAM Identity Center instance.", + "Tags": "Tags that you have added to the specified resource." + }, + "AWS::MPA::IdentitySource IamIdentityCenter": { + "ApprovalPortalUrl": "", + "InstanceArn": "Amazon Resource Name (ARN) for the IAM Identity Center instance.", + "Region": "AWS Region where the IAM Identity Center instance is located." + }, + "AWS::MPA::IdentitySource IdentitySourceParameters": { + "IamIdentityCenter": "AWS IAM Identity Center credentials." + }, + "AWS::MPA::IdentitySource Tag": { + "Key": "One part of a key-value pair that make up a tag. A key is a general label that acts like a category for more specific tag values.", + "Value": "One part of a key-value pair that make up a tag. A value acts as a descriptor within a tag category (key)." + }, "AWS::MSK::BatchScramSecret": { "ClusterArn": "The Amazon Resource Name (ARN) that uniquely identifies the cluster.", "SecretArnList": "List of Amazon Resource Name (ARN)s of Secrets Manager secrets." @@ -28200,7 +28723,7 @@ "BrokerAZDistribution": "This parameter is currently not in use.", "ClientSubnets": "The list of subnets to connect to in the client virtual private cloud (VPC). Amazon creates elastic network interfaces (ENIs) inside these subnets. Client applications use ENIs to produce and consume data.\n\nIf you use the US West (N. California) Region, specify exactly two subnets. For other Regions where Amazon MSK is available, you can specify either two or three subnets. The subnets that you specify must be in distinct Availability Zones. When you create a cluster, Amazon MSK distributes the broker nodes evenly across the subnets that you specify.\n\nClient subnets can't occupy the Availability Zone with ID `use1-az3` .", "ConnectivityInfo": "Information about the cluster's connectivity setting.", - "InstanceType": "The type of Amazon EC2 instances to use for brokers. The following instance types are allowed: kafka.m5.large, kafka.m5.xlarge, kafka.m5.2xlarge, kafka.m5.4xlarge, kafka.m5.8xlarge, kafka.m5.12xlarge, kafka.m5.16xlarge, kafka.m5.24xlarge, and kafka.t3.small.", + "InstanceType": "The type of Amazon EC2 instances to use for brokers. Depending on the [broker type](https://docs.aws.amazon.com/msk/latest/developerguide/broker-instance-types.html) , Amazon MSK supports the following broker sizes:\n\n*Standard broker sizes*\n\n- kafka.t3.small\n\n> You can't select the kafka.t3.small instance type when the metadata mode is KRaft.\n- kafka.m5.large, kafka.m5.xlarge, kafka.m5.2xlarge, kafka.m5.4xlarge, kafka.m5.8xlarge, kafka.m5.12xlarge, kafka.m5.16xlarge, kafka.m5.24xlarge\n- kafka.m7g.large, kafka.m7g.xlarge, kafka.m7g.2xlarge, kafka.m7g.4xlarge, kafka.m7g.8xlarge, kafka.m7g.12xlarge, kafka.m7g.16xlarge\n\n*Express broker sizes*\n\n- express.m7g.large, express.m7g.xlarge, express.m7g.2xlarge, express.m7g.4xlarge, express.m7g.8xlarge, express.m7g.12xlarge, express.m7g.16xlarge\n\n> Some broker sizes might not be available in certian AWS Regions. See the updated [Pricing tools](https://docs.aws.amazon.com/msk/pricing/) section on the Amazon MSK pricing page for the latest list of available instances by Region.", "SecurityGroups": "The security groups to associate with the ENIs in order to specify who can connect to and communicate with the Amazon MSK cluster. If you don't specify a security group, Amazon MSK uses the default security group associated with the VPC. If you specify security groups that were shared with you, you must ensure that you have permissions to them. Specifically, you need the `ec2:DescribeSecurityGroups` permission.", "StorageInfo": "Contains information about storage volumes attached to Amazon MSK broker nodes." }, @@ -28427,7 +28950,8 @@ "StartupScriptS3Path": "The relative path to the startup shell script in your Amazon S3 bucket. For example, `s3://mwaa-environment/startup.sh` .\n\nAmazon MWAA runs the script as your environment starts, and before running the Apache Airflow process. You can use this script to install dependencies, modify Apache Airflow configuration options, and set environment variables. For more information, see [Using a startup script](https://docs.aws.amazon.com/mwaa/latest/userguide/using-startup-script.html) .", "Tags": "The key-value tag pairs associated to your environment. For example, `\"Environment\": \"Staging\"` . To learn more, see [Tagging](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .\n\nIf you specify new tags for an existing environment, the update requires service interruption before taking effect.", "WebserverAccessMode": "The Apache Airflow *Web server* access mode. To learn more, see [Apache Airflow access modes](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-networking.html) . Valid values: `PRIVATE_ONLY` or `PUBLIC_ONLY` .", - "WeeklyMaintenanceWindowStart": "The day and time of the week to start weekly maintenance updates of your environment in the following format: `DAY:HH:MM` . For example: `TUE:03:30` . You can specify a start time in 30 minute increments only. Supported input includes the following:\n\n- MON|TUE|WED|THU|FRI|SAT|SUN:([01]\\\\d|2[0-3]):(00|30)" + "WeeklyMaintenanceWindowStart": "The day and time of the week to start weekly maintenance updates of your environment in the following format: `DAY:HH:MM` . For example: `TUE:03:30` . You can specify a start time in 30 minute increments only. Supported input includes the following:\n\n- MON|TUE|WED|THU|FRI|SAT|SUN:([01]\\\\d|2[0-3]):(00|30)", + "WorkerReplacementStrategy": "" }, "AWS::MWAA::Environment LoggingConfiguration": { "DagProcessingLogs": "Defines the processing logs sent to CloudWatch Logs and the logging level to send.", @@ -30629,7 +31153,7 @@ "InputSwitchConfiguration": "The configuration for input switching based on the media quality confidence score (MQCS) as provided from AWS Elemental MediaLive.", "InputType": "The input type will be an immutable field which will be used to define whether the channel will allow CMAF ingest or HLS ingest. If unprovided, it will default to HLS to preserve current behavior.\n\nThe allowed values are:\n\n- `HLS` - The HLS streaming specification (which defines M3U8 manifests and TS segments).\n- `CMAF` - The DASH-IF CMAF Ingest specification (which defines CMAF segments with optional DASH manifests).", "OutputHeaderConfiguration": "The settings for what common media server data (CMSD) headers AWS Elemental MediaPackage includes in responses to the CDN.", - "Tags": "The tags associated with the channel." + "Tags": "" }, "AWS::MediaPackageV2::Channel IngestEndpoint": { "Id": "The identifier associated with the ingest endpoint of the channel.", @@ -30642,8 +31166,8 @@ "PublishMQCS": "When true, AWS Elemental MediaPackage includes the MQCS in responses to the CDN. This setting is valid only when `InputType` is `CMAF` ." }, "AWS::MediaPackageV2::Channel Tag": { - "Key": "", - "Value": "" + "Key": "The key in the key:value pair for the tag.", + "Value": "The value in the key:value pair for the tag." }, "AWS::MediaPackageV2::ChannelGroup": { "ChannelGroupName": "The name of the channel group.", @@ -30651,8 +31175,8 @@ "Tags": "The tags associated with the channel group." }, "AWS::MediaPackageV2::ChannelGroup Tag": { - "Key": "", - "Value": "" + "Key": "The key in the key:value pair for the tag.", + "Value": "The value in the key:value pair for the tag." }, "AWS::MediaPackageV2::ChannelPolicy": { "ChannelGroupName": "The name of the channel group associated with the channel policy.", @@ -30673,18 +31197,56 @@ "StartoverWindowSeconds": "The size of the window (in seconds) to specify a window of the live stream that's available for on-demand viewing. Viewers can start-over or catch-up on content that falls within the window.", "Tags": "The tags associated with the origin endpoint." }, + "AWS::MediaPackageV2::OriginEndpoint DashBaseUrl": { + "DvbPriority": "For use with DVB-DASH profiles only. The priority of this location for servings segments. The lower the number, the higher the priority.", + "DvbWeight": "For use with DVB-DASH profiles only. The weighting for source locations that have the same priority.", + "ServiceLocation": "The name of the source location.", + "Url": "A source location for segments." + }, + "AWS::MediaPackageV2::OriginEndpoint DashDvbFontDownload": { + "FontFamily": "The `fontFamily` name for subtitles, as described in [EBU-TT-D Subtitling Distribution Format](https://docs.aws.amazon.com/https://tech.ebu.ch/publications/tech3380) .", + "MimeType": "The `mimeType` of the resource that's at the font download URL.\n\nFor information about font MIME types, see the [MPEG-DASH Profile for Transport of ISO BMFF Based DVB Services over IP Based Networks](https://docs.aws.amazon.com/https://dvb.org/wp-content/uploads/2021/06/A168r4_MPEG-DASH-Profile-for-Transport-of-ISO-BMFF-Based-DVB-Services_Draft-ts_103-285-v140_November_2021.pdf) document.", + "Url": "The URL for downloading fonts for subtitles." + }, + "AWS::MediaPackageV2::OriginEndpoint DashDvbMetricsReporting": { + "Probability": "The number of playback devices per 1000 that will send error reports to the reporting URL. This represents the probability that a playback device will be a reporting player for this session.", + "ReportingUrl": "The URL where playback devices send error reports." + }, + "AWS::MediaPackageV2::OriginEndpoint DashDvbSettings": { + "ErrorMetrics": "Playback device error reporting settings.", + "FontDownload": "Subtitle font settings." + }, "AWS::MediaPackageV2::OriginEndpoint DashManifestConfiguration": { - "DrmSignaling": "", - "FilterConfiguration": "", - "ManifestName": "", - "ManifestWindowSeconds": "", - "MinBufferTimeSeconds": "", - "MinUpdatePeriodSeconds": "", - "PeriodTriggers": "", - "ScteDash": "", - "SegmentTemplateFormat": "", - "SuggestedPresentationDelaySeconds": "", - "UtcTiming": "" + "BaseUrls": "The base URLs to use for retrieving segments.", + "Compactness": "The layout of the DASH manifest that MediaPackage produces. `STANDARD` indicates a default manifest, which is compacted. `NONE` indicates a full manifest.\n\nFor information about compactness, see [DASH manifest compactness](https://docs.aws.amazon.com/mediapackage/latest/userguide/compacted.html) in the *AWS Elemental MediaPackage v2 User Guide* .", + "DrmSignaling": "Determines how the DASH manifest signals the DRM content.", + "DvbSettings": "For endpoints that use the DVB-DASH profile only. The font download and error reporting information that you want MediaPackage to pass through to the manifest.", + "FilterConfiguration": "Filter configuration includes settings for manifest filtering, start and end times, and time delay that apply to all of your egress requests for this manifest.", + "ManifestName": "A short string that's appended to the endpoint URL. The child manifest name creates a unique path to this endpoint.", + "ManifestWindowSeconds": "The total duration (in seconds) of the manifest's content.", + "MinBufferTimeSeconds": "Minimum amount of content (in seconds) that a player must keep available in the buffer.", + "MinUpdatePeriodSeconds": "Minimum amount of time (in seconds) that the player should wait before requesting updates to the manifest.", + "PeriodTriggers": "A list of triggers that controls when AWS Elemental MediaPackage separates the MPEG-DASH manifest into multiple periods. Type `ADS` to indicate that AWS Elemental MediaPackage must create periods in the output manifest that correspond to SCTE-35 ad markers in the input source. Leave this value empty to indicate that the manifest is contained all in one period. For more information about periods in the DASH manifest, see [Multi-period DASH in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/userguide/multi-period.html) .", + "Profiles": "The profile that the output is compliant with.", + "ProgramInformation": "Details about the content that you want MediaPackage to pass through in the manifest to the playback device.", + "ScteDash": "The SCTE configuration.", + "SegmentTemplateFormat": "Determines the type of variable used in the `media` URL of the `SegmentTemplate` tag in the manifest. Also specifies if segment timeline information is included in `SegmentTimeline` or `SegmentTemplate` .\n\nValue description:\n\n- `NUMBER_WITH_TIMELINE` - The `$Number$` variable is used in the `media` URL. The value of this variable is the sequential number of the segment. A full `SegmentTimeline` object is presented in each `SegmentTemplate` .", + "SubtitleConfiguration": "The configuration for DASH subtitles.", + "SuggestedPresentationDelaySeconds": "The amount of time (in seconds) that the player should be from the end of the manifest.", + "UtcTiming": "Determines the type of UTC timing included in the DASH Media Presentation Description (MPD)." + }, + "AWS::MediaPackageV2::OriginEndpoint DashProgramInformation": { + "Copyright": "A copyright statement about the content.", + "LanguageCode": "The language code for this manifest.", + "MoreInformationUrl": "An absolute URL that contains more information about this content.", + "Source": "Information about the content provider.", + "Title": "The title for the manifest." + }, + "AWS::MediaPackageV2::OriginEndpoint DashSubtitleConfiguration": { + "TtmlConfiguration": "Settings for TTML subtitles." + }, + "AWS::MediaPackageV2::OriginEndpoint DashTtmlConfiguration": { + "TtmlProfile": "The profile that MediaPackage uses when signaling subtitles in the manifest. `IMSC` is the default profile. `EBU-TT-D` produces subtitles that are compliant with the EBU-TT-D TTML profile. MediaPackage passes through subtitle styles to the manifest. For more information about EBU-TT-D subtitles, see [EBU-TT-D Subtitling Distribution Format](https://docs.aws.amazon.com/https://tech.ebu.ch/publications/tech3380) ." }, "AWS::MediaPackageV2::OriginEndpoint DashUtcTiming": { "TimingMode": "The UTC timing mode.", @@ -30716,25 +31278,25 @@ }, "AWS::MediaPackageV2::OriginEndpoint HlsManifestConfiguration": { "ChildManifestName": "The name of the child manifest associated with the HLS manifest configuration.", - "FilterConfiguration": "", + "FilterConfiguration": "Filter configuration includes settings for manifest filtering, start and end times, and time delay that apply to all of your egress requests for this manifest.", "ManifestName": "The name of the manifest associated with the HLS manifest configuration.", "ManifestWindowSeconds": "The duration of the manifest window, in seconds, for the HLS manifest configuration.", "ProgramDateTimeIntervalSeconds": "The `EXT-X-PROGRAM-DATE-TIME` interval, in seconds, associated with the HLS manifest configuration.", "ScteHls": "THE SCTE-35 HLS configuration associated with the HLS manifest configuration.", - "StartTag": "", + "StartTag": "To insert an EXT-X-START tag in your HLS playlist, specify a StartTag configuration object with a valid TimeOffset. When you do, you can also optionally specify whether to include a PRECISE value in the EXT-X-START tag.", "Url": "The URL of the HLS manifest configuration.", - "UrlEncodeChildManifest": "" + "UrlEncodeChildManifest": "When enabled, MediaPackage URL-encodes the query string for API requests for HLS child manifests to comply with AWS Signature Version 4 (SigV4) signature signing protocol. For more information, see [AWS Signature Version 4 for API requests](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_sigv.html) in *AWS Identity and Access Management User Guide* ." }, "AWS::MediaPackageV2::OriginEndpoint LowLatencyHlsManifestConfiguration": { "ChildManifestName": "The name of the child manifest associated with the low-latency HLS (LL-HLS) manifest configuration of the origin endpoint.", - "FilterConfiguration": "", + "FilterConfiguration": "Filter configuration includes settings for manifest filtering, start and end times, and time delay that apply to all of your egress requests for this manifest.", "ManifestName": "A short string that's appended to the endpoint URL. The manifest name creates a unique path to this endpoint. If you don't enter a value, MediaPackage uses the default manifest name, `index` . MediaPackage automatically inserts the format extension, such as `.m3u8` . You can't use the same manifest name if you use HLS manifest and low-latency HLS manifest. The `manifestName` on the `HLSManifest` object overrides the `manifestName` you provided on the `originEndpoint` object.", "ManifestWindowSeconds": "The total duration (in seconds) of the manifest's content.", "ProgramDateTimeIntervalSeconds": "Inserts `EXT-X-PROGRAM-DATE-TIME` tags in the output manifest at the interval that you specify. If you don't enter an interval, `EXT-X-PROGRAM-DATE-TIME` tags aren't included in the manifest. The tags sync the stream to the wall clock so that viewers can seek to a specific time in the playback timeline on the player.\n\nIrrespective of this parameter, if any `ID3Timed` metadata is in the HLS input, MediaPackage passes through that metadata to the HLS output.", "ScteHls": "The SCTE-35 HLS configuration associated with the low-latency HLS (LL-HLS) manifest configuration of the origin endpoint.", - "StartTag": "", + "StartTag": "To insert an EXT-X-START tag in your HLS playlist, specify a StartTag configuration object with a valid TimeOffset. When you do, you can also optionally specify whether to include a PRECISE value in the EXT-X-START tag.", "Url": "The URL of the low-latency HLS (LL-HLS) manifest configuration of the origin endpoint.", - "UrlEncodeChildManifest": "" + "UrlEncodeChildManifest": "When enabled, MediaPackage URL-encodes the query string for API requests for LL-HLS child manifests to comply with AWS Signature Version 4 (SigV4) signature signing protocol. For more information, see [AWS Signature Version 4 for API requests](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_sigv.html) in *AWS Identity and Access Management User Guide* ." }, "AWS::MediaPackageV2::OriginEndpoint Scte": { "ScteFilter": "The filter associated with the SCTE-35 configuration." @@ -30766,8 +31328,8 @@ "TimeOffset": "Specify the value for TIME-OFFSET within your EXT-X-START tag. Enter a signed floating point value which, if positive, must be less than the configured manifest duration minus three times the configured segment target duration. If negative, the absolute value must be larger than three times the configured segment target duration, and the absolute value must be smaller than the configured manifest duration." }, "AWS::MediaPackageV2::OriginEndpoint Tag": { - "Key": "", - "Value": "" + "Key": "The key in the key:value pair for the tag.", + "Value": "The value in the key:value pair for the tag." }, "AWS::MediaPackageV2::OriginEndpointPolicy": { "ChannelGroupName": "The name of the channel group associated with the origin endpoint policy.", @@ -30872,7 +31434,9 @@ "ConfigurationAliases": "The player parameters and aliases used as dynamic variables during session initialization. For more information, see [Domain Variables](https://docs.aws.amazon.com/mediatailor/latest/ug/variables-domain.html) .", "DashConfiguration": "The configuration for a DASH source.", "HlsConfiguration": "The configuration for HLS content.", + "InsertionMode": "The setting that controls whether players can use stitched or guided ad insertion. The default, `STITCHED_ONLY` , forces all player sessions to use stitched (server-side) ad insertion. Choosing `PLAYER_SELECT` allows players to select either stitched or guided ad insertion at session-initialization time. The default for players that do not specify an insertion mode is stitched.", "LivePreRollConfiguration": "The configuration for pre-roll ad insertion.", + "LogConfiguration": "Defines where AWS Elemental MediaTailor sends logs for the playback configuration.", "ManifestProcessingRules": "The configuration for manifest processing rules. Manifest processing rules enable customization of the personalized manifests created by MediaTailor.", "Name": "The identifier for the playback configuration.", "PersonalizationThresholdSeconds": "Defines the maximum duration of underfilled ad time (in seconds) allowed in an ad break. If the duration of underfilled ad time exceeds the personalization threshold, then the personalization of the ad break is abandoned and the underlying content is shown. This feature applies to *ad replacement* in live and VOD streams, rather than ad insertion, because it relies on an underlying content stream. For more information about ad break behavior, including ad replacement and insertion, see [Ad Behavior in AWS Elemental MediaTailor](https://docs.aws.amazon.com/mediatailor/latest/ug/ad-behavior.html) .", @@ -30887,6 +31451,10 @@ "AWS::MediaTailor::PlaybackConfiguration AdMarkerPassthrough": { "Enabled": "Enables ad marker passthrough for your configuration." }, + "AWS::MediaTailor::PlaybackConfiguration AdsInteractionLog": { + "ExcludeEventTypes": "Indicates that MediaTailor won't emit the selected events in the logs for playback sessions that are initialized with this configuration.", + "PublishOptInEventTypes": "Indicates that MediaTailor emits `RAW_ADS_RESPONSE` logs for playback sessions that are initialized with this configuration." + }, "AWS::MediaTailor::PlaybackConfiguration AvailSuppression": { "FillPolicy": "Defines the policy to apply to the avail suppression mode. `BEHIND_LIVE_EDGE` will always use the full avail suppression policy. `AFTER_LIVE_EDGE` mode can be used to invoke partial ad break fills when a session starts mid-break.", "Mode": "Sets the ad suppression mode. By default, ad suppression is off and all ad breaks are filled with ads or slate. When Mode is set to `BEHIND_LIVE_EDGE` , ad suppression is active and MediaTailor won't fill ad breaks on or behind the ad suppression Value time in the manifest lookback window. When Mode is set to `AFTER_LIVE_EDGE` , ad suppression is active and MediaTailor won't fill ad breaks that are within the live edge plus the avail suppression value.", @@ -30912,9 +31480,18 @@ "AdDecisionServerUrl": "The URL for the ad decision server (ADS) for pre-roll ads. This includes the specification of static parameters and placeholders for dynamic parameters. AWS Elemental MediaTailor substitutes player-specific and session-specific parameters as needed when calling the ADS. Alternately, for testing, you can provide a static VAST URL. The maximum length is 25,000 characters.", "MaxDurationSeconds": "The maximum allowed duration for the pre-roll ad avail. AWS Elemental MediaTailor won't play pre-roll ads to exceed this duration, regardless of the total duration of ads that the ADS returns." }, + "AWS::MediaTailor::PlaybackConfiguration LogConfiguration": { + "AdsInteractionLog": "Settings for customizing what events are included in logs for interactions with the ad decision server (ADS).", + "EnabledLoggingStrategies": "The method used for collecting logs from AWS Elemental MediaTailor. `LEGACY_CLOUDWATCH` indicates that MediaTailor is sending logs directly to Amazon CloudWatch Logs. `VENDED_LOGS` indicates that MediaTailor is sending logs to CloudWatch, which then vends the logs to your destination of choice. Supported destinations are CloudWatch Logs log group, Amazon S3 bucket, and Amazon Data Firehose stream.", + "ManifestServiceInteractionLog": "Settings for customizing what events are included in logs for interactions with the origin server.", + "PercentEnabled": "The percentage of session logs that MediaTailor sends to your configured log destination. For example, if your playback configuration has 1000 sessions and `percentEnabled` is set to `60` , MediaTailor sends logs for 600 of the sessions to CloudWatch Logs. MediaTailor decides at random which of the playback configuration sessions to send logs for. If you want to view logs for a specific session, you can use the [debug log mode](https://docs.aws.amazon.com/mediatailor/latest/ug/debug-log-mode.html) .\n\nValid values: `0` - `100`" + }, "AWS::MediaTailor::PlaybackConfiguration ManifestProcessingRules": { "AdMarkerPassthrough": "For HLS, when set to `true` , MediaTailor passes through `EXT-X-CUE-IN` , `EXT-X-CUE-OUT` , and `EXT-X-SPLICEPOINT-SCTE35` ad markers from the origin manifest to the MediaTailor personalized manifest.\n\nNo logic is applied to these ad markers. For example, if `EXT-X-CUE-OUT` has a value of `60` , but no ads are filled for that ad break, MediaTailor will not set the value to `0` ." }, + "AWS::MediaTailor::PlaybackConfiguration ManifestServiceInteractionLog": { + "ExcludeEventTypes": "Indicates that MediaTailor won't emit the selected events in the logs for playback sessions that are initialized with this configuration." + }, "AWS::MediaTailor::PlaybackConfiguration Tag": { "Key": "", "Value": "" @@ -31123,7 +31700,6 @@ "DBInstanceClass": "Contains the name of the compute and memory capacity class of the DB instance.\n\nIf you update this property, some interruptions may occur.", "DBInstanceIdentifier": "Contains a user-supplied database identifier. This identifier is the unique key that identifies a DB instance.", "DBParameterGroupName": "The name of an existing DB parameter group or a reference to an AWS::Neptune::DBParameterGroup resource created in the template. If any of the data members of the referenced parameter group are changed during an update, the DB instance might need to be restarted, which causes some interruption. If the parameter group contains static parameters, whether they were changed or not, an update triggers a reboot.", - "DBSnapshotIdentifier": "This parameter is not supported.\n\n`AWS::Neptune::DBInstance` does not support restoring from snapshots.\n\n`AWS::Neptune::DBCluster` does support restoring from snapshots.", "DBSubnetGroupName": "A DB subnet group to associate with the DB instance. If you update this value, the new subnet group must be a subnet group in a new virtual private cloud (VPC).", "PreferredMaintenanceWindow": "Specifies the weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).", "Tags": "An arbitrary set of tags (key-value pairs) for this DB instance." @@ -31263,6 +31839,7 @@ "Value": "The part of the key:value pair that defines a tag. You can use a tag value to describe a specific value within a category, such as \"companyA\" or \"companyB.\" Tag values are case-sensitive." }, "AWS::NetworkFirewall::LoggingConfiguration": { + "EnableMonitoringDashboard": "", "FirewallArn": "The Amazon Resource Name (ARN) of the `Firewall` that the logging configuration is associated with. You can't change the firewall specification after you create the logging configuration.", "FirewallName": "The name of the firewall that the logging configuration is associated with. You can't change the firewall specification after you create the logging configuration.", "LoggingConfiguration": "Defines how AWS Network Firewall performs logging for a `Firewall` ." @@ -31405,7 +31982,7 @@ "ResourceArn": "The Amazon Resource Name (ARN) of the AWS Certificate Manager SSL/TLS server certificate that's used for inbound SSL/TLS inspection." }, "AWS::NetworkFirewall::TLSInspectionConfiguration ServerCertificateConfiguration": { - "CertificateAuthorityArn": "The Amazon Resource Name (ARN) of the imported certificate authority (CA) certificate within AWS Certificate Manager (ACM) to use for outbound SSL/TLS inspection.\n\nThe following limitations apply:\n\n- You can use CA certificates that you imported into ACM, but you can't generate CA certificates with ACM.\n- You can't use certificates issued by AWS Private Certificate Authority .\n\nFor more information about configuring certificates for outbound inspection, see [Using SSL/TLS certificates with certificates with TLS inspection configurations](https://docs.aws.amazon.com/network-firewall/latest/developerguide/tls-inspection-certificate-requirements.html) in the *AWS Network Firewall Developer Guide* .\n\nFor information about working with certificates in ACM, see [Importing certificates](https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html) in the *AWS Certificate Manager User Guide* .", + "CertificateAuthorityArn": "The Amazon Resource Name (ARN) of the imported certificate authority (CA) certificate within AWS Certificate Manager (ACM) to use for outbound SSL/TLS inspection.\n\nThe following limitations apply:\n\n- You can use CA certificates that you imported into ACM, but you can't generate CA certificates with ACM.\n- You can't use certificates issued by AWS Private Certificate Authority .\n\nFor more information about configuring certificates for outbound inspection, see [Using SSL/TLS certificates with TLS inspection configurations](https://docs.aws.amazon.com/network-firewall/latest/developerguide/tls-inspection-certificate-requirements.html) in the *AWS Network Firewall Developer Guide* .\n\nFor information about working with certificates in ACM, see [Importing certificates](https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html) in the *AWS Certificate Manager User Guide* .", "CheckCertificateRevocationStatus": "When enabled, Network Firewall checks if the server certificate presented by the server in the SSL/TLS connection has a revoked or unkown status. If the certificate has an unknown or revoked status, you must specify the actions that Network Firewall takes on outbound traffic. To check the certificate revocation status, you must also specify a `CertificateAuthorityArn` in [ServerCertificateConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-servercertificateconfiguration.html) .", "Scopes": "A list of scopes.", "ServerCertificates": "The list of server certificates to use for inbound SSL/TLS inspection." @@ -31706,7 +32283,9 @@ }, "AWS::NetworkManager::VpcAttachment VpcOptions": { "ApplianceModeSupport": "Indicates whether appliance mode is supported. If enabled, traffic flow between a source and destination use the same Availability Zone for the VPC attachment for the lifetime of that flow. The default value is `false` .", - "Ipv6Support": "Indicates whether IPv6 is supported." + "DnsSupport": "Indicates whether DNS is supported.", + "Ipv6Support": "Indicates whether IPv6 is supported.", + "SecurityGroupReferencingSupport": "Indicates whether security group referencing is enabled for this VPC attachment. The default is `true` . However, at the core network policy-level the default is set to `false` ." }, "AWS::Notifications::ChannelAssociation": { "Arn": "The Amazon Resource Name (ARN) of the `Channel` .", @@ -31765,6 +32344,100 @@ "Key": "A string used to identify this tag. You can specify a maximum of 128 characters for a tag key. Tags owned by AWS have the reserved prefix: `aws:` .", "Value": "A string containing the value for this tag. You can specify a maximum of 256 characters for a tag value." }, + "AWS::ODB::CloudAutonomousVmCluster": { + "AutonomousDataStorageSizeInTBs": "The data storage size allocated for Autonomous Databases in the Autonomous VM cluster, in TB.\n\nRequired when creating an Autonomous VM cluster.", + "CloudExadataInfrastructureId": "The unique identifier of the Cloud Exadata Infrastructure containing this Autonomous VM cluster.\n\nRequired when creating an Autonomous VM cluster.", + "CpuCoreCountPerNode": "The number of CPU cores enabled per node in the Autonomous VM cluster.\n\nRequired when creating an Autonomous VM cluster.", + "DbServers": "The list of database servers associated with the Autonomous VM cluster.", + "Description": "The user-provided description of the Autonomous VM cluster.", + "DisplayName": "The display name of the Autonomous VM cluster.\n\nRequired when creating an Autonomous VM cluster.", + "IsMtlsEnabledVmCluster": "Specifies whether mutual TLS (mTLS) authentication is enabled for the Autonomous VM cluster.", + "LicenseModel": "The Oracle license model that applies to the Autonomous VM cluster. Valid values are `LICENSE_INCLUDED` or `BRING_YOUR_OWN_LICENSE` .", + "MaintenanceWindow": "The scheduling details for the maintenance window. Patching and system updates take place during the maintenance window.", + "MemoryPerOracleComputeUnitInGBs": "The amount of memory allocated per Oracle Compute Unit, in GB.\n\nRequired when creating an Autonomous VM cluster.", + "OdbNetworkId": "The unique identifier of the ODB network associated with this Autonomous VM cluster.\n\nRequired when creating an Autonomous VM cluster.", + "ScanListenerPortNonTls": "The SCAN listener port for non-TLS (TCP) protocol. The default is 1521.", + "ScanListenerPortTls": "The SCAN listener port for TLS (TCP) protocol. The default is 2484.", + "Tags": "Tags to assign to the Autonomous Vm Cluster.", + "TimeZone": "The time zone of the Autonomous VM cluster.", + "TotalContainerDatabases": "The total number of Autonomous Container Databases that can be created with the allocated local storage.\n\nRequired when creating an Autonomous VM cluster." + }, + "AWS::ODB::CloudAutonomousVmCluster MaintenanceWindow": { + "DaysOfWeek": "The days of the week when maintenance can be performed.", + "HoursOfDay": "The hours of the day when maintenance can be performed.", + "LeadTimeInWeeks": "The lead time in weeks before the maintenance window.", + "Months": "The months when maintenance can be performed.", + "Preference": "The preference for the maintenance window scheduling.", + "WeeksOfMonth": "The weeks of the month when maintenance can be performed." + }, + "AWS::ODB::CloudAutonomousVmCluster Tag": { + "Key": "The key name of the tag. You can specify a value that's 1 to 128 Unicode characters in length and can't be prefixed with `aws:` . You can use any of the following characters: the set of Unicode letters, digits, whitespace, `_` , `.` , `:` , `/` , `=` , `+` , `@` , `-` , and `\"` .", + "Value": "The value for the tag. You can specify a value that's 1 to 256 characters in length. You can use any of the following characters: the set of Unicode letters, digits, whitespace, `_` , `.` , `/` , `=` , `+` , and `-` ." + }, + "AWS::ODB::CloudExadataInfrastructure": { + "AvailabilityZone": "The name of the Availability Zone (AZ) where the Exadata infrastructure is located.\n\nRequired when creating an Exadata infrastructure. Specify either AvailabilityZone or AvailabilityZoneId to define the location of the infrastructure.", + "AvailabilityZoneId": "The AZ ID of the AZ where the Exadata infrastructure is located.\n\nRequired when creating an Exadata infrastructure. Specify either AvailabilityZone or AvailabilityZoneId to define the location of the infrastructure.", + "ComputeCount": "The number of database servers for the Exadata infrastructure.\n\nRequired when creating an Exadata infrastructure.", + "CustomerContactsToSendToOCI": "The email addresses of contacts to receive notification from Oracle about maintenance updates for the Exadata infrastructure.", + "DatabaseServerType": "The database server model type of the Exadata infrastructure. For the list of valid model names, use the `ListDbSystemShapes` operation.", + "DisplayName": "The user-friendly name for the Exadata infrastructure.\n\nRequired when creating an Exadata infrastructure.", + "Shape": "The model name of the Exadata infrastructure.\n\nRequired when creating an Exadata infrastructure.", + "StorageCount": "The number of storage servers that are activated for the Exadata infrastructure.\n\nRequired when creating an Exadata infrastructure.", + "StorageServerType": "The storage server model type of the Exadata infrastructure. For the list of valid model names, use the `ListDbSystemShapes` operation.", + "Tags": "Tags to assign to the Exadata Infrastructure." + }, + "AWS::ODB::CloudExadataInfrastructure CustomerContact": { + "Email": "The email address of the contact." + }, + "AWS::ODB::CloudExadataInfrastructure Tag": { + "Key": "The key name of the tag. You can specify a value that's 1 to 128 Unicode characters in length and can't be prefixed with `aws:` . You can use any of the following characters: the set of Unicode letters, digits, whitespace, `_` , `.` , `:` , `/` , `=` , `+` , `@` , `-` , and `\"` .", + "Value": "The value for the tag. You can specify a value that's 1 to 256 characters in length. You can use any of the following characters: the set of Unicode letters, digits, whitespace, `_` , `.` , `/` , `=` , `+` , and `-` ." + }, + "AWS::ODB::CloudVmCluster": { + "CloudExadataInfrastructureId": "The unique identifier of the Exadata infrastructure that this VM cluster belongs to.\n\nRequired when creating a VM cluster.", + "ClusterName": "The name of the Grid Infrastructure (GI) cluster.", + "CpuCoreCount": "The number of CPU cores enabled on the VM cluster.\n\nRequired when creating a VM cluster.", + "DataCollectionOptions": "The set of diagnostic collection options enabled for the VM cluster.", + "DataStorageSizeInTBs": "The size of the data disk group, in terabytes (TB), that's allocated for the VM cluster.", + "DbNodeStorageSizeInGBs": "The amount of local node storage, in gigabytes (GB), that's allocated for the VM cluster.", + "DbServers": "The list of database servers for the VM cluster.", + "DisplayName": "The user-friendly name for the VM cluster.\n\nRequired when creating a VM cluster.", + "GiVersion": "The software version of the Oracle Grid Infrastructure (GI) for the VM cluster.\n\nRequired when creating a VM cluster.", + "Hostname": "The host name for the VM cluster.\n\nRequired when creating a VM cluster.", + "IsLocalBackupEnabled": "Specifies whether database backups to local Exadata storage are enabled for the VM cluster.", + "IsSparseDiskgroupEnabled": "Specifies whether the VM cluster is configured with a sparse disk group.", + "LicenseModel": "The Oracle license model applied to the VM cluster.", + "MemorySizeInGBs": "The amount of memory, in gigabytes (GB), that's allocated for the VM cluster.", + "OdbNetworkId": "The unique identifier of the ODB network for the VM cluster.\n\nRequired when creating a VM cluster.", + "ScanListenerPortTcp": "The port number for TCP connections to the single client access name (SCAN) listener.\n\nValid values: `1024\u20138999` with the following exceptions: `2484` , `6100` , `6200` , `7060` , `7070` , `7085` , and `7879`\n\nDefault: `1521`", + "SshPublicKeys": "The public key portion of one or more key pairs used for SSH access to the VM cluster.\n\nRequired when creating a VM cluster.", + "SystemVersion": "The operating system version of the image chosen for the VM cluster.", + "Tags": "Tags to assign to the Vm Cluster.", + "TimeZone": "The time zone of the VM cluster." + }, + "AWS::ODB::CloudVmCluster DataCollectionOptions": { + "IsDiagnosticsEventsEnabled": "Specifies whether diagnostic collection is enabled for the VM cluster.", + "IsHealthMonitoringEnabled": "Specifies whether health monitoring is enabled for the VM cluster.", + "IsIncidentLogsEnabled": "Specifies whether incident logs are enabled for the VM cluster." + }, + "AWS::ODB::CloudVmCluster Tag": { + "Key": "The key name of the tag. You can specify a value that's 1 to 128 Unicode characters in length and can't be prefixed with `aws:` . You can use any of the following characters: the set of Unicode letters, digits, whitespace, `_` , `.` , `:` , `/` , `=` , `+` , `@` , `-` , and `\"` .", + "Value": "The value for the tag. You can specify a value that's 1 to 256 characters in length. You can use any of the following characters: the set of Unicode letters, digits, whitespace, `_` , `.` , `/` , `=` , `+` , and `-` ." + }, + "AWS::ODB::OdbNetwork": { + "AvailabilityZone": "The Availability Zone (AZ) where the ODB network is located.\n\nRequired when creating an ODB network. Specify either AvailabilityZone or AvailabilityZoneId to define the location of the network.", + "AvailabilityZoneId": "The AZ ID of the AZ where the ODB network is located.\n\nRequired when creating an ODB network. Specify either AvailabilityZone or AvailabilityZoneId to define the location of the network.", + "BackupSubnetCidr": "The CIDR range of the backup subnet in the ODB network.", + "ClientSubnetCidr": "The CIDR range of the client subnet in the ODB network.\n\nRequired when creating an ODB network.", + "DefaultDnsPrefix": "The DNS prefix to the default DNS domain name. The default DNS domain name is oraclevcn.com.", + "DeleteAssociatedResources": "Specifies whether to delete associated OCI networking resources along with the ODB network.\n\nRequired when creating an ODB network.", + "DisplayName": "The user-friendly name of the ODB network.\n\nRequired when creating an ODB network.", + "Tags": "Tags to assign to the Odb Network." + }, + "AWS::ODB::OdbNetwork Tag": { + "Key": "The key name of the tag. You can specify a value that's 1 to 128 Unicode characters in length and can't be prefixed with `aws:` . You can use any of the following characters: the set of Unicode letters, digits, whitespace, `_` , `.` , `:` , `/` , `=` , `+` , `@` , `-` , and `\"` .", + "Value": "The value for the tag. You can specify a value that's 1 to 256 characters in length. You can use any of the following characters: the set of Unicode letters, digits, whitespace, `_` , `.` , `/` , `=` , `+` , and `-` ." + }, "AWS::OSIS::Pipeline": { "BufferOptions": "Options that specify the configuration of a persistent buffer. To configure how OpenSearch Ingestion encrypts this data, set the `EncryptionAtRestOptions` . For more information, see [Persistent buffering](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/osis-features-overview.html#persistent-buffering) .", "EncryptionAtRestOptions": "Options to control how OpenSearch encrypts buffer data.", @@ -31906,7 +32579,7 @@ "Main": "The path of the main definition file for the workflow.", "Name": "The workflow's name.", "ParameterTemplate": "The workflow's parameter template.", - "StorageCapacity": "The default static storage capacity (in gibibytes) for runs that use this workflow or workflow version.", + "StorageCapacity": "The default static storage capacity (in gibibytes) for runs that use this workflow or workflow version. The `storageCapacity` can be overwritten at run time. The storage capacity is not required for runs with a `DYNAMIC` storage type.", "StorageType": "", "Tags": "Tags for the workflow." }, @@ -32442,7 +33115,7 @@ "PreferredMaintenanceWindow": "The start time for a one-hour period each week during which AWS OpsWorks CM performs maintenance on the instance. Valid values must be specified in the following format: `DDD:HH:MM` . `MM` must be specified as `00` . The specified time is in coordinated universal time (UTC). The default value is a random one-hour period on Tuesday, Wednesday, or Friday. See `TimeWindowDefinition` for more information.\n\n*Example:* `Mon:08:00` , which represents a start time of every Monday at 08:00 UTC. (8:00 a.m.)", "SecurityGroupIds": "A list of security group IDs to attach to the Amazon EC2 instance. If you add this parameter, the specified security groups must be within the VPC that is specified by `SubnetIds` .\n\nIf you do not specify this parameter, AWS OpsWorks CM creates one new security group that uses TCP ports 22 and 443, open to 0.0.0.0/0 (everyone).", "ServerName": "The name of the server. The server name must be unique within your AWS account, within each region. Server names must start with a letter; then letters, numbers, or hyphens (-) are allowed, up to a maximum of 40 characters.", - "ServiceRoleArn": "The service role that the AWS OpsWorks CM service backend uses to work with your account. Although the AWS OpsWorks management console typically creates the service role for you, if you are using the AWS CLI or API commands, run the service-role-creation.yaml AWS CloudFormation template, located at https://s3.amazonaws.com/opsworks-cm-us-east-1-prod-default-assets/misc/opsworks-cm-roles.yaml. This template creates a CloudFormation stack that includes the service role and instance profile that you need.", + "ServiceRoleArn": "The service role that the AWS OpsWorks CM service backend uses to work with your account.", "SubnetIds": "The IDs of subnets in which to launch the server EC2 instance.\n\nAmazon EC2-Classic customers: This field is required. All servers must run within a VPC. The VPC must have \"Auto Assign Public IP\" enabled.\n\nEC2-VPC customers: This field is optional. If you do not specify subnet IDs, your EC2 instances are created in a default subnet that is selected by Amazon EC2. If you specify subnet IDs, the VPC must have \"Auto Assign Public IP\" enabled.\n\nFor more information about supported Amazon EC2 platforms, see [Supported Platforms](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-supported-platforms.html) .", "Tags": "A map that contains tag keys and tag values to attach to an AWS OpsWorks for Chef Automate or OpsWorks for Puppet Enterprise server.\n\n- The key cannot be empty.\n- The key can be a maximum of 127 characters, and can contain only Unicode letters, numbers, or separators, or the following special characters: `+ - = . _ : / @`\n- The value can be a maximum 255 characters, and contain only Unicode letters, numbers, or separators, or the following special characters: `+ - = . _ : / @`\n- Leading and trailing spaces are trimmed from both the key and value.\n- A maximum of 50 user-applied tags is allowed for any AWS OpsWorks CM server." }, @@ -33926,6 +34599,7 @@ "AWS::QBusiness::DataAccessor": { "ActionConfigurations": "A list of action configurations specifying the allowed actions and any associated filters.", "ApplicationId": "The unique identifier of the Amazon Q Business application.", + "AuthenticationDetail": "The authentication configuration details for the data accessor. This specifies how the ISV authenticates when accessing data through this data accessor.", "DisplayName": "The friendly name of the data accessor.", "Principal": "The Amazon Resource Name (ARN) of the IAM role for the ISV associated with this data accessor.", "Tags": "The tags to associate with the data accessor." @@ -33949,6 +34623,17 @@ "NotFilter": "Performs a logical `NOT` operation on all supplied filters.", "OrAllFilters": "Performs a logical `OR` operation on all supplied filters." }, + "AWS::QBusiness::DataAccessor DataAccessorAuthenticationConfiguration": { + "IdcTrustedTokenIssuerConfiguration": "Configuration for IAM Identity Center Trusted Token Issuer (TTI) authentication used when the authentication type is `AWS_IAM_IDC_TTI` ." + }, + "AWS::QBusiness::DataAccessor DataAccessorAuthenticationDetail": { + "AuthenticationConfiguration": "The specific authentication configuration based on the authentication type.", + "AuthenticationType": "The type of authentication to use for the data accessor. This determines how the ISV authenticates when accessing data. You can use one of two authentication types:\n\n- `AWS_IAM_IDC_TTI` - Authentication using IAM Identity Center Trusted Token Issuer (TTI). This authentication type allows the ISV to use a trusted token issuer to generate tokens for accessing the data.\n- `AWS_IAM_IDC_AUTH_CODE` - Authentication using IAM Identity Center authorization code flow. This authentication type uses the standard OAuth 2.0 authorization code flow for authentication.", + "ExternalIds": "A list of external identifiers associated with this authentication configuration. These are used to correlate the data accessor with external systems." + }, + "AWS::QBusiness::DataAccessor DataAccessorIdcTrustedTokenIssuerConfiguration": { + "IdcTrustedTokenIssuerArn": "The Amazon Resource Name (ARN) of the IAM Identity Center Trusted Token Issuer that will be used for authentication." + }, "AWS::QBusiness::DataAccessor DocumentAttribute": { "Name": "The identifier for the attribute.", "Value": "The value of the attribute." @@ -34006,7 +34691,7 @@ }, "AWS::QBusiness::DataSource HookConfiguration": { "InvocationCondition": "The condition used for when a Lambda function should be invoked.\n\nFor example, you can specify a condition that if there are empty date-time values, then Amazon Q Business should invoke a function that inserts the current date-time.", - "LambdaArn": "The Amazon Resource Name (ARN) of the Lambda function sduring ingestion. For more information, see [Using Lambda functions for Amazon Q Business document enrichment](https://docs.aws.amazon.com/amazonq/latest/qbusiness-ug/cde-lambda-operations.html) .", + "LambdaArn": "The Amazon Resource Name (ARN) of the Lambda function during ingestion. For more information, see [Using Lambda functions for Amazon Q Business document enrichment](https://docs.aws.amazon.com/amazonq/latest/qbusiness-ug/cde-lambda-operations.html) .", "RoleArn": "The Amazon Resource Name (ARN) of a role with permission to run `PreExtractionHookConfiguration` and `PostExtractionHookConfiguration` for altering document metadata and content during the document ingestion process.", "S3BucketName": "Stores the original, raw documents or the structured, parsed documents before and after altering them. For more information, see [Data contracts for Lambda functions](https://docs.aws.amazon.com/amazonq/latest/business-use-dg/cde-lambda-operations.html#cde-lambda-operations-data-contracts) ." }, @@ -34061,9 +34746,15 @@ "AWS::QBusiness::Permission": { "Actions": "The list of Amazon Q Business actions that the ISV is allowed to perform.", "ApplicationId": "The unique identifier of the Amazon Q Business application.", + "Conditions": "", "Principal": "Provides user and group information used for filtering documents to use for generating Amazon Q Business conversation responses.", "StatementId": "A unique identifier for the policy statement." }, + "AWS::QBusiness::Permission Condition": { + "ConditionKey": "", + "ConditionOperator": "", + "ConditionValues": "" + }, "AWS::QBusiness::Plugin": { "ApplicationId": "The identifier of the application that will contain the plugin.", "AuthConfiguration": "Authentication configuration information for an Amazon Q Business plugin.", @@ -37172,8 +37863,14 @@ "CreateAndUpdateThresholdAlerts": "The ability to create and update threshold alerts.", "CreateSPICEDataset": "The ability to create a SPICE dataset.", "CreateSharedFolders": "The ability to create shared folders.", - "ExportToCsv": "The ability to export to CSV files.", - "ExportToExcel": "The ability to export to Excel files.", + "ExportToCsv": "The ability to export to CSV files from the UI.", + "ExportToCsvInScheduledReports": "The ability to export to CSV files in scheduled email reports.", + "ExportToExcel": "The ability to export to Excel files from the UI.", + "ExportToExcelInScheduledReports": "The ability to export to Excel files in scheduled email reports.", + "ExportToPdf": "The ability to export to PDF files from the UI.", + "ExportToPdfInScheduledReports": "The ability to export to PDF files in scheduled email reports.", + "IncludeContentInScheduledReportsEmail": "The ability to include content in scheduled email reports.", + "PrintReports": "The ability to print reports.", "RenameSharedFolders": "The ability to rename shared folders.", "ShareAnalyses": "The ability to share analyses.", "ShareDashboards": "The ability to share dashboards.", @@ -40494,6 +41191,7 @@ "Domain": "The OpenSearch domain." }, "AWS::QuickSight::DataSource AthenaParameters": { + "IdentityCenterConfiguration": "An optional parameter that configures IAM Identity Center authentication to grant Amazon QuickSight access to your workgroup.\n\nThis parameter can only be specified if your Amazon QuickSight account is configured with IAM Identity Center.", "RoleArn": "Use the `RoleArn` structure to override an account-wide role for a specific Athena data source. For example, say an account administrator has turned off all Athena access with an account-wide role. The administrator can then use `RoleArn` to bypass the account-wide role and allow Athena access for the single Athena data source that is specified in the structure, even if the account-wide role forbidding Athena access is still active.", "WorkGroup": "The workgroup that Amazon Athena uses." }, @@ -40574,7 +41272,8 @@ "AWS::QuickSight::DataSource OracleParameters": { "Database": "Database.", "Host": "Host.", - "Port": "Port." + "Port": "Port.", + "UseServiceName": "A Boolean value that indicates whether the `Database` uses a service name or an SID. If this value is left blank, the default value is `SID` . If this value is set to `false` , the value is `SID` ." }, "AWS::QuickSight::DataSource PostgreSqlParameters": { "Database": "Database.", @@ -43589,6 +44288,7 @@ "Description": "The description of the topic.", "FolderArns": "", "Name": "The name of the topic.", + "Tags": "", "TopicId": "The ID for the topic. This ID is unique per AWS Region for each AWS account.", "UserExperienceVersion": "The user experience version of the topic." }, @@ -43669,6 +44369,10 @@ "TypeName": "The semantic type name.", "TypeParameters": "The semantic type parameters." }, + "AWS::QuickSight::Topic Tag": { + "Key": "", + "Value": "" + }, "AWS::QuickSight::Topic TopicCalculatedField": { "Aggregation": "The default aggregation. Valid values for this structure are `SUM` , `MAX` , `MIN` , `COUNT` , `DISTINCT_COUNT` , and `AVERAGE` .", "AllowedAggregations": "The list of aggregation types that are allowed for the calculated field. Valid values for this structure are `COUNT` , `DISTINCT_COUNT` , `MIN` , `MAX` , `MEDIAN` , `SUM` , `AVERAGE` , `STDEV` , `STDEVP` , `VAR` , `VARP` , and `PERCENTILE` .", @@ -43805,7 +44509,7 @@ "PermissionArns": "Specifies the [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html) of the AWS RAM permission to associate with the resource share. If you do not specify an ARN for the permission, AWS RAM automatically attaches the default version of the permission for each resource type. You can associate only one permission with each resource type included in the resource share.", "Principals": "Specifies the principals to associate with the resource share. The possible values are:\n\n- An AWS account ID\n- An Amazon Resource Name (ARN) of an organization in AWS Organizations\n- An ARN of an organizational unit (OU) in AWS Organizations\n- An ARN of an IAM role\n- An ARN of an IAM user\n\n> Not all resource types can be shared with IAM roles and users. For more information, see the column *Can share with IAM roles and users* in the tables on [Shareable AWS resources](https://docs.aws.amazon.com/ram/latest/userguide/shareable.html) in the *AWS Resource Access Manager User Guide* .", "ResourceArns": "Specifies a list of one or more ARNs of the resources to associate with the resource share.", - "Sources": "", + "Sources": "Specifies from which source accounts the service principal has access to the resources in this resource share.", "Tags": "Specifies one or more tags to attach to the resource share itself. It doesn't attach the tags to the resources associated with the resource share." }, "AWS::RAM::ResourceShare Tag": { @@ -43837,7 +44541,7 @@ "AvailabilityZones": "A list of Availability Zones (AZs) where instances in the DB cluster can be created. For information on AWS Regions and Availability Zones, see [Choosing the Regions and Availability Zones](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.RegionsAndAvailabilityZones.html) in the *Amazon Aurora User Guide* .\n\nValid for: Aurora DB clusters only", "BacktrackWindow": "The target backtrack window, in seconds. To disable backtracking, set this value to `0` .\n\nValid for Cluster Type: Aurora MySQL DB clusters only\n\nDefault: `0`\n\nConstraints:\n\n- If specified, this value must be set to a number from 0 to 259,200 (72 hours).", "BackupRetentionPeriod": "The number of days for which automated backups are retained.\n\nDefault: 1\n\nConstraints:\n\n- Must be a value from 1 to 35\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "ClusterScalabilityType": "Specifies the scalability mode of the Aurora DB cluster. When set to `limitless` , the cluster operates as an Aurora Limitless Database, allowing you to create a DB shard group for horizontal scaling (sharding) capabilities. When set to `standard` (the default), the cluster uses normal DB instance creation.", + "ClusterScalabilityType": "Specifies the scalability mode of the Aurora DB cluster. When set to `limitless` , the cluster operates as an Aurora Limitless Database, allowing you to create a DB shard group for horizontal scaling (sharding) capabilities. When set to `standard` (the default), the cluster uses normal DB instance creation.\n\n*Important:* Automated backup retention isn't supported with Aurora Limitless Database clusters. If you set this property to `limitless` , you cannot set `DeleteAutomatedBackups` to `false` . To create a backup, use manual snapshots instead.", "CopyTagsToSnapshot": "A value that indicates whether to copy all tags from the DB cluster to snapshots of the DB cluster. The default is not to copy them.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", "DBClusterIdentifier": "The DB cluster identifier. This parameter is stored as a lowercase string.\n\nConstraints:\n\n- Must contain from 1 to 63 letters, numbers, or hyphens.\n- First character must be a letter.\n- Can't end with a hyphen or contain two consecutive hyphens.\n\nExample: `my-cluster1`\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", "DBClusterInstanceClass": "The compute and memory capacity of each DB instance in the Multi-AZ DB cluster, for example `db.m6gd.xlarge` . Not all DB instance classes are available in all AWS Regions , or for all database engines.\n\nFor the full list of DB instance classes and availability for your engine, see [DB instance class](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html) in the *Amazon RDS User Guide* .\n\nThis setting is required to create a Multi-AZ DB cluster.\n\nValid for Cluster Type: Multi-AZ DB clusters only", @@ -43847,6 +44551,7 @@ "DBSystemId": "Reserved for future use.", "DatabaseInsightsMode": "The mode of Database Insights to enable for the DB cluster.\n\nIf you set this value to `advanced` , you must also set the `PerformanceInsightsEnabled` parameter to `true` and the `PerformanceInsightsRetentionPeriod` parameter to 465.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters", "DatabaseName": "The name of your database. If you don't provide a name, then Amazon RDS won't create a database in this DB cluster. For naming constraints, see [Naming Constraints](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/CHAP_Limits.html#RDS_Limits.Constraints) in the *Amazon Aurora User Guide* .\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "DeleteAutomatedBackups": "Specifies whether to remove automated backups immediately after the DB cluster is deleted. This parameter isn't case-sensitive. The default is to remove automated backups immediately after the DB cluster is deleted, unless the AWS Backup policy specifies a point-in-time restore rule.", "DeletionProtection": "A value that indicates whether the DB cluster has deletion protection enabled. The database can't be deleted when deletion protection is enabled. By default, deletion protection is disabled.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", "Domain": "Indicates the directory ID of the Active Directory to create the DB cluster.\n\nFor Amazon Aurora DB clusters, Amazon RDS can use Kerberos authentication to authenticate users that connect to the DB cluster.\n\nFor more information, see [Kerberos authentication](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/kerberos-authentication.html) in the *Amazon Aurora User Guide* .\n\nValid for: Aurora DB clusters only", "DomainIAMRoleName": "Specifies the name of the IAM role to use when making API calls to the Directory Service.\n\nValid for: Aurora DB clusters only", @@ -43882,7 +44587,7 @@ "ScalingConfiguration": "The scaling configuration of an Aurora Serverless v1 DB cluster.\n\nThis property is only supported for Aurora Serverless v1. For Aurora Serverless v2, Use the `ServerlessV2ScalingConfiguration` property.\n\nValid for: Aurora Serverless v1 DB clusters only", "ServerlessV2ScalingConfiguration": "The scaling configuration of an Aurora Serverless V2 DB cluster.\n\nThis property is only supported for Aurora Serverless v2. For Aurora Serverless v1, Use the `ScalingConfiguration` property.\n\nValid for: Aurora Serverless v2 DB clusters only", "SnapshotIdentifier": "The identifier for the DB snapshot or DB cluster snapshot to restore from.\n\nYou can use either the name or the Amazon Resource Name (ARN) to specify a DB cluster snapshot. However, you can use only the ARN to specify a DB snapshot.\n\nAfter you restore a DB cluster with a `SnapshotIdentifier` property, you must specify the same `SnapshotIdentifier` property for any future updates to the DB cluster. When you specify this property for an update, the DB cluster is not restored from the snapshot again, and the data in the database is not changed. However, if you don't specify the `SnapshotIdentifier` property, an empty DB cluster is created, and the original DB cluster is deleted. If you specify a property that is different from the previous snapshot restore property, a new DB cluster is restored from the specified `SnapshotIdentifier` property, and the original DB cluster is deleted.\n\nIf you specify the `SnapshotIdentifier` property to restore a DB cluster (as opposed to specifying it for DB cluster updates), then don't specify the following properties:\n\n- `GlobalClusterIdentifier`\n- `MasterUsername`\n- `MasterUserPassword`\n- `ReplicationSourceIdentifier`\n- `RestoreType`\n- `SourceDBClusterIdentifier`\n- `SourceRegion`\n- `StorageEncrypted` (for an encrypted snapshot)\n- `UseLatestRestorableTime`\n\nConstraints:\n\n- Must match the identifier of an existing Snapshot.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "SourceDBClusterIdentifier": "When restoring a DB cluster to a point in time, the identifier of the source DB cluster from which to restore.\n\nConstraints:\n\n- Must match the identifier of an existing DBCluster.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "SourceDBClusterIdentifier": "When restoring a DB cluster to a point in time, the identifier of the source DB cluster from which to restore.\n\nConstraints:\n\n- Must match the identifier of an existing DBCluster.\n- Cannot be specified if `SourceDbClusterResourceId` is specified. You must specify either `SourceDBClusterIdentifier` or `SourceDbClusterResourceId` , but not both.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", "SourceRegion": "The AWS Region which contains the source DB cluster when replicating a DB cluster. For example, `us-east-1` .\n\nValid for: Aurora DB clusters only", "StorageEncrypted": "Indicates whether the DB cluster is encrypted.\n\nIf you specify the `KmsKeyId` property, then you must enable encryption.\n\nIf you specify the `SourceDBClusterIdentifier` property, don't specify this property. The value is inherited from the source DB cluster, and if the DB cluster is encrypted, the specified `KmsKeyId` property is used.\n\nIf you specify the `SnapshotIdentifier` and the specified snapshot is encrypted, don't specify this property. The value is inherited from the snapshot, and the specified `KmsKeyId` property is used.\n\nIf you specify the `SnapshotIdentifier` and the specified snapshot isn't encrypted, you can use this property to specify that the restored DB cluster is encrypted. Specify the `KmsKeyId` property for the KMS key to use for encryption. If you don't want the restored DB cluster to be encrypted, then don't set this property or set it to `false` .\n\n> If you specify both the `StorageEncrypted` and `SnapshotIdentifier` properties without specifying the `KmsKeyId` property, then the restored DB cluster inherits the encryption settings from the DB snapshot that provide. \n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", "StorageType": "The storage type to associate with the DB cluster.\n\nFor information on storage types for Aurora DB clusters, see [Storage configurations for Amazon Aurora DB clusters](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Overview.StorageReliability.html#aurora-storage-type) . For information on storage types for Multi-AZ DB clusters, see [Settings for creating Multi-AZ DB clusters](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/create-multi-az-db-cluster.html#create-multi-az-db-cluster-settings) .\n\nThis setting is required to create a Multi-AZ DB cluster.\n\nWhen specified for a Multi-AZ DB cluster, a value for the `Iops` parameter is required.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n\nValid Values:\n\n- Aurora DB clusters - `aurora | aurora-iopt1`\n- Multi-AZ DB clusters - `io1 | io2 | gp3`\n\nDefault:\n\n- Aurora DB clusters - `aurora`\n- Multi-AZ DB clusters - `io1`\n\n> When you create an Aurora DB cluster with the storage type set to `aurora-iopt1` , the storage type is returned in the response. The storage type isn't returned when you set it to `aurora` .", @@ -43944,6 +44649,7 @@ "AutomaticBackupReplicationRetentionPeriod": "The retention period for automated backups in a different AWS Region. Use this parameter to set a unique retention period that only applies to cross-Region automated backups. To enable automated backups in a different Region, specify a positive value for the `AutomaticBackupReplicationRegion` parameter.\n\nIf not specified, this parameter defaults to the value of the `BackupRetentionPeriod` parameter. The maximum allowed value is 35.", "AvailabilityZone": "The Availability Zone (AZ) where the database will be created. For information on AWS Regions and Availability Zones, see [Regions and Availability Zones](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html) .\n\nFor Amazon Aurora, each Aurora DB cluster hosts copies of its storage in three separate Availability Zones. Specify one of these Availability Zones. Aurora automatically chooses an appropriate Availability Zone if you don't specify one.\n\nDefault: A random, system-chosen Availability Zone in the endpoint's AWS Region .\n\nConstraints:\n\n- The `AvailabilityZone` parameter can't be specified if the DB instance is a Multi-AZ deployment.\n- The specified Availability Zone must be in the same AWS Region as the current endpoint.\n\nExample: `us-east-1d`", "BackupRetentionPeriod": "The number of days for which automated backups are retained. Setting this parameter to a positive number enables backups. Setting this parameter to 0 disables automated backups.\n\n*Amazon Aurora*\n\nNot applicable. The retention period for automated backups is managed by the DB cluster.\n\nDefault: 1\n\nConstraints:\n\n- Must be a value from 0 to 35\n- Can't be set to 0 if the DB instance is a source to read replicas", + "BackupTarget": "The location for storing automated backups and manual snapshots.\n\nValid Values:\n\n- `local` (Dedicated Local Zone)\n- `outposts` ( AWS Outposts)\n- `region` ( AWS Region )\n\nDefault: `region`\n\nFor more information, see [Working with Amazon RDS on AWS Outposts](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-on-outposts.html) in the *Amazon RDS User Guide* .", "CACertificateIdentifier": "The identifier of the CA certificate for this DB instance.\n\nFor more information, see [Using SSL/TLS to encrypt a connection to a DB instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html) in the *Amazon RDS User Guide* and [Using SSL/TLS to encrypt a connection to a DB cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL.html) in the *Amazon Aurora User Guide* .", "CertificateRotationRestart": "Specifies whether the DB instance is restarted when you rotate your SSL/TLS certificate.\n\nBy default, the DB instance is restarted when you rotate your SSL/TLS certificate. The certificate is not updated until the DB instance is restarted.\n\n> Set this parameter only if you are *not* using SSL/TLS to connect to the DB instance. \n\nIf you are using SSL/TLS to connect to the DB instance, follow the appropriate instructions for your DB engine to rotate your SSL/TLS certificate:\n\n- For more information about rotating your SSL/TLS certificate for RDS DB engines, see [Rotating Your SSL/TLS Certificate.](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL-certificate-rotation.html) in the *Amazon RDS User Guide.*\n- For more information about rotating your SSL/TLS certificate for Aurora DB engines, see [Rotating Your SSL/TLS Certificate](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL-certificate-rotation.html) in the *Amazon Aurora User Guide* .\n\nThis setting doesn't apply to RDS Custom DB instances.", "CharacterSetName": "For supported engines, indicates that the DB instance should be associated with the specified character set.\n\n*Amazon Aurora*\n\nNot applicable. The character set is managed by the DB cluster. For more information, see [AWS::RDS::DBCluster](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html) .", @@ -43985,7 +44691,7 @@ "MaxAllocatedStorage": "The upper limit in gibibytes (GiB) to which Amazon RDS can automatically scale the storage of the DB instance.\n\nFor more information about this setting, including limitations that apply to it, see [Managing capacity automatically with Amazon RDS storage autoscaling](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIOPS.StorageTypes.html#USER_PIOPS.Autoscaling) in the *Amazon RDS User Guide* .\n\nThis setting doesn't apply to the following DB instances:\n\n- Amazon Aurora (Storage is managed by the DB cluster.)\n- RDS Custom", "MonitoringInterval": "The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance. To disable collection of Enhanced Monitoring metrics, specify `0` .\n\nIf `MonitoringRoleArn` is specified, then you must set `MonitoringInterval` to a value other than `0` .\n\nThis setting doesn't apply to RDS Custom DB instances.\n\nValid Values: `0 | 1 | 5 | 10 | 15 | 30 | 60`\n\nDefault: `0`", "MonitoringRoleArn": "The ARN for the IAM role that permits RDS to send enhanced monitoring metrics to Amazon CloudWatch Logs. For example, `arn:aws:iam:123456789012:role/emaccess` . For information on creating a monitoring role, see [Setting Up and Enabling Enhanced Monitoring](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.OS.html#USER_Monitoring.OS.Enabling) in the *Amazon RDS User Guide* .\n\nIf `MonitoringInterval` is set to a value other than `0` , then you must supply a `MonitoringRoleArn` value.\n\nThis setting doesn't apply to RDS Custom DB instances.", - "MultiAZ": "Specifies whether the DB instance is a Multi-AZ deployment. You can't set the `AvailabilityZone` parameter if the DB instance is a Multi-AZ deployment.\n\nThis setting doesn't apply to the following DB instances:\n\n- Amazon Aurora (DB instance Availability Zones (AZs) are managed by the DB cluster.)\n- RDS Custom", + "MultiAZ": "Specifies whether the DB instance is a Multi-AZ deployment. You can't set the `AvailabilityZone` parameter if the DB instance is a Multi-AZ deployment.\n\nThis setting doesn't apply to Amazon Aurora because the DB instance Availability Zones (AZs) are managed by the DB cluster.", "NcharCharacterSetName": "The name of the NCHAR character set for the Oracle DB instance.\n\nThis setting doesn't apply to RDS Custom DB instances.", "NetworkType": "The network type of the DB instance.\n\nValid values:\n\n- `IPV4`\n- `DUAL`\n\nThe network type is determined by the `DBSubnetGroup` specified for the DB instance. A `DBSubnetGroup` can support only the IPv4 protocol or the IPv4 and IPv6 protocols ( `DUAL` ).\n\nFor more information, see [Working with a DB instance in a VPC](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.WorkingWithRDSInstanceinaVPC.html) in the *Amazon RDS User Guide.*", "OptionGroupName": "Indicates that the DB instance should be associated with the specified option group.\n\nPermanent options, such as the TDE option for Oracle Advanced Security TDE, can't be removed from an option group. Also, that option group can't be removed from a DB instance once it is associated with a DB instance.", @@ -44093,7 +44799,7 @@ }, "AWS::RDS::DBProxyTargetGroup ConnectionPoolConfigurationInfoFormat": { "ConnectionBorrowTimeout": "The number of seconds for a proxy to wait for a connection to become available in the connection pool. This setting only applies when the proxy has opened its maximum number of connections and all connections are busy with client sessions.\n\nDefault: `120`\n\nConstraints:\n\n- Must be between 0 and 300.", - "InitQuery": "Add an initialization query, or modify the current one. You can specify one or more SQL statements for the proxy to run when opening each new database connection. The setting is typically used with `SET` statements to make sure that each connection has identical settings. Make sure the query added here is valid. This is an optional field, so you can choose to leave it empty. For including multiple variables in a single SET statement, use a comma separator.\n\nFor example: `SET variable1=value1, variable2=value2`\n\nDefault: no initialization query", + "InitQuery": "Add an initialization query, or modify the current one. You can specify one or more SQL statements for the proxy to run when opening each new database connection. The setting is typically used with `SET` statements to make sure that each connection has identical settings. Make sure the query added here is valid. This is an optional field, so you can choose to leave it empty. For including multiple variables in a single SET statement, use a comma separator.\n\nFor example: `SET variable1=value1, variable2=value2`\n\nDefault: no initialization query\n\n> Since you can access initialization query as part of target group configuration, it is not protected by authentication or cryptographic methods. Anyone with access to view or manage your proxy target group configuration can view the initialization query. You should not add sensitive data, such as passwords or long-lived encryption keys, to this option.", "MaxConnectionsPercent": "The maximum size of the connection pool for each target in a target group. The value is expressed as a percentage of the `max_connections` setting for the RDS DB instance or Aurora DB cluster used by the target group.\n\nIf you specify `MaxIdleConnectionsPercent` , then you must also include a value for this parameter.\n\nDefault: `10` for RDS for Microsoft SQL Server, and `100` for all other engines\n\nConstraints:\n\n- Must be between 1 and 100.", "MaxIdleConnectionsPercent": "A value that controls how actively the proxy closes idle database connections in the connection pool. The value is expressed as a percentage of the `max_connections` setting for the RDS DB instance or Aurora DB cluster used by the target group. With a high value, the proxy leaves a high percentage of idle database connections open. A low value causes the proxy to close more idle connections and return them to the database.\n\nIf you specify this parameter, then you must also include a value for `MaxConnectionsPercent` .\n\nDefault: The default value is half of the value of `MaxConnectionsPercent` . For example, if `MaxConnectionsPercent` is 80, then the default value of `MaxIdleConnectionsPercent` is 40. If the value of `MaxConnectionsPercent` isn't specified, then for SQL Server, `MaxIdleConnectionsPercent` is `5` , and for all other engines, the default is `50` .\n\nConstraints:\n\n- Must be between 0 and the value of `MaxConnectionsPercent` .", "SessionPinningFilters": "Each item in the list represents a class of SQL operations that normally cause all later statements in a session using a proxy to be pinned to the same underlying database connection. Including an item in the list exempts that class of SQL operations from the pinning behavior.\n\nDefault: no session pinning filters" @@ -44523,6 +45229,28 @@ "Key": "The key to use in the tag.", "Value": "The value of the tag." }, + "AWS::RedshiftServerless::Snapshot": { + "NamespaceName": "The name of the namepsace.", + "RetentionPeriod": "The retention period of the snapshot created by the scheduled action.", + "SnapshotName": "The name of the snapshot.", + "Tags": "An array of [Tag objects](https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_Tag.html) to associate with the snapshot." + }, + "AWS::RedshiftServerless::Snapshot Snapshot": { + "AdminUsername": "The username of the database within a snapshot.", + "KmsKeyId": "The unique identifier of the KMS key used to encrypt the snapshot.", + "NamespaceArn": "The Amazon Resource Name (ARN) of the namespace the snapshot was created from.", + "NamespaceName": "The name of the namepsace.", + "OwnerAccount": "The owner AWS ; account of the snapshot.", + "RetentionPeriod": "", + "SnapshotArn": "The Amazon Resource Name (ARN) of the snapshot.", + "SnapshotCreateTime": "The timestamp of when the snapshot was created.", + "SnapshotName": "The name of the snapshot.", + "Status": "The status of the snapshot." + }, + "AWS::RedshiftServerless::Snapshot Tag": { + "Key": "The key to use in the tag.", + "Value": "The value of the tag." + }, "AWS::RedshiftServerless::Workgroup": { "BaseCapacity": "The base compute capacity of the workgroup in Redshift Processing Units (RPUs).", "ConfigParameters": "The key of the parameter. The options are `auto_mv` , `datestyle` , `enable_case_sensitive_identifier` , `enable_user_activity_logging` , `query_group` , `search_path` , `require_ssl` , `use_fips_ssl` , and query monitoring metrics that let you define performance boundaries. For more information about query monitoring rules and available metrics, see [Query monitoring metrics for Amazon Redshift Serverless](https://docs.aws.amazon.com/redshift/latest/dg/cm-c-wlm-query-monitoring-rules.html#cm-c-wlm-query-monitoring-metrics-serverless) .", @@ -45321,12 +46049,12 @@ "ResourceId": "The ID of the virtual private cloud (VPC) that you're configuring the DNSSEC validation status for." }, "AWS::Route53Resolver::ResolverEndpoint": { - "Direction": "Indicates whether the Resolver endpoint allows inbound or outbound DNS queries:\n\n- `INBOUND` : allows DNS queries to your VPC from your network\n- `OUTBOUND` : allows DNS queries from your VPC to your network", + "Direction": "Indicates whether the Resolver endpoint allows inbound or outbound DNS queries:\n\n- `INBOUND` : allows DNS queries to your VPC from your network\n- `OUTBOUND` : allows DNS queries from your VPC to your network\n- `INBOUND_DELEGATION` : Resolver delegates queries to Route 53 private hosted zones from your network.", "IpAddresses": "The subnets and IP addresses in your VPC that DNS queries originate from (for outbound endpoints) or that you forward DNS queries to (for inbound endpoints). The subnet ID uniquely identifies a VPC.\n\n> Even though the minimum is 1, Route\u00a053 requires that you create at least two.", "Name": "A friendly name that lets you easily find a configuration in the Resolver dashboard in the Route 53 console.", "OutpostArn": "The ARN (Amazon Resource Name) for the Outpost.", "PreferredInstanceType": "The Amazon EC2 instance type.", - "Protocols": "Protocols used for the endpoint. DoH-FIPS is applicable for inbound endpoints only.\n\nFor an inbound endpoint you can apply the protocols as follows:\n\n- Do53 and DoH in combination.\n- Do53 and DoH-FIPS in combination.\n- Do53 alone.\n- DoH alone.\n- DoH-FIPS alone.\n- None, which is treated as Do53.\n\nFor an outbound endpoint you can apply the protocols as follows:\n\n- Do53 and DoH in combination.\n- Do53 alone.\n- DoH alone.\n- None, which is treated as Do53.", + "Protocols": "Protocols used for the endpoint. DoH-FIPS is applicable for a default inbound endpoints only.\n\nFor an inbound endpoint you can apply the protocols as follows:\n\n- Do53 and DoH in combination.\n- Do53 and DoH-FIPS in combination.\n- Do53 alone.\n- DoH alone.\n- DoH-FIPS alone.\n- None, which is treated as Do53.\n\nFor a delegation inbound endpoint you can use Do53 only.\n\nFor an outbound endpoint you can apply the protocols as follows:\n\n- Do53 and DoH in combination.\n- Do53 alone.\n- DoH alone.\n- None, which is treated as Do53.", "ResolverEndpointType": "The Resolver endpoint IP address type.", "SecurityGroupIds": "The ID of one or more security groups that control access to this VPC. The security group must include one or more inbound rules (for inbound endpoints) or outbound rules (for outbound endpoints). Inbound and outbound rules must allow TCP and UDP access. For inbound access, open port 53. For outbound access, open the port that you're using for DNS queries on your network.", "Tags": "Route 53 Resolver doesn't support updating tags through CloudFormation." @@ -45354,10 +46082,11 @@ "ResourceId": "The ID of the Amazon VPC that is associated with the query logging configuration." }, "AWS::Route53Resolver::ResolverRule": { + "DelegationRecord": "DNS queries with delegation records that point to this domain name are forwarded to resolvers on your network.", "DomainName": "DNS queries for this domain name are forwarded to the IP addresses that are specified in `TargetIps` . If a query matches multiple Resolver rules (example.com and www.example.com), the query is routed using the Resolver rule that contains the most specific domain name (www.example.com).", "Name": "The name for the Resolver rule, which you specified when you created the Resolver rule.", "ResolverEndpointId": "The ID of the endpoint that the rule is associated with.", - "RuleType": "When you want to forward DNS queries for specified domain name to resolvers on your network, specify `FORWARD` .\n\nWhen you have a forwarding rule to forward DNS queries for a domain to your network and you want Resolver to process queries for a subdomain of that domain, specify `SYSTEM` .\n\nFor example, to forward DNS queries for example.com to resolvers on your network, you create a rule and specify `FORWARD` for `RuleType` . To then have Resolver process queries for apex.example.com, you create a rule and specify `SYSTEM` for `RuleType` .\n\nCurrently, only Resolver can create rules that have a value of `RECURSIVE` for `RuleType` .", + "RuleType": "When you want to forward DNS queries for specified domain name to resolvers on your network, specify `FORWARD` or `DELEGATE` . If a query matches multiple Resolver rules (example.com and www.example.com), outbound DNS queries are routed using the Resolver rule that contains the most specific domain name (www.example.com).\n\nWhen you have a forwarding rule to forward DNS queries for a domain to your network and you want Resolver to process queries for a subdomain of that domain, specify `SYSTEM` .\n\nFor example, to forward DNS queries for example.com to resolvers on your network, you create a rule and specify `FORWARD` for `RuleType` . To then have Resolver process queries for apex.example.com, you create a rule and specify `SYSTEM` for `RuleType` .\n\nCurrently, only Resolver can create rules that have a value of `RECURSIVE` for `RuleType` .", "Tags": "Tags help organize and categorize your Resolver rules. Each tag consists of a key and an optional value, both of which you define.", "TargetIps": "An array that contains the IP addresses and ports that an outbound endpoint forwards DNS queries to. Typically, these are the IP addresses of DNS resolvers on your network." }, @@ -45439,9 +46168,10 @@ "BucketName": "A name for the bucket. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the bucket name. The bucket name must contain only lowercase letters, numbers, periods (.), and dashes (-) and must follow [Amazon S3 bucket restrictions and limitations](https://docs.aws.amazon.com/AmazonS3/latest/dev/BucketRestrictions.html) . For more information, see [Rules for naming Amazon S3 buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html) in the *Amazon S3 User Guide* .\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you need to replace the resource, specify a new name.", "CorsConfiguration": "Describes the cross-origin access configuration for objects in an Amazon S3 bucket. For more information, see [Enabling Cross-Origin Resource Sharing](https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html) in the *Amazon S3 User Guide* .", "IntelligentTieringConfigurations": "Defines how Amazon S3 handles Intelligent-Tiering storage.", - "InventoryConfigurations": "Specifies the inventory configuration for an Amazon S3 bucket. For more information, see [GET Bucket inventory](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketGETInventoryConfig.html) in the *Amazon S3 API Reference* .", + "InventoryConfigurations": "Specifies the S3 Inventory configuration for an Amazon S3 bucket. For more information, see [GET Bucket inventory](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketGETInventoryConfig.html) in the *Amazon S3 API Reference* .", "LifecycleConfiguration": "Specifies the lifecycle configuration for objects in an Amazon S3 bucket. For more information, see [Object Lifecycle Management](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html) in the *Amazon S3 User Guide* .", "LoggingConfiguration": "Settings that define where logs are stored.", + "MetadataConfiguration": "The S3 Metadata configuration for a general purpose bucket.", "MetadataTableConfiguration": "The metadata table configuration of an Amazon S3 general purpose bucket.", "MetricsConfigurations": "Specifies a metrics configuration for the CloudWatch request metrics (specified by the metrics configuration ID) from an Amazon S3 bucket. If you're updating an existing metrics configuration, note that this is a full replacement of the existing metrics configuration. If you don't include the elements you want to keep, they are erased. For more information, see [PutBucketMetricsConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTMetricConfiguration.html) .", "NotificationConfiguration": "Configuration that defines how Amazon S3 handles bucket notifications.", @@ -45527,6 +46257,18 @@ "Prefix": "Specifies the inventory filter prefix.", "ScheduleFrequency": "Specifies the schedule for generating inventory results." }, + "AWS::S3::Bucket InventoryTableConfiguration": { + "ConfigurationState": "The configuration state of the inventory table, indicating whether the inventory table is enabled or disabled.", + "EncryptionConfiguration": "The encryption configuration for the inventory table.", + "TableArn": "The Amazon Resource Name (ARN) for the inventory table.", + "TableName": "The name of the inventory table." + }, + "AWS::S3::Bucket JournalTableConfiguration": { + "EncryptionConfiguration": "The encryption configuration for the journal table.", + "RecordExpiration": "The journal table record expiration settings for the journal table.", + "TableArn": "The Amazon Resource Name (ARN) for the journal table.", + "TableName": "The name of the journal table." + }, "AWS::S3::Bucket LambdaConfiguration": { "Event": "The Amazon S3 bucket event for which to invoke the AWS Lambda function. For more information, see [Supported Event Types](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide* .", "Filter": "The filtering rules that determine which objects invoke the AWS Lambda function. For example, you can create a filter so that only image files with a `.jpg` extension invoke the function when they are added to the Amazon S3 bucket.", @@ -45541,9 +46283,23 @@ "LogFilePrefix": "A prefix for all log object keys. If you store log files from multiple Amazon S3 buckets in a single bucket, you can use a prefix to distinguish which log files came from which bucket.", "TargetObjectKeyFormat": "Amazon S3 key format for log objects. Only one format, either PartitionedPrefix or SimplePrefix, is allowed." }, + "AWS::S3::Bucket MetadataConfiguration": { + "Destination": "The destination information for the S3 Metadata configuration.", + "InventoryTableConfiguration": "The inventory table configuration for a metadata configuration.", + "JournalTableConfiguration": "The journal table configuration for a metadata configuration." + }, + "AWS::S3::Bucket MetadataDestination": { + "TableBucketArn": "The Amazon Resource Name (ARN) of the table bucket where the metadata configuration is stored.", + "TableBucketType": "The type of the table bucket where the metadata configuration is stored. The `aws` value indicates an AWS managed table bucket, and the `customer` value indicates a customer-managed table bucket. V2 metadata configurations are stored in AWS managed table buckets, and V1 metadata configurations are stored in customer-managed table buckets.", + "TableNamespace": "The namespace in the table bucket where the metadata tables for a metadata configuration are stored." + }, "AWS::S3::Bucket MetadataTableConfiguration": { "S3TablesDestination": "The destination information for the metadata table configuration. The destination table bucket must be in the same Region and AWS account as the general purpose bucket. The specified metadata table name must be unique within the `aws_s3_metadata` namespace in the destination table bucket." }, + "AWS::S3::Bucket MetadataTableEncryptionConfiguration": { + "KmsKeyArn": "If server-side encryption with AWS Key Management Service ( AWS KMS ) keys (SSE-KMS) is specified, you must also specify the KMS key Amazon Resource Name (ARN). You must specify a customer-managed KMS key that's located in the same Region as the general purpose bucket that corresponds to the metadata table configuration.", + "SseAlgorithm": "The encryption type specified for a metadata table. To specify server-side encryption with AWS Key Management Service ( AWS KMS ) keys (SSE-KMS), use the `aws:kms` value. To specify server-side encryption with Amazon S3 managed keys (SSE-S3), use the `AES256` value." + }, "AWS::S3::Bucket Metrics": { "EventThreshold": "A container specifying the time threshold for emitting the `s3:Replication:OperationMissedThreshold` event.", "Status": "Specifies whether the replication metrics are enabled." @@ -45599,6 +46355,10 @@ "Filter": "The filtering rules that determine which objects trigger notifications. For example, you can create a filter so that Amazon S3 sends notifications only when image files with a `.jpg` extension are added to the bucket. For more information, see [Configuring event notifications using object key name filtering](https://docs.aws.amazon.com/AmazonS3/latest/user-guide/notification-how-to-filtering.html) in the *Amazon S3 User Guide* .", "Queue": "The Amazon Resource Name (ARN) of the Amazon SQS queue to which Amazon S3 publishes a message when it detects events of the specified type. FIFO queues are not allowed when enabling an SQS queue as the event notification destination." }, + "AWS::S3::Bucket RecordExpiration": { + "Days": "If you enable journal table record expiration, you can set the number of days to retain your journal table records. Journal table records must be retained for a minimum of 7 days. To set this value, specify any whole number from `7` to `2147483647` . For example, to retain your journal table records for one year, set this value to `365` .", + "Expiration": "Specifies whether journal table record expiration is enabled or disabled." + }, "AWS::S3::Bucket RedirectAllRequestsTo": { "HostName": "Name of the host where requests are redirected.", "Protocol": "Protocol to use when redirecting requests. The default is the protocol that is used in the original request." @@ -45624,7 +46384,7 @@ "EncryptionConfiguration": "Specifies encryption-related information.", "Metrics": "A container specifying replication metrics-related settings enabling replication metrics and events.", "ReplicationTime": "A container specifying S3 Replication Time Control (S3 RTC), including whether S3 RTC is enabled and the time when all objects and operations on objects must be replicated. Must be specified together with a `Metrics` block.", - "StorageClass": "The storage class to use when replicating objects, such as S3 Standard or reduced redundancy. By default, Amazon S3 uses the storage class of the source object to create the object replica.\n\nFor valid values, see the `StorageClass` element of the [PUT Bucket replication](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTreplication.html) action in the *Amazon S3 API Reference* ." + "StorageClass": "The storage class to use when replicating objects, such as S3 Standard or reduced redundancy. By default, Amazon S3 uses the storage class of the source object to create the object replica.\n\nFor valid values, see the `StorageClass` element of the [PUT Bucket replication](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTreplication.html) action in the *Amazon S3 API Reference* .\n\n`FSX_OPENZFS` is not an accepted value when replicating objects." }, "AWS::S3::Bucket ReplicationRule": { "DeleteMarkerReplication": "Specifies whether Amazon S3 replicates delete markers. If you specify a `Filter` in your replication configuration, you must also include a `DeleteMarkerReplication` element. If your `Filter` includes a `Tag` element, the `DeleteMarkerReplication` `Status` must be set to Disabled, because Amazon S3 does not support replicating delete markers for tag-based rules. For an example configuration, see [Basic Rule Configuration](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-config-min-rule-config) .\n\nFor more information about delete marker replication, see [Basic Rule Configuration](https://docs.aws.amazon.com/AmazonS3/latest/dev/delete-marker-replication.html) .\n\n> If you are using an earlier version of the replication configuration, Amazon S3 handles replication of delete markers differently. For more information, see [Backward Compatibility](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-backward-compat-considerations) .", @@ -45930,7 +46690,8 @@ "BucketName": "A name for the bucket. The bucket name must contain only lowercase letters, numbers, and hyphens (-). A directory bucket name must be unique in the chosen Zone (Availability Zone or Local Zone). The bucket name must also follow the format `*bucket_base_name* -- *zone_id* --x-s3` (for example, `*bucket_base_name* -- *usw2-az1* --x-s3` ). If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the bucket name. For information about bucket naming restrictions, see [Directory bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) in the *Amazon S3 User Guide* .\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you need to replace the resource, specify a new name.", "DataRedundancy": "The number of Zone (Availability Zone or Local Zone) that's used for redundancy for the bucket.", "LifecycleConfiguration": "Container for lifecycle rules. You can add as many as 1000 rules.\n\nFor more information see, [Creating and managing a lifecycle configuration for directory buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-objects-lifecycle.html ) in the *Amazon S3 User Guide* .", - "LocationName": "The name of the location where the bucket will be created.\n\nFor directory buckets, the name of the location is the Zone ID of the Availability Zone (AZ) or Local Zone (LZ) where the bucket will be created. An example AZ ID value is `usw2-az1` ." + "LocationName": "The name of the location where the bucket will be created.\n\nFor directory buckets, the name of the location is the Zone ID of the Availability Zone (AZ) or Local Zone (LZ) where the bucket will be created. An example AZ ID value is `usw2-az1` .", + "Tags": "An array of tags that you can apply to the S3 directory bucket. Tags are key-value pairs of metadata used to categorize and organize your buckets, track costs, and control access. For more information, see [Using tags with directory buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-tagging.html) ." }, "AWS::S3Express::DirectoryBucket AbortIncompleteMultipartUpload": { "DaysAfterInitiation": "Specifies the number of days after which Amazon S3 aborts an incomplete multipart upload." @@ -45958,6 +46719,10 @@ "BucketKeyEnabled": "Specifies whether Amazon S3 should use an S3 Bucket Key with server-side encryption using KMS (SSE-KMS) for new objects in the bucket. S3 Bucket Keys are always enabled for `GET` and `PUT` operations on a directory bucket and can\u2019t be disabled. It's only allowed to set the `BucketKeyEnabled` element to `true` .\n\nS3 Bucket Keys aren't supported, when you copy SSE-KMS encrypted objects from general purpose buckets to directory buckets, from directory buckets to general purpose buckets, or between directory buckets, through [CopyObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html) , [UploadPartCopy](https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html) , [the Copy operation in Batch Operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-objects-Batch-Ops) , or [the import jobs](https://docs.aws.amazon.com/AmazonS3/latest/userguide/create-import-job) . In this case, Amazon S3 makes a call to AWS KMS every time a copy request is made for a KMS-encrypted object.\n\nFor more information, see [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-UsingKMSEncryption.html#s3-express-sse-kms-bucket-keys) in the *Amazon S3 User Guide* .", "ServerSideEncryptionByDefault": "Specifies the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied." }, + "AWS::S3Express::DirectoryBucket Tag": { + "Key": "The key of the tag. Tags are key-value pairs that you use to label your directory buckets. Tags can help you organize, track costs for, and control access to directory buckets. For more information, see [Using tags with directory buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-tagging.html) .", + "Value": "The value of the tag. Tags are key-value pairs that you use to label your directory buckets. Tags can help you organize, track costs for, and control access to directory buckets. For more information, see [Using tags with directory buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-tagging.html) ." + }, "AWS::S3ObjectLambda::AccessPoint": { "Name": "The name of this access point.", "ObjectLambdaConfiguration": "A configuration used when creating an Object Lambda Access Point." @@ -46058,6 +46823,40 @@ "AWS::S3Outposts::Endpoint NetworkInterface": { "NetworkInterfaceId": "The ID for the network interface." }, + "AWS::S3Tables::Namespace": { + "Namespace": "The name of the namespace.", + "TableBucketARN": "" + }, + "AWS::S3Tables::Table": { + "Compaction": "", + "IcebergMetadata": "Contains details about the metadata for an Iceberg table.", + "Namespace": "The name of the namespace.", + "OpenTableFormat": "", + "SnapshotManagement": "", + "TableBucketARN": "", + "TableName": "", + "WithoutMetadata": "" + }, + "AWS::S3Tables::Table Compaction": { + "Status": "", + "TargetFileSizeMB": "" + }, + "AWS::S3Tables::Table IcebergMetadata": { + "IcebergSchema": "" + }, + "AWS::S3Tables::Table IcebergSchema": { + "SchemaFieldList": "" + }, + "AWS::S3Tables::Table SchemaField": { + "Name": "The name of the field.", + "Required": "A Boolean value that specifies whether values are required for each row in this field. By default, this is `false` and null values are allowed in the field. If this is `true` the field does not allow null values.", + "Type": "The field type. S3 Tables supports all Apache Iceberg primitive types. For more information, see the [Apache Iceberg documentation](https://docs.aws.amazon.com/https://iceberg.apache.org/spec/#primitive-types) ." + }, + "AWS::S3Tables::Table SnapshotManagement": { + "MaxSnapshotAgeHours": "", + "MinSnapshotsToKeep": "", + "Status": "" + }, "AWS::S3Tables::TableBucket": { "EncryptionConfiguration": "Configuration specifying how data should be encrypted. This structure defines the encryption algorithm and optional KMS key to be used for server-side encryption.", "TableBucketName": "The name for the table bucket.", @@ -46076,6 +46875,10 @@ "ResourcePolicy": "The bucket policy JSON for the table bucket.", "TableBucketARN": "The Amazon Resource Name (ARN) of the table bucket." }, + "AWS::S3Tables::TablePolicy": { + "ResourcePolicy": "", + "TableARN": "" + }, "AWS::SDB::Domain": { "Description": "Information about the SimpleDB domain." }, @@ -46085,6 +46888,7 @@ "ReputationOptions": "An object that defines whether or not Amazon SES collects reputation metrics for the emails that you send that use the configuration set.", "SendingOptions": "An object that defines whether or not Amazon SES can send email that you send using the configuration set.", "SuppressionOptions": "An object that contains information about the suppression list preferences for your account.", + "Tags": "An array of objects that define the tags (keys and values) that are associated with the configuration set.", "TrackingOptions": "An object that defines the open and click tracking options for emails that you send using the configuration set.", "VdmOptions": "The Virtual Deliverability Manager (VDM) options that apply to the configuration set." }, @@ -46108,6 +46912,10 @@ "AWS::SES::ConfigurationSet SuppressionOptions": { "SuppressedReasons": "A list that contains the reasons that email addresses are automatically added to the suppression list for your account. This list can contain any or all of the following:\n\n- `COMPLAINT` \u2013 Amazon SES adds an email address to the suppression list for your account when a message sent to that address results in a complaint.\n- `BOUNCE` \u2013 Amazon SES adds an email address to the suppression list for your account when a message sent to that address results in a hard bounce." }, + "AWS::SES::ConfigurationSet Tag": { + "Key": "", + "Value": "" + }, "AWS::SES::ConfigurationSet TrackingOptions": { "CustomRedirectDomain": "The custom subdomain that is used to redirect email recipients to the Amazon SES event tracking domain.", "HttpsPolicy": "The https policy to use for tracking open and click events." @@ -46165,7 +46973,12 @@ }, "AWS::SES::DedicatedIpPool": { "PoolName": "The name of the dedicated IP pool that the IP address is associated with.", - "ScalingMode": "The type of scaling mode.\n\nThe following options are available:\n\n- `STANDARD` - The customer controls which IPs are part of the dedicated IP pool.\n- `MANAGED` - The reputation and number of IPs are automatically managed by Amazon SES .\n\nThe `STANDARD` option is selected by default if no value is specified.\n\n> Updating *ScalingMode* doesn't require a replacement if you're updating its value from `STANDARD` to `MANAGED` . However, updating *ScalingMode* from `MANAGED` to `STANDARD` is not supported." + "ScalingMode": "The type of scaling mode.\n\nThe following options are available:\n\n- `STANDARD` - The customer controls which IPs are part of the dedicated IP pool.\n- `MANAGED` - The reputation and number of IPs are automatically managed by Amazon SES .\n\nThe `STANDARD` option is selected by default if no value is specified.\n\n> Updating *ScalingMode* doesn't require a replacement if you're updating its value from `STANDARD` to `MANAGED` . However, updating *ScalingMode* from `MANAGED` to `STANDARD` is not supported.", + "Tags": "An object that defines the tags (keys and values) that you want to associate with the pool." + }, + "AWS::SES::DedicatedIpPool Tag": { + "Key": "", + "Value": "" }, "AWS::SES::EmailIdentity": { "ConfigurationSetAttributes": "Used to associate a configuration set with an email identity.", @@ -46173,7 +46986,8 @@ "DkimSigningAttributes": "If your request includes this object, Amazon SES configures the identity to use Bring Your Own DKIM (BYODKIM) for DKIM authentication purposes, or, configures the key length to be used for [Easy DKIM](https://docs.aws.amazon.com/ses/latest/DeveloperGuide/easy-dkim.html) .\n\nYou can only specify this object if the email identity is a domain, as opposed to an address.", "EmailIdentity": "The email address or domain to verify.", "FeedbackAttributes": "Used to enable or disable feedback forwarding for an identity.", - "MailFromAttributes": "Used to enable or disable the custom Mail-From domain configuration for an email identity." + "MailFromAttributes": "Used to enable or disable the custom Mail-From domain configuration for an email identity.", + "Tags": "An array of objects that define the tags (keys and values) to associate with the email identity." }, "AWS::SES::EmailIdentity ConfigurationSetAttributes": { "ConfigurationSetName": "The configuration set to associate with an email identity." @@ -46193,6 +47007,10 @@ "BehaviorOnMxFailure": "The action to take if the required MX record isn't found when you send an email. When you set this value to `USE_DEFAULT_VALUE` , the mail is sent using *amazonses.com* as the MAIL FROM domain. When you set this value to `REJECT_MESSAGE` , the Amazon SES API v2 returns a `MailFromDomainNotVerified` error, and doesn't attempt to deliver the email.\n\nThese behaviors are taken when the custom MAIL FROM domain configuration is in the `Pending` , `Failed` , and `TemporaryFailure` states.\n\nValid Values: `USE_DEFAULT_VALUE | REJECT_MESSAGE`", "MailFromDomain": "The custom MAIL FROM domain that you want the verified identity to use. The MAIL FROM domain must meet the following criteria:\n\n- It has to be a subdomain of the verified identity.\n- It can't be used to receive email.\n- It can't be used in a \"From\" address if the MAIL FROM domain is a destination for feedback forwarding emails." }, + "AWS::SES::EmailIdentity Tag": { + "Key": "", + "Value": "" + }, "AWS::SES::MailManagerAddonInstance": { "AddonSubscriptionId": "The subscription ID for the instance.", "Tags": "The tags used to organize, track, or control access for the resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }." @@ -46662,7 +47480,7 @@ "CalendarNames": "The names or Amazon Resource Names (ARNs) of the Change Calendar type documents your associations are gated under. The associations only run when that Change Calendar is open. For more information, see [AWS Systems Manager Change Calendar](https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-change-calendar) in the *AWS Systems Manager User Guide* .", "ComplianceSeverity": "The severity level that is assigned to the association.", "DocumentVersion": "The version of the SSM document to associate with the target.\n\n> Note the following important information.\n> \n> - State Manager doesn't support running associations that use a new version of a document if that document is shared from another account. State Manager always runs the `default` version of a document if shared from another account, even though the Systems Manager console shows that a new version was processed. If you want to run an association using a new version of a document shared form another account, you must set the document version to `default` .\n> - `DocumentVersion` is not valid for documents owned by AWS , such as `AWS-RunPatchBaseline` or `AWS-UpdateSSMAgent` . If you specify `DocumentVersion` for an AWS document, the system returns the following error: \"Error occurred during operation 'CreateAssociation'.\" (RequestToken: , HandlerErrorCode: GeneralServiceException).", - "InstanceId": "The ID of the instance that the SSM document is associated with. You must specify the `InstanceId` or `Targets` property.\n\n> `InstanceId` has been deprecated. To specify an instance ID for an association, use the `Targets` parameter. If you use the parameter `InstanceId` , you cannot use the parameters `AssociationName` , `DocumentVersion` , `MaxErrors` , `MaxConcurrency` , `OutputLocation` , or `ScheduleExpression` . To use these parameters, you must use the `Targets` parameter.", + "InstanceId": "> `InstanceId` has been deprecated. To specify an instance ID for an association, use the `Targets` parameter. If you use the parameter `InstanceId` , you cannot use the parameters `AssociationName` , `DocumentVersion` , `MaxErrors` , `MaxConcurrency` , `OutputLocation` , or `ScheduleExpression` . To use these parameters, you must use the `Targets` parameter.\n> \n> Note that in some examples later in this page, `InstanceIds` is used as the tag-key name in a `Targets` filter. `InstanceId` is not used as a parameter. \n\nThe ID of the instance that the SSM document is associated with. You must specify the `InstanceId` or `Targets` property.", "MaxConcurrency": "The maximum number of targets allowed to run the association at the same time. You can specify a number, for example 10, or a percentage of the target set, for example 10%. The default value is 100%, which means all targets run the association at the same time.\n\nIf a new managed node starts and attempts to run an association while Systems Manager is running `MaxConcurrency` associations, the association is allowed to run. During the next association interval, the new managed node will process its association within the limit specified for `MaxConcurrency` .", "MaxErrors": "The number of errors that are allowed before the system stops sending requests to run the association on additional targets. You can specify either an absolute number of errors, for example 10, or a percentage of the target set, for example 10%. If you specify 3, for example, the system stops sending requests when the fourth error is received. If you specify 0, then the system stops sending requests after the first error is returned. If you run an association on 50 managed nodes and set `MaxError` to 10%, then the system stops sending the request when the sixth error is received.\n\nExecutions that are already running an association when `MaxErrors` is reached are allowed to complete, but some of these executions may fail as well. If you need to ensure that there won't be more than max-errors failed executions, set `MaxConcurrency` to 1 so that executions proceed one at a time.", "Name": "The name of the SSM document that contains the configuration information for the instance. You can specify `Command` or `Automation` documents. The documents can be AWS -predefined documents, documents you created, or a document that is shared with you from another account. For SSM documents that are shared with you from other AWS accounts , you must specify the complete SSM document ARN, in the following format:\n\n`arn:partition:ssm:region:account-id:document/document-name`\n\nFor example: `arn:aws:ssm:us-east-2:12345678912:document/My-Shared-Document`\n\nFor AWS -predefined documents and SSM documents you created in your account, you only need to specify the document name. For example, `AWS -ApplyPatchBaseline` or `My-Document` .", @@ -46743,7 +47561,7 @@ "AWS::SSM::MaintenanceWindowTask": { "CutoffBehavior": "The specification for whether tasks should continue to run after the cutoff time specified in the maintenance windows is reached.", "Description": "A description of the task.", - "LoggingInfo": "Information about an Amazon S3 bucket to write Run Command task-level logs to.\n\n> `LoggingInfo` has been deprecated. To specify an Amazon S3 bucket to contain logs for Run Command tasks, instead use the `OutputS3BucketName` and `OutputS3KeyPrefix` options in the `TaskInvocationParameters` structure. For information about how Systems Manager handles these options for the supported maintenance window task types, see [AWS ::SSM::MaintenanceWindowTask MaintenanceWindowRunCommandParameters](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-maintenancewindowtask-maintenancewindowruncommandparameters.html) .", + "LoggingInfo": "> `LoggingInfo` has been deprecated. To specify an Amazon S3 bucket to contain logs for Run Command tasks, instead use the `OutputS3BucketName` and `OutputS3KeyPrefix` options in the `TaskInvocationParameters` structure. For information about how Systems Manager handles these options for the supported maintenance window task types, see [AWS ::SSM::MaintenanceWindowTask MaintenanceWindowRunCommandParameters](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-maintenancewindowtask-maintenancewindowruncommandparameters.html) . \n\nInformation about an Amazon S3 bucket to write Run Command task-level logs to.", "MaxConcurrency": "The maximum number of targets this task can be run for, in parallel.\n\n> Although this element is listed as \"Required: No\", a value can be omitted only when you are registering or updating a [targetless task](https://docs.aws.amazon.com/systems-manager/latest/userguide/maintenance-windows-targetless-tasks.html) You must provide a value in all other cases.\n> \n> For maintenance window tasks without a target specified, you can't supply a value for this option. Instead, the system inserts a placeholder value of `1` . This value doesn't affect the running of your task.", "MaxErrors": "The maximum number of errors allowed before this task stops being scheduled.\n\n> Although this element is listed as \"Required: No\", a value can be omitted only when you are registering or updating a [targetless task](https://docs.aws.amazon.com/systems-manager/latest/userguide/maintenance-windows-targetless-tasks.html) You must provide a value in all other cases.\n> \n> For maintenance window tasks without a target specified, you can't supply a value for this option. Instead, the system inserts a placeholder value of `1` . This value doesn't affect the running of your task.", "Name": "The task name.", @@ -46752,7 +47570,7 @@ "Targets": "The targets, either instances or window target IDs.\n\n- Specify instances using `Key=InstanceIds,Values= *instanceid1* , *instanceid2*` .\n- Specify window target IDs using `Key=WindowTargetIds,Values= *window-target-id-1* , *window-target-id-2*` .", "TaskArn": "The resource that the task uses during execution.\n\nFor `RUN_COMMAND` and `AUTOMATION` task types, `TaskArn` is the SSM document name or Amazon Resource Name (ARN).\n\nFor `LAMBDA` tasks, `TaskArn` is the function name or ARN.\n\nFor `STEP_FUNCTIONS` tasks, `TaskArn` is the state machine ARN.", "TaskInvocationParameters": "The parameters to pass to the task when it runs. Populate only the fields that match the task type. All other fields should be empty.\n\n> When you update a maintenance window task that has options specified in `TaskInvocationParameters` , you must provide again all the `TaskInvocationParameters` values that you want to retain. The values you do not specify again are removed. For example, suppose that when you registered a Run Command task, you specified `TaskInvocationParameters` values for `Comment` , `NotificationConfig` , and `OutputS3BucketName` . If you update the maintenance window task and specify only a different `OutputS3BucketName` value, the values for `Comment` and `NotificationConfig` are removed.", - "TaskParameters": "The parameters to pass to the task when it runs.\n\n> `TaskParameters` has been deprecated. To specify parameters to pass to a task when it runs, instead use the `Parameters` option in the `TaskInvocationParameters` structure. For information about how Systems Manager handles these options for the supported maintenance window task types, see [MaintenanceWindowTaskInvocationParameters](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_MaintenanceWindowTaskInvocationParameters.html) .", + "TaskParameters": "> `TaskParameters` has been deprecated. To specify parameters to pass to a task when it runs, instead use the `Parameters` option in the `TaskInvocationParameters` structure. For information about how Systems Manager handles these options for the supported maintenance window task types, see [MaintenanceWindowTaskInvocationParameters](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_MaintenanceWindowTaskInvocationParameters.html) . \n\nThe parameters to pass to the task when it runs.", "TaskType": "The type of task. Valid values: `RUN_COMMAND` , `AUTOMATION` , `LAMBDA` , `STEP_FUNCTIONS` .", "WindowId": "The ID of the maintenance window where the task is registered." }, @@ -46810,7 +47628,7 @@ "AllowedPattern": "A regular expression used to validate the parameter value. For example, for `String` types with values restricted to numbers, you can specify the following: `AllowedPattern=^\\d+$`", "DataType": "The data type of the parameter, such as `text` or `aws:ec2:image` . The default is `text` .", "Description": "Information about the parameter.", - "Name": "The name of the parameter.\n\n> The maximum length constraint listed below includes capacity for additional system attributes that aren't part of the name. The maximum length for a parameter name, including the full length of the parameter Amazon Resource Name (ARN), is 1011 characters. For example, the length of the following parameter name is 65 characters, not 20 characters: `arn:aws:ssm:us-east-2:111222333444:parameter/ExampleParameterName`", + "Name": "The name of the parameter.\n\n> The reported maximum length of 2048 characters for a parameter name includes 1037 characters that are reserved for internal use by Systems Manager . The maximum length for a parameter name that you specify is 1011 characters.\n> \n> This count of 1011 characters includes the characters in the ARN that precede the name you specify. This ARN length will vary depending on your partition and Region. For example, the following 45 characters count toward the 1011 character maximum for a parameter created in the US East (Ohio) Region: `arn:aws:ssm:us-east-2:111122223333:parameter/` .", "Policies": "Information about the policies assigned to a parameter.\n\n[Assigning parameter policies](https://docs.aws.amazon.com/systems-manager/latest/userguide/parameter-store-policies.html) in the *AWS Systems Manager User Guide* .", "Tags": "Optional metadata that you assign to a resource in the form of an arbitrary set of tags (key-value pairs). Tags enable you to categorize a resource in different ways, such as by purpose, owner, or environment. For example, you might want to tag a Systems Manager parameter to identify the type of resource to which it applies, the environment, or the type of configuration data referenced by the parameter.", "Tier": "The parameter tier.", @@ -46822,6 +47640,7 @@ "ApprovedPatches": "A list of explicitly approved patches for the baseline.\n\nFor information about accepted formats for lists of approved patches and rejected patches, see [Package name formats for approved and rejected patch lists](https://docs.aws.amazon.com/systems-manager/latest/userguide/patch-manager-approved-rejected-package-name-formats.html) in the *AWS Systems Manager User Guide* .", "ApprovedPatchesComplianceLevel": "Defines the compliance level for approved patches. When an approved patch is reported as missing, this value describes the severity of the compliance violation. The default value is `UNSPECIFIED` .", "ApprovedPatchesEnableNonSecurity": "Indicates whether the list of approved patches includes non-security updates that should be applied to the managed nodes. The default value is `false` . Applies to Linux managed nodes only.", + "AvailableSecurityUpdatesComplianceStatus": "", "DefaultBaseline": "Indicates whether this is the default baseline. AWS Systems Manager supports creating multiple default patch baselines. For example, you can create a default patch baseline for each operating system.", "Description": "A description of the patch baseline.", "GlobalFilters": "A set of global filters used to include patches in the baseline.\n\n> The `GlobalFilters` parameter can be configured only by using the AWS CLI or an AWS SDK. It can't be configured from the Patch Manager console, and its value isn't displayed in the console.", @@ -46841,7 +47660,7 @@ "PatchFilters": "The set of patch filters that make up the group." }, "AWS::SSM::PatchBaseline PatchSource": { - "Configuration": "The value of the yum repo configuration. For example:\n\n`[main]`\n\n`name=MyCustomRepository`\n\n`baseurl=https://my-custom-repository`\n\n`enabled=1`\n\n> For information about other options available for your yum repository configuration, see [dnf.conf(5)](https://docs.aws.amazon.com/https://man7.org/linux/man-pages/man5/dnf.conf.5.html) .", + "Configuration": "The value of the repo configuration.\n\n*Example for yum repositories*\n\n`[main]`\n\n`name=MyCustomRepository`\n\n`baseurl=https://my-custom-repository`\n\n`enabled=1`\n\nFor information about other options available for your yum repository configuration, see [dnf.conf(5)](https://docs.aws.amazon.com/https://man7.org/linux/man-pages/man5/dnf.conf.5.html) on the *man7.org* website.\n\n*Examples for Ubuntu Server and Debian Server*\n\n`deb http://security.ubuntu.com/ubuntu jammy main`\n\n`deb https://site.example.com/debian distribution component1 component2 component3`\n\nRepo information for Ubuntu Server repositories must be specifed in a single line. For more examples and information, see [jammy (5) sources.list.5.gz](https://docs.aws.amazon.com/https://manpages.ubuntu.com/manpages/jammy/man5/sources.list.5.html) on the *Ubuntu Server Manuals* website and [sources.list format](https://docs.aws.amazon.com/https://wiki.debian.org/SourcesList#sources.list_format) on the *Debian Wiki* .", "Name": "The name specified to identify the patch source.", "Products": "The specific operating system versions a patch repository applies to, such as \"Ubuntu16.04\", \"RedhatEnterpriseLinux7.2\" or \"Suse12.7\". For lists of supported product values, see [PatchFilter](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_PatchFilter.html) in the *AWS Systems Manager API Reference* ." }, @@ -47445,7 +48264,8 @@ }, "AWS::SageMaker::Domain CustomFileSystemConfig": { "EFSFileSystemConfig": "The settings for a custom Amazon EFS file system.", - "FSxLustreFileSystemConfig": "The settings for a custom Amazon FSx for Lustre file system." + "FSxLustreFileSystemConfig": "The settings for a custom Amazon FSx for Lustre file system.", + "S3FileSystemConfig": "Configuration settings for a custom Amazon S3 file system." }, "AWS::SageMaker::Domain CustomImage": { "AppImageConfigName": "The name of the AppImageConfig.", @@ -47481,7 +48301,8 @@ "DockerSettings": "A collection of settings that configure the domain's Docker interaction.", "ExecutionRoleIdentityConfig": "The configuration for attaching a SageMaker AI user profile name to the execution role as a [sts:SourceIdentity key](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_monitor.html) .", "RStudioServerProDomainSettings": "A collection of settings that configure the `RStudioServerPro` Domain-level app.", - "SecurityGroupIds": "The security groups for the Amazon Virtual Private Cloud that the `Domain` uses for communication between Domain-level apps and user apps." + "SecurityGroupIds": "The security groups for the Amazon Virtual Private Cloud that the `Domain` uses for communication between Domain-level apps and user apps.", + "UnifiedStudioSettings": "The settings that apply to an SageMaker AI domain when you use it in Amazon SageMaker Unified Studio." }, "AWS::SageMaker::Domain EFSFileSystemConfig": { "FileSystemId": "The ID of your Amazon EFS file system.", @@ -47538,6 +48359,10 @@ "SageMakerImageArn": "The ARN of the SageMaker AI image that the image version belongs to.", "SageMakerImageVersionArn": "The ARN of the image version created on the instance. To clear the value set for `SageMakerImageVersionArn` , pass `None` as the value." }, + "AWS::SageMaker::Domain S3FileSystemConfig": { + "MountPath": "The file system path where the Amazon S3 storage location will be mounted within the Amazon SageMaker Studio environment.", + "S3Uri": "The Amazon S3 URI of the S3 file system configuration." + }, "AWS::SageMaker::Domain SharingSettings": { "NotebookOutputOption": "Whether to include the notebook cell output when sharing the notebook. The default is `Disabled` .", "S3KmsKeyId": "When `NotebookOutputOption` is `Allowed` , the AWS Key Management Service (KMS) encryption key ID used to encrypt the notebook cell output in the Amazon S3 bucket.", @@ -47553,6 +48378,16 @@ "Key": "The tag key. Tag keys must be unique per resource.", "Value": "The tag value." }, + "AWS::SageMaker::Domain UnifiedStudioSettings": { + "DomainAccountId": "The ID of the AWS account that has the Amazon SageMaker Unified Studio domain. The default value, if you don't specify an ID, is the ID of the account that has the Amazon SageMaker AI domain.", + "DomainId": "The ID of the Amazon SageMaker Unified Studio domain associated with this domain.", + "DomainRegion": "The AWS Region where the domain is located in Amazon SageMaker Unified Studio. The default value, if you don't specify a Region, is the Region where the Amazon SageMaker AI domain is located.", + "EnvironmentId": "The ID of the environment that Amazon SageMaker Unified Studio associates with the domain.", + "ProjectId": "The ID of the Amazon SageMaker Unified Studio project that corresponds to the domain.", + "ProjectS3Path": "The location where Amazon S3 stores temporary execution data and other artifacts for the project that corresponds to the domain.", + "SingleSignOnApplicationArn": "The ARN of the application managed by SageMaker AI and SageMaker Unified Studio in the AWS IAM Identity Center.", + "StudioWebPortalAccess": "Sets whether you can access the domain in Amazon SageMaker Studio:\n\n- **ENABLED** - You can access the domain in Amazon SageMaker Studio. If you migrate the domain to Amazon SageMaker Unified Studio, you can access it in both studio interfaces.\n- **DISABLED** - You can't access the domain in Amazon SageMaker Studio. If you migrate the domain to Amazon SageMaker Unified Studio, you can access it only in that studio interface.\n\nTo migrate a domain to Amazon SageMaker Unified Studio, you specify the UnifiedStudioSettings data type when you use the UpdateDomain action." + }, "AWS::SageMaker::Domain UserSettings": { "AutoMountHomeEFS": "Indicates whether auto-mounting of an EFS volume is supported for the user profile. The `DefaultAsDomain` value is only supported for user profiles. Do not use the `DefaultAsDomain` value when setting this parameter for a domain.\n\nSageMaker applies this setting only to private spaces that the user creates in the domain. SageMaker doesn't apply this setting to shared spaces.", "CodeEditorAppSettings": "The Code Editor application settings.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", @@ -47985,7 +48820,7 @@ "CompressionType": "", "HubAccessConfig": "The configuration for a private hub model reference that points to a SageMaker JumpStart public hub model.", "ModelAccessConfig": "", - "S3DataType": "If you choose `S3Prefix` , `S3Uri` identifies a key name prefix. SageMaker uses all objects that match the specified key name prefix for model training.\n\nIf you choose `ManifestFile` , `S3Uri` identifies an object that is a manifest file containing a list of object keys that you want SageMaker to use for model training.\n\nIf you choose `AugmentedManifestFile` , `S3Uri` identifies an object that is an augmented manifest file in JSON lines format. This file contains the data you want to use for model training. `AugmentedManifestFile` can only be used if the Channel's input mode is `Pipe` .", + "S3DataType": "If you choose `S3Prefix` , `S3Uri` identifies a key name prefix. SageMaker uses all objects that match the specified key name prefix for model training.\n\nIf you choose `ManifestFile` , `S3Uri` identifies an object that is a manifest file containing a list of object keys that you want SageMaker to use for model training.\n\nIf you choose `AugmentedManifestFile` , `S3Uri` identifies an object that is an augmented manifest file in JSON lines format. This file contains the data you want to use for model training. `AugmentedManifestFile` can only be used if the Channel's input mode is `Pipe` .\n\nIf you choose `Converse` , `S3Uri` identifies an Amazon S3 location that contains data formatted according to Converse format. This format structures conversational messages with specific roles and content types used for training and fine-tuning foundational models.", "S3Uri": "Depending on the value specified for the `S3DataType` , identifies either a key name prefix or a manifest. For example:\n\n- A key name prefix might look like this: `s3://bucketname/exampleprefix/`\n- A manifest might look like this: `s3://bucketname/example.manifest`\n\nA manifest is an S3 object which is a JSON file consisting of an array of elements. The first element is a prefix which is followed by one or more suffixes. SageMaker appends the suffix elements to the prefix to get a full set of `S3Uri` . Note that the prefix must be a valid non-empty `S3Uri` that precludes users from specifying a manifest whose individual `S3Uri` is sourced from different S3 buckets.\n\nThe following code example shows a valid manifest format:\n\n`[ {\"prefix\": \"s3://customer_bucket/some/prefix/\"},`\n\n`\"relative/path/to/custdata-1\",`\n\n`\"relative/path/custdata-2\",`\n\n`...`\n\n`\"relative/path/custdata-N\"`\n\n`]`\n\nThis JSON is equivalent to the following `S3Uri` list:\n\n`s3://customer_bucket/some/prefix/relative/path/to/custdata-1`\n\n`s3://customer_bucket/some/prefix/relative/path/custdata-2`\n\n`...`\n\n`s3://customer_bucket/some/prefix/relative/path/custdata-N`\n\nThe complete set of `S3Uri` in this manifest is the input data for the channel for this data source. The object that each `S3Uri` points to must be readable by the IAM role that SageMaker uses to perform tasks on your behalf.\n\nYour input bucket must be located in same AWS region as your training job." }, "AWS::SageMaker::Model Tag": { @@ -48491,7 +49326,7 @@ "Statistics": "Model quality statistics." }, "AWS::SageMaker::ModelPackage S3DataSource": { - "S3DataType": "If you choose `S3Prefix` , `S3Uri` identifies a key name prefix. SageMaker uses all objects that match the specified key name prefix for model training.\n\nIf you choose `ManifestFile` , `S3Uri` identifies an object that is a manifest file containing a list of object keys that you want SageMaker to use for model training.\n\nIf you choose `AugmentedManifestFile` , `S3Uri` identifies an object that is an augmented manifest file in JSON lines format. This file contains the data you want to use for model training. `AugmentedManifestFile` can only be used if the Channel's input mode is `Pipe` .", + "S3DataType": "If you choose `S3Prefix` , `S3Uri` identifies a key name prefix. SageMaker uses all objects that match the specified key name prefix for model training.\n\nIf you choose `ManifestFile` , `S3Uri` identifies an object that is a manifest file containing a list of object keys that you want SageMaker to use for model training.\n\nIf you choose `AugmentedManifestFile` , `S3Uri` identifies an object that is an augmented manifest file in JSON lines format. This file contains the data you want to use for model training. `AugmentedManifestFile` can only be used if the Channel's input mode is `Pipe` .\n\nIf you choose `Converse` , `S3Uri` identifies an Amazon S3 location that contains data formatted according to Converse format. This format structures conversational messages with specific roles and content types used for training and fine-tuning foundational models.", "S3Uri": "Depending on the value specified for the `S3DataType` , identifies either a key name prefix or a manifest. For example:\n\n- A key name prefix might look like this: `s3://bucketname/exampleprefix/`\n- A manifest might look like this: `s3://bucketname/example.manifest`\n\nA manifest is an S3 object which is a JSON file consisting of an array of elements. The first element is a prefix which is followed by one or more suffixes. SageMaker appends the suffix elements to the prefix to get a full set of `S3Uri` . Note that the prefix must be a valid non-empty `S3Uri` that precludes users from specifying a manifest whose individual `S3Uri` is sourced from different S3 buckets.\n\nThe following code example shows a valid manifest format:\n\n`[ {\"prefix\": \"s3://customer_bucket/some/prefix/\"},`\n\n`\"relative/path/to/custdata-1\",`\n\n`\"relative/path/custdata-2\",`\n\n`...`\n\n`\"relative/path/custdata-N\"`\n\n`]`\n\nThis JSON is equivalent to the following `S3Uri` list:\n\n`s3://customer_bucket/some/prefix/relative/path/to/custdata-1`\n\n`s3://customer_bucket/some/prefix/relative/path/custdata-2`\n\n`...`\n\n`s3://customer_bucket/some/prefix/relative/path/custdata-N`\n\nThe complete set of `S3Uri` in this manifest is the input data for the channel for this data source. The object that each `S3Uri` points to must be readable by the IAM role that SageMaker uses to perform tasks on your behalf.\n\nYour input bucket must be located in same AWS region as your training job." }, "AWS::SageMaker::ModelPackage S3ModelDataSource": { @@ -48878,7 +49713,18 @@ "ProjectName": "The name of the project.", "ServiceCatalogProvisionedProductDetails": "Details of a provisioned service catalog product. For information about service catalog, see [What is AWS Service Catalog](https://docs.aws.amazon.com/servicecatalog/latest/adminguide/introduction.html) .", "ServiceCatalogProvisioningDetails": "The product ID and provisioning artifact ID to provision a service catalog. For information, see [What is AWS Service Catalog](https://docs.aws.amazon.com/servicecatalog/latest/adminguide/introduction.html) .", - "Tags": "A list of key-value pairs to apply to this resource.\n\nFor more information, see [Resource Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) and [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html#allocation-what) in the *AWS Billing and Cost Management User Guide* ." + "Tags": "A list of key-value pairs to apply to this resource.\n\nFor more information, see [Resource Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) and [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html#allocation-what) in the *AWS Billing and Cost Management User Guide* .", + "TemplateProviderDetails": "An array of template providers associated with the project." + }, + "AWS::SageMaker::Project CfnStackParameter": { + "Key": "The name of the CloudFormation parameter.", + "Value": "The value of the CloudFormation parameter." + }, + "AWS::SageMaker::Project CfnTemplateProviderDetail": { + "Parameters": "An array of CloudFormation stack parameters.", + "RoleARN": "The IAM role used by CloudFormation to create the stack.", + "TemplateName": "The unique identifier of the template within the project.", + "TemplateURL": "The Amazon S3 URL of the CloudFormation template." }, "AWS::SageMaker::Project ProvisioningParameter": { "Key": "The key that identifies a provisioning parameter.", @@ -48898,6 +49744,9 @@ "Key": "The tag key. Tag keys must be unique per resource.", "Value": "The tag value." }, + "AWS::SageMaker::Project TemplateProviderDetail": { + "CfnTemplateProviderDetail": "Details about a CloudFormation template provider configuration and associated provisioning information." + }, "AWS::SageMaker::Space": { "DomainId": "The ID of the associated domain.", "OwnershipSettings": "The collection of ownership settings for a space.", @@ -48912,7 +49761,8 @@ }, "AWS::SageMaker::Space CustomFileSystem": { "EFSFileSystem": "A custom file system in Amazon EFS.", - "FSxLustreFileSystem": "A custom file system in Amazon FSx for Lustre." + "FSxLustreFileSystem": "A custom file system in Amazon FSx for Lustre.", + "S3FileSystem": "A custom file system in Amazon S3. This is only supported in Amazon SageMaker Unified Studio." }, "AWS::SageMaker::Space CustomImage": { "AppImageConfigName": "The name of the AppImageConfig.", @@ -48946,6 +49796,9 @@ "SageMakerImageArn": "The ARN of the SageMaker AI image that the image version belongs to.", "SageMakerImageVersionArn": "The ARN of the image version created on the instance. To clear the value set for `SageMakerImageVersionArn` , pass `None` as the value." }, + "AWS::SageMaker::Space S3FileSystem": { + "S3Uri": "The Amazon S3 URI that specifies the location in S3 where files are stored, which is mounted within the Studio environment. For example: `s3:////` ." + }, "AWS::SageMaker::Space SpaceAppLifecycleManagement": { "IdleSettings": "Settings related to idle shutdown of Studio applications." }, @@ -48968,6 +49821,8 @@ "JupyterLabAppSettings": "The settings for the JupyterLab application.", "JupyterServerAppSettings": "The JupyterServer app settings.", "KernelGatewayAppSettings": "The KernelGateway app settings.", + "RemoteAccess": "A setting that enables or disables remote access for a SageMaker space. When enabled, this allows you to connect to the remote space from your local IDE.", + "SpaceManagedResources": "If you enable this option, SageMaker AI creates the following resources on your behalf when you create the space:\n\n- The user profile that possesses the space.\n- The app that the space contains.", "SpaceStorageSettings": "The storage settings for a space." }, "AWS::SageMaker::Space SpaceSharingSettings": { @@ -49013,7 +49868,8 @@ }, "AWS::SageMaker::UserProfile CustomFileSystemConfig": { "EFSFileSystemConfig": "The settings for a custom Amazon EFS file system.", - "FSxLustreFileSystemConfig": "The settings for a custom Amazon FSx for Lustre file system." + "FSxLustreFileSystemConfig": "The settings for a custom Amazon FSx for Lustre file system.", + "S3FileSystemConfig": "Configuration settings for a custom Amazon S3 file system." }, "AWS::SageMaker::UserProfile CustomImage": { "AppImageConfigName": "The name of the AppImageConfig.", @@ -49076,6 +49932,10 @@ "SageMakerImageArn": "The ARN of the SageMaker AI image that the image version belongs to.", "SageMakerImageVersionArn": "The ARN of the image version created on the instance. To clear the value set for `SageMakerImageVersionArn` , pass `None` as the value." }, + "AWS::SageMaker::UserProfile S3FileSystemConfig": { + "MountPath": "The file system path where the Amazon S3 storage location will be mounted within the Amazon SageMaker Studio environment.", + "S3Uri": "The Amazon S3 URI of the S3 file system configuration." + }, "AWS::SageMaker::UserProfile SharingSettings": { "NotebookOutputOption": "Whether to include the notebook cell output when sharing the notebook. The default is `Disabled` .", "S3KmsKeyId": "When `NotebookOutputOption` is `Allowed` , the AWS Key Management Service (KMS) encryption key ID used to encrypt the notebook cell output in the Amazon S3 bucket.", @@ -49297,6 +50157,11 @@ "TargetId": "The ID of the database or cluster.", "TargetType": "A string that defines the type of service or database associated with the secret. This value instructs Secrets Manager how to update the secret with the details of the service or database. This value must be one of the following:\n\n- AWS::RDS::DBInstance\n- AWS::RDS::DBCluster\n- AWS::Redshift::Cluster\n- AWS::RedshiftServerless::Namespace\n- AWS::DocDB::DBInstance\n- AWS::DocDB::DBCluster\n- AWS::DocDBElastic::Cluster" }, + "AWS::SecurityHub::AggregatorV2": { + "LinkedRegions": "The list of Regions that are linked to the aggregation Region.", + "RegionLinkingMode": "Determines how Regions are linked to an Aggregator V2.", + "Tags": "A list of key-value pairs to be applied to the AggregatorV2." + }, "AWS::SecurityHub::AutomationRule": { "Actions": "One or more actions to update finding fields if a finding matches the conditions specified in `Criteria` .", "Criteria": "A set of [AWS Security Finding Format (ASFF)](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format.html) finding field attributes and corresponding expected values that Security Hub uses to filter findings. If a rule is enabled and a finding matches the criteria specified in this parameter, Security Hub applies the rule action to the finding.", @@ -49392,12 +50257,95 @@ "Product": "The native severity as defined by the AWS service or integrated partner product that generated the finding." }, "AWS::SecurityHub::AutomationRule StringFilter": { - "Comparison": "The condition to apply to a string value when filtering Security Hub findings.\n\nTo search for values that have the filter value, use one of the following comparison operators:\n\n- To search for values that include the filter value, use `CONTAINS` . For example, the filter `Title CONTAINS CloudFront` matches findings that have a `Title` that includes the string CloudFront.\n- To search for values that exactly match the filter value, use `EQUALS` . For example, the filter `AwsAccountId EQUALS 123456789012` only matches findings that have an account ID of `123456789012` .\n- To search for values that start with the filter value, use `PREFIX` . For example, the filter `ResourceRegion PREFIX us` matches findings that have a `ResourceRegion` that starts with `us` . A `ResourceRegion` that starts with a different value, such as `af` , `ap` , or `ca` , doesn't match.\n\n`CONTAINS` , `EQUALS` , and `PREFIX` filters on the same field are joined by `OR` . A finding matches if it matches any one of those filters. For example, the filters `Title CONTAINS CloudFront OR Title CONTAINS CloudWatch` match a finding that includes either `CloudFront` , `CloudWatch` , or both strings in the title.\n\nTo search for values that don\u2019t have the filter value, use one of the following comparison operators:\n\n- To search for values that exclude the filter value, use `NOT_CONTAINS` . For example, the filter `Title NOT_CONTAINS CloudFront` matches findings that have a `Title` that excludes the string CloudFront.\n- To search for values other than the filter value, use `NOT_EQUALS` . For example, the filter `AwsAccountId NOT_EQUALS 123456789012` only matches findings that have an account ID other than `123456789012` .\n- To search for values that don't start with the filter value, use `PREFIX_NOT_EQUALS` . For example, the filter `ResourceRegion PREFIX_NOT_EQUALS us` matches findings with a `ResourceRegion` that starts with a value other than `us` .\n\n`NOT_CONTAINS` , `NOT_EQUALS` , and `PREFIX_NOT_EQUALS` filters on the same field are joined by `AND` . A finding matches only if it matches all of those filters. For example, the filters `Title NOT_CONTAINS CloudFront AND Title NOT_CONTAINS CloudWatch` match a finding that excludes both `CloudFront` and `CloudWatch` in the title.\n\nYou can\u2019t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can't provide both an `EQUALS` filter and a `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filter on the same field. Combining filters in this way returns an error. `CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters.\n\nYou can combine `PREFIX` filters with `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters for the same field. Security Hub first processes the `PREFIX` filters, and then the `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters.\n\nFor example, for the following filters, Security Hub first identifies findings that have resource types that start with either `AwsIam` or `AwsEc2` . It then excludes findings that have a resource type of `AwsIamPolicy` and findings that have a resource type of `AwsEc2NetworkInterface` .\n\n- `ResourceType PREFIX AwsIam`\n- `ResourceType PREFIX AwsEc2`\n- `ResourceType NOT_EQUALS AwsIamPolicy`\n- `ResourceType NOT_EQUALS AwsEc2NetworkInterface`\n\n`CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* .", + "Comparison": "The condition to apply to a string value when filtering Security Hub findings.\n\nTo search for values that have the filter value, use one of the following comparison operators:\n\n- To search for values that include the filter value, use `CONTAINS` . For example, the filter `Title CONTAINS CloudFront` matches findings that have a `Title` that includes the string CloudFront.\n- To search for values that exactly match the filter value, use `EQUALS` . For example, the filter `AwsAccountId EQUALS 123456789012` only matches findings that have an account ID of `123456789012` .\n- To search for values that start with the filter value, use `PREFIX` . For example, the filter `ResourceRegion PREFIX us` matches findings that have a `ResourceRegion` that starts with `us` . A `ResourceRegion` that starts with a different value, such as `af` , `ap` , or `ca` , doesn't match.\n\n`CONTAINS` , `EQUALS` , and `PREFIX` filters on the same field are joined by `OR` . A finding matches if it matches any one of those filters. For example, the filters `Title CONTAINS CloudFront OR Title CONTAINS CloudWatch` match a finding that includes either `CloudFront` , `CloudWatch` , or both strings in the title.\n\nTo search for values that don\u2019t have the filter value, use one of the following comparison operators:\n\n- To search for values that exclude the filter value, use `NOT_CONTAINS` . For example, the filter `Title NOT_CONTAINS CloudFront` matches findings that have a `Title` that excludes the string CloudFront.\n- To search for values other than the filter value, use `NOT_EQUALS` . For example, the filter `AwsAccountId NOT_EQUALS 123456789012` only matches findings that have an account ID other than `123456789012` .\n- To search for values that don't start with the filter value, use `PREFIX_NOT_EQUALS` . For example, the filter `ResourceRegion PREFIX_NOT_EQUALS us` matches findings with a `ResourceRegion` that starts with a value other than `us` .\n\n`NOT_CONTAINS` , `NOT_EQUALS` , and `PREFIX_NOT_EQUALS` filters on the same field are joined by `AND` . A finding matches only if it matches all of those filters. For example, the filters `Title NOT_CONTAINS CloudFront AND Title NOT_CONTAINS CloudWatch` match a finding that excludes both `CloudFront` and `CloudWatch` in the title.\n\nYou can\u2019t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can't provide both an `EQUALS` filter and a `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filter on the same field. Combining filters in this way returns an error. `CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters.\n\nYou can combine `PREFIX` filters with `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters for the same field. Security Hub first processes the `PREFIX` filters, and then the `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters.\n\nFor example, for the following filters, Security Hub first identifies findings that have resource types that start with either `AwsIam` or `AwsEc2` . It then excludes findings that have a resource type of `AwsIamPolicy` and findings that have a resource type of `AwsEc2NetworkInterface` .\n\n- `ResourceType PREFIX AwsIam`\n- `ResourceType PREFIX AwsEc2`\n- `ResourceType NOT_EQUALS AwsIamPolicy`\n- `ResourceType NOT_EQUALS AwsEc2NetworkInterface`\n\n`CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules V1. `CONTAINS_WORD` operator is only supported in `GetFindingsV2` , `GetFindingStatisticsV2` , `GetResourcesV2` , and `GetResourceStatisticsV2` APIs. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* .", "Value": "The string filter value. Filter values are case sensitive. For example, the product name for control-based findings is `Security Hub` . If you provide `security hub` as the filter value, there's no match." }, "AWS::SecurityHub::AutomationRule WorkflowUpdate": { "Status": "The status of the investigation into the finding. The workflow status is specific to an individual finding. It does not affect the generation of new findings. For example, setting the workflow status to `SUPPRESSED` or `RESOLVED` does not prevent a new finding for the same issue.\n\nThe allowed values are the following.\n\n- `NEW` - The initial state of a finding, before it is reviewed.\n\nSecurity Hub also resets `WorkFlowStatus` from `NOTIFIED` or `RESOLVED` to `NEW` in the following cases:\n\n- The record state changes from `ARCHIVED` to `ACTIVE` .\n- The compliance status changes from `PASSED` to either `WARNING` , `FAILED` , or `NOT_AVAILABLE` .\n- `NOTIFIED` - Indicates that you notified the resource owner about the security issue. Used when the initial reviewer is not the resource owner, and needs intervention from the resource owner.\n- `RESOLVED` - The finding was reviewed and remediated and is now considered resolved.\n- `SUPPRESSED` - Indicates that you reviewed the finding and don't believe that any action is needed. The finding is no longer updated." }, + "AWS::SecurityHub::AutomationRuleV2": { + "Actions": "A list of actions to be performed when the rule criteria is met.", + "Criteria": "The filtering type and configuration of the automation rule.", + "Description": "A description of the V2 automation rule.", + "RuleName": "The name of the V2 automation rule.", + "RuleOrder": "The value for the rule priority.", + "RuleStatus": "The status of the V2 automation rule.", + "Tags": "A list of key-value pairs associated with the V2 automation rule." + }, + "AWS::SecurityHub::AutomationRuleV2 AutomationRulesActionV2": { + "ExternalIntegrationConfiguration": "The settings for integrating automation rule actions with external systems or service.", + "FindingFieldsUpdate": "Specifies that the automation rule action is an update to a finding field.", + "Type": "Specifies the type of action that Security Hub takes when a finding matches the defined criteria of a rule." + }, + "AWS::SecurityHub::AutomationRuleV2 AutomationRulesFindingFieldsUpdateV2": { + "Comment": "Notes or contextual information for findings that are modified by the automation rule.", + "SeverityId": "The severity level to be assigned to findings that match the automation rule criteria.", + "StatusId": "The status to be applied to findings that match automation rule criteria." + }, + "AWS::SecurityHub::AutomationRuleV2 BooleanFilter": { + "Value": "The value of the boolean." + }, + "AWS::SecurityHub::AutomationRuleV2 CompositeFilter": { + "BooleanFilters": "Enables filtering based on boolean field values.", + "DateFilters": "Enables filtering based on date and timestamp fields.", + "MapFilters": "Enables the creation of filtering criteria for security findings.", + "NumberFilters": "Enables filtering based on numerical field values.", + "Operator": "The logical operator used to combine multiple filter conditions.", + "StringFilters": "Enables filtering based on string field values." + }, + "AWS::SecurityHub::AutomationRuleV2 Criteria": { + "OcsfFindingCriteria": "The filtering conditions that align with OCSF standards." + }, + "AWS::SecurityHub::AutomationRuleV2 DateFilter": { + "DateRange": "A date range for the date filter.", + "End": "A timestamp that provides the end date for the date filter.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", + "Start": "A timestamp that provides the start date for the date filter.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) ." + }, + "AWS::SecurityHub::AutomationRuleV2 DateRange": { + "Unit": "A date range unit for the date filter.", + "Value": "A date range value for the date filter." + }, + "AWS::SecurityHub::AutomationRuleV2 ExternalIntegrationConfiguration": { + "ConnectorArn": "The ARN of the connector that establishes the integration." + }, + "AWS::SecurityHub::AutomationRuleV2 MapFilter": { + "Comparison": "The condition to apply to the key value when filtering Security Hub findings with a map filter.\n\nTo search for values that have the filter value, use one of the following comparison operators:\n\n- To search for values that include the filter value, use `CONTAINS` . For example, for the `ResourceTags` field, the filter `Department CONTAINS Security` matches findings that include the value `Security` for the `Department` tag. In the same example, a finding with a value of `Security team` for the `Department` tag is a match.\n- To search for values that exactly match the filter value, use `EQUALS` . For example, for the `ResourceTags` field, the filter `Department EQUALS Security` matches findings that have the value `Security` for the `Department` tag.\n\n`CONTAINS` and `EQUALS` filters on the same field are joined by `OR` . A finding matches if it matches any one of those filters. For example, the filters `Department CONTAINS Security OR Department CONTAINS Finance` match a finding that includes either `Security` , `Finance` , or both values.\n\nTo search for values that don't have the filter value, use one of the following comparison operators:\n\n- To search for values that exclude the filter value, use `NOT_CONTAINS` . For example, for the `ResourceTags` field, the filter `Department NOT_CONTAINS Finance` matches findings that exclude the value `Finance` for the `Department` tag.\n- To search for values other than the filter value, use `NOT_EQUALS` . For example, for the `ResourceTags` field, the filter `Department NOT_EQUALS Finance` matches findings that don\u2019t have the value `Finance` for the `Department` tag.\n\n`NOT_CONTAINS` and `NOT_EQUALS` filters on the same field are joined by `AND` . A finding matches only if it matches all of those filters. For example, the filters `Department NOT_CONTAINS Security AND Department NOT_CONTAINS Finance` match a finding that excludes both the `Security` and `Finance` values.\n\n`CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters.\n\nYou can\u2019t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can\u2019t have both an `EQUALS` filter and a `NOT_EQUALS` filter on the same field. Combining filters in this way returns an error.\n\n`CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* .", + "Key": "The key of the map filter. For example, for `ResourceTags` , `Key` identifies the name of the tag. For `UserDefinedFields` , `Key` is the name of the field.", + "Value": "The value for the key in the map filter. Filter values are case sensitive. For example, one of the values for a tag called `Department` might be `Security` . If you provide `security` as the filter value, then there's no match." + }, + "AWS::SecurityHub::AutomationRuleV2 NumberFilter": { + "Eq": "The equal-to condition to be applied to a single field when querying for findings.", + "Gte": "The greater-than-equal condition to be applied to a single field when querying for findings.", + "Lte": "The less-than-equal condition to be applied to a single field when querying for findings." + }, + "AWS::SecurityHub::AutomationRuleV2 OcsfBooleanFilter": { + "FieldName": "The name of the field.", + "Filter": "Enables filtering of security findings based on boolean field values in OCSF." + }, + "AWS::SecurityHub::AutomationRuleV2 OcsfDateFilter": { + "FieldName": "The name of the field.", + "Filter": "Enables filtering of security findings based on date and timestamp fields in OCSF." + }, + "AWS::SecurityHub::AutomationRuleV2 OcsfFindingFilters": { + "CompositeFilters": "Enables the creation of complex filtering conditions by combining filter criteria.", + "CompositeOperator": "The logical operators used to combine the filtering on multiple `CompositeFilters` ." + }, + "AWS::SecurityHub::AutomationRuleV2 OcsfMapFilter": { + "FieldName": "The name of the field.", + "Filter": "Enables filtering of security findings based on map field values in OCSF." + }, + "AWS::SecurityHub::AutomationRuleV2 OcsfNumberFilter": { + "FieldName": "The name of the field.", + "Filter": "Enables filtering of security findings based on numerical field values in OCSF." + }, + "AWS::SecurityHub::AutomationRuleV2 OcsfStringFilter": { + "FieldName": "The name of the field.", + "Filter": "Enables filtering of security findings based on string field values in OCSF." + }, + "AWS::SecurityHub::AutomationRuleV2 StringFilter": { + "Comparison": "The condition to apply to a string value when filtering Security Hub findings.\n\nTo search for values that have the filter value, use one of the following comparison operators:\n\n- To search for values that include the filter value, use `CONTAINS` . For example, the filter `Title CONTAINS CloudFront` matches findings that have a `Title` that includes the string CloudFront.\n- To search for values that exactly match the filter value, use `EQUALS` . For example, the filter `AwsAccountId EQUALS 123456789012` only matches findings that have an account ID of `123456789012` .\n- To search for values that start with the filter value, use `PREFIX` . For example, the filter `ResourceRegion PREFIX us` matches findings that have a `ResourceRegion` that starts with `us` . A `ResourceRegion` that starts with a different value, such as `af` , `ap` , or `ca` , doesn't match.\n\n`CONTAINS` , `EQUALS` , and `PREFIX` filters on the same field are joined by `OR` . A finding matches if it matches any one of those filters. For example, the filters `Title CONTAINS CloudFront OR Title CONTAINS CloudWatch` match a finding that includes either `CloudFront` , `CloudWatch` , or both strings in the title.\n\nTo search for values that don\u2019t have the filter value, use one of the following comparison operators:\n\n- To search for values that exclude the filter value, use `NOT_CONTAINS` . For example, the filter `Title NOT_CONTAINS CloudFront` matches findings that have a `Title` that excludes the string CloudFront.\n- To search for values other than the filter value, use `NOT_EQUALS` . For example, the filter `AwsAccountId NOT_EQUALS 123456789012` only matches findings that have an account ID other than `123456789012` .\n- To search for values that don't start with the filter value, use `PREFIX_NOT_EQUALS` . For example, the filter `ResourceRegion PREFIX_NOT_EQUALS us` matches findings with a `ResourceRegion` that starts with a value other than `us` .\n\n`NOT_CONTAINS` , `NOT_EQUALS` , and `PREFIX_NOT_EQUALS` filters on the same field are joined by `AND` . A finding matches only if it matches all of those filters. For example, the filters `Title NOT_CONTAINS CloudFront AND Title NOT_CONTAINS CloudWatch` match a finding that excludes both `CloudFront` and `CloudWatch` in the title.\n\nYou can\u2019t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can't provide both an `EQUALS` filter and a `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filter on the same field. Combining filters in this way returns an error. `CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters.\n\nYou can combine `PREFIX` filters with `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters for the same field. Security Hub first processes the `PREFIX` filters, and then the `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters.\n\nFor example, for the following filters, Security Hub first identifies findings that have resource types that start with either `AwsIam` or `AwsEc2` . It then excludes findings that have a resource type of `AwsIamPolicy` and findings that have a resource type of `AwsEc2NetworkInterface` .\n\n- `ResourceType PREFIX AwsIam`\n- `ResourceType PREFIX AwsEc2`\n- `ResourceType NOT_EQUALS AwsIamPolicy`\n- `ResourceType NOT_EQUALS AwsEc2NetworkInterface`\n\n`CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules V1. `CONTAINS_WORD` operator is only supported in `GetFindingsV2` , `GetFindingStatisticsV2` , `GetResourcesV2` , and `GetResourceStatisticsV2` APIs. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* .", + "Value": "The string filter value. Filter values are case sensitive. For example, the product name for control-based findings is `Security Hub` . If you provide `security hub` as the filter value, there's no match." + }, "AWS::SecurityHub::ConfigurationPolicy": { "ConfigurationPolicy": "An object that defines how AWS Security Hub is configured. It includes whether Security Hub is enabled or disabled, a list of enabled security standards, a list of enabled or disabled security controls, and a list of custom parameter values for specified controls. If you provide a list of security controls that are enabled in the configuration policy, Security Hub disables all other controls (including newly released controls). If you provide a list of security controls that are disabled in the configuration policy, Security Hub enables all other controls (including newly released controls).", "Description": "The description of the configuration policy.", @@ -49448,6 +50396,9 @@ "EnableDefaultStandards": "Whether to enable the security standards that Security Hub has designated as automatically enabled. If you don't provide a value for `EnableDefaultStandards` , it is set to `true` , and the designated standards are automatically enabled in each AWS Region where you enable Security Hub . If you don't want to enable the designated standards, set `EnableDefaultStandards` to `false` .\n\nCurrently, the automatically enabled standards are the Center for Internet Security (CIS) AWS Foundations Benchmark v1.2.0 and AWS Foundational Security Best Practices (FSBP).", "Tags": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." }, + "AWS::SecurityHub::HubV2": { + "Tags": "The tags to add to the hub V2 resource when you enable Security Hub." + }, "AWS::SecurityHub::Insight": { "Filters": "One or more attributes used to filter the findings included in the insight. The insight only includes findings that match the criteria defined in the filters. You can filter by up to ten finding attributes. For each attribute, you can provide up to 20 filter values.", "GroupByAttribute": "The grouping attribute for the insight's findings. Indicates how to group the matching findings, and identifies the type of item that the insight applies to. For example, if an insight is grouped by resource identifier, then the insight produces a list of resource identifiers.", @@ -49588,7 +50539,7 @@ "Lte": "The less-than-equal condition to be applied to a single field when querying for findings." }, "AWS::SecurityHub::Insight StringFilter": { - "Comparison": "The condition to apply to a string value when filtering Security Hub findings.\n\nTo search for values that have the filter value, use one of the following comparison operators:\n\n- To search for values that include the filter value, use `CONTAINS` . For example, the filter `Title CONTAINS CloudFront` matches findings that have a `Title` that includes the string CloudFront.\n- To search for values that exactly match the filter value, use `EQUALS` . For example, the filter `AwsAccountId EQUALS 123456789012` only matches findings that have an account ID of `123456789012` .\n- To search for values that start with the filter value, use `PREFIX` . For example, the filter `ResourceRegion PREFIX us` matches findings that have a `ResourceRegion` that starts with `us` . A `ResourceRegion` that starts with a different value, such as `af` , `ap` , or `ca` , doesn't match.\n\n`CONTAINS` , `EQUALS` , and `PREFIX` filters on the same field are joined by `OR` . A finding matches if it matches any one of those filters. For example, the filters `Title CONTAINS CloudFront OR Title CONTAINS CloudWatch` match a finding that includes either `CloudFront` , `CloudWatch` , or both strings in the title.\n\nTo search for values that don\u2019t have the filter value, use one of the following comparison operators:\n\n- To search for values that exclude the filter value, use `NOT_CONTAINS` . For example, the filter `Title NOT_CONTAINS CloudFront` matches findings that have a `Title` that excludes the string CloudFront.\n- To search for values other than the filter value, use `NOT_EQUALS` . For example, the filter `AwsAccountId NOT_EQUALS 123456789012` only matches findings that have an account ID other than `123456789012` .\n- To search for values that don't start with the filter value, use `PREFIX_NOT_EQUALS` . For example, the filter `ResourceRegion PREFIX_NOT_EQUALS us` matches findings with a `ResourceRegion` that starts with a value other than `us` .\n\n`NOT_CONTAINS` , `NOT_EQUALS` , and `PREFIX_NOT_EQUALS` filters on the same field are joined by `AND` . A finding matches only if it matches all of those filters. For example, the filters `Title NOT_CONTAINS CloudFront AND Title NOT_CONTAINS CloudWatch` match a finding that excludes both `CloudFront` and `CloudWatch` in the title.\n\nYou can\u2019t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can't provide both an `EQUALS` filter and a `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filter on the same field. Combining filters in this way returns an error. `CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters.\n\nYou can combine `PREFIX` filters with `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters for the same field. Security Hub first processes the `PREFIX` filters, and then the `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters.\n\nFor example, for the following filters, Security Hub first identifies findings that have resource types that start with either `AwsIam` or `AwsEc2` . It then excludes findings that have a resource type of `AwsIamPolicy` and findings that have a resource type of `AwsEc2NetworkInterface` .\n\n- `ResourceType PREFIX AwsIam`\n- `ResourceType PREFIX AwsEc2`\n- `ResourceType NOT_EQUALS AwsIamPolicy`\n- `ResourceType NOT_EQUALS AwsEc2NetworkInterface`\n\n`CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* .", + "Comparison": "The condition to apply to a string value when filtering Security Hub findings.\n\nTo search for values that have the filter value, use one of the following comparison operators:\n\n- To search for values that include the filter value, use `CONTAINS` . For example, the filter `Title CONTAINS CloudFront` matches findings that have a `Title` that includes the string CloudFront.\n- To search for values that exactly match the filter value, use `EQUALS` . For example, the filter `AwsAccountId EQUALS 123456789012` only matches findings that have an account ID of `123456789012` .\n- To search for values that start with the filter value, use `PREFIX` . For example, the filter `ResourceRegion PREFIX us` matches findings that have a `ResourceRegion` that starts with `us` . A `ResourceRegion` that starts with a different value, such as `af` , `ap` , or `ca` , doesn't match.\n\n`CONTAINS` , `EQUALS` , and `PREFIX` filters on the same field are joined by `OR` . A finding matches if it matches any one of those filters. For example, the filters `Title CONTAINS CloudFront OR Title CONTAINS CloudWatch` match a finding that includes either `CloudFront` , `CloudWatch` , or both strings in the title.\n\nTo search for values that don\u2019t have the filter value, use one of the following comparison operators:\n\n- To search for values that exclude the filter value, use `NOT_CONTAINS` . For example, the filter `Title NOT_CONTAINS CloudFront` matches findings that have a `Title` that excludes the string CloudFront.\n- To search for values other than the filter value, use `NOT_EQUALS` . For example, the filter `AwsAccountId NOT_EQUALS 123456789012` only matches findings that have an account ID other than `123456789012` .\n- To search for values that don't start with the filter value, use `PREFIX_NOT_EQUALS` . For example, the filter `ResourceRegion PREFIX_NOT_EQUALS us` matches findings with a `ResourceRegion` that starts with a value other than `us` .\n\n`NOT_CONTAINS` , `NOT_EQUALS` , and `PREFIX_NOT_EQUALS` filters on the same field are joined by `AND` . A finding matches only if it matches all of those filters. For example, the filters `Title NOT_CONTAINS CloudFront AND Title NOT_CONTAINS CloudWatch` match a finding that excludes both `CloudFront` and `CloudWatch` in the title.\n\nYou can\u2019t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can't provide both an `EQUALS` filter and a `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filter on the same field. Combining filters in this way returns an error. `CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters.\n\nYou can combine `PREFIX` filters with `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters for the same field. Security Hub first processes the `PREFIX` filters, and then the `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters.\n\nFor example, for the following filters, Security Hub first identifies findings that have resource types that start with either `AwsIam` or `AwsEc2` . It then excludes findings that have a resource type of `AwsIamPolicy` and findings that have a resource type of `AwsEc2NetworkInterface` .\n\n- `ResourceType PREFIX AwsIam`\n- `ResourceType PREFIX AwsEc2`\n- `ResourceType NOT_EQUALS AwsIamPolicy`\n- `ResourceType NOT_EQUALS AwsEc2NetworkInterface`\n\n`CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules V1. `CONTAINS_WORD` operator is only supported in `GetFindingsV2` , `GetFindingStatisticsV2` , `GetResourcesV2` , and `GetResourceStatisticsV2` APIs. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* .", "Value": "The string filter value. Filter values are case sensitive. For example, the product name for control-based findings is `Security Hub` . If you provide `security hub` as the filter value, there's no match." }, "AWS::SecurityHub::OrganizationConfiguration": { @@ -50194,6 +51145,7 @@ "AWS::Synthetics::Canary RunConfig": { "ActiveTracing": "Specifies whether this canary is to use active AWS X-Ray tracing when it runs. Active tracing enables this canary run to be displayed in the ServiceLens and X-Ray service maps even if the canary does not hit an endpoint that has X-Ray tracing enabled. Using X-Ray tracing incurs charges. For more information, see [Canaries and X-Ray tracing](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_tracing.html) .\n\nYou can enable active tracing only for canaries that use version `syn-nodejs-2.0` or later for their canary runtime.", "EnvironmentVariables": "Specifies the keys and values to use for any environment variables used in the canary script. Use the following format:\n\n{ \"key1\" : \"value1\", \"key2\" : \"value2\", ...}\n\nKeys must start with a letter and be at least two characters. The total size of your environment variables cannot exceed 4 KB. You can't specify any Lambda reserved environment variables as the keys for your environment variables. For more information about reserved keys, see [Runtime environment variables](https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html#configuration-envvars-runtime) .", + "EphemeralStorage": "Specifies the amount of ephemeral storage (in MB) to allocate for the canary run during execution. This temporary storage is used for storing canary run artifacts (which are uploaded to an Amazon S3 bucket at the end of the run), and any canary browser operations. This temporary storage is cleared after the run is completed. Default storage value is 1024 MB.", "MemoryInMB": "The maximum amount of memory that the canary can use while running. This value must be a multiple of 64. The range is 960 to 3008.", "TimeoutInSeconds": "How long the canary is allowed to run before it must stop. You can't set this time to be longer than the frequency of the runs of this canary.\n\nIf you omit this field, the frequency of the canary is used as this value, up to a maximum of 900 seconds." }, @@ -50455,6 +51407,7 @@ "SigningAlgorithm": "The algorithm that is used to sign the AS2 messages sent with the connector." }, "AWS::Transfer::Connector SftpConfig": { + "MaxConcurrentConnections": "Specify the number of concurrent connections that your connector creates to the remote server. The default value is `1` . The maximum values is `5` .\n\n> If you are using the AWS Management Console , the default value is `5` . \n\nThis parameter specifies the number of active connections that your connector can establish with the remote server at the same time. Increasing this value can enhance connector performance when transferring large file batches by enabling parallel operations.", "TrustedHostKeys": "The public portion of the host key, or keys, that are used to identify the external server to which you are connecting. You can use the `ssh-keyscan` command against the SFTP server to retrieve the necessary key.\n\n> `TrustedHostKeys` is optional for `CreateConnector` . If not provided, you can use `TestConnection` to retrieve the server host key during the initial connection attempt, and subsequently update the connector with the observed host key. \n\nThe three standard SSH public key format elements are `` , `` , and an optional `` , with spaces between each element. Specify only the `` and `` : do not enter the `` portion of the key.\n\nFor the trusted host key, AWS Transfer Family accepts RSA and ECDSA keys.\n\n- For RSA keys, the `` string is `ssh-rsa` .\n- For ECDSA keys, the `` string is either `ecdsa-sha2-nistp256` , `ecdsa-sha2-nistp384` , or `ecdsa-sha2-nistp521` , depending on the size of the key you generated.\n\nRun this command to retrieve the SFTP server host key, where your SFTP server name is `ftp.host.com` .\n\n`ssh-keyscan ftp.host.com`\n\nThis prints the public host key to standard output.\n\n`ftp.host.com ssh-rsa AAAAB3Nza... - Required when creating an SFTP connector\n> - Optional when updating an existing SFTP connector" }, @@ -50479,19 +51432,20 @@ "EndpointType": "The type of endpoint that you want your server to use. You can choose to make your server's endpoint publicly accessible (PUBLIC) or host it inside your VPC. With an endpoint that is hosted in a VPC, you can restrict access to your server and resources only within your VPC or choose to make it internet facing by attaching Elastic IP addresses directly to it.\n\n> After May 19, 2021, you won't be able to create a server using `EndpointType=VPC_ENDPOINT` in your AWS account if your account hasn't already done so before May 19, 2021. If you have already created servers with `EndpointType=VPC_ENDPOINT` in your AWS account on or before May 19, 2021, you will not be affected. After this date, use `EndpointType` = `VPC` .\n> \n> For more information, see [Discontinuing the use of VPC_ENDPOINT](https://docs.aws.amazon.com//transfer/latest/userguide/create-server-in-vpc.html#deprecate-vpc-endpoint) .\n> \n> It is recommended that you use `VPC` as the `EndpointType` . With this endpoint type, you have the option to directly associate up to three Elastic IPv4 addresses (BYO IP included) with your server's endpoint and use VPC security groups to restrict traffic by the client's public IP address. This is not possible with `EndpointType` set to `VPC_ENDPOINT` .", "IdentityProviderDetails": "Required when `IdentityProviderType` is set to `AWS_DIRECTORY_SERVICE` , `AWS _LAMBDA` or `API_GATEWAY` . Accepts an array containing all of the information required to use a directory in `AWS_DIRECTORY_SERVICE` or invoke a customer-supplied authentication API, including the API Gateway URL. Cannot be specified when `IdentityProviderType` is set to `SERVICE_MANAGED` .", "IdentityProviderType": "The mode of authentication for a server. The default value is `SERVICE_MANAGED` , which allows you to store and access user credentials within the AWS Transfer Family service.\n\nUse `AWS_DIRECTORY_SERVICE` to provide access to Active Directory groups in AWS Directory Service for Microsoft Active Directory or Microsoft Active Directory in your on-premises environment or in AWS using AD Connector. This option also requires you to provide a Directory ID by using the `IdentityProviderDetails` parameter.\n\nUse the `API_GATEWAY` value to integrate with an identity provider of your choosing. The `API_GATEWAY` setting requires you to provide an Amazon API Gateway endpoint URL to call for authentication by using the `IdentityProviderDetails` parameter.\n\nUse the `AWS_LAMBDA` value to directly use an AWS Lambda function as your identity provider. If you choose this value, you must specify the ARN for the Lambda function in the `Function` parameter for the `IdentityProviderDetails` data type.", + "IpAddressType": "Specifies whether to use IPv4 only, or to use dual-stack (IPv4 and IPv6) for your AWS Transfer Family endpoint. The default value is `IPV4` .\n\n> The `IpAddressType` parameter has the following limitations:\n> \n> - It cannot be changed while the server is online. You must stop the server before modifying this parameter.\n> - It cannot be updated to `DUALSTACK` if the server has `AddressAllocationIds` specified. > When using `DUALSTACK` as the `IpAddressType` , you cannot set the `AddressAllocationIds` parameter for the [EndpointDetails](https://docs.aws.amazon.com/transfer/latest/APIReference/API_EndpointDetails.html) for the server.", "LoggingRole": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that allows a server to turn on Amazon CloudWatch logging for Amazon S3 or Amazon EFS events. When set, you can view user activity in your CloudWatch logs.", "PostAuthenticationLoginBanner": "Specifies a string to display when users connect to a server. This string is displayed after the user authenticates.\n\n> The SFTP protocol does not support post-authentication display banners.", "PreAuthenticationLoginBanner": "Specifies a string to display when users connect to a server. This string is displayed before the user authenticates. For example, the following banner displays details about using the system:\n\n`This system is for the use of authorized users only. Individuals using this computer system without authority, or in excess of their authority, are subject to having all of their activities on this system monitored and recorded by system personnel.`", "ProtocolDetails": "The protocol settings that are configured for your server.\n\n- To indicate passive mode (for FTP and FTPS protocols), use the `PassiveIp` parameter. Enter a single dotted-quad IPv4 address, such as the external IP address of a firewall, router, or load balancer.\n- To ignore the error that is generated when the client attempts to use the `SETSTAT` command on a file that you are uploading to an Amazon S3 bucket, use the `SetStatOption` parameter. To have the AWS Transfer Family server ignore the `SETSTAT` command and upload files without needing to make any changes to your SFTP client, set the value to `ENABLE_NO_OP` . If you set the `SetStatOption` parameter to `ENABLE_NO_OP` , Transfer Family generates a log entry to Amazon CloudWatch Logs, so that you can determine when the client is making a `SETSTAT` call.\n- To determine whether your AWS Transfer Family server resumes recent, negotiated sessions through a unique session ID, use the `TlsSessionResumptionMode` parameter.\n- `As2Transports` indicates the transport method for the AS2 messages. Currently, only HTTP is supported.\n\nThe `Protocols` parameter is an array of strings.\n\n*Allowed values* : One or more of `SFTP` , `FTPS` , `FTP` , `AS2`", "Protocols": "Specifies the file transfer protocol or protocols over which your file transfer protocol client can connect to your server's endpoint. The available protocols are:\n\n- `SFTP` (Secure Shell (SSH) File Transfer Protocol): File transfer over SSH\n- `FTPS` (File Transfer Protocol Secure): File transfer with TLS encryption\n- `FTP` (File Transfer Protocol): Unencrypted file transfer\n- `AS2` (Applicability Statement 2): used for transporting structured business-to-business data\n\n> - If you select `FTPS` , you must choose a certificate stored in AWS Certificate Manager (ACM) which is used to identify your server when clients connect to it over FTPS.\n> - If `Protocol` includes either `FTP` or `FTPS` , then the `EndpointType` must be `VPC` and the `IdentityProviderType` must be either `AWS_DIRECTORY_SERVICE` , `AWS_LAMBDA` , or `API_GATEWAY` .\n> - If `Protocol` includes `FTP` , then `AddressAllocationIds` cannot be associated.\n> - If `Protocol` is set only to `SFTP` , the `EndpointType` can be set to `PUBLIC` and the `IdentityProviderType` can be set any of the supported identity types: `SERVICE_MANAGED` , `AWS_DIRECTORY_SERVICE` , `AWS_LAMBDA` , or `API_GATEWAY` .\n> - If `Protocol` includes `AS2` , then the `EndpointType` must be `VPC` , and domain must be Amazon S3. \n\nThe `Protocols` parameter is an array of strings.\n\n*Allowed values* : One or more of `SFTP` , `FTPS` , `FTP` , `AS2`", - "S3StorageOptions": "Specifies whether or not performance for your Amazon S3 directories is optimized. This is disabled by default.\n\nBy default, home directory mappings have a `TYPE` of `DIRECTORY` . If you enable this option, you would then need to explicitly set the `HomeDirectoryMapEntry` `Type` to `FILE` if you want a mapping to have a file target.", + "S3StorageOptions": "Specifies whether or not performance for your Amazon S3 directories is optimized.\n\n- If using the console, this is enabled by default.\n- If using the API or CLI, this is disabled by default.\n\nBy default, home directory mappings have a `TYPE` of `DIRECTORY` . If you enable this option, you would then need to explicitly set the `HomeDirectoryMapEntry` `Type` to `FILE` if you want a mapping to have a file target.", "SecurityPolicyName": "Specifies the name of the security policy for the server.", "StructuredLogDestinations": "Specifies the log groups to which your server logs are sent.\n\nTo specify a log group, you must provide the ARN for an existing log group. In this case, the format of the log group is as follows:\n\n`arn:aws:logs:region-name:amazon-account-id:log-group:log-group-name:*`\n\nFor example, `arn:aws:logs:us-east-1:111122223333:log-group:mytestgroup:*`\n\nIf you have previously specified a log group for a server, you can clear it, and in effect turn off structured logging, by providing an empty value for this parameter in an `update-server` call. For example:\n\n`update-server --server-id s-1234567890abcdef0 --structured-log-destinations`", "Tags": "Key-value pairs that can be used to group and search for servers.", "WorkflowDetails": "Specifies the workflow ID for the workflow to assign and the execution role that's used for executing the workflow.\n\nIn addition to a workflow to execute when a file is uploaded completely, `WorkflowDetails` can also contain a workflow ID (and execution role) for a workflow to execute on partial upload. A partial upload occurs when a file is open when the session disconnects." }, "AWS::Transfer::Server EndpointDetails": { - "AddressAllocationIds": "A list of address allocation IDs that are required to attach an Elastic IP address to your server's endpoint.\n\nAn address allocation ID corresponds to the allocation ID of an Elastic IP address. This value can be retrieved from the `allocationId` field from the Amazon EC2 [Address](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_Address.html) data type. One way to retrieve this value is by calling the EC2 [DescribeAddresses](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAddresses.html) API.\n\nThis parameter is optional. Set this parameter if you want to make your VPC endpoint public-facing. For details, see [Create an internet-facing endpoint for your server](https://docs.aws.amazon.com/transfer/latest/userguide/create-server-in-vpc.html#create-internet-facing-endpoint) .\n\n> This property can only be set as follows:\n> \n> - `EndpointType` must be set to `VPC`\n> - The Transfer Family server must be offline.\n> - You cannot set this parameter for Transfer Family servers that use the FTP protocol.\n> - The server must already have `SubnetIds` populated ( `SubnetIds` and `AddressAllocationIds` cannot be updated simultaneously).\n> - `AddressAllocationIds` can't contain duplicates, and must be equal in length to `SubnetIds` . For example, if you have three subnet IDs, you must also specify three address allocation IDs.\n> - Call the `UpdateServer` API to set or change this parameter.", + "AddressAllocationIds": "A list of address allocation IDs that are required to attach an Elastic IP address to your server's endpoint.\n\nAn address allocation ID corresponds to the allocation ID of an Elastic IP address. This value can be retrieved from the `allocationId` field from the Amazon EC2 [Address](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_Address.html) data type. One way to retrieve this value is by calling the EC2 [DescribeAddresses](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAddresses.html) API.\n\nThis parameter is optional. Set this parameter if you want to make your VPC endpoint public-facing. For details, see [Create an internet-facing endpoint for your server](https://docs.aws.amazon.com/transfer/latest/userguide/create-server-in-vpc.html#create-internet-facing-endpoint) .\n\n> This property can only be set as follows:\n> \n> - `EndpointType` must be set to `VPC`\n> - The Transfer Family server must be offline.\n> - You cannot set this parameter for Transfer Family servers that use the FTP protocol.\n> - The server must already have `SubnetIds` populated ( `SubnetIds` and `AddressAllocationIds` cannot be updated simultaneously).\n> - `AddressAllocationIds` can't contain duplicates, and must be equal in length to `SubnetIds` . For example, if you have three subnet IDs, you must also specify three address allocation IDs.\n> - Call the `UpdateServer` API to set or change this parameter.\n> - You can't set address allocation IDs for servers that have an `IpAddressType` set to `DUALSTACK` You can only set this property if `IpAddressType` is set to `IPV4` .", "SecurityGroupIds": "A list of security groups IDs that are available to attach to your server's endpoint.\n\n> This property can only be set when `EndpointType` is set to `VPC` .\n> \n> You can edit the `SecurityGroupIds` property in the [UpdateServer](https://docs.aws.amazon.com/transfer/latest/userguide/API_UpdateServer.html) API only if you are changing the `EndpointType` from `PUBLIC` or `VPC_ENDPOINT` to `VPC` . To change security groups associated with your server's VPC endpoint after creation, use the Amazon EC2 [ModifyVpcEndpoint](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVpcEndpoint.html) API.", "SubnetIds": "A list of subnet IDs that are required to host your server endpoint in your VPC.\n\n> This property can only be set when `EndpointType` is set to `VPC` .", "VpcEndpointId": "The ID of the VPC endpoint.\n\n> This property can only be set when `EndpointType` is set to `VPC_ENDPOINT` .", @@ -50511,7 +51465,7 @@ "TlsSessionResumptionMode": "A property used with Transfer Family servers that use the FTPS protocol. TLS Session Resumption provides a mechanism to resume or share a negotiated secret key between the control and data connection for an FTPS session. `TlsSessionResumptionMode` determines whether or not the server resumes recent, negotiated sessions through a unique session ID. This property is available during `CreateServer` and `UpdateServer` calls. If a `TlsSessionResumptionMode` value is not specified during `CreateServer` , it is set to `ENFORCED` by default.\n\n- `DISABLED` : the server does not process TLS session resumption client requests and creates a new TLS session for each request.\n- `ENABLED` : the server processes and accepts clients that are performing TLS session resumption. The server doesn't reject client data connections that do not perform the TLS session resumption client processing.\n- `ENFORCED` : the server processes and accepts clients that are performing TLS session resumption. The server rejects client data connections that do not perform the TLS session resumption client processing. Before you set the value to `ENFORCED` , test your clients.\n\n> Not all FTPS clients perform TLS session resumption. So, if you choose to enforce TLS session resumption, you prevent any connections from FTPS clients that don't perform the protocol negotiation. To determine whether or not you can use the `ENFORCED` value, you need to test your clients." }, "AWS::Transfer::Server S3StorageOptions": { - "DirectoryListingOptimization": "Specifies whether or not performance for your Amazon S3 directories is optimized. This is disabled by default.\n\nBy default, home directory mappings have a `TYPE` of `DIRECTORY` . If you enable this option, you would then need to explicitly set the `HomeDirectoryMapEntry` `Type` to `FILE` if you want a mapping to have a file target." + "DirectoryListingOptimization": "Specifies whether or not performance for your Amazon S3 directories is optimized.\n\n- If using the console, this is enabled by default.\n- If using the API or CLI, this is disabled by default.\n\nBy default, home directory mappings have a `TYPE` of `DIRECTORY` . If you enable this option, you would then need to explicitly set the `HomeDirectoryMapEntry` `Type` to `FILE` if you want a mapping to have a file target." }, "AWS::Transfer::Server Tag": { "Key": "The name assigned to the tag that you create.", @@ -50877,7 +51831,7 @@ "AuthType": "The type of IAM policy.\n\n- `NONE` : The resource does not use an IAM policy. This is the default.\n- `AWS_IAM` : The resource uses an IAM policy. When this type is used, auth is enabled and an auth policy is required.", "CertificateArn": "The Amazon Resource Name (ARN) of the certificate.", "CustomDomainName": "The custom domain name of the service.", - "DnsEntry": "The DNS information of the service.", + "DnsEntry": "Describes the DNS information of the service. This field is read-only.", "Name": "The name of the service. The name must be unique within the account. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name.", "Tags": "The tags for the service." }, @@ -51247,6 +52201,10 @@ "AWS::WAFv2::RuleGroup AndStatement": { "Statements": "The statements to combine with AND logic. You can use any statements that can be nested." }, + "AWS::WAFv2::RuleGroup AsnMatchStatement": { + "AsnList": "Contains one or more Autonomous System Numbers (ASNs). ASNs are unique identifiers assigned to large internet networks managed by organizations such as internet service providers, enterprises, universities, or government agencies.", + "ForwardedIPConfig": "The configuration for inspecting IP addresses to match against an ASN in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name." + }, "AWS::WAFv2::RuleGroup BlockAction": { "CustomResponse": "Defines a custom response for the web request.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* ." }, @@ -51387,6 +52345,7 @@ "ScopeDownStatement": "An optional nested statement that narrows the scope of the web requests that are evaluated and managed by the rate-based statement. When you use a scope-down statement, the rate-based rule only tracks and rate limits requests that match the scope-down statement. You can use any nestable `Statement` in the scope-down statement, and you can nest statements at any level, the same as you can for a rule statement." }, "AWS::WAFv2::RuleGroup RateBasedStatementCustomKey": { + "ASN": "Use an Autonomous System Number (ASN) derived from the request's originating or forwarded IP address as an aggregate key. Each distinct ASN contributes to the aggregation instance.", "Cookie": "Use the value of a cookie in the request as an aggregate key. Each distinct value in the cookie contributes to the aggregation instance. If you use a single cookie as your custom key, then each value fully defines an aggregation instance.", "ForwardedIP": "Use the first IP address in an HTTP header as an aggregate key. Each distinct forwarded IP address contributes to the aggregation instance.\n\nWhen you specify an IP or forwarded IP in the custom key settings, you must also specify at least one other key to use. You can aggregate on only the forwarded IP address by specifying `FORWARDED_IP` in your rate-based statement's `AggregateKeyType` .\n\nWith this option, you must specify the header to use in the rate-based rule's `ForwardedIPConfig` property.", "HTTPMethod": "Use the request's HTTP method as an aggregate key. Each distinct HTTP method contributes to the aggregation instance. If you use just the HTTP method as your custom key, then each method fully defines an aggregation instance.", @@ -51472,6 +52431,7 @@ }, "AWS::WAFv2::RuleGroup Statement": { "AndStatement": "A logical rule statement used to combine other rule statements with AND logic. You provide more than one `Statement` within the `AndStatement` .", + "AsnMatchStatement": "A rule statement that inspects web traffic based on the Autonomous System Number (ASN) associated with the request's IP address.\n\nFor additional details, see [ASN match rule statement](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-type-asn-match.html) in the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html) .", "ByteMatchStatement": "A rule statement that defines a string match search for AWS WAF to apply to web requests. The byte match statement provides the bytes to search for, the location in requests that you want AWS WAF to search, and other settings. The bytes to search for are typically a string that corresponds with ASCII characters. In the AWS WAF console and the developer guide, this is called a string match statement.", "GeoMatchStatement": "A rule statement that labels web requests by country and region and that matches against web requests based on country code. A geo match rule labels every request that it inspects regardless of whether it finds a match.\n\n- To manage requests only by country, you can use this statement by itself and specify the countries that you want to match against in the `CountryCodes` array.\n- Otherwise, configure your geo match rule with Count action so that it only labels requests. Then, add one or more label match rules to run after the geo match rule and configure them to match against the geographic labels and handle the requests as needed.\n\nAWS WAF labels requests using the alpha-2 country and region codes from the International Organization for Standardization (ISO) 3166 standard. AWS WAF determines the codes using either the IP address in the web request origin or, if you specify it, the address in the geo match `ForwardedIPConfig` .\n\nIf you use the web request origin, the label formats are `awswaf:clientip:geo:region:-` and `awswaf:clientip:geo:country:` .\n\nIf you use a forwarded IP address, the label formats are `awswaf:forwardedip:geo:region:-` and `awswaf:forwardedip:geo:country:` .\n\nFor additional details, see [Geographic match rule statement](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-type-geo-match.html) in the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html) .", "IPSetReferenceStatement": "A rule statement used to detect web requests coming from particular IP addresses or address ranges. To use this, create an `IPSet` that specifies the addresses you want to detect, then use the ARN of that set in this statement.\n\nEach IP set rule statement references an IP set. You create and maintain the set independent of your rules. This allows you to use the single set in multiple rules. When you update the referenced set, AWS WAF automatically updates all rules that reference it.", @@ -51514,7 +52474,7 @@ "DefaultAction": "The action to perform if none of the `Rules` contained in the `WebACL` match.", "Description": "A description of the web ACL that helps with identification.", "Name": "The name of the web ACL. You cannot change the name of a web ACL after you create it.", - "OnSourceDDoSProtectionConfig": "", + "OnSourceDDoSProtectionConfig": "Configures the level of DDoS protection that applies to web ACLs associated with Application Load Balancers.", "Rules": "The rule statements used to identify the web requests that you want to manage. Each rule includes one top-level statement that AWS WAF uses to identify matching web requests, and parameters that govern how AWS WAF handles them.", "Scope": "Specifies whether this is for an Amazon CloudFront distribution or for a regional application. For an AWS Amplify application, use `CLOUDFRONT` . A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AWS AppSync GraphQL API, an Amazon Cognito user pool, an AWS App Runner service, or an AWS Verified Access instance. Valid Values are `CLOUDFRONT` and `REGIONAL` .\n\n> For `CLOUDFRONT` , you must create your WAFv2 resources in the US East (N. Virginia) Region, `us-east-1` . \n\nFor information about how to define the association of the web ACL with your resource, see `WebACLAssociation` .", "Tags": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.\n\n> To modify tags on existing resources, use the AWS WAF APIs or command line interface. With AWS CloudFormation , you can only add tags to AWS WAF resources during resource creation.", @@ -51534,6 +52494,10 @@ "RequestInspection": "The criteria for inspecting login requests, used by the ATP rule group to validate credentials usage.", "ResponseInspection": "The criteria for inspecting responses to login requests, used by the ATP rule group to track login failure rates.\n\n> Response inspection is available only in web ACLs that protect Amazon CloudFront distributions. \n\nThe ATP rule group evaluates the responses that your protected resources send back to client login attempts, keeping count of successful and failed attempts for each IP address and client session. Using this information, the rule group labels and mitigates requests from client sessions and IP addresses that have had too many failed login attempts in a short amount of time." }, + "AWS::WAFv2::WebACL AWSManagedRulesAntiDDoSRuleSet": { + "ClientSideActionConfig": "Configures the request handling that's applied by the managed rule group rules `ChallengeAllDuringEvent` and `ChallengeDDoSRequests` during a distributed denial of service (DDoS) attack.", + "SensitivityToBlock": "The sensitivity that the rule group rule `DDoSRequests` uses when matching against the DDoS suspicion labeling on a request. The managed rule group adds the labeling during DDoS events, before the `DDoSRequests` rule runs.\n\nThe higher the sensitivity, the more levels of labeling that the rule matches:\n\n- Low sensitivity is less sensitive, causing the rule to match only on the most likely participants in an attack, which are the requests with the high suspicion label `awswaf:managed:aws:anti-ddos:high-suspicion-ddos-request` .\n- Medium sensitivity causes the rule to match on the medium and high suspicion labels.\n- High sensitivity causes the rule to match on all of the suspicion labels: low, medium, and high.\n\nDefault: `LOW`" + }, "AWS::WAFv2::WebACL AWSManagedRulesBotControlRuleSet": { "EnableMachineLearning": "Applies only to the targeted inspection level.\n\nDetermines whether to use machine learning (ML) to analyze your web traffic for bot-related activity. Machine learning is required for the Bot Control rules `TGT_ML_CoordinatedActivityLow` and `TGT_ML_CoordinatedActivityMedium` , which\ninspect for anomalous behavior that might indicate distributed, coordinated bot activity.\n\nFor more information about this choice, see the listing for these rules in the table at [Bot Control rules listing](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html#aws-managed-rule-groups-bot-rules) in the *AWS WAF Developer Guide* .\n\nDefault: `TRUE`", "InspectionLevel": "The inspection level to use for the Bot Control rule group. The common level is the least expensive. The targeted level includes all common level rules and adds rules with more advanced inspection criteria. For details, see [AWS WAF Bot Control rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html) in the *AWS WAF Developer Guide* ." @@ -51544,6 +52508,10 @@ "AWS::WAFv2::WebACL AndStatement": { "Statements": "The statements to combine with AND logic. You can use any statements that can be nested." }, + "AWS::WAFv2::WebACL AsnMatchStatement": { + "AsnList": "Contains one or more Autonomous System Numbers (ASNs). ASNs are unique identifiers assigned to large internet networks managed by organizations such as internet service providers, enterprises, universities, or government agencies.", + "ForwardedIPConfig": "The configuration for inspecting IP addresses to match against an ASN in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name." + }, "AWS::WAFv2::WebACL AssociationConfig": { "RequestBody": "Customizes the maximum size of the request body that your protected CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access resources forward to AWS WAF for inspection. The default size is 16 KB (16,384 bytes). You can change the setting for any of the available resource types.\n\n> You are charged additional fees when your protected resources forward body sizes that are larger than the default. For more information, see [AWS WAF Pricing](https://docs.aws.amazon.com/waf/pricing/) . \n\nExample JSON: `{ \"API_GATEWAY\": \"KB_48\", \"APP_RUNNER_SERVICE\": \"KB_32\" }`\n\nFor Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes)." }, @@ -51572,6 +52540,14 @@ "AWS::WAFv2::WebACL ChallengeConfig": { "ImmunityTimeProperty": "Determines how long a challenge timestamp in the token remains valid after the client successfully responds to a challenge." }, + "AWS::WAFv2::WebACL ClientSideAction": { + "ExemptUriRegularExpressions": "The regular expression to match against the web request URI, used to identify requests that can't handle a silent browser challenge. When the `ClientSideAction` setting `UsageOfAction` is enabled, the managed rule group uses this setting to determine which requests to label with `awswaf:managed:aws:anti-ddos:challengeable-request` . If `UsageOfAction` is disabled, this setting has no effect and the managed rule group doesn't add the label to any requests.\n\nThe anti-DDoS managed rule group doesn't evaluate the rules `ChallengeDDoSRequests` or `ChallengeAllDuringEvent` for web requests whose URIs match this regex. This is true regardless of whether you override the rule action for either of the rules in your web ACL configuration.\n\nAWS recommends using a regular expression.\n\nThis setting is required if `UsageOfAction` is set to `ENABLED` . If required, you can provide between 1 and 5 regex objects in the array of settings.\n\nAWS recommends starting with the following setting. Review and update it for your application's needs:\n\n`\\/api\\/|\\.(acc|avi|css|gif|jpe?g|js|mp[34]|ogg|otf|pdf|png|tiff?|ttf|webm|webp|woff2?)$`", + "Sensitivity": "The sensitivity that the rule group rule `ChallengeDDoSRequests` uses when matching against the DDoS suspicion labeling on a request. The managed rule group adds the labeling during DDoS events, before the `ChallengeDDoSRequests` rule runs.\n\nThe higher the sensitivity, the more levels of labeling that the rule matches:\n\n- Low sensitivity is less sensitive, causing the rule to match only on the most likely participants in an attack, which are the requests with the high suspicion label `awswaf:managed:aws:anti-ddos:high-suspicion-ddos-request` .\n- Medium sensitivity causes the rule to match on the medium and high suspicion labels.\n- High sensitivity causes the rule to match on all of the suspicion labels: low, medium, and high.\n\nDefault: `HIGH`", + "UsageOfAction": "Determines whether to use the `AWSManagedRulesAntiDDoSRuleSet` rules `ChallengeAllDuringEvent` and `ChallengeDDoSRequests` in the rule group evaluation and the related label `awswaf:managed:aws:anti-ddos:challengeable-request` .\n\n- If usage is enabled:\n\n- The managed rule group adds the label `awswaf:managed:aws:anti-ddos:challengeable-request` to any web request whose URL does *NOT* match the regular expressions provided in the `ClientSideAction` setting `ExemptUriRegularExpressions` .\n- The two rules are evaluated against web requests for protected resources that are experiencing a DDoS attack. The two rules only apply their action to matching requests that have the label `awswaf:managed:aws:anti-ddos:challengeable-request` .\n- If usage is disabled:\n\n- The managed rule group doesn't add the label `awswaf:managed:aws:anti-ddos:challengeable-request` to any web requests.\n- The two rules are not evaluated.\n- None of the other `ClientSideAction` settings have any effect.\n\n> This setting only enables or disables the use of the two anti-DDOS rules `ChallengeAllDuringEvent` and `ChallengeDDoSRequests` in the anti-DDoS managed rule group.\n> \n> This setting doesn't alter the action setting in the two rules. To override the actions used by the rules `ChallengeAllDuringEvent` and `ChallengeDDoSRequests` , enable this setting, and then override the rule actions in the usual way, in your managed rule group configuration." + }, + "AWS::WAFv2::WebACL ClientSideActionConfig": { + "Challenge": "Configuration for the use of the `AWSManagedRulesAntiDDoSRuleSet` rules `ChallengeAllDuringEvent` and `ChallengeDDoSRequests` .\n\n> This setting isn't related to the configuration of the `Challenge` action itself. It only configures the use of the two anti-DDoS rules named here. \n\nYou can enable or disable the use of these rules, and you can configure how to use them when they are enabled." + }, "AWS::WAFv2::WebACL CookieMatchPattern": { "All": "Inspect all cookies.", "ExcludedCookies": "Inspect only the cookies whose keys don't match any of the strings specified here.", @@ -51695,6 +52671,7 @@ "AWS::WAFv2::WebACL ManagedRuleGroupConfig": { "AWSManagedRulesACFPRuleSet": "Additional configuration for using the account creation fraud prevention (ACFP) managed rule group, `AWSManagedRulesACFPRuleSet` . Use this to provide account creation request information to the rule group. For web ACLs that protect CloudFront distributions, use this to also provide the information about how your distribution responds to account creation requests.\n\nFor information about using the ACFP managed rule group, see [AWS WAF Fraud Control account creation fraud prevention (ACFP) rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-acfp.html) and [AWS WAF Fraud Control account creation fraud prevention (ACFP)](https://docs.aws.amazon.com/waf/latest/developerguide/waf-acfp.html) in the *AWS WAF Developer Guide* .", "AWSManagedRulesATPRuleSet": "Additional configuration for using the account takeover prevention (ATP) managed rule group, `AWSManagedRulesATPRuleSet` . Use this to provide login request information to the rule group. For web ACLs that protect CloudFront distributions, use this to also provide the information about how your distribution responds to login requests.\n\nThis configuration replaces the individual configuration fields in `ManagedRuleGroupConfig` and provides additional feature configuration.\n\nFor information about using the ATP managed rule group, see [AWS WAF Fraud Control account takeover prevention (ATP) rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-atp.html) and [AWS WAF Fraud Control account takeover prevention (ATP)](https://docs.aws.amazon.com/waf/latest/developerguide/waf-atp.html) in the *AWS WAF Developer Guide* .", + "AWSManagedRulesAntiDDoSRuleSet": "Additional configuration for using the anti-DDoS managed rule group, `AWSManagedRulesAntiDDoSRuleSet` . Use this to configure anti-DDoS behavior for the rule group.\n\nFor information about using the anti-DDoS managed rule group, see [AWS WAF Anti-DDoS rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-anti-ddos.html) and [Distributed Denial of Service (DDoS) prevention](https://docs.aws.amazon.com/waf/latest/developerguide/waf-anti-ddos.html) in the *AWS WAF Developer Guide* .", "AWSManagedRulesBotControlRuleSet": "Additional configuration for using the Bot Control managed rule group. Use this to specify the inspection level that you want to use. For information about using the Bot Control managed rule group, see [AWS WAF Bot Control rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html) and [AWS WAF Bot Control](https://docs.aws.amazon.com/waf/latest/developerguide/waf-bot-control.html) in the *AWS WAF Developer Guide* .", "LoginPath": "> Instead of this setting, provide your configuration under `AWSManagedRulesATPRuleSet` .", "PasswordField": "> Instead of this setting, provide your configuration under the request inspection configuration for `AWSManagedRulesATPRuleSet` or `AWSManagedRulesACFPRuleSet` .", @@ -51703,9 +52680,9 @@ }, "AWS::WAFv2::WebACL ManagedRuleGroupStatement": { "ExcludedRules": "Rules in the referenced rule group whose actions are set to `Count` .\n\n> Instead of this option, use `RuleActionOverrides` . It accepts any valid action setting, including `Count` .", - "ManagedRuleGroupConfigs": "Additional information that's used by a managed rule group. Many managed rule groups don't require this.\n\nThe rule groups used for intelligent threat mitigation require additional configuration:\n\n- Use the `AWSManagedRulesACFPRuleSet` configuration object to configure the account creation fraud prevention managed rule group. The configuration includes the registration and sign-up pages of your application and the locations in the account creation request payload of data, such as the user email and phone number fields.\n- Use the `AWSManagedRulesATPRuleSet` configuration object to configure the account takeover prevention managed rule group. The configuration includes the sign-in page of your application and the locations in the login request payload of data such as the username and password.\n- Use the `AWSManagedRulesBotControlRuleSet` configuration object to configure the protection level that you want the Bot Control rule group to use.", + "ManagedRuleGroupConfigs": "Additional information that's used by a managed rule group. Many managed rule groups don't require this.\n\nThe rule groups used for intelligent threat mitigation require additional configuration:\n\n- Use the `AWSManagedRulesACFPRuleSet` configuration object to configure the account creation fraud prevention managed rule group. The configuration includes the registration and sign-up pages of your application and the locations in the account creation request payload of data, such as the user email and phone number fields.\n- Use the `AWSManagedRulesAntiDDoSRuleSet` configuration object to configure the anti-DDoS managed rule group. The configuration includes the sensitivity levels to use in the rules that typically block and challenge requests that might be participating in DDoS attacks and the specification to use to indicate whether a request can handle a silent browser challenge.\n- Use the `AWSManagedRulesATPRuleSet` configuration object to configure the account takeover prevention managed rule group. The configuration includes the sign-in page of your application and the locations in the login request payload of data such as the username and password.\n- Use the `AWSManagedRulesBotControlRuleSet` configuration object to configure the protection level that you want the Bot Control rule group to use.", "Name": "The name of the managed rule group. You use this, along with the vendor name, to identify the rule group.", - "RuleActionOverrides": "Action settings to use in the place of the rule actions that are configured inside the rule group. You specify one override for each rule whose action you want to change.\n\n> Take care to verify the rule names in your overrides. If you provide a rule name that doesn't match the name of any rule in the rule group, AWS WAF doesn't return an error and doesn't apply the override setting. \n\nYou can use overrides for testing, for example you can override all of rule actions to `Count` and then monitor the resulting count metrics to understand how the rule group would handle your web traffic. You can also permanently override some or all actions, to modify how the rule group manages your web traffic.", + "RuleActionOverrides": "Action settings to use in the place of the rule actions that are configured inside the rule group. You specify one override for each rule whose action you want to change.\n\n> Verify the rule names in your overrides carefully. With managed rule groups, AWS WAF silently ignores any override that uses an invalid rule name. With customer-owned rule groups, invalid rule names in your overrides will cause web ACL updates to fail. An invalid rule name is any name that doesn't exactly match the case-sensitive name of an existing rule in the rule group. \n\nYou can use overrides for testing, for example you can override all of rule actions to `Count` and then monitor the resulting count metrics to understand how the rule group would handle your web traffic. You can also permanently override some or all actions, to modify how the rule group manages your web traffic.", "ScopeDownStatement": "An optional nested statement that narrows the scope of the web requests that are evaluated by the managed rule group. Requests are only evaluated by the rule group if they match the scope-down statement. You can use any nestable `Statement` in the scope-down statement, and you can nest statements at any level, the same as you can for a rule statement.", "VendorName": "The name of the managed rule group vendor. You use this, along with the rule group name, to identify a rule group.", "Version": "The version of the managed rule group to use. If you specify this, the version setting is fixed until you change it. If you don't specify this, AWS WAF uses the vendor's default version, and then keeps the version at the vendor's default when the vendor updates the managed rule group settings." @@ -51713,6 +52690,9 @@ "AWS::WAFv2::WebACL NotStatement": { "Statement": "The statement to negate. You can use any statement that can be nested." }, + "AWS::WAFv2::WebACL OnSourceDDoSProtectionConfig": { + "ALBLowReputationMode": "The level of DDoS protection that applies to web ACLs associated with Application Load Balancers. `ACTIVE_UNDER_DDOS` protection is enabled by default whenever a web ACL is associated with an Application Load Balancer. In the event that an Application Load Balancer experiences high-load conditions or suspected DDoS attacks, the `ACTIVE_UNDER_DDOS` protection automatically rate limits traffic from known low reputation sources without disrupting Application Load Balancer availability. `ALWAYS_ON` protection provides constant, always-on monitoring of known low reputation sources for suspected DDoS attacks. While this provides a higher level of protection, there may be potential impacts on legitimate traffic." + }, "AWS::WAFv2::WebACL OrStatement": { "Statements": "The statements to combine with OR logic. You can use any statements that can be nested." }, @@ -51729,6 +52709,7 @@ "ScopeDownStatement": "An optional nested statement that narrows the scope of the web requests that are evaluated and managed by the rate-based statement. When you use a scope-down statement, the rate-based rule only tracks and rate limits requests that match the scope-down statement. You can use any nestable `Statement` in the scope-down statement, and you can nest statements at any level, the same as you can for a rule statement." }, "AWS::WAFv2::WebACL RateBasedStatementCustomKey": { + "ASN": "Use an Autonomous System Number (ASN) derived from the request's originating or forwarded IP address as an aggregate key. Each distinct ASN contributes to the aggregation instance.", "Cookie": "Use the value of a cookie in the request as an aggregate key. Each distinct value in the cookie contributes to the aggregation instance. If you use a single cookie as your custom key, then each value fully defines an aggregation instance.", "ForwardedIP": "Use the first IP address in an HTTP header as an aggregate key. Each distinct forwarded IP address contributes to the aggregation instance.\n\nWhen you specify an IP or forwarded IP in the custom key settings, you must also specify at least one other key to use. You can aggregate on only the forwarded IP address by specifying `FORWARDED_IP` in your rate-based statement's `AggregateKeyType` .\n\nWith this option, you must specify the header to use in the rate-based rule's `ForwardedIPConfig` property.", "HTTPMethod": "Use the request's HTTP method as an aggregate key. Each distinct HTTP method contributes to the aggregation instance. If you use just the HTTP method as your custom key, then each method fully defines an aggregation instance.", @@ -51768,6 +52749,9 @@ "AWS::WAFv2::WebACL RateLimitUriPath": { "TextTransformations": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents." }, + "AWS::WAFv2::WebACL Regex": { + "RegexString": "The string representing the regular expression." + }, "AWS::WAFv2::WebACL RegexMatchStatement": { "FieldToMatch": "The part of the web request that you want AWS WAF to inspect.", "RegexString": "The string representing the regular expression.", @@ -51843,7 +52827,7 @@ "AWS::WAFv2::WebACL RuleGroupReferenceStatement": { "Arn": "The Amazon Resource Name (ARN) of the entity.", "ExcludedRules": "Rules in the referenced rule group whose actions are set to `Count` .\n\n> Instead of this option, use `RuleActionOverrides` . It accepts any valid action setting, including `Count` .", - "RuleActionOverrides": "Action settings to use in the place of the rule actions that are configured inside the rule group. You specify one override for each rule whose action you want to change.\n\n> Take care to verify the rule names in your overrides. If you provide a rule name that doesn't match the name of any rule in the rule group, AWS WAF doesn't return an error and doesn't apply the override setting. \n\nYou can use overrides for testing, for example you can override all of rule actions to `Count` and then monitor the resulting count metrics to understand how the rule group would handle your web traffic. You can also permanently override some or all actions, to modify how the rule group manages your web traffic." + "RuleActionOverrides": "Action settings to use in the place of the rule actions that are configured inside the rule group. You specify one override for each rule whose action you want to change.\n\n> Verify the rule names in your overrides carefully. With managed rule groups, AWS WAF silently ignores any override that uses an invalid rule name. With customer-owned rule groups, invalid rule names in your overrides will cause web ACL updates to fail. An invalid rule name is any name that doesn't exactly match the case-sensitive name of an existing rule in the rule group. \n\nYou can use overrides for testing, for example you can override all of rule actions to `Count` and then monitor the resulting count metrics to understand how the rule group would handle your web traffic. You can also permanently override some or all actions, to modify how the rule group manages your web traffic." }, "AWS::WAFv2::WebACL SingleHeader": { "Name": "The name of the query header to inspect." @@ -51864,6 +52848,7 @@ }, "AWS::WAFv2::WebACL Statement": { "AndStatement": "A logical rule statement used to combine other rule statements with AND logic. You provide more than one `Statement` within the `AndStatement` .", + "AsnMatchStatement": "A rule statement that inspects web traffic based on the Autonomous System Number (ASN) associated with the request's IP address.\n\nFor additional details, see [ASN match rule statement](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-type-asn-match.html) in the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html) .", "ByteMatchStatement": "A rule statement that defines a string match search for AWS WAF to apply to web requests. The byte match statement provides the bytes to search for, the location in requests that you want AWS WAF to search, and other settings. The bytes to search for are typically a string that corresponds with ASCII characters. In the AWS WAF console and the developer guide, this is called a string match statement.", "GeoMatchStatement": "A rule statement that labels web requests by country and region and that matches against web requests based on country code. A geo match rule labels every request that it inspects regardless of whether it finds a match.\n\n- To manage requests only by country, you can use this statement by itself and specify the countries that you want to match against in the `CountryCodes` array.\n- Otherwise, configure your geo match rule with Count action so that it only labels requests. Then, add one or more label match rules to run after the geo match rule and configure them to match against the geographic labels and handle the requests as needed.\n\nAWS WAF labels requests using the alpha-2 country and region codes from the International Organization for Standardization (ISO) 3166 standard. AWS WAF determines the codes using either the IP address in the web request origin or, if you specify it, the address in the geo match `ForwardedIPConfig` .\n\nIf you use the web request origin, the label formats are `awswaf:clientip:geo:region:-` and `awswaf:clientip:geo:country:` .\n\nIf you use a forwarded IP address, the label formats are `awswaf:forwardedip:geo:region:-` and `awswaf:forwardedip:geo:country:` .\n\nFor additional details, see [Geographic match rule statement](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-type-geo-match.html) in the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html) .", "IPSetReferenceStatement": "A rule statement used to detect web requests coming from particular IP addresses or address ranges. To use this, create an `IPSet` that specifies the addresses you want to detect, then use the ARN of that set in this statement.\n\nEach IP set rule statement references an IP set. You create and maintain the set independent of your rules. This allows you to use the single set in multiple rules. When you update the referenced set, AWS WAF automatically updates all rules that reference it.", @@ -52174,6 +53159,7 @@ "GroupingConfiguration": "The configuration information of the external data source.", "KnowledgeBaseArn": "The Amazon Resource Name (ARN) of the knowledge base.", "Language": "The language code value for the language in which the quick response is written. The supported language codes include `de_DE` , `en_US` , `es_ES` , `fr_FR` , `id_ID` , `it_IT` , `ja_JP` , `ko_KR` , `pt_BR` , `zh_CN` , `zh_TW`", + "MessageTemplateAttachments": "List of message template attachments.", "Name": "The name of the message template.", "Tags": "The tags used to organize, track, or control access for this resource." }, @@ -52262,6 +53248,11 @@ "Criteria": "The criteria used for grouping Amazon Q in Connect users.\n\nThe following is the list of supported criteria values.\n\n- `RoutingProfileArn` : Grouping the users by their [Amazon Connect routing profile ARN](https://docs.aws.amazon.com/connect/latest/APIReference/API_RoutingProfile.html) . User should have [SearchRoutingProfile](https://docs.aws.amazon.com/connect/latest/APIReference/API_SearchRoutingProfiles.html) and [DescribeRoutingProfile](https://docs.aws.amazon.com/connect/latest/APIReference/API_DescribeRoutingProfile.html) permissions when setting criteria to this value.", "Values": "The list of values that define different groups of Amazon Q in Connect users.\n\n- When setting `criteria` to `RoutingProfileArn` , you need to provide a list of ARNs of [Amazon Connect routing profiles](https://docs.aws.amazon.com/connect/latest/APIReference/API_RoutingProfile.html) as values of this parameter." }, + "AWS::Wisdom::MessageTemplate MessageTemplateAttachment": { + "AttachmentId": "The identifier of the attachment file.", + "AttachmentName": "The name of the attachment file being uploaded. The name should include the file extension.", + "S3PresignedUrl": "The S3 Presigned URL for the attachment file. When generating the PreSignedUrl, please ensure that the expires-in time is set to 30 minutes. The URL can be generated through the AWS Console or through the AWS CLI. For more information, see [Sharing objects with presigned URLs](https://docs.aws.amazon.com/AmazonS3/latest/userguide/ShareObjectPreSignedURL.html) ." + }, "AWS::Wisdom::MessageTemplate MessageTemplateAttributes": { "AgentAttributes": "The agent attributes that are used with the message template.", "CustomAttributes": "The custom attributes that are used with the message template.", @@ -52293,6 +53284,34 @@ "MessageTemplateArn": "The Amazon Resource Name (ARN) of the message template.", "MessageTemplateContentSha256": "The content SHA256 of the message template." }, + "AWS::Wisdom::QuickResponse": { + "Channels": "The Amazon Connect contact channels this quick response applies to. The supported contact channel types include `Chat` .", + "Content": "The content of the quick response.", + "ContentType": "The media type of the quick response content.\n\n- Use `application/x.quickresponse;format=plain` for quick response written in plain text.\n- Use `application/x.quickresponse;format=markdown` for quick response written in richtext.", + "Description": "The description of the quick response.", + "GroupingConfiguration": "The configuration information of the user groups that the quick response is accessible to.", + "IsActive": "Whether the quick response is active.", + "KnowledgeBaseArn": "The Amazon Resource Name (ARN) of the knowledge base.", + "Language": "The language code value for the language in which the quick response is written. The supported language codes include `de_DE` , `en_US` , `es_ES` , `fr_FR` , `id_ID` , `it_IT` , `ja_JP` , `ko_KR` , `pt_BR` , `zh_CN` , `zh_TW`", + "Name": "The name of the quick response.", + "ShortcutKey": "The shortcut key of the quick response. The value should be unique across the knowledge base.", + "Tags": "The tags used to organize, track, or control access for this resource." + }, + "AWS::Wisdom::QuickResponse GroupingConfiguration": { + "Criteria": "The criteria used for grouping Amazon Q in Connect users.\n\nThe following is the list of supported criteria values.\n\n- `RoutingProfileArn` : Grouping the users by their [Amazon Connect routing profile ARN](https://docs.aws.amazon.com/connect/latest/APIReference/API_RoutingProfile.html) . User should have [SearchRoutingProfile](https://docs.aws.amazon.com/connect/latest/APIReference/API_SearchRoutingProfiles.html) and [DescribeRoutingProfile](https://docs.aws.amazon.com/connect/latest/APIReference/API_DescribeRoutingProfile.html) permissions when setting criteria to this value.", + "Values": "The list of values that define different groups of Amazon Q in Connect users.\n\n- When setting `criteria` to `RoutingProfileArn` , you need to provide a list of ARNs of [Amazon Connect routing profiles](https://docs.aws.amazon.com/connect/latest/APIReference/API_RoutingProfile.html) as values of this parameter." + }, + "AWS::Wisdom::QuickResponse QuickResponseContentProvider": { + "Content": "The content of the quick response." + }, + "AWS::Wisdom::QuickResponse QuickResponseContents": { + "Markdown": "The quick response content in markdown format.", + "PlainText": "The quick response content in plaintext format." + }, + "AWS::Wisdom::QuickResponse Tag": { + "Key": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -", + "Value": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -" + }, "AWS::WorkSpaces::ConnectionAlias": { "ConnectionString": "The connection string specified for the connection alias. The connection string must be in the form of a fully qualified domain name (FQDN), such as `www.example.com` .", "Tags": "The tags to associate with the connection alias." diff --git a/schema_source/cloudformation.schema.json b/schema_source/cloudformation.schema.json index 45312f7bad..bff23c9833 100644 --- a/schema_source/cloudformation.schema.json +++ b/schema_source/cloudformation.schema.json @@ -676,11 +676,21 @@ "markdownDescription": "Configures the default behavior of the CRL Distribution Point extension for certificates issued by your CA. If this field is not provided, then the CRL Distribution Point extension will be present and contain the default CRL URL.", "title": "CrlDistributionPointExtensionConfiguration" }, + "CrlType": { + "markdownDescription": "Specifies the type of CRL. This setting determines the maximum number of certificates that the certificate authority can issue and revoke. For more information, see [AWS Private CA quotas](https://docs.aws.amazon.com/general/latest/gr/pca.html#limits_pca) .\n\n- `COMPLETE` - The default setting. AWS Private CA maintains a single CRL file for all unexpired certificates issued by a CA that have been revoked for any reason. Each certificate that AWS Private CA issues is bound to a specific CRL through the CRL distribution point (CDP) defined in [RFC 5280](https://docs.aws.amazon.com/https://datatracker.ietf.org/doc/html/rfc5280) .\n- `PARTITIONED` - Compared to complete CRLs, partitioned CRLs dramatically increase the number of certificates your private CA can issue.\n\n> When using partitioned CRLs, you must validate that the CRL's associated issuing distribution point (IDP) URI matches the certi\ufb01cate's CDP URI to ensure the right CRL has been fetched. AWS Private CA marks the IDP extension as critical, which your client must be able to process.", + "title": "CrlType", + "type": "string" + }, "CustomCname": { "markdownDescription": "Name inserted into the certificate *CRL Distribution Points* extension that enables the use of an alias for the CRL distribution point. Use this value if you don't want the name of your S3 bucket to be public.\n\n> The content of a Canonical Name (CNAME) record must conform to [RFC2396](https://docs.aws.amazon.com/https://www.ietf.org/rfc/rfc2396.txt) restrictions on the use of special characters in URIs. Additionally, the value of the CNAME must not include a protocol prefix such as \"http://\" or \"https://\".", "title": "CustomCname", "type": "string" }, + "CustomPath": { + "markdownDescription": "Designates a custom file path in S3 for CRL(s). For example, `http:////.crl` .", + "title": "CustomPath", + "type": "string" + }, "Enabled": { "markdownDescription": "Boolean value that specifies whether certificate revocation lists (CRLs) are enabled. You can use this value to enable certificate revocation for a new CA when you call the `CreateCertificateAuthority` operation or for an existing CA when you call the `UpdateCertificateAuthority` operation.", "title": "Enabled", @@ -702,6 +712,9 @@ "type": "string" } }, + "required": [ + "Enabled" + ], "type": "object" }, "AWS::ACMPCA::CertificateAuthority.CrlDistributionPointExtensionConfiguration": { @@ -772,7 +785,6 @@ } }, "required": [ - "NameAssigner", "PartyName" ], "type": "object" @@ -888,6 +900,9 @@ "type": "string" } }, + "required": [ + "Enabled" + ], "type": "object" }, "AWS::ACMPCA::CertificateAuthority.OtherName": { @@ -1180,7 +1195,7 @@ ], "type": "object" }, - "AWS::APS::RuleGroupsNamespace": { + "AWS::AIOps::InvestigationGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -1215,132 +1230,77 @@ "Properties": { "additionalProperties": false, "properties": { - "Data": { - "markdownDescription": "The rules file used in the namespace.\n\nFor more details about the rules file, see [Creating a rules file](https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-ruler-rulesfile.html) in the *Amazon Managed Service for Prometheus User Guide* .", - "title": "Data", + "ChatbotNotificationChannels": { + "items": { + "$ref": "#/definitions/AWS::AIOps::InvestigationGroup.ChatbotNotificationChannel" + }, + "markdownDescription": "Use this property to integrate CloudWatch investigations with chat applications. This property is an array. For the first string, specify the ARN of an Amazon SNS topic. For the array of strings, specify the ARNs of one or more chat applications configurations that you want to associate with that topic. For more information about these configuration ARNs, see [Getting started with Amazon Q in chat applications](https://docs.aws.amazon.com/chatbot/latest/adminguide/getting-started.html) and [Resource type defined by AWS Chatbot](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awschatbot.html#awschatbot-resources-for-iam-policies) .", + "title": "ChatbotNotificationChannels", + "type": "array" + }, + "CrossAccountConfigurations": { + "items": { + "$ref": "#/definitions/AWS::AIOps::InvestigationGroup.CrossAccountConfiguration" + }, + "markdownDescription": "List of `sourceRoleArn` values that have been configured for cross-account access.", + "title": "CrossAccountConfigurations", + "type": "array" + }, + "EncryptionConfig": { + "$ref": "#/definitions/AWS::AIOps::InvestigationGroup.EncryptionConfigMap", + "markdownDescription": "Specifies the customer managed AWS KMS key that the investigation group uses to encrypt data, if there is one. If not, the investigation group uses an AWS key to encrypt the data.", + "title": "EncryptionConfig" + }, + "InvestigationGroupPolicy": { + "markdownDescription": "Returns the JSON of the IAM resource policy associated with the specified investigation group in a string. For example, `{\\\"Version\\\":\\\"2012-10-17\\\",\\\"Statement\\\":[{\\\"Effect\\\":\\\"Allow\\\",\\\"Principal\\\":{\\\"Service\\\":\\\"aiops.alarms.cloudwatch.amazonaws.com\\\"},\\\"Action\\\":[\\\"aiops:CreateInvestigation\\\",\\\"aiops:CreateInvestigationEvent\\\"],\\\"Resource\\\":\\\"*\\\",\\\"Condition\\\":{\\\"StringEquals\\\":{\\\"aws:SourceAccount\\\":\\\"111122223333\\\"},\\\"ArnLike\\\":{\\\"aws:SourceArn\\\":\\\"arn:aws:cloudwatch:us-east-1:111122223333:alarm:*\\\"}}}]}` .", + "title": "InvestigationGroupPolicy", "type": "string" }, + "IsCloudTrailEventHistoryEnabled": { + "markdownDescription": "Specify `true` to enable CloudWatch investigations to have access to change events that are recorded by CloudTrail. The default is `true` .", + "title": "IsCloudTrailEventHistoryEnabled", + "type": "boolean" + }, "Name": { - "markdownDescription": "The name of the rule groups namespace.", + "markdownDescription": "Specify either the name or the ARN of the investigation group that you want to view. This is used to set the name of the investigation group.", "title": "Name", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The list of tag keys and values that are associated with the rule groups namespace.", - "title": "Tags", - "type": "array" + "RetentionInDays": { + "markdownDescription": "Specifies how long that investigation data is kept.", + "title": "RetentionInDays", + "type": "number" }, - "Workspace": { - "markdownDescription": "The ID of the workspace to add the rule groups namespace.", - "title": "Workspace", - "type": "string" - } - }, - "required": [ - "Data", - "Name", - "Workspace" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::APS::RuleGroupsNamespace" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::APS::Scraper": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that the investigation group uses for permissions to gather data.", + "title": "RoleArn", "type": "string" }, - { + "TagKeyBoundaries": { "items": { - "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, + "markdownDescription": "Displays the custom tag keys for custom applications in your system that you have specified in the investigation group. Resource tags help CloudWatch investigations narrow the search space when it is unable to discover definite relationships between resources.", + "title": "TagKeyBoundaries", "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Alias": { - "markdownDescription": "An optional user-assigned scraper alias.", - "title": "Alias", - "type": "string" - }, - "Destination": { - "$ref": "#/definitions/AWS::APS::Scraper.Destination", - "markdownDescription": "The Amazon Managed Service for Prometheus workspace the scraper sends metrics to.", - "title": "Destination" - }, - "ScrapeConfiguration": { - "$ref": "#/definitions/AWS::APS::Scraper.ScrapeConfiguration", - "markdownDescription": "The configuration in use by the scraper.", - "title": "ScrapeConfiguration" - }, - "Source": { - "$ref": "#/definitions/AWS::APS::Scraper.Source", - "markdownDescription": "The Amazon EKS cluster from which the scraper collects metrics.", - "title": "Source" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "(Optional) The list of tag keys and values associated with the scraper.", + "markdownDescription": "The list of key-value pairs to associate with the resource.", "title": "Tags", "type": "array" } }, "required": [ - "Destination", - "ScrapeConfiguration", - "Source" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::APS::Scraper" + "AWS::AIOps::InvestigationGroup" ], "type": "string" }, @@ -1359,191 +1319,652 @@ ], "type": "object" }, - "AWS::APS::Scraper.AmpConfiguration": { - "additionalProperties": false, - "properties": { - "WorkspaceArn": { - "markdownDescription": "ARN of the Amazon Managed Service for Prometheus workspace.", - "title": "WorkspaceArn", - "type": "string" - } - }, - "required": [ - "WorkspaceArn" - ], - "type": "object" - }, - "AWS::APS::Scraper.Destination": { + "AWS::AIOps::InvestigationGroup.ChatbotNotificationChannel": { "additionalProperties": false, "properties": { - "AmpConfiguration": { - "$ref": "#/definitions/AWS::APS::Scraper.AmpConfiguration", - "markdownDescription": "The Amazon Managed Service for Prometheus workspace to send metrics to.", - "title": "AmpConfiguration" - } - }, - "required": [ - "AmpConfiguration" - ], - "type": "object" - }, - "AWS::APS::Scraper.EksConfiguration": { - "additionalProperties": false, - "properties": { - "ClusterArn": { - "markdownDescription": "ARN of the Amazon EKS cluster.", - "title": "ClusterArn", - "type": "string" - }, - "SecurityGroupIds": { + "ChatConfigurationArns": { "items": { "type": "string" }, - "markdownDescription": "A list of the security group IDs for the Amazon EKS cluster VPC configuration.", - "title": "SecurityGroupIds", + "markdownDescription": "Returns the Amazon Resource Name (ARN) of any third-party chat integrations configured for the account.", + "title": "ChatConfigurationArns", "type": "array" }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of subnet IDs for the Amazon EKS cluster VPC configuration.", - "title": "SubnetIds", - "type": "array" - } - }, - "required": [ - "ClusterArn", - "SubnetIds" - ], - "type": "object" - }, - "AWS::APS::Scraper.ScrapeConfiguration": { - "additionalProperties": false, - "properties": { - "ConfigurationBlob": { - "markdownDescription": "The base 64 encoded scrape configuration file.", - "title": "ConfigurationBlob", + "SNSTopicArn": { + "markdownDescription": "Returns the ARN of an Amazon SNS topic used for third-party chat integrations.", + "title": "SNSTopicArn", "type": "string" } }, - "required": [ - "ConfigurationBlob" - ], "type": "object" }, - "AWS::APS::Scraper.Source": { + "AWS::AIOps::InvestigationGroup.CrossAccountConfiguration": { "additionalProperties": false, "properties": { - "EksConfiguration": { - "$ref": "#/definitions/AWS::APS::Scraper.EksConfiguration", - "markdownDescription": "The Amazon EKS cluster from which a scraper collects metrics.", - "title": "EksConfiguration" + "SourceRoleArn": { + "markdownDescription": "The ARN of an existing role which will be used to do investigations on your behalf.", + "title": "SourceRoleArn", + "type": "string" } }, - "required": [ - "EksConfiguration" - ], "type": "object" }, - "AWS::APS::Workspace": { + "AWS::AIOps::InvestigationGroup.EncryptionConfigMap": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AlertManagerDefinition": { - "markdownDescription": "The alert manager definition, a YAML configuration for the alert manager in your Amazon Managed Service for Prometheus workspace.\n\nFor details about the alert manager definition, see [Creating an alert manager configuration files](https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-alertmanager-config.html) in the *Amazon Managed Service for Prometheus User Guide* .\n\nThe following example shows part of a CloudFormation YAML file with an embedded alert manager definition (following the `- |-` ).\n\n`Workspace: Type: AWS::APS::Workspace .... Properties: .... AlertManagerDefinition: Fn::Sub: - |- alertmanager_config: | templates: - 'default_template' route: receiver: example-sns receivers: - name: example-sns sns_configs: - topic_arn: 'arn:aws:sns:${AWS::Region}:${AWS::AccountId}:${TopicName}' -`", - "title": "AlertManagerDefinition", - "type": "string" - }, - "Alias": { - "markdownDescription": "The alias that is assigned to this workspace to help identify it. It does not need to be unique.", - "title": "Alias", - "type": "string" - }, - "KmsKeyArn": { - "markdownDescription": "(optional) The ARN for a customer managed AWS KMS key to use for encrypting data within your workspace. For more information about using your own key in your workspace, see [Encryption at rest](https://docs.aws.amazon.com/prometheus/latest/userguide/encryption-at-rest-Amazon-Service-Prometheus.html) in the *Amazon Managed Service for Prometheus User Guide* .", - "title": "KmsKeyArn", - "type": "string" - }, - "LoggingConfiguration": { - "$ref": "#/definitions/AWS::APS::Workspace.LoggingConfiguration", - "markdownDescription": "Contains information about the current rules and alerting logging configuration for the workspace.\n\n> These logging configurations are only for rules and alerting logs.", - "title": "LoggingConfiguration" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The list of tag keys and values that are associated with the workspace.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::APS::Workspace" - ], + "EncryptionConfigurationType": { + "markdownDescription": "Displays whether investigation data is encrypted by a customer managed key or an AWS owned key.", + "title": "EncryptionConfigurationType", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::APS::Workspace.LoggingConfiguration": { - "additionalProperties": false, - "properties": { - "LogGroupArn": { - "markdownDescription": "The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist prior to calling this operation.", - "title": "LogGroupArn", + "KmsKeyId": { + "markdownDescription": "If the investigation group uses a customer managed key for encryption, this field displays the ID of that key.", + "title": "KmsKeyId", "type": "string" } }, "type": "object" }, - "AWS::ARCZonalShift::ZonalAutoshiftConfiguration": { + "AWS::APS::RuleGroupsNamespace": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Data": { + "markdownDescription": "The rules file used in the namespace.\n\nFor more details about the rules file, see [Creating a rules file](https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-ruler-rulesfile.html) in the *Amazon Managed Service for Prometheus User Guide* .", + "title": "Data", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the rule groups namespace.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of tag keys and values that are associated with the rule groups namespace.", + "title": "Tags", + "type": "array" + }, + "Workspace": { + "markdownDescription": "The ID of the workspace to add the rule groups namespace.", + "title": "Workspace", + "type": "string" + } + }, + "required": [ + "Data", + "Name", + "Workspace" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::APS::RuleGroupsNamespace" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::APS::Scraper": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Alias": { + "markdownDescription": "An optional user-assigned scraper alias.", + "title": "Alias", + "type": "string" + }, + "Destination": { + "$ref": "#/definitions/AWS::APS::Scraper.Destination", + "markdownDescription": "The Amazon Managed Service for Prometheus workspace the scraper sends metrics to.", + "title": "Destination" + }, + "RoleConfiguration": { + "$ref": "#/definitions/AWS::APS::Scraper.RoleConfiguration", + "markdownDescription": "The role configuration in an Amazon Managed Service for Prometheus scraper.", + "title": "RoleConfiguration" + }, + "ScrapeConfiguration": { + "$ref": "#/definitions/AWS::APS::Scraper.ScrapeConfiguration", + "markdownDescription": "The configuration in use by the scraper.", + "title": "ScrapeConfiguration" + }, + "Source": { + "$ref": "#/definitions/AWS::APS::Scraper.Source", + "markdownDescription": "The Amazon EKS cluster from which the scraper collects metrics.", + "title": "Source" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "(Optional) The list of tag keys and values associated with the scraper.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Destination", + "ScrapeConfiguration", + "Source" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::APS::Scraper" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::APS::Scraper.AmpConfiguration": { + "additionalProperties": false, + "properties": { + "WorkspaceArn": { + "markdownDescription": "ARN of the Amazon Managed Service for Prometheus workspace.", + "title": "WorkspaceArn", + "type": "string" + } + }, + "required": [ + "WorkspaceArn" + ], + "type": "object" + }, + "AWS::APS::Scraper.Destination": { + "additionalProperties": false, + "properties": { + "AmpConfiguration": { + "$ref": "#/definitions/AWS::APS::Scraper.AmpConfiguration", + "markdownDescription": "The Amazon Managed Service for Prometheus workspace to send metrics to.", + "title": "AmpConfiguration" + } + }, + "required": [ + "AmpConfiguration" + ], + "type": "object" + }, + "AWS::APS::Scraper.EksConfiguration": { + "additionalProperties": false, + "properties": { + "ClusterArn": { + "markdownDescription": "ARN of the Amazon EKS cluster.", + "title": "ClusterArn", + "type": "string" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the security group IDs for the Amazon EKS cluster VPC configuration.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of subnet IDs for the Amazon EKS cluster VPC configuration.", + "title": "SubnetIds", + "type": "array" + } + }, + "required": [ + "ClusterArn", + "SubnetIds" + ], + "type": "object" + }, + "AWS::APS::Scraper.RoleConfiguration": { + "additionalProperties": false, + "properties": { + "SourceRoleArn": { + "markdownDescription": "The ARN of the source role.", + "title": "SourceRoleArn", + "type": "string" + }, + "TargetRoleArn": { + "markdownDescription": "The ARN of the target role.", + "title": "TargetRoleArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::APS::Scraper.ScrapeConfiguration": { + "additionalProperties": false, + "properties": { + "ConfigurationBlob": { + "markdownDescription": "The base 64 encoded scrape configuration file.", + "title": "ConfigurationBlob", + "type": "string" + } + }, + "required": [ + "ConfigurationBlob" + ], + "type": "object" + }, + "AWS::APS::Scraper.Source": { + "additionalProperties": false, + "properties": { + "EksConfiguration": { + "$ref": "#/definitions/AWS::APS::Scraper.EksConfiguration", + "markdownDescription": "The Amazon EKS cluster from which a scraper collects metrics.", + "title": "EksConfiguration" + } + }, + "required": [ + "EksConfiguration" + ], + "type": "object" + }, + "AWS::APS::Workspace": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AlertManagerDefinition": { + "markdownDescription": "The alert manager definition, a YAML configuration for the alert manager in your Amazon Managed Service for Prometheus workspace.\n\nFor details about the alert manager definition, see [Creating an alert manager configuration files](https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-alertmanager-config.html) in the *Amazon Managed Service for Prometheus User Guide* .\n\nThe following example shows part of a CloudFormation YAML file with an embedded alert manager definition (following the `- |-` ).\n\n`Workspace: Type: AWS::APS::Workspace .... Properties: .... AlertManagerDefinition: Fn::Sub: - |- alertmanager_config: | templates: - 'default_template' route: receiver: example-sns receivers: - name: example-sns sns_configs: - topic_arn: 'arn:aws:sns:${AWS::Region}:${AWS::AccountId}:${TopicName}' -`", + "title": "AlertManagerDefinition", + "type": "string" + }, + "Alias": { + "markdownDescription": "The alias that is assigned to this workspace to help identify it. It does not need to be unique.", + "title": "Alias", + "type": "string" + }, + "KmsKeyArn": { + "markdownDescription": "(optional) The ARN for a customer managed AWS KMS key to use for encrypting data within your workspace. For more information about using your own key in your workspace, see [Encryption at rest](https://docs.aws.amazon.com/prometheus/latest/userguide/encryption-at-rest-Amazon-Service-Prometheus.html) in the *Amazon Managed Service for Prometheus User Guide* .", + "title": "KmsKeyArn", + "type": "string" + }, + "LoggingConfiguration": { + "$ref": "#/definitions/AWS::APS::Workspace.LoggingConfiguration", + "markdownDescription": "Contains information about the current rules and alerting logging configuration for the workspace.\n\n> These logging configurations are only for rules and alerting logs.", + "title": "LoggingConfiguration" + }, + "QueryLoggingConfiguration": { + "$ref": "#/definitions/AWS::APS::Workspace.QueryLoggingConfiguration", + "markdownDescription": "The definition of logging configuration in an Amazon Managed Service for Prometheus workspace.", + "title": "QueryLoggingConfiguration" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of tag keys and values that are associated with the workspace.", + "title": "Tags", + "type": "array" + }, + "WorkspaceConfiguration": { + "$ref": "#/definitions/AWS::APS::Workspace.WorkspaceConfiguration", + "markdownDescription": "Use this structure to define label sets and the ingestion limits for time series that match label sets, and to specify the retention period of the workspace.", + "title": "WorkspaceConfiguration" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::APS::Workspace" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::APS::Workspace.CloudWatchLogDestination": { + "additionalProperties": false, + "properties": { + "LogGroupArn": { + "markdownDescription": "The ARN of the CloudWatch log group.", + "title": "LogGroupArn", + "type": "string" + } + }, + "required": [ + "LogGroupArn" + ], + "type": "object" + }, + "AWS::APS::Workspace.Label": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name for this label.", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The value for this label.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Name", + "Value" + ], + "type": "object" + }, + "AWS::APS::Workspace.LimitsPerLabelSet": { + "additionalProperties": false, + "properties": { + "LabelSet": { + "items": { + "$ref": "#/definitions/AWS::APS::Workspace.Label" + }, + "markdownDescription": "This defines one label set that will have an enforced ingestion limit. You can set ingestion limits on time series that match defined label sets, to help prevent a workspace from being overwhelmed with unexpected spikes in time series ingestion.\n\nLabel values accept all UTF-8 characters with one exception. If the label name is metric name label `__ *name* __` , then the *metric* part of the name must conform to the following pattern: `[a-zA-Z_:][a-zA-Z0-9_:]*`", + "title": "LabelSet", + "type": "array" + }, + "Limits": { + "$ref": "#/definitions/AWS::APS::Workspace.LimitsPerLabelSetEntry", + "markdownDescription": "This structure contains the information about the limits that apply to time series that match this label set.", + "title": "Limits" + } + }, + "required": [ + "LabelSet", + "Limits" + ], + "type": "object" + }, + "AWS::APS::Workspace.LimitsPerLabelSetEntry": { + "additionalProperties": false, + "properties": { + "MaxSeries": { + "markdownDescription": "The maximum number of active series that can be ingested that match this label set.\n\nSetting this to 0 causes no label set limit to be enforced, but it does cause Amazon Managed Service for Prometheus to vend label set metrics to CloudWatch", + "title": "MaxSeries", + "type": "number" + } + }, + "type": "object" + }, + "AWS::APS::Workspace.LoggingConfiguration": { + "additionalProperties": false, + "properties": { + "LogGroupArn": { + "markdownDescription": "The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist prior to calling this operation.", + "title": "LogGroupArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::APS::Workspace.LoggingDestination": { + "additionalProperties": false, + "properties": { + "CloudWatchLogs": { + "$ref": "#/definitions/AWS::APS::Workspace.CloudWatchLogDestination", + "markdownDescription": "Configuration details for logging to CloudWatch Logs.", + "title": "CloudWatchLogs" + }, + "Filters": { + "$ref": "#/definitions/AWS::APS::Workspace.LoggingFilter", + "markdownDescription": "Filtering criteria that determine which queries are logged.", + "title": "Filters" + } + }, + "required": [ + "CloudWatchLogs", + "Filters" + ], + "type": "object" + }, + "AWS::APS::Workspace.LoggingFilter": { + "additionalProperties": false, + "properties": { + "QspThreshold": { + "markdownDescription": "", + "title": "QspThreshold", + "type": "number" + } + }, + "required": [ + "QspThreshold" + ], + "type": "object" + }, + "AWS::APS::Workspace.QueryLoggingConfiguration": { + "additionalProperties": false, + "properties": { + "Destinations": { + "items": { + "$ref": "#/definitions/AWS::APS::Workspace.LoggingDestination" + }, + "markdownDescription": "Defines a destination and its associated filtering criteria for query logging.", + "title": "Destinations", + "type": "array" + } + }, + "required": [ + "Destinations" + ], + "type": "object" + }, + "AWS::APS::Workspace.WorkspaceConfiguration": { + "additionalProperties": false, + "properties": { + "LimitsPerLabelSets": { + "items": { + "$ref": "#/definitions/AWS::APS::Workspace.LimitsPerLabelSet" + }, + "markdownDescription": "This is an array of structures, where each structure defines a label set for the workspace, and defines the ingestion limit for active time series for each of those label sets. Each label name in a label set must be unique.", + "title": "LimitsPerLabelSets", + "type": "array" + }, + "RetentionPeriodInDays": { + "markdownDescription": "Specifies how many days that metrics will be retained in the workspace.", + "title": "RetentionPeriodInDays", + "type": "number" + } + }, + "type": "object" + }, + "AWS::ARCZonalShift::AutoshiftObserverNotificationStatus": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Status": { + "markdownDescription": "", + "title": "Status", + "type": "string" + } + }, + "required": [ + "Status" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ARCZonalShift::AutoshiftObserverNotificationStatus" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::ARCZonalShift::ZonalAutoshiftConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -1584,7 +2005,7 @@ "title": "PracticeRunConfiguration" }, "ResourceIdentifier": { - "markdownDescription": "The identifier for the resource that AWS shifts traffic for. The identifier is the Amazon Resource Name (ARN) for the resource.\n\nAt this time, supported resources are Network Load Balancers and Application Load Balancers with cross-zone load balancing turned off.", + "markdownDescription": "The identifier for the resource that AWS shifts traffic for. The identifier is the Amazon Resource Name (ARN) for the resource.\n\nAt this time, supported resources are Network Load Balancers and Application Load Balancers.", "title": "ResourceIdentifier", "type": "string" }, @@ -1655,7 +2076,7 @@ "items": { "type": "string" }, - "markdownDescription": "An array of one or more days and times that you can specify when Route 53 ARC does not start practice runs for a resource. Days and times are in UTC.\n\nSpecify blocked windows in the format `DAY:HH:MM-DAY:HH:MM` , separated by spaces. For example, `MON:18:30-MON:19:30 TUE:18:30-TUE:19:30` .", + "markdownDescription": "An array of one or more days and times that you can specify when ARC does not start practice runs for a resource. Days and times are in UTC.\n\nSpecify blocked windows in the format `DAY:HH:MM-DAY:HH:MM` , separated by spaces. For example, `MON:18:30-MON:19:30 TUE:18:30-TUE:19:30` .\n\n> Blocked windows have to start and end on the same day. Windows that span multiple days aren't supported.", "title": "BlockedWindows", "type": "array" }, @@ -1743,7 +2164,7 @@ "type": "array" }, "Type": { - "markdownDescription": "The type represents the zone of trust for the analyzer.\n\n*Allowed Values* : ACCOUNT | ORGANIZATION | ACCOUNT_UNUSED_ACCESS | ORGANIZATION_UNUSED_ACCESS", + "markdownDescription": "The type represents the zone of trust for the analyzer.\n\n*Allowed Values* : ACCOUNT | ORGANIZATION | ACCOUNT_UNUSED_ACCESS | ACCOUNT_INTERNAL_ACCESS | ORGANIZATION_INTERNAL_ACCESS | ORGANIZATION_UNUSED_ACCESS", "title": "Type", "type": "string" } @@ -1774,9 +2195,47 @@ ], "type": "object" }, + "AWS::AccessAnalyzer::Analyzer.AnalysisRule": { + "additionalProperties": false, + "properties": { + "Exclusions": { + "items": { + "$ref": "#/definitions/AWS::AccessAnalyzer::Analyzer.AnalysisRuleCriteria" + }, + "markdownDescription": "A list of rules for the analyzer containing criteria to exclude from analysis. Entities that meet the rule criteria will not generate findings.", + "title": "Exclusions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::AccessAnalyzer::Analyzer.AnalysisRuleCriteria": { + "additionalProperties": false, + "properties": { + "AccountIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of AWS account IDs to apply to the analysis rule criteria. The accounts cannot include the organization analyzer owner account. Account IDs can only be applied to the analysis rule criteria for organization-level analyzers. The list cannot include more than 2,000 account IDs.", + "title": "AccountIds", + "type": "array" + }, + "ResourceTags": { + "markdownDescription": "An array of key-value pairs to match for your resources. You can use the set of Unicode letters, digits, whitespace, `_` , `.` , `/` , `=` , `+` , and `-` .\n\nFor the tag key, you can specify a value that is 1 to 128 characters in length and cannot be prefixed with `aws:` .\n\nFor the tag value, you can specify a value that is 0 to 256 characters in length. If the specified tag value is 0 characters, the rule is applied to all principals with the specified tag key.", + "title": "ResourceTags", + "type": "object" + } + }, + "type": "object" + }, "AWS::AccessAnalyzer::Analyzer.AnalyzerConfiguration": { "additionalProperties": false, "properties": { + "InternalAccessConfiguration": { + "$ref": "#/definitions/AWS::AccessAnalyzer::Analyzer.InternalAccessConfiguration", + "markdownDescription": "Specifies the configuration of an internal access analyzer for an AWS organization or account. This configuration determines how the analyzer evaluates access within your AWS environment.", + "title": "InternalAccessConfiguration" + }, "UnusedAccessConfiguration": { "$ref": "#/definitions/AWS::AccessAnalyzer::Analyzer.UnusedAccessConfiguration", "markdownDescription": "Specifies the configuration of an unused access analyzer for an AWS organization or account.", @@ -1851,9 +2310,69 @@ ], "type": "object" }, + "AWS::AccessAnalyzer::Analyzer.InternalAccessAnalysisRule": { + "additionalProperties": false, + "properties": { + "Inclusions": { + "items": { + "$ref": "#/definitions/AWS::AccessAnalyzer::Analyzer.InternalAccessAnalysisRuleCriteria" + }, + "markdownDescription": "A list of rules for the internal access analyzer containing criteria to include in analysis. Only resources that meet the rule criteria will generate findings.", + "title": "Inclusions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::AccessAnalyzer::Analyzer.InternalAccessAnalysisRuleCriteria": { + "additionalProperties": false, + "properties": { + "AccountIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of AWS account IDs to apply to the internal access analysis rule criteria. Account IDs can only be applied to the analysis rule criteria for organization-level analyzers.", + "title": "AccountIds", + "type": "array" + }, + "ResourceArns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of resource ARNs to apply to the internal access analysis rule criteria. The analyzer will only generate findings for resources that match these ARNs.", + "title": "ResourceArns", + "type": "array" + }, + "ResourceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of resource types to apply to the internal access analysis rule criteria. The analyzer will only generate findings for resources of these types. These resource types are currently supported for internal access analyzers:\n\n- `AWS::S3::Bucket`\n- `AWS::RDS::DBSnapshot`\n- `AWS::RDS::DBClusterSnapshot`\n- `AWS::S3Express::DirectoryBucket`\n- `AWS::DynamoDB::Table`\n- `AWS::DynamoDB::Stream`", + "title": "ResourceTypes", + "type": "array" + } + }, + "type": "object" + }, + "AWS::AccessAnalyzer::Analyzer.InternalAccessConfiguration": { + "additionalProperties": false, + "properties": { + "InternalAccessAnalysisRule": { + "$ref": "#/definitions/AWS::AccessAnalyzer::Analyzer.InternalAccessAnalysisRule", + "markdownDescription": "Contains information about analysis rules for the internal access analyzer. These rules determine which resources and access patterns will be analyzed.", + "title": "InternalAccessAnalysisRule" + } + }, + "type": "object" + }, "AWS::AccessAnalyzer::Analyzer.UnusedAccessConfiguration": { "additionalProperties": false, "properties": { + "AnalysisRule": { + "$ref": "#/definitions/AWS::AccessAnalyzer::Analyzer.AnalysisRule", + "markdownDescription": "Contains information about analysis rules for the analyzer. Analysis rules determine which entities will generate findings based on the criteria you define when you create the rule.", + "title": "AnalysisRule" + }, "UnusedAccessAge": { "markdownDescription": "The specified access age in days for which to generate findings for unused access. For example, if you specify 90 days, the analyzer will generate findings for IAM entities within the accounts of the selected organization for any access that hasn't been used in 90 or more days since the analyzer's last scan. You can choose a value between 1 and 365 days.", "title": "UnusedAccessAge", @@ -2011,11 +2530,9 @@ } }, "required": [ - "AutoMinorVersionUpgrade", "BrokerName", "DeploymentMode", "EngineType", - "EngineVersion", "HostInstanceType", "PubliclyAccessible", "Users" @@ -2330,9 +2847,7 @@ } }, "required": [ - "Data", "EngineType", - "EngineVersion", "Name" ], "type": "object" @@ -2526,6 +3041,16 @@ "title": "BuildSpec", "type": "string" }, + "CacheConfig": { + "$ref": "#/definitions/AWS::Amplify::App.CacheConfig", + "markdownDescription": "The cache configuration for the Amplify app. If you don't specify the cache configuration `type` , Amplify uses the default `AMPLIFY_MANAGED` setting.", + "title": "CacheConfig" + }, + "ComputeRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role for an SSR app. The Compute role allows the Amplify Hosting compute service to securely access specific AWS resources based on the role's permissions. For more information about the SSR Compute role, see [Adding an SSR Compute role](https://docs.aws.amazon.com/amplify/latest/userguide/amplify-SSR-compute-role.html) in the *Amplify User Guide* .", + "title": "ComputeRoleArn", + "type": "string" + }, "CustomHeaders": { "markdownDescription": "The custom HTTP headers for an Amplify app.", "title": "CustomHeaders", @@ -2562,6 +3087,11 @@ "title": "IAMServiceRole", "type": "string" }, + "JobConfig": { + "$ref": "#/definitions/AWS::Amplify::App.JobConfig", + "markdownDescription": "The configuration details that apply to the jobs for an Amplify app.", + "title": "JobConfig" + }, "Name": { "markdownDescription": "The name of the Amplify app.", "title": "Name", @@ -2705,6 +3235,17 @@ }, "type": "object" }, + "AWS::Amplify::App.CacheConfig": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "The type of cache configuration to use for an Amplify app.\n\nThe `AMPLIFY_MANAGED` cache configuration automatically applies an optimized cache configuration for your app based on its platform, routing rules, and rewrite rules.\n\nThe `AMPLIFY_MANAGED_NO_COOKIES` cache configuration type is the same as `AMPLIFY_MANAGED` , except that it excludes all cookies from the cache key. This is the default setting.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, "AWS::Amplify::App.CustomRule": { "additionalProperties": false, "properties": { @@ -2755,6 +3296,20 @@ ], "type": "object" }, + "AWS::Amplify::App.JobConfig": { + "additionalProperties": false, + "properties": { + "BuildComputeType": { + "markdownDescription": "Specifies the size of the build instance. Amplify supports three instance sizes: `STANDARD_8GB` , `LARGE_16GB` , and `XLARGE_72GB` . If you don't specify a value, Amplify uses the `STANDARD_8GB` default.\n\nThe following list describes the CPU, memory, and storage capacity for each build instance type:\n\n- **STANDARD_8GB** - - vCPUs: 4\n- Memory: 8 GiB\n- Disk space: 128 GB\n- **LARGE_16GB** - - vCPUs: 8\n- Memory: 16 GiB\n- Disk space: 128 GB\n- **XLARGE_72GB** - - vCPUs: 36\n- Memory: 72 GiB\n- Disk space: 256 GB", + "title": "BuildComputeType", + "type": "string" + } + }, + "required": [ + "BuildComputeType" + ], + "type": "object" + }, "AWS::Amplify::Branch": { "additionalProperties": false, "properties": { @@ -2815,6 +3370,11 @@ "title": "BuildSpec", "type": "string" }, + "ComputeRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to assign to a branch of an SSR app. The SSR Compute role allows the Amplify Hosting compute service to securely access specific AWS resources based on the role's permissions. For more information about the SSR Compute role, see [Adding an SSR Compute role](https://docs.aws.amazon.com/amplify/latest/userguide/amplify-SSR-compute-role.html) in the *Amplify User Guide* .", + "title": "ComputeRoleArn", + "type": "string" + }, "Description": { "markdownDescription": "The description for the branch that is part of an Amplify app.", "title": "Description", @@ -2835,6 +3395,11 @@ "title": "EnablePullRequestPreview", "type": "boolean" }, + "EnableSkewProtection": { + "markdownDescription": "Specifies whether the skew protection feature is enabled for the branch.\n\nDeployment skew protection is available to Amplify applications to eliminate version skew issues between client and servers in web applications. When you apply skew protection to a branch, you can ensure that your clients always interact with the correct version of server-side assets, regardless of when a deployment occurs. For more information about skew protection, see [Skew protection for Amplify deployments](https://docs.aws.amazon.com/amplify/latest/userguide/skew-protection.html) in the *Amplify User Guide* .", + "title": "EnableSkewProtection", + "type": "boolean" + }, "EnvironmentVariables": { "items": { "$ref": "#/definitions/AWS::Amplify::Branch.EnvironmentVariable" @@ -4933,6 +5498,89 @@ ], "type": "object" }, + "AWS::ApiGateway::BasePathMappingV2": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "BasePath": { + "markdownDescription": "The base path name that callers of the private API must provide as part of the URL after the domain name.", + "title": "BasePath", + "type": "string" + }, + "DomainNameArn": { + "markdownDescription": "The ARN of the domain name for the BasePathMappingV2 resource to be described.", + "title": "DomainNameArn", + "type": "string" + }, + "RestApiId": { + "markdownDescription": "The private API's identifier. This identifier is unique across all of your APIs in API Gateway.", + "title": "RestApiId", + "type": "string" + }, + "Stage": { + "markdownDescription": "Represents a unique identifier for a version of a deployed private RestApi that is callable by users. The Stage must depend on the `RestApi` 's stage. To create a dependency, add a DependsOn attribute to the BasePathMappingV2 resource.", + "title": "Stage", + "type": "string" + } + }, + "required": [ + "DomainNameArn", + "RestApiId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ApiGateway::BasePathMappingV2" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, "AWS::ApiGateway::ClientCertificate": { "additionalProperties": false, "properties": { @@ -5583,6 +6231,11 @@ "title": "RegionalCertificateArn", "type": "string" }, + "RoutingMode": { + "markdownDescription": "The routing mode for this domain name. The routing mode determines how API Gateway sends traffic from your custom domain name to your public APIs.", + "title": "RoutingMode", + "type": "string" + }, "SecurityPolicy": { "markdownDescription": "The Transport Layer Security (TLS) version + cipher suite for this DomainName. The valid values are `TLS_1_0` and `TLS_1_2` .", "title": "SecurityPolicy", @@ -5622,6 +6275,11 @@ "AWS::ApiGateway::DomainName.EndpointConfiguration": { "additionalProperties": false, "properties": { + "IpAddressType": { + "markdownDescription": "The IP address types that can invoke this DomainName. Use `ipv4` to allow only IPv4 addresses to invoke this DomainName, or use `dualstack` to allow both IPv4 and IPv6 addresses to invoke this DomainName. For the `PRIVATE` endpoint type, only `dualstack` is supported.", + "title": "IpAddressType", + "type": "string" + }, "Types": { "items": { "type": "string" @@ -5649,6 +6307,208 @@ }, "type": "object" }, + "AWS::ApiGateway::DomainNameAccessAssociation": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AccessAssociationSource": { + "markdownDescription": "The identifier of the domain name access association source. For a `VPCE` , the value is the VPC endpoint ID.", + "title": "AccessAssociationSource", + "type": "string" + }, + "AccessAssociationSourceType": { + "markdownDescription": "The type of the domain name access association source. Only `VPCE` is currently supported.", + "title": "AccessAssociationSourceType", + "type": "string" + }, + "DomainNameArn": { + "markdownDescription": "The ARN of the domain name.", + "title": "DomainNameArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The collection of tags. Each tag element is associated with a given resource.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "AccessAssociationSource", + "AccessAssociationSourceType", + "DomainNameArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ApiGateway::DomainNameAccessAssociation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::ApiGateway::DomainNameV2": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CertificateArn": { + "markdownDescription": "The reference to an AWS -managed certificate that will be used by the private endpoint for this domain name. AWS Certificate Manager is the only supported source.", + "title": "CertificateArn", + "type": "string" + }, + "DomainName": { + "markdownDescription": "Represents a custom domain name as a user-friendly host name of an API (RestApi).", + "title": "DomainName", + "type": "string" + }, + "EndpointConfiguration": { + "$ref": "#/definitions/AWS::ApiGateway::DomainNameV2.EndpointConfiguration", + "markdownDescription": "The endpoint configuration to indicate the types of endpoints an API (RestApi) or its custom domain name (DomainName) has and the IP address types that can invoke it.", + "title": "EndpointConfiguration" + }, + "Policy": { + "markdownDescription": "A stringified JSON policy document that applies to the `execute-api` service for this DomainName regardless of the caller and Method configuration. You can use `Fn::ToJsonString` to enter your `policy` . For more information, see [Fn::ToJsonString](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ToJsonString.html) .", + "title": "Policy", + "type": "object" + }, + "RoutingMode": { + "markdownDescription": "The routing mode for this domain name. The routing mode determines how API Gateway sends traffic from your custom domain name to your private APIs.", + "title": "RoutingMode", + "type": "string" + }, + "SecurityPolicy": { + "markdownDescription": "The Transport Layer Security (TLS) version + cipher suite for this DomainName. Only `TLS_1_2` is supported.", + "title": "SecurityPolicy", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The collection of tags. Each tag element is associated with a given resource.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ApiGateway::DomainNameV2" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::ApiGateway::DomainNameV2.EndpointConfiguration": { + "additionalProperties": false, + "properties": { + "IpAddressType": { + "markdownDescription": "The IP address types that can invoke an API (RestApi) or a DomainName. Use `ipv4` to allow only IPv4 addresses to invoke an API or DomainName, or use `dualstack` to allow both IPv4 and IPv6 addresses to invoke an API or a DomainName. For the `PRIVATE` endpoint type, only `dualstack` is supported.", + "title": "IpAddressType", + "type": "string" + }, + "Types": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of endpoint types of an API (RestApi) or its custom domain name (DomainName). For an edge-optimized API and its custom domain name, the endpoint type is `\"EDGE\"` . For a regional API and its custom domain name, the endpoint type is `REGIONAL` . For a private API, the endpoint type is `PRIVATE` .", + "title": "Types", + "type": "array" + } + }, + "type": "object" + }, "AWS::ApiGateway::GatewayResponse": { "additionalProperties": false, "properties": { @@ -6471,6 +7331,11 @@ "AWS::ApiGateway::RestApi.EndpointConfiguration": { "additionalProperties": false, "properties": { + "IpAddressType": { + "markdownDescription": "The IP address types that can invoke an API (RestApi). Use `ipv4` to allow only IPv4 addresses to invoke an API, or use `dualstack` to allow both IPv4 and IPv6 addresses to invoke an API. For the `PRIVATE` endpoint type, only `dualstack` is supported.", + "title": "IpAddressType", + "type": "string" + }, "Types": { "items": { "type": "string" @@ -7175,6 +8040,11 @@ "title": "FailOnWarnings", "type": "boolean" }, + "IpAddressType": { + "markdownDescription": "The IP address types that can invoke the API. Use `ipv4` to allow only IPv4 addresses to invoke your API, or use `dualstack` to allow both IPv4 and IPv6 addresses to invoke your API.\n\nDon\u2019t use IP address type for an HTTP API based on an OpenAPI specification. Instead, specify the IP address type in the OpenAPI specification.", + "title": "IpAddressType", + "type": "string" + }, "Name": { "markdownDescription": "The name of the API. Required unless you specify an OpenAPI definition for `Body` or `S3BodyLocation` .", "title": "Name", @@ -7893,6 +8763,11 @@ "markdownDescription": "The mutual TLS authentication configuration for a custom domain name.", "title": "MutualTlsAuthentication" }, + "RoutingMode": { + "markdownDescription": "The routing mode API Gateway uses to route traffic to your APIs.", + "title": "RoutingMode", + "type": "string" + }, "Tags": { "additionalProperties": true, "markdownDescription": "The collection of tags associated with a domain name.", @@ -7949,6 +8824,11 @@ "title": "EndpointType", "type": "string" }, + "IpAddressType": { + "markdownDescription": "The IP address types that can invoke the domain name. Use `ipv4` to allow only IPv4 addresses to invoke your domain name, or use `dualstack` to allow both IPv4 and IPv6 addresses to invoke your domain name.", + "title": "IpAddressType", + "type": "string" + }, "OwnershipVerificationCertificateArn": { "markdownDescription": "The Amazon resource name (ARN) for the public certificate issued by AWS Certificate Manager . This ARN is used to validate custom domain ownership. It's required only if you configure mutual TLS and use either an ACM-imported or a private CA certificate ARN as the regionalCertificateArn.", "title": "OwnershipVerificationCertificateArn", @@ -8074,17 +8954,35 @@ "type": "string" }, "RequestParameters": { + "additionalProperties": true, "markdownDescription": "For WebSocket APIs, a key-value map specifying request parameters that are passed from the method request to the backend. The key is an integration request parameter name and the associated value is a method request parameter value or static value that must be enclosed within single quotes and pre-encoded as required by the backend. The method request parameter value must match the pattern of `method.request. {location} . {name}` , where `{location}` is `querystring` , `path` , or `header` ; and `{name}` must be a valid and unique method request parameter name.\n\nFor HTTP API integrations with a specified `integrationSubtype` , request parameters are a key-value map specifying parameters that are passed to `AWS_PROXY` integrations. You can provide static values, or map request data, stage variables, or context variables that are evaluated at runtime. To learn more, see [Working with AWS service integrations for HTTP APIs](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-develop-integrations-aws-services.html) .\n\nFor HTTP API integrations without a specified `integrationSubtype` request parameters are a key-value map specifying how to transform HTTP requests before sending them to the backend. The key should follow the pattern :. where action can be `append` , `overwrite` or `remove` . For values, you can provide static values, or map request data, stage variables, or context variables that are evaluated at runtime. To learn more, see [Transforming API requests and responses](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-parameter-mapping.html) .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, "title": "RequestParameters", "type": "object" }, "RequestTemplates": { + "additionalProperties": true, "markdownDescription": "Represents a map of Velocity templates that are applied on the request payload based on the value of the Content-Type header sent by the client. The content type value is the key in this map, and the template (as a String) is the value. Supported only for WebSocket APIs.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, "title": "RequestTemplates", "type": "object" }, "ResponseParameters": { + "additionalProperties": false, "markdownDescription": "Supported only for HTTP APIs. You use response parameters to transform the HTTP response from a backend integration before returning the response to clients. Specify a key-value map from a selection key to response parameters. The selection key must be a valid HTTP status code within the range of 200-599. The value is of type [`ResponseParameterList`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigatewayv2-integration-responseparameterlist.html) . To learn more, see [Transforming API requests and responses](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-parameter-mapping.html) .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::ApiGatewayV2::Integration.ResponseParameterMap" + } + }, "title": "ResponseParameters", "type": "object" }, @@ -8145,19 +9043,17 @@ "type": "string" } }, - "required": [ - "Destination", - "Source" - ], "type": "object" }, - "AWS::ApiGatewayV2::Integration.ResponseParameterList": { + "AWS::ApiGatewayV2::Integration.ResponseParameterMap": { "additionalProperties": false, "properties": { "ResponseParameters": { "items": { "$ref": "#/definitions/AWS::ApiGatewayV2::Integration.ResponseParameter" }, + "markdownDescription": "", + "title": "ResponseParameters", "type": "array" } }, @@ -8602,7 +9498,7 @@ ], "type": "object" }, - "AWS::ApiGatewayV2::Stage": { + "AWS::ApiGatewayV2::RoutingRule": { "additionalProperties": false, "properties": { "Condition": { @@ -8637,76 +9533,44 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessLogSettings": { - "$ref": "#/definitions/AWS::ApiGatewayV2::Stage.AccessLogSettings", - "markdownDescription": "Settings for logging access in this stage.", - "title": "AccessLogSettings" - }, - "AccessPolicyId": { - "markdownDescription": "This parameter is not currently supported.", - "title": "AccessPolicyId", - "type": "string" - }, - "ApiId": { - "markdownDescription": "The API identifier.", - "title": "ApiId", - "type": "string" - }, - "AutoDeploy": { - "markdownDescription": "Specifies whether updates to an API automatically trigger a new deployment. The default value is `false` .", - "title": "AutoDeploy", - "type": "boolean" - }, - "ClientCertificateId": { - "markdownDescription": "The identifier of a client certificate for a `Stage` . Supported only for WebSocket APIs.", - "title": "ClientCertificateId", - "type": "string" - }, - "DefaultRouteSettings": { - "$ref": "#/definitions/AWS::ApiGatewayV2::Stage.RouteSettings", - "markdownDescription": "The default route settings for the stage.", - "title": "DefaultRouteSettings" - }, - "DeploymentId": { - "markdownDescription": "The deployment identifier for the API stage. Can't be updated if `autoDeploy` is enabled.", - "title": "DeploymentId", - "type": "string" - }, - "Description": { - "markdownDescription": "The description for the API stage.", - "title": "Description", - "type": "string" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::ApiGatewayV2::RoutingRule.Action" + }, + "markdownDescription": "The resulting action based on matching a routing rules condition. Only InvokeApi is supported.", + "title": "Actions", + "type": "array" }, - "RouteSettings": { - "markdownDescription": "Route settings for the stage.", - "title": "RouteSettings", - "type": "object" + "Conditions": { + "items": { + "$ref": "#/definitions/AWS::ApiGatewayV2::RoutingRule.Condition" + }, + "markdownDescription": "The conditions of the routing rule.", + "title": "Conditions", + "type": "array" }, - "StageName": { - "markdownDescription": "The stage name. Stage names can contain only alphanumeric characters, hyphens, and underscores, or be `$default` . Maximum length is 128 characters.", - "title": "StageName", + "DomainNameArn": { + "markdownDescription": "The ARN of the domain name.", + "title": "DomainNameArn", "type": "string" }, - "StageVariables": { - "markdownDescription": "A map that defines the stage variables for a `Stage` . Variable names can have alphanumeric and underscore characters, and the values must match [A-Za-z0-9-._~:/?#&=,]+.", - "title": "StageVariables", - "type": "object" - }, - "Tags": { - "markdownDescription": "The collection of tags. Each tag element is associated with a given resource.", - "title": "Tags", - "type": "object" + "Priority": { + "markdownDescription": "The order in which API Gateway evaluates a rule. Priority is evaluated from the lowest value to the highest value. Rules can't have the same priority. Priority values 1-1,000,000 are supported.", + "title": "Priority", + "type": "number" } }, "required": [ - "ApiId", - "StageName" + "Actions", + "Conditions", + "DomainNameArn", + "Priority" ], "type": "object" }, "Type": { "enum": [ - "AWS::ApiGatewayV2::Stage" + "AWS::ApiGatewayV2::RoutingRule" ], "type": "string" }, @@ -8725,149 +9589,381 @@ ], "type": "object" }, - "AWS::ApiGatewayV2::Stage.AccessLogSettings": { + "AWS::ApiGatewayV2::RoutingRule.Action": { "additionalProperties": false, "properties": { - "DestinationArn": { - "markdownDescription": "The ARN of the CloudWatch Logs log group to receive access logs. This parameter is required to enable access logging.", - "title": "DestinationArn", - "type": "string" - }, - "Format": { - "markdownDescription": "A single line format of the access logs of data, as specified by selected $context variables. The format must include at least $context.requestId. This parameter is required to enable access logging.", - "title": "Format", - "type": "string" + "InvokeApi": { + "$ref": "#/definitions/AWS::ApiGatewayV2::RoutingRule.ActionInvokeApi", + "markdownDescription": "Represents an InvokeApi action.", + "title": "InvokeApi" } }, + "required": [ + "InvokeApi" + ], "type": "object" }, - "AWS::ApiGatewayV2::Stage.RouteSettings": { + "AWS::ApiGatewayV2::RoutingRule.ActionInvokeApi": { "additionalProperties": false, "properties": { - "DataTraceEnabled": { - "markdownDescription": "Specifies whether ( `true` ) or not ( `false` ) data trace logging is enabled for this route. This property affects the log entries pushed to Amazon CloudWatch Logs. Supported only for WebSocket APIs.", - "title": "DataTraceEnabled", - "type": "boolean" - }, - "DetailedMetricsEnabled": { - "markdownDescription": "Specifies whether detailed metrics are enabled.", - "title": "DetailedMetricsEnabled", - "type": "boolean" - }, - "LoggingLevel": { - "markdownDescription": "Specifies the logging level for this route: `INFO` , `ERROR` , or `OFF` . This property affects the log entries pushed to Amazon CloudWatch Logs. Supported only for WebSocket APIs.", - "title": "LoggingLevel", + "ApiId": { + "markdownDescription": "The API identifier of the target API.", + "title": "ApiId", "type": "string" }, - "ThrottlingBurstLimit": { - "markdownDescription": "Specifies the throttling burst limit.", - "title": "ThrottlingBurstLimit", - "type": "number" + "Stage": { + "markdownDescription": "The name of the target stage.", + "title": "Stage", + "type": "string" }, - "ThrottlingRateLimit": { - "markdownDescription": "Specifies the throttling rate limit.", - "title": "ThrottlingRateLimit", - "type": "number" + "StripBasePath": { + "markdownDescription": "The strip base path setting. When true, API Gateway strips the incoming matched base path when forwarding the request to the target API.", + "title": "StripBasePath", + "type": "boolean" } }, + "required": [ + "ApiId", + "Stage" + ], "type": "object" }, - "AWS::ApiGatewayV2::VpcLink": { + "AWS::ApiGatewayV2::RoutingRule.Condition": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "MatchBasePaths": { + "$ref": "#/definitions/AWS::ApiGatewayV2::RoutingRule.MatchBasePaths", + "markdownDescription": "The base path to be matched.", + "title": "MatchBasePaths" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the VPC link.", - "title": "Name", - "type": "string" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of security group IDs for the VPC link.", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of subnet IDs to include in the VPC link.", - "title": "SubnetIds", - "type": "array" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "The collection of tags. Each tag element is associated with a given resource.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - } + "MatchHeaders": { + "$ref": "#/definitions/AWS::ApiGatewayV2::RoutingRule.MatchHeaders", + "markdownDescription": "The headers to be matched.", + "title": "MatchHeaders" + } + }, + "type": "object" + }, + "AWS::ApiGatewayV2::RoutingRule.MatchBasePaths": { + "additionalProperties": false, + "properties": { + "AnyOf": { + "items": { + "type": "string" }, - "required": [ - "Name", - "SubnetIds" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::ApiGatewayV2::VpcLink" - ], + "markdownDescription": "The string of the case sensitive base path to be matched.", + "title": "AnyOf", + "type": "array" + } + }, + "required": [ + "AnyOf" + ], + "type": "object" + }, + "AWS::ApiGatewayV2::RoutingRule.MatchHeaderValue": { + "additionalProperties": false, + "properties": { + "Header": { + "markdownDescription": "The case insensitive header name to be matched. The header name must be less than 40 characters and the only allowed characters are `a-z` , `A-Z` , `0-9` , and the following special characters: `*?-!#$%&'.^_`|~.` .", + "title": "Header", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ValueGlob": { + "markdownDescription": "The case sensitive header glob value to be matched against entire header value. The header glob value must be less than 128 characters and the only allowed characters are `a-z` , `A-Z` , `0-9` , and the following special characters: `*?-!#$%&'.^_`|~` . Wildcard matching is supported for header glob values but must be for `*prefix-match` , `suffix-match*` , or `*infix*-match` .", + "title": "ValueGlob", "type": "string" } }, "required": [ - "Type", - "Properties" + "Header", + "ValueGlob" ], "type": "object" }, - "AWS::AppConfig::Application": { + "AWS::ApiGatewayV2::RoutingRule.MatchHeaders": { + "additionalProperties": false, + "properties": { + "AnyOf": { + "items": { + "$ref": "#/definitions/AWS::ApiGatewayV2::RoutingRule.MatchHeaderValue" + }, + "markdownDescription": "The header name and header value glob to be matched. The matchHeaders condition is matched if any of the header name and header value globs are matched.", + "title": "AnyOf", + "type": "array" + } + }, + "required": [ + "AnyOf" + ], + "type": "object" + }, + "AWS::ApiGatewayV2::Stage": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AccessLogSettings": { + "$ref": "#/definitions/AWS::ApiGatewayV2::Stage.AccessLogSettings", + "markdownDescription": "Settings for logging access in this stage.", + "title": "AccessLogSettings" + }, + "AccessPolicyId": { + "markdownDescription": "This parameter is not currently supported.", + "title": "AccessPolicyId", + "type": "string" + }, + "ApiId": { + "markdownDescription": "The API identifier.", + "title": "ApiId", + "type": "string" + }, + "AutoDeploy": { + "markdownDescription": "Specifies whether updates to an API automatically trigger a new deployment. The default value is `false` .", + "title": "AutoDeploy", + "type": "boolean" + }, + "ClientCertificateId": { + "markdownDescription": "The identifier of a client certificate for a `Stage` . Supported only for WebSocket APIs.", + "title": "ClientCertificateId", + "type": "string" + }, + "DefaultRouteSettings": { + "$ref": "#/definitions/AWS::ApiGatewayV2::Stage.RouteSettings", + "markdownDescription": "The default route settings for the stage.", + "title": "DefaultRouteSettings" + }, + "DeploymentId": { + "markdownDescription": "The deployment identifier for the API stage. Can't be updated if `autoDeploy` is enabled.", + "title": "DeploymentId", + "type": "string" + }, + "Description": { + "markdownDescription": "The description for the API stage.", + "title": "Description", + "type": "string" + }, + "RouteSettings": { + "markdownDescription": "Route settings for the stage.", + "title": "RouteSettings", + "type": "object" + }, + "StageName": { + "markdownDescription": "The stage name. Stage names can contain only alphanumeric characters, hyphens, and underscores, or be `$default` . Maximum length is 128 characters.", + "title": "StageName", + "type": "string" + }, + "StageVariables": { + "markdownDescription": "A map that defines the stage variables for a `Stage` . Variable names can have alphanumeric and underscore characters, and the values must match [A-Za-z0-9-._~:/?#&=,]+.", + "title": "StageVariables", + "type": "object" + }, + "Tags": { + "markdownDescription": "The collection of tags. Each tag element is associated with a given resource.", + "title": "Tags", + "type": "object" + } + }, + "required": [ + "ApiId", + "StageName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ApiGatewayV2::Stage" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::ApiGatewayV2::Stage.AccessLogSettings": { + "additionalProperties": false, + "properties": { + "DestinationArn": { + "markdownDescription": "The ARN of the CloudWatch Logs log group to receive access logs. This parameter is required to enable access logging.", + "title": "DestinationArn", + "type": "string" + }, + "Format": { + "markdownDescription": "A single line format of the access logs of data, as specified by selected $context variables. The format must include at least $context.requestId. This parameter is required to enable access logging.", + "title": "Format", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ApiGatewayV2::Stage.RouteSettings": { + "additionalProperties": false, + "properties": { + "DataTraceEnabled": { + "markdownDescription": "Specifies whether ( `true` ) or not ( `false` ) data trace logging is enabled for this route. This property affects the log entries pushed to Amazon CloudWatch Logs. Supported only for WebSocket APIs.", + "title": "DataTraceEnabled", + "type": "boolean" + }, + "DetailedMetricsEnabled": { + "markdownDescription": "Specifies whether detailed metrics are enabled.", + "title": "DetailedMetricsEnabled", + "type": "boolean" + }, + "LoggingLevel": { + "markdownDescription": "Specifies the logging level for this route: `INFO` , `ERROR` , or `OFF` . This property affects the log entries pushed to Amazon CloudWatch Logs. Supported only for WebSocket APIs.", + "title": "LoggingLevel", + "type": "string" + }, + "ThrottlingBurstLimit": { + "markdownDescription": "Specifies the throttling burst limit.", + "title": "ThrottlingBurstLimit", + "type": "number" + }, + "ThrottlingRateLimit": { + "markdownDescription": "Specifies the throttling rate limit.", + "title": "ThrottlingRateLimit", + "type": "number" + } + }, + "type": "object" + }, + "AWS::ApiGatewayV2::VpcLink": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the VPC link.", + "title": "Name", + "type": "string" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of security group IDs for the VPC link.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of subnet IDs to include in the VPC link.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The collection of tags. Each tag element is associated with a given resource.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "Name", + "SubnetIds" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ApiGatewayV2::VpcLink" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::AppConfig::Application": { "additionalProperties": false, "properties": { "Condition": { @@ -9007,6 +10103,11 @@ "title": "ApplicationId", "type": "string" }, + "DeletionProtectionCheck": { + "markdownDescription": "A parameter to configure deletion protection. Deletion protection prevents a user from deleting a configuration profile if your application has called either [GetLatestConfiguration](https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_appconfigdata_GetLatestConfiguration.html) or [GetConfiguration](https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_GetConfiguration.html) for the configuration profile during the specified interval.\n\nThis parameter supports the following values:\n\n- `BYPASS` : Instructs AWS AppConfig to bypass the deletion protection check and delete a configuration profile even if deletion protection would have otherwise prevented it.\n- `APPLY` : Instructs the deletion protection check to run, even if deletion protection is disabled at the account level. `APPLY` also forces the deletion protection check to run against resources created in the past hour, which are normally excluded from deletion protection checks.\n- `ACCOUNT_DEFAULT` : The default setting, which instructs AWS AppConfig to implement the deletion protection value specified in the `UpdateAccountSettings` API.", + "title": "DeletionProtectionCheck", + "type": "string" + }, "Description": { "markdownDescription": "A description of the configuration profile.", "title": "Description", @@ -9194,7 +10295,7 @@ }, "Tags": { "items": { - "$ref": "#/definitions/AWS::AppConfig::Deployment.Tags" + "$ref": "#/definitions/Tag" }, "markdownDescription": "Metadata to assign to the deployment. Tags help organize and categorize your AWS AppConfig resources. Each tag consists of a key and an optional value, both of which you define.", "title": "Tags", @@ -9252,18 +10353,6 @@ }, "type": "object" }, - "AWS::AppConfig::Deployment.Tags": { - "additionalProperties": false, - "properties": { - "Key": { - "type": "string" - }, - "Value": { - "type": "string" - } - }, - "type": "object" - }, "AWS::AppConfig::DeploymentStrategy": { "additionalProperties": false, "properties": { @@ -9336,7 +10425,7 @@ }, "Tags": { "items": { - "$ref": "#/definitions/AWS::AppConfig::DeploymentStrategy.Tags" + "$ref": "#/definitions/Tag" }, "markdownDescription": "Assigns metadata to an AWS AppConfig resource. Tags help organize and categorize your AWS AppConfig resources. Each tag consists of a key and an optional value, both of which you define. You can specify a maximum of 50 tags for a resource.", "title": "Tags", @@ -9372,18 +10461,6 @@ ], "type": "object" }, - "AWS::AppConfig::DeploymentStrategy.Tags": { - "additionalProperties": false, - "properties": { - "Key": { - "type": "string" - }, - "Value": { - "type": "string" - } - }, - "type": "object" - }, "AWS::AppConfig::Environment": { "additionalProperties": false, "properties": { @@ -9424,6 +10501,11 @@ "title": "ApplicationId", "type": "string" }, + "DeletionProtectionCheck": { + "markdownDescription": "A parameter to configure deletion protection. Deletion protection prevents a user from deleting an environment if your application called either [GetLatestConfiguration](https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_appconfigdata_GetLatestConfiguration.html) or [GetConfiguration](https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_GetConfiguration.html) in the environment during the specified interval.\n\nThis parameter supports the following values:\n\n- `BYPASS` : Instructs AWS AppConfig to bypass the deletion protection check and delete a configuration profile even if deletion protection would have otherwise prevented it.\n- `APPLY` : Instructs the deletion protection check to run, even if deletion protection is disabled at the account level. `APPLY` also forces the deletion protection check to run against resources created in the past hour, which are normally excluded from deletion protection checks.\n- `ACCOUNT_DEFAULT` : The default setting, which instructs AWS AppConfig to implement the deletion protection value specified in the `UpdateAccountSettings` API.", + "title": "DeletionProtectionCheck", + "type": "string" + }, "Description": { "markdownDescription": "A description of the environment.", "title": "Description", @@ -12640,7 +13722,8 @@ "required": [ "ApplicationSourceConfig", "Description", - "Name" + "Name", + "Namespace" ], "type": "object" }, @@ -18086,7 +19169,7 @@ "type": "string" }, "InstanceType": { - "markdownDescription": "The instance type to use when launching fleet instances. The following instance types are available for non-Elastic fleets:\n\n- stream.standard.small\n- stream.standard.medium\n- stream.standard.large\n- stream.compute.large\n- stream.compute.xlarge\n- stream.compute.2xlarge\n- stream.compute.4xlarge\n- stream.compute.8xlarge\n- stream.memory.large\n- stream.memory.xlarge\n- stream.memory.2xlarge\n- stream.memory.4xlarge\n- stream.memory.8xlarge\n- stream.memory.z1d.large\n- stream.memory.z1d.xlarge\n- stream.memory.z1d.2xlarge\n- stream.memory.z1d.3xlarge\n- stream.memory.z1d.6xlarge\n- stream.memory.z1d.12xlarge\n- stream.graphics-design.large\n- stream.graphics-design.xlarge\n- stream.graphics-design.2xlarge\n- stream.graphics-design.4xlarge\n- stream.graphics-desktop.2xlarge\n- stream.graphics.g4dn.xlarge\n- stream.graphics.g4dn.2xlarge\n- stream.graphics.g4dn.4xlarge\n- stream.graphics.g4dn.8xlarge\n- stream.graphics.g4dn.12xlarge\n- stream.graphics.g4dn.16xlarge\n- stream.graphics-pro.4xlarge\n- stream.graphics-pro.8xlarge\n- stream.graphics-pro.16xlarge\n\nThe following instance types are available for Elastic fleets:\n\n- stream.standard.small\n- stream.standard.medium", + "markdownDescription": "The instance type to use when launching fleet instances. The following instance types are available for non-Elastic fleets:\n\n- stream.standard.small\n- stream.standard.medium\n- stream.standard.large\n- stream.compute.large\n- stream.compute.xlarge\n- stream.compute.2xlarge\n- stream.compute.4xlarge\n- stream.compute.8xlarge\n- stream.memory.large\n- stream.memory.xlarge\n- stream.memory.2xlarge\n- stream.memory.4xlarge\n- stream.memory.8xlarge\n- stream.memory.z1d.large\n- stream.memory.z1d.xlarge\n- stream.memory.z1d.2xlarge\n- stream.memory.z1d.3xlarge\n- stream.memory.z1d.6xlarge\n- stream.memory.z1d.12xlarge\n- stream.graphics-design.large\n- stream.graphics-design.xlarge\n- stream.graphics-design.2xlarge\n- stream.graphics-design.4xlarge\n- stream.graphics-desktop.2xlarge\n- stream.graphics.g4dn.xlarge\n- stream.graphics.g4dn.2xlarge\n- stream.graphics.g4dn.4xlarge\n- stream.graphics.g4dn.8xlarge\n- stream.graphics.g4dn.12xlarge\n- stream.graphics.g4dn.16xlarge\n- stream.graphics-pro.4xlarge\n- stream.graphics-pro.8xlarge\n- stream.graphics-pro.16xlarge\n- stream.graphics.g5.xlarge\n- stream.graphics.g5.2xlarge\n- stream.graphics.g5.4xlarge\n- stream.graphics.g5.8xlarge\n- stream.graphics.g5.16xlarge\n- stream.graphics.g5.12xlarge\n- stream.graphics.g5.24xlarge\n- stream.graphics.g6.xlarge\n- stream.graphics.g6.2xlarge\n- stream.graphics.g6.4xlarge\n- stream.graphics.g6.8xlarge\n- stream.graphics.g6.16xlarge\n- stream.graphics.g6.12xlarge\n- stream.graphics.g6.24xlarge\n- stream.graphics.gr6.4xlarge\n- stream.graphics.gr6.8xlarge\n\nThe following instance types are available for Elastic fleets:\n\n- stream.standard.small\n- stream.standard.medium", "title": "InstanceType", "type": "string" }, @@ -18332,7 +19415,7 @@ "type": "string" }, "InstanceType": { - "markdownDescription": "The instance type to use when launching the image builder. The following instance types are available:\n\n- stream.standard.small\n- stream.standard.medium\n- stream.standard.large\n- stream.compute.large\n- stream.compute.xlarge\n- stream.compute.2xlarge\n- stream.compute.4xlarge\n- stream.compute.8xlarge\n- stream.memory.large\n- stream.memory.xlarge\n- stream.memory.2xlarge\n- stream.memory.4xlarge\n- stream.memory.8xlarge\n- stream.memory.z1d.large\n- stream.memory.z1d.xlarge\n- stream.memory.z1d.2xlarge\n- stream.memory.z1d.3xlarge\n- stream.memory.z1d.6xlarge\n- stream.memory.z1d.12xlarge\n- stream.graphics-design.large\n- stream.graphics-design.xlarge\n- stream.graphics-design.2xlarge\n- stream.graphics-design.4xlarge\n- stream.graphics-desktop.2xlarge\n- stream.graphics.g4dn.xlarge\n- stream.graphics.g4dn.2xlarge\n- stream.graphics.g4dn.4xlarge\n- stream.graphics.g4dn.8xlarge\n- stream.graphics.g4dn.12xlarge\n- stream.graphics.g4dn.16xlarge\n- stream.graphics-pro.4xlarge\n- stream.graphics-pro.8xlarge\n- stream.graphics-pro.16xlarge", + "markdownDescription": "The instance type to use when launching the image builder. The following instance types are available:\n\n- stream.standard.small\n- stream.standard.medium\n- stream.standard.large\n- stream.compute.large\n- stream.compute.xlarge\n- stream.compute.2xlarge\n- stream.compute.4xlarge\n- stream.compute.8xlarge\n- stream.memory.large\n- stream.memory.xlarge\n- stream.memory.2xlarge\n- stream.memory.4xlarge\n- stream.memory.8xlarge\n- stream.memory.z1d.large\n- stream.memory.z1d.xlarge\n- stream.memory.z1d.2xlarge\n- stream.memory.z1d.3xlarge\n- stream.memory.z1d.6xlarge\n- stream.memory.z1d.12xlarge\n- stream.graphics-design.large\n- stream.graphics-design.xlarge\n- stream.graphics-design.2xlarge\n- stream.graphics-design.4xlarge\n- stream.graphics-desktop.2xlarge\n- stream.graphics.g4dn.xlarge\n- stream.graphics.g4dn.2xlarge\n- stream.graphics.g4dn.4xlarge\n- stream.graphics.g4dn.8xlarge\n- stream.graphics.g4dn.12xlarge\n- stream.graphics.g4dn.16xlarge\n- stream.graphics-pro.4xlarge\n- stream.graphics-pro.8xlarge\n- stream.graphics-pro.16xlarge\n- stream.graphics.g5.xlarge\n- stream.graphics.g5.2xlarge\n- stream.graphics.g5.4xlarge\n- stream.graphics.g5.8xlarge\n- stream.graphics.g5.16xlarge\n- stream.graphics.g5.12xlarge\n- stream.graphics.g5.24xlarge\n- stream.graphics.g6.xlarge\n- stream.graphics.g6.2xlarge\n- stream.graphics.g6.4xlarge\n- stream.graphics.g6.8xlarge\n- stream.graphics.g6.16xlarge\n- stream.graphics.g6.12xlarge\n- stream.graphics.g6.24xlarge\n- stream.graphics.gr6.4xlarge\n- stream.graphics.gr6.8xlarge", "title": "InstanceType", "type": "string" }, @@ -18933,6 +20016,294 @@ ], "type": "object" }, + "AWS::AppSync::Api": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "EventConfig": { + "$ref": "#/definitions/AWS::AppSync::Api.EventConfig", + "markdownDescription": "Describes the authorization configuration for connections, message publishing, message subscriptions, and logging for an Event API.", + "title": "EventConfig" + }, + "Name": { + "markdownDescription": "The name of the `Api` .", + "title": "Name", + "type": "string" + }, + "OwnerContact": { + "markdownDescription": "The owner contact information for an API resource.\n\nThis field accepts any string input with a length of 0 - 256 characters.", + "title": "OwnerContact", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A set of tags (key-value pairs) for this API.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::AppSync::Api" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::AppSync::Api.AuthMode": { + "additionalProperties": false, + "properties": { + "AuthType": { + "markdownDescription": "The authorization type.", + "title": "AuthType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::AppSync::Api.AuthProvider": { + "additionalProperties": false, + "properties": { + "AuthType": { + "markdownDescription": "The authorization type.", + "title": "AuthType", + "type": "string" + }, + "CognitoConfig": { + "$ref": "#/definitions/AWS::AppSync::Api.CognitoConfig", + "markdownDescription": "Describes an Amazon Cognito user pool configuration.", + "title": "CognitoConfig" + }, + "LambdaAuthorizerConfig": { + "$ref": "#/definitions/AWS::AppSync::Api.LambdaAuthorizerConfig", + "markdownDescription": "A `LambdaAuthorizerConfig` specifies how to authorize AWS AppSync API access when using the `AWS_LAMBDA` authorizer mode. Be aware that an AWS AppSync API can have only one AWS Lambda authorizer configured at a time.", + "title": "LambdaAuthorizerConfig" + }, + "OpenIDConnectConfig": { + "$ref": "#/definitions/AWS::AppSync::Api.OpenIDConnectConfig", + "markdownDescription": "Describes an OpenID Connect (OIDC) configuration.", + "title": "OpenIDConnectConfig" + } + }, + "required": [ + "AuthType" + ], + "type": "object" + }, + "AWS::AppSync::Api.CognitoConfig": { + "additionalProperties": false, + "properties": { + "AppIdClientRegex": { + "markdownDescription": "A regular expression for validating the incoming Amazon Cognito user pool app client ID. If this value isn't set, no filtering is applied.", + "title": "AppIdClientRegex", + "type": "string" + }, + "AwsRegion": { + "markdownDescription": "The AWS Region in which the user pool was created.", + "title": "AwsRegion", + "type": "string" + }, + "UserPoolId": { + "markdownDescription": "The user pool ID.", + "title": "UserPoolId", + "type": "string" + } + }, + "required": [ + "AwsRegion", + "UserPoolId" + ], + "type": "object" + }, + "AWS::AppSync::Api.DnsMap": { + "additionalProperties": false, + "properties": { + "Http": { + "markdownDescription": "The domain name of the Api's HTTP endpoint.", + "title": "Http", + "type": "string" + }, + "Realtime": { + "markdownDescription": "The domain name of the Api's real-time endpoint.", + "title": "Realtime", + "type": "string" + } + }, + "type": "object" + }, + "AWS::AppSync::Api.EventConfig": { + "additionalProperties": false, + "properties": { + "AuthProviders": { + "items": { + "$ref": "#/definitions/AWS::AppSync::Api.AuthProvider" + }, + "markdownDescription": "A list of authorization providers.", + "title": "AuthProviders", + "type": "array" + }, + "ConnectionAuthModes": { + "items": { + "$ref": "#/definitions/AWS::AppSync::Api.AuthMode" + }, + "markdownDescription": "A list of valid authorization modes for the Event API connections.", + "title": "ConnectionAuthModes", + "type": "array" + }, + "DefaultPublishAuthModes": { + "items": { + "$ref": "#/definitions/AWS::AppSync::Api.AuthMode" + }, + "markdownDescription": "A list of valid authorization modes for the Event API publishing.", + "title": "DefaultPublishAuthModes", + "type": "array" + }, + "DefaultSubscribeAuthModes": { + "items": { + "$ref": "#/definitions/AWS::AppSync::Api.AuthMode" + }, + "markdownDescription": "A list of valid authorization modes for the Event API subscriptions.", + "title": "DefaultSubscribeAuthModes", + "type": "array" + }, + "LogConfig": { + "$ref": "#/definitions/AWS::AppSync::Api.EventLogConfig", + "markdownDescription": "The CloudWatch Logs configuration for the Event API.", + "title": "LogConfig" + } + }, + "required": [ + "AuthProviders", + "ConnectionAuthModes", + "DefaultPublishAuthModes", + "DefaultSubscribeAuthModes" + ], + "type": "object" + }, + "AWS::AppSync::Api.EventLogConfig": { + "additionalProperties": false, + "properties": { + "CloudWatchLogsRoleArn": { + "markdownDescription": "The IAM service role that AWS AppSync assumes to publish CloudWatch Logs in your account.", + "title": "CloudWatchLogsRoleArn", + "type": "string" + }, + "LogLevel": { + "markdownDescription": "The type of information to log for the Event API.", + "title": "LogLevel", + "type": "string" + } + }, + "required": [ + "CloudWatchLogsRoleArn", + "LogLevel" + ], + "type": "object" + }, + "AWS::AppSync::Api.LambdaAuthorizerConfig": { + "additionalProperties": false, + "properties": { + "AuthorizerResultTtlInSeconds": { + "markdownDescription": "The number of seconds a response should be cached for. The default is 0 seconds, which disables caching. If you don't specify a value for `authorizerResultTtlInSeconds` , the default value is used. The maximum value is one hour (3600 seconds). The Lambda function can override this by returning a `ttlOverride` key in its response.", + "title": "AuthorizerResultTtlInSeconds", + "type": "number" + }, + "AuthorizerUri": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function to be called for authorization. This can be a standard Lambda ARN, a version ARN ( `.../v3` ), or an alias ARN.\n\n*Note* : This Lambda function must have the following resource-based policy assigned to it. When configuring Lambda authorizers in the console, this is done for you. To use the AWS Command Line Interface ( AWS CLI ), run the following:\n\n`aws lambda add-permission --function-name \"arn:aws:lambda:us-east-2:111122223333:function:my-function\" --statement-id \"appsync\" --principal appsync.amazonaws.com --action lambda:InvokeFunction`", + "title": "AuthorizerUri", + "type": "string" + }, + "IdentityValidationExpression": { + "markdownDescription": "A regular expression for validation of tokens before the Lambda function is called.", + "title": "IdentityValidationExpression", + "type": "string" + } + }, + "required": [ + "AuthorizerUri" + ], + "type": "object" + }, + "AWS::AppSync::Api.OpenIDConnectConfig": { + "additionalProperties": false, + "properties": { + "AuthTTL": { + "markdownDescription": "The number of milliseconds that a token is valid after being authenticated.", + "title": "AuthTTL", + "type": "number" + }, + "ClientId": { + "markdownDescription": "The client identifier of the relying party at the OpenID identity provider. This identifier is typically obtained when the relying party is registered with the OpenID identity provider. You can specify a regular expression so that AWS AppSync can validate against multiple client identifiers at a time.", + "title": "ClientId", + "type": "string" + }, + "IatTTL": { + "markdownDescription": "The number of milliseconds that a token is valid after it's issued to a user.", + "title": "IatTTL", + "type": "number" + }, + "Issuer": { + "markdownDescription": "The issuer for the OIDC configuration. The issuer returned by discovery must exactly match the value of `iss` in the ID token.", + "title": "Issuer", + "type": "string" + } + }, + "required": [ + "Issuer" + ], + "type": "object" + }, "AWS::AppSync::ApiCache": { "additionalProperties": false, "properties": { @@ -18979,7 +20350,7 @@ "type": "string" }, "AtRestEncryptionEnabled": { - "markdownDescription": "At-rest encryption flag for cache. You cannot update this setting after creation.", + "markdownDescription": "*This parameter has been deprecated* .\n\nAt-rest encryption flag for cache. You cannot update this setting after creation.", "title": "AtRestEncryptionEnabled", "type": "boolean" }, @@ -18989,7 +20360,7 @@ "type": "string" }, "TransitEncryptionEnabled": { - "markdownDescription": "Transit encryption flag when connecting to cache. You cannot update this setting after creation.", + "markdownDescription": "*This parameter has been deprecated* .\n\nTransit encryption flag when connecting to cache. You cannot update this setting after creation.", "title": "TransitEncryptionEnabled", "type": "boolean" }, @@ -19113,6 +20484,198 @@ ], "type": "object" }, + "AWS::AppSync::ChannelNamespace": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApiId": { + "markdownDescription": "The `Api` ID.", + "title": "ApiId", + "type": "string" + }, + "CodeHandlers": { + "markdownDescription": "The event handler functions that run custom business logic to process published events and subscribe requests.", + "title": "CodeHandlers", + "type": "string" + }, + "CodeS3Location": { + "markdownDescription": "The Amazon S3 endpoint where the code is located.", + "title": "CodeS3Location", + "type": "string" + }, + "HandlerConfigs": { + "$ref": "#/definitions/AWS::AppSync::ChannelNamespace.HandlerConfigs", + "markdownDescription": "The configuration for the `OnPublish` and `OnSubscribe` handlers.", + "title": "HandlerConfigs" + }, + "Name": { + "markdownDescription": "The name of the channel namespace. This name must be unique within the `Api` .", + "title": "Name", + "type": "string" + }, + "PublishAuthModes": { + "items": { + "$ref": "#/definitions/AWS::AppSync::ChannelNamespace.AuthMode" + }, + "markdownDescription": "The authorization mode to use for publishing messages on the channel namespace. This configuration overrides the default `Api` authorization configuration.", + "title": "PublishAuthModes", + "type": "array" + }, + "SubscribeAuthModes": { + "items": { + "$ref": "#/definitions/AWS::AppSync::ChannelNamespace.AuthMode" + }, + "markdownDescription": "The authorization mode to use for subscribing to messages on the channel namespace. This configuration overrides the default `Api` authorization configuration.", + "title": "SubscribeAuthModes", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A set of tags (key-value pairs) for this channel namespace.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "ApiId", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::AppSync::ChannelNamespace" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::AppSync::ChannelNamespace.AuthMode": { + "additionalProperties": false, + "properties": { + "AuthType": { + "markdownDescription": "The authorization type.", + "title": "AuthType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::AppSync::ChannelNamespace.HandlerConfig": { + "additionalProperties": false, + "properties": { + "Behavior": { + "markdownDescription": "The behavior for the handler.", + "title": "Behavior", + "type": "string" + }, + "Integration": { + "$ref": "#/definitions/AWS::AppSync::ChannelNamespace.Integration", + "markdownDescription": "The integration data source configuration for the handler.", + "title": "Integration" + } + }, + "required": [ + "Behavior", + "Integration" + ], + "type": "object" + }, + "AWS::AppSync::ChannelNamespace.HandlerConfigs": { + "additionalProperties": false, + "properties": { + "OnPublish": { + "$ref": "#/definitions/AWS::AppSync::ChannelNamespace.HandlerConfig", + "markdownDescription": "The configuration for the `OnPublish` handler.", + "title": "OnPublish" + }, + "OnSubscribe": { + "$ref": "#/definitions/AWS::AppSync::ChannelNamespace.HandlerConfig", + "markdownDescription": "The configuration for the `OnSubscribe` handler.", + "title": "OnSubscribe" + } + }, + "type": "object" + }, + "AWS::AppSync::ChannelNamespace.Integration": { + "additionalProperties": false, + "properties": { + "DataSourceName": { + "markdownDescription": "The unique name of the data source that has been configured on the API.", + "title": "DataSourceName", + "type": "string" + }, + "LambdaConfig": { + "$ref": "#/definitions/AWS::AppSync::ChannelNamespace.LambdaConfig", + "markdownDescription": "The configuration for a Lambda data source.", + "title": "LambdaConfig" + } + }, + "required": [ + "DataSourceName" + ], + "type": "object" + }, + "AWS::AppSync::ChannelNamespace.LambdaConfig": { + "additionalProperties": false, + "properties": { + "InvokeType": { + "markdownDescription": "The invocation type for a Lambda data source.", + "title": "InvokeType", + "type": "string" + } + }, + "required": [ + "InvokeType" + ], + "type": "object" + }, "AWS::AppSync::DataSource": { "additionalProperties": false, "properties": { @@ -19523,6 +21086,14 @@ "markdownDescription": "The domain name.", "title": "DomainName", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A set of tags (key-value pairs) for this domain name.", + "title": "Tags", + "type": "array" } }, "required": [ @@ -20549,7 +22120,7 @@ }, "type": "object" }, - "AWS::ApplicationAutoScaling::ScalableTarget": { + "AWS::AppTest::TestCase": { "additionalProperties": false, "properties": { "Condition": { @@ -20584,62 +22155,45 @@ "Properties": { "additionalProperties": false, "properties": { - "MaxCapacity": { - "markdownDescription": "The maximum value that you plan to scale out to. When a scaling policy is in effect, Application Auto Scaling can scale out (expand) as needed to the maximum capacity limit in response to changing demand.", - "title": "MaxCapacity", - "type": "number" - }, - "MinCapacity": { - "markdownDescription": "The minimum value that you plan to scale in to. When a scaling policy is in effect, Application Auto Scaling can scale in (contract) as needed to the minimum capacity limit in response to changing demand.", - "title": "MinCapacity", - "type": "number" - }, - "ResourceId": { - "markdownDescription": "The identifier of the resource associated with the scalable target. This string consists of the resource type and unique identifier.\n\n- ECS service - The resource type is `service` and the unique identifier is the cluster name and service name. Example: `service/my-cluster/my-service` .\n- Spot Fleet - The resource type is `spot-fleet-request` and the unique identifier is the Spot Fleet request ID. Example: `spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE` .\n- EMR cluster - The resource type is `instancegroup` and the unique identifier is the cluster ID and instance group ID. Example: `instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0` .\n- AppStream 2.0 fleet - The resource type is `fleet` and the unique identifier is the fleet name. Example: `fleet/sample-fleet` .\n- DynamoDB table - The resource type is `table` and the unique identifier is the table name. Example: `table/my-table` .\n- DynamoDB global secondary index - The resource type is `index` and the unique identifier is the index name. Example: `table/my-table/index/my-table-index` .\n- Aurora DB cluster - The resource type is `cluster` and the unique identifier is the cluster name. Example: `cluster:my-db-cluster` .\n- SageMaker endpoint variant - The resource type is `variant` and the unique identifier is the resource ID. Example: `endpoint/my-end-point/variant/KMeansClustering` .\n- Custom resources are not supported with a resource type. This parameter must specify the `OutputValue` from the CloudFormation template stack used to access the resources. The unique identifier is defined by the service provider. More information is available in our [GitHub repository](https://docs.aws.amazon.com/https://github.com/aws/aws-auto-scaling-custom-resource) .\n- Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: `arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE` .\n- Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: `arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE` .\n- Lambda provisioned concurrency - The resource type is `function` and the unique identifier is the function name with a function version or alias name suffix that is not `$LATEST` . Example: `function:my-function:prod` or `function:my-function:1` .\n- Amazon Keyspaces table - The resource type is `table` and the unique identifier is the table name. Example: `keyspace/mykeyspace/table/mytable` .\n- Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. Example: `arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5` .\n- Amazon ElastiCache replication group - The resource type is `replication-group` and the unique identifier is the replication group name. Example: `replication-group/mycluster` .\n- Amazon ElastiCache cache cluster - The resource type is `cache-cluster` and the unique identifier is the cache cluster name. Example: `cache-cluster/mycluster` .\n- Neptune cluster - The resource type is `cluster` and the unique identifier is the cluster name. Example: `cluster:mycluster` .\n- SageMaker serverless endpoint - The resource type is `variant` and the unique identifier is the resource ID. Example: `endpoint/my-end-point/variant/KMeansClustering` .\n- SageMaker inference component - The resource type is `inference-component` and the unique identifier is the resource ID. Example: `inference-component/my-inference-component` .\n- Pool of WorkSpaces - The resource type is `workspacespool` and the unique identifier is the pool ID. Example: `workspacespool/wspool-123456` .", - "title": "ResourceId", - "type": "string" - }, - "RoleARN": { - "markdownDescription": "Specify the Amazon Resource Name (ARN) of an Identity and Access Management (IAM) role that allows Application Auto Scaling to modify the scalable target on your behalf. This can be either an IAM service role that Application Auto Scaling can assume to make calls to other AWS resources on your behalf, or a service-linked role for the specified service. For more information, see [How Application Auto Scaling works with IAM](https://docs.aws.amazon.com/autoscaling/application/userguide/security_iam_service-with-iam.html) in the *Application Auto Scaling User Guide* .\n\nTo automatically create a service-linked role (recommended), specify the full ARN of the service-linked role in your stack template. To find the exact ARN of the service-linked role for your AWS or custom resource, see the [Service-linked roles](https://docs.aws.amazon.com/autoscaling/application/userguide/application-auto-scaling-service-linked-roles.html) topic in the *Application Auto Scaling User Guide* . Look for the ARN in the table at the bottom of the page.", - "title": "RoleARN", + "Description": { + "markdownDescription": "The description of the test case.", + "title": "Description", "type": "string" }, - "ScalableDimension": { - "markdownDescription": "The scalable dimension associated with the scalable target. This string consists of the service namespace, resource type, and scaling property.\n\n- `ecs:service:DesiredCount` - The task count of an ECS service.\n- `elasticmapreduce:instancegroup:InstanceCount` - The instance count of an EMR Instance Group.\n- `ec2:spot-fleet-request:TargetCapacity` - The target capacity of a Spot Fleet.\n- `appstream:fleet:DesiredCapacity` - The capacity of an AppStream 2.0 fleet.\n- `dynamodb:table:ReadCapacityUnits` - The provisioned read capacity for a DynamoDB table.\n- `dynamodb:table:WriteCapacityUnits` - The provisioned write capacity for a DynamoDB table.\n- `dynamodb:index:ReadCapacityUnits` - The provisioned read capacity for a DynamoDB global secondary index.\n- `dynamodb:index:WriteCapacityUnits` - The provisioned write capacity for a DynamoDB global secondary index.\n- `rds:cluster:ReadReplicaCount` - The count of Aurora Replicas in an Aurora DB cluster. Available for Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.\n- `sagemaker:variant:DesiredInstanceCount` - The number of EC2 instances for a SageMaker model endpoint variant.\n- `custom-resource:ResourceType:Property` - The scalable dimension for a custom resource provided by your own application or service.\n- `comprehend:document-classifier-endpoint:DesiredInferenceUnits` - The number of inference units for an Amazon Comprehend document classification endpoint.\n- `comprehend:entity-recognizer-endpoint:DesiredInferenceUnits` - The number of inference units for an Amazon Comprehend entity recognizer endpoint.\n- `lambda:function:ProvisionedConcurrency` - The provisioned concurrency for a Lambda function.\n- `cassandra:table:ReadCapacityUnits` - The provisioned read capacity for an Amazon Keyspaces table.\n- `cassandra:table:WriteCapacityUnits` - The provisioned write capacity for an Amazon Keyspaces table.\n- `kafka:broker-storage:VolumeSize` - The provisioned volume size (in GiB) for brokers in an Amazon MSK cluster.\n- `elasticache:cache-cluster:Nodes` - The number of nodes for an Amazon ElastiCache cache cluster.\n- `elasticache:replication-group:NodeGroups` - The number of node groups for an Amazon ElastiCache replication group.\n- `elasticache:replication-group:Replicas` - The number of replicas per node group for an Amazon ElastiCache replication group.\n- `neptune:cluster:ReadReplicaCount` - The count of read replicas in an Amazon Neptune DB cluster.\n- `sagemaker:variant:DesiredProvisionedConcurrency` - The provisioned concurrency for a SageMaker serverless endpoint.\n- `sagemaker:inference-component:DesiredCopyCount` - The number of copies across an endpoint for a SageMaker inference component.\n- `workspaces:workspacespool:DesiredUserSessions` - The number of user sessions for the WorkSpaces in the pool.", - "title": "ScalableDimension", + "Name": { + "markdownDescription": "The name of the test case.", + "title": "Name", "type": "string" }, - "ScheduledActions": { + "Steps": { "items": { - "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalableTarget.ScheduledAction" + "$ref": "#/definitions/AWS::AppTest::TestCase.Step" }, - "markdownDescription": "The scheduled actions for the scalable target. Duplicates aren't allowed.", - "title": "ScheduledActions", + "markdownDescription": "The steps in the test case.", + "title": "Steps", "type": "array" }, - "ServiceNamespace": { - "markdownDescription": "The namespace of the AWS service that provides the resource, or a `custom-resource` .", - "title": "ServiceNamespace", - "type": "string" - }, - "SuspendedState": { - "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalableTarget.SuspendedState", - "markdownDescription": "An embedded object that contains attributes and attribute values that are used to suspend and resume automatic scaling. Setting the value of an attribute to `true` suspends the specified scaling activities. Setting it to `false` (default) resumes the specified scaling activities.\n\n*Suspension Outcomes*\n\n- For `DynamicScalingInSuspended` , while a suspension is in effect, all scale-in activities that are triggered by a scaling policy are suspended.\n- For `DynamicScalingOutSuspended` , while a suspension is in effect, all scale-out activities that are triggered by a scaling policy are suspended.\n- For `ScheduledScalingSuspended` , while a suspension is in effect, all scaling activities that involve scheduled actions are suspended.", - "title": "SuspendedState" + "Tags": { + "additionalProperties": true, + "markdownDescription": "The specified tags of the test case.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" } }, "required": [ - "MaxCapacity", - "MinCapacity", - "ResourceId", - "ScalableDimension", - "ServiceNamespace" + "Name", + "Steps" ], "type": "object" }, "Type": { "enum": [ - "AWS::ApplicationAutoScaling::ScalableTarget" + "AWS::AppTest::TestCase" ], "type": "string" }, @@ -20658,84 +22212,688 @@ ], "type": "object" }, - "AWS::ApplicationAutoScaling::ScalableTarget.ScalableTargetAction": { + "AWS::AppTest::TestCase.Batch": { "additionalProperties": false, "properties": { - "MaxCapacity": { - "markdownDescription": "The maximum capacity.", - "title": "MaxCapacity", - "type": "number" + "BatchJobName": { + "markdownDescription": "The job name of the batch.", + "title": "BatchJobName", + "type": "string" }, - "MinCapacity": { - "markdownDescription": "The minimum capacity.", - "title": "MinCapacity", - "type": "number" + "BatchJobParameters": { + "additionalProperties": true, + "markdownDescription": "The batch job parameters of the batch.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "BatchJobParameters", + "type": "object" + }, + "ExportDataSetNames": { + "items": { + "type": "string" + }, + "markdownDescription": "The export data set names of the batch.", + "title": "ExportDataSetNames", + "type": "array" } }, + "required": [ + "BatchJobName" + ], "type": "object" }, - "AWS::ApplicationAutoScaling::ScalableTarget.ScheduledAction": { + "AWS::AppTest::TestCase.CloudFormationAction": { "additionalProperties": false, "properties": { - "EndTime": { - "markdownDescription": "The date and time that the action is scheduled to end, in UTC.", - "title": "EndTime", + "ActionType": { + "markdownDescription": "The action type of the CloudFormation action.", + "title": "ActionType", "type": "string" }, - "ScalableTargetAction": { - "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalableTarget.ScalableTargetAction", - "markdownDescription": "The new minimum and maximum capacity. You can set both values or just one. At the scheduled time, if the current capacity is below the minimum capacity, Application Auto Scaling scales out to the minimum capacity. If the current capacity is above the maximum capacity, Application Auto Scaling scales in to the maximum capacity.", - "title": "ScalableTargetAction" + "Resource": { + "markdownDescription": "The resource of the CloudFormation action.", + "title": "Resource", + "type": "string" + } + }, + "required": [ + "Resource" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.CompareAction": { + "additionalProperties": false, + "properties": { + "Input": { + "$ref": "#/definitions/AWS::AppTest::TestCase.Input", + "markdownDescription": "The input of the compare action.", + "title": "Input" }, - "Schedule": { - "markdownDescription": "The schedule for this action. The following formats are supported:\n\n- At expressions - \" `at( *yyyy* - *mm* - *dd* T *hh* : *mm* : *ss* )` \"\n- Rate expressions - \" `rate( *value* *unit* )` \"\n- Cron expressions - \" `cron( *fields* )` \"\n\nAt expressions are useful for one-time schedules. Cron expressions are useful for scheduled actions that run periodically at a specified date and time, and rate expressions are useful for scheduled actions that run at a regular interval.\n\nAt and cron expressions use Universal Coordinated Time (UTC) by default.\n\nThe cron format consists of six fields separated by white spaces: [Minutes] [Hours] [Day_of_Month] [Month] [Day_of_Week] [Year].\n\nFor rate expressions, *value* is a positive integer and *unit* is `minute` | `minutes` | `hour` | `hours` | `day` | `days` .", - "title": "Schedule", + "Output": { + "$ref": "#/definitions/AWS::AppTest::TestCase.Output", + "markdownDescription": "The output of the compare action.", + "title": "Output" + } + }, + "required": [ + "Input" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.DataSet": { + "additionalProperties": false, + "properties": { + "Ccsid": { + "markdownDescription": "The CCSID of the data set.", + "title": "Ccsid", "type": "string" }, - "ScheduledActionName": { - "markdownDescription": "The name of the scheduled action. This name must be unique among all other scheduled actions on the specified scalable target.", - "title": "ScheduledActionName", + "Format": { + "markdownDescription": "The format of the data set.", + "title": "Format", "type": "string" }, - "StartTime": { - "markdownDescription": "The date and time that the action is scheduled to begin, in UTC.", - "title": "StartTime", + "Length": { + "markdownDescription": "The length of the data set.", + "title": "Length", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of the data set.", + "title": "Name", "type": "string" }, - "Timezone": { - "markdownDescription": "The time zone used when referring to the date and time of a scheduled action, when the scheduled action uses an at or cron expression.", - "title": "Timezone", + "Type": { + "markdownDescription": "The type of the data set.", + "title": "Type", "type": "string" } }, "required": [ - "Schedule", - "ScheduledActionName" + "Ccsid", + "Format", + "Length", + "Name", + "Type" ], "type": "object" }, - "AWS::ApplicationAutoScaling::ScalableTarget.SuspendedState": { + "AWS::AppTest::TestCase.DatabaseCDC": { "additionalProperties": false, "properties": { - "DynamicScalingInSuspended": { - "markdownDescription": "Whether scale in by a target tracking scaling policy or a step scaling policy is suspended. Set the value to `true` if you don't want Application Auto Scaling to remove capacity when a scaling policy is triggered. The default is `false` .", - "title": "DynamicScalingInSuspended", - "type": "boolean" + "SourceMetadata": { + "$ref": "#/definitions/AWS::AppTest::TestCase.SourceDatabaseMetadata", + "markdownDescription": "The source metadata of the database CDC.", + "title": "SourceMetadata" }, - "DynamicScalingOutSuspended": { - "markdownDescription": "Whether scale out by a target tracking scaling policy or a step scaling policy is suspended. Set the value to `true` if you don't want Application Auto Scaling to add capacity when a scaling policy is triggered. The default is `false` .", - "title": "DynamicScalingOutSuspended", - "type": "boolean" + "TargetMetadata": { + "$ref": "#/definitions/AWS::AppTest::TestCase.TargetDatabaseMetadata", + "markdownDescription": "The target metadata of the database CDC.", + "title": "TargetMetadata" + } + }, + "required": [ + "SourceMetadata", + "TargetMetadata" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.FileMetadata": { + "additionalProperties": false, + "properties": { + "DataSets": { + "items": { + "$ref": "#/definitions/AWS::AppTest::TestCase.DataSet" + }, + "markdownDescription": "The data sets of the file metadata.", + "title": "DataSets", + "type": "array" }, - "ScheduledScalingSuspended": { - "markdownDescription": "Whether scheduled scaling is suspended. Set the value to `true` if you don't want Application Auto Scaling to add or remove capacity by initiating scheduled actions. The default is `false` .", - "title": "ScheduledScalingSuspended", + "DatabaseCDC": { + "$ref": "#/definitions/AWS::AppTest::TestCase.DatabaseCDC", + "markdownDescription": "The database CDC of the file metadata.", + "title": "DatabaseCDC" + } + }, + "type": "object" + }, + "AWS::AppTest::TestCase.Input": { + "additionalProperties": false, + "properties": { + "File": { + "$ref": "#/definitions/AWS::AppTest::TestCase.InputFile", + "markdownDescription": "The file in the input.", + "title": "File" + } + }, + "required": [ + "File" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.InputFile": { + "additionalProperties": false, + "properties": { + "FileMetadata": { + "$ref": "#/definitions/AWS::AppTest::TestCase.FileMetadata", + "markdownDescription": "The file metadata of the input file.", + "title": "FileMetadata" + }, + "SourceLocation": { + "markdownDescription": "The source location of the input file.", + "title": "SourceLocation", + "type": "string" + }, + "TargetLocation": { + "markdownDescription": "The target location of the input file.", + "title": "TargetLocation", + "type": "string" + } + }, + "required": [ + "FileMetadata", + "SourceLocation", + "TargetLocation" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.M2ManagedActionProperties": { + "additionalProperties": false, + "properties": { + "ForceStop": { + "markdownDescription": "Force stops the Mainframe Modernization managed action properties.", + "title": "ForceStop", "type": "boolean" + }, + "ImportDataSetLocation": { + "markdownDescription": "The import data set location of the Mainframe Modernization managed action properties.", + "title": "ImportDataSetLocation", + "type": "string" } }, "type": "object" }, - "AWS::ApplicationAutoScaling::ScalingPolicy": { + "AWS::AppTest::TestCase.M2ManagedApplicationAction": { + "additionalProperties": false, + "properties": { + "ActionType": { + "markdownDescription": "The action type of the Mainframe Modernization managed application action.", + "title": "ActionType", + "type": "string" + }, + "Properties": { + "$ref": "#/definitions/AWS::AppTest::TestCase.M2ManagedActionProperties", + "markdownDescription": "The properties of the Mainframe Modernization managed application action.", + "title": "Properties" + }, + "Resource": { + "markdownDescription": "The resource of the Mainframe Modernization managed application action.", + "title": "Resource", + "type": "string" + } + }, + "required": [ + "ActionType", + "Resource" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.M2NonManagedApplicationAction": { + "additionalProperties": false, + "properties": { + "ActionType": { + "markdownDescription": "The action type of the Mainframe Modernization non-managed application action.", + "title": "ActionType", + "type": "string" + }, + "Resource": { + "markdownDescription": "The resource of the Mainframe Modernization non-managed application action.", + "title": "Resource", + "type": "string" + } + }, + "required": [ + "ActionType", + "Resource" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.MainframeAction": { + "additionalProperties": false, + "properties": { + "ActionType": { + "$ref": "#/definitions/AWS::AppTest::TestCase.MainframeActionType", + "markdownDescription": "The action type of the mainframe action.", + "title": "ActionType" + }, + "Properties": { + "$ref": "#/definitions/AWS::AppTest::TestCase.MainframeActionProperties", + "markdownDescription": "The properties of the mainframe action.", + "title": "Properties" + }, + "Resource": { + "markdownDescription": "The resource of the mainframe action.", + "title": "Resource", + "type": "string" + } + }, + "required": [ + "ActionType", + "Resource" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.MainframeActionProperties": { + "additionalProperties": false, + "properties": { + "DmsTaskArn": { + "markdownDescription": "The DMS task ARN of the mainframe action properties.", + "title": "DmsTaskArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::AppTest::TestCase.MainframeActionType": { + "additionalProperties": false, + "properties": { + "Batch": { + "$ref": "#/definitions/AWS::AppTest::TestCase.Batch", + "markdownDescription": "The batch of the mainframe action type.", + "title": "Batch" + }, + "Tn3270": { + "$ref": "#/definitions/AWS::AppTest::TestCase.TN3270", + "markdownDescription": "The tn3270 port of the mainframe action type.", + "title": "Tn3270" + } + }, + "type": "object" + }, + "AWS::AppTest::TestCase.Output": { + "additionalProperties": false, + "properties": { + "File": { + "$ref": "#/definitions/AWS::AppTest::TestCase.OutputFile", + "markdownDescription": "The file of the output.", + "title": "File" + } + }, + "required": [ + "File" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.OutputFile": { + "additionalProperties": false, + "properties": { + "FileLocation": { + "markdownDescription": "The file location of the output file.", + "title": "FileLocation", + "type": "string" + } + }, + "type": "object" + }, + "AWS::AppTest::TestCase.ResourceAction": { + "additionalProperties": false, + "properties": { + "CloudFormationAction": { + "$ref": "#/definitions/AWS::AppTest::TestCase.CloudFormationAction", + "markdownDescription": "The CloudFormation action of the resource action.", + "title": "CloudFormationAction" + }, + "M2ManagedApplicationAction": { + "$ref": "#/definitions/AWS::AppTest::TestCase.M2ManagedApplicationAction", + "markdownDescription": "The Mainframe Modernization managed application action of the resource action.", + "title": "M2ManagedApplicationAction" + }, + "M2NonManagedApplicationAction": { + "$ref": "#/definitions/AWS::AppTest::TestCase.M2NonManagedApplicationAction", + "markdownDescription": "The Mainframe Modernization non-managed application action of the resource action.", + "title": "M2NonManagedApplicationAction" + } + }, + "type": "object" + }, + "AWS::AppTest::TestCase.Script": { + "additionalProperties": false, + "properties": { + "ScriptLocation": { + "markdownDescription": "The script location of the scripts.", + "title": "ScriptLocation", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the scripts.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "ScriptLocation", + "Type" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.SourceDatabaseMetadata": { + "additionalProperties": false, + "properties": { + "CaptureTool": { + "markdownDescription": "The capture tool of the source database metadata.", + "title": "CaptureTool", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the source database metadata.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "CaptureTool", + "Type" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.Step": { + "additionalProperties": false, + "properties": { + "Action": { + "$ref": "#/definitions/AWS::AppTest::TestCase.StepAction", + "markdownDescription": "The action of the step.", + "title": "Action" + }, + "Description": { + "markdownDescription": "The description of the step.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the step.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Action", + "Name" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.StepAction": { + "additionalProperties": false, + "properties": { + "CompareAction": { + "$ref": "#/definitions/AWS::AppTest::TestCase.CompareAction", + "markdownDescription": "The compare action of the step action.", + "title": "CompareAction" + }, + "MainframeAction": { + "$ref": "#/definitions/AWS::AppTest::TestCase.MainframeAction", + "markdownDescription": "The mainframe action of the step action.", + "title": "MainframeAction" + }, + "ResourceAction": { + "$ref": "#/definitions/AWS::AppTest::TestCase.ResourceAction", + "markdownDescription": "The resource action of the step action.", + "title": "ResourceAction" + } + }, + "type": "object" + }, + "AWS::AppTest::TestCase.TN3270": { + "additionalProperties": false, + "properties": { + "ExportDataSetNames": { + "items": { + "type": "string" + }, + "markdownDescription": "The data set names of the TN3270 protocol.", + "title": "ExportDataSetNames", + "type": "array" + }, + "Script": { + "$ref": "#/definitions/AWS::AppTest::TestCase.Script", + "markdownDescription": "The script of the TN3270 protocol.", + "title": "Script" + } + }, + "required": [ + "Script" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.TargetDatabaseMetadata": { + "additionalProperties": false, + "properties": { + "CaptureTool": { + "markdownDescription": "The capture tool of the target database metadata.", + "title": "CaptureTool", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the target database metadata.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "CaptureTool", + "Type" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.TestCaseLatestVersion": { + "additionalProperties": false, + "properties": { + "Status": { + "markdownDescription": "The status of the test case latest version.", + "title": "Status", + "type": "string" + }, + "Version": { + "markdownDescription": "The version of the test case latest version.", + "title": "Version", + "type": "number" + } + }, + "required": [ + "Status", + "Version" + ], + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalableTarget": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "MaxCapacity": { + "markdownDescription": "The maximum value that you plan to scale out to. When a scaling policy is in effect, Application Auto Scaling can scale out (expand) as needed to the maximum capacity limit in response to changing demand.", + "title": "MaxCapacity", + "type": "number" + }, + "MinCapacity": { + "markdownDescription": "The minimum value that you plan to scale in to. When a scaling policy is in effect, Application Auto Scaling can scale in (contract) as needed to the minimum capacity limit in response to changing demand.", + "title": "MinCapacity", + "type": "number" + }, + "ResourceId": { + "markdownDescription": "The identifier of the resource associated with the scalable target. This string consists of the resource type and unique identifier.\n\n- ECS service - The resource type is `service` and the unique identifier is the cluster name and service name. Example: `service/my-cluster/my-service` .\n- Spot Fleet - The resource type is `spot-fleet-request` and the unique identifier is the Spot Fleet request ID. Example: `spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE` .\n- EMR cluster - The resource type is `instancegroup` and the unique identifier is the cluster ID and instance group ID. Example: `instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0` .\n- AppStream 2.0 fleet - The resource type is `fleet` and the unique identifier is the fleet name. Example: `fleet/sample-fleet` .\n- DynamoDB table - The resource type is `table` and the unique identifier is the table name. Example: `table/my-table` .\n- DynamoDB global secondary index - The resource type is `index` and the unique identifier is the index name. Example: `table/my-table/index/my-table-index` .\n- Aurora DB cluster - The resource type is `cluster` and the unique identifier is the cluster name. Example: `cluster:my-db-cluster` .\n- SageMaker endpoint variant - The resource type is `variant` and the unique identifier is the resource ID. Example: `endpoint/my-end-point/variant/KMeansClustering` .\n- Custom resources are not supported with a resource type. This parameter must specify the `OutputValue` from the CloudFormation template stack used to access the resources. The unique identifier is defined by the service provider. More information is available in our [GitHub repository](https://docs.aws.amazon.com/https://github.com/aws/aws-auto-scaling-custom-resource) .\n- Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: `arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE` .\n- Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: `arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE` .\n- Lambda provisioned concurrency - The resource type is `function` and the unique identifier is the function name with a function version or alias name suffix that is not `$LATEST` . Example: `function:my-function:prod` or `function:my-function:1` .\n- Amazon Keyspaces table - The resource type is `table` and the unique identifier is the table name. Example: `keyspace/mykeyspace/table/mytable` .\n- Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. Example: `arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5` .\n- Amazon ElastiCache replication group - The resource type is `replication-group` and the unique identifier is the replication group name. Example: `replication-group/mycluster` .\n- Amazon ElastiCache cache cluster - The resource type is `cache-cluster` and the unique identifier is the cache cluster name. Example: `cache-cluster/mycluster` .\n- Neptune cluster - The resource type is `cluster` and the unique identifier is the cluster name. Example: `cluster:mycluster` .\n- SageMaker serverless endpoint - The resource type is `variant` and the unique identifier is the resource ID. Example: `endpoint/my-end-point/variant/KMeansClustering` .\n- SageMaker inference component - The resource type is `inference-component` and the unique identifier is the resource ID. Example: `inference-component/my-inference-component` .\n- Pool of WorkSpaces - The resource type is `workspacespool` and the unique identifier is the pool ID. Example: `workspacespool/wspool-123456` .", + "title": "ResourceId", + "type": "string" + }, + "RoleARN": { + "markdownDescription": "Specify the Amazon Resource Name (ARN) of an Identity and Access Management (IAM) role that allows Application Auto Scaling to modify the scalable target on your behalf. This can be either an IAM service role that Application Auto Scaling can assume to make calls to other AWS resources on your behalf, or a service-linked role for the specified service. For more information, see [How Application Auto Scaling works with IAM](https://docs.aws.amazon.com/autoscaling/application/userguide/security_iam_service-with-iam.html) in the *Application Auto Scaling User Guide* .\n\nTo automatically create a service-linked role (recommended), specify the full ARN of the service-linked role in your stack template. To find the exact ARN of the service-linked role for your AWS or custom resource, see the [Service-linked roles](https://docs.aws.amazon.com/autoscaling/application/userguide/application-auto-scaling-service-linked-roles.html) topic in the *Application Auto Scaling User Guide* . Look for the ARN in the table at the bottom of the page.", + "title": "RoleARN", + "type": "string" + }, + "ScalableDimension": { + "markdownDescription": "The scalable dimension associated with the scalable target. This string consists of the service namespace, resource type, and scaling property.\n\n- `ecs:service:DesiredCount` - The task count of an ECS service.\n- `elasticmapreduce:instancegroup:InstanceCount` - The instance count of an EMR Instance Group.\n- `ec2:spot-fleet-request:TargetCapacity` - The target capacity of a Spot Fleet.\n- `appstream:fleet:DesiredCapacity` - The capacity of an AppStream 2.0 fleet.\n- `dynamodb:table:ReadCapacityUnits` - The provisioned read capacity for a DynamoDB table.\n- `dynamodb:table:WriteCapacityUnits` - The provisioned write capacity for a DynamoDB table.\n- `dynamodb:index:ReadCapacityUnits` - The provisioned read capacity for a DynamoDB global secondary index.\n- `dynamodb:index:WriteCapacityUnits` - The provisioned write capacity for a DynamoDB global secondary index.\n- `rds:cluster:ReadReplicaCount` - The count of Aurora Replicas in an Aurora DB cluster. Available for Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.\n- `sagemaker:variant:DesiredInstanceCount` - The number of EC2 instances for a SageMaker model endpoint variant.\n- `custom-resource:ResourceType:Property` - The scalable dimension for a custom resource provided by your own application or service.\n- `comprehend:document-classifier-endpoint:DesiredInferenceUnits` - The number of inference units for an Amazon Comprehend document classification endpoint.\n- `comprehend:entity-recognizer-endpoint:DesiredInferenceUnits` - The number of inference units for an Amazon Comprehend entity recognizer endpoint.\n- `lambda:function:ProvisionedConcurrency` - The provisioned concurrency for a Lambda function.\n- `cassandra:table:ReadCapacityUnits` - The provisioned read capacity for an Amazon Keyspaces table.\n- `cassandra:table:WriteCapacityUnits` - The provisioned write capacity for an Amazon Keyspaces table.\n- `kafka:broker-storage:VolumeSize` - The provisioned volume size (in GiB) for brokers in an Amazon MSK cluster.\n- `elasticache:cache-cluster:Nodes` - The number of nodes for an Amazon ElastiCache cache cluster.\n- `elasticache:replication-group:NodeGroups` - The number of node groups for an Amazon ElastiCache replication group.\n- `elasticache:replication-group:Replicas` - The number of replicas per node group for an Amazon ElastiCache replication group.\n- `neptune:cluster:ReadReplicaCount` - The count of read replicas in an Amazon Neptune DB cluster.\n- `sagemaker:variant:DesiredProvisionedConcurrency` - The provisioned concurrency for a SageMaker serverless endpoint.\n- `sagemaker:inference-component:DesiredCopyCount` - The number of copies across an endpoint for a SageMaker inference component.\n- `workspaces:workspacespool:DesiredUserSessions` - The number of user sessions for the WorkSpaces in the pool.", + "title": "ScalableDimension", + "type": "string" + }, + "ScheduledActions": { + "items": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalableTarget.ScheduledAction" + }, + "markdownDescription": "The scheduled actions for the scalable target. Duplicates aren't allowed.", + "title": "ScheduledActions", + "type": "array" + }, + "ServiceNamespace": { + "markdownDescription": "The namespace of the AWS service that provides the resource, or a `custom-resource` .", + "title": "ServiceNamespace", + "type": "string" + }, + "SuspendedState": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalableTarget.SuspendedState", + "markdownDescription": "An embedded object that contains attributes and attribute values that are used to suspend and resume automatic scaling. Setting the value of an attribute to `true` suspends the specified scaling activities. Setting it to `false` (default) resumes the specified scaling activities.\n\n*Suspension Outcomes*\n\n- For `DynamicScalingInSuspended` , while a suspension is in effect, all scale-in activities that are triggered by a scaling policy are suspended.\n- For `DynamicScalingOutSuspended` , while a suspension is in effect, all scale-out activities that are triggered by a scaling policy are suspended.\n- For `ScheduledScalingSuspended` , while a suspension is in effect, all scaling activities that involve scheduled actions are suspended.", + "title": "SuspendedState" + } + }, + "required": [ + "MaxCapacity", + "MinCapacity", + "ResourceId", + "ScalableDimension", + "ServiceNamespace" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ApplicationAutoScaling::ScalableTarget" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalableTarget.ScalableTargetAction": { + "additionalProperties": false, + "properties": { + "MaxCapacity": { + "markdownDescription": "The maximum capacity.", + "title": "MaxCapacity", + "type": "number" + }, + "MinCapacity": { + "markdownDescription": "The minimum capacity.", + "title": "MinCapacity", + "type": "number" + } + }, + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalableTarget.ScheduledAction": { + "additionalProperties": false, + "properties": { + "EndTime": { + "markdownDescription": "The date and time that the action is scheduled to end, in UTC.", + "title": "EndTime", + "type": "string" + }, + "ScalableTargetAction": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalableTarget.ScalableTargetAction", + "markdownDescription": "The new minimum and maximum capacity. You can set both values or just one. At the scheduled time, if the current capacity is below the minimum capacity, Application Auto Scaling scales out to the minimum capacity. If the current capacity is above the maximum capacity, Application Auto Scaling scales in to the maximum capacity.", + "title": "ScalableTargetAction" + }, + "Schedule": { + "markdownDescription": "The schedule for this action. The following formats are supported:\n\n- At expressions - \" `at( *yyyy* - *mm* - *dd* T *hh* : *mm* : *ss* )` \"\n- Rate expressions - \" `rate( *value* *unit* )` \"\n- Cron expressions - \" `cron( *fields* )` \"\n\nAt expressions are useful for one-time schedules. Cron expressions are useful for scheduled actions that run periodically at a specified date and time, and rate expressions are useful for scheduled actions that run at a regular interval.\n\nAt and cron expressions use Universal Coordinated Time (UTC) by default.\n\nThe cron format consists of six fields separated by white spaces: [Minutes] [Hours] [Day_of_Month] [Month] [Day_of_Week] [Year].\n\nFor rate expressions, *value* is a positive integer and *unit* is `minute` | `minutes` | `hour` | `hours` | `day` | `days` .", + "title": "Schedule", + "type": "string" + }, + "ScheduledActionName": { + "markdownDescription": "The name of the scheduled action. This name must be unique among all other scheduled actions on the specified scalable target.", + "title": "ScheduledActionName", + "type": "string" + }, + "StartTime": { + "markdownDescription": "The date and time that the action is scheduled to begin, in UTC.", + "title": "StartTime", + "type": "string" + }, + "Timezone": { + "markdownDescription": "The time zone used when referring to the date and time of a scheduled action, when the scheduled action uses an at or cron expression.", + "title": "Timezone", + "type": "string" + } + }, + "required": [ + "Schedule", + "ScheduledActionName" + ], + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalableTarget.SuspendedState": { + "additionalProperties": false, + "properties": { + "DynamicScalingInSuspended": { + "markdownDescription": "Whether scale in by a target tracking scaling policy or a step scaling policy is suspended. Set the value to `true` if you don't want Application Auto Scaling to remove capacity when a scaling policy is triggered. The default is `false` .", + "title": "DynamicScalingInSuspended", + "type": "boolean" + }, + "DynamicScalingOutSuspended": { + "markdownDescription": "Whether scale out by a target tracking scaling policy or a step scaling policy is suspended. Set the value to `true` if you don't want Application Auto Scaling to add capacity when a scaling policy is triggered. The default is `false` .", + "title": "DynamicScalingOutSuspended", + "type": "boolean" + }, + "ScheduledScalingSuspended": { + "markdownDescription": "Whether scheduled scaling is suspended. Set the value to `true` if you don't want Application Auto Scaling to add or remove capacity by initiating scheduled actions. The default is `false` .", + "title": "ScheduledScalingSuspended", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalingPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -20780,6 +22938,11 @@ "title": "PolicyType", "type": "string" }, + "PredictiveScalingPolicyConfiguration": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingPolicyConfiguration", + "markdownDescription": "The predictive scaling policy configuration.", + "title": "PredictiveScalingPolicyConfiguration" + }, "ResourceId": { "markdownDescription": "The identifier of the resource associated with the scaling policy. This string consists of the resource type and unique identifier.\n\n- ECS service - The resource type is `service` and the unique identifier is the cluster name and service name. Example: `service/my-cluster/my-service` .\n- Spot Fleet - The resource type is `spot-fleet-request` and the unique identifier is the Spot Fleet request ID. Example: `spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE` .\n- EMR cluster - The resource type is `instancegroup` and the unique identifier is the cluster ID and instance group ID. Example: `instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0` .\n- AppStream 2.0 fleet - The resource type is `fleet` and the unique identifier is the fleet name. Example: `fleet/sample-fleet` .\n- DynamoDB table - The resource type is `table` and the unique identifier is the table name. Example: `table/my-table` .\n- DynamoDB global secondary index - The resource type is `index` and the unique identifier is the index name. Example: `table/my-table/index/my-table-index` .\n- Aurora DB cluster - The resource type is `cluster` and the unique identifier is the cluster name. Example: `cluster:my-db-cluster` .\n- SageMaker endpoint variant - The resource type is `variant` and the unique identifier is the resource ID. Example: `endpoint/my-end-point/variant/KMeansClustering` .\n- Custom resources are not supported with a resource type. This parameter must specify the `OutputValue` from the CloudFormation template stack used to access the resources. The unique identifier is defined by the service provider. More information is available in our [GitHub repository](https://docs.aws.amazon.com/https://github.com/aws/aws-auto-scaling-custom-resource) .\n- Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: `arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE` .\n- Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: `arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE` .\n- Lambda provisioned concurrency - The resource type is `function` and the unique identifier is the function name with a function version or alias name suffix that is not `$LATEST` . Example: `function:my-function:prod` or `function:my-function:1` .\n- Amazon Keyspaces table - The resource type is `table` and the unique identifier is the table name. Example: `keyspace/mykeyspace/table/mytable` .\n- Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. Example: `arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5` .\n- Amazon ElastiCache replication group - The resource type is `replication-group` and the unique identifier is the replication group name. Example: `replication-group/mycluster` .\n- Amazon ElastiCache cache cluster - The resource type is `cache-cluster` and the unique identifier is the cache cluster name. Example: `cache-cluster/mycluster` .\n- Neptune cluster - The resource type is `cluster` and the unique identifier is the cluster name. Example: `cluster:mycluster` .\n- SageMaker serverless endpoint - The resource type is `variant` and the unique identifier is the resource ID. Example: `endpoint/my-end-point/variant/KMeansClustering` .\n- SageMaker inference component - The resource type is `inference-component` and the unique identifier is the resource ID. Example: `inference-component/my-inference-component` .\n- Pool of WorkSpaces - The resource type is `workspacespool` and the unique identifier is the pool ID. Example: `workspacespool/wspool-123456` .", "title": "ResourceId", @@ -20919,6 +23082,287 @@ ], "type": "object" }, + "AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingCustomizedCapacityMetric": { + "additionalProperties": false, + "properties": { + "MetricDataQueries": { + "items": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingMetricDataQuery" + }, + "markdownDescription": "One or more metric data queries to provide data points for a metric specification.", + "title": "MetricDataQueries", + "type": "array" + } + }, + "required": [ + "MetricDataQueries" + ], + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingCustomizedLoadMetric": { + "additionalProperties": false, + "properties": { + "MetricDataQueries": { + "items": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingMetricDataQuery" + }, + "markdownDescription": "", + "title": "MetricDataQueries", + "type": "array" + } + }, + "required": [ + "MetricDataQueries" + ], + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingCustomizedScalingMetric": { + "additionalProperties": false, + "properties": { + "MetricDataQueries": { + "items": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingMetricDataQuery" + }, + "markdownDescription": "One or more metric data queries to provide data points for a metric specification.", + "title": "MetricDataQueries", + "type": "array" + } + }, + "required": [ + "MetricDataQueries" + ], + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingMetric": { + "additionalProperties": false, + "properties": { + "Dimensions": { + "items": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingMetricDimension" + }, + "markdownDescription": "Describes the dimensions of the metric.", + "title": "Dimensions", + "type": "array" + }, + "MetricName": { + "markdownDescription": "The name of the metric.", + "title": "MetricName", + "type": "string" + }, + "Namespace": { + "markdownDescription": "The namespace of the metric.", + "title": "Namespace", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingMetricDataQuery": { + "additionalProperties": false, + "properties": { + "Expression": { + "markdownDescription": "The math expression to perform on the returned data, if this object is performing a math expression. This expression can use the `Id` of the other metrics to refer to those metrics, and can also use the `Id` of other expressions to use the result of those expressions.\n\nConditional: Within each `MetricDataQuery` object, you must specify either `Expression` or `MetricStat` , but not both.", + "title": "Expression", + "type": "string" + }, + "Id": { + "markdownDescription": "A short name that identifies the object's results in the response. This name must be unique among all `MetricDataQuery` objects specified for a single scaling policy. If you are performing math expressions on this set of data, this name represents that data and can serve as a variable in the mathematical expression. The valid characters are letters, numbers, and underscores. The first character must be a lowercase letter.", + "title": "Id", + "type": "string" + }, + "Label": { + "markdownDescription": "A human-readable label for this metric or expression. This is especially useful if this is a math expression, so that you know what the value represents.", + "title": "Label", + "type": "string" + }, + "MetricStat": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingMetricStat", + "markdownDescription": "Information about the metric data to return.\n\nConditional: Within each `MetricDataQuery` object, you must specify either `Expression` or `MetricStat` , but not both.", + "title": "MetricStat" + }, + "ReturnData": { + "markdownDescription": "Indicates whether to return the timestamps and raw data values of this metric.\n\nIf you use any math expressions, specify `true` for this value for only the final math expression that the metric specification is based on. You must specify `false` for `ReturnData` for all the other metrics and expressions used in the metric specification.\n\nIf you are only retrieving metrics and not performing any math expressions, do not specify anything for `ReturnData` . This sets it to its default ( `true` ).", + "title": "ReturnData", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingMetricDimension": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the dimension.", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the dimension.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingMetricSpecification": { + "additionalProperties": false, + "properties": { + "CustomizedCapacityMetricSpecification": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingCustomizedCapacityMetric", + "markdownDescription": "The customized capacity metric specification.", + "title": "CustomizedCapacityMetricSpecification" + }, + "CustomizedLoadMetricSpecification": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingCustomizedLoadMetric", + "markdownDescription": "The customized load metric specification.", + "title": "CustomizedLoadMetricSpecification" + }, + "CustomizedScalingMetricSpecification": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingCustomizedScalingMetric", + "markdownDescription": "The customized scaling metric specification.", + "title": "CustomizedScalingMetricSpecification" + }, + "PredefinedLoadMetricSpecification": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingPredefinedLoadMetric", + "markdownDescription": "The predefined load metric specification.", + "title": "PredefinedLoadMetricSpecification" + }, + "PredefinedMetricPairSpecification": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingPredefinedMetricPair", + "markdownDescription": "The predefined metric pair specification that determines the appropriate scaling metric and load metric to use.", + "title": "PredefinedMetricPairSpecification" + }, + "PredefinedScalingMetricSpecification": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingPredefinedScalingMetric", + "markdownDescription": "The predefined scaling metric specification.", + "title": "PredefinedScalingMetricSpecification" + }, + "TargetValue": { + "markdownDescription": "Specifies the target utilization.", + "title": "TargetValue", + "type": "number" + } + }, + "required": [ + "TargetValue" + ], + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingMetricStat": { + "additionalProperties": false, + "properties": { + "Metric": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingMetric", + "markdownDescription": "The CloudWatch metric to return, including the metric name, namespace, and dimensions. To get the exact metric name, namespace, and dimensions, inspect the [Metric](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_Metric.html) object that is returned by a call to [ListMetrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_ListMetrics.html) .", + "title": "Metric" + }, + "Stat": { + "markdownDescription": "The statistic to return. It can include any CloudWatch statistic or extended statistic. For a list of valid values, see the table in [Statistics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html#Statistic) in the *Amazon CloudWatch User Guide* .\n\nThe most commonly used metrics for predictive scaling are `Average` and `Sum` .", + "title": "Stat", + "type": "string" + }, + "Unit": { + "markdownDescription": "The unit to use for the returned data points. For a complete list of the units that CloudWatch supports, see the [MetricDatum](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_MetricDatum.html) data type in the *Amazon CloudWatch API Reference* .", + "title": "Unit", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingPolicyConfiguration": { + "additionalProperties": false, + "properties": { + "MaxCapacityBreachBehavior": { + "markdownDescription": "Defines the behavior that should be applied if the forecast capacity approaches or exceeds the maximum capacity. Defaults to `HonorMaxCapacity` if not specified.", + "title": "MaxCapacityBreachBehavior", + "type": "string" + }, + "MaxCapacityBuffer": { + "markdownDescription": "The size of the capacity buffer to use when the forecast capacity is close to or exceeds the maximum capacity. The value is specified as a percentage relative to the forecast capacity. For example, if the buffer is 10, this means a 10 percent buffer, such that if the forecast capacity is 50, and the maximum capacity is 40, then the effective maximum capacity is 55.\n\nRequired if the `MaxCapacityBreachBehavior` property is set to `IncreaseMaxCapacity` , and cannot be used otherwise.", + "title": "MaxCapacityBuffer", + "type": "number" + }, + "MetricSpecifications": { + "items": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingMetricSpecification" + }, + "markdownDescription": "This structure includes the metrics and target utilization to use for predictive scaling.\n\nThis is an array, but we currently only support a single metric specification. That is, you can specify a target value and a single metric pair, or a target value and one scaling metric and one load metric.", + "title": "MetricSpecifications", + "type": "array" + }, + "Mode": { + "markdownDescription": "The predictive scaling mode. Defaults to `ForecastOnly` if not specified.", + "title": "Mode", + "type": "string" + }, + "SchedulingBufferTime": { + "markdownDescription": "The amount of time, in seconds, that the start time can be advanced.\n\nThe value must be less than the forecast interval duration of 3600 seconds (60 minutes). Defaults to 300 seconds if not specified.", + "title": "SchedulingBufferTime", + "type": "number" + } + }, + "required": [ + "MetricSpecifications" + ], + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingPredefinedLoadMetric": { + "additionalProperties": false, + "properties": { + "PredefinedMetricType": { + "markdownDescription": "The metric type.", + "title": "PredefinedMetricType", + "type": "string" + }, + "ResourceLabel": { + "markdownDescription": "A label that uniquely identifies a target group.", + "title": "ResourceLabel", + "type": "string" + } + }, + "required": [ + "PredefinedMetricType" + ], + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingPredefinedMetricPair": { + "additionalProperties": false, + "properties": { + "PredefinedMetricType": { + "markdownDescription": "Indicates which metrics to use. There are two different types of metrics for each metric type: one is a load metric and one is a scaling metric.", + "title": "PredefinedMetricType", + "type": "string" + }, + "ResourceLabel": { + "markdownDescription": "A label that uniquely identifies a specific target group from which to determine the total and average request count.", + "title": "ResourceLabel", + "type": "string" + } + }, + "required": [ + "PredefinedMetricType" + ], + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingPredefinedScalingMetric": { + "additionalProperties": false, + "properties": { + "PredefinedMetricType": { + "markdownDescription": "The metric type.", + "title": "PredefinedMetricType", + "type": "string" + }, + "ResourceLabel": { + "markdownDescription": "A label that uniquely identifies a specific target group from which to determine the average request count.", + "title": "ResourceLabel", + "type": "string" + } + }, + "required": [ + "PredefinedMetricType" + ], + "type": "object" + }, "AWS::ApplicationAutoScaling::ScalingPolicy.StepAdjustment": { "additionalProperties": false, "properties": { @@ -21202,6 +23646,11 @@ "title": "ResourceGroupName", "type": "string" }, + "SNSNotificationArn": { + "markdownDescription": "The SNS topic ARN that is associated with SNS notifications for updates or issues.", + "title": "SNSNotificationArn", + "type": "string" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" @@ -21738,6 +24187,636 @@ ], "type": "object" }, + "AWS::ApplicationSignals::Discovery": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ApplicationSignals::Discovery" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "BurnRateConfigurations": { + "items": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.BurnRateConfiguration" + }, + "markdownDescription": "Each object in this array defines the length of the look-back window used to calculate one burn rate metric for this SLO. The burn rate measures how fast the service is consuming the error budget, relative to the attainment goal of the SLO.", + "title": "BurnRateConfigurations", + "type": "array" + }, + "Description": { + "markdownDescription": "An optional description for this SLO.", + "title": "Description", + "type": "string" + }, + "ExclusionWindows": { + "items": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.ExclusionWindow" + }, + "markdownDescription": "The time window to be excluded from the SLO performance metrics.", + "title": "ExclusionWindows", + "type": "array" + }, + "Goal": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.Goal", + "markdownDescription": "This structure contains the attributes that determine the goal of an SLO. This includes the time period for evaluation and the attainment threshold.", + "title": "Goal" + }, + "Name": { + "markdownDescription": "A name for this SLO.", + "title": "Name", + "type": "string" + }, + "RequestBasedSli": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.RequestBasedSli", + "markdownDescription": "A structure containing information about the performance metric that this SLO monitors, if this is a request-based SLO.", + "title": "RequestBasedSli" + }, + "Sli": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.Sli", + "markdownDescription": "A structure containing information about the performance metric that this SLO monitors, if this is a period-based SLO.", + "title": "Sli" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs to associate with the SLO. You can associate as many as 50 tags with an SLO. To be able to associate tags with the SLO when you create the SLO, you must have the cloudwatch:TagResource permission.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ApplicationSignals::ServiceLevelObjective" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.BurnRateConfiguration": { + "additionalProperties": false, + "properties": { + "LookBackWindowMinutes": { + "markdownDescription": "The number of minutes to use as the look-back window.", + "title": "LookBackWindowMinutes", + "type": "number" + } + }, + "required": [ + "LookBackWindowMinutes" + ], + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.CalendarInterval": { + "additionalProperties": false, + "properties": { + "Duration": { + "markdownDescription": "Specifies the duration of each calendar interval. For example, if `Duration` is `1` and `DurationUnit` is `MONTH` , each interval is one month, aligned with the calendar.", + "title": "Duration", + "type": "number" + }, + "DurationUnit": { + "markdownDescription": "Specifies the calendar interval unit.", + "title": "DurationUnit", + "type": "string" + }, + "StartTime": { + "markdownDescription": "The date and time when you want the first interval to start. Be sure to choose a time that configures the intervals the way that you want. For example, if you want weekly intervals starting on Mondays at 6 a.m., be sure to specify a start time that is a Monday at 6 a.m.\n\nWhen used in a raw HTTP Query API, it is formatted as be epoch time in seconds. For example: `1698778057`\n\nAs soon as one calendar interval ends, another automatically begins.", + "title": "StartTime", + "type": "number" + } + }, + "required": [ + "Duration", + "DurationUnit", + "StartTime" + ], + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.DependencyConfig": { + "additionalProperties": false, + "properties": { + "DependencyKeyAttributes": { + "additionalProperties": true, + "markdownDescription": "If this SLO is related to a metric collected by Application Signals, you must use this field to specify which dependency the SLO metric is related to.\n\n- `Type` designates the type of object this is.\n- `ResourceType` specifies the type of the resource. This field is used only when the value of the `Type` field is `Resource` or `AWS::Resource` .\n- `Name` specifies the name of the object. This is used only if the value of the `Type` field is `Service` , `RemoteService` , or `AWS::Service` .\n- `Identifier` identifies the resource objects of this resource. This is used only if the value of the `Type` field is `Resource` or `AWS::Resource` .\n- `Environment` specifies the location where this object is hosted, or what it belongs to.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "DependencyKeyAttributes", + "type": "object" + }, + "DependencyOperationName": { + "markdownDescription": "When the SLO monitors a specific operation of the dependency, this field specifies the name of that operation in the dependency.", + "title": "DependencyOperationName", + "type": "string" + } + }, + "required": [ + "DependencyKeyAttributes", + "DependencyOperationName" + ], + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.Dimension": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the dimension. Dimension names must contain only ASCII characters, must include at least one non-whitespace character, and cannot start with a colon ( `:` ). ASCII control characters are not supported as part of dimension names.", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the dimension. Dimension values must contain only ASCII characters and must include at least one non-whitespace character. ASCII control characters are not supported as part of dimension values.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Name", + "Value" + ], + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.ExclusionWindow": { + "additionalProperties": false, + "properties": { + "Reason": { + "markdownDescription": "The reason for the time exclusion windows. For example, maintenance.", + "title": "Reason", + "type": "string" + }, + "RecurrenceRule": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.RecurrenceRule", + "markdownDescription": "The recurrence rule for the time exclusion window.", + "title": "RecurrenceRule" + }, + "StartTime": { + "markdownDescription": "The start time of the time exclusion window.", + "title": "StartTime", + "type": "string" + }, + "Window": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.Window", + "markdownDescription": "The time exclusion window.", + "title": "Window" + } + }, + "required": [ + "Window" + ], + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.Goal": { + "additionalProperties": false, + "properties": { + "AttainmentGoal": { + "markdownDescription": "The threshold that determines if the goal is being met.\n\nIf this is a period-based SLO, the attainment goal is the percentage of good periods that meet the threshold requirements to the total periods within the interval. For example, an attainment goal of 99.9% means that within your interval, you are targeting 99.9% of the periods to be in healthy state.\n\nIf this is a request-based SLO, the attainment goal is the percentage of requests that must be successful to meet the attainment goal.\n\nIf you omit this parameter, 99 is used to represent 99% as the attainment goal.", + "title": "AttainmentGoal", + "type": "number" + }, + "Interval": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.Interval", + "markdownDescription": "The time period used to evaluate the SLO. It can be either a calendar interval or rolling interval.\n\nIf you omit this parameter, a rolling interval of 7 days is used.", + "title": "Interval" + }, + "WarningThreshold": { + "markdownDescription": "The percentage of remaining budget over total budget that you want to get warnings for. If you omit this parameter, the default of 50.0 is used.", + "title": "WarningThreshold", + "type": "number" + } + }, + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.Interval": { + "additionalProperties": false, + "properties": { + "CalendarInterval": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.CalendarInterval", + "markdownDescription": "If the interval is a calendar interval, this structure contains the interval specifications.", + "title": "CalendarInterval" + }, + "RollingInterval": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.RollingInterval", + "markdownDescription": "If the interval is a rolling interval, this structure contains the interval specifications.", + "title": "RollingInterval" + } + }, + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.Metric": { + "additionalProperties": false, + "properties": { + "Dimensions": { + "items": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.Dimension" + }, + "markdownDescription": "An array of one or more dimensions to use to define the metric that you want to use. For more information, see [Dimensions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html#Dimension) .", + "title": "Dimensions", + "type": "array" + }, + "MetricName": { + "markdownDescription": "The name of the metric to use.", + "title": "MetricName", + "type": "string" + }, + "Namespace": { + "markdownDescription": "The namespace of the metric. For more information, see [Namespaces](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html#Namespace) .", + "title": "Namespace", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.MetricDataQuery": { + "additionalProperties": false, + "properties": { + "AccountId": { + "markdownDescription": "The ID of the account where this metric is located. If you are performing this operation in a monitoring account, use this to specify which source account to retrieve this metric from.", + "title": "AccountId", + "type": "string" + }, + "Expression": { + "markdownDescription": "This field can contain a metric math expression to be performed on the other metrics that you are retrieving within this `MetricDataQueries` structure.\n\nA math expression can use the `Id` of the other metrics or queries to refer to those metrics, and can also use the `Id` of other expressions to use the result of those expressions. For more information about metric math expressions, see [Metric Math Syntax and Functions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/using-metric-math.html#metric-math-syntax) in the *Amazon CloudWatch User Guide* .\n\nWithin each `MetricDataQuery` object, you must specify either `Expression` or `MetricStat` but not both.", + "title": "Expression", + "type": "string" + }, + "Id": { + "markdownDescription": "A short name used to tie this object to the results in the response. This `Id` must be unique within a `MetricDataQueries` array. If you are performing math expressions on this set of data, this name represents that data and can serve as a variable in the metric math expression. The valid characters are letters, numbers, and underscore. The first character must be a lowercase letter.", + "title": "Id", + "type": "string" + }, + "MetricStat": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.MetricStat", + "markdownDescription": "A metric to be used directly for the SLO, or to be used in the math expression that will be used for the SLO.\n\nWithin one `MetricDataQuery` object, you must specify either `Expression` or `MetricStat` but not both.", + "title": "MetricStat" + }, + "ReturnData": { + "markdownDescription": "Use this only if you are using a metric math expression for the SLO. Specify `true` for `ReturnData` for only the one expression result to use as the alarm. For all other metrics and expressions in the same `CreateServiceLevelObjective` operation, specify `ReturnData` as `false` .", + "title": "ReturnData", + "type": "boolean" + } + }, + "required": [ + "Id" + ], + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.MetricStat": { + "additionalProperties": false, + "properties": { + "Metric": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.Metric", + "markdownDescription": "The metric to use as the service level indicator, including the metric name, namespace, and dimensions.", + "title": "Metric" + }, + "Period": { + "markdownDescription": "The granularity, in seconds, to be used for the metric. For metrics with regular resolution, a period can be as short as one minute (60 seconds) and must be a multiple of 60. For high-resolution metrics that are collected at intervals of less than one minute, the period can be 1, 5, 10, 30, 60, or any multiple of 60. High-resolution metrics are those metrics stored by a `PutMetricData` call that includes a `StorageResolution` of 1 second.", + "title": "Period", + "type": "number" + }, + "Stat": { + "markdownDescription": "The statistic to use for comparison to the threshold. It can be any CloudWatch statistic or extended statistic. For more information about statistics, see [CloudWatch statistics definitions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Statistics-definitions.html) .", + "title": "Stat", + "type": "string" + }, + "Unit": { + "markdownDescription": "If you omit `Unit` then all data that was collected with any unit is returned, along with the corresponding units that were specified when the data was reported to CloudWatch. If you specify a unit, the operation returns only data that was collected with that unit specified. If you specify a unit that does not match the data collected, the results of the operation are null. CloudWatch does not perform unit conversions.", + "title": "Unit", + "type": "string" + } + }, + "required": [ + "Metric", + "Period", + "Stat" + ], + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.MonitoredRequestCountMetric": { + "additionalProperties": false, + "properties": { + "BadCountMetric": { + "items": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.MetricDataQuery" + }, + "markdownDescription": "If you want to count \"bad requests\" to determine the percentage of successful requests for this request-based SLO, specify the metric to use as \"bad requests\" in this structure.", + "title": "BadCountMetric", + "type": "array" + }, + "GoodCountMetric": { + "items": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.MetricDataQuery" + }, + "markdownDescription": "If you want to count \"good requests\" to determine the percentage of successful requests for this request-based SLO, specify the metric to use as \"good requests\" in this structure.", + "title": "GoodCountMetric", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.RecurrenceRule": { + "additionalProperties": false, + "properties": { + "Expression": { + "markdownDescription": "The following two rules are supported:\n\n- rate(value unit) - The value must be a positive integer and the unit can be hour|day|month.\n- cron - An expression which consists of six fields separated by white spaces: (minutes hours day_of_month month day_of_week year).", + "title": "Expression", + "type": "string" + } + }, + "required": [ + "Expression" + ], + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.RequestBasedSli": { + "additionalProperties": false, + "properties": { + "ComparisonOperator": { + "markdownDescription": "The arithmetic operation used when comparing the specified metric to the threshold.", + "title": "ComparisonOperator", + "type": "string" + }, + "MetricThreshold": { + "markdownDescription": "This value is the threshold that the observed metric values of the SLI metric are compared to.", + "title": "MetricThreshold", + "type": "number" + }, + "RequestBasedSliMetric": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.RequestBasedSliMetric", + "markdownDescription": "A structure that contains information about the metric that the SLO monitors.", + "title": "RequestBasedSliMetric" + } + }, + "required": [ + "RequestBasedSliMetric" + ], + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.RequestBasedSliMetric": { + "additionalProperties": false, + "properties": { + "DependencyConfig": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.DependencyConfig", + "markdownDescription": "Identifies the dependency using the `DependencyKeyAttributes` and `DependencyOperationName` .", + "title": "DependencyConfig" + }, + "KeyAttributes": { + "additionalProperties": true, + "markdownDescription": "This is a string-to-string map that contains information about the type of object that this SLO is related to. It can include the following fields.\n\n- `Type` designates the type of object that this SLO is related to.\n- `ResourceType` specifies the type of the resource. This field is used only when the value of the `Type` field is `Resource` or `AWS::Resource` .\n- `Name` specifies the name of the object. This is used only if the value of the `Type` field is `Service` , `RemoteService` , or `AWS::Service` .\n- `Identifier` identifies the resource objects of this resource. This is used only if the value of the `Type` field is `Resource` or `AWS::Resource` .\n- `Environment` specifies the location where this object is hosted, or what it belongs to.\n- `AwsAccountId` allows you to create an SLO for an object that exists in another account.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "KeyAttributes", + "type": "object" + }, + "MetricType": { + "markdownDescription": "If the SLO monitors either the `LATENCY` or `AVAILABILITY` metric that Application Signals collects, this field displays which of those metrics is used.", + "title": "MetricType", + "type": "string" + }, + "MonitoredRequestCountMetric": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.MonitoredRequestCountMetric", + "markdownDescription": "Use this structure to define the metric that you want to use as the \"good request\" or \"bad request\" value for a request-based SLO. This value observed for the metric defined in `TotalRequestCountMetric` will be divided by the number found for `MonitoredRequestCountMetric` to determine the percentage of successful requests that this SLO tracks.", + "title": "MonitoredRequestCountMetric" + }, + "OperationName": { + "markdownDescription": "If the SLO monitors a specific operation of the service, this field displays that operation name.", + "title": "OperationName", + "type": "string" + }, + "TotalRequestCountMetric": { + "items": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.MetricDataQuery" + }, + "markdownDescription": "This structure defines the metric that is used as the \"total requests\" number for a request-based SLO. The number observed for this metric is divided by the number of \"good requests\" or \"bad requests\" that is observed for the metric defined in `MonitoredRequestCountMetric` .", + "title": "TotalRequestCountMetric", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.RollingInterval": { + "additionalProperties": false, + "properties": { + "Duration": { + "markdownDescription": "Specifies the duration of each rolling interval. For example, if `Duration` is `7` and `DurationUnit` is `DAY` , each rolling interval is seven days.", + "title": "Duration", + "type": "number" + }, + "DurationUnit": { + "markdownDescription": "Specifies the rolling interval unit.", + "title": "DurationUnit", + "type": "string" + } + }, + "required": [ + "Duration", + "DurationUnit" + ], + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.Sli": { + "additionalProperties": false, + "properties": { + "ComparisonOperator": { + "markdownDescription": "The arithmetic operation to use when comparing the specified metric to the threshold.", + "title": "ComparisonOperator", + "type": "string" + }, + "MetricThreshold": { + "markdownDescription": "The value that the SLI metric is compared to.", + "title": "MetricThreshold", + "type": "number" + }, + "SliMetric": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.SliMetric", + "markdownDescription": "Use this structure to specify the metric to be used for the SLO.", + "title": "SliMetric" + } + }, + "required": [ + "ComparisonOperator", + "MetricThreshold", + "SliMetric" + ], + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.SliMetric": { + "additionalProperties": false, + "properties": { + "DependencyConfig": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.DependencyConfig", + "markdownDescription": "Identifies the dependency using the `DependencyKeyAttributes` and `DependencyOperationName` .", + "title": "DependencyConfig" + }, + "KeyAttributes": { + "additionalProperties": true, + "markdownDescription": "If this SLO is related to a metric collected by Application Signals, you must use this field to specify which service the SLO metric is related to. To do so, you must specify at least the `Type` , `Name` , and `Environment` attributes.\n\nThis is a string-to-string map. It can include the following fields.\n\n- `Type` designates the type of object this is.\n- `ResourceType` specifies the type of the resource. This field is used only when the value of the `Type` field is `Resource` or `AWS::Resource` .\n- `Name` specifies the name of the object. This is used only if the value of the `Type` field is `Service` , `RemoteService` , or `AWS::Service` .\n- `Identifier` identifies the resource objects of this resource. This is used only if the value of the `Type` field is `Resource` or `AWS::Resource` .\n- `Environment` specifies the location where this object is hosted, or what it belongs to.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "KeyAttributes", + "type": "object" + }, + "MetricDataQueries": { + "items": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.MetricDataQuery" + }, + "markdownDescription": "If this SLO monitors a CloudWatch metric or the result of a CloudWatch metric math expression, use this structure to specify that metric or expression.", + "title": "MetricDataQueries", + "type": "array" + }, + "MetricType": { + "markdownDescription": "If the SLO is to monitor either the `LATENCY` or `AVAILABILITY` metric that Application Signals collects, use this field to specify which of those metrics is used.", + "title": "MetricType", + "type": "string" + }, + "OperationName": { + "markdownDescription": "If the SLO is to monitor a specific operation of the service, use this field to specify the name of that operation.", + "title": "OperationName", + "type": "string" + }, + "PeriodSeconds": { + "markdownDescription": "The number of seconds to use as the period for SLO evaluation. Your application's performance is compared to the SLI during each period. For each period, the application is determined to have either achieved or not achieved the necessary performance.", + "title": "PeriodSeconds", + "type": "number" + }, + "Statistic": { + "markdownDescription": "The statistic to use for comparison to the threshold. It can be any CloudWatch statistic or extended statistic. For more information about statistics, see [CloudWatch statistics definitions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Statistics-definitions.html) .", + "title": "Statistic", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.Window": { + "additionalProperties": false, + "properties": { + "Duration": { + "markdownDescription": "The start and end time of the time exclusion window.", + "title": "Duration", + "type": "number" + }, + "DurationUnit": { + "markdownDescription": "The unit of measurement to use during the time window exclusion.", + "title": "DurationUnit", + "type": "string" + } + }, + "required": [ + "Duration", + "DurationUnit" + ], + "type": "object" + }, "AWS::Athena::CapacityReservation": { "additionalProperties": false, "properties": { @@ -21893,11 +24972,21 @@ "Properties": { "additionalProperties": false, "properties": { + "ConnectionType": { + "markdownDescription": "The type of connection for a `FEDERATED` data catalog (for example, `REDSHIFT` , `MYSQL` , or `SQLSERVER` ). For information about individual connectors, see [Available data source connectors](https://docs.aws.amazon.com/athena/latest/ug/connectors-available.html) .", + "title": "ConnectionType", + "type": "string" + }, "Description": { "markdownDescription": "A description of the data catalog.", "title": "Description", "type": "string" }, + "Error": { + "markdownDescription": "Text of the error that occurred during data catalog creation or deletion.", + "title": "Error", + "type": "string" + }, "Name": { "markdownDescription": "The name of the data catalog. The catalog name must be unique for the AWS account and can use a maximum of 128 alphanumeric, underscore, at sign, or hyphen characters.", "title": "Name", @@ -21914,6 +25003,11 @@ "title": "Parameters", "type": "object" }, + "Status": { + "markdownDescription": "The status of the creation or deletion of the data catalog.\n\n- The `LAMBDA` , `GLUE` , and `HIVE` data catalog types are created synchronously. Their status is either `CREATE_COMPLETE` or `CREATE_FAILED` .\n- The `FEDERATED` data catalog type is created asynchronously.\n\nData catalog creation status:\n\n- `CREATE_IN_PROGRESS` : Federated data catalog creation in progress.\n- `CREATE_COMPLETE` : Data catalog creation complete.\n- `CREATE_FAILED` : Data catalog could not be created.\n- `CREATE_FAILED_CLEANUP_IN_PROGRESS` : Federated data catalog creation failed and is being removed.\n- `CREATE_FAILED_CLEANUP_COMPLETE` : Federated data catalog creation failed and was removed.\n- `CREATE_FAILED_CLEANUP_FAILED` : Federated data catalog creation failed but could not be removed.\n\nData catalog deletion status:\n\n- `DELETE_IN_PROGRESS` : Federated data catalog deletion in progress.\n- `DELETE_COMPLETE` : Federated data catalog deleted.\n- `DELETE_FAILED` : Federated data catalog could not be deleted.", + "title": "Status", + "type": "string" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" @@ -22285,6 +25379,33 @@ }, "type": "object" }, + "AWS::Athena::WorkGroup.ManagedQueryResultsConfiguration": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "If set to true, allows you to store query results in Athena owned storage. If set to false, workgroup member stores query results in location specified under `ResultConfiguration$OutputLocation` . The default is false. A workgroup cannot have the `ResultConfiguration$OutputLocation` parameter when you set this field to true.", + "title": "Enabled", + "type": "boolean" + }, + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::Athena::WorkGroup.ManagedStorageEncryptionConfiguration", + "markdownDescription": "If you encrypt query and calculation results in Athena owned storage, this field indicates the encryption option (for example, SSE_KMS or CSE_KMS) and key information.", + "title": "EncryptionConfiguration" + } + }, + "type": "object" + }, + "AWS::Athena::WorkGroup.ManagedStorageEncryptionConfiguration": { + "additionalProperties": false, + "properties": { + "KmsKey": { + "markdownDescription": "", + "title": "KmsKey", + "type": "string" + } + }, + "type": "object" + }, "AWS::Athena::WorkGroup.ResultConfiguration": { "additionalProperties": false, "properties": { @@ -22344,6 +25465,11 @@ "title": "ExecutionRole", "type": "string" }, + "ManagedQueryResultsConfiguration": { + "$ref": "#/definitions/AWS::Athena::WorkGroup.ManagedQueryResultsConfiguration", + "markdownDescription": "The configuration for storing results in Athena owned storage, which includes whether this feature is enabled; whether encryption configuration, if any, is used for encrypting query results.", + "title": "ManagedQueryResultsConfiguration" + }, "PublishCloudWatchMetricsEnabled": { "markdownDescription": "Indicates that the Amazon CloudWatch metrics are enabled for the workgroup.", "title": "PublishCloudWatchMetricsEnabled", @@ -22669,6 +25795,16 @@ "title": "AutoScalingGroupName", "type": "string" }, + "AvailabilityZoneDistribution": { + "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.AvailabilityZoneDistribution", + "markdownDescription": "The instance capacity distribution across Availability Zones.", + "title": "AvailabilityZoneDistribution" + }, + "AvailabilityZoneImpairmentPolicy": { + "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.AvailabilityZoneImpairmentPolicy", + "markdownDescription": "The Availability Zone impairment policy.", + "title": "AvailabilityZoneImpairmentPolicy" + }, "AvailabilityZones": { "items": { "type": "string" @@ -22682,6 +25818,11 @@ "title": "CapacityRebalance", "type": "boolean" }, + "CapacityReservationSpecification": { + "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.CapacityReservationSpecification", + "markdownDescription": "The capacity reservation specification.", + "title": "CapacityReservationSpecification" + }, "Context": { "markdownDescription": "Reserved.", "title": "Context", @@ -22804,6 +25945,11 @@ "title": "ServiceLinkedRoleARN", "type": "string" }, + "SkipZonalShiftValidation": { + "markdownDescription": "", + "title": "SkipZonalShiftValidation", + "type": "boolean" + }, "Tags": { "items": { "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.TagProperty" @@ -22828,6 +25974,14 @@ "title": "TerminationPolicies", "type": "array" }, + "TrafficSources": { + "items": { + "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.TrafficSourceIdentifier" + }, + "markdownDescription": "The traffic sources associated with this Auto Scaling group.", + "title": "TrafficSources", + "type": "array" + }, "VPCZoneIdentifier": { "items": { "type": "string" @@ -22899,6 +26053,37 @@ }, "type": "object" }, + "AWS::AutoScaling::AutoScalingGroup.AvailabilityZoneDistribution": { + "additionalProperties": false, + "properties": { + "CapacityDistributionStrategy": { + "markdownDescription": "If launches fail in an Availability Zone, the following strategies are available. The default is `balanced-best-effort` .\n\n- `balanced-only` - If launches fail in an Availability Zone, Auto Scaling will continue to attempt to launch in the unhealthy zone to preserve a balanced distribution.\n- `balanced-best-effort` - If launches fail in an Availability Zone, Auto Scaling will attempt to launch in another healthy Availability Zone instead.", + "title": "CapacityDistributionStrategy", + "type": "string" + } + }, + "type": "object" + }, + "AWS::AutoScaling::AutoScalingGroup.AvailabilityZoneImpairmentPolicy": { + "additionalProperties": false, + "properties": { + "ImpairedZoneHealthCheckBehavior": { + "markdownDescription": "Specifies the health check behavior for the impaired Availability Zone in an active zonal shift. If you select `Replace unhealthy` , instances that appear unhealthy will be replaced in all Availability Zones. If you select `Ignore unhealthy` , instances will not be replaced in the Availability Zone with the active zonal shift. For more information, see [Auto Scaling group zonal shift](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-zonal-shift.html) in the *Amazon EC2 Auto Scaling User Guide* .", + "title": "ImpairedZoneHealthCheckBehavior", + "type": "string" + }, + "ZonalShiftEnabled": { + "markdownDescription": "If `true` , enable zonal shift for your Auto Scaling group.", + "title": "ZonalShiftEnabled", + "type": "boolean" + } + }, + "required": [ + "ImpairedZoneHealthCheckBehavior", + "ZonalShiftEnabled" + ], + "type": "object" + }, "AWS::AutoScaling::AutoScalingGroup.BaselineEbsBandwidthMbpsRequest": { "additionalProperties": false, "properties": { @@ -22915,6 +26100,72 @@ }, "type": "object" }, + "AWS::AutoScaling::AutoScalingGroup.BaselinePerformanceFactorsRequest": { + "additionalProperties": false, + "properties": { + "Cpu": { + "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.CpuPerformanceFactorRequest", + "markdownDescription": "The CPU performance to consider, using an instance family as the baseline reference.", + "title": "Cpu" + } + }, + "type": "object" + }, + "AWS::AutoScaling::AutoScalingGroup.CapacityReservationSpecification": { + "additionalProperties": false, + "properties": { + "CapacityReservationPreference": { + "markdownDescription": "The capacity reservation preference. The following options are available:\n\n- `capacity-reservations-only` - Auto Scaling will only launch instances into a Capacity Reservation or Capacity Reservation resource group. If capacity isn't available, instances will fail to launch.\n- `capacity-reservations-first` - Auto Scaling will try to launch instances into a Capacity Reservation or Capacity Reservation resource group first. If capacity isn't available, instances will run in On-Demand capacity.\n- `none` - Auto Scaling will not launch instances into a Capacity Reservation. Instances will run in On-Demand capacity.\n- `default` - Auto Scaling uses the Capacity Reservation preference from your launch template or an open Capacity Reservation.", + "title": "CapacityReservationPreference", + "type": "string" + }, + "CapacityReservationTarget": { + "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.CapacityReservationTarget", + "markdownDescription": "Describes a target Capacity Reservation or Capacity Reservation resource group.", + "title": "CapacityReservationTarget" + } + }, + "required": [ + "CapacityReservationPreference" + ], + "type": "object" + }, + "AWS::AutoScaling::AutoScalingGroup.CapacityReservationTarget": { + "additionalProperties": false, + "properties": { + "CapacityReservationIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The Capacity Reservation IDs to launch instances into.", + "title": "CapacityReservationIds", + "type": "array" + }, + "CapacityReservationResourceGroupArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The resource group ARNs of the Capacity Reservation to launch instances into.", + "title": "CapacityReservationResourceGroupArns", + "type": "array" + } + }, + "type": "object" + }, + "AWS::AutoScaling::AutoScalingGroup.CpuPerformanceFactorRequest": { + "additionalProperties": false, + "properties": { + "References": { + "items": { + "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.PerformanceFactorReferenceRequest" + }, + "markdownDescription": "Specify an instance family to use as the baseline reference for CPU performance. All instance types that match your specified attributes will be compared against the CPU performance of the referenced instance family, regardless of CPU manufacturer or architecture differences.\n\n> Currently only one instance family can be specified in the list.", + "title": "References", + "type": "array" + } + }, + "type": "object" + }, "AWS::AutoScaling::AutoScalingGroup.InstanceMaintenancePolicy": { "additionalProperties": false, "properties": { @@ -22986,6 +26237,11 @@ "markdownDescription": "The minimum and maximum baseline bandwidth performance for an instance type, in Mbps. For more information, see [Amazon EBS\u2013optimized instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-optimized.html) in the *Amazon EC2 User Guide* .\n\nDefault: No minimum or maximum limits", "title": "BaselineEbsBandwidthMbps" }, + "BaselinePerformanceFactors": { + "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.BaselinePerformanceFactorsRequest", + "markdownDescription": "The baseline performance factors for the instance requirements.", + "title": "BaselinePerformanceFactors" + }, "BurstablePerformance": { "markdownDescription": "Indicates whether burstable performance instance types are included, excluded, or required. For more information, see [Burstable performance instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) in the *Amazon EC2 User Guide* .\n\nDefault: `excluded`", "title": "BurstablePerformance", @@ -23368,6 +26624,17 @@ ], "type": "object" }, + "AWS::AutoScaling::AutoScalingGroup.PerformanceFactorReferenceRequest": { + "additionalProperties": false, + "properties": { + "InstanceFamily": { + "markdownDescription": "The instance family to use as a baseline reference.\n\n> Make sure that you specify the correct value for the instance family. The instance family is everything before the period (.) in the instance type name. For example, in the instance `c6i.large` , the instance family is `c6i` , not `c6` . For more information, see [Amazon EC2 instance type naming conventions](https://docs.aws.amazon.com/ec2/latest/instancetypes/instance-type-names.html) in *Amazon EC2 Instance Types* . \n\nThe following instance types are *not supported* for performance protection.\n\n- `c1`\n- `g3| g3s`\n- `hpc7g`\n- `m1| m2`\n- `mac1 | mac2 | mac2-m1ultra | mac2-m2 | mac2-m2pro`\n- `p3dn | p4d | p5`\n- `t1`\n- `u-12tb1 | u-18tb1 | u-24tb1 | u-3tb1 | u-6tb1 | u-9tb1 | u7i-12tb | u7in-16tb | u7in-24tb | u7in-32tb`\n\nIf you performance protection by specifying a supported instance family, the returned instance types will exclude the preceding unsupported instance families.\n\nIf you specify an unsupported instance family as a value for baseline performance, the API returns an empty response.", + "title": "InstanceFamily", + "type": "string" + } + }, + "type": "object" + }, "AWS::AutoScaling::AutoScalingGroup.TagProperty": { "additionalProperties": false, "properties": { @@ -23410,6 +26677,26 @@ }, "type": "object" }, + "AWS::AutoScaling::AutoScalingGroup.TrafficSourceIdentifier": { + "additionalProperties": false, + "properties": { + "Identifier": { + "markdownDescription": "Identifies the traffic source.\n\nFor Application Load Balancers, Gateway Load Balancers, Network Load Balancers, and VPC Lattice, this will be the Amazon Resource Name (ARN) for a target group in this account and Region. For Classic Load Balancers, this will be the name of the Classic Load Balancer in this account and Region.\n\nFor example:\n\n- Application Load Balancer ARN: `arn:aws:elasticloadbalancing:us-west-2:123456789012:targetgroup/my-targets/1234567890123456`\n- Classic Load Balancer name: `my-classic-load-balancer`\n- VPC Lattice ARN: `arn:aws:vpc-lattice:us-west-2:123456789012:targetgroup/tg-1234567890123456`\n\nTo get the ARN of a target group for a Application Load Balancer, Gateway Load Balancer, or Network Load Balancer, or the name of a Classic Load Balancer, use the Elastic Load Balancing [DescribeTargetGroups](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeTargetGroups.html) and [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html) API operations.\n\nTo get the ARN of a target group for VPC Lattice, use the VPC Lattice [GetTargetGroup](https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_GetTargetGroup.html) API operation.", + "title": "Identifier", + "type": "string" + }, + "Type": { + "markdownDescription": "Provides additional context for the value of `Identifier` .\n\nThe following lists the valid values:\n\n- `elb` if `Identifier` is the name of a Classic Load Balancer.\n- `elbv2` if `Identifier` is the ARN of an Application Load Balancer, Gateway Load Balancer, or Network Load Balancer target group.\n- `vpc-lattice` if `Identifier` is the ARN of a VPC Lattice target group.\n\nRequired if the identifier is the name of a Classic Load Balancer.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Identifier", + "Type" + ], + "type": "object" + }, "AWS::AutoScaling::AutoScalingGroup.VCpuCountRequest": { "additionalProperties": false, "properties": { @@ -23923,11 +27210,24 @@ "title": "MetricName", "type": "string" }, + "Metrics": { + "items": { + "$ref": "#/definitions/AWS::AutoScaling::ScalingPolicy.TargetTrackingMetricDataQuery" + }, + "markdownDescription": "The metrics to include in the target tracking scaling policy, as a metric data query. This can include both raw metric and metric math expressions.", + "title": "Metrics", + "type": "array" + }, "Namespace": { "markdownDescription": "The namespace of the metric.", "title": "Namespace", "type": "string" }, + "Period": { + "markdownDescription": "The period of the metric in seconds. The default value is 60. Accepted values are 10, 30, and 60. For high resolution metric, set the value to less than 60. For more information, see [Create a target tracking policy using high-resolution metrics for faster response](https://docs.aws.amazon.com/autoscaling/ec2/userguide/policy-creating-high-resolution-metrics.html) .", + "title": "Period", + "type": "number" + }, "Statistic": { "markdownDescription": "The statistic of the metric.", "title": "Statistic", @@ -23939,11 +27239,6 @@ "type": "string" } }, - "required": [ - "MetricName", - "Namespace", - "Statistic" - ], "type": "object" }, "AWS::AutoScaling::ScalingPolicy.Metric": { @@ -24314,207 +27609,276 @@ ], "type": "object" }, - "AWS::AutoScaling::ScheduledAction": { + "AWS::AutoScaling::ScalingPolicy.TargetTrackingMetricDataQuery": { "additionalProperties": false, "properties": { - "Condition": { + "Expression": { + "markdownDescription": "The math expression to perform on the returned data, if this object is performing a math expression. This expression can use the `Id` of the other metrics to refer to those metrics, and can also use the `Id` of other expressions to use the result of those expressions.\n\nConditional: Within each `TargetTrackingMetricDataQuery` object, you must specify either `Expression` or `MetricStat` , but not both.", + "title": "Expression", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Id": { + "markdownDescription": "A short name that identifies the object's results in the response. This name must be unique among all `TargetTrackingMetricDataQuery` objects specified for a single scaling policy. If you are performing math expressions on this set of data, this name represents that data and can serve as a variable in the mathematical expression. The valid characters are letters, numbers, and underscores. The first character must be a lowercase letter.", + "title": "Id", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "Label": { + "markdownDescription": "A human-readable label for this metric or expression. This is especially useful if this is a math expression, so that you know what the value represents.", + "title": "Label", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AutoScalingGroupName": { - "markdownDescription": "The name of the Auto Scaling group.", - "title": "AutoScalingGroupName", - "type": "string" - }, - "DesiredCapacity": { - "markdownDescription": "The desired capacity is the initial capacity of the Auto Scaling group after the scheduled action runs and the capacity it attempts to maintain. It can scale beyond this capacity if you add more scaling conditions.\n\n> You must specify at least one of the following properties: `MaxSize` , `MinSize` , or `DesiredCapacity` .", - "title": "DesiredCapacity", - "type": "number" - }, - "EndTime": { - "markdownDescription": "The date and time for the recurring schedule to end, in UTC. For example, `\"2021-06-01T00:00:00Z\"` .", - "title": "EndTime", - "type": "string" - }, - "MaxSize": { - "markdownDescription": "The maximum size of the Auto Scaling group.", - "title": "MaxSize", - "type": "number" - }, - "MinSize": { - "markdownDescription": "The minimum size of the Auto Scaling group.", - "title": "MinSize", - "type": "number" - }, - "Recurrence": { - "markdownDescription": "The recurring schedule for this action. This format consists of five fields separated by white spaces: [Minute] [Hour] [Day_of_Month] [Month_of_Year] [Day_of_Week]. The value must be in quotes (for example, `\"30 0 1 1,6,12 *\"` ). For more information about this format, see [Crontab](https://docs.aws.amazon.com/http://crontab.org) .\n\nWhen `StartTime` and `EndTime` are specified with `Recurrence` , they form the boundaries of when the recurring action starts and stops.\n\nCron expressions use Universal Coordinated Time (UTC) by default.", - "title": "Recurrence", - "type": "string" - }, - "StartTime": { - "markdownDescription": "The date and time for this action to start, in YYYY-MM-DDThh:mm:ssZ format in UTC/GMT only and in quotes (for example, `\"2021-06-01T00:00:00Z\"` ).\n\nIf you specify `Recurrence` and `StartTime` , Amazon EC2 Auto Scaling performs the action at this time, and then performs the action based on the specified recurrence.", - "title": "StartTime", - "type": "string" - }, - "TimeZone": { - "markdownDescription": "Specifies the time zone for a cron expression. If a time zone is not provided, UTC is used by default.\n\nValid values are the canonical names of the IANA time zones, derived from the IANA Time Zone Database (such as `Etc/GMT+9` or `Pacific/Tahiti` ). For more information, see [https://en.wikipedia.org/wiki/List_of_tz_database_time_zones](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/List_of_tz_database_time_zones) .", - "title": "TimeZone", - "type": "string" - } - }, - "required": [ - "AutoScalingGroupName" - ], - "type": "object" + "MetricStat": { + "$ref": "#/definitions/AWS::AutoScaling::ScalingPolicy.TargetTrackingMetricStat", + "markdownDescription": "Information about the metric data to return.\n\nConditional: Within each `TargetTrackingMetricDataQuery` object, you must specify either `Expression` or `MetricStat` , but not both.", + "title": "MetricStat" }, - "Type": { - "enum": [ - "AWS::AutoScaling::ScheduledAction" - ], - "type": "string" + "Period": { + "markdownDescription": "The period of the metric in seconds. The default value is 60. Accepted values are 10, 30, and 60. For high resolution metric, set the value to less than 60. For more information, see [Create a target tracking policy using high-resolution metrics for faster response](https://docs.aws.amazon.com/autoscaling/ec2/userguide/policy-creating-high-resolution-metrics.html) .", + "title": "Period", + "type": "number" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "ReturnData": { + "markdownDescription": "Indicates whether to return the timestamps and raw data values of this metric.\n\nIf you use any math expressions, specify `true` for this value for only the final math expression that the metric specification is based on. You must specify `false` for `ReturnData` for all the other metrics and expressions used in the metric specification.\n\nIf you are only retrieving metrics and not performing any math expressions, do not specify anything for `ReturnData` . This sets it to its default ( `true` ).", + "title": "ReturnData", + "type": "boolean" } }, "required": [ - "Type", - "Properties" + "Id" ], "type": "object" }, - "AWS::AutoScaling::WarmPool": { + "AWS::AutoScaling::ScalingPolicy.TargetTrackingMetricStat": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "Metric": { + "$ref": "#/definitions/AWS::AutoScaling::ScalingPolicy.Metric", + "markdownDescription": "The metric to use.", + "title": "Metric" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AutoScalingGroupName": { - "markdownDescription": "The name of the Auto Scaling group.", - "title": "AutoScalingGroupName", - "type": "string" - }, - "InstanceReusePolicy": { - "$ref": "#/definitions/AWS::AutoScaling::WarmPool.InstanceReusePolicy", - "markdownDescription": "Indicates whether instances in the Auto Scaling group can be returned to the warm pool on scale in. The default is to terminate instances in the Auto Scaling group when the group scales in.", - "title": "InstanceReusePolicy" - }, - "MaxGroupPreparedCapacity": { - "markdownDescription": "Specifies the maximum number of instances that are allowed to be in the warm pool or in any state except `Terminated` for the Auto Scaling group. This is an optional property. Specify it only if you do not want the warm pool size to be determined by the difference between the group's maximum capacity and its desired capacity.\n\n> If a value for `MaxGroupPreparedCapacity` is not specified, Amazon EC2 Auto Scaling launches and maintains the difference between the group's maximum capacity and its desired capacity. If you specify a value for `MaxGroupPreparedCapacity` , Amazon EC2 Auto Scaling uses the difference between the `MaxGroupPreparedCapacity` and the desired capacity instead.\n> \n> The size of the warm pool is dynamic. Only when `MaxGroupPreparedCapacity` and `MinSize` are set to the same value does the warm pool have an absolute size. \n\nIf the desired capacity of the Auto Scaling group is higher than the `MaxGroupPreparedCapacity` , the capacity of the warm pool is 0, unless you specify a value for `MinSize` . To remove a value that you previously set, include the property but specify -1 for the value.", - "title": "MaxGroupPreparedCapacity", - "type": "number" - }, - "MinSize": { - "markdownDescription": "Specifies the minimum number of instances to maintain in the warm pool. This helps you to ensure that there is always a certain number of warmed instances available to handle traffic spikes. Defaults to 0 if not specified.", - "title": "MinSize", - "type": "number" - }, - "PoolState": { - "markdownDescription": "Sets the instance state to transition to after the lifecycle actions are complete. Default is `Stopped` .", - "title": "PoolState", - "type": "string" - } - }, - "required": [ - "AutoScalingGroupName" - ], - "type": "object" + "Period": { + "markdownDescription": "The period of the metric in seconds. The default value is 60. Accepted values are 10, 30, and 60. For high resolution metric, set the value to less than 60. For more information, see [Create a target tracking policy using high-resolution metrics for faster response](https://docs.aws.amazon.com/autoscaling/ec2/userguide/policy-creating-high-resolution-metrics.html) .", + "title": "Period", + "type": "number" }, - "Type": { - "enum": [ - "AWS::AutoScaling::WarmPool" - ], + "Stat": { + "markdownDescription": "The statistic to return. It can include any CloudWatch statistic or extended statistic. For a list of valid values, see the table in [Statistics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html#Statistic) in the *Amazon CloudWatch User Guide* .\n\nThe most commonly used metric for scaling is `Average` .", + "title": "Stat", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Unit": { + "markdownDescription": "The unit to use for the returned data points. For a complete list of the units that CloudWatch supports, see the [MetricDatum](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_MetricDatum.html) data type in the *Amazon CloudWatch API Reference* .", + "title": "Unit", "type": "string" } }, "required": [ - "Type", - "Properties" + "Metric", + "Stat" ], "type": "object" }, - "AWS::AutoScaling::WarmPool.InstanceReusePolicy": { - "additionalProperties": false, - "properties": { - "ReuseOnScaleIn": { - "markdownDescription": "Specifies whether instances in the Auto Scaling group can be returned to the warm pool on scale in.", - "title": "ReuseOnScaleIn", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::AutoScalingPlans::ScalingPlan": { + "AWS::AutoScaling::ScheduledAction": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AutoScalingGroupName": { + "markdownDescription": "The name of the Auto Scaling group.", + "title": "AutoScalingGroupName", + "type": "string" + }, + "DesiredCapacity": { + "markdownDescription": "The desired capacity is the initial capacity of the Auto Scaling group after the scheduled action runs and the capacity it attempts to maintain. It can scale beyond this capacity if you add more scaling conditions.\n\n> You must specify at least one of the following properties: `MaxSize` , `MinSize` , or `DesiredCapacity` .", + "title": "DesiredCapacity", + "type": "number" + }, + "EndTime": { + "markdownDescription": "The date and time for the recurring schedule to end, in UTC. For example, `\"2021-06-01T00:00:00Z\"` .", + "title": "EndTime", + "type": "string" + }, + "MaxSize": { + "markdownDescription": "The maximum size of the Auto Scaling group.", + "title": "MaxSize", + "type": "number" + }, + "MinSize": { + "markdownDescription": "The minimum size of the Auto Scaling group.", + "title": "MinSize", + "type": "number" + }, + "Recurrence": { + "markdownDescription": "The recurring schedule for this action. This format consists of five fields separated by white spaces: [Minute] [Hour] [Day_of_Month] [Month_of_Year] [Day_of_Week]. The value must be in quotes (for example, `\"30 0 1 1,6,12 *\"` ). For more information about this format, see [Crontab](https://docs.aws.amazon.com/http://crontab.org) .\n\nWhen `StartTime` and `EndTime` are specified with `Recurrence` , they form the boundaries of when the recurring action starts and stops.\n\nCron expressions use Universal Coordinated Time (UTC) by default.", + "title": "Recurrence", + "type": "string" + }, + "StartTime": { + "markdownDescription": "The date and time for this action to start, in YYYY-MM-DDThh:mm:ssZ format in UTC/GMT only and in quotes (for example, `\"2021-06-01T00:00:00Z\"` ).\n\nIf you specify `Recurrence` and `StartTime` , Amazon EC2 Auto Scaling performs the action at this time, and then performs the action based on the specified recurrence.", + "title": "StartTime", + "type": "string" + }, + "TimeZone": { + "markdownDescription": "Specifies the time zone for a cron expression. If a time zone is not provided, UTC is used by default.\n\nValid values are the canonical names of the IANA time zones, derived from the IANA Time Zone Database (such as `Etc/GMT+9` or `Pacific/Tahiti` ). For more information, see [https://en.wikipedia.org/wiki/List_of_tz_database_time_zones](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/List_of_tz_database_time_zones) .", + "title": "TimeZone", + "type": "string" + } + }, + "required": [ + "AutoScalingGroupName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::AutoScaling::ScheduledAction" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::AutoScaling::WarmPool": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AutoScalingGroupName": { + "markdownDescription": "The name of the Auto Scaling group.", + "title": "AutoScalingGroupName", + "type": "string" + }, + "InstanceReusePolicy": { + "$ref": "#/definitions/AWS::AutoScaling::WarmPool.InstanceReusePolicy", + "markdownDescription": "Indicates whether instances in the Auto Scaling group can be returned to the warm pool on scale in. The default is to terminate instances in the Auto Scaling group when the group scales in.", + "title": "InstanceReusePolicy" + }, + "MaxGroupPreparedCapacity": { + "markdownDescription": "Specifies the maximum number of instances that are allowed to be in the warm pool or in any state except `Terminated` for the Auto Scaling group. This is an optional property. Specify it only if you do not want the warm pool size to be determined by the difference between the group's maximum capacity and its desired capacity.\n\n> If a value for `MaxGroupPreparedCapacity` is not specified, Amazon EC2 Auto Scaling launches and maintains the difference between the group's maximum capacity and its desired capacity. If you specify a value for `MaxGroupPreparedCapacity` , Amazon EC2 Auto Scaling uses the difference between the `MaxGroupPreparedCapacity` and the desired capacity instead.\n> \n> The size of the warm pool is dynamic. Only when `MaxGroupPreparedCapacity` and `MinSize` are set to the same value does the warm pool have an absolute size. \n\nIf the desired capacity of the Auto Scaling group is higher than the `MaxGroupPreparedCapacity` , the capacity of the warm pool is 0, unless you specify a value for `MinSize` . To remove a value that you previously set, include the property but specify -1 for the value.", + "title": "MaxGroupPreparedCapacity", + "type": "number" + }, + "MinSize": { + "markdownDescription": "Specifies the minimum number of instances to maintain in the warm pool. This helps you to ensure that there is always a certain number of warmed instances available to handle traffic spikes. Defaults to 0 if not specified.", + "title": "MinSize", + "type": "number" + }, + "PoolState": { + "markdownDescription": "Sets the instance state to transition to after the lifecycle actions are complete. Default is `Stopped` .", + "title": "PoolState", + "type": "string" + } + }, + "required": [ + "AutoScalingGroupName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::AutoScaling::WarmPool" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::AutoScaling::WarmPool.InstanceReusePolicy": { + "additionalProperties": false, + "properties": { + "ReuseOnScaleIn": { + "markdownDescription": "Specifies whether instances in the Auto Scaling group can be returned to the warm pool on scale in.", + "title": "ReuseOnScaleIn", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::AutoScalingPlans::ScalingPlan": { "additionalProperties": false, "properties": { "Condition": { @@ -25010,6 +28374,11 @@ "AWS::B2BI::Capability.EdiConfiguration": { "additionalProperties": false, "properties": { + "CapabilityDirection": { + "markdownDescription": "Specifies whether this is capability is for inbound or outbound transformations.", + "title": "CapabilityDirection", + "type": "string" + }, "InputLocation": { "$ref": "#/definitions/AWS::B2BI::Capability.S3Location", "markdownDescription": "Contains the Amazon S3 bucket and prefix for the location of the input file, which is contained in an `S3Location` object.", @@ -25128,8 +28497,13 @@ "title": "Capabilities", "type": "array" }, + "CapabilityOptions": { + "$ref": "#/definitions/AWS::B2BI::Partnership.CapabilityOptions", + "markdownDescription": "Contains the details for an Outbound EDI capability.", + "title": "CapabilityOptions" + }, "Email": { - "markdownDescription": "", + "markdownDescription": "Specifies the email address associated with this trading partner.", "title": "Email", "type": "string" }, @@ -25139,7 +28513,7 @@ "type": "string" }, "Phone": { - "markdownDescription": "", + "markdownDescription": "Specifies the phone number associated with the partnership.", "title": "Phone", "type": "string" }, @@ -25158,6 +28532,7 @@ } }, "required": [ + "Capabilities", "Email", "Name", "ProfileId" @@ -25185,6 +28560,255 @@ ], "type": "object" }, + "AWS::B2BI::Partnership.CapabilityOptions": { + "additionalProperties": false, + "properties": { + "InboundEdi": { + "$ref": "#/definitions/AWS::B2BI::Partnership.InboundEdiOptions", + "markdownDescription": "A structure that contains the inbound EDI options for the capability.", + "title": "InboundEdi" + }, + "OutboundEdi": { + "$ref": "#/definitions/AWS::B2BI::Partnership.OutboundEdiOptions", + "markdownDescription": "A structure that contains the outbound EDI options.", + "title": "OutboundEdi" + } + }, + "type": "object" + }, + "AWS::B2BI::Partnership.InboundEdiOptions": { + "additionalProperties": false, + "properties": { + "X12": { + "$ref": "#/definitions/AWS::B2BI::Partnership.X12InboundEdiOptions", + "markdownDescription": "A structure that contains X12-specific options for processing inbound X12 EDI files.", + "title": "X12" + } + }, + "type": "object" + }, + "AWS::B2BI::Partnership.OutboundEdiOptions": { + "additionalProperties": false, + "properties": { + "X12": { + "$ref": "#/definitions/AWS::B2BI::Partnership.X12Envelope", + "markdownDescription": "A structure that contains an X12 envelope structure.", + "title": "X12" + } + }, + "required": [ + "X12" + ], + "type": "object" + }, + "AWS::B2BI::Partnership.WrapOptions": { + "additionalProperties": false, + "properties": { + "LineLength": { + "markdownDescription": "", + "title": "LineLength", + "type": "number" + }, + "LineTerminator": { + "markdownDescription": "", + "title": "LineTerminator", + "type": "string" + }, + "WrapBy": { + "markdownDescription": "", + "title": "WrapBy", + "type": "string" + } + }, + "type": "object" + }, + "AWS::B2BI::Partnership.X12AcknowledgmentOptions": { + "additionalProperties": false, + "properties": { + "FunctionalAcknowledgment": { + "markdownDescription": "", + "title": "FunctionalAcknowledgment", + "type": "string" + }, + "TechnicalAcknowledgment": { + "markdownDescription": "", + "title": "TechnicalAcknowledgment", + "type": "string" + } + }, + "required": [ + "FunctionalAcknowledgment", + "TechnicalAcknowledgment" + ], + "type": "object" + }, + "AWS::B2BI::Partnership.X12ControlNumbers": { + "additionalProperties": false, + "properties": { + "StartingFunctionalGroupControlNumber": { + "markdownDescription": "", + "title": "StartingFunctionalGroupControlNumber", + "type": "number" + }, + "StartingInterchangeControlNumber": { + "markdownDescription": "", + "title": "StartingInterchangeControlNumber", + "type": "number" + }, + "StartingTransactionSetControlNumber": { + "markdownDescription": "", + "title": "StartingTransactionSetControlNumber", + "type": "number" + } + }, + "type": "object" + }, + "AWS::B2BI::Partnership.X12Delimiters": { + "additionalProperties": false, + "properties": { + "ComponentSeparator": { + "markdownDescription": "", + "title": "ComponentSeparator", + "type": "string" + }, + "DataElementSeparator": { + "markdownDescription": "", + "title": "DataElementSeparator", + "type": "string" + }, + "SegmentTerminator": { + "markdownDescription": "", + "title": "SegmentTerminator", + "type": "string" + } + }, + "type": "object" + }, + "AWS::B2BI::Partnership.X12Envelope": { + "additionalProperties": false, + "properties": { + "Common": { + "$ref": "#/definitions/AWS::B2BI::Partnership.X12OutboundEdiHeaders", + "markdownDescription": "A container for the X12 outbound EDI headers.", + "title": "Common" + }, + "WrapOptions": { + "$ref": "#/definitions/AWS::B2BI::Partnership.WrapOptions", + "markdownDescription": "", + "title": "WrapOptions" + } + }, + "type": "object" + }, + "AWS::B2BI::Partnership.X12FunctionalGroupHeaders": { + "additionalProperties": false, + "properties": { + "ApplicationReceiverCode": { + "markdownDescription": "", + "title": "ApplicationReceiverCode", + "type": "string" + }, + "ApplicationSenderCode": { + "markdownDescription": "", + "title": "ApplicationSenderCode", + "type": "string" + }, + "ResponsibleAgencyCode": { + "markdownDescription": "", + "title": "ResponsibleAgencyCode", + "type": "string" + } + }, + "type": "object" + }, + "AWS::B2BI::Partnership.X12InboundEdiOptions": { + "additionalProperties": false, + "properties": { + "AcknowledgmentOptions": { + "$ref": "#/definitions/AWS::B2BI::Partnership.X12AcknowledgmentOptions", + "markdownDescription": "Specifies acknowledgment options for inbound X12 EDI files. These options control how functional and technical acknowledgments are handled.", + "title": "AcknowledgmentOptions" + } + }, + "type": "object" + }, + "AWS::B2BI::Partnership.X12InterchangeControlHeaders": { + "additionalProperties": false, + "properties": { + "AcknowledgmentRequestedCode": { + "markdownDescription": "", + "title": "AcknowledgmentRequestedCode", + "type": "string" + }, + "ReceiverId": { + "markdownDescription": "", + "title": "ReceiverId", + "type": "string" + }, + "ReceiverIdQualifier": { + "markdownDescription": "", + "title": "ReceiverIdQualifier", + "type": "string" + }, + "RepetitionSeparator": { + "markdownDescription": "", + "title": "RepetitionSeparator", + "type": "string" + }, + "SenderId": { + "markdownDescription": "", + "title": "SenderId", + "type": "string" + }, + "SenderIdQualifier": { + "markdownDescription": "", + "title": "SenderIdQualifier", + "type": "string" + }, + "UsageIndicatorCode": { + "markdownDescription": "", + "title": "UsageIndicatorCode", + "type": "string" + } + }, + "type": "object" + }, + "AWS::B2BI::Partnership.X12OutboundEdiHeaders": { + "additionalProperties": false, + "properties": { + "ControlNumbers": { + "$ref": "#/definitions/AWS::B2BI::Partnership.X12ControlNumbers", + "markdownDescription": "Specifies control number configuration for outbound X12 EDI headers. These settings determine the starting values for interchange, functional group, and transaction set control numbers.", + "title": "ControlNumbers" + }, + "Delimiters": { + "$ref": "#/definitions/AWS::B2BI::Partnership.X12Delimiters", + "markdownDescription": "The delimiters, for example semicolon ( `;` ), that separates sections of the headers for the X12 object.", + "title": "Delimiters" + }, + "FunctionalGroupHeaders": { + "$ref": "#/definitions/AWS::B2BI::Partnership.X12FunctionalGroupHeaders", + "markdownDescription": "The functional group headers for the X12 object.", + "title": "FunctionalGroupHeaders" + }, + "Gs05TimeFormat": { + "markdownDescription": "", + "title": "Gs05TimeFormat", + "type": "string" + }, + "InterchangeControlHeaders": { + "$ref": "#/definitions/AWS::B2BI::Partnership.X12InterchangeControlHeaders", + "markdownDescription": "In X12 EDI messages, delimiters are used to mark the end of segments or elements, and are defined in the interchange control header.", + "title": "InterchangeControlHeaders" + }, + "ValidateEdi": { + "markdownDescription": "Specifies whether or not to validate the EDI for this X12 object: `TRUE` or `FALSE` .", + "title": "ValidateEdi", + "type": "boolean" + } + }, + "type": "object" + }, "AWS::B2BI::Profile": { "additionalProperties": false, "properties": { @@ -25318,22 +28942,30 @@ "Properties": { "additionalProperties": false, "properties": { - "EdiType": { - "$ref": "#/definitions/AWS::B2BI::Transformer.EdiType" + "InputConversion": { + "$ref": "#/definitions/AWS::B2BI::Transformer.InputConversion", + "markdownDescription": "Returns a structure that contains the format options for the transformation.", + "title": "InputConversion" }, - "FileFormat": { - "type": "string" - }, - "MappingTemplate": { - "type": "string" + "Mapping": { + "$ref": "#/definitions/AWS::B2BI::Transformer.Mapping", + "markdownDescription": "Returns the structure that contains the mapping template and its language (either XSLT or JSONATA).", + "title": "Mapping" }, "Name": { "markdownDescription": "Returns the descriptive name for the transformer.", "title": "Name", "type": "string" }, - "SampleDocument": { - "type": "string" + "OutputConversion": { + "$ref": "#/definitions/AWS::B2BI::Transformer.OutputConversion", + "markdownDescription": "Returns the `OutputConversion` object, which contains the format options for the outbound transformation.", + "title": "OutputConversion" + }, + "SampleDocuments": { + "$ref": "#/definitions/AWS::B2BI::Transformer.SampleDocuments", + "markdownDescription": "Returns a structure that contains the Amazon S3 bucket and an array of the corresponding keys used to identify the location for your sample documents.", + "title": "SampleDocuments" }, "Status": { "markdownDescription": "Returns the state of the newly created transformer. The transformer can be either `active` or `inactive` . For the transformer to be used in a capability, its status must `active` .", @@ -25350,9 +28982,6 @@ } }, "required": [ - "EdiType", - "FileFormat", - "MappingTemplate", "Name", "Status" ], @@ -25379,18 +29008,143 @@ ], "type": "object" }, - "AWS::B2BI::Transformer.EdiType": { + "AWS::B2BI::Transformer.AdvancedOptions": { "additionalProperties": false, "properties": { - "X12Details": { - "$ref": "#/definitions/AWS::B2BI::Transformer.X12Details" + "X12": { + "$ref": "#/definitions/AWS::B2BI::Transformer.X12AdvancedOptions", + "markdownDescription": "", + "title": "X12" + } + }, + "type": "object" + }, + "AWS::B2BI::Transformer.FormatOptions": { + "additionalProperties": false, + "properties": { + "X12": { + "$ref": "#/definitions/AWS::B2BI::Transformer.X12Details", + "markdownDescription": "", + "title": "X12" } }, "required": [ - "X12Details" + "X12" + ], + "type": "object" + }, + "AWS::B2BI::Transformer.InputConversion": { + "additionalProperties": false, + "properties": { + "AdvancedOptions": { + "$ref": "#/definitions/AWS::B2BI::Transformer.AdvancedOptions", + "markdownDescription": "", + "title": "AdvancedOptions" + }, + "FormatOptions": { + "$ref": "#/definitions/AWS::B2BI::Transformer.FormatOptions", + "markdownDescription": "", + "title": "FormatOptions" + }, + "FromFormat": { + "markdownDescription": "", + "title": "FromFormat", + "type": "string" + } + }, + "required": [ + "FromFormat" ], "type": "object" }, + "AWS::B2BI::Transformer.Mapping": { + "additionalProperties": false, + "properties": { + "Template": { + "markdownDescription": "", + "title": "Template", + "type": "string" + }, + "TemplateLanguage": { + "markdownDescription": "", + "title": "TemplateLanguage", + "type": "string" + } + }, + "required": [ + "TemplateLanguage" + ], + "type": "object" + }, + "AWS::B2BI::Transformer.OutputConversion": { + "additionalProperties": false, + "properties": { + "FormatOptions": { + "$ref": "#/definitions/AWS::B2BI::Transformer.FormatOptions", + "markdownDescription": "", + "title": "FormatOptions" + }, + "ToFormat": { + "markdownDescription": "", + "title": "ToFormat", + "type": "string" + } + }, + "required": [ + "ToFormat" + ], + "type": "object" + }, + "AWS::B2BI::Transformer.SampleDocumentKeys": { + "additionalProperties": false, + "properties": { + "Input": { + "markdownDescription": "", + "title": "Input", + "type": "string" + }, + "Output": { + "markdownDescription": "", + "title": "Output", + "type": "string" + } + }, + "type": "object" + }, + "AWS::B2BI::Transformer.SampleDocuments": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "", + "title": "BucketName", + "type": "string" + }, + "Keys": { + "items": { + "$ref": "#/definitions/AWS::B2BI::Transformer.SampleDocumentKeys" + }, + "markdownDescription": "", + "title": "Keys", + "type": "array" + } + }, + "required": [ + "BucketName", + "Keys" + ], + "type": "object" + }, + "AWS::B2BI::Transformer.X12AdvancedOptions": { + "additionalProperties": false, + "properties": { + "SplitOptions": { + "$ref": "#/definitions/AWS::B2BI::Transformer.X12SplitOptions", + "markdownDescription": "", + "title": "SplitOptions" + } + }, + "type": "object" + }, "AWS::B2BI::Transformer.X12Details": { "additionalProperties": false, "properties": { @@ -25407,6 +29161,17 @@ }, "type": "object" }, + "AWS::B2BI::Transformer.X12SplitOptions": { + "additionalProperties": false, + "properties": { + "SplitBy": { + "markdownDescription": "", + "title": "SplitBy", + "type": "string" + } + }, + "type": "object" + }, "AWS::BCMDataExports::Export": { "additionalProperties": false, "properties": { @@ -25805,6 +29570,14 @@ "title": "EnableContinuousBackup", "type": "boolean" }, + "IndexActions": { + "items": { + "$ref": "#/definitions/AWS::Backup::BackupPlan.IndexActionsResourceType" + }, + "markdownDescription": "There can up to one IndexAction in each BackupRule, as each backup can have 0 or 1 backup index associated with it.\n\nWithin the array is ResourceTypes. Only 1 resource type will be accepted for each BackupRule. Valid values:\n\n- `EBS` for Amazon Elastic Block Store\n- `S3` for Amazon Simple Storage Service (Amazon S3)", + "title": "IndexActions", + "type": "array" + }, "Lifecycle": { "$ref": "#/definitions/AWS::Backup::BackupPlan.LifecycleResourceType", "markdownDescription": "The lifecycle defines when a protected resource is transitioned to cold storage and when it expires. AWS Backup transitions and expires backups automatically according to the lifecycle that you define.", @@ -25872,6 +29645,20 @@ ], "type": "object" }, + "AWS::Backup::BackupPlan.IndexActionsResourceType": { + "additionalProperties": false, + "properties": { + "ResourceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "0 or 1 index action will be accepted for each BackupRule.\n\nValid values:\n\n- `EBS` for Amazon Elastic Block Store\n- `S3` for Amazon Simple Storage Service (Amazon S3)", + "title": "ResourceTypes", + "type": "array" + } + }, + "type": "object" + }, "AWS::Backup::BackupPlan.LifecycleResourceType": { "additionalProperties": false, "properties": { @@ -26405,6 +30192,129 @@ ], "type": "object" }, + "AWS::Backup::LogicallyAirGappedBackupVault": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AccessPolicy": { + "markdownDescription": "The backup vault access policy document in JSON format.", + "title": "AccessPolicy", + "type": "object" + }, + "BackupVaultName": { + "markdownDescription": "The name of a logical container where backups are stored. Logically air-gapped backup vaults are identified by names that are unique to the account used to create them and the Region where they are created.", + "title": "BackupVaultName", + "type": "string" + }, + "BackupVaultTags": { + "additionalProperties": true, + "markdownDescription": "The tags to assign to the vault.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "BackupVaultTags", + "type": "object" + }, + "MaxRetentionDays": { + "markdownDescription": "The maximum retention period that the vault retains its recovery points.", + "title": "MaxRetentionDays", + "type": "number" + }, + "MinRetentionDays": { + "markdownDescription": "This setting specifies the minimum retention period that the vault retains its recovery points.\n\nThe minimum value accepted is 7 days.", + "title": "MinRetentionDays", + "type": "number" + }, + "Notifications": { + "$ref": "#/definitions/AWS::Backup::LogicallyAirGappedBackupVault.NotificationObjectType", + "markdownDescription": "Returns event notifications for the specified backup vault.", + "title": "Notifications" + } + }, + "required": [ + "BackupVaultName", + "MaxRetentionDays", + "MinRetentionDays" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Backup::LogicallyAirGappedBackupVault" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Backup::LogicallyAirGappedBackupVault.NotificationObjectType": { + "additionalProperties": false, + "properties": { + "BackupVaultEvents": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of events that indicate the status of jobs to back up resources to the backup vault.", + "title": "BackupVaultEvents", + "type": "array" + }, + "SNSTopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that specifies the topic for a backup vault\u2019s events; for example, `arn:aws:sns:us-west-2:111122223333:MyVaultTopic` .", + "title": "SNSTopicArn", + "type": "string" + } + }, + "required": [ + "BackupVaultEvents", + "SNSTopicArn" + ], + "type": "object" + }, "AWS::Backup::ReportPlan": { "additionalProperties": false, "properties": { @@ -27008,6 +30918,11 @@ "markdownDescription": "The ComputeResources property type specifies details of the compute resources managed by the compute environment. This parameter is required for managed compute environments. For more information, see [Compute Environments](https://docs.aws.amazon.com/batch/latest/userguide/compute_environments.html) in the ** .", "title": "ComputeResources" }, + "Context": { + "markdownDescription": "Reserved.", + "title": "Context", + "type": "string" + }, "EksConfiguration": { "$ref": "#/definitions/AWS::Batch::ComputeEnvironment.EksConfiguration", "markdownDescription": "The details for the Amazon EKS cluster that supports the compute environment.", @@ -27214,7 +31129,7 @@ "type": "string" }, "ImageType": { - "markdownDescription": "The image type to match with the instance type to select an AMI. The supported values are different for `ECS` and `EKS` resources.\n\n- **ECS** - If the `imageIdOverride` parameter isn't specified, then a recent [Amazon ECS-optimized Amazon Linux 2 AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html#al2ami) ( `ECS_AL2` ) is used. If a new image type is specified in an update, but neither an `imageId` nor a `imageIdOverride` parameter is specified, then the latest Amazon ECS optimized AMI for that image type that's supported by AWS Batch is used.\n\n- **ECS_AL2** - [Amazon Linux 2](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html#al2ami) : Default for all non-GPU instance families.\n- **ECS_AL2_NVIDIA** - [Amazon Linux 2 (GPU)](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html#gpuami) : Default for all GPU instance families (for example `P4` and `G4` ) and can be used for all non AWS Graviton-based instance types.\n- **ECS_AL2023** - [Amazon Linux 2023](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) : AWS Batch supports Amazon Linux 2023.\n\n> Amazon Linux 2023 does not support `A1` instances.\n- **ECS_AL1** - [Amazon Linux](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html#alami) . Amazon Linux has reached the end-of-life of standard support. For more information, see [Amazon Linux AMI](https://docs.aws.amazon.com/amazon-linux-ami/) .\n- **EKS** - If the `imageIdOverride` parameter isn't specified, then a recent [Amazon EKS-optimized Amazon Linux AMI](https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html) ( `EKS_AL2` ) is used. If a new image type is specified in an update, but neither an `imageId` nor a `imageIdOverride` parameter is specified, then the latest Amazon EKS optimized AMI for that image type that AWS Batch supports is used.\n\n- **EKS_AL2** - [Amazon Linux 2](https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html) : Default for all non-GPU instance families.\n- **EKS_AL2_NVIDIA** - [Amazon Linux 2 (accelerated)](https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html) : Default for all GPU instance families (for example, `P4` and `G4` ) and can be used for all non AWS Graviton-based instance types.", + "markdownDescription": "The image type to match with the instance type to select an AMI. The supported values are different for `ECS` and `EKS` resources.\n\n- **ECS** - If the `imageIdOverride` parameter isn't specified, then a recent [Amazon ECS-optimized Amazon Linux 2 AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html#al2ami) ( `ECS_AL2` ) is used. If a new image type is specified in an update, but neither an `imageId` nor a `imageIdOverride` parameter is specified, then the latest Amazon ECS optimized AMI for that image type that's supported by AWS Batch is used.\n\n- **ECS_AL2** - [Amazon Linux 2](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html#al2ami) : Default for all non-GPU instance families.\n- **ECS_AL2_NVIDIA** - [Amazon Linux 2 (GPU)](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html#gpuami) : Default for all GPU instance families (for example `P4` and `G4` ) and can be used for all non AWS Graviton-based instance types.\n- **ECS_AL2023** - [Amazon Linux 2023](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) : AWS Batch supports Amazon Linux 2023.\n\n> Amazon Linux 2023 does not support `A1` instances.\n- **ECS_AL1** - [Amazon Linux](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html#alami) . Amazon Linux has reached the end-of-life of standard support. For more information, see [Amazon Linux AMI](https://docs.aws.amazon.com/amazon-linux-ami/) .\n- **EKS** - If the `imageIdOverride` parameter isn't specified, then a recent [Amazon EKS-optimized Amazon Linux AMI](https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html) ( `EKS_AL2` ) is used. If a new image type is specified in an update, but neither an `imageId` nor a `imageIdOverride` parameter is specified, then the latest Amazon EKS optimized AMI for that image type that AWS Batch supports is used.\n\n- **EKS_AL2** - [Amazon Linux 2](https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html) : Default for all non-GPU instance families.\n- **EKS_AL2_NVIDIA** - [Amazon Linux 2 (accelerated)](https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html) : Default for all GPU instance families (for example, `P4` and `G4` ) and can be used for all non AWS Graviton-based instance types.\n- **EKS_AL2023** - [Amazon Linux 2023](https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html) : AWS Batch supports Amazon Linux 2023.\n\n> Amazon Linux 2023 does not support `A1` instances.\n- **EKS_AL2023_NVIDIA** - [Amazon Linux 2023 (accelerated)](https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html) : GPU instance families and can be used for all non AWS Graviton-based instance types.", "title": "ImageType", "type": "string" } @@ -27257,6 +31172,53 @@ "title": "LaunchTemplateName", "type": "string" }, + "Overrides": { + "items": { + "$ref": "#/definitions/AWS::Batch::ComputeEnvironment.LaunchTemplateSpecificationOverride" + }, + "markdownDescription": "A launch template to use in place of the default launch template. You must specify either the launch template ID or launch template name in the request, but not both.\n\nYou can specify up to ten (10) launch template overrides that are associated to unique instance types or families for each compute environment.\n\n> To unset all override templates for a compute environment, you can pass an empty array to the [UpdateComputeEnvironment.overrides](https://docs.aws.amazon.com/batch/latest/APIReference/API_UpdateComputeEnvironment.html) parameter, or not include the `overrides` parameter when submitting the `UpdateComputeEnvironment` API operation.", + "title": "Overrides", + "type": "array" + }, + "UserdataType": { + "markdownDescription": "The EKS node initialization process to use. You only need to specify this value if you are using a custom AMI. The default value is `EKS_BOOTSTRAP_SH` . If *imageType* is a custom AMI based on EKS_AL2023 or EKS_AL2023_NVIDIA then you must choose `EKS_NODEADM` .", + "title": "UserdataType", + "type": "string" + }, + "Version": { + "markdownDescription": "The version number of the launch template, `$Default` , or `$Latest` .\n\nIf the value is `$Default` , the default version of the launch template is used. If the value is `$Latest` , the latest version of the launch template is used.\n\n> If the AMI ID that's used in a compute environment is from the launch template, the AMI isn't changed when the compute environment is updated. It's only changed if the `updateToLatestImageVersion` parameter for the compute environment is set to `true` . During an infrastructure update, if either `$Default` or `$Latest` is specified, AWS Batch re-evaluates the launch template version, and it might use a different version of the launch template. This is the case even if the launch template isn't specified in the update. When updating a compute environment, changing the launch template requires an infrastructure update of the compute environment. For more information, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the *AWS Batch User Guide* . \n\nDefault: `$Default`\n\nLatest: `$Latest`", + "title": "Version", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Batch::ComputeEnvironment.LaunchTemplateSpecificationOverride": { + "additionalProperties": false, + "properties": { + "LaunchTemplateId": { + "markdownDescription": "The ID of the launch template.\n\n*Note:* If you specify the `launchTemplateId` you can't specify the `launchTemplateName` as well.", + "title": "LaunchTemplateId", + "type": "string" + }, + "LaunchTemplateName": { + "markdownDescription": "The name of the launch template.\n\n*Note:* If you specify the `launchTemplateName` you can't specify the `launchTemplateId` as well.", + "title": "LaunchTemplateName", + "type": "string" + }, + "TargetInstanceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The instance type or family that this override launch template should be applied to.\n\nThis parameter is required when defining a launch template override.\n\nInformation included in this parameter must meet the following requirements:\n\n- Must be a valid Amazon EC2 instance type or family.\n- `optimal` isn't allowed.\n- `targetInstanceTypes` can target only instance types and families that are included within the [`ComputeResource.instanceTypes`](https://docs.aws.amazon.com/batch/latest/APIReference/API_ComputeResource.html#Batch-Type-ComputeResource-instanceTypes) set. `targetInstanceTypes` doesn't need to include all of the instances from the `instanceType` set, but at least a subset. For example, if `ComputeResource.instanceTypes` includes `[m5, g5]` , `targetInstanceTypes` can include `[m5.2xlarge]` and `[m5.large]` but not `[c5.large]` .\n- `targetInstanceTypes` included within the same launch template override or across launch template overrides can't overlap for the same compute environment. For example, you can't define one launch template override to target an instance family and another define an instance type within this same family.", + "title": "TargetInstanceTypes", + "type": "array" + }, + "UserdataType": { + "markdownDescription": "The EKS node initialization process to use. You only need to specify this value if you are using a custom AMI. The default value is `EKS_BOOTSTRAP_SH` . If *imageType* is a custom AMI based on EKS_AL2023 or EKS_AL2023_NVIDIA then you must choose `EKS_NODEADM` .", + "title": "UserdataType", + "type": "string" + }, "Version": { "markdownDescription": "The version number of the launch template, `$Default` , or `$Latest` .\n\nIf the value is `$Default` , the default version of the launch template is used. If the value is `$Latest` , the latest version of the launch template is used.\n\n> If the AMI ID that's used in a compute environment is from the launch template, the AMI isn't changed when the compute environment is updated. It's only changed if the `updateToLatestImageVersion` parameter for the compute environment is set to `true` . During an infrastructure update, if either `$Default` or `$Latest` is specified, AWS Batch re-evaluates the launch template version, and it might use a different version of the launch template. This is the case even if the launch template isn't specified in the update. When updating a compute environment, changing the launch template requires an infrastructure update of the compute environment. For more information, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the *AWS Batch User Guide* . \n\nDefault: `$Default`\n\nLatest: `$Latest`", "title": "Version", @@ -27281,7 +31243,7 @@ }, "type": "object" }, - "AWS::Batch::JobDefinition": { + "AWS::Batch::ConsumableResource": { "additionalProperties": false, "properties": { "Condition": { @@ -27316,6 +31278,100 @@ "Properties": { "additionalProperties": false, "properties": { + "ConsumableResourceName": { + "markdownDescription": "The name of the consumable resource.", + "title": "ConsumableResourceName", + "type": "string" + }, + "ResourceType": { + "markdownDescription": "Indicates whether the resource is available to be re-used after a job completes. Can be one of:\n\n- `REPLENISHABLE`\n- `NON_REPLENISHABLE`", + "title": "ResourceType", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The tags that you apply to the consumable resource to help you categorize and organize your resources. Each tag consists of a key and an optional value. For more information, see [Tagging your AWS Batch resources](https://docs.aws.amazon.com/batch/latest/userguide/using-tags.html) .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "TotalQuantity": { + "markdownDescription": "The total amount of the consumable resource that is available.", + "title": "TotalQuantity", + "type": "number" + } + }, + "required": [ + "ResourceType", + "TotalQuantity" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Batch::ConsumableResource" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Batch::JobDefinition": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ConsumableResourceProperties": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.ConsumableResourceProperties", + "markdownDescription": "Contains a list of consumable resources required by the job.", + "title": "ConsumableResourceProperties" + }, "ContainerProperties": { "$ref": "#/definitions/AWS::Batch::JobDefinition.ContainerProperties", "markdownDescription": "An object with properties specific to Amazon ECS-based jobs. When `containerProperties` is used in the job definition, it can't be used in addition to `eksProperties` , `ecsProperties` , or `nodeProperties` .", @@ -27342,7 +31398,13 @@ "title": "NodeProperties" }, "Parameters": { + "additionalProperties": true, "markdownDescription": "Default parameters or parameter substitution placeholders that are set in the job definition. Parameters are specified as a key-value pair mapping. Parameters in a `SubmitJob` request override any corresponding parameter defaults from the job definition. For more information about specifying parameters, see [Job definition parameters](https://docs.aws.amazon.com/batch/latest/userguide/job_definition_parameters.html) in the *AWS Batch User Guide* .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, "title": "Parameters", "type": "object" }, @@ -27370,12 +31432,18 @@ "type": "number" }, "Tags": { + "additionalProperties": true, "markdownDescription": "The tags that are applied to the job definition.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, "title": "Tags", "type": "object" }, "Timeout": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.Timeout", + "$ref": "#/definitions/AWS::Batch::JobDefinition.JobTimeout", "markdownDescription": "The timeout time for jobs that are submitted with this job definition. After the amount of time you specify passes, AWS Batch terminates your jobs if they aren't finished.", "title": "Timeout" }, @@ -27411,16 +31479,41 @@ ], "type": "object" }, - "AWS::Batch::JobDefinition.AuthorizationConfig": { + "AWS::Batch::JobDefinition.ConsumableResourceProperties": { "additionalProperties": false, "properties": { - "AccessPointId": { + "ConsumableResourceList": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.ConsumableResourceRequirement" + }, + "markdownDescription": "The list of consumable resources required by a job.", + "title": "ConsumableResourceList", + "type": "array" + } + }, + "required": [ + "ConsumableResourceList" + ], + "type": "object" + }, + "AWS::Batch::JobDefinition.ConsumableResourceRequirement": { + "additionalProperties": false, + "properties": { + "ConsumableResource": { + "markdownDescription": "The name or ARN of the consumable resource.", + "title": "ConsumableResource", "type": "string" }, - "Iam": { - "type": "string" + "Quantity": { + "markdownDescription": "The quantity of the consumable resource that is needed.", + "title": "Quantity", + "type": "number" } }, + "required": [ + "ConsumableResource", + "Quantity" + ], "type": "object" }, "AWS::Batch::JobDefinition.ContainerProperties": { @@ -27434,6 +31527,11 @@ "title": "Command", "type": "array" }, + "EnableExecuteCommand": { + "markdownDescription": "Determines whether execute command functionality is turned on for this task. If `true` , execute command functionality is turned on all the containers in the task.", + "title": "EnableExecuteCommand", + "type": "boolean" + }, "Environment": { "items": { "$ref": "#/definitions/AWS::Batch::JobDefinition.Environment" @@ -27462,9 +31560,6 @@ "title": "Image", "type": "string" }, - "InstanceType": { - "type": "string" - }, "JobRoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that the container can assume for AWS permissions. For more information, see [IAM roles for tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-iam-roles.html) in the *Amazon Elastic Container Service Developer Guide* .", "title": "JobRoleArn", @@ -27487,7 +31582,7 @@ }, "MountPoints": { "items": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.MountPoints" + "$ref": "#/definitions/AWS::Batch::JobDefinition.MountPoint" }, "markdownDescription": "The mount points for data volumes in your container. This parameter maps to `Volumes` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--volume` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) .", "title": "MountPoints", @@ -27554,7 +31649,7 @@ }, "Volumes": { "items": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.Volumes" + "$ref": "#/definitions/AWS::Batch::JobDefinition.Volume" }, "markdownDescription": "A list of data volumes used in a job.", "title": "Volumes", @@ -27590,6 +31685,56 @@ }, "type": "object" }, + "AWS::Batch::JobDefinition.EFSAuthorizationConfig": { + "additionalProperties": false, + "properties": { + "AccessPointId": { + "markdownDescription": "The Amazon EFS access point ID to use. If an access point is specified, the root directory value specified in the `EFSVolumeConfiguration` must either be omitted or set to `/` which enforces the path set on the EFS access point. If an access point is used, transit encryption must be enabled in the `EFSVolumeConfiguration` . For more information, see [Working with Amazon EFS access points](https://docs.aws.amazon.com/efs/latest/ug/efs-access-points.html) in the *Amazon Elastic File System User Guide* .", + "title": "AccessPointId", + "type": "string" + }, + "Iam": { + "markdownDescription": "Whether or not to use the AWS Batch job IAM role defined in a job definition when mounting the Amazon EFS file system. If enabled, transit encryption must be enabled in the `EFSVolumeConfiguration` . If this parameter is omitted, the default value of `DISABLED` is used. For more information, see [Using Amazon EFS access points](https://docs.aws.amazon.com/batch/latest/userguide/efs-volumes.html#efs-volume-accesspoints) in the *AWS Batch User Guide* . EFS IAM authorization requires that `TransitEncryption` be `ENABLED` and that a `JobRoleArn` is specified.", + "title": "Iam", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Batch::JobDefinition.EFSVolumeConfiguration": { + "additionalProperties": false, + "properties": { + "AuthorizationConfig": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.EFSAuthorizationConfig", + "markdownDescription": "The authorization configuration details for the Amazon EFS file system.", + "title": "AuthorizationConfig" + }, + "FileSystemId": { + "markdownDescription": "The Amazon EFS file system ID to use.", + "title": "FileSystemId", + "type": "string" + }, + "RootDirectory": { + "markdownDescription": "The directory within the Amazon EFS file system to mount as the root directory inside the host. If this parameter is omitted, the root of the Amazon EFS volume is used instead. Specifying `/` has the same effect as omitting this parameter. The maximum length is 4,096 characters.\n\n> If an EFS access point is specified in the `authorizationConfig` , the root directory parameter must either be omitted or set to `/` , which enforces the path set on the Amazon EFS access point.", + "title": "RootDirectory", + "type": "string" + }, + "TransitEncryption": { + "markdownDescription": "Determines whether to enable encryption for Amazon EFS data in transit between the Amazon ECS host and the Amazon EFS server. Transit encryption must be enabled if Amazon EFS IAM authorization is used. If this parameter is omitted, the default value of `DISABLED` is used. For more information, see [Encrypting data in transit](https://docs.aws.amazon.com/efs/latest/ug/encryption-in-transit.html) in the *Amazon Elastic File System User Guide* .", + "title": "TransitEncryption", + "type": "string" + }, + "TransitEncryptionPort": { + "markdownDescription": "The port to use when sending encrypted data between the Amazon ECS host and the Amazon EFS server. If you don't specify a transit encryption port, it uses the port selection strategy that the Amazon EFS mount helper uses. The value must be between 0 and 65,535. For more information, see [EFS mount helper](https://docs.aws.amazon.com/efs/latest/ug/efs-mount-helper.html) in the *Amazon Elastic File System User Guide* .", + "title": "TransitEncryptionPort", + "type": "number" + } + }, + "required": [ + "FileSystemId" + ], + "type": "object" + }, "AWS::Batch::JobDefinition.EcsProperties": { "additionalProperties": false, "properties": { @@ -27618,6 +31763,11 @@ "title": "Containers", "type": "array" }, + "EnableExecuteCommand": { + "markdownDescription": "Determines whether execute command functionality is turned on for this task. If `true` , execute command functionality is turned on all the containers in the task.", + "title": "EnableExecuteCommand", + "type": "boolean" + }, "EphemeralStorage": { "$ref": "#/definitions/AWS::Batch::JobDefinition.EphemeralStorage", "markdownDescription": "The amount of ephemeral storage to allocate for the task. This parameter is used to expand the total amount of ephemeral storage available, beyond the default amount, for tasks hosted on AWS Fargate .", @@ -27660,7 +31810,7 @@ }, "Volumes": { "items": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.Volumes" + "$ref": "#/definitions/AWS::Batch::JobDefinition.Volume" }, "markdownDescription": "A list of volumes that are associated with the job.", "title": "Volumes", @@ -27669,30 +31819,6 @@ }, "type": "object" }, - "AWS::Batch::JobDefinition.EfsVolumeConfiguration": { - "additionalProperties": false, - "properties": { - "AuthorizationConfig": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.AuthorizationConfig" - }, - "FileSystemId": { - "type": "string" - }, - "RootDirectory": { - "type": "string" - }, - "TransitEncryption": { - "type": "string" - }, - "TransitEncryptionPort": { - "type": "number" - } - }, - "required": [ - "FileSystemId" - ], - "type": "object" - }, "AWS::Batch::JobDefinition.EksContainer": { "additionalProperties": false, "properties": { @@ -27782,12 +31908,24 @@ "additionalProperties": false, "properties": { "Limits": { + "additionalProperties": true, "markdownDescription": "The type and quantity of the resources to reserve for the container. The values vary based on the `name` that's specified. Resources can be requested using either the `limits` or the `requests` objects.\n\n- **memory** - The memory hard limit (in MiB) for the container, using whole integers, with a \"Mi\" suffix. If your container attempts to exceed the memory specified, the container is terminated. You must specify at least 4 MiB of memory for a job. `memory` can be specified in `limits` , `requests` , or both. If `memory` is specified in both places, then the value that's specified in `limits` must be equal to the value that's specified in `requests` .\n\n> To maximize your resource utilization, provide your jobs with as much memory as possible for the specific instance type that you are using. To learn how, see [Memory management](https://docs.aws.amazon.com/batch/latest/userguide/memory-management.html) in the *AWS Batch User Guide* .\n- **cpu** - The number of CPUs that's reserved for the container. Values must be an even multiple of `0.25` . `cpu` can be specified in `limits` , `requests` , or both. If `cpu` is specified in both places, then the value that's specified in `limits` must be at least as large as the value that's specified in `requests` .\n- **nvidia.com/gpu** - The number of GPUs that's reserved for the container. Values must be a whole integer. `memory` can be specified in `limits` , `requests` , or both. If `memory` is specified in both places, then the value that's specified in `limits` must be equal to the value that's specified in `requests` .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, "title": "Limits", "type": "object" }, "Requests": { + "additionalProperties": true, "markdownDescription": "The type and quantity of the resources to request for the container. The values vary based on the `name` that's specified. Resources can be requested by using either the `limits` or the `requests` objects.\n\n- **memory** - The memory hard limit (in MiB) for the container, using whole integers, with a \"Mi\" suffix. If your container attempts to exceed the memory specified, the container is terminated. You must specify at least 4 MiB of memory for a job. `memory` can be specified in `limits` , `requests` , or both. If `memory` is specified in both, then the value that's specified in `limits` must be equal to the value that's specified in `requests` .\n\n> If you're trying to maximize your resource utilization by providing your jobs as much memory as possible for a particular instance type, see [Memory management](https://docs.aws.amazon.com/batch/latest/userguide/memory-management.html) in the *AWS Batch User Guide* .\n- **cpu** - The number of CPUs that are reserved for the container. Values must be an even multiple of `0.25` . `cpu` can be specified in `limits` , `requests` , or both. If `cpu` is specified in both, then the value that's specified in `limits` must be at least as large as the value that's specified in `requests` .\n- **nvidia.com/gpu** - The number of GPUs that are reserved for the container. Values must be a whole integer. `nvidia.com/gpu` can be specified in `limits` , `requests` , or both. If `nvidia.com/gpu` is specified in both, then the value that's specified in `limits` must be equal to the value that's specified in `requests` .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, "title": "Requests", "type": "object" } @@ -27847,6 +31985,11 @@ "markdownDescription": "If this value is `true` , the container has read-only access to the volume. Otherwise, the container can write to the volume. The default value is `false` .", "title": "ReadOnly", "type": "boolean" + }, + "SubPath": { + "markdownDescription": "A sub-path inside the referenced volume instead of its root.", + "title": "SubPath", + "type": "string" } }, "type": "object" @@ -27878,11 +32021,126 @@ }, "type": "object" }, + "AWS::Batch::JobDefinition.EksMetadata": { + "additionalProperties": false, + "properties": { + "Annotations": { + "additionalProperties": true, + "markdownDescription": "Key-value pairs used to attach arbitrary, non-identifying metadata to Kubernetes objects. Valid annotation keys have two segments: an optional prefix and a name, separated by a slash (/).\n\n- The prefix is optional and must be 253 characters or less. If specified, the prefix must be a DNS subdomain\u2212 a series of DNS labels separated by dots (.), and it must end with a slash (/).\n- The name segment is required and must be 63 characters or less. It can include alphanumeric characters ([a-z0-9A-Z]), dashes (-), underscores (_), and dots (.), but must begin and end with an alphanumeric character.\n\n> Annotation values must be 255 characters or less. \n\nAnnotations can be added or modified at any time. Each resource can have multiple annotations.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Annotations", + "type": "object" + }, + "Labels": { + "additionalProperties": true, + "markdownDescription": "Key-value pairs used to identify, sort, and organize cube resources. Can contain up to 63 uppercase letters, lowercase letters, numbers, hyphens (-), and underscores (_). Labels can be added or modified at any time. Each resource can have multiple labels, but each key must be unique for a given object.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Labels", + "type": "object" + }, + "Namespace": { + "markdownDescription": "The namespace of the Amazon EKS cluster. In Kubernetes, namespaces provide a mechanism for isolating groups of resources within a single cluster. Names of resources need to be unique within a namespace, but not across namespaces. AWS Batch places Batch Job pods in this namespace. If this field is provided, the value can't be empty or null. It must meet the following requirements:\n\n- 1-63 characters long\n- Can't be set to default\n- Can't start with `kube`\n- Must match the following regular expression: `^[a-z0-9]([-a-z0-9]*[a-z0-9])?$`\n\nFor more information, see [Namespaces](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/) in the *Kubernetes documentation* . This namespace can be different from the `kubernetesNamespace` set in the compute environment's `EksConfiguration` , but must have identical role-based access control (RBAC) roles as the compute environment's `kubernetesNamespace` . For multi-node parallel jobs, the same value must be provided across all the node ranges.", + "title": "Namespace", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Batch::JobDefinition.EksPersistentVolumeClaim": { + "additionalProperties": false, + "properties": { + "ClaimName": { + "markdownDescription": "The name of the `persistentVolumeClaim` bounded to a `persistentVolume` . For more information, see [Persistent Volume Claims](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/storage/persistent-volumes/#persistentvolumeclaims) in the *Kubernetes documentation* .", + "title": "ClaimName", + "type": "string" + }, + "ReadOnly": { + "markdownDescription": "An optional boolean value indicating if the mount is read only. Default is false. For more information, see [Read Only Mounts](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/storage/volumes/#read-only-mounts) in the *Kubernetes documentation* .", + "title": "ReadOnly", + "type": "boolean" + } + }, + "required": [ + "ClaimName" + ], + "type": "object" + }, + "AWS::Batch::JobDefinition.EksPodProperties": { + "additionalProperties": false, + "properties": { + "Containers": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.EksContainer" + }, + "markdownDescription": "The properties of the container that's used on the Amazon EKS pod.\n\n> This object is limited to 10 elements.", + "title": "Containers", + "type": "array" + }, + "DnsPolicy": { + "markdownDescription": "The DNS policy for the pod. The default value is `ClusterFirst` . If the `hostNetwork` parameter is not specified, the default is `ClusterFirstWithHostNet` . `ClusterFirst` indicates that any DNS query that does not match the configured cluster domain suffix is forwarded to the upstream nameserver inherited from the node. For more information, see [Pod's DNS policy](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-s-dns-policy) in the *Kubernetes documentation* .\n\nValid values: `Default` | `ClusterFirst` | `ClusterFirstWithHostNet`", + "title": "DnsPolicy", + "type": "string" + }, + "HostNetwork": { + "markdownDescription": "Indicates if the pod uses the hosts' network IP address. The default value is `true` . Setting this to `false` enables the Kubernetes pod networking model. Most AWS Batch workloads are egress-only and don't require the overhead of IP allocation for each pod for incoming connections. For more information, see [Host namespaces](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/security/pod-security-policy/#host-namespaces) and [Pod networking](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/workloads/pods/#pod-networking) in the *Kubernetes documentation* .", + "title": "HostNetwork", + "type": "boolean" + }, + "ImagePullSecrets": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.ImagePullSecret" + }, + "markdownDescription": "References a Kubernetes secret resource. It holds a list of secrets. These secrets help to gain access to pull an images from a private registry.\n\n`ImagePullSecret$name` is required when this object is used.", + "title": "ImagePullSecrets", + "type": "array" + }, + "InitContainers": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.EksContainer" + }, + "markdownDescription": "These containers run before application containers, always runs to completion, and must complete successfully before the next container starts. These containers are registered with the Amazon EKS Connector agent and persists the registration information in the Kubernetes backend data store. For more information, see [Init Containers](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/workloads/pods/init-containers/) in the *Kubernetes documentation* .\n\n> This object is limited to 10 elements.", + "title": "InitContainers", + "type": "array" + }, + "Metadata": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.EksMetadata", + "markdownDescription": "Metadata about the Kubernetes pod. For more information, see [Understanding Kubernetes Objects](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/overview/working-with-objects/kubernetes-objects/) in the *Kubernetes documentation* .", + "title": "Metadata" + }, + "ServiceAccountName": { + "markdownDescription": "The name of the service account that's used to run the pod. For more information, see [Kubernetes service accounts](https://docs.aws.amazon.com/eks/latest/userguide/service-accounts.html) and [Configure a Kubernetes service account to assume an IAM role](https://docs.aws.amazon.com/eks/latest/userguide/associate-service-account-role.html) in the *Amazon EKS User Guide* and [Configure service accounts for pods](https://docs.aws.amazon.com/https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/) in the *Kubernetes documentation* .", + "title": "ServiceAccountName", + "type": "string" + }, + "ShareProcessNamespace": { + "markdownDescription": "Indicates if the processes in a container are shared, or visible, to other containers in the same pod. For more information, see [Share Process Namespace between Containers in a Pod](https://docs.aws.amazon.com/https://kubernetes.io/docs/tasks/configure-pod-container/share-process-namespace/) .", + "title": "ShareProcessNamespace", + "type": "boolean" + }, + "Volumes": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.EksVolume" + }, + "markdownDescription": "Specifies the volumes for a job definition that uses Amazon EKS resources.", + "title": "Volumes", + "type": "array" + } + }, + "type": "object" + }, "AWS::Batch::JobDefinition.EksProperties": { "additionalProperties": false, "properties": { "PodProperties": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.PodProperties", + "$ref": "#/definitions/AWS::Batch::JobDefinition.EksPodProperties", "markdownDescription": "The properties for the Kubernetes pod resources of a job.", "title": "PodProperties" } @@ -27926,6 +32184,11 @@ "title": "Name", "type": "string" }, + "PersistentVolumeClaim": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.EksPersistentVolumeClaim", + "markdownDescription": "Specifies the configuration of a Kubernetes `persistentVolumeClaim` bounded to a `persistentVolume` . For more information, see [Persistent Volume Claims](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/storage/persistent-volumes/#persistentvolumeclaims) in the *Kubernetes documentation* .", + "title": "PersistentVolumeClaim" + }, "Secret": { "$ref": "#/definitions/AWS::Batch::JobDefinition.EksSecret", "markdownDescription": "Specifies the configuration of a Kubernetes `secret` volume. For more information, see [secret](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/storage/volumes/#secret) in the *Kubernetes documentation* .", @@ -28007,6 +32270,42 @@ }, "type": "object" }, + "AWS::Batch::JobDefinition.FirelensConfiguration": { + "additionalProperties": false, + "properties": { + "Options": { + "additionalProperties": true, + "markdownDescription": "The options to use when configuring the log router. This field is optional and can be used to specify a custom configuration file or to add additional metadata, such as the task, task definition, cluster, and container instance details to the log event. If specified, the syntax to use is `\"options\":{\"enable-ecs-log-metadata\":\"true|false\",\"config-file-type:\"s3|file\",\"config-file-value\":\"arn:aws:s3:::mybucket/fluent.conf|filepath\"}` . For more information, see [Creating a task definition that uses a FireLens configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html#firelens-taskdef) in the *Amazon Elastic Container Service Developer Guide* .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Options", + "type": "object" + }, + "Type": { + "markdownDescription": "The log router to use. The valid values are `fluentd` or `fluentbit` .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Batch::JobDefinition.Host": { + "additionalProperties": false, + "properties": { + "SourcePath": { + "markdownDescription": "The path on the host container instance that's presented to the container. If this parameter is empty, then the Docker daemon has assigned a host path for you. If this parameter contains a file location, then the data volume persists at the specified location on the host container instance until you delete it manually. If the source path location doesn't exist on the host container instance, the Docker daemon creates it. If the location does exist, the contents of the source path folder are exported.\n\n> This parameter isn't applicable to jobs that run on Fargate resources. Don't provide this for these jobs.", + "title": "SourcePath", + "type": "string" + } + }, + "type": "object" + }, "AWS::Batch::JobDefinition.ImagePullSecret": { "additionalProperties": false, "properties": { @@ -28016,9 +32315,17 @@ "type": "string" } }, - "required": [ - "Name" - ], + "type": "object" + }, + "AWS::Batch::JobDefinition.JobTimeout": { + "additionalProperties": false, + "properties": { + "AttemptDurationSeconds": { + "markdownDescription": "The job timeout time (in seconds) that's measured from the job attempt's `startedAt` timestamp. After this time passes, AWS Batch terminates your jobs if they aren't finished. The minimum value for the timeout is 60 seconds.\n\nFor array jobs, the timeout applies to the child jobs, not to the parent array job.\n\nFor multi-node parallel (MNP) jobs, the timeout applies to the whole job, not to the individual nodes.", + "title": "AttemptDurationSeconds", + "type": "number" + } + }, "type": "object" }, "AWS::Batch::JobDefinition.LinuxParameters": { @@ -28072,7 +32379,13 @@ "type": "string" }, "Options": { + "additionalProperties": true, "markdownDescription": "The configuration options to send to the log driver. This parameter requires version 1.19 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version | grep \"Server API version\"`", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, "title": "Options", "type": "object" }, @@ -28090,26 +32403,227 @@ ], "type": "object" }, - "AWS::Batch::JobDefinition.Metadata": { + "AWS::Batch::JobDefinition.MountPoint": { "additionalProperties": false, "properties": { - "Labels": { - "type": "object" + "ContainerPath": { + "markdownDescription": "The path on the container where the host volume is mounted.", + "title": "ContainerPath", + "type": "string" + }, + "ReadOnly": { + "markdownDescription": "If this value is `true` , the container has read-only access to the volume. Otherwise, the container can write to the volume. The default value is `false` .", + "title": "ReadOnly", + "type": "boolean" + }, + "SourceVolume": { + "markdownDescription": "The name of the volume to mount.", + "title": "SourceVolume", + "type": "string" } }, "type": "object" }, - "AWS::Batch::JobDefinition.MountPoints": { + "AWS::Batch::JobDefinition.MultiNodeContainerProperties": { "additionalProperties": false, "properties": { - "ContainerPath": { + "Command": { + "items": { + "type": "string" + }, + "markdownDescription": "The command that's passed to the container. This parameter maps to `Cmd` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `COMMAND` parameter to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . For more information, see [https://docs.docker.com/engine/reference/builder/#cmd](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/builder/#cmd) .", + "title": "Command", + "type": "array" + }, + "EnableExecuteCommand": { + "markdownDescription": "Determines whether execute command functionality is turned on for this task. If `true` , execute command functionality is turned on all the containers in the task.", + "title": "EnableExecuteCommand", + "type": "boolean" + }, + "Environment": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.Environment" + }, + "markdownDescription": "The environment variables to pass to a container. This parameter maps to `Env` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--env` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) .\n\n> We don't recommend using plaintext environment variables for sensitive information, such as credential data. > Environment variables cannot start with \" `AWS_BATCH` \". This naming convention is reserved for variables that AWS Batch sets.", + "title": "Environment", + "type": "array" + }, + "EphemeralStorage": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.EphemeralStorage", + "markdownDescription": "The amount of ephemeral storage to allocate for the task. This parameter is used to expand the total amount of ephemeral storage available, beyond the default amount, for tasks hosted on AWS Fargate .", + "title": "EphemeralStorage" + }, + "ExecutionRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the execution role that AWS Batch can assume. For jobs that run on Fargate resources, you must provide an execution role. For more information, see [AWS Batch execution IAM role](https://docs.aws.amazon.com/batch/latest/userguide/execution-IAM-role.html) in the *AWS Batch User Guide* .", + "title": "ExecutionRoleArn", "type": "string" }, - "ReadOnly": { + "Image": { + "markdownDescription": "Required. The image used to start a container. This string is passed directly to the Docker daemon. Images in the Docker Hub registry are available by default. Other repositories are specified with `*repository-url* / *image* : *tag*` . It can be 255 characters long. It can contain uppercase and lowercase letters, numbers, hyphens (-), underscores (_), colons (:), periods (.), forward slashes (/), and number signs (#). This parameter maps to `Image` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `IMAGE` parameter of [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) .\n\n> Docker image architecture must match the processor architecture of the compute resources that they're scheduled on. For example, ARM-based Docker images can only run on ARM-based compute resources. \n\n- Images in Amazon ECR Public repositories use the full `registry/repository[:tag]` or `registry/repository[@digest]` naming conventions. For example, `public.ecr.aws/ *registry_alias* / *my-web-app* : *latest*` .\n- Images in Amazon ECR repositories use the full registry and repository URI (for example, `123456789012.dkr.ecr..amazonaws.com/` ).\n- Images in official repositories on Docker Hub use a single name (for example, `ubuntu` or `mongo` ).\n- Images in other repositories on Docker Hub are qualified with an organization name (for example, `amazon/amazon-ecs-agent` ).\n- Images in other online repositories are qualified further by a domain name (for example, `quay.io/assemblyline/ubuntu` ).", + "title": "Image", + "type": "string" + }, + "InstanceType": { + "markdownDescription": "The instance type to use for a multi-node parallel job. All node groups in a multi-node parallel job must use the same instance type.\n\n> This parameter isn't applicable to single-node container jobs or jobs that run on Fargate resources, and shouldn't be provided.", + "title": "InstanceType", + "type": "string" + }, + "JobRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that the container can assume for AWS permissions. For more information, see [IAM roles for tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-iam-roles.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "JobRoleArn", + "type": "string" + }, + "LinuxParameters": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.LinuxParameters", + "markdownDescription": "Linux-specific modifications that are applied to the container, such as details for device mappings.", + "title": "LinuxParameters" + }, + "LogConfiguration": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.LogConfiguration", + "markdownDescription": "The log configuration specification for the container.\n\nThis parameter maps to `LogConfig` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--log-driver` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . By default, containers use the same logging driver that the Docker daemon uses. However the container might use a different logging driver than the Docker daemon by specifying a log driver with this parameter in the container definition. To use a different logging driver for a container, the log system must be configured properly on the container instance (or on a different log server for remote logging options). For more information on the options for different supported log drivers, see [Configure logging drivers](https://docs.aws.amazon.com/https://docs.docker.com/engine/admin/logging/overview/) in the Docker documentation.\n\n> AWS Batch currently supports a subset of the logging drivers available to the Docker daemon (shown in the [LogConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-jobdefinition-containerproperties-logconfiguration.html) data type). \n\nThis parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version | grep \"Server API version\"`\n\n> The Amazon ECS container agent running on a container instance must register the logging drivers available on that instance with the `ECS_AVAILABLE_LOGGING_DRIVERS` environment variable before containers placed on that instance can use these log configuration options. For more information, see [Amazon ECS container agent configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "LogConfiguration" + }, + "Memory": { + "markdownDescription": "This parameter is deprecated, use `resourceRequirements` to specify the memory requirements for the job definition. It's not supported for jobs running on Fargate resources. For jobs that run on Amazon EC2 resources, it specifies the memory hard limit (in MiB) for a container. If your container attempts to exceed the specified number, it's terminated. You must specify at least 4 MiB of memory for a job using this parameter. The memory hard limit can be specified in several places. It must be specified for each node at least once.", + "title": "Memory", + "type": "number" + }, + "MountPoints": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.MountPoint" + }, + "markdownDescription": "The mount points for data volumes in your container.\n\nThis parameter maps to `Volumes` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the [--volume](https://docs.aws.amazon.com/) option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .\n\nWindows containers can mount whole directories on the same drive as `$env:ProgramData` . Windows containers can't mount directories on a different drive, and mount point can't be across drives.", + "title": "MountPoints", + "type": "array" + }, + "Privileged": { + "markdownDescription": "When this parameter is true, the container is given elevated permissions on the host container instance (similar to the `root` user). This parameter maps to `Privileged` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--privileged` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . The default value is false.\n\n> This parameter isn't applicable to jobs that are running on Fargate resources and shouldn't be provided, or specified as false.", + "title": "Privileged", "type": "boolean" }, - "SourceVolume": { + "ReadonlyRootFilesystem": { + "markdownDescription": "When this parameter is true, the container is given read-only access to its root file system. This parameter maps to `ReadonlyRootfs` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--read-only` option to `docker run` .", + "title": "ReadonlyRootFilesystem", + "type": "boolean" + }, + "RepositoryCredentials": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.RepositoryCredentials", + "markdownDescription": "The private repository authentication credentials to use.", + "title": "RepositoryCredentials" + }, + "ResourceRequirements": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.ResourceRequirement" + }, + "markdownDescription": "The type and amount of resources to assign to a container. The supported resources include `GPU` , `MEMORY` , and `VCPU` .", + "title": "ResourceRequirements", + "type": "array" + }, + "RuntimePlatform": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.RuntimePlatform", + "markdownDescription": "An object that represents the compute environment architecture for AWS Batch jobs on Fargate.", + "title": "RuntimePlatform" + }, + "Secrets": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.Secret" + }, + "markdownDescription": "The secrets for the container. For more information, see [Specifying sensitive data](https://docs.aws.amazon.com/batch/latest/userguide/specifying-sensitive-data.html) in the *AWS Batch User Guide* .", + "title": "Secrets", + "type": "array" + }, + "Ulimits": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.Ulimit" + }, + "markdownDescription": "A list of `ulimits` to set in the container. This parameter maps to `Ulimits` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--ulimit` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) .\n\n> This parameter isn't applicable to jobs that are running on Fargate resources and shouldn't be provided.", + "title": "Ulimits", + "type": "array" + }, + "User": { + "markdownDescription": "The user name to use inside the container. This parameter maps to `User` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--user` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) .", + "title": "User", + "type": "string" + }, + "Vcpus": { + "markdownDescription": "This parameter is deprecated, use `resourceRequirements` to specify the vCPU requirements for the job definition. It's not supported for jobs running on Fargate resources. For jobs running on Amazon EC2 resources, it specifies the number of vCPUs reserved for the job.\n\nEach vCPU is equivalent to 1,024 CPU shares. This parameter maps to `CpuShares` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--cpu-shares` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . The number of vCPUs must be specified but can be specified in several places. You must specify it at least once for each node.", + "title": "Vcpus", + "type": "number" + }, + "Volumes": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.Volume" + }, + "markdownDescription": "A list of data volumes used in a job.", + "title": "Volumes", + "type": "array" + } + }, + "required": [ + "Image" + ], + "type": "object" + }, + "AWS::Batch::JobDefinition.MultiNodeEcsProperties": { + "additionalProperties": false, + "properties": { + "TaskProperties": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.MultiNodeEcsTaskProperties" + }, + "markdownDescription": "An object that contains the properties for the Amazon ECS task definition of a job.\n\n> This object is currently limited to one task element. However, the task element can run up to 10 containers.", + "title": "TaskProperties", + "type": "array" + } + }, + "required": [ + "TaskProperties" + ], + "type": "object" + }, + "AWS::Batch::JobDefinition.MultiNodeEcsTaskProperties": { + "additionalProperties": false, + "properties": { + "Containers": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.TaskContainerProperties" + }, + "markdownDescription": "This object is a list of containers.", + "title": "Containers", + "type": "array" + }, + "EnableExecuteCommand": { + "markdownDescription": "Determines whether execute command functionality is turned on for this task. If `true` , execute command functionality is turned on all the containers in the task.", + "title": "EnableExecuteCommand", + "type": "boolean" + }, + "ExecutionRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the execution role that AWS Batch can assume. For jobs that run on Fargate resources, you must provide an execution role. For more information, see [AWS Batch execution IAM role](https://docs.aws.amazon.com/batch/latest/userguide/execution-IAM-role.html) in the *AWS Batch User Guide* .", + "title": "ExecutionRoleArn", + "type": "string" + }, + "IpcMode": { + "markdownDescription": "The IPC resource namespace to use for the containers in the task. The valid values are `host` , `task` , or `none` .\n\nIf `host` is specified, all containers within the tasks that specified the `host` IPC mode on the same container instance share the same IPC resources with the host Amazon EC2 instance.\n\nIf `task` is specified, all containers within the specified `task` share the same IPC resources.\n\nIf `none` is specified, the IPC resources within the containers of a task are private, and are not shared with other containers in a task or on the container instance.\n\nIf no value is specified, then the IPC resource namespace sharing depends on the Docker daemon setting on the container instance. For more information, see [IPC settings](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#ipc-settings---ipc) in the Docker run reference.", + "title": "IpcMode", + "type": "string" + }, + "PidMode": { + "markdownDescription": "The process namespace to use for the containers in the task. The valid values are `host` or `task` . For example, monitoring sidecars might need `pidMode` to access information about other containers running in the same task.\n\nIf `host` is specified, all containers within the tasks that specified the `host` PID mode on the same container instance share the process namespace with the host Amazon EC2 instance.\n\nIf `task` is specified, all containers within the specified task share the same process namespace.\n\nIf no value is specified, the default is a private namespace for each container. For more information, see [PID settings](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#pid-settings---pid) in the Docker run reference.", + "title": "PidMode", "type": "string" + }, + "TaskRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that's associated with the Amazon ECS task.\n\n> This is object is comparable to [ContainerProperties:jobRoleArn](https://docs.aws.amazon.com/batch/latest/APIReference/API_ContainerProperties.html) .", + "title": "TaskRoleArn", + "type": "string" + }, + "Volumes": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.Volume" + }, + "markdownDescription": "A list of volumes that are associated with the job.", + "title": "Volumes", + "type": "array" } }, "type": "object" @@ -28157,16 +32671,26 @@ "AWS::Batch::JobDefinition.NodeRangeProperty": { "additionalProperties": false, "properties": { + "ConsumableResourceProperties": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.ConsumableResourceProperties", + "markdownDescription": "Contains a list of consumable resources required by a job.", + "title": "ConsumableResourceProperties" + }, "Container": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.ContainerProperties", + "$ref": "#/definitions/AWS::Batch::JobDefinition.MultiNodeContainerProperties", "markdownDescription": "The container details for the node range.", "title": "Container" }, "EcsProperties": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.EcsProperties", + "$ref": "#/definitions/AWS::Batch::JobDefinition.MultiNodeEcsProperties", "markdownDescription": "This is an object that represents the properties of the node range for a multi-node parallel job.", "title": "EcsProperties" }, + "EksProperties": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.EksProperties", + "markdownDescription": "This is an object that represents the properties of the node range for a multi-node parallel job.", + "title": "EksProperties" + }, "InstanceTypes": { "items": { "type": "string" @@ -28186,51 +32710,6 @@ ], "type": "object" }, - "AWS::Batch::JobDefinition.PodProperties": { - "additionalProperties": false, - "properties": { - "Containers": { - "items": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.EksContainer" - }, - "type": "array" - }, - "DnsPolicy": { - "type": "string" - }, - "HostNetwork": { - "type": "boolean" - }, - "ImagePullSecrets": { - "items": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.ImagePullSecret" - }, - "type": "array" - }, - "InitContainers": { - "items": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.EksContainer" - }, - "type": "array" - }, - "Metadata": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.Metadata" - }, - "ServiceAccountName": { - "type": "string" - }, - "ShareProcessNamespace": { - "type": "boolean" - }, - "Volumes": { - "items": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.EksVolume" - }, - "type": "array" - } - }, - "type": "object" - }, "AWS::Batch::JobDefinition.RepositoryCredentials": { "additionalProperties": false, "properties": { @@ -28368,6 +32847,11 @@ "title": "Essential", "type": "boolean" }, + "FirelensConfiguration": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.FirelensConfiguration", + "markdownDescription": "The FireLens configuration for the container. This is used to specify and configure a log router for container logs. For more information, see [Custom log](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html) routing in the *Amazon Elastic Container Service Developer Guide* .", + "title": "FirelensConfiguration" + }, "Image": { "markdownDescription": "The image used to start a container. This string is passed directly to the Docker daemon. By default, images in the Docker Hub registry are available. Other repositories are specified with either `repository-url/image:tag` or `repository-url/image@digest` . Up to 255 letters (uppercase and lowercase), numbers, hyphens, underscores, colons, periods, forward slashes, and number signs are allowed. This parameter maps to `Image` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `IMAGE` parameter of the [*docker run*](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .", "title": "Image", @@ -28385,7 +32869,7 @@ }, "MountPoints": { "items": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.MountPoints" + "$ref": "#/definitions/AWS::Batch::JobDefinition.MountPoint" }, "markdownDescription": "The mount points for data volumes in your container.\n\nThis parameter maps to `Volumes` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the [--volume](https://docs.aws.amazon.com/) option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .\n\nWindows containers can mount whole directories on the same drive as `$env:ProgramData` . Windows containers can't mount directories on a different drive, and mount point can't be across drives.", "title": "MountPoints", @@ -28446,15 +32930,6 @@ ], "type": "object" }, - "AWS::Batch::JobDefinition.Timeout": { - "additionalProperties": false, - "properties": { - "AttemptDurationSeconds": { - "type": "number" - } - }, - "type": "object" - }, "AWS::Batch::JobDefinition.Tmpfs": { "additionalProperties": false, "properties": { @@ -28509,25 +32984,22 @@ ], "type": "object" }, - "AWS::Batch::JobDefinition.Volumes": { + "AWS::Batch::JobDefinition.Volume": { "additionalProperties": false, "properties": { "EfsVolumeConfiguration": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.EfsVolumeConfiguration" + "$ref": "#/definitions/AWS::Batch::JobDefinition.EFSVolumeConfiguration", + "markdownDescription": "This parameter is specified when you're using an Amazon Elastic File System file system for job storage. Jobs that are running on Fargate resources must specify a `platformVersion` of at least `1.4.0` .", + "title": "EfsVolumeConfiguration" }, "Host": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.VolumesHost" + "$ref": "#/definitions/AWS::Batch::JobDefinition.Host", + "markdownDescription": "The contents of the `host` parameter determine whether your data volume persists on the host container instance and where it's stored. If the host parameter is empty, then the Docker daemon assigns a host path for your data volume. However, the data isn't guaranteed to persist after the containers that are associated with it stop running.\n\n> This parameter isn't applicable to jobs that are running on Fargate resources and shouldn't be provided.", + "title": "Host" }, "Name": { - "type": "string" - } - }, - "type": "object" - }, - "AWS::Batch::JobDefinition.VolumesHost": { - "additionalProperties": false, - "properties": { - "SourcePath": { + "markdownDescription": "The name of the volume. It can be up to 255 characters long. It can contain uppercase and lowercase letters, numbers, hyphens (-), and underscores (_). This name is referenced in the `sourceVolume` parameter of container definition `mountPoints` .", + "title": "Name", "type": "string" } }, @@ -28857,6 +33329,19 @@ "title": "ActionGroups", "type": "array" }, + "AgentCollaboration": { + "markdownDescription": "The agent's collaboration settings.", + "title": "AgentCollaboration", + "type": "string" + }, + "AgentCollaborators": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Agent.AgentCollaborator" + }, + "markdownDescription": "", + "title": "AgentCollaborators", + "type": "array" + }, "AgentName": { "markdownDescription": "The name of the agent.", "title": "AgentName", @@ -28872,6 +33357,11 @@ "title": "AutoPrepare", "type": "boolean" }, + "CustomOrchestration": { + "$ref": "#/definitions/AWS::Bedrock::Agent.CustomOrchestration", + "markdownDescription": "Contains custom orchestration configurations for the agent.", + "title": "CustomOrchestration" + }, "CustomerEncryptionKeyArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key that encrypts the agent.", "title": "CustomerEncryptionKeyArn", @@ -28887,6 +33377,11 @@ "title": "FoundationModel", "type": "string" }, + "GuardrailConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Agent.GuardrailConfiguration", + "markdownDescription": "Details about the guardrail associated with the agent.", + "title": "GuardrailConfiguration" + }, "IdleSessionTTLInSeconds": { "markdownDescription": "The number of seconds for which Amazon Bedrock keeps information about a user's conversation with the agent.\n\nA user interaction remains active for the amount of time specified. If no conversation occurs during this time, the session expires and Amazon Bedrock deletes any data provided before the timeout.", "title": "IdleSessionTTLInSeconds", @@ -28905,6 +33400,16 @@ "title": "KnowledgeBases", "type": "array" }, + "MemoryConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Agent.MemoryConfiguration", + "markdownDescription": "Contains memory configuration for the agent.", + "title": "MemoryConfiguration" + }, + "OrchestrationType": { + "markdownDescription": "Specifies the orchestration strategy for the agent.", + "title": "OrchestrationType", + "type": "string" + }, "PromptOverrideConfiguration": { "$ref": "#/definitions/AWS::Bedrock::Agent.PromptOverrideConfiguration", "markdownDescription": "Contains configurations to override prompt templates in different parts of an agent sequence. For more information, see [Advanced prompts](https://docs.aws.amazon.com/bedrock/latest/userguide/advanced-prompts.html) .", @@ -28983,15 +33488,17 @@ "AWS::Bedrock::Agent.ActionGroupExecutor": { "additionalProperties": false, "properties": { + "CustomControl": { + "markdownDescription": "To return the action group invocation results directly in the `InvokeInlineAgent` response, specify `RETURN_CONTROL` .", + "title": "CustomControl", + "type": "string" + }, "Lambda": { "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function containing the business logic that is carried out upon invoking the action.", "title": "Lambda", "type": "string" } }, - "required": [ - "Lambda" - ], "type": "object" }, "AWS::Bedrock::Agent.AgentActionGroup": { @@ -29022,6 +33529,11 @@ "title": "Description", "type": "string" }, + "FunctionSchema": { + "$ref": "#/definitions/AWS::Bedrock::Agent.FunctionSchema", + "markdownDescription": "Contains details about the function schema for the action group or the JSON or YAML-formatted payload defining the schema.", + "title": "FunctionSchema" + }, "ParentActionGroupSignature": { "markdownDescription": "If this field is set as `AMAZON.UserInput` , the agent can request the user for additional information when trying to complete a task. The `description` , `apiSchema` , and `actionGroupExecutor` fields must be blank for this action group.\n\nDuring orchestration, if the agent determines that it needs to invoke an API in an action group, but doesn't have enough information to complete the API request, it will invoke this action group instead and return an [Observation](https://docs.aws.amazon.com/bedrock/latest/APIReference/API_agent-runtime_Observation.html) reprompting the user for more information.", "title": "ParentActionGroupSignature", @@ -29038,6 +33550,48 @@ ], "type": "object" }, + "AWS::Bedrock::Agent.AgentCollaborator": { + "additionalProperties": false, + "properties": { + "AgentDescriptor": { + "$ref": "#/definitions/AWS::Bedrock::Agent.AgentDescriptor", + "markdownDescription": "The collaborator's agent descriptor.", + "title": "AgentDescriptor" + }, + "CollaborationInstruction": { + "markdownDescription": "The collaborator's instructions.", + "title": "CollaborationInstruction", + "type": "string" + }, + "CollaboratorName": { + "markdownDescription": "The collaborator's collaborator name.", + "title": "CollaboratorName", + "type": "string" + }, + "RelayConversationHistory": { + "markdownDescription": "The collaborator's relay conversation history.", + "title": "RelayConversationHistory", + "type": "string" + } + }, + "required": [ + "AgentDescriptor", + "CollaborationInstruction", + "CollaboratorName" + ], + "type": "object" + }, + "AWS::Bedrock::Agent.AgentDescriptor": { + "additionalProperties": false, + "properties": { + "AliasArn": { + "markdownDescription": "The agent's alias ARN.", + "title": "AliasArn", + "type": "string" + } + }, + "type": "object" + }, "AWS::Bedrock::Agent.AgentKnowledgeBase": { "additionalProperties": false, "properties": { @@ -29063,6 +33617,85 @@ ], "type": "object" }, + "AWS::Bedrock::Agent.CustomOrchestration": { + "additionalProperties": false, + "properties": { + "Executor": { + "$ref": "#/definitions/AWS::Bedrock::Agent.OrchestrationExecutor", + "markdownDescription": "The structure of the executor invoking the actions in custom orchestration.", + "title": "Executor" + } + }, + "type": "object" + }, + "AWS::Bedrock::Agent.Function": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the function and its purpose.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "A name for the function.", + "title": "Name", + "type": "string" + }, + "Parameters": { + "additionalProperties": false, + "markdownDescription": "The parameters that the agent elicits from the user to fulfill the function.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::Bedrock::Agent.ParameterDetail" + } + }, + "title": "Parameters", + "type": "object" + }, + "RequireConfirmation": { + "markdownDescription": "Contains information if user confirmation is required to invoke the function.", + "title": "RequireConfirmation", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::Bedrock::Agent.FunctionSchema": { + "additionalProperties": false, + "properties": { + "Functions": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Agent.Function" + }, + "markdownDescription": "A list of functions that each define an action in the action group.", + "title": "Functions", + "type": "array" + } + }, + "required": [ + "Functions" + ], + "type": "object" + }, + "AWS::Bedrock::Agent.GuardrailConfiguration": { + "additionalProperties": false, + "properties": { + "GuardrailIdentifier": { + "markdownDescription": "The identifier for the guardrail.", + "title": "GuardrailIdentifier", + "type": "string" + }, + "GuardrailVersion": { + "markdownDescription": "The version of the guardrail.", + "title": "GuardrailVersion", + "type": "string" + } + }, + "type": "object" + }, "AWS::Bedrock::Agent.InferenceConfiguration": { "additionalProperties": false, "properties": { @@ -29097,14 +33730,86 @@ }, "type": "object" }, + "AWS::Bedrock::Agent.MemoryConfiguration": { + "additionalProperties": false, + "properties": { + "EnabledMemoryTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The type of memory that is stored.", + "title": "EnabledMemoryTypes", + "type": "array" + }, + "SessionSummaryConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Agent.SessionSummaryConfiguration", + "markdownDescription": "Contains the configuration for SESSION_SUMMARY memory type enabled for the agent.", + "title": "SessionSummaryConfiguration" + }, + "StorageDays": { + "markdownDescription": "The number of days the agent is configured to retain the conversational context.", + "title": "StorageDays", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Bedrock::Agent.OrchestrationExecutor": { + "additionalProperties": false, + "properties": { + "Lambda": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function containing the business logic that is carried out upon invoking the action.", + "title": "Lambda", + "type": "string" + } + }, + "required": [ + "Lambda" + ], + "type": "object" + }, + "AWS::Bedrock::Agent.ParameterDetail": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the parameter. Helps the foundation model determine how to elicit the parameters from the user.", + "title": "Description", + "type": "string" + }, + "Required": { + "markdownDescription": "Whether the parameter is required for the agent to complete the function for action group invocation.", + "title": "Required", + "type": "boolean" + }, + "Type": { + "markdownDescription": "The data type of the parameter.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, "AWS::Bedrock::Agent.PromptConfiguration": { "additionalProperties": false, "properties": { + "AdditionalModelRequestFields": { + "markdownDescription": "If the Converse or ConverseStream operations support the model, `additionalModelRequestFields` contains additional inference parameters, beyond the base set of inference parameters in the `inferenceConfiguration` field.\n\nFor more information, see [Inference request parameters and response fields for foundation models](https://docs.aws.amazon.com/bedrock/latest/userguide/model-parameters.html) .", + "title": "AdditionalModelRequestFields", + "type": "object" + }, "BasePromptTemplate": { "markdownDescription": "Defines the prompt template with which to replace the default prompt template. You can use placeholder variables in the base prompt template to customize the prompt. For more information, see [Prompt template placeholder variables](https://docs.aws.amazon.com/bedrock/latest/userguide/prompt-placeholders.html) . For more information, see [Configure the prompt templates](https://docs.aws.amazon.com/bedrock/latest/userguide/advanced-prompts-configure.html) .", "title": "BasePromptTemplate", "type": "string" }, + "FoundationModel": { + "markdownDescription": "The agent's foundation model.", + "title": "FoundationModel", + "type": "string" + }, "InferenceConfiguration": { "$ref": "#/definitions/AWS::Bedrock::Agent.InferenceConfiguration", "markdownDescription": "Contains inference parameters to use when the agent invokes a foundation model in the part of the agent sequence defined by the `promptType` . For more information, see [Inference parameters for foundation models](https://docs.aws.amazon.com/bedrock/latest/userguide/model-parameters.html) .", @@ -29171,6 +33876,17 @@ }, "type": "object" }, + "AWS::Bedrock::Agent.SessionSummaryConfiguration": { + "additionalProperties": false, + "properties": { + "MaxRecentSessions": { + "markdownDescription": "Maximum number of recent session summaries to include in the agent's prompt context.", + "title": "MaxRecentSessions", + "type": "number" + } + }, + "type": "object" + }, "AWS::Bedrock::AgentAlias": { "additionalProperties": false, "properties": { @@ -29306,7 +34022,7 @@ ], "type": "object" }, - "AWS::Bedrock::DataSource": { + "AWS::Bedrock::ApplicationInferenceProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -29341,47 +34057,38 @@ "Properties": { "additionalProperties": false, "properties": { - "DataSourceConfiguration": { - "$ref": "#/definitions/AWS::Bedrock::DataSource.DataSourceConfiguration", - "markdownDescription": "The connection configuration for the data source.", - "title": "DataSourceConfiguration" - }, "Description": { - "markdownDescription": "The description of the data source.", + "markdownDescription": "The description of the inference profile.", "title": "Description", "type": "string" }, - "KnowledgeBaseId": { - "markdownDescription": "The unique identifier of the knowledge base to which the data source belongs.", - "title": "KnowledgeBaseId", + "InferenceProfileName": { + "markdownDescription": "The name of the inference profile.", + "title": "InferenceProfileName", "type": "string" }, - "Name": { - "markdownDescription": "The name of the data source.", - "title": "Name", - "type": "string" - }, - "ServerSideEncryptionConfiguration": { - "$ref": "#/definitions/AWS::Bedrock::DataSource.ServerSideEncryptionConfiguration", - "markdownDescription": "Contains details about the configuration of the server-side encryption.", - "title": "ServerSideEncryptionConfiguration" + "ModelSource": { + "$ref": "#/definitions/AWS::Bedrock::ApplicationInferenceProfile.InferenceProfileModelSource", + "markdownDescription": "Contains configurations for the inference profile to copy as the resource.", + "title": "ModelSource" }, - "VectorIngestionConfiguration": { - "$ref": "#/definitions/AWS::Bedrock::DataSource.VectorIngestionConfiguration", - "markdownDescription": "Contains details about how to ingest the documents in the data source.", - "title": "VectorIngestionConfiguration" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags associated with the inference profile.", + "title": "Tags", + "type": "array" } }, "required": [ - "DataSourceConfiguration", - "KnowledgeBaseId", - "Name" + "InferenceProfileName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Bedrock::DataSource" + "AWS::Bedrock::ApplicationInferenceProfile" ], "type": "string" }, @@ -29400,110 +34107,32 @@ ], "type": "object" }, - "AWS::Bedrock::DataSource.ChunkingConfiguration": { - "additionalProperties": false, - "properties": { - "ChunkingStrategy": { - "markdownDescription": "Knowledge base can split your source data into chunks. A *chunk* refers to an excerpt from a data source that is returned when the knowledge base that it belongs to is queried. You have the following options for chunking your data. If you opt for `NONE` , then you may want to pre-process your files by splitting them up such that each file corresponds to a chunk.\n\n- `FIXED_SIZE` \u2013 Amazon Bedrock splits your source data into chunks of the approximate size that you set in the `fixedSizeChunkingConfiguration` .\n- `HIERARCHICAL` \u2013 Split documents into layers of chunks where the first layer contains large chunks, and the second layer contains smaller chunks derived from the first layer.\n- `SEMANTIC` \u2013 Split documents into chunks based on groups of similar content derived with natural language processing.\n- `NONE` \u2013 Amazon Bedrock treats each file as one chunk. If you choose this option, you may want to pre-process your documents by splitting them into separate files.", - "title": "ChunkingStrategy", - "type": "string" - }, - "FixedSizeChunkingConfiguration": { - "$ref": "#/definitions/AWS::Bedrock::DataSource.FixedSizeChunkingConfiguration", - "markdownDescription": "Configurations for when you choose fixed-size chunking. If you set the `chunkingStrategy` as `NONE` , exclude this field.", - "title": "FixedSizeChunkingConfiguration" - } - }, - "required": [ - "ChunkingStrategy" - ], - "type": "object" - }, - "AWS::Bedrock::DataSource.DataSourceConfiguration": { + "AWS::Bedrock::ApplicationInferenceProfile.InferenceProfileModel": { "additionalProperties": false, "properties": { - "S3Configuration": { - "$ref": "#/definitions/AWS::Bedrock::DataSource.S3DataSourceConfiguration", - "markdownDescription": "The configuration information to connect to Amazon S3 as your data source.", - "title": "S3Configuration" - }, - "Type": { - "markdownDescription": "The type of data source.", - "title": "Type", + "ModelArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the model.", + "title": "ModelArn", "type": "string" } }, - "required": [ - "S3Configuration", - "Type" - ], - "type": "object" - }, - "AWS::Bedrock::DataSource.FixedSizeChunkingConfiguration": { - "additionalProperties": false, - "properties": { - "MaxTokens": { - "markdownDescription": "The maximum number of tokens to include in a chunk.", - "title": "MaxTokens", - "type": "number" - }, - "OverlapPercentage": { - "markdownDescription": "The percentage of overlap between adjacent chunks of a data source.", - "title": "OverlapPercentage", - "type": "number" - } - }, - "required": [ - "MaxTokens", - "OverlapPercentage" - ], "type": "object" }, - "AWS::Bedrock::DataSource.S3DataSourceConfiguration": { + "AWS::Bedrock::ApplicationInferenceProfile.InferenceProfileModelSource": { "additionalProperties": false, "properties": { - "BucketArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the S3 bucket that contains your data.", - "title": "BucketArn", + "CopyFrom": { + "markdownDescription": "The ARN of the model or system-defined inference profile that is the source for the inference profile.", + "title": "CopyFrom", "type": "string" - }, - "InclusionPrefixes": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of S3 prefixes to include certain files or content. For more information, see [Organizing objects using prefixes](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-prefixes.html) .", - "title": "InclusionPrefixes", - "type": "array" } }, "required": [ - "BucketArn" + "CopyFrom" ], "type": "object" }, - "AWS::Bedrock::DataSource.ServerSideEncryptionConfiguration": { - "additionalProperties": false, - "properties": { - "KmsKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key used to encrypt the resource.", - "title": "KmsKeyArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Bedrock::DataSource.VectorIngestionConfiguration": { - "additionalProperties": false, - "properties": { - "ChunkingConfiguration": { - "$ref": "#/definitions/AWS::Bedrock::DataSource.ChunkingConfiguration", - "markdownDescription": "Details about how to chunk the documents in the data source. A *chunk* refers to an excerpt from a data source that is returned when the knowledge base that it belongs to is queried.", - "title": "ChunkingConfiguration" - } - }, - "type": "object" - }, - "AWS::Bedrock::Guardrail": { + "AWS::Bedrock::Blueprint": { "additionalProperties": false, "properties": { "Condition": { @@ -29538,70 +34167,56 @@ "Properties": { "additionalProperties": false, "properties": { - "BlockedInputMessaging": { - "markdownDescription": "The message to return when the guardrail blocks a prompt.", - "title": "BlockedInputMessaging", - "type": "string" - }, - "BlockedOutputsMessaging": { - "markdownDescription": "The message to return when the guardrail blocks a model response.", - "title": "BlockedOutputsMessaging", - "type": "string" - }, - "ContentPolicyConfig": { - "$ref": "#/definitions/AWS::Bedrock::Guardrail.ContentPolicyConfig", - "markdownDescription": "The content filter policies to configure for the guardrail.", - "title": "ContentPolicyConfig" - }, - "Description": { - "markdownDescription": "A description of the guardrail.", - "title": "Description", + "BlueprintName": { + "markdownDescription": "The blueprint's name.", + "title": "BlueprintName", "type": "string" }, - "KmsKeyArn": { - "markdownDescription": "The ARN of the AWS KMS key that you use to encrypt the guardrail.", - "title": "KmsKeyArn", - "type": "string" + "KmsEncryptionContext": { + "additionalProperties": true, + "markdownDescription": "Name-value pairs to include as an encryption context.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "KmsEncryptionContext", + "type": "object" }, - "Name": { - "markdownDescription": "The name of the guardrail.", - "title": "Name", + "KmsKeyId": { + "markdownDescription": "The AWS KMS key to use for encryption.", + "title": "KmsKeyId", "type": "string" }, - "SensitiveInformationPolicyConfig": { - "$ref": "#/definitions/AWS::Bedrock::Guardrail.SensitiveInformationPolicyConfig", - "markdownDescription": "The sensitive information policy to configure for the guardrail.", - "title": "SensitiveInformationPolicyConfig" + "Schema": { + "markdownDescription": "The blueprint's schema.", + "title": "Schema", + "type": "object" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags that you want to attach to the guardrail.", + "markdownDescription": "", "title": "Tags", "type": "array" }, - "TopicPolicyConfig": { - "$ref": "#/definitions/AWS::Bedrock::Guardrail.TopicPolicyConfig", - "markdownDescription": "The topic policies to configure for the guardrail.", - "title": "TopicPolicyConfig" - }, - "WordPolicyConfig": { - "$ref": "#/definitions/AWS::Bedrock::Guardrail.WordPolicyConfig", - "markdownDescription": "The word policy you configure for the guardrail.", - "title": "WordPolicyConfig" + "Type": { + "markdownDescription": "The blueprint's type.", + "title": "Type", + "type": "string" } }, "required": [ - "BlockedInputMessaging", - "BlockedOutputsMessaging", - "Name" + "BlueprintName", + "Schema", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::Bedrock::Guardrail" + "AWS::Bedrock::Blueprint" ], "type": "string" }, @@ -29620,561 +34235,703 @@ ], "type": "object" }, - "AWS::Bedrock::Guardrail.ContentFilterConfig": { + "AWS::Bedrock::DataAutomationProject": { "additionalProperties": false, "properties": { - "InputStrength": { - "markdownDescription": "The strength of the content filter to apply to prompts. As you increase the filter strength, the likelihood of filtering harmful content increases and the probability of seeing harmful content in your application reduces.", - "title": "InputStrength", + "Condition": { "type": "string" }, - "OutputStrength": { - "markdownDescription": "The strength of the content filter to apply to model responses. As you increase the filter strength, the likelihood of filtering harmful content increases and the probability of seeing harmful content in your application reduces.", - "title": "OutputStrength", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CustomOutputConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.CustomOutputConfiguration", + "markdownDescription": "Blueprints to apply to objects processed by the project.", + "title": "CustomOutputConfiguration" + }, + "KmsEncryptionContext": { + "additionalProperties": true, + "markdownDescription": "The AWS KMS encryption context to use for encryption.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "KmsEncryptionContext", + "type": "object" + }, + "KmsKeyId": { + "markdownDescription": "The AWS KMS key to use for encryption.", + "title": "KmsKeyId", + "type": "string" + }, + "OverrideConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.OverrideConfiguration", + "markdownDescription": "Additional settings for the project.", + "title": "OverrideConfiguration" + }, + "ProjectDescription": { + "markdownDescription": "The project's description.", + "title": "ProjectDescription", + "type": "string" + }, + "ProjectName": { + "markdownDescription": "The project's name.", + "title": "ProjectName", + "type": "string" + }, + "StandardOutputConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.StandardOutputConfiguration", + "markdownDescription": "The project's standard output configuration.", + "title": "StandardOutputConfiguration" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "ProjectName" + ], + "type": "object" + }, "Type": { - "markdownDescription": "The harmful category that the content filter is applied to.", - "title": "Type", + "enum": [ + "AWS::Bedrock::DataAutomationProject" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "InputStrength", - "OutputStrength", - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Bedrock::Guardrail.ContentPolicyConfig": { + "AWS::Bedrock::DataAutomationProject.AudioExtractionCategory": { "additionalProperties": false, "properties": { - "FiltersConfig": { + "State": { + "markdownDescription": "Whether generating categorical data from audio is enabled.", + "title": "State", + "type": "string" + }, + "Types": { "items": { - "$ref": "#/definitions/AWS::Bedrock::Guardrail.ContentFilterConfig" + "type": "string" }, - "markdownDescription": "Contains the type of the content filter and how strongly it should apply to prompts and model responses.", - "title": "FiltersConfig", + "markdownDescription": "The types of data to generate.", + "title": "Types", "type": "array" } }, "required": [ - "FiltersConfig" + "State" ], "type": "object" }, - "AWS::Bedrock::Guardrail.ManagedWordsConfig": { + "AWS::Bedrock::DataAutomationProject.AudioOverrideConfiguration": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The managed word type to configure for the guardrail.", - "title": "Type", - "type": "string" + "ModalityProcessing": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.ModalityProcessingConfiguration", + "markdownDescription": "Sets modality processing for audio files. All modalities are enabled by default.", + "title": "ModalityProcessing" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataAutomationProject.AudioStandardExtraction": { + "additionalProperties": false, + "properties": { + "Category": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.AudioExtractionCategory", + "markdownDescription": "Settings for generating data from audio.", + "title": "Category" } }, "required": [ - "Type" + "Category" ], "type": "object" }, - "AWS::Bedrock::Guardrail.PiiEntityConfig": { + "AWS::Bedrock::DataAutomationProject.AudioStandardGenerativeField": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "Configure guardrail action when the PII entity is detected.", - "title": "Action", + "State": { + "markdownDescription": "Whether generating descriptions is enabled for audio.", + "title": "State", "type": "string" }, - "Type": { - "markdownDescription": "Configure guardrail type when the PII entity is detected.\n\nThe following PIIs are used to block or mask sensitive information:\n\n- *General*\n\n- *ADDRESS*\n\nA physical address, such as \"100 Main Street, Anytown, USA\" or \"Suite #12, Building 123\". An address can include information such as the street, building, location, city, state, country, county, zip code, precinct, and neighborhood.\n- *AGE*\n\nAn individual's age, including the quantity and unit of time. For example, in the phrase \"I am 40 years old,\" Guardrails recognizes \"40 years\" as an age.\n- *NAME*\n\nAn individual's name. This entity type does not include titles, such as Dr., Mr., Mrs., or Miss. guardrails doesn't apply this entity type to names that are part of organizations or addresses. For example, guardrails recognizes the \"John Doe Organization\" as an organization, and it recognizes \"Jane Doe Street\" as an address.\n- *EMAIL*\n\nAn email address, such as *marymajor@email.com* .\n- *PHONE*\n\nA phone number. This entity type also includes fax and pager numbers.\n- *USERNAME*\n\nA user name that identifies an account, such as a login name, screen name, nick name, or handle.\n- *PASSWORD*\n\nAn alphanumeric string that is used as a password, such as \"* *very20special#pass** \".\n- *DRIVER_ID*\n\nThe number assigned to a driver's license, which is an official document permitting an individual to operate one or more motorized vehicles on a public road. A driver's license number consists of alphanumeric characters.\n- *LICENSE_PLATE*\n\nA license plate for a vehicle is issued by the state or country where the vehicle is registered. The format for passenger vehicles is typically five to eight digits, consisting of upper-case letters and numbers. The format varies depending on the location of the issuing state or country.\n- *VEHICLE_IDENTIFICATION_NUMBER*\n\nA Vehicle Identification Number (VIN) uniquely identifies a vehicle. VIN content and format are defined in the *ISO 3779* specification. Each country has specific codes and formats for VINs.\n- *Finance*\n\n- *CREDIT_DEBIT_CARD_CVV*\n\nA three-digit card verification code (CVV) that is present on VISA, MasterCard, and Discover credit and debit cards. For American Express credit or debit cards, the CVV is a four-digit numeric code.\n- *CREDIT_DEBIT_CARD_EXPIRY*\n\nThe expiration date for a credit or debit card. This number is usually four digits long and is often formatted as *month/year* or *MM/YY* . Guardrails recognizes expiration dates such as *01/21* , *01/2021* , and *Jan 2021* .\n- *CREDIT_DEBIT_CARD_NUMBER*\n\nThe number for a credit or debit card. These numbers can vary from 13 to 16 digits in length. However, Amazon Comprehend also recognizes credit or debit card numbers when only the last four digits are present.\n- *PIN*\n\nA four-digit personal identification number (PIN) with which you can access your bank account.\n- *INTERNATIONAL_BANK_ACCOUNT_NUMBER*\n\nAn International Bank Account Number has specific formats in each country. For more information, see [www.iban.com/structure](https://docs.aws.amazon.com/https://www.iban.com/structure) .\n- *SWIFT_CODE*\n\nA SWIFT code is a standard format of Bank Identifier Code (BIC) used to specify a particular bank or branch. Banks use these codes for money transfers such as international wire transfers.\n\nSWIFT codes consist of eight or 11 characters. The 11-digit codes refer to specific branches, while eight-digit codes (or 11-digit codes ending in 'XXX') refer to the head or primary office.\n- *IT*\n\n- *IP_ADDRESS*\n\nAn IPv4 address, such as *198.51.100.0* .\n- *MAC_ADDRESS*\n\nA *media access control* (MAC) address is a unique identifier assigned to a network interface controller (NIC).\n- *URL*\n\nA web address, such as *www.example.com* .\n- *AWS_ACCESS_KEY*\n\nA unique identifier that's associated with a secret access key; you use the access key ID and secret access key to sign programmatic AWS requests cryptographically.\n- *AWS_SECRET_KEY*\n\nA unique identifier that's associated with an access key. You use the access key ID and secret access key to sign programmatic AWS requests cryptographically.\n- *USA specific*\n\n- *US_BANK_ACCOUNT_NUMBER*\n\nA US bank account number, which is typically 10 to 12 digits long.\n- *US_BANK_ROUTING_NUMBER*\n\nA US bank account routing number. These are typically nine digits long,\n- *US_INDIVIDUAL_TAX_IDENTIFICATION_NUMBER*\n\nA US Individual Taxpayer Identification Number (ITIN) is a nine-digit number that starts with a \"9\" and contain a \"7\" or \"8\" as the fourth digit. An ITIN can be formatted with a space or a dash after the third and forth digits.\n- *US_PASSPORT_NUMBER*\n\nA US passport number. Passport numbers range from six to nine alphanumeric characters.\n- *US_SOCIAL_SECURITY_NUMBER*\n\nA US Social Security Number (SSN) is a nine-digit number that is issued to US citizens, permanent residents, and temporary working residents.\n- *Canada specific*\n\n- *CA_HEALTH_NUMBER*\n\nA Canadian Health Service Number is a 10-digit unique identifier, required for individuals to access healthcare benefits.\n- *CA_SOCIAL_INSURANCE_NUMBER*\n\nA Canadian Social Insurance Number (SIN) is a nine-digit unique identifier, required for individuals to access government programs and benefits.\n\nThe SIN is formatted as three groups of three digits, such as *123-456-789* . A SIN can be validated through a simple check-digit process called the [Luhn algorithm](https://docs.aws.amazon.com/https://www.wikipedia.org/wiki/Luhn_algorithm) .\n- *UK Specific*\n\n- *UK_NATIONAL_HEALTH_SERVICE_NUMBER*\n\nA UK National Health Service Number is a 10-17 digit number, such as *485 777 3456* . The current system formats the 10-digit number with spaces after the third and sixth digits. The final digit is an error-detecting checksum.\n- *UK_NATIONAL_INSURANCE_NUMBER*\n\nA UK National Insurance Number (NINO) provides individuals with access to National Insurance (social security) benefits. It is also used for some purposes in the UK tax system.\n\nThe number is nine digits long and starts with two letters, followed by six numbers and one letter. A NINO can be formatted with a space or a dash after the two letters and after the second, forth, and sixth digits.\n- *UK_UNIQUE_TAXPAYER_REFERENCE_NUMBER*\n\nA UK Unique Taxpayer Reference (UTR) is a 10-digit number that identifies a taxpayer or a business.\n- *Custom*\n\n- *Regex filter* - You can use a regular expressions to define patterns for a guardrail to recognize and act upon such as serial number, booking ID etc..", - "title": "Type", - "type": "string" + "Types": { + "items": { + "type": "string" + }, + "markdownDescription": "The types of description to generate.", + "title": "Types", + "type": "array" } }, "required": [ - "Action", - "Type" + "State" ], "type": "object" }, - "AWS::Bedrock::Guardrail.RegexConfig": { + "AWS::Bedrock::DataAutomationProject.AudioStandardOutputConfiguration": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The guardrail action to configure when matching regular expression is detected.", - "title": "Action", - "type": "string" + "Extraction": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.AudioStandardExtraction", + "markdownDescription": "Settings for populating data fields that describe the audio.", + "title": "Extraction" }, - "Description": { - "markdownDescription": "The description of the regular expression to configure for the guardrail.", - "title": "Description", + "GenerativeField": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.AudioStandardGenerativeField", + "markdownDescription": "Whether to generate descriptions of the data.", + "title": "GenerativeField" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataAutomationProject.BlueprintItem": { + "additionalProperties": false, + "properties": { + "BlueprintArn": { + "markdownDescription": "The blueprint's ARN.", + "title": "BlueprintArn", "type": "string" }, - "Name": { - "markdownDescription": "The name of the regular expression to configure for the guardrail.", - "title": "Name", + "BlueprintStage": { + "markdownDescription": "The blueprint's stage.", + "title": "BlueprintStage", "type": "string" }, - "Pattern": { - "markdownDescription": "The regular expression pattern to configure for the guardrail.", - "title": "Pattern", + "BlueprintVersion": { + "markdownDescription": "The blueprint's version.", + "title": "BlueprintVersion", "type": "string" } }, "required": [ - "Action", - "Name", - "Pattern" + "BlueprintArn" ], "type": "object" }, - "AWS::Bedrock::Guardrail.SensitiveInformationPolicyConfig": { + "AWS::Bedrock::DataAutomationProject.CustomOutputConfiguration": { "additionalProperties": false, "properties": { - "PiiEntitiesConfig": { - "items": { - "$ref": "#/definitions/AWS::Bedrock::Guardrail.PiiEntityConfig" - }, - "markdownDescription": "A list of PII entities to configure to the guardrail.", - "title": "PiiEntitiesConfig", - "type": "array" - }, - "RegexesConfig": { + "Blueprints": { "items": { - "$ref": "#/definitions/AWS::Bedrock::Guardrail.RegexConfig" + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.BlueprintItem" }, - "markdownDescription": "A list of regular expressions to configure to the guardrail.", - "title": "RegexesConfig", + "markdownDescription": "A list of blueprints.", + "title": "Blueprints", "type": "array" } }, "type": "object" }, - "AWS::Bedrock::Guardrail.TopicConfig": { + "AWS::Bedrock::DataAutomationProject.DocumentBoundingBox": { "additionalProperties": false, "properties": { - "Definition": { - "markdownDescription": "A definition of the topic to deny.", - "title": "Definition", - "type": "string" - }, - "Examples": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of prompts, each of which is an example of a prompt that can be categorized as belonging to the topic.", - "title": "Examples", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the topic to deny.", - "title": "Name", - "type": "string" - }, - "Type": { - "markdownDescription": "Specifies to deny the topic.", - "title": "Type", + "State": { + "markdownDescription": "Whether bounding boxes are enabled for documents.", + "title": "State", "type": "string" } }, "required": [ - "Definition", - "Name", - "Type" + "State" ], "type": "object" }, - "AWS::Bedrock::Guardrail.TopicPolicyConfig": { + "AWS::Bedrock::DataAutomationProject.DocumentExtractionGranularity": { "additionalProperties": false, "properties": { - "TopicsConfig": { + "Types": { "items": { - "$ref": "#/definitions/AWS::Bedrock::Guardrail.TopicConfig" + "type": "string" }, - "markdownDescription": "A list of policies related to topics that the guardrail should deny.", - "title": "TopicsConfig", + "markdownDescription": "Granularity settings for documents.", + "title": "Types", "type": "array" } }, - "required": [ - "TopicsConfig" - ], "type": "object" }, - "AWS::Bedrock::Guardrail.WordConfig": { + "AWS::Bedrock::DataAutomationProject.DocumentOutputAdditionalFileFormat": { "additionalProperties": false, "properties": { - "Text": { - "markdownDescription": "Text of the word configured for the guardrail to block.", - "title": "Text", + "State": { + "markdownDescription": "Whether additional file formats are enabled for a project.", + "title": "State", "type": "string" } }, "required": [ - "Text" + "State" ], "type": "object" }, - "AWS::Bedrock::Guardrail.WordPolicyConfig": { + "AWS::Bedrock::DataAutomationProject.DocumentOutputFormat": { "additionalProperties": false, "properties": { - "ManagedWordListsConfig": { - "items": { - "$ref": "#/definitions/AWS::Bedrock::Guardrail.ManagedWordsConfig" - }, - "markdownDescription": "A list of managed words to configure for the guardrail.", - "title": "ManagedWordListsConfig", - "type": "array" + "AdditionalFileFormat": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.DocumentOutputAdditionalFileFormat", + "markdownDescription": "Output settings for additional file formats.", + "title": "AdditionalFileFormat" }, - "WordsConfig": { + "TextFormat": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.DocumentOutputTextFormat", + "markdownDescription": "An output text format.", + "title": "TextFormat" + } + }, + "required": [ + "AdditionalFileFormat", + "TextFormat" + ], + "type": "object" + }, + "AWS::Bedrock::DataAutomationProject.DocumentOutputTextFormat": { + "additionalProperties": false, + "properties": { + "Types": { "items": { - "$ref": "#/definitions/AWS::Bedrock::Guardrail.WordConfig" + "type": "string" }, - "markdownDescription": "A list of words to configure for the guardrail.", - "title": "WordsConfig", + "markdownDescription": "The types of output text to generate.", + "title": "Types", "type": "array" } }, "type": "object" }, - "AWS::Bedrock::KnowledgeBase": { + "AWS::Bedrock::DataAutomationProject.DocumentOverrideConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The description of the knowledge base associated with the inline agent.", - "title": "Description", - "type": "string" - }, - "KnowledgeBaseConfiguration": { - "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.KnowledgeBaseConfiguration", - "markdownDescription": "Contains details about the embeddings configuration of the knowledge base.", - "title": "KnowledgeBaseConfiguration" - }, - "Name": { - "markdownDescription": "The name of the knowledge base.", - "title": "Name", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role with permissions to invoke API operations on the knowledge base.", - "title": "RoleArn", - "type": "string" - }, - "StorageConfiguration": { - "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.StorageConfiguration", - "markdownDescription": "Contains details about the storage configuration of the knowledge base.", - "title": "StorageConfiguration" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Metadata that you can assign to a resource as key-value pairs. For more information, see the following resources:\n\n- [Tag naming limits and requirements](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-conventions)\n- [Tagging best practices](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-best-practices)", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - } - }, - "required": [ - "KnowledgeBaseConfiguration", - "Name", - "RoleArn", - "StorageConfiguration" - ], - "type": "object" + "ModalityProcessing": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.ModalityProcessingConfiguration", + "markdownDescription": "Sets modality processing for document files. All modalities are enabled by default.", + "title": "ModalityProcessing" }, - "Type": { - "enum": [ - "AWS::Bedrock::KnowledgeBase" - ], - "type": "string" + "Splitter": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.SplitterConfiguration", + "markdownDescription": "Whether document splitter is enabled for a project.", + "title": "Splitter" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataAutomationProject.DocumentStandardExtraction": { + "additionalProperties": false, + "properties": { + "BoundingBox": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.DocumentBoundingBox", + "markdownDescription": "Whether to generate bounding boxes.", + "title": "BoundingBox" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Granularity": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.DocumentExtractionGranularity", + "markdownDescription": "Which granularities to generate data for.", + "title": "Granularity" } }, "required": [ - "Type", - "Properties" + "BoundingBox", + "Granularity" ], "type": "object" }, - "AWS::Bedrock::KnowledgeBase.KnowledgeBaseConfiguration": { + "AWS::Bedrock::DataAutomationProject.DocumentStandardGenerativeField": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The type of data that the data source is converted into for the knowledge base.", - "title": "Type", + "State": { + "markdownDescription": "Whether generating descriptions is enabled for documents.", + "title": "State", "type": "string" - }, - "VectorKnowledgeBaseConfiguration": { - "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.VectorKnowledgeBaseConfiguration", - "markdownDescription": "Contains details about the model that's used to convert the data source into vector embeddings.", - "title": "VectorKnowledgeBaseConfiguration" } }, "required": [ - "Type", - "VectorKnowledgeBaseConfiguration" + "State" ], "type": "object" }, - "AWS::Bedrock::KnowledgeBase.OpenSearchServerlessConfiguration": { + "AWS::Bedrock::DataAutomationProject.DocumentStandardOutputConfiguration": { "additionalProperties": false, "properties": { - "CollectionArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the OpenSearch Service vector store.", - "title": "CollectionArn", - "type": "string" + "Extraction": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.DocumentStandardExtraction", + "markdownDescription": "Settings for populating data fields that describe the document.", + "title": "Extraction" }, - "FieldMapping": { - "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.OpenSearchServerlessFieldMapping", - "markdownDescription": "Contains the names of the fields to which to map information about the vector store.", - "title": "FieldMapping" + "GenerativeField": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.DocumentStandardGenerativeField", + "markdownDescription": "Whether to generate descriptions.", + "title": "GenerativeField" }, - "VectorIndexName": { - "markdownDescription": "The name of the vector store.", - "title": "VectorIndexName", + "OutputFormat": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.DocumentOutputFormat", + "markdownDescription": "The output format to generate.", + "title": "OutputFormat" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataAutomationProject.ImageBoundingBox": { + "additionalProperties": false, + "properties": { + "State": { + "markdownDescription": "Bounding box settings for a project.", + "title": "State", "type": "string" } }, "required": [ - "CollectionArn", - "FieldMapping", - "VectorIndexName" + "State" ], "type": "object" }, - "AWS::Bedrock::KnowledgeBase.OpenSearchServerlessFieldMapping": { + "AWS::Bedrock::DataAutomationProject.ImageExtractionCategory": { "additionalProperties": false, "properties": { - "MetadataField": { - "markdownDescription": "The name of the field in which Amazon Bedrock stores metadata about the vector store.", - "title": "MetadataField", - "type": "string" - }, - "TextField": { - "markdownDescription": "The name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose.", - "title": "TextField", + "State": { + "markdownDescription": "Whether generating categorical data from images is enabled.", + "title": "State", "type": "string" }, - "VectorField": { - "markdownDescription": "The name of the field in which Amazon Bedrock stores the vector embeddings for your data sources.", - "title": "VectorField", - "type": "string" + "Types": { + "items": { + "type": "string" + }, + "markdownDescription": "The types of data to generate.", + "title": "Types", + "type": "array" } }, "required": [ - "MetadataField", - "TextField", - "VectorField" + "State" ], "type": "object" }, - "AWS::Bedrock::KnowledgeBase.PineconeConfiguration": { + "AWS::Bedrock::DataAutomationProject.ImageOverrideConfiguration": { "additionalProperties": false, "properties": { - "ConnectionString": { - "markdownDescription": "The endpoint URL for your index management page.", - "title": "ConnectionString", - "type": "string" - }, - "CredentialsSecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the secret that you created in AWS Secrets Manager that is linked to your Pinecone API key.", - "title": "CredentialsSecretArn", - "type": "string" - }, - "FieldMapping": { - "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.PineconeFieldMapping", - "markdownDescription": "Contains the names of the fields to which to map information about the vector store.", - "title": "FieldMapping" + "ModalityProcessing": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.ModalityProcessingConfiguration", + "markdownDescription": "Sets modality processing for image files. All modalities are enabled by default.", + "title": "ModalityProcessing" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataAutomationProject.ImageStandardExtraction": { + "additionalProperties": false, + "properties": { + "BoundingBox": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.ImageBoundingBox", + "markdownDescription": "Settings for generating bounding boxes.", + "title": "BoundingBox" }, - "Namespace": { - "markdownDescription": "The namespace to be used to write new data to your database.", - "title": "Namespace", - "type": "string" + "Category": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.ImageExtractionCategory", + "markdownDescription": "Settings for generating categorical data.", + "title": "Category" } }, "required": [ - "ConnectionString", - "CredentialsSecretArn", - "FieldMapping" + "BoundingBox", + "Category" ], "type": "object" }, - "AWS::Bedrock::KnowledgeBase.PineconeFieldMapping": { + "AWS::Bedrock::DataAutomationProject.ImageStandardGenerativeField": { "additionalProperties": false, "properties": { - "MetadataField": { - "markdownDescription": "The name of the field in which Amazon Bedrock stores metadata about the vector store.", - "title": "MetadataField", + "State": { + "markdownDescription": "Whether generating descriptions is enabled for images.", + "title": "State", "type": "string" }, - "TextField": { - "markdownDescription": "The name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose.", - "title": "TextField", - "type": "string" + "Types": { + "items": { + "type": "string" + }, + "markdownDescription": "Settings for generating descriptions of images.", + "title": "Types", + "type": "array" } }, "required": [ - "MetadataField", - "TextField" + "State" ], "type": "object" }, - "AWS::Bedrock::KnowledgeBase.RdsConfiguration": { + "AWS::Bedrock::DataAutomationProject.ImageStandardOutputConfiguration": { "additionalProperties": false, "properties": { - "CredentialsSecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the secret that you created in AWS Secrets Manager that is linked to your Amazon RDS database.", - "title": "CredentialsSecretArn", - "type": "string" + "Extraction": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.ImageStandardExtraction", + "markdownDescription": "Settings for populating data fields that describe the image.", + "title": "Extraction" }, - "DatabaseName": { - "markdownDescription": "The name of your Amazon RDS database.", - "title": "DatabaseName", + "GenerativeField": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.ImageStandardGenerativeField", + "markdownDescription": "Whether to generate descriptions of the data.", + "title": "GenerativeField" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataAutomationProject.ModalityProcessingConfiguration": { + "additionalProperties": false, + "properties": { + "State": { + "markdownDescription": "Stores the state of the modality for your project, set to either enabled or disabled", + "title": "State", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataAutomationProject.ModalityRoutingConfiguration": { + "additionalProperties": false, + "properties": { + "jpeg": { + "markdownDescription": "Sets whether JPEG files are routed to document or image processing.", + "title": "jpeg", "type": "string" }, - "FieldMapping": { - "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.RdsFieldMapping", - "markdownDescription": "Contains the names of the fields to which to map information about the vector store.", - "title": "FieldMapping" + "mov": { + "markdownDescription": "Sets whether MOV files are routed to audio or video processing.", + "title": "mov", + "type": "string" }, - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the vector store.", - "title": "ResourceArn", + "mp4": { + "markdownDescription": "Sets whether MP4 files are routed to audio or video processing.", + "title": "mp4", "type": "string" }, - "TableName": { - "markdownDescription": "The name of the table in the database.", - "title": "TableName", + "png": { + "markdownDescription": "Sets whether PNG files are routed to document or image processing.", + "title": "png", "type": "string" } }, - "required": [ - "CredentialsSecretArn", - "DatabaseName", - "FieldMapping", - "ResourceArn", - "TableName" - ], "type": "object" }, - "AWS::Bedrock::KnowledgeBase.RdsFieldMapping": { + "AWS::Bedrock::DataAutomationProject.OverrideConfiguration": { "additionalProperties": false, "properties": { - "MetadataField": { - "markdownDescription": "The name of the field in which Amazon Bedrock stores metadata about the vector store.", - "title": "MetadataField", - "type": "string" + "Audio": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.AudioOverrideConfiguration", + "markdownDescription": "This element declares whether your project will process audio files.", + "title": "Audio" }, - "PrimaryKeyField": { - "markdownDescription": "The name of the field in which Amazon Bedrock stores the ID for each entry.", - "title": "PrimaryKeyField", - "type": "string" + "Document": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.DocumentOverrideConfiguration", + "markdownDescription": "Additional settings for a project.", + "title": "Document" }, - "TextField": { - "markdownDescription": "The name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose.", - "title": "TextField", + "Image": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.ImageOverrideConfiguration", + "markdownDescription": "This element declares whether your project will process image files.", + "title": "Image" + }, + "ModalityRouting": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.ModalityRoutingConfiguration", + "markdownDescription": "Lets you set which modalities certain file types are processed as.", + "title": "ModalityRouting" + }, + "Video": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.VideoOverrideConfiguration", + "markdownDescription": "This element declares whether your project will process video files.", + "title": "Video" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataAutomationProject.SplitterConfiguration": { + "additionalProperties": false, + "properties": { + "State": { + "markdownDescription": "Whether document splitter is enabled for a project.", + "title": "State", "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataAutomationProject.StandardOutputConfiguration": { + "additionalProperties": false, + "properties": { + "Audio": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.AudioStandardOutputConfiguration", + "markdownDescription": "Settings for processing audio.", + "title": "Audio" }, - "VectorField": { - "markdownDescription": "The name of the field in which Amazon Bedrock stores the vector embeddings for your data sources.", - "title": "VectorField", + "Document": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.DocumentStandardOutputConfiguration", + "markdownDescription": "Settings for processing documents.", + "title": "Document" + }, + "Image": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.ImageStandardOutputConfiguration", + "markdownDescription": "Settings for processing images.", + "title": "Image" + }, + "Video": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.VideoStandardOutputConfiguration", + "markdownDescription": "Settings for processing video.", + "title": "Video" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataAutomationProject.VideoBoundingBox": { + "additionalProperties": false, + "properties": { + "State": { + "markdownDescription": "Whether bounding boxes are enabled for video.", + "title": "State", "type": "string" } }, "required": [ - "MetadataField", - "PrimaryKeyField", - "TextField", - "VectorField" + "State" ], "type": "object" }, - "AWS::Bedrock::KnowledgeBase.StorageConfiguration": { + "AWS::Bedrock::DataAutomationProject.VideoExtractionCategory": { "additionalProperties": false, "properties": { - "OpensearchServerlessConfiguration": { - "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.OpenSearchServerlessConfiguration", - "markdownDescription": "Contains the storage configuration of the knowledge base in Amazon OpenSearch Service.", - "title": "OpensearchServerlessConfiguration" - }, - "PineconeConfiguration": { - "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.PineconeConfiguration", - "markdownDescription": "Contains the storage configuration of the knowledge base in Pinecone.", - "title": "PineconeConfiguration" + "State": { + "markdownDescription": "Whether generating categorical data from video is enabled.", + "title": "State", + "type": "string" }, - "RdsConfiguration": { - "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.RdsConfiguration", - "markdownDescription": "Contains details about the storage configuration of the knowledge base in Amazon RDS. For more information, see [Create a vector index in Amazon RDS](https://docs.aws.amazon.com/bedrock/latest/userguide/knowledge-base-setup-rds.html) .", - "title": "RdsConfiguration" + "Types": { + "items": { + "type": "string" + }, + "markdownDescription": "The types of data to generate.", + "title": "Types", + "type": "array" + } + }, + "required": [ + "State" + ], + "type": "object" + }, + "AWS::Bedrock::DataAutomationProject.VideoOverrideConfiguration": { + "additionalProperties": false, + "properties": { + "ModalityProcessing": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.ModalityProcessingConfiguration", + "markdownDescription": "Sets modality processing for video files. All modalities are enabled by default.", + "title": "ModalityProcessing" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataAutomationProject.VideoStandardExtraction": { + "additionalProperties": false, + "properties": { + "BoundingBox": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.VideoBoundingBox", + "markdownDescription": "Settings for generating bounding boxes.", + "title": "BoundingBox" }, - "Type": { - "markdownDescription": "The vector store service in which the knowledge base is stored.", - "title": "Type", - "type": "string" + "Category": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.VideoExtractionCategory", + "markdownDescription": "Settings for generating categorical data.", + "title": "Category" } }, "required": [ - "Type" + "BoundingBox", + "Category" ], "type": "object" }, - "AWS::Bedrock::KnowledgeBase.VectorKnowledgeBaseConfiguration": { + "AWS::Bedrock::DataAutomationProject.VideoStandardGenerativeField": { "additionalProperties": false, "properties": { - "EmbeddingModelArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the model used to create vector embeddings for the knowledge base.", - "title": "EmbeddingModelArn", + "State": { + "markdownDescription": "Whether generating descriptions is enabled for video.", + "title": "State", "type": "string" + }, + "Types": { + "items": { + "type": "string" + }, + "markdownDescription": "The types of description to generate.", + "title": "Types", + "type": "array" } }, "required": [ - "EmbeddingModelArn" + "State" ], "type": "object" }, - "AWS::BillingConductor::BillingGroup": { + "AWS::Bedrock::DataAutomationProject.VideoStandardOutputConfiguration": { + "additionalProperties": false, + "properties": { + "Extraction": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.VideoStandardExtraction", + "markdownDescription": "Settings for populating data fields that describe the video.", + "title": "Extraction" + }, + "GenerativeField": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.VideoStandardGenerativeField", + "markdownDescription": "Whether to generate descriptions of the video.", + "title": "GenerativeField" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataSource": { "additionalProperties": false, "properties": { "Condition": { @@ -30209,51 +34966,52 @@ "Properties": { "additionalProperties": false, "properties": { - "AccountGrouping": { - "$ref": "#/definitions/AWS::BillingConductor::BillingGroup.AccountGrouping", - "markdownDescription": "The set of accounts that will be under the billing group. The set of accounts resemble the linked accounts in a consolidated billing family.", - "title": "AccountGrouping" + "DataDeletionPolicy": { + "markdownDescription": "The data deletion policy for the data source.", + "title": "DataDeletionPolicy", + "type": "string" }, - "ComputationPreference": { - "$ref": "#/definitions/AWS::BillingConductor::BillingGroup.ComputationPreference", - "markdownDescription": "The preferences and settings that will be used to compute the AWS charges for a billing group.", - "title": "ComputationPreference" + "DataSourceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.DataSourceConfiguration", + "markdownDescription": "The connection configuration for the data source.", + "title": "DataSourceConfiguration" }, "Description": { - "markdownDescription": "The description of the billing group.", + "markdownDescription": "The description of the data source.", "title": "Description", "type": "string" }, + "KnowledgeBaseId": { + "markdownDescription": "The unique identifier of the knowledge base to which the data source belongs.", + "title": "KnowledgeBaseId", + "type": "string" + }, "Name": { - "markdownDescription": "The billing group's name.", + "markdownDescription": "The name of the data source.", "title": "Name", "type": "string" }, - "PrimaryAccountId": { - "markdownDescription": "The account ID that serves as the main account in a billing group.", - "title": "PrimaryAccountId", - "type": "string" + "ServerSideEncryptionConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.ServerSideEncryptionConfiguration", + "markdownDescription": "Contains details about the configuration of the server-side encryption.", + "title": "ServerSideEncryptionConfiguration" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A map that contains tag keys and tag values that are attached to a billing group.", - "title": "Tags", - "type": "array" + "VectorIngestionConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.VectorIngestionConfiguration", + "markdownDescription": "Contains details about how to ingest the documents in the data source.", + "title": "VectorIngestionConfiguration" } }, "required": [ - "AccountGrouping", - "ComputationPreference", - "Name", - "PrimaryAccountId" + "DataSourceConfiguration", + "KnowledgeBaseId", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::BillingConductor::BillingGroup" + "AWS::Bedrock::DataSource" ], "type": "string" }, @@ -30272,184 +35030,245 @@ ], "type": "object" }, - "AWS::BillingConductor::BillingGroup.AccountGrouping": { + "AWS::Bedrock::DataSource.BedrockDataAutomationConfiguration": { "additionalProperties": false, "properties": { - "AutoAssociate": { - "markdownDescription": "Specifies if this billing group will automatically associate newly added AWS accounts that join your consolidated billing family.", - "title": "AutoAssociate", - "type": "boolean" + "ParsingModality": { + "markdownDescription": "Specifies whether to enable parsing of multimodal data, including both text and/or images.", + "title": "ParsingModality", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataSource.BedrockFoundationModelConfiguration": { + "additionalProperties": false, + "properties": { + "ModelArn": { + "markdownDescription": "The ARN of the foundation model to use for parsing.", + "title": "ModelArn", + "type": "string" }, - "LinkedAccountIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The account IDs that make up the billing group. Account IDs must be a part of the consolidated billing family, and not associated with another billing group.", - "title": "LinkedAccountIds", - "type": "array" + "ParsingModality": { + "markdownDescription": "Specifies whether to enable parsing of multimodal data, including both text and/or images.", + "title": "ParsingModality", + "type": "string" + }, + "ParsingPrompt": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.ParsingPrompt", + "markdownDescription": "Instructions for interpreting the contents of a document.", + "title": "ParsingPrompt" } }, "required": [ - "LinkedAccountIds" + "ModelArn" ], "type": "object" }, - "AWS::BillingConductor::BillingGroup.ComputationPreference": { + "AWS::Bedrock::DataSource.BedrockFoundationModelContextEnrichmentConfiguration": { "additionalProperties": false, "properties": { - "PricingPlanArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the pricing plan used to compute the AWS charges for a billing group.", - "title": "PricingPlanArn", + "EnrichmentStrategyConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.EnrichmentStrategyConfiguration", + "markdownDescription": "The enrichment stategy used to provide additional context. For example, Neptune GraphRAG uses Amazon Bedrock foundation models to perform chunk entity extraction.", + "title": "EnrichmentStrategyConfiguration" + }, + "ModelArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the model used to create vector embeddings for the knowledge base.", + "title": "ModelArn", "type": "string" } }, "required": [ - "PricingPlanArn" + "EnrichmentStrategyConfiguration", + "ModelArn" ], "type": "object" }, - "AWS::BillingConductor::CustomLineItem": { + "AWS::Bedrock::DataSource.ChunkingConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "ChunkingStrategy": { + "markdownDescription": "Knowledge base can split your source data into chunks. A *chunk* refers to an excerpt from a data source that is returned when the knowledge base that it belongs to is queried. You have the following options for chunking your data. If you opt for `NONE` , then you may want to pre-process your files by splitting them up such that each file corresponds to a chunk.\n\n- `FIXED_SIZE` \u2013 Amazon Bedrock splits your source data into chunks of the approximate size that you set in the `fixedSizeChunkingConfiguration` .\n- `HIERARCHICAL` \u2013 Split documents into layers of chunks where the first layer contains large chunks, and the second layer contains smaller chunks derived from the first layer.\n- `SEMANTIC` \u2013 Split documents into chunks based on groups of similar content derived with natural language processing.\n- `NONE` \u2013 Amazon Bedrock treats each file as one chunk. If you choose this option, you may want to pre-process your documents by splitting them into separate files.", + "title": "ChunkingStrategy", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "FixedSizeChunkingConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.FixedSizeChunkingConfiguration", + "markdownDescription": "Configurations for when you choose fixed-size chunking. If you set the `chunkingStrategy` as `NONE` , exclude this field.", + "title": "FixedSizeChunkingConfiguration" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "HierarchicalChunkingConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.HierarchicalChunkingConfiguration", + "markdownDescription": "Settings for hierarchical document chunking for a data source. Hierarchical chunking splits documents into layers of chunks where the first layer contains large chunks, and the second layer contains smaller chunks derived from the first layer.", + "title": "HierarchicalChunkingConfiguration" }, - "Metadata": { - "type": "object" + "SemanticChunkingConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.SemanticChunkingConfiguration", + "markdownDescription": "Settings for semantic document chunking for a data source. Semantic chunking splits a document into into smaller documents based on groups of similar content derived from the text with natural language processing.", + "title": "SemanticChunkingConfiguration" + } + }, + "required": [ + "ChunkingStrategy" + ], + "type": "object" + }, + "AWS::Bedrock::DataSource.ConfluenceCrawlerConfiguration": { + "additionalProperties": false, + "properties": { + "FilterConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.CrawlFilterConfiguration", + "markdownDescription": "The configuration of filtering the Confluence content. For example, configuring regular expression patterns to include or exclude certain content.", + "title": "FilterConfiguration" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataSource.ConfluenceDataSourceConfiguration": { + "additionalProperties": false, + "properties": { + "CrawlerConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.ConfluenceCrawlerConfiguration", + "markdownDescription": "The configuration of the Confluence content. For example, configuring specific types of Confluence content.", + "title": "CrawlerConfiguration" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AccountId": { - "markdownDescription": "The AWS account in which this custom line item will be applied to.", - "title": "AccountId", - "type": "string" - }, - "BillingGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) that references the billing group where the custom line item applies to.", - "title": "BillingGroupArn", - "type": "string" - }, - "BillingPeriodRange": { - "$ref": "#/definitions/AWS::BillingConductor::CustomLineItem.BillingPeriodRange", - "markdownDescription": "A time range for which the custom line item is effective.", - "title": "BillingPeriodRange" - }, - "CustomLineItemChargeDetails": { - "$ref": "#/definitions/AWS::BillingConductor::CustomLineItem.CustomLineItemChargeDetails", - "markdownDescription": "The charge details of a custom line item. It should contain only one of `Flat` or `Percentage` .", - "title": "CustomLineItemChargeDetails" - }, - "Description": { - "markdownDescription": "The custom line item's description. This is shown on the Bills page in association with the charge value.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The custom line item's name.", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A map that contains tag keys and tag values that are attached to a custom line item.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "BillingGroupArn", - "Name" - ], - "type": "object" + "SourceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.ConfluenceSourceConfiguration", + "markdownDescription": "The endpoint information to connect to your Confluence data source.", + "title": "SourceConfiguration" + } + }, + "required": [ + "SourceConfiguration" + ], + "type": "object" + }, + "AWS::Bedrock::DataSource.ConfluenceSourceConfiguration": { + "additionalProperties": false, + "properties": { + "AuthType": { + "markdownDescription": "The supported authentication type to authenticate and connect to your Confluence instance.", + "title": "AuthType", + "type": "string" }, - "Type": { - "enum": [ - "AWS::BillingConductor::CustomLineItem" - ], + "CredentialsSecretArn": { + "markdownDescription": "The Amazon Resource Name of an AWS Secrets Manager secret that stores your authentication credentials for your Confluence instance URL. For more information on the key-value pairs that must be included in your secret, depending on your authentication type, see [Confluence connection configuration](https://docs.aws.amazon.com/bedrock/latest/userguide/confluence-data-source-connector.html#configuration-confluence-connector) .", + "title": "CredentialsSecretArn", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "HostType": { + "markdownDescription": "The supported host type, whether online/cloud or server/on-premises.", + "title": "HostType", + "type": "string" + }, + "HostUrl": { + "markdownDescription": "The Confluence host URL or instance URL.", + "title": "HostUrl", "type": "string" } }, "required": [ - "Type", - "Properties" + "AuthType", + "CredentialsSecretArn", + "HostType", + "HostUrl" ], "type": "object" }, - "AWS::BillingConductor::CustomLineItem.BillingPeriodRange": { + "AWS::Bedrock::DataSource.ContextEnrichmentConfiguration": { "additionalProperties": false, "properties": { - "ExclusiveEndBillingPeriod": { - "markdownDescription": "The exclusive end billing period that defines a billing period range where a custom line is applied.", - "title": "ExclusiveEndBillingPeriod", + "BedrockFoundationModelConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.BedrockFoundationModelContextEnrichmentConfiguration", + "markdownDescription": "The configuration of the Amazon Bedrock foundation model used for context enrichment.", + "title": "BedrockFoundationModelConfiguration" + }, + "Type": { + "markdownDescription": "The method used for context enrichment. It must be Amazon Bedrock foundation models.", + "title": "Type", "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Bedrock::DataSource.CrawlFilterConfiguration": { + "additionalProperties": false, + "properties": { + "PatternObjectFilter": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.PatternObjectFilterConfiguration", + "markdownDescription": "The configuration of filtering certain objects or content types of the data source.", + "title": "PatternObjectFilter" }, - "InclusiveStartBillingPeriod": { - "markdownDescription": "The inclusive start billing period that defines a billing period range where a custom line is applied.", - "title": "InclusiveStartBillingPeriod", + "Type": { + "markdownDescription": "The type of filtering that you want to apply to certain objects or content of the data source. For example, the `PATTERN` type is regular expression patterns you can apply to filter your content.", + "title": "Type", "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::BillingConductor::CustomLineItem.CustomLineItemChargeDetails": { + "AWS::Bedrock::DataSource.CustomTransformationConfiguration": { "additionalProperties": false, "properties": { - "Flat": { - "$ref": "#/definitions/AWS::BillingConductor::CustomLineItem.CustomLineItemFlatChargeDetails", - "markdownDescription": "A `CustomLineItemFlatChargeDetails` that describes the charge details of a flat custom line item.", - "title": "Flat" + "IntermediateStorage": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.IntermediateStorage", + "markdownDescription": "An S3 bucket path for input and output objects.", + "title": "IntermediateStorage" }, - "LineItemFilters": { + "Transformations": { "items": { - "$ref": "#/definitions/AWS::BillingConductor::CustomLineItem.LineItemFilter" + "$ref": "#/definitions/AWS::Bedrock::DataSource.Transformation" }, - "markdownDescription": "A representation of the line item filter.", - "title": "LineItemFilters", + "markdownDescription": "A Lambda function that processes documents.", + "title": "Transformations", "type": "array" + } + }, + "required": [ + "IntermediateStorage", + "Transformations" + ], + "type": "object" + }, + "AWS::Bedrock::DataSource.DataSourceConfiguration": { + "additionalProperties": false, + "properties": { + "ConfluenceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.ConfluenceDataSourceConfiguration", + "markdownDescription": "The configuration information to connect to Confluence as your data source.\n\n> Confluence data source connector is in preview release and is subject to change.", + "title": "ConfluenceConfiguration" }, - "Percentage": { - "$ref": "#/definitions/AWS::BillingConductor::CustomLineItem.CustomLineItemPercentageChargeDetails", - "markdownDescription": "A `CustomLineItemPercentageChargeDetails` that describes the charge details of a percentage custom line item.", - "title": "Percentage" + "S3Configuration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.S3DataSourceConfiguration", + "markdownDescription": "The configuration information to connect to Amazon S3 as your data source.", + "title": "S3Configuration" + }, + "SalesforceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.SalesforceDataSourceConfiguration", + "markdownDescription": "The configuration information to connect to Salesforce as your data source.\n\n> Salesforce data source connector is in preview release and is subject to change.", + "title": "SalesforceConfiguration" + }, + "SharePointConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.SharePointDataSourceConfiguration", + "markdownDescription": "The configuration information to connect to SharePoint as your data source.\n\n> SharePoint data source connector is in preview release and is subject to change.", + "title": "SharePointConfiguration" }, "Type": { - "markdownDescription": "The type of the custom line item that indicates whether the charge is a fee or credit.", + "markdownDescription": "The type of data source.", "title": "Type", "type": "string" + }, + "WebConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.WebDataSourceConfiguration", + "markdownDescription": "The configuration of web URLs to crawl for your data source. You should be authorized to crawl the URLs.\n\n> Crawling web URLs as your data source is in preview release and is subject to change.", + "title": "WebConfiguration" } }, "required": [ @@ -30457,641 +35276,583 @@ ], "type": "object" }, - "AWS::BillingConductor::CustomLineItem.CustomLineItemFlatChargeDetails": { + "AWS::Bedrock::DataSource.EnrichmentStrategyConfiguration": { "additionalProperties": false, "properties": { - "ChargeValue": { - "markdownDescription": "The custom line item's fixed charge value in USD.", - "title": "ChargeValue", + "Method": { + "markdownDescription": "The method used for the context enrichment strategy.", + "title": "Method", + "type": "string" + } + }, + "required": [ + "Method" + ], + "type": "object" + }, + "AWS::Bedrock::DataSource.FixedSizeChunkingConfiguration": { + "additionalProperties": false, + "properties": { + "MaxTokens": { + "markdownDescription": "The maximum number of tokens to include in a chunk.", + "title": "MaxTokens", + "type": "number" + }, + "OverlapPercentage": { + "markdownDescription": "The percentage of overlap between adjacent chunks of a data source.", + "title": "OverlapPercentage", "type": "number" } }, "required": [ - "ChargeValue" + "MaxTokens", + "OverlapPercentage" ], "type": "object" }, - "AWS::BillingConductor::CustomLineItem.CustomLineItemPercentageChargeDetails": { + "AWS::Bedrock::DataSource.HierarchicalChunkingConfiguration": { "additionalProperties": false, "properties": { - "ChildAssociatedResources": { + "LevelConfigurations": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Bedrock::DataSource.HierarchicalChunkingLevelConfiguration" }, - "markdownDescription": "A list of resource ARNs to associate to the percentage custom line item.", - "title": "ChildAssociatedResources", + "markdownDescription": "Token settings for each layer.", + "title": "LevelConfigurations", "type": "array" }, - "PercentageValue": { - "markdownDescription": "The custom line item's percentage value. This will be multiplied against the combined value of its associated resources to determine its charge value.", - "title": "PercentageValue", + "OverlapTokens": { + "markdownDescription": "The number of tokens to repeat across chunks in the same layer.", + "title": "OverlapTokens", "type": "number" } }, "required": [ - "PercentageValue" + "LevelConfigurations", + "OverlapTokens" ], "type": "object" }, - "AWS::BillingConductor::CustomLineItem.LineItemFilter": { + "AWS::Bedrock::DataSource.HierarchicalChunkingLevelConfiguration": { "additionalProperties": false, "properties": { - "Attribute": { - "markdownDescription": "The attribute of the line item filter. This specifies what attribute that you can filter on.", - "title": "Attribute", - "type": "string" + "MaxTokens": { + "markdownDescription": "The maximum number of tokens that a chunk can contain in this layer.", + "title": "MaxTokens", + "type": "number" + } + }, + "required": [ + "MaxTokens" + ], + "type": "object" + }, + "AWS::Bedrock::DataSource.IntermediateStorage": { + "additionalProperties": false, + "properties": { + "S3Location": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.S3Location", + "markdownDescription": "An S3 bucket path.", + "title": "S3Location" + } + }, + "required": [ + "S3Location" + ], + "type": "object" + }, + "AWS::Bedrock::DataSource.ParsingConfiguration": { + "additionalProperties": false, + "properties": { + "BedrockDataAutomationConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.BedrockDataAutomationConfiguration", + "markdownDescription": "If you specify `BEDROCK_DATA_AUTOMATION` as the parsing strategy for ingesting your data source, use this object to modify configurations for using the Amazon Bedrock Data Automation parser.", + "title": "BedrockDataAutomationConfiguration" }, - "MatchOption": { - "markdownDescription": "The match criteria of the line item filter. This parameter specifies whether not to include the resource value from the billing group total cost.", - "title": "MatchOption", - "type": "string" + "BedrockFoundationModelConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.BedrockFoundationModelConfiguration", + "markdownDescription": "If you specify `BEDROCK_FOUNDATION_MODEL` as the parsing strategy for ingesting your data source, use this object to modify configurations for using a foundation model to parse documents.", + "title": "BedrockFoundationModelConfiguration" }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The values of the line item filter. This specifies the values to filter on. Currently, you can only exclude Savings Plan discounts.", - "title": "Values", - "type": "array" + "ParsingStrategy": { + "markdownDescription": "The parsing strategy for the data source.", + "title": "ParsingStrategy", + "type": "string" } }, "required": [ - "Attribute", - "MatchOption", - "Values" + "ParsingStrategy" ], "type": "object" }, - "AWS::BillingConductor::PricingPlan": { + "AWS::Bedrock::DataSource.ParsingPrompt": { "additionalProperties": false, "properties": { - "Condition": { + "ParsingPromptText": { + "markdownDescription": "Instructions for interpreting the contents of a document.", + "title": "ParsingPromptText", "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The pricing plan description.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of a pricing plan.", - "title": "Name", - "type": "string" - }, - "PricingRuleArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The `PricingRuleArns` that are associated with the Pricing Plan.", - "title": "PricingRuleArns", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A map that contains tag keys and tag values that are attached to a pricing plan.", - "title": "Tags", - "type": "array" - } + } + }, + "required": [ + "ParsingPromptText" + ], + "type": "object" + }, + "AWS::Bedrock::DataSource.PatternObjectFilter": { + "additionalProperties": false, + "properties": { + "ExclusionFilters": { + "items": { + "type": "string" }, - "required": [ - "Name" - ], - "type": "object" + "markdownDescription": "A list of one or more exclusion regular expression patterns to exclude certain object types that adhere to the pattern. If you specify an inclusion and exclusion filter/pattern and both match a document, the exclusion filter takes precedence and the document isn\u2019t crawled.", + "title": "ExclusionFilters", + "type": "array" }, - "Type": { - "enum": [ - "AWS::BillingConductor::PricingPlan" - ], - "type": "string" + "InclusionFilters": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of one or more inclusion regular expression patterns to include certain object types that adhere to the pattern. If you specify an inclusion and exclusion filter/pattern and both match a document, the exclusion filter takes precedence and the document isn\u2019t crawled.", + "title": "InclusionFilters", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ObjectType": { + "markdownDescription": "The supported object type or content type of the data source.", + "title": "ObjectType", "type": "string" } }, "required": [ - "Type", - "Properties" + "ObjectType" ], "type": "object" }, - "AWS::BillingConductor::PricingRule": { + "AWS::Bedrock::DataSource.PatternObjectFilterConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "Filters": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.PatternObjectFilter" + }, + "markdownDescription": "The configuration of specific filters applied to your data source content. You can filter out or include certain content.", + "title": "Filters", + "type": "array" + } + }, + "required": [ + "Filters" + ], + "type": "object" + }, + "AWS::Bedrock::DataSource.S3DataSourceConfiguration": { + "additionalProperties": false, + "properties": { + "BucketArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the S3 bucket that contains your data.", + "title": "BucketArn", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "BucketOwnerAccountId": { + "markdownDescription": "The account ID for the owner of the S3 bucket.", + "title": "BucketOwnerAccountId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "BillingEntity": { - "markdownDescription": "The seller of services provided by AWS , their affiliates, or third-party providers selling services via AWS Marketplace .", - "title": "BillingEntity", - "type": "string" - }, - "Description": { - "markdownDescription": "The pricing rule description.", - "title": "Description", - "type": "string" - }, - "ModifierPercentage": { - "markdownDescription": "A percentage modifier applied on the public pricing rates.", - "title": "ModifierPercentage", - "type": "number" - }, - "Name": { - "markdownDescription": "The name of a pricing rule.", - "title": "Name", - "type": "string" - }, - "Operation": { - "markdownDescription": "Operation is the specific AWS action covered by this line item. This describes the specific usage of the line item.\n\nIf the `Scope` attribute is set to `SKU` , this attribute indicates which operation the `PricingRule` is modifying. For example, a value of `RunInstances:0202` indicates the operation of running an Amazon EC2 instance.", - "title": "Operation", - "type": "string" - }, - "Scope": { - "markdownDescription": "The scope of pricing rule that indicates if it's globally applicable or service-specific.", - "title": "Scope", - "type": "string" - }, - "Service": { - "markdownDescription": "If the `Scope` attribute is `SERVICE` , this attribute indicates which service the `PricingRule` is applicable for.", - "title": "Service", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A map that contains tag keys and tag values that are attached to a pricing rule.", - "title": "Tags", - "type": "array" - }, - "Tiering": { - "$ref": "#/definitions/AWS::BillingConductor::PricingRule.Tiering", - "markdownDescription": "The set of tiering configurations for the pricing rule.", - "title": "Tiering" - }, - "Type": { - "markdownDescription": "The type of pricing rule.", - "title": "Type", - "type": "string" - }, - "UsageType": { - "markdownDescription": "Usage Type is the unit that each service uses to measure the usage of a specific type of resource.", - "title": "UsageType", - "type": "string" - } + "InclusionPrefixes": { + "items": { + "type": "string" }, - "required": [ - "Name", - "Scope", - "Type" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::BillingConductor::PricingRule" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "markdownDescription": "A list of S3 prefixes to include certain files or content. This field is an array with a maximum of one item, which can contain a string that has a maximum length of 300 characters. For more information, see [Organizing objects using prefixes](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-prefixes.html) .", + "title": "InclusionPrefixes", + "type": "array" } }, "required": [ - "Type", - "Properties" + "BucketArn" ], "type": "object" }, - "AWS::BillingConductor::PricingRule.FreeTier": { + "AWS::Bedrock::DataSource.S3Location": { "additionalProperties": false, "properties": { - "Activated": { - "markdownDescription": "Activate or deactivate AWS Free Tier.", - "title": "Activated", - "type": "boolean" + "URI": { + "markdownDescription": "An object URI starting with `s3://` .", + "title": "URI", + "type": "string" } }, "required": [ - "Activated" + "URI" ], "type": "object" }, - "AWS::BillingConductor::PricingRule.Tiering": { + "AWS::Bedrock::DataSource.SalesforceCrawlerConfiguration": { "additionalProperties": false, "properties": { - "FreeTier": { - "$ref": "#/definitions/AWS::BillingConductor::PricingRule.FreeTier", - "markdownDescription": "The possible AWS Free Tier configurations.", - "title": "FreeTier" + "FilterConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.CrawlFilterConfiguration", + "markdownDescription": "The configuration of filtering the Salesforce content. For example, configuring regular expression patterns to include or exclude certain content.", + "title": "FilterConfiguration" } }, "type": "object" }, - "AWS::Budgets::Budget": { + "AWS::Bedrock::DataSource.SalesforceDataSourceConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "CrawlerConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.SalesforceCrawlerConfiguration", + "markdownDescription": "The configuration of the Salesforce content. For example, configuring specific types of Salesforce content.", + "title": "CrawlerConfiguration" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SourceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.SalesforceSourceConfiguration", + "markdownDescription": "The endpoint information to connect to your Salesforce data source.", + "title": "SourceConfiguration" + } + }, + "required": [ + "SourceConfiguration" + ], + "type": "object" + }, + "AWS::Bedrock::DataSource.SalesforceSourceConfiguration": { + "additionalProperties": false, + "properties": { + "AuthType": { + "markdownDescription": "The supported authentication type to authenticate and connect to your Salesforce instance.", + "title": "AuthType", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Budget": { - "$ref": "#/definitions/AWS::Budgets::Budget.BudgetData", - "markdownDescription": "The budget object that you want to create.", - "title": "Budget" - }, - "NotificationsWithSubscribers": { - "items": { - "$ref": "#/definitions/AWS::Budgets::Budget.NotificationWithSubscribers" - }, - "markdownDescription": "A notification that you want to associate with a budget. A budget can have up to five notifications, and each notification can have one SNS subscriber and up to 10 email subscribers. If you include notifications and subscribers in your `CreateBudget` call, AWS creates the notifications and subscribers for you.", - "title": "NotificationsWithSubscribers", - "type": "array" - } - }, - "required": [ - "Budget" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Budgets::Budget" - ], + "CredentialsSecretArn": { + "markdownDescription": "The Amazon Resource Name of an AWS Secrets Manager secret that stores your authentication credentials for your Salesforce instance URL. For more information on the key-value pairs that must be included in your secret, depending on your authentication type, see [Salesforce connection configuration](https://docs.aws.amazon.com/bedrock/latest/userguide/salesforce-data-source-connector.html#configuration-salesforce-connector) .", + "title": "CredentialsSecretArn", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "HostUrl": { + "markdownDescription": "The Salesforce host URL or instance URL.", + "title": "HostUrl", "type": "string" } }, "required": [ - "Type", - "Properties" + "AuthType", + "CredentialsSecretArn", + "HostUrl" ], "type": "object" }, - "AWS::Budgets::Budget.AutoAdjustData": { + "AWS::Bedrock::DataSource.SeedUrl": { "additionalProperties": false, "properties": { - "AutoAdjustType": { - "markdownDescription": "The string that defines whether your budget auto-adjusts based on historical or forecasted data.", - "title": "AutoAdjustType", + "Url": { + "markdownDescription": "A seed or starting point URL.", + "title": "Url", "type": "string" - }, - "HistoricalOptions": { - "$ref": "#/definitions/AWS::Budgets::Budget.HistoricalOptions", - "markdownDescription": "The parameters that define or describe the historical data that your auto-adjusting budget is based on.", - "title": "HistoricalOptions" } }, "required": [ - "AutoAdjustType" + "Url" ], "type": "object" }, - "AWS::Budgets::Budget.BudgetData": { + "AWS::Bedrock::DataSource.SemanticChunkingConfiguration": { "additionalProperties": false, "properties": { - "AutoAdjustData": { - "$ref": "#/definitions/AWS::Budgets::Budget.AutoAdjustData", - "markdownDescription": "Determine the budget amount for an auto-adjusting budget.", - "title": "AutoAdjustData" + "BreakpointPercentileThreshold": { + "markdownDescription": "The dissimilarity threshold for splitting chunks.", + "title": "BreakpointPercentileThreshold", + "type": "number" }, - "BudgetLimit": { - "$ref": "#/definitions/AWS::Budgets::Budget.Spend", - "markdownDescription": "The total amount of cost, usage, RI utilization, RI coverage, Savings Plans utilization, or Savings Plans coverage that you want to track with your budget.\n\n`BudgetLimit` is required for cost or usage budgets, but optional for RI or Savings Plans utilization or coverage budgets. RI and Savings Plans utilization or coverage budgets default to `100` . This is the only valid value for RI or Savings Plans utilization or coverage budgets. You can't use `BudgetLimit` with `PlannedBudgetLimits` for `CreateBudget` and `UpdateBudget` actions.", - "title": "BudgetLimit" + "BufferSize": { + "markdownDescription": "The buffer size.", + "title": "BufferSize", + "type": "number" }, - "BudgetName": { - "markdownDescription": "The name of a budget. The value must be unique within an account. `BudgetName` can't include `:` and `\\` characters. If you don't include value for `BudgetName` in the template, Billing and Cost Management assigns your budget a randomly generated name.", - "title": "BudgetName", + "MaxTokens": { + "markdownDescription": "The maximum number of tokens that a chunk can contain.", + "title": "MaxTokens", + "type": "number" + } + }, + "required": [ + "BreakpointPercentileThreshold", + "BufferSize", + "MaxTokens" + ], + "type": "object" + }, + "AWS::Bedrock::DataSource.ServerSideEncryptionConfiguration": { + "additionalProperties": false, + "properties": { + "KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key used to encrypt the resource.", + "title": "KmsKeyArn", "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataSource.SharePointCrawlerConfiguration": { + "additionalProperties": false, + "properties": { + "FilterConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.CrawlFilterConfiguration", + "markdownDescription": "The configuration of filtering the SharePoint content. For example, configuring regular expression patterns to include or exclude certain content.", + "title": "FilterConfiguration" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataSource.SharePointDataSourceConfiguration": { + "additionalProperties": false, + "properties": { + "CrawlerConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.SharePointCrawlerConfiguration", + "markdownDescription": "The configuration of the SharePoint content. For example, configuring specific types of SharePoint content.", + "title": "CrawlerConfiguration" }, - "BudgetType": { - "markdownDescription": "Specifies whether this budget tracks costs, usage, RI utilization, RI coverage, Savings Plans utilization, or Savings Plans coverage.", - "title": "BudgetType", + "SourceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.SharePointSourceConfiguration", + "markdownDescription": "The endpoint information to connect to your SharePoint data source.", + "title": "SourceConfiguration" + } + }, + "required": [ + "SourceConfiguration" + ], + "type": "object" + }, + "AWS::Bedrock::DataSource.SharePointSourceConfiguration": { + "additionalProperties": false, + "properties": { + "AuthType": { + "markdownDescription": "The supported authentication type to authenticate and connect to your SharePoint site/sites.", + "title": "AuthType", "type": "string" }, - "CostFilters": { - "markdownDescription": "The cost filters, such as `Region` , `Service` , `LinkedAccount` , `Tag` , or `CostCategory` , that are applied to a budget.\n\nAWS Budgets supports the following services as a `Service` filter for RI budgets:\n\n- Amazon EC2\n- Amazon Redshift\n- Amazon Relational Database Service\n- Amazon ElastiCache\n- Amazon OpenSearch Service", - "title": "CostFilters", - "type": "object" + "CredentialsSecretArn": { + "markdownDescription": "The Amazon Resource Name of an AWS Secrets Manager secret that stores your authentication credentials for your SharePoint site/sites. For more information on the key-value pairs that must be included in your secret, depending on your authentication type, see [SharePoint connection configuration](https://docs.aws.amazon.com/bedrock/latest/userguide/sharepoint-data-source-connector.html#configuration-sharepoint-connector) .", + "title": "CredentialsSecretArn", + "type": "string" }, - "CostTypes": { - "$ref": "#/definitions/AWS::Budgets::Budget.CostTypes", - "markdownDescription": "The types of costs that are included in this `COST` budget.\n\n`USAGE` , `RI_UTILIZATION` , `RI_COVERAGE` , `SAVINGS_PLANS_UTILIZATION` , and `SAVINGS_PLANS_COVERAGE` budgets do not have `CostTypes` .", - "title": "CostTypes" + "Domain": { + "markdownDescription": "The domain of your SharePoint instance or site URL/URLs.", + "title": "Domain", + "type": "string" }, - "PlannedBudgetLimits": { - "markdownDescription": "A map containing multiple `BudgetLimit` , including current or future limits.\n\n`PlannedBudgetLimits` is available for cost or usage budget and supports both monthly and quarterly `TimeUnit` .\n\nFor monthly budgets, provide 12 months of `PlannedBudgetLimits` values. This must start from the current month and include the next 11 months. The `key` is the start of the month, `UTC` in epoch seconds.\n\nFor quarterly budgets, provide four quarters of `PlannedBudgetLimits` value entries in standard calendar quarter increments. This must start from the current quarter and include the next three quarters. The `key` is the start of the quarter, `UTC` in epoch seconds.\n\nIf the planned budget expires before 12 months for monthly or four quarters for quarterly, provide the `PlannedBudgetLimits` values only for the remaining periods.\n\nIf the budget begins at a date in the future, provide `PlannedBudgetLimits` values from the start date of the budget.\n\nAfter all of the `BudgetLimit` values in `PlannedBudgetLimits` are used, the budget continues to use the last limit as the `BudgetLimit` . At that point, the planned budget provides the same experience as a fixed budget.\n\n`DescribeBudget` and `DescribeBudgets` response along with `PlannedBudgetLimits` also contain `BudgetLimit` representing the current month or quarter limit present in `PlannedBudgetLimits` . This only applies to budgets that are created with `PlannedBudgetLimits` . Budgets that are created without `PlannedBudgetLimits` only contain `BudgetLimit` . They don't contain `PlannedBudgetLimits` .", - "title": "PlannedBudgetLimits", - "type": "object" + "HostType": { + "markdownDescription": "The supported host type, whether online/cloud or server/on-premises.", + "title": "HostType", + "type": "string" }, - "TimePeriod": { - "$ref": "#/definitions/AWS::Budgets::Budget.TimePeriod", - "markdownDescription": "The period of time that is covered by a budget. The period has a start date and an end date. The start date must come before the end date. There are no restrictions on the end date.\n\nThe start date for a budget. If you created your budget and didn't specify a start date, the start date defaults to the start of the chosen time period (MONTHLY, QUARTERLY, or ANNUALLY). For example, if you create your budget on January 24, 2019, choose `MONTHLY` , and don't set a start date, the start date defaults to `01/01/19 00:00 UTC` . The defaults are the same for the Billing and Cost Management console and the API.\n\nYou can change your start date with the `UpdateBudget` operation.\n\nAfter the end date, AWS deletes the budget and all associated notifications and subscribers.", - "title": "TimePeriod" + "SiteUrls": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of one or more SharePoint site URLs.", + "title": "SiteUrls", + "type": "array" }, - "TimeUnit": { - "markdownDescription": "The length of time until a budget resets the actual and forecasted spend. `DAILY` is available only for `RI_UTILIZATION` and `RI_COVERAGE` budgets.", - "title": "TimeUnit", + "TenantId": { + "markdownDescription": "The identifier of your Microsoft 365 tenant.", + "title": "TenantId", "type": "string" } }, "required": [ - "BudgetType", - "TimeUnit" + "AuthType", + "CredentialsSecretArn", + "Domain", + "HostType", + "SiteUrls" ], "type": "object" }, - "AWS::Budgets::Budget.CostTypes": { + "AWS::Bedrock::DataSource.Transformation": { "additionalProperties": false, "properties": { - "IncludeCredit": { - "markdownDescription": "Specifies whether a budget includes credits.\n\nThe default value is `true` .", - "title": "IncludeCredit", - "type": "boolean" - }, - "IncludeDiscount": { - "markdownDescription": "Specifies whether a budget includes discounts.\n\nThe default value is `true` .", - "title": "IncludeDiscount", - "type": "boolean" - }, - "IncludeOtherSubscription": { - "markdownDescription": "Specifies whether a budget includes non-RI subscription costs.\n\nThe default value is `true` .", - "title": "IncludeOtherSubscription", - "type": "boolean" - }, - "IncludeRecurring": { - "markdownDescription": "Specifies whether a budget includes recurring fees such as monthly RI fees.\n\nThe default value is `true` .", - "title": "IncludeRecurring", - "type": "boolean" - }, - "IncludeRefund": { - "markdownDescription": "Specifies whether a budget includes refunds.\n\nThe default value is `true` .", - "title": "IncludeRefund", - "type": "boolean" - }, - "IncludeSubscription": { - "markdownDescription": "Specifies whether a budget includes subscriptions.\n\nThe default value is `true` .", - "title": "IncludeSubscription", - "type": "boolean" - }, - "IncludeSupport": { - "markdownDescription": "Specifies whether a budget includes support subscription fees.\n\nThe default value is `true` .", - "title": "IncludeSupport", - "type": "boolean" - }, - "IncludeTax": { - "markdownDescription": "Specifies whether a budget includes taxes.\n\nThe default value is `true` .", - "title": "IncludeTax", - "type": "boolean" - }, - "IncludeUpfront": { - "markdownDescription": "Specifies whether a budget includes upfront RI costs.\n\nThe default value is `true` .", - "title": "IncludeUpfront", - "type": "boolean" - }, - "UseAmortized": { - "markdownDescription": "Specifies whether a budget uses the amortized rate.\n\nThe default value is `false` .", - "title": "UseAmortized", - "type": "boolean" + "StepToApply": { + "markdownDescription": "When the service applies the transformation.", + "title": "StepToApply", + "type": "string" }, - "UseBlended": { - "markdownDescription": "Specifies whether a budget uses a blended rate.\n\nThe default value is `false` .", - "title": "UseBlended", - "type": "boolean" + "TransformationFunction": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.TransformationFunction", + "markdownDescription": "A Lambda function that processes documents.", + "title": "TransformationFunction" } }, + "required": [ + "StepToApply", + "TransformationFunction" + ], "type": "object" }, - "AWS::Budgets::Budget.HistoricalOptions": { + "AWS::Bedrock::DataSource.TransformationFunction": { "additionalProperties": false, "properties": { - "BudgetAdjustmentPeriod": { - "markdownDescription": "The number of budget periods included in the moving-average calculation that determines your auto-adjusted budget amount. The maximum value depends on the `TimeUnit` granularity of the budget:\n\n- For the `DAILY` granularity, the maximum value is `60` .\n- For the `MONTHLY` granularity, the maximum value is `12` .\n- For the `QUARTERLY` granularity, the maximum value is `4` .\n- For the `ANNUALLY` granularity, the maximum value is `1` .", - "title": "BudgetAdjustmentPeriod", - "type": "number" + "TransformationLambdaConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.TransformationLambdaConfiguration", + "markdownDescription": "The Lambda function.", + "title": "TransformationLambdaConfiguration" } }, "required": [ - "BudgetAdjustmentPeriod" + "TransformationLambdaConfiguration" ], "type": "object" }, - "AWS::Budgets::Budget.Notification": { + "AWS::Bedrock::DataSource.TransformationLambdaConfiguration": { "additionalProperties": false, "properties": { - "ComparisonOperator": { - "markdownDescription": "The comparison that's used for this notification.", - "title": "ComparisonOperator", - "type": "string" - }, - "NotificationType": { - "markdownDescription": "Specifies whether the notification is for how much you have spent ( `ACTUAL` ) or for how much that you're forecasted to spend ( `FORECASTED` ).", - "title": "NotificationType", - "type": "string" - }, - "Threshold": { - "markdownDescription": "The threshold that's associated with a notification. Thresholds are always a percentage, and many customers find value being alerted between 50% - 200% of the budgeted amount. The maximum limit for your threshold is 1,000,000% above the budgeted amount.", - "title": "Threshold", - "type": "number" - }, - "ThresholdType": { - "markdownDescription": "The type of threshold for a notification. For `ABSOLUTE_VALUE` thresholds, AWS notifies you when you go over or are forecasted to go over your total cost threshold. For `PERCENTAGE` thresholds, AWS notifies you when you go over or are forecasted to go over a certain percentage of your forecasted spend. For example, if you have a budget for 200 dollars and you have a `PERCENTAGE` threshold of 80%, AWS notifies you when you go over 160 dollars.", - "title": "ThresholdType", + "LambdaArn": { + "markdownDescription": "The function's ARN identifier.", + "title": "LambdaArn", "type": "string" } }, "required": [ - "ComparisonOperator", - "NotificationType", - "Threshold" + "LambdaArn" ], "type": "object" }, - "AWS::Budgets::Budget.NotificationWithSubscribers": { + "AWS::Bedrock::DataSource.UrlConfiguration": { "additionalProperties": false, "properties": { - "Notification": { - "$ref": "#/definitions/AWS::Budgets::Budget.Notification", - "markdownDescription": "The notification that's associated with a budget.", - "title": "Notification" - }, - "Subscribers": { + "SeedUrls": { "items": { - "$ref": "#/definitions/AWS::Budgets::Budget.Subscriber" + "$ref": "#/definitions/AWS::Bedrock::DataSource.SeedUrl" }, - "markdownDescription": "A list of subscribers who are subscribed to this notification.", - "title": "Subscribers", + "markdownDescription": "One or more seed or starting point URLs.", + "title": "SeedUrls", "type": "array" } }, "required": [ - "Notification", - "Subscribers" + "SeedUrls" ], "type": "object" }, - "AWS::Budgets::Budget.Spend": { + "AWS::Bedrock::DataSource.VectorIngestionConfiguration": { "additionalProperties": false, "properties": { - "Amount": { - "markdownDescription": "The cost or usage amount that's associated with a budget forecast, actual spend, or budget threshold.", - "title": "Amount", - "type": "number" + "ChunkingConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.ChunkingConfiguration", + "markdownDescription": "Details about how to chunk the documents in the data source. A *chunk* refers to an excerpt from a data source that is returned when the knowledge base that it belongs to is queried.", + "title": "ChunkingConfiguration" }, - "Unit": { - "markdownDescription": "The unit of measurement that's used for the budget forecast, actual spend, or budget threshold.", - "title": "Unit", - "type": "string" + "ContextEnrichmentConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.ContextEnrichmentConfiguration", + "markdownDescription": "The context enrichment configuration used for ingestion of the data into the vector store.", + "title": "ContextEnrichmentConfiguration" + }, + "CustomTransformationConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.CustomTransformationConfiguration", + "markdownDescription": "A custom document transformer for parsed data source documents.", + "title": "CustomTransformationConfiguration" + }, + "ParsingConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.ParsingConfiguration", + "markdownDescription": "Configurations for a parser to use for parsing documents in your data source. If you exclude this field, the default parser will be used.", + "title": "ParsingConfiguration" } }, - "required": [ - "Amount", - "Unit" - ], "type": "object" }, - "AWS::Budgets::Budget.Subscriber": { + "AWS::Bedrock::DataSource.WebCrawlerConfiguration": { "additionalProperties": false, "properties": { - "Address": { - "markdownDescription": "The address that AWS sends budget notifications to, either an SNS topic or an email.\n\nWhen you create a subscriber, the value of `Address` can't contain line breaks.", - "title": "Address", + "CrawlerLimits": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.WebCrawlerLimits", + "markdownDescription": "The configuration of crawl limits for the web URLs.", + "title": "CrawlerLimits" + }, + "ExclusionFilters": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of one or more exclusion regular expression patterns to exclude certain URLs. If you specify an inclusion and exclusion filter/pattern and both match a URL, the exclusion filter takes precedence and the web content of the URL isn\u2019t crawled.", + "title": "ExclusionFilters", + "type": "array" + }, + "InclusionFilters": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of one or more inclusion regular expression patterns to include certain URLs. If you specify an inclusion and exclusion filter/pattern and both match a URL, the exclusion filter takes precedence and the web content of the URL isn\u2019t crawled.", + "title": "InclusionFilters", + "type": "array" + }, + "Scope": { + "markdownDescription": "The scope of what is crawled for your URLs.\n\nYou can choose to crawl only web pages that belong to the same host or primary domain. For example, only web pages that contain the seed URL \"https://docs.aws.amazon.com/bedrock/latest/userguide/\" and no other domains. You can choose to include sub domains in addition to the host or primary domain. For example, web pages that contain \"aws.amazon.com\" can also include sub domain \"docs.aws.amazon.com\".", + "title": "Scope", "type": "string" }, - "SubscriptionType": { - "markdownDescription": "The type of notification that AWS sends to a subscriber.", - "title": "SubscriptionType", + "UserAgent": { + "markdownDescription": "Returns the user agent suffix for your web crawler.", + "title": "UserAgent", + "type": "string" + }, + "UserAgentHeader": { + "markdownDescription": "A string used for identifying the crawler or bot when it accesses a web server. The user agent header value consists of the `bedrockbot` , UUID, and a user agent suffix for your crawler (if one is provided). By default, it is set to `bedrockbot_UUID` . You can optionally append a custom suffix to `bedrockbot_UUID` to allowlist a specific user agent permitted to access your source URLs.", + "title": "UserAgentHeader", "type": "string" } }, + "type": "object" + }, + "AWS::Bedrock::DataSource.WebCrawlerLimits": { + "additionalProperties": false, + "properties": { + "MaxPages": { + "markdownDescription": "The max number of web pages crawled from your source URLs, up to 25,000 pages. If the web pages exceed this limit, the data source sync will fail and no web pages will be ingested.", + "title": "MaxPages", + "type": "number" + }, + "RateLimit": { + "markdownDescription": "The max rate at which pages are crawled, up to 300 per minute per host.", + "title": "RateLimit", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataSource.WebDataSourceConfiguration": { + "additionalProperties": false, + "properties": { + "CrawlerConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.WebCrawlerConfiguration", + "markdownDescription": "The Web Crawler configuration details for the web data source.", + "title": "CrawlerConfiguration" + }, + "SourceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.WebSourceConfiguration", + "markdownDescription": "The source configuration details for the web data source.", + "title": "SourceConfiguration" + } + }, "required": [ - "Address", - "SubscriptionType" + "SourceConfiguration" ], "type": "object" }, - "AWS::Budgets::Budget.TimePeriod": { + "AWS::Bedrock::DataSource.WebSourceConfiguration": { "additionalProperties": false, "properties": { - "End": { - "markdownDescription": "The end date for a budget. If you didn't specify an end date, AWS set your end date to `06/15/87 00:00 UTC` . The defaults are the same for the Billing and Cost Management console and the API.\n\nAfter the end date, AWS deletes the budget and all the associated notifications and subscribers. You can change your end date with the `UpdateBudget` operation.", - "title": "End", - "type": "string" - }, - "Start": { - "markdownDescription": "The start date for a budget. If you created your budget and didn't specify a start date, the start date defaults to the start of the chosen time period (MONTHLY, QUARTERLY, or ANNUALLY). For example, if you create your budget on January 24, 2019, choose `MONTHLY` , and don't set a start date, the start date defaults to `01/01/19 00:00 UTC` . The defaults are the same for the Billing and Cost Management console and the API.\n\nYou can change your start date with the `UpdateBudget` operation.\n\nValid values depend on the value of `BudgetType` :\n\n- If `BudgetType` is `COST` or `USAGE` : Valid values are `MONTHLY` , `QUARTERLY` , and `ANNUALLY` .\n- If `BudgetType` is `RI_UTILIZATION` or `RI_COVERAGE` : Valid values are `DAILY` , `MONTHLY` , `QUARTERLY` , and `ANNUALLY` .", - "title": "Start", - "type": "string" + "UrlConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.UrlConfiguration", + "markdownDescription": "The configuration of the URL/URLs.", + "title": "UrlConfiguration" } }, + "required": [ + "UrlConfiguration" + ], "type": "object" }, - "AWS::Budgets::BudgetsAction": { + "AWS::Bedrock::Flow": { "additionalProperties": false, "properties": { "Condition": { @@ -31126,64 +35887,84 @@ "Properties": { "additionalProperties": false, "properties": { - "ActionThreshold": { - "$ref": "#/definitions/AWS::Budgets::BudgetsAction.ActionThreshold", - "markdownDescription": "The trigger threshold of the action.", - "title": "ActionThreshold" - }, - "ActionType": { - "markdownDescription": "The type of action. This defines the type of tasks that can be carried out by this action. This field also determines the format for definition.", - "title": "ActionType", + "CustomerEncryptionKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key that the flow is encrypted with.", + "title": "CustomerEncryptionKeyArn", "type": "string" }, - "ApprovalModel": { - "markdownDescription": "This specifies if the action needs manual or automatic approval.", - "title": "ApprovalModel", - "type": "string" + "Definition": { + "$ref": "#/definitions/AWS::Bedrock::Flow.FlowDefinition", + "markdownDescription": "The definition of the nodes and connections between the nodes in the flow.", + "title": "Definition" }, - "BudgetName": { - "markdownDescription": "A string that represents the budget name. \":\" and \"\\\" characters aren't allowed.", - "title": "BudgetName", + "DefinitionS3Location": { + "$ref": "#/definitions/AWS::Bedrock::Flow.S3Location", + "markdownDescription": "The Amazon S3 location of the flow definition.", + "title": "DefinitionS3Location" + }, + "DefinitionString": { + "markdownDescription": "The definition of the flow as a JSON-formatted string. The string must match the format in [FlowDefinition](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-bedrock-flow-flowdefinition.html) .", + "title": "DefinitionString", "type": "string" }, - "Definition": { - "$ref": "#/definitions/AWS::Budgets::BudgetsAction.Definition", - "markdownDescription": "Specifies all of the type-specific parameters.", - "title": "Definition" + "DefinitionSubstitutions": { + "additionalProperties": true, + "markdownDescription": "A map that specifies the mappings for placeholder variables in the prompt flow definition. This enables the customer to inject values obtained at runtime. Variables can be template parameter names, resource logical IDs, resource attributes, or a variable in a key-value map. Only supported with the `DefinitionString` and `DefinitionS3Location` fields.\n\nSubstitutions must follow the syntax: `${key_name}` or `${variable_1,variable_2,...}` .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "object" + } + }, + "title": "DefinitionSubstitutions", + "type": "object" + }, + "Description": { + "markdownDescription": "A description of the flow.", + "title": "Description", + "type": "string" }, "ExecutionRoleArn": { - "markdownDescription": "The role passed for action execution and reversion. Roles and actions must be in the same account.", + "markdownDescription": "The Amazon Resource Name (ARN) of the service role with permissions to create a flow. For more information, see [Create a service row for flows](https://docs.aws.amazon.com/bedrock/latest/userguide/flows-permissions.html) in the Amazon Bedrock User Guide.", "title": "ExecutionRoleArn", "type": "string" }, - "NotificationType": { - "markdownDescription": "The type of a notification.", - "title": "NotificationType", + "Name": { + "markdownDescription": "The name of the flow.", + "title": "Name", "type": "string" }, - "Subscribers": { - "items": { - "$ref": "#/definitions/AWS::Budgets::BudgetsAction.Subscriber" + "Tags": { + "additionalProperties": true, + "markdownDescription": "Metadata that you can assign to a resource as key-value pairs. For more information, see the following resources:\n\n- [Tag naming limits and requirements](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-conventions)\n- [Tagging best practices](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-best-practices)", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "A list of subscribers.", - "title": "Subscribers", - "type": "array" + "title": "Tags", + "type": "object" + }, + "TestAliasTags": { + "additionalProperties": true, + "markdownDescription": "", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "TestAliasTags", + "type": "object" } }, "required": [ - "ActionThreshold", - "ActionType", - "BudgetName", - "Definition", "ExecutionRoleArn", - "NotificationType", - "Subscribers" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Budgets::BudgetsAction" + "AWS::Bedrock::Flow" ], "type": "string" }, @@ -31202,1167 +35983,951 @@ ], "type": "object" }, - "AWS::Budgets::BudgetsAction.ActionThreshold": { + "AWS::Bedrock::Flow.AgentFlowNodeConfiguration": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The type of threshold for a notification.", - "title": "Type", + "AgentAliasArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the alias of the agent to invoke.", + "title": "AgentAliasArn", "type": "string" - }, - "Value": { - "markdownDescription": "The threshold of a notification.", - "title": "Value", - "type": "number" } }, "required": [ - "Type", - "Value" + "AgentAliasArn" ], "type": "object" }, - "AWS::Budgets::BudgetsAction.Definition": { + "AWS::Bedrock::Flow.ConditionFlowNodeConfiguration": { "additionalProperties": false, "properties": { - "IamActionDefinition": { - "$ref": "#/definitions/AWS::Budgets::BudgetsAction.IamActionDefinition", - "markdownDescription": "The AWS Identity and Access Management ( IAM ) action definition details.", - "title": "IamActionDefinition" - }, - "ScpActionDefinition": { - "$ref": "#/definitions/AWS::Budgets::BudgetsAction.ScpActionDefinition", - "markdownDescription": "The service control policies (SCP) action definition details.", - "title": "ScpActionDefinition" + "Conditions": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Flow.FlowCondition" + }, + "markdownDescription": "An array of conditions. Each member contains the name of a condition and an expression that defines the condition.", + "title": "Conditions", + "type": "array" + } + }, + "required": [ + "Conditions" + ], + "type": "object" + }, + "AWS::Bedrock::Flow.FieldForReranking": { + "additionalProperties": false, + "properties": { + "FieldName": { + "markdownDescription": "The name of the metadata field to be used during the reranking process.", + "title": "FieldName", + "type": "string" + } + }, + "required": [ + "FieldName" + ], + "type": "object" + }, + "AWS::Bedrock::Flow.FlowCondition": { + "additionalProperties": false, + "properties": { + "Expression": { + "markdownDescription": "Defines the condition. You must refer to at least one of the inputs in the condition. For more information, expand the Condition node section in [Node types in prompt flows](https://docs.aws.amazon.com/bedrock/latest/userguide/flows-how-it-works.html#flows-nodes) .", + "title": "Expression", + "type": "string" }, - "SsmActionDefinition": { - "$ref": "#/definitions/AWS::Budgets::BudgetsAction.SsmActionDefinition", - "markdownDescription": "The Amazon EC2 Systems Manager ( SSM ) action definition details.", - "title": "SsmActionDefinition" + "Name": { + "markdownDescription": "A name for the condition that you can reference.", + "title": "Name", + "type": "string" } }, + "required": [ + "Name" + ], "type": "object" }, - "AWS::Budgets::BudgetsAction.IamActionDefinition": { + "AWS::Bedrock::Flow.FlowConditionalConnectionConfiguration": { "additionalProperties": false, "properties": { - "Groups": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of groups to be attached. There must be at least one group.", - "title": "Groups", - "type": "array" + "Condition": { + "markdownDescription": "The condition that triggers this connection. For more information about how to write conditions, see the *Condition* node type in the [Node types](https://docs.aws.amazon.com/bedrock/latest/userguide/node-types.html) topic in the Amazon Bedrock User Guide.", + "title": "Condition", + "type": "string" + } + }, + "required": [ + "Condition" + ], + "type": "object" + }, + "AWS::Bedrock::Flow.FlowConnection": { + "additionalProperties": false, + "properties": { + "Configuration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.FlowConnectionConfiguration", + "markdownDescription": "The configuration of the connection.", + "title": "Configuration" }, - "PolicyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the policy to be attached.", - "title": "PolicyArn", + "Name": { + "markdownDescription": "A name for the connection that you can reference.", + "title": "Name", "type": "string" }, - "Roles": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of roles to be attached. There must be at least one role.", - "title": "Roles", - "type": "array" + "Source": { + "markdownDescription": "The node that the connection starts at.", + "title": "Source", + "type": "string" }, - "Users": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of users to be attached. There must be at least one user.", - "title": "Users", - "type": "array" + "Target": { + "markdownDescription": "The node that the connection ends at.", + "title": "Target", + "type": "string" + }, + "Type": { + "markdownDescription": "Whether the source node that the connection begins from is a condition node ( `Conditional` ) or not ( `Data` ).", + "title": "Type", + "type": "string" } }, "required": [ - "PolicyArn" + "Name", + "Source", + "Target", + "Type" ], "type": "object" }, - "AWS::Budgets::BudgetsAction.ScpActionDefinition": { + "AWS::Bedrock::Flow.FlowConnectionConfiguration": { "additionalProperties": false, "properties": { - "PolicyId": { - "markdownDescription": "The policy ID attached.", - "title": "PolicyId", + "Conditional": { + "$ref": "#/definitions/AWS::Bedrock::Flow.FlowConditionalConnectionConfiguration", + "markdownDescription": "The configuration of a connection originating from a Condition node.", + "title": "Conditional" + }, + "Data": { + "$ref": "#/definitions/AWS::Bedrock::Flow.FlowDataConnectionConfiguration", + "markdownDescription": "The configuration of a connection originating from a node that isn't a Condition node.", + "title": "Data" + } + }, + "type": "object" + }, + "AWS::Bedrock::Flow.FlowDataConnectionConfiguration": { + "additionalProperties": false, + "properties": { + "SourceOutput": { + "markdownDescription": "The name of the output in the source node that the connection begins from.", + "title": "SourceOutput", "type": "string" }, - "TargetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of target IDs.", - "title": "TargetIds", - "type": "array" + "TargetInput": { + "markdownDescription": "The name of the input in the target node that the connection ends at.", + "title": "TargetInput", + "type": "string" } }, "required": [ - "PolicyId", - "TargetIds" + "SourceOutput", + "TargetInput" ], "type": "object" }, - "AWS::Budgets::BudgetsAction.SsmActionDefinition": { + "AWS::Bedrock::Flow.FlowDefinition": { "additionalProperties": false, "properties": { - "InstanceIds": { + "Connections": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Bedrock::Flow.FlowConnection" }, - "markdownDescription": "The EC2 and RDS instance IDs.", - "title": "InstanceIds", + "markdownDescription": "An array of connection definitions in the flow.", + "title": "Connections", "type": "array" }, - "Region": { - "markdownDescription": "The Region to run the ( SSM ) document.", - "title": "Region", - "type": "string" - }, - "Subtype": { - "markdownDescription": "The action subType.", - "title": "Subtype", - "type": "string" + "Nodes": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Flow.FlowNode" + }, + "markdownDescription": "An array of node definitions in the flow.", + "title": "Nodes", + "type": "array" } }, - "required": [ - "InstanceIds", - "Region", - "Subtype" - ], "type": "object" }, - "AWS::Budgets::BudgetsAction.Subscriber": { + "AWS::Bedrock::Flow.FlowNode": { "additionalProperties": false, "properties": { - "Address": { - "markdownDescription": "The address that AWS sends budget notifications to, either an SNS topic or an email.\n\nWhen you create a subscriber, the value of `Address` can't contain line breaks.", - "title": "Address", + "Configuration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.FlowNodeConfiguration", + "markdownDescription": "Contains configurations for the node.", + "title": "Configuration" + }, + "Inputs": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Flow.FlowNodeInput" + }, + "markdownDescription": "An array of objects, each of which contains information about an input into the node.", + "title": "Inputs", + "type": "array" + }, + "Name": { + "markdownDescription": "A name for the node.", + "title": "Name", "type": "string" }, + "Outputs": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Flow.FlowNodeOutput" + }, + "markdownDescription": "A list of objects, each of which contains information about an output from the node.", + "title": "Outputs", + "type": "array" + }, "Type": { - "markdownDescription": "The type of notification that AWS sends to a subscriber.", + "markdownDescription": "The type of node. This value must match the name of the key that you provide in the configuration you provide in the `FlowNodeConfiguration` field.", "title": "Type", "type": "string" } }, "required": [ - "Address", + "Name", "Type" ], "type": "object" }, - "AWS::CE::AnomalyMonitor": { + "AWS::Bedrock::Flow.FlowNodeConfiguration": { "additionalProperties": false, "properties": { + "Agent": { + "$ref": "#/definitions/AWS::Bedrock::Flow.AgentFlowNodeConfiguration", + "markdownDescription": "Contains configurations for an agent node in your flow. Invokes an alias of an agent and returns the response.", + "title": "Agent" + }, + "Collector": { + "markdownDescription": "Contains configurations for a collector node in your flow. Collects an iteration of inputs and consolidates them into an array of outputs.", + "title": "Collector", + "type": "object" + }, "Condition": { - "type": "string" + "$ref": "#/definitions/AWS::Bedrock::Flow.ConditionFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a condition node in your flow. Defines conditions that lead to different branches of the flow.", + "title": "Condition" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "InlineCode": { + "$ref": "#/definitions/AWS::Bedrock::Flow.InlineCodeFlowNodeConfiguration", + "markdownDescription": "Contains configurations for an inline code node in your flow. Inline code nodes let you write and execute code directly within your flow, enabling data transformations, custom logic, and integrations without needing an external Lambda function.", + "title": "InlineCode" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Input": { + "markdownDescription": "Contains configurations for an input flow node in your flow. The first node in the flow. `inputs` can't be specified for this node.", + "title": "Input", + "type": "object" }, - "Metadata": { + "Iterator": { + "markdownDescription": "Contains configurations for an iterator node in your flow. Takes an input that is an array and iteratively sends each item of the array as an output to the following node. The size of the array is also returned in the output.\n\nThe output flow node at the end of the flow iteration will return a response for each member of the array. To return only one response, you can include a collector node downstream from the iterator node.", + "title": "Iterator", "type": "object" }, - "Properties": { - "additionalProperties": false, - "properties": { - "MonitorDimension": { - "markdownDescription": "The dimensions to evaluate.", - "title": "MonitorDimension", - "type": "string" - }, - "MonitorName": { - "markdownDescription": "The name of the monitor.", - "title": "MonitorName", - "type": "string" - }, - "MonitorSpecification": { - "markdownDescription": "The array of `MonitorSpecification` in JSON array format. For instance, you can use `MonitorSpecification` to specify a tag, Cost Category, or linked account for your custom anomaly monitor. For further information, see the [Examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ce-anomalymonitor.html#aws-resource-ce-anomalymonitor--examples) section of this page.", - "title": "MonitorSpecification", - "type": "string" - }, - "MonitorType": { - "markdownDescription": "The possible type values.", - "title": "MonitorType", - "type": "string" - }, - "ResourceTags": { - "items": { - "$ref": "#/definitions/AWS::CE::AnomalyMonitor.ResourceTag" - }, - "markdownDescription": "", - "title": "ResourceTags", - "type": "array" - } - }, - "required": [ - "MonitorName", - "MonitorType" - ], + "KnowledgeBase": { + "$ref": "#/definitions/AWS::Bedrock::Flow.KnowledgeBaseFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a knowledge base node in your flow. Queries a knowledge base and returns the retrieved results or generated response.", + "title": "KnowledgeBase" + }, + "LambdaFunction": { + "$ref": "#/definitions/AWS::Bedrock::Flow.LambdaFunctionFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a Lambda function node in your flow. Invokes an AWS Lambda function.", + "title": "LambdaFunction" + }, + "Lex": { + "$ref": "#/definitions/AWS::Bedrock::Flow.LexFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a Lex node in your flow. Invokes an Amazon Lex bot to identify the intent of the input and return the intent as the output.", + "title": "Lex" + }, + "Loop": { + "$ref": "#/definitions/AWS::Bedrock::Flow.LoopFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a DoWhile loop in your flow.", + "title": "Loop" + }, + "LoopController": { + "$ref": "#/definitions/AWS::Bedrock::Flow.LoopControllerFlowNodeConfiguration", + "markdownDescription": "Contains controller node configurations for a DoWhile loop in your flow.", + "title": "LoopController" + }, + "LoopInput": { + "markdownDescription": "Contains input node configurations for a DoWhile loop in your flow.", + "title": "LoopInput", "type": "object" }, - "Type": { - "enum": [ - "AWS::CE::AnomalyMonitor" - ], + "Output": { + "markdownDescription": "Contains configurations for an output flow node in your flow. The last node in the flow. `outputs` can't be specified for this node.", + "title": "Output", + "type": "object" + }, + "Prompt": { + "$ref": "#/definitions/AWS::Bedrock::Flow.PromptFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a prompt node in your flow. Runs a prompt and generates the model response as the output. You can use a prompt from Prompt management or you can configure one in this node.", + "title": "Prompt" + }, + "Retrieval": { + "$ref": "#/definitions/AWS::Bedrock::Flow.RetrievalFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a retrieval node in your flow. Retrieves data from an Amazon S3 location and returns it as the output.", + "title": "Retrieval" + }, + "Storage": { + "$ref": "#/definitions/AWS::Bedrock::Flow.StorageFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a storage node in your flow. Stores an input in an Amazon S3 location.", + "title": "Storage" + } + }, + "type": "object" + }, + "AWS::Bedrock::Flow.FlowNodeInput": { + "additionalProperties": false, + "properties": { + "Category": { + "markdownDescription": "Specifies how input data flows between iterations in a DoWhile loop.\n\n- `LoopCondition` - Controls whether the loop continues by evaluating condition expressions against the input data. Use this category to define the condition that determines if the loop should continue.\n- `ReturnValueToLoopStart` - Defines data to pass back to the start of the loop's next iteration. Use this category for variables that you want to update for each loop iteration.\n- `ExitLoop` - Defines the value that's available once the loop ends. Use this category to expose loop results to nodes outside the loop.", + "title": "Category", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Expression": { + "markdownDescription": "An expression that formats the input for the node. For an explanation of how to create expressions, see [Expressions in Prompt flows in Amazon Bedrock](https://docs.aws.amazon.com/bedrock/latest/userguide/flows-expressions.html) .", + "title": "Expression", + "type": "string" + }, + "Name": { + "markdownDescription": "Specifies a name for the input that you can reference.", + "title": "Name", + "type": "string" + }, + "Type": { + "markdownDescription": "Specifies the data type of the input. If the input doesn't match this type at runtime, a validation error will be thrown.", + "title": "Type", "type": "string" } }, "required": [ - "Type", - "Properties" + "Expression", + "Name", + "Type" ], "type": "object" }, - "AWS::CE::AnomalyMonitor.ResourceTag": { + "AWS::Bedrock::Flow.FlowNodeOutput": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The key that's associated with the tag.", - "title": "Key", + "Name": { + "markdownDescription": "A name for the output that you can reference.", + "title": "Name", "type": "string" }, - "Value": { - "markdownDescription": "The value that's associated with the tag.", - "title": "Value", + "Type": { + "markdownDescription": "The data type of the output. If the output doesn't match this type at runtime, a validation error will be thrown.", + "title": "Type", "type": "string" } }, "required": [ - "Key", - "Value" + "Name", + "Type" ], "type": "object" }, - "AWS::CE::AnomalySubscription": { + "AWS::Bedrock::Flow.FlowValidation": { "additionalProperties": false, "properties": { - "Condition": { + "Message": { + "markdownDescription": "A message describing the validation error.", + "title": "Message", + "type": "string" + } + }, + "required": [ + "Message" + ], + "type": "object" + }, + "AWS::Bedrock::Flow.GuardrailConfiguration": { + "additionalProperties": false, + "properties": { + "GuardrailIdentifier": { + "markdownDescription": "The identifier for the guardrail.", + "title": "GuardrailIdentifier", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "GuardrailVersion": { + "markdownDescription": "The version of the guardrail.", + "title": "GuardrailVersion", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::Flow.InlineCodeFlowNodeConfiguration": { + "additionalProperties": false, + "properties": { + "Code": { + "markdownDescription": "The code that's executed in your inline code node. The code can access input data from previous nodes in the flow, perform operations on that data, and produce output that can be used by other nodes in your flow.\n\nThe code must be valid in the programming `language` that you specify.", + "title": "Code", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Frequency": { - "markdownDescription": "The frequency that anomaly notifications are sent. Notifications are sent either over email (for DAILY and WEEKLY frequencies) or SNS (for IMMEDIATE frequency). For more information, see [Creating an Amazon SNS topic for anomaly notifications](https://docs.aws.amazon.com/cost-management/latest/userguide/ad-SNS.html) .", - "title": "Frequency", - "type": "string" - }, - "MonitorArnList": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of cost anomaly monitors.", - "title": "MonitorArnList", - "type": "array" - }, - "ResourceTags": { - "items": { - "$ref": "#/definitions/AWS::CE::AnomalySubscription.ResourceTag" - }, - "markdownDescription": "", - "title": "ResourceTags", - "type": "array" - }, - "Subscribers": { - "items": { - "$ref": "#/definitions/AWS::CE::AnomalySubscription.Subscriber" - }, - "markdownDescription": "A list of subscribers to notify.", - "title": "Subscribers", - "type": "array" - }, - "SubscriptionName": { - "markdownDescription": "The name for the subscription.", - "title": "SubscriptionName", - "type": "string" - }, - "Threshold": { - "markdownDescription": "(deprecated)\n\nAn absolute dollar value that must be exceeded by the anomaly's total impact (see [Impact](https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_Impact.html) for more details) for an anomaly notification to be generated.\n\nThis field has been deprecated. To specify a threshold, use ThresholdExpression. Continued use of Threshold will be treated as shorthand syntax for a ThresholdExpression.\n\nOne of Threshold or ThresholdExpression is required for `AWS::CE::AnomalySubscription` . You cannot specify both.", - "title": "Threshold", - "type": "number" - }, - "ThresholdExpression": { - "markdownDescription": "An [Expression](https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_Expression.html) object in JSON string format used to specify the anomalies that you want to generate alerts for. This supports dimensions and nested expressions. The supported dimensions are `ANOMALY_TOTAL_IMPACT_ABSOLUTE` and `ANOMALY_TOTAL_IMPACT_PERCENTAGE` , corresponding to an anomaly\u2019s TotalImpact and TotalImpactPercentage, respectively (see [Impact](https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_Impact.html) for more details). The supported nested expression types are `AND` and `OR` . The match option `GREATER_THAN_OR_EQUAL` is required. Values must be numbers between 0 and 10,000,000,000 in string format.\n\nOne of Threshold or ThresholdExpression is required for `AWS::CE::AnomalySubscription` . You cannot specify both.\n\nFor further information, see the [Examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ce-anomalysubscription.html#aws-resource-ce-anomalysubscription--examples) section of this page.", - "title": "ThresholdExpression", - "type": "string" - } - }, - "required": [ - "Frequency", - "MonitorArnList", - "Subscribers", - "SubscriptionName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::CE::AnomalySubscription" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Language": { + "markdownDescription": "The programming language used by your inline code node.\n\nThe code must be valid in the programming `language` that you specify. Currently, only Python 3 ( `Python_3` ) is supported.", + "title": "Language", "type": "string" } }, "required": [ - "Type", - "Properties" + "Code", + "Language" ], "type": "object" }, - "AWS::CE::AnomalySubscription.ResourceTag": { + "AWS::Bedrock::Flow.KnowledgeBaseFlowNodeConfiguration": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The key that's associated with the tag.", - "title": "Key", + "GuardrailConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.GuardrailConfiguration", + "markdownDescription": "Contains configurations for a guardrail to apply during query and response generation for the knowledge base in this configuration.", + "title": "GuardrailConfiguration" + }, + "InferenceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.PromptInferenceConfiguration", + "markdownDescription": "Contains inference configurations for the prompt.", + "title": "InferenceConfiguration" + }, + "KnowledgeBaseId": { + "markdownDescription": "The unique identifier of the knowledge base to query.", + "title": "KnowledgeBaseId", "type": "string" }, - "Value": { - "markdownDescription": "The value that's associated with the tag.", - "title": "Value", + "ModelId": { + "markdownDescription": "The unique identifier of the model or [inference profile](https://docs.aws.amazon.com/bedrock/latest/userguide/cross-region-inference.html) to use to generate a response from the query results. Omit this field if you want to return the retrieved results as an array.", + "title": "ModelId", "type": "string" + }, + "NumberOfResults": { + "markdownDescription": "The number of results to retrieve from the knowledge base.", + "title": "NumberOfResults", + "type": "number" + }, + "OrchestrationConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.KnowledgeBaseOrchestrationConfiguration", + "markdownDescription": "The configuration for orchestrating the retrieval and generation process in the knowledge base node.", + "title": "OrchestrationConfiguration" + }, + "PromptTemplate": { + "$ref": "#/definitions/AWS::Bedrock::Flow.KnowledgeBasePromptTemplate", + "markdownDescription": "A custom prompt template to use with the knowledge base for generating responses.", + "title": "PromptTemplate" + }, + "RerankingConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.VectorSearchRerankingConfiguration", + "markdownDescription": "The configuration for reranking the retrieved results from the knowledge base to improve relevance.", + "title": "RerankingConfiguration" } }, "required": [ - "Key", - "Value" + "KnowledgeBaseId" ], "type": "object" }, - "AWS::CE::AnomalySubscription.Subscriber": { + "AWS::Bedrock::Flow.KnowledgeBaseOrchestrationConfiguration": { "additionalProperties": false, "properties": { - "Address": { - "markdownDescription": "The email address or SNS Topic Amazon Resource Name (ARN), depending on the `Type` .", - "title": "Address", - "type": "string" + "AdditionalModelRequestFields": { + "markdownDescription": "The additional model-specific request parameters as key-value pairs to be included in the request to the foundation model.", + "title": "AdditionalModelRequestFields", + "type": "object" }, - "Status": { - "markdownDescription": "Indicates if the subscriber accepts the notifications.", - "title": "Status", - "type": "string" + "InferenceConfig": { + "$ref": "#/definitions/AWS::Bedrock::Flow.PromptInferenceConfiguration", + "markdownDescription": "Contains inference configurations for the prompt.", + "title": "InferenceConfig" }, - "Type": { - "markdownDescription": "The notification delivery channel.", - "title": "Type", + "PerformanceConfig": { + "$ref": "#/definitions/AWS::Bedrock::Flow.PerformanceConfiguration", + "markdownDescription": "The performance configuration options for the knowledge base retrieval and generation process.", + "title": "PerformanceConfig" + }, + "PromptTemplate": { + "$ref": "#/definitions/AWS::Bedrock::Flow.KnowledgeBasePromptTemplate", + "markdownDescription": "A custom prompt template for orchestrating the retrieval and generation process.", + "title": "PromptTemplate" + } + }, + "type": "object" + }, + "AWS::Bedrock::Flow.KnowledgeBasePromptTemplate": { + "additionalProperties": false, + "properties": { + "TextPromptTemplate": { + "markdownDescription": "The text of the prompt template.", + "title": "TextPromptTemplate", "type": "string" } }, "required": [ - "Address", - "Type" + "TextPromptTemplate" ], "type": "object" }, - "AWS::CE::CostCategory": { + "AWS::Bedrock::Flow.LambdaFunctionFlowNodeConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "LambdaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function to invoke.", + "title": "LambdaArn", "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DefaultValue": { - "markdownDescription": "The default value for the cost category.", - "title": "DefaultValue", - "type": "string" - }, - "Name": { - "markdownDescription": "The unique name of the Cost Category.", - "title": "Name", - "type": "string" - }, - "RuleVersion": { - "markdownDescription": "The rule schema version in this particular Cost Category.", - "title": "RuleVersion", - "type": "string" - }, - "Rules": { - "markdownDescription": "The array of CostCategoryRule in JSON array format.\n\n> Rules are processed in order. If there are multiple rules that match the line item, then the first rule to match is used to determine that Cost Category value.", - "title": "Rules", - "type": "string" - }, - "SplitChargeRules": { - "markdownDescription": "The split charge rules that are used to allocate your charges between your Cost Category values.", - "title": "SplitChargeRules", - "type": "string" - } - }, - "required": [ - "Name", - "RuleVersion", - "Rules" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::CE::CostCategory" - ], + } + }, + "required": [ + "LambdaArn" + ], + "type": "object" + }, + "AWS::Bedrock::Flow.LexFlowNodeConfiguration": { + "additionalProperties": false, + "properties": { + "BotAliasArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Lex bot alias to invoke.", + "title": "BotAliasArn", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "LocaleId": { + "markdownDescription": "The Region to invoke the Amazon Lex bot in.", + "title": "LocaleId", "type": "string" } }, "required": [ - "Type", - "Properties" + "BotAliasArn", + "LocaleId" ], "type": "object" }, - "AWS::CUR::ReportDefinition": { + "AWS::Bedrock::Flow.LoopControllerFlowNodeConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "ContinueCondition": { + "$ref": "#/definitions/AWS::Bedrock::Flow.FlowCondition", + "markdownDescription": "Specifies the condition that determines when the flow exits the DoWhile loop. The loop executes until this condition evaluates to true.", + "title": "ContinueCondition" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "MaxIterations": { + "markdownDescription": "Specifies the maximum number of times the DoWhile loop can iterate before the flow exits the loop.", + "title": "MaxIterations", + "type": "number" + } + }, + "required": [ + "ContinueCondition" + ], + "type": "object" + }, + "AWS::Bedrock::Flow.LoopFlowNodeConfiguration": { + "additionalProperties": false, + "properties": { + "Definition": { + "$ref": "#/definitions/AWS::Bedrock::Flow.FlowDefinition", + "markdownDescription": "The definition of the DoWhile loop nodes and connections between nodes in the flow.", + "title": "Definition" + } + }, + "required": [ + "Definition" + ], + "type": "object" + }, + "AWS::Bedrock::Flow.MetadataConfigurationForReranking": { + "additionalProperties": false, + "properties": { + "SelectionMode": { + "markdownDescription": "The mode for selecting which metadata fields to include in the reranking process. Valid values are ALL (use all available metadata fields) or SELECTIVE (use only specified fields).", + "title": "SelectionMode", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AdditionalArtifacts": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of manifests that you want AWS to create for this report.", - "title": "AdditionalArtifacts", - "type": "array" - }, - "AdditionalSchemaElements": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of strings that indicate additional content that AWS includes in the report, such as individual resource IDs.", - "title": "AdditionalSchemaElements", - "type": "array" - }, - "BillingViewArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the billing view. You can get this value by using the billing view service public APIs.", - "title": "BillingViewArn", - "type": "string" - }, - "Compression": { - "markdownDescription": "The compression format that Amazon Web Services uses for the report.", - "title": "Compression", - "type": "string" - }, - "Format": { - "markdownDescription": "The format that Amazon Web Services saves the report in.", - "title": "Format", - "type": "string" - }, - "RefreshClosedReports": { - "markdownDescription": "Whether you want AWS to update your reports after they have been finalized if AWS detects charges related to previous months. These charges can include refunds, credits, or support fees.", - "title": "RefreshClosedReports", - "type": "boolean" - }, - "ReportName": { - "markdownDescription": "The name of the report that you want to create. The name must be unique, is case sensitive, and can't include spaces.", - "title": "ReportName", - "type": "string" - }, - "ReportVersioning": { - "markdownDescription": "Whether you want AWS to overwrite the previous version of each report or to deliver the report in addition to the previous versions.", - "title": "ReportVersioning", - "type": "string" - }, - "S3Bucket": { - "markdownDescription": "The S3 bucket where Amazon Web Services delivers the report.", - "title": "S3Bucket", - "type": "string" - }, - "S3Prefix": { - "markdownDescription": "The prefix that Amazon Web Services adds to the report name when Amazon Web Services delivers the report. Your prefix can't include spaces.", - "title": "S3Prefix", - "type": "string" - }, - "S3Region": { - "markdownDescription": "The Region of the S3 bucket that Amazon Web Services delivers the report into.", - "title": "S3Region", - "type": "string" - }, - "TimeUnit": { - "markdownDescription": "The granularity of the line items in the report.", - "title": "TimeUnit", - "type": "string" - } - }, - "required": [ - "Compression", - "Format", - "RefreshClosedReports", - "ReportName", - "ReportVersioning", - "S3Bucket", - "S3Prefix", - "S3Region", - "TimeUnit" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::CUR::ReportDefinition" - ], + "SelectiveModeConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.RerankingMetadataSelectiveModeConfiguration", + "markdownDescription": "Configuration for selective mode, which allows you to explicitly include or exclude specific metadata fields during reranking. This is only used when selectionMode is set to SELECTIVE.", + "title": "SelectiveModeConfiguration" + } + }, + "required": [ + "SelectionMode" + ], + "type": "object" + }, + "AWS::Bedrock::Flow.PerformanceConfiguration": { + "additionalProperties": false, + "properties": { + "Latency": { + "markdownDescription": "To use a latency-optimized version of the model, set to `optimized` .", + "title": "Latency", "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::Flow.PromptFlowNodeConfiguration": { + "additionalProperties": false, + "properties": { + "GuardrailConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.GuardrailConfiguration", + "markdownDescription": "Contains configurations for a guardrail to apply to the prompt in this node and the response generated from it.", + "title": "GuardrailConfiguration" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "SourceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.PromptFlowNodeSourceConfiguration", + "markdownDescription": "Specifies whether the prompt is from Prompt management or defined inline.", + "title": "SourceConfiguration" } }, "required": [ - "Type", - "Properties" + "SourceConfiguration" ], "type": "object" }, - "AWS::Cassandra::Keyspace": { + "AWS::Bedrock::Flow.PromptFlowNodeInlineConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "InferenceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.PromptInferenceConfiguration", + "markdownDescription": "Contains inference configurations for the prompt.", + "title": "InferenceConfiguration" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ModelId": { + "markdownDescription": "The unique identifier of the model or [inference profile](https://docs.aws.amazon.com/bedrock/latest/userguide/cross-region-inference.html) to run inference with.", + "title": "ModelId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "KeyspaceName": { - "markdownDescription": "The name of the keyspace to be created. The keyspace name is case sensitive. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the keyspace name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n*Length constraints:* Minimum length of 1. Maximum length of 48.", - "title": "KeyspaceName", - "type": "string" - }, - "ReplicationSpecification": { - "$ref": "#/definitions/AWS::Cassandra::Keyspace.ReplicationSpecification", - "markdownDescription": "Specifies the `ReplicationStrategy` of a keyspace. The options are:\n\n- `SINGLE_REGION` for a single Region keyspace (optional) or\n- `MULTI_REGION` for a multi-Region keyspace\n\nIf no `ReplicationStrategy` is provided, the default is `SINGLE_REGION` . If you choose `MULTI_REGION` , you must also provide a `RegionList` with the AWS Regions that the keyspace is replicated in.", - "title": "ReplicationSpecification" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Cassandra::Keyspace" - ], - "type": "string" + "TemplateConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.PromptTemplateConfiguration", + "markdownDescription": "Contains a prompt and variables in the prompt that can be replaced with values at runtime.", + "title": "TemplateConfiguration" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TemplateType": { + "markdownDescription": "The type of prompt template.", + "title": "TemplateType", "type": "string" } }, "required": [ - "Type" + "ModelId", + "TemplateConfiguration", + "TemplateType" ], "type": "object" }, - "AWS::Cassandra::Keyspace.ReplicationSpecification": { + "AWS::Bedrock::Flow.PromptFlowNodeResourceConfiguration": { "additionalProperties": false, "properties": { - "RegionList": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the AWS Regions that the keyspace is replicated in. You must specify at least two Regions, including the Region that the keyspace is being created in.\n\nTo specify a Region [that's disabled by default](https://docs.aws.amazon.com/accounts/latest/reference/manage-acct-regions.html#rande-manage-enable) , you must first enable the Region. For more information, see [Multi-Region replication in AWS Regions disabled by default](https://docs.aws.amazon.com/keyspaces/latest/devguide/multiRegion-replication_how-it-works.html#howitworks_mrr_opt_in) in the *Amazon Keyspaces Developer Guide* .", - "title": "RegionList", - "type": "array" - }, - "ReplicationStrategy": { - "markdownDescription": "The options are:\n\n- `SINGLE_REGION` (optional)\n- `MULTI_REGION`\n\nIf no value is specified, the default is `SINGLE_REGION` . If `MULTI_REGION` is specified, `RegionList` is required.", - "title": "ReplicationStrategy", + "PromptArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the prompt from Prompt management.", + "title": "PromptArn", "type": "string" } }, + "required": [ + "PromptArn" + ], "type": "object" }, - "AWS::Cassandra::Table": { + "AWS::Bedrock::Flow.PromptFlowNodeSourceConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AutoScalingSpecifications": { - "$ref": "#/definitions/AWS::Cassandra::Table.AutoScalingSpecification", - "markdownDescription": "The optional auto scaling capacity settings for a table in provisioned capacity mode.", - "title": "AutoScalingSpecifications" - }, - "BillingMode": { - "$ref": "#/definitions/AWS::Cassandra::Table.BillingMode", - "markdownDescription": "The billing mode for the table, which determines how you'll be charged for reads and writes:\n\n- *On-demand mode* (default) - You pay based on the actual reads and writes your application performs.\n- *Provisioned mode* - Lets you specify the number of reads and writes per second that you need for your application.\n\nIf you don't specify a value for this property, then the table will use on-demand mode.", - "title": "BillingMode" - }, - "ClientSideTimestampsEnabled": { - "markdownDescription": "Enables client-side timestamps for the table. By default, the setting is disabled. You can enable client-side timestamps with the following option:\n\n- `status: \"enabled\"`\n\nAfter client-side timestamps are enabled for a table, you can't disable this setting.", - "title": "ClientSideTimestampsEnabled", - "type": "boolean" - }, - "ClusteringKeyColumns": { - "items": { - "$ref": "#/definitions/AWS::Cassandra::Table.ClusteringKeyColumn" - }, - "markdownDescription": "One or more columns that determine how the table data is sorted.", - "title": "ClusteringKeyColumns", - "type": "array" - }, - "DefaultTimeToLive": { - "markdownDescription": "The default Time To Live (TTL) value for all rows in a table in seconds. The maximum configurable value is 630,720,000 seconds, which is the equivalent of 20 years. By default, the TTL value for a table is 0, which means data does not expire.\n\nFor more information, see [Setting the default TTL value for a table](https://docs.aws.amazon.com/keyspaces/latest/devguide/TTL-how-it-works.html#ttl-howitworks_default_ttl) in the *Amazon Keyspaces Developer Guide* .", - "title": "DefaultTimeToLive", - "type": "number" - }, - "EncryptionSpecification": { - "$ref": "#/definitions/AWS::Cassandra::Table.EncryptionSpecification", - "markdownDescription": "The encryption at rest options for the table.\n\n- *AWS owned key* (default) - The key is owned by Amazon Keyspaces .\n- *Customer managed key* - The key is stored in your account and is created, owned, and managed by you.\n\n> If you choose encryption with a customer managed key, you must specify a valid customer managed KMS key with permissions granted to Amazon Keyspaces.\n\nFor more information, see [Encryption at rest in Amazon Keyspaces](https://docs.aws.amazon.com/keyspaces/latest/devguide/EncryptionAtRest.html) in the *Amazon Keyspaces Developer Guide* .", - "title": "EncryptionSpecification" - }, - "KeyspaceName": { - "markdownDescription": "The name of the keyspace to create the table in. The keyspace must already exist.", - "title": "KeyspaceName", - "type": "string" - }, - "PartitionKeyColumns": { - "items": { - "$ref": "#/definitions/AWS::Cassandra::Table.Column" - }, - "markdownDescription": "One or more columns that uniquely identify every row in the table. Every table must have a partition key.", - "title": "PartitionKeyColumns", - "type": "array" - }, - "PointInTimeRecoveryEnabled": { - "markdownDescription": "Specifies if point-in-time recovery is enabled or disabled for the table. The options are `PointInTimeRecoveryEnabled=true` and `PointInTimeRecoveryEnabled=false` . If not specified, the default is `PointInTimeRecoveryEnabled=false` .", - "title": "PointInTimeRecoveryEnabled", - "type": "boolean" - }, - "RegularColumns": { - "items": { - "$ref": "#/definitions/AWS::Cassandra::Table.Column" - }, - "markdownDescription": "One or more columns that are not part of the primary key - that is, columns that are *not* defined as partition key columns or clustering key columns.\n\nYou can add regular columns to existing tables by adding them to the template.", - "title": "RegularColumns", - "type": "array" - }, - "ReplicaSpecifications": { - "items": { - "$ref": "#/definitions/AWS::Cassandra::Table.ReplicaSpecification" - }, - "markdownDescription": "The AWS Region specific settings of a multi-Region table.\n\nFor a multi-Region table, you can configure the table's read capacity differently per AWS Region. You can do this by configuring the following parameters.\n\n- `region` : The Region where these settings are applied. (Required)\n- `readCapacityUnits` : The provisioned read capacity units. (Optional)\n- `readCapacityAutoScaling` : The read capacity auto scaling settings for the table. (Optional)", - "title": "ReplicaSpecifications", - "type": "array" - }, - "TableName": { - "markdownDescription": "The name of the table to be created. The table name is case sensitive. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the table name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you can't perform updates that require replacing this resource. You can perform updates that require no interruption or some interruption. If you must replace the resource, specify a new name. \n\n*Length constraints:* Minimum length of 3. Maximum length of 255.\n\n*Pattern:* `^[a-zA-Z0-9][a-zA-Z0-9_]{1,47}$`", - "title": "TableName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "KeyspaceName", - "PartitionKeyColumns" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Cassandra::Table" - ], - "type": "string" + "Inline": { + "$ref": "#/definitions/AWS::Bedrock::Flow.PromptFlowNodeInlineConfiguration", + "markdownDescription": "Contains configurations for a prompt that is defined inline", + "title": "Inline" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Resource": { + "$ref": "#/definitions/AWS::Bedrock::Flow.PromptFlowNodeResourceConfiguration", + "markdownDescription": "Contains configurations for a prompt from Prompt management.", + "title": "Resource" + } + }, + "type": "object" + }, + "AWS::Bedrock::Flow.PromptInferenceConfiguration": { + "additionalProperties": false, + "properties": { + "Text": { + "$ref": "#/definitions/AWS::Bedrock::Flow.PromptModelInferenceConfiguration", + "markdownDescription": "Contains inference configurations for a text prompt.", + "title": "Text" } }, "required": [ - "Type", - "Properties" + "Text" ], "type": "object" }, - "AWS::Cassandra::Table.AutoScalingSetting": { + "AWS::Bedrock::Flow.PromptInputVariable": { "additionalProperties": false, "properties": { - "AutoScalingDisabled": { - "markdownDescription": "This optional parameter enables auto scaling for the table if set to `false` .", - "title": "AutoScalingDisabled", - "type": "boolean" - }, - "MaximumUnits": { - "markdownDescription": "Manage costs by specifying the maximum amount of throughput to provision. The value must be between 1 and the max throughput per second quota for your account (40,000 by default).", - "title": "MaximumUnits", + "Name": { + "markdownDescription": "The name of the variable.", + "title": "Name", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::Flow.PromptModelInferenceConfiguration": { + "additionalProperties": false, + "properties": { + "MaxTokens": { + "markdownDescription": "The maximum number of tokens to return in the response.", + "title": "MaxTokens", "type": "number" }, - "MinimumUnits": { - "markdownDescription": "The minimum level of throughput the table should always be ready to support. The value must be between 1 and the max throughput per second quota for your account (40,000 by default).", - "title": "MinimumUnits", + "StopSequences": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of strings that define sequences after which the model will stop generating.", + "title": "StopSequences", + "type": "array" + }, + "Temperature": { + "markdownDescription": "Controls the randomness of the response. Choose a lower value for more predictable outputs and a higher value for more surprising outputs.", + "title": "Temperature", "type": "number" }, - "ScalingPolicy": { - "$ref": "#/definitions/AWS::Cassandra::Table.ScalingPolicy", - "markdownDescription": "Amazon Keyspaces supports the `target tracking` auto scaling policy. With this policy, Amazon Keyspaces auto scaling ensures that the table's ratio of consumed to provisioned capacity stays at or near the target value that you specify. You define the target value as a percentage between 20 and 90.", - "title": "ScalingPolicy" + "TopP": { + "markdownDescription": "The percentage of most-likely candidates that the model considers for the next token.", + "title": "TopP", + "type": "number" } }, "type": "object" }, - "AWS::Cassandra::Table.AutoScalingSpecification": { + "AWS::Bedrock::Flow.PromptTemplateConfiguration": { "additionalProperties": false, "properties": { - "ReadCapacityAutoScaling": { - "$ref": "#/definitions/AWS::Cassandra::Table.AutoScalingSetting", - "markdownDescription": "The auto scaling settings for the table's read capacity.", - "title": "ReadCapacityAutoScaling" - }, - "WriteCapacityAutoScaling": { - "$ref": "#/definitions/AWS::Cassandra::Table.AutoScalingSetting", - "markdownDescription": "The auto scaling settings for the table's write capacity.", - "title": "WriteCapacityAutoScaling" + "Text": { + "$ref": "#/definitions/AWS::Bedrock::Flow.TextPromptTemplateConfiguration", + "markdownDescription": "Contains configurations for the text in a message for a prompt.", + "title": "Text" } }, + "required": [ + "Text" + ], "type": "object" }, - "AWS::Cassandra::Table.BillingMode": { + "AWS::Bedrock::Flow.RerankingMetadataSelectiveModeConfiguration": { "additionalProperties": false, "properties": { - "Mode": { - "markdownDescription": "The billing mode for the table:\n\n- On-demand mode - `ON_DEMAND`\n- Provisioned mode - `PROVISIONED`\n\n> If you choose `PROVISIONED` mode, then you also need to specify provisioned throughput (read and write capacity) for the table.\n\nValid values: `ON_DEMAND` | `PROVISIONED`", - "title": "Mode", - "type": "string" + "FieldsToExclude": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Flow.FieldForReranking" + }, + "markdownDescription": "A list of metadata field names to explicitly exclude from the reranking process. All metadata fields except these will be considered when reordering search results. This parameter cannot be used together with fieldsToInclude.", + "title": "FieldsToExclude", + "type": "array" }, - "ProvisionedThroughput": { - "$ref": "#/definitions/AWS::Cassandra::Table.ProvisionedThroughput", - "markdownDescription": "The provisioned read capacity and write capacity for the table. For more information, see [Provisioned throughput capacity mode](https://docs.aws.amazon.com/keyspaces/latest/devguide/ReadWriteCapacityMode.html#ReadWriteCapacityMode.Provisioned) in the *Amazon Keyspaces Developer Guide* .", - "title": "ProvisionedThroughput" + "FieldsToInclude": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Flow.FieldForReranking" + }, + "markdownDescription": "A list of metadata field names to explicitly include in the reranking process. Only these fields will be considered when reordering search results. This parameter cannot be used together with fieldsToExclude.", + "title": "FieldsToInclude", + "type": "array" } }, - "required": [ - "Mode" - ], "type": "object" }, - "AWS::Cassandra::Table.ClusteringKeyColumn": { + "AWS::Bedrock::Flow.RetrievalFlowNodeConfiguration": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::Cassandra::Table.Column", - "markdownDescription": "The name and data type of this clustering key column.", - "title": "Column" - }, - "OrderBy": { - "markdownDescription": "The order in which this column's data is stored:\n\n- `ASC` (default) - The column's data is stored in ascending order.\n- `DESC` - The column's data is stored in descending order.", - "title": "OrderBy", - "type": "string" + "ServiceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.RetrievalFlowNodeServiceConfiguration", + "markdownDescription": "Contains configurations for the service to use for retrieving data to return as the output from the node.", + "title": "ServiceConfiguration" } }, "required": [ - "Column" + "ServiceConfiguration" ], "type": "object" }, - "AWS::Cassandra::Table.Column": { + "AWS::Bedrock::Flow.RetrievalFlowNodeS3Configuration": { "additionalProperties": false, "properties": { - "ColumnName": { - "markdownDescription": "The name of the column. For more information, see [Identifiers](https://docs.aws.amazon.com/keyspaces/latest/devguide/cql.elements.html#cql.elements.identifier) in the *Amazon Keyspaces Developer Guide* .", - "title": "ColumnName", - "type": "string" - }, - "ColumnType": { - "markdownDescription": "The data type of the column. For more information, see [Data types](https://docs.aws.amazon.com/keyspaces/latest/devguide/cql.elements.html#cql.data-types) in the *Amazon Keyspaces Developer Guide* .", - "title": "ColumnType", + "BucketName": { + "markdownDescription": "The name of the Amazon S3 bucket from which to retrieve data.", + "title": "BucketName", "type": "string" } }, "required": [ - "ColumnName", - "ColumnType" + "BucketName" ], "type": "object" }, - "AWS::Cassandra::Table.EncryptionSpecification": { + "AWS::Bedrock::Flow.RetrievalFlowNodeServiceConfiguration": { "additionalProperties": false, "properties": { - "EncryptionType": { - "markdownDescription": "The encryption at rest options for the table.\n\n- *AWS owned key* (default) - `AWS_OWNED_KMS_KEY`\n- *Customer managed key* - `CUSTOMER_MANAGED_KMS_KEY`\n\n> If you choose `CUSTOMER_MANAGED_KMS_KEY` , a `kms_key_identifier` in the format of a key ARN is required.\n\nValid values: `CUSTOMER_MANAGED_KMS_KEY` | `AWS_OWNED_KMS_KEY` .", - "title": "EncryptionType", + "S3": { + "$ref": "#/definitions/AWS::Bedrock::Flow.RetrievalFlowNodeS3Configuration", + "markdownDescription": "Contains configurations for the Amazon S3 location from which to retrieve data to return as the output from the node.", + "title": "S3" + } + }, + "type": "object" + }, + "AWS::Bedrock::Flow.S3Location": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The S3 bucket containing the flow definition.", + "title": "Bucket", "type": "string" }, - "KmsKeyIdentifier": { - "markdownDescription": "Requires a `kms_key_identifier` in the format of a key ARN.", - "title": "KmsKeyIdentifier", + "Key": { + "markdownDescription": "The object key for the S3 location containing the definition.", + "title": "Key", + "type": "string" + }, + "Version": { + "markdownDescription": "The Amazon S3 location from which to retrieve data for an S3 retrieve node or to which to store data for an S3 storage node.", + "title": "Version", "type": "string" } }, "required": [ - "EncryptionType" + "Bucket", + "Key" ], "type": "object" }, - "AWS::Cassandra::Table.ProvisionedThroughput": { + "AWS::Bedrock::Flow.StorageFlowNodeConfiguration": { "additionalProperties": false, "properties": { - "ReadCapacityUnits": { - "markdownDescription": "The amount of read capacity that's provisioned for the table. For more information, see [Read/write capacity mode](https://docs.aws.amazon.com/keyspaces/latest/devguide/ReadWriteCapacityMode.html) in the *Amazon Keyspaces Developer Guide* .", - "title": "ReadCapacityUnits", - "type": "number" - }, - "WriteCapacityUnits": { - "markdownDescription": "The amount of write capacity that's provisioned for the table. For more information, see [Read/write capacity mode](https://docs.aws.amazon.com/keyspaces/latest/devguide/ReadWriteCapacityMode.html) in the *Amazon Keyspaces Developer Guide* .", - "title": "WriteCapacityUnits", - "type": "number" + "ServiceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.StorageFlowNodeServiceConfiguration", + "markdownDescription": "Contains configurations for the service to use for storing the input into the node.", + "title": "ServiceConfiguration" } }, "required": [ - "ReadCapacityUnits", - "WriteCapacityUnits" + "ServiceConfiguration" ], "type": "object" }, - "AWS::Cassandra::Table.ReplicaSpecification": { + "AWS::Bedrock::Flow.StorageFlowNodeS3Configuration": { "additionalProperties": false, "properties": { - "ReadCapacityAutoScaling": { - "$ref": "#/definitions/AWS::Cassandra::Table.AutoScalingSetting", - "markdownDescription": "The read capacity auto scaling settings for the multi-Region table in the specified AWS Region.", - "title": "ReadCapacityAutoScaling" - }, - "ReadCapacityUnits": { - "markdownDescription": "The provisioned read capacity units for the multi-Region table in the specified AWS Region.", - "title": "ReadCapacityUnits", - "type": "number" - }, - "Region": { - "markdownDescription": "The AWS Region.", - "title": "Region", + "BucketName": { + "markdownDescription": "The name of the Amazon S3 bucket in which to store the input into the node.", + "title": "BucketName", "type": "string" } }, "required": [ - "Region" + "BucketName" ], "type": "object" }, - "AWS::Cassandra::Table.ScalingPolicy": { + "AWS::Bedrock::Flow.StorageFlowNodeServiceConfiguration": { "additionalProperties": false, "properties": { - "TargetTrackingScalingPolicyConfiguration": { - "$ref": "#/definitions/AWS::Cassandra::Table.TargetTrackingScalingPolicyConfiguration", - "markdownDescription": "The auto scaling policy that scales a table based on the ratio of consumed to provisioned capacity.", - "title": "TargetTrackingScalingPolicyConfiguration" + "S3": { + "$ref": "#/definitions/AWS::Bedrock::Flow.StorageFlowNodeS3Configuration", + "markdownDescription": "Contains configurations for the Amazon S3 location in which to store the input into the node.", + "title": "S3" } }, "type": "object" }, - "AWS::Cassandra::Table.TargetTrackingScalingPolicyConfiguration": { + "AWS::Bedrock::Flow.TextPromptTemplateConfiguration": { "additionalProperties": false, "properties": { - "DisableScaleIn": { - "markdownDescription": "Specifies if `scale-in` is enabled.\n\nWhen auto scaling automatically decreases capacity for a table, the table *scales in* . When scaling policies are set, they can't scale in the table lower than its minimum capacity.", - "title": "DisableScaleIn", - "type": "boolean" + "InputVariables": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Flow.PromptInputVariable" + }, + "markdownDescription": "An array of the variables in the prompt template.", + "title": "InputVariables", + "type": "array" }, - "ScaleInCooldown": { - "markdownDescription": "Specifies a `scale-in` cool down period.\n\nA cooldown period in seconds between scaling activities that lets the table stabilize before another scaling activity starts.", - "title": "ScaleInCooldown", - "type": "number" + "Text": { + "markdownDescription": "The message for the prompt.", + "title": "Text", + "type": "string" + } + }, + "required": [ + "Text" + ], + "type": "object" + }, + "AWS::Bedrock::Flow.VectorSearchBedrockRerankingConfiguration": { + "additionalProperties": false, + "properties": { + "MetadataConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.MetadataConfigurationForReranking", + "markdownDescription": "Configuration for how document metadata should be used during the reranking process. This determines which metadata fields are included when reordering search results.", + "title": "MetadataConfiguration" }, - "ScaleOutCooldown": { - "markdownDescription": "Specifies a scale out cool down period.\n\nA cooldown period in seconds between scaling activities that lets the table stabilize before another scaling activity starts.", - "title": "ScaleOutCooldown", - "type": "number" + "ModelConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.VectorSearchBedrockRerankingModelConfiguration", + "markdownDescription": "Configuration for the Amazon Bedrock foundation model used for reranking. This includes the model ARN and any additional request fields required by the model.", + "title": "ModelConfiguration" }, - "TargetValue": { - "markdownDescription": "Specifies the target value for the target tracking auto scaling policy.\n\nAmazon Keyspaces auto scaling scales up capacity automatically when traffic exceeds this target utilization rate, and then back down when it falls below the target. This ensures that the ratio of consumed capacity to provisioned capacity stays at or near this value. You define `targetValue` as a percentage. An `integer` between 20 and 90.", - "title": "TargetValue", + "NumberOfRerankedResults": { + "markdownDescription": "The maximum number of results to rerank. This limits how many of the initial vector search results will be processed by the reranking model. A smaller number improves performance but may exclude potentially relevant results.", + "title": "NumberOfRerankedResults", "type": "number" } }, "required": [ - "TargetValue" + "ModelConfiguration" ], "type": "object" }, - "AWS::CertificateManager::Account": { + "AWS::Bedrock::Flow.VectorSearchBedrockRerankingModelConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ExpiryEventsConfiguration": { - "$ref": "#/definitions/AWS::CertificateManager::Account.ExpiryEventsConfiguration", - "markdownDescription": "Object containing expiration events options associated with an AWS account . For more information, see [ExpiryEventsConfiguration](https://docs.aws.amazon.com/acm/latest/APIReference/API_ExpiryEventsConfiguration.html) in the API reference.", - "title": "ExpiryEventsConfiguration" - } - }, - "required": [ - "ExpiryEventsConfiguration" - ], + "AdditionalModelRequestFields": { + "markdownDescription": "A list of additional fields to include in the model request during reranking. These fields provide extra context or configuration options specific to the selected foundation model.", + "title": "AdditionalModelRequestFields", "type": "object" }, - "Type": { - "enum": [ - "AWS::CertificateManager::Account" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ModelArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the foundation model to use for reranking. This model processes the query and search results to determine a more relevant ordering.", + "title": "ModelArn", "type": "string" } }, "required": [ - "Type", - "Properties" + "ModelArn" ], "type": "object" }, - "AWS::CertificateManager::Account.ExpiryEventsConfiguration": { + "AWS::Bedrock::Flow.VectorSearchRerankingConfiguration": { "additionalProperties": false, "properties": { - "DaysBeforeExpiry": { - "markdownDescription": "This option specifies the number of days prior to certificate expiration when ACM starts generating `EventBridge` events. ACM sends one event per day per certificate until the certificate expires. By default, accounts receive events starting 45 days before certificate expiration.", - "title": "DaysBeforeExpiry", - "type": "number" + "BedrockRerankingConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.VectorSearchBedrockRerankingConfiguration", + "markdownDescription": "Configuration for using Amazon Bedrock foundation models to rerank search results. This is required when the reranking type is set to BEDROCK.", + "title": "BedrockRerankingConfiguration" + }, + "Type": { + "markdownDescription": "The type of reranking to apply to vector search results. Currently, the only supported value is BEDROCK, which uses Amazon Bedrock foundation models for reranking.", + "title": "Type", + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::CertificateManager::Certificate": { + "AWS::Bedrock::FlowAlias": { "additionalProperties": false, "properties": { "Condition": { @@ -32397,64 +36962,56 @@ "Properties": { "additionalProperties": false, "properties": { - "CertificateAuthorityArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the private certificate authority (CA) that will be used to issue the certificate. If you do not provide an ARN and you are trying to request a private certificate, ACM will attempt to issue a public certificate. For more information about private CAs, see the [AWS Private Certificate Authority](https://docs.aws.amazon.com/privateca/latest/userguide/PcaWelcome.html) user guide. The ARN must have the following form:\n\n`arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012`", - "title": "CertificateAuthorityArn", - "type": "string" + "ConcurrencyConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowAlias.FlowAliasConcurrencyConfiguration", + "markdownDescription": "The configuration that specifies how nodes in the flow are executed concurrently.", + "title": "ConcurrencyConfiguration" }, - "CertificateTransparencyLoggingPreference": { - "markdownDescription": "You can opt out of certificate transparency logging by specifying the `DISABLED` option. Opt in by specifying `ENABLED` .\n\nIf you do not specify a certificate transparency logging preference on a new CloudFormation template, or if you remove the logging preference from an existing template, this is the same as explicitly enabling the preference.\n\nChanging the certificate transparency logging preference will update the existing resource by calling `UpdateCertificateOptions` on the certificate. This action will not create a new resource.", - "title": "CertificateTransparencyLoggingPreference", + "Description": { + "markdownDescription": "A description of the alias.", + "title": "Description", "type": "string" }, - "DomainName": { - "markdownDescription": "The fully qualified domain name (FQDN), such as www.example.com, with which you want to secure an ACM certificate. Use an asterisk (*) to create a wildcard certificate that protects several sites in the same domain. For example, `*.example.com` protects `www.example.com` , `site.example.com` , and `images.example.com.`", - "title": "DomainName", + "FlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the alias.", + "title": "FlowArn", "type": "string" }, - "DomainValidationOptions": { - "items": { - "$ref": "#/definitions/AWS::CertificateManager::Certificate.DomainValidationOption" - }, - "markdownDescription": "Domain information that domain name registrars use to verify your identity.\n\n> In order for a AWS::CertificateManager::Certificate to be provisioned and validated in CloudFormation automatically, the `DomainName` property needs to be identical to one of the `DomainName` property supplied in DomainValidationOptions, if the ValidationMethod is **DNS**. Failing to keep them like-for-like will result in failure to create the domain validation records in Route53.", - "title": "DomainValidationOptions", - "type": "array" - }, - "KeyAlgorithm": { - "markdownDescription": "Specifies the algorithm of the public and private key pair that your certificate uses to encrypt data. RSA is the default key algorithm for ACM certificates. Elliptic Curve Digital Signature Algorithm (ECDSA) keys are smaller, offering security comparable to RSA keys but with greater computing efficiency. However, ECDSA is not supported by all network clients. Some AWS services may require RSA keys, or only support ECDSA keys of a particular size, while others allow the use of either RSA and ECDSA keys to ensure that compatibility is not broken. Check the requirements for the AWS service where you plan to deploy your certificate. For more information about selecting an algorithm, see [Key algorithms](https://docs.aws.amazon.com/acm/latest/userguide/acm-certificate.html#algorithms) .\n\n> Algorithms supported for an ACM certificate request include:\n> \n> - `RSA_2048`\n> - `EC_prime256v1`\n> - `EC_secp384r1`\n> \n> Other listed algorithms are for imported certificates only. > When you request a private PKI certificate signed by a CA from AWS Private CA, the specified signing algorithm family (RSA or ECDSA) must match the algorithm family of the CA's secret key. \n\nDefault: RSA_2048", - "title": "KeyAlgorithm", + "Name": { + "markdownDescription": "The name of the alias.", + "title": "Name", "type": "string" }, - "SubjectAlternativeNames": { + "RoutingConfiguration": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Bedrock::FlowAlias.FlowAliasRoutingConfigurationListItem" }, - "markdownDescription": "Additional FQDNs to be included in the Subject Alternative Name extension of the ACM certificate. For example, you can add www.example.net to a certificate for which the `DomainName` field is www.example.com if users can reach your site by using either name.", - "title": "SubjectAlternativeNames", + "markdownDescription": "A list of configurations about the versions that the alias maps to. Currently, you can only specify one.", + "title": "RoutingConfiguration", "type": "array" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "Metadata that you can assign to a resource as key-value pairs. For more information, see the following resources:\n\n- [Tag naming limits and requirements](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-conventions)\n- [Tagging best practices](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-best-practices)", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "Key-value pairs that can identify the certificate.", "title": "Tags", - "type": "array" - }, - "ValidationMethod": { - "markdownDescription": "The method you want to use to validate that you own or control the domain associated with a public certificate. You can [validate with DNS](https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-dns.html) or [validate with email](https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-email.html) . We recommend that you use DNS validation.\n\nIf not specified, this property defaults to email validation.", - "title": "ValidationMethod", - "type": "string" + "type": "object" } }, "required": [ - "DomainName" + "FlowArn", + "Name", + "RoutingConfiguration" ], "type": "object" }, "Type": { "enum": [ - "AWS::CertificateManager::Certificate" + "AWS::Bedrock::FlowAlias" ], "type": "string" }, @@ -32473,31 +37030,37 @@ ], "type": "object" }, - "AWS::CertificateManager::Certificate.DomainValidationOption": { + "AWS::Bedrock::FlowAlias.FlowAliasConcurrencyConfiguration": { "additionalProperties": false, "properties": { - "DomainName": { - "markdownDescription": "A fully qualified domain name (FQDN) in the certificate request.", - "title": "DomainName", - "type": "string" - }, - "HostedZoneId": { - "markdownDescription": "The `HostedZoneId` option, which is available if you are using Route 53 as your domain registrar, causes ACM to add your CNAME to the domain record. Your list of `DomainValidationOptions` must contain one and only one of the domain-validation options, and the `HostedZoneId` can be used only when `DNS` is specified as your validation method.\n\nUse the Route 53 `ListHostedZones` API to discover IDs for available hosted zones.\n\nThis option is required for publicly trusted certificates.\n\n> The `ListHostedZones` API returns IDs in the format \"/hostedzone/Z111111QQQQQQQ\", but CloudFormation requires the IDs to be in the format \"Z111111QQQQQQQ\". \n\nWhen you change your `DomainValidationOptions` , a new resource is created.", - "title": "HostedZoneId", - "type": "string" + "MaxConcurrency": { + "markdownDescription": "The maximum number of nodes that can be executed concurrently in the flow.", + "title": "MaxConcurrency", + "type": "number" }, - "ValidationDomain": { - "markdownDescription": "The domain name to which you want ACM to send validation emails. This domain name is the suffix of the email addresses that you want ACM to use. This must be the same as the `DomainName` value or a superdomain of the `DomainName` value. For example, if you request a certificate for `testing.example.com` , you can specify `example.com` as this value. In that case, ACM sends domain validation emails to the following five addresses:\n\n- admin@example.com\n- administrator@example.com\n- hostmaster@example.com\n- postmaster@example.com\n- webmaster@example.com", - "title": "ValidationDomain", + "Type": { + "markdownDescription": "The type of concurrency to use for parallel node execution. Specify one of the following options:\n\n- `Automatic` - Amazon Bedrock determines which nodes can be executed in parallel based on the flow definition and its dependencies.\n- `Manual` - You specify which nodes can be executed in parallel.", + "title": "Type", "type": "string" } }, "required": [ - "DomainName" + "Type" ], "type": "object" }, - "AWS::Chatbot::MicrosoftTeamsChannelConfiguration": { + "AWS::Bedrock::FlowAlias.FlowAliasRoutingConfigurationListItem": { + "additionalProperties": false, + "properties": { + "FlowVersion": { + "markdownDescription": "The version that the alias maps to.", + "title": "FlowVersion", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::FlowVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -32532,70 +37095,25 @@ "Properties": { "additionalProperties": false, "properties": { - "ConfigurationName": { - "markdownDescription": "The name of the configuration.", - "title": "ConfigurationName", - "type": "string" - }, - "GuardrailPolicies": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of IAM policy ARNs that are applied as channel guardrails. The AWS managed 'AdministratorAccess' policy is applied as a default if this is not set.", - "title": "GuardrailPolicies", - "type": "array" - }, - "IamRoleArn": { - "markdownDescription": "The ARN of the IAM role that defines the permissions for .\n\nThis is a user-defined role that will assume. This is not the service-linked role. For more information, see [IAM Policies for in chat applications](https://docs.aws.amazon.com/chatbot/latest/adminguide/chatbot-iam-policies.html) .", - "title": "IamRoleArn", - "type": "string" - }, - "LoggingLevel": { - "markdownDescription": "Specifies the logging level for this configuration. This property affects the log entries pushed to Amazon CloudWatch Logs.\n\nLogging levels include `ERROR` , `INFO` , or `NONE` .", - "title": "LoggingLevel", - "type": "string" - }, - "SnsTopicArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The ARNs of the SNS topics that deliver notifications to .", - "title": "SnsTopicArns", - "type": "array" - }, - "TeamId": { - "markdownDescription": "The ID of the Microsoft Team authorized with .\n\nTo get the team ID, you must perform the initial authorization flow with Microsoft Teams in the in chat applications console. Then you can copy and paste the team ID from the console. For more details, see steps 1-3 in [Tutorial: Get started with Microsoft Teams](https://docs.aws.amazon.com/chatbot/latest/adminguide/teams-setup.html) in the *in chat applications Administrator Guide* .", - "title": "TeamId", - "type": "string" - }, - "TeamsChannelId": { - "markdownDescription": "The ID of the Microsoft Teams channel.\n\nTo get the channel ID, open Microsoft Teams, right click on the channel name in the left pane, then choose *Copy* . An example of the channel ID syntax is: `19%3ab6ef35dc342d56ba5654e6fc6d25a071%40thread.tacv2` .", - "title": "TeamsChannelId", + "Description": { + "markdownDescription": "The description of the flow version.", + "title": "Description", "type": "string" }, - "TeamsTenantId": { - "markdownDescription": "The ID of the Microsoft Teams tenant.\n\nTo get the tenant ID, you must perform the initial authorization flow with Microsoft Teams in the in chat applications console. Then you can copy and paste the tenant ID from the console. For more details, see steps 1-3 in [Tutorial: Get started with Microsoft Teams](https://docs.aws.amazon.com/chatbot/latest/adminguide/teams-setup.html) in the *in chat applications Administrator Guide* .", - "title": "TeamsTenantId", + "FlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the flow that the version belongs to.", + "title": "FlowArn", "type": "string" - }, - "UserRoleRequired": { - "markdownDescription": "Enables use of a user role requirement in your chat configuration.", - "title": "UserRoleRequired", - "type": "boolean" } }, "required": [ - "ConfigurationName", - "IamRoleArn", - "TeamId", - "TeamsChannelId", - "TeamsTenantId" + "FlowArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Chatbot::MicrosoftTeamsChannelConfiguration" + "AWS::Bedrock::FlowVersion" ], "type": "string" }, @@ -32614,903 +37132,907 @@ ], "type": "object" }, - "AWS::Chatbot::SlackChannelConfiguration": { + "AWS::Bedrock::FlowVersion.AgentFlowNodeConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "AgentAliasArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the alias of the agent to invoke.", + "title": "AgentAliasArn", "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ConfigurationName": { - "markdownDescription": "The name of the configuration.", - "title": "ConfigurationName", - "type": "string" - }, - "GuardrailPolicies": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of IAM policy ARNs that are applied as channel guardrails. The AWS managed 'AdministratorAccess' policy is applied as a default if this is not set.", - "title": "GuardrailPolicies", - "type": "array" - }, - "IamRoleArn": { - "markdownDescription": "The ARN of the IAM role that defines the permissions for .\n\nThis is a user-defined role that will assume. This is not the service-linked role. For more information, see [IAM Policies for in chat applications](https://docs.aws.amazon.com/chatbot/latest/adminguide/chatbot-iam-policies.html) .", - "title": "IamRoleArn", - "type": "string" - }, - "LoggingLevel": { - "markdownDescription": "Specifies the logging level for this configuration. This property affects the log entries pushed to Amazon CloudWatch Logs.\n\nLogging levels include `ERROR` , `INFO` , or `NONE` .", - "title": "LoggingLevel", - "type": "string" - }, - "SlackChannelId": { - "markdownDescription": "The ID of the Slack channel.\n\nTo get the ID, open Slack, right click on the channel name in the left pane, then choose Copy Link. The channel ID is the character string at the end of the URL. For example, `ABCBBLZZZ` .", - "title": "SlackChannelId", - "type": "string" - }, - "SlackWorkspaceId": { - "markdownDescription": "The ID of the Slack workspace authorized with .\n\nTo get the workspace ID, you must perform the initial authorization flow with Slack in the in chat applications console. Then you can copy and paste the workspace ID from the console. For more details, see steps 1-3 in [Tutorial: Get started with Slack](https://docs.aws.amazon.com/chatbot/latest/adminguide/slack-setup.html#slack-client-setup) in the *in chat applications User Guide* .", - "title": "SlackWorkspaceId", - "type": "string" - }, - "SnsTopicArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The ARNs of the SNS topics that deliver notifications to .", - "title": "SnsTopicArns", - "type": "array" - }, - "UserRoleRequired": { - "markdownDescription": "Enables use of a user role requirement in your chat configuration.", - "title": "UserRoleRequired", - "type": "boolean" - } + } + }, + "required": [ + "AgentAliasArn" + ], + "type": "object" + }, + "AWS::Bedrock::FlowVersion.ConditionFlowNodeConfiguration": { + "additionalProperties": false, + "properties": { + "Conditions": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.FlowCondition" }, - "required": [ - "ConfigurationName", - "IamRoleArn", - "SlackChannelId", - "SlackWorkspaceId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Chatbot::SlackChannelConfiguration" - ], + "markdownDescription": "An array of conditions. Each member contains the name of a condition and an expression that defines the condition.", + "title": "Conditions", + "type": "array" + } + }, + "required": [ + "Conditions" + ], + "type": "object" + }, + "AWS::Bedrock::FlowVersion.FieldForReranking": { + "additionalProperties": false, + "properties": { + "FieldName": { + "markdownDescription": "The name of the metadata field to be used during the reranking process.", + "title": "FieldName", + "type": "string" + } + }, + "required": [ + "FieldName" + ], + "type": "object" + }, + "AWS::Bedrock::FlowVersion.FlowCondition": { + "additionalProperties": false, + "properties": { + "Expression": { + "markdownDescription": "Defines the condition. You must refer to at least one of the inputs in the condition. For more information, expand the Condition node section in [Node types in prompt flows](https://docs.aws.amazon.com/bedrock/latest/userguide/flows-how-it-works.html#flows-nodes) .", + "title": "Expression", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "A name for the condition that you can reference.", + "title": "Name", "type": "string" } }, "required": [ - "Type", - "Properties" + "Name" ], "type": "object" }, - "AWS::CleanRooms::AnalysisTemplate": { + "AWS::Bedrock::FlowVersion.FlowConditionalConnectionConfiguration": { "additionalProperties": false, "properties": { "Condition": { + "markdownDescription": "The condition that triggers this connection. For more information about how to write conditions, see the *Condition* node type in the [Node types](https://docs.aws.amazon.com/bedrock/latest/userguide/node-types.html) topic in the Amazon Bedrock User Guide.", + "title": "Condition", "type": "string" + } + }, + "required": [ + "Condition" + ], + "type": "object" + }, + "AWS::Bedrock::FlowVersion.FlowConnection": { + "additionalProperties": false, + "properties": { + "Configuration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.FlowConnectionConfiguration", + "markdownDescription": "The configuration of the connection.", + "title": "Configuration" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "A name for the connection that you can reference.", + "title": "Name", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AnalysisParameters": { - "items": { - "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate.AnalysisParameter" - }, - "markdownDescription": "The parameters of the analysis template.", - "title": "AnalysisParameters", - "type": "array" - }, - "Description": { - "markdownDescription": "The description of the analysis template.", - "title": "Description", - "type": "string" - }, - "Format": { - "markdownDescription": "The format of the analysis template.", - "title": "Format", - "type": "string" - }, - "MembershipIdentifier": { - "markdownDescription": "The identifier for a membership resource.", - "title": "MembershipIdentifier", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the analysis template.", - "title": "Name", - "type": "string" - }, - "Source": { - "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate.AnalysisSource", - "markdownDescription": "The source of the analysis template.", - "title": "Source" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Format", - "MembershipIdentifier", - "Name", - "Source" - ], - "type": "object" + "Source": { + "markdownDescription": "The node that the connection starts at.", + "title": "Source", + "type": "string" }, - "Type": { - "enum": [ - "AWS::CleanRooms::AnalysisTemplate" - ], + "Target": { + "markdownDescription": "The node that the connection ends at.", + "title": "Target", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Type": { + "markdownDescription": "Whether the source node that the connection begins from is a condition node ( `Conditional` ) or not ( `Data` ).", + "title": "Type", "type": "string" } }, "required": [ - "Type", - "Properties" + "Name", + "Source", + "Target", + "Type" ], "type": "object" }, - "AWS::CleanRooms::AnalysisTemplate.AnalysisParameter": { + "AWS::Bedrock::FlowVersion.FlowConnectionConfiguration": { "additionalProperties": false, "properties": { - "DefaultValue": { - "markdownDescription": "Optional. The default value that is applied in the analysis template. The member who can query can override this value in the query editor.", - "title": "DefaultValue", - "type": "string" + "Conditional": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.FlowConditionalConnectionConfiguration", + "markdownDescription": "The configuration of a connection originating from a Condition node.", + "title": "Conditional" }, - "Name": { - "markdownDescription": "The name of the parameter. The name must use only alphanumeric, underscore (_), or hyphen (-) characters but cannot start or end with a hyphen.", - "title": "Name", + "Data": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.FlowDataConnectionConfiguration", + "markdownDescription": "The configuration of a connection originating from a node that isn't a Condition node.", + "title": "Data" + } + }, + "type": "object" + }, + "AWS::Bedrock::FlowVersion.FlowDataConnectionConfiguration": { + "additionalProperties": false, + "properties": { + "SourceOutput": { + "markdownDescription": "The name of the output in the source node that the connection begins from.", + "title": "SourceOutput", "type": "string" }, - "Type": { - "markdownDescription": "The type of parameter.", - "title": "Type", + "TargetInput": { + "markdownDescription": "The name of the input in the target node that the connection ends at.", + "title": "TargetInput", "type": "string" } }, "required": [ - "Name", - "Type" + "SourceOutput", + "TargetInput" ], "type": "object" }, - "AWS::CleanRooms::AnalysisTemplate.AnalysisSchema": { + "AWS::Bedrock::FlowVersion.FlowDefinition": { "additionalProperties": false, "properties": { - "ReferencedTables": { + "Connections": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.FlowConnection" }, - "markdownDescription": "The tables referenced in the analysis schema.", - "title": "ReferencedTables", + "markdownDescription": "An array of connection definitions in the flow.", + "title": "Connections", + "type": "array" + }, + "Nodes": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.FlowNode" + }, + "markdownDescription": "An array of node definitions in the flow.", + "title": "Nodes", "type": "array" } }, - "required": [ - "ReferencedTables" - ], "type": "object" }, - "AWS::CleanRooms::AnalysisTemplate.AnalysisSource": { + "AWS::Bedrock::FlowVersion.FlowNode": { "additionalProperties": false, "properties": { - "Text": { - "markdownDescription": "The query text.", - "title": "Text", + "Configuration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.FlowNodeConfiguration", + "markdownDescription": "Contains configurations for the node.", + "title": "Configuration" + }, + "Inputs": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.FlowNodeInput" + }, + "markdownDescription": "An array of objects, each of which contains information about an input into the node.", + "title": "Inputs", + "type": "array" + }, + "Name": { + "markdownDescription": "A name for the node.", + "title": "Name", + "type": "string" + }, + "Outputs": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.FlowNodeOutput" + }, + "markdownDescription": "A list of objects, each of which contains information about an output from the node.", + "title": "Outputs", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of node. This value must match the name of the key that you provide in the configuration you provide in the `FlowNodeConfiguration` field.", + "title": "Type", "type": "string" } }, "required": [ - "Text" + "Name", + "Type" ], "type": "object" }, - "AWS::CleanRooms::Collaboration": { + "AWS::Bedrock::FlowVersion.FlowNodeConfiguration": { "additionalProperties": false, "properties": { + "Agent": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.AgentFlowNodeConfiguration", + "markdownDescription": "Contains configurations for an agent node in your flow. Invokes an alias of an agent and returns the response.", + "title": "Agent" + }, + "Collector": { + "markdownDescription": "Contains configurations for a collector node in your flow. Collects an iteration of inputs and consolidates them into an array of outputs.", + "title": "Collector", + "type": "object" + }, "Condition": { - "type": "string" + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.ConditionFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a condition node in your flow. Defines conditions that lead to different branches of the flow.", + "title": "Condition" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "InlineCode": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.InlineCodeFlowNodeConfiguration", + "markdownDescription": "Contains configurations for an inline code node in your flow. Inline code nodes let you write and execute code directly within your flow, enabling data transformations, custom logic, and integrations without needing an external Lambda function.", + "title": "InlineCode" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Input": { + "markdownDescription": "Contains configurations for an input flow node in your flow. The first node in the flow. `inputs` can't be specified for this node.", + "title": "Input", + "type": "object" }, - "Metadata": { + "Iterator": { + "markdownDescription": "Contains configurations for an iterator node in your flow. Takes an input that is an array and iteratively sends each item of the array as an output to the following node. The size of the array is also returned in the output.\n\nThe output flow node at the end of the flow iteration will return a response for each member of the array. To return only one response, you can include a collector node downstream from the iterator node.", + "title": "Iterator", "type": "object" }, - "Properties": { - "additionalProperties": false, - "properties": { - "CreatorDisplayName": { - "markdownDescription": "A display name of the collaboration creator.", - "title": "CreatorDisplayName", - "type": "string" - }, - "CreatorMemberAbilities": { - "items": { - "type": "string" - }, - "markdownDescription": "The abilities granted to the collaboration creator.\n\n*Allowed values* `CAN_QUERY` | `CAN_RECEIVE_RESULTS` | `CAN_RUN_JOB`", - "title": "CreatorMemberAbilities", - "type": "array" - }, - "CreatorPaymentConfiguration": { - "$ref": "#/definitions/AWS::CleanRooms::Collaboration.PaymentConfiguration", - "markdownDescription": "An object representing the collaboration member's payment responsibilities set by the collaboration creator.", - "title": "CreatorPaymentConfiguration" - }, - "DataEncryptionMetadata": { - "$ref": "#/definitions/AWS::CleanRooms::Collaboration.DataEncryptionMetadata", - "markdownDescription": "The settings for client-side encryption for cryptographic computing.", - "title": "DataEncryptionMetadata" - }, - "Description": { - "markdownDescription": "A description of the collaboration provided by the collaboration owner.", - "title": "Description", - "type": "string" - }, - "Members": { - "items": { - "$ref": "#/definitions/AWS::CleanRooms::Collaboration.MemberSpecification" - }, - "markdownDescription": "A list of initial members, not including the creator. This list is immutable.", - "title": "Members", - "type": "array" - }, - "Name": { - "markdownDescription": "A human-readable identifier provided by the collaboration owner. Display names are not unique.", - "title": "Name", - "type": "string" - }, - "QueryLogStatus": { - "markdownDescription": "An indicator as to whether query logging has been enabled or disabled for the collaboration.\n\nWhen `ENABLED` , AWS Clean Rooms logs details about queries run within this collaboration and those logs can be viewed in Amazon CloudWatch Logs. The default value is `DISABLED` .", - "title": "QueryLogStatus", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "CreatorDisplayName", - "CreatorMemberAbilities", - "Description", - "Members", - "Name", - "QueryLogStatus" - ], + "KnowledgeBase": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.KnowledgeBaseFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a knowledge base node in your flow. Queries a knowledge base and returns the retrieved results or generated response.", + "title": "KnowledgeBase" + }, + "LambdaFunction": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.LambdaFunctionFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a Lambda function node in your flow. Invokes an AWS Lambda function.", + "title": "LambdaFunction" + }, + "Lex": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.LexFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a Lex node in your flow. Invokes an Amazon Lex bot to identify the intent of the input and return the intent as the output.", + "title": "Lex" + }, + "Loop": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.LoopFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a DoWhile loop in your flow.", + "title": "Loop" + }, + "LoopController": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.LoopControllerFlowNodeConfiguration", + "markdownDescription": "Contains controller node configurations for a DoWhile loop in your flow.", + "title": "LoopController" + }, + "LoopInput": { + "markdownDescription": "Contains input node configurations for a DoWhile loop in your flow.", + "title": "LoopInput", "type": "object" }, - "Type": { - "enum": [ - "AWS::CleanRooms::Collaboration" - ], + "Output": { + "markdownDescription": "Contains configurations for an output flow node in your flow. The last node in the flow. `outputs` can't be specified for this node.", + "title": "Output", + "type": "object" + }, + "Prompt": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.PromptFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a prompt node in your flow. Runs a prompt and generates the model response as the output. You can use a prompt from Prompt management or you can configure one in this node.", + "title": "Prompt" + }, + "Retrieval": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.RetrievalFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a retrieval node in your flow. Retrieves data from an Amazon S3 location and returns it as the output.", + "title": "Retrieval" + }, + "Storage": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.StorageFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a storage node in your flow. Stores an input in an Amazon S3 location.", + "title": "Storage" + } + }, + "type": "object" + }, + "AWS::Bedrock::FlowVersion.FlowNodeInput": { + "additionalProperties": false, + "properties": { + "Expression": { + "markdownDescription": "An expression that formats the input for the node. For an explanation of how to create expressions, see [Expressions in Prompt flows in Amazon Bedrock](https://docs.aws.amazon.com/bedrock/latest/userguide/flows-expressions.html) .", + "title": "Expression", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "Specifies a name for the input that you can reference.", + "title": "Name", + "type": "string" + }, + "Type": { + "markdownDescription": "Specifies the data type of the input. If the input doesn't match this type at runtime, a validation error will be thrown.", + "title": "Type", "type": "string" } }, "required": [ - "Type", - "Properties" + "Expression", + "Name", + "Type" ], "type": "object" }, - "AWS::CleanRooms::Collaboration.DataEncryptionMetadata": { + "AWS::Bedrock::FlowVersion.FlowNodeOutput": { "additionalProperties": false, "properties": { - "AllowCleartext": { - "markdownDescription": "Indicates whether encrypted tables can contain cleartext data ( `TRUE` ) or are to cryptographically process every column ( `FALSE` ).", - "title": "AllowCleartext", - "type": "boolean" + "Name": { + "markdownDescription": "A name for the output that you can reference.", + "title": "Name", + "type": "string" }, - "AllowDuplicates": { - "markdownDescription": "Indicates whether Fingerprint columns can contain duplicate entries ( `TRUE` ) or are to contain only non-repeated values ( `FALSE` ).", - "title": "AllowDuplicates", - "type": "boolean" + "Type": { + "markdownDescription": "The data type of the output. If the output doesn't match this type at runtime, a validation error will be thrown.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Name", + "Type" + ], + "type": "object" + }, + "AWS::Bedrock::FlowVersion.GuardrailConfiguration": { + "additionalProperties": false, + "properties": { + "GuardrailIdentifier": { + "markdownDescription": "The identifier for the guardrail.", + "title": "GuardrailIdentifier", + "type": "string" }, - "AllowJoinsOnColumnsWithDifferentNames": { - "markdownDescription": "Indicates whether Fingerprint columns can be joined on any other Fingerprint column with a different name ( `TRUE` ) or can only be joined on Fingerprint columns of the same name ( `FALSE` ).", - "title": "AllowJoinsOnColumnsWithDifferentNames", - "type": "boolean" + "GuardrailVersion": { + "markdownDescription": "The version of the guardrail.", + "title": "GuardrailVersion", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::FlowVersion.InlineCodeFlowNodeConfiguration": { + "additionalProperties": false, + "properties": { + "Code": { + "markdownDescription": "The code that's executed in your inline code node. The code can access input data from previous nodes in the flow, perform operations on that data, and produce output that can be used by other nodes in your flow.\n\nThe code must be valid in the programming `language` that you specify.", + "title": "Code", + "type": "string" }, - "PreserveNulls": { - "markdownDescription": "Indicates whether NULL values are to be copied as NULL to encrypted tables ( `TRUE` ) or cryptographically processed ( `FALSE` ).", - "title": "PreserveNulls", - "type": "boolean" + "Language": { + "markdownDescription": "The programming language used by your inline code node.\n\nThe code must be valid in the programming `language` that you specify. Currently, only Python 3 ( `Python_3` ) is supported.", + "title": "Language", + "type": "string" } }, "required": [ - "AllowCleartext", - "AllowDuplicates", - "AllowJoinsOnColumnsWithDifferentNames", - "PreserveNulls" + "Code", + "Language" ], "type": "object" }, - "AWS::CleanRooms::Collaboration.MemberSpecification": { + "AWS::Bedrock::FlowVersion.KnowledgeBaseFlowNodeConfiguration": { "additionalProperties": false, "properties": { - "AccountId": { - "markdownDescription": "The identifier used to reference members of the collaboration. Currently only supports AWS account ID.", - "title": "AccountId", + "GuardrailConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.GuardrailConfiguration", + "markdownDescription": "Contains configurations for a guardrail to apply during query and response generation for the knowledge base in this configuration.", + "title": "GuardrailConfiguration" + }, + "InferenceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.PromptInferenceConfiguration", + "markdownDescription": "Contains inference configurations for the prompt.", + "title": "InferenceConfiguration" + }, + "KnowledgeBaseId": { + "markdownDescription": "The unique identifier of the knowledge base to query.", + "title": "KnowledgeBaseId", "type": "string" }, - "DisplayName": { - "markdownDescription": "The member's display name.", - "title": "DisplayName", + "ModelId": { + "markdownDescription": "The unique identifier of the model or [inference profile](https://docs.aws.amazon.com/bedrock/latest/userguide/cross-region-inference.html) to use to generate a response from the query results. Omit this field if you want to return the retrieved results as an array.", + "title": "ModelId", "type": "string" }, - "MemberAbilities": { - "items": { - "type": "string" - }, - "markdownDescription": "The abilities granted to the collaboration member.\n\n*Allowed Values* : `CAN_QUERY` | `CAN_RECEIVE_RESULTS`", - "title": "MemberAbilities", - "type": "array" + "NumberOfResults": { + "markdownDescription": "The number of results to retrieve from the knowledge base.", + "title": "NumberOfResults", + "type": "number" }, - "PaymentConfiguration": { - "$ref": "#/definitions/AWS::CleanRooms::Collaboration.PaymentConfiguration", - "markdownDescription": "The collaboration member's payment responsibilities set by the collaboration creator.\n\nIf the collaboration creator hasn't speci\ufb01ed anyone as the member paying for query compute costs, then the member who can query is the default payer.", - "title": "PaymentConfiguration" + "OrchestrationConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.KnowledgeBaseOrchestrationConfiguration", + "markdownDescription": "The configuration for orchestrating the retrieval and generation process in the knowledge base node.", + "title": "OrchestrationConfiguration" + }, + "PromptTemplate": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.KnowledgeBasePromptTemplate", + "markdownDescription": "A custom prompt template to use with the knowledge base for generating responses.", + "title": "PromptTemplate" + }, + "RerankingConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.VectorSearchRerankingConfiguration", + "markdownDescription": "The configuration for reranking the retrieved results from the knowledge base to improve relevance.", + "title": "RerankingConfiguration" } }, "required": [ - "AccountId", - "DisplayName", - "MemberAbilities" + "KnowledgeBaseId" ], "type": "object" }, - "AWS::CleanRooms::Collaboration.PaymentConfiguration": { + "AWS::Bedrock::FlowVersion.KnowledgeBaseOrchestrationConfiguration": { "additionalProperties": false, "properties": { - "QueryCompute": { - "$ref": "#/definitions/AWS::CleanRooms::Collaboration.QueryComputePaymentConfig", - "markdownDescription": "The collaboration member's payment responsibilities set by the collaboration creator for query compute costs.", - "title": "QueryCompute" + "AdditionalModelRequestFields": { + "markdownDescription": "The additional model-specific request parameters as key-value pairs to be included in the request to the foundation model.", + "title": "AdditionalModelRequestFields", + "type": "object" + }, + "InferenceConfig": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.PromptInferenceConfiguration", + "markdownDescription": "Contains inference configurations for the prompt.", + "title": "InferenceConfig" + }, + "PerformanceConfig": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.PerformanceConfiguration", + "markdownDescription": "The performance configuration options for the knowledge base retrieval and generation process.", + "title": "PerformanceConfig" + }, + "PromptTemplate": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.KnowledgeBasePromptTemplate", + "markdownDescription": "A custom prompt template for orchestrating the retrieval and generation process.", + "title": "PromptTemplate" + } + }, + "type": "object" + }, + "AWS::Bedrock::FlowVersion.KnowledgeBasePromptTemplate": { + "additionalProperties": false, + "properties": { + "TextPromptTemplate": { + "markdownDescription": "The text of the prompt template.", + "title": "TextPromptTemplate", + "type": "string" } }, "required": [ - "QueryCompute" + "TextPromptTemplate" ], "type": "object" }, - "AWS::CleanRooms::Collaboration.QueryComputePaymentConfig": { + "AWS::Bedrock::FlowVersion.LambdaFunctionFlowNodeConfiguration": { "additionalProperties": false, "properties": { - "IsResponsible": { - "markdownDescription": "Indicates whether the collaboration creator has configured the collaboration member to pay for query compute costs ( `TRUE` ) or has not configured the collaboration member to pay for query compute costs ( `FALSE` ).\n\nExactly one member can be configured to pay for query compute costs. An error is returned if the collaboration creator sets a `TRUE` value for more than one member in the collaboration.\n\nIf the collaboration creator hasn't specified anyone as the member paying for query compute costs, then the member who can query is the default payer. An error is returned if the collaboration creator sets a `FALSE` value for the member who can query.", - "title": "IsResponsible", - "type": "boolean" + "LambdaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function to invoke.", + "title": "LambdaArn", + "type": "string" } }, "required": [ - "IsResponsible" + "LambdaArn" ], "type": "object" }, - "AWS::CleanRooms::ConfiguredTable": { + "AWS::Bedrock::FlowVersion.LexFlowNodeConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "BotAliasArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Lex bot alias to invoke.", + "title": "BotAliasArn", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "LocaleId": { + "markdownDescription": "The Region to invoke the Amazon Lex bot in.", + "title": "LocaleId", "type": "string" + } + }, + "required": [ + "BotAliasArn", + "LocaleId" + ], + "type": "object" + }, + "AWS::Bedrock::FlowVersion.LoopControllerFlowNodeConfiguration": { + "additionalProperties": false, + "properties": { + "ContinueCondition": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.FlowCondition", + "markdownDescription": "Specifies the condition that determines when the flow exits the DoWhile loop. The loop executes until this condition evaluates to true.", + "title": "ContinueCondition" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AllowedColumns": { - "items": { - "type": "string" - }, - "markdownDescription": "The columns within the underlying AWS Glue table that can be utilized within collaborations.", - "title": "AllowedColumns", - "type": "array" - }, - "AnalysisMethod": { - "markdownDescription": "The analysis method for the configured table.\n\n`DIRECT_QUERY` allows SQL queries to be run directly on this table.\n\n`DIRECT_JOB` allows PySpark jobs to be run directly on this table.\n\n`MULTIPLE` allows both SQL queries and PySpark jobs to be run directly on this table.", - "title": "AnalysisMethod", - "type": "string" - }, - "AnalysisRules": { - "items": { - "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AnalysisRule" - }, - "markdownDescription": "The analysis rule that was created for the configured table.", - "title": "AnalysisRules", - "type": "array" - }, - "Description": { - "markdownDescription": "A description for the configured table.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "A name for the configured table.", - "title": "Name", - "type": "string" - }, - "TableReference": { - "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.TableReference", - "markdownDescription": "The table that this configured table represents.", - "title": "TableReference" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "AllowedColumns", - "AnalysisMethod", - "Name", - "TableReference" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::CleanRooms::ConfiguredTable" - ], + "MaxIterations": { + "markdownDescription": "Specifies the maximum number of times the DoWhile loop can iterate before the flow exits the loop.", + "title": "MaxIterations", + "type": "number" + } + }, + "required": [ + "ContinueCondition" + ], + "type": "object" + }, + "AWS::Bedrock::FlowVersion.LoopFlowNodeConfiguration": { + "additionalProperties": false, + "properties": { + "Definition": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.FlowDefinition", + "markdownDescription": "The definition of the DoWhile loop nodes and connections between nodes in the flow.", + "title": "Definition" + } + }, + "required": [ + "Definition" + ], + "type": "object" + }, + "AWS::Bedrock::FlowVersion.MetadataConfigurationForReranking": { + "additionalProperties": false, + "properties": { + "SelectionMode": { + "markdownDescription": "The mode for selecting which metadata fields to include in the reranking process. Valid values are ALL (use all available metadata fields) or SELECTIVE (use only specified fields).", + "title": "SelectionMode", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "SelectiveModeConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.RerankingMetadataSelectiveModeConfiguration", + "markdownDescription": "Configuration for selective mode, which allows you to explicitly include or exclude specific metadata fields during reranking. This is only used when selectionMode is set to SELECTIVE.", + "title": "SelectiveModeConfiguration" } }, "required": [ - "Type", - "Properties" + "SelectionMode" ], "type": "object" }, - "AWS::CleanRooms::ConfiguredTable.AggregateColumn": { + "AWS::Bedrock::FlowVersion.PerformanceConfiguration": { "additionalProperties": false, "properties": { - "ColumnNames": { - "items": { - "type": "string" - }, - "markdownDescription": "Column names in configured table of aggregate columns.", - "title": "ColumnNames", - "type": "array" - }, - "Function": { - "markdownDescription": "Aggregation function that can be applied to aggregate column in query.", - "title": "Function", + "Latency": { + "markdownDescription": "To use a latency-optimized version of the model, set to `optimized` .", + "title": "Latency", "type": "string" } }, + "type": "object" + }, + "AWS::Bedrock::FlowVersion.PromptFlowNodeConfiguration": { + "additionalProperties": false, + "properties": { + "GuardrailConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.GuardrailConfiguration", + "markdownDescription": "Contains configurations for a guardrail to apply to the prompt in this node and the response generated from it.", + "title": "GuardrailConfiguration" + }, + "SourceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.PromptFlowNodeSourceConfiguration", + "markdownDescription": "Specifies whether the prompt is from Prompt management or defined inline.", + "title": "SourceConfiguration" + } + }, "required": [ - "ColumnNames", - "Function" + "SourceConfiguration" ], "type": "object" }, - "AWS::CleanRooms::ConfiguredTable.AggregationConstraint": { + "AWS::Bedrock::FlowVersion.PromptFlowNodeInlineConfiguration": { "additionalProperties": false, "properties": { - "ColumnName": { - "markdownDescription": "Column in aggregation constraint for which there must be a minimum number of distinct values in an output row for it to be in the query output.", - "title": "ColumnName", + "InferenceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.PromptInferenceConfiguration", + "markdownDescription": "Contains inference configurations for the prompt.", + "title": "InferenceConfiguration" + }, + "ModelId": { + "markdownDescription": "The unique identifier of the model or [inference profile](https://docs.aws.amazon.com/bedrock/latest/userguide/cross-region-inference.html) to run inference with.", + "title": "ModelId", "type": "string" }, - "Minimum": { - "markdownDescription": "The minimum number of distinct values that an output row must be an aggregation of. Minimum threshold of distinct values for a specified column that must exist in an output row for it to be in the query output.", - "title": "Minimum", - "type": "number" + "TemplateConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.PromptTemplateConfiguration", + "markdownDescription": "Contains a prompt and variables in the prompt that can be replaced with values at runtime.", + "title": "TemplateConfiguration" }, - "Type": { - "markdownDescription": "The type of aggregation the constraint allows. The only valid value is currently `COUNT_DISTINCT`.", - "title": "Type", + "TemplateType": { + "markdownDescription": "The type of prompt template.", + "title": "TemplateType", "type": "string" } }, "required": [ - "ColumnName", - "Minimum", - "Type" + "ModelId", + "TemplateConfiguration", + "TemplateType" ], "type": "object" }, - "AWS::CleanRooms::ConfiguredTable.AnalysisRule": { + "AWS::Bedrock::FlowVersion.PromptFlowNodeResourceConfiguration": { "additionalProperties": false, "properties": { - "Policy": { - "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.ConfiguredTableAnalysisRulePolicy", - "markdownDescription": "A policy that describes the associated data usage limitations.", - "title": "Policy" - }, - "Type": { - "markdownDescription": "The type of analysis rule.", - "title": "Type", + "PromptArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the prompt from Prompt management.", + "title": "PromptArn", "type": "string" } }, "required": [ - "Policy", - "Type" + "PromptArn" ], "type": "object" }, - "AWS::CleanRooms::ConfiguredTable.AnalysisRuleAggregation": { + "AWS::Bedrock::FlowVersion.PromptFlowNodeSourceConfiguration": { "additionalProperties": false, "properties": { - "AggregateColumns": { - "items": { - "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AggregateColumn" - }, - "markdownDescription": "The columns that query runners are allowed to use in aggregation queries.", - "title": "AggregateColumns", - "type": "array" - }, - "AllowedJoinOperators": { - "items": { - "type": "string" - }, - "markdownDescription": "Which logical operators (if any) are to be used in an INNER JOIN match condition. Default is `AND` .", - "title": "AllowedJoinOperators", - "type": "array" + "Inline": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.PromptFlowNodeInlineConfiguration", + "markdownDescription": "Contains configurations for a prompt that is defined inline", + "title": "Inline" }, - "DimensionColumns": { - "items": { - "type": "string" - }, - "markdownDescription": "The columns that query runners are allowed to select, group by, or filter by.", - "title": "DimensionColumns", - "type": "array" + "Resource": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.PromptFlowNodeResourceConfiguration", + "markdownDescription": "Contains configurations for a prompt from Prompt management.", + "title": "Resource" + } + }, + "type": "object" + }, + "AWS::Bedrock::FlowVersion.PromptInferenceConfiguration": { + "additionalProperties": false, + "properties": { + "Text": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.PromptModelInferenceConfiguration", + "markdownDescription": "Contains inference configurations for a text prompt.", + "title": "Text" + } + }, + "required": [ + "Text" + ], + "type": "object" + }, + "AWS::Bedrock::FlowVersion.PromptInputVariable": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the variable.", + "title": "Name", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::FlowVersion.PromptModelInferenceConfiguration": { + "additionalProperties": false, + "properties": { + "MaxTokens": { + "markdownDescription": "The maximum number of tokens to return in the response.", + "title": "MaxTokens", + "type": "number" }, - "JoinColumns": { + "StopSequences": { "items": { "type": "string" }, - "markdownDescription": "Columns in configured table that can be used in join statements and/or as aggregate columns. They can never be outputted directly.", - "title": "JoinColumns", + "markdownDescription": "A list of strings that define sequences after which the model will stop generating.", + "title": "StopSequences", "type": "array" }, - "JoinRequired": { - "markdownDescription": "Control that requires member who runs query to do a join with their configured table and/or other configured table in query.", - "title": "JoinRequired", - "type": "string" - }, - "OutputConstraints": { - "items": { - "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AggregationConstraint" - }, - "markdownDescription": "Columns that must meet a specific threshold value (after an aggregation function is applied to it) for each output row to be returned.", - "title": "OutputConstraints", - "type": "array" + "Temperature": { + "markdownDescription": "Controls the randomness of the response. Choose a lower value for more predictable outputs and a higher value for more surprising outputs.", + "title": "Temperature", + "type": "number" }, - "ScalarFunctions": { - "items": { - "type": "string" - }, - "markdownDescription": "Set of scalar functions that are allowed to be used on dimension columns and the output of aggregation of metrics.", - "title": "ScalarFunctions", - "type": "array" + "TopP": { + "markdownDescription": "The percentage of most-likely candidates that the model considers for the next token.", + "title": "TopP", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Bedrock::FlowVersion.PromptTemplateConfiguration": { + "additionalProperties": false, + "properties": { + "Text": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.TextPromptTemplateConfiguration", + "markdownDescription": "Contains configurations for the text in a message for a prompt.", + "title": "Text" } }, "required": [ - "AggregateColumns", - "DimensionColumns", - "JoinColumns", - "OutputConstraints", - "ScalarFunctions" + "Text" ], "type": "object" }, - "AWS::CleanRooms::ConfiguredTable.AnalysisRuleCustom": { + "AWS::Bedrock::FlowVersion.RerankingMetadataSelectiveModeConfiguration": { "additionalProperties": false, "properties": { - "AllowedAnalyses": { + "FieldsToExclude": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.FieldForReranking" }, - "markdownDescription": "The ARN of the analysis templates that are allowed by the custom analysis rule.", - "title": "AllowedAnalyses", + "markdownDescription": "A list of metadata field names to explicitly exclude from the reranking process. All metadata fields except these will be considered when reordering search results. This parameter cannot be used together with fieldsToInclude.", + "title": "FieldsToExclude", "type": "array" }, - "AllowedAnalysisProviders": { + "FieldsToInclude": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.FieldForReranking" }, - "markdownDescription": "The IDs of the AWS accounts that are allowed to query by the custom analysis rule. Required when `allowedAnalyses` is `ANY_QUERY` .", - "title": "AllowedAnalysisProviders", + "markdownDescription": "A list of metadata field names to explicitly include in the reranking process. Only these fields will be considered when reordering search results. This parameter cannot be used together with fieldsToExclude.", + "title": "FieldsToInclude", "type": "array" - }, - "DifferentialPrivacy": { - "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.DifferentialPrivacy", - "markdownDescription": "The differential privacy configuration.", - "title": "DifferentialPrivacy" + } + }, + "type": "object" + }, + "AWS::Bedrock::FlowVersion.RetrievalFlowNodeConfiguration": { + "additionalProperties": false, + "properties": { + "ServiceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.RetrievalFlowNodeServiceConfiguration", + "markdownDescription": "Contains configurations for the service to use for retrieving data to return as the output from the node.", + "title": "ServiceConfiguration" } }, "required": [ - "AllowedAnalyses" + "ServiceConfiguration" ], "type": "object" }, - "AWS::CleanRooms::ConfiguredTable.AnalysisRuleList": { + "AWS::Bedrock::FlowVersion.RetrievalFlowNodeS3Configuration": { "additionalProperties": false, "properties": { - "AllowedJoinOperators": { - "items": { - "type": "string" - }, - "markdownDescription": "The logical operators (if any) that are to be used in an INNER JOIN match condition. Default is `AND` .", - "title": "AllowedJoinOperators", - "type": "array" - }, - "JoinColumns": { - "items": { - "type": "string" - }, - "markdownDescription": "Columns that can be used to join a configured table with the table of the member who can query and other members' configured tables.", - "title": "JoinColumns", - "type": "array" - }, - "ListColumns": { - "items": { - "type": "string" - }, - "markdownDescription": "Columns that can be listed in the output.", - "title": "ListColumns", - "type": "array" + "BucketName": { + "markdownDescription": "The name of the Amazon S3 bucket from which to retrieve data.", + "title": "BucketName", + "type": "string" } }, "required": [ - "JoinColumns", - "ListColumns" + "BucketName" ], "type": "object" }, - "AWS::CleanRooms::ConfiguredTable.ConfiguredTableAnalysisRulePolicy": { + "AWS::Bedrock::FlowVersion.RetrievalFlowNodeServiceConfiguration": { "additionalProperties": false, "properties": { - "V1": { - "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.ConfiguredTableAnalysisRulePolicyV1", - "markdownDescription": "Controls on the query specifications that can be run on a configured table.", - "title": "V1" + "S3": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.RetrievalFlowNodeS3Configuration", + "markdownDescription": "Contains configurations for the Amazon S3 location from which to retrieve data to return as the output from the node.", + "title": "S3" + } + }, + "type": "object" + }, + "AWS::Bedrock::FlowVersion.StorageFlowNodeConfiguration": { + "additionalProperties": false, + "properties": { + "ServiceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.StorageFlowNodeServiceConfiguration", + "markdownDescription": "Contains configurations for the service to use for storing the input into the node.", + "title": "ServiceConfiguration" } }, "required": [ - "V1" + "ServiceConfiguration" ], "type": "object" }, - "AWS::CleanRooms::ConfiguredTable.ConfiguredTableAnalysisRulePolicyV1": { + "AWS::Bedrock::FlowVersion.StorageFlowNodeS3Configuration": { "additionalProperties": false, "properties": { - "Aggregation": { - "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AnalysisRuleAggregation", - "markdownDescription": "Analysis rule type that enables only aggregation queries on a configured table.", - "title": "Aggregation" - }, - "Custom": { - "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AnalysisRuleCustom", - "markdownDescription": "Analysis rule type that enables custom SQL queries on a configured table.", - "title": "Custom" - }, - "List": { - "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AnalysisRuleList", - "markdownDescription": "Analysis rule type that enables only list queries on a configured table.", - "title": "List" + "BucketName": { + "markdownDescription": "The name of the Amazon S3 bucket in which to store the input into the node.", + "title": "BucketName", + "type": "string" } }, + "required": [ + "BucketName" + ], "type": "object" }, - "AWS::CleanRooms::ConfiguredTable.DifferentialPrivacy": { + "AWS::Bedrock::FlowVersion.StorageFlowNodeServiceConfiguration": { "additionalProperties": false, "properties": { - "Columns": { + "S3": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.StorageFlowNodeS3Configuration", + "markdownDescription": "Contains configurations for the Amazon S3 location in which to store the input into the node.", + "title": "S3" + } + }, + "type": "object" + }, + "AWS::Bedrock::FlowVersion.TextPromptTemplateConfiguration": { + "additionalProperties": false, + "properties": { + "InputVariables": { "items": { - "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.DifferentialPrivacyColumn" + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.PromptInputVariable" }, - "markdownDescription": "The name of the column, such as user_id, that contains the unique identifier of your users, whose privacy you want to protect. If you want to turn on differential privacy for two or more tables in a collaboration, you must configure the same column as the user identifier column in both analysis rules.", - "title": "Columns", + "markdownDescription": "An array of the variables in the prompt template.", + "title": "InputVariables", "type": "array" + }, + "Text": { + "markdownDescription": "The message for the prompt.", + "title": "Text", + "type": "string" } }, "required": [ - "Columns" + "Text" ], "type": "object" }, - "AWS::CleanRooms::ConfiguredTable.DifferentialPrivacyColumn": { + "AWS::Bedrock::FlowVersion.VectorSearchBedrockRerankingConfiguration": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the column, such as user_id, that contains the unique identifier of your users, whose privacy you want to protect. If you want to turn on differential privacy for two or more tables in a collaboration, you must configure the same column as the user identifier column in both analysis rules.", - "title": "Name", - "type": "string" + "MetadataConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.MetadataConfigurationForReranking", + "markdownDescription": "Configuration for how document metadata should be used during the reranking process. This determines which metadata fields are included when reordering search results.", + "title": "MetadataConfiguration" + }, + "ModelConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.VectorSearchBedrockRerankingModelConfiguration", + "markdownDescription": "Configuration for the Amazon Bedrock foundation model used for reranking. This includes the model ARN and any additional request fields required by the model.", + "title": "ModelConfiguration" + }, + "NumberOfRerankedResults": { + "markdownDescription": "The maximum number of results to rerank. This limits how many of the initial vector search results will be processed by the reranking model. A smaller number improves performance but may exclude potentially relevant results.", + "title": "NumberOfRerankedResults", + "type": "number" } }, "required": [ - "Name" + "ModelConfiguration" ], "type": "object" }, - "AWS::CleanRooms::ConfiguredTable.GlueTableReference": { + "AWS::Bedrock::FlowVersion.VectorSearchBedrockRerankingModelConfiguration": { "additionalProperties": false, "properties": { - "DatabaseName": { - "markdownDescription": "The name of the database the AWS Glue table belongs to.", - "title": "DatabaseName", - "type": "string" + "AdditionalModelRequestFields": { + "markdownDescription": "A list of additional fields to include in the model request during reranking. These fields provide extra context or configuration options specific to the selected foundation model.", + "title": "AdditionalModelRequestFields", + "type": "object" }, - "TableName": { - "markdownDescription": "The name of the AWS Glue table.", - "title": "TableName", + "ModelArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the foundation model to use for reranking. This model processes the query and search results to determine a more relevant ordering.", + "title": "ModelArn", "type": "string" } }, "required": [ - "DatabaseName", - "TableName" + "ModelArn" ], "type": "object" }, - "AWS::CleanRooms::ConfiguredTable.TableReference": { + "AWS::Bedrock::FlowVersion.VectorSearchRerankingConfiguration": { "additionalProperties": false, "properties": { - "Glue": { - "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.GlueTableReference", - "markdownDescription": "If present, a reference to the AWS Glue table referred to by this table reference.", - "title": "Glue" + "BedrockRerankingConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.VectorSearchBedrockRerankingConfiguration", + "markdownDescription": "Configuration for using Amazon Bedrock foundation models to rerank search results. This is required when the reranking type is set to BEDROCK.", + "title": "BedrockRerankingConfiguration" + }, + "Type": { + "markdownDescription": "The type of reranking to apply to vector search results. Currently, the only supported value is BEDROCK, which uses Amazon Bedrock foundation models for reranking.", + "title": "Type", + "type": "string" } }, "required": [ - "Glue" + "Type" ], "type": "object" }, - "AWS::CleanRooms::ConfiguredTableAssociation": { + "AWS::Bedrock::Guardrail": { "additionalProperties": false, "properties": { "Condition": { @@ -33545,51 +38067,80 @@ "Properties": { "additionalProperties": false, "properties": { - "ConfiguredTableIdentifier": { - "markdownDescription": "A unique identifier for the configured table to be associated to. Currently accepts a configured table ID.", - "title": "ConfiguredTableIdentifier", + "BlockedInputMessaging": { + "markdownDescription": "The message to return when the guardrail blocks a prompt.", + "title": "BlockedInputMessaging", + "type": "string" + }, + "BlockedOutputsMessaging": { + "markdownDescription": "The message to return when the guardrail blocks a model response.", + "title": "BlockedOutputsMessaging", "type": "string" }, + "ContentPolicyConfig": { + "$ref": "#/definitions/AWS::Bedrock::Guardrail.ContentPolicyConfig", + "markdownDescription": "The content filter policies to configure for the guardrail.", + "title": "ContentPolicyConfig" + }, + "ContextualGroundingPolicyConfig": { + "$ref": "#/definitions/AWS::Bedrock::Guardrail.ContextualGroundingPolicyConfig", + "markdownDescription": "", + "title": "ContextualGroundingPolicyConfig" + }, + "CrossRegionConfig": { + "$ref": "#/definitions/AWS::Bedrock::Guardrail.GuardrailCrossRegionConfig", + "markdownDescription": "The system-defined guardrail profile that you're using with your guardrail. Guardrail profiles define the destination AWS Regions where guardrail inference requests can be automatically routed. Using guardrail profiles helps maintain guardrail performance and reliability when demand increases.\n\nFor more information, see the [Amazon Bedrock User Guide](https://docs.aws.amazon.com/bedrock/latest/userguide/guardrails-cross-region.html) .", + "title": "CrossRegionConfig" + }, "Description": { - "markdownDescription": "A description of the configured table association.", + "markdownDescription": "A description of the guardrail.", "title": "Description", "type": "string" }, - "MembershipIdentifier": { - "markdownDescription": "The unique ID for the membership this configured table association belongs to.", - "title": "MembershipIdentifier", + "KmsKeyArn": { + "markdownDescription": "The ARN of the AWS KMS key that you use to encrypt the guardrail.", + "title": "KmsKeyArn", "type": "string" }, "Name": { - "markdownDescription": "The name of the configured table association, in lowercase. The table is identified by this name when running protected queries against the underlying data.", + "markdownDescription": "The name of the guardrail.", "title": "Name", "type": "string" }, - "RoleArn": { - "markdownDescription": "The service will assume this role to access catalog metadata and query the table.", - "title": "RoleArn", - "type": "string" + "SensitiveInformationPolicyConfig": { + "$ref": "#/definitions/AWS::Bedrock::Guardrail.SensitiveInformationPolicyConfig", + "markdownDescription": "The sensitive information policy to configure for the guardrail.", + "title": "SensitiveInformationPolicyConfig" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", + "markdownDescription": "The tags that you want to attach to the guardrail.", "title": "Tags", "type": "array" + }, + "TopicPolicyConfig": { + "$ref": "#/definitions/AWS::Bedrock::Guardrail.TopicPolicyConfig", + "markdownDescription": "The topic policies to configure for the guardrail.", + "title": "TopicPolicyConfig" + }, + "WordPolicyConfig": { + "$ref": "#/definitions/AWS::Bedrock::Guardrail.WordPolicyConfig", + "markdownDescription": "The word policy you configure for the guardrail.", + "title": "WordPolicyConfig" } }, "required": [ - "ConfiguredTableIdentifier", - "MembershipIdentifier", - "Name", - "RoleArn" + "BlockedInputMessaging", + "BlockedOutputsMessaging", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::CleanRooms::ConfiguredTableAssociation" + "AWS::Bedrock::Guardrail" ], "type": "string" }, @@ -33608,636 +38159,459 @@ ], "type": "object" }, - "AWS::CleanRooms::Membership": { + "AWS::Bedrock::Guardrail.ContentFilterConfig": { "additionalProperties": false, "properties": { - "Condition": { + "InputAction": { + "markdownDescription": "Specifies the action to take when harmful content is detected. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "title": "InputAction", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "InputEnabled": { + "markdownDescription": "Specifies whether to enable guardrail evaluation on the input. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "title": "InputEnabled", + "type": "boolean" + }, + "InputModalities": { + "items": { + "type": "string" + }, + "markdownDescription": "The input modalities selected for the guardrail content filter configuration.", + "title": "InputModalities", + "type": "array" + }, + "InputStrength": { + "markdownDescription": "The strength of the content filter to apply to prompts. As you increase the filter strength, the likelihood of filtering harmful content increases and the probability of seeing harmful content in your application reduces.", + "title": "InputStrength", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "OutputAction": { + "markdownDescription": "Specifies the action to take when harmful content is detected in the output. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "title": "OutputAction", + "type": "string" }, - "Metadata": { - "type": "object" + "OutputEnabled": { + "markdownDescription": "Specifies whether to enable guardrail evaluation on the output. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "title": "OutputEnabled", + "type": "boolean" }, - "Properties": { - "additionalProperties": false, - "properties": { - "CollaborationIdentifier": { - "markdownDescription": "The unique ID for the associated collaboration.", - "title": "CollaborationIdentifier", - "type": "string" - }, - "DefaultResultConfiguration": { - "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipProtectedQueryResultConfiguration", - "markdownDescription": "The default protected query result configuration as specified by the member who can receive results.", - "title": "DefaultResultConfiguration" - }, - "PaymentConfiguration": { - "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipPaymentConfiguration", - "markdownDescription": "The payment responsibilities accepted by the collaboration member.", - "title": "PaymentConfiguration" - }, - "QueryLogStatus": { - "markdownDescription": "An indicator as to whether query logging has been enabled or disabled for the membership.\n\nWhen `ENABLED` , AWS Clean Rooms logs details about queries run within this collaboration and those logs can be viewed in Amazon CloudWatch Logs. The default value is `DISABLED` .", - "title": "QueryLogStatus", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", - "title": "Tags", - "type": "array" - } + "OutputModalities": { + "items": { + "type": "string" }, - "required": [ - "CollaborationIdentifier", - "QueryLogStatus" - ], - "type": "object" + "markdownDescription": "The output modalities selected for the guardrail content filter configuration.", + "title": "OutputModalities", + "type": "array" }, - "Type": { - "enum": [ - "AWS::CleanRooms::Membership" - ], + "OutputStrength": { + "markdownDescription": "The strength of the content filter to apply to model responses. As you increase the filter strength, the likelihood of filtering harmful content increases and the probability of seeing harmful content in your application reduces.", + "title": "OutputStrength", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Type": { + "markdownDescription": "The harmful category that the content filter is applied to.", + "title": "Type", "type": "string" } }, "required": [ - "Type", - "Properties" + "InputStrength", + "OutputStrength", + "Type" ], "type": "object" }, - "AWS::CleanRooms::Membership.MembershipPaymentConfiguration": { + "AWS::Bedrock::Guardrail.ContentFiltersTierConfig": { "additionalProperties": false, "properties": { - "QueryCompute": { - "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipQueryComputePaymentConfig", - "markdownDescription": "The payment responsibilities accepted by the collaboration member for query compute costs.", - "title": "QueryCompute" + "TierName": { + "markdownDescription": "The tier that your guardrail uses for content filters. Valid values include:\n\n- `CLASSIC` tier \u2013 Provides established guardrails functionality supporting English, French, and Spanish languages.\n- `STANDARD` tier \u2013 Provides a more robust solution than the `CLASSIC` tier and has more comprehensive language support. This tier requires that your guardrail use [cross-Region inference](https://docs.aws.amazon.com/bedrock/latest/userguide/guardrails-cross-region.html) .", + "title": "TierName", + "type": "string" } }, "required": [ - "QueryCompute" + "TierName" ], "type": "object" }, - "AWS::CleanRooms::Membership.MembershipProtectedQueryOutputConfiguration": { + "AWS::Bedrock::Guardrail.ContentPolicyConfig": { "additionalProperties": false, "properties": { - "S3": { - "$ref": "#/definitions/AWS::CleanRooms::Membership.ProtectedQueryS3OutputConfiguration", - "markdownDescription": "Required configuration for a protected query with an `s3` output type.", - "title": "S3" + "ContentFiltersTierConfig": { + "$ref": "#/definitions/AWS::Bedrock::Guardrail.ContentFiltersTierConfig", + "markdownDescription": "The tier that your guardrail uses for content filters. Consider using a tier that balances performance, accuracy, and compatibility with your existing generative AI workflows.", + "title": "ContentFiltersTierConfig" + }, + "FiltersConfig": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Guardrail.ContentFilterConfig" + }, + "markdownDescription": "Contains the type of the content filter and how strongly it should apply to prompts and model responses.", + "title": "FiltersConfig", + "type": "array" } }, "required": [ - "S3" + "FiltersConfig" ], "type": "object" }, - "AWS::CleanRooms::Membership.MembershipProtectedQueryResultConfiguration": { + "AWS::Bedrock::Guardrail.ContextualGroundingFilterConfig": { "additionalProperties": false, "properties": { - "OutputConfiguration": { - "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipProtectedQueryOutputConfiguration", - "markdownDescription": "Configuration for protected query results.", - "title": "OutputConfiguration" + "Action": { + "markdownDescription": "Specifies the action to take when content fails the contextual grounding evaluation. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "title": "Action", + "type": "string" }, - "RoleArn": { - "markdownDescription": "The unique ARN for an IAM role that is used by AWS Clean Rooms to write protected query results to the result location, given by the member who can receive results.", - "title": "RoleArn", + "Enabled": { + "markdownDescription": "Specifies whether to enable contextual grounding evaluation. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "title": "Enabled", + "type": "boolean" + }, + "Threshold": { + "markdownDescription": "The threshold details for the guardrails contextual grounding filter.", + "title": "Threshold", + "type": "number" + }, + "Type": { + "markdownDescription": "The filter details for the guardrails contextual grounding filter.", + "title": "Type", "type": "string" } }, "required": [ - "OutputConfiguration" + "Threshold", + "Type" ], "type": "object" }, - "AWS::CleanRooms::Membership.MembershipQueryComputePaymentConfig": { + "AWS::Bedrock::Guardrail.ContextualGroundingPolicyConfig": { "additionalProperties": false, "properties": { - "IsResponsible": { - "markdownDescription": "Indicates whether the collaboration member has accepted to pay for query compute costs ( `TRUE` ) or has not accepted to pay for query compute costs ( `FALSE` ).\n\nIf the collaboration creator has not specified anyone to pay for query compute costs, then the member who can query is the default payer.\n\nAn error message is returned for the following reasons:\n\n- If you set the value to `FALSE` but you are responsible to pay for query compute costs.\n- If you set the value to `TRUE` but you are not responsible to pay for query compute costs.", - "title": "IsResponsible", - "type": "boolean" + "FiltersConfig": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Guardrail.ContextualGroundingFilterConfig" + }, + "markdownDescription": "", + "title": "FiltersConfig", + "type": "array" } }, "required": [ - "IsResponsible" + "FiltersConfig" ], "type": "object" }, - "AWS::CleanRooms::Membership.ProtectedQueryS3OutputConfiguration": { + "AWS::Bedrock::Guardrail.GuardrailCrossRegionConfig": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The S3 bucket to unload the protected query results.", - "title": "Bucket", - "type": "string" - }, - "KeyPrefix": { - "markdownDescription": "The S3 prefix to unload the protected query results.", - "title": "KeyPrefix", - "type": "string" - }, - "ResultFormat": { - "markdownDescription": "Intended file format of the result.", - "title": "ResultFormat", + "GuardrailProfileArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the guardrail profile that your guardrail is using. Guardrail profile availability depends on your current AWS Region . For more information, see the [Amazon Bedrock User Guide](https://docs.aws.amazon.com/bedrock/latest/userguide/guardrails-cross-region-support.html) .", + "title": "GuardrailProfileArn", "type": "string" } }, "required": [ - "Bucket", - "ResultFormat" + "GuardrailProfileArn" ], "type": "object" }, - "AWS::CleanRooms::PrivacyBudgetTemplate": { + "AWS::Bedrock::Guardrail.ManagedWordsConfig": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "InputAction": { + "markdownDescription": "Specifies the action to take when harmful content is detected in the input. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "title": "InputAction", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "InputEnabled": { + "markdownDescription": "Specifies whether to enable guardrail evaluation on the input. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "title": "InputEnabled", + "type": "boolean" }, - "Metadata": { - "type": "object" + "OutputAction": { + "markdownDescription": "Specifies the action to take when harmful content is detected in the output. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "title": "OutputAction", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AutoRefresh": { - "markdownDescription": "How often the privacy budget refreshes.\n\n> If you plan to regularly bring new data into the collaboration, use `CALENDAR_MONTH` to automatically get a new privacy budget for the collaboration every calendar month. Choosing this option allows arbitrary amounts of information to be revealed about rows of the data when repeatedly queried across refreshes. Avoid choosing this if the same rows will be repeatedly queried between privacy budget refreshes.", - "title": "AutoRefresh", - "type": "string" - }, - "MembershipIdentifier": { - "markdownDescription": "The identifier for a membership resource.", - "title": "MembershipIdentifier", - "type": "string" - }, - "Parameters": { - "$ref": "#/definitions/AWS::CleanRooms::PrivacyBudgetTemplate.Parameters", - "markdownDescription": "Specifies the epsilon and noise parameters for the privacy budget template.", - "title": "Parameters" - }, - "PrivacyBudgetType": { - "markdownDescription": "Specifies the type of the privacy budget template.", - "title": "PrivacyBudgetType", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "AutoRefresh", - "MembershipIdentifier", - "Parameters", - "PrivacyBudgetType" - ], - "type": "object" + "OutputEnabled": { + "markdownDescription": "Specifies whether to enable guardrail evaluation on the output. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "title": "OutputEnabled", + "type": "boolean" }, "Type": { - "enum": [ - "AWS::CleanRooms::PrivacyBudgetTemplate" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "markdownDescription": "The managed word type to configure for the guardrail.", + "title": "Type", "type": "string" } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::CleanRooms::PrivacyBudgetTemplate.Parameters": { + "AWS::Bedrock::Guardrail.PiiEntityConfig": { "additionalProperties": false, "properties": { - "Epsilon": { - "markdownDescription": "The epsilon value that you want to use.", - "title": "Epsilon", - "type": "number" + "Action": { + "markdownDescription": "Configure guardrail action when the PII entity is detected.", + "title": "Action", + "type": "string" }, - "UsersNoisePerQuery": { - "markdownDescription": "Noise added per query is measured in terms of the number of users whose contributions you want to obscure. This value governs the rate at which the privacy budget is depleted.", - "title": "UsersNoisePerQuery", - "type": "number" + "InputAction": { + "markdownDescription": "Specifies the action to take when harmful content is detected in the input. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `ANONYMIZE` \u2013 Mask the content and replace it with identifier tags.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "title": "InputAction", + "type": "string" + }, + "InputEnabled": { + "markdownDescription": "Specifies whether to enable guardrail evaluation on the input. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "title": "InputEnabled", + "type": "boolean" + }, + "OutputAction": { + "markdownDescription": "Specifies the action to take when harmful content is detected in the output. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `ANONYMIZE` \u2013 Mask the content and replace it with identifier tags.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "title": "OutputAction", + "type": "string" + }, + "OutputEnabled": { + "markdownDescription": "Indicates whether guardrail evaluation is enabled on the output. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "title": "OutputEnabled", + "type": "boolean" + }, + "Type": { + "markdownDescription": "Configure guardrail type when the PII entity is detected.\n\nThe following PIIs are used to block or mask sensitive information:\n\n- *General*\n\n- *ADDRESS*\n\nA physical address, such as \"100 Main Street, Anytown, USA\" or \"Suite #12, Building 123\". An address can include information such as the street, building, location, city, state, country, county, zip code, precinct, and neighborhood.\n- *AGE*\n\nAn individual's age, including the quantity and unit of time. For example, in the phrase \"I am 40 years old,\" Guardrails recognizes \"40 years\" as an age.\n- *NAME*\n\nAn individual's name. This entity type does not include titles, such as Dr., Mr., Mrs., or Miss. guardrails doesn't apply this entity type to names that are part of organizations or addresses. For example, guardrails recognizes the \"John Doe Organization\" as an organization, and it recognizes \"Jane Doe Street\" as an address.\n- *EMAIL*\n\nAn email address, such as *marymajor@email.com* .\n- *PHONE*\n\nA phone number. This entity type also includes fax and pager numbers.\n- *USERNAME*\n\nA user name that identifies an account, such as a login name, screen name, nick name, or handle.\n- *PASSWORD*\n\nAn alphanumeric string that is used as a password, such as \"* *very20special#pass** \".\n- *DRIVER_ID*\n\nThe number assigned to a driver's license, which is an official document permitting an individual to operate one or more motorized vehicles on a public road. A driver's license number consists of alphanumeric characters.\n- *LICENSE_PLATE*\n\nA license plate for a vehicle is issued by the state or country where the vehicle is registered. The format for passenger vehicles is typically five to eight digits, consisting of upper-case letters and numbers. The format varies depending on the location of the issuing state or country.\n- *VEHICLE_IDENTIFICATION_NUMBER*\n\nA Vehicle Identification Number (VIN) uniquely identifies a vehicle. VIN content and format are defined in the *ISO 3779* specification. Each country has specific codes and formats for VINs.\n- *Finance*\n\n- *CREDIT_DEBIT_CARD_CVV*\n\nA three-digit card verification code (CVV) that is present on VISA, MasterCard, and Discover credit and debit cards. For American Express credit or debit cards, the CVV is a four-digit numeric code.\n- *CREDIT_DEBIT_CARD_EXPIRY*\n\nThe expiration date for a credit or debit card. This number is usually four digits long and is often formatted as *month/year* or *MM/YY* . Guardrails recognizes expiration dates such as *01/21* , *01/2021* , and *Jan 2021* .\n- *CREDIT_DEBIT_CARD_NUMBER*\n\nThe number for a credit or debit card. These numbers can vary from 13 to 16 digits in length. However, Amazon Comprehend also recognizes credit or debit card numbers when only the last four digits are present.\n- *PIN*\n\nA four-digit personal identification number (PIN) with which you can access your bank account.\n- *INTERNATIONAL_BANK_ACCOUNT_NUMBER*\n\nAn International Bank Account Number has specific formats in each country. For more information, see [www.iban.com/structure](https://docs.aws.amazon.com/https://www.iban.com/structure) .\n- *SWIFT_CODE*\n\nA SWIFT code is a standard format of Bank Identifier Code (BIC) used to specify a particular bank or branch. Banks use these codes for money transfers such as international wire transfers.\n\nSWIFT codes consist of eight or 11 characters. The 11-digit codes refer to specific branches, while eight-digit codes (or 11-digit codes ending in 'XXX') refer to the head or primary office.\n- *IT*\n\n- *IP_ADDRESS*\n\nAn IPv4 address, such as *198.51.100.0* .\n- *MAC_ADDRESS*\n\nA *media access control* (MAC) address is a unique identifier assigned to a network interface controller (NIC).\n- *URL*\n\nA web address, such as *www.example.com* .\n- *AWS_ACCESS_KEY*\n\nA unique identifier that's associated with a secret access key; you use the access key ID and secret access key to sign programmatic AWS requests cryptographically.\n- *AWS_SECRET_KEY*\n\nA unique identifier that's associated with an access key. You use the access key ID and secret access key to sign programmatic AWS requests cryptographically.\n- *USA specific*\n\n- *US_BANK_ACCOUNT_NUMBER*\n\nA US bank account number, which is typically 10 to 12 digits long.\n- *US_BANK_ROUTING_NUMBER*\n\nA US bank account routing number. These are typically nine digits long,\n- *US_INDIVIDUAL_TAX_IDENTIFICATION_NUMBER*\n\nA US Individual Taxpayer Identification Number (ITIN) is a nine-digit number that starts with a \"9\" and contain a \"7\" or \"8\" as the fourth digit. An ITIN can be formatted with a space or a dash after the third and forth digits.\n- *US_PASSPORT_NUMBER*\n\nA US passport number. Passport numbers range from six to nine alphanumeric characters.\n- *US_SOCIAL_SECURITY_NUMBER*\n\nA US Social Security Number (SSN) is a nine-digit number that is issued to US citizens, permanent residents, and temporary working residents.\n- *Canada specific*\n\n- *CA_HEALTH_NUMBER*\n\nA Canadian Health Service Number is a 10-digit unique identifier, required for individuals to access healthcare benefits.\n- *CA_SOCIAL_INSURANCE_NUMBER*\n\nA Canadian Social Insurance Number (SIN) is a nine-digit unique identifier, required for individuals to access government programs and benefits.\n\nThe SIN is formatted as three groups of three digits, such as *123-456-789* . A SIN can be validated through a simple check-digit process called the [Luhn algorithm](https://docs.aws.amazon.com/https://www.wikipedia.org/wiki/Luhn_algorithm) .\n- *UK Specific*\n\n- *UK_NATIONAL_HEALTH_SERVICE_NUMBER*\n\nA UK National Health Service Number is a 10-17 digit number, such as *485 777 3456* . The current system formats the 10-digit number with spaces after the third and sixth digits. The final digit is an error-detecting checksum.\n- *UK_NATIONAL_INSURANCE_NUMBER*\n\nA UK National Insurance Number (NINO) provides individuals with access to National Insurance (social security) benefits. It is also used for some purposes in the UK tax system.\n\nThe number is nine digits long and starts with two letters, followed by six numbers and one letter. A NINO can be formatted with a space or a dash after the two letters and after the second, forth, and sixth digits.\n- *UK_UNIQUE_TAXPAYER_REFERENCE_NUMBER*\n\nA UK Unique Taxpayer Reference (UTR) is a 10-digit number that identifies a taxpayer or a business.\n- *Custom*\n\n- *Regex filter* - You can use a regular expressions to define patterns for a guardrail to recognize and act upon such as serial number, booking ID etc..", + "title": "Type", + "type": "string" } }, "required": [ - "Epsilon", - "UsersNoisePerQuery" + "Action", + "Type" ], "type": "object" }, - "AWS::CleanRoomsML::TrainingDataset": { + "AWS::Bedrock::Guardrail.RegexConfig": { "additionalProperties": false, "properties": { - "Condition": { + "Action": { + "markdownDescription": "The guardrail action to configure when matching regular expression is detected.", + "title": "Action", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Description": { + "markdownDescription": "The description of the regular expression to configure for the guardrail.", + "title": "Description", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "InputAction": { + "markdownDescription": "Specifies the action to take when harmful content is detected in the input. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "title": "InputAction", + "type": "string" }, - "Metadata": { - "type": "object" + "InputEnabled": { + "markdownDescription": "Specifies whether to enable guardrail evaluation on the input. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "title": "InputEnabled", + "type": "boolean" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The description of the training dataset.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the training dataset.", - "title": "Name", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role that Clean Rooms ML can assume to read the data referred to in the `dataSource` field of each dataset.\n\nPassing a role across accounts is not allowed. If you pass a role that isn't in your account, you get an `AccessDeniedException` error.", - "title": "RoleArn", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The optional metadata that you apply to the resource to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50.\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8.\n- Maximum value length - 256 Unicode characters in UTF-8.\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for keys as it is reserved. You cannot edit or delete tag keys with this prefix. Values can have this prefix. If a tag value has `aws` as its prefix but the key does not, then Clean Rooms ML considers it to be a user tag and will count against the limit of 50 tags. Tags with only the key prefix of `aws` do not count against your tags per resource limit.", - "title": "Tags", - "type": "array" - }, - "TrainingData": { - "items": { - "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.Dataset" - }, - "markdownDescription": "An array of information that lists the Dataset objects, which specifies the dataset type and details on its location and schema. You must provide a role that has read access to these tables.", - "title": "TrainingData", - "type": "array" - } - }, - "required": [ - "Name", - "RoleArn", - "TrainingData" - ], - "type": "object" + "Name": { + "markdownDescription": "The name of the regular expression to configure for the guardrail.", + "title": "Name", + "type": "string" }, - "Type": { - "enum": [ - "AWS::CleanRoomsML::TrainingDataset" - ], + "OutputAction": { + "markdownDescription": "Specifies the action to take when harmful content is detected in the output. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "title": "OutputAction", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "OutputEnabled": { + "markdownDescription": "Specifies whether to enable guardrail evaluation on the output. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "title": "OutputEnabled", + "type": "boolean" + }, + "Pattern": { + "markdownDescription": "The regular expression pattern to configure for the guardrail.", + "title": "Pattern", "type": "string" } }, "required": [ - "Type", - "Properties" + "Action", + "Name", + "Pattern" ], "type": "object" }, - "AWS::CleanRoomsML::TrainingDataset.ColumnSchema": { + "AWS::Bedrock::Guardrail.SensitiveInformationPolicyConfig": { "additionalProperties": false, "properties": { - "ColumnName": { - "markdownDescription": "The name of a column.", - "title": "ColumnName", - "type": "string" + "PiiEntitiesConfig": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Guardrail.PiiEntityConfig" + }, + "markdownDescription": "A list of PII entities to configure to the guardrail.", + "title": "PiiEntitiesConfig", + "type": "array" }, - "ColumnTypes": { + "RegexesConfig": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Bedrock::Guardrail.RegexConfig" }, - "markdownDescription": "The data type of column.", - "title": "ColumnTypes", + "markdownDescription": "A list of regular expressions to configure to the guardrail.", + "title": "RegexesConfig", "type": "array" } }, - "required": [ - "ColumnName", - "ColumnTypes" - ], - "type": "object" - }, - "AWS::CleanRoomsML::TrainingDataset.DataSource": { - "additionalProperties": false, - "properties": { - "GlueDataSource": { - "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.GlueDataSource", - "markdownDescription": "A GlueDataSource object that defines the catalog ID, database name, and table name for the training data.", - "title": "GlueDataSource" - } - }, - "required": [ - "GlueDataSource" - ], "type": "object" }, - "AWS::CleanRoomsML::TrainingDataset.Dataset": { + "AWS::Bedrock::Guardrail.TopicConfig": { "additionalProperties": false, "properties": { - "InputConfig": { - "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.DatasetInputConfig", - "markdownDescription": "A DatasetInputConfig object that defines the data source and schema mapping.", - "title": "InputConfig" + "Definition": { + "markdownDescription": "A definition of the topic to deny.", + "title": "Definition", + "type": "string" + }, + "Examples": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of prompts, each of which is an example of a prompt that can be categorized as belonging to the topic.", + "title": "Examples", + "type": "array" + }, + "InputAction": { + "markdownDescription": "Specifies the action to take when harmful content is detected in the input. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "title": "InputAction", + "type": "string" + }, + "InputEnabled": { + "markdownDescription": "Specifies whether to enable guardrail evaluation on the input. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "title": "InputEnabled", + "type": "boolean" + }, + "Name": { + "markdownDescription": "The name of the topic to deny.", + "title": "Name", + "type": "string" + }, + "OutputAction": { + "markdownDescription": "Specifies the action to take when harmful content is detected in the output. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "title": "OutputAction", + "type": "string" + }, + "OutputEnabled": { + "markdownDescription": "Specifies whether to enable guardrail evaluation on the output. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "title": "OutputEnabled", + "type": "boolean" }, "Type": { - "markdownDescription": "What type of information is found in the dataset.", + "markdownDescription": "Specifies to deny the topic.", "title": "Type", "type": "string" } }, "required": [ - "InputConfig", + "Definition", + "Name", "Type" ], "type": "object" }, - "AWS::CleanRoomsML::TrainingDataset.DatasetInputConfig": { + "AWS::Bedrock::Guardrail.TopicPolicyConfig": { "additionalProperties": false, "properties": { - "DataSource": { - "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.DataSource", - "markdownDescription": "A DataSource object that specifies the Glue data source for the training data.", - "title": "DataSource" - }, - "Schema": { + "TopicsConfig": { "items": { - "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.ColumnSchema" + "$ref": "#/definitions/AWS::Bedrock::Guardrail.TopicConfig" }, - "markdownDescription": "The schema information for the training data.", - "title": "Schema", + "markdownDescription": "A list of policies related to topics that the guardrail should deny.", + "title": "TopicsConfig", "type": "array" + }, + "TopicsTierConfig": { + "$ref": "#/definitions/AWS::Bedrock::Guardrail.TopicsTierConfig", + "markdownDescription": "The tier that your guardrail uses for denied topic filters.", + "title": "TopicsTierConfig" } }, "required": [ - "DataSource", - "Schema" + "TopicsConfig" ], "type": "object" }, - "AWS::CleanRoomsML::TrainingDataset.GlueDataSource": { + "AWS::Bedrock::Guardrail.TopicsTierConfig": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The Glue catalog that contains the training data.", - "title": "CatalogId", - "type": "string" - }, - "DatabaseName": { - "markdownDescription": "The Glue database that contains the training data.", - "title": "DatabaseName", - "type": "string" - }, - "TableName": { - "markdownDescription": "The Glue table that contains the training data.", - "title": "TableName", + "TierName": { + "markdownDescription": "The tier that your guardrail uses for denied topic filters. Valid values include:\n\n- `CLASSIC` tier \u2013 Provides established guardrails functionality supporting English, French, and Spanish languages.\n- `STANDARD` tier \u2013 Provides a more robust solution than the `CLASSIC` tier and has more comprehensive language support. This tier requires that your guardrail use [cross-Region inference](https://docs.aws.amazon.com/bedrock/latest/userguide/guardrails-cross-region.html) .", + "title": "TierName", "type": "string" } }, "required": [ - "DatabaseName", - "TableName" + "TierName" ], "type": "object" }, - "AWS::Cloud9::EnvironmentEC2": { + "AWS::Bedrock::Guardrail.WordConfig": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "InputAction": { + "markdownDescription": "Specifies the action to take when harmful content is detected in the input. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "title": "InputAction", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AutomaticStopTimeMinutes": { - "markdownDescription": "The number of minutes until the running instance is shut down after the environment was last used.", - "title": "AutomaticStopTimeMinutes", - "type": "number" - }, - "ConnectionType": { - "markdownDescription": "The connection type used for connecting to an Amazon EC2 environment. Valid values are `CONNECT_SSH` (default) and `CONNECT_SSM` (connected through AWS Systems Manager ).", - "title": "ConnectionType", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the environment to create.", - "title": "Description", - "type": "string" - }, - "ImageId": { - "markdownDescription": "The identifier for the Amazon Machine Image (AMI) that's used to create the EC2 instance. To choose an AMI for the instance, you must specify a valid AMI alias or a valid AWS Systems Manager path.\n\nFrom December 04, 2023, you will be required to include the `ImageId` parameter for the `CreateEnvironmentEC2` action. This change will be reflected across all direct methods of communicating with the API, such as AWS SDK, AWS CLI and AWS CloudFormation. This change will only affect direct API consumers, and not AWS Cloud9 console users.\n\nSince Ubuntu 18.04 has ended standard support as of May 31, 2023, we recommend you choose Ubuntu 22.04.\n\n*AMI aliases*\n\n- Amazon Linux 2: `amazonlinux-2-x86_64`\n- Amazon Linux 2023 (recommended): `amazonlinux-2023-x86_64`\n- Ubuntu 18.04: `ubuntu-18.04-x86_64`\n- Ubuntu 22.04: `ubuntu-22.04-x86_64`\n\n*SSM paths*\n\n- Amazon Linux 2: `resolve:ssm:/aws/service/cloud9/amis/amazonlinux-2-x86_64`\n- Amazon Linux 2023 (recommended): `resolve:ssm:/aws/service/cloud9/amis/amazonlinux-2023-x86_64`\n- Ubuntu 18.04: `resolve:ssm:/aws/service/cloud9/amis/ubuntu-18.04-x86_64`\n- Ubuntu 22.04: `resolve:ssm:/aws/service/cloud9/amis/ubuntu-22.04-x86_64`", - "title": "ImageId", - "type": "string" - }, - "InstanceType": { - "markdownDescription": "The type of instance to connect to the environment (for example, `t2.micro` ).", - "title": "InstanceType", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the environment.", - "title": "Name", - "type": "string" - }, - "OwnerArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the environment owner. This ARN can be the ARN of any AWS Identity and Access Management principal. If this value is not specified, the ARN defaults to this environment's creator.", - "title": "OwnerArn", - "type": "string" - }, - "Repositories": { - "items": { - "$ref": "#/definitions/AWS::Cloud9::EnvironmentEC2.Repository" - }, - "markdownDescription": "Any AWS CodeCommit source code repositories to be cloned into the development environment.", - "title": "Repositories", - "type": "array" - }, - "SubnetId": { - "markdownDescription": "The ID of the subnet in Amazon Virtual Private Cloud (Amazon VPC) that AWS Cloud9 will use to communicate with the Amazon Elastic Compute Cloud (Amazon EC2) instance.", - "title": "SubnetId", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs that will be associated with the new AWS Cloud9 development environment.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "ImageId", - "InstanceType" - ], - "type": "object" + "InputEnabled": { + "markdownDescription": "Specifies whether to enable guardrail evaluation on the intput. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "title": "InputEnabled", + "type": "boolean" }, - "Type": { - "enum": [ - "AWS::Cloud9::EnvironmentEC2" - ], + "OutputAction": { + "markdownDescription": "Specifies the action to take when harmful content is detected in the output. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "title": "OutputAction", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "OutputEnabled": { + "markdownDescription": "Specifies whether to enable guardrail evaluation on the output. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "title": "OutputEnabled", + "type": "boolean" + }, + "Text": { + "markdownDescription": "Text of the word configured for the guardrail to block.", + "title": "Text", "type": "string" } }, "required": [ - "Type", - "Properties" + "Text" ], "type": "object" }, - "AWS::Cloud9::EnvironmentEC2.Repository": { + "AWS::Bedrock::Guardrail.WordPolicyConfig": { "additionalProperties": false, "properties": { - "PathComponent": { - "markdownDescription": "The path within the development environment's default file system location to clone the AWS CodeCommit repository into. For example, `/REPOSITORY_NAME` would clone the repository into the `/home/USER_NAME/environment/REPOSITORY_NAME` directory in the environment.", - "title": "PathComponent", - "type": "string" + "ManagedWordListsConfig": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Guardrail.ManagedWordsConfig" + }, + "markdownDescription": "A list of managed words to configure for the guardrail.", + "title": "ManagedWordListsConfig", + "type": "array" }, - "RepositoryUrl": { - "markdownDescription": "The clone URL of the AWS CodeCommit repository to be cloned. For example, for an AWS CodeCommit repository this might be `https://git-codecommit.us-east-2.amazonaws.com/v1/repos/REPOSITORY_NAME` .", - "title": "RepositoryUrl", - "type": "string" + "WordsConfig": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Guardrail.WordConfig" + }, + "markdownDescription": "A list of words to configure for the guardrail.", + "title": "WordsConfig", + "type": "array" } }, - "required": [ - "PathComponent", - "RepositoryUrl" - ], "type": "object" }, - "AWS::CloudFormation::CustomResource": { + "AWS::Bedrock::GuardrailVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -34272,20 +38646,25 @@ "Properties": { "additionalProperties": false, "properties": { - "ServiceToken": { - "markdownDescription": "The service token, such as an Amazon SNS topic ARN or Lambda function ARN. The service token must be from the same Region as the stack.\n\nUpdates aren't supported.", - "title": "ServiceToken", + "Description": { + "markdownDescription": "A description of the guardrail version.", + "title": "Description", + "type": "string" + }, + "GuardrailIdentifier": { + "markdownDescription": "The unique identifier of the guardrail. This can be an ID or the ARN.", + "title": "GuardrailIdentifier", "type": "string" } }, "required": [ - "ServiceToken" + "GuardrailIdentifier" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFormation::CustomResource" + "AWS::Bedrock::GuardrailVersion" ], "type": "string" }, @@ -34304,7 +38683,7 @@ ], "type": "object" }, - "AWS::CloudFormation::HookDefaultVersion": { + "AWS::Bedrock::IntelligentPromptRouter": { "additionalProperties": false, "properties": { "Condition": { @@ -34339,108 +38718,54 @@ "Properties": { "additionalProperties": false, "properties": { - "TypeName": { - "markdownDescription": "The name of the Hook.\n\nYou must specify either `TypeVersionArn` , or `TypeName` and `VersionId` .", - "title": "TypeName", - "type": "string" - }, - "TypeVersionArn": { - "markdownDescription": "The version ID of the type configuration.\n\nYou must specify either `TypeVersionArn` , or `TypeName` and `VersionId` .", - "title": "TypeVersionArn", + "Description": { + "markdownDescription": "An optional description of the prompt router to help identify its purpose.", + "title": "Description", "type": "string" }, - "VersionId": { - "markdownDescription": "The version ID of the type specified.\n\nYou must specify either `TypeVersionArn` , or `TypeName` and `VersionId` .", - "title": "VersionId", - "type": "string" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::CloudFormation::HookDefaultVersion" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::CloudFormation::HookTypeConfig": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" + "FallbackModel": { + "$ref": "#/definitions/AWS::Bedrock::IntelligentPromptRouter.PromptRouterTargetModel", + "markdownDescription": "The default model to use when the routing criteria is not met.", + "title": "FallbackModel" }, - { + "Models": { "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" + "$ref": "#/definitions/AWS::Bedrock::IntelligentPromptRouter.PromptRouterTargetModel" }, + "markdownDescription": "A list of foundation models that the prompt router can route requests to. At least one model must be specified.", + "title": "Models", "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Configuration": { - "markdownDescription": "Specifies the activated Hook type configuration, in this AWS account and AWS Region .\n\nYou must specify either `TypeName` and `Configuration` or `TypeArn` and `Configuration` .", - "title": "Configuration", - "type": "string" }, - "ConfigurationAlias": { - "markdownDescription": "An alias by which to refer to this configuration data.\n\nDefaults to `default` alias. Hook types currently support default configuration alias.", - "title": "ConfigurationAlias", + "PromptRouterName": { + "markdownDescription": "The name of the prompt router. The name must be unique within your AWS account in the current region.", + "title": "PromptRouterName", "type": "string" }, - "TypeArn": { - "markdownDescription": "The Amazon Resource Number (ARN) for the Hook to set `Configuration` for.\n\nYou must specify either `TypeName` and `Configuration` or `TypeArn` and `Configuration` .", - "title": "TypeArn", - "type": "string" + "RoutingCriteria": { + "$ref": "#/definitions/AWS::Bedrock::IntelligentPromptRouter.RoutingCriteria", + "markdownDescription": "Routing criteria for a prompt router.", + "title": "RoutingCriteria" }, - "TypeName": { - "markdownDescription": "The unique name for your Hook. Specifies a three-part namespace for your Hook, with a recommended pattern of `Organization::Service::Hook` .\n\nYou must specify either `TypeName` and `Configuration` or `TypeArn` and `Configuration` .", - "title": "TypeName", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource as tags. You can use tags to categorize and manage your AWS resources.", + "title": "Tags", + "type": "array" } }, "required": [ - "Configuration" + "FallbackModel", + "Models", + "PromptRouterName", + "RoutingCriteria" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFormation::HookTypeConfig" + "AWS::Bedrock::IntelligentPromptRouter" ], "type": "string" }, @@ -34459,7 +38784,35 @@ ], "type": "object" }, - "AWS::CloudFormation::HookVersion": { + "AWS::Bedrock::IntelligentPromptRouter.PromptRouterTargetModel": { + "additionalProperties": false, + "properties": { + "ModelArn": { + "markdownDescription": "The target model's ARN.", + "title": "ModelArn", + "type": "string" + } + }, + "required": [ + "ModelArn" + ], + "type": "object" + }, + "AWS::Bedrock::IntelligentPromptRouter.RoutingCriteria": { + "additionalProperties": false, + "properties": { + "ResponseQualityDifference": { + "markdownDescription": "The criteria's response quality difference.", + "title": "ResponseQualityDifference", + "type": "number" + } + }, + "required": [ + "ResponseQualityDifference" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase": { "additionalProperties": false, "properties": { "Condition": { @@ -34494,36 +38847,53 @@ "Properties": { "additionalProperties": false, "properties": { - "ExecutionRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the task execution role that grants the Hook permission.", - "title": "ExecutionRoleArn", + "Description": { + "markdownDescription": "The description of the knowledge base associated with the inline agent.", + "title": "Description", "type": "string" }, - "LoggingConfig": { - "$ref": "#/definitions/AWS::CloudFormation::HookVersion.LoggingConfig", - "markdownDescription": "Contains logging configuration information for an extension.", - "title": "LoggingConfig" + "KnowledgeBaseConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.KnowledgeBaseConfiguration", + "markdownDescription": "Contains details about the embeddings configuration of the knowledge base.", + "title": "KnowledgeBaseConfiguration" }, - "SchemaHandlerPackage": { - "markdownDescription": "A URL to the Amazon S3 bucket containing the Hook project package that contains the necessary files for the Hook you want to register.\n\nFor information on generating a schema handler package, see [Modeling custom CloudFormation Hooks](https://docs.aws.amazon.com/cloudformation-cli/latest/hooks-userguide/hooks-model.html) in the *AWS CloudFormation Hooks User Guide* .\n\n> To register the Hook, you must have `s3:GetObject` permissions to access the S3 objects.", - "title": "SchemaHandlerPackage", + "Name": { + "markdownDescription": "The name of the knowledge base.", + "title": "Name", "type": "string" }, - "TypeName": { - "markdownDescription": "The unique name for your hook. Specifies a three-part namespace for your hook, with a recommended pattern of `Organization::Service::Hook` .\n\n> The following organization namespaces are reserved and can't be used in your hook type names:\n> \n> - `Alexa`\n> - `AMZN`\n> - `Amazon`\n> - `ASK`\n> - `AWS`\n> - `Custom`\n> - `Dev`", - "title": "TypeName", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role with permissions to invoke API operations on the knowledge base.", + "title": "RoleArn", "type": "string" + }, + "StorageConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.StorageConfiguration", + "markdownDescription": "Contains details about the storage configuration of the knowledge base.", + "title": "StorageConfiguration" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Metadata that you can assign to a resource as key-value pairs. For more information, see the following resources:\n\n- [Tag naming limits and requirements](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-conventions)\n- [Tagging best practices](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-best-practices)", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" } }, "required": [ - "SchemaHandlerPackage", - "TypeName" + "KnowledgeBaseConfiguration", + "Name", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFormation::HookVersion" + "AWS::Bedrock::KnowledgeBase" ], "type": "string" }, @@ -34542,982 +38912,871 @@ ], "type": "object" }, - "AWS::CloudFormation::HookVersion.LoggingConfig": { + "AWS::Bedrock::KnowledgeBase.BedrockEmbeddingModelConfiguration": { "additionalProperties": false, "properties": { - "LogGroupName": { - "markdownDescription": "The Amazon CloudWatch Logs group to which CloudFormation sends error logging information when invoking the extension's handlers.", - "title": "LogGroupName", - "type": "string" + "Dimensions": { + "markdownDescription": "The dimensions details for the vector configuration used on the Bedrock embeddings model.", + "title": "Dimensions", + "type": "number" }, - "LogRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role that CloudFormation should assume when sending log entries to CloudWatch Logs.", - "title": "LogRoleArn", + "EmbeddingDataType": { + "markdownDescription": "The data type for the vectors when using a model to convert text into vector embeddings. The model must support the specified data type for vector embeddings. Floating-point (float32) is the default data type, and is supported by most models for vector embeddings. See [Supported embeddings models](https://docs.aws.amazon.com/bedrock/latest/userguide/knowledge-base-supported.html) for information on the available models and their vector data types.", + "title": "EmbeddingDataType", "type": "string" } }, "type": "object" }, - "AWS::CloudFormation::Macro": { + "AWS::Bedrock::KnowledgeBase.CuratedQuery": { "additionalProperties": false, "properties": { - "Condition": { + "NaturalLanguage": { + "markdownDescription": "An example natural language query.", + "title": "NaturalLanguage", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Sql": { + "markdownDescription": "The SQL equivalent of the natural language query.", + "title": "Sql", "type": "string" + } + }, + "required": [ + "NaturalLanguage", + "Sql" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.EmbeddingModelConfiguration": { + "additionalProperties": false, + "properties": { + "BedrockEmbeddingModelConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.BedrockEmbeddingModelConfiguration", + "markdownDescription": "The vector configuration details on the Bedrock embeddings model.", + "title": "BedrockEmbeddingModelConfiguration" + } + }, + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.KendraKnowledgeBaseConfiguration": { + "additionalProperties": false, + "properties": { + "KendraIndexArn": { + "markdownDescription": "The ARN of the Amazon Kendra index.", + "title": "KendraIndexArn", + "type": "string" + } + }, + "required": [ + "KendraIndexArn" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.KnowledgeBaseConfiguration": { + "additionalProperties": false, + "properties": { + "KendraKnowledgeBaseConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.KendraKnowledgeBaseConfiguration", + "markdownDescription": "Settings for an Amazon Kendra knowledge base.", + "title": "KendraKnowledgeBaseConfiguration" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description of the macro.", - "title": "Description", - "type": "string" - }, - "FunctionName": { - "markdownDescription": "The Amazon Resource Name (ARN) of the underlying Lambda function that you want CloudFormation to invoke when the macro is run.", - "title": "FunctionName", - "type": "string" - }, - "LogGroupName": { - "markdownDescription": "The CloudWatch Logs group to which CloudFormation sends error logging information when invoking the macro's underlying Lambda function.\n\nThis will be an existing CloudWatch Logs LogGroup. Neither CloudFormation or Lambda will create the group.", - "title": "LogGroupName", - "type": "string" - }, - "LogRoleARN": { - "markdownDescription": "The ARN of the role CloudFormation should assume when sending log entries to CloudWatch Logs .", - "title": "LogRoleARN", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the macro. The name of the macro must be unique across all macros in the account.", - "title": "Name", - "type": "string" - } - }, - "required": [ - "FunctionName", - "Name" - ], - "type": "object" + "SqlKnowledgeBaseConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.SqlKnowledgeBaseConfiguration", + "markdownDescription": "Specifies configurations for a knowledge base connected to an SQL database.", + "title": "SqlKnowledgeBaseConfiguration" }, "Type": { - "enum": [ - "AWS::CloudFormation::Macro" - ], + "markdownDescription": "The type of data that the data source is converted into for the knowledge base.", + "title": "Type", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "VectorKnowledgeBaseConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.VectorKnowledgeBaseConfiguration", + "markdownDescription": "Contains details about the model that's used to convert the data source into vector embeddings.", + "title": "VectorKnowledgeBaseConfiguration" } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::CloudFormation::ModuleDefaultVersion": { + "AWS::Bedrock::KnowledgeBase.MongoDbAtlasConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "CollectionName": { + "markdownDescription": "The collection name of the knowledge base in MongoDB Atlas.", + "title": "CollectionName", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "CredentialsSecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the secret that you created in AWS Secrets Manager that contains user credentials for your MongoDB Atlas cluster.", + "title": "CredentialsSecretArn", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "DatabaseName": { + "markdownDescription": "The database name in your MongoDB Atlas cluster for your knowledge base.", + "title": "DatabaseName", + "type": "string" }, - "Metadata": { - "type": "object" + "Endpoint": { + "markdownDescription": "The endpoint URL of your MongoDB Atlas cluster for your knowledge base.", + "title": "Endpoint", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the module version to set as the default version.\n\nConditional: You must specify either `Arn` , or `ModuleName` and `VersionId` .", - "title": "Arn", - "type": "string" - }, - "ModuleName": { - "markdownDescription": "The name of the module.\n\nConditional: You must specify either `Arn` , or `ModuleName` and `VersionId` .", - "title": "ModuleName", - "type": "string" - }, - "VersionId": { - "markdownDescription": "The ID for the specific version of the module.\n\nConditional: You must specify either `Arn` , or `ModuleName` and `VersionId` .", - "title": "VersionId", - "type": "string" - } - }, - "type": "object" + "EndpointServiceName": { + "markdownDescription": "The name of the VPC endpoint service in your account that is connected to your MongoDB Atlas cluster.", + "title": "EndpointServiceName", + "type": "string" }, - "Type": { - "enum": [ - "AWS::CloudFormation::ModuleDefaultVersion" - ], + "FieldMapping": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.MongoDbAtlasFieldMapping", + "markdownDescription": "Contains the names of the fields to which to map information about the vector store.", + "title": "FieldMapping" + }, + "TextIndexName": { + "markdownDescription": "The name of the text search index in the MongoDB collection. This is required for using the hybrid search feature.", + "title": "TextIndexName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VectorIndexName": { + "markdownDescription": "The name of the MongoDB Atlas vector search index.", + "title": "VectorIndexName", "type": "string" } }, "required": [ - "Type" + "CollectionName", + "CredentialsSecretArn", + "DatabaseName", + "Endpoint", + "FieldMapping", + "VectorIndexName" ], "type": "object" }, - "AWS::CloudFormation::ModuleVersion": { + "AWS::Bedrock::KnowledgeBase.MongoDbAtlasFieldMapping": { "additionalProperties": false, "properties": { - "Condition": { + "MetadataField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores metadata about the vector store.", + "title": "MetadataField", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TextField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose.", + "title": "TextField", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ModuleName": { - "markdownDescription": "The name of the module being registered.", - "title": "ModuleName", - "type": "string" - }, - "ModulePackage": { - "markdownDescription": "A URL to the S3 bucket containing the package that contains the template fragment and schema files for the module version to register.\n\nFor more information, see [Module structure and requirements](https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/modules-structure.html) in the *AWS CloudFormation Command Line Interface (CLI) User Guide* .\n\n> To register the module version, you must have `s3:GetObject` permissions to access the S3 objects.", - "title": "ModulePackage", - "type": "string" - } - }, - "required": [ - "ModuleName", - "ModulePackage" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::CloudFormation::ModuleVersion" - ], + "VectorField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores the vector embeddings for your data sources.", + "title": "VectorField", "type": "string" + } + }, + "required": [ + "MetadataField", + "TextField", + "VectorField" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.NeptuneAnalyticsConfiguration": { + "additionalProperties": false, + "properties": { + "FieldMapping": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.NeptuneAnalyticsFieldMapping", + "markdownDescription": "Contains the names of the fields to which to map information about the vector store.", + "title": "FieldMapping" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "GraphArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Neptune Analytics vector store.", + "title": "GraphArn", "type": "string" } }, "required": [ - "Type", - "Properties" + "FieldMapping", + "GraphArn" ], "type": "object" }, - "AWS::CloudFormation::PublicTypeVersion": { + "AWS::Bedrock::KnowledgeBase.NeptuneAnalyticsFieldMapping": { "additionalProperties": false, "properties": { - "Condition": { + "MetadataField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores metadata about the vector store.", + "title": "MetadataField", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TextField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose.", + "title": "TextField", + "type": "string" + } + }, + "required": [ + "MetadataField", + "TextField" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.OpenSearchManagedClusterConfiguration": { + "additionalProperties": false, + "properties": { + "DomainArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the OpenSearch domain.", + "title": "DomainArn", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Number (ARN) of the extension.\n\nConditional: You must specify `Arn` , or `TypeName` and `Type` .", - "title": "Arn", - "type": "string" - }, - "LogDeliveryBucket": { - "markdownDescription": "The S3 bucket to which CloudFormation delivers the contract test execution logs.\n\nCloudFormation delivers the logs by the time contract testing has completed and the extension has been assigned a test type status of `PASSED` or `FAILED` .\n\nThe user initiating the stack operation must be able to access items in the specified S3 bucket. Specifically, the user needs the following permissions:\n\n- s3:GetObject\n- s3:PutObject", - "title": "LogDeliveryBucket", - "type": "string" - }, - "PublicVersionNumber": { - "markdownDescription": "The version number to assign to this version of the extension.\n\nUse the following format, and adhere to semantic versioning when assigning a version number to your extension:\n\n`MAJOR.MINOR.PATCH`\n\nFor more information, see [Semantic Versioning 2.0.0](https://docs.aws.amazon.com/https://semver.org/) .\n\nIf you don't specify a version number, CloudFormation increments the version number by one minor version release.\n\nYou cannot specify a version number the first time you publish a type. CloudFormation automatically sets the first version number to be `1.0.0` .", - "title": "PublicVersionNumber", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of the extension to test.\n\nConditional: You must specify `Arn` , or `TypeName` and `Type` .", - "title": "Type", - "type": "string" - }, - "TypeName": { - "markdownDescription": "The name of the extension to test.\n\nConditional: You must specify `Arn` , or `TypeName` and `Type` .", - "title": "TypeName", - "type": "string" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::CloudFormation::PublicTypeVersion" - ], + "DomainEndpoint": { + "markdownDescription": "The endpoint URL the OpenSearch domain.", + "title": "DomainEndpoint", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FieldMapping": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.OpenSearchManagedClusterFieldMapping", + "markdownDescription": "Contains the names of the fields to which to map information about the vector store.", + "title": "FieldMapping" + }, + "VectorIndexName": { + "markdownDescription": "The name of the vector store.", + "title": "VectorIndexName", "type": "string" } }, "required": [ - "Type" + "DomainArn", + "DomainEndpoint", + "FieldMapping", + "VectorIndexName" ], "type": "object" }, - "AWS::CloudFormation::Publisher": { + "AWS::Bedrock::KnowledgeBase.OpenSearchManagedClusterFieldMapping": { "additionalProperties": false, "properties": { - "Condition": { + "MetadataField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores metadata about the vector store.", + "title": "MetadataField", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TextField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose.", + "title": "TextField", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "VectorField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores the vector embeddings for your data sources.", + "title": "VectorField", + "type": "string" + } + }, + "required": [ + "MetadataField", + "TextField", + "VectorField" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.OpenSearchServerlessConfiguration": { + "additionalProperties": false, + "properties": { + "CollectionArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the OpenSearch Service vector store.", + "title": "CollectionArn", + "type": "string" }, - "Metadata": { - "type": "object" + "FieldMapping": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.OpenSearchServerlessFieldMapping", + "markdownDescription": "Contains the names of the fields to which to map information about the vector store.", + "title": "FieldMapping" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AcceptTermsAndConditions": { - "markdownDescription": "Whether you accept the [Terms and Conditions](https://docs.aws.amazon.com/https://cloudformation-registry-documents.s3.amazonaws.com/Terms_and_Conditions_for_AWS_CloudFormation_Registry_Publishers.pdf) for publishing extensions in the CloudFormation registry. You must accept the terms and conditions in order to register to publish public extensions to the CloudFormation registry.\n\nThe default is `false` .", - "title": "AcceptTermsAndConditions", - "type": "boolean" - }, - "ConnectionArn": { - "markdownDescription": "If you are using a Bitbucket or GitHub account for identity verification, the Amazon Resource Name (ARN) for your connection to that account.\n\nFor more information, see [Prerequisite: Registering your account to publish CloudFormation extensions](https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/publish-extension.html#publish-extension-prereqs) in the *AWS CloudFormation Command Line Interface (CLI) User Guide* .", - "title": "ConnectionArn", - "type": "string" - } - }, - "required": [ - "AcceptTermsAndConditions" - ], - "type": "object" + "VectorIndexName": { + "markdownDescription": "The name of the vector store.", + "title": "VectorIndexName", + "type": "string" + } + }, + "required": [ + "CollectionArn", + "FieldMapping", + "VectorIndexName" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.OpenSearchServerlessFieldMapping": { + "additionalProperties": false, + "properties": { + "MetadataField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores metadata about the vector store.", + "title": "MetadataField", + "type": "string" }, - "Type": { - "enum": [ - "AWS::CloudFormation::Publisher" - ], + "TextField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose.", + "title": "TextField", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VectorField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores the vector embeddings for your data sources.", + "title": "VectorField", "type": "string" } }, "required": [ - "Type", - "Properties" + "MetadataField", + "TextField", + "VectorField" ], "type": "object" }, - "AWS::CloudFormation::ResourceDefaultVersion": { + "AWS::Bedrock::KnowledgeBase.PineconeConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "ConnectionString": { + "markdownDescription": "The endpoint URL for your index management page.", + "title": "ConnectionString", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "CredentialsSecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the secret that you created in AWS Secrets Manager that is linked to your Pinecone API key.", + "title": "CredentialsSecretArn", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "TypeName": { - "markdownDescription": "The name of the resource.\n\nConditional: You must specify either `TypeVersionArn` , or `TypeName` and `VersionId` .", - "title": "TypeName", - "type": "string" - }, - "TypeVersionArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource version.\n\nConditional: You must specify either `TypeVersionArn` , or `TypeName` and `VersionId` .", - "title": "TypeVersionArn", - "type": "string" - }, - "VersionId": { - "markdownDescription": "The ID of a specific version of the resource. The version ID is the value at the end of the Amazon Resource Name (ARN) assigned to the resource version when it's registered.\n\nConditional: You must specify either `TypeVersionArn` , or `TypeName` and `VersionId` .", - "title": "VersionId", - "type": "string" - } - }, - "type": "object" + "FieldMapping": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.PineconeFieldMapping", + "markdownDescription": "Contains the names of the fields to which to map information about the vector store.", + "title": "FieldMapping" }, - "Type": { - "enum": [ - "AWS::CloudFormation::ResourceDefaultVersion" - ], + "Namespace": { + "markdownDescription": "The namespace to be used to write new data to your database.", + "title": "Namespace", + "type": "string" + } + }, + "required": [ + "ConnectionString", + "CredentialsSecretArn", + "FieldMapping" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.PineconeFieldMapping": { + "additionalProperties": false, + "properties": { + "MetadataField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores metadata about the vector store.", + "title": "MetadataField", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TextField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose.", + "title": "TextField", "type": "string" } }, "required": [ - "Type" + "MetadataField", + "TextField" ], "type": "object" }, - "AWS::CloudFormation::ResourceVersion": { + "AWS::Bedrock::KnowledgeBase.QueryGenerationColumn": { "additionalProperties": false, "properties": { - "Condition": { + "Description": { + "markdownDescription": "A description of the column that helps the query engine understand the contents of the column.", + "title": "Description", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Inclusion": { + "markdownDescription": "Specifies whether to include or exclude the column during query generation. If you specify `EXCLUDE` , the column will be ignored. If you specify `INCLUDE` , all other columns in the table will be ignored.", + "title": "Inclusion", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Name": { + "markdownDescription": "The name of the column for which the other fields in this object apply.", + "title": "Name", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.QueryGenerationConfiguration": { + "additionalProperties": false, + "properties": { + "ExecutionTimeoutSeconds": { + "markdownDescription": "The time after which query generation will time out.", + "title": "ExecutionTimeoutSeconds", + "type": "number" }, - "Metadata": { - "type": "object" + "GenerationContext": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.QueryGenerationContext", + "markdownDescription": "Specifies configurations for context to use during query generation.", + "title": "GenerationContext" + } + }, + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.QueryGenerationContext": { + "additionalProperties": false, + "properties": { + "CuratedQueries": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.CuratedQuery" + }, + "markdownDescription": "An array of objects, each of which defines information about example queries to help the query engine generate appropriate SQL queries.", + "title": "CuratedQueries", + "type": "array" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ExecutionRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role for CloudFormation to assume when invoking the resource. If your resource calls AWS APIs in any of its handlers, you must create an IAM execution role that includes the necessary permissions to call those AWS APIs, and provision that execution role in your account. When CloudFormation needs to invoke the resource type handler, CloudFormation assumes this execution role to create a temporary session token, which it then passes to the resource type handler, thereby supplying your resource type with the appropriate credentials.", - "title": "ExecutionRoleArn", - "type": "string" - }, - "LoggingConfig": { - "$ref": "#/definitions/AWS::CloudFormation::ResourceVersion.LoggingConfig", - "markdownDescription": "Logging configuration information for a resource.", - "title": "LoggingConfig" - }, - "SchemaHandlerPackage": { - "markdownDescription": "A URL to the S3 bucket containing the resource project package that contains the necessary files for the resource you want to register.\n\nFor information on generating a schema handler package, see [Modeling resource types to use with AWS CloudFormation](https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/resource-type-model.html) in the *AWS CloudFormation Command Line Interface (CLI) User Guide* .\n\n> To register the resource version, you must have `s3:GetObject` permissions to access the S3 objects.", - "title": "SchemaHandlerPackage", - "type": "string" - }, - "TypeName": { - "markdownDescription": "The name of the resource being registered.\n\nWe recommend that resource names adhere to the following pattern: *company_or_organization* :: *service* :: *type* .\n\n> The following organization namespaces are reserved and can't be used in your resource names:\n> \n> - `Alexa`\n> - `AMZN`\n> - `Amazon`\n> - `AWS`\n> - `Custom`\n> - `Dev`", - "title": "TypeName", - "type": "string" - } + "Tables": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.QueryGenerationTable" }, - "required": [ - "SchemaHandlerPackage", - "TypeName" - ], - "type": "object" + "markdownDescription": "An array of objects, each of which defines information about a table in the database.", + "title": "Tables", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.QueryGenerationTable": { + "additionalProperties": false, + "properties": { + "Columns": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.QueryGenerationColumn" + }, + "markdownDescription": "An array of objects, each of which defines information about a column in the table.", + "title": "Columns", + "type": "array" }, - "Type": { - "enum": [ - "AWS::CloudFormation::ResourceVersion" - ], + "Description": { + "markdownDescription": "A description of the table that helps the query engine understand the contents of the table.", + "title": "Description", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Inclusion": { + "markdownDescription": "Specifies whether to include or exclude the table during query generation. If you specify `EXCLUDE` , the table will be ignored. If you specify `INCLUDE` , all other tables will be ignored.", + "title": "Inclusion", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the table for which the other fields in this object apply.", + "title": "Name", "type": "string" } }, "required": [ - "Type", - "Properties" + "Name" ], "type": "object" }, - "AWS::CloudFormation::ResourceVersion.LoggingConfig": { + "AWS::Bedrock::KnowledgeBase.RdsConfiguration": { "additionalProperties": false, "properties": { - "LogGroupName": { - "markdownDescription": "The Amazon CloudWatch logs group to which CloudFormation sends error logging information when invoking the type's handlers.", - "title": "LogGroupName", + "CredentialsSecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the secret that you created in AWS Secrets Manager that is linked to your Amazon RDS database.", + "title": "CredentialsSecretArn", "type": "string" }, - "LogRoleArn": { - "markdownDescription": "The ARN of the role that CloudFormation should assume when sending log entries to CloudWatch logs.", - "title": "LogRoleArn", + "DatabaseName": { + "markdownDescription": "The name of your Amazon RDS database.", + "title": "DatabaseName", + "type": "string" + }, + "FieldMapping": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.RdsFieldMapping", + "markdownDescription": "Contains the names of the fields to which to map information about the vector store.", + "title": "FieldMapping" + }, + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the vector store.", + "title": "ResourceArn", + "type": "string" + }, + "TableName": { + "markdownDescription": "The name of the table in the database.", + "title": "TableName", "type": "string" } }, + "required": [ + "CredentialsSecretArn", + "DatabaseName", + "FieldMapping", + "ResourceArn", + "TableName" + ], "type": "object" }, - "AWS::CloudFormation::Stack": { + "AWS::Bedrock::KnowledgeBase.RdsFieldMapping": { "additionalProperties": false, "properties": { - "Condition": { + "CustomMetadataField": { + "markdownDescription": "Provide a name for the universal metadata field where Amazon Bedrock will store any custom metadata from your data source.", + "title": "CustomMetadataField", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "MetadataField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores metadata about the vector store.", + "title": "MetadataField", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "NotificationARNs": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon SNS topic ARNs to publish stack related events. You can find your Amazon SNS topic ARNs using the Amazon SNS console or your Command Line Interface (CLI).", - "title": "NotificationARNs", - "type": "array" - }, - "Parameters": { - "additionalProperties": true, - "markdownDescription": "The set value pairs that represent the parameters passed to CloudFormation when this nested stack is created. Each parameter has a name corresponding to a parameter defined in the embedded template and a value representing the value that you want to set for the parameter.\n\n> If you use the `Ref` function to pass a parameter value to a nested stack, comma-delimited list parameters must be of type `String` . In other words, you can't pass values that are of type `CommaDelimitedList` to nested stacks. \n\nRequired if the nested stack requires input parameters.\n\nWhether an update causes interruptions depends on the resources that are being updated. An update never causes a nested stack to be replaced.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Parameters", - "type": "object" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Key-value pairs to associate with this stack. CloudFormation also propagates these tags to the resources created in the stack. A maximum number of 50 tags can be specified.", - "title": "Tags", - "type": "array" - }, - "TemplateURL": { - "markdownDescription": "The URL of a file containing the template body. The URL must point to a template (max size: 1 MB) that's located in an Amazon S3 bucket. The location for an Amazon S3 bucket must start with `https://` .\n\nWhether an update causes interruptions depends on the resources that are being updated. An update never causes a nested stack to be replaced.", - "title": "TemplateURL", - "type": "string" - }, - "TimeoutInMinutes": { - "markdownDescription": "The length of time, in minutes, that CloudFormation waits for the nested stack to reach the `CREATE_COMPLETE` state. The default is no timeout. When CloudFormation detects that the nested stack has reached the `CREATE_COMPLETE` state, it marks the nested stack resource as `CREATE_COMPLETE` in the parent stack and resumes creating the parent stack. If the timeout period expires before the nested stack reaches `CREATE_COMPLETE` , CloudFormation marks the nested stack as failed and rolls back both the nested stack and parent stack.\n\nUpdates aren't supported.", - "title": "TimeoutInMinutes", - "type": "number" - } - }, - "required": [ - "TemplateURL" - ], - "type": "object" + "PrimaryKeyField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores the ID for each entry.", + "title": "PrimaryKeyField", + "type": "string" }, - "Type": { - "enum": [ - "AWS::CloudFormation::Stack" - ], + "TextField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose.", + "title": "TextField", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VectorField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores the vector embeddings for your data sources.", + "title": "VectorField", "type": "string" } }, "required": [ - "Type", - "Properties" + "MetadataField", + "PrimaryKeyField", + "TextField", + "VectorField" ], "type": "object" }, - "AWS::CloudFormation::StackSet": { + "AWS::Bedrock::KnowledgeBase.RedshiftConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "QueryEngineConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.RedshiftQueryEngineConfiguration", + "markdownDescription": "Specifies configurations for an Amazon Redshift query engine.", + "title": "QueryEngineConfiguration" }, - "Metadata": { - "type": "object" + "QueryGenerationConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.QueryGenerationConfiguration", + "markdownDescription": "Specifies configurations for generating queries.", + "title": "QueryGenerationConfiguration" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AdministrationRoleARN": { - "markdownDescription": "The Amazon Resource Number (ARN) of the IAM role to use to create this stack set. Specify an IAM role only if you are using customized administrator roles to control which users or groups can manage specific stack sets within the same administrator account.\n\nUse customized administrator roles to control which users or groups can manage specific stack sets within the same administrator account. For more information, see [Grant self-managed permissions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-prereqs-self-managed.html) in the *AWS CloudFormation User Guide* .\n\nValid only if the permissions model is `SELF_MANAGED` .", - "title": "AdministrationRoleARN", - "type": "string" - }, - "AutoDeployment": { - "$ref": "#/definitions/AWS::CloudFormation::StackSet.AutoDeployment", - "markdownDescription": "Describes whether StackSets automatically deploys to AWS Organizations accounts that are added to a target organization or organizational unit (OU). For more information, see [Enable or disable automatic deployments for StackSets in AWS Organizations](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-orgs-manage-auto-deployment.html) in the *AWS CloudFormation User Guide* .\n\nRequired if the permissions model is `SERVICE_MANAGED` . (Not used with self-managed permissions.)", - "title": "AutoDeployment" - }, - "CallAs": { - "markdownDescription": "Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.\n\nBy default, `SELF` is specified. Use `SELF` for stack sets with self-managed permissions.\n\n- To create a stack set with service-managed permissions while signed in to the management account, specify `SELF` .\n- To create a stack set with service-managed permissions while signed in to a delegated administrator account, specify `DELEGATED_ADMIN` .\n\nYour AWS account must be registered as a delegated admin in the management account. For more information, see [Register a delegated administrator](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-orgs-delegated-admin.html) in the *AWS CloudFormation User Guide* .\n\nStack sets with service-managed permissions are created in the management account, including stack sets that are created by delegated administrators.\n\nValid only if the permissions model is `SERVICE_MANAGED` .", - "title": "CallAs", - "type": "string" - }, - "Capabilities": { - "items": { - "type": "string" - }, - "markdownDescription": "The capabilities that are allowed in the stack set. Some stack set templates might include resources that can affect permissions in your AWS account \u2014for example, by creating new IAM users. For more information, see [Acknowledging IAM resources in CloudFormation templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/control-access-with-iam.html#using-iam-capabilities) in the *AWS CloudFormation User Guide* .", - "title": "Capabilities", - "type": "array" - }, - "Description": { - "markdownDescription": "A description of the stack set.", - "title": "Description", - "type": "string" - }, - "ExecutionRoleName": { - "markdownDescription": "The name of the IAM execution role to use to create the stack set. If you don't specify an execution role, CloudFormation uses the `AWSCloudFormationStackSetExecutionRole` role for the stack set operation.\n\nValid only if the permissions model is `SELF_MANAGED` .\n\n*Pattern* : `[a-zA-Z_0-9+=,.@-]+`", - "title": "ExecutionRoleName", - "type": "string" - }, - "ManagedExecution": { - "$ref": "#/definitions/AWS::CloudFormation::StackSet.ManagedExecution", - "markdownDescription": "Describes whether StackSets performs non-conflicting operations concurrently and queues conflicting operations.\n\nWhen active, StackSets performs non-conflicting operations concurrently and queues conflicting operations. After conflicting operations finish, StackSets starts queued operations in request order.\n\n> If there are already running or queued operations, StackSets queues all incoming operations even if they are non-conflicting.\n> \n> You can't modify your stack set's execution configuration while there are running or queued operations for that stack set. \n\nWhen inactive (default), StackSets performs one operation at a time in request order.", - "title": "ManagedExecution" - }, - "OperationPreferences": { - "$ref": "#/definitions/AWS::CloudFormation::StackSet.OperationPreferences", - "markdownDescription": "The user-specified preferences for how CloudFormation performs a stack set operation.", - "title": "OperationPreferences" - }, - "Parameters": { - "items": { - "$ref": "#/definitions/AWS::CloudFormation::StackSet.Parameter" - }, - "markdownDescription": "The input parameters for the stack set template.", - "title": "Parameters", - "type": "array" - }, - "PermissionModel": { - "markdownDescription": "Describes how the IAM roles required for stack set operations are created.\n\n- With `SELF_MANAGED` permissions, you must create the administrator and execution roles required to deploy to target accounts. For more information, see [Grant self-managed permissions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-prereqs-self-managed.html) in the *AWS CloudFormation User Guide* .\n- With `SERVICE_MANAGED` permissions, StackSets automatically creates the IAM roles required to deploy to accounts managed by AWS Organizations . For more information, see [Activate trusted access for stack sets with AWS Organizations](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-orgs-activate-trusted-access.html) in the *AWS CloudFormation User Guide* .", - "title": "PermissionModel", - "type": "string" - }, - "StackInstancesGroup": { - "items": { - "$ref": "#/definitions/AWS::CloudFormation::StackSet.StackInstances" - }, - "markdownDescription": "A group of stack instances with parameters in some specific accounts and Regions.", - "title": "StackInstancesGroup", - "type": "array" - }, - "StackSetName": { - "markdownDescription": "The name to associate with the stack set. The name must be unique in the Region where you create your stack set.", - "title": "StackSetName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Key-value pairs to associate with this stack. CloudFormation also propagates these tags to supported resources in the stack. You can specify a maximum number of 50 tags.\n\nIf you don't specify this parameter, CloudFormation doesn't modify the stack's tags. If you specify an empty value, CloudFormation removes all associated tags.", - "title": "Tags", - "type": "array" - }, - "TemplateBody": { - "markdownDescription": "The structure that contains the template body, with a minimum length of 1 byte and a maximum length of 51,200 bytes.\n\nYou must include either `TemplateURL` or `TemplateBody` in a StackSet, but you can't use both. Dynamic references in the `TemplateBody` may not work correctly in all cases. It's recommended to pass templates containing dynamic references through `TemplateUrl` instead.", - "title": "TemplateBody", - "type": "string" - }, - "TemplateURL": { - "markdownDescription": "The URL of a file containing the template body. The URL must point to a template (max size: 1 MB) that's located in an Amazon S3 bucket or a Systems Manager document. The location for an Amazon S3 bucket must start with `https://` .\n\nConditional: You must specify only one of the following parameters: `TemplateBody` , `TemplateURL` .", - "title": "TemplateURL", - "type": "string" - } + "StorageConfigurations": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.RedshiftQueryEngineStorageConfiguration" }, - "required": [ - "PermissionModel", - "StackSetName" - ], - "type": "object" + "markdownDescription": "Specifies configurations for Amazon Redshift database storage.", + "title": "StorageConfigurations", + "type": "array" + } + }, + "required": [ + "QueryEngineConfiguration", + "StorageConfigurations" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.RedshiftProvisionedAuthConfiguration": { + "additionalProperties": false, + "properties": { + "DatabaseUser": { + "markdownDescription": "The database username for authentication to an Amazon Redshift provisioned data warehouse.", + "title": "DatabaseUser", + "type": "string" }, "Type": { - "enum": [ - "AWS::CloudFormation::StackSet" - ], + "markdownDescription": "The type of authentication to use.", + "title": "Type", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "UsernamePasswordSecretArn": { + "markdownDescription": "The ARN of an Secrets Manager secret for authentication.", + "title": "UsernamePasswordSecretArn", "type": "string" } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::CloudFormation::StackSet.AutoDeployment": { + "AWS::Bedrock::KnowledgeBase.RedshiftProvisionedConfiguration": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "If set to `true` , StackSets automatically deploys additional stack instances to AWS Organizations accounts that are added to a target organization or organizational unit (OU) in the specified Regions. If an account is removed from a target organization or OU, StackSets deletes stack instances from the account in the specified Regions.", - "title": "Enabled", - "type": "boolean" + "AuthConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.RedshiftProvisionedAuthConfiguration", + "markdownDescription": "Specifies configurations for authentication to Amazon Redshift.", + "title": "AuthConfiguration" }, - "RetainStacksOnAccountRemoval": { - "markdownDescription": "If set to `true` , stack resources are retained when an account is removed from a target organization or OU. If set to `false` , stack resources are deleted. Specify only if `Enabled` is set to `True` .", - "title": "RetainStacksOnAccountRemoval", - "type": "boolean" + "ClusterIdentifier": { + "markdownDescription": "The ID of the Amazon Redshift cluster.", + "title": "ClusterIdentifier", + "type": "string" } }, + "required": [ + "AuthConfiguration", + "ClusterIdentifier" + ], "type": "object" }, - "AWS::CloudFormation::StackSet.DeploymentTargets": { + "AWS::Bedrock::KnowledgeBase.RedshiftQueryEngineAwsDataCatalogStorageConfiguration": { "additionalProperties": false, "properties": { - "AccountFilterType": { - "markdownDescription": "Limit deployment targets to individual accounts or include additional accounts with provided OUs.\n\nThe following is a list of possible values for the `AccountFilterType` operation.\n\n- `INTERSECTION` : StackSet deploys to the accounts specified in the `Accounts` parameter.\n- `DIFFERENCE` : StackSet deploys to the OU, excluding the accounts specified in the `Accounts` parameter.\n- `UNION` StackSet deploys to the OU, and the accounts specified in the `Accounts` parameter. `UNION` is not supported for create operations when using StackSet as a resource.", - "title": "AccountFilterType", - "type": "string" - }, - "Accounts": { + "TableNames": { "items": { "type": "string" }, - "markdownDescription": "The account IDs of the AWS accounts . If you have many account numbers, you can provide those accounts using the `AccountsUrl` property instead.\n\n*Pattern* : `^[0-9]{12}$`", - "title": "Accounts", + "markdownDescription": "A list of names of the tables to use.", + "title": "TableNames", "type": "array" + } + }, + "required": [ + "TableNames" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.RedshiftQueryEngineConfiguration": { + "additionalProperties": false, + "properties": { + "ProvisionedConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.RedshiftProvisionedConfiguration", + "markdownDescription": "Specifies configurations for a provisioned Amazon Redshift query engine.", + "title": "ProvisionedConfiguration" }, - "AccountsUrl": { - "markdownDescription": "The Amazon S3 URL path to a file that contains a list of AWS account IDs. The file format must be either `.csv` or `.txt` , and the data can be comma-separated or new-line-separated. There is currently a 10MB limit for the data (approximately 800,000 accounts).", - "title": "AccountsUrl", - "type": "string" + "ServerlessConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.RedshiftServerlessConfiguration", + "markdownDescription": "Specifies configurations for a serverless Amazon Redshift query engine.", + "title": "ServerlessConfiguration" }, - "OrganizationalUnitIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The organization root ID or organizational unit (OU) IDs.\n\n*Pattern* : `^(ou-[a-z0-9]{4,32}-[a-z0-9]{8,32}|r-[a-z0-9]{4,32})$`", - "title": "OrganizationalUnitIds", - "type": "array" + "Type": { + "markdownDescription": "The type of query engine.", + "title": "Type", + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::CloudFormation::StackSet.ManagedExecution": { + "AWS::Bedrock::KnowledgeBase.RedshiftQueryEngineRedshiftStorageConfiguration": { "additionalProperties": false, "properties": { - "Active": { - "markdownDescription": "When `true` , StackSets performs non-conflicting operations concurrently and queues conflicting operations. After conflicting operations finish, StackSets starts queued operations in request order.\n\n> If there are already running or queued operations, StackSets queues all incoming operations even if they are non-conflicting.\n> \n> You can't modify your stack set's execution configuration while there are running or queued operations for that stack set. \n\nWhen `false` (default), StackSets performs one operation at a time in request order.", - "title": "Active", - "type": "boolean" + "DatabaseName": { + "markdownDescription": "The name of the Amazon Redshift database.", + "title": "DatabaseName", + "type": "string" } }, + "required": [ + "DatabaseName" + ], "type": "object" }, - "AWS::CloudFormation::StackSet.OperationPreferences": { + "AWS::Bedrock::KnowledgeBase.RedshiftQueryEngineStorageConfiguration": { "additionalProperties": false, "properties": { - "FailureToleranceCount": { - "markdownDescription": "The number of accounts, per Region, for which this operation can fail before CloudFormation stops the operation in that Region. If the operation is stopped in a Region, CloudFormation doesn't attempt the operation in any subsequent Regions.\n\nConditional: You must specify either `FailureToleranceCount` or `FailureTolerancePercentage` (but not both).", - "title": "FailureToleranceCount", - "type": "number" - }, - "FailureTolerancePercentage": { - "markdownDescription": "The percentage of accounts, per Region, for which this stack operation can fail before CloudFormation stops the operation in that Region. If the operation is stopped in a Region, CloudFormation doesn't attempt the operation in any subsequent Regions.\n\nWhen calculating the number of accounts based on the specified percentage, CloudFormation rounds *down* to the next whole number.\n\nConditional: You must specify either `FailureToleranceCount` or `FailureTolerancePercentage` , but not both.", - "title": "FailureTolerancePercentage", - "type": "number" + "AwsDataCatalogConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.RedshiftQueryEngineAwsDataCatalogStorageConfiguration", + "markdownDescription": "Specifies configurations for storage in AWS Glue Data Catalog.", + "title": "AwsDataCatalogConfiguration" }, - "MaxConcurrentCount": { - "markdownDescription": "The maximum number of accounts in which to perform this operation at one time. This is dependent on the value of `FailureToleranceCount` . `MaxConcurrentCount` is at most one more than the `FailureToleranceCount` .\n\nNote that this setting lets you specify the *maximum* for operations. For large deployments, under certain circumstances the actual number of accounts acted upon concurrently may be lower due to service throttling.\n\nConditional: You must specify either `MaxConcurrentCount` or `MaxConcurrentPercentage` , but not both.", - "title": "MaxConcurrentCount", - "type": "number" + "RedshiftConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.RedshiftQueryEngineRedshiftStorageConfiguration", + "markdownDescription": "Specifies configurations for storage in Amazon Redshift.", + "title": "RedshiftConfiguration" }, - "MaxConcurrentPercentage": { - "markdownDescription": "The maximum percentage of accounts in which to perform this operation at one time.\n\nWhen calculating the number of accounts based on the specified percentage, CloudFormation rounds down to the next whole number. This is true except in cases where rounding down would result is zero. In this case, CloudFormation sets the number as one instead.\n\nNote that this setting lets you specify the *maximum* for operations. For large deployments, under certain circumstances the actual number of accounts acted upon concurrently may be lower due to service throttling.\n\nConditional: You must specify either `MaxConcurrentCount` or `MaxConcurrentPercentage` , but not both.", - "title": "MaxConcurrentPercentage", - "type": "number" + "Type": { + "markdownDescription": "The data storage service to use.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.RedshiftServerlessAuthConfiguration": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "The type of authentication to use.", + "title": "Type", + "type": "string" }, - "RegionConcurrencyType": { - "markdownDescription": "The concurrency type of deploying StackSets operations in Regions, could be in parallel or one Region at a time.", - "title": "RegionConcurrencyType", + "UsernamePasswordSecretArn": { + "markdownDescription": "The ARN of an Secrets Manager secret for authentication.", + "title": "UsernamePasswordSecretArn", "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.RedshiftServerlessConfiguration": { + "additionalProperties": false, + "properties": { + "AuthConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.RedshiftServerlessAuthConfiguration", + "markdownDescription": "Specifies configurations for authentication to an Amazon Redshift provisioned data warehouse.", + "title": "AuthConfiguration" }, - "RegionOrder": { - "items": { - "type": "string" - }, - "markdownDescription": "The order of the Regions where you want to perform the stack operation.", - "title": "RegionOrder", - "type": "array" + "WorkgroupArn": { + "markdownDescription": "The ARN of the Amazon Redshift workgroup.", + "title": "WorkgroupArn", + "type": "string" } }, + "required": [ + "AuthConfiguration", + "WorkgroupArn" + ], "type": "object" }, - "AWS::CloudFormation::StackSet.Parameter": { + "AWS::Bedrock::KnowledgeBase.S3Location": { "additionalProperties": false, "properties": { - "ParameterKey": { - "markdownDescription": "The key associated with the parameter. If you don't specify a key and value for a particular parameter, CloudFormation uses the default value that's specified in your template.", - "title": "ParameterKey", + "URI": { + "markdownDescription": "An object URI starting with `s3://` .", + "title": "URI", "type": "string" + } + }, + "required": [ + "URI" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.SqlKnowledgeBaseConfiguration": { + "additionalProperties": false, + "properties": { + "RedshiftConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.RedshiftConfiguration", + "markdownDescription": "Specifies configurations for a knowledge base connected to an Amazon Redshift database.", + "title": "RedshiftConfiguration" }, - "ParameterValue": { - "markdownDescription": "The input value associated with the parameter.", - "title": "ParameterValue", + "Type": { + "markdownDescription": "The type of SQL database to connect to the knowledge base.", + "title": "Type", "type": "string" } }, "required": [ - "ParameterKey", - "ParameterValue" + "Type" ], "type": "object" }, - "AWS::CloudFormation::StackSet.StackInstances": { + "AWS::Bedrock::KnowledgeBase.StorageConfiguration": { "additionalProperties": false, "properties": { - "DeploymentTargets": { - "$ref": "#/definitions/AWS::CloudFormation::StackSet.DeploymentTargets", - "markdownDescription": "The AWS `OrganizationalUnitIds` or `Accounts` for which to create stack instances in the specified Regions.", - "title": "DeploymentTargets" + "MongoDbAtlasConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.MongoDbAtlasConfiguration", + "markdownDescription": "Contains the storage configuration of the knowledge base in MongoDB Atlas.", + "title": "MongoDbAtlasConfiguration" }, - "ParameterOverrides": { - "items": { - "$ref": "#/definitions/AWS::CloudFormation::StackSet.Parameter" - }, - "markdownDescription": "A list of stack set parameters whose values you want to override in the selected stack instances.", - "title": "ParameterOverrides", - "type": "array" + "NeptuneAnalyticsConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.NeptuneAnalyticsConfiguration", + "markdownDescription": "Contains details about the Neptune Analytics configuration of the knowledge base in Amazon Neptune. For more information, see [Create a vector index in Amazon Neptune Analytics.](https://docs.aws.amazon.com/bedrock/latest/userguide/knowledge-base-setup-neptune.html) .", + "title": "NeptuneAnalyticsConfiguration" }, - "Regions": { + "OpensearchManagedClusterConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.OpenSearchManagedClusterConfiguration", + "markdownDescription": "Contains details about the storage configuration of the knowledge base in OpenSearch Managed Cluster. For more information, see [Create a vector index in Amazon OpenSearch Service](https://docs.aws.amazon.com/bedrock/latest/userguide/knowledge-base-setup-osm.html) .", + "title": "OpensearchManagedClusterConfiguration" + }, + "OpensearchServerlessConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.OpenSearchServerlessConfiguration", + "markdownDescription": "Contains the storage configuration of the knowledge base in Amazon OpenSearch Service.", + "title": "OpensearchServerlessConfiguration" + }, + "PineconeConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.PineconeConfiguration", + "markdownDescription": "Contains the storage configuration of the knowledge base in Pinecone.", + "title": "PineconeConfiguration" + }, + "RdsConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.RdsConfiguration", + "markdownDescription": "Contains details about the storage configuration of the knowledge base in Amazon RDS. For more information, see [Create a vector index in Amazon RDS](https://docs.aws.amazon.com/bedrock/latest/userguide/knowledge-base-setup-rds.html) .", + "title": "RdsConfiguration" + }, + "Type": { + "markdownDescription": "The vector store service in which the knowledge base is stored.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.SupplementalDataStorageConfiguration": { + "additionalProperties": false, + "properties": { + "SupplementalDataStorageLocations": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.SupplementalDataStorageLocation" }, - "markdownDescription": "The names of one or more Regions where you want to create stack instances using the specified AWS accounts .", - "title": "Regions", + "markdownDescription": "", + "title": "SupplementalDataStorageLocations", "type": "array" } }, "required": [ - "DeploymentTargets", - "Regions" + "SupplementalDataStorageLocations" ], "type": "object" }, - "AWS::CloudFormation::TypeActivation": { + "AWS::Bedrock::KnowledgeBase.SupplementalDataStorageLocation": { + "additionalProperties": false, + "properties": { + "S3Location": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.S3Location", + "markdownDescription": "Contains information about the Amazon S3 location for the extracted images.", + "title": "S3Location" + }, + "SupplementalDataStorageLocationType": { + "markdownDescription": "", + "title": "SupplementalDataStorageLocationType", + "type": "string" + } + }, + "required": [ + "SupplementalDataStorageLocationType" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.VectorKnowledgeBaseConfiguration": { + "additionalProperties": false, + "properties": { + "EmbeddingModelArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the model used to create vector embeddings for the knowledge base.", + "title": "EmbeddingModelArn", + "type": "string" + }, + "EmbeddingModelConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.EmbeddingModelConfiguration", + "markdownDescription": "The embeddings model configuration details for the vector model used in Knowledge Base.", + "title": "EmbeddingModelConfiguration" + }, + "SupplementalDataStorageConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.SupplementalDataStorageConfiguration", + "markdownDescription": "If you include multimodal data from your data source, use this object to specify configurations for the storage location of the images extracted from your documents. These images can be retrieved and returned to the end user. They can also be used in generation when using [RetrieveAndGenerate](https://docs.aws.amazon.com/bedrock/latest/APIReference/API_agent-runtime_RetrieveAndGenerate.html) .", + "title": "SupplementalDataStorageConfiguration" + } + }, + "required": [ + "EmbeddingModelArn" + ], + "type": "object" + }, + "AWS::Bedrock::Prompt": { "additionalProperties": false, "properties": { "Condition": { @@ -35552,62 +39811,54 @@ "Properties": { "additionalProperties": false, "properties": { - "AutoUpdate": { - "markdownDescription": "Whether to automatically update the extension in this account and Region when a new *minor* version is published by the extension publisher. Major versions released by the publisher must be manually updated.\n\nThe default is `true` .", - "title": "AutoUpdate", - "type": "boolean" - }, - "ExecutionRoleArn": { - "markdownDescription": "The name of the IAM execution role to use to activate the extension.", - "title": "ExecutionRoleArn", - "type": "string" - }, - "LoggingConfig": { - "$ref": "#/definitions/AWS::CloudFormation::TypeActivation.LoggingConfig", - "markdownDescription": "Specifies logging configuration information for an extension.", - "title": "LoggingConfig" - }, - "MajorVersion": { - "markdownDescription": "The major version of this extension you want to activate, if multiple major versions are available. The default is the latest major version. CloudFormation uses the latest available *minor* version of the major version selected.\n\nYou can specify `MajorVersion` or `VersionBump` , but not both.", - "title": "MajorVersion", - "type": "string" - }, - "PublicTypeArn": { - "markdownDescription": "The Amazon Resource Number (ARN) of the public extension.\n\nConditional: You must specify `PublicTypeArn` , or `TypeName` , `Type` , and `PublisherId` .", - "title": "PublicTypeArn", + "CustomerEncryptionKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key that the prompt is encrypted with.", + "title": "CustomerEncryptionKeyArn", "type": "string" }, - "PublisherId": { - "markdownDescription": "The ID of the extension publisher.\n\nConditional: You must specify `PublicTypeArn` , or `TypeName` , `Type` , and `PublisherId` .", - "title": "PublisherId", + "DefaultVariant": { + "markdownDescription": "The name of the default variant for the prompt. This value must match the `name` field in the relevant [PromptVariant](https://docs.aws.amazon.com/bedrock/latest/APIReference/API_agent_PromptVariant.html) object.", + "title": "DefaultVariant", "type": "string" }, - "Type": { - "markdownDescription": "The extension type.\n\nConditional: You must specify `PublicTypeArn` , or `TypeName` , `Type` , and `PublisherId` .", - "title": "Type", + "Description": { + "markdownDescription": "The description of the prompt.", + "title": "Description", "type": "string" }, - "TypeName": { - "markdownDescription": "The name of the extension.\n\nConditional: You must specify `PublicTypeArn` , or `TypeName` , `Type` , and `PublisherId` .", - "title": "TypeName", + "Name": { + "markdownDescription": "The name of the prompt.", + "title": "Name", "type": "string" }, - "TypeNameAlias": { - "markdownDescription": "An alias to assign to the public extension, in this account and Region. If you specify an alias for the extension, CloudFormation treats the alias as the extension type name within this account and Region. You must use the alias to refer to the extension in your templates, API calls, and CloudFormation console.\n\nAn extension alias must be unique within a given account and Region. You can activate the same public resource multiple times in the same account and Region, using different type name aliases.", - "title": "TypeNameAlias", - "type": "string" + "Tags": { + "additionalProperties": true, + "markdownDescription": "Metadata that you can assign to a resource as key-value pairs. For more information, see the following resources:\n\n- [Tag naming limits and requirements](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-conventions)\n- [Tagging best practices](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-best-practices)", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" }, - "VersionBump": { - "markdownDescription": "Manually updates a previously-activated type to a new major or minor version, if available. You can also use this parameter to update the value of `AutoUpdate` .\n\n- `MAJOR` : CloudFormation updates the extension to the newest major version, if one is available.\n- `MINOR` : CloudFormation updates the extension to the newest minor version, if one is available.", - "title": "VersionBump", - "type": "string" + "Variants": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.PromptVariant" + }, + "markdownDescription": "A list of objects, each containing details about a variant of the prompt.", + "title": "Variants", + "type": "array" } }, + "required": [ + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFormation::TypeActivation" + "AWS::Bedrock::Prompt" ], "type": "string" }, @@ -35621,160 +39872,457 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::CloudFormation::TypeActivation.LoggingConfig": { + "AWS::Bedrock::Prompt.CachePointBlock": { "additionalProperties": false, "properties": { - "LogGroupName": { - "markdownDescription": "The Amazon CloudWatch Logs group to which CloudFormation sends error logging information when invoking the extension's handlers.", - "title": "LogGroupName", - "type": "string" - }, - "LogRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role that CloudFormation should assume when sending log entries to CloudWatch Logs.", - "title": "LogRoleArn", + "Type": { + "markdownDescription": "Specifies the type of cache point within the CachePointBlock.", + "title": "Type", "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::CloudFormation::WaitCondition": { + "AWS::Bedrock::Prompt.ChatPromptTemplateConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "InputVariables": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.PromptInputVariable" + }, + "markdownDescription": "An array of the variables in the prompt template.", + "title": "InputVariables", + "type": "array" + }, + "Messages": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.Message" + }, + "markdownDescription": "Contains messages in the chat for the prompt.", + "title": "Messages", + "type": "array" + }, + "System": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.SystemContentBlock" + }, + "markdownDescription": "Contains system prompts to provide context to the model or to describe how it should behave.", + "title": "System", + "type": "array" + }, + "ToolConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.ToolConfiguration", + "markdownDescription": "Configuration information for the tools that the model can use when generating a response.", + "title": "ToolConfiguration" + } + }, + "required": [ + "Messages" + ], + "type": "object" + }, + "AWS::Bedrock::Prompt.ContentBlock": { + "additionalProperties": false, + "properties": { + "CachePoint": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.CachePointBlock", + "markdownDescription": "CachePoint to include in the message.", + "title": "CachePoint" + }, + "Text": { + "markdownDescription": "Text to include in the message.", + "title": "Text", "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::Prompt.Message": { + "additionalProperties": false, + "properties": { + "Content": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.ContentBlock" + }, + "markdownDescription": "The message content. Note the following restrictions:\n\n- You can include up to 20 images. Each image's size, height, and width must be no more than 3.75 MB, 8000 px, and 8000 px, respectively.\n- You can include up to five documents. Each document's size must be no more than 4.5 MB.\n- If you include a `ContentBlock` with a `document` field in the array, you must also include a `ContentBlock` with a `text` field.\n- You can only include images and documents if the `role` is `user` .", + "title": "Content", + "type": "array" }, - "CreationPolicy": { - "type": "object" + "Role": { + "markdownDescription": "The role that the message plays in the message.", + "title": "Role", + "type": "string" + } + }, + "required": [ + "Content", + "Role" + ], + "type": "object" + }, + "AWS::Bedrock::Prompt.PromptAgentResource": { + "additionalProperties": false, + "properties": { + "AgentIdentifier": { + "markdownDescription": "The ARN of the agent with which to use the prompt.", + "title": "AgentIdentifier", + "type": "string" + } + }, + "required": [ + "AgentIdentifier" + ], + "type": "object" + }, + "AWS::Bedrock::Prompt.PromptGenAiResource": { + "additionalProperties": false, + "properties": { + "Agent": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.PromptAgentResource", + "markdownDescription": "Specifies an Amazon Bedrock agent with which to use the prompt.", + "title": "Agent" + } + }, + "required": [ + "Agent" + ], + "type": "object" + }, + "AWS::Bedrock::Prompt.PromptInferenceConfiguration": { + "additionalProperties": false, + "properties": { + "Text": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.PromptModelInferenceConfiguration", + "markdownDescription": "Contains inference configurations for a text prompt.", + "title": "Text" + } + }, + "required": [ + "Text" + ], + "type": "object" + }, + "AWS::Bedrock::Prompt.PromptInputVariable": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the variable.", + "title": "Name", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::Prompt.PromptMetadataEntry": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The key of a metadata tag for a prompt variant.", + "title": "Key", + "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Value": { + "markdownDescription": "The value of a metadata tag for a prompt variant.", + "title": "Value", "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::Bedrock::Prompt.PromptModelInferenceConfiguration": { + "additionalProperties": false, + "properties": { + "MaxTokens": { + "markdownDescription": "The maximum number of tokens to return in the response.", + "title": "MaxTokens", + "type": "number" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "StopSequences": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of strings that define sequences after which the model will stop generating.", + "title": "StopSequences", + "type": "array" }, - "Metadata": { + "Temperature": { + "markdownDescription": "Controls the randomness of the response. Choose a lower value for more predictable outputs and a higher value for more surprising outputs.", + "title": "Temperature", + "type": "number" + }, + "TopP": { + "markdownDescription": "The percentage of most-likely candidates that the model considers for the next token.", + "title": "TopP", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Bedrock::Prompt.PromptTemplateConfiguration": { + "additionalProperties": false, + "properties": { + "Chat": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.ChatPromptTemplateConfiguration", + "markdownDescription": "Contains configurations to use the prompt in a conversational format.", + "title": "Chat" + }, + "Text": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.TextPromptTemplateConfiguration", + "markdownDescription": "Contains configurations for the text in a message for a prompt.", + "title": "Text" + } + }, + "type": "object" + }, + "AWS::Bedrock::Prompt.PromptVariant": { + "additionalProperties": false, + "properties": { + "AdditionalModelRequestFields": { + "markdownDescription": "Contains model-specific inference configurations that aren't in the `inferenceConfiguration` field. To see model-specific inference parameters, see [Inference request parameters and response fields for foundation models](https://docs.aws.amazon.com/bedrock/latest/userguide/model-parameters.html) .", + "title": "AdditionalModelRequestFields", "type": "object" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Count": { - "markdownDescription": "The number of success signals that CloudFormation must receive before it continues the stack creation process. When the wait condition receives the requisite number of success signals, CloudFormation resumes the creation of the stack. If the wait condition doesn't receive the specified number of success signals before the Timeout period expires, CloudFormation assumes that the wait condition has failed and rolls the stack back.\n\nUpdates aren't supported.", - "title": "Count", - "type": "number" - }, - "Handle": { - "markdownDescription": "A reference to the wait condition handle used to signal this wait condition. Use the `Ref` intrinsic function to specify an [AWS::CloudFormation::WaitConditionHandle](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudformation-waitconditionhandle.html) resource.\n\nAnytime you add a `WaitCondition` resource during a stack update, you must associate the wait condition with a new WaitConditionHandle resource. Don't reuse an old wait condition handle that has already been defined in the template. If you reuse a wait condition handle, the wait condition might evaluate old signals from a previous create or update stack command.\n\nUpdates aren't supported.", - "title": "Handle", - "type": "string" - }, - "Timeout": { - "markdownDescription": "The length of time (in seconds) to wait for the number of signals that the `Count` property specifies. `Timeout` is a minimum-bound property, meaning the timeout occurs no sooner than the time you specify, but can occur shortly thereafter. The maximum time that can be specified for this property is 12 hours (43200 seconds).\n\nUpdates aren't supported.", - "title": "Timeout", - "type": "string" - } + "GenAiResource": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.PromptGenAiResource", + "markdownDescription": "Specifies a generative AI resource with which to use the prompt.", + "title": "GenAiResource" + }, + "InferenceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.PromptInferenceConfiguration", + "markdownDescription": "Contains inference configurations for the prompt variant.", + "title": "InferenceConfiguration" + }, + "Metadata": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.PromptMetadataEntry" }, - "type": "object" + "markdownDescription": "An array of objects, each containing a key-value pair that defines a metadata tag and value to attach to a prompt variant.", + "title": "Metadata", + "type": "array" }, - "Type": { - "enum": [ - "AWS::CloudFormation::WaitCondition" - ], + "ModelId": { + "markdownDescription": "The unique identifier of the model or [inference profile](https://docs.aws.amazon.com/bedrock/latest/userguide/cross-region-inference.html) with which to run inference on the prompt.", + "title": "ModelId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "The name of the prompt variant.", + "title": "Name", + "type": "string" + }, + "TemplateConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.PromptTemplateConfiguration", + "markdownDescription": "Contains configurations for the prompt template.", + "title": "TemplateConfiguration" + }, + "TemplateType": { + "markdownDescription": "The type of prompt template to use.", + "title": "TemplateType", "type": "string" } }, "required": [ - "Type" + "Name", + "TemplateConfiguration", + "TemplateType" ], "type": "object" }, - "AWS::CloudFormation::WaitConditionHandle": { + "AWS::Bedrock::Prompt.SpecificToolChoice": { "additionalProperties": false, "properties": { - "Condition": { + "Name": { + "markdownDescription": "The name of the tool that the model must request.", + "title": "Name", "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::Bedrock::Prompt.SystemContentBlock": { + "additionalProperties": false, + "properties": { + "CachePoint": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.CachePointBlock", + "markdownDescription": "CachePoint to include in the system prompt.", + "title": "CachePoint" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Text": { + "markdownDescription": "A system prompt for the model.", + "title": "Text", "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::Prompt.TextPromptTemplateConfiguration": { + "additionalProperties": false, + "properties": { + "CachePoint": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.CachePointBlock", + "markdownDescription": "A cache checkpoint within a template configuration.", + "title": "CachePoint" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "InputVariables": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.PromptInputVariable" + }, + "markdownDescription": "An array of the variables in the prompt template.", + "title": "InputVariables", + "type": "array" }, - "Metadata": { + "Text": { + "markdownDescription": "The message for the prompt.", + "title": "Text", + "type": "string" + }, + "TextS3Location": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.TextS3Location", + "markdownDescription": "The Amazon S3 location of the prompt text.", + "title": "TextS3Location" + } + }, + "type": "object" + }, + "AWS::Bedrock::Prompt.TextS3Location": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The Amazon S3 bucket containing the prompt text.", + "title": "Bucket", + "type": "string" + }, + "Key": { + "markdownDescription": "The object key for the Amazon S3 location.", + "title": "Key", + "type": "string" + }, + "Version": { + "markdownDescription": "The version of the Amazon S3 location to use.", + "title": "Version", + "type": "string" + } + }, + "required": [ + "Bucket", + "Key" + ], + "type": "object" + }, + "AWS::Bedrock::Prompt.Tool": { + "additionalProperties": false, + "properties": { + "CachePoint": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.CachePointBlock", + "markdownDescription": "CachePoint to include in the tool configuration.", + "title": "CachePoint" + }, + "ToolSpec": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.ToolSpecification", + "markdownDescription": "The specfication for the tool.", + "title": "ToolSpec" + } + }, + "type": "object" + }, + "AWS::Bedrock::Prompt.ToolChoice": { + "additionalProperties": false, + "properties": { + "Any": { + "markdownDescription": "The model must request at least one tool (no text is generated).", + "title": "Any", "type": "object" }, - "Properties": { - "additionalProperties": false, - "properties": {}, + "Auto": { + "markdownDescription": "(Default). The Model automatically decides if a tool should be called or whether to generate text instead.", + "title": "Auto", "type": "object" }, - "Type": { - "enum": [ - "AWS::CloudFormation::WaitConditionHandle" - ], + "Tool": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.SpecificToolChoice", + "markdownDescription": "The Model must request the specified tool. Only supported by Anthropic Claude 3 and Amazon Nova models.", + "title": "Tool" + } + }, + "type": "object" + }, + "AWS::Bedrock::Prompt.ToolConfiguration": { + "additionalProperties": false, + "properties": { + "ToolChoice": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.ToolChoice", + "markdownDescription": "If supported by model, forces the model to request a tool.", + "title": "ToolChoice" + }, + "Tools": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.Tool" + }, + "markdownDescription": "An array of tools that you want to pass to a model.", + "title": "Tools", + "type": "array" + } + }, + "required": [ + "Tools" + ], + "type": "object" + }, + "AWS::Bedrock::Prompt.ToolInputSchema": { + "additionalProperties": false, + "properties": { + "Json": { + "markdownDescription": "The JSON schema for the tool. For more information, see [JSON Schema Reference](https://docs.aws.amazon.com/https://json-schema.org/understanding-json-schema/reference) .", + "title": "Json", + "type": "object" + } + }, + "required": [ + "Json" + ], + "type": "object" + }, + "AWS::Bedrock::Prompt.ToolSpecification": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description for the tool.", + "title": "Description", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "InputSchema": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.ToolInputSchema", + "markdownDescription": "The input schema for the tool in JSON format.", + "title": "InputSchema" + }, + "Name": { + "markdownDescription": "The name for the tool.", + "title": "Name", "type": "string" } }, "required": [ - "Type" + "InputSchema", + "Name" ], "type": "object" }, - "AWS::CloudFront::CachePolicy": { + "AWS::Bedrock::PromptVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -35809,20 +40357,36 @@ "Properties": { "additionalProperties": false, "properties": { - "CachePolicyConfig": { - "$ref": "#/definitions/AWS::CloudFront::CachePolicy.CachePolicyConfig", - "markdownDescription": "The cache policy configuration.", - "title": "CachePolicyConfig" + "Description": { + "markdownDescription": "The description of the prompt version.", + "title": "Description", + "type": "string" + }, + "PromptArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the version of the prompt.", + "title": "PromptArn", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "A map of tags attached to the prompt version and their values.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" } }, "required": [ - "CachePolicyConfig" + "PromptArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFront::CachePolicy" + "AWS::Bedrock::PromptVersion" ], "type": "string" }, @@ -35841,153 +40405,425 @@ ], "type": "object" }, - "AWS::CloudFront::CachePolicy.CachePolicyConfig": { + "AWS::Bedrock::PromptVersion.CachePointBlock": { "additionalProperties": false, "properties": { - "Comment": { - "markdownDescription": "A comment to describe the cache policy. The comment cannot be longer than 128 characters.", - "title": "Comment", + "Type": { + "markdownDescription": "Specifies the type of cache point within the CachePointBlock.", + "title": "Type", "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Bedrock::PromptVersion.ChatPromptTemplateConfiguration": { + "additionalProperties": false, + "properties": { + "InputVariables": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.PromptInputVariable" + }, + "markdownDescription": "An array of the variables in the prompt template.", + "title": "InputVariables", + "type": "array" }, - "DefaultTTL": { - "markdownDescription": "The default amount of time, in seconds, that you want objects to stay in the CloudFront cache before CloudFront sends another request to the origin to see if the object has been updated. CloudFront uses this value as the object's time to live (TTL) only when the origin does *not* send `Cache-Control` or `Expires` headers with the object. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .\n\nThe default value for this field is 86400 seconds (one day). If the value of `MinTTL` is more than 86400 seconds, then the default value for this field is the same as the value of `MinTTL` .", - "title": "DefaultTTL", - "type": "number" + "Messages": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.Message" + }, + "markdownDescription": "Contains messages in the chat for the prompt.", + "title": "Messages", + "type": "array" }, - "MaxTTL": { - "markdownDescription": "The maximum amount of time, in seconds, that objects stay in the CloudFront cache before CloudFront sends another request to the origin to see if the object has been updated. CloudFront uses this value only when the origin sends `Cache-Control` or `Expires` headers with the object. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .\n\nThe default value for this field is 31536000 seconds (one year). If the value of `MinTTL` or `DefaultTTL` is more than 31536000 seconds, then the default value for this field is the same as the value of `DefaultTTL` .", - "title": "MaxTTL", - "type": "number" + "System": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.SystemContentBlock" + }, + "markdownDescription": "Contains system prompts to provide context to the model or to describe how it should behave.", + "title": "System", + "type": "array" }, - "MinTTL": { - "markdownDescription": "The minimum amount of time, in seconds, that you want objects to stay in the CloudFront cache before CloudFront sends another request to the origin to see if the object has been updated. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", - "title": "MinTTL", - "type": "number" + "ToolConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.ToolConfiguration", + "markdownDescription": "Configuration information for the tools that the model can use when generating a response.", + "title": "ToolConfiguration" + } + }, + "required": [ + "Messages" + ], + "type": "object" + }, + "AWS::Bedrock::PromptVersion.ContentBlock": { + "additionalProperties": false, + "properties": { + "CachePoint": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.CachePointBlock", + "markdownDescription": "CachePoint to include in the message.", + "title": "CachePoint" }, + "Text": { + "markdownDescription": "Text to include in the message.", + "title": "Text", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::PromptVersion.Message": { + "additionalProperties": false, + "properties": { + "Content": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.ContentBlock" + }, + "markdownDescription": "The message content. Note the following restrictions:\n\n- You can include up to 20 images. Each image's size, height, and width must be no more than 3.75 MB, 8000 px, and 8000 px, respectively.\n- You can include up to five documents. Each document's size must be no more than 4.5 MB.\n- If you include a `ContentBlock` with a `document` field in the array, you must also include a `ContentBlock` with a `text` field.\n- You can only include images and documents if the `role` is `user` .", + "title": "Content", + "type": "array" + }, + "Role": { + "markdownDescription": "The role that the message plays in the message.", + "title": "Role", + "type": "string" + } + }, + "required": [ + "Content", + "Role" + ], + "type": "object" + }, + "AWS::Bedrock::PromptVersion.PromptAgentResource": { + "additionalProperties": false, + "properties": { + "AgentIdentifier": { + "markdownDescription": "The ARN of the agent with which to use the prompt.", + "title": "AgentIdentifier", + "type": "string" + } + }, + "required": [ + "AgentIdentifier" + ], + "type": "object" + }, + "AWS::Bedrock::PromptVersion.PromptGenAiResource": { + "additionalProperties": false, + "properties": { + "Agent": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.PromptAgentResource", + "markdownDescription": "Specifies an Amazon Bedrock agent with which to use the prompt.", + "title": "Agent" + } + }, + "required": [ + "Agent" + ], + "type": "object" + }, + "AWS::Bedrock::PromptVersion.PromptInferenceConfiguration": { + "additionalProperties": false, + "properties": { + "Text": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.PromptModelInferenceConfiguration", + "markdownDescription": "Contains inference configurations for a text prompt.", + "title": "Text" + } + }, + "required": [ + "Text" + ], + "type": "object" + }, + "AWS::Bedrock::PromptVersion.PromptInputVariable": { + "additionalProperties": false, + "properties": { "Name": { - "markdownDescription": "A unique name to identify the cache policy.", + "markdownDescription": "The name of the variable.", "title": "Name", "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::PromptVersion.PromptMetadataEntry": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The key of a metadata tag for a prompt variant.", + "title": "Key", + "type": "string" }, - "ParametersInCacheKeyAndForwardedToOrigin": { - "$ref": "#/definitions/AWS::CloudFront::CachePolicy.ParametersInCacheKeyAndForwardedToOrigin", - "markdownDescription": "The HTTP headers, cookies, and URL query strings to include in the cache key. The values included in the cache key are also included in requests that CloudFront sends to the origin.", - "title": "ParametersInCacheKeyAndForwardedToOrigin" + "Value": { + "markdownDescription": "The value of a metadata tag for a prompt variant.", + "title": "Value", + "type": "string" } }, "required": [ - "DefaultTTL", - "MaxTTL", - "MinTTL", - "Name", - "ParametersInCacheKeyAndForwardedToOrigin" + "Key", + "Value" ], "type": "object" }, - "AWS::CloudFront::CachePolicy.CookiesConfig": { + "AWS::Bedrock::PromptVersion.PromptModelInferenceConfiguration": { "additionalProperties": false, "properties": { - "CookieBehavior": { - "markdownDescription": "Determines whether any cookies in viewer requests are included in the cache key and in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` \u2013 No cookies in viewer requests are included in the cache key or in requests that CloudFront sends to the origin. Even when this field is set to `none` , any cookies that are listed in an `OriginRequestPolicy` *are* included in origin requests.\n- `whitelist` \u2013 Only the cookies in viewer requests that are listed in the `CookieNames` type are included in the cache key and in requests that CloudFront sends to the origin.\n- `allExcept` \u2013 All cookies in viewer requests are included in the cache key and in requests that CloudFront sends to the origin, **except** for those that are listed in the `CookieNames` type, which are not included.\n- `all` \u2013 All cookies in viewer requests are included in the cache key and in requests that CloudFront sends to the origin.", - "title": "CookieBehavior", - "type": "string" + "MaxTokens": { + "markdownDescription": "The maximum number of tokens to return in the response.", + "title": "MaxTokens", + "type": "number" }, - "Cookies": { + "StopSequences": { "items": { "type": "string" }, - "markdownDescription": "Contains a list of cookie names.", - "title": "Cookies", + "markdownDescription": "A list of strings that define sequences after which the model will stop generating.", + "title": "StopSequences", + "type": "array" + }, + "Temperature": { + "markdownDescription": "Controls the randomness of the response. Choose a lower value for more predictable outputs and a higher value for more surprising outputs.", + "title": "Temperature", + "type": "number" + }, + "TopP": { + "markdownDescription": "The percentage of most-likely candidates that the model considers for the next token.", + "title": "TopP", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Bedrock::PromptVersion.PromptTemplateConfiguration": { + "additionalProperties": false, + "properties": { + "Chat": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.ChatPromptTemplateConfiguration", + "markdownDescription": "Contains configurations to use the prompt in a conversational format.", + "title": "Chat" + }, + "Text": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.TextPromptTemplateConfiguration", + "markdownDescription": "Contains configurations for the text in a message for a prompt.", + "title": "Text" + } + }, + "type": "object" + }, + "AWS::Bedrock::PromptVersion.PromptVariant": { + "additionalProperties": false, + "properties": { + "AdditionalModelRequestFields": { + "markdownDescription": "Contains model-specific inference configurations that aren't in the `inferenceConfiguration` field. To see model-specific inference parameters, see [Inference request parameters and response fields for foundation models](https://docs.aws.amazon.com/bedrock/latest/userguide/model-parameters.html) .", + "title": "AdditionalModelRequestFields", + "type": "object" + }, + "GenAiResource": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.PromptGenAiResource", + "markdownDescription": "Specifies a generative AI resource with which to use the prompt.", + "title": "GenAiResource" + }, + "InferenceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.PromptInferenceConfiguration", + "markdownDescription": "Contains inference configurations for the prompt variant.", + "title": "InferenceConfiguration" + }, + "Metadata": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.PromptMetadataEntry" + }, + "markdownDescription": "An array of objects, each containing a key-value pair that defines a metadata tag and value to attach to a prompt variant.", + "title": "Metadata", "type": "array" + }, + "ModelId": { + "markdownDescription": "The unique identifier of the model or [inference profile](https://docs.aws.amazon.com/bedrock/latest/userguide/cross-region-inference.html) with which to run inference on the prompt.", + "title": "ModelId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the prompt variant.", + "title": "Name", + "type": "string" + }, + "TemplateConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.PromptTemplateConfiguration", + "markdownDescription": "Contains configurations for the prompt template.", + "title": "TemplateConfiguration" + }, + "TemplateType": { + "markdownDescription": "The type of prompt template to use.", + "title": "TemplateType", + "type": "string" } }, "required": [ - "CookieBehavior" + "Name", + "TemplateConfiguration", + "TemplateType" ], "type": "object" }, - "AWS::CloudFront::CachePolicy.HeadersConfig": { + "AWS::Bedrock::PromptVersion.SpecificToolChoice": { "additionalProperties": false, "properties": { - "HeaderBehavior": { - "markdownDescription": "Determines whether any HTTP headers are included in the cache key and in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` \u2013 No HTTP headers are included in the cache key or in requests that CloudFront sends to the origin. Even when this field is set to `none` , any headers that are listed in an `OriginRequestPolicy` *are* included in origin requests.\n- `whitelist` \u2013 Only the HTTP headers that are listed in the `Headers` type are included in the cache key and in requests that CloudFront sends to the origin.", - "title": "HeaderBehavior", + "Name": { + "markdownDescription": "The name of the tool that the model must request.", + "title": "Name", "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::Bedrock::PromptVersion.SystemContentBlock": { + "additionalProperties": false, + "properties": { + "CachePoint": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.CachePointBlock", + "markdownDescription": "CachePoint to include in the system prompt.", + "title": "CachePoint" }, - "Headers": { + "Text": { + "markdownDescription": "A system prompt for the model.", + "title": "Text", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::PromptVersion.TextPromptTemplateConfiguration": { + "additionalProperties": false, + "properties": { + "CachePoint": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.CachePointBlock", + "markdownDescription": "A cache checkpoint within a template configuration.", + "title": "CachePoint" + }, + "InputVariables": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.PromptInputVariable" }, - "markdownDescription": "Contains a list of HTTP header names.", - "title": "Headers", + "markdownDescription": "An array of the variables in the prompt template.", + "title": "InputVariables", "type": "array" + }, + "Text": { + "markdownDescription": "The message for the prompt.", + "title": "Text", + "type": "string" } }, "required": [ - "HeaderBehavior" + "Text" ], "type": "object" }, - "AWS::CloudFront::CachePolicy.ParametersInCacheKeyAndForwardedToOrigin": { + "AWS::Bedrock::PromptVersion.Tool": { "additionalProperties": false, "properties": { - "CookiesConfig": { - "$ref": "#/definitions/AWS::CloudFront::CachePolicy.CookiesConfig", - "markdownDescription": "An object that determines whether any cookies in viewer requests (and if so, which cookies) are included in the cache key and in requests that CloudFront sends to the origin.", - "title": "CookiesConfig" + "CachePoint": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.CachePointBlock", + "markdownDescription": "CachePoint to include in the tool configuration.", + "title": "CachePoint" }, - "EnableAcceptEncodingBrotli": { - "markdownDescription": "A flag that can affect whether the `Accept-Encoding` HTTP header is included in the cache key and included in requests that CloudFront sends to the origin.\n\nThis field is related to the `EnableAcceptEncodingGzip` field. If one or both of these fields is `true` *and* the viewer request includes the `Accept-Encoding` header, then CloudFront does the following:\n\n- Normalizes the value of the viewer's `Accept-Encoding` header\n- Includes the normalized header in the cache key\n- Includes the normalized header in the request to the origin, if a request is necessary\n\nFor more information, see [Compression support](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-policy-compressed-objects) in the *Amazon CloudFront Developer Guide* .\n\nIf you set this value to `true` , and this cache behavior also has an origin request policy attached, do not include the `Accept-Encoding` header in the origin request policy. CloudFront always includes the `Accept-Encoding` header in origin requests when the value of this field is `true` , so including this header in an origin request policy has no effect.\n\nIf both of these fields are `false` , then CloudFront treats the `Accept-Encoding` header the same as any other HTTP header in the viewer request. By default, it's not included in the cache key and it's not included in origin requests. In this case, you can manually add `Accept-Encoding` to the headers whitelist like any other HTTP header.", - "title": "EnableAcceptEncodingBrotli", - "type": "boolean" + "ToolSpec": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.ToolSpecification", + "markdownDescription": "The specfication for the tool.", + "title": "ToolSpec" + } + }, + "type": "object" + }, + "AWS::Bedrock::PromptVersion.ToolChoice": { + "additionalProperties": false, + "properties": { + "Any": { + "markdownDescription": "The model must request at least one tool (no text is generated).", + "title": "Any", + "type": "object" }, - "EnableAcceptEncodingGzip": { - "markdownDescription": "A flag that can affect whether the `Accept-Encoding` HTTP header is included in the cache key and included in requests that CloudFront sends to the origin.\n\nThis field is related to the `EnableAcceptEncodingBrotli` field. If one or both of these fields is `true` *and* the viewer request includes the `Accept-Encoding` header, then CloudFront does the following:\n\n- Normalizes the value of the viewer's `Accept-Encoding` header\n- Includes the normalized header in the cache key\n- Includes the normalized header in the request to the origin, if a request is necessary\n\nFor more information, see [Compression support](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-policy-compressed-objects) in the *Amazon CloudFront Developer Guide* .\n\nIf you set this value to `true` , and this cache behavior also has an origin request policy attached, do not include the `Accept-Encoding` header in the origin request policy. CloudFront always includes the `Accept-Encoding` header in origin requests when the value of this field is `true` , so including this header in an origin request policy has no effect.\n\nIf both of these fields are `false` , then CloudFront treats the `Accept-Encoding` header the same as any other HTTP header in the viewer request. By default, it's not included in the cache key and it's not included in origin requests. In this case, you can manually add `Accept-Encoding` to the headers whitelist like any other HTTP header.", - "title": "EnableAcceptEncodingGzip", - "type": "boolean" + "Auto": { + "markdownDescription": "(Default). The Model automatically decides if a tool should be called or whether to generate text instead.", + "title": "Auto", + "type": "object" }, - "HeadersConfig": { - "$ref": "#/definitions/AWS::CloudFront::CachePolicy.HeadersConfig", - "markdownDescription": "An object that determines whether any HTTP headers (and if so, which headers) are included in the cache key and in requests that CloudFront sends to the origin.", - "title": "HeadersConfig" + "Tool": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.SpecificToolChoice", + "markdownDescription": "The Model must request the specified tool. Only supported by Anthropic Claude 3 and Amazon Nova models.", + "title": "Tool" + } + }, + "type": "object" + }, + "AWS::Bedrock::PromptVersion.ToolConfiguration": { + "additionalProperties": false, + "properties": { + "ToolChoice": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.ToolChoice", + "markdownDescription": "If supported by model, forces the model to request a tool.", + "title": "ToolChoice" }, - "QueryStringsConfig": { - "$ref": "#/definitions/AWS::CloudFront::CachePolicy.QueryStringsConfig", - "markdownDescription": "An object that determines whether any URL query strings in viewer requests (and if so, which query strings) are included in the cache key and in requests that CloudFront sends to the origin.", - "title": "QueryStringsConfig" + "Tools": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.Tool" + }, + "markdownDescription": "An array of tools that you want to pass to a model.", + "title": "Tools", + "type": "array" } }, "required": [ - "CookiesConfig", - "EnableAcceptEncodingGzip", - "HeadersConfig", - "QueryStringsConfig" + "Tools" ], "type": "object" }, - "AWS::CloudFront::CachePolicy.QueryStringsConfig": { + "AWS::Bedrock::PromptVersion.ToolInputSchema": { "additionalProperties": false, "properties": { - "QueryStringBehavior": { - "markdownDescription": "Determines whether any URL query strings in viewer requests are included in the cache key and in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` \u2013 No query strings in viewer requests are included in the cache key or in requests that CloudFront sends to the origin. Even when this field is set to `none` , any query strings that are listed in an `OriginRequestPolicy` *are* included in origin requests.\n- `whitelist` \u2013 Only the query strings in viewer requests that are listed in the `QueryStringNames` type are included in the cache key and in requests that CloudFront sends to the origin.\n- `allExcept` \u2013 All query strings in viewer requests are included in the cache key and in requests that CloudFront sends to the origin, **except** those that are listed in the `QueryStringNames` type, which are not included.\n- `all` \u2013 All query strings in viewer requests are included in the cache key and in requests that CloudFront sends to the origin.", - "title": "QueryStringBehavior", + "Json": { + "markdownDescription": "The JSON schema for the tool. For more information, see [JSON Schema Reference](https://docs.aws.amazon.com/https://json-schema.org/understanding-json-schema/reference) .", + "title": "Json", + "type": "object" + } + }, + "required": [ + "Json" + ], + "type": "object" + }, + "AWS::Bedrock::PromptVersion.ToolSpecification": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description for the tool.", + "title": "Description", "type": "string" }, - "QueryStrings": { - "items": { - "type": "string" - }, - "markdownDescription": "Contains a list of query string names.", - "title": "QueryStrings", - "type": "array" + "InputSchema": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.ToolInputSchema", + "markdownDescription": "The input schema for the tool in JSON format.", + "title": "InputSchema" + }, + "Name": { + "markdownDescription": "The name for the tool.", + "title": "Name", + "type": "string" } }, "required": [ - "QueryStringBehavior" + "InputSchema", + "Name" ], "type": "object" }, - "AWS::CloudFront::CloudFrontOriginAccessIdentity": { + "AWS::Billing::BillingView": { "additionalProperties": false, "properties": { "Condition": { @@ -36022,20 +40858,47 @@ "Properties": { "additionalProperties": false, "properties": { - "CloudFrontOriginAccessIdentityConfig": { - "$ref": "#/definitions/AWS::CloudFront::CloudFrontOriginAccessIdentity.CloudFrontOriginAccessIdentityConfig", - "markdownDescription": "The current configuration information for the identity.", - "title": "CloudFrontOriginAccessIdentityConfig" + "DataFilterExpression": { + "$ref": "#/definitions/AWS::Billing::BillingView.DataFilterExpression", + "markdownDescription": "See [Expression](https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_billing_Expression.html) . Billing view only supports `LINKED_ACCOUNT` and `Tags` .", + "title": "DataFilterExpression" + }, + "Description": { + "markdownDescription": "The description of the billing view.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the billing view.", + "title": "Name", + "type": "string" + }, + "SourceViews": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of billing views used as the data source for the custom billing view.", + "title": "SourceViews", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key value map specifying tags associated to the billing view being created.", + "title": "Tags", + "type": "array" } }, "required": [ - "CloudFrontOriginAccessIdentityConfig" + "Name", + "SourceViews" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFront::CloudFrontOriginAccessIdentity" + "AWS::Billing::BillingView" ], "type": "string" }, @@ -36054,21 +40917,61 @@ ], "type": "object" }, - "AWS::CloudFront::CloudFrontOriginAccessIdentity.CloudFrontOriginAccessIdentityConfig": { + "AWS::Billing::BillingView.DataFilterExpression": { "additionalProperties": false, "properties": { - "Comment": { - "markdownDescription": "A comment to describe the origin access identity. The comment cannot be longer than 128 characters.", - "title": "Comment", + "Dimensions": { + "$ref": "#/definitions/AWS::Billing::BillingView.Dimensions", + "markdownDescription": "The specific `Dimension` to use for `Expression` .", + "title": "Dimensions" + }, + "Tags": { + "$ref": "#/definitions/AWS::Billing::BillingView.Tags", + "markdownDescription": "The specific `Tag` to use for `Expression` .", + "title": "Tags" + } + }, + "type": "object" + }, + "AWS::Billing::BillingView.Dimensions": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The key that's associated with the tag.", + "title": "Key", "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The metadata that you can use to filter and group your results.", + "title": "Values", + "type": "array" } }, - "required": [ - "Comment" - ], "type": "object" }, - "AWS::CloudFront::ContinuousDeploymentPolicy": { + "AWS::Billing::BillingView.Tags": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "A list of tag key value pairs that are associated with the resource.", + "title": "Key", + "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The metadata values that you can use to filter and group your results.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::BillingConductor::BillingGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -36103,20 +41006,51 @@ "Properties": { "additionalProperties": false, "properties": { - "ContinuousDeploymentPolicyConfig": { - "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.ContinuousDeploymentPolicyConfig", - "markdownDescription": "Contains the configuration for a continuous deployment policy.", - "title": "ContinuousDeploymentPolicyConfig" + "AccountGrouping": { + "$ref": "#/definitions/AWS::BillingConductor::BillingGroup.AccountGrouping", + "markdownDescription": "The set of accounts that will be under the billing group. The set of accounts resemble the linked accounts in a consolidated billing family.", + "title": "AccountGrouping" + }, + "ComputationPreference": { + "$ref": "#/definitions/AWS::BillingConductor::BillingGroup.ComputationPreference", + "markdownDescription": "The preferences and settings that will be used to compute the AWS charges for a billing group.", + "title": "ComputationPreference" + }, + "Description": { + "markdownDescription": "The description of the billing group.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The billing group's name.", + "title": "Name", + "type": "string" + }, + "PrimaryAccountId": { + "markdownDescription": "The account ID that serves as the main account in a billing group.", + "title": "PrimaryAccountId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A map that contains tag keys and tag values that are attached to a billing group.", + "title": "Tags", + "type": "array" } }, "required": [ - "ContinuousDeploymentPolicyConfig" + "AccountGrouping", + "ComputationPreference", + "Name", + "PrimaryAccountId" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFront::ContinuousDeploymentPolicy" + "AWS::BillingConductor::BillingGroup" ], "type": "string" }, @@ -36135,172 +41069,43 @@ ], "type": "object" }, - "AWS::CloudFront::ContinuousDeploymentPolicy.ContinuousDeploymentPolicyConfig": { + "AWS::BillingConductor::BillingGroup.AccountGrouping": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "A Boolean that indicates whether this continuous deployment policy is enabled (in effect). When this value is `true` , this policy is enabled and in effect. When this value is `false` , this policy is not enabled and has no effect.", - "title": "Enabled", + "AutoAssociate": { + "markdownDescription": "Specifies if this billing group will automatically associate newly added AWS accounts that join your consolidated billing family.", + "title": "AutoAssociate", "type": "boolean" }, - "SingleHeaderPolicyConfig": { - "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.SingleHeaderPolicyConfig", - "markdownDescription": "This configuration determines which HTTP requests are sent to the staging distribution. If the HTTP request contains a header and value that matches what you specify here, the request is sent to the staging distribution. Otherwise the request is sent to the primary distribution.", - "title": "SingleHeaderPolicyConfig" - }, - "SingleWeightPolicyConfig": { - "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.SingleWeightPolicyConfig", - "markdownDescription": "This configuration determines the percentage of HTTP requests that are sent to the staging distribution.", - "title": "SingleWeightPolicyConfig" - }, - "StagingDistributionDnsNames": { + "LinkedAccountIds": { "items": { "type": "string" }, - "markdownDescription": "The CloudFront domain name of the staging distribution. For example: `d111111abcdef8.cloudfront.net` .", - "title": "StagingDistributionDnsNames", + "markdownDescription": "The account IDs that make up the billing group. Account IDs must be a part of the consolidated billing family, and not associated with another billing group.", + "title": "LinkedAccountIds", "type": "array" - }, - "TrafficConfig": { - "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.TrafficConfig", - "markdownDescription": "Contains the parameters for routing production traffic from your primary to staging distributions.", - "title": "TrafficConfig" - }, - "Type": { - "markdownDescription": "The type of traffic configuration.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Enabled", - "StagingDistributionDnsNames" - ], - "type": "object" - }, - "AWS::CloudFront::ContinuousDeploymentPolicy.SessionStickinessConfig": { - "additionalProperties": false, - "properties": { - "IdleTTL": { - "markdownDescription": "The amount of time after which you want sessions to cease if no requests are received. Allowed values are 300\u20133600 seconds (5\u201360 minutes).", - "title": "IdleTTL", - "type": "number" - }, - "MaximumTTL": { - "markdownDescription": "The maximum amount of time to consider requests from the viewer as being part of the same session. Allowed values are 300\u20133600 seconds (5\u201360 minutes).", - "title": "MaximumTTL", - "type": "number" - } - }, - "required": [ - "IdleTTL", - "MaximumTTL" - ], - "type": "object" - }, - "AWS::CloudFront::ContinuousDeploymentPolicy.SingleHeaderConfig": { - "additionalProperties": false, - "properties": { - "Header": { - "markdownDescription": "The request header name that you want CloudFront to send to your staging distribution. The header must contain the prefix `aws-cf-cd-` .", - "title": "Header", - "type": "string" - }, - "Value": { - "markdownDescription": "The request header value.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Header", - "Value" - ], - "type": "object" - }, - "AWS::CloudFront::ContinuousDeploymentPolicy.SingleHeaderPolicyConfig": { - "additionalProperties": false, - "properties": { - "Header": { - "markdownDescription": "The name of the HTTP header that CloudFront uses to configure for the single header policy.", - "title": "Header", - "type": "string" - }, - "Value": { - "markdownDescription": "Specifies the value to assign to the header for a single header policy.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Header", - "Value" - ], - "type": "object" - }, - "AWS::CloudFront::ContinuousDeploymentPolicy.SingleWeightConfig": { - "additionalProperties": false, - "properties": { - "SessionStickinessConfig": { - "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.SessionStickinessConfig", - "markdownDescription": "Session stickiness provides the ability to define multiple requests from a single viewer as a single session. This prevents the potentially inconsistent experience of sending some of a given user's requests to your staging distribution, while others are sent to your primary distribution. Define the session duration using TTL values.", - "title": "SessionStickinessConfig" - }, - "Weight": { - "markdownDescription": "The percentage of traffic to send to a staging distribution, expressed as a decimal number between 0 and 0.15. For example, a value of 0.10 means 10% of traffic is sent to the staging distribution.", - "title": "Weight", - "type": "number" - } - }, - "required": [ - "Weight" - ], - "type": "object" - }, - "AWS::CloudFront::ContinuousDeploymentPolicy.SingleWeightPolicyConfig": { - "additionalProperties": false, - "properties": { - "SessionStickinessConfig": { - "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.SessionStickinessConfig", - "markdownDescription": "Enable session stickiness for the associated origin or cache settings.", - "title": "SessionStickinessConfig" - }, - "Weight": { - "markdownDescription": "The percentage of requests that CloudFront will use to send to an associated origin or cache settings.", - "title": "Weight", - "type": "number" } }, "required": [ - "Weight" + "LinkedAccountIds" ], "type": "object" }, - "AWS::CloudFront::ContinuousDeploymentPolicy.TrafficConfig": { + "AWS::BillingConductor::BillingGroup.ComputationPreference": { "additionalProperties": false, "properties": { - "SingleHeaderConfig": { - "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.SingleHeaderConfig", - "markdownDescription": "Determines which HTTP requests are sent to the staging distribution.", - "title": "SingleHeaderConfig" - }, - "SingleWeightConfig": { - "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.SingleWeightConfig", - "markdownDescription": "Contains the percentage of traffic to send to the staging distribution.", - "title": "SingleWeightConfig" - }, - "Type": { - "markdownDescription": "The type of traffic configuration.", - "title": "Type", + "PricingPlanArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the pricing plan used to compute the AWS charges for a billing group.", + "title": "PricingPlanArn", "type": "string" } }, "required": [ - "Type" + "PricingPlanArn" ], "type": "object" }, - "AWS::CloudFront::Distribution": { + "AWS::BillingConductor::CustomLineItem": { "additionalProperties": false, "properties": { "Condition": { @@ -36335,28 +41140,54 @@ "Properties": { "additionalProperties": false, "properties": { - "DistributionConfig": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.DistributionConfig", - "markdownDescription": "The distribution's configuration.", - "title": "DistributionConfig" + "AccountId": { + "markdownDescription": "The AWS account in which this custom line item will be applied to.", + "title": "AccountId", + "type": "string" + }, + "BillingGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that references the billing group where the custom line item applies to.", + "title": "BillingGroupArn", + "type": "string" + }, + "BillingPeriodRange": { + "$ref": "#/definitions/AWS::BillingConductor::CustomLineItem.BillingPeriodRange", + "markdownDescription": "A time range for which the custom line item is effective.", + "title": "BillingPeriodRange" + }, + "CustomLineItemChargeDetails": { + "$ref": "#/definitions/AWS::BillingConductor::CustomLineItem.CustomLineItemChargeDetails", + "markdownDescription": "The charge details of a custom line item. It should contain only one of `Flat` or `Percentage` .", + "title": "CustomLineItemChargeDetails" + }, + "Description": { + "markdownDescription": "The custom line item's description. This is shown on the Bills page in association with the charge value.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The custom line item's name.", + "title": "Name", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A complex type that contains zero or more `Tag` elements.", + "markdownDescription": "A map that contains tag keys and tag values that are attached to a custom line item.", "title": "Tags", "type": "array" } }, "required": [ - "DistributionConfig" + "BillingGroupArn", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFront::Distribution" + "AWS::BillingConductor::CustomLineItem" ], "type": "string" }, @@ -36375,935 +41206,1142 @@ ], "type": "object" }, - "AWS::CloudFront::Distribution.CacheBehavior": { + "AWS::BillingConductor::CustomLineItem.BillingPeriodRange": { "additionalProperties": false, "properties": { - "AllowedMethods": { - "items": { - "type": "string" - }, - "markdownDescription": "A complex type that controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin. There are three choices:\n\n- CloudFront forwards only `GET` and `HEAD` requests.\n- CloudFront forwards only `GET` , `HEAD` , and `OPTIONS` requests.\n- CloudFront forwards `GET, HEAD, OPTIONS, PUT, PATCH, POST` , and `DELETE` requests.\n\nIf you pick the third choice, you may need to restrict access to your Amazon S3 bucket or to your custom origin so users can't perform operations that you don't want them to. For example, you might not want users to have permissions to delete objects from your origin.", - "title": "AllowedMethods", - "type": "array" + "ExclusiveEndBillingPeriod": { + "markdownDescription": "The exclusive end billing period that defines a billing period range where a custom line is applied.", + "title": "ExclusiveEndBillingPeriod", + "type": "string" }, - "CachePolicyId": { - "markdownDescription": "The unique identifier of the cache policy that is attached to this cache behavior. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nA `CacheBehavior` must include either a `CachePolicyId` or `ForwardedValues` . We recommend that you use a `CachePolicyId` .", - "title": "CachePolicyId", + "InclusiveStartBillingPeriod": { + "markdownDescription": "The inclusive start billing period that defines a billing period range where a custom line is applied.", + "title": "InclusiveStartBillingPeriod", "type": "string" + } + }, + "type": "object" + }, + "AWS::BillingConductor::CustomLineItem.CustomLineItemChargeDetails": { + "additionalProperties": false, + "properties": { + "Flat": { + "$ref": "#/definitions/AWS::BillingConductor::CustomLineItem.CustomLineItemFlatChargeDetails", + "markdownDescription": "A `CustomLineItemFlatChargeDetails` that describes the charge details of a flat custom line item.", + "title": "Flat" }, - "CachedMethods": { + "LineItemFilters": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::BillingConductor::CustomLineItem.LineItemFilter" }, - "markdownDescription": "A complex type that controls whether CloudFront caches the response to requests using the specified HTTP methods. There are two choices:\n\n- CloudFront caches responses to `GET` and `HEAD` requests.\n- CloudFront caches responses to `GET` , `HEAD` , and `OPTIONS` requests.\n\nIf you pick the second choice for your Amazon S3 Origin, you may need to forward Access-Control-Request-Method, Access-Control-Request-Headers, and Origin headers for the responses to be cached correctly.", - "title": "CachedMethods", + "markdownDescription": "A representation of the line item filter.", + "title": "LineItemFilters", "type": "array" }, - "Compress": { - "markdownDescription": "Whether you want CloudFront to automatically compress certain files for this cache behavior. If so, specify true; if not, specify false. For more information, see [Serving Compressed Files](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/ServingCompressedFiles.html) in the *Amazon CloudFront Developer Guide* .", - "title": "Compress", - "type": "boolean" - }, - "DefaultTTL": { - "markdownDescription": "This field is deprecated. We recommend that you use the `DefaultTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe default amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin does not add HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", - "title": "DefaultTTL", - "type": "number" + "Percentage": { + "$ref": "#/definitions/AWS::BillingConductor::CustomLineItem.CustomLineItemPercentageChargeDetails", + "markdownDescription": "A `CustomLineItemPercentageChargeDetails` that describes the charge details of a percentage custom line item.", + "title": "Percentage" }, - "FieldLevelEncryptionId": { - "markdownDescription": "The value of `ID` for the field-level encryption configuration that you want CloudFront to use for encrypting specific fields of data for this cache behavior.", - "title": "FieldLevelEncryptionId", + "Type": { + "markdownDescription": "The type of the custom line item that indicates whether the charge is a fee or credit.", + "title": "Type", "type": "string" - }, - "ForwardedValues": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.ForwardedValues", - "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field. For more information, see [Working with policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/working-with-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to include values in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send values to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) or [Using the managed origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nA `CacheBehavior` must include either a `CachePolicyId` or `ForwardedValues` . We recommend that you use a `CachePolicyId` .\n\nA complex type that specifies how CloudFront handles query strings, cookies, and HTTP headers.", - "title": "ForwardedValues" - }, - "FunctionAssociations": { - "items": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.FunctionAssociation" - }, - "markdownDescription": "A list of CloudFront functions that are associated with this cache behavior. CloudFront functions must be published to the `LIVE` stage to associate them with a cache behavior.", - "title": "FunctionAssociations", - "type": "array" - }, - "LambdaFunctionAssociations": { - "items": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.LambdaFunctionAssociation" - }, - "markdownDescription": "A complex type that contains zero or more Lambda@Edge function associations for a cache behavior.", - "title": "LambdaFunctionAssociations", - "type": "array" - }, - "MaxTTL": { - "markdownDescription": "This field is deprecated. We recommend that you use the `MaxTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe maximum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin adds HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", - "title": "MaxTTL", - "type": "number" - }, - "MinTTL": { - "markdownDescription": "This field is deprecated. We recommend that you use the `MinTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe minimum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .\n\nYou must specify `0` for `MinTTL` if you configure CloudFront to forward all headers to your origin (under `Headers` , if you specify `1` for `Quantity` and `*` for `Name` ).", - "title": "MinTTL", + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::BillingConductor::CustomLineItem.CustomLineItemFlatChargeDetails": { + "additionalProperties": false, + "properties": { + "ChargeValue": { + "markdownDescription": "The custom line item's fixed charge value in USD.", + "title": "ChargeValue", "type": "number" - }, - "OriginRequestPolicyId": { - "markdownDescription": "The unique identifier of the origin request policy that is attached to this cache behavior. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) or [Using the managed origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html) in the *Amazon CloudFront Developer Guide* .", - "title": "OriginRequestPolicyId", - "type": "string" - }, - "PathPattern": { - "markdownDescription": "The pattern (for example, `images/*.jpg` ) that specifies which requests to apply the behavior to. When CloudFront receives a viewer request, the requested path is compared with path patterns in the order in which cache behaviors are listed in the distribution.\n\n> You can optionally include a slash ( `/` ) at the beginning of the path pattern. For example, `/images/*.jpg` . CloudFront behavior is the same with or without the leading `/` . \n\nThe path pattern for the default cache behavior is `*` and cannot be changed. If the request for an object does not match the path pattern for any cache behaviors, CloudFront applies the behavior in the default cache behavior.\n\nFor more information, see [Path Pattern](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesPathPattern) in the *Amazon CloudFront Developer Guide* .", - "title": "PathPattern", - "type": "string" - }, - "RealtimeLogConfigArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the real-time log configuration that is attached to this cache behavior. For more information, see [Real-time logs](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html) in the *Amazon CloudFront Developer Guide* .", - "title": "RealtimeLogConfigArn", - "type": "string" - }, - "ResponseHeadersPolicyId": { - "markdownDescription": "The identifier for a response headers policy.", - "title": "ResponseHeadersPolicyId", - "type": "string" - }, - "SmoothStreaming": { - "markdownDescription": "Indicates whether you want to distribute media files in the Microsoft Smooth Streaming format using the origin that is associated with this cache behavior. If so, specify `true` ; if not, specify `false` . If you specify `true` for `SmoothStreaming` , you can still distribute other content using this cache behavior if the content matches the value of `PathPattern` .", - "title": "SmoothStreaming", - "type": "boolean" - }, - "TargetOriginId": { - "markdownDescription": "The value of `ID` for the origin that you want CloudFront to route requests to when they match this cache behavior.", - "title": "TargetOriginId", - "type": "string" - }, - "TrustedKeyGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of key groups that CloudFront can use to validate signed URLs or signed cookies.\n\nWhen a cache behavior contains trusted key groups, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with a private key whose corresponding public key is in the key group. The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", - "title": "TrustedKeyGroups", - "type": "array" - }, - "TrustedSigners": { + } + }, + "required": [ + "ChargeValue" + ], + "type": "object" + }, + "AWS::BillingConductor::CustomLineItem.CustomLineItemPercentageChargeDetails": { + "additionalProperties": false, + "properties": { + "ChildAssociatedResources": { "items": { "type": "string" }, - "markdownDescription": "> We recommend using `TrustedKeyGroups` instead of `TrustedSigners` . \n\nA list of AWS account IDs whose public keys CloudFront can use to validate signed URLs or signed cookies.\n\nWhen a cache behavior contains trusted signers, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with the private key of a CloudFront key pair in the trusted signer's AWS account . The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", - "title": "TrustedSigners", + "markdownDescription": "A list of resource ARNs to associate to the percentage custom line item.", + "title": "ChildAssociatedResources", "type": "array" }, - "ViewerProtocolPolicy": { - "markdownDescription": "The protocol that viewers can use to access the files in the origin specified by `TargetOriginId` when a request matches the path pattern in `PathPattern` . You can specify the following options:\n\n- `allow-all` : Viewers can use HTTP or HTTPS.\n- `redirect-to-https` : If a viewer submits an HTTP request, CloudFront returns an HTTP status code of 301 (Moved Permanently) to the viewer along with the HTTPS URL. The viewer then resubmits the request using the new URL.\n- `https-only` : If a viewer sends an HTTP request, CloudFront returns an HTTP status code of 403 (Forbidden).\n\nFor more information about requiring the HTTPS protocol, see [Requiring HTTPS Between Viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-https-viewers-to-cloudfront.html) in the *Amazon CloudFront Developer Guide* .\n\n> The only way to guarantee that viewers retrieve an object that was fetched from the origin using HTTPS is never to use any other protocol to fetch the object. If you have recently changed from HTTP to HTTPS, we recommend that you clear your objects' cache because cached objects are protocol agnostic. That means that an edge location will return an object from the cache regardless of whether the current request protocol matches the protocol used previously. For more information, see [Managing Cache Expiration](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", - "title": "ViewerProtocolPolicy", - "type": "string" + "PercentageValue": { + "markdownDescription": "The custom line item's percentage value. This will be multiplied against the combined value of its associated resources to determine its charge value.", + "title": "PercentageValue", + "type": "number" } }, "required": [ - "PathPattern", - "TargetOriginId", - "ViewerProtocolPolicy" + "PercentageValue" ], "type": "object" }, - "AWS::CloudFront::Distribution.Cookies": { + "AWS::BillingConductor::CustomLineItem.LineItemFilter": { "additionalProperties": false, "properties": { - "Forward": { - "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include cookies in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send cookies to the origin but not include them in the cache key, use origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nSpecifies which cookies to forward to the origin for this cache behavior: all, none, or the list of cookies specified in the `WhitelistedNames` complex type.\n\nAmazon S3 doesn't process cookies. When the cache behavior is forwarding requests to an Amazon S3 origin, specify none for the `Forward` element.", - "title": "Forward", + "Attribute": { + "markdownDescription": "The attribute of the line item filter. This specifies what attribute that you can filter on.", + "title": "Attribute", "type": "string" }, - "WhitelistedNames": { + "MatchOption": { + "markdownDescription": "The match criteria of the line item filter. This parameter specifies whether not to include the resource value from the billing group total cost.", + "title": "MatchOption", + "type": "string" + }, + "Values": { "items": { "type": "string" }, - "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include cookies in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send cookies to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nRequired if you specify `whitelist` for the value of `Forward` . A complex type that specifies how many different cookies you want CloudFront to forward to the origin for this cache behavior and, if you want to forward selected cookies, the names of those cookies.\n\nIf you specify `all` or `none` for the value of `Forward` , omit `WhitelistedNames` . If you change the value of `Forward` from `whitelist` to `all` or `none` and you don't delete the `WhitelistedNames` element and its child elements, CloudFront deletes them automatically.\n\nFor the current limit on the number of cookie names that you can whitelist for each cache behavior, see [CloudFront Limits](https://docs.aws.amazon.com/general/latest/gr/xrefaws_service_limits.html#limits_cloudfront) in the *AWS General Reference* .", - "title": "WhitelistedNames", + "markdownDescription": "The values of the line item filter. This specifies the values to filter on. Currently, you can only exclude Savings Plan discounts.", + "title": "Values", "type": "array" } }, "required": [ - "Forward" + "Attribute", + "MatchOption", + "Values" ], "type": "object" }, - "AWS::CloudFront::Distribution.CustomErrorResponse": { + "AWS::BillingConductor::PricingPlan": { "additionalProperties": false, "properties": { - "ErrorCachingMinTTL": { - "markdownDescription": "The minimum amount of time, in seconds, that you want CloudFront to cache the HTTP status code specified in `ErrorCode` . When this time period has elapsed, CloudFront queries your origin to see whether the problem that caused the error has been resolved and the requested object is now available.\n\nFor more information, see [Customizing Error Responses](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/custom-error-pages.html) in the *Amazon CloudFront Developer Guide* .", - "title": "ErrorCachingMinTTL", - "type": "number" + "Condition": { + "type": "string" }, - "ErrorCode": { - "markdownDescription": "The HTTP status code for which you want to specify a custom error page and/or a caching duration.", - "title": "ErrorCode", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ResponseCode": { - "markdownDescription": "The HTTP status code that you want CloudFront to return to the viewer along with the custom error page. There are a variety of reasons that you might want CloudFront to return a status code different from the status code that your origin returned to CloudFront, for example:\n\n- Some Internet devices (some firewalls and corporate proxies, for example) intercept HTTP 4xx and 5xx and prevent the response from being returned to the viewer. If you substitute `200` , the response typically won't be intercepted.\n- If you don't care about distinguishing among different client errors or server errors, you can specify `400` or `500` as the `ResponseCode` for all 4xx or 5xx errors.\n- You might want to return a `200` status code (OK) and static website so your customers don't know that your website is down.\n\nIf you specify a value for `ResponseCode` , you must also specify a value for `ResponsePagePath` .", - "title": "ResponseCode", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ResponsePagePath": { - "markdownDescription": "The path to the custom error page that you want CloudFront to return to a viewer when your origin returns the HTTP status code specified by `ErrorCode` , for example, `/4xx-errors/403-forbidden.html` . If you want to store your objects and your custom error pages in different locations, your distribution must include a cache behavior for which the following is true:\n\n- The value of `PathPattern` matches the path to your custom error messages. For example, suppose you saved custom error pages for 4xx errors in an Amazon S3 bucket in a directory named `/4xx-errors` . Your distribution must include a cache behavior for which the path pattern routes requests for your custom error pages to that location, for example, `/4xx-errors/*` .\n- The value of `TargetOriginId` specifies the value of the `ID` element for the origin that contains your custom error pages.\n\nIf you specify a value for `ResponsePagePath` , you must also specify a value for `ResponseCode` .\n\nWe recommend that you store custom error pages in an Amazon S3 bucket. If you store custom error pages on an HTTP server and the server starts to return 5xx errors, CloudFront can't get the files that you want to return to viewers because the origin server is unavailable.", - "title": "ResponsePagePath", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The pricing plan description.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a pricing plan.", + "title": "Name", + "type": "string" + }, + "PricingRuleArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The `PricingRuleArns` that are associated with the Pricing Plan.", + "title": "PricingRuleArns", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A map that contains tag keys and tag values that are attached to a pricing plan.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::BillingConductor::PricingPlan" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ErrorCode" + "Type", + "Properties" ], "type": "object" }, - "AWS::CloudFront::Distribution.CustomOriginConfig": { + "AWS::BillingConductor::PricingRule": { "additionalProperties": false, "properties": { - "HTTPPort": { - "markdownDescription": "The HTTP port that CloudFront uses to connect to the origin. Specify the HTTP port that the origin listens on.", - "title": "HTTPPort", - "type": "number" - }, - "HTTPSPort": { - "markdownDescription": "The HTTPS port that CloudFront uses to connect to the origin. Specify the HTTPS port that the origin listens on.", - "title": "HTTPSPort", - "type": "number" - }, - "OriginKeepaliveTimeout": { - "markdownDescription": "Specifies how long, in seconds, CloudFront persists its connection to the origin. The minimum timeout is 1 second, the maximum is 60 seconds, and the default (if you don't specify otherwise) is 5 seconds.\n\nFor more information, see [Keep-alive timeout (custom origins only)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginKeepaliveTimeout) in the *Amazon CloudFront Developer Guide* .", - "title": "OriginKeepaliveTimeout", - "type": "number" + "Condition": { + "type": "string" }, - "OriginProtocolPolicy": { - "markdownDescription": "Specifies the protocol (HTTP or HTTPS) that CloudFront uses to connect to the origin. Valid values are:\n\n- `http-only` \u2013 CloudFront always uses HTTP to connect to the origin.\n- `match-viewer` \u2013 CloudFront connects to the origin using the same protocol that the viewer used to connect to CloudFront.\n- `https-only` \u2013 CloudFront always uses HTTPS to connect to the origin.", - "title": "OriginProtocolPolicy", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "OriginReadTimeout": { - "markdownDescription": "Specifies how long, in seconds, CloudFront waits for a response from the origin. This is also known as the *origin response timeout* . The minimum timeout is 1 second, the maximum is 60 seconds, and the default (if you don't specify otherwise) is 30 seconds.\n\nFor more information, see [Response timeout (custom origins only)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginResponseTimeout) in the *Amazon CloudFront Developer Guide* .", - "title": "OriginReadTimeout", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "OriginSSLProtocols": { - "items": { - "type": "string" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "BillingEntity": { + "markdownDescription": "The seller of services provided by AWS , their affiliates, or third-party providers selling services via AWS Marketplace .", + "title": "BillingEntity", + "type": "string" + }, + "Description": { + "markdownDescription": "The pricing rule description.", + "title": "Description", + "type": "string" + }, + "ModifierPercentage": { + "markdownDescription": "A percentage modifier applied on the public pricing rates.", + "title": "ModifierPercentage", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of a pricing rule.", + "title": "Name", + "type": "string" + }, + "Operation": { + "markdownDescription": "Operation is the specific AWS action covered by this line item. This describes the specific usage of the line item.\n\nIf the `Scope` attribute is set to `SKU` , this attribute indicates which operation the `PricingRule` is modifying. For example, a value of `RunInstances:0202` indicates the operation of running an Amazon EC2 instance.", + "title": "Operation", + "type": "string" + }, + "Scope": { + "markdownDescription": "The scope of pricing rule that indicates if it's globally applicable or service-specific.", + "title": "Scope", + "type": "string" + }, + "Service": { + "markdownDescription": "If the `Scope` attribute is `SERVICE` , this attribute indicates which service the `PricingRule` is applicable for.", + "title": "Service", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A map that contains tag keys and tag values that are attached to a pricing rule.", + "title": "Tags", + "type": "array" + }, + "Tiering": { + "$ref": "#/definitions/AWS::BillingConductor::PricingRule.Tiering", + "markdownDescription": "The set of tiering configurations for the pricing rule.", + "title": "Tiering" + }, + "Type": { + "markdownDescription": "The type of pricing rule.", + "title": "Type", + "type": "string" + }, + "UsageType": { + "markdownDescription": "Usage Type is the unit that each service uses to measure the usage of a specific type of resource.", + "title": "UsageType", + "type": "string" + } }, - "markdownDescription": "Specifies the minimum SSL/TLS protocol that CloudFront uses when connecting to your origin over HTTPS. Valid values include `SSLv3` , `TLSv1` , `TLSv1.1` , and `TLSv1.2` .\n\nFor more information, see [Minimum Origin SSL Protocol](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginSSLProtocols) in the *Amazon CloudFront Developer Guide* .", - "title": "OriginSSLProtocols", - "type": "array" + "required": [ + "Name", + "Scope", + "Type" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::BillingConductor::PricingRule" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "OriginProtocolPolicy" + "Type", + "Properties" ], "type": "object" }, - "AWS::CloudFront::Distribution.DefaultCacheBehavior": { + "AWS::BillingConductor::PricingRule.FreeTier": { "additionalProperties": false, "properties": { - "AllowedMethods": { - "items": { - "type": "string" - }, - "markdownDescription": "A complex type that controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin. There are three choices:\n\n- CloudFront forwards only `GET` and `HEAD` requests.\n- CloudFront forwards only `GET` , `HEAD` , and `OPTIONS` requests.\n- CloudFront forwards `GET, HEAD, OPTIONS, PUT, PATCH, POST` , and `DELETE` requests.\n\nIf you pick the third choice, you may need to restrict access to your Amazon S3 bucket or to your custom origin so users can't perform operations that you don't want them to. For example, you might not want users to have permissions to delete objects from your origin.", - "title": "AllowedMethods", - "type": "array" + "Activated": { + "markdownDescription": "Activate or deactivate AWS Free Tier.", + "title": "Activated", + "type": "boolean" + } + }, + "required": [ + "Activated" + ], + "type": "object" + }, + "AWS::BillingConductor::PricingRule.Tiering": { + "additionalProperties": false, + "properties": { + "FreeTier": { + "$ref": "#/definitions/AWS::BillingConductor::PricingRule.FreeTier", + "markdownDescription": "The possible AWS Free Tier configurations.", + "title": "FreeTier" + } + }, + "type": "object" + }, + "AWS::Budgets::Budget": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" }, - "CachePolicyId": { - "markdownDescription": "The unique identifier of the cache policy that is attached to the default cache behavior. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nA `DefaultCacheBehavior` must include either a `CachePolicyId` or `ForwardedValues` . We recommend that you use a `CachePolicyId` .", - "title": "CachePolicyId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "CachedMethods": { - "items": { - "type": "string" - }, - "markdownDescription": "A complex type that controls whether CloudFront caches the response to requests using the specified HTTP methods. There are two choices:\n\n- CloudFront caches responses to `GET` and `HEAD` requests.\n- CloudFront caches responses to `GET` , `HEAD` , and `OPTIONS` requests.\n\nIf you pick the second choice for your Amazon S3 Origin, you may need to forward Access-Control-Request-Method, Access-Control-Request-Headers, and Origin headers for the responses to be cached correctly.", - "title": "CachedMethods", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Compress": { - "markdownDescription": "Whether you want CloudFront to automatically compress certain files for this cache behavior. If so, specify `true` ; if not, specify `false` . For more information, see [Serving Compressed Files](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/ServingCompressedFiles.html) in the *Amazon CloudFront Developer Guide* .", - "title": "Compress", - "type": "boolean" + "Metadata": { + "type": "object" }, - "DefaultTTL": { - "markdownDescription": "This field is deprecated. We recommend that you use the `DefaultTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe default amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin does not add HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", - "title": "DefaultTTL", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "Budget": { + "$ref": "#/definitions/AWS::Budgets::Budget.BudgetData", + "markdownDescription": "The budget object that you want to create.", + "title": "Budget" + }, + "NotificationsWithSubscribers": { + "items": { + "$ref": "#/definitions/AWS::Budgets::Budget.NotificationWithSubscribers" + }, + "markdownDescription": "A notification that you want to associate with a budget. A budget can have up to five notifications, and each notification can have one SNS subscriber and up to 10 email subscribers. If you include notifications and subscribers in your `CreateBudget` call, AWS creates the notifications and subscribers for you.", + "title": "NotificationsWithSubscribers", + "type": "array" + }, + "ResourceTags": { + "items": { + "$ref": "#/definitions/AWS::Budgets::Budget.ResourceTag" + }, + "markdownDescription": "An optional list of tags to associate with the specified budget. Each tag consists of a key and a value, and each key must be unique for the resource.", + "title": "ResourceTags", + "type": "array" + } + }, + "required": [ + "Budget" + ], + "type": "object" }, - "FieldLevelEncryptionId": { - "markdownDescription": "The value of `ID` for the field-level encryption configuration that you want CloudFront to use for encrypting specific fields of data for the default cache behavior.", - "title": "FieldLevelEncryptionId", + "Type": { + "enum": [ + "AWS::Budgets::Budget" + ], "type": "string" }, - "ForwardedValues": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.ForwardedValues", - "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field. For more information, see [Working with policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/working-with-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to include values in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send values to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) or [Using the managed origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nA `DefaultCacheBehavior` must include either a `CachePolicyId` or `ForwardedValues` . We recommend that you use a `CachePolicyId` .\n\nA complex type that specifies how CloudFront handles query strings, cookies, and HTTP headers.", - "title": "ForwardedValues" - }, - "FunctionAssociations": { - "items": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.FunctionAssociation" - }, - "markdownDescription": "A list of CloudFront functions that are associated with this cache behavior. Your functions must be published to the `LIVE` stage to associate them with a cache behavior.", - "title": "FunctionAssociations", - "type": "array" - }, - "LambdaFunctionAssociations": { - "items": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.LambdaFunctionAssociation" - }, - "markdownDescription": "A complex type that contains zero or more Lambda@Edge function associations for a cache behavior.", - "title": "LambdaFunctionAssociations", - "type": "array" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Budgets::Budget.AutoAdjustData": { + "additionalProperties": false, + "properties": { + "AutoAdjustType": { + "markdownDescription": "The string that defines whether your budget auto-adjusts based on historical or forecasted data.", + "title": "AutoAdjustType", + "type": "string" }, - "MaxTTL": { - "markdownDescription": "This field is deprecated. We recommend that you use the `MaxTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe maximum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin adds HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", - "title": "MaxTTL", - "type": "number" + "HistoricalOptions": { + "$ref": "#/definitions/AWS::Budgets::Budget.HistoricalOptions", + "markdownDescription": "The parameters that define or describe the historical data that your auto-adjusting budget is based on.", + "title": "HistoricalOptions" + } + }, + "required": [ + "AutoAdjustType" + ], + "type": "object" + }, + "AWS::Budgets::Budget.BudgetData": { + "additionalProperties": false, + "properties": { + "AutoAdjustData": { + "$ref": "#/definitions/AWS::Budgets::Budget.AutoAdjustData", + "markdownDescription": "Determine the budget amount for an auto-adjusting budget.", + "title": "AutoAdjustData" }, - "MinTTL": { - "markdownDescription": "This field is deprecated. We recommend that you use the `MinTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe minimum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .\n\nYou must specify `0` for `MinTTL` if you configure CloudFront to forward all headers to your origin (under `Headers` , if you specify `1` for `Quantity` and `*` for `Name` ).", - "title": "MinTTL", - "type": "number" + "BudgetLimit": { + "$ref": "#/definitions/AWS::Budgets::Budget.Spend", + "markdownDescription": "The total amount of cost, usage, RI utilization, RI coverage, Savings Plans utilization, or Savings Plans coverage that you want to track with your budget.\n\n`BudgetLimit` is required for cost or usage budgets, but optional for RI or Savings Plans utilization or coverage budgets. RI and Savings Plans utilization or coverage budgets default to `100` . This is the only valid value for RI or Savings Plans utilization or coverage budgets. You can't use `BudgetLimit` with `PlannedBudgetLimits` for `CreateBudget` and `UpdateBudget` actions.", + "title": "BudgetLimit" }, - "OriginRequestPolicyId": { - "markdownDescription": "The unique identifier of the origin request policy that is attached to the default cache behavior. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) or [Using the managed origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html) in the *Amazon CloudFront Developer Guide* .", - "title": "OriginRequestPolicyId", + "BudgetName": { + "markdownDescription": "The name of a budget. The value must be unique within an account. `BudgetName` can't include `:` and `\\` characters. If you don't include value for `BudgetName` in the template, Billing and Cost Management assigns your budget a randomly generated name.", + "title": "BudgetName", "type": "string" }, - "RealtimeLogConfigArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the real-time log configuration that is attached to this cache behavior. For more information, see [Real-time logs](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html) in the *Amazon CloudFront Developer Guide* .", - "title": "RealtimeLogConfigArn", + "BudgetType": { + "markdownDescription": "Specifies whether this budget tracks costs, usage, RI utilization, RI coverage, Savings Plans utilization, or Savings Plans coverage.", + "title": "BudgetType", "type": "string" }, - "ResponseHeadersPolicyId": { - "markdownDescription": "The identifier for a response headers policy.", - "title": "ResponseHeadersPolicyId", - "type": "string" + "CostFilters": { + "markdownDescription": "The cost filters, such as `Region` , `Service` , `LinkedAccount` , `Tag` , or `CostCategory` , that are applied to a budget.\n\nAWS Budgets supports the following services as a `Service` filter for RI budgets:\n\n- Amazon EC2\n- Amazon Redshift\n- Amazon Relational Database Service\n- Amazon ElastiCache\n- Amazon OpenSearch Service", + "title": "CostFilters", + "type": "object" }, - "SmoothStreaming": { - "markdownDescription": "Indicates whether you want to distribute media files in the Microsoft Smooth Streaming format using the origin that is associated with this cache behavior. If so, specify `true` ; if not, specify `false` . If you specify `true` for `SmoothStreaming` , you can still distribute other content using this cache behavior if the content matches the value of `PathPattern` .", - "title": "SmoothStreaming", - "type": "boolean" + "CostTypes": { + "$ref": "#/definitions/AWS::Budgets::Budget.CostTypes", + "markdownDescription": "The types of costs that are included in this `COST` budget.\n\n`USAGE` , `RI_UTILIZATION` , `RI_COVERAGE` , `SAVINGS_PLANS_UTILIZATION` , and `SAVINGS_PLANS_COVERAGE` budgets do not have `CostTypes` .", + "title": "CostTypes" }, - "TargetOriginId": { - "markdownDescription": "The value of `ID` for the origin that you want CloudFront to route requests to when they use the default cache behavior.", - "title": "TargetOriginId", - "type": "string" + "FilterExpression": { + "$ref": "#/definitions/AWS::Budgets::Budget.Expression", + "markdownDescription": "", + "title": "FilterExpression" }, - "TrustedKeyGroups": { + "Metrics": { "items": { "type": "string" }, - "markdownDescription": "A list of key groups that CloudFront can use to validate signed URLs or signed cookies.\n\nWhen a cache behavior contains trusted key groups, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with a private key whose corresponding public key is in the key group. The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", - "title": "TrustedKeyGroups", + "markdownDescription": "", + "title": "Metrics", "type": "array" }, - "TrustedSigners": { - "items": { - "type": "string" - }, - "markdownDescription": "> We recommend using `TrustedKeyGroups` instead of `TrustedSigners` . \n\nA list of AWS account IDs whose public keys CloudFront can use to validate signed URLs or signed cookies.\n\nWhen a cache behavior contains trusted signers, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with the private key of a CloudFront key pair in a trusted signer's AWS account . The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", - "title": "TrustedSigners", - "type": "array" + "PlannedBudgetLimits": { + "markdownDescription": "A map containing multiple `BudgetLimit` , including current or future limits.\n\n`PlannedBudgetLimits` is available for cost or usage budget and supports both monthly and quarterly `TimeUnit` .\n\nFor monthly budgets, provide 12 months of `PlannedBudgetLimits` values. This must start from the current month and include the next 11 months. The `key` is the start of the month, `UTC` in epoch seconds.\n\nFor quarterly budgets, provide four quarters of `PlannedBudgetLimits` value entries in standard calendar quarter increments. This must start from the current quarter and include the next three quarters. The `key` is the start of the quarter, `UTC` in epoch seconds.\n\nIf the planned budget expires before 12 months for monthly or four quarters for quarterly, provide the `PlannedBudgetLimits` values only for the remaining periods.\n\nIf the budget begins at a date in the future, provide `PlannedBudgetLimits` values from the start date of the budget.\n\nAfter all of the `BudgetLimit` values in `PlannedBudgetLimits` are used, the budget continues to use the last limit as the `BudgetLimit` . At that point, the planned budget provides the same experience as a fixed budget.\n\n`DescribeBudget` and `DescribeBudgets` response along with `PlannedBudgetLimits` also contain `BudgetLimit` representing the current month or quarter limit present in `PlannedBudgetLimits` . This only applies to budgets that are created with `PlannedBudgetLimits` . Budgets that are created without `PlannedBudgetLimits` only contain `BudgetLimit` . They don't contain `PlannedBudgetLimits` .", + "title": "PlannedBudgetLimits", + "type": "object" }, - "ViewerProtocolPolicy": { - "markdownDescription": "The protocol that viewers can use to access the files in the origin specified by `TargetOriginId` when a request matches the path pattern in `PathPattern` . You can specify the following options:\n\n- `allow-all` : Viewers can use HTTP or HTTPS.\n- `redirect-to-https` : If a viewer submits an HTTP request, CloudFront returns an HTTP status code of 301 (Moved Permanently) to the viewer along with the HTTPS URL. The viewer then resubmits the request using the new URL.\n- `https-only` : If a viewer sends an HTTP request, CloudFront returns an HTTP status code of 403 (Forbidden).\n\nFor more information about requiring the HTTPS protocol, see [Requiring HTTPS Between Viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-https-viewers-to-cloudfront.html) in the *Amazon CloudFront Developer Guide* .\n\n> The only way to guarantee that viewers retrieve an object that was fetched from the origin using HTTPS is never to use any other protocol to fetch the object. If you have recently changed from HTTP to HTTPS, we recommend that you clear your objects' cache because cached objects are protocol agnostic. That means that an edge location will return an object from the cache regardless of whether the current request protocol matches the protocol used previously. For more information, see [Managing Cache Expiration](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", - "title": "ViewerProtocolPolicy", + "TimePeriod": { + "$ref": "#/definitions/AWS::Budgets::Budget.TimePeriod", + "markdownDescription": "The period of time that is covered by a budget. The period has a start date and an end date. The start date must come before the end date. There are no restrictions on the end date.\n\nThe start date for a budget. If you created your budget and didn't specify a start date, the start date defaults to the start of the chosen time period (MONTHLY, QUARTERLY, or ANNUALLY). For example, if you create your budget on January 24, 2019, choose `MONTHLY` , and don't set a start date, the start date defaults to `01/01/19 00:00 UTC` . The defaults are the same for the Billing and Cost Management console and the API.\n\nYou can change your start date with the `UpdateBudget` operation.\n\nAfter the end date, AWS deletes the budget and all associated notifications and subscribers.", + "title": "TimePeriod" + }, + "TimeUnit": { + "markdownDescription": "The length of time until a budget resets the actual and forecasted spend. `DAILY` is available only for `RI_UTILIZATION` and `RI_COVERAGE` budgets.", + "title": "TimeUnit", "type": "string" } }, "required": [ - "TargetOriginId", - "ViewerProtocolPolicy" + "BudgetType", + "TimeUnit" ], "type": "object" }, - "AWS::CloudFront::Distribution.DistributionConfig": { + "AWS::Budgets::Budget.CostCategoryValues": { "additionalProperties": false, "properties": { - "Aliases": { - "items": { - "type": "string" - }, - "markdownDescription": "A complex type that contains information about CNAMEs (alternate domain names), if any, for this distribution.", - "title": "Aliases", - "type": "array" + "Key": { + "markdownDescription": "The unique name of the cost category.", + "title": "Key", + "type": "string" }, - "CNAMEs": { + "MatchOptions": { "items": { "type": "string" }, - "markdownDescription": "An alias for the CloudFront distribution's domain name.\n\n> This property is legacy. We recommend that you use [Aliases](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-distributionconfig.html#cfn-cloudfront-distribution-distributionconfig-aliases) instead.", - "title": "CNAMEs", + "markdownDescription": "The match options that you can use to filter your results.", + "title": "MatchOptions", "type": "array" }, - "CacheBehaviors": { + "Values": { "items": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.CacheBehavior" + "type": "string" }, - "markdownDescription": "A complex type that contains zero or more `CacheBehavior` elements.", - "title": "CacheBehaviors", + "markdownDescription": "The specific value of the cost category.", + "title": "Values", "type": "array" + } + }, + "type": "object" + }, + "AWS::Budgets::Budget.CostTypes": { + "additionalProperties": false, + "properties": { + "IncludeCredit": { + "markdownDescription": "Specifies whether a budget includes credits.\n\nThe default value is `true` .", + "title": "IncludeCredit", + "type": "boolean" }, - "Comment": { - "markdownDescription": "A comment to describe the distribution. The comment cannot be longer than 128 characters.", - "title": "Comment", - "type": "string" - }, - "ContinuousDeploymentPolicyId": { - "markdownDescription": "The identifier of a continuous deployment policy. For more information, see `CreateContinuousDeploymentPolicy` .", - "title": "ContinuousDeploymentPolicyId", - "type": "string" - }, - "CustomErrorResponses": { - "items": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.CustomErrorResponse" - }, - "markdownDescription": "A complex type that controls the following:\n\n- Whether CloudFront replaces HTTP status codes in the 4xx and 5xx range with custom error messages before returning the response to the viewer.\n- How long CloudFront caches HTTP status codes in the 4xx and 5xx range.\n\nFor more information about custom error pages, see [Customizing Error Responses](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/custom-error-pages.html) in the *Amazon CloudFront Developer Guide* .", - "title": "CustomErrorResponses", - "type": "array" + "IncludeDiscount": { + "markdownDescription": "Specifies whether a budget includes discounts.\n\nThe default value is `true` .", + "title": "IncludeDiscount", + "type": "boolean" }, - "CustomOrigin": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.LegacyCustomOrigin", - "markdownDescription": "The user-defined HTTP server that serves as the origin for content that CloudFront distributes.\n\n> This property is legacy. We recommend that you use [Origin](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-origin.html) instead.", - "title": "CustomOrigin" + "IncludeOtherSubscription": { + "markdownDescription": "Specifies whether a budget includes non-RI subscription costs.\n\nThe default value is `true` .", + "title": "IncludeOtherSubscription", + "type": "boolean" }, - "DefaultCacheBehavior": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.DefaultCacheBehavior", - "markdownDescription": "A complex type that describes the default cache behavior if you don't specify a `CacheBehavior` element or if files don't match any of the values of `PathPattern` in `CacheBehavior` elements. You must create exactly one default cache behavior.", - "title": "DefaultCacheBehavior" + "IncludeRecurring": { + "markdownDescription": "Specifies whether a budget includes recurring fees such as monthly RI fees.\n\nThe default value is `true` .", + "title": "IncludeRecurring", + "type": "boolean" }, - "DefaultRootObject": { - "markdownDescription": "When a viewer requests the root URL for your distribution, the default root object is the object that you want CloudFront to request from your origin. For example, if your root URL is `https://www.example.com` , you can specify CloudFront to return the `index.html` file as the default root object. You can specify a default root object so that viewers see a specific file or object, instead of another object in your distribution (for example, `https://www.example.com/product-description.html` ). A default root object avoids exposing the contents of your distribution.\n\nYou can specify the object name or a path to the object name (for example, `index.html` or `exampleFolderName/index.html` ). Your string can't begin with a forward slash ( `/` ). Only specify the object name or the path to the object.\n\nIf you don't want to specify a default root object when you create a distribution, include an empty `DefaultRootObject` element.\n\nTo delete the default root object from an existing distribution, update the distribution configuration and include an empty `DefaultRootObject` element.\n\nTo replace the default root object, update the distribution configuration and specify the new object.\n\nFor more information about the default root object, see [Specify a default root object](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DefaultRootObject.html) in the *Amazon CloudFront Developer Guide* .", - "title": "DefaultRootObject", - "type": "string" + "IncludeRefund": { + "markdownDescription": "Specifies whether a budget includes refunds.\n\nThe default value is `true` .", + "title": "IncludeRefund", + "type": "boolean" }, - "Enabled": { - "markdownDescription": "From this field, you can enable or disable the selected distribution.", - "title": "Enabled", + "IncludeSubscription": { + "markdownDescription": "Specifies whether a budget includes subscriptions.\n\nThe default value is `true` .", + "title": "IncludeSubscription", "type": "boolean" }, - "HttpVersion": { - "markdownDescription": "(Optional) Specify the HTTP version(s) that you want viewers to use to communicate with CloudFront . The default value for new distributions is `http1.1` .\n\nFor viewers and CloudFront to use HTTP/2, viewers must support TLSv1.2 or later, and must support Server Name Indication (SNI).\n\nFor viewers and CloudFront to use HTTP/3, viewers must support TLSv1.3 and Server Name Indication (SNI). CloudFront supports HTTP/3 connection migration to allow the viewer to switch networks without losing connection. For more information about connection migration, see [Connection Migration](https://docs.aws.amazon.com/https://www.rfc-editor.org/rfc/rfc9000.html#name-connection-migration) at RFC 9000. For more information about supported TLSv1.3 ciphers, see [Supported protocols and ciphers between viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/secure-connections-supported-viewer-protocols-ciphers.html) .", - "title": "HttpVersion", - "type": "string" + "IncludeSupport": { + "markdownDescription": "Specifies whether a budget includes support subscription fees.\n\nThe default value is `true` .", + "title": "IncludeSupport", + "type": "boolean" }, - "IPV6Enabled": { - "markdownDescription": "If you want CloudFront to respond to IPv6 DNS requests with an IPv6 address for your distribution, specify `true` . If you specify `false` , CloudFront responds to IPv6 DNS requests with the DNS response code `NOERROR` and with no IP addresses. This allows viewers to submit a second request, for an IPv4 address for your distribution.\n\nIn general, you should enable IPv6 if you have users on IPv6 networks who want to access your content. However, if you're using signed URLs or signed cookies to restrict access to your content, and if you're using a custom policy that includes the `IpAddress` parameter to restrict the IP addresses that can access your content, don't enable IPv6. If you want to restrict access to some content by IP address and not restrict access to other content (or restrict access but not by IP address), you can create two distributions. For more information, see [Creating a Signed URL Using a Custom Policy](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-creating-signed-url-custom-policy.html) in the *Amazon CloudFront Developer Guide* .\n\nIf you're using an Amazon Route\u00a053 AWS Integration alias resource record set to route traffic to your CloudFront distribution, you need to create a second alias resource record set when both of the following are true:\n\n- You enable IPv6 for the distribution\n- You're using alternate domain names in the URLs for your objects\n\nFor more information, see [Routing Traffic to an Amazon CloudFront Web Distribution by Using Your Domain Name](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-to-cloudfront-distribution.html) in the *Amazon Route\u00a053 AWS Integration Developer Guide* .\n\nIf you created a CNAME resource record set, either with Amazon Route\u00a053 AWS Integration or with another DNS service, you don't need to make any changes. A CNAME record will route traffic to your distribution regardless of the IP address format of the viewer request.", - "title": "IPV6Enabled", + "IncludeTax": { + "markdownDescription": "Specifies whether a budget includes taxes.\n\nThe default value is `true` .", + "title": "IncludeTax", "type": "boolean" }, - "Logging": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.Logging", - "markdownDescription": "A complex type that controls whether access logs are written for the distribution.\n\nFor more information about logging, see [Access Logs](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/AccessLogs.html) in the *Amazon CloudFront Developer Guide* .", - "title": "Logging" + "IncludeUpfront": { + "markdownDescription": "Specifies whether a budget includes upfront RI costs.\n\nThe default value is `true` .", + "title": "IncludeUpfront", + "type": "boolean" }, - "OriginGroups": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginGroups", - "markdownDescription": "A complex type that contains information about origin groups for this distribution.\n\nSpecify a value for either the `Origins` or `OriginGroups` property.", - "title": "OriginGroups" + "UseAmortized": { + "markdownDescription": "Specifies whether a budget uses the amortized rate.\n\nThe default value is `false` .", + "title": "UseAmortized", + "type": "boolean" }, - "Origins": { + "UseBlended": { + "markdownDescription": "Specifies whether a budget uses a blended rate.\n\nThe default value is `false` .", + "title": "UseBlended", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::Budgets::Budget.Expression": { + "additionalProperties": false, + "properties": { + "And": { "items": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.Origin" + "$ref": "#/definitions/AWS::Budgets::Budget.Expression" }, - "markdownDescription": "A complex type that contains information about origins for this distribution.\n\nSpecify a value for either the `Origins` or `OriginGroups` property.", - "title": "Origins", + "markdownDescription": "Return results that match both Dimension objects.", + "title": "And", "type": "array" }, - "PriceClass": { - "markdownDescription": "The price class that corresponds with the maximum price that you want to pay for CloudFront service. If you specify `PriceClass_All` , CloudFront responds to requests for your objects from all CloudFront edge locations.\n\nIf you specify a price class other than `PriceClass_All` , CloudFront serves your objects from the CloudFront edge location that has the lowest latency among the edge locations in your price class. Viewers who are in or near regions that are excluded from your specified price class may encounter slower performance.\n\nFor more information about price classes, see [Choosing the Price Class for a CloudFront Distribution](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PriceClass.html) in the *Amazon CloudFront Developer Guide* . For information about CloudFront pricing, including how price classes (such as Price Class 100) map to CloudFront regions, see [Amazon CloudFront Pricing](https://docs.aws.amazon.com/cloudfront/pricing/) .", - "title": "PriceClass", - "type": "string" - }, - "Restrictions": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.Restrictions", - "markdownDescription": "A complex type that identifies ways in which you want to restrict distribution of your content.", - "title": "Restrictions" + "CostCategories": { + "$ref": "#/definitions/AWS::Budgets::Budget.CostCategoryValues", + "markdownDescription": "The filter that's based on CostCategoryValues.", + "title": "CostCategories" }, - "S3Origin": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.LegacyS3Origin", - "markdownDescription": "The origin as an Amazon S3 bucket.\n\n> This property is legacy. We recommend that you use [Origin](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-origin.html) instead.", - "title": "S3Origin" + "Dimensions": { + "$ref": "#/definitions/AWS::Budgets::Budget.ExpressionDimensionValues", + "markdownDescription": "The specific Dimension to use for Expression.", + "title": "Dimensions" }, - "Staging": { - "markdownDescription": "A Boolean that indicates whether this is a staging distribution. When this value is `true` , this is a staging distribution. When this value is `false` , this is not a staging distribution.", - "title": "Staging", - "type": "boolean" + "Not": { + "$ref": "#/definitions/AWS::Budgets::Budget.Expression", + "markdownDescription": "Return results that don't match a Dimension object.", + "title": "Not" }, - "ViewerCertificate": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.ViewerCertificate", - "markdownDescription": "A complex type that determines the distribution's SSL/TLS configuration for communicating with viewers.", - "title": "ViewerCertificate" + "Or": { + "items": { + "$ref": "#/definitions/AWS::Budgets::Budget.Expression" + }, + "markdownDescription": "Return results that match either Dimension object.", + "title": "Or", + "type": "array" }, - "WebACLId": { - "markdownDescription": "A unique identifier that specifies the AWS WAF web ACL, if any, to associate with this distribution. To specify a web ACL created using the latest version of AWS WAF , use the ACL ARN, for example `arn:aws:wafv2:us-east-1:123456789012:global/webacl/ExampleWebACL/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111` . To specify a web ACL created using AWS WAF Classic, use the ACL ID, for example `a1b2c3d4-5678-90ab-cdef-EXAMPLE11111` .\n\nAWS WAF is a web application firewall that lets you monitor the HTTP and HTTPS requests that are forwarded to CloudFront, and lets you control access to your content. Based on conditions that you specify, such as the IP addresses that requests originate from or the values of query strings, CloudFront responds to requests either with the requested content or with an HTTP 403 status code (Forbidden). You can also configure CloudFront to return a custom error page when a request is blocked. For more information about AWS WAF , see the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/what-is-aws-waf.html) .", - "title": "WebACLId", - "type": "string" + "Tags": { + "$ref": "#/definitions/AWS::Budgets::Budget.TagValues", + "markdownDescription": "The specific Tag to use for Expression.", + "title": "Tags" } }, - "required": [ - "DefaultCacheBehavior", - "Enabled" - ], "type": "object" }, - "AWS::CloudFront::Distribution.ForwardedValues": { + "AWS::Budgets::Budget.ExpressionDimensionValues": { "additionalProperties": false, "properties": { - "Cookies": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.Cookies", - "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include cookies in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send cookies to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nA complex type that specifies whether you want CloudFront to forward cookies to the origin and, if so, which ones. For more information about forwarding cookies to the origin, see [How CloudFront Forwards, Caches, and Logs Cookies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Cookies.html) in the *Amazon CloudFront Developer Guide* .", - "title": "Cookies" + "Key": { + "markdownDescription": "The name of the dimension that you want to filter on.", + "title": "Key", + "type": "string" }, - "Headers": { + "MatchOptions": { "items": { "type": "string" }, - "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include headers in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send headers to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nA complex type that specifies the `Headers` , if any, that you want CloudFront to forward to the origin for this cache behavior (whitelisted headers). For the headers that you specify, CloudFront also caches separate versions of a specified object that is based on the header values in viewer requests.\n\nFor more information, see [Caching Content Based on Request Headers](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/header-caching.html) in the *Amazon CloudFront Developer Guide* .", - "title": "Headers", + "markdownDescription": "The match options that you can use to filter your results. You can specify only one of these values in the array.", + "title": "MatchOptions", "type": "array" }, - "QueryString": { - "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include query strings in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send query strings to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nIndicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior and cache based on the query string parameters. CloudFront behavior depends on the value of `QueryString` and on the values that you specify for `QueryStringCacheKeys` , if any:\n\nIf you specify true for `QueryString` and you don't specify any values for `QueryStringCacheKeys` , CloudFront forwards all query string parameters to the origin and caches based on all query string parameters. Depending on how many query string parameters and values you have, this can adversely affect performance because CloudFront must forward more requests to the origin.\n\nIf you specify true for `QueryString` and you specify one or more values for `QueryStringCacheKeys` , CloudFront forwards all query string parameters to the origin, but it only caches based on the query string parameters that you specify.\n\nIf you specify false for `QueryString` , CloudFront doesn't forward any query string parameters to the origin, and doesn't cache based on query string parameters.\n\nFor more information, see [Configuring CloudFront to Cache Based on Query String Parameters](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/QueryStringParameters.html) in the *Amazon CloudFront Developer Guide* .", - "title": "QueryString", - "type": "boolean" - }, - "QueryStringCacheKeys": { + "Values": { "items": { "type": "string" }, - "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include query strings in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send query strings to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nA complex type that contains information about the query string parameters that you want CloudFront to use for caching for this cache behavior.", - "title": "QueryStringCacheKeys", + "markdownDescription": "The metadata values you can specify to filter upon, so that the results all match at least one of the specified values.", + "title": "Values", "type": "array" } }, - "required": [ - "QueryString" - ], "type": "object" }, - "AWS::CloudFront::Distribution.FunctionAssociation": { + "AWS::Budgets::Budget.HistoricalOptions": { "additionalProperties": false, "properties": { - "EventType": { - "markdownDescription": "The event type of the function, either `viewer-request` or `viewer-response` . You cannot use origin-facing event types ( `origin-request` and `origin-response` ) with a CloudFront function.", - "title": "EventType", - "type": "string" - }, - "FunctionARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the function.", - "title": "FunctionARN", - "type": "string" + "BudgetAdjustmentPeriod": { + "markdownDescription": "The number of budget periods included in the moving-average calculation that determines your auto-adjusted budget amount. The maximum value depends on the `TimeUnit` granularity of the budget:\n\n- For the `DAILY` granularity, the maximum value is `60` .\n- For the `MONTHLY` granularity, the maximum value is `12` .\n- For the `QUARTERLY` granularity, the maximum value is `4` .\n- For the `ANNUALLY` granularity, the maximum value is `1` .", + "title": "BudgetAdjustmentPeriod", + "type": "number" } }, + "required": [ + "BudgetAdjustmentPeriod" + ], "type": "object" }, - "AWS::CloudFront::Distribution.GeoRestriction": { + "AWS::Budgets::Budget.Notification": { "additionalProperties": false, "properties": { - "Locations": { - "items": { - "type": "string" - }, - "markdownDescription": "A complex type that contains a `Location` element for each country in which you want CloudFront either to distribute your content ( `whitelist` ) or not distribute your content ( `blacklist` ).\n\nThe `Location` element is a two-letter, uppercase country code for a country that you want to include in your `blacklist` or `whitelist` . Include one `Location` element for each country.\n\nCloudFront and `MaxMind` both use `ISO 3166` country codes. For the current list of countries and the corresponding codes, see `ISO 3166-1-alpha-2` code on the *International Organization for Standardization* website. You can also refer to the country list on the CloudFront console, which includes both country names and codes.", - "title": "Locations", - "type": "array" + "ComparisonOperator": { + "markdownDescription": "The comparison that's used for this notification.", + "title": "ComparisonOperator", + "type": "string" }, - "RestrictionType": { - "markdownDescription": "The method that you want to use to restrict distribution of your content by country:\n\n- `none` : No geo restriction is enabled, meaning access to content is not restricted by client geo location.\n- `blacklist` : The `Location` elements specify the countries in which you don't want CloudFront to distribute your content.\n- `whitelist` : The `Location` elements specify the countries in which you want CloudFront to distribute your content.", - "title": "RestrictionType", + "NotificationType": { + "markdownDescription": "Specifies whether the notification is for how much you have spent ( `ACTUAL` ) or for how much that you're forecasted to spend ( `FORECASTED` ).", + "title": "NotificationType", + "type": "string" + }, + "Threshold": { + "markdownDescription": "The threshold that's associated with a notification. Thresholds are always a percentage, and many customers find value being alerted between 50% - 200% of the budgeted amount. The maximum limit for your threshold is 1,000,000% above the budgeted amount.", + "title": "Threshold", + "type": "number" + }, + "ThresholdType": { + "markdownDescription": "The type of threshold for a notification. For `ABSOLUTE_VALUE` thresholds, AWS notifies you when you go over or are forecasted to go over your total cost threshold. For `PERCENTAGE` thresholds, AWS notifies you when you go over or are forecasted to go over a certain percentage of your forecasted spend. For example, if you have a budget for 200 dollars and you have a `PERCENTAGE` threshold of 80%, AWS notifies you when you go over 160 dollars.", + "title": "ThresholdType", "type": "string" } }, "required": [ - "RestrictionType" + "ComparisonOperator", + "NotificationType", + "Threshold" ], "type": "object" }, - "AWS::CloudFront::Distribution.LambdaFunctionAssociation": { + "AWS::Budgets::Budget.NotificationWithSubscribers": { "additionalProperties": false, "properties": { - "EventType": { - "markdownDescription": "Specifies the event type that triggers a Lambda@Edge function invocation. You can specify the following values:\n\n- `viewer-request` : The function executes when CloudFront receives a request from a viewer and before it checks to see whether the requested object is in the edge cache.\n- `origin-request` : The function executes only when CloudFront sends a request to your origin. When the requested object is in the edge cache, the function doesn't execute.\n- `origin-response` : The function executes after CloudFront receives a response from the origin and before it caches the object in the response. When the requested object is in the edge cache, the function doesn't execute.\n- `viewer-response` : The function executes before CloudFront returns the requested object to the viewer. The function executes regardless of whether the object was already in the edge cache.\n\nIf the origin returns an HTTP status code other than HTTP 200 (OK), the function doesn't execute.", - "title": "EventType", - "type": "string" - }, - "IncludeBody": { - "markdownDescription": "A flag that allows a Lambda@Edge function to have read access to the body content. For more information, see [Accessing the Request Body by Choosing the Include Body Option](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/lambda-include-body-access.html) in the Amazon CloudFront Developer Guide.", - "title": "IncludeBody", - "type": "boolean" + "Notification": { + "$ref": "#/definitions/AWS::Budgets::Budget.Notification", + "markdownDescription": "The notification that's associated with a budget.", + "title": "Notification" }, - "LambdaFunctionARN": { - "markdownDescription": "The ARN of the Lambda@Edge function. You must specify the ARN of a function version; you can't specify an alias or $LATEST.", - "title": "LambdaFunctionARN", - "type": "string" + "Subscribers": { + "items": { + "$ref": "#/definitions/AWS::Budgets::Budget.Subscriber" + }, + "markdownDescription": "A list of subscribers who are subscribed to this notification.", + "title": "Subscribers", + "type": "array" } }, + "required": [ + "Notification", + "Subscribers" + ], "type": "object" }, - "AWS::CloudFront::Distribution.LegacyCustomOrigin": { + "AWS::Budgets::Budget.ResourceTag": { "additionalProperties": false, "properties": { - "DNSName": { - "markdownDescription": "The domain name assigned to your CloudFront distribution.", - "title": "DNSName", + "Key": { + "markdownDescription": "The key that's associated with the tag.", + "title": "Key", "type": "string" }, - "HTTPPort": { - "markdownDescription": "The HTTP port that CloudFront uses to connect to the origin. Specify the HTTP port that the origin listens on.", - "title": "HTTPPort", - "type": "number" - }, - "HTTPSPort": { - "markdownDescription": "The HTTPS port that CloudFront uses to connect to the origin. Specify the HTTPS port that the origin listens on.", - "title": "HTTPSPort", - "type": "number" - }, - "OriginProtocolPolicy": { - "markdownDescription": "Specifies the protocol (HTTP or HTTPS) that CloudFront uses to connect to the origin.", - "title": "OriginProtocolPolicy", + "Value": { + "markdownDescription": "The value that's associated with the tag.", + "title": "Value", "type": "string" - }, - "OriginSSLProtocols": { - "items": { - "type": "string" - }, - "markdownDescription": "The minimum SSL/TLS protocol version that CloudFront uses when communicating with your origin server over HTTPs.\n\nFor more information, see [Minimum Origin SSL Protocol](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginSSLProtocols) in the *Amazon CloudFront Developer Guide* .", - "title": "OriginSSLProtocols", - "type": "array" } }, "required": [ - "DNSName", - "OriginProtocolPolicy", - "OriginSSLProtocols" + "Key" ], "type": "object" }, - "AWS::CloudFront::Distribution.LegacyS3Origin": { + "AWS::Budgets::Budget.Spend": { "additionalProperties": false, "properties": { - "DNSName": { - "markdownDescription": "The domain name assigned to your CloudFront distribution.", - "title": "DNSName", - "type": "string" + "Amount": { + "markdownDescription": "The cost or usage amount that's associated with a budget forecast, actual spend, or budget threshold.", + "title": "Amount", + "type": "number" }, - "OriginAccessIdentity": { - "markdownDescription": "The CloudFront origin access identity to associate with the distribution. Use an origin access identity to configure the distribution so that end users can only access objects in an Amazon S3 through CloudFront .\n\n> This property is legacy. We recommend that you use [OriginAccessControl](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-originaccesscontrol.html) instead.", - "title": "OriginAccessIdentity", + "Unit": { + "markdownDescription": "The unit of measurement that's used for the budget forecast, actual spend, or budget threshold.", + "title": "Unit", "type": "string" } }, "required": [ - "DNSName" + "Amount", + "Unit" ], "type": "object" }, - "AWS::CloudFront::Distribution.Logging": { + "AWS::Budgets::Budget.Subscriber": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The Amazon S3 bucket to store the access logs in, for example, `amzn-s3-demo-bucket.s3.amazonaws.com` .", - "title": "Bucket", + "Address": { + "markdownDescription": "The address that AWS sends budget notifications to, either an SNS topic or an email.\n\nWhen you create a subscriber, the value of `Address` can't contain line breaks.", + "title": "Address", "type": "string" }, - "IncludeCookies": { - "markdownDescription": "Specifies whether you want CloudFront to include cookies in access logs, specify `true` for `IncludeCookies` . If you choose to include cookies in logs, CloudFront logs all cookies regardless of how you configure the cache behaviors for this distribution. If you don't want to include cookies when you create a distribution or if you want to disable include cookies for an existing distribution, specify `false` for `IncludeCookies` .", - "title": "IncludeCookies", - "type": "boolean" - }, - "Prefix": { - "markdownDescription": "An optional string that you want CloudFront to prefix to the access log `filenames` for this distribution, for example, `myprefix/` . If you want to enable logging, but you don't want to specify a prefix, you still must include an empty `Prefix` element in the `Logging` element.", - "title": "Prefix", + "SubscriptionType": { + "markdownDescription": "The type of notification that AWS sends to a subscriber.", + "title": "SubscriptionType", "type": "string" } }, "required": [ - "Bucket" + "Address", + "SubscriptionType" ], "type": "object" }, - "AWS::CloudFront::Distribution.Origin": { + "AWS::Budgets::Budget.TagValues": { "additionalProperties": false, "properties": { - "ConnectionAttempts": { - "markdownDescription": "The number of times that CloudFront attempts to connect to the origin. The minimum number is 1, the maximum is 3, and the default (if you don't specify otherwise) is 3.\n\nFor a custom origin (including an Amazon S3 bucket that's configured with static website hosting), this value also specifies the number of times that CloudFront attempts to get a response from the origin, in the case of an [Origin Response Timeout](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginResponseTimeout) .\n\nFor more information, see [Origin Connection Attempts](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#origin-connection-attempts) in the *Amazon CloudFront Developer Guide* .", - "title": "ConnectionAttempts", - "type": "number" - }, - "ConnectionTimeout": { - "markdownDescription": "The number of seconds that CloudFront waits when trying to establish a connection to the origin. The minimum timeout is 1 second, the maximum is 10 seconds, and the default (if you don't specify otherwise) is 10 seconds.\n\nFor more information, see [Origin Connection Timeout](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#origin-connection-timeout) in the *Amazon CloudFront Developer Guide* .", - "title": "ConnectionTimeout", - "type": "number" - }, - "CustomOriginConfig": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.CustomOriginConfig", - "markdownDescription": "Use this type to specify an origin that is not an Amazon S3 bucket, with one exception. If the Amazon S3 bucket is configured with static website hosting, use this type. If the Amazon S3 bucket is not configured with static website hosting, use the `S3OriginConfig` type instead.", - "title": "CustomOriginConfig" - }, - "DomainName": { - "markdownDescription": "The domain name for the origin.\n\nFor more information, see [Origin Domain Name](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesDomainName) in the *Amazon CloudFront Developer Guide* .", - "title": "DomainName", - "type": "string" - }, - "Id": { - "markdownDescription": "A unique identifier for the origin. This value must be unique within the distribution.\n\nUse this value to specify the `TargetOriginId` in a `CacheBehavior` or `DefaultCacheBehavior` .", - "title": "Id", - "type": "string" - }, - "OriginAccessControlId": { - "markdownDescription": "The unique identifier of an origin access control for this origin.\n\nFor more information, see [Restricting access to an Amazon S3 origin](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html) in the *Amazon CloudFront Developer Guide* .", - "title": "OriginAccessControlId", + "Key": { + "markdownDescription": "The key for the tag.", + "title": "Key", "type": "string" }, - "OriginCustomHeaders": { + "MatchOptions": { "items": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginCustomHeader" + "type": "string" }, - "markdownDescription": "A list of HTTP header names and values that CloudFront adds to the requests that it sends to the origin.\n\nFor more information, see [Adding Custom Headers to Origin Requests](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/add-origin-custom-headers.html) in the *Amazon CloudFront Developer Guide* .", - "title": "OriginCustomHeaders", + "markdownDescription": "The match options that you can use to filter your results.", + "title": "MatchOptions", "type": "array" }, - "OriginPath": { - "markdownDescription": "An optional path that CloudFront appends to the origin domain name when CloudFront requests content from the origin.\n\nFor more information, see [Origin Path](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginPath) in the *Amazon CloudFront Developer Guide* .", - "title": "OriginPath", - "type": "string" - }, - "OriginShield": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginShield", - "markdownDescription": "CloudFront Origin Shield. Using Origin Shield can help reduce the load on your origin.\n\nFor more information, see [Using Origin Shield](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/origin-shield.html) in the *Amazon CloudFront Developer Guide* .", - "title": "OriginShield" - }, - "S3OriginConfig": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.S3OriginConfig", - "markdownDescription": "Use this type to specify an origin that is an Amazon S3 bucket that is not configured with static website hosting. To specify any other type of origin, including an Amazon S3 bucket that is configured with static website hosting, use the `CustomOriginConfig` type instead.", - "title": "S3OriginConfig" + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The specific value of the tag.", + "title": "Values", + "type": "array" } }, - "required": [ - "DomainName", - "Id" - ], "type": "object" }, - "AWS::CloudFront::Distribution.OriginCustomHeader": { + "AWS::Budgets::Budget.TimePeriod": { "additionalProperties": false, "properties": { - "HeaderName": { - "markdownDescription": "The name of a header that you want CloudFront to send to your origin. For more information, see [Adding Custom Headers to Origin Requests](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/forward-custom-headers.html) in the *Amazon CloudFront Developer Guide* .", - "title": "HeaderName", + "End": { + "markdownDescription": "The end date for a budget. If you didn't specify an end date, AWS set your end date to `06/15/87 00:00 UTC` . The defaults are the same for the Billing and Cost Management console and the API.\n\nAfter the end date, AWS deletes the budget and all the associated notifications and subscribers. You can change your end date with the `UpdateBudget` operation.", + "title": "End", "type": "string" }, - "HeaderValue": { - "markdownDescription": "The value for the header that you specified in the `HeaderName` field.", - "title": "HeaderValue", + "Start": { + "markdownDescription": "The start date for a budget. If you created your budget and didn't specify a start date, the start date defaults to the start of the chosen time period (MONTHLY, QUARTERLY, or ANNUALLY). For example, if you create your budget on January 24, 2019, choose `MONTHLY` , and don't set a start date, the start date defaults to `01/01/19 00:00 UTC` . The defaults are the same for the Billing and Cost Management console and the API.\n\nYou can change your start date with the `UpdateBudget` operation.\n\nValid values depend on the value of `BudgetType` :\n\n- If `BudgetType` is `COST` or `USAGE` : Valid values are `MONTHLY` , `QUARTERLY` , and `ANNUALLY` .\n- If `BudgetType` is `RI_UTILIZATION` or `RI_COVERAGE` : Valid values are `DAILY` , `MONTHLY` , `QUARTERLY` , and `ANNUALLY` .", + "title": "Start", "type": "string" } }, - "required": [ - "HeaderName", - "HeaderValue" - ], "type": "object" }, - "AWS::CloudFront::Distribution.OriginGroup": { + "AWS::Budgets::BudgetsAction": { "additionalProperties": false, "properties": { - "FailoverCriteria": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginGroupFailoverCriteria", - "markdownDescription": "A complex type that contains information about the failover criteria for an origin group.", - "title": "FailoverCriteria" + "Condition": { + "type": "string" }, - "Id": { - "markdownDescription": "The origin group's ID.", - "title": "Id", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Members": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginGroupMembers", - "markdownDescription": "A complex type that contains information about the origins in an origin group.", - "title": "Members" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ActionThreshold": { + "$ref": "#/definitions/AWS::Budgets::BudgetsAction.ActionThreshold", + "markdownDescription": "The trigger threshold of the action.", + "title": "ActionThreshold" + }, + "ActionType": { + "markdownDescription": "The type of action. This defines the type of tasks that can be carried out by this action. This field also determines the format for definition.", + "title": "ActionType", + "type": "string" + }, + "ApprovalModel": { + "markdownDescription": "This specifies if the action needs manual or automatic approval.", + "title": "ApprovalModel", + "type": "string" + }, + "BudgetName": { + "markdownDescription": "A string that represents the budget name. \":\" and \"\\\" characters aren't allowed.", + "title": "BudgetName", + "type": "string" + }, + "Definition": { + "$ref": "#/definitions/AWS::Budgets::BudgetsAction.Definition", + "markdownDescription": "Specifies all of the type-specific parameters.", + "title": "Definition" + }, + "ExecutionRoleArn": { + "markdownDescription": "The role passed for action execution and reversion. Roles and actions must be in the same account.", + "title": "ExecutionRoleArn", + "type": "string" + }, + "NotificationType": { + "markdownDescription": "The type of a notification.", + "title": "NotificationType", + "type": "string" + }, + "ResourceTags": { + "items": { + "$ref": "#/definitions/AWS::Budgets::BudgetsAction.ResourceTag" + }, + "markdownDescription": "An optional list of tags to associate with the specified budget action. Each tag consists of a key and a value, and each key must be unique for the resource.", + "title": "ResourceTags", + "type": "array" + }, + "Subscribers": { + "items": { + "$ref": "#/definitions/AWS::Budgets::BudgetsAction.Subscriber" + }, + "markdownDescription": "A list of subscribers.", + "title": "Subscribers", + "type": "array" + } + }, + "required": [ + "ActionThreshold", + "ActionType", + "BudgetName", + "Definition", + "ExecutionRoleArn", + "NotificationType", + "Subscribers" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Budgets::BudgetsAction" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "FailoverCriteria", - "Id", - "Members" + "Type", + "Properties" ], "type": "object" }, - "AWS::CloudFront::Distribution.OriginGroupFailoverCriteria": { + "AWS::Budgets::BudgetsAction.ActionThreshold": { "additionalProperties": false, "properties": { - "StatusCodes": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.StatusCodes", - "markdownDescription": "The status codes that, when returned from the primary origin, will trigger CloudFront to failover to the second origin.", - "title": "StatusCodes" + "Type": { + "markdownDescription": "The type of threshold for a notification.", + "title": "Type", + "type": "string" + }, + "Value": { + "markdownDescription": "The threshold of a notification.", + "title": "Value", + "type": "number" } }, "required": [ - "StatusCodes" + "Type", + "Value" ], "type": "object" }, - "AWS::CloudFront::Distribution.OriginGroupMember": { + "AWS::Budgets::BudgetsAction.Definition": { "additionalProperties": false, "properties": { - "OriginId": { - "markdownDescription": "The ID for an origin in an origin group.", - "title": "OriginId", - "type": "string" + "IamActionDefinition": { + "$ref": "#/definitions/AWS::Budgets::BudgetsAction.IamActionDefinition", + "markdownDescription": "The AWS Identity and Access Management ( IAM ) action definition details.", + "title": "IamActionDefinition" + }, + "ScpActionDefinition": { + "$ref": "#/definitions/AWS::Budgets::BudgetsAction.ScpActionDefinition", + "markdownDescription": "The service control policies (SCP) action definition details.", + "title": "ScpActionDefinition" + }, + "SsmActionDefinition": { + "$ref": "#/definitions/AWS::Budgets::BudgetsAction.SsmActionDefinition", + "markdownDescription": "The Amazon EC2 Systems Manager ( SSM ) action definition details.", + "title": "SsmActionDefinition" } }, - "required": [ - "OriginId" - ], "type": "object" }, - "AWS::CloudFront::Distribution.OriginGroupMembers": { + "AWS::Budgets::BudgetsAction.IamActionDefinition": { "additionalProperties": false, "properties": { - "Items": { + "Groups": { "items": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginGroupMember" + "type": "string" }, - "markdownDescription": "Items (origins) in an origin group.", - "title": "Items", + "markdownDescription": "A list of groups to be attached. There must be at least one group.", + "title": "Groups", "type": "array" }, - "Quantity": { - "markdownDescription": "The number of origins in an origin group.", - "title": "Quantity", - "type": "number" - } - }, - "required": [ - "Items", - "Quantity" - ], - "type": "object" - }, - "AWS::CloudFront::Distribution.OriginGroups": { - "additionalProperties": false, - "properties": { - "Items": { + "PolicyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the policy to be attached.", + "title": "PolicyArn", + "type": "string" + }, + "Roles": { "items": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginGroup" + "type": "string" }, - "markdownDescription": "The items (origin groups) in a distribution.", - "title": "Items", + "markdownDescription": "A list of roles to be attached. There must be at least one role.", + "title": "Roles", "type": "array" }, - "Quantity": { - "markdownDescription": "The number of origin groups.", - "title": "Quantity", - "type": "number" + "Users": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of users to be attached. There must be at least one user.", + "title": "Users", + "type": "array" } }, "required": [ - "Quantity" + "PolicyArn" ], "type": "object" }, - "AWS::CloudFront::Distribution.OriginShield": { + "AWS::Budgets::BudgetsAction.ResourceTag": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "A flag that specifies whether Origin Shield is enabled.\n\nWhen it's enabled, CloudFront routes all requests through Origin Shield, which can help protect your origin. When it's disabled, CloudFront might send requests directly to your origin from multiple edge locations or regional edge caches.", - "title": "Enabled", - "type": "boolean" + "Key": { + "markdownDescription": "The key that's associated with the tag.", + "title": "Key", + "type": "string" }, - "OriginShieldRegion": { - "markdownDescription": "The AWS Region for Origin Shield.\n\nSpecify the AWS Region that has the lowest latency to your origin. To specify a region, use the region code, not the region name. For example, specify the US East (Ohio) region as `us-east-2` .\n\nWhen you enable CloudFront Origin Shield, you must specify the AWS Region for Origin Shield. For the list of AWS Regions that you can specify, and for help choosing the best Region for your origin, see [Choosing the AWS Region for Origin Shield](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/origin-shield.html#choose-origin-shield-region) in the *Amazon CloudFront Developer Guide* .", - "title": "OriginShieldRegion", + "Value": { + "markdownDescription": "The value that's associated with the tag.", + "title": "Value", "type": "string" } }, - "type": "object" - }, - "AWS::CloudFront::Distribution.Restrictions": { - "additionalProperties": false, - "properties": { - "GeoRestriction": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.GeoRestriction", - "markdownDescription": "A complex type that controls the countries in which your content is distributed. CloudFront determines the location of your users using `MaxMind` GeoIP databases. To disable geo restriction, remove the [Restrictions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-distributionconfig.html#cfn-cloudfront-distribution-distributionconfig-restrictions) property from your stack template.", - "title": "GeoRestriction" - } - }, "required": [ - "GeoRestriction" + "Key", + "Value" ], "type": "object" }, - "AWS::CloudFront::Distribution.S3OriginConfig": { + "AWS::Budgets::BudgetsAction.ScpActionDefinition": { "additionalProperties": false, "properties": { - "OriginAccessIdentity": { - "markdownDescription": "> If you're using origin access control (OAC) instead of origin access identity, specify an empty `OriginAccessIdentity` element. For more information, see [Restricting access to an AWS](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-origin.html) in the *Amazon CloudFront Developer Guide* . \n\nThe CloudFront origin access identity to associate with the origin. Use an origin access identity to configure the origin so that viewers can *only* access objects in an Amazon S3 bucket through CloudFront. The format of the value is:\n\n`origin-access-identity/cloudfront/ID-of-origin-access-identity`\n\nThe `*ID-of-origin-access-identity*` is the value that CloudFront returned in the `ID` element when you created the origin access identity.\n\nIf you want viewers to be able to access objects using either the CloudFront URL or the Amazon S3 URL, specify an empty `OriginAccessIdentity` element.\n\nTo delete the origin access identity from an existing distribution, update the distribution configuration and include an empty `OriginAccessIdentity` element.\n\nTo replace the origin access identity, update the distribution configuration and specify the new origin access identity.\n\nFor more information about the origin access identity, see [Serving Private Content through CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", - "title": "OriginAccessIdentity", + "PolicyId": { + "markdownDescription": "The policy ID attached.", + "title": "PolicyId", "type": "string" + }, + "TargetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of target IDs.", + "title": "TargetIds", + "type": "array" } }, + "required": [ + "PolicyId", + "TargetIds" + ], "type": "object" }, - "AWS::CloudFront::Distribution.StatusCodes": { + "AWS::Budgets::BudgetsAction.SsmActionDefinition": { "additionalProperties": false, "properties": { - "Items": { + "InstanceIds": { "items": { - "type": "number" + "type": "string" }, - "markdownDescription": "The items (status codes) for an origin group.", - "title": "Items", + "markdownDescription": "The EC2 and RDS instance IDs.", + "title": "InstanceIds", "type": "array" }, - "Quantity": { - "markdownDescription": "The number of status codes.", - "title": "Quantity", - "type": "number" + "Region": { + "markdownDescription": "The Region to run the ( SSM ) document.", + "title": "Region", + "type": "string" + }, + "Subtype": { + "markdownDescription": "The action subType.", + "title": "Subtype", + "type": "string" } }, "required": [ - "Items", - "Quantity" + "InstanceIds", + "Region", + "Subtype" ], "type": "object" }, - "AWS::CloudFront::Distribution.ViewerCertificate": { + "AWS::Budgets::BudgetsAction.Subscriber": { "additionalProperties": false, "properties": { - "AcmCertificateArn": { - "markdownDescription": "> In CloudFormation, this field name is `AcmCertificateArn` . Note the different capitalization. \n\nIf the distribution uses `Aliases` (alternate domain names or CNAMEs) and the SSL/TLS certificate is stored in [AWS Certificate Manager (ACM)](https://docs.aws.amazon.com/acm/latest/userguide/acm-overview.html) , provide the Amazon Resource Name (ARN) of the ACM certificate. CloudFront only supports ACM certificates in the US East (N. Virginia) Region ( `us-east-1` ).\n\nIf you specify an ACM certificate ARN, you must also specify values for `MinimumProtocolVersion` and `SSLSupportMethod` . (In CloudFormation, the field name is `SslSupportMethod` . Note the different capitalization.)", - "title": "AcmCertificateArn", - "type": "string" - }, - "CloudFrontDefaultCertificate": { - "markdownDescription": "If the distribution uses the CloudFront domain name such as `d111111abcdef8.cloudfront.net` , set this field to `true` .\n\nIf the distribution uses `Aliases` (alternate domain names or CNAMEs), omit this field and specify values for the following fields:\n\n- `AcmCertificateArn` or `IamCertificateId` (specify a value for one, not both)\n- `MinimumProtocolVersion`\n- `SslSupportMethod`", - "title": "CloudFrontDefaultCertificate", - "type": "boolean" - }, - "IamCertificateId": { - "markdownDescription": "> In CloudFormation, this field name is `IamCertificateId` . Note the different capitalization. \n\nIf the distribution uses `Aliases` (alternate domain names or CNAMEs) and the SSL/TLS certificate is stored in [AWS Identity and Access Management (IAM)](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html) , provide the ID of the IAM certificate.\n\nIf you specify an IAM certificate ID, you must also specify values for `MinimumProtocolVersion` and `SSLSupportMethod` . (In CloudFormation, the field name is `SslSupportMethod` . Note the different capitalization.)", - "title": "IamCertificateId", - "type": "string" - }, - "MinimumProtocolVersion": { - "markdownDescription": "If the distribution uses `Aliases` (alternate domain names or CNAMEs), specify the security policy that you want CloudFront to use for HTTPS connections with viewers. The security policy determines two settings:\n\n- The minimum SSL/TLS protocol that CloudFront can use to communicate with viewers.\n- The ciphers that CloudFront can use to encrypt the content that it returns to viewers.\n\nFor more information, see [Security Policy](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValues-security-policy) and [Supported Protocols and Ciphers Between Viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/secure-connections-supported-viewer-protocols-ciphers.html#secure-connections-supported-ciphers) in the *Amazon CloudFront Developer Guide* .\n\n> On the CloudFront console, this setting is called *Security Policy* . \n\nWhen you're using SNI only (you set `SSLSupportMethod` to `sni-only` ), you must specify `TLSv1` or higher. (In CloudFormation, the field name is `SslSupportMethod` . Note the different capitalization.)\n\nIf the distribution uses the CloudFront domain name such as `d111111abcdef8.cloudfront.net` (you set `CloudFrontDefaultCertificate` to `true` ), CloudFront automatically sets the security policy to `TLSv1` regardless of the value that you set here.", - "title": "MinimumProtocolVersion", + "Address": { + "markdownDescription": "The address that AWS sends budget notifications to, either an SNS topic or an email.\n\nWhen you create a subscriber, the value of `Address` can't contain line breaks.", + "title": "Address", "type": "string" }, - "SslSupportMethod": { - "markdownDescription": "> In CloudFormation, this field name is `SslSupportMethod` . Note the different capitalization. \n\nIf the distribution uses `Aliases` (alternate domain names or CNAMEs), specify which viewers the distribution accepts HTTPS connections from.\n\n- `sni-only` \u2013 The distribution accepts HTTPS connections from only viewers that support [server name indication (SNI)](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Server_Name_Indication) . This is recommended. Most browsers and clients support SNI.\n- `vip` \u2013 The distribution accepts HTTPS connections from all viewers including those that don't support SNI. This is not recommended, and results in additional monthly charges from CloudFront.\n- `static-ip` - Do not specify this value unless your distribution has been enabled for this feature by the CloudFront team. If you have a use case that requires static IP addresses for a distribution, contact CloudFront through the [Support Center](https://docs.aws.amazon.com/support/home) .\n\nIf the distribution uses the CloudFront domain name such as `d111111abcdef8.cloudfront.net` , don't set a value for this field.", - "title": "SslSupportMethod", + "Type": { + "markdownDescription": "The type of notification that AWS sends to a subscriber.", + "title": "Type", "type": "string" } }, + "required": [ + "Address", + "Type" + ], "type": "object" }, - "AWS::CloudFront::Function": { + "AWS::CE::AnomalyMonitor": { "additionalProperties": false, "properties": { "Condition": { @@ -37338,42 +42376,44 @@ "Properties": { "additionalProperties": false, "properties": { - "AutoPublish": { - "markdownDescription": "A flag that determines whether to automatically publish the function to the `LIVE` stage when it\u2019s created. To automatically publish to the `LIVE` stage, set this property to `true` .", - "title": "AutoPublish", - "type": "boolean" - }, - "FunctionCode": { - "markdownDescription": "The function code. For more information about writing a CloudFront function, see [Writing function code for CloudFront Functions](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/writing-function-code.html) in the *Amazon CloudFront Developer Guide* .", - "title": "FunctionCode", + "MonitorDimension": { + "markdownDescription": "The dimensions to evaluate.", + "title": "MonitorDimension", "type": "string" }, - "FunctionConfig": { - "$ref": "#/definitions/AWS::CloudFront::Function.FunctionConfig", - "markdownDescription": "Contains configuration information about a CloudFront function.", - "title": "FunctionConfig" + "MonitorName": { + "markdownDescription": "The name of the monitor.", + "title": "MonitorName", + "type": "string" }, - "FunctionMetadata": { - "$ref": "#/definitions/AWS::CloudFront::Function.FunctionMetadata", - "markdownDescription": "Contains metadata about a CloudFront function.", - "title": "FunctionMetadata" + "MonitorSpecification": { + "markdownDescription": "The array of `MonitorSpecification` in JSON array format. For instance, you can use `MonitorSpecification` to specify a tag, Cost Category, or linked account for your custom anomaly monitor. For further information, see the [Examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ce-anomalymonitor.html#aws-resource-ce-anomalymonitor--examples) section of this page.", + "title": "MonitorSpecification", + "type": "string" }, - "Name": { - "markdownDescription": "A name to identify the function.", - "title": "Name", + "MonitorType": { + "markdownDescription": "The possible type values.", + "title": "MonitorType", "type": "string" + }, + "ResourceTags": { + "items": { + "$ref": "#/definitions/AWS::CE::AnomalyMonitor.ResourceTag" + }, + "markdownDescription": "", + "title": "ResourceTags", + "type": "array" } }, "required": [ - "FunctionCode", - "FunctionConfig", - "Name" + "MonitorName", + "MonitorType" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFront::Function" + "AWS::CE::AnomalyMonitor" ], "type": "string" }, @@ -37392,60 +42432,27 @@ ], "type": "object" }, - "AWS::CloudFront::Function.FunctionConfig": { + "AWS::CE::AnomalyMonitor.ResourceTag": { "additionalProperties": false, "properties": { - "Comment": { - "markdownDescription": "A comment to describe the function.", - "title": "Comment", + "Key": { + "markdownDescription": "The key that's associated with the tag.", + "title": "Key", "type": "string" }, - "KeyValueStoreAssociations": { - "items": { - "$ref": "#/definitions/AWS::CloudFront::Function.KeyValueStoreAssociation" - }, - "markdownDescription": "The configuration for the key value store associations.", - "title": "KeyValueStoreAssociations", - "type": "array" - }, - "Runtime": { - "markdownDescription": "The function's runtime environment version.", - "title": "Runtime", - "type": "string" - } - }, - "required": [ - "Comment", - "Runtime" - ], - "type": "object" - }, - "AWS::CloudFront::Function.FunctionMetadata": { - "additionalProperties": false, - "properties": { - "FunctionARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the function. The ARN uniquely identifies the function.", - "title": "FunctionARN", - "type": "string" - } - }, - "type": "object" - }, - "AWS::CloudFront::Function.KeyValueStoreAssociation": { - "additionalProperties": false, - "properties": { - "KeyValueStoreARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the key value store association.", - "title": "KeyValueStoreARN", + "Value": { + "markdownDescription": "The value that's associated with the tag.", + "title": "Value", "type": "string" } }, "required": [ - "KeyValueStoreARN" + "Key", + "Value" ], "type": "object" }, - "AWS::CloudFront::KeyGroup": { + "AWS::CE::AnomalySubscription": { "additionalProperties": false, "properties": { "Condition": { @@ -37480,20 +42487,62 @@ "Properties": { "additionalProperties": false, "properties": { - "KeyGroupConfig": { - "$ref": "#/definitions/AWS::CloudFront::KeyGroup.KeyGroupConfig", - "markdownDescription": "The key group configuration.", - "title": "KeyGroupConfig" + "Frequency": { + "markdownDescription": "The frequency that anomaly notifications are sent. Notifications are sent either over email (for DAILY and WEEKLY frequencies) or SNS (for IMMEDIATE frequency). For more information, see [Creating an Amazon SNS topic for anomaly notifications](https://docs.aws.amazon.com/cost-management/latest/userguide/ad-SNS.html) .", + "title": "Frequency", + "type": "string" + }, + "MonitorArnList": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of cost anomaly monitors.", + "title": "MonitorArnList", + "type": "array" + }, + "ResourceTags": { + "items": { + "$ref": "#/definitions/AWS::CE::AnomalySubscription.ResourceTag" + }, + "markdownDescription": "", + "title": "ResourceTags", + "type": "array" + }, + "Subscribers": { + "items": { + "$ref": "#/definitions/AWS::CE::AnomalySubscription.Subscriber" + }, + "markdownDescription": "A list of subscribers to notify.", + "title": "Subscribers", + "type": "array" + }, + "SubscriptionName": { + "markdownDescription": "The name for the subscription.", + "title": "SubscriptionName", + "type": "string" + }, + "Threshold": { + "markdownDescription": "(deprecated)\n\nAn absolute dollar value that must be exceeded by the anomaly's total impact (see [Impact](https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_Impact.html) for more details) for an anomaly notification to be generated.\n\nThis field has been deprecated. To specify a threshold, use ThresholdExpression. Continued use of Threshold will be treated as shorthand syntax for a ThresholdExpression.\n\nOne of Threshold or ThresholdExpression is required for `AWS::CE::AnomalySubscription` . You cannot specify both.", + "title": "Threshold", + "type": "number" + }, + "ThresholdExpression": { + "markdownDescription": "An [Expression](https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_Expression.html) object in JSON string format used to specify the anomalies that you want to generate alerts for. This supports dimensions and nested expressions. The supported dimensions are `ANOMALY_TOTAL_IMPACT_ABSOLUTE` and `ANOMALY_TOTAL_IMPACT_PERCENTAGE` , corresponding to an anomaly\u2019s TotalImpact and TotalImpactPercentage, respectively (see [Impact](https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_Impact.html) for more details). The supported nested expression types are `AND` and `OR` . The match option `GREATER_THAN_OR_EQUAL` is required. Values must be numbers between 0 and 10,000,000,000 in string format.\n\nOne of Threshold or ThresholdExpression is required for `AWS::CE::AnomalySubscription` . You cannot specify both.\n\nFor further information, see the [Examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ce-anomalysubscription.html#aws-resource-ce-anomalysubscription--examples) section of this page.", + "title": "ThresholdExpression", + "type": "string" } }, "required": [ - "KeyGroupConfig" + "Frequency", + "MonitorArnList", + "Subscribers", + "SubscriptionName" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFront::KeyGroup" + "AWS::CE::AnomalySubscription" ], "type": "string" }, @@ -37512,35 +42561,52 @@ ], "type": "object" }, - "AWS::CloudFront::KeyGroup.KeyGroupConfig": { + "AWS::CE::AnomalySubscription.ResourceTag": { "additionalProperties": false, "properties": { - "Comment": { - "markdownDescription": "A comment to describe the key group. The comment cannot be longer than 128 characters.", - "title": "Comment", + "Key": { + "markdownDescription": "The key that's associated with the tag.", + "title": "Key", "type": "string" }, - "Items": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the identifiers of the public keys in the key group.", - "title": "Items", - "type": "array" + "Value": { + "markdownDescription": "The value that's associated with the tag.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::CE::AnomalySubscription.Subscriber": { + "additionalProperties": false, + "properties": { + "Address": { + "markdownDescription": "The email address or SNS Topic Amazon Resource Name (ARN), depending on the `Type` .", + "title": "Address", + "type": "string" }, - "Name": { - "markdownDescription": "A name to identify the key group.", - "title": "Name", + "Status": { + "markdownDescription": "Indicates if the subscriber accepts the notifications.", + "title": "Status", + "type": "string" + }, + "Type": { + "markdownDescription": "The notification delivery channel.", + "title": "Type", "type": "string" } }, "required": [ - "Items", - "Name" + "Address", + "Type" ], "type": "object" }, - "AWS::CloudFront::KeyValueStore": { + "AWS::CE::CostCategory": { "additionalProperties": false, "properties": { "Condition": { @@ -37575,30 +42641,50 @@ "Properties": { "additionalProperties": false, "properties": { - "Comment": { - "markdownDescription": "A comment for the key value store.", - "title": "Comment", + "DefaultValue": { + "markdownDescription": "The default value for the cost category.", + "title": "DefaultValue", "type": "string" }, - "ImportSource": { - "$ref": "#/definitions/AWS::CloudFront::KeyValueStore.ImportSource", - "markdownDescription": "The import source for the key value store.", - "title": "ImportSource" - }, "Name": { - "markdownDescription": "The name of the key value store.", + "markdownDescription": "The unique name of the Cost Category.", "title": "Name", "type": "string" + }, + "RuleVersion": { + "markdownDescription": "The rule schema version in this particular Cost Category.", + "title": "RuleVersion", + "type": "string" + }, + "Rules": { + "markdownDescription": "The array of CostCategoryRule in JSON array format.\n\n> Rules are processed in order. If there are multiple rules that match the line item, then the first rule to match is used to determine that Cost Category value.", + "title": "Rules", + "type": "string" + }, + "SplitChargeRules": { + "markdownDescription": "The split charge rules that are used to allocate your charges between your Cost Category values.", + "title": "SplitChargeRules", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::CE::CostCategory.ResourceTag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" } }, "required": [ - "Name" + "Name", + "RuleVersion", + "Rules" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFront::KeyValueStore" + "AWS::CE::CostCategory" ], "type": "string" }, @@ -37617,27 +42703,27 @@ ], "type": "object" }, - "AWS::CloudFront::KeyValueStore.ImportSource": { + "AWS::CE::CostCategory.ResourceTag": { "additionalProperties": false, "properties": { - "SourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the import source for the key value store.", - "title": "SourceArn", + "Key": { + "markdownDescription": "The key that's associated with the tag.", + "title": "Key", "type": "string" }, - "SourceType": { - "markdownDescription": "The source type of the import source for the key value store.", - "title": "SourceType", + "Value": { + "markdownDescription": "The value that's associated with the tag.", + "title": "Value", "type": "string" } }, "required": [ - "SourceArn", - "SourceType" + "Key", + "Value" ], "type": "object" }, - "AWS::CloudFront::MonitoringSubscription": { + "AWS::CUR::ReportDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -37672,26 +42758,89 @@ "Properties": { "additionalProperties": false, "properties": { - "DistributionId": { - "markdownDescription": "The ID of the distribution that you are enabling metrics for.", - "title": "DistributionId", + "AdditionalArtifacts": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of manifests that you want AWS to create for this report.", + "title": "AdditionalArtifacts", + "type": "array" + }, + "AdditionalSchemaElements": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of strings that indicate additional content that AWS includes in the report, such as individual resource IDs.", + "title": "AdditionalSchemaElements", + "type": "array" + }, + "BillingViewArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the billing view. You can get this value by using the billing view service public APIs.", + "title": "BillingViewArn", "type": "string" }, - "MonitoringSubscription": { - "$ref": "#/definitions/AWS::CloudFront::MonitoringSubscription.MonitoringSubscription", - "markdownDescription": "A subscription configuration for additional CloudWatch metrics.", - "title": "MonitoringSubscription" + "Compression": { + "markdownDescription": "The compression format that Amazon Web Services uses for the report.", + "title": "Compression", + "type": "string" + }, + "Format": { + "markdownDescription": "The format that Amazon Web Services saves the report in.", + "title": "Format", + "type": "string" + }, + "RefreshClosedReports": { + "markdownDescription": "Whether you want AWS to update your reports after they have been finalized if AWS detects charges related to previous months. These charges can include refunds, credits, or support fees.", + "title": "RefreshClosedReports", + "type": "boolean" + }, + "ReportName": { + "markdownDescription": "The name of the report that you want to create. The name must be unique, is case sensitive, and can't include spaces.", + "title": "ReportName", + "type": "string" + }, + "ReportVersioning": { + "markdownDescription": "Whether you want AWS to overwrite the previous version of each report or to deliver the report in addition to the previous versions.", + "title": "ReportVersioning", + "type": "string" + }, + "S3Bucket": { + "markdownDescription": "The S3 bucket where Amazon Web Services delivers the report.", + "title": "S3Bucket", + "type": "string" + }, + "S3Prefix": { + "markdownDescription": "The prefix that Amazon Web Services adds to the report name when Amazon Web Services delivers the report. Your prefix can't include spaces.", + "title": "S3Prefix", + "type": "string" + }, + "S3Region": { + "markdownDescription": "The Region of the S3 bucket that Amazon Web Services delivers the report into.", + "title": "S3Region", + "type": "string" + }, + "TimeUnit": { + "markdownDescription": "The granularity of the line items in the report.", + "title": "TimeUnit", + "type": "string" } }, "required": [ - "DistributionId", - "MonitoringSubscription" + "Compression", + "Format", + "RefreshClosedReports", + "ReportName", + "ReportVersioning", + "S3Bucket", + "S3Prefix", + "S3Region", + "TimeUnit" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFront::MonitoringSubscription" + "AWS::CUR::ReportDefinition" ], "type": "string" }, @@ -37710,32 +42859,7 @@ ], "type": "object" }, - "AWS::CloudFront::MonitoringSubscription.MonitoringSubscription": { - "additionalProperties": false, - "properties": { - "RealtimeMetricsSubscriptionConfig": { - "$ref": "#/definitions/AWS::CloudFront::MonitoringSubscription.RealtimeMetricsSubscriptionConfig", - "markdownDescription": "A subscription configuration for additional CloudWatch metrics.", - "title": "RealtimeMetricsSubscriptionConfig" - } - }, - "type": "object" - }, - "AWS::CloudFront::MonitoringSubscription.RealtimeMetricsSubscriptionConfig": { - "additionalProperties": false, - "properties": { - "RealtimeMetricsSubscriptionStatus": { - "markdownDescription": "A flag that indicates whether additional CloudWatch metrics are enabled for a given CloudFront distribution.", - "title": "RealtimeMetricsSubscriptionStatus", - "type": "string" - } - }, - "required": [ - "RealtimeMetricsSubscriptionStatus" - ], - "type": "object" - }, - "AWS::CloudFront::OriginAccessControl": { + "AWS::Cassandra::Keyspace": { "additionalProperties": false, "properties": { "Condition": { @@ -37770,20 +42894,35 @@ "Properties": { "additionalProperties": false, "properties": { - "OriginAccessControlConfig": { - "$ref": "#/definitions/AWS::CloudFront::OriginAccessControl.OriginAccessControlConfig", - "markdownDescription": "The origin access control.", - "title": "OriginAccessControlConfig" + "ClientSideTimestampsEnabled": { + "markdownDescription": "Indicates whether client-side timestamps are enabled (true) or disabled (false) for all tables in the keyspace. To add a Region to a single-Region keyspace with at least one table, the value must be set to true. After you've enabled client-side timestamps for a table, you can\u2019t disable it again.", + "title": "ClientSideTimestampsEnabled", + "type": "boolean" + }, + "KeyspaceName": { + "markdownDescription": "The name of the keyspace to be created. The keyspace name is case sensitive. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the keyspace name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n*Length constraints:* Minimum length of 1. Maximum length of 48.", + "title": "KeyspaceName", + "type": "string" + }, + "ReplicationSpecification": { + "$ref": "#/definitions/AWS::Cassandra::Keyspace.ReplicationSpecification", + "markdownDescription": "Specifies the `ReplicationStrategy` of a keyspace. The options are:\n\n- `SINGLE_REGION` for a single Region keyspace (optional) or\n- `MULTI_REGION` for a multi-Region keyspace\n\nIf no `ReplicationStrategy` is provided, the default is `SINGLE_REGION` . If you choose `MULTI_REGION` , you must also provide a `RegionList` with the AWS Regions that the keyspace is replicated in.", + "title": "ReplicationSpecification" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, - "required": [ - "OriginAccessControlConfig" - ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFront::OriginAccessControl" + "AWS::Cassandra::Keyspace" ], "type": "string" }, @@ -37797,49 +42936,30 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::CloudFront::OriginAccessControl.OriginAccessControlConfig": { + "AWS::Cassandra::Keyspace.ReplicationSpecification": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the origin access control.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "A name to identify the origin access control. You can specify up to 64 characters.", - "title": "Name", - "type": "string" - }, - "OriginAccessControlOriginType": { - "markdownDescription": "The type of origin that this origin access control is for.", - "title": "OriginAccessControlOriginType", - "type": "string" - }, - "SigningBehavior": { - "markdownDescription": "Specifies which requests CloudFront signs (adds authentication information to). Specify `always` for the most common use case. For more information, see [origin access control advanced settings](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html#oac-advanced-settings) in the *Amazon CloudFront Developer Guide* .\n\nThis field can have one of the following values:\n\n- `always` \u2013 CloudFront signs all origin requests, overwriting the `Authorization` header from the viewer request if one exists.\n- `never` \u2013 CloudFront doesn't sign any origin requests. This value turns off origin access control for all origins in all distributions that use this origin access control.\n- `no-override` \u2013 If the viewer request doesn't contain the `Authorization` header, then CloudFront signs the origin request. If the viewer request contains the `Authorization` header, then CloudFront doesn't sign the origin request and instead passes along the `Authorization` header from the viewer request. *WARNING: To pass along the `Authorization` header from the viewer request, you *must* add the `Authorization` header to a [cache policy](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html) for all cache behaviors that use origins associated with this origin access control.*", - "title": "SigningBehavior", - "type": "string" + "RegionList": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the AWS Regions that the keyspace is replicated in. You must specify at least two Regions, including the Region that the keyspace is being created in.\n\nTo specify a Region [that's disabled by default](https://docs.aws.amazon.com/accounts/latest/reference/manage-acct-regions.html#rande-manage-enable) , you must first enable the Region. For more information, see [Multi-Region replication in AWS Regions disabled by default](https://docs.aws.amazon.com/keyspaces/latest/devguide/multiRegion-replication_how-it-works.html#howitworks_mrr_opt_in) in the *Amazon Keyspaces Developer Guide* .", + "title": "RegionList", + "type": "array" }, - "SigningProtocol": { - "markdownDescription": "The signing protocol of the origin access control, which determines how CloudFront signs (authenticates) requests. The only valid value is `sigv4` .", - "title": "SigningProtocol", + "ReplicationStrategy": { + "markdownDescription": "The options are:\n\n- `SINGLE_REGION` (optional)\n- `MULTI_REGION`\n\nIf no value is specified, the default is `SINGLE_REGION` . If `MULTI_REGION` is specified, `RegionList` is required.", + "title": "ReplicationStrategy", "type": "string" } }, - "required": [ - "Name", - "OriginAccessControlOriginType", - "SigningBehavior", - "SigningProtocol" - ], "type": "object" }, - "AWS::CloudFront::OriginRequestPolicy": { + "AWS::Cassandra::Table": { "additionalProperties": false, "properties": { "Condition": { @@ -37874,20 +42994,101 @@ "Properties": { "additionalProperties": false, "properties": { - "OriginRequestPolicyConfig": { - "$ref": "#/definitions/AWS::CloudFront::OriginRequestPolicy.OriginRequestPolicyConfig", - "markdownDescription": "The origin request policy configuration.", - "title": "OriginRequestPolicyConfig" + "AutoScalingSpecifications": { + "$ref": "#/definitions/AWS::Cassandra::Table.AutoScalingSpecification", + "markdownDescription": "The optional auto scaling capacity settings for a table in provisioned capacity mode.", + "title": "AutoScalingSpecifications" + }, + "BillingMode": { + "$ref": "#/definitions/AWS::Cassandra::Table.BillingMode", + "markdownDescription": "The billing mode for the table, which determines how you'll be charged for reads and writes:\n\n- *On-demand mode* (default) - You pay based on the actual reads and writes your application performs.\n- *Provisioned mode* - Lets you specify the number of reads and writes per second that you need for your application.\n\nIf you don't specify a value for this property, then the table will use on-demand mode.", + "title": "BillingMode" + }, + "CdcSpecification": { + "$ref": "#/definitions/AWS::Cassandra::Table.CdcSpecification", + "markdownDescription": "The settings for the CDC stream of a table. For more information about CDC streams, see [Working with change data capture (CDC) streams in Amazon Keyspaces](https://docs.aws.amazon.com/keyspaces/latest/devguide/cdc.html) in the *Amazon Keyspaces Developer Guide* .", + "title": "CdcSpecification" + }, + "ClientSideTimestampsEnabled": { + "markdownDescription": "Enables client-side timestamps for the table. By default, the setting is disabled. You can enable client-side timestamps with the following option:\n\n- `status: \"enabled\"`\n\nAfter client-side timestamps are enabled for a table, you can't disable this setting.", + "title": "ClientSideTimestampsEnabled", + "type": "boolean" + }, + "ClusteringKeyColumns": { + "items": { + "$ref": "#/definitions/AWS::Cassandra::Table.ClusteringKeyColumn" + }, + "markdownDescription": "One or more columns that determine how the table data is sorted.", + "title": "ClusteringKeyColumns", + "type": "array" + }, + "DefaultTimeToLive": { + "markdownDescription": "The default Time To Live (TTL) value for all rows in a table in seconds. The maximum configurable value is 630,720,000 seconds, which is the equivalent of 20 years. By default, the TTL value for a table is 0, which means data does not expire.\n\nFor more information, see [Setting the default TTL value for a table](https://docs.aws.amazon.com/keyspaces/latest/devguide/TTL-how-it-works.html#ttl-howitworks_default_ttl) in the *Amazon Keyspaces Developer Guide* .", + "title": "DefaultTimeToLive", + "type": "number" + }, + "EncryptionSpecification": { + "$ref": "#/definitions/AWS::Cassandra::Table.EncryptionSpecification", + "markdownDescription": "The encryption at rest options for the table.\n\n- *AWS owned key* (default) - The key is owned by Amazon Keyspaces .\n- *Customer managed key* - The key is stored in your account and is created, owned, and managed by you.\n\n> If you choose encryption with a customer managed key, you must specify a valid customer managed KMS key with permissions granted to Amazon Keyspaces.\n\nFor more information, see [Encryption at rest in Amazon Keyspaces](https://docs.aws.amazon.com/keyspaces/latest/devguide/EncryptionAtRest.html) in the *Amazon Keyspaces Developer Guide* .", + "title": "EncryptionSpecification" + }, + "KeyspaceName": { + "markdownDescription": "The name of the keyspace to create the table in. The keyspace must already exist.", + "title": "KeyspaceName", + "type": "string" + }, + "PartitionKeyColumns": { + "items": { + "$ref": "#/definitions/AWS::Cassandra::Table.Column" + }, + "markdownDescription": "One or more columns that uniquely identify every row in the table. Every table must have a partition key.", + "title": "PartitionKeyColumns", + "type": "array" + }, + "PointInTimeRecoveryEnabled": { + "markdownDescription": "Specifies if point-in-time recovery is enabled or disabled for the table. The options are `PointInTimeRecoveryEnabled=true` and `PointInTimeRecoveryEnabled=false` . If not specified, the default is `PointInTimeRecoveryEnabled=false` .", + "title": "PointInTimeRecoveryEnabled", + "type": "boolean" + }, + "RegularColumns": { + "items": { + "$ref": "#/definitions/AWS::Cassandra::Table.Column" + }, + "markdownDescription": "One or more columns that are not part of the primary key - that is, columns that are *not* defined as partition key columns or clustering key columns.\n\nYou can add regular columns to existing tables by adding them to the template.", + "title": "RegularColumns", + "type": "array" + }, + "ReplicaSpecifications": { + "items": { + "$ref": "#/definitions/AWS::Cassandra::Table.ReplicaSpecification" + }, + "markdownDescription": "The AWS Region specific settings of a multi-Region table.\n\nFor a multi-Region table, you can configure the table's read capacity differently per AWS Region. You can do this by configuring the following parameters.\n\n- `region` : The Region where these settings are applied. (Required)\n- `readCapacityUnits` : The provisioned read capacity units. (Optional)\n- `readCapacityAutoScaling` : The read capacity auto scaling settings for the table. (Optional)", + "title": "ReplicaSpecifications", + "type": "array" + }, + "TableName": { + "markdownDescription": "The name of the table to be created. The table name is case sensitive. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the table name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you can't perform updates that require replacing this resource. You can perform updates that require no interruption or some interruption. If you must replace the resource, specify a new name. \n\n*Length constraints:* Minimum length of 3. Maximum length of 255.\n\n*Pattern:* `^[a-zA-Z0-9][a-zA-Z0-9_]{1,47}$`", + "title": "TableName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, "required": [ - "OriginRequestPolicyConfig" + "KeyspaceName", + "PartitionKeyColumns" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFront::OriginRequestPolicy" + "AWS::Cassandra::Table" ], "type": "string" }, @@ -37906,208 +43107,237 @@ ], "type": "object" }, - "AWS::CloudFront::OriginRequestPolicy.CookiesConfig": { + "AWS::Cassandra::Table.AutoScalingSetting": { "additionalProperties": false, "properties": { - "CookieBehavior": { - "markdownDescription": "Determines whether cookies in viewer requests are included in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` \u2013 No cookies in viewer requests are included in requests that CloudFront sends to the origin. Even when this field is set to `none` , any cookies that are listed in a `CachePolicy` *are* included in origin requests.\n- `whitelist` \u2013 Only the cookies in viewer requests that are listed in the `CookieNames` type are included in requests that CloudFront sends to the origin.\n- `all` \u2013 All cookies in viewer requests are included in requests that CloudFront sends to the origin.\n- `allExcept` \u2013 All cookies in viewer requests are included in requests that CloudFront sends to the origin, **except** for those listed in the `CookieNames` type, which are not included.", - "title": "CookieBehavior", + "AutoScalingDisabled": { + "markdownDescription": "This optional parameter enables auto scaling for the table if set to `false` .", + "title": "AutoScalingDisabled", + "type": "boolean" + }, + "MaximumUnits": { + "markdownDescription": "Manage costs by specifying the maximum amount of throughput to provision. The value must be between 1 and the max throughput per second quota for your account (40,000 by default).", + "title": "MaximumUnits", + "type": "number" + }, + "MinimumUnits": { + "markdownDescription": "The minimum level of throughput the table should always be ready to support. The value must be between 1 and the max throughput per second quota for your account (40,000 by default).", + "title": "MinimumUnits", + "type": "number" + }, + "ScalingPolicy": { + "$ref": "#/definitions/AWS::Cassandra::Table.ScalingPolicy", + "markdownDescription": "Amazon Keyspaces supports the `target tracking` auto scaling policy. With this policy, Amazon Keyspaces auto scaling ensures that the table's ratio of consumed to provisioned capacity stays at or near the target value that you specify. You define the target value as a percentage between 20 and 90.", + "title": "ScalingPolicy" + } + }, + "type": "object" + }, + "AWS::Cassandra::Table.AutoScalingSpecification": { + "additionalProperties": false, + "properties": { + "ReadCapacityAutoScaling": { + "$ref": "#/definitions/AWS::Cassandra::Table.AutoScalingSetting", + "markdownDescription": "The auto scaling settings for the table's read capacity.", + "title": "ReadCapacityAutoScaling" + }, + "WriteCapacityAutoScaling": { + "$ref": "#/definitions/AWS::Cassandra::Table.AutoScalingSetting", + "markdownDescription": "The auto scaling settings for the table's write capacity.", + "title": "WriteCapacityAutoScaling" + } + }, + "type": "object" + }, + "AWS::Cassandra::Table.BillingMode": { + "additionalProperties": false, + "properties": { + "Mode": { + "markdownDescription": "The billing mode for the table:\n\n- On-demand mode - `ON_DEMAND`\n- Provisioned mode - `PROVISIONED`\n\n> If you choose `PROVISIONED` mode, then you also need to specify provisioned throughput (read and write capacity) for the table.\n\nValid values: `ON_DEMAND` | `PROVISIONED`", + "title": "Mode", "type": "string" }, - "Cookies": { - "items": { - "type": "string" - }, - "markdownDescription": "Contains a list of cookie names.", - "title": "Cookies", - "type": "array" + "ProvisionedThroughput": { + "$ref": "#/definitions/AWS::Cassandra::Table.ProvisionedThroughput", + "markdownDescription": "The provisioned read capacity and write capacity for the table. For more information, see [Provisioned throughput capacity mode](https://docs.aws.amazon.com/keyspaces/latest/devguide/ReadWriteCapacityMode.html#ReadWriteCapacityMode.Provisioned) in the *Amazon Keyspaces Developer Guide* .", + "title": "ProvisionedThroughput" } }, "required": [ - "CookieBehavior" + "Mode" ], "type": "object" }, - "AWS::CloudFront::OriginRequestPolicy.HeadersConfig": { + "AWS::Cassandra::Table.CdcSpecification": { "additionalProperties": false, "properties": { - "HeaderBehavior": { - "markdownDescription": "Determines whether any HTTP headers are included in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` \u2013 No HTTP headers in viewer requests are included in requests that CloudFront sends to the origin. Even when this field is set to `none` , any headers that are listed in a `CachePolicy` *are* included in origin requests.\n- `whitelist` \u2013 Only the HTTP headers that are listed in the `Headers` type are included in requests that CloudFront sends to the origin.\n- `allViewer` \u2013 All HTTP headers in viewer requests are included in requests that CloudFront sends to the origin.\n- `allViewerAndWhitelistCloudFront` \u2013 All HTTP headers in viewer requests and the additional CloudFront headers that are listed in the `Headers` type are included in requests that CloudFront sends to the origin. The additional headers are added by CloudFront.\n- `allExcept` \u2013 All HTTP headers in viewer requests are included in requests that CloudFront sends to the origin, **except** for those listed in the `Headers` type, which are not included.", - "title": "HeaderBehavior", + "Status": { + "markdownDescription": "The status of the CDC stream. You can enable or disable a stream for a table.", + "title": "Status", "type": "string" }, - "Headers": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "Contains a list of HTTP header names.", - "title": "Headers", + "markdownDescription": "The tags (key-value pairs) that you want to apply to the stream.", + "title": "Tags", "type": "array" + }, + "ViewType": { + "markdownDescription": "The view type specifies the changes Amazon Keyspaces records for each changed row in the stream. After you create the stream, you can't make changes to this selection.\n\nThe options are:\n\n- `NEW_AND_OLD_IMAGES` - both versions of the row, before and after the change. This is the default.\n- `NEW_IMAGE` - the version of the row after the change.\n- `OLD_IMAGE` - the version of the row before the change.\n- `KEYS_ONLY` - the partition and clustering keys of the row that was changed.", + "title": "ViewType", + "type": "string" } }, "required": [ - "HeaderBehavior" + "Status" ], "type": "object" }, - "AWS::CloudFront::OriginRequestPolicy.OriginRequestPolicyConfig": { + "AWS::Cassandra::Table.ClusteringKeyColumn": { "additionalProperties": false, "properties": { - "Comment": { - "markdownDescription": "A comment to describe the origin request policy. The comment cannot be longer than 128 characters.", - "title": "Comment", - "type": "string" - }, - "CookiesConfig": { - "$ref": "#/definitions/AWS::CloudFront::OriginRequestPolicy.CookiesConfig", - "markdownDescription": "The cookies from viewer requests to include in origin requests.", - "title": "CookiesConfig" - }, - "HeadersConfig": { - "$ref": "#/definitions/AWS::CloudFront::OriginRequestPolicy.HeadersConfig", - "markdownDescription": "The HTTP headers to include in origin requests. These can include headers from viewer requests and additional headers added by CloudFront.", - "title": "HeadersConfig" + "Column": { + "$ref": "#/definitions/AWS::Cassandra::Table.Column", + "markdownDescription": "The name and data type of this clustering key column.", + "title": "Column" }, - "Name": { - "markdownDescription": "A unique name to identify the origin request policy.", - "title": "Name", + "OrderBy": { + "markdownDescription": "The order in which this column's data is stored:\n\n- `ASC` (default) - The column's data is stored in ascending order.\n- `DESC` - The column's data is stored in descending order.", + "title": "OrderBy", "type": "string" - }, - "QueryStringsConfig": { - "$ref": "#/definitions/AWS::CloudFront::OriginRequestPolicy.QueryStringsConfig", - "markdownDescription": "The URL query strings from viewer requests to include in origin requests.", - "title": "QueryStringsConfig" } }, "required": [ - "CookiesConfig", - "HeadersConfig", - "Name", - "QueryStringsConfig" + "Column" ], "type": "object" }, - "AWS::CloudFront::OriginRequestPolicy.QueryStringsConfig": { + "AWS::Cassandra::Table.Column": { "additionalProperties": false, "properties": { - "QueryStringBehavior": { - "markdownDescription": "Determines whether any URL query strings in viewer requests are included in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` \u2013 No query strings in viewer requests are included in requests that CloudFront sends to the origin. Even when this field is set to `none` , any query strings that are listed in a `CachePolicy` *are* included in origin requests.\n- `whitelist` \u2013 Only the query strings in viewer requests that are listed in the `QueryStringNames` type are included in requests that CloudFront sends to the origin.\n- `all` \u2013 All query strings in viewer requests are included in requests that CloudFront sends to the origin.\n- `allExcept` \u2013 All query strings in viewer requests are included in requests that CloudFront sends to the origin, **except** for those listed in the `QueryStringNames` type, which are not included.", - "title": "QueryStringBehavior", + "ColumnName": { + "markdownDescription": "The name of the column. For more information, see [Identifiers](https://docs.aws.amazon.com/keyspaces/latest/devguide/cql.elements.html#cql.elements.identifier) in the *Amazon Keyspaces Developer Guide* .", + "title": "ColumnName", "type": "string" }, - "QueryStrings": { - "items": { - "type": "string" - }, - "markdownDescription": "Contains a list of query string names.", - "title": "QueryStrings", - "type": "array" + "ColumnType": { + "markdownDescription": "The data type of the column. For more information, see [Data types](https://docs.aws.amazon.com/keyspaces/latest/devguide/cql.elements.html#cql.data-types) in the *Amazon Keyspaces Developer Guide* .", + "title": "ColumnType", + "type": "string" } }, "required": [ - "QueryStringBehavior" + "ColumnName", + "ColumnType" ], "type": "object" }, - "AWS::CloudFront::PublicKey": { + "AWS::Cassandra::Table.EncryptionSpecification": { "additionalProperties": false, "properties": { - "Condition": { + "EncryptionType": { + "markdownDescription": "The encryption at rest options for the table.\n\n- *AWS owned key* (default) - `AWS_OWNED_KMS_KEY`\n- *Customer managed key* - `CUSTOMER_MANAGED_KMS_KEY`\n\n> If you choose `CUSTOMER_MANAGED_KMS_KEY` , a `kms_key_identifier` in the format of a key ARN is required.\n\nValid values: `CUSTOMER_MANAGED_KMS_KEY` | `AWS_OWNED_KMS_KEY` .", + "title": "EncryptionType", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "KmsKeyIdentifier": { + "markdownDescription": "Requires a `kms_key_identifier` in the format of a key ARN.", + "title": "KmsKeyIdentifier", "type": "string" + } + }, + "required": [ + "EncryptionType" + ], + "type": "object" + }, + "AWS::Cassandra::Table.ProvisionedThroughput": { + "additionalProperties": false, + "properties": { + "ReadCapacityUnits": { + "markdownDescription": "The amount of read capacity that's provisioned for the table. For more information, see [Read/write capacity mode](https://docs.aws.amazon.com/keyspaces/latest/devguide/ReadWriteCapacityMode.html) in the *Amazon Keyspaces Developer Guide* .", + "title": "ReadCapacityUnits", + "type": "number" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "PublicKeyConfig": { - "$ref": "#/definitions/AWS::CloudFront::PublicKey.PublicKeyConfig", - "markdownDescription": "Configuration information about a public key that you can use with [signed URLs and signed cookies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) , or with [field-level encryption](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/field-level-encryption.html) .", - "title": "PublicKeyConfig" - } - }, - "required": [ - "PublicKeyConfig" - ], - "type": "object" + "WriteCapacityUnits": { + "markdownDescription": "The amount of write capacity that's provisioned for the table. For more information, see [Read/write capacity mode](https://docs.aws.amazon.com/keyspaces/latest/devguide/ReadWriteCapacityMode.html) in the *Amazon Keyspaces Developer Guide* .", + "title": "WriteCapacityUnits", + "type": "number" + } + }, + "required": [ + "ReadCapacityUnits", + "WriteCapacityUnits" + ], + "type": "object" + }, + "AWS::Cassandra::Table.ReplicaSpecification": { + "additionalProperties": false, + "properties": { + "ReadCapacityAutoScaling": { + "$ref": "#/definitions/AWS::Cassandra::Table.AutoScalingSetting", + "markdownDescription": "The read capacity auto scaling settings for the multi-Region table in the specified AWS Region.", + "title": "ReadCapacityAutoScaling" }, - "Type": { - "enum": [ - "AWS::CloudFront::PublicKey" - ], - "type": "string" + "ReadCapacityUnits": { + "markdownDescription": "The provisioned read capacity units for the multi-Region table in the specified AWS Region.", + "title": "ReadCapacityUnits", + "type": "number" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Region": { + "markdownDescription": "The AWS Region.", + "title": "Region", "type": "string" } }, "required": [ - "Type", - "Properties" + "Region" ], "type": "object" }, - "AWS::CloudFront::PublicKey.PublicKeyConfig": { + "AWS::Cassandra::Table.ScalingPolicy": { "additionalProperties": false, "properties": { - "CallerReference": { - "markdownDescription": "A string included in the request to help make sure that the request can't be replayed.", - "title": "CallerReference", - "type": "string" + "TargetTrackingScalingPolicyConfiguration": { + "$ref": "#/definitions/AWS::Cassandra::Table.TargetTrackingScalingPolicyConfiguration", + "markdownDescription": "The auto scaling policy that scales a table based on the ratio of consumed to provisioned capacity.", + "title": "TargetTrackingScalingPolicyConfiguration" + } + }, + "type": "object" + }, + "AWS::Cassandra::Table.TargetTrackingScalingPolicyConfiguration": { + "additionalProperties": false, + "properties": { + "DisableScaleIn": { + "markdownDescription": "Specifies if `scale-in` is enabled.\n\nWhen auto scaling automatically decreases capacity for a table, the table *scales in* . When scaling policies are set, they can't scale in the table lower than its minimum capacity.", + "title": "DisableScaleIn", + "type": "boolean" }, - "Comment": { - "markdownDescription": "A comment to describe the public key. The comment cannot be longer than 128 characters.", - "title": "Comment", - "type": "string" + "ScaleInCooldown": { + "markdownDescription": "Specifies a `scale-in` cool down period.\n\nA cooldown period in seconds between scaling activities that lets the table stabilize before another scaling activity starts.", + "title": "ScaleInCooldown", + "type": "number" }, - "EncodedKey": { - "markdownDescription": "The public key that you can use with [signed URLs and signed cookies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) , or with [field-level encryption](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/field-level-encryption.html) .", - "title": "EncodedKey", - "type": "string" + "ScaleOutCooldown": { + "markdownDescription": "Specifies a scale out cool down period.\n\nA cooldown period in seconds between scaling activities that lets the table stabilize before another scaling activity starts.", + "title": "ScaleOutCooldown", + "type": "number" }, - "Name": { - "markdownDescription": "A name to help identify the public key.", - "title": "Name", - "type": "string" + "TargetValue": { + "markdownDescription": "Specifies the target value for the target tracking auto scaling policy.\n\nAmazon Keyspaces auto scaling scales up capacity automatically when traffic exceeds this target utilization rate, and then back down when it falls below the target. This ensures that the ratio of consumed capacity to provisioned capacity stays at or near this value. You define `targetValue` as a percentage. An `integer` between 20 and 90.", + "title": "TargetValue", + "type": "number" } }, "required": [ - "CallerReference", - "EncodedKey", - "Name" + "TargetValue" ], "type": "object" }, - "AWS::CloudFront::RealtimeLogConfig": { + "AWS::Cassandra::Type": { "additionalProperties": false, "properties": { "Condition": { @@ -38142,44 +43372,35 @@ "Properties": { "additionalProperties": false, "properties": { - "EndPoints": { - "items": { - "$ref": "#/definitions/AWS::CloudFront::RealtimeLogConfig.EndPoint" - }, - "markdownDescription": "Contains information about the Amazon Kinesis data stream where you are sending real-time log data for this real-time log configuration.", - "title": "EndPoints", - "type": "array" - }, "Fields": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Cassandra::Type.Field" }, - "markdownDescription": "A list of fields that are included in each real-time log record. In an API response, the fields are provided in the same order in which they are sent to the Amazon Kinesis data stream.\n\nFor more information about fields, see [Real-time log configuration fields](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html#understand-real-time-log-config-fields) in the *Amazon CloudFront Developer Guide* .", + "markdownDescription": "A list of fields that define this type.", "title": "Fields", "type": "array" }, - "Name": { - "markdownDescription": "The unique name of this real-time log configuration.", - "title": "Name", + "KeyspaceName": { + "markdownDescription": "The name of the keyspace to create the type in. The keyspace must already exist.", + "title": "KeyspaceName", "type": "string" }, - "SamplingRate": { - "markdownDescription": "The sampling rate for this real-time log configuration. The sampling rate determines the percentage of viewer requests that are represented in the real-time log data. The sampling rate is an integer between 1 and 100, inclusive.", - "title": "SamplingRate", - "type": "number" + "TypeName": { + "markdownDescription": "The name of the user-defined type. UDT names must contain 48 characters or less, must begin with an alphabetic character, and can only contain alpha-numeric characters and underscores. Amazon Keyspaces converts upper case characters automatically into lower case characters. For more information, see [Create a user-defined type (UDT) in Amazon Keyspaces](https://docs.aws.amazon.com/keyspaces/latest/devguide/keyspaces-create-udt.html) in the *Amazon Keyspaces Developer Guide* .", + "title": "TypeName", + "type": "string" } }, "required": [ - "EndPoints", "Fields", - "Name", - "SamplingRate" + "KeyspaceName", + "TypeName" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFront::RealtimeLogConfig" + "AWS::Cassandra::Type" ], "type": "string" }, @@ -38198,47 +43419,27 @@ ], "type": "object" }, - "AWS::CloudFront::RealtimeLogConfig.EndPoint": { - "additionalProperties": false, - "properties": { - "KinesisStreamConfig": { - "$ref": "#/definitions/AWS::CloudFront::RealtimeLogConfig.KinesisStreamConfig", - "markdownDescription": "Contains information about the Amazon Kinesis data stream where you are sending real-time log data in a real-time log configuration.", - "title": "KinesisStreamConfig" - }, - "StreamType": { - "markdownDescription": "The type of data stream where you are sending real-time log data. The only valid value is `Kinesis` .", - "title": "StreamType", - "type": "string" - } - }, - "required": [ - "KinesisStreamConfig", - "StreamType" - ], - "type": "object" - }, - "AWS::CloudFront::RealtimeLogConfig.KinesisStreamConfig": { + "AWS::Cassandra::Type.Field": { "additionalProperties": false, "properties": { - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Identity and Access Management (IAM) role that CloudFront can use to send real-time log data to your Kinesis data stream.\n\nFor more information the IAM role, see [Real-time log configuration IAM role](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html#understand-real-time-log-config-iam-role) in the *Amazon CloudFront Developer Guide* .", - "title": "RoleArn", + "FieldName": { + "markdownDescription": "The name of the field.", + "title": "FieldName", "type": "string" }, - "StreamArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Kinesis data stream where you are sending real-time log data.", - "title": "StreamArn", + "FieldType": { + "markdownDescription": "The data type of the field. This can be any Cassandra data type or another user-defined type.", + "title": "FieldType", "type": "string" } }, "required": [ - "RoleArn", - "StreamArn" + "FieldName", + "FieldType" ], "type": "object" }, - "AWS::CloudFront::ResponseHeadersPolicy": { + "AWS::CertificateManager::Account": { "additionalProperties": false, "properties": { "Condition": { @@ -38273,20 +43474,20 @@ "Properties": { "additionalProperties": false, "properties": { - "ResponseHeadersPolicyConfig": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.ResponseHeadersPolicyConfig", - "markdownDescription": "A response headers policy configuration.", - "title": "ResponseHeadersPolicyConfig" + "ExpiryEventsConfiguration": { + "$ref": "#/definitions/AWS::CertificateManager::Account.ExpiryEventsConfiguration", + "markdownDescription": "Object containing expiration events options associated with an AWS account . For more information, see [ExpiryEventsConfiguration](https://docs.aws.amazon.com/acm/latest/APIReference/API_ExpiryEventsConfiguration.html) in the API reference.", + "title": "ExpiryEventsConfiguration" } }, "required": [ - "ResponseHeadersPolicyConfig" + "ExpiryEventsConfiguration" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFront::ResponseHeadersPolicy" + "AWS::CertificateManager::Account" ], "type": "string" }, @@ -38305,430 +43506,158 @@ ], "type": "object" }, - "AWS::CloudFront::ResponseHeadersPolicy.AccessControlAllowHeaders": { - "additionalProperties": false, - "properties": { - "Items": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of HTTP header names. You can specify `*` to allow all headers.", - "title": "Items", - "type": "array" - } - }, - "required": [ - "Items" - ], - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.AccessControlAllowMethods": { - "additionalProperties": false, - "properties": { - "Items": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of HTTP methods. Valid values are:\n\n- `GET`\n- `DELETE`\n- `HEAD`\n- `OPTIONS`\n- `PATCH`\n- `POST`\n- `PUT`\n- `ALL`\n\n`ALL` is a special value that includes all of the listed HTTP methods.", - "title": "Items", - "type": "array" - } - }, - "required": [ - "Items" - ], - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.AccessControlAllowOrigins": { - "additionalProperties": false, - "properties": { - "Items": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of origins (domain names). You can specify `*` to allow all origins.", - "title": "Items", - "type": "array" - } - }, - "required": [ - "Items" - ], - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.AccessControlExposeHeaders": { + "AWS::CertificateManager::Account.ExpiryEventsConfiguration": { "additionalProperties": false, "properties": { - "Items": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of HTTP headers. You can specify `*` to expose all headers.", - "title": "Items", - "type": "array" + "DaysBeforeExpiry": { + "markdownDescription": "This option specifies the number of days prior to certificate expiration when ACM starts generating `EventBridge` events. ACM sends one event per day per certificate until the certificate expires. By default, accounts receive events starting 45 days before certificate expiration.", + "title": "DaysBeforeExpiry", + "type": "number" } }, - "required": [ - "Items" - ], "type": "object" }, - "AWS::CloudFront::ResponseHeadersPolicy.ContentSecurityPolicy": { + "AWS::CertificateManager::Certificate": { "additionalProperties": false, "properties": { - "ContentSecurityPolicy": { - "markdownDescription": "The policy directives and their values that CloudFront includes as values for the `Content-Security-Policy` HTTP response header.", - "title": "ContentSecurityPolicy", + "Condition": { "type": "string" }, - "Override": { - "markdownDescription": "A Boolean that determines whether CloudFront overrides the `Content-Security-Policy` HTTP response header received from the origin with the one specified in this response headers policy.", - "title": "Override", - "type": "boolean" - } - }, - "required": [ - "ContentSecurityPolicy", - "Override" - ], - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.ContentTypeOptions": { - "additionalProperties": false, - "properties": { - "Override": { - "markdownDescription": "A Boolean that determines whether CloudFront overrides the `X-Content-Type-Options` HTTP response header received from the origin with the one specified in this response headers policy.", - "title": "Override", - "type": "boolean" - } - }, - "required": [ - "Override" - ], - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.CorsConfig": { - "additionalProperties": false, - "properties": { - "AccessControlAllowCredentials": { - "markdownDescription": "A Boolean that CloudFront uses as the value for the `Access-Control-Allow-Credentials` HTTP response header.\n\nFor more information about the `Access-Control-Allow-Credentials` HTTP response header, see [Access-Control-Allow-Credentials](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials) in the MDN Web Docs.", - "title": "AccessControlAllowCredentials", - "type": "boolean" - }, - "AccessControlAllowHeaders": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.AccessControlAllowHeaders", - "markdownDescription": "A list of HTTP header names that CloudFront includes as values for the `Access-Control-Allow-Headers` HTTP response header.\n\nFor more information about the `Access-Control-Allow-Headers` HTTP response header, see [Access-Control-Allow-Headers](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Headers) in the MDN Web Docs.", - "title": "AccessControlAllowHeaders" - }, - "AccessControlAllowMethods": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.AccessControlAllowMethods", - "markdownDescription": "A list of HTTP methods that CloudFront includes as values for the `Access-Control-Allow-Methods` HTTP response header.\n\nFor more information about the `Access-Control-Allow-Methods` HTTP response header, see [Access-Control-Allow-Methods](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Methods) in the MDN Web Docs.", - "title": "AccessControlAllowMethods" - }, - "AccessControlAllowOrigins": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.AccessControlAllowOrigins", - "markdownDescription": "A list of origins (domain names) that CloudFront can use as the value for the `Access-Control-Allow-Origin` HTTP response header.\n\nFor more information about the `Access-Control-Allow-Origin` HTTP response header, see [Access-Control-Allow-Origin](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin) in the MDN Web Docs.", - "title": "AccessControlAllowOrigins" - }, - "AccessControlExposeHeaders": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.AccessControlExposeHeaders", - "markdownDescription": "A list of HTTP headers that CloudFront includes as values for the `Access-Control-Expose-Headers` HTTP response header.\n\nFor more information about the `Access-Control-Expose-Headers` HTTP response header, see [Access-Control-Expose-Headers](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Expose-Headers) in the MDN Web Docs.", - "title": "AccessControlExposeHeaders" - }, - "AccessControlMaxAgeSec": { - "markdownDescription": "A number that CloudFront uses as the value for the `Access-Control-Max-Age` HTTP response header.\n\nFor more information about the `Access-Control-Max-Age` HTTP response header, see [Access-Control-Max-Age](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Max-Age) in the MDN Web Docs.", - "title": "AccessControlMaxAgeSec", - "type": "number" - }, - "OriginOverride": { - "markdownDescription": "A Boolean that determines whether CloudFront overrides HTTP response headers received from the origin with the ones specified in this response headers policy.", - "title": "OriginOverride", - "type": "boolean" - } - }, - "required": [ - "AccessControlAllowCredentials", - "AccessControlAllowHeaders", - "AccessControlAllowMethods", - "AccessControlAllowOrigins", - "OriginOverride" - ], - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.CustomHeader": { - "additionalProperties": false, - "properties": { - "Header": { - "markdownDescription": "The HTTP response header name.", - "title": "Header", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Override": { - "markdownDescription": "A Boolean that determines whether CloudFront overrides a response header with the same name received from the origin with the header specified here.", - "title": "Override", - "type": "boolean" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Value": { - "markdownDescription": "The value for the HTTP response header.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Header", - "Override", - "Value" - ], - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.CustomHeadersConfig": { - "additionalProperties": false, - "properties": { - "Items": { - "items": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.CustomHeader" - }, - "markdownDescription": "The list of HTTP response headers and their values.", - "title": "Items", - "type": "array" - } - }, - "required": [ - "Items" - ], - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.FrameOptions": { - "additionalProperties": false, - "properties": { - "FrameOption": { - "markdownDescription": "The value of the `X-Frame-Options` HTTP response header. Valid values are `DENY` and `SAMEORIGIN` .\n\nFor more information about these values, see [X-Frame-Options](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options) in the MDN Web Docs.", - "title": "FrameOption", - "type": "string" + "Metadata": { + "type": "object" }, - "Override": { - "markdownDescription": "A Boolean that determines whether CloudFront overrides the `X-Frame-Options` HTTP response header received from the origin with the one specified in this response headers policy.", - "title": "Override", - "type": "boolean" - } - }, - "required": [ - "FrameOption", - "Override" - ], - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.ReferrerPolicy": { - "additionalProperties": false, - "properties": { - "Override": { - "markdownDescription": "A Boolean that determines whether CloudFront overrides the `Referrer-Policy` HTTP response header received from the origin with the one specified in this response headers policy.", - "title": "Override", - "type": "boolean" + "Properties": { + "additionalProperties": false, + "properties": { + "CertificateAuthorityArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the private certificate authority (CA) that will be used to issue the certificate. If you do not provide an ARN and you are trying to request a private certificate, ACM will attempt to issue a public certificate. For more information about private CAs, see the [AWS Private Certificate Authority](https://docs.aws.amazon.com/privateca/latest/userguide/PcaWelcome.html) user guide. The ARN must have the following form:\n\n`arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012`", + "title": "CertificateAuthorityArn", + "type": "string" + }, + "CertificateExport": { + "markdownDescription": "You can opt out of allowing export of your certificate by specifying the `DISABLED` option. Allow export of your certificate by specifying the `ENABLED` option.\n\nIf you do not specify an export preference in a new CloudFormation template, it is the same as explicitly denying export of your certificate.", + "title": "CertificateExport", + "type": "string" + }, + "CertificateTransparencyLoggingPreference": { + "markdownDescription": "You can opt out of certificate transparency logging by specifying the `DISABLED` option. Opt in by specifying `ENABLED` .\n\nIf you do not specify a certificate transparency logging preference on a new CloudFormation template, or if you remove the logging preference from an existing template, this is the same as explicitly enabling the preference.\n\nChanging the certificate transparency logging preference will update the existing resource by calling `UpdateCertificateOptions` on the certificate. This action will not create a new resource.", + "title": "CertificateTransparencyLoggingPreference", + "type": "string" + }, + "DomainName": { + "markdownDescription": "The fully qualified domain name (FQDN), such as www.example.com, with which you want to secure an ACM certificate. Use an asterisk (*) to create a wildcard certificate that protects several sites in the same domain. For example, `*.example.com` protects `www.example.com` , `site.example.com` , and `images.example.com.`", + "title": "DomainName", + "type": "string" + }, + "DomainValidationOptions": { + "items": { + "$ref": "#/definitions/AWS::CertificateManager::Certificate.DomainValidationOption" + }, + "markdownDescription": "Domain information that domain name registrars use to verify your identity.\n\n> In order for a AWS::CertificateManager::Certificate to be provisioned and validated in CloudFormation automatically, the `DomainName` property needs to be identical to one of the `DomainName` property supplied in DomainValidationOptions, if the ValidationMethod is **DNS**. Failing to keep them like-for-like will result in failure to create the domain validation records in Route53.", + "title": "DomainValidationOptions", + "type": "array" + }, + "KeyAlgorithm": { + "markdownDescription": "Specifies the algorithm of the public and private key pair that your certificate uses to encrypt data. RSA is the default key algorithm for ACM certificates. Elliptic Curve Digital Signature Algorithm (ECDSA) keys are smaller, offering security comparable to RSA keys but with greater computing efficiency. However, ECDSA is not supported by all network clients. Some AWS services may require RSA keys, or only support ECDSA keys of a particular size, while others allow the use of either RSA and ECDSA keys to ensure that compatibility is not broken. Check the requirements for the AWS service where you plan to deploy your certificate. For more information about selecting an algorithm, see [Key algorithms](https://docs.aws.amazon.com/acm/latest/userguide/acm-certificate-characteristics.html#algorithms-term) .\n\n> Algorithms supported for an ACM certificate request include:\n> \n> - `RSA_2048`\n> - `EC_prime256v1`\n> - `EC_secp384r1`\n> \n> Other listed algorithms are for imported certificates only. > When you request a private PKI certificate signed by a CA from AWS Private CA, the specified signing algorithm family (RSA or ECDSA) must match the algorithm family of the CA's secret key. \n\nDefault: RSA_2048", + "title": "KeyAlgorithm", + "type": "string" + }, + "SubjectAlternativeNames": { + "items": { + "type": "string" + }, + "markdownDescription": "Additional FQDNs to be included in the Subject Alternative Name extension of the ACM certificate. For example, you can add www.example.net to a certificate for which the `DomainName` field is www.example.com if users can reach your site by using either name.", + "title": "SubjectAlternativeNames", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Key-value pairs that can identify the certificate.", + "title": "Tags", + "type": "array" + }, + "ValidationMethod": { + "markdownDescription": "The method you want to use to validate that you own or control the domain associated with a public certificate. You can [validate with DNS](https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-dns.html) or [validate with email](https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-email.html) . We recommend that you use DNS validation.\n\nIf not specified, this property defaults to email validation.", + "title": "ValidationMethod", + "type": "string" + } + }, + "required": [ + "DomainName" + ], + "type": "object" }, - "ReferrerPolicy": { - "markdownDescription": "The value of the `Referrer-Policy` HTTP response header. Valid values are:\n\n- `no-referrer`\n- `no-referrer-when-downgrade`\n- `origin`\n- `origin-when-cross-origin`\n- `same-origin`\n- `strict-origin`\n- `strict-origin-when-cross-origin`\n- `unsafe-url`\n\nFor more information about these values, see [Referrer-Policy](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy) in the MDN Web Docs.", - "title": "ReferrerPolicy", + "Type": { + "enum": [ + "AWS::CertificateManager::Certificate" + ], "type": "string" - } - }, - "required": [ - "Override", - "ReferrerPolicy" - ], - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.RemoveHeader": { - "additionalProperties": false, - "properties": { - "Header": { - "markdownDescription": "The HTTP header name.", - "title": "Header", + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Header" - ], - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.RemoveHeadersConfig": { - "additionalProperties": false, - "properties": { - "Items": { - "items": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.RemoveHeader" - }, - "markdownDescription": "The list of HTTP header names.", - "title": "Items", - "type": "array" - } - }, - "required": [ - "Items" + "Type", + "Properties" ], "type": "object" }, - "AWS::CloudFront::ResponseHeadersPolicy.ResponseHeadersPolicyConfig": { + "AWS::CertificateManager::Certificate.DomainValidationOption": { "additionalProperties": false, "properties": { - "Comment": { - "markdownDescription": "A comment to describe the response headers policy.\n\nThe comment cannot be longer than 128 characters.", - "title": "Comment", + "DomainName": { + "markdownDescription": "A fully qualified domain name (FQDN) in the certificate request.", + "title": "DomainName", "type": "string" }, - "CorsConfig": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.CorsConfig", - "markdownDescription": "A configuration for a set of HTTP response headers that are used for cross-origin resource sharing (CORS).", - "title": "CorsConfig" - }, - "CustomHeadersConfig": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.CustomHeadersConfig", - "markdownDescription": "A configuration for a set of custom HTTP response headers.", - "title": "CustomHeadersConfig" - }, - "Name": { - "markdownDescription": "A name to identify the response headers policy.\n\nThe name must be unique for response headers policies in this AWS account .", - "title": "Name", + "HostedZoneId": { + "markdownDescription": "The `HostedZoneId` option, which is available if you are using Route 53 as your domain registrar, causes ACM to add your CNAME to the domain record. Your list of `DomainValidationOptions` must contain one and only one of the domain-validation options, and the `HostedZoneId` can be used only when `DNS` is specified as your validation method.\n\nUse the Route 53 `ListHostedZones` API to discover IDs for available hosted zones.\n\nThis option is required for publicly trusted certificates.\n\n> The `ListHostedZones` API returns IDs in the format \"/hostedzone/Z111111QQQQQQQ\", but CloudFormation requires the IDs to be in the format \"Z111111QQQQQQQ\". \n\nWhen you change your `DomainValidationOptions` , a new resource is created.", + "title": "HostedZoneId", "type": "string" }, - "RemoveHeadersConfig": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.RemoveHeadersConfig", - "markdownDescription": "A configuration for a set of HTTP headers to remove from the HTTP response.", - "title": "RemoveHeadersConfig" - }, - "SecurityHeadersConfig": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.SecurityHeadersConfig", - "markdownDescription": "A configuration for a set of security-related HTTP response headers.", - "title": "SecurityHeadersConfig" - }, - "ServerTimingHeadersConfig": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.ServerTimingHeadersConfig", - "markdownDescription": "A configuration for enabling the `Server-Timing` header in HTTP responses sent from CloudFront.", - "title": "ServerTimingHeadersConfig" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.SecurityHeadersConfig": { - "additionalProperties": false, - "properties": { - "ContentSecurityPolicy": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.ContentSecurityPolicy", - "markdownDescription": "The policy directives and their values that CloudFront includes as values for the `Content-Security-Policy` HTTP response header.\n\nFor more information about the `Content-Security-Policy` HTTP response header, see [Content-Security-Policy](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy) in the MDN Web Docs.", - "title": "ContentSecurityPolicy" - }, - "ContentTypeOptions": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.ContentTypeOptions", - "markdownDescription": "Determines whether CloudFront includes the `X-Content-Type-Options` HTTP response header with its value set to `nosniff` .\n\nFor more information about the `X-Content-Type-Options` HTTP response header, see [X-Content-Type-Options](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options) in the MDN Web Docs.", - "title": "ContentTypeOptions" - }, - "FrameOptions": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.FrameOptions", - "markdownDescription": "Determines whether CloudFront includes the `X-Frame-Options` HTTP response header and the header's value.\n\nFor more information about the `X-Frame-Options` HTTP response header, see [X-Frame-Options](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options) in the MDN Web Docs.", - "title": "FrameOptions" - }, - "ReferrerPolicy": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.ReferrerPolicy", - "markdownDescription": "Determines whether CloudFront includes the `Referrer-Policy` HTTP response header and the header's value.\n\nFor more information about the `Referrer-Policy` HTTP response header, see [Referrer-Policy](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy) in the MDN Web Docs.", - "title": "ReferrerPolicy" - }, - "StrictTransportSecurity": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.StrictTransportSecurity", - "markdownDescription": "Determines whether CloudFront includes the `Strict-Transport-Security` HTTP response header and the header's value.\n\nFor more information about the `Strict-Transport-Security` HTTP response header, see [Security headers](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/understanding-response-headers-policies.html#understanding-response-headers-policies-security) in the *Amazon CloudFront Developer Guide* and [Strict-Transport-Security](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security) in the MDN Web Docs.", - "title": "StrictTransportSecurity" - }, - "XSSProtection": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.XSSProtection", - "markdownDescription": "Determines whether CloudFront includes the `X-XSS-Protection` HTTP response header and the header's value.\n\nFor more information about the `X-XSS-Protection` HTTP response header, see [X-XSS-Protection](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection) in the MDN Web Docs.", - "title": "XSSProtection" - } - }, - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.ServerTimingHeadersConfig": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "A Boolean that determines whether CloudFront adds the `Server-Timing` header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.", - "title": "Enabled", - "type": "boolean" - }, - "SamplingRate": { - "markdownDescription": "A number 0\u2013100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the `Server-Timing` header to. When you set the sampling rate to 100, CloudFront adds the `Server-Timing` header to the HTTP response for every request that matches the cache behavior that this response headers policy is attached to. When you set it to 50, CloudFront adds the header to 50% of the responses for requests that match the cache behavior. You can set the sampling rate to any number 0\u2013100 with up to four decimal places.", - "title": "SamplingRate", - "type": "number" - } - }, - "required": [ - "Enabled" - ], - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.StrictTransportSecurity": { - "additionalProperties": false, - "properties": { - "AccessControlMaxAgeSec": { - "markdownDescription": "A number that CloudFront uses as the value for the `max-age` directive in the `Strict-Transport-Security` HTTP response header.", - "title": "AccessControlMaxAgeSec", - "type": "number" - }, - "IncludeSubdomains": { - "markdownDescription": "A Boolean that determines whether CloudFront includes the `includeSubDomains` directive in the `Strict-Transport-Security` HTTP response header.", - "title": "IncludeSubdomains", - "type": "boolean" - }, - "Override": { - "markdownDescription": "A Boolean that determines whether CloudFront overrides the `Strict-Transport-Security` HTTP response header received from the origin with the one specified in this response headers policy.", - "title": "Override", - "type": "boolean" - }, - "Preload": { - "markdownDescription": "A Boolean that determines whether CloudFront includes the `preload` directive in the `Strict-Transport-Security` HTTP response header.", - "title": "Preload", - "type": "boolean" - } - }, - "required": [ - "AccessControlMaxAgeSec", - "Override" - ], - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.XSSProtection": { - "additionalProperties": false, - "properties": { - "ModeBlock": { - "markdownDescription": "A Boolean that determines whether CloudFront includes the `mode=block` directive in the `X-XSS-Protection` header.\n\nFor more information about this directive, see [X-XSS-Protection](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection) in the MDN Web Docs.", - "title": "ModeBlock", - "type": "boolean" - }, - "Override": { - "markdownDescription": "A Boolean that determines whether CloudFront overrides the `X-XSS-Protection` HTTP response header received from the origin with the one specified in this response headers policy.", - "title": "Override", - "type": "boolean" - }, - "Protection": { - "markdownDescription": "A Boolean that determines the value of the `X-XSS-Protection` HTTP response header. When this setting is `true` , the value of the `X-XSS-Protection` header is `1` . When this setting is `false` , the value of the `X-XSS-Protection` header is `0` .\n\nFor more information about these settings, see [X-XSS-Protection](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection) in the MDN Web Docs.", - "title": "Protection", - "type": "boolean" - }, - "ReportUri": { - "markdownDescription": "A reporting URI, which CloudFront uses as the value of the `report` directive in the `X-XSS-Protection` header.\n\nYou cannot specify a `ReportUri` when `ModeBlock` is `true` .\n\nFor more information about using a reporting URL, see [X-XSS-Protection](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection) in the MDN Web Docs.", - "title": "ReportUri", + "ValidationDomain": { + "markdownDescription": "The domain name to which you want ACM to send validation emails. This domain name is the suffix of the email addresses that you want ACM to use. This must be the same as the `DomainName` value or a superdomain of the `DomainName` value. For example, if you request a certificate for `testing.example.com` , you can specify `example.com` as this value. In that case, ACM sends domain validation emails to the following five addresses:\n\n- admin@example.com\n- administrator@example.com\n- hostmaster@example.com\n- postmaster@example.com\n- webmaster@example.com", + "title": "ValidationDomain", "type": "string" } }, "required": [ - "Override", - "Protection" + "DomainName" ], "type": "object" }, - "AWS::CloudFront::StreamingDistribution": { + "AWS::Chatbot::CustomAction": { "additionalProperties": false, "properties": { "Condition": { @@ -38763,29 +43692,47 @@ "Properties": { "additionalProperties": false, "properties": { - "StreamingDistributionConfig": { - "$ref": "#/definitions/AWS::CloudFront::StreamingDistribution.StreamingDistributionConfig", - "markdownDescription": "The current configuration information for the RTMP distribution.", - "title": "StreamingDistributionConfig" + "ActionName": { + "markdownDescription": "The name of the custom action. This name is included in the Amazon Resource Name (ARN).", + "title": "ActionName", + "type": "string" + }, + "AliasName": { + "markdownDescription": "The name used to invoke this action in a chat channel. For example, `@Amazon Q run my-alias` .", + "title": "AliasName", + "type": "string" + }, + "Attachments": { + "items": { + "$ref": "#/definitions/AWS::Chatbot::CustomAction.CustomActionAttachment" + }, + "markdownDescription": "Defines when this custom action button should be attached to a notification.", + "title": "Attachments", + "type": "array" + }, + "Definition": { + "$ref": "#/definitions/AWS::Chatbot::CustomAction.CustomActionDefinition", + "markdownDescription": "The definition of the command to run when invoked as an alias or as an action button.", + "title": "Definition" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A complex type that contains zero or more `Tag` elements.", + "markdownDescription": "The tags to add to the configuration.", "title": "Tags", "type": "array" } }, "required": [ - "StreamingDistributionConfig", - "Tags" + "ActionName", + "Definition" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFront::StreamingDistribution" + "AWS::Chatbot::CustomAction" ], "type": "string" }, @@ -38804,125 +43751,81 @@ ], "type": "object" }, - "AWS::CloudFront::StreamingDistribution.Logging": { + "AWS::Chatbot::CustomAction.CustomActionAttachment": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The Amazon S3 bucket to store the access logs in, for example, `amzn-s3-demo-bucket.s3.amazonaws.com` .", - "title": "Bucket", + "ButtonText": { + "markdownDescription": "The text of the button that appears on the notification.", + "title": "ButtonText", "type": "string" }, - "Enabled": { - "markdownDescription": "Specifies whether you want CloudFront to save access logs to an Amazon S3 bucket. If you don't want to enable logging when you create a streaming distribution or if you want to disable logging for an existing streaming distribution, specify `false` for `Enabled` , and specify `empty Bucket` and `Prefix` elements. If you specify `false` for `Enabled` but you specify values for `Bucket` and `Prefix` , the values are automatically deleted.", - "title": "Enabled", - "type": "boolean" + "Criteria": { + "items": { + "$ref": "#/definitions/AWS::Chatbot::CustomAction.CustomActionAttachmentCriteria" + }, + "markdownDescription": "The criteria for when a button should be shown based on values in the notification.", + "title": "Criteria", + "type": "array" }, - "Prefix": { - "markdownDescription": "An optional string that you want CloudFront to prefix to the access log filenames for this streaming distribution, for example, `myprefix/` . If you want to enable logging, but you don't want to specify a prefix, you still must include an empty `Prefix` element in the `Logging` element.", - "title": "Prefix", - "type": "string" - } - }, - "required": [ - "Bucket", - "Enabled", - "Prefix" - ], - "type": "object" - }, - "AWS::CloudFront::StreamingDistribution.S3Origin": { - "additionalProperties": false, - "properties": { - "DomainName": { - "markdownDescription": "The DNS name of the Amazon S3 origin.", - "title": "DomainName", + "NotificationType": { + "markdownDescription": "The type of notification that the custom action should be attached to.", + "title": "NotificationType", "type": "string" }, - "OriginAccessIdentity": { - "markdownDescription": "The CloudFront origin access identity to associate with the distribution. Use an origin access identity to configure the distribution so that end users can only access objects in an Amazon S3 bucket through CloudFront.\n\nIf you want end users to be able to access objects using either the CloudFront URL or the Amazon S3 URL, specify an empty `OriginAccessIdentity` element.\n\nTo delete the origin access identity from an existing distribution, update the distribution configuration and include an empty `OriginAccessIdentity` element.\n\nTo replace the origin access identity, update the distribution configuration and specify the new origin access identity.\n\nFor more information, see [Using an Origin Access Identity to Restrict Access to Your Amazon S3 Content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html) in the *Amazon CloudFront Developer Guide* .", - "title": "OriginAccessIdentity", - "type": "string" + "Variables": { + "additionalProperties": true, + "markdownDescription": "The variables to extract from the notification.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Variables", + "type": "object" } }, - "required": [ - "DomainName", - "OriginAccessIdentity" - ], "type": "object" }, - "AWS::CloudFront::StreamingDistribution.StreamingDistributionConfig": { + "AWS::Chatbot::CustomAction.CustomActionAttachmentCriteria": { "additionalProperties": false, "properties": { - "Aliases": { - "items": { - "type": "string" - }, - "markdownDescription": "A complex type that contains information about CNAMEs (alternate domain names), if any, for this streaming distribution.", - "title": "Aliases", - "type": "array" - }, - "Comment": { - "markdownDescription": "Any comments you want to include about the streaming distribution.", - "title": "Comment", + "Operator": { + "markdownDescription": "The operation to perform on the named variable.", + "title": "Operator", "type": "string" }, - "Enabled": { - "markdownDescription": "Whether the streaming distribution is enabled to accept user requests for content.", - "title": "Enabled", - "type": "boolean" - }, - "Logging": { - "$ref": "#/definitions/AWS::CloudFront::StreamingDistribution.Logging", - "markdownDescription": "A complex type that controls whether access logs are written for the streaming distribution.", - "title": "Logging" - }, - "PriceClass": { - "markdownDescription": "A complex type that contains information about price class for this streaming distribution.", - "title": "PriceClass", + "Value": { + "markdownDescription": "A value that is compared with the actual value of the variable based on the behavior of the operator.", + "title": "Value", "type": "string" }, - "S3Origin": { - "$ref": "#/definitions/AWS::CloudFront::StreamingDistribution.S3Origin", - "markdownDescription": "A complex type that contains information about the Amazon S3 bucket from which you want CloudFront to get your media files for distribution.", - "title": "S3Origin" - }, - "TrustedSigners": { - "$ref": "#/definitions/AWS::CloudFront::StreamingDistribution.TrustedSigners", - "markdownDescription": "A complex type that specifies any AWS accounts that you want to permit to create signed URLs for private content. If you want the distribution to use signed URLs, include this element; if you want the distribution to use public URLs, remove this element. For more information, see [Serving Private Content through CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", - "title": "TrustedSigners" + "VariableName": { + "markdownDescription": "The name of the variable to operate on.", + "title": "VariableName", + "type": "string" } }, "required": [ - "Comment", - "Enabled", - "S3Origin", - "TrustedSigners" + "Operator", + "VariableName" ], "type": "object" }, - "AWS::CloudFront::StreamingDistribution.TrustedSigners": { + "AWS::Chatbot::CustomAction.CustomActionDefinition": { "additionalProperties": false, "properties": { - "AwsAccountNumbers": { - "items": { - "type": "string" - }, - "markdownDescription": "An AWS account number that contains active CloudFront key pairs that CloudFront can use to verify the signatures of signed URLs and signed cookies. If the AWS account that owns the key pairs is the same account that owns the CloudFront distribution, the value of this field is `self` .", - "title": "AwsAccountNumbers", - "type": "array" - }, - "Enabled": { - "markdownDescription": "This field is `true` if any of the AWS accounts in the list are configured as trusted signers. If not, this field is `false` .", - "title": "Enabled", - "type": "boolean" + "CommandText": { + "markdownDescription": "The command string to run which may include variables by prefixing with a dollar sign ($).", + "title": "CommandText", + "type": "string" } }, "required": [ - "Enabled" + "CommandText" ], "type": "object" }, - "AWS::CloudTrail::Channel": { + "AWS::Chatbot::MicrosoftTeamsChannelConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -38957,38 +43860,91 @@ "Properties": { "additionalProperties": false, "properties": { - "Destinations": { + "ConfigurationName": { + "markdownDescription": "The name of the configuration.", + "title": "ConfigurationName", + "type": "string" + }, + "CustomizationResourceArns": { "items": { - "$ref": "#/definitions/AWS::CloudTrail::Channel.Destination" + "type": "string" }, - "markdownDescription": "One or more event data stores to which events arriving through a channel will be logged.", - "title": "Destinations", + "markdownDescription": "Links a list of resource ARNs (for example, custom action ARNs) to a Microsoft Teams channel configuration for .", + "title": "CustomizationResourceArns", "type": "array" }, - "Name": { - "markdownDescription": "The name of the channel.", - "title": "Name", + "GuardrailPolicies": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of IAM policy ARNs that are applied as channel guardrails. The AWS managed 'AdministratorAccess' policy is applied as a default if this is not set.", + "title": "GuardrailPolicies", + "type": "array" + }, + "IamRoleArn": { + "markdownDescription": "The ARN of the IAM role that defines the permissions for .\n\nThis is a user-defined role that will assume. This is not the service-linked role. For more information, see [IAM Policies for in chat applications](https://docs.aws.amazon.com/chatbot/latest/adminguide/chatbot-iam-policies.html) .", + "title": "IamRoleArn", "type": "string" }, - "Source": { - "markdownDescription": "The name of the partner or external event source. You cannot change this name after you create the channel. A maximum of one channel is allowed per source.\n\nA source can be either `Custom` for all valid non- AWS events, or the name of a partner event source. For information about the source names for available partners, see [Additional information about integration partners](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-event-data-store-integration.html#cloudtrail-lake-partner-information) in the CloudTrail User Guide.", - "title": "Source", + "LoggingLevel": { + "markdownDescription": "Specifies the logging level for this configuration. This property affects the log entries pushed to Amazon CloudWatch Logs.\n\nLogging levels include `ERROR` , `INFO` , or `NONE` .", + "title": "LoggingLevel", "type": "string" }, + "SnsTopicArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The ARNs of the SNS topics that deliver notifications to .", + "title": "SnsTopicArns", + "type": "array" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tags.", + "markdownDescription": "The tags to add to the configuration.", "title": "Tags", "type": "array" + }, + "TeamId": { + "markdownDescription": "The ID of the Microsoft Team authorized with .\n\nTo get the team ID, you must perform the initial authorization flow with Microsoft Teams in the in chat applications console. Then you can copy and paste the team ID from the console. For more details, see steps 1-3 in [Tutorial: Get started with Microsoft Teams](https://docs.aws.amazon.com/chatbot/latest/adminguide/teams-setup.html) in the *in chat applications Administrator Guide* .", + "title": "TeamId", + "type": "string" + }, + "TeamsChannelId": { + "markdownDescription": "The ID of the Microsoft Teams channel.\n\nTo get the channel ID, open Microsoft Teams, right click on the channel name in the left pane, then choose *Copy* . An example of the channel ID syntax is: `19%3ab6ef35dc342d56ba5654e6fc6d25a071%40thread.tacv2` .", + "title": "TeamsChannelId", + "type": "string" + }, + "TeamsChannelName": { + "markdownDescription": "", + "title": "TeamsChannelName", + "type": "string" + }, + "TeamsTenantId": { + "markdownDescription": "The ID of the Microsoft Teams tenant.\n\nTo get the tenant ID, you must perform the initial authorization flow with Microsoft Teams in the in chat applications console. Then you can copy and paste the tenant ID from the console. For more details, see steps 1-3 in [Tutorial: Get started with Microsoft Teams](https://docs.aws.amazon.com/chatbot/latest/adminguide/teams-setup.html) in the *in chat applications Administrator Guide* .", + "title": "TeamsTenantId", + "type": "string" + }, + "UserRoleRequired": { + "markdownDescription": "Enables use of a user role requirement in your chat configuration.", + "title": "UserRoleRequired", + "type": "boolean" } }, + "required": [ + "ConfigurationName", + "IamRoleArn", + "TeamId", + "TeamsChannelId", + "TeamsTenantId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudTrail::Channel" + "AWS::Chatbot::MicrosoftTeamsChannelConfiguration" ], "type": "string" }, @@ -39002,31 +43958,12 @@ } }, "required": [ - "Type" - ], - "type": "object" - }, - "AWS::CloudTrail::Channel.Destination": { - "additionalProperties": false, - "properties": { - "Location": { - "markdownDescription": "For channels used for a CloudTrail Lake integration, the location is the ARN of an event data store that receives events from a channel. For service-linked channels, the location is the name of the AWS service.", - "title": "Location", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of destination for events arriving from a channel. For channels used for a CloudTrail Lake integration, the value is `EVENT_DATA_STORE` . For service-linked channels, the value is `AWS_SERVICE` .", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Location", - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::CloudTrail::EventDataStore": { + "AWS::Chatbot::SlackChannelConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -39061,258 +43998,80 @@ "Properties": { "additionalProperties": false, "properties": { - "AdvancedEventSelectors": { + "ConfigurationName": { + "markdownDescription": "The name of the configuration.", + "title": "ConfigurationName", + "type": "string" + }, + "CustomizationResourceArns": { "items": { - "$ref": "#/definitions/AWS::CloudTrail::EventDataStore.AdvancedEventSelector" + "type": "string" }, - "markdownDescription": "The advanced event selectors to use to select the events for the data store. You can configure up to five advanced event selectors for each event data store.\n\nFor more information about how to use advanced event selectors to log CloudTrail events, see [Log events by using advanced event selectors](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#creating-data-event-selectors-advanced) in the CloudTrail User Guide.\n\nFor more information about how to use advanced event selectors to include AWS Config configuration items in your event data store, see [Create an event data store for AWS Config configuration items](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/lake-eds-cli.html#lake-cli-create-eds-config) in the CloudTrail User Guide.\n\nFor more information about how to use advanced event selectors to include events outside of AWS events in your event data store, see [Create an integration to log events from outside AWS](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/lake-integrations-cli.html#lake-cli-create-integration) in the CloudTrail User Guide.", - "title": "AdvancedEventSelectors", + "markdownDescription": "Links a list of resource ARNs (for example, custom action ARNs) to a Slack channel configuration for .", + "title": "CustomizationResourceArns", "type": "array" }, - "BillingMode": { - "markdownDescription": "The billing mode for the event data store determines the cost for ingesting events and the default and maximum retention period for the event data store.\n\nThe following are the possible values:\n\n- `EXTENDABLE_RETENTION_PRICING` - This billing mode is generally recommended if you want a flexible retention period of up to 3653 days (about 10 years). The default retention period for this billing mode is 366 days.\n- `FIXED_RETENTION_PRICING` - This billing mode is recommended if you expect to ingest more than 25 TB of event data per month and need a retention period of up to 2557 days (about 7 years). The default retention period for this billing mode is 2557 days.\n\nThe default value is `EXTENDABLE_RETENTION_PRICING` .\n\nFor more information about CloudTrail pricing, see [AWS CloudTrail Pricing](https://docs.aws.amazon.com/cloudtrail/pricing/) and [Managing CloudTrail Lake costs](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-lake-manage-costs.html) .", - "title": "BillingMode", - "type": "string" - }, - "FederationEnabled": { - "markdownDescription": "Indicates if [Lake query federation](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-federation.html) is enabled. By default, Lake query federation is disabled. You cannot delete an event data store if Lake query federation is enabled.", - "title": "FederationEnabled", - "type": "boolean" - }, - "FederationRoleArn": { - "markdownDescription": "If Lake query federation is enabled, provides the ARN of the federation role used to access the resources for the federated event data store.\n\nThe federation role must exist in your account and provide the [required minimum permissions](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-federation.html#query-federation-permissions-role) .", - "title": "FederationRoleArn", - "type": "string" - }, - "IngestionEnabled": { - "markdownDescription": "Specifies whether the event data store should start ingesting live events. The default is true.", - "title": "IngestionEnabled", - "type": "boolean" - }, - "InsightSelectors": { + "GuardrailPolicies": { "items": { - "$ref": "#/definitions/AWS::CloudTrail::EventDataStore.InsightSelector" + "type": "string" }, - "markdownDescription": "A JSON string that contains the Insights types you want to log on an event data store. `ApiCallRateInsight` and `ApiErrorRateInsight` are valid Insight types.\n\nThe `ApiCallRateInsight` Insights type analyzes write-only management API calls that are aggregated per minute against a baseline API call volume.\n\nThe `ApiErrorRateInsight` Insights type analyzes management API calls that result in error codes. The error is shown if the API call is unsuccessful.", - "title": "InsightSelectors", + "markdownDescription": "The list of IAM policy ARNs that are applied as channel guardrails. The AWS managed 'AdministratorAccess' policy is applied as a default if this is not set.", + "title": "GuardrailPolicies", "type": "array" }, - "InsightsDestination": { - "markdownDescription": "The ARN (or ID suffix of the ARN) of the destination event data store that logs Insights events. For more information, see [Create an event data store for CloudTrail Insights events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-event-data-store-insights.html) .", - "title": "InsightsDestination", + "IamRoleArn": { + "markdownDescription": "The ARN of the IAM role that defines the permissions for .\n\nThis is a user-defined role that will assume. This is not the service-linked role. For more information, see [IAM Policies for in chat applications](https://docs.aws.amazon.com/chatbot/latest/adminguide/chatbot-iam-policies.html) .", + "title": "IamRoleArn", "type": "string" }, - "KmsKeyId": { - "markdownDescription": "Specifies the AWS KMS key ID to use to encrypt the events delivered by CloudTrail. The value can be an alias name prefixed by `alias/` , a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.\n\n> Disabling or deleting the KMS key, or removing CloudTrail permissions on the key, prevents CloudTrail from logging events to the event data store, and prevents users from querying the data in the event data store that was encrypted with the key. After you associate an event data store with a KMS key, the KMS key cannot be removed or changed. Before you disable or delete a KMS key that you are using with an event data store, delete or back up your event data store. \n\nCloudTrail also supports AWS KMS multi-Region keys. For more information about multi-Region keys, see [Using multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the *AWS Key Management Service Developer Guide* .\n\nExamples:\n\n- `alias/MyAliasName`\n- `arn:aws:kms:us-east-2:123456789012:alias/MyAliasName`\n- `arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012`\n- `12345678-1234-1234-1234-123456789012`", - "title": "KmsKeyId", + "LoggingLevel": { + "markdownDescription": "Specifies the logging level for this configuration. This property affects the log entries pushed to Amazon CloudWatch Logs.\n\nLogging levels include `ERROR` , `INFO` , or `NONE` .", + "title": "LoggingLevel", "type": "string" }, - "MultiRegionEnabled": { - "markdownDescription": "Specifies whether the event data store includes events from all Regions, or only from the Region in which the event data store is created.", - "title": "MultiRegionEnabled", - "type": "boolean" - }, - "Name": { - "markdownDescription": "The name of the event data store.", - "title": "Name", + "SlackChannelId": { + "markdownDescription": "The ID of the Slack channel.\n\nTo get the ID, open Slack, right click on the channel name in the left pane, then choose Copy Link. The channel ID is the character string at the end of the URL. For example, `ABCBBLZZZ` .", + "title": "SlackChannelId", "type": "string" }, - "OrganizationEnabled": { - "markdownDescription": "Specifies whether an event data store collects events logged for an organization in AWS Organizations .", - "title": "OrganizationEnabled", - "type": "boolean" + "SlackWorkspaceId": { + "markdownDescription": "The ID of the Slack workspace authorized with .\n\nTo get the workspace ID, you must perform the initial authorization flow with Slack in the in chat applications console. Then you can copy and paste the workspace ID from the console. For more details, see steps 1-3 in [Tutorial: Get started with Slack](https://docs.aws.amazon.com/chatbot/latest/adminguide/slack-setup.html#slack-client-setup) in the *in chat applications User Guide* .", + "title": "SlackWorkspaceId", + "type": "string" }, - "RetentionPeriod": { - "markdownDescription": "The retention period of the event data store, in days. If `BillingMode` is set to `EXTENDABLE_RETENTION_PRICING` , you can set a retention period of up to 3653 days, the equivalent of 10 years. If `BillingMode` is set to `FIXED_RETENTION_PRICING` , you can set a retention period of up to 2557 days, the equivalent of seven years.\n\nCloudTrail Lake determines whether to retain an event by checking if the `eventTime` of the event is within the specified retention period. For example, if you set a retention period of 90 days, CloudTrail will remove events when the `eventTime` is older than 90 days.\n\n> If you plan to copy trail events to this event data store, we recommend that you consider both the age of the events that you want to copy as well as how long you want to keep the copied events in your event data store. For example, if you copy trail events that are 5 years old and specify a retention period of 7 years, the event data store will retain those events for two years.", - "title": "RetentionPeriod", - "type": "number" + "SnsTopicArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The ARNs of the SNS topics that deliver notifications to .", + "title": "SnsTopicArns", + "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tags.", + "markdownDescription": "The tags to add to the configuration.", "title": "Tags", "type": "array" }, - "TerminationProtectionEnabled": { - "markdownDescription": "Specifies whether termination protection is enabled for the event data store. If termination protection is enabled, you cannot delete the event data store until termination protection is disabled.", - "title": "TerminationProtectionEnabled", + "UserRoleRequired": { + "markdownDescription": "Enables use of a user role requirement in your chat configuration.", + "title": "UserRoleRequired", "type": "boolean" } }, + "required": [ + "ConfigurationName", + "IamRoleArn", + "SlackChannelId", + "SlackWorkspaceId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudTrail::EventDataStore" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::CloudTrail::EventDataStore.AdvancedEventSelector": { - "additionalProperties": false, - "properties": { - "FieldSelectors": { - "items": { - "$ref": "#/definitions/AWS::CloudTrail::EventDataStore.AdvancedFieldSelector" - }, - "markdownDescription": "Contains all selector statements in an advanced event selector.", - "title": "FieldSelectors", - "type": "array" - }, - "Name": { - "markdownDescription": "An optional, descriptive name for an advanced event selector, such as \"Log data events for only two S3 buckets\".", - "title": "Name", - "type": "string" - } - }, - "required": [ - "FieldSelectors" - ], - "type": "object" - }, - "AWS::CloudTrail::EventDataStore.AdvancedFieldSelector": { - "additionalProperties": false, - "properties": { - "EndsWith": { - "items": { - "type": "string" - }, - "markdownDescription": "An operator that includes events that match the last few characters of the event record field specified as the value of `Field` .", - "title": "EndsWith", - "type": "array" - }, - "Equals": { - "items": { - "type": "string" - }, - "markdownDescription": "An operator that includes events that match the exact value of the event record field specified as the value of `Field` . This is the only valid operator that you can use with the `readOnly` , `eventCategory` , and `resources.type` fields.", - "title": "Equals", - "type": "array" - }, - "Field": { - "markdownDescription": "A field in a CloudTrail event record on which to filter events to be logged. For event data stores for CloudTrail Insights events, AWS Config configuration items, Audit Manager evidence, or events outside of AWS , the field is used only for selecting events as filtering is not supported.\n\nFor CloudTrail management events, supported fields include `eventCategory` (required), `eventSource` , and `readOnly` . The following additional fields are available for event data stores: `eventName` , `eventType` , `sessionCredentialFromConsole` , and `userIdentity.arn` .\n\nFor CloudTrail data events, supported fields include `eventCategory` (required), `eventName` , `eventSource` , `eventType` , `resources.type` (required), `readOnly` , `resources.ARN` , `sessionCredentialFromConsole` , and `userIdentity.arn` .\n\nFor CloudTrail network activity events, supported fields include `eventCategory` (required), `eventSource` (required), `eventName` , `errorCode` , and `vpcEndpointId` .\n\nFor event data stores for CloudTrail Insights events, AWS Config configuration items, Audit Manager evidence, or events outside of AWS , the only supported field is `eventCategory` .\n\n> Selectors don't support the use of wildcards like `*` . To match multiple values with a single condition, you may use `StartsWith` , `EndsWith` , `NotStartsWith` , or `NotEndsWith` to explicitly match the beginning or end of the event field. \n\n- *`readOnly`* - This is an optional field that is only used for management events and data events. This field can be set to `Equals` with a value of `true` or `false` . If you do not add this field, CloudTrail logs both `read` and `write` events. A value of `true` logs only `read` events. A value of `false` logs only `write` events.\n- *`eventSource`* - This field is only used for management events, data events, and network activity events.\n\nFor management events for trails, this is an optional field that can be set to `NotEquals` `kms.amazonaws.com` to exclude KMS management events, or `NotEquals` `rdsdata.amazonaws.com` to exclude RDS management events.\n\nFor data events for trails, this is an optional field that you can use to include or exclude any event source and can use any operator.\n\nFor management and data events for event data stores, this is an optional field that you can use to include or exclude any event source and can use any operator.\n\nFor network activity events, this is a required field that only uses the `Equals` operator. Set this field to the event source for which you want to log network activity events. If you want to log network activity events for multiple event sources, you must create a separate field selector for each event source. For a list of services supporting network activity events, see [Logging network activity events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-network-events-with-cloudtrail.html) in the *AWS CloudTrail User Guide* .\n- *`eventName`* - This is an optional field that is only used for data events, management events (for event data stores only), and network activity events. You can use any operator with `eventName` . You can use it to \ufb01lter in or \ufb01lter out specific events. You can have multiple values for this \ufb01eld, separated by commas.\n- *`eventCategory`* - This field is required and must be set to `Equals` .\n\n- For CloudTrail management events, the value must be `Management` .\n- For CloudTrail data events, the value must be `Data` .\n- For CloudTrail network activity events, the value must be `NetworkActivity` .\n\nThe following are used only for event data stores:\n\n- For CloudTrail Insights events, the value must be `Insight` .\n- For AWS Config configuration items, the value must be `ConfigurationItem` .\n- For Audit Manager evidence, the value must be `Evidence` .\n- For events outside of AWS , the value must be `ActivityAuditLog` .\n- *`eventType`* - For event data stores, this is an optional field available for event data stores to filter management and data events on the event type. For trails, this is an optional field to filter data events on the event type. For information about available event types, see [CloudTrail record contents](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-event-reference-record-contents.html#ct-event-type) in the *AWS CloudTrail user guide* .\n- *`errorCode`* - This \ufb01eld is only used to filter CloudTrail network activity events and is optional. This is the error code to filter on. Currently, the only valid `errorCode` is `VpceAccessDenied` . `errorCode` can only use the `Equals` operator.\n- *`sessionCredentialFromConsole`* - For event data stores, this is an optional field used to filter management and data events based on whether the events originated from an AWS Management Console session. For trails, this is an optional field used to filter data events. `sessionCredentialFromConsole` can only use the `Equals` and `NotEquals` operators.\n- *`resources.type`* - This \ufb01eld is required for CloudTrail data events. `resources.type` can only use the `Equals` operator.\n\nFor a list of available resource types for data events, see [Data events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#logging-data-events) in the *AWS CloudTrail User Guide* .\n\nYou can have only one `resources.type` \ufb01eld per selector. To log events on more than one resource type, add another selector.\n- *`resources.ARN`* - The `resources.ARN` is an optional field for data events. You can use any operator with `resources.ARN` , but if you use `Equals` or `NotEquals` , the value must exactly match the ARN of a valid resource of the type you've speci\ufb01ed in the template as the value of resources.type. To log all data events for all objects in a specific S3 bucket, use the `StartsWith` operator, and include only the bucket ARN as the matching value.\n\nFor more information about the ARN formats of data event resources, see [Actions, resources, and condition keys for AWS services](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html) in the *Service Authorization Reference* .\n\n> You can't use the `resources.ARN` field to filter resource types that do not have ARNs.\n- *`userIdentity.arn`* - For event data stores, this is an optional field used to filter management and data events for actions taken by specific IAM identities. For trails, this is an optional field used to filter data events. You can use any operator with `userIdentity.arn` . For more information on the userIdentity element, see [CloudTrail userIdentity element](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-event-reference-user-identity.html) in the *AWS CloudTrail User Guide* .\n- *`vpcEndpointId`* - This \ufb01eld is only used to filter CloudTrail network activity events and is optional. This field identifies the VPC endpoint that the request passed through. You can use any operator with `vpcEndpointId` .", - "title": "Field", - "type": "string" - }, - "NotEndsWith": { - "items": { - "type": "string" - }, - "markdownDescription": "An operator that excludes events that match the last few characters of the event record field specified as the value of `Field` .", - "title": "NotEndsWith", - "type": "array" - }, - "NotEquals": { - "items": { - "type": "string" - }, - "markdownDescription": "An operator that excludes events that match the exact value of the event record field specified as the value of `Field` .", - "title": "NotEquals", - "type": "array" - }, - "NotStartsWith": { - "items": { - "type": "string" - }, - "markdownDescription": "An operator that excludes events that match the first few characters of the event record field specified as the value of `Field` .", - "title": "NotStartsWith", - "type": "array" - }, - "StartsWith": { - "items": { - "type": "string" - }, - "markdownDescription": "An operator that includes events that match the first few characters of the event record field specified as the value of `Field` .", - "title": "StartsWith", - "type": "array" - } - }, - "required": [ - "Field" - ], - "type": "object" - }, - "AWS::CloudTrail::EventDataStore.InsightSelector": { - "additionalProperties": false, - "properties": { - "InsightType": { - "markdownDescription": "The type of Insights events to log on an event data store. `ApiCallRateInsight` and `ApiErrorRateInsight` are valid Insight types.\n\nThe `ApiCallRateInsight` Insights type analyzes write-only management API calls that are aggregated per minute against a baseline API call volume.\n\nThe `ApiErrorRateInsight` Insights type analyzes management API calls that result in error codes. The error is shown if the API call is unsuccessful.", - "title": "InsightType", - "type": "string" - } - }, - "type": "object" - }, - "AWS::CloudTrail::ResourcePolicy": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the CloudTrail event data store, dashboard, or channel attached to the resource-based policy.\n\nExample event data store ARN format: `arn:aws:cloudtrail:us-east-2:123456789012:eventdatastore/EXAMPLE-f852-4e8f-8bd1-bcf6cEXAMPLE`\n\nExample dashboard ARN format: `arn:aws:cloudtrail:us-east-1:123456789012:dashboard/exampleDash`\n\nExample channel ARN format: `arn:aws:cloudtrail:us-east-2:123456789012:channel/01234567890`", - "title": "ResourceArn", - "type": "string" - }, - "ResourcePolicy": { - "markdownDescription": "A JSON-formatted string for an AWS resource-based policy.\n\nFor example resource-based policies, see [CloudTrail resource-based policy examples](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/security_iam_resource-based-policy-examples.html) in the *CloudTrail User Guide* .", - "title": "ResourcePolicy", - "type": "object" - } - }, - "required": [ - "ResourceArn", - "ResourcePolicy" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::CloudTrail::ResourcePolicy" + "AWS::Chatbot::SlackChannelConfiguration" ], "type": "string" }, @@ -39331,7 +44090,7 @@ ], "type": "object" }, - "AWS::CloudTrail::Trail": { + "AWS::CleanRooms::AnalysisTemplate": { "additionalProperties": false, "properties": { "Condition": { @@ -39366,108 +44125,69 @@ "Properties": { "additionalProperties": false, "properties": { - "AdvancedEventSelectors": { + "AnalysisParameters": { "items": { - "$ref": "#/definitions/AWS::CloudTrail::Trail.AdvancedEventSelector" + "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate.AnalysisParameter" }, - "markdownDescription": "Specifies the settings for advanced event selectors. You can use advanced event selectors to log management events, data events for all resource types, and network activity events.\n\nYou can add advanced event selectors, and conditions for your advanced event selectors, up to a maximum of 500 values for all conditions and selectors on a trail. You can use either `AdvancedEventSelectors` or `EventSelectors` , but not both. If you apply `AdvancedEventSelectors` to a trail, any existing `EventSelectors` are overwritten. For more information about advanced event selectors, see [Logging data events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html) and [Logging network activity events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-network-events-with-cloudtrail.html) in the *AWS CloudTrail User Guide* .", - "title": "AdvancedEventSelectors", + "markdownDescription": "The parameters of the analysis template.", + "title": "AnalysisParameters", "type": "array" }, - "CloudWatchLogsLogGroupArn": { - "markdownDescription": "Specifies a log group name using an Amazon Resource Name (ARN), a unique identifier that represents the log group to which CloudTrail logs are delivered. You must use a log group that exists in your account.\n\nTo enable CloudWatch Logs delivery, you must provide values for `CloudWatchLogsLogGroupArn` and `CloudWatchLogsRoleArn` .\n\n> If you previously enabled CloudWatch Logs delivery and want to disable CloudWatch Logs delivery, you must set the values of the `CloudWatchLogsRoleArn` and `CloudWatchLogsLogGroupArn` fields to `\"\"` .", - "title": "CloudWatchLogsLogGroupArn", + "Description": { + "markdownDescription": "The description of the analysis template.", + "title": "Description", "type": "string" }, - "CloudWatchLogsRoleArn": { - "markdownDescription": "Specifies the role for the CloudWatch Logs endpoint to assume to write to a user's log group. You must use a role that exists in your account.\n\nTo enable CloudWatch Logs delivery, you must provide values for `CloudWatchLogsLogGroupArn` and `CloudWatchLogsRoleArn` .\n\n> If you previously enabled CloudWatch Logs delivery and want to disable CloudWatch Logs delivery, you must set the values of the `CloudWatchLogsRoleArn` and `CloudWatchLogsLogGroupArn` fields to `\"\"` .", - "title": "CloudWatchLogsRoleArn", + "Format": { + "markdownDescription": "The format of the analysis template.", + "title": "Format", "type": "string" }, - "EnableLogFileValidation": { - "markdownDescription": "Specifies whether log file validation is enabled. The default is false.\n\n> When you disable log file integrity validation, the chain of digest files is broken after one hour. CloudTrail does not create digest files for log files that were delivered during a period in which log file integrity validation was disabled. For example, if you enable log file integrity validation at noon on January 1, disable it at noon on January 2, and re-enable it at noon on January 10, digest files will not be created for the log files delivered from noon on January 2 to noon on January 10. The same applies whenever you stop CloudTrail logging or delete a trail.", - "title": "EnableLogFileValidation", - "type": "boolean" - }, - "EventSelectors": { - "items": { - "$ref": "#/definitions/AWS::CloudTrail::Trail.EventSelector" - }, - "markdownDescription": "Use event selectors to further specify the management and data event settings for your trail. By default, trails created without specific event selectors will be configured to log all read and write management events, and no data events. When an event occurs in your account, CloudTrail evaluates the event selector for all trails. For each trail, if the event matches any event selector, the trail processes and logs the event. If the event doesn't match any event selector, the trail doesn't log the event.\n\nYou can configure up to five event selectors for a trail.\n\nYou cannot apply both event selectors and advanced event selectors to a trail.", - "title": "EventSelectors", - "type": "array" - }, - "IncludeGlobalServiceEvents": { - "markdownDescription": "Specifies whether the trail is publishing events from global services such as IAM to the log files.", - "title": "IncludeGlobalServiceEvents", - "type": "boolean" - }, - "InsightSelectors": { - "items": { - "$ref": "#/definitions/AWS::CloudTrail::Trail.InsightSelector" - }, - "markdownDescription": "A JSON string that contains the Insights types you want to log on a trail. `ApiCallRateInsight` and `ApiErrorRateInsight` are valid Insight types.\n\nThe `ApiCallRateInsight` Insights type analyzes write-only management API calls that are aggregated per minute against a baseline API call volume.\n\nThe `ApiErrorRateInsight` Insights type analyzes management API calls that result in error codes. The error is shown if the API call is unsuccessful.", - "title": "InsightSelectors", - "type": "array" - }, - "IsLogging": { - "markdownDescription": "Whether the CloudTrail trail is currently logging AWS API calls.", - "title": "IsLogging", - "type": "boolean" - }, - "IsMultiRegionTrail": { - "markdownDescription": "Specifies whether the trail applies only to the current Region or to all Regions. The default is false. If the trail exists only in the current Region and this value is set to true, shadow trails (replications of the trail) will be created in the other Regions. If the trail exists in all Regions and this value is set to false, the trail will remain in the Region where it was created, and its shadow trails in other Regions will be deleted. As a best practice, consider using trails that log events in all Regions.", - "title": "IsMultiRegionTrail", - "type": "boolean" - }, - "IsOrganizationTrail": { - "markdownDescription": "Specifies whether the trail is applied to all accounts in an organization in AWS Organizations , or only for the current AWS account . The default is false, and cannot be true unless the call is made on behalf of an AWS account that is the management account for an organization in AWS Organizations . If the trail is not an organization trail and this is set to `true` , the trail will be created in all AWS accounts that belong to the organization. If the trail is an organization trail and this is set to `false` , the trail will remain in the current AWS account but be deleted from all member accounts in the organization.\n\n> Only the management account for the organization can convert an organization trail to a non-organization trail, or convert a non-organization trail to an organization trail.", - "title": "IsOrganizationTrail", - "type": "boolean" - }, - "KMSKeyId": { - "markdownDescription": "Specifies the AWS KMS key ID to use to encrypt the logs and digest files delivered by CloudTrail. The value can be an alias name prefixed by \"alias/\", a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.\n\nCloudTrail also supports AWS KMS multi-Region keys. For more information about multi-Region keys, see [Using multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the *AWS Key Management Service Developer Guide* .\n\nExamples:\n\n- alias/MyAliasName\n- arn:aws:kms:us-east-2:123456789012:alias/MyAliasName\n- arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012\n- 12345678-1234-1234-1234-123456789012", - "title": "KMSKeyId", + "MembershipIdentifier": { + "markdownDescription": "The identifier for a membership resource.", + "title": "MembershipIdentifier", "type": "string" }, - "S3BucketName": { - "markdownDescription": "Specifies the name of the Amazon S3 bucket designated for publishing log files. See [Amazon S3 Bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html) .", - "title": "S3BucketName", + "Name": { + "markdownDescription": "The name of the analysis template.", + "title": "Name", "type": "string" }, - "S3KeyPrefix": { - "markdownDescription": "Specifies the Amazon S3 key prefix that comes after the name of the bucket you have designated for log file delivery. For more information, see [Finding Your CloudTrail Log Files](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/get-and-view-cloudtrail-log-files.html#cloudtrail-find-log-files) . The maximum length is 200 characters.", - "title": "S3KeyPrefix", - "type": "string" + "Schema": { + "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate.AnalysisSchema", + "markdownDescription": "The entire schema object.", + "title": "Schema" }, - "SnsTopicName": { - "markdownDescription": "Specifies the name or ARN of the Amazon SNS topic defined for notification of log file delivery. The maximum length is 256 characters.", - "title": "SnsTopicName", - "type": "string" + "Source": { + "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate.AnalysisSource", + "markdownDescription": "The source of the analysis template.", + "title": "Source" + }, + "SourceMetadata": { + "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate.AnalysisSourceMetadata", + "markdownDescription": "The source metadata for the analysis template.", + "title": "SourceMetadata" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A custom set of tags (key-value pairs) for this trail.", + "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", "title": "Tags", "type": "array" - }, - "TrailName": { - "markdownDescription": "Specifies the name of the trail. The name must meet the following requirements:\n\n- Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores (_), or dashes (-)\n- Start with a letter or number, and end with a letter or number\n- Be between 3 and 128 characters\n- Have no adjacent periods, underscores or dashes. Names like `my-_namespace` and `my--namespace` are not valid.\n- Not be in IP address format (for example, 192.168.5.4)", - "title": "TrailName", - "type": "string" } }, "required": [ - "IsLogging", - "S3BucketName" + "Format", + "MembershipIdentifier", + "Name", + "Source" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudTrail::Trail" + "AWS::CleanRooms::AnalysisTemplate" ], "type": "string" }, @@ -39486,156 +44206,174 @@ ], "type": "object" }, - "AWS::CloudTrail::Trail.AdvancedEventSelector": { + "AWS::CleanRooms::AnalysisTemplate.AnalysisParameter": { "additionalProperties": false, "properties": { - "FieldSelectors": { - "items": { - "$ref": "#/definitions/AWS::CloudTrail::Trail.AdvancedFieldSelector" - }, - "markdownDescription": "Contains all selector statements in an advanced event selector.", - "title": "FieldSelectors", - "type": "array" + "DefaultValue": { + "markdownDescription": "Optional. The default value that is applied in the analysis template. The member who can query can override this value in the query editor.", + "title": "DefaultValue", + "type": "string" }, "Name": { - "markdownDescription": "An optional, descriptive name for an advanced event selector, such as \"Log data events for only two S3 buckets\".", + "markdownDescription": "The name of the parameter. The name must use only alphanumeric, underscore (_), or hyphen (-) characters but cannot start or end with a hyphen.", "title": "Name", "type": "string" + }, + "Type": { + "markdownDescription": "The type of parameter.", + "title": "Type", + "type": "string" } }, "required": [ - "FieldSelectors" + "Name", + "Type" ], "type": "object" }, - "AWS::CloudTrail::Trail.AdvancedFieldSelector": { + "AWS::CleanRooms::AnalysisTemplate.AnalysisSchema": { "additionalProperties": false, "properties": { - "EndsWith": { - "items": { - "type": "string" - }, - "markdownDescription": "An operator that includes events that match the last few characters of the event record field specified as the value of `Field` .", - "title": "EndsWith", - "type": "array" - }, - "Equals": { + "ReferencedTables": { "items": { "type": "string" }, - "markdownDescription": "An operator that includes events that match the exact value of the event record field specified as the value of `Field` . This is the only valid operator that you can use with the `readOnly` , `eventCategory` , and `resources.type` fields.", - "title": "Equals", + "markdownDescription": "The tables referenced in the analysis schema.", + "title": "ReferencedTables", "type": "array" + } + }, + "required": [ + "ReferencedTables" + ], + "type": "object" + }, + "AWS::CleanRooms::AnalysisTemplate.AnalysisSource": { + "additionalProperties": false, + "properties": { + "Artifacts": { + "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate.AnalysisTemplateArtifacts", + "markdownDescription": "The artifacts of the analysis source.", + "title": "Artifacts" }, - "Field": { - "markdownDescription": "A field in a CloudTrail event record on which to filter events to be logged. For event data stores for CloudTrail Insights events, AWS Config configuration items, Audit Manager evidence, or events outside of AWS , the field is used only for selecting events as filtering is not supported.\n\nFor CloudTrail management events, supported fields include `eventCategory` (required), `eventSource` , and `readOnly` . The following additional fields are available for event data stores: `eventName` , `eventType` , `sessionCredentialFromConsole` , and `userIdentity.arn` .\n\nFor CloudTrail data events, supported fields include `eventCategory` (required), `eventName` , `eventSource` , `eventType` , `resources.type` (required), `readOnly` , `resources.ARN` , `sessionCredentialFromConsole` , and `userIdentity.arn` .\n\nFor CloudTrail network activity events, supported fields include `eventCategory` (required), `eventSource` (required), `eventName` , `errorCode` , and `vpcEndpointId` .\n\nFor event data stores for CloudTrail Insights events, AWS Config configuration items, Audit Manager evidence, or events outside of AWS , the only supported field is `eventCategory` .\n\n> Selectors don't support the use of wildcards like `*` . To match multiple values with a single condition, you may use `StartsWith` , `EndsWith` , `NotStartsWith` , or `NotEndsWith` to explicitly match the beginning or end of the event field. \n\n- *`readOnly`* - This is an optional field that is only used for management events and data events. This field can be set to `Equals` with a value of `true` or `false` . If you do not add this field, CloudTrail logs both `read` and `write` events. A value of `true` logs only `read` events. A value of `false` logs only `write` events.\n- *`eventSource`* - This field is only used for management events, data events, and network activity events.\n\nFor management events for trails, this is an optional field that can be set to `NotEquals` `kms.amazonaws.com` to exclude KMS management events, or `NotEquals` `rdsdata.amazonaws.com` to exclude RDS management events.\n\nFor data events for trails, this is an optional field that you can use to include or exclude any event source and can use any operator.\n\nFor management and data events for event data stores, this is an optional field that you can use to include or exclude any event source and can use any operator.\n\nFor network activity events, this is a required field that only uses the `Equals` operator. Set this field to the event source for which you want to log network activity events. If you want to log network activity events for multiple event sources, you must create a separate field selector for each event source. For a list of services supporting network activity events, see [Logging network activity events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-network-events-with-cloudtrail.html) in the *AWS CloudTrail User Guide* .\n- *`eventName`* - This is an optional field that is only used for data events, management events (for event data stores only), and network activity events. You can use any operator with `eventName` . You can use it to \ufb01lter in or \ufb01lter out specific events. You can have multiple values for this \ufb01eld, separated by commas.\n- *`eventCategory`* - This field is required and must be set to `Equals` .\n\n- For CloudTrail management events, the value must be `Management` .\n- For CloudTrail data events, the value must be `Data` .\n- For CloudTrail network activity events, the value must be `NetworkActivity` .\n\nThe following are used only for event data stores:\n\n- For CloudTrail Insights events, the value must be `Insight` .\n- For AWS Config configuration items, the value must be `ConfigurationItem` .\n- For Audit Manager evidence, the value must be `Evidence` .\n- For events outside of AWS , the value must be `ActivityAuditLog` .\n- *`eventType`* - For event data stores, this is an optional field available for event data stores to filter management and data events on the event type. For trails, this is an optional field to filter data events on the event type. For information about available event types, see [CloudTrail record contents](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-event-reference-record-contents.html#ct-event-type) in the *AWS CloudTrail user guide* .\n- *`errorCode`* - This \ufb01eld is only used to filter CloudTrail network activity events and is optional. This is the error code to filter on. Currently, the only valid `errorCode` is `VpceAccessDenied` . `errorCode` can only use the `Equals` operator.\n- *`sessionCredentialFromConsole`* - For event data stores, this is an optional field used to filter management and data events based on whether the events originated from an AWS Management Console session. For trails, this is an optional field used to filter data events. `sessionCredentialFromConsole` can only use the `Equals` and `NotEquals` operators.\n- *`resources.type`* - This \ufb01eld is required for CloudTrail data events. `resources.type` can only use the `Equals` operator.\n\nFor a list of available resource types for data events, see [Data events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#logging-data-events) in the *AWS CloudTrail User Guide* .\n\nYou can have only one `resources.type` \ufb01eld per selector. To log events on more than one resource type, add another selector.\n- *`resources.ARN`* - The `resources.ARN` is an optional field for data events. You can use any operator with `resources.ARN` , but if you use `Equals` or `NotEquals` , the value must exactly match the ARN of a valid resource of the type you've speci\ufb01ed in the template as the value of resources.type. To log all data events for all objects in a specific S3 bucket, use the `StartsWith` operator, and include only the bucket ARN as the matching value.\n\nFor more information about the ARN formats of data event resources, see [Actions, resources, and condition keys for AWS services](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html) in the *Service Authorization Reference* .\n\n> You can't use the `resources.ARN` field to filter resource types that do not have ARNs.\n- *`userIdentity.arn`* - For event data stores, this is an optional field used to filter management and data events for actions taken by specific IAM identities. For trails, this is an optional field used to filter data events. You can use any operator with `userIdentity.arn` . For more information on the userIdentity element, see [CloudTrail userIdentity element](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-event-reference-user-identity.html) in the *AWS CloudTrail User Guide* .\n- *`vpcEndpointId`* - This \ufb01eld is only used to filter CloudTrail network activity events and is optional. This field identifies the VPC endpoint that the request passed through. You can use any operator with `vpcEndpointId` .", - "title": "Field", + "Text": { + "markdownDescription": "The query text.", + "title": "Text", "type": "string" - }, - "NotEndsWith": { - "items": { - "type": "string" - }, - "markdownDescription": "An operator that excludes events that match the last few characters of the event record field specified as the value of `Field` .", - "title": "NotEndsWith", - "type": "array" - }, - "NotEquals": { - "items": { - "type": "string" - }, - "markdownDescription": "An operator that excludes events that match the exact value of the event record field specified as the value of `Field` .", - "title": "NotEquals", - "type": "array" - }, - "NotStartsWith": { - "items": { - "type": "string" - }, - "markdownDescription": "An operator that excludes events that match the first few characters of the event record field specified as the value of `Field` .", - "title": "NotStartsWith", - "type": "array" - }, - "StartsWith": { - "items": { - "type": "string" - }, - "markdownDescription": "An operator that includes events that match the first few characters of the event record field specified as the value of `Field` .", - "title": "StartsWith", - "type": "array" + } + }, + "type": "object" + }, + "AWS::CleanRooms::AnalysisTemplate.AnalysisSourceMetadata": { + "additionalProperties": false, + "properties": { + "Artifacts": { + "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate.AnalysisTemplateArtifactMetadata", + "markdownDescription": "The artifacts of the analysis source metadata.", + "title": "Artifacts" } }, "required": [ - "Field" + "Artifacts" ], "type": "object" }, - "AWS::CloudTrail::Trail.DataResource": { + "AWS::CleanRooms::AnalysisTemplate.AnalysisTemplateArtifact": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The resource type in which you want to log data events. You can specify the following *basic* event selector resource types:\n\n- `AWS::DynamoDB::Table`\n- `AWS::Lambda::Function`\n- `AWS::S3::Object`\n\nAdditional resource types are available through *advanced* event selectors. For more information, see [AdvancedEventSelector](https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_AdvancedEventSelector.html) .", - "title": "Type", - "type": "string" - }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of Amazon Resource Name (ARN) strings or partial ARN strings for the specified resource type.\n\n- To log data events for all objects in all S3 buckets in your AWS account , specify the prefix as `arn:aws:s3` .\n\n> This also enables logging of data event activity performed by any user or role in your AWS account , even if that activity is performed on a bucket that belongs to another AWS account .\n- To log data events for all objects in an S3 bucket, specify the bucket and an empty object prefix such as `arn:aws:s3:::amzn-s3-demo-bucket1/` . The trail logs data events for all objects in this S3 bucket.\n- To log data events for specific objects, specify the S3 bucket and object prefix such as `arn:aws:s3:::amzn-s3-demo-bucket1/example-images` . The trail logs data events for objects in this S3 bucket that match the prefix.\n- To log data events for all Lambda functions in your AWS account , specify the prefix as `arn:aws:lambda` .\n\n> This also enables logging of `Invoke` activity performed by any user or role in your AWS account , even if that activity is performed on a function that belongs to another AWS account .\n- To log data events for a specific Lambda function, specify the function ARN.\n\n> Lambda function ARNs are exact. For example, if you specify a function ARN *arn:aws:lambda:us-west-2:111111111111:function:helloworld* , data events will only be logged for *arn:aws:lambda:us-west-2:111111111111:function:helloworld* . They will not be logged for *arn:aws:lambda:us-west-2:111111111111:function:helloworld2* .\n- To log data events for all DynamoDB tables in your AWS account , specify the prefix as `arn:aws:dynamodb` .", - "title": "Values", - "type": "array" + "Location": { + "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate.S3Location", + "markdownDescription": "The artifact location.", + "title": "Location" } }, "required": [ - "Type" + "Location" ], "type": "object" }, - "AWS::CloudTrail::Trail.EventSelector": { + "AWS::CleanRooms::AnalysisTemplate.AnalysisTemplateArtifactMetadata": { "additionalProperties": false, "properties": { - "DataResources": { + "AdditionalArtifactHashes": { "items": { - "$ref": "#/definitions/AWS::CloudTrail::Trail.DataResource" + "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate.Hash" }, - "markdownDescription": "CloudTrail supports data event logging for Amazon S3 objects in standard S3 buckets, AWS Lambda functions, and Amazon DynamoDB tables with basic event selectors. You can specify up to 250 resources for an individual event selector, but the total number of data resources cannot exceed 250 across all event selectors in a trail. This limit does not apply if you configure resource logging for all data events.\n\nFor more information, see [Data Events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html) and [Limits in AWS CloudTrail](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/WhatIsCloudTrail-Limits.html) in the *AWS CloudTrail User Guide* .\n\n> To log data events for all other resource types including objects stored in [directory buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-overview.html) , you must use [AdvancedEventSelectors](https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_AdvancedEventSelector.html) . You must also use `AdvancedEventSelectors` if you want to filter on the `eventName` field.", - "title": "DataResources", + "markdownDescription": "Additional artifact hashes for the analysis template.", + "title": "AdditionalArtifactHashes", "type": "array" }, - "ExcludeManagementEventSources": { + "EntryPointHash": { + "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate.Hash", + "markdownDescription": "The hash of the entry point for the analysis template artifact metadata.", + "title": "EntryPointHash" + } + }, + "required": [ + "EntryPointHash" + ], + "type": "object" + }, + "AWS::CleanRooms::AnalysisTemplate.AnalysisTemplateArtifacts": { + "additionalProperties": false, + "properties": { + "AdditionalArtifacts": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate.AnalysisTemplateArtifact" }, - "markdownDescription": "An optional list of service event sources from which you do not want management events to be logged on your trail. In this release, the list can be empty (disables the filter), or it can filter out AWS Key Management Service or Amazon RDS Data API events by containing `kms.amazonaws.com` or `rdsdata.amazonaws.com` . By default, `ExcludeManagementEventSources` is empty, and AWS KMS and Amazon RDS Data API events are logged to your trail. You can exclude management event sources only in Regions that support the event source.", - "title": "ExcludeManagementEventSources", + "markdownDescription": "Additional artifacts for the analysis template.", + "title": "AdditionalArtifacts", "type": "array" }, - "IncludeManagementEvents": { - "markdownDescription": "Specify if you want your event selector to include management events for your trail.\n\nFor more information, see [Management Events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-events-with-cloudtrail.html) in the *AWS CloudTrail User Guide* .\n\nBy default, the value is `true` .\n\nThe first copy of management events is free. You are charged for additional copies of management events that you are logging on any subsequent trail in the same Region. For more information about CloudTrail pricing, see [AWS CloudTrail Pricing](https://docs.aws.amazon.com/cloudtrail/pricing/) .", - "title": "IncludeManagementEvents", - "type": "boolean" + "EntryPoint": { + "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate.AnalysisTemplateArtifact", + "markdownDescription": "The entry point for the analysis template artifacts.", + "title": "EntryPoint" }, - "ReadWriteType": { - "markdownDescription": "Specify if you want your trail to log read-only events, write-only events, or all. For example, the EC2 `GetConsoleOutput` is a read-only API operation and `RunInstances` is a write-only API operation.\n\nBy default, the value is `All` .", - "title": "ReadWriteType", + "RoleArn": { + "markdownDescription": "The role ARN for the analysis template artifacts.", + "title": "RoleArn", "type": "string" } }, + "required": [ + "EntryPoint", + "RoleArn" + ], "type": "object" }, - "AWS::CloudTrail::Trail.InsightSelector": { + "AWS::CleanRooms::AnalysisTemplate.Hash": { "additionalProperties": false, "properties": { - "InsightType": { - "markdownDescription": "The type of Insights events to log on a trail. `ApiCallRateInsight` and `ApiErrorRateInsight` are valid Insight types.\n\nThe `ApiCallRateInsight` Insights type analyzes write-only management API calls that are aggregated per minute against a baseline API call volume.\n\nThe `ApiErrorRateInsight` Insights type analyzes management API calls that result in error codes. The error is shown if the API call is unsuccessful.", - "title": "InsightType", + "Sha256": { + "markdownDescription": "The SHA-256 hash value.", + "title": "Sha256", "type": "string" } }, "type": "object" }, - "AWS::CloudWatch::Alarm": { + "AWS::CleanRooms::AnalysisTemplate.S3Location": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The bucket name.", + "title": "Bucket", + "type": "string" + }, + "Key": { + "markdownDescription": "The object key.", + "title": "Key", + "type": "string" + } + }, + "required": [ + "Bucket", + "Key" + ], + "type": "object" + }, + "AWS::CleanRooms::Collaboration": { "additionalProperties": false, "properties": { "Condition": { @@ -39670,144 +44408,87 @@ "Properties": { "additionalProperties": false, "properties": { - "ActionsEnabled": { - "markdownDescription": "Indicates whether actions should be executed during any changes to the alarm state. The default is TRUE.", - "title": "ActionsEnabled", - "type": "boolean" - }, - "AlarmActions": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of actions to execute when this alarm transitions into an ALARM state from any other state. Specify each action as an Amazon Resource Name (ARN). For more information about creating alarms and the actions that you can specify, see [PutMetricAlarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutMetricAlarm.html) in the *Amazon CloudWatch API Reference* .", - "title": "AlarmActions", - "type": "array" - }, - "AlarmDescription": { - "markdownDescription": "The description of the alarm.", - "title": "AlarmDescription", - "type": "string" - }, - "AlarmName": { - "markdownDescription": "The name of the alarm. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the alarm name.\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "AlarmName", + "AnalyticsEngine": { + "markdownDescription": "The analytics engine for the collaboration.\n\n> After July 16, 2025, the `CLEAN_ROOMS_SQL` parameter will no longer be available.", + "title": "AnalyticsEngine", "type": "string" }, - "ComparisonOperator": { - "markdownDescription": "The arithmetic operation to use when comparing the specified statistic and threshold. The specified statistic value is used as the first operand.", - "title": "ComparisonOperator", + "CreatorDisplayName": { + "markdownDescription": "A display name of the collaboration creator.", + "title": "CreatorDisplayName", "type": "string" }, - "DatapointsToAlarm": { - "markdownDescription": "The number of datapoints that must be breaching to trigger the alarm. This is used only if you are setting an \"M out of N\" alarm. In that case, this value is the M, and the value that you set for `EvaluationPeriods` is the N value. For more information, see [Evaluating an Alarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/AlarmThatSendsEmail.html#alarm-evaluation) in the *Amazon CloudWatch User Guide* .\n\nIf you omit this parameter, CloudWatch uses the same value here that you set for `EvaluationPeriods` , and the alarm goes to alarm state if that many consecutive periods are breaching.", - "title": "DatapointsToAlarm", - "type": "number" + "CreatorMLMemberAbilities": { + "$ref": "#/definitions/AWS::CleanRooms::Collaboration.MLMemberAbilities", + "markdownDescription": "The ML member abilities for a collaboration member.", + "title": "CreatorMLMemberAbilities" }, - "Dimensions": { + "CreatorMemberAbilities": { "items": { - "$ref": "#/definitions/AWS::CloudWatch::Alarm.Dimension" + "type": "string" }, - "markdownDescription": "The dimensions for the metric associated with the alarm. For an alarm based on a math expression, you can't specify `Dimensions` . Instead, you use `Metrics` .", - "title": "Dimensions", + "markdownDescription": "The abilities granted to the collaboration creator.\n\n*Allowed values* `CAN_QUERY` | `CAN_RECEIVE_RESULTS` | `CAN_RUN_JOB`", + "title": "CreatorMemberAbilities", "type": "array" }, - "EvaluateLowSampleCountPercentile": { - "markdownDescription": "Used only for alarms based on percentiles. If `ignore` , the alarm state does not change during periods with too few data points to be statistically significant. If `evaluate` or this parameter is not used, the alarm is always evaluated and possibly changes state no matter how many data points are available.", - "title": "EvaluateLowSampleCountPercentile", - "type": "string" + "CreatorPaymentConfiguration": { + "$ref": "#/definitions/AWS::CleanRooms::Collaboration.PaymentConfiguration", + "markdownDescription": "An object representing the collaboration member's payment responsibilities set by the collaboration creator.", + "title": "CreatorPaymentConfiguration" }, - "EvaluationPeriods": { - "markdownDescription": "The number of periods over which data is compared to the specified threshold. If you are setting an alarm that requires that a number of consecutive data points be breaching to trigger the alarm, this value specifies that number. If you are setting an \"M out of N\" alarm, this value is the N, and `DatapointsToAlarm` is the M.\n\nFor more information, see [Evaluating an Alarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/AlarmThatSendsEmail.html#alarm-evaluation) in the *Amazon CloudWatch User Guide* .", - "title": "EvaluationPeriods", - "type": "number" + "DataEncryptionMetadata": { + "$ref": "#/definitions/AWS::CleanRooms::Collaboration.DataEncryptionMetadata", + "markdownDescription": "The settings for client-side encryption for cryptographic computing.", + "title": "DataEncryptionMetadata" }, - "ExtendedStatistic": { - "markdownDescription": "The percentile statistic for the metric associated with the alarm. Specify a value between p0.0 and p100.\n\nFor an alarm based on a metric, you must specify either `Statistic` or `ExtendedStatistic` but not both.\n\nFor an alarm based on a math expression, you can't specify `ExtendedStatistic` . Instead, you use `Metrics` .", - "title": "ExtendedStatistic", + "Description": { + "markdownDescription": "A description of the collaboration provided by the collaboration owner.", + "title": "Description", "type": "string" }, - "InsufficientDataActions": { - "items": { - "type": "string" - }, - "markdownDescription": "The actions to execute when this alarm transitions to the `INSUFFICIENT_DATA` state from any other state. Each action is specified as an Amazon Resource Name (ARN).", - "title": "InsufficientDataActions", - "type": "array" - }, - "MetricName": { - "markdownDescription": "The name of the metric associated with the alarm. This is required for an alarm based on a metric. For an alarm based on a math expression, you use `Metrics` instead and you can't specify `MetricName` .", - "title": "MetricName", + "JobLogStatus": { + "markdownDescription": "An indicator as to whether job logging has been enabled or disabled for the collaboration.\n\nWhen `ENABLED` , AWS Clean Rooms logs details about jobs run within this collaboration and those logs can be viewed in Amazon CloudWatch Logs. The default value is `DISABLED` .", + "title": "JobLogStatus", "type": "string" }, - "Metrics": { + "Members": { "items": { - "$ref": "#/definitions/AWS::CloudWatch::Alarm.MetricDataQuery" + "$ref": "#/definitions/AWS::CleanRooms::Collaboration.MemberSpecification" }, - "markdownDescription": "An array that enables you to create an alarm based on the result of a metric math expression. Each item in the array either retrieves a metric or performs a math expression.\n\nIf you specify the `Metrics` parameter, you cannot specify `MetricName` , `Dimensions` , `Period` , `Namespace` , `Statistic` , `ExtendedStatistic` , or `Unit` .", - "title": "Metrics", + "markdownDescription": "A list of initial members, not including the creator. This list is immutable.", + "title": "Members", "type": "array" }, - "Namespace": { - "markdownDescription": "The namespace of the metric associated with the alarm. This is required for an alarm based on a metric. For an alarm based on a math expression, you can't specify `Namespace` and you use `Metrics` instead.\n\nFor a list of namespaces for metrics from AWS services, see [AWS Services That Publish CloudWatch Metrics.](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/aws-services-cloudwatch-metrics.html)", - "title": "Namespace", + "Name": { + "markdownDescription": "A human-readable identifier provided by the collaboration owner. Display names are not unique.", + "title": "Name", "type": "string" }, - "OKActions": { - "items": { - "type": "string" - }, - "markdownDescription": "The actions to execute when this alarm transitions to the `OK` state from any other state. Each action is specified as an Amazon Resource Name (ARN).", - "title": "OKActions", - "type": "array" - }, - "Period": { - "markdownDescription": "The period, in seconds, over which the statistic is applied. This is required for an alarm based on a metric. Valid values are 10, 20, 30, 60, and any multiple of 60.\n\nFor an alarm based on a math expression, you can't specify `Period` , and instead you use the `Metrics` parameter.\n\n*Minimum:* 10", - "title": "Period", - "type": "number" - }, - "Statistic": { - "markdownDescription": "The statistic for the metric associated with the alarm, other than percentile. For percentile statistics, use `ExtendedStatistic` .\n\nFor an alarm based on a metric, you must specify either `Statistic` or `ExtendedStatistic` but not both.\n\nFor an alarm based on a math expression, you can't specify `Statistic` . Instead, you use `Metrics` .", - "title": "Statistic", + "QueryLogStatus": { + "markdownDescription": "An indicator as to whether query logging has been enabled or disabled for the collaboration.\n\nWhen `ENABLED` , AWS Clean Rooms logs details about queries run within this collaboration and those logs can be viewed in Amazon CloudWatch Logs. The default value is `DISABLED` .", + "title": "QueryLogStatus", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of key-value pairs to associate with the alarm. You can associate as many as 50 tags with an alarm. To be able to associate tags with the alarm when you create the alarm, you must have the `cloudwatch:TagResource` permission.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.", + "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", "title": "Tags", "type": "array" - }, - "Threshold": { - "markdownDescription": "The value to compare with the specified statistic.", - "title": "Threshold", - "type": "number" - }, - "ThresholdMetricId": { - "markdownDescription": "In an alarm based on an anomaly detection model, this is the ID of the `ANOMALY_DETECTION_BAND` function used as the threshold for the alarm.", - "title": "ThresholdMetricId", - "type": "string" - }, - "TreatMissingData": { - "markdownDescription": "Sets how this alarm is to handle missing data points. Valid values are `breaching` , `notBreaching` , `ignore` , and `missing` . For more information, see [Configuring How CloudWatch Alarms Treat Missing Data](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/AlarmThatSendsEmail.html#alarms-and-missing-data) in the *Amazon CloudWatch User Guide* .\n\nIf you omit this parameter, the default behavior of `missing` is used.", - "title": "TreatMissingData", - "type": "string" - }, - "Unit": { - "markdownDescription": "The unit of the metric associated with the alarm. Specify this only if you are creating an alarm based on a single metric. Do not specify this if you are specifying a `Metrics` array.\n\nYou can specify the following values: Seconds, Microseconds, Milliseconds, Bytes, Kilobytes, Megabytes, Gigabytes, Terabytes, Bits, Kilobits, Megabits, Gigabits, Terabits, Percent, Count, Bytes/Second, Kilobytes/Second, Megabytes/Second, Gigabytes/Second, Terabytes/Second, Bits/Second, Kilobits/Second, Megabits/Second, Gigabits/Second, Terabits/Second, Count/Second, or None.", - "title": "Unit", - "type": "string" } }, "required": [ - "ComparisonOperator", - "EvaluationPeriods" + "CreatorDisplayName", + "Description", + "Name", + "QueryLogStatus" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudWatch::Alarm" + "AWS::CleanRooms::Collaboration" ], "type": "string" }, @@ -39826,126 +44507,190 @@ ], "type": "object" }, - "AWS::CloudWatch::Alarm.Dimension": { + "AWS::CleanRooms::Collaboration.DataEncryptionMetadata": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the dimension, from 1\u2013255 characters in length. This dimension name must have been included when the metric was published.", - "title": "Name", - "type": "string" + "AllowCleartext": { + "markdownDescription": "Indicates whether encrypted tables can contain cleartext data ( `TRUE` ) or are to cryptographically process every column ( `FALSE` ).", + "title": "AllowCleartext", + "type": "boolean" }, - "Value": { - "markdownDescription": "The value for the dimension, from 1\u2013255 characters in length.", - "title": "Value", - "type": "string" + "AllowDuplicates": { + "markdownDescription": "Indicates whether Fingerprint columns can contain duplicate entries ( `TRUE` ) or are to contain only non-repeated values ( `FALSE` ).", + "title": "AllowDuplicates", + "type": "boolean" + }, + "AllowJoinsOnColumnsWithDifferentNames": { + "markdownDescription": "Indicates whether Fingerprint columns can be joined on any other Fingerprint column with a different name ( `TRUE` ) or can only be joined on Fingerprint columns of the same name ( `FALSE` ).", + "title": "AllowJoinsOnColumnsWithDifferentNames", + "type": "boolean" + }, + "PreserveNulls": { + "markdownDescription": "Indicates whether NULL values are to be copied as NULL to encrypted tables ( `TRUE` ) or cryptographically processed ( `FALSE` ).", + "title": "PreserveNulls", + "type": "boolean" } }, "required": [ - "Name", - "Value" + "AllowCleartext", + "AllowDuplicates", + "AllowJoinsOnColumnsWithDifferentNames", + "PreserveNulls" ], "type": "object" }, - "AWS::CloudWatch::Alarm.Metric": { + "AWS::CleanRooms::Collaboration.JobComputePaymentConfig": { "additionalProperties": false, "properties": { - "Dimensions": { + "IsResponsible": { + "markdownDescription": "Indicates whether the collaboration creator has configured the collaboration member to pay for query and job compute costs ( `TRUE` ) or has not configured the collaboration member to pay for query and job compute costs ( `FALSE` ).\n\nExactly one member can be configured to pay for query and job compute costs. An error is returned if the collaboration creator sets a `TRUE` value for more than one member in the collaboration.\n\nAn error is returned if the collaboration creator sets a `FALSE` value for the member who can run queries and jobs.", + "title": "IsResponsible", + "type": "boolean" + } + }, + "required": [ + "IsResponsible" + ], + "type": "object" + }, + "AWS::CleanRooms::Collaboration.MLMemberAbilities": { + "additionalProperties": false, + "properties": { + "CustomMLMemberAbilities": { "items": { - "$ref": "#/definitions/AWS::CloudWatch::Alarm.Dimension" + "type": "string" }, - "markdownDescription": "The metric dimensions that you want to be used for the metric that the alarm will watch.", - "title": "Dimensions", + "markdownDescription": "The custom ML member abilities for a collaboration member.", + "title": "CustomMLMemberAbilities", "type": "array" + } + }, + "required": [ + "CustomMLMemberAbilities" + ], + "type": "object" + }, + "AWS::CleanRooms::Collaboration.MLPaymentConfig": { + "additionalProperties": false, + "properties": { + "ModelInference": { + "$ref": "#/definitions/AWS::CleanRooms::Collaboration.ModelInferencePaymentConfig", + "markdownDescription": "The payment responsibilities accepted by the member for model inference.", + "title": "ModelInference" }, - "MetricName": { - "markdownDescription": "The name of the metric that you want the alarm to watch. This is a required field.", - "title": "MetricName", - "type": "string" - }, - "Namespace": { - "markdownDescription": "The namespace of the metric that the alarm will watch.", - "title": "Namespace", - "type": "string" + "ModelTraining": { + "$ref": "#/definitions/AWS::CleanRooms::Collaboration.ModelTrainingPaymentConfig", + "markdownDescription": "The payment responsibilities accepted by the member for model training.", + "title": "ModelTraining" } }, "type": "object" }, - "AWS::CloudWatch::Alarm.MetricDataQuery": { + "AWS::CleanRooms::Collaboration.MemberSpecification": { "additionalProperties": false, "properties": { "AccountId": { - "markdownDescription": "The ID of the account where the metrics are located, if this is a cross-account alarm.", + "markdownDescription": "The identifier used to reference members of the collaboration. Currently only supports AWS account ID.", "title": "AccountId", "type": "string" }, - "Expression": { - "markdownDescription": "The math expression to be performed on the returned data, if this object is performing a math expression. This expression can use the `Id` of the other metrics to refer to those metrics, and can also use the `Id` of other expressions to use the result of those expressions. For more information about metric math expressions, see [Metric Math Syntax and Functions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/using-metric-math.html#metric-math-syntax) in the *Amazon CloudWatch User Guide* .\n\nWithin each MetricDataQuery object, you must specify either `Expression` or `MetricStat` but not both.", - "title": "Expression", - "type": "string" - }, - "Id": { - "markdownDescription": "A short name used to tie this object to the results in the response. This name must be unique within a single call to `GetMetricData` . If you are performing math expressions on this set of data, this name represents that data and can serve as a variable in the mathematical expression. The valid characters are letters, numbers, and underscore. The first character must be a lowercase letter.", - "title": "Id", - "type": "string" - }, - "Label": { - "markdownDescription": "A human-readable label for this metric or expression. This is especially useful if this is an expression, so that you know what the value represents. If the metric or expression is shown in a CloudWatch dashboard widget, the label is shown. If `Label` is omitted, CloudWatch generates a default.", - "title": "Label", + "DisplayName": { + "markdownDescription": "The member's display name.", + "title": "DisplayName", "type": "string" }, - "MetricStat": { - "$ref": "#/definitions/AWS::CloudWatch::Alarm.MetricStat", - "markdownDescription": "The metric to be returned, along with statistics, period, and units. Use this parameter only if this object is retrieving a metric and not performing a math expression on returned data.\n\nWithin one MetricDataQuery object, you must specify either `Expression` or `MetricStat` but not both.", - "title": "MetricStat" + "MLMemberAbilities": { + "$ref": "#/definitions/AWS::CleanRooms::Collaboration.MLMemberAbilities", + "markdownDescription": "The ML abilities granted to the collaboration member.", + "title": "MLMemberAbilities" }, - "Period": { - "markdownDescription": "The granularity, in seconds, of the returned data points. For metrics with regular resolution, a period can be as short as one minute (60 seconds) and must be a multiple of 60. For high-resolution metrics that are collected at intervals of less than one minute, the period can be 1, 5, 10, 20, 30, 60, or any multiple of 60. High-resolution metrics are those metrics stored by a `PutMetricData` operation that includes a `StorageResolution of 1 second` .", - "title": "Period", - "type": "number" + "MemberAbilities": { + "items": { + "type": "string" + }, + "markdownDescription": "The abilities granted to the collaboration member.\n\n*Allowed Values* : `CAN_QUERY` | `CAN_RECEIVE_RESULTS`", + "title": "MemberAbilities", + "type": "array" }, - "ReturnData": { - "markdownDescription": "This option indicates whether to return the timestamps and raw data values of this metric.\n\nWhen you create an alarm based on a metric math expression, specify `True` for this value for only the one math expression that the alarm is based on. You must specify `False` for `ReturnData` for all the other metrics and expressions used in the alarm.\n\nThis field is required.", - "title": "ReturnData", + "PaymentConfiguration": { + "$ref": "#/definitions/AWS::CleanRooms::Collaboration.PaymentConfiguration", + "markdownDescription": "The collaboration member's payment responsibilities set by the collaboration creator.\n\nIf the collaboration creator hasn't speci\ufb01ed anyone as the member paying for query compute costs, then the member who can query is the default payer.", + "title": "PaymentConfiguration" + } + }, + "required": [ + "AccountId", + "DisplayName" + ], + "type": "object" + }, + "AWS::CleanRooms::Collaboration.ModelInferencePaymentConfig": { + "additionalProperties": false, + "properties": { + "IsResponsible": { + "markdownDescription": "Indicates whether the collaboration creator has configured the collaboration member to pay for model inference costs ( `TRUE` ) or has not configured the collaboration member to pay for model inference costs ( `FALSE` ).\n\nExactly one member can be configured to pay for model inference costs. An error is returned if the collaboration creator sets a `TRUE` value for more than one member in the collaboration.\n\nIf the collaboration creator hasn't specified anyone as the member paying for model inference costs, then the member who can query is the default payer. An error is returned if the collaboration creator sets a `FALSE` value for the member who can query.", + "title": "IsResponsible", "type": "boolean" } }, "required": [ - "Id" + "IsResponsible" ], "type": "object" }, - "AWS::CloudWatch::Alarm.MetricStat": { + "AWS::CleanRooms::Collaboration.ModelTrainingPaymentConfig": { "additionalProperties": false, "properties": { - "Metric": { - "$ref": "#/definitions/AWS::CloudWatch::Alarm.Metric", - "markdownDescription": "The metric to return, including the metric name, namespace, and dimensions.", - "title": "Metric" - }, - "Period": { - "markdownDescription": "The granularity, in seconds, of the returned data points. For metrics with regular resolution, a period can be as short as one minute (60 seconds) and must be a multiple of 60. For high-resolution metrics that are collected at intervals of less than one minute, the period can be 1, 5, 10, 20, 30, 60, or any multiple of 60. High-resolution metrics are those metrics stored by a `PutMetricData` call that includes a `StorageResolution` of 1 second.\n\nIf the `StartTime` parameter specifies a time stamp that is greater than 3 hours ago, you must specify the period as follows or no data points in that time range is returned:\n\n- Start time between 3 hours and 15 days ago - Use a multiple of 60 seconds (1 minute).\n- Start time between 15 and 63 days ago - Use a multiple of 300 seconds (5 minutes).\n- Start time greater than 63 days ago - Use a multiple of 3600 seconds (1 hour).", - "title": "Period", - "type": "number" + "IsResponsible": { + "markdownDescription": "Indicates whether the collaboration creator has configured the collaboration member to pay for model training costs ( `TRUE` ) or has not configured the collaboration member to pay for model training costs ( `FALSE` ).\n\nExactly one member can be configured to pay for model training costs. An error is returned if the collaboration creator sets a `TRUE` value for more than one member in the collaboration.\n\nIf the collaboration creator hasn't specified anyone as the member paying for model training costs, then the member who can query is the default payer. An error is returned if the collaboration creator sets a `FALSE` value for the member who can query.", + "title": "IsResponsible", + "type": "boolean" + } + }, + "required": [ + "IsResponsible" + ], + "type": "object" + }, + "AWS::CleanRooms::Collaboration.PaymentConfiguration": { + "additionalProperties": false, + "properties": { + "JobCompute": { + "$ref": "#/definitions/AWS::CleanRooms::Collaboration.JobComputePaymentConfig", + "markdownDescription": "The compute configuration for the job.", + "title": "JobCompute" }, - "Stat": { - "markdownDescription": "The statistic to return. It can include any CloudWatch statistic or extended statistic. For a list of valid values, see the table in [Statistics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html#Statistic) in the *Amazon CloudWatch User Guide* .", - "title": "Stat", - "type": "string" + "MachineLearning": { + "$ref": "#/definitions/AWS::CleanRooms::Collaboration.MLPaymentConfig", + "markdownDescription": "An object representing the collaboration member's machine learning payment responsibilities set by the collaboration creator.", + "title": "MachineLearning" }, - "Unit": { - "markdownDescription": "The unit to use for the returned data points.\n\nValid values are: Seconds, Microseconds, Milliseconds, Bytes, Kilobytes, Megabytes, Gigabytes, Terabytes, Bits, Kilobits, Megabits, Gigabits, Terabits, Percent, Count, Bytes/Second, Kilobytes/Second, Megabytes/Second, Gigabytes/Second, Terabytes/Second, Bits/Second, Kilobits/Second, Megabits/Second, Gigabits/Second, Terabits/Second, Count/Second, or None.", - "title": "Unit", - "type": "string" + "QueryCompute": { + "$ref": "#/definitions/AWS::CleanRooms::Collaboration.QueryComputePaymentConfig", + "markdownDescription": "The collaboration member's payment responsibilities set by the collaboration creator for query compute costs.", + "title": "QueryCompute" } }, "required": [ - "Metric", - "Period", - "Stat" + "QueryCompute" ], "type": "object" }, - "AWS::CloudWatch::AnomalyDetector": { + "AWS::CleanRooms::Collaboration.QueryComputePaymentConfig": { + "additionalProperties": false, + "properties": { + "IsResponsible": { + "markdownDescription": "Indicates whether the collaboration creator has configured the collaboration member to pay for query compute costs ( `TRUE` ) or has not configured the collaboration member to pay for query compute costs ( `FALSE` ).\n\nExactly one member can be configured to pay for query compute costs. An error is returned if the collaboration creator sets a `TRUE` value for more than one member in the collaboration.\n\nIf the collaboration creator hasn't specified anyone as the member paying for query compute costs, then the member who can query is the default payer. An error is returned if the collaboration creator sets a `FALSE` value for the member who can query.", + "title": "IsResponsible", + "type": "boolean" + } + }, + "required": [ + "IsResponsible" + ], + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTable": { "additionalProperties": false, "properties": { "Condition": { @@ -39980,55 +44725,70 @@ "Properties": { "additionalProperties": false, "properties": { - "Configuration": { - "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.Configuration", - "markdownDescription": "Specifies details about how the anomaly detection model is to be trained, including time ranges to exclude when training and updating the model. The configuration can also include the time zone to use for the metric.", - "title": "Configuration" - }, - "Dimensions": { + "AllowedColumns": { "items": { - "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.Dimension" + "type": "string" }, - "markdownDescription": "The dimensions of the metric associated with the anomaly detection band.", - "title": "Dimensions", + "markdownDescription": "The columns within the underlying AWS Glue table that can be utilized within collaborations.", + "title": "AllowedColumns", "type": "array" }, - "MetricCharacteristics": { - "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.MetricCharacteristics", - "markdownDescription": "Use this object to include parameters to provide information about your metric to CloudWatch to help it build more accurate anomaly detection models. Currently, it includes the `PeriodicSpikes` parameter.", - "title": "MetricCharacteristics" + "AnalysisMethod": { + "markdownDescription": "The analysis method for the configured table.\n\n`DIRECT_QUERY` allows SQL queries to be run directly on this table.\n\n`DIRECT_JOB` allows PySpark jobs to be run directly on this table.\n\n`MULTIPLE` allows both SQL queries and PySpark jobs to be run directly on this table.", + "title": "AnalysisMethod", + "type": "string" }, - "MetricMathAnomalyDetector": { - "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.MetricMathAnomalyDetector", - "markdownDescription": "The CloudWatch metric math expression for this anomaly detector.", - "title": "MetricMathAnomalyDetector" + "AnalysisRules": { + "items": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AnalysisRule" + }, + "markdownDescription": "The analysis rule that was created for the configured table.", + "title": "AnalysisRules", + "type": "array" }, - "MetricName": { - "markdownDescription": "The name of the metric associated with the anomaly detection band.", - "title": "MetricName", + "Description": { + "markdownDescription": "A description for the configured table.", + "title": "Description", "type": "string" }, - "Namespace": { - "markdownDescription": "The namespace of the metric associated with the anomaly detection band.", - "title": "Namespace", + "Name": { + "markdownDescription": "A name for the configured table.", + "title": "Name", "type": "string" }, - "SingleMetricAnomalyDetector": { - "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.SingleMetricAnomalyDetector", - "markdownDescription": "The CloudWatch metric and statistic for this anomaly detector.", - "title": "SingleMetricAnomalyDetector" + "SelectedAnalysisMethods": { + "items": { + "type": "string" + }, + "markdownDescription": "The selected analysis methods for the configured table.", + "title": "SelectedAnalysisMethods", + "type": "array" }, - "Stat": { - "markdownDescription": "The statistic of the metric associated with the anomaly detection band.", - "title": "Stat", - "type": "string" + "TableReference": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.TableReference", + "markdownDescription": "The table that this configured table represents.", + "title": "TableReference" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", + "title": "Tags", + "type": "array" } }, + "required": [ + "AllowedColumns", + "AnalysisMethod", + "Name", + "TableReference" + ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudWatch::AnomalyDetector" + "AWS::CleanRooms::ConfiguredTable" ], "type": "string" }, @@ -40042,237 +44802,453 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::CloudWatch::AnomalyDetector.Configuration": { + "AWS::CleanRooms::ConfiguredTable.AggregateColumn": { "additionalProperties": false, "properties": { - "ExcludedTimeRanges": { + "ColumnNames": { "items": { - "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.Range" + "type": "string" }, - "markdownDescription": "Specifies an array of time ranges to exclude from use when the anomaly detection model is trained and updated. Use this to make sure that events that could cause unusual values for the metric, such as deployments, aren't used when CloudWatch creates or updates the model.", - "title": "ExcludedTimeRanges", + "markdownDescription": "Column names in configured table of aggregate columns.", + "title": "ColumnNames", "type": "array" }, - "MetricTimeZone": { - "markdownDescription": "The time zone to use for the metric. This is useful to enable the model to automatically account for daylight savings time changes if the metric is sensitive to such time changes.\n\nTo specify a time zone, use the name of the time zone as specified in the standard tz database. For more information, see [tz database](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Tz_database) .", - "title": "MetricTimeZone", + "Function": { + "markdownDescription": "Aggregation function that can be applied to aggregate column in query.", + "title": "Function", "type": "string" } }, + "required": [ + "ColumnNames", + "Function" + ], "type": "object" }, - "AWS::CloudWatch::AnomalyDetector.Dimension": { + "AWS::CleanRooms::ConfiguredTable.AggregationConstraint": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the dimension.", - "title": "Name", + "ColumnName": { + "markdownDescription": "Column in aggregation constraint for which there must be a minimum number of distinct values in an output row for it to be in the query output.", + "title": "ColumnName", "type": "string" }, - "Value": { - "markdownDescription": "The value of the dimension. Dimension values must contain only ASCII characters and must include at least one non-whitespace character. ASCII control characters are not supported as part of dimension values.", - "title": "Value", + "Minimum": { + "markdownDescription": "The minimum number of distinct values that an output row must be an aggregation of. Minimum threshold of distinct values for a specified column that must exist in an output row for it to be in the query output.", + "title": "Minimum", + "type": "number" + }, + "Type": { + "markdownDescription": "The type of aggregation the constraint allows. The only valid value is currently `COUNT_DISTINCT`.", + "title": "Type", "type": "string" } }, "required": [ - "Name", - "Value" + "ColumnName", + "Minimum", + "Type" ], "type": "object" }, - "AWS::CloudWatch::AnomalyDetector.Metric": { + "AWS::CleanRooms::ConfiguredTable.AnalysisRule": { "additionalProperties": false, "properties": { - "Dimensions": { - "items": { - "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.Dimension" - }, - "markdownDescription": "The dimensions for the metric.", - "title": "Dimensions", - "type": "array" - }, - "MetricName": { - "markdownDescription": "The name of the metric. This is a required field.", - "title": "MetricName", - "type": "string" + "Policy": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.ConfiguredTableAnalysisRulePolicy", + "markdownDescription": "A policy that describes the associated data usage limitations.", + "title": "Policy" }, - "Namespace": { - "markdownDescription": "The namespace of the metric.", - "title": "Namespace", + "Type": { + "markdownDescription": "The type of analysis rule.", + "title": "Type", "type": "string" } }, "required": [ - "MetricName", - "Namespace" + "Policy", + "Type" ], "type": "object" }, - "AWS::CloudWatch::AnomalyDetector.MetricCharacteristics": { - "additionalProperties": false, - "properties": { - "PeriodicSpikes": { - "markdownDescription": "Set this parameter to true if values for this metric consistently include spikes that should not be considered to be anomalies. With this set to true, CloudWatch will expect to see spikes that occurred consistently during the model training period, and won't flag future similar spikes as anomalies.", - "title": "PeriodicSpikes", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::CloudWatch::AnomalyDetector.MetricDataQueries": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::CloudWatch::AnomalyDetector.MetricDataQuery": { + "AWS::CleanRooms::ConfiguredTable.AnalysisRuleAggregation": { "additionalProperties": false, "properties": { - "AccountId": { - "markdownDescription": "The ID of the account where the metrics are located.\n\nIf you are performing a `GetMetricData` operation in a monitoring account, use this to specify which account to retrieve this metric from.\n\nIf you are performing a `PutMetricAlarm` operation, use this to specify which account contains the metric that the alarm is watching.", - "title": "AccountId", + "AdditionalAnalyses": { + "markdownDescription": "An indicator as to whether additional analyses (such as AWS Clean Rooms ML) can be applied to the output of the direct query.\n\nThe `additionalAnalyses` parameter is currently supported for the list analysis rule ( `AnalysisRuleList` ) and the custom analysis rule ( `AnalysisRuleCustom` ).", + "title": "AdditionalAnalyses", "type": "string" }, - "Expression": { - "markdownDescription": "This field can contain either a Metrics Insights query, or a metric math expression to be performed on the returned data. For more information about Metrics Insights queries, see [Metrics Insights query components and syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch-metrics-insights-querylanguage) in the *Amazon CloudWatch User Guide* .\n\nA math expression can use the `Id` of the other metrics or queries to refer to those metrics, and can also use the `Id` of other expressions to use the result of those expressions. For more information about metric math expressions, see [Metric Math Syntax and Functions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/using-metric-math.html#metric-math-syntax) in the *Amazon CloudWatch User Guide* .\n\nWithin each MetricDataQuery object, you must specify either `Expression` or `MetricStat` but not both.", - "title": "Expression", - "type": "string" + "AggregateColumns": { + "items": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AggregateColumn" + }, + "markdownDescription": "The columns that query runners are allowed to use in aggregation queries.", + "title": "AggregateColumns", + "type": "array" }, - "Id": { - "markdownDescription": "A short name used to tie this object to the results in the response. This name must be unique within a single call to `GetMetricData` . If you are performing math expressions on this set of data, this name represents that data and can serve as a variable in the mathematical expression. The valid characters are letters, numbers, and underscore. The first character must be a lowercase letter.", - "title": "Id", - "type": "string" + "AllowedJoinOperators": { + "items": { + "type": "string" + }, + "markdownDescription": "Which logical operators (if any) are to be used in an INNER JOIN match condition. Default is `AND` .", + "title": "AllowedJoinOperators", + "type": "array" }, - "Label": { - "markdownDescription": "A human-readable label for this metric or expression. This is especially useful if this is an expression, so that you know what the value represents. If the metric or expression is shown in a CloudWatch dashboard widget, the label is shown. If Label is omitted, CloudWatch generates a default.\n\nYou can put dynamic expressions into a label, so that it is more descriptive. For more information, see [Using Dynamic Labels](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/graph-dynamic-labels.html) .", - "title": "Label", - "type": "string" + "DimensionColumns": { + "items": { + "type": "string" + }, + "markdownDescription": "The columns that query runners are allowed to select, group by, or filter by.", + "title": "DimensionColumns", + "type": "array" }, - "MetricStat": { - "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.MetricStat", - "markdownDescription": "The metric to be returned, along with statistics, period, and units. Use this parameter only if this object is retrieving a metric and not performing a math expression on returned data.\n\nWithin one MetricDataQuery object, you must specify either `Expression` or `MetricStat` but not both.", - "title": "MetricStat" + "JoinColumns": { + "items": { + "type": "string" + }, + "markdownDescription": "Columns in configured table that can be used in join statements and/or as aggregate columns. They can never be outputted directly.", + "title": "JoinColumns", + "type": "array" }, - "Period": { - "markdownDescription": "The granularity, in seconds, of the returned data points. For metrics with regular resolution, a period can be as short as one minute (60 seconds) and must be a multiple of 60. For high-resolution metrics that are collected at intervals of less than one minute, the period can be 1, 5, 10, 20, 30, 60, or any multiple of 60. High-resolution metrics are those metrics stored by a `PutMetricData` operation that includes a `StorageResolution of 1 second` .", - "title": "Period", - "type": "number" + "JoinRequired": { + "markdownDescription": "Control that requires member who runs query to do a join with their configured table and/or other configured table in query.", + "title": "JoinRequired", + "type": "string" }, - "ReturnData": { - "markdownDescription": "When used in `GetMetricData` , this option indicates whether to return the timestamps and raw data values of this metric. If you are performing this call just to do math expressions and do not also need the raw data returned, you can specify `false` . If you omit this, the default of `true` is used.\n\nWhen used in `PutMetricAlarm` , specify `true` for the one expression result to use as the alarm. For all other metrics and expressions in the same `PutMetricAlarm` operation, specify `ReturnData` as False.", - "title": "ReturnData", - "type": "boolean" + "OutputConstraints": { + "items": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AggregationConstraint" + }, + "markdownDescription": "Columns that must meet a specific threshold value (after an aggregation function is applied to it) for each output row to be returned.", + "title": "OutputConstraints", + "type": "array" + }, + "ScalarFunctions": { + "items": { + "type": "string" + }, + "markdownDescription": "Set of scalar functions that are allowed to be used on dimension columns and the output of aggregation of metrics.", + "title": "ScalarFunctions", + "type": "array" } }, "required": [ - "Id" + "AggregateColumns", + "DimensionColumns", + "JoinColumns", + "OutputConstraints", + "ScalarFunctions" ], "type": "object" }, - "AWS::CloudWatch::AnomalyDetector.MetricMathAnomalyDetector": { + "AWS::CleanRooms::ConfiguredTable.AnalysisRuleCustom": { "additionalProperties": false, "properties": { - "MetricDataQueries": { + "AdditionalAnalyses": { + "markdownDescription": "An indicator as to whether additional analyses (such as AWS Clean Rooms ML) can be applied to the output of the direct query.", + "title": "AdditionalAnalyses", + "type": "string" + }, + "AllowedAnalyses": { "items": { - "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.MetricDataQuery" + "type": "string" }, - "markdownDescription": "An array of metric data query structures that enables you to create an anomaly detector based on the result of a metric math expression. Each item in `MetricDataQueries` gets a metric or performs a math expression. One item in `MetricDataQueries` is the expression that provides the time series that the anomaly detector uses as input. Designate the expression by setting `ReturnData` to `true` for this object in the array. For all other expressions and metrics, set `ReturnData` to `false` . The designated expression must return a single time series.", - "title": "MetricDataQueries", + "markdownDescription": "The ARN of the analysis templates that are allowed by the custom analysis rule.", + "title": "AllowedAnalyses", "type": "array" - } - }, - "type": "object" - }, - "AWS::CloudWatch::AnomalyDetector.MetricStat": { - "additionalProperties": false, - "properties": { - "Metric": { - "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.Metric", - "markdownDescription": "The metric to return, including the metric name, namespace, and dimensions.", - "title": "Metric" }, - "Period": { - "markdownDescription": "The granularity, in seconds, of the returned data points. For metrics with regular resolution, a period can be as short as one minute (60 seconds) and must be a multiple of 60. For high-resolution metrics that are collected at intervals of less than one minute, the period can be 1, 5, 10, 20, 30, 60, or any multiple of 60. High-resolution metrics are those metrics stored by a `PutMetricData` call that includes a `StorageResolution` of 1 second.\n\nIf the `StartTime` parameter specifies a time stamp that is greater than 3 hours ago, you must specify the period as follows or no data points in that time range is returned:\n\n- Start time between 3 hours and 15 days ago - Use a multiple of 60 seconds (1 minute).\n- Start time between 15 and 63 days ago - Use a multiple of 300 seconds (5 minutes).\n- Start time greater than 63 days ago - Use a multiple of 3600 seconds (1 hour).", - "title": "Period", - "type": "number" + "AllowedAnalysisProviders": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the AWS accounts that are allowed to query by the custom analysis rule. Required when `allowedAnalyses` is `ANY_QUERY` .", + "title": "AllowedAnalysisProviders", + "type": "array" }, - "Stat": { - "markdownDescription": "The statistic to return. It can include any CloudWatch statistic or extended statistic.", - "title": "Stat", - "type": "string" + "DifferentialPrivacy": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.DifferentialPrivacy", + "markdownDescription": "The differential privacy configuration.", + "title": "DifferentialPrivacy" }, - "Unit": { - "markdownDescription": "When you are using a `Put` operation, this defines what unit you want to use when storing the metric.\n\nIn a `Get` operation, if you omit `Unit` then all data that was collected with any unit is returned, along with the corresponding units that were specified when the data was reported to CloudWatch. If you specify a unit, the operation returns only data that was collected with that unit specified. If you specify a unit that does not match the data collected, the results of the operation are null. CloudWatch does not perform unit conversions.", - "title": "Unit", + "DisallowedOutputColumns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of columns that aren't allowed to be shown in the query output.", + "title": "DisallowedOutputColumns", + "type": "array" + } + }, + "required": [ + "AllowedAnalyses" + ], + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTable.AnalysisRuleList": { + "additionalProperties": false, + "properties": { + "AdditionalAnalyses": { + "markdownDescription": "An indicator as to whether additional analyses (such as AWS Clean Rooms ML) can be applied to the output of the direct query.", + "title": "AdditionalAnalyses", "type": "string" + }, + "AllowedJoinOperators": { + "items": { + "type": "string" + }, + "markdownDescription": "The logical operators (if any) that are to be used in an INNER JOIN match condition. Default is `AND` .", + "title": "AllowedJoinOperators", + "type": "array" + }, + "JoinColumns": { + "items": { + "type": "string" + }, + "markdownDescription": "Columns that can be used to join a configured table with the table of the member who can query and other members' configured tables.", + "title": "JoinColumns", + "type": "array" + }, + "ListColumns": { + "items": { + "type": "string" + }, + "markdownDescription": "Columns that can be listed in the output.", + "title": "ListColumns", + "type": "array" } }, "required": [ - "Metric", - "Period", - "Stat" + "JoinColumns", + "ListColumns" ], "type": "object" }, - "AWS::CloudWatch::AnomalyDetector.Range": { + "AWS::CleanRooms::ConfiguredTable.AthenaTableReference": { "additionalProperties": false, "properties": { - "EndTime": { - "markdownDescription": "The end time of the range to exclude. The format is `yyyy-MM-dd'T'HH:mm:ss` . For example, `2019-07-01T23:59:59` .", - "title": "EndTime", + "DatabaseName": { + "markdownDescription": "The database name.", + "title": "DatabaseName", "type": "string" }, - "StartTime": { - "markdownDescription": "The start time of the range to exclude. The format is `yyyy-MM-dd'T'HH:mm:ss` . For example, `2019-07-01T23:59:59` .", - "title": "StartTime", + "OutputLocation": { + "markdownDescription": "The output location for the Athena table.", + "title": "OutputLocation", + "type": "string" + }, + "TableName": { + "markdownDescription": "The table reference.", + "title": "TableName", + "type": "string" + }, + "WorkGroup": { + "markdownDescription": "The workgroup of the Athena table reference.", + "title": "WorkGroup", "type": "string" } }, "required": [ - "EndTime", - "StartTime" + "DatabaseName", + "TableName", + "WorkGroup" ], "type": "object" }, - "AWS::CloudWatch::AnomalyDetector.SingleMetricAnomalyDetector": { + "AWS::CleanRooms::ConfiguredTable.ConfiguredTableAnalysisRulePolicy": { "additionalProperties": false, "properties": { - "AccountId": { - "markdownDescription": "If the CloudWatch metric that provides the time series that the anomaly detector uses as input is in another account, specify that account ID here. If you omit this parameter, the current account is used.", - "title": "AccountId", - "type": "string" + "V1": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.ConfiguredTableAnalysisRulePolicyV1", + "markdownDescription": "Controls on the query specifications that can be run on a configured table.", + "title": "V1" + } + }, + "required": [ + "V1" + ], + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTable.ConfiguredTableAnalysisRulePolicyV1": { + "additionalProperties": false, + "properties": { + "Aggregation": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AnalysisRuleAggregation", + "markdownDescription": "Analysis rule type that enables only aggregation queries on a configured table.", + "title": "Aggregation" }, - "Dimensions": { + "Custom": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AnalysisRuleCustom", + "markdownDescription": "Analysis rule type that enables custom SQL queries on a configured table.", + "title": "Custom" + }, + "List": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AnalysisRuleList", + "markdownDescription": "Analysis rule type that enables only list queries on a configured table.", + "title": "List" + } + }, + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTable.DifferentialPrivacy": { + "additionalProperties": false, + "properties": { + "Columns": { "items": { - "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.Dimension" + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.DifferentialPrivacyColumn" }, - "markdownDescription": "The metric dimensions to create the anomaly detection model for.", - "title": "Dimensions", + "markdownDescription": "The name of the column, such as user_id, that contains the unique identifier of your users, whose privacy you want to protect. If you want to turn on differential privacy for two or more tables in a collaboration, you must configure the same column as the user identifier column in both analysis rules.", + "title": "Columns", "type": "array" + } + }, + "required": [ + "Columns" + ], + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTable.DifferentialPrivacyColumn": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the column, such as user_id, that contains the unique identifier of your users, whose privacy you want to protect. If you want to turn on differential privacy for two or more tables in a collaboration, you must configure the same column as the user identifier column in both analysis rules.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTable.GlueTableReference": { + "additionalProperties": false, + "properties": { + "DatabaseName": { + "markdownDescription": "The name of the database the AWS Glue table belongs to.", + "title": "DatabaseName", + "type": "string" }, - "MetricName": { - "markdownDescription": "The name of the metric to create the anomaly detection model for.", - "title": "MetricName", + "TableName": { + "markdownDescription": "The name of the AWS Glue table.", + "title": "TableName", + "type": "string" + } + }, + "required": [ + "DatabaseName", + "TableName" + ], + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTable.SnowflakeTableReference": { + "additionalProperties": false, + "properties": { + "AccountIdentifier": { + "markdownDescription": "The account identifier for the Snowflake table reference.", + "title": "AccountIdentifier", "type": "string" }, - "Namespace": { - "markdownDescription": "The namespace of the metric to create the anomaly detection model for.", - "title": "Namespace", + "DatabaseName": { + "markdownDescription": "The name of the database the Snowflake table belongs to.", + "title": "DatabaseName", "type": "string" }, - "Stat": { - "markdownDescription": "The statistic to use for the metric and anomaly detection model.", - "title": "Stat", + "SchemaName": { + "markdownDescription": "The schema name of the Snowflake table reference.", + "title": "SchemaName", + "type": "string" + }, + "SecretArn": { + "markdownDescription": "The secret ARN of the Snowflake table reference.", + "title": "SecretArn", + "type": "string" + }, + "TableName": { + "markdownDescription": "The name of the Snowflake table.", + "title": "TableName", "type": "string" + }, + "TableSchema": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.SnowflakeTableSchema", + "markdownDescription": "The schema of the Snowflake table.", + "title": "TableSchema" } }, + "required": [ + "AccountIdentifier", + "DatabaseName", + "SchemaName", + "SecretArn", + "TableName", + "TableSchema" + ], "type": "object" }, - "AWS::CloudWatch::CompositeAlarm": { + "AWS::CleanRooms::ConfiguredTable.SnowflakeTableSchema": { + "additionalProperties": false, + "properties": { + "V1": { + "items": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.SnowflakeTableSchemaV1" + }, + "markdownDescription": "The schema of a Snowflake table.", + "title": "V1", + "type": "array" + } + }, + "required": [ + "V1" + ], + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTable.SnowflakeTableSchemaV1": { + "additionalProperties": false, + "properties": { + "ColumnName": { + "markdownDescription": "The column name.", + "title": "ColumnName", + "type": "string" + }, + "ColumnType": { + "markdownDescription": "The column's data type. Supported data types: `ARRAY` , `BIGINT` , `BOOLEAN` , `CHAR` , `DATE` , `DECIMAL` , `DOUBLE` , `DOUBLE PRECISION` , `FLOAT` , `FLOAT4` , `INT` , `INTEGER` , `MAP` , `NUMERIC` , `NUMBER` , `REAL` , `SMALLINT` , `STRING` , `TIMESTAMP` , `TIMESTAMP_LTZ` , `TIMESTAMP_NTZ` , `DATETIME` , `TINYINT` , `VARCHAR` , `TEXT` , `CHARACTER` .", + "title": "ColumnType", + "type": "string" + } + }, + "required": [ + "ColumnName", + "ColumnType" + ], + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTable.TableReference": { + "additionalProperties": false, + "properties": { + "Athena": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AthenaTableReference", + "markdownDescription": "If present, a reference to the Athena table referred to by this table reference.", + "title": "Athena" + }, + "Glue": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.GlueTableReference", + "markdownDescription": "If present, a reference to the AWS Glue table referred to by this table reference.", + "title": "Glue" + }, + "Snowflake": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.SnowflakeTableReference", + "markdownDescription": "If present, a reference to the Snowflake table referred to by this table reference.", + "title": "Snowflake" + } + }, + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTableAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -40307,82 +45283,59 @@ "Properties": { "additionalProperties": false, "properties": { - "ActionsEnabled": { - "markdownDescription": "Indicates whether actions should be executed during any changes to the alarm state of the composite alarm. The default is TRUE.", - "title": "ActionsEnabled", - "type": "boolean" - }, - "ActionsSuppressor": { - "markdownDescription": "Actions will be suppressed if the suppressor alarm is in the `ALARM` state. `ActionsSuppressor` can be an AlarmName or an Amazon Resource Name (ARN) from an existing alarm.", - "title": "ActionsSuppressor", - "type": "string" - }, - "ActionsSuppressorExtensionPeriod": { - "markdownDescription": "The maximum time in seconds that the composite alarm waits after suppressor alarm goes out of the `ALARM` state. After this time, the composite alarm performs its actions.\n\n> `ExtensionPeriod` is required only when `ActionsSuppressor` is specified.", - "title": "ActionsSuppressorExtensionPeriod", - "type": "number" - }, - "ActionsSuppressorWaitPeriod": { - "markdownDescription": "The maximum time in seconds that the composite alarm waits for the suppressor alarm to go into the `ALARM` state. After this time, the composite alarm performs its actions.\n\n> `WaitPeriod` is required only when `ActionsSuppressor` is specified.", - "title": "ActionsSuppressorWaitPeriod", - "type": "number" - }, - "AlarmActions": { + "ConfiguredTableAssociationAnalysisRules": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTableAssociation.ConfiguredTableAssociationAnalysisRule" }, - "markdownDescription": "The actions to execute when this alarm transitions to the ALARM state from any other state. Each action is specified as an Amazon Resource Name (ARN). For more information about creating alarms and the actions that you can specify, see [PutCompositeAlarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutCompositeAlarm.html) in the *Amazon CloudWatch API Reference* .", - "title": "AlarmActions", + "markdownDescription": "An analysis rule for a configured table association. This analysis rule specifies how data from the table can be used within its associated collaboration. In the console, the `ConfiguredTableAssociationAnalysisRule` is referred to as the *collaboration analysis rule* .", + "title": "ConfiguredTableAssociationAnalysisRules", "type": "array" }, - "AlarmDescription": { - "markdownDescription": "The description for the composite alarm.", - "title": "AlarmDescription", + "ConfiguredTableIdentifier": { + "markdownDescription": "A unique identifier for the configured table to be associated to. Currently accepts a configured table ID.", + "title": "ConfiguredTableIdentifier", "type": "string" }, - "AlarmName": { - "markdownDescription": "The name for the composite alarm. This name must be unique within your AWS account.", - "title": "AlarmName", + "Description": { + "markdownDescription": "A description of the configured table association.", + "title": "Description", "type": "string" }, - "AlarmRule": { - "markdownDescription": "An expression that specifies which other alarms are to be evaluated to determine this composite alarm's state. For each alarm that you reference, you designate a function that specifies whether that alarm needs to be in ALARM state, OK state, or INSUFFICIENT_DATA state. You can use operators (AND, OR and NOT) to combine multiple functions in a single expression. You can use parenthesis to logically group the functions in your expression.\n\nYou can use either alarm names or ARNs to reference the other alarms that are to be evaluated.\n\nFunctions can include the following:\n\n- ALARM(\"alarm-name or alarm-ARN\") is TRUE if the named alarm is in ALARM state.\n- OK(\"alarm-name or alarm-ARN\") is TRUE if the named alarm is in OK state.\n- INSUFFICIENT_DATA(\"alarm-name or alarm-ARN\") is TRUE if the named alarm is in INSUFFICIENT_DATA state.\n- TRUE always evaluates to TRUE.\n- FALSE always evaluates to FALSE.\n\nTRUE and FALSE are useful for testing a complex AlarmRule structure, and for testing your alarm actions.\n\nFor more information about `AlarmRule` syntax, see [PutCompositeAlarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutCompositeAlarm.html) in the *Amazon CloudWatch API Reference* .", - "title": "AlarmRule", + "MembershipIdentifier": { + "markdownDescription": "The unique ID for the membership this configured table association belongs to.", + "title": "MembershipIdentifier", "type": "string" }, - "InsufficientDataActions": { - "items": { - "type": "string" - }, - "markdownDescription": "The actions to execute when this alarm transitions to the INSUFFICIENT_DATA state from any other state. Each action is specified as an Amazon Resource Name (ARN). For more information about creating alarms and the actions that you can specify, see [PutCompositeAlarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutCompositeAlarm.html) in the *Amazon CloudWatch API Reference* .", - "title": "InsufficientDataActions", - "type": "array" + "Name": { + "markdownDescription": "The name of the configured table association, in lowercase. The table is identified by this name when running protected queries against the underlying data.", + "title": "Name", + "type": "string" }, - "OKActions": { - "items": { - "type": "string" - }, - "markdownDescription": "The actions to execute when this alarm transitions to the OK state from any other state. Each action is specified as an Amazon Resource Name (ARN). For more information about creating alarms and the actions that you can specify, see [PutCompositeAlarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutCompositeAlarm.html) in the *Amazon CloudWatch API Reference* .", - "title": "OKActions", - "type": "array" + "RoleArn": { + "markdownDescription": "The service will assume this role to access catalog metadata and query the table.", + "title": "RoleArn", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of key-value pairs to associate with the alarm. You can associate as many as 50 tags with an alarm. To be able to associate tags with the alarm when you create the alarm, you must have the `cloudwatch:TagResource` permission.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.", + "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", "title": "Tags", "type": "array" } }, "required": [ - "AlarmRule" + "ConfiguredTableIdentifier", + "MembershipIdentifier", + "Name", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudWatch::CompositeAlarm" + "AWS::CleanRooms::ConfiguredTableAssociation" ], "type": "string" }, @@ -40401,7 +45354,128 @@ ], "type": "object" }, - "AWS::CloudWatch::Dashboard": { + "AWS::CleanRooms::ConfiguredTableAssociation.ConfiguredTableAssociationAnalysisRule": { + "additionalProperties": false, + "properties": { + "Policy": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTableAssociation.ConfiguredTableAssociationAnalysisRulePolicy", + "markdownDescription": "The policy of the configured table association analysis rule.", + "title": "Policy" + }, + "Type": { + "markdownDescription": "The type of the configured table association analysis rule.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Policy", + "Type" + ], + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTableAssociation.ConfiguredTableAssociationAnalysisRuleAggregation": { + "additionalProperties": false, + "properties": { + "AllowedAdditionalAnalyses": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of resources or wildcards (ARNs) that are allowed to perform additional analysis on query output.\n\nThe `allowedAdditionalAnalyses` parameter is currently supported for the list analysis rule ( `AnalysisRuleList` ) and the custom analysis rule ( `AnalysisRuleCustom` ).", + "title": "AllowedAdditionalAnalyses", + "type": "array" + }, + "AllowedResultReceivers": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of collaboration members who are allowed to receive results of queries run with this configured table.", + "title": "AllowedResultReceivers", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTableAssociation.ConfiguredTableAssociationAnalysisRuleCustom": { + "additionalProperties": false, + "properties": { + "AllowedAdditionalAnalyses": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of resources or wildcards (ARNs) that are allowed to perform additional analysis on query output.", + "title": "AllowedAdditionalAnalyses", + "type": "array" + }, + "AllowedResultReceivers": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of collaboration members who are allowed to receive results of queries run with this configured table.", + "title": "AllowedResultReceivers", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTableAssociation.ConfiguredTableAssociationAnalysisRuleList": { + "additionalProperties": false, + "properties": { + "AllowedAdditionalAnalyses": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of resources or wildcards (ARNs) that are allowed to perform additional analysis on query output.", + "title": "AllowedAdditionalAnalyses", + "type": "array" + }, + "AllowedResultReceivers": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of collaboration members who are allowed to receive results of queries run with this configured table.", + "title": "AllowedResultReceivers", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTableAssociation.ConfiguredTableAssociationAnalysisRulePolicy": { + "additionalProperties": false, + "properties": { + "V1": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTableAssociation.ConfiguredTableAssociationAnalysisRulePolicyV1", + "markdownDescription": "The policy for the configured table association analysis rule.", + "title": "V1" + } + }, + "required": [ + "V1" + ], + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTableAssociation.ConfiguredTableAssociationAnalysisRulePolicyV1": { + "additionalProperties": false, + "properties": { + "Aggregation": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTableAssociation.ConfiguredTableAssociationAnalysisRuleAggregation", + "markdownDescription": "Analysis rule type that enables only aggregation queries on a configured table.", + "title": "Aggregation" + }, + "Custom": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTableAssociation.ConfiguredTableAssociationAnalysisRuleCustom", + "markdownDescription": "Analysis rule type that enables the table owner to approve custom SQL queries on their configured tables. It supports differential privacy.", + "title": "Custom" + }, + "List": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTableAssociation.ConfiguredTableAssociationAnalysisRuleList", + "markdownDescription": "Analysis rule type that enables only list queries on a configured table.", + "title": "List" + } + }, + "type": "object" + }, + "AWS::CleanRooms::IdMappingTable": { "additionalProperties": false, "properties": { "Condition": { @@ -40436,25 +45510,50 @@ "Properties": { "additionalProperties": false, "properties": { - "DashboardBody": { - "markdownDescription": "The detailed information about the dashboard in JSON format, including the widgets to include and their location on the dashboard. This parameter is required.\n\nFor more information about the syntax, see [Dashboard Body Structure and Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/CloudWatch-Dashboard-Body-Structure.html) .", - "title": "DashboardBody", + "Description": { + "markdownDescription": "The description of the ID mapping table.", + "title": "Description", "type": "string" }, - "DashboardName": { - "markdownDescription": "The name of the dashboard. The name must be between 1 and 255 characters. If you do not specify a name, one will be generated automatically.", - "title": "DashboardName", + "InputReferenceConfig": { + "$ref": "#/definitions/AWS::CleanRooms::IdMappingTable.IdMappingTableInputReferenceConfig", + "markdownDescription": "The input reference configuration for the ID mapping table.", + "title": "InputReferenceConfig" + }, + "KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key.", + "title": "KmsKeyArn", + "type": "string" + }, + "MembershipIdentifier": { + "markdownDescription": "The unique identifier of the membership resource for the ID mapping table.", + "title": "MembershipIdentifier", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the ID mapping table.", + "title": "Name", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", + "title": "Tags", + "type": "array" } }, "required": [ - "DashboardBody" + "InputReferenceConfig", + "MembershipIdentifier", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudWatch::Dashboard" + "AWS::CleanRooms::IdMappingTable" ], "type": "string" }, @@ -40473,7 +45572,64 @@ ], "type": "object" }, - "AWS::CloudWatch::InsightRule": { + "AWS::CleanRooms::IdMappingTable.IdMappingTableInputReferenceConfig": { + "additionalProperties": false, + "properties": { + "InputReferenceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the referenced resource in AWS Entity Resolution . Valid values are ID mapping workflow ARNs.", + "title": "InputReferenceArn", + "type": "string" + }, + "ManageResourcePolicies": { + "markdownDescription": "When `TRUE` , AWS Clean Rooms manages permissions for the ID mapping table resource.\n\nWhen `FALSE` , the resource owner manages permissions for the ID mapping table resource.", + "title": "ManageResourcePolicies", + "type": "boolean" + } + }, + "required": [ + "InputReferenceArn", + "ManageResourcePolicies" + ], + "type": "object" + }, + "AWS::CleanRooms::IdMappingTable.IdMappingTableInputReferenceProperties": { + "additionalProperties": false, + "properties": { + "IdMappingTableInputSource": { + "items": { + "$ref": "#/definitions/AWS::CleanRooms::IdMappingTable.IdMappingTableInputSource" + }, + "markdownDescription": "The input source of the ID mapping table.", + "title": "IdMappingTableInputSource", + "type": "array" + } + }, + "required": [ + "IdMappingTableInputSource" + ], + "type": "object" + }, + "AWS::CleanRooms::IdMappingTable.IdMappingTableInputSource": { + "additionalProperties": false, + "properties": { + "IdNamespaceAssociationId": { + "markdownDescription": "The unique identifier of the ID namespace association.", + "title": "IdNamespaceAssociationId", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the input source of the ID mapping table.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "IdNamespaceAssociationId", + "Type" + ], + "type": "object" + }, + "AWS::CleanRooms::IdNamespaceAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -40508,37 +45664,50 @@ "Properties": { "additionalProperties": false, "properties": { - "RuleBody": { - "markdownDescription": "The definition of the rule, as a JSON object. For details about the syntax, see [Contributor Insights Rule Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/ContributorInsights-RuleSyntax.html) in the *Amazon CloudWatch User Guide* .", - "title": "RuleBody", + "Description": { + "markdownDescription": "The description of the ID namespace association.", + "title": "Description", "type": "string" }, - "RuleName": { - "markdownDescription": "The name of the rule.", - "title": "RuleName", + "IdMappingConfig": { + "$ref": "#/definitions/AWS::CleanRooms::IdNamespaceAssociation.IdMappingConfig", + "markdownDescription": "The configuration settings for the ID mapping table.", + "title": "IdMappingConfig" + }, + "InputReferenceConfig": { + "$ref": "#/definitions/AWS::CleanRooms::IdNamespaceAssociation.IdNamespaceAssociationInputReferenceConfig", + "markdownDescription": "The input reference configuration for the ID namespace association.", + "title": "InputReferenceConfig" + }, + "MembershipIdentifier": { + "markdownDescription": "The unique identifier of the membership that contains the ID namespace association.", + "title": "MembershipIdentifier", "type": "string" }, - "RuleState": { - "markdownDescription": "The current state of the rule. Valid values are `ENABLED` and `DISABLED` .", - "title": "RuleState", + "Name": { + "markdownDescription": "The name of this ID namespace association.", + "title": "Name", "type": "string" }, "Tags": { - "$ref": "#/definitions/AWS::CloudWatch::InsightRule.Tags", - "markdownDescription": "A list of key-value pairs to associate with the Contributor Insights rule. You can associate as many as 50 tags with a rule.\n\nTags can help you organize and categorize your resources. For more information, see [Tagging Your Amazon CloudWatch Resources](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Tagging.html) .\n\nTo be able to associate tags with a rule, you must have the `cloudwatch:TagResource` permission in addition to the `cloudwatch:PutInsightRule` permission.", - "title": "Tags" + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", + "title": "Tags", + "type": "array" } }, "required": [ - "RuleBody", - "RuleName", - "RuleState" + "InputReferenceConfig", + "MembershipIdentifier", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudWatch::InsightRule" + "AWS::CleanRooms::IdNamespaceAssociation" ], "type": "string" }, @@ -40557,12 +45726,60 @@ ], "type": "object" }, - "AWS::CloudWatch::InsightRule.Tags": { + "AWS::CleanRooms::IdNamespaceAssociation.IdMappingConfig": { "additionalProperties": false, - "properties": {}, + "properties": { + "AllowUseAsDimensionColumn": { + "markdownDescription": "An indicator as to whether you can use your column as a dimension column in the ID mapping table ( `TRUE` ) or not ( `FALSE` ).\n\nDefault is `FALSE` .", + "title": "AllowUseAsDimensionColumn", + "type": "boolean" + } + }, + "required": [ + "AllowUseAsDimensionColumn" + ], "type": "object" }, - "AWS::CloudWatch::MetricStream": { + "AWS::CleanRooms::IdNamespaceAssociation.IdNamespaceAssociationInputReferenceConfig": { + "additionalProperties": false, + "properties": { + "InputReferenceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Entity Resolution resource that is being associated to the collaboration. Valid resource ARNs are from the ID namespaces that you own.", + "title": "InputReferenceArn", + "type": "string" + }, + "ManageResourcePolicies": { + "markdownDescription": "When `TRUE` , AWS Clean Rooms manages permissions for the ID namespace association resource.\n\nWhen `FALSE` , the resource owner manages permissions for the ID namespace association resource.", + "title": "ManageResourcePolicies", + "type": "boolean" + } + }, + "required": [ + "InputReferenceArn", + "ManageResourcePolicies" + ], + "type": "object" + }, + "AWS::CleanRooms::IdNamespaceAssociation.IdNamespaceAssociationInputReferenceProperties": { + "additionalProperties": false, + "properties": { + "IdMappingWorkflowsSupported": { + "items": { + "type": "object" + }, + "markdownDescription": "Defines how ID mapping workflows are supported for this ID namespace association.", + "title": "IdMappingWorkflowsSupported", + "type": "array" + }, + "IdNamespaceType": { + "markdownDescription": "The ID namespace type for this ID namespace association.", + "title": "IdNamespaceType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CleanRooms::Membership": { "additionalProperties": false, "properties": { "Condition": { @@ -40597,74 +45814,54 @@ "Properties": { "additionalProperties": false, "properties": { - "ExcludeFilters": { - "items": { - "$ref": "#/definitions/AWS::CloudWatch::MetricStream.MetricStreamFilter" - }, - "markdownDescription": "If you specify this parameter, the stream sends metrics from all metric namespaces except for the namespaces that you specify here. You cannot specify both `IncludeFilters` and `ExcludeFilters` in the same metric stream.\n\nWhen you modify the `IncludeFilters` or `ExcludeFilters` of an existing metric stream in any way, the metric stream is effectively restarted, so after such a change you will get only the datapoints that have a timestamp after the time of the update.", - "title": "ExcludeFilters", - "type": "array" - }, - "FirehoseArn": { - "markdownDescription": "The ARN of the Amazon Kinesis Firehose delivery stream to use for this metric stream. This Amazon Kinesis Firehose delivery stream must already exist and must be in the same account as the metric stream.", - "title": "FirehoseArn", + "CollaborationIdentifier": { + "markdownDescription": "The unique ID for the associated collaboration.", + "title": "CollaborationIdentifier", "type": "string" }, - "IncludeFilters": { - "items": { - "$ref": "#/definitions/AWS::CloudWatch::MetricStream.MetricStreamFilter" - }, - "markdownDescription": "If you specify this parameter, the stream sends only the metrics from the metric namespaces that you specify here. You cannot specify both `IncludeFilters` and `ExcludeFilters` in the same metric stream.\n\nWhen you modify the `IncludeFilters` or `ExcludeFilters` of an existing metric stream in any way, the metric stream is effectively restarted, so after such a change you will get only the datapoints that have a timestamp after the time of the update.", - "title": "IncludeFilters", - "type": "array" + "DefaultJobResultConfiguration": { + "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipProtectedJobResultConfiguration", + "markdownDescription": "The default job result configuration for the membership.", + "title": "DefaultJobResultConfiguration" }, - "IncludeLinkedAccountsMetrics": { - "markdownDescription": "If you are creating a metric stream in a monitoring account, specify `true` to include metrics from source accounts that are linked to this monitoring account, in the metric stream. The default is `false` .\n\nFor more information about linking accounts, see [CloudWatch cross-account observability](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Unified-Cross-Account.html)", - "title": "IncludeLinkedAccountsMetrics", - "type": "boolean" + "DefaultResultConfiguration": { + "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipProtectedQueryResultConfiguration", + "markdownDescription": "The default protected query result configuration as specified by the member who can receive results.", + "title": "DefaultResultConfiguration" }, - "Name": { - "markdownDescription": "If you are creating a new metric stream, this is the name for the new stream. The name must be different than the names of other metric streams in this account and Region.\n\nIf you are updating a metric stream, specify the name of that stream here.", - "title": "Name", + "JobLogStatus": { + "markdownDescription": "An indicator as to whether job logging has been enabled or disabled for the collaboration.\n\nWhen `ENABLED` , AWS Clean Rooms logs details about jobs run within this collaboration and those logs can be viewed in Amazon CloudWatch Logs. The default value is `DISABLED` .", + "title": "JobLogStatus", "type": "string" }, - "OutputFormat": { - "markdownDescription": "The output format for the stream. Valid values are `json` , `opentelemetry1.0` and `opentelemetry0.7` For more information about metric stream output formats, see [Metric streams output formats](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-metric-streams-formats.html) .\n\nThis parameter is required.", - "title": "OutputFormat", - "type": "string" + "PaymentConfiguration": { + "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipPaymentConfiguration", + "markdownDescription": "The payment responsibilities accepted by the collaboration member.", + "title": "PaymentConfiguration" }, - "RoleArn": { - "markdownDescription": "The ARN of an IAM role that this metric stream will use to access Amazon Kinesis Firehose resources. This IAM role must already exist and must be in the same account as the metric stream. This IAM role must include the `firehose:PutRecord` and `firehose:PutRecordBatch` permissions.", - "title": "RoleArn", + "QueryLogStatus": { + "markdownDescription": "An indicator as to whether query logging has been enabled or disabled for the membership.\n\nWhen `ENABLED` , AWS Clean Rooms logs details about queries run within this collaboration and those logs can be viewed in Amazon CloudWatch Logs. The default value is `DISABLED` .", + "title": "QueryLogStatus", "type": "string" }, - "StatisticsConfigurations": { - "items": { - "$ref": "#/definitions/AWS::CloudWatch::MetricStream.MetricStreamStatisticsConfiguration" - }, - "markdownDescription": "By default, a metric stream always sends the MAX, MIN, SUM, and SAMPLECOUNT statistics for each metric that is streamed. You can use this parameter to have the metric stream also send additional statistics in the stream. This array can have up to 100 members.\n\nFor each entry in this array, you specify one or more metrics and the list of additional statistics to stream for those metrics. The additional statistics that you can stream depend on the stream's `OutputFormat` . If the `OutputFormat` is `json` , you can stream any additional statistic that is supported by CloudWatch , listed in [CloudWatch statistics definitions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Statistics-definitions.html) . If the `OutputFormat` is OpenTelemetry, you can stream percentile statistics.", - "title": "StatisticsConfigurations", - "type": "array" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to the metric stream.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", "title": "Tags", "type": "array" } }, "required": [ - "FirehoseArn", - "OutputFormat", - "RoleArn" + "CollaborationIdentifier", + "QueryLogStatus" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudWatch::MetricStream" + "AWS::CleanRooms::Membership" ], "type": "string" }, @@ -40683,75 +45880,219 @@ ], "type": "object" }, - "AWS::CloudWatch::MetricStream.MetricStreamFilter": { + "AWS::CleanRooms::Membership.MembershipJobComputePaymentConfig": { "additionalProperties": false, "properties": { - "MetricNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The names of the metrics to either include or exclude from the metric stream.\n\nIf you omit this parameter, all metrics in the namespace are included or excluded, depending on whether this filter is specified as an exclude filter or an include filter.\n\nEach metric name can contain only ASCII printable characters (ASCII range 32 through 126). Each metric name must contain at least one non-whitespace character.", - "title": "MetricNames", - "type": "array" + "IsResponsible": { + "markdownDescription": "Indicates whether the collaboration member has accepted to pay for job compute costs ( `TRUE` ) or has not accepted to pay for query and job compute costs ( `FALSE` ).\n\nThere is only one member who pays for queries and jobs.\n\nAn error message is returned for the following reasons:\n\n- If you set the value to `FALSE` but you are responsible to pay for query and job compute costs.\n- If you set the value to `TRUE` but you are not responsible to pay for query and job compute costs.", + "title": "IsResponsible", + "type": "boolean" + } + }, + "required": [ + "IsResponsible" + ], + "type": "object" + }, + "AWS::CleanRooms::Membership.MembershipMLPaymentConfig": { + "additionalProperties": false, + "properties": { + "ModelInference": { + "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipModelInferencePaymentConfig", + "markdownDescription": "The payment responsibilities accepted by the member for model inference.", + "title": "ModelInference" }, - "Namespace": { - "markdownDescription": "The name of the metric namespace in the filter.\n\nThe namespace can contain only ASCII printable characters (ASCII range 32 through 126). It must contain at least one non-whitespace character.", - "title": "Namespace", + "ModelTraining": { + "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipModelTrainingPaymentConfig", + "markdownDescription": "The payment responsibilities accepted by the member for model training.", + "title": "ModelTraining" + } + }, + "type": "object" + }, + "AWS::CleanRooms::Membership.MembershipModelInferencePaymentConfig": { + "additionalProperties": false, + "properties": { + "IsResponsible": { + "markdownDescription": "Indicates whether the collaboration member has accepted to pay for model inference costs ( `TRUE` ) or has not accepted to pay for model inference costs ( `FALSE` ).\n\nIf the collaboration creator has not specified anyone to pay for model inference costs, then the member who can query is the default payer.\n\nAn error message is returned for the following reasons:\n\n- If you set the value to `FALSE` but you are responsible to pay for model inference costs.\n- If you set the value to `TRUE` but you are not responsible to pay for model inference costs.", + "title": "IsResponsible", + "type": "boolean" + } + }, + "required": [ + "IsResponsible" + ], + "type": "object" + }, + "AWS::CleanRooms::Membership.MembershipModelTrainingPaymentConfig": { + "additionalProperties": false, + "properties": { + "IsResponsible": { + "markdownDescription": "Indicates whether the collaboration member has accepted to pay for model training costs ( `TRUE` ) or has not accepted to pay for model training costs ( `FALSE` ).\n\nIf the collaboration creator has not specified anyone to pay for model training costs, then the member who can query is the default payer.\n\nAn error message is returned for the following reasons:\n\n- If you set the value to `FALSE` but you are responsible to pay for model training costs.\n- If you set the value to `TRUE` but you are not responsible to pay for model training costs.", + "title": "IsResponsible", + "type": "boolean" + } + }, + "required": [ + "IsResponsible" + ], + "type": "object" + }, + "AWS::CleanRooms::Membership.MembershipPaymentConfiguration": { + "additionalProperties": false, + "properties": { + "JobCompute": { + "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipJobComputePaymentConfig", + "markdownDescription": "The payment responsibilities accepted by the collaboration member for job compute costs.", + "title": "JobCompute" + }, + "MachineLearning": { + "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipMLPaymentConfig", + "markdownDescription": "The payment responsibilities accepted by the collaboration member for machine learning costs.", + "title": "MachineLearning" + }, + "QueryCompute": { + "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipQueryComputePaymentConfig", + "markdownDescription": "The payment responsibilities accepted by the collaboration member for query compute costs.", + "title": "QueryCompute" + } + }, + "required": [ + "QueryCompute" + ], + "type": "object" + }, + "AWS::CleanRooms::Membership.MembershipProtectedJobOutputConfiguration": { + "additionalProperties": false, + "properties": { + "S3": { + "$ref": "#/definitions/AWS::CleanRooms::Membership.ProtectedJobS3OutputConfigurationInput", + "markdownDescription": "Contains the configuration to write the job results to S3.", + "title": "S3" + } + }, + "required": [ + "S3" + ], + "type": "object" + }, + "AWS::CleanRooms::Membership.MembershipProtectedJobResultConfiguration": { + "additionalProperties": false, + "properties": { + "OutputConfiguration": { + "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipProtectedJobOutputConfiguration", + "markdownDescription": "The output configuration for a protected job result.", + "title": "OutputConfiguration" + }, + "RoleArn": { + "markdownDescription": "The unique ARN for an IAM role that is used by AWS Clean Rooms to write protected job results to the result location, given by the member who can receive results.", + "title": "RoleArn", "type": "string" } }, "required": [ - "Namespace" + "OutputConfiguration", + "RoleArn" ], "type": "object" }, - "AWS::CloudWatch::MetricStream.MetricStreamStatisticsConfiguration": { + "AWS::CleanRooms::Membership.MembershipProtectedQueryOutputConfiguration": { "additionalProperties": false, "properties": { - "AdditionalStatistics": { - "items": { - "type": "string" - }, - "markdownDescription": "The additional statistics to stream for the metrics listed in `IncludeMetrics` .", - "title": "AdditionalStatistics", - "type": "array" + "S3": { + "$ref": "#/definitions/AWS::CleanRooms::Membership.ProtectedQueryS3OutputConfiguration", + "markdownDescription": "Required configuration for a protected query with an `s3` output type.", + "title": "S3" + } + }, + "required": [ + "S3" + ], + "type": "object" + }, + "AWS::CleanRooms::Membership.MembershipProtectedQueryResultConfiguration": { + "additionalProperties": false, + "properties": { + "OutputConfiguration": { + "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipProtectedQueryOutputConfiguration", + "markdownDescription": "Configuration for protected query results.", + "title": "OutputConfiguration" }, - "IncludeMetrics": { - "items": { - "$ref": "#/definitions/AWS::CloudWatch::MetricStream.MetricStreamStatisticsMetric" - }, - "markdownDescription": "An array that defines the metrics that are to have additional statistics streamed.", - "title": "IncludeMetrics", - "type": "array" + "RoleArn": { + "markdownDescription": "The unique ARN for an IAM role that is used by AWS Clean Rooms to write protected query results to the result location, given by the member who can receive results.", + "title": "RoleArn", + "type": "string" } }, "required": [ - "AdditionalStatistics", - "IncludeMetrics" + "OutputConfiguration" ], "type": "object" }, - "AWS::CloudWatch::MetricStream.MetricStreamStatisticsMetric": { + "AWS::CleanRooms::Membership.MembershipQueryComputePaymentConfig": { "additionalProperties": false, "properties": { - "MetricName": { - "markdownDescription": "The name of the metric.", - "title": "MetricName", + "IsResponsible": { + "markdownDescription": "Indicates whether the collaboration member has accepted to pay for query compute costs ( `TRUE` ) or has not accepted to pay for query compute costs ( `FALSE` ).\n\nIf the collaboration creator has not specified anyone to pay for query compute costs, then the member who can query is the default payer.\n\nAn error message is returned for the following reasons:\n\n- If you set the value to `FALSE` but you are responsible to pay for query compute costs.\n- If you set the value to `TRUE` but you are not responsible to pay for query compute costs.", + "title": "IsResponsible", + "type": "boolean" + } + }, + "required": [ + "IsResponsible" + ], + "type": "object" + }, + "AWS::CleanRooms::Membership.ProtectedJobS3OutputConfigurationInput": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The S3 bucket for job output.", + "title": "Bucket", "type": "string" }, - "Namespace": { - "markdownDescription": "The namespace of the metric.", - "title": "Namespace", + "KeyPrefix": { + "markdownDescription": "The S3 prefix to unload the protected job results.", + "title": "KeyPrefix", "type": "string" } }, "required": [ - "MetricName", - "Namespace" + "Bucket" ], "type": "object" }, - "AWS::CodeArtifact::Domain": { + "AWS::CleanRooms::Membership.ProtectedQueryS3OutputConfiguration": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The S3 bucket to unload the protected query results.", + "title": "Bucket", + "type": "string" + }, + "KeyPrefix": { + "markdownDescription": "The S3 prefix to unload the protected query results.", + "title": "KeyPrefix", + "type": "string" + }, + "ResultFormat": { + "markdownDescription": "Intended file format of the result.", + "title": "ResultFormat", + "type": "string" + }, + "SingleFileOutput": { + "markdownDescription": "Indicates whether files should be output as a single file ( `TRUE` ) or output as multiple files ( `FALSE` ). This parameter is only supported for analyses with the Spark analytics engine.", + "title": "SingleFileOutput", + "type": "boolean" + } + }, + "required": [ + "Bucket", + "ResultFormat" + ], + "type": "object" + }, + "AWS::CleanRooms::PrivacyBudgetTemplate": { "additionalProperties": false, "properties": { "Condition": { @@ -40786,38 +46127,46 @@ "Properties": { "additionalProperties": false, "properties": { - "DomainName": { - "markdownDescription": "A string that specifies the name of the requested domain.", - "title": "DomainName", + "AutoRefresh": { + "markdownDescription": "How often the privacy budget refreshes.\n\n> If you plan to regularly bring new data into the collaboration, use `CALENDAR_MONTH` to automatically get a new privacy budget for the collaboration every calendar month. Choosing this option allows arbitrary amounts of information to be revealed about rows of the data when repeatedly queried across refreshes. Avoid choosing this if the same rows will be repeatedly queried between privacy budget refreshes.", + "title": "AutoRefresh", "type": "string" }, - "EncryptionKey": { - "markdownDescription": "The key used to encrypt the domain.", - "title": "EncryptionKey", + "MembershipIdentifier": { + "markdownDescription": "The identifier for a membership resource.", + "title": "MembershipIdentifier", "type": "string" }, - "PermissionsPolicyDocument": { - "markdownDescription": "The document that defines the resource policy that is set on a domain.", - "title": "PermissionsPolicyDocument", - "type": "object" + "Parameters": { + "$ref": "#/definitions/AWS::CleanRooms::PrivacyBudgetTemplate.Parameters", + "markdownDescription": "Specifies the epsilon and noise parameters for the privacy budget template.", + "title": "Parameters" + }, + "PrivacyBudgetType": { + "markdownDescription": "Specifies the type of the privacy budget template.", + "title": "PrivacyBudgetType", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tags to be applied to the domain.", + "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", "title": "Tags", "type": "array" } }, "required": [ - "DomainName" + "AutoRefresh", + "MembershipIdentifier", + "Parameters", + "PrivacyBudgetType" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeArtifact::Domain" + "AWS::CleanRooms::PrivacyBudgetTemplate" ], "type": "string" }, @@ -40836,7 +46185,27 @@ ], "type": "object" }, - "AWS::CodeArtifact::PackageGroup": { + "AWS::CleanRooms::PrivacyBudgetTemplate.Parameters": { + "additionalProperties": false, + "properties": { + "Epsilon": { + "markdownDescription": "The epsilon value that you want to use.", + "title": "Epsilon", + "type": "number" + }, + "UsersNoisePerQuery": { + "markdownDescription": "Noise added per query is measured in terms of the number of users whose contributions you want to obscure. This value governs the rate at which the privacy budget is depleted.", + "title": "UsersNoisePerQuery", + "type": "number" + } + }, + "required": [ + "Epsilon", + "UsersNoisePerQuery" + ], + "type": "object" + }, + "AWS::CleanRoomsML::TrainingDataset": { "additionalProperties": false, "properties": { "Condition": { @@ -40871,54 +46240,48 @@ "Properties": { "additionalProperties": false, "properties": { - "ContactInfo": { - "markdownDescription": "The contact information of the package group.", - "title": "ContactInfo", - "type": "string" - }, "Description": { - "markdownDescription": "The description of the package group.", + "markdownDescription": "The description of the training dataset.", "title": "Description", "type": "string" }, - "DomainName": { - "markdownDescription": "The domain that contains the package group.", - "title": "DomainName", - "type": "string" - }, - "DomainOwner": { - "markdownDescription": "The 12-digit account number of the AWS account that owns the domain. It does not include dashes or spaces.", - "title": "DomainOwner", + "Name": { + "markdownDescription": "The name of the training dataset.", + "title": "Name", "type": "string" }, - "OriginConfiguration": { - "$ref": "#/definitions/AWS::CodeArtifact::PackageGroup.OriginConfiguration", - "markdownDescription": "Details about the package origin configuration of a package group.", - "title": "OriginConfiguration" - }, - "Pattern": { - "markdownDescription": "The pattern of the package group. The pattern determines which packages are associated with the package group.", - "title": "Pattern", + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that Clean Rooms ML can assume to read the data referred to in the `dataSource` field of each dataset.\n\nPassing a role across accounts is not allowed. If you pass a role that isn't in your account, you get an `AccessDeniedException` error.", + "title": "RoleArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "", + "markdownDescription": "The optional metadata that you apply to the resource to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50.\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8.\n- Maximum value length - 256 Unicode characters in UTF-8.\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for keys as it is reserved. You cannot edit or delete tag keys with this prefix. Values can have this prefix. If a tag value has `aws` as its prefix but the key does not, then Clean Rooms ML considers it to be a user tag and will count against the limit of 50 tags. Tags with only the key prefix of `aws` do not count against your tags per resource limit.", "title": "Tags", "type": "array" + }, + "TrainingData": { + "items": { + "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.Dataset" + }, + "markdownDescription": "An array of information that lists the Dataset objects, which specifies the dataset type and details on its location and schema. You must provide a role that has read access to these tables.", + "title": "TrainingData", + "type": "array" } }, "required": [ - "DomainName", - "Pattern" + "Name", + "RoleArn", + "TrainingData" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeArtifact::PackageGroup" + "AWS::CleanRoomsML::TrainingDataset" ], "type": "string" }, @@ -40937,64 +46300,112 @@ ], "type": "object" }, - "AWS::CodeArtifact::PackageGroup.OriginConfiguration": { + "AWS::CleanRoomsML::TrainingDataset.ColumnSchema": { "additionalProperties": false, "properties": { - "Restrictions": { - "$ref": "#/definitions/AWS::CodeArtifact::PackageGroup.Restrictions", - "markdownDescription": "", - "title": "Restrictions" + "ColumnName": { + "markdownDescription": "The name of a column.", + "title": "ColumnName", + "type": "string" + }, + "ColumnTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The data type of column.", + "title": "ColumnTypes", + "type": "array" } }, "required": [ - "Restrictions" + "ColumnName", + "ColumnTypes" ], "type": "object" }, - "AWS::CodeArtifact::PackageGroup.RestrictionType": { + "AWS::CleanRoomsML::TrainingDataset.DataSource": { "additionalProperties": false, "properties": { - "Repositories": { + "GlueDataSource": { + "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.GlueDataSource", + "markdownDescription": "A GlueDataSource object that defines the catalog ID, database name, and table name for the training data.", + "title": "GlueDataSource" + } + }, + "required": [ + "GlueDataSource" + ], + "type": "object" + }, + "AWS::CleanRoomsML::TrainingDataset.Dataset": { + "additionalProperties": false, + "properties": { + "InputConfig": { + "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.DatasetInputConfig", + "markdownDescription": "A DatasetInputConfig object that defines the data source and schema mapping.", + "title": "InputConfig" + }, + "Type": { + "markdownDescription": "What type of information is found in the dataset.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "InputConfig", + "Type" + ], + "type": "object" + }, + "AWS::CleanRoomsML::TrainingDataset.DatasetInputConfig": { + "additionalProperties": false, + "properties": { + "DataSource": { + "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.DataSource", + "markdownDescription": "A DataSource object that specifies the Glue data source for the training data.", + "title": "DataSource" + }, + "Schema": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.ColumnSchema" }, - "markdownDescription": "", - "title": "Repositories", + "markdownDescription": "The schema information for the training data.", + "title": "Schema", "type": "array" - }, - "RestrictionMode": { - "markdownDescription": "", - "title": "RestrictionMode", - "type": "string" } }, "required": [ - "RestrictionMode" + "DataSource", + "Schema" ], "type": "object" }, - "AWS::CodeArtifact::PackageGroup.Restrictions": { + "AWS::CleanRoomsML::TrainingDataset.GlueDataSource": { "additionalProperties": false, "properties": { - "ExternalUpstream": { - "$ref": "#/definitions/AWS::CodeArtifact::PackageGroup.RestrictionType", - "markdownDescription": "", - "title": "ExternalUpstream" + "CatalogId": { + "markdownDescription": "The Glue catalog that contains the training data.", + "title": "CatalogId", + "type": "string" }, - "InternalUpstream": { - "$ref": "#/definitions/AWS::CodeArtifact::PackageGroup.RestrictionType", - "markdownDescription": "", - "title": "InternalUpstream" + "DatabaseName": { + "markdownDescription": "The Glue database that contains the training data.", + "title": "DatabaseName", + "type": "string" }, - "Publish": { - "$ref": "#/definitions/AWS::CodeArtifact::PackageGroup.RestrictionType", - "markdownDescription": "", - "title": "Publish" + "TableName": { + "markdownDescription": "The Glue table that contains the training data.", + "title": "TableName", + "type": "string" } }, + "required": [ + "DatabaseName", + "TableName" + ], "type": "object" }, - "AWS::CodeArtifact::Repository": { + "AWS::Cloud9::EnvironmentEC2": { "additionalProperties": false, "properties": { "Condition": { @@ -41029,65 +46440,72 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A text description of the repository.", - "title": "Description", + "AutomaticStopTimeMinutes": { + "markdownDescription": "The number of minutes until the running instance is shut down after the environment was last used.", + "title": "AutomaticStopTimeMinutes", + "type": "number" + }, + "ConnectionType": { + "markdownDescription": "The connection type used for connecting to an Amazon EC2 environment. Valid values are `CONNECT_SSH` (default) and `CONNECT_SSM` (connected through AWS Systems Manager ).", + "title": "ConnectionType", "type": "string" }, - "DomainName": { - "markdownDescription": "The name of the domain that contains the repository.", - "title": "DomainName", + "Description": { + "markdownDescription": "The description of the environment to create.", + "title": "Description", "type": "string" }, - "DomainOwner": { - "markdownDescription": "The 12-digit account number of the AWS account that owns the domain that contains the repository. It does not include dashes or spaces.", - "title": "DomainOwner", + "ImageId": { + "markdownDescription": "The identifier for the Amazon Machine Image (AMI) that's used to create the EC2 instance. To choose an AMI for the instance, you must specify a valid AMI alias or a valid AWS Systems Manager path.\n\nFrom December 04, 2023, you will be required to include the `ImageId` parameter for the `CreateEnvironmentEC2` action. This change will be reflected across all direct methods of communicating with the API, such as AWS SDK, AWS CLI and AWS CloudFormation. This change will only affect direct API consumers, and not AWS Cloud9 console users.\n\nSince Ubuntu 18.04 has ended standard support as of May 31, 2023, we recommend you choose Ubuntu 22.04.\n\n*AMI aliases*\n\n- Amazon Linux 2: `amazonlinux-2-x86_64`\n- Amazon Linux 2023 (recommended): `amazonlinux-2023-x86_64`\n- Ubuntu 18.04: `ubuntu-18.04-x86_64`\n- Ubuntu 22.04: `ubuntu-22.04-x86_64`\n\n*SSM paths*\n\n- Amazon Linux 2: `resolve:ssm:/aws/service/cloud9/amis/amazonlinux-2-x86_64`\n- Amazon Linux 2023 (recommended): `resolve:ssm:/aws/service/cloud9/amis/amazonlinux-2023-x86_64`\n- Ubuntu 18.04: `resolve:ssm:/aws/service/cloud9/amis/ubuntu-18.04-x86_64`\n- Ubuntu 22.04: `resolve:ssm:/aws/service/cloud9/amis/ubuntu-22.04-x86_64`", + "title": "ImageId", "type": "string" }, - "ExternalConnections": { + "InstanceType": { + "markdownDescription": "The type of instance to connect to the environment (for example, `t2.micro` ).", + "title": "InstanceType", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the environment.", + "title": "Name", + "type": "string" + }, + "OwnerArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the environment owner. This ARN can be the ARN of any AWS Identity and Access Management principal. If this value is not specified, the ARN defaults to this environment's creator.", + "title": "OwnerArn", + "type": "string" + }, + "Repositories": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Cloud9::EnvironmentEC2.Repository" }, - "markdownDescription": "An array of external connections associated with the repository. For more information, see [Supported external connection repositories](https://docs.aws.amazon.com/codeartifact/latest/ug/external-connection.html#supported-public-repositories) in the *CodeArtifact user guide* .", - "title": "ExternalConnections", + "markdownDescription": "Any AWS CodeCommit source code repositories to be cloned into the development environment.", + "title": "Repositories", "type": "array" }, - "PermissionsPolicyDocument": { - "markdownDescription": "The document that defines the resource policy that is set on a repository.", - "title": "PermissionsPolicyDocument", - "type": "object" - }, - "RepositoryName": { - "markdownDescription": "The name of an upstream repository.", - "title": "RepositoryName", + "SubnetId": { + "markdownDescription": "The ID of the subnet in Amazon Virtual Private Cloud (Amazon VPC) that AWS Cloud9 will use to communicate with the Amazon Elastic Compute Cloud (Amazon EC2) instance.", + "title": "SubnetId", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tags to be applied to the repository.", + "markdownDescription": "An array of key-value pairs that will be associated with the new AWS Cloud9 development environment.", "title": "Tags", "type": "array" - }, - "Upstreams": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of upstream repositories to associate with the repository. The order of the upstream repositories in the list determines their priority order when AWS CodeArtifact looks for a requested package version. For more information, see [Working with upstream repositories](https://docs.aws.amazon.com/codeartifact/latest/ug/repos-upstream.html) .", - "title": "Upstreams", - "type": "array" } }, "required": [ - "DomainName", - "RepositoryName" + "ImageId", + "InstanceType" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeArtifact::Repository" + "AWS::Cloud9::EnvironmentEC2" ], "type": "string" }, @@ -41106,7 +46524,27 @@ ], "type": "object" }, - "AWS::CodeBuild::Fleet": { + "AWS::Cloud9::EnvironmentEC2.Repository": { + "additionalProperties": false, + "properties": { + "PathComponent": { + "markdownDescription": "The path within the development environment's default file system location to clone the AWS CodeCommit repository into. For example, `/REPOSITORY_NAME` would clone the repository into the `/home/USER_NAME/environment/REPOSITORY_NAME` directory in the environment.", + "title": "PathComponent", + "type": "string" + }, + "RepositoryUrl": { + "markdownDescription": "The clone URL of the AWS CodeCommit repository to be cloned. For example, for an AWS CodeCommit repository this might be `https://git-codecommit.us-east-2.amazonaws.com/v1/repos/REPOSITORY_NAME` .", + "title": "RepositoryUrl", + "type": "string" + } + }, + "required": [ + "PathComponent", + "RepositoryUrl" + ], + "type": "object" + }, + "AWS::CloudFormation::CustomResource": { "additionalProperties": false, "properties": { "Condition": { @@ -41141,40 +46579,25 @@ "Properties": { "additionalProperties": false, "properties": { - "BaseCapacity": { - "markdownDescription": "The initial number of machines allocated to the compute \ufb02eet, which de\ufb01nes the number of builds that can run in parallel.", - "title": "BaseCapacity", + "ServiceTimeout": { + "markdownDescription": "The maximum time, in seconds, that can elapse before a custom resource operation times out.\n\nThe value must be an integer from 1 to 3600. The default value is 3600 seconds (1 hour).", + "title": "ServiceTimeout", "type": "number" }, - "ComputeType": { - "markdownDescription": "Information about the compute resources the compute fleet uses. Available values include:\n\n- `ATTRIBUTE_BASED_COMPUTE` : Specify the amount of vCPUs, memory, disk space, and the type of machine.\n\n> If you use `ATTRIBUTE_BASED_COMPUTE` , you must define your attributes by using `computeConfiguration` . AWS CodeBuild will select the cheapest instance that satisfies your specified attributes. For more information, see [Reserved capacity environment types](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html#environment-reserved-capacity.types) in the *AWS CodeBuild User Guide* .\n- `BUILD_GENERAL1_SMALL` : Use up to 4 GiB memory and 2 vCPUs for builds.\n- `BUILD_GENERAL1_MEDIUM` : Use up to 8 GiB memory and 4 vCPUs for builds.\n- `BUILD_GENERAL1_LARGE` : Use up to 16 GiB memory and 8 vCPUs for builds, depending on your environment type.\n- `BUILD_GENERAL1_XLARGE` : Use up to 72 GiB memory and 36 vCPUs for builds, depending on your environment type.\n- `BUILD_GENERAL1_2XLARGE` : Use up to 144 GiB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed.\n- `BUILD_LAMBDA_1GB` : Use up to 1 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_2GB` : Use up to 2 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_4GB` : Use up to 4 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_8GB` : Use up to 8 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_10GB` : Use up to 10 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n\nIf you use `BUILD_GENERAL1_SMALL` :\n\n- For environment type `LINUX_CONTAINER` , you can use up to 4 GiB memory and 2 vCPUs for builds.\n- For environment type `LINUX_GPU_CONTAINER` , you can use up to 16 GiB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds.\n- For environment type `ARM_CONTAINER` , you can use up to 4 GiB memory and 2 vCPUs on ARM-based processors for builds.\n\nIf you use `BUILD_GENERAL1_LARGE` :\n\n- For environment type `LINUX_CONTAINER` , you can use up to 16 GiB memory and 8 vCPUs for builds.\n- For environment type `LINUX_GPU_CONTAINER` , you can use up to 255 GiB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds.\n- For environment type `ARM_CONTAINER` , you can use up to 16 GiB memory and 8 vCPUs on ARM-based processors for builds.\n\nFor more information, see [On-demand environment types](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html#environment.types) in the *AWS CodeBuild User Guide.*", - "title": "ComputeType", - "type": "string" - }, - "EnvironmentType": { - "markdownDescription": "The environment type of the compute fleet.\n\n- The environment type `ARM_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), EU (Frankfurt), and South America (S\u00e3o Paulo).\n- The environment type `ARM_EC2` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (S\u00e3o Paulo), and Asia Pacific (Mumbai).\n- The environment type `LINUX_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (S\u00e3o Paulo), and Asia Pacific (Mumbai).\n- The environment type `LINUX_EC2` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (S\u00e3o Paulo), and Asia Pacific (Mumbai).\n- The environment type `LINUX_GPU_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), and Asia Pacific (Sydney).\n- The environment type `MAC_ARM` is available only in regions US East (Ohio), US East (N. Virginia), US West (Oregon), Europe (Frankfurt), and Asia Pacific (Sydney).\n- The environment type `WINDOWS_EC2` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (S\u00e3o Paulo), and Asia Pacific (Mumbai).\n- The environment type `WINDOWS_SERVER_2019_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Sydney), Asia Pacific (Tokyo), Asia Pacific (Mumbai) and EU (Ireland).\n- The environment type `WINDOWS_SERVER_2022_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Sydney), Asia Pacific (Singapore), Asia Pacific (Tokyo), South America (S\u00e3o Paulo) and Asia Pacific (Mumbai).\n\nFor more information, see [Build environment compute types](https://docs.aws.amazon.com//codebuild/latest/userguide/build-env-ref-compute-types.html) in the *AWS CodeBuild user guide* .", - "title": "EnvironmentType", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the compute fleet.", - "title": "Name", + "ServiceToken": { + "markdownDescription": "The service token, such as an Amazon SNS topic ARN or Lambda function ARN. The service token must be from the same Region as the stack.\n\nUpdates aren't supported.", + "title": "ServiceToken", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of tag key and value pairs associated with this compute fleet.\n\nThese tags are available for use by AWS services that support AWS CodeBuild compute fleet tags.", - "title": "Tags", - "type": "array" } }, + "required": [ + "ServiceToken" + ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeBuild::Fleet" + "AWS::CloudFormation::CustomResource" ], "type": "string" }, @@ -41188,11 +46611,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::CodeBuild::Project": { + "AWS::CloudFormation::GuardHook": { "additionalProperties": false, "properties": { "Condition": { @@ -41227,153 +46651,73 @@ "Properties": { "additionalProperties": false, "properties": { - "Artifacts": { - "$ref": "#/definitions/AWS::CodeBuild::Project.Artifacts", - "markdownDescription": "`Artifacts` is a property of the [AWS::CodeBuild::Project](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codebuild-project.html) resource that specifies output settings for artifacts generated by an AWS CodeBuild build.", - "title": "Artifacts" - }, - "BadgeEnabled": { - "markdownDescription": "Indicates whether AWS CodeBuild generates a publicly accessible URL for your project's build badge. For more information, see [Build Badges Sample](https://docs.aws.amazon.com/codebuild/latest/userguide/sample-build-badges.html) in the *AWS CodeBuild User Guide* .\n\n> Including build badges with your project is currently not supported if the source type is CodePipeline. If you specify `CODEPIPELINE` for the `Source` property, do not specify the `BadgeEnabled` property.", - "title": "BadgeEnabled", - "type": "boolean" - }, - "BuildBatchConfig": { - "$ref": "#/definitions/AWS::CodeBuild::Project.ProjectBuildBatchConfig", - "markdownDescription": "A `ProjectBuildBatchConfig` object that defines the batch build options for the project.", - "title": "BuildBatchConfig" - }, - "Cache": { - "$ref": "#/definitions/AWS::CodeBuild::Project.ProjectCache", - "markdownDescription": "Settings that AWS CodeBuild uses to store and reuse build dependencies.", - "title": "Cache" - }, - "ConcurrentBuildLimit": { - "markdownDescription": "The maximum number of concurrent builds that are allowed for this project.\n\nNew builds are only started if the current number of builds is less than or equal to this limit. If the current build count meets this limit, new builds are throttled and are not run.", - "title": "ConcurrentBuildLimit", - "type": "number" - }, - "Description": { - "markdownDescription": "A description that makes the build project easy to identify.", - "title": "Description", + "Alias": { + "markdownDescription": "The type name alias for the Hook. This alias must be unique per account and Region.\n\nThe alias must be in the form `Name1::Name2::Name3` and must not begin with `AWS` . For example, `Private::Guard::MyTestHook` .", + "title": "Alias", "type": "string" }, - "EncryptionKey": { - "markdownDescription": "The AWS Key Management Service customer master key (CMK) to be used for encrypting the build output artifacts.\n\n> You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key. \n\nYou can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format `alias/` ). If you don't specify a value, CodeBuild uses the managed CMK for Amazon Simple Storage Service (Amazon S3).", - "title": "EncryptionKey", + "ExecutionRole": { + "markdownDescription": "The IAM role that the Hook assumes to retrieve your Guard rules from S3 and optionally write a detailed Guard output report back.", + "title": "ExecutionRole", "type": "string" }, - "Environment": { - "$ref": "#/definitions/AWS::CodeBuild::Project.Environment", - "markdownDescription": "The build environment settings for the project, such as the environment type or the environment variables to use for the build environment.", - "title": "Environment" - }, - "FileSystemLocations": { - "items": { - "$ref": "#/definitions/AWS::CodeBuild::Project.ProjectFileSystemLocation" - }, - "markdownDescription": "An array of `ProjectFileSystemLocation` objects for a CodeBuild build project. A `ProjectFileSystemLocation` object specifies the `identifier` , `location` , `mountOptions` , `mountPoint` , and `type` of a file system created using Amazon Elastic File System.", - "title": "FileSystemLocations", - "type": "array" - }, - "LogsConfig": { - "$ref": "#/definitions/AWS::CodeBuild::Project.LogsConfig", - "markdownDescription": "Information about logs for the build project. A project can create logs in CloudWatch Logs, an S3 bucket, or both.", - "title": "LogsConfig" - }, - "Name": { - "markdownDescription": "The name of the build project. The name must be unique across all of the projects in your AWS account .", - "title": "Name", + "FailureMode": { + "markdownDescription": "Specifies how the Hook responds when rules fail their evaluation.\n\n- `FAIL` : Prevents the action from proceeding. This is helpful for enforcing strict compliance or security policies.\n- `WARN` : Issues warnings to users but allows actions to continue. This is useful for non-critical validations or informational checks.", + "title": "FailureMode", "type": "string" }, - "QueuedTimeoutInMinutes": { - "markdownDescription": "The number of minutes a build is allowed to be queued before it times out.", - "title": "QueuedTimeoutInMinutes", - "type": "number" - }, - "ResourceAccessRole": { - "markdownDescription": "The ARN of the IAM role that enables CodeBuild to access the CloudWatch Logs and Amazon S3 artifacts for the project's builds.", - "title": "ResourceAccessRole", + "HookStatus": { + "markdownDescription": "Specifies if the Hook is `ENABLED` or `DISABLED` .", + "title": "HookStatus", "type": "string" }, - "SecondaryArtifacts": { - "items": { - "$ref": "#/definitions/AWS::CodeBuild::Project.Artifacts" - }, - "markdownDescription": "A list of `Artifacts` objects. Each artifacts object specifies output settings that the project generates during a build.", - "title": "SecondaryArtifacts", - "type": "array" - }, - "SecondarySourceVersions": { - "items": { - "$ref": "#/definitions/AWS::CodeBuild::Project.ProjectSourceVersion" - }, - "markdownDescription": "An array of `ProjectSourceVersion` objects. If `secondarySourceVersions` is specified at the build level, then they take over these `secondarySourceVersions` (at the project level).", - "title": "SecondarySourceVersions", - "type": "array" + "LogBucket": { + "markdownDescription": "Specifies the name of an S3 bucket to store the Guard output report. This report contains the results of your Guard rule validations.", + "title": "LogBucket", + "type": "string" }, - "SecondarySources": { - "items": { - "$ref": "#/definitions/AWS::CodeBuild::Project.Source" - }, - "markdownDescription": "An array of `ProjectSource` objects.", - "title": "SecondarySources", - "type": "array" + "Options": { + "$ref": "#/definitions/AWS::CloudFormation::GuardHook.Options", + "markdownDescription": "Specifies the S3 location of your input parameters.", + "title": "Options" }, - "ServiceRole": { - "markdownDescription": "The ARN of the IAM role that enables AWS CodeBuild to interact with dependent AWS services on behalf of the AWS account.", - "title": "ServiceRole", - "type": "string" + "RuleLocation": { + "$ref": "#/definitions/AWS::CloudFormation::GuardHook.S3Location", + "markdownDescription": "Specifies the S3 location of your Guard rules.", + "title": "RuleLocation" }, - "Source": { - "$ref": "#/definitions/AWS::CodeBuild::Project.Source", - "markdownDescription": "The source code settings for the project, such as the source code's repository type and location.", - "title": "Source" + "StackFilters": { + "$ref": "#/definitions/AWS::CloudFormation::GuardHook.StackFilters", + "markdownDescription": "Specifies the stack level filters for the Hook.\n\nExample stack level filter in JSON:\n\n`\"StackFilters\": {\"FilteringCriteria\": \"ALL\", \"StackNames\": {\"Exclude\": [ \"stack-1\", \"stack-2\"]}}` \n\nExample stack level filter in YAML:\n\n`StackFilters: FilteringCriteria: ALL StackNames: Exclude: - stack-1 - stack-2`", + "title": "StackFilters" }, - "SourceVersion": { - "markdownDescription": "A version of the build input to be built for this project. If not specified, the latest version is used. If specified, it must be one of:\n\n- For CodeCommit: the commit ID, branch, or Git tag to use.\n- For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format `pr/pull-request-ID` (for example `pr/25` ). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.\n- For GitLab: the commit ID, branch, or Git tag to use.\n- For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.\n- For Amazon S3: the version ID of the object that represents the build input ZIP file to use.\n\nIf `sourceVersion` is specified at the build level, then that version takes precedence over this `sourceVersion` (at the project level).\n\nFor more information, see [Source Version Sample with CodeBuild](https://docs.aws.amazon.com/codebuild/latest/userguide/sample-source-version.html) in the *AWS CodeBuild User Guide* .", - "title": "SourceVersion", - "type": "string" + "TargetFilters": { + "$ref": "#/definitions/AWS::CloudFormation::GuardHook.TargetFilters", + "markdownDescription": "Specifies the target filters for the Hook.\n\nExample target filter in JSON:\n\n`\"TargetFilters\": {\"Actions\": [ \"Create\", \"Update\", \"Delete\" ]}` \n\nExample target filter in YAML:\n\n`TargetFilters: Actions: - CREATE - UPDATE - DELETE`", + "title": "TargetFilters" }, - "Tags": { + "TargetOperations": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "An arbitrary set of tags (key-value pairs) for the AWS CodeBuild project.\n\nThese tags are available for use by AWS services that support AWS CodeBuild build project tags.", - "title": "Tags", + "markdownDescription": "Specifies the list of operations the Hook is run against. For more information, see [Hook targets](https://docs.aws.amazon.com/cloudformation-cli/latest/hooks-userguide/hooks-concepts.html#hook-terms-hook-target) in the *AWS CloudFormation Hooks User Guide* .\n\nValid values: `STACK` | `RESOURCE` | `CHANGE_SET` | `CLOUD_CONTROL`", + "title": "TargetOperations", "type": "array" - }, - "TimeoutInMinutes": { - "markdownDescription": "How long, in minutes, from 5 to 2160 (36 hours), for AWS CodeBuild to wait before timing out any related build that did not get marked as completed. The default is 60 minutes.", - "title": "TimeoutInMinutes", - "type": "number" - }, - "Triggers": { - "$ref": "#/definitions/AWS::CodeBuild::Project.ProjectTriggers", - "markdownDescription": "For an existing AWS CodeBuild build project that has its source code stored in a GitHub repository, enables AWS CodeBuild to begin automatically rebuilding the source code every time a code change is pushed to the repository.", - "title": "Triggers" - }, - "Visibility": { - "markdownDescription": "Specifies the visibility of the project's builds. Possible values are:\n\n- **PUBLIC_READ** - The project builds are visible to the public.\n- **PRIVATE** - The project builds are not visible to the public.", - "title": "Visibility", - "type": "string" - }, - "VpcConfig": { - "$ref": "#/definitions/AWS::CodeBuild::Project.VpcConfig", - "markdownDescription": "`VpcConfig` specifies settings that enable AWS CodeBuild to access resources in an Amazon VPC. For more information, see [Use AWS CodeBuild with Amazon Virtual Private Cloud](https://docs.aws.amazon.com/codebuild/latest/userguide/vpc-support.html) in the *AWS CodeBuild User Guide* .", - "title": "VpcConfig" } }, "required": [ - "Artifacts", - "Environment", - "ServiceRole", - "Source" + "Alias", + "ExecutionRole", + "FailureMode", + "HookStatus", + "RuleLocation", + "TargetOperations" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeBuild::Project" + "AWS::CloudFormation::GuardHook" ], "type": "string" }, @@ -41392,560 +46736,155 @@ ], "type": "object" }, - "AWS::CodeBuild::Project.Artifacts": { + "AWS::CloudFormation::GuardHook.HookTarget": { "additionalProperties": false, "properties": { - "ArtifactIdentifier": { - "markdownDescription": "An identifier for this artifact definition.", - "title": "ArtifactIdentifier", - "type": "string" - }, - "EncryptionDisabled": { - "markdownDescription": "Set to true if you do not want your output artifacts encrypted. This option is valid only if your artifacts type is Amazon Simple Storage Service (Amazon S3). If this is set with another artifacts type, an `invalidInputException` is thrown.", - "title": "EncryptionDisabled", - "type": "boolean" - }, - "Location": { - "markdownDescription": "Information about the build output artifact location:\n\n- If `type` is set to `CODEPIPELINE` , AWS CodePipeline ignores this value if specified. This is because CodePipeline manages its build output locations instead of CodeBuild .\n- If `type` is set to `NO_ARTIFACTS` , this value is ignored if specified, because no build output is produced.\n- If `type` is set to `S3` , this is the name of the output bucket.\n\nIf you specify `CODEPIPELINE` or `NO_ARTIFACTS` for the `Type` property, don't specify this property. For all of the other types, you must specify this property.", - "title": "Location", - "type": "string" - }, - "Name": { - "markdownDescription": "Along with `path` and `namespaceType` , the pattern that AWS CodeBuild uses to name and store the output artifact:\n\n- If `type` is set to `CODEPIPELINE` , AWS CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of AWS CodeBuild .\n- If `type` is set to `NO_ARTIFACTS` , this value is ignored if specified, because no build output is produced.\n- If `type` is set to `S3` , this is the name of the output artifact object. If you set the name to be a forward slash (\"/\"), the artifact is stored in the root of the output bucket.\n\nFor example:\n\n- If `path` is set to `MyArtifacts` , `namespaceType` is set to `BUILD_ID` , and `name` is set to `MyArtifact.zip` , then the output artifact is stored in `MyArtifacts/ *build-ID* /MyArtifact.zip` .\n- If `path` is empty, `namespaceType` is set to `NONE` , and `name` is set to \" `/` \", the output artifact is stored in the root of the output bucket.\n- If `path` is set to `MyArtifacts` , `namespaceType` is set to `BUILD_ID` , and `name` is set to \" `/` \", the output artifact is stored in `MyArtifacts/ *build-ID*` .\n\nIf you specify `CODEPIPELINE` or `NO_ARTIFACTS` for the `Type` property, don't specify this property. For all of the other types, you must specify this property.", - "title": "Name", - "type": "string" - }, - "NamespaceType": { - "markdownDescription": "Along with `path` and `name` , the pattern that AWS CodeBuild uses to determine the name and location to store the output artifact:\n\n- If `type` is set to `CODEPIPELINE` , CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of AWS CodeBuild .\n- If `type` is set to `NO_ARTIFACTS` , this value is ignored if specified, because no build output is produced.\n- If `type` is set to `S3` , valid values include:\n\n- `BUILD_ID` : Include the build ID in the location of the build output artifact.\n- `NONE` : Do not include the build ID. This is the default if `namespaceType` is not specified.\n\nFor example, if `path` is set to `MyArtifacts` , `namespaceType` is set to `BUILD_ID` , and `name` is set to `MyArtifact.zip` , the output artifact is stored in `MyArtifacts//MyArtifact.zip` .", - "title": "NamespaceType", - "type": "string" - }, - "OverrideArtifactName": { - "markdownDescription": "If set to true a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell command language. For example, you can append a date and time to your artifact name so that it is always unique.", - "title": "OverrideArtifactName", - "type": "boolean" - }, - "Packaging": { - "markdownDescription": "The type of build output artifact to create:\n\n- If `type` is set to `CODEPIPELINE` , CodePipeline ignores this value if specified. This is because CodePipeline manages its build output artifacts instead of AWS CodeBuild .\n- If `type` is set to `NO_ARTIFACTS` , this value is ignored if specified, because no build output is produced.\n- If `type` is set to `S3` , valid values include:\n\n- `NONE` : AWS CodeBuild creates in the output bucket a folder that contains the build output. This is the default if `packaging` is not specified.\n- `ZIP` : AWS CodeBuild creates in the output bucket a ZIP file that contains the build output.", - "title": "Packaging", + "Action": { "type": "string" }, - "Path": { - "markdownDescription": "Along with `namespaceType` and `name` , the pattern that AWS CodeBuild uses to name and store the output artifact:\n\n- If `type` is set to `CODEPIPELINE` , CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of AWS CodeBuild .\n- If `type` is set to `NO_ARTIFACTS` , this value is ignored if specified, because no build output is produced.\n- If `type` is set to `S3` , this is the path to the output artifact. If `path` is not specified, `path` is not used.\n\nFor example, if `path` is set to `MyArtifacts` , `namespaceType` is set to `NONE` , and `name` is set to `MyArtifact.zip` , the output artifact is stored in the output bucket at `MyArtifacts/MyArtifact.zip` .", - "title": "Path", + "InvocationPoint": { "type": "string" }, - "Type": { - "markdownDescription": "The type of build output artifact. Valid values include:\n\n- `CODEPIPELINE` : The build project has build output generated through CodePipeline.\n\n> The `CODEPIPELINE` type is not supported for `secondaryArtifacts` .\n- `NO_ARTIFACTS` : The build project does not produce any build output.\n- `S3` : The build project stores build output in Amazon S3.", - "title": "Type", + "TargetName": { "type": "string" } }, "required": [ - "Type" + "Action", + "InvocationPoint", + "TargetName" ], "type": "object" }, - "AWS::CodeBuild::Project.BatchRestrictions": { + "AWS::CloudFormation::GuardHook.Options": { "additionalProperties": false, "properties": { - "ComputeTypesAllowed": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of strings that specify the compute types that are allowed for the batch build. See [Build environment compute types](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html) in the *AWS CodeBuild User Guide* for these values.", - "title": "ComputeTypesAllowed", - "type": "array" - }, - "MaximumBuildsAllowed": { - "markdownDescription": "Specifies the maximum number of builds allowed.", - "title": "MaximumBuildsAllowed", - "type": "number" + "InputParams": { + "$ref": "#/definitions/AWS::CloudFormation::GuardHook.S3Location", + "markdownDescription": "Specifies the S3 location where your input parameters are located.", + "title": "InputParams" } }, "type": "object" }, - "AWS::CodeBuild::Project.BuildStatusConfig": { + "AWS::CloudFormation::GuardHook.S3Location": { "additionalProperties": false, "properties": { - "Context": { - "markdownDescription": "Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.\n\n- **Bitbucket** - This parameter is used for the `name` parameter in the Bitbucket commit status. For more information, see [build](https://docs.aws.amazon.com/https://developer.atlassian.com/bitbucket/api/2/reference/resource/repositories/%7Bworkspace%7D/%7Brepo_slug%7D/commit/%7Bnode%7D/statuses/build) in the Bitbucket API documentation.\n- **GitHub/GitHub Enterprise Server** - This parameter is used for the `context` parameter in the GitHub commit status. For more information, see [Create a commit status](https://docs.aws.amazon.com/https://developer.github.com/v3/repos/statuses/#create-a-commit-status) in the GitHub developer guide.", - "title": "Context", + "Uri": { + "markdownDescription": "Specifies the S3 path to the file that contains your Guard rules or input parameters (in the form `s3:///` ).\n\nFor Guard rules, the object stored in S3 must have one of the following file extensions: `.guard` , `.zip` , or `.tar.gz` .\n\nFor input parameters, the object stored in S3 must have one of the following file extensions: `.yaml` , `.json` , `.zip` , or `.tar.gz` .", + "title": "Uri", "type": "string" }, - "TargetUrl": { - "markdownDescription": "Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.\n\n- **Bitbucket** - This parameter is used for the `url` parameter in the Bitbucket commit status. For more information, see [build](https://docs.aws.amazon.com/https://developer.atlassian.com/bitbucket/api/2/reference/resource/repositories/%7Bworkspace%7D/%7Brepo_slug%7D/commit/%7Bnode%7D/statuses/build) in the Bitbucket API documentation.\n- **GitHub/GitHub Enterprise Server** - This parameter is used for the `target_url` parameter in the GitHub commit status. For more information, see [Create a commit status](https://docs.aws.amazon.com/https://developer.github.com/v3/repos/statuses/#create-a-commit-status) in the GitHub developer guide.", - "title": "TargetUrl", + "VersionId": { + "markdownDescription": "For S3 buckets with versioning enabled, specifies the unique ID of the S3 object version to download your Guard rules or input parameters from.\n\nThe Guard Hook downloads files from S3 every time the Hook is invoked. To prevent accidental changes or deletions, we recommend using a version when configuring your Guard Hook.", + "title": "VersionId", "type": "string" } }, + "required": [ + "Uri" + ], "type": "object" }, - "AWS::CodeBuild::Project.CloudWatchLogsConfig": { + "AWS::CloudFormation::GuardHook.StackFilters": { "additionalProperties": false, "properties": { - "GroupName": { - "markdownDescription": "The group name of the logs in CloudWatch Logs. For more information, see [Working with Log Groups and Log Streams](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/Working-with-log-groups-and-streams.html) .", - "title": "GroupName", + "FilteringCriteria": { + "markdownDescription": "The filtering criteria.\n\n- All stack names and stack roles ( `All` ): The Hook will only be invoked when all specified filters match.\n- Any stack names and stack roles ( `Any` ): The Hook will be invoked if at least one of the specified filters match.", + "title": "FilteringCriteria", "type": "string" }, - "Status": { - "markdownDescription": "The current status of the logs in CloudWatch Logs for a build project. Valid values are:\n\n- `ENABLED` : CloudWatch Logs are enabled for this build project.\n- `DISABLED` : CloudWatch Logs are not enabled for this build project.", - "title": "Status", - "type": "string" + "StackNames": { + "$ref": "#/definitions/AWS::CloudFormation::GuardHook.StackNames", + "markdownDescription": "Includes or excludes specific stacks from Hook invocations.", + "title": "StackNames" }, - "StreamName": { - "markdownDescription": "The prefix of the stream name of the CloudWatch Logs. For more information, see [Working with Log Groups and Log Streams](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/Working-with-log-groups-and-streams.html) .", - "title": "StreamName", - "type": "string" + "StackRoles": { + "$ref": "#/definitions/AWS::CloudFormation::GuardHook.StackRoles", + "markdownDescription": "Includes or excludes specific stacks from Hook invocations based on their associated IAM roles.", + "title": "StackRoles" } }, "required": [ - "Status" + "FilteringCriteria" ], "type": "object" }, - "AWS::CodeBuild::Project.Environment": { + "AWS::CloudFormation::GuardHook.StackNames": { "additionalProperties": false, "properties": { - "Certificate": { - "markdownDescription": "The ARN of the Amazon S3 bucket, path prefix, and object key that contains the PEM-encoded certificate for the build project. For more information, see [certificate](https://docs.aws.amazon.com/codebuild/latest/userguide/create-project-cli.html#cli.environment.certificate) in the *AWS CodeBuild User Guide* .", - "title": "Certificate", - "type": "string" - }, - "ComputeType": { - "markdownDescription": "The type of compute environment. This determines the number of CPU cores and memory the build environment uses. Available values include:\n\n- `ATTRIBUTE_BASED_COMPUTE` : Specify the amount of vCPUs, memory, disk space, and the type of machine.\n\n> If you use `ATTRIBUTE_BASED_COMPUTE` , you must define your attributes by using `computeConfiguration` . AWS CodeBuild will select the cheapest instance that satisfies your specified attributes. For more information, see [Reserved capacity environment types](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html#environment-reserved-capacity.types) in the *AWS CodeBuild User Guide* .\n- `BUILD_GENERAL1_SMALL` : Use up to 4 GiB memory and 2 vCPUs for builds.\n- `BUILD_GENERAL1_MEDIUM` : Use up to 8 GiB memory and 4 vCPUs for builds.\n- `BUILD_GENERAL1_LARGE` : Use up to 16 GiB memory and 8 vCPUs for builds, depending on your environment type.\n- `BUILD_GENERAL1_XLARGE` : Use up to 72 GiB memory and 36 vCPUs for builds, depending on your environment type.\n- `BUILD_GENERAL1_2XLARGE` : Use up to 144 GiB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed.\n- `BUILD_LAMBDA_1GB` : Use up to 1 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_2GB` : Use up to 2 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_4GB` : Use up to 4 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_8GB` : Use up to 8 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_10GB` : Use up to 10 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n\nIf you use `BUILD_GENERAL1_SMALL` :\n\n- For environment type `LINUX_CONTAINER` , you can use up to 4 GiB memory and 2 vCPUs for builds.\n- For environment type `LINUX_GPU_CONTAINER` , you can use up to 16 GiB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds.\n- For environment type `ARM_CONTAINER` , you can use up to 4 GiB memory and 2 vCPUs on ARM-based processors for builds.\n\nIf you use `BUILD_GENERAL1_LARGE` :\n\n- For environment type `LINUX_CONTAINER` , you can use up to 16 GiB memory and 8 vCPUs for builds.\n- For environment type `LINUX_GPU_CONTAINER` , you can use up to 255 GiB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds.\n- For environment type `ARM_CONTAINER` , you can use up to 16 GiB memory and 8 vCPUs on ARM-based processors for builds.\n\nFor more information, see [On-demand environment types](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html#environment.types) in the *AWS CodeBuild User Guide.*", - "title": "ComputeType", - "type": "string" - }, - "EnvironmentVariables": { + "Exclude": { "items": { - "$ref": "#/definitions/AWS::CodeBuild::Project.EnvironmentVariable" + "type": "string" }, - "markdownDescription": "A set of environment variables to make available to builds for this build project.", - "title": "EnvironmentVariables", + "markdownDescription": "The stack names to exclude. All stacks except those listed here will invoke the Hook.", + "title": "Exclude", "type": "array" }, - "Fleet": { - "$ref": "#/definitions/AWS::CodeBuild::Project.ProjectFleet" - }, - "Image": { - "markdownDescription": "The image tag or image digest that identifies the Docker image to use for this build project. Use the following formats:\n\n- For an image tag: `/:` . For example, in the Docker repository that CodeBuild uses to manage its Docker images, this would be `aws/codebuild/standard:4.0` .\n- For an image digest: `/@` . For example, to specify an image with the digest \"sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf,\" use `/@sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf` .\n\nFor more information, see [Docker images provided by CodeBuild](https://docs.aws.amazon.com//codebuild/latest/userguide/build-env-ref-available.html) in the *AWS CodeBuild user guide* .", - "title": "Image", - "type": "string" - }, - "ImagePullCredentialsType": { - "markdownDescription": "The type of credentials AWS CodeBuild uses to pull images in your build. There are two valid values:\n\n- `CODEBUILD` specifies that AWS CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust AWS CodeBuild service principal.\n- `SERVICE_ROLE` specifies that AWS CodeBuild uses your build project's service role.\n\nWhen you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an AWS CodeBuild curated image, you must use CODEBUILD credentials.", - "title": "ImagePullCredentialsType", - "type": "string" - }, - "PrivilegedMode": { - "markdownDescription": "Enables running the Docker daemon inside a Docker container. Set to true only if the build project is used to build Docker images. Otherwise, a build that attempts to interact with the Docker daemon fails. The default setting is `false` .\n\nYou can initialize the Docker daemon during the install phase of your build by adding one of the following sets of commands to the install phase of your buildspec file:\n\nIf the operating system's base image is Ubuntu Linux:\n\n`- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&`\n\n`- timeout 15 sh -c \"until docker info; do echo .; sleep 1; done\"`\n\nIf the operating system's base image is Alpine Linux and the previous command does not work, add the `-t` argument to `timeout` :\n\n`- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&`\n\n`- timeout -t 15 sh -c \"until docker info; do echo .; sleep 1; done\"`", - "title": "PrivilegedMode", - "type": "boolean" - }, - "RegistryCredential": { - "$ref": "#/definitions/AWS::CodeBuild::Project.RegistryCredential", - "markdownDescription": "`RegistryCredential` is a property of the [AWS::CodeBuild::Project Environment](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codebuild-project.html#cfn-codebuild-project-environment) property that specifies information about credentials that provide access to a private Docker registry. When this is set:\n\n- `imagePullCredentialsType` must be set to `SERVICE_ROLE` .\n- images cannot be curated or an Amazon ECR image.", - "title": "RegistryCredential" - }, - "Type": { - "markdownDescription": "The type of build environment to use for related builds.\n\n> If you're using compute fleets during project creation, `type` will be ignored. \n\nFor more information, see [Build environment compute types](https://docs.aws.amazon.com//codebuild/latest/userguide/build-env-ref-compute-types.html) in the *AWS CodeBuild user guide* .", - "title": "Type", - "type": "string" - } - }, - "required": [ - "ComputeType", - "Image", - "Type" - ], - "type": "object" - }, - "AWS::CodeBuild::Project.EnvironmentVariable": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name or key of the environment variable.", - "title": "Name", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of environment variable. Valid values include:\n\n- `PARAMETER_STORE` : An environment variable stored in Systems Manager Parameter Store. For environment variables of this type, specify the name of the parameter as the `value` of the EnvironmentVariable. The parameter value will be substituted for the name at runtime. You can also define Parameter Store environment variables in the buildspec. To learn how to do so, see [env/parameter-store](https://docs.aws.amazon.com/codebuild/latest/userguide/build-spec-ref.html#build-spec.env.parameter-store) in the *AWS CodeBuild User Guide* .\n- `PLAINTEXT` : An environment variable in plain text format. This is the default value.\n- `SECRETS_MANAGER` : An environment variable stored in AWS Secrets Manager . For environment variables of this type, specify the name of the secret as the `value` of the EnvironmentVariable. The secret value will be substituted for the name at runtime. You can also define AWS Secrets Manager environment variables in the buildspec. To learn how to do so, see [env/secrets-manager](https://docs.aws.amazon.com/codebuild/latest/userguide/build-spec-ref.html#build-spec.env.secrets-manager) in the *AWS CodeBuild User Guide* .", - "title": "Type", - "type": "string" - }, - "Value": { - "markdownDescription": "The value of the environment variable.\n\n> We strongly discourage the use of `PLAINTEXT` environment variables to store sensitive values, especially AWS secret key IDs. `PLAINTEXT` environment variables can be displayed in plain text using the AWS CodeBuild console and the AWS CLI . For sensitive values, we recommend you use an environment variable of type `PARAMETER_STORE` or `SECRETS_MANAGER` .", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Name", - "Value" - ], - "type": "object" - }, - "AWS::CodeBuild::Project.FilterGroup": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::CodeBuild::Project.GitSubmodulesConfig": { - "additionalProperties": false, - "properties": { - "FetchSubmodules": { - "markdownDescription": "Set to true to fetch Git submodules for your AWS CodeBuild build project.", - "title": "FetchSubmodules", - "type": "boolean" - } - }, - "required": [ - "FetchSubmodules" - ], - "type": "object" - }, - "AWS::CodeBuild::Project.LogsConfig": { - "additionalProperties": false, - "properties": { - "CloudWatchLogs": { - "$ref": "#/definitions/AWS::CodeBuild::Project.CloudWatchLogsConfig", - "markdownDescription": "Information about CloudWatch Logs for a build project. CloudWatch Logs are enabled by default.", - "title": "CloudWatchLogs" - }, - "S3Logs": { - "$ref": "#/definitions/AWS::CodeBuild::Project.S3LogsConfig", - "markdownDescription": "Information about logs built to an S3 bucket for a build project. S3 logs are not enabled by default.", - "title": "S3Logs" - } - }, - "type": "object" - }, - "AWS::CodeBuild::Project.ProjectBuildBatchConfig": { - "additionalProperties": false, - "properties": { - "BatchReportMode": { - "markdownDescription": "Specifies how build status reports are sent to the source provider for the batch build. This property is only used when the source provider for your project is Bitbucket, GitHub, or GitHub Enterprise, and your project is configured to report build statuses to the source provider.\n\n- **REPORT_AGGREGATED_BATCH** - (Default) Aggregate all of the build statuses into a single status report.\n- **REPORT_INDIVIDUAL_BUILDS** - Send a separate status report for each individual build.", - "title": "BatchReportMode", - "type": "string" - }, - "CombineArtifacts": { - "markdownDescription": "Specifies if the build artifacts for the batch build should be combined into a single artifact location.", - "title": "CombineArtifacts", - "type": "boolean" - }, - "Restrictions": { - "$ref": "#/definitions/AWS::CodeBuild::Project.BatchRestrictions", - "markdownDescription": "A `BatchRestrictions` object that specifies the restrictions for the batch build.", - "title": "Restrictions" - }, - "ServiceRole": { - "markdownDescription": "Specifies the service role ARN for the batch build project.", - "title": "ServiceRole", - "type": "string" - }, - "TimeoutInMins": { - "markdownDescription": "Specifies the maximum amount of time, in minutes, that the batch build must be completed in.", - "title": "TimeoutInMins", - "type": "number" - } - }, - "type": "object" - }, - "AWS::CodeBuild::Project.ProjectCache": { - "additionalProperties": false, - "properties": { - "Location": { - "markdownDescription": "Information about the cache location:\n\n- `NO_CACHE` or `LOCAL` : This value is ignored.\n- `S3` : This is the S3 bucket name/prefix.", - "title": "Location", - "type": "string" - }, - "Modes": { + "Include": { "items": { "type": "string" }, - "markdownDescription": "An array of strings that specify the local cache modes. You can use one or more local cache modes at the same time. This is only used for `LOCAL` cache types.\n\nPossible values are:\n\n- **LOCAL_SOURCE_CACHE** - Caches Git metadata for primary and secondary sources. After the cache is created, subsequent builds pull only the change between commits. This mode is a good choice for projects with a clean working directory and a source that is a large Git repository. If you choose this option and your project does not use a Git repository (GitHub, GitHub Enterprise, or Bitbucket), the option is ignored.\n- **LOCAL_DOCKER_LAYER_CACHE** - Caches existing Docker layers. This mode is a good choice for projects that build or pull large Docker images. It can prevent the performance issues caused by pulling large Docker images down from the network.\n\n> - You can use a Docker layer cache in the Linux environment only.\n> - The `privileged` flag must be set so that your project has the required Docker permissions.\n> - You should consider the security implications before you use a Docker layer cache.\n- **LOCAL_CUSTOM_CACHE** - Caches directories you specify in the buildspec file. This mode is a good choice if your build scenario is not suited to one of the other three local cache modes. If you use a custom cache:\n\n- Only directories can be specified for caching. You cannot specify individual files.\n- Symlinks are used to reference cached directories.\n- Cached directories are linked to your build before it downloads its project sources. Cached items are overridden if a source item has the same name. Directories are specified using cache paths in the buildspec file.", - "title": "Modes", + "markdownDescription": "The stack names to include. Only the stacks specified in this list will invoke the Hook.", + "title": "Include", "type": "array" - }, - "Type": { - "markdownDescription": "The type of cache used by the build project. Valid values include:\n\n- `NO_CACHE` : The build project does not use any cache.\n- `S3` : The build project reads and writes from and to S3.\n- `LOCAL` : The build project stores a cache locally on a build host that is only available to that build host.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::CodeBuild::Project.ProjectFileSystemLocation": { - "additionalProperties": false, - "properties": { - "Identifier": { - "markdownDescription": "The name used to access a file system created by Amazon EFS. CodeBuild creates an environment variable by appending the `identifier` in all capital letters to `CODEBUILD_` . For example, if you specify `my_efs` for `identifier` , a new environment variable is create named `CODEBUILD_MY_EFS` .\n\nThe `identifier` is used to mount your file system.", - "title": "Identifier", - "type": "string" - }, - "Location": { - "markdownDescription": "A string that specifies the location of the file system created by Amazon EFS. Its format is `efs-dns-name:/directory-path` . You can find the DNS name of file system when you view it in the Amazon EFS console. The directory path is a path to a directory in the file system that CodeBuild mounts. For example, if the DNS name of a file system is `fs-abcd1234.efs.us-west-2.amazonaws.com` , and its mount directory is `my-efs-mount-directory` , then the `location` is `fs-abcd1234.efs.us-west-2.amazonaws.com:/my-efs-mount-directory` .\n\nThe directory path in the format `efs-dns-name:/directory-path` is optional. If you do not specify a directory path, the location is only the DNS name and CodeBuild mounts the entire file system.", - "title": "Location", - "type": "string" - }, - "MountOptions": { - "markdownDescription": "The mount options for a file system created by Amazon EFS. The default mount options used by CodeBuild are `nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2` . For more information, see [Recommended NFS Mount Options](https://docs.aws.amazon.com/efs/latest/ug/mounting-fs-nfs-mount-settings.html) .", - "title": "MountOptions", - "type": "string" - }, - "MountPoint": { - "markdownDescription": "The location in the container where you mount the file system.", - "title": "MountPoint", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of the file system. The one supported type is `EFS` .", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Identifier", - "Location", - "MountPoint", - "Type" - ], - "type": "object" - }, - "AWS::CodeBuild::Project.ProjectFleet": { - "additionalProperties": false, - "properties": { - "FleetArn": { - "markdownDescription": "Specifies the compute fleet ARN for the build project.", - "title": "FleetArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::CodeBuild::Project.ProjectSourceVersion": { - "additionalProperties": false, - "properties": { - "SourceIdentifier": { - "markdownDescription": "An identifier for a source in the build project. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.", - "title": "SourceIdentifier", - "type": "string" - }, - "SourceVersion": { - "markdownDescription": "The source version for the corresponding source identifier. If specified, must be one of:\n\n- For CodeCommit: the commit ID, branch, or Git tag to use.\n- For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format `pr/pull-request-ID` (for example, `pr/25` ). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.\n- For GitLab: the commit ID, branch, or Git tag to use.\n- For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.\n- For Amazon S3: the version ID of the object that represents the build input ZIP file to use.\n\nFor more information, see [Source Version Sample with CodeBuild](https://docs.aws.amazon.com/codebuild/latest/userguide/sample-source-version.html) in the *AWS CodeBuild User Guide* .", - "title": "SourceVersion", - "type": "string" } }, - "required": [ - "SourceIdentifier" - ], "type": "object" }, - "AWS::CodeBuild::Project.ProjectTriggers": { + "AWS::CloudFormation::GuardHook.StackRoles": { "additionalProperties": false, "properties": { - "BuildType": { - "markdownDescription": "Specifies the type of build this webhook will trigger. Allowed values are:\n\n- **BUILD** - A single build\n- **BUILD_BATCH** - A batch build", - "title": "BuildType", - "type": "string" - }, - "FilterGroups": { + "Exclude": { "items": { - "$ref": "#/definitions/AWS::CodeBuild::Project.FilterGroup" + "type": "string" }, - "markdownDescription": "A list of lists of `WebhookFilter` objects used to determine which webhook events are triggered. At least one `WebhookFilter` in the array must specify `EVENT` as its type.", - "title": "FilterGroups", + "markdownDescription": "The IAM role ARNs for stacks you want to exclude. The Hook will be invoked on all stacks except those initiated by the specified roles.", + "title": "Exclude", "type": "array" }, - "Webhook": { - "markdownDescription": "Specifies whether or not to begin automatically rebuilding the source code every time a code change is pushed to the repository.", - "title": "Webhook", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::CodeBuild::Project.RegistryCredential": { - "additionalProperties": false, - "properties": { - "Credential": { - "markdownDescription": "The Amazon Resource Name (ARN) or name of credentials created using AWS Secrets Manager .\n\n> The `credential` can use the name of the credentials only if they exist in your current AWS Region .", - "title": "Credential", - "type": "string" - }, - "CredentialProvider": { - "markdownDescription": "The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for AWS Secrets Manager .", - "title": "CredentialProvider", - "type": "string" - } - }, - "required": [ - "Credential", - "CredentialProvider" - ], - "type": "object" - }, - "AWS::CodeBuild::Project.S3LogsConfig": { - "additionalProperties": false, - "properties": { - "EncryptionDisabled": { - "markdownDescription": "Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted.", - "title": "EncryptionDisabled", - "type": "boolean" - }, - "Location": { - "markdownDescription": "The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is `my-bucket` , and your path prefix is `build-log` , then acceptable formats are `my-bucket/build-log` or `arn:aws:s3:::my-bucket/build-log` .", - "title": "Location", - "type": "string" - }, - "Status": { - "markdownDescription": "The current status of the S3 build logs. Valid values are:\n\n- `ENABLED` : S3 build logs are enabled for this build project.\n- `DISABLED` : S3 build logs are not enabled for this build project.", - "title": "Status", - "type": "string" - } - }, - "required": [ - "Status" - ], - "type": "object" - }, - "AWS::CodeBuild::Project.Source": { - "additionalProperties": false, - "properties": { - "Auth": { - "$ref": "#/definitions/AWS::CodeBuild::Project.SourceAuth", - "markdownDescription": "Information about the authorization settings for AWS CodeBuild to access the source code to be built.", - "title": "Auth" - }, - "BuildSpec": { - "markdownDescription": "The build specification for the project. If this value is not provided, then the source code must contain a buildspec file named `buildspec.yml` at the root level. If this value is provided, it can be either a single string containing the entire build specification, or the path to an alternate buildspec file relative to the value of the built-in environment variable `CODEBUILD_SRC_DIR` . The alternate buildspec file can have a name other than `buildspec.yml` , for example `myspec.yml` or `build_spec_qa.yml` or similar. For more information, see the [Build Spec Reference](https://docs.aws.amazon.com/codebuild/latest/userguide/build-spec-ref.html#build-spec-ref-example) in the *AWS CodeBuild User Guide* .", - "title": "BuildSpec", - "type": "string" - }, - "BuildStatusConfig": { - "$ref": "#/definitions/AWS::CodeBuild::Project.BuildStatusConfig", - "markdownDescription": "Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is `GITHUB` , `GITHUB_ENTERPRISE` , or `BITBUCKET` .", - "title": "BuildStatusConfig" - }, - "GitCloneDepth": { - "markdownDescription": "The depth of history to download. Minimum value is 0. If this value is 0, greater than 25, or not provided, then the full history is downloaded with each build project. If your source type is Amazon S3, this value is not supported.", - "title": "GitCloneDepth", - "type": "number" - }, - "GitSubmodulesConfig": { - "$ref": "#/definitions/AWS::CodeBuild::Project.GitSubmodulesConfig", - "markdownDescription": "Information about the Git submodules configuration for the build project.", - "title": "GitSubmodulesConfig" - }, - "InsecureSsl": { - "markdownDescription": "This is used with GitHub Enterprise only. Set to true to ignore SSL warnings while connecting to your GitHub Enterprise project repository. The default value is `false` . `InsecureSsl` should be used for testing purposes only. It should not be used in a production environment.", - "title": "InsecureSsl", - "type": "boolean" - }, - "Location": { - "markdownDescription": "Information about the location of the source code to be built. Valid values include:\n\n- For source code settings that are specified in the source action of a pipeline in CodePipeline, `location` should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value.\n- For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, `https://git-codecommit..amazonaws.com/v1/repos/` ).\n- For source code in an Amazon S3 input bucket, one of the following.\n\n- The path to the ZIP file that contains the source code (for example, `//.zip` ).\n- The path to the folder that contains the source code (for example, `///` ).\n- For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your AWS account to your GitHub account. Use the AWS CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub *Authorize application* page, for *Organization access* , choose *Request access* next to each repository you want to allow AWS CodeBuild to have access to, and then choose *Authorize application* . (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the AWS CodeBuild console.) To instruct AWS CodeBuild to use this connection, in the `source` object, set the `auth` object's `type` value to `OAUTH` .\n- For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your AWS account to your GitLab account. Use the AWS CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections *Authorize application* page, choose *Authorize* . Then on the AWS CodeConnections *Create GitLab connection* page, choose *Connect to GitLab* . (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the AWS CodeBuild console.) To instruct AWS CodeBuild to override the default connection and use this connection instead, set the `auth` object's `type` value to `CODECONNECTIONS` in the `source` object.\n- For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your AWS account to your Bitbucket account. Use the AWS CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket *Confirm access to your account* page, choose *Grant access* . (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the AWS CodeBuild console.) To instruct AWS CodeBuild to use this connection, in the `source` object, set the `auth` object's `type` value to `OAUTH` .\n\nIf you specify `CODEPIPELINE` for the `Type` property, don't specify this property. For all of the other types, you must specify `Location` .", - "title": "Location", - "type": "string" - }, - "ReportBuildStatus": { - "markdownDescription": "Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an `invalidInputException` is thrown.", - "title": "ReportBuildStatus", - "type": "boolean" - }, - "SourceIdentifier": { - "markdownDescription": "An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.", - "title": "SourceIdentifier", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of repository that contains the source code to be built. Valid values include:\n\n- `BITBUCKET` : The source code is in a Bitbucket repository.\n- `CODECOMMIT` : The source code is in an CodeCommit repository.\n- `CODEPIPELINE` : The source code settings are specified in the source action of a pipeline in CodePipeline.\n- `GITHUB` : The source code is in a GitHub repository.\n- `GITHUB_ENTERPRISE` : The source code is in a GitHub Enterprise Server repository.\n- `GITLAB` : The source code is in a GitLab repository.\n- `GITLAB_SELF_MANAGED` : The source code is in a self-managed GitLab repository.\n- `NO_SOURCE` : The project does not have input source code.\n- `S3` : The source code is in an Amazon S3 bucket.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::CodeBuild::Project.SourceAuth": { - "additionalProperties": false, - "properties": { - "Resource": { - "markdownDescription": "The resource value that applies to the specified authorization type.", - "title": "Resource", - "type": "string" - }, - "Type": { - "markdownDescription": "The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.", - "title": "Type", - "type": "string" + "Include": { + "items": { + "type": "string" + }, + "markdownDescription": "The IAM role ARNs to target stacks associated with these roles. Only stack operations initiated by these roles will invoke the Hook.", + "title": "Include", + "type": "array" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::CodeBuild::Project.VpcConfig": { + "AWS::CloudFormation::GuardHook.TargetFilters": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { + "Actions": { "items": { "type": "string" }, - "markdownDescription": "A list of one or more security groups IDs in your Amazon VPC. The maximum count is 5.", - "title": "SecurityGroupIds", "type": "array" }, - "Subnets": { + "InvocationPoints": { "items": { "type": "string" }, - "markdownDescription": "A list of one or more subnet IDs in your Amazon VPC. The maximum count is 16.", - "title": "Subnets", "type": "array" }, - "VpcId": { - "markdownDescription": "The ID of the Amazon VPC.", - "title": "VpcId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::CodeBuild::Project.WebhookFilter": { - "additionalProperties": false, - "properties": { - "ExcludeMatchedPattern": { - "markdownDescription": "Used to indicate that the `pattern` determines which webhook events do not trigger a build. If true, then a webhook event that does not match the `pattern` triggers a build. If false, then a webhook event that matches the `pattern` triggers a build.", - "title": "ExcludeMatchedPattern", - "type": "boolean" - }, - "Pattern": { - "markdownDescription": "For a `WebHookFilter` that uses `EVENT` type, a comma-separated string that specifies one or more events. For example, the webhook filter `PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED` allows all push, pull request created, and pull request updated events to trigger a build.\n\nFor a `WebHookFilter` that uses any of the other filter types, a regular expression pattern. For example, a `WebHookFilter` that uses `HEAD_REF` for its `type` and the pattern `^refs/heads/` triggers a build when the head reference is a branch with a reference name `refs/heads/branch-name` .", - "title": "Pattern", - "type": "string" + "TargetNames": { + "items": { + "type": "string" + }, + "type": "array" }, - "Type": { - "markdownDescription": "The type of webhook filter. There are 11 webhook filter types: `EVENT` , `ACTOR_ACCOUNT_ID` , `HEAD_REF` , `BASE_REF` , `FILE_PATH` , `COMMIT_MESSAGE` , `TAG_NAME` , `RELEASE_NAME` , `REPOSITORY_NAME` , `ORGANIZATION_NAME` , and `WORKFLOW_NAME` .\n\n- EVENT\n\n- A webhook event triggers a build when the provided `pattern` matches one of nine event types: `PUSH` , `PULL_REQUEST_CREATED` , `PULL_REQUEST_UPDATED` , `PULL_REQUEST_CLOSED` , `PULL_REQUEST_REOPENED` , `PULL_REQUEST_MERGED` , `RELEASED` , `PRERELEASED` , and `WORKFLOW_JOB_QUEUED` . The `EVENT` patterns are specified as a comma-separated string. For example, `PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED` filters all push, pull request created, and pull request updated events.\n\n> Types `PULL_REQUEST_REOPENED` and `WORKFLOW_JOB_QUEUED` work with GitHub and GitHub Enterprise only. Types `RELEASED` and `PRERELEASED` work with GitHub only.\n- ACTOR_ACCOUNT_ID\n\n- A webhook event triggers a build when a GitHub, GitHub Enterprise, or Bitbucket account ID matches the regular expression `pattern` .\n- HEAD_REF\n\n- A webhook event triggers a build when the head reference matches the regular expression `pattern` . For example, `refs/heads/branch-name` and `refs/tags/tag-name` .\n\n> Works with GitHub and GitHub Enterprise push, GitHub and GitHub Enterprise pull request, Bitbucket push, and Bitbucket pull request events.\n- BASE_REF\n\n- A webhook event triggers a build when the base reference matches the regular expression `pattern` . For example, `refs/heads/branch-name` .\n\n> Works with pull request events only.\n- FILE_PATH\n\n- A webhook triggers a build when the path of a changed file matches the regular expression `pattern` .\n\n> Works with push and pull request events only.\n- COMMIT_MESSAGE\n\n- A webhook triggers a build when the head commit message matches the regular expression `pattern` .\n\n> Works with push and pull request events only.\n- TAG_NAME\n\n- A webhook triggers a build when the tag name of the release matches the regular expression `pattern` .\n\n> Works with `RELEASED` and `PRERELEASED` events only.\n- RELEASE_NAME\n\n- A webhook triggers a build when the release name matches the regular expression `pattern` .\n\n> Works with `RELEASED` and `PRERELEASED` events only.\n- REPOSITORY_NAME\n\n- A webhook triggers a build when the repository name matches the regular expression `pattern` .\n\n> Works with GitHub global or organization webhooks only.\n- ORGANIZATION_NAME\n\n- A webhook triggers a build when the organization name matches the regular expression `pattern` .\n\n> Works with GitHub global webhooks only.\n- WORKFLOW_NAME\n\n- A webhook triggers a build when the workflow name matches the regular expression `pattern` .\n\n> Works with `WORKFLOW_JOB_QUEUED` events only. > For CodeBuild-hosted Buildkite runner builds, WORKFLOW_NAME filters will filter by pipeline name.", - "title": "Type", - "type": "string" + "Targets": { + "items": { + "$ref": "#/definitions/AWS::CloudFormation::GuardHook.HookTarget" + }, + "type": "array" } }, - "required": [ - "Pattern", - "Type" - ], "type": "object" }, - "AWS::CodeBuild::ReportGroup": { + "AWS::CloudFormation::HookDefaultVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -41980,44 +46919,27 @@ "Properties": { "additionalProperties": false, "properties": { - "DeleteReports": { - "markdownDescription": "When deleting a report group, specifies if reports within the report group should be deleted.\n\n- **true** - Deletes any reports that belong to the report group before deleting the report group.\n- **false** - You must delete any reports in the report group. This is the default value. If you delete a report group that contains one or more reports, an exception is thrown.", - "title": "DeleteReports", - "type": "boolean" - }, - "ExportConfig": { - "$ref": "#/definitions/AWS::CodeBuild::ReportGroup.ReportExportConfig", - "markdownDescription": "Information about the destination where the raw data of this `ReportGroup` is exported.", - "title": "ExportConfig" - }, - "Name": { - "markdownDescription": "The name of the `ReportGroup` .", - "title": "Name", + "TypeName": { + "markdownDescription": "The name of the Hook.\n\nYou must specify either `TypeVersionArn` , or `TypeName` and `VersionId` .", + "title": "TypeName", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of tag key and value pairs associated with this report group.\n\nThese tags are available for use by AWS services that support AWS CodeBuild report group tags.", - "title": "Tags", - "type": "array" + "TypeVersionArn": { + "markdownDescription": "The version ID of the type configuration.\n\nYou must specify either `TypeVersionArn` , or `TypeName` and `VersionId` .", + "title": "TypeVersionArn", + "type": "string" }, - "Type": { - "markdownDescription": "The type of the `ReportGroup` . This can be one of the following values:\n\n- **CODE_COVERAGE** - The report group contains code coverage reports.\n- **TEST** - The report group contains test reports.", - "title": "Type", + "VersionId": { + "markdownDescription": "The version ID of the type specified.\n\nYou must specify either `TypeVersionArn` , or `TypeName` and `VersionId` .", + "title": "VersionId", "type": "string" } }, - "required": [ - "ExportConfig", - "Type" - ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeBuild::ReportGroup" + "AWS::CloudFormation::HookDefaultVersion" ], "type": "string" }, @@ -42031,70 +46953,11 @@ } }, "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::CodeBuild::ReportGroup.ReportExportConfig": { - "additionalProperties": false, - "properties": { - "ExportConfigType": { - "markdownDescription": "The export configuration type. Valid values are:\n\n- `S3` : The report results are exported to an S3 bucket.\n- `NO_EXPORT` : The report results are not exported.", - "title": "ExportConfigType", - "type": "string" - }, - "S3Destination": { - "$ref": "#/definitions/AWS::CodeBuild::ReportGroup.S3ReportExportConfig", - "markdownDescription": "A `S3ReportExportConfig` object that contains information about the S3 bucket where the run of a report is exported.", - "title": "S3Destination" - } - }, - "required": [ - "ExportConfigType" - ], - "type": "object" - }, - "AWS::CodeBuild::ReportGroup.S3ReportExportConfig": { - "additionalProperties": false, - "properties": { - "Bucket": { - "markdownDescription": "The name of the S3 bucket where the raw data of a report are exported.", - "title": "Bucket", - "type": "string" - }, - "BucketOwner": { - "markdownDescription": "The AWS account identifier of the owner of the Amazon S3 bucket. This allows report data to be exported to an Amazon S3 bucket that is owned by an account other than the account running the build.", - "title": "BucketOwner", - "type": "string" - }, - "EncryptionDisabled": { - "markdownDescription": "A boolean value that specifies if the results of a report are encrypted.", - "title": "EncryptionDisabled", - "type": "boolean" - }, - "EncryptionKey": { - "markdownDescription": "The encryption key for the report's encrypted raw data.", - "title": "EncryptionKey", - "type": "string" - }, - "Packaging": { - "markdownDescription": "The type of build output artifact to create. Valid values include:\n\n- `NONE` : CodeBuild creates the raw data in the output bucket. This is the default if packaging is not specified.\n- `ZIP` : CodeBuild creates a ZIP file with the raw data in the output bucket.", - "title": "Packaging", - "type": "string" - }, - "Path": { - "markdownDescription": "The path to the exported report's raw data results.", - "title": "Path", - "type": "string" - } - }, - "required": [ - "Bucket" + "Type" ], "type": "object" }, - "AWS::CodeBuild::SourceCredential": { + "AWS::CloudFormation::HookTypeConfig": { "additionalProperties": false, "properties": { "Condition": { @@ -42129,37 +46992,35 @@ "Properties": { "additionalProperties": false, "properties": { - "AuthType": { - "markdownDescription": "The type of authentication used by the credentials. Valid options are OAUTH, BASIC_AUTH, PERSONAL_ACCESS_TOKEN, CODECONNECTIONS, or SECRETS_MANAGER.", - "title": "AuthType", + "Configuration": { + "markdownDescription": "Specifies the activated Hook type configuration, in this AWS account and AWS Region .\n\nYou must specify either `TypeName` and `Configuration` or `TypeArn` and `Configuration` .", + "title": "Configuration", "type": "string" }, - "ServerType": { - "markdownDescription": "The type of source provider. The valid options are GITHUB, GITHUB_ENTERPRISE, GITLAB, GITLAB_SELF_MANAGED, or BITBUCKET.", - "title": "ServerType", + "ConfigurationAlias": { + "markdownDescription": "An alias by which to refer to this configuration data.\n\nDefaults to `default` alias. Hook types currently support default configuration alias.", + "title": "ConfigurationAlias", "type": "string" }, - "Token": { - "markdownDescription": "For GitHub or GitHub Enterprise, this is the personal access token. For Bitbucket, this is either the access token or the app password. For the `authType` CODECONNECTIONS, this is the `connectionArn` . For the `authType` SECRETS_MANAGER, this is the `secretArn` .", - "title": "Token", + "TypeArn": { + "markdownDescription": "The Amazon Resource Number (ARN) for the Hook to set `Configuration` for.\n\nYou must specify either `TypeName` and `Configuration` or `TypeArn` and `Configuration` .", + "title": "TypeArn", "type": "string" }, - "Username": { - "markdownDescription": "The Bitbucket username when the `authType` is BASIC_AUTH. This parameter is not valid for other types of source providers or connections.", - "title": "Username", + "TypeName": { + "markdownDescription": "The unique name for your Hook. Specifies a three-part namespace for your Hook, with a recommended pattern of `Organization::Service::Hook` .\n\nYou must specify either `TypeName` and `Configuration` or `TypeArn` and `Configuration` .", + "title": "TypeName", "type": "string" } }, "required": [ - "AuthType", - "ServerType", - "Token" + "Configuration" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeBuild::SourceCredential" + "AWS::CloudFormation::HookTypeConfig" ], "type": "string" }, @@ -42178,7 +47039,7 @@ ], "type": "object" }, - "AWS::CodeCommit::Repository": { + "AWS::CloudFormation::HookVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -42213,51 +47074,36 @@ "Properties": { "additionalProperties": false, "properties": { - "Code": { - "$ref": "#/definitions/AWS::CodeCommit::Repository.Code", - "markdownDescription": "Information about code to be committed to a repository after it is created in an AWS CloudFormation stack. Information about code is only used in resource creation. Updates to a stack will not reflect changes made to code properties after initial resource creation.\n\n> You can only use this property to add code when creating a repository with a AWS CloudFormation template at creation time. This property cannot be used for updating code to an existing repository.", - "title": "Code" - }, - "KmsKeyId": { - "markdownDescription": "The ID of the AWS Key Management Service encryption key used to encrypt and decrypt the repository.\n\n> The input can be the full ARN, the key ID, or the key alias. For more information, see [Finding the key ID and key ARN](https://docs.aws.amazon.com/kms/latest/developerguide/find-cmk-id-arn.html) .", - "title": "KmsKeyId", + "ExecutionRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the task execution role that grants the Hook permission.", + "title": "ExecutionRoleArn", "type": "string" }, - "RepositoryDescription": { - "markdownDescription": "A comment or description about the new repository.\n\n> The description field for a repository accepts all HTML characters and all valid Unicode characters. Applications that do not HTML-encode the description and display it in a webpage can expose users to potentially malicious code. Make sure that you HTML-encode the description field in any application that uses this API to display the repository description on a webpage.", - "title": "RepositoryDescription", - "type": "string" + "LoggingConfig": { + "$ref": "#/definitions/AWS::CloudFormation::HookVersion.LoggingConfig", + "markdownDescription": "Contains logging configuration information for an extension.", + "title": "LoggingConfig" }, - "RepositoryName": { - "markdownDescription": "The name of the new repository to be created.\n\n> The repository name must be unique across the calling AWS account . Repository names are limited to 100 alphanumeric, dash, and underscore characters, and cannot include certain characters. For more information about the limits on repository names, see [Quotas](https://docs.aws.amazon.com/codecommit/latest/userguide/limits.html) in the *AWS CodeCommit User Guide* . The suffix .git is prohibited.", - "title": "RepositoryName", + "SchemaHandlerPackage": { + "markdownDescription": "A URL to the Amazon S3 bucket for the Hook project package that contains the necessary files for the Hook you want to register.\n\nFor information on generating a schema handler package, see [Modeling custom CloudFormation Hooks](https://docs.aws.amazon.com/cloudformation-cli/latest/hooks-userguide/hooks-model.html) in the *AWS CloudFormation Hooks User Guide* .\n\n> To register the Hook, you must have `s3:GetObject` permissions to access the S3 objects.", + "title": "SchemaHandlerPackage", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "One or more tag key-value pairs to use when tagging this repository.", - "title": "Tags", - "type": "array" - }, - "Triggers": { - "items": { - "$ref": "#/definitions/AWS::CodeCommit::Repository.RepositoryTrigger" - }, - "markdownDescription": "The JSON block of configuration information for each trigger.", - "title": "Triggers", - "type": "array" + "TypeName": { + "markdownDescription": "The unique name for your hook. Specifies a three-part namespace for your hook, with a recommended pattern of `Organization::Service::Hook` .\n\n> The following organization namespaces are reserved and can't be used in your hook type names:\n> \n> - `Alexa`\n> - `AMZN`\n> - `Amazon`\n> - `ASK`\n> - `AWS`\n> - `Custom`\n> - `Dev`", + "title": "TypeName", + "type": "string" } }, "required": [ - "RepositoryName" + "SchemaHandlerPackage", + "TypeName" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeCommit::Repository" + "AWS::CloudFormation::HookVersion" ], "type": "string" }, @@ -42276,93 +47122,23 @@ ], "type": "object" }, - "AWS::CodeCommit::Repository.Code": { - "additionalProperties": false, - "properties": { - "BranchName": { - "markdownDescription": "Optional. Specifies a branch name to be used as the default branch when importing code into a repository on initial creation. If this property is not set, the name *main* will be used for the default branch for the repository. Changes to this property are ignored after initial resource creation. We recommend using this parameter to set the name to *main* to align with the default behavior of CodeCommit unless another name is needed.", - "title": "BranchName", - "type": "string" - }, - "S3": { - "$ref": "#/definitions/AWS::CodeCommit::Repository.S3", - "markdownDescription": "Information about the Amazon S3 bucket that contains a ZIP file of code to be committed to the repository. Changes to this property are ignored after initial resource creation.", - "title": "S3" - } - }, - "required": [ - "S3" - ], - "type": "object" - }, - "AWS::CodeCommit::Repository.RepositoryTrigger": { - "additionalProperties": false, - "properties": { - "Branches": { - "items": { - "type": "string" - }, - "markdownDescription": "The branches to be included in the trigger configuration. If you specify an empty array, the trigger applies to all branches.\n\n> Although no content is required in the array, you must include the array itself.", - "title": "Branches", - "type": "array" - }, - "CustomData": { - "markdownDescription": "Any custom data associated with the trigger to be included in the information sent to the target of the trigger.", - "title": "CustomData", - "type": "string" - }, - "DestinationArn": { - "markdownDescription": "The ARN of the resource that is the target for a trigger (for example, the ARN of a topic in Amazon SNS).", - "title": "DestinationArn", - "type": "string" - }, - "Events": { - "items": { - "type": "string" - }, - "markdownDescription": "The repository events that cause the trigger to run actions in another service, such as sending a notification through Amazon SNS.\n\n> The valid value \"all\" cannot be used with any other values.", - "title": "Events", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the trigger.", - "title": "Name", - "type": "string" - } - }, - "required": [ - "DestinationArn", - "Events", - "Name" - ], - "type": "object" - }, - "AWS::CodeCommit::Repository.S3": { + "AWS::CloudFormation::HookVersion.LoggingConfig": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The name of the Amazon S3 bucket that contains the ZIP file with the content that will be committed to the new repository. This can be specified using the name of the bucket in the AWS account . Changes to this property are ignored after initial resource creation.", - "title": "Bucket", - "type": "string" - }, - "Key": { - "markdownDescription": "The key to use for accessing the Amazon S3 bucket. Changes to this property are ignored after initial resource creation. For more information, see [Creating object key names](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html) and [Uploading objects](https://docs.aws.amazon.com/AmazonS3/latest/userguide/upload-objects.html) in the Amazon S3 User Guide.", - "title": "Key", + "LogGroupName": { + "markdownDescription": "The Amazon CloudWatch Logs group to which CloudFormation sends error logging information when invoking the extension's handlers.", + "title": "LogGroupName", "type": "string" }, - "ObjectVersion": { - "markdownDescription": "The object version of the ZIP file, if versioning is enabled for the Amazon S3 bucket. Changes to this property are ignored after initial resource creation.", - "title": "ObjectVersion", + "LogRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role that CloudFormation should assume when sending log entries to CloudWatch Logs.", + "title": "LogRoleArn", "type": "string" } }, - "required": [ - "Bucket", - "Key" - ], "type": "object" }, - "AWS::CodeConnections::Connection": { + "AWS::CloudFormation::LambdaHook": { "additionalProperties": false, "properties": { "Condition": { @@ -42397,38 +47173,63 @@ "Properties": { "additionalProperties": false, "properties": { - "ConnectionName": { - "markdownDescription": "The name of the connection. Connection names must be unique in an AWS account .", - "title": "ConnectionName", + "Alias": { + "markdownDescription": "The type name alias for the Hook. This alias must be unique per account and Region.\n\nThe alias must be in the form `Name1::Name2::Name3` and must not begin with `AWS` . For example, `Private::Lambda::MyTestHook` .", + "title": "Alias", "type": "string" }, - "HostArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the host associated with the connection.", - "title": "HostArn", + "ExecutionRole": { + "markdownDescription": "The IAM role that the Hook assumes to invoke your Lambda function.", + "title": "ExecutionRole", "type": "string" }, - "ProviderType": { - "markdownDescription": "The name of the external provider where your third-party code repository is configured.", - "title": "ProviderType", + "FailureMode": { + "markdownDescription": "Specifies how the Hook responds when the Lambda function invoked by the Hook returns a `FAILED` response.\n\n- `FAIL` : Prevents the action from proceeding. This is helpful for enforcing strict compliance or security policies.\n- `WARN` : Issues warnings to users but allows actions to continue. This is useful for non-critical validations or informational checks.", + "title": "FailureMode", "type": "string" }, - "Tags": { + "HookStatus": { + "markdownDescription": "Specifies if the Hook is `ENABLED` or `DISABLED` .", + "title": "HookStatus", + "type": "string" + }, + "LambdaFunction": { + "markdownDescription": "Specifies the Lambda function for the Hook. You can use:\n\n- The full Amazon Resource Name (ARN) without a suffix.\n- A qualified ARN with a version or alias suffix.", + "title": "LambdaFunction", + "type": "string" + }, + "StackFilters": { + "$ref": "#/definitions/AWS::CloudFormation::LambdaHook.StackFilters", + "markdownDescription": "Specifies the stack level filters for the Hook.\n\nExample stack level filter in JSON:\n\n`\"StackFilters\": {\"FilteringCriteria\": \"ALL\", \"StackNames\": {\"Exclude\": [ \"stack-1\", \"stack-2\"]}}` \n\nExample stack level filter in YAML:\n\n`StackFilters: FilteringCriteria: ALL StackNames: Exclude: - stack-1 - stack-2`", + "title": "StackFilters" + }, + "TargetFilters": { + "$ref": "#/definitions/AWS::CloudFormation::LambdaHook.TargetFilters", + "markdownDescription": "Specifies the target filters for the Hook.\n\nExample target filter in JSON:\n\n`\"TargetFilters\": {\"Actions\": [ \"Create\", \"Update\", \"Delete\" ]}` \n\nExample target filter in YAML:\n\n`TargetFilters: Actions: - CREATE - UPDATE - DELETE`", + "title": "TargetFilters" + }, + "TargetOperations": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "", - "title": "Tags", + "markdownDescription": "Specifies the list of operations the Hook is run against. For more information, see [Hook targets](https://docs.aws.amazon.com/cloudformation-cli/latest/hooks-userguide/hooks-concepts.html#hook-terms-hook-target) in the *AWS CloudFormation Hooks User Guide* .\n\nValid values: `STACK` | `RESOURCE` | `CHANGE_SET` | `CLOUD_CONTROL`", + "title": "TargetOperations", "type": "array" } }, "required": [ - "ConnectionName" + "Alias", + "ExecutionRole", + "FailureMode", + "HookStatus", + "LambdaFunction", + "TargetOperations" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeConnections::Connection" + "AWS::CloudFormation::LambdaHook" ], "type": "string" }, @@ -42447,7 +47248,125 @@ ], "type": "object" }, - "AWS::CodeDeploy::Application": { + "AWS::CloudFormation::LambdaHook.HookTarget": { + "additionalProperties": false, + "properties": { + "Action": { + "type": "string" + }, + "InvocationPoint": { + "type": "string" + }, + "TargetName": { + "type": "string" + } + }, + "required": [ + "Action", + "InvocationPoint", + "TargetName" + ], + "type": "object" + }, + "AWS::CloudFormation::LambdaHook.StackFilters": { + "additionalProperties": false, + "properties": { + "FilteringCriteria": { + "markdownDescription": "The filtering criteria.\n\n- All stack names and stack roles ( `All` ): The Hook will only be invoked when all specified filters match.\n- Any stack names and stack roles ( `Any` ): The Hook will be invoked if at least one of the specified filters match.", + "title": "FilteringCriteria", + "type": "string" + }, + "StackNames": { + "$ref": "#/definitions/AWS::CloudFormation::LambdaHook.StackNames", + "markdownDescription": "Includes or excludes specific stacks from Hook invocations.", + "title": "StackNames" + }, + "StackRoles": { + "$ref": "#/definitions/AWS::CloudFormation::LambdaHook.StackRoles", + "markdownDescription": "Includes or excludes specific stacks from Hook invocations based on their associated IAM roles.", + "title": "StackRoles" + } + }, + "required": [ + "FilteringCriteria" + ], + "type": "object" + }, + "AWS::CloudFormation::LambdaHook.StackNames": { + "additionalProperties": false, + "properties": { + "Exclude": { + "items": { + "type": "string" + }, + "markdownDescription": "The stack names to exclude. All stacks except those listed here will invoke the Hook.", + "title": "Exclude", + "type": "array" + }, + "Include": { + "items": { + "type": "string" + }, + "markdownDescription": "The stack names to include. Only the stacks specified in this list will invoke the Hook.", + "title": "Include", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CloudFormation::LambdaHook.StackRoles": { + "additionalProperties": false, + "properties": { + "Exclude": { + "items": { + "type": "string" + }, + "markdownDescription": "The IAM role ARNs for stacks you want to exclude. The Hook will be invoked on all stacks except those initiated by the specified roles.", + "title": "Exclude", + "type": "array" + }, + "Include": { + "items": { + "type": "string" + }, + "markdownDescription": "The IAM role ARNs to target stacks associated with these roles. Only stack operations initiated by these roles will invoke the Hook.", + "title": "Include", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CloudFormation::LambdaHook.TargetFilters": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "type": "string" + }, + "type": "array" + }, + "InvocationPoints": { + "items": { + "type": "string" + }, + "type": "array" + }, + "TargetNames": { + "items": { + "type": "string" + }, + "type": "array" + }, + "Targets": { + "items": { + "$ref": "#/definitions/AWS::CloudFormation::LambdaHook.HookTarget" + }, + "type": "array" + } + }, + "type": "object" + }, + "AWS::CloudFormation::Macro": { "additionalProperties": false, "properties": { "Condition": { @@ -42482,30 +47401,41 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationName": { - "markdownDescription": "A name for the application. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the application name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> Updates to `ApplicationName` are not supported.", - "title": "ApplicationName", + "Description": { + "markdownDescription": "A description of the macro.", + "title": "Description", "type": "string" }, - "ComputePlatform": { - "markdownDescription": "The compute platform that CodeDeploy deploys the application to.", - "title": "ComputePlatform", + "FunctionName": { + "markdownDescription": "The Amazon Resource Name (ARN) of the underlying Lambda function that you want CloudFormation to invoke when the macro is run.", + "title": "FunctionName", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The metadata that you apply to CodeDeploy applications to help you organize and categorize them. Each tag consists of a key and an optional value, both of which you define.", - "title": "Tags", - "type": "array" + "LogGroupName": { + "markdownDescription": "The CloudWatch Logs group to which CloudFormation sends error logging information when invoking the macro's underlying Lambda function.\n\nThis will be an existing CloudWatch Logs LogGroup. Neither CloudFormation or Lambda will create the group.", + "title": "LogGroupName", + "type": "string" + }, + "LogRoleARN": { + "markdownDescription": "The ARN of the role CloudFormation should assume when sending log entries to CloudWatch Logs .", + "title": "LogRoleARN", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the macro. The name of the macro must be unique across all macros in the account.", + "title": "Name", + "type": "string" } }, + "required": [ + "FunctionName", + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeDeploy::Application" + "AWS::CloudFormation::Macro" ], "type": "string" }, @@ -42519,11 +47449,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::CodeDeploy::DeploymentConfig": { + "AWS::CloudFormation::ModuleDefaultVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -42558,37 +47489,27 @@ "Properties": { "additionalProperties": false, "properties": { - "ComputePlatform": { - "markdownDescription": "The destination platform type for the deployment ( `Lambda` , `Server` , or `ECS` ).", - "title": "ComputePlatform", + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the module version to set as the default version.\n\nConditional: You must specify either `Arn` , or `ModuleName` and `VersionId` .", + "title": "Arn", "type": "string" }, - "DeploymentConfigName": { - "markdownDescription": "A name for the deployment configuration. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the deployment configuration name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "DeploymentConfigName", + "ModuleName": { + "markdownDescription": "The name of the module.\n\nConditional: You must specify either `Arn` , or `ModuleName` and `VersionId` .", + "title": "ModuleName", "type": "string" }, - "MinimumHealthyHosts": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig.MinimumHealthyHosts", - "markdownDescription": "The minimum number of healthy instances that should be available at any time during the deployment. There are two parameters expected in the input: type and value.\n\nThe type parameter takes either of the following values:\n\n- HOST_COUNT: The value parameter represents the minimum number of healthy instances as an absolute value.\n- FLEET_PERCENT: The value parameter represents the minimum number of healthy instances as a percentage of the total number of instances in the deployment. If you specify FLEET_PERCENT, at the start of the deployment, AWS CodeDeploy converts the percentage to the equivalent number of instance and rounds up fractional instances.\n\nThe value parameter takes an integer.\n\nFor example, to set a minimum of 95% healthy instance, specify a type of FLEET_PERCENT and a value of 95.\n\nFor more information about instance health, see [CodeDeploy Instance Health](https://docs.aws.amazon.com/codedeploy/latest/userguide/instances-health.html) in the AWS CodeDeploy User Guide.", - "title": "MinimumHealthyHosts" - }, - "TrafficRoutingConfig": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig.TrafficRoutingConfig", - "markdownDescription": "The configuration that specifies how the deployment traffic is routed.", - "title": "TrafficRoutingConfig" - }, - "ZonalConfig": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig.ZonalConfig", - "markdownDescription": "Configure the `ZonalConfig` object if you want AWS CodeDeploy to deploy your application to one [Availability Zone](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#concepts-availability-zones) at a time, within an AWS Region.\n\nFor more information about the zonal configuration feature, see [zonal configuration](https://docs.aws.amazon.com/codedeploy/latest/userguide/deployment-configurations-create.html#zonal-config) in the *CodeDeploy User Guide* .", - "title": "ZonalConfig" + "VersionId": { + "markdownDescription": "The ID for the specific version of the module.\n\nConditional: You must specify either `Arn` , or `ModuleName` and `VersionId` .", + "title": "VersionId", + "type": "string" } }, "type": "object" }, "Type": { "enum": [ - "AWS::CodeDeploy::DeploymentConfig" + "AWS::CloudFormation::ModuleDefaultVersion" ], "type": "string" }, @@ -42606,132 +47527,407 @@ ], "type": "object" }, - "AWS::CodeDeploy::DeploymentConfig.MinimumHealthyHosts": { + "AWS::CloudFormation::ModuleVersion": { "additionalProperties": false, "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ModuleName": { + "markdownDescription": "The name of the module being registered.", + "title": "ModuleName", + "type": "string" + }, + "ModulePackage": { + "markdownDescription": "A URL to the S3 bucket for the package that contains the template fragment and schema files for the module version to register.\n\nFor more information, see [Module structure and requirements](https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/modules-structure.html) in the *AWS CloudFormation Command Line Interface (CLI) User Guide* .\n\n> To register the module version, you must have `s3:GetObject` permissions to access the S3 objects.", + "title": "ModulePackage", + "type": "string" + } + }, + "required": [ + "ModuleName", + "ModulePackage" + ], + "type": "object" + }, "Type": { - "markdownDescription": "The minimum healthy instance type:\n\n- HOST_COUNT: The minimum number of healthy instance as an absolute value.\n- FLEET_PERCENT: The minimum number of healthy instance as a percentage of the total number of instance in the deployment.\n\nIn an example of nine instance, if a HOST_COUNT of six is specified, deploy to up to three instances at a time. The deployment is successful if six or more instances are deployed to successfully. Otherwise, the deployment fails. If a FLEET_PERCENT of 40 is specified, deploy to up to five instance at a time. The deployment is successful if four or more instance are deployed to successfully. Otherwise, the deployment fails.\n\n> In a call to `GetDeploymentConfig` , CodeDeployDefault.OneAtATime returns a minimum healthy instance type of MOST_CONCURRENCY and a value of 1. This means a deployment to only one instance at a time. (You cannot set the type to MOST_CONCURRENCY, only to HOST_COUNT or FLEET_PERCENT.) In addition, with CodeDeployDefault.OneAtATime, AWS CodeDeploy attempts to ensure that all instances but one are kept in a healthy state during the deployment. Although this allows one instance at a time to be taken offline for a new deployment, it also means that if the deployment to the last instance fails, the overall deployment is still successful. \n\nFor more information, see [AWS CodeDeploy Instance Health](https://docs.aws.amazon.com//codedeploy/latest/userguide/instances-health.html) in the *AWS CodeDeploy User Guide* .", - "title": "Type", + "enum": [ + "AWS::CloudFormation::ModuleVersion" + ], "type": "string" }, - "Value": { - "markdownDescription": "The minimum healthy instance value.", - "title": "Value", - "type": "number" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ "Type", - "Value" + "Properties" ], "type": "object" }, - "AWS::CodeDeploy::DeploymentConfig.MinimumHealthyHostsPerZone": { + "AWS::CloudFormation::PublicTypeVersion": { "additionalProperties": false, "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Amazon Resource Number (ARN) of the extension.\n\nConditional: You must specify `Arn` , or `TypeName` and `Type` .", + "title": "Arn", + "type": "string" + }, + "LogDeliveryBucket": { + "markdownDescription": "The S3 bucket to which CloudFormation delivers the contract test execution logs.\n\nCloudFormation delivers the logs by the time contract testing has completed and the extension has been assigned a test type status of `PASSED` or `FAILED` .\n\nThe user initiating the stack operation must be able to access items in the specified S3 bucket. Specifically, the user needs the following permissions:\n\n- s3:GetObject\n- s3:PutObject", + "title": "LogDeliveryBucket", + "type": "string" + }, + "PublicVersionNumber": { + "markdownDescription": "The version number to assign to this version of the extension.\n\nUse the following format, and adhere to semantic versioning when assigning a version number to your extension:\n\n`MAJOR.MINOR.PATCH`\n\nFor more information, see [Semantic Versioning 2.0.0](https://docs.aws.amazon.com/https://semver.org/) .\n\nIf you don't specify a version number, CloudFormation increments the version number by one minor version release.\n\nYou cannot specify a version number the first time you publish a type. CloudFormation automatically sets the first version number to be `1.0.0` .", + "title": "PublicVersionNumber", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the extension to test.\n\nConditional: You must specify `Arn` , or `TypeName` and `Type` .", + "title": "Type", + "type": "string" + }, + "TypeName": { + "markdownDescription": "The name of the extension to test.\n\nConditional: You must specify `Arn` , or `TypeName` and `Type` .", + "title": "TypeName", + "type": "string" + } + }, + "type": "object" + }, "Type": { - "markdownDescription": "The `type` associated with the `MinimumHealthyHostsPerZone` option.", - "title": "Type", + "enum": [ + "AWS::CloudFormation::PublicTypeVersion" + ], "type": "string" }, - "Value": { - "markdownDescription": "The `value` associated with the `MinimumHealthyHostsPerZone` option.", - "title": "Value", - "type": "number" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Type", - "Value" + "Type" ], "type": "object" }, - "AWS::CodeDeploy::DeploymentConfig.TimeBasedCanary": { + "AWS::CloudFormation::Publisher": { "additionalProperties": false, "properties": { - "CanaryInterval": { - "markdownDescription": "The number of minutes between the first and second traffic shifts of a `TimeBasedCanary` deployment.", - "title": "CanaryInterval", - "type": "number" + "Condition": { + "type": "string" }, - "CanaryPercentage": { - "markdownDescription": "The percentage of traffic to shift in the first increment of a `TimeBasedCanary` deployment.", - "title": "CanaryPercentage", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AcceptTermsAndConditions": { + "markdownDescription": "Whether you accept the [Terms and Conditions](https://docs.aws.amazon.com/https://cloudformation-registry-documents.s3.amazonaws.com/Terms_and_Conditions_for_AWS_CloudFormation_Registry_Publishers.pdf) for publishing extensions in the CloudFormation registry. You must accept the terms and conditions in order to register to publish public extensions to the CloudFormation registry.\n\nThe default is `false` .", + "title": "AcceptTermsAndConditions", + "type": "boolean" + }, + "ConnectionArn": { + "markdownDescription": "If you are using a Bitbucket or GitHub account for identity verification, the Amazon Resource Name (ARN) for your connection to that account.\n\nFor more information, see [Prerequisite: Registering your account to publish CloudFormation extensions](https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/publish-extension.html#publish-extension-prereqs) in the *AWS CloudFormation Command Line Interface (CLI) User Guide* .", + "title": "ConnectionArn", + "type": "string" + } + }, + "required": [ + "AcceptTermsAndConditions" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::CloudFormation::Publisher" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "CanaryInterval", - "CanaryPercentage" + "Type", + "Properties" ], "type": "object" }, - "AWS::CodeDeploy::DeploymentConfig.TimeBasedLinear": { + "AWS::CloudFormation::ResourceDefaultVersion": { "additionalProperties": false, "properties": { - "LinearInterval": { - "markdownDescription": "The number of minutes between each incremental traffic shift of a `TimeBasedLinear` deployment.", - "title": "LinearInterval", - "type": "number" + "Condition": { + "type": "string" }, - "LinearPercentage": { - "markdownDescription": "The percentage of traffic that is shifted at the start of each increment of a `TimeBasedLinear` deployment.", - "title": "LinearPercentage", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "TypeName": { + "markdownDescription": "The name of the resource.\n\nConditional: You must specify either `TypeVersionArn` , or `TypeName` and `VersionId` .", + "title": "TypeName", + "type": "string" + }, + "TypeVersionArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource version.\n\nConditional: You must specify either `TypeVersionArn` , or `TypeName` and `VersionId` .", + "title": "TypeVersionArn", + "type": "string" + }, + "VersionId": { + "markdownDescription": "The ID of a specific version of the resource. The version ID is the value at the end of the Amazon Resource Name (ARN) assigned to the resource version when it's registered.\n\nConditional: You must specify either `TypeVersionArn` , or `TypeName` and `VersionId` .", + "title": "VersionId", + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::CloudFormation::ResourceDefaultVersion" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "LinearInterval", - "LinearPercentage" + "Type" ], "type": "object" }, - "AWS::CodeDeploy::DeploymentConfig.TrafficRoutingConfig": { + "AWS::CloudFormation::ResourceVersion": { "additionalProperties": false, "properties": { - "TimeBasedCanary": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig.TimeBasedCanary", - "markdownDescription": "A configuration that shifts traffic from one version of a Lambda function or ECS task set to another in two increments. The original and target Lambda function versions or ECS task sets are specified in the deployment's AppSpec file.", - "title": "TimeBasedCanary" + "Condition": { + "type": "string" }, - "TimeBasedLinear": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig.TimeBasedLinear", - "markdownDescription": "A configuration that shifts traffic from one version of a Lambda function or Amazon ECS task set to another in equal increments, with an equal number of minutes between each increment. The original and target Lambda function versions or Amazon ECS task sets are specified in the deployment's AppSpec file.", - "title": "TimeBasedLinear" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ExecutionRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role for CloudFormation to assume when invoking the resource. If your resource calls AWS APIs in any of its handlers, you must create an IAM execution role that includes the necessary permissions to call those AWS APIs, and provision that execution role in your account. When CloudFormation needs to invoke the resource type handler, CloudFormation assumes this execution role to create a temporary session token, which it then passes to the resource type handler, thereby supplying your resource type with the appropriate credentials.", + "title": "ExecutionRoleArn", + "type": "string" + }, + "LoggingConfig": { + "$ref": "#/definitions/AWS::CloudFormation::ResourceVersion.LoggingConfig", + "markdownDescription": "Logging configuration information for a resource.", + "title": "LoggingConfig" + }, + "SchemaHandlerPackage": { + "markdownDescription": "A URL to the S3 bucket for the resource project package that contains the necessary files for the resource you want to register.\n\nFor information on generating a schema handler package, see [Modeling resource types to use with AWS CloudFormation](https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/resource-type-model.html) in the *AWS CloudFormation Command Line Interface (CLI) User Guide* .\n\n> To register the resource version, you must have `s3:GetObject` permissions to access the S3 objects.", + "title": "SchemaHandlerPackage", + "type": "string" + }, + "TypeName": { + "markdownDescription": "The name of the resource being registered.\n\nWe recommend that resource names adhere to the following pattern: *company_or_organization* :: *service* :: *type* .\n\n> The following organization namespaces are reserved and can't be used in your resource names:\n> \n> - `Alexa`\n> - `AMZN`\n> - `Amazon`\n> - `AWS`\n> - `Custom`\n> - `Dev`", + "title": "TypeName", + "type": "string" + } + }, + "required": [ + "SchemaHandlerPackage", + "TypeName" + ], + "type": "object" }, "Type": { - "markdownDescription": "The type of traffic shifting ( `TimeBasedCanary` or `TimeBasedLinear` ) used by a deployment configuration.", - "title": "Type", + "enum": [ + "AWS::CloudFormation::ResourceVersion" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::CodeDeploy::DeploymentConfig.ZonalConfig": { + "AWS::CloudFormation::ResourceVersion.LoggingConfig": { "additionalProperties": false, "properties": { - "FirstZoneMonitorDurationInSeconds": { - "markdownDescription": "The period of time, in seconds, that CodeDeploy must wait after completing a deployment to the *first* Availability Zone. CodeDeploy will wait this amount of time before starting a deployment to the second Availability Zone. You might set this option if you want to allow extra bake time for the first Availability Zone. If you don't specify a value for `firstZoneMonitorDurationInSeconds` , then CodeDeploy uses the `monitorDurationInSeconds` value for the first Availability Zone.\n\nFor more information about the zonal configuration feature, see [zonal configuration](https://docs.aws.amazon.com/codedeploy/latest/userguide/deployment-configurations-create.html#zonal-config) in the *CodeDeploy User Guide* .", - "title": "FirstZoneMonitorDurationInSeconds", - "type": "number" - }, - "MinimumHealthyHostsPerZone": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig.MinimumHealthyHostsPerZone", - "markdownDescription": "The number or percentage of instances that must remain available per Availability Zone during a deployment. This option works in conjunction with the `MinimumHealthyHosts` option. For more information, see [About the minimum number of healthy hosts per Availability Zone](https://docs.aws.amazon.com//codedeploy/latest/userguide/instances-health.html#minimum-healthy-hosts-az) in the *CodeDeploy User Guide* .\n\nIf you don't specify the `minimumHealthyHostsPerZone` option, then CodeDeploy uses a default value of `0` percent.\n\nFor more information about the zonal configuration feature, see [zonal configuration](https://docs.aws.amazon.com/codedeploy/latest/userguide/deployment-configurations-create.html#zonal-config) in the *CodeDeploy User Guide* .", - "title": "MinimumHealthyHostsPerZone" + "LogGroupName": { + "markdownDescription": "The Amazon CloudWatch logs group to which CloudFormation sends error logging information when invoking the type's handlers.", + "title": "LogGroupName", + "type": "string" }, - "MonitorDurationInSeconds": { - "markdownDescription": "The period of time, in seconds, that CodeDeploy must wait after completing a deployment to an Availability Zone. CodeDeploy will wait this amount of time before starting a deployment to the next Availability Zone. Consider adding a monitor duration to give the deployment some time to prove itself (or 'bake') in one Availability Zone before it is released in the next zone. If you don't specify a `monitorDurationInSeconds` , CodeDeploy starts deploying to the next Availability Zone immediately.\n\nFor more information about the zonal configuration feature, see [zonal configuration](https://docs.aws.amazon.com/codedeploy/latest/userguide/deployment-configurations-create.html#zonal-config) in the *CodeDeploy User Guide* .", - "title": "MonitorDurationInSeconds", - "type": "number" + "LogRoleArn": { + "markdownDescription": "The ARN of the role that CloudFormation should assume when sending log entries to CloudWatch logs.", + "title": "LogRoleArn", + "type": "string" } }, "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup": { + "AWS::CloudFormation::Stack": { "additionalProperties": false, "properties": { "Condition": { @@ -42766,134 +47962,202 @@ "Properties": { "additionalProperties": false, "properties": { - "AlarmConfiguration": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.AlarmConfiguration", - "markdownDescription": "Information about the Amazon CloudWatch alarms that are associated with the deployment group.", - "title": "AlarmConfiguration" - }, - "ApplicationName": { - "markdownDescription": "The name of an existing CodeDeploy application to associate this deployment group with.", - "title": "ApplicationName", - "type": "string" - }, - "AutoRollbackConfiguration": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.AutoRollbackConfiguration", - "markdownDescription": "Information about the automatic rollback configuration that is associated with the deployment group. If you specify this property, don't specify the `Deployment` property.", - "title": "AutoRollbackConfiguration" - }, - "AutoScalingGroups": { + "NotificationARNs": { "items": { "type": "string" }, - "markdownDescription": "A list of associated Auto Scaling groups that CodeDeploy automatically deploys revisions to when new instances are created. Duplicates are not allowed.", - "title": "AutoScalingGroups", + "markdownDescription": "The Amazon SNS topic ARNs to publish stack related events. You can find your Amazon SNS topic ARNs using the Amazon SNS console or your Command Line Interface (CLI).", + "title": "NotificationARNs", "type": "array" }, - "BlueGreenDeploymentConfiguration": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.BlueGreenDeploymentConfiguration", - "markdownDescription": "Information about blue/green deployment options for a deployment group.", - "title": "BlueGreenDeploymentConfiguration" + "Parameters": { + "additionalProperties": true, + "markdownDescription": "The set value pairs that represent the parameters passed to CloudFormation when this nested stack is created. Each parameter has a name corresponding to a parameter defined in the embedded template and a value representing the value that you want to set for the parameter.\n\n> If you use the `Ref` function to pass a parameter value to a nested stack, comma-delimited list parameters must be of type `String` . In other words, you can't pass values that are of type `CommaDelimitedList` to nested stacks. \n\nRequired if the nested stack requires input parameters.\n\nWhether an update causes interruptions depends on the resources that are being updated. An update never causes a nested stack to be replaced.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Parameters", + "type": "object" }, - "Deployment": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.Deployment", - "markdownDescription": "The application revision to deploy to this deployment group. If you specify this property, your target application revision is deployed as soon as the provisioning process is complete. If you specify this property, don't specify the `AutoRollbackConfiguration` property.", - "title": "Deployment" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Key-value pairs to associate with this stack. CloudFormation also propagates these tags to the resources created in the stack. A maximum number of 50 tags can be specified.", + "title": "Tags", + "type": "array" }, - "DeploymentConfigName": { - "markdownDescription": "A deployment configuration name or a predefined configuration name. With predefined configurations, you can deploy application revisions to one instance at a time ( `CodeDeployDefault.OneAtATime` ), half of the instances at a time ( `CodeDeployDefault.HalfAtATime` ), or all the instances at once ( `CodeDeployDefault.AllAtOnce` ). For more information and valid values, see [Working with Deployment Configurations](https://docs.aws.amazon.com/codedeploy/latest/userguide/deployment-configurations.html) in the *AWS CodeDeploy User Guide* .", - "title": "DeploymentConfigName", + "TemplateURL": { + "markdownDescription": "The URL of a file that contains the template body. The URL must point to a template (max size: 1 MB) that's located in an Amazon S3 bucket. The location for an Amazon S3 bucket must start with `https://` .\n\nWhether an update causes interruptions depends on the resources that are being updated. An update never causes a nested stack to be replaced.", + "title": "TemplateURL", "type": "string" }, - "DeploymentGroupName": { - "markdownDescription": "A name for the deployment group. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the deployment group name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "DeploymentGroupName", + "TimeoutInMinutes": { + "markdownDescription": "The length of time, in minutes, that CloudFormation waits for the nested stack to reach the `CREATE_COMPLETE` state. The default is no timeout. When CloudFormation detects that the nested stack has reached the `CREATE_COMPLETE` state, it marks the nested stack resource as `CREATE_COMPLETE` in the parent stack and resumes creating the parent stack. If the timeout period expires before the nested stack reaches `CREATE_COMPLETE` , CloudFormation marks the nested stack as failed and rolls back both the nested stack and parent stack.\n\nUpdates aren't supported.", + "title": "TimeoutInMinutes", + "type": "number" + } + }, + "required": [ + "TemplateURL" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::CloudFormation::Stack" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::CloudFormation::StackSet": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, - "DeploymentStyle": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.DeploymentStyle", - "markdownDescription": "Attributes that determine the type of deployment to run and whether to route deployment traffic behind a load balancer.\n\nIf you specify this property with a blue/green deployment type, don't specify the `AutoScalingGroups` , `LoadBalancerInfo` , or `Deployment` properties.\n\n> For blue/green deployments, AWS CloudFormation supports deployments on Lambda compute platforms only. You can perform Amazon ECS blue/green deployments using `AWS::CodeDeploy::BlueGreen` hook. See [Perform Amazon ECS blue/green deployments through CodeDeploy using AWS CloudFormation](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/blue-green.html) for more information.", - "title": "DeploymentStyle" - }, - "ECSServices": { + { "items": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.ECSService" + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" }, - "markdownDescription": "The target Amazon ECS services in the deployment group. This applies only to deployment groups that use the Amazon ECS compute platform. A target Amazon ECS service is specified as an Amazon ECS cluster and service name pair using the format `:` .", - "title": "ECSServices", "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AdministrationRoleARN": { + "markdownDescription": "The Amazon Resource Number (ARN) of the IAM role to use to create this StackSet. Specify an IAM role only if you are using customized administrator roles to control which users or groups can manage specific StackSets within the same administrator account.\n\nUse customized administrator roles to control which users or groups can manage specific StackSets within the same administrator account. For more information, see [Grant self-managed permissions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-prereqs-self-managed.html) in the *AWS CloudFormation User Guide* .\n\nValid only if the permissions model is `SELF_MANAGED` .", + "title": "AdministrationRoleARN", + "type": "string" }, - "Ec2TagFilters": { + "AutoDeployment": { + "$ref": "#/definitions/AWS::CloudFormation::StackSet.AutoDeployment", + "markdownDescription": "Describes whether StackSets automatically deploys to AWS Organizations accounts that are added to a target organization or organizational unit (OU). For more information, see [Enable or disable automatic deployments for StackSets in AWS Organizations](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-orgs-manage-auto-deployment.html) in the *AWS CloudFormation User Guide* .\n\nRequired if the permissions model is `SERVICE_MANAGED` . (Not used with self-managed permissions.)", + "title": "AutoDeployment" + }, + "CallAs": { + "markdownDescription": "Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.\n\nBy default, `SELF` is specified. Use `SELF` for StackSets with self-managed permissions.\n\n- To create a StackSet with service-managed permissions while signed in to the management account, specify `SELF` .\n- To create a StackSet with service-managed permissions while signed in to a delegated administrator account, specify `DELEGATED_ADMIN` .\n\nYour AWS account must be registered as a delegated admin in the management account. For more information, see [Register a delegated administrator](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-orgs-delegated-admin.html) in the *AWS CloudFormation User Guide* .\n\nStackSets with service-managed permissions are created in the management account, including StackSets that are created by delegated administrators.\n\nValid only if the permissions model is `SERVICE_MANAGED` .", + "title": "CallAs", + "type": "string" + }, + "Capabilities": { "items": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.EC2TagFilter" + "type": "string" }, - "markdownDescription": "The Amazon EC2 tags that are already applied to Amazon EC2 instances that you want to include in the deployment group. CodeDeploy includes all Amazon EC2 instances identified by any of the tags you specify in this deployment group. Duplicates are not allowed.\n\nYou can specify `EC2TagFilters` or `Ec2TagSet` , but not both.", - "title": "Ec2TagFilters", + "markdownDescription": "The capabilities that are allowed in the StackSet. Some StackSet templates might include resources that can affect permissions in your AWS account \u2014for example, by creating new IAM users. For more information, see [Acknowledging IAM resources in CloudFormation templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/control-access-with-iam.html#using-iam-capabilities) in the *AWS CloudFormation User Guide* .", + "title": "Capabilities", "type": "array" }, - "Ec2TagSet": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.EC2TagSet", - "markdownDescription": "Information about groups of tags applied to Amazon EC2 instances. The deployment group includes only Amazon EC2 instances identified by all the tag groups. Cannot be used in the same call as `ec2TagFilter` .", - "title": "Ec2TagSet" + "Description": { + "markdownDescription": "A description of the StackSet.", + "title": "Description", + "type": "string" }, - "LoadBalancerInfo": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.LoadBalancerInfo", - "markdownDescription": "Information about the load balancer to use in a deployment. For more information, see [Integrating CodeDeploy with Elastic Load Balancing](https://docs.aws.amazon.com/codedeploy/latest/userguide/integrations-aws-elastic-load-balancing.html) in the *AWS CodeDeploy User Guide* .", - "title": "LoadBalancerInfo" + "ExecutionRoleName": { + "markdownDescription": "The name of the IAM execution role to use to create the StackSet. If you don't specify an execution role, CloudFormation uses the `AWSCloudFormationStackSetExecutionRole` role for the StackSet operation.\n\nValid only if the permissions model is `SELF_MANAGED` .\n\n*Pattern* : `[a-zA-Z_0-9+=,.@-]+`", + "title": "ExecutionRoleName", + "type": "string" }, - "OnPremisesInstanceTagFilters": { + "ManagedExecution": { + "$ref": "#/definitions/AWS::CloudFormation::StackSet.ManagedExecution", + "markdownDescription": "Describes whether StackSets performs non-conflicting operations concurrently and queues conflicting operations.\n\nWhen active, StackSets performs non-conflicting operations concurrently and queues conflicting operations. After conflicting operations finish, StackSets starts queued operations in request order.\n\n> If there are already running or queued operations, StackSets queues all incoming operations even if they are non-conflicting.\n> \n> You can't modify your StackSet's execution configuration while there are running or queued operations for that StackSet. \n\nWhen inactive (default), StackSets performs one operation at a time in request order.", + "title": "ManagedExecution" + }, + "OperationPreferences": { + "$ref": "#/definitions/AWS::CloudFormation::StackSet.OperationPreferences", + "markdownDescription": "The user-specified preferences for how CloudFormation performs a StackSet operation.", + "title": "OperationPreferences" + }, + "Parameters": { "items": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TagFilter" + "$ref": "#/definitions/AWS::CloudFormation::StackSet.Parameter" }, - "markdownDescription": "The on-premises instance tags already applied to on-premises instances that you want to include in the deployment group. CodeDeploy includes all on-premises instances identified by any of the tags you specify in this deployment group. To register on-premises instances with CodeDeploy , see [Working with On-Premises Instances for CodeDeploy](https://docs.aws.amazon.com/codedeploy/latest/userguide/instances-on-premises.html) in the *AWS CodeDeploy User Guide* . Duplicates are not allowed.\n\nYou can specify `OnPremisesInstanceTagFilters` or `OnPremisesInstanceTagSet` , but not both.", - "title": "OnPremisesInstanceTagFilters", + "markdownDescription": "The input parameters for the StackSet template.", + "title": "Parameters", "type": "array" }, - "OnPremisesTagSet": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.OnPremisesTagSet", - "markdownDescription": "Information about groups of tags applied to on-premises instances. The deployment group includes only on-premises instances identified by all the tag groups.\n\nYou can specify `OnPremisesInstanceTagFilters` or `OnPremisesInstanceTagSet` , but not both.", - "title": "OnPremisesTagSet" - }, - "OutdatedInstancesStrategy": { - "markdownDescription": "Indicates what happens when new Amazon EC2 instances are launched mid-deployment and do not receive the deployed application revision.\n\nIf this option is set to `UPDATE` or is unspecified, CodeDeploy initiates one or more 'auto-update outdated instances' deployments to apply the deployed application revision to the new Amazon EC2 instances.\n\nIf this option is set to `IGNORE` , CodeDeploy does not initiate a deployment to update the new Amazon EC2 instances. This may result in instances having different revisions.", - "title": "OutdatedInstancesStrategy", + "PermissionModel": { + "markdownDescription": "Describes how the IAM roles required for StackSet operations are created.\n\n- With `SELF_MANAGED` permissions, you must create the administrator and execution roles required to deploy to target accounts. For more information, see [Grant self-managed permissions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-prereqs-self-managed.html) in the *AWS CloudFormation User Guide* .\n- With `SERVICE_MANAGED` permissions, StackSets automatically creates the IAM roles required to deploy to accounts managed by AWS Organizations . For more information, see [Activate trusted access for StackSets with AWS Organizations](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-orgs-activate-trusted-access.html) in the *AWS CloudFormation User Guide* .", + "title": "PermissionModel", "type": "string" }, - "ServiceRoleArn": { - "markdownDescription": "A service role Amazon Resource Name (ARN) that grants CodeDeploy permission to make calls to AWS services on your behalf. For more information, see [Create a Service Role for AWS CodeDeploy](https://docs.aws.amazon.com/codedeploy/latest/userguide/getting-started-create-service-role.html) in the *AWS CodeDeploy User Guide* .\n\n> In some cases, you might need to add a dependency on the service role's policy. For more information, see IAM role policy in [DependsOn Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) .", - "title": "ServiceRoleArn", + "StackInstancesGroup": { + "items": { + "$ref": "#/definitions/AWS::CloudFormation::StackSet.StackInstances" + }, + "markdownDescription": "A group of stack instances with parameters in some specific accounts and Regions.", + "title": "StackInstancesGroup", + "type": "array" + }, + "StackSetName": { + "markdownDescription": "The name to associate with the StackSet. The name must be unique in the Region where you create your StackSet.", + "title": "StackSetName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The metadata that you apply to CodeDeploy deployment groups to help you organize and categorize them. Each tag consists of a key and an optional value, both of which you define.", + "markdownDescription": "Key-value pairs to associate with this stack. CloudFormation also propagates these tags to supported resources in the stack. You can specify a maximum number of 50 tags.\n\nIf you don't specify this parameter, CloudFormation doesn't modify the stack's tags. If you specify an empty value, CloudFormation removes all associated tags.", "title": "Tags", "type": "array" }, - "TerminationHookEnabled": { - "markdownDescription": "Indicates whether the deployment group was configured to have CodeDeploy install a termination hook into an Auto Scaling group.\n\nFor more information about the termination hook, see [How Amazon EC2 Auto Scaling works with CodeDeploy](https://docs.aws.amazon.com//codedeploy/latest/userguide/integrations-aws-auto-scaling.html#integrations-aws-auto-scaling-behaviors) in the *AWS CodeDeploy User Guide* .", - "title": "TerminationHookEnabled", - "type": "boolean" + "TemplateBody": { + "markdownDescription": "The structure that contains the template body, with a minimum length of 1 byte and a maximum length of 51,200 bytes.\n\nYou must include either `TemplateURL` or `TemplateBody` in a StackSet, but you can't use both. Dynamic references in the `TemplateBody` may not work correctly in all cases. It's recommended to pass templates that contain dynamic references through `TemplateUrl` instead.", + "title": "TemplateBody", + "type": "string" }, - "TriggerConfigurations": { - "items": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TriggerConfig" - }, - "markdownDescription": "Information about triggers associated with the deployment group. Duplicates are not allowed", - "title": "TriggerConfigurations", - "type": "array" + "TemplateURL": { + "markdownDescription": "The URL of a file that contains the template body. The URL must point to a template (max size: 1 MB) that's located in an Amazon S3 bucket or a Systems Manager document. The location for an Amazon S3 bucket must start with `https://` .\n\nConditional: You must specify only one of the following parameters: `TemplateBody` , `TemplateURL` .", + "title": "TemplateURL", + "type": "string" } }, "required": [ - "ApplicationName", - "ServiceRoleArn" + "PermissionModel", + "StackSetName" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeDeploy::DeploymentGroup" + "AWS::CloudFormation::StackSet" ], "type": "string" }, @@ -42912,473 +48176,776 @@ ], "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.Alarm": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the alarm. Maximum length is 255 characters. Each alarm name can be used only once in a list of alarms.", - "title": "Name", - "type": "string" - } - }, - "type": "object" - }, - "AWS::CodeDeploy::DeploymentGroup.AlarmConfiguration": { + "AWS::CloudFormation::StackSet.AutoDeployment": { "additionalProperties": false, "properties": { - "Alarms": { - "items": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.Alarm" - }, - "markdownDescription": "A list of alarms configured for the deployment or deployment group. A maximum of 10 alarms can be added.", - "title": "Alarms", - "type": "array" - }, "Enabled": { - "markdownDescription": "Indicates whether the alarm configuration is enabled.", + "markdownDescription": "If set to `true` , StackSets automatically deploys additional stack instances to AWS Organizations accounts that are added to a target organization or organizational unit (OU) in the specified Regions. If an account is removed from a target organization or OU, StackSets deletes stack instances from the account in the specified Regions.", "title": "Enabled", "type": "boolean" }, - "IgnorePollAlarmFailure": { - "markdownDescription": "Indicates whether a deployment should continue if information about the current state of alarms cannot be retrieved from Amazon CloudWatch . The default value is `false` .\n\n- `true` : The deployment proceeds even if alarm status information can't be retrieved from CloudWatch .\n- `false` : The deployment stops if alarm status information can't be retrieved from CloudWatch .", - "title": "IgnorePollAlarmFailure", + "RetainStacksOnAccountRemoval": { + "markdownDescription": "If set to `true` , stack resources are retained when an account is removed from a target organization or OU. If set to `false` , stack resources are deleted. Specify only if `Enabled` is set to `True` .", + "title": "RetainStacksOnAccountRemoval", "type": "boolean" } }, "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.AutoRollbackConfiguration": { + "AWS::CloudFormation::StackSet.DeploymentTargets": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Indicates whether a defined automatic rollback configuration is currently enabled.", - "title": "Enabled", - "type": "boolean" + "AccountFilterType": { + "markdownDescription": "Refines which accounts to deploy stacks to by specifying how to use the `Accounts` and `OrganizationalUnitIds` properties together.\n\nThe following values determine how CloudFormation selects target accounts:\n\n- `INTERSECTION` : StackSet deploys to the accounts specified in the `Accounts` property.\n- `DIFFERENCE` : StackSet deploys to the OU, excluding the accounts specified in the `Accounts` property.\n- `UNION` : StackSet deploys to the OU, and the accounts specified in the `Accounts` property. `UNION` is not supported for create operations when using StackSet as a resource or the `CreateStackInstances` API.", + "title": "AccountFilterType", + "type": "string" }, - "Events": { + "Accounts": { "items": { "type": "string" }, - "markdownDescription": "The event type or types that trigger a rollback. Valid values are `DEPLOYMENT_FAILURE` , `DEPLOYMENT_STOP_ON_ALARM` , or `DEPLOYMENT_STOP_ON_REQUEST` .", - "title": "Events", + "markdownDescription": "The account IDs of the AWS accounts . If you have many account numbers, you can provide those accounts using the `AccountsUrl` property instead.\n\n*Pattern* : `^[0-9]{12}$`", + "title": "Accounts", + "type": "array" + }, + "AccountsUrl": { + "markdownDescription": "The Amazon S3 URL path to a file that contains a list of AWS account IDs. The file format must be either `.csv` or `.txt` , and the data can be comma-separated or new-line-separated. There is currently a 10MB limit for the data (approximately 800,000 accounts).\n\nThis property serves the same purpose as `Accounts` but allows you to specify a large number of accounts.", + "title": "AccountsUrl", + "type": "string" + }, + "OrganizationalUnitIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The organization root ID or organizational unit (OU) IDs.\n\n*Pattern* : `^(ou-[a-z0-9]{4,32}-[a-z0-9]{8,32}|r-[a-z0-9]{4,32})$`", + "title": "OrganizationalUnitIds", "type": "array" } }, "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.BlueGreenDeploymentConfiguration": { + "AWS::CloudFormation::StackSet.ManagedExecution": { "additionalProperties": false, "properties": { - "DeploymentReadyOption": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.DeploymentReadyOption", - "markdownDescription": "Information about the action to take when newly provisioned instances are ready to receive traffic in a blue/green deployment.", - "title": "DeploymentReadyOption" - }, - "GreenFleetProvisioningOption": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.GreenFleetProvisioningOption", - "markdownDescription": "Information about how instances are provisioned for a replacement environment in a blue/green deployment.", - "title": "GreenFleetProvisioningOption" - }, - "TerminateBlueInstancesOnDeploymentSuccess": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.BlueInstanceTerminationOption", - "markdownDescription": "Information about whether to terminate instances in the original fleet during a blue/green deployment.", - "title": "TerminateBlueInstancesOnDeploymentSuccess" + "Active": { + "markdownDescription": "When `true` , CloudFormation performs non-conflicting operations concurrently and queues conflicting operations. After conflicting operations finish, CloudFormation starts queued operations in request order.\n\n> If there are already running or queued operations, CloudFormation queues all incoming operations even if they are non-conflicting.\n> \n> You can't modify your StackSet's execution configuration while there are running or queued operations for that StackSet. \n\nWhen `false` (default), StackSets performs one operation at a time in request order.", + "title": "Active", + "type": "boolean" } }, "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.BlueInstanceTerminationOption": { + "AWS::CloudFormation::StackSet.OperationPreferences": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The action to take on instances in the original environment after a successful blue/green deployment.\n\n- `TERMINATE` : Instances are terminated after a specified wait time.\n- `KEEP_ALIVE` : Instances are left running after they are deregistered from the load balancer and removed from the deployment group.", - "title": "Action", + "ConcurrencyMode": { + "markdownDescription": "Specifies how the concurrency level behaves during the operation execution.\n\n- `STRICT_FAILURE_TOLERANCE` : This option dynamically lowers the concurrency level to ensure the number of failed accounts never exceeds the value of `FailureToleranceCount` +1. The initial actual concurrency is set to the lower of either the value of the `MaxConcurrentCount` , or the value of `FailureToleranceCount` +1. The actual concurrency is then reduced proportionally by the number of failures. This is the default behavior.\n\nIf failure tolerance or Maximum concurrent accounts are set to percentages, the behavior is similar.\n- `SOFT_FAILURE_TOLERANCE` : This option decouples `FailureToleranceCount` from the actual concurrency. This allows StackSet operations to run at the concurrency level set by the `MaxConcurrentCount` value, or `MaxConcurrentPercentage` , regardless of the number of failures.", + "title": "ConcurrencyMode", "type": "string" }, - "TerminationWaitTimeInMinutes": { - "markdownDescription": "For an Amazon EC2 deployment, the number of minutes to wait after a successful blue/green deployment before terminating instances from the original environment.\n\nFor an Amazon ECS deployment, the number of minutes before deleting the original (blue) task set. During an Amazon ECS deployment, CodeDeploy shifts traffic from the original (blue) task set to a replacement (green) task set.\n\nThe maximum setting is 2880 minutes (2 days).", - "title": "TerminationWaitTimeInMinutes", + "FailureToleranceCount": { + "markdownDescription": "The number of accounts per Region this operation can fail in before CloudFormation stops the operation in that Region. If the operation is stopped in a Region, CloudFormation doesn't attempt the operation in any subsequent Regions.\n\nConditional: You must specify either `FailureToleranceCount` or `FailureTolerancePercentage` (but not both).", + "title": "FailureToleranceCount", + "type": "number" + }, + "FailureTolerancePercentage": { + "markdownDescription": "The percentage of accounts per Region this stack operation can fail in before CloudFormation stops the operation in that Region. If the operation is stopped in a Region, CloudFormation doesn't attempt the operation in any subsequent Regions.\n\nWhen calculating the number of accounts based on the specified percentage, CloudFormation rounds *down* to the next whole number.\n\nConditional: You must specify either `FailureToleranceCount` or `FailureTolerancePercentage` , but not both.", + "title": "FailureTolerancePercentage", + "type": "number" + }, + "MaxConcurrentCount": { + "markdownDescription": "The maximum number of accounts in which to perform this operation at one time. This is dependent on the value of `FailureToleranceCount` . `MaxConcurrentCount` is at most one more than the `FailureToleranceCount` .\n\nNote that this setting lets you specify the *maximum* for operations. For large deployments, under certain circumstances the actual number of accounts acted upon concurrently may be lower due to service throttling.\n\nConditional: You must specify either `MaxConcurrentCount` or `MaxConcurrentPercentage` , but not both.", + "title": "MaxConcurrentCount", + "type": "number" + }, + "MaxConcurrentPercentage": { + "markdownDescription": "The maximum percentage of accounts in which to perform this operation at one time.\n\nWhen calculating the number of accounts based on the specified percentage, CloudFormation rounds down to the next whole number. This is true except in cases where rounding down would result is zero. In this case, CloudFormation sets the number as one instead.\n\nNote that this setting lets you specify the *maximum* for operations. For large deployments, under certain circumstances the actual number of accounts acted upon concurrently may be lower due to service throttling.\n\nConditional: You must specify either `MaxConcurrentCount` or `MaxConcurrentPercentage` , but not both.", + "title": "MaxConcurrentPercentage", "type": "number" + }, + "RegionConcurrencyType": { + "markdownDescription": "The concurrency type of deploying StackSets operations in Regions, could be in parallel or one Region at a time.", + "title": "RegionConcurrencyType", + "type": "string" + }, + "RegionOrder": { + "items": { + "type": "string" + }, + "markdownDescription": "The order of the Regions where you want to perform the stack operation.", + "title": "RegionOrder", + "type": "array" } }, "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.Deployment": { + "AWS::CloudFormation::StackSet.Parameter": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A comment about the deployment.", - "title": "Description", + "ParameterKey": { + "markdownDescription": "The key associated with the parameter. If you don't specify a key and value for a particular parameter, CloudFormation uses the default value that's specified in your template.", + "title": "ParameterKey", "type": "string" }, - "IgnoreApplicationStopFailures": { - "markdownDescription": "If true, then if an `ApplicationStop` , `BeforeBlockTraffic` , or `AfterBlockTraffic` deployment lifecycle event to an instance fails, then the deployment continues to the next deployment lifecycle event. For example, if `ApplicationStop` fails, the deployment continues with DownloadBundle. If `BeforeBlockTraffic` fails, the deployment continues with `BlockTraffic` . If `AfterBlockTraffic` fails, the deployment continues with `ApplicationStop` .\n\nIf false or not specified, then if a lifecycle event fails during a deployment to an instance, that deployment fails. If deployment to that instance is part of an overall deployment and the number of healthy hosts is not less than the minimum number of healthy hosts, then a deployment to the next instance is attempted.\n\nDuring a deployment, the AWS CodeDeploy agent runs the scripts specified for `ApplicationStop` , `BeforeBlockTraffic` , and `AfterBlockTraffic` in the AppSpec file from the previous successful deployment. (All other scripts are run from the AppSpec file in the current deployment.) If one of these scripts contains an error and does not run successfully, the deployment can fail.\n\nIf the cause of the failure is a script from the last successful deployment that will never run successfully, create a new deployment and use `ignoreApplicationStopFailures` to specify that the `ApplicationStop` , `BeforeBlockTraffic` , and `AfterBlockTraffic` failures should be ignored.", - "title": "IgnoreApplicationStopFailures", - "type": "boolean" - }, - "Revision": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.RevisionLocation", - "markdownDescription": "Information about the location of stored application artifacts and the service from which to retrieve them.", - "title": "Revision" + "ParameterValue": { + "markdownDescription": "The input value associated with the parameter.", + "title": "ParameterValue", + "type": "string" } }, "required": [ - "Revision" + "ParameterKey", + "ParameterValue" ], "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.DeploymentReadyOption": { + "AWS::CloudFormation::StackSet.StackInstances": { "additionalProperties": false, "properties": { - "ActionOnTimeout": { - "markdownDescription": "Information about when to reroute traffic from an original environment to a replacement environment in a blue/green deployment.\n\n- CONTINUE_DEPLOYMENT: Register new instances with the load balancer immediately after the new application revision is installed on the instances in the replacement environment.\n- STOP_DEPLOYMENT: Do not register new instances with a load balancer unless traffic rerouting is started using [ContinueDeployment](https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_ContinueDeployment.html) . If traffic rerouting is not started before the end of the specified wait period, the deployment status is changed to Stopped.", - "title": "ActionOnTimeout", - "type": "string" + "DeploymentTargets": { + "$ref": "#/definitions/AWS::CloudFormation::StackSet.DeploymentTargets", + "markdownDescription": "The AWS Organizations accounts or AWS accounts to deploy stacks to in the specified Regions.", + "title": "DeploymentTargets" }, - "WaitTimeInMinutes": { - "markdownDescription": "The number of minutes to wait before the status of a blue/green deployment is changed to Stopped if rerouting is not started manually. Applies only to the `STOP_DEPLOYMENT` option for `actionOnTimeout` .", - "title": "WaitTimeInMinutes", - "type": "number" - } - }, - "type": "object" - }, - "AWS::CodeDeploy::DeploymentGroup.DeploymentStyle": { - "additionalProperties": false, - "properties": { - "DeploymentOption": { - "markdownDescription": "Indicates whether to route deployment traffic behind a load balancer.\n\n> An Amazon EC2 Application Load Balancer or Network Load Balancer is required for an Amazon ECS deployment.", - "title": "DeploymentOption", - "type": "string" + "ParameterOverrides": { + "items": { + "$ref": "#/definitions/AWS::CloudFormation::StackSet.Parameter" + }, + "markdownDescription": "A list of StackSet parameters whose values you want to override in the selected stack instances.", + "title": "ParameterOverrides", + "type": "array" }, - "DeploymentType": { - "markdownDescription": "Indicates whether to run an in-place or blue/green deployment.", - "title": "DeploymentType", - "type": "string" + "Regions": { + "items": { + "type": "string" + }, + "markdownDescription": "The names of one or more Regions where you want to create stack instances using the specified AWS accounts .", + "title": "Regions", + "type": "array" } }, + "required": [ + "DeploymentTargets", + "Regions" + ], "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.EC2TagFilter": { + "AWS::CloudFormation::TypeActivation": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The tag filter key.", - "title": "Key", + "Condition": { "type": "string" }, - "Type": { - "markdownDescription": "The tag filter type:\n\n- `KEY_ONLY` : Key only.\n- `VALUE_ONLY` : Value only.\n- `KEY_AND_VALUE` : Key and value.", - "title": "Type", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Value": { - "markdownDescription": "The tag filter value.", - "title": "Value", - "type": "string" - } - }, - "type": "object" - }, - "AWS::CodeDeploy::DeploymentGroup.EC2TagSet": { - "additionalProperties": false, - "properties": { - "Ec2TagSetList": { - "items": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.EC2TagSetListObject" - }, - "markdownDescription": "The Amazon EC2 tags that are already applied to Amazon EC2 instances that you want to include in the deployment group. CodeDeploy includes all Amazon EC2 instances identified by any of the tags you specify in this deployment group.\n\nDuplicates are not allowed.", - "title": "Ec2TagSetList", - "type": "array" - } - }, - "type": "object" - }, - "AWS::CodeDeploy::DeploymentGroup.EC2TagSetListObject": { - "additionalProperties": false, - "properties": { - "Ec2TagGroup": { - "items": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.EC2TagFilter" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AutoUpdate": { + "markdownDescription": "Whether to automatically update the extension in this account and Region when a new *minor* version is published by the extension publisher. Major versions released by the publisher must be manually updated.\n\nThe default is `true` .", + "title": "AutoUpdate", + "type": "boolean" + }, + "ExecutionRoleArn": { + "markdownDescription": "The name of the IAM execution role to use to activate the extension.", + "title": "ExecutionRoleArn", + "type": "string" + }, + "LoggingConfig": { + "$ref": "#/definitions/AWS::CloudFormation::TypeActivation.LoggingConfig", + "markdownDescription": "Specifies logging configuration information for an extension.", + "title": "LoggingConfig" + }, + "MajorVersion": { + "markdownDescription": "The major version of this extension you want to activate, if multiple major versions are available. The default is the latest major version. CloudFormation uses the latest available *minor* version of the major version selected.\n\nYou can specify `MajorVersion` or `VersionBump` , but not both.", + "title": "MajorVersion", + "type": "string" + }, + "PublicTypeArn": { + "markdownDescription": "The Amazon Resource Number (ARN) of the public extension.\n\nConditional: You must specify `PublicTypeArn` , or `TypeName` , `Type` , and `PublisherId` .", + "title": "PublicTypeArn", + "type": "string" + }, + "PublisherId": { + "markdownDescription": "The ID of the extension publisher.\n\nConditional: You must specify `PublicTypeArn` , or `TypeName` , `Type` , and `PublisherId` .", + "title": "PublisherId", + "type": "string" + }, + "Type": { + "markdownDescription": "The extension type.\n\nConditional: You must specify `PublicTypeArn` , or `TypeName` , `Type` , and `PublisherId` .", + "title": "Type", + "type": "string" + }, + "TypeName": { + "markdownDescription": "The name of the extension.\n\nConditional: You must specify `PublicTypeArn` , or `TypeName` , `Type` , and `PublisherId` .", + "title": "TypeName", + "type": "string" + }, + "TypeNameAlias": { + "markdownDescription": "An alias to assign to the public extension, in this account and Region. If you specify an alias for the extension, CloudFormation treats the alias as the extension type name within this account and Region. You must use the alias to refer to the extension in your templates, API calls, and CloudFormation console.\n\nAn extension alias must be unique within a given account and Region. You can activate the same public resource multiple times in the same account and Region, using different type name aliases.", + "title": "TypeNameAlias", + "type": "string" + }, + "VersionBump": { + "markdownDescription": "Manually updates a previously-activated type to a new major or minor version, if available. You can also use this parameter to update the value of `AutoUpdate` .\n\n- `MAJOR` : CloudFormation updates the extension to the newest major version, if one is available.\n- `MINOR` : CloudFormation updates the extension to the newest minor version, if one is available.", + "title": "VersionBump", + "type": "string" + } }, - "markdownDescription": "A list that contains other lists of Amazon EC2 instance tag groups. For an instance to be included in the deployment group, it must be identified by all of the tag groups in the list.", - "title": "Ec2TagGroup", - "type": "array" - } - }, - "type": "object" - }, - "AWS::CodeDeploy::DeploymentGroup.ECSService": { - "additionalProperties": false, - "properties": { - "ClusterName": { - "markdownDescription": "The name of the cluster that the Amazon ECS service is associated with.", - "title": "ClusterName", + "type": "object" + }, + "Type": { + "enum": [ + "AWS::CloudFormation::TypeActivation" + ], "type": "string" }, - "ServiceName": { - "markdownDescription": "The name of the target Amazon ECS service.", - "title": "ServiceName", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ClusterName", - "ServiceName" + "Type" ], "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.ELBInfo": { + "AWS::CloudFormation::TypeActivation.LoggingConfig": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "For blue/green deployments, the name of the load balancer that is used to route traffic from original instances to replacement instances in a blue/green deployment. For in-place deployments, the name of the load balancer that instances are deregistered from so they are not serving traffic during a deployment, and then re-registered with after the deployment is complete.\n\n> AWS CloudFormation supports blue/green deployments on AWS Lambda compute platforms only.", - "title": "Name", + "LogGroupName": { + "markdownDescription": "The Amazon CloudWatch Logs group to which CloudFormation sends error logging information when invoking the extension's handlers.", + "title": "LogGroupName", + "type": "string" + }, + "LogRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role that CloudFormation should assume when sending log entries to CloudWatch Logs.", + "title": "LogRoleArn", "type": "string" } }, "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.GitHubLocation": { + "AWS::CloudFormation::WaitCondition": { "additionalProperties": false, "properties": { - "CommitId": { - "markdownDescription": "The SHA1 commit ID of the GitHub commit that represents the bundled artifacts for the application revision.", - "title": "CommitId", + "Condition": { "type": "string" }, - "Repository": { - "markdownDescription": "The GitHub account and repository pair that stores a reference to the commit that represents the bundled artifacts for the application revision.\n\nSpecify the value as `account/repository` .", - "title": "Repository", + "CreationPolicy": { + "type": "object" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Count": { + "markdownDescription": "The number of success signals that CloudFormation must receive before it continues the stack creation process. When the wait condition receives the requisite number of success signals, CloudFormation resumes the creation of the stack. If the wait condition doesn't receive the specified number of success signals before the Timeout period expires, CloudFormation assumes that the wait condition has failed and rolls the stack back.\n\nUpdates aren't supported.", + "title": "Count", + "type": "number" + }, + "Handle": { + "markdownDescription": "A reference to the wait condition handle used to signal this wait condition. Use the `Ref` intrinsic function to specify an [AWS::CloudFormation::WaitConditionHandle](https://docs.aws.amazon.com/AWSCloudFormation/latest/TemplateReference/aws-resource-cloudformation-waitconditionhandle.html) resource.\n\nAnytime you add a `WaitCondition` resource during a stack update, you must associate the wait condition with a new WaitConditionHandle resource. Don't reuse an old wait condition handle that has already been defined in the template. If you reuse a wait condition handle, the wait condition might evaluate old signals from a previous create or update stack command.\n\nUpdates aren't supported.", + "title": "Handle", + "type": "string" + }, + "Timeout": { + "markdownDescription": "The length of time (in seconds) to wait for the number of signals that the `Count` property specifies. `Timeout` is a minimum-bound property, meaning the timeout occurs no sooner than the time you specify, but can occur shortly thereafter. The maximum time that can be specified for this property is 12 hours (43200 seconds).\n\nUpdates aren't supported.", + "title": "Timeout", + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::CloudFormation::WaitCondition" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "CommitId", - "Repository" + "Type" ], "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.GreenFleetProvisioningOption": { + "AWS::CloudFormation::WaitConditionHandle": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The method used to add instances to a replacement environment.\n\n- `DISCOVER_EXISTING` : Use instances that already exist or will be created manually.\n- `COPY_AUTO_SCALING_GROUP` : Use settings from a specified Auto Scaling group to define and create instances in a new Auto Scaling group.", - "title": "Action", + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::CloudFormation::WaitConditionHandle" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.LoadBalancerInfo": { + "AWS::CloudFront::AnycastIpList": { "additionalProperties": false, "properties": { - "ElbInfoList": { - "items": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.ELBInfo" - }, - "markdownDescription": "An array that contains information about the load balancers to use for load balancing in a deployment. If you're using Classic Load Balancers, specify those load balancers in this array.\n\n> You can add up to 10 load balancers to the array. > If you're using Application Load Balancers or Network Load Balancers, use the `targetGroupInfoList` array instead of this one.", - "title": "ElbInfoList", - "type": "array" + "Condition": { + "type": "string" }, - "TargetGroupInfoList": { - "items": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TargetGroupInfo" - }, - "markdownDescription": "An array that contains information about the target groups to use for load balancing in a deployment. If you're using Application Load Balancers and Network Load Balancers, specify their associated target groups in this array.\n\n> You can add up to 10 target groups to the array. > If you're using Classic Load Balancers, use the `elbInfoList` array instead of this one.", - "title": "TargetGroupInfoList", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "TargetGroupPairInfoList": { - "items": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TargetGroupPairInfo" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "IpCount": { + "markdownDescription": "The number of IP addresses in the Anycast static IP list.", + "title": "IpCount", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of the Anycast static IP list.", + "title": "Name", + "type": "string" + }, + "Tags": { + "$ref": "#/definitions/AWS::CloudFront::AnycastIpList.Tags", + "markdownDescription": "A complex type that contains zero or more `Tag` elements.", + "title": "Tags" + } }, - "markdownDescription": "The target group pair information. This is an array of `TargeGroupPairInfo` objects with a maximum size of one.", - "title": "TargetGroupPairInfoList", - "type": "array" + "required": [ + "IpCount", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::CloudFront::AnycastIpList" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.OnPremisesTagSet": { + "AWS::CloudFront::AnycastIpList.AnycastIpList": { "additionalProperties": false, "properties": { - "OnPremisesTagSetList": { + "AnycastIps": { "items": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.OnPremisesTagSetListObject" + "type": "string" }, - "markdownDescription": "A list that contains other lists of on-premises instance tag groups. For an instance to be included in the deployment group, it must be identified by all of the tag groups in the list.\n\nDuplicates are not allowed.", - "title": "OnPremisesTagSetList", + "markdownDescription": "The static IP addresses that are allocated to the Anycast static IP list.", + "title": "AnycastIps", "type": "array" + }, + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Anycast static IP list.", + "title": "Arn", + "type": "string" + }, + "Id": { + "markdownDescription": "The ID of the Anycast static IP list.", + "title": "Id", + "type": "string" + }, + "IpCount": { + "markdownDescription": "The number of IP addresses in the Anycast static IP list.", + "title": "IpCount", + "type": "number" + }, + "LastModifiedTime": { + "markdownDescription": "The last time the Anycast static IP list was modified.", + "title": "LastModifiedTime", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the Anycast static IP list.", + "title": "Name", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the Anycast static IP list. Valid values: `Deployed` , `Deploying` , or `Failed` .", + "title": "Status", + "type": "string" } }, + "required": [ + "AnycastIps", + "Arn", + "Id", + "IpCount", + "LastModifiedTime", + "Name", + "Status" + ], "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.OnPremisesTagSetListObject": { + "AWS::CloudFront::AnycastIpList.Tags": { "additionalProperties": false, "properties": { - "OnPremisesTagGroup": { + "Items": { "items": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TagFilter" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "Information about groups of on-premises instance tags.", - "title": "OnPremisesTagGroup", + "markdownDescription": "A complex type that contains `Tag` elements.", + "title": "Items", "type": "array" } }, "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.RevisionLocation": { + "AWS::CloudFront::CachePolicy": { "additionalProperties": false, "properties": { - "GitHubLocation": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.GitHubLocation", - "markdownDescription": "Information about the location of application artifacts stored in GitHub.", - "title": "GitHubLocation" - }, - "RevisionType": { - "markdownDescription": "The type of application revision:\n\n- S3: An application revision stored in Amazon S3.\n- GitHub: An application revision stored in GitHub (EC2/On-premises deployments only).\n- String: A YAML-formatted or JSON-formatted string ( AWS Lambda deployments only).\n- AppSpecContent: An `AppSpecContent` object that contains the contents of an AppSpec file for an AWS Lambda or Amazon ECS deployment. The content is formatted as JSON or YAML stored as a RawString.", - "title": "RevisionType", + "Condition": { "type": "string" }, - "S3Location": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.S3Location", - "markdownDescription": "Information about the location of a revision stored in Amazon S3.", - "title": "S3Location" - } - }, - "type": "object" - }, - "AWS::CodeDeploy::DeploymentGroup.S3Location": { - "additionalProperties": false, - "properties": { - "Bucket": { - "markdownDescription": "The name of the Amazon S3 bucket where the application revision is stored.", - "title": "Bucket", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "BundleType": { - "markdownDescription": "The file type of the application revision. Must be one of the following:\n\n- JSON\n- tar: A tar archive file.\n- tgz: A compressed tar archive file.\n- YAML\n- zip: A zip archive file.", - "title": "BundleType", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ETag": { - "markdownDescription": "The ETag of the Amazon S3 object that represents the bundled artifacts for the application revision.\n\nIf the ETag is not specified as an input parameter, ETag validation of the object is skipped.", - "title": "ETag", - "type": "string" + "Metadata": { + "type": "object" }, - "Key": { - "markdownDescription": "The name of the Amazon S3 object that represents the bundled artifacts for the application revision.", - "title": "Key", + "Properties": { + "additionalProperties": false, + "properties": { + "CachePolicyConfig": { + "$ref": "#/definitions/AWS::CloudFront::CachePolicy.CachePolicyConfig", + "markdownDescription": "The cache policy configuration.", + "title": "CachePolicyConfig" + } + }, + "required": [ + "CachePolicyConfig" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::CloudFront::CachePolicy" + ], "type": "string" }, - "Version": { - "markdownDescription": "A specific version of the Amazon S3 object that represents the bundled artifacts for the application revision.\n\nIf the version is not specified, the system uses the most recent version by default.", - "title": "Version", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Bucket", - "Key" + "Type", + "Properties" ], "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.TagFilter": { + "AWS::CloudFront::CachePolicy.CachePolicyConfig": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The on-premises instance tag filter key.", - "title": "Key", + "Comment": { + "markdownDescription": "A comment to describe the cache policy. The comment cannot be longer than 128 characters.", + "title": "Comment", "type": "string" }, - "Type": { - "markdownDescription": "The on-premises instance tag filter type:\n\n- KEY_ONLY: Key only.\n- VALUE_ONLY: Value only.\n- KEY_AND_VALUE: Key and value.", - "title": "Type", - "type": "string" + "DefaultTTL": { + "markdownDescription": "The default amount of time, in seconds, that you want objects to stay in the CloudFront cache before CloudFront sends another request to the origin to see if the object has been updated. CloudFront uses this value as the object's time to live (TTL) only when the origin does *not* send `Cache-Control` or `Expires` headers with the object. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .\n\nThe default value for this field is 86400 seconds (one day). If the value of `MinTTL` is more than 86400 seconds, then the default value for this field is the same as the value of `MinTTL` .", + "title": "DefaultTTL", + "type": "number" }, - "Value": { - "markdownDescription": "The on-premises instance tag filter value.", - "title": "Value", + "MaxTTL": { + "markdownDescription": "The maximum amount of time, in seconds, that objects stay in the CloudFront cache before CloudFront sends another request to the origin to see if the object has been updated. CloudFront uses this value only when the origin sends `Cache-Control` or `Expires` headers with the object. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .\n\nThe default value for this field is 31536000 seconds (one year). If the value of `MinTTL` or `DefaultTTL` is more than 31536000 seconds, then the default value for this field is the same as the value of `DefaultTTL` .", + "title": "MaxTTL", + "type": "number" + }, + "MinTTL": { + "markdownDescription": "The minimum amount of time, in seconds, that you want objects to stay in the CloudFront cache before CloudFront sends another request to the origin to see if the object has been updated. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", + "title": "MinTTL", + "type": "number" + }, + "Name": { + "markdownDescription": "A unique name to identify the cache policy.", + "title": "Name", "type": "string" + }, + "ParametersInCacheKeyAndForwardedToOrigin": { + "$ref": "#/definitions/AWS::CloudFront::CachePolicy.ParametersInCacheKeyAndForwardedToOrigin", + "markdownDescription": "The HTTP headers, cookies, and URL query strings to include in the cache key. The values included in the cache key are also included in requests that CloudFront sends to the origin.", + "title": "ParametersInCacheKeyAndForwardedToOrigin" } }, + "required": [ + "DefaultTTL", + "MaxTTL", + "MinTTL", + "Name", + "ParametersInCacheKeyAndForwardedToOrigin" + ], "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.TargetGroupInfo": { + "AWS::CloudFront::CachePolicy.CookiesConfig": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "For blue/green deployments, the name of the target group that instances in the original environment are deregistered from, and instances in the replacement environment registered with. For in-place deployments, the name of the target group that instances are deregistered from, so they are not serving traffic during a deployment, and then re-registered with after the deployment completes. No duplicates allowed.\n\n> AWS CloudFormation supports blue/green deployments on AWS Lambda compute platforms only. \n\nThis value cannot exceed 32 characters, so you should use the `Name` property of the target group, or the `TargetGroupName` attribute with the `Fn::GetAtt` intrinsic function, as shown in the following example. Don't use the group's Amazon Resource Name (ARN) or `TargetGroupFullName` attribute.", - "title": "Name", + "CookieBehavior": { + "markdownDescription": "Determines whether any cookies in viewer requests are included in the cache key and in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` \u2013 No cookies in viewer requests are included in the cache key or in requests that CloudFront sends to the origin. Even when this field is set to `none` , any cookies that are listed in an `OriginRequestPolicy` *are* included in origin requests.\n- `whitelist` \u2013 Only the cookies in viewer requests that are listed in the `CookieNames` type are included in the cache key and in requests that CloudFront sends to the origin.\n- `allExcept` \u2013 All cookies in viewer requests are included in the cache key and in requests that CloudFront sends to the origin, **except** for those that are listed in the `CookieNames` type, which are not included.\n- `all` \u2013 All cookies in viewer requests are included in the cache key and in requests that CloudFront sends to the origin.", + "title": "CookieBehavior", "type": "string" + }, + "Cookies": { + "items": { + "type": "string" + }, + "markdownDescription": "Contains a list of cookie names.", + "title": "Cookies", + "type": "array" } }, + "required": [ + "CookieBehavior" + ], "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.TargetGroupPairInfo": { + "AWS::CloudFront::CachePolicy.HeadersConfig": { "additionalProperties": false, "properties": { - "ProdTrafficRoute": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TrafficRoute", - "markdownDescription": "The path used by a load balancer to route production traffic when an Amazon ECS deployment is complete.", - "title": "ProdTrafficRoute" + "HeaderBehavior": { + "markdownDescription": "Determines whether any HTTP headers are included in the cache key and in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` \u2013 No HTTP headers are included in the cache key or in requests that CloudFront sends to the origin. Even when this field is set to `none` , any headers that are listed in an `OriginRequestPolicy` *are* included in origin requests.\n- `whitelist` \u2013 Only the HTTP headers that are listed in the `Headers` type are included in the cache key and in requests that CloudFront sends to the origin.", + "title": "HeaderBehavior", + "type": "string" }, - "TargetGroups": { + "Headers": { "items": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TargetGroupInfo" + "type": "string" }, - "markdownDescription": "One pair of target groups. One is associated with the original task set. The second is associated with the task set that serves traffic after the deployment is complete.", - "title": "TargetGroups", + "markdownDescription": "Contains a list of HTTP header names.", + "title": "Headers", "type": "array" - }, - "TestTrafficRoute": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TrafficRoute", - "markdownDescription": "An optional path used by a load balancer to route test traffic after an Amazon ECS deployment. Validation can occur while test traffic is served during a deployment.", - "title": "TestTrafficRoute" } }, + "required": [ + "HeaderBehavior" + ], "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.TrafficRoute": { + "AWS::CloudFront::CachePolicy.ParametersInCacheKeyAndForwardedToOrigin": { "additionalProperties": false, "properties": { - "ListenerArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Name (ARN) of one listener. The listener identifies the route between a target group and a load balancer. This is an array of strings with a maximum size of one.", - "title": "ListenerArns", - "type": "array" + "CookiesConfig": { + "$ref": "#/definitions/AWS::CloudFront::CachePolicy.CookiesConfig", + "markdownDescription": "An object that determines whether any cookies in viewer requests (and if so, which cookies) are included in the cache key and in requests that CloudFront sends to the origin.", + "title": "CookiesConfig" + }, + "EnableAcceptEncodingBrotli": { + "markdownDescription": "A flag that can affect whether the `Accept-Encoding` HTTP header is included in the cache key and included in requests that CloudFront sends to the origin.\n\nThis field is related to the `EnableAcceptEncodingGzip` field. If one or both of these fields is `true` *and* the viewer request includes the `Accept-Encoding` header, then CloudFront does the following:\n\n- Normalizes the value of the viewer's `Accept-Encoding` header\n- Includes the normalized header in the cache key\n- Includes the normalized header in the request to the origin, if a request is necessary\n\nFor more information, see [Compression support](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-policy-compressed-objects) in the *Amazon CloudFront Developer Guide* .\n\nIf you set this value to `true` , and this cache behavior also has an origin request policy attached, do not include the `Accept-Encoding` header in the origin request policy. CloudFront always includes the `Accept-Encoding` header in origin requests when the value of this field is `true` , so including this header in an origin request policy has no effect.\n\nIf both of these fields are `false` , then CloudFront treats the `Accept-Encoding` header the same as any other HTTP header in the viewer request. By default, it's not included in the cache key and it's not included in origin requests. In this case, you can manually add `Accept-Encoding` to the headers whitelist like any other HTTP header.", + "title": "EnableAcceptEncodingBrotli", + "type": "boolean" + }, + "EnableAcceptEncodingGzip": { + "markdownDescription": "A flag that can affect whether the `Accept-Encoding` HTTP header is included in the cache key and included in requests that CloudFront sends to the origin.\n\nThis field is related to the `EnableAcceptEncodingBrotli` field. If one or both of these fields is `true` *and* the viewer request includes the `Accept-Encoding` header, then CloudFront does the following:\n\n- Normalizes the value of the viewer's `Accept-Encoding` header\n- Includes the normalized header in the cache key\n- Includes the normalized header in the request to the origin, if a request is necessary\n\nFor more information, see [Compression support](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-policy-compressed-objects) in the *Amazon CloudFront Developer Guide* .\n\nIf you set this value to `true` , and this cache behavior also has an origin request policy attached, do not include the `Accept-Encoding` header in the origin request policy. CloudFront always includes the `Accept-Encoding` header in origin requests when the value of this field is `true` , so including this header in an origin request policy has no effect.\n\nIf both of these fields are `false` , then CloudFront treats the `Accept-Encoding` header the same as any other HTTP header in the viewer request. By default, it's not included in the cache key and it's not included in origin requests. In this case, you can manually add `Accept-Encoding` to the headers whitelist like any other HTTP header.", + "title": "EnableAcceptEncodingGzip", + "type": "boolean" + }, + "HeadersConfig": { + "$ref": "#/definitions/AWS::CloudFront::CachePolicy.HeadersConfig", + "markdownDescription": "An object that determines whether any HTTP headers (and if so, which headers) are included in the cache key and in requests that CloudFront sends to the origin.", + "title": "HeadersConfig" + }, + "QueryStringsConfig": { + "$ref": "#/definitions/AWS::CloudFront::CachePolicy.QueryStringsConfig", + "markdownDescription": "An object that determines whether any URL query strings in viewer requests (and if so, which query strings) are included in the cache key and in requests that CloudFront sends to the origin.", + "title": "QueryStringsConfig" } }, + "required": [ + "CookiesConfig", + "EnableAcceptEncodingGzip", + "HeadersConfig", + "QueryStringsConfig" + ], "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.TriggerConfig": { + "AWS::CloudFront::CachePolicy.QueryStringsConfig": { "additionalProperties": false, "properties": { - "TriggerEvents": { + "QueryStringBehavior": { + "markdownDescription": "Determines whether any URL query strings in viewer requests are included in the cache key and in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` \u2013 No query strings in viewer requests are included in the cache key or in requests that CloudFront sends to the origin. Even when this field is set to `none` , any query strings that are listed in an `OriginRequestPolicy` *are* included in origin requests.\n- `whitelist` \u2013 Only the query strings in viewer requests that are listed in the `QueryStringNames` type are included in the cache key and in requests that CloudFront sends to the origin.\n- `allExcept` \u2013 All query strings in viewer requests are included in the cache key and in requests that CloudFront sends to the origin, **except** those that are listed in the `QueryStringNames` type, which are not included.\n- `all` \u2013 All query strings in viewer requests are included in the cache key and in requests that CloudFront sends to the origin.", + "title": "QueryStringBehavior", + "type": "string" + }, + "QueryStrings": { "items": { "type": "string" }, - "markdownDescription": "The event type or types that trigger notifications.", - "title": "TriggerEvents", + "markdownDescription": "Contains a list of query string names.", + "title": "QueryStrings", "type": "array" - }, - "TriggerName": { - "markdownDescription": "The name of the notification trigger.", - "title": "TriggerName", - "type": "string" - }, - "TriggerTargetArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Simple Notification Service topic through which notifications about deployment or instance events are sent.", - "title": "TriggerTargetArn", - "type": "string" } }, + "required": [ + "QueryStringBehavior" + ], "type": "object" }, - "AWS::CodeGuruProfiler::ProfilingGroup": { + "AWS::CloudFront::CloudFrontOriginAccessIdentity": { "additionalProperties": false, "properties": { "Condition": { @@ -43413,46 +48980,20 @@ "Properties": { "additionalProperties": false, "properties": { - "AgentPermissions": { - "$ref": "#/definitions/AWS::CodeGuruProfiler::ProfilingGroup.AgentPermissions", - "markdownDescription": "The agent permissions attached to this profiling group. This action group grants `ConfigureAgent` and `PostAgentProfile` permissions to perform actions required by the profiling agent. The Json consists of key `Principals` .\n\n*Principals* : A list of string ARNs for the roles and users you want to grant access to the profiling group. Wildcards are not supported in the ARNs. You are allowed to provide up to 50 ARNs. An empty list is not permitted. This is a required key.\n\nFor more information, see [Resource-based policies in CodeGuru Profiler](https://docs.aws.amazon.com/codeguru/latest/profiler-ug/resource-based-policies.html) in the *Amazon CodeGuru Profiler user guide* , [ConfigureAgent](https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_ConfigureAgent.html) , and [PostAgentProfile](https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_PostAgentProfile.html) .", - "title": "AgentPermissions" - }, - "AnomalyDetectionNotificationConfiguration": { - "items": { - "$ref": "#/definitions/AWS::CodeGuruProfiler::ProfilingGroup.Channel" - }, - "markdownDescription": "Adds anomaly notifications for a profiling group.", - "title": "AnomalyDetectionNotificationConfiguration", - "type": "array" - }, - "ComputePlatform": { - "markdownDescription": "The compute platform of the profiling group. Use `AWSLambda` if your application runs on AWS Lambda. Use `Default` if your application runs on a compute platform that is not AWS Lambda , such an Amazon EC2 instance, an on-premises server, or a different platform. If not specified, `Default` is used. This property is immutable.", - "title": "ComputePlatform", - "type": "string" - }, - "ProfilingGroupName": { - "markdownDescription": "The name of the profiling group.", - "title": "ProfilingGroupName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of tags to add to the created profiling group.", - "title": "Tags", - "type": "array" + "CloudFrontOriginAccessIdentityConfig": { + "$ref": "#/definitions/AWS::CloudFront::CloudFrontOriginAccessIdentity.CloudFrontOriginAccessIdentityConfig", + "markdownDescription": "The current configuration information for the identity.", + "title": "CloudFrontOriginAccessIdentityConfig" } }, "required": [ - "ProfilingGroupName" + "CloudFrontOriginAccessIdentityConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeGuruProfiler::ProfilingGroup" + "AWS::CloudFront::CloudFrontOriginAccessIdentity" ], "type": "string" }, @@ -43471,43 +49012,21 @@ ], "type": "object" }, - "AWS::CodeGuruProfiler::ProfilingGroup.AgentPermissions": { - "additionalProperties": false, - "properties": { - "Principals": { - "items": { - "type": "string" - }, - "markdownDescription": "", - "title": "Principals", - "type": "array" - } - }, - "required": [ - "Principals" - ], - "type": "object" - }, - "AWS::CodeGuruProfiler::ProfilingGroup.Channel": { + "AWS::CloudFront::CloudFrontOriginAccessIdentity.CloudFrontOriginAccessIdentityConfig": { "additionalProperties": false, "properties": { - "channelId": { - "markdownDescription": "The channel ID.", - "title": "channelId", - "type": "string" - }, - "channelUri": { - "markdownDescription": "The channel URI.", - "title": "channelUri", + "Comment": { + "markdownDescription": "A comment to describe the origin access identity. The comment cannot be longer than 128 characters.", + "title": "Comment", "type": "string" } }, "required": [ - "channelUri" + "Comment" ], "type": "object" }, - "AWS::CodeGuruReviewer::RepositoryAssociation": { + "AWS::CloudFront::ConnectionGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -43542,49 +49061,43 @@ "Properties": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "The name of the bucket. This is required for your S3Bucket repository. The name must start with the prefix `codeguru-reviewer-*` .", - "title": "BucketName", + "AnycastIpListId": { + "markdownDescription": "The ID of the Anycast static IP list.", + "title": "AnycastIpListId", "type": "string" }, - "ConnectionArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS CodeStar Connections connection. Its format is `arn:aws:codestar-connections:region-id:aws-account_id:connection/connection-id` . For more information, see [Connection](https://docs.aws.amazon.com/codestar-connections/latest/APIReference/API_Connection.html) in the *AWS CodeStar Connections API Reference* .\n\n`ConnectionArn` must be specified for Bitbucket and GitHub Enterprise Server repositories. It has no effect if it is specified for an AWS CodeCommit repository.", - "title": "ConnectionArn", - "type": "string" + "Enabled": { + "markdownDescription": "Whether the connection group is enabled.", + "title": "Enabled", + "type": "boolean" + }, + "Ipv6Enabled": { + "markdownDescription": "IPv6 is enabled for the connection group.", + "title": "Ipv6Enabled", + "type": "boolean" }, "Name": { - "markdownDescription": "The name of the repository.", + "markdownDescription": "The name of the connection group.", "title": "Name", "type": "string" }, - "Owner": { - "markdownDescription": "The owner of the repository. For a GitHub Enterprise Server or Bitbucket repository, this is the username for the account that owns the repository.\n\n`Owner` must be specified for Bitbucket and GitHub Enterprise Server repositories. It has no effect if it is specified for an AWS CodeCommit repository.", - "title": "Owner", - "type": "string" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs used to tag an associated repository. A tag is a custom attribute label with two parts:\n\n- A *tag key* (for example, `CostCenter` , `Environment` , `Project` , or `Secret` ). Tag keys are case sensitive.\n- An optional field known as a *tag value* (for example, `111122223333` , `Production` , or a team name). Omitting the tag value is the same as using an empty string. Like tag keys, tag values are case sensitive.", + "markdownDescription": "A complex type that contains zero or more `Tag` elements.", "title": "Tags", "type": "array" - }, - "Type": { - "markdownDescription": "The type of repository that contains the source code to be reviewed. The valid values are:\n\n- `CodeCommit`\n- `Bitbucket`\n- `GitHubEnterpriseServer`\n- `S3Bucket`", - "title": "Type", - "type": "string" } }, "required": [ - "Name", - "Type" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeGuruReviewer::RepositoryAssociation" + "AWS::CloudFront::ConnectionGroup" ], "type": "string" }, @@ -43603,7 +49116,7 @@ ], "type": "object" }, - "AWS::CodePipeline::CustomActionType": { + "AWS::CloudFront::ContinuousDeploymentPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -43638,65 +49151,20 @@ "Properties": { "additionalProperties": false, "properties": { - "Category": { - "markdownDescription": "The category of the custom action, such as a build action or a test action.", - "title": "Category", - "type": "string" - }, - "ConfigurationProperties": { - "items": { - "$ref": "#/definitions/AWS::CodePipeline::CustomActionType.ConfigurationProperties" - }, - "markdownDescription": "The configuration properties for the custom action.\n\n> You can refer to a name in the configuration properties of the custom action within the URL templates by following the format of {Config:name}, as long as the configuration property is both required and not secret. For more information, see [Create a Custom Action for a Pipeline](https://docs.aws.amazon.com/codepipeline/latest/userguide/how-to-create-custom-action.html) .", - "title": "ConfigurationProperties", - "type": "array" - }, - "InputArtifactDetails": { - "$ref": "#/definitions/AWS::CodePipeline::CustomActionType.ArtifactDetails", - "markdownDescription": "The details of the input artifact for the action, such as its commit ID.", - "title": "InputArtifactDetails" - }, - "OutputArtifactDetails": { - "$ref": "#/definitions/AWS::CodePipeline::CustomActionType.ArtifactDetails", - "markdownDescription": "The details of the output artifact of the action, such as its commit ID.", - "title": "OutputArtifactDetails" - }, - "Provider": { - "markdownDescription": "The provider of the service used in the custom action, such as CodeDeploy.", - "title": "Provider", - "type": "string" - }, - "Settings": { - "$ref": "#/definitions/AWS::CodePipeline::CustomActionType.Settings", - "markdownDescription": "URLs that provide users information about this custom action.", - "title": "Settings" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags for the custom action.", - "title": "Tags", - "type": "array" - }, - "Version": { - "markdownDescription": "The version identifier of the custom action.", - "title": "Version", - "type": "string" + "ContinuousDeploymentPolicyConfig": { + "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.ContinuousDeploymentPolicyConfig", + "markdownDescription": "Contains the configuration for a continuous deployment policy.", + "title": "ContinuousDeploymentPolicyConfig" } }, "required": [ - "Category", - "InputArtifactDetails", - "OutputArtifactDetails", - "Provider", - "Version" + "ContinuousDeploymentPolicyConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodePipeline::CustomActionType" + "AWS::CloudFront::ContinuousDeploymentPolicy" ], "type": "string" }, @@ -43715,100 +49183,172 @@ ], "type": "object" }, - "AWS::CodePipeline::CustomActionType.ArtifactDetails": { + "AWS::CloudFront::ContinuousDeploymentPolicy.ContinuousDeploymentPolicyConfig": { "additionalProperties": false, "properties": { - "MaximumCount": { - "markdownDescription": "The maximum number of artifacts allowed for the action type.", - "title": "MaximumCount", + "Enabled": { + "markdownDescription": "A Boolean that indicates whether this continuous deployment policy is enabled (in effect). When this value is `true` , this policy is enabled and in effect. When this value is `false` , this policy is not enabled and has no effect.", + "title": "Enabled", + "type": "boolean" + }, + "SingleHeaderPolicyConfig": { + "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.SingleHeaderPolicyConfig", + "markdownDescription": "This configuration determines which HTTP requests are sent to the staging distribution. If the HTTP request contains a header and value that matches what you specify here, the request is sent to the staging distribution. Otherwise the request is sent to the primary distribution.", + "title": "SingleHeaderPolicyConfig" + }, + "SingleWeightPolicyConfig": { + "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.SingleWeightPolicyConfig", + "markdownDescription": "This configuration determines the percentage of HTTP requests that are sent to the staging distribution.", + "title": "SingleWeightPolicyConfig" + }, + "StagingDistributionDnsNames": { + "items": { + "type": "string" + }, + "markdownDescription": "The CloudFront domain name of the staging distribution. For example: `d111111abcdef8.cloudfront.net` .", + "title": "StagingDistributionDnsNames", + "type": "array" + }, + "TrafficConfig": { + "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.TrafficConfig", + "markdownDescription": "Contains the parameters for routing production traffic from your primary to staging distributions.", + "title": "TrafficConfig" + }, + "Type": { + "markdownDescription": "The type of traffic configuration.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Enabled", + "StagingDistributionDnsNames" + ], + "type": "object" + }, + "AWS::CloudFront::ContinuousDeploymentPolicy.SessionStickinessConfig": { + "additionalProperties": false, + "properties": { + "IdleTTL": { + "markdownDescription": "The amount of time after which you want sessions to cease if no requests are received. Allowed values are 300\u20133600 seconds (5\u201360 minutes).", + "title": "IdleTTL", "type": "number" }, - "MinimumCount": { - "markdownDescription": "The minimum number of artifacts allowed for the action type.", - "title": "MinimumCount", + "MaximumTTL": { + "markdownDescription": "The maximum amount of time to consider requests from the viewer as being part of the same session. Allowed values are 300\u20133600 seconds (5\u201360 minutes).", + "title": "MaximumTTL", "type": "number" } }, "required": [ - "MaximumCount", - "MinimumCount" + "IdleTTL", + "MaximumTTL" ], "type": "object" }, - "AWS::CodePipeline::CustomActionType.ConfigurationProperties": { + "AWS::CloudFront::ContinuousDeploymentPolicy.SingleHeaderConfig": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the action configuration property that is displayed to users.", - "title": "Description", - "type": "string" - }, - "Key": { - "markdownDescription": "Whether the configuration property is a key.", - "title": "Key", - "type": "boolean" - }, - "Name": { - "markdownDescription": "The name of the action configuration property.", - "title": "Name", + "Header": { + "markdownDescription": "The request header name that you want CloudFront to send to your staging distribution. The header must contain the prefix `aws-cf-cd-` .", + "title": "Header", "type": "string" }, - "Queryable": { - "markdownDescription": "Indicates that the property is used with `PollForJobs` . When creating a custom action, an action can have up to one queryable property. If it has one, that property must be both required and not secret.\n\nIf you create a pipeline with a custom action type, and that custom action contains a queryable property, the value for that configuration property is subject to other restrictions. The value must be less than or equal to twenty (20) characters. The value can contain only alphanumeric characters, underscores, and hyphens.", - "title": "Queryable", - "type": "boolean" - }, - "Required": { - "markdownDescription": "Whether the configuration property is a required value.", - "title": "Required", - "type": "boolean" - }, - "Secret": { - "markdownDescription": "Whether the configuration property is secret. Secrets are hidden from all calls except for `GetJobDetails` , `GetThirdPartyJobDetails` , `PollForJobs` , and `PollForThirdPartyJobs` .\n\nWhen updating a pipeline, passing * * * * * without changing any other values of the action preserves the previous value of the secret.", - "title": "Secret", - "type": "boolean" - }, - "Type": { - "markdownDescription": "The type of the configuration property.", - "title": "Type", + "Value": { + "markdownDescription": "The request header value.", + "title": "Value", "type": "string" } }, "required": [ - "Key", - "Name", - "Required", - "Secret" + "Header", + "Value" ], "type": "object" }, - "AWS::CodePipeline::CustomActionType.Settings": { + "AWS::CloudFront::ContinuousDeploymentPolicy.SingleHeaderPolicyConfig": { "additionalProperties": false, "properties": { - "EntityUrlTemplate": { - "markdownDescription": "The URL returned to the CodePipeline console that provides a deep link to the resources of the external system, such as the configuration page for a CodeDeploy deployment group. This link is provided as part of the action display in the pipeline.", - "title": "EntityUrlTemplate", + "Header": { + "markdownDescription": "The name of the HTTP header that CloudFront uses to configure for the single header policy.", + "title": "Header", "type": "string" }, - "ExecutionUrlTemplate": { - "markdownDescription": "The URL returned to the CodePipeline console that contains a link to the top-level landing page for the external system, such as the console page for CodeDeploy. This link is shown on the pipeline view page in the CodePipeline console and provides a link to the execution entity of the external action.", - "title": "ExecutionUrlTemplate", + "Value": { + "markdownDescription": "Specifies the value to assign to the header for a single header policy.", + "title": "Value", "type": "string" + } + }, + "required": [ + "Header", + "Value" + ], + "type": "object" + }, + "AWS::CloudFront::ContinuousDeploymentPolicy.SingleWeightConfig": { + "additionalProperties": false, + "properties": { + "SessionStickinessConfig": { + "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.SessionStickinessConfig", + "markdownDescription": "Session stickiness provides the ability to define multiple requests from a single viewer as a single session. This prevents the potentially inconsistent experience of sending some of a given user's requests to your staging distribution, while others are sent to your primary distribution. Define the session duration using TTL values.", + "title": "SessionStickinessConfig" }, - "RevisionUrlTemplate": { - "markdownDescription": "The URL returned to the CodePipeline console that contains a link to the page where customers can update or change the configuration of the external action.", - "title": "RevisionUrlTemplate", - "type": "string" + "Weight": { + "markdownDescription": "The percentage of traffic to send to a staging distribution, expressed as a decimal number between 0 and 0.15. For example, a value of 0.10 means 10% of traffic is sent to the staging distribution.", + "title": "Weight", + "type": "number" + } + }, + "required": [ + "Weight" + ], + "type": "object" + }, + "AWS::CloudFront::ContinuousDeploymentPolicy.SingleWeightPolicyConfig": { + "additionalProperties": false, + "properties": { + "SessionStickinessConfig": { + "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.SessionStickinessConfig", + "markdownDescription": "Enable session stickiness for the associated origin or cache settings.", + "title": "SessionStickinessConfig" }, - "ThirdPartyConfigurationUrl": { - "markdownDescription": "The URL of a sign-up page where users can sign up for an external service and perform initial configuration of the action provided by that service.", - "title": "ThirdPartyConfigurationUrl", + "Weight": { + "markdownDescription": "The percentage of requests that CloudFront will use to send to an associated origin or cache settings.", + "title": "Weight", + "type": "number" + } + }, + "required": [ + "Weight" + ], + "type": "object" + }, + "AWS::CloudFront::ContinuousDeploymentPolicy.TrafficConfig": { + "additionalProperties": false, + "properties": { + "SingleHeaderConfig": { + "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.SingleHeaderConfig", + "markdownDescription": "Determines which HTTP requests are sent to the staging distribution.", + "title": "SingleHeaderConfig" + }, + "SingleWeightConfig": { + "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.SingleWeightConfig", + "markdownDescription": "Contains the percentage of traffic to send to the staging distribution.", + "title": "SingleWeightConfig" + }, + "Type": { + "markdownDescription": "The type of traffic configuration.", + "title": "Type", "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::CodePipeline::Pipeline": { + "AWS::CloudFront::Distribution": { "additionalProperties": false, "properties": { "Condition": { @@ -43843,94 +49383,28 @@ "Properties": { "additionalProperties": false, "properties": { - "ArtifactStore": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.ArtifactStore", - "markdownDescription": "The S3 bucket where artifacts for the pipeline are stored.\n\n> You must include either `artifactStore` or `artifactStores` in your pipeline, but you cannot use both. If you create a cross-region action in your pipeline, you must use `artifactStores` .", - "title": "ArtifactStore" - }, - "ArtifactStores": { - "items": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.ArtifactStoreMap" - }, - "markdownDescription": "A mapping of `artifactStore` objects and their corresponding AWS Regions. There must be an artifact store for the pipeline Region and for each cross-region action in the pipeline.\n\n> You must include either `artifactStore` or `artifactStores` in your pipeline, but you cannot use both. If you create a cross-region action in your pipeline, you must use `artifactStores` .", - "title": "ArtifactStores", - "type": "array" + "DistributionConfig": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.DistributionConfig", + "markdownDescription": "The distribution's configuration.", + "title": "DistributionConfig" }, - "DisableInboundStageTransitions": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.StageTransition" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "Represents the input of a `DisableStageTransition` action.", - "title": "DisableInboundStageTransitions", - "type": "array" - }, - "ExecutionMode": { - "markdownDescription": "The method that the pipeline will use to handle multiple executions. The default mode is SUPERSEDED.", - "title": "ExecutionMode", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the pipeline.", - "title": "Name", - "type": "string" - }, - "PipelineType": { - "markdownDescription": "CodePipeline provides the following pipeline types, which differ in characteristics and price, so that you can tailor your pipeline features and cost to the needs of your applications.\n\n- V1 type pipelines have a JSON structure that contains standard pipeline, stage, and action-level parameters.\n- V2 type pipelines have the same structure as a V1 type, along with additional parameters for release safety and trigger configuration.\n\n> Including V2 parameters, such as triggers on Git tags, in the pipeline JSON when creating or updating a pipeline will result in the pipeline having the V2 type of pipeline and the associated costs. \n\nFor information about pricing for CodePipeline, see [Pricing](https://docs.aws.amazon.com/codepipeline/pricing/) .\n\nFor information about which type of pipeline to choose, see [What type of pipeline is right for me?](https://docs.aws.amazon.com/codepipeline/latest/userguide/pipeline-types-planning.html) .", - "title": "PipelineType", - "type": "string" - }, - "RestartExecutionOnUpdate": { - "markdownDescription": "Indicates whether to rerun the CodePipeline pipeline after you update it.", - "title": "RestartExecutionOnUpdate", - "type": "boolean" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for CodePipeline to use to either perform actions with no `actionRoleArn` , or to use to assume roles for actions with an `actionRoleArn` .", - "title": "RoleArn", - "type": "string" - }, - "Stages": { - "items": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.StageDeclaration" - }, - "markdownDescription": "Represents information about a stage and its definition.", - "title": "Stages", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Specifies the tags applied to the pipeline.", - "title": "Tags", - "type": "array" - }, - "Triggers": { - "items": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.PipelineTriggerDeclaration" - }, - "markdownDescription": "The trigger configuration specifying a type of event, such as Git tags, that starts the pipeline.\n\n> When a trigger configuration is specified, default change detection for repository and branch commits is disabled.", - "title": "Triggers", - "type": "array" - }, - "Variables": { - "items": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.VariableDeclaration" - }, - "markdownDescription": "A list that defines the pipeline variables for a pipeline resource. Variable names can have alphanumeric and underscore characters, and the values must match `[A-Za-z0-9@\\-_]+` .", - "title": "Variables", + "markdownDescription": "A complex type that contains zero or more `Tag` elements.", + "title": "Tags", "type": "array" } }, "required": [ - "RoleArn", - "Stages" + "DistributionConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodePipeline::Pipeline" + "AWS::CloudFront::Distribution" ], "type": "string" }, @@ -43949,740 +49423,1084 @@ ], "type": "object" }, - "AWS::CodePipeline::Pipeline.ActionDeclaration": { + "AWS::CloudFront::Distribution.CacheBehavior": { "additionalProperties": false, "properties": { - "ActionTypeId": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.ActionTypeId", - "markdownDescription": "Specifies the action type and the provider of the action.", - "title": "ActionTypeId" + "AllowedMethods": { + "items": { + "type": "string" + }, + "markdownDescription": "A complex type that controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin. There are three choices:\n\n- CloudFront forwards only `GET` and `HEAD` requests.\n- CloudFront forwards only `GET` , `HEAD` , and `OPTIONS` requests.\n- CloudFront forwards `GET, HEAD, OPTIONS, PUT, PATCH, POST` , and `DELETE` requests.\n\nIf you pick the third choice, you may need to restrict access to your Amazon S3 bucket or to your custom origin so users can't perform operations that you don't want them to. For example, you might not want users to have permissions to delete objects from your origin.", + "title": "AllowedMethods", + "type": "array" }, - "Configuration": { - "markdownDescription": "The action's configuration. These are key-value pairs that specify input values for an action. For more information, see [Action Structure Requirements in CodePipeline](https://docs.aws.amazon.com/codepipeline/latest/userguide/reference-pipeline-structure.html#action-requirements) . For the list of configuration properties for the AWS CloudFormation action type in CodePipeline, see [Configuration Properties Reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/continuous-delivery-codepipeline-action-reference.html) in the *AWS CloudFormation User Guide* . For template snippets with examples, see [Using Parameter Override Functions with CodePipeline Pipelines](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/continuous-delivery-codepipeline-parameter-override-functions.html) in the *AWS CloudFormation User Guide* .\n\nThe values can be represented in either JSON or YAML format. For example, the JSON configuration item format is as follows:\n\n*JSON:*\n\n`\"Configuration\" : { Key : Value },`", - "title": "Configuration", - "type": "object" + "CachePolicyId": { + "markdownDescription": "The unique identifier of the cache policy that is attached to this cache behavior. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nA `CacheBehavior` must include either a `CachePolicyId` or `ForwardedValues` . We recommend that you use a `CachePolicyId` .", + "title": "CachePolicyId", + "type": "string" }, - "InputArtifacts": { + "CachedMethods": { "items": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.InputArtifact" + "type": "string" }, - "markdownDescription": "The name or ID of the artifact consumed by the action, such as a test or build artifact. While the field is not a required parameter, most actions have an action configuration that requires a specified quantity of input artifacts. To refer to the action configuration specification by action provider, see the [Action structure reference](https://docs.aws.amazon.com/codepipeline/latest/userguide/action-reference.html) in the *AWS CodePipeline User Guide* .\n\n> For a CodeBuild action with multiple input artifacts, one of your input sources must be designated the PrimarySource. For more information, see the [CodeBuild action reference page](https://docs.aws.amazon.com/codepipeline/latest/userguide/action-reference-CodeBuild.html) in the *AWS CodePipeline User Guide* .", - "title": "InputArtifacts", + "markdownDescription": "A complex type that controls whether CloudFront caches the response to requests using the specified HTTP methods. There are two choices:\n\n- CloudFront caches responses to `GET` and `HEAD` requests.\n- CloudFront caches responses to `GET` , `HEAD` , and `OPTIONS` requests.\n\nIf you pick the second choice for your Amazon S3 Origin, you may need to forward Access-Control-Request-Method, Access-Control-Request-Headers, and Origin headers for the responses to be cached correctly.", + "title": "CachedMethods", "type": "array" }, - "Name": { - "markdownDescription": "The action declaration's name.", - "title": "Name", - "type": "string" + "Compress": { + "markdownDescription": "Whether you want CloudFront to automatically compress certain files for this cache behavior. If so, specify true; if not, specify false. For more information, see [Serving Compressed Files](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/ServingCompressedFiles.html) in the *Amazon CloudFront Developer Guide* .", + "title": "Compress", + "type": "boolean" }, - "Namespace": { - "markdownDescription": "The variable namespace associated with the action. All variables produced as output by this action fall under this namespace.", - "title": "Namespace", + "DefaultTTL": { + "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThis field is deprecated. We recommend that you use the `DefaultTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe default amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin does not add HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", + "title": "DefaultTTL", + "type": "number" + }, + "FieldLevelEncryptionId": { + "markdownDescription": "The value of `ID` for the field-level encryption configuration that you want CloudFront to use for encrypting specific fields of data for this cache behavior.", + "title": "FieldLevelEncryptionId", "type": "string" }, - "OutputArtifacts": { + "ForwardedValues": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.ForwardedValues", + "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field. For more information, see [Working with policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/working-with-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to include values in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send values to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) or [Using the managed origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nA `CacheBehavior` must include either a `CachePolicyId` or `ForwardedValues` . We recommend that you use a `CachePolicyId` .\n\nA complex type that specifies how CloudFront handles query strings, cookies, and HTTP headers.", + "title": "ForwardedValues" + }, + "FunctionAssociations": { "items": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.OutputArtifact" + "$ref": "#/definitions/AWS::CloudFront::Distribution.FunctionAssociation" }, - "markdownDescription": "The name or ID of the result of the action declaration, such as a test or build artifact. While the field is not a required parameter, most actions have an action configuration that requires a specified quantity of output artifacts. To refer to the action configuration specification by action provider, see the [Action structure reference](https://docs.aws.amazon.com/codepipeline/latest/userguide/action-reference.html) in the *AWS CodePipeline User Guide* .", - "title": "OutputArtifacts", + "markdownDescription": "A list of CloudFront functions that are associated with this cache behavior. CloudFront functions must be published to the `LIVE` stage to associate them with a cache behavior.", + "title": "FunctionAssociations", "type": "array" }, - "Region": { - "markdownDescription": "The action declaration's AWS Region, such as us-east-1.", - "title": "Region", - "type": "string" + "GrpcConfig": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.GrpcConfig", + "markdownDescription": "The gRPC configuration for your cache behavior.", + "title": "GrpcConfig" }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM service role that performs the declared action. This is assumed through the roleArn for the pipeline.", - "title": "RoleArn", - "type": "string" + "LambdaFunctionAssociations": { + "items": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.LambdaFunctionAssociation" + }, + "markdownDescription": "A complex type that contains zero or more Lambda@Edge function associations for a cache behavior.", + "title": "LambdaFunctionAssociations", + "type": "array" }, - "RunOrder": { - "markdownDescription": "The order in which actions are run.", - "title": "RunOrder", + "MaxTTL": { + "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThis field is deprecated. We recommend that you use the `MaxTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe maximum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin adds HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", + "title": "MaxTTL", "type": "number" }, - "TimeoutInMinutes": { - "markdownDescription": "A timeout duration in minutes that can be applied against the ActionType\u2019s default timeout value specified in [Quotas for AWS CodePipeline](https://docs.aws.amazon.com/codepipeline/latest/userguide/limits.html) . This attribute is available only to the manual approval ActionType.", - "title": "TimeoutInMinutes", + "MinTTL": { + "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThis field is deprecated. We recommend that you use the `MinTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe minimum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .\n\nYou must specify `0` for `MinTTL` if you configure CloudFront to forward all headers to your origin (under `Headers` , if you specify `1` for `Quantity` and `*` for `Name` ).", + "title": "MinTTL", "type": "number" - } - }, - "required": [ - "ActionTypeId", - "Name" - ], - "type": "object" - }, - "AWS::CodePipeline::Pipeline.ActionTypeId": { - "additionalProperties": false, - "properties": { - "Category": { - "markdownDescription": "A category defines what kind of action can be taken in the stage, and constrains the provider type for the action. Valid categories are limited to one of the values below.\n\n- `Source`\n- `Build`\n- `Test`\n- `Deploy`\n- `Invoke`\n- `Approval`\n- `Compute`", - "title": "Category", + }, + "OriginRequestPolicyId": { + "markdownDescription": "The unique identifier of the origin request policy that is attached to this cache behavior. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) or [Using the managed origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginRequestPolicyId", "type": "string" }, - "Owner": { - "markdownDescription": "The creator of the action being called. There are three valid values for the `Owner` field in the action category section within your pipeline structure: `AWS` , `ThirdParty` , and `Custom` . For more information, see [Valid Action Types and Providers in CodePipeline](https://docs.aws.amazon.com/codepipeline/latest/userguide/reference-pipeline-structure.html#actions-valid-providers) .", - "title": "Owner", + "PathPattern": { + "markdownDescription": "The pattern (for example, `images/*.jpg` ) that specifies which requests to apply the behavior to. When CloudFront receives a viewer request, the requested path is compared with path patterns in the order in which cache behaviors are listed in the distribution.\n\n> You can optionally include a slash ( `/` ) at the beginning of the path pattern. For example, `/images/*.jpg` . CloudFront behavior is the same with or without the leading `/` . \n\nThe path pattern for the default cache behavior is `*` and cannot be changed. If the request for an object does not match the path pattern for any cache behaviors, CloudFront applies the behavior in the default cache behavior.\n\nFor more information, see [Path Pattern](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesPathPattern) in the *Amazon CloudFront Developer Guide* .", + "title": "PathPattern", "type": "string" }, - "Provider": { - "markdownDescription": "The provider of the service being called by the action. Valid providers are determined by the action category. For example, an action in the Deploy category type might have a provider of CodeDeploy, which would be specified as `CodeDeploy` . For more information, see [Valid Action Types and Providers in CodePipeline](https://docs.aws.amazon.com/codepipeline/latest/userguide/reference-pipeline-structure.html#actions-valid-providers) .", - "title": "Provider", + "RealtimeLogConfigArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the real-time log configuration that is attached to this cache behavior. For more information, see [Real-time logs](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html) in the *Amazon CloudFront Developer Guide* .", + "title": "RealtimeLogConfigArn", "type": "string" }, - "Version": { - "markdownDescription": "A string that describes the action version.", - "title": "Version", + "ResponseHeadersPolicyId": { + "markdownDescription": "The identifier for a response headers policy.", + "title": "ResponseHeadersPolicyId", "type": "string" - } - }, - "required": [ - "Category", - "Owner", - "Provider", - "Version" - ], - "type": "object" - }, - "AWS::CodePipeline::Pipeline.ArtifactStore": { - "additionalProperties": false, - "properties": { - "EncryptionKey": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.EncryptionKey", - "markdownDescription": "The encryption key used to encrypt the data in the artifact store, such as an AWS Key Management Service ( AWS KMS) key. If this is undefined, the default key for Amazon S3 is used. To see an example artifact store encryption key field, see the example structure here: [AWS::CodePipeline::Pipeline](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codepipeline-pipeline.html) .", - "title": "EncryptionKey" }, - "Location": { - "markdownDescription": "The S3 bucket used for storing the artifacts for a pipeline. You can specify the name of an S3 bucket but not a folder in the bucket. A folder to contain the pipeline artifacts is created for you based on the name of the pipeline. You can use any S3 bucket in the same AWS Region as the pipeline to store your pipeline artifacts.", - "title": "Location", + "SmoothStreaming": { + "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nIndicates whether you want to distribute media files in the Microsoft Smooth Streaming format using the origin that is associated with this cache behavior. If so, specify `true` ; if not, specify `false` . If you specify `true` for `SmoothStreaming` , you can still distribute other content using this cache behavior if the content matches the value of `PathPattern` .", + "title": "SmoothStreaming", + "type": "boolean" + }, + "TargetOriginId": { + "markdownDescription": "The value of `ID` for the origin that you want CloudFront to route requests to when they match this cache behavior.", + "title": "TargetOriginId", "type": "string" }, - "Type": { - "markdownDescription": "The type of the artifact store, such as S3.", - "title": "Type", + "TrustedKeyGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of key groups that CloudFront can use to validate signed URLs or signed cookies.\n\nWhen a cache behavior contains trusted key groups, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with a private key whose corresponding public key is in the key group. The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", + "title": "TrustedKeyGroups", + "type": "array" + }, + "TrustedSigners": { + "items": { + "type": "string" + }, + "markdownDescription": "> We recommend using `TrustedKeyGroups` instead of `TrustedSigners` . > This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nA list of AWS account IDs whose public keys CloudFront can use to validate signed URLs or signed cookies.\n\nWhen a cache behavior contains trusted signers, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with the private key of a CloudFront key pair in the trusted signer's AWS account . The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", + "title": "TrustedSigners", + "type": "array" + }, + "ViewerProtocolPolicy": { + "markdownDescription": "The protocol that viewers can use to access the files in the origin specified by `TargetOriginId` when a request matches the path pattern in `PathPattern` . You can specify the following options:\n\n- `allow-all` : Viewers can use HTTP or HTTPS.\n- `redirect-to-https` : If a viewer submits an HTTP request, CloudFront returns an HTTP status code of 301 (Moved Permanently) to the viewer along with the HTTPS URL. The viewer then resubmits the request using the new URL.\n- `https-only` : If a viewer sends an HTTP request, CloudFront returns an HTTP status code of 403 (Forbidden).\n\nFor more information about requiring the HTTPS protocol, see [Requiring HTTPS Between Viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-https-viewers-to-cloudfront.html) in the *Amazon CloudFront Developer Guide* .\n\n> The only way to guarantee that viewers retrieve an object that was fetched from the origin using HTTPS is never to use any other protocol to fetch the object. If you have recently changed from HTTP to HTTPS, we recommend that you clear your objects' cache because cached objects are protocol agnostic. That means that an edge location will return an object from the cache regardless of whether the current request protocol matches the protocol used previously. For more information, see [Managing Cache Expiration](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", + "title": "ViewerProtocolPolicy", "type": "string" } }, "required": [ - "Location", - "Type" + "PathPattern", + "TargetOriginId", + "ViewerProtocolPolicy" ], "type": "object" }, - "AWS::CodePipeline::Pipeline.ArtifactStoreMap": { + "AWS::CloudFront::Distribution.Cookies": { "additionalProperties": false, "properties": { - "ArtifactStore": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.ArtifactStore", - "markdownDescription": "Represents information about the S3 bucket where artifacts are stored for the pipeline.\n\n> You must include either `artifactStore` or `artifactStores` in your pipeline, but you cannot use both. If you create a cross-region action in your pipeline, you must use `artifactStores` .", - "title": "ArtifactStore" - }, - "Region": { - "markdownDescription": "The action declaration's AWS Region, such as us-east-1.", - "title": "Region", + "Forward": { + "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include cookies in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send cookies to the origin but not include them in the cache key, use origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nSpecifies which cookies to forward to the origin for this cache behavior: all, none, or the list of cookies specified in the `WhitelistedNames` complex type.\n\nAmazon S3 doesn't process cookies. When the cache behavior is forwarding requests to an Amazon S3 origin, specify none for the `Forward` element.", + "title": "Forward", "type": "string" + }, + "WhitelistedNames": { + "items": { + "type": "string" + }, + "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include cookies in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send cookies to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nRequired if you specify `whitelist` for the value of `Forward` . A complex type that specifies how many different cookies you want CloudFront to forward to the origin for this cache behavior and, if you want to forward selected cookies, the names of those cookies.\n\nIf you specify `all` or `none` for the value of `Forward` , omit `WhitelistedNames` . If you change the value of `Forward` from `whitelist` to `all` or `none` and you don't delete the `WhitelistedNames` element and its child elements, CloudFront deletes them automatically.\n\nFor the current limit on the number of cookie names that you can whitelist for each cache behavior, see [CloudFront Limits](https://docs.aws.amazon.com/general/latest/gr/xrefaws_service_limits.html#limits_cloudfront) in the *AWS General Reference* .", + "title": "WhitelistedNames", + "type": "array" } }, "required": [ - "ArtifactStore", - "Region" + "Forward" ], "type": "object" }, - "AWS::CodePipeline::Pipeline.BlockerDeclaration": { + "AWS::CloudFront::Distribution.CustomErrorResponse": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "Reserved for future use.", - "title": "Name", - "type": "string" + "ErrorCachingMinTTL": { + "markdownDescription": "The minimum amount of time, in seconds, that you want CloudFront to cache the HTTP status code specified in `ErrorCode` . When this time period has elapsed, CloudFront queries your origin to see whether the problem that caused the error has been resolved and the requested object is now available.\n\nFor more information, see [Customizing Error Responses](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/custom-error-pages.html) in the *Amazon CloudFront Developer Guide* .", + "title": "ErrorCachingMinTTL", + "type": "number" }, - "Type": { - "markdownDescription": "Reserved for future use.", - "title": "Type", + "ErrorCode": { + "markdownDescription": "The HTTP status code for which you want to specify a custom error page and/or a caching duration.", + "title": "ErrorCode", + "type": "number" + }, + "ResponseCode": { + "markdownDescription": "The HTTP status code that you want CloudFront to return to the viewer along with the custom error page. There are a variety of reasons that you might want CloudFront to return a status code different from the status code that your origin returned to CloudFront, for example:\n\n- Some Internet devices (some firewalls and corporate proxies, for example) intercept HTTP 4xx and 5xx and prevent the response from being returned to the viewer. If you substitute `200` , the response typically won't be intercepted.\n- If you don't care about distinguishing among different client errors or server errors, you can specify `400` or `500` as the `ResponseCode` for all 4xx or 5xx errors.\n- You might want to return a `200` status code (OK) and static website so your customers don't know that your website is down.\n\nIf you specify a value for `ResponseCode` , you must also specify a value for `ResponsePagePath` .", + "title": "ResponseCode", + "type": "number" + }, + "ResponsePagePath": { + "markdownDescription": "The path to the custom error page that you want CloudFront to return to a viewer when your origin returns the HTTP status code specified by `ErrorCode` , for example, `/4xx-errors/403-forbidden.html` . If you want to store your objects and your custom error pages in different locations, your distribution must include a cache behavior for which the following is true:\n\n- The value of `PathPattern` matches the path to your custom error messages. For example, suppose you saved custom error pages for 4xx errors in an Amazon S3 bucket in a directory named `/4xx-errors` . Your distribution must include a cache behavior for which the path pattern routes requests for your custom error pages to that location, for example, `/4xx-errors/*` .\n- The value of `TargetOriginId` specifies the value of the `ID` element for the origin that contains your custom error pages.\n\nIf you specify a value for `ResponsePagePath` , you must also specify a value for `ResponseCode` .\n\nWe recommend that you store custom error pages in an Amazon S3 bucket. If you store custom error pages on an HTTP server and the server starts to return 5xx errors, CloudFront can't get the files that you want to return to viewers because the origin server is unavailable.", + "title": "ResponsePagePath", "type": "string" } }, "required": [ - "Name", - "Type" + "ErrorCode" ], "type": "object" }, - "AWS::CodePipeline::Pipeline.EncryptionKey": { + "AWS::CloudFront::Distribution.CustomOriginConfig": { "additionalProperties": false, "properties": { - "Id": { - "markdownDescription": "The ID used to identify the key. For an AWS KMS key, you can use the key ID, the key ARN, or the alias ARN.\n\n> Aliases are recognized only in the account that created the AWS KMS key. For cross-account actions, you can only use the key ID or key ARN to identify the key. Cross-account actions involve using the role from the other account (AccountB), so specifying the key ID will use the key from the other account (AccountB).", - "title": "Id", - "type": "string" + "HTTPPort": { + "markdownDescription": "The HTTP port that CloudFront uses to connect to the origin. Specify the HTTP port that the origin listens on.", + "title": "HTTPPort", + "type": "number" }, - "Type": { - "markdownDescription": "The type of encryption key, such as an AWS KMS key. When creating or updating a pipeline, the value must be set to 'KMS'.", - "title": "Type", + "HTTPSPort": { + "markdownDescription": "The HTTPS port that CloudFront uses to connect to the origin. Specify the HTTPS port that the origin listens on.", + "title": "HTTPSPort", + "type": "number" + }, + "OriginKeepaliveTimeout": { + "markdownDescription": "Specifies how long, in seconds, CloudFront persists its connection to the origin. The minimum timeout is 1 second, the maximum is 120 seconds, and the default (if you don't specify otherwise) is 5 seconds.\n\nFor more information, see [Keep-alive timeout (custom origins only)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DownloadDistValuesOrigin.html#DownloadDistValuesOriginKeepaliveTimeout) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginKeepaliveTimeout", + "type": "number" + }, + "OriginProtocolPolicy": { + "markdownDescription": "Specifies the protocol (HTTP or HTTPS) that CloudFront uses to connect to the origin. Valid values are:\n\n- `http-only` \u2013 CloudFront always uses HTTP to connect to the origin.\n- `match-viewer` \u2013 CloudFront connects to the origin using the same protocol that the viewer used to connect to CloudFront.\n- `https-only` \u2013 CloudFront always uses HTTPS to connect to the origin.", + "title": "OriginProtocolPolicy", "type": "string" + }, + "OriginReadTimeout": { + "markdownDescription": "Specifies how long, in seconds, CloudFront waits for a response from the origin. This is also known as the *origin response timeout* . The minimum timeout is 1 second, the maximum is 120 seconds, and the default (if you don't specify otherwise) is 30 seconds.\n\nFor more information, see [Response timeout (custom origins only)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DownloadDistValuesOrigin.html#DownloadDistValuesOriginResponseTimeout) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginReadTimeout", + "type": "number" + }, + "OriginSSLProtocols": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the minimum SSL/TLS protocol that CloudFront uses when connecting to your origin over HTTPS. Valid values include `SSLv3` , `TLSv1` , `TLSv1.1` , and `TLSv1.2` .\n\nFor more information, see [Minimum Origin SSL Protocol](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DownloadDistValuesOrigin.html#DownloadDistValuesOriginSSLProtocols) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginSSLProtocols", + "type": "array" } }, "required": [ - "Id", - "Type" + "OriginProtocolPolicy" ], "type": "object" }, - "AWS::CodePipeline::Pipeline.GitBranchFilterCriteria": { + "AWS::CloudFront::Distribution.DefaultCacheBehavior": { "additionalProperties": false, "properties": { - "Excludes": { + "AllowedMethods": { "items": { "type": "string" }, - "markdownDescription": "The list of patterns of Git branches that, when a commit is pushed, are to be excluded from starting the pipeline.", - "title": "Excludes", + "markdownDescription": "A complex type that controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin. There are three choices:\n\n- CloudFront forwards only `GET` and `HEAD` requests.\n- CloudFront forwards only `GET` , `HEAD` , and `OPTIONS` requests.\n- CloudFront forwards `GET, HEAD, OPTIONS, PUT, PATCH, POST` , and `DELETE` requests.\n\nIf you pick the third choice, you may need to restrict access to your Amazon S3 bucket or to your custom origin so users can't perform operations that you don't want them to. For example, you might not want users to have permissions to delete objects from your origin.", + "title": "AllowedMethods", "type": "array" }, - "Includes": { + "CachePolicyId": { + "markdownDescription": "The unique identifier of the cache policy that is attached to the default cache behavior. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nA `DefaultCacheBehavior` must include either a `CachePolicyId` or `ForwardedValues` . We recommend that you use a `CachePolicyId` .", + "title": "CachePolicyId", + "type": "string" + }, + "CachedMethods": { "items": { "type": "string" }, - "markdownDescription": "The list of patterns of Git branches that, when a commit is pushed, are to be included as criteria that starts the pipeline.", - "title": "Includes", + "markdownDescription": "A complex type that controls whether CloudFront caches the response to requests using the specified HTTP methods. There are two choices:\n\n- CloudFront caches responses to `GET` and `HEAD` requests.\n- CloudFront caches responses to `GET` , `HEAD` , and `OPTIONS` requests.\n\nIf you pick the second choice for your Amazon S3 Origin, you may need to forward Access-Control-Request-Method, Access-Control-Request-Headers, and Origin headers for the responses to be cached correctly.", + "title": "CachedMethods", "type": "array" - } - }, - "type": "object" - }, - "AWS::CodePipeline::Pipeline.GitConfiguration": { - "additionalProperties": false, - "properties": { - "PullRequest": { + }, + "Compress": { + "markdownDescription": "Whether you want CloudFront to automatically compress certain files for this cache behavior. If so, specify `true` ; if not, specify `false` . For more information, see [Serving Compressed Files](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/ServingCompressedFiles.html) in the *Amazon CloudFront Developer Guide* .", + "title": "Compress", + "type": "boolean" + }, + "DefaultTTL": { + "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThis field is deprecated. We recommend that you use the `DefaultTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe default amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin does not add HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", + "title": "DefaultTTL", + "type": "number" + }, + "FieldLevelEncryptionId": { + "markdownDescription": "The value of `ID` for the field-level encryption configuration that you want CloudFront to use for encrypting specific fields of data for the default cache behavior.", + "title": "FieldLevelEncryptionId", + "type": "string" + }, + "ForwardedValues": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.ForwardedValues", + "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field. For more information, see [Working with policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/working-with-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to include values in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send values to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) or [Using the managed origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nA `DefaultCacheBehavior` must include either a `CachePolicyId` or `ForwardedValues` . We recommend that you use a `CachePolicyId` .\n\nA complex type that specifies how CloudFront handles query strings, cookies, and HTTP headers.", + "title": "ForwardedValues" + }, + "FunctionAssociations": { "items": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitPullRequestFilter" + "$ref": "#/definitions/AWS::CloudFront::Distribution.FunctionAssociation" }, - "markdownDescription": "The field where the repository event that will start the pipeline is specified as pull requests.", - "title": "PullRequest", + "markdownDescription": "A list of CloudFront functions that are associated with this cache behavior. Your functions must be published to the `LIVE` stage to associate them with a cache behavior.", + "title": "FunctionAssociations", "type": "array" }, - "Push": { + "GrpcConfig": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.GrpcConfig", + "markdownDescription": "The gRPC configuration for your cache behavior.", + "title": "GrpcConfig" + }, + "LambdaFunctionAssociations": { "items": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitPushFilter" + "$ref": "#/definitions/AWS::CloudFront::Distribution.LambdaFunctionAssociation" }, - "markdownDescription": "The field where the repository event that will start the pipeline, such as pushing Git tags, is specified with details.", - "title": "Push", + "markdownDescription": "A complex type that contains zero or more Lambda@Edge function associations for a cache behavior.", + "title": "LambdaFunctionAssociations", "type": "array" }, - "SourceActionName": { - "markdownDescription": "The name of the pipeline source action where the trigger configuration, such as Git tags, is specified. The trigger configuration will start the pipeline upon the specified change only.\n\n> You can only specify one trigger configuration per source action.", - "title": "SourceActionName", + "MaxTTL": { + "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThis field is deprecated. We recommend that you use the `MaxTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe maximum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin adds HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", + "title": "MaxTTL", + "type": "number" + }, + "MinTTL": { + "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThis field is deprecated. We recommend that you use the `MinTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe minimum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .\n\nYou must specify `0` for `MinTTL` if you configure CloudFront to forward all headers to your origin (under `Headers` , if you specify `1` for `Quantity` and `*` for `Name` ).", + "title": "MinTTL", + "type": "number" + }, + "OriginRequestPolicyId": { + "markdownDescription": "The unique identifier of the origin request policy that is attached to the default cache behavior. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) or [Using the managed origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginRequestPolicyId", + "type": "string" + }, + "RealtimeLogConfigArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the real-time log configuration that is attached to this cache behavior. For more information, see [Real-time logs](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html) in the *Amazon CloudFront Developer Guide* .", + "title": "RealtimeLogConfigArn", + "type": "string" + }, + "ResponseHeadersPolicyId": { + "markdownDescription": "The identifier for a response headers policy.", + "title": "ResponseHeadersPolicyId", + "type": "string" + }, + "SmoothStreaming": { + "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nIndicates whether you want to distribute media files in the Microsoft Smooth Streaming format using the origin that is associated with this cache behavior. If so, specify `true` ; if not, specify `false` . If you specify `true` for `SmoothStreaming` , you can still distribute other content using this cache behavior if the content matches the value of `PathPattern` .", + "title": "SmoothStreaming", + "type": "boolean" + }, + "TargetOriginId": { + "markdownDescription": "The value of `ID` for the origin that you want CloudFront to route requests to when they use the default cache behavior.", + "title": "TargetOriginId", + "type": "string" + }, + "TrustedKeyGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of key groups that CloudFront can use to validate signed URLs or signed cookies.\n\nWhen a cache behavior contains trusted key groups, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with a private key whose corresponding public key is in the key group. The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", + "title": "TrustedKeyGroups", + "type": "array" + }, + "TrustedSigners": { + "items": { + "type": "string" + }, + "markdownDescription": "> We recommend using `TrustedKeyGroups` instead of `TrustedSigners` . > This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nA list of AWS account IDs whose public keys CloudFront can use to validate signed URLs or signed cookies.\n\nWhen a cache behavior contains trusted signers, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with the private key of a CloudFront key pair in a trusted signer's AWS account . The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", + "title": "TrustedSigners", + "type": "array" + }, + "ViewerProtocolPolicy": { + "markdownDescription": "The protocol that viewers can use to access the files in the origin specified by `TargetOriginId` when a request matches the path pattern in `PathPattern` . You can specify the following options:\n\n- `allow-all` : Viewers can use HTTP or HTTPS.\n- `redirect-to-https` : If a viewer submits an HTTP request, CloudFront returns an HTTP status code of 301 (Moved Permanently) to the viewer along with the HTTPS URL. The viewer then resubmits the request using the new URL.\n- `https-only` : If a viewer sends an HTTP request, CloudFront returns an HTTP status code of 403 (Forbidden).\n\nFor more information about requiring the HTTPS protocol, see [Requiring HTTPS Between Viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-https-viewers-to-cloudfront.html) in the *Amazon CloudFront Developer Guide* .\n\n> The only way to guarantee that viewers retrieve an object that was fetched from the origin using HTTPS is never to use any other protocol to fetch the object. If you have recently changed from HTTP to HTTPS, we recommend that you clear your objects' cache because cached objects are protocol agnostic. That means that an edge location will return an object from the cache regardless of whether the current request protocol matches the protocol used previously. For more information, see [Managing Cache Expiration](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", + "title": "ViewerProtocolPolicy", "type": "string" } }, "required": [ - "SourceActionName" + "TargetOriginId", + "ViewerProtocolPolicy" ], "type": "object" }, - "AWS::CodePipeline::Pipeline.GitFilePathFilterCriteria": { + "AWS::CloudFront::Distribution.Definition": { "additionalProperties": false, "properties": { - "Excludes": { + "StringSchema": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.StringSchema", + "markdownDescription": "", + "title": "StringSchema" + } + }, + "type": "object" + }, + "AWS::CloudFront::Distribution.DistributionConfig": { + "additionalProperties": false, + "properties": { + "Aliases": { "items": { "type": "string" }, - "markdownDescription": "The list of patterns of Git repository file paths that, when a commit is pushed, are to be excluded from starting the pipeline.", - "title": "Excludes", + "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nA complex type that contains information about CNAMEs (alternate domain names), if any, for this distribution.", + "title": "Aliases", "type": "array" }, - "Includes": { + "AnycastIpListId": { + "markdownDescription": "> To use this field for a multi-tenant distribution, use a connection group instead. For more information, see [ConnectionGroup](https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ConnectionGroup.html) . \n\nID of the Anycast static IP list that is associated with the distribution.", + "title": "AnycastIpListId", + "type": "string" + }, + "CNAMEs": { "items": { "type": "string" }, - "markdownDescription": "The list of patterns of Git repository file paths that, when a commit is pushed, are to be included as criteria that starts the pipeline.", - "title": "Includes", + "markdownDescription": "An alias for the CloudFront distribution's domain name.\n\n> This property is legacy. We recommend that you use [Aliases](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-distributionconfig.html#cfn-cloudfront-distribution-distributionconfig-aliases) instead.", + "title": "CNAMEs", + "type": "array" + }, + "CacheBehaviors": { + "items": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.CacheBehavior" + }, + "markdownDescription": "A complex type that contains zero or more `CacheBehavior` elements.", + "title": "CacheBehaviors", + "type": "array" + }, + "Comment": { + "markdownDescription": "A comment to describe the distribution. The comment cannot be longer than 128 characters.", + "title": "Comment", + "type": "string" + }, + "ConnectionMode": { + "markdownDescription": "This field specifies whether the connection mode is through a standard distribution (direct) or a multi-tenant distribution with distribution tenants (tenant-only).", + "title": "ConnectionMode", + "type": "string" + }, + "ContinuousDeploymentPolicyId": { + "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThe identifier of a continuous deployment policy. For more information, see `CreateContinuousDeploymentPolicy` .", + "title": "ContinuousDeploymentPolicyId", + "type": "string" + }, + "CustomErrorResponses": { + "items": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.CustomErrorResponse" + }, + "markdownDescription": "A complex type that controls the following:\n\n- Whether CloudFront replaces HTTP status codes in the 4xx and 5xx range with custom error messages before returning the response to the viewer.\n- How long CloudFront caches HTTP status codes in the 4xx and 5xx range.\n\nFor more information about custom error pages, see [Customizing Error Responses](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/custom-error-pages.html) in the *Amazon CloudFront Developer Guide* .", + "title": "CustomErrorResponses", + "type": "array" + }, + "CustomOrigin": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.LegacyCustomOrigin", + "markdownDescription": "The user-defined HTTP server that serves as the origin for content that CloudFront distributes.\n\n> This property is legacy. We recommend that you use [Origin](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-origin.html) instead.", + "title": "CustomOrigin" + }, + "DefaultCacheBehavior": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.DefaultCacheBehavior", + "markdownDescription": "A complex type that describes the default cache behavior if you don't specify a `CacheBehavior` element or if files don't match any of the values of `PathPattern` in `CacheBehavior` elements. You must create exactly one default cache behavior.", + "title": "DefaultCacheBehavior" + }, + "DefaultRootObject": { + "markdownDescription": "When a viewer requests the root URL for your distribution, the default root object is the object that you want CloudFront to request from your origin. For example, if your root URL is `https://www.example.com` , you can specify CloudFront to return the `index.html` file as the default root object. You can specify a default root object so that viewers see a specific file or object, instead of another object in your distribution (for example, `https://www.example.com/product-description.html` ). A default root object avoids exposing the contents of your distribution.\n\nYou can specify the object name or a path to the object name (for example, `index.html` or `exampleFolderName/index.html` ). Your string can't begin with a forward slash ( `/` ). Only specify the object name or the path to the object.\n\nIf you don't want to specify a default root object when you create a distribution, include an empty `DefaultRootObject` element.\n\nTo delete the default root object from an existing distribution, update the distribution configuration and include an empty `DefaultRootObject` element.\n\nTo replace the default root object, update the distribution configuration and specify the new object.\n\nFor more information about the default root object, see [Specify a default root object](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DefaultRootObject.html) in the *Amazon CloudFront Developer Guide* .", + "title": "DefaultRootObject", + "type": "string" + }, + "Enabled": { + "markdownDescription": "From this field, you can enable or disable the selected distribution.", + "title": "Enabled", + "type": "boolean" + }, + "HttpVersion": { + "markdownDescription": "(Optional) Specify the HTTP version(s) that you want viewers to use to communicate with CloudFront . The default value for new distributions is `http1.1` .\n\nFor viewers and CloudFront to use HTTP/2, viewers must support TLSv1.2 or later, and must support Server Name Indication (SNI).\n\nFor viewers and CloudFront to use HTTP/3, viewers must support TLSv1.3 and Server Name Indication (SNI). CloudFront supports HTTP/3 connection migration to allow the viewer to switch networks without losing connection. For more information about connection migration, see [Connection Migration](https://docs.aws.amazon.com/https://www.rfc-editor.org/rfc/rfc9000.html#name-connection-migration) at RFC 9000. For more information about supported TLSv1.3 ciphers, see [Supported protocols and ciphers between viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/secure-connections-supported-viewer-protocols-ciphers.html) .", + "title": "HttpVersion", + "type": "string" + }, + "IPV6Enabled": { + "markdownDescription": "> To use this field for a multi-tenant distribution, use a connection group instead. For more information, see [ConnectionGroup](https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ConnectionGroup.html) . \n\nIf you want CloudFront to respond to IPv6 DNS requests with an IPv6 address for your distribution, specify `true` . If you specify `false` , CloudFront responds to IPv6 DNS requests with the DNS response code `NOERROR` and with no IP addresses. This allows viewers to submit a second request, for an IPv4 address for your distribution.\n\nIn general, you should enable IPv6 if you have users on IPv6 networks who want to access your content. However, if you're using signed URLs or signed cookies to restrict access to your content, and if you're using a custom policy that includes the `IpAddress` parameter to restrict the IP addresses that can access your content, don't enable IPv6. If you want to restrict access to some content by IP address and not restrict access to other content (or restrict access but not by IP address), you can create two distributions. For more information, see [Creating a Signed URL Using a Custom Policy](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-creating-signed-url-custom-policy.html) in the *Amazon CloudFront Developer Guide* .\n\nIf you're using an Amazon Route\u00a053 AWS Integration alias resource record set to route traffic to your CloudFront distribution, you need to create a second alias resource record set when both of the following are true:\n\n- You enable IPv6 for the distribution\n- You're using alternate domain names in the URLs for your objects\n\nFor more information, see [Routing Traffic to an Amazon CloudFront Web Distribution by Using Your Domain Name](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-to-cloudfront-distribution.html) in the *Amazon Route\u00a053 AWS Integration Developer Guide* .\n\nIf you created a CNAME resource record set, either with Amazon Route\u00a053 AWS Integration or with another DNS service, you don't need to make any changes. A CNAME record will route traffic to your distribution regardless of the IP address format of the viewer request.", + "title": "IPV6Enabled", + "type": "boolean" + }, + "Logging": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.Logging", + "markdownDescription": "A complex type that controls whether access logs are written for the distribution.\n\nFor more information about logging, see [Access Logs](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/AccessLogs.html) in the *Amazon CloudFront Developer Guide* .", + "title": "Logging" + }, + "OriginGroups": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginGroups", + "markdownDescription": "A complex type that contains information about origin groups for this distribution.\n\nSpecify a value for either the `Origins` or `OriginGroups` property.", + "title": "OriginGroups" + }, + "Origins": { + "items": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.Origin" + }, + "markdownDescription": "A complex type that contains information about origins for this distribution.\n\nSpecify a value for either the `Origins` or `OriginGroups` property.", + "title": "Origins", "type": "array" + }, + "PriceClass": { + "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThe price class that corresponds with the maximum price that you want to pay for CloudFront service. If you specify `PriceClass_All` , CloudFront responds to requests for your objects from all CloudFront edge locations.\n\nIf you specify a price class other than `PriceClass_All` , CloudFront serves your objects from the CloudFront edge location that has the lowest latency among the edge locations in your price class. Viewers who are in or near regions that are excluded from your specified price class may encounter slower performance.\n\nFor more information about price classes, see [Choosing the Price Class for a CloudFront Distribution](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PriceClass.html) in the *Amazon CloudFront Developer Guide* . For information about CloudFront pricing, including how price classes (such as Price Class 100) map to CloudFront regions, see [Amazon CloudFront Pricing](https://docs.aws.amazon.com/cloudfront/pricing/) .", + "title": "PriceClass", + "type": "string" + }, + "Restrictions": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.Restrictions", + "markdownDescription": "A complex type that identifies ways in which you want to restrict distribution of your content.", + "title": "Restrictions" + }, + "S3Origin": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.LegacyS3Origin", + "markdownDescription": "The origin as an Amazon S3 bucket.\n\n> This property is legacy. We recommend that you use [Origin](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-origin.html) instead.", + "title": "S3Origin" + }, + "Staging": { + "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nA Boolean that indicates whether this is a staging distribution. When this value is `true` , this is a staging distribution. When this value is `false` , this is not a staging distribution.", + "title": "Staging", + "type": "boolean" + }, + "TenantConfig": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.TenantConfig", + "markdownDescription": "> This field only supports multi-tenant distributions. You can't specify this field for standard distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nA distribution tenant configuration.", + "title": "TenantConfig" + }, + "ViewerCertificate": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.ViewerCertificate", + "markdownDescription": "A complex type that determines the distribution's SSL/TLS configuration for communicating with viewers.", + "title": "ViewerCertificate" + }, + "WebACLId": { + "markdownDescription": "> Multi-tenant distributions only support AWS WAF V2 web ACLs. \n\nA unique identifier that specifies the AWS WAF web ACL, if any, to associate with this distribution. To specify a web ACL created using the latest version of AWS WAF , use the ACL ARN, for example `arn:aws:wafv2:us-east-1:123456789012:global/webacl/ExampleWebACL/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111` . To specify a web ACL created using AWS WAF Classic, use the ACL ID, for example `a1b2c3d4-5678-90ab-cdef-EXAMPLE11111` .\n\nAWS WAF is a web application firewall that lets you monitor the HTTP and HTTPS requests that are forwarded to CloudFront, and lets you control access to your content. Based on conditions that you specify, such as the IP addresses that requests originate from or the values of query strings, CloudFront responds to requests either with the requested content or with an HTTP 403 status code (Forbidden). You can also configure CloudFront to return a custom error page when a request is blocked. For more information about AWS WAF , see the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/what-is-aws-waf.html) .", + "title": "WebACLId", + "type": "string" } }, + "required": [ + "DefaultCacheBehavior", + "Enabled" + ], "type": "object" }, - "AWS::CodePipeline::Pipeline.GitPullRequestFilter": { + "AWS::CloudFront::Distribution.ForwardedValues": { "additionalProperties": false, "properties": { - "Branches": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitBranchFilterCriteria", - "markdownDescription": "The field that specifies to filter on branches for the pull request trigger configuration.", - "title": "Branches" + "Cookies": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.Cookies", + "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include cookies in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send cookies to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nA complex type that specifies whether you want CloudFront to forward cookies to the origin and, if so, which ones. For more information about forwarding cookies to the origin, see [How CloudFront Forwards, Caches, and Logs Cookies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Cookies.html) in the *Amazon CloudFront Developer Guide* .", + "title": "Cookies" }, - "Events": { + "Headers": { "items": { "type": "string" }, - "markdownDescription": "The field that specifies which pull request events to filter on (OPEN, UPDATED, CLOSED) for the trigger configuration.", - "title": "Events", + "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include headers in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send headers to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nA complex type that specifies the `Headers` , if any, that you want CloudFront to forward to the origin for this cache behavior (whitelisted headers). For the headers that you specify, CloudFront also caches separate versions of a specified object that is based on the header values in viewer requests.\n\nFor more information, see [Caching Content Based on Request Headers](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/header-caching.html) in the *Amazon CloudFront Developer Guide* .", + "title": "Headers", "type": "array" }, - "FilePaths": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitFilePathFilterCriteria", - "markdownDescription": "The field that specifies to filter on file paths for the pull request trigger configuration.", - "title": "FilePaths" + "QueryString": { + "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include query strings in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send query strings to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nIndicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior and cache based on the query string parameters. CloudFront behavior depends on the value of `QueryString` and on the values that you specify for `QueryStringCacheKeys` , if any:\n\nIf you specify true for `QueryString` and you don't specify any values for `QueryStringCacheKeys` , CloudFront forwards all query string parameters to the origin and caches based on all query string parameters. Depending on how many query string parameters and values you have, this can adversely affect performance because CloudFront must forward more requests to the origin.\n\nIf you specify true for `QueryString` and you specify one or more values for `QueryStringCacheKeys` , CloudFront forwards all query string parameters to the origin, but it only caches based on the query string parameters that you specify.\n\nIf you specify false for `QueryString` , CloudFront doesn't forward any query string parameters to the origin, and doesn't cache based on query string parameters.\n\nFor more information, see [Configuring CloudFront to Cache Based on Query String Parameters](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/QueryStringParameters.html) in the *Amazon CloudFront Developer Guide* .", + "title": "QueryString", + "type": "boolean" + }, + "QueryStringCacheKeys": { + "items": { + "type": "string" + }, + "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include query strings in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send query strings to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nA complex type that contains information about the query string parameters that you want CloudFront to use for caching for this cache behavior.", + "title": "QueryStringCacheKeys", + "type": "array" } }, + "required": [ + "QueryString" + ], "type": "object" }, - "AWS::CodePipeline::Pipeline.GitPushFilter": { + "AWS::CloudFront::Distribution.FunctionAssociation": { "additionalProperties": false, "properties": { - "Branches": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitBranchFilterCriteria", - "markdownDescription": "The field that specifies to filter on branches for the push trigger configuration.", - "title": "Branches" - }, - "FilePaths": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitFilePathFilterCriteria", - "markdownDescription": "The field that specifies to filter on file paths for the push trigger configuration.", - "title": "FilePaths" + "EventType": { + "markdownDescription": "The event type of the function, either `viewer-request` or `viewer-response` . You cannot use origin-facing event types ( `origin-request` and `origin-response` ) with a CloudFront function.", + "title": "EventType", + "type": "string" }, - "Tags": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitTagFilterCriteria", - "markdownDescription": "The field that contains the details for the Git tags trigger configuration.", - "title": "Tags" + "FunctionARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the function.", + "title": "FunctionARN", + "type": "string" } }, "type": "object" }, - "AWS::CodePipeline::Pipeline.GitTagFilterCriteria": { + "AWS::CloudFront::Distribution.GeoRestriction": { "additionalProperties": false, "properties": { - "Excludes": { + "Locations": { "items": { "type": "string" }, - "markdownDescription": "The list of patterns of Git tags that, when pushed, are to be excluded from starting the pipeline.", - "title": "Excludes", + "markdownDescription": "A complex type that contains a `Location` element for each country in which you want CloudFront either to distribute your content ( `whitelist` ) or not distribute your content ( `blacklist` ).\n\nThe `Location` element is a two-letter, uppercase country code for a country that you want to include in your `blacklist` or `whitelist` . Include one `Location` element for each country.\n\nCloudFront and `MaxMind` both use `ISO 3166` country codes. For the current list of countries and the corresponding codes, see `ISO 3166-1-alpha-2` code on the *International Organization for Standardization* website. You can also refer to the country list on the CloudFront console, which includes both country names and codes.", + "title": "Locations", "type": "array" }, - "Includes": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of patterns of Git tags that, when pushed, are to be included as criteria that starts the pipeline.", - "title": "Includes", - "type": "array" - } - }, - "type": "object" - }, - "AWS::CodePipeline::Pipeline.InputArtifact": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the artifact to be worked on (for example, \"My App\").\n\nArtifacts are the files that are worked on by actions in the pipeline. See the action configuration for each action for details about artifact parameters. For example, the S3 source action input artifact is a file name (or file path), and the files are generally provided as a ZIP file. Example artifact name: SampleApp_Windows.zip\n\nThe input artifact of an action must exactly match the output artifact declared in a preceding action, but the input artifact does not have to be the next action in strict sequence from the action that provided the output artifact. Actions in parallel can declare different output artifacts, which are in turn consumed by different following actions.", - "title": "Name", + "RestrictionType": { + "markdownDescription": "The method that you want to use to restrict distribution of your content by country:\n\n- `none` : No geo restriction is enabled, meaning access to content is not restricted by client geo location.\n- `blacklist` : The `Location` elements specify the countries in which you don't want CloudFront to distribute your content.\n- `whitelist` : The `Location` elements specify the countries in which you want CloudFront to distribute your content.", + "title": "RestrictionType", "type": "string" } }, "required": [ - "Name" + "RestrictionType" ], "type": "object" }, - "AWS::CodePipeline::Pipeline.OutputArtifact": { + "AWS::CloudFront::Distribution.GrpcConfig": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the output of an artifact, such as \"My App\".\n\nThe output artifact name must exactly match the input artifact declared for a downstream action. However, the downstream action's input artifact does not have to be the next action in strict sequence from the action that provided the output artifact. Actions in parallel can declare different output artifacts, which are in turn consumed by different following actions.\n\nOutput artifact names must be unique within a pipeline.", - "title": "Name", - "type": "string" + "Enabled": { + "markdownDescription": "Enables your CloudFront distribution to receive gRPC requests and to proxy them directly to your origins.", + "title": "Enabled", + "type": "boolean" } }, "required": [ - "Name" + "Enabled" ], "type": "object" }, - "AWS::CodePipeline::Pipeline.PipelineTriggerDeclaration": { + "AWS::CloudFront::Distribution.LambdaFunctionAssociation": { "additionalProperties": false, "properties": { - "GitConfiguration": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitConfiguration", - "markdownDescription": "Provides the filter criteria and the source stage for the repository event that starts the pipeline, such as Git tags.", - "title": "GitConfiguration" + "EventType": { + "markdownDescription": "Specifies the event type that triggers a Lambda@Edge function invocation. You can specify the following values:\n\n- `viewer-request` : The function executes when CloudFront receives a request from a viewer and before it checks to see whether the requested object is in the edge cache.\n- `origin-request` : The function executes only when CloudFront sends a request to your origin. When the requested object is in the edge cache, the function doesn't execute.\n- `origin-response` : The function executes after CloudFront receives a response from the origin and before it caches the object in the response. When the requested object is in the edge cache, the function doesn't execute.\n- `viewer-response` : The function executes before CloudFront returns the requested object to the viewer. The function executes regardless of whether the object was already in the edge cache.\n\nIf the origin returns an HTTP status code other than HTTP 200 (OK), the function doesn't execute.", + "title": "EventType", + "type": "string" }, - "ProviderType": { - "markdownDescription": "The source provider for the event, such as connections configured for a repository with Git tags, for the specified trigger configuration.", - "title": "ProviderType", + "IncludeBody": { + "markdownDescription": "A flag that allows a Lambda@Edge function to have read access to the body content. For more information, see [Accessing the Request Body by Choosing the Include Body Option](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/lambda-include-body-access.html) in the Amazon CloudFront Developer Guide.", + "title": "IncludeBody", + "type": "boolean" + }, + "LambdaFunctionARN": { + "markdownDescription": "The ARN of the Lambda@Edge function. You must specify the ARN of a function version; you can't specify an alias or $LATEST.", + "title": "LambdaFunctionARN", "type": "string" } }, - "required": [ - "ProviderType" - ], "type": "object" }, - "AWS::CodePipeline::Pipeline.StageDeclaration": { + "AWS::CloudFront::Distribution.LegacyCustomOrigin": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.ActionDeclaration" - }, - "markdownDescription": "The actions included in a stage.", - "title": "Actions", - "type": "array" + "DNSName": { + "markdownDescription": "The domain name assigned to your CloudFront distribution.", + "title": "DNSName", + "type": "string" }, - "Blockers": { + "HTTPPort": { + "markdownDescription": "The HTTP port that CloudFront uses to connect to the origin. Specify the HTTP port that the origin listens on.", + "title": "HTTPPort", + "type": "number" + }, + "HTTPSPort": { + "markdownDescription": "The HTTPS port that CloudFront uses to connect to the origin. Specify the HTTPS port that the origin listens on.", + "title": "HTTPSPort", + "type": "number" + }, + "OriginProtocolPolicy": { + "markdownDescription": "Specifies the protocol (HTTP or HTTPS) that CloudFront uses to connect to the origin.", + "title": "OriginProtocolPolicy", + "type": "string" + }, + "OriginSSLProtocols": { "items": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.BlockerDeclaration" + "type": "string" }, - "markdownDescription": "Reserved for future use.", - "title": "Blockers", + "markdownDescription": "The minimum SSL/TLS protocol version that CloudFront uses when communicating with your origin server over HTTPs.\n\nFor more information, see [Minimum Origin SSL Protocol](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginSSLProtocols) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginSSLProtocols", "type": "array" - }, - "Name": { - "markdownDescription": "The name of the stage.", - "title": "Name", - "type": "string" } }, "required": [ - "Actions", - "Name" + "DNSName", + "OriginProtocolPolicy", + "OriginSSLProtocols" ], "type": "object" }, - "AWS::CodePipeline::Pipeline.StageTransition": { + "AWS::CloudFront::Distribution.LegacyS3Origin": { "additionalProperties": false, "properties": { - "Reason": { - "markdownDescription": "The reason given to the user that a stage is disabled, such as waiting for manual approval or manual tests. This message is displayed in the pipeline console UI.", - "title": "Reason", + "DNSName": { + "markdownDescription": "The domain name assigned to your CloudFront distribution.", + "title": "DNSName", "type": "string" }, - "StageName": { - "markdownDescription": "The name of the stage where you want to disable the inbound or outbound transition of artifacts.", - "title": "StageName", + "OriginAccessIdentity": { + "markdownDescription": "The CloudFront origin access identity to associate with the distribution. Use an origin access identity to configure the distribution so that end users can only access objects in an Amazon S3 through CloudFront .\n\n> This property is legacy. We recommend that you use [OriginAccessControl](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-originaccesscontrol.html) instead.", + "title": "OriginAccessIdentity", "type": "string" } }, "required": [ - "Reason", - "StageName" + "DNSName" ], "type": "object" }, - "AWS::CodePipeline::Pipeline.VariableDeclaration": { + "AWS::CloudFront::Distribution.Logging": { "additionalProperties": false, "properties": { - "DefaultValue": { - "markdownDescription": "The value of a pipeline-level variable.", - "title": "DefaultValue", + "Bucket": { + "markdownDescription": "The Amazon S3 bucket to store the access logs in, for example, `amzn-s3-demo-bucket.s3.amazonaws.com` .", + "title": "Bucket", "type": "string" }, - "Description": { - "markdownDescription": "The description of a pipeline-level variable. It's used to add additional context about the variable, and not being used at time when pipeline executes.", - "title": "Description", - "type": "string" + "IncludeCookies": { + "markdownDescription": "Specifies whether you want CloudFront to include cookies in access logs, specify `true` for `IncludeCookies` . If you choose to include cookies in logs, CloudFront logs all cookies regardless of how you configure the cache behaviors for this distribution. If you don't want to include cookies when you create a distribution or if you want to disable include cookies for an existing distribution, specify `false` for `IncludeCookies` .", + "title": "IncludeCookies", + "type": "boolean" }, - "Name": { - "markdownDescription": "The name of a pipeline-level variable.", - "title": "Name", + "Prefix": { + "markdownDescription": "An optional string that you want CloudFront to prefix to the access log `filenames` for this distribution, for example, `myprefix/` . If you want to enable logging, but you don't want to specify a prefix, you still must include an empty `Prefix` element in the `Logging` element.", + "title": "Prefix", "type": "string" } }, - "required": [ - "Name" - ], "type": "object" }, - "AWS::CodePipeline::Webhook": { + "AWS::CloudFront::Distribution.Origin": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "ConnectionAttempts": { + "markdownDescription": "The number of times that CloudFront attempts to connect to the origin. The minimum number is 1, the maximum is 3, and the default (if you don't specify otherwise) is 3.\n\nFor a custom origin (including an Amazon S3 bucket that's configured with static website hosting), this value also specifies the number of times that CloudFront attempts to get a response from the origin, in the case of an [Origin Response Timeout](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginResponseTimeout) .\n\nFor more information, see [Origin Connection Attempts](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#origin-connection-attempts) in the *Amazon CloudFront Developer Guide* .", + "title": "ConnectionAttempts", + "type": "number" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ConnectionTimeout": { + "markdownDescription": "The number of seconds that CloudFront waits when trying to establish a connection to the origin. The minimum timeout is 1 second, the maximum is 10 seconds, and the default (if you don't specify otherwise) is 10 seconds.\n\nFor more information, see [Origin Connection Timeout](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#origin-connection-timeout) in the *Amazon CloudFront Developer Guide* .", + "title": "ConnectionTimeout", + "type": "number" + }, + "CustomOriginConfig": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.CustomOriginConfig", + "markdownDescription": "Use this type to specify an origin that is not an Amazon S3 bucket, with one exception. If the Amazon S3 bucket is configured with static website hosting, use this type. If the Amazon S3 bucket is not configured with static website hosting, use the `S3OriginConfig` type instead.", + "title": "CustomOriginConfig" + }, + "DomainName": { + "markdownDescription": "The domain name for the origin.\n\nFor more information, see [Origin Domain Name](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesDomainName) in the *Amazon CloudFront Developer Guide* .", + "title": "DomainName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Id": { + "markdownDescription": "A unique identifier for the origin. This value must be unique within the distribution.\n\nUse this value to specify the `TargetOriginId` in a `CacheBehavior` or `DefaultCacheBehavior` .", + "title": "Id", + "type": "string" }, - "Metadata": { - "type": "object" + "OriginAccessControlId": { + "markdownDescription": "The unique identifier of an origin access control for this origin.\n\nFor more information, see [Restricting access to an Amazon S3 origin](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginAccessControlId", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Authentication": { - "markdownDescription": "Supported options are GITHUB_HMAC, IP, and UNAUTHENTICATED.\n\n> When creating CodePipeline webhooks, do not use your own credentials or reuse the same secret token across multiple webhooks. For optimal security, generate a unique secret token for each webhook you create. The secret token is an arbitrary string that you provide, which GitHub uses to compute and sign the webhook payloads sent to CodePipeline, for protecting the integrity and authenticity of the webhook payloads. Using your own credentials or reusing the same token across multiple webhooks can lead to security vulnerabilities. > If a secret token was provided, it will be redacted in the response. \n\n- For information about the authentication scheme implemented by GITHUB_HMAC, see [Securing your webhooks](https://docs.aws.amazon.com/https://developer.github.com/webhooks/securing/) on the GitHub Developer website.\n- IP rejects webhooks trigger requests unless they originate from an IP address in the IP range whitelisted in the authentication configuration.\n- UNAUTHENTICATED accepts all webhook trigger requests regardless of origin.", - "title": "Authentication", - "type": "string" - }, - "AuthenticationConfiguration": { - "$ref": "#/definitions/AWS::CodePipeline::Webhook.WebhookAuthConfiguration", - "markdownDescription": "Properties that configure the authentication applied to incoming webhook trigger requests. The required properties depend on the authentication type. For GITHUB_HMAC, only the `SecretToken` property must be set. For IP, only the `AllowedIPRange` property must be set to a valid CIDR range. For UNAUTHENTICATED, no properties can be set.", - "title": "AuthenticationConfiguration" - }, - "Filters": { - "items": { - "$ref": "#/definitions/AWS::CodePipeline::Webhook.WebhookFilterRule" - }, - "markdownDescription": "A list of rules applied to the body/payload sent in the POST request to a webhook URL. All defined rules must pass for the request to be accepted and the pipeline started.", - "title": "Filters", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the webhook.", - "title": "Name", - "type": "string" - }, - "RegisterWithThirdParty": { - "markdownDescription": "Configures a connection between the webhook that was created and the external tool with events to be detected.", - "title": "RegisterWithThirdParty", - "type": "boolean" - }, - "TargetAction": { - "markdownDescription": "The name of the action in a pipeline you want to connect to the webhook. The action must be from the source (first) stage of the pipeline.", - "title": "TargetAction", - "type": "string" - }, - "TargetPipeline": { - "markdownDescription": "The name of the pipeline you want to connect to the webhook.", - "title": "TargetPipeline", - "type": "string" - }, - "TargetPipelineVersion": { - "markdownDescription": "The version number of the pipeline to be connected to the trigger request.\n\nRequired: Yes\n\nType: Integer\n\nUpdate requires: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt)", - "title": "TargetPipelineVersion", - "type": "number" - } + "OriginCustomHeaders": { + "items": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginCustomHeader" }, - "required": [ - "Authentication", - "AuthenticationConfiguration", - "Filters", - "TargetAction", - "TargetPipeline", - "TargetPipelineVersion" - ], - "type": "object" + "markdownDescription": "A list of HTTP header names and values that CloudFront adds to the requests that it sends to the origin.\n\nFor more information, see [Adding Custom Headers to Origin Requests](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/add-origin-custom-headers.html) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginCustomHeaders", + "type": "array" }, - "Type": { - "enum": [ - "AWS::CodePipeline::Webhook" - ], + "OriginPath": { + "markdownDescription": "An optional path that CloudFront appends to the origin domain name when CloudFront requests content from the origin.\n\nFor more information, see [Origin Path](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginPath) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginPath", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "OriginShield": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginShield", + "markdownDescription": "CloudFront Origin Shield. Using Origin Shield can help reduce the load on your origin.\n\nFor more information, see [Using Origin Shield](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/origin-shield.html) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginShield" + }, + "ResponseCompletionTimeout": { + "markdownDescription": "", + "title": "ResponseCompletionTimeout", + "type": "number" + }, + "S3OriginConfig": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.S3OriginConfig", + "markdownDescription": "Use this type to specify an origin that is an Amazon S3 bucket that is not configured with static website hosting. To specify any other type of origin, including an Amazon S3 bucket that is configured with static website hosting, use the `CustomOriginConfig` type instead.", + "title": "S3OriginConfig" + }, + "VpcOriginConfig": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.VpcOriginConfig", + "markdownDescription": "The VPC origin configuration.", + "title": "VpcOriginConfig" } }, "required": [ - "Type", - "Properties" + "DomainName", + "Id" ], "type": "object" }, - "AWS::CodePipeline::Webhook.WebhookAuthConfiguration": { + "AWS::CloudFront::Distribution.OriginCustomHeader": { "additionalProperties": false, "properties": { - "AllowedIPRange": { - "markdownDescription": "The property used to configure acceptance of webhooks in an IP address range. For IP, only the `AllowedIPRange` property must be set. This property must be set to a valid CIDR range.", - "title": "AllowedIPRange", + "HeaderName": { + "markdownDescription": "The name of a header that you want CloudFront to send to your origin. For more information, see [Adding Custom Headers to Origin Requests](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/forward-custom-headers.html) in the *Amazon CloudFront Developer Guide* .", + "title": "HeaderName", "type": "string" }, - "SecretToken": { - "markdownDescription": "The property used to configure GitHub authentication. For GITHUB_HMAC, only the `SecretToken` property must be set.\n\n> When creating CodePipeline webhooks, do not use your own credentials or reuse the same secret token across multiple webhooks. For optimal security, generate a unique secret token for each webhook you create. The secret token is an arbitrary string that you provide, which GitHub uses to compute and sign the webhook payloads sent to CodePipeline, for protecting the integrity and authenticity of the webhook payloads. Using your own credentials or reusing the same token across multiple webhooks can lead to security vulnerabilities. > If a secret token was provided, it will be redacted in the response.", - "title": "SecretToken", + "HeaderValue": { + "markdownDescription": "The value for the header that you specified in the `HeaderName` field.", + "title": "HeaderValue", "type": "string" } }, + "required": [ + "HeaderName", + "HeaderValue" + ], "type": "object" }, - "AWS::CodePipeline::Webhook.WebhookFilterRule": { + "AWS::CloudFront::Distribution.OriginGroup": { "additionalProperties": false, "properties": { - "JsonPath": { - "markdownDescription": "A JsonPath expression that is applied to the body/payload of the webhook. The value selected by the JsonPath expression must match the value specified in the `MatchEquals` field. Otherwise, the request is ignored. For more information, see [Java JsonPath implementation](https://docs.aws.amazon.com/https://github.com/json-path/JsonPath) in GitHub.", - "title": "JsonPath", + "FailoverCriteria": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginGroupFailoverCriteria", + "markdownDescription": "A complex type that contains information about the failover criteria for an origin group.", + "title": "FailoverCriteria" + }, + "Id": { + "markdownDescription": "The origin group's ID.", + "title": "Id", "type": "string" }, - "MatchEquals": { - "markdownDescription": "The value selected by the `JsonPath` expression must match what is supplied in the `MatchEquals` field. Otherwise, the request is ignored. Properties from the target action configuration can be included as placeholders in this value by surrounding the action configuration key with curly brackets. For example, if the value supplied here is \"refs/heads/{Branch}\" and the target action has an action configuration property called \"Branch\" with a value of \"main\", the `MatchEquals` value is evaluated as \"refs/heads/main\". For a list of action configuration properties for built-in action types, see [Pipeline Structure Reference Action Requirements](https://docs.aws.amazon.com/codepipeline/latest/userguide/reference-pipeline-structure.html#action-requirements) .", - "title": "MatchEquals", + "Members": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginGroupMembers", + "markdownDescription": "A complex type that contains information about the origins in an origin group.", + "title": "Members" + }, + "SelectionCriteria": { + "markdownDescription": "The selection criteria for the origin group. For more information, see [Create an origin group](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/high_availability_origin_failover.html#concept_origin_groups.creating) in the *Amazon CloudFront Developer Guide* .", + "title": "SelectionCriteria", "type": "string" } }, "required": [ - "JsonPath" + "FailoverCriteria", + "Id", + "Members" ], "type": "object" }, - "AWS::CodeStar::GitHubRepository": { + "AWS::CloudFront::Distribution.OriginGroupFailoverCriteria": { "additionalProperties": false, "properties": { - "Condition": { + "StatusCodes": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.StatusCodes", + "markdownDescription": "The status codes that, when returned from the primary origin, will trigger CloudFront to failover to the second origin.", + "title": "StatusCodes" + } + }, + "required": [ + "StatusCodes" + ], + "type": "object" + }, + "AWS::CloudFront::Distribution.OriginGroupMember": { + "additionalProperties": false, + "properties": { + "OriginId": { + "markdownDescription": "The ID for an origin in an origin group.", + "title": "OriginId", "type": "string" + } + }, + "required": [ + "OriginId" + ], + "type": "object" + }, + "AWS::CloudFront::Distribution.OriginGroupMembers": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginGroupMember" + }, + "markdownDescription": "Items (origins) in an origin group.", + "title": "Items", + "type": "array" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Quantity": { + "markdownDescription": "The number of origins in an origin group.", + "title": "Quantity", + "type": "number" + } + }, + "required": [ + "Items", + "Quantity" + ], + "type": "object" + }, + "AWS::CloudFront::Distribution.OriginGroups": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginGroup" + }, + "markdownDescription": "The items (origin groups) in a distribution.", + "title": "Items", + "type": "array" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Quantity": { + "markdownDescription": "The number of origin groups.", + "title": "Quantity", + "type": "number" + } + }, + "required": [ + "Quantity" + ], + "type": "object" + }, + "AWS::CloudFront::Distribution.OriginShield": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "A flag that specifies whether Origin Shield is enabled.\n\nWhen it's enabled, CloudFront routes all requests through Origin Shield, which can help protect your origin. When it's disabled, CloudFront might send requests directly to your origin from multiple edge locations or regional edge caches.", + "title": "Enabled", + "type": "boolean" }, - "Metadata": { - "type": "object" + "OriginShieldRegion": { + "markdownDescription": "The AWS Region for Origin Shield.\n\nSpecify the AWS Region that has the lowest latency to your origin. To specify a region, use the region code, not the region name. For example, specify the US East (Ohio) region as `us-east-2` .\n\nWhen you enable CloudFront Origin Shield, you must specify the AWS Region for Origin Shield. For the list of AWS Regions that you can specify, and for help choosing the best Region for your origin, see [Choosing the AWS Region for Origin Shield](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/origin-shield.html#choose-origin-shield-region) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginShieldRegion", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CloudFront::Distribution.ParameterDefinition": { + "additionalProperties": false, + "properties": { + "Definition": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.Definition", + "markdownDescription": "The value that you assigned to the parameter.", + "title": "Definition" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Code": { - "$ref": "#/definitions/AWS::CodeStar::GitHubRepository.Code", - "markdownDescription": "Information about code to be committed to a repository after it is created in an AWS CloudFormation stack.", - "title": "Code" - }, - "ConnectionArn": { - "markdownDescription": "", - "title": "ConnectionArn", - "type": "string" - }, - "EnableIssues": { - "markdownDescription": "Indicates whether to enable issues for the GitHub repository. You can use GitHub issues to track information and bugs for your repository.", - "title": "EnableIssues", - "type": "boolean" - }, - "IsPrivate": { - "markdownDescription": "Indicates whether the GitHub repository is a private repository. If so, you choose who can see and commit to this repository.", - "title": "IsPrivate", - "type": "boolean" - }, - "RepositoryAccessToken": { - "markdownDescription": "The GitHub user's personal access token for the GitHub repository.", - "title": "RepositoryAccessToken", - "type": "string" - }, - "RepositoryDescription": { - "markdownDescription": "A comment or description about the new repository. This description is displayed in GitHub after the repository is created.", - "title": "RepositoryDescription", - "type": "string" - }, - "RepositoryName": { - "markdownDescription": "The name of the repository you want to create in GitHub with AWS CloudFormation stack creation.", - "title": "RepositoryName", - "type": "string" - }, - "RepositoryOwner": { - "markdownDescription": "The GitHub user name for the owner of the GitHub repository to be created. If this repository should be owned by a GitHub organization, provide its name.", - "title": "RepositoryOwner", - "type": "string" - } + "Name": { + "markdownDescription": "The name of the parameter.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Definition", + "Name" + ], + "type": "object" + }, + "AWS::CloudFront::Distribution.Restrictions": { + "additionalProperties": false, + "properties": { + "GeoRestriction": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.GeoRestriction", + "markdownDescription": "A complex type that controls the countries in which your content is distributed. CloudFront determines the location of your users using `MaxMind` GeoIP databases. To disable geo restriction, remove the [Restrictions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-distributionconfig.html#cfn-cloudfront-distribution-distributionconfig-restrictions) property from your stack template.", + "title": "GeoRestriction" + } + }, + "required": [ + "GeoRestriction" + ], + "type": "object" + }, + "AWS::CloudFront::Distribution.S3OriginConfig": { + "additionalProperties": false, + "properties": { + "OriginAccessIdentity": { + "markdownDescription": "> If you're using origin access control (OAC) instead of origin access identity, specify an empty `OriginAccessIdentity` element. For more information, see [Restricting access to an AWS](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-origin.html) in the *Amazon CloudFront Developer Guide* . \n\nThe CloudFront origin access identity to associate with the origin. Use an origin access identity to configure the origin so that viewers can *only* access objects in an Amazon S3 bucket through CloudFront. The format of the value is:\n\n`origin-access-identity/cloudfront/ID-of-origin-access-identity`\n\nThe `*ID-of-origin-access-identity*` is the value that CloudFront returned in the `ID` element when you created the origin access identity.\n\nIf you want viewers to be able to access objects using either the CloudFront URL or the Amazon S3 URL, specify an empty `OriginAccessIdentity` element.\n\nTo delete the origin access identity from an existing distribution, update the distribution configuration and include an empty `OriginAccessIdentity` element.\n\nTo replace the origin access identity, update the distribution configuration and specify the new origin access identity.\n\nFor more information about the origin access identity, see [Serving Private Content through CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginAccessIdentity", + "type": "string" + }, + "OriginReadTimeout": { + "markdownDescription": "", + "title": "OriginReadTimeout", + "type": "number" + } + }, + "type": "object" + }, + "AWS::CloudFront::Distribution.StatusCodes": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "type": "number" }, - "required": [ - "RepositoryName", - "RepositoryOwner" - ], - "type": "object" + "markdownDescription": "The items (status codes) for an origin group.", + "title": "Items", + "type": "array" }, - "Type": { - "enum": [ - "AWS::CodeStar::GitHubRepository" - ], + "Quantity": { + "markdownDescription": "The number of status codes.", + "title": "Quantity", + "type": "number" + } + }, + "required": [ + "Items", + "Quantity" + ], + "type": "object" + }, + "AWS::CloudFront::Distribution.StringSchema": { + "additionalProperties": false, + "properties": { + "Comment": { + "markdownDescription": "", + "title": "Comment", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DefaultValue": { + "markdownDescription": "", + "title": "DefaultValue", "type": "string" + }, + "Required": { + "markdownDescription": "", + "title": "Required", + "type": "boolean" } }, "required": [ - "Type", - "Properties" + "Required" ], "type": "object" }, - "AWS::CodeStar::GitHubRepository.Code": { + "AWS::CloudFront::Distribution.TenantConfig": { "additionalProperties": false, "properties": { - "S3": { - "$ref": "#/definitions/AWS::CodeStar::GitHubRepository.S3", - "markdownDescription": "Information about the Amazon S3 bucket that contains a ZIP file of code to be committed to the repository.", - "title": "S3" + "ParameterDefinitions": { + "items": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.ParameterDefinition" + }, + "markdownDescription": "The parameters that you specify for a distribution tenant.", + "title": "ParameterDefinitions", + "type": "array" } }, - "required": [ - "S3" - ], "type": "object" }, - "AWS::CodeStar::GitHubRepository.S3": { + "AWS::CloudFront::Distribution.ViewerCertificate": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The name of the Amazon S3 bucket that contains the ZIP file with the content to be committed to the new repository.", - "title": "Bucket", + "AcmCertificateArn": { + "markdownDescription": "> In CloudFormation, this field name is `AcmCertificateArn` . Note the different capitalization. \n\nIf the distribution uses `Aliases` (alternate domain names or CNAMEs) and the SSL/TLS certificate is stored in [AWS Certificate Manager (ACM)](https://docs.aws.amazon.com/acm/latest/userguide/acm-overview.html) , provide the Amazon Resource Name (ARN) of the ACM certificate. CloudFront only supports ACM certificates in the US East (N. Virginia) Region ( `us-east-1` ).\n\nIf you specify an ACM certificate ARN, you must also specify values for `MinimumProtocolVersion` and `SSLSupportMethod` . (In CloudFormation, the field name is `SslSupportMethod` . Note the different capitalization.)", + "title": "AcmCertificateArn", "type": "string" }, - "Key": { - "markdownDescription": "The S3 object key or file name for the ZIP file.", - "title": "Key", + "CloudFrontDefaultCertificate": { + "markdownDescription": "If the distribution uses the CloudFront domain name such as `d111111abcdef8.cloudfront.net` , set this field to `true` .\n\nIf the distribution uses `Aliases` (alternate domain names or CNAMEs), omit this field and specify values for the following fields:\n\n- `AcmCertificateArn` or `IamCertificateId` (specify a value for one, not both)\n- `MinimumProtocolVersion`\n- `SslSupportMethod`", + "title": "CloudFrontDefaultCertificate", + "type": "boolean" + }, + "IamCertificateId": { + "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . > In CloudFormation, this field name is `IamCertificateId` . Note the different capitalization. \n\nIf the distribution uses `Aliases` (alternate domain names or CNAMEs) and the SSL/TLS certificate is stored in [AWS Identity and Access Management (IAM)](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html) , provide the ID of the IAM certificate.\n\nIf you specify an IAM certificate ID, you must also specify values for `MinimumProtocolVersion` and `SSLSupportMethod` . (In CloudFormation, the field name is `SslSupportMethod` . Note the different capitalization.)", + "title": "IamCertificateId", "type": "string" }, - "ObjectVersion": { - "markdownDescription": "The object version of the ZIP file, if versioning is enabled for the Amazon S3 bucket.", - "title": "ObjectVersion", + "MinimumProtocolVersion": { + "markdownDescription": "If the distribution uses `Aliases` (alternate domain names or CNAMEs), specify the security policy that you want CloudFront to use for HTTPS connections with viewers. The security policy determines two settings:\n\n- The minimum SSL/TLS protocol that CloudFront can use to communicate with viewers.\n- The ciphers that CloudFront can use to encrypt the content that it returns to viewers.\n\nFor more information, see [Security Policy](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValues-security-policy) and [Supported Protocols and Ciphers Between Viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/secure-connections-supported-viewer-protocols-ciphers.html#secure-connections-supported-ciphers) in the *Amazon CloudFront Developer Guide* .\n\n> On the CloudFront console, this setting is called *Security Policy* . \n\nWhen you're using SNI only (you set `SSLSupportMethod` to `sni-only` ), you must specify `TLSv1` or higher. (In CloudFormation, the field name is `SslSupportMethod` . Note the different capitalization.)\n\nIf the distribution uses the CloudFront domain name such as `d111111abcdef8.cloudfront.net` (you set `CloudFrontDefaultCertificate` to `true` ), CloudFront automatically sets the security policy to `TLSv1` regardless of the value that you set here.", + "title": "MinimumProtocolVersion", + "type": "string" + }, + "SslSupportMethod": { + "markdownDescription": "> In CloudFormation, this field name is `SslSupportMethod` . Note the different capitalization. \n\nIf the distribution uses `Aliases` (alternate domain names or CNAMEs), specify which viewers the distribution accepts HTTPS connections from.\n\n- `sni-only` \u2013 The distribution accepts HTTPS connections from only viewers that support [server name indication (SNI)](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Server_Name_Indication) . This is recommended. Most browsers and clients support SNI.\n- `vip` \u2013 The distribution accepts HTTPS connections from all viewers including those that don't support SNI. This is not recommended, and results in additional monthly charges from CloudFront.\n- `static-ip` - Do not specify this value unless your distribution has been enabled for this feature by the CloudFront team. If you have a use case that requires static IP addresses for a distribution, contact CloudFront through the [Support Center](https://docs.aws.amazon.com/support/home) .\n\nIf the distribution uses the CloudFront domain name such as `d111111abcdef8.cloudfront.net` , don't set a value for this field.", + "title": "SslSupportMethod", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CloudFront::Distribution.VpcOriginConfig": { + "additionalProperties": false, + "properties": { + "OriginKeepaliveTimeout": { + "markdownDescription": "Specifies how long, in seconds, CloudFront persists its connection to the origin. The minimum timeout is 1 second, the maximum is 120 seconds, and the default (if you don't specify otherwise) is 5 seconds.\n\nFor more information, see [Keep-alive timeout (custom origins only)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DownloadDistValuesOrigin.html#DownloadDistValuesOriginKeepaliveTimeout) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginKeepaliveTimeout", + "type": "number" + }, + "OriginReadTimeout": { + "markdownDescription": "Specifies how long, in seconds, CloudFront waits for a response from the origin. This is also known as the *origin response timeout* . The minimum timeout is 1 second, the maximum is 120 seconds, and the default (if you don't specify otherwise) is 30 seconds.\n\nFor more information, see [Response timeout (custom origins only)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DownloadDistValuesOrigin.html#DownloadDistValuesOriginResponseTimeout) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginReadTimeout", + "type": "number" + }, + "VpcOriginId": { + "markdownDescription": "The VPC origin ID.", + "title": "VpcOriginId", "type": "string" } }, "required": [ - "Bucket", - "Key" + "VpcOriginId" ], "type": "object" }, - "AWS::CodeStarConnections::Connection": { + "AWS::CloudFront::DistributionTenant": { "additionalProperties": false, "properties": { "Condition": { @@ -44717,38 +50535,71 @@ "Properties": { "additionalProperties": false, "properties": { - "ConnectionName": { - "markdownDescription": "The name of the connection. Connection names must be unique in an AWS account .", - "title": "ConnectionName", + "ConnectionGroupId": { + "markdownDescription": "The ID of the connection group for the distribution tenant. If you don't specify a connection group, CloudFront uses the default connection group.", + "title": "ConnectionGroupId", "type": "string" }, - "HostArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the host associated with the connection.", - "title": "HostArn", + "Customizations": { + "$ref": "#/definitions/AWS::CloudFront::DistributionTenant.Customizations", + "markdownDescription": "Customizations for the distribution tenant. For each distribution tenant, you can specify the geographic restrictions, and the Amazon Resource Names (ARNs) for the ACM certificate and AWS WAF web ACL. These are specific values that you can override or disable from the multi-tenant distribution that was used to create the distribution tenant.", + "title": "Customizations" + }, + "DistributionId": { + "markdownDescription": "The ID of the multi-tenant distribution.", + "title": "DistributionId", "type": "string" }, - "ProviderType": { - "markdownDescription": "The name of the external provider where your third-party code repository is configured.", - "title": "ProviderType", + "Domains": { + "items": { + "type": "string" + }, + "markdownDescription": "The domains associated with the distribution tenant.", + "title": "Domains", + "type": "array" + }, + "Enabled": { + "markdownDescription": "Indicates whether the distribution tenant is in an enabled state. If disabled, the distribution tenant won't serve traffic.", + "title": "Enabled", + "type": "boolean" + }, + "ManagedCertificateRequest": { + "$ref": "#/definitions/AWS::CloudFront::DistributionTenant.ManagedCertificateRequest", + "markdownDescription": "An object that represents the request for the Amazon CloudFront managed ACM certificate.", + "title": "ManagedCertificateRequest" + }, + "Name": { + "markdownDescription": "The name of the distribution tenant.", + "title": "Name", "type": "string" }, + "Parameters": { + "items": { + "$ref": "#/definitions/AWS::CloudFront::DistributionTenant.Parameter" + }, + "markdownDescription": "A list of parameter values to add to the resource. A parameter is specified as a key-value pair. A valid parameter value must exist for any parameter that is marked as required in the multi-tenant distribution.", + "title": "Parameters", + "type": "array" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Specifies the tags applied to the resource.", + "markdownDescription": "A complex type that contains zero or more `Tag` elements.", "title": "Tags", "type": "array" } }, "required": [ - "ConnectionName" + "DistributionId", + "Domains", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeStarConnections::Connection" + "AWS::CloudFront::DistributionTenant" ], "type": "string" }, @@ -44767,7 +50618,127 @@ ], "type": "object" }, - "AWS::CodeStarConnections::RepositoryLink": { + "AWS::CloudFront::DistributionTenant.Certificate": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the ACM certificate.", + "title": "Arn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CloudFront::DistributionTenant.Customizations": { + "additionalProperties": false, + "properties": { + "Certificate": { + "$ref": "#/definitions/AWS::CloudFront::DistributionTenant.Certificate", + "markdownDescription": "The AWS Certificate Manager (ACM) certificate.", + "title": "Certificate" + }, + "GeoRestrictions": { + "$ref": "#/definitions/AWS::CloudFront::DistributionTenant.GeoRestrictionCustomization", + "markdownDescription": "The geographic restrictions.", + "title": "GeoRestrictions" + }, + "WebAcl": { + "$ref": "#/definitions/AWS::CloudFront::DistributionTenant.WebAclCustomization", + "markdownDescription": "The AWS WAF web ACL.", + "title": "WebAcl" + } + }, + "type": "object" + }, + "AWS::CloudFront::DistributionTenant.DomainResult": { + "additionalProperties": false, + "properties": { + "Domain": { + "markdownDescription": "The specified domain.", + "title": "Domain", + "type": "string" + }, + "Status": { + "markdownDescription": "Whether the domain is active or inactive.", + "title": "Status", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CloudFront::DistributionTenant.GeoRestrictionCustomization": { + "additionalProperties": false, + "properties": { + "Locations": { + "items": { + "type": "string" + }, + "markdownDescription": "The locations for geographic restrictions.", + "title": "Locations", + "type": "array" + }, + "RestrictionType": { + "markdownDescription": "The method that you want to use to restrict distribution of your content by country:\n\n- `none` : No geographic restriction is enabled, meaning access to content is not restricted by client geo location.\n- `blacklist` : The `Location` elements specify the countries in which you don't want CloudFront to distribute your content.\n- `whitelist` : The `Location` elements specify the countries in which you want CloudFront to distribute your content.", + "title": "RestrictionType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CloudFront::DistributionTenant.ManagedCertificateRequest": { + "additionalProperties": false, + "properties": { + "CertificateTransparencyLoggingPreference": { + "markdownDescription": "You can opt out of certificate transparency logging by specifying the `disabled` option. Opt in by specifying `enabled` . For more information, see [Certificate Transparency Logging](https://docs.aws.amazon.com/acm/latest/userguide/acm-concepts.html#concept-transparency) in the *AWS Certificate Manager User Guide* .", + "title": "CertificateTransparencyLoggingPreference", + "type": "string" + }, + "PrimaryDomainName": { + "markdownDescription": "The primary domain name associated with the CloudFront managed ACM certificate.", + "title": "PrimaryDomainName", + "type": "string" + }, + "ValidationTokenHost": { + "markdownDescription": "Specify how the HTTP validation token will be served when requesting the CloudFront managed ACM certificate.\n\n- For `cloudfront` , CloudFront will automatically serve the validation token. Choose this mode if you can point the domain's DNS to CloudFront immediately.\n- For `self-hosted` , you serve the validation token from your existing infrastructure. Choose this mode when you need to maintain current traffic flow while your certificate is being issued. You can place the validation token at the well-known path on your existing web server, wait for ACM to validate and issue the certificate, and then update your DNS to point to CloudFront.", + "title": "ValidationTokenHost", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CloudFront::DistributionTenant.Parameter": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The parameter name.", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The parameter value.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CloudFront::DistributionTenant.WebAclCustomization": { + "additionalProperties": false, + "properties": { + "Action": { + "markdownDescription": "The action for the AWS WAF web ACL customization. You can specify `override` to specify a separate AWS WAF web ACL for the distribution tenant. If you specify `disable` , the distribution tenant won't have AWS WAF web ACL protections and won't inherit from the multi-tenant distribution.", + "title": "Action", + "type": "string" + }, + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS WAF web ACL.", + "title": "Arn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CloudFront::Function": { "additionalProperties": false, "properties": { "Condition": { @@ -44802,45 +50773,42 @@ "Properties": { "additionalProperties": false, "properties": { - "ConnectionArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the connection associated with the repository link.", - "title": "ConnectionArn", - "type": "string" + "AutoPublish": { + "markdownDescription": "A flag that determines whether to automatically publish the function to the `LIVE` stage when it\u2019s created. To automatically publish to the `LIVE` stage, set this property to `true` .", + "title": "AutoPublish", + "type": "boolean" }, - "EncryptionKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the encryption key for the repository associated with the repository link.", - "title": "EncryptionKeyArn", + "FunctionCode": { + "markdownDescription": "The function code. For more information about writing a CloudFront function, see [Writing function code for CloudFront Functions](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/writing-function-code.html) in the *Amazon CloudFront Developer Guide* .", + "title": "FunctionCode", "type": "string" }, - "OwnerId": { - "markdownDescription": "The owner ID for the repository associated with the repository link, such as the owner ID in GitHub.", - "title": "OwnerId", - "type": "string" + "FunctionConfig": { + "$ref": "#/definitions/AWS::CloudFront::Function.FunctionConfig", + "markdownDescription": "Contains configuration information about a CloudFront function.", + "title": "FunctionConfig" }, - "RepositoryName": { - "markdownDescription": "The name of the repository associated with the repository link.", - "title": "RepositoryName", - "type": "string" + "FunctionMetadata": { + "$ref": "#/definitions/AWS::CloudFront::Function.FunctionMetadata", + "markdownDescription": "Contains metadata about a CloudFront function.", + "title": "FunctionMetadata" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags for the repository to be associated with the repository link.", - "title": "Tags", - "type": "array" + "Name": { + "markdownDescription": "A name to identify the function.", + "title": "Name", + "type": "string" } }, "required": [ - "ConnectionArn", - "OwnerId", - "RepositoryName" + "FunctionCode", + "FunctionConfig", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeStarConnections::RepositoryLink" + "AWS::CloudFront::Function" ], "type": "string" }, @@ -44859,7 +50827,60 @@ ], "type": "object" }, - "AWS::CodeStarConnections::SyncConfiguration": { + "AWS::CloudFront::Function.FunctionConfig": { + "additionalProperties": false, + "properties": { + "Comment": { + "markdownDescription": "A comment to describe the function.", + "title": "Comment", + "type": "string" + }, + "KeyValueStoreAssociations": { + "items": { + "$ref": "#/definitions/AWS::CloudFront::Function.KeyValueStoreAssociation" + }, + "markdownDescription": "The configuration for the key value store associations.", + "title": "KeyValueStoreAssociations", + "type": "array" + }, + "Runtime": { + "markdownDescription": "The function's runtime environment version.", + "title": "Runtime", + "type": "string" + } + }, + "required": [ + "Comment", + "Runtime" + ], + "type": "object" + }, + "AWS::CloudFront::Function.FunctionMetadata": { + "additionalProperties": false, + "properties": { + "FunctionARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the function. The ARN uniquely identifies the function.", + "title": "FunctionARN", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CloudFront::Function.KeyValueStoreAssociation": { + "additionalProperties": false, + "properties": { + "KeyValueStoreARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the key value store association.", + "title": "KeyValueStoreARN", + "type": "string" + } + }, + "required": [ + "KeyValueStoreARN" + ], + "type": "object" + }, + "AWS::CloudFront::KeyGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -44894,60 +50915,20 @@ "Properties": { "additionalProperties": false, "properties": { - "Branch": { - "markdownDescription": "The branch associated with a specific sync configuration.", - "title": "Branch", - "type": "string" - }, - "ConfigFile": { - "markdownDescription": "The file path to the configuration file associated with a specific sync configuration. The path should point to an actual file in the sync configurations linked repository.", - "title": "ConfigFile", - "type": "string" - }, - "PublishDeploymentStatus": { - "markdownDescription": "Whether to enable or disable publishing of deployment status to source providers.", - "title": "PublishDeploymentStatus", - "type": "string" - }, - "RepositoryLinkId": { - "markdownDescription": "The ID of the repository link associated with a specific sync configuration.", - "title": "RepositoryLinkId", - "type": "string" - }, - "ResourceName": { - "markdownDescription": "The name of the connection resource associated with a specific sync configuration.", - "title": "ResourceName", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role associated with a specific sync configuration.", - "title": "RoleArn", - "type": "string" - }, - "SyncType": { - "markdownDescription": "The type of sync for a specific sync configuration.", - "title": "SyncType", - "type": "string" - }, - "TriggerResourceUpdateOn": { - "markdownDescription": "When to trigger Git sync to begin the stack update.", - "title": "TriggerResourceUpdateOn", - "type": "string" + "KeyGroupConfig": { + "$ref": "#/definitions/AWS::CloudFront::KeyGroup.KeyGroupConfig", + "markdownDescription": "The key group configuration.", + "title": "KeyGroupConfig" } }, "required": [ - "Branch", - "ConfigFile", - "RepositoryLinkId", - "ResourceName", - "RoleArn", - "SyncType" + "KeyGroupConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeStarConnections::SyncConfiguration" + "AWS::CloudFront::KeyGroup" ], "type": "string" }, @@ -44966,7 +50947,35 @@ ], "type": "object" }, - "AWS::CodeStarNotifications::NotificationRule": { + "AWS::CloudFront::KeyGroup.KeyGroupConfig": { + "additionalProperties": false, + "properties": { + "Comment": { + "markdownDescription": "A comment to describe the key group. The comment cannot be longer than 128 characters.", + "title": "Comment", + "type": "string" + }, + "Items": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the identifiers of the public keys in the key group.", + "title": "Items", + "type": "array" + }, + "Name": { + "markdownDescription": "A name to identify the key group.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Items", + "Name" + ], + "type": "object" + }, + "AWS::CloudFront::KeyValueStore": { "additionalProperties": false, "properties": { "Condition": { @@ -45001,81 +51010,30 @@ "Properties": { "additionalProperties": false, "properties": { - "CreatedBy": { - "markdownDescription": "The name or email alias of the person who created the notification rule.", - "title": "CreatedBy", - "type": "string" - }, - "DetailType": { - "markdownDescription": "The level of detail to include in the notifications for this resource. `BASIC` will include only the contents of the event as it would appear in Amazon CloudWatch. `FULL` will include any supplemental information provided by AWS CodeStar Notifications and/or the service for the resource for which the notification is created.", - "title": "DetailType", - "type": "string" - }, - "EventTypeId": { - "markdownDescription": "The event type associated with this notification rule. For a complete list of event types and IDs, see [Notification concepts](https://docs.aws.amazon.com/dtconsole/latest/userguide/concepts.html#concepts-api) in the *Developer Tools Console User Guide* .", - "title": "EventTypeId", + "Comment": { + "markdownDescription": "A comment for the key value store.", + "title": "Comment", "type": "string" }, - "EventTypeIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of event types associated with this notification rule. For a complete list of event types and IDs, see [Notification concepts](https://docs.aws.amazon.com/dtconsole/latest/userguide/concepts.html#concepts-api) in the *Developer Tools Console User Guide* .", - "title": "EventTypeIds", - "type": "array" + "ImportSource": { + "$ref": "#/definitions/AWS::CloudFront::KeyValueStore.ImportSource", + "markdownDescription": "The import source for the key value store.", + "title": "ImportSource" }, "Name": { - "markdownDescription": "The name for the notification rule. Notification rule names must be unique in your AWS account .", + "markdownDescription": "The name of the key value store.", "title": "Name", "type": "string" - }, - "Resource": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource to associate with the notification rule. Supported resources include pipelines in AWS CodePipeline , repositories in AWS CodeCommit , and build projects in AWS CodeBuild .", - "title": "Resource", - "type": "string" - }, - "Status": { - "markdownDescription": "The status of the notification rule. The default value is `ENABLED` . If the status is set to `DISABLED` , notifications aren't sent for the notification rule.", - "title": "Status", - "type": "string" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "A list of tags to apply to this notification rule. Key names cannot start with \" `aws` \".", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - }, - "TargetAddress": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic or client.", - "title": "TargetAddress", - "type": "string" - }, - "Targets": { - "items": { - "$ref": "#/definitions/AWS::CodeStarNotifications::NotificationRule.Target" - }, - "markdownDescription": "A list of Amazon Resource Names (ARNs) of Amazon SNS topics and clients to associate with the notification rule.", - "title": "Targets", - "type": "array" } }, "required": [ - "DetailType", - "EventTypeIds", - "Name", - "Resource", - "Targets" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeStarNotifications::NotificationRule" + "AWS::CloudFront::KeyValueStore" ], "type": "string" }, @@ -45094,27 +51052,27 @@ ], "type": "object" }, - "AWS::CodeStarNotifications::NotificationRule.Target": { + "AWS::CloudFront::KeyValueStore.ImportSource": { "additionalProperties": false, "properties": { - "TargetAddress": { - "markdownDescription": "The Amazon Resource Name (ARN) of the topic or client.", - "title": "TargetAddress", + "SourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the import source for the key value store.", + "title": "SourceArn", "type": "string" }, - "TargetType": { - "markdownDescription": "The target type. Can be an Amazon Simple Notification Service topic or client.\n\n- Amazon Simple Notification Service topics are specified as `SNS` .\n- clients are specified as `AWSChatbotSlack` .\n- clients for Microsoft Teams are specified as `AWSChatbotMicrosoftTeams` .", - "title": "TargetType", + "SourceType": { + "markdownDescription": "The source type of the import source for the key value store.", + "title": "SourceType", "type": "string" } }, "required": [ - "TargetAddress", - "TargetType" + "SourceArn", + "SourceType" ], "type": "object" }, - "AWS::Cognito::IdentityPool": { + "AWS::CloudFront::MonitoringSubscription": { "additionalProperties": false, "properties": { "Condition": { @@ -45149,79 +51107,26 @@ "Properties": { "additionalProperties": false, "properties": { - "AllowClassicFlow": { - "markdownDescription": "Enables the Basic (Classic) authentication flow.", - "title": "AllowClassicFlow", - "type": "boolean" - }, - "AllowUnauthenticatedIdentities": { - "markdownDescription": "Specifies whether the identity pool supports unauthenticated logins.", - "title": "AllowUnauthenticatedIdentities", - "type": "boolean" - }, - "CognitoEvents": { - "markdownDescription": "The events to configure.", - "title": "CognitoEvents", - "type": "object" - }, - "CognitoIdentityProviders": { - "items": { - "$ref": "#/definitions/AWS::Cognito::IdentityPool.CognitoIdentityProvider" - }, - "markdownDescription": "The Amazon Cognito user pools and their client IDs.", - "title": "CognitoIdentityProviders", - "type": "array" - }, - "CognitoStreams": { - "$ref": "#/definitions/AWS::Cognito::IdentityPool.CognitoStreams", - "markdownDescription": "Configuration options for configuring Amazon Cognito streams.", - "title": "CognitoStreams" - }, - "DeveloperProviderName": { - "markdownDescription": "The \"domain\" Amazon Cognito uses when referencing your users. This name acts as a placeholder that allows your backend and the Amazon Cognito service to communicate about the developer provider. For the `DeveloperProviderName` , you can use letters and periods (.), underscores (_), and dashes (-).\n\n*Minimum length* : 1\n\n*Maximum length* : 100", - "title": "DeveloperProviderName", - "type": "string" - }, - "IdentityPoolName": { - "markdownDescription": "The name of your Amazon Cognito identity pool.\n\n*Minimum length* : 1\n\n*Maximum length* : 128\n\n*Pattern* : `[\\w\\s+=,.@-]+`", - "title": "IdentityPoolName", + "DistributionId": { + "markdownDescription": "The ID of the distribution that you are enabling metrics for.", + "title": "DistributionId", "type": "string" }, - "OpenIdConnectProviderARNs": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Names (ARNs) of the OpenID connect providers.", - "title": "OpenIdConnectProviderARNs", - "type": "array" - }, - "PushSync": { - "$ref": "#/definitions/AWS::Cognito::IdentityPool.PushSync", - "markdownDescription": "The configuration options to be applied to the identity pool.", - "title": "PushSync" - }, - "SamlProviderARNs": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Names (ARNs) of the Security Assertion Markup Language (SAML) providers.", - "title": "SamlProviderARNs", - "type": "array" - }, - "SupportedLoginProviders": { - "markdownDescription": "Key-value pairs that map provider names to provider app IDs.", - "title": "SupportedLoginProviders", - "type": "object" + "MonitoringSubscription": { + "$ref": "#/definitions/AWS::CloudFront::MonitoringSubscription.MonitoringSubscription", + "markdownDescription": "A subscription configuration for additional CloudWatch metrics.", + "title": "MonitoringSubscription" } }, "required": [ - "AllowUnauthenticatedIdentities" + "DistributionId", + "MonitoringSubscription" ], "type": "object" }, "Type": { "enum": [ - "AWS::Cognito::IdentityPool" + "AWS::CloudFront::MonitoringSubscription" ], "type": "string" }, @@ -45240,72 +51145,32 @@ ], "type": "object" }, - "AWS::Cognito::IdentityPool.CognitoIdentityProvider": { - "additionalProperties": false, - "properties": { - "ClientId": { - "markdownDescription": "The client ID for the Amazon Cognito user pool.", - "title": "ClientId", - "type": "string" - }, - "ProviderName": { - "markdownDescription": "The provider name for an Amazon Cognito user pool. For example: `cognito-idp.us-east-2.amazonaws.com/us-east-2_123456789` .", - "title": "ProviderName", - "type": "string" - }, - "ServerSideTokenCheck": { - "markdownDescription": "TRUE if server-side token validation is enabled for the identity provider\u2019s token.\n\nAfter you set the `ServerSideTokenCheck` to TRUE for an identity pool, that identity pool checks with the integrated user pools to make sure the user has not been globally signed out or deleted before the identity pool provides an OIDC token or AWS credentials for the user.\n\nIf the user is signed out or deleted, the identity pool returns a 400 Not Authorized error.", - "title": "ServerSideTokenCheck", - "type": "boolean" - } - }, - "required": [ - "ClientId", - "ProviderName" - ], - "type": "object" - }, - "AWS::Cognito::IdentityPool.CognitoStreams": { + "AWS::CloudFront::MonitoringSubscription.MonitoringSubscription": { "additionalProperties": false, "properties": { - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role Amazon Cognito can assume to publish to the stream. This role must grant access to Amazon Cognito (cognito-sync) to invoke `PutRecord` on your Amazon Cognito stream.", - "title": "RoleArn", - "type": "string" - }, - "StreamName": { - "markdownDescription": "The name of the Amazon Cognito stream to receive updates. This stream must be in the developer's account and in the same Region as the identity pool.", - "title": "StreamName", - "type": "string" - }, - "StreamingStatus": { - "markdownDescription": "Status of the Amazon Cognito streams. Valid values are: `ENABLED` or `DISABLED` .", - "title": "StreamingStatus", - "type": "string" + "RealtimeMetricsSubscriptionConfig": { + "$ref": "#/definitions/AWS::CloudFront::MonitoringSubscription.RealtimeMetricsSubscriptionConfig", + "markdownDescription": "A subscription configuration for additional CloudWatch metrics.", + "title": "RealtimeMetricsSubscriptionConfig" } }, "type": "object" }, - "AWS::Cognito::IdentityPool.PushSync": { + "AWS::CloudFront::MonitoringSubscription.RealtimeMetricsSubscriptionConfig": { "additionalProperties": false, "properties": { - "ApplicationArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The ARNs of the Amazon SNS platform applications that could be used by clients.", - "title": "ApplicationArns", - "type": "array" - }, - "RoleArn": { - "markdownDescription": "An IAM role configured to allow Amazon Cognito to call Amazon SNS on behalf of the developer.", - "title": "RoleArn", + "RealtimeMetricsSubscriptionStatus": { + "markdownDescription": "A flag that indicates whether additional CloudWatch metrics are enabled for a given CloudFront distribution.", + "title": "RealtimeMetricsSubscriptionStatus", "type": "string" } }, + "required": [ + "RealtimeMetricsSubscriptionStatus" + ], "type": "object" }, - "AWS::Cognito::IdentityPoolPrincipalTag": { + "AWS::CloudFront::OriginAccessControl": { "additionalProperties": false, "properties": { "Condition": { @@ -45340,36 +51205,20 @@ "Properties": { "additionalProperties": false, "properties": { - "IdentityPoolId": { - "markdownDescription": "The identity pool that you want to associate with this principal tag map.", - "title": "IdentityPoolId", - "type": "string" - }, - "IdentityProviderName": { - "markdownDescription": "The identity pool identity provider (IdP) that you want to associate with this principal tag map.", - "title": "IdentityProviderName", - "type": "string" - }, - "PrincipalTags": { - "markdownDescription": "A JSON-formatted list of user claims and the principal tags that you want to associate with them. When Amazon Cognito requests credentials, it sets the value of the principal tag to the value of the user's claim.", - "title": "PrincipalTags", - "type": "object" - }, - "UseDefaults": { - "markdownDescription": "Use a default set of mappings between claims and tags for this provider, instead of a custom map.", - "title": "UseDefaults", - "type": "boolean" + "OriginAccessControlConfig": { + "$ref": "#/definitions/AWS::CloudFront::OriginAccessControl.OriginAccessControlConfig", + "markdownDescription": "The origin access control.", + "title": "OriginAccessControlConfig" } }, "required": [ - "IdentityPoolId", - "IdentityProviderName" + "OriginAccessControlConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::Cognito::IdentityPoolPrincipalTag" + "AWS::CloudFront::OriginAccessControl" ], "type": "string" }, @@ -45388,7 +51237,44 @@ ], "type": "object" }, - "AWS::Cognito::IdentityPoolRoleAttachment": { + "AWS::CloudFront::OriginAccessControl.OriginAccessControlConfig": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the origin access control.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "A name to identify the origin access control. You can specify up to 64 characters.", + "title": "Name", + "type": "string" + }, + "OriginAccessControlOriginType": { + "markdownDescription": "The type of origin that this origin access control is for.", + "title": "OriginAccessControlOriginType", + "type": "string" + }, + "SigningBehavior": { + "markdownDescription": "Specifies which requests CloudFront signs (adds authentication information to). Specify `always` for the most common use case. For more information, see [origin access control advanced settings](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html#oac-advanced-settings) in the *Amazon CloudFront Developer Guide* .\n\nThis field can have one of the following values:\n\n- `always` \u2013 CloudFront signs all origin requests, overwriting the `Authorization` header from the viewer request if one exists.\n- `never` \u2013 CloudFront doesn't sign any origin requests. This value turns off origin access control for all origins in all distributions that use this origin access control.\n- `no-override` \u2013 If the viewer request doesn't contain the `Authorization` header, then CloudFront signs the origin request. If the viewer request contains the `Authorization` header, then CloudFront doesn't sign the origin request and instead passes along the `Authorization` header from the viewer request. *WARNING: To pass along the `Authorization` header from the viewer request, you *must* add the `Authorization` header to a [cache policy](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html) for all cache behaviors that use origins associated with this origin access control.*", + "title": "SigningBehavior", + "type": "string" + }, + "SigningProtocol": { + "markdownDescription": "The signing protocol of the origin access control, which determines how CloudFront signs (authenticates) requests. The only valid value is `sigv4` .", + "title": "SigningProtocol", + "type": "string" + } + }, + "required": [ + "Name", + "OriginAccessControlOriginType", + "SigningBehavior", + "SigningProtocol" + ], + "type": "object" + }, + "AWS::CloudFront::OriginRequestPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -45423,42 +51309,20 @@ "Properties": { "additionalProperties": false, "properties": { - "IdentityPoolId": { - "markdownDescription": "An identity pool ID in the format `REGION:GUID` .", - "title": "IdentityPoolId", - "type": "string" - }, - "RoleMappings": { - "additionalProperties": false, - "markdownDescription": "How users for a specific identity provider are mapped to roles. This is a string to the `RoleMapping` object map. The string identifies the identity provider. For example: `graph.facebook.com` or `cognito-idp.us-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id` .\n\nIf the `IdentityProvider` field isn't provided in this object, the string is used as the identity provider name.\n\nFor more information, see the [RoleMapping property](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypoolroleattachment-rolemapping.html) .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::Cognito::IdentityPoolRoleAttachment.RoleMapping" - } - }, - "title": "RoleMappings", - "type": "object" - }, - "Roles": { - "additionalProperties": true, - "markdownDescription": "The map of the roles associated with this pool. For a given role, the key is either \"authenticated\" or \"unauthenticated\". The value is the role ARN.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Roles", - "type": "object" + "OriginRequestPolicyConfig": { + "$ref": "#/definitions/AWS::CloudFront::OriginRequestPolicy.OriginRequestPolicyConfig", + "markdownDescription": "The origin request policy configuration.", + "title": "OriginRequestPolicyConfig" } }, "required": [ - "IdentityPoolId" + "OriginRequestPolicyConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::Cognito::IdentityPoolRoleAttachment" + "AWS::CloudFront::OriginRequestPolicy" ], "type": "string" }, @@ -45477,85 +51341,110 @@ ], "type": "object" }, - "AWS::Cognito::IdentityPoolRoleAttachment.MappingRule": { + "AWS::CloudFront::OriginRequestPolicy.CookiesConfig": { "additionalProperties": false, "properties": { - "Claim": { - "markdownDescription": "The claim name that must be present in the token. For example: \"isAdmin\" or \"paid\".", - "title": "Claim", - "type": "string" - }, - "MatchType": { - "markdownDescription": "The match condition that specifies how closely the claim value in the IdP token must match `Value` .\n\nValid values are: `Equals` , `Contains` , `StartsWith` , and `NotEqual` .", - "title": "MatchType", + "CookieBehavior": { + "markdownDescription": "Determines whether cookies in viewer requests are included in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` \u2013 No cookies in viewer requests are included in requests that CloudFront sends to the origin. Even when this field is set to `none` , any cookies that are listed in a `CachePolicy` *are* included in origin requests.\n- `whitelist` \u2013 Only the cookies in viewer requests that are listed in the `CookieNames` type are included in requests that CloudFront sends to the origin.\n- `all` \u2013 All cookies in viewer requests are included in requests that CloudFront sends to the origin.\n- `allExcept` \u2013 All cookies in viewer requests are included in requests that CloudFront sends to the origin, **except** for those listed in the `CookieNames` type, which are not included.", + "title": "CookieBehavior", "type": "string" }, - "RoleARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role.", - "title": "RoleARN", + "Cookies": { + "items": { + "type": "string" + }, + "markdownDescription": "Contains a list of cookie names.", + "title": "Cookies", + "type": "array" + } + }, + "required": [ + "CookieBehavior" + ], + "type": "object" + }, + "AWS::CloudFront::OriginRequestPolicy.HeadersConfig": { + "additionalProperties": false, + "properties": { + "HeaderBehavior": { + "markdownDescription": "Determines whether any HTTP headers are included in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` \u2013 No HTTP headers in viewer requests are included in requests that CloudFront sends to the origin. Even when this field is set to `none` , any headers that are listed in a `CachePolicy` *are* included in origin requests.\n- `whitelist` \u2013 Only the HTTP headers that are listed in the `Headers` type are included in requests that CloudFront sends to the origin.\n- `allViewer` \u2013 All HTTP headers in viewer requests are included in requests that CloudFront sends to the origin.\n- `allViewerAndWhitelistCloudFront` \u2013 All HTTP headers in viewer requests and the additional CloudFront headers that are listed in the `Headers` type are included in requests that CloudFront sends to the origin. The additional headers are added by CloudFront.\n- `allExcept` \u2013 All HTTP headers in viewer requests are included in requests that CloudFront sends to the origin, **except** for those listed in the `Headers` type, which are not included.", + "title": "HeaderBehavior", "type": "string" }, - "Value": { - "markdownDescription": "A brief string that the claim must match. For example, \"paid\" or \"yes\".", - "title": "Value", - "type": "string" + "Headers": { + "items": { + "type": "string" + }, + "markdownDescription": "Contains a list of HTTP header names.", + "title": "Headers", + "type": "array" } }, "required": [ - "Claim", - "MatchType", - "RoleARN", - "Value" + "HeaderBehavior" ], "type": "object" }, - "AWS::Cognito::IdentityPoolRoleAttachment.RoleMapping": { + "AWS::CloudFront::OriginRequestPolicy.OriginRequestPolicyConfig": { "additionalProperties": false, "properties": { - "AmbiguousRoleResolution": { - "markdownDescription": "If you specify Token or Rules as the `Type` , `AmbiguousRoleResolution` is required.\n\nSpecifies the action to be taken if either no rules match the claim value for the `Rules` type, or there is no `cognito:preferred_role` claim and there are multiple `cognito:roles` matches for the `Token` type.", - "title": "AmbiguousRoleResolution", + "Comment": { + "markdownDescription": "A comment to describe the origin request policy. The comment cannot be longer than 128 characters.", + "title": "Comment", "type": "string" }, - "IdentityProvider": { - "markdownDescription": "Identifier for the identity provider for which the role is mapped. For example: `graph.facebook.com` or `cognito-idp.us-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id (http://cognito-idp.us-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id)` . This is the identity provider that is used by the user for authentication.\n\nIf the identity provider property isn't provided, the key of the entry in the `RoleMappings` map is used as the identity provider.", - "title": "IdentityProvider", - "type": "string" + "CookiesConfig": { + "$ref": "#/definitions/AWS::CloudFront::OriginRequestPolicy.CookiesConfig", + "markdownDescription": "The cookies from viewer requests to include in origin requests.", + "title": "CookiesConfig" }, - "RulesConfiguration": { - "$ref": "#/definitions/AWS::Cognito::IdentityPoolRoleAttachment.RulesConfigurationType", - "markdownDescription": "The rules to be used for mapping users to roles. If you specify \"Rules\" as the role-mapping type, RulesConfiguration is required.", - "title": "RulesConfiguration" + "HeadersConfig": { + "$ref": "#/definitions/AWS::CloudFront::OriginRequestPolicy.HeadersConfig", + "markdownDescription": "The HTTP headers to include in origin requests. These can include headers from viewer requests and additional headers added by CloudFront.", + "title": "HeadersConfig" }, - "Type": { - "markdownDescription": "The role mapping type. Token will use `cognito:roles` and `cognito:preferred_role` claims from the Cognito identity provider token to map groups to roles. Rules will attempt to match claims from the token to map to a role.", - "title": "Type", + "Name": { + "markdownDescription": "A unique name to identify the origin request policy.", + "title": "Name", "type": "string" + }, + "QueryStringsConfig": { + "$ref": "#/definitions/AWS::CloudFront::OriginRequestPolicy.QueryStringsConfig", + "markdownDescription": "The URL query strings from viewer requests to include in origin requests.", + "title": "QueryStringsConfig" } }, "required": [ - "Type" + "CookiesConfig", + "HeadersConfig", + "Name", + "QueryStringsConfig" ], "type": "object" }, - "AWS::Cognito::IdentityPoolRoleAttachment.RulesConfigurationType": { + "AWS::CloudFront::OriginRequestPolicy.QueryStringsConfig": { "additionalProperties": false, "properties": { - "Rules": { + "QueryStringBehavior": { + "markdownDescription": "Determines whether any URL query strings in viewer requests are included in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` \u2013 No query strings in viewer requests are included in requests that CloudFront sends to the origin. Even when this field is set to `none` , any query strings that are listed in a `CachePolicy` *are* included in origin requests.\n- `whitelist` \u2013 Only the query strings in viewer requests that are listed in the `QueryStringNames` type are included in requests that CloudFront sends to the origin.\n- `all` \u2013 All query strings in viewer requests are included in requests that CloudFront sends to the origin.\n- `allExcept` \u2013 All query strings in viewer requests are included in requests that CloudFront sends to the origin, **except** for those listed in the `QueryStringNames` type, which are not included.", + "title": "QueryStringBehavior", + "type": "string" + }, + "QueryStrings": { "items": { - "$ref": "#/definitions/AWS::Cognito::IdentityPoolRoleAttachment.MappingRule" + "type": "string" }, - "markdownDescription": "The rules. You can specify up to 25 rules per identity provider.", - "title": "Rules", + "markdownDescription": "Contains a list of query string names.", + "title": "QueryStrings", "type": "array" } }, "required": [ - "Rules" + "QueryStringBehavior" ], "type": "object" }, - "AWS::Cognito::LogDeliveryConfiguration": { + "AWS::CloudFront::PublicKey": { "additionalProperties": false, "properties": { "Condition": { @@ -45590,28 +51479,20 @@ "Properties": { "additionalProperties": false, "properties": { - "LogConfigurations": { - "items": { - "$ref": "#/definitions/AWS::Cognito::LogDeliveryConfiguration.LogConfiguration" - }, - "markdownDescription": "A logging destination of a user pool. User pools can have multiple logging destinations for message-delivery and user-activity logs.", - "title": "LogConfigurations", - "type": "array" - }, - "UserPoolId": { - "markdownDescription": "The ID of the user pool where you configured logging.", - "title": "UserPoolId", - "type": "string" + "PublicKeyConfig": { + "$ref": "#/definitions/AWS::CloudFront::PublicKey.PublicKeyConfig", + "markdownDescription": "Configuration information about a public key that you can use with [signed URLs and signed cookies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) , or with [field-level encryption](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/field-level-encryption.html) .", + "title": "PublicKeyConfig" } }, "required": [ - "UserPoolId" + "PublicKeyConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::Cognito::LogDeliveryConfiguration" + "AWS::CloudFront::PublicKey" ], "type": "string" }, @@ -45630,39 +51511,38 @@ ], "type": "object" }, - "AWS::Cognito::LogDeliveryConfiguration.CloudWatchLogsConfiguration": { + "AWS::CloudFront::PublicKey.PublicKeyConfig": { "additionalProperties": false, "properties": { - "LogGroupArn": { - "markdownDescription": "The Amazon Resource Name (arn) of a CloudWatch Logs log group where your user pool sends logs. The log group must not be encrypted with AWS Key Management Service and must be in the same AWS account as your user pool.\n\nTo send logs to log groups with a resource policy of a size greater than 5120 characters, configure a log group with a path that starts with `/aws/vendedlogs` . For more information, see [Enabling logging from certain AWS services](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AWS-logs-and-resource-policy.html) .", - "title": "LogGroupArn", + "CallerReference": { + "markdownDescription": "A string included in the request to help make sure that the request can't be replayed.", + "title": "CallerReference", "type": "string" - } - }, - "type": "object" - }, - "AWS::Cognito::LogDeliveryConfiguration.LogConfiguration": { - "additionalProperties": false, - "properties": { - "CloudWatchLogsConfiguration": { - "$ref": "#/definitions/AWS::Cognito::LogDeliveryConfiguration.CloudWatchLogsConfiguration", - "markdownDescription": "Configuration for the CloudWatch log group destination of user pool detailed activity logging, or of user activity log export with advanced security features.", - "title": "CloudWatchLogsConfiguration" }, - "EventSource": { - "markdownDescription": "The source of events that your user pool sends for logging. To send error-level logs about user notification activity, set to `userNotification` . To send info-level logs about threat-protection user activity in user pools with the Plus feature plan, set to `userAuthEvents` .", - "title": "EventSource", + "Comment": { + "markdownDescription": "A comment to describe the public key. The comment cannot be longer than 128 characters.", + "title": "Comment", "type": "string" }, - "LogLevel": { - "markdownDescription": "The `errorlevel` selection of logs that a user pool sends for detailed activity logging. To send `userNotification` activity with [information about message delivery](https://docs.aws.amazon.com/cognito/latest/developerguide/exporting-quotas-and-usage.html) , choose `ERROR` with `CloudWatchLogsConfiguration` . To send `userAuthEvents` activity with user logs from threat protection with the Plus feature plan, choose `INFO` with one of `CloudWatchLogsConfiguration` , `FirehoseConfiguration` , or `S3Configuration` .", - "title": "LogLevel", + "EncodedKey": { + "markdownDescription": "The public key that you can use with [signed URLs and signed cookies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) , or with [field-level encryption](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/field-level-encryption.html) .", + "title": "EncodedKey", + "type": "string" + }, + "Name": { + "markdownDescription": "A name to help identify the public key.", + "title": "Name", "type": "string" } }, + "required": [ + "CallerReference", + "EncodedKey", + "Name" + ], "type": "object" }, - "AWS::Cognito::UserPool": { + "AWS::CloudFront::RealtimeLogConfig": { "additionalProperties": false, "properties": { "Condition": { @@ -45697,153 +51577,44 @@ "Properties": { "additionalProperties": false, "properties": { - "AccountRecoverySetting": { - "$ref": "#/definitions/AWS::Cognito::UserPool.AccountRecoverySetting", - "markdownDescription": "The available verified method a user can use to recover their password when they call `ForgotPassword` . You can use this setting to define a preferred method when a user has more than one method available. With this setting, SMS doesn't qualify for a valid password recovery mechanism if the user also has SMS multi-factor authentication (MFA) activated. In the absence of this setting, Amazon Cognito uses the legacy behavior to determine the recovery method where SMS is preferred through email.", - "title": "AccountRecoverySetting" - }, - "AdminCreateUserConfig": { - "$ref": "#/definitions/AWS::Cognito::UserPool.AdminCreateUserConfig", - "markdownDescription": "The settings for administrator creation of users in a user pool. Contains settings for allowing user sign-up, customizing invitation messages to new users, and the amount of time before temporary passwords expire.", - "title": "AdminCreateUserConfig" - }, - "AliasAttributes": { - "items": { - "type": "string" - }, - "markdownDescription": "Attributes supported as an alias for this user pool. For more information about alias attributes, see [Customizing sign-in attributes](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html#user-pool-settings-aliases) .", - "title": "AliasAttributes", - "type": "array" - }, - "AutoVerifiedAttributes": { + "EndPoints": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::CloudFront::RealtimeLogConfig.EndPoint" }, - "markdownDescription": "The attributes that you want your user pool to automatically verify. For more information, see [Verifying contact information at sign-up](https://docs.aws.amazon.com/cognito/latest/developerguide/signing-up-users-in-your-app.html#allowing-users-to-sign-up-and-confirm-themselves) .", - "title": "AutoVerifiedAttributes", + "markdownDescription": "Contains information about the Amazon Kinesis data stream where you are sending real-time log data for this real-time log configuration.", + "title": "EndPoints", "type": "array" }, - "DeletionProtection": { - "markdownDescription": "When active, `DeletionProtection` prevents accidental deletion of your user\npool. Before you can delete a user pool that you have protected against deletion, you\nmust deactivate this feature.\n\nWhen you try to delete a protected user pool in a `DeleteUserPool` API request, Amazon Cognito returns an `InvalidParameterException` error. To delete a protected user pool, send a new `DeleteUserPool` request after you deactivate deletion protection in an `UpdateUserPool` API request.", - "title": "DeletionProtection", - "type": "string" - }, - "DeviceConfiguration": { - "$ref": "#/definitions/AWS::Cognito::UserPool.DeviceConfiguration", - "markdownDescription": "The device-remembering configuration for a user pool. Device remembering or device tracking is a \"Remember me on this device\" option for user pools that perform authentication with the device key of a trusted device in the back end, instead of a user-provided MFA code. For more information about device authentication, see [Working with user devices in your user pool](https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html) . A null value indicates that you have deactivated device remembering in your user pool.\n\n> When you provide a value for any `DeviceConfiguration` field, you activate the Amazon Cognito device-remembering feature. For more information, see [Working with devices](https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html) .", - "title": "DeviceConfiguration" - }, - "EmailConfiguration": { - "$ref": "#/definitions/AWS::Cognito::UserPool.EmailConfiguration", - "markdownDescription": "The email configuration of your user pool. The email configuration type sets your preferred sending method, AWS Region, and sender for messages from your user pool.", - "title": "EmailConfiguration" - }, - "EmailVerificationMessage": { - "markdownDescription": "This parameter is no longer used. See [VerificationMessageTemplateType](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-verificationmessagetemplate.html) .", - "title": "EmailVerificationMessage", - "type": "string" - }, - "EmailVerificationSubject": { - "markdownDescription": "This parameter is no longer used. See [VerificationMessageTemplateType](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-verificationmessagetemplate.html) .", - "title": "EmailVerificationSubject", - "type": "string" - }, - "EnabledMfas": { + "Fields": { "items": { "type": "string" }, - "markdownDescription": "Set enabled MFA options on a specified user pool. To disable all MFAs after it has been enabled, set `MfaConfiguration` to `OFF` and remove EnabledMfas. MFAs can only be all disabled if `MfaConfiguration` is `OFF` . After you enable `SMS_MFA` , you can only disable it by setting `MfaConfiguration` to `OFF` . Can be one of the following values:\n\n- `SMS_MFA` - Enables MFA with SMS for the user pool. To select this option, you must also provide values for `SmsConfiguration` .\n- `SOFTWARE_TOKEN_MFA` - Enables software token MFA for the user pool.\n- `EMAIL_OTP` - Enables MFA with email for the user pool. To select this option, you must provide values for `EmailConfiguration` and within those, set `EmailSendingAccount` to `DEVELOPER` .\n\nAllowed values: `SMS_MFA` | `SOFTWARE_TOKEN_MFA` | `EMAIL_OTP`", - "title": "EnabledMfas", - "type": "array" - }, - "LambdaConfig": { - "$ref": "#/definitions/AWS::Cognito::UserPool.LambdaConfig", - "markdownDescription": "A collection of user pool Lambda triggers. Amazon Cognito invokes triggers at several possible stages of authentication operations. Triggers can modify the outcome of the operations that invoked them.", - "title": "LambdaConfig" - }, - "MfaConfiguration": { - "markdownDescription": "Displays the state of multi-factor authentication (MFA) as on, off, or optional. When `ON` , all users must set up MFA before they can sign in. When `OPTIONAL` , your application must make a client-side determination of whether a user wants to register an MFA device. For user pools with adaptive authentication with threat protection, choose `OPTIONAL` .\n\nWhen `MfaConfiguration` is `OPTIONAL` , managed login doesn't automatically prompt users to set up MFA. Amazon Cognito generates MFA prompts in API responses and in managed login for users who have chosen and configured a preferred MFA factor.", - "title": "MfaConfiguration", - "type": "string" - }, - "Policies": { - "$ref": "#/definitions/AWS::Cognito::UserPool.Policies", - "markdownDescription": "A list of user pool policies. Contains the policy that sets password-complexity requirements.", - "title": "Policies" - }, - "Schema": { - "items": { - "$ref": "#/definitions/AWS::Cognito::UserPool.SchemaAttribute" - }, - "markdownDescription": "An array of attributes for the new user pool. You can add custom attributes and modify the properties of default attributes. The specifications in this parameter set the required attributes in your user pool. For more information, see [Working with user attributes](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html) .", - "title": "Schema", + "markdownDescription": "A list of fields that are included in each real-time log record. In an API response, the fields are provided in the same order in which they are sent to the Amazon Kinesis data stream.\n\nFor more information about fields, see [Real-time log configuration fields](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html#understand-real-time-log-config-fields) in the *Amazon CloudFront Developer Guide* .", + "title": "Fields", "type": "array" }, - "SmsAuthenticationMessage": { - "markdownDescription": "The contents of the SMS authentication message.", - "title": "SmsAuthenticationMessage", - "type": "string" - }, - "SmsConfiguration": { - "$ref": "#/definitions/AWS::Cognito::UserPool.SmsConfiguration", - "markdownDescription": "The settings for your Amazon Cognito user pool to send SMS messages with Amazon Simple Notification Service. To send SMS messages with Amazon SNS in the AWS Region that you want, the Amazon Cognito user pool uses an AWS Identity and Access Management (IAM) role in your AWS account . For more information see [SMS message settings](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html) .", - "title": "SmsConfiguration" - }, - "SmsVerificationMessage": { - "markdownDescription": "This parameter is no longer used. See [VerificationMessageTemplateType](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-verificationmessagetemplate.html) .", - "title": "SmsVerificationMessage", - "type": "string" - }, - "UserAttributeUpdateSettings": { - "$ref": "#/definitions/AWS::Cognito::UserPool.UserAttributeUpdateSettings", - "markdownDescription": "The settings for updates to user attributes. These settings include the property `AttributesRequireVerificationBeforeUpdate` ,\na user-pool setting that tells Amazon Cognito how to handle changes to the value of your users' email address and phone number attributes. For\nmore information, see [Verifying updates to email addresses and phone numbers](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html#user-pool-settings-verifications-verify-attribute-updates) .", - "title": "UserAttributeUpdateSettings" - }, - "UserPoolAddOns": { - "$ref": "#/definitions/AWS::Cognito::UserPool.UserPoolAddOns", - "markdownDescription": "Contains settings for activation of threat protection, including the operating mode and additional authentication types. To log user security information but take no action, set to `AUDIT` . To configure automatic security responses to potentially unwanted traffic to your user pool, set to `ENFORCED` .\n\nFor more information, see [Adding advanced security to a user pool](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html) . To activate this setting, your user pool must be on the [Plus tier](https://docs.aws.amazon.com/cognito/latest/developerguide/feature-plans-features-plus.html) .", - "title": "UserPoolAddOns" - }, - "UserPoolName": { - "markdownDescription": "A friendly name for your user pool.", - "title": "UserPoolName", + "Name": { + "markdownDescription": "The unique name of this real-time log configuration.", + "title": "Name", "type": "string" }, - "UserPoolTags": { - "additionalProperties": true, - "markdownDescription": "The tag keys and values to assign to the user pool. A tag is a label that you can use to categorize and manage user pools in different ways, such as by purpose, owner, environment, or other criteria.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "UserPoolTags", - "type": "object" - }, - "UsernameAttributes": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies whether a user can use an email address or phone number as a username when they sign up.", - "title": "UsernameAttributes", - "type": "array" - }, - "UsernameConfiguration": { - "$ref": "#/definitions/AWS::Cognito::UserPool.UsernameConfiguration", - "markdownDescription": "Sets the case sensitivity option for sign-in usernames. When `CaseSensitive` is `false` (case insensitive), users can sign in with any combination of capital and lowercase letters. For example, `username` , `USERNAME` , or `UserName` , or for email, `email@example.com` or `EMaiL@eXamplE.Com` . For most use cases, set case sensitivity to `false` as a best practice. When usernames and email addresses are case insensitive, Amazon Cognito treats any variation in case as the same user, and prevents a case variation from being assigned to the same attribute for a different user.\n\nWhen `CaseSensitive` is `true` (case sensitive), Amazon Cognito interprets `USERNAME` and `UserName` as distinct users.\n\nThis configuration is immutable after you set it.", - "title": "UsernameConfiguration" - }, - "VerificationMessageTemplate": { - "$ref": "#/definitions/AWS::Cognito::UserPool.VerificationMessageTemplate", - "markdownDescription": "The template for the verification message that your user pool delivers to users who set an email address or phone number attribute.\n\nSet the email message type that corresponds to your `DefaultEmailOption` selection. For `CONFIRM_WITH_LINK` , specify an `EmailMessageByLink` and leave `EmailMessage` blank. For `CONFIRM_WITH_CODE` , specify an `EmailMessage` and leave `EmailMessageByLink` blank. When you supply both parameters with either choice, Amazon Cognito returns an error.", - "title": "VerificationMessageTemplate" + "SamplingRate": { + "markdownDescription": "The sampling rate for this real-time log configuration. The sampling rate determines the percentage of viewer requests that are represented in the real-time log data. The sampling rate is an integer between 1 and 100, inclusive.", + "title": "SamplingRate", + "type": "number" } }, + "required": [ + "EndPoints", + "Fields", + "Name", + "SamplingRate" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Cognito::UserPool" + "AWS::CloudFront::RealtimeLogConfig" ], "type": "string" }, @@ -45857,470 +51628,542 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Cognito::UserPool.AccountRecoverySetting": { + "AWS::CloudFront::RealtimeLogConfig.EndPoint": { "additionalProperties": false, "properties": { - "RecoveryMechanisms": { - "items": { - "$ref": "#/definitions/AWS::Cognito::UserPool.RecoveryOption" - }, - "markdownDescription": "The list of options and priorities for user message delivery in forgot-password operations. Sets or displays user pool preferences for email or SMS message priority, whether users should fall back to a second delivery method, and whether passwords should only be reset by administrators.", - "title": "RecoveryMechanisms", - "type": "array" + "KinesisStreamConfig": { + "$ref": "#/definitions/AWS::CloudFront::RealtimeLogConfig.KinesisStreamConfig", + "markdownDescription": "Contains information about the Amazon Kinesis data stream where you are sending real-time log data in a real-time log configuration.", + "title": "KinesisStreamConfig" + }, + "StreamType": { + "markdownDescription": "The type of data stream where you are sending real-time log data. The only valid value is `Kinesis` .", + "title": "StreamType", + "type": "string" } }, + "required": [ + "KinesisStreamConfig", + "StreamType" + ], "type": "object" }, - "AWS::Cognito::UserPool.AdminCreateUserConfig": { + "AWS::CloudFront::RealtimeLogConfig.KinesisStreamConfig": { "additionalProperties": false, "properties": { - "AllowAdminCreateUserOnly": { - "markdownDescription": "The setting for allowing self-service sign-up. When `true` , only administrators can create new user profiles. When `false` , users can register themselves and create a new user profile with the `SignUp` operation.", - "title": "AllowAdminCreateUserOnly", - "type": "boolean" - }, - "InviteMessageTemplate": { - "$ref": "#/definitions/AWS::Cognito::UserPool.InviteMessageTemplate", - "markdownDescription": "The template for the welcome message to new users. This template must include the `{####}` temporary password placeholder if you are creating users with passwords. If your users don't have passwords, you can omit the placeholder.\n\nSee also [Customizing User Invitation Messages](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-message-customizations.html#cognito-user-pool-settings-user-invitation-message-customization) .", - "title": "InviteMessageTemplate" + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Identity and Access Management (IAM) role that CloudFront can use to send real-time log data to your Kinesis data stream.\n\nFor more information the IAM role, see [Real-time log configuration IAM role](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html#understand-real-time-log-config-iam-role) in the *Amazon CloudFront Developer Guide* .", + "title": "RoleArn", + "type": "string" }, - "UnusedAccountValidityDays": { - "markdownDescription": "This parameter is no longer in use.\n\nThe password expiration limit in days for administrator-created users. When this time expires, the user can't sign in with their temporary password. To reset the account after that time limit, you must call `AdminCreateUser` again, specifying `RESEND` for the `MessageAction` parameter.\n\nThe default value for this parameter is 7.", - "title": "UnusedAccountValidityDays", - "type": "number" + "StreamArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Kinesis data stream where you are sending real-time log data.", + "title": "StreamArn", + "type": "string" } }, + "required": [ + "RoleArn", + "StreamArn" + ], "type": "object" }, - "AWS::Cognito::UserPool.CustomEmailSender": { + "AWS::CloudFront::ResponseHeadersPolicy": { "additionalProperties": false, "properties": { - "LambdaArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the function that you want to assign to your Lambda trigger.", - "title": "LambdaArn", + "Condition": { "type": "string" }, - "LambdaVersion": { - "markdownDescription": "The user pool trigger version of the request that Amazon Cognito sends to your Lambda function. Higher-numbered versions add fields that support new features.\n\nYou must use a `LambdaVersion` of `V1_0` with a custom sender function.", - "title": "LambdaVersion", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ResponseHeadersPolicyConfig": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.ResponseHeadersPolicyConfig", + "markdownDescription": "A response headers policy configuration.", + "title": "ResponseHeadersPolicyConfig" + } + }, + "required": [ + "ResponseHeadersPolicyConfig" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::CloudFront::ResponseHeadersPolicy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::Cognito::UserPool.CustomSMSSender": { + "AWS::CloudFront::ResponseHeadersPolicy.AccessControlAllowHeaders": { "additionalProperties": false, "properties": { - "LambdaArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the function that you want to assign to your Lambda trigger.", - "title": "LambdaArn", - "type": "string" - }, - "LambdaVersion": { - "markdownDescription": "The user pool trigger version of the request that Amazon Cognito sends to your Lambda function. Higher-numbered versions add fields that support new features.\n\nYou must use a `LambdaVersion` of `V1_0` with a custom sender function.", - "title": "LambdaVersion", - "type": "string" + "Items": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of HTTP header names. You can specify `*` to allow all headers.", + "title": "Items", + "type": "array" } }, + "required": [ + "Items" + ], "type": "object" }, - "AWS::Cognito::UserPool.DeviceConfiguration": { + "AWS::CloudFront::ResponseHeadersPolicy.AccessControlAllowMethods": { "additionalProperties": false, "properties": { - "ChallengeRequiredOnNewDevice": { - "markdownDescription": "When true, a remembered device can sign in with device authentication instead of SMS and time-based one-time password (TOTP) factors for multi-factor authentication (MFA).\n\n> Whether or not `ChallengeRequiredOnNewDevice` is true, users who sign in with devices that have not been confirmed or remembered must still provide a second factor in a user pool that requires MFA.", - "title": "ChallengeRequiredOnNewDevice", - "type": "boolean" - }, - "DeviceOnlyRememberedOnUserPrompt": { - "markdownDescription": "When true, Amazon Cognito doesn't automatically remember a user's device when your app sends a `ConfirmDevice` API request. In your app, create a prompt for your user to choose whether they want to remember their device. Return the user's choice in an `UpdateDeviceStatus` API request.\n\nWhen `DeviceOnlyRememberedOnUserPrompt` is `false` , Amazon Cognito immediately remembers devices that you register in a `ConfirmDevice` API request.", - "title": "DeviceOnlyRememberedOnUserPrompt", - "type": "boolean" + "Items": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of HTTP methods. Valid values are:\n\n- `GET`\n- `DELETE`\n- `HEAD`\n- `OPTIONS`\n- `PATCH`\n- `POST`\n- `PUT`\n- `ALL`\n\n`ALL` is a special value that includes all of the listed HTTP methods.", + "title": "Items", + "type": "array" } }, + "required": [ + "Items" + ], "type": "object" }, - "AWS::Cognito::UserPool.EmailConfiguration": { + "AWS::CloudFront::ResponseHeadersPolicy.AccessControlAllowOrigins": { "additionalProperties": false, "properties": { - "ConfigurationSet": { - "markdownDescription": "The set of configuration rules that can be applied to emails sent using Amazon Simple Email Service. A configuration set is applied to an email by including a reference to the configuration set in the headers of the email. Once applied, all of the rules in that configuration set are applied to the email. Configuration sets can be used to apply the following types of rules to emails:\n\n- **Event publishing** - Amazon Simple Email Service can track the number of send, delivery, open, click, bounce, and complaint events for each email sent. Use event publishing to send information about these events to other AWS services such as and Amazon CloudWatch\n- **IP pool management** - When leasing dedicated IP addresses with Amazon Simple Email Service, you can create groups of IP addresses, called dedicated IP pools. You can then associate the dedicated IP pools with configuration sets.", - "title": "ConfigurationSet", - "type": "string" - }, - "EmailSendingAccount": { - "markdownDescription": "Specifies whether Amazon Cognito uses its built-in functionality to send your users email messages, or uses your Amazon Simple Email Service email configuration. Specify one of the following values:\n\n- **COGNITO_DEFAULT** - When Amazon Cognito emails your users, it uses its built-in email functionality. When you use the default option, Amazon Cognito allows only a limited number of emails each day for your user pool. For typical production environments, the default email limit is less than the required delivery volume. To achieve a higher delivery volume, specify DEVELOPER to use your Amazon SES email configuration.\n\nTo look up the email delivery limit for the default option, see [Limits](https://docs.aws.amazon.com/cognito/latest/developerguide/limits.html) in the *Amazon Cognito Developer Guide* .\n\nThe default FROM address is `no-reply@verificationemail.com` . To customize the FROM address, provide the Amazon Resource Name (ARN) of an Amazon SES verified email address for the `SourceArn` parameter.\n- **DEVELOPER** - When Amazon Cognito emails your users, it uses your Amazon SES configuration. Amazon Cognito calls Amazon SES on your behalf to send email from your verified email address. When you use this option, the email delivery limits are the same limits that apply to your Amazon SES verified email address in your AWS account .\n\nIf you use this option, provide the ARN of an Amazon SES verified email address for the `SourceArn` parameter.\n\nBefore Amazon Cognito can email your users, it requires additional permissions to call Amazon SES on your behalf. When you update your user pool with this option, Amazon Cognito creates a *service-linked role* , which is a type of role in your AWS account . This role contains the permissions that allow you to access Amazon SES and send email messages from your email address. For more information about the service-linked role that Amazon Cognito creates, see [Using Service-Linked Roles for Amazon Cognito](https://docs.aws.amazon.com/cognito/latest/developerguide/using-service-linked-roles.html) in the *Amazon Cognito Developer Guide* .", - "title": "EmailSendingAccount", - "type": "string" - }, - "From": { - "markdownDescription": "Either the sender\u2019s email address or the sender\u2019s name with their email address. For example, `testuser@example.com` or `Test User ` . This address appears before the body of the email.", - "title": "From", - "type": "string" - }, - "ReplyToEmailAddress": { - "markdownDescription": "The destination to which the receiver of the email should reply.", - "title": "ReplyToEmailAddress", - "type": "string" - }, - "SourceArn": { - "markdownDescription": "The ARN of a verified email address or an address from a verified domain in Amazon SES. You can set a `SourceArn` email from a verified domain only with an API request. You can set a verified email address, but not an address in a verified domain, in the Amazon Cognito console. Amazon Cognito uses the email address that you provide in one of the following ways, depending on the value that you specify for the `EmailSendingAccount` parameter:\n\n- If you specify `COGNITO_DEFAULT` , Amazon Cognito uses this address as the custom FROM address when it emails your users using its built-in email account.\n- If you specify `DEVELOPER` , Amazon Cognito emails your users with this address by calling Amazon SES on your behalf.\n\nThe Region value of the `SourceArn` parameter must indicate a supported AWS Region of your user pool. Typically, the Region in the `SourceArn` and the user pool Region are the same. For more information, see [Amazon SES email configuration regions](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-email.html#user-pool-email-developer-region-mapping) in the [Amazon Cognito Developer Guide](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools.html) .", - "title": "SourceArn", - "type": "string" + "Items": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of origins (domain names). You can specify `*` to allow all origins.", + "title": "Items", + "type": "array" } }, + "required": [ + "Items" + ], "type": "object" }, - "AWS::Cognito::UserPool.InviteMessageTemplate": { + "AWS::CloudFront::ResponseHeadersPolicy.AccessControlExposeHeaders": { "additionalProperties": false, "properties": { - "EmailMessage": { - "markdownDescription": "The message template for email messages. EmailMessage is allowed only if [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is DEVELOPER.", - "title": "EmailMessage", - "type": "string" - }, - "EmailSubject": { - "markdownDescription": "The subject line for email messages. EmailSubject is allowed only if [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is DEVELOPER.", - "title": "EmailSubject", - "type": "string" - }, - "SMSMessage": { - "markdownDescription": "The message template for SMS messages.", - "title": "SMSMessage", - "type": "string" + "Items": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of HTTP headers. You can specify `*` to expose all headers.", + "title": "Items", + "type": "array" } }, + "required": [ + "Items" + ], "type": "object" }, - "AWS::Cognito::UserPool.LambdaConfig": { + "AWS::CloudFront::ResponseHeadersPolicy.ContentSecurityPolicy": { "additionalProperties": false, "properties": { - "CreateAuthChallenge": { - "markdownDescription": "The configuration of a create auth challenge Lambda trigger, one of three triggers in the sequence of the [custom authentication challenge triggers](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-challenge.html) .", - "title": "CreateAuthChallenge", - "type": "string" - }, - "CustomEmailSender": { - "$ref": "#/definitions/AWS::Cognito::UserPool.CustomEmailSender", - "markdownDescription": "The configuration of a custom email sender Lambda trigger. This trigger routes all email notifications from a user pool to a Lambda function that delivers the message using custom logic.", - "title": "CustomEmailSender" - }, - "CustomMessage": { - "markdownDescription": "A custom message Lambda trigger. This trigger is an opportunity to customize all SMS and email messages from your user pool. When a custom message trigger is active, your user pool routes all messages to a Lambda function that returns a runtime-customized message subject and body for your user pool to deliver to a user.", - "title": "CustomMessage", - "type": "string" - }, - "CustomSMSSender": { - "$ref": "#/definitions/AWS::Cognito::UserPool.CustomSMSSender", - "markdownDescription": "The configuration of a custom SMS sender Lambda trigger. This trigger routes all SMS notifications from a user pool to a Lambda function that delivers the message using custom logic.", - "title": "CustomSMSSender" - }, - "DefineAuthChallenge": { - "markdownDescription": "The configuration of a define auth challenge Lambda trigger, one of three triggers in the sequence of the [custom authentication challenge triggers](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-challenge.html) .", - "title": "DefineAuthChallenge", - "type": "string" - }, - "KMSKeyID": { - "markdownDescription": "The ARN of an [KMS key](https://docs.aws.amazon.com//kms/latest/developerguide/concepts.html#master_keys) . Amazon Cognito uses the key to encrypt codes and temporary passwords sent to custom sender Lambda triggers.", - "title": "KMSKeyID", - "type": "string" - }, - "PostAuthentication": { - "markdownDescription": "The configuration of a [post authentication Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-post-authentication.html) in a user pool. This trigger can take custom actions after a user signs in.", - "title": "PostAuthentication", - "type": "string" - }, - "PostConfirmation": { - "markdownDescription": "The configuration of a [post confirmation Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-post-confirmation.html) in a user pool. This trigger can take custom actions after a user confirms their user account and their email address or phone number.", - "title": "PostConfirmation", - "type": "string" - }, - "PreAuthentication": { - "markdownDescription": "The configuration of a [pre authentication trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-authentication.html) in a user pool. This trigger can evaluate and modify user sign-in events.", - "title": "PreAuthentication", - "type": "string" - }, - "PreSignUp": { - "markdownDescription": "The configuration of a [pre sign-up Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-sign-up.html) in a user pool. This trigger evaluates new users and can bypass confirmation, [link a federated user profile](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-identity-federation-consolidate-users.html) , or block sign-up requests.", - "title": "PreSignUp", - "type": "string" - }, - "PreTokenGeneration": { - "markdownDescription": "The legacy configuration of a [pre token generation Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-token-generation.html) in a user pool.\n\nSet this parameter for legacy purposes. If you also set an ARN in `PreTokenGenerationConfig` , its value must be identical to `PreTokenGeneration` . For new instances of pre token generation triggers, set the `LambdaArn` of `PreTokenGenerationConfig` .", - "title": "PreTokenGeneration", - "type": "string" - }, - "PreTokenGenerationConfig": { - "$ref": "#/definitions/AWS::Cognito::UserPool.PreTokenGenerationConfig", - "markdownDescription": "The detailed configuration of a [pre token generation Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-token-generation.html) in a user pool. If you also set an ARN in `PreTokenGeneration` , its value must be identical to `PreTokenGenerationConfig` .", - "title": "PreTokenGenerationConfig" - }, - "UserMigration": { - "markdownDescription": "The configuration of a [migrate user Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-migrate-user.html) in a user pool. This trigger can create user profiles when users sign in or attempt to reset their password with credentials that don't exist yet.", - "title": "UserMigration", + "ContentSecurityPolicy": { + "markdownDescription": "The policy directives and their values that CloudFront includes as values for the `Content-Security-Policy` HTTP response header.", + "title": "ContentSecurityPolicy", "type": "string" }, - "VerifyAuthChallengeResponse": { - "markdownDescription": "The configuration of a verify auth challenge Lambda trigger, one of three triggers in the sequence of the [custom authentication challenge triggers](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-challenge.html) .", - "title": "VerifyAuthChallengeResponse", - "type": "string" + "Override": { + "markdownDescription": "A Boolean that determines whether CloudFront overrides the `Content-Security-Policy` HTTP response header received from the origin with the one specified in this response headers policy.", + "title": "Override", + "type": "boolean" } }, + "required": [ + "ContentSecurityPolicy", + "Override" + ], "type": "object" }, - "AWS::Cognito::UserPool.NumberAttributeConstraints": { + "AWS::CloudFront::ResponseHeadersPolicy.ContentTypeOptions": { "additionalProperties": false, "properties": { - "MaxValue": { - "markdownDescription": "The maximum length of a number attribute value. Must be a number less than or equal to `2^1023` , represented as a string with a length of 131072 characters or fewer.", - "title": "MaxValue", - "type": "string" - }, - "MinValue": { - "markdownDescription": "The minimum value of an attribute that is of the number data type.", - "title": "MinValue", - "type": "string" + "Override": { + "markdownDescription": "A Boolean that determines whether CloudFront overrides the `X-Content-Type-Options` HTTP response header received from the origin with the one specified in this response headers policy.", + "title": "Override", + "type": "boolean" } }, + "required": [ + "Override" + ], "type": "object" }, - "AWS::Cognito::UserPool.PasswordPolicy": { + "AWS::CloudFront::ResponseHeadersPolicy.CorsConfig": { "additionalProperties": false, "properties": { - "MinimumLength": { - "markdownDescription": "The minimum length of the password in the policy that you have set. This value can't be less than 6.", - "title": "MinimumLength", - "type": "number" - }, - "RequireLowercase": { - "markdownDescription": "The requirement in a password policy that users must include at least one lowercase letter in their password.", - "title": "RequireLowercase", + "AccessControlAllowCredentials": { + "markdownDescription": "A Boolean that CloudFront uses as the value for the `Access-Control-Allow-Credentials` HTTP response header.\n\nFor more information about the `Access-Control-Allow-Credentials` HTTP response header, see [Access-Control-Allow-Credentials](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials) in the MDN Web Docs.", + "title": "AccessControlAllowCredentials", "type": "boolean" }, - "RequireNumbers": { - "markdownDescription": "The requirement in a password policy that users must include at least one number in their password.", - "title": "RequireNumbers", - "type": "boolean" + "AccessControlAllowHeaders": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.AccessControlAllowHeaders", + "markdownDescription": "A list of HTTP header names that CloudFront includes as values for the `Access-Control-Allow-Headers` HTTP response header.\n\nFor more information about the `Access-Control-Allow-Headers` HTTP response header, see [Access-Control-Allow-Headers](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Headers) in the MDN Web Docs.", + "title": "AccessControlAllowHeaders" }, - "RequireSymbols": { - "markdownDescription": "The requirement in a password policy that users must include at least one symbol in their password.", - "title": "RequireSymbols", - "type": "boolean" + "AccessControlAllowMethods": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.AccessControlAllowMethods", + "markdownDescription": "A list of HTTP methods that CloudFront includes as values for the `Access-Control-Allow-Methods` HTTP response header.\n\nFor more information about the `Access-Control-Allow-Methods` HTTP response header, see [Access-Control-Allow-Methods](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Methods) in the MDN Web Docs.", + "title": "AccessControlAllowMethods" }, - "RequireUppercase": { - "markdownDescription": "The requirement in a password policy that users must include at least one uppercase letter in their password.", - "title": "RequireUppercase", - "type": "boolean" + "AccessControlAllowOrigins": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.AccessControlAllowOrigins", + "markdownDescription": "A list of origins (domain names) that CloudFront can use as the value for the `Access-Control-Allow-Origin` HTTP response header.\n\nFor more information about the `Access-Control-Allow-Origin` HTTP response header, see [Access-Control-Allow-Origin](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin) in the MDN Web Docs.", + "title": "AccessControlAllowOrigins" }, - "TemporaryPasswordValidityDays": { - "markdownDescription": "The number of days a temporary password is valid in the password policy. If the user doesn't sign in during this time, an administrator must reset their password. Defaults to `7` . If you submit a value of `0` , Amazon Cognito treats it as a null value and sets `TemporaryPasswordValidityDays` to its default value.\n\n> When you set `TemporaryPasswordValidityDays` for a user pool, you can no longer set a value for the legacy `UnusedAccountValidityDays` parameter in that user pool.", - "title": "TemporaryPasswordValidityDays", + "AccessControlExposeHeaders": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.AccessControlExposeHeaders", + "markdownDescription": "A list of HTTP headers that CloudFront includes as values for the `Access-Control-Expose-Headers` HTTP response header.\n\nFor more information about the `Access-Control-Expose-Headers` HTTP response header, see [Access-Control-Expose-Headers](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Expose-Headers) in the MDN Web Docs.", + "title": "AccessControlExposeHeaders" + }, + "AccessControlMaxAgeSec": { + "markdownDescription": "A number that CloudFront uses as the value for the `Access-Control-Max-Age` HTTP response header.\n\nFor more information about the `Access-Control-Max-Age` HTTP response header, see [Access-Control-Max-Age](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Max-Age) in the MDN Web Docs.", + "title": "AccessControlMaxAgeSec", "type": "number" + }, + "OriginOverride": { + "markdownDescription": "A Boolean that determines whether CloudFront overrides HTTP response headers received from the origin with the ones specified in this response headers policy.", + "title": "OriginOverride", + "type": "boolean" } }, + "required": [ + "AccessControlAllowCredentials", + "AccessControlAllowHeaders", + "AccessControlAllowMethods", + "AccessControlAllowOrigins", + "OriginOverride" + ], "type": "object" }, - "AWS::Cognito::UserPool.Policies": { - "additionalProperties": false, - "properties": { - "PasswordPolicy": { - "$ref": "#/definitions/AWS::Cognito::UserPool.PasswordPolicy", - "markdownDescription": "The password policy settings for a user pool, including complexity, history, and length requirements.", - "title": "PasswordPolicy" - } - }, - "type": "object" - }, - "AWS::Cognito::UserPool.PreTokenGenerationConfig": { + "AWS::CloudFront::ResponseHeadersPolicy.CustomHeader": { "additionalProperties": false, "properties": { - "LambdaArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the function that you want to assign to your Lambda trigger.\n\nThis parameter and the `PreTokenGeneration` property of `LambdaConfig` have the same value. For new instances of pre token generation triggers, set `LambdaArn` .", - "title": "LambdaArn", + "Header": { + "markdownDescription": "The HTTP response header name.", + "title": "Header", "type": "string" }, - "LambdaVersion": { - "markdownDescription": "The user pool trigger version of the request that Amazon Cognito sends to your Lambda function. Higher-numbered versions add fields that support new features.", - "title": "LambdaVersion", + "Override": { + "markdownDescription": "A Boolean that determines whether CloudFront overrides a response header with the same name received from the origin with the header specified here.", + "title": "Override", + "type": "boolean" + }, + "Value": { + "markdownDescription": "The value for the HTTP response header.", + "title": "Value", "type": "string" } }, + "required": [ + "Header", + "Override", + "Value" + ], "type": "object" }, - "AWS::Cognito::UserPool.RecoveryOption": { + "AWS::CloudFront::ResponseHeadersPolicy.CustomHeadersConfig": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The recovery method that this object sets a recovery option for.", - "title": "Name", - "type": "string" - }, - "Priority": { - "markdownDescription": "Your priority preference for using the specified attribute in account recovery. The highest priority is `1` .", - "title": "Priority", - "type": "number" + "Items": { + "items": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.CustomHeader" + }, + "markdownDescription": "The list of HTTP response headers and their values.", + "title": "Items", + "type": "array" } }, + "required": [ + "Items" + ], "type": "object" }, - "AWS::Cognito::UserPool.SchemaAttribute": { + "AWS::CloudFront::ResponseHeadersPolicy.FrameOptions": { "additionalProperties": false, "properties": { - "AttributeDataType": { - "markdownDescription": "The data format of the values for your attribute. When you choose an `AttributeDataType` , Amazon Cognito validates the input against the data type. A custom attribute value in your user's ID token is always a string, for example `\"custom:isMember\" : \"true\"` or `\"custom:YearsAsMember\" : \"12\"` .", - "title": "AttributeDataType", - "type": "string" - }, - "DeveloperOnlyAttribute": { - "markdownDescription": "> You should use [WriteAttributes](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UserPoolClientType.html#CognitoUserPools-Type-UserPoolClientType-WriteAttributes) in the user pool client to control how attributes can be mutated for new use cases instead of using `DeveloperOnlyAttribute` . \n\nSpecifies whether the attribute type is developer only. This attribute can only be modified by an administrator. Users won't be able to modify this attribute using their access token. For example, `DeveloperOnlyAttribute` can be modified using AdminUpdateUserAttributes but can't be updated using UpdateUserAttributes.", - "title": "DeveloperOnlyAttribute", - "type": "boolean" - }, - "Mutable": { - "markdownDescription": "Specifies whether the value of the attribute can be changed.\n\nAny user pool attribute whose value you map from an IdP attribute must be mutable, with a parameter value of `true` . Amazon Cognito updates mapped attributes when users sign in to your application through an IdP. If an attribute is immutable, Amazon Cognito throws an error when it attempts to update the attribute. For more information, see [Specifying Identity Provider Attribute Mappings for Your User Pool](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-specifying-attribute-mapping.html) .", - "title": "Mutable", - "type": "boolean" - }, - "Name": { - "markdownDescription": "The name of your user pool attribute. When you create or update a user pool, adding a schema attribute creates a custom or developer-only attribute. When you add an attribute with a `Name` value of `MyAttribute` , Amazon Cognito creates the custom attribute `custom:MyAttribute` . When `DeveloperOnlyAttribute` is `true` , Amazon Cognito creates your attribute as `dev:MyAttribute` . In an operation that describes a user pool, Amazon Cognito returns this value as `value` for standard attributes, `custom:value` for custom attributes, and `dev:value` for developer-only attributes..", - "title": "Name", + "FrameOption": { + "markdownDescription": "The value of the `X-Frame-Options` HTTP response header. Valid values are `DENY` and `SAMEORIGIN` .\n\nFor more information about these values, see [X-Frame-Options](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options) in the MDN Web Docs.", + "title": "FrameOption", "type": "string" }, - "NumberAttributeConstraints": { - "$ref": "#/definitions/AWS::Cognito::UserPool.NumberAttributeConstraints", - "markdownDescription": "Specifies the constraints for an attribute of the number type.", - "title": "NumberAttributeConstraints" - }, - "Required": { - "markdownDescription": "Specifies whether a user pool attribute is required. If the attribute is required and the user doesn't provide a value, registration or sign-in will fail.", - "title": "Required", + "Override": { + "markdownDescription": "A Boolean that determines whether CloudFront overrides the `X-Frame-Options` HTTP response header received from the origin with the one specified in this response headers policy.", + "title": "Override", "type": "boolean" - }, - "StringAttributeConstraints": { - "$ref": "#/definitions/AWS::Cognito::UserPool.StringAttributeConstraints", - "markdownDescription": "Specifies the constraints for an attribute of the string type.", - "title": "StringAttributeConstraints" } }, + "required": [ + "FrameOption", + "Override" + ], "type": "object" }, - "AWS::Cognito::UserPool.SmsConfiguration": { + "AWS::CloudFront::ResponseHeadersPolicy.ReferrerPolicy": { "additionalProperties": false, "properties": { - "ExternalId": { - "markdownDescription": "The external ID provides additional security for your IAM role. You can use an `ExternalId` with the IAM role that you use with Amazon SNS to send SMS messages for your user pool. If you provide an `ExternalId` , your Amazon Cognito user pool includes it in the request to assume your IAM role. You can configure the role trust policy to require that Amazon Cognito, and any principal, provide the `ExternalID` . If you use the Amazon Cognito Management Console to create a role for SMS multi-factor authentication (MFA), Amazon Cognito creates a role with the required permissions and a trust policy that demonstrates use of the `ExternalId` .\n\nFor more information about the `ExternalId` of a role, see [How to use an external ID when granting access to your AWS resources to a third party](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user_externalid.html) .", - "title": "ExternalId", - "type": "string" - }, - "SnsCallerArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS caller. This is the ARN of the IAM role in your AWS account that Amazon Cognito will use to send SMS messages. SMS messages are subject to a [spending limit](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html) .", - "title": "SnsCallerArn", - "type": "string" + "Override": { + "markdownDescription": "A Boolean that determines whether CloudFront overrides the `Referrer-Policy` HTTP response header received from the origin with the one specified in this response headers policy.", + "title": "Override", + "type": "boolean" }, - "SnsRegion": { - "markdownDescription": "The AWS Region to use with Amazon SNS integration. You can choose the same Region as your user pool, or a supported *Legacy Amazon SNS alternate Region* .\n\nAmazon Cognito resources in the Asia Pacific (Seoul) AWS Region must use your Amazon SNS configuration in the Asia Pacific (Tokyo) Region. For more information, see [SMS message settings for Amazon Cognito user pools](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html) .", - "title": "SnsRegion", + "ReferrerPolicy": { + "markdownDescription": "The value of the `Referrer-Policy` HTTP response header. Valid values are:\n\n- `no-referrer`\n- `no-referrer-when-downgrade`\n- `origin`\n- `origin-when-cross-origin`\n- `same-origin`\n- `strict-origin`\n- `strict-origin-when-cross-origin`\n- `unsafe-url`\n\nFor more information about these values, see [Referrer-Policy](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy) in the MDN Web Docs.", + "title": "ReferrerPolicy", "type": "string" } }, + "required": [ + "Override", + "ReferrerPolicy" + ], "type": "object" }, - "AWS::Cognito::UserPool.StringAttributeConstraints": { + "AWS::CloudFront::ResponseHeadersPolicy.RemoveHeader": { "additionalProperties": false, "properties": { - "MaxLength": { - "markdownDescription": "The maximum length of a string attribute value. Must be a number less than or equal to `2^1023` , represented as a string with a length of 131072 characters or fewer.", - "title": "MaxLength", - "type": "string" - }, - "MinLength": { - "markdownDescription": "The minimum length of a string attribute value.", - "title": "MinLength", + "Header": { + "markdownDescription": "The HTTP header name.", + "title": "Header", "type": "string" } }, + "required": [ + "Header" + ], "type": "object" }, - "AWS::Cognito::UserPool.UserAttributeUpdateSettings": { + "AWS::CloudFront::ResponseHeadersPolicy.RemoveHeadersConfig": { "additionalProperties": false, "properties": { - "AttributesRequireVerificationBeforeUpdate": { + "Items": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.RemoveHeader" }, - "markdownDescription": "Requires that your user verifies their email address, phone number, or both before Amazon Cognito updates the value of that attribute. When you update a user attribute that has this option activated, Amazon Cognito sends a verification message to the new phone number or email address. Amazon Cognito doesn\u2019t change the value of the attribute until your user responds to the verification message and confirms the new value.\n\nWhen `AttributesRequireVerificationBeforeUpdate` is false, your user pool doesn't require that your users verify attribute changes before Amazon Cognito updates them. In a user pool where `AttributesRequireVerificationBeforeUpdate` is false, API operations that change attribute values can immediately update a user\u2019s `email` or `phone_number` attribute.", - "title": "AttributesRequireVerificationBeforeUpdate", + "markdownDescription": "The list of HTTP header names.", + "title": "Items", "type": "array" } }, "required": [ - "AttributesRequireVerificationBeforeUpdate" + "Items" ], "type": "object" }, - "AWS::Cognito::UserPool.UserPoolAddOns": { + "AWS::CloudFront::ResponseHeadersPolicy.ResponseHeadersPolicyConfig": { "additionalProperties": false, "properties": { - "AdvancedSecurityMode": { - "markdownDescription": "The operating mode of threat protection for standard authentication types in your user pool, including username-password and secure remote password (SRP) authentication.", - "title": "AdvancedSecurityMode", + "Comment": { + "markdownDescription": "A comment to describe the response headers policy.\n\nThe comment cannot be longer than 128 characters.", + "title": "Comment", + "type": "string" + }, + "CorsConfig": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.CorsConfig", + "markdownDescription": "A configuration for a set of HTTP response headers that are used for cross-origin resource sharing (CORS).", + "title": "CorsConfig" + }, + "CustomHeadersConfig": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.CustomHeadersConfig", + "markdownDescription": "A configuration for a set of custom HTTP response headers.", + "title": "CustomHeadersConfig" + }, + "Name": { + "markdownDescription": "A name to identify the response headers policy.\n\nThe name must be unique for response headers policies in this AWS account .", + "title": "Name", "type": "string" + }, + "RemoveHeadersConfig": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.RemoveHeadersConfig", + "markdownDescription": "A configuration for a set of HTTP headers to remove from the HTTP response.", + "title": "RemoveHeadersConfig" + }, + "SecurityHeadersConfig": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.SecurityHeadersConfig", + "markdownDescription": "A configuration for a set of security-related HTTP response headers.", + "title": "SecurityHeadersConfig" + }, + "ServerTimingHeadersConfig": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.ServerTimingHeadersConfig", + "markdownDescription": "A configuration for enabling the `Server-Timing` header in HTTP responses sent from CloudFront.", + "title": "ServerTimingHeadersConfig" } }, + "required": [ + "Name" + ], "type": "object" }, - "AWS::Cognito::UserPool.UsernameConfiguration": { + "AWS::CloudFront::ResponseHeadersPolicy.SecurityHeadersConfig": { "additionalProperties": false, "properties": { - "CaseSensitive": { - "markdownDescription": "Specifies whether user name case sensitivity will be applied for all users in the user pool through Amazon Cognito APIs. For most use cases, set case sensitivity to `False` (case insensitive) as a best practice. When usernames and email addresses are case insensitive, users can sign in as the same user when they enter a different capitalization of their user name.\n\nValid values include:\n\n- **true** - Enables case sensitivity for all username input. When this option is set to `true` , users must sign in using the exact capitalization of their given username, such as \u201cUserName\u201d. This is the default value.\n- **false** - Enables case insensitivity for all username input. For example, when this option is set to `false` , users can sign in using `username` , `USERNAME` , or `UserName` . This option also enables both `preferred_username` and `email` alias to be case insensitive, in addition to the `username` attribute.", - "title": "CaseSensitive", + "ContentSecurityPolicy": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.ContentSecurityPolicy", + "markdownDescription": "The policy directives and their values that CloudFront includes as values for the `Content-Security-Policy` HTTP response header.\n\nFor more information about the `Content-Security-Policy` HTTP response header, see [Content-Security-Policy](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy) in the MDN Web Docs.", + "title": "ContentSecurityPolicy" + }, + "ContentTypeOptions": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.ContentTypeOptions", + "markdownDescription": "Determines whether CloudFront includes the `X-Content-Type-Options` HTTP response header with its value set to `nosniff` .\n\nFor more information about the `X-Content-Type-Options` HTTP response header, see [X-Content-Type-Options](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options) in the MDN Web Docs.", + "title": "ContentTypeOptions" + }, + "FrameOptions": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.FrameOptions", + "markdownDescription": "Determines whether CloudFront includes the `X-Frame-Options` HTTP response header and the header's value.\n\nFor more information about the `X-Frame-Options` HTTP response header, see [X-Frame-Options](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options) in the MDN Web Docs.", + "title": "FrameOptions" + }, + "ReferrerPolicy": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.ReferrerPolicy", + "markdownDescription": "Determines whether CloudFront includes the `Referrer-Policy` HTTP response header and the header's value.\n\nFor more information about the `Referrer-Policy` HTTP response header, see [Referrer-Policy](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy) in the MDN Web Docs.", + "title": "ReferrerPolicy" + }, + "StrictTransportSecurity": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.StrictTransportSecurity", + "markdownDescription": "Determines whether CloudFront includes the `Strict-Transport-Security` HTTP response header and the header's value.\n\nFor more information about the `Strict-Transport-Security` HTTP response header, see [Security headers](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/understanding-response-headers-policies.html#understanding-response-headers-policies-security) in the *Amazon CloudFront Developer Guide* and [Strict-Transport-Security](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security) in the MDN Web Docs.", + "title": "StrictTransportSecurity" + }, + "XSSProtection": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.XSSProtection", + "markdownDescription": "Determines whether CloudFront includes the `X-XSS-Protection` HTTP response header and the header's value.\n\nFor more information about the `X-XSS-Protection` HTTP response header, see [X-XSS-Protection](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection) in the MDN Web Docs.", + "title": "XSSProtection" + } + }, + "type": "object" + }, + "AWS::CloudFront::ResponseHeadersPolicy.ServerTimingHeadersConfig": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "A Boolean that determines whether CloudFront adds the `Server-Timing` header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.", + "title": "Enabled", "type": "boolean" + }, + "SamplingRate": { + "markdownDescription": "A number 0\u2013100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the `Server-Timing` header to. When you set the sampling rate to 100, CloudFront adds the `Server-Timing` header to the HTTP response for every request that matches the cache behavior that this response headers policy is attached to. When you set it to 50, CloudFront adds the header to 50% of the responses for requests that match the cache behavior. You can set the sampling rate to any number 0\u2013100 with up to four decimal places.", + "title": "SamplingRate", + "type": "number" } }, + "required": [ + "Enabled" + ], "type": "object" }, - "AWS::Cognito::UserPool.VerificationMessageTemplate": { + "AWS::CloudFront::ResponseHeadersPolicy.StrictTransportSecurity": { "additionalProperties": false, "properties": { - "DefaultEmailOption": { - "markdownDescription": "The configuration of verification emails to contain a clickable link or a verification code.\n\nFor link, your template body must contain link text in the format `{##Click here##}` . \"Click here\" in the example is a customizable string. For code, your template body must contain a code placeholder in the format `{####}` .", - "title": "DefaultEmailOption", - "type": "string" + "AccessControlMaxAgeSec": { + "markdownDescription": "A number that CloudFront uses as the value for the `max-age` directive in the `Strict-Transport-Security` HTTP response header.", + "title": "AccessControlMaxAgeSec", + "type": "number" }, - "EmailMessage": { - "markdownDescription": "The template for email messages that Amazon Cognito sends to your users. You can set an `EmailMessage` template only if the value of [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` . When your [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` , your user pool sends email messages with your own Amazon SES configuration.", - "title": "EmailMessage", - "type": "string" + "IncludeSubdomains": { + "markdownDescription": "A Boolean that determines whether CloudFront includes the `includeSubDomains` directive in the `Strict-Transport-Security` HTTP response header.", + "title": "IncludeSubdomains", + "type": "boolean" }, - "EmailMessageByLink": { - "markdownDescription": "The email message template for sending a confirmation link to the user. You can set an `EmailMessageByLink` template only if the value of [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` . When your [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` , your user pool sends email messages with your own Amazon SES configuration.", - "title": "EmailMessageByLink", - "type": "string" + "Override": { + "markdownDescription": "A Boolean that determines whether CloudFront overrides the `Strict-Transport-Security` HTTP response header received from the origin with the one specified in this response headers policy.", + "title": "Override", + "type": "boolean" }, - "EmailSubject": { - "markdownDescription": "The subject line for the email message template. You can set an `EmailSubject` template only if the value of [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` . When your [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` , your user pool sends email messages with your own Amazon SES configuration.", - "title": "EmailSubject", - "type": "string" + "Preload": { + "markdownDescription": "A Boolean that determines whether CloudFront includes the `preload` directive in the `Strict-Transport-Security` HTTP response header.", + "title": "Preload", + "type": "boolean" + } + }, + "required": [ + "AccessControlMaxAgeSec", + "Override" + ], + "type": "object" + }, + "AWS::CloudFront::ResponseHeadersPolicy.XSSProtection": { + "additionalProperties": false, + "properties": { + "ModeBlock": { + "markdownDescription": "A Boolean that determines whether CloudFront includes the `mode=block` directive in the `X-XSS-Protection` header.\n\nFor more information about this directive, see [X-XSS-Protection](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection) in the MDN Web Docs.", + "title": "ModeBlock", + "type": "boolean" }, - "EmailSubjectByLink": { - "markdownDescription": "The subject line for the email message template for sending a confirmation link to the user. You can set an `EmailSubjectByLink` template only if the value of [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` . When your [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` , your user pool sends email messages with your own Amazon SES configuration.", - "title": "EmailSubjectByLink", - "type": "string" + "Override": { + "markdownDescription": "A Boolean that determines whether CloudFront overrides the `X-XSS-Protection` HTTP response header received from the origin with the one specified in this response headers policy.", + "title": "Override", + "type": "boolean" }, - "SmsMessage": { - "markdownDescription": "The template for SMS messages that Amazon Cognito sends to your users.", - "title": "SmsMessage", + "Protection": { + "markdownDescription": "A Boolean that determines the value of the `X-XSS-Protection` HTTP response header. When this setting is `true` , the value of the `X-XSS-Protection` header is `1` . When this setting is `false` , the value of the `X-XSS-Protection` header is `0` .\n\nFor more information about these settings, see [X-XSS-Protection](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection) in the MDN Web Docs.", + "title": "Protection", + "type": "boolean" + }, + "ReportUri": { + "markdownDescription": "A reporting URI, which CloudFront uses as the value of the `report` directive in the `X-XSS-Protection` header.\n\nYou cannot specify a `ReportUri` when `ModeBlock` is `true` .\n\nFor more information about using a reporting URL, see [X-XSS-Protection](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection) in the MDN Web Docs.", + "title": "ReportUri", "type": "string" } }, + "required": [ + "Override", + "Protection" + ], "type": "object" }, - "AWS::Cognito::UserPoolClient": { + "AWS::CloudFront::StreamingDistribution": { "additionalProperties": false, "properties": { "Condition": { @@ -46355,149 +52198,29 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessTokenValidity": { - "markdownDescription": "The access token time limit. After this limit expires, your user can't use their access token. To specify the time unit for `AccessTokenValidity` as `seconds` , `minutes` , `hours` , or `days` , set a `TokenValidityUnits` value in your API request.\n\nFor example, when you set `AccessTokenValidity` to `10` and `TokenValidityUnits` to `hours` , your user can authorize access with\ntheir access token for 10 hours.\n\nThe default time unit for `AccessTokenValidity` in an API request is hours. *Valid range* is displayed below in seconds.\n\nIf you don't specify otherwise in the configuration of your app client, your access\ntokens are valid for one hour.", - "title": "AccessTokenValidity", - "type": "number" - }, - "AllowedOAuthFlows": { - "items": { - "type": "string" - }, - "markdownDescription": "The OAuth grant types that you want your app client to generate for clients in managed login authentication. To create an app client that generates client credentials grants, you must add `client_credentials` as the only allowed OAuth flow.\n\n- **code** - Use a code grant flow, which provides an authorization code as the response. This code can be exchanged for access tokens with the `/oauth2/token` endpoint.\n- **implicit** - Issue the access token, and the ID token when scopes like `openid` and `profile` are requested, directly to your user.\n- **client_credentials** - Issue the access token from the `/oauth2/token` endpoint directly to a non-person user, authorized by a combination of the client ID and client secret.", - "title": "AllowedOAuthFlows", - "type": "array" - }, - "AllowedOAuthFlowsUserPoolClient": { - "markdownDescription": "Set to `true` to use OAuth 2.0 authorization server features in your app client.\n\nThis parameter must have a value of `true` before you can configure the following features in your app client.\n\n- `CallBackURLs` : Callback URLs.\n- `LogoutURLs` : Sign-out redirect URLs.\n- `AllowedOAuthScopes` : OAuth 2.0 scopes.\n- `AllowedOAuthFlows` : Support for authorization code, implicit, and client credentials OAuth 2.0 grants.\n\nTo use authorization server features, configure one of these features in the Amazon Cognito console or set `AllowedOAuthFlowsUserPoolClient` to `true` in a `CreateUserPoolClient` or `UpdateUserPoolClient` API request. If you don't set a value for `AllowedOAuthFlowsUserPoolClient` in a request with the AWS CLI or SDKs, it defaults to `false` . When `false` , only SDK-based API sign-in is permitted.", - "title": "AllowedOAuthFlowsUserPoolClient", - "type": "boolean" - }, - "AllowedOAuthScopes": { - "items": { - "type": "string" - }, - "markdownDescription": "The OAuth, OpenID Connect (OIDC), and custom scopes that you want to permit your app client to authorize access with. Scopes govern access control to user pool self-service API operations, user data from the `userInfo` endpoint, and third-party APIs. Scope values include `phone` , `email` , `openid` , and `profile` . The `aws.cognito.signin.user.admin` scope authorizes user self-service operations. Custom scopes with resource servers authorize access to external APIs.", - "title": "AllowedOAuthScopes", - "type": "array" - }, - "AnalyticsConfiguration": { - "$ref": "#/definitions/AWS::Cognito::UserPoolClient.AnalyticsConfiguration", - "markdownDescription": "The user pool analytics configuration for collecting metrics and sending them to your Amazon Pinpoint campaign.\n\nIn AWS Regions where Amazon Pinpoint isn't available, user pools might not have access to analytics or might be configurable with campaigns in the US East (N. Virginia) Region. For more information, see [Using Amazon Pinpoint analytics](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-pinpoint-integration.html) .", - "title": "AnalyticsConfiguration" - }, - "AuthSessionValidity": { - "markdownDescription": "Amazon Cognito creates a session token for each API request in an authentication flow. `AuthSessionValidity` is the duration, in minutes, of that session token. Your user pool native user must respond to each authentication challenge before the session expires.", - "title": "AuthSessionValidity", - "type": "number" - }, - "CallbackURLs": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of allowed redirect, or callback, URLs for managed login authentication. These URLs are the paths where you want to send your users' browsers after they complete authentication with managed login or a third-party IdP. Typically, callback URLs are the home of an application that uses OAuth or OIDC libraries to process authentication outcomes.\n\nA redirect URI must meet the following requirements:\n\n- Be an absolute URI.\n- Be registered with the authorization server. Amazon Cognito doesn't accept authorization requests with `redirect_uri` values that aren't in the list of `CallbackURLs` that you provide in this parameter.\n- Not include a fragment component.\n\nSee [OAuth 2.0 - Redirection Endpoint](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6749#section-3.1.2) .\n\nAmazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only.\n\nApp callback URLs such as myapp://example are also supported.", - "title": "CallbackURLs", - "type": "array" - }, - "ClientName": { - "markdownDescription": "A friendly name for the app client that you want to create.", - "title": "ClientName", - "type": "string" - }, - "DefaultRedirectURI": { - "markdownDescription": "The default redirect URI. In app clients with one assigned IdP, replaces `redirect_uri` in authentication requests. Must be in the `CallbackURLs` list.", - "title": "DefaultRedirectURI", - "type": "string" - }, - "EnablePropagateAdditionalUserContextData": { - "markdownDescription": "When `true` , your application can include additional `UserContextData` in authentication requests. This data includes the IP address, and contributes to analysis by threat protection features. For more information about propagation of user context data, see [Adding session data to API requests](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-adaptive-authentication.html#user-pool-settings-adaptive-authentication-device-fingerprint) . If you don\u2019t include this parameter, you can't send the source IP address to Amazon Cognito threat protection features. You can only activate `EnablePropagateAdditionalUserContextData` in an app client that has a client secret.", - "title": "EnablePropagateAdditionalUserContextData", - "type": "boolean" - }, - "EnableTokenRevocation": { - "markdownDescription": "Activates or deactivates token revocation.\n\nIf you don't include this parameter, token revocation is automatically activated for the new user pool client.", - "title": "EnableTokenRevocation", - "type": "boolean" - }, - "ExplicitAuthFlows": { - "items": { - "type": "string" - }, - "markdownDescription": "The [authentication flows](https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-authentication-flow-methods.html) that you want your user pool client to support. For each app client in your user pool, you can sign in your users with any combination of one or more flows, including with a user name and Secure Remote Password (SRP), a user name and password, or a custom authentication process that you define with Lambda functions.\n\n> If you don't specify a value for `ExplicitAuthFlows` , your app client supports `ALLOW_REFRESH_TOKEN_AUTH` , `ALLOW_USER_SRP_AUTH` , and `ALLOW_CUSTOM_AUTH` . \n\nThe values for authentication flow options include the following.\n\n- `ALLOW_USER_AUTH` : Enable selection-based sign-in with `USER_AUTH` . This setting covers username-password, secure remote password (SRP), passwordless, and passkey authentication. This authentiation flow can do username-password and SRP authentication without other `ExplicitAuthFlows` permitting them. For example users can complete an SRP challenge through `USER_AUTH` without the flow `USER_SRP_AUTH` being active for the app client. This flow doesn't include `CUSTOM_AUTH` .\n\nTo activate this setting, your user pool must be in the [Essentials tier](https://docs.aws.amazon.com/cognito/latest/developerguide/feature-plans-features-essentials.html) or higher.\n- `ALLOW_ADMIN_USER_PASSWORD_AUTH` : Enable admin based user password authentication flow `ADMIN_USER_PASSWORD_AUTH` . This setting replaces the `ADMIN_NO_SRP_AUTH` setting. With this authentication flow, your app passes a user name and password to Amazon Cognito in the request, instead of using the Secure Remote Password (SRP) protocol to securely transmit the password.\n- `ALLOW_CUSTOM_AUTH` : Enable Lambda trigger based authentication.\n- `ALLOW_USER_PASSWORD_AUTH` : Enable user password-based authentication. In this flow, Amazon Cognito receives the password in the request instead of using the SRP protocol to verify passwords.\n- `ALLOW_USER_SRP_AUTH` : Enable SRP-based authentication.\n- `ALLOW_REFRESH_TOKEN_AUTH` : Enable authflow to refresh tokens.\n\nIn some environments, you will see the values `ADMIN_NO_SRP_AUTH` , `CUSTOM_AUTH_FLOW_ONLY` , or `USER_PASSWORD_AUTH` . You can't assign these legacy `ExplicitAuthFlows` values to user pool clients at the same time as values that begin with `ALLOW_` ,\nlike `ALLOW_USER_SRP_AUTH` .", - "title": "ExplicitAuthFlows", - "type": "array" - }, - "GenerateSecret": { - "markdownDescription": "When `true` , generates a client secret for the app client. Client secrets are used with server-side and machine-to-machine applications. Client secrets are automatically generated; you can't specify a secret value. For more information, see [App client types](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-client-apps.html#user-pool-settings-client-app-client-types) .", - "title": "GenerateSecret", - "type": "boolean" - }, - "IdTokenValidity": { - "markdownDescription": "The ID token time limit. After this limit expires, your user can't use their ID token. To specify the time unit for `IdTokenValidity` as `seconds` , `minutes` , `hours` , or `days` , set a `TokenValidityUnits` value in your API request.\n\nFor example, when you set `IdTokenValidity` as `10` and `TokenValidityUnits` as `hours` , your user can authenticate their session with their ID token for 10 hours.\n\nThe default time unit for `IdTokenValidity` in an API request is hours. *Valid range* is displayed below in seconds.\n\nIf you don't specify otherwise in the configuration of your app client, your ID\ntokens are valid for one hour.", - "title": "IdTokenValidity", - "type": "number" - }, - "LogoutURLs": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of allowed logout URLs for managed login authentication. When you pass `logout_uri` and `client_id` parameters to `/logout` , Amazon Cognito signs out your user and redirects them to the logout URL. This parameter describes the URLs that you want to be the permitted targets of `logout_uri` . A typical use of these URLs is when a user selects \"Sign out\" and you redirect them to your public homepage. For more information, see [Logout endpoint](https://docs.aws.amazon.com/cognito/latest/developerguide/logout-endpoint.html) .", - "title": "LogoutURLs", - "type": "array" - }, - "PreventUserExistenceErrors": { - "markdownDescription": "Errors and responses that you want Amazon Cognito APIs to return during authentication, account confirmation, and password recovery when the user doesn't exist in the user pool. When set to `ENABLED` and the user doesn't exist, authentication returns an error indicating either the username or password was incorrect. Account confirmation and password recovery return a response indicating a code was sent to a simulated destination. When set to `LEGACY` , those APIs return a `UserNotFoundException` exception if the user doesn't exist in the user pool.\n\nValid values include:\n\n- `ENABLED` - This prevents user existence-related errors.\n- `LEGACY` - This represents the early behavior of Amazon Cognito where user existence related errors aren't prevented.\n\nDefaults to `LEGACY` when you don't provide a value.", - "title": "PreventUserExistenceErrors", - "type": "string" - }, - "ReadAttributes": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of user attributes that you want your app client to have read access to. After your user authenticates in your app, their access token authorizes them to read their own attribute value for any attribute in this list. An example of this kind of activity is when your user selects a link to view their profile information.\n\nWhen you don't specify the `ReadAttributes` for your app client, your app can read the values of `email_verified` , `phone_number_verified` , and the Standard attributes of your user pool. When your user pool app client has read access to these default attributes, `ReadAttributes` doesn't return any information. Amazon Cognito only populates `ReadAttributes` in the API response if you have specified your own custom set of read attributes.", - "title": "ReadAttributes", - "type": "array" - }, - "RefreshTokenValidity": { - "markdownDescription": "The refresh token time limit. After this limit expires, your user can't use their refresh token. To specify the time unit for `RefreshTokenValidity` as `seconds` , `minutes` , `hours` , or `days` , set a `TokenValidityUnits` value in your API request.\n\nFor example, when you set `RefreshTokenValidity` as `10` and `TokenValidityUnits` as `days` , your user can refresh their session\nand retrieve new access and ID tokens for 10 days.\n\nThe default time unit for `RefreshTokenValidity` in an API request is days. You can't set `RefreshTokenValidity` to 0. If you do, Amazon Cognito overrides the value with the default value of 30 days. *Valid range* is displayed below in seconds.\n\nIf you don't specify otherwise in the configuration of your app client, your refresh\ntokens are valid for 30 days.", - "title": "RefreshTokenValidity", - "type": "number" - }, - "SupportedIdentityProviders": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of provider names for the identity providers (IdPs) that are supported on this client. The following are supported: `COGNITO` , `Facebook` , `Google` , `SignInWithApple` , and `LoginWithAmazon` . You can also specify the names that you configured for the SAML and OIDC IdPs in your user pool, for example `MySAMLIdP` or `MyOIDCIdP` .\n\nThis parameter sets the IdPs that [managed login](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-managed-login.html) will display on the login page for your app client. The removal of `COGNITO` from this list doesn't prevent authentication operations for local users with the user pools API in an AWS SDK. The only way to prevent SDK-based authentication is to block access with a [AWS WAF rule](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-waf.html) .", - "title": "SupportedIdentityProviders", - "type": "array" - }, - "TokenValidityUnits": { - "$ref": "#/definitions/AWS::Cognito::UserPoolClient.TokenValidityUnits", - "markdownDescription": "The units that validity times are represented in. The default unit for refresh tokens is days, and the default for ID and access tokens are hours.", - "title": "TokenValidityUnits" - }, - "UserPoolId": { - "markdownDescription": "The ID of the user pool where you want to create an app client.", - "title": "UserPoolId", - "type": "string" + "StreamingDistributionConfig": { + "$ref": "#/definitions/AWS::CloudFront::StreamingDistribution.StreamingDistributionConfig", + "markdownDescription": "The current configuration information for the RTMP distribution.", + "title": "StreamingDistributionConfig" }, - "WriteAttributes": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The list of user attributes that you want your app client to have write access to. After your user authenticates in your app, their access token authorizes them to set or modify their own attribute value for any attribute in this list.\n\nWhen you don't specify the `WriteAttributes` for your app client, your app can write the values of the Standard attributes of your user pool. When your user pool has write access to these default attributes, `WriteAttributes` doesn't return any information. Amazon Cognito only populates `WriteAttributes` in the API response if you have specified your own custom set of write attributes.\n\nIf your app client allows users to sign in through an IdP, this array must include all attributes that you have mapped to IdP attributes. Amazon Cognito updates mapped attributes when users sign in to your application through an IdP. If your app client does not have write access to a mapped attribute, Amazon Cognito throws an error when it tries to update the attribute. For more information, see [Specifying IdP Attribute Mappings for Your user pool](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-specifying-attribute-mapping.html) .", - "title": "WriteAttributes", + "markdownDescription": "A complex type that contains zero or more `Tag` elements.", + "title": "Tags", "type": "array" } }, "required": [ - "UserPoolId" + "StreamingDistributionConfig", + "Tags" ], "type": "object" }, "Type": { "enum": [ - "AWS::Cognito::UserPoolClient" + "AWS::CloudFront::StreamingDistribution" ], "type": "string" }, @@ -46516,148 +52239,125 @@ ], "type": "object" }, - "AWS::Cognito::UserPoolClient.AnalyticsConfiguration": { + "AWS::CloudFront::StreamingDistribution.Logging": { "additionalProperties": false, "properties": { - "ApplicationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an Amazon Pinpoint project that you want to connect to your user pool app client. Amazon Cognito publishes events to the Amazon Pinpoint project that `ApplicationArn` declares. You can also configure your application to pass an endpoint ID in the `AnalyticsMetadata` parameter of sign-in operations. The endpoint ID is information about the destination for push notifications", - "title": "ApplicationArn", - "type": "string" - }, - "ApplicationId": { - "markdownDescription": "Your Amazon Pinpoint project ID.", - "title": "ApplicationId", + "Bucket": { + "markdownDescription": "The Amazon S3 bucket to store the access logs in, for example, `amzn-s3-demo-bucket.s3.amazonaws.com` .", + "title": "Bucket", "type": "string" }, - "ExternalId": { - "markdownDescription": "The [external ID](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user_externalid.html) of the role that Amazon Cognito assumes to send analytics data to Amazon Pinpoint.", - "title": "ExternalId", - "type": "string" + "Enabled": { + "markdownDescription": "Specifies whether you want CloudFront to save access logs to an Amazon S3 bucket. If you don't want to enable logging when you create a streaming distribution or if you want to disable logging for an existing streaming distribution, specify `false` for `Enabled` , and specify `empty Bucket` and `Prefix` elements. If you specify `false` for `Enabled` but you specify values for `Bucket` and `Prefix` , the values are automatically deleted.", + "title": "Enabled", + "type": "boolean" }, - "RoleArn": { - "markdownDescription": "The ARN of an AWS Identity and Access Management role that has the permissions required for Amazon Cognito to publish events to Amazon Pinpoint analytics.", - "title": "RoleArn", + "Prefix": { + "markdownDescription": "An optional string that you want CloudFront to prefix to the access log filenames for this streaming distribution, for example, `myprefix/` . If you want to enable logging, but you don't want to specify a prefix, you still must include an empty `Prefix` element in the `Logging` element.", + "title": "Prefix", "type": "string" - }, - "UserDataShared": { - "markdownDescription": "If `UserDataShared` is `true` , Amazon Cognito includes user data in the events that it publishes to Amazon Pinpoint analytics.", - "title": "UserDataShared", - "type": "boolean" } }, + "required": [ + "Bucket", + "Enabled", + "Prefix" + ], "type": "object" }, - "AWS::Cognito::UserPoolClient.TokenValidityUnits": { + "AWS::CloudFront::StreamingDistribution.S3Origin": { "additionalProperties": false, "properties": { - "AccessToken": { - "markdownDescription": "A time unit for the value that you set in the `AccessTokenValidity` parameter. The default `AccessTokenValidity` time unit is `hours` . `AccessTokenValidity` duration can range from five minutes to one day.", - "title": "AccessToken", - "type": "string" - }, - "IdToken": { - "markdownDescription": "A time unit for the value that you set in the `IdTokenValidity` parameter. The default `IdTokenValidity` time unit is `hours` . `IdTokenValidity` duration can range from five minutes to one day.", - "title": "IdToken", + "DomainName": { + "markdownDescription": "The DNS name of the Amazon S3 origin.", + "title": "DomainName", "type": "string" }, - "RefreshToken": { - "markdownDescription": "A time unit for the value that you set in the `RefreshTokenValidity` parameter. The default `RefreshTokenValidity` time unit is `days` . `RefreshTokenValidity` duration can range from 60 minutes to 10 years.", - "title": "RefreshToken", + "OriginAccessIdentity": { + "markdownDescription": "The CloudFront origin access identity to associate with the distribution. Use an origin access identity to configure the distribution so that end users can only access objects in an Amazon S3 bucket through CloudFront.\n\nIf you want end users to be able to access objects using either the CloudFront URL or the Amazon S3 URL, specify an empty `OriginAccessIdentity` element.\n\nTo delete the origin access identity from an existing distribution, update the distribution configuration and include an empty `OriginAccessIdentity` element.\n\nTo replace the origin access identity, update the distribution configuration and specify the new origin access identity.\n\nFor more information, see [Using an Origin Access Identity to Restrict Access to Your Amazon S3 Content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginAccessIdentity", "type": "string" } }, + "required": [ + "DomainName", + "OriginAccessIdentity" + ], "type": "object" }, - "AWS::Cognito::UserPoolDomain": { + "AWS::CloudFront::StreamingDistribution.StreamingDistributionConfig": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Aliases": { + "items": { + "type": "string" + }, + "markdownDescription": "A complex type that contains information about CNAMEs (alternate domain names), if any, for this streaming distribution.", + "title": "Aliases", + "type": "array" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Comment": { + "markdownDescription": "Any comments you want to include about the streaming distribution.", + "title": "Comment", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "Enabled": { + "markdownDescription": "Whether the streaming distribution is enabled to accept user requests for content.", + "title": "Enabled", + "type": "boolean" }, - "Properties": { - "additionalProperties": false, - "properties": { - "CustomDomainConfig": { - "$ref": "#/definitions/AWS::Cognito::UserPoolDomain.CustomDomainConfigType", - "markdownDescription": "The configuration for a custom domain that hosts the sign-up and sign-in pages for your application. Use this object to specify an SSL certificate that is managed by ACM.\n\nWhen you create a custom domain, the passkey RP ID defaults to the custom domain. If you had a prefix domain active, this will cause passkey integration for your prefix domain to stop working due to a mismatch in RP ID. To keep the prefix domain passkey integration working, you can explicitly set RP ID to the prefix domain.", - "title": "CustomDomainConfig" - }, - "Domain": { - "markdownDescription": "The name of the domain that you want to update. For custom domains, this is the fully-qualified domain name, for example `auth.example.com` . For prefix domains, this is the prefix alone, such as `myprefix` .", - "title": "Domain", - "type": "string" - }, - "UserPoolId": { - "markdownDescription": "The ID of the user pool that is associated with the domain you're updating.", - "title": "UserPoolId", - "type": "string" - } - }, - "required": [ - "Domain", - "UserPoolId" - ], - "type": "object" + "Logging": { + "$ref": "#/definitions/AWS::CloudFront::StreamingDistribution.Logging", + "markdownDescription": "A complex type that controls whether access logs are written for the streaming distribution.", + "title": "Logging" }, - "Type": { - "enum": [ - "AWS::Cognito::UserPoolDomain" - ], + "PriceClass": { + "markdownDescription": "A complex type that contains information about price class for this streaming distribution.", + "title": "PriceClass", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "S3Origin": { + "$ref": "#/definitions/AWS::CloudFront::StreamingDistribution.S3Origin", + "markdownDescription": "A complex type that contains information about the Amazon S3 bucket from which you want CloudFront to get your media files for distribution.", + "title": "S3Origin" + }, + "TrustedSigners": { + "$ref": "#/definitions/AWS::CloudFront::StreamingDistribution.TrustedSigners", + "markdownDescription": "A complex type that specifies any AWS accounts that you want to permit to create signed URLs for private content. If you want the distribution to use signed URLs, include this element; if you want the distribution to use public URLs, remove this element. For more information, see [Serving Private Content through CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", + "title": "TrustedSigners" } }, "required": [ - "Type", - "Properties" + "Comment", + "Enabled", + "S3Origin", + "TrustedSigners" ], "type": "object" }, - "AWS::Cognito::UserPoolDomain.CustomDomainConfigType": { + "AWS::CloudFront::StreamingDistribution.TrustedSigners": { "additionalProperties": false, "properties": { - "CertificateArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Certificate Manager SSL certificate. You use this certificate for the subdomain of your custom domain.", - "title": "CertificateArn", - "type": "string" + "AwsAccountNumbers": { + "items": { + "type": "string" + }, + "markdownDescription": "An AWS account number that contains active CloudFront key pairs that CloudFront can use to verify the signatures of signed URLs and signed cookies. If the AWS account that owns the key pairs is the same account that owns the CloudFront distribution, the value of this field is `self` .", + "title": "AwsAccountNumbers", + "type": "array" + }, + "Enabled": { + "markdownDescription": "This field is `true` if any of the AWS accounts in the list are configured as trusted signers. If not, this field is `false` .", + "title": "Enabled", + "type": "boolean" } }, + "required": [ + "Enabled" + ], "type": "object" }, - "AWS::Cognito::UserPoolGroup": { + "AWS::CloudFront::VpcOrigin": { "additionalProperties": false, "properties": { "Condition": { @@ -46692,40 +52392,28 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the group that you're creating.", - "title": "Description", - "type": "string" - }, - "GroupName": { - "markdownDescription": "A name for the group. This name must be unique in your user pool.", - "title": "GroupName", - "type": "string" - }, - "Precedence": { - "markdownDescription": "A non-negative integer value that specifies the precedence of this group relative to the other groups that a user can belong to in the user pool. Zero is the highest precedence value. Groups with lower `Precedence` values take precedence over groups with higher or null `Precedence` values. If a user belongs to two or more groups, it is the group with the lowest precedence value whose role ARN is given in the user's tokens for the `cognito:roles` and `cognito:preferred_role` claims.\n\nTwo groups can have the same `Precedence` value. If this happens, neither group takes precedence over the other. If two groups with the same `Precedence` have the same role ARN, that role is used in the `cognito:preferred_role` claim in tokens for users in each group. If the two groups have different role ARNs, the `cognito:preferred_role` claim isn't set in users' tokens.\n\nThe default `Precedence` value is null. The maximum `Precedence` value is `2^31-1` .", - "title": "Precedence", - "type": "number" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the IAM role that you want to associate with the group. A group role primarily declares a preferred role for the credentials that you get from an identity pool. Amazon Cognito ID tokens have a `cognito:preferred_role` claim that presents the highest-precedence group that a user belongs to. Both ID and access tokens also contain a `cognito:groups` claim that list all the groups that a user is a member of.", - "title": "RoleArn", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A complex type that contains zero or more `Tag` elements.", + "title": "Tags", + "type": "array" }, - "UserPoolId": { - "markdownDescription": "The ID of the user pool where you want to create a user group.", - "title": "UserPoolId", - "type": "string" + "VpcOriginEndpointConfig": { + "$ref": "#/definitions/AWS::CloudFront::VpcOrigin.VpcOriginEndpointConfig", + "markdownDescription": "The VPC origin endpoint configuration.", + "title": "VpcOriginEndpointConfig" } }, "required": [ - "UserPoolId" + "VpcOriginEndpointConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::Cognito::UserPoolGroup" + "AWS::CloudFront::VpcOrigin" ], "type": "string" }, @@ -46744,7 +52432,50 @@ ], "type": "object" }, - "AWS::Cognito::UserPoolIdentityProvider": { + "AWS::CloudFront::VpcOrigin.VpcOriginEndpointConfig": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The ARN of the CloudFront VPC origin endpoint configuration.", + "title": "Arn", + "type": "string" + }, + "HTTPPort": { + "markdownDescription": "The HTTP port for the CloudFront VPC origin endpoint configuration. The default value is `80` .", + "title": "HTTPPort", + "type": "number" + }, + "HTTPSPort": { + "markdownDescription": "The HTTPS port of the CloudFront VPC origin endpoint configuration. The default value is `443` .", + "title": "HTTPSPort", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of the CloudFront VPC origin endpoint configuration.", + "title": "Name", + "type": "string" + }, + "OriginProtocolPolicy": { + "markdownDescription": "The origin protocol policy for the CloudFront VPC origin endpoint configuration.", + "title": "OriginProtocolPolicy", + "type": "string" + }, + "OriginSSLProtocols": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the minimum SSL/TLS protocol that CloudFront uses when connecting to your origin over HTTPS. Valid values include `SSLv3` , `TLSv1` , `TLSv1.1` , and `TLSv1.2` .\n\nFor more information, see [Minimum Origin SSL Protocol](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DownloadDistValuesOrigin.html#DownloadDistValuesOriginSSLProtocols) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginSSLProtocols", + "type": "array" + } + }, + "required": [ + "Arn", + "Name" + ], + "type": "object" + }, + "AWS::CloudTrail::Channel": { "additionalProperties": false, "properties": { "Condition": { @@ -46779,50 +52510,38 @@ "Properties": { "additionalProperties": false, "properties": { - "AttributeMapping": { - "markdownDescription": "A mapping of IdP attributes to standard and custom user pool attributes. Specify a user pool attribute as the key of the key-value pair, and the IdP attribute claim name as the value.", - "title": "AttributeMapping", - "type": "object" - }, - "IdpIdentifiers": { + "Destinations": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::CloudTrail::Channel.Destination" }, - "markdownDescription": "An array of IdP identifiers, for example `\"IdPIdentifiers\": [ \"MyIdP\", \"MyIdP2\" ]` . Identifiers are friendly names that you can pass in the `idp_identifier` query parameter of requests to the [Authorize endpoint](https://docs.aws.amazon.com/cognito/latest/developerguide/authorization-endpoint.html) to silently redirect to sign-in with the associated IdP. Identifiers in a domain format also enable the use of [email-address matching with SAML providers](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-managing-saml-idp-naming.html) .", - "title": "IdpIdentifiers", + "markdownDescription": "One or more event data stores to which events arriving through a channel will be logged.", + "title": "Destinations", "type": "array" }, - "ProviderDetails": { - "markdownDescription": "The scopes, URLs, and identifiers for your external identity provider. The following\nexamples describe the provider detail keys for each IdP type. These values and their\nschema are subject to change. Social IdP `authorize_scopes` values must match\nthe values listed here.\n\n- **OpenID Connect (OIDC)** - Amazon Cognito accepts the following elements when it can't discover endpoint URLs from `oidc_issuer` : `attributes_url` , `authorize_url` , `jwks_uri` , `token_url` .\n\nCreate or update request: `\"ProviderDetails\": { \"attributes_request_method\": \"GET\", \"attributes_url\": \"https://auth.example.com/userInfo\", \"authorize_scopes\": \"openid profile email\", \"authorize_url\": \"https://auth.example.com/authorize\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"jwks_uri\": \"https://auth.example.com/.well-known/jwks.json\", \"oidc_issuer\": \"https://auth.example.com\", \"token_url\": \"https://example.com/token\" }`\n\nDescribe response: `\"ProviderDetails\": { \"attributes_request_method\": \"GET\", \"attributes_url\": \"https://auth.example.com/userInfo\", \"attributes_url_add_attributes\": \"false\", \"authorize_scopes\": \"openid profile email\", \"authorize_url\": \"https://auth.example.com/authorize\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"jwks_uri\": \"https://auth.example.com/.well-known/jwks.json\", \"oidc_issuer\": \"https://auth.example.com\", \"token_url\": \"https://example.com/token\" }`\n- **SAML** - Create or update request with Metadata URL: `\"ProviderDetails\": { \"IDPInit\": \"true\", \"IDPSignout\": \"true\", \"EncryptedResponses\" : \"true\", \"MetadataURL\": \"https://auth.example.com/sso/saml/metadata\", \"RequestSigningAlgorithm\": \"rsa-sha256\" }`\n\nCreate or update request with Metadata file: `\"ProviderDetails\": { \"IDPInit\": \"true\", \"IDPSignout\": \"true\", \"EncryptedResponses\" : \"true\", \"MetadataFile\": \"[metadata XML]\", \"RequestSigningAlgorithm\": \"rsa-sha256\" }`\n\nThe value of `MetadataFile` must be the plaintext metadata document with all quote (\") characters escaped by backslashes.\n\nDescribe response: `\"ProviderDetails\": { \"IDPInit\": \"true\", \"IDPSignout\": \"true\", \"EncryptedResponses\" : \"true\", \"ActiveEncryptionCertificate\": \"[certificate]\", \"MetadataURL\": \"https://auth.example.com/sso/saml/metadata\", \"RequestSigningAlgorithm\": \"rsa-sha256\", \"SLORedirectBindingURI\": \"https://auth.example.com/slo/saml\", \"SSORedirectBindingURI\": \"https://auth.example.com/sso/saml\" }`\n- **LoginWithAmazon** - Create or update request: `\"ProviderDetails\": { \"authorize_scopes\": \"profile postal_code\", \"client_id\": \"amzn1.application-oa2-client.1example23456789\", \"client_secret\": \"provider-app-client-secret\"`\n\nDescribe response: `\"ProviderDetails\": { \"attributes_url\": \"https://api.amazon.com/user/profile\", \"attributes_url_add_attributes\": \"false\", \"authorize_scopes\": \"profile postal_code\", \"authorize_url\": \"https://www.amazon.com/ap/oa\", \"client_id\": \"amzn1.application-oa2-client.1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"token_request_method\": \"POST\", \"token_url\": \"https://api.amazon.com/auth/o2/token\" }`\n- **Google** - Create or update request: `\"ProviderDetails\": { \"authorize_scopes\": \"email profile openid\", \"client_id\": \"1example23456789.apps.googleusercontent.com\", \"client_secret\": \"provider-app-client-secret\" }`\n\nDescribe response: `\"ProviderDetails\": { \"attributes_url\": \"https://people.googleapis.com/v1/people/me?personFields=\", \"attributes_url_add_attributes\": \"true\", \"authorize_scopes\": \"email profile openid\", \"authorize_url\": \"https://accounts.google.com/o/oauth2/v2/auth\", \"client_id\": \"1example23456789.apps.googleusercontent.com\", \"client_secret\": \"provider-app-client-secret\", \"oidc_issuer\": \"https://accounts.google.com\", \"token_request_method\": \"POST\", \"token_url\": \"https://www.googleapis.com/oauth2/v4/token\" }`\n- **SignInWithApple** - Create or update request: `\"ProviderDetails\": { \"authorize_scopes\": \"email name\", \"client_id\": \"com.example.cognito\", \"private_key\": \"1EXAMPLE\", \"key_id\": \"2EXAMPLE\", \"team_id\": \"3EXAMPLE\" }`\n\nDescribe response: `\"ProviderDetails\": { \"attributes_url_add_attributes\": \"false\", \"authorize_scopes\": \"email name\", \"authorize_url\": \"https://appleid.apple.com/auth/authorize\", \"client_id\": \"com.example.cognito\", \"key_id\": \"1EXAMPLE\", \"oidc_issuer\": \"https://appleid.apple.com\", \"team_id\": \"2EXAMPLE\", \"token_request_method\": \"POST\", \"token_url\": \"https://appleid.apple.com/auth/token\" }`\n- **Facebook** - Create or update request: `\"ProviderDetails\": { \"api_version\": \"v17.0\", \"authorize_scopes\": \"public_profile, email\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\" }`\n\nDescribe response: `\"ProviderDetails\": { \"api_version\": \"v17.0\", \"attributes_url\": \"https://graph.facebook.com/v17.0/me?fields=\", \"attributes_url_add_attributes\": \"true\", \"authorize_scopes\": \"public_profile, email\", \"authorize_url\": \"https://www.facebook.com/v17.0/dialog/oauth\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"token_request_method\": \"GET\", \"token_url\": \"https://graph.facebook.com/v17.0/oauth/access_token\" }`", - "title": "ProviderDetails", - "type": "object" - }, - "ProviderName": { - "markdownDescription": "The name that you want to assign to the IdP. You can pass the identity provider name in the `identity_provider` query parameter of requests to the [Authorize endpoint](https://docs.aws.amazon.com/cognito/latest/developerguide/authorization-endpoint.html) to silently redirect to sign-in with the associated IdP.", - "title": "ProviderName", + "Name": { + "markdownDescription": "The name of the channel.", + "title": "Name", "type": "string" }, - "ProviderType": { - "markdownDescription": "The type of IdP that you want to add. Amazon Cognito supports OIDC, SAML 2.0, Login With Amazon, Sign In With Apple, Google, and Facebook IdPs.", - "title": "ProviderType", + "Source": { + "markdownDescription": "The name of the partner or external event source. You cannot change this name after you create the channel. A maximum of one channel is allowed per source.\n\nA source can be either `Custom` for all valid non- AWS events, or the name of a partner event source. For information about the source names for available partners, see [Additional information about integration partners](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-event-data-store-integration.html#cloudtrail-lake-partner-information) in the CloudTrail User Guide.", + "title": "Source", "type": "string" }, - "UserPoolId": { - "markdownDescription": "The Id of the user pool where you want to create an IdP.", - "title": "UserPoolId", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags.", + "title": "Tags", + "type": "array" } }, - "required": [ - "ProviderName", - "ProviderType", - "UserPoolId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Cognito::UserPoolIdentityProvider" + "AWS::CloudTrail::Channel" ], "type": "string" }, @@ -46836,12 +52555,31 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Cognito::UserPoolResourceServer": { + "AWS::CloudTrail::Channel.Destination": { + "additionalProperties": false, + "properties": { + "Location": { + "markdownDescription": "For channels used for a CloudTrail Lake integration, the location is the ARN of an event data store that receives events from a channel. For service-linked channels, the location is the name of the AWS service.", + "title": "Location", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of destination for events arriving from a channel. For channels used for a CloudTrail Lake integration, the value is `EVENT_DATA_STORE` . For service-linked channels, the value is `AWS_SERVICE` .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Location", + "Type" + ], + "type": "object" + }, + "AWS::CloudTrail::Dashboard": { "additionalProperties": false, "properties": { "Condition": { @@ -46876,40 +52614,43 @@ "Properties": { "additionalProperties": false, "properties": { - "Identifier": { - "markdownDescription": "A unique resource server identifier for the resource server. The identifier can be an API friendly name like `solar-system-data` . You can also set an API URL like `https://solar-system-data-api.example.com` as your identifier.\n\nAmazon Cognito represents scopes in the access token in the format `$resource-server-identifier/$scope` . Longer scope-identifier strings increase the size of your access tokens.", - "title": "Identifier", - "type": "string" - }, "Name": { - "markdownDescription": "A friendly name for the resource server.", + "markdownDescription": "The name of the dashboard. The name must be unique to your account.\n\nTo create the Highlights dashboard, the name must be `AWSCloudTrail-Highlights` .", "title": "Name", "type": "string" }, - "Scopes": { + "RefreshSchedule": { + "$ref": "#/definitions/AWS::CloudTrail::Dashboard.RefreshSchedule", + "markdownDescription": "The schedule for a dashboard refresh.", + "title": "RefreshSchedule" + }, + "Tags": { "items": { - "$ref": "#/definitions/AWS::Cognito::UserPoolResourceServer.ResourceServerScopeType" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of scopes. Each scope is a map with keys `ScopeName` and `ScopeDescription` .", - "title": "Scopes", + "markdownDescription": "A list of tags.", + "title": "Tags", "type": "array" }, - "UserPoolId": { - "markdownDescription": "The ID of the user pool where you want to create a resource server.", - "title": "UserPoolId", - "type": "string" + "TerminationProtectionEnabled": { + "markdownDescription": "Specifies whether termination protection is enabled for the dashboard. If termination protection is enabled, you cannot delete the dashboard until termination protection is disabled.", + "title": "TerminationProtectionEnabled", + "type": "boolean" + }, + "Widgets": { + "items": { + "$ref": "#/definitions/AWS::CloudTrail::Dashboard.Widget" + }, + "markdownDescription": "An array of widgets for a custom dashboard. A custom dashboard can have a maximum of ten widgets.\n\nYou do not need to specify widgets for the Highlights dashboard.", + "title": "Widgets", + "type": "array" } }, - "required": [ - "Identifier", - "Name", - "UserPoolId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Cognito::UserPoolResourceServer" + "AWS::CloudTrail::Dashboard" ], "type": "string" }, @@ -46923,32 +52664,85 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Cognito::UserPoolResourceServer.ResourceServerScopeType": { + "AWS::CloudTrail::Dashboard.Frequency": { "additionalProperties": false, "properties": { - "ScopeDescription": { - "markdownDescription": "A friendly description of a custom scope.", - "title": "ScopeDescription", + "Unit": { + "markdownDescription": "The unit to use for the refresh.\n\nFor custom dashboards, the unit can be `HOURS` or `DAYS` .\n\nFor the Highlights dashboard, the `Unit` must be `HOURS` .", + "title": "Unit", "type": "string" }, - "ScopeName": { - "markdownDescription": "The name of the scope. Amazon Cognito renders custom scopes in the format `resourceServerIdentifier/ScopeName` . For example, if this parameter is `exampleScope` in the resource server with the identifier `exampleResourceServer` , you request and receive the scope `exampleResourceServer/exampleScope` .", - "title": "ScopeName", + "Value": { + "markdownDescription": "The value for the refresh schedule.\n\nFor custom dashboards, the following values are valid when the unit is `HOURS` : `1` , `6` , `12` , `24`\n\nFor custom dashboards, the only valid value when the unit is `DAYS` is `1` .\n\nFor the Highlights dashboard, the `Value` must be `6` .", + "title": "Value", + "type": "number" + } + }, + "required": [ + "Unit", + "Value" + ], + "type": "object" + }, + "AWS::CloudTrail::Dashboard.RefreshSchedule": { + "additionalProperties": false, + "properties": { + "Frequency": { + "$ref": "#/definitions/AWS::CloudTrail::Dashboard.Frequency", + "markdownDescription": "The frequency at which you want the dashboard refreshed.", + "title": "Frequency" + }, + "Status": { + "markdownDescription": "Specifies whether the refresh schedule is enabled. Set the value to `ENABLED` to enable the refresh schedule, or to `DISABLED` to turn off the refresh schedule.", + "title": "Status", "type": "string" + }, + "TimeOfDay": { + "markdownDescription": "The time of day in UTC to run the schedule; for hourly only refer to minutes; default is 00:00.", + "title": "TimeOfDay", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CloudTrail::Dashboard.Widget": { + "additionalProperties": false, + "properties": { + "QueryParameters": { + "items": { + "type": "string" + }, + "markdownDescription": "The optional query parameters. The following query parameters are valid: `$StartTime$` , `$EndTime$` , and `$Period$` .", + "title": "QueryParameters", + "type": "array" + }, + "QueryStatement": { + "markdownDescription": "The query statement for the widget. For custom dashboard widgets, you can query across multiple event data stores as long as all event data stores exist in your account.\n\n> When a query uses `?` with `eventTime` , `?` must be surrounded by single quotes as follows: `'?'` .", + "title": "QueryStatement", + "type": "string" + }, + "ViewProperties": { + "additionalProperties": true, + "markdownDescription": "The view properties for the widget. For more information about view properties, see [View properties for widgets](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/lake-widget-properties.html) in the *AWS CloudTrail User Guide* .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "ViewProperties", + "type": "object" } }, "required": [ - "ScopeDescription", - "ScopeName" + "QueryStatement" ], "type": "object" }, - "AWS::Cognito::UserPoolRiskConfigurationAttachment": { + "AWS::CloudTrail::EventDataStore": { "additionalProperties": false, "properties": { "Condition": { @@ -46983,41 +52777,104 @@ "Properties": { "additionalProperties": false, "properties": { - "AccountTakeoverRiskConfiguration": { - "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverRiskConfigurationType", - "markdownDescription": "The settings for automated responses and notification templates for adaptive authentication with threat protection.", - "title": "AccountTakeoverRiskConfiguration" + "AdvancedEventSelectors": { + "items": { + "$ref": "#/definitions/AWS::CloudTrail::EventDataStore.AdvancedEventSelector" + }, + "markdownDescription": "The advanced event selectors to use to select the events for the data store. You can configure up to five advanced event selectors for each event data store.\n\nFor more information about how to use advanced event selectors to log CloudTrail events, see [Log events by using advanced event selectors](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#creating-data-event-selectors-advanced) in the CloudTrail User Guide.\n\nFor more information about how to use advanced event selectors to include AWS Config configuration items in your event data store, see [Create an event data store for AWS Config configuration items](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/lake-eds-cli.html#lake-cli-create-eds-config) in the CloudTrail User Guide.\n\nFor more information about how to use advanced event selectors to include events outside of AWS events in your event data store, see [Create an integration to log events from outside AWS](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/lake-integrations-cli.html#lake-cli-create-integration) in the CloudTrail User Guide.", + "title": "AdvancedEventSelectors", + "type": "array" }, - "ClientId": { - "markdownDescription": "The app client where this configuration is applied. When this parameter isn't present, the risk configuration applies to all user pool app clients that don't have client-level settings.", - "title": "ClientId", + "BillingMode": { + "markdownDescription": "The billing mode for the event data store determines the cost for ingesting events and the default and maximum retention period for the event data store.\n\nThe following are the possible values:\n\n- `EXTENDABLE_RETENTION_PRICING` - This billing mode is generally recommended if you want a flexible retention period of up to 3653 days (about 10 years). The default retention period for this billing mode is 366 days.\n- `FIXED_RETENTION_PRICING` - This billing mode is recommended if you expect to ingest more than 25 TB of event data per month and need a retention period of up to 2557 days (about 7 years). The default retention period for this billing mode is 2557 days.\n\nThe default value is `EXTENDABLE_RETENTION_PRICING` .\n\nFor more information about CloudTrail pricing, see [AWS CloudTrail Pricing](https://docs.aws.amazon.com/cloudtrail/pricing/) and [Managing CloudTrail Lake costs](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-lake-manage-costs.html) .", + "title": "BillingMode", "type": "string" }, - "CompromisedCredentialsRiskConfiguration": { - "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.CompromisedCredentialsRiskConfigurationType", - "markdownDescription": "Settings for compromised-credentials actions and authentication types with threat protection in full-function `ENFORCED` mode.", - "title": "CompromisedCredentialsRiskConfiguration" + "ContextKeySelectors": { + "items": { + "$ref": "#/definitions/AWS::CloudTrail::EventDataStore.ContextKeySelector" + }, + "markdownDescription": "The list of context key selectors that are configured for the event data store.", + "title": "ContextKeySelectors", + "type": "array" }, - "RiskExceptionConfiguration": { - "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.RiskExceptionConfigurationType", - "markdownDescription": "Exceptions to the risk evaluation configuration, including always-allow and always-block IP address ranges.", - "title": "RiskExceptionConfiguration" + "FederationEnabled": { + "markdownDescription": "Indicates if [Lake query federation](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-federation.html) is enabled. By default, Lake query federation is disabled. You cannot delete an event data store if Lake query federation is enabled.", + "title": "FederationEnabled", + "type": "boolean" }, - "UserPoolId": { - "markdownDescription": "The ID of the user pool that has the risk configuration applied.", - "title": "UserPoolId", + "FederationRoleArn": { + "markdownDescription": "If Lake query federation is enabled, provides the ARN of the federation role used to access the resources for the federated event data store.\n\nThe federation role must exist in your account and provide the [required minimum permissions](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-federation.html#query-federation-permissions-role) .", + "title": "FederationRoleArn", + "type": "string" + }, + "IngestionEnabled": { + "markdownDescription": "Specifies whether the event data store should start ingesting live events. The default is true.", + "title": "IngestionEnabled", + "type": "boolean" + }, + "InsightSelectors": { + "items": { + "$ref": "#/definitions/AWS::CloudTrail::EventDataStore.InsightSelector" + }, + "markdownDescription": "A JSON string that contains the Insights types you want to log on an event data store. `ApiCallRateInsight` and `ApiErrorRateInsight` are valid Insight types.\n\nThe `ApiCallRateInsight` Insights type analyzes write-only management API calls that are aggregated per minute against a baseline API call volume.\n\nThe `ApiErrorRateInsight` Insights type analyzes management API calls that result in error codes. The error is shown if the API call is unsuccessful.", + "title": "InsightSelectors", + "type": "array" + }, + "InsightsDestination": { + "markdownDescription": "The ARN (or ID suffix of the ARN) of the destination event data store that logs Insights events. For more information, see [Create an event data store for CloudTrail Insights events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-event-data-store-insights.html) .", + "title": "InsightsDestination", + "type": "string" + }, + "KmsKeyId": { + "markdownDescription": "Specifies the AWS KMS key ID to use to encrypt the events delivered by CloudTrail. The value can be an alias name prefixed by `alias/` , a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.\n\n> Disabling or deleting the KMS key, or removing CloudTrail permissions on the key, prevents CloudTrail from logging events to the event data store, and prevents users from querying the data in the event data store that was encrypted with the key. After you associate an event data store with a KMS key, the KMS key cannot be removed or changed. Before you disable or delete a KMS key that you are using with an event data store, delete or back up your event data store. \n\nCloudTrail also supports AWS KMS multi-Region keys. For more information about multi-Region keys, see [Using multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the *AWS Key Management Service Developer Guide* .\n\nExamples:\n\n- `alias/MyAliasName`\n- `arn:aws:kms:us-east-2:123456789012:alias/MyAliasName`\n- `arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012`\n- `12345678-1234-1234-1234-123456789012`", + "title": "KmsKeyId", + "type": "string" + }, + "MaxEventSize": { + "markdownDescription": "The maximum allowed size for events to be stored in the specified event data store. If you are using context key selectors, MaxEventSize must be set to Large.", + "title": "MaxEventSize", "type": "string" + }, + "MultiRegionEnabled": { + "markdownDescription": "Specifies whether the event data store includes events from all Regions, or only from the Region in which the event data store is created.", + "title": "MultiRegionEnabled", + "type": "boolean" + }, + "Name": { + "markdownDescription": "The name of the event data store.", + "title": "Name", + "type": "string" + }, + "OrganizationEnabled": { + "markdownDescription": "Specifies whether an event data store collects events logged for an organization in AWS Organizations .", + "title": "OrganizationEnabled", + "type": "boolean" + }, + "RetentionPeriod": { + "markdownDescription": "The retention period of the event data store, in days. If `BillingMode` is set to `EXTENDABLE_RETENTION_PRICING` , you can set a retention period of up to 3653 days, the equivalent of 10 years. If `BillingMode` is set to `FIXED_RETENTION_PRICING` , you can set a retention period of up to 2557 days, the equivalent of seven years.\n\nCloudTrail Lake determines whether to retain an event by checking if the `eventTime` of the event is within the specified retention period. For example, if you set a retention period of 90 days, CloudTrail will remove events when the `eventTime` is older than 90 days.\n\n> If you plan to copy trail events to this event data store, we recommend that you consider both the age of the events that you want to copy as well as how long you want to keep the copied events in your event data store. For example, if you copy trail events that are 5 years old and specify a retention period of 7 years, the event data store will retain those events for two years.", + "title": "RetentionPeriod", + "type": "number" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags.", + "title": "Tags", + "type": "array" + }, + "TerminationProtectionEnabled": { + "markdownDescription": "Specifies whether termination protection is enabled for the event data store. If termination protection is enabled, you cannot delete the event data store until termination protection is disabled.", + "title": "TerminationProtectionEnabled", + "type": "boolean" } }, - "required": [ - "ClientId", - "UserPoolId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Cognito::UserPoolRiskConfigurationAttachment" + "AWS::CloudTrail::EventDataStore" ], "type": "string" }, @@ -47031,193 +52888,129 @@ } }, "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionType": { - "additionalProperties": false, - "properties": { - "EventAction": { - "markdownDescription": "The action to take for the attempted account takeover action for the associated risk level. Valid values are as follows:\n\n- `BLOCK` : Block the request.\n- `MFA_IF_CONFIGURED` : Present an MFA challenge if possible. MFA is possible if the user pool has active MFA methods that the user can set up. For example, if the user pool only supports SMS message MFA but the user doesn't have a phone number attribute, MFA setup isn't possible. If MFA setup isn't possible, allow the request.\n- `MFA_REQUIRED` : Present an MFA challenge if possible. Block the request if a user hasn't set up MFA. To sign in with required MFA, users must have an email address or phone number attribute, or a registered TOTP factor.\n- `NO_ACTION` : Take no action. Permit sign-in.", - "title": "EventAction", - "type": "string" - }, - "Notify": { - "markdownDescription": "Determines whether Amazon Cognito sends a user a notification message when your user pools assesses a user's session at the associated risk level.", - "title": "Notify", - "type": "boolean" - } - }, - "required": [ - "EventAction", - "Notify" + "Type" ], "type": "object" }, - "AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionsType": { - "additionalProperties": false, - "properties": { - "HighAction": { - "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionType", - "markdownDescription": "The action that you assign to a high-risk assessment by threat protection.", - "title": "HighAction" - }, - "LowAction": { - "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionType", - "markdownDescription": "The action that you assign to a low-risk assessment by threat protection.", - "title": "LowAction" - }, - "MediumAction": { - "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionType", - "markdownDescription": "The action that you assign to a medium-risk assessment by threat protection.", - "title": "MediumAction" - } - }, - "type": "object" - }, - "AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverRiskConfigurationType": { + "AWS::CloudTrail::EventDataStore.AdvancedEventSelector": { "additionalProperties": false, "properties": { - "Actions": { - "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionsType", - "markdownDescription": "A list of account-takeover actions for each level of risk that Amazon Cognito might assess with threat protection.", - "title": "Actions" + "FieldSelectors": { + "items": { + "$ref": "#/definitions/AWS::CloudTrail::EventDataStore.AdvancedFieldSelector" + }, + "markdownDescription": "Contains all selector statements in an advanced event selector.", + "title": "FieldSelectors", + "type": "array" }, - "NotifyConfiguration": { - "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyConfigurationType", - "markdownDescription": "The settings for composing and sending an email message when threat protection assesses a risk level with adaptive authentication. When you choose to notify users in `AccountTakeoverRiskConfiguration` , Amazon Cognito sends an email message using the method and template that you set with this data type.", - "title": "NotifyConfiguration" - } - }, - "required": [ - "Actions" - ], - "type": "object" - }, - "AWS::Cognito::UserPoolRiskConfigurationAttachment.CompromisedCredentialsActionsType": { - "additionalProperties": false, - "properties": { - "EventAction": { - "markdownDescription": "The action that Amazon Cognito takes when it detects compromised credentials.", - "title": "EventAction", + "Name": { + "markdownDescription": "An optional, descriptive name for an advanced event selector, such as \"Log data events for only two S3 buckets\".", + "title": "Name", "type": "string" } }, "required": [ - "EventAction" + "FieldSelectors" ], "type": "object" }, - "AWS::Cognito::UserPoolRiskConfigurationAttachment.CompromisedCredentialsRiskConfigurationType": { + "AWS::CloudTrail::EventDataStore.AdvancedFieldSelector": { "additionalProperties": false, "properties": { - "Actions": { - "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.CompromisedCredentialsActionsType", - "markdownDescription": "Settings for the actions that you want your user pool to take when Amazon Cognito detects compromised credentials.", - "title": "Actions" + "EndsWith": { + "items": { + "type": "string" + }, + "markdownDescription": "An operator that includes events that match the last few characters of the event record field specified as the value of `Field` .", + "title": "EndsWith", + "type": "array" }, - "EventFilter": { + "Equals": { "items": { "type": "string" }, - "markdownDescription": "Settings for the sign-in activity where you want to configure compromised-credentials actions. Defaults to all events.", - "title": "EventFilter", + "markdownDescription": "An operator that includes events that match the exact value of the event record field specified as the value of `Field` . This is the only valid operator that you can use with the `readOnly` , `eventCategory` , and `resources.type` fields.", + "title": "Equals", "type": "array" - } - }, - "required": [ - "Actions" - ], - "type": "object" - }, - "AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyConfigurationType": { - "additionalProperties": false, - "properties": { - "BlockEmail": { - "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyEmailType", - "markdownDescription": "The template for the email message that your user pool sends when a detected risk event is blocked.", - "title": "BlockEmail" }, - "From": { - "markdownDescription": "The email address that sends the email message. The address must be either individually verified with Amazon Simple Email Service, or from a domain that has been verified with Amazon SES.", - "title": "From", + "Field": { + "markdownDescription": "A field in a CloudTrail event record on which to filter events to be logged. For event data stores for CloudTrail Insights events, AWS Config configuration items, Audit Manager evidence, or events outside of AWS , the field is used only for selecting events as filtering is not supported.\n\nFor CloudTrail management events, supported fields include `eventCategory` (required), `eventSource` , and `readOnly` . The following additional fields are available for event data stores: `eventName` , `eventType` , `sessionCredentialFromConsole` , and `userIdentity.arn` .\n\nFor CloudTrail data events, supported fields include `eventCategory` (required), `eventName` , `eventSource` , `eventType` , `resources.type` (required), `readOnly` , `resources.ARN` , `sessionCredentialFromConsole` , and `userIdentity.arn` .\n\nFor CloudTrail network activity events, supported fields include `eventCategory` (required), `eventSource` (required), `eventName` , `errorCode` , and `vpcEndpointId` .\n\nFor event data stores for CloudTrail Insights events, AWS Config configuration items, Audit Manager evidence, or events outside of AWS , the only supported field is `eventCategory` .\n\n> Selectors don't support the use of wildcards like `*` . To match multiple values with a single condition, you may use `StartsWith` , `EndsWith` , `NotStartsWith` , or `NotEndsWith` to explicitly match the beginning or end of the event field. \n\n- *`readOnly`* - This is an optional field that is only used for management events and data events. This field can be set to `Equals` with a value of `true` or `false` . If you do not add this field, CloudTrail logs both `read` and `write` events. A value of `true` logs only `read` events. A value of `false` logs only `write` events.\n- *`eventSource`* - This field is only used for management events, data events, and network activity events.\n\nFor management events for trails, this is an optional field that can be set to `NotEquals` `kms.amazonaws.com` to exclude KMS management events, or `NotEquals` `rdsdata.amazonaws.com` to exclude RDS management events.\n\nFor data events for trails, this is an optional field that you can use to include or exclude any event source and can use any operator.\n\nFor management and data events for event data stores, this is an optional field that you can use to include or exclude any event source and can use any operator.\n\nFor network activity events, this is a required field that only uses the `Equals` operator. Set this field to the event source for which you want to log network activity events. If you want to log network activity events for multiple event sources, you must create a separate field selector for each event source. For a list of services supporting network activity events, see [Logging network activity events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-network-events-with-cloudtrail.html) in the *AWS CloudTrail User Guide* .\n- *`eventName`* - This is an optional field that is only used for data events, management events (for event data stores only), and network activity events. You can use any operator with `eventName` . You can use it to \ufb01lter in or \ufb01lter out specific events. You can have multiple values for this \ufb01eld, separated by commas.\n- *`eventCategory`* - This field is required and must be set to `Equals` .\n\n- For CloudTrail management events, the value must be `Management` .\n- For CloudTrail data events, the value must be `Data` .\n- For CloudTrail network activity events, the value must be `NetworkActivity` .\n\nThe following are used only for event data stores:\n\n- For CloudTrail Insights events, the value must be `Insight` .\n- For AWS Config configuration items, the value must be `ConfigurationItem` .\n- For Audit Manager evidence, the value must be `Evidence` .\n- For events outside of AWS , the value must be `ActivityAuditLog` .\n- *`eventType`* - For event data stores, this is an optional field available for event data stores to filter management and data events on the event type. For trails, this is an optional field to filter data events on the event type. For information about available event types, see [CloudTrail record contents](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-event-reference-record-contents.html#ct-event-type) in the *AWS CloudTrail user guide* .\n- *`errorCode`* - This \ufb01eld is only used to filter CloudTrail network activity events and is optional. This is the error code to filter on. Currently, the only valid `errorCode` is `VpceAccessDenied` . `errorCode` can only use the `Equals` operator.\n- *`sessionCredentialFromConsole`* - For event data stores, this is an optional field used to filter management and data events based on whether the events originated from an AWS Management Console session. For trails, this is an optional field used to filter data events. `sessionCredentialFromConsole` can only use the `Equals` and `NotEquals` operators.\n- *`resources.type`* - This \ufb01eld is required for CloudTrail data events. `resources.type` can only use the `Equals` operator.\n\nFor a list of available resource types for data events, see [Data events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#logging-data-events) in the *AWS CloudTrail User Guide* .\n\nYou can have only one `resources.type` \ufb01eld per selector. To log events on more than one resource type, add another selector.\n- *`resources.ARN`* - The `resources.ARN` is an optional field for data events. You can use any operator with `resources.ARN` , but if you use `Equals` or `NotEquals` , the value must exactly match the ARN of a valid resource of the type you've speci\ufb01ed in the template as the value of resources.type. To log all data events for all objects in a specific S3 bucket, use the `StartsWith` operator, and include only the bucket ARN as the matching value.\n\nFor more information about the ARN formats of data event resources, see [Actions, resources, and condition keys for AWS services](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html) in the *Service Authorization Reference* .\n\n> You can't use the `resources.ARN` field to filter resource types that do not have ARNs.\n- *`userIdentity.arn`* - For event data stores, this is an optional field used to filter management and data events for actions taken by specific IAM identities. For trails, this is an optional field used to filter data events. You can use any operator with `userIdentity.arn` . For more information on the userIdentity element, see [CloudTrail userIdentity element](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-event-reference-user-identity.html) in the *AWS CloudTrail User Guide* .\n- *`vpcEndpointId`* - This \ufb01eld is only used to filter CloudTrail network activity events and is optional. This field identifies the VPC endpoint that the request passed through. You can use any operator with `vpcEndpointId` .", + "title": "Field", "type": "string" }, - "MfaEmail": { - "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyEmailType", - "markdownDescription": "The template for the email message that your user pool sends when MFA is challenged in response to a detected risk.", - "title": "MfaEmail" + "NotEndsWith": { + "items": { + "type": "string" + }, + "markdownDescription": "An operator that excludes events that match the last few characters of the event record field specified as the value of `Field` .", + "title": "NotEndsWith", + "type": "array" }, - "NoActionEmail": { - "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyEmailType", - "markdownDescription": "The template for the email message that your user pool sends when no action is taken in response to a detected risk.", - "title": "NoActionEmail" + "NotEquals": { + "items": { + "type": "string" + }, + "markdownDescription": "An operator that excludes events that match the exact value of the event record field specified as the value of `Field` .", + "title": "NotEquals", + "type": "array" }, - "ReplyTo": { - "markdownDescription": "The reply-to email address of an email template.", - "title": "ReplyTo", - "type": "string" + "NotStartsWith": { + "items": { + "type": "string" + }, + "markdownDescription": "An operator that excludes events that match the first few characters of the event record field specified as the value of `Field` .", + "title": "NotStartsWith", + "type": "array" }, - "SourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the identity that is associated with the sending authorization policy. This identity permits Amazon Cognito to send for the email address specified in the `From` parameter.", - "title": "SourceArn", - "type": "string" + "StartsWith": { + "items": { + "type": "string" + }, + "markdownDescription": "An operator that includes events that match the first few characters of the event record field specified as the value of `Field` .", + "title": "StartsWith", + "type": "array" } }, "required": [ - "SourceArn" + "Field" ], "type": "object" }, - "AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyEmailType": { + "AWS::CloudTrail::EventDataStore.ContextKeySelector": { "additionalProperties": false, "properties": { - "HtmlBody": { - "markdownDescription": "The body of an email notification formatted in HTML. Choose an `HtmlBody` or a `TextBody` to send an HTML-formatted or plaintext message, respectively.", - "title": "HtmlBody", - "type": "string" - }, - "Subject": { - "markdownDescription": "The subject of the threat protection email notification.", - "title": "Subject", - "type": "string" + "Equals": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of keys defined by Type to be included in CloudTrail enriched events.", + "title": "Equals", + "type": "array" }, - "TextBody": { - "markdownDescription": "The body of an email notification formatted in plaintext. Choose an `HtmlBody` or a `TextBody` to send an HTML-formatted or plaintext message, respectively.", - "title": "TextBody", + "Type": { + "markdownDescription": "Specifies the type of the event record field in ContextKeySelector. Valid values include RequestContext, TagContext.", + "title": "Type", "type": "string" } }, "required": [ - "Subject" + "Equals", + "Type" ], "type": "object" }, - "AWS::Cognito::UserPoolRiskConfigurationAttachment.RiskExceptionConfigurationType": { + "AWS::CloudTrail::EventDataStore.InsightSelector": { "additionalProperties": false, "properties": { - "BlockedIPRangeList": { - "items": { - "type": "string" - }, - "markdownDescription": "An always-block IP address list. Overrides the risk decision and always blocks authentication requests. This parameter is displayed and set in CIDR notation.", - "title": "BlockedIPRangeList", - "type": "array" - }, - "SkippedIPRangeList": { - "items": { - "type": "string" - }, - "markdownDescription": "An always-allow IP address list. Risk detection isn't performed on the IP addresses in this range list. This parameter is displayed and set in CIDR notation.", - "title": "SkippedIPRangeList", - "type": "array" + "InsightType": { + "markdownDescription": "The type of Insights events to log on an event data store. `ApiCallRateInsight` and `ApiErrorRateInsight` are valid Insight types.\n\nThe `ApiCallRateInsight` Insights type analyzes write-only management API calls that are aggregated per minute against a baseline API call volume.\n\nThe `ApiErrorRateInsight` Insights type analyzes management API calls that result in error codes. The error is shown if the API call is unsuccessful.", + "title": "InsightType", + "type": "string" } }, "type": "object" }, - "AWS::Cognito::UserPoolUICustomizationAttachment": { + "AWS::CloudTrail::ResourcePolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -47252,31 +53045,26 @@ "Properties": { "additionalProperties": false, "properties": { - "CSS": { - "markdownDescription": "A plaintext CSS file that contains the custom fields that you want to apply to your user pool or app client. To download a template, go to the Amazon Cognito console. Navigate to your user pool *App clients* tab, select *Login pages* , edit *Hosted UI (classic) style* , and select the link to `CSS template.css` .", - "title": "CSS", - "type": "string" - }, - "ClientId": { - "markdownDescription": "The app client ID for your UI customization. When this value isn't present, the customization applies to all user pool app clients that don't have client-level settings..", - "title": "ClientId", + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the CloudTrail event data store, dashboard, or channel attached to the resource-based policy.\n\nExample event data store ARN format: `arn:aws:cloudtrail:us-east-2:123456789012:eventdatastore/EXAMPLE-f852-4e8f-8bd1-bcf6cEXAMPLE`\n\nExample dashboard ARN format: `arn:aws:cloudtrail:us-east-1:123456789012:dashboard/exampleDash`\n\nExample channel ARN format: `arn:aws:cloudtrail:us-east-2:123456789012:channel/01234567890`", + "title": "ResourceArn", "type": "string" }, - "UserPoolId": { - "markdownDescription": "The ID of the user pool where you want to apply branding to the classic hosted UI.", - "title": "UserPoolId", - "type": "string" + "ResourcePolicy": { + "markdownDescription": "A JSON-formatted string for an AWS resource-based policy.\n\nFor example resource-based policies, see [CloudTrail resource-based policy examples](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/security_iam_resource-based-policy-examples.html) in the *CloudTrail User Guide* .", + "title": "ResourcePolicy", + "type": "object" } }, "required": [ - "ClientId", - "UserPoolId" + "ResourceArn", + "ResourcePolicy" ], "type": "object" }, "Type": { "enum": [ - "AWS::Cognito::UserPoolUICustomizationAttachment" + "AWS::CloudTrail::ResourcePolicy" ], "type": "string" }, @@ -47295,7 +53083,7 @@ ], "type": "object" }, - "AWS::Cognito::UserPoolUser": { + "AWS::CloudTrail::Trail": { "additionalProperties": false, "properties": { "Condition": { @@ -47330,70 +53118,108 @@ "Properties": { "additionalProperties": false, "properties": { - "ClientMetadata": { - "additionalProperties": true, - "markdownDescription": "A map of custom key-value pairs that you can provide as input for any custom workflows that this action triggers.\n\nYou create custom workflows by assigning AWS Lambda functions to user pool triggers. When you use the AdminCreateUser API action, Amazon Cognito invokes the function that is assigned to the *pre sign-up* trigger. When Amazon Cognito invokes this function, it passes a JSON payload, which the function receives as input. This payload contains a `ClientMetadata` attribute, which provides the data that you assigned to the ClientMetadata parameter in your AdminCreateUser request. In your function code in AWS Lambda , you can process the `clientMetadata` value to enhance your workflow for your specific needs.\n\nFor more information, see [Using Lambda triggers](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html) in the *Amazon Cognito Developer Guide* .\n\n> When you use the `ClientMetadata` parameter, note that Amazon Cognito won't do the following:\n> \n> - Store the `ClientMetadata` value. This data is available only to AWS Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool configuration doesn't include triggers, the `ClientMetadata` parameter serves no purpose.\n> - Validate the `ClientMetadata` value.\n> - Encrypt the `ClientMetadata` value. Don't send sensitive information in this parameter.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "AdvancedEventSelectors": { + "items": { + "$ref": "#/definitions/AWS::CloudTrail::Trail.AdvancedEventSelector" }, - "title": "ClientMetadata", - "type": "object" + "markdownDescription": "Specifies the settings for advanced event selectors. You can use advanced event selectors to log management events, data events for all resource types, and network activity events.\n\nYou can add advanced event selectors, and conditions for your advanced event selectors, up to a maximum of 500 values for all conditions and selectors on a trail. You can use either `AdvancedEventSelectors` or `EventSelectors` , but not both. If you apply `AdvancedEventSelectors` to a trail, any existing `EventSelectors` are overwritten. For more information about advanced event selectors, see [Logging data events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html) and [Logging network activity events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-network-events-with-cloudtrail.html) in the *AWS CloudTrail User Guide* .", + "title": "AdvancedEventSelectors", + "type": "array" }, - "DesiredDeliveryMediums": { + "CloudWatchLogsLogGroupArn": { + "markdownDescription": "Specifies a log group name using an Amazon Resource Name (ARN), a unique identifier that represents the log group to which CloudTrail logs are delivered. You must use a log group that exists in your account.\n\nTo enable CloudWatch Logs delivery, you must provide values for `CloudWatchLogsLogGroupArn` and `CloudWatchLogsRoleArn` .\n\n> If you previously enabled CloudWatch Logs delivery and want to disable CloudWatch Logs delivery, you must set the values of the `CloudWatchLogsRoleArn` and `CloudWatchLogsLogGroupArn` fields to `\"\"` .", + "title": "CloudWatchLogsLogGroupArn", + "type": "string" + }, + "CloudWatchLogsRoleArn": { + "markdownDescription": "Specifies the role for the CloudWatch Logs endpoint to assume to write to a user's log group. You must use a role that exists in your account.\n\nTo enable CloudWatch Logs delivery, you must provide values for `CloudWatchLogsLogGroupArn` and `CloudWatchLogsRoleArn` .\n\n> If you previously enabled CloudWatch Logs delivery and want to disable CloudWatch Logs delivery, you must set the values of the `CloudWatchLogsRoleArn` and `CloudWatchLogsLogGroupArn` fields to `\"\"` .", + "title": "CloudWatchLogsRoleArn", + "type": "string" + }, + "EnableLogFileValidation": { + "markdownDescription": "Specifies whether log file validation is enabled. The default is false.\n\n> When you disable log file integrity validation, the chain of digest files is broken after one hour. CloudTrail does not create digest files for log files that were delivered during a period in which log file integrity validation was disabled. For example, if you enable log file integrity validation at noon on January 1, disable it at noon on January 2, and re-enable it at noon on January 10, digest files will not be created for the log files delivered from noon on January 2 to noon on January 10. The same applies whenever you stop CloudTrail logging or delete a trail.", + "title": "EnableLogFileValidation", + "type": "boolean" + }, + "EventSelectors": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::CloudTrail::Trail.EventSelector" }, - "markdownDescription": "Specify `EMAIL` if email will be used to send the welcome message. Specify `SMS` if the phone number will be used. The default value is `SMS` . You can specify more than one value.", - "title": "DesiredDeliveryMediums", + "markdownDescription": "Use event selectors to further specify the management and data event settings for your trail. By default, trails created without specific event selectors will be configured to log all read and write management events, and no data events. When an event occurs in your account, CloudTrail evaluates the event selector for all trails. For each trail, if the event matches any event selector, the trail processes and logs the event. If the event doesn't match any event selector, the trail doesn't log the event.\n\nYou can configure up to five event selectors for a trail.\n\nYou cannot apply both event selectors and advanced event selectors to a trail.", + "title": "EventSelectors", "type": "array" }, - "ForceAliasCreation": { - "markdownDescription": "This parameter is used only if the `phone_number_verified` or `email_verified` attribute is set to `True` . Otherwise, it is ignored.\n\nIf this parameter is set to `True` and the phone number or email address specified in the `UserAttributes` parameter already exists as an alias with a different user, this request migrates the alias from the previous user to the newly-created user. The previous user will no longer be able to log in using that alias.\n\nIf this parameter is set to `False` , the API throws an `AliasExistsException` error if the alias already exists. The default value is `False` .", - "title": "ForceAliasCreation", + "IncludeGlobalServiceEvents": { + "markdownDescription": "Specifies whether the trail is publishing events from global services such as IAM to the log files.", + "title": "IncludeGlobalServiceEvents", "type": "boolean" }, - "MessageAction": { - "markdownDescription": "Set to `RESEND` to resend the invitation message to a user that already exists, and to reset the temporary-password duration with a new temporary password. Set to `SUPPRESS` to suppress sending the message. You can specify only one value.", - "title": "MessageAction", - "type": "string" - }, - "UserAttributes": { + "InsightSelectors": { "items": { - "$ref": "#/definitions/AWS::Cognito::UserPoolUser.AttributeType" + "$ref": "#/definitions/AWS::CloudTrail::Trail.InsightSelector" }, - "markdownDescription": "An array of name-value pairs that contain user attributes and attribute values to be set for the user to be created. You can create a user without specifying any attributes other than `Username` . However, any attributes that you specify as required (when creating a user pool or in the *Attributes* tab of the console) either you should supply (in your call to `AdminCreateUser` ) or the user should supply (when they sign up in response to your welcome message).\n\nFor custom attributes, you must prepend the `custom:` prefix to the attribute name.\n\nTo send a message inviting the user to sign up, you must specify the user's email address or phone number. You can do this in your call to AdminCreateUser or in the *Users* tab of the Amazon Cognito console for managing your user pools.\n\nYou must also provide an email address or phone number when you expect the user to do passwordless sign-in with an email or SMS OTP. These attributes must be provided when passwordless options are the only available, or when you don't submit a `TemporaryPassword` .\n\nIn your call to `AdminCreateUser` , you can set the `email_verified` attribute to `True` , and you can set the `phone_number_verified` attribute to `True` .\n\n- *email* : The email address of the user to whom the message that contains the code and username will be sent. Required if the `email_verified` attribute is set to `True` , or if `\"EMAIL\"` is specified in the `DesiredDeliveryMediums` parameter.\n- *phone_number* : The phone number of the user to whom the message that contains the code and username will be sent. Required if the `phone_number_verified` attribute is set to `True` , or if `\"SMS\"` is specified in the `DesiredDeliveryMediums` parameter.", - "title": "UserAttributes", + "markdownDescription": "A JSON string that contains the Insights types you want to log on a trail. `ApiCallRateInsight` and `ApiErrorRateInsight` are valid Insight types.\n\nThe `ApiCallRateInsight` Insights type analyzes write-only management API calls that are aggregated per minute against a baseline API call volume.\n\nThe `ApiErrorRateInsight` Insights type analyzes management API calls that result in error codes. The error is shown if the API call is unsuccessful.", + "title": "InsightSelectors", "type": "array" }, - "UserPoolId": { - "markdownDescription": "The ID of the user pool where you want to create a user.", - "title": "UserPoolId", + "IsLogging": { + "markdownDescription": "Whether the CloudTrail trail is currently logging AWS API calls.", + "title": "IsLogging", + "type": "boolean" + }, + "IsMultiRegionTrail": { + "markdownDescription": "Specifies whether the trail applies only to the current Region or to all Regions. The default is false. If the trail exists only in the current Region and this value is set to true, shadow trails (replications of the trail) will be created in the other Regions. If the trail exists in all Regions and this value is set to false, the trail will remain in the Region where it was created, and its shadow trails in other Regions will be deleted. As a best practice, consider using trails that log events in all Regions.", + "title": "IsMultiRegionTrail", + "type": "boolean" + }, + "IsOrganizationTrail": { + "markdownDescription": "Specifies whether the trail is applied to all accounts in an organization in AWS Organizations , or only for the current AWS account . The default is false, and cannot be true unless the call is made on behalf of an AWS account that is the management account for an organization in AWS Organizations . If the trail is not an organization trail and this is set to `true` , the trail will be created in all AWS accounts that belong to the organization. If the trail is an organization trail and this is set to `false` , the trail will remain in the current AWS account but be deleted from all member accounts in the organization.\n\n> Only the management account for the organization can convert an organization trail to a non-organization trail, or convert a non-organization trail to an organization trail.", + "title": "IsOrganizationTrail", + "type": "boolean" + }, + "KMSKeyId": { + "markdownDescription": "Specifies the AWS KMS key ID to use to encrypt the logs and digest files delivered by CloudTrail. The value can be an alias name prefixed by \"alias/\", a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.\n\nCloudTrail also supports AWS KMS multi-Region keys. For more information about multi-Region keys, see [Using multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the *AWS Key Management Service Developer Guide* .\n\nExamples:\n\n- alias/MyAliasName\n- arn:aws:kms:us-east-2:123456789012:alias/MyAliasName\n- arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012\n- 12345678-1234-1234-1234-123456789012", + "title": "KMSKeyId", "type": "string" }, - "Username": { - "markdownDescription": "The value that you want to set as the username sign-in attribute. The following conditions apply to the username parameter.\n\n- The username can't be a duplicate of another username in the same user pool.\n- You can't change the value of a username after you create it.\n- You can only provide a value if usernames are a valid sign-in attribute for your user pool. If your user pool only supports phone numbers or email addresses as sign-in attributes, Amazon Cognito automatically generates a username value. For more information, see [Customizing sign-in attributes](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html#user-pool-settings-aliases) .", - "title": "Username", + "S3BucketName": { + "markdownDescription": "Specifies the name of the Amazon S3 bucket designated for publishing log files. See [Amazon S3 Bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html) .", + "title": "S3BucketName", "type": "string" }, - "ValidationData": { + "S3KeyPrefix": { + "markdownDescription": "Specifies the Amazon S3 key prefix that comes after the name of the bucket you have designated for log file delivery. For more information, see [Finding Your CloudTrail Log Files](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/get-and-view-cloudtrail-log-files.html#cloudtrail-find-log-files) . The maximum length is 200 characters.", + "title": "S3KeyPrefix", + "type": "string" + }, + "SnsTopicName": { + "markdownDescription": "Specifies the name or ARN of the Amazon SNS topic defined for notification of log file delivery. The maximum length is 256 characters.", + "title": "SnsTopicName", + "type": "string" + }, + "Tags": { "items": { - "$ref": "#/definitions/AWS::Cognito::UserPoolUser.AttributeType" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "Temporary user attributes that contribute to the outcomes of your pre sign-up Lambda trigger. This set of key-value pairs are for custom validation of information that you collect from your users but don't need to retain.\n\nYour Lambda function can analyze this additional data and act on it. Your function can automatically confirm and verify select users or perform external API operations like logging user attributes and validation data to Amazon CloudWatch Logs.\n\nFor more information about the pre sign-up Lambda trigger, see [Pre sign-up Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-sign-up.html) .", - "title": "ValidationData", + "markdownDescription": "A custom set of tags (key-value pairs) for this trail.", + "title": "Tags", "type": "array" + }, + "TrailName": { + "markdownDescription": "Specifies the name of the trail. The name must meet the following requirements:\n\n- Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores (_), or dashes (-)\n- Start with a letter or number, and end with a letter or number\n- Be between 3 and 128 characters\n- Have no adjacent periods, underscores or dashes. Names like `my-_namespace` and `my--namespace` are not valid.\n- Not be in IP address format (for example, 192.168.5.4)", + "title": "TrailName", + "type": "string" } }, "required": [ - "UserPoolId" + "IsLogging", + "S3BucketName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Cognito::UserPoolUser" + "AWS::CloudTrail::Trail" ], "type": "string" }, @@ -47412,23 +53238,156 @@ ], "type": "object" }, - "AWS::Cognito::UserPoolUser.AttributeType": { + "AWS::CloudTrail::Trail.AdvancedEventSelector": { "additionalProperties": false, "properties": { + "FieldSelectors": { + "items": { + "$ref": "#/definitions/AWS::CloudTrail::Trail.AdvancedFieldSelector" + }, + "markdownDescription": "Contains all selector statements in an advanced event selector.", + "title": "FieldSelectors", + "type": "array" + }, "Name": { - "markdownDescription": "The name of the attribute.", + "markdownDescription": "An optional, descriptive name for an advanced event selector, such as \"Log data events for only two S3 buckets\".", "title": "Name", "type": "string" + } + }, + "required": [ + "FieldSelectors" + ], + "type": "object" + }, + "AWS::CloudTrail::Trail.AdvancedFieldSelector": { + "additionalProperties": false, + "properties": { + "EndsWith": { + "items": { + "type": "string" + }, + "markdownDescription": "An operator that includes events that match the last few characters of the event record field specified as the value of `Field` .", + "title": "EndsWith", + "type": "array" + }, + "Equals": { + "items": { + "type": "string" + }, + "markdownDescription": "An operator that includes events that match the exact value of the event record field specified as the value of `Field` . This is the only valid operator that you can use with the `readOnly` , `eventCategory` , and `resources.type` fields.", + "title": "Equals", + "type": "array" + }, + "Field": { + "markdownDescription": "A field in a CloudTrail event record on which to filter events to be logged. For event data stores for CloudTrail Insights events, AWS Config configuration items, Audit Manager evidence, or events outside of AWS , the field is used only for selecting events as filtering is not supported.\n\nFor CloudTrail management events, supported fields include `eventCategory` (required), `eventSource` , and `readOnly` . The following additional fields are available for event data stores: `eventName` , `eventType` , `sessionCredentialFromConsole` , and `userIdentity.arn` .\n\nFor CloudTrail data events, supported fields include `eventCategory` (required), `eventName` , `eventSource` , `eventType` , `resources.type` (required), `readOnly` , `resources.ARN` , `sessionCredentialFromConsole` , and `userIdentity.arn` .\n\nFor CloudTrail network activity events, supported fields include `eventCategory` (required), `eventSource` (required), `eventName` , `errorCode` , and `vpcEndpointId` .\n\nFor event data stores for CloudTrail Insights events, AWS Config configuration items, Audit Manager evidence, or events outside of AWS , the only supported field is `eventCategory` .\n\n> Selectors don't support the use of wildcards like `*` . To match multiple values with a single condition, you may use `StartsWith` , `EndsWith` , `NotStartsWith` , or `NotEndsWith` to explicitly match the beginning or end of the event field. \n\n- *`readOnly`* - This is an optional field that is only used for management events and data events. This field can be set to `Equals` with a value of `true` or `false` . If you do not add this field, CloudTrail logs both `read` and `write` events. A value of `true` logs only `read` events. A value of `false` logs only `write` events.\n- *`eventSource`* - This field is only used for management events, data events, and network activity events.\n\nFor management events for trails, this is an optional field that can be set to `NotEquals` `kms.amazonaws.com` to exclude KMS management events, or `NotEquals` `rdsdata.amazonaws.com` to exclude RDS management events.\n\nFor data events for trails, this is an optional field that you can use to include or exclude any event source and can use any operator.\n\nFor management and data events for event data stores, this is an optional field that you can use to include or exclude any event source and can use any operator.\n\nFor network activity events, this is a required field that only uses the `Equals` operator. Set this field to the event source for which you want to log network activity events. If you want to log network activity events for multiple event sources, you must create a separate field selector for each event source. For a list of services supporting network activity events, see [Logging network activity events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-network-events-with-cloudtrail.html) in the *AWS CloudTrail User Guide* .\n- *`eventName`* - This is an optional field that is only used for data events, management events (for event data stores only), and network activity events. You can use any operator with `eventName` . You can use it to \ufb01lter in or \ufb01lter out specific events. You can have multiple values for this \ufb01eld, separated by commas.\n- *`eventCategory`* - This field is required and must be set to `Equals` .\n\n- For CloudTrail management events, the value must be `Management` .\n- For CloudTrail data events, the value must be `Data` .\n- For CloudTrail network activity events, the value must be `NetworkActivity` .\n\nThe following are used only for event data stores:\n\n- For CloudTrail Insights events, the value must be `Insight` .\n- For AWS Config configuration items, the value must be `ConfigurationItem` .\n- For Audit Manager evidence, the value must be `Evidence` .\n- For events outside of AWS , the value must be `ActivityAuditLog` .\n- *`eventType`* - For event data stores, this is an optional field available for event data stores to filter management and data events on the event type. For trails, this is an optional field to filter data events on the event type. For information about available event types, see [CloudTrail record contents](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-event-reference-record-contents.html#ct-event-type) in the *AWS CloudTrail user guide* .\n- *`errorCode`* - This \ufb01eld is only used to filter CloudTrail network activity events and is optional. This is the error code to filter on. Currently, the only valid `errorCode` is `VpceAccessDenied` . `errorCode` can only use the `Equals` operator.\n- *`sessionCredentialFromConsole`* - For event data stores, this is an optional field used to filter management and data events based on whether the events originated from an AWS Management Console session. For trails, this is an optional field used to filter data events. `sessionCredentialFromConsole` can only use the `Equals` and `NotEquals` operators.\n- *`resources.type`* - This \ufb01eld is required for CloudTrail data events. `resources.type` can only use the `Equals` operator.\n\nFor a list of available resource types for data events, see [Data events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#logging-data-events) in the *AWS CloudTrail User Guide* .\n\nYou can have only one `resources.type` \ufb01eld per selector. To log events on more than one resource type, add another selector.\n- *`resources.ARN`* - The `resources.ARN` is an optional field for data events. You can use any operator with `resources.ARN` , but if you use `Equals` or `NotEquals` , the value must exactly match the ARN of a valid resource of the type you've speci\ufb01ed in the template as the value of resources.type. To log all data events for all objects in a specific S3 bucket, use the `StartsWith` operator, and include only the bucket ARN as the matching value.\n\nFor more information about the ARN formats of data event resources, see [Actions, resources, and condition keys for AWS services](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html) in the *Service Authorization Reference* .\n\n> You can't use the `resources.ARN` field to filter resource types that do not have ARNs.\n- *`userIdentity.arn`* - For event data stores, this is an optional field used to filter management and data events for actions taken by specific IAM identities. For trails, this is an optional field used to filter data events. You can use any operator with `userIdentity.arn` . For more information on the userIdentity element, see [CloudTrail userIdentity element](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-event-reference-user-identity.html) in the *AWS CloudTrail User Guide* .\n- *`vpcEndpointId`* - This \ufb01eld is only used to filter CloudTrail network activity events and is optional. This field identifies the VPC endpoint that the request passed through. You can use any operator with `vpcEndpointId` .", + "title": "Field", + "type": "string" }, - "Value": { - "markdownDescription": "The value of the attribute.", - "title": "Value", + "NotEndsWith": { + "items": { + "type": "string" + }, + "markdownDescription": "An operator that excludes events that match the last few characters of the event record field specified as the value of `Field` .", + "title": "NotEndsWith", + "type": "array" + }, + "NotEquals": { + "items": { + "type": "string" + }, + "markdownDescription": "An operator that excludes events that match the exact value of the event record field specified as the value of `Field` .", + "title": "NotEquals", + "type": "array" + }, + "NotStartsWith": { + "items": { + "type": "string" + }, + "markdownDescription": "An operator that excludes events that match the first few characters of the event record field specified as the value of `Field` .", + "title": "NotStartsWith", + "type": "array" + }, + "StartsWith": { + "items": { + "type": "string" + }, + "markdownDescription": "An operator that includes events that match the first few characters of the event record field specified as the value of `Field` .", + "title": "StartsWith", + "type": "array" + } + }, + "required": [ + "Field" + ], + "type": "object" + }, + "AWS::CloudTrail::Trail.DataResource": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "The resource type in which you want to log data events. You can specify the following *basic* event selector resource types:\n\n- `AWS::DynamoDB::Table`\n- `AWS::Lambda::Function`\n- `AWS::S3::Object`\n\nAdditional resource types are available through *advanced* event selectors. For more information, see [AdvancedEventSelector](https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_AdvancedEventSelector.html) .", + "title": "Type", + "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of Amazon Resource Name (ARN) strings or partial ARN strings for the specified resource type.\n\n- To log data events for all objects in all S3 buckets in your AWS account , specify the prefix as `arn:aws:s3` .\n\n> This also enables logging of data event activity performed by any user or role in your AWS account , even if that activity is performed on a bucket that belongs to another AWS account .\n- To log data events for all objects in an S3 bucket, specify the bucket and an empty object prefix such as `arn:aws:s3:::amzn-s3-demo-bucket1/` . The trail logs data events for all objects in this S3 bucket.\n- To log data events for specific objects, specify the S3 bucket and object prefix such as `arn:aws:s3:::amzn-s3-demo-bucket1/example-images` . The trail logs data events for objects in this S3 bucket that match the prefix.\n- To log data events for all Lambda functions in your AWS account , specify the prefix as `arn:aws:lambda` .\n\n> This also enables logging of `Invoke` activity performed by any user or role in your AWS account , even if that activity is performed on a function that belongs to another AWS account .\n- To log data events for a specific Lambda function, specify the function ARN.\n\n> Lambda function ARNs are exact. For example, if you specify a function ARN *arn:aws:lambda:us-west-2:111111111111:function:helloworld* , data events will only be logged for *arn:aws:lambda:us-west-2:111111111111:function:helloworld* . They will not be logged for *arn:aws:lambda:us-west-2:111111111111:function:helloworld2* .\n- To log data events for all DynamoDB tables in your AWS account , specify the prefix as `arn:aws:dynamodb` .", + "title": "Values", + "type": "array" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::CloudTrail::Trail.EventSelector": { + "additionalProperties": false, + "properties": { + "DataResources": { + "items": { + "$ref": "#/definitions/AWS::CloudTrail::Trail.DataResource" + }, + "markdownDescription": "CloudTrail supports data event logging for Amazon S3 objects in standard S3 buckets, AWS Lambda functions, and Amazon DynamoDB tables with basic event selectors. You can specify up to 250 resources for an individual event selector, but the total number of data resources cannot exceed 250 across all event selectors in a trail. This limit does not apply if you configure resource logging for all data events.\n\nFor more information, see [Data Events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html) and [Limits in AWS CloudTrail](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/WhatIsCloudTrail-Limits.html) in the *AWS CloudTrail User Guide* .\n\n> To log data events for all other resource types including objects stored in [directory buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-overview.html) , you must use [AdvancedEventSelectors](https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_AdvancedEventSelector.html) . You must also use `AdvancedEventSelectors` if you want to filter on the `eventName` field.", + "title": "DataResources", + "type": "array" + }, + "ExcludeManagementEventSources": { + "items": { + "type": "string" + }, + "markdownDescription": "An optional list of service event sources from which you do not want management events to be logged on your trail. In this release, the list can be empty (disables the filter), or it can filter out AWS Key Management Service or Amazon RDS Data API events by containing `kms.amazonaws.com` or `rdsdata.amazonaws.com` . By default, `ExcludeManagementEventSources` is empty, and AWS KMS and Amazon RDS Data API events are logged to your trail. You can exclude management event sources only in Regions that support the event source.", + "title": "ExcludeManagementEventSources", + "type": "array" + }, + "IncludeManagementEvents": { + "markdownDescription": "Specify if you want your event selector to include management events for your trail.\n\nFor more information, see [Management Events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-events-with-cloudtrail.html) in the *AWS CloudTrail User Guide* .\n\nBy default, the value is `true` .\n\nThe first copy of management events is free. You are charged for additional copies of management events that you are logging on any subsequent trail in the same Region. For more information about CloudTrail pricing, see [AWS CloudTrail Pricing](https://docs.aws.amazon.com/cloudtrail/pricing/) .", + "title": "IncludeManagementEvents", + "type": "boolean" + }, + "ReadWriteType": { + "markdownDescription": "Specify if you want your trail to log read-only events, write-only events, or all. For example, the EC2 `GetConsoleOutput` is a read-only API operation and `RunInstances` is a write-only API operation.\n\nBy default, the value is `All` .", + "title": "ReadWriteType", "type": "string" } }, "type": "object" }, - "AWS::Cognito::UserPoolUserToGroupAttachment": { + "AWS::CloudTrail::Trail.InsightSelector": { + "additionalProperties": false, + "properties": { + "InsightType": { + "markdownDescription": "The type of Insights events to log on a trail. `ApiCallRateInsight` and `ApiErrorRateInsight` are valid Insight types.\n\nThe `ApiCallRateInsight` Insights type analyzes write-only management API calls that are aggregated per minute against a baseline API call volume.\n\nThe `ApiErrorRateInsight` Insights type analyzes management API calls that result in error codes. The error is shown if the API call is unsuccessful.", + "title": "InsightType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CloudWatch::Alarm": { "additionalProperties": false, "properties": { "Condition": { @@ -47463,160 +53422,144 @@ "Properties": { "additionalProperties": false, "properties": { - "GroupName": { - "markdownDescription": "The name of the group that you want to add your user to.", - "title": "GroupName", - "type": "string" + "ActionsEnabled": { + "markdownDescription": "Indicates whether actions should be executed during any changes to the alarm state. The default is TRUE.", + "title": "ActionsEnabled", + "type": "boolean" }, - "UserPoolId": { - "markdownDescription": "The ID of the user pool that contains the group that you want to add the user to.", - "title": "UserPoolId", + "AlarmActions": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of actions to execute when this alarm transitions into an ALARM state from any other state. Specify each action as an Amazon Resource Name (ARN). For more information about creating alarms and the actions that you can specify, see [PutMetricAlarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutMetricAlarm.html) in the *Amazon CloudWatch API Reference* .", + "title": "AlarmActions", + "type": "array" + }, + "AlarmDescription": { + "markdownDescription": "The description of the alarm.", + "title": "AlarmDescription", "type": "string" }, - "Username": { - "markdownDescription": "The user's username.", - "title": "Username", + "AlarmName": { + "markdownDescription": "The name of the alarm. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the alarm name.\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "AlarmName", "type": "string" - } - }, - "required": [ - "GroupName", - "UserPoolId", - "Username" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Cognito::UserPoolUserToGroupAttachment" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::Comprehend::DocumentClassifier": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + }, + "ComparisonOperator": { + "markdownDescription": "The arithmetic operation to use when comparing the specified statistic and threshold. The specified statistic value is used as the first operand.", + "title": "ComparisonOperator", "type": "string" }, - { + "DatapointsToAlarm": { + "markdownDescription": "The number of datapoints that must be breaching to trigger the alarm. This is used only if you are setting an \"M out of N\" alarm. In that case, this value is the M, and the value that you set for `EvaluationPeriods` is the N value. For more information, see [Evaluating an Alarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/AlarmThatSendsEmail.html#alarm-evaluation) in the *Amazon CloudWatch User Guide* .\n\nIf you omit this parameter, CloudWatch uses the same value here that you set for `EvaluationPeriods` , and the alarm goes to alarm state if that many consecutive periods are breaching.", + "title": "DatapointsToAlarm", + "type": "number" + }, + "Dimensions": { "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" + "$ref": "#/definitions/AWS::CloudWatch::Alarm.Dimension" }, + "markdownDescription": "The dimensions for the metric associated with the alarm. For an alarm based on a math expression, you can't specify `Dimensions` . Instead, you use `Metrics` .", + "title": "Dimensions", "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DataAccessRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that grants Amazon Comprehend read access to your input data.", - "title": "DataAccessRoleArn", - "type": "string" }, - "DocumentClassifierName": { - "markdownDescription": "The name of the document classifier.", - "title": "DocumentClassifierName", + "EvaluateLowSampleCountPercentile": { + "markdownDescription": "Used only for alarms based on percentiles. If `ignore` , the alarm state does not change during periods with too few data points to be statistically significant. If `evaluate` or this parameter is not used, the alarm is always evaluated and possibly changes state no matter how many data points are available.", + "title": "EvaluateLowSampleCountPercentile", "type": "string" }, - "InputDataConfig": { - "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier.DocumentClassifierInputDataConfig", - "markdownDescription": "Specifies the format and location of the input data for the job.", - "title": "InputDataConfig" + "EvaluationPeriods": { + "markdownDescription": "The number of periods over which data is compared to the specified threshold. If you are setting an alarm that requires that a number of consecutive data points be breaching to trigger the alarm, this value specifies that number. If you are setting an \"M out of N\" alarm, this value is the N, and `DatapointsToAlarm` is the M.\n\nFor more information, see [Evaluating an Alarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/AlarmThatSendsEmail.html#alarm-evaluation) in the *Amazon CloudWatch User Guide* .", + "title": "EvaluationPeriods", + "type": "number" }, - "LanguageCode": { - "markdownDescription": "The language of the input documents. You can specify any of the languages supported by Amazon Comprehend. All documents must be in the same language.", - "title": "LanguageCode", + "ExtendedStatistic": { + "markdownDescription": "The percentile statistic for the metric associated with the alarm. Specify a value between p0.0 and p100.\n\nFor an alarm based on a metric, you must specify either `Statistic` or `ExtendedStatistic` but not both.\n\nFor an alarm based on a math expression, you can't specify `ExtendedStatistic` . Instead, you use `Metrics` .", + "title": "ExtendedStatistic", "type": "string" }, - "Mode": { - "markdownDescription": "Indicates the mode in which the classifier will be trained. The classifier can be trained in multi-class (single-label) mode or multi-label mode. Multi-class mode identifies a single class label for each document and multi-label mode identifies one or more class labels for each document. Multiple labels for an individual document are separated by a delimiter. The default delimiter between labels is a pipe (|).", - "title": "Mode", - "type": "string" + "InsufficientDataActions": { + "items": { + "type": "string" + }, + "markdownDescription": "The actions to execute when this alarm transitions to the `INSUFFICIENT_DATA` state from any other state. Each action is specified as an Amazon Resource Name (ARN).", + "title": "InsufficientDataActions", + "type": "array" }, - "ModelKmsKeyId": { - "markdownDescription": "ID for the AWS KMS key that Amazon Comprehend uses to encrypt trained custom models. The ModelKmsKeyId can be either of the following formats:\n\n- KMS Key ID: `\"1234abcd-12ab-34cd-56ef-1234567890ab\"`\n- Amazon Resource Name (ARN) of a KMS Key: `\"arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\"`", - "title": "ModelKmsKeyId", + "MetricName": { + "markdownDescription": "The name of the metric associated with the alarm. This is required for an alarm based on a metric. For an alarm based on a math expression, you use `Metrics` instead and you can't specify `MetricName` .", + "title": "MetricName", "type": "string" }, - "ModelPolicy": { - "markdownDescription": "The resource-based policy to attach to your custom document classifier model. You can use this policy to allow another AWS account to import your custom model.\n\nProvide your policy as a JSON body that you enter as a UTF-8 encoded string without line breaks. To provide valid JSON, enclose the attribute names and values in double quotes. If the JSON body is also enclosed in double quotes, then you must escape the double quotes that are inside the policy:\n\n`\"{\\\"attribute\\\": \\\"value\\\", \\\"attribute\\\": [\\\"value\\\"]}\"`\n\nTo avoid escaping quotes, you can use single quotes to enclose the policy and double quotes to enclose the JSON names and values:\n\n`'{\"attribute\": \"value\", \"attribute\": [\"value\"]}'`", - "title": "ModelPolicy", + "Metrics": { + "items": { + "$ref": "#/definitions/AWS::CloudWatch::Alarm.MetricDataQuery" + }, + "markdownDescription": "An array that enables you to create an alarm based on the result of a metric math expression. Each item in the array either retrieves a metric or performs a math expression.\n\nIf you specify the `Metrics` parameter, you cannot specify `MetricName` , `Dimensions` , `Period` , `Namespace` , `Statistic` , `ExtendedStatistic` , or `Unit` .", + "title": "Metrics", + "type": "array" + }, + "Namespace": { + "markdownDescription": "The namespace of the metric associated with the alarm. This is required for an alarm based on a metric. For an alarm based on a math expression, you can't specify `Namespace` and you use `Metrics` instead.\n\nFor a list of namespaces for metrics from AWS services, see [AWS Services That Publish CloudWatch Metrics.](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/aws-services-cloudwatch-metrics.html)", + "title": "Namespace", "type": "string" }, - "OutputDataConfig": { - "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier.DocumentClassifierOutputDataConfig", - "markdownDescription": "Provides output results configuration parameters for custom classifier jobs.", - "title": "OutputDataConfig" + "OKActions": { + "items": { + "type": "string" + }, + "markdownDescription": "The actions to execute when this alarm transitions to the `OK` state from any other state. Each action is specified as an Amazon Resource Name (ARN).", + "title": "OKActions", + "type": "array" + }, + "Period": { + "markdownDescription": "The period, in seconds, over which the statistic is applied. This is required for an alarm based on a metric. Valid values are 10, 20, 30, 60, and any multiple of 60.\n\nFor an alarm based on a math expression, you can't specify `Period` , and instead you use the `Metrics` parameter.\n\n*Minimum:* 10", + "title": "Period", + "type": "number" + }, + "Statistic": { + "markdownDescription": "The statistic for the metric associated with the alarm, other than percentile. For percentile statistics, use `ExtendedStatistic` .\n\nFor an alarm based on a metric, you must specify either `Statistic` or `ExtendedStatistic` but not both.\n\nFor an alarm based on a math expression, you can't specify `Statistic` . Instead, you use `Metrics` .", + "title": "Statistic", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Tags to associate with the document classifier. A tag is a key-value pair that adds as a metadata to a resource used by Amazon Comprehend. For example, a tag with \"Sales\" as the key might be added to a resource to indicate its use by the sales department.", + "markdownDescription": "A list of key-value pairs to associate with the alarm. You can associate as many as 50 tags with an alarm. To be able to associate tags with the alarm when you create the alarm, you must have the `cloudwatch:TagResource` permission.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.", "title": "Tags", "type": "array" }, - "VersionName": { - "markdownDescription": "The version name given to the newly created classifier. Version names can have a maximum of 256 characters. Alphanumeric characters, hyphens (-) and underscores (_) are allowed. The version name must be unique among all models with the same classifier name in the AWS account / AWS Region .", - "title": "VersionName", + "Threshold": { + "markdownDescription": "The value to compare with the specified statistic.", + "title": "Threshold", + "type": "number" + }, + "ThresholdMetricId": { + "markdownDescription": "In an alarm based on an anomaly detection model, this is the ID of the `ANOMALY_DETECTION_BAND` function used as the threshold for the alarm.", + "title": "ThresholdMetricId", "type": "string" }, - "VolumeKmsKeyId": { - "markdownDescription": "ID for the AWS Key Management Service (KMS) key that Amazon Comprehend uses to encrypt data on the storage volume attached to the ML compute instance(s) that process the analysis job. The VolumeKmsKeyId can be either of the following formats:\n\n- KMS Key ID: `\"1234abcd-12ab-34cd-56ef-1234567890ab\"`\n- Amazon Resource Name (ARN) of a KMS Key: `\"arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\"`", - "title": "VolumeKmsKeyId", + "TreatMissingData": { + "markdownDescription": "Sets how this alarm is to handle missing data points. Valid values are `breaching` , `notBreaching` , `ignore` , and `missing` . For more information, see [Configuring How CloudWatch Alarms Treat Missing Data](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/AlarmThatSendsEmail.html#alarms-and-missing-data) in the *Amazon CloudWatch User Guide* .\n\nIf you omit this parameter, the default behavior of `missing` is used.", + "title": "TreatMissingData", "type": "string" }, - "VpcConfig": { - "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier.VpcConfig", - "markdownDescription": "Configuration parameters for a private Virtual Private Cloud (VPC) containing the resources you are using for your custom classifier. For more information, see [Amazon VPC](https://docs.aws.amazon.com/vpc/latest/userguide/what-is-amazon-vpc.html) .", - "title": "VpcConfig" + "Unit": { + "markdownDescription": "The unit of the metric associated with the alarm. Specify this only if you are creating an alarm based on a single metric. Do not specify this if you are specifying a `Metrics` array.\n\nYou can specify the following values: Seconds, Microseconds, Milliseconds, Bytes, Kilobytes, Megabytes, Gigabytes, Terabytes, Bits, Kilobits, Megabits, Gigabits, Terabits, Percent, Count, Bytes/Second, Kilobytes/Second, Megabytes/Second, Gigabytes/Second, Terabytes/Second, Bits/Second, Kilobits/Second, Megabits/Second, Gigabits/Second, Terabits/Second, Count/Second, or None.", + "title": "Unit", + "type": "string" } }, "required": [ - "DataAccessRoleArn", - "DocumentClassifierName", - "InputDataConfig", - "LanguageCode" + "ComparisonOperator", + "EvaluationPeriods" ], "type": "object" }, "Type": { "enum": [ - "AWS::Comprehend::DocumentClassifier" + "AWS::CloudWatch::Alarm" ], "type": "string" }, @@ -47635,172 +53578,126 @@ ], "type": "object" }, - "AWS::Comprehend::DocumentClassifier.AugmentedManifestsListItem": { - "additionalProperties": false, - "properties": { - "AttributeNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The JSON attribute that contains the annotations for your training documents. The number of attribute names that you specify depends on whether your augmented manifest file is the output of a single labeling job or a chained labeling job.\n\nIf your file is the output of a single labeling job, specify the LabelAttributeName key that was used when the job was created in Ground Truth.\n\nIf your file is the output of a chained labeling job, specify the LabelAttributeName key for one or more jobs in the chain. Each LabelAttributeName key provides the annotations from an individual job.", - "title": "AttributeNames", - "type": "array" - }, - "S3Uri": { - "markdownDescription": "The Amazon S3 location of the augmented manifest file.", - "title": "S3Uri", - "type": "string" - }, - "Split": { - "markdownDescription": "The purpose of the data you've provided in the augmented manifest. You can either train or test this data. If you don't specify, the default is train.\n\nTRAIN - all of the documents in the manifest will be used for training. If no test documents are provided, Amazon Comprehend will automatically reserve a portion of the training documents for testing.\n\nTEST - all of the documents in the manifest will be used for testing.", - "title": "Split", - "type": "string" - } - }, - "required": [ - "AttributeNames", - "S3Uri" - ], - "type": "object" - }, - "AWS::Comprehend::DocumentClassifier.DocumentClassifierDocuments": { + "AWS::CloudWatch::Alarm.Dimension": { "additionalProperties": false, "properties": { - "S3Uri": { - "markdownDescription": "The S3 URI location of the training documents specified in the S3Uri CSV file.", - "title": "S3Uri", + "Name": { + "markdownDescription": "The name of the dimension, from 1\u2013255 characters in length. This dimension name must have been included when the metric was published.", + "title": "Name", "type": "string" }, - "TestS3Uri": { - "markdownDescription": "The S3 URI location of the test documents included in the TestS3Uri CSV file. This field is not required if you do not specify a test CSV file.", - "title": "TestS3Uri", + "Value": { + "markdownDescription": "The value for the dimension, from 1\u2013255 characters in length.", + "title": "Value", "type": "string" } }, "required": [ - "S3Uri" + "Name", + "Value" ], "type": "object" }, - "AWS::Comprehend::DocumentClassifier.DocumentClassifierInputDataConfig": { + "AWS::CloudWatch::Alarm.Metric": { "additionalProperties": false, "properties": { - "AugmentedManifests": { + "Dimensions": { "items": { - "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier.AugmentedManifestsListItem" + "$ref": "#/definitions/AWS::CloudWatch::Alarm.Dimension" }, - "markdownDescription": "A list of augmented manifest files that provide training data for your custom model. An augmented manifest file is a labeled dataset that is produced by Amazon SageMaker Ground Truth.\n\nThis parameter is required if you set `DataFormat` to `AUGMENTED_MANIFEST` .", - "title": "AugmentedManifests", + "markdownDescription": "The metric dimensions that you want to be used for the metric that the alarm will watch.", + "title": "Dimensions", "type": "array" }, - "DataFormat": { - "markdownDescription": "The format of your training data:\n\n- `COMPREHEND_CSV` : A two-column CSV file, where labels are provided in the first column, and documents are provided in the second. If you use this value, you must provide the `S3Uri` parameter in your request.\n- `AUGMENTED_MANIFEST` : A labeled dataset that is produced by Amazon SageMaker Ground Truth. This file is in JSON lines format. Each line is a complete JSON object that contains a training document and its associated labels.\n\nIf you use this value, you must provide the `AugmentedManifests` parameter in your request.\n\nIf you don't specify a value, Amazon Comprehend uses `COMPREHEND_CSV` as the default.", - "title": "DataFormat", - "type": "string" - }, - "DocumentReaderConfig": { - "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier.DocumentReaderConfig", - "markdownDescription": "", - "title": "DocumentReaderConfig" - }, - "DocumentType": { - "markdownDescription": "The type of input documents for training the model. Provide plain-text documents to create a plain-text model, and provide semi-structured documents to create a native document model.", - "title": "DocumentType", - "type": "string" - }, - "Documents": { - "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier.DocumentClassifierDocuments", - "markdownDescription": "The S3 location of the training documents. This parameter is required in a request to create a native document model.", - "title": "Documents" - }, - "LabelDelimiter": { - "markdownDescription": "Indicates the delimiter used to separate each label for training a multi-label classifier. The default delimiter between labels is a pipe (|). You can use a different character as a delimiter (if it's an allowed character) by specifying it under Delimiter for labels. If the training documents use a delimiter other than the default or the delimiter you specify, the labels on that line will be combined to make a single unique label, such as LABELLABELLABEL.", - "title": "LabelDelimiter", - "type": "string" - }, - "S3Uri": { - "markdownDescription": "The Amazon S3 URI for the input data. The S3 bucket must be in the same Region as the API endpoint that you are calling. The URI can point to a single input file or it can provide the prefix for a collection of input files.\n\nFor example, if you use the URI `S3://bucketName/prefix` , if the prefix is a single file, Amazon Comprehend uses that file as input. If more than one file begins with the prefix, Amazon Comprehend uses all of them as input.\n\nThis parameter is required if you set `DataFormat` to `COMPREHEND_CSV` .", - "title": "S3Uri", + "MetricName": { + "markdownDescription": "The name of the metric that you want the alarm to watch. This is a required field.", + "title": "MetricName", "type": "string" }, - "TestS3Uri": { - "markdownDescription": "This specifies the Amazon S3 location that contains the test annotations for the document classifier. The URI must be in the same AWS Region as the API endpoint that you are calling.", - "title": "TestS3Uri", + "Namespace": { + "markdownDescription": "The namespace of the metric that the alarm will watch.", + "title": "Namespace", "type": "string" } }, "type": "object" }, - "AWS::Comprehend::DocumentClassifier.DocumentClassifierOutputDataConfig": { + "AWS::CloudWatch::Alarm.MetricDataQuery": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "ID for the AWS Key Management Service (KMS) key that Amazon Comprehend uses to encrypt the output results from an analysis job. The KmsKeyId can be one of the following formats:\n\n- KMS Key ID: `\"1234abcd-12ab-34cd-56ef-1234567890ab\"`\n- Amazon Resource Name (ARN) of a KMS Key: `\"arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\"`\n- KMS Key Alias: `\"alias/ExampleAlias\"`\n- ARN of a KMS Key Alias: `\"arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias\"`", - "title": "KmsKeyId", + "AccountId": { + "markdownDescription": "The ID of the account where the metrics are located, if this is a cross-account alarm.", + "title": "AccountId", "type": "string" }, - "S3Uri": { - "markdownDescription": "When you use the `OutputDataConfig` object while creating a custom classifier, you specify the Amazon S3 location where you want to write the confusion matrix and other output files. The URI must be in the same Region as the API endpoint that you are calling. The location is used as the prefix for the actual location of this output file.\n\nWhen the custom classifier job is finished, the service creates the output file in a directory specific to the job. The `S3Uri` field contains the location of the output file, called `output.tar.gz` . It is a compressed archive that contains the confusion matrix.", - "title": "S3Uri", + "Expression": { + "markdownDescription": "The math expression to be performed on the returned data, if this object is performing a math expression. This expression can use the `Id` of the other metrics to refer to those metrics, and can also use the `Id` of other expressions to use the result of those expressions. For more information about metric math expressions, see [Metric Math Syntax and Functions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/using-metric-math.html#metric-math-syntax) in the *Amazon CloudWatch User Guide* .\n\nWithin each MetricDataQuery object, you must specify either `Expression` or `MetricStat` but not both.", + "title": "Expression", "type": "string" - } - }, - "type": "object" - }, - "AWS::Comprehend::DocumentClassifier.DocumentReaderConfig": { - "additionalProperties": false, - "properties": { - "DocumentReadAction": { - "markdownDescription": "This field defines the Amazon Textract API operation that Amazon Comprehend uses to extract text from PDF files and image files. Enter one of the following values:\n\n- `TEXTRACT_DETECT_DOCUMENT_TEXT` - The Amazon Comprehend service uses the `DetectDocumentText` API operation.\n- `TEXTRACT_ANALYZE_DOCUMENT` - The Amazon Comprehend service uses the `AnalyzeDocument` API operation.", - "title": "DocumentReadAction", + }, + "Id": { + "markdownDescription": "A short name used to tie this object to the results in the response. This name must be unique within a single call to `GetMetricData` . If you are performing math expressions on this set of data, this name represents that data and can serve as a variable in the mathematical expression. The valid characters are letters, numbers, and underscore. The first character must be a lowercase letter.", + "title": "Id", "type": "string" }, - "DocumentReadMode": { - "markdownDescription": "Determines the text extraction actions for PDF files. Enter one of the following values:\n\n- `SERVICE_DEFAULT` - use the Amazon Comprehend service defaults for PDF files.\n- `FORCE_DOCUMENT_READ_ACTION` - Amazon Comprehend uses the Textract API specified by DocumentReadAction for all PDF files, including digital PDF files.", - "title": "DocumentReadMode", + "Label": { + "markdownDescription": "A human-readable label for this metric or expression. This is especially useful if this is an expression, so that you know what the value represents. If the metric or expression is shown in a CloudWatch dashboard widget, the label is shown. If `Label` is omitted, CloudWatch generates a default.", + "title": "Label", "type": "string" }, - "FeatureTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the type of Amazon Textract features to apply. If you chose `TEXTRACT_ANALYZE_DOCUMENT` as the read action, you must specify one or both of the following values:\n\n- `TABLES` - Returns additional information about any tables that are detected in the input document.\n- `FORMS` - Returns additional information about any forms that are detected in the input document.", - "title": "FeatureTypes", - "type": "array" + "MetricStat": { + "$ref": "#/definitions/AWS::CloudWatch::Alarm.MetricStat", + "markdownDescription": "The metric to be returned, along with statistics, period, and units. Use this parameter only if this object is retrieving a metric and not performing a math expression on returned data.\n\nWithin one MetricDataQuery object, you must specify either `Expression` or `MetricStat` but not both.", + "title": "MetricStat" + }, + "Period": { + "markdownDescription": "The granularity, in seconds, of the returned data points. For metrics with regular resolution, a period can be as short as one minute (60 seconds) and must be a multiple of 60. For high-resolution metrics that are collected at intervals of less than one minute, the period can be 1, 5, 10, 20, 30, 60, or any multiple of 60. High-resolution metrics are those metrics stored by a `PutMetricData` operation that includes a `StorageResolution of 1 second` .", + "title": "Period", + "type": "number" + }, + "ReturnData": { + "markdownDescription": "This option indicates whether to return the timestamps and raw data values of this metric.\n\nWhen you create an alarm based on a metric math expression, specify `True` for this value for only the one math expression that the alarm is based on. You must specify `False` for `ReturnData` for all the other metrics and expressions used in the alarm.\n\nThis field is required.", + "title": "ReturnData", + "type": "boolean" } }, "required": [ - "DocumentReadAction" + "Id" ], "type": "object" }, - "AWS::Comprehend::DocumentClassifier.VpcConfig": { + "AWS::CloudWatch::Alarm.MetricStat": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The ID number for a security group on an instance of your private VPC. Security groups on your VPC function serve as a virtual firewall to control inbound and outbound traffic and provides security for the resources that you\u2019ll be accessing on the VPC. This ID number is preceded by \"sg-\", for instance: \"sg-03b388029b0a285ea\". For more information, see [Security Groups for your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) .", - "title": "SecurityGroupIds", - "type": "array" + "Metric": { + "$ref": "#/definitions/AWS::CloudWatch::Alarm.Metric", + "markdownDescription": "The metric to return, including the metric name, namespace, and dimensions.", + "title": "Metric" }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "The ID for each subnet being used in your private VPC. This subnet is a subset of the a range of IPv4 addresses used by the VPC and is specific to a given availability zone in the VPC\u2019s Region. This ID number is preceded by \"subnet-\", for instance: \"subnet-04ccf456919e69055\". For more information, see [VPCs and Subnets](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) .", - "title": "Subnets", - "type": "array" + "Period": { + "markdownDescription": "The granularity, in seconds, of the returned data points. For metrics with regular resolution, a period can be as short as one minute (60 seconds) and must be a multiple of 60. For high-resolution metrics that are collected at intervals of less than one minute, the period can be 1, 5, 10, 20, 30, 60, or any multiple of 60. High-resolution metrics are those metrics stored by a `PutMetricData` call that includes a `StorageResolution` of 1 second.\n\nIf the `StartTime` parameter specifies a time stamp that is greater than 3 hours ago, you must specify the period as follows or no data points in that time range is returned:\n\n- Start time between 3 hours and 15 days ago - Use a multiple of 60 seconds (1 minute).\n- Start time between 15 and 63 days ago - Use a multiple of 300 seconds (5 minutes).\n- Start time greater than 63 days ago - Use a multiple of 3600 seconds (1 hour).", + "title": "Period", + "type": "number" + }, + "Stat": { + "markdownDescription": "The statistic to return. It can include any CloudWatch statistic or extended statistic. For a list of valid values, see the table in [Statistics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html#Statistic) in the *Amazon CloudWatch User Guide* .", + "title": "Stat", + "type": "string" + }, + "Unit": { + "markdownDescription": "The unit to use for the returned data points.\n\nValid values are: Seconds, Microseconds, Milliseconds, Bytes, Kilobytes, Megabytes, Gigabytes, Terabytes, Bits, Kilobits, Megabits, Gigabits, Terabits, Percent, Count, Bytes/Second, Kilobytes/Second, Megabytes/Second, Gigabytes/Second, Terabytes/Second, Bits/Second, Kilobits/Second, Megabits/Second, Gigabits/Second, Terabits/Second, Count/Second, or None.", + "title": "Unit", + "type": "string" } }, "required": [ - "SecurityGroupIds", - "Subnets" + "Metric", + "Period", + "Stat" ], "type": "object" }, - "AWS::Comprehend::Flywheel": { + "AWS::CloudWatch::AnomalyDetector": { "additionalProperties": false, "properties": { "Condition": { @@ -47835,60 +53732,55 @@ "Properties": { "additionalProperties": false, "properties": { - "ActiveModelArn": { - "markdownDescription": "The Amazon Resource Number (ARN) of the active model version.", - "title": "ActiveModelArn", - "type": "string" + "Configuration": { + "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.Configuration", + "markdownDescription": "Specifies details about how the anomaly detection model is to be trained, including time ranges to exclude when training and updating the model. The configuration can also include the time zone to use for the metric.", + "title": "Configuration" }, - "DataAccessRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that grants Amazon Comprehend permission to access the flywheel data.", - "title": "DataAccessRoleArn", - "type": "string" + "Dimensions": { + "items": { + "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.Dimension" + }, + "markdownDescription": "The dimensions of the metric associated with the anomaly detection band.", + "title": "Dimensions", + "type": "array" }, - "DataLakeS3Uri": { - "markdownDescription": "Amazon S3 URI of the data lake location.", - "title": "DataLakeS3Uri", - "type": "string" + "MetricCharacteristics": { + "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.MetricCharacteristics", + "markdownDescription": "Use this object to include parameters to provide information about your metric to CloudWatch to help it build more accurate anomaly detection models. Currently, it includes the `PeriodicSpikes` parameter.", + "title": "MetricCharacteristics" }, - "DataSecurityConfig": { - "$ref": "#/definitions/AWS::Comprehend::Flywheel.DataSecurityConfig", - "markdownDescription": "Data security configuration.", - "title": "DataSecurityConfig" + "MetricMathAnomalyDetector": { + "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.MetricMathAnomalyDetector", + "markdownDescription": "The CloudWatch metric math expression for this anomaly detector.", + "title": "MetricMathAnomalyDetector" }, - "FlywheelName": { - "markdownDescription": "Name for the flywheel.", - "title": "FlywheelName", + "MetricName": { + "markdownDescription": "The name of the metric associated with the anomaly detection band.", + "title": "MetricName", "type": "string" }, - "ModelType": { - "markdownDescription": "Model type of the flywheel's model.", - "title": "ModelType", + "Namespace": { + "markdownDescription": "The namespace of the metric associated with the anomaly detection band.", + "title": "Namespace", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Tags associated with the endpoint being created. A tag is a key-value pair that adds metadata to the endpoint. For example, a tag with \"Sales\" as the key might be added to an endpoint to indicate its use by the sales department.", - "title": "Tags", - "type": "array" + "SingleMetricAnomalyDetector": { + "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.SingleMetricAnomalyDetector", + "markdownDescription": "The CloudWatch metric and statistic for this anomaly detector.", + "title": "SingleMetricAnomalyDetector" }, - "TaskConfig": { - "$ref": "#/definitions/AWS::Comprehend::Flywheel.TaskConfig", - "markdownDescription": "Configuration about the model associated with a flywheel.", - "title": "TaskConfig" + "Stat": { + "markdownDescription": "The statistic of the metric associated with the anomaly detection band.", + "title": "Stat", + "type": "string" } }, - "required": [ - "DataAccessRoleArn", - "DataLakeS3Uri", - "FlywheelName" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Comprehend::Flywheel" + "AWS::CloudWatch::AnomalyDetector" ], "type": "string" }, @@ -47902,138 +53794,237 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Comprehend::Flywheel.DataSecurityConfig": { + "AWS::CloudWatch::AnomalyDetector.Configuration": { "additionalProperties": false, "properties": { - "DataLakeKmsKeyId": { - "markdownDescription": "ID for the AWS KMS key that Amazon Comprehend uses to encrypt the data in the data lake.", - "title": "DataLakeKmsKeyId", - "type": "string" + "ExcludedTimeRanges": { + "items": { + "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.Range" + }, + "markdownDescription": "Specifies an array of time ranges to exclude from use when the anomaly detection model is trained and updated. Use this to make sure that events that could cause unusual values for the metric, such as deployments, aren't used when CloudWatch creates or updates the model.", + "title": "ExcludedTimeRanges", + "type": "array" }, - "ModelKmsKeyId": { - "markdownDescription": "ID for the AWS KMS key that Amazon Comprehend uses to encrypt trained custom models. The ModelKmsKeyId can be either of the following formats:\n\n- KMS Key ID: `\"1234abcd-12ab-34cd-56ef-1234567890ab\"`\n- Amazon Resource Name (ARN) of a KMS Key: `\"arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\"`", - "title": "ModelKmsKeyId", + "MetricTimeZone": { + "markdownDescription": "The time zone to use for the metric. This is useful to enable the model to automatically account for daylight savings time changes if the metric is sensitive to such time changes.\n\nTo specify a time zone, use the name of the time zone as specified in the standard tz database. For more information, see [tz database](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Tz_database) .", + "title": "MetricTimeZone", "type": "string" - }, - "VolumeKmsKeyId": { - "markdownDescription": "ID for the AWS KMS key that Amazon Comprehend uses to encrypt the volume.", - "title": "VolumeKmsKeyId", + } + }, + "type": "object" + }, + "AWS::CloudWatch::AnomalyDetector.Dimension": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the dimension.", + "title": "Name", "type": "string" }, - "VpcConfig": { - "$ref": "#/definitions/AWS::Comprehend::Flywheel.VpcConfig", - "markdownDescription": "Configuration parameters for an optional private Virtual Private Cloud (VPC) containing the resources you are using for the job. For more information, see [Amazon VPC](https://docs.aws.amazon.com/vpc/latest/userguide/what-is-amazon-vpc.html) .", - "title": "VpcConfig" + "Value": { + "markdownDescription": "The value of the dimension. Dimension values must contain only ASCII characters and must include at least one non-whitespace character. ASCII control characters are not supported as part of dimension values.", + "title": "Value", + "type": "string" } }, + "required": [ + "Name", + "Value" + ], "type": "object" }, - "AWS::Comprehend::Flywheel.DocumentClassificationConfig": { + "AWS::CloudWatch::AnomalyDetector.Metric": { "additionalProperties": false, "properties": { - "Labels": { + "Dimensions": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.Dimension" }, - "markdownDescription": "One or more labels to associate with the custom classifier.", - "title": "Labels", + "markdownDescription": "The dimensions for the metric.", + "title": "Dimensions", "type": "array" }, - "Mode": { - "markdownDescription": "Classification mode indicates whether the documents are `MULTI_CLASS` or `MULTI_LABEL` .", - "title": "Mode", + "MetricName": { + "markdownDescription": "The name of the metric. This is a required field.", + "title": "MetricName", + "type": "string" + }, + "Namespace": { + "markdownDescription": "The namespace of the metric.", + "title": "Namespace", "type": "string" } }, "required": [ - "Mode" + "MetricName", + "Namespace" ], "type": "object" }, - "AWS::Comprehend::Flywheel.EntityRecognitionConfig": { + "AWS::CloudWatch::AnomalyDetector.MetricCharacteristics": { "additionalProperties": false, "properties": { - "EntityTypes": { + "PeriodicSpikes": { + "markdownDescription": "Set this parameter to true if values for this metric consistently include spikes that should not be considered to be anomalies. With this set to true, CloudWatch will expect to see spikes that occurred consistently during the model training period, and won't flag future similar spikes as anomalies.", + "title": "PeriodicSpikes", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::CloudWatch::AnomalyDetector.MetricDataQueries": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::CloudWatch::AnomalyDetector.MetricDataQuery": { + "additionalProperties": false, + "properties": { + "AccountId": { + "markdownDescription": "The ID of the account where the metrics are located.\n\nIf you are performing a `GetMetricData` operation in a monitoring account, use this to specify which account to retrieve this metric from.\n\nIf you are performing a `PutMetricAlarm` operation, use this to specify which account contains the metric that the alarm is watching.", + "title": "AccountId", + "type": "string" + }, + "Expression": { + "markdownDescription": "This field can contain either a Metrics Insights query, or a metric math expression to be performed on the returned data. For more information about Metrics Insights queries, see [Metrics Insights query components and syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch-metrics-insights-querylanguage) in the *Amazon CloudWatch User Guide* .\n\nA math expression can use the `Id` of the other metrics or queries to refer to those metrics, and can also use the `Id` of other expressions to use the result of those expressions. For more information about metric math expressions, see [Metric Math Syntax and Functions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/using-metric-math.html#metric-math-syntax) in the *Amazon CloudWatch User Guide* .\n\nWithin each MetricDataQuery object, you must specify either `Expression` or `MetricStat` but not both.", + "title": "Expression", + "type": "string" + }, + "Id": { + "markdownDescription": "A short name used to tie this object to the results in the response. This name must be unique within a single call to `GetMetricData` . If you are performing math expressions on this set of data, this name represents that data and can serve as a variable in the mathematical expression. The valid characters are letters, numbers, and underscore. The first character must be a lowercase letter.", + "title": "Id", + "type": "string" + }, + "Label": { + "markdownDescription": "A human-readable label for this metric or expression. This is especially useful if this is an expression, so that you know what the value represents. If the metric or expression is shown in a CloudWatch dashboard widget, the label is shown. If Label is omitted, CloudWatch generates a default.\n\nYou can put dynamic expressions into a label, so that it is more descriptive. For more information, see [Using Dynamic Labels](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/graph-dynamic-labels.html) .", + "title": "Label", + "type": "string" + }, + "MetricStat": { + "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.MetricStat", + "markdownDescription": "The metric to be returned, along with statistics, period, and units. Use this parameter only if this object is retrieving a metric and not performing a math expression on returned data.\n\nWithin one MetricDataQuery object, you must specify either `Expression` or `MetricStat` but not both.", + "title": "MetricStat" + }, + "Period": { + "markdownDescription": "The granularity, in seconds, of the returned data points. For metrics with regular resolution, a period can be as short as one minute (60 seconds) and must be a multiple of 60. For high-resolution metrics that are collected at intervals of less than one minute, the period can be 1, 5, 10, 20, 30, 60, or any multiple of 60. High-resolution metrics are those metrics stored by a `PutMetricData` operation that includes a `StorageResolution of 1 second` .", + "title": "Period", + "type": "number" + }, + "ReturnData": { + "markdownDescription": "When used in `GetMetricData` , this option indicates whether to return the timestamps and raw data values of this metric. If you are performing this call just to do math expressions and do not also need the raw data returned, you can specify `false` . If you omit this, the default of `true` is used.\n\nWhen used in `PutMetricAlarm` , specify `true` for the one expression result to use as the alarm. For all other metrics and expressions in the same `PutMetricAlarm` operation, specify `ReturnData` as False.", + "title": "ReturnData", + "type": "boolean" + } + }, + "required": [ + "Id" + ], + "type": "object" + }, + "AWS::CloudWatch::AnomalyDetector.MetricMathAnomalyDetector": { + "additionalProperties": false, + "properties": { + "MetricDataQueries": { "items": { - "$ref": "#/definitions/AWS::Comprehend::Flywheel.EntityTypesListItem" + "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.MetricDataQuery" }, - "markdownDescription": "Up to 25 entity types that the model is trained to recognize.", - "title": "EntityTypes", + "markdownDescription": "An array of metric data query structures that enables you to create an anomaly detector based on the result of a metric math expression. Each item in `MetricDataQueries` gets a metric or performs a math expression. One item in `MetricDataQueries` is the expression that provides the time series that the anomaly detector uses as input. Designate the expression by setting `ReturnData` to `true` for this object in the array. For all other expressions and metrics, set `ReturnData` to `false` . The designated expression must return a single time series.", + "title": "MetricDataQueries", "type": "array" } }, "type": "object" }, - "AWS::Comprehend::Flywheel.EntityTypesListItem": { + "AWS::CloudWatch::AnomalyDetector.MetricStat": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "An entity type within a labeled training dataset that Amazon Comprehend uses to train a custom entity recognizer.\n\nEntity types must not contain the following invalid characters: \\n (line break), \\\\n (escaped line break, \\r (carriage return), \\\\r (escaped carriage return), \\t (tab), \\\\t (escaped tab), and , (comma).", - "title": "Type", + "Metric": { + "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.Metric", + "markdownDescription": "The metric to return, including the metric name, namespace, and dimensions.", + "title": "Metric" + }, + "Period": { + "markdownDescription": "The granularity, in seconds, of the returned data points. For metrics with regular resolution, a period can be as short as one minute (60 seconds) and must be a multiple of 60. For high-resolution metrics that are collected at intervals of less than one minute, the period can be 1, 5, 10, 20, 30, 60, or any multiple of 60. High-resolution metrics are those metrics stored by a `PutMetricData` call that includes a `StorageResolution` of 1 second.\n\nIf the `StartTime` parameter specifies a time stamp that is greater than 3 hours ago, you must specify the period as follows or no data points in that time range is returned:\n\n- Start time between 3 hours and 15 days ago - Use a multiple of 60 seconds (1 minute).\n- Start time between 15 and 63 days ago - Use a multiple of 300 seconds (5 minutes).\n- Start time greater than 63 days ago - Use a multiple of 3600 seconds (1 hour).", + "title": "Period", + "type": "number" + }, + "Stat": { + "markdownDescription": "The statistic to return. It can include any CloudWatch statistic or extended statistic.", + "title": "Stat", + "type": "string" + }, + "Unit": { + "markdownDescription": "When you are using a `Put` operation, this defines what unit you want to use when storing the metric.\n\nIn a `Get` operation, if you omit `Unit` then all data that was collected with any unit is returned, along with the corresponding units that were specified when the data was reported to CloudWatch. If you specify a unit, the operation returns only data that was collected with that unit specified. If you specify a unit that does not match the data collected, the results of the operation are null. CloudWatch does not perform unit conversions.", + "title": "Unit", "type": "string" } }, "required": [ - "Type" + "Metric", + "Period", + "Stat" ], "type": "object" }, - "AWS::Comprehend::Flywheel.TaskConfig": { + "AWS::CloudWatch::AnomalyDetector.Range": { "additionalProperties": false, "properties": { - "DocumentClassificationConfig": { - "$ref": "#/definitions/AWS::Comprehend::Flywheel.DocumentClassificationConfig", - "markdownDescription": "Configuration required for a document classification model.", - "title": "DocumentClassificationConfig" - }, - "EntityRecognitionConfig": { - "$ref": "#/definitions/AWS::Comprehend::Flywheel.EntityRecognitionConfig", - "markdownDescription": "Configuration required for an entity recognition model.", - "title": "EntityRecognitionConfig" + "EndTime": { + "markdownDescription": "The end time of the range to exclude. The format is `yyyy-MM-dd'T'HH:mm:ss` . For example, `2019-07-01T23:59:59` .", + "title": "EndTime", + "type": "string" }, - "LanguageCode": { - "markdownDescription": "Language code for the language that the model supports.", - "title": "LanguageCode", + "StartTime": { + "markdownDescription": "The start time of the range to exclude. The format is `yyyy-MM-dd'T'HH:mm:ss` . For example, `2019-07-01T23:59:59` .", + "title": "StartTime", "type": "string" } }, "required": [ - "LanguageCode" + "EndTime", + "StartTime" ], "type": "object" }, - "AWS::Comprehend::Flywheel.VpcConfig": { + "AWS::CloudWatch::AnomalyDetector.SingleMetricAnomalyDetector": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The ID number for a security group on an instance of your private VPC. Security groups on your VPC function serve as a virtual firewall to control inbound and outbound traffic and provides security for the resources that you\u2019ll be accessing on the VPC. This ID number is preceded by \"sg-\", for instance: \"sg-03b388029b0a285ea\". For more information, see [Security Groups for your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) .", - "title": "SecurityGroupIds", - "type": "array" + "AccountId": { + "markdownDescription": "If the CloudWatch metric that provides the time series that the anomaly detector uses as input is in another account, specify that account ID here. If you omit this parameter, the current account is used.", + "title": "AccountId", + "type": "string" }, - "Subnets": { + "Dimensions": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.Dimension" }, - "markdownDescription": "The ID for each subnet being used in your private VPC. This subnet is a subset of the a range of IPv4 addresses used by the VPC and is specific to a given availability zone in the VPC\u2019s Region. This ID number is preceded by \"subnet-\", for instance: \"subnet-04ccf456919e69055\". For more information, see [VPCs and Subnets](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) .", - "title": "Subnets", + "markdownDescription": "The metric dimensions to create the anomaly detection model for.", + "title": "Dimensions", "type": "array" + }, + "MetricName": { + "markdownDescription": "The name of the metric to create the anomaly detection model for.", + "title": "MetricName", + "type": "string" + }, + "Namespace": { + "markdownDescription": "The namespace of the metric to create the anomaly detection model for.", + "title": "Namespace", + "type": "string" + }, + "Stat": { + "markdownDescription": "The statistic to use for the metric and anomaly detection model.", + "title": "Stat", + "type": "string" } }, - "required": [ - "SecurityGroupIds", - "Subnets" - ], "type": "object" }, - "AWS::Config::AggregationAuthorization": { + "AWS::CloudWatch::CompositeAlarm": { "additionalProperties": false, "properties": { "Condition": { @@ -48068,34 +54059,82 @@ "Properties": { "additionalProperties": false, "properties": { - "AuthorizedAccountId": { - "markdownDescription": "The 12-digit account ID of the account authorized to aggregate data.", - "title": "AuthorizedAccountId", + "ActionsEnabled": { + "markdownDescription": "Indicates whether actions should be executed during any changes to the alarm state of the composite alarm. The default is TRUE.", + "title": "ActionsEnabled", + "type": "boolean" + }, + "ActionsSuppressor": { + "markdownDescription": "Actions will be suppressed if the suppressor alarm is in the `ALARM` state. `ActionsSuppressor` can be an AlarmName or an Amazon Resource Name (ARN) from an existing alarm.", + "title": "ActionsSuppressor", "type": "string" }, - "AuthorizedAwsRegion": { - "markdownDescription": "The region authorized to collect aggregated data.", - "title": "AuthorizedAwsRegion", + "ActionsSuppressorExtensionPeriod": { + "markdownDescription": "The maximum time in seconds that the composite alarm waits after suppressor alarm goes out of the `ALARM` state. After this time, the composite alarm performs its actions.\n\n> `ExtensionPeriod` is required only when `ActionsSuppressor` is specified.", + "title": "ActionsSuppressorExtensionPeriod", + "type": "number" + }, + "ActionsSuppressorWaitPeriod": { + "markdownDescription": "The maximum time in seconds that the composite alarm waits for the suppressor alarm to go into the `ALARM` state. After this time, the composite alarm performs its actions.\n\n> `WaitPeriod` is required only when `ActionsSuppressor` is specified.", + "title": "ActionsSuppressorWaitPeriod", + "type": "number" + }, + "AlarmActions": { + "items": { + "type": "string" + }, + "markdownDescription": "The actions to execute when this alarm transitions to the ALARM state from any other state. Each action is specified as an Amazon Resource Name (ARN). For more information about creating alarms and the actions that you can specify, see [PutCompositeAlarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutCompositeAlarm.html) in the *Amazon CloudWatch API Reference* .", + "title": "AlarmActions", + "type": "array" + }, + "AlarmDescription": { + "markdownDescription": "The description for the composite alarm.", + "title": "AlarmDescription", + "type": "string" + }, + "AlarmName": { + "markdownDescription": "The name for the composite alarm. This name must be unique within your AWS account.", + "title": "AlarmName", + "type": "string" + }, + "AlarmRule": { + "markdownDescription": "An expression that specifies which other alarms are to be evaluated to determine this composite alarm's state. For each alarm that you reference, you designate a function that specifies whether that alarm needs to be in ALARM state, OK state, or INSUFFICIENT_DATA state. You can use operators (AND, OR and NOT) to combine multiple functions in a single expression. You can use parenthesis to logically group the functions in your expression.\n\nYou can use either alarm names or ARNs to reference the other alarms that are to be evaluated.\n\nFunctions can include the following:\n\n- ALARM(\"alarm-name or alarm-ARN\") is TRUE if the named alarm is in ALARM state.\n- OK(\"alarm-name or alarm-ARN\") is TRUE if the named alarm is in OK state.\n- INSUFFICIENT_DATA(\"alarm-name or alarm-ARN\") is TRUE if the named alarm is in INSUFFICIENT_DATA state.\n- TRUE always evaluates to TRUE.\n- FALSE always evaluates to FALSE.\n\nTRUE and FALSE are useful for testing a complex AlarmRule structure, and for testing your alarm actions.\n\nFor more information about `AlarmRule` syntax, see [PutCompositeAlarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutCompositeAlarm.html) in the *Amazon CloudWatch API Reference* .", + "title": "AlarmRule", "type": "string" }, + "InsufficientDataActions": { + "items": { + "type": "string" + }, + "markdownDescription": "The actions to execute when this alarm transitions to the INSUFFICIENT_DATA state from any other state. Each action is specified as an Amazon Resource Name (ARN). For more information about creating alarms and the actions that you can specify, see [PutCompositeAlarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutCompositeAlarm.html) in the *Amazon CloudWatch API Reference* .", + "title": "InsufficientDataActions", + "type": "array" + }, + "OKActions": { + "items": { + "type": "string" + }, + "markdownDescription": "The actions to execute when this alarm transitions to the OK state from any other state. Each action is specified as an Amazon Resource Name (ARN). For more information about creating alarms and the actions that you can specify, see [PutCompositeAlarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutCompositeAlarm.html) in the *Amazon CloudWatch API Reference* .", + "title": "OKActions", + "type": "array" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of tag object.", + "markdownDescription": "A list of key-value pairs to associate with the alarm. You can associate as many as 50 tags with an alarm. To be able to associate tags with the alarm when you create the alarm, you must have the `cloudwatch:TagResource` permission.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.", "title": "Tags", "type": "array" } }, "required": [ - "AuthorizedAccountId", - "AuthorizedAwsRegion" + "AlarmRule" ], "type": "object" }, "Type": { "enum": [ - "AWS::Config::AggregationAuthorization" + "AWS::CloudWatch::CompositeAlarm" ], "type": "string" }, @@ -48114,7 +54153,7 @@ ], "type": "object" }, - "AWS::Config::ConfigRule": { + "AWS::CloudWatch::Dashboard": { "additionalProperties": false, "properties": { "Condition": { @@ -48149,58 +54188,25 @@ "Properties": { "additionalProperties": false, "properties": { - "Compliance": { - "$ref": "#/definitions/AWS::Config::ConfigRule.Compliance", - "markdownDescription": "Indicates whether an AWS resource or AWS Config rule is compliant and provides the number of contributors that affect the compliance.", - "title": "Compliance" - }, - "ConfigRuleName": { - "markdownDescription": "A name for the AWS Config rule. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the rule name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .", - "title": "ConfigRuleName", - "type": "string" - }, - "Description": { - "markdownDescription": "The description that you provide for the AWS Config rule.", - "title": "Description", + "DashboardBody": { + "markdownDescription": "The detailed information about the dashboard in JSON format, including the widgets to include and their location on the dashboard. This parameter is required.\n\nFor more information about the syntax, see [Dashboard Body Structure and Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/CloudWatch-Dashboard-Body-Structure.html) .", + "title": "DashboardBody", "type": "string" }, - "EvaluationModes": { - "items": { - "$ref": "#/definitions/AWS::Config::ConfigRule.EvaluationModeConfiguration" - }, - "markdownDescription": "The modes the AWS Config rule can be evaluated in. The valid values are distinct objects. By default, the value is Detective evaluation mode only.", - "title": "EvaluationModes", - "type": "array" - }, - "InputParameters": { - "markdownDescription": "A string, in JSON format, that is passed to the AWS Config rule Lambda function.", - "title": "InputParameters", - "type": "object" - }, - "MaximumExecutionFrequency": { - "markdownDescription": "The maximum frequency with which AWS Config runs evaluations for a rule. You can specify a value for `MaximumExecutionFrequency` when:\n\n- You are using an AWS managed rule that is triggered at a periodic frequency.\n- Your custom rule is triggered when AWS Config delivers the configuration snapshot. For more information, see [ConfigSnapshotDeliveryProperties](https://docs.aws.amazon.com/config/latest/APIReference/API_ConfigSnapshotDeliveryProperties.html) .\n\n> By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the `MaximumExecutionFrequency` parameter.", - "title": "MaximumExecutionFrequency", + "DashboardName": { + "markdownDescription": "The name of the dashboard. The name must be between 1 and 255 characters. If you do not specify a name, one will be generated automatically.", + "title": "DashboardName", "type": "string" - }, - "Scope": { - "$ref": "#/definitions/AWS::Config::ConfigRule.Scope", - "markdownDescription": "Defines which resources can trigger an evaluation for the rule. The scope can include one or more resource types, a combination of one resource type and one resource ID, or a combination of a tag key and value. Specify a scope to constrain the resources that can trigger an evaluation for the rule. If you do not specify a scope, evaluations are triggered when any resource in the recording group changes.", - "title": "Scope" - }, - "Source": { - "$ref": "#/definitions/AWS::Config::ConfigRule.Source", - "markdownDescription": "Provides the rule owner ( `AWS` for managed rules, `CUSTOM_POLICY` for Custom Policy rules, and `CUSTOM_LAMBDA` for Custom Lambda rules), the rule identifier, and the notifications that cause the function to evaluate your AWS resources.", - "title": "Source" } }, "required": [ - "Source" + "DashboardBody" ], "type": "object" }, "Type": { "enum": [ - "AWS::Config::ConfigRule" + "AWS::CloudWatch::Dashboard" ], "type": "string" }, @@ -48219,136 +54225,7 @@ ], "type": "object" }, - "AWS::Config::ConfigRule.Compliance": { - "additionalProperties": false, - "properties": { - "Type": { - "markdownDescription": "Indicates whether an AWS resource or AWS Config rule is compliant.\n\nA resource is compliant if it complies with all of the AWS Config rules that evaluate it. A resource is noncompliant if it does not comply with one or more of these rules.\n\nA rule is compliant if all of the resources that the rule evaluates comply with it. A rule is noncompliant if any of these resources do not comply.\n\nAWS Config returns the `INSUFFICIENT_DATA` value when no evaluation results are available for the AWS resource or AWS Config rule.\n\nFor the `Compliance` data type, AWS Config supports only `COMPLIANT` , `NON_COMPLIANT` , and `INSUFFICIENT_DATA` values. AWS Config does not support the `NOT_APPLICABLE` value for the `Compliance` data type.", - "title": "Type", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Config::ConfigRule.CustomPolicyDetails": { - "additionalProperties": false, - "properties": { - "EnableDebugLogDelivery": { - "markdownDescription": "The boolean expression for enabling debug logging for your AWS Config Custom Policy rule. The default value is `false` .", - "title": "EnableDebugLogDelivery", - "type": "boolean" - }, - "PolicyRuntime": { - "markdownDescription": "The runtime system for your AWS Config Custom Policy rule. Guard is a policy-as-code language that allows you to write policies that are enforced by AWS Config Custom Policy rules. For more information about Guard, see the [Guard GitHub Repository](https://docs.aws.amazon.com/https://github.com/aws-cloudformation/cloudformation-guard) .", - "title": "PolicyRuntime", - "type": "string" - }, - "PolicyText": { - "markdownDescription": "The policy definition containing the logic for your AWS Config Custom Policy rule.", - "title": "PolicyText", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Config::ConfigRule.EvaluationModeConfiguration": { - "additionalProperties": false, - "properties": { - "Mode": { - "markdownDescription": "The mode of an evaluation. The valid values are Detective or Proactive.", - "title": "Mode", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Config::ConfigRule.Scope": { - "additionalProperties": false, - "properties": { - "ComplianceResourceId": { - "markdownDescription": "The ID of the only AWS resource that you want to trigger an evaluation for the rule. If you specify a resource ID, you must specify one resource type for `ComplianceResourceTypes` .", - "title": "ComplianceResourceId", - "type": "string" - }, - "ComplianceResourceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The resource types of only those AWS resources that you want to trigger an evaluation for the rule. You can only specify one type if you also specify a resource ID for `ComplianceResourceId` .", - "title": "ComplianceResourceTypes", - "type": "array" - }, - "TagKey": { - "markdownDescription": "The tag key that is applied to only those AWS resources that you want to trigger an evaluation for the rule.", - "title": "TagKey", - "type": "string" - }, - "TagValue": { - "markdownDescription": "The tag value applied to only those AWS resources that you want to trigger an evaluation for the rule. If you specify a value for `TagValue` , you must also specify a value for `TagKey` .", - "title": "TagValue", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Config::ConfigRule.Source": { - "additionalProperties": false, - "properties": { - "CustomPolicyDetails": { - "$ref": "#/definitions/AWS::Config::ConfigRule.CustomPolicyDetails", - "markdownDescription": "Provides the runtime system, policy definition, and whether debug logging is enabled. Required when owner is set to `CUSTOM_POLICY` .", - "title": "CustomPolicyDetails" - }, - "Owner": { - "markdownDescription": "Indicates whether AWS or the customer owns and manages the AWS Config rule.\n\nAWS Config Managed Rules are predefined rules owned by AWS . For more information, see [AWS Config Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html) in the *AWS Config developer guide* .\n\nAWS Config Custom Rules are rules that you can develop either with Guard ( `CUSTOM_POLICY` ) or AWS Lambda ( `CUSTOM_LAMBDA` ). For more information, see [AWS Config Custom Rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_develop-rules.html) in the *AWS Config developer guide* .", - "title": "Owner", - "type": "string" - }, - "SourceDetails": { - "items": { - "$ref": "#/definitions/AWS::Config::ConfigRule.SourceDetail" - }, - "markdownDescription": "Provides the source and the message types that cause AWS Config to evaluate your AWS resources against a rule. It also provides the frequency with which you want AWS Config to run evaluations for the rule if the trigger type is periodic.\n\nIf the owner is set to `CUSTOM_POLICY` , the only acceptable values for the AWS Config rule trigger message type are `ConfigurationItemChangeNotification` and `OversizedConfigurationItemChangeNotification` .", - "title": "SourceDetails", - "type": "array" - }, - "SourceIdentifier": { - "markdownDescription": "For AWS Config Managed rules, a predefined identifier from a list. For example, `IAM_PASSWORD_POLICY` is a managed rule. To reference a managed rule, see [List of AWS Config Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/managed-rules-by-aws-config.html) .\n\nFor AWS Config Custom Lambda rules, the identifier is the Amazon Resource Name (ARN) of the rule's AWS Lambda function, such as `arn:aws:lambda:us-east-2:123456789012:function:custom_rule_name` .\n\nFor AWS Config Custom Policy rules, this field will be ignored.", - "title": "SourceIdentifier", - "type": "string" - } - }, - "required": [ - "Owner" - ], - "type": "object" - }, - "AWS::Config::ConfigRule.SourceDetail": { - "additionalProperties": false, - "properties": { - "EventSource": { - "markdownDescription": "The source of the event, such as an AWS service, that triggers AWS Config to evaluate your AWS resources.", - "title": "EventSource", - "type": "string" - }, - "MaximumExecutionFrequency": { - "markdownDescription": "The frequency at which you want AWS Config to run evaluations for a custom rule with a periodic trigger. If you specify a value for `MaximumExecutionFrequency` , then `MessageType` must use the `ScheduledNotification` value.\n\n> By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the `MaximumExecutionFrequency` parameter.\n> \n> Based on the valid value you choose, AWS Config runs evaluations once for each valid value. For example, if you choose `Three_Hours` , AWS Config runs evaluations once every three hours. In this case, `Three_Hours` is the frequency of this rule.", - "title": "MaximumExecutionFrequency", - "type": "string" - }, - "MessageType": { - "markdownDescription": "The type of notification that triggers AWS Config to run an evaluation for a rule. You can specify the following notification types:\n\n- `ConfigurationItemChangeNotification` - Triggers an evaluation when AWS Config delivers a configuration item as a result of a resource change.\n- `OversizedConfigurationItemChangeNotification` - Triggers an evaluation when AWS Config delivers an oversized configuration item. AWS Config may generate this notification type when a resource changes and the notification exceeds the maximum size allowed by Amazon SNS.\n- `ScheduledNotification` - Triggers a periodic evaluation at the frequency specified for `MaximumExecutionFrequency` .\n- `ConfigurationSnapshotDeliveryCompleted` - Triggers a periodic evaluation when AWS Config delivers a configuration snapshot.\n\nIf you want your custom rule to be triggered by configuration changes, specify two SourceDetail objects, one for `ConfigurationItemChangeNotification` and one for `OversizedConfigurationItemChangeNotification` .", - "title": "MessageType", - "type": "string" - } - }, - "required": [ - "EventSource", - "MessageType" - ], - "type": "object" - }, - "AWS::Config::ConfigurationAggregator": { + "AWS::CloudWatch::InsightRule": { "additionalProperties": false, "properties": { "Condition": { @@ -48383,38 +54260,42 @@ "Properties": { "additionalProperties": false, "properties": { - "AccountAggregationSources": { - "items": { - "$ref": "#/definitions/AWS::Config::ConfigurationAggregator.AccountAggregationSource" - }, - "markdownDescription": "Provides a list of source accounts and regions to be aggregated.", - "title": "AccountAggregationSources", - "type": "array" + "ApplyOnTransformedLogs": { + "markdownDescription": "Determines whether the rules is evaluated on transformed versions of logs. Valid values are `TRUE` and `FALSE` .", + "title": "ApplyOnTransformedLogs", + "type": "boolean" }, - "ConfigurationAggregatorName": { - "markdownDescription": "The name of the aggregator.", - "title": "ConfigurationAggregatorName", + "RuleBody": { + "markdownDescription": "The definition of the rule, as a JSON object. For details about the syntax, see [Contributor Insights Rule Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/ContributorInsights-RuleSyntax.html) in the *Amazon CloudWatch User Guide* .", + "title": "RuleBody", "type": "string" }, - "OrganizationAggregationSource": { - "$ref": "#/definitions/AWS::Config::ConfigurationAggregator.OrganizationAggregationSource", - "markdownDescription": "Provides an organization and list of regions to be aggregated.", - "title": "OrganizationAggregationSource" + "RuleName": { + "markdownDescription": "The name of the rule.", + "title": "RuleName", + "type": "string" + }, + "RuleState": { + "markdownDescription": "The current state of the rule. Valid values are `ENABLED` and `DISABLED` .", + "title": "RuleState", + "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of tag object.", - "title": "Tags", - "type": "array" + "$ref": "#/definitions/AWS::CloudWatch::InsightRule.Tags", + "markdownDescription": "A list of key-value pairs to associate with the Contributor Insights rule. You can associate as many as 50 tags with a rule.\n\nTags can help you organize and categorize your resources. For more information, see [Tagging Your Amazon CloudWatch Resources](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Tagging.html) .\n\nTo be able to associate tags with a rule, you must have the `cloudwatch:TagResource` permission in addition to the `cloudwatch:PutInsightRule` permission.", + "title": "Tags" } }, + "required": [ + "RuleBody", + "RuleName", + "RuleState" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Config::ConfigurationAggregator" + "AWS::CloudWatch::InsightRule" ], "type": "string" }, @@ -48428,80 +54309,29 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Config::ConfigurationAggregator.AccountAggregationSource": { + "AWS::CloudWatch::InsightRule.Tags": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::CloudWatch::MetricStream": { "additionalProperties": false, "properties": { - "AccountIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The 12-digit account ID of the account being aggregated.", - "title": "AccountIds", - "type": "array" + "Condition": { + "type": "string" }, - "AllAwsRegions": { - "markdownDescription": "If true, aggregate existing AWS Config regions and future regions.", - "title": "AllAwsRegions", - "type": "boolean" - }, - "AwsRegions": { - "items": { - "type": "string" - }, - "markdownDescription": "The source regions being aggregated.", - "title": "AwsRegions", - "type": "array" - } - }, - "required": [ - "AccountIds" - ], - "type": "object" - }, - "AWS::Config::ConfigurationAggregator.OrganizationAggregationSource": { - "additionalProperties": false, - "properties": { - "AllAwsRegions": { - "markdownDescription": "If true, aggregate existing AWS Config regions and future regions.", - "title": "AllAwsRegions", - "type": "boolean" - }, - "AwsRegions": { - "items": { - "type": "string" - }, - "markdownDescription": "The source regions being aggregated.", - "title": "AwsRegions", - "type": "array" - }, - "RoleArn": { - "markdownDescription": "ARN of the IAM role used to retrieve AWS Organizations details associated with the aggregator account.", - "title": "RoleArn", - "type": "string" - } - }, - "required": [ - "RoleArn" - ], - "type": "object" - }, - "AWS::Config::ConfigurationRecorder": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, "DependsOn": { "anyOf": [ @@ -48524,35 +54354,74 @@ "Properties": { "additionalProperties": false, "properties": { + "ExcludeFilters": { + "items": { + "$ref": "#/definitions/AWS::CloudWatch::MetricStream.MetricStreamFilter" + }, + "markdownDescription": "If you specify this parameter, the stream sends metrics from all metric namespaces except for the namespaces that you specify here. You cannot specify both `IncludeFilters` and `ExcludeFilters` in the same metric stream.\n\nWhen you modify the `IncludeFilters` or `ExcludeFilters` of an existing metric stream in any way, the metric stream is effectively restarted, so after such a change you will get only the datapoints that have a timestamp after the time of the update.", + "title": "ExcludeFilters", + "type": "array" + }, + "FirehoseArn": { + "markdownDescription": "The ARN of the Amazon Kinesis Firehose delivery stream to use for this metric stream. This Amazon Kinesis Firehose delivery stream must already exist and must be in the same account as the metric stream.", + "title": "FirehoseArn", + "type": "string" + }, + "IncludeFilters": { + "items": { + "$ref": "#/definitions/AWS::CloudWatch::MetricStream.MetricStreamFilter" + }, + "markdownDescription": "If you specify this parameter, the stream sends only the metrics from the metric namespaces that you specify here. You cannot specify both `IncludeFilters` and `ExcludeFilters` in the same metric stream.\n\nWhen you modify the `IncludeFilters` or `ExcludeFilters` of an existing metric stream in any way, the metric stream is effectively restarted, so after such a change you will get only the datapoints that have a timestamp after the time of the update.", + "title": "IncludeFilters", + "type": "array" + }, + "IncludeLinkedAccountsMetrics": { + "markdownDescription": "If you are creating a metric stream in a monitoring account, specify `true` to include metrics from source accounts that are linked to this monitoring account, in the metric stream. The default is `false` .\n\nFor more information about linking accounts, see [CloudWatch cross-account observability](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Unified-Cross-Account.html)", + "title": "IncludeLinkedAccountsMetrics", + "type": "boolean" + }, "Name": { - "markdownDescription": "The name of the configuration recorder. AWS Config automatically assigns the name of \"default\" when creating the configuration recorder.\n\nYou cannot change the name of the configuration recorder after it has been created. To change the configuration recorder name, you must delete it and create a new configuration recorder with a new name.", + "markdownDescription": "If you are creating a new metric stream, this is the name for the new stream. The name must be different than the names of other metric streams in this account and Region.\n\nIf you are updating a metric stream, specify the name of that stream here.", "title": "Name", "type": "string" }, - "RecordingGroup": { - "$ref": "#/definitions/AWS::Config::ConfigurationRecorder.RecordingGroup", - "markdownDescription": "Specifies which resource types AWS Config records for configuration changes.\n\n> *High Number of AWS Config Evaluations*\n> \n> You may notice increased activity in your account during your initial month recording with AWS Config when compared to subsequent months. During the initial bootstrapping process, AWS Config runs evaluations on all the resources in your account that you have selected for AWS Config to record.\n> \n> If you are running ephemeral workloads, you may see increased activity from AWS Config as it records configuration changes associated with creating and deleting these temporary resources. An *ephemeral workload* is a temporary use of computing resources that are loaded and run when needed. Examples include Amazon Elastic Compute Cloud ( Amazon EC2 ) Spot Instances, Amazon EMR jobs, and AWS Auto Scaling . If you want to avoid the increased activity from running ephemeral workloads, you can run these types of workloads in a separate account with AWS Config turned off to avoid increased configuration recording and rule evaluations.", - "title": "RecordingGroup" - }, - "RecordingMode": { - "$ref": "#/definitions/AWS::Config::ConfigurationRecorder.RecordingMode", - "markdownDescription": "Specifies the default recording frequency for the configuration recorder. AWS Config supports *Continuous recording* and *Daily recording* .\n\n- Continuous recording allows you to record configuration changes continuously whenever a change occurs.\n- Daily recording allows you to receive a configuration item (CI) representing the most recent state of your resources over the last 24-hour period, only if it\u2019s different from the previous CI recorded.\n\n> *Some resource types require continuous recording*\n> \n> AWS Firewall Manager depends on continuous recording to monitor your resources. If you are using Firewall Manager, it is recommended that you set the recording frequency to Continuous. \n\nYou can also override the recording frequency for specific resource types.", - "title": "RecordingMode" + "OutputFormat": { + "markdownDescription": "The output format for the stream. Valid values are `json` , `opentelemetry1.0` and `opentelemetry0.7` For more information about metric stream output formats, see [Metric streams output formats](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-metric-streams-formats.html) .\n\nThis parameter is required.", + "title": "OutputFormat", + "type": "string" }, - "RoleARN": { - "markdownDescription": "Amazon Resource Name (ARN) of the IAM role assumed by AWS Config and used by the configuration recorder. For more information, see [Permissions for the IAM Role Assigned](https://docs.aws.amazon.com/config/latest/developerguide/iamrole-permissions.html) to AWS Config in the AWS Config Developer Guide.\n\n> *Pre-existing AWS Config role*\n> \n> If you have used an AWS service that uses AWS Config , such as AWS Security Hub or AWS Control Tower , and an AWS Config role has already been created, make sure that the IAM role that you use when setting up AWS Config keeps the same minimum permissions as the already created AWS Config role. You must do this so that the other AWS service continues to run as expected.\n> \n> For example, if AWS Control Tower has an IAM role that allows AWS Config to read Amazon Simple Storage Service ( Amazon S3 ) objects, make sure that the same permissions are granted within the IAM role you use when setting up AWS Config . Otherwise, it may interfere with how AWS Control Tower operates. For more information about IAM roles for AWS Config , see [*Identity and Access Management for AWS Config*](https://docs.aws.amazon.com/config/latest/developerguide/security-iam.html) in the *AWS Config Developer Guide* .", - "title": "RoleARN", + "RoleArn": { + "markdownDescription": "The ARN of an IAM role that this metric stream will use to access Amazon Kinesis Firehose resources. This IAM role must already exist and must be in the same account as the metric stream. This IAM role must include the `firehose:PutRecord` and `firehose:PutRecordBatch` permissions.", + "title": "RoleArn", "type": "string" + }, + "StatisticsConfigurations": { + "items": { + "$ref": "#/definitions/AWS::CloudWatch::MetricStream.MetricStreamStatisticsConfiguration" + }, + "markdownDescription": "By default, a metric stream always sends the MAX, MIN, SUM, and SAMPLECOUNT statistics for each metric that is streamed. You can use this parameter to have the metric stream also send additional statistics in the stream. This array can have up to 100 members.\n\nFor each entry in this array, you specify one or more metrics and the list of additional statistics to stream for those metrics. The additional statistics that you can stream depend on the stream's `OutputFormat` . If the `OutputFormat` is `json` , you can stream any additional statistic that is supported by CloudWatch , listed in [CloudWatch statistics definitions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Statistics-definitions.html) . If the `OutputFormat` is OpenTelemetry, you can stream percentile statistics.", + "title": "StatisticsConfigurations", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to the metric stream.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, "required": [ - "RoleARN" + "FirehoseArn", + "OutputFormat", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Config::ConfigurationRecorder" + "AWS::CloudWatch::MetricStream" ], "type": "string" }, @@ -48571,122 +54440,75 @@ ], "type": "object" }, - "AWS::Config::ConfigurationRecorder.ExclusionByResourceTypes": { + "AWS::CloudWatch::MetricStream.MetricStreamFilter": { "additionalProperties": false, "properties": { - "ResourceTypes": { + "MetricNames": { "items": { "type": "string" }, - "markdownDescription": "A comma-separated list of resource types to exclude from recording by the configuration recorder.", - "title": "ResourceTypes", + "markdownDescription": "The names of the metrics to either include or exclude from the metric stream.\n\nIf you omit this parameter, all metrics in the namespace are included or excluded, depending on whether this filter is specified as an exclude filter or an include filter.\n\nEach metric name can contain only ASCII printable characters (ASCII range 32 through 126). Each metric name must contain at least one non-whitespace character.", + "title": "MetricNames", "type": "array" + }, + "Namespace": { + "markdownDescription": "The name of the metric namespace in the filter.\n\nThe namespace can contain only ASCII printable characters (ASCII range 32 through 126). It must contain at least one non-whitespace character.", + "title": "Namespace", + "type": "string" } }, "required": [ - "ResourceTypes" + "Namespace" ], "type": "object" }, - "AWS::Config::ConfigurationRecorder.RecordingGroup": { + "AWS::CloudWatch::MetricStream.MetricStreamStatisticsConfiguration": { "additionalProperties": false, "properties": { - "AllSupported": { - "markdownDescription": "Specifies whether AWS Config records configuration changes for all supported resource types, excluding the global IAM resource types.\n\nIf you set this field to `true` , when AWS Config adds support for a new resource type, AWS Config starts recording resources of that type automatically.\n\nIf you set this field to `true` , you cannot enumerate specific resource types to record in the `resourceTypes` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) , or to exclude in the `resourceTypes` field of [ExclusionByResourceTypes](https://docs.aws.amazon.com/config/latest/APIReference/API_ExclusionByResourceTypes.html) .\n\n> *Region availability*\n> \n> Check [Resource Coverage by Region Availability](https://docs.aws.amazon.com/config/latest/developerguide/what-is-resource-config-coverage.html) to see if a resource type is supported in the AWS Region where you set up AWS Config .", - "title": "AllSupported", - "type": "boolean" - }, - "ExclusionByResourceTypes": { - "$ref": "#/definitions/AWS::Config::ConfigurationRecorder.ExclusionByResourceTypes", - "markdownDescription": "An object that specifies how AWS Config excludes resource types from being recorded by the configuration recorder.\n\nTo use this option, you must set the `useOnly` field of [AWS::Config::ConfigurationRecorder RecordingStrategy](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-config-configurationrecorder-recordingstrategy.html) to `EXCLUSION_BY_RESOURCE_TYPES` .", - "title": "ExclusionByResourceTypes" - }, - "IncludeGlobalResourceTypes": { - "markdownDescription": "This option is a bundle which only applies to the global IAM resource types: IAM users, groups, roles, and customer managed policies. These global IAM resource types can only be recorded by AWS Config in Regions where AWS Config was available before February 2022. You cannot be record the global IAM resouce types in Regions supported by AWS Config after February 2022. This list where you cannot record the global IAM resource types includes the following Regions:\n\n- Asia Pacific (Hyderabad)\n- Asia Pacific (Melbourne)\n- Canada West (Calgary)\n- Europe (Spain)\n- Europe (Zurich)\n- Israel (Tel Aviv)\n- Middle East (UAE)\n\n> *Aurora global clusters are recorded in all enabled Regions*\n> \n> The `AWS::RDS::GlobalCluster` resource type will be recorded in all supported AWS Config Regions where the configuration recorder is enabled, even if `IncludeGlobalResourceTypes` is set to `false` . The `IncludeGlobalResourceTypes` option is a bundle which only applies to IAM users, groups, roles, and customer managed policies.\n> \n> If you do not want to record `AWS::RDS::GlobalCluster` in all enabled Regions, use one of the following recording strategies:\n> \n> - *Record all current and future resource types with exclusions* ( `EXCLUSION_BY_RESOURCE_TYPES` ), or\n> - *Record specific resource types* ( `INCLUSION_BY_RESOURCE_TYPES` ).\n> \n> For more information, see [Selecting Which Resources are Recorded](https://docs.aws.amazon.com/config/latest/developerguide/select-resources.html#select-resources-all) in the *AWS Config developer guide* . > *IncludeGlobalResourceTypes and the exclusion recording strategy*\n> \n> The `IncludeGlobalResourceTypes` field has no impact on the `EXCLUSION_BY_RESOURCE_TYPES` recording strategy. This means that the global IAM resource types ( IAM users, groups, roles, and customer managed policies) will not be automatically added as exclusions for `ExclusionByResourceTypes` when `IncludeGlobalResourceTypes` is set to `false` .\n> \n> The `IncludeGlobalResourceTypes` field should only be used to modify the `AllSupported` field, as the default for the `AllSupported` field is to record configuration changes for all supported resource types excluding the global IAM resource types. To include the global IAM resource types when `AllSupported` is set to `true` , make sure to set `IncludeGlobalResourceTypes` to `true` .\n> \n> To exclude the global IAM resource types for the `EXCLUSION_BY_RESOURCE_TYPES` recording strategy, you need to manually add them to the `ResourceTypes` field of `ExclusionByResourceTypes` . > *Required and optional fields*\n> \n> Before you set this field to `true` , set the `AllSupported` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) to `true` . Optionally, you can set the `useOnly` field of [RecordingStrategy](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingStrategy.html) to `ALL_SUPPORTED_RESOURCE_TYPES` . > *Overriding fields*\n> \n> If you set this field to `false` but list global IAM resource types in the `ResourceTypes` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) , AWS Config will still record configuration changes for those specified resource types *regardless* of if you set the `IncludeGlobalResourceTypes` field to false.\n> \n> If you do not want to record configuration changes to the global IAM resource types (IAM users, groups, roles, and customer managed policies), make sure to not list them in the `ResourceTypes` field in addition to setting the `IncludeGlobalResourceTypes` field to false.", - "title": "IncludeGlobalResourceTypes", - "type": "boolean" - }, - "RecordingStrategy": { - "$ref": "#/definitions/AWS::Config::ConfigurationRecorder.RecordingStrategy", - "markdownDescription": "An object that specifies the recording strategy for the configuration recorder.\n\n- If you set the `useOnly` field of [RecordingStrategy](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingStrategy.html) to `ALL_SUPPORTED_RESOURCE_TYPES` , AWS Config records configuration changes for all supported resource types, excluding the global IAM resource types. You also must set the `AllSupported` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) to `true` . When AWS Config adds support for a new resource type, AWS Config automatically starts recording resources of that type.\n- If you set the `useOnly` field of [RecordingStrategy](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingStrategy.html) to `INCLUSION_BY_RESOURCE_TYPES` , AWS Config records configuration changes for only the resource types you specify in the `ResourceTypes` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) .\n- If you set the `useOnly` field of [RecordingStrategy](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingStrategy.html) to `EXCLUSION_BY_RESOURCE_TYPES` , AWS Config records configuration changes for all supported resource types except the resource types that you specify to exclude from being recorded in the `ResourceTypes` field of [ExclusionByResourceTypes](https://docs.aws.amazon.com/config/latest/APIReference/API_ExclusionByResourceTypes.html) .\n\n> *Required and optional fields*\n> \n> The `recordingStrategy` field is optional when you set the `AllSupported` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) to `true` .\n> \n> The `recordingStrategy` field is optional when you list resource types in the `ResourceTypes` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) .\n> \n> The `recordingStrategy` field is required if you list resource types to exclude from recording in the `ResourceTypes` field of [ExclusionByResourceTypes](https://docs.aws.amazon.com/config/latest/APIReference/API_ExclusionByResourceTypes.html) . > *Overriding fields*\n> \n> If you choose `EXCLUSION_BY_RESOURCE_TYPES` for the recording strategy, the `ExclusionByResourceTypes` field will override other properties in the request.\n> \n> For example, even if you set `IncludeGlobalResourceTypes` to false, global IAM resource types will still be automatically recorded in this option unless those resource types are specifically listed as exclusions in the `ResourceTypes` field of `ExclusionByResourceTypes` . > *Global resources types and the resource exclusion recording strategy*\n> \n> By default, if you choose the `EXCLUSION_BY_RESOURCE_TYPES` recording strategy, when AWS Config adds support for a new resource type in the Region where you set up the configuration recorder, including global resource types, AWS Config starts recording resources of that type automatically.\n> \n> Unless specifically listed as exclusions, `AWS::RDS::GlobalCluster` will be recorded automatically in all supported AWS Config Regions were the configuration recorder is enabled.\n> \n> IAM users, groups, roles, and customer managed policies will be recorded in the Region where you set up the configuration recorder if that is a Region where AWS Config was available before February 2022. You cannot be record the global IAM resouce types in Regions supported by AWS Config after February 2022. This list where you cannot record the global IAM resource types includes the following Regions:\n> \n> - Asia Pacific (Hyderabad)\n> - Asia Pacific (Melbourne)\n> - Canada West (Calgary)\n> - Europe (Spain)\n> - Europe (Zurich)\n> - Israel (Tel Aviv)\n> - Middle East (UAE)", - "title": "RecordingStrategy" - }, - "ResourceTypes": { + "AdditionalStatistics": { "items": { "type": "string" }, - "markdownDescription": "A comma-separated list that specifies which resource types AWS Config records.\n\nFor a list of valid `ResourceTypes` values, see the *Resource Type Value* column in [Supported AWS resource Types](https://docs.aws.amazon.com/config/latest/developerguide/resource-config-reference.html#supported-resources) in the *AWS Config developer guide* .\n\n> *Required and optional fields*\n> \n> Optionally, you can set the `useOnly` field of [RecordingStrategy](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingStrategy.html) to `INCLUSION_BY_RESOURCE_TYPES` .\n> \n> To record all configuration changes, set the `AllSupported` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) to `true` , and either omit this field or don't specify any resource types in this field. If you set the `AllSupported` field to `false` and specify values for `ResourceTypes` , when AWS Config adds support for a new type of resource, it will not record resources of that type unless you manually add that type to your recording group. > *Region availability*\n> \n> Before specifying a resource type for AWS Config to track, check [Resource Coverage by Region Availability](https://docs.aws.amazon.com/config/latest/developerguide/what-is-resource-config-coverage.html) to see if the resource type is supported in the AWS Region where you set up AWS Config . If a resource type is supported by AWS Config in at least one Region, you can enable the recording of that resource type in all Regions supported by AWS Config , even if the specified resource type is not supported in the AWS Region where you set up AWS Config .", - "title": "ResourceTypes", + "markdownDescription": "The additional statistics to stream for the metrics listed in `IncludeMetrics` .", + "title": "AdditionalStatistics", "type": "array" - } - }, - "type": "object" - }, - "AWS::Config::ConfigurationRecorder.RecordingMode": { - "additionalProperties": false, - "properties": { - "RecordingFrequency": { - "markdownDescription": "The default recording frequency that AWS Config uses to record configuration changes.\n\n> Daily recording cannot be specified for the following resource types:\n> \n> - `AWS::Config::ResourceCompliance`\n> - `AWS::Config::ConformancePackCompliance`\n> - `AWS::Config::ConfigurationRecorder`\n> \n> For the *allSupported* ( `ALL_SUPPORTED_RESOURCE_TYPES` ) recording strategy, these resource types will be set to Continuous recording.", - "title": "RecordingFrequency", - "type": "string" }, - "RecordingModeOverrides": { + "IncludeMetrics": { "items": { - "$ref": "#/definitions/AWS::Config::ConfigurationRecorder.RecordingModeOverride" + "$ref": "#/definitions/AWS::CloudWatch::MetricStream.MetricStreamStatisticsMetric" }, - "markdownDescription": "An array of `recordingModeOverride` objects for you to specify your overrides for the recording mode. The `recordingModeOverride` object in the `recordingModeOverrides` array consists of three fields: a `description` , the new `recordingFrequency` , and an array of `resourceTypes` to override.", - "title": "RecordingModeOverrides", + "markdownDescription": "An array that defines the metrics that are to have additional statistics streamed.", + "title": "IncludeMetrics", "type": "array" } }, "required": [ - "RecordingFrequency" + "AdditionalStatistics", + "IncludeMetrics" ], "type": "object" }, - "AWS::Config::ConfigurationRecorder.RecordingModeOverride": { + "AWS::CloudWatch::MetricStream.MetricStreamStatisticsMetric": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description that you provide for the override.", - "title": "Description", - "type": "string" - }, - "RecordingFrequency": { - "markdownDescription": "The recording frequency that will be applied to all the resource types specified in the override.\n\n- Continuous recording allows you to record configuration changes continuously whenever a change occurs.\n- Daily recording allows you to receive a configuration item (CI) representing the most recent state of your resources over the last 24-hour period, only if it\u2019s different from the previous CI recorded.\n\n> AWS Firewall Manager depends on continuous recording to monitor your resources. If you are using Firewall Manager, it is recommended that you set the recording frequency to Continuous.", - "title": "RecordingFrequency", + "MetricName": { + "markdownDescription": "The name of the metric.", + "title": "MetricName", "type": "string" }, - "ResourceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "A comma-separated list that specifies which resource types AWS Config includes in the override.\n\n> Daily recording cannot be specified for the following resource types:\n> \n> - `AWS::Config::ResourceCompliance`\n> - `AWS::Config::ConformancePackCompliance`\n> - `AWS::Config::ConfigurationRecorder`", - "title": "ResourceTypes", - "type": "array" - } - }, - "required": [ - "RecordingFrequency", - "ResourceTypes" - ], - "type": "object" - }, - "AWS::Config::ConfigurationRecorder.RecordingStrategy": { - "additionalProperties": false, - "properties": { - "UseOnly": { - "markdownDescription": "The recording strategy for the configuration recorder.\n\n- If you set this option to `ALL_SUPPORTED_RESOURCE_TYPES` , AWS Config records configuration changes for all supported resource types, excluding the global IAM resource types. You also must set the `AllSupported` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) to `true` . When AWS Config adds support for a new resource type, AWS Config automatically starts recording resources of that type. For a list of supported resource types, see [Supported Resource Types](https://docs.aws.amazon.com/config/latest/developerguide/resource-config-reference.html#supported-resources) in the *AWS Config developer guide* .\n- If you set this option to `INCLUSION_BY_RESOURCE_TYPES` , AWS Config records configuration changes for only the resource types that you specify in the `ResourceTypes` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) .\n- If you set this option to `EXCLUSION_BY_RESOURCE_TYPES` , AWS Config records configuration changes for all supported resource types, except the resource types that you specify to exclude from being recorded in the `ResourceTypes` field of [ExclusionByResourceTypes](https://docs.aws.amazon.com/config/latest/APIReference/API_ExclusionByResourceTypes.html) .\n\n> *Required and optional fields*\n> \n> The `recordingStrategy` field is optional when you set the `AllSupported` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) to `true` .\n> \n> The `recordingStrategy` field is optional when you list resource types in the `ResourceTypes` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) .\n> \n> The `recordingStrategy` field is required if you list resource types to exclude from recording in the `ResourceTypes` field of [ExclusionByResourceTypes](https://docs.aws.amazon.com/config/latest/APIReference/API_ExclusionByResourceTypes.html) . > *Overriding fields*\n> \n> If you choose `EXCLUSION_BY_RESOURCE_TYPES` for the recording strategy, the `ExclusionByResourceTypes` field will override other properties in the request.\n> \n> For example, even if you set `IncludeGlobalResourceTypes` to false, global IAM resource types will still be automatically recorded in this option unless those resource types are specifically listed as exclusions in the `ResourceTypes` field of `ExclusionByResourceTypes` . > *Global resource types and the exclusion recording strategy*\n> \n> By default, if you choose the `EXCLUSION_BY_RESOURCE_TYPES` recording strategy, when AWS Config adds support for a new resource type in the Region where you set up the configuration recorder, including global resource types, AWS Config starts recording resources of that type automatically.\n> \n> Unless specifically listed as exclusions, `AWS::RDS::GlobalCluster` will be recorded automatically in all supported AWS Config Regions were the configuration recorder is enabled.\n> \n> IAM users, groups, roles, and customer managed policies will be recorded in the Region where you set up the configuration recorder if that is a Region where AWS Config was available before February 2022. You cannot be record the global IAM resouce types in Regions supported by AWS Config after February 2022. This list where you cannot record the global IAM resource types includes the following Regions:\n> \n> - Asia Pacific (Hyderabad)\n> - Asia Pacific (Melbourne)\n> - Canada West (Calgary)\n> - Europe (Spain)\n> - Europe (Zurich)\n> - Israel (Tel Aviv)\n> - Middle East (UAE)", - "title": "UseOnly", + "Namespace": { + "markdownDescription": "The namespace of the metric.", + "title": "Namespace", "type": "string" } }, "required": [ - "UseOnly" + "MetricName", + "Namespace" ], "type": "object" }, - "AWS::Config::ConformancePack": { + "AWS::CodeArtifact::Domain": { "additionalProperties": false, "properties": { "Condition": { @@ -48721,53 +54543,38 @@ "Properties": { "additionalProperties": false, "properties": { - "ConformancePackInputParameters": { - "items": { - "$ref": "#/definitions/AWS::Config::ConformancePack.ConformancePackInputParameter" - }, - "markdownDescription": "A list of ConformancePackInputParameter objects.", - "title": "ConformancePackInputParameters", - "type": "array" - }, - "ConformancePackName": { - "markdownDescription": "Name of the conformance pack you want to create.", - "title": "ConformancePackName", - "type": "string" - }, - "DeliveryS3Bucket": { - "markdownDescription": "The name of the Amazon S3 bucket where AWS Config stores conformance pack templates.", - "title": "DeliveryS3Bucket", - "type": "string" - }, - "DeliveryS3KeyPrefix": { - "markdownDescription": "The prefix for the Amazon S3 bucket.", - "title": "DeliveryS3KeyPrefix", + "DomainName": { + "markdownDescription": "A string that specifies the name of the requested domain.", + "title": "DomainName", "type": "string" }, - "TemplateBody": { - "markdownDescription": "A string containing full conformance pack template body. Structure containing the template body with a minimum length of 1 byte and a maximum length of 51,200 bytes.\n\n> You can only use a YAML template with two resource types: config rule ( `AWS::Config::ConfigRule` ) and a remediation action ( `AWS::Config::RemediationConfiguration` ).", - "title": "TemplateBody", + "EncryptionKey": { + "markdownDescription": "The key used to encrypt the domain.", + "title": "EncryptionKey", "type": "string" }, - "TemplateS3Uri": { - "markdownDescription": "Location of file containing the template body (s3://bucketname/prefix). The uri must point to the conformance pack template (max size: 300 KB) that is located in an Amazon S3 bucket.\n\n> You must have access to read Amazon S3 bucket.", - "title": "TemplateS3Uri", - "type": "string" + "PermissionsPolicyDocument": { + "markdownDescription": "The document that defines the resource policy that is set on a domain.", + "title": "PermissionsPolicyDocument", + "type": "object" }, - "TemplateSSMDocumentDetails": { - "$ref": "#/definitions/AWS::Config::ConformancePack.TemplateSSMDocumentDetails", - "markdownDescription": "An object that contains the name or Amazon Resource Name (ARN) of the AWS Systems Manager document (SSM document) and the version of the SSM document that is used to create a conformance pack.", - "title": "TemplateSSMDocumentDetails" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags to be applied to the domain.", + "title": "Tags", + "type": "array" } }, "required": [ - "ConformancePackName" + "DomainName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Config::ConformancePack" + "AWS::CodeArtifact::Domain" ], "type": "string" }, @@ -48786,43 +54593,7 @@ ], "type": "object" }, - "AWS::Config::ConformancePack.ConformancePackInputParameter": { - "additionalProperties": false, - "properties": { - "ParameterName": { - "markdownDescription": "One part of a key-value pair.", - "title": "ParameterName", - "type": "string" - }, - "ParameterValue": { - "markdownDescription": "Another part of the key-value pair.", - "title": "ParameterValue", - "type": "string" - } - }, - "required": [ - "ParameterName", - "ParameterValue" - ], - "type": "object" - }, - "AWS::Config::ConformancePack.TemplateSSMDocumentDetails": { - "additionalProperties": false, - "properties": { - "DocumentName": { - "markdownDescription": "The name or Amazon Resource Name (ARN) of the SSM document to use to create a conformance pack. If you use the document name, AWS Config checks only your account and AWS Region for the SSM document.", - "title": "DocumentName", - "type": "string" - }, - "DocumentVersion": { - "markdownDescription": "The version of the SSM document to use to create a conformance pack. By default, AWS Config uses the latest version.\n\n> This field is optional.", - "title": "DocumentVersion", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Config::DeliveryChannel": { + "AWS::CodeArtifact::PackageGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -48857,146 +54628,54 @@ "Properties": { "additionalProperties": false, "properties": { - "ConfigSnapshotDeliveryProperties": { - "$ref": "#/definitions/AWS::Config::DeliveryChannel.ConfigSnapshotDeliveryProperties", - "markdownDescription": "The options for how often AWS Config delivers configuration snapshots to the Amazon S3 bucket.", - "title": "ConfigSnapshotDeliveryProperties" - }, - "Name": { - "markdownDescription": "A name for the delivery channel. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the delivery channel name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nUpdates are not supported. To change the name, you must run two separate updates. In the first update, delete this resource, and then recreate it with a new name in the second update.", - "title": "Name", + "ContactInfo": { + "markdownDescription": "The contact information of the package group.", + "title": "ContactInfo", "type": "string" }, - "S3BucketName": { - "markdownDescription": "The name of the Amazon S3 bucket to which AWS Config delivers configuration snapshots and configuration history files.\n\nIf you specify a bucket that belongs to another AWS account , that bucket must have policies that grant access permissions to AWS Config . For more information, see [Permissions for the Amazon S3 Bucket](https://docs.aws.amazon.com/config/latest/developerguide/s3-bucket-policy.html) in the *AWS Config Developer Guide* .", - "title": "S3BucketName", + "Description": { + "markdownDescription": "The description of the package group.", + "title": "Description", "type": "string" }, - "S3KeyPrefix": { - "markdownDescription": "The prefix for the specified Amazon S3 bucket.", - "title": "S3KeyPrefix", + "DomainName": { + "markdownDescription": "The domain that contains the package group.", + "title": "DomainName", "type": "string" }, - "S3KmsKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Key Management Service ( AWS KMS ) AWS KMS key (KMS key) used to encrypt objects delivered by AWS Config . Must belong to the same Region as the destination S3 bucket.", - "title": "S3KmsKeyArn", + "DomainOwner": { + "markdownDescription": "The 12-digit account number of the AWS account that owns the domain. It does not include dashes or spaces.", + "title": "DomainOwner", "type": "string" }, - "SnsTopicARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to which AWS Config sends notifications about configuration changes.\n\nIf you choose a topic from another account, the topic must have policies that grant access permissions to AWS Config . For more information, see [Permissions for the Amazon SNS Topic](https://docs.aws.amazon.com/config/latest/developerguide/sns-topic-policy.html) in the *AWS Config Developer Guide* .", - "title": "SnsTopicARN", - "type": "string" - } - }, - "required": [ - "S3BucketName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Config::DeliveryChannel" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::Config::DeliveryChannel.ConfigSnapshotDeliveryProperties": { - "additionalProperties": false, - "properties": { - "DeliveryFrequency": { - "markdownDescription": "The frequency with which AWS Config delivers configuration snapshots.", - "title": "DeliveryFrequency", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Config::OrganizationConfigRule": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + "OriginConfiguration": { + "$ref": "#/definitions/AWS::CodeArtifact::PackageGroup.OriginConfiguration", + "markdownDescription": "Details about the package origin configuration of a package group.", + "title": "OriginConfiguration" + }, + "Pattern": { + "markdownDescription": "The pattern of the package group. The pattern determines which packages are associated with the package group.", + "title": "Pattern", "type": "string" }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ExcludedAccounts": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "A comma-separated list of accounts excluded from organization AWS Config rule.", - "title": "ExcludedAccounts", + "markdownDescription": "", + "title": "Tags", "type": "array" - }, - "OrganizationConfigRuleName": { - "markdownDescription": "The name that you assign to organization AWS Config rule.", - "title": "OrganizationConfigRuleName", - "type": "string" - }, - "OrganizationCustomPolicyRuleMetadata": { - "$ref": "#/definitions/AWS::Config::OrganizationConfigRule.OrganizationCustomPolicyRuleMetadata", - "markdownDescription": "An object that specifies metadata for your organization's AWS Config Custom Policy rule. The metadata includes the runtime system in use, which accounts have debug logging enabled, and other custom rule metadata, such as resource type, resource ID of AWS resource, and organization trigger types that initiate AWS Config to evaluate AWS resources against a rule.", - "title": "OrganizationCustomPolicyRuleMetadata" - }, - "OrganizationCustomRuleMetadata": { - "$ref": "#/definitions/AWS::Config::OrganizationConfigRule.OrganizationCustomRuleMetadata", - "markdownDescription": "An `OrganizationCustomRuleMetadata` object.", - "title": "OrganizationCustomRuleMetadata" - }, - "OrganizationManagedRuleMetadata": { - "$ref": "#/definitions/AWS::Config::OrganizationConfigRule.OrganizationManagedRuleMetadata", - "markdownDescription": "An `OrganizationManagedRuleMetadata` object.", - "title": "OrganizationManagedRuleMetadata" } }, "required": [ - "OrganizationConfigRuleName" + "DomainName", + "Pattern" ], "type": "object" }, "Type": { "enum": [ - "AWS::Config::OrganizationConfigRule" + "AWS::CodeArtifact::PackageGroup" ], "type": "string" }, @@ -49015,194 +54694,64 @@ ], "type": "object" }, - "AWS::Config::OrganizationConfigRule.OrganizationCustomPolicyRuleMetadata": { + "AWS::CodeArtifact::PackageGroup.OriginConfiguration": { "additionalProperties": false, "properties": { - "DebugLogDeliveryAccounts": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of accounts that you can enable debug logging for your organization AWS Config Custom Policy rule. List is null when debug logging is enabled for all accounts.", - "title": "DebugLogDeliveryAccounts", - "type": "array" - }, - "Description": { - "markdownDescription": "The description that you provide for your organization AWS Config Custom Policy rule.", - "title": "Description", - "type": "string" - }, - "InputParameters": { - "markdownDescription": "A string, in JSON format, that is passed to your organization AWS Config Custom Policy rule.", - "title": "InputParameters", - "type": "string" - }, - "MaximumExecutionFrequency": { - "markdownDescription": "The maximum frequency with which AWS Config runs evaluations for a rule. Your AWS Config Custom Policy rule is triggered when AWS Config delivers the configuration snapshot. For more information, see `ConfigSnapshotDeliveryProperties` .", - "title": "MaximumExecutionFrequency", - "type": "string" - }, - "OrganizationConfigRuleTriggerTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The type of notification that initiates AWS Config to run an evaluation for a rule. For AWS Config Custom Policy rules, AWS Config supports change-initiated notification types:\n\n- `ConfigurationItemChangeNotification` - Initiates an evaluation when AWS Config delivers a configuration item as a result of a resource change.\n- `OversizedConfigurationItemChangeNotification` - Initiates an evaluation when AWS Config delivers an oversized configuration item. AWS Config may generate this notification type when a resource changes and the notification exceeds the maximum size allowed by Amazon SNS.", - "title": "OrganizationConfigRuleTriggerTypes", - "type": "array" - }, - "PolicyText": { - "markdownDescription": "The policy definition containing the logic for your organization AWS Config Custom Policy rule.", - "title": "PolicyText", - "type": "string" - }, - "ResourceIdScope": { - "markdownDescription": "The ID of the AWS resource that was evaluated.", - "title": "ResourceIdScope", - "type": "string" - }, - "ResourceTypesScope": { - "items": { - "type": "string" - }, - "markdownDescription": "The type of the AWS resource that was evaluated.", - "title": "ResourceTypesScope", - "type": "array" - }, - "Runtime": { - "markdownDescription": "The runtime system for your organization AWS Config Custom Policy rules. Guard is a policy-as-code language that allows you to write policies that are enforced by AWS Config Custom Policy rules. For more information about Guard, see the [Guard GitHub Repository](https://docs.aws.amazon.com/https://github.com/aws-cloudformation/cloudformation-guard) .", - "title": "Runtime", - "type": "string" - }, - "TagKeyScope": { - "markdownDescription": "One part of a key-value pair that make up a tag. A key is a general label that acts like a category for more specific tag values.", - "title": "TagKeyScope", - "type": "string" - }, - "TagValueScope": { - "markdownDescription": "The optional part of a key-value pair that make up a tag. A value acts as a descriptor within a tag category (key).", - "title": "TagValueScope", - "type": "string" + "Restrictions": { + "$ref": "#/definitions/AWS::CodeArtifact::PackageGroup.Restrictions", + "markdownDescription": "", + "title": "Restrictions" } }, "required": [ - "PolicyText", - "Runtime" + "Restrictions" ], "type": "object" }, - "AWS::Config::OrganizationConfigRule.OrganizationCustomRuleMetadata": { + "AWS::CodeArtifact::PackageGroup.RestrictionType": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description that you provide for your organization AWS Config rule.", - "title": "Description", - "type": "string" - }, - "InputParameters": { - "markdownDescription": "A string, in JSON format, that is passed to your organization AWS Config rule Lambda function.", - "title": "InputParameters", - "type": "string" - }, - "LambdaFunctionArn": { - "markdownDescription": "The lambda function ARN.", - "title": "LambdaFunctionArn", - "type": "string" - }, - "MaximumExecutionFrequency": { - "markdownDescription": "The maximum frequency with which AWS Config runs evaluations for a rule. Your custom rule is triggered when AWS Config delivers the configuration snapshot. For more information, see `ConfigSnapshotDeliveryProperties` .\n\n> By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the `MaximumExecutionFrequency` parameter.", - "title": "MaximumExecutionFrequency", - "type": "string" - }, - "OrganizationConfigRuleTriggerTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The type of notification that triggers AWS Config to run an evaluation for a rule. You can specify the following notification types:\n\n- `ConfigurationItemChangeNotification` - Triggers an evaluation when AWS Config delivers a configuration item as a result of a resource change.\n- `OversizedConfigurationItemChangeNotification` - Triggers an evaluation when AWS Config delivers an oversized configuration item. AWS Config may generate this notification type when a resource changes and the notification exceeds the maximum size allowed by Amazon SNS.\n- `ScheduledNotification` - Triggers a periodic evaluation at the frequency specified for `MaximumExecutionFrequency` .", - "title": "OrganizationConfigRuleTriggerTypes", - "type": "array" - }, - "ResourceIdScope": { - "markdownDescription": "The ID of the AWS resource that was evaluated.", - "title": "ResourceIdScope", - "type": "string" - }, - "ResourceTypesScope": { + "Repositories": { "items": { "type": "string" }, - "markdownDescription": "The type of the AWS resource that was evaluated.", - "title": "ResourceTypesScope", + "markdownDescription": "", + "title": "Repositories", "type": "array" }, - "TagKeyScope": { - "markdownDescription": "One part of a key-value pair that make up a tag. A key is a general label that acts like a category for more specific tag values.", - "title": "TagKeyScope", - "type": "string" - }, - "TagValueScope": { - "markdownDescription": "The optional part of a key-value pair that make up a tag. A value acts as a descriptor within a tag category (key).", - "title": "TagValueScope", + "RestrictionMode": { + "markdownDescription": "", + "title": "RestrictionMode", "type": "string" } }, "required": [ - "LambdaFunctionArn", - "OrganizationConfigRuleTriggerTypes" + "RestrictionMode" ], "type": "object" }, - "AWS::Config::OrganizationConfigRule.OrganizationManagedRuleMetadata": { + "AWS::CodeArtifact::PackageGroup.Restrictions": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description that you provide for your organization AWS Config rule.", - "title": "Description", - "type": "string" - }, - "InputParameters": { - "markdownDescription": "A string, in JSON format, that is passed to your organization AWS Config rule Lambda function.", - "title": "InputParameters", - "type": "string" - }, - "MaximumExecutionFrequency": { - "markdownDescription": "The maximum frequency with which AWS Config runs evaluations for a rule. This is for an AWS Config managed rule that is triggered at a periodic frequency.\n\n> By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the `MaximumExecutionFrequency` parameter.", - "title": "MaximumExecutionFrequency", - "type": "string" - }, - "ResourceIdScope": { - "markdownDescription": "The ID of the AWS resource that was evaluated.", - "title": "ResourceIdScope", - "type": "string" - }, - "ResourceTypesScope": { - "items": { - "type": "string" - }, - "markdownDescription": "The type of the AWS resource that was evaluated.", - "title": "ResourceTypesScope", - "type": "array" - }, - "RuleIdentifier": { - "markdownDescription": "For organization config managed rules, a predefined identifier from a list. For example, `IAM_PASSWORD_POLICY` is a managed rule. To reference a managed rule, see [Using AWS Config managed rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html) .", - "title": "RuleIdentifier", - "type": "string" + "ExternalUpstream": { + "$ref": "#/definitions/AWS::CodeArtifact::PackageGroup.RestrictionType", + "markdownDescription": "", + "title": "ExternalUpstream" }, - "TagKeyScope": { - "markdownDescription": "One part of a key-value pair that make up a tag. A key is a general label that acts like a category for more specific tag values.", - "title": "TagKeyScope", - "type": "string" + "InternalUpstream": { + "$ref": "#/definitions/AWS::CodeArtifact::PackageGroup.RestrictionType", + "markdownDescription": "", + "title": "InternalUpstream" }, - "TagValueScope": { - "markdownDescription": "The optional part of a key-value pair that make up a tag. A value acts as a descriptor within a tag category (key).", - "title": "TagValueScope", - "type": "string" + "Publish": { + "$ref": "#/definitions/AWS::CodeArtifact::PackageGroup.RestrictionType", + "markdownDescription": "", + "title": "Publish" } }, - "required": [ - "RuleIdentifier" - ], "type": "object" }, - "AWS::Config::OrganizationConformancePack": { + "AWS::CodeArtifact::Repository": { "additionalProperties": false, "properties": { "Condition": { @@ -49237,56 +54786,65 @@ "Properties": { "additionalProperties": false, "properties": { - "ConformancePackInputParameters": { - "items": { - "$ref": "#/definitions/AWS::Config::OrganizationConformancePack.ConformancePackInputParameter" - }, - "markdownDescription": "A list of `ConformancePackInputParameter` objects.", - "title": "ConformancePackInputParameters", - "type": "array" + "Description": { + "markdownDescription": "A text description of the repository.", + "title": "Description", + "type": "string" }, - "DeliveryS3Bucket": { - "markdownDescription": "The name of the Amazon S3 bucket where AWS Config stores conformance pack templates.\n\n> This field is optional.", - "title": "DeliveryS3Bucket", + "DomainName": { + "markdownDescription": "The name of the domain that contains the repository.", + "title": "DomainName", "type": "string" }, - "DeliveryS3KeyPrefix": { - "markdownDescription": "Any folder structure you want to add to an Amazon S3 bucket.\n\n> This field is optional.", - "title": "DeliveryS3KeyPrefix", + "DomainOwner": { + "markdownDescription": "The 12-digit account number of the AWS account that owns the domain that contains the repository. It does not include dashes or spaces.", + "title": "DomainOwner", "type": "string" }, - "ExcludedAccounts": { + "ExternalConnections": { "items": { "type": "string" }, - "markdownDescription": "A comma-separated list of accounts excluded from organization conformance pack.", - "title": "ExcludedAccounts", + "markdownDescription": "An array of external connections associated with the repository. For more information, see [Supported external connection repositories](https://docs.aws.amazon.com/codeartifact/latest/ug/external-connection.html#supported-public-repositories) in the *CodeArtifact user guide* .", + "title": "ExternalConnections", "type": "array" }, - "OrganizationConformancePackName": { - "markdownDescription": "The name you assign to an organization conformance pack.", - "title": "OrganizationConformancePackName", - "type": "string" + "PermissionsPolicyDocument": { + "markdownDescription": "The document that defines the resource policy that is set on a repository.", + "title": "PermissionsPolicyDocument", + "type": "object" }, - "TemplateBody": { - "markdownDescription": "A string containing full conformance pack template body. Structure containing the template body with a minimum length of 1 byte and a maximum length of 51,200 bytes.", - "title": "TemplateBody", + "RepositoryName": { + "markdownDescription": "The name of an upstream repository.", + "title": "RepositoryName", "type": "string" }, - "TemplateS3Uri": { - "markdownDescription": "Location of file containing the template body. The uri must point to the conformance pack template (max size: 300 KB).", - "title": "TemplateS3Uri", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags to be applied to the repository.", + "title": "Tags", + "type": "array" + }, + "Upstreams": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of upstream repositories to associate with the repository. The order of the upstream repositories in the list determines their priority order when AWS CodeArtifact looks for a requested package version. For more information, see [Working with upstream repositories](https://docs.aws.amazon.com/codeartifact/latest/ug/repos-upstream.html) .", + "title": "Upstreams", + "type": "array" } }, "required": [ - "OrganizationConformancePackName" + "DomainName", + "RepositoryName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Config::OrganizationConformancePack" + "AWS::CodeArtifact::Repository" ], "type": "string" }, @@ -49305,27 +54863,7 @@ ], "type": "object" }, - "AWS::Config::OrganizationConformancePack.ConformancePackInputParameter": { - "additionalProperties": false, - "properties": { - "ParameterName": { - "markdownDescription": "One part of a key-value pair.", - "title": "ParameterName", - "type": "string" - }, - "ParameterValue": { - "markdownDescription": "One part of a key-value pair.", - "title": "ParameterValue", - "type": "string" - } - }, - "required": [ - "ParameterName", - "ParameterValue" - ], - "type": "object" - }, - "AWS::Config::RemediationConfiguration": { + "AWS::CodeBuild::Fleet": { "additionalProperties": false, "properties": { "Condition": { @@ -49360,67 +54898,75 @@ "Properties": { "additionalProperties": false, "properties": { - "Automatic": { - "markdownDescription": "The remediation is triggered automatically.", - "title": "Automatic", - "type": "boolean" + "BaseCapacity": { + "markdownDescription": "The initial number of machines allocated to the compute \ufb02eet, which de\ufb01nes the number of builds that can run in parallel.", + "title": "BaseCapacity", + "type": "number" }, - "ConfigRuleName": { - "markdownDescription": "The name of the AWS Config rule.", - "title": "ConfigRuleName", - "type": "string" + "ComputeConfiguration": { + "$ref": "#/definitions/AWS::CodeBuild::Fleet.ComputeConfiguration", + "markdownDescription": "The compute configuration of the compute fleet. This is only required if `computeType` is set to `ATTRIBUTE_BASED_COMPUTE` or `CUSTOM_INSTANCE_TYPE` .", + "title": "ComputeConfiguration" }, - "ExecutionControls": { - "$ref": "#/definitions/AWS::Config::RemediationConfiguration.ExecutionControls", - "markdownDescription": "An ExecutionControls object.", - "title": "ExecutionControls" + "ComputeType": { + "markdownDescription": "Information about the compute resources the compute fleet uses. Available values include:\n\n- `ATTRIBUTE_BASED_COMPUTE` : Specify the amount of vCPUs, memory, disk space, and the type of machine.\n\n> If you use `ATTRIBUTE_BASED_COMPUTE` , you must define your attributes by using `computeConfiguration` . AWS CodeBuild will select the cheapest instance that satisfies your specified attributes. For more information, see [Reserved capacity environment types](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html#environment-reserved-capacity.types) in the *AWS CodeBuild User Guide* .\n- `BUILD_GENERAL1_SMALL` : Use up to 4 GiB memory and 2 vCPUs for builds.\n- `BUILD_GENERAL1_MEDIUM` : Use up to 8 GiB memory and 4 vCPUs for builds.\n- `BUILD_GENERAL1_LARGE` : Use up to 16 GiB memory and 8 vCPUs for builds, depending on your environment type.\n- `BUILD_GENERAL1_XLARGE` : Use up to 72 GiB memory and 36 vCPUs for builds, depending on your environment type.\n- `BUILD_GENERAL1_2XLARGE` : Use up to 144 GiB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed.\n- `BUILD_LAMBDA_1GB` : Use up to 1 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_2GB` : Use up to 2 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_4GB` : Use up to 4 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_8GB` : Use up to 8 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_10GB` : Use up to 10 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n\nIf you use `BUILD_GENERAL1_SMALL` :\n\n- For environment type `LINUX_CONTAINER` , you can use up to 4 GiB memory and 2 vCPUs for builds.\n- For environment type `LINUX_GPU_CONTAINER` , you can use up to 16 GiB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds.\n- For environment type `ARM_CONTAINER` , you can use up to 4 GiB memory and 2 vCPUs on ARM-based processors for builds.\n\nIf you use `BUILD_GENERAL1_LARGE` :\n\n- For environment type `LINUX_CONTAINER` , you can use up to 16 GiB memory and 8 vCPUs for builds.\n- For environment type `LINUX_GPU_CONTAINER` , you can use up to 255 GiB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds.\n- For environment type `ARM_CONTAINER` , you can use up to 16 GiB memory and 8 vCPUs on ARM-based processors for builds.\n\nFor more information, see [On-demand environment types](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html#environment.types) in the *AWS CodeBuild User Guide.*", + "title": "ComputeType", + "type": "string" }, - "MaximumAutomaticAttempts": { - "markdownDescription": "The maximum number of failed attempts for auto-remediation. If you do not select a number, the default is 5.\n\nFor example, if you specify MaximumAutomaticAttempts as 5 with RetryAttemptSeconds as 50 seconds, AWS Config will put a RemediationException on your behalf for the failing resource after the 5th failed attempt within 50 seconds.", - "title": "MaximumAutomaticAttempts", - "type": "number" + "EnvironmentType": { + "markdownDescription": "The environment type of the compute fleet.\n\n- The environment type `ARM_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), EU (Frankfurt), and South America (S\u00e3o Paulo).\n- The environment type `ARM_EC2` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (S\u00e3o Paulo), and Asia Pacific (Mumbai).\n- The environment type `LINUX_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (S\u00e3o Paulo), and Asia Pacific (Mumbai).\n- The environment type `LINUX_EC2` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (S\u00e3o Paulo), and Asia Pacific (Mumbai).\n- The environment type `LINUX_GPU_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), and Asia Pacific (Sydney).\n- The environment type `MAC_ARM` is available only in regions US East (Ohio), US East (N. Virginia), US West (Oregon), Europe (Frankfurt), and Asia Pacific (Sydney).\n- The environment type `WINDOWS_EC2` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (S\u00e3o Paulo), and Asia Pacific (Mumbai).\n- The environment type `WINDOWS_SERVER_2019_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Sydney), Asia Pacific (Tokyo), Asia Pacific (Mumbai) and EU (Ireland).\n- The environment type `WINDOWS_SERVER_2022_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Sydney), Asia Pacific (Singapore), Asia Pacific (Tokyo), South America (S\u00e3o Paulo) and Asia Pacific (Mumbai).\n\nFor more information, see [Build environment compute types](https://docs.aws.amazon.com//codebuild/latest/userguide/build-env-ref-compute-types.html) in the *AWS CodeBuild user guide* .", + "title": "EnvironmentType", + "type": "string" }, - "Parameters": { - "markdownDescription": "An object of the RemediationParameterValue. For more information, see [RemediationParameterValue](https://docs.aws.amazon.com/config/latest/APIReference/API_RemediationParameterValue.html) .\n\n> The type is a map of strings to RemediationParameterValue.", - "title": "Parameters", - "type": "object" + "FleetProxyConfiguration": { + "$ref": "#/definitions/AWS::CodeBuild::Fleet.ProxyConfiguration", + "markdownDescription": "Information about the proxy configurations that apply network access control to your reserved capacity instances.", + "title": "FleetProxyConfiguration" }, - "ResourceType": { - "markdownDescription": "The type of a resource.", - "title": "ResourceType", + "FleetServiceRole": { + "markdownDescription": "The service role associated with the compute fleet. For more information, see [Allow a user to add a permission policy for a fleet service role](https://docs.aws.amazon.com/codebuild/latest/userguide/auth-and-access-control-iam-identity-based-access-control.html#customer-managed-policies-example-permission-policy-fleet-service-role.html) in the *AWS CodeBuild User Guide* .", + "title": "FleetServiceRole", "type": "string" }, - "RetryAttemptSeconds": { - "markdownDescription": "Time window to determine whether or not to add a remediation exception to prevent infinite remediation attempts. If `MaximumAutomaticAttempts` remediation attempts have been made under `RetryAttemptSeconds` , a remediation exception will be added to the resource. If you do not select a number, the default is 60 seconds.\n\nFor example, if you specify `RetryAttemptSeconds` as 50 seconds and `MaximumAutomaticAttempts` as 5, AWS Config will run auto-remediations 5 times within 50 seconds before adding a remediation exception to the resource.", - "title": "RetryAttemptSeconds", - "type": "number" + "FleetVpcConfig": { + "$ref": "#/definitions/AWS::CodeBuild::Fleet.VpcConfig", + "markdownDescription": "Information about the VPC configuration that AWS CodeBuild accesses.", + "title": "FleetVpcConfig" }, - "TargetId": { - "markdownDescription": "Target ID is the name of the SSM document.", - "title": "TargetId", + "ImageId": { + "markdownDescription": "The Amazon Machine Image (AMI) of the compute fleet.", + "title": "ImageId", "type": "string" }, - "TargetType": { - "markdownDescription": "The type of the target. Target executes remediation. For example, SSM document.", - "title": "TargetType", + "Name": { + "markdownDescription": "The name of the compute fleet.", + "title": "Name", "type": "string" }, - "TargetVersion": { - "markdownDescription": "Version of the target. For example, version of the SSM document.\n\n> If you make backward incompatible changes to the SSM document, you must call PutRemediationConfiguration API again to ensure the remediations can run.", - "title": "TargetVersion", + "OverflowBehavior": { + "markdownDescription": "The compute fleet overflow behavior.\n\n- For overflow behavior `QUEUE` , your overflow builds need to wait on the existing fleet instance to become available.\n- For overflow behavior `ON_DEMAND` , your overflow builds run on CodeBuild on-demand.\n\n> If you choose to set your overflow behavior to on-demand while creating a VPC-connected fleet, make sure that you add the required VPC permissions to your project service role. For more information, see [Example policy statement to allow CodeBuild access to AWS services required to create a VPC network interface](https://docs.aws.amazon.com/codebuild/latest/userguide/auth-and-access-control-iam-identity-based-access-control.html#customer-managed-policies-example-create-vpc-network-interface) .", + "title": "OverflowBehavior", "type": "string" + }, + "ScalingConfiguration": { + "$ref": "#/definitions/AWS::CodeBuild::Fleet.ScalingConfigurationInput", + "markdownDescription": "The scaling configuration of the compute fleet.", + "title": "ScalingConfiguration" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tag key and value pairs associated with this compute fleet.\n\nThese tags are available for use by AWS services that support AWS CodeBuild compute fleet tags.", + "title": "Tags", + "type": "array" } }, - "required": [ - "ConfigRuleName", - "TargetId", - "TargetType" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Config::RemediationConfiguration" + "AWS::CodeBuild::Fleet" ], "type": "string" }, @@ -49434,76 +54980,152 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Config::RemediationConfiguration.ExecutionControls": { + "AWS::CodeBuild::Fleet.ComputeConfiguration": { "additionalProperties": false, "properties": { - "SsmControls": { - "$ref": "#/definitions/AWS::Config::RemediationConfiguration.SsmControls", - "markdownDescription": "A SsmControls object.", - "title": "SsmControls" + "disk": { + "markdownDescription": "The amount of disk space of the instance type included in your fleet.", + "title": "disk", + "type": "number" + }, + "instanceType": { + "markdownDescription": "The EC2 instance type to be launched in your fleet.", + "title": "instanceType", + "type": "string" + }, + "machineType": { + "markdownDescription": "The machine type of the instance type included in your fleet.", + "title": "machineType", + "type": "string" + }, + "memory": { + "markdownDescription": "The amount of memory of the instance type included in your fleet.", + "title": "memory", + "type": "number" + }, + "vCpu": { + "markdownDescription": "The number of vCPUs of the instance type included in your fleet.", + "title": "vCpu", + "type": "number" } }, "type": "object" }, - "AWS::Config::RemediationConfiguration.RemediationParameterValue": { + "AWS::CodeBuild::Fleet.FleetProxyRule": { "additionalProperties": false, "properties": { - "ResourceValue": { - "$ref": "#/definitions/AWS::Config::RemediationConfiguration.ResourceValue", - "markdownDescription": "The value is dynamic and changes at run-time.", - "title": "ResourceValue" + "Effect": { + "markdownDescription": "The behavior of the proxy rule.", + "title": "Effect", + "type": "string" }, - "StaticValue": { - "$ref": "#/definitions/AWS::Config::RemediationConfiguration.StaticValue", - "markdownDescription": "The value is static and does not change at run-time.", - "title": "StaticValue" + "Entities": { + "items": { + "type": "string" + }, + "markdownDescription": "The destination of the proxy rule.", + "title": "Entities", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of proxy rule.", + "title": "Type", + "type": "string" } }, "type": "object" }, - "AWS::Config::RemediationConfiguration.ResourceValue": { + "AWS::CodeBuild::Fleet.ProxyConfiguration": { "additionalProperties": false, "properties": { - "Value": { + "DefaultBehavior": { + "markdownDescription": "The default behavior of outgoing traffic.", + "title": "DefaultBehavior", "type": "string" + }, + "OrderedProxyRules": { + "items": { + "$ref": "#/definitions/AWS::CodeBuild::Fleet.FleetProxyRule" + }, + "markdownDescription": "An array of `FleetProxyRule` objects that represent the specified destination domains or IPs to allow or deny network access control to.", + "title": "OrderedProxyRules", + "type": "array" } }, "type": "object" }, - "AWS::Config::RemediationConfiguration.SsmControls": { + "AWS::CodeBuild::Fleet.ScalingConfigurationInput": { "additionalProperties": false, "properties": { - "ConcurrentExecutionRatePercentage": { - "markdownDescription": "The maximum percentage of remediation actions allowed to run in parallel on the non-compliant resources for that specific rule. You can specify a percentage, such as 10%. The default value is 10.", - "title": "ConcurrentExecutionRatePercentage", + "MaxCapacity": { + "markdownDescription": "The maximum number of instances in the \ufb02eet when auto-scaling.", + "title": "MaxCapacity", "type": "number" }, - "ErrorPercentage": { - "markdownDescription": "The percentage of errors that are allowed before SSM stops running automations on non-compliant resources for that specific rule. You can specify a percentage of errors, for example 10%. If you do not specifiy a percentage, the default is 50%. For example, if you set the ErrorPercentage to 40% for 10 non-compliant resources, then SSM stops running the automations when the fifth error is received.", - "title": "ErrorPercentage", + "ScalingType": { + "markdownDescription": "The scaling type for a compute fleet.", + "title": "ScalingType", + "type": "string" + }, + "TargetTrackingScalingConfigs": { + "items": { + "$ref": "#/definitions/AWS::CodeBuild::Fleet.TargetTrackingScalingConfiguration" + }, + "markdownDescription": "A list of `TargetTrackingScalingConfiguration` objects.", + "title": "TargetTrackingScalingConfigs", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CodeBuild::Fleet.TargetTrackingScalingConfiguration": { + "additionalProperties": false, + "properties": { + "MetricType": { + "markdownDescription": "The metric type to determine auto-scaling.", + "title": "MetricType", + "type": "string" + }, + "TargetValue": { + "markdownDescription": "The value of `metricType` when to start scaling.", + "title": "TargetValue", "type": "number" } }, "type": "object" }, - "AWS::Config::RemediationConfiguration.StaticValue": { + "AWS::CodeBuild::Fleet.VpcConfig": { "additionalProperties": false, "properties": { - "Values": { + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of one or more security groups IDs in your Amazon VPC.", + "title": "SecurityGroupIds", + "type": "array" + }, + "Subnets": { "items": { "type": "string" }, + "markdownDescription": "A list of one or more subnet IDs in your Amazon VPC.", + "title": "Subnets", "type": "array" + }, + "VpcId": { + "markdownDescription": "The ID of the Amazon VPC.", + "title": "VpcId", + "type": "string" } }, "type": "object" }, - "AWS::Config::StoredQuery": { + "AWS::CodeBuild::Project": { "additionalProperties": false, "properties": { "Condition": { @@ -49538,112 +55160,156 @@ "Properties": { "additionalProperties": false, "properties": { - "QueryDescription": { - "markdownDescription": "A unique description for the query.", - "title": "QueryDescription", + "Artifacts": { + "$ref": "#/definitions/AWS::CodeBuild::Project.Artifacts", + "markdownDescription": "`Artifacts` is a property of the [AWS::CodeBuild::Project](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codebuild-project.html) resource that specifies output settings for artifacts generated by an AWS CodeBuild build.", + "title": "Artifacts" + }, + "AutoRetryLimit": { + "type": "number" + }, + "BadgeEnabled": { + "markdownDescription": "Indicates whether AWS CodeBuild generates a publicly accessible URL for your project's build badge. For more information, see [Build Badges Sample](https://docs.aws.amazon.com/codebuild/latest/userguide/sample-build-badges.html) in the *AWS CodeBuild User Guide* .\n\n> Including build badges with your project is currently not supported if the source type is CodePipeline. If you specify `CODEPIPELINE` for the `Source` property, do not specify the `BadgeEnabled` property.", + "title": "BadgeEnabled", + "type": "boolean" + }, + "BuildBatchConfig": { + "$ref": "#/definitions/AWS::CodeBuild::Project.ProjectBuildBatchConfig", + "markdownDescription": "A `ProjectBuildBatchConfig` object that defines the batch build options for the project.", + "title": "BuildBatchConfig" + }, + "Cache": { + "$ref": "#/definitions/AWS::CodeBuild::Project.ProjectCache", + "markdownDescription": "Settings that AWS CodeBuild uses to store and reuse build dependencies.", + "title": "Cache" + }, + "ConcurrentBuildLimit": { + "markdownDescription": "The maximum number of concurrent builds that are allowed for this project.\n\nNew builds are only started if the current number of builds is less than or equal to this limit. If the current build count meets this limit, new builds are throttled and are not run.", + "title": "ConcurrentBuildLimit", + "type": "number" + }, + "Description": { + "markdownDescription": "A description that makes the build project easy to identify.", + "title": "Description", "type": "string" }, - "QueryExpression": { - "markdownDescription": "The expression of the query. For example, `SELECT resourceId, resourceType, supplementaryConfiguration.BucketVersioningConfiguration.status WHERE resourceType = 'AWS::S3::Bucket' AND supplementaryConfiguration.BucketVersioningConfiguration.status = 'Off'.`", - "title": "QueryExpression", + "EncryptionKey": { + "markdownDescription": "The AWS Key Management Service customer master key (CMK) to be used for encrypting the build output artifacts.\n\n> You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key. \n\nYou can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format `alias/` ). If you don't specify a value, CodeBuild uses the managed CMK for Amazon Simple Storage Service (Amazon S3).", + "title": "EncryptionKey", "type": "string" }, - "QueryName": { - "markdownDescription": "The name of the query.", - "title": "QueryName", + "Environment": { + "$ref": "#/definitions/AWS::CodeBuild::Project.Environment", + "markdownDescription": "The build environment settings for the project, such as the environment type or the environment variables to use for the build environment.", + "title": "Environment" + }, + "FileSystemLocations": { + "items": { + "$ref": "#/definitions/AWS::CodeBuild::Project.ProjectFileSystemLocation" + }, + "markdownDescription": "An array of `ProjectFileSystemLocation` objects for a CodeBuild build project. A `ProjectFileSystemLocation` object specifies the `identifier` , `location` , `mountOptions` , `mountPoint` , and `type` of a file system created using Amazon Elastic File System.", + "title": "FileSystemLocations", + "type": "array" + }, + "LogsConfig": { + "$ref": "#/definitions/AWS::CodeBuild::Project.LogsConfig", + "markdownDescription": "Information about logs for the build project. A project can create logs in CloudWatch Logs, an S3 bucket, or both.", + "title": "LogsConfig" + }, + "Name": { + "markdownDescription": "The name of the build project. The name must be unique across all of the projects in your AWS account .", + "title": "Name", + "type": "string" + }, + "QueuedTimeoutInMinutes": { + "markdownDescription": "The number of minutes a build is allowed to be queued before it times out.", + "title": "QueuedTimeoutInMinutes", + "type": "number" + }, + "ResourceAccessRole": { + "markdownDescription": "The ARN of the IAM role that enables CodeBuild to access the CloudWatch Logs and Amazon S3 artifacts for the project's builds.", + "title": "ResourceAccessRole", + "type": "string" + }, + "SecondaryArtifacts": { + "items": { + "$ref": "#/definitions/AWS::CodeBuild::Project.Artifacts" + }, + "markdownDescription": "A list of `Artifacts` objects. Each artifacts object specifies output settings that the project generates during a build.", + "title": "SecondaryArtifacts", + "type": "array" + }, + "SecondarySourceVersions": { + "items": { + "$ref": "#/definitions/AWS::CodeBuild::Project.ProjectSourceVersion" + }, + "markdownDescription": "An array of `ProjectSourceVersion` objects. If `secondarySourceVersions` is specified at the build level, then they take over these `secondarySourceVersions` (at the project level).", + "title": "SecondarySourceVersions", + "type": "array" + }, + "SecondarySources": { + "items": { + "$ref": "#/definitions/AWS::CodeBuild::Project.Source" + }, + "markdownDescription": "An array of `ProjectSource` objects.", + "title": "SecondarySources", + "type": "array" + }, + "ServiceRole": { + "markdownDescription": "The ARN of the IAM role that enables AWS CodeBuild to interact with dependent AWS services on behalf of the AWS account.", + "title": "ServiceRole", + "type": "string" + }, + "Source": { + "$ref": "#/definitions/AWS::CodeBuild::Project.Source", + "markdownDescription": "The source code settings for the project, such as the source code's repository type and location.", + "title": "Source" + }, + "SourceVersion": { + "markdownDescription": "A version of the build input to be built for this project. If not specified, the latest version is used. If specified, it must be one of:\n\n- For CodeCommit: the commit ID, branch, or Git tag to use.\n- For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format `pr/pull-request-ID` (for example `pr/25` ). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.\n- For GitLab: the commit ID, branch, or Git tag to use.\n- For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.\n- For Amazon S3: the version ID of the object that represents the build input ZIP file to use.\n\nIf `sourceVersion` is specified at the build level, then that version takes precedence over this `sourceVersion` (at the project level).\n\nFor more information, see [Source Version Sample with CodeBuild](https://docs.aws.amazon.com/codebuild/latest/userguide/sample-source-version.html) in the *AWS CodeBuild User Guide* .", + "title": "SourceVersion", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.", + "markdownDescription": "An arbitrary set of tags (key-value pairs) for the AWS CodeBuild project.\n\nThese tags are available for use by AWS services that support AWS CodeBuild build project tags.", "title": "Tags", "type": "array" - } - }, - "required": [ - "QueryExpression", - "QueryName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Config::StoredQuery" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::Connect::ApprovedOrigin": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "InstanceId": { - "markdownDescription": "The Amazon Resource Name (ARN) of the instance.\n\n*Minimum* : `1`\n\n*Maximum* : `100`", - "title": "InstanceId", - "type": "string" + "TimeoutInMinutes": { + "markdownDescription": "How long, in minutes, from 5 to 2160 (36 hours), for AWS CodeBuild to wait before timing out any related build that did not get marked as completed. The default is 60 minutes.", + "title": "TimeoutInMinutes", + "type": "number" }, - "Origin": { - "markdownDescription": "Domain name to be added to the allow-list of the instance.\n\n*Maximum* : `267`", - "title": "Origin", + "Triggers": { + "$ref": "#/definitions/AWS::CodeBuild::Project.ProjectTriggers", + "markdownDescription": "For an existing AWS CodeBuild build project that has its source code stored in a GitHub repository, enables AWS CodeBuild to begin automatically rebuilding the source code every time a code change is pushed to the repository.", + "title": "Triggers" + }, + "Visibility": { + "markdownDescription": "Specifies the visibility of the project's builds. Possible values are:\n\n- **PUBLIC_READ** - The project builds are visible to the public.\n- **PRIVATE** - The project builds are not visible to the public.", + "title": "Visibility", "type": "string" + }, + "VpcConfig": { + "$ref": "#/definitions/AWS::CodeBuild::Project.VpcConfig", + "markdownDescription": "`VpcConfig` specifies settings that enable AWS CodeBuild to access resources in an Amazon VPC. For more information, see [Use AWS CodeBuild with Amazon Virtual Private Cloud](https://docs.aws.amazon.com/codebuild/latest/userguide/vpc-support.html) in the *AWS CodeBuild User Guide* .", + "title": "VpcConfig" } }, "required": [ - "InstanceId", - "Origin" + "Artifacts", + "Environment", + "ServiceRole", + "Source" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::ApprovedOrigin" + "AWS::CodeBuild::Project" ], "type": "string" }, @@ -49662,673 +55328,615 @@ ], "type": "object" }, - "AWS::Connect::ContactFlow": { + "AWS::CodeBuild::Project.Artifacts": { "additionalProperties": false, "properties": { - "Condition": { + "ArtifactIdentifier": { + "markdownDescription": "An identifier for this artifact definition.", + "title": "ArtifactIdentifier", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "EncryptionDisabled": { + "markdownDescription": "Set to true if you do not want your output artifacts encrypted. This option is valid only if your artifacts type is Amazon Simple Storage Service (Amazon S3). If this is set with another artifacts type, an `invalidInputException` is thrown.", + "title": "EncryptionDisabled", + "type": "boolean" + }, + "Location": { + "markdownDescription": "Information about the build output artifact location:\n\n- If `type` is set to `CODEPIPELINE` , AWS CodePipeline ignores this value if specified. This is because CodePipeline manages its build output locations instead of CodeBuild .\n- If `type` is set to `NO_ARTIFACTS` , this value is ignored if specified, because no build output is produced.\n- If `type` is set to `S3` , this is the name of the output bucket.\n\nIf you specify `CODEPIPELINE` or `NO_ARTIFACTS` for the `Type` property, don't specify this property. For all of the other types, you must specify this property.", + "title": "Location", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Name": { + "markdownDescription": "Along with `path` and `namespaceType` , the pattern that AWS CodeBuild uses to name and store the output artifact:\n\n- If `type` is set to `CODEPIPELINE` , AWS CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of AWS CodeBuild .\n- If `type` is set to `NO_ARTIFACTS` , this value is ignored if specified, because no build output is produced.\n- If `type` is set to `S3` , this is the name of the output artifact object. If you set the name to be a forward slash (\"/\"), the artifact is stored in the root of the output bucket.\n\nFor example:\n\n- If `path` is set to `MyArtifacts` , `namespaceType` is set to `BUILD_ID` , and `name` is set to `MyArtifact.zip` , then the output artifact is stored in `MyArtifacts/ *build-ID* /MyArtifact.zip` .\n- If `path` is empty, `namespaceType` is set to `NONE` , and `name` is set to \" `/` \", the output artifact is stored in the root of the output bucket.\n- If `path` is set to `MyArtifacts` , `namespaceType` is set to `BUILD_ID` , and `name` is set to \" `/` \", the output artifact is stored in `MyArtifacts/ *build-ID*` .\n\nIf you specify `CODEPIPELINE` or `NO_ARTIFACTS` for the `Type` property, don't specify this property. For all of the other types, you must specify this property.", + "title": "Name", + "type": "string" }, - "Metadata": { - "type": "object" + "NamespaceType": { + "markdownDescription": "Along with `path` and `name` , the pattern that AWS CodeBuild uses to determine the name and location to store the output artifact:\n\n- If `type` is set to `CODEPIPELINE` , CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of AWS CodeBuild .\n- If `type` is set to `NO_ARTIFACTS` , this value is ignored if specified, because no build output is produced.\n- If `type` is set to `S3` , valid values include:\n\n- `BUILD_ID` : Include the build ID in the location of the build output artifact.\n- `NONE` : Do not include the build ID. This is the default if `namespaceType` is not specified.\n\nFor example, if `path` is set to `MyArtifacts` , `namespaceType` is set to `BUILD_ID` , and `name` is set to `MyArtifact.zip` , the output artifact is stored in `MyArtifacts//MyArtifact.zip` .", + "title": "NamespaceType", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Content": { - "markdownDescription": "The content of the flow.\n\nFor more information, see [Amazon Connect Flow language](https://docs.aws.amazon.com/connect/latest/adminguide/flow-language.html) in the *Amazon Connect Administrator Guide* .", - "title": "Content", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the flow.", - "title": "Description", - "type": "string" - }, - "InstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Connect instance.", - "title": "InstanceArn", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the flow.", - "title": "Name", - "type": "string" - }, - "State": { - "markdownDescription": "The state of the flow.", - "title": "State", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - }, - "Type": { - "markdownDescription": "The type of the flow. For descriptions of the available types, see [Choose a flow type](https://docs.aws.amazon.com/connect/latest/adminguide/create-contact-flow.html#contact-flow-types) in the *Amazon Connect Administrator Guide* .", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Content", - "InstanceArn", - "Name", - "Type" - ], - "type": "object" + "OverrideArtifactName": { + "markdownDescription": "If set to true a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell command language. For example, you can append a date and time to your artifact name so that it is always unique.", + "title": "OverrideArtifactName", + "type": "boolean" }, - "Type": { - "enum": [ - "AWS::Connect::ContactFlow" - ], + "Packaging": { + "markdownDescription": "The type of build output artifact to create:\n\n- If `type` is set to `CODEPIPELINE` , CodePipeline ignores this value if specified. This is because CodePipeline manages its build output artifacts instead of AWS CodeBuild .\n- If `type` is set to `NO_ARTIFACTS` , this value is ignored if specified, because no build output is produced.\n- If `type` is set to `S3` , valid values include:\n\n- `NONE` : AWS CodeBuild creates in the output bucket a folder that contains the build output. This is the default if `packaging` is not specified.\n- `ZIP` : AWS CodeBuild creates in the output bucket a ZIP file that contains the build output.", + "title": "Packaging", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Path": { + "markdownDescription": "Along with `namespaceType` and `name` , the pattern that AWS CodeBuild uses to name and store the output artifact:\n\n- If `type` is set to `CODEPIPELINE` , CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of AWS CodeBuild .\n- If `type` is set to `NO_ARTIFACTS` , this value is ignored if specified, because no build output is produced.\n- If `type` is set to `S3` , this is the path to the output artifact. If `path` is not specified, `path` is not used.\n\nFor example, if `path` is set to `MyArtifacts` , `namespaceType` is set to `NONE` , and `name` is set to `MyArtifact.zip` , the output artifact is stored in the output bucket at `MyArtifacts/MyArtifact.zip` .", + "title": "Path", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of build output artifact. Valid values include:\n\n- `CODEPIPELINE` : The build project has build output generated through CodePipeline.\n\n> The `CODEPIPELINE` type is not supported for `secondaryArtifacts` .\n- `NO_ARTIFACTS` : The build project does not produce any build output.\n- `S3` : The build project stores build output in Amazon S3.", + "title": "Type", "type": "string" } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Connect::ContactFlowModule": { + "AWS::CodeBuild::Project.BatchRestrictions": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "ComputeTypesAllowed": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of strings that specify the compute types that are allowed for the batch build. See [Build environment compute types](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html) in the *AWS CodeBuild User Guide* for these values.", + "title": "ComputeTypesAllowed", + "type": "array" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "MaximumBuildsAllowed": { + "markdownDescription": "Specifies the maximum number of builds allowed.", + "title": "MaximumBuildsAllowed", + "type": "number" + } + }, + "type": "object" + }, + "AWS::CodeBuild::Project.BuildStatusConfig": { + "additionalProperties": false, + "properties": { + "Context": { + "markdownDescription": "Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.\n\n- **Bitbucket** - This parameter is used for the `name` parameter in the Bitbucket commit status. For more information, see [build](https://docs.aws.amazon.com/https://developer.atlassian.com/bitbucket/api/2/reference/resource/repositories/%7Bworkspace%7D/%7Brepo_slug%7D/commit/%7Bnode%7D/statuses/build) in the Bitbucket API documentation.\n- **GitHub/GitHub Enterprise Server** - This parameter is used for the `context` parameter in the GitHub commit status. For more information, see [Create a commit status](https://docs.aws.amazon.com/https://developer.github.com/v3/repos/statuses/#create-a-commit-status) in the GitHub developer guide.", + "title": "Context", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Content": { - "markdownDescription": "The content of the flow module.", - "title": "Content", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the flow module.", - "title": "Description", - "type": "string" - }, - "InstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Connect instance.", - "title": "InstanceArn", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the flow module.", - "title": "Name", - "type": "string" - }, - "State": { - "markdownDescription": "The state of the flow module.", - "title": "State", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Content", - "InstanceArn", - "Name" - ], - "type": "object" + "TargetUrl": { + "markdownDescription": "Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.\n\n- **Bitbucket** - This parameter is used for the `url` parameter in the Bitbucket commit status. For more information, see [build](https://docs.aws.amazon.com/https://developer.atlassian.com/bitbucket/api/2/reference/resource/repositories/%7Bworkspace%7D/%7Brepo_slug%7D/commit/%7Bnode%7D/statuses/build) in the Bitbucket API documentation.\n- **GitHub/GitHub Enterprise Server** - This parameter is used for the `target_url` parameter in the GitHub commit status. For more information, see [Create a commit status](https://docs.aws.amazon.com/https://developer.github.com/v3/repos/statuses/#create-a-commit-status) in the GitHub developer guide.", + "title": "TargetUrl", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CodeBuild::Project.CloudWatchLogsConfig": { + "additionalProperties": false, + "properties": { + "GroupName": { + "markdownDescription": "The group name of the logs in CloudWatch Logs. For more information, see [Working with Log Groups and Log Streams](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/Working-with-log-groups-and-streams.html) .", + "title": "GroupName", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Connect::ContactFlowModule" - ], + "Status": { + "markdownDescription": "The current status of the logs in CloudWatch Logs for a build project. Valid values are:\n\n- `ENABLED` : CloudWatch Logs are enabled for this build project.\n- `DISABLED` : CloudWatch Logs are not enabled for this build project.", + "title": "Status", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "StreamName": { + "markdownDescription": "The prefix of the stream name of the CloudWatch Logs. For more information, see [Working with Log Groups and Log Streams](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/Working-with-log-groups-and-streams.html) .", + "title": "StreamName", "type": "string" } }, "required": [ - "Type", - "Properties" + "Status" ], "type": "object" }, - "AWS::Connect::EvaluationForm": { + "AWS::CodeBuild::Project.DockerServer": { "additionalProperties": false, "properties": { - "Condition": { + "ComputeType": { "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "ComputeType" + ], + "type": "object" + }, + "AWS::CodeBuild::Project.Environment": { + "additionalProperties": false, + "properties": { + "Certificate": { + "markdownDescription": "The ARN of the Amazon S3 bucket, path prefix, and object key that contains the PEM-encoded certificate for the build project. For more information, see [certificate](https://docs.aws.amazon.com/codebuild/latest/userguide/create-project-cli.html#cli.environment.certificate) in the *AWS CodeBuild User Guide* .", + "title": "Certificate", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ComputeType": { + "markdownDescription": "The type of compute environment. This determines the number of CPU cores and memory the build environment uses. Available values include:\n\n- `ATTRIBUTE_BASED_COMPUTE` : Specify the amount of vCPUs, memory, disk space, and the type of machine.\n\n> If you use `ATTRIBUTE_BASED_COMPUTE` , you must define your attributes by using `computeConfiguration` . AWS CodeBuild will select the cheapest instance that satisfies your specified attributes. For more information, see [Reserved capacity environment types](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html#environment-reserved-capacity.types) in the *AWS CodeBuild User Guide* .\n- `BUILD_GENERAL1_SMALL` : Use up to 4 GiB memory and 2 vCPUs for builds.\n- `BUILD_GENERAL1_MEDIUM` : Use up to 8 GiB memory and 4 vCPUs for builds.\n- `BUILD_GENERAL1_LARGE` : Use up to 16 GiB memory and 8 vCPUs for builds, depending on your environment type.\n- `BUILD_GENERAL1_XLARGE` : Use up to 72 GiB memory and 36 vCPUs for builds, depending on your environment type.\n- `BUILD_GENERAL1_2XLARGE` : Use up to 144 GiB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed.\n- `BUILD_LAMBDA_1GB` : Use up to 1 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_2GB` : Use up to 2 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_4GB` : Use up to 4 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_8GB` : Use up to 8 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_10GB` : Use up to 10 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n\nIf you use `BUILD_GENERAL1_SMALL` :\n\n- For environment type `LINUX_CONTAINER` , you can use up to 4 GiB memory and 2 vCPUs for builds.\n- For environment type `LINUX_GPU_CONTAINER` , you can use up to 16 GiB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds.\n- For environment type `ARM_CONTAINER` , you can use up to 4 GiB memory and 2 vCPUs on ARM-based processors for builds.\n\nIf you use `BUILD_GENERAL1_LARGE` :\n\n- For environment type `LINUX_CONTAINER` , you can use up to 16 GiB memory and 8 vCPUs for builds.\n- For environment type `LINUX_GPU_CONTAINER` , you can use up to 255 GiB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds.\n- For environment type `ARM_CONTAINER` , you can use up to 16 GiB memory and 8 vCPUs on ARM-based processors for builds.\n\nFor more information, see [On-demand environment types](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html#environment.types) in the *AWS CodeBuild User Guide.*", + "title": "ComputeType", + "type": "string" }, - "Metadata": { - "type": "object" + "DockerServer": { + "$ref": "#/definitions/AWS::CodeBuild::Project.DockerServer" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The description of the evaluation form.\n\n*Length Constraints* : Minimum length of 0. Maximum length of 1024.", - "title": "Description", - "type": "string" - }, - "InstanceArn": { - "markdownDescription": "The identifier of the Amazon Connect instance.", - "title": "InstanceArn", - "type": "string" - }, - "Items": { - "items": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormBaseItem" - }, - "markdownDescription": "Items that are part of the evaluation form. The total number of sections and questions must not exceed 100 each. Questions must be contained in a section.\n\n*Minimum size* : 1\n\n*Maximum size* : 100", - "title": "Items", - "type": "array" - }, - "ScoringStrategy": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.ScoringStrategy", - "markdownDescription": "A scoring strategy of the evaluation form.", - "title": "ScoringStrategy" - }, - "Status": { - "markdownDescription": "The status of the evaluation form.\n\n*Allowed values* : `DRAFT` | `ACTIVE`", - "title": "Status", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", - "title": "Tags", - "type": "array" - }, - "Title": { - "markdownDescription": "A title of the evaluation form.", - "title": "Title", - "type": "string" - } + "EnvironmentVariables": { + "items": { + "$ref": "#/definitions/AWS::CodeBuild::Project.EnvironmentVariable" }, - "required": [ - "InstanceArn", - "Items", - "Status", - "Title" - ], - "type": "object" + "markdownDescription": "A set of environment variables to make available to builds for this build project.", + "title": "EnvironmentVariables", + "type": "array" }, - "Type": { - "enum": [ - "AWS::Connect::EvaluationForm" - ], + "Fleet": { + "$ref": "#/definitions/AWS::CodeBuild::Project.ProjectFleet" + }, + "Image": { + "markdownDescription": "The image tag or image digest that identifies the Docker image to use for this build project. Use the following formats:\n\n- For an image tag: `/:` . For example, in the Docker repository that CodeBuild uses to manage its Docker images, this would be `aws/codebuild/standard:4.0` .\n- For an image digest: `/@` . For example, to specify an image with the digest \"sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf,\" use `/@sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf` .\n\nFor more information, see [Docker images provided by CodeBuild](https://docs.aws.amazon.com//codebuild/latest/userguide/build-env-ref-available.html) in the *AWS CodeBuild user guide* .", + "title": "Image", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ImagePullCredentialsType": { + "markdownDescription": "The type of credentials AWS CodeBuild uses to pull images in your build. There are two valid values:\n\n- `CODEBUILD` specifies that AWS CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust AWS CodeBuild service principal.\n- `SERVICE_ROLE` specifies that AWS CodeBuild uses your build project's service role.\n\nWhen you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an AWS CodeBuild curated image, you must use CODEBUILD credentials.", + "title": "ImagePullCredentialsType", + "type": "string" + }, + "PrivilegedMode": { + "markdownDescription": "Enables running the Docker daemon inside a Docker container. Set to true only if the build project is used to build Docker images. Otherwise, a build that attempts to interact with the Docker daemon fails. The default setting is `false` .\n\nYou can initialize the Docker daemon during the install phase of your build by adding one of the following sets of commands to the install phase of your buildspec file:\n\nIf the operating system's base image is Ubuntu Linux:\n\n`- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&`\n\n`- timeout 15 sh -c \"until docker info; do echo .; sleep 1; done\"`\n\nIf the operating system's base image is Alpine Linux and the previous command does not work, add the `-t` argument to `timeout` :\n\n`- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&`\n\n`- timeout -t 15 sh -c \"until docker info; do echo .; sleep 1; done\"`", + "title": "PrivilegedMode", + "type": "boolean" + }, + "RegistryCredential": { + "$ref": "#/definitions/AWS::CodeBuild::Project.RegistryCredential", + "markdownDescription": "`RegistryCredential` is a property of the [AWS::CodeBuild::Project Environment](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codebuild-project.html#cfn-codebuild-project-environment) property that specifies information about credentials that provide access to a private Docker registry. When this is set:\n\n- `imagePullCredentialsType` must be set to `SERVICE_ROLE` .\n- images cannot be curated or an Amazon ECR image.", + "title": "RegistryCredential" + }, + "Type": { + "markdownDescription": "The type of build environment to use for related builds.\n\n> If you're using compute fleets during project creation, `type` will be ignored. \n\nFor more information, see [Build environment compute types](https://docs.aws.amazon.com//codebuild/latest/userguide/build-env-ref-compute-types.html) in the *AWS CodeBuild user guide* .", + "title": "Type", "type": "string" } }, "required": [ - "Type", - "Properties" + "ComputeType", + "Image", + "Type" ], "type": "object" }, - "AWS::Connect::EvaluationForm.EvaluationFormBaseItem": { + "AWS::CodeBuild::Project.EnvironmentVariable": { "additionalProperties": false, "properties": { - "Section": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormSection", - "markdownDescription": "A subsection or inner section of an item.", - "title": "Section" + "Name": { + "markdownDescription": "The name or key of the environment variable.", + "title": "Name", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of environment variable. Valid values include:\n\n- `PARAMETER_STORE` : An environment variable stored in Systems Manager Parameter Store. For environment variables of this type, specify the name of the parameter as the `value` of the EnvironmentVariable. The parameter value will be substituted for the name at runtime. You can also define Parameter Store environment variables in the buildspec. To learn how to do so, see [env/parameter-store](https://docs.aws.amazon.com/codebuild/latest/userguide/build-spec-ref.html#build-spec.env.parameter-store) in the *AWS CodeBuild User Guide* .\n- `PLAINTEXT` : An environment variable in plain text format. This is the default value.\n- `SECRETS_MANAGER` : An environment variable stored in AWS Secrets Manager . For environment variables of this type, specify the name of the secret as the `value` of the EnvironmentVariable. The secret value will be substituted for the name at runtime. You can also define AWS Secrets Manager environment variables in the buildspec. To learn how to do so, see [env/secrets-manager](https://docs.aws.amazon.com/codebuild/latest/userguide/build-spec-ref.html#build-spec.env.secrets-manager) in the *AWS CodeBuild User Guide* .", + "title": "Type", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the environment variable.\n\n> We strongly discourage the use of `PLAINTEXT` environment variables to store sensitive values, especially AWS secret key IDs. `PLAINTEXT` environment variables can be displayed in plain text using the AWS CodeBuild console and the AWS CLI . For sensitive values, we recommend you use an environment variable of type `PARAMETER_STORE` or `SECRETS_MANAGER` .", + "title": "Value", + "type": "string" } }, "required": [ - "Section" + "Name", + "Value" ], "type": "object" }, - "AWS::Connect::EvaluationForm.EvaluationFormItem": { + "AWS::CodeBuild::Project.FilterGroup": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::CodeBuild::Project.GitSubmodulesConfig": { "additionalProperties": false, "properties": { - "Question": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormQuestion", - "markdownDescription": "The information of the question.", - "title": "Question" - }, - "Section": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormSection", - "markdownDescription": "The information of the section.", - "title": "Section" + "FetchSubmodules": { + "markdownDescription": "Set to true to fetch Git submodules for your AWS CodeBuild build project.", + "title": "FetchSubmodules", + "type": "boolean" } }, + "required": [ + "FetchSubmodules" + ], "type": "object" }, - "AWS::Connect::EvaluationForm.EvaluationFormNumericQuestionAutomation": { + "AWS::CodeBuild::Project.LogsConfig": { "additionalProperties": false, "properties": { - "PropertyValue": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.NumericQuestionPropertyValueAutomation", - "markdownDescription": "The property value of the automation.", - "title": "PropertyValue" + "CloudWatchLogs": { + "$ref": "#/definitions/AWS::CodeBuild::Project.CloudWatchLogsConfig", + "markdownDescription": "Information about CloudWatch Logs for a build project. CloudWatch Logs are enabled by default.", + "title": "CloudWatchLogs" + }, + "S3Logs": { + "$ref": "#/definitions/AWS::CodeBuild::Project.S3LogsConfig", + "markdownDescription": "Information about logs built to an S3 bucket for a build project. S3 logs are not enabled by default.", + "title": "S3Logs" } }, - "required": [ - "PropertyValue" - ], "type": "object" }, - "AWS::Connect::EvaluationForm.EvaluationFormNumericQuestionOption": { + "AWS::CodeBuild::Project.ProjectBuildBatchConfig": { "additionalProperties": false, "properties": { - "AutomaticFail": { - "markdownDescription": "The flag to mark the option as automatic fail. If an automatic fail answer is provided, the overall evaluation gets a score of 0.", - "title": "AutomaticFail", + "BatchReportMode": { + "markdownDescription": "Specifies how build status reports are sent to the source provider for the batch build. This property is only used when the source provider for your project is Bitbucket, GitHub, or GitHub Enterprise, and your project is configured to report build statuses to the source provider.\n\n- **REPORT_AGGREGATED_BATCH** - (Default) Aggregate all of the build statuses into a single status report.\n- **REPORT_INDIVIDUAL_BUILDS** - Send a separate status report for each individual build.", + "title": "BatchReportMode", + "type": "string" + }, + "CombineArtifacts": { + "markdownDescription": "Specifies if the build artifacts for the batch build should be combined into a single artifact location.", + "title": "CombineArtifacts", "type": "boolean" }, - "MaxValue": { - "markdownDescription": "The maximum answer value of the range option.", - "title": "MaxValue", - "type": "number" + "Restrictions": { + "$ref": "#/definitions/AWS::CodeBuild::Project.BatchRestrictions", + "markdownDescription": "A `BatchRestrictions` object that specifies the restrictions for the batch build.", + "title": "Restrictions" }, - "MinValue": { - "markdownDescription": "The minimum answer value of the range option.", - "title": "MinValue", - "type": "number" + "ServiceRole": { + "markdownDescription": "Specifies the service role ARN for the batch build project.", + "title": "ServiceRole", + "type": "string" }, - "Score": { - "markdownDescription": "The score assigned to answer values within the range option.\n\n*Minimum* : 0\n\n*Maximum* : 10", - "title": "Score", + "TimeoutInMins": { + "markdownDescription": "Specifies the maximum amount of time, in minutes, that the batch build must be completed in.", + "title": "TimeoutInMins", "type": "number" } }, - "required": [ - "MaxValue", - "MinValue" - ], "type": "object" }, - "AWS::Connect::EvaluationForm.EvaluationFormNumericQuestionProperties": { + "AWS::CodeBuild::Project.ProjectCache": { "additionalProperties": false, "properties": { - "Automation": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormNumericQuestionAutomation", - "markdownDescription": "The automation properties of the numeric question.", - "title": "Automation" - }, - "MaxValue": { - "markdownDescription": "The maximum answer value.", - "title": "MaxValue", - "type": "number" + "CacheNamespace": { + "markdownDescription": "Defines the scope of the cache. You can use this namespace to share a cache across multiple projects. For more information, see [Cache sharing between projects](https://docs.aws.amazon.com/codebuild/latest/userguide/caching-s3.html#caching-s3-sharing) in the *AWS CodeBuild User Guide* .", + "title": "CacheNamespace", + "type": "string" }, - "MinValue": { - "markdownDescription": "The minimum answer value.", - "title": "MinValue", - "type": "number" + "Location": { + "markdownDescription": "Information about the cache location:\n\n- `NO_CACHE` or `LOCAL` : This value is ignored.\n- `S3` : This is the S3 bucket name/prefix.", + "title": "Location", + "type": "string" }, - "Options": { + "Modes": { "items": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormNumericQuestionOption" + "type": "string" }, - "markdownDescription": "The scoring options of the numeric question.", - "title": "Options", + "markdownDescription": "An array of strings that specify the local cache modes. You can use one or more local cache modes at the same time. This is only used for `LOCAL` cache types.\n\nPossible values are:\n\n- **LOCAL_SOURCE_CACHE** - Caches Git metadata for primary and secondary sources. After the cache is created, subsequent builds pull only the change between commits. This mode is a good choice for projects with a clean working directory and a source that is a large Git repository. If you choose this option and your project does not use a Git repository (GitHub, GitHub Enterprise, or Bitbucket), the option is ignored.\n- **LOCAL_DOCKER_LAYER_CACHE** - Caches existing Docker layers. This mode is a good choice for projects that build or pull large Docker images. It can prevent the performance issues caused by pulling large Docker images down from the network.\n\n> - You can use a Docker layer cache in the Linux environment only.\n> - The `privileged` flag must be set so that your project has the required Docker permissions.\n> - You should consider the security implications before you use a Docker layer cache.\n- **LOCAL_CUSTOM_CACHE** - Caches directories you specify in the buildspec file. This mode is a good choice if your build scenario is not suited to one of the other three local cache modes. If you use a custom cache:\n\n- Only directories can be specified for caching. You cannot specify individual files.\n- Symlinks are used to reference cached directories.\n- Cached directories are linked to your build before it downloads its project sources. Cached items are overridden if a source item has the same name. Directories are specified using cache paths in the buildspec file.", + "title": "Modes", "type": "array" + }, + "Type": { + "markdownDescription": "The type of cache used by the build project. Valid values include:\n\n- `NO_CACHE` : The build project does not use any cache.\n- `S3` : The build project reads and writes from and to S3.\n- `LOCAL` : The build project stores a cache locally on a build host that is only available to that build host.", + "title": "Type", + "type": "string" } }, "required": [ - "MaxValue", - "MinValue" + "Type" ], "type": "object" }, - "AWS::Connect::EvaluationForm.EvaluationFormQuestion": { + "AWS::CodeBuild::Project.ProjectFileSystemLocation": { "additionalProperties": false, "properties": { - "Instructions": { - "markdownDescription": "The instructions of the section.\n\n*Length Constraints* : Minimum length of 0. Maximum length of 1024.", - "title": "Instructions", + "Identifier": { + "markdownDescription": "The name used to access a file system created by Amazon EFS. CodeBuild creates an environment variable by appending the `identifier` in all capital letters to `CODEBUILD_` . For example, if you specify `my_efs` for `identifier` , a new environment variable is create named `CODEBUILD_MY_EFS` .\n\nThe `identifier` is used to mount your file system.", + "title": "Identifier", "type": "string" }, - "NotApplicableEnabled": { - "markdownDescription": "The flag to enable not applicable answers to the question.", - "title": "NotApplicableEnabled", - "type": "boolean" - }, - "QuestionType": { - "markdownDescription": "The type of the question.\n\n*Allowed values* : `NUMERIC` | `SINGLESELECT` | `TEXT`", - "title": "QuestionType", + "Location": { + "markdownDescription": "A string that specifies the location of the file system created by Amazon EFS. Its format is `efs-dns-name:/directory-path` . You can find the DNS name of file system when you view it in the Amazon EFS console. The directory path is a path to a directory in the file system that CodeBuild mounts. For example, if the DNS name of a file system is `fs-abcd1234.efs.us-west-2.amazonaws.com` , and its mount directory is `my-efs-mount-directory` , then the `location` is `fs-abcd1234.efs.us-west-2.amazonaws.com:/my-efs-mount-directory` .\n\nThe directory path in the format `efs-dns-name:/directory-path` is optional. If you do not specify a directory path, the location is only the DNS name and CodeBuild mounts the entire file system.", + "title": "Location", "type": "string" }, - "QuestionTypeProperties": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormQuestionTypeProperties", - "markdownDescription": "The properties of the type of question. Text questions do not have to define question type properties.", - "title": "QuestionTypeProperties" - }, - "RefId": { - "markdownDescription": "The identifier of the question. An identifier must be unique within the evaluation form.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 40.", - "title": "RefId", + "MountOptions": { + "markdownDescription": "The mount options for a file system created by Amazon EFS. The default mount options used by CodeBuild are `nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2` . For more information, see [Recommended NFS Mount Options](https://docs.aws.amazon.com/efs/latest/ug/mounting-fs-nfs-mount-settings.html) .", + "title": "MountOptions", "type": "string" }, - "Title": { - "markdownDescription": "The title of the question.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 350.", - "title": "Title", + "MountPoint": { + "markdownDescription": "The location in the container where you mount the file system.", + "title": "MountPoint", "type": "string" }, - "Weight": { - "markdownDescription": "The scoring weight of the section.\n\n*Minimum* : 0\n\n*Maximum* : 100", - "title": "Weight", - "type": "number" + "Type": { + "markdownDescription": "The type of the file system. The one supported type is `EFS` .", + "title": "Type", + "type": "string" } }, "required": [ - "QuestionType", - "RefId", - "Title" + "Identifier", + "Location", + "MountPoint", + "Type" ], "type": "object" }, - "AWS::Connect::EvaluationForm.EvaluationFormQuestionTypeProperties": { + "AWS::CodeBuild::Project.ProjectFleet": { "additionalProperties": false, "properties": { - "Numeric": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormNumericQuestionProperties", - "markdownDescription": "The properties of the numeric question.", - "title": "Numeric" - }, - "SingleSelect": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionProperties", - "markdownDescription": "The properties of the numeric question.", - "title": "SingleSelect" + "FleetArn": { + "markdownDescription": "Specifies the compute fleet ARN for the build project.", + "title": "FleetArn", + "type": "string" } }, "type": "object" }, - "AWS::Connect::EvaluationForm.EvaluationFormSection": { + "AWS::CodeBuild::Project.ProjectSourceVersion": { "additionalProperties": false, "properties": { - "Instructions": { - "markdownDescription": "The instructions of the section.", - "title": "Instructions", - "type": "string" - }, - "Items": { - "items": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormItem" - }, - "markdownDescription": "The items of the section.\n\n*Minimum* : 1", - "title": "Items", - "type": "array" - }, - "RefId": { - "markdownDescription": "The identifier of the section. An identifier must be unique within the evaluation form.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 40.", - "title": "RefId", + "SourceIdentifier": { + "markdownDescription": "An identifier for a source in the build project. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.", + "title": "SourceIdentifier", "type": "string" }, - "Title": { - "markdownDescription": "The title of the section.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 128.", - "title": "Title", + "SourceVersion": { + "markdownDescription": "The source version for the corresponding source identifier. If specified, must be one of:\n\n- For CodeCommit: the commit ID, branch, or Git tag to use.\n- For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format `pr/pull-request-ID` (for example, `pr/25` ). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.\n- For GitLab: the commit ID, branch, or Git tag to use.\n- For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.\n- For Amazon S3: the version ID of the object that represents the build input ZIP file to use.\n\nFor more information, see [Source Version Sample with CodeBuild](https://docs.aws.amazon.com/codebuild/latest/userguide/sample-source-version.html) in the *AWS CodeBuild User Guide* .", + "title": "SourceVersion", "type": "string" - }, - "Weight": { - "markdownDescription": "The scoring weight of the section.\n\n*Minimum* : 0\n\n*Maximum* : 100", - "title": "Weight", - "type": "number" } }, "required": [ - "RefId", - "Title" + "SourceIdentifier" ], "type": "object" }, - "AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionAutomation": { + "AWS::CodeBuild::Project.ProjectTriggers": { "additionalProperties": false, "properties": { - "DefaultOptionRefId": { - "markdownDescription": "The identifier of the default answer option, when none of the automation options match the criteria.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 40.", - "title": "DefaultOptionRefId", + "BuildType": { + "markdownDescription": "Specifies the type of build this webhook will trigger. Allowed values are:\n\n- **BUILD** - A single build\n- **BUILD_BATCH** - A batch build", + "title": "BuildType", "type": "string" }, - "Options": { + "FilterGroups": { "items": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionAutomationOption" + "$ref": "#/definitions/AWS::CodeBuild::Project.FilterGroup" }, - "markdownDescription": "The automation options of the single select question.\n\n*Minimum* : 1\n\n*Maximum* : 20", - "title": "Options", + "markdownDescription": "A list of lists of `WebhookFilter` objects used to determine which webhook events are triggered. At least one `WebhookFilter` in the array must specify `EVENT` as its type.", + "title": "FilterGroups", "type": "array" + }, + "ScopeConfiguration": { + "$ref": "#/definitions/AWS::CodeBuild::Project.ScopeConfiguration", + "markdownDescription": "Contains configuration information about the scope for a webhook.", + "title": "ScopeConfiguration" + }, + "Webhook": { + "markdownDescription": "Specifies whether or not to begin automatically rebuilding the source code every time a code change is pushed to the repository.", + "title": "Webhook", + "type": "boolean" } }, - "required": [ - "Options" - ], "type": "object" }, - "AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionAutomationOption": { + "AWS::CodeBuild::Project.RegistryCredential": { "additionalProperties": false, "properties": { - "RuleCategory": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.SingleSelectQuestionRuleCategoryAutomation", - "markdownDescription": "The automation option based on a rule category for the single select question.", - "title": "RuleCategory" + "Credential": { + "markdownDescription": "The Amazon Resource Name (ARN) or name of credentials created using AWS Secrets Manager .\n\n> The `credential` can use the name of the credentials only if they exist in your current AWS Region .", + "title": "Credential", + "type": "string" + }, + "CredentialProvider": { + "markdownDescription": "The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for AWS Secrets Manager .", + "title": "CredentialProvider", + "type": "string" } }, "required": [ - "RuleCategory" + "Credential", + "CredentialProvider" ], "type": "object" }, - "AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionOption": { + "AWS::CodeBuild::Project.S3LogsConfig": { "additionalProperties": false, "properties": { - "AutomaticFail": { - "markdownDescription": "The flag to mark the option as automatic fail. If an automatic fail answer is provided, the overall evaluation gets a score of 0.", - "title": "AutomaticFail", + "EncryptionDisabled": { + "markdownDescription": "Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted.", + "title": "EncryptionDisabled", "type": "boolean" }, - "RefId": { - "markdownDescription": "The identifier of the answer option. An identifier must be unique within the question.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 40.", - "title": "RefId", + "Location": { + "markdownDescription": "The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is `my-bucket` , and your path prefix is `build-log` , then acceptable formats are `my-bucket/build-log` or `arn:aws:s3:::my-bucket/build-log` .", + "title": "Location", "type": "string" }, - "Score": { - "markdownDescription": "The score assigned to the answer option.\n\n*Minimum* : 0\n\n*Maximum* : 10", - "title": "Score", - "type": "number" - }, - "Text": { - "markdownDescription": "The title of the answer option.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 128.", - "title": "Text", + "Status": { + "markdownDescription": "The current status of the S3 build logs. Valid values are:\n\n- `ENABLED` : S3 build logs are enabled for this build project.\n- `DISABLED` : S3 build logs are not enabled for this build project.", + "title": "Status", "type": "string" } }, "required": [ - "RefId", - "Text" + "Status" ], "type": "object" }, - "AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionProperties": { + "AWS::CodeBuild::Project.ScopeConfiguration": { "additionalProperties": false, "properties": { - "Automation": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionAutomation", - "markdownDescription": "The display mode of the single select question.", - "title": "Automation" + "Domain": { + "markdownDescription": "The domain of the GitHub Enterprise organization or the GitLab Self Managed group. Note that this parameter is only required if your project's source type is GITHUB_ENTERPRISE or GITLAB_SELF_MANAGED.", + "title": "Domain", + "type": "string" }, - "DisplayAs": { - "markdownDescription": "The display mode of the single select question.\n\n*Allowed values* : `DROPDOWN` | `RADIO`", - "title": "DisplayAs", + "Name": { + "markdownDescription": "The name of either the enterprise or organization that will send webhook events to CodeBuild , depending on if the webhook is a global or organization webhook respectively.", + "title": "Name", "type": "string" }, - "Options": { - "items": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionOption" - }, - "markdownDescription": "The answer options of the single select question.\n\n*Minimum* : 2\n\n*Maximum* : 256", - "title": "Options", - "type": "array" + "Scope": { + "markdownDescription": "The type of scope for a GitHub or GitLab webhook. The scope default is GITHUB_ORGANIZATION.", + "title": "Scope", + "type": "string" } }, "required": [ - "Options" + "Name" ], "type": "object" }, - "AWS::Connect::EvaluationForm.NumericQuestionPropertyValueAutomation": { + "AWS::CodeBuild::Project.Source": { "additionalProperties": false, "properties": { - "Label": { - "markdownDescription": "The property label of the automation.", - "title": "Label", + "Auth": { + "$ref": "#/definitions/AWS::CodeBuild::Project.SourceAuth", + "markdownDescription": "Information about the authorization settings for AWS CodeBuild to access the source code to be built.", + "title": "Auth" + }, + "BuildSpec": { + "markdownDescription": "The build specification for the project. If this value is not provided, then the source code must contain a buildspec file named `buildspec.yml` at the root level. If this value is provided, it can be either a single string containing the entire build specification, or the path to an alternate buildspec file relative to the value of the built-in environment variable `CODEBUILD_SRC_DIR` . The alternate buildspec file can have a name other than `buildspec.yml` , for example `myspec.yml` or `build_spec_qa.yml` or similar. For more information, see the [Build Spec Reference](https://docs.aws.amazon.com/codebuild/latest/userguide/build-spec-ref.html#build-spec-ref-example) in the *AWS CodeBuild User Guide* .", + "title": "BuildSpec", + "type": "string" + }, + "BuildStatusConfig": { + "$ref": "#/definitions/AWS::CodeBuild::Project.BuildStatusConfig", + "markdownDescription": "Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is `GITHUB` , `GITHUB_ENTERPRISE` , or `BITBUCKET` .", + "title": "BuildStatusConfig" + }, + "GitCloneDepth": { + "markdownDescription": "The depth of history to download. Minimum value is 0. If this value is 0, greater than 25, or not provided, then the full history is downloaded with each build project. If your source type is Amazon S3, this value is not supported.", + "title": "GitCloneDepth", + "type": "number" + }, + "GitSubmodulesConfig": { + "$ref": "#/definitions/AWS::CodeBuild::Project.GitSubmodulesConfig", + "markdownDescription": "Information about the Git submodules configuration for the build project.", + "title": "GitSubmodulesConfig" + }, + "InsecureSsl": { + "markdownDescription": "This is used with GitHub Enterprise only. Set to true to ignore SSL warnings while connecting to your GitHub Enterprise project repository. The default value is `false` . `InsecureSsl` should be used for testing purposes only. It should not be used in a production environment.", + "title": "InsecureSsl", + "type": "boolean" + }, + "Location": { + "markdownDescription": "Information about the location of the source code to be built. Valid values include:\n\n- For source code settings that are specified in the source action of a pipeline in CodePipeline, `location` should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value.\n- For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, `https://git-codecommit..amazonaws.com/v1/repos/` ).\n- For source code in an Amazon S3 input bucket, one of the following.\n\n- The path to the ZIP file that contains the source code (for example, `//.zip` ).\n- The path to the folder that contains the source code (for example, `///` ).\n- For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your AWS account to your GitHub account. Use the AWS CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub *Authorize application* page, for *Organization access* , choose *Request access* next to each repository you want to allow AWS CodeBuild to have access to, and then choose *Authorize application* . (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the AWS CodeBuild console.) To instruct AWS CodeBuild to use this connection, in the `source` object, set the `auth` object's `type` value to `OAUTH` .\n- For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your AWS account to your GitLab account. Use the AWS CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections *Authorize application* page, choose *Authorize* . Then on the AWS CodeConnections *Create GitLab connection* page, choose *Connect to GitLab* . (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the AWS CodeBuild console.) To instruct AWS CodeBuild to override the default connection and use this connection instead, set the `auth` object's `type` value to `CODECONNECTIONS` in the `source` object.\n- For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your AWS account to your Bitbucket account. Use the AWS CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket *Confirm access to your account* page, choose *Grant access* . (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the AWS CodeBuild console.) To instruct AWS CodeBuild to use this connection, in the `source` object, set the `auth` object's `type` value to `OAUTH` .\n\nIf you specify `CODEPIPELINE` for the `Type` property, don't specify this property. For all of the other types, you must specify `Location` .", + "title": "Location", + "type": "string" + }, + "ReportBuildStatus": { + "markdownDescription": "Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an `invalidInputException` is thrown.", + "title": "ReportBuildStatus", + "type": "boolean" + }, + "SourceIdentifier": { + "markdownDescription": "An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.", + "title": "SourceIdentifier", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of repository that contains the source code to be built. Valid values include:\n\n- `BITBUCKET` : The source code is in a Bitbucket repository.\n- `CODECOMMIT` : The source code is in an CodeCommit repository.\n- `CODEPIPELINE` : The source code settings are specified in the source action of a pipeline in CodePipeline.\n- `GITHUB` : The source code is in a GitHub repository.\n- `GITHUB_ENTERPRISE` : The source code is in a GitHub Enterprise Server repository.\n- `GITLAB` : The source code is in a GitLab repository.\n- `GITLAB_SELF_MANAGED` : The source code is in a self-managed GitLab repository.\n- `NO_SOURCE` : The project does not have input source code.\n- `S3` : The source code is in an Amazon S3 bucket.", + "title": "Type", "type": "string" } }, "required": [ - "Label" + "Type" ], "type": "object" }, - "AWS::Connect::EvaluationForm.ScoringStrategy": { + "AWS::CodeBuild::Project.SourceAuth": { "additionalProperties": false, "properties": { - "Mode": { - "markdownDescription": "The scoring mode of the evaluation form.\n\n*Allowed values* : `QUESTION_ONLY` | `SECTION_ONLY`", - "title": "Mode", + "Resource": { + "markdownDescription": "The resource value that applies to the specified authorization type.", + "title": "Resource", "type": "string" }, - "Status": { - "markdownDescription": "The scoring status of the evaluation form.\n\n*Allowed values* : `ENABLED` | `DISABLED`", - "title": "Status", + "Type": { + "markdownDescription": "The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.", + "title": "Type", "type": "string" } }, "required": [ - "Mode", - "Status" + "Type" ], "type": "object" }, - "AWS::Connect::EvaluationForm.SingleSelectQuestionRuleCategoryAutomation": { + "AWS::CodeBuild::Project.VpcConfig": { "additionalProperties": false, "properties": { - "Category": { - "markdownDescription": "The category name, as defined in Rules.\n\n*Minimum* : 1\n\n*Maximum* : 50", - "title": "Category", + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of one or more security groups IDs in your Amazon VPC. The maximum count is 5.", + "title": "SecurityGroupIds", + "type": "array" + }, + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of one or more subnet IDs in your Amazon VPC. The maximum count is 16.", + "title": "Subnets", + "type": "array" + }, + "VpcId": { + "markdownDescription": "The ID of the Amazon VPC.", + "title": "VpcId", "type": "string" + } + }, + "type": "object" + }, + "AWS::CodeBuild::Project.WebhookFilter": { + "additionalProperties": false, + "properties": { + "ExcludeMatchedPattern": { + "markdownDescription": "Used to indicate that the `pattern` determines which webhook events do not trigger a build. If true, then a webhook event that does not match the `pattern` triggers a build. If false, then a webhook event that matches the `pattern` triggers a build.", + "title": "ExcludeMatchedPattern", + "type": "boolean" }, - "Condition": { - "markdownDescription": "The condition to apply for the automation option. If the condition is PRESENT, then the option is applied when the contact data includes the category. Similarly, if the condition is NOT_PRESENT, then the option is applied when the contact data does not include the category.\n\n*Allowed values* : `PRESENT` | `NOT_PRESENT`\n\n*Maximum* : 50", - "title": "Condition", + "Pattern": { + "markdownDescription": "For a `WebHookFilter` that uses `EVENT` type, a comma-separated string that specifies one or more events. For example, the webhook filter `PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED` allows all push, pull request created, and pull request updated events to trigger a build.\n\nFor a `WebHookFilter` that uses any of the other filter types, a regular expression pattern. For example, a `WebHookFilter` that uses `HEAD_REF` for its `type` and the pattern `^refs/heads/` triggers a build when the head reference is a branch with a reference name `refs/heads/branch-name` .", + "title": "Pattern", "type": "string" }, - "OptionRefId": { - "markdownDescription": "The identifier of the answer option. An identifier must be unique within the question.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 40.", - "title": "OptionRefId", + "Type": { + "markdownDescription": "The type of webhook filter. There are 11 webhook filter types: `EVENT` , `ACTOR_ACCOUNT_ID` , `HEAD_REF` , `BASE_REF` , `FILE_PATH` , `COMMIT_MESSAGE` , `TAG_NAME` , `RELEASE_NAME` , `REPOSITORY_NAME` , `ORGANIZATION_NAME` , and `WORKFLOW_NAME` .\n\n- EVENT\n\n- A webhook event triggers a build when the provided `pattern` matches one of nine event types: `PUSH` , `PULL_REQUEST_CREATED` , `PULL_REQUEST_UPDATED` , `PULL_REQUEST_CLOSED` , `PULL_REQUEST_REOPENED` , `PULL_REQUEST_MERGED` , `RELEASED` , `PRERELEASED` , and `WORKFLOW_JOB_QUEUED` . The `EVENT` patterns are specified as a comma-separated string. For example, `PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED` filters all push, pull request created, and pull request updated events.\n\n> Types `PULL_REQUEST_REOPENED` and `WORKFLOW_JOB_QUEUED` work with GitHub and GitHub Enterprise only. Types `RELEASED` and `PRERELEASED` work with GitHub only.\n- ACTOR_ACCOUNT_ID\n\n- A webhook event triggers a build when a GitHub, GitHub Enterprise, or Bitbucket account ID matches the regular expression `pattern` .\n- HEAD_REF\n\n- A webhook event triggers a build when the head reference matches the regular expression `pattern` . For example, `refs/heads/branch-name` and `refs/tags/tag-name` .\n\n> Works with GitHub and GitHub Enterprise push, GitHub and GitHub Enterprise pull request, Bitbucket push, and Bitbucket pull request events.\n- BASE_REF\n\n- A webhook event triggers a build when the base reference matches the regular expression `pattern` . For example, `refs/heads/branch-name` .\n\n> Works with pull request events only.\n- FILE_PATH\n\n- A webhook triggers a build when the path of a changed file matches the regular expression `pattern` .\n\n> Works with push and pull request events only.\n- COMMIT_MESSAGE\n\n- A webhook triggers a build when the head commit message matches the regular expression `pattern` .\n\n> Works with push and pull request events only.\n- TAG_NAME\n\n- A webhook triggers a build when the tag name of the release matches the regular expression `pattern` .\n\n> Works with `RELEASED` and `PRERELEASED` events only.\n- RELEASE_NAME\n\n- A webhook triggers a build when the release name matches the regular expression `pattern` .\n\n> Works with `RELEASED` and `PRERELEASED` events only.\n- REPOSITORY_NAME\n\n- A webhook triggers a build when the repository name matches the regular expression `pattern` .\n\n> Works with GitHub global or organization webhooks only.\n- ORGANIZATION_NAME\n\n- A webhook triggers a build when the organization name matches the regular expression `pattern` .\n\n> Works with GitHub global webhooks only.\n- WORKFLOW_NAME\n\n- A webhook triggers a build when the workflow name matches the regular expression `pattern` .\n\n> Works with `WORKFLOW_JOB_QUEUED` events only. > For CodeBuild-hosted Buildkite runner builds, WORKFLOW_NAME filters will filter by pipeline name.", + "title": "Type", "type": "string" } }, "required": [ - "Category", - "Condition", - "OptionRefId" + "Pattern", + "Type" ], "type": "object" }, - "AWS::Connect::HoursOfOperation": { + "AWS::CodeBuild::ReportGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -50363,26 +55971,18 @@ "Properties": { "additionalProperties": false, "properties": { - "Config": { - "items": { - "$ref": "#/definitions/AWS::Connect::HoursOfOperation.HoursOfOperationConfig" - }, - "markdownDescription": "Configuration information for the hours of operation.", - "title": "Config", - "type": "array" - }, - "Description": { - "markdownDescription": "The description for the hours of operation.", - "title": "Description", - "type": "string" + "DeleteReports": { + "markdownDescription": "When deleting a report group, specifies if reports within the report group should be deleted.\n\n- **true** - Deletes any reports that belong to the report group before deleting the report group.\n- **false** - You must delete any reports in the report group. This is the default value. If you delete a report group that contains one or more reports, an exception is thrown.", + "title": "DeleteReports", + "type": "boolean" }, - "InstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", - "title": "InstanceArn", - "type": "string" + "ExportConfig": { + "$ref": "#/definitions/AWS::CodeBuild::ReportGroup.ReportExportConfig", + "markdownDescription": "Information about the destination where the raw data of this `ReportGroup` is exported.", + "title": "ExportConfig" }, "Name": { - "markdownDescription": "The name for the hours of operation.", + "markdownDescription": "The name of the `ReportGroup` .", "title": "Name", "type": "string" }, @@ -50390,27 +55990,25 @@ "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"Tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "markdownDescription": "A list of tag key and value pairs associated with this report group.\n\nThese tags are available for use by AWS services that support AWS CodeBuild report group tags.", "title": "Tags", "type": "array" }, - "TimeZone": { - "markdownDescription": "The time zone for the hours of operation.", - "title": "TimeZone", + "Type": { + "markdownDescription": "The type of the `ReportGroup` . This can be one of the following values:\n\n- **CODE_COVERAGE** - The report group contains code coverage reports.\n- **TEST** - The report group contains test reports.", + "title": "Type", "type": "string" } }, "required": [ - "Config", - "InstanceArn", - "Name", - "TimeZone" + "ExportConfig", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::HoursOfOperation" + "AWS::CodeBuild::ReportGroup" ], "type": "string" }, @@ -50429,53 +56027,65 @@ ], "type": "object" }, - "AWS::Connect::HoursOfOperation.HoursOfOperationConfig": { + "AWS::CodeBuild::ReportGroup.ReportExportConfig": { "additionalProperties": false, "properties": { - "Day": { - "markdownDescription": "The day that the hours of operation applies to.", - "title": "Day", + "ExportConfigType": { + "markdownDescription": "The export configuration type. Valid values are:\n\n- `S3` : The report results are exported to an S3 bucket.\n- `NO_EXPORT` : The report results are not exported.", + "title": "ExportConfigType", "type": "string" }, - "EndTime": { - "$ref": "#/definitions/AWS::Connect::HoursOfOperation.HoursOfOperationTimeSlice", - "markdownDescription": "The end time that your contact center closes.", - "title": "EndTime" - }, - "StartTime": { - "$ref": "#/definitions/AWS::Connect::HoursOfOperation.HoursOfOperationTimeSlice", - "markdownDescription": "The start time that your contact center opens.", - "title": "StartTime" + "S3Destination": { + "$ref": "#/definitions/AWS::CodeBuild::ReportGroup.S3ReportExportConfig", + "markdownDescription": "A `S3ReportExportConfig` object that contains information about the S3 bucket where the run of a report is exported.", + "title": "S3Destination" } }, "required": [ - "Day", - "EndTime", - "StartTime" + "ExportConfigType" ], "type": "object" }, - "AWS::Connect::HoursOfOperation.HoursOfOperationTimeSlice": { + "AWS::CodeBuild::ReportGroup.S3ReportExportConfig": { "additionalProperties": false, "properties": { - "Hours": { - "markdownDescription": "The hours.", - "title": "Hours", - "type": "number" + "Bucket": { + "markdownDescription": "The name of the S3 bucket where the raw data of a report are exported.", + "title": "Bucket", + "type": "string" }, - "Minutes": { - "markdownDescription": "The minutes.", - "title": "Minutes", - "type": "number" - } - }, - "required": [ - "Hours", - "Minutes" + "BucketOwner": { + "markdownDescription": "The AWS account identifier of the owner of the Amazon S3 bucket. This allows report data to be exported to an Amazon S3 bucket that is owned by an account other than the account running the build.", + "title": "BucketOwner", + "type": "string" + }, + "EncryptionDisabled": { + "markdownDescription": "A boolean value that specifies if the results of a report are encrypted.", + "title": "EncryptionDisabled", + "type": "boolean" + }, + "EncryptionKey": { + "markdownDescription": "The encryption key for the report's encrypted raw data.", + "title": "EncryptionKey", + "type": "string" + }, + "Packaging": { + "markdownDescription": "The type of build output artifact to create. Valid values include:\n\n- `NONE` : CodeBuild creates the raw data in the output bucket. This is the default if packaging is not specified.\n- `ZIP` : CodeBuild creates a ZIP file with the raw data in the output bucket.", + "title": "Packaging", + "type": "string" + }, + "Path": { + "markdownDescription": "The path to the exported report's raw data results.", + "title": "Path", + "type": "string" + } + }, + "required": [ + "Bucket" ], "type": "object" }, - "AWS::Connect::Instance": { + "AWS::CodeBuild::SourceCredential": { "additionalProperties": false, "properties": { "Condition": { @@ -50510,44 +56120,37 @@ "Properties": { "additionalProperties": false, "properties": { - "Attributes": { - "$ref": "#/definitions/AWS::Connect::Instance.Attributes", - "markdownDescription": "A toggle for an individual feature at the instance level.", - "title": "Attributes" - }, - "DirectoryId": { - "markdownDescription": "The identifier for the directory.", - "title": "DirectoryId", + "AuthType": { + "markdownDescription": "The type of authentication used by the credentials. Valid options are OAUTH, BASIC_AUTH, PERSONAL_ACCESS_TOKEN, CODECONNECTIONS, or SECRETS_MANAGER.", + "title": "AuthType", "type": "string" }, - "IdentityManagementType": { - "markdownDescription": "The identity management type.", - "title": "IdentityManagementType", + "ServerType": { + "markdownDescription": "The type of source provider. The valid options are GITHUB, GITHUB_ENTERPRISE, GITLAB, GITLAB_SELF_MANAGED, or BITBUCKET.", + "title": "ServerType", "type": "string" }, - "InstanceAlias": { - "markdownDescription": "The alias of instance. `InstanceAlias` is only required when `IdentityManagementType` is `CONNECT_MANAGED` or `SAML` . `InstanceAlias` is not required when `IdentityManagementType` is `EXISTING_DIRECTORY` .", - "title": "InstanceAlias", + "Token": { + "markdownDescription": "For GitHub or GitHub Enterprise, this is the personal access token. For Bitbucket, this is either the access token or the app password. For the `authType` CODECONNECTIONS, this is the `connectionArn` . For the `authType` SECRETS_MANAGER, this is the `secretArn` .", + "title": "Token", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.", - "title": "Tags", - "type": "array" + "Username": { + "markdownDescription": "The Bitbucket username when the `authType` is BASIC_AUTH. This parameter is not valid for other types of source providers or connections.", + "title": "Username", + "type": "string" } }, "required": [ - "Attributes", - "IdentityManagementType" + "AuthType", + "ServerType", + "Token" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::Instance" + "AWS::CodeBuild::SourceCredential" ], "type": "string" }, @@ -50566,52 +56169,7 @@ ], "type": "object" }, - "AWS::Connect::Instance.Attributes": { - "additionalProperties": false, - "properties": { - "AutoResolveBestVoices": { - "markdownDescription": "", - "title": "AutoResolveBestVoices", - "type": "boolean" - }, - "ContactLens": { - "markdownDescription": "", - "title": "ContactLens", - "type": "boolean" - }, - "ContactflowLogs": { - "markdownDescription": "", - "title": "ContactflowLogs", - "type": "boolean" - }, - "EarlyMedia": { - "markdownDescription": "", - "title": "EarlyMedia", - "type": "boolean" - }, - "InboundCalls": { - "markdownDescription": "", - "title": "InboundCalls", - "type": "boolean" - }, - "OutboundCalls": { - "markdownDescription": "", - "title": "OutboundCalls", - "type": "boolean" - }, - "UseCustomTTSVoices": { - "markdownDescription": "", - "title": "UseCustomTTSVoices", - "type": "boolean" - } - }, - "required": [ - "InboundCalls", - "OutboundCalls" - ], - "type": "object" - }, - "AWS::Connect::InstanceStorageConfig": { + "AWS::CodeCommit::Repository": { "additionalProperties": false, "properties": { "Condition": { @@ -50646,52 +56204,51 @@ "Properties": { "additionalProperties": false, "properties": { - "InstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", - "title": "InstanceArn", - "type": "string" - }, - "KinesisFirehoseConfig": { - "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig.KinesisFirehoseConfig", - "markdownDescription": "The configuration of the Kinesis Firehose delivery stream.", - "title": "KinesisFirehoseConfig" + "Code": { + "$ref": "#/definitions/AWS::CodeCommit::Repository.Code", + "markdownDescription": "Information about code to be committed to a repository after it is created in an AWS CloudFormation stack. Information about code is only used in resource creation. Updates to a stack will not reflect changes made to code properties after initial resource creation.\n\n> You can only use this property to add code when creating a repository with a AWS CloudFormation template at creation time. This property cannot be used for updating code to an existing repository.", + "title": "Code" }, - "KinesisStreamConfig": { - "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig.KinesisStreamConfig", - "markdownDescription": "The configuration of the Kinesis data stream.", - "title": "KinesisStreamConfig" + "KmsKeyId": { + "markdownDescription": "The ID of the AWS Key Management Service encryption key used to encrypt and decrypt the repository.\n\n> The input can be the full ARN, the key ID, or the key alias. For more information, see [Finding the key ID and key ARN](https://docs.aws.amazon.com/kms/latest/developerguide/find-cmk-id-arn.html) .", + "title": "KmsKeyId", + "type": "string" }, - "KinesisVideoStreamConfig": { - "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig.KinesisVideoStreamConfig", - "markdownDescription": "The configuration of the Kinesis video stream.", - "title": "KinesisVideoStreamConfig" + "RepositoryDescription": { + "markdownDescription": "A comment or description about the new repository.\n\n> The description field for a repository accepts all HTML characters and all valid Unicode characters. Applications that do not HTML-encode the description and display it in a webpage can expose users to potentially malicious code. Make sure that you HTML-encode the description field in any application that uses this API to display the repository description on a webpage.", + "title": "RepositoryDescription", + "type": "string" }, - "ResourceType": { - "markdownDescription": "A valid resource type. Following are the valid resource types: `CHAT_TRANSCRIPTS` | `CALL_RECORDINGS` | `SCHEDULED_REPORTS` | `MEDIA_STREAMS` | `CONTACT_TRACE_RECORDS` | `AGENT_EVENTS`", - "title": "ResourceType", + "RepositoryName": { + "markdownDescription": "The name of the new repository to be created.\n\n> The repository name must be unique across the calling AWS account . Repository names are limited to 100 alphanumeric, dash, and underscore characters, and cannot include certain characters. For more information about the limits on repository names, see [Quotas](https://docs.aws.amazon.com/codecommit/latest/userguide/limits.html) in the *AWS CodeCommit User Guide* . The suffix .git is prohibited.", + "title": "RepositoryName", "type": "string" }, - "S3Config": { - "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig.S3Config", - "markdownDescription": "The S3 bucket configuration.", - "title": "S3Config" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "One or more tag key-value pairs to use when tagging this repository.", + "title": "Tags", + "type": "array" }, - "StorageType": { - "markdownDescription": "A valid storage type.", - "title": "StorageType", - "type": "string" + "Triggers": { + "items": { + "$ref": "#/definitions/AWS::CodeCommit::Repository.RepositoryTrigger" + }, + "markdownDescription": "The JSON block of configuration information for each trigger.", + "title": "Triggers", + "type": "array" } }, "required": [ - "InstanceArn", - "ResourceType", - "StorageType" + "RepositoryName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::InstanceStorageConfig" + "AWS::CodeCommit::Repository" ], "type": "string" }, @@ -50710,185 +56267,93 @@ ], "type": "object" }, - "AWS::Connect::InstanceStorageConfig.EncryptionConfig": { + "AWS::CodeCommit::Repository.Code": { "additionalProperties": false, "properties": { - "EncryptionType": { - "markdownDescription": "The type of encryption.", - "title": "EncryptionType", + "BranchName": { + "markdownDescription": "Optional. Specifies a branch name to be used as the default branch when importing code into a repository on initial creation. If this property is not set, the name *main* will be used for the default branch for the repository. Changes to this property are ignored after initial resource creation. We recommend using this parameter to set the name to *main* to align with the default behavior of CodeCommit unless another name is needed.", + "title": "BranchName", "type": "string" }, - "KeyId": { - "markdownDescription": "The full ARN of the encryption key.\n\n> Be sure to provide the full ARN of the encryption key, not just the ID.\n> \n> Amazon Connect supports only KMS keys with the default key spec of [`SYMMETRIC_DEFAULT`](https://docs.aws.amazon.com/kms/latest/developerguide/asymmetric-key-specs.html#key-spec-symmetric-default) .", - "title": "KeyId", - "type": "string" - } - }, - "required": [ - "EncryptionType", - "KeyId" - ], - "type": "object" - }, - "AWS::Connect::InstanceStorageConfig.KinesisFirehoseConfig": { - "additionalProperties": false, - "properties": { - "FirehoseArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the delivery stream.", - "title": "FirehoseArn", - "type": "string" - } - }, - "required": [ - "FirehoseArn" - ], - "type": "object" - }, - "AWS::Connect::InstanceStorageConfig.KinesisStreamConfig": { - "additionalProperties": false, - "properties": { - "StreamArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the data stream.", - "title": "StreamArn", - "type": "string" + "S3": { + "$ref": "#/definitions/AWS::CodeCommit::Repository.S3", + "markdownDescription": "Information about the Amazon S3 bucket that contains a ZIP file of code to be committed to the repository. Changes to this property are ignored after initial resource creation.", + "title": "S3" } }, "required": [ - "StreamArn" + "S3" ], "type": "object" }, - "AWS::Connect::InstanceStorageConfig.KinesisVideoStreamConfig": { + "AWS::CodeCommit::Repository.RepositoryTrigger": { "additionalProperties": false, "properties": { - "EncryptionConfig": { - "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig.EncryptionConfig", - "markdownDescription": "The encryption configuration.", - "title": "EncryptionConfig" + "Branches": { + "items": { + "type": "string" + }, + "markdownDescription": "The branches to be included in the trigger configuration. If you specify an empty array, the trigger applies to all branches.\n\n> Although no content is required in the array, you must include the array itself.", + "title": "Branches", + "type": "array" }, - "Prefix": { - "markdownDescription": "The prefix of the video stream.", - "title": "Prefix", + "CustomData": { + "markdownDescription": "Any custom data associated with the trigger to be included in the information sent to the target of the trigger.", + "title": "CustomData", "type": "string" }, - "RetentionPeriodHours": { - "markdownDescription": "The number of hours data is retained in the stream. Kinesis Video Streams retains the data in a data store that is associated with the stream.\n\nThe default value is 0, indicating that the stream does not persist data.", - "title": "RetentionPeriodHours", - "type": "number" - } - }, - "required": [ - "EncryptionConfig", - "Prefix", - "RetentionPeriodHours" - ], - "type": "object" - }, - "AWS::Connect::InstanceStorageConfig.S3Config": { - "additionalProperties": false, - "properties": { - "BucketName": { - "markdownDescription": "The S3 bucket name.", - "title": "BucketName", + "DestinationArn": { + "markdownDescription": "The ARN of the resource that is the target for a trigger (for example, the ARN of a topic in Amazon SNS).", + "title": "DestinationArn", "type": "string" }, - "BucketPrefix": { - "markdownDescription": "The S3 bucket prefix.", - "title": "BucketPrefix", - "type": "string" + "Events": { + "items": { + "type": "string" + }, + "markdownDescription": "The repository events that cause the trigger to run actions in another service, such as sending a notification through Amazon SNS.\n\n> The valid value \"all\" cannot be used with any other values.", + "title": "Events", + "type": "array" }, - "EncryptionConfig": { - "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig.EncryptionConfig", - "markdownDescription": "The Amazon S3 encryption configuration.", - "title": "EncryptionConfig" + "Name": { + "markdownDescription": "The name of the trigger.", + "title": "Name", + "type": "string" } }, "required": [ - "BucketName", - "BucketPrefix" + "DestinationArn", + "Events", + "Name" ], "type": "object" }, - "AWS::Connect::IntegrationAssociation": { + "AWS::CodeCommit::Repository.S3": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Bucket": { + "markdownDescription": "The name of the Amazon S3 bucket that contains the ZIP file with the content that will be committed to the new repository. This can be specified using the name of the bucket in the AWS account . Changes to this property are ignored after initial resource creation.", + "title": "Bucket", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "InstanceId": { - "markdownDescription": "The Amazon Resource Name (ARN) of the instance.\n\n*Minimum* : `1`\n\n*Maximum* : `100`", - "title": "InstanceId", - "type": "string" - }, - "IntegrationArn": { - "markdownDescription": "ARN of the integration being associated with the instance.\n\n*Minimum* : `1`\n\n*Maximum* : `140`", - "title": "IntegrationArn", - "type": "string" - }, - "IntegrationType": { - "markdownDescription": "Specifies the integration type to be associated with the instance.\n\n*Allowed Values* : `LEX_BOT` | `LAMBDA_FUNCTION`", - "title": "IntegrationType", - "type": "string" - } - }, - "required": [ - "InstanceId", - "IntegrationArn", - "IntegrationType" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Connect::IntegrationAssociation" - ], + "Key": { + "markdownDescription": "The key to use for accessing the Amazon S3 bucket. Changes to this property are ignored after initial resource creation. For more information, see [Creating object key names](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html) and [Uploading objects](https://docs.aws.amazon.com/AmazonS3/latest/userguide/upload-objects.html) in the Amazon S3 User Guide.", + "title": "Key", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ObjectVersion": { + "markdownDescription": "The object version of the ZIP file, if versioning is enabled for the Amazon S3 bucket. Changes to this property are ignored after initial resource creation.", + "title": "ObjectVersion", "type": "string" } }, "required": [ - "Type", - "Properties" + "Bucket", + "Key" ], "type": "object" }, - "AWS::Connect::PhoneNumber": { + "AWS::CodeConnections::Connection": { "additionalProperties": false, "properties": { "Condition": { @@ -50923,132 +56388,38 @@ "Properties": { "additionalProperties": false, "properties": { - "CountryCode": { - "markdownDescription": "The ISO country code.", - "title": "CountryCode", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the phone number.", - "title": "Description", + "ConnectionName": { + "markdownDescription": "The name of the connection. Connection names must be unique in an AWS account .", + "title": "ConnectionName", "type": "string" }, - "Prefix": { - "markdownDescription": "The prefix of the phone number. If provided, it must contain `+` as part of the country code.\n\n*Pattern* : `^\\\\+[0-9]{1,15}`", - "title": "Prefix", + "HostArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the host associated with the connection.", + "title": "HostArn", "type": "string" }, - "SourcePhoneNumberArn": { - "markdownDescription": "The claimed phone number ARN that was previously imported from the external service, such as AWS End User Messaging. If it is from AWS End User Messaging, it looks like the ARN of the phone number that was imported from AWS End User Messaging.", - "title": "SourcePhoneNumberArn", + "ProviderType": { + "markdownDescription": "The name of the external provider where your third-party code repository is configured.", + "title": "ProviderType", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "markdownDescription": "", "title": "Tags", "type": "array" - }, - "TargetArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for Amazon Connect instances or traffic distribution group that phone numbers are claimed to.", - "title": "TargetArn", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of phone number.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "TargetArn" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Connect::PhoneNumber" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::Connect::PredefinedAttribute": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "InstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", - "title": "InstanceArn", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the predefined attribute.", - "title": "Name", - "type": "string" - }, - "Values": { - "$ref": "#/definitions/AWS::Connect::PredefinedAttribute.Values", - "markdownDescription": "The values of a predefined attribute.", - "title": "Values" } }, "required": [ - "InstanceArn", - "Name", - "Values" + "ConnectionName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::PredefinedAttribute" + "AWS::CodeConnections::Connection" ], "type": "string" }, @@ -51067,21 +56438,7 @@ ], "type": "object" }, - "AWS::Connect::PredefinedAttribute.Values": { - "additionalProperties": false, - "properties": { - "StringList": { - "items": { - "type": "string" - }, - "markdownDescription": "Predefined attribute values of type string list.", - "title": "StringList", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Connect::Prompt": { + "AWS::CodeDeploy::Application": { "additionalProperties": false, "properties": { "Condition": { @@ -51116,44 +56473,30 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the prompt.", - "title": "Description", - "type": "string" - }, - "InstanceArn": { - "markdownDescription": "The identifier of the Amazon Connect instance.", - "title": "InstanceArn", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the prompt.", - "title": "Name", + "ApplicationName": { + "markdownDescription": "A name for the application. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the application name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> Updates to `ApplicationName` are not supported.", + "title": "ApplicationName", "type": "string" }, - "S3Uri": { - "markdownDescription": "The URI for the S3 bucket where the prompt is stored. This property is required when you create a prompt.", - "title": "S3Uri", + "ComputePlatform": { + "markdownDescription": "The compute platform that CodeDeploy deploys the application to.", + "title": "ComputePlatform", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "markdownDescription": "The metadata that you apply to CodeDeploy applications to help you organize and categorize them. Each tag consists of a key and an optional value, both of which you define.", "title": "Tags", "type": "array" } }, - "required": [ - "InstanceArn", - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::Prompt" + "AWS::CodeDeploy::Application" ], "type": "string" }, @@ -51167,12 +56510,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Connect::Queue": { + "AWS::CodeDeploy::DeploymentConfig": { "additionalProperties": false, "properties": { "Condition": { @@ -51207,68 +56549,37 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the queue.", - "title": "Description", - "type": "string" - }, - "HoursOfOperationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the hours of operation.", - "title": "HoursOfOperationArn", - "type": "string" - }, - "InstanceArn": { - "markdownDescription": "The identifier of the Amazon Connect instance.", - "title": "InstanceArn", + "ComputePlatform": { + "markdownDescription": "The destination platform type for the deployment ( `Lambda` , `Server` , or `ECS` ).", + "title": "ComputePlatform", "type": "string" }, - "MaxContacts": { - "markdownDescription": "The maximum number of contacts that can be in the queue before it is considered full.", - "title": "MaxContacts", - "type": "number" - }, - "Name": { - "markdownDescription": "The name of the queue.", - "title": "Name", + "DeploymentConfigName": { + "markdownDescription": "A name for the deployment configuration. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the deployment configuration name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "DeploymentConfigName", "type": "string" }, - "OutboundCallerConfig": { - "$ref": "#/definitions/AWS::Connect::Queue.OutboundCallerConfig", - "markdownDescription": "The outbound caller ID name, number, and outbound whisper flow.", - "title": "OutboundCallerConfig" - }, - "QuickConnectArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Names (ARN) of the of the quick connects available to agents who are working the queue.", - "title": "QuickConnectArns", - "type": "array" + "MinimumHealthyHosts": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig.MinimumHealthyHosts", + "markdownDescription": "The minimum number of healthy instances that should be available at any time during the deployment. There are two parameters expected in the input: type and value.\n\nThe type parameter takes either of the following values:\n\n- HOST_COUNT: The value parameter represents the minimum number of healthy instances as an absolute value.\n- FLEET_PERCENT: The value parameter represents the minimum number of healthy instances as a percentage of the total number of instances in the deployment. If you specify FLEET_PERCENT, at the start of the deployment, AWS CodeDeploy converts the percentage to the equivalent number of instance and rounds up fractional instances.\n\nThe value parameter takes an integer.\n\nFor example, to set a minimum of 95% healthy instance, specify a type of FLEET_PERCENT and a value of 95.\n\nFor more information about instance health, see [CodeDeploy Instance Health](https://docs.aws.amazon.com/codedeploy/latest/userguide/instances-health.html) in the AWS CodeDeploy User Guide.", + "title": "MinimumHealthyHosts" }, - "Status": { - "markdownDescription": "The status of the queue.", - "title": "Status", - "type": "string" + "TrafficRoutingConfig": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig.TrafficRoutingConfig", + "markdownDescription": "The configuration that specifies how the deployment traffic is routed.", + "title": "TrafficRoutingConfig" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"Tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", - "title": "Tags", - "type": "array" + "ZonalConfig": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig.ZonalConfig", + "markdownDescription": "Configure the `ZonalConfig` object if you want AWS CodeDeploy to deploy your application to one [Availability Zone](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#concepts-availability-zones) at a time, within an AWS Region.\n\nFor more information about the zonal configuration feature, see [zonal configuration](https://docs.aws.amazon.com/codedeploy/latest/userguide/deployment-configurations-create.html#zonal-config) in the *CodeDeploy User Guide* .", + "title": "ZonalConfig" } }, - "required": [ - "HoursOfOperationArn", - "InstanceArn", - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::Queue" + "AWS::CodeDeploy::DeploymentConfig" ], "type": "string" }, @@ -51282,208 +56593,136 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Connect::Queue.OutboundCallerConfig": { + "AWS::CodeDeploy::DeploymentConfig.MinimumHealthyHosts": { "additionalProperties": false, "properties": { - "OutboundCallerIdName": { - "markdownDescription": "The caller ID name.", - "title": "OutboundCallerIdName", - "type": "string" - }, - "OutboundCallerIdNumberArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the outbound caller ID number.\n\n> Only use the phone number ARN format that doesn't contain `instance` in the path, for example, `arn:aws:connect:us-east-1:1234567890:phone-number/uuid` . This is the same ARN format that is returned when you create a phone number using CloudFormation , or when you call the [ListPhoneNumbersV2](https://docs.aws.amazon.com/connect/latest/APIReference/API_ListPhoneNumbersV2.html) API.", - "title": "OutboundCallerIdNumberArn", + "Type": { + "markdownDescription": "The minimum healthy instance type:\n\n- HOST_COUNT: The minimum number of healthy instance as an absolute value.\n- FLEET_PERCENT: The minimum number of healthy instance as a percentage of the total number of instance in the deployment.\n\nIn an example of nine instance, if a HOST_COUNT of six is specified, deploy to up to three instances at a time. The deployment is successful if six or more instances are deployed to successfully. Otherwise, the deployment fails. If a FLEET_PERCENT of 40 is specified, deploy to up to five instance at a time. The deployment is successful if four or more instance are deployed to successfully. Otherwise, the deployment fails.\n\n> In a call to `GetDeploymentConfig` , CodeDeployDefault.OneAtATime returns a minimum healthy instance type of MOST_CONCURRENCY and a value of 1. This means a deployment to only one instance at a time. (You cannot set the type to MOST_CONCURRENCY, only to HOST_COUNT or FLEET_PERCENT.) In addition, with CodeDeployDefault.OneAtATime, AWS CodeDeploy attempts to ensure that all instances but one are kept in a healthy state during the deployment. Although this allows one instance at a time to be taken offline for a new deployment, it also means that if the deployment to the last instance fails, the overall deployment is still successful. \n\nFor more information, see [AWS CodeDeploy Instance Health](https://docs.aws.amazon.com//codedeploy/latest/userguide/instances-health.html) in the *AWS CodeDeploy User Guide* .", + "title": "Type", "type": "string" }, - "OutboundFlowArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the outbound flow.", - "title": "OutboundFlowArn", - "type": "string" + "Value": { + "markdownDescription": "The minimum healthy instance value.", + "title": "Value", + "type": "number" } }, + "required": [ + "Type", + "Value" + ], "type": "object" }, - "AWS::Connect::QuickConnect": { + "AWS::CodeDeploy::DeploymentConfig.MinimumHealthyHostsPerZone": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The description of the quick connect.", - "title": "Description", - "type": "string" - }, - "InstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", - "title": "InstanceArn", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the quick connect.", - "title": "Name", - "type": "string" - }, - "QuickConnectConfig": { - "$ref": "#/definitions/AWS::Connect::QuickConnect.QuickConnectConfig", - "markdownDescription": "Contains information about the quick connect.", - "title": "QuickConnectConfig" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"Tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "InstanceArn", - "Name", - "QuickConnectConfig" - ], - "type": "object" - }, "Type": { - "enum": [ - "AWS::Connect::QuickConnect" - ], + "markdownDescription": "The `type` associated with the `MinimumHealthyHostsPerZone` option.", + "title": "Type", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Value": { + "markdownDescription": "The `value` associated with the `MinimumHealthyHostsPerZone` option.", + "title": "Value", + "type": "number" } }, "required": [ "Type", - "Properties" + "Value" ], "type": "object" }, - "AWS::Connect::QuickConnect.PhoneNumberQuickConnectConfig": { + "AWS::CodeDeploy::DeploymentConfig.TimeBasedCanary": { "additionalProperties": false, "properties": { - "PhoneNumber": { - "markdownDescription": "The phone number in E.164 format.", - "title": "PhoneNumber", - "type": "string" + "CanaryInterval": { + "markdownDescription": "The number of minutes between the first and second traffic shifts of a `TimeBasedCanary` deployment.", + "title": "CanaryInterval", + "type": "number" + }, + "CanaryPercentage": { + "markdownDescription": "The percentage of traffic to shift in the first increment of a `TimeBasedCanary` deployment.", + "title": "CanaryPercentage", + "type": "number" } }, "required": [ - "PhoneNumber" + "CanaryInterval", + "CanaryPercentage" ], "type": "object" }, - "AWS::Connect::QuickConnect.QueueQuickConnectConfig": { + "AWS::CodeDeploy::DeploymentConfig.TimeBasedLinear": { "additionalProperties": false, "properties": { - "ContactFlowArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", - "title": "ContactFlowArn", - "type": "string" + "LinearInterval": { + "markdownDescription": "The number of minutes between each incremental traffic shift of a `TimeBasedLinear` deployment.", + "title": "LinearInterval", + "type": "number" }, - "QueueArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the queue.", - "title": "QueueArn", - "type": "string" + "LinearPercentage": { + "markdownDescription": "The percentage of traffic that is shifted at the start of each increment of a `TimeBasedLinear` deployment.", + "title": "LinearPercentage", + "type": "number" } }, "required": [ - "ContactFlowArn", - "QueueArn" + "LinearInterval", + "LinearPercentage" ], "type": "object" }, - "AWS::Connect::QuickConnect.QuickConnectConfig": { + "AWS::CodeDeploy::DeploymentConfig.TrafficRoutingConfig": { "additionalProperties": false, "properties": { - "PhoneConfig": { - "$ref": "#/definitions/AWS::Connect::QuickConnect.PhoneNumberQuickConnectConfig", - "markdownDescription": "The phone configuration. This is required only if QuickConnectType is PHONE_NUMBER.", - "title": "PhoneConfig" + "TimeBasedCanary": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig.TimeBasedCanary", + "markdownDescription": "A configuration that shifts traffic from one version of a Lambda function or ECS task set to another in two increments. The original and target Lambda function versions or ECS task sets are specified in the deployment's AppSpec file.", + "title": "TimeBasedCanary" }, - "QueueConfig": { - "$ref": "#/definitions/AWS::Connect::QuickConnect.QueueQuickConnectConfig", - "markdownDescription": "The queue configuration. This is required only if QuickConnectType is QUEUE.", - "title": "QueueConfig" + "TimeBasedLinear": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig.TimeBasedLinear", + "markdownDescription": "A configuration that shifts traffic from one version of a Lambda function or Amazon ECS task set to another in equal increments, with an equal number of minutes between each increment. The original and target Lambda function versions or Amazon ECS task sets are specified in the deployment's AppSpec file.", + "title": "TimeBasedLinear" }, - "QuickConnectType": { - "markdownDescription": "The type of quick connect. In the Amazon Connect console, when you create a quick connect, you are prompted to assign one of the following types: Agent (USER), External (PHONE_NUMBER), or Queue (QUEUE).", - "title": "QuickConnectType", + "Type": { + "markdownDescription": "The type of traffic shifting ( `TimeBasedCanary` or `TimeBasedLinear` ) used by a deployment configuration.", + "title": "Type", "type": "string" - }, - "UserConfig": { - "$ref": "#/definitions/AWS::Connect::QuickConnect.UserQuickConnectConfig", - "markdownDescription": "The user configuration. This is required only if QuickConnectType is USER.", - "title": "UserConfig" } }, "required": [ - "QuickConnectType" + "Type" ], "type": "object" }, - "AWS::Connect::QuickConnect.UserQuickConnectConfig": { + "AWS::CodeDeploy::DeploymentConfig.ZonalConfig": { "additionalProperties": false, "properties": { - "ContactFlowArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", - "title": "ContactFlowArn", - "type": "string" + "FirstZoneMonitorDurationInSeconds": { + "markdownDescription": "The period of time, in seconds, that CodeDeploy must wait after completing a deployment to the *first* Availability Zone. CodeDeploy will wait this amount of time before starting a deployment to the second Availability Zone. You might set this option if you want to allow extra bake time for the first Availability Zone. If you don't specify a value for `firstZoneMonitorDurationInSeconds` , then CodeDeploy uses the `monitorDurationInSeconds` value for the first Availability Zone.\n\nFor more information about the zonal configuration feature, see [zonal configuration](https://docs.aws.amazon.com/codedeploy/latest/userguide/deployment-configurations-create.html#zonal-config) in the *CodeDeploy User Guide* .", + "title": "FirstZoneMonitorDurationInSeconds", + "type": "number" }, - "UserArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the user.", - "title": "UserArn", - "type": "string" + "MinimumHealthyHostsPerZone": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig.MinimumHealthyHostsPerZone", + "markdownDescription": "The number or percentage of instances that must remain available per Availability Zone during a deployment. This option works in conjunction with the `MinimumHealthyHosts` option. For more information, see [About the minimum number of healthy hosts per Availability Zone](https://docs.aws.amazon.com//codedeploy/latest/userguide/instances-health.html#minimum-healthy-hosts-az) in the *CodeDeploy User Guide* .\n\nIf you don't specify the `minimumHealthyHostsPerZone` option, then CodeDeploy uses a default value of `0` percent.\n\nFor more information about the zonal configuration feature, see [zonal configuration](https://docs.aws.amazon.com/codedeploy/latest/userguide/deployment-configurations-create.html#zonal-config) in the *CodeDeploy User Guide* .", + "title": "MinimumHealthyHostsPerZone" + }, + "MonitorDurationInSeconds": { + "markdownDescription": "The period of time, in seconds, that CodeDeploy must wait after completing a deployment to an Availability Zone. CodeDeploy will wait this amount of time before starting a deployment to the next Availability Zone. Consider adding a monitor duration to give the deployment some time to prove itself (or 'bake') in one Availability Zone before it is released in the next zone. If you don't specify a `monitorDurationInSeconds` , CodeDeploy starts deploying to the next Availability Zone immediately.\n\nFor more information about the zonal configuration feature, see [zonal configuration](https://docs.aws.amazon.com/codedeploy/latest/userguide/deployment-configurations-create.html#zonal-config) in the *CodeDeploy User Guide* .", + "title": "MonitorDurationInSeconds", + "type": "number" } }, - "required": [ - "ContactFlowArn", - "UserArn" - ], "type": "object" }, - "AWS::Connect::RoutingProfile": { + "AWS::CodeDeploy::DeploymentGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -51518,68 +56757,134 @@ "Properties": { "additionalProperties": false, "properties": { - "AgentAvailabilityTimer": { - "markdownDescription": "Whether agents with this routing profile will have their routing order calculated based on *time since their last inbound contact* or *longest idle time* .", - "title": "AgentAvailabilityTimer", - "type": "string" + "AlarmConfiguration": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.AlarmConfiguration", + "markdownDescription": "Information about the Amazon CloudWatch alarms that are associated with the deployment group.", + "title": "AlarmConfiguration" }, - "DefaultOutboundQueueArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the default outbound queue for the routing profile.", - "title": "DefaultOutboundQueueArn", + "ApplicationName": { + "markdownDescription": "The name of an existing CodeDeploy application to associate this deployment group with.", + "title": "ApplicationName", "type": "string" }, - "Description": { - "markdownDescription": "The description of the routing profile.", - "title": "Description", + "AutoRollbackConfiguration": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.AutoRollbackConfiguration", + "markdownDescription": "Information about the automatic rollback configuration that is associated with the deployment group. If you specify this property, don't specify the `Deployment` property.", + "title": "AutoRollbackConfiguration" + }, + "AutoScalingGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of associated Auto Scaling groups that CodeDeploy automatically deploys revisions to when new instances are created. Duplicates are not allowed.", + "title": "AutoScalingGroups", + "type": "array" + }, + "BlueGreenDeploymentConfiguration": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.BlueGreenDeploymentConfiguration", + "markdownDescription": "Information about blue/green deployment options for a deployment group.", + "title": "BlueGreenDeploymentConfiguration" + }, + "Deployment": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.Deployment", + "markdownDescription": "The application revision to deploy to this deployment group. If you specify this property, your target application revision is deployed as soon as the provisioning process is complete. If you specify this property, don't specify the `AutoRollbackConfiguration` property.", + "title": "Deployment" + }, + "DeploymentConfigName": { + "markdownDescription": "A deployment configuration name or a predefined configuration name. With predefined configurations, you can deploy application revisions to one instance at a time ( `CodeDeployDefault.OneAtATime` ), half of the instances at a time ( `CodeDeployDefault.HalfAtATime` ), or all the instances at once ( `CodeDeployDefault.AllAtOnce` ). For more information and valid values, see [Working with Deployment Configurations](https://docs.aws.amazon.com/codedeploy/latest/userguide/deployment-configurations.html) in the *AWS CodeDeploy User Guide* .", + "title": "DeploymentConfigName", "type": "string" }, - "InstanceArn": { - "markdownDescription": "The identifier of the Amazon Connect instance.", - "title": "InstanceArn", + "DeploymentGroupName": { + "markdownDescription": "A name for the deployment group. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the deployment group name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "DeploymentGroupName", "type": "string" }, - "MediaConcurrencies": { + "DeploymentStyle": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.DeploymentStyle", + "markdownDescription": "Attributes that determine the type of deployment to run and whether to route deployment traffic behind a load balancer.\n\nIf you specify this property with a blue/green deployment type, don't specify the `AutoScalingGroups` , `LoadBalancerInfo` , or `Deployment` properties.\n\n> For blue/green deployments, AWS CloudFormation supports deployments on Lambda compute platforms only. You can perform Amazon ECS blue/green deployments using `AWS::CodeDeploy::BlueGreen` hook. See [Perform Amazon ECS blue/green deployments through CodeDeploy using AWS CloudFormation](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/blue-green.html) for more information.", + "title": "DeploymentStyle" + }, + "ECSServices": { "items": { - "$ref": "#/definitions/AWS::Connect::RoutingProfile.MediaConcurrency" + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.ECSService" }, - "markdownDescription": "The channels agents can handle in the Contact Control Panel (CCP) for this routing profile.", - "title": "MediaConcurrencies", + "markdownDescription": "The target Amazon ECS services in the deployment group. This applies only to deployment groups that use the Amazon ECS compute platform. A target Amazon ECS service is specified as an Amazon ECS cluster and service name pair using the format `:` .", + "title": "ECSServices", "type": "array" }, - "Name": { - "markdownDescription": "The name of the routing profile.", - "title": "Name", - "type": "string" + "Ec2TagFilters": { + "items": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.EC2TagFilter" + }, + "markdownDescription": "The Amazon EC2 tags that are already applied to Amazon EC2 instances that you want to include in the deployment group. CodeDeploy includes all Amazon EC2 instances identified by any of the tags you specify in this deployment group. Duplicates are not allowed.\n\nYou can specify `EC2TagFilters` or `Ec2TagSet` , but not both.", + "title": "Ec2TagFilters", + "type": "array" }, - "QueueConfigs": { + "Ec2TagSet": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.EC2TagSet", + "markdownDescription": "Information about groups of tags applied to Amazon EC2 instances. The deployment group includes only Amazon EC2 instances identified by all the tag groups. Cannot be used in the same call as `ec2TagFilter` .", + "title": "Ec2TagSet" + }, + "LoadBalancerInfo": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.LoadBalancerInfo", + "markdownDescription": "Information about the load balancer to use in a deployment. For more information, see [Integrating CodeDeploy with Elastic Load Balancing](https://docs.aws.amazon.com/codedeploy/latest/userguide/integrations-aws-elastic-load-balancing.html) in the *AWS CodeDeploy User Guide* .", + "title": "LoadBalancerInfo" + }, + "OnPremisesInstanceTagFilters": { "items": { - "$ref": "#/definitions/AWS::Connect::RoutingProfile.RoutingProfileQueueConfig" + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TagFilter" }, - "markdownDescription": "The inbound queues associated with the routing profile. If no queue is added, the agent can make only outbound calls.", - "title": "QueueConfigs", + "markdownDescription": "The on-premises instance tags already applied to on-premises instances that you want to include in the deployment group. CodeDeploy includes all on-premises instances identified by any of the tags you specify in this deployment group. To register on-premises instances with CodeDeploy , see [Working with On-Premises Instances for CodeDeploy](https://docs.aws.amazon.com/codedeploy/latest/userguide/instances-on-premises.html) in the *AWS CodeDeploy User Guide* . Duplicates are not allowed.\n\nYou can specify `OnPremisesInstanceTagFilters` or `OnPremisesInstanceTagSet` , but not both.", + "title": "OnPremisesInstanceTagFilters", "type": "array" }, + "OnPremisesTagSet": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.OnPremisesTagSet", + "markdownDescription": "Information about groups of tags applied to on-premises instances. The deployment group includes only on-premises instances identified by all the tag groups.\n\nYou can specify `OnPremisesInstanceTagFilters` or `OnPremisesInstanceTagSet` , but not both.", + "title": "OnPremisesTagSet" + }, + "OutdatedInstancesStrategy": { + "markdownDescription": "Indicates what happens when new Amazon EC2 instances are launched mid-deployment and do not receive the deployed application revision.\n\nIf this option is set to `UPDATE` or is unspecified, CodeDeploy initiates one or more 'auto-update outdated instances' deployments to apply the deployed application revision to the new Amazon EC2 instances.\n\nIf this option is set to `IGNORE` , CodeDeploy does not initiate a deployment to update the new Amazon EC2 instances. This may result in instances having different revisions.", + "title": "OutdatedInstancesStrategy", + "type": "string" + }, + "ServiceRoleArn": { + "markdownDescription": "A service role Amazon Resource Name (ARN) that grants CodeDeploy permission to make calls to AWS services on your behalf. For more information, see [Create a Service Role for AWS CodeDeploy](https://docs.aws.amazon.com/codedeploy/latest/userguide/getting-started-create-service-role.html) in the *AWS CodeDeploy User Guide* .\n\n> In some cases, you might need to add a dependency on the service role's policy. For more information, see IAM role policy in [DependsOn Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) .", + "title": "ServiceRoleArn", + "type": "string" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"Tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "markdownDescription": "The metadata that you apply to CodeDeploy deployment groups to help you organize and categorize them. Each tag consists of a key and an optional value, both of which you define.", "title": "Tags", "type": "array" + }, + "TerminationHookEnabled": { + "markdownDescription": "Indicates whether the deployment group was configured to have CodeDeploy install a termination hook into an Auto Scaling group.\n\nFor more information about the termination hook, see [How Amazon EC2 Auto Scaling works with CodeDeploy](https://docs.aws.amazon.com//codedeploy/latest/userguide/integrations-aws-auto-scaling.html#integrations-aws-auto-scaling-behaviors) in the *AWS CodeDeploy User Guide* .", + "title": "TerminationHookEnabled", + "type": "boolean" + }, + "TriggerConfigurations": { + "items": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TriggerConfig" + }, + "markdownDescription": "Information about triggers associated with the deployment group. Duplicates are not allowed", + "title": "TriggerConfigurations", + "type": "array" } }, "required": [ - "DefaultOutboundQueueArn", - "Description", - "InstanceArn", - "MediaConcurrencies", - "Name" + "ApplicationName", + "ServiceRoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::RoutingProfile" + "AWS::CodeDeploy::DeploymentGroup" ], "type": "string" }, @@ -51598,496 +56903,473 @@ ], "type": "object" }, - "AWS::Connect::RoutingProfile.CrossChannelBehavior": { + "AWS::CodeDeploy::DeploymentGroup.Alarm": { "additionalProperties": false, "properties": { - "BehaviorType": { - "markdownDescription": "Specifies the other channels that can be routed to an agent handling their current channel.", - "title": "BehaviorType", + "Name": { + "markdownDescription": "The name of the alarm. Maximum length is 255 characters. Each alarm name can be used only once in a list of alarms.", + "title": "Name", "type": "string" } }, - "required": [ - "BehaviorType" - ], "type": "object" }, - "AWS::Connect::RoutingProfile.MediaConcurrency": { + "AWS::CodeDeploy::DeploymentGroup.AlarmConfiguration": { "additionalProperties": false, "properties": { - "Channel": { - "markdownDescription": "The channels that agents can handle in the Contact Control Panel (CCP).", - "title": "Channel", - "type": "string" + "Alarms": { + "items": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.Alarm" + }, + "markdownDescription": "A list of alarms configured for the deployment or deployment group. A maximum of 10 alarms can be added.", + "title": "Alarms", + "type": "array" }, - "Concurrency": { - "markdownDescription": "The number of contacts an agent can have on a channel simultaneously.\n\nValid Range for `VOICE` : Minimum value of 1. Maximum value of 1.\n\nValid Range for `CHAT` : Minimum value of 1. Maximum value of 10.\n\nValid Range for `TASK` : Minimum value of 1. Maximum value of 10.", - "title": "Concurrency", - "type": "number" + "Enabled": { + "markdownDescription": "Indicates whether the alarm configuration is enabled.", + "title": "Enabled", + "type": "boolean" }, - "CrossChannelBehavior": { - "$ref": "#/definitions/AWS::Connect::RoutingProfile.CrossChannelBehavior", - "markdownDescription": "Defines the cross-channel routing behavior for each channel that is enabled for this Routing Profile. For example, this allows you to offer an agent a different contact from another channel when they are currently working with a contact from a Voice channel.", - "title": "CrossChannelBehavior" + "IgnorePollAlarmFailure": { + "markdownDescription": "Indicates whether a deployment should continue if information about the current state of alarms cannot be retrieved from Amazon CloudWatch . The default value is `false` .\n\n- `true` : The deployment proceeds even if alarm status information can't be retrieved from CloudWatch .\n- `false` : The deployment stops if alarm status information can't be retrieved from CloudWatch .", + "title": "IgnorePollAlarmFailure", + "type": "boolean" } }, - "required": [ - "Channel", - "Concurrency" - ], "type": "object" }, - "AWS::Connect::RoutingProfile.RoutingProfileQueueConfig": { + "AWS::CodeDeploy::DeploymentGroup.AutoRollbackConfiguration": { "additionalProperties": false, "properties": { - "Delay": { - "markdownDescription": "The delay, in seconds, a contact should be in the queue before they are routed to an available agent. For more information, see [Queues: priority and delay](https://docs.aws.amazon.com/connect/latest/adminguide/concepts-routing-profiles-priority.html) in the *Amazon Connect Administrator Guide* .", - "title": "Delay", - "type": "number" - }, - "Priority": { - "markdownDescription": "The order in which contacts are to be handled for the queue. For more information, see [Queues: priority and delay](https://docs.aws.amazon.com/connect/latest/adminguide/concepts-routing-profiles-priority.html) .", - "title": "Priority", - "type": "number" + "Enabled": { + "markdownDescription": "Indicates whether a defined automatic rollback configuration is currently enabled.", + "title": "Enabled", + "type": "boolean" }, - "QueueReference": { - "$ref": "#/definitions/AWS::Connect::RoutingProfile.RoutingProfileQueueReference", - "markdownDescription": "Contains information about a queue resource.", - "title": "QueueReference" - } - }, - "required": [ - "Delay", - "Priority", - "QueueReference" - ], + "Events": { + "items": { + "type": "string" + }, + "markdownDescription": "The event type or types that trigger a rollback. Valid values are `DEPLOYMENT_FAILURE` , `DEPLOYMENT_STOP_ON_ALARM` , or `DEPLOYMENT_STOP_ON_REQUEST` .", + "title": "Events", + "type": "array" + } + }, "type": "object" }, - "AWS::Connect::RoutingProfile.RoutingProfileQueueReference": { + "AWS::CodeDeploy::DeploymentGroup.BlueGreenDeploymentConfiguration": { "additionalProperties": false, "properties": { - "Channel": { - "markdownDescription": "The channels agents can handle in the Contact Control Panel (CCP) for this routing profile.", - "title": "Channel", + "DeploymentReadyOption": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.DeploymentReadyOption", + "markdownDescription": "Information about the action to take when newly provisioned instances are ready to receive traffic in a blue/green deployment.", + "title": "DeploymentReadyOption" + }, + "GreenFleetProvisioningOption": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.GreenFleetProvisioningOption", + "markdownDescription": "Information about how instances are provisioned for a replacement environment in a blue/green deployment.", + "title": "GreenFleetProvisioningOption" + }, + "TerminateBlueInstancesOnDeploymentSuccess": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.BlueInstanceTerminationOption", + "markdownDescription": "Information about whether to terminate instances in the original fleet during a blue/green deployment.", + "title": "TerminateBlueInstancesOnDeploymentSuccess" + } + }, + "type": "object" + }, + "AWS::CodeDeploy::DeploymentGroup.BlueInstanceTerminationOption": { + "additionalProperties": false, + "properties": { + "Action": { + "markdownDescription": "The action to take on instances in the original environment after a successful blue/green deployment.\n\n- `TERMINATE` : Instances are terminated after a specified wait time.\n- `KEEP_ALIVE` : Instances are left running after they are deregistered from the load balancer and removed from the deployment group.", + "title": "Action", "type": "string" }, - "QueueArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the queue.", - "title": "QueueArn", + "TerminationWaitTimeInMinutes": { + "markdownDescription": "For an Amazon EC2 deployment, the number of minutes to wait after a successful blue/green deployment before terminating instances from the original environment.\n\nFor an Amazon ECS deployment, the number of minutes before deleting the original (blue) task set. During an Amazon ECS deployment, CodeDeploy shifts traffic from the original (blue) task set to a replacement (green) task set.\n\nThe maximum setting is 2880 minutes (2 days).", + "title": "TerminationWaitTimeInMinutes", + "type": "number" + } + }, + "type": "object" + }, + "AWS::CodeDeploy::DeploymentGroup.Deployment": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A comment about the deployment.", + "title": "Description", "type": "string" + }, + "IgnoreApplicationStopFailures": { + "markdownDescription": "If true, then if an `ApplicationStop` , `BeforeBlockTraffic` , or `AfterBlockTraffic` deployment lifecycle event to an instance fails, then the deployment continues to the next deployment lifecycle event. For example, if `ApplicationStop` fails, the deployment continues with DownloadBundle. If `BeforeBlockTraffic` fails, the deployment continues with `BlockTraffic` . If `AfterBlockTraffic` fails, the deployment continues with `ApplicationStop` .\n\nIf false or not specified, then if a lifecycle event fails during a deployment to an instance, that deployment fails. If deployment to that instance is part of an overall deployment and the number of healthy hosts is not less than the minimum number of healthy hosts, then a deployment to the next instance is attempted.\n\nDuring a deployment, the AWS CodeDeploy agent runs the scripts specified for `ApplicationStop` , `BeforeBlockTraffic` , and `AfterBlockTraffic` in the AppSpec file from the previous successful deployment. (All other scripts are run from the AppSpec file in the current deployment.) If one of these scripts contains an error and does not run successfully, the deployment can fail.\n\nIf the cause of the failure is a script from the last successful deployment that will never run successfully, create a new deployment and use `ignoreApplicationStopFailures` to specify that the `ApplicationStop` , `BeforeBlockTraffic` , and `AfterBlockTraffic` failures should be ignored.", + "title": "IgnoreApplicationStopFailures", + "type": "boolean" + }, + "Revision": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.RevisionLocation", + "markdownDescription": "Information about the location of stored application artifacts and the service from which to retrieve them.", + "title": "Revision" } }, "required": [ - "Channel", - "QueueArn" + "Revision" ], "type": "object" }, - "AWS::Connect::Rule": { + "AWS::CodeDeploy::DeploymentGroup.DeploymentReadyOption": { "additionalProperties": false, "properties": { - "Condition": { + "ActionOnTimeout": { + "markdownDescription": "Information about when to reroute traffic from an original environment to a replacement environment in a blue/green deployment.\n\n- CONTINUE_DEPLOYMENT: Register new instances with the load balancer immediately after the new application revision is installed on the instances in the replacement environment.\n- STOP_DEPLOYMENT: Do not register new instances with a load balancer unless traffic rerouting is started using [ContinueDeployment](https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_ContinueDeployment.html) . If traffic rerouting is not started before the end of the specified wait period, the deployment status is changed to Stopped.", + "title": "ActionOnTimeout", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "WaitTimeInMinutes": { + "markdownDescription": "The number of minutes to wait before the status of a blue/green deployment is changed to Stopped if rerouting is not started manually. Applies only to the `STOP_DEPLOYMENT` option for `actionOnTimeout` .", + "title": "WaitTimeInMinutes", + "type": "number" + } + }, + "type": "object" + }, + "AWS::CodeDeploy::DeploymentGroup.DeploymentStyle": { + "additionalProperties": false, + "properties": { + "DeploymentOption": { + "markdownDescription": "Indicates whether to route deployment traffic behind a load balancer.\n\n> An Amazon EC2 Application Load Balancer or Network Load Balancer is required for an Amazon ECS deployment.", + "title": "DeploymentOption", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Actions": { - "$ref": "#/definitions/AWS::Connect::Rule.Actions", - "markdownDescription": "A list of actions to be run when the rule is triggered.", - "title": "Actions" - }, - "Function": { - "markdownDescription": "The conditions of the rule.", - "title": "Function", - "type": "string" - }, - "InstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", - "title": "InstanceArn", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the rule.", - "title": "Name", - "type": "string" - }, - "PublishStatus": { - "markdownDescription": "The publish status of the rule.\n\n*Allowed values* : `DRAFT` | `PUBLISHED`", - "title": "PublishStatus", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", - "title": "Tags", - "type": "array" - }, - "TriggerEventSource": { - "$ref": "#/definitions/AWS::Connect::Rule.RuleTriggerEventSource", - "markdownDescription": "The event source to trigger the rule.", - "title": "TriggerEventSource" - } - }, - "required": [ - "Actions", - "Function", - "InstanceArn", - "Name", - "PublishStatus", - "TriggerEventSource" - ], - "type": "object" + "DeploymentType": { + "markdownDescription": "Indicates whether to run an in-place or blue/green deployment.", + "title": "DeploymentType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CodeDeploy::DeploymentGroup.EC2TagFilter": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The tag filter key.", + "title": "Key", + "type": "string" }, "Type": { - "enum": [ - "AWS::Connect::Rule" - ], + "markdownDescription": "The tag filter type:\n\n- `KEY_ONLY` : Key only.\n- `VALUE_ONLY` : Value only.\n- `KEY_AND_VALUE` : Key and value.", + "title": "Type", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Value": { + "markdownDescription": "The tag filter value.", + "title": "Value", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Connect::Rule.Actions": { + "AWS::CodeDeploy::DeploymentGroup.EC2TagSet": { "additionalProperties": false, "properties": { - "AssignContactCategoryActions": { - "items": { - "type": "object" - }, - "markdownDescription": "Information about the contact category action. The syntax can be empty, for example, `{}` .", - "title": "AssignContactCategoryActions", - "type": "array" - }, - "CreateCaseActions": { - "items": { - "$ref": "#/definitions/AWS::Connect::Rule.CreateCaseAction" - }, - "markdownDescription": "", - "title": "CreateCaseActions", - "type": "array" - }, - "EndAssociatedTasksActions": { - "items": { - "type": "object" - }, - "markdownDescription": "", - "title": "EndAssociatedTasksActions", - "type": "array" - }, - "EventBridgeActions": { - "items": { - "$ref": "#/definitions/AWS::Connect::Rule.EventBridgeAction" - }, - "markdownDescription": "Information about the EventBridge action.", - "title": "EventBridgeActions", - "type": "array" - }, - "SendNotificationActions": { - "items": { - "$ref": "#/definitions/AWS::Connect::Rule.SendNotificationAction" - }, - "markdownDescription": "Information about the send notification action.", - "title": "SendNotificationActions", - "type": "array" - }, - "TaskActions": { - "items": { - "$ref": "#/definitions/AWS::Connect::Rule.TaskAction" - }, - "markdownDescription": "Information about the task action. This field is required if `TriggerEventSource` is one of the following values: `OnZendeskTicketCreate` | `OnZendeskTicketStatusUpdate` | `OnSalesforceCaseCreate`", - "title": "TaskActions", - "type": "array" - }, - "UpdateCaseActions": { + "Ec2TagSetList": { "items": { - "$ref": "#/definitions/AWS::Connect::Rule.UpdateCaseAction" + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.EC2TagSetListObject" }, - "markdownDescription": "", - "title": "UpdateCaseActions", + "markdownDescription": "The Amazon EC2 tags that are already applied to Amazon EC2 instances that you want to include in the deployment group. CodeDeploy includes all Amazon EC2 instances identified by any of the tags you specify in this deployment group.\n\nDuplicates are not allowed.", + "title": "Ec2TagSetList", "type": "array" } }, "type": "object" }, - "AWS::Connect::Rule.CreateCaseAction": { + "AWS::CodeDeploy::DeploymentGroup.EC2TagSetListObject": { "additionalProperties": false, "properties": { - "Fields": { + "Ec2TagGroup": { "items": { - "$ref": "#/definitions/AWS::Connect::Rule.Field" + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.EC2TagFilter" }, - "markdownDescription": "", - "title": "Fields", + "markdownDescription": "A list that contains other lists of Amazon EC2 instance tag groups. For an instance to be included in the deployment group, it must be identified by all of the tag groups in the list.", + "title": "Ec2TagGroup", "type": "array" + } + }, + "type": "object" + }, + "AWS::CodeDeploy::DeploymentGroup.ECSService": { + "additionalProperties": false, + "properties": { + "ClusterName": { + "markdownDescription": "The name of the cluster that the Amazon ECS service is associated with.", + "title": "ClusterName", + "type": "string" }, - "TemplateId": { - "markdownDescription": "", - "title": "TemplateId", + "ServiceName": { + "markdownDescription": "The name of the target Amazon ECS service.", + "title": "ServiceName", "type": "string" } }, "required": [ - "Fields", - "TemplateId" + "ClusterName", + "ServiceName" ], "type": "object" }, - "AWS::Connect::Rule.EventBridgeAction": { + "AWS::CodeDeploy::DeploymentGroup.ELBInfo": { "additionalProperties": false, "properties": { "Name": { - "markdownDescription": "The name.", + "markdownDescription": "For blue/green deployments, the name of the load balancer that is used to route traffic from original instances to replacement instances in a blue/green deployment. For in-place deployments, the name of the load balancer that instances are deregistered from so they are not serving traffic during a deployment, and then re-registered with after the deployment is complete.\n\n> AWS CloudFormation supports blue/green deployments on AWS Lambda compute platforms only.", "title": "Name", "type": "string" } }, - "required": [ - "Name" - ], "type": "object" }, - "AWS::Connect::Rule.Field": { + "AWS::CodeDeploy::DeploymentGroup.GitHubLocation": { "additionalProperties": false, "properties": { - "Id": { - "markdownDescription": "", - "title": "Id", + "CommitId": { + "markdownDescription": "The SHA1 commit ID of the GitHub commit that represents the bundled artifacts for the application revision.", + "title": "CommitId", "type": "string" }, - "Value": { - "$ref": "#/definitions/AWS::Connect::Rule.FieldValue", - "markdownDescription": "", - "title": "Value" + "Repository": { + "markdownDescription": "The GitHub account and repository pair that stores a reference to the commit that represents the bundled artifacts for the application revision.\n\nSpecify the value as `account/repository` .", + "title": "Repository", + "type": "string" } }, "required": [ - "Id", - "Value" + "CommitId", + "Repository" ], "type": "object" }, - "AWS::Connect::Rule.FieldValue": { + "AWS::CodeDeploy::DeploymentGroup.GreenFleetProvisioningOption": { "additionalProperties": false, "properties": { - "BooleanValue": { - "markdownDescription": "", - "title": "BooleanValue", - "type": "boolean" - }, - "DoubleValue": { - "markdownDescription": "", - "title": "DoubleValue", - "type": "number" - }, - "EmptyValue": { - "markdownDescription": "", - "title": "EmptyValue", - "type": "object" - }, - "StringValue": { - "markdownDescription": "", - "title": "StringValue", + "Action": { + "markdownDescription": "The method used to add instances to a replacement environment.\n\n- `DISCOVER_EXISTING` : Use instances that already exist or will be created manually.\n- `COPY_AUTO_SCALING_GROUP` : Use settings from a specified Auto Scaling group to define and create instances in a new Auto Scaling group.", + "title": "Action", "type": "string" } }, "type": "object" }, - "AWS::Connect::Rule.NotificationRecipientType": { + "AWS::CodeDeploy::DeploymentGroup.LoadBalancerInfo": { "additionalProperties": false, "properties": { - "UserArns": { + "ElbInfoList": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.ELBInfo" }, - "markdownDescription": "The Amazon Resource Name (ARN) of the user account.", - "title": "UserArns", + "markdownDescription": "An array that contains information about the load balancers to use for load balancing in a deployment. If you're using Classic Load Balancers, specify those load balancers in this array.\n\n> You can add up to 10 load balancers to the array. > If you're using Application Load Balancers or Network Load Balancers, use the `targetGroupInfoList` array instead of this one.", + "title": "ElbInfoList", "type": "array" }, - "UserTags": { - "additionalProperties": true, - "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }. Amazon Connect users with the specified tags will be notified.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "TargetGroupInfoList": { + "items": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TargetGroupInfo" }, - "title": "UserTags", - "type": "object" + "markdownDescription": "An array that contains information about the target groups to use for load balancing in a deployment. If you're using Application Load Balancers and Network Load Balancers, specify their associated target groups in this array.\n\n> You can add up to 10 target groups to the array. > If you're using Classic Load Balancers, use the `elbInfoList` array instead of this one.", + "title": "TargetGroupInfoList", + "type": "array" + }, + "TargetGroupPairInfoList": { + "items": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TargetGroupPairInfo" + }, + "markdownDescription": "The target group pair information. This is an array of `TargeGroupPairInfo` objects with a maximum size of one.", + "title": "TargetGroupPairInfoList", + "type": "array" } }, "type": "object" }, - "AWS::Connect::Rule.Reference": { + "AWS::CodeDeploy::DeploymentGroup.OnPremisesTagSet": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The type of the reference. `DATE` must be of type Epoch timestamp.\n\n*Allowed values* : `URL` | `ATTACHMENT` | `NUMBER` | `STRING` | `DATE` | `EMAIL`", - "title": "Type", - "type": "string" - }, - "Value": { - "markdownDescription": "A valid value for the reference. For example, for a URL reference, a formatted URL that is displayed to an agent in the Contact Control Panel (CCP).", - "title": "Value", - "type": "string" + "OnPremisesTagSetList": { + "items": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.OnPremisesTagSetListObject" + }, + "markdownDescription": "A list that contains other lists of on-premises instance tag groups. For an instance to be included in the deployment group, it must be identified by all of the tag groups in the list.\n\nDuplicates are not allowed.", + "title": "OnPremisesTagSetList", + "type": "array" } }, - "required": [ - "Type", - "Value" - ], "type": "object" }, - "AWS::Connect::Rule.RuleTriggerEventSource": { + "AWS::CodeDeploy::DeploymentGroup.OnPremisesTagSetListObject": { "additionalProperties": false, "properties": { - "EventSourceName": { - "markdownDescription": "The name of the event source.", - "title": "EventSourceName", - "type": "string" + "OnPremisesTagGroup": { + "items": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TagFilter" + }, + "markdownDescription": "Information about groups of on-premises instance tags.", + "title": "OnPremisesTagGroup", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CodeDeploy::DeploymentGroup.RevisionLocation": { + "additionalProperties": false, + "properties": { + "GitHubLocation": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.GitHubLocation", + "markdownDescription": "Information about the location of application artifacts stored in GitHub.", + "title": "GitHubLocation" }, - "IntegrationAssociationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the integration association. `IntegrationAssociationArn` is required if `TriggerEventSource` is one of the following values: `OnZendeskTicketCreate` | `OnZendeskTicketStatusUpdate` | `OnSalesforceCaseCreate`", - "title": "IntegrationAssociationArn", + "RevisionType": { + "markdownDescription": "The type of application revision:\n\n- S3: An application revision stored in Amazon S3.\n- GitHub: An application revision stored in GitHub (EC2/On-premises deployments only).\n- String: A YAML-formatted or JSON-formatted string ( AWS Lambda deployments only).\n- AppSpecContent: An `AppSpecContent` object that contains the contents of an AppSpec file for an AWS Lambda or Amazon ECS deployment. The content is formatted as JSON or YAML stored as a RawString.", + "title": "RevisionType", "type": "string" + }, + "S3Location": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.S3Location", + "markdownDescription": "Information about the location of a revision stored in Amazon S3.", + "title": "S3Location" } }, - "required": [ - "EventSourceName" - ], "type": "object" }, - "AWS::Connect::Rule.SendNotificationAction": { + "AWS::CodeDeploy::DeploymentGroup.S3Location": { "additionalProperties": false, "properties": { - "Content": { - "markdownDescription": "Notification content. Supports variable injection. For more information, see [JSONPath reference](https://docs.aws.amazon.com/connect/latest/adminguide/contact-lens-variable-injection.html) in the *Amazon Connect Administrators Guide* .", - "title": "Content", + "Bucket": { + "markdownDescription": "The name of the Amazon S3 bucket where the application revision is stored.", + "title": "Bucket", "type": "string" }, - "ContentType": { - "markdownDescription": "Content type format.\n\n*Allowed value* : `PLAIN_TEXT`", - "title": "ContentType", + "BundleType": { + "markdownDescription": "The file type of the application revision. Must be one of the following:\n\n- JSON\n- tar: A tar archive file.\n- tgz: A compressed tar archive file.\n- YAML\n- zip: A zip archive file.", + "title": "BundleType", "type": "string" }, - "DeliveryMethod": { - "markdownDescription": "Notification delivery method.\n\n*Allowed value* : `EMAIL`", - "title": "DeliveryMethod", + "ETag": { + "markdownDescription": "The ETag of the Amazon S3 object that represents the bundled artifacts for the application revision.\n\nIf the ETag is not specified as an input parameter, ETag validation of the object is skipped.", + "title": "ETag", "type": "string" }, - "Recipient": { - "$ref": "#/definitions/AWS::Connect::Rule.NotificationRecipientType", - "markdownDescription": "Notification recipient.", - "title": "Recipient" + "Key": { + "markdownDescription": "The name of the Amazon S3 object that represents the bundled artifacts for the application revision.", + "title": "Key", + "type": "string" }, - "Subject": { - "markdownDescription": "The subject of the email if the delivery method is `EMAIL` . Supports variable injection. For more information, see [JSONPath reference](https://docs.aws.amazon.com/connect/latest/adminguide/contact-lens-variable-injection.html) in the *Amazon Connect Administrators Guide* .", - "title": "Subject", + "Version": { + "markdownDescription": "A specific version of the Amazon S3 object that represents the bundled artifacts for the application revision.\n\nIf the version is not specified, the system uses the most recent version by default.", + "title": "Version", "type": "string" } }, "required": [ - "Content", - "ContentType", - "DeliveryMethod", - "Recipient" + "Bucket", + "Key" ], "type": "object" }, - "AWS::Connect::Rule.TaskAction": { + "AWS::CodeDeploy::DeploymentGroup.TagFilter": { "additionalProperties": false, "properties": { - "ContactFlowArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", - "title": "ContactFlowArn", + "Key": { + "markdownDescription": "The on-premises instance tag filter key.", + "title": "Key", "type": "string" }, - "Description": { - "markdownDescription": "The description. Supports variable injection. For more information, see [JSONPath reference](https://docs.aws.amazon.com/connect/latest/adminguide/contact-lens-variable-injection.html) in the *Amazon Connect Administrators Guide* .", - "title": "Description", + "Type": { + "markdownDescription": "The on-premises instance tag filter type:\n\n- KEY_ONLY: Key only.\n- VALUE_ONLY: Value only.\n- KEY_AND_VALUE: Key and value.", + "title": "Type", "type": "string" }, + "Value": { + "markdownDescription": "The on-premises instance tag filter value.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CodeDeploy::DeploymentGroup.TargetGroupInfo": { + "additionalProperties": false, + "properties": { "Name": { - "markdownDescription": "The name. Supports variable injection. For more information, see [JSONPath reference](https://docs.aws.amazon.com/connect/latest/adminguide/contact-lens-variable-injection.html) in the *Amazon Connect Administrators Guide* .", + "markdownDescription": "For blue/green deployments, the name of the target group that instances in the original environment are deregistered from, and instances in the replacement environment registered with. For in-place deployments, the name of the target group that instances are deregistered from, so they are not serving traffic during a deployment, and then re-registered with after the deployment completes. No duplicates allowed.\n\n> AWS CloudFormation supports blue/green deployments on AWS Lambda compute platforms only. \n\nThis value cannot exceed 32 characters, so you should use the `Name` property of the target group, or the `TargetGroupName` attribute with the `Fn::GetAtt` intrinsic function, as shown in the following example. Don't use the group's Amazon Resource Name (ARN) or `TargetGroupFullName` attribute.", "title": "Name", "type": "string" + } + }, + "type": "object" + }, + "AWS::CodeDeploy::DeploymentGroup.TargetGroupPairInfo": { + "additionalProperties": false, + "properties": { + "ProdTrafficRoute": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TrafficRoute", + "markdownDescription": "The path used by a load balancer to route production traffic when an Amazon ECS deployment is complete.", + "title": "ProdTrafficRoute" }, - "References": { - "additionalProperties": false, - "markdownDescription": "Information about the reference when the `referenceType` is `URL` . Otherwise, null. `URL` is the only accepted type. (Supports variable injection in the `Value` field.)", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::Connect::Rule.Reference" - } + "TargetGroups": { + "items": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TargetGroupInfo" }, - "title": "References", - "type": "object" + "markdownDescription": "One pair of target groups. One is associated with the original task set. The second is associated with the task set that serves traffic after the deployment is complete.", + "title": "TargetGroups", + "type": "array" + }, + "TestTrafficRoute": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TrafficRoute", + "markdownDescription": "An optional path used by a load balancer to route test traffic after an Amazon ECS deployment. Validation can occur while test traffic is served during a deployment.", + "title": "TestTrafficRoute" } }, - "required": [ - "ContactFlowArn", - "Name" - ], "type": "object" }, - "AWS::Connect::Rule.UpdateCaseAction": { + "AWS::CodeDeploy::DeploymentGroup.TrafficRoute": { "additionalProperties": false, "properties": { - "Fields": { + "ListenerArns": { "items": { - "$ref": "#/definitions/AWS::Connect::Rule.Field" + "type": "string" }, - "markdownDescription": "", - "title": "Fields", + "markdownDescription": "The Amazon Resource Name (ARN) of one listener. The listener identifies the route between a target group and a load balancer. This is an array of strings with a maximum size of one.", + "title": "ListenerArns", "type": "array" } }, - "required": [ - "Fields" - ], "type": "object" }, - "AWS::Connect::SecurityKey": { + "AWS::CodeDeploy::DeploymentGroup.TriggerConfig": { + "additionalProperties": false, + "properties": { + "TriggerEvents": { + "items": { + "type": "string" + }, + "markdownDescription": "The event type or types that trigger notifications.", + "title": "TriggerEvents", + "type": "array" + }, + "TriggerName": { + "markdownDescription": "The name of the notification trigger.", + "title": "TriggerName", + "type": "string" + }, + "TriggerTargetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Simple Notification Service topic through which notifications about deployment or instance events are sent.", + "title": "TriggerTargetArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CodeGuruProfiler::ProfilingGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -52122,26 +57404,46 @@ "Properties": { "additionalProperties": false, "properties": { - "InstanceId": { - "markdownDescription": "The Amazon Resource Name (ARN) of the instance.\n\n*Minimum* : `1`\n\n*Maximum* : `100`", - "title": "InstanceId", + "AgentPermissions": { + "$ref": "#/definitions/AWS::CodeGuruProfiler::ProfilingGroup.AgentPermissions", + "markdownDescription": "The agent permissions attached to this profiling group. This action group grants `ConfigureAgent` and `PostAgentProfile` permissions to perform actions required by the profiling agent. The Json consists of key `Principals` .\n\n*Principals* : A list of string ARNs for the roles and users you want to grant access to the profiling group. Wildcards are not supported in the ARNs. You are allowed to provide up to 50 ARNs. An empty list is not permitted. This is a required key.\n\nFor more information, see [Resource-based policies in CodeGuru Profiler](https://docs.aws.amazon.com/codeguru/latest/profiler-ug/resource-based-policies.html) in the *Amazon CodeGuru Profiler user guide* , [ConfigureAgent](https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_ConfigureAgent.html) , and [PostAgentProfile](https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_PostAgentProfile.html) .", + "title": "AgentPermissions" + }, + "AnomalyDetectionNotificationConfiguration": { + "items": { + "$ref": "#/definitions/AWS::CodeGuruProfiler::ProfilingGroup.Channel" + }, + "markdownDescription": "Adds anomaly notifications for a profiling group.", + "title": "AnomalyDetectionNotificationConfiguration", + "type": "array" + }, + "ComputePlatform": { + "markdownDescription": "The compute platform of the profiling group. Use `AWSLambda` if your application runs on AWS Lambda. Use `Default` if your application runs on a compute platform that is not AWS Lambda , such an Amazon EC2 instance, an on-premises server, or a different platform. If not specified, `Default` is used. This property is immutable.", + "title": "ComputePlatform", "type": "string" }, - "Key": { - "markdownDescription": "A valid security key in PEM format. For example:\n\n`\"-----BEGIN PUBLIC KEY-----\\ [a lot of characters] ----END PUBLIC KEY-----\"`\n\n*Minimum* : `1`\n\n*Maximum* : `1024`", - "title": "Key", + "ProfilingGroupName": { + "markdownDescription": "The name of the profiling group.", + "title": "ProfilingGroupName", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags to add to the created profiling group.", + "title": "Tags", + "type": "array" } }, "required": [ - "InstanceId", - "Key" + "ProfilingGroupName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::SecurityKey" + "AWS::CodeGuruProfiler::ProfilingGroup" ], "type": "string" }, @@ -52160,7 +57462,43 @@ ], "type": "object" }, - "AWS::Connect::SecurityProfile": { + "AWS::CodeGuruProfiler::ProfilingGroup.AgentPermissions": { + "additionalProperties": false, + "properties": { + "Principals": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "Principals", + "type": "array" + } + }, + "required": [ + "Principals" + ], + "type": "object" + }, + "AWS::CodeGuruProfiler::ProfilingGroup.Channel": { + "additionalProperties": false, + "properties": { + "channelId": { + "markdownDescription": "The channel ID.", + "title": "channelId", + "type": "string" + }, + "channelUri": { + "markdownDescription": "The channel URI.", + "title": "channelUri", + "type": "string" + } + }, + "required": [ + "channelUri" + ], + "type": "object" + }, + "AWS::CodeGuruReviewer::RepositoryAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -52195,84 +57533,49 @@ "Properties": { "additionalProperties": false, "properties": { - "AllowedAccessControlHierarchyGroupId": { - "markdownDescription": "The identifier of the hierarchy group that a security profile uses to restrict access to resources in Amazon Connect.", - "title": "AllowedAccessControlHierarchyGroupId", + "BucketName": { + "markdownDescription": "The name of the bucket. This is required for your S3Bucket repository. The name must start with the prefix `codeguru-reviewer-*` .", + "title": "BucketName", "type": "string" }, - "AllowedAccessControlTags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The list of tags that a security profile uses to restrict access to resources in Amazon Connect.", - "title": "AllowedAccessControlTags", - "type": "array" - }, - "Applications": { - "items": { - "$ref": "#/definitions/AWS::Connect::SecurityProfile.Application" - }, - "markdownDescription": "", - "title": "Applications", - "type": "array" - }, - "Description": { - "markdownDescription": "The description of the security profile.", - "title": "Description", + "ConnectionArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS CodeStar Connections connection. Its format is `arn:aws:codestar-connections:region-id:aws-account_id:connection/connection-id` . For more information, see [Connection](https://docs.aws.amazon.com/codestar-connections/latest/APIReference/API_Connection.html) in the *AWS CodeStar Connections API Reference* .\n\n`ConnectionArn` must be specified for Bitbucket and GitHub Enterprise Server repositories. It has no effect if it is specified for an AWS CodeCommit repository.", + "title": "ConnectionArn", "type": "string" }, - "HierarchyRestrictedResources": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of resources that a security profile applies hierarchy restrictions to in Amazon Connect. Following are acceptable ResourceNames: `User` .", - "title": "HierarchyRestrictedResources", - "type": "array" - }, - "InstanceArn": { - "markdownDescription": "The identifier of the Amazon Connect instance.", - "title": "InstanceArn", + "Name": { + "markdownDescription": "The name of the repository.", + "title": "Name", "type": "string" }, - "Permissions": { - "items": { - "type": "string" - }, - "markdownDescription": "Permissions assigned to the security profile. For a list of valid permissions, see [List of security profile permissions](https://docs.aws.amazon.com/connect/latest/adminguide/security-profile-list.html) .", - "title": "Permissions", - "type": "array" - }, - "SecurityProfileName": { - "markdownDescription": "The name for the security profile.", - "title": "SecurityProfileName", + "Owner": { + "markdownDescription": "The owner of the repository. For a GitHub Enterprise Server or Bitbucket repository, this is the username for the account that owns the repository.\n\n`Owner` must be specified for Bitbucket and GitHub Enterprise Server repositories. It has no effect if it is specified for an AWS CodeCommit repository.", + "title": "Owner", "type": "string" }, - "TagRestrictedResources": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of resources that a security profile applies tag restrictions to in Amazon Connect.", - "title": "TagRestrictedResources", - "type": "array" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"Tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "markdownDescription": "An array of key-value pairs used to tag an associated repository. A tag is a custom attribute label with two parts:\n\n- A *tag key* (for example, `CostCenter` , `Environment` , `Project` , or `Secret` ). Tag keys are case sensitive.\n- An optional field known as a *tag value* (for example, `111122223333` , `Production` , or a team name). Omitting the tag value is the same as using an empty string. Like tag keys, tag values are case sensitive.", "title": "Tags", "type": "array" + }, + "Type": { + "markdownDescription": "The type of repository that contains the source code to be reviewed. The valid values are:\n\n- `CodeCommit`\n- `Bitbucket`\n- `GitHubEnterpriseServer`\n- `S3Bucket`", + "title": "Type", + "type": "string" } }, "required": [ - "InstanceArn", - "SecurityProfileName" + "Name", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::SecurityProfile" + "AWS::CodeGuruReviewer::RepositoryAssociation" ], "type": "string" }, @@ -52291,30 +57594,7 @@ ], "type": "object" }, - "AWS::Connect::SecurityProfile.Application": { - "additionalProperties": false, - "properties": { - "ApplicationPermissions": { - "items": { - "type": "string" - }, - "markdownDescription": "The permissions that the agent is granted on the application. Only the `ACCESS` permission is supported.", - "title": "ApplicationPermissions", - "type": "array" - }, - "Namespace": { - "markdownDescription": "Namespace of the application that you want to give access to.", - "title": "Namespace", - "type": "string" - } - }, - "required": [ - "ApplicationPermissions", - "Namespace" - ], - "type": "object" - }, - "AWS::Connect::TaskTemplate": { + "AWS::CodePipeline::CustomActionType": { "additionalProperties": false, "properties": { "Condition": { @@ -52349,74 +57629,65 @@ "Properties": { "additionalProperties": false, "properties": { - "ClientToken": { - "markdownDescription": "A unique, case-sensitive identifier that you provide to ensure the idempotency of the request.", - "title": "ClientToken", - "type": "string" - }, - "Constraints": { - "$ref": "#/definitions/AWS::Connect::TaskTemplate.Constraints", - "markdownDescription": "Constraints that are applicable to the fields listed.\n\nThe values can be represented in either JSON or YAML format. For an example of the JSON configuration, see *Examples* at the bottom of this page.", - "title": "Constraints" - }, - "ContactFlowArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the flow that runs by default when a task is created by referencing this template. `ContactFlowArn` is not required when there is a field with `fieldType` = `QUICK_CONNECT` .", - "title": "ContactFlowArn", + "Category": { + "markdownDescription": "The category of the custom action, such as a build action or a test action.", + "title": "Category", "type": "string" }, - "Defaults": { + "ConfigurationProperties": { "items": { - "$ref": "#/definitions/AWS::Connect::TaskTemplate.DefaultFieldValue" + "$ref": "#/definitions/AWS::CodePipeline::CustomActionType.ConfigurationProperties" }, - "markdownDescription": "The default values for fields when a task is created by referencing this template.", - "title": "Defaults", + "markdownDescription": "The configuration properties for the custom action.\n\n> You can refer to a name in the configuration properties of the custom action within the URL templates by following the format of {Config:name}, as long as the configuration property is both required and not secret. For more information, see [Create a Custom Action for a Pipeline](https://docs.aws.amazon.com/codepipeline/latest/userguide/how-to-create-custom-action.html) .", + "title": "ConfigurationProperties", "type": "array" }, - "Description": { - "markdownDescription": "The description of the task template.", - "title": "Description", - "type": "string" - }, - "Fields": { - "items": { - "$ref": "#/definitions/AWS::Connect::TaskTemplate.Field" - }, - "markdownDescription": "Fields that are part of the template. A template requires at least one field that has type `Name` .", - "title": "Fields", - "type": "array" + "InputArtifactDetails": { + "$ref": "#/definitions/AWS::CodePipeline::CustomActionType.ArtifactDetails", + "markdownDescription": "The details of the input artifact for the action, such as its commit ID.", + "title": "InputArtifactDetails" }, - "InstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Connect instance.", - "title": "InstanceArn", - "type": "string" + "OutputArtifactDetails": { + "$ref": "#/definitions/AWS::CodePipeline::CustomActionType.ArtifactDetails", + "markdownDescription": "The details of the output artifact of the action, such as its commit ID.", + "title": "OutputArtifactDetails" }, - "Name": { - "markdownDescription": "The name of the task template.", - "title": "Name", + "Provider": { + "markdownDescription": "The provider of the service used in the custom action, such as CodeDeploy.", + "title": "Provider", "type": "string" }, - "Status": { - "markdownDescription": "The status of the task template.", - "title": "Status", - "type": "string" + "Settings": { + "$ref": "#/definitions/AWS::CodePipeline::CustomActionType.Settings", + "markdownDescription": "URLs that provide users information about this custom action.", + "title": "Settings" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "markdownDescription": "The tags for the custom action.", "title": "Tags", "type": "array" + }, + "Version": { + "markdownDescription": "The version identifier of the custom action.", + "title": "Version", + "type": "string" } }, "required": [ - "InstanceArn" + "Category", + "InputArtifactDetails", + "OutputArtifactDetails", + "Provider", + "Version" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::TaskTemplate" + "AWS::CodePipeline::CustomActionType" ], "type": "string" }, @@ -52435,146 +57706,100 @@ ], "type": "object" }, - "AWS::Connect::TaskTemplate.Constraints": { - "additionalProperties": false, - "properties": { - "InvisibleFields": { - "items": { - "$ref": "#/definitions/AWS::Connect::TaskTemplate.InvisibleFieldInfo" - }, - "markdownDescription": "Lists the fields that are invisible to agents.", - "title": "InvisibleFields", - "type": "array" - }, - "ReadOnlyFields": { - "items": { - "$ref": "#/definitions/AWS::Connect::TaskTemplate.ReadOnlyFieldInfo" - }, - "markdownDescription": "Lists the fields that are read-only to agents, and cannot be edited.", - "title": "ReadOnlyFields", - "type": "array" - }, - "RequiredFields": { - "items": { - "$ref": "#/definitions/AWS::Connect::TaskTemplate.RequiredFieldInfo" - }, - "markdownDescription": "Lists the fields that are required to be filled by agents.", - "title": "RequiredFields", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Connect::TaskTemplate.DefaultFieldValue": { + "AWS::CodePipeline::CustomActionType.ArtifactDetails": { "additionalProperties": false, "properties": { - "DefaultValue": { - "markdownDescription": "Default value for the field.", - "title": "DefaultValue", - "type": "string" + "MaximumCount": { + "markdownDescription": "The maximum number of artifacts allowed for the action type.", + "title": "MaximumCount", + "type": "number" }, - "Id": { - "$ref": "#/definitions/AWS::Connect::TaskTemplate.FieldIdentifier", - "markdownDescription": "Identifier of a field.", - "title": "Id" + "MinimumCount": { + "markdownDescription": "The minimum number of artifacts allowed for the action type.", + "title": "MinimumCount", + "type": "number" } }, "required": [ - "DefaultValue", - "Id" + "MaximumCount", + "MinimumCount" ], "type": "object" }, - "AWS::Connect::TaskTemplate.Field": { + "AWS::CodePipeline::CustomActionType.ConfigurationProperties": { "additionalProperties": false, "properties": { "Description": { - "markdownDescription": "The description of the field.", + "markdownDescription": "The description of the action configuration property that is displayed to users.", "title": "Description", "type": "string" }, - "Id": { - "$ref": "#/definitions/AWS::Connect::TaskTemplate.FieldIdentifier", - "markdownDescription": "The unique identifier for the field.", - "title": "Id" + "Key": { + "markdownDescription": "Whether the configuration property is a key.", + "title": "Key", + "type": "boolean" }, - "SingleSelectOptions": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of options for a single select field.", - "title": "SingleSelectOptions", - "type": "array" + "Name": { + "markdownDescription": "The name of the action configuration property.", + "title": "Name", + "type": "string" + }, + "Queryable": { + "markdownDescription": "Indicates that the property is used with `PollForJobs` . When creating a custom action, an action can have up to one queryable property. If it has one, that property must be both required and not secret.\n\nIf you create a pipeline with a custom action type, and that custom action contains a queryable property, the value for that configuration property is subject to other restrictions. The value must be less than or equal to twenty (20) characters. The value can contain only alphanumeric characters, underscores, and hyphens.", + "title": "Queryable", + "type": "boolean" + }, + "Required": { + "markdownDescription": "Whether the configuration property is a required value.", + "title": "Required", + "type": "boolean" + }, + "Secret": { + "markdownDescription": "Whether the configuration property is secret. Secrets are hidden from all calls except for `GetJobDetails` , `GetThirdPartyJobDetails` , `PollForJobs` , and `PollForThirdPartyJobs` .\n\nWhen updating a pipeline, passing * * * * * without changing any other values of the action preserves the previous value of the secret.", + "title": "Secret", + "type": "boolean" }, "Type": { - "markdownDescription": "Indicates the type of field. Following are the valid field types: `NAME` `DESCRIPTION` | `SCHEDULED_TIME` | `QUICK_CONNECT` | `URL` | `NUMBER` | `TEXT` | `TEXT_AREA` | `DATE_TIME` | `BOOLEAN` | `SINGLE_SELECT` | `EMAIL`", + "markdownDescription": "The type of the configuration property.", "title": "Type", "type": "string" } }, "required": [ - "Id", - "Type" + "Key", + "Name", + "Required", + "Secret" ], "type": "object" }, - "AWS::Connect::TaskTemplate.FieldIdentifier": { + "AWS::CodePipeline::CustomActionType.Settings": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the task template field.", - "title": "Name", + "EntityUrlTemplate": { + "markdownDescription": "The URL returned to the CodePipeline console that provides a deep link to the resources of the external system, such as the configuration page for a CodeDeploy deployment group. This link is provided as part of the action display in the pipeline.", + "title": "EntityUrlTemplate", + "type": "string" + }, + "ExecutionUrlTemplate": { + "markdownDescription": "The URL returned to the CodePipeline console that contains a link to the top-level landing page for the external system, such as the console page for CodeDeploy. This link is shown on the pipeline view page in the CodePipeline console and provides a link to the execution entity of the external action.", + "title": "ExecutionUrlTemplate", + "type": "string" + }, + "RevisionUrlTemplate": { + "markdownDescription": "The URL returned to the CodePipeline console that contains a link to the page where customers can update or change the configuration of the external action.", + "title": "RevisionUrlTemplate", + "type": "string" + }, + "ThirdPartyConfigurationUrl": { + "markdownDescription": "The URL of a sign-up page where users can sign up for an external service and perform initial configuration of the action provided by that service.", + "title": "ThirdPartyConfigurationUrl", "type": "string" } }, - "required": [ - "Name" - ], - "type": "object" - }, - "AWS::Connect::TaskTemplate.InvisibleFieldInfo": { - "additionalProperties": false, - "properties": { - "Id": { - "$ref": "#/definitions/AWS::Connect::TaskTemplate.FieldIdentifier", - "markdownDescription": "Identifier of the invisible field.", - "title": "Id" - } - }, - "required": [ - "Id" - ], - "type": "object" - }, - "AWS::Connect::TaskTemplate.ReadOnlyFieldInfo": { - "additionalProperties": false, - "properties": { - "Id": { - "$ref": "#/definitions/AWS::Connect::TaskTemplate.FieldIdentifier", - "markdownDescription": "Identifier of the read-only field.", - "title": "Id" - } - }, - "required": [ - "Id" - ], - "type": "object" - }, - "AWS::Connect::TaskTemplate.RequiredFieldInfo": { - "additionalProperties": false, - "properties": { - "Id": { - "$ref": "#/definitions/AWS::Connect::TaskTemplate.FieldIdentifier", - "markdownDescription": "The unique identifier for the field.", - "title": "Id" - } - }, - "required": [ - "Id" - ], "type": "object" }, - "AWS::Connect::TrafficDistributionGroup": { + "AWS::CodePipeline::Pipeline": { "additionalProperties": false, "properties": { "Condition": { @@ -52609,169 +57834,94 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the traffic distribution group.", - "title": "Description", - "type": "string" - }, - "InstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN).", - "title": "InstanceArn", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the traffic distribution group.", - "title": "Name", - "type": "string" + "ArtifactStore": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.ArtifactStore", + "markdownDescription": "The S3 bucket where artifacts for the pipeline are stored.\n\n> You must include either `artifactStore` or `artifactStores` in your pipeline, but you cannot use both. If you create a cross-region action in your pipeline, you must use `artifactStores` .", + "title": "ArtifactStore" }, - "Tags": { + "ArtifactStores": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.ArtifactStoreMap" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, {\"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", - "title": "Tags", + "markdownDescription": "A mapping of `artifactStore` objects and their corresponding AWS Regions. There must be an artifact store for the pipeline Region and for each cross-region action in the pipeline.\n\n> You must include either `artifactStore` or `artifactStores` in your pipeline, but you cannot use both. If you create a cross-region action in your pipeline, you must use `artifactStores` .", + "title": "ArtifactStores", "type": "array" - } - }, - "required": [ - "InstanceArn", - "Name" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Connect::TrafficDistributionGroup" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::Connect::User": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" }, - { + "DisableInboundStageTransitions": { "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.StageTransition" }, + "markdownDescription": "Represents the input of a `DisableStageTransition` action.", + "title": "DisableInboundStageTransitions", "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DirectoryUserId": { - "markdownDescription": "The identifier of the user account in the directory used for identity management.", - "title": "DirectoryUserId", - "type": "string" }, - "HierarchyGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the user's hierarchy group.", - "title": "HierarchyGroupArn", + "ExecutionMode": { + "markdownDescription": "The method that the pipeline will use to handle multiple executions. The default mode is SUPERSEDED.", + "title": "ExecutionMode", "type": "string" }, - "IdentityInfo": { - "$ref": "#/definitions/AWS::Connect::User.UserIdentityInfo", - "markdownDescription": "Information about the user identity.", - "title": "IdentityInfo" - }, - "InstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", - "title": "InstanceArn", + "Name": { + "markdownDescription": "The name of the pipeline.", + "title": "Name", "type": "string" }, - "Password": { - "markdownDescription": "The user's password.", - "title": "Password", + "PipelineType": { + "markdownDescription": "CodePipeline provides the following pipeline types, which differ in characteristics and price, so that you can tailor your pipeline features and cost to the needs of your applications.\n\n- V1 type pipelines have a JSON structure that contains standard pipeline, stage, and action-level parameters.\n- V2 type pipelines have the same structure as a V1 type, along with additional parameters for release safety and trigger configuration.\n\n> Including V2 parameters, such as triggers on Git tags, in the pipeline JSON when creating or updating a pipeline will result in the pipeline having the V2 type of pipeline and the associated costs. \n\nFor information about pricing for CodePipeline, see [Pricing](https://docs.aws.amazon.com/codepipeline/pricing/) .\n\nFor information about which type of pipeline to choose, see [What type of pipeline is right for me?](https://docs.aws.amazon.com/codepipeline/latest/userguide/pipeline-types-planning.html) .", + "title": "PipelineType", "type": "string" }, - "PhoneConfig": { - "$ref": "#/definitions/AWS::Connect::User.UserPhoneConfig", - "markdownDescription": "Information about the phone configuration for the user.", - "title": "PhoneConfig" + "RestartExecutionOnUpdate": { + "markdownDescription": "Indicates whether to rerun the CodePipeline pipeline after you update it.", + "title": "RestartExecutionOnUpdate", + "type": "boolean" }, - "RoutingProfileArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the user's routing profile.", - "title": "RoutingProfileArn", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for CodePipeline to use to either perform actions with no `actionRoleArn` , or to use to assume roles for actions with an `actionRoleArn` .", + "title": "RoleArn", "type": "string" }, - "SecurityProfileArns": { + "Stages": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.StageDeclaration" }, - "markdownDescription": "The Amazon Resource Name (ARN) of the user's security profile.", - "title": "SecurityProfileArns", + "markdownDescription": "Represents information about a stage and its definition.", + "title": "Stages", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags.", + "markdownDescription": "Specifies the tags applied to the pipeline.", "title": "Tags", "type": "array" }, - "UserProficiencies": { + "Triggers": { "items": { - "$ref": "#/definitions/AWS::Connect::User.UserProficiency" + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.PipelineTriggerDeclaration" }, - "markdownDescription": "One or more predefined attributes assigned to a user, with a numeric value that indicates how their level of skill in a specified area.", - "title": "UserProficiencies", + "markdownDescription": "The trigger configuration specifying a type of event, such as Git tags, that starts the pipeline.\n\n> When a trigger configuration is specified, default change detection for repository and branch commits is disabled.", + "title": "Triggers", "type": "array" }, - "Username": { - "markdownDescription": "The user name assigned to the user account.", - "title": "Username", - "type": "string" + "Variables": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.VariableDeclaration" + }, + "markdownDescription": "A list that defines the pipeline variables for a pipeline resource. Variable names can have alphanumeric and underscore characters, and the values must match `[A-Za-z0-9@\\-_]+` .", + "title": "Variables", + "type": "array" } }, "required": [ - "InstanceArn", - "PhoneConfig", - "RoutingProfileArn", - "SecurityProfileArns", - "Username" + "RoleArn", + "Stages" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::User" + "AWS::CodePipeline::Pipeline" ], "type": "string" }, @@ -52790,93 +57940,680 @@ ], "type": "object" }, - "AWS::Connect::User.UserIdentityInfo": { + "AWS::CodePipeline::Pipeline.ActionDeclaration": { "additionalProperties": false, "properties": { - "Email": { - "markdownDescription": "The email address. If you are using SAML for identity management and include this parameter, an error is returned.", - "title": "Email", + "ActionTypeId": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.ActionTypeId", + "markdownDescription": "Specifies the action type and the provider of the action.", + "title": "ActionTypeId" + }, + "Commands": { + "items": { + "type": "string" + }, + "markdownDescription": "The shell commands to run with your compute action in CodePipeline. All commands are supported except multi-line formats. While CodeBuild logs and permissions are used, you do not need to create any resources in CodeBuild.\n\n> Using compute time for this action will incur separate charges in AWS CodeBuild .", + "title": "Commands", + "type": "array" + }, + "Configuration": { + "markdownDescription": "The action's configuration. These are key-value pairs that specify input values for an action. For more information, see [Action Structure Requirements in CodePipeline](https://docs.aws.amazon.com/codepipeline/latest/userguide/reference-pipeline-structure.html#action-requirements) . For the list of configuration properties for the AWS CloudFormation action type in CodePipeline, see [Configuration Properties Reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/continuous-delivery-codepipeline-action-reference.html) in the *AWS CloudFormation User Guide* . For template snippets with examples, see [Using Parameter Override Functions with CodePipeline Pipelines](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/continuous-delivery-codepipeline-parameter-override-functions.html) in the *AWS CloudFormation User Guide* .\n\nThe values can be represented in either JSON or YAML format. For example, the JSON configuration item format is as follows:\n\n*JSON:*\n\n`\"Configuration\" : { Key : Value },`", + "title": "Configuration", + "type": "object" + }, + "EnvironmentVariables": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.EnvironmentVariable" + }, + "markdownDescription": "The environment variables for the action.", + "title": "EnvironmentVariables", + "type": "array" + }, + "InputArtifacts": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.InputArtifact" + }, + "markdownDescription": "The name or ID of the artifact consumed by the action, such as a test or build artifact. While the field is not a required parameter, most actions have an action configuration that requires a specified quantity of input artifacts. To refer to the action configuration specification by action provider, see the [Action structure reference](https://docs.aws.amazon.com/codepipeline/latest/userguide/action-reference.html) in the *AWS CodePipeline User Guide* .\n\n> For a CodeBuild action with multiple input artifacts, one of your input sources must be designated the PrimarySource. For more information, see the [CodeBuild action reference page](https://docs.aws.amazon.com/codepipeline/latest/userguide/action-reference-CodeBuild.html) in the *AWS CodePipeline User Guide* .", + "title": "InputArtifacts", + "type": "array" + }, + "Name": { + "markdownDescription": "The action declaration's name.", + "title": "Name", "type": "string" }, - "FirstName": { - "markdownDescription": "The first name. This is required if you are using Amazon Connect or SAML for identity management. Inputs must be in Unicode Normalization Form C (NFC). Text containing characters in a non-NFC form (for example, decomposed characters or combining marks) are not accepted.", - "title": "FirstName", + "Namespace": { + "markdownDescription": "The variable namespace associated with the action. All variables produced as output by this action fall under this namespace.", + "title": "Namespace", "type": "string" }, - "LastName": { - "markdownDescription": "The last name. This is required if you are using Amazon Connect or SAML for identity management. Inputs must be in Unicode Normalization Form C (NFC). Text containing characters in a non-NFC form (for example, decomposed characters or combining marks) are not accepted.", - "title": "LastName", + "OutputArtifacts": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.OutputArtifact" + }, + "markdownDescription": "The name or ID of the result of the action declaration, such as a test or build artifact. While the field is not a required parameter, most actions have an action configuration that requires a specified quantity of output artifacts. To refer to the action configuration specification by action provider, see the [Action structure reference](https://docs.aws.amazon.com/codepipeline/latest/userguide/action-reference.html) in the *AWS CodePipeline User Guide* .", + "title": "OutputArtifacts", + "type": "array" + }, + "OutputVariables": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of variables that are to be exported from the compute action. This is specifically CodeBuild environment variables as used for that action.", + "title": "OutputVariables", + "type": "array" + }, + "Region": { + "markdownDescription": "The action declaration's AWS Region, such as us-east-1.", + "title": "Region", "type": "string" }, - "Mobile": { - "markdownDescription": "The user's mobile number.", - "title": "Mobile", + "RoleArn": { + "markdownDescription": "The ARN of the IAM service role that performs the declared action. This is assumed through the roleArn for the pipeline.", + "title": "RoleArn", "type": "string" }, - "SecondaryEmail": { - "markdownDescription": "The user's secondary email address. If you provide a secondary email, the user receives email notifications -- other than password reset notifications -- to this email address instead of to their primary email address.\n\n*Pattern* : `(?=^.{0,265}$)[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,63}`", - "title": "SecondaryEmail", + "RunOrder": { + "markdownDescription": "The order in which actions are run.", + "title": "RunOrder", + "type": "number" + }, + "TimeoutInMinutes": { + "markdownDescription": "A timeout duration in minutes that can be applied against the ActionType\u2019s default timeout value specified in [Quotas for AWS CodePipeline](https://docs.aws.amazon.com/codepipeline/latest/userguide/limits.html) . This attribute is available only to the manual approval ActionType.", + "title": "TimeoutInMinutes", + "type": "number" + } + }, + "required": [ + "ActionTypeId", + "Name" + ], + "type": "object" + }, + "AWS::CodePipeline::Pipeline.ActionTypeId": { + "additionalProperties": false, + "properties": { + "Category": { + "markdownDescription": "A category defines what kind of action can be taken in the stage, and constrains the provider type for the action. Valid categories are limited to one of the values below.\n\n- `Source`\n- `Build`\n- `Test`\n- `Deploy`\n- `Invoke`\n- `Approval`\n- `Compute`", + "title": "Category", + "type": "string" + }, + "Owner": { + "markdownDescription": "The creator of the action being called. There are three valid values for the `Owner` field in the action category section within your pipeline structure: `AWS` , `ThirdParty` , and `Custom` . For more information, see [Valid Action Types and Providers in CodePipeline](https://docs.aws.amazon.com/codepipeline/latest/userguide/reference-pipeline-structure.html#actions-valid-providers) .", + "title": "Owner", + "type": "string" + }, + "Provider": { + "markdownDescription": "The provider of the service being called by the action. Valid providers are determined by the action category. For example, an action in the Deploy category type might have a provider of CodeDeploy, which would be specified as `CodeDeploy` . For more information, see [Valid Action Types and Providers in CodePipeline](https://docs.aws.amazon.com/codepipeline/latest/userguide/reference-pipeline-structure.html#actions-valid-providers) .", + "title": "Provider", + "type": "string" + }, + "Version": { + "markdownDescription": "A string that describes the action version.", + "title": "Version", + "type": "string" + } + }, + "required": [ + "Category", + "Owner", + "Provider", + "Version" + ], + "type": "object" + }, + "AWS::CodePipeline::Pipeline.ArtifactStore": { + "additionalProperties": false, + "properties": { + "EncryptionKey": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.EncryptionKey", + "markdownDescription": "The encryption key used to encrypt the data in the artifact store, such as an AWS Key Management Service ( AWS KMS) key. If this is undefined, the default key for Amazon S3 is used. To see an example artifact store encryption key field, see the example structure here: [AWS::CodePipeline::Pipeline](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codepipeline-pipeline.html) .", + "title": "EncryptionKey" + }, + "Location": { + "markdownDescription": "The S3 bucket used for storing the artifacts for a pipeline. You can specify the name of an S3 bucket but not a folder in the bucket. A folder to contain the pipeline artifacts is created for you based on the name of the pipeline. You can use any S3 bucket in the same AWS Region as the pipeline to store your pipeline artifacts.", + "title": "Location", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the artifact store, such as S3.", + "title": "Type", "type": "string" } }, + "required": [ + "Location", + "Type" + ], "type": "object" }, - "AWS::Connect::User.UserPhoneConfig": { + "AWS::CodePipeline::Pipeline.ArtifactStoreMap": { "additionalProperties": false, "properties": { - "AfterContactWorkTimeLimit": { - "markdownDescription": "The After Call Work (ACW) timeout setting, in seconds. This parameter has a minimum value of 0 and a maximum value of 2,000,000 seconds (24 days). Enter 0 if you don't want to allocate a specific amount of ACW time. It essentially means an indefinite amount of time. When the conversation ends, ACW starts; the agent must choose Close contact to end ACW.\n\n> When returned by a `SearchUsers` call, `AfterContactWorkTimeLimit` is returned in milliseconds.", - "title": "AfterContactWorkTimeLimit", - "type": "number" + "ArtifactStore": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.ArtifactStore", + "markdownDescription": "Represents information about the S3 bucket where artifacts are stored for the pipeline.\n\n> You must include either `artifactStore` or `artifactStores` in your pipeline, but you cannot use both. If you create a cross-region action in your pipeline, you must use `artifactStores` .", + "title": "ArtifactStore" }, - "AutoAccept": { - "markdownDescription": "The Auto accept setting.", - "title": "AutoAccept", - "type": "boolean" + "Region": { + "markdownDescription": "The action declaration's AWS Region, such as us-east-1.", + "title": "Region", + "type": "string" + } + }, + "required": [ + "ArtifactStore", + "Region" + ], + "type": "object" + }, + "AWS::CodePipeline::Pipeline.BeforeEntryConditions": { + "additionalProperties": false, + "properties": { + "Conditions": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.Condition" + }, + "markdownDescription": "The conditions that are configured as entry conditions.", + "title": "Conditions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CodePipeline::Pipeline.BlockerDeclaration": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "Reserved for future use.", + "title": "Name", + "type": "string" }, - "DeskPhoneNumber": { - "markdownDescription": "The phone number for the user's desk phone.", - "title": "DeskPhoneNumber", + "Type": { + "markdownDescription": "Reserved for future use.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Name", + "Type" + ], + "type": "object" + }, + "AWS::CodePipeline::Pipeline.Condition": { + "additionalProperties": false, + "properties": { + "Result": { + "markdownDescription": "The action to be done when the condition is met. For example, rolling back an execution for a failure condition.", + "title": "Result", "type": "string" }, - "PhoneType": { - "markdownDescription": "The phone type.", - "title": "PhoneType", + "Rules": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.RuleDeclaration" + }, + "markdownDescription": "The rules that make up the condition.", + "title": "Rules", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CodePipeline::Pipeline.EncryptionKey": { + "additionalProperties": false, + "properties": { + "Id": { + "markdownDescription": "The ID used to identify the key. For an AWS KMS key, you can use the key ID, the key ARN, or the alias ARN.\n\n> Aliases are recognized only in the account that created the AWS KMS key. For cross-account actions, you can only use the key ID or key ARN to identify the key. Cross-account actions involve using the role from the other account (AccountB), so specifying the key ID will use the key from the other account (AccountB).", + "title": "Id", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of encryption key, such as an AWS KMS key. When creating or updating a pipeline, the value must be set to 'KMS'.", + "title": "Type", "type": "string" } }, "required": [ - "PhoneType" + "Id", + "Type" ], "type": "object" }, - "AWS::Connect::User.UserProficiency": { + "AWS::CodePipeline::Pipeline.EnvironmentVariable": { "additionalProperties": false, "properties": { - "AttributeName": { - "markdownDescription": "The name of user\u2019s proficiency. You must use a predefined attribute name that is present in the Amazon Connect instance.", - "title": "AttributeName", + "Name": { + "markdownDescription": "The environment variable name in the key-value pair.", + "title": "Name", "type": "string" }, - "AttributeValue": { - "markdownDescription": "The value of user\u2019s proficiency. You must use a predefined attribute value that is present in the Amazon Connect instance.", - "title": "AttributeValue", + "Type": { + "markdownDescription": "Specifies the type of use for the environment variable value. The value can be either `PLAINTEXT` or `SECRETS_MANAGER` . If the value is `SECRETS_MANAGER` , provide the Secrets reference in the EnvironmentVariable value.", + "title": "Type", "type": "string" }, - "Level": { - "markdownDescription": "The level of the proficiency. The valid values are 1, 2, 3, 4 and 5.", - "title": "Level", - "type": "number" + "Value": { + "markdownDescription": "The environment variable value in the key-value pair.", + "title": "Value", + "type": "string" } }, "required": [ - "AttributeName", - "AttributeValue", - "Level" + "Name", + "Value" ], "type": "object" }, - "AWS::Connect::UserHierarchyGroup": { + "AWS::CodePipeline::Pipeline.FailureConditions": { + "additionalProperties": false, + "properties": { + "Conditions": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.Condition" + }, + "markdownDescription": "The conditions that are configured as failure conditions. For more information about conditions, see [Stage conditions](https://docs.aws.amazon.com/codepipeline/latest/userguide/stage-conditions.html) and [How do stage conditions work?](https://docs.aws.amazon.com/codepipeline/latest/userguide/concepts-how-it-works-conditions.html) .", + "title": "Conditions", + "type": "array" + }, + "Result": { + "markdownDescription": "The specified result for when the failure conditions are met, such as rolling back the stage.", + "title": "Result", + "type": "string" + }, + "RetryConfiguration": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.RetryConfiguration", + "markdownDescription": "The retry configuration specifies automatic retry for a failed stage, along with the configured retry mode.", + "title": "RetryConfiguration" + } + }, + "type": "object" + }, + "AWS::CodePipeline::Pipeline.GitBranchFilterCriteria": { + "additionalProperties": false, + "properties": { + "Excludes": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of patterns of Git branches that, when a commit is pushed, are to be excluded from starting the pipeline.", + "title": "Excludes", + "type": "array" + }, + "Includes": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of patterns of Git branches that, when a commit is pushed, are to be included as criteria that starts the pipeline.", + "title": "Includes", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CodePipeline::Pipeline.GitConfiguration": { + "additionalProperties": false, + "properties": { + "PullRequest": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitPullRequestFilter" + }, + "markdownDescription": "The field where the repository event that will start the pipeline is specified as pull requests.", + "title": "PullRequest", + "type": "array" + }, + "Push": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitPushFilter" + }, + "markdownDescription": "The field where the repository event that will start the pipeline, such as pushing Git tags, is specified with details.", + "title": "Push", + "type": "array" + }, + "SourceActionName": { + "markdownDescription": "The name of the pipeline source action where the trigger configuration, such as Git tags, is specified. The trigger configuration will start the pipeline upon the specified change only.\n\n> You can only specify one trigger configuration per source action.", + "title": "SourceActionName", + "type": "string" + } + }, + "required": [ + "SourceActionName" + ], + "type": "object" + }, + "AWS::CodePipeline::Pipeline.GitFilePathFilterCriteria": { + "additionalProperties": false, + "properties": { + "Excludes": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of patterns of Git repository file paths that, when a commit is pushed, are to be excluded from starting the pipeline.", + "title": "Excludes", + "type": "array" + }, + "Includes": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of patterns of Git repository file paths that, when a commit is pushed, are to be included as criteria that starts the pipeline.", + "title": "Includes", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CodePipeline::Pipeline.GitPullRequestFilter": { + "additionalProperties": false, + "properties": { + "Branches": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitBranchFilterCriteria", + "markdownDescription": "The field that specifies to filter on branches for the pull request trigger configuration.", + "title": "Branches" + }, + "Events": { + "items": { + "type": "string" + }, + "markdownDescription": "The field that specifies which pull request events to filter on (OPEN, UPDATED, CLOSED) for the trigger configuration.", + "title": "Events", + "type": "array" + }, + "FilePaths": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitFilePathFilterCriteria", + "markdownDescription": "The field that specifies to filter on file paths for the pull request trigger configuration.", + "title": "FilePaths" + } + }, + "type": "object" + }, + "AWS::CodePipeline::Pipeline.GitPushFilter": { + "additionalProperties": false, + "properties": { + "Branches": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitBranchFilterCriteria", + "markdownDescription": "The field that specifies to filter on branches for the push trigger configuration.", + "title": "Branches" + }, + "FilePaths": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitFilePathFilterCriteria", + "markdownDescription": "The field that specifies to filter on file paths for the push trigger configuration.", + "title": "FilePaths" + }, + "Tags": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitTagFilterCriteria", + "markdownDescription": "The field that contains the details for the Git tags trigger configuration.", + "title": "Tags" + } + }, + "type": "object" + }, + "AWS::CodePipeline::Pipeline.GitTagFilterCriteria": { + "additionalProperties": false, + "properties": { + "Excludes": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of patterns of Git tags that, when pushed, are to be excluded from starting the pipeline.", + "title": "Excludes", + "type": "array" + }, + "Includes": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of patterns of Git tags that, when pushed, are to be included as criteria that starts the pipeline.", + "title": "Includes", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CodePipeline::Pipeline.InputArtifact": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the artifact to be worked on (for example, \"My App\").\n\nArtifacts are the files that are worked on by actions in the pipeline. See the action configuration for each action for details about artifact parameters. For example, the S3 source action input artifact is a file name (or file path), and the files are generally provided as a ZIP file. Example artifact name: SampleApp_Windows.zip\n\nThe input artifact of an action must exactly match the output artifact declared in a preceding action, but the input artifact does not have to be the next action in strict sequence from the action that provided the output artifact. Actions in parallel can declare different output artifacts, which are in turn consumed by different following actions.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::CodePipeline::Pipeline.OutputArtifact": { + "additionalProperties": false, + "properties": { + "Files": { + "items": { + "type": "string" + }, + "markdownDescription": "The files that you want to associate with the output artifact that will be exported from the compute action.", + "title": "Files", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the output of an artifact, such as \"My App\".\n\nThe output artifact name must exactly match the input artifact declared for a downstream action. However, the downstream action's input artifact does not have to be the next action in strict sequence from the action that provided the output artifact. Actions in parallel can declare different output artifacts, which are in turn consumed by different following actions.\n\nOutput artifact names must be unique within a pipeline.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::CodePipeline::Pipeline.PipelineTriggerDeclaration": { + "additionalProperties": false, + "properties": { + "GitConfiguration": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitConfiguration", + "markdownDescription": "Provides the filter criteria and the source stage for the repository event that starts the pipeline, such as Git tags.", + "title": "GitConfiguration" + }, + "ProviderType": { + "markdownDescription": "The source provider for the event, such as connections configured for a repository with Git tags, for the specified trigger configuration.", + "title": "ProviderType", + "type": "string" + } + }, + "required": [ + "ProviderType" + ], + "type": "object" + }, + "AWS::CodePipeline::Pipeline.RetryConfiguration": { + "additionalProperties": false, + "properties": { + "RetryMode": { + "markdownDescription": "The method that you want to configure for automatic stage retry on stage failure. You can specify to retry only failed action in the stage or all actions in the stage.", + "title": "RetryMode", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CodePipeline::Pipeline.RuleDeclaration": { + "additionalProperties": false, + "properties": { + "Commands": { + "items": { + "type": "string" + }, + "markdownDescription": "The shell commands to run with your commands rule in CodePipeline. All commands are supported except multi-line formats. While CodeBuild logs and permissions are used, you do not need to create any resources in CodeBuild.\n\n> Using compute time for this action will incur separate charges in AWS CodeBuild .", + "title": "Commands", + "type": "array" + }, + "Configuration": { + "markdownDescription": "The action configuration fields for the rule.", + "title": "Configuration", + "type": "object" + }, + "InputArtifacts": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.InputArtifact" + }, + "markdownDescription": "The input artifacts fields for the rule, such as specifying an input file for the rule.", + "title": "InputArtifacts", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the rule that is created for the condition, such as `VariableCheck` .", + "title": "Name", + "type": "string" + }, + "Region": { + "markdownDescription": "The Region for the condition associated with the rule.", + "title": "Region", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The pipeline role ARN associated with the rule.", + "title": "RoleArn", + "type": "string" + }, + "RuleTypeId": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.RuleTypeId", + "markdownDescription": "The ID for the rule type, which is made up of the combined values for category, owner, provider, and version.", + "title": "RuleTypeId" + } + }, + "type": "object" + }, + "AWS::CodePipeline::Pipeline.RuleTypeId": { + "additionalProperties": false, + "properties": { + "Category": { + "markdownDescription": "A category defines what kind of rule can be run in the stage, and constrains the provider type for the rule. The valid category is `Rule` .", + "title": "Category", + "type": "string" + }, + "Owner": { + "markdownDescription": "The creator of the rule being called. The valid value for the `Owner` field in the rule category is `AWS` .", + "title": "Owner", + "type": "string" + }, + "Provider": { + "markdownDescription": "The rule provider, such as the `DeploymentWindow` rule. For a list of rule provider names, see the rules listed in the [AWS CodePipeline rule reference](https://docs.aws.amazon.com/codepipeline/latest/userguide/rule-reference.html) .", + "title": "Provider", + "type": "string" + }, + "Version": { + "markdownDescription": "A string that describes the rule version.", + "title": "Version", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CodePipeline::Pipeline.StageDeclaration": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.ActionDeclaration" + }, + "markdownDescription": "The actions included in a stage.", + "title": "Actions", + "type": "array" + }, + "BeforeEntry": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.BeforeEntryConditions", + "markdownDescription": "The method to use when a stage allows entry. For example, configuring this field for conditions will allow entry to the stage when the conditions are met.", + "title": "BeforeEntry" + }, + "Blockers": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.BlockerDeclaration" + }, + "markdownDescription": "Reserved for future use.", + "title": "Blockers", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the stage.", + "title": "Name", + "type": "string" + }, + "OnFailure": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.FailureConditions", + "markdownDescription": "The method to use when a stage has not completed successfully. For example, configuring this field for rollback will roll back a failed stage automatically to the last successful pipeline execution in the stage.", + "title": "OnFailure" + }, + "OnSuccess": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.SuccessConditions", + "markdownDescription": "The method to use when a stage has succeeded. For example, configuring this field for conditions will allow the stage to succeed when the conditions are met.", + "title": "OnSuccess" + } + }, + "required": [ + "Actions", + "Name" + ], + "type": "object" + }, + "AWS::CodePipeline::Pipeline.StageTransition": { + "additionalProperties": false, + "properties": { + "Reason": { + "markdownDescription": "The reason given to the user that a stage is disabled, such as waiting for manual approval or manual tests. This message is displayed in the pipeline console UI.", + "title": "Reason", + "type": "string" + }, + "StageName": { + "markdownDescription": "The name of the stage where you want to disable the inbound or outbound transition of artifacts.", + "title": "StageName", + "type": "string" + } + }, + "required": [ + "Reason", + "StageName" + ], + "type": "object" + }, + "AWS::CodePipeline::Pipeline.SuccessConditions": { + "additionalProperties": false, + "properties": { + "Conditions": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.Condition" + }, + "markdownDescription": "The conditions that are success conditions.", + "title": "Conditions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CodePipeline::Pipeline.VariableDeclaration": { + "additionalProperties": false, + "properties": { + "DefaultValue": { + "markdownDescription": "The value of a pipeline-level variable.", + "title": "DefaultValue", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of a pipeline-level variable. It's used to add additional context about the variable, and not being used at time when pipeline executes.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a pipeline-level variable.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::CodePipeline::Webhook": { "additionalProperties": false, "properties": { "Condition": { @@ -52911,39 +58648,63 @@ "Properties": { "additionalProperties": false, "properties": { - "InstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the user hierarchy group.", - "title": "InstanceArn", + "Authentication": { + "markdownDescription": "Supported options are GITHUB_HMAC, IP, and UNAUTHENTICATED.\n\n> When creating CodePipeline webhooks, do not use your own credentials or reuse the same secret token across multiple webhooks. For optimal security, generate a unique secret token for each webhook you create. The secret token is an arbitrary string that you provide, which GitHub uses to compute and sign the webhook payloads sent to CodePipeline, for protecting the integrity and authenticity of the webhook payloads. Using your own credentials or reusing the same token across multiple webhooks can lead to security vulnerabilities. > If a secret token was provided, it will be redacted in the response. \n\n- For information about the authentication scheme implemented by GITHUB_HMAC, see [Securing your webhooks](https://docs.aws.amazon.com/https://developer.github.com/webhooks/securing/) on the GitHub Developer website.\n- IP rejects webhooks trigger requests unless they originate from an IP address in the IP range whitelisted in the authentication configuration.\n- UNAUTHENTICATED accepts all webhook trigger requests regardless of origin.", + "title": "Authentication", "type": "string" }, + "AuthenticationConfiguration": { + "$ref": "#/definitions/AWS::CodePipeline::Webhook.WebhookAuthConfiguration", + "markdownDescription": "Properties that configure the authentication applied to incoming webhook trigger requests. The required properties depend on the authentication type. For GITHUB_HMAC, only the `SecretToken` property must be set. For IP, only the `AllowedIPRange` property must be set to a valid CIDR range. For UNAUTHENTICATED, no properties can be set.", + "title": "AuthenticationConfiguration" + }, + "Filters": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Webhook.WebhookFilterRule" + }, + "markdownDescription": "A list of rules applied to the body/payload sent in the POST request to a webhook URL. All defined rules must pass for the request to be accepted and the pipeline started.", + "title": "Filters", + "type": "array" + }, "Name": { - "markdownDescription": "The name of the user hierarchy group.", + "markdownDescription": "The name of the webhook.", "title": "Name", "type": "string" }, - "ParentGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the parent group.", - "title": "ParentGroupArn", + "RegisterWithThirdParty": { + "markdownDescription": "Configures a connection between the webhook that was created and the external tool with events to be detected.", + "title": "RegisterWithThirdParty", + "type": "boolean" + }, + "TargetAction": { + "markdownDescription": "The name of the action in a pipeline you want to connect to the webhook. The action must be from the source (first) stage of the pipeline.", + "title": "TargetAction", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.", - "title": "Tags", - "type": "array" + "TargetPipeline": { + "markdownDescription": "The name of the pipeline you want to connect to the webhook.", + "title": "TargetPipeline", + "type": "string" + }, + "TargetPipelineVersion": { + "markdownDescription": "The version number of the pipeline to be connected to the trigger request.\n\nRequired: Yes\n\nType: Integer\n\nUpdate requires: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt)", + "title": "TargetPipelineVersion", + "type": "number" } }, "required": [ - "InstanceArn", - "Name" + "Authentication", + "AuthenticationConfiguration", + "Filters", + "TargetAction", + "TargetPipeline", + "TargetPipelineVersion" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::UserHierarchyGroup" + "AWS::CodePipeline::Webhook" ], "type": "string" }, @@ -52962,7 +58723,42 @@ ], "type": "object" }, - "AWS::Connect::View": { + "AWS::CodePipeline::Webhook.WebhookAuthConfiguration": { + "additionalProperties": false, + "properties": { + "AllowedIPRange": { + "markdownDescription": "The property used to configure acceptance of webhooks in an IP address range. For IP, only the `AllowedIPRange` property must be set. This property must be set to a valid CIDR range.", + "title": "AllowedIPRange", + "type": "string" + }, + "SecretToken": { + "markdownDescription": "The property used to configure GitHub authentication. For GITHUB_HMAC, only the `SecretToken` property must be set.\n\n> When creating CodePipeline webhooks, do not use your own credentials or reuse the same secret token across multiple webhooks. For optimal security, generate a unique secret token for each webhook you create. The secret token is an arbitrary string that you provide, which GitHub uses to compute and sign the webhook payloads sent to CodePipeline, for protecting the integrity and authenticity of the webhook payloads. Using your own credentials or reusing the same token across multiple webhooks can lead to security vulnerabilities. > If a secret token was provided, it will be redacted in the response.", + "title": "SecretToken", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CodePipeline::Webhook.WebhookFilterRule": { + "additionalProperties": false, + "properties": { + "JsonPath": { + "markdownDescription": "A JsonPath expression that is applied to the body/payload of the webhook. The value selected by the JsonPath expression must match the value specified in the `MatchEquals` field. Otherwise, the request is ignored. For more information, see [Java JsonPath implementation](https://docs.aws.amazon.com/https://github.com/json-path/JsonPath) in GitHub.", + "title": "JsonPath", + "type": "string" + }, + "MatchEquals": { + "markdownDescription": "The value selected by the `JsonPath` expression must match what is supplied in the `MatchEquals` field. Otherwise, the request is ignored. Properties from the target action configuration can be included as placeholders in this value by surrounding the action configuration key with curly brackets. For example, if the value supplied here is \"refs/heads/{Branch}\" and the target action has an action configuration property called \"Branch\" with a value of \"main\", the `MatchEquals` value is evaluated as \"refs/heads/main\". For a list of action configuration properties for built-in action types, see [Pipeline Structure Reference Action Requirements](https://docs.aws.amazon.com/codepipeline/latest/userguide/reference-pipeline-structure.html#action-requirements) .", + "title": "MatchEquals", + "type": "string" + } + }, + "required": [ + "JsonPath" + ], + "type": "object" + }, + "AWS::CodeStar::GitHubRepository": { "additionalProperties": false, "properties": { "Condition": { @@ -52997,54 +58793,56 @@ "Properties": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of actions possible from the view.", - "title": "Actions", - "type": "array" + "Code": { + "$ref": "#/definitions/AWS::CodeStar::GitHubRepository.Code", + "markdownDescription": "Information about code to be committed to a repository after it is created in an AWS CloudFormation stack.", + "title": "Code" }, - "Description": { - "markdownDescription": "The description of the view.", - "title": "Description", + "ConnectionArn": { + "markdownDescription": "", + "title": "ConnectionArn", "type": "string" }, - "InstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", - "title": "InstanceArn", + "EnableIssues": { + "markdownDescription": "Indicates whether to enable issues for the GitHub repository. You can use GitHub issues to track information and bugs for your repository.", + "title": "EnableIssues", + "type": "boolean" + }, + "IsPrivate": { + "markdownDescription": "Indicates whether the GitHub repository is a private repository. If so, you choose who can see and commit to this repository.", + "title": "IsPrivate", + "type": "boolean" + }, + "RepositoryAccessToken": { + "markdownDescription": "The GitHub user's personal access token for the GitHub repository.", + "title": "RepositoryAccessToken", "type": "string" }, - "Name": { - "markdownDescription": "The name of the view.", - "title": "Name", + "RepositoryDescription": { + "markdownDescription": "A comment or description about the new repository. This description is displayed in GitHub after the repository is created.", + "title": "RepositoryDescription", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags associated with the view resource (not specific to view version).", - "title": "Tags", - "type": "array" + "RepositoryName": { + "markdownDescription": "The name of the repository you want to create in GitHub with AWS CloudFormation stack creation.", + "title": "RepositoryName", + "type": "string" }, - "Template": { - "markdownDescription": "The view template representing the structure of the view.", - "title": "Template", - "type": "object" + "RepositoryOwner": { + "markdownDescription": "The GitHub user name for the owner of the GitHub repository to be created. If this repository should be owned by a GitHub organization, provide its name.", + "title": "RepositoryOwner", + "type": "string" } }, "required": [ - "Actions", - "InstanceArn", - "Name", - "Template" + "RepositoryName", + "RepositoryOwner" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::View" + "AWS::CodeStar::GitHubRepository" ], "type": "string" }, @@ -53063,7 +58861,46 @@ ], "type": "object" }, - "AWS::Connect::ViewVersion": { + "AWS::CodeStar::GitHubRepository.Code": { + "additionalProperties": false, + "properties": { + "S3": { + "$ref": "#/definitions/AWS::CodeStar::GitHubRepository.S3", + "markdownDescription": "Information about the Amazon S3 bucket that contains a ZIP file of code to be committed to the repository.", + "title": "S3" + } + }, + "required": [ + "S3" + ], + "type": "object" + }, + "AWS::CodeStar::GitHubRepository.S3": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The name of the Amazon S3 bucket that contains the ZIP file with the content to be committed to the new repository.", + "title": "Bucket", + "type": "string" + }, + "Key": { + "markdownDescription": "The S3 object key or file name for the ZIP file.", + "title": "Key", + "type": "string" + }, + "ObjectVersion": { + "markdownDescription": "The object version of the ZIP file, if versioning is enabled for the Amazon S3 bucket.", + "title": "ObjectVersion", + "type": "string" + } + }, + "required": [ + "Bucket", + "Key" + ], + "type": "object" + }, + "AWS::CodeStarConnections::Connection": { "additionalProperties": false, "properties": { "Condition": { @@ -53098,30 +58935,38 @@ "Properties": { "additionalProperties": false, "properties": { - "VersionDescription": { - "markdownDescription": "The description of the view version.", - "title": "VersionDescription", + "ConnectionName": { + "markdownDescription": "The name of the connection. Connection names must be unique in an AWS account .", + "title": "ConnectionName", "type": "string" }, - "ViewArn": { - "markdownDescription": "The unqualified Amazon Resource Name (ARN) of the view.\n\nFor example:\n\n`arn::connect:::instance/00000000-0000-0000-0000-000000000000/view/00000000-0000-0000-0000-000000000000`", - "title": "ViewArn", + "HostArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the host associated with the connection.", + "title": "HostArn", "type": "string" }, - "ViewContentSha256": { - "markdownDescription": "Indicates the checksum value of the latest published view content.", - "title": "ViewContentSha256", + "ProviderType": { + "markdownDescription": "The name of the external provider where your third-party code repository is configured.", + "title": "ProviderType", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies the tags applied to the resource.", + "title": "Tags", + "type": "array" } }, "required": [ - "ViewArn" + "ConnectionName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::ViewVersion" + "AWS::CodeStarConnections::Connection" ], "type": "string" }, @@ -53140,7 +58985,7 @@ ], "type": "object" }, - "AWS::ConnectCampaigns::Campaign": { + "AWS::CodeStarConnections::RepositoryLink": { "additionalProperties": false, "properties": { "Condition": { @@ -53175,46 +59020,45 @@ "Properties": { "additionalProperties": false, "properties": { - "ConnectInstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Connect instance.", - "title": "ConnectInstanceArn", + "ConnectionArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the connection associated with the repository link.", + "title": "ConnectionArn", "type": "string" }, - "DialerConfig": { - "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign.DialerConfig", - "markdownDescription": "Contains information about the dialer configuration.", - "title": "DialerConfig" + "EncryptionKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the encryption key for the repository associated with the repository link.", + "title": "EncryptionKeyArn", + "type": "string" }, - "Name": { - "markdownDescription": "The name of the campaign.", - "title": "Name", + "OwnerId": { + "markdownDescription": "The owner ID for the repository associated with the repository link, such as the owner ID in GitHub.", + "title": "OwnerId", "type": "string" }, - "OutboundCallConfig": { - "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign.OutboundCallConfig", - "markdownDescription": "Contains information about the outbound call configuration.", - "title": "OutboundCallConfig" + "RepositoryName": { + "markdownDescription": "The name of the repository associated with the repository link.", + "title": "RepositoryName", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "markdownDescription": "The tags for the repository to be associated with the repository link.", "title": "Tags", "type": "array" } }, "required": [ - "ConnectInstanceArn", - "DialerConfig", - "Name", - "OutboundCallConfig" - ], + "ConnectionArn", + "OwnerId", + "RepositoryName" + ], "type": "object" }, "Type": { "enum": [ - "AWS::ConnectCampaigns::Campaign" + "AWS::CodeStarConnections::RepositoryLink" ], "type": "string" }, @@ -53233,125 +59077,114 @@ ], "type": "object" }, - "AWS::ConnectCampaigns::Campaign.AgentlessDialerConfig": { - "additionalProperties": false, - "properties": { - "DialingCapacity": { - "markdownDescription": "The allocation of dialing capacity between multiple active campaigns.", - "title": "DialingCapacity", - "type": "number" - } - }, - "type": "object" - }, - "AWS::ConnectCampaigns::Campaign.AnswerMachineDetectionConfig": { + "AWS::CodeStarConnections::SyncConfiguration": { "additionalProperties": false, "properties": { - "AwaitAnswerMachinePrompt": { - "markdownDescription": "Whether waiting for answer machine prompt is enabled.", - "title": "AwaitAnswerMachinePrompt", - "type": "boolean" + "Condition": { + "type": "string" }, - "EnableAnswerMachineDetection": { - "markdownDescription": "Whether answering machine detection is enabled.", - "title": "EnableAnswerMachineDetection", - "type": "boolean" - } - }, - "required": [ - "EnableAnswerMachineDetection" - ], - "type": "object" - }, - "AWS::ConnectCampaigns::Campaign.DialerConfig": { - "additionalProperties": false, - "properties": { - "AgentlessDialerConfig": { - "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign.AgentlessDialerConfig", - "markdownDescription": "The configuration of the agentless dialer.", - "title": "AgentlessDialerConfig" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "PredictiveDialerConfig": { - "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign.PredictiveDialerConfig", - "markdownDescription": "The configuration of the predictive dialer.", - "title": "PredictiveDialerConfig" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ProgressiveDialerConfig": { - "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign.ProgressiveDialerConfig", - "markdownDescription": "The configuration of the progressive dialer.", - "title": "ProgressiveDialerConfig" - } - }, - "type": "object" - }, - "AWS::ConnectCampaigns::Campaign.OutboundCallConfig": { - "additionalProperties": false, - "properties": { - "AnswerMachineDetectionConfig": { - "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign.AnswerMachineDetectionConfig", - "markdownDescription": "Whether answering machine detection has been enabled.", - "title": "AnswerMachineDetectionConfig" + "Metadata": { + "type": "object" }, - "ConnectContactFlowArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", - "title": "ConnectContactFlowArn", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Branch": { + "markdownDescription": "The branch associated with a specific sync configuration.", + "title": "Branch", + "type": "string" + }, + "ConfigFile": { + "markdownDescription": "The file path to the configuration file associated with a specific sync configuration. The path should point to an actual file in the sync configurations linked repository.", + "title": "ConfigFile", + "type": "string" + }, + "PublishDeploymentStatus": { + "markdownDescription": "Whether to enable or disable publishing of deployment status to source providers.", + "title": "PublishDeploymentStatus", + "type": "string" + }, + "RepositoryLinkId": { + "markdownDescription": "The ID of the repository link associated with a specific sync configuration.", + "title": "RepositoryLinkId", + "type": "string" + }, + "ResourceName": { + "markdownDescription": "The name of the connection resource associated with a specific sync configuration.", + "title": "ResourceName", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role associated with a specific sync configuration.", + "title": "RoleArn", + "type": "string" + }, + "SyncType": { + "markdownDescription": "The type of sync for a specific sync configuration.", + "title": "SyncType", + "type": "string" + }, + "TriggerResourceUpdateOn": { + "markdownDescription": "When to trigger Git sync to begin the stack update.", + "title": "TriggerResourceUpdateOn", + "type": "string" + } + }, + "required": [ + "Branch", + "ConfigFile", + "RepositoryLinkId", + "ResourceName", + "RoleArn", + "SyncType" + ], + "type": "object" }, - "ConnectQueueArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the queue.", - "title": "ConnectQueueArn", + "Type": { + "enum": [ + "AWS::CodeStarConnections::SyncConfiguration" + ], "type": "string" }, - "ConnectSourcePhoneNumber": { - "markdownDescription": "The phone number associated with the outbound call. This is the caller ID that is displayed to customers when an agent calls them.", - "title": "ConnectSourcePhoneNumber", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ConnectContactFlowArn" - ], - "type": "object" - }, - "AWS::ConnectCampaigns::Campaign.PredictiveDialerConfig": { - "additionalProperties": false, - "properties": { - "BandwidthAllocation": { - "markdownDescription": "Bandwidth allocation for the predictive dialer.", - "title": "BandwidthAllocation", - "type": "number" - }, - "DialingCapacity": { - "markdownDescription": "The allocation of dialing capacity between multiple active campaigns.", - "title": "DialingCapacity", - "type": "number" - } - }, - "required": [ - "BandwidthAllocation" - ], - "type": "object" - }, - "AWS::ConnectCampaigns::Campaign.ProgressiveDialerConfig": { - "additionalProperties": false, - "properties": { - "BandwidthAllocation": { - "markdownDescription": "Bandwidth allocation for the progressive dialer.", - "title": "BandwidthAllocation", - "type": "number" - }, - "DialingCapacity": { - "markdownDescription": "The allocation of dialing capacity between multiple active campaigns.", - "title": "DialingCapacity", - "type": "number" - } - }, - "required": [ - "BandwidthAllocation" + "Type", + "Properties" ], "type": "object" }, - "AWS::ControlTower::EnabledBaseline": { + "AWS::CodeStarNotifications::NotificationRule": { "additionalProperties": false, "properties": { "Condition": { @@ -53386,48 +59219,81 @@ "Properties": { "additionalProperties": false, "properties": { - "BaselineIdentifier": { - "markdownDescription": "The specific `Baseline` enabled as part of the `EnabledBaseline` resource.", - "title": "BaselineIdentifier", + "CreatedBy": { + "markdownDescription": "The name or email alias of the person who created the notification rule.", + "title": "CreatedBy", "type": "string" }, - "BaselineVersion": { - "markdownDescription": "The enabled version of the `Baseline` .", - "title": "BaselineVersion", + "DetailType": { + "markdownDescription": "The level of detail to include in the notifications for this resource. `BASIC` will include only the contents of the event as it would appear in Amazon CloudWatch. `FULL` will include any supplemental information provided by AWS CodeStar Notifications and/or the service for the resource for which the notification is created.", + "title": "DetailType", "type": "string" }, - "Parameters": { + "EventTypeId": { + "markdownDescription": "The event type associated with this notification rule. For a complete list of event types and IDs, see [Notification concepts](https://docs.aws.amazon.com/dtconsole/latest/userguide/concepts.html#concepts-api) in the *Developer Tools Console User Guide* .", + "title": "EventTypeId", + "type": "string" + }, + "EventTypeIds": { "items": { - "$ref": "#/definitions/AWS::ControlTower::EnabledBaseline.Parameter" + "type": "string" }, - "markdownDescription": "Shows the parameters that are applied when enabling this `Baseline` .", - "title": "Parameters", + "markdownDescription": "A list of event types associated with this notification rule. For a complete list of event types and IDs, see [Notification concepts](https://docs.aws.amazon.com/dtconsole/latest/userguide/concepts.html#concepts-api) in the *Developer Tools Console User Guide* .", + "title": "EventTypeIds", "type": "array" }, + "Name": { + "markdownDescription": "The name for the notification rule. Notification rule names must be unique in your AWS account .", + "title": "Name", + "type": "string" + }, + "Resource": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource to associate with the notification rule. Supported resources include pipelines in AWS CodePipeline , repositories in AWS CodeCommit , and build projects in AWS CodeBuild .", + "title": "Resource", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the notification rule. The default value is `ENABLED` . If the status is set to `DISABLED` , notifications aren't sent for the notification rule.", + "title": "Status", + "type": "string" + }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "A list of tags to apply to this notification rule. Key names cannot start with \" `aws` \".", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "", "title": "Tags", - "type": "array" + "type": "object" }, - "TargetIdentifier": { - "markdownDescription": "The target on which to enable the `Baseline` .", - "title": "TargetIdentifier", + "TargetAddress": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic or client.", + "title": "TargetAddress", "type": "string" + }, + "Targets": { + "items": { + "$ref": "#/definitions/AWS::CodeStarNotifications::NotificationRule.Target" + }, + "markdownDescription": "A list of Amazon Resource Names (ARNs) of Amazon SNS topics and clients to associate with the notification rule.", + "title": "Targets", + "type": "array" } }, "required": [ - "BaselineIdentifier", - "BaselineVersion", - "TargetIdentifier" + "DetailType", + "EventTypeIds", + "Name", + "Resource", + "Targets" ], "type": "object" }, "Type": { "enum": [ - "AWS::ControlTower::EnabledBaseline" + "AWS::CodeStarNotifications::NotificationRule" ], "type": "string" }, @@ -53446,23 +59312,27 @@ ], "type": "object" }, - "AWS::ControlTower::EnabledBaseline.Parameter": { + "AWS::CodeStarNotifications::NotificationRule.Target": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "", - "title": "Key", + "TargetAddress": { + "markdownDescription": "The Amazon Resource Name (ARN) of the topic or client.", + "title": "TargetAddress", "type": "string" }, - "Value": { - "markdownDescription": "", - "title": "Value", - "type": "object" + "TargetType": { + "markdownDescription": "The target type. Can be an Amazon Simple Notification Service topic or client.\n\n- Amazon Simple Notification Service topics are specified as `SNS` .\n- clients are specified as `AWSChatbotSlack` .\n- clients for Microsoft Teams are specified as `AWSChatbotMicrosoftTeams` .", + "title": "TargetType", + "type": "string" } }, + "required": [ + "TargetAddress", + "TargetType" + ], "type": "object" }, - "AWS::ControlTower::EnabledControl": { + "AWS::Cognito::IdentityPool": { "additionalProperties": false, "properties": { "Condition": { @@ -53497,42 +59367,87 @@ "Properties": { "additionalProperties": false, "properties": { - "ControlIdentifier": { - "markdownDescription": "The ARN of the control. Only *Strongly recommended* and *Elective* controls are permitted, with the exception of the *Region deny* control. For information on how to find the `controlIdentifier` , see [the overview page](https://docs.aws.amazon.com//controltower/latest/APIReference/Welcome.html) .", - "title": "ControlIdentifier", - "type": "string" + "AllowClassicFlow": { + "markdownDescription": "Enables the Basic (Classic) authentication flow.", + "title": "AllowClassicFlow", + "type": "boolean" }, - "Parameters": { + "AllowUnauthenticatedIdentities": { + "markdownDescription": "Specifies whether the identity pool supports unauthenticated logins.", + "title": "AllowUnauthenticatedIdentities", + "type": "boolean" + }, + "CognitoEvents": { + "markdownDescription": "The events to configure.", + "title": "CognitoEvents", + "type": "object" + }, + "CognitoIdentityProviders": { "items": { - "$ref": "#/definitions/AWS::ControlTower::EnabledControl.EnabledControlParameter" + "$ref": "#/definitions/AWS::Cognito::IdentityPool.CognitoIdentityProvider" }, - "markdownDescription": "Array of `EnabledControlParameter` objects.", - "title": "Parameters", + "markdownDescription": "The Amazon Cognito user pools and their client IDs.", + "title": "CognitoIdentityProviders", "type": "array" }, - "Tags": { + "CognitoStreams": { + "$ref": "#/definitions/AWS::Cognito::IdentityPool.CognitoStreams", + "markdownDescription": "Configuration options for configuring Amazon Cognito streams.", + "title": "CognitoStreams" + }, + "DeveloperProviderName": { + "markdownDescription": "The \"domain\" Amazon Cognito uses when referencing your users. This name acts as a placeholder that allows your backend and the Amazon Cognito service to communicate about the developer provider. For the `DeveloperProviderName` , you can use letters and periods (.), underscores (_), and dashes (-).\n\n*Minimum length* : 1\n\n*Maximum length* : 100", + "title": "DeveloperProviderName", + "type": "string" + }, + "IdentityPoolName": { + "markdownDescription": "The name of your Amazon Cognito identity pool.\n\n*Minimum length* : 1\n\n*Maximum length* : 128\n\n*Pattern* : `[\\w\\s+=,.@-]+`", + "title": "IdentityPoolName", + "type": "string" + }, + "IdentityPoolTags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "", - "title": "Tags", + "markdownDescription": "Tags to assign to the identity pool. A tag is a label that you can apply to identity pools to categorize and manage them in different ways, such as by purpose, owner, environment, or other criteria.", + "title": "IdentityPoolTags", "type": "array" }, - "TargetIdentifier": { - "markdownDescription": "The ARN of the organizational unit. For information on how to find the `targetIdentifier` , see [the overview page](https://docs.aws.amazon.com//controltower/latest/APIReference/Welcome.html) .", - "title": "TargetIdentifier", - "type": "string" + "OpenIdConnectProviderARNs": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Names (ARNs) of the OpenID connect providers.", + "title": "OpenIdConnectProviderARNs", + "type": "array" + }, + "PushSync": { + "$ref": "#/definitions/AWS::Cognito::IdentityPool.PushSync", + "markdownDescription": "The configuration options to be applied to the identity pool.", + "title": "PushSync" + }, + "SamlProviderARNs": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Names (ARNs) of the Security Assertion Markup Language (SAML) providers.", + "title": "SamlProviderARNs", + "type": "array" + }, + "SupportedLoginProviders": { + "markdownDescription": "Key-value pairs that map provider names to provider app IDs.", + "title": "SupportedLoginProviders", + "type": "object" } }, "required": [ - "ControlIdentifier", - "TargetIdentifier" + "AllowUnauthenticatedIdentities" ], "type": "object" }, "Type": { "enum": [ - "AWS::ControlTower::EnabledControl" + "AWS::Cognito::IdentityPool" ], "type": "string" }, @@ -53551,27 +59466,72 @@ ], "type": "object" }, - "AWS::ControlTower::EnabledControl.EnabledControlParameter": { + "AWS::Cognito::IdentityPool.CognitoIdentityProvider": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The key of a key/value pair. It is of type `string` .", - "title": "Key", + "ClientId": { + "markdownDescription": "The client ID for the Amazon Cognito user pool.", + "title": "ClientId", "type": "string" }, - "Value": { - "markdownDescription": "The value of a key/value pair. It can be of type `array` , `string` , `number` , `object` , or `boolean` . [Note: The *Type* field that follows may show a single type such as Number, which is only one possible type.]", - "title": "Value", - "type": "object" + "ProviderName": { + "markdownDescription": "The provider name for an Amazon Cognito user pool. For example: `cognito-idp.us-east-2.amazonaws.com/us-east-2_123456789` .", + "title": "ProviderName", + "type": "string" + }, + "ServerSideTokenCheck": { + "markdownDescription": "TRUE if server-side token validation is enabled for the identity provider\u2019s token.\n\nAfter you set the `ServerSideTokenCheck` to TRUE for an identity pool, that identity pool checks with the integrated user pools to make sure the user has not been globally signed out or deleted before the identity pool provides an OIDC token or AWS credentials for the user.\n\nIf the user is signed out or deleted, the identity pool returns a 400 Not Authorized error.", + "title": "ServerSideTokenCheck", + "type": "boolean" } }, "required": [ - "Key", - "Value" + "ClientId", + "ProviderName" ], "type": "object" }, - "AWS::ControlTower::LandingZone": { + "AWS::Cognito::IdentityPool.CognitoStreams": { + "additionalProperties": false, + "properties": { + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role Amazon Cognito can assume to publish to the stream. This role must grant access to Amazon Cognito (cognito-sync) to invoke `PutRecord` on your Amazon Cognito stream.", + "title": "RoleArn", + "type": "string" + }, + "StreamName": { + "markdownDescription": "The name of the Amazon Cognito stream to receive updates. This stream must be in the developer's account and in the same Region as the identity pool.", + "title": "StreamName", + "type": "string" + }, + "StreamingStatus": { + "markdownDescription": "Status of the Amazon Cognito streams. Valid values are: `ENABLED` or `DISABLED` .", + "title": "StreamingStatus", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Cognito::IdentityPool.PushSync": { + "additionalProperties": false, + "properties": { + "ApplicationArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The ARNs of the Amazon SNS platform applications that could be used by clients.", + "title": "ApplicationArns", + "type": "array" + }, + "RoleArn": { + "markdownDescription": "An IAM role configured to allow Amazon Cognito to call Amazon SNS on behalf of the developer.", + "title": "RoleArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Cognito::IdentityPoolPrincipalTag": { "additionalProperties": false, "properties": { "Condition": { @@ -53606,34 +59566,36 @@ "Properties": { "additionalProperties": false, "properties": { - "Manifest": { - "markdownDescription": "The landing zone manifest JSON text file that specifies the landing zone configurations.", - "title": "Manifest", - "type": "object" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Tags to be applied to the landing zone.", - "title": "Tags", - "type": "array" + "IdentityPoolId": { + "markdownDescription": "The identity pool that you want to associate with this principal tag map.", + "title": "IdentityPoolId", + "type": "string" }, - "Version": { - "markdownDescription": "The landing zone's current deployed version.", - "title": "Version", + "IdentityProviderName": { + "markdownDescription": "The identity pool identity provider (IdP) that you want to associate with this principal tag map.", + "title": "IdentityProviderName", "type": "string" + }, + "PrincipalTags": { + "markdownDescription": "A JSON-formatted list of user claims and the principal tags that you want to associate with them. When Amazon Cognito requests credentials, it sets the value of the principal tag to the value of the user's claim.", + "title": "PrincipalTags", + "type": "object" + }, + "UseDefaults": { + "markdownDescription": "Use a default set of mappings between claims and tags for this provider, instead of a custom map.", + "title": "UseDefaults", + "type": "boolean" } }, "required": [ - "Manifest", - "Version" + "IdentityPoolId", + "IdentityProviderName" ], "type": "object" }, "Type": { "enum": [ - "AWS::ControlTower::LandingZone" + "AWS::Cognito::IdentityPoolPrincipalTag" ], "type": "string" }, @@ -53652,7 +59614,7 @@ ], "type": "object" }, - "AWS::CustomerProfiles::CalculatedAttributeDefinition": { + "AWS::Cognito::IdentityPoolRoleAttachment": { "additionalProperties": false, "properties": { "Condition": { @@ -53687,61 +59649,42 @@ "Properties": { "additionalProperties": false, "properties": { - "AttributeDetails": { - "$ref": "#/definitions/AWS::CustomerProfiles::CalculatedAttributeDefinition.AttributeDetails", - "markdownDescription": "Mathematical expression and a list of attribute items specified in that expression.", - "title": "AttributeDetails" - }, - "CalculatedAttributeName": { - "markdownDescription": "The name of an attribute defined in a profile object type.", - "title": "CalculatedAttributeName", - "type": "string" - }, - "Conditions": { - "$ref": "#/definitions/AWS::CustomerProfiles::CalculatedAttributeDefinition.Conditions", - "markdownDescription": "The conditions including range, object count, and threshold for the calculated attribute.", - "title": "Conditions" - }, - "Description": { - "markdownDescription": "The description of the calculated attribute.", - "title": "Description", - "type": "string" - }, - "DisplayName": { - "markdownDescription": "The display name of the calculated attribute.", - "title": "DisplayName", - "type": "string" - }, - "DomainName": { - "markdownDescription": "The unique name of the domain.", - "title": "DomainName", + "IdentityPoolId": { + "markdownDescription": "An identity pool ID in the format `REGION:GUID` .", + "title": "IdentityPoolId", "type": "string" }, - "Statistic": { - "markdownDescription": "The aggregation operation to perform for the calculated attribute.", - "title": "Statistic", - "type": "string" + "RoleMappings": { + "additionalProperties": false, + "markdownDescription": "How users for a specific identity provider are mapped to roles. This is a string to the `RoleMapping` object map. The string identifies the identity provider. For example: `graph.facebook.com` or `cognito-idp.us-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id` .\n\nIf the `IdentityProvider` field isn't provided in this object, the string is used as the identity provider name.\n\nFor more information, see the [RoleMapping property](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypoolroleattachment-rolemapping.html) .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::Cognito::IdentityPoolRoleAttachment.RoleMapping" + } + }, + "title": "RoleMappings", + "type": "object" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "Roles": { + "additionalProperties": true, + "markdownDescription": "The map of the roles associated with this pool. For a given role, the key is either \"authenticated\" or \"unauthenticated\". The value is the role ARN.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "An array of key-value pairs to apply to this resource.", - "title": "Tags", - "type": "array" + "title": "Roles", + "type": "object" } }, "required": [ - "AttributeDetails", - "CalculatedAttributeName", - "DomainName", - "Statistic" + "IdentityPoolId" ], "type": "object" }, "Type": { "enum": [ - "AWS::CustomerProfiles::CalculatedAttributeDefinition" + "AWS::Cognito::IdentityPoolRoleAttachment" ], "type": "string" }, @@ -53760,105 +59703,85 @@ ], "type": "object" }, - "AWS::CustomerProfiles::CalculatedAttributeDefinition.AttributeDetails": { + "AWS::Cognito::IdentityPoolRoleAttachment.MappingRule": { "additionalProperties": false, "properties": { - "Attributes": { - "items": { - "$ref": "#/definitions/AWS::CustomerProfiles::CalculatedAttributeDefinition.AttributeItem" - }, - "markdownDescription": "Mathematical expression and a list of attribute items specified in that expression.", - "title": "Attributes", - "type": "array" + "Claim": { + "markdownDescription": "The claim name that must be present in the token. For example: \"isAdmin\" or \"paid\".", + "title": "Claim", + "type": "string" }, - "Expression": { - "markdownDescription": "Mathematical expression that is performed on attribute items provided in the attribute list. Each element in the expression should follow the structure of \\\"{ObjectTypeName.AttributeName}\\\".", - "title": "Expression", + "MatchType": { + "markdownDescription": "The match condition that specifies how closely the claim value in the IdP token must match `Value` .\n\nValid values are: `Equals` , `Contains` , `StartsWith` , and `NotEqual` .", + "title": "MatchType", "type": "string" - } - }, - "required": [ - "Attributes", - "Expression" - ], - "type": "object" - }, - "AWS::CustomerProfiles::CalculatedAttributeDefinition.AttributeItem": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The unique name of the calculated attribute.", - "title": "Name", + }, + "RoleARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role.", + "title": "RoleARN", + "type": "string" + }, + "Value": { + "markdownDescription": "A brief string that the claim must match. For example, \"paid\" or \"yes\".", + "title": "Value", "type": "string" } }, "required": [ - "Name" + "Claim", + "MatchType", + "RoleARN", + "Value" ], "type": "object" }, - "AWS::CustomerProfiles::CalculatedAttributeDefinition.Conditions": { + "AWS::Cognito::IdentityPoolRoleAttachment.RoleMapping": { "additionalProperties": false, "properties": { - "ObjectCount": { - "markdownDescription": "The number of profile objects used for the calculated attribute.", - "title": "ObjectCount", - "type": "number" - }, - "Range": { - "$ref": "#/definitions/AWS::CustomerProfiles::CalculatedAttributeDefinition.Range", - "markdownDescription": "The relative time period over which data is included in the aggregation.", - "title": "Range" + "AmbiguousRoleResolution": { + "markdownDescription": "If you specify Token or Rules as the `Type` , `AmbiguousRoleResolution` is required.\n\nSpecifies the action to be taken if either no rules match the claim value for the `Rules` type, or there is no `cognito:preferred_role` claim and there are multiple `cognito:roles` matches for the `Token` type.", + "title": "AmbiguousRoleResolution", + "type": "string" }, - "Threshold": { - "$ref": "#/definitions/AWS::CustomerProfiles::CalculatedAttributeDefinition.Threshold", - "markdownDescription": "The threshold for the calculated attribute.", - "title": "Threshold" - } - }, - "type": "object" - }, - "AWS::CustomerProfiles::CalculatedAttributeDefinition.Range": { - "additionalProperties": false, - "properties": { - "Unit": { - "markdownDescription": "The unit of time.", - "title": "Unit", + "IdentityProvider": { + "markdownDescription": "Identifier for the identity provider for which the role is mapped. For example: `graph.facebook.com` or `cognito-idp.us-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id (http://cognito-idp.us-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id)` . This is the identity provider that is used by the user for authentication.\n\nIf the identity provider property isn't provided, the key of the entry in the `RoleMappings` map is used as the identity provider.", + "title": "IdentityProvider", "type": "string" }, - "Value": { - "markdownDescription": "The amount of time of the specified unit.", - "title": "Value", - "type": "number" + "RulesConfiguration": { + "$ref": "#/definitions/AWS::Cognito::IdentityPoolRoleAttachment.RulesConfigurationType", + "markdownDescription": "The rules to be used for mapping users to roles. If you specify \"Rules\" as the role-mapping type, RulesConfiguration is required.", + "title": "RulesConfiguration" + }, + "Type": { + "markdownDescription": "The role mapping type. Token will use `cognito:roles` and `cognito:preferred_role` claims from the Cognito identity provider token to map groups to roles. Rules will attempt to match claims from the token to map to a role.", + "title": "Type", + "type": "string" } }, "required": [ - "Unit", - "Value" + "Type" ], "type": "object" }, - "AWS::CustomerProfiles::CalculatedAttributeDefinition.Threshold": { + "AWS::Cognito::IdentityPoolRoleAttachment.RulesConfigurationType": { "additionalProperties": false, "properties": { - "Operator": { - "markdownDescription": "The operator of the threshold.", - "title": "Operator", - "type": "string" - }, - "Value": { - "markdownDescription": "The value of the threshold.", - "title": "Value", - "type": "string" + "Rules": { + "items": { + "$ref": "#/definitions/AWS::Cognito::IdentityPoolRoleAttachment.MappingRule" + }, + "markdownDescription": "The rules. You can specify up to 25 rules per identity provider.", + "title": "Rules", + "type": "array" } }, "required": [ - "Operator", - "Value" + "Rules" ], "type": "object" }, - "AWS::CustomerProfiles::Domain": { + "AWS::Cognito::LogDeliveryConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -53893,54 +59816,28 @@ "Properties": { "additionalProperties": false, "properties": { - "DeadLetterQueueUrl": { - "markdownDescription": "The URL of the SQS dead letter queue, which is used for reporting errors associated with ingesting data from third party applications. You must set up a policy on the `DeadLetterQueue` for the `SendMessage` operation to enable Amazon Connect Customer Profiles to send messages to the `DeadLetterQueue` .", - "title": "DeadLetterQueueUrl", - "type": "string" - }, - "DefaultEncryptionKey": { - "markdownDescription": "The default encryption key, which is an AWS managed key, is used when no specific type of encryption key is specified. It is used to encrypt all data before it is placed in permanent or semi-permanent storage.", - "title": "DefaultEncryptionKey", - "type": "string" - }, - "DefaultExpirationDays": { - "markdownDescription": "The default number of days until the data within the domain expires.", - "title": "DefaultExpirationDays", - "type": "number" - }, - "DomainName": { - "markdownDescription": "The unique name of the domain.", - "title": "DomainName", - "type": "string" - }, - "Matching": { - "$ref": "#/definitions/AWS::CustomerProfiles::Domain.Matching", - "markdownDescription": "The process of matching duplicate profiles.", - "title": "Matching" - }, - "RuleBasedMatching": { - "$ref": "#/definitions/AWS::CustomerProfiles::Domain.RuleBasedMatching", - "markdownDescription": "The process of matching duplicate profiles using Rule-Based matching.", - "title": "RuleBasedMatching" - }, - "Tags": { + "LogConfigurations": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Cognito::LogDeliveryConfiguration.LogConfiguration" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource.", - "title": "Tags", + "markdownDescription": "A logging destination of a user pool. User pools can have multiple logging destinations for message-delivery and user-activity logs.", + "title": "LogConfigurations", "type": "array" + }, + "UserPoolId": { + "markdownDescription": "The ID of the user pool where you configured logging.", + "title": "UserPoolId", + "type": "string" } }, "required": [ - "DefaultExpirationDays", - "DomainName" + "UserPoolId" ], "type": "object" }, "Type": { "enum": [ - "AWS::CustomerProfiles::Domain" + "AWS::Cognito::LogDeliveryConfiguration" ], "type": "string" }, @@ -53959,281 +59856,71 @@ ], "type": "object" }, - "AWS::CustomerProfiles::Domain.AttributeTypesSelector": { + "AWS::Cognito::LogDeliveryConfiguration.CloudWatchLogsConfiguration": { "additionalProperties": false, "properties": { - "Address": { - "items": { - "type": "string" - }, - "markdownDescription": "The `Address` type. You can choose from `Address` , `BusinessAddress` , `MaillingAddress` , and `ShippingAddress` . You only can use the `Address` type in the `MatchingRule` . For example, if you want to match a profile based on `BusinessAddress.City` or `MaillingAddress.City` , you can choose the `BusinessAddress` and the `MaillingAddress` to represent the `Address` type and specify the `Address.City` on the matching rule.", - "title": "Address", - "type": "array" - }, - "AttributeMatchingModel": { - "markdownDescription": "Configures the `AttributeMatchingModel` , you can either choose `ONE_TO_ONE` or `MANY_TO_MANY` .", - "title": "AttributeMatchingModel", + "LogGroupArn": { + "markdownDescription": "The Amazon Resource Name (arn) of a CloudWatch Logs log group where your user pool sends logs. The log group must not be encrypted with AWS Key Management Service and must be in the same AWS account as your user pool.\n\nTo send logs to log groups with a resource policy of a size greater than 5120 characters, configure a log group with a path that starts with `/aws/vendedlogs` . For more information, see [Enabling logging from certain AWS services](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AWS-logs-and-resource-policy.html) .", + "title": "LogGroupArn", "type": "string" - }, - "EmailAddress": { - "items": { - "type": "string" - }, - "markdownDescription": "The Email type. You can choose from `EmailAddress` , `BusinessEmailAddress` and `PersonalEmailAddress` . You only can use the `EmailAddress` type in the `MatchingRule` . For example, if you want to match profile based on `PersonalEmailAddress` or `BusinessEmailAddress` , you can choose the `PersonalEmailAddress` and the `BusinessEmailAddress` to represent the `EmailAddress` type and only specify the `EmailAddress` on the matching rule.", - "title": "EmailAddress", - "type": "array" - }, - "PhoneNumber": { - "items": { - "type": "string" - }, - "markdownDescription": "The `PhoneNumber` type. You can choose from `PhoneNumber` , `HomePhoneNumber` , and `MobilePhoneNumber` . You only can use the `PhoneNumber` type in the `MatchingRule` . For example, if you want to match a profile based on `Phone` or `HomePhone` , you can choose the `Phone` and the `HomePhone` to represent the `PhoneNumber` type and only specify the `PhoneNumber` on the matching rule.", - "title": "PhoneNumber", - "type": "array" - } - }, - "required": [ - "AttributeMatchingModel" - ], - "type": "object" - }, - "AWS::CustomerProfiles::Domain.AutoMerging": { - "additionalProperties": false, - "properties": { - "ConflictResolution": { - "$ref": "#/definitions/AWS::CustomerProfiles::Domain.ConflictResolution", - "markdownDescription": "Determines how the auto-merging process should resolve conflicts between different profiles. For example, if Profile A and Profile B have the same `FirstName` and `LastName` , `ConflictResolution` specifies which `EmailAddress` should be used.", - "title": "ConflictResolution" - }, - "Consolidation": { - "$ref": "#/definitions/AWS::CustomerProfiles::Domain.Consolidation", - "markdownDescription": "A list of matching attributes that represent matching criteria. If two profiles meet at least one of the requirements in the matching attributes list, they will be merged.", - "title": "Consolidation" - }, - "Enabled": { - "markdownDescription": "The flag that enables the auto-merging of duplicate profiles.", - "title": "Enabled", - "type": "boolean" - }, - "MinAllowedConfidenceScoreForMerging": { - "markdownDescription": "A number between 0 and 1 that represents the minimum confidence score required for profiles within a matching group to be merged during the auto-merge process. A higher score means that a higher similarity is required to merge profiles.", - "title": "MinAllowedConfidenceScoreForMerging", - "type": "number" } }, - "required": [ - "Enabled" - ], "type": "object" }, - "AWS::CustomerProfiles::Domain.ConflictResolution": { + "AWS::Cognito::LogDeliveryConfiguration.FirehoseConfiguration": { "additionalProperties": false, "properties": { - "ConflictResolvingModel": { - "markdownDescription": "How the auto-merging process should resolve conflicts between different profiles.", - "title": "ConflictResolvingModel", - "type": "string" - }, - "SourceName": { - "markdownDescription": "The `ObjectType` name that is used to resolve profile merging conflicts when choosing `SOURCE` as the `ConflictResolvingModel` .", - "title": "SourceName", + "StreamArn": { + "markdownDescription": "The ARN of an Amazon Data Firehose stream that's the destination for threat protection log export.", + "title": "StreamArn", "type": "string" } }, - "required": [ - "ConflictResolvingModel" - ], - "type": "object" - }, - "AWS::CustomerProfiles::Domain.Consolidation": { - "additionalProperties": false, - "properties": { - "MatchingAttributesList": { - "markdownDescription": "A list of matching criteria.", - "title": "MatchingAttributesList", - "type": "object" - } - }, - "required": [ - "MatchingAttributesList" - ], - "type": "object" - }, - "AWS::CustomerProfiles::Domain.DomainStats": { - "additionalProperties": false, - "properties": { - "MeteringProfileCount": { - "markdownDescription": "The number of profiles that you are currently paying for in the domain. If you have more than 100 objects associated with a single profile, that profile counts as two profiles. If you have more than 200 objects, that profile counts as three, and so on.", - "title": "MeteringProfileCount", - "type": "number" - }, - "ObjectCount": { - "markdownDescription": "The total number of objects in domain.", - "title": "ObjectCount", - "type": "number" - }, - "ProfileCount": { - "markdownDescription": "The total number of profiles currently in the domain.", - "title": "ProfileCount", - "type": "number" - }, - "TotalSize": { - "markdownDescription": "The total size, in bytes, of all objects in the domain.", - "title": "TotalSize", - "type": "number" - } - }, - "type": "object" - }, - "AWS::CustomerProfiles::Domain.ExportingConfig": { - "additionalProperties": false, - "properties": { - "S3Exporting": { - "$ref": "#/definitions/AWS::CustomerProfiles::Domain.S3ExportingConfig", - "markdownDescription": "", - "title": "S3Exporting" - } - }, "type": "object" }, - "AWS::CustomerProfiles::Domain.JobSchedule": { + "AWS::Cognito::LogDeliveryConfiguration.LogConfiguration": { "additionalProperties": false, "properties": { - "DayOfTheWeek": { - "markdownDescription": "The day when the Identity Resolution Job should run every week.", - "title": "DayOfTheWeek", - "type": "string" + "CloudWatchLogsConfiguration": { + "$ref": "#/definitions/AWS::Cognito::LogDeliveryConfiguration.CloudWatchLogsConfiguration", + "markdownDescription": "Configuration for the CloudWatch log group destination of user pool detailed activity logging, or of user activity log export with advanced security features.", + "title": "CloudWatchLogsConfiguration" }, - "Time": { - "markdownDescription": "The time when the Identity Resolution Job should run every week.", - "title": "Time", + "EventSource": { + "markdownDescription": "The source of events that your user pool sends for logging. To send error-level logs about user notification activity, set to `userNotification` . To send info-level logs about threat-protection user activity in user pools with the Plus feature plan, set to `userAuthEvents` .", + "title": "EventSource", "type": "string" - } - }, - "required": [ - "DayOfTheWeek", - "Time" - ], - "type": "object" - }, - "AWS::CustomerProfiles::Domain.Matching": { - "additionalProperties": false, - "properties": { - "AutoMerging": { - "$ref": "#/definitions/AWS::CustomerProfiles::Domain.AutoMerging", - "markdownDescription": "Configuration information about the auto-merging process.", - "title": "AutoMerging" - }, - "Enabled": { - "markdownDescription": "The flag that enables the matching process of duplicate profiles.", - "title": "Enabled", - "type": "boolean" - }, - "ExportingConfig": { - "$ref": "#/definitions/AWS::CustomerProfiles::Domain.ExportingConfig", - "markdownDescription": "The S3 location where Identity Resolution Jobs write result files.", - "title": "ExportingConfig" - }, - "JobSchedule": { - "$ref": "#/definitions/AWS::CustomerProfiles::Domain.JobSchedule", - "markdownDescription": "The day and time when do you want to start the Identity Resolution Job every week.", - "title": "JobSchedule" - } - }, - "required": [ - "Enabled" - ], - "type": "object" - }, - "AWS::CustomerProfiles::Domain.MatchingRule": { - "additionalProperties": false, - "properties": { - "Rule": { - "items": { - "type": "string" - }, - "markdownDescription": "A single rule level of the `MatchRules` . Configures how the rule-based matching process should match profiles.", - "title": "Rule", - "type": "array" - } - }, - "required": [ - "Rule" - ], - "type": "object" - }, - "AWS::CustomerProfiles::Domain.RuleBasedMatching": { - "additionalProperties": false, - "properties": { - "AttributeTypesSelector": { - "$ref": "#/definitions/AWS::CustomerProfiles::Domain.AttributeTypesSelector", - "markdownDescription": "Configures information about the `AttributeTypesSelector` where the rule-based identity resolution uses to match profiles.", - "title": "AttributeTypesSelector" - }, - "ConflictResolution": { - "$ref": "#/definitions/AWS::CustomerProfiles::Domain.ConflictResolution", - "markdownDescription": "Determines how the auto-merging process should resolve conflicts between different profiles. For example, if Profile A and Profile B have the same `FirstName` and `LastName` , `ConflictResolution` specifies which `EmailAddress` should be used.", - "title": "ConflictResolution" - }, - "Enabled": { - "markdownDescription": "The flag that enables the matching process of duplicate profiles.", - "title": "Enabled", - "type": "boolean" - }, - "ExportingConfig": { - "$ref": "#/definitions/AWS::CustomerProfiles::Domain.ExportingConfig", - "markdownDescription": "The S3 location where Identity Resolution Jobs write result files.", - "title": "ExportingConfig" - }, - "MatchingRules": { - "items": { - "$ref": "#/definitions/AWS::CustomerProfiles::Domain.MatchingRule" - }, - "markdownDescription": "Configures how the rule-based matching process should match profiles. You can have up to 15 `MatchingRule` in the `MatchingRules` .", - "title": "MatchingRules", - "type": "array" - }, - "MaxAllowedRuleLevelForMatching": { - "markdownDescription": "Indicates the maximum allowed rule level for matching.", - "title": "MaxAllowedRuleLevelForMatching", - "type": "number" }, - "MaxAllowedRuleLevelForMerging": { - "markdownDescription": "Indicates the maximum allowed rule level for merging.", - "title": "MaxAllowedRuleLevelForMerging", - "type": "number" + "FirehoseConfiguration": { + "$ref": "#/definitions/AWS::Cognito::LogDeliveryConfiguration.FirehoseConfiguration", + "markdownDescription": "Configuration for the Amazon Data Firehose stream destination of user activity log export with threat protection.", + "title": "FirehoseConfiguration" }, - "Status": { - "markdownDescription": "The status of rule-based matching rule.", - "title": "Status", + "LogLevel": { + "markdownDescription": "The `errorlevel` selection of logs that a user pool sends for detailed activity logging. To send `userNotification` activity with [information about message delivery](https://docs.aws.amazon.com/cognito/latest/developerguide/exporting-quotas-and-usage.html) , choose `ERROR` with `CloudWatchLogsConfiguration` . To send `userAuthEvents` activity with user logs from threat protection with the Plus feature plan, choose `INFO` with one of `CloudWatchLogsConfiguration` , `FirehoseConfiguration` , or `S3Configuration` .", + "title": "LogLevel", "type": "string" + }, + "S3Configuration": { + "$ref": "#/definitions/AWS::Cognito::LogDeliveryConfiguration.S3Configuration", + "markdownDescription": "Configuration for the Amazon S3 bucket destination of user activity log export with threat protection.", + "title": "S3Configuration" } }, - "required": [ - "Enabled" - ], "type": "object" }, - "AWS::CustomerProfiles::Domain.S3ExportingConfig": { + "AWS::Cognito::LogDeliveryConfiguration.S3Configuration": { "additionalProperties": false, "properties": { - "S3BucketName": { - "markdownDescription": "The name of the S3 bucket where Identity Resolution Jobs write result files.", - "title": "S3BucketName", - "type": "string" - }, - "S3KeyName": { - "markdownDescription": "The S3 key name of the location where Identity Resolution Jobs write result files.", - "title": "S3KeyName", + "BucketArn": { + "markdownDescription": "The ARN of an Amazon S3 bucket that's the destination for threat protection log export.", + "title": "BucketArn", "type": "string" } }, - "required": [ - "S3BucketName" - ], "type": "object" }, - "AWS::CustomerProfiles::EventStream": { + "AWS::Cognito::ManagedLoginBranding": { "additionalProperties": false, "properties": { "Condition": { @@ -54268,40 +59955,48 @@ "Properties": { "additionalProperties": false, "properties": { - "DomainName": { - "markdownDescription": "The unique name of the domain.", - "title": "DomainName", - "type": "string" - }, - "EventStreamName": { - "markdownDescription": "The name of the event stream.", - "title": "EventStreamName", - "type": "string" - }, - "Tags": { + "Assets": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Cognito::ManagedLoginBranding.AssetType" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource.", - "title": "Tags", + "markdownDescription": "An array of image files that you want to apply to roles like backgrounds, logos, and icons. Each object must also indicate whether it is for dark mode, light mode, or browser-adaptive mode.", + "title": "Assets", "type": "array" }, - "Uri": { - "markdownDescription": "The StreamARN of the destination to deliver profile events to. For example, arn:aws:kinesis:region:account-id:stream/stream-name.", - "title": "Uri", + "ClientId": { + "markdownDescription": "The app client that you want to assign the branding style to. Each style is linked to an app client until you delete it.", + "title": "ClientId", + "type": "string" + }, + "ReturnMergedResources": { + "markdownDescription": "When `true` , returns values for branding options that are unchanged from Amazon Cognito defaults. When `false` or when you omit this parameter, returns only values that you customized in your branding style.", + "title": "ReturnMergedResources", + "type": "boolean" + }, + "Settings": { + "markdownDescription": "A JSON file, encoded as a `Document` type, with the the settings that you want to apply to your style.", + "title": "Settings", + "type": "object" + }, + "UseCognitoProvidedValues": { + "markdownDescription": "When true, applies the default branding style options. This option reverts to default style options that are managed by Amazon Cognito. You can modify them later in the branding editor.\n\nWhen you specify `true` for this option, you must also omit values for `Settings` and `Assets` in the request.", + "title": "UseCognitoProvidedValues", + "type": "boolean" + }, + "UserPoolId": { + "markdownDescription": "The user pool where the branding style is assigned.", + "title": "UserPoolId", "type": "string" } }, "required": [ - "DomainName", - "EventStreamName", - "Uri" + "UserPoolId" ], "type": "object" }, "Type": { "enum": [ - "AWS::CustomerProfiles::EventStream" + "AWS::Cognito::ManagedLoginBranding" ], "type": "string" }, @@ -54320,27 +60015,43 @@ ], "type": "object" }, - "AWS::CustomerProfiles::EventStream.DestinationDetails": { + "AWS::Cognito::ManagedLoginBranding.AssetType": { "additionalProperties": false, "properties": { - "Status": { - "markdownDescription": "The status of enabling the Kinesis stream as a destination for export.", - "title": "Status", + "Bytes": { + "markdownDescription": "The image file, in Base64-encoded binary.", + "title": "Bytes", "type": "string" }, - "Uri": { - "markdownDescription": "The StreamARN of the destination to deliver profile events to. For example, arn:aws:kinesis:region:account-id:stream/stream-name.", - "title": "Uri", - "type": "string" + "Category": { + "markdownDescription": "The category that the image corresponds to in your managed login configuration. Managed login has asset categories for different types of logos, backgrounds, and icons.", + "title": "Category", + "type": "string" + }, + "ColorMode": { + "markdownDescription": "The display-mode target of the asset: light, dark, or browser-adaptive. For example, Amazon Cognito displays a dark-mode image only when the browser or application is in dark mode, but displays a browser-adaptive file in all contexts.", + "title": "ColorMode", + "type": "string" + }, + "Extension": { + "markdownDescription": "The file type of the image file.", + "title": "Extension", + "type": "string" + }, + "ResourceId": { + "markdownDescription": "The ID of the asset.", + "title": "ResourceId", + "type": "string" } }, "required": [ - "Status", - "Uri" + "Category", + "ColorMode", + "Extension" ], "type": "object" }, - "AWS::CustomerProfiles::Integration": { + "AWS::Cognito::UserPool": { "additionalProperties": false, "properties": { "Condition": { @@ -54375,51 +60086,178 @@ "Properties": { "additionalProperties": false, "properties": { - "DomainName": { - "markdownDescription": "The unique name of the domain.", - "title": "DomainName", + "AccountRecoverySetting": { + "$ref": "#/definitions/AWS::Cognito::UserPool.AccountRecoverySetting", + "markdownDescription": "The available verified method a user can use to recover their password when they call `ForgotPassword` . You can use this setting to define a preferred method when a user has more than one method available. With this setting, SMS doesn't qualify for a valid password recovery mechanism if the user also has SMS multi-factor authentication (MFA) activated. In the absence of this setting, Amazon Cognito uses the legacy behavior to determine the recovery method where SMS is preferred through email.", + "title": "AccountRecoverySetting" + }, + "AdminCreateUserConfig": { + "$ref": "#/definitions/AWS::Cognito::UserPool.AdminCreateUserConfig", + "markdownDescription": "The settings for administrator creation of users in a user pool. Contains settings for allowing user sign-up, customizing invitation messages to new users, and the amount of time before temporary passwords expire.", + "title": "AdminCreateUserConfig" + }, + "AliasAttributes": { + "items": { + "type": "string" + }, + "markdownDescription": "Attributes supported as an alias for this user pool. For more information about alias attributes, see [Customizing sign-in attributes](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html#user-pool-settings-aliases) .", + "title": "AliasAttributes", + "type": "array" + }, + "AutoVerifiedAttributes": { + "items": { + "type": "string" + }, + "markdownDescription": "The attributes that you want your user pool to automatically verify. For more information, see [Verifying contact information at sign-up](https://docs.aws.amazon.com/cognito/latest/developerguide/signing-up-users-in-your-app.html#allowing-users-to-sign-up-and-confirm-themselves) .", + "title": "AutoVerifiedAttributes", + "type": "array" + }, + "DeletionProtection": { + "markdownDescription": "When active, `DeletionProtection` prevents accidental deletion of your user\npool. Before you can delete a user pool that you have protected against deletion, you\nmust deactivate this feature.\n\nWhen you try to delete a protected user pool in a `DeleteUserPool` API request, Amazon Cognito returns an `InvalidParameterException` error. To delete a protected user pool, send a new `DeleteUserPool` request after you deactivate deletion protection in an `UpdateUserPool` API request.", + "title": "DeletionProtection", "type": "string" }, - "FlowDefinition": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.FlowDefinition", - "markdownDescription": "The configuration that controls how Customer Profiles retrieves data from the source.", - "title": "FlowDefinition" + "DeviceConfiguration": { + "$ref": "#/definitions/AWS::Cognito::UserPool.DeviceConfiguration", + "markdownDescription": "The device-remembering configuration for a user pool. Device remembering or device tracking is a \"Remember me on this device\" option for user pools that perform authentication with the device key of a trusted device in the back end, instead of a user-provided MFA code. For more information about device authentication, see [Working with user devices in your user pool](https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html) . A null value indicates that you have deactivated device remembering in your user pool.\n\n> When you provide a value for any `DeviceConfiguration` field, you activate the Amazon Cognito device-remembering feature. For more information, see [Working with devices](https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html) .", + "title": "DeviceConfiguration" }, - "ObjectTypeName": { - "markdownDescription": "The name of the profile object type mapping to use.", - "title": "ObjectTypeName", + "EmailAuthenticationMessage": { + "markdownDescription": "", + "title": "EmailAuthenticationMessage", "type": "string" }, - "ObjectTypeNames": { + "EmailAuthenticationSubject": { + "markdownDescription": "", + "title": "EmailAuthenticationSubject", + "type": "string" + }, + "EmailConfiguration": { + "$ref": "#/definitions/AWS::Cognito::UserPool.EmailConfiguration", + "markdownDescription": "The email configuration of your user pool. The email configuration type sets your preferred sending method, AWS Region, and sender for messages from your user pool.", + "title": "EmailConfiguration" + }, + "EmailVerificationMessage": { + "markdownDescription": "This parameter is no longer used. See [VerificationMessageTemplateType](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-verificationmessagetemplate.html) .", + "title": "EmailVerificationMessage", + "type": "string" + }, + "EmailVerificationSubject": { + "markdownDescription": "This parameter is no longer used. See [VerificationMessageTemplateType](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-verificationmessagetemplate.html) .", + "title": "EmailVerificationSubject", + "type": "string" + }, + "EnabledMfas": { "items": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.ObjectTypeMapping" + "type": "string" }, - "markdownDescription": "The object type mapping.", - "title": "ObjectTypeNames", + "markdownDescription": "Set enabled MFA options on a specified user pool. To disable all MFAs after it has been enabled, set `MfaConfiguration` to `OFF` and remove EnabledMfas. MFAs can only be all disabled if `MfaConfiguration` is `OFF` . After you enable `SMS_MFA` , you can only disable it by setting `MfaConfiguration` to `OFF` . Can be one of the following values:\n\n- `SMS_MFA` - Enables MFA with SMS for the user pool. To select this option, you must also provide values for `SmsConfiguration` .\n- `SOFTWARE_TOKEN_MFA` - Enables software token MFA for the user pool.\n- `EMAIL_OTP` - Enables MFA with email for the user pool. To select this option, you must provide values for `EmailConfiguration` and within those, set `EmailSendingAccount` to `DEVELOPER` .\n\nAllowed values: `SMS_MFA` | `SOFTWARE_TOKEN_MFA` | `EMAIL_OTP`", + "title": "EnabledMfas", "type": "array" }, - "Tags": { + "LambdaConfig": { + "$ref": "#/definitions/AWS::Cognito::UserPool.LambdaConfig", + "markdownDescription": "A collection of user pool Lambda triggers. Amazon Cognito invokes triggers at several possible stages of authentication operations. Triggers can modify the outcome of the operations that invoked them.", + "title": "LambdaConfig" + }, + "MfaConfiguration": { + "markdownDescription": "Displays the state of multi-factor authentication (MFA) as on, off, or optional. When `ON` , all users must set up MFA before they can sign in. When `OPTIONAL` , your application must make a client-side determination of whether a user wants to register an MFA device. For user pools with adaptive authentication with threat protection, choose `OPTIONAL` .\n\nWhen `MfaConfiguration` is `OPTIONAL` , managed login doesn't automatically prompt users to set up MFA. Amazon Cognito generates MFA prompts in API responses and in managed login for users who have chosen and configured a preferred MFA factor.", + "title": "MfaConfiguration", + "type": "string" + }, + "Policies": { + "$ref": "#/definitions/AWS::Cognito::UserPool.Policies", + "markdownDescription": "A list of user pool policies. Contains the policy that sets password-complexity requirements.", + "title": "Policies" + }, + "Schema": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Cognito::UserPool.SchemaAttribute" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource.", - "title": "Tags", + "markdownDescription": "An array of attributes for the new user pool. You can add custom attributes and modify the properties of default attributes. The specifications in this parameter set the required attributes in your user pool. For more information, see [Working with user attributes](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html) .", + "title": "Schema", "type": "array" }, - "Uri": { - "markdownDescription": "The URI of the S3 bucket or any other type of data source.", - "title": "Uri", + "SmsAuthenticationMessage": { + "markdownDescription": "The contents of the SMS authentication message.", + "title": "SmsAuthenticationMessage", + "type": "string" + }, + "SmsConfiguration": { + "$ref": "#/definitions/AWS::Cognito::UserPool.SmsConfiguration", + "markdownDescription": "The settings for your Amazon Cognito user pool to send SMS messages with Amazon Simple Notification Service. To send SMS messages with Amazon SNS in the AWS Region that you want, the Amazon Cognito user pool uses an AWS Identity and Access Management (IAM) role in your AWS account . For more information see [SMS message settings](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html) .", + "title": "SmsConfiguration" + }, + "SmsVerificationMessage": { + "markdownDescription": "This parameter is no longer used. See [VerificationMessageTemplateType](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-verificationmessagetemplate.html) .", + "title": "SmsVerificationMessage", + "type": "string" + }, + "UserAttributeUpdateSettings": { + "$ref": "#/definitions/AWS::Cognito::UserPool.UserAttributeUpdateSettings", + "markdownDescription": "The settings for updates to user attributes. These settings include the property `AttributesRequireVerificationBeforeUpdate` ,\na user-pool setting that tells Amazon Cognito how to handle changes to the value of your users' email address and phone number attributes. For\nmore information, see [Verifying updates to email addresses and phone numbers](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html#user-pool-settings-verifications-verify-attribute-updates) .", + "title": "UserAttributeUpdateSettings" + }, + "UserPoolAddOns": { + "$ref": "#/definitions/AWS::Cognito::UserPool.UserPoolAddOns", + "markdownDescription": "Contains settings for activation of threat protection, including the operating mode and additional authentication types. To log user security information but take no action, set to `AUDIT` . To configure automatic security responses to potentially unwanted traffic to your user pool, set to `ENFORCED` .\n\nFor more information, see [Adding advanced security to a user pool](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html) . To activate this setting, your user pool must be on the [Plus tier](https://docs.aws.amazon.com/cognito/latest/developerguide/feature-plans-features-plus.html) .", + "title": "UserPoolAddOns" + }, + "UserPoolName": { + "markdownDescription": "A friendly name for your user pool.", + "title": "UserPoolName", + "type": "string" + }, + "UserPoolTags": { + "additionalProperties": true, + "markdownDescription": "The tag keys and values to assign to the user pool. A tag is a label that you can use to categorize and manage user pools in different ways, such as by purpose, owner, environment, or other criteria.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "UserPoolTags", + "type": "object" + }, + "UserPoolTier": { + "markdownDescription": "The user pool [feature plan](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-sign-in-feature-plans.html) , or tier. This parameter determines the eligibility of the user pool for features like managed login, access-token customization, and threat protection. Defaults to `ESSENTIALS` .", + "title": "UserPoolTier", + "type": "string" + }, + "UsernameAttributes": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies whether a user can use an email address or phone number as a username when they sign up.", + "title": "UsernameAttributes", + "type": "array" + }, + "UsernameConfiguration": { + "$ref": "#/definitions/AWS::Cognito::UserPool.UsernameConfiguration", + "markdownDescription": "Sets the case sensitivity option for sign-in usernames. When `CaseSensitive` is `false` (case insensitive), users can sign in with any combination of capital and lowercase letters. For example, `username` , `USERNAME` , or `UserName` , or for email, `email@example.com` or `EMaiL@eXamplE.Com` . For most use cases, set case sensitivity to `false` as a best practice. When usernames and email addresses are case insensitive, Amazon Cognito treats any variation in case as the same user, and prevents a case variation from being assigned to the same attribute for a different user.\n\nWhen `CaseSensitive` is `true` (case sensitive), Amazon Cognito interprets `USERNAME` and `UserName` as distinct users.\n\nThis configuration is immutable after you set it.", + "title": "UsernameConfiguration" + }, + "VerificationMessageTemplate": { + "$ref": "#/definitions/AWS::Cognito::UserPool.VerificationMessageTemplate", + "markdownDescription": "The template for the verification message that your user pool delivers to users who set an email address or phone number attribute.\n\nSet the email message type that corresponds to your `DefaultEmailOption` selection. For `CONFIRM_WITH_LINK` , specify an `EmailMessageByLink` and leave `EmailMessage` blank. For `CONFIRM_WITH_CODE` , specify an `EmailMessage` and leave `EmailMessageByLink` blank. When you supply both parameters with either choice, Amazon Cognito returns an error.", + "title": "VerificationMessageTemplate" + }, + "WebAuthnRelyingPartyID": { + "markdownDescription": "Sets or displays the authentication domain, typically your user pool domain, that passkey providers must use as a relying party (RP) in their configuration.\n\nUnder the following conditions, the passkey relying party ID must be the fully-qualified domain name of your custom domain:\n\n- The user pool is configured for passkey authentication.\n- The user pool has a custom domain, whether or not it also has a prefix domain.\n- Your application performs authentication with managed login or the classic hosted UI.", + "title": "WebAuthnRelyingPartyID", + "type": "string" + }, + "WebAuthnUserVerification": { + "markdownDescription": "When `required` , users can only register and sign in users with passkeys that are capable of [user verification](https://docs.aws.amazon.com/https://www.w3.org/TR/webauthn-2/#enum-userVerificationRequirement) . When `preferred` , your user pool doesn't require the use of authenticators with user verification but encourages it.", + "title": "WebAuthnUserVerification", "type": "string" } }, - "required": [ - "DomainName" - ], "type": "object" }, "Type": { "enum": [ - "AWS::CustomerProfiles::Integration" + "AWS::Cognito::UserPool" ], "type": "string" }, @@ -54433,401 +60271,510 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::CustomerProfiles::Integration.ConnectorOperator": { + "AWS::Cognito::UserPool.AccountRecoverySetting": { "additionalProperties": false, "properties": { - "Marketo": { - "markdownDescription": "The operation to be performed on the provided Marketo source fields.", - "title": "Marketo", - "type": "string" - }, - "S3": { - "markdownDescription": "The operation to be performed on the provided Amazon S3 source fields.", - "title": "S3", - "type": "string" - }, - "Salesforce": { - "markdownDescription": "The operation to be performed on the provided Salesforce source fields.", - "title": "Salesforce", - "type": "string" - }, - "ServiceNow": { - "markdownDescription": "The operation to be performed on the provided ServiceNow source fields.", - "title": "ServiceNow", - "type": "string" - }, - "Zendesk": { - "markdownDescription": "The operation to be performed on the provided Zendesk source fields.", - "title": "Zendesk", - "type": "string" + "RecoveryMechanisms": { + "items": { + "$ref": "#/definitions/AWS::Cognito::UserPool.RecoveryOption" + }, + "markdownDescription": "The list of options and priorities for user message delivery in forgot-password operations. Sets or displays user pool preferences for email or SMS message priority, whether users should fall back to a second delivery method, and whether passwords should only be reset by administrators.", + "title": "RecoveryMechanisms", + "type": "array" } }, "type": "object" }, - "AWS::CustomerProfiles::Integration.FlowDefinition": { + "AWS::Cognito::UserPool.AdminCreateUserConfig": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the flow you want to create.", - "title": "Description", - "type": "string" - }, - "FlowName": { - "markdownDescription": "The specified name of the flow. Use underscores (_) or hyphens (-) only. Spaces are not allowed.", - "title": "FlowName", - "type": "string" - }, - "KmsArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) key you provide for encryption.", - "title": "KmsArn", - "type": "string" - }, - "SourceFlowConfig": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.SourceFlowConfig", - "markdownDescription": "The configuration that controls how Customer Profiles retrieves data from the source.", - "title": "SourceFlowConfig" + "AllowAdminCreateUserOnly": { + "markdownDescription": "The setting for allowing self-service sign-up. When `true` , only administrators can create new user profiles. When `false` , users can register themselves and create a new user profile with the `SignUp` operation.", + "title": "AllowAdminCreateUserOnly", + "type": "boolean" }, - "Tasks": { - "items": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.Task" - }, - "markdownDescription": "A list of tasks that Customer Profiles performs while transferring the data in the flow run.", - "title": "Tasks", - "type": "array" + "InviteMessageTemplate": { + "$ref": "#/definitions/AWS::Cognito::UserPool.InviteMessageTemplate", + "markdownDescription": "The template for the welcome message to new users. This template must include the `{####}` temporary password placeholder if you are creating users with passwords. If your users don't have passwords, you can omit the placeholder.\n\nSee also [Customizing User Invitation Messages](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-message-customizations.html#cognito-user-pool-settings-user-invitation-message-customization) .", + "title": "InviteMessageTemplate" }, - "TriggerConfig": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.TriggerConfig", - "markdownDescription": "The trigger settings that determine how and when the flow runs.", - "title": "TriggerConfig" + "UnusedAccountValidityDays": { + "markdownDescription": "This parameter is no longer in use.\n\nThe password expiration limit in days for administrator-created users. When this time expires, the user can't sign in with their temporary password. To reset the account after that time limit, you must call `AdminCreateUser` again, specifying `RESEND` for the `MessageAction` parameter.\n\nThe default value for this parameter is 7.", + "title": "UnusedAccountValidityDays", + "type": "number" } }, - "required": [ - "FlowName", - "KmsArn", - "SourceFlowConfig", - "Tasks", - "TriggerConfig" - ], "type": "object" }, - "AWS::CustomerProfiles::Integration.IncrementalPullConfig": { + "AWS::Cognito::UserPool.AdvancedSecurityAdditionalFlows": { "additionalProperties": false, "properties": { - "DatetimeTypeFieldName": { - "markdownDescription": "A field that specifies the date time or timestamp field as the criteria to use when importing incremental records from the source.", - "title": "DatetimeTypeFieldName", + "CustomAuthMode": { + "markdownDescription": "The operating mode of threat protection in custom authentication with [Custom authentication challenge Lambda triggers](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-challenge.html) .", + "title": "CustomAuthMode", "type": "string" } }, "type": "object" }, - "AWS::CustomerProfiles::Integration.MarketoSourceProperties": { + "AWS::Cognito::UserPool.CustomEmailSender": { "additionalProperties": false, "properties": { - "Object": { - "markdownDescription": "The object specified in the Marketo flow source.", - "title": "Object", + "LambdaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the function that you want to assign to your Lambda trigger.", + "title": "LambdaArn", + "type": "string" + }, + "LambdaVersion": { + "markdownDescription": "The user pool trigger version of the request that Amazon Cognito sends to your Lambda function. Higher-numbered versions add fields that support new features.\n\nYou must use a `LambdaVersion` of `V1_0` with a custom sender function.", + "title": "LambdaVersion", "type": "string" } }, - "required": [ - "Object" - ], "type": "object" }, - "AWS::CustomerProfiles::Integration.ObjectTypeMapping": { + "AWS::Cognito::UserPool.CustomSMSSender": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The key.", - "title": "Key", + "LambdaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the function that you want to assign to your Lambda trigger.", + "title": "LambdaArn", "type": "string" }, - "Value": { - "markdownDescription": "The value.", - "title": "Value", + "LambdaVersion": { + "markdownDescription": "The user pool trigger version of the request that Amazon Cognito sends to your Lambda function. Higher-numbered versions add fields that support new features.\n\nYou must use a `LambdaVersion` of `V1_0` with a custom sender function.", + "title": "LambdaVersion", "type": "string" } }, - "required": [ - "Key", - "Value" - ], "type": "object" }, - "AWS::CustomerProfiles::Integration.S3SourceProperties": { + "AWS::Cognito::UserPool.DeviceConfiguration": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "The Amazon S3 bucket name where the source files are stored.", - "title": "BucketName", + "ChallengeRequiredOnNewDevice": { + "markdownDescription": "When true, a remembered device can sign in with device authentication instead of SMS and time-based one-time password (TOTP) factors for multi-factor authentication (MFA).\n\n> Whether or not `ChallengeRequiredOnNewDevice` is true, users who sign in with devices that have not been confirmed or remembered must still provide a second factor in a user pool that requires MFA.", + "title": "ChallengeRequiredOnNewDevice", + "type": "boolean" + }, + "DeviceOnlyRememberedOnUserPrompt": { + "markdownDescription": "When true, Amazon Cognito doesn't automatically remember a user's device when your app sends a `ConfirmDevice` API request. In your app, create a prompt for your user to choose whether they want to remember their device. Return the user's choice in an `UpdateDeviceStatus` API request.\n\nWhen `DeviceOnlyRememberedOnUserPrompt` is `false` , Amazon Cognito immediately remembers devices that you register in a `ConfirmDevice` API request.", + "title": "DeviceOnlyRememberedOnUserPrompt", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::Cognito::UserPool.EmailConfiguration": { + "additionalProperties": false, + "properties": { + "ConfigurationSet": { + "markdownDescription": "The set of configuration rules that can be applied to emails sent using Amazon Simple Email Service. A configuration set is applied to an email by including a reference to the configuration set in the headers of the email. Once applied, all of the rules in that configuration set are applied to the email. Configuration sets can be used to apply the following types of rules to emails:\n\n- **Event publishing** - Amazon Simple Email Service can track the number of send, delivery, open, click, bounce, and complaint events for each email sent. Use event publishing to send information about these events to other AWS services such as and Amazon CloudWatch\n- **IP pool management** - When leasing dedicated IP addresses with Amazon Simple Email Service, you can create groups of IP addresses, called dedicated IP pools. You can then associate the dedicated IP pools with configuration sets.", + "title": "ConfigurationSet", "type": "string" }, - "BucketPrefix": { - "markdownDescription": "The object key for the Amazon S3 bucket in which the source files are stored.", - "title": "BucketPrefix", + "EmailSendingAccount": { + "markdownDescription": "Specifies whether Amazon Cognito uses its built-in functionality to send your users email messages, or uses your Amazon Simple Email Service email configuration. Specify one of the following values:\n\n- **COGNITO_DEFAULT** - When Amazon Cognito emails your users, it uses its built-in email functionality. When you use the default option, Amazon Cognito allows only a limited number of emails each day for your user pool. For typical production environments, the default email limit is less than the required delivery volume. To achieve a higher delivery volume, specify DEVELOPER to use your Amazon SES email configuration.\n\nTo look up the email delivery limit for the default option, see [Limits](https://docs.aws.amazon.com/cognito/latest/developerguide/limits.html) in the *Amazon Cognito Developer Guide* .\n\nThe default FROM address is `no-reply@verificationemail.com` . To customize the FROM address, provide the Amazon Resource Name (ARN) of an Amazon SES verified email address for the `SourceArn` parameter.\n- **DEVELOPER** - When Amazon Cognito emails your users, it uses your Amazon SES configuration. Amazon Cognito calls Amazon SES on your behalf to send email from your verified email address. When you use this option, the email delivery limits are the same limits that apply to your Amazon SES verified email address in your AWS account .\n\nIf you use this option, provide the ARN of an Amazon SES verified email address for the `SourceArn` parameter.\n\nBefore Amazon Cognito can email your users, it requires additional permissions to call Amazon SES on your behalf. When you update your user pool with this option, Amazon Cognito creates a *service-linked role* , which is a type of role in your AWS account . This role contains the permissions that allow you to access Amazon SES and send email messages from your email address. For more information about the service-linked role that Amazon Cognito creates, see [Using Service-Linked Roles for Amazon Cognito](https://docs.aws.amazon.com/cognito/latest/developerguide/using-service-linked-roles.html) in the *Amazon Cognito Developer Guide* .", + "title": "EmailSendingAccount", + "type": "string" + }, + "From": { + "markdownDescription": "Either the sender\u2019s email address or the sender\u2019s name with their email address. For example, `testuser@example.com` or `Test User ` . This address appears before the body of the email.", + "title": "From", + "type": "string" + }, + "ReplyToEmailAddress": { + "markdownDescription": "The destination to which the receiver of the email should reply.", + "title": "ReplyToEmailAddress", + "type": "string" + }, + "SourceArn": { + "markdownDescription": "The ARN of a verified email address or an address from a verified domain in Amazon SES. You can set a `SourceArn` email from a verified domain only with an API request. You can set a verified email address, but not an address in a verified domain, in the Amazon Cognito console. Amazon Cognito uses the email address that you provide in one of the following ways, depending on the value that you specify for the `EmailSendingAccount` parameter:\n\n- If you specify `COGNITO_DEFAULT` , Amazon Cognito uses this address as the custom FROM address when it emails your users using its built-in email account.\n- If you specify `DEVELOPER` , Amazon Cognito emails your users with this address by calling Amazon SES on your behalf.\n\nThe Region value of the `SourceArn` parameter must indicate a supported AWS Region of your user pool. Typically, the Region in the `SourceArn` and the user pool Region are the same. For more information, see [Amazon SES email configuration regions](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-email.html#user-pool-email-developer-region-mapping) in the [Amazon Cognito Developer Guide](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools.html) .", + "title": "SourceArn", "type": "string" } }, - "required": [ - "BucketName" - ], "type": "object" }, - "AWS::CustomerProfiles::Integration.SalesforceSourceProperties": { + "AWS::Cognito::UserPool.InviteMessageTemplate": { "additionalProperties": false, "properties": { - "EnableDynamicFieldUpdate": { - "markdownDescription": "The flag that enables dynamic fetching of new (recently added) fields in the Salesforce objects while running a flow.", - "title": "EnableDynamicFieldUpdate", - "type": "boolean" + "EmailMessage": { + "markdownDescription": "The message template for email messages. EmailMessage is allowed only if [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is DEVELOPER.", + "title": "EmailMessage", + "type": "string" }, - "IncludeDeletedRecords": { - "markdownDescription": "Indicates whether Amazon AppFlow includes deleted files in the flow run.", - "title": "IncludeDeletedRecords", - "type": "boolean" + "EmailSubject": { + "markdownDescription": "The subject line for email messages. EmailSubject is allowed only if [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is DEVELOPER.", + "title": "EmailSubject", + "type": "string" }, - "Object": { - "markdownDescription": "The object specified in the Salesforce flow source.", - "title": "Object", + "SMSMessage": { + "markdownDescription": "The message template for SMS messages.", + "title": "SMSMessage", "type": "string" } }, - "required": [ - "Object" - ], "type": "object" }, - "AWS::CustomerProfiles::Integration.ScheduledTriggerProperties": { + "AWS::Cognito::UserPool.LambdaConfig": { "additionalProperties": false, "properties": { - "DataPullMode": { - "markdownDescription": "Specifies whether a scheduled flow has an incremental data transfer or a complete data transfer for each flow run.", - "title": "DataPullMode", + "CreateAuthChallenge": { + "markdownDescription": "The configuration of a create auth challenge Lambda trigger, one of three triggers in the sequence of the [custom authentication challenge triggers](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-challenge.html) .", + "title": "CreateAuthChallenge", "type": "string" }, - "FirstExecutionFrom": { - "markdownDescription": "Specifies the date range for the records to import from the connector in the first flow run.", - "title": "FirstExecutionFrom", - "type": "number" + "CustomEmailSender": { + "$ref": "#/definitions/AWS::Cognito::UserPool.CustomEmailSender", + "markdownDescription": "The configuration of a custom email sender Lambda trigger. This trigger routes all email notifications from a user pool to a Lambda function that delivers the message using custom logic.", + "title": "CustomEmailSender" }, - "ScheduleEndTime": { - "markdownDescription": "Specifies the scheduled end time for a scheduled-trigger flow.", - "title": "ScheduleEndTime", - "type": "number" + "CustomMessage": { + "markdownDescription": "A custom message Lambda trigger. This trigger is an opportunity to customize all SMS and email messages from your user pool. When a custom message trigger is active, your user pool routes all messages to a Lambda function that returns a runtime-customized message subject and body for your user pool to deliver to a user.", + "title": "CustomMessage", + "type": "string" }, - "ScheduleExpression": { - "markdownDescription": "The scheduling expression that determines the rate at which the schedule will run, for example rate (5 minutes).", - "title": "ScheduleExpression", + "CustomSMSSender": { + "$ref": "#/definitions/AWS::Cognito::UserPool.CustomSMSSender", + "markdownDescription": "The configuration of a custom SMS sender Lambda trigger. This trigger routes all SMS notifications from a user pool to a Lambda function that delivers the message using custom logic.", + "title": "CustomSMSSender" + }, + "DefineAuthChallenge": { + "markdownDescription": "The configuration of a define auth challenge Lambda trigger, one of three triggers in the sequence of the [custom authentication challenge triggers](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-challenge.html) .", + "title": "DefineAuthChallenge", "type": "string" }, - "ScheduleOffset": { - "markdownDescription": "Specifies the optional offset that is added to the time interval for a schedule-triggered flow.", - "title": "ScheduleOffset", - "type": "number" + "KMSKeyID": { + "markdownDescription": "The ARN of an [KMS key](https://docs.aws.amazon.com//kms/latest/developerguide/concepts.html#master_keys) . Amazon Cognito uses the key to encrypt codes and temporary passwords sent to custom sender Lambda triggers.", + "title": "KMSKeyID", + "type": "string" }, - "ScheduleStartTime": { - "markdownDescription": "Specifies the scheduled start time for a scheduled-trigger flow. The value must be a date/time value in EPOCH format.", - "title": "ScheduleStartTime", - "type": "number" + "PostAuthentication": { + "markdownDescription": "The configuration of a [post authentication Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-post-authentication.html) in a user pool. This trigger can take custom actions after a user signs in.", + "title": "PostAuthentication", + "type": "string" }, - "Timezone": { - "markdownDescription": "Specifies the time zone used when referring to the date and time of a scheduled-triggered flow, such as America/New_York.", - "title": "Timezone", + "PostConfirmation": { + "markdownDescription": "The configuration of a [post confirmation Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-post-confirmation.html) in a user pool. This trigger can take custom actions after a user confirms their user account and their email address or phone number.", + "title": "PostConfirmation", + "type": "string" + }, + "PreAuthentication": { + "markdownDescription": "The configuration of a [pre authentication trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-authentication.html) in a user pool. This trigger can evaluate and modify user sign-in events.", + "title": "PreAuthentication", + "type": "string" + }, + "PreSignUp": { + "markdownDescription": "The configuration of a [pre sign-up Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-sign-up.html) in a user pool. This trigger evaluates new users and can bypass confirmation, [link a federated user profile](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-identity-federation-consolidate-users.html) , or block sign-up requests.", + "title": "PreSignUp", + "type": "string" + }, + "PreTokenGeneration": { + "markdownDescription": "The legacy configuration of a [pre token generation Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-token-generation.html) in a user pool.\n\nSet this parameter for legacy purposes. If you also set an ARN in `PreTokenGenerationConfig` , its value must be identical to `PreTokenGeneration` . For new instances of pre token generation triggers, set the `LambdaArn` of `PreTokenGenerationConfig` .", + "title": "PreTokenGeneration", + "type": "string" + }, + "PreTokenGenerationConfig": { + "$ref": "#/definitions/AWS::Cognito::UserPool.PreTokenGenerationConfig", + "markdownDescription": "The detailed configuration of a [pre token generation Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-token-generation.html) in a user pool. If you also set an ARN in `PreTokenGeneration` , its value must be identical to `PreTokenGenerationConfig` .", + "title": "PreTokenGenerationConfig" + }, + "UserMigration": { + "markdownDescription": "The configuration of a [migrate user Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-migrate-user.html) in a user pool. This trigger can create user profiles when users sign in or attempt to reset their password with credentials that don't exist yet.", + "title": "UserMigration", + "type": "string" + }, + "VerifyAuthChallengeResponse": { + "markdownDescription": "The configuration of a verify auth challenge Lambda trigger, one of three triggers in the sequence of the [custom authentication challenge triggers](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-challenge.html) .", + "title": "VerifyAuthChallengeResponse", "type": "string" } }, - "required": [ - "ScheduleExpression" - ], "type": "object" }, - "AWS::CustomerProfiles::Integration.ServiceNowSourceProperties": { + "AWS::Cognito::UserPool.NumberAttributeConstraints": { "additionalProperties": false, "properties": { - "Object": { - "markdownDescription": "The object specified in the ServiceNow flow source.", - "title": "Object", + "MaxValue": { + "markdownDescription": "The maximum length of a number attribute value. Must be a number less than or equal to `2^1023` , represented as a string with a length of 131072 characters or fewer.", + "title": "MaxValue", + "type": "string" + }, + "MinValue": { + "markdownDescription": "The minimum value of an attribute that is of the number data type.", + "title": "MinValue", "type": "string" } }, - "required": [ - "Object" - ], "type": "object" }, - "AWS::CustomerProfiles::Integration.SourceConnectorProperties": { + "AWS::Cognito::UserPool.PasswordPolicy": { "additionalProperties": false, "properties": { - "Marketo": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.MarketoSourceProperties", - "markdownDescription": "The properties that are applied when Marketo is being used as a source.", - "title": "Marketo" + "MinimumLength": { + "markdownDescription": "The minimum length of the password in the policy that you have set. This value can't be less than 6.", + "title": "MinimumLength", + "type": "number" }, - "S3": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.S3SourceProperties", - "markdownDescription": "The properties that are applied when Amazon S3 is being used as the flow source.", - "title": "S3" + "PasswordHistorySize": { + "markdownDescription": "The number of previous passwords that you want Amazon Cognito to restrict each user from reusing. Users can't set a password that matches any of `n` previous passwords, where `n` is the value of `PasswordHistorySize` .", + "title": "PasswordHistorySize", + "type": "number" }, - "Salesforce": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.SalesforceSourceProperties", - "markdownDescription": "The properties that are applied when Salesforce is being used as a source.", - "title": "Salesforce" + "RequireLowercase": { + "markdownDescription": "The requirement in a password policy that users must include at least one lowercase letter in their password.", + "title": "RequireLowercase", + "type": "boolean" }, - "ServiceNow": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.ServiceNowSourceProperties", - "markdownDescription": "The properties that are applied when ServiceNow is being used as a source.", - "title": "ServiceNow" + "RequireNumbers": { + "markdownDescription": "The requirement in a password policy that users must include at least one number in their password.", + "title": "RequireNumbers", + "type": "boolean" }, - "Zendesk": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.ZendeskSourceProperties", - "markdownDescription": "The properties that are applied when using Zendesk as a flow source.", - "title": "Zendesk" + "RequireSymbols": { + "markdownDescription": "The requirement in a password policy that users must include at least one symbol in their password.", + "title": "RequireSymbols", + "type": "boolean" + }, + "RequireUppercase": { + "markdownDescription": "The requirement in a password policy that users must include at least one uppercase letter in their password.", + "title": "RequireUppercase", + "type": "boolean" + }, + "TemporaryPasswordValidityDays": { + "markdownDescription": "The number of days a temporary password is valid in the password policy. If the user doesn't sign in during this time, an administrator must reset their password. Defaults to `7` . If you submit a value of `0` , Amazon Cognito treats it as a null value and sets `TemporaryPasswordValidityDays` to its default value.\n\n> When you set `TemporaryPasswordValidityDays` for a user pool, you can no longer set a value for the legacy `UnusedAccountValidityDays` parameter in that user pool.", + "title": "TemporaryPasswordValidityDays", + "type": "number" } }, "type": "object" }, - "AWS::CustomerProfiles::Integration.SourceFlowConfig": { + "AWS::Cognito::UserPool.Policies": { "additionalProperties": false, "properties": { - "ConnectorProfileName": { - "markdownDescription": "The name of the Amazon AppFlow connector profile. This name must be unique for each connector profile in the AWS account .", - "title": "ConnectorProfileName", - "type": "string" + "PasswordPolicy": { + "$ref": "#/definitions/AWS::Cognito::UserPool.PasswordPolicy", + "markdownDescription": "The password policy settings for a user pool, including complexity, history, and length requirements.", + "title": "PasswordPolicy" }, - "ConnectorType": { - "markdownDescription": "The type of connector, such as Salesforce, Marketo, and so on.", - "title": "ConnectorType", + "SignInPolicy": { + "$ref": "#/definitions/AWS::Cognito::UserPool.SignInPolicy", + "markdownDescription": "The policy for allowed types of authentication in a user pool. To activate this setting, your user pool must be in the [Essentials tier](https://docs.aws.amazon.com/cognito/latest/developerguide/feature-plans-features-essentials.html) or higher.", + "title": "SignInPolicy" + } + }, + "type": "object" + }, + "AWS::Cognito::UserPool.PreTokenGenerationConfig": { + "additionalProperties": false, + "properties": { + "LambdaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the function that you want to assign to your Lambda trigger.\n\nThis parameter and the `PreTokenGeneration` property of `LambdaConfig` have the same value. For new instances of pre token generation triggers, set `LambdaArn` .", + "title": "LambdaArn", "type": "string" }, - "IncrementalPullConfig": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.IncrementalPullConfig", - "markdownDescription": "Defines the configuration for a scheduled incremental data pull. If a valid configuration is provided, the fields specified in the configuration are used when querying for the incremental data pull.", - "title": "IncrementalPullConfig" + "LambdaVersion": { + "markdownDescription": "The user pool trigger version of the request that Amazon Cognito sends to your Lambda function. Higher-numbered versions add fields that support new features.", + "title": "LambdaVersion", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Cognito::UserPool.RecoveryOption": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The recovery method that this object sets a recovery option for.", + "title": "Name", + "type": "string" }, - "SourceConnectorProperties": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.SourceConnectorProperties", - "markdownDescription": "Specifies the information that is required to query a particular source connector.", - "title": "SourceConnectorProperties" + "Priority": { + "markdownDescription": "Your priority preference for using the specified attribute in account recovery. The highest priority is `1` .", + "title": "Priority", + "type": "number" } }, - "required": [ - "ConnectorType", - "SourceConnectorProperties" - ], "type": "object" }, - "AWS::CustomerProfiles::Integration.Task": { + "AWS::Cognito::UserPool.SchemaAttribute": { "additionalProperties": false, "properties": { - "ConnectorOperator": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.ConnectorOperator", - "markdownDescription": "The operation to be performed on the provided source fields.", - "title": "ConnectorOperator" + "AttributeDataType": { + "markdownDescription": "The data format of the values for your attribute. When you choose an `AttributeDataType` , Amazon Cognito validates the input against the data type. A custom attribute value in your user's ID token is always a string, for example `\"custom:isMember\" : \"true\"` or `\"custom:YearsAsMember\" : \"12\"` .", + "title": "AttributeDataType", + "type": "string" }, - "DestinationField": { - "markdownDescription": "A field in a destination connector, or a field value against which Amazon AppFlow validates a source field.", - "title": "DestinationField", + "DeveloperOnlyAttribute": { + "markdownDescription": "> You should use [WriteAttributes](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UserPoolClientType.html#CognitoUserPools-Type-UserPoolClientType-WriteAttributes) in the user pool client to control how attributes can be mutated for new use cases instead of using `DeveloperOnlyAttribute` . \n\nSpecifies whether the attribute type is developer only. This attribute can only be modified by an administrator. Users won't be able to modify this attribute using their access token. For example, `DeveloperOnlyAttribute` can be modified using AdminUpdateUserAttributes but can't be updated using UpdateUserAttributes.", + "title": "DeveloperOnlyAttribute", + "type": "boolean" + }, + "Mutable": { + "markdownDescription": "Specifies whether the value of the attribute can be changed.\n\nAny user pool attribute whose value you map from an IdP attribute must be mutable, with a parameter value of `true` . Amazon Cognito updates mapped attributes when users sign in to your application through an IdP. If an attribute is immutable, Amazon Cognito throws an error when it attempts to update the attribute. For more information, see [Specifying Identity Provider Attribute Mappings for Your User Pool](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-specifying-attribute-mapping.html) .", + "title": "Mutable", + "type": "boolean" + }, + "Name": { + "markdownDescription": "The name of your user pool attribute. When you create or update a user pool, adding a schema attribute creates a custom or developer-only attribute. When you add an attribute with a `Name` value of `MyAttribute` , Amazon Cognito creates the custom attribute `custom:MyAttribute` . When `DeveloperOnlyAttribute` is `true` , Amazon Cognito creates your attribute as `dev:MyAttribute` . In an operation that describes a user pool, Amazon Cognito returns this value as `value` for standard attributes, `custom:value` for custom attributes, and `dev:value` for developer-only attributes..", + "title": "Name", "type": "string" }, - "SourceFields": { + "NumberAttributeConstraints": { + "$ref": "#/definitions/AWS::Cognito::UserPool.NumberAttributeConstraints", + "markdownDescription": "Specifies the constraints for an attribute of the number type.", + "title": "NumberAttributeConstraints" + }, + "Required": { + "markdownDescription": "Specifies whether a user pool attribute is required. If the attribute is required and the user doesn't provide a value, registration or sign-in will fail.", + "title": "Required", + "type": "boolean" + }, + "StringAttributeConstraints": { + "$ref": "#/definitions/AWS::Cognito::UserPool.StringAttributeConstraints", + "markdownDescription": "Specifies the constraints for an attribute of the string type.", + "title": "StringAttributeConstraints" + } + }, + "type": "object" + }, + "AWS::Cognito::UserPool.SignInPolicy": { + "additionalProperties": false, + "properties": { + "AllowedFirstAuthFactors": { "items": { "type": "string" }, - "markdownDescription": "The source fields to which a particular task is applied.", - "title": "SourceFields", + "markdownDescription": "The sign-in methods that a user pool supports as the first factor. You can permit users to start authentication with a standard username and password, or with other one-time password and hardware factors.\n\nSupports values of `EMAIL_OTP` , `SMS_OTP` , `WEB_AUTHN` and `PASSWORD` ,", + "title": "AllowedFirstAuthFactors", "type": "array" + } + }, + "type": "object" + }, + "AWS::Cognito::UserPool.SmsConfiguration": { + "additionalProperties": false, + "properties": { + "ExternalId": { + "markdownDescription": "The external ID provides additional security for your IAM role. You can use an `ExternalId` with the IAM role that you use with Amazon SNS to send SMS messages for your user pool. If you provide an `ExternalId` , your Amazon Cognito user pool includes it in the request to assume your IAM role. You can configure the role trust policy to require that Amazon Cognito, and any principal, provide the `ExternalID` . If you use the Amazon Cognito Management Console to create a role for SMS multi-factor authentication (MFA), Amazon Cognito creates a role with the required permissions and a trust policy that demonstrates use of the `ExternalId` .\n\nFor more information about the `ExternalId` of a role, see [How to use an external ID when granting access to your AWS resources to a third party](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user_externalid.html) .", + "title": "ExternalId", + "type": "string" }, - "TaskProperties": { - "items": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.TaskPropertiesMap" - }, - "markdownDescription": "A map used to store task-related information. The service looks for particular information based on the TaskType.", - "title": "TaskProperties", - "type": "array" + "SnsCallerArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS caller. This is the ARN of the IAM role in your AWS account that Amazon Cognito will use to send SMS messages. SMS messages are subject to a [spending limit](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html) .", + "title": "SnsCallerArn", + "type": "string" }, - "TaskType": { - "markdownDescription": "Specifies the particular task implementation that Amazon AppFlow performs.", - "title": "TaskType", + "SnsRegion": { + "markdownDescription": "The AWS Region to use with Amazon SNS integration. You can choose the same Region as your user pool, or a supported *Legacy Amazon SNS alternate Region* .\n\nAmazon Cognito resources in the Asia Pacific (Seoul) AWS Region must use your Amazon SNS configuration in the Asia Pacific (Tokyo) Region. For more information, see [SMS message settings for Amazon Cognito user pools](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html) .", + "title": "SnsRegion", "type": "string" } }, - "required": [ - "SourceFields", - "TaskType" - ], "type": "object" }, - "AWS::CustomerProfiles::Integration.TaskPropertiesMap": { + "AWS::Cognito::UserPool.StringAttributeConstraints": { "additionalProperties": false, "properties": { - "OperatorPropertyKey": { - "markdownDescription": "The task property key.", - "title": "OperatorPropertyKey", + "MaxLength": { + "markdownDescription": "The maximum length of a string attribute value. Must be a number less than or equal to `2^1023` , represented as a string with a length of 131072 characters or fewer.", + "title": "MaxLength", "type": "string" }, - "Property": { - "markdownDescription": "The task property value.", - "title": "Property", + "MinLength": { + "markdownDescription": "The minimum length of a string attribute value.", + "title": "MinLength", "type": "string" } }, + "type": "object" + }, + "AWS::Cognito::UserPool.UserAttributeUpdateSettings": { + "additionalProperties": false, + "properties": { + "AttributesRequireVerificationBeforeUpdate": { + "items": { + "type": "string" + }, + "markdownDescription": "Requires that your user verifies their email address, phone number, or both before Amazon Cognito updates the value of that attribute. When you update a user attribute that has this option activated, Amazon Cognito sends a verification message to the new phone number or email address. Amazon Cognito doesn\u2019t change the value of the attribute until your user responds to the verification message and confirms the new value.\n\nWhen `AttributesRequireVerificationBeforeUpdate` is false, your user pool doesn't require that your users verify attribute changes before Amazon Cognito updates them. In a user pool where `AttributesRequireVerificationBeforeUpdate` is false, API operations that change attribute values can immediately update a user\u2019s `email` or `phone_number` attribute.", + "title": "AttributesRequireVerificationBeforeUpdate", + "type": "array" + } + }, "required": [ - "OperatorPropertyKey", - "Property" + "AttributesRequireVerificationBeforeUpdate" ], "type": "object" }, - "AWS::CustomerProfiles::Integration.TriggerConfig": { + "AWS::Cognito::UserPool.UserPoolAddOns": { "additionalProperties": false, "properties": { - "TriggerProperties": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.TriggerProperties", - "markdownDescription": "Specifies the configuration details of a schedule-triggered flow that you define. Currently, these settings only apply to the Scheduled trigger type.", - "title": "TriggerProperties" + "AdvancedSecurityAdditionalFlows": { + "$ref": "#/definitions/AWS::Cognito::UserPool.AdvancedSecurityAdditionalFlows", + "markdownDescription": "Threat protection configuration options for additional authentication types in your user pool, including custom authentication.", + "title": "AdvancedSecurityAdditionalFlows" }, - "TriggerType": { - "markdownDescription": "Specifies the type of flow trigger. It can be OnDemand, Scheduled, or Event.", - "title": "TriggerType", + "AdvancedSecurityMode": { + "markdownDescription": "The operating mode of threat protection for standard authentication types in your user pool, including username-password and secure remote password (SRP) authentication.", + "title": "AdvancedSecurityMode", "type": "string" } }, - "required": [ - "TriggerType" - ], "type": "object" }, - "AWS::CustomerProfiles::Integration.TriggerProperties": { + "AWS::Cognito::UserPool.UsernameConfiguration": { "additionalProperties": false, "properties": { - "Scheduled": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.ScheduledTriggerProperties", - "markdownDescription": "Specifies the configuration details of a schedule-triggered flow that you define.", - "title": "Scheduled" + "CaseSensitive": { + "markdownDescription": "Specifies whether user name case sensitivity will be applied for all users in the user pool through Amazon Cognito APIs. For most use cases, set case sensitivity to `False` (case insensitive) as a best practice. When usernames and email addresses are case insensitive, users can sign in as the same user when they enter a different capitalization of their user name.\n\nValid values include:\n\n- **true** - Enables case sensitivity for all username input. When this option is set to `true` , users must sign in using the exact capitalization of their given username, such as \u201cUserName\u201d. This is the default value.\n- **false** - Enables case insensitivity for all username input. For example, when this option is set to `false` , users can sign in using `username` , `USERNAME` , or `UserName` . This option also enables both `preferred_username` and `email` alias to be case insensitive, in addition to the `username` attribute.", + "title": "CaseSensitive", + "type": "boolean" } }, "type": "object" }, - "AWS::CustomerProfiles::Integration.ZendeskSourceProperties": { + "AWS::Cognito::UserPool.VerificationMessageTemplate": { "additionalProperties": false, "properties": { - "Object": { - "markdownDescription": "The object specified in the Zendesk flow source.", - "title": "Object", + "DefaultEmailOption": { + "markdownDescription": "The configuration of verification emails to contain a clickable link or a verification code.\n\nFor link, your template body must contain link text in the format `{##Click here##}` . \"Click here\" in the example is a customizable string. For code, your template body must contain a code placeholder in the format `{####}` .", + "title": "DefaultEmailOption", + "type": "string" + }, + "EmailMessage": { + "markdownDescription": "The template for email messages that Amazon Cognito sends to your users. You can set an `EmailMessage` template only if the value of [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` . When your [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` , your user pool sends email messages with your own Amazon SES configuration.", + "title": "EmailMessage", + "type": "string" + }, + "EmailMessageByLink": { + "markdownDescription": "The email message template for sending a confirmation link to the user. You can set an `EmailMessageByLink` template only if the value of [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` . When your [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` , your user pool sends email messages with your own Amazon SES configuration.", + "title": "EmailMessageByLink", + "type": "string" + }, + "EmailSubject": { + "markdownDescription": "The subject line for the email message template. You can set an `EmailSubject` template only if the value of [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` . When your [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` , your user pool sends email messages with your own Amazon SES configuration.", + "title": "EmailSubject", + "type": "string" + }, + "EmailSubjectByLink": { + "markdownDescription": "The subject line for the email message template for sending a confirmation link to the user. You can set an `EmailSubjectByLink` template only if the value of [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` . When your [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` , your user pool sends email messages with your own Amazon SES configuration.", + "title": "EmailSubjectByLink", + "type": "string" + }, + "SmsMessage": { + "markdownDescription": "The template for SMS messages that Amazon Cognito sends to your users.", + "title": "SmsMessage", "type": "string" } }, - "required": [ - "Object" - ], "type": "object" }, - "AWS::CustomerProfiles::ObjectType": { + "AWS::Cognito::UserPoolClient": { "additionalProperties": false, "properties": { "Condition": { @@ -54862,81 +60809,154 @@ "Properties": { "additionalProperties": false, "properties": { - "AllowProfileCreation": { - "markdownDescription": "Indicates whether a profile should be created when data is received if one doesn\u2019t exist for an object of this type. The default is `FALSE` . If the AllowProfileCreation flag is set to `FALSE` , then the service tries to fetch a standard profile and associate this object with the profile. If it is set to `TRUE` , and if no match is found, then the service creates a new standard profile.", - "title": "AllowProfileCreation", + "AccessTokenValidity": { + "markdownDescription": "The access token time limit. After this limit expires, your user can't use their access token. To specify the time unit for `AccessTokenValidity` as `seconds` , `minutes` , `hours` , or `days` , set a `TokenValidityUnits` value in your API request.\n\nFor example, when you set `AccessTokenValidity` to `10` and `TokenValidityUnits` to `hours` , your user can authorize access with\ntheir access token for 10 hours.\n\nThe default time unit for `AccessTokenValidity` in an API request is hours. *Valid range* is displayed below in seconds.\n\nIf you don't specify otherwise in the configuration of your app client, your access\ntokens are valid for one hour.", + "title": "AccessTokenValidity", + "type": "number" + }, + "AllowedOAuthFlows": { + "items": { + "type": "string" + }, + "markdownDescription": "The OAuth grant types that you want your app client to generate for clients in managed login authentication. To create an app client that generates client credentials grants, you must add `client_credentials` as the only allowed OAuth flow.\n\n- **code** - Use a code grant flow, which provides an authorization code as the response. This code can be exchanged for access tokens with the `/oauth2/token` endpoint.\n- **implicit** - Issue the access token, and the ID token when scopes like `openid` and `profile` are requested, directly to your user.\n- **client_credentials** - Issue the access token from the `/oauth2/token` endpoint directly to a non-person user, authorized by a combination of the client ID and client secret.", + "title": "AllowedOAuthFlows", + "type": "array" + }, + "AllowedOAuthFlowsUserPoolClient": { + "markdownDescription": "Set to `true` to use OAuth 2.0 authorization server features in your app client.\n\nThis parameter must have a value of `true` before you can configure the following features in your app client.\n\n- `CallBackURLs` : Callback URLs.\n- `LogoutURLs` : Sign-out redirect URLs.\n- `AllowedOAuthScopes` : OAuth 2.0 scopes.\n- `AllowedOAuthFlows` : Support for authorization code, implicit, and client credentials OAuth 2.0 grants.\n\nTo use authorization server features, configure one of these features in the Amazon Cognito console or set `AllowedOAuthFlowsUserPoolClient` to `true` in a `CreateUserPoolClient` or `UpdateUserPoolClient` API request. If you don't set a value for `AllowedOAuthFlowsUserPoolClient` in a request with the AWS CLI or SDKs, it defaults to `false` . When `false` , only SDK-based API sign-in is permitted.", + "title": "AllowedOAuthFlowsUserPoolClient", "type": "boolean" }, - "Description": { - "markdownDescription": "The description of the profile object type mapping.", - "title": "Description", - "type": "string" + "AllowedOAuthScopes": { + "items": { + "type": "string" + }, + "markdownDescription": "The OAuth, OpenID Connect (OIDC), and custom scopes that you want to permit your app client to authorize access with. Scopes govern access control to user pool self-service API operations, user data from the `userInfo` endpoint, and third-party APIs. Scope values include `phone` , `email` , `openid` , and `profile` . The `aws.cognito.signin.user.admin` scope authorizes user self-service operations. Custom scopes with resource servers authorize access to external APIs.", + "title": "AllowedOAuthScopes", + "type": "array" }, - "DomainName": { - "markdownDescription": "The unique name of the domain.", - "title": "DomainName", + "AnalyticsConfiguration": { + "$ref": "#/definitions/AWS::Cognito::UserPoolClient.AnalyticsConfiguration", + "markdownDescription": "The user pool analytics configuration for collecting metrics and sending them to your Amazon Pinpoint campaign.\n\nIn AWS Regions where Amazon Pinpoint isn't available, user pools might not have access to analytics or might be configurable with campaigns in the US East (N. Virginia) Region. For more information, see [Using Amazon Pinpoint analytics](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-pinpoint-integration.html) .", + "title": "AnalyticsConfiguration" + }, + "AuthSessionValidity": { + "markdownDescription": "Amazon Cognito creates a session token for each API request in an authentication flow. `AuthSessionValidity` is the duration, in minutes, of that session token. Your user pool native user must respond to each authentication challenge before the session expires.", + "title": "AuthSessionValidity", + "type": "number" + }, + "CallbackURLs": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of allowed redirect, or callback, URLs for managed login authentication. These URLs are the paths where you want to send your users' browsers after they complete authentication with managed login or a third-party IdP. Typically, callback URLs are the home of an application that uses OAuth or OIDC libraries to process authentication outcomes.\n\nA redirect URI must meet the following requirements:\n\n- Be an absolute URI.\n- Be registered with the authorization server. Amazon Cognito doesn't accept authorization requests with `redirect_uri` values that aren't in the list of `CallbackURLs` that you provide in this parameter.\n- Not include a fragment component.\n\nSee [OAuth 2.0 - Redirection Endpoint](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6749#section-3.1.2) .\n\nAmazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only.\n\nApp callback URLs such as myapp://example are also supported.", + "title": "CallbackURLs", + "type": "array" + }, + "ClientName": { + "markdownDescription": "A friendly name for the app client that you want to create.", + "title": "ClientName", "type": "string" }, - "EncryptionKey": { - "markdownDescription": "The customer-provided key to encrypt the profile object that will be created in this profile object type mapping. If not specified the system will use the encryption key of the domain.", - "title": "EncryptionKey", + "DefaultRedirectURI": { + "markdownDescription": "The default redirect URI. In app clients with one assigned IdP, replaces `redirect_uri` in authentication requests. Must be in the `CallbackURLs` list.", + "title": "DefaultRedirectURI", "type": "string" }, - "ExpirationDays": { - "markdownDescription": "The number of days until the data of this type expires.", - "title": "ExpirationDays", - "type": "number" + "EnablePropagateAdditionalUserContextData": { + "markdownDescription": "When `true` , your application can include additional `UserContextData` in authentication requests. This data includes the IP address, and contributes to analysis by threat protection features. For more information about propagation of user context data, see [Adding session data to API requests](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-adaptive-authentication.html#user-pool-settings-adaptive-authentication-device-fingerprint) . If you don\u2019t include this parameter, you can't send the source IP address to Amazon Cognito threat protection features. You can only activate `EnablePropagateAdditionalUserContextData` in an app client that has a client secret.", + "title": "EnablePropagateAdditionalUserContextData", + "type": "boolean" }, - "Fields": { + "EnableTokenRevocation": { + "markdownDescription": "Activates or deactivates token revocation.\n\nIf you don't include this parameter, token revocation is automatically activated for the new user pool client.", + "title": "EnableTokenRevocation", + "type": "boolean" + }, + "ExplicitAuthFlows": { "items": { - "$ref": "#/definitions/AWS::CustomerProfiles::ObjectType.FieldMap" + "type": "string" }, - "markdownDescription": "A list of field definitions for the object type mapping.", - "title": "Fields", + "markdownDescription": "The [authentication flows](https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-authentication-flow-methods.html) that you want your user pool client to support. For each app client in your user pool, you can sign in your users with any combination of one or more flows, including with a user name and Secure Remote Password (SRP), a user name and password, or a custom authentication process that you define with Lambda functions.\n\n> If you don't specify a value for `ExplicitAuthFlows` , your app client supports `ALLOW_REFRESH_TOKEN_AUTH` , `ALLOW_USER_SRP_AUTH` , and `ALLOW_CUSTOM_AUTH` . \n\nThe values for authentication flow options include the following.\n\n- `ALLOW_USER_AUTH` : Enable selection-based sign-in with `USER_AUTH` . This setting covers username-password, secure remote password (SRP), passwordless, and passkey authentication. This authentiation flow can do username-password and SRP authentication without other `ExplicitAuthFlows` permitting them. For example users can complete an SRP challenge through `USER_AUTH` without the flow `USER_SRP_AUTH` being active for the app client. This flow doesn't include `CUSTOM_AUTH` .\n\nTo activate this setting, your user pool must be in the [Essentials tier](https://docs.aws.amazon.com/cognito/latest/developerguide/feature-plans-features-essentials.html) or higher.\n- `ALLOW_ADMIN_USER_PASSWORD_AUTH` : Enable admin based user password authentication flow `ADMIN_USER_PASSWORD_AUTH` . This setting replaces the `ADMIN_NO_SRP_AUTH` setting. With this authentication flow, your app passes a user name and password to Amazon Cognito in the request, instead of using the Secure Remote Password (SRP) protocol to securely transmit the password.\n- `ALLOW_CUSTOM_AUTH` : Enable Lambda trigger based authentication.\n- `ALLOW_USER_PASSWORD_AUTH` : Enable user password-based authentication. In this flow, Amazon Cognito receives the password in the request instead of using the SRP protocol to verify passwords.\n- `ALLOW_USER_SRP_AUTH` : Enable SRP-based authentication.\n- `ALLOW_REFRESH_TOKEN_AUTH` : Enable authflow to refresh tokens.\n\nIn some environments, you will see the values `ADMIN_NO_SRP_AUTH` , `CUSTOM_AUTH_FLOW_ONLY` , or `USER_PASSWORD_AUTH` . You can't assign these legacy `ExplicitAuthFlows` values to user pool clients at the same time as values that begin with `ALLOW_` ,\nlike `ALLOW_USER_SRP_AUTH` .", + "title": "ExplicitAuthFlows", "type": "array" }, - "Keys": { + "GenerateSecret": { + "markdownDescription": "When `true` , generates a client secret for the app client. Client secrets are used with server-side and machine-to-machine applications. Client secrets are automatically generated; you can't specify a secret value. For more information, see [App client types](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-client-apps.html#user-pool-settings-client-app-client-types) .", + "title": "GenerateSecret", + "type": "boolean" + }, + "IdTokenValidity": { + "markdownDescription": "The ID token time limit. After this limit expires, your user can't use their ID token. To specify the time unit for `IdTokenValidity` as `seconds` , `minutes` , `hours` , or `days` , set a `TokenValidityUnits` value in your API request.\n\nFor example, when you set `IdTokenValidity` as `10` and `TokenValidityUnits` as `hours` , your user can authenticate their session with their ID token for 10 hours.\n\nThe default time unit for `IdTokenValidity` in an API request is hours. *Valid range* is displayed below in seconds.\n\nIf you don't specify otherwise in the configuration of your app client, your ID\ntokens are valid for one hour.", + "title": "IdTokenValidity", + "type": "number" + }, + "LogoutURLs": { "items": { - "$ref": "#/definitions/AWS::CustomerProfiles::ObjectType.KeyMap" + "type": "string" }, - "markdownDescription": "A list of keys that can be used to map data to the profile or search for the profile.", - "title": "Keys", + "markdownDescription": "A list of allowed logout URLs for managed login authentication. When you pass `logout_uri` and `client_id` parameters to `/logout` , Amazon Cognito signs out your user and redirects them to the logout URL. This parameter describes the URLs that you want to be the permitted targets of `logout_uri` . A typical use of these URLs is when a user selects \"Sign out\" and you redirect them to your public homepage. For more information, see [Logout endpoint](https://docs.aws.amazon.com/cognito/latest/developerguide/logout-endpoint.html) .", + "title": "LogoutURLs", "type": "array" }, - "ObjectTypeName": { - "markdownDescription": "The name of the profile object type.", - "title": "ObjectTypeName", + "PreventUserExistenceErrors": { + "markdownDescription": "Errors and responses that you want Amazon Cognito APIs to return during authentication, account confirmation, and password recovery when the user doesn't exist in the user pool. When set to `ENABLED` and the user doesn't exist, authentication returns an error indicating either the username or password was incorrect. Account confirmation and password recovery return a response indicating a code was sent to a simulated destination. When set to `LEGACY` , those APIs return a `UserNotFoundException` exception if the user doesn't exist in the user pool.\n\nValid values include:\n\n- `ENABLED` - This prevents user existence-related errors.\n- `LEGACY` - This represents the early behavior of Amazon Cognito where user existence related errors aren't prevented.\n\nDefaults to `LEGACY` when you don't provide a value.", + "title": "PreventUserExistenceErrors", "type": "string" }, - "SourceLastUpdatedTimestampFormat": { - "markdownDescription": "The format of your sourceLastUpdatedTimestamp that was previously set up.", - "title": "SourceLastUpdatedTimestampFormat", - "type": "string" + "ReadAttributes": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of user attributes that you want your app client to have read access to. After your user authenticates in your app, their access token authorizes them to read their own attribute value for any attribute in this list. An example of this kind of activity is when your user selects a link to view their profile information.\n\nWhen you don't specify the `ReadAttributes` for your app client, your app can read the values of `email_verified` , `phone_number_verified` , and the Standard attributes of your user pool. When your user pool app client has read access to these default attributes, `ReadAttributes` doesn't return any information. Amazon Cognito only populates `ReadAttributes` in the API response if you have specified your own custom set of read attributes.", + "title": "ReadAttributes", + "type": "array" }, - "Tags": { + "RefreshTokenRotation": { + "$ref": "#/definitions/AWS::Cognito::UserPoolClient.RefreshTokenRotation", + "markdownDescription": "The configuration of your app client for refresh token rotation. When enabled, your app client issues new ID, access, and refresh tokens when users renew their sessions with refresh tokens. When disabled, token refresh issues only ID and access tokens.", + "title": "RefreshTokenRotation" + }, + "RefreshTokenValidity": { + "markdownDescription": "The refresh token time limit. After this limit expires, your user can't use their refresh token. To specify the time unit for `RefreshTokenValidity` as `seconds` , `minutes` , `hours` , or `days` , set a `TokenValidityUnits` value in your API request.\n\nFor example, when you set `RefreshTokenValidity` as `10` and `TokenValidityUnits` as `days` , your user can refresh their session\nand retrieve new access and ID tokens for 10 days.\n\nThe default time unit for `RefreshTokenValidity` in an API request is days. You can't set `RefreshTokenValidity` to 0. If you do, Amazon Cognito overrides the value with the default value of 30 days. *Valid range* is displayed below in seconds.\n\nIf you don't specify otherwise in the configuration of your app client, your refresh\ntokens are valid for 30 days.", + "title": "RefreshTokenValidity", + "type": "number" + }, + "SupportedIdentityProviders": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource.", - "title": "Tags", + "markdownDescription": "A list of provider names for the identity providers (IdPs) that are supported on this client. The following are supported: `COGNITO` , `Facebook` , `Google` , `SignInWithApple` , and `LoginWithAmazon` . You can also specify the names that you configured for the SAML and OIDC IdPs in your user pool, for example `MySAMLIdP` or `MyOIDCIdP` .\n\nThis parameter sets the IdPs that [managed login](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-managed-login.html) will display on the login page for your app client. The removal of `COGNITO` from this list doesn't prevent authentication operations for local users with the user pools API in an AWS SDK. The only way to prevent SDK-based authentication is to block access with a [AWS WAF rule](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-waf.html) .", + "title": "SupportedIdentityProviders", "type": "array" }, - "TemplateId": { - "markdownDescription": "A unique identifier for the template mapping. This can be used instead of specifying the Keys and Fields properties directly.", - "title": "TemplateId", + "TokenValidityUnits": { + "$ref": "#/definitions/AWS::Cognito::UserPoolClient.TokenValidityUnits", + "markdownDescription": "The units that validity times are represented in. The default unit for refresh tokens is days, and the default for ID and access tokens are hours.", + "title": "TokenValidityUnits" + }, + "UserPoolId": { + "markdownDescription": "The ID of the user pool where you want to create an app client.", + "title": "UserPoolId", "type": "string" + }, + "WriteAttributes": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of user attributes that you want your app client to have write access to. After your user authenticates in your app, their access token authorizes them to set or modify their own attribute value for any attribute in this list.\n\nWhen you don't specify the `WriteAttributes` for your app client, your app can write the values of the Standard attributes of your user pool. When your user pool has write access to these default attributes, `WriteAttributes` doesn't return any information. Amazon Cognito only populates `WriteAttributes` in the API response if you have specified your own custom set of write attributes.\n\nIf your app client allows users to sign in through an IdP, this array must include all attributes that you have mapped to IdP attributes. Amazon Cognito updates mapped attributes when users sign in to your application through an IdP. If your app client does not have write access to a mapped attribute, Amazon Cognito throws an error when it tries to update the attribute. For more information, see [Specifying IdP Attribute Mappings for Your user pool](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-specifying-attribute-mapping.html) .", + "title": "WriteAttributes", + "type": "array" } }, "required": [ - "Description", - "DomainName", - "ObjectTypeName" + "UserPoolId" ], "type": "object" }, "Type": { "enum": [ - "AWS::CustomerProfiles::ObjectType" + "AWS::Cognito::UserPoolClient" ], "type": "string" }, @@ -54955,85 +60975,75 @@ ], "type": "object" }, - "AWS::CustomerProfiles::ObjectType.FieldMap": { + "AWS::Cognito::UserPoolClient.AnalyticsConfiguration": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "Name of the field.", - "title": "Name", + "ApplicationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an Amazon Pinpoint project that you want to connect to your user pool app client. Amazon Cognito publishes events to the Amazon Pinpoint project that `ApplicationArn` declares. You can also configure your application to pass an endpoint ID in the `AnalyticsMetadata` parameter of sign-in operations. The endpoint ID is information about the destination for push notifications", + "title": "ApplicationArn", "type": "string" }, - "ObjectTypeField": { - "$ref": "#/definitions/AWS::CustomerProfiles::ObjectType.ObjectTypeField", - "markdownDescription": "Represents a field in a ProfileObjectType.", - "title": "ObjectTypeField" + "ApplicationId": { + "markdownDescription": "Your Amazon Pinpoint project ID.", + "title": "ApplicationId", + "type": "string" + }, + "ExternalId": { + "markdownDescription": "The [external ID](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user_externalid.html) of the role that Amazon Cognito assumes to send analytics data to Amazon Pinpoint.", + "title": "ExternalId", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of an AWS Identity and Access Management role that has the permissions required for Amazon Cognito to publish events to Amazon Pinpoint analytics.", + "title": "RoleArn", + "type": "string" + }, + "UserDataShared": { + "markdownDescription": "If `UserDataShared` is `true` , Amazon Cognito includes user data in the events that it publishes to Amazon Pinpoint analytics.", + "title": "UserDataShared", + "type": "boolean" } }, "type": "object" }, - "AWS::CustomerProfiles::ObjectType.KeyMap": { + "AWS::Cognito::UserPoolClient.RefreshTokenRotation": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "Name of the key.", - "title": "Name", + "Feature": { + "markdownDescription": "The state of refresh token rotation for the current app client.", + "title": "Feature", "type": "string" }, - "ObjectTypeKeyList": { - "items": { - "$ref": "#/definitions/AWS::CustomerProfiles::ObjectType.ObjectTypeKey" - }, - "markdownDescription": "A list of ObjectTypeKey.", - "title": "ObjectTypeKeyList", - "type": "array" + "RetryGracePeriodSeconds": { + "markdownDescription": "When you request a token refresh with `GetTokensFromRefreshToken` , the original refresh token that you're rotating out can remain valid for a period of time of up to 60 seconds. This allows for client-side retries. When `RetryGracePeriodSeconds` is `0` , the grace period is disabled and a successful request immediately invalidates the submitted refresh token.", + "title": "RetryGracePeriodSeconds", + "type": "number" } }, "type": "object" }, - "AWS::CustomerProfiles::ObjectType.ObjectTypeField": { + "AWS::Cognito::UserPoolClient.TokenValidityUnits": { "additionalProperties": false, "properties": { - "ContentType": { - "markdownDescription": "The content type of the field. Used for determining equality when searching.", - "title": "ContentType", + "AccessToken": { + "markdownDescription": "A time unit for the value that you set in the `AccessTokenValidity` parameter. The default `AccessTokenValidity` time unit is `hours` . `AccessTokenValidity` duration can range from five minutes to one day.", + "title": "AccessToken", "type": "string" }, - "Source": { - "markdownDescription": "A field of a ProfileObject. For example: _source.FirstName, where \u201c_source\u201d is a ProfileObjectType of a Zendesk user and \u201cFirstName\u201d is a field in that ObjectType.", - "title": "Source", + "IdToken": { + "markdownDescription": "A time unit for the value that you set in the `IdTokenValidity` parameter. The default `IdTokenValidity` time unit is `hours` . `IdTokenValidity` duration can range from five minutes to one day.", + "title": "IdToken", "type": "string" }, - "Target": { - "markdownDescription": "The location of the data in the standard ProfileObject model. For example: _profile.Address.PostalCode.", - "title": "Target", + "RefreshToken": { + "markdownDescription": "A time unit for the value that you set in the `RefreshTokenValidity` parameter. The default `RefreshTokenValidity` time unit is `days` . `RefreshTokenValidity` duration can range from 60 minutes to 10 years.", + "title": "RefreshToken", "type": "string" } }, "type": "object" }, - "AWS::CustomerProfiles::ObjectType.ObjectTypeKey": { - "additionalProperties": false, - "properties": { - "FieldNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The reference for the key name of the fields map.", - "title": "FieldNames", - "type": "array" - }, - "StandardIdentifiers": { - "items": { - "type": "string" - }, - "markdownDescription": "The types of keys that a ProfileObject can have. Each ProfileObject can have only 1 UNIQUE key but multiple PROFILE keys. PROFILE means that this key can be used to tie an object to a PROFILE. UNIQUE means that it can be used to uniquely identify an object. If a key a is marked as SECONDARY, it will be used to search for profiles after all other PROFILE keys have been searched. A LOOKUP_ONLY key is only used to match a profile but is not persisted to be used for searching of the profile. A NEW_ONLY key is only used if the profile does not already exist before the object is ingested, otherwise it is only used for matching objects to profiles.", - "title": "StandardIdentifiers", - "type": "array" - } - }, - "type": "object" - }, - "AWS::DAX::Cluster": { + "AWS::Cognito::UserPoolDomain": { "additionalProperties": false, "properties": { "Condition": { @@ -55068,93 +61078,36 @@ "Properties": { "additionalProperties": false, "properties": { - "AvailabilityZones": { - "items": { - "type": "string" - }, - "markdownDescription": "The Availability Zones (AZs) in which the cluster nodes will reside after the cluster has been created or updated. If provided, the length of this list must equal the `ReplicationFactor` parameter. If you omit this parameter, DAX will spread the nodes across Availability Zones for the highest availability.", - "title": "AvailabilityZones", - "type": "array" + "CustomDomainConfig": { + "$ref": "#/definitions/AWS::Cognito::UserPoolDomain.CustomDomainConfigType", + "markdownDescription": "The configuration for a custom domain that hosts the sign-up and sign-in pages for your application. Use this object to specify an SSL certificate that is managed by ACM.\n\nWhen you create a custom domain, the passkey RP ID defaults to the custom domain. If you had a prefix domain active, this will cause passkey integration for your prefix domain to stop working due to a mismatch in RP ID. To keep the prefix domain passkey integration working, you can explicitly set RP ID to the prefix domain.", + "title": "CustomDomainConfig" }, - "ClusterEndpointEncryptionType": { - "markdownDescription": "The encryption type of the cluster's endpoint. Available values are:\n\n- `NONE` - The cluster's endpoint will be unencrypted.\n- `TLS` - The cluster's endpoint will be encrypted with Transport Layer Security, and will provide an x509 certificate for authentication.\n\nThe default value is `NONE` .", - "title": "ClusterEndpointEncryptionType", - "type": "string" - }, - "ClusterName": { - "markdownDescription": "The name of the DAX cluster.", - "title": "ClusterName", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the cluster.", - "title": "Description", - "type": "string" - }, - "IAMRoleARN": { - "markdownDescription": "A valid Amazon Resource Name (ARN) that identifies an IAM role. At runtime, DAX will assume this role and use the role's permissions to access DynamoDB on your behalf.", - "title": "IAMRoleARN", - "type": "string" - }, - "NodeType": { - "markdownDescription": "The node type for the nodes in the cluster. (All nodes in a DAX cluster are of the same type.)", - "title": "NodeType", - "type": "string" - }, - "NotificationTopicARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to which notifications will be sent.\n\n> The Amazon SNS topic owner must be same as the DAX cluster owner.", - "title": "NotificationTopicARN", - "type": "string" - }, - "ParameterGroupName": { - "markdownDescription": "The parameter group to be associated with the DAX cluster.", - "title": "ParameterGroupName", - "type": "string" - }, - "PreferredMaintenanceWindow": { - "markdownDescription": "A range of time when maintenance of DAX cluster software will be performed. For example: `sun:01:00-sun:09:00` . Cluster maintenance normally takes less than 30 minutes, and is performed automatically within the maintenance window.", - "title": "PreferredMaintenanceWindow", + "Domain": { + "markdownDescription": "The name of the domain that you want to update. For custom domains, this is the fully-qualified domain name, for example `auth.example.com` . For prefix domains, this is the prefix alone, such as `myprefix` .", + "title": "Domain", "type": "string" }, - "ReplicationFactor": { - "markdownDescription": "The number of nodes in the DAX cluster. A replication factor of 1 will create a single-node cluster, without any read replicas. For additional fault tolerance, you can create a multiple node cluster with one or more read replicas. To do this, set `ReplicationFactor` to a number between 3 (one primary and two read replicas) and 10 (one primary and nine read replicas). `If the AvailabilityZones` parameter is provided, its length must equal the `ReplicationFactor` .\n\n> AWS recommends that you have at least two read replicas per cluster.", - "title": "ReplicationFactor", + "ManagedLoginVersion": { + "markdownDescription": "A version number that indicates the state of managed login for your domain. Version `1` is hosted UI (classic). Version `2` is the newer managed login with the branding editor. For more information, see [Managed login](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-managed-login.html) .", + "title": "ManagedLoginVersion", "type": "number" }, - "SSESpecification": { - "$ref": "#/definitions/AWS::DAX::Cluster.SSESpecification", - "markdownDescription": "Represents the settings used to enable server-side encryption on the cluster.", - "title": "SSESpecification" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of security group IDs to be assigned to each node in the DAX cluster. (Each of the security group ID is system-generated.)\n\nIf this parameter is not specified, DAX assigns the default VPC security group to each node.", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetGroupName": { - "markdownDescription": "The name of the subnet group to be used for the replication group.\n\n> DAX clusters can only run in an Amazon VPC environment. All of the subnets that you specify in a subnet group must exist in the same VPC.", - "title": "SubnetGroupName", + "UserPoolId": { + "markdownDescription": "The ID of the user pool that is associated with the domain you're updating.", + "title": "UserPoolId", "type": "string" - }, - "Tags": { - "markdownDescription": "A set of tags to associate with the DAX cluster.", - "title": "Tags", - "type": "object" } }, "required": [ - "IAMRoleARN", - "NodeType", - "ReplicationFactor" + "Domain", + "UserPoolId" ], "type": "object" }, "Type": { "enum": [ - "AWS::DAX::Cluster" + "AWS::Cognito::UserPoolDomain" ], "type": "string" }, @@ -55173,18 +61126,18 @@ ], "type": "object" }, - "AWS::DAX::Cluster.SSESpecification": { + "AWS::Cognito::UserPoolDomain.CustomDomainConfigType": { "additionalProperties": false, "properties": { - "SSEEnabled": { - "markdownDescription": "Indicates whether server-side encryption is enabled (true) or disabled (false) on the cluster.", - "title": "SSEEnabled", - "type": "boolean" + "CertificateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Certificate Manager SSL certificate. You use this certificate for the subdomain of your custom domain.", + "title": "CertificateArn", + "type": "string" } }, "type": "object" }, - "AWS::DAX::ParameterGroup": { + "AWS::Cognito::UserPoolGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -55220,26 +61173,39 @@ "additionalProperties": false, "properties": { "Description": { - "markdownDescription": "A description of the parameter group.", + "markdownDescription": "A description of the group that you're creating.", "title": "Description", "type": "string" }, - "ParameterGroupName": { - "markdownDescription": "The name of the parameter group.", - "title": "ParameterGroupName", + "GroupName": { + "markdownDescription": "A name for the group. This name must be unique in your user pool.", + "title": "GroupName", "type": "string" }, - "ParameterNameValues": { - "markdownDescription": "An array of name-value pairs for the parameters in the group. Each element in the array represents a single parameter.\n\n> `record-ttl-millis` and `query-ttl-millis` are the only supported parameter names. For more details, see [Configuring TTL Settings](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/DAX.cluster-management.html#DAX.cluster-management.custom-settings.ttl) .", - "title": "ParameterNameValues", - "type": "object" + "Precedence": { + "markdownDescription": "A non-negative integer value that specifies the precedence of this group relative to the other groups that a user can belong to in the user pool. Zero is the highest precedence value. Groups with lower `Precedence` values take precedence over groups with higher or null `Precedence` values. If a user belongs to two or more groups, it is the group with the lowest precedence value whose role ARN is given in the user's tokens for the `cognito:roles` and `cognito:preferred_role` claims.\n\nTwo groups can have the same `Precedence` value. If this happens, neither group takes precedence over the other. If two groups with the same `Precedence` have the same role ARN, that role is used in the `cognito:preferred_role` claim in tokens for users in each group. If the two groups have different role ARNs, the `cognito:preferred_role` claim isn't set in users' tokens.\n\nThe default `Precedence` value is null. The maximum `Precedence` value is `2^31-1` .", + "title": "Precedence", + "type": "number" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the IAM role that you want to associate with the group. A group role primarily declares a preferred role for the credentials that you get from an identity pool. Amazon Cognito ID tokens have a `cognito:preferred_role` claim that presents the highest-precedence group that a user belongs to. Both ID and access tokens also contain a `cognito:groups` claim that list all the groups that a user is a member of.", + "title": "RoleArn", + "type": "string" + }, + "UserPoolId": { + "markdownDescription": "The ID of the user pool where you want to create a user group.", + "title": "UserPoolId", + "type": "string" } }, + "required": [ + "UserPoolId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::DAX::ParameterGroup" + "AWS::Cognito::UserPoolGroup" ], "type": "string" }, @@ -55253,11 +61219,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::DAX::SubnetGroup": { + "AWS::Cognito::UserPoolIdentityProvider": { "additionalProperties": false, "properties": { "Condition": { @@ -55292,33 +61259,63 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the subnet group.", - "title": "Description", - "type": "string" - }, - "SubnetGroupName": { - "markdownDescription": "The name of the subnet group.", - "title": "SubnetGroupName", - "type": "string" + "AttributeMapping": { + "additionalProperties": true, + "markdownDescription": "A mapping of IdP attributes to standard and custom user pool attributes. Specify a user pool attribute as the key of the key-value pair, and the IdP attribute claim name as the value.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AttributeMapping", + "type": "object" }, - "SubnetIds": { + "IdpIdentifiers": { "items": { "type": "string" }, - "markdownDescription": "A list of VPC subnet IDs for the subnet group.", - "title": "SubnetIds", + "markdownDescription": "An array of IdP identifiers, for example `\"IdPIdentifiers\": [ \"MyIdP\", \"MyIdP2\" ]` . Identifiers are friendly names that you can pass in the `idp_identifier` query parameter of requests to the [Authorize endpoint](https://docs.aws.amazon.com/cognito/latest/developerguide/authorization-endpoint.html) to silently redirect to sign-in with the associated IdP. Identifiers in a domain format also enable the use of [email-address matching with SAML providers](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-managing-saml-idp-naming.html) .", + "title": "IdpIdentifiers", "type": "array" + }, + "ProviderDetails": { + "additionalProperties": true, + "markdownDescription": "The scopes, URLs, and identifiers for your external identity provider. The following\nexamples describe the provider detail keys for each IdP type. These values and their\nschema are subject to change. Social IdP `authorize_scopes` values must match\nthe values listed here.\n\n- **OpenID Connect (OIDC)** - Amazon Cognito accepts the following elements when it can't discover endpoint URLs from `oidc_issuer` : `attributes_url` , `authorize_url` , `jwks_uri` , `token_url` .\n\nCreate or update request: `\"ProviderDetails\": { \"attributes_request_method\": \"GET\", \"attributes_url\": \"https://auth.example.com/userInfo\", \"authorize_scopes\": \"openid profile email\", \"authorize_url\": \"https://auth.example.com/authorize\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"jwks_uri\": \"https://auth.example.com/.well-known/jwks.json\", \"oidc_issuer\": \"https://auth.example.com\", \"token_url\": \"https://example.com/token\" }`\n\nDescribe response: `\"ProviderDetails\": { \"attributes_request_method\": \"GET\", \"attributes_url\": \"https://auth.example.com/userInfo\", \"attributes_url_add_attributes\": \"false\", \"authorize_scopes\": \"openid profile email\", \"authorize_url\": \"https://auth.example.com/authorize\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"jwks_uri\": \"https://auth.example.com/.well-known/jwks.json\", \"oidc_issuer\": \"https://auth.example.com\", \"token_url\": \"https://example.com/token\" }`\n- **SAML** - Create or update request with Metadata URL: `\"ProviderDetails\": { \"IDPInit\": \"true\", \"IDPSignout\": \"true\", \"EncryptedResponses\" : \"true\", \"MetadataURL\": \"https://auth.example.com/sso/saml/metadata\", \"RequestSigningAlgorithm\": \"rsa-sha256\" }`\n\nCreate or update request with Metadata file: `\"ProviderDetails\": { \"IDPInit\": \"true\", \"IDPSignout\": \"true\", \"EncryptedResponses\" : \"true\", \"MetadataFile\": \"[metadata XML]\", \"RequestSigningAlgorithm\": \"rsa-sha256\" }`\n\nThe value of `MetadataFile` must be the plaintext metadata document with all quote (\") characters escaped by backslashes.\n\nDescribe response: `\"ProviderDetails\": { \"IDPInit\": \"true\", \"IDPSignout\": \"true\", \"EncryptedResponses\" : \"true\", \"ActiveEncryptionCertificate\": \"[certificate]\", \"MetadataURL\": \"https://auth.example.com/sso/saml/metadata\", \"RequestSigningAlgorithm\": \"rsa-sha256\", \"SLORedirectBindingURI\": \"https://auth.example.com/slo/saml\", \"SSORedirectBindingURI\": \"https://auth.example.com/sso/saml\" }`\n- **LoginWithAmazon** - Create or update request: `\"ProviderDetails\": { \"authorize_scopes\": \"profile postal_code\", \"client_id\": \"amzn1.application-oa2-client.1example23456789\", \"client_secret\": \"provider-app-client-secret\"`\n\nDescribe response: `\"ProviderDetails\": { \"attributes_url\": \"https://api.amazon.com/user/profile\", \"attributes_url_add_attributes\": \"false\", \"authorize_scopes\": \"profile postal_code\", \"authorize_url\": \"https://www.amazon.com/ap/oa\", \"client_id\": \"amzn1.application-oa2-client.1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"token_request_method\": \"POST\", \"token_url\": \"https://api.amazon.com/auth/o2/token\" }`\n- **Google** - Create or update request: `\"ProviderDetails\": { \"authorize_scopes\": \"email profile openid\", \"client_id\": \"1example23456789.apps.googleusercontent.com\", \"client_secret\": \"provider-app-client-secret\" }`\n\nDescribe response: `\"ProviderDetails\": { \"attributes_url\": \"https://people.googleapis.com/v1/people/me?personFields=\", \"attributes_url_add_attributes\": \"true\", \"authorize_scopes\": \"email profile openid\", \"authorize_url\": \"https://accounts.google.com/o/oauth2/v2/auth\", \"client_id\": \"1example23456789.apps.googleusercontent.com\", \"client_secret\": \"provider-app-client-secret\", \"oidc_issuer\": \"https://accounts.google.com\", \"token_request_method\": \"POST\", \"token_url\": \"https://www.googleapis.com/oauth2/v4/token\" }`\n- **SignInWithApple** - Create or update request: `\"ProviderDetails\": { \"authorize_scopes\": \"email name\", \"client_id\": \"com.example.cognito\", \"private_key\": \"1EXAMPLE\", \"key_id\": \"2EXAMPLE\", \"team_id\": \"3EXAMPLE\" }`\n\nDescribe response: `\"ProviderDetails\": { \"attributes_url_add_attributes\": \"false\", \"authorize_scopes\": \"email name\", \"authorize_url\": \"https://appleid.apple.com/auth/authorize\", \"client_id\": \"com.example.cognito\", \"key_id\": \"1EXAMPLE\", \"oidc_issuer\": \"https://appleid.apple.com\", \"team_id\": \"2EXAMPLE\", \"token_request_method\": \"POST\", \"token_url\": \"https://appleid.apple.com/auth/token\" }`\n- **Facebook** - Create or update request: `\"ProviderDetails\": { \"api_version\": \"v17.0\", \"authorize_scopes\": \"public_profile, email\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\" }`\n\nDescribe response: `\"ProviderDetails\": { \"api_version\": \"v17.0\", \"attributes_url\": \"https://graph.facebook.com/v17.0/me?fields=\", \"attributes_url_add_attributes\": \"true\", \"authorize_scopes\": \"public_profile, email\", \"authorize_url\": \"https://www.facebook.com/v17.0/dialog/oauth\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"token_request_method\": \"GET\", \"token_url\": \"https://graph.facebook.com/v17.0/oauth/access_token\" }`", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "ProviderDetails", + "type": "object" + }, + "ProviderName": { + "markdownDescription": "The name that you want to assign to the IdP. You can pass the identity provider name in the `identity_provider` query parameter of requests to the [Authorize endpoint](https://docs.aws.amazon.com/cognito/latest/developerguide/authorization-endpoint.html) to silently redirect to sign-in with the associated IdP.", + "title": "ProviderName", + "type": "string" + }, + "ProviderType": { + "markdownDescription": "The type of IdP that you want to add. Amazon Cognito supports OIDC, SAML 2.0, Login With Amazon, Sign In With Apple, Google, and Facebook IdPs.", + "title": "ProviderType", + "type": "string" + }, + "UserPoolId": { + "markdownDescription": "The Id of the user pool where you want to create an IdP.", + "title": "UserPoolId", + "type": "string" } }, "required": [ - "SubnetIds" + "ProviderDetails", + "ProviderName", + "ProviderType", + "UserPoolId" ], "type": "object" }, "Type": { "enum": [ - "AWS::DAX::SubnetGroup" + "AWS::Cognito::UserPoolIdentityProvider" ], "type": "string" }, @@ -55337,7 +61334,7 @@ ], "type": "object" }, - "AWS::DLM::LifecyclePolicy": { + "AWS::Cognito::UserPoolResourceServer": { "additionalProperties": false, "properties": { "Condition": { @@ -55372,75 +61369,40 @@ "Properties": { "additionalProperties": false, "properties": { - "CopyTags": { - "markdownDescription": "*[Default policies only]* Indicates whether the policy should copy tags from the source resource to the snapshot or AMI. If you do not specify a value, the default is `false` .\n\nDefault: false", - "title": "CopyTags", - "type": "boolean" - }, - "CreateInterval": { - "markdownDescription": "*[Default policies only]* Specifies how often the policy should run and create snapshots or AMIs. The creation frequency can range from 1 to 7 days. If you do not specify a value, the default is 1.\n\nDefault: 1", - "title": "CreateInterval", - "type": "number" - }, - "CrossRegionCopyTargets": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyTargets", - "markdownDescription": "*[Default policies only]* Specifies destination Regions for snapshot or AMI copies. You can specify up to 3 destination Regions. If you do not want to create cross-Region copies, omit this parameter.", - "title": "CrossRegionCopyTargets" - }, - "DefaultPolicy": { - "markdownDescription": "*[Default policies only]* Specify the type of default policy to create.\n\n- To create a default policy for EBS snapshots, that creates snapshots of all volumes in the Region that do not have recent backups, specify `VOLUME` .\n- To create a default policy for EBS-backed AMIs, that creates EBS-backed AMIs from all instances in the Region that do not have recent backups, specify `INSTANCE` .", - "title": "DefaultPolicy", - "type": "string" - }, - "Description": { - "markdownDescription": "A description of the lifecycle policy. The characters ^[0-9A-Za-z _-]+$ are supported.", - "title": "Description", - "type": "string" - }, - "Exclusions": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Exclusions", - "markdownDescription": "*[Default policies only]* Specifies exclusion parameters for volumes or instances for which you do not want to create snapshots or AMIs. The policy will not create snapshots or AMIs for target resources that match any of the specified exclusion parameters.", - "title": "Exclusions" - }, - "ExecutionRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role used to run the operations specified by the lifecycle policy.", - "title": "ExecutionRoleArn", + "Identifier": { + "markdownDescription": "A unique resource server identifier for the resource server. The identifier can be an API friendly name like `solar-system-data` . You can also set an API URL like `https://solar-system-data-api.example.com` as your identifier.\n\nAmazon Cognito represents scopes in the access token in the format `$resource-server-identifier/$scope` . Longer scope-identifier strings increase the size of your access tokens.", + "title": "Identifier", "type": "string" }, - "ExtendDeletion": { - "markdownDescription": "*[Default policies only]* Defines the snapshot or AMI retention behavior for the policy if the source volume or instance is deleted, or if the policy enters the error, disabled, or deleted state.\n\nBy default ( *ExtendDeletion=false* ):\n\n- If a source resource is deleted, Amazon Data Lifecycle Manager will continue to delete previously created snapshots or AMIs, up to but not including the last one, based on the specified retention period. If you want Amazon Data Lifecycle Manager to delete all snapshots or AMIs, including the last one, specify `true` .\n- If a policy enters the error, disabled, or deleted state, Amazon Data Lifecycle Manager stops deleting snapshots and AMIs. If you want Amazon Data Lifecycle Manager to continue deleting snapshots or AMIs, including the last one, if the policy enters one of these states, specify `true` .\n\nIf you enable extended deletion ( *ExtendDeletion=true* ), you override both default behaviors simultaneously.\n\nIf you do not specify a value, the default is `false` .\n\nDefault: false", - "title": "ExtendDeletion", - "type": "boolean" - }, - "PolicyDetails": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.PolicyDetails", - "markdownDescription": "The configuration details of the lifecycle policy.\n\n> If you create a default policy, you can specify the request parameters either in the request body, or in the PolicyDetails request structure, but not both.", - "title": "PolicyDetails" - }, - "RetainInterval": { - "markdownDescription": "*[Default policies only]* Specifies how long the policy should retain snapshots or AMIs before deleting them. The retention period can range from 2 to 14 days, but it must be greater than the creation frequency to ensure that the policy retains at least 1 snapshot or AMI at any given time. If you do not specify a value, the default is 7.\n\nDefault: 7", - "title": "RetainInterval", - "type": "number" - }, - "State": { - "markdownDescription": "The activation state of the lifecycle policy.", - "title": "State", + "Name": { + "markdownDescription": "A friendly name for the resource server.", + "title": "Name", "type": "string" }, - "Tags": { + "Scopes": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Cognito::UserPoolResourceServer.ResourceServerScopeType" }, - "markdownDescription": "The tags to apply to the lifecycle policy during creation.", - "title": "Tags", + "markdownDescription": "A list of scopes. Each scope is a map with keys `ScopeName` and `ScopeDescription` .", + "title": "Scopes", "type": "array" + }, + "UserPoolId": { + "markdownDescription": "The ID of the user pool where you want to create a resource server.", + "title": "UserPoolId", + "type": "string" } }, + "required": [ + "Identifier", + "Name", + "UserPoolId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::DLM::LifecyclePolicy" + "AWS::Cognito::UserPoolResourceServer" ], "type": "string" }, @@ -55454,682 +61416,301 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::DLM::LifecyclePolicy.Action": { + "AWS::Cognito::UserPoolResourceServer.ResourceServerScopeType": { "additionalProperties": false, "properties": { - "CrossRegionCopy": { - "items": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyAction" - }, - "markdownDescription": "The rule for copying shared snapshots across Regions.", - "title": "CrossRegionCopy", - "type": "array" + "ScopeDescription": { + "markdownDescription": "A friendly description of a custom scope.", + "title": "ScopeDescription", + "type": "string" }, - "Name": { - "markdownDescription": "A descriptive name for the action.", - "title": "Name", + "ScopeName": { + "markdownDescription": "The name of the scope. Amazon Cognito renders custom scopes in the format `resourceServerIdentifier/ScopeName` . For example, if this parameter is `exampleScope` in the resource server with the identifier `exampleResourceServer` , you request and receive the scope `exampleResourceServer/exampleScope` .", + "title": "ScopeName", "type": "string" } }, "required": [ - "CrossRegionCopy", - "Name" - ], - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.ArchiveRetainRule": { - "additionalProperties": false, - "properties": { - "RetentionArchiveTier": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.RetentionArchiveTier", - "markdownDescription": "Information about retention period in the Amazon EBS Snapshots Archive. For more information, see [Archive Amazon EBS snapshots](https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/snapshot-archive.html) .", - "title": "RetentionArchiveTier" - } - }, - "required": [ - "RetentionArchiveTier" - ], - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.ArchiveRule": { - "additionalProperties": false, - "properties": { - "RetainRule": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.ArchiveRetainRule", - "markdownDescription": "Information about the retention period for the snapshot archiving rule.", - "title": "RetainRule" - } - }, - "required": [ - "RetainRule" + "ScopeDescription", + "ScopeName" ], "type": "object" }, - "AWS::DLM::LifecyclePolicy.CreateRule": { + "AWS::Cognito::UserPoolRiskConfigurationAttachment": { "additionalProperties": false, "properties": { - "CronExpression": { - "markdownDescription": "The schedule, as a Cron expression. The schedule interval must be between 1 hour and 1 year. For more information, see the [Cron and rate expressions](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-scheduled-rule-pattern.html) in the *Amazon EventBridge User Guide* .", - "title": "CronExpression", + "Condition": { "type": "string" }, - "Interval": { - "markdownDescription": "The interval between snapshots. The supported values are 1, 2, 3, 4, 6, 8, 12, and 24.", - "title": "Interval", - "type": "number" - }, - "IntervalUnit": { - "markdownDescription": "The interval unit.", - "title": "IntervalUnit", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Location": { - "markdownDescription": "*[Custom snapshot policies only]* Specifies the destination for snapshots created by the policy. The allowed destinations depend on the location of the targeted resources.\n\n- If the policy targets resources in a Region, then you must create snapshots in the same Region as the source resource.\n- If the policy targets resources in a Local Zone, you can create snapshots in the same Local Zone or in its parent Region.\n- If the policy targets resources on an Outpost, then you can create snapshots on the same Outpost or in its parent Region.\n\nSpecify one of the following values:\n\n- To create snapshots in the same Region as the source resource, specify `CLOUD` .\n- To create snapshots in the same Local Zone as the source resource, specify `LOCAL_ZONE` .\n- To create snapshots on the same Outpost as the source resource, specify `OUTPOST_LOCAL` .\n\nDefault: `CLOUD`", - "title": "Location", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Scripts": { - "items": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Script" - }, - "markdownDescription": "*[Custom snapshot policies that target instances only]* Specifies pre and/or post scripts for a snapshot lifecycle policy that targets instances. This is useful for creating application-consistent snapshots, or for performing specific administrative tasks before or after Amazon Data Lifecycle Manager initiates snapshot creation.\n\nFor more information, see [Automating application-consistent snapshots with pre and post scripts](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/automate-app-consistent-backups.html) .", - "title": "Scripts", - "type": "array" + "Metadata": { + "type": "object" }, - "Times": { - "items": { - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "AccountTakeoverRiskConfiguration": { + "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverRiskConfigurationType", + "markdownDescription": "The settings for automated responses and notification templates for adaptive authentication with threat protection.", + "title": "AccountTakeoverRiskConfiguration" + }, + "ClientId": { + "markdownDescription": "The app client where this configuration is applied. When this parameter isn't present, the risk configuration applies to all user pool app clients that don't have client-level settings.", + "title": "ClientId", + "type": "string" + }, + "CompromisedCredentialsRiskConfiguration": { + "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.CompromisedCredentialsRiskConfigurationType", + "markdownDescription": "Settings for compromised-credentials actions and authentication types with threat protection in full-function `ENFORCED` mode.", + "title": "CompromisedCredentialsRiskConfiguration" + }, + "RiskExceptionConfiguration": { + "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.RiskExceptionConfigurationType", + "markdownDescription": "Exceptions to the risk evaluation configuration, including always-allow and always-block IP address ranges.", + "title": "RiskExceptionConfiguration" + }, + "UserPoolId": { + "markdownDescription": "The ID of the user pool that has the risk configuration applied.", + "title": "UserPoolId", + "type": "string" + } }, - "markdownDescription": "The time, in UTC, to start the operation. The supported format is hh:mm.\n\nThe operation occurs within a one-hour window following the specified time. If you do not specify a time, Amazon Data Lifecycle Manager selects a time within the next 24 hours.", - "title": "Times", - "type": "array" - } - }, - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.CrossRegionCopyAction": { - "additionalProperties": false, - "properties": { - "EncryptionConfiguration": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.EncryptionConfiguration", - "markdownDescription": "The encryption settings for the copied snapshot.", - "title": "EncryptionConfiguration" - }, - "RetainRule": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyRetainRule", - "markdownDescription": "Specifies a retention rule for cross-Region snapshot copies created by snapshot or event-based policies, or cross-Region AMI copies created by AMI policies. After the retention period expires, the cross-Region copy is deleted.", - "title": "RetainRule" - }, - "Target": { - "markdownDescription": "The target Region.", - "title": "Target", - "type": "string" - } - }, - "required": [ - "EncryptionConfiguration", - "Target" - ], - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.CrossRegionCopyDeprecateRule": { - "additionalProperties": false, - "properties": { - "Interval": { - "markdownDescription": "The period after which to deprecate the cross-Region AMI copies. The period must be less than or equal to the cross-Region AMI copy retention period, and it can't be greater than 10 years. This is equivalent to 120 months, 520 weeks, or 3650 days.", - "title": "Interval", - "type": "number" + "required": [ + "ClientId", + "UserPoolId" + ], + "type": "object" }, - "IntervalUnit": { - "markdownDescription": "The unit of time in which to measure the *Interval* . For example, to deprecate a cross-Region AMI copy after 3 months, specify `Interval=3` and `IntervalUnit=MONTHS` .", - "title": "IntervalUnit", + "Type": { + "enum": [ + "AWS::Cognito::UserPoolRiskConfigurationAttachment" + ], "type": "string" - } - }, - "required": [ - "Interval", - "IntervalUnit" - ], - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.CrossRegionCopyRetainRule": { - "additionalProperties": false, - "properties": { - "Interval": { - "markdownDescription": "The amount of time to retain a cross-Region snapshot or AMI copy. The maximum is 100 years. This is equivalent to 1200 months, 5200 weeks, or 36500 days.", - "title": "Interval", - "type": "number" }, - "IntervalUnit": { - "markdownDescription": "The unit of time for time-based retention. For example, to retain a cross-Region copy for 3 months, specify `Interval=3` and `IntervalUnit=MONTHS` .", - "title": "IntervalUnit", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Interval", - "IntervalUnit" + "Type", + "Properties" ], "type": "object" }, - "AWS::DLM::LifecyclePolicy.CrossRegionCopyRule": { + "AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionType": { "additionalProperties": false, "properties": { - "CmkArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key to use for EBS encryption. If this parameter is not specified, the default KMS key for the account is used.", - "title": "CmkArn", + "EventAction": { + "markdownDescription": "The action to take for the attempted account takeover action for the associated risk level. Valid values are as follows:\n\n- `BLOCK` : Block the request.\n- `MFA_IF_CONFIGURED` : Present an MFA challenge if possible. MFA is possible if the user pool has active MFA methods that the user can set up. For example, if the user pool only supports SMS message MFA but the user doesn't have a phone number attribute, MFA setup isn't possible. If MFA setup isn't possible, allow the request.\n- `MFA_REQUIRED` : Present an MFA challenge if possible. Block the request if a user hasn't set up MFA. To sign in with required MFA, users must have an email address or phone number attribute, or a registered TOTP factor.\n- `NO_ACTION` : Take no action. Permit sign-in.", + "title": "EventAction", "type": "string" }, - "CopyTags": { - "markdownDescription": "Indicates whether to copy all user-defined tags from the source snapshot or AMI to the cross-Region copy.", - "title": "CopyTags", - "type": "boolean" - }, - "DeprecateRule": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyDeprecateRule", - "markdownDescription": "*[Custom AMI policies only]* The AMI deprecation rule for cross-Region AMI copies created by the rule.", - "title": "DeprecateRule" - }, - "Encrypted": { - "markdownDescription": "To encrypt a copy of an unencrypted snapshot if encryption by default is not enabled, enable encryption using this parameter. Copies of encrypted snapshots are encrypted, even if this parameter is false or if encryption by default is not enabled.", - "title": "Encrypted", + "Notify": { + "markdownDescription": "Determines whether Amazon Cognito sends a user a notification message when your user pools assesses a user's session at the associated risk level.", + "title": "Notify", "type": "boolean" - }, - "RetainRule": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyRetainRule", - "markdownDescription": "The retention rule that indicates how long the cross-Region snapshot or AMI copies are to be retained in the destination Region.", - "title": "RetainRule" - }, - "Target": { - "markdownDescription": "> Use this parameter for snapshot policies only. For AMI policies, use *TargetRegion* instead. \n\n*[Custom snapshot policies only]* The target Region or the Amazon Resource Name (ARN) of the target Outpost for the snapshot copies.", - "title": "Target", - "type": "string" - }, - "TargetRegion": { - "markdownDescription": "> Use this parameter for AMI policies only. For snapshot policies, use *Target* instead. For snapshot policies created before the *Target* parameter was introduced, this parameter indicates the target Region for snapshot copies. \n\n*[Custom AMI policies only]* The target Region or the Amazon Resource Name (ARN) of the target Outpost for the snapshot copies.", - "title": "TargetRegion", - "type": "string" } }, "required": [ - "Encrypted" + "EventAction", + "Notify" ], "type": "object" }, - "AWS::DLM::LifecyclePolicy.CrossRegionCopyTarget": { - "additionalProperties": false, - "properties": { - "TargetRegion": { - "type": "string" - } - }, - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.CrossRegionCopyTargets": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.DeprecateRule": { + "AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionsType": { "additionalProperties": false, "properties": { - "Count": { - "markdownDescription": "If the schedule has a count-based retention rule, this parameter specifies the number of oldest AMIs to deprecate. The count must be less than or equal to the schedule's retention count, and it can't be greater than 1000.", - "title": "Count", - "type": "number" - }, - "Interval": { - "markdownDescription": "If the schedule has an age-based retention rule, this parameter specifies the period after which to deprecate AMIs created by the schedule. The period must be less than or equal to the schedule's retention period, and it can't be greater than 10 years. This is equivalent to 120 months, 520 weeks, or 3650 days.", - "title": "Interval", - "type": "number" + "HighAction": { + "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionType", + "markdownDescription": "The action that you assign to a high-risk assessment by threat protection.", + "title": "HighAction" }, - "IntervalUnit": { - "markdownDescription": "The unit of time in which to measure the *Interval* .", - "title": "IntervalUnit", - "type": "string" - } - }, - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.EncryptionConfiguration": { - "additionalProperties": false, - "properties": { - "CmkArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key to use for EBS encryption. If this parameter is not specified, the default KMS key for the account is used.", - "title": "CmkArn", - "type": "string" + "LowAction": { + "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionType", + "markdownDescription": "The action that you assign to a low-risk assessment by threat protection.", + "title": "LowAction" }, - "Encrypted": { - "markdownDescription": "To encrypt a copy of an unencrypted snapshot when encryption by default is not enabled, enable encryption using this parameter. Copies of encrypted snapshots are encrypted, even if this parameter is false or when encryption by default is not enabled.", - "title": "Encrypted", - "type": "boolean" + "MediumAction": { + "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionType", + "markdownDescription": "The action that you assign to a medium-risk assessment by threat protection.", + "title": "MediumAction" } }, - "required": [ - "Encrypted" - ], "type": "object" }, - "AWS::DLM::LifecyclePolicy.EventParameters": { + "AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverRiskConfigurationType": { "additionalProperties": false, "properties": { - "DescriptionRegex": { - "markdownDescription": "The snapshot description that can trigger the policy. The description pattern is specified using a regular expression. The policy runs only if a snapshot with a description that matches the specified pattern is shared with your account.\n\nFor example, specifying `^.*Created for policy: policy-1234567890abcdef0.*$` configures the policy to run only if snapshots created by policy `policy-1234567890abcdef0` are shared with your account.", - "title": "DescriptionRegex", - "type": "string" - }, - "EventType": { - "markdownDescription": "The type of event. Currently, only snapshot sharing events are supported.", - "title": "EventType", - "type": "string" + "Actions": { + "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionsType", + "markdownDescription": "A list of account-takeover actions for each level of risk that Amazon Cognito might assess with threat protection.", + "title": "Actions" }, - "SnapshotOwner": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the AWS accounts that can trigger policy by sharing snapshots with your account. The policy only runs if one of the specified AWS accounts shares a snapshot with your account.", - "title": "SnapshotOwner", - "type": "array" + "NotifyConfiguration": { + "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyConfigurationType", + "markdownDescription": "The settings for composing and sending an email message when threat protection assesses a risk level with adaptive authentication. When you choose to notify users in `AccountTakeoverRiskConfiguration` , Amazon Cognito sends an email message using the method and template that you set with this data type.", + "title": "NotifyConfiguration" } }, "required": [ - "EventType", - "SnapshotOwner" + "Actions" ], "type": "object" }, - "AWS::DLM::LifecyclePolicy.EventSource": { + "AWS::Cognito::UserPoolRiskConfigurationAttachment.CompromisedCredentialsActionsType": { "additionalProperties": false, "properties": { - "Parameters": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.EventParameters", - "markdownDescription": "Information about the event.", - "title": "Parameters" - }, - "Type": { - "markdownDescription": "The source of the event. Currently only managed Amazon EventBridge (formerly known as Amazon CloudWatch) events are supported.", - "title": "Type", + "EventAction": { + "markdownDescription": "The action that Amazon Cognito takes when it detects compromised credentials.", + "title": "EventAction", "type": "string" } }, "required": [ - "Type" + "EventAction" ], "type": "object" }, - "AWS::DLM::LifecyclePolicy.ExcludeTags": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.ExcludeVolumeTypesList": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.Exclusions": { + "AWS::Cognito::UserPoolRiskConfigurationAttachment.CompromisedCredentialsRiskConfigurationType": { "additionalProperties": false, "properties": { - "ExcludeBootVolumes": { - "markdownDescription": "*[Default policies for EBS snapshots only]* Indicates whether to exclude volumes that are attached to instances as the boot volume. If you exclude boot volumes, only volumes attached as data (non-boot) volumes will be backed up by the policy. To exclude boot volumes, specify `true` .", - "title": "ExcludeBootVolumes", - "type": "boolean" - }, - "ExcludeTags": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.ExcludeTags", - "markdownDescription": "*[Default policies for EBS-backed AMIs only]* Specifies whether to exclude volumes that have specific tags.", - "title": "ExcludeTags" + "Actions": { + "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.CompromisedCredentialsActionsType", + "markdownDescription": "Settings for the actions that you want your user pool to take when Amazon Cognito detects compromised credentials.", + "title": "Actions" }, - "ExcludeVolumeTypes": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.ExcludeVolumeTypesList", - "markdownDescription": "*[Default policies for EBS snapshots only]* Specifies the volume types to exclude. Volumes of the specified types will not be targeted by the policy.", - "title": "ExcludeVolumeTypes" - } - }, - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.FastRestoreRule": { - "additionalProperties": false, - "properties": { - "AvailabilityZones": { + "EventFilter": { "items": { "type": "string" }, - "markdownDescription": "The Availability Zones in which to enable fast snapshot restore.", - "title": "AvailabilityZones", - "type": "array" - }, - "Count": { - "markdownDescription": "The number of snapshots to be enabled with fast snapshot restore.", - "title": "Count", - "type": "number" - }, - "Interval": { - "markdownDescription": "The amount of time to enable fast snapshot restore. The maximum is 100 years. This is equivalent to 1200 months, 5200 weeks, or 36500 days.", - "title": "Interval", - "type": "number" - }, - "IntervalUnit": { - "markdownDescription": "The unit of time for enabling fast snapshot restore.", - "title": "IntervalUnit", - "type": "string" - } - }, - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.Parameters": { - "additionalProperties": false, - "properties": { - "ExcludeBootVolume": { - "markdownDescription": "*[Custom snapshot policies that target instances only]* Indicates whether to exclude the root volume from multi-volume snapshot sets. The default is `false` . If you specify `true` , then the root volumes attached to targeted instances will be excluded from the multi-volume snapshot sets created by the policy.", - "title": "ExcludeBootVolume", - "type": "boolean" - }, - "ExcludeDataVolumeTags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "*[Custom snapshot policies that target instances only]* The tags used to identify data (non-root) volumes to exclude from multi-volume snapshot sets.\n\nIf you create a snapshot lifecycle policy that targets instances and you specify tags for this parameter, then data volumes with the specified tags that are attached to targeted instances will be excluded from the multi-volume snapshot sets created by the policy.", - "title": "ExcludeDataVolumeTags", + "markdownDescription": "Settings for the sign-in activity where you want to configure compromised-credentials actions. Defaults to all events.", + "title": "EventFilter", "type": "array" - }, - "NoReboot": { - "markdownDescription": "*[Custom AMI policies only]* Indicates whether targeted instances are rebooted when the lifecycle policy runs. `true` indicates that targeted instances are not rebooted when the policy runs. `false` indicates that target instances are rebooted when the policy runs. The default is `true` (instances are not rebooted).", - "title": "NoReboot", - "type": "boolean" } }, + "required": [ + "Actions" + ], "type": "object" }, - "AWS::DLM::LifecyclePolicy.PolicyDetails": { + "AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyConfigurationType": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Action" - }, - "markdownDescription": "*[Event-based policies only]* The actions to be performed when the event-based policy is activated. You can specify only one action per policy.", - "title": "Actions", - "type": "array" - }, - "CopyTags": { - "markdownDescription": "*[Default policies only]* Indicates whether the policy should copy tags from the source resource to the snapshot or AMI. If you do not specify a value, the default is `false` .\n\nDefault: false", - "title": "CopyTags", - "type": "boolean" - }, - "CreateInterval": { - "markdownDescription": "*[Default policies only]* Specifies how often the policy should run and create snapshots or AMIs. The creation frequency can range from 1 to 7 days. If you do not specify a value, the default is 1.\n\nDefault: 1", - "title": "CreateInterval", - "type": "number" - }, - "CrossRegionCopyTargets": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyTargets", - "markdownDescription": "*[Default policies only]* Specifies destination Regions for snapshot or AMI copies. You can specify up to 3 destination Regions. If you do not want to create cross-Region copies, omit this parameter.", - "title": "CrossRegionCopyTargets" - }, - "EventSource": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.EventSource", - "markdownDescription": "*[Event-based policies only]* The event that activates the event-based policy.", - "title": "EventSource" - }, - "Exclusions": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Exclusions", - "markdownDescription": "*[Default policies only]* Specifies exclusion parameters for volumes or instances for which you do not want to create snapshots or AMIs. The policy will not create snapshots or AMIs for target resources that match any of the specified exclusion parameters.", - "title": "Exclusions" - }, - "ExtendDeletion": { - "markdownDescription": "*[Default policies only]* Defines the snapshot or AMI retention behavior for the policy if the source volume or instance is deleted, or if the policy enters the error, disabled, or deleted state.\n\nBy default ( *ExtendDeletion=false* ):\n\n- If a source resource is deleted, Amazon Data Lifecycle Manager will continue to delete previously created snapshots or AMIs, up to but not including the last one, based on the specified retention period. If you want Amazon Data Lifecycle Manager to delete all snapshots or AMIs, including the last one, specify `true` .\n- If a policy enters the error, disabled, or deleted state, Amazon Data Lifecycle Manager stops deleting snapshots and AMIs. If you want Amazon Data Lifecycle Manager to continue deleting snapshots or AMIs, including the last one, if the policy enters one of these states, specify `true` .\n\nIf you enable extended deletion ( *ExtendDeletion=true* ), you override both default behaviors simultaneously.\n\nIf you do not specify a value, the default is `false` .\n\nDefault: false", - "title": "ExtendDeletion", - "type": "boolean" - }, - "Parameters": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Parameters", - "markdownDescription": "*[Custom snapshot and AMI policies only]* A set of optional parameters for snapshot and AMI lifecycle policies.\n\n> If you are modifying a policy that was created or previously modified using the Amazon Data Lifecycle Manager console, then you must include this parameter and specify either the default values or the new values that you require. You can't omit this parameter or set its values to null.", - "title": "Parameters" + "BlockEmail": { + "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyEmailType", + "markdownDescription": "The template for the email message that your user pool sends when a detected risk event is blocked.", + "title": "BlockEmail" }, - "PolicyLanguage": { - "markdownDescription": "The type of policy to create. Specify one of the following:\n\n- `SIMPLIFIED` To create a default policy.\n- `STANDARD` To create a custom policy.", - "title": "PolicyLanguage", + "From": { + "markdownDescription": "The email address that sends the email message. The address must be either individually verified with Amazon Simple Email Service, or from a domain that has been verified with Amazon SES.", + "title": "From", "type": "string" }, - "PolicyType": { - "markdownDescription": "The type of policy. Specify `EBS_SNAPSHOT_MANAGEMENT` to create a lifecycle policy that manages the lifecycle of Amazon EBS snapshots. Specify `IMAGE_MANAGEMENT` to create a lifecycle policy that manages the lifecycle of EBS-backed AMIs. Specify `EVENT_BASED_POLICY` to create an event-based policy that performs specific actions when a defined event occurs in your AWS account .\n\nThe default is `EBS_SNAPSHOT_MANAGEMENT` .", - "title": "PolicyType", - "type": "string" + "MfaEmail": { + "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyEmailType", + "markdownDescription": "The template for the email message that your user pool sends when MFA is challenged in response to a detected risk.", + "title": "MfaEmail" }, - "ResourceLocations": { - "items": { - "type": "string" - }, - "markdownDescription": "*[Custom snapshot and AMI policies only]* The location of the resources to backup.\n\n- If the source resources are located in a Region, specify `CLOUD` . In this case, the policy targets all resources of the specified type with matching target tags across all Availability Zones in the Region.\n- *[Custom snapshot policies only]* If the source resources are located in a Local Zone, specify `LOCAL_ZONE` . In this case, the policy targets all resources of the specified type with matching target tags across all Local Zones in the Region.\n- If the source resources are located on an Outpost in your account, specify `OUTPOST` . In this case, the policy targets all resources of the specified type with matching target tags across all of the Outposts in your account.", - "title": "ResourceLocations", - "type": "array" + "NoActionEmail": { + "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyEmailType", + "markdownDescription": "The template for the email message that your user pool sends when no action is taken in response to a detected risk.", + "title": "NoActionEmail" }, - "ResourceType": { - "markdownDescription": "*[Default policies only]* Specify the type of default policy to create.\n\n- To create a default policy for EBS snapshots, that creates snapshots of all volumes in the Region that do not have recent backups, specify `VOLUME` .\n- To create a default policy for EBS-backed AMIs, that creates EBS-backed AMIs from all instances in the Region that do not have recent backups, specify `INSTANCE` .", - "title": "ResourceType", + "ReplyTo": { + "markdownDescription": "The reply-to email address of an email template.", + "title": "ReplyTo", "type": "string" }, - "ResourceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "*[Custom snapshot policies only]* The target resource type for snapshot and AMI lifecycle policies. Use `VOLUME` to create snapshots of individual volumes or use `INSTANCE` to create multi-volume snapshots from the volumes for an instance.", - "title": "ResourceTypes", - "type": "array" - }, - "RetainInterval": { - "markdownDescription": "*[Default policies only]* Specifies how long the policy should retain snapshots or AMIs before deleting them. The retention period can range from 2 to 14 days, but it must be greater than the creation frequency to ensure that the policy retains at least 1 snapshot or AMI at any given time. If you do not specify a value, the default is 7.\n\nDefault: 7", - "title": "RetainInterval", - "type": "number" - }, - "Schedules": { - "items": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Schedule" - }, - "markdownDescription": "*[Custom snapshot and AMI policies only]* The schedules of policy-defined actions for snapshot and AMI lifecycle policies. A policy can have up to four schedules\u2014one mandatory schedule and up to three optional schedules.", - "title": "Schedules", - "type": "array" - }, - "TargetTags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "*[Custom snapshot and AMI policies only]* The single tag that identifies targeted resources for this policy.", - "title": "TargetTags", - "type": "array" - } - }, - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.RetainRule": { - "additionalProperties": false, - "properties": { - "Count": { - "markdownDescription": "The number of snapshots to retain for each volume, up to a maximum of 1000. For example if you want to retain a maximum of three snapshots, specify `3` . When the fourth snapshot is created, the oldest retained snapshot is deleted, or it is moved to the archive tier if you have specified an [ArchiveRule](https://docs.aws.amazon.com/dlm/latest/APIReference/API_ArchiveRule.html) .", - "title": "Count", - "type": "number" - }, - "Interval": { - "markdownDescription": "The amount of time to retain each snapshot. The maximum is 100 years. This is equivalent to 1200 months, 5200 weeks, or 36500 days.", - "title": "Interval", - "type": "number" - }, - "IntervalUnit": { - "markdownDescription": "The unit of time for time-based retention. For example, to retain snapshots for 3 months, specify `Interval=3` and `IntervalUnit=MONTHS` . Once the snapshot has been retained for 3 months, it is deleted, or it is moved to the archive tier if you have specified an [ArchiveRule](https://docs.aws.amazon.com/dlm/latest/APIReference/API_ArchiveRule.html) .", - "title": "IntervalUnit", + "SourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the identity that is associated with the sending authorization policy. This identity permits Amazon Cognito to send for the email address specified in the `From` parameter.", + "title": "SourceArn", "type": "string" } }, + "required": [ + "SourceArn" + ], "type": "object" }, - "AWS::DLM::LifecyclePolicy.RetentionArchiveTier": { + "AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyEmailType": { "additionalProperties": false, "properties": { - "Count": { - "markdownDescription": "The maximum number of snapshots to retain in the archive storage tier for each volume. The count must ensure that each snapshot remains in the archive tier for at least 90 days. For example, if the schedule creates snapshots every 30 days, you must specify a count of 3 or more to ensure that each snapshot is archived for at least 90 days.", - "title": "Count", - "type": "number" - }, - "Interval": { - "markdownDescription": "Specifies the period of time to retain snapshots in the archive tier. After this period expires, the snapshot is permanently deleted.", - "title": "Interval", - "type": "number" - }, - "IntervalUnit": { - "markdownDescription": "The unit of time in which to measure the *Interval* . For example, to retain a snapshots in the archive tier for 6 months, specify `Interval=6` and `IntervalUnit=MONTHS` .", - "title": "IntervalUnit", + "HtmlBody": { + "markdownDescription": "The body of an email notification formatted in HTML. Choose an `HtmlBody` or a `TextBody` to send an HTML-formatted or plaintext message, respectively.", + "title": "HtmlBody", "type": "string" - } - }, - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.Schedule": { - "additionalProperties": false, - "properties": { - "ArchiveRule": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.ArchiveRule", - "markdownDescription": "*[Custom snapshot policies that target volumes only]* The snapshot archiving rule for the schedule. When you specify an archiving rule, snapshots are automatically moved from the standard tier to the archive tier once the schedule's retention threshold is met. Snapshots are then retained in the archive tier for the archive retention period that you specify.\n\nFor more information about using snapshot archiving, see [Considerations for snapshot lifecycle policies](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/snapshot-ami-policy.html#dlm-archive) .", - "title": "ArchiveRule" - }, - "CopyTags": { - "markdownDescription": "Copy all user-defined tags on a source volume to snapshots of the volume created by this policy.", - "title": "CopyTags", - "type": "boolean" - }, - "CreateRule": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CreateRule", - "markdownDescription": "The creation rule.", - "title": "CreateRule" - }, - "CrossRegionCopyRules": { - "items": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyRule" - }, - "markdownDescription": "Specifies a rule for copying snapshots or AMIs across Regions.\n\n> You can't specify cross-Region copy rules for policies that create snapshots on an Outpost or in a Local Zone. If the policy creates snapshots in a Region, then snapshots can be copied to up to three Regions or Outposts.", - "title": "CrossRegionCopyRules", - "type": "array" - }, - "DeprecateRule": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.DeprecateRule", - "markdownDescription": "*[Custom AMI policies only]* The AMI deprecation rule for the schedule.", - "title": "DeprecateRule" - }, - "FastRestoreRule": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.FastRestoreRule", - "markdownDescription": "*[Custom snapshot policies only]* The rule for enabling fast snapshot restore.", - "title": "FastRestoreRule" }, - "Name": { - "markdownDescription": "The name of the schedule.", - "title": "Name", + "Subject": { + "markdownDescription": "The subject of the threat protection email notification.", + "title": "Subject", "type": "string" }, - "RetainRule": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.RetainRule", - "markdownDescription": "The retention rule for snapshots or AMIs created by the policy.", - "title": "RetainRule" - }, - "ShareRules": { - "items": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.ShareRule" - }, - "markdownDescription": "*[Custom snapshot policies only]* The rule for sharing snapshots with other AWS accounts .", - "title": "ShareRules", - "type": "array" - }, - "TagsToAdd": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to apply to policy-created resources. These user-defined tags are in addition to the AWS -added lifecycle tags.", - "title": "TagsToAdd", - "type": "array" - }, - "VariableTags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "*[AMI policies and snapshot policies that target instances only]* A collection of key/value pairs with values determined dynamically when the policy is executed. Keys may be any valid Amazon EC2 tag key. Values must be in one of the two following formats: `$(instance-id)` or `$(timestamp)` . Variable tags are only valid for EBS Snapshot Management \u2013 Instance policies.", - "title": "VariableTags", - "type": "array" + "TextBody": { + "markdownDescription": "The body of an email notification formatted in plaintext. Choose an `HtmlBody` or a `TextBody` to send an HTML-formatted or plaintext message, respectively.", + "title": "TextBody", + "type": "string" } }, + "required": [ + "Subject" + ], "type": "object" }, - "AWS::DLM::LifecyclePolicy.Script": { + "AWS::Cognito::UserPoolRiskConfigurationAttachment.RiskExceptionConfigurationType": { "additionalProperties": false, "properties": { - "ExecuteOperationOnScriptFailure": { - "markdownDescription": "Indicates whether Amazon Data Lifecycle Manager should default to crash-consistent snapshots if the pre script fails.\n\n- To default to crash consistent snapshot if the pre script fails, specify `true` .\n- To skip the instance for snapshot creation if the pre script fails, specify `false` .\n\nThis parameter is supported only if you run a pre script. If you run a post script only, omit this parameter.\n\nDefault: true", - "title": "ExecuteOperationOnScriptFailure", - "type": "boolean" - }, - "ExecutionHandler": { - "markdownDescription": "The SSM document that includes the pre and/or post scripts to run.\n\n- If you are automating VSS backups, specify `AWS_VSS_BACKUP` . In this case, Amazon Data Lifecycle Manager automatically uses the `AWSEC2-CreateVssSnapshot` SSM document.\n- If you are automating application-consistent snapshots for SAP HANA workloads, specify `AWSSystemsManagerSAP-CreateDLMSnapshotForSAPHANA` .\n- If you are using a custom SSM document that you own, specify either the name or ARN of the SSM document. If you are using a custom SSM document that is shared with you, specify the ARN of the SSM document.", - "title": "ExecutionHandler", - "type": "string" - }, - "ExecutionHandlerService": { - "markdownDescription": "Indicates the service used to execute the pre and/or post scripts.\n\n- If you are using custom SSM documents or automating application-consistent snapshots of SAP HANA workloads, specify `AWS_SYSTEMS_MANAGER` .\n- If you are automating VSS Backups, omit this parameter.\n\nDefault: AWS_SYSTEMS_MANAGER", - "title": "ExecutionHandlerService", - "type": "string" - }, - "ExecutionTimeout": { - "markdownDescription": "Specifies a timeout period, in seconds, after which Amazon Data Lifecycle Manager fails the script run attempt if it has not completed. If a script does not complete within its timeout period, Amazon Data Lifecycle Manager fails the attempt. The timeout period applies to the pre and post scripts individually.\n\nIf you are automating VSS Backups, omit this parameter.\n\nDefault: 10", - "title": "ExecutionTimeout", - "type": "number" - }, - "MaximumRetryCount": { - "markdownDescription": "Specifies the number of times Amazon Data Lifecycle Manager should retry scripts that fail.\n\n- If the pre script fails, Amazon Data Lifecycle Manager retries the entire snapshot creation process, including running the pre and post scripts.\n- If the post script fails, Amazon Data Lifecycle Manager retries the post script only; in this case, the pre script will have completed and the snapshot might have been created.\n\nIf you do not want Amazon Data Lifecycle Manager to retry failed scripts, specify `0` .\n\nDefault: 0", - "title": "MaximumRetryCount", - "type": "number" - }, - "Stages": { + "BlockedIPRangeList": { "items": { "type": "string" }, - "markdownDescription": "Indicate which scripts Amazon Data Lifecycle Manager should run on target instances. Pre scripts run before Amazon Data Lifecycle Manager initiates snapshot creation. Post scripts run after Amazon Data Lifecycle Manager initiates snapshot creation.\n\n- To run a pre script only, specify `PRE` . In this case, Amazon Data Lifecycle Manager calls the SSM document with the `pre-script` parameter before initiating snapshot creation.\n- To run a post script only, specify `POST` . In this case, Amazon Data Lifecycle Manager calls the SSM document with the `post-script` parameter after initiating snapshot creation.\n- To run both pre and post scripts, specify both `PRE` and `POST` . In this case, Amazon Data Lifecycle Manager calls the SSM document with the `pre-script` parameter before initiating snapshot creation, and then it calls the SSM document again with the `post-script` parameter after initiating snapshot creation.\n\nIf you are automating VSS Backups, omit this parameter.\n\nDefault: PRE and POST", - "title": "Stages", + "markdownDescription": "An always-block IP address list. Overrides the risk decision and always blocks authentication requests. This parameter is displayed and set in CIDR notation.", + "title": "BlockedIPRangeList", "type": "array" - } - }, - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.ShareRule": { - "additionalProperties": false, - "properties": { - "TargetAccounts": { + }, + "SkippedIPRangeList": { "items": { "type": "string" }, - "markdownDescription": "The IDs of the AWS accounts with which to share the snapshots.", - "title": "TargetAccounts", + "markdownDescription": "An always-allow IP address list. Risk detection isn't performed on the IP addresses in this range list. This parameter is displayed and set in CIDR notation.", + "title": "SkippedIPRangeList", "type": "array" - }, - "UnshareInterval": { - "markdownDescription": "The period after which snapshots that are shared with other AWS accounts are automatically unshared.", - "title": "UnshareInterval", - "type": "number" - }, - "UnshareIntervalUnit": { - "markdownDescription": "The unit of time for the automatic unsharing interval.", - "title": "UnshareIntervalUnit", - "type": "string" } }, "type": "object" }, - "AWS::DLM::LifecyclePolicy.VolumeTypeValues": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::DMS::Certificate": { + "AWS::Cognito::UserPoolUICustomizationAttachment": { "additionalProperties": false, "properties": { "Condition": { @@ -56164,27 +61745,31 @@ "Properties": { "additionalProperties": false, "properties": { - "CertificateIdentifier": { - "markdownDescription": "A customer-assigned name for the certificate. Identifiers must begin with a letter and must contain only ASCII letters, digits, and hyphens. They can't end with a hyphen or contain two consecutive hyphens.", - "title": "CertificateIdentifier", + "CSS": { + "markdownDescription": "A plaintext CSS file that contains the custom fields that you want to apply to your user pool or app client. To download a template, go to the Amazon Cognito console. Navigate to your user pool *App clients* tab, select *Login pages* , edit *Hosted UI (classic) style* , and select the link to `CSS template.css` .", + "title": "CSS", "type": "string" }, - "CertificatePem": { - "markdownDescription": "The contents of a `.pem` file, which contains an X.509 certificate.", - "title": "CertificatePem", + "ClientId": { + "markdownDescription": "The app client ID for your UI customization. When this value isn't present, the customization applies to all user pool app clients that don't have client-level settings..", + "title": "ClientId", "type": "string" }, - "CertificateWallet": { - "markdownDescription": "The location of an imported Oracle Wallet certificate for use with SSL. An example is: `filebase64(\"${path.root}/rds-ca-2019-root.sso\")`", - "title": "CertificateWallet", + "UserPoolId": { + "markdownDescription": "The ID of the user pool where you want to apply branding to the classic hosted UI.", + "title": "UserPoolId", "type": "string" } }, + "required": [ + "ClientId", + "UserPoolId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::DMS::Certificate" + "AWS::Cognito::UserPoolUICustomizationAttachment" ], "type": "string" }, @@ -56198,11 +61783,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::DMS::DataProvider": { + "AWS::Cognito::UserPoolUser": { "additionalProperties": false, "properties": { "Condition": { @@ -56237,53 +61823,70 @@ "Properties": { "additionalProperties": false, "properties": { - "DataProviderIdentifier": { - "markdownDescription": "The identifier of the data provider. Identifiers must begin with a letter and must contain only ASCII letters, digits, and hyphens. They can't end with a hyphen, or contain two consecutive hyphens.", - "title": "DataProviderIdentifier", - "type": "string" + "ClientMetadata": { + "additionalProperties": true, + "markdownDescription": "A map of custom key-value pairs that you can provide as input for any custom workflows that this action triggers.\n\nYou create custom workflows by assigning AWS Lambda functions to user pool triggers. When you use the AdminCreateUser API action, Amazon Cognito invokes the function that is assigned to the *pre sign-up* trigger. When Amazon Cognito invokes this function, it passes a JSON payload, which the function receives as input. This payload contains a `ClientMetadata` attribute, which provides the data that you assigned to the ClientMetadata parameter in your AdminCreateUser request. In your function code in AWS Lambda , you can process the `clientMetadata` value to enhance your workflow for your specific needs.\n\nFor more information, see [Using Lambda triggers](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html) in the *Amazon Cognito Developer Guide* .\n\n> When you use the `ClientMetadata` parameter, note that Amazon Cognito won't do the following:\n> \n> - Store the `ClientMetadata` value. This data is available only to AWS Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool configuration doesn't include triggers, the `ClientMetadata` parameter serves no purpose.\n> - Validate the `ClientMetadata` value.\n> - Encrypt the `ClientMetadata` value. Don't send sensitive information in this parameter.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "ClientMetadata", + "type": "object" }, - "DataProviderName": { - "markdownDescription": "The name of the data provider.", - "title": "DataProviderName", - "type": "string" + "DesiredDeliveryMediums": { + "items": { + "type": "string" + }, + "markdownDescription": "Specify `EMAIL` if email will be used to send the welcome message. Specify `SMS` if the phone number will be used. The default value is `SMS` . You can specify more than one value.", + "title": "DesiredDeliveryMediums", + "type": "array" }, - "Description": { - "markdownDescription": "A description of the data provider. Descriptions can have up to 31 characters. A description can contain only ASCII letters, digits, and hyphens ('-'). Also, it can't end with a hyphen or contain two consecutive hyphens, and can only begin with a letter.", - "title": "Description", - "type": "string" + "ForceAliasCreation": { + "markdownDescription": "This parameter is used only if the `phone_number_verified` or `email_verified` attribute is set to `True` . Otherwise, it is ignored.\n\nIf this parameter is set to `True` and the phone number or email address specified in the `UserAttributes` parameter already exists as an alias with a different user, this request migrates the alias from the previous user to the newly-created user. The previous user will no longer be able to log in using that alias.\n\nIf this parameter is set to `False` , the API throws an `AliasExistsException` error if the alias already exists. The default value is `False` .", + "title": "ForceAliasCreation", + "type": "boolean" }, - "Engine": { - "markdownDescription": "The type of database engine for the data provider. Valid values include `\"aurora\"` , `\"aurora-postgresql\"` , `\"mysql\"` , `\"oracle\"` , `\"postgres\"` , `\"sqlserver\"` , `redshift` , `mariadb` , `mongodb` , `db2` , `db2-zos` and `docdb` . A value of `\"aurora\"` represents Amazon Aurora MySQL-Compatible Edition.", - "title": "Engine", + "MessageAction": { + "markdownDescription": "Set to `RESEND` to resend the invitation message to a user that already exists, and to reset the temporary-password duration with a new temporary password. Set to `SUPPRESS` to suppress sending the message. You can specify only one value.", + "title": "MessageAction", "type": "string" }, - "ExactSettings": { - "markdownDescription": "", - "title": "ExactSettings", - "type": "boolean" + "UserAttributes": { + "items": { + "$ref": "#/definitions/AWS::Cognito::UserPoolUser.AttributeType" + }, + "markdownDescription": "An array of name-value pairs that contain user attributes and attribute values to be set for the user to be created. You can create a user without specifying any attributes other than `Username` . However, any attributes that you specify as required (when creating a user pool or in the *Attributes* tab of the console) either you should supply (in your call to `AdminCreateUser` ) or the user should supply (when they sign up in response to your welcome message).\n\nFor custom attributes, you must prepend the `custom:` prefix to the attribute name.\n\nTo send a message inviting the user to sign up, you must specify the user's email address or phone number. You can do this in your call to AdminCreateUser or in the *Users* tab of the Amazon Cognito console for managing your user pools.\n\nYou must also provide an email address or phone number when you expect the user to do passwordless sign-in with an email or SMS OTP. These attributes must be provided when passwordless options are the only available, or when you don't submit a `TemporaryPassword` .\n\nIn your call to `AdminCreateUser` , you can set the `email_verified` attribute to `True` , and you can set the `phone_number_verified` attribute to `True` .\n\n- *email* : The email address of the user to whom the message that contains the code and username will be sent. Required if the `email_verified` attribute is set to `True` , or if `\"EMAIL\"` is specified in the `DesiredDeliveryMediums` parameter.\n- *phone_number* : The phone number of the user to whom the message that contains the code and username will be sent. Required if the `phone_number_verified` attribute is set to `True` , or if `\"SMS\"` is specified in the `DesiredDeliveryMediums` parameter.", + "title": "UserAttributes", + "type": "array" }, - "Settings": { - "$ref": "#/definitions/AWS::DMS::DataProvider.Settings", - "markdownDescription": "The settings in JSON format for a data provider.", - "title": "Settings" + "UserPoolId": { + "markdownDescription": "The ID of the user pool where you want to create a user.", + "title": "UserPoolId", + "type": "string" }, - "Tags": { + "Username": { + "markdownDescription": "The value that you want to set as the username sign-in attribute. The following conditions apply to the username parameter.\n\n- The username can't be a duplicate of another username in the same user pool.\n- You can't change the value of a username after you create it.\n- You can only provide a value if usernames are a valid sign-in attribute for your user pool. If your user pool only supports phone numbers or email addresses as sign-in attributes, Amazon Cognito automatically generates a username value. For more information, see [Customizing sign-in attributes](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html#user-pool-settings-aliases) .", + "title": "Username", + "type": "string" + }, + "ValidationData": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Cognito::UserPoolUser.AttributeType" }, - "markdownDescription": "", - "title": "Tags", + "markdownDescription": "Temporary user attributes that contribute to the outcomes of your pre sign-up Lambda trigger. This set of key-value pairs are for custom validation of information that you collect from your users but don't need to retain.\n\nYour Lambda function can analyze this additional data and act on it. Your function can automatically confirm and verify select users or perform external API operations like logging user attributes and validation data to Amazon CloudWatch Logs.\n\nFor more information about the pre sign-up Lambda trigger, see [Pre sign-up Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-sign-up.html) .", + "title": "ValidationData", "type": "array" } }, "required": [ - "Engine" + "UserPoolId" ], "type": "object" }, "Type": { "enum": [ - "AWS::DMS::DataProvider" + "AWS::Cognito::UserPoolUser" ], "type": "string" }, @@ -56302,200 +61905,395 @@ ], "type": "object" }, - "AWS::DMS::DataProvider.MicrosoftSqlServerSettings": { + "AWS::Cognito::UserPoolUser.AttributeType": { "additionalProperties": false, "properties": { - "CertificateArn": { - "markdownDescription": "", - "title": "CertificateArn", + "Name": { + "markdownDescription": "The name of the attribute.", + "title": "Name", "type": "string" }, - "DatabaseName": { - "markdownDescription": "Database name for the endpoint.", - "title": "DatabaseName", + "Value": { + "markdownDescription": "The value of the attribute.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Cognito::UserPoolUserToGroupAttachment": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "Port": { - "markdownDescription": "Endpoint TCP port.", - "title": "Port", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ServerName": { - "markdownDescription": "Fully qualified domain name of the endpoint. For an Amazon RDS SQL Server instance, this is the output of [DescribeDBInstances](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html) , in the `[Endpoint](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_Endpoint.html) .Address` field.", - "title": "ServerName", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "GroupName": { + "markdownDescription": "The name of the group that you want to add your user to.", + "title": "GroupName", + "type": "string" + }, + "UserPoolId": { + "markdownDescription": "The ID of the user pool that contains the group that you want to add the user to.", + "title": "UserPoolId", + "type": "string" + }, + "Username": { + "markdownDescription": "The user's username.", + "title": "Username", + "type": "string" + } + }, + "required": [ + "GroupName", + "UserPoolId", + "Username" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Cognito::UserPoolUserToGroupAttachment" + ], "type": "string" }, - "SslMode": { - "markdownDescription": "", - "title": "SslMode", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "DatabaseName", - "Port", - "ServerName", - "SslMode" + "Type", + "Properties" ], "type": "object" }, - "AWS::DMS::DataProvider.MySqlSettings": { + "AWS::Comprehend::DocumentClassifier": { "additionalProperties": false, "properties": { - "CertificateArn": { - "markdownDescription": "", - "title": "CertificateArn", + "Condition": { "type": "string" }, - "Port": { - "markdownDescription": "Endpoint TCP port.", - "title": "Port", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ServerName": { - "markdownDescription": "The host name of the endpoint database.\n\nFor an Amazon RDS MySQL instance, this is the output of [DescribeDBInstances](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html) , in the `[Endpoint](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_Endpoint.html) .Address` field.\n\nFor an Aurora MySQL instance, this is the output of [DescribeDBClusters](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBClusters.html) , in the `Endpoint` field.", - "title": "ServerName", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DataAccessRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that grants Amazon Comprehend read access to your input data.", + "title": "DataAccessRoleArn", + "type": "string" + }, + "DocumentClassifierName": { + "markdownDescription": "The name of the document classifier.", + "title": "DocumentClassifierName", + "type": "string" + }, + "InputDataConfig": { + "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier.DocumentClassifierInputDataConfig", + "markdownDescription": "Specifies the format and location of the input data for the job.", + "title": "InputDataConfig" + }, + "LanguageCode": { + "markdownDescription": "The language of the input documents. You can specify any of the languages supported by Amazon Comprehend. All documents must be in the same language.", + "title": "LanguageCode", + "type": "string" + }, + "Mode": { + "markdownDescription": "Indicates the mode in which the classifier will be trained. The classifier can be trained in multi-class (single-label) mode or multi-label mode. Multi-class mode identifies a single class label for each document and multi-label mode identifies one or more class labels for each document. Multiple labels for an individual document are separated by a delimiter. The default delimiter between labels is a pipe (|).", + "title": "Mode", + "type": "string" + }, + "ModelKmsKeyId": { + "markdownDescription": "ID for the AWS KMS key that Amazon Comprehend uses to encrypt trained custom models. The ModelKmsKeyId can be either of the following formats:\n\n- KMS Key ID: `\"1234abcd-12ab-34cd-56ef-1234567890ab\"`\n- Amazon Resource Name (ARN) of a KMS Key: `\"arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\"`", + "title": "ModelKmsKeyId", + "type": "string" + }, + "ModelPolicy": { + "markdownDescription": "The resource-based policy to attach to your custom document classifier model. You can use this policy to allow another AWS account to import your custom model.\n\nProvide your policy as a JSON body that you enter as a UTF-8 encoded string without line breaks. To provide valid JSON, enclose the attribute names and values in double quotes. If the JSON body is also enclosed in double quotes, then you must escape the double quotes that are inside the policy:\n\n`\"{\\\"attribute\\\": \\\"value\\\", \\\"attribute\\\": [\\\"value\\\"]}\"`\n\nTo avoid escaping quotes, you can use single quotes to enclose the policy and double quotes to enclose the JSON names and values:\n\n`'{\"attribute\": \"value\", \"attribute\": [\"value\"]}'`", + "title": "ModelPolicy", + "type": "string" + }, + "OutputDataConfig": { + "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier.DocumentClassifierOutputDataConfig", + "markdownDescription": "Provides output results configuration parameters for custom classifier jobs.", + "title": "OutputDataConfig" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags to associate with the document classifier. A tag is a key-value pair that adds as a metadata to a resource used by Amazon Comprehend. For example, a tag with \"Sales\" as the key might be added to a resource to indicate its use by the sales department.", + "title": "Tags", + "type": "array" + }, + "VersionName": { + "markdownDescription": "The version name given to the newly created classifier. Version names can have a maximum of 256 characters. Alphanumeric characters, hyphens (-) and underscores (_) are allowed. The version name must be unique among all models with the same classifier name in the AWS account / AWS Region .", + "title": "VersionName", + "type": "string" + }, + "VolumeKmsKeyId": { + "markdownDescription": "ID for the AWS Key Management Service (KMS) key that Amazon Comprehend uses to encrypt data on the storage volume attached to the ML compute instance(s) that process the analysis job. The VolumeKmsKeyId can be either of the following formats:\n\n- KMS Key ID: `\"1234abcd-12ab-34cd-56ef-1234567890ab\"`\n- Amazon Resource Name (ARN) of a KMS Key: `\"arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\"`", + "title": "VolumeKmsKeyId", + "type": "string" + }, + "VpcConfig": { + "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier.VpcConfig", + "markdownDescription": "Configuration parameters for a private Virtual Private Cloud (VPC) containing the resources you are using for your custom classifier. For more information, see [Amazon VPC](https://docs.aws.amazon.com/vpc/latest/userguide/what-is-amazon-vpc.html) .", + "title": "VpcConfig" + } + }, + "required": [ + "DataAccessRoleArn", + "DocumentClassifierName", + "InputDataConfig", + "LanguageCode" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Comprehend::DocumentClassifier" + ], "type": "string" }, - "SslMode": { - "markdownDescription": "", - "title": "SslMode", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Port", - "ServerName", - "SslMode" + "Type", + "Properties" ], "type": "object" }, - "AWS::DMS::DataProvider.OracleSettings": { + "AWS::Comprehend::DocumentClassifier.AugmentedManifestsListItem": { "additionalProperties": false, "properties": { - "AsmServer": { - "markdownDescription": "For an Oracle source endpoint, your ASM server address. You can set this value from the `asm_server` value. You set `asm_server` as part of the extra connection attribute string to access an Oracle server with Binary Reader that uses ASM. For more information, see [Configuration for change data capture (CDC) on an Oracle source database](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.CDC.Configuration) .", - "title": "AsmServer", - "type": "string" + "AttributeNames": { + "items": { + "type": "string" + }, + "markdownDescription": "The JSON attribute that contains the annotations for your training documents. The number of attribute names that you specify depends on whether your augmented manifest file is the output of a single labeling job or a chained labeling job.\n\nIf your file is the output of a single labeling job, specify the LabelAttributeName key that was used when the job was created in Ground Truth.\n\nIf your file is the output of a chained labeling job, specify the LabelAttributeName key for one or more jobs in the chain. Each LabelAttributeName key provides the annotations from an individual job.", + "title": "AttributeNames", + "type": "array" }, - "CertificateArn": { - "markdownDescription": "", - "title": "CertificateArn", + "S3Uri": { + "markdownDescription": "The Amazon S3 location of the augmented manifest file.", + "title": "S3Uri", "type": "string" }, - "DatabaseName": { - "markdownDescription": "Database name for the endpoint.", - "title": "DatabaseName", + "Split": { + "markdownDescription": "The purpose of the data you've provided in the augmented manifest. You can either train or test this data. If you don't specify, the default is train.\n\nTRAIN - all of the documents in the manifest will be used for training. If no test documents are provided, Amazon Comprehend will automatically reserve a portion of the training documents for testing.\n\nTEST - all of the documents in the manifest will be used for testing.", + "title": "Split", + "type": "string" + } + }, + "required": [ + "AttributeNames", + "S3Uri" + ], + "type": "object" + }, + "AWS::Comprehend::DocumentClassifier.DocumentClassifierDocuments": { + "additionalProperties": false, + "properties": { + "S3Uri": { + "markdownDescription": "The S3 URI location of the training documents specified in the S3Uri CSV file.", + "title": "S3Uri", "type": "string" }, - "Port": { - "markdownDescription": "Endpoint TCP port.", - "title": "Port", - "type": "number" - }, - "SecretsManagerOracleAsmAccessRoleArn": { - "markdownDescription": "Required only if your Oracle endpoint uses Automatic Storage Management (ASM). The full ARN of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the `SecretsManagerOracleAsmSecret` . This `SecretsManagerOracleAsmSecret` has the secret value that allows access to the Oracle ASM of the endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerOracleAsmSecretId` . Or you can specify clear-text values for `AsmUser` , `AsmPassword` , and `AsmServerName` . You can't specify both. For more information on creating this `SecretsManagerOracleAsmSecret` and the `SecretsManagerOracleAsmAccessRoleArn` and `SecretsManagerOracleAsmSecretId` required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", - "title": "SecretsManagerOracleAsmAccessRoleArn", + "TestS3Uri": { + "markdownDescription": "The S3 URI location of the test documents included in the TestS3Uri CSV file. This field is not required if you do not specify a test CSV file.", + "title": "TestS3Uri", "type": "string" + } + }, + "required": [ + "S3Uri" + ], + "type": "object" + }, + "AWS::Comprehend::DocumentClassifier.DocumentClassifierInputDataConfig": { + "additionalProperties": false, + "properties": { + "AugmentedManifests": { + "items": { + "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier.AugmentedManifestsListItem" + }, + "markdownDescription": "A list of augmented manifest files that provide training data for your custom model. An augmented manifest file is a labeled dataset that is produced by Amazon SageMaker Ground Truth.\n\nThis parameter is required if you set `DataFormat` to `AUGMENTED_MANIFEST` .", + "title": "AugmentedManifests", + "type": "array" }, - "SecretsManagerOracleAsmSecretId": { - "markdownDescription": "Required only if your Oracle endpoint uses Automatic Storage Management (ASM). The full ARN, partial ARN, or friendly name of the `SecretsManagerOracleAsmSecret` that contains the Oracle ASM connection details for the Oracle endpoint.", - "title": "SecretsManagerOracleAsmSecretId", + "DataFormat": { + "markdownDescription": "The format of your training data:\n\n- `COMPREHEND_CSV` : A two-column CSV file, where labels are provided in the first column, and documents are provided in the second. If you use this value, you must provide the `S3Uri` parameter in your request.\n- `AUGMENTED_MANIFEST` : A labeled dataset that is produced by Amazon SageMaker Ground Truth. This file is in JSON lines format. Each line is a complete JSON object that contains a training document and its associated labels.\n\nIf you use this value, you must provide the `AugmentedManifests` parameter in your request.\n\nIf you don't specify a value, Amazon Comprehend uses `COMPREHEND_CSV` as the default.", + "title": "DataFormat", "type": "string" }, - "SecretsManagerSecurityDbEncryptionAccessRoleArn": { + "DocumentReaderConfig": { + "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier.DocumentReaderConfig", "markdownDescription": "", - "title": "SecretsManagerSecurityDbEncryptionAccessRoleArn", + "title": "DocumentReaderConfig" + }, + "DocumentType": { + "markdownDescription": "The type of input documents for training the model. Provide plain-text documents to create a plain-text model, and provide semi-structured documents to create a native document model.", + "title": "DocumentType", "type": "string" }, - "SecretsManagerSecurityDbEncryptionSecretId": { - "markdownDescription": "", - "title": "SecretsManagerSecurityDbEncryptionSecretId", + "Documents": { + "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier.DocumentClassifierDocuments", + "markdownDescription": "The S3 location of the training documents. This parameter is required in a request to create a native document model.", + "title": "Documents" + }, + "LabelDelimiter": { + "markdownDescription": "Indicates the delimiter used to separate each label for training a multi-label classifier. The default delimiter between labels is a pipe (|). You can use a different character as a delimiter (if it's an allowed character) by specifying it under Delimiter for labels. If the training documents use a delimiter other than the default or the delimiter you specify, the labels on that line will be combined to make a single unique label, such as LABELLABELLABEL.", + "title": "LabelDelimiter", "type": "string" }, - "ServerName": { - "markdownDescription": "Fully qualified domain name of the endpoint.\n\nFor an Amazon RDS Oracle instance, this is the output of [DescribeDBInstances](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html) , in the `[Endpoint](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_Endpoint.html) .Address` field.", - "title": "ServerName", + "S3Uri": { + "markdownDescription": "The Amazon S3 URI for the input data. The S3 bucket must be in the same Region as the API endpoint that you are calling. The URI can point to a single input file or it can provide the prefix for a collection of input files.\n\nFor example, if you use the URI `S3://bucketName/prefix` , if the prefix is a single file, Amazon Comprehend uses that file as input. If more than one file begins with the prefix, Amazon Comprehend uses all of them as input.\n\nThis parameter is required if you set `DataFormat` to `COMPREHEND_CSV` .", + "title": "S3Uri", "type": "string" }, - "SslMode": { - "markdownDescription": "", - "title": "SslMode", + "TestS3Uri": { + "markdownDescription": "This specifies the Amazon S3 location that contains the test annotations for the document classifier. The URI must be in the same AWS Region as the API endpoint that you are calling.", + "title": "TestS3Uri", "type": "string" } }, - "required": [ - "DatabaseName", - "Port", - "ServerName", - "SslMode" - ], "type": "object" }, - "AWS::DMS::DataProvider.PostgreSqlSettings": { + "AWS::Comprehend::DocumentClassifier.DocumentClassifierOutputDataConfig": { "additionalProperties": false, "properties": { - "CertificateArn": { - "markdownDescription": "", - "title": "CertificateArn", + "KmsKeyId": { + "markdownDescription": "ID for the AWS Key Management Service (KMS) key that Amazon Comprehend uses to encrypt the output results from an analysis job. The KmsKeyId can be one of the following formats:\n\n- KMS Key ID: `\"1234abcd-12ab-34cd-56ef-1234567890ab\"`\n- Amazon Resource Name (ARN) of a KMS Key: `\"arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\"`\n- KMS Key Alias: `\"alias/ExampleAlias\"`\n- ARN of a KMS Key Alias: `\"arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias\"`", + "title": "KmsKeyId", "type": "string" }, - "DatabaseName": { - "markdownDescription": "Database name for the endpoint.", - "title": "DatabaseName", + "S3Uri": { + "markdownDescription": "When you use the `OutputDataConfig` object while creating a custom classifier, you specify the Amazon S3 location where you want to write the confusion matrix and other output files. The URI must be in the same Region as the API endpoint that you are calling. The location is used as the prefix for the actual location of this output file.\n\nWhen the custom classifier job is finished, the service creates the output file in a directory specific to the job. The `S3Uri` field contains the location of the output file, called `output.tar.gz` . It is a compressed archive that contains the confusion matrix.", + "title": "S3Uri", "type": "string" - }, - "Port": { - "markdownDescription": "Endpoint TCP port. The default is 5432.", - "title": "Port", - "type": "number" - }, - "ServerName": { - "markdownDescription": "The host name of the endpoint database.\n\nFor an Amazon RDS PostgreSQL instance, this is the output of [DescribeDBInstances](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html) , in the `[Endpoint](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_Endpoint.html) .Address` field.\n\nFor an Aurora PostgreSQL instance, this is the output of [DescribeDBClusters](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBClusters.html) , in the `Endpoint` field.", - "title": "ServerName", + } + }, + "type": "object" + }, + "AWS::Comprehend::DocumentClassifier.DocumentReaderConfig": { + "additionalProperties": false, + "properties": { + "DocumentReadAction": { + "markdownDescription": "This field defines the Amazon Textract API operation that Amazon Comprehend uses to extract text from PDF files and image files. Enter one of the following values:\n\n- `TEXTRACT_DETECT_DOCUMENT_TEXT` - The Amazon Comprehend service uses the `DetectDocumentText` API operation.\n- `TEXTRACT_ANALYZE_DOCUMENT` - The Amazon Comprehend service uses the `AnalyzeDocument` API operation.", + "title": "DocumentReadAction", "type": "string" }, - "SslMode": { - "markdownDescription": "", - "title": "SslMode", + "DocumentReadMode": { + "markdownDescription": "Determines the text extraction actions for PDF files. Enter one of the following values:\n\n- `SERVICE_DEFAULT` - use the Amazon Comprehend service defaults for PDF files.\n- `FORCE_DOCUMENT_READ_ACTION` - Amazon Comprehend uses the Textract API specified by DocumentReadAction for all PDF files, including digital PDF files.", + "title": "DocumentReadMode", "type": "string" + }, + "FeatureTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the type of Amazon Textract features to apply. If you chose `TEXTRACT_ANALYZE_DOCUMENT` as the read action, you must specify one or both of the following values:\n\n- `TABLES` - Returns additional information about any tables that are detected in the input document.\n- `FORMS` - Returns additional information about any forms that are detected in the input document.", + "title": "FeatureTypes", + "type": "array" } }, "required": [ - "DatabaseName", - "Port", - "ServerName", - "SslMode" + "DocumentReadAction" ], "type": "object" }, - "AWS::DMS::DataProvider.Settings": { + "AWS::Comprehend::DocumentClassifier.VpcConfig": { "additionalProperties": false, "properties": { - "MicrosoftSqlServerSettings": { - "$ref": "#/definitions/AWS::DMS::DataProvider.MicrosoftSqlServerSettings", - "markdownDescription": "", - "title": "MicrosoftSqlServerSettings" - }, - "MySqlSettings": { - "$ref": "#/definitions/AWS::DMS::DataProvider.MySqlSettings", - "markdownDescription": "", - "title": "MySqlSettings" - }, - "OracleSettings": { - "$ref": "#/definitions/AWS::DMS::DataProvider.OracleSettings", - "markdownDescription": "", - "title": "OracleSettings" + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The ID number for a security group on an instance of your private VPC. Security groups on your VPC function serve as a virtual firewall to control inbound and outbound traffic and provides security for the resources that you\u2019ll be accessing on the VPC. This ID number is preceded by \"sg-\", for instance: \"sg-03b388029b0a285ea\". For more information, see [Security Groups for your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) .", + "title": "SecurityGroupIds", + "type": "array" }, - "PostgreSqlSettings": { - "$ref": "#/definitions/AWS::DMS::DataProvider.PostgreSqlSettings", - "markdownDescription": "", - "title": "PostgreSqlSettings" + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The ID for each subnet being used in your private VPC. This subnet is a subset of the a range of IPv4 addresses used by the VPC and is specific to a given availability zone in the VPC\u2019s Region. This ID number is preceded by \"subnet-\", for instance: \"subnet-04ccf456919e69055\". For more information, see [VPCs and Subnets](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) .", + "title": "Subnets", + "type": "array" } }, + "required": [ + "SecurityGroupIds", + "Subnets" + ], "type": "object" }, - "AWS::DMS::Endpoint": { + "AWS::Comprehend::Flywheel": { "additionalProperties": false, "properties": { "Condition": { @@ -56530,174 +62328,60 @@ "Properties": { "additionalProperties": false, "properties": { - "CertificateArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the certificate.", - "title": "CertificateArn", - "type": "string" - }, - "DatabaseName": { - "markdownDescription": "The name of the endpoint database. For a MySQL source or target endpoint, don't specify `DatabaseName` . To migrate to a specific database, use this setting and `targetDbType` .", - "title": "DatabaseName", - "type": "string" - }, - "DocDbSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.DocDbSettings", - "markdownDescription": "Settings in JSON format for the source and target DocumentDB endpoint. For more information about other available settings, see [Using extra connections attributes with Amazon DocumentDB as a source](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.DocumentDB.html#CHAP_Source.DocumentDB.ECAs) and [Using Amazon DocumentDB as a target for AWS Database Migration Service](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.DocumentDB.html) in the *AWS Database Migration Service User Guide* .", - "title": "DocDbSettings" - }, - "DynamoDbSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.DynamoDbSettings", - "markdownDescription": "Settings in JSON format for the target Amazon DynamoDB endpoint. For information about other available settings, see [Using object mapping to migrate data to DynamoDB](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.DynamoDB.html#CHAP_Target.DynamoDB.ObjectMapping) in the *AWS Database Migration Service User Guide* .", - "title": "DynamoDbSettings" - }, - "ElasticsearchSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.ElasticsearchSettings", - "markdownDescription": "Settings in JSON format for the target OpenSearch endpoint. For more information about the available settings, see [Extra connection attributes when using OpenSearch as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Elasticsearch.html#CHAP_Target.Elasticsearch.Configuration) in the *AWS Database Migration Service User Guide* .", - "title": "ElasticsearchSettings" - }, - "EndpointIdentifier": { - "markdownDescription": "The database endpoint identifier. Identifiers must begin with a letter and must contain only ASCII letters, digits, and hyphens. They can't end with a hyphen, or contain two consecutive hyphens.", - "title": "EndpointIdentifier", - "type": "string" - }, - "EndpointType": { - "markdownDescription": "The type of endpoint. Valid values are `source` and `target` .", - "title": "EndpointType", - "type": "string" - }, - "EngineName": { - "markdownDescription": "The type of engine for the endpoint, depending on the `EndpointType` value.\n\n*Valid values* : `mysql` | `oracle` | `postgres` | `mariadb` | `aurora` | `aurora-postgresql` | `opensearch` | `redshift` | `redshift-serverless` | `s3` | `db2` | `azuredb` | `sybase` | `dynamodb` | `mongodb` | `kinesis` | `kafka` | `elasticsearch` | `docdb` | `sqlserver` | `neptune`", - "title": "EngineName", - "type": "string" - }, - "ExtraConnectionAttributes": { - "markdownDescription": "Additional attributes associated with the connection. Each attribute is specified as a name-value pair associated by an equal sign (=). Multiple attributes are separated by a semicolon (;) with no additional white space. For information on the attributes available for connecting your source or target endpoint, see [Working with AWS DMS Endpoints](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Endpoints.html) in the *AWS Database Migration Service User Guide* .", - "title": "ExtraConnectionAttributes", - "type": "string" - }, - "GcpMySQLSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.GcpMySQLSettings", - "markdownDescription": "Settings in JSON format for the source GCP MySQL endpoint. These settings are much the same as the settings for any MySQL-compatible endpoint. For more information, see [Extra connection attributes when using MySQL as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.MySQL.html#CHAP_Source.MySQL.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", - "title": "GcpMySQLSettings" - }, - "IbmDb2Settings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.IbmDb2Settings", - "markdownDescription": "Settings in JSON format for the source IBM Db2 LUW endpoint. For information about other available settings, see [Extra connection attributes when using Db2 LUW as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.DB2.html#CHAP_Source.DB2.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", - "title": "IbmDb2Settings" - }, - "KafkaSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.KafkaSettings", - "markdownDescription": "Settings in JSON format for the target Apache Kafka endpoint. For more information about other available settings, see [Using object mapping to migrate data to a Kafka topic](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Kafka.html#CHAP_Target.Kafka.ObjectMapping) in the *AWS Database Migration Service User Guide* .", - "title": "KafkaSettings" - }, - "KinesisSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.KinesisSettings", - "markdownDescription": "Settings in JSON format for the target endpoint for Amazon Kinesis Data Streams. For more information about other available settings, see [Using object mapping to migrate data to a Kinesis data stream](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Kinesis.html#CHAP_Target.Kinesis.ObjectMapping) in the *AWS Database Migration Service User Guide* .", - "title": "KinesisSettings" - }, - "KmsKeyId": { - "markdownDescription": "An AWS KMS key identifier that is used to encrypt the connection parameters for the endpoint.\n\nIf you don't specify a value for the `KmsKeyId` parameter, AWS DMS uses your default encryption key.\n\nAWS KMS creates the default encryption key for your AWS account . Your AWS account has a different default encryption key for each AWS Region .", - "title": "KmsKeyId", + "ActiveModelArn": { + "markdownDescription": "The Amazon Resource Number (ARN) of the active model version.", + "title": "ActiveModelArn", "type": "string" }, - "MicrosoftSqlServerSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.MicrosoftSqlServerSettings", - "markdownDescription": "Settings in JSON format for the source and target Microsoft SQL Server endpoint. For information about other available settings, see [Extra connection attributes when using SQL Server as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.SQLServer.html#CHAP_Source.SQLServer.ConnectionAttrib) and [Extra connection attributes when using SQL Server as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.SQLServer.html#CHAP_Target.SQLServer.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", - "title": "MicrosoftSqlServerSettings" - }, - "MongoDbSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.MongoDbSettings", - "markdownDescription": "Settings in JSON format for the source MongoDB endpoint. For more information about the available settings, see [Using MongoDB as a target for AWS Database Migration Service](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.MongoDB.html#CHAP_Source.MongoDB.Configuration) in the *AWS Database Migration Service User Guide* .", - "title": "MongoDbSettings" - }, - "MySqlSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.MySqlSettings", - "markdownDescription": "Settings in JSON format for the source and target MySQL endpoint. For information about other available settings, see [Extra connection attributes when using MySQL as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.MySQL.html#CHAP_Source.MySQL.ConnectionAttrib) and [Extra connection attributes when using a MySQL-compatible database as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.MySQL.html#CHAP_Target.MySQL.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", - "title": "MySqlSettings" - }, - "NeptuneSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.NeptuneSettings", - "markdownDescription": "Settings in JSON format for the target Amazon Neptune endpoint. For more information about the available settings, see [Specifying endpoint settings for Amazon Neptune as a target](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Neptune.html#CHAP_Target.Neptune.EndpointSettings) in the *AWS Database Migration Service User Guide* .", - "title": "NeptuneSettings" - }, - "OracleSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.OracleSettings", - "markdownDescription": "Settings in JSON format for the source and target Oracle endpoint. For information about other available settings, see [Extra connection attributes when using Oracle as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.ConnectionAttrib) and [Extra connection attributes when using Oracle as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Oracle.html#CHAP_Target.Oracle.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", - "title": "OracleSettings" - }, - "Password": { - "markdownDescription": "The password to be used to log in to the endpoint database.", - "title": "Password", + "DataAccessRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that grants Amazon Comprehend permission to access the flywheel data.", + "title": "DataAccessRoleArn", "type": "string" }, - "Port": { - "markdownDescription": "The port used by the endpoint database.", - "title": "Port", - "type": "number" - }, - "PostgreSqlSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.PostgreSqlSettings", - "markdownDescription": "Settings in JSON format for the source and target PostgreSQL endpoint.\n\nFor information about other available settings, see [Extra connection attributes when using PostgreSQL as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.PostgreSQL.html#CHAP_Source.PostgreSQL.ConnectionAttrib) and [Extra connection attributes when using PostgreSQL as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.PostgreSQL.html#CHAP_Target.PostgreSQL.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", - "title": "PostgreSqlSettings" - }, - "RedisSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.RedisSettings", - "markdownDescription": "Settings in JSON format for the target Redis endpoint. For information about other available settings, see [Specifying endpoint settings for Redis as a target](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Redis.html#CHAP_Target.Redis.EndpointSettings) in the *AWS Database Migration Service User Guide* .", - "title": "RedisSettings" - }, - "RedshiftSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.RedshiftSettings", - "markdownDescription": "Settings in JSON format for the Amazon Redshift endpoint.\n\nFor more information about other available settings, see [Extra connection attributes when using Amazon Redshift as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Redshift.html#CHAP_Target.Redshift.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", - "title": "RedshiftSettings" - }, - "ResourceIdentifier": { - "markdownDescription": "A display name for the resource identifier at the end of the `EndpointArn` response parameter that is returned in the created `Endpoint` object. The value for this parameter can have up to 31 characters. It can contain only ASCII letters, digits, and hyphen ('-'). Also, it can't end with a hyphen or contain two consecutive hyphens, and can only begin with a letter, such as `Example-App-ARN1` .\n\nFor example, this value might result in the `EndpointArn` value `arn:aws:dms:eu-west-1:012345678901:rep:Example-App-ARN1` . If you don't specify a `ResourceIdentifier` value, AWS DMS generates a default identifier value for the end of `EndpointArn` .", - "title": "ResourceIdentifier", + "DataLakeS3Uri": { + "markdownDescription": "Amazon S3 URI of the data lake location.", + "title": "DataLakeS3Uri", "type": "string" }, - "S3Settings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.S3Settings", - "markdownDescription": "Settings in JSON format for the source and target Amazon S3 endpoint. For more information about other available settings, see [Extra connection attributes when using Amazon S3 as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.S3.html#CHAP_Source.S3.Configuring) and [Extra connection attributes when using Amazon S3 as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.Configuring) in the *AWS Database Migration Service User Guide* .", - "title": "S3Settings" + "DataSecurityConfig": { + "$ref": "#/definitions/AWS::Comprehend::Flywheel.DataSecurityConfig", + "markdownDescription": "Data security configuration.", + "title": "DataSecurityConfig" }, - "ServerName": { - "markdownDescription": "The name of the server where the endpoint database resides.", - "title": "ServerName", + "FlywheelName": { + "markdownDescription": "Name for the flywheel.", + "title": "FlywheelName", "type": "string" }, - "SslMode": { - "markdownDescription": "The Secure Sockets Layer (SSL) mode to use for the SSL connection. The default is `none` .\n\n> When `engine_name` is set to S3, the only allowed value is `none` .", - "title": "SslMode", + "ModelType": { + "markdownDescription": "Model type of the flywheel's model.", + "title": "ModelType", "type": "string" }, - "SybaseSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.SybaseSettings", - "markdownDescription": "Settings in JSON format for the source and target SAP ASE endpoint. For information about other available settings, see [Extra connection attributes when using SAP ASE as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.SAP.html#CHAP_Source.SAP.ConnectionAttrib) and [Extra connection attributes when using SAP ASE as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.SAP.html#CHAP_Target.SAP.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", - "title": "SybaseSettings" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "One or more tags to be assigned to the endpoint.", + "markdownDescription": "Tags associated with the endpoint being created. A tag is a key-value pair that adds metadata to the endpoint. For example, a tag with \"Sales\" as the key might be added to an endpoint to indicate its use by the sales department.", "title": "Tags", "type": "array" }, - "Username": { - "markdownDescription": "The user name to be used to log in to the endpoint database.", - "title": "Username", - "type": "string" + "TaskConfig": { + "$ref": "#/definitions/AWS::Comprehend::Flywheel.TaskConfig", + "markdownDescription": "Configuration about the model associated with a flywheel.", + "title": "TaskConfig" } }, "required": [ - "EndpointType", - "EngineName" + "DataAccessRoleArn", + "DataLakeS3Uri", + "FlywheelName" ], "type": "object" }, "Type": { "enum": [ - "AWS::DMS::Endpoint" + "AWS::Comprehend::Flywheel" ], "type": "string" }, @@ -56716,1277 +62400,1302 @@ ], "type": "object" }, - "AWS::DMS::Endpoint.DocDbSettings": { + "AWS::Comprehend::Flywheel.DataSecurityConfig": { "additionalProperties": false, "properties": { - "DocsToInvestigate": { - "markdownDescription": "Indicates the number of documents to preview to determine the document organization. Use this setting when `NestingLevel` is set to `\"one\"` .\n\nMust be a positive value greater than `0` . Default value is `1000` .", - "title": "DocsToInvestigate", - "type": "number" - }, - "ExtractDocId": { - "markdownDescription": "Specifies the document ID. Use this setting when `NestingLevel` is set to `\"none\"` .\n\nDefault value is `\"false\"` .", - "title": "ExtractDocId", - "type": "boolean" - }, - "NestingLevel": { - "markdownDescription": "Specifies either document or table mode.\n\nDefault value is `\"none\"` . Specify `\"none\"` to use document mode. Specify `\"one\"` to use table mode.", - "title": "NestingLevel", + "DataLakeKmsKeyId": { + "markdownDescription": "ID for the AWS KMS key that Amazon Comprehend uses to encrypt the data in the data lake.", + "title": "DataLakeKmsKeyId", "type": "string" }, - "SecretsManagerAccessRoleArn": { - "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the DocumentDB endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", - "title": "SecretsManagerAccessRoleArn", + "ModelKmsKeyId": { + "markdownDescription": "ID for the AWS KMS key that Amazon Comprehend uses to encrypt trained custom models. The ModelKmsKeyId can be either of the following formats:\n\n- KMS Key ID: `\"1234abcd-12ab-34cd-56ef-1234567890ab\"`\n- Amazon Resource Name (ARN) of a KMS Key: `\"arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\"`", + "title": "ModelKmsKeyId", "type": "string" }, - "SecretsManagerSecretId": { - "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the DocumentDB endpoint connection details.", - "title": "SecretsManagerSecretId", + "VolumeKmsKeyId": { + "markdownDescription": "ID for the AWS KMS key that Amazon Comprehend uses to encrypt the volume.", + "title": "VolumeKmsKeyId", "type": "string" + }, + "VpcConfig": { + "$ref": "#/definitions/AWS::Comprehend::Flywheel.VpcConfig", + "markdownDescription": "Configuration parameters for an optional private Virtual Private Cloud (VPC) containing the resources you are using for the job. For more information, see [Amazon VPC](https://docs.aws.amazon.com/vpc/latest/userguide/what-is-amazon-vpc.html) .", + "title": "VpcConfig" } }, "type": "object" }, - "AWS::DMS::Endpoint.DynamoDbSettings": { + "AWS::Comprehend::Flywheel.DocumentClassificationConfig": { "additionalProperties": false, "properties": { - "ServiceAccessRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) used by the service to access the IAM role. The role must allow the `iam:PassRole` action.", - "title": "ServiceAccessRoleArn", + "Labels": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more labels to associate with the custom classifier.", + "title": "Labels", + "type": "array" + }, + "Mode": { + "markdownDescription": "Classification mode indicates whether the documents are `MULTI_CLASS` or `MULTI_LABEL` .", + "title": "Mode", "type": "string" } }, + "required": [ + "Mode" + ], "type": "object" }, - "AWS::DMS::Endpoint.ElasticsearchSettings": { + "AWS::Comprehend::Flywheel.EntityRecognitionConfig": { "additionalProperties": false, "properties": { - "EndpointUri": { - "markdownDescription": "The endpoint for the OpenSearch cluster. AWS DMS uses HTTPS if a transport protocol (either HTTP or HTTPS) isn't specified.", - "title": "EndpointUri", - "type": "string" - }, - "ErrorRetryDuration": { - "markdownDescription": "The maximum number of seconds for which DMS retries failed API requests to the OpenSearch cluster.", - "title": "ErrorRetryDuration", - "type": "number" - }, - "FullLoadErrorPercentage": { - "markdownDescription": "The maximum percentage of records that can fail to be written before a full load operation stops.\n\nTo avoid early failure, this counter is only effective after 1,000 records are transferred. OpenSearch also has the concept of error monitoring during the last 10 minutes of an Observation Window. If transfer of all records fail in the last 10 minutes, the full load operation stops.", - "title": "FullLoadErrorPercentage", - "type": "number" - }, - "ServiceAccessRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) used by the service to access the IAM role. The role must allow the `iam:PassRole` action.", - "title": "ServiceAccessRoleArn", - "type": "string" + "EntityTypes": { + "items": { + "$ref": "#/definitions/AWS::Comprehend::Flywheel.EntityTypesListItem" + }, + "markdownDescription": "Up to 25 entity types that the model is trained to recognize.", + "title": "EntityTypes", + "type": "array" } }, "type": "object" }, - "AWS::DMS::Endpoint.GcpMySQLSettings": { + "AWS::Comprehend::Flywheel.EntityTypesListItem": { "additionalProperties": false, "properties": { - "AfterConnectScript": { - "markdownDescription": "Specifies a script to run immediately after AWS DMS connects to the endpoint. The migration task continues running regardless if the SQL statement succeeds or fails.\n\nFor this parameter, provide the code of the script itself, not the name of a file containing the script.", - "title": "AfterConnectScript", - "type": "string" - }, - "CleanSourceMetadataOnMismatch": { - "markdownDescription": "Adjusts the behavior of AWS DMS when migrating from an SQL Server source database that is hosted as part of an Always On availability group cluster. If you need AWS DMS to poll all the nodes in the Always On cluster for transaction backups, set this attribute to `false` .", - "title": "CleanSourceMetadataOnMismatch", - "type": "boolean" - }, - "DatabaseName": { - "markdownDescription": "Database name for the endpoint. For a MySQL source or target endpoint, don't explicitly specify the database using the `DatabaseName` request parameter on either the `CreateEndpoint` or `ModifyEndpoint` API call. Specifying `DatabaseName` when you create or modify a MySQL endpoint replicates all the task tables to this single database. For MySQL endpoints, you specify the database only when you specify the schema in the table-mapping rules of the AWS DMS task.", - "title": "DatabaseName", - "type": "string" - }, - "EventsPollInterval": { - "markdownDescription": "Specifies how often to check the binary log for new changes/events when the database is idle. The default is five seconds.\n\nExample: `eventsPollInterval=5;`\n\nIn the example, AWS DMS checks for changes in the binary logs every five seconds.", - "title": "EventsPollInterval", - "type": "number" - }, - "MaxFileSize": { - "markdownDescription": "Specifies the maximum size (in KB) of any .csv file used to transfer data to a MySQL-compatible database.\n\nExample: `maxFileSize=512`", - "title": "MaxFileSize", - "type": "number" - }, - "ParallelLoadThreads": { - "markdownDescription": "Improves performance when loading data into the MySQL-compatible target database. Specifies how many threads to use to load the data into the MySQL-compatible target database. Setting a large number of threads can have an adverse effect on database performance, because a separate connection is required for each thread. The default is one.\n\nExample: `parallelLoadThreads=1`", - "title": "ParallelLoadThreads", - "type": "number" - }, - "Password": { - "markdownDescription": "Endpoint connection password.", - "title": "Password", - "type": "string" - }, - "Port": { - "markdownDescription": "The port used by the endpoint database.", - "title": "Port", - "type": "number" - }, - "SecretsManagerAccessRoleArn": { - "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret.` The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the MySQL endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", - "title": "SecretsManagerAccessRoleArn", - "type": "string" - }, - "SecretsManagerSecretId": { - "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the MySQL endpoint connection details.", - "title": "SecretsManagerSecretId", + "Type": { + "markdownDescription": "An entity type within a labeled training dataset that Amazon Comprehend uses to train a custom entity recognizer.\n\nEntity types must not contain the following invalid characters: \\n (line break), \\\\n (escaped line break, \\r (carriage return), \\\\r (escaped carriage return), \\t (tab), \\\\t (escaped tab), and , (comma).", + "title": "Type", "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Comprehend::Flywheel.TaskConfig": { + "additionalProperties": false, + "properties": { + "DocumentClassificationConfig": { + "$ref": "#/definitions/AWS::Comprehend::Flywheel.DocumentClassificationConfig", + "markdownDescription": "Configuration required for a document classification model.", + "title": "DocumentClassificationConfig" }, - "ServerName": { - "markdownDescription": "The MySQL host name.", - "title": "ServerName", - "type": "string" + "EntityRecognitionConfig": { + "$ref": "#/definitions/AWS::Comprehend::Flywheel.EntityRecognitionConfig", + "markdownDescription": "Configuration required for an entity recognition model.", + "title": "EntityRecognitionConfig" }, - "ServerTimezone": { - "markdownDescription": "Specifies the time zone for the source MySQL database. Don't enclose time zones in single quotation marks.\n\nExample: `serverTimezone=US/Pacific;`", - "title": "ServerTimezone", + "LanguageCode": { + "markdownDescription": "Language code for the language that the model supports.", + "title": "LanguageCode", "type": "string" + } + }, + "required": [ + "LanguageCode" + ], + "type": "object" + }, + "AWS::Comprehend::Flywheel.VpcConfig": { + "additionalProperties": false, + "properties": { + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The ID number for a security group on an instance of your private VPC. Security groups on your VPC function serve as a virtual firewall to control inbound and outbound traffic and provides security for the resources that you\u2019ll be accessing on the VPC. This ID number is preceded by \"sg-\", for instance: \"sg-03b388029b0a285ea\". For more information, see [Security Groups for your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) .", + "title": "SecurityGroupIds", + "type": "array" }, - "Username": { - "markdownDescription": "Endpoint connection user name.", - "title": "Username", - "type": "string" + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The ID for each subnet being used in your private VPC. This subnet is a subset of the a range of IPv4 addresses used by the VPC and is specific to a given availability zone in the VPC\u2019s Region. This ID number is preceded by \"subnet-\", for instance: \"subnet-04ccf456919e69055\". For more information, see [VPCs and Subnets](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) .", + "title": "Subnets", + "type": "array" } }, + "required": [ + "SecurityGroupIds", + "Subnets" + ], "type": "object" }, - "AWS::DMS::Endpoint.IbmDb2Settings": { + "AWS::Config::AggregationAuthorization": { "additionalProperties": false, "properties": { - "CurrentLsn": { - "markdownDescription": "For ongoing replication (CDC), use CurrentLSN to specify a log sequence number (LSN) where you want the replication to start.", - "title": "CurrentLsn", + "Condition": { "type": "string" }, - "KeepCsvFiles": { - "markdownDescription": "If true, AWS DMS saves any .csv files to the Db2 LUW target that were used to replicate data. DMS uses these files for analysis and troubleshooting.\n\nThe default value is false.", - "title": "KeepCsvFiles", - "type": "boolean" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "LoadTimeout": { - "markdownDescription": "The amount of time (in milliseconds) before AWS DMS times out operations performed by DMS on the Db2 target. The default value is 1200 (20 minutes).", - "title": "LoadTimeout", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "MaxFileSize": { - "markdownDescription": "Specifies the maximum size (in KB) of .csv files used to transfer data to Db2 LUW.", - "title": "MaxFileSize", - "type": "number" + "Metadata": { + "type": "object" }, - "MaxKBytesPerRead": { - "markdownDescription": "Maximum number of bytes per read, as a NUMBER value. The default is 64 KB.", - "title": "MaxKBytesPerRead", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "AuthorizedAccountId": { + "markdownDescription": "The 12-digit account ID of the account authorized to aggregate data.", + "title": "AuthorizedAccountId", + "type": "string" + }, + "AuthorizedAwsRegion": { + "markdownDescription": "The region authorized to collect aggregated data.", + "title": "AuthorizedAwsRegion", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of tag object.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "AuthorizedAccountId", + "AuthorizedAwsRegion" + ], + "type": "object" }, - "SecretsManagerAccessRoleArn": { - "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value ofthe AWS Secrets Manager secret that allows access to the Db2 LUW endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", - "title": "SecretsManagerAccessRoleArn", + "Type": { + "enum": [ + "AWS::Config::AggregationAuthorization" + ], "type": "string" }, - "SecretsManagerSecretId": { - "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the IBMDB2 endpoint connection details.", - "title": "SecretsManagerSecretId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "SetDataCaptureChanges": { - "markdownDescription": "Enables ongoing replication (CDC) as a BOOLEAN value. The default is true.", - "title": "SetDataCaptureChanges", - "type": "boolean" - }, - "WriteBufferSize": { - "markdownDescription": "The size (in KB) of the in-memory file write buffer used when generating .csv files on the local disk on the DMS replication instance. The default value is 1024 (1 MB).", - "title": "WriteBufferSize", - "type": "number" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::DMS::Endpoint.KafkaSettings": { + "AWS::Config::ConfigRule": { "additionalProperties": false, "properties": { - "Broker": { - "markdownDescription": "A comma-separated list of one or more broker locations in your Kafka cluster that host your Kafka instance. Specify each broker location in the form `*broker-hostname-or-ip* : *port*` . For example, `\"ec2-12-345-678-901.compute-1.amazonaws.com:2345\"` . For more information and examples of specifying a list of broker locations, see [Using Apache Kafka as a target for AWS Database Migration Service](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Kafka.html) in the *AWS Database Migration Service User Guide* .", - "title": "Broker", + "Condition": { "type": "string" }, - "IncludeControlDetails": { - "markdownDescription": "Shows detailed control information for table definition, column definition, and table and column changes in the Kafka message output. The default is `false` .", - "title": "IncludeControlDetails", - "type": "boolean" - }, - "IncludeNullAndEmpty": { - "markdownDescription": "Include NULL and empty columns for records migrated to the endpoint. The default is `false` .", - "title": "IncludeNullAndEmpty", - "type": "boolean" - }, - "IncludePartitionValue": { - "markdownDescription": "Shows the partition value within the Kafka message output unless the partition type is `schema-table-type` . The default is `false` .", - "title": "IncludePartitionValue", - "type": "boolean" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "IncludeTableAlterOperations": { - "markdownDescription": "Includes any data definition language (DDL) operations that change the table in the control data, such as `rename-table` , `drop-table` , `add-column` , `drop-column` , and `rename-column` . The default is `false` .", - "title": "IncludeTableAlterOperations", - "type": "boolean" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "IncludeTransactionDetails": { - "markdownDescription": "Provides detailed transaction information from the source database. This information includes a commit timestamp, a log position, and values for `transaction_id` , previous `transaction_id` , and `transaction_record_id` (the record offset within a transaction). The default is `false` .", - "title": "IncludeTransactionDetails", - "type": "boolean" + "Metadata": { + "type": "object" }, - "MessageFormat": { - "markdownDescription": "The output format for the records created on the endpoint. The message format is `JSON` (default) or `JSON_UNFORMATTED` (a single line with no tab).", - "title": "MessageFormat", - "type": "string" - }, - "MessageMaxBytes": { - "markdownDescription": "The maximum size in bytes for records created on the endpoint The default is 1,000,000.", - "title": "MessageMaxBytes", - "type": "number" - }, - "NoHexPrefix": { - "markdownDescription": "Set this optional parameter to `true` to avoid adding a '0x' prefix to raw data in hexadecimal format. For example, by default, AWS DMS adds a '0x' prefix to the LOB column type in hexadecimal format moving from an Oracle source to a Kafka target. Use the `NoHexPrefix` endpoint setting to enable migration of RAW data type columns without adding the '0x' prefix.", - "title": "NoHexPrefix", - "type": "boolean" - }, - "PartitionIncludeSchemaTable": { - "markdownDescription": "Prefixes schema and table names to partition values, when the partition type is `primary-key-type` . Doing this increases data distribution among Kafka partitions. For example, suppose that a SysBench schema has thousands of tables and each table has only limited range for a primary key. In this case, the same primary key is sent from thousands of tables to the same partition, which causes throttling. The default is `false` .", - "title": "PartitionIncludeSchemaTable", - "type": "boolean" - }, - "SaslPassword": { - "markdownDescription": "The secure password that you created when you first set up your Amazon MSK cluster to validate a client identity and make an encrypted connection between server and client using SASL-SSL authentication.", - "title": "SaslPassword", - "type": "string" - }, - "SaslUserName": { - "markdownDescription": "The secure user name you created when you first set up your Amazon MSK cluster to validate a client identity and make an encrypted connection between server and client using SASL-SSL authentication.", - "title": "SaslUserName", - "type": "string" - }, - "SecurityProtocol": { - "markdownDescription": "Set secure connection to a Kafka target endpoint using Transport Layer Security (TLS). Options include `ssl-encryption` , `ssl-authentication` , and `sasl-ssl` . `sasl-ssl` requires `SaslUsername` and `SaslPassword` .", - "title": "SecurityProtocol", - "type": "string" - }, - "SslCaCertificateArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the private certificate authority (CA) cert that AWS DMS uses to securely connect to your Kafka target endpoint.", - "title": "SslCaCertificateArn", - "type": "string" - }, - "SslClientCertificateArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the client certificate used to securely connect to a Kafka target endpoint.", - "title": "SslClientCertificateArn", - "type": "string" - }, - "SslClientKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the client private key used to securely connect to a Kafka target endpoint.", - "title": "SslClientKeyArn", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Compliance": { + "$ref": "#/definitions/AWS::Config::ConfigRule.Compliance", + "markdownDescription": "Indicates whether an AWS resource or AWS Config rule is compliant and provides the number of contributors that affect the compliance.", + "title": "Compliance" + }, + "ConfigRuleName": { + "markdownDescription": "A name for the AWS Config rule. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the rule name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .", + "title": "ConfigRuleName", + "type": "string" + }, + "Description": { + "markdownDescription": "The description that you provide for the AWS Config rule.", + "title": "Description", + "type": "string" + }, + "EvaluationModes": { + "items": { + "$ref": "#/definitions/AWS::Config::ConfigRule.EvaluationModeConfiguration" + }, + "markdownDescription": "The modes the AWS Config rule can be evaluated in. The valid values are distinct objects. By default, the value is Detective evaluation mode only.", + "title": "EvaluationModes", + "type": "array" + }, + "InputParameters": { + "markdownDescription": "A string, in JSON format, that is passed to the AWS Config rule Lambda function.", + "title": "InputParameters", + "type": "object" + }, + "MaximumExecutionFrequency": { + "markdownDescription": "The maximum frequency with which AWS Config runs evaluations for a rule. You can specify a value for `MaximumExecutionFrequency` when:\n\n- You are using an AWS managed rule that is triggered at a periodic frequency.\n- Your custom rule is triggered when AWS Config delivers the configuration snapshot. For more information, see [ConfigSnapshotDeliveryProperties](https://docs.aws.amazon.com/config/latest/APIReference/API_ConfigSnapshotDeliveryProperties.html) .\n\n> By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the `MaximumExecutionFrequency` parameter.", + "title": "MaximumExecutionFrequency", + "type": "string" + }, + "Scope": { + "$ref": "#/definitions/AWS::Config::ConfigRule.Scope", + "markdownDescription": "Defines which resources can trigger an evaluation for the rule. The scope can include one or more resource types, a combination of one resource type and one resource ID, or a combination of a tag key and value. Specify a scope to constrain the resources that can trigger an evaluation for the rule. If you do not specify a scope, evaluations are triggered when any resource in the recording group changes.", + "title": "Scope" + }, + "Source": { + "$ref": "#/definitions/AWS::Config::ConfigRule.Source", + "markdownDescription": "Provides the rule owner ( `AWS` for managed rules, `CUSTOM_POLICY` for Custom Policy rules, and `CUSTOM_LAMBDA` for Custom Lambda rules), the rule identifier, and the notifications that cause the function to evaluate your AWS resources.", + "title": "Source" + } + }, + "required": [ + "Source" + ], + "type": "object" }, - "SslClientKeyPassword": { - "markdownDescription": "The password for the client private key used to securely connect to a Kafka target endpoint.", - "title": "SslClientKeyPassword", + "Type": { + "enum": [ + "AWS::Config::ConfigRule" + ], "type": "string" }, - "Topic": { - "markdownDescription": "The topic to which you migrate the data. If you don't specify a topic, AWS DMS specifies `\"kafka-default-topic\"` as the migration topic.", - "title": "Topic", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::DMS::Endpoint.KinesisSettings": { + "AWS::Config::ConfigRule.Compliance": { "additionalProperties": false, "properties": { - "IncludeControlDetails": { - "markdownDescription": "Shows detailed control information for table definition, column definition, and table and column changes in the Kinesis message output. The default is `false` .", - "title": "IncludeControlDetails", - "type": "boolean" - }, - "IncludeNullAndEmpty": { - "markdownDescription": "Include NULL and empty columns for records migrated to the endpoint. The default is `false` .", - "title": "IncludeNullAndEmpty", - "type": "boolean" - }, - "IncludePartitionValue": { - "markdownDescription": "Shows the partition value within the Kinesis message output, unless the partition type is `schema-table-type` . The default is `false` .", - "title": "IncludePartitionValue", - "type": "boolean" - }, - "IncludeTableAlterOperations": { - "markdownDescription": "Includes any data definition language (DDL) operations that change the table in the control data, such as `rename-table` , `drop-table` , `add-column` , `drop-column` , and `rename-column` . The default is `false` .", - "title": "IncludeTableAlterOperations", - "type": "boolean" - }, - "IncludeTransactionDetails": { - "markdownDescription": "Provides detailed transaction information from the source database. This information includes a commit timestamp, a log position, and values for `transaction_id` , previous `transaction_id` , and `transaction_record_id` (the record offset within a transaction). The default is `false` .", - "title": "IncludeTransactionDetails", - "type": "boolean" - }, - "MessageFormat": { - "markdownDescription": "The output format for the records created on the endpoint. The message format is `JSON` (default) or `JSON_UNFORMATTED` (a single line with no tab).", - "title": "MessageFormat", - "type": "string" - }, - "NoHexPrefix": { - "markdownDescription": "Set this optional parameter to `true` to avoid adding a '0x' prefix to raw data in hexadecimal format. For example, by default, AWS DMS adds a '0x' prefix to the LOB column type in hexadecimal format moving from an Oracle source to an Amazon Kinesis target. Use the `NoHexPrefix` endpoint setting to enable migration of RAW data type columns without adding the '0x' prefix.", - "title": "NoHexPrefix", - "type": "boolean" - }, - "PartitionIncludeSchemaTable": { - "markdownDescription": "Prefixes schema and table names to partition values, when the partition type is `primary-key-type` . Doing this increases data distribution among Kinesis shards. For example, suppose that a SysBench schema has thousands of tables and each table has only limited range for a primary key. In this case, the same primary key is sent from thousands of tables to the same shard, which causes throttling. The default is `false` .", - "title": "PartitionIncludeSchemaTable", - "type": "boolean" - }, - "ServiceAccessRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the IAM role that AWS DMS uses to write to the Kinesis data stream. The role must allow the `iam:PassRole` action.", - "title": "ServiceAccessRoleArn", - "type": "string" - }, - "StreamArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the Amazon Kinesis Data Streams endpoint.", - "title": "StreamArn", + "Type": { + "markdownDescription": "Indicates whether an AWS resource or AWS Config rule is compliant.\n\nA resource is compliant if it complies with all of the AWS Config rules that evaluate it. A resource is noncompliant if it does not comply with one or more of these rules.\n\nA rule is compliant if all of the resources that the rule evaluates comply with it. A rule is noncompliant if any of these resources do not comply.\n\nAWS Config returns the `INSUFFICIENT_DATA` value when no evaluation results are available for the AWS resource or AWS Config rule.\n\nFor the `Compliance` data type, AWS Config supports only `COMPLIANT` , `NON_COMPLIANT` , and `INSUFFICIENT_DATA` values. AWS Config does not support the `NOT_APPLICABLE` value for the `Compliance` data type.", + "title": "Type", "type": "string" } }, "type": "object" }, - "AWS::DMS::Endpoint.MicrosoftSqlServerSettings": { + "AWS::Config::ConfigRule.CustomPolicyDetails": { "additionalProperties": false, "properties": { - "BcpPacketSize": { - "markdownDescription": "The maximum size of the packets (in bytes) used to transfer data using BCP.", - "title": "BcpPacketSize", - "type": "number" - }, - "ControlTablesFileGroup": { - "markdownDescription": "Specifies a file group for the AWS DMS internal tables. When the replication task starts, all the internal AWS DMS control tables (awsdms_ apply_exception, awsdms_apply, awsdms_changes) are created for the specified file group.", - "title": "ControlTablesFileGroup", - "type": "string" - }, - "DatabaseName": { - "markdownDescription": "Database name for the endpoint.", - "title": "DatabaseName", - "type": "string" - }, - "ForceLobLookup": { - "markdownDescription": "Forces LOB lookup on inline LOB.", - "title": "ForceLobLookup", - "type": "boolean" - }, - "Password": { - "markdownDescription": "Endpoint connection password.", - "title": "Password", - "type": "string" - }, - "Port": { - "markdownDescription": "Endpoint TCP port.", - "title": "Port", - "type": "number" - }, - "QuerySingleAlwaysOnNode": { - "markdownDescription": "Cleans and recreates table metadata information on the replication instance when a mismatch occurs. An example is a situation where running an alter DDL statement on a table might result in different information about the table cached in the replication instance.", - "title": "QuerySingleAlwaysOnNode", - "type": "boolean" - }, - "ReadBackupOnly": { - "markdownDescription": "When this attribute is set to `Y` , AWS DMS only reads changes from transaction log backups and doesn't read from the active transaction log file during ongoing replication. Setting this parameter to `Y` enables you to control active transaction log file growth during full load and ongoing replication tasks. However, it can add some source latency to ongoing replication.", - "title": "ReadBackupOnly", + "EnableDebugLogDelivery": { + "markdownDescription": "The boolean expression for enabling debug logging for your AWS Config Custom Policy rule. The default value is `false` .", + "title": "EnableDebugLogDelivery", "type": "boolean" }, - "SafeguardPolicy": { - "markdownDescription": "Use this attribute to minimize the need to access the backup log and enable AWS DMS to prevent truncation using one of the following two methods.\n\n*Start transactions in the database:* This is the default method. When this method is used, AWS DMS prevents TLOG truncation by mimicking a transaction in the database. As long as such a transaction is open, changes that appear after the transaction started aren't truncated. If you need Microsoft Replication to be enabled in your database, then you must choose this method.\n\n*Exclusively use sp_repldone within a single task* : When this method is used, AWS DMS reads the changes and then uses sp_repldone to mark the TLOG transactions as ready for truncation. Although this method doesn't involve any transactional activities, it can only be used when Microsoft Replication isn't running. Also, when using this method, only one AWS DMS task can access the database at any given time. Therefore, if you need to run parallel AWS DMS tasks against the same database, use the default method.", - "title": "SafeguardPolicy", - "type": "string" - }, - "SecretsManagerAccessRoleArn": { - "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the SQL Server endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", - "title": "SecretsManagerAccessRoleArn", - "type": "string" - }, - "SecretsManagerSecretId": { - "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the MicrosoftSQLServer endpoint connection details.", - "title": "SecretsManagerSecretId", - "type": "string" - }, - "ServerName": { - "markdownDescription": "Fully qualified domain name of the endpoint. For an Amazon RDS SQL Server instance, this is the output of [DescribeDBInstances](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html) , in the `[Endpoint](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_Endpoint.html) .Address` field.", - "title": "ServerName", - "type": "string" - }, - "TlogAccessMode": { - "markdownDescription": "Indicates the mode used to fetch CDC data.", - "title": "TlogAccessMode", + "PolicyRuntime": { + "markdownDescription": "The runtime system for your AWS Config Custom Policy rule. Guard is a policy-as-code language that allows you to write policies that are enforced by AWS Config Custom Policy rules. For more information about Guard, see the [Guard GitHub Repository](https://docs.aws.amazon.com/https://github.com/aws-cloudformation/cloudformation-guard) .", + "title": "PolicyRuntime", "type": "string" }, - "TrimSpaceInChar": { - "markdownDescription": "Use the `TrimSpaceInChar` source endpoint setting to right-trim data on CHAR and NCHAR data types during migration. Setting `TrimSpaceInChar` does not left-trim data. The default value is `true` .", - "title": "TrimSpaceInChar", - "type": "boolean" - }, - "UseBcpFullLoad": { - "markdownDescription": "Use this to attribute to transfer data for full-load operations using BCP. When the target table contains an identity column that does not exist in the source table, you must disable the use BCP for loading table option.", - "title": "UseBcpFullLoad", - "type": "boolean" - }, - "UseThirdPartyBackupDevice": { - "markdownDescription": "When this attribute is set to `Y` , DMS processes third-party transaction log backups if they are created in native format.", - "title": "UseThirdPartyBackupDevice", - "type": "boolean" - }, - "Username": { - "markdownDescription": "Endpoint connection user name.", - "title": "Username", + "PolicyText": { + "markdownDescription": "The policy definition containing the logic for your AWS Config Custom Policy rule.", + "title": "PolicyText", "type": "string" } }, "type": "object" }, - "AWS::DMS::Endpoint.MongoDbSettings": { + "AWS::Config::ConfigRule.EvaluationModeConfiguration": { "additionalProperties": false, "properties": { - "AuthMechanism": { - "markdownDescription": "The authentication mechanism you use to access the MongoDB source endpoint.\n\nFor the default value, in MongoDB version 2.x, `\"default\"` is `\"mongodb_cr\"` . For MongoDB version 3.x or later, `\"default\"` is `\"scram_sha_1\"` . This setting isn't used when `AuthType` is set to `\"no\"` .", - "title": "AuthMechanism", - "type": "string" - }, - "AuthSource": { - "markdownDescription": "The MongoDB database name. This setting isn't used when `AuthType` is set to `\"no\"` .\n\nThe default is `\"admin\"` .", - "title": "AuthSource", - "type": "string" - }, - "AuthType": { - "markdownDescription": "The authentication type you use to access the MongoDB source endpoint.\n\nWhen set to `\"no\"` , user name and password parameters are not used and can be empty.", - "title": "AuthType", + "Mode": { + "markdownDescription": "The mode of an evaluation. The valid values are Detective or Proactive.", + "title": "Mode", "type": "string" - }, - "DatabaseName": { - "markdownDescription": "The database name on the MongoDB source endpoint.", - "title": "DatabaseName", + } + }, + "type": "object" + }, + "AWS::Config::ConfigRule.Scope": { + "additionalProperties": false, + "properties": { + "ComplianceResourceId": { + "markdownDescription": "The ID of the only AWS resource that you want to trigger an evaluation for the rule. If you specify a resource ID, you must specify one resource type for `ComplianceResourceTypes` .", + "title": "ComplianceResourceId", "type": "string" }, - "DocsToInvestigate": { - "markdownDescription": "Indicates the number of documents to preview to determine the document organization. Use this setting when `NestingLevel` is set to `\"one\"` .\n\nMust be a positive value greater than `0` . Default value is `1000` .", - "title": "DocsToInvestigate", - "type": "string" + "ComplianceResourceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The resource types of only those AWS resources that you want to trigger an evaluation for the rule. You can only specify one type if you also specify a resource ID for `ComplianceResourceId` .", + "title": "ComplianceResourceTypes", + "type": "array" }, - "ExtractDocId": { - "markdownDescription": "Specifies the document ID. Use this setting when `NestingLevel` is set to `\"none\"` .\n\nDefault value is `\"false\"` .", - "title": "ExtractDocId", + "TagKey": { + "markdownDescription": "The tag key that is applied to only those AWS resources that you want to trigger an evaluation for the rule.", + "title": "TagKey", "type": "string" }, - "NestingLevel": { - "markdownDescription": "Specifies either document or table mode.\n\nDefault value is `\"none\"` . Specify `\"none\"` to use document mode. Specify `\"one\"` to use table mode.", - "title": "NestingLevel", + "TagValue": { + "markdownDescription": "The tag value applied to only those AWS resources that you want to trigger an evaluation for the rule. If you specify a value for `TagValue` , you must also specify a value for `TagKey` .", + "title": "TagValue", "type": "string" + } + }, + "type": "object" + }, + "AWS::Config::ConfigRule.Source": { + "additionalProperties": false, + "properties": { + "CustomPolicyDetails": { + "$ref": "#/definitions/AWS::Config::ConfigRule.CustomPolicyDetails", + "markdownDescription": "Provides the runtime system, policy definition, and whether debug logging is enabled. Required when owner is set to `CUSTOM_POLICY` .", + "title": "CustomPolicyDetails" }, - "Password": { - "markdownDescription": "The password for the user account you use to access the MongoDB source endpoint.", - "title": "Password", + "Owner": { + "markdownDescription": "Indicates whether AWS or the customer owns and manages the AWS Config rule.\n\nAWS Config Managed Rules are predefined rules owned by AWS . For more information, see [AWS Config Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html) in the *AWS Config developer guide* .\n\nAWS Config Custom Rules are rules that you can develop either with Guard ( `CUSTOM_POLICY` ) or AWS Lambda ( `CUSTOM_LAMBDA` ). For more information, see [AWS Config Custom Rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_develop-rules.html) in the *AWS Config developer guide* .", + "title": "Owner", "type": "string" }, - "Port": { - "markdownDescription": "The port value for the MongoDB source endpoint.", - "title": "Port", - "type": "number" + "SourceDetails": { + "items": { + "$ref": "#/definitions/AWS::Config::ConfigRule.SourceDetail" + }, + "markdownDescription": "Provides the source and the message types that cause AWS Config to evaluate your AWS resources against a rule. It also provides the frequency with which you want AWS Config to run evaluations for the rule if the trigger type is periodic.\n\nIf the owner is set to `CUSTOM_POLICY` , the only acceptable values for the AWS Config rule trigger message type are `ConfigurationItemChangeNotification` and `OversizedConfigurationItemChangeNotification` .", + "title": "SourceDetails", + "type": "array" }, - "SecretsManagerAccessRoleArn": { - "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the MongoDB endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", - "title": "SecretsManagerAccessRoleArn", + "SourceIdentifier": { + "markdownDescription": "For AWS Config Managed rules, a predefined identifier from a list. For example, `IAM_PASSWORD_POLICY` is a managed rule. To reference a managed rule, see [List of AWS Config Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/managed-rules-by-aws-config.html) .\n\nFor AWS Config Custom Lambda rules, the identifier is the Amazon Resource Name (ARN) of the rule's AWS Lambda function, such as `arn:aws:lambda:us-east-2:123456789012:function:custom_rule_name` .\n\nFor AWS Config Custom Policy rules, this field will be ignored.", + "title": "SourceIdentifier", "type": "string" - }, - "SecretsManagerSecretId": { - "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the MongoDB endpoint connection details.", - "title": "SecretsManagerSecretId", + } + }, + "required": [ + "Owner" + ], + "type": "object" + }, + "AWS::Config::ConfigRule.SourceDetail": { + "additionalProperties": false, + "properties": { + "EventSource": { + "markdownDescription": "The source of the event, such as an AWS service, that triggers AWS Config to evaluate your AWS resources.", + "title": "EventSource", "type": "string" }, - "ServerName": { - "markdownDescription": "The name of the server on the MongoDB source endpoint.", - "title": "ServerName", + "MaximumExecutionFrequency": { + "markdownDescription": "The frequency at which you want AWS Config to run evaluations for a custom rule with a periodic trigger. If you specify a value for `MaximumExecutionFrequency` , then `MessageType` must use the `ScheduledNotification` value.\n\n> By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the `MaximumExecutionFrequency` parameter.\n> \n> Based on the valid value you choose, AWS Config runs evaluations once for each valid value. For example, if you choose `Three_Hours` , AWS Config runs evaluations once every three hours. In this case, `Three_Hours` is the frequency of this rule.", + "title": "MaximumExecutionFrequency", "type": "string" }, - "Username": { - "markdownDescription": "The user name you use to access the MongoDB source endpoint.", - "title": "Username", + "MessageType": { + "markdownDescription": "The type of notification that triggers AWS Config to run an evaluation for a rule. You can specify the following notification types:\n\n- `ConfigurationItemChangeNotification` - Triggers an evaluation when AWS Config delivers a configuration item as a result of a resource change.\n- `OversizedConfigurationItemChangeNotification` - Triggers an evaluation when AWS Config delivers an oversized configuration item. AWS Config may generate this notification type when a resource changes and the notification exceeds the maximum size allowed by Amazon SNS.\n- `ScheduledNotification` - Triggers a periodic evaluation at the frequency specified for `MaximumExecutionFrequency` .\n- `ConfigurationSnapshotDeliveryCompleted` - Triggers a periodic evaluation when AWS Config delivers a configuration snapshot.\n\nIf you want your custom rule to be triggered by configuration changes, specify two SourceDetail objects, one for `ConfigurationItemChangeNotification` and one for `OversizedConfigurationItemChangeNotification` .", + "title": "MessageType", "type": "string" } }, + "required": [ + "EventSource", + "MessageType" + ], "type": "object" }, - "AWS::DMS::Endpoint.MySqlSettings": { + "AWS::Config::ConfigurationAggregator": { "additionalProperties": false, "properties": { - "AfterConnectScript": { - "markdownDescription": "Specifies a script to run immediately after AWS DMS connects to the endpoint. The migration task continues running regardless if the SQL statement succeeds or fails.\n\nFor this parameter, provide the code of the script itself, not the name of a file containing the script.", - "title": "AfterConnectScript", + "Condition": { "type": "string" }, - "CleanSourceMetadataOnMismatch": { - "markdownDescription": "Cleans and recreates table metadata information on the replication instance when a mismatch occurs. For example, in a situation where running an alter DDL on the table could result in different information about the table cached in the replication instance.", - "title": "CleanSourceMetadataOnMismatch", - "type": "boolean" - }, - "EventsPollInterval": { - "markdownDescription": "Specifies how often to check the binary log for new changes/events when the database is idle. The default is five seconds.\n\nExample: `eventsPollInterval=5;`\n\nIn the example, AWS DMS checks for changes in the binary logs every five seconds.", - "title": "EventsPollInterval", - "type": "number" - }, - "MaxFileSize": { - "markdownDescription": "Specifies the maximum size (in KB) of any .csv file used to transfer data to a MySQL-compatible database.\n\nExample: `maxFileSize=512`", - "title": "MaxFileSize", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ParallelLoadThreads": { - "markdownDescription": "Improves performance when loading data into the MySQL-compatible target database. Specifies how many threads to use to load the data into the MySQL-compatible target database. Setting a large number of threads can have an adverse effect on database performance, because a separate connection is required for each thread. The default is one.\n\nExample: `parallelLoadThreads=1`", - "title": "ParallelLoadThreads", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SecretsManagerAccessRoleArn": { - "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the MySQL endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", - "title": "SecretsManagerAccessRoleArn", - "type": "string" + "Metadata": { + "type": "object" }, - "SecretsManagerSecretId": { - "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the MySQL endpoint connection details.", - "title": "SecretsManagerSecretId", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "AccountAggregationSources": { + "items": { + "$ref": "#/definitions/AWS::Config::ConfigurationAggregator.AccountAggregationSource" + }, + "markdownDescription": "Provides a list of source accounts and regions to be aggregated.", + "title": "AccountAggregationSources", + "type": "array" + }, + "ConfigurationAggregatorName": { + "markdownDescription": "The name of the aggregator.", + "title": "ConfigurationAggregatorName", + "type": "string" + }, + "OrganizationAggregationSource": { + "$ref": "#/definitions/AWS::Config::ConfigurationAggregator.OrganizationAggregationSource", + "markdownDescription": "Provides an organization and list of regions to be aggregated.", + "title": "OrganizationAggregationSource" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of tag object.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" }, - "ServerTimezone": { - "markdownDescription": "Specifies the time zone for the source MySQL database.\n\nExample: `serverTimezone=US/Pacific;`\n\nNote: Do not enclose time zones in single quotes.", - "title": "ServerTimezone", + "Type": { + "enum": [ + "AWS::Config::ConfigurationAggregator" + ], "type": "string" }, - "TargetDbType": { - "markdownDescription": "Specifies where to migrate source tables on the target, either to a single database or multiple databases. If you specify `SPECIFIC_DATABASE` , specify the database name using the `DatabaseName` parameter of the `Endpoint` object.\n\nExample: `targetDbType=MULTIPLE_DATABASES`", - "title": "TargetDbType", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::DMS::Endpoint.NeptuneSettings": { + "AWS::Config::ConfigurationAggregator.AccountAggregationSource": { "additionalProperties": false, "properties": { - "ErrorRetryDuration": { - "markdownDescription": "The number of milliseconds for AWS DMS to wait to retry a bulk-load of migrated graph data to the Neptune target database before raising an error. The default is 250.", - "title": "ErrorRetryDuration", - "type": "number" + "AccountIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The 12-digit account ID of the account being aggregated.", + "title": "AccountIds", + "type": "array" }, - "IamAuthEnabled": { - "markdownDescription": "If you want IAM authorization enabled for this endpoint, set this parameter to `true` . Then attach the appropriate IAM policy document to your service role specified by `ServiceAccessRoleArn` . The default is `false` .", - "title": "IamAuthEnabled", + "AllAwsRegions": { + "markdownDescription": "If true, aggregate existing AWS Config regions and future regions.", + "title": "AllAwsRegions", "type": "boolean" }, - "MaxFileSize": { - "markdownDescription": "The maximum size in kilobytes of migrated graph data stored in a .csv file before AWS DMS bulk-loads the data to the Neptune target database. The default is 1,048,576 KB. If the bulk load is successful, AWS DMS clears the bucket, ready to store the next batch of migrated graph data.", - "title": "MaxFileSize", - "type": "number" - }, - "MaxRetryCount": { - "markdownDescription": "The number of times for AWS DMS to retry a bulk load of migrated graph data to the Neptune target database before raising an error. The default is 5.", - "title": "MaxRetryCount", - "type": "number" - }, - "S3BucketFolder": { - "markdownDescription": "A folder path where you want AWS DMS to store migrated graph data in the S3 bucket specified by `S3BucketName`", - "title": "S3BucketFolder", - "type": "string" - }, - "S3BucketName": { - "markdownDescription": "The name of the Amazon S3 bucket where AWS DMS can temporarily store migrated graph data in .csv files before bulk-loading it to the Neptune target database. AWS DMS maps the SQL source data to graph data before storing it in these .csv files.", - "title": "S3BucketName", - "type": "string" - }, - "ServiceAccessRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the service role that you created for the Neptune target endpoint. The role must allow the `iam:PassRole` action.\n\nFor more information, see [Creating an IAM Service Role for Accessing Amazon Neptune as a Target](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Neptune.html#CHAP_Target.Neptune.ServiceRole) in the *AWS Database Migration Service User Guide* .", - "title": "ServiceAccessRoleArn", - "type": "string" + "AwsRegions": { + "items": { + "type": "string" + }, + "markdownDescription": "The source regions being aggregated.", + "title": "AwsRegions", + "type": "array" } }, + "required": [ + "AccountIds" + ], "type": "object" }, - "AWS::DMS::Endpoint.OracleSettings": { + "AWS::Config::ConfigurationAggregator.OrganizationAggregationSource": { "additionalProperties": false, "properties": { - "AccessAlternateDirectly": { - "markdownDescription": "Set this attribute to `false` in order to use the Binary Reader to capture change data for an Amazon RDS for Oracle as the source. This tells the DMS instance to not access redo logs through any specified path prefix replacement using direct file access.", - "title": "AccessAlternateDirectly", - "type": "boolean" - }, - "AddSupplementalLogging": { - "markdownDescription": "Set this attribute to set up table-level supplemental logging for the Oracle database. This attribute enables PRIMARY KEY supplemental logging on all tables selected for a migration task.\n\nIf you use this option, you still need to enable database-level supplemental logging.", - "title": "AddSupplementalLogging", - "type": "boolean" - }, - "AdditionalArchivedLogDestId": { - "markdownDescription": "Set this attribute with `ArchivedLogDestId` in a primary/ standby setup. This attribute is useful in the case of a switchover. In this case, AWS DMS needs to know which destination to get archive redo logs from to read changes. This need arises because the previous primary instance is now a standby instance after switchover.\n\nAlthough AWS DMS supports the use of the Oracle `RESETLOGS` option to open the database, never use `RESETLOGS` unless necessary. For additional information about `RESETLOGS` , see [RMAN Data Repair Concepts](https://docs.aws.amazon.com/https://docs.oracle.com/en/database/oracle/oracle-database/19/bradv/rman-data-repair-concepts.html#GUID-1805CCF7-4AF2-482D-B65A-998192F89C2B) in the *Oracle Database Backup and Recovery User's Guide* .", - "title": "AdditionalArchivedLogDestId", - "type": "number" - }, - "AllowSelectNestedTables": { - "markdownDescription": "Set this attribute to `true` to enable replication of Oracle tables containing columns that are nested tables or defined types.", - "title": "AllowSelectNestedTables", - "type": "boolean" - }, - "ArchivedLogDestId": { - "markdownDescription": "Specifies the ID of the destination for the archived redo logs. This value should be the same as a number in the dest_id column of the v$archived_log view. If you work with an additional redo log destination, use the `AdditionalArchivedLogDestId` option to specify the additional destination ID. Doing this improves performance by ensuring that the correct logs are accessed from the outset.", - "title": "ArchivedLogDestId", - "type": "number" - }, - "ArchivedLogsOnly": { - "markdownDescription": "When this field is set to `True` , AWS DMS only accesses the archived redo logs. If the archived redo logs are stored on Automatic Storage Management (ASM) only, the AWS DMS user account needs to be granted ASM privileges.", - "title": "ArchivedLogsOnly", - "type": "boolean" - }, - "AsmPassword": { - "markdownDescription": "For an Oracle source endpoint, your Oracle Automatic Storage Management (ASM) password. You can set this value from the `*asm_user_password*` value. You set this value as part of the comma-separated value that you set to the `Password` request parameter when you create the endpoint to access transaction logs using Binary Reader. For more information, see [Configuration for change data capture (CDC) on an Oracle source database](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.CDC.Configuration) .", - "title": "AsmPassword", - "type": "string" - }, - "AsmServer": { - "markdownDescription": "For an Oracle source endpoint, your ASM server address. You can set this value from the `asm_server` value. You set `asm_server` as part of the extra connection attribute string to access an Oracle server with Binary Reader that uses ASM. For more information, see [Configuration for change data capture (CDC) on an Oracle source database](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.CDC.Configuration) .", - "title": "AsmServer", - "type": "string" - }, - "AsmUser": { - "markdownDescription": "For an Oracle source endpoint, your ASM user name. You can set this value from the `asm_user` value. You set `asm_user` as part of the extra connection attribute string to access an Oracle server with Binary Reader that uses ASM. For more information, see [Configuration for change data capture (CDC) on an Oracle source database](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.CDC.Configuration) .", - "title": "AsmUser", - "type": "string" - }, - "CharLengthSemantics": { - "markdownDescription": "Specifies whether the length of a character column is in bytes or in characters. To indicate that the character column length is in characters, set this attribute to `CHAR` . Otherwise, the character column length is in bytes.\n\nExample: `charLengthSemantics=CHAR;`", - "title": "CharLengthSemantics", - "type": "string" - }, - "DirectPathNoLog": { - "markdownDescription": "When set to `true` , this attribute helps to increase the commit rate on the Oracle target database by writing directly to tables and not writing a trail to database logs.", - "title": "DirectPathNoLog", - "type": "boolean" - }, - "DirectPathParallelLoad": { - "markdownDescription": "When set to `true` , this attribute specifies a parallel load when `useDirectPathFullLoad` is set to `Y` . This attribute also only applies when you use the AWS DMS parallel load feature. Note that the target table cannot have any constraints or indexes.", - "title": "DirectPathParallelLoad", - "type": "boolean" - }, - "EnableHomogenousTablespace": { - "markdownDescription": "Set this attribute to enable homogenous tablespace replication and create existing tables or indexes under the same tablespace on the target.", - "title": "EnableHomogenousTablespace", + "AllAwsRegions": { + "markdownDescription": "If true, aggregate existing AWS Config regions and future regions.", + "title": "AllAwsRegions", "type": "boolean" }, - "ExtraArchivedLogDestIds": { + "AwsRegions": { "items": { - "type": "number" + "type": "string" }, - "markdownDescription": "Specifies the IDs of one more destinations for one or more archived redo logs. These IDs are the values of the `dest_id` column in the `v$archived_log` view. Use this setting with the `archivedLogDestId` extra connection attribute in a primary-to-single setup or a primary-to-multiple-standby setup.\n\nThis setting is useful in a switchover when you use an Oracle Data Guard database as a source. In this case, AWS DMS needs information about what destination to get archive redo logs from to read changes. AWS DMS needs this because after the switchover the previous primary is a standby instance. For example, in a primary-to-single standby setup you might apply the following settings.\n\n`archivedLogDestId=1; ExtraArchivedLogDestIds=[2]`\n\nIn a primary-to-multiple-standby setup, you might apply the following settings.\n\n`archivedLogDestId=1; ExtraArchivedLogDestIds=[2,3,4]`\n\nAlthough AWS DMS supports the use of the Oracle `RESETLOGS` option to open the database, never use `RESETLOGS` unless it's necessary. For more information about `RESETLOGS` , see [RMAN Data Repair Concepts](https://docs.aws.amazon.com/https://docs.oracle.com/en/database/oracle/oracle-database/19/bradv/rman-data-repair-concepts.html#GUID-1805CCF7-4AF2-482D-B65A-998192F89C2B) in the *Oracle Database Backup and Recovery User's Guide* .", - "title": "ExtraArchivedLogDestIds", + "markdownDescription": "The source regions being aggregated.", + "title": "AwsRegions", "type": "array" }, - "FailTasksOnLobTruncation": { - "markdownDescription": "When set to `true` , this attribute causes a task to fail if the actual size of an LOB column is greater than the specified `LobMaxSize` .\n\nIf a task is set to limited LOB mode and this option is set to `true` , the task fails instead of truncating the LOB data.", - "title": "FailTasksOnLobTruncation", - "type": "boolean" - }, - "NumberDatatypeScale": { - "markdownDescription": "Specifies the number scale. You can select a scale up to 38, or you can select FLOAT. By default, the NUMBER data type is converted to precision 38, scale 10.\n\nExample: `numberDataTypeScale=12`", - "title": "NumberDatatypeScale", - "type": "number" - }, - "OraclePathPrefix": { - "markdownDescription": "Set this string attribute to the required value in order to use the Binary Reader to capture change data for an Amazon RDS for Oracle as the source. This value specifies the default Oracle root used to access the redo logs.", - "title": "OraclePathPrefix", - "type": "string" - }, - "ParallelAsmReadThreads": { - "markdownDescription": "Set this attribute to change the number of threads that DMS configures to perform a change data capture (CDC) load using Oracle Automatic Storage Management (ASM). You can specify an integer value between 2 (the default) and 8 (the maximum). Use this attribute together with the `readAheadBlocks` attribute.", - "title": "ParallelAsmReadThreads", - "type": "number" - }, - "ReadAheadBlocks": { - "markdownDescription": "Set this attribute to change the number of read-ahead blocks that DMS configures to perform a change data capture (CDC) load using Oracle Automatic Storage Management (ASM). You can specify an integer value between 1000 (the default) and 200,000 (the maximum).", - "title": "ReadAheadBlocks", - "type": "number" - }, - "ReadTableSpaceName": { - "markdownDescription": "When set to `true` , this attribute supports tablespace replication.", - "title": "ReadTableSpaceName", - "type": "boolean" - }, - "ReplacePathPrefix": { - "markdownDescription": "Set this attribute to true in order to use the Binary Reader to capture change data for an Amazon RDS for Oracle as the source. This setting tells DMS instance to replace the default Oracle root with the specified `usePathPrefix` setting to access the redo logs.", - "title": "ReplacePathPrefix", - "type": "boolean" - }, - "RetryInterval": { - "markdownDescription": "Specifies the number of seconds that the system waits before resending a query.\n\nExample: `retryInterval=6;`", - "title": "RetryInterval", - "type": "number" - }, - "SecretsManagerAccessRoleArn": { - "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the Oracle endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", - "title": "SecretsManagerAccessRoleArn", + "RoleArn": { + "markdownDescription": "ARN of the IAM role used to retrieve AWS Organizations details associated with the aggregator account.", + "title": "RoleArn", "type": "string" - }, - "SecretsManagerOracleAsmAccessRoleArn": { - "markdownDescription": "Required only if your Oracle endpoint uses Advanced Storage Manager (ASM). The full ARN of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the `SecretsManagerOracleAsmSecret` . This `SecretsManagerOracleAsmSecret` has the secret value that allows access to the Oracle ASM of the endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerOracleAsmSecretId` . Or you can specify clear-text values for `AsmUser` , `AsmPassword` , and `AsmServerName` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerOracleAsmSecret` , the corresponding `SecretsManagerOracleAsmAccessRoleArn` , and the `SecretsManagerOracleAsmSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", - "title": "SecretsManagerOracleAsmAccessRoleArn", + } + }, + "required": [ + "RoleArn" + ], + "type": "object" + }, + "AWS::Config::ConfigurationRecorder": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "SecretsManagerOracleAsmSecretId": { - "markdownDescription": "Required only if your Oracle endpoint uses Advanced Storage Manager (ASM). The full ARN, partial ARN, or display name of the `SecretsManagerOracleAsmSecret` that contains the Oracle ASM connection details for the Oracle endpoint.", - "title": "SecretsManagerOracleAsmSecretId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SecretsManagerSecretId": { - "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the Oracle endpoint connection details.", - "title": "SecretsManagerSecretId", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SecurityDbEncryption": { - "markdownDescription": "For an Oracle source endpoint, the transparent data encryption (TDE) password required by AWM DMS to access Oracle redo logs encrypted by TDE using Binary Reader. It is also the `*TDE_Password*` part of the comma-separated value you set to the `Password` request parameter when you create the endpoint. The `SecurityDbEncryptian` setting is related to this `SecurityDbEncryptionName` setting. For more information, see [Supported encryption methods for using Oracle as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.Encryption) in the *AWS Database Migration Service User Guide* .", - "title": "SecurityDbEncryption", - "type": "string" + "Metadata": { + "type": "object" }, - "SecurityDbEncryptionName": { - "markdownDescription": "For an Oracle source endpoint, the name of a key used for the transparent data encryption (TDE) of the columns and tablespaces in an Oracle source database that is encrypted using TDE. The key value is the value of the `SecurityDbEncryption` setting. For more information on setting the key name value of `SecurityDbEncryptionName` , see the information and example for setting the `securityDbEncryptionName` extra connection attribute in [Supported encryption methods for using Oracle as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.Encryption) in the *AWS Database Migration Service User Guide* .", - "title": "SecurityDbEncryptionName", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the configuration recorder. AWS Config automatically assigns the name of \"default\" when creating the configuration recorder.\n\nYou cannot change the name of the configuration recorder after it has been created. To change the configuration recorder name, you must delete it and create a new configuration recorder with a new name.", + "title": "Name", + "type": "string" + }, + "RecordingGroup": { + "$ref": "#/definitions/AWS::Config::ConfigurationRecorder.RecordingGroup", + "markdownDescription": "Specifies which resource types AWS Config records for configuration changes.\n\n> *High Number of AWS Config Evaluations*\n> \n> You may notice increased activity in your account during your initial month recording with AWS Config when compared to subsequent months. During the initial bootstrapping process, AWS Config runs evaluations on all the resources in your account that you have selected for AWS Config to record.\n> \n> If you are running ephemeral workloads, you may see increased activity from AWS Config as it records configuration changes associated with creating and deleting these temporary resources. An *ephemeral workload* is a temporary use of computing resources that are loaded and run when needed. Examples include Amazon Elastic Compute Cloud ( Amazon EC2 ) Spot Instances, Amazon EMR jobs, and AWS Auto Scaling . If you want to avoid the increased activity from running ephemeral workloads, you can run these types of workloads in a separate account with AWS Config turned off to avoid increased configuration recording and rule evaluations.", + "title": "RecordingGroup" + }, + "RecordingMode": { + "$ref": "#/definitions/AWS::Config::ConfigurationRecorder.RecordingMode", + "markdownDescription": "Specifies the default recording frequency for the configuration recorder. AWS Config supports *Continuous recording* and *Daily recording* .\n\n- Continuous recording allows you to record configuration changes continuously whenever a change occurs.\n- Daily recording allows you to receive a configuration item (CI) representing the most recent state of your resources over the last 24-hour period, only if it\u2019s different from the previous CI recorded.\n\n> *Some resource types require continuous recording*\n> \n> AWS Firewall Manager depends on continuous recording to monitor your resources. If you are using Firewall Manager, it is recommended that you set the recording frequency to Continuous. \n\nYou can also override the recording frequency for specific resource types.", + "title": "RecordingMode" + }, + "RoleARN": { + "markdownDescription": "Amazon Resource Name (ARN) of the IAM role assumed by AWS Config and used by the configuration recorder. For more information, see [Permissions for the IAM Role Assigned](https://docs.aws.amazon.com/config/latest/developerguide/iamrole-permissions.html) to AWS Config in the AWS Config Developer Guide.\n\n> *Pre-existing AWS Config role*\n> \n> If you have used an AWS service that uses AWS Config , such as AWS Security Hub or AWS Control Tower , and an AWS Config role has already been created, make sure that the IAM role that you use when setting up AWS Config keeps the same minimum permissions as the already created AWS Config role. You must do this so that the other AWS service continues to run as expected.\n> \n> For example, if AWS Control Tower has an IAM role that allows AWS Config to read Amazon Simple Storage Service ( Amazon S3 ) objects, make sure that the same permissions are granted within the IAM role you use when setting up AWS Config . Otherwise, it may interfere with how AWS Control Tower operates. For more information about IAM roles for AWS Config , see [*Identity and Access Management for AWS Config*](https://docs.aws.amazon.com/config/latest/developerguide/security-iam.html) in the *AWS Config Developer Guide* .", + "title": "RoleARN", + "type": "string" + } + }, + "required": [ + "RoleARN" + ], + "type": "object" }, - "SpatialDataOptionToGeoJsonFunctionName": { - "markdownDescription": "Use this attribute to convert `SDO_GEOMETRY` to `GEOJSON` format. By default, DMS calls the `SDO2GEOJSON` custom function if present and accessible. Or you can create your own custom function that mimics the operation of `SDOGEOJSON` and set `SpatialDataOptionToGeoJsonFunctionName` to call it instead.", - "title": "SpatialDataOptionToGeoJsonFunctionName", + "Type": { + "enum": [ + "AWS::Config::ConfigurationRecorder" + ], "type": "string" }, - "StandbyDelayTime": { - "markdownDescription": "Use this attribute to specify a time in minutes for the delay in standby sync. If the source is an Oracle Active Data Guard standby database, use this attribute to specify the time lag between primary and standby databases.\n\nIn AWS DMS , you can create an Oracle CDC task that uses an Active Data Guard standby instance as a source for replicating ongoing changes. Doing this eliminates the need to connect to an active database that might be in production.", - "title": "StandbyDelayTime", - "type": "number" - }, - "UseAlternateFolderForOnline": { - "markdownDescription": "Set this attribute to `true` in order to use the Binary Reader to capture change data for an Amazon RDS for Oracle as the source. This tells the DMS instance to use any specified prefix replacement to access all online redo logs.", - "title": "UseAlternateFolderForOnline", - "type": "boolean" - }, - "UseBFile": { - "markdownDescription": "Set this attribute to True to capture change data using the Binary Reader utility. Set `UseLogminerReader` to False to set this attribute to True. To use Binary Reader with Amazon RDS for Oracle as the source, you set additional attributes. For more information about using this setting with Oracle Automatic Storage Management (ASM), see [Using Oracle LogMiner or AWS DMS Binary Reader for CDC](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.CDC) .", - "title": "UseBFile", - "type": "boolean" - }, - "UseDirectPathFullLoad": { - "markdownDescription": "Set this attribute to True to have AWS DMS use a direct path full load. Specify this value to use the direct path protocol in the Oracle Call Interface (OCI). By using this OCI protocol, you can bulk-load Oracle target tables during a full load.", - "title": "UseDirectPathFullLoad", - "type": "boolean" - }, - "UseLogminerReader": { - "markdownDescription": "Set this attribute to True to capture change data using the Oracle LogMiner utility (the default). Set this attribute to False if you want to access the redo logs as a binary file. When you set `UseLogminerReader` to False, also set `UseBfile` to True. For more information on this setting and using Oracle ASM, see [Using Oracle LogMiner or AWS DMS Binary Reader for CDC](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.CDC) in the *AWS DMS User Guide* .", - "title": "UseLogminerReader", - "type": "boolean" - }, - "UsePathPrefix": { - "markdownDescription": "Set this string attribute to the required value in order to use the Binary Reader to capture change data for an Amazon RDS for Oracle as the source. This value specifies the path prefix used to replace the default Oracle root to access the redo logs.", - "title": "UsePathPrefix", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::DMS::Endpoint.PostgreSqlSettings": { + "AWS::Config::ConfigurationRecorder.ExclusionByResourceTypes": { "additionalProperties": false, "properties": { - "AfterConnectScript": { - "markdownDescription": "For use with change data capture (CDC) only, this attribute has AWS DMS bypass foreign keys and user triggers to reduce the time it takes to bulk load data.\n\nExample: `afterConnectScript=SET session_replication_role='replica'`", - "title": "AfterConnectScript", - "type": "string" - }, - "BabelfishDatabaseName": { - "markdownDescription": "The Babelfish for Aurora PostgreSQL database name for the endpoint.", - "title": "BabelfishDatabaseName", - "type": "string" - }, - "CaptureDdls": { - "markdownDescription": "To capture DDL events, AWS DMS creates various artifacts in the PostgreSQL database when the task starts. You can later remove these artifacts.\n\nIf this value is set to `True` , you don't have to create tables or triggers on the source database.", - "title": "CaptureDdls", - "type": "boolean" - }, - "DatabaseMode": { - "markdownDescription": "Specifies the default behavior of the replication's handling of PostgreSQL- compatible endpoints that require some additional configuration, such as Babelfish endpoints.", - "title": "DatabaseMode", - "type": "string" - }, - "DdlArtifactsSchema": { - "markdownDescription": "The schema in which the operational DDL database artifacts are created.\n\nThe default value is `public` .\n\nExample: `ddlArtifactsSchema=xyzddlschema;`", - "title": "DdlArtifactsSchema", - "type": "string" - }, - "ExecuteTimeout": { - "markdownDescription": "Sets the client statement timeout for the PostgreSQL instance, in seconds. The default value is 60 seconds.\n\nExample: `executeTimeout=100;`", - "title": "ExecuteTimeout", - "type": "number" - }, - "FailTasksOnLobTruncation": { - "markdownDescription": "When set to `true` , this value causes a task to fail if the actual size of a LOB column is greater than the specified `LobMaxSize` .\n\nThe default value is `false` .\n\nIf task is set to Limited LOB mode and this option is set to true, the task fails instead of truncating the LOB data.", - "title": "FailTasksOnLobTruncation", - "type": "boolean" - }, - "HeartbeatEnable": { - "markdownDescription": "The write-ahead log (WAL) heartbeat feature mimics a dummy transaction. By doing this, it prevents idle logical replication slots from holding onto old WAL logs, which can result in storage full situations on the source. This heartbeat keeps `restart_lsn` moving and prevents storage full scenarios.\n\nThe default value is `false` .", - "title": "HeartbeatEnable", + "ResourceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "A comma-separated list of resource types to exclude from recording by the configuration recorder.", + "title": "ResourceTypes", + "type": "array" + } + }, + "required": [ + "ResourceTypes" + ], + "type": "object" + }, + "AWS::Config::ConfigurationRecorder.RecordingGroup": { + "additionalProperties": false, + "properties": { + "AllSupported": { + "markdownDescription": "Specifies whether AWS Config records configuration changes for all supported resource types, excluding the global IAM resource types.\n\nIf you set this field to `true` , when AWS Config adds support for a new resource type, AWS Config starts recording resources of that type automatically.\n\nIf you set this field to `true` , you cannot enumerate specific resource types to record in the `resourceTypes` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) , or to exclude in the `resourceTypes` field of [ExclusionByResourceTypes](https://docs.aws.amazon.com/config/latest/APIReference/API_ExclusionByResourceTypes.html) .\n\n> *Region availability*\n> \n> Check [Resource Coverage by Region Availability](https://docs.aws.amazon.com/config/latest/developerguide/what-is-resource-config-coverage.html) to see if a resource type is supported in the AWS Region where you set up AWS Config .", + "title": "AllSupported", "type": "boolean" }, - "HeartbeatFrequency": { - "markdownDescription": "Sets the WAL heartbeat frequency (in minutes).\n\nThe default value is 5 minutes.", - "title": "HeartbeatFrequency", - "type": "number" - }, - "HeartbeatSchema": { - "markdownDescription": "Sets the schema in which the heartbeat artifacts are created.\n\nThe default value is `public` .", - "title": "HeartbeatSchema", - "type": "string" + "ExclusionByResourceTypes": { + "$ref": "#/definitions/AWS::Config::ConfigurationRecorder.ExclusionByResourceTypes", + "markdownDescription": "An object that specifies how AWS Config excludes resource types from being recorded by the configuration recorder.\n\nTo use this option, you must set the `useOnly` field of [AWS::Config::ConfigurationRecorder RecordingStrategy](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-config-configurationrecorder-recordingstrategy.html) to `EXCLUSION_BY_RESOURCE_TYPES` .", + "title": "ExclusionByResourceTypes" }, - "MapBooleanAsBoolean": { - "markdownDescription": "When true, lets PostgreSQL migrate the boolean type as boolean. By default, PostgreSQL migrates booleans as `varchar(5)` . You must set this setting on both the source and target endpoints for it to take effect.\n\nThe default value is `false` .", - "title": "MapBooleanAsBoolean", + "IncludeGlobalResourceTypes": { + "markdownDescription": "This option is a bundle which only applies to the global IAM resource types: IAM users, groups, roles, and customer managed policies. These global IAM resource types can only be recorded by AWS Config in Regions where AWS Config was available before February 2022. You cannot be record the global IAM resouce types in Regions supported by AWS Config after February 2022. This list where you cannot record the global IAM resource types includes the following Regions:\n\n- Asia Pacific (Hyderabad)\n- Asia Pacific (Melbourne)\n- Canada West (Calgary)\n- Europe (Spain)\n- Europe (Zurich)\n- Israel (Tel Aviv)\n- Middle East (UAE)\n\n> *Aurora global clusters are recorded in all enabled Regions*\n> \n> The `AWS::RDS::GlobalCluster` resource type will be recorded in all supported AWS Config Regions where the configuration recorder is enabled, even if `IncludeGlobalResourceTypes` is set to `false` . The `IncludeGlobalResourceTypes` option is a bundle which only applies to IAM users, groups, roles, and customer managed policies.\n> \n> If you do not want to record `AWS::RDS::GlobalCluster` in all enabled Regions, use one of the following recording strategies:\n> \n> - *Record all current and future resource types with exclusions* ( `EXCLUSION_BY_RESOURCE_TYPES` ), or\n> - *Record specific resource types* ( `INCLUSION_BY_RESOURCE_TYPES` ).\n> \n> For more information, see [Selecting Which Resources are Recorded](https://docs.aws.amazon.com/config/latest/developerguide/select-resources.html#select-resources-all) in the *AWS Config developer guide* . > *IncludeGlobalResourceTypes and the exclusion recording strategy*\n> \n> The `IncludeGlobalResourceTypes` field has no impact on the `EXCLUSION_BY_RESOURCE_TYPES` recording strategy. This means that the global IAM resource types ( IAM users, groups, roles, and customer managed policies) will not be automatically added as exclusions for `ExclusionByResourceTypes` when `IncludeGlobalResourceTypes` is set to `false` .\n> \n> The `IncludeGlobalResourceTypes` field should only be used to modify the `AllSupported` field, as the default for the `AllSupported` field is to record configuration changes for all supported resource types excluding the global IAM resource types. To include the global IAM resource types when `AllSupported` is set to `true` , make sure to set `IncludeGlobalResourceTypes` to `true` .\n> \n> To exclude the global IAM resource types for the `EXCLUSION_BY_RESOURCE_TYPES` recording strategy, you need to manually add them to the `ResourceTypes` field of `ExclusionByResourceTypes` . > *Required and optional fields*\n> \n> Before you set this field to `true` , set the `AllSupported` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) to `true` . Optionally, you can set the `useOnly` field of [RecordingStrategy](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingStrategy.html) to `ALL_SUPPORTED_RESOURCE_TYPES` . > *Overriding fields*\n> \n> If you set this field to `false` but list global IAM resource types in the `ResourceTypes` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) , AWS Config will still record configuration changes for those specified resource types *regardless* of if you set the `IncludeGlobalResourceTypes` field to false.\n> \n> If you do not want to record configuration changes to the global IAM resource types (IAM users, groups, roles, and customer managed policies), make sure to not list them in the `ResourceTypes` field in addition to setting the `IncludeGlobalResourceTypes` field to false.", + "title": "IncludeGlobalResourceTypes", "type": "boolean" }, - "MaxFileSize": { - "markdownDescription": "Specifies the maximum size (in KB) of any .csv file used to transfer data to PostgreSQL.\n\nThe default value is 32,768 KB (32 MB).\n\nExample: `maxFileSize=512`", - "title": "MaxFileSize", - "type": "number" - }, - "PluginName": { - "markdownDescription": "Specifies the plugin to use to create a replication slot.\n\nThe default value is `pglogical` .", - "title": "PluginName", - "type": "string" - }, - "SecretsManagerAccessRoleArn": { - "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the PostgreSQL endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", - "title": "SecretsManagerAccessRoleArn", - "type": "string" - }, - "SecretsManagerSecretId": { - "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the PostgreSQL endpoint connection details.", - "title": "SecretsManagerSecretId", - "type": "string" + "RecordingStrategy": { + "$ref": "#/definitions/AWS::Config::ConfigurationRecorder.RecordingStrategy", + "markdownDescription": "An object that specifies the recording strategy for the configuration recorder.\n\n- If you set the `useOnly` field of [RecordingStrategy](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingStrategy.html) to `ALL_SUPPORTED_RESOURCE_TYPES` , AWS Config records configuration changes for all supported resource types, excluding the global IAM resource types. You also must set the `AllSupported` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) to `true` . When AWS Config adds support for a new resource type, AWS Config automatically starts recording resources of that type.\n- If you set the `useOnly` field of [RecordingStrategy](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingStrategy.html) to `INCLUSION_BY_RESOURCE_TYPES` , AWS Config records configuration changes for only the resource types you specify in the `ResourceTypes` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) .\n- If you set the `useOnly` field of [RecordingStrategy](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingStrategy.html) to `EXCLUSION_BY_RESOURCE_TYPES` , AWS Config records configuration changes for all supported resource types except the resource types that you specify to exclude from being recorded in the `ResourceTypes` field of [ExclusionByResourceTypes](https://docs.aws.amazon.com/config/latest/APIReference/API_ExclusionByResourceTypes.html) .\n\n> *Required and optional fields*\n> \n> The `recordingStrategy` field is optional when you set the `AllSupported` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) to `true` .\n> \n> The `recordingStrategy` field is optional when you list resource types in the `ResourceTypes` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) .\n> \n> The `recordingStrategy` field is required if you list resource types to exclude from recording in the `ResourceTypes` field of [ExclusionByResourceTypes](https://docs.aws.amazon.com/config/latest/APIReference/API_ExclusionByResourceTypes.html) . > *Overriding fields*\n> \n> If you choose `EXCLUSION_BY_RESOURCE_TYPES` for the recording strategy, the `ExclusionByResourceTypes` field will override other properties in the request.\n> \n> For example, even if you set `IncludeGlobalResourceTypes` to false, global IAM resource types will still be automatically recorded in this option unless those resource types are specifically listed as exclusions in the `ResourceTypes` field of `ExclusionByResourceTypes` . > *Global resources types and the resource exclusion recording strategy*\n> \n> By default, if you choose the `EXCLUSION_BY_RESOURCE_TYPES` recording strategy, when AWS Config adds support for a new resource type in the Region where you set up the configuration recorder, including global resource types, AWS Config starts recording resources of that type automatically.\n> \n> Unless specifically listed as exclusions, `AWS::RDS::GlobalCluster` will be recorded automatically in all supported AWS Config Regions were the configuration recorder is enabled.\n> \n> IAM users, groups, roles, and customer managed policies will be recorded in the Region where you set up the configuration recorder if that is a Region where AWS Config was available before February 2022. You cannot be record the global IAM resouce types in Regions supported by AWS Config after February 2022. This list where you cannot record the global IAM resource types includes the following Regions:\n> \n> - Asia Pacific (Hyderabad)\n> - Asia Pacific (Melbourne)\n> - Canada West (Calgary)\n> - Europe (Spain)\n> - Europe (Zurich)\n> - Israel (Tel Aviv)\n> - Middle East (UAE)", + "title": "RecordingStrategy" }, - "SlotName": { - "markdownDescription": "Sets the name of a previously created logical replication slot for a change data capture (CDC) load of the PostgreSQL source instance.\n\nWhen used with the `CdcStartPosition` request parameter for the AWS DMS API , this attribute also makes it possible to use native CDC start points. DMS verifies that the specified logical replication slot exists before starting the CDC load task. It also verifies that the task was created with a valid setting of `CdcStartPosition` . If the specified slot doesn't exist or the task doesn't have a valid `CdcStartPosition` setting, DMS raises an error.\n\nFor more information about setting the `CdcStartPosition` request parameter, see [Determining a CDC native start point](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Task.CDC.html#CHAP_Task.CDC.StartPoint.Native) in the *AWS Database Migration Service User Guide* . For more information about using `CdcStartPosition` , see [CreateReplicationTask](https://docs.aws.amazon.com/dms/latest/APIReference/API_CreateReplicationTask.html) , [StartReplicationTask](https://docs.aws.amazon.com/dms/latest/APIReference/API_StartReplicationTask.html) , and [ModifyReplicationTask](https://docs.aws.amazon.com/dms/latest/APIReference/API_ModifyReplicationTask.html) .", - "title": "SlotName", - "type": "string" + "ResourceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "A comma-separated list that specifies which resource types AWS Config records.\n\nFor a list of valid `ResourceTypes` values, see the *Resource Type Value* column in [Supported AWS resource Types](https://docs.aws.amazon.com/config/latest/developerguide/resource-config-reference.html#supported-resources) in the *AWS Config developer guide* .\n\n> *Required and optional fields*\n> \n> Optionally, you can set the `useOnly` field of [RecordingStrategy](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingStrategy.html) to `INCLUSION_BY_RESOURCE_TYPES` .\n> \n> To record all configuration changes, set the `AllSupported` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) to `true` , and either omit this field or don't specify any resource types in this field. If you set the `AllSupported` field to `false` and specify values for `ResourceTypes` , when AWS Config adds support for a new type of resource, it will not record resources of that type unless you manually add that type to your recording group. > *Region availability*\n> \n> Before specifying a resource type for AWS Config to track, check [Resource Coverage by Region Availability](https://docs.aws.amazon.com/config/latest/developerguide/what-is-resource-config-coverage.html) to see if the resource type is supported in the AWS Region where you set up AWS Config . If a resource type is supported by AWS Config in at least one Region, you can enable the recording of that resource type in all Regions supported by AWS Config , even if the specified resource type is not supported in the AWS Region where you set up AWS Config .", + "title": "ResourceTypes", + "type": "array" } }, "type": "object" }, - "AWS::DMS::Endpoint.RedisSettings": { + "AWS::Config::ConfigurationRecorder.RecordingMode": { "additionalProperties": false, "properties": { - "AuthPassword": { - "markdownDescription": "The password provided with the `auth-role` and `auth-token` options of the `AuthType` setting for a Redis target endpoint.", - "title": "AuthPassword", - "type": "string" - }, - "AuthType": { - "markdownDescription": "The type of authentication to perform when connecting to a Redis target. Options include `none` , `auth-token` , and `auth-role` . The `auth-token` option requires an `AuthPassword` value to be provided. The `auth-role` option requires `AuthUserName` and `AuthPassword` values to be provided.", - "title": "AuthType", - "type": "string" - }, - "AuthUserName": { - "markdownDescription": "The user name provided with the `auth-role` option of the `AuthType` setting for a Redis target endpoint.", - "title": "AuthUserName", + "RecordingFrequency": { + "markdownDescription": "The default recording frequency that AWS Config uses to record configuration changes.\n\n> Daily recording cannot be specified for the following resource types:\n> \n> - `AWS::Config::ResourceCompliance`\n> - `AWS::Config::ConformancePackCompliance`\n> - `AWS::Config::ConfigurationRecorder`\n> \n> For the *allSupported* ( `ALL_SUPPORTED_RESOURCE_TYPES` ) recording strategy, these resource types will be set to Continuous recording.", + "title": "RecordingFrequency", "type": "string" }, - "Port": { - "markdownDescription": "Transmission Control Protocol (TCP) port for the endpoint.", - "title": "Port", - "type": "number" - }, - "ServerName": { - "markdownDescription": "Fully qualified domain name of the endpoint.", - "title": "ServerName", + "RecordingModeOverrides": { + "items": { + "$ref": "#/definitions/AWS::Config::ConfigurationRecorder.RecordingModeOverride" + }, + "markdownDescription": "An array of `recordingModeOverride` objects for you to specify your overrides for the recording mode. The `recordingModeOverride` object in the `recordingModeOverrides` array consists of three fields: a `description` , the new `recordingFrequency` , and an array of `resourceTypes` to override.", + "title": "RecordingModeOverrides", + "type": "array" + } + }, + "required": [ + "RecordingFrequency" + ], + "type": "object" + }, + "AWS::Config::ConfigurationRecorder.RecordingModeOverride": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description that you provide for the override.", + "title": "Description", "type": "string" }, - "SslCaCertificateArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the certificate authority (CA) that DMS uses to connect to your Redis target endpoint.", - "title": "SslCaCertificateArn", + "RecordingFrequency": { + "markdownDescription": "The recording frequency that will be applied to all the resource types specified in the override.\n\n- Continuous recording allows you to record configuration changes continuously whenever a change occurs.\n- Daily recording allows you to receive a configuration item (CI) representing the most recent state of your resources over the last 24-hour period, only if it\u2019s different from the previous CI recorded.\n\n> AWS Firewall Manager depends on continuous recording to monitor your resources. If you are using Firewall Manager, it is recommended that you set the recording frequency to Continuous.", + "title": "RecordingFrequency", "type": "string" }, - "SslSecurityProtocol": { - "markdownDescription": "The connection to a Redis target endpoint using Transport Layer Security (TLS). Valid values include `plaintext` and `ssl-encryption` . The default is `ssl-encryption` . The `ssl-encryption` option makes an encrypted connection. Optionally, you can identify an Amazon Resource Name (ARN) for an SSL certificate authority (CA) using the `SslCaCertificateArn` setting. If an ARN isn't given for a CA, DMS uses the Amazon root CA.\n\nThe `plaintext` option doesn't provide Transport Layer Security (TLS) encryption for traffic between endpoint and database.", - "title": "SslSecurityProtocol", + "ResourceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "A comma-separated list that specifies which resource types AWS Config includes in the override.\n\n> Daily recording cannot be specified for the following resource types:\n> \n> - `AWS::Config::ResourceCompliance`\n> - `AWS::Config::ConformancePackCompliance`\n> - `AWS::Config::ConfigurationRecorder`", + "title": "ResourceTypes", + "type": "array" + } + }, + "required": [ + "RecordingFrequency", + "ResourceTypes" + ], + "type": "object" + }, + "AWS::Config::ConfigurationRecorder.RecordingStrategy": { + "additionalProperties": false, + "properties": { + "UseOnly": { + "markdownDescription": "The recording strategy for the configuration recorder.\n\n- If you set this option to `ALL_SUPPORTED_RESOURCE_TYPES` , AWS Config records configuration changes for all supported resource types, excluding the global IAM resource types. You also must set the `AllSupported` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) to `true` . When AWS Config adds support for a new resource type, AWS Config automatically starts recording resources of that type. For a list of supported resource types, see [Supported Resource Types](https://docs.aws.amazon.com/config/latest/developerguide/resource-config-reference.html#supported-resources) in the *AWS Config developer guide* .\n- If you set this option to `INCLUSION_BY_RESOURCE_TYPES` , AWS Config records configuration changes for only the resource types that you specify in the `ResourceTypes` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) .\n- If you set this option to `EXCLUSION_BY_RESOURCE_TYPES` , AWS Config records configuration changes for all supported resource types, except the resource types that you specify to exclude from being recorded in the `ResourceTypes` field of [ExclusionByResourceTypes](https://docs.aws.amazon.com/config/latest/APIReference/API_ExclusionByResourceTypes.html) .\n\n> *Required and optional fields*\n> \n> The `recordingStrategy` field is optional when you set the `AllSupported` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) to `true` .\n> \n> The `recordingStrategy` field is optional when you list resource types in the `ResourceTypes` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) .\n> \n> The `recordingStrategy` field is required if you list resource types to exclude from recording in the `ResourceTypes` field of [ExclusionByResourceTypes](https://docs.aws.amazon.com/config/latest/APIReference/API_ExclusionByResourceTypes.html) . > *Overriding fields*\n> \n> If you choose `EXCLUSION_BY_RESOURCE_TYPES` for the recording strategy, the `ExclusionByResourceTypes` field will override other properties in the request.\n> \n> For example, even if you set `IncludeGlobalResourceTypes` to false, global IAM resource types will still be automatically recorded in this option unless those resource types are specifically listed as exclusions in the `ResourceTypes` field of `ExclusionByResourceTypes` . > *Global resource types and the exclusion recording strategy*\n> \n> By default, if you choose the `EXCLUSION_BY_RESOURCE_TYPES` recording strategy, when AWS Config adds support for a new resource type in the Region where you set up the configuration recorder, including global resource types, AWS Config starts recording resources of that type automatically.\n> \n> Unless specifically listed as exclusions, `AWS::RDS::GlobalCluster` will be recorded automatically in all supported AWS Config Regions were the configuration recorder is enabled.\n> \n> IAM users, groups, roles, and customer managed policies will be recorded in the Region where you set up the configuration recorder if that is a Region where AWS Config was available before February 2022. You cannot be record the global IAM resouce types in Regions supported by AWS Config after February 2022. This list where you cannot record the global IAM resource types includes the following Regions:\n> \n> - Asia Pacific (Hyderabad)\n> - Asia Pacific (Melbourne)\n> - Canada West (Calgary)\n> - Europe (Spain)\n> - Europe (Zurich)\n> - Israel (Tel Aviv)\n> - Middle East (UAE)", + "title": "UseOnly", "type": "string" } }, + "required": [ + "UseOnly" + ], "type": "object" }, - "AWS::DMS::Endpoint.RedshiftSettings": { + "AWS::Config::ConformancePack": { "additionalProperties": false, "properties": { - "AcceptAnyDate": { - "markdownDescription": "A value that indicates to allow any date format, including invalid formats such as 00/00/00 00:00:00, to be loaded without generating an error. You can choose `true` or `false` (the default).\n\nThis parameter applies only to TIMESTAMP and DATE columns. Always use ACCEPTANYDATE with the DATEFORMAT parameter. If the date format for the data doesn't match the DATEFORMAT specification, Amazon Redshift inserts a NULL value into that field.", - "title": "AcceptAnyDate", - "type": "boolean" - }, - "AfterConnectScript": { - "markdownDescription": "Code to run after connecting. This parameter should contain the code itself, not the name of a file containing the code.", - "title": "AfterConnectScript", + "Condition": { "type": "string" }, - "BucketFolder": { - "markdownDescription": "An S3 folder where the comma-separated-value (.csv) files are stored before being uploaded to the target Redshift cluster.\n\nFor full load mode, AWS DMS converts source records into .csv files and loads them to the *BucketFolder/TableID* path. AWS DMS uses the Redshift `COPY` command to upload the .csv files to the target table. The files are deleted once the `COPY` operation has finished. For more information, see [COPY](https://docs.aws.amazon.com/redshift/latest/dg/r_COPY.html) in the *Amazon Redshift Database Developer Guide* .\n\nFor change-data-capture (CDC) mode, AWS DMS creates a *NetChanges* table, and loads the .csv files to this *BucketFolder/NetChangesTableID* path.", - "title": "BucketFolder", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "BucketName": { - "markdownDescription": "The name of the intermediate S3 bucket used to store .csv files before uploading data to Redshift.", - "title": "BucketName", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "CaseSensitiveNames": { - "markdownDescription": "If Amazon Redshift is configured to support case sensitive schema names, set `CaseSensitiveNames` to `true` . The default is `false` .", - "title": "CaseSensitiveNames", - "type": "boolean" - }, - "CompUpdate": { - "markdownDescription": "If you set `CompUpdate` to `true` Amazon Redshift applies automatic compression if the table is empty. This applies even if the table columns already have encodings other than `RAW` . If you set `CompUpdate` to `false` , automatic compression is disabled and existing column encodings aren't changed. The default is `true` .", - "title": "CompUpdate", - "type": "boolean" + "Metadata": { + "type": "object" }, - "ConnectionTimeout": { - "markdownDescription": "A value that sets the amount of time to wait (in milliseconds) before timing out, beginning from when you initially establish a connection.", - "title": "ConnectionTimeout", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "ConformancePackInputParameters": { + "items": { + "$ref": "#/definitions/AWS::Config::ConformancePack.ConformancePackInputParameter" + }, + "markdownDescription": "A list of ConformancePackInputParameter objects.", + "title": "ConformancePackInputParameters", + "type": "array" + }, + "ConformancePackName": { + "markdownDescription": "Name of the conformance pack you want to create.", + "title": "ConformancePackName", + "type": "string" + }, + "DeliveryS3Bucket": { + "markdownDescription": "The name of the Amazon S3 bucket where AWS Config stores conformance pack templates.", + "title": "DeliveryS3Bucket", + "type": "string" + }, + "DeliveryS3KeyPrefix": { + "markdownDescription": "The prefix for the Amazon S3 bucket.", + "title": "DeliveryS3KeyPrefix", + "type": "string" + }, + "TemplateBody": { + "markdownDescription": "A string containing full conformance pack template body. Structure containing the template body with a minimum length of 1 byte and a maximum length of 51,200 bytes.\n\n> You can only use a YAML template with two resource types: config rule ( `AWS::Config::ConfigRule` ) and a remediation action ( `AWS::Config::RemediationConfiguration` ).", + "title": "TemplateBody", + "type": "string" + }, + "TemplateS3Uri": { + "markdownDescription": "Location of file containing the template body (s3://bucketname/prefix). The uri must point to the conformance pack template (max size: 300 KB) that is located in an Amazon S3 bucket.\n\n> You must have access to read Amazon S3 bucket.", + "title": "TemplateS3Uri", + "type": "string" + }, + "TemplateSSMDocumentDetails": { + "$ref": "#/definitions/AWS::Config::ConformancePack.TemplateSSMDocumentDetails", + "markdownDescription": "An object that contains the name or Amazon Resource Name (ARN) of the AWS Systems Manager document (SSM document) and the version of the SSM document that is used to create a conformance pack.", + "title": "TemplateSSMDocumentDetails" + } + }, + "required": [ + "ConformancePackName" + ], + "type": "object" }, - "DateFormat": { - "markdownDescription": "The date format that you are using. Valid values are `auto` (case-sensitive), your date format string enclosed in quotes, or NULL. If this parameter is left unset (NULL), it defaults to a format of 'YYYY-MM-DD'. Using `auto` recognizes most strings, even some that aren't supported when you use a date format string.\n\nIf your date and time values use formats different from each other, set this to `auto` .", - "title": "DateFormat", + "Type": { + "enum": [ + "AWS::Config::ConformancePack" + ], "type": "string" }, - "EmptyAsNull": { - "markdownDescription": "A value that specifies whether AWS DMS should migrate empty CHAR and VARCHAR fields as NULL. A value of `true` sets empty CHAR and VARCHAR fields to null. The default is `false` .", - "title": "EmptyAsNull", - "type": "boolean" - }, - "EncryptionMode": { - "markdownDescription": "The type of server-side encryption that you want to use for your data. This encryption type is part of the endpoint settings or the extra connections attributes for Amazon S3. You can choose either `SSE_S3` (the default) or `SSE_KMS` .\n\n> For the `ModifyEndpoint` operation, you can change the existing value of the `EncryptionMode` parameter from `SSE_KMS` to `SSE_S3` . But you can\u2019t change the existing value from `SSE_S3` to `SSE_KMS` . \n\nTo use `SSE_S3` , create an AWS Identity and Access Management (IAM) role with a policy that allows `\"arn:aws:s3:::*\"` to use the following actions: `\"s3:PutObject\", \"s3:ListBucket\"`", - "title": "EncryptionMode", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "ExplicitIds": { - "markdownDescription": "This setting is only valid for a full-load migration task. Set `ExplicitIds` to `true` to have tables with `IDENTITY` columns override their auto-generated values with explicit values loaded from the source data files used to populate the tables. The default is `false` .", - "title": "ExplicitIds", - "type": "boolean" - }, - "FileTransferUploadStreams": { - "markdownDescription": "The number of threads used to upload a single file. This parameter accepts a value from 1 through 64. It defaults to 10.\n\nThe number of parallel streams used to upload a single .csv file to an S3 bucket using S3 Multipart Upload. For more information, see [Multipart upload overview](https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html) .\n\n`FileTransferUploadStreams` accepts a value from 1 through 64. It defaults to 10.", - "title": "FileTransferUploadStreams", - "type": "number" - }, - "LoadTimeout": { - "markdownDescription": "The amount of time to wait (in milliseconds) before timing out of operations performed by AWS DMS on a Redshift cluster, such as Redshift COPY, INSERT, DELETE, and UPDATE.", - "title": "LoadTimeout", - "type": "number" - }, - "MapBooleanAsBoolean": { - "markdownDescription": "When true, lets Redshift migrate the boolean type as boolean. By default, Redshift migrates booleans as `varchar(1)` . You must set this setting on both the source and target endpoints for it to take effect.", - "title": "MapBooleanAsBoolean", - "type": "boolean" - }, - "MaxFileSize": { - "markdownDescription": "The maximum size (in KB) of any .csv file used to load data on an S3 bucket and transfer data to Amazon Redshift. It defaults to 1048576KB (1 GB).", - "title": "MaxFileSize", - "type": "number" - }, - "RemoveQuotes": { - "markdownDescription": "A value that specifies to remove surrounding quotation marks from strings in the incoming data. All characters within the quotation marks, including delimiters, are retained. Choose `true` to remove quotation marks. The default is `false` .", - "title": "RemoveQuotes", - "type": "boolean" - }, - "ReplaceChars": { - "markdownDescription": "A value that specifies to replaces the invalid characters specified in `ReplaceInvalidChars` , substituting the specified characters instead. The default is `\"?\"` .", - "title": "ReplaceChars", + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Config::ConformancePack.ConformancePackInputParameter": { + "additionalProperties": false, + "properties": { + "ParameterName": { + "markdownDescription": "One part of a key-value pair.", + "title": "ParameterName", "type": "string" }, - "ReplaceInvalidChars": { - "markdownDescription": "A list of characters that you want to replace. Use with `ReplaceChars` .", - "title": "ReplaceInvalidChars", + "ParameterValue": { + "markdownDescription": "Another part of the key-value pair.", + "title": "ParameterValue", "type": "string" - }, - "SecretsManagerAccessRoleArn": { - "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the Amazon Redshift endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", - "title": "SecretsManagerAccessRoleArn", + } + }, + "required": [ + "ParameterName", + "ParameterValue" + ], + "type": "object" + }, + "AWS::Config::ConformancePack.TemplateSSMDocumentDetails": { + "additionalProperties": false, + "properties": { + "DocumentName": { + "markdownDescription": "The name or Amazon Resource Name (ARN) of the SSM document to use to create a conformance pack. If you use the document name, AWS Config checks only your account and AWS Region for the SSM document.", + "title": "DocumentName", "type": "string" }, - "SecretsManagerSecretId": { - "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the Amazon Redshift endpoint connection details.", - "title": "SecretsManagerSecretId", + "DocumentVersion": { + "markdownDescription": "The version of the SSM document to use to create a conformance pack. By default, AWS Config uses the latest version.\n\n> This field is optional.", + "title": "DocumentVersion", "type": "string" - }, - "ServerSideEncryptionKmsKeyId": { - "markdownDescription": "The AWS KMS key ID. If you are using `SSE_KMS` for the `EncryptionMode` , provide this key ID. The key that you use needs an attached policy that enables IAM user permissions and allows use of the key.", - "title": "ServerSideEncryptionKmsKeyId", + } + }, + "type": "object" + }, + "AWS::Config::DeliveryChannel": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "ServiceAccessRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that has access to the Amazon Redshift service. The role must allow the `iam:PassRole` action.", - "title": "ServiceAccessRoleArn", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "TimeFormat": { - "markdownDescription": "The time format that you want to use. Valid values are `auto` (case-sensitive), `'timeformat_string'` , `'epochsecs'` , or `'epochmillisecs'` . It defaults to 10. Using `auto` recognizes most strings, even some that aren't supported when you use a time format string.\n\nIf your date and time values use formats different from each other, set this parameter to `auto` .", - "title": "TimeFormat", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "TrimBlanks": { - "markdownDescription": "A value that specifies to remove the trailing white space characters from a VARCHAR string. This parameter applies only to columns with a VARCHAR data type. Choose `true` to remove unneeded white space. The default is `false` .", - "title": "TrimBlanks", - "type": "boolean" + "Metadata": { + "type": "object" }, - "TruncateColumns": { - "markdownDescription": "A value that specifies to truncate data in columns to the appropriate number of characters, so that the data fits in the column. This parameter applies only to columns with a VARCHAR or CHAR data type, and rows with a size of 4 MB or less. Choose `true` to truncate data. The default is `false` .", - "title": "TruncateColumns", - "type": "boolean" + "Properties": { + "additionalProperties": false, + "properties": { + "ConfigSnapshotDeliveryProperties": { + "$ref": "#/definitions/AWS::Config::DeliveryChannel.ConfigSnapshotDeliveryProperties", + "markdownDescription": "The options for how often AWS Config delivers configuration snapshots to the Amazon S3 bucket.", + "title": "ConfigSnapshotDeliveryProperties" + }, + "Name": { + "markdownDescription": "A name for the delivery channel. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the delivery channel name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nUpdates are not supported. To change the name, you must run two separate updates. In the first update, delete this resource, and then recreate it with a new name in the second update.", + "title": "Name", + "type": "string" + }, + "S3BucketName": { + "markdownDescription": "The name of the Amazon S3 bucket to which AWS Config delivers configuration snapshots and configuration history files.\n\nIf you specify a bucket that belongs to another AWS account , that bucket must have policies that grant access permissions to AWS Config . For more information, see [Permissions for the Amazon S3 Bucket](https://docs.aws.amazon.com/config/latest/developerguide/s3-bucket-policy.html) in the *AWS Config Developer Guide* .", + "title": "S3BucketName", + "type": "string" + }, + "S3KeyPrefix": { + "markdownDescription": "The prefix for the specified Amazon S3 bucket.", + "title": "S3KeyPrefix", + "type": "string" + }, + "S3KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Key Management Service ( AWS KMS ) AWS KMS key (KMS key) used to encrypt objects delivered by AWS Config . Must belong to the same Region as the destination S3 bucket.", + "title": "S3KmsKeyArn", + "type": "string" + }, + "SnsTopicARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to which AWS Config sends notifications about configuration changes.\n\nIf you choose a topic from another account, the topic must have policies that grant access permissions to AWS Config . For more information, see [Permissions for the Amazon SNS Topic](https://docs.aws.amazon.com/config/latest/developerguide/sns-topic-policy.html) in the *AWS Config Developer Guide* .", + "title": "SnsTopicARN", + "type": "string" + } + }, + "required": [ + "S3BucketName" + ], + "type": "object" }, - "WriteBufferSize": { - "markdownDescription": "The size (in KB) of the in-memory file write buffer used when generating .csv files on the local disk at the DMS replication instance. The default value is 1000 (buffer size is 1000KB).", - "title": "WriteBufferSize", - "type": "number" + "Type": { + "enum": [ + "AWS::Config::DeliveryChannel" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::DMS::Endpoint.S3Settings": { + "AWS::Config::DeliveryChannel.ConfigSnapshotDeliveryProperties": { "additionalProperties": false, "properties": { - "AddColumnName": { - "markdownDescription": "An optional parameter that, when set to `true` or `y` , you can use to add column name information to the .csv output file.\n\nThe default value is `false` . Valid values are `true` , `false` , `y` , and `n` .", - "title": "AddColumnName", - "type": "boolean" - }, - "AddTrailingPaddingCharacter": { - "markdownDescription": "Use the S3 target endpoint setting `AddTrailingPaddingCharacter` to add padding on string data. The default value is `false` .", - "title": "AddTrailingPaddingCharacter", - "type": "boolean" - }, - "BucketFolder": { - "markdownDescription": "An optional parameter to set a folder name in the S3 bucket. If provided, tables are created in the path `*bucketFolder* / *schema_name* / *table_name* /` . If this parameter isn't specified, the path used is `*schema_name* / *table_name* /` .", - "title": "BucketFolder", + "DeliveryFrequency": { + "markdownDescription": "The frequency with which AWS Config delivers configuration snapshots.", + "title": "DeliveryFrequency", "type": "string" - }, - "BucketName": { - "markdownDescription": "The name of the S3 bucket.", - "title": "BucketName", + } + }, + "type": "object" + }, + "AWS::Config::OrganizationConfigRule": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "CannedAclForObjects": { - "markdownDescription": "A value that enables AWS DMS to specify a predefined (canned) access control list (ACL) for objects created in an Amazon S3 bucket as .csv or .parquet files. For more information about Amazon S3 canned ACLs, see [Canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) in the *Amazon S3 Developer Guide* .\n\nThe default value is NONE. Valid values include NONE, PRIVATE, PUBLIC_READ, PUBLIC_READ_WRITE, AUTHENTICATED_READ, AWS_EXEC_READ, BUCKET_OWNER_READ, and BUCKET_OWNER_FULL_CONTROL.", - "title": "CannedAclForObjects", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "CdcInsertsAndUpdates": { - "markdownDescription": "A value that enables a change data capture (CDC) load to write INSERT and UPDATE operations to .csv or .parquet (columnar storage) output files. The default setting is `false` , but when `CdcInsertsAndUpdates` is set to `true` or `y` , only INSERTs and UPDATEs from the source database are migrated to the .csv or .parquet file.\n\nFor .csv file format only, how these INSERTs and UPDATEs are recorded depends on the value of the `IncludeOpForFullLoad` parameter. If `IncludeOpForFullLoad` is set to `true` , the first field of every CDC record is set to either `I` or `U` to indicate INSERT and UPDATE operations at the source. But if `IncludeOpForFullLoad` is set to `false` , CDC records are written without an indication of INSERT or UPDATE operations at the source. For more information about how these settings work together, see [Indicating Source DB Operations in Migrated S3 Data](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.Configuring.InsertOps) in the *AWS Database Migration Service User Guide* .\n\n> AWS DMS supports the use of the `CdcInsertsAndUpdates` parameter in versions 3.3.1 and later.\n> \n> `CdcInsertsOnly` and `CdcInsertsAndUpdates` can't both be set to `true` for the same endpoint. Set either `CdcInsertsOnly` or `CdcInsertsAndUpdates` to `true` for the same endpoint, but not both.", - "title": "CdcInsertsAndUpdates", - "type": "boolean" - }, - "CdcInsertsOnly": { - "markdownDescription": "A value that enables a change data capture (CDC) load to write only INSERT operations to .csv or columnar storage (.parquet) output files. By default (the `false` setting), the first field in a .csv or .parquet record contains the letter I (INSERT), U (UPDATE), or D (DELETE). These values indicate whether the row was inserted, updated, or deleted at the source database for a CDC load to the target.\n\nIf `CdcInsertsOnly` is set to `true` or `y` , only INSERTs from the source database are migrated to the .csv or .parquet file. For .csv format only, how these INSERTs are recorded depends on the value of `IncludeOpForFullLoad` . If `IncludeOpForFullLoad` is set to `true` , the first field of every CDC record is set to I to indicate the INSERT operation at the source. If `IncludeOpForFullLoad` is set to `false` , every CDC record is written without a first field to indicate the INSERT operation at the source. For more information about how these settings work together, see [Indicating Source DB Operations in Migrated S3 Data](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.Configuring.InsertOps) in the *AWS Database Migration Service User Guide* .\n\n> AWS DMS supports the interaction described preceding between the `CdcInsertsOnly` and `IncludeOpForFullLoad` parameters in versions 3.1.4 and later.\n> \n> `CdcInsertsOnly` and `CdcInsertsAndUpdates` can't both be set to `true` for the same endpoint. Set either `CdcInsertsOnly` or `CdcInsertsAndUpdates` to `true` for the same endpoint, but not both.", - "title": "CdcInsertsOnly", - "type": "boolean" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "CdcMaxBatchInterval": { - "markdownDescription": "Maximum length of the interval, defined in seconds, after which to output a file to Amazon S3.\n\nWhen `CdcMaxBatchInterval` and `CdcMinFileSize` are both specified, the file write is triggered by whichever parameter condition is met first within an AWS DMS CloudFormation template.\n\nThe default value is 60 seconds.", - "title": "CdcMaxBatchInterval", - "type": "number" + "Metadata": { + "type": "object" }, - "CdcMinFileSize": { - "markdownDescription": "Minimum file size, defined in kilobytes, to reach for a file output to Amazon S3.\n\nWhen `CdcMinFileSize` and `CdcMaxBatchInterval` are both specified, the file write is triggered by whichever parameter condition is met first within an AWS DMS CloudFormation template.\n\nThe default value is 32 MB.", - "title": "CdcMinFileSize", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "ExcludedAccounts": { + "items": { + "type": "string" + }, + "markdownDescription": "A comma-separated list of accounts excluded from organization AWS Config rule.", + "title": "ExcludedAccounts", + "type": "array" + }, + "OrganizationConfigRuleName": { + "markdownDescription": "The name that you assign to organization AWS Config rule.", + "title": "OrganizationConfigRuleName", + "type": "string" + }, + "OrganizationCustomPolicyRuleMetadata": { + "$ref": "#/definitions/AWS::Config::OrganizationConfigRule.OrganizationCustomPolicyRuleMetadata", + "markdownDescription": "An object that specifies metadata for your organization's AWS Config Custom Policy rule. The metadata includes the runtime system in use, which accounts have debug logging enabled, and other custom rule metadata, such as resource type, resource ID of AWS resource, and organization trigger types that initiate AWS Config to evaluate AWS resources against a rule.", + "title": "OrganizationCustomPolicyRuleMetadata" + }, + "OrganizationCustomRuleMetadata": { + "$ref": "#/definitions/AWS::Config::OrganizationConfigRule.OrganizationCustomRuleMetadata", + "markdownDescription": "An `OrganizationCustomRuleMetadata` object.", + "title": "OrganizationCustomRuleMetadata" + }, + "OrganizationManagedRuleMetadata": { + "$ref": "#/definitions/AWS::Config::OrganizationConfigRule.OrganizationManagedRuleMetadata", + "markdownDescription": "An `OrganizationManagedRuleMetadata` object.", + "title": "OrganizationManagedRuleMetadata" + } + }, + "required": [ + "OrganizationConfigRuleName" + ], + "type": "object" }, - "CdcPath": { - "markdownDescription": "Specifies the folder path of CDC files. For an S3 source, this setting is required if a task captures change data; otherwise, it's optional. If `CdcPath` is set, AWS DMS reads CDC files from this path and replicates the data changes to the target endpoint. For an S3 target if you set [`PreserveTransactions`](https://docs.aws.amazon.com/dms/latest/APIReference/API_S3Settings.html#DMS-Type-S3Settings-PreserveTransactions) to `true` , AWS DMS verifies that you have set this parameter to a folder path on your S3 target where AWS DMS can save the transaction order for the CDC load. AWS DMS creates this CDC folder path in either your S3 target working directory or the S3 target location specified by [`BucketFolder`](https://docs.aws.amazon.com/dms/latest/APIReference/API_S3Settings.html#DMS-Type-S3Settings-BucketFolder) and [`BucketName`](https://docs.aws.amazon.com/dms/latest/APIReference/API_S3Settings.html#DMS-Type-S3Settings-BucketName) .\n\nFor example, if you specify `CdcPath` as `MyChangedData` , and you specify `BucketName` as `MyTargetBucket` but do not specify `BucketFolder` , AWS DMS creates the CDC folder path following: `MyTargetBucket/MyChangedData` .\n\nIf you specify the same `CdcPath` , and you specify `BucketName` as `MyTargetBucket` and `BucketFolder` as `MyTargetData` , AWS DMS creates the CDC folder path following: `MyTargetBucket/MyTargetData/MyChangedData` .\n\nFor more information on CDC including transaction order on an S3 target, see [Capturing data changes (CDC) including transaction order on the S3 target](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.EndpointSettings.CdcPath) .\n\n> This setting is supported in AWS DMS versions 3.4.2 and later.", - "title": "CdcPath", + "Type": { + "enum": [ + "AWS::Config::OrganizationConfigRule" + ], "type": "string" }, - "CompressionType": { - "markdownDescription": "An optional parameter. When set to GZIP it enables the service to compress the target files. To allow the service to write the target files uncompressed, either set this parameter to NONE (the default) or don't specify the parameter at all. This parameter applies to both .csv and .parquet file formats.", - "title": "CompressionType", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Config::OrganizationConfigRule.OrganizationCustomPolicyRuleMetadata": { + "additionalProperties": false, + "properties": { + "DebugLogDeliveryAccounts": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of accounts that you can enable debug logging for your organization AWS Config Custom Policy rule. List is null when debug logging is enabled for all accounts.", + "title": "DebugLogDeliveryAccounts", + "type": "array" }, - "CsvDelimiter": { - "markdownDescription": "The delimiter used to separate columns in the .csv file for both source and target. The default is a comma.", - "title": "CsvDelimiter", + "Description": { + "markdownDescription": "The description that you provide for your organization AWS Config Custom Policy rule.", + "title": "Description", "type": "string" }, - "CsvNoSupValue": { - "markdownDescription": "This setting only applies if your Amazon S3 output files during a change data capture (CDC) load are written in .csv format. If [`UseCsvNoSupValue`](https://docs.aws.amazon.com/dms/latest/APIReference/API_S3Settings.html#DMS-Type-S3Settings-UseCsvNoSupValue) is set to true, specify a string value that you want AWS DMS to use for all columns not included in the supplemental log. If you do not specify a string value, AWS DMS uses the null value for these columns regardless of the `UseCsvNoSupValue` setting.\n\n> This setting is supported in AWS DMS versions 3.4.1 and later.", - "title": "CsvNoSupValue", + "InputParameters": { + "markdownDescription": "A string, in JSON format, that is passed to your organization AWS Config Custom Policy rule.", + "title": "InputParameters", "type": "string" }, - "CsvNullValue": { - "markdownDescription": "An optional parameter that specifies how AWS DMS treats null values. While handling the null value, you can use this parameter to pass a user-defined string as null when writing to the target. For example, when target columns are not nullable, you can use this option to differentiate between the empty string value and the null value. So, if you set this parameter value to the empty string (\"\" or ''), AWS DMS treats the empty string as the null value instead of `NULL` .\n\nThe default value is `NULL` . Valid values include any valid string.", - "title": "CsvNullValue", + "MaximumExecutionFrequency": { + "markdownDescription": "The maximum frequency with which AWS Config runs evaluations for a rule. Your AWS Config Custom Policy rule is triggered when AWS Config delivers the configuration snapshot. For more information, see `ConfigSnapshotDeliveryProperties` .", + "title": "MaximumExecutionFrequency", "type": "string" }, - "CsvRowDelimiter": { - "markdownDescription": "The delimiter used to separate rows in the .csv file for both source and target.\n\nThe default is a carriage return ( `\\n` ).", - "title": "CsvRowDelimiter", - "type": "string" + "OrganizationConfigRuleTriggerTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The type of notification that initiates AWS Config to run an evaluation for a rule. For AWS Config Custom Policy rules, AWS Config supports change-initiated notification types:\n\n- `ConfigurationItemChangeNotification` - Initiates an evaluation when AWS Config delivers a configuration item as a result of a resource change.\n- `OversizedConfigurationItemChangeNotification` - Initiates an evaluation when AWS Config delivers an oversized configuration item. AWS Config may generate this notification type when a resource changes and the notification exceeds the maximum size allowed by Amazon SNS.", + "title": "OrganizationConfigRuleTriggerTypes", + "type": "array" }, - "DataFormat": { - "markdownDescription": "The format of the data that you want to use for output. You can choose one of the following:\n\n- `csv` : This is a row-based file format with comma-separated values (.csv).\n- `parquet` : Apache Parquet (.parquet) is a columnar storage file format that features efficient compression and provides faster query response.", - "title": "DataFormat", + "PolicyText": { + "markdownDescription": "The policy definition containing the logic for your organization AWS Config Custom Policy rule.", + "title": "PolicyText", "type": "string" }, - "DataPageSize": { - "markdownDescription": "The size of one data page in bytes. This parameter defaults to 1024 * 1024 bytes (1 MiB). This number is used for .parquet file format only.", - "title": "DataPageSize", - "type": "number" - }, - "DatePartitionDelimiter": { - "markdownDescription": "Specifies a date separating delimiter to use during folder partitioning. The default value is `SLASH` . Use this parameter when `DatePartitionedEnabled` is set to `true` .", - "title": "DatePartitionDelimiter", + "ResourceIdScope": { + "markdownDescription": "The ID of the AWS resource that was evaluated.", + "title": "ResourceIdScope", "type": "string" }, - "DatePartitionEnabled": { - "markdownDescription": "When set to `true` , this parameter partitions S3 bucket folders based on transaction commit dates. The default value is `false` . For more information about date-based folder partitioning, see [Using date-based folder partitioning](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.DatePartitioning) .", - "title": "DatePartitionEnabled", - "type": "boolean" + "ResourceTypesScope": { + "items": { + "type": "string" + }, + "markdownDescription": "The type of the AWS resource that was evaluated.", + "title": "ResourceTypesScope", + "type": "array" }, - "DatePartitionSequence": { - "markdownDescription": "Identifies the sequence of the date format to use during folder partitioning. The default value is `YYYYMMDD` . Use this parameter when `DatePartitionedEnabled` is set to `true` .", - "title": "DatePartitionSequence", + "Runtime": { + "markdownDescription": "The runtime system for your organization AWS Config Custom Policy rules. Guard is a policy-as-code language that allows you to write policies that are enforced by AWS Config Custom Policy rules. For more information about Guard, see the [Guard GitHub Repository](https://docs.aws.amazon.com/https://github.com/aws-cloudformation/cloudformation-guard) .", + "title": "Runtime", "type": "string" }, - "DatePartitionTimezone": { - "markdownDescription": "When creating an S3 target endpoint, set `DatePartitionTimezone` to convert the current UTC time into a specified time zone. The conversion occurs when a date partition folder is created and a change data capture (CDC) file name is generated. The time zone format is Area/Location. Use this parameter when `DatePartitionedEnabled` is set to `true` , as shown in the following example.\n\n`s3-settings='{\"DatePartitionEnabled\": true, \"DatePartitionSequence\": \"YYYYMMDDHH\", \"DatePartitionDelimiter\": \"SLASH\", \"DatePartitionTimezone\":\" *Asia/Seoul* \", \"BucketName\": \"dms-nattarat-test\"}'`", - "title": "DatePartitionTimezone", + "TagKeyScope": { + "markdownDescription": "One part of a key-value pair that make up a tag. A key is a general label that acts like a category for more specific tag values.", + "title": "TagKeyScope", "type": "string" }, - "DictPageSizeLimit": { - "markdownDescription": "The maximum size of an encoded dictionary page of a column. If the dictionary page exceeds this, this column is stored using an encoding type of `PLAIN` . This parameter defaults to 1024 * 1024 bytes (1 MiB), the maximum size of a dictionary page before it reverts to `PLAIN` encoding. This size is used for .parquet file format only.", - "title": "DictPageSizeLimit", - "type": "number" - }, - "EnableStatistics": { - "markdownDescription": "A value that enables statistics for Parquet pages and row groups. Choose `true` to enable statistics, `false` to disable. Statistics include `NULL` , `DISTINCT` , `MAX` , and `MIN` values. This parameter defaults to `true` . This value is used for .parquet file format only.", - "title": "EnableStatistics", - "type": "boolean" - }, - "EncodingType": { - "markdownDescription": "The type of encoding that you're using:\n\n- `RLE_DICTIONARY` uses a combination of bit-packing and run-length encoding to store repeated values more efficiently. This is the default.\n- `PLAIN` doesn't use encoding at all. Values are stored as they are.\n- `PLAIN_DICTIONARY` builds a dictionary of the values encountered in a given column. The dictionary is stored in a dictionary page for each column chunk.", - "title": "EncodingType", + "TagValueScope": { + "markdownDescription": "The optional part of a key-value pair that make up a tag. A value acts as a descriptor within a tag category (key).", + "title": "TagValueScope", "type": "string" - }, - "EncryptionMode": { - "markdownDescription": "The type of server-side encryption that you want to use for your data. This encryption type is part of the endpoint settings or the extra connections attributes for Amazon S3. You can choose either `SSE_S3` (the default) or `SSE_KMS` .\n\n> For the `ModifyEndpoint` operation, you can change the existing value of the `EncryptionMode` parameter from `SSE_KMS` to `SSE_S3` . But you can\u2019t change the existing value from `SSE_S3` to `SSE_KMS` . \n\nTo use `SSE_S3` , you need an IAM role with permission to allow `\"arn:aws:s3:::dms-*\"` to use the following actions:\n\n- `s3:CreateBucket`\n- `s3:ListBucket`\n- `s3:DeleteBucket`\n- `s3:GetBucketLocation`\n- `s3:GetObject`\n- `s3:PutObject`\n- `s3:DeleteObject`\n- `s3:GetObjectVersion`\n- `s3:GetBucketPolicy`\n- `s3:PutBucketPolicy`\n- `s3:DeleteBucketPolicy`", - "title": "EncryptionMode", + } + }, + "required": [ + "PolicyText", + "Runtime" + ], + "type": "object" + }, + "AWS::Config::OrganizationConfigRule.OrganizationCustomRuleMetadata": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description that you provide for your organization AWS Config rule.", + "title": "Description", "type": "string" }, - "ExpectedBucketOwner": { - "markdownDescription": "To specify a bucket owner and prevent sniping, you can use the `ExpectedBucketOwner` endpoint setting.\n\nExample: `--s3-settings='{\"ExpectedBucketOwner\": \" *AWS_Account_ID* \"}'`\n\nWhen you make a request to test a connection or perform a migration, S3 checks the account ID of the bucket owner against the specified parameter.", - "title": "ExpectedBucketOwner", + "InputParameters": { + "markdownDescription": "A string, in JSON format, that is passed to your organization AWS Config rule Lambda function.", + "title": "InputParameters", "type": "string" }, - "ExternalTableDefinition": { - "markdownDescription": "The external table definition.\n\nConditional: If `S3` is used as a source then `ExternalTableDefinition` is required.", - "title": "ExternalTableDefinition", + "LambdaFunctionArn": { + "markdownDescription": "The lambda function ARN.", + "title": "LambdaFunctionArn", "type": "string" }, - "GlueCatalogGeneration": { - "markdownDescription": "When true, allows AWS Glue to catalog your S3 bucket. Creating an AWS Glue catalog lets you use Athena to query your data.", - "title": "GlueCatalogGeneration", - "type": "boolean" - }, - "IgnoreHeaderRows": { - "markdownDescription": "When this value is set to 1, AWS DMS ignores the first row header in a .csv file. A value of 1 turns on the feature; a value of 0 turns off the feature.\n\nThe default is 0.", - "title": "IgnoreHeaderRows", - "type": "number" - }, - "IncludeOpForFullLoad": { - "markdownDescription": "A value that enables a full load to write INSERT operations to the comma-separated value (.csv) output files only to indicate how the rows were added to the source database.\n\n> AWS DMS supports the `IncludeOpForFullLoad` parameter in versions 3.1.4 and later. \n\nFor full load, records can only be inserted. By default (the `false` setting), no information is recorded in these output files for a full load to indicate that the rows were inserted at the source database. If `IncludeOpForFullLoad` is set to `true` or `y` , the INSERT is recorded as an I annotation in the first field of the .csv file. This allows the format of your target records from a full load to be consistent with the target records from a CDC load.\n\n> This setting works together with the `CdcInsertsOnly` and the `CdcInsertsAndUpdates` parameters for output to .csv files only. For more information about how these settings work together, see [Indicating Source DB Operations in Migrated S3 Data](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.Configuring.InsertOps) in the *AWS Database Migration Service User Guide* .", - "title": "IncludeOpForFullLoad", - "type": "boolean" - }, - "MaxFileSize": { - "markdownDescription": "A value that specifies the maximum size (in KB) of any .csv file to be created while migrating to an S3 target during full load.\n\nThe default value is 1,048,576 KB (1 GB). Valid values include 1 to 1,048,576.", - "title": "MaxFileSize", - "type": "number" - }, - "ParquetTimestampInMillisecond": { - "markdownDescription": "A value that specifies the precision of any `TIMESTAMP` column values that are written to an Amazon S3 object file in .parquet format.\n\n> AWS DMS supports the `ParquetTimestampInMillisecond` parameter in versions 3.1.4 and later. \n\nWhen `ParquetTimestampInMillisecond` is set to `true` or `y` , AWS DMS writes all `TIMESTAMP` columns in a .parquet formatted file with millisecond precision. Otherwise, DMS writes them with microsecond precision.\n\nCurrently, Amazon Athena and AWS Glue can handle only millisecond precision for `TIMESTAMP` values. Set this parameter to `true` for S3 endpoint object files that are .parquet formatted only if you plan to query or process the data with Athena or AWS Glue .\n\n> AWS DMS writes any `TIMESTAMP` column values written to an S3 file in .csv format with microsecond precision.\n> \n> Setting `ParquetTimestampInMillisecond` has no effect on the string format of the timestamp column value that is inserted by setting the `TimestampColumnName` parameter.", - "title": "ParquetTimestampInMillisecond", - "type": "boolean" - }, - "ParquetVersion": { - "markdownDescription": "The version of the Apache Parquet format that you want to use: `parquet_1_0` (the default) or `parquet_2_0` .", - "title": "ParquetVersion", + "MaximumExecutionFrequency": { + "markdownDescription": "The maximum frequency with which AWS Config runs evaluations for a rule. Your custom rule is triggered when AWS Config delivers the configuration snapshot. For more information, see `ConfigSnapshotDeliveryProperties` .\n\n> By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the `MaximumExecutionFrequency` parameter.", + "title": "MaximumExecutionFrequency", "type": "string" }, - "PreserveTransactions": { - "markdownDescription": "If this setting is set to `true` , AWS DMS saves the transaction order for a change data capture (CDC) load on the Amazon S3 target specified by [`CdcPath`](https://docs.aws.amazon.com/dms/latest/APIReference/API_S3Settings.html#DMS-Type-S3Settings-CdcPath) . For more information, see [Capturing data changes (CDC) including transaction order on the S3 target](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.EndpointSettings.CdcPath) .\n\n> This setting is supported in AWS DMS versions 3.4.2 and later.", - "title": "PreserveTransactions", - "type": "boolean" - }, - "Rfc4180": { - "markdownDescription": "For an S3 source, when this value is set to `true` or `y` , each leading double quotation mark has to be followed by an ending double quotation mark. This formatting complies with RFC 4180. When this value is set to `false` or `n` , string literals are copied to the target as is. In this case, a delimiter (row or column) signals the end of the field. Thus, you can't use a delimiter as part of the string, because it signals the end of the value.\n\nFor an S3 target, an optional parameter used to set behavior to comply with RFC 4180 for data migrated to Amazon S3 using .csv file format only. When this value is set to `true` or `y` using Amazon S3 as a target, if the data has quotation marks or newline characters in it, AWS DMS encloses the entire column with an additional pair of double quotation marks (\"). Every quotation mark within the data is repeated twice.\n\nThe default value is `true` . Valid values include `true` , `false` , `y` , and `n` .", - "title": "Rfc4180", - "type": "boolean" - }, - "RowGroupLength": { - "markdownDescription": "The number of rows in a row group. A smaller row group size provides faster reads. But as the number of row groups grows, the slower writes become. This parameter defaults to 10,000 rows. This number is used for .parquet file format only.\n\nIf you choose a value larger than the maximum, `RowGroupLength` is set to the max row group length in bytes (64 * 1024 * 1024).", - "title": "RowGroupLength", - "type": "number" + "OrganizationConfigRuleTriggerTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The type of notification that triggers AWS Config to run an evaluation for a rule. You can specify the following notification types:\n\n- `ConfigurationItemChangeNotification` - Triggers an evaluation when AWS Config delivers a configuration item as a result of a resource change.\n- `OversizedConfigurationItemChangeNotification` - Triggers an evaluation when AWS Config delivers an oversized configuration item. AWS Config may generate this notification type when a resource changes and the notification exceeds the maximum size allowed by Amazon SNS.\n- `ScheduledNotification` - Triggers a periodic evaluation at the frequency specified for `MaximumExecutionFrequency` .", + "title": "OrganizationConfigRuleTriggerTypes", + "type": "array" }, - "ServerSideEncryptionKmsKeyId": { - "markdownDescription": "If you are using `SSE_KMS` for the `EncryptionMode` , provide the AWS KMS key ID. The key that you use needs an attached policy that enables IAM user permissions and allows use of the key.\n\nHere is a CLI example: `aws dms create-endpoint --endpoint-identifier *value* --endpoint-type target --engine-name s3 --s3-settings ServiceAccessRoleArn= *value* ,BucketFolder= *value* ,BucketName= *value* ,EncryptionMode=SSE_KMS,ServerSideEncryptionKmsKeyId= *value*`", - "title": "ServerSideEncryptionKmsKeyId", + "ResourceIdScope": { + "markdownDescription": "The ID of the AWS resource that was evaluated.", + "title": "ResourceIdScope", "type": "string" }, - "ServiceAccessRoleArn": { - "markdownDescription": "A required parameter that specifies the Amazon Resource Name (ARN) used by the service to access the IAM role. The role must allow the `iam:PassRole` action. It enables AWS DMS to read and write objects from an S3 bucket.", - "title": "ServiceAccessRoleArn", - "type": "string" + "ResourceTypesScope": { + "items": { + "type": "string" + }, + "markdownDescription": "The type of the AWS resource that was evaluated.", + "title": "ResourceTypesScope", + "type": "array" }, - "TimestampColumnName": { - "markdownDescription": "A value that when nonblank causes AWS DMS to add a column with timestamp information to the endpoint data for an Amazon S3 target.\n\n> AWS DMS supports the `TimestampColumnName` parameter in versions 3.1.4 and later. \n\nAWS DMS includes an additional `STRING` column in the .csv or .parquet object files of your migrated data when you set `TimestampColumnName` to a nonblank value.\n\nFor a full load, each row of this timestamp column contains a timestamp for when the data was transferred from the source to the target by DMS.\n\nFor a change data capture (CDC) load, each row of the timestamp column contains the timestamp for the commit of that row in the source database.\n\nThe string format for this timestamp column value is `yyyy-MM-dd HH:mm:ss.SSSSSS` . By default, the precision of this value is in microseconds. For a CDC load, the rounding of the precision depends on the commit timestamp supported by DMS for the source database.\n\nWhen the `AddColumnName` parameter is set to `true` , DMS also includes a name for the timestamp column that you set with `TimestampColumnName` .", - "title": "TimestampColumnName", + "TagKeyScope": { + "markdownDescription": "One part of a key-value pair that make up a tag. A key is a general label that acts like a category for more specific tag values.", + "title": "TagKeyScope", "type": "string" }, - "UseCsvNoSupValue": { - "markdownDescription": "This setting applies if the S3 output files during a change data capture (CDC) load are written in .csv format. If this setting is set to `true` for columns not included in the supplemental log, AWS DMS uses the value specified by [`CsvNoSupValue`](https://docs.aws.amazon.com/dms/latest/APIReference/API_S3Settings.html#DMS-Type-S3Settings-CsvNoSupValue) . If this setting isn't set or is set to `false` , AWS DMS uses the null value for these columns.\n\n> This setting is supported in AWS DMS versions 3.4.1 and later.", - "title": "UseCsvNoSupValue", - "type": "boolean" - }, - "UseTaskStartTimeForFullLoadTimestamp": { - "markdownDescription": "When set to true, this parameter uses the task start time as the timestamp column value instead of the time data is written to target. For full load, when `useTaskStartTimeForFullLoadTimestamp` is set to `true` , each row of the timestamp column contains the task start time. For CDC loads, each row of the timestamp column contains the transaction commit time.\n\nWhen `useTaskStartTimeForFullLoadTimestamp` is set to `false` , the full load timestamp in the timestamp column increments with the time data arrives at the target.", - "title": "UseTaskStartTimeForFullLoadTimestamp", - "type": "boolean" + "TagValueScope": { + "markdownDescription": "The optional part of a key-value pair that make up a tag. A value acts as a descriptor within a tag category (key).", + "title": "TagValueScope", + "type": "string" } }, + "required": [ + "LambdaFunctionArn", + "OrganizationConfigRuleTriggerTypes" + ], "type": "object" }, - "AWS::DMS::Endpoint.SybaseSettings": { + "AWS::Config::OrganizationConfigRule.OrganizationManagedRuleMetadata": { "additionalProperties": false, "properties": { - "SecretsManagerAccessRoleArn": { - "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the SAP ASE endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", - "title": "SecretsManagerAccessRoleArn", + "Description": { + "markdownDescription": "The description that you provide for your organization AWS Config rule.", + "title": "Description", "type": "string" }, - "SecretsManagerSecretId": { - "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the SAP SAE endpoint connection details.", - "title": "SecretsManagerSecretId", + "InputParameters": { + "markdownDescription": "A string, in JSON format, that is passed to your organization AWS Config rule Lambda function.", + "title": "InputParameters", + "type": "string" + }, + "MaximumExecutionFrequency": { + "markdownDescription": "The maximum frequency with which AWS Config runs evaluations for a rule. This is for an AWS Config managed rule that is triggered at a periodic frequency.\n\n> By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the `MaximumExecutionFrequency` parameter.", + "title": "MaximumExecutionFrequency", + "type": "string" + }, + "ResourceIdScope": { + "markdownDescription": "The ID of the AWS resource that was evaluated.", + "title": "ResourceIdScope", + "type": "string" + }, + "ResourceTypesScope": { + "items": { + "type": "string" + }, + "markdownDescription": "The type of the AWS resource that was evaluated.", + "title": "ResourceTypesScope", + "type": "array" + }, + "RuleIdentifier": { + "markdownDescription": "For organization config managed rules, a predefined identifier from a list. For example, `IAM_PASSWORD_POLICY` is a managed rule. To reference a managed rule, see [Using AWS Config managed rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html) .", + "title": "RuleIdentifier", + "type": "string" + }, + "TagKeyScope": { + "markdownDescription": "One part of a key-value pair that make up a tag. A key is a general label that acts like a category for more specific tag values.", + "title": "TagKeyScope", + "type": "string" + }, + "TagValueScope": { + "markdownDescription": "The optional part of a key-value pair that make up a tag. A value acts as a descriptor within a tag category (key).", + "title": "TagValueScope", "type": "string" } }, + "required": [ + "RuleIdentifier" + ], "type": "object" }, - "AWS::DMS::EventSubscription": { + "AWS::Config::OrganizationConformancePack": { "additionalProperties": false, "properties": { "Condition": { @@ -58021,59 +63730,56 @@ "Properties": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Indicates whether to activate the subscription. If you don't specify this property, AWS CloudFormation activates the subscription.", - "title": "Enabled", - "type": "boolean" - }, - "EventCategories": { + "ConformancePackInputParameters": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Config::OrganizationConformancePack.ConformancePackInputParameter" }, - "markdownDescription": "A list of event categories for a source type that you want to subscribe to. If you don't specify this property, you are notified about all event categories. For more information, see [Working with Events and Notifications](https://docs.aws.amazon.com//dms/latest/userguide/CHAP_Events.html) in the *AWS DMS User Guide* .", - "title": "EventCategories", + "markdownDescription": "A list of `ConformancePackInputParameter` objects.", + "title": "ConformancePackInputParameters", "type": "array" }, - "SnsTopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic created for event notification. The ARN is created by Amazon SNS when you create a topic and subscribe to it.", - "title": "SnsTopicArn", + "DeliveryS3Bucket": { + "markdownDescription": "The name of the Amazon S3 bucket where AWS Config stores conformance pack templates.\n\n> This field is optional.", + "title": "DeliveryS3Bucket", "type": "string" }, - "SourceIds": { + "DeliveryS3KeyPrefix": { + "markdownDescription": "Any folder structure you want to add to an Amazon S3 bucket.\n\n> This field is optional.", + "title": "DeliveryS3KeyPrefix", + "type": "string" + }, + "ExcludedAccounts": { "items": { "type": "string" }, - "markdownDescription": "A list of identifiers for which AWS DMS provides notification events.\n\nIf you don't specify a value, notifications are provided for all sources.\n\nIf you specify multiple values, they must be of the same type. For example, if you specify a database instance ID, then all of the other values must be database instance IDs.", - "title": "SourceIds", + "markdownDescription": "A comma-separated list of accounts excluded from organization conformance pack.", + "title": "ExcludedAccounts", "type": "array" }, - "SourceType": { - "markdownDescription": "The type of AWS DMS resource that generates the events. For example, if you want to be notified of events generated by a replication instance, you set this parameter to `replication-instance` . If this value isn't specified, all events are returned.\n\n*Valid values* : `replication-instance` | `replication-task`", - "title": "SourceType", + "OrganizationConformancePackName": { + "markdownDescription": "The name you assign to an organization conformance pack.", + "title": "OrganizationConformancePackName", "type": "string" }, - "SubscriptionName": { - "markdownDescription": "The name of the AWS DMS event notification subscription. This name must be less than 255 characters.", - "title": "SubscriptionName", + "TemplateBody": { + "markdownDescription": "A string containing full conformance pack template body. Structure containing the template body with a minimum length of 1 byte and a maximum length of 51,200 bytes.", + "title": "TemplateBody", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "One or more tags to be assigned to the event subscription.", - "title": "Tags", - "type": "array" + "TemplateS3Uri": { + "markdownDescription": "Location of file containing the template body. The uri must point to the conformance pack template (max size: 300 KB).", + "title": "TemplateS3Uri", + "type": "string" } }, "required": [ - "SnsTopicArn" + "OrganizationConformancePackName" ], "type": "object" }, "Type": { "enum": [ - "AWS::DMS::EventSubscription" + "AWS::Config::OrganizationConformancePack" ], "type": "string" }, @@ -58092,7 +63798,27 @@ ], "type": "object" }, - "AWS::DMS::InstanceProfile": { + "AWS::Config::OrganizationConformancePack.ConformancePackInputParameter": { + "additionalProperties": false, + "properties": { + "ParameterName": { + "markdownDescription": "One part of a key-value pair.", + "title": "ParameterName", + "type": "string" + }, + "ParameterValue": { + "markdownDescription": "One part of a key-value pair.", + "title": "ParameterValue", + "type": "string" + } + }, + "required": [ + "ParameterName", + "ParameterValue" + ], + "type": "object" + }, + "AWS::Config::RemediationConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -58127,68 +63853,67 @@ "Properties": { "additionalProperties": false, "properties": { - "AvailabilityZone": { - "markdownDescription": "The Availability Zone where the instance profile runs.", - "title": "AvailabilityZone", - "type": "string" + "Automatic": { + "markdownDescription": "The remediation is triggered automatically.", + "title": "Automatic", + "type": "boolean" }, - "Description": { - "markdownDescription": "A description of the instance profile. Descriptions can have up to 31 characters. A description can contain only ASCII letters, digits, and hyphens ('-'). Also, it can't end with a hyphen or contain two consecutive hyphens, and can only begin with a letter.", - "title": "Description", + "ConfigRuleName": { + "markdownDescription": "The name of the AWS Config rule.", + "title": "ConfigRuleName", "type": "string" }, - "InstanceProfileIdentifier": { - "markdownDescription": "The identifier of the instance profile. Identifiers must begin with a letter and must contain only ASCII letters, digits, and hyphens. They can't end with a hyphen, or contain two consecutive hyphens.", - "title": "InstanceProfileIdentifier", - "type": "string" + "ExecutionControls": { + "$ref": "#/definitions/AWS::Config::RemediationConfiguration.ExecutionControls", + "markdownDescription": "An ExecutionControls object.", + "title": "ExecutionControls" }, - "InstanceProfileName": { - "markdownDescription": "The user-friendly name for the instance profile.", - "title": "InstanceProfileName", - "type": "string" + "MaximumAutomaticAttempts": { + "markdownDescription": "The maximum number of failed attempts for auto-remediation. If you do not select a number, the default is 5.\n\nFor example, if you specify MaximumAutomaticAttempts as 5 with RetryAttemptSeconds as 50 seconds, AWS Config will put a RemediationException on your behalf for the failing resource after the 5th failed attempt within 50 seconds.", + "title": "MaximumAutomaticAttempts", + "type": "number" }, - "KmsKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key that is used to encrypt the connection parameters for the instance profile.\n\nIf you don't specify a value for the `KmsKeyArn` parameter, then AWS DMS uses your default encryption key.\n\nAWS KMS creates the default encryption key for your AWS account . Your AWS account has a different default encryption key for each AWS Region .", - "title": "KmsKeyArn", - "type": "string" + "Parameters": { + "markdownDescription": "An object of the RemediationParameterValue. For more information, see [RemediationParameterValue](https://docs.aws.amazon.com/config/latest/APIReference/API_RemediationParameterValue.html) .\n\n> The type is a map of strings to RemediationParameterValue.", + "title": "Parameters", + "type": "object" }, - "NetworkType": { - "markdownDescription": "Specifies the network type for the instance profile. A value of `IPV4` represents an instance profile with IPv4 network type and only supports IPv4 addressing. A value of `IPV6` represents an instance profile with IPv6 network type and only supports IPv6 addressing. A value of `DUAL` represents an instance profile with dual network type that supports IPv4 and IPv6 addressing.", - "title": "NetworkType", + "ResourceType": { + "markdownDescription": "The type of a resource.", + "title": "ResourceType", "type": "string" }, - "PubliclyAccessible": { - "markdownDescription": "Specifies the accessibility options for the instance profile. A value of `true` represents an instance profile with a public IP address. A value of `false` represents an instance profile with a private IP address. The default value is `true` .", - "title": "PubliclyAccessible", - "type": "boolean" + "RetryAttemptSeconds": { + "markdownDescription": "Time window to determine whether or not to add a remediation exception to prevent infinite remediation attempts. If `MaximumAutomaticAttempts` remediation attempts have been made under `RetryAttemptSeconds` , a remediation exception will be added to the resource. If you do not select a number, the default is 60 seconds.\n\nFor example, if you specify `RetryAttemptSeconds` as 50 seconds and `MaximumAutomaticAttempts` as 5, AWS Config will run auto-remediations 5 times within 50 seconds before adding a remediation exception to the resource.", + "title": "RetryAttemptSeconds", + "type": "number" }, - "SubnetGroupIdentifier": { - "markdownDescription": "The identifier of the subnet group that is associated with the instance profile.", - "title": "SubnetGroupIdentifier", + "TargetId": { + "markdownDescription": "Target ID is the name of the SSM document.", + "title": "TargetId", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "", - "title": "Tags", - "type": "array" + "TargetType": { + "markdownDescription": "The type of the target. Target executes remediation. For example, SSM document.", + "title": "TargetType", + "type": "string" }, - "VpcSecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "The VPC security groups that are used with the instance profile. The VPC security group must work with the VPC containing the instance profile.", - "title": "VpcSecurityGroups", - "type": "array" + "TargetVersion": { + "markdownDescription": "Version of the target. For example, version of the SSM document.\n\n> If you make backward incompatible changes to the SSM document, you must call PutRemediationConfiguration API again to ensure the remediations can run.", + "title": "TargetVersion", + "type": "string" } }, + "required": [ + "ConfigRuleName", + "TargetId", + "TargetType" + ], "type": "object" }, "Type": { "enum": [ - "AWS::DMS::InstanceProfile" + "AWS::Config::RemediationConfiguration" ], "type": "string" }, @@ -58202,11 +63927,76 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::DMS::MigrationProject": { + "AWS::Config::RemediationConfiguration.ExecutionControls": { + "additionalProperties": false, + "properties": { + "SsmControls": { + "$ref": "#/definitions/AWS::Config::RemediationConfiguration.SsmControls", + "markdownDescription": "A SsmControls object.", + "title": "SsmControls" + } + }, + "type": "object" + }, + "AWS::Config::RemediationConfiguration.RemediationParameterValue": { + "additionalProperties": false, + "properties": { + "ResourceValue": { + "$ref": "#/definitions/AWS::Config::RemediationConfiguration.ResourceValue", + "markdownDescription": "The value is dynamic and changes at run-time.", + "title": "ResourceValue" + }, + "StaticValue": { + "$ref": "#/definitions/AWS::Config::RemediationConfiguration.StaticValue", + "markdownDescription": "The value is static and does not change at run-time.", + "title": "StaticValue" + } + }, + "type": "object" + }, + "AWS::Config::RemediationConfiguration.ResourceValue": { + "additionalProperties": false, + "properties": { + "Value": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::Config::RemediationConfiguration.SsmControls": { + "additionalProperties": false, + "properties": { + "ConcurrentExecutionRatePercentage": { + "markdownDescription": "The maximum percentage of remediation actions allowed to run in parallel on the non-compliant resources for that specific rule. You can specify a percentage, such as 10%. The default value is 10.", + "title": "ConcurrentExecutionRatePercentage", + "type": "number" + }, + "ErrorPercentage": { + "markdownDescription": "The percentage of errors that are allowed before SSM stops running automations on non-compliant resources for that specific rule. You can specify a percentage of errors, for example 10%. If you do not specifiy a percentage, the default is 50%. For example, if you set the ErrorPercentage to 40% for 10 non-compliant resources, then SSM stops running the automations when the fifth error is received.", + "title": "ErrorPercentage", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Config::RemediationConfiguration.StaticValue": { + "additionalProperties": false, + "properties": { + "Values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "AWS::Config::StoredQuery": { "additionalProperties": false, "properties": { "Condition": { @@ -58241,76 +64031,39 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A user-friendly description of the migration project.", - "title": "Description", - "type": "string" - }, - "InstanceProfileArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the instance profile for your migration project.", - "title": "InstanceProfileArn", - "type": "string" - }, - "InstanceProfileIdentifier": { - "markdownDescription": "The identifier of the instance profile for your migration project.", - "title": "InstanceProfileIdentifier", - "type": "string" - }, - "InstanceProfileName": { - "markdownDescription": "The name of the associated instance profile.", - "title": "InstanceProfileName", + "QueryDescription": { + "markdownDescription": "A unique description for the query.", + "title": "QueryDescription", "type": "string" }, - "MigrationProjectIdentifier": { - "markdownDescription": "The identifier of the migration project. Identifiers must begin with a letter and must contain only ASCII letters, digits, and hyphens. They can't end with a hyphen, or contain two consecutive hyphens.", - "title": "MigrationProjectIdentifier", + "QueryExpression": { + "markdownDescription": "The expression of the query. For example, `SELECT resourceId, resourceType, supplementaryConfiguration.BucketVersioningConfiguration.status WHERE resourceType = 'AWS::S3::Bucket' AND supplementaryConfiguration.BucketVersioningConfiguration.status = 'Off'.`", + "title": "QueryExpression", "type": "string" }, - "MigrationProjectName": { - "markdownDescription": "The name of the migration project.", - "title": "MigrationProjectName", + "QueryName": { + "markdownDescription": "The name of the query.", + "title": "QueryName", "type": "string" }, - "SchemaConversionApplicationAttributes": { - "$ref": "#/definitions/AWS::DMS::MigrationProject.SchemaConversionApplicationAttributes", - "markdownDescription": "The schema conversion application attributes, including the Amazon S3 bucket name and Amazon S3 role ARN.", - "title": "SchemaConversionApplicationAttributes" - }, - "SourceDataProviderDescriptors": { - "items": { - "$ref": "#/definitions/AWS::DMS::MigrationProject.DataProviderDescriptor" - }, - "markdownDescription": "Information about the source data provider, including the name or ARN, and AWS Secrets Manager parameters.", - "title": "SourceDataProviderDescriptors", - "type": "array" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "", + "markdownDescription": "An array of key-value pairs to apply to this resource.", "title": "Tags", "type": "array" - }, - "TargetDataProviderDescriptors": { - "items": { - "$ref": "#/definitions/AWS::DMS::MigrationProject.DataProviderDescriptor" - }, - "markdownDescription": "Information about the target data provider, including the name or ARN, and AWS Secrets Manager parameters.", - "title": "TargetDataProviderDescriptors", - "type": "array" - }, - "TransformationRules": { - "markdownDescription": "The settings in JSON format for migration rules. Migration rules make it possible for you to change the object names according to the rules that you specify. For example, you can change an object name to lowercase or uppercase, add or remove a prefix or suffix, or rename objects.", - "title": "TransformationRules", - "type": "string" } }, + "required": [ + "QueryExpression", + "QueryName" + ], "type": "object" }, "Type": { "enum": [ - "AWS::DMS::MigrationProject" + "AWS::Config::StoredQuery" ], "type": "string" }, @@ -58324,58 +64077,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::DMS::MigrationProject.DataProviderDescriptor": { - "additionalProperties": false, - "properties": { - "DataProviderArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the data provider.", - "title": "DataProviderArn", - "type": "string" - }, - "DataProviderIdentifier": { - "markdownDescription": "", - "title": "DataProviderIdentifier", - "type": "string" - }, - "DataProviderName": { - "markdownDescription": "The user-friendly name of the data provider.", - "title": "DataProviderName", - "type": "string" - }, - "SecretsManagerAccessRoleArn": { - "markdownDescription": "The ARN of the role used to access AWS Secrets Manager.", - "title": "SecretsManagerAccessRoleArn", - "type": "string" - }, - "SecretsManagerSecretId": { - "markdownDescription": "The identifier of the AWS Secrets Manager Secret used to store access credentials for the data provider.", - "title": "SecretsManagerSecretId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::DMS::MigrationProject.SchemaConversionApplicationAttributes": { - "additionalProperties": false, - "properties": { - "S3BucketPath": { - "markdownDescription": "", - "title": "S3BucketPath", - "type": "string" - }, - "S3BucketRoleArn": { - "markdownDescription": "", - "title": "S3BucketRoleArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::DMS::ReplicationConfig": { + "AWS::Connect::AgentStatus": { "additionalProperties": false, "properties": { "Condition": { @@ -58410,68 +64117,60 @@ "Properties": { "additionalProperties": false, "properties": { - "ComputeConfig": { - "$ref": "#/definitions/AWS::DMS::ReplicationConfig.ComputeConfig", - "markdownDescription": "Configuration parameters for provisioning an AWS DMS Serverless replication.", - "title": "ComputeConfig" - }, - "ReplicationConfigArn": { - "type": "string" - }, - "ReplicationConfigIdentifier": { - "markdownDescription": "A unique identifier that you want to use to create a `ReplicationConfigArn` that is returned as part of the output from this action. You can then pass this output `ReplicationConfigArn` as the value of the `ReplicationConfigArn` option for other actions to identify both AWS DMS Serverless replications and replication configurations that you want those actions to operate on. For some actions, you can also use either this unique identifier or a corresponding ARN in action filters to identify the specific replication and replication configuration to operate on.", - "title": "ReplicationConfigIdentifier", + "Description": { + "markdownDescription": "The description of the agent status.", + "title": "Description", "type": "string" }, - "ReplicationSettings": { - "markdownDescription": "Optional JSON settings for AWS DMS Serverless replications that are provisioned using this replication configuration. For example, see [Change processing tuning settings](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TaskSettings.ChangeProcessingTuning.html) .", - "title": "ReplicationSettings", - "type": "object" - }, - "ReplicationType": { - "markdownDescription": "The type of AWS DMS Serverless replication to provision using this replication configuration.\n\nPossible values:\n\n- `\"full-load\"`\n- `\"cdc\"`\n- `\"full-load-and-cdc\"`", - "title": "ReplicationType", - "type": "string" + "DisplayOrder": { + "markdownDescription": "The display order of the agent status.", + "title": "DisplayOrder", + "type": "number" }, - "ResourceIdentifier": { - "markdownDescription": "Optional unique value or name that you set for a given resource that can be used to construct an Amazon Resource Name (ARN) for that resource. For more information, see [Fine-grained access control using resource names and tags](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#CHAP_Security.FineGrainedAccess) .", - "title": "ResourceIdentifier", + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", + "title": "InstanceArn", "type": "string" }, - "SourceEndpointArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the source endpoint for this AWS DMS Serverless replication configuration.", - "title": "SourceEndpointArn", + "Name": { + "markdownDescription": "The name of the agent status.", + "title": "Name", "type": "string" }, - "SupplementalSettings": { - "markdownDescription": "Optional JSON settings for specifying supplemental data. For more information, see [Specifying supplemental data for task settings](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.TaskData.html) .", - "title": "SupplementalSettings", - "type": "object" + "ResetOrderNumber": { + "markdownDescription": "A number indicating the reset order of the agent status.", + "title": "ResetOrderNumber", + "type": "boolean" }, - "TableMappings": { - "markdownDescription": "JSON table mappings for AWS DMS Serverless replications that are provisioned using this replication configuration. For more information, see [Specifying table selection and transformations rules using JSON](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TableMapping.SelectionTransformation.html) .", - "title": "TableMappings", - "type": "object" + "State": { + "markdownDescription": "The state of the agent status.", + "title": "State", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "One or more optional tags associated with resources used by the AWS DMS Serverless replication. For more information, see [Tagging resources in AWS Database Migration Service](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tagging.html) .", + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"Tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" }, - "TargetEndpointArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the target endpoint for this AWS DMS serverless replication configuration.", - "title": "TargetEndpointArn", + "Type": { + "markdownDescription": "The type of agent status.", + "title": "Type", "type": "string" } }, + "required": [ + "InstanceArn", + "Name", + "State" + ], "type": "object" }, "Type": { "enum": [ - "AWS::DMS::ReplicationConfig" + "AWS::Connect::AgentStatus" ], "type": "string" }, @@ -58485,68 +64184,85 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::DMS::ReplicationConfig.ComputeConfig": { + "AWS::Connect::ApprovedOrigin": { "additionalProperties": false, "properties": { - "AvailabilityZone": { - "markdownDescription": "The Availability Zone where the AWS DMS Serverless replication using this configuration will run. The default value is a random, system-chosen Availability Zone in the configuration's AWS Region , for example, `\"us-west-2\"` . You can't set this parameter if the `MultiAZ` parameter is set to `true` .", - "title": "AvailabilityZone", - "type": "string" - }, - "DnsNameServers": { - "markdownDescription": "A list of custom DNS name servers supported for the AWS DMS Serverless replication to access your source or target database. This list overrides the default name servers supported by the AWS DMS Serverless replication. You can specify a comma-separated list of internet addresses for up to four DNS name servers. For example: `\"1.1.1.1,2.2.2.2,3.3.3.3,4.4.4.4\"`", - "title": "DnsNameServers", + "Condition": { "type": "string" }, - "KmsKeyId": { - "markdownDescription": "An AWS Key Management Service ( AWS KMS ) key Amazon Resource Name (ARN) that is used to encrypt the data during AWS DMS Serverless replication.\n\nIf you don't specify a value for the `KmsKeyId` parameter, AWS DMS uses your default encryption key.\n\nAWS KMS creates the default encryption key for your Amazon Web Services account. Your AWS account has a different default encryption key for each AWS Region .", - "title": "KmsKeyId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "MaxCapacityUnits": { - "markdownDescription": "Specifies the maximum value of the AWS DMS capacity units (DCUs) for which a given AWS DMS Serverless replication can be provisioned. A single DCU is 2GB of RAM, with 1 DCU as the minimum value allowed. The list of valid DCU values includes 1, 2, 4, 8, 16, 32, 64, 128, 192, 256, and 384. So, the maximum value that you can specify for AWS DMS Serverless is 384. The `MaxCapacityUnits` parameter is the only DCU parameter you are required to specify.", - "title": "MaxCapacityUnits", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "MinCapacityUnits": { - "markdownDescription": "Specifies the minimum value of the AWS DMS capacity units (DCUs) for which a given AWS DMS Serverless replication can be provisioned. A single DCU is 2GB of RAM, with 1 DCU as the minimum value allowed. The list of valid DCU values includes 1, 2, 4, 8, 16, 32, 64, 128, 192, 256, and 384. So, the minimum DCU value that you can specify for AWS DMS Serverless is 1. If you don't set this value, AWS DMS sets this parameter to the minimum DCU value allowed, 1. If there is no current source activity, AWS DMS scales down your replication until it reaches the value specified in `MinCapacityUnits` .", - "title": "MinCapacityUnits", - "type": "number" + "Metadata": { + "type": "object" }, - "MultiAZ": { - "markdownDescription": "Specifies whether the AWS DMS Serverless replication is a Multi-AZ deployment. You can't set the `AvailabilityZone` parameter if the `MultiAZ` parameter is set to `true` .", - "title": "MultiAZ", - "type": "boolean" + "Properties": { + "additionalProperties": false, + "properties": { + "InstanceId": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance.\n\n*Minimum* : `1`\n\n*Maximum* : `100`", + "title": "InstanceId", + "type": "string" + }, + "Origin": { + "markdownDescription": "Domain name to be added to the allow-list of the instance.\n\n*Maximum* : `267`", + "title": "Origin", + "type": "string" + } + }, + "required": [ + "InstanceId", + "Origin" + ], + "type": "object" }, - "PreferredMaintenanceWindow": { - "markdownDescription": "The weekly time range during which system maintenance can occur for the AWS DMS Serverless replication, in Universal Coordinated Time (UTC). The format is `ddd:hh24:mi-ddd:hh24:mi` .\n\nThe default is a 30-minute window selected at random from an 8-hour block of time per AWS Region . This maintenance occurs on a random day of the week. Valid values for days of the week include `Mon` , `Tue` , `Wed` , `Thu` , `Fri` , `Sat` , and `Sun` .\n\nConstraints include a minimum 30-minute window.", - "title": "PreferredMaintenanceWindow", + "Type": { + "enum": [ + "AWS::Connect::ApprovedOrigin" + ], "type": "string" }, - "ReplicationSubnetGroupId": { - "markdownDescription": "Specifies a subnet group identifier to associate with the AWS DMS Serverless replication.", - "title": "ReplicationSubnetGroupId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "VpcSecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the virtual private cloud (VPC) security group to use with the AWS DMS Serverless replication. The VPC security group must work with the VPC containing the replication.", - "title": "VpcSecurityGroupIds", - "type": "array" } }, "required": [ - "MaxCapacityUnits" + "Type", + "Properties" ], "type": "object" }, - "AWS::DMS::ReplicationInstance": { + "AWS::Connect::ContactFlow": { "additionalProperties": false, "properties": { "Condition": { @@ -58581,96 +64297,56 @@ "Properties": { "additionalProperties": false, "properties": { - "AllocatedStorage": { - "markdownDescription": "The amount of storage (in gigabytes) to be initially allocated for the replication instance.", - "title": "AllocatedStorage", - "type": "number" - }, - "AllowMajorVersionUpgrade": { - "markdownDescription": "Indicates that major version upgrades are allowed. Changing this parameter does not result in an outage, and the change is asynchronously applied as soon as possible.\n\nThis parameter must be set to `true` when specifying a value for the `EngineVersion` parameter that is a different major version than the replication instance's current version.", - "title": "AllowMajorVersionUpgrade", - "type": "boolean" - }, - "AutoMinorVersionUpgrade": { - "markdownDescription": "A value that indicates whether minor engine upgrades are applied automatically to the replication instance during the maintenance window. This parameter defaults to `true` .\n\nDefault: `true`", - "title": "AutoMinorVersionUpgrade", - "type": "boolean" - }, - "AvailabilityZone": { - "markdownDescription": "The Availability Zone that the replication instance will be created in.\n\nThe default value is a random, system-chosen Availability Zone in the endpoint's AWS Region , for example `us-east-1d` .", - "title": "AvailabilityZone", - "type": "string" - }, - "EngineVersion": { - "markdownDescription": "The engine version number of the replication instance.\n\nIf an engine version number is not specified when a replication instance is created, the default is the latest engine version available.", - "title": "EngineVersion", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "An AWS KMS key identifier that is used to encrypt the data on the replication instance.\n\nIf you don't specify a value for the `KmsKeyId` parameter, AWS DMS uses your default encryption key.\n\nAWS KMS creates the default encryption key for your AWS account . Your AWS account has a different default encryption key for each AWS Region .", - "title": "KmsKeyId", - "type": "string" - }, - "MultiAZ": { - "markdownDescription": "Specifies whether the replication instance is a Multi-AZ deployment. You can't set the `AvailabilityZone` parameter if the Multi-AZ parameter is set to `true` .", - "title": "MultiAZ", - "type": "boolean" - }, - "PreferredMaintenanceWindow": { - "markdownDescription": "The weekly time range during which system maintenance can occur, in UTC.\n\n*Format* : `ddd:hh24:mi-ddd:hh24:mi`\n\n*Default* : A 30-minute window selected at random from an 8-hour block of time per AWS Region , occurring on a random day of the week.\n\n*Valid days* ( `ddd` ): `Mon` | `Tue` | `Wed` | `Thu` | `Fri` | `Sat` | `Sun`\n\n*Constraints* : Minimum 30-minute window.", - "title": "PreferredMaintenanceWindow", + "Content": { + "markdownDescription": "The content of the flow.\n\nFor more information, see [Amazon Connect Flow language](https://docs.aws.amazon.com/connect/latest/adminguide/flow-language.html) in the *Amazon Connect Administrator Guide* .", + "title": "Content", "type": "string" }, - "PubliclyAccessible": { - "markdownDescription": "Specifies the accessibility options for the replication instance. A value of `true` represents an instance with a public IP address. A value of `false` represents an instance with a private IP address. The default value is `true` .", - "title": "PubliclyAccessible", - "type": "boolean" - }, - "ReplicationInstanceClass": { - "markdownDescription": "The compute and memory capacity of the replication instance as defined for the specified replication instance class. For example, to specify the instance class dms.c4.large, set this parameter to `\"dms.c4.large\"` . For more information on the settings and capacities for the available replication instance classes, see [Selecting the right AWS DMS replication instance for your migration](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_ReplicationInstance.html#CHAP_ReplicationInstance.InDepth) in the *AWS Database Migration Service User Guide* .", - "title": "ReplicationInstanceClass", + "Description": { + "markdownDescription": "The description of the flow.", + "title": "Description", "type": "string" }, - "ReplicationInstanceIdentifier": { - "markdownDescription": "The replication instance identifier. This parameter is stored as a lowercase string.\n\nConstraints:\n\n- Must contain 1-63 alphanumeric characters or hyphens.\n- First character must be a letter.\n- Can't end with a hyphen or contain two consecutive hyphens.\n\nExample: `myrepinstance`", - "title": "ReplicationInstanceIdentifier", + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Connect instance.", + "title": "InstanceArn", "type": "string" }, - "ReplicationSubnetGroupIdentifier": { - "markdownDescription": "A subnet group to associate with the replication instance.", - "title": "ReplicationSubnetGroupIdentifier", + "Name": { + "markdownDescription": "The name of the flow.", + "title": "Name", "type": "string" }, - "ResourceIdentifier": { - "markdownDescription": "A display name for the resource identifier at the end of the `EndpointArn` response parameter that is returned in the created `Endpoint` object. The value for this parameter can have up to 31 characters. It can contain only ASCII letters, digits, and hyphen ('-'). Also, it can't end with a hyphen or contain two consecutive hyphens, and can only begin with a letter, such as `Example-App-ARN1` . For example, this value might result in the `EndpointArn` value `arn:aws:dms:eu-west-1:012345678901:rep:Example-App-ARN1` . If you don't specify a `ResourceIdentifier` value, AWS DMS generates a default identifier value for the end of `EndpointArn` .", - "title": "ResourceIdentifier", + "State": { + "markdownDescription": "The state of the flow.", + "title": "State", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "One or more tags to be assigned to the replication instance.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" }, - "VpcSecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the virtual private cloud (VPC) security group to be used with the replication instance. The VPC security group must work with the VPC containing the replication instance.", - "title": "VpcSecurityGroupIds", - "type": "array" + "Type": { + "markdownDescription": "The type of the flow. For descriptions of the available types, see [Choose a flow type](https://docs.aws.amazon.com/connect/latest/adminguide/create-contact-flow.html#contact-flow-types) in the *Amazon Connect Administrator Guide* .", + "title": "Type", + "type": "string" } }, "required": [ - "ReplicationInstanceClass" + "Content", + "InstanceArn", + "Name", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::DMS::ReplicationInstance" + "AWS::Connect::ContactFlow" ], "type": "string" }, @@ -58689,7 +64365,7 @@ ], "type": "object" }, - "AWS::DMS::ReplicationSubnetGroup": { + "AWS::Connect::ContactFlowModule": { "additionalProperties": false, "properties": { "Condition": { @@ -58724,42 +64400,50 @@ "Properties": { "additionalProperties": false, "properties": { - "ReplicationSubnetGroupDescription": { - "markdownDescription": "The description for the subnet group.", - "title": "ReplicationSubnetGroupDescription", + "Content": { + "markdownDescription": "The content of the flow module.", + "title": "Content", "type": "string" }, - "ReplicationSubnetGroupIdentifier": { - "markdownDescription": "The identifier for the replication subnet group. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the identifier.", - "title": "ReplicationSubnetGroupIdentifier", + "Description": { + "markdownDescription": "The description of the flow module.", + "title": "Description", "type": "string" }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more subnet IDs to be assigned to the subnet group.", - "title": "SubnetIds", - "type": "array" + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Connect instance.", + "title": "InstanceArn", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the flow module.", + "title": "Name", + "type": "string" + }, + "State": { + "markdownDescription": "The state of the flow module.", + "title": "State", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "One or more tags to be assigned to the subnet group.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ - "ReplicationSubnetGroupDescription", - "SubnetIds" + "Content", + "InstanceArn", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::DMS::ReplicationSubnetGroup" + "AWS::Connect::ContactFlowModule" ], "type": "string" }, @@ -58778,7 +64462,7 @@ ], "type": "object" }, - "AWS::DMS::ReplicationTask": { + "AWS::Connect::ContactFlowVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -58813,87 +64497,116 @@ "Properties": { "additionalProperties": false, "properties": { - "CdcStartPosition": { - "markdownDescription": "Indicates when you want a change data capture (CDC) operation to start. Use either `CdcStartPosition` or `CdcStartTime` to specify when you want a CDC operation to start. Specifying both values results in an error.\n\nThe value can be in date, checkpoint, log sequence number (LSN), or system change number (SCN) format.\n\nHere is a date example: `--cdc-start-position \"2018-03-08T12:12:12\"`\n\nHere is a checkpoint example: `--cdc-start-position \"checkpoint:V1#27#mysql-bin-changelog.157832:1975:-1:2002:677883278264080:mysql-bin-changelog.157832:1876#0#0#*#0#93\"`\n\nHere is an LSN example: `--cdc-start-position \u201cmysql-bin-changelog.000024:373\u201d`\n\n> When you use this task setting with a source PostgreSQL database, a logical replication slot should already be created and associated with the source endpoint. You can verify this by setting the `slotName` extra connection attribute to the name of this logical replication slot. For more information, see [Extra Connection Attributes When Using PostgreSQL as a Source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.PostgreSQL.html#CHAP_Source.PostgreSQL.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", - "title": "CdcStartPosition", - "type": "string" - }, - "CdcStartTime": { - "markdownDescription": "Indicates the start time for a change data capture (CDC) operation.", - "title": "CdcStartTime", - "type": "number" - }, - "CdcStopPosition": { - "markdownDescription": "Indicates when you want a change data capture (CDC) operation to stop. The value can be either server time or commit time.\n\nHere is a server time example: `--cdc-stop-position \"server_time:2018-02-09T12:12:12\"`\n\nHere is a commit time example: `--cdc-stop-position \"commit_time: 2018-02-09T12:12:12\"`", - "title": "CdcStopPosition", - "type": "string" - }, - "MigrationType": { - "markdownDescription": "The migration type. Valid values: `full-load` | `cdc` | `full-load-and-cdc`", - "title": "MigrationType", + "ContactFlowId": { + "markdownDescription": "The identifier of the flow.", + "title": "ContactFlowId", "type": "string" }, - "ReplicationInstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of a replication instance.", - "title": "ReplicationInstanceArn", + "Description": { + "markdownDescription": "The description of the flow version.", + "title": "Description", "type": "string" - }, - "ReplicationTaskIdentifier": { - "markdownDescription": "An identifier for the replication task.\n\nConstraints:\n\n- Must contain 1-255 alphanumeric characters or hyphens.\n- First character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.", - "title": "ReplicationTaskIdentifier", + } + }, + "required": [ + "ContactFlowId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Connect::ContactFlowVersion" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Connect::EmailAddress": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, - "ReplicationTaskSettings": { - "markdownDescription": "Overall settings for the task, in JSON format. For more information, see [Specifying Task Settings for AWS Database Migration Service Tasks](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TaskSettings.html) in the *AWS Database Migration Service User Guide* .", - "title": "ReplicationTaskSettings", + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the email address.", + "title": "Description", "type": "string" }, - "ResourceIdentifier": { - "markdownDescription": "A display name for the resource identifier at the end of the `EndpointArn` response parameter that is returned in the created `Endpoint` object. The value for this parameter can have up to 31 characters. It can contain only ASCII letters, digits, and hyphen ('-'). Also, it can't end with a hyphen or contain two consecutive hyphens, and can only begin with a letter, such as `Example-App-ARN1` .\n\nFor example, this value might result in the `EndpointArn` value `arn:aws:dms:eu-west-1:012345678901:rep:Example-App-ARN1` . If you don't specify a `ResourceIdentifier` value, AWS DMS generates a default identifier value for the end of `EndpointArn` .", - "title": "ResourceIdentifier", + "DisplayName": { + "markdownDescription": "The display name of email address.", + "title": "DisplayName", "type": "string" }, - "SourceEndpointArn": { - "markdownDescription": "An Amazon Resource Name (ARN) that uniquely identifies the source endpoint.", - "title": "SourceEndpointArn", + "EmailAddress": { + "markdownDescription": "The email address, including the domain.", + "title": "EmailAddress", "type": "string" }, - "TableMappings": { - "markdownDescription": "The table mappings for the task, in JSON format. For more information, see [Using Table Mapping to Specify Task Settings](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TableMapping.html) in the *AWS Database Migration Service User Guide* .", - "title": "TableMappings", + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", + "title": "InstanceArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "One or more tags to be assigned to the replication task.", + "markdownDescription": "An array of key-value pairs to apply to this resource.", "title": "Tags", "type": "array" - }, - "TargetEndpointArn": { - "markdownDescription": "An Amazon Resource Name (ARN) that uniquely identifies the target endpoint.", - "title": "TargetEndpointArn", - "type": "string" - }, - "TaskData": { - "markdownDescription": "Supplemental information that the task requires to migrate the data for certain source and target endpoints. For more information, see [Specifying Supplemental Data for Task Settings](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.TaskData.html) in the *AWS Database Migration Service User Guide.*", - "title": "TaskData", - "type": "string" } }, "required": [ - "MigrationType", - "ReplicationInstanceArn", - "SourceEndpointArn", - "TableMappings", - "TargetEndpointArn" + "EmailAddress", + "InstanceArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::DMS::ReplicationTask" + "AWS::Connect::EmailAddress" ], "type": "string" }, @@ -58912,7 +64625,7 @@ ], "type": "object" }, - "AWS::DataBrew::Dataset": { + "AWS::Connect::EvaluationForm": { "additionalProperties": false, "properties": { "Condition": { @@ -58947,49 +64660,64 @@ "Properties": { "additionalProperties": false, "properties": { - "Format": { - "markdownDescription": "The file format of a dataset that is created from an Amazon S3 file or folder.", - "title": "Format", + "AutoEvaluationConfiguration": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.AutoEvaluationConfiguration", + "markdownDescription": "", + "title": "AutoEvaluationConfiguration" + }, + "Description": { + "markdownDescription": "The description of the evaluation form.\n\n*Length Constraints* : Minimum length of 0. Maximum length of 1024.", + "title": "Description", "type": "string" }, - "FormatOptions": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.FormatOptions", - "markdownDescription": "A set of options that define how DataBrew interprets the data in the dataset.", - "title": "FormatOptions" + "InstanceArn": { + "markdownDescription": "The identifier of the Amazon Connect instance.", + "title": "InstanceArn", + "type": "string" }, - "Input": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.Input", - "markdownDescription": "Information on how DataBrew can find the dataset, in either the AWS Glue Data Catalog or Amazon S3 .", - "title": "Input" + "Items": { + "items": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormBaseItem" + }, + "markdownDescription": "Items that are part of the evaluation form. The total number of sections and questions must not exceed 100 each. Questions must be contained in a section.\n\n*Minimum size* : 1\n\n*Maximum size* : 100", + "title": "Items", + "type": "array" }, - "Name": { - "markdownDescription": "The unique name of the dataset.", - "title": "Name", - "type": "string" + "ScoringStrategy": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.ScoringStrategy", + "markdownDescription": "A scoring strategy of the evaluation form.", + "title": "ScoringStrategy" }, - "PathOptions": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.PathOptions", - "markdownDescription": "A set of options that defines how DataBrew interprets an Amazon S3 path of the dataset.", - "title": "PathOptions" + "Status": { + "markdownDescription": "The status of the evaluation form.\n\n*Allowed values* : `DRAFT` | `ACTIVE`", + "title": "Status", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata tags that have been applied to the dataset.", + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" + }, + "Title": { + "markdownDescription": "A title of the evaluation form.", + "title": "Title", + "type": "string" } }, "required": [ - "Input", - "Name" + "InstanceArn", + "Items", + "Status", + "Title" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataBrew::Dataset" + "AWS::Connect::EvaluationForm" ], "type": "string" }, @@ -59008,363 +64736,380 @@ ], "type": "object" }, - "AWS::DataBrew::Dataset.CsvOptions": { + "AWS::Connect::EvaluationForm.AutoEvaluationConfiguration": { "additionalProperties": false, "properties": { - "Delimiter": { - "markdownDescription": "A single character that specifies the delimiter being used in the CSV file.", - "title": "Delimiter", - "type": "string" - }, - "HeaderRow": { - "markdownDescription": "A variable that specifies whether the first row in the file is parsed as the header. If this value is false, column names are auto-generated.", - "title": "HeaderRow", + "Enabled": { + "markdownDescription": "", + "title": "Enabled", "type": "boolean" } }, "type": "object" }, - "AWS::DataBrew::Dataset.DataCatalogInputDefinition": { + "AWS::Connect::EvaluationForm.EvaluationFormBaseItem": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The unique identifier of the AWS account that holds the Data Catalog that stores the data.", - "title": "CatalogId", - "type": "string" - }, - "DatabaseName": { - "markdownDescription": "The name of a database in the Data Catalog.", - "title": "DatabaseName", - "type": "string" + "Section": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormSection", + "markdownDescription": "A subsection or inner section of an item.", + "title": "Section" + } + }, + "required": [ + "Section" + ], + "type": "object" + }, + "AWS::Connect::EvaluationForm.EvaluationFormItem": { + "additionalProperties": false, + "properties": { + "Question": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormQuestion", + "markdownDescription": "The information of the question.", + "title": "Question" }, - "TableName": { - "markdownDescription": "The name of a database table in the Data Catalog. This table corresponds to a DataBrew dataset.", - "title": "TableName", - "type": "string" + "Section": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormSection", + "markdownDescription": "The information of the section.", + "title": "Section" + } + }, + "type": "object" + }, + "AWS::Connect::EvaluationForm.EvaluationFormNumericQuestionAutomation": { + "additionalProperties": false, + "properties": { + "AnswerSource": { + "markdownDescription": "", + "title": "AnswerSource", + "type": "object" }, - "TempDirectory": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.S3Location", - "markdownDescription": "An Amazon location that AWS Glue Data Catalog can use as a temporary directory.", - "title": "TempDirectory" + "PropertyValue": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.NumericQuestionPropertyValueAutomation", + "markdownDescription": "The property value of the automation.", + "title": "PropertyValue" } }, "type": "object" }, - "AWS::DataBrew::Dataset.DatabaseInputDefinition": { + "AWS::Connect::EvaluationForm.EvaluationFormNumericQuestionOption": { "additionalProperties": false, "properties": { - "DatabaseTableName": { - "markdownDescription": "The table within the target database.", - "title": "DatabaseTableName", - "type": "string" + "AutomaticFail": { + "markdownDescription": "The flag to mark the option as automatic fail. If an automatic fail answer is provided, the overall evaluation gets a score of 0.", + "title": "AutomaticFail", + "type": "boolean" }, - "GlueConnectionName": { - "markdownDescription": "The AWS Glue Connection that stores the connection information for the target database.", - "title": "GlueConnectionName", - "type": "string" + "MaxValue": { + "markdownDescription": "The maximum answer value of the range option.", + "title": "MaxValue", + "type": "number" }, - "QueryString": { - "markdownDescription": "Custom SQL to run against the provided AWS Glue connection. This SQL will be used as the input for DataBrew projects and jobs.", - "title": "QueryString", - "type": "string" + "MinValue": { + "markdownDescription": "The minimum answer value of the range option.", + "title": "MinValue", + "type": "number" }, - "TempDirectory": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.S3Location", - "markdownDescription": "An Amazon location that AWS Glue Data Catalog can use as a temporary directory.", - "title": "TempDirectory" + "Score": { + "markdownDescription": "The score assigned to answer values within the range option.\n\n*Minimum* : 0\n\n*Maximum* : 10", + "title": "Score", + "type": "number" } }, "required": [ - "GlueConnectionName" + "MaxValue", + "MinValue" ], "type": "object" }, - "AWS::DataBrew::Dataset.DatasetParameter": { + "AWS::Connect::EvaluationForm.EvaluationFormNumericQuestionProperties": { "additionalProperties": false, "properties": { - "CreateColumn": { - "markdownDescription": "Optional boolean value that defines whether the captured value of this parameter should be loaded as an additional column in the dataset.", - "title": "CreateColumn", - "type": "boolean" - }, - "DatetimeOptions": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.DatetimeOptions", - "markdownDescription": "Additional parameter options such as a format and a timezone. Required for datetime parameters.", - "title": "DatetimeOptions" + "Automation": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormNumericQuestionAutomation", + "markdownDescription": "The automation properties of the numeric question.", + "title": "Automation" }, - "Filter": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.FilterExpression", - "markdownDescription": "The optional filter expression structure to apply additional matching criteria to the parameter.", - "title": "Filter" + "MaxValue": { + "markdownDescription": "The maximum answer value.", + "title": "MaxValue", + "type": "number" }, - "Name": { - "markdownDescription": "The name of the parameter that is used in the dataset's Amazon S3 path.", - "title": "Name", - "type": "string" + "MinValue": { + "markdownDescription": "The minimum answer value.", + "title": "MinValue", + "type": "number" }, - "Type": { - "markdownDescription": "The type of the dataset parameter, can be one of a 'String', 'Number' or 'Datetime'.", - "title": "Type", - "type": "string" + "Options": { + "items": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormNumericQuestionOption" + }, + "markdownDescription": "The scoring options of the numeric question.", + "title": "Options", + "type": "array" } }, "required": [ - "Name", - "Type" + "MaxValue", + "MinValue" ], "type": "object" }, - "AWS::DataBrew::Dataset.DatetimeOptions": { + "AWS::Connect::EvaluationForm.EvaluationFormQuestion": { "additionalProperties": false, "properties": { - "Format": { - "markdownDescription": "Required option, that defines the datetime format used for a date parameter in the Amazon S3 path. Should use only supported datetime specifiers and separation characters, all litera a-z or A-Z character should be escaped with single quotes. E.g. \"MM.dd.yyyy-'at'-HH:mm\".", - "title": "Format", + "Instructions": { + "markdownDescription": "The instructions of the section.\n\n*Length Constraints* : Minimum length of 0. Maximum length of 1024.", + "title": "Instructions", "type": "string" }, - "LocaleCode": { - "markdownDescription": "Optional value for a non-US locale code, needed for correct interpretation of some date formats.", - "title": "LocaleCode", + "NotApplicableEnabled": { + "markdownDescription": "The flag to enable not applicable answers to the question.", + "title": "NotApplicableEnabled", + "type": "boolean" + }, + "QuestionType": { + "markdownDescription": "The type of the question.\n\n*Allowed values* : `NUMERIC` | `SINGLESELECT` | `TEXT`", + "title": "QuestionType", "type": "string" }, - "TimezoneOffset": { - "markdownDescription": "Optional value for a timezone offset of the datetime parameter value in the Amazon S3 path. Shouldn't be used if Format for this parameter includes timezone fields. If no offset specified, UTC is assumed.", - "title": "TimezoneOffset", + "QuestionTypeProperties": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormQuestionTypeProperties", + "markdownDescription": "The properties of the type of question. Text questions do not have to define question type properties.", + "title": "QuestionTypeProperties" + }, + "RefId": { + "markdownDescription": "The identifier of the question. An identifier must be unique within the evaluation form.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 40.", + "title": "RefId", "type": "string" + }, + "Title": { + "markdownDescription": "The title of the question.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 350.", + "title": "Title", + "type": "string" + }, + "Weight": { + "markdownDescription": "The scoring weight of the section.\n\n*Minimum* : 0\n\n*Maximum* : 100", + "title": "Weight", + "type": "number" } }, "required": [ - "Format" + "QuestionType", + "RefId", + "Title" ], "type": "object" }, - "AWS::DataBrew::Dataset.ExcelOptions": { + "AWS::Connect::EvaluationForm.EvaluationFormQuestionTypeProperties": { "additionalProperties": false, "properties": { - "HeaderRow": { - "markdownDescription": "A variable that specifies whether the first row in the file is parsed as the header. If this value is false, column names are auto-generated.", - "title": "HeaderRow", - "type": "boolean" - }, - "SheetIndexes": { - "items": { - "type": "number" - }, - "markdownDescription": "One or more sheet numbers in the Excel file that will be included in the dataset.", - "title": "SheetIndexes", - "type": "array" + "Numeric": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormNumericQuestionProperties", + "markdownDescription": "The properties of the numeric question.", + "title": "Numeric" }, - "SheetNames": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more named sheets in the Excel file that will be included in the dataset.", - "title": "SheetNames", - "type": "array" + "SingleSelect": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionProperties", + "markdownDescription": "The properties of the numeric question.", + "title": "SingleSelect" } }, "type": "object" }, - "AWS::DataBrew::Dataset.FilesLimit": { + "AWS::Connect::EvaluationForm.EvaluationFormSection": { "additionalProperties": false, "properties": { - "MaxFiles": { - "markdownDescription": "The number of Amazon S3 files to select.", - "title": "MaxFiles", - "type": "number" + "Instructions": { + "markdownDescription": "The instructions of the section.", + "title": "Instructions", + "type": "string" }, - "Order": { - "markdownDescription": "A criteria to use for Amazon S3 files sorting before their selection. By default uses DESCENDING order, i.e. most recent files are selected first. Anotherpossible value is ASCENDING.", - "title": "Order", + "Items": { + "items": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormItem" + }, + "markdownDescription": "The items of the section.\n\n*Minimum* : 1", + "title": "Items", + "type": "array" + }, + "RefId": { + "markdownDescription": "The identifier of the section. An identifier must be unique within the evaluation form.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 40.", + "title": "RefId", "type": "string" }, - "OrderedBy": { - "markdownDescription": "A criteria to use for Amazon S3 files sorting before their selection. By default uses LAST_MODIFIED_DATE as a sorting criteria. Currently it's the only allowed value.", - "title": "OrderedBy", + "Title": { + "markdownDescription": "The title of the section.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 128.", + "title": "Title", "type": "string" + }, + "Weight": { + "markdownDescription": "The scoring weight of the section.\n\n*Minimum* : 0\n\n*Maximum* : 100", + "title": "Weight", + "type": "number" } }, "required": [ - "MaxFiles" + "RefId", + "Title" ], "type": "object" }, - "AWS::DataBrew::Dataset.FilterExpression": { + "AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionAutomation": { "additionalProperties": false, "properties": { - "Expression": { - "markdownDescription": "The expression which includes condition names followed by substitution variables, possibly grouped and combined with other conditions. For example, \"(starts_with :prefix1 or starts_with :prefix2) and (ends_with :suffix1 or ends_with :suffix2)\". Substitution variables should start with ':' symbol.", - "title": "Expression", + "DefaultOptionRefId": { + "markdownDescription": "The identifier of the default answer option, when none of the automation options match the criteria.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 40.", + "title": "DefaultOptionRefId", "type": "string" }, - "ValuesMap": { + "Options": { "items": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.FilterValue" + "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionAutomationOption" }, - "markdownDescription": "The map of substitution variable names to their values used in this filter expression.", - "title": "ValuesMap", + "markdownDescription": "The automation options of the single select question.\n\n*Minimum* : 1\n\n*Maximum* : 20", + "title": "Options", "type": "array" } }, "required": [ - "Expression", - "ValuesMap" + "Options" ], "type": "object" }, - "AWS::DataBrew::Dataset.FilterValue": { + "AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionAutomationOption": { "additionalProperties": false, "properties": { - "Value": { - "markdownDescription": "The value to be associated with the substitution variable.", - "title": "Value", - "type": "string" - }, - "ValueReference": { - "markdownDescription": "The substitution variable reference.", - "title": "ValueReference", - "type": "string" + "RuleCategory": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.SingleSelectQuestionRuleCategoryAutomation", + "markdownDescription": "The automation option based on a rule category for the single select question.", + "title": "RuleCategory" } }, "required": [ - "Value", - "ValueReference" + "RuleCategory" ], "type": "object" }, - "AWS::DataBrew::Dataset.FormatOptions": { + "AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionOption": { "additionalProperties": false, "properties": { - "Csv": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.CsvOptions", - "markdownDescription": "Options that define how CSV input is to be interpreted by DataBrew.", - "title": "Csv" + "AutomaticFail": { + "markdownDescription": "The flag to mark the option as automatic fail. If an automatic fail answer is provided, the overall evaluation gets a score of 0.", + "title": "AutomaticFail", + "type": "boolean" }, - "Excel": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.ExcelOptions", - "markdownDescription": "Options that define how Excel input is to be interpreted by DataBrew.", - "title": "Excel" + "RefId": { + "markdownDescription": "The identifier of the answer option. An identifier must be unique within the question.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 40.", + "title": "RefId", + "type": "string" }, - "Json": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.JsonOptions", - "markdownDescription": "Options that define how JSON input is to be interpreted by DataBrew.", - "title": "Json" + "Score": { + "markdownDescription": "The score assigned to the answer option.\n\n*Minimum* : 0\n\n*Maximum* : 10", + "title": "Score", + "type": "number" + }, + "Text": { + "markdownDescription": "The title of the answer option.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 128.", + "title": "Text", + "type": "string" } }, + "required": [ + "RefId", + "Text" + ], "type": "object" }, - "AWS::DataBrew::Dataset.Input": { + "AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionProperties": { "additionalProperties": false, "properties": { - "DataCatalogInputDefinition": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.DataCatalogInputDefinition", - "markdownDescription": "The AWS Glue Data Catalog parameters for the data.", - "title": "DataCatalogInputDefinition" - }, - "DatabaseInputDefinition": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.DatabaseInputDefinition", - "markdownDescription": "Connection information for dataset input files stored in a database.", - "title": "DatabaseInputDefinition" + "Automation": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionAutomation", + "markdownDescription": "The display mode of the single select question.", + "title": "Automation" }, - "Metadata": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.Metadata", - "markdownDescription": "Contains additional resource information needed for specific datasets.", - "title": "Metadata" + "DisplayAs": { + "markdownDescription": "The display mode of the single select question.\n\n*Allowed values* : `DROPDOWN` | `RADIO`", + "title": "DisplayAs", + "type": "string" }, - "S3InputDefinition": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.S3Location", - "markdownDescription": "The Amazon S3 location where the data is stored.", - "title": "S3InputDefinition" - } - }, - "type": "object" - }, - "AWS::DataBrew::Dataset.JsonOptions": { - "additionalProperties": false, - "properties": { - "MultiLine": { - "markdownDescription": "A value that specifies whether JSON input contains embedded new line characters.", - "title": "MultiLine", - "type": "boolean" + "Options": { + "items": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionOption" + }, + "markdownDescription": "The answer options of the single select question.\n\n*Minimum* : 2\n\n*Maximum* : 256", + "title": "Options", + "type": "array" } }, + "required": [ + "Options" + ], "type": "object" }, - "AWS::DataBrew::Dataset.Metadata": { + "AWS::Connect::EvaluationForm.NumericQuestionPropertyValueAutomation": { "additionalProperties": false, "properties": { - "SourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) associated with the dataset. Currently, DataBrew only supports ARNs from Amazon AppFlow.", - "title": "SourceArn", + "Label": { + "markdownDescription": "The property label of the automation.", + "title": "Label", "type": "string" } }, + "required": [ + "Label" + ], "type": "object" }, - "AWS::DataBrew::Dataset.PathOptions": { - "additionalProperties": false, - "properties": { - "FilesLimit": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.FilesLimit", - "markdownDescription": "If provided, this structure imposes a limit on a number of files that should be selected.", - "title": "FilesLimit" - }, - "LastModifiedDateCondition": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.FilterExpression", - "markdownDescription": "If provided, this structure defines a date range for matching Amazon S3 objects based on their LastModifiedDate attribute in Amazon S3 .", - "title": "LastModifiedDateCondition" - }, - "Parameters": { - "items": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.PathParameter" - }, - "markdownDescription": "A structure that maps names of parameters used in the Amazon S3 path of a dataset to their definitions.", - "title": "Parameters", - "type": "array" - } - }, - "type": "object" - }, - "AWS::DataBrew::Dataset.PathParameter": { + "AWS::Connect::EvaluationForm.ScoringStrategy": { "additionalProperties": false, "properties": { - "DatasetParameter": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.DatasetParameter", - "markdownDescription": "The path parameter definition.", - "title": "DatasetParameter" + "Mode": { + "markdownDescription": "The scoring mode of the evaluation form.\n\n*Allowed values* : `QUESTION_ONLY` | `SECTION_ONLY`", + "title": "Mode", + "type": "string" }, - "PathParameterName": { - "markdownDescription": "The name of the path parameter.", - "title": "PathParameterName", + "Status": { + "markdownDescription": "The scoring status of the evaluation form.\n\n*Allowed values* : `ENABLED` | `DISABLED`", + "title": "Status", "type": "string" } }, "required": [ - "DatasetParameter", - "PathParameterName" + "Mode", + "Status" ], "type": "object" }, - "AWS::DataBrew::Dataset.S3Location": { + "AWS::Connect::EvaluationForm.SingleSelectQuestionRuleCategoryAutomation": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The Amazon S3 bucket name.", - "title": "Bucket", + "Category": { + "markdownDescription": "The category name, as defined in Rules.\n\n*Minimum* : 1\n\n*Maximum* : 50", + "title": "Category", "type": "string" }, - "Key": { - "markdownDescription": "The unique name of the object in the bucket.", - "title": "Key", + "Condition": { + "markdownDescription": "The condition to apply for the automation option. If the condition is PRESENT, then the option is applied when the contact data includes the category. Similarly, if the condition is NOT_PRESENT, then the option is applied when the contact data does not include the category.\n\n*Allowed values* : `PRESENT` | `NOT_PRESENT`\n\n*Maximum* : 50", + "title": "Condition", + "type": "string" + }, + "OptionRefId": { + "markdownDescription": "The identifier of the answer option. An identifier must be unique within the question.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 40.", + "title": "OptionRefId", "type": "string" } }, "required": [ - "Bucket" + "Category", + "Condition", + "OptionRefId" ], "type": "object" }, - "AWS::DataBrew::Job": { + "AWS::Connect::HoursOfOperation": { "additionalProperties": false, "properties": { "Condition": { @@ -59399,132 +65144,62 @@ "Properties": { "additionalProperties": false, "properties": { - "DataCatalogOutputs": { - "items": { - "$ref": "#/definitions/AWS::DataBrew::Job.DataCatalogOutput" - }, - "markdownDescription": "One or more artifacts that represent the AWS Glue Data Catalog output from running the job.", - "title": "DataCatalogOutputs", - "type": "array" - }, - "DatabaseOutputs": { + "Config": { "items": { - "$ref": "#/definitions/AWS::DataBrew::Job.DatabaseOutput" + "$ref": "#/definitions/AWS::Connect::HoursOfOperation.HoursOfOperationConfig" }, - "markdownDescription": "Represents a list of JDBC database output objects which defines the output destination for a DataBrew recipe job to write into.", - "title": "DatabaseOutputs", + "markdownDescription": "Configuration information for the hours of operation.", + "title": "Config", "type": "array" }, - "DatasetName": { - "markdownDescription": "A dataset that the job is to process.", - "title": "DatasetName", - "type": "string" - }, - "EncryptionKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an encryption key that is used to protect the job output. For more information, see [Encrypting data written by DataBrew jobs](https://docs.aws.amazon.com/databrew/latest/dg/encryption-security-configuration.html)", - "title": "EncryptionKeyArn", - "type": "string" - }, - "EncryptionMode": { - "markdownDescription": "The encryption mode for the job, which can be one of the following:\n\n- `SSE-KMS` - Server-side encryption with keys managed by AWS KMS .\n- `SSE-S3` - Server-side encryption with keys managed by Amazon S3.", - "title": "EncryptionMode", - "type": "string" - }, - "JobSample": { - "$ref": "#/definitions/AWS::DataBrew::Job.JobSample", - "markdownDescription": "A sample configuration for profile jobs only, which determines the number of rows on which the profile job is run. If a `JobSample` value isn't provided, the default value is used. The default value is CUSTOM_ROWS for the mode parameter and 20,000 for the size parameter.", - "title": "JobSample" - }, - "LogSubscription": { - "markdownDescription": "The current status of Amazon CloudWatch logging for the job.", - "title": "LogSubscription", - "type": "string" - }, - "MaxCapacity": { - "markdownDescription": "The maximum number of nodes that can be consumed when the job processes data.", - "title": "MaxCapacity", - "type": "number" - }, - "MaxRetries": { - "markdownDescription": "The maximum number of times to retry the job after a job run fails.", - "title": "MaxRetries", - "type": "number" - }, - "Name": { - "markdownDescription": "The unique name of the job.", - "title": "Name", + "Description": { + "markdownDescription": "The description for the hours of operation.", + "title": "Description", "type": "string" }, - "OutputLocation": { - "$ref": "#/definitions/AWS::DataBrew::Job.OutputLocation", - "markdownDescription": "The location in Amazon S3 where the job writes its output.", - "title": "OutputLocation" - }, - "Outputs": { + "HoursOfOperationOverrides": { "items": { - "$ref": "#/definitions/AWS::DataBrew::Job.Output" + "$ref": "#/definitions/AWS::Connect::HoursOfOperation.HoursOfOperationOverride" }, - "markdownDescription": "One or more artifacts that represent output from running the job.", - "title": "Outputs", + "markdownDescription": "", + "title": "HoursOfOperationOverrides", "type": "array" }, - "ProfileConfiguration": { - "$ref": "#/definitions/AWS::DataBrew::Job.ProfileConfiguration", - "markdownDescription": "Configuration for profile jobs. Configuration can be used to select columns, do evaluations, and override default parameters of evaluations. When configuration is undefined, the profile job will apply default settings to all supported columns.", - "title": "ProfileConfiguration" - }, - "ProjectName": { - "markdownDescription": "The name of the project that the job is associated with.", - "title": "ProjectName", + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", + "title": "InstanceArn", "type": "string" }, - "Recipe": { - "$ref": "#/definitions/AWS::DataBrew::Job.Recipe", - "markdownDescription": "A series of data transformation steps that the job runs.", - "title": "Recipe" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role to be assumed for this job.", - "title": "RoleArn", + "Name": { + "markdownDescription": "The name for the hours of operation.", + "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata tags that have been applied to the job.", + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"Tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" }, - "Timeout": { - "markdownDescription": "The job's timeout in minutes. A job that attempts to run longer than this timeout period ends with a status of `TIMEOUT` .", - "title": "Timeout", - "type": "number" - }, - "Type": { - "markdownDescription": "The job type of the job, which must be one of the following:\n\n- `PROFILE` - A job to analyze a dataset, to determine its size, data types, data distribution, and more.\n- `RECIPE` - A job to apply one or more transformations to a dataset.", - "title": "Type", + "TimeZone": { + "markdownDescription": "The time zone for the hours of operation.", + "title": "TimeZone", "type": "string" - }, - "ValidationConfigurations": { - "items": { - "$ref": "#/definitions/AWS::DataBrew::Job.ValidationConfiguration" - }, - "markdownDescription": "List of validation configurations that are applied to the profile job.", - "title": "ValidationConfigurations", - "type": "array" } }, "required": [ + "Config", + "InstanceArn", "Name", - "RoleArn", - "Type" + "TimeZone" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataBrew::Job" + "AWS::Connect::HoursOfOperation" ], "type": "string" }, @@ -59543,433 +65218,582 @@ ], "type": "object" }, - "AWS::DataBrew::Job.AllowedStatistics": { - "additionalProperties": false, - "properties": { - "Statistics": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more column statistics to allow for columns that contain detected entities.", - "title": "Statistics", - "type": "array" - } - }, - "required": [ - "Statistics" - ], - "type": "object" - }, - "AWS::DataBrew::Job.ColumnSelector": { + "AWS::Connect::HoursOfOperation.HoursOfOperationConfig": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of a column from a dataset.", - "title": "Name", + "Day": { + "markdownDescription": "The day that the hours of operation applies to.", + "title": "Day", "type": "string" }, - "Regex": { - "markdownDescription": "A regular expression for selecting a column from a dataset.", - "title": "Regex", - "type": "string" - } - }, - "type": "object" - }, - "AWS::DataBrew::Job.ColumnStatisticsConfiguration": { - "additionalProperties": false, - "properties": { - "Selectors": { - "items": { - "$ref": "#/definitions/AWS::DataBrew::Job.ColumnSelector" - }, - "markdownDescription": "List of column selectors. Selectors can be used to select columns from the dataset. When selectors are undefined, configuration will be applied to all supported columns.", - "title": "Selectors", - "type": "array" + "EndTime": { + "$ref": "#/definitions/AWS::Connect::HoursOfOperation.HoursOfOperationTimeSlice", + "markdownDescription": "The end time that your contact center closes.", + "title": "EndTime" }, - "Statistics": { - "$ref": "#/definitions/AWS::DataBrew::Job.StatisticsConfiguration", - "markdownDescription": "Configuration for evaluations. Statistics can be used to select evaluations and override parameters of evaluations.", - "title": "Statistics" + "StartTime": { + "$ref": "#/definitions/AWS::Connect::HoursOfOperation.HoursOfOperationTimeSlice", + "markdownDescription": "The start time that your contact center opens.", + "title": "StartTime" } }, "required": [ - "Statistics" + "Day", + "EndTime", + "StartTime" ], "type": "object" }, - "AWS::DataBrew::Job.CsvOutputOptions": { - "additionalProperties": false, - "properties": { - "Delimiter": { - "markdownDescription": "A single character that specifies the delimiter used to create CSV job output.", - "title": "Delimiter", - "type": "string" - } - }, - "type": "object" - }, - "AWS::DataBrew::Job.DataCatalogOutput": { + "AWS::Connect::HoursOfOperation.HoursOfOperationOverride": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The unique identifier of the AWS account that holds the Data Catalog that stores the data.", - "title": "CatalogId", + "EffectiveFrom": { + "markdownDescription": "The date from which the hours of operation override would be effective.", + "title": "EffectiveFrom", "type": "string" }, - "DatabaseName": { - "markdownDescription": "The name of a database in the Data Catalog.", - "title": "DatabaseName", + "EffectiveTill": { + "markdownDescription": "The date till which the hours of operation override would be effective.", + "title": "EffectiveTill", "type": "string" }, - "DatabaseOptions": { - "$ref": "#/definitions/AWS::DataBrew::Job.DatabaseTableOutputOptions", - "markdownDescription": "Represents options that specify how and where DataBrew writes the database output generated by recipe jobs.", - "title": "DatabaseOptions" - }, - "Overwrite": { - "markdownDescription": "A value that, if true, means that any data in the location specified for output is overwritten with new output. Not supported with DatabaseOptions.", - "title": "Overwrite", - "type": "boolean" - }, - "S3Options": { - "$ref": "#/definitions/AWS::DataBrew::Job.S3TableOutputOptions", - "markdownDescription": "Represents options that specify how and where DataBrew writes the Amazon S3 output generated by recipe jobs.", - "title": "S3Options" - }, - "TableName": { - "markdownDescription": "The name of a table in the Data Catalog.", - "title": "TableName", + "HoursOfOperationOverrideId": { + "markdownDescription": "The identifier for the hours of operation override.", + "title": "HoursOfOperationOverrideId", "type": "string" - } - }, - "required": [ - "DatabaseName", - "TableName" - ], - "type": "object" - }, - "AWS::DataBrew::Job.DatabaseOutput": { - "additionalProperties": false, - "properties": { - "DatabaseOptions": { - "$ref": "#/definitions/AWS::DataBrew::Job.DatabaseTableOutputOptions", - "markdownDescription": "Represents options that specify how and where DataBrew writes the database output generated by recipe jobs.", - "title": "DatabaseOptions" }, - "DatabaseOutputMode": { - "markdownDescription": "The output mode to write into the database. Currently supported option: NEW_TABLE.", - "title": "DatabaseOutputMode", + "OverrideConfig": { + "items": { + "$ref": "#/definitions/AWS::Connect::HoursOfOperation.HoursOfOperationOverrideConfig" + }, + "markdownDescription": "", + "title": "OverrideConfig", + "type": "array" + }, + "OverrideDescription": { + "markdownDescription": "", + "title": "OverrideDescription", "type": "string" }, - "GlueConnectionName": { - "markdownDescription": "The AWS Glue connection that stores the connection information for the target database.", - "title": "GlueConnectionName", + "OverrideName": { + "markdownDescription": "", + "title": "OverrideName", "type": "string" } }, "required": [ - "DatabaseOptions", - "GlueConnectionName" + "EffectiveFrom", + "EffectiveTill", + "OverrideConfig", + "OverrideName" ], "type": "object" }, - "AWS::DataBrew::Job.DatabaseTableOutputOptions": { + "AWS::Connect::HoursOfOperation.HoursOfOperationOverrideConfig": { "additionalProperties": false, "properties": { - "TableName": { - "markdownDescription": "A prefix for the name of a table DataBrew will create in the database.", - "title": "TableName", + "Day": { + "markdownDescription": "The day that the hours of operation override applies to.", + "title": "Day", "type": "string" }, - "TempDirectory": { - "$ref": "#/definitions/AWS::DataBrew::Job.S3Location", - "markdownDescription": "Represents an Amazon S3 location (bucket name and object key) where DataBrew can store intermediate results.", - "title": "TempDirectory" + "EndTime": { + "$ref": "#/definitions/AWS::Connect::HoursOfOperation.OverrideTimeSlice", + "markdownDescription": "The end time that your contact center closes if overrides are applied.", + "title": "EndTime" + }, + "StartTime": { + "$ref": "#/definitions/AWS::Connect::HoursOfOperation.OverrideTimeSlice", + "markdownDescription": "The start time when your contact center opens if overrides are applied.", + "title": "StartTime" } }, "required": [ - "TableName" + "Day", + "EndTime", + "StartTime" ], "type": "object" }, - "AWS::DataBrew::Job.EntityDetectorConfiguration": { + "AWS::Connect::HoursOfOperation.HoursOfOperationTimeSlice": { "additionalProperties": false, "properties": { - "AllowedStatistics": { - "$ref": "#/definitions/AWS::DataBrew::Job.AllowedStatistics", - "markdownDescription": "Configuration of statistics that are allowed to be run on columns that contain detected entities. When undefined, no statistics will be computed on columns that contain detected entities.", - "title": "AllowedStatistics" + "Hours": { + "markdownDescription": "The hours.", + "title": "Hours", + "type": "number" }, - "EntityTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "Entity types to detect. Can be any of the following:\n\n- USA_SSN\n- EMAIL\n- USA_ITIN\n- USA_PASSPORT_NUMBER\n- PHONE_NUMBER\n- USA_DRIVING_LICENSE\n- BANK_ACCOUNT\n- CREDIT_CARD\n- IP_ADDRESS\n- MAC_ADDRESS\n- USA_DEA_NUMBER\n- USA_HCPCS_CODE\n- USA_NATIONAL_PROVIDER_IDENTIFIER\n- USA_NATIONAL_DRUG_CODE\n- USA_HEALTH_INSURANCE_CLAIM_NUMBER\n- USA_MEDICARE_BENEFICIARY_IDENTIFIER\n- USA_CPT_CODE\n- PERSON_NAME\n- DATE\n\nThe Entity type group USA_ALL is also supported, and includes all of the above entity types except PERSON_NAME and DATE.", - "title": "EntityTypes", - "type": "array" + "Minutes": { + "markdownDescription": "The minutes.", + "title": "Minutes", + "type": "number" } }, "required": [ - "EntityTypes" + "Hours", + "Minutes" ], "type": "object" }, - "AWS::DataBrew::Job.JobSample": { + "AWS::Connect::HoursOfOperation.OverrideTimeSlice": { "additionalProperties": false, "properties": { - "Mode": { - "markdownDescription": "A value that determines whether the profile job is run on the entire dataset or a specified number of rows. This value must be one of the following:\n\n- FULL_DATASET - The profile job is run on the entire dataset.\n- CUSTOM_ROWS - The profile job is run on the number of rows specified in the `Size` parameter.", - "title": "Mode", - "type": "string" + "Hours": { + "markdownDescription": "The hours.", + "title": "Hours", + "type": "number" }, - "Size": { - "markdownDescription": "The `Size` parameter is only required when the mode is CUSTOM_ROWS. The profile job is run on the specified number of rows. The maximum value for size is Long.MAX_VALUE.\n\nLong.MAX_VALUE = 9223372036854775807", - "title": "Size", + "Minutes": { + "markdownDescription": "The minutes.", + "title": "Minutes", "type": "number" } }, + "required": [ + "Hours", + "Minutes" + ], "type": "object" }, - "AWS::DataBrew::Job.Output": { + "AWS::Connect::Instance": { "additionalProperties": false, "properties": { - "CompressionFormat": { - "markdownDescription": "The compression algorithm used to compress the output text of the job.", - "title": "CompressionFormat", + "Condition": { "type": "string" }, - "Format": { - "markdownDescription": "The data format of the output of the job.", - "title": "Format", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "FormatOptions": { - "$ref": "#/definitions/AWS::DataBrew::Job.OutputFormatOptions", - "markdownDescription": "Represents options that define how DataBrew formats job output files.", - "title": "FormatOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Location": { - "$ref": "#/definitions/AWS::DataBrew::Job.S3Location", - "markdownDescription": "The location in Amazon S3 where the job writes its output.", - "title": "Location" + "Metadata": { + "type": "object" }, - "MaxOutputFiles": { - "markdownDescription": "The maximum number of files to be generated by the job and written to the output folder.", - "title": "MaxOutputFiles", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "Attributes": { + "$ref": "#/definitions/AWS::Connect::Instance.Attributes", + "markdownDescription": "A toggle for an individual feature at the instance level.", + "title": "Attributes" + }, + "DirectoryId": { + "markdownDescription": "The identifier for the directory.", + "title": "DirectoryId", + "type": "string" + }, + "IdentityManagementType": { + "markdownDescription": "The identity management type.", + "title": "IdentityManagementType", + "type": "string" + }, + "InstanceAlias": { + "markdownDescription": "The alias of instance. `InstanceAlias` is only required when `IdentityManagementType` is `CONNECT_MANAGED` or `SAML` . `InstanceAlias` is not required when `IdentityManagementType` is `EXISTING_DIRECTORY` .", + "title": "InstanceAlias", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Attributes", + "IdentityManagementType" + ], + "type": "object" }, - "Overwrite": { - "markdownDescription": "A value that, if true, means that any data in the location specified for output is overwritten with new output.", - "title": "Overwrite", - "type": "boolean" + "Type": { + "enum": [ + "AWS::Connect::Instance" + ], + "type": "string" }, - "PartitionColumns": { - "items": { - "type": "string" - }, - "markdownDescription": "The names of one or more partition columns for the output of the job.", - "title": "PartitionColumns", - "type": "array" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Location" + "Type", + "Properties" ], "type": "object" }, - "AWS::DataBrew::Job.OutputFormatOptions": { - "additionalProperties": false, - "properties": { - "Csv": { - "$ref": "#/definitions/AWS::DataBrew::Job.CsvOutputOptions", - "markdownDescription": "Represents a set of options that define the structure of comma-separated value (CSV) job output.", - "title": "Csv" - } - }, - "type": "object" - }, - "AWS::DataBrew::Job.OutputLocation": { + "AWS::Connect::Instance.Attributes": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The Amazon S3 bucket name.", - "title": "Bucket", - "type": "string" + "AutoResolveBestVoices": { + "markdownDescription": "", + "title": "AutoResolveBestVoices", + "type": "boolean" }, - "BucketOwner": { + "ContactLens": { "markdownDescription": "", - "title": "BucketOwner", - "type": "string" + "title": "ContactLens", + "type": "boolean" }, - "Key": { - "markdownDescription": "The unique name of the object in the bucket.", - "title": "Key", - "type": "string" + "ContactflowLogs": { + "markdownDescription": "", + "title": "ContactflowLogs", + "type": "boolean" + }, + "EarlyMedia": { + "markdownDescription": "", + "title": "EarlyMedia", + "type": "boolean" + }, + "EnhancedChatMonitoring": { + "markdownDescription": "", + "title": "EnhancedChatMonitoring", + "type": "boolean" + }, + "EnhancedContactMonitoring": { + "markdownDescription": "", + "title": "EnhancedContactMonitoring", + "type": "boolean" + }, + "HighVolumeOutBound": { + "markdownDescription": "", + "title": "HighVolumeOutBound", + "type": "boolean" + }, + "InboundCalls": { + "markdownDescription": "", + "title": "InboundCalls", + "type": "boolean" + }, + "MultiPartyChatConference": { + "markdownDescription": "", + "title": "MultiPartyChatConference", + "type": "boolean" + }, + "MultiPartyConference": { + "markdownDescription": "", + "title": "MultiPartyConference", + "type": "boolean" + }, + "OutboundCalls": { + "markdownDescription": "", + "title": "OutboundCalls", + "type": "boolean" + }, + "UseCustomTTSVoices": { + "markdownDescription": "", + "title": "UseCustomTTSVoices", + "type": "boolean" } }, "required": [ - "Bucket" + "InboundCalls", + "OutboundCalls" ], "type": "object" }, - "AWS::DataBrew::Job.ProfileConfiguration": { + "AWS::Connect::InstanceStorageConfig": { "additionalProperties": false, "properties": { - "ColumnStatisticsConfigurations": { - "items": { - "$ref": "#/definitions/AWS::DataBrew::Job.ColumnStatisticsConfiguration" - }, - "markdownDescription": "List of configurations for column evaluations. ColumnStatisticsConfigurations are used to select evaluations and override parameters of evaluations for particular columns. When ColumnStatisticsConfigurations is undefined, the profile job will profile all supported columns and run all supported evaluations.", - "title": "ColumnStatisticsConfigurations", - "type": "array" + "Condition": { + "type": "string" }, - "DatasetStatisticsConfiguration": { - "$ref": "#/definitions/AWS::DataBrew::Job.StatisticsConfiguration", - "markdownDescription": "Configuration for inter-column evaluations. Configuration can be used to select evaluations and override parameters of evaluations. When configuration is undefined, the profile job will run all supported inter-column evaluations.", - "title": "DatasetStatisticsConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "EntityDetectorConfiguration": { - "$ref": "#/definitions/AWS::DataBrew::Job.EntityDetectorConfiguration", - "markdownDescription": "Configuration of entity detection for a profile job. When undefined, entity detection is disabled.", - "title": "EntityDetectorConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ProfileColumns": { - "items": { - "$ref": "#/definitions/AWS::DataBrew::Job.ColumnSelector" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", + "title": "InstanceArn", + "type": "string" + }, + "KinesisFirehoseConfig": { + "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig.KinesisFirehoseConfig", + "markdownDescription": "The configuration of the Kinesis Firehose delivery stream.", + "title": "KinesisFirehoseConfig" + }, + "KinesisStreamConfig": { + "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig.KinesisStreamConfig", + "markdownDescription": "The configuration of the Kinesis data stream.", + "title": "KinesisStreamConfig" + }, + "KinesisVideoStreamConfig": { + "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig.KinesisVideoStreamConfig", + "markdownDescription": "The configuration of the Kinesis video stream.", + "title": "KinesisVideoStreamConfig" + }, + "ResourceType": { + "markdownDescription": "A valid resource type. Following are the valid resource types: `CHAT_TRANSCRIPTS` | `CALL_RECORDINGS` | `SCHEDULED_REPORTS` | `MEDIA_STREAMS` | `CONTACT_TRACE_RECORDS` | `AGENT_EVENTS`", + "title": "ResourceType", + "type": "string" + }, + "S3Config": { + "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig.S3Config", + "markdownDescription": "The S3 bucket configuration.", + "title": "S3Config" + }, + "StorageType": { + "markdownDescription": "A valid storage type.", + "title": "StorageType", + "type": "string" + } }, - "markdownDescription": "List of column selectors. ProfileColumns can be used to select columns from the dataset. When ProfileColumns is undefined, the profile job will profile all supported columns.", - "title": "ProfileColumns", - "type": "array" + "required": [ + "InstanceArn", + "ResourceType", + "StorageType" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Connect::InstanceStorageConfig" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::DataBrew::Job.Recipe": { + "AWS::Connect::InstanceStorageConfig.EncryptionConfig": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The unique name for the recipe.", - "title": "Name", + "EncryptionType": { + "markdownDescription": "The type of encryption.", + "title": "EncryptionType", "type": "string" }, - "Version": { - "markdownDescription": "The identifier for the version for the recipe.", - "title": "Version", + "KeyId": { + "markdownDescription": "The full ARN of the encryption key.\n\n> Be sure to provide the full ARN of the encryption key, not just the ID.\n> \n> Amazon Connect supports only KMS keys with the default key spec of [`SYMMETRIC_DEFAULT`](https://docs.aws.amazon.com/kms/latest/developerguide/asymmetric-key-specs.html#key-spec-symmetric-default) .", + "title": "KeyId", "type": "string" } }, "required": [ - "Name" + "EncryptionType", + "KeyId" ], "type": "object" }, - "AWS::DataBrew::Job.S3Location": { + "AWS::Connect::InstanceStorageConfig.KinesisFirehoseConfig": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The Amazon S3 bucket name.", - "title": "Bucket", - "type": "string" - }, - "BucketOwner": { - "markdownDescription": "The AWS account ID of the bucket owner.", - "title": "BucketOwner", - "type": "string" - }, - "Key": { - "markdownDescription": "The unique name of the object in the bucket.", - "title": "Key", + "FirehoseArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the delivery stream.", + "title": "FirehoseArn", "type": "string" } }, "required": [ - "Bucket" + "FirehoseArn" ], "type": "object" }, - "AWS::DataBrew::Job.S3TableOutputOptions": { + "AWS::Connect::InstanceStorageConfig.KinesisStreamConfig": { "additionalProperties": false, "properties": { - "Location": { - "$ref": "#/definitions/AWS::DataBrew::Job.S3Location", - "markdownDescription": "Represents an Amazon S3 location (bucket name and object key) where DataBrew can write output from a job.", - "title": "Location" + "StreamArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the data stream.", + "title": "StreamArn", + "type": "string" } }, "required": [ - "Location" + "StreamArn" ], "type": "object" }, - "AWS::DataBrew::Job.StatisticOverride": { + "AWS::Connect::InstanceStorageConfig.KinesisVideoStreamConfig": { "additionalProperties": false, "properties": { - "Parameters": { - "additionalProperties": true, - "markdownDescription": "A map that includes overrides of an evaluation\u2019s parameters.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Parameters", - "type": "object" + "EncryptionConfig": { + "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig.EncryptionConfig", + "markdownDescription": "The encryption configuration.", + "title": "EncryptionConfig" }, - "Statistic": { - "markdownDescription": "The name of an evaluation", - "title": "Statistic", + "Prefix": { + "markdownDescription": "The prefix of the video stream.", + "title": "Prefix", "type": "string" + }, + "RetentionPeriodHours": { + "markdownDescription": "The number of hours data is retained in the stream. Kinesis Video Streams retains the data in a data store that is associated with the stream.\n\nThe default value is 0, indicating that the stream does not persist data.", + "title": "RetentionPeriodHours", + "type": "number" } }, "required": [ - "Parameters", - "Statistic" + "EncryptionConfig", + "Prefix", + "RetentionPeriodHours" ], "type": "object" }, - "AWS::DataBrew::Job.StatisticsConfiguration": { + "AWS::Connect::InstanceStorageConfig.S3Config": { "additionalProperties": false, "properties": { - "IncludedStatistics": { - "items": { - "type": "string" - }, - "markdownDescription": "List of included evaluations. When the list is undefined, all supported evaluations will be included.", - "title": "IncludedStatistics", - "type": "array" + "BucketName": { + "markdownDescription": "The S3 bucket name.", + "title": "BucketName", + "type": "string" }, - "Overrides": { - "items": { - "$ref": "#/definitions/AWS::DataBrew::Job.StatisticOverride" - }, - "markdownDescription": "List of overrides for evaluations.", - "title": "Overrides", - "type": "array" + "BucketPrefix": { + "markdownDescription": "The S3 bucket prefix.", + "title": "BucketPrefix", + "type": "string" + }, + "EncryptionConfig": { + "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig.EncryptionConfig", + "markdownDescription": "The Amazon S3 encryption configuration.", + "title": "EncryptionConfig" } }, + "required": [ + "BucketName", + "BucketPrefix" + ], "type": "object" }, - "AWS::DataBrew::Job.ValidationConfiguration": { + "AWS::Connect::IntegrationAssociation": { "additionalProperties": false, "properties": { - "RulesetArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the ruleset to be validated in the profile job. The TargetArn of the selected ruleset should be the same as the Amazon Resource Name (ARN) of the dataset that is associated with the profile job.", - "title": "RulesetArn", + "Condition": { "type": "string" }, - "ValidationMode": { - "markdownDescription": "Mode of data quality validation. Default mode is \u201cCHECK_ALL\u201d which verifies all rules defined in the selected ruleset.", - "title": "ValidationMode", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "InstanceId": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance.\n\n*Minimum* : `1`\n\n*Maximum* : `100`", + "title": "InstanceId", + "type": "string" + }, + "IntegrationArn": { + "markdownDescription": "ARN of the integration being associated with the instance.\n\n*Minimum* : `1`\n\n*Maximum* : `140`", + "title": "IntegrationArn", + "type": "string" + }, + "IntegrationType": { + "markdownDescription": "Specifies the integration type to be associated with the instance.\n\n*Allowed Values* : `LEX_BOT` | `LAMBDA_FUNCTION`", + "title": "IntegrationType", + "type": "string" + } + }, + "required": [ + "InstanceId", + "IntegrationArn", + "IntegrationType" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Connect::IntegrationAssociation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "RulesetArn" + "Type", + "Properties" ], "type": "object" }, - "AWS::DataBrew::Project": { + "AWS::Connect::PhoneNumber": { "additionalProperties": false, "properties": { "Condition": { @@ -60004,51 +65828,53 @@ "Properties": { "additionalProperties": false, "properties": { - "DatasetName": { - "markdownDescription": "The dataset that the project is to act upon.", - "title": "DatasetName", + "CountryCode": { + "markdownDescription": "The ISO country code.", + "title": "CountryCode", "type": "string" }, - "Name": { - "markdownDescription": "The unique name of a project.", - "title": "Name", + "Description": { + "markdownDescription": "The description of the phone number.", + "title": "Description", "type": "string" }, - "RecipeName": { - "markdownDescription": "The name of a recipe that will be developed during a project session.", - "title": "RecipeName", + "Prefix": { + "markdownDescription": "The prefix of the phone number. If provided, it must contain `+` as part of the country code.\n\n*Pattern* : `^\\\\+[0-9]{1,15}`", + "title": "Prefix", "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role that will be assumed for this project.", - "title": "RoleArn", + "SourcePhoneNumberArn": { + "markdownDescription": "The claimed phone number ARN that was previously imported from the external service, such as AWS End User Messaging. If it is from AWS End User Messaging, it looks like the ARN of the phone number that was imported from AWS End User Messaging.", + "title": "SourcePhoneNumberArn", "type": "string" }, - "Sample": { - "$ref": "#/definitions/AWS::DataBrew::Project.Sample", - "markdownDescription": "The sample size and sampling type to apply to the data. If this parameter isn't specified, then the sample consists of the first 500 rows from the dataset.", - "title": "Sample" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata tags that have been applied to the project.", + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" + }, + "TargetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for Amazon Connect instances or traffic distribution group that phone numbers are claimed to.", + "title": "TargetArn", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of phone number.", + "title": "Type", + "type": "string" } }, "required": [ - "DatasetName", - "Name", - "RecipeName", - "RoleArn" + "TargetArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataBrew::Project" + "AWS::Connect::PhoneNumber" ], "type": "string" }, @@ -60067,26 +65893,100 @@ ], "type": "object" }, - "AWS::DataBrew::Project.Sample": { + "AWS::Connect::PredefinedAttribute": { "additionalProperties": false, "properties": { - "Size": { - "markdownDescription": "The number of rows in the sample.", - "title": "Size", - "type": "number" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", + "title": "InstanceArn", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the predefined attribute.", + "title": "Name", + "type": "string" + }, + "Values": { + "$ref": "#/definitions/AWS::Connect::PredefinedAttribute.Values", + "markdownDescription": "The values of a predefined attribute.", + "title": "Values" + } + }, + "required": [ + "InstanceArn", + "Name", + "Values" + ], + "type": "object" }, "Type": { - "markdownDescription": "The way in which DataBrew obtains rows from a dataset.", - "title": "Type", + "enum": [ + "AWS::Connect::PredefinedAttribute" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::DataBrew::Recipe": { + "AWS::Connect::PredefinedAttribute.Values": { + "additionalProperties": false, + "properties": { + "StringList": { + "items": { + "type": "string" + }, + "markdownDescription": "Predefined attribute values of type string list.", + "title": "StringList", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Connect::Prompt": { "additionalProperties": false, "properties": { "Condition": { @@ -60122,41 +66022,43 @@ "additionalProperties": false, "properties": { "Description": { - "markdownDescription": "The description of the recipe.", + "markdownDescription": "The description of the prompt.", "title": "Description", "type": "string" }, + "InstanceArn": { + "markdownDescription": "The identifier of the Amazon Connect instance.", + "title": "InstanceArn", + "type": "string" + }, "Name": { - "markdownDescription": "The unique name for the recipe.", + "markdownDescription": "The name of the prompt.", "title": "Name", "type": "string" }, - "Steps": { - "items": { - "$ref": "#/definitions/AWS::DataBrew::Recipe.RecipeStep" - }, - "markdownDescription": "A list of steps that are defined by the recipe.", - "title": "Steps", - "type": "array" + "S3Uri": { + "markdownDescription": "The URI for the S3 bucket where the prompt is stored. This property is required when you create a prompt.", + "title": "S3Uri", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata tags that have been applied to the recipe.", + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" } }, "required": [ - "Name", - "Steps" + "InstanceArn", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataBrew::Recipe" + "AWS::Connect::Prompt" ], "type": "string" }, @@ -60175,670 +66077,159 @@ ], "type": "object" }, - "AWS::DataBrew::Recipe.Action": { + "AWS::Connect::Queue": { "additionalProperties": false, "properties": { - "Operation": { - "markdownDescription": "The name of a valid DataBrew transformation to be performed on the data.", - "title": "Operation", + "Condition": { "type": "string" }, - "Parameters": { - "$ref": "#/definitions/AWS::DataBrew::Recipe.RecipeParameters", - "markdownDescription": "Contextual parameters for the transformation.", - "title": "Parameters" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the queue.", + "title": "Description", + "type": "string" + }, + "HoursOfOperationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the hours of operation.", + "title": "HoursOfOperationArn", + "type": "string" + }, + "InstanceArn": { + "markdownDescription": "The identifier of the Amazon Connect instance.", + "title": "InstanceArn", + "type": "string" + }, + "MaxContacts": { + "markdownDescription": "The maximum number of contacts that can be in the queue before it is considered full.", + "title": "MaxContacts", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of the queue.", + "title": "Name", + "type": "string" + }, + "OutboundCallerConfig": { + "$ref": "#/definitions/AWS::Connect::Queue.OutboundCallerConfig", + "markdownDescription": "The outbound caller ID name, number, and outbound whisper flow.", + "title": "OutboundCallerConfig" + }, + "OutboundEmailConfig": { + "$ref": "#/definitions/AWS::Connect::Queue.OutboundEmailConfig", + "markdownDescription": "The outbound email address ID for a specified queue.", + "title": "OutboundEmailConfig" + }, + "QuickConnectArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Names (ARN) of the of the quick connects available to agents who are working the queue.", + "title": "QuickConnectArns", + "type": "array" + }, + "Status": { + "markdownDescription": "The status of the queue.", + "title": "Status", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"Tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "HoursOfOperationArn", + "InstanceArn", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Connect::Queue" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Operation" + "Type", + "Properties" ], "type": "object" }, - "AWS::DataBrew::Recipe.ConditionExpression": { + "AWS::Connect::Queue.OutboundCallerConfig": { "additionalProperties": false, "properties": { - "Condition": { - "markdownDescription": "A specific condition to apply to a recipe action. For more information, see [Recipe structure](https://docs.aws.amazon.com/databrew/latest/dg/recipe-structure.html) in the *AWS Glue DataBrew Developer Guide* .", - "title": "Condition", + "OutboundCallerIdName": { + "markdownDescription": "The caller ID name.", + "title": "OutboundCallerIdName", "type": "string" }, - "TargetColumn": { - "markdownDescription": "A column to apply this condition to.", - "title": "TargetColumn", + "OutboundCallerIdNumberArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the outbound caller ID number.\n\n> Only use the phone number ARN format that doesn't contain `instance` in the path, for example, `arn:aws:connect:us-east-1:1234567890:phone-number/uuid` . This is the same ARN format that is returned when you create a phone number using CloudFormation , or when you call the [ListPhoneNumbersV2](https://docs.aws.amazon.com/connect/latest/APIReference/API_ListPhoneNumbersV2.html) API.", + "title": "OutboundCallerIdNumberArn", "type": "string" }, - "Value": { - "markdownDescription": "A value that the condition must evaluate to for the condition to succeed.", - "title": "Value", + "OutboundFlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the outbound flow.", + "title": "OutboundFlowArn", "type": "string" } }, - "required": [ - "Condition", - "TargetColumn" - ], "type": "object" }, - "AWS::DataBrew::Recipe.DataCatalogInputDefinition": { + "AWS::Connect::Queue.OutboundEmailConfig": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The unique identifier of the AWS account that holds the Data Catalog that stores the data.", - "title": "CatalogId", - "type": "string" - }, - "DatabaseName": { - "markdownDescription": "The name of a database in the Data Catalog.", - "title": "DatabaseName", - "type": "string" - }, - "TableName": { - "markdownDescription": "The name of a database table in the Data Catalog. This table corresponds to a DataBrew dataset.", - "title": "TableName", + "OutboundEmailAddressId": { + "markdownDescription": "The identifier of the email address.", + "title": "OutboundEmailAddressId", "type": "string" - }, - "TempDirectory": { - "$ref": "#/definitions/AWS::DataBrew::Recipe.S3Location", - "markdownDescription": "Represents an Amazon location where DataBrew can store intermediate results.", - "title": "TempDirectory" } }, "type": "object" }, - "AWS::DataBrew::Recipe.Input": { - "additionalProperties": false, - "properties": { - "DataCatalogInputDefinition": { - "$ref": "#/definitions/AWS::DataBrew::Recipe.DataCatalogInputDefinition", - "markdownDescription": "The AWS Glue Data Catalog parameters for the data.", - "title": "DataCatalogInputDefinition" - }, - "S3InputDefinition": { - "$ref": "#/definitions/AWS::DataBrew::Recipe.S3Location", - "markdownDescription": "The Amazon S3 location where the data is stored.", - "title": "S3InputDefinition" - } - }, - "type": "object" - }, - "AWS::DataBrew::Recipe.RecipeParameters": { - "additionalProperties": false, - "properties": { - "AggregateFunction": { - "markdownDescription": "The name of an aggregation function to apply.", - "title": "AggregateFunction", - "type": "string" - }, - "Base": { - "markdownDescription": "The number of digits used in a counting system.", - "title": "Base", - "type": "string" - }, - "CaseStatement": { - "markdownDescription": "A case statement associated with a recipe.", - "title": "CaseStatement", - "type": "string" - }, - "CategoryMap": { - "markdownDescription": "A category map used for one-hot encoding.", - "title": "CategoryMap", - "type": "string" - }, - "CharsToRemove": { - "markdownDescription": "Characters to remove from a step that applies one-hot encoding or tokenization.", - "title": "CharsToRemove", - "type": "string" - }, - "CollapseConsecutiveWhitespace": { - "markdownDescription": "Remove any non-word non-punctuation character.", - "title": "CollapseConsecutiveWhitespace", - "type": "string" - }, - "ColumnDataType": { - "markdownDescription": "The data type of the column.", - "title": "ColumnDataType", - "type": "string" - }, - "ColumnRange": { - "markdownDescription": "A range of columns to which a step is applied.", - "title": "ColumnRange", - "type": "string" - }, - "Count": { - "markdownDescription": "The number of times a string needs to be repeated.", - "title": "Count", - "type": "string" - }, - "CustomCharacters": { - "markdownDescription": "One or more characters that can be substituted or removed, depending on the context.", - "title": "CustomCharacters", - "type": "string" - }, - "CustomStopWords": { - "markdownDescription": "A list of words to ignore in a step that applies word tokenization.", - "title": "CustomStopWords", - "type": "string" - }, - "CustomValue": { - "markdownDescription": "A list of custom values to use in a step that requires that you provide a value to finish the operation.", - "title": "CustomValue", - "type": "string" - }, - "DatasetsColumns": { - "markdownDescription": "A list of the dataset columns included in a project.", - "title": "DatasetsColumns", - "type": "string" - }, - "DateAddValue": { - "markdownDescription": "A value that specifies how many units of time to add or subtract for a date math operation.", - "title": "DateAddValue", - "type": "string" - }, - "DateTimeFormat": { - "markdownDescription": "A date format to apply to a date.", - "title": "DateTimeFormat", - "type": "string" - }, - "DateTimeParameters": { - "markdownDescription": "A set of parameters associated with a datetime.", - "title": "DateTimeParameters", - "type": "string" - }, - "DeleteOtherRows": { - "markdownDescription": "Determines whether unmapped rows in a categorical mapping should be deleted", - "title": "DeleteOtherRows", - "type": "string" - }, - "Delimiter": { - "markdownDescription": "The delimiter to use when parsing separated values in a text file.", - "title": "Delimiter", - "type": "string" - }, - "EndPattern": { - "markdownDescription": "The end pattern to locate.", - "title": "EndPattern", - "type": "string" - }, - "EndPosition": { - "markdownDescription": "The end position to locate.", - "title": "EndPosition", - "type": "string" - }, - "EndValue": { - "markdownDescription": "The end value to locate.", - "title": "EndValue", - "type": "string" - }, - "ExpandContractions": { - "markdownDescription": "A list of word contractions and what they expand to. For eample: *can't* ; *cannot* ; *can not* .", - "title": "ExpandContractions", - "type": "string" - }, - "Exponent": { - "markdownDescription": "The exponent to apply in an exponential operation.", - "title": "Exponent", - "type": "string" - }, - "FalseString": { - "markdownDescription": "A value that represents `FALSE` .", - "title": "FalseString", - "type": "string" - }, - "GroupByAggFunctionOptions": { - "markdownDescription": "Specifies options to apply to the `GROUP BY` used in an aggregation.", - "title": "GroupByAggFunctionOptions", - "type": "string" - }, - "GroupByColumns": { - "markdownDescription": "The columns to use in the `GROUP BY` clause.", - "title": "GroupByColumns", - "type": "string" - }, - "HiddenColumns": { - "markdownDescription": "A list of columns to hide.", - "title": "HiddenColumns", - "type": "string" - }, - "IgnoreCase": { - "markdownDescription": "Indicates that lower and upper case letters are treated equally.", - "title": "IgnoreCase", - "type": "string" - }, - "IncludeInSplit": { - "markdownDescription": "Indicates if this column is participating in a split transform.", - "title": "IncludeInSplit", - "type": "string" - }, - "Input": { - "$ref": "#/definitions/AWS::DataBrew::Recipe.Input", - "markdownDescription": "The input location to load the dataset from - Amazon S3 or AWS Glue Data Catalog .", - "title": "Input" - }, - "Interval": { - "markdownDescription": "The number of characters to split by.", - "title": "Interval", - "type": "string" - }, - "IsText": { - "markdownDescription": "Indicates if the content is text.", - "title": "IsText", - "type": "string" - }, - "JoinKeys": { - "markdownDescription": "The keys or columns involved in a join.", - "title": "JoinKeys", - "type": "string" - }, - "JoinType": { - "markdownDescription": "The type of join to use, for example, `INNER JOIN` , `OUTER JOIN` , and so on.", - "title": "JoinType", - "type": "string" - }, - "LeftColumns": { - "markdownDescription": "The columns on the left side of the join.", - "title": "LeftColumns", - "type": "string" - }, - "Limit": { - "markdownDescription": "The number of times to perform `split` or `replaceBy` in a string", - "title": "Limit", - "type": "string" - }, - "LowerBound": { - "markdownDescription": "The lower boundary for a value.", - "title": "LowerBound", - "type": "string" - }, - "MapType": { - "markdownDescription": "The type of mappings to apply to construct a new dynamic frame.", - "title": "MapType", - "type": "string" - }, - "ModeType": { - "markdownDescription": "Determines the manner in which mode value is calculated, in case there is more than one mode value. Valid values: `NONE` | `AVERAGE` | `MINIMUM` | `MAXIMUM`", - "title": "ModeType", - "type": "string" - }, - "MultiLine": { - "markdownDescription": "Specifies whether JSON input contains embedded new line characters.", - "title": "MultiLine", - "type": "boolean" - }, - "NumRows": { - "markdownDescription": "The number of rows to consider in a window.", - "title": "NumRows", - "type": "string" - }, - "NumRowsAfter": { - "markdownDescription": "The number of rows to consider after the current row in a window", - "title": "NumRowsAfter", - "type": "string" - }, - "NumRowsBefore": { - "markdownDescription": "The number of rows to consider before the current row in a window", - "title": "NumRowsBefore", - "type": "string" - }, - "OrderByColumn": { - "markdownDescription": "A column to sort the results by.", - "title": "OrderByColumn", - "type": "string" - }, - "OrderByColumns": { - "markdownDescription": "The columns to sort the results by.", - "title": "OrderByColumns", - "type": "string" - }, - "Other": { - "markdownDescription": "The value to assign to unmapped cells, in categorical mapping", - "title": "Other", - "type": "string" - }, - "Pattern": { - "markdownDescription": "The pattern to locate.", - "title": "Pattern", - "type": "string" - }, - "PatternOption1": { - "markdownDescription": "The starting pattern to split between.", - "title": "PatternOption1", - "type": "string" - }, - "PatternOption2": { - "markdownDescription": "The ending pattern to split between.", - "title": "PatternOption2", - "type": "string" - }, - "PatternOptions": { - "markdownDescription": "For splitting by multiple delimiters: A JSON-encoded string that lists the patterns in the format. For example: `[{\\\"pattern\\\":\\\"1\\\",\\\"includeInSplit\\\":true}]`", - "title": "PatternOptions", - "type": "string" - }, - "Period": { - "markdownDescription": "The size of the rolling window.", - "title": "Period", - "type": "string" - }, - "Position": { - "markdownDescription": "The character index within a string", - "title": "Position", - "type": "string" - }, - "RemoveAllPunctuation": { - "markdownDescription": "If `true` , removes all of the following characters: `.` `.!` `.,` `.?`", - "title": "RemoveAllPunctuation", - "type": "string" - }, - "RemoveAllQuotes": { - "markdownDescription": "If `true` , removes all single quotes and double quotes.", - "title": "RemoveAllQuotes", - "type": "string" - }, - "RemoveAllWhitespace": { - "markdownDescription": "If `true` , removes all whitespaces from the value.", - "title": "RemoveAllWhitespace", - "type": "string" - }, - "RemoveCustomCharacters": { - "markdownDescription": "If `true` , removes all chraracters specified by `CustomCharacters` .", - "title": "RemoveCustomCharacters", - "type": "string" - }, - "RemoveCustomValue": { - "markdownDescription": "If `true` , removes all chraracters specified by `CustomValue` .", - "title": "RemoveCustomValue", - "type": "string" - }, - "RemoveLeadingAndTrailingPunctuation": { - "markdownDescription": "If `true` , removes the following characters if they occur at the start or end of the value: `.` `!` `,` `?`", - "title": "RemoveLeadingAndTrailingPunctuation", - "type": "string" - }, - "RemoveLeadingAndTrailingQuotes": { - "markdownDescription": "If `true` , removes single quotes and double quotes from the beginning and end of the value.", - "title": "RemoveLeadingAndTrailingQuotes", - "type": "string" - }, - "RemoveLeadingAndTrailingWhitespace": { - "markdownDescription": "If `true` , removes all whitespaces from the beginning and end of the value.", - "title": "RemoveLeadingAndTrailingWhitespace", - "type": "string" - }, - "RemoveLetters": { - "markdownDescription": "If `true` , removes all uppercase and lowercase alphabetic characters (A through Z; a through z).", - "title": "RemoveLetters", - "type": "string" - }, - "RemoveNumbers": { - "markdownDescription": "If `true` , removes all numeric characters (0 through 9).", - "title": "RemoveNumbers", - "type": "string" - }, - "RemoveSourceColumn": { - "markdownDescription": "If `true` , the source column will be removed after un-nesting that column. (Used with nested column types, such as Map, Struct, or Array.)", - "title": "RemoveSourceColumn", - "type": "string" - }, - "RemoveSpecialCharacters": { - "markdownDescription": "If `true` , removes all of the following characters: `! \" # $ % & ' ( ) * + , - . / : ; < = > ? @ [ \\ ] ^ _ ` { | } ~`", - "title": "RemoveSpecialCharacters", - "type": "string" - }, - "RightColumns": { - "markdownDescription": "The columns on the right side of a join.", - "title": "RightColumns", - "type": "string" - }, - "SampleSize": { - "markdownDescription": "The number of rows in the sample.", - "title": "SampleSize", - "type": "string" - }, - "SampleType": { - "markdownDescription": "The sampling type to apply to the dataset. Valid values: `FIRST_N` | `LAST_N` | `RANDOM`", - "title": "SampleType", - "type": "string" - }, - "SecondInput": { - "markdownDescription": "A object value to indicate the second dataset used in a join.", - "title": "SecondInput", - "type": "string" - }, - "SecondaryInputs": { - "items": { - "$ref": "#/definitions/AWS::DataBrew::Recipe.SecondaryInput" - }, - "markdownDescription": "A list of secondary inputs in a UNION transform", - "title": "SecondaryInputs", - "type": "array" - }, - "SheetIndexes": { - "items": { - "type": "number" - }, - "markdownDescription": "One or more sheet numbers in the Excel file, which will be included in a dataset.", - "title": "SheetIndexes", - "type": "array" - }, - "SheetNames": { - "items": { - "type": "string" - }, - "markdownDescription": "Oone or more named sheets in the Excel file, which will be included in a dataset.", - "title": "SheetNames", - "type": "array" - }, - "SourceColumn": { - "markdownDescription": "A source column needed for an operation, step, or transform.", - "title": "SourceColumn", - "type": "string" - }, - "SourceColumn1": { - "markdownDescription": "A source column needed for an operation, step, or transform.", - "title": "SourceColumn1", - "type": "string" - }, - "SourceColumn2": { - "markdownDescription": "A source column needed for an operation, step, or transform.", - "title": "SourceColumn2", - "type": "string" - }, - "SourceColumns": { - "markdownDescription": "A list of source columns needed for an operation, step, or transform.", - "title": "SourceColumns", - "type": "string" - }, - "StartColumnIndex": { - "markdownDescription": "The index number of the first column used by an operation, step, or transform.", - "title": "StartColumnIndex", - "type": "string" - }, - "StartPattern": { - "markdownDescription": "The starting pattern to locate.", - "title": "StartPattern", - "type": "string" - }, - "StartPosition": { - "markdownDescription": "The starting position to locate.", - "title": "StartPosition", - "type": "string" - }, - "StartValue": { - "markdownDescription": "The starting value to locate.", - "title": "StartValue", - "type": "string" - }, - "StemmingMode": { - "markdownDescription": "Indicates this operation uses stems and lemmas (base words) for word tokenization.", - "title": "StemmingMode", - "type": "string" - }, - "StepCount": { - "markdownDescription": "The total number of transforms in this recipe.", - "title": "StepCount", - "type": "string" - }, - "StepIndex": { - "markdownDescription": "The index ID of a step.", - "title": "StepIndex", - "type": "string" - }, - "StopWordsMode": { - "markdownDescription": "Indicates this operation uses stop words as part of word tokenization.", - "title": "StopWordsMode", - "type": "string" - }, - "Strategy": { - "markdownDescription": "The resolution strategy to apply in resolving ambiguities.", - "title": "Strategy", - "type": "string" - }, - "TargetColumn": { - "markdownDescription": "The column targeted by this operation.", - "title": "TargetColumn", - "type": "string" - }, - "TargetColumnNames": { - "markdownDescription": "The names to give columns altered by this operation.", - "title": "TargetColumnNames", - "type": "string" - }, - "TargetDateFormat": { - "markdownDescription": "The date format to convert to.", - "title": "TargetDateFormat", - "type": "string" - }, - "TargetIndex": { - "markdownDescription": "The index number of an object that is targeted by this operation.", - "title": "TargetIndex", - "type": "string" - }, - "TimeZone": { - "markdownDescription": "The current timezone that you want to use for dates.", - "title": "TimeZone", - "type": "string" - }, - "TokenizerPattern": { - "markdownDescription": "A regex expression to use when splitting text into terms, also called words or tokens.", - "title": "TokenizerPattern", - "type": "string" - }, - "TrueString": { - "markdownDescription": "A value to use to represent `TRUE` .", - "title": "TrueString", - "type": "string" - }, - "UdfLang": { - "markdownDescription": "The language that's used in the user-defined function.", - "title": "UdfLang", - "type": "string" - }, - "Units": { - "markdownDescription": "Specifies a unit of time. For example: `MINUTES` ; `SECONDS` ; `HOURS` ; etc.", - "title": "Units", - "type": "string" - }, - "UnpivotColumn": { - "markdownDescription": "Cast columns as rows, so that each value is a different row in a single column.", - "title": "UnpivotColumn", - "type": "string" - }, - "UpperBound": { - "markdownDescription": "The upper boundary for a value.", - "title": "UpperBound", - "type": "string" - }, - "UseNewDataFrame": { - "markdownDescription": "Create a new container to hold a dataset.", - "title": "UseNewDataFrame", - "type": "string" - }, - "Value": { - "markdownDescription": "A static value that can be used in a comparison, a substitution, or in another context-specific way. A `Value` can be a number, string, or other datatype, depending on the recipe action in which it's used.", - "title": "Value", - "type": "string" - }, - "Value1": { - "markdownDescription": "A value that's used by this operation.", - "title": "Value1", - "type": "string" - }, - "Value2": { - "markdownDescription": "A value that's used by this operation.", - "title": "Value2", - "type": "string" - }, - "ValueColumn": { - "markdownDescription": "The column that is provided as a value that's used by this operation.", - "title": "ValueColumn", - "type": "string" - }, - "ViewFrame": { - "markdownDescription": "The subset of rows currently available for viewing.", - "title": "ViewFrame", - "type": "string" - } - }, - "type": "object" - }, - "AWS::DataBrew::Recipe.RecipeStep": { - "additionalProperties": false, - "properties": { - "Action": { - "$ref": "#/definitions/AWS::DataBrew::Recipe.Action", - "markdownDescription": "The particular action to be performed in the recipe step.", - "title": "Action" - }, - "ConditionExpressions": { - "items": { - "$ref": "#/definitions/AWS::DataBrew::Recipe.ConditionExpression" - }, - "markdownDescription": "One or more conditions that must be met for the recipe step to succeed.\n\n> All of the conditions in the array must be met. In other words, all of the conditions must be combined using a logical AND operation.", - "title": "ConditionExpressions", - "type": "array" - } - }, - "required": [ - "Action" - ], - "type": "object" - }, - "AWS::DataBrew::Recipe.S3Location": { - "additionalProperties": false, - "properties": { - "Bucket": { - "markdownDescription": "The Amazon S3 bucket name.", - "title": "Bucket", - "type": "string" - }, - "Key": { - "markdownDescription": "The unique name of the object in the bucket.", - "title": "Key", - "type": "string" - } - }, - "required": [ - "Bucket" - ], - "type": "object" - }, - "AWS::DataBrew::Recipe.SecondaryInput": { - "additionalProperties": false, - "properties": { - "DataCatalogInputDefinition": { - "$ref": "#/definitions/AWS::DataBrew::Recipe.DataCatalogInputDefinition", - "markdownDescription": "The AWS Glue Data Catalog parameters for the data.", - "title": "DataCatalogInputDefinition" - }, - "S3InputDefinition": { - "$ref": "#/definitions/AWS::DataBrew::Recipe.S3Location", - "markdownDescription": "The Amazon S3 location where the data is stored.", - "title": "S3InputDefinition" - } - }, - "type": "object" - }, - "AWS::DataBrew::Ruleset": { + "AWS::Connect::QuickConnect": { "additionalProperties": false, "properties": { "Condition": { @@ -60874,47 +66265,44 @@ "additionalProperties": false, "properties": { "Description": { - "markdownDescription": "The description of the ruleset.", + "markdownDescription": "The description of the quick connect.", "title": "Description", "type": "string" }, + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", + "title": "InstanceArn", + "type": "string" + }, "Name": { - "markdownDescription": "The name of the ruleset.", + "markdownDescription": "The name of the quick connect.", "title": "Name", "type": "string" }, - "Rules": { - "items": { - "$ref": "#/definitions/AWS::DataBrew::Ruleset.Rule" - }, - "markdownDescription": "Contains metadata about the ruleset.", - "title": "Rules", - "type": "array" + "QuickConnectConfig": { + "$ref": "#/definitions/AWS::Connect::QuickConnect.QuickConnectConfig", + "markdownDescription": "Contains information about the quick connect.", + "title": "QuickConnectConfig" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"Tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" - }, - "TargetArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of a resource (dataset) that the ruleset is associated with.", - "title": "TargetArn", - "type": "string" } }, "required": [ + "InstanceArn", "Name", - "Rules", - "TargetArn" + "QuickConnectConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataBrew::Ruleset" + "AWS::Connect::QuickConnect" ], "type": "string" }, @@ -60933,113 +66321,90 @@ ], "type": "object" }, - "AWS::DataBrew::Ruleset.ColumnSelector": { + "AWS::Connect::QuickConnect.PhoneNumberQuickConnectConfig": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of a column from a dataset.", - "title": "Name", - "type": "string" - }, - "Regex": { - "markdownDescription": "A regular expression for selecting a column from a dataset.", - "title": "Regex", + "PhoneNumber": { + "markdownDescription": "The phone number in E.164 format.", + "title": "PhoneNumber", "type": "string" } }, + "required": [ + "PhoneNumber" + ], "type": "object" }, - "AWS::DataBrew::Ruleset.Rule": { + "AWS::Connect::QuickConnect.QueueQuickConnectConfig": { "additionalProperties": false, "properties": { - "CheckExpression": { - "markdownDescription": "The expression which includes column references, condition names followed by variable references, possibly grouped and combined with other conditions. For example, `(:col1 starts_with :prefix1 or :col1 starts_with :prefix2) and (:col1 ends_with :suffix1 or :col1 ends_with :suffix2)` . Column and value references are substitution variables that should start with the ':' symbol. Depending on the context, substitution variables' values can be either an actual value or a column name. These values are defined in the SubstitutionMap. If a CheckExpression starts with a column reference, then ColumnSelectors in the rule should be null. If ColumnSelectors has been defined, then there should be no columnn reference in the left side of a condition, for example, `is_between :val1 and :val2` .", - "title": "CheckExpression", + "ContactFlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", + "title": "ContactFlowArn", "type": "string" }, - "ColumnSelectors": { - "items": { - "$ref": "#/definitions/AWS::DataBrew::Ruleset.ColumnSelector" - }, - "markdownDescription": "List of column selectors. Selectors can be used to select columns using a name or regular expression from the dataset. Rule will be applied to selected columns.", - "title": "ColumnSelectors", - "type": "array" - }, - "Disabled": { - "markdownDescription": "A value that specifies whether the rule is disabled. Once a rule is disabled, a profile job will not validate it during a job run. Default value is false.", - "title": "Disabled", - "type": "boolean" - }, - "Name": { - "markdownDescription": "The name of the rule.", - "title": "Name", + "QueueArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the queue.", + "title": "QueueArn", "type": "string" - }, - "SubstitutionMap": { - "items": { - "$ref": "#/definitions/AWS::DataBrew::Ruleset.SubstitutionValue" - }, - "markdownDescription": "The map of substitution variable names to their values used in a check expression. Variable names should start with a ':' (colon). Variable values can either be actual values or column names. To differentiate between the two, column names should be enclosed in backticks, for example, `\":col1\": \"`Column A`\".`", - "title": "SubstitutionMap", - "type": "array" - }, - "Threshold": { - "$ref": "#/definitions/AWS::DataBrew::Ruleset.Threshold", - "markdownDescription": "The threshold used with a non-aggregate check expression. Non-aggregate check expressions will be applied to each row in a specific column, and the threshold will be used to determine whether the validation succeeds.", - "title": "Threshold" } }, "required": [ - "CheckExpression", - "Name" + "ContactFlowArn", + "QueueArn" ], "type": "object" }, - "AWS::DataBrew::Ruleset.SubstitutionValue": { + "AWS::Connect::QuickConnect.QuickConnectConfig": { "additionalProperties": false, "properties": { - "Value": { - "markdownDescription": "Value or column name.", - "title": "Value", - "type": "string" + "PhoneConfig": { + "$ref": "#/definitions/AWS::Connect::QuickConnect.PhoneNumberQuickConnectConfig", + "markdownDescription": "The phone configuration. This is required only if QuickConnectType is PHONE_NUMBER.", + "title": "PhoneConfig" }, - "ValueReference": { - "markdownDescription": "Variable name.", - "title": "ValueReference", + "QueueConfig": { + "$ref": "#/definitions/AWS::Connect::QuickConnect.QueueQuickConnectConfig", + "markdownDescription": "The queue configuration. This is required only if QuickConnectType is QUEUE.", + "title": "QueueConfig" + }, + "QuickConnectType": { + "markdownDescription": "The type of quick connect. In the Amazon Connect console, when you create a quick connect, you are prompted to assign one of the following types: Agent (USER), External (PHONE_NUMBER), or Queue (QUEUE).", + "title": "QuickConnectType", "type": "string" + }, + "UserConfig": { + "$ref": "#/definitions/AWS::Connect::QuickConnect.UserQuickConnectConfig", + "markdownDescription": "The user configuration. This is required only if QuickConnectType is USER.", + "title": "UserConfig" } }, "required": [ - "Value", - "ValueReference" + "QuickConnectType" ], "type": "object" }, - "AWS::DataBrew::Ruleset.Threshold": { + "AWS::Connect::QuickConnect.UserQuickConnectConfig": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The type of a threshold. Used for comparison of an actual count of rows that satisfy the rule to the threshold value.", - "title": "Type", + "ContactFlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", + "title": "ContactFlowArn", "type": "string" }, - "Unit": { - "markdownDescription": "Unit of threshold value. Can be either a COUNT or PERCENTAGE of the full sample size used for validation.", - "title": "Unit", + "UserArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the user.", + "title": "UserArn", "type": "string" - }, - "Value": { - "markdownDescription": "The value of a threshold.", - "title": "Value", - "type": "number" } }, "required": [ - "Value" + "ContactFlowArn", + "UserArn" ], "type": "object" }, - "AWS::DataBrew::Schedule": { + "AWS::Connect::RoutingProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -61074,42 +66439,68 @@ "Properties": { "additionalProperties": false, "properties": { - "CronExpression": { - "markdownDescription": "The dates and times when the job is to run. For more information, see [Working with cron expressions for recipe jobs](https://docs.aws.amazon.com/databrew/latest/dg/jobs.recipe.html#jobs.cron) in the *AWS Glue DataBrew Developer Guide* .", - "title": "CronExpression", + "AgentAvailabilityTimer": { + "markdownDescription": "Whether agents with this routing profile will have their routing order calculated based on *time since their last inbound contact* or *longest idle time* .", + "title": "AgentAvailabilityTimer", "type": "string" }, - "JobNames": { + "DefaultOutboundQueueArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the default outbound queue for the routing profile.", + "title": "DefaultOutboundQueueArn", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the routing profile.", + "title": "Description", + "type": "string" + }, + "InstanceArn": { + "markdownDescription": "The identifier of the Amazon Connect instance.", + "title": "InstanceArn", + "type": "string" + }, + "MediaConcurrencies": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Connect::RoutingProfile.MediaConcurrency" }, - "markdownDescription": "A list of jobs to be run, according to the schedule.", - "title": "JobNames", + "markdownDescription": "The channels agents can handle in the Contact Control Panel (CCP) for this routing profile.", + "title": "MediaConcurrencies", "type": "array" }, "Name": { - "markdownDescription": "The name of the schedule.", + "markdownDescription": "The name of the routing profile.", "title": "Name", "type": "string" }, + "QueueConfigs": { + "items": { + "$ref": "#/definitions/AWS::Connect::RoutingProfile.RoutingProfileQueueConfig" + }, + "markdownDescription": "The inbound queues associated with the routing profile. If no queue is added, the agent can make only outbound calls.", + "title": "QueueConfigs", + "type": "array" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata tags that have been applied to the schedule.", + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"Tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" } }, "required": [ - "CronExpression", + "DefaultOutboundQueueArn", + "Description", + "InstanceArn", + "MediaConcurrencies", "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataBrew::Schedule" + "AWS::Connect::RoutingProfile" ], "type": "string" }, @@ -61128,7 +66519,92 @@ ], "type": "object" }, - "AWS::DataPipeline::Pipeline": { + "AWS::Connect::RoutingProfile.CrossChannelBehavior": { + "additionalProperties": false, + "properties": { + "BehaviorType": { + "markdownDescription": "Specifies the other channels that can be routed to an agent handling their current channel.", + "title": "BehaviorType", + "type": "string" + } + }, + "required": [ + "BehaviorType" + ], + "type": "object" + }, + "AWS::Connect::RoutingProfile.MediaConcurrency": { + "additionalProperties": false, + "properties": { + "Channel": { + "markdownDescription": "The channels that agents can handle in the Contact Control Panel (CCP).", + "title": "Channel", + "type": "string" + }, + "Concurrency": { + "markdownDescription": "The number of contacts an agent can have on a channel simultaneously.\n\nValid Range for `VOICE` : Minimum value of 1. Maximum value of 1.\n\nValid Range for `CHAT` : Minimum value of 1. Maximum value of 10.\n\nValid Range for `TASK` : Minimum value of 1. Maximum value of 10.", + "title": "Concurrency", + "type": "number" + }, + "CrossChannelBehavior": { + "$ref": "#/definitions/AWS::Connect::RoutingProfile.CrossChannelBehavior", + "markdownDescription": "Defines the cross-channel routing behavior for each channel that is enabled for this Routing Profile. For example, this allows you to offer an agent a different contact from another channel when they are currently working with a contact from a Voice channel.", + "title": "CrossChannelBehavior" + } + }, + "required": [ + "Channel", + "Concurrency" + ], + "type": "object" + }, + "AWS::Connect::RoutingProfile.RoutingProfileQueueConfig": { + "additionalProperties": false, + "properties": { + "Delay": { + "markdownDescription": "The delay, in seconds, a contact should be in the queue before they are routed to an available agent. For more information, see [Queues: priority and delay](https://docs.aws.amazon.com/connect/latest/adminguide/concepts-routing-profiles-priority.html) in the *Amazon Connect Administrator Guide* .", + "title": "Delay", + "type": "number" + }, + "Priority": { + "markdownDescription": "The order in which contacts are to be handled for the queue. For more information, see [Queues: priority and delay](https://docs.aws.amazon.com/connect/latest/adminguide/concepts-routing-profiles-priority.html) .", + "title": "Priority", + "type": "number" + }, + "QueueReference": { + "$ref": "#/definitions/AWS::Connect::RoutingProfile.RoutingProfileQueueReference", + "markdownDescription": "Contains information about a queue resource.", + "title": "QueueReference" + } + }, + "required": [ + "Delay", + "Priority", + "QueueReference" + ], + "type": "object" + }, + "AWS::Connect::RoutingProfile.RoutingProfileQueueReference": { + "additionalProperties": false, + "properties": { + "Channel": { + "markdownDescription": "The channels agents can handle in the Contact Control Panel (CCP) for this routing profile.", + "title": "Channel", + "type": "string" + }, + "QueueArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the queue.", + "title": "QueueArn", + "type": "string" + } + }, + "required": [ + "Channel", + "QueueArn" + ], + "type": "object" + }, + "AWS::Connect::Rule": { "additionalProperties": false, "properties": { "Condition": { @@ -61163,62 +66639,58 @@ "Properties": { "additionalProperties": false, "properties": { - "Activate": { - "markdownDescription": "Indicates whether to validate and start the pipeline or stop an active pipeline. By default, the value is set to `true` .", - "title": "Activate", - "type": "boolean" + "Actions": { + "$ref": "#/definitions/AWS::Connect::Rule.Actions", + "markdownDescription": "A list of actions to be run when the rule is triggered.", + "title": "Actions" }, - "Description": { - "markdownDescription": "A description of the pipeline.", - "title": "Description", + "Function": { + "markdownDescription": "The conditions of the rule.", + "title": "Function", + "type": "string" + }, + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", + "title": "InstanceArn", "type": "string" }, "Name": { - "markdownDescription": "The name of the pipeline.", + "markdownDescription": "The name of the rule.", "title": "Name", "type": "string" }, - "ParameterObjects": { - "items": { - "$ref": "#/definitions/AWS::DataPipeline::Pipeline.ParameterObject" - }, - "markdownDescription": "The parameter objects used with the pipeline.", - "title": "ParameterObjects", - "type": "array" - }, - "ParameterValues": { - "items": { - "$ref": "#/definitions/AWS::DataPipeline::Pipeline.ParameterValue" - }, - "markdownDescription": "The parameter values used with the pipeline.", - "title": "ParameterValues", - "type": "array" + "PublishStatus": { + "markdownDescription": "The publish status of the rule.\n\n*Allowed values* : `DRAFT` | `PUBLISHED`", + "title": "PublishStatus", + "type": "string" }, - "PipelineObjects": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::DataPipeline::Pipeline.PipelineObject" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The objects that define the pipeline. These objects overwrite the existing pipeline definition. Not all objects, fields, and values can be updated. For information about restrictions, see [Editing Your Pipeline](https://docs.aws.amazon.com/datapipeline/latest/DeveloperGuide/dp-manage-pipeline-modify-console.html) in the *AWS Data Pipeline Developer Guide* .", - "title": "PipelineObjects", + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "title": "Tags", "type": "array" }, - "PipelineTags": { - "items": { - "$ref": "#/definitions/AWS::DataPipeline::Pipeline.PipelineTag" - }, - "markdownDescription": "A list of arbitrary tags (key-value pairs) to associate with the pipeline, which you can use to control permissions. For more information, see [Controlling Access to Pipelines and Resources](https://docs.aws.amazon.com/datapipeline/latest/DeveloperGuide/dp-control-access.html) in the *AWS Data Pipeline Developer Guide* .", - "title": "PipelineTags", - "type": "array" + "TriggerEventSource": { + "$ref": "#/definitions/AWS::Connect::Rule.RuleTriggerEventSource", + "markdownDescription": "The event source to trigger the rule.", + "title": "TriggerEventSource" } }, "required": [ - "Name" + "Actions", + "Function", + "InstanceArn", + "Name", + "PublishStatus", + "TriggerEventSource" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataPipeline::Pipeline" + "AWS::Connect::Rule" ], "type": "string" }, @@ -61237,143 +66709,328 @@ ], "type": "object" }, - "AWS::DataPipeline::Pipeline.Field": { + "AWS::Connect::Rule.Actions": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "Specifies the name of a field for a particular object. To view valid values for a particular field, see [Pipeline Object Reference](https://docs.aws.amazon.com/datapipeline/latest/DeveloperGuide/dp-pipeline-objects.html) in the *AWS Data Pipeline Developer Guide* .", - "title": "Key", - "type": "string" + "AssignContactCategoryActions": { + "items": { + "type": "object" + }, + "markdownDescription": "Information about the contact category action. The syntax can be empty, for example, `{}` .", + "title": "AssignContactCategoryActions", + "type": "array" }, - "RefValue": { - "markdownDescription": "A field value that you specify as an identifier of another object in the same pipeline definition.\n\n> You can specify the field value as either a string value ( `StringValue` ) or a reference to another object ( `RefValue` ), but not both. \n\nRequired if the key that you are using requires it.", - "title": "RefValue", - "type": "string" + "CreateCaseActions": { + "items": { + "$ref": "#/definitions/AWS::Connect::Rule.CreateCaseAction" + }, + "markdownDescription": "", + "title": "CreateCaseActions", + "type": "array" }, - "StringValue": { - "markdownDescription": "A field value that you specify as a string. To view valid values for a particular field, see [Pipeline Object Reference](https://docs.aws.amazon.com/datapipeline/latest/DeveloperGuide/dp-pipeline-objects.html) in the *AWS Data Pipeline Developer Guide* .\n\n> You can specify the field value as either a string value ( `StringValue` ) or a reference to another object ( `RefValue` ), but not both. \n\nRequired if the key that you are using requires it.", - "title": "StringValue", - "type": "string" + "EndAssociatedTasksActions": { + "items": { + "type": "object" + }, + "markdownDescription": "", + "title": "EndAssociatedTasksActions", + "type": "array" + }, + "EventBridgeActions": { + "items": { + "$ref": "#/definitions/AWS::Connect::Rule.EventBridgeAction" + }, + "markdownDescription": "Information about the EventBridge action.", + "title": "EventBridgeActions", + "type": "array" + }, + "SendNotificationActions": { + "items": { + "$ref": "#/definitions/AWS::Connect::Rule.SendNotificationAction" + }, + "markdownDescription": "Information about the send notification action.", + "title": "SendNotificationActions", + "type": "array" + }, + "SubmitAutoEvaluationActions": { + "items": { + "$ref": "#/definitions/AWS::Connect::Rule.SubmitAutoEvaluationAction" + }, + "markdownDescription": "", + "title": "SubmitAutoEvaluationActions", + "type": "array" + }, + "TaskActions": { + "items": { + "$ref": "#/definitions/AWS::Connect::Rule.TaskAction" + }, + "markdownDescription": "Information about the task action. This field is required if `TriggerEventSource` is one of the following values: `OnZendeskTicketCreate` | `OnZendeskTicketStatusUpdate` | `OnSalesforceCaseCreate`", + "title": "TaskActions", + "type": "array" + }, + "UpdateCaseActions": { + "items": { + "$ref": "#/definitions/AWS::Connect::Rule.UpdateCaseAction" + }, + "markdownDescription": "", + "title": "UpdateCaseActions", + "type": "array" } }, - "required": [ - "Key" - ], "type": "object" }, - "AWS::DataPipeline::Pipeline.ParameterAttribute": { + "AWS::Connect::Rule.CreateCaseAction": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The field identifier.", - "title": "Key", - "type": "string" - }, - "StringValue": { - "markdownDescription": "The field value, expressed as a String.", - "title": "StringValue", - "type": "string" - } + "Fields": { + "items": { + "$ref": "#/definitions/AWS::Connect::Rule.Field" + }, + "markdownDescription": "", + "title": "Fields", + "type": "array" + }, + "TemplateId": { + "markdownDescription": "", + "title": "TemplateId", + "type": "string" + } }, "required": [ - "Key", - "StringValue" + "Fields", + "TemplateId" ], "type": "object" }, - "AWS::DataPipeline::Pipeline.ParameterObject": { + "AWS::Connect::Rule.EventBridgeAction": { "additionalProperties": false, "properties": { - "Attributes": { - "items": { - "$ref": "#/definitions/AWS::DataPipeline::Pipeline.ParameterAttribute" - }, - "markdownDescription": "The attributes of the parameter object.", - "title": "Attributes", - "type": "array" - }, - "Id": { - "markdownDescription": "The ID of the parameter object.", - "title": "Id", + "Name": { + "markdownDescription": "The name.", + "title": "Name", "type": "string" } }, "required": [ - "Attributes", - "Id" + "Name" ], "type": "object" }, - "AWS::DataPipeline::Pipeline.ParameterValue": { + "AWS::Connect::Rule.Field": { "additionalProperties": false, "properties": { "Id": { - "markdownDescription": "The ID of the parameter value.", + "markdownDescription": "", "title": "Id", "type": "string" }, - "StringValue": { - "markdownDescription": "The field value, expressed as a String.", - "title": "StringValue", - "type": "string" + "Value": { + "$ref": "#/definitions/AWS::Connect::Rule.FieldValue", + "markdownDescription": "", + "title": "Value" } }, "required": [ "Id", - "StringValue" + "Value" ], "type": "object" }, - "AWS::DataPipeline::Pipeline.PipelineObject": { + "AWS::Connect::Rule.FieldValue": { "additionalProperties": false, "properties": { - "Fields": { + "BooleanValue": { + "markdownDescription": "", + "title": "BooleanValue", + "type": "boolean" + }, + "DoubleValue": { + "markdownDescription": "", + "title": "DoubleValue", + "type": "number" + }, + "EmptyValue": { + "markdownDescription": "", + "title": "EmptyValue", + "type": "object" + }, + "StringValue": { + "markdownDescription": "", + "title": "StringValue", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Connect::Rule.NotificationRecipientType": { + "additionalProperties": false, + "properties": { + "UserArns": { "items": { - "$ref": "#/definitions/AWS::DataPipeline::Pipeline.Field" + "type": "string" }, - "markdownDescription": "Key-value pairs that define the properties of the object.", - "title": "Fields", + "markdownDescription": "The Amazon Resource Name (ARN) of the user account.", + "title": "UserArns", "type": "array" }, - "Id": { - "markdownDescription": "The ID of the object.", - "title": "Id", + "UserTags": { + "additionalProperties": true, + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }. Amazon Connect users with the specified tags will be notified.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "UserTags", + "type": "object" + } + }, + "type": "object" + }, + "AWS::Connect::Rule.Reference": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "The type of the reference. `DATE` must be of type Epoch timestamp.\n\n*Allowed values* : `URL` | `ATTACHMENT` | `NUMBER` | `STRING` | `DATE` | `EMAIL`", + "title": "Type", "type": "string" }, - "Name": { - "markdownDescription": "The name of the object.", - "title": "Name", + "Value": { + "markdownDescription": "A valid value for the reference. For example, for a URL reference, a formatted URL that is displayed to an agent in the Contact Control Panel (CCP).", + "title": "Value", "type": "string" } }, "required": [ - "Fields", - "Id", - "Name" + "Type", + "Value" ], "type": "object" }, - "AWS::DataPipeline::Pipeline.PipelineTag": { + "AWS::Connect::Rule.RuleTriggerEventSource": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The key name of a tag.", - "title": "Key", + "EventSourceName": { + "markdownDescription": "The name of the event source.", + "title": "EventSourceName", "type": "string" }, - "Value": { - "markdownDescription": "The value to associate with the key name.", - "title": "Value", + "IntegrationAssociationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the integration association. `IntegrationAssociationArn` is required if `TriggerEventSource` is one of the following values: `OnZendeskTicketCreate` | `OnZendeskTicketStatusUpdate` | `OnSalesforceCaseCreate`", + "title": "IntegrationAssociationArn", "type": "string" } }, "required": [ - "Key", - "Value" + "EventSourceName" ], "type": "object" }, - "AWS::DataSync::Agent": { + "AWS::Connect::Rule.SendNotificationAction": { + "additionalProperties": false, + "properties": { + "Content": { + "markdownDescription": "Notification content. Supports variable injection. For more information, see [JSONPath reference](https://docs.aws.amazon.com/connect/latest/adminguide/contact-lens-variable-injection.html) in the *Amazon Connect Administrators Guide* .", + "title": "Content", + "type": "string" + }, + "ContentType": { + "markdownDescription": "Content type format.\n\n*Allowed value* : `PLAIN_TEXT`", + "title": "ContentType", + "type": "string" + }, + "DeliveryMethod": { + "markdownDescription": "Notification delivery method.\n\n*Allowed value* : `EMAIL`", + "title": "DeliveryMethod", + "type": "string" + }, + "Recipient": { + "$ref": "#/definitions/AWS::Connect::Rule.NotificationRecipientType", + "markdownDescription": "Notification recipient.", + "title": "Recipient" + }, + "Subject": { + "markdownDescription": "The subject of the email if the delivery method is `EMAIL` . Supports variable injection. For more information, see [JSONPath reference](https://docs.aws.amazon.com/connect/latest/adminguide/contact-lens-variable-injection.html) in the *Amazon Connect Administrators Guide* .", + "title": "Subject", + "type": "string" + } + }, + "required": [ + "Content", + "ContentType", + "DeliveryMethod", + "Recipient" + ], + "type": "object" + }, + "AWS::Connect::Rule.SubmitAutoEvaluationAction": { + "additionalProperties": false, + "properties": { + "EvaluationFormArn": { + "markdownDescription": "", + "title": "EvaluationFormArn", + "type": "string" + } + }, + "required": [ + "EvaluationFormArn" + ], + "type": "object" + }, + "AWS::Connect::Rule.TaskAction": { + "additionalProperties": false, + "properties": { + "ContactFlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", + "title": "ContactFlowArn", + "type": "string" + }, + "Description": { + "markdownDescription": "The description. Supports variable injection. For more information, see [JSONPath reference](https://docs.aws.amazon.com/connect/latest/adminguide/contact-lens-variable-injection.html) in the *Amazon Connect Administrators Guide* .", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name. Supports variable injection. For more information, see [JSONPath reference](https://docs.aws.amazon.com/connect/latest/adminguide/contact-lens-variable-injection.html) in the *Amazon Connect Administrators Guide* .", + "title": "Name", + "type": "string" + }, + "References": { + "additionalProperties": false, + "markdownDescription": "Information about the reference when the `referenceType` is `URL` . Otherwise, null. `URL` is the only accepted type. (Supports variable injection in the `Value` field.)", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::Connect::Rule.Reference" + } + }, + "title": "References", + "type": "object" + } + }, + "required": [ + "ContactFlowArn", + "Name" + ], + "type": "object" + }, + "AWS::Connect::Rule.UpdateCaseAction": { + "additionalProperties": false, + "properties": { + "Fields": { + "items": { + "$ref": "#/definitions/AWS::Connect::Rule.Field" + }, + "markdownDescription": "", + "title": "Fields", + "type": "array" + } + }, + "required": [ + "Fields" + ], + "type": "object" + }, + "AWS::Connect::SecurityKey": { "additionalProperties": false, "properties": { "Condition": { @@ -61408,51 +67065,26 @@ "Properties": { "additionalProperties": false, "properties": { - "ActivationKey": { - "markdownDescription": "Specifies your DataSync agent's activation key. If you don't have an activation key, see [Activating your agent](https://docs.aws.amazon.com/datasync/latest/userguide/activate-agent.html) .", - "title": "ActivationKey", - "type": "string" - }, - "AgentName": { - "markdownDescription": "Specifies a name for your agent. We recommend specifying a name that you can remember.", - "title": "AgentName", + "InstanceId": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance.\n\n*Minimum* : `1`\n\n*Maximum* : `100`", + "title": "InstanceId", "type": "string" }, - "SecurityGroupArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Names (ARNs) of the security groups used to protect your data transfer task subnets. See [SecurityGroupArns](https://docs.aws.amazon.com/datasync/latest/userguide/API_Ec2Config.html#DataSync-Type-Ec2Config-SecurityGroupArns) .\n\n*Pattern* : `^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):ec2:[a-z\\-0-9]*:[0-9]{12}:security-group/.*$`", - "title": "SecurityGroupArns", - "type": "array" - }, - "SubnetArns": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the ARN of the subnet where your VPC service endpoint is located. You can only specify one ARN.", - "title": "SubnetArns", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least one tag for your agent.", - "title": "Tags", - "type": "array" - }, - "VpcEndpointId": { - "markdownDescription": "The ID of the virtual private cloud (VPC) endpoint that the agent has access to. This is the client-side VPC endpoint, powered by AWS PrivateLink . If you don't have an AWS PrivateLink VPC endpoint, see [AWS PrivateLink and VPC endpoints](https://docs.aws.amazon.com//vpc/latest/userguide/endpoint-services-overview.html) in the *Amazon VPC User Guide* .\n\nFor more information about activating your agent in a private network based on a VPC, see [Using AWS DataSync in a Virtual Private Cloud](https://docs.aws.amazon.com/datasync/latest/userguide/datasync-in-vpc.html) in the *AWS DataSync User Guide.*\n\nA VPC endpoint ID looks like this: `vpce-01234d5aff67890e1` .", - "title": "VpcEndpointId", + "Key": { + "markdownDescription": "A valid security key in PEM format. For example:\n\n`\"-----BEGIN PUBLIC KEY-----\\ [a lot of characters] ----END PUBLIC KEY-----\"`\n\n*Minimum* : `1`\n\n*Maximum* : `1024`", + "title": "Key", "type": "string" } }, + "required": [ + "InstanceId", + "Key" + ], "type": "object" }, "Type": { "enum": [ - "AWS::DataSync::Agent" + "AWS::Connect::SecurityKey" ], "type": "string" }, @@ -61466,11 +67098,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::DataSync::LocationAzureBlob": { + "AWS::Connect::SecurityProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -61505,62 +67138,84 @@ "Properties": { "additionalProperties": false, "properties": { - "AgentArns": { + "AllowedAccessControlHierarchyGroupId": { + "markdownDescription": "The identifier of the hierarchy group that a security profile uses to restrict access to resources in Amazon Connect.", + "title": "AllowedAccessControlHierarchyGroupId", + "type": "string" + }, + "AllowedAccessControlTags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "(Optional) Specifies the Amazon Resource Name (ARN) of the DataSync agent that can connect with your Azure Blob Storage container. If you are setting up an agentless cross-cloud transfer, you do not need to specify a value for this parameter.\n\nYou can specify more than one agent. For more information, see [Using multiple agents for your transfer](https://docs.aws.amazon.com/datasync/latest/userguide/multiple-agents.html) .\n\n> Make sure you configure this parameter correctly when you first create your storage location. You cannot add or remove agents from a storage location after you create it.", - "title": "AgentArns", + "markdownDescription": "The list of tags that a security profile uses to restrict access to resources in Amazon Connect.", + "title": "AllowedAccessControlTags", "type": "array" }, - "AzureAccessTier": { - "markdownDescription": "Specifies the access tier that you want your objects or files transferred into. This only applies when using the location as a transfer destination. For more information, see [Access tiers](https://docs.aws.amazon.com/datasync/latest/userguide/creating-azure-blob-location.html#azure-blob-access-tiers) .", - "title": "AzureAccessTier", - "type": "string" + "Applications": { + "items": { + "$ref": "#/definitions/AWS::Connect::SecurityProfile.Application" + }, + "markdownDescription": "", + "title": "Applications", + "type": "array" }, - "AzureBlobAuthenticationType": { - "markdownDescription": "Specifies the authentication method DataSync uses to access your Azure Blob Storage. DataSync can access blob storage using a shared access signature (SAS).", - "title": "AzureBlobAuthenticationType", + "Description": { + "markdownDescription": "The description of the security profile.", + "title": "Description", "type": "string" }, - "AzureBlobContainerUrl": { - "markdownDescription": "Specifies the URL of the Azure Blob Storage container involved in your transfer.", - "title": "AzureBlobContainerUrl", + "HierarchyRestrictedResources": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of resources that a security profile applies hierarchy restrictions to in Amazon Connect. Following are acceptable ResourceNames: `User` .", + "title": "HierarchyRestrictedResources", + "type": "array" + }, + "InstanceArn": { + "markdownDescription": "The identifier of the Amazon Connect instance.", + "title": "InstanceArn", "type": "string" }, - "AzureBlobSasConfiguration": { - "$ref": "#/definitions/AWS::DataSync::LocationAzureBlob.AzureBlobSasConfiguration", - "markdownDescription": "Specifies the SAS configuration that allows DataSync to access your Azure Blob Storage.\n\n> If you provide an authentication token using `SasConfiguration` , but do not provide secret configuration details using `CmkSecretConfig` or `CustomSecretConfig` , then DataSync stores the token using your AWS account's secrets manager secret.", - "title": "AzureBlobSasConfiguration" + "Permissions": { + "items": { + "type": "string" + }, + "markdownDescription": "Permissions assigned to the security profile. For a list of valid permissions, see [List of security profile permissions](https://docs.aws.amazon.com/connect/latest/adminguide/security-profile-list.html) .", + "title": "Permissions", + "type": "array" }, - "AzureBlobType": { - "markdownDescription": "Specifies the type of blob that you want your objects or files to be when transferring them into Azure Blob Storage. Currently, DataSync only supports moving data into Azure Blob Storage as block blobs. For more information on blob types, see the [Azure Blob Storage documentation](https://docs.aws.amazon.com/https://learn.microsoft.com/en-us/rest/api/storageservices/understanding-block-blobs--append-blobs--and-page-blobs) .", - "title": "AzureBlobType", + "SecurityProfileName": { + "markdownDescription": "The name for the security profile.", + "title": "SecurityProfileName", "type": "string" }, - "Subdirectory": { - "markdownDescription": "Specifies path segments if you want to limit your transfer to a virtual directory in your container (for example, `/my/images` ).", - "title": "Subdirectory", - "type": "string" + "TagRestrictedResources": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of resources that a security profile applies tag restrictions to in Amazon Connect.", + "title": "TagRestrictedResources", + "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your transfer location.", + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"Tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" } }, "required": [ - "AgentArns", - "AzureBlobAuthenticationType" + "InstanceArn", + "SecurityProfileName" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataSync::LocationAzureBlob" + "AWS::Connect::SecurityProfile" ], "type": "string" }, @@ -61579,21 +67234,30 @@ ], "type": "object" }, - "AWS::DataSync::LocationAzureBlob.AzureBlobSasConfiguration": { + "AWS::Connect::SecurityProfile.Application": { "additionalProperties": false, "properties": { - "AzureBlobSasToken": { - "markdownDescription": "Specifies a SAS token that provides permissions to access your Azure Blob Storage.\n\nThe token is part of the SAS URI string that comes after the storage resource URI and a question mark. A token looks something like this:\n\n`sp=r&st=2023-12-20T14:54:52Z&se=2023-12-20T22:54:52Z&spr=https&sv=2021-06-08&sr=c&sig=aBBKDWQvyuVcTPH9EBp%2FXTI9E%2F%2Fmq171%2BZU178wcwqU%3D`", - "title": "AzureBlobSasToken", + "ApplicationPermissions": { + "items": { + "type": "string" + }, + "markdownDescription": "The permissions that the agent is granted on the application. Only the `ACCESS` permission is supported.", + "title": "ApplicationPermissions", + "type": "array" + }, + "Namespace": { + "markdownDescription": "Namespace of the application that you want to give access to.", + "title": "Namespace", "type": "string" } }, "required": [ - "AzureBlobSasToken" + "ApplicationPermissions", + "Namespace" ], "type": "object" }, - "AWS::DataSync::LocationEFS": { + "AWS::Connect::TaskTemplate": { "additionalProperties": false, "properties": { "Condition": { @@ -61628,53 +67292,79 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessPointArn": { - "markdownDescription": "Specifies the Amazon Resource Name (ARN) of the access point that DataSync uses to mount your Amazon EFS file system.\n\nFor more information, see [Accessing restricted file systems](https://docs.aws.amazon.com/datasync/latest/userguide/create-efs-location.html#create-efs-location-iam) .", - "title": "AccessPointArn", + "ClientToken": { + "markdownDescription": "A unique, case-sensitive identifier that you provide to ensure the idempotency of the request.", + "title": "ClientToken", "type": "string" }, - "Ec2Config": { - "$ref": "#/definitions/AWS::DataSync::LocationEFS.Ec2Config", - "markdownDescription": "Specifies the subnet and security groups DataSync uses to connect to one of your Amazon EFS file system's [mount targets](https://docs.aws.amazon.com/efs/latest/ug/accessing-fs.html) .", - "title": "Ec2Config" + "Constraints": { + "$ref": "#/definitions/AWS::Connect::TaskTemplate.Constraints", + "markdownDescription": "Constraints that are applicable to the fields listed.\n\nThe values can be represented in either JSON or YAML format. For an example of the JSON configuration, see *Examples* at the bottom of this page.", + "title": "Constraints" }, - "EfsFilesystemArn": { - "markdownDescription": "Specifies the ARN for your Amazon EFS file system.", - "title": "EfsFilesystemArn", + "ContactFlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the flow that runs by default when a task is created by referencing this template. `ContactFlowArn` is not required when there is a field with `fieldType` = `QUICK_CONNECT` .", + "title": "ContactFlowArn", "type": "string" }, - "FileSystemAccessRoleArn": { - "markdownDescription": "Specifies an AWS Identity and Access Management (IAM) role that allows DataSync to access your Amazon EFS file system.\n\nFor information on creating this role, see [Creating a DataSync IAM role for file system access](https://docs.aws.amazon.com/datasync/latest/userguide/create-efs-location.html#create-efs-location-iam-role) .", - "title": "FileSystemAccessRoleArn", + "Defaults": { + "items": { + "$ref": "#/definitions/AWS::Connect::TaskTemplate.DefaultFieldValue" + }, + "markdownDescription": "The default values for fields when a task is created by referencing this template.", + "title": "Defaults", + "type": "array" + }, + "Description": { + "markdownDescription": "The description of the task template.", + "title": "Description", "type": "string" }, - "InTransitEncryption": { - "markdownDescription": "Specifies whether you want DataSync to use Transport Layer Security (TLS) 1.2 encryption when it transfers data to or from your Amazon EFS file system.\n\nIf you specify an access point using `AccessPointArn` or an IAM role using `FileSystemAccessRoleArn` , you must set this parameter to `TLS1_2` .", - "title": "InTransitEncryption", + "Fields": { + "items": { + "$ref": "#/definitions/AWS::Connect::TaskTemplate.Field" + }, + "markdownDescription": "Fields that are part of the template. A template requires at least one field that has type `Name` .", + "title": "Fields", + "type": "array" + }, + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Connect instance.", + "title": "InstanceArn", "type": "string" }, - "Subdirectory": { - "markdownDescription": "Specifies a mount path for your Amazon EFS file system. This is where DataSync reads or writes data on your file system (depending on if this is a source or destination location).\n\nBy default, DataSync uses the root directory (or [access point](https://docs.aws.amazon.com/efs/latest/ug/efs-access-points.html) if you provide one by using `AccessPointArn` ). You can also include subdirectories using forward slashes (for example, `/path/to/folder` ).", - "title": "Subdirectory", + "Name": { + "markdownDescription": "The name of the task template.", + "title": "Name", + "type": "string" + }, + "SelfAssignContactFlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", + "title": "SelfAssignContactFlowArn", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the task template.", + "title": "Status", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Specifies the key-value pair that represents a tag that you want to add to the resource. The value can be an empty string. This value helps you manage, filter, and search for your resources. We recommend that you create a name tag for your location.", + "markdownDescription": "The tags used to organize, track, or control access for this resource.", "title": "Tags", "type": "array" } }, "required": [ - "Ec2Config" + "InstanceArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataSync::LocationEFS" + "AWS::Connect::TaskTemplate" ], "type": "string" }, @@ -61693,30 +67383,146 @@ ], "type": "object" }, - "AWS::DataSync::LocationEFS.Ec2Config": { + "AWS::Connect::TaskTemplate.Constraints": { "additionalProperties": false, "properties": { - "SecurityGroupArns": { + "InvisibleFields": { + "items": { + "$ref": "#/definitions/AWS::Connect::TaskTemplate.InvisibleFieldInfo" + }, + "markdownDescription": "Lists the fields that are invisible to agents.", + "title": "InvisibleFields", + "type": "array" + }, + "ReadOnlyFields": { + "items": { + "$ref": "#/definitions/AWS::Connect::TaskTemplate.ReadOnlyFieldInfo" + }, + "markdownDescription": "Lists the fields that are read-only to agents, and cannot be edited.", + "title": "ReadOnlyFields", + "type": "array" + }, + "RequiredFields": { + "items": { + "$ref": "#/definitions/AWS::Connect::TaskTemplate.RequiredFieldInfo" + }, + "markdownDescription": "Lists the fields that are required to be filled by agents.", + "title": "RequiredFields", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Connect::TaskTemplate.DefaultFieldValue": { + "additionalProperties": false, + "properties": { + "DefaultValue": { + "markdownDescription": "Default value for the field.", + "title": "DefaultValue", + "type": "string" + }, + "Id": { + "$ref": "#/definitions/AWS::Connect::TaskTemplate.FieldIdentifier", + "markdownDescription": "Identifier of a field.", + "title": "Id" + } + }, + "required": [ + "DefaultValue", + "Id" + ], + "type": "object" + }, + "AWS::Connect::TaskTemplate.Field": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the field.", + "title": "Description", + "type": "string" + }, + "Id": { + "$ref": "#/definitions/AWS::Connect::TaskTemplate.FieldIdentifier", + "markdownDescription": "The unique identifier for the field.", + "title": "Id" + }, + "SingleSelectOptions": { "items": { "type": "string" }, - "markdownDescription": "Specifies the Amazon Resource Names (ARNs) of the security groups associated with an Amazon EFS file system's mount target.", - "title": "SecurityGroupArns", + "markdownDescription": "A list of options for a single select field.", + "title": "SingleSelectOptions", "type": "array" }, - "SubnetArn": { - "markdownDescription": "Specifies the ARN of a subnet where DataSync creates the [network interfaces](https://docs.aws.amazon.com/datasync/latest/userguide/datasync-network.html#required-network-interfaces) for managing traffic during your transfer.\n\nThe subnet must be located:\n\n- In the same virtual private cloud (VPC) as the Amazon EFS file system.\n- In the same Availability Zone as at least one mount target for the Amazon EFS file system.\n\n> You don't need to specify a subnet that includes a file system mount target.", - "title": "SubnetArn", + "Type": { + "markdownDescription": "Indicates the type of field. Following are the valid field types: `NAME` `DESCRIPTION` | `SCHEDULED_TIME` | `QUICK_CONNECT` | `URL` | `NUMBER` | `TEXT` | `TEXT_AREA` | `DATE_TIME` | `BOOLEAN` | `SINGLE_SELECT` | `EMAIL`", + "title": "Type", "type": "string" } }, "required": [ - "SecurityGroupArns", - "SubnetArn" + "Id", + "Type" ], "type": "object" }, - "AWS::DataSync::LocationFSxLustre": { + "AWS::Connect::TaskTemplate.FieldIdentifier": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the task template field.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::Connect::TaskTemplate.InvisibleFieldInfo": { + "additionalProperties": false, + "properties": { + "Id": { + "$ref": "#/definitions/AWS::Connect::TaskTemplate.FieldIdentifier", + "markdownDescription": "Identifier of the invisible field.", + "title": "Id" + } + }, + "required": [ + "Id" + ], + "type": "object" + }, + "AWS::Connect::TaskTemplate.ReadOnlyFieldInfo": { + "additionalProperties": false, + "properties": { + "Id": { + "$ref": "#/definitions/AWS::Connect::TaskTemplate.FieldIdentifier", + "markdownDescription": "Identifier of the read-only field.", + "title": "Id" + } + }, + "required": [ + "Id" + ], + "type": "object" + }, + "AWS::Connect::TaskTemplate.RequiredFieldInfo": { + "additionalProperties": false, + "properties": { + "Id": { + "$ref": "#/definitions/AWS::Connect::TaskTemplate.FieldIdentifier", + "markdownDescription": "The unique identifier for the field.", + "title": "Id" + } + }, + "required": [ + "Id" + ], + "type": "object" + }, + "AWS::Connect::TrafficDistributionGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -61751,41 +67557,39 @@ "Properties": { "additionalProperties": false, "properties": { - "FsxFilesystemArn": { - "markdownDescription": "Specifies the Amazon Resource Name (ARN) of the FSx for Lustre file system.", - "title": "FsxFilesystemArn", + "Description": { + "markdownDescription": "The description of the traffic distribution group.", + "title": "Description", "type": "string" }, - "SecurityGroupArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The ARNs of the security groups that are used to configure the FSx for Lustre file system.\n\n*Pattern* : `^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):ec2:[a-z\\-0-9]*:[0-9]{12}:security-group/.*$`\n\n*Length constraints* : Maximum length of 128.", - "title": "SecurityGroupArns", - "type": "array" + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN).", + "title": "InstanceArn", + "type": "string" }, - "Subdirectory": { - "markdownDescription": "Specifies a mount path for your FSx for Lustre file system. The path can include subdirectories.\n\nWhen the location is used as a source, DataSync reads data from the mount path. When the location is used as a destination, DataSync writes data to the mount path. If you don't include this parameter, DataSync uses the file system's root directory ( `/` ).", - "title": "Subdirectory", + "Name": { + "markdownDescription": "The name of the traffic distribution group.", + "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your location.", + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, {\"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" } }, "required": [ - "SecurityGroupArns" + "InstanceArn", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataSync::LocationFSxLustre" + "AWS::Connect::TrafficDistributionGroup" ], "type": "string" }, @@ -61804,7 +67608,7 @@ ], "type": "object" }, - "AWS::DataSync::LocationFSxONTAP": { + "AWS::Connect::User": { "additionalProperties": false, "properties": { "Condition": { @@ -61839,47 +67643,83 @@ "Properties": { "additionalProperties": false, "properties": { - "Protocol": { - "$ref": "#/definitions/AWS::DataSync::LocationFSxONTAP.Protocol", - "markdownDescription": "Specifies the data transfer protocol that DataSync uses to access your Amazon FSx file system.", - "title": "Protocol" + "DirectoryUserId": { + "markdownDescription": "The identifier of the user account in the directory used for identity management.", + "title": "DirectoryUserId", + "type": "string" }, - "SecurityGroupArns": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the Amazon Resource Names (ARNs) of the security groups that DataSync can use to access your FSx for ONTAP file system. You must configure the security groups to allow outbound traffic on the following ports (depending on the protocol that you're using):\n\n- *Network File System (NFS)* : TCP ports 111, 635, and 2049\n- *Server Message Block (SMB)* : TCP port 445\n\nYour file system's security groups must also allow inbound traffic on the same port.", - "title": "SecurityGroupArns", - "type": "array" + "HierarchyGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the user's hierarchy group.", + "title": "HierarchyGroupArn", + "type": "string" }, - "StorageVirtualMachineArn": { - "markdownDescription": "Specifies the ARN of the storage virtual machine (SVM) in your file system where you want to copy data to or from.", - "title": "StorageVirtualMachineArn", + "IdentityInfo": { + "$ref": "#/definitions/AWS::Connect::User.UserIdentityInfo", + "markdownDescription": "Information about the user identity.", + "title": "IdentityInfo" + }, + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", + "title": "InstanceArn", "type": "string" }, - "Subdirectory": { - "markdownDescription": "Specifies a path to the file share in the SVM where you want to transfer data to or from.\n\nYou can specify a junction path (also known as a mount point), qtree path (for NFS file shares), or share name (for SMB file shares). For example, your mount path might be `/vol1` , `/vol1/tree1` , or `/share1` .\n\n> Don't specify a junction path in the SVM's root volume. For more information, see [Managing FSx for ONTAP storage virtual machines](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-svms.html) in the *Amazon FSx for NetApp ONTAP User Guide* .", - "title": "Subdirectory", + "Password": { + "markdownDescription": "The user's password.", + "title": "Password", + "type": "string" + }, + "PhoneConfig": { + "$ref": "#/definitions/AWS::Connect::User.UserPhoneConfig", + "markdownDescription": "Information about the phone configuration for the user.", + "title": "PhoneConfig" + }, + "RoutingProfileArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the user's routing profile.", + "title": "RoutingProfileArn", "type": "string" }, + "SecurityProfileArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Name (ARN) of the user's security profile.", + "title": "SecurityProfileArns", + "type": "array" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your location.", + "markdownDescription": "The tags.", "title": "Tags", "type": "array" + }, + "UserProficiencies": { + "items": { + "$ref": "#/definitions/AWS::Connect::User.UserProficiency" + }, + "markdownDescription": "One or more predefined attributes assigned to a user, with a numeric value that indicates how their level of skill in a specified area.", + "title": "UserProficiencies", + "type": "array" + }, + "Username": { + "markdownDescription": "The user name assigned to the user account.", + "title": "Username", + "type": "string" } }, "required": [ - "SecurityGroupArns", - "StorageVirtualMachineArn" + "InstanceArn", + "PhoneConfig", + "RoutingProfileArn", + "SecurityProfileArns", + "Username" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataSync::LocationFSxONTAP" + "AWS::Connect::User" ], "type": "string" }, @@ -61898,90 +67738,93 @@ ], "type": "object" }, - "AWS::DataSync::LocationFSxONTAP.NFS": { - "additionalProperties": false, - "properties": { - "MountOptions": { - "$ref": "#/definitions/AWS::DataSync::LocationFSxONTAP.NfsMountOptions", - "markdownDescription": "Specifies how DataSync can access a location using the NFS protocol.", - "title": "MountOptions" - } - }, - "required": [ - "MountOptions" - ], - "type": "object" - }, - "AWS::DataSync::LocationFSxONTAP.NfsMountOptions": { + "AWS::Connect::User.UserIdentityInfo": { "additionalProperties": false, "properties": { - "Version": { - "markdownDescription": "Specifies the NFS version that you want DataSync to use when mounting your NFS share. If the server refuses to use the version specified, the task fails.\n\nYou can specify the following options:\n\n- `AUTOMATIC` (default): DataSync chooses NFS version 4.1.\n- `NFS3` : Stateless protocol version that allows for asynchronous writes on the server.\n- `NFSv4_0` : Stateful, firewall-friendly protocol version that supports delegations and pseudo file systems.\n- `NFSv4_1` : Stateful protocol version that supports sessions, directory delegations, and parallel data processing. NFS version 4.1 also includes all features available in version 4.0.\n\n> DataSync currently only supports NFS version 3 with Amazon FSx for NetApp ONTAP locations.", - "title": "Version", + "Email": { + "markdownDescription": "The email address. If you are using SAML for identity management and include this parameter, an error is returned.", + "title": "Email", "type": "string" - } - }, - "type": "object" - }, - "AWS::DataSync::LocationFSxONTAP.Protocol": { - "additionalProperties": false, - "properties": { - "NFS": { - "$ref": "#/definitions/AWS::DataSync::LocationFSxONTAP.NFS", - "markdownDescription": "Specifies the Network File System (NFS) protocol configuration that DataSync uses to access your FSx for ONTAP file system's storage virtual machine (SVM).", - "title": "NFS" }, - "SMB": { - "$ref": "#/definitions/AWS::DataSync::LocationFSxONTAP.SMB", - "markdownDescription": "Specifies the Server Message Block (SMB) protocol configuration that DataSync uses to access your FSx for ONTAP file system's SVM.", - "title": "SMB" + "FirstName": { + "markdownDescription": "The first name. This is required if you are using Amazon Connect or SAML for identity management. Inputs must be in Unicode Normalization Form C (NFC). Text containing characters in a non-NFC form (for example, decomposed characters or combining marks) are not accepted.", + "title": "FirstName", + "type": "string" + }, + "LastName": { + "markdownDescription": "The last name. This is required if you are using Amazon Connect or SAML for identity management. Inputs must be in Unicode Normalization Form C (NFC). Text containing characters in a non-NFC form (for example, decomposed characters or combining marks) are not accepted.", + "title": "LastName", + "type": "string" + }, + "Mobile": { + "markdownDescription": "The user's mobile number.", + "title": "Mobile", + "type": "string" + }, + "SecondaryEmail": { + "markdownDescription": "The user's secondary email address. If you provide a secondary email, the user receives email notifications -- other than password reset notifications -- to this email address instead of to their primary email address.\n\n*Pattern* : `(?=^.{0,265}$)[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,63}`", + "title": "SecondaryEmail", + "type": "string" } }, "type": "object" }, - "AWS::DataSync::LocationFSxONTAP.SMB": { + "AWS::Connect::User.UserPhoneConfig": { "additionalProperties": false, "properties": { - "Domain": { - "markdownDescription": "Specifies the name of the Windows domain that your storage virtual machine (SVM) belongs to.\n\nIf you have multiple domains in your environment, configuring this setting makes sure that DataSync connects to the right SVM.\n\nIf you have multiple Active Directory domains in your environment, configuring this parameter makes sure that DataSync connects to the right SVM.", - "title": "Domain", - "type": "string" + "AfterContactWorkTimeLimit": { + "markdownDescription": "The After Call Work (ACW) timeout setting, in seconds. This parameter has a minimum value of 0 and a maximum value of 2,000,000 seconds (24 days). Enter 0 if you don't want to allocate a specific amount of ACW time. It essentially means an indefinite amount of time. When the conversation ends, ACW starts; the agent must choose Close contact to end ACW.\n\n> When returned by a `SearchUsers` call, `AfterContactWorkTimeLimit` is returned in milliseconds.", + "title": "AfterContactWorkTimeLimit", + "type": "number" }, - "MountOptions": { - "$ref": "#/definitions/AWS::DataSync::LocationFSxONTAP.SmbMountOptions", - "markdownDescription": "Specifies how DataSync can access a location using the SMB protocol.", - "title": "MountOptions" + "AutoAccept": { + "markdownDescription": "The Auto accept setting.", + "title": "AutoAccept", + "type": "boolean" }, - "Password": { - "markdownDescription": "Specifies the password of a user who has permission to access your SVM.", - "title": "Password", + "DeskPhoneNumber": { + "markdownDescription": "The phone number for the user's desk phone.", + "title": "DeskPhoneNumber", "type": "string" }, - "User": { - "markdownDescription": "Specifies a user name that can mount the location and access the files, folders, and metadata that you need in the SVM.\n\nIf you provide a user in your Active Directory, note the following:\n\n- If you're using AWS Directory Service for Microsoft Active Directory , the user must be a member of the AWS Delegated FSx Administrators group.\n- If you're using a self-managed Active Directory, the user must be a member of either the Domain Admins group or a custom group that you specified for file system administration when you created your file system.\n\nMake sure that the user has the permissions it needs to copy the data you want:\n\n- `SE_TCB_NAME` : Required to set object ownership and file metadata. With this privilege, you also can copy NTFS discretionary access lists (DACLs).\n- `SE_SECURITY_NAME` : May be needed to copy NTFS system access control lists (SACLs). This operation specifically requires the Windows privilege, which is granted to members of the Domain Admins group. If you configure your task to copy SACLs, make sure that the user has the required privileges. For information about copying SACLs, see [Ownership and permissions-related options](https://docs.aws.amazon.com/datasync/latest/userguide/create-task.html#configure-ownership-and-permissions) .", - "title": "User", + "PhoneType": { + "markdownDescription": "The phone type.", + "title": "PhoneType", "type": "string" } }, "required": [ - "MountOptions", - "Password", - "User" + "PhoneType" ], "type": "object" }, - "AWS::DataSync::LocationFSxONTAP.SmbMountOptions": { + "AWS::Connect::User.UserProficiency": { "additionalProperties": false, "properties": { - "Version": { - "markdownDescription": "By default, DataSync automatically chooses an SMB protocol version based on negotiation with your SMB file server. You also can configure DataSync to use a specific SMB version, but we recommend doing this only if DataSync has trouble negotiating with the SMB file server automatically.\n\nThese are the following options for configuring the SMB version:\n\n- `AUTOMATIC` (default): DataSync and the SMB file server negotiate the highest version of SMB that they mutually support between 2.1 and 3.1.1.\n\nThis is the recommended option. If you instead choose a specific version that your file server doesn't support, you may get an `Operation Not Supported` error.\n- `SMB3` : Restricts the protocol negotiation to only SMB version 3.0.2.\n- `SMB2` : Restricts the protocol negotiation to only SMB version 2.1.\n- `SMB2_0` : Restricts the protocol negotiation to only SMB version 2.0.\n- `SMB1` : Restricts the protocol negotiation to only SMB version 1.0.\n\n> The `SMB1` option isn't available when [creating an Amazon FSx for NetApp ONTAP location](https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateLocationFsxOntap.html) .", - "title": "Version", + "AttributeName": { + "markdownDescription": "The name of user\u2019s proficiency. You must use a predefined attribute name that is present in the Amazon Connect instance.", + "title": "AttributeName", + "type": "string" + }, + "AttributeValue": { + "markdownDescription": "The value of user\u2019s proficiency. You must use a predefined attribute value that is present in the Amazon Connect instance.", + "title": "AttributeValue", "type": "string" + }, + "Level": { + "markdownDescription": "The level of the proficiency. The valid values are 1, 2, 3, 4 and 5.", + "title": "Level", + "type": "number" } }, + "required": [ + "AttributeName", + "AttributeValue", + "Level" + ], "type": "object" }, - "AWS::DataSync::LocationFSxOpenZFS": { + "AWS::Connect::UserHierarchyGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -62016,47 +67859,39 @@ "Properties": { "additionalProperties": false, "properties": { - "FsxFilesystemArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the FSx for OpenZFS file system.", - "title": "FsxFilesystemArn", + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the user hierarchy group.", + "title": "InstanceArn", "type": "string" }, - "Protocol": { - "$ref": "#/definitions/AWS::DataSync::LocationFSxOpenZFS.Protocol", - "markdownDescription": "The type of protocol that AWS DataSync uses to access your file system.", - "title": "Protocol" - }, - "SecurityGroupArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The ARNs of the security groups that are used to configure the FSx for OpenZFS file system.\n\n*Pattern* : `^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):ec2:[a-z\\-0-9]*:[0-9]{12}:security-group/.*$`\n\n*Length constraints* : Maximum length of 128.", - "title": "SecurityGroupArns", - "type": "array" + "Name": { + "markdownDescription": "The name of the user hierarchy group.", + "title": "Name", + "type": "string" }, - "Subdirectory": { - "markdownDescription": "A subdirectory in the location's path that must begin with `/fsx` . DataSync uses this subdirectory to read or write data (depending on whether the file system is a source or destination location).", - "title": "Subdirectory", + "ParentGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the parent group.", + "title": "ParentGroupArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The key-value pair that represents a tag that you want to add to the resource. The value can be an empty string. This value helps you manage, filter, and search for your resources. We recommend that you create a name tag for your location.", + "markdownDescription": "An array of key-value pairs to apply to this resource.", "title": "Tags", "type": "array" } }, "required": [ - "Protocol", - "SecurityGroupArns" + "InstanceArn", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataSync::LocationFSxOpenZFS" + "AWS::Connect::UserHierarchyGroup" ], "type": "string" }, @@ -62075,43 +67910,7 @@ ], "type": "object" }, - "AWS::DataSync::LocationFSxOpenZFS.MountOptions": { - "additionalProperties": false, - "properties": { - "Version": { - "markdownDescription": "The specific NFS version that you want DataSync to use to mount your NFS share. If the server refuses to use the version specified, the sync will fail. If you don't specify a version, DataSync defaults to `AUTOMATIC` . That is, DataSync automatically selects a version based on negotiation with the NFS server.\n\nYou can specify the following NFS versions:\n\n- *[NFSv3](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc1813)* : Stateless protocol version that allows for asynchronous writes on the server.\n- *[NFSv4.0](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc3530)* : Stateful, firewall-friendly protocol version that supports delegations and pseudo file systems.\n- *[NFSv4.1](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc5661)* : Stateful protocol version that supports sessions, directory delegations, and parallel data processing. Version 4.1 also includes all features available in version 4.0.", - "title": "Version", - "type": "string" - } - }, - "type": "object" - }, - "AWS::DataSync::LocationFSxOpenZFS.NFS": { - "additionalProperties": false, - "properties": { - "MountOptions": { - "$ref": "#/definitions/AWS::DataSync::LocationFSxOpenZFS.MountOptions", - "markdownDescription": "Represents the mount options that are available for DataSync to access an NFS location.", - "title": "MountOptions" - } - }, - "required": [ - "MountOptions" - ], - "type": "object" - }, - "AWS::DataSync::LocationFSxOpenZFS.Protocol": { - "additionalProperties": false, - "properties": { - "NFS": { - "$ref": "#/definitions/AWS::DataSync::LocationFSxOpenZFS.NFS", - "markdownDescription": "Represents the Network File System (NFS) protocol that DataSync uses to access your FSx for OpenZFS file system.", - "title": "NFS" - } - }, - "type": "object" - }, - "AWS::DataSync::LocationFSxWindows": { + "AWS::Connect::UserHierarchyStructure": { "additionalProperties": false, "properties": { "Condition": { @@ -62146,57 +67945,25 @@ "Properties": { "additionalProperties": false, "properties": { - "Domain": { - "markdownDescription": "Specifies the name of the Windows domain that the FSx for Windows File Server file system belongs to.\n\nIf you have multiple Active Directory domains in your environment, configuring this parameter makes sure that DataSync connects to the right file system.", - "title": "Domain", - "type": "string" - }, - "FsxFilesystemArn": { - "markdownDescription": "Specifies the Amazon Resource Name (ARN) for the FSx for Windows File Server file system.", - "title": "FsxFilesystemArn", - "type": "string" - }, - "Password": { - "markdownDescription": "Specifies the password of the user with the permissions to mount and access the files, folders, and file metadata in your FSx for Windows File Server file system.", - "title": "Password", - "type": "string" - }, - "SecurityGroupArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Names (ARNs) of the security groups that are used to configure the FSx for Windows File Server file system.\n\n*Pattern* : `^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):ec2:[a-z\\-0-9]*:[0-9]{12}:security-group/.*$`\n\n*Length constraints* : Maximum length of 128.", - "title": "SecurityGroupArns", - "type": "array" - }, - "Subdirectory": { - "markdownDescription": "Specifies a mount path for your file system using forward slashes. This is where DataSync reads or writes data (depending on if this is a source or destination location).", - "title": "Subdirectory", + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", + "title": "InstanceArn", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your location.", - "title": "Tags", - "type": "array" - }, - "User": { - "markdownDescription": "The user who has the permissions to access files and folders in the FSx for Windows File Server file system.\n\nFor information about choosing a user name that ensures sufficient permissions to files, folders, and metadata, see [user](https://docs.aws.amazon.com/datasync/latest/userguide/create-fsx-location.html#FSxWuser) .", - "title": "User", - "type": "string" + "UserHierarchyStructure": { + "$ref": "#/definitions/AWS::Connect::UserHierarchyStructure.UserHierarchyStructure", + "markdownDescription": "Contains information about a hierarchy structure.", + "title": "UserHierarchyStructure" } }, "required": [ - "SecurityGroupArns", - "User" + "InstanceArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataSync::LocationFSxWindows" + "AWS::Connect::UserHierarchyStructure" ], "type": "string" }, @@ -62215,299 +67982,158 @@ ], "type": "object" }, - "AWS::DataSync::LocationHDFS": { + "AWS::Connect::UserHierarchyStructure.LevelFive": { "additionalProperties": false, "properties": { - "Condition": { + "HierarchyLevelArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the hierarchy level.", + "title": "HierarchyLevelArn", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "HierarchyLevelId": { + "markdownDescription": "The identifier of the hierarchy level.", + "title": "HierarchyLevelId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Name": { + "markdownDescription": "The name of the hierarchy level.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::Connect::UserHierarchyStructure.LevelFour": { + "additionalProperties": false, + "properties": { + "HierarchyLevelArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the hierarchy level.", + "title": "HierarchyLevelArn", + "type": "string" }, - "Metadata": { - "type": "object" + "HierarchyLevelId": { + "markdownDescription": "The identifier of the hierarchy level.", + "title": "HierarchyLevelId", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AgentArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Names (ARNs) of the DataSync agents that can connect to your HDFS cluster.", - "title": "AgentArns", - "type": "array" - }, - "AuthenticationType": { - "markdownDescription": "", - "title": "AuthenticationType", - "type": "string" - }, - "BlockSize": { - "markdownDescription": "The size of data blocks to write into the HDFS cluster. The block size must be a multiple of 512 bytes. The default block size is 128 mebibytes (MiB).", - "title": "BlockSize", - "type": "number" - }, - "KerberosKeytab": { - "markdownDescription": "The Kerberos key table (keytab) that contains mappings between the defined Kerberos principal and the encrypted keys. Provide the base64-encoded file text. If `KERBEROS` is specified for `AuthType` , this value is required.", - "title": "KerberosKeytab", - "type": "string" - }, - "KerberosKrb5Conf": { - "markdownDescription": "The `krb5.conf` file that contains the Kerberos configuration information. You can load the `krb5.conf` by providing a string of the file's contents or an Amazon S3 presigned URL of the file. If `KERBEROS` is specified for `AuthType` , this value is required.", - "title": "KerberosKrb5Conf", - "type": "string" - }, - "KerberosPrincipal": { - "markdownDescription": "The Kerberos principal with access to the files and folders on the HDFS cluster.\n\n> If `KERBEROS` is specified for `AuthenticationType` , this parameter is required.", - "title": "KerberosPrincipal", - "type": "string" - }, - "KmsKeyProviderUri": { - "markdownDescription": "The URI of the HDFS cluster's Key Management Server (KMS).", - "title": "KmsKeyProviderUri", - "type": "string" - }, - "NameNodes": { - "items": { - "$ref": "#/definitions/AWS::DataSync::LocationHDFS.NameNode" - }, - "markdownDescription": "The NameNode that manages the HDFS namespace. The NameNode performs operations such as opening, closing, and renaming files and directories. The NameNode contains the information to map blocks of data to the DataNodes. You can use only one NameNode.", - "title": "NameNodes", - "type": "array" - }, - "QopConfiguration": { - "$ref": "#/definitions/AWS::DataSync::LocationHDFS.QopConfiguration", - "markdownDescription": "The Quality of Protection (QOP) configuration specifies the Remote Procedure Call (RPC) and data transfer protection settings configured on the Hadoop Distributed File System (HDFS) cluster. If `QopConfiguration` isn't specified, `RpcProtection` and `DataTransferProtection` default to `PRIVACY` . If you set `RpcProtection` or `DataTransferProtection` , the other parameter assumes the same value.", - "title": "QopConfiguration" - }, - "ReplicationFactor": { - "markdownDescription": "The number of DataNodes to replicate the data to when writing to the HDFS cluster. By default, data is replicated to three DataNodes.", - "title": "ReplicationFactor", - "type": "number" - }, - "SimpleUser": { - "markdownDescription": "The user name used to identify the client on the host operating system.\n\n> If `SIMPLE` is specified for `AuthenticationType` , this parameter is required.", - "title": "SimpleUser", - "type": "string" - }, - "Subdirectory": { - "markdownDescription": "A subdirectory in the HDFS cluster. This subdirectory is used to read data from or write data to the HDFS cluster. If the subdirectory isn't specified, it will default to `/` .", - "title": "Subdirectory", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The key-value pair that represents the tag that you want to add to the location. The value can be an empty string. We recommend using tags to name your resources.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "AgentArns", - "AuthenticationType", - "NameNodes" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::DataSync::LocationHDFS" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "The name of the hierarchy level.", + "title": "Name", "type": "string" } }, "required": [ - "Type", - "Properties" + "Name" ], "type": "object" }, - "AWS::DataSync::LocationHDFS.NameNode": { + "AWS::Connect::UserHierarchyStructure.LevelOne": { "additionalProperties": false, "properties": { - "Hostname": { - "markdownDescription": "The hostname of the NameNode in the HDFS cluster. This value is the IP address or Domain Name Service (DNS) name of the NameNode. An agent that's installed on-premises uses this hostname to communicate with the NameNode in the network.", - "title": "Hostname", + "HierarchyLevelArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the hierarchy level.", + "title": "HierarchyLevelArn", "type": "string" }, - "Port": { - "markdownDescription": "The port that the NameNode uses to listen to client requests.", - "title": "Port", - "type": "number" + "HierarchyLevelId": { + "markdownDescription": "The identifier of the hierarchy level.", + "title": "HierarchyLevelId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the hierarchy level.", + "title": "Name", + "type": "string" } }, "required": [ - "Hostname", - "Port" + "Name" ], "type": "object" }, - "AWS::DataSync::LocationHDFS.QopConfiguration": { + "AWS::Connect::UserHierarchyStructure.LevelThree": { "additionalProperties": false, "properties": { - "DataTransferProtection": { - "markdownDescription": "The data transfer protection setting configured on the HDFS cluster. This setting corresponds to your `dfs.data.transfer.protection` setting in the `hdfs-site.xml` file on your Hadoop cluster.", - "title": "DataTransferProtection", + "HierarchyLevelArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the hierarchy level.", + "title": "HierarchyLevelArn", "type": "string" }, - "RpcProtection": { - "markdownDescription": "The Remote Procedure Call (RPC) protection setting configured on the HDFS cluster. This setting corresponds to your `hadoop.rpc.protection` setting in your `core-site.xml` file on your Hadoop cluster.", - "title": "RpcProtection", + "HierarchyLevelId": { + "markdownDescription": "", + "title": "HierarchyLevelId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the hierarchy level.", + "title": "Name", "type": "string" } }, + "required": [ + "Name" + ], "type": "object" }, - "AWS::DataSync::LocationNFS": { + "AWS::Connect::UserHierarchyStructure.LevelTwo": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "HierarchyLevelArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the hierarchy level.", + "title": "HierarchyLevelArn", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "MountOptions": { - "$ref": "#/definitions/AWS::DataSync::LocationNFS.MountOptions", - "markdownDescription": "Specifies the options that DataSync can use to mount your NFS file server.", - "title": "MountOptions" - }, - "OnPremConfig": { - "$ref": "#/definitions/AWS::DataSync::LocationNFS.OnPremConfig", - "markdownDescription": "Specifies the Amazon Resource Name (ARN) of the DataSync agent that can connect to your NFS file server.\n\nYou can specify more than one agent. For more information, see [Using multiple DataSync agents](https://docs.aws.amazon.com/datasync/latest/userguide/do-i-need-datasync-agent.html#multiple-agents) .", - "title": "OnPremConfig" - }, - "ServerHostname": { - "markdownDescription": "Specifies the DNS name or IP version 4 address of the NFS file server that your DataSync agent connects to.", - "title": "ServerHostname", - "type": "string" - }, - "Subdirectory": { - "markdownDescription": "Specifies the export path in your NFS file server that you want DataSync to mount.\n\nThis path (or a subdirectory of the path) is where DataSync transfers data to or from. For information on configuring an export for DataSync, see [Accessing NFS file servers](https://docs.aws.amazon.com/datasync/latest/userguide/create-nfs-location.html#accessing-nfs) .", - "title": "Subdirectory", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your location.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "OnPremConfig" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::DataSync::LocationNFS" - ], + "HierarchyLevelId": { + "markdownDescription": "The identifier of the hierarchy level.", + "title": "HierarchyLevelId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "The name of the hierarchy level.", + "title": "Name", "type": "string" } }, "required": [ - "Type", - "Properties" + "Name" ], "type": "object" }, - "AWS::DataSync::LocationNFS.MountOptions": { - "additionalProperties": false, - "properties": { - "Version": { - "markdownDescription": "Specifies the NFS version that you want DataSync to use when mounting your NFS share. If the server refuses to use the version specified, the task fails.\n\nYou can specify the following options:\n\n- `AUTOMATIC` (default): DataSync chooses NFS version 4.1.\n- `NFS3` : Stateless protocol version that allows for asynchronous writes on the server.\n- `NFSv4_0` : Stateful, firewall-friendly protocol version that supports delegations and pseudo file systems.\n- `NFSv4_1` : Stateful protocol version that supports sessions, directory delegations, and parallel data processing. NFS version 4.1 also includes all features available in version 4.0.\n\n> DataSync currently only supports NFS version 3 with Amazon FSx for NetApp ONTAP locations.", - "title": "Version", - "type": "string" - } - }, - "type": "object" - }, - "AWS::DataSync::LocationNFS.OnPremConfig": { + "AWS::Connect::UserHierarchyStructure.UserHierarchyStructure": { "additionalProperties": false, "properties": { - "AgentArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Names (ARNs) of the DataSync agents that can connect to your NFS file server.\n\nYou can specify more than one agent. For more information, see [Using multiple DataSync agents](https://docs.aws.amazon.com/datasync/latest/userguide/do-i-need-datasync-agent.html#multiple-agents) .", - "title": "AgentArns", - "type": "array" + "LevelFive": { + "$ref": "#/definitions/AWS::Connect::UserHierarchyStructure.LevelFive", + "markdownDescription": "", + "title": "LevelFive" + }, + "LevelFour": { + "$ref": "#/definitions/AWS::Connect::UserHierarchyStructure.LevelFour", + "markdownDescription": "The update for level four.", + "title": "LevelFour" + }, + "LevelOne": { + "$ref": "#/definitions/AWS::Connect::UserHierarchyStructure.LevelOne", + "markdownDescription": "The update for level one.", + "title": "LevelOne" + }, + "LevelThree": { + "$ref": "#/definitions/AWS::Connect::UserHierarchyStructure.LevelThree", + "markdownDescription": "The update for level three.", + "title": "LevelThree" + }, + "LevelTwo": { + "$ref": "#/definitions/AWS::Connect::UserHierarchyStructure.LevelTwo", + "markdownDescription": "The update for level two.", + "title": "LevelTwo" } }, - "required": [ - "AgentArns" - ], "type": "object" }, - "AWS::DataSync::LocationObjectStorage": { + "AWS::Connect::View": { "additionalProperties": false, "properties": { "Condition": { @@ -62542,71 +68168,54 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessKey": { - "markdownDescription": "Specifies the access key (for example, a user name) if credentials are required to authenticate with the object storage server.", - "title": "AccessKey", - "type": "string" - }, - "AgentArns": { + "Actions": { "items": { "type": "string" }, - "markdownDescription": "(Optional) Specifies the Amazon Resource Names (ARNs) of the DataSync agents that can connect with your object storage system. If you are setting up an agentless cross-cloud transfer, you do not need to specify a value for this parameter.\n\n> Make sure you configure this parameter correctly when you first create your storage location. You cannot add or remove agents from a storage location after you create it.", - "title": "AgentArns", + "markdownDescription": "A list of actions possible from the view.", + "title": "Actions", "type": "array" }, - "BucketName": { - "markdownDescription": "Specifies the name of the object storage bucket involved in the transfer.", - "title": "BucketName", - "type": "string" - }, - "SecretKey": { - "markdownDescription": "Specifies the secret key (for example, a password) if credentials are required to authenticate with the object storage server.\n\n> If you provide a secret using `SecretKey` , but do not provide secret configuration details using `CmkSecretConfig` or `CustomSecretConfig` , then DataSync stores the token using your AWS account's Secrets Manager secret.", - "title": "SecretKey", - "type": "string" - }, - "ServerCertificate": { - "markdownDescription": "Specifies a certificate chain for DataSync to authenticate with your object storage system if the system uses a private or self-signed certificate authority (CA). You must specify a single `.pem` file with a full certificate chain (for example, `file:///home/user/.ssh/object_storage_certificates.pem` ).\n\nThe certificate chain might include:\n\n- The object storage system's certificate\n- All intermediate certificates (if there are any)\n- The root certificate of the signing CA\n\nYou can concatenate your certificates into a `.pem` file (which can be up to 32768 bytes before base64 encoding). The following example `cat` command creates an `object_storage_certificates.pem` file that includes three certificates:\n\n`cat object_server_certificate.pem intermediate_certificate.pem ca_root_certificate.pem > object_storage_certificates.pem`\n\nTo use this parameter, configure `ServerProtocol` to `HTTPS` .", - "title": "ServerCertificate", - "type": "string" - }, - "ServerHostname": { - "markdownDescription": "Specifies the domain name or IP version 4 (IPv4) address of the object storage server that your DataSync agent connects to.", - "title": "ServerHostname", + "Description": { + "markdownDescription": "The description of the view.", + "title": "Description", "type": "string" }, - "ServerPort": { - "markdownDescription": "Specifies the port that your object storage server accepts inbound network traffic on (for example, port 443).", - "title": "ServerPort", - "type": "number" - }, - "ServerProtocol": { - "markdownDescription": "Specifies the protocol that your object storage server uses to communicate. If not specified, the default value is `HTTPS` .", - "title": "ServerProtocol", + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", + "title": "InstanceArn", "type": "string" }, - "Subdirectory": { - "markdownDescription": "Specifies the object prefix for your object storage server. If this is a source location, DataSync only copies objects with this prefix. If this is a destination location, DataSync writes all objects with this prefix.", - "title": "Subdirectory", + "Name": { + "markdownDescription": "The name of the view.", + "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Specifies the key-value pair that represents a tag that you want to add to the resource. Tags can help you manage, filter, and search for your resources. We recommend creating a name tag for your location.", + "markdownDescription": "The tags associated with the view resource (not specific to view version).", "title": "Tags", "type": "array" + }, + "Template": { + "markdownDescription": "The view template representing the structure of the view.", + "title": "Template", + "type": "object" } }, "required": [ - "AgentArns" + "Actions", + "InstanceArn", + "Name", + "Template" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataSync::LocationObjectStorage" + "AWS::Connect::View" ], "type": "string" }, @@ -62625,7 +68234,7 @@ ], "type": "object" }, - "AWS::DataSync::LocationS3": { + "AWS::Connect::ViewVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -62660,43 +68269,30 @@ "Properties": { "additionalProperties": false, "properties": { - "S3BucketArn": { - "markdownDescription": "The ARN of the Amazon S3 bucket.", - "title": "S3BucketArn", + "VersionDescription": { + "markdownDescription": "The description of the view version.", + "title": "VersionDescription", "type": "string" }, - "S3Config": { - "$ref": "#/definitions/AWS::DataSync::LocationS3.S3Config", - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that is used to access an Amazon S3 bucket.\n\nFor detailed information about using such a role, see [Creating a Location for Amazon S3](https://docs.aws.amazon.com/datasync/latest/userguide/working-with-locations.html#create-s3-location) in the *AWS DataSync User Guide* .", - "title": "S3Config" - }, - "S3StorageClass": { - "markdownDescription": "The Amazon S3 storage class that you want to store your files in when this location is used as a task destination. For buckets in AWS Regions , the storage class defaults to S3 Standard.\n\nFor more information about S3 storage classes, see [Amazon S3 Storage Classes](https://docs.aws.amazon.com/s3/storage-classes/) . Some storage classes have behaviors that can affect your S3 storage costs. For detailed information, see [Considerations When Working with Amazon S3 Storage Classes in DataSync](https://docs.aws.amazon.com/datasync/latest/userguide/create-s3-location.html#using-storage-classes) .", - "title": "S3StorageClass", + "ViewArn": { + "markdownDescription": "The unqualified Amazon Resource Name (ARN) of the view.\n\nFor example:\n\n`arn::connect:::instance/00000000-0000-0000-0000-000000000000/view/00000000-0000-0000-0000-000000000000`", + "title": "ViewArn", "type": "string" }, - "Subdirectory": { - "markdownDescription": "Specifies a prefix in the S3 bucket that DataSync reads from or writes to (depending on whether the bucket is a source or destination location).\n\n> DataSync can't transfer objects with a prefix that begins with a slash ( `/` ) or includes `//` , `/./` , or `/../` patterns. For example:\n> \n> - `/photos`\n> - `photos//2006/January`\n> - `photos/./2006/February`\n> - `photos/../2006/March`", - "title": "Subdirectory", + "ViewContentSha256": { + "markdownDescription": "Indicates the checksum value of the latest published view content.", + "title": "ViewContentSha256", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your transfer location.", - "title": "Tags", - "type": "array" } }, "required": [ - "S3Config" + "ViewArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataSync::LocationS3" + "AWS::Connect::ViewVersion" ], "type": "string" }, @@ -62715,21 +68311,7 @@ ], "type": "object" }, - "AWS::DataSync::LocationS3.S3Config": { - "additionalProperties": false, - "properties": { - "BucketAccessRoleArn": { - "markdownDescription": "Specifies the ARN of the IAM role that DataSync uses to access your S3 bucket.", - "title": "BucketAccessRoleArn", - "type": "string" - } - }, - "required": [ - "BucketAccessRoleArn" - ], - "type": "object" - }, - "AWS::DataSync::LocationSMB": { + "AWS::ConnectCampaigns::Campaign": { "additionalProperties": false, "properties": { "Condition": { @@ -62764,62 +68346,46 @@ "Properties": { "additionalProperties": false, "properties": { - "AgentArns": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the DataSync agent (or agents) that can connect to your SMB file server. You specify an agent by using its Amazon Resource Name (ARN).", - "title": "AgentArns", - "type": "array" - }, - "Domain": { - "markdownDescription": "Specifies the Windows domain name that your SMB file server belongs to. This parameter applies only if `AuthenticationType` is set to `NTLM` .\n\nIf you have multiple domains in your environment, configuring this parameter makes sure that DataSync connects to the right file server.", - "title": "Domain", + "ConnectInstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Connect instance.", + "title": "ConnectInstanceArn", "type": "string" }, - "MountOptions": { - "$ref": "#/definitions/AWS::DataSync::LocationSMB.MountOptions", - "markdownDescription": "Specifies the version of the SMB protocol that DataSync uses to access your SMB file server.", - "title": "MountOptions" - }, - "Password": { - "markdownDescription": "Specifies the password of the user who can mount your SMB file server and has permission to access the files and folders involved in your transfer. This parameter applies only if `AuthenticationType` is set to `NTLM` .", - "title": "Password", - "type": "string" + "DialerConfig": { + "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign.DialerConfig", + "markdownDescription": "Contains information about the dialer configuration.", + "title": "DialerConfig" }, - "ServerHostname": { - "markdownDescription": "Specifies the domain name or IP address of the SMB file server that your DataSync agent connects to.\n\nRemember the following when configuring this parameter:\n\n- You can't specify an IP version 6 (IPv6) address.\n- If you're using Kerberos authentication, you must specify a domain name.", - "title": "ServerHostname", + "Name": { + "markdownDescription": "The name of the campaign.", + "title": "Name", "type": "string" }, - "Subdirectory": { - "markdownDescription": "Specifies the name of the share exported by your SMB file server where DataSync will read or write data. You can include a subdirectory in the share path (for example, `/path/to/subdirectory` ). Make sure that other SMB clients in your network can also mount this path.\n\nTo copy all data in the subdirectory, DataSync must be able to mount the SMB share and access all of its data. For more information, see [Providing DataSync access to SMB file servers](https://docs.aws.amazon.com/datasync/latest/userguide/create-smb-location.html#configuring-smb-permissions) .", - "title": "Subdirectory", - "type": "string" + "OutboundCallConfig": { + "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign.OutboundCallConfig", + "markdownDescription": "Contains information about the outbound call configuration.", + "title": "OutboundCallConfig" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your location.", + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" - }, - "User": { - "markdownDescription": "Specifies the user that can mount and access the files, folders, and file metadata in your SMB file server. This parameter applies only if `AuthenticationType` is set to `NTLM` .\n\nFor information about choosing a user with the right level of access for your transfer, see [Providing DataSync access to SMB file servers](https://docs.aws.amazon.com/datasync/latest/userguide/create-smb-location.html#configuring-smb-permissions) .", - "title": "User", - "type": "string" } }, "required": [ - "AgentArns", - "User" + "ConnectInstanceArn", + "DialerConfig", + "Name", + "OutboundCallConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataSync::LocationSMB" + "AWS::ConnectCampaigns::Campaign" ], "type": "string" }, @@ -62838,140 +68404,125 @@ ], "type": "object" }, - "AWS::DataSync::LocationSMB.MountOptions": { + "AWS::ConnectCampaigns::Campaign.AgentlessDialerConfig": { "additionalProperties": false, "properties": { - "Version": { - "markdownDescription": "By default, DataSync automatically chooses an SMB protocol version based on negotiation with your SMB file server. You also can configure DataSync to use a specific SMB version, but we recommend doing this only if DataSync has trouble negotiating with the SMB file server automatically.\n\nThese are the following options for configuring the SMB version:\n\n- `AUTOMATIC` (default): DataSync and the SMB file server negotiate the highest version of SMB that they mutually support between 2.1 and 3.1.1.\n\nThis is the recommended option. If you instead choose a specific version that your file server doesn't support, you may get an `Operation Not Supported` error.\n- `SMB3` : Restricts the protocol negotiation to only SMB version 3.0.2.\n- `SMB2` : Restricts the protocol negotiation to only SMB version 2.1.\n- `SMB2_0` : Restricts the protocol negotiation to only SMB version 2.0.\n- `SMB1` : Restricts the protocol negotiation to only SMB version 1.0.\n\n> The `SMB1` option isn't available when [creating an Amazon FSx for NetApp ONTAP location](https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateLocationFsxOntap.html) .", - "title": "Version", - "type": "string" + "DialingCapacity": { + "markdownDescription": "The allocation of dialing capacity between multiple active campaigns.", + "title": "DialingCapacity", + "type": "number" } }, "type": "object" }, - "AWS::DataSync::StorageSystem": { + "AWS::ConnectCampaigns::Campaign.AnswerMachineDetectionConfig": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "AwaitAnswerMachinePrompt": { + "markdownDescription": "Whether waiting for answer machine prompt is enabled.", + "title": "AwaitAnswerMachinePrompt", + "type": "boolean" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "EnableAnswerMachineDetection": { + "markdownDescription": "Whether answering machine detection is enabled.", + "title": "EnableAnswerMachineDetection", + "type": "boolean" + } + }, + "required": [ + "EnableAnswerMachineDetection" + ], + "type": "object" + }, + "AWS::ConnectCampaigns::Campaign.DialerConfig": { + "additionalProperties": false, + "properties": { + "AgentlessDialerConfig": { + "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign.AgentlessDialerConfig", + "markdownDescription": "The configuration of the agentless dialer.", + "title": "AgentlessDialerConfig" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "PredictiveDialerConfig": { + "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign.PredictiveDialerConfig", + "markdownDescription": "The configuration of the predictive dialer.", + "title": "PredictiveDialerConfig" }, - "Metadata": { - "type": "object" + "ProgressiveDialerConfig": { + "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign.ProgressiveDialerConfig", + "markdownDescription": "The configuration of the progressive dialer.", + "title": "ProgressiveDialerConfig" + } + }, + "type": "object" + }, + "AWS::ConnectCampaigns::Campaign.OutboundCallConfig": { + "additionalProperties": false, + "properties": { + "AnswerMachineDetectionConfig": { + "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign.AnswerMachineDetectionConfig", + "markdownDescription": "Whether answering machine detection has been enabled.", + "title": "AnswerMachineDetectionConfig" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AgentArns": { - "items": { - "type": "string" - }, - "type": "array" - }, - "CloudWatchLogGroupArn": { - "type": "string" - }, - "Name": { - "type": "string" - }, - "ServerConfiguration": { - "$ref": "#/definitions/AWS::DataSync::StorageSystem.ServerConfiguration" - }, - "ServerCredentials": { - "$ref": "#/definitions/AWS::DataSync::StorageSystem.ServerCredentials" - }, - "SystemType": { - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "type": "array" - } - }, - "required": [ - "AgentArns", - "ServerConfiguration", - "SystemType" - ], - "type": "object" + "ConnectContactFlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", + "title": "ConnectContactFlowArn", + "type": "string" }, - "Type": { - "enum": [ - "AWS::DataSync::StorageSystem" - ], + "ConnectQueueArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the queue.", + "title": "ConnectQueueArn", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ConnectSourcePhoneNumber": { + "markdownDescription": "The phone number associated with the outbound call. This is the caller ID that is displayed to customers when an agent calls them.", + "title": "ConnectSourcePhoneNumber", "type": "string" } }, "required": [ - "Type", - "Properties" + "ConnectContactFlowArn" ], "type": "object" }, - "AWS::DataSync::StorageSystem.ServerConfiguration": { + "AWS::ConnectCampaigns::Campaign.PredictiveDialerConfig": { "additionalProperties": false, "properties": { - "ServerHostname": { - "type": "string" + "BandwidthAllocation": { + "markdownDescription": "Bandwidth allocation for the predictive dialer.", + "title": "BandwidthAllocation", + "type": "number" }, - "ServerPort": { + "DialingCapacity": { + "markdownDescription": "The allocation of dialing capacity between multiple active campaigns.", + "title": "DialingCapacity", "type": "number" } }, "required": [ - "ServerHostname" + "BandwidthAllocation" ], "type": "object" }, - "AWS::DataSync::StorageSystem.ServerCredentials": { + "AWS::ConnectCampaigns::Campaign.ProgressiveDialerConfig": { "additionalProperties": false, "properties": { - "Password": { - "type": "string" + "BandwidthAllocation": { + "markdownDescription": "Bandwidth allocation for the progressive dialer.", + "title": "BandwidthAllocation", + "type": "number" }, - "Username": { - "type": "string" + "DialingCapacity": { + "markdownDescription": "The allocation of dialing capacity between multiple active campaigns.", + "title": "DialingCapacity", + "type": "number" } }, "required": [ - "Password", - "Username" + "BandwidthAllocation" ], "type": "object" }, - "AWS::DataSync::Task": { + "AWS::ConnectCampaignsV2::Campaign": { "additionalProperties": false, "properties": { "Condition": { @@ -63006,80 +68557,65 @@ "Properties": { "additionalProperties": false, "properties": { - "CloudWatchLogGroupArn": { - "markdownDescription": "Specifies the Amazon Resource Name (ARN) of an Amazon CloudWatch log group for monitoring your task.\n\nFor Enhanced mode tasks, you don't need to specify anything. DataSync automatically sends logs to a CloudWatch log group named `/aws/datasync` .\n\nFor more information, see [Monitoring data transfers with CloudWatch Logs](https://docs.aws.amazon.com/datasync/latest/userguide/configure-logging.html) .", - "title": "CloudWatchLogGroupArn", - "type": "string" + "ChannelSubtypeConfig": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.ChannelSubtypeConfig", + "markdownDescription": "Contains channel subtype configuration for an outbound campaign.", + "title": "ChannelSubtypeConfig" }, - "DestinationLocationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS storage resource's location.", - "title": "DestinationLocationArn", - "type": "string" + "CommunicationLimitsOverride": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.CommunicationLimitsConfig", + "markdownDescription": "Communication limits configuration for an outbound campaign.", + "title": "CommunicationLimitsOverride" }, - "Excludes": { - "items": { - "$ref": "#/definitions/AWS::DataSync::Task.FilterRule" - }, - "markdownDescription": "Specifies exclude filters that define the files, objects, and folders in your source location that you don't want DataSync to transfer. For more information and examples, see [Specifying what DataSync transfers by using filters](https://docs.aws.amazon.com/datasync/latest/userguide/filtering.html) .", - "title": "Excludes", - "type": "array" + "CommunicationTimeConfig": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.CommunicationTimeConfig", + "markdownDescription": "Contains communication time configuration for an outbound campaign.", + "title": "CommunicationTimeConfig" }, - "Includes": { - "items": { - "$ref": "#/definitions/AWS::DataSync::Task.FilterRule" - }, - "markdownDescription": "Specifies include filters that define the files, objects, and folders in your source location that you want DataSync to transfer. For more information and examples, see [Specifying what DataSync transfers by using filters](https://docs.aws.amazon.com/datasync/latest/userguide/filtering.html) .", - "title": "Includes", - "type": "array" + "ConnectCampaignFlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Connect campaign flow associated with the outbound campaign.", + "title": "ConnectCampaignFlowArn", + "type": "string" }, - "ManifestConfig": { - "$ref": "#/definitions/AWS::DataSync::Task.ManifestConfig", - "markdownDescription": "The configuration of the manifest that lists the files or objects that you want DataSync to transfer. For more information, see [Specifying what DataSync transfers by using a manifest](https://docs.aws.amazon.com/datasync/latest/userguide/transferring-with-manifest.html) .", - "title": "ManifestConfig" + "ConnectInstanceId": { + "markdownDescription": "The identifier of the Amazon Connect instance. You can find the `instanceId` in the ARN of the instance.", + "title": "ConnectInstanceId", + "type": "string" }, "Name": { - "markdownDescription": "Specifies the name of your task.", + "markdownDescription": "The name of the outbound campaign.", "title": "Name", "type": "string" }, - "Options": { - "$ref": "#/definitions/AWS::DataSync::Task.Options", - "markdownDescription": "Specifies your task's settings, such as preserving file metadata, verifying data integrity, among other options.", - "title": "Options" - }, "Schedule": { - "$ref": "#/definitions/AWS::DataSync::Task.TaskSchedule", - "markdownDescription": "Specifies a schedule for when you want your task to run. For more information, see [Scheduling your task](https://docs.aws.amazon.com/datasync/latest/userguide/task-scheduling.html) .", + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.Schedule", + "markdownDescription": "Contains the schedule configuration.", "title": "Schedule" }, - "SourceLocationArn": { - "markdownDescription": "Specifies the ARN of your transfer's source location.", - "title": "SourceLocationArn", - "type": "string" + "Source": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.Source", + "markdownDescription": "Contains source configuration.", + "title": "Source" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Specifies the tags that you want to apply to your task.\n\n*Tags* are key-value pairs that help you manage, filter, and search for your DataSync resources.", + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, `{ \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }` .", "title": "Tags", "type": "array" - }, - "TaskReportConfig": { - "$ref": "#/definitions/AWS::DataSync::Task.TaskReportConfig", - "markdownDescription": "The configuration of your task report, which provides detailed information about your DataSync transfer. For more information, see [Monitoring your DataSync transfers with task reports](https://docs.aws.amazon.com/datasync/latest/userguide/task-reports.html) .", - "title": "TaskReportConfig" } }, "required": [ - "DestinationLocationArn", - "SourceLocationArn" + "ChannelSubtypeConfig", + "ConnectInstanceId", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataSync::Task" + "AWS::ConnectCampaignsV2::Campaign" ], "type": "string" }, @@ -63098,318 +68634,540 @@ ], "type": "object" }, - "AWS::DataSync::Task.Deleted": { + "AWS::ConnectCampaignsV2::Campaign.AnswerMachineDetectionConfig": { "additionalProperties": false, "properties": { - "ReportLevel": { - "markdownDescription": "", - "title": "ReportLevel", - "type": "string" + "AwaitAnswerMachinePrompt": { + "markdownDescription": "Whether or not waiting for an answer machine prompt is enabled.", + "title": "AwaitAnswerMachinePrompt", + "type": "boolean" + }, + "EnableAnswerMachineDetection": { + "markdownDescription": "Enables answering machine detection.", + "title": "EnableAnswerMachineDetection", + "type": "boolean" } }, + "required": [ + "EnableAnswerMachineDetection" + ], "type": "object" }, - "AWS::DataSync::Task.Destination": { + "AWS::ConnectCampaignsV2::Campaign.ChannelSubtypeConfig": { "additionalProperties": false, "properties": { - "S3": { - "$ref": "#/definitions/AWS::DataSync::Task.TaskReportConfigDestinationS3", - "markdownDescription": "", - "title": "S3" + "Email": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.EmailChannelSubtypeConfig", + "markdownDescription": "The configuration of the email channel subtype.", + "title": "Email" + }, + "Sms": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.SmsChannelSubtypeConfig", + "markdownDescription": "The configuration of the SMS channel subtype.", + "title": "Sms" + }, + "Telephony": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.TelephonyChannelSubtypeConfig", + "markdownDescription": "The configuration of the telephony channel subtype.", + "title": "Telephony" } }, "type": "object" }, - "AWS::DataSync::Task.FilterRule": { + "AWS::ConnectCampaignsV2::Campaign.CommunicationLimit": { "additionalProperties": false, "properties": { - "FilterType": { - "markdownDescription": "The type of filter rule to apply. AWS DataSync only supports the SIMPLE_PATTERN rule type.", - "title": "FilterType", - "type": "string" + "Frequency": { + "markdownDescription": "The frequency of communication limit evaluation.", + "title": "Frequency", + "type": "number" }, - "Value": { - "markdownDescription": "A single filter string that consists of the patterns to include or exclude. The patterns are delimited by \"|\" (that is, a pipe), for example: `/folder1|/folder2`", - "title": "Value", + "MaxCountPerRecipient": { + "markdownDescription": "The maximum outreaching count for each recipient.", + "title": "MaxCountPerRecipient", + "type": "number" + }, + "Unit": { + "markdownDescription": "The unit of communication limit evaluation.", + "title": "Unit", "type": "string" } }, + "required": [ + "Frequency", + "MaxCountPerRecipient", + "Unit" + ], "type": "object" }, - "AWS::DataSync::Task.ManifestConfig": { + "AWS::ConnectCampaignsV2::Campaign.CommunicationLimits": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "Specifies what DataSync uses the manifest for.", - "title": "Action", - "type": "string" + "CommunicationLimitList": { + "items": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.CommunicationLimit" + }, + "markdownDescription": "The list of CommunicationLimits.", + "title": "CommunicationLimitList", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.CommunicationLimitsConfig": { + "additionalProperties": false, + "properties": { + "AllChannelsSubtypes": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.CommunicationLimits", + "markdownDescription": "The CommunicationLimits that apply to all channel subtypes defined in an outbound campaign.", + "title": "AllChannelsSubtypes" }, - "Format": { - "markdownDescription": "Specifies the file format of your manifest. For more information, see [Creating a manifest](https://docs.aws.amazon.com/datasync/latest/userguide/transferring-with-manifest.html#transferring-with-manifest-create) .", - "title": "Format", + "InstanceLimitsHandling": { + "markdownDescription": "Opt-in or Opt-out from instance-level limits.", + "title": "InstanceLimitsHandling", "type": "string" - }, - "Source": { - "$ref": "#/definitions/AWS::DataSync::Task.Source", - "markdownDescription": "Specifies the manifest that you want DataSync to use and where it's hosted.\n\n> You must specify this parameter if you're configuring a new manifest on or after February 7, 2024.\n> \n> If you don't, you'll get a 400 status code and `ValidationException` error stating that you're missing the IAM role for DataSync to access the S3 bucket where you're hosting your manifest. For more information, see [Providing DataSync access to your manifest](https://docs.aws.amazon.com/datasync/latest/userguide/transferring-with-manifest.html#transferring-with-manifest-access) .", - "title": "Source" } }, - "required": [ - "Source" - ], "type": "object" }, - "AWS::DataSync::Task.ManifestConfigSourceS3": { + "AWS::ConnectCampaignsV2::Campaign.CommunicationTimeConfig": { "additionalProperties": false, "properties": { - "BucketAccessRoleArn": { - "markdownDescription": "", - "title": "BucketAccessRoleArn", - "type": "string" + "Email": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.TimeWindow", + "markdownDescription": "The communication time configuration for the email channel subtype.", + "title": "Email" }, - "ManifestObjectPath": { - "markdownDescription": "", - "title": "ManifestObjectPath", - "type": "string" + "LocalTimeZoneConfig": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.LocalTimeZoneConfig", + "markdownDescription": "The local timezone configuration.", + "title": "LocalTimeZoneConfig" }, - "ManifestObjectVersionId": { - "markdownDescription": "", - "title": "ManifestObjectVersionId", - "type": "string" + "Sms": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.TimeWindow", + "markdownDescription": "The communication time configuration for the SMS channel subtype.", + "title": "Sms" }, - "S3BucketArn": { - "markdownDescription": "", - "title": "S3BucketArn", - "type": "string" + "Telephony": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.TimeWindow", + "markdownDescription": "The communication time configuration for the telephony channel subtype.", + "title": "Telephony" } }, + "required": [ + "LocalTimeZoneConfig" + ], "type": "object" }, - "AWS::DataSync::Task.Options": { + "AWS::ConnectCampaignsV2::Campaign.DailyHour": { "additionalProperties": false, "properties": { - "Atime": { - "markdownDescription": "A file metadata value that shows the last time that a file was accessed (that is, when the file was read or written to). If you set `Atime` to `BEST_EFFORT` , AWS DataSync attempts to preserve the original `Atime` attribute on all source files (that is, the version before the PREPARING phase). However, `Atime` 's behavior is not fully standard across platforms, so AWS DataSync can only do this on a best-effort basis.\n\nDefault value: `BEST_EFFORT`\n\n`BEST_EFFORT` : Attempt to preserve the per-file `Atime` value (recommended).\n\n`NONE` : Ignore `Atime` .\n\n> If `Atime` is set to `BEST_EFFORT` , `Mtime` must be set to `PRESERVE` .\n> \n> If `Atime` is set to `NONE` , `Mtime` must also be `NONE` .", - "title": "Atime", + "Key": { + "markdownDescription": "The key for DailyHour.", + "title": "Key", "type": "string" }, - "BytesPerSecond": { - "markdownDescription": "A value that limits the bandwidth used by AWS DataSync . For example, if you want AWS DataSync to use a maximum of 1 MB, set this value to `1048576` (=1024*1024).", - "title": "BytesPerSecond", + "Value": { + "items": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.TimeRange" + }, + "markdownDescription": "The value for DailyHour.", + "title": "Value", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.EmailChannelSubtypeConfig": { + "additionalProperties": false, + "properties": { + "Capacity": { + "markdownDescription": "The allocation of email capacity between multiple running outbound campaigns.", + "title": "Capacity", "type": "number" }, - "Gid": { - "markdownDescription": "The group ID (GID) of the file's owners.\n\nDefault value: `INT_VALUE`\n\n`INT_VALUE` : Preserve the integer value of the user ID (UID) and group ID (GID) (recommended).\n\n`NAME` : Currently not supported.\n\n`NONE` : Ignore the UID and GID.", - "title": "Gid", - "type": "string" - }, - "LogLevel": { - "markdownDescription": "Specifies the type of logs that DataSync publishes to a Amazon CloudWatch Logs log group. To specify the log group, see [CloudWatchLogGroupArn](https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateTask.html#DataSync-CreateTask-request-CloudWatchLogGroupArn) .\n\n- `BASIC` - Publishes logs with only basic information (such as transfer errors).\n- `TRANSFER` - Publishes logs for all files or objects that your DataSync task transfers and performs data-integrity checks on.\n- `OFF` - No logs are published.", - "title": "LogLevel", - "type": "string" + "DefaultOutboundConfig": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.EmailOutboundConfig", + "markdownDescription": "The default email outbound configuration of an outbound campaign.", + "title": "DefaultOutboundConfig" }, - "Mtime": { - "markdownDescription": "A value that indicates the last time that a file was modified (that is, a file was written to) before the PREPARING phase. This option is required for cases when you need to run the same task more than one time.\n\nDefault value: `PRESERVE`\n\n`PRESERVE` : Preserve original `Mtime` (recommended)\n\n`NONE` : Ignore `Mtime` .\n\n> If `Mtime` is set to `PRESERVE` , `Atime` must be set to `BEST_EFFORT` .\n> \n> If `Mtime` is set to `NONE` , `Atime` must also be set to `NONE` .", - "title": "Mtime", + "OutboundMode": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.EmailOutboundMode", + "markdownDescription": "The outbound mode for email of an outbound campaign.", + "title": "OutboundMode" + } + }, + "required": [ + "DefaultOutboundConfig", + "OutboundMode" + ], + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.EmailOutboundConfig": { + "additionalProperties": false, + "properties": { + "ConnectSourceEmailAddress": { + "markdownDescription": "The Amazon Connect source email address.", + "title": "ConnectSourceEmailAddress", "type": "string" }, - "ObjectTags": { - "markdownDescription": "Specifies whether you want DataSync to `PRESERVE` object tags (default behavior) when transferring between object storage systems. If you want your DataSync task to ignore object tags, specify the `NONE` value.", - "title": "ObjectTags", + "SourceEmailAddressDisplayName": { + "markdownDescription": "The display name for the Amazon Connect source email address.", + "title": "SourceEmailAddressDisplayName", "type": "string" }, - "OverwriteMode": { - "markdownDescription": "Specifies whether DataSync should modify or preserve data at the destination location.\n\n- `ALWAYS` (default) - DataSync modifies data in the destination location when source data (including metadata) has changed.\n\nIf DataSync overwrites objects, you might incur additional charges for certain Amazon S3 storage classes (for example, for retrieval or early deletion). For more information, see [Storage class considerations with Amazon S3 transfers](https://docs.aws.amazon.com/datasync/latest/userguide/create-s3-location.html#using-storage-classes) .\n- `NEVER` - DataSync doesn't overwrite data in the destination location even if the source data has changed. You can use this option to protect against overwriting changes made to files or objects in the destination.", - "title": "OverwriteMode", + "WisdomTemplateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Q in Connect template.", + "title": "WisdomTemplateArn", "type": "string" - }, - "PosixPermissions": { - "markdownDescription": "A value that determines which users or groups can access a file for a specific purpose, such as reading, writing, or execution of the file. This option should be set only for Network File System (NFS), Amazon EFS, and Amazon S3 locations. For more information about what metadata is copied by DataSync, see [Metadata Copied by DataSync](https://docs.aws.amazon.com/datasync/latest/userguide/special-files.html#metadata-copied) .\n\nDefault value: `PRESERVE`\n\n`PRESERVE` : Preserve POSIX-style permissions (recommended).\n\n`NONE` : Ignore permissions.\n\n> AWS DataSync can preserve extant permissions of a source location.", - "title": "PosixPermissions", + } + }, + "required": [ + "ConnectSourceEmailAddress", + "WisdomTemplateArn" + ], + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.EmailOutboundMode": { + "additionalProperties": false, + "properties": { + "AgentlessConfig": { + "markdownDescription": "The agentless outbound mode configuration for email.", + "title": "AgentlessConfig", + "type": "object" + } + }, + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.EventTrigger": { + "additionalProperties": false, + "properties": { + "CustomerProfilesDomainArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Customer Profiles domain.", + "title": "CustomerProfilesDomainArn", "type": "string" - }, - "PreserveDeletedFiles": { - "markdownDescription": "A value that specifies whether files in the destination that don't exist in the source file system are preserved. This option can affect your storage costs. If your task deletes objects, you might incur minimum storage duration charges for certain storage classes. For detailed information, see [Considerations when working with Amazon S3 storage classes in DataSync](https://docs.aws.amazon.com/datasync/latest/userguide/create-s3-location.html#using-storage-classes) in the *AWS DataSync User Guide* .\n\nDefault value: `PRESERVE`\n\n`PRESERVE` : Ignore destination files that aren't present in the source (recommended).\n\n`REMOVE` : Delete destination files that aren't present in the source.", - "title": "PreserveDeletedFiles", + } + }, + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.LocalTimeZoneConfig": { + "additionalProperties": false, + "properties": { + "DefaultTimeZone": { + "markdownDescription": "The timezone to use for all recipients.", + "title": "DefaultTimeZone", "type": "string" }, - "PreserveDevices": { - "markdownDescription": "A value that determines whether AWS DataSync should preserve the metadata of block and character devices in the source file system, and re-create the files with that device name and metadata on the destination. DataSync does not copy the contents of such devices, only the name and metadata.\n\n> AWS DataSync can't sync the actual contents of such devices, because they are nonterminal and don't return an end-of-file (EOF) marker. \n\nDefault value: `NONE`\n\n`NONE` : Ignore special devices (recommended).\n\n`PRESERVE` : Preserve character and block device metadata. This option isn't currently supported for Amazon EFS.", - "title": "PreserveDevices", + "LocalTimeZoneDetection": { + "items": { + "type": "string" + }, + "markdownDescription": "Detects methods for the recipient's timezone.", + "title": "LocalTimeZoneDetection", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.OpenHours": { + "additionalProperties": false, + "properties": { + "DailyHours": { + "items": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.DailyHour" + }, + "markdownDescription": "The daily hours configuration.", + "title": "DailyHours", + "type": "array" + } + }, + "required": [ + "DailyHours" + ], + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.PredictiveConfig": { + "additionalProperties": false, + "properties": { + "BandwidthAllocation": { + "markdownDescription": "Bandwidth allocation for the predictive outbound mode.", + "title": "BandwidthAllocation", + "type": "number" + } + }, + "required": [ + "BandwidthAllocation" + ], + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.ProgressiveConfig": { + "additionalProperties": false, + "properties": { + "BandwidthAllocation": { + "markdownDescription": "Bandwidth allocation for the progressive outbound mode.", + "title": "BandwidthAllocation", + "type": "number" + } + }, + "required": [ + "BandwidthAllocation" + ], + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.RestrictedPeriod": { + "additionalProperties": false, + "properties": { + "EndDate": { + "markdownDescription": "The end date of the restricted period.", + "title": "EndDate", "type": "string" }, - "SecurityDescriptorCopyFlags": { - "markdownDescription": "A value that determines which components of the SMB security descriptor are copied from source to destination objects.\n\nThis value is only used for transfers between SMB and Amazon FSx for Windows File Server locations, or between two Amazon FSx for Windows File Server locations. For more information about how DataSync handles metadata, see [How DataSync Handles Metadata and Special Files](https://docs.aws.amazon.com/datasync/latest/userguide/special-files.html) .\n\nDefault value: `OWNER_DACL`\n\n`OWNER_DACL` : For each copied object, DataSync copies the following metadata:\n\n- Object owner.\n- NTFS discretionary access control lists (DACLs), which determine whether to grant access to an object.\n\nWhen you use option, DataSync does NOT copy the NTFS system access control lists (SACLs), which are used by administrators to log attempts to access a secured object.\n\n`OWNER_DACL_SACL` : For each copied object, DataSync copies the following metadata:\n\n- Object owner.\n- NTFS discretionary access control lists (DACLs), which determine whether to grant access to an object.\n- NTFS system access control lists (SACLs), which are used by administrators to log attempts to access a secured object.\n\nCopying SACLs requires granting additional permissions to the Windows user that DataSync uses to access your SMB location. For information about choosing a user that ensures sufficient permissions to files, folders, and metadata, see [user](https://docs.aws.amazon.com/datasync/latest/userguide/create-smb-location.html#SMBuser) .\n\n`NONE` : None of the SMB security descriptor components are copied. Destination objects are owned by the user that was provided for accessing the destination location. DACLs and SACLs are set based on the destination server\u2019s configuration.", - "title": "SecurityDescriptorCopyFlags", + "Name": { + "markdownDescription": "The name of the restricted period.", + "title": "Name", "type": "string" }, - "TaskQueueing": { - "markdownDescription": "Specifies whether your transfer tasks should be put into a queue during certain scenarios when [running multiple tasks](https://docs.aws.amazon.com/datasync/latest/userguide/run-task.html#running-multiple-tasks) . This is `ENABLED` by default.", - "title": "TaskQueueing", + "StartDate": { + "markdownDescription": "The start date of the restricted period.", + "title": "StartDate", "type": "string" - }, - "TransferMode": { - "markdownDescription": "A value that determines whether DataSync transfers only the data and metadata that differ between the source and the destination location, or whether DataSync transfers all the content from the source, without comparing it to the destination location.\n\n`CHANGED` : DataSync copies only data or metadata that is new or different from the source location to the destination location.\n\n`ALL` : DataSync copies all source location content to the destination, without comparing it to existing content on the destination.", - "title": "TransferMode", + } + }, + "required": [ + "EndDate", + "StartDate" + ], + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.RestrictedPeriods": { + "additionalProperties": false, + "properties": { + "RestrictedPeriodList": { + "items": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.RestrictedPeriod" + }, + "markdownDescription": "The restricted period list.", + "title": "RestrictedPeriodList", + "type": "array" + } + }, + "required": [ + "RestrictedPeriodList" + ], + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.Schedule": { + "additionalProperties": false, + "properties": { + "EndTime": { + "markdownDescription": "The end time of the schedule in UTC.", + "title": "EndTime", "type": "string" }, - "Uid": { - "markdownDescription": "The user ID (UID) of the file's owner.\n\nDefault value: `INT_VALUE`\n\n`INT_VALUE` : Preserve the integer value of the UID and group ID (GID) (recommended).\n\n`NAME` : Currently not supported\n\n`NONE` : Ignore the UID and GID.", - "title": "Uid", + "RefreshFrequency": { + "markdownDescription": "The refresh frequency of the campaign.", + "title": "RefreshFrequency", "type": "string" }, - "VerifyMode": { - "markdownDescription": "A value that determines whether a data integrity verification is performed at the end of a task execution after all data and metadata have been transferred. For more information, see [Configure task settings](https://docs.aws.amazon.com/datasync/latest/userguide/create-task.html) .\n\nDefault value: `POINT_IN_TIME_CONSISTENT`\n\n`ONLY_FILES_TRANSFERRED` (recommended): Perform verification only on files that were transferred.\n\n`POINT_IN_TIME_CONSISTENT` : Scan the entire source and entire destination at the end of the transfer to verify that the source and destination are fully synchronized. This option isn't supported when transferring to S3 Glacier or S3 Glacier Deep Archive storage classes.\n\n`NONE` : No additional verification is done at the end of the transfer, but all data transmissions are integrity-checked with checksum verification during the transfer.", - "title": "VerifyMode", + "StartTime": { + "markdownDescription": "The start time of the schedule in UTC.", + "title": "StartTime", "type": "string" } }, + "required": [ + "EndTime", + "StartTime" + ], "type": "object" }, - "AWS::DataSync::Task.Overrides": { + "AWS::ConnectCampaignsV2::Campaign.SmsChannelSubtypeConfig": { "additionalProperties": false, "properties": { - "Deleted": { - "$ref": "#/definitions/AWS::DataSync::Task.Deleted", - "markdownDescription": "", - "title": "Deleted" - }, - "Skipped": { - "$ref": "#/definitions/AWS::DataSync::Task.Skipped", - "markdownDescription": "", - "title": "Skipped" + "Capacity": { + "markdownDescription": "The allocation of SMS capacity between multiple running outbound campaigns.", + "title": "Capacity", + "type": "number" }, - "Transferred": { - "$ref": "#/definitions/AWS::DataSync::Task.Transferred", - "markdownDescription": "", - "title": "Transferred" + "DefaultOutboundConfig": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.SmsOutboundConfig", + "markdownDescription": "The default SMS outbound configuration of an outbound campaign.", + "title": "DefaultOutboundConfig" }, - "Verified": { - "$ref": "#/definitions/AWS::DataSync::Task.Verified", - "markdownDescription": "", - "title": "Verified" + "OutboundMode": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.SmsOutboundMode", + "markdownDescription": "The outbound mode of SMS for an outbound campaign.", + "title": "OutboundMode" } }, + "required": [ + "DefaultOutboundConfig", + "OutboundMode" + ], "type": "object" }, - "AWS::DataSync::Task.Skipped": { + "AWS::ConnectCampaignsV2::Campaign.SmsOutboundConfig": { "additionalProperties": false, "properties": { - "ReportLevel": { - "markdownDescription": "", - "title": "ReportLevel", + "ConnectSourcePhoneNumberArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Connect source SMS phone number.", + "title": "ConnectSourcePhoneNumberArn", + "type": "string" + }, + "WisdomTemplateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Q in Connect template.", + "title": "WisdomTemplateArn", "type": "string" } }, + "required": [ + "ConnectSourcePhoneNumberArn", + "WisdomTemplateArn" + ], "type": "object" }, - "AWS::DataSync::Task.Source": { + "AWS::ConnectCampaignsV2::Campaign.SmsOutboundMode": { "additionalProperties": false, "properties": { - "S3": { - "$ref": "#/definitions/AWS::DataSync::Task.ManifestConfigSourceS3", - "markdownDescription": "", - "title": "S3" + "AgentlessConfig": { + "markdownDescription": "Contains agentless outbound mode configuration.", + "title": "AgentlessConfig", + "type": "object" } }, "type": "object" }, - "AWS::DataSync::Task.TaskReportConfig": { + "AWS::ConnectCampaignsV2::Campaign.Source": { "additionalProperties": false, "properties": { - "Destination": { - "$ref": "#/definitions/AWS::DataSync::Task.Destination", - "markdownDescription": "Specifies the Amazon S3 bucket where DataSync uploads your task report. For more information, see [Task reports](https://docs.aws.amazon.com/datasync/latest/userguide/task-reports.html#task-report-access) .", - "title": "Destination" - }, - "ObjectVersionIds": { - "markdownDescription": "Specifies whether your task report includes the new version of each object transferred into an S3 bucket. This only applies if you [enable versioning on your bucket](https://docs.aws.amazon.com/AmazonS3/latest/userguide/manage-versioning-examples.html) . Keep in mind that setting this to `INCLUDE` can increase the duration of your task execution.", - "title": "ObjectVersionIds", + "CustomerProfilesSegmentArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Customer Profiles segment.", + "title": "CustomerProfilesSegmentArn", "type": "string" }, - "OutputType": { - "markdownDescription": "Specifies the type of task report that you want:\n\n- `SUMMARY_ONLY` : Provides necessary details about your task, including the number of files, objects, and directories transferred and transfer duration.\n- `STANDARD` : Provides complete details about your task, including a full list of files, objects, and directories that were transferred, skipped, verified, and more.", - "title": "OutputType", + "EventTrigger": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.EventTrigger", + "markdownDescription": "The event trigger of the campaign.", + "title": "EventTrigger" + } + }, + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.TelephonyChannelSubtypeConfig": { + "additionalProperties": false, + "properties": { + "Capacity": { + "markdownDescription": "The allocation of telephony capacity between multiple running outbound campaigns.", + "title": "Capacity", + "type": "number" + }, + "ConnectQueueId": { + "markdownDescription": "The identifier of the Amazon Connect queue associated with telephony outbound requests of an outbound campaign.", + "title": "ConnectQueueId", "type": "string" }, - "Overrides": { - "$ref": "#/definitions/AWS::DataSync::Task.Overrides", - "markdownDescription": "Customizes the reporting level for aspects of your task report. For example, your report might generally only include errors, but you could specify that you want a list of successes and errors just for the files that DataSync attempted to delete in your destination location.", - "title": "Overrides" + "DefaultOutboundConfig": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.TelephonyOutboundConfig", + "markdownDescription": "The default telephony outbound configuration of an outbound campaign.", + "title": "DefaultOutboundConfig" }, - "ReportLevel": { - "markdownDescription": "Specifies whether you want your task report to include only what went wrong with your transfer or a list of what succeeded and didn't.\n\n- `ERRORS_ONLY` : A report shows what DataSync was unable to transfer, skip, verify, and delete.\n- `SUCCESSES_AND_ERRORS` : A report shows what DataSync was able and unable to transfer, skip, verify, and delete.", - "title": "ReportLevel", - "type": "string" + "OutboundMode": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.TelephonyOutboundMode", + "markdownDescription": "The outbound mode of telephony for an outbound campaign.", + "title": "OutboundMode" } }, "required": [ - "Destination", - "OutputType" + "DefaultOutboundConfig", + "OutboundMode" ], "type": "object" }, - "AWS::DataSync::Task.TaskReportConfigDestinationS3": { + "AWS::ConnectCampaignsV2::Campaign.TelephonyOutboundConfig": { "additionalProperties": false, "properties": { - "BucketAccessRoleArn": { - "markdownDescription": "", - "title": "BucketAccessRoleArn", - "type": "string" + "AnswerMachineDetectionConfig": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.AnswerMachineDetectionConfig", + "markdownDescription": "The answering machine detection configuration.", + "title": "AnswerMachineDetectionConfig" }, - "S3BucketArn": { - "markdownDescription": "", - "title": "S3BucketArn", + "ConnectContactFlowId": { + "markdownDescription": "The identifier of the published Amazon Connect contact flow.", + "title": "ConnectContactFlowId", "type": "string" }, - "Subdirectory": { - "markdownDescription": "", - "title": "Subdirectory", + "ConnectSourcePhoneNumber": { + "markdownDescription": "The Amazon Connect source phone number.", + "title": "ConnectSourcePhoneNumber", "type": "string" } }, + "required": [ + "ConnectContactFlowId" + ], "type": "object" }, - "AWS::DataSync::Task.TaskSchedule": { + "AWS::ConnectCampaignsV2::Campaign.TelephonyOutboundMode": { "additionalProperties": false, "properties": { - "ScheduleExpression": { - "markdownDescription": "Specifies your task schedule by using a cron or rate expression.\n\nUse cron expressions for task schedules that run on a specific time and day. For example, the following cron expression creates a task schedule that runs at 8 AM on the first Wednesday of every month:\n\n`cron(0 8 * * 3#1)`\n\nUse rate expressions for task schedules that run on a regular interval. For example, the following rate expression creates a task schedule that runs every 12 hours:\n\n`rate(12 hours)`\n\nFor information about cron and rate expression syntax, see the [*Amazon EventBridge User Guide*](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-scheduled-rule-pattern.html) .", - "title": "ScheduleExpression", - "type": "string" + "AgentlessConfig": { + "markdownDescription": "The agentless outbound mode configuration for telephony.", + "title": "AgentlessConfig", + "type": "object" }, - "Status": { - "markdownDescription": "Specifies whether to enable or disable your task schedule. Your schedule is enabled by default, but there can be situations where you need to disable it. For example, you might need to pause a recurring transfer to fix an issue with your task or perform maintenance on your storage system.\n\nDataSync might disable your schedule automatically if your task fails repeatedly with the same error. For more information, see [TaskScheduleDetails](https://docs.aws.amazon.com/datasync/latest/userguide/API_TaskScheduleDetails.html) .", - "title": "Status", - "type": "string" + "PredictiveConfig": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.PredictiveConfig", + "markdownDescription": "Contains predictive outbound mode configuration.", + "title": "PredictiveConfig" + }, + "ProgressiveConfig": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.ProgressiveConfig", + "markdownDescription": "Contains progressive telephony outbound mode configuration.", + "title": "ProgressiveConfig" } }, "type": "object" }, - "AWS::DataSync::Task.Transferred": { + "AWS::ConnectCampaignsV2::Campaign.TimeRange": { "additionalProperties": false, "properties": { - "ReportLevel": { - "markdownDescription": "", - "title": "ReportLevel", + "EndTime": { + "markdownDescription": "The end time of the time range.", + "title": "EndTime", + "type": "string" + }, + "StartTime": { + "markdownDescription": "The start time of the time range.", + "title": "StartTime", "type": "string" } }, + "required": [ + "EndTime", + "StartTime" + ], "type": "object" }, - "AWS::DataSync::Task.Verified": { + "AWS::ConnectCampaignsV2::Campaign.TimeWindow": { "additionalProperties": false, "properties": { - "ReportLevel": { - "markdownDescription": "", - "title": "ReportLevel", - "type": "string" + "OpenHours": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.OpenHours", + "markdownDescription": "The open hours configuration.", + "title": "OpenHours" + }, + "RestrictedPeriods": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.RestrictedPeriods", + "markdownDescription": "The restricted periods configuration.", + "title": "RestrictedPeriods" } }, + "required": [ + "OpenHours" + ], "type": "object" }, - "AWS::DataZone::DataSource": { + "AWS::ControlTower::EnabledBaseline": { "additionalProperties": false, "properties": { "Condition": { @@ -63444,82 +69202,48 @@ "Properties": { "additionalProperties": false, "properties": { - "AssetFormsInput": { - "items": { - "$ref": "#/definitions/AWS::DataZone::DataSource.FormInput" - }, - "markdownDescription": "The metadata forms attached to the assets that the data source works with.", - "title": "AssetFormsInput", - "type": "array" - }, - "Configuration": { - "$ref": "#/definitions/AWS::DataZone::DataSource.DataSourceConfigurationInput", - "markdownDescription": "The configuration of the data source.", - "title": "Configuration" - }, - "Description": { - "markdownDescription": "The description of the data source.", - "title": "Description", - "type": "string" - }, - "DomainIdentifier": { - "markdownDescription": "The ID of the Amazon DataZone domain where the data source is created.", - "title": "DomainIdentifier", + "BaselineIdentifier": { + "markdownDescription": "The specific `Baseline` enabled as part of the `EnabledBaseline` resource.", + "title": "BaselineIdentifier", "type": "string" }, - "EnableSetting": { - "markdownDescription": "Specifies whether the data source is enabled.", - "title": "EnableSetting", + "BaselineVersion": { + "markdownDescription": "The enabled version of the `Baseline` .", + "title": "BaselineVersion", "type": "string" }, - "EnvironmentIdentifier": { - "markdownDescription": "The unique identifier of the Amazon DataZone environment to which the data source publishes assets.", - "title": "EnvironmentIdentifier", - "type": "string" + "Parameters": { + "items": { + "$ref": "#/definitions/AWS::ControlTower::EnabledBaseline.Parameter" + }, + "markdownDescription": "Shows the parameters that are applied when enabling this `Baseline` .", + "title": "Parameters", + "type": "array" }, - "Name": { - "markdownDescription": "The name of the data source.", - "title": "Name", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" }, - "ProjectIdentifier": { - "markdownDescription": "The identifier of the Amazon DataZone project in which you want to add this data source.", - "title": "ProjectIdentifier", - "type": "string" - }, - "PublishOnImport": { - "markdownDescription": "Specifies whether the assets that this data source creates in the inventory are to be also automatically published to the catalog.", - "title": "PublishOnImport", - "type": "boolean" - }, - "Recommendation": { - "$ref": "#/definitions/AWS::DataZone::DataSource.RecommendationConfiguration", - "markdownDescription": "Specifies whether the business name generation is to be enabled for this data source.", - "title": "Recommendation" - }, - "Schedule": { - "$ref": "#/definitions/AWS::DataZone::DataSource.ScheduleConfiguration", - "markdownDescription": "The schedule of the data source runs.", - "title": "Schedule" - }, - "Type": { - "markdownDescription": "The type of the data source. In Amazon DataZone, you can use data sources to import technical metadata of assets (data) from the source databases or data warehouses into Amazon DataZone. In the current release of Amazon DataZone, you can create and run data sources for AWS Glue and Amazon Redshift.", - "title": "Type", + "TargetIdentifier": { + "markdownDescription": "The target on which to enable the `Baseline` .", + "title": "TargetIdentifier", "type": "string" } }, "required": [ - "DomainIdentifier", - "EnvironmentIdentifier", - "Name", - "ProjectIdentifier", - "Type" + "BaselineIdentifier", + "BaselineVersion", + "TargetIdentifier" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataZone::DataSource" + "AWS::ControlTower::EnabledBaseline" ], "type": "string" }, @@ -63538,245 +69262,23 @@ ], "type": "object" }, - "AWS::DataZone::DataSource.DataSourceConfigurationInput": { - "additionalProperties": false, - "properties": { - "GlueRunConfiguration": { - "$ref": "#/definitions/AWS::DataZone::DataSource.GlueRunConfigurationInput", - "markdownDescription": "The configuration of the AWS Glue data source.", - "title": "GlueRunConfiguration" - }, - "RedshiftRunConfiguration": { - "$ref": "#/definitions/AWS::DataZone::DataSource.RedshiftRunConfigurationInput", - "markdownDescription": "The configuration of the Amazon Redshift data source.", - "title": "RedshiftRunConfiguration" - } - }, - "type": "object" - }, - "AWS::DataZone::DataSource.FilterExpression": { - "additionalProperties": false, - "properties": { - "Expression": { - "markdownDescription": "The search filter expression.", - "title": "Expression", - "type": "string" - }, - "Type": { - "markdownDescription": "The search filter explresison type.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Expression", - "Type" - ], - "type": "object" - }, - "AWS::DataZone::DataSource.FormInput": { + "AWS::ControlTower::EnabledBaseline.Parameter": { "additionalProperties": false, "properties": { - "Content": { - "markdownDescription": "", - "title": "Content", - "type": "string" - }, - "FormName": { - "markdownDescription": "", - "title": "FormName", - "type": "string" - }, - "TypeIdentifier": { + "Key": { "markdownDescription": "", - "title": "TypeIdentifier", + "title": "Key", "type": "string" }, - "TypeRevision": { + "Value": { "markdownDescription": "", - "title": "TypeRevision", - "type": "string" - } - }, - "required": [ - "FormName" - ], - "type": "object" - }, - "AWS::DataZone::DataSource.GlueRunConfigurationInput": { - "additionalProperties": false, - "properties": { - "AutoImportDataQualityResult": { - "markdownDescription": "Specifies whether to automatically import data quality metrics as part of the data source run.", - "title": "AutoImportDataQualityResult", - "type": "boolean" - }, - "DataAccessRole": { - "markdownDescription": "The data access role included in the configuration details of the AWS Glue data source.", - "title": "DataAccessRole", - "type": "string" - }, - "RelationalFilterConfigurations": { - "items": { - "$ref": "#/definitions/AWS::DataZone::DataSource.RelationalFilterConfiguration" - }, - "markdownDescription": "The relational filter configurations included in the configuration details of the AWS Glue data source.", - "title": "RelationalFilterConfigurations", - "type": "array" - } - }, - "required": [ - "RelationalFilterConfigurations" - ], - "type": "object" - }, - "AWS::DataZone::DataSource.RecommendationConfiguration": { - "additionalProperties": false, - "properties": { - "EnableBusinessNameGeneration": { - "markdownDescription": "Specifies whether automatic business name generation is to be enabled or not as part of the recommendation configuration.", - "title": "EnableBusinessNameGeneration", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::DataZone::DataSource.RedshiftClusterStorage": { - "additionalProperties": false, - "properties": { - "ClusterName": { - "markdownDescription": "The name of an Amazon Redshift cluster.", - "title": "ClusterName", - "type": "string" - } - }, - "required": [ - "ClusterName" - ], - "type": "object" - }, - "AWS::DataZone::DataSource.RedshiftCredentialConfiguration": { - "additionalProperties": false, - "properties": { - "SecretManagerArn": { - "markdownDescription": "The ARN of a secret manager for an Amazon Redshift cluster.", - "title": "SecretManagerArn", - "type": "string" - } - }, - "required": [ - "SecretManagerArn" - ], - "type": "object" - }, - "AWS::DataZone::DataSource.RedshiftRunConfigurationInput": { - "additionalProperties": false, - "properties": { - "DataAccessRole": { - "markdownDescription": "The data access role included in the configuration details of the Amazon Redshift data source.", - "title": "DataAccessRole", - "type": "string" - }, - "RedshiftCredentialConfiguration": { - "$ref": "#/definitions/AWS::DataZone::DataSource.RedshiftCredentialConfiguration", - "markdownDescription": "The details of the credentials required to access an Amazon Redshift cluster.", - "title": "RedshiftCredentialConfiguration" - }, - "RedshiftStorage": { - "$ref": "#/definitions/AWS::DataZone::DataSource.RedshiftStorage", - "markdownDescription": "The details of the Amazon Redshift storage as part of the configuration of an Amazon Redshift data source run.", - "title": "RedshiftStorage" - }, - "RelationalFilterConfigurations": { - "items": { - "$ref": "#/definitions/AWS::DataZone::DataSource.RelationalFilterConfiguration" - }, - "markdownDescription": "The relational filter configurations included in the configuration details of the AWS Glue data source.", - "title": "RelationalFilterConfigurations", - "type": "array" - } - }, - "required": [ - "RedshiftCredentialConfiguration", - "RedshiftStorage", - "RelationalFilterConfigurations" - ], - "type": "object" - }, - "AWS::DataZone::DataSource.RedshiftServerlessStorage": { - "additionalProperties": false, - "properties": { - "WorkgroupName": { - "markdownDescription": "The name of the Amazon Redshift Serverless workgroup.", - "title": "WorkgroupName", - "type": "string" - } - }, - "required": [ - "WorkgroupName" - ], - "type": "object" - }, - "AWS::DataZone::DataSource.RedshiftStorage": { - "additionalProperties": false, - "properties": { - "RedshiftClusterSource": { - "$ref": "#/definitions/AWS::DataZone::DataSource.RedshiftClusterStorage", - "markdownDescription": "The details of the Amazon Redshift cluster source.", - "title": "RedshiftClusterSource" - }, - "RedshiftServerlessSource": { - "$ref": "#/definitions/AWS::DataZone::DataSource.RedshiftServerlessStorage", - "markdownDescription": "The details of the Amazon Redshift Serverless workgroup source.", - "title": "RedshiftServerlessSource" - } - }, - "type": "object" - }, - "AWS::DataZone::DataSource.RelationalFilterConfiguration": { - "additionalProperties": false, - "properties": { - "DatabaseName": { - "markdownDescription": "The database name specified in the relational filter configuration for the data source.", - "title": "DatabaseName", - "type": "string" - }, - "FilterExpressions": { - "items": { - "$ref": "#/definitions/AWS::DataZone::DataSource.FilterExpression" - }, - "markdownDescription": "The filter expressions specified in the relational filter configuration for the data source.", - "title": "FilterExpressions", - "type": "array" - }, - "SchemaName": { - "markdownDescription": "The schema name specified in the relational filter configuration for the data source.", - "title": "SchemaName", - "type": "string" - } - }, - "required": [ - "DatabaseName" - ], - "type": "object" - }, - "AWS::DataZone::DataSource.ScheduleConfiguration": { - "additionalProperties": false, - "properties": { - "Schedule": { - "markdownDescription": "The schedule of the data source runs.", - "title": "Schedule", - "type": "string" - }, - "Timezone": { - "markdownDescription": "The timezone of the data source run.", - "title": "Timezone", - "type": "string" + "title": "Value", + "type": "object" } }, "type": "object" }, - "AWS::DataZone::Domain": { + "AWS::ControlTower::EnabledControl": { "additionalProperties": false, "properties": { "Condition": { @@ -63811,49 +69313,42 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the Amazon DataZone domain.", - "title": "Description", - "type": "string" - }, - "DomainExecutionRole": { - "markdownDescription": "The domain execution role that is created when an Amazon DataZone domain is created. The domain execution role is created in the AWS account that houses the Amazon DataZone domain.", - "title": "DomainExecutionRole", - "type": "string" - }, - "KmsKeyIdentifier": { - "markdownDescription": "The identifier of the AWS Key Management Service (KMS) key that is used to encrypt the Amazon DataZone domain, metadata, and reporting data.", - "title": "KmsKeyIdentifier", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the Amazon DataZone domain.", - "title": "Name", + "ControlIdentifier": { + "markdownDescription": "The ARN of the control. Only *Strongly recommended* and *Elective* controls are permitted, with the exception of the *Region deny* control. For information on how to find the `controlIdentifier` , see [the overview page](https://docs.aws.amazon.com//controltower/latest/APIReference/Welcome.html) .", + "title": "ControlIdentifier", "type": "string" }, - "SingleSignOn": { - "$ref": "#/definitions/AWS::DataZone::Domain.SingleSignOn", - "markdownDescription": "The single sign-on details in Amazon DataZone.", - "title": "SingleSignOn" + "Parameters": { + "items": { + "$ref": "#/definitions/AWS::ControlTower::EnabledControl.EnabledControlParameter" + }, + "markdownDescription": "Array of `EnabledControlParameter` objects.", + "title": "Parameters", + "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags specified for the Amazon DataZone domain.", + "markdownDescription": "", "title": "Tags", "type": "array" + }, + "TargetIdentifier": { + "markdownDescription": "The ARN of the organizational unit. For information on how to find the `targetIdentifier` , see [the overview page](https://docs.aws.amazon.com//controltower/latest/APIReference/Welcome.html) .", + "title": "TargetIdentifier", + "type": "string" } }, "required": [ - "DomainExecutionRole", - "Name" + "ControlIdentifier", + "TargetIdentifier" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataZone::Domain" + "AWS::ControlTower::EnabledControl" ], "type": "string" }, @@ -63872,23 +69367,27 @@ ], "type": "object" }, - "AWS::DataZone::Domain.SingleSignOn": { + "AWS::ControlTower::EnabledControl.EnabledControlParameter": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The type of single sign-on in Amazon DataZone.", - "title": "Type", + "Key": { + "markdownDescription": "The key of a key/value pair. It is of type `string` .", + "title": "Key", "type": "string" }, - "UserAssignment": { - "markdownDescription": "The single sign-on user assignment in Amazon DataZone.", - "title": "UserAssignment", - "type": "string" + "Value": { + "markdownDescription": "The value of a key/value pair. It can be of type `array` , `string` , `number` , `object` , or `boolean` . [Note: The *Type* field that follows may show a single type such as Number, which is only one possible type.]", + "title": "Value", + "type": "object" } }, + "required": [ + "Key", + "Value" + ], "type": "object" }, - "AWS::DataZone::Environment": { + "AWS::ControlTower::LandingZone": { "additionalProperties": false, "properties": { "Condition": { @@ -63923,59 +69422,34 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the environment.", - "title": "Description", - "type": "string" - }, - "DomainIdentifier": { - "markdownDescription": "The identifier of the Amazon DataZone domain in which the environment is created.", - "title": "DomainIdentifier", - "type": "string" - }, - "EnvironmentProfileIdentifier": { - "markdownDescription": "The identifier of the environment profile that is used to create this Amazon DataZone environment.", - "title": "EnvironmentProfileIdentifier", - "type": "string" + "Manifest": { + "markdownDescription": "The landing zone manifest JSON text file that specifies the landing zone configurations.", + "title": "Manifest", + "type": "object" }, - "GlossaryTerms": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The glossary terms that can be used in this Amazon DataZone environment.", - "title": "GlossaryTerms", + "markdownDescription": "Tags to be applied to the landing zone.", + "title": "Tags", "type": "array" }, - "Name": { - "markdownDescription": "The name of the Amazon DataZone environment.", - "title": "Name", - "type": "string" - }, - "ProjectIdentifier": { - "markdownDescription": "The identifier of the Amazon DataZone project in which this environment is created.", - "title": "ProjectIdentifier", + "Version": { + "markdownDescription": "The landing zone's current deployed version.", + "title": "Version", "type": "string" - }, - "UserParameters": { - "items": { - "$ref": "#/definitions/AWS::DataZone::Environment.EnvironmentParameter" - }, - "markdownDescription": "The user parameters of this Amazon DataZone environment.", - "title": "UserParameters", - "type": "array" } }, "required": [ - "DomainIdentifier", - "EnvironmentProfileIdentifier", - "Name", - "ProjectIdentifier" + "Manifest", + "Version" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataZone::Environment" + "AWS::ControlTower::LandingZone" ], "type": "string" }, @@ -63994,23 +69468,7 @@ ], "type": "object" }, - "AWS::DataZone::Environment.EnvironmentParameter": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the environment parameter.", - "title": "Name", - "type": "string" - }, - "Value": { - "markdownDescription": "The value of the environment parameter.", - "title": "Value", - "type": "string" - } - }, - "type": "object" - }, - "AWS::DataZone::EnvironmentBlueprintConfiguration": { + "AWS::CustomerProfiles::CalculatedAttributeDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -64045,53 +69503,66 @@ "Properties": { "additionalProperties": false, "properties": { - "DomainIdentifier": { - "markdownDescription": "The identifier of the Amazon DataZone domain in which an environment blueprint exists.", - "title": "DomainIdentifier", + "AttributeDetails": { + "$ref": "#/definitions/AWS::CustomerProfiles::CalculatedAttributeDefinition.AttributeDetails", + "markdownDescription": "Mathematical expression and a list of attribute items specified in that expression.", + "title": "AttributeDetails" + }, + "CalculatedAttributeName": { + "markdownDescription": "The name of an attribute defined in a profile object type.", + "title": "CalculatedAttributeName", "type": "string" }, - "EnabledRegions": { - "items": { - "type": "string" - }, - "markdownDescription": "The enabled AWS Regions specified in a blueprint configuration.", - "title": "EnabledRegions", - "type": "array" + "Conditions": { + "$ref": "#/definitions/AWS::CustomerProfiles::CalculatedAttributeDefinition.Conditions", + "markdownDescription": "The conditions including range, object count, and threshold for the calculated attribute.", + "title": "Conditions" }, - "EnvironmentBlueprintIdentifier": { - "markdownDescription": "The identifier of the environment blueprint.\n\nIn the current release, only the following values are supported: `DefaultDataLake` and `DefaultDataWarehouse` .", - "title": "EnvironmentBlueprintIdentifier", + "Description": { + "markdownDescription": "The description of the calculated attribute.", + "title": "Description", "type": "string" }, - "ManageAccessRoleArn": { - "markdownDescription": "The ARN of the manage access role.", - "title": "ManageAccessRoleArn", + "DisplayName": { + "markdownDescription": "The display name of the calculated attribute.", + "title": "DisplayName", "type": "string" }, - "ProvisioningRoleArn": { - "markdownDescription": "The ARN of the provisioning role.", - "title": "ProvisioningRoleArn", + "DomainName": { + "markdownDescription": "The unique name of the domain.", + "title": "DomainName", "type": "string" }, - "RegionalParameters": { + "Statistic": { + "markdownDescription": "The aggregation operation to perform for the calculated attribute.", + "title": "Statistic", + "type": "string" + }, + "Tags": { "items": { - "$ref": "#/definitions/AWS::DataZone::EnvironmentBlueprintConfiguration.RegionalParameter" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The regional parameters of the environment blueprint.", - "title": "RegionalParameters", + "markdownDescription": "An array of key-value pairs to apply to this resource.", + "title": "Tags", "type": "array" + }, + "UseHistoricalData": { + "markdownDescription": "Whether historical data ingested before the Calculated Attribute was created should be included in calculations.", + "title": "UseHistoricalData", + "type": "boolean" } }, "required": [ - "DomainIdentifier", - "EnabledRegions", - "EnvironmentBlueprintIdentifier" + "AttributeDetails", + "CalculatedAttributeName", + "DomainName", + "Statistic" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataZone::EnvironmentBlueprintConfiguration" + "AWS::CustomerProfiles::CalculatedAttributeDefinition" ], "type": "string" }, @@ -64110,29 +69581,155 @@ ], "type": "object" }, - "AWS::DataZone::EnvironmentBlueprintConfiguration.RegionalParameter": { + "AWS::CustomerProfiles::CalculatedAttributeDefinition.AttributeDetails": { "additionalProperties": false, "properties": { - "Parameters": { - "additionalProperties": true, - "markdownDescription": "A string to string map containing parameters for the region.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "Attributes": { + "items": { + "$ref": "#/definitions/AWS::CustomerProfiles::CalculatedAttributeDefinition.AttributeItem" }, - "title": "Parameters", - "type": "object" + "markdownDescription": "Mathematical expression and a list of attribute items specified in that expression.", + "title": "Attributes", + "type": "array" }, - "Region": { - "markdownDescription": "The region specified in the environment parameter.", - "title": "Region", + "Expression": { + "markdownDescription": "Mathematical expression that is performed on attribute items provided in the attribute list. Each element in the expression should follow the structure of \\\"{ObjectTypeName.AttributeName}\\\".", + "title": "Expression", "type": "string" } }, + "required": [ + "Attributes", + "Expression" + ], "type": "object" }, - "AWS::DataZone::EnvironmentProfile": { + "AWS::CustomerProfiles::CalculatedAttributeDefinition.AttributeItem": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The unique name of the calculated attribute.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::CustomerProfiles::CalculatedAttributeDefinition.Conditions": { + "additionalProperties": false, + "properties": { + "ObjectCount": { + "markdownDescription": "The number of profile objects used for the calculated attribute.", + "title": "ObjectCount", + "type": "number" + }, + "Range": { + "$ref": "#/definitions/AWS::CustomerProfiles::CalculatedAttributeDefinition.Range", + "markdownDescription": "The relative time period over which data is included in the aggregation.", + "title": "Range" + }, + "Threshold": { + "$ref": "#/definitions/AWS::CustomerProfiles::CalculatedAttributeDefinition.Threshold", + "markdownDescription": "The threshold for the calculated attribute.", + "title": "Threshold" + } + }, + "type": "object" + }, + "AWS::CustomerProfiles::CalculatedAttributeDefinition.Range": { + "additionalProperties": false, + "properties": { + "TimestampFormat": { + "markdownDescription": "The format the timestamp field in your JSON object is specified. This value should be one of EPOCHMILLI (for Unix epoch timestamps with second/millisecond level precision) or ISO_8601 (following ISO_8601 format with second/millisecond level precision, with an optional offset of Z or in the format HH:MM or HHMM.). E.g. if your object type is MyType and source JSON is {\"generatedAt\": {\"timestamp\": \"2001-07-04T12:08:56.235-0700\"}}, then TimestampFormat should be \"ISO_8601\"", + "title": "TimestampFormat", + "type": "string" + }, + "TimestampSource": { + "markdownDescription": "An expression specifying the field in your JSON object from which the date should be parsed. The expression should follow the structure of \\\"{ObjectTypeName.}\\\". E.g. if your object type is MyType and source JSON is {\"generatedAt\": {\"timestamp\": \"1737587945945\"}}, then TimestampSource should be \"{MyType.generatedAt.timestamp}\"", + "title": "TimestampSource", + "type": "string" + }, + "Unit": { + "markdownDescription": "The unit of time.", + "title": "Unit", + "type": "string" + }, + "Value": { + "markdownDescription": "The amount of time of the specified unit.", + "title": "Value", + "type": "number" + }, + "ValueRange": { + "$ref": "#/definitions/AWS::CustomerProfiles::CalculatedAttributeDefinition.ValueRange", + "markdownDescription": "A structure letting customers specify a relative time window over which over which data is included in the Calculated Attribute. Use positive numbers to indicate that the endpoint is in the past, and negative numbers to indicate it is in the future. ValueRange overrides Value.", + "title": "ValueRange" + } + }, + "required": [ + "Unit" + ], + "type": "object" + }, + "AWS::CustomerProfiles::CalculatedAttributeDefinition.Readiness": { + "additionalProperties": false, + "properties": { + "Message": { + "markdownDescription": "Any customer messaging.", + "title": "Message", + "type": "string" + }, + "ProgressPercentage": { + "markdownDescription": "Approximately how far the Calculated Attribute creation is from completion.", + "title": "ProgressPercentage", + "type": "number" + } + }, + "type": "object" + }, + "AWS::CustomerProfiles::CalculatedAttributeDefinition.Threshold": { + "additionalProperties": false, + "properties": { + "Operator": { + "markdownDescription": "The operator of the threshold.", + "title": "Operator", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the threshold.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Operator", + "Value" + ], + "type": "object" + }, + "AWS::CustomerProfiles::CalculatedAttributeDefinition.ValueRange": { + "additionalProperties": false, + "properties": { + "End": { + "markdownDescription": "The ending point for this overridden range. Positive numbers indicate how many days in the past data should be included, and negative numbers indicate how many days in the future.", + "title": "End", + "type": "number" + }, + "Start": { + "markdownDescription": "The starting point for this overridden range. Positive numbers indicate how many days in the past data should be included, and negative numbers indicate how many days in the future.", + "title": "Start", + "type": "number" + } + }, + "required": [ + "End", + "Start" + ], + "type": "object" + }, + "AWS::CustomerProfiles::Domain": { "additionalProperties": false, "properties": { "Condition": { @@ -64167,63 +69764,54 @@ "Properties": { "additionalProperties": false, "properties": { - "AwsAccountId": { - "markdownDescription": "The identifier of an AWS account in which an environment profile exists.", - "title": "AwsAccountId", - "type": "string" - }, - "AwsAccountRegion": { - "markdownDescription": "The AWS Region in which an environment profile exists.", - "title": "AwsAccountRegion", + "DeadLetterQueueUrl": { + "markdownDescription": "The URL of the SQS dead letter queue, which is used for reporting errors associated with ingesting data from third party applications. You must set up a policy on the `DeadLetterQueue` for the `SendMessage` operation to enable Amazon Connect Customer Profiles to send messages to the `DeadLetterQueue` .", + "title": "DeadLetterQueueUrl", "type": "string" }, - "Description": { - "markdownDescription": "The description of the environment profile.", - "title": "Description", + "DefaultEncryptionKey": { + "markdownDescription": "The default encryption key, which is an AWS managed key, is used when no specific type of encryption key is specified. It is used to encrypt all data before it is placed in permanent or semi-permanent storage.", + "title": "DefaultEncryptionKey", "type": "string" }, - "DomainIdentifier": { - "markdownDescription": "The identifier of the Amazon DataZone domain in which the environment profile exists.", - "title": "DomainIdentifier", - "type": "string" + "DefaultExpirationDays": { + "markdownDescription": "The default number of days until the data within the domain expires.", + "title": "DefaultExpirationDays", + "type": "number" }, - "EnvironmentBlueprintIdentifier": { - "markdownDescription": "The identifier of a blueprint with which an environment profile is created.", - "title": "EnvironmentBlueprintIdentifier", + "DomainName": { + "markdownDescription": "The unique name of the domain.", + "title": "DomainName", "type": "string" }, - "Name": { - "markdownDescription": "The name of the environment profile.", - "title": "Name", - "type": "string" + "Matching": { + "$ref": "#/definitions/AWS::CustomerProfiles::Domain.Matching", + "markdownDescription": "The process of matching duplicate profiles.", + "title": "Matching" }, - "ProjectIdentifier": { - "markdownDescription": "The identifier of a project in which an environment profile exists.", - "title": "ProjectIdentifier", - "type": "string" + "RuleBasedMatching": { + "$ref": "#/definitions/AWS::CustomerProfiles::Domain.RuleBasedMatching", + "markdownDescription": "The process of matching duplicate profiles using Rule-Based matching.", + "title": "RuleBasedMatching" }, - "UserParameters": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::DataZone::EnvironmentProfile.EnvironmentParameter" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The user parameters of this Amazon DataZone environment profile.", - "title": "UserParameters", + "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "title": "Tags", "type": "array" } }, "required": [ - "AwsAccountId", - "AwsAccountRegion", - "DomainIdentifier", - "EnvironmentBlueprintIdentifier", - "Name", - "ProjectIdentifier" + "DefaultExpirationDays", + "DomainName" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataZone::EnvironmentProfile" + "AWS::CustomerProfiles::Domain" ], "type": "string" }, @@ -64242,23 +69830,281 @@ ], "type": "object" }, - "AWS::DataZone::EnvironmentProfile.EnvironmentParameter": { + "AWS::CustomerProfiles::Domain.AttributeTypesSelector": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name specified in the environment parameter.", - "title": "Name", + "Address": { + "items": { + "type": "string" + }, + "markdownDescription": "The `Address` type. You can choose from `Address` , `BusinessAddress` , `MaillingAddress` , and `ShippingAddress` . You only can use the `Address` type in the `MatchingRule` . For example, if you want to match a profile based on `BusinessAddress.City` or `MaillingAddress.City` , you can choose the `BusinessAddress` and the `MaillingAddress` to represent the `Address` type and specify the `Address.City` on the matching rule.", + "title": "Address", + "type": "array" + }, + "AttributeMatchingModel": { + "markdownDescription": "Configures the `AttributeMatchingModel` , you can either choose `ONE_TO_ONE` or `MANY_TO_MANY` .", + "title": "AttributeMatchingModel", "type": "string" }, - "Value": { - "markdownDescription": "The value of the environment profile.", - "title": "Value", + "EmailAddress": { + "items": { + "type": "string" + }, + "markdownDescription": "The Email type. You can choose from `EmailAddress` , `BusinessEmailAddress` and `PersonalEmailAddress` . You only can use the `EmailAddress` type in the `MatchingRule` . For example, if you want to match profile based on `PersonalEmailAddress` or `BusinessEmailAddress` , you can choose the `PersonalEmailAddress` and the `BusinessEmailAddress` to represent the `EmailAddress` type and only specify the `EmailAddress` on the matching rule.", + "title": "EmailAddress", + "type": "array" + }, + "PhoneNumber": { + "items": { + "type": "string" + }, + "markdownDescription": "The `PhoneNumber` type. You can choose from `PhoneNumber` , `HomePhoneNumber` , and `MobilePhoneNumber` . You only can use the `PhoneNumber` type in the `MatchingRule` . For example, if you want to match a profile based on `Phone` or `HomePhone` , you can choose the `Phone` and the `HomePhone` to represent the `PhoneNumber` type and only specify the `PhoneNumber` on the matching rule.", + "title": "PhoneNumber", + "type": "array" + } + }, + "required": [ + "AttributeMatchingModel" + ], + "type": "object" + }, + "AWS::CustomerProfiles::Domain.AutoMerging": { + "additionalProperties": false, + "properties": { + "ConflictResolution": { + "$ref": "#/definitions/AWS::CustomerProfiles::Domain.ConflictResolution", + "markdownDescription": "Determines how the auto-merging process should resolve conflicts between different profiles. For example, if Profile A and Profile B have the same `FirstName` and `LastName` , `ConflictResolution` specifies which `EmailAddress` should be used.", + "title": "ConflictResolution" + }, + "Consolidation": { + "$ref": "#/definitions/AWS::CustomerProfiles::Domain.Consolidation", + "markdownDescription": "A list of matching attributes that represent matching criteria. If two profiles meet at least one of the requirements in the matching attributes list, they will be merged.", + "title": "Consolidation" + }, + "Enabled": { + "markdownDescription": "The flag that enables the auto-merging of duplicate profiles.", + "title": "Enabled", + "type": "boolean" + }, + "MinAllowedConfidenceScoreForMerging": { + "markdownDescription": "A number between 0 and 1 that represents the minimum confidence score required for profiles within a matching group to be merged during the auto-merge process. A higher score means that a higher similarity is required to merge profiles.", + "title": "MinAllowedConfidenceScoreForMerging", + "type": "number" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::CustomerProfiles::Domain.ConflictResolution": { + "additionalProperties": false, + "properties": { + "ConflictResolvingModel": { + "markdownDescription": "How the auto-merging process should resolve conflicts between different profiles.", + "title": "ConflictResolvingModel", + "type": "string" + }, + "SourceName": { + "markdownDescription": "The `ObjectType` name that is used to resolve profile merging conflicts when choosing `SOURCE` as the `ConflictResolvingModel` .", + "title": "SourceName", "type": "string" } }, + "required": [ + "ConflictResolvingModel" + ], "type": "object" }, - "AWS::DataZone::Project": { + "AWS::CustomerProfiles::Domain.Consolidation": { + "additionalProperties": false, + "properties": { + "MatchingAttributesList": { + "markdownDescription": "A list of matching criteria.", + "title": "MatchingAttributesList", + "type": "object" + } + }, + "required": [ + "MatchingAttributesList" + ], + "type": "object" + }, + "AWS::CustomerProfiles::Domain.DomainStats": { + "additionalProperties": false, + "properties": { + "MeteringProfileCount": { + "markdownDescription": "The number of profiles that you are currently paying for in the domain. If you have more than 100 objects associated with a single profile, that profile counts as two profiles. If you have more than 200 objects, that profile counts as three, and so on.", + "title": "MeteringProfileCount", + "type": "number" + }, + "ObjectCount": { + "markdownDescription": "The total number of objects in domain.", + "title": "ObjectCount", + "type": "number" + }, + "ProfileCount": { + "markdownDescription": "The total number of profiles currently in the domain.", + "title": "ProfileCount", + "type": "number" + }, + "TotalSize": { + "markdownDescription": "The total size, in bytes, of all objects in the domain.", + "title": "TotalSize", + "type": "number" + } + }, + "type": "object" + }, + "AWS::CustomerProfiles::Domain.ExportingConfig": { + "additionalProperties": false, + "properties": { + "S3Exporting": { + "$ref": "#/definitions/AWS::CustomerProfiles::Domain.S3ExportingConfig", + "markdownDescription": "", + "title": "S3Exporting" + } + }, + "type": "object" + }, + "AWS::CustomerProfiles::Domain.JobSchedule": { + "additionalProperties": false, + "properties": { + "DayOfTheWeek": { + "markdownDescription": "The day when the Identity Resolution Job should run every week.", + "title": "DayOfTheWeek", + "type": "string" + }, + "Time": { + "markdownDescription": "The time when the Identity Resolution Job should run every week.", + "title": "Time", + "type": "string" + } + }, + "required": [ + "DayOfTheWeek", + "Time" + ], + "type": "object" + }, + "AWS::CustomerProfiles::Domain.Matching": { + "additionalProperties": false, + "properties": { + "AutoMerging": { + "$ref": "#/definitions/AWS::CustomerProfiles::Domain.AutoMerging", + "markdownDescription": "Configuration information about the auto-merging process.", + "title": "AutoMerging" + }, + "Enabled": { + "markdownDescription": "The flag that enables the matching process of duplicate profiles.", + "title": "Enabled", + "type": "boolean" + }, + "ExportingConfig": { + "$ref": "#/definitions/AWS::CustomerProfiles::Domain.ExportingConfig", + "markdownDescription": "The S3 location where Identity Resolution Jobs write result files.", + "title": "ExportingConfig" + }, + "JobSchedule": { + "$ref": "#/definitions/AWS::CustomerProfiles::Domain.JobSchedule", + "markdownDescription": "The day and time when do you want to start the Identity Resolution Job every week.", + "title": "JobSchedule" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::CustomerProfiles::Domain.MatchingRule": { + "additionalProperties": false, + "properties": { + "Rule": { + "items": { + "type": "string" + }, + "markdownDescription": "A single rule level of the `MatchRules` . Configures how the rule-based matching process should match profiles.", + "title": "Rule", + "type": "array" + } + }, + "required": [ + "Rule" + ], + "type": "object" + }, + "AWS::CustomerProfiles::Domain.RuleBasedMatching": { + "additionalProperties": false, + "properties": { + "AttributeTypesSelector": { + "$ref": "#/definitions/AWS::CustomerProfiles::Domain.AttributeTypesSelector", + "markdownDescription": "Configures information about the `AttributeTypesSelector` where the rule-based identity resolution uses to match profiles.", + "title": "AttributeTypesSelector" + }, + "ConflictResolution": { + "$ref": "#/definitions/AWS::CustomerProfiles::Domain.ConflictResolution", + "markdownDescription": "Determines how the auto-merging process should resolve conflicts between different profiles. For example, if Profile A and Profile B have the same `FirstName` and `LastName` , `ConflictResolution` specifies which `EmailAddress` should be used.", + "title": "ConflictResolution" + }, + "Enabled": { + "markdownDescription": "The flag that enables the matching process of duplicate profiles.", + "title": "Enabled", + "type": "boolean" + }, + "ExportingConfig": { + "$ref": "#/definitions/AWS::CustomerProfiles::Domain.ExportingConfig", + "markdownDescription": "The S3 location where Identity Resolution Jobs write result files.", + "title": "ExportingConfig" + }, + "MatchingRules": { + "items": { + "$ref": "#/definitions/AWS::CustomerProfiles::Domain.MatchingRule" + }, + "markdownDescription": "Configures how the rule-based matching process should match profiles. You can have up to 15 `MatchingRule` in the `MatchingRules` .", + "title": "MatchingRules", + "type": "array" + }, + "MaxAllowedRuleLevelForMatching": { + "markdownDescription": "Indicates the maximum allowed rule level for matching.", + "title": "MaxAllowedRuleLevelForMatching", + "type": "number" + }, + "MaxAllowedRuleLevelForMerging": { + "markdownDescription": "Indicates the maximum allowed rule level for merging.", + "title": "MaxAllowedRuleLevelForMerging", + "type": "number" + }, + "Status": { + "markdownDescription": "The status of rule-based matching rule.", + "title": "Status", + "type": "string" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::CustomerProfiles::Domain.S3ExportingConfig": { + "additionalProperties": false, + "properties": { + "S3BucketName": { + "markdownDescription": "The name of the S3 bucket where Identity Resolution Jobs write result files.", + "title": "S3BucketName", + "type": "string" + }, + "S3KeyName": { + "markdownDescription": "The S3 key name of the location where Identity Resolution Jobs write result files.", + "title": "S3KeyName", + "type": "string" + } + }, + "required": [ + "S3BucketName" + ], + "type": "object" + }, + "AWS::CustomerProfiles::EventStream": { "additionalProperties": false, "properties": { "Condition": { @@ -64293,39 +70139,40 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of a project.", - "title": "Description", + "DomainName": { + "markdownDescription": "The unique name of the domain.", + "title": "DomainName", "type": "string" }, - "DomainIdentifier": { - "markdownDescription": "The identifier of a Amazon DataZone domain where the project exists.", - "title": "DomainIdentifier", + "EventStreamName": { + "markdownDescription": "The name of the event stream.", + "title": "EventStreamName", "type": "string" }, - "GlossaryTerms": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The glossary terms that can be used in this Amazon DataZone project.", - "title": "GlossaryTerms", + "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "title": "Tags", "type": "array" }, - "Name": { - "markdownDescription": "The name of a project.", - "title": "Name", + "Uri": { + "markdownDescription": "The StreamARN of the destination to deliver profile events to. For example, arn:aws:kinesis:region:account-id:stream/stream-name.", + "title": "Uri", "type": "string" } }, "required": [ - "DomainIdentifier", - "Name" + "DomainName", + "EventStreamName", + "Uri" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataZone::Project" + "AWS::CustomerProfiles::EventStream" ], "type": "string" }, @@ -64344,7 +70191,27 @@ ], "type": "object" }, - "AWS::DataZone::SubscriptionTarget": { + "AWS::CustomerProfiles::EventStream.DestinationDetails": { + "additionalProperties": false, + "properties": { + "Status": { + "markdownDescription": "The status of enabling the Kinesis stream as a destination for export.", + "title": "Status", + "type": "string" + }, + "Uri": { + "markdownDescription": "The StreamARN of the destination to deliver profile events to. For example, arn:aws:kinesis:region:account-id:stream/stream-name.", + "title": "Uri", + "type": "string" + } + }, + "required": [ + "Status", + "Uri" + ], + "type": "object" + }, + "AWS::CustomerProfiles::EventTrigger": { "additionalProperties": false, "properties": { "Condition": { @@ -64379,76 +70246,64 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicableAssetTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The asset types included in the subscription target.", - "title": "ApplicableAssetTypes", - "type": "array" + "Description": { + "markdownDescription": "The description of the event trigger.", + "title": "Description", + "type": "string" }, - "AuthorizedPrincipals": { + "DomainName": { + "markdownDescription": "The unique name of the domain.", + "title": "DomainName", + "type": "string" + }, + "EventTriggerConditions": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::CustomerProfiles::EventTrigger.EventTriggerCondition" }, - "markdownDescription": "The authorized principals included in the subscription target.", - "title": "AuthorizedPrincipals", + "markdownDescription": "A list of conditions that determine when an event should trigger the destination.", + "title": "EventTriggerConditions", "type": "array" }, - "DomainIdentifier": { - "markdownDescription": "The ID of the Amazon DataZone domain in which subscription target is created.", - "title": "DomainIdentifier", - "type": "string" - }, - "EnvironmentIdentifier": { - "markdownDescription": "The ID of the environment in which subscription target is created.", - "title": "EnvironmentIdentifier", - "type": "string" + "EventTriggerLimits": { + "$ref": "#/definitions/AWS::CustomerProfiles::EventTrigger.EventTriggerLimits", + "markdownDescription": "Defines limits controlling whether an event triggers the destination, based on ingestion latency and the number of invocations per profile over specific time periods.", + "title": "EventTriggerLimits" }, - "ManageAccessRole": { - "markdownDescription": "The manage access role that is used to create the subscription target.", - "title": "ManageAccessRole", + "EventTriggerName": { + "markdownDescription": "The unique name of the event trigger.", + "title": "EventTriggerName", "type": "string" }, - "Name": { - "markdownDescription": "The name of the subscription target.", - "title": "Name", + "ObjectTypeName": { + "markdownDescription": "The unique name of the object type.", + "title": "ObjectTypeName", "type": "string" }, - "Provider": { - "markdownDescription": "The provider of the subscription target.", - "title": "Provider", + "SegmentFilter": { + "markdownDescription": "The destination is triggered only for profiles that meet the criteria of a segment definition.", + "title": "SegmentFilter", "type": "string" }, - "SubscriptionTargetConfig": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::DataZone::SubscriptionTarget.SubscriptionTargetForm" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The configuration of the subscription target.", - "title": "SubscriptionTargetConfig", + "markdownDescription": "An array of key-value pairs to apply to this resource.", + "title": "Tags", "type": "array" - }, - "Type": { - "markdownDescription": "The type of the subscription target.", - "title": "Type", - "type": "string" } }, "required": [ - "ApplicableAssetTypes", - "AuthorizedPrincipals", - "DomainIdentifier", - "EnvironmentIdentifier", - "ManageAccessRole", - "Name", - "SubscriptionTargetConfig", - "Type" + "DomainName", + "EventTriggerConditions", + "EventTriggerName", + "ObjectTypeName" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataZone::SubscriptionTarget" + "AWS::CustomerProfiles::EventTrigger" ], "type": "string" }, @@ -64467,104 +70322,129 @@ ], "type": "object" }, - "AWS::DataZone::SubscriptionTarget.SubscriptionTargetForm": { + "AWS::CustomerProfiles::EventTrigger.EventTriggerCondition": { "additionalProperties": false, "properties": { - "Content": { - "markdownDescription": "The content of the subscription target configuration.", - "title": "Content", - "type": "string" + "EventTriggerDimensions": { + "items": { + "$ref": "#/definitions/AWS::CustomerProfiles::EventTrigger.EventTriggerDimension" + }, + "markdownDescription": "A list of dimensions to be evaluated for the event.", + "title": "EventTriggerDimensions", + "type": "array" }, - "FormName": { - "markdownDescription": "The form name included in the subscription target configuration.", - "title": "FormName", + "LogicalOperator": { + "markdownDescription": "The operator used to combine multiple dimensions.", + "title": "LogicalOperator", "type": "string" } }, "required": [ - "Content", - "FormName" + "EventTriggerDimensions", + "LogicalOperator" ], "type": "object" }, - "AWS::Deadline::Farm": { + "AWS::CustomerProfiles::EventTrigger.EventTriggerDimension": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "ObjectAttributes": { + "items": { + "$ref": "#/definitions/AWS::CustomerProfiles::EventTrigger.ObjectAttribute" + }, + "markdownDescription": "A list of object attributes to be evaluated.", + "title": "ObjectAttributes", + "type": "array" + } + }, + "required": [ + "ObjectAttributes" + ], + "type": "object" + }, + "AWS::CustomerProfiles::EventTrigger.EventTriggerLimits": { + "additionalProperties": false, + "properties": { + "EventExpiration": { + "markdownDescription": "Specifies that an event will only trigger the destination if it is processed within a certain latency period.", + "title": "EventExpiration", + "type": "number" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Periods": { + "items": { + "$ref": "#/definitions/AWS::CustomerProfiles::EventTrigger.Period" + }, + "markdownDescription": "A list of time periods during which the limits apply.", + "title": "Periods", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CustomerProfiles::EventTrigger.ObjectAttribute": { + "additionalProperties": false, + "properties": { + "ComparisonOperator": { + "markdownDescription": "The operator used to compare an attribute against a list of values.", + "title": "ComparisonOperator", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "FieldName": { + "markdownDescription": "A field defined within an object type.", + "title": "FieldName", + "type": "string" }, - "Metadata": { - "type": "object" + "Source": { + "markdownDescription": "An attribute contained within a source object.", + "title": "Source", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description of the farm that helps identify what the farm is used for.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", - "title": "Description", - "type": "string" - }, - "DisplayName": { - "markdownDescription": "The display name of the farm.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", - "title": "DisplayName", - "type": "string" - }, - "KmsKeyArn": { - "markdownDescription": "The ARN for the KMS key.", - "title": "KmsKeyArn", - "type": "string" - } + "Values": { + "items": { + "type": "string" }, - "required": [ - "DisplayName" - ], - "type": "object" + "markdownDescription": "The amount of time of the specified unit.", + "title": "Values", + "type": "array" + } + }, + "required": [ + "ComparisonOperator", + "Values" + ], + "type": "object" + }, + "AWS::CustomerProfiles::EventTrigger.Period": { + "additionalProperties": false, + "properties": { + "MaxInvocationsPerProfile": { + "markdownDescription": "The maximum allowed number of destination invocations per profile.", + "title": "MaxInvocationsPerProfile", + "type": "number" }, - "Type": { - "enum": [ - "AWS::Deadline::Farm" - ], + "Unit": { + "markdownDescription": "The unit of time.", + "title": "Unit", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Unlimited": { + "markdownDescription": "If set to true, there is no limit on the number of destination invocations per profile. The default is false.", + "title": "Unlimited", + "type": "boolean" + }, + "Value": { + "markdownDescription": "The amount of time of the specified unit.", + "title": "Value", + "type": "number" } }, "required": [ - "Type", - "Properties" + "Unit", + "Value" ], "type": "object" }, - "AWS::Deadline::Fleet": { + "AWS::CustomerProfiles::Integration": { "additionalProperties": false, "properties": { "Condition": { @@ -64599,53 +70479,59 @@ "Properties": { "additionalProperties": false, "properties": { - "Configuration": { - "$ref": "#/definitions/AWS::Deadline::Fleet.FleetConfiguration", - "markdownDescription": "The configuration details for the fleet.", - "title": "Configuration" - }, - "Description": { - "markdownDescription": "A description that helps identify what the fleet is used for.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", - "title": "Description", + "DomainName": { + "markdownDescription": "The unique name of the domain.", + "title": "DomainName", "type": "string" }, - "DisplayName": { - "markdownDescription": "The display name of the fleet summary to update.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", - "title": "DisplayName", - "type": "string" + "EventTriggerNames": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of unique names for active event triggers associated with the integration.", + "title": "EventTriggerNames", + "type": "array" }, - "FarmId": { - "markdownDescription": "The farm ID.", - "title": "FarmId", + "FlowDefinition": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.FlowDefinition", + "markdownDescription": "The configuration that controls how Customer Profiles retrieves data from the source.", + "title": "FlowDefinition" + }, + "ObjectTypeName": { + "markdownDescription": "The name of the profile object type mapping to use.", + "title": "ObjectTypeName", "type": "string" }, - "MaxWorkerCount": { - "markdownDescription": "The maximum number of workers specified in the fleet.", - "title": "MaxWorkerCount", - "type": "number" + "ObjectTypeNames": { + "items": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.ObjectTypeMapping" + }, + "markdownDescription": "The object type mapping.", + "title": "ObjectTypeNames", + "type": "array" }, - "MinWorkerCount": { - "markdownDescription": "The minimum number of workers in the fleet.", - "title": "MinWorkerCount", - "type": "number" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "title": "Tags", + "type": "array" }, - "RoleArn": { - "markdownDescription": "The IAM role that workers in the fleet use when processing jobs.", - "title": "RoleArn", + "Uri": { + "markdownDescription": "The URI of the S3 bucket or any other type of data source.", + "title": "Uri", "type": "string" } }, "required": [ - "Configuration", - "DisplayName", - "MaxWorkerCount", - "RoleArn" + "DomainName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Deadline::Fleet" + "AWS::CustomerProfiles::Integration" ], "type": "string" }, @@ -64664,384 +70550,396 @@ ], "type": "object" }, - "AWS::Deadline::Fleet.AcceleratorCountRange": { + "AWS::CustomerProfiles::Integration.ConnectorOperator": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum number of GPU accelerators in the worker host.", - "title": "Max", - "type": "number" + "Marketo": { + "markdownDescription": "The operation to be performed on the provided Marketo source fields.", + "title": "Marketo", + "type": "string" }, - "Min": { - "markdownDescription": "The minimum number of GPU accelerators in the worker host.", - "title": "Min", - "type": "number" - } - }, - "required": [ - "Min" - ], - "type": "object" - }, - "AWS::Deadline::Fleet.AcceleratorTotalMemoryMiBRange": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum amount of memory to use for the accelerator, measured in MiB.", - "title": "Max", - "type": "number" + "S3": { + "markdownDescription": "The operation to be performed on the provided Amazon S3 source fields.", + "title": "S3", + "type": "string" }, - "Min": { - "markdownDescription": "The minimum amount of memory to use for the accelerator, measured in MiB.", - "title": "Min", - "type": "number" - } - }, - "required": [ - "Min" - ], - "type": "object" - }, - "AWS::Deadline::Fleet.CustomerManagedFleetConfiguration": { - "additionalProperties": false, - "properties": { - "Mode": { - "markdownDescription": "The AWS Auto Scaling mode for the customer managed fleet configuration.", - "title": "Mode", + "Salesforce": { + "markdownDescription": "The operation to be performed on the provided Salesforce source fields.", + "title": "Salesforce", "type": "string" }, - "StorageProfileId": { - "markdownDescription": "The storage profile ID.", - "title": "StorageProfileId", + "ServiceNow": { + "markdownDescription": "The operation to be performed on the provided ServiceNow source fields.", + "title": "ServiceNow", "type": "string" }, - "WorkerCapabilities": { - "$ref": "#/definitions/AWS::Deadline::Fleet.CustomerManagedWorkerCapabilities", - "markdownDescription": "The worker capabilities for a customer managed fleet configuration.", - "title": "WorkerCapabilities" + "Zendesk": { + "markdownDescription": "The operation to be performed on the provided Zendesk source fields.", + "title": "Zendesk", + "type": "string" } }, - "required": [ - "Mode", - "WorkerCapabilities" - ], "type": "object" }, - "AWS::Deadline::Fleet.CustomerManagedWorkerCapabilities": { + "AWS::CustomerProfiles::Integration.FlowDefinition": { "additionalProperties": false, "properties": { - "AcceleratorCount": { - "$ref": "#/definitions/AWS::Deadline::Fleet.AcceleratorCountRange", - "markdownDescription": "The range of the accelerator.", - "title": "AcceleratorCount" - }, - "AcceleratorTotalMemoryMiB": { - "$ref": "#/definitions/AWS::Deadline::Fleet.AcceleratorTotalMemoryMiBRange", - "markdownDescription": "The total memory (MiB) for the customer managed worker capabilities.", - "title": "AcceleratorTotalMemoryMiB" + "Description": { + "markdownDescription": "A description of the flow you want to create.", + "title": "Description", + "type": "string" }, - "AcceleratorTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The accelerator types for the customer managed worker capabilities.", - "title": "AcceleratorTypes", - "type": "array" + "FlowName": { + "markdownDescription": "The specified name of the flow. Use underscores (_) or hyphens (-) only. Spaces are not allowed.", + "title": "FlowName", + "type": "string" }, - "CpuArchitectureType": { - "markdownDescription": "The CPU architecture type for the customer managed worker capabilities.", - "title": "CpuArchitectureType", + "KmsArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) key you provide for encryption.", + "title": "KmsArn", "type": "string" }, - "CustomAmounts": { - "items": { - "$ref": "#/definitions/AWS::Deadline::Fleet.FleetAmountCapability" - }, - "markdownDescription": "Custom requirement ranges for customer managed worker capabilities.", - "title": "CustomAmounts", - "type": "array" + "SourceFlowConfig": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.SourceFlowConfig", + "markdownDescription": "The configuration that controls how Customer Profiles retrieves data from the source.", + "title": "SourceFlowConfig" }, - "CustomAttributes": { + "Tasks": { "items": { - "$ref": "#/definitions/AWS::Deadline::Fleet.FleetAttributeCapability" + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.Task" }, - "markdownDescription": "Custom attributes for the customer manged worker capabilities.", - "title": "CustomAttributes", + "markdownDescription": "A list of tasks that Customer Profiles performs while transferring the data in the flow run.", + "title": "Tasks", "type": "array" }, - "MemoryMiB": { - "$ref": "#/definitions/AWS::Deadline::Fleet.MemoryMiBRange", - "markdownDescription": "The memory (MiB).", - "title": "MemoryMiB" - }, - "OsFamily": { - "markdownDescription": "The operating system (OS) family.", - "title": "OsFamily", - "type": "string" - }, - "VCpuCount": { - "$ref": "#/definitions/AWS::Deadline::Fleet.VCpuCountRange", - "markdownDescription": "The vCPU count for the customer manged worker capabilities.", - "title": "VCpuCount" + "TriggerConfig": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.TriggerConfig", + "markdownDescription": "The trigger settings that determine how and when the flow runs.", + "title": "TriggerConfig" } }, "required": [ - "CpuArchitectureType", - "MemoryMiB", - "OsFamily", - "VCpuCount" + "FlowName", + "KmsArn", + "SourceFlowConfig", + "Tasks", + "TriggerConfig" ], "type": "object" }, - "AWS::Deadline::Fleet.Ec2EbsVolume": { + "AWS::CustomerProfiles::Integration.IncrementalPullConfig": { "additionalProperties": false, "properties": { - "Iops": { - "markdownDescription": "The IOPS per volume.", - "title": "Iops", - "type": "number" - }, - "SizeGiB": { - "markdownDescription": "The EBS volume size in GiB.", - "title": "SizeGiB", - "type": "number" - }, - "ThroughputMiB": { - "markdownDescription": "The throughput per volume in MiB.", - "title": "ThroughputMiB", - "type": "number" + "DatetimeTypeFieldName": { + "markdownDescription": "A field that specifies the date time or timestamp field as the criteria to use when importing incremental records from the source.", + "title": "DatetimeTypeFieldName", + "type": "string" } }, "type": "object" }, - "AWS::Deadline::Fleet.FleetAmountCapability": { + "AWS::CustomerProfiles::Integration.MarketoSourceProperties": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum amount of the fleet worker capability.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum amount of fleet worker capability.", - "title": "Min", - "type": "number" - }, - "Name": { - "markdownDescription": "The name of the fleet capability.", - "title": "Name", + "Object": { + "markdownDescription": "The object specified in the Marketo flow source.", + "title": "Object", "type": "string" } }, "required": [ - "Min", - "Name" + "Object" ], "type": "object" }, - "AWS::Deadline::Fleet.FleetAttributeCapability": { + "AWS::CustomerProfiles::Integration.ObjectTypeMapping": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the fleet attribute capability for the worker.", - "title": "Name", + "Key": { + "markdownDescription": "The key.", + "title": "Key", "type": "string" }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The number of fleet attribute capabilities.", - "title": "Values", - "type": "array" + "Value": { + "markdownDescription": "The value.", + "title": "Value", + "type": "string" } }, "required": [ - "Name", - "Values" + "Key", + "Value" ], "type": "object" }, - "AWS::Deadline::Fleet.FleetCapabilities": { + "AWS::CustomerProfiles::Integration.S3SourceProperties": { "additionalProperties": false, "properties": { - "Amounts": { - "items": { - "$ref": "#/definitions/AWS::Deadline::Fleet.FleetAmountCapability" - }, - "markdownDescription": "Amount capabilities of the fleet.", - "title": "Amounts", - "type": "array" + "BucketName": { + "markdownDescription": "The Amazon S3 bucket name where the source files are stored.", + "title": "BucketName", + "type": "string" }, - "Attributes": { - "items": { - "$ref": "#/definitions/AWS::Deadline::Fleet.FleetAttributeCapability" - }, - "markdownDescription": "Attribute capabilities of the fleet.", - "title": "Attributes", - "type": "array" + "BucketPrefix": { + "markdownDescription": "The object key for the Amazon S3 bucket in which the source files are stored.", + "title": "BucketPrefix", + "type": "string" } }, + "required": [ + "BucketName" + ], "type": "object" }, - "AWS::Deadline::Fleet.FleetConfiguration": { + "AWS::CustomerProfiles::Integration.SalesforceSourceProperties": { "additionalProperties": false, "properties": { - "CustomerManaged": { - "$ref": "#/definitions/AWS::Deadline::Fleet.CustomerManagedFleetConfiguration", - "markdownDescription": "The customer managed fleets within a fleet configuration.", - "title": "CustomerManaged" + "EnableDynamicFieldUpdate": { + "markdownDescription": "The flag that enables dynamic fetching of new (recently added) fields in the Salesforce objects while running a flow.", + "title": "EnableDynamicFieldUpdate", + "type": "boolean" }, - "ServiceManagedEc2": { - "$ref": "#/definitions/AWS::Deadline::Fleet.ServiceManagedEc2FleetConfiguration", - "markdownDescription": "The service managed Amazon EC2 instances for a fleet configuration.", - "title": "ServiceManagedEc2" + "IncludeDeletedRecords": { + "markdownDescription": "Indicates whether Amazon AppFlow includes deleted files in the flow run.", + "title": "IncludeDeletedRecords", + "type": "boolean" + }, + "Object": { + "markdownDescription": "The object specified in the Salesforce flow source.", + "title": "Object", + "type": "string" } }, + "required": [ + "Object" + ], "type": "object" }, - "AWS::Deadline::Fleet.MemoryMiBRange": { + "AWS::CustomerProfiles::Integration.ScheduledTriggerProperties": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum amount of memory (in MiB).", - "title": "Max", + "DataPullMode": { + "markdownDescription": "Specifies whether a scheduled flow has an incremental data transfer or a complete data transfer for each flow run.", + "title": "DataPullMode", + "type": "string" + }, + "FirstExecutionFrom": { + "markdownDescription": "Specifies the date range for the records to import from the connector in the first flow run.", + "title": "FirstExecutionFrom", "type": "number" }, - "Min": { - "markdownDescription": "The minimum amount of memory (in MiB).", - "title": "Min", + "ScheduleEndTime": { + "markdownDescription": "Specifies the scheduled end time for a scheduled-trigger flow.", + "title": "ScheduleEndTime", + "type": "number" + }, + "ScheduleExpression": { + "markdownDescription": "The scheduling expression that determines the rate at which the schedule will run, for example rate (5 minutes).", + "title": "ScheduleExpression", + "type": "string" + }, + "ScheduleOffset": { + "markdownDescription": "Specifies the optional offset that is added to the time interval for a schedule-triggered flow.", + "title": "ScheduleOffset", + "type": "number" + }, + "ScheduleStartTime": { + "markdownDescription": "Specifies the scheduled start time for a scheduled-trigger flow. The value must be a date/time value in EPOCH format.", + "title": "ScheduleStartTime", "type": "number" + }, + "Timezone": { + "markdownDescription": "Specifies the time zone used when referring to the date and time of a scheduled-triggered flow, such as America/New_York.", + "title": "Timezone", + "type": "string" } }, "required": [ - "Min" + "ScheduleExpression" ], "type": "object" }, - "AWS::Deadline::Fleet.ServiceManagedEc2FleetConfiguration": { + "AWS::CustomerProfiles::Integration.ServiceNowSourceProperties": { "additionalProperties": false, "properties": { - "InstanceCapabilities": { - "$ref": "#/definitions/AWS::Deadline::Fleet.ServiceManagedEc2InstanceCapabilities", - "markdownDescription": "The Amazon EC2 instance capabilities.", - "title": "InstanceCapabilities" - }, - "InstanceMarketOptions": { - "$ref": "#/definitions/AWS::Deadline::Fleet.ServiceManagedEc2InstanceMarketOptions", - "markdownDescription": "The Amazon EC2 market type.", - "title": "InstanceMarketOptions" + "Object": { + "markdownDescription": "The object specified in the ServiceNow flow source.", + "title": "Object", + "type": "string" } }, "required": [ - "InstanceCapabilities", - "InstanceMarketOptions" + "Object" ], "type": "object" }, - "AWS::Deadline::Fleet.ServiceManagedEc2InstanceCapabilities": { + "AWS::CustomerProfiles::Integration.SourceConnectorProperties": { "additionalProperties": false, "properties": { - "AllowedInstanceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The allowable Amazon EC2 instance types.", - "title": "AllowedInstanceTypes", - "type": "array" + "Marketo": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.MarketoSourceProperties", + "markdownDescription": "The properties that are applied when Marketo is being used as a source.", + "title": "Marketo" }, - "CpuArchitectureType": { - "markdownDescription": "The CPU architecture type.", - "title": "CpuArchitectureType", + "S3": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.S3SourceProperties", + "markdownDescription": "The properties that are applied when Amazon S3 is being used as the flow source.", + "title": "S3" + }, + "Salesforce": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.SalesforceSourceProperties", + "markdownDescription": "The properties that are applied when Salesforce is being used as a source.", + "title": "Salesforce" + }, + "ServiceNow": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.ServiceNowSourceProperties", + "markdownDescription": "The properties that are applied when ServiceNow is being used as a source.", + "title": "ServiceNow" + }, + "Zendesk": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.ZendeskSourceProperties", + "markdownDescription": "The properties that are applied when using Zendesk as a flow source.", + "title": "Zendesk" + } + }, + "type": "object" + }, + "AWS::CustomerProfiles::Integration.SourceFlowConfig": { + "additionalProperties": false, + "properties": { + "ConnectorProfileName": { + "markdownDescription": "The name of the Amazon AppFlow connector profile. This name must be unique for each connector profile in the AWS account .", + "title": "ConnectorProfileName", "type": "string" }, - "CustomAmounts": { - "items": { - "$ref": "#/definitions/AWS::Deadline::Fleet.FleetAmountCapability" - }, - "markdownDescription": "The custom capability amounts to require for instances in this fleet.", - "title": "CustomAmounts", - "type": "array" + "ConnectorType": { + "markdownDescription": "The type of connector, such as Salesforce, Marketo, and so on.", + "title": "ConnectorType", + "type": "string" }, - "CustomAttributes": { + "IncrementalPullConfig": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.IncrementalPullConfig", + "markdownDescription": "Defines the configuration for a scheduled incremental data pull. If a valid configuration is provided, the fields specified in the configuration are used when querying for the incremental data pull.", + "title": "IncrementalPullConfig" + }, + "SourceConnectorProperties": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.SourceConnectorProperties", + "markdownDescription": "Specifies the information that is required to query a particular source connector.", + "title": "SourceConnectorProperties" + } + }, + "required": [ + "ConnectorType", + "SourceConnectorProperties" + ], + "type": "object" + }, + "AWS::CustomerProfiles::Integration.Task": { + "additionalProperties": false, + "properties": { + "ConnectorOperator": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.ConnectorOperator", + "markdownDescription": "The operation to be performed on the provided source fields.", + "title": "ConnectorOperator" + }, + "DestinationField": { + "markdownDescription": "A field in a destination connector, or a field value against which Amazon AppFlow validates a source field.", + "title": "DestinationField", + "type": "string" + }, + "SourceFields": { "items": { - "$ref": "#/definitions/AWS::Deadline::Fleet.FleetAttributeCapability" + "type": "string" }, - "markdownDescription": "The custom capability attributes to require for instances in this fleet.", - "title": "CustomAttributes", + "markdownDescription": "The source fields to which a particular task is applied.", + "title": "SourceFields", "type": "array" }, - "ExcludedInstanceTypes": { + "TaskProperties": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.TaskPropertiesMap" }, - "markdownDescription": "The instance types to exclude from the fleet.", - "title": "ExcludedInstanceTypes", + "markdownDescription": "A map used to store task-related information. The service looks for particular information based on the TaskType.", + "title": "TaskProperties", "type": "array" }, - "MemoryMiB": { - "$ref": "#/definitions/AWS::Deadline::Fleet.MemoryMiBRange", - "markdownDescription": "The memory, as MiB, for the Amazon EC2 instance type.", - "title": "MemoryMiB" - }, - "OsFamily": { - "markdownDescription": "The operating system (OS) family.", - "title": "OsFamily", + "TaskType": { + "markdownDescription": "Specifies the particular task implementation that Amazon AppFlow performs.", + "title": "TaskType", "type": "string" - }, - "RootEbsVolume": { - "$ref": "#/definitions/AWS::Deadline::Fleet.Ec2EbsVolume", - "markdownDescription": "The root EBS volume.", - "title": "RootEbsVolume" - }, - "VCpuCount": { - "$ref": "#/definitions/AWS::Deadline::Fleet.VCpuCountRange", - "markdownDescription": "The amount of vCPU to require for instances in this fleet.", - "title": "VCpuCount" } }, "required": [ - "CpuArchitectureType", - "MemoryMiB", - "OsFamily", - "VCpuCount" + "SourceFields", + "TaskType" ], "type": "object" }, - "AWS::Deadline::Fleet.ServiceManagedEc2InstanceMarketOptions": { + "AWS::CustomerProfiles::Integration.TaskPropertiesMap": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The Amazon EC2 instance type.", - "title": "Type", + "OperatorPropertyKey": { + "markdownDescription": "The task property key.", + "title": "OperatorPropertyKey", + "type": "string" + }, + "Property": { + "markdownDescription": "The task property value.", + "title": "Property", "type": "string" } }, "required": [ - "Type" + "OperatorPropertyKey", + "Property" ], "type": "object" }, - "AWS::Deadline::Fleet.VCpuCountRange": { + "AWS::CustomerProfiles::Integration.TriggerConfig": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum amount of vCPU.", - "title": "Max", - "type": "number" + "TriggerProperties": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.TriggerProperties", + "markdownDescription": "Specifies the configuration details of a schedule-triggered flow that you define. Currently, these settings only apply to the Scheduled trigger type.", + "title": "TriggerProperties" }, - "Min": { - "markdownDescription": "The minimum amount of vCPU.", - "title": "Min", - "type": "number" + "TriggerType": { + "markdownDescription": "Specifies the type of flow trigger. It can be OnDemand, Scheduled, or Event.", + "title": "TriggerType", + "type": "string" } }, "required": [ - "Min" + "TriggerType" ], "type": "object" }, - "AWS::Deadline::LicenseEndpoint": { + "AWS::CustomerProfiles::Integration.TriggerProperties": { + "additionalProperties": false, + "properties": { + "Scheduled": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.ScheduledTriggerProperties", + "markdownDescription": "Specifies the configuration details of a schedule-triggered flow that you define.", + "title": "Scheduled" + } + }, + "type": "object" + }, + "AWS::CustomerProfiles::Integration.ZendeskSourceProperties": { + "additionalProperties": false, + "properties": { + "Object": { + "markdownDescription": "The object specified in the Zendesk flow source.", + "title": "Object", + "type": "string" + } + }, + "required": [ + "Object" + ], + "type": "object" + }, + "AWS::CustomerProfiles::ObjectType": { "additionalProperties": false, "properties": { "Condition": { @@ -65076,38 +70974,86 @@ "Properties": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { + "AllowProfileCreation": { + "markdownDescription": "Indicates whether a profile should be created when data is received if one doesn\u2019t exist for an object of this type. The default is `FALSE` . If the AllowProfileCreation flag is set to `FALSE` , then the service tries to fetch a standard profile and associate this object with the profile. If it is set to `TRUE` , and if no match is found, then the service creates a new standard profile.", + "title": "AllowProfileCreation", + "type": "boolean" + }, + "Description": { + "markdownDescription": "The description of the profile object type mapping.", + "title": "Description", + "type": "string" + }, + "DomainName": { + "markdownDescription": "The unique name of the domain.", + "title": "DomainName", + "type": "string" + }, + "EncryptionKey": { + "markdownDescription": "The customer-provided key to encrypt the profile object that will be created in this profile object type mapping. If not specified the system will use the encryption key of the domain.", + "title": "EncryptionKey", + "type": "string" + }, + "ExpirationDays": { + "markdownDescription": "The number of days until the data of this type expires.", + "title": "ExpirationDays", + "type": "number" + }, + "Fields": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::CustomerProfiles::ObjectType.FieldMap" }, - "markdownDescription": "The identifier of the Amazon EC2 security group that controls access to the license endpoint.", - "title": "SecurityGroupIds", + "markdownDescription": "A list of field definitions for the object type mapping.", + "title": "Fields", "type": "array" }, - "SubnetIds": { + "Keys": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::CustomerProfiles::ObjectType.KeyMap" }, - "markdownDescription": "Identifies the VPC subnets that can connect to a license endpoint.", - "title": "SubnetIds", + "markdownDescription": "A list of keys that can be used to map data to the profile or search for the profile.", + "title": "Keys", "type": "array" }, - "VpcId": { - "markdownDescription": "The VCP(virtual private cloud) ID associated with the license endpoint.", - "title": "VpcId", + "MaxProfileObjectCount": { + "markdownDescription": "The amount of profile object max count assigned to the object type.", + "title": "MaxProfileObjectCount", + "type": "number" + }, + "ObjectTypeName": { + "markdownDescription": "The name of the profile object type.", + "title": "ObjectTypeName", + "type": "string" + }, + "SourceLastUpdatedTimestampFormat": { + "markdownDescription": "The format of your sourceLastUpdatedTimestamp that was previously set up.", + "title": "SourceLastUpdatedTimestampFormat", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "title": "Tags", + "type": "array" + }, + "TemplateId": { + "markdownDescription": "A unique identifier for the template mapping. This can be used instead of specifying the Keys and Fields properties directly.", + "title": "TemplateId", "type": "string" } }, "required": [ - "SecurityGroupIds", - "SubnetIds", - "VpcId" + "Description", + "DomainName", + "ObjectTypeName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Deadline::LicenseEndpoint" + "AWS::CustomerProfiles::ObjectType" ], "type": "string" }, @@ -65126,84 +71072,85 @@ ], "type": "object" }, - "AWS::Deadline::MeteredProduct": { + "AWS::CustomerProfiles::ObjectType.FieldMap": { "additionalProperties": false, "properties": { - "Condition": { + "Name": { + "markdownDescription": "Name of the field.", + "title": "Name", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ObjectTypeField": { + "$ref": "#/definitions/AWS::CustomerProfiles::ObjectType.ObjectTypeField", + "markdownDescription": "Represents a field in a ProfileObjectType.", + "title": "ObjectTypeField" + } + }, + "type": "object" + }, + "AWS::CustomerProfiles::ObjectType.KeyMap": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "Name of the key.", + "title": "Name", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Family": { - "type": "string" - }, - "LicenseEndpointId": { - "markdownDescription": "The Amazon EC2 identifier of the license endpoint.", - "title": "LicenseEndpointId", - "type": "string" - }, - "Port": { - "type": "number" - }, - "ProductId": { - "markdownDescription": "The product ID.", - "title": "ProductId", - "type": "string" - }, - "Vendor": { - "type": "string" - } + "ObjectTypeKeyList": { + "items": { + "$ref": "#/definitions/AWS::CustomerProfiles::ObjectType.ObjectTypeKey" }, - "type": "object" + "markdownDescription": "A list of ObjectTypeKey.", + "title": "ObjectTypeKeyList", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CustomerProfiles::ObjectType.ObjectTypeField": { + "additionalProperties": false, + "properties": { + "ContentType": { + "markdownDescription": "The content type of the field. Used for determining equality when searching.", + "title": "ContentType", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Deadline::MeteredProduct" - ], + "Source": { + "markdownDescription": "A field of a ProfileObject. For example: _source.FirstName, where \u201c_source\u201d is a ProfileObjectType of a Zendesk user and \u201cFirstName\u201d is a field in that ObjectType.", + "title": "Source", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Target": { + "markdownDescription": "The location of the data in the standard ProfileObject model. For example: _profile.Address.PostalCode.", + "title": "Target", "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::Deadline::Queue": { + "AWS::CustomerProfiles::ObjectType.ObjectTypeKey": { + "additionalProperties": false, + "properties": { + "FieldNames": { + "items": { + "type": "string" + }, + "markdownDescription": "The reference for the key name of the fields map.", + "title": "FieldNames", + "type": "array" + }, + "StandardIdentifiers": { + "items": { + "type": "string" + }, + "markdownDescription": "The types of keys that a ProfileObject can have. Each ProfileObject can have only 1 UNIQUE key but multiple PROFILE keys. PROFILE means that this key can be used to tie an object to a PROFILE. UNIQUE means that it can be used to uniquely identify an object. If a key a is marked as SECONDARY, it will be used to search for profiles after all other PROFILE keys have been searched. A LOOKUP_ONLY key is only used to match a profile but is not persisted to be used for searching of the profile. A NEW_ONLY key is only used if the profile does not already exist before the object is ingested, otherwise it is only used for matching objects to profiles.", + "title": "StandardIdentifiers", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CustomerProfiles::SegmentDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -65238,66 +71185,51 @@ "Properties": { "additionalProperties": false, "properties": { - "AllowedStorageProfileIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The identifiers of the storage profiles that this queue can use to share assets between workers using different operating systems.", - "title": "AllowedStorageProfileIds", - "type": "array" - }, - "DefaultBudgetAction": { - "markdownDescription": "The default action taken on a queue summary if a budget wasn't configured.", - "title": "DefaultBudgetAction", - "type": "string" - }, "Description": { - "markdownDescription": "A description of the queue that helps identify what the queue is used for.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", + "markdownDescription": "The description of the segment definition.", "title": "Description", "type": "string" }, "DisplayName": { - "markdownDescription": "The display name of the queue summary to update.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", + "markdownDescription": "Display name of the segment definition.", "title": "DisplayName", "type": "string" }, - "FarmId": { - "markdownDescription": "The farm ID.", - "title": "FarmId", + "DomainName": { + "markdownDescription": "The name of the domain.", + "title": "DomainName", "type": "string" }, - "JobAttachmentSettings": { - "$ref": "#/definitions/AWS::Deadline::Queue.JobAttachmentSettings", - "markdownDescription": "The job attachment settings. These are the Amazon S3 bucket name and the Amazon S3 prefix.", - "title": "JobAttachmentSettings" + "SegmentDefinitionName": { + "markdownDescription": "Name of the segment definition.", + "title": "SegmentDefinitionName", + "type": "string" }, - "JobRunAsUser": { - "$ref": "#/definitions/AWS::Deadline::Queue.JobRunAsUser", - "markdownDescription": "Identifies the user for a job.", - "title": "JobRunAsUser" + "SegmentGroups": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.SegmentGroup", + "markdownDescription": "Contains all groups of the segment definition.", + "title": "SegmentGroups" }, - "RequiredFileSystemLocationNames": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The file system location that the queue uses.", - "title": "RequiredFileSystemLocationNames", + "markdownDescription": "The tags belonging to the segment definition.", + "title": "Tags", "type": "array" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that workers use when running jobs in this queue.", - "title": "RoleArn", - "type": "string" } }, "required": [ - "DisplayName" + "DisplayName", + "DomainName", + "SegmentDefinitionName", + "SegmentGroups" ], "type": "object" }, "Type": { "enum": [ - "AWS::Deadline::Queue" + "AWS::CustomerProfiles::SegmentDefinition" ], "type": "string" }, @@ -65316,261 +71248,428 @@ ], "type": "object" }, - "AWS::Deadline::Queue.JobAttachmentSettings": { + "AWS::CustomerProfiles::SegmentDefinition.AddressDimension": { "additionalProperties": false, "properties": { - "RootPrefix": { - "markdownDescription": "The root prefix.", - "title": "RootPrefix", - "type": "string" + "City": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "The city belonging to the address.", + "title": "City" }, - "S3BucketName": { - "markdownDescription": "The Amazon S3 bucket name.", - "title": "S3BucketName", - "type": "string" + "Country": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "The country belonging to the address.", + "title": "Country" + }, + "County": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "The county belonging to the address.", + "title": "County" + }, + "PostalCode": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "The postal code belonging to the address.", + "title": "PostalCode" + }, + "Province": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "The province belonging to the address.", + "title": "Province" + }, + "State": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "The state belonging to the address.", + "title": "State" } }, - "required": [ - "RootPrefix", - "S3BucketName" - ], "type": "object" }, - "AWS::Deadline::Queue.JobRunAsUser": { + "AWS::CustomerProfiles::SegmentDefinition.AttributeDimension": { "additionalProperties": false, "properties": { - "Posix": { - "$ref": "#/definitions/AWS::Deadline::Queue.PosixUser", - "markdownDescription": "The user and group that the jobs in the queue run as.", - "title": "Posix" - }, - "RunAs": { - "markdownDescription": "Specifies whether the job should run using the queue's system user or if the job should run using the worker agent system user.", - "title": "RunAs", + "DimensionType": { + "markdownDescription": "The action to segment with.", + "title": "DimensionType", "type": "string" }, - "Windows": { - "$ref": "#/definitions/AWS::Deadline::Queue.WindowsUser", - "markdownDescription": "Identifies a Microsoft Windows user.", - "title": "Windows" + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The values to apply the DimensionType on.", + "title": "Values", + "type": "array" } }, "required": [ - "RunAs" + "DimensionType", + "Values" ], "type": "object" }, - "AWS::Deadline::Queue.PosixUser": { + "AWS::CustomerProfiles::SegmentDefinition.CalculatedAttributeDimension": { "additionalProperties": false, "properties": { - "Group": { - "markdownDescription": "The name of the POSIX user's group.", - "title": "Group", - "type": "string" + "ConditionOverrides": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ConditionOverrides", + "markdownDescription": "Applies the given condition over the initial Calculated Attribute's definition.", + "title": "ConditionOverrides" }, - "User": { - "markdownDescription": "The name of the POSIX user.", - "title": "User", + "DimensionType": { + "markdownDescription": "The action to segment with.", + "title": "DimensionType", "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The values to apply the DimensionType with.", + "title": "Values", + "type": "array" } }, "required": [ - "Group", - "User" + "DimensionType", + "Values" ], "type": "object" }, - "AWS::Deadline::Queue.WindowsUser": { + "AWS::CustomerProfiles::SegmentDefinition.ConditionOverrides": { "additionalProperties": false, "properties": { - "PasswordArn": { - "markdownDescription": "The password ARN for the Windows user.", - "title": "PasswordArn", + "Range": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.RangeOverride", + "markdownDescription": "The relative time period over which data is included in the aggregation for this override.", + "title": "Range" + } + }, + "type": "object" + }, + "AWS::CustomerProfiles::SegmentDefinition.DateDimension": { + "additionalProperties": false, + "properties": { + "DimensionType": { + "markdownDescription": "The action to segment on.", + "title": "DimensionType", "type": "string" }, - "User": { - "markdownDescription": "The user.", - "title": "User", - "type": "string" + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The values to apply the DimensionType on.", + "title": "Values", + "type": "array" } }, "required": [ - "PasswordArn", - "User" + "DimensionType", + "Values" ], "type": "object" }, - "AWS::Deadline::QueueEnvironment": { + "AWS::CustomerProfiles::SegmentDefinition.Dimension": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { + "CalculatedAttributes": { "additionalProperties": false, - "properties": { - "FarmId": { - "markdownDescription": "The identifier assigned to the farm that contains the queue.", - "title": "FarmId", - "type": "string" - }, - "Priority": { - "markdownDescription": "The queue environment's priority.", - "title": "Priority", - "type": "number" - }, - "QueueId": { - "markdownDescription": "The unique identifier of the queue that contains the environment.", - "title": "QueueId", - "type": "string" - }, - "Template": { - "markdownDescription": "A JSON or YAML template that describes the processing environment for the queue.", - "title": "Template", - "type": "string" - }, - "TemplateType": { - "markdownDescription": "Specifies whether the template for the queue environment is JSON or YAML.", - "title": "TemplateType", - "type": "string" + "markdownDescription": "Object that holds the calculated attributes to segment on.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.CalculatedAttributeDimension" } }, - "required": [ - "FarmId", - "Priority", - "QueueId", - "Template", - "TemplateType" - ], + "title": "CalculatedAttributes", "type": "object" }, - "Type": { - "enum": [ - "AWS::Deadline::QueueEnvironment" - ], + "ProfileAttributes": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileAttributes", + "markdownDescription": "Object that holds the profile attributes to segment on.", + "title": "ProfileAttributes" + } + }, + "type": "object" + }, + "AWS::CustomerProfiles::SegmentDefinition.ExtraLengthValueProfileDimension": { + "additionalProperties": false, + "properties": { + "DimensionType": { + "markdownDescription": "The action to segment with.", + "title": "DimensionType", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The values to apply the DimensionType on.", + "title": "Values", + "type": "array" } }, "required": [ - "Type", - "Properties" + "DimensionType", + "Values" ], "type": "object" }, - "AWS::Deadline::QueueFleetAssociation": { + "AWS::CustomerProfiles::SegmentDefinition.Group": { "additionalProperties": false, "properties": { - "Condition": { + "Dimensions": { + "items": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.Dimension" + }, + "markdownDescription": "Defines the attributes to segment on.", + "title": "Dimensions", + "type": "array" + }, + "SourceSegments": { + "items": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.SourceSegment" + }, + "markdownDescription": "Defines the starting source of data.", + "title": "SourceSegments", + "type": "array" + }, + "SourceType": { + "markdownDescription": "Defines how to interact with the source data.", + "title": "SourceType", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Type": { + "markdownDescription": "Defines how to interact with the profiles found in the current filtering.", + "title": "Type", "type": "string" + } + }, + "type": "object" + }, + "AWS::CustomerProfiles::SegmentDefinition.ProfileAttributes": { + "additionalProperties": false, + "properties": { + "AccountNumber": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within account number.", + "title": "AccountNumber" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "AdditionalInformation": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ExtraLengthValueProfileDimension", + "markdownDescription": "A field to describe values to segment on within additional information.", + "title": "AdditionalInformation" }, - "Metadata": { - "type": "object" + "Address": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.AddressDimension", + "markdownDescription": "A field to describe values to segment on within address.", + "title": "Address" }, - "Properties": { + "Attributes": { "additionalProperties": false, - "properties": { - "FarmId": { - "markdownDescription": "The identifier of the farm that contains the queue and the fleet.", - "title": "FarmId", - "type": "string" - }, - "FleetId": { - "markdownDescription": "The fleet ID.", - "title": "FleetId", - "type": "string" - }, - "QueueId": { - "markdownDescription": "The queue ID.", - "title": "QueueId", - "type": "string" + "markdownDescription": "A field to describe values to segment on within attributes.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.AttributeDimension" } }, - "required": [ - "FarmId", - "FleetId", - "QueueId" - ], + "title": "Attributes", "type": "object" }, - "Type": { - "enum": [ - "AWS::Deadline::QueueFleetAssociation" - ], + "BillingAddress": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.AddressDimension", + "markdownDescription": "A field to describe values to segment on within billing address.", + "title": "BillingAddress" + }, + "BirthDate": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.DateDimension", + "markdownDescription": "A field to describe values to segment on within birthDate.", + "title": "BirthDate" + }, + "BusinessEmailAddress": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within business email address.", + "title": "BusinessEmailAddress" + }, + "BusinessName": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within business name.", + "title": "BusinessName" + }, + "BusinessPhoneNumber": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within business phone number.", + "title": "BusinessPhoneNumber" + }, + "EmailAddress": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within email address.", + "title": "EmailAddress" + }, + "FirstName": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within first name.", + "title": "FirstName" + }, + "GenderString": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within genderString.", + "title": "GenderString" + }, + "HomePhoneNumber": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within home phone number.", + "title": "HomePhoneNumber" + }, + "LastName": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within last name.", + "title": "LastName" + }, + "MailingAddress": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.AddressDimension", + "markdownDescription": "A field to describe values to segment on within mailing address.", + "title": "MailingAddress" + }, + "MiddleName": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within middle name.", + "title": "MiddleName" + }, + "MobilePhoneNumber": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within mobile phone number.", + "title": "MobilePhoneNumber" + }, + "PartyTypeString": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within partyTypeString.", + "title": "PartyTypeString" + }, + "PersonalEmailAddress": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within personal email address.", + "title": "PersonalEmailAddress" + }, + "PhoneNumber": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within phone number.", + "title": "PhoneNumber" + }, + "ProfileType": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileTypeDimension", + "markdownDescription": "The type of profile.", + "title": "ProfileType" + }, + "ShippingAddress": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.AddressDimension", + "markdownDescription": "A field to describe values to segment on within shipping address.", + "title": "ShippingAddress" + } + }, + "type": "object" + }, + "AWS::CustomerProfiles::SegmentDefinition.ProfileDimension": { + "additionalProperties": false, + "properties": { + "DimensionType": { + "markdownDescription": "The action to segment on.", + "title": "DimensionType", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "Values", + "type": "array" + } + }, + "required": [ + "DimensionType", + "Values" + ], + "type": "object" + }, + "AWS::CustomerProfiles::SegmentDefinition.ProfileTypeDimension": { + "additionalProperties": false, + "properties": { + "DimensionType": { + "markdownDescription": "The action to segment on.", + "title": "DimensionType", "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The values to apply the DimensionType on.", + "title": "Values", + "type": "array" } }, "required": [ - "Type", - "Properties" + "DimensionType", + "Values" ], "type": "object" }, - "AWS::Deadline::StorageProfile": { + "AWS::CustomerProfiles::SegmentDefinition.RangeOverride": { + "additionalProperties": false, + "properties": { + "End": { + "markdownDescription": "The end time of when to include objects.", + "title": "End", + "type": "number" + }, + "Start": { + "markdownDescription": "The start time of when to include objects.", + "title": "Start", + "type": "number" + }, + "Unit": { + "markdownDescription": "The unit for start and end.", + "title": "Unit", + "type": "string" + } + }, + "required": [ + "Start", + "Unit" + ], + "type": "object" + }, + "AWS::CustomerProfiles::SegmentDefinition.SegmentGroup": { + "additionalProperties": false, + "properties": { + "Groups": { + "items": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.Group" + }, + "markdownDescription": "Holds the list of groups within the segment definition.", + "title": "Groups", + "type": "array" + }, + "Include": { + "markdownDescription": "Defines whether to include or exclude the profiles that fit the segment criteria.", + "title": "Include", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CustomerProfiles::SegmentDefinition.SourceSegment": { + "additionalProperties": false, + "properties": { + "SegmentDefinitionName": { + "markdownDescription": "The name of the source segment.", + "title": "SegmentDefinitionName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DAX::Cluster": { "additionalProperties": false, "properties": { "Condition": { @@ -65605,39 +71704,96 @@ "Properties": { "additionalProperties": false, "properties": { - "DisplayName": { - "markdownDescription": "The display name of the storage profile summary to update.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", - "title": "DisplayName", + "AvailabilityZones": { + "items": { + "type": "string" + }, + "markdownDescription": "The Availability Zones (AZs) in which the cluster nodes will reside after the cluster has been created or updated. If provided, the length of this list must equal the `ReplicationFactor` parameter. If you omit this parameter, DAX will spread the nodes across Availability Zones for the highest availability.", + "title": "AvailabilityZones", + "type": "array" + }, + "ClusterEndpointEncryptionType": { + "markdownDescription": "The encryption type of the cluster's endpoint. Available values are:\n\n- `NONE` - The cluster's endpoint will be unencrypted.\n- `TLS` - The cluster's endpoint will be encrypted with Transport Layer Security, and will provide an x509 certificate for authentication.\n\nThe default value is `NONE` .", + "title": "ClusterEndpointEncryptionType", "type": "string" }, - "FarmId": { - "markdownDescription": "The unique identifier of the farm that contains the storage profile.", - "title": "FarmId", + "ClusterName": { + "markdownDescription": "The name of the DAX cluster.", + "title": "ClusterName", "type": "string" }, - "FileSystemLocations": { + "Description": { + "markdownDescription": "The description of the cluster.", + "title": "Description", + "type": "string" + }, + "IAMRoleARN": { + "markdownDescription": "A valid Amazon Resource Name (ARN) that identifies an IAM role. At runtime, DAX will assume this role and use the role's permissions to access DynamoDB on your behalf.", + "title": "IAMRoleARN", + "type": "string" + }, + "NetworkType": { + "type": "string" + }, + "NodeType": { + "markdownDescription": "The node type for the nodes in the cluster. (All nodes in a DAX cluster are of the same type.)", + "title": "NodeType", + "type": "string" + }, + "NotificationTopicARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to which notifications will be sent.\n\n> The Amazon SNS topic owner must be same as the DAX cluster owner.", + "title": "NotificationTopicARN", + "type": "string" + }, + "ParameterGroupName": { + "markdownDescription": "The parameter group to be associated with the DAX cluster.", + "title": "ParameterGroupName", + "type": "string" + }, + "PreferredMaintenanceWindow": { + "markdownDescription": "A range of time when maintenance of DAX cluster software will be performed. For example: `sun:01:00-sun:09:00` . Cluster maintenance normally takes less than 30 minutes, and is performed automatically within the maintenance window.", + "title": "PreferredMaintenanceWindow", + "type": "string" + }, + "ReplicationFactor": { + "markdownDescription": "The number of nodes in the DAX cluster. A replication factor of 1 will create a single-node cluster, without any read replicas. For additional fault tolerance, you can create a multiple node cluster with one or more read replicas. To do this, set `ReplicationFactor` to a number between 3 (one primary and two read replicas) and 10 (one primary and nine read replicas). `If the AvailabilityZones` parameter is provided, its length must equal the `ReplicationFactor` .\n\n> AWS recommends that you have at least two read replicas per cluster.", + "title": "ReplicationFactor", + "type": "number" + }, + "SSESpecification": { + "$ref": "#/definitions/AWS::DAX::Cluster.SSESpecification", + "markdownDescription": "Represents the settings used to enable server-side encryption on the cluster.", + "title": "SSESpecification" + }, + "SecurityGroupIds": { "items": { - "$ref": "#/definitions/AWS::Deadline::StorageProfile.FileSystemLocation" + "type": "string" }, - "markdownDescription": "Operating system specific file system path to the storage location.", - "title": "FileSystemLocations", + "markdownDescription": "A list of security group IDs to be assigned to each node in the DAX cluster. (Each of the security group ID is system-generated.)\n\nIf this parameter is not specified, DAX assigns the default VPC security group to each node.", + "title": "SecurityGroupIds", "type": "array" }, - "OsFamily": { - "markdownDescription": "The operating system (OS) family.", - "title": "OsFamily", + "SubnetGroupName": { + "markdownDescription": "The name of the subnet group to be used for the replication group.\n\n> DAX clusters can only run in an Amazon VPC environment. All of the subnets that you specify in a subnet group must exist in the same VPC.", + "title": "SubnetGroupName", "type": "string" + }, + "Tags": { + "markdownDescription": "A set of tags to associate with the DAX cluster.", + "title": "Tags", + "type": "object" } }, "required": [ - "DisplayName", - "OsFamily" + "IAMRoleARN", + "NodeType", + "ReplicationFactor" ], "type": "object" }, "Type": { "enum": [ - "AWS::Deadline::StorageProfile" + "AWS::DAX::Cluster" ], "type": "string" }, @@ -65656,33 +71812,18 @@ ], "type": "object" }, - "AWS::Deadline::StorageProfile.FileSystemLocation": { + "AWS::DAX::Cluster.SSESpecification": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The location name.", - "title": "Name", - "type": "string" - }, - "Path": { - "markdownDescription": "The file path.", - "title": "Path", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of file.", - "title": "Type", - "type": "string" + "SSEEnabled": { + "markdownDescription": "Indicates whether server-side encryption is enabled (true) or disabled (false) on the cluster.", + "title": "SSEEnabled", + "type": "boolean" } }, - "required": [ - "Name", - "Path", - "Type" - ], "type": "object" }, - "AWS::Detective::Graph": { + "AWS::DAX::ParameterGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -65717,25 +71858,27 @@ "Properties": { "additionalProperties": false, "properties": { - "AutoEnableMembers": { - "markdownDescription": "Indicates whether to automatically enable new organization accounts as member accounts in the organization behavior graph.\n\nBy default, this property is set to `false` . If you want to change the value of this property, you must be the Detective administrator for the organization. For more information on setting a Detective administrator account, see [AWS::Detective::OrganizationAdmin](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-detective-organizationadmin.html) .", - "title": "AutoEnableMembers", - "type": "boolean" + "Description": { + "markdownDescription": "A description of the parameter group.", + "title": "Description", + "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tag values to assign to the new behavior graph.", - "title": "Tags", - "type": "array" + "ParameterGroupName": { + "markdownDescription": "The name of the parameter group.", + "title": "ParameterGroupName", + "type": "string" + }, + "ParameterNameValues": { + "markdownDescription": "An array of name-value pairs for the parameters in the group. Each element in the array represents a single parameter.\n\n> `record-ttl-millis` and `query-ttl-millis` are the only supported parameter names. For more details, see [Configuring TTL Settings](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/DAX.cluster-management.html#DAX.cluster-management.custom-settings.ttl) .", + "title": "ParameterNameValues", + "type": "object" } }, "type": "object" }, "Type": { "enum": [ - "AWS::Detective::Graph" + "AWS::DAX::ParameterGroup" ], "type": "string" }, @@ -65753,7 +71896,7 @@ ], "type": "object" }, - "AWS::Detective::MemberInvitation": { + "AWS::DAX::SubnetGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -65788,42 +71931,33 @@ "Properties": { "additionalProperties": false, "properties": { - "DisableEmailNotification": { - "markdownDescription": "Whether to send an invitation email to the member account. If set to true, the member account does not receive an invitation email.", - "title": "DisableEmailNotification", - "type": "boolean" - }, - "GraphArn": { - "markdownDescription": "The ARN of the behavior graph to invite the account to contribute data to.", - "title": "GraphArn", - "type": "string" - }, - "MemberEmailAddress": { - "markdownDescription": "The root user email address of the invited account. If the email address provided is not the root user email address for the provided account, the invitation creation fails.", - "title": "MemberEmailAddress", + "Description": { + "markdownDescription": "The description of the subnet group.", + "title": "Description", "type": "string" }, - "MemberId": { - "markdownDescription": "The AWS account identifier of the invited account", - "title": "MemberId", + "SubnetGroupName": { + "markdownDescription": "The name of the subnet group.", + "title": "SubnetGroupName", "type": "string" }, - "Message": { - "markdownDescription": "Customized text to include in the invitation email message.", - "title": "Message", - "type": "string" + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of VPC subnet IDs for the subnet group.", + "title": "SubnetIds", + "type": "array" } }, "required": [ - "GraphArn", - "MemberEmailAddress", - "MemberId" + "SubnetIds" ], "type": "object" }, "Type": { "enum": [ - "AWS::Detective::MemberInvitation" + "AWS::DAX::SubnetGroup" ], "type": "string" }, @@ -65842,7 +71976,7 @@ ], "type": "object" }, - "AWS::Detective::OrganizationAdmin": { + "AWS::DLM::LifecyclePolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -65877,20 +72011,75 @@ "Properties": { "additionalProperties": false, "properties": { - "AccountId": { - "markdownDescription": "The AWS account identifier of the account to designate as the Detective administrator account for the organization.", - "title": "AccountId", + "CopyTags": { + "markdownDescription": "*[Default policies only]* Indicates whether the policy should copy tags from the source resource to the snapshot or AMI. If you do not specify a value, the default is `false` .\n\nDefault: false", + "title": "CopyTags", + "type": "boolean" + }, + "CreateInterval": { + "markdownDescription": "*[Default policies only]* Specifies how often the policy should run and create snapshots or AMIs. The creation frequency can range from 1 to 7 days. If you do not specify a value, the default is 1.\n\nDefault: 1", + "title": "CreateInterval", + "type": "number" + }, + "CrossRegionCopyTargets": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyTargets", + "markdownDescription": "*[Default policies only]* Specifies destination Regions for snapshot or AMI copies. You can specify up to 3 destination Regions. If you do not want to create cross-Region copies, omit this parameter.", + "title": "CrossRegionCopyTargets" + }, + "DefaultPolicy": { + "markdownDescription": "*[Default policies only]* Specify the type of default policy to create.\n\n- To create a default policy for EBS snapshots, that creates snapshots of all volumes in the Region that do not have recent backups, specify `VOLUME` .\n- To create a default policy for EBS-backed AMIs, that creates EBS-backed AMIs from all instances in the Region that do not have recent backups, specify `INSTANCE` .", + "title": "DefaultPolicy", + "type": "string" + }, + "Description": { + "markdownDescription": "A description of the lifecycle policy. The characters ^[0-9A-Za-z _-]+$ are supported.", + "title": "Description", + "type": "string" + }, + "Exclusions": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Exclusions", + "markdownDescription": "*[Default policies only]* Specifies exclusion parameters for volumes or instances for which you do not want to create snapshots or AMIs. The policy will not create snapshots or AMIs for target resources that match any of the specified exclusion parameters.", + "title": "Exclusions" + }, + "ExecutionRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role used to run the operations specified by the lifecycle policy.", + "title": "ExecutionRoleArn", + "type": "string" + }, + "ExtendDeletion": { + "markdownDescription": "*[Default policies only]* Defines the snapshot or AMI retention behavior for the policy if the source volume or instance is deleted, or if the policy enters the error, disabled, or deleted state.\n\nBy default ( *ExtendDeletion=false* ):\n\n- If a source resource is deleted, Amazon Data Lifecycle Manager will continue to delete previously created snapshots or AMIs, up to but not including the last one, based on the specified retention period. If you want Amazon Data Lifecycle Manager to delete all snapshots or AMIs, including the last one, specify `true` .\n- If a policy enters the error, disabled, or deleted state, Amazon Data Lifecycle Manager stops deleting snapshots and AMIs. If you want Amazon Data Lifecycle Manager to continue deleting snapshots or AMIs, including the last one, if the policy enters one of these states, specify `true` .\n\nIf you enable extended deletion ( *ExtendDeletion=true* ), you override both default behaviors simultaneously.\n\nIf you do not specify a value, the default is `false` .\n\nDefault: false", + "title": "ExtendDeletion", + "type": "boolean" + }, + "PolicyDetails": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.PolicyDetails", + "markdownDescription": "The configuration details of the lifecycle policy.\n\n> If you create a default policy, you can specify the request parameters either in the request body, or in the PolicyDetails request structure, but not both.", + "title": "PolicyDetails" + }, + "RetainInterval": { + "markdownDescription": "*[Default policies only]* Specifies how long the policy should retain snapshots or AMIs before deleting them. The retention period can range from 2 to 14 days, but it must be greater than the creation frequency to ensure that the policy retains at least 1 snapshot or AMI at any given time. If you do not specify a value, the default is 7.\n\nDefault: 7", + "title": "RetainInterval", + "type": "number" + }, + "State": { + "markdownDescription": "The activation state of the lifecycle policy.", + "title": "State", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to apply to the lifecycle policy during creation.", + "title": "Tags", + "type": "array" } }, - "required": [ - "AccountId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Detective::OrganizationAdmin" + "AWS::DLM::LifecyclePolicy" ], "type": "string" }, @@ -65904,743 +72093,682 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::DevOpsGuru::LogAnomalyDetectionIntegration": { + "AWS::DLM::LifecyclePolicy.Action": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::DevOpsGuru::LogAnomalyDetectionIntegration" - ], - "type": "string" + "CrossRegionCopy": { + "items": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyAction" + }, + "markdownDescription": "The rule for copying shared snapshots across Regions.", + "title": "CrossRegionCopy", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "A descriptive name for the action.", + "title": "Name", "type": "string" } }, "required": [ - "Type" + "CrossRegionCopy", + "Name" ], "type": "object" }, - "AWS::DevOpsGuru::NotificationChannel": { + "AWS::DLM::LifecyclePolicy.ArchiveRetainRule": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Config": { - "$ref": "#/definitions/AWS::DevOpsGuru::NotificationChannel.NotificationChannelConfig", - "markdownDescription": "A `NotificationChannelConfig` object that contains information about configured notification channels.", - "title": "Config" - } - }, - "required": [ - "Config" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::DevOpsGuru::NotificationChannel" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "RetentionArchiveTier": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.RetentionArchiveTier", + "markdownDescription": "Information about retention period in the Amazon EBS Snapshots Archive. For more information, see [Archive Amazon EBS snapshots](https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/snapshot-archive.html) .", + "title": "RetentionArchiveTier" } }, "required": [ - "Type", - "Properties" + "RetentionArchiveTier" ], "type": "object" }, - "AWS::DevOpsGuru::NotificationChannel.NotificationChannelConfig": { + "AWS::DLM::LifecyclePolicy.ArchiveRule": { "additionalProperties": false, "properties": { - "Filters": { - "$ref": "#/definitions/AWS::DevOpsGuru::NotificationChannel.NotificationFilterConfig", - "markdownDescription": "The filter configurations for the Amazon SNS notification topic you use with DevOps Guru. If you do not provide filter configurations, the default configurations are to receive notifications for all message types of `High` or `Medium` severity.", - "title": "Filters" - }, - "Sns": { - "$ref": "#/definitions/AWS::DevOpsGuru::NotificationChannel.SnsChannelConfig", - "markdownDescription": "Information about a notification channel configured in DevOps Guru to send notifications when insights are created.\n\nIf you use an Amazon SNS topic in another account, you must attach a policy to it that grants DevOps Guru permission to send it notifications. DevOps Guru adds the required policy on your behalf to send notifications using Amazon SNS in your account. DevOps Guru only supports standard SNS topics. For more information, see [Permissions for Amazon SNS topics](https://docs.aws.amazon.com/devops-guru/latest/userguide/sns-required-permissions.html) .\n\nIf you use an Amazon SNS topic that is encrypted by an AWS Key Management Service customer-managed key (CMK), then you must add permissions to the CMK. For more information, see [Permissions for AWS KMS\u2013encrypted Amazon SNS topics](https://docs.aws.amazon.com/devops-guru/latest/userguide/sns-kms-permissions.html) .", - "title": "Sns" + "RetainRule": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.ArchiveRetainRule", + "markdownDescription": "Information about the retention period for the snapshot archiving rule.", + "title": "RetainRule" } }, + "required": [ + "RetainRule" + ], "type": "object" }, - "AWS::DevOpsGuru::NotificationChannel.NotificationFilterConfig": { + "AWS::DLM::LifecyclePolicy.CreateRule": { "additionalProperties": false, "properties": { - "MessageTypes": { + "CronExpression": { + "markdownDescription": "The schedule, as a Cron expression. The schedule interval must be between 1 hour and 1 year. For more information, see the [Cron and rate expressions](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-scheduled-rule-pattern.html) in the *Amazon EventBridge User Guide* .", + "title": "CronExpression", + "type": "string" + }, + "Interval": { + "markdownDescription": "The interval between snapshots. The supported values are 1, 2, 3, 4, 6, 8, 12, and 24.", + "title": "Interval", + "type": "number" + }, + "IntervalUnit": { + "markdownDescription": "The interval unit.", + "title": "IntervalUnit", + "type": "string" + }, + "Location": { + "markdownDescription": "*[Custom snapshot policies only]* Specifies the destination for snapshots created by the policy. The allowed destinations depend on the location of the targeted resources.\n\n- If the policy targets resources in a Region, then you must create snapshots in the same Region as the source resource.\n- If the policy targets resources in a Local Zone, you can create snapshots in the same Local Zone or in its parent Region.\n- If the policy targets resources on an Outpost, then you can create snapshots on the same Outpost or in its parent Region.\n\nSpecify one of the following values:\n\n- To create snapshots in the same Region as the source resource, specify `CLOUD` .\n- To create snapshots in the same Local Zone as the source resource, specify `LOCAL_ZONE` .\n- To create snapshots on the same Outpost as the source resource, specify `OUTPOST_LOCAL` .\n\nDefault: `CLOUD`", + "title": "Location", + "type": "string" + }, + "Scripts": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Script" }, - "markdownDescription": "The events that you want to receive notifications for. For example, you can choose to receive notifications only when the severity level is upgraded or a new insight is created.", - "title": "MessageTypes", + "markdownDescription": "*[Custom snapshot policies that target instances only]* Specifies pre and/or post scripts for a snapshot lifecycle policy that targets instances. This is useful for creating application-consistent snapshots, or for performing specific administrative tasks before or after Amazon Data Lifecycle Manager initiates snapshot creation.\n\nFor more information, see [Automating application-consistent snapshots with pre and post scripts](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/automate-app-consistent-backups.html) .", + "title": "Scripts", "type": "array" }, - "Severities": { + "Times": { "items": { "type": "string" }, - "markdownDescription": "The severity levels that you want to receive notifications for. For example, you can choose to receive notifications only for insights with `HIGH` and `MEDIUM` severity levels. For more information, see [Understanding insight severities](https://docs.aws.amazon.com/devops-guru/latest/userguide/working-with-insights.html#understanding-insights-severities) .", - "title": "Severities", + "markdownDescription": "The time, in UTC, to start the operation. The supported format is hh:mm.\n\nThe operation occurs within a one-hour window following the specified time. If you do not specify a time, Amazon Data Lifecycle Manager selects a time within the next 24 hours.", + "title": "Times", "type": "array" } }, "type": "object" }, - "AWS::DevOpsGuru::NotificationChannel.SnsChannelConfig": { + "AWS::DLM::LifecyclePolicy.CrossRegionCopyAction": { "additionalProperties": false, "properties": { - "TopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an Amazon Simple Notification Service topic.", - "title": "TopicArn", + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.EncryptionConfiguration", + "markdownDescription": "The encryption settings for the copied snapshot.", + "title": "EncryptionConfiguration" + }, + "RetainRule": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyRetainRule", + "markdownDescription": "Specifies a retention rule for cross-Region snapshot copies created by snapshot or event-based policies, or cross-Region AMI copies created by AMI policies. After the retention period expires, the cross-Region copy is deleted.", + "title": "RetainRule" + }, + "Target": { + "markdownDescription": "The target Region.", + "title": "Target", "type": "string" } }, + "required": [ + "EncryptionConfiguration", + "Target" + ], "type": "object" }, - "AWS::DevOpsGuru::ResourceCollection": { + "AWS::DLM::LifecyclePolicy.CrossRegionCopyDeprecateRule": { "additionalProperties": false, "properties": { - "Condition": { + "Interval": { + "markdownDescription": "The period after which to deprecate the cross-Region AMI copies. The period must be less than or equal to the cross-Region AMI copy retention period, and it can't be greater than 10 years. This is equivalent to 120 months, 520 weeks, or 3650 days.", + "title": "Interval", + "type": "number" + }, + "IntervalUnit": { + "markdownDescription": "The unit of time in which to measure the *Interval* . For example, to deprecate a cross-Region AMI copy after 3 months, specify `Interval=3` and `IntervalUnit=MONTHS` .", + "title": "IntervalUnit", "type": "string" + } + }, + "required": [ + "Interval", + "IntervalUnit" + ], + "type": "object" + }, + "AWS::DLM::LifecyclePolicy.CrossRegionCopyRetainRule": { + "additionalProperties": false, + "properties": { + "Interval": { + "markdownDescription": "The amount of time to retain a cross-Region snapshot or AMI copy. The maximum is 100 years. This is equivalent to 1200 months, 5200 weeks, or 36500 days.", + "title": "Interval", + "type": "number" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "IntervalUnit": { + "markdownDescription": "The unit of time for time-based retention. For example, to retain a cross-Region copy for 3 months, specify `Interval=3` and `IntervalUnit=MONTHS` .", + "title": "IntervalUnit", + "type": "string" + } + }, + "required": [ + "Interval", + "IntervalUnit" + ], + "type": "object" + }, + "AWS::DLM::LifecyclePolicy.CrossRegionCopyRule": { + "additionalProperties": false, + "properties": { + "CmkArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key to use for EBS encryption. If this parameter is not specified, the default KMS key for the account is used.", + "title": "CmkArn", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "CopyTags": { + "markdownDescription": "Indicates whether to copy all user-defined tags from the source snapshot or AMI to the cross-Region copy.", + "title": "CopyTags", + "type": "boolean" }, - "Metadata": { - "type": "object" + "DeprecateRule": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyDeprecateRule", + "markdownDescription": "*[Custom AMI policies only]* The AMI deprecation rule for cross-Region AMI copies created by the rule.", + "title": "DeprecateRule" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ResourceCollectionFilter": { - "$ref": "#/definitions/AWS::DevOpsGuru::ResourceCollection.ResourceCollectionFilter", - "markdownDescription": "Information about a filter used to specify which AWS resources are analyzed for anomalous behavior by DevOps Guru.", - "title": "ResourceCollectionFilter" - } - }, - "required": [ - "ResourceCollectionFilter" - ], - "type": "object" + "Encrypted": { + "markdownDescription": "To encrypt a copy of an unencrypted snapshot if encryption by default is not enabled, enable encryption using this parameter. Copies of encrypted snapshots are encrypted, even if this parameter is false or if encryption by default is not enabled.", + "title": "Encrypted", + "type": "boolean" }, - "Type": { - "enum": [ - "AWS::DevOpsGuru::ResourceCollection" - ], + "RetainRule": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyRetainRule", + "markdownDescription": "The retention rule that indicates how long the cross-Region snapshot or AMI copies are to be retained in the destination Region.", + "title": "RetainRule" + }, + "Target": { + "markdownDescription": "> Use this parameter for snapshot policies only. For AMI policies, use *TargetRegion* instead. \n\n*[Custom snapshot policies only]* The target Region or the Amazon Resource Name (ARN) of the target Outpost for the snapshot copies.", + "title": "Target", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TargetRegion": { + "markdownDescription": "> Use this parameter for AMI policies only. For snapshot policies, use *Target* instead. For snapshot policies created before the *Target* parameter was introduced, this parameter indicates the target Region for snapshot copies. \n\n*[Custom AMI policies only]* The target Region or the Amazon Resource Name (ARN) of the target Outpost for the snapshot copies.", + "title": "TargetRegion", "type": "string" } }, "required": [ - "Type", - "Properties" + "Encrypted" ], "type": "object" }, - "AWS::DevOpsGuru::ResourceCollection.CloudFormationCollectionFilter": { + "AWS::DLM::LifecyclePolicy.CrossRegionCopyTarget": { "additionalProperties": false, "properties": { - "StackNames": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of CloudFormation stack names.", - "title": "StackNames", - "type": "array" + "TargetRegion": { + "type": "string" } }, "type": "object" }, - "AWS::DevOpsGuru::ResourceCollection.ResourceCollectionFilter": { + "AWS::DLM::LifecyclePolicy.CrossRegionCopyTargets": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::DLM::LifecyclePolicy.DeprecateRule": { "additionalProperties": false, "properties": { - "CloudFormation": { - "$ref": "#/definitions/AWS::DevOpsGuru::ResourceCollection.CloudFormationCollectionFilter", - "markdownDescription": "Information about AWS CloudFormation stacks. You can use up to 1000 stacks to specify which AWS resources in your account to analyze. For more information, see [Stacks](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacks.html) in the *AWS CloudFormation User Guide* .", - "title": "CloudFormation" + "Count": { + "markdownDescription": "If the schedule has a count-based retention rule, this parameter specifies the number of oldest AMIs to deprecate. The count must be less than or equal to the schedule's retention count, and it can't be greater than 1000.", + "title": "Count", + "type": "number" }, - "Tags": { - "items": { - "$ref": "#/definitions/AWS::DevOpsGuru::ResourceCollection.TagCollection" - }, - "markdownDescription": "The AWS tags used to filter the resources in the resource collection.\n\nTags help you identify and organize your AWS resources. Many AWS services support tagging, so you can assign the same tag to resources from different services to indicate that the resources are related. For example, you can assign the same tag to an Amazon DynamoDB table resource that you assign to an AWS Lambda function. For more information about using tags, see the [Tagging best practices](https://docs.aws.amazon.com/whitepapers/latest/tagging-best-practices/tagging-best-practices.html) whitepaper.\n\nEach AWS tag has two parts.\n\n- A tag *key* (for example, `CostCenter` , `Environment` , `Project` , or `Secret` ). Tag *keys* are case-sensitive.\n- A field known as a tag *value* (for example, `111122223333` , `Production` , or a team name). Omitting the tag *value* is the same as using an empty string. Like tag *keys* , tag *values* are case-sensitive. The tag value is a required property when AppBoundaryKey is specified.\n\nTogether these are known as *key* - *value* pairs.\n\n> The string used for a *key* in a tag that you use to define your resource coverage must begin with the prefix `Devops-guru-` . The tag *key* might be `DevOps-Guru-deployment-application` or `devops-guru-rds-application` . When you create a *key* , the case of characters in the *key* can be whatever you choose. After you create a *key* , it is case-sensitive. For example, DevOps Guru works with a *key* named `devops-guru-rds` and a *key* named `DevOps-Guru-RDS` , and these act as two different *keys* . Possible *key* / *value* pairs in your application might be `Devops-Guru-production-application/RDS` or `Devops-Guru-production-application/containers` .", - "title": "Tags", - "type": "array" + "Interval": { + "markdownDescription": "If the schedule has an age-based retention rule, this parameter specifies the period after which to deprecate AMIs created by the schedule. The period must be less than or equal to the schedule's retention period, and it can't be greater than 10 years. This is equivalent to 120 months, 520 weeks, or 3650 days.", + "title": "Interval", + "type": "number" + }, + "IntervalUnit": { + "markdownDescription": "The unit of time in which to measure the *Interval* .", + "title": "IntervalUnit", + "type": "string" } }, "type": "object" }, - "AWS::DevOpsGuru::ResourceCollection.TagCollection": { + "AWS::DLM::LifecyclePolicy.EncryptionConfiguration": { "additionalProperties": false, "properties": { - "AppBoundaryKey": { - "markdownDescription": "An AWS tag *key* that is used to identify the AWS resources that DevOps Guru analyzes. All AWS resources in your account and Region tagged with this *key* make up your DevOps Guru application and analysis boundary.\n\n> When you create a *key* , the case of characters in the *key* can be whatever you choose. After you create a *key* , it is case-sensitive. For example, DevOps Guru works with a *key* named `devops-guru-rds` and a *key* named `DevOps-Guru-RDS` , and these act as two different *keys* . Possible *key* / *value* pairs in your application might be `Devops-Guru-production-application/RDS` or `Devops-Guru-production-application/containers` .", - "title": "AppBoundaryKey", + "CmkArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key to use for EBS encryption. If this parameter is not specified, the default KMS key for the account is used.", + "title": "CmkArn", "type": "string" }, - "TagValues": { + "Encrypted": { + "markdownDescription": "To encrypt a copy of an unencrypted snapshot when encryption by default is not enabled, enable encryption using this parameter. Copies of encrypted snapshots are encrypted, even if this parameter is false or when encryption by default is not enabled.", + "title": "Encrypted", + "type": "boolean" + } + }, + "required": [ + "Encrypted" + ], + "type": "object" + }, + "AWS::DLM::LifecyclePolicy.EventParameters": { + "additionalProperties": false, + "properties": { + "DescriptionRegex": { + "markdownDescription": "The snapshot description that can trigger the policy. The description pattern is specified using a regular expression. The policy runs only if a snapshot with a description that matches the specified pattern is shared with your account.\n\nFor example, specifying `^.*Created for policy: policy-1234567890abcdef0.*$` configures the policy to run only if snapshots created by policy `policy-1234567890abcdef0` are shared with your account.", + "title": "DescriptionRegex", + "type": "string" + }, + "EventType": { + "markdownDescription": "The type of event. Currently, only snapshot sharing events are supported.", + "title": "EventType", + "type": "string" + }, + "SnapshotOwner": { "items": { "type": "string" }, - "markdownDescription": "The values in an AWS tag collection.\n\nThe tag's *value* is a field used to associate a string with the tag *key* (for example, `111122223333` , `Production` , or a team name). The *key* and *value* are the tag's *key* pair. Omitting the tag *value* is the same as using an empty string. Like tag *keys* , tag *values* are case-sensitive. You can specify a maximum of 256 characters for a tag value. The tag value is a required property when *AppBoundaryKey* is specified.", - "title": "TagValues", + "markdownDescription": "The IDs of the AWS accounts that can trigger policy by sharing snapshots with your account. The policy only runs if one of the specified AWS accounts shares a snapshot with your account.", + "title": "SnapshotOwner", "type": "array" } }, + "required": [ + "EventType", + "SnapshotOwner" + ], "type": "object" }, - "AWS::DirectoryService::MicrosoftAD": { + "AWS::DLM::LifecyclePolicy.EventSource": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Parameters": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.EventParameters", + "markdownDescription": "Information about the event.", + "title": "Parameters" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Type": { + "markdownDescription": "The source of the event. Currently only managed Amazon EventBridge (formerly known as Amazon CloudWatch) events are supported.", + "title": "Type", "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::DLM::LifecyclePolicy.ExcludeTags": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::DLM::LifecyclePolicy.ExcludeVolumeTypesList": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::DLM::LifecyclePolicy.Exclusions": { + "additionalProperties": false, + "properties": { + "ExcludeBootVolumes": { + "markdownDescription": "*[Default policies for EBS snapshots only]* Indicates whether to exclude volumes that are attached to instances as the boot volume. If you exclude boot volumes, only volumes attached as data (non-boot) volumes will be backed up by the policy. To exclude boot volumes, specify `true` .", + "title": "ExcludeBootVolumes", + "type": "boolean" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "ExcludeTags": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.ExcludeTags", + "markdownDescription": "*[Default policies for EBS-backed AMIs only]* Specifies whether to exclude volumes that have specific tags.", + "title": "ExcludeTags" }, - "Properties": { - "additionalProperties": false, - "properties": { - "CreateAlias": { - "markdownDescription": "Specifies an alias for a directory and assigns the alias to the directory. The alias is used to construct the access URL for the directory, such as `http://.awsapps.com` . By default, AWS CloudFormation does not create an alias.\n\n> After an alias has been created, it cannot be deleted or reused, so this operation should only be used when absolutely necessary.", - "title": "CreateAlias", - "type": "boolean" - }, - "Edition": { - "markdownDescription": "AWS Managed Microsoft AD is available in two editions: `Standard` and `Enterprise` . `Enterprise` is the default.", - "title": "Edition", - "type": "string" - }, - "EnableSso": { - "markdownDescription": "Whether to enable single sign-on for a Microsoft Active Directory in AWS . Single sign-on allows users in your directory to access certain AWS services from a computer joined to the directory without having to enter their credentials separately. If you don't specify a value, AWS CloudFormation disables single sign-on by default.", - "title": "EnableSso", - "type": "boolean" - }, - "Name": { - "markdownDescription": "The fully qualified domain name for the AWS Managed Microsoft AD directory, such as `corp.example.com` . This name will resolve inside your VPC only. It does not need to be publicly resolvable.", - "title": "Name", - "type": "string" - }, - "Password": { - "markdownDescription": "The password for the default administrative user named `Admin` .\n\nIf you need to change the password for the administrator account, see the [ResetUserPassword](https://docs.aws.amazon.com/directoryservice/latest/devguide/API_ResetUserPassword.html) API call in the *AWS Directory Service API Reference* .", - "title": "Password", - "type": "string" - }, - "ShortName": { - "markdownDescription": "The NetBIOS name for your domain, such as `CORP` . If you don't specify a NetBIOS name, it will default to the first part of your directory DNS. For example, `CORP` for the directory DNS `corp.example.com` .", - "title": "ShortName", - "type": "string" - }, - "VpcSettings": { - "$ref": "#/definitions/AWS::DirectoryService::MicrosoftAD.VpcSettings", - "markdownDescription": "Specifies the VPC settings of the Microsoft AD directory server in AWS .", - "title": "VpcSettings" - } + "ExcludeVolumeTypes": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.ExcludeVolumeTypesList", + "markdownDescription": "*[Default policies for EBS snapshots only]* Specifies the volume types to exclude. Volumes of the specified types will not be targeted by the policy.", + "title": "ExcludeVolumeTypes" + } + }, + "type": "object" + }, + "AWS::DLM::LifecyclePolicy.FastRestoreRule": { + "additionalProperties": false, + "properties": { + "AvailabilityZones": { + "items": { + "type": "string" }, - "required": [ - "Name", - "Password", - "VpcSettings" - ], - "type": "object" + "markdownDescription": "The Availability Zones in which to enable fast snapshot restore.", + "title": "AvailabilityZones", + "type": "array" }, - "Type": { - "enum": [ - "AWS::DirectoryService::MicrosoftAD" - ], - "type": "string" + "Count": { + "markdownDescription": "The number of snapshots to be enabled with fast snapshot restore.", + "title": "Count", + "type": "number" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Interval": { + "markdownDescription": "The amount of time to enable fast snapshot restore. The maximum is 100 years. This is equivalent to 1200 months, 5200 weeks, or 36500 days.", + "title": "Interval", + "type": "number" + }, + "IntervalUnit": { + "markdownDescription": "The unit of time for enabling fast snapshot restore.", + "title": "IntervalUnit", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::DirectoryService::MicrosoftAD.VpcSettings": { + "AWS::DLM::LifecyclePolicy.Parameters": { "additionalProperties": false, "properties": { - "SubnetIds": { + "ExcludeBootVolume": { + "markdownDescription": "*[Custom snapshot policies that target instances only]* Indicates whether to exclude the root volume from multi-volume snapshot sets. The default is `false` . If you specify `true` , then the root volumes attached to targeted instances will be excluded from the multi-volume snapshot sets created by the policy.", + "title": "ExcludeBootVolume", + "type": "boolean" + }, + "ExcludeDataVolumeTags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The identifiers of the subnets for the directory servers. The two subnets must be in different Availability Zones. AWS Directory Service specifies a directory server and a DNS server in each of these subnets.", - "title": "SubnetIds", + "markdownDescription": "*[Custom snapshot policies that target instances only]* The tags used to identify data (non-root) volumes to exclude from multi-volume snapshot sets.\n\nIf you create a snapshot lifecycle policy that targets instances and you specify tags for this parameter, then data volumes with the specified tags that are attached to targeted instances will be excluded from the multi-volume snapshot sets created by the policy.", + "title": "ExcludeDataVolumeTags", "type": "array" }, - "VpcId": { - "markdownDescription": "The identifier of the VPC in which to create the directory.", - "title": "VpcId", - "type": "string" + "NoReboot": { + "markdownDescription": "*[Custom AMI policies only]* Indicates whether targeted instances are rebooted when the lifecycle policy runs. `true` indicates that targeted instances are not rebooted when the policy runs. `false` indicates that target instances are rebooted when the policy runs. The default is `true` (instances are not rebooted).", + "title": "NoReboot", + "type": "boolean" } }, - "required": [ - "SubnetIds", - "VpcId" - ], "type": "object" }, - "AWS::DirectoryService::SimpleAD": { + "AWS::DLM::LifecyclePolicy.PolicyDetails": { "additionalProperties": false, "properties": { - "Condition": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Action" + }, + "markdownDescription": "*[Event-based policies only]* The actions to be performed when the event-based policy is activated. You can specify only one action per policy.", + "title": "Actions", + "type": "array" + }, + "CopyTags": { + "markdownDescription": "*[Default policies only]* Indicates whether the policy should copy tags from the source resource to the snapshot or AMI. If you do not specify a value, the default is `false` .\n\nDefault: false", + "title": "CopyTags", + "type": "boolean" + }, + "CreateInterval": { + "markdownDescription": "*[Default policies only]* Specifies how often the policy should run and create snapshots or AMIs. The creation frequency can range from 1 to 7 days. If you do not specify a value, the default is 1.\n\nDefault: 1", + "title": "CreateInterval", + "type": "number" + }, + "CrossRegionCopyTargets": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyTargets", + "markdownDescription": "*[Default policies only]* Specifies destination Regions for snapshot or AMI copies. You can specify up to 3 destination Regions. If you do not want to create cross-Region copies, omit this parameter.", + "title": "CrossRegionCopyTargets" + }, + "EventSource": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.EventSource", + "markdownDescription": "*[Event-based policies only]* The event that activates the event-based policy.", + "title": "EventSource" + }, + "Exclusions": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Exclusions", + "markdownDescription": "*[Default policies only]* Specifies exclusion parameters for volumes or instances for which you do not want to create snapshots or AMIs. The policy will not create snapshots or AMIs for target resources that match any of the specified exclusion parameters.", + "title": "Exclusions" + }, + "ExtendDeletion": { + "markdownDescription": "*[Default policies only]* Defines the snapshot or AMI retention behavior for the policy if the source volume or instance is deleted, or if the policy enters the error, disabled, or deleted state.\n\nBy default ( *ExtendDeletion=false* ):\n\n- If a source resource is deleted, Amazon Data Lifecycle Manager will continue to delete previously created snapshots or AMIs, up to but not including the last one, based on the specified retention period. If you want Amazon Data Lifecycle Manager to delete all snapshots or AMIs, including the last one, specify `true` .\n- If a policy enters the error, disabled, or deleted state, Amazon Data Lifecycle Manager stops deleting snapshots and AMIs. If you want Amazon Data Lifecycle Manager to continue deleting snapshots or AMIs, including the last one, if the policy enters one of these states, specify `true` .\n\nIf you enable extended deletion ( *ExtendDeletion=true* ), you override both default behaviors simultaneously.\n\nIf you do not specify a value, the default is `false` .\n\nDefault: false", + "title": "ExtendDeletion", + "type": "boolean" + }, + "Parameters": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Parameters", + "markdownDescription": "*[Custom snapshot and AMI policies only]* A set of optional parameters for snapshot and AMI lifecycle policies.\n\n> If you are modifying a policy that was created or previously modified using the Amazon Data Lifecycle Manager console, then you must include this parameter and specify either the default values or the new values that you require. You can't omit this parameter or set its values to null.", + "title": "Parameters" + }, + "PolicyLanguage": { + "markdownDescription": "The type of policy to create. Specify one of the following:\n\n- `SIMPLIFIED` To create a default policy.\n- `STANDARD` To create a custom policy.", + "title": "PolicyLanguage", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "PolicyType": { + "markdownDescription": "The type of policy. Specify `EBS_SNAPSHOT_MANAGEMENT` to create a lifecycle policy that manages the lifecycle of Amazon EBS snapshots. Specify `IMAGE_MANAGEMENT` to create a lifecycle policy that manages the lifecycle of EBS-backed AMIs. Specify `EVENT_BASED_POLICY` to create an event-based policy that performs specific actions when a defined event occurs in your AWS account .\n\nThe default is `EBS_SNAPSHOT_MANAGEMENT` .", + "title": "PolicyType", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ResourceLocations": { + "items": { + "type": "string" + }, + "markdownDescription": "*[Custom snapshot and AMI policies only]* The location of the resources to backup.\n\n- If the source resources are located in a Region, specify `CLOUD` . In this case, the policy targets all resources of the specified type with matching target tags across all Availability Zones in the Region.\n- *[Custom snapshot policies only]* If the source resources are located in a Local Zone, specify `LOCAL_ZONE` . In this case, the policy targets all resources of the specified type with matching target tags across all Local Zones in the Region.\n- If the source resources are located on an Outpost in your account, specify `OUTPOST` . In this case, the policy targets all resources of the specified type with matching target tags across all of the Outposts in your account.", + "title": "ResourceLocations", + "type": "array" }, - "Metadata": { - "type": "object" + "ResourceType": { + "markdownDescription": "*[Default policies only]* Specify the type of default policy to create.\n\n- To create a default policy for EBS snapshots, that creates snapshots of all volumes in the Region that do not have recent backups, specify `VOLUME` .\n- To create a default policy for EBS-backed AMIs, that creates EBS-backed AMIs from all instances in the Region that do not have recent backups, specify `INSTANCE` .", + "title": "ResourceType", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "CreateAlias": { - "markdownDescription": "If set to `true` , specifies an alias for a directory and assigns the alias to the directory. The alias is used to construct the access URL for the directory, such as `http://.awsapps.com` . By default, this property is set to `false` .\n\n> After an alias has been created, it cannot be deleted or reused, so this operation should only be used when absolutely necessary.", - "title": "CreateAlias", - "type": "boolean" - }, - "Description": { - "markdownDescription": "A description for the directory.", - "title": "Description", - "type": "string" - }, - "EnableSso": { - "markdownDescription": "Whether to enable single sign-on for a directory. If you don't specify a value, AWS CloudFormation disables single sign-on by default.", - "title": "EnableSso", - "type": "boolean" - }, - "Name": { - "markdownDescription": "The fully qualified name for the directory, such as `corp.example.com` .", - "title": "Name", - "type": "string" - }, - "Password": { - "markdownDescription": "The password for the directory administrator. The directory creation process creates a directory administrator account with the user name `Administrator` and this password.\n\nIf you need to change the password for the administrator account, see the [ResetUserPassword](https://docs.aws.amazon.com/directoryservice/latest/devguide/API_ResetUserPassword.html) API call in the *AWS Directory Service API Reference* .", - "title": "Password", - "type": "string" - }, - "ShortName": { - "markdownDescription": "The NetBIOS name of the directory, such as `CORP` .", - "title": "ShortName", - "type": "string" - }, - "Size": { - "markdownDescription": "The size of the directory. For valid values, see [CreateDirectory](https://docs.aws.amazon.com/directoryservice/latest/devguide/API_CreateDirectory.html) in the *AWS Directory Service API Reference* .", - "title": "Size", - "type": "string" - }, - "VpcSettings": { - "$ref": "#/definitions/AWS::DirectoryService::SimpleAD.VpcSettings", - "markdownDescription": "A [DirectoryVpcSettings](https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DirectoryVpcSettings.html) object that contains additional information for the operation.", - "title": "VpcSettings" - } + "ResourceTypes": { + "items": { + "type": "string" }, - "required": [ - "Name", - "Size", - "VpcSettings" - ], - "type": "object" + "markdownDescription": "*[Custom snapshot policies only]* The target resource type for snapshot and AMI lifecycle policies. Use `VOLUME` to create snapshots of individual volumes or use `INSTANCE` to create multi-volume snapshots from the volumes for an instance.", + "title": "ResourceTypes", + "type": "array" }, - "Type": { - "enum": [ - "AWS::DirectoryService::SimpleAD" - ], + "RetainInterval": { + "markdownDescription": "*[Default policies only]* Specifies how long the policy should retain snapshots or AMIs before deleting them. The retention period can range from 2 to 14 days, but it must be greater than the creation frequency to ensure that the policy retains at least 1 snapshot or AMI at any given time. If you do not specify a value, the default is 7.\n\nDefault: 7", + "title": "RetainInterval", + "type": "number" + }, + "Schedules": { + "items": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Schedule" + }, + "markdownDescription": "*[Custom snapshot and AMI policies only]* The schedules of policy-defined actions for snapshot and AMI lifecycle policies. A policy can have up to four schedules\u2014one mandatory schedule and up to three optional schedules.", + "title": "Schedules", + "type": "array" + }, + "TargetTags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "*[Custom snapshot and AMI policies only]* The single tag that identifies targeted resources for this policy.", + "title": "TargetTags", + "type": "array" + } + }, + "type": "object" + }, + "AWS::DLM::LifecyclePolicy.RetainRule": { + "additionalProperties": false, + "properties": { + "Count": { + "markdownDescription": "The number of snapshots to retain for each volume, up to a maximum of 1000. For example if you want to retain a maximum of three snapshots, specify `3` . When the fourth snapshot is created, the oldest retained snapshot is deleted, or it is moved to the archive tier if you have specified an [ArchiveRule](https://docs.aws.amazon.com/dlm/latest/APIReference/API_ArchiveRule.html) .", + "title": "Count", + "type": "number" + }, + "Interval": { + "markdownDescription": "The amount of time to retain each snapshot. The maximum is 100 years. This is equivalent to 1200 months, 5200 weeks, or 36500 days.", + "title": "Interval", + "type": "number" + }, + "IntervalUnit": { + "markdownDescription": "The unit of time for time-based retention. For example, to retain snapshots for 3 months, specify `Interval=3` and `IntervalUnit=MONTHS` . Once the snapshot has been retained for 3 months, it is deleted, or it is moved to the archive tier if you have specified an [ArchiveRule](https://docs.aws.amazon.com/dlm/latest/APIReference/API_ArchiveRule.html) .", + "title": "IntervalUnit", "type": "string" + } + }, + "type": "object" + }, + "AWS::DLM::LifecyclePolicy.RetentionArchiveTier": { + "additionalProperties": false, + "properties": { + "Count": { + "markdownDescription": "The maximum number of snapshots to retain in the archive storage tier for each volume. The count must ensure that each snapshot remains in the archive tier for at least 90 days. For example, if the schedule creates snapshots every 30 days, you must specify a count of 3 or more to ensure that each snapshot is archived for at least 90 days.", + "title": "Count", + "type": "number" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Interval": { + "markdownDescription": "Specifies the period of time to retain snapshots in the archive tier. After this period expires, the snapshot is permanently deleted.", + "title": "Interval", + "type": "number" + }, + "IntervalUnit": { + "markdownDescription": "The unit of time in which to measure the *Interval* . For example, to retain a snapshots in the archive tier for 6 months, specify `Interval=6` and `IntervalUnit=MONTHS` .", + "title": "IntervalUnit", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::DirectoryService::SimpleAD.VpcSettings": { + "AWS::DLM::LifecyclePolicy.Schedule": { "additionalProperties": false, "properties": { - "SubnetIds": { + "ArchiveRule": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.ArchiveRule", + "markdownDescription": "*[Custom snapshot policies that target volumes only]* The snapshot archiving rule for the schedule. When you specify an archiving rule, snapshots are automatically moved from the standard tier to the archive tier once the schedule's retention threshold is met. Snapshots are then retained in the archive tier for the archive retention period that you specify.\n\nFor more information about using snapshot archiving, see [Considerations for snapshot lifecycle policies](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/snapshot-ami-policy.html#dlm-archive) .", + "title": "ArchiveRule" + }, + "CopyTags": { + "markdownDescription": "Copy all user-defined tags on a source volume to snapshots of the volume created by this policy.", + "title": "CopyTags", + "type": "boolean" + }, + "CreateRule": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CreateRule", + "markdownDescription": "The creation rule.", + "title": "CreateRule" + }, + "CrossRegionCopyRules": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyRule" }, - "markdownDescription": "The identifiers of the subnets for the directory servers. The two subnets must be in different Availability Zones. AWS Directory Service specifies a directory server and a DNS server in each of these subnets.", - "title": "SubnetIds", + "markdownDescription": "Specifies a rule for copying snapshots or AMIs across Regions.\n\n> You can't specify cross-Region copy rules for policies that create snapshots on an Outpost or in a Local Zone. If the policy creates snapshots in a Region, then snapshots can be copied to up to three Regions or Outposts.", + "title": "CrossRegionCopyRules", "type": "array" }, - "VpcId": { - "markdownDescription": "The identifier of the VPC in which to create the directory.", - "title": "VpcId", + "DeprecateRule": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.DeprecateRule", + "markdownDescription": "*[Custom AMI policies only]* The AMI deprecation rule for the schedule.", + "title": "DeprecateRule" + }, + "FastRestoreRule": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.FastRestoreRule", + "markdownDescription": "*[Custom snapshot policies only]* The rule for enabling fast snapshot restore.", + "title": "FastRestoreRule" + }, + "Name": { + "markdownDescription": "The name of the schedule.", + "title": "Name", "type": "string" + }, + "RetainRule": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.RetainRule", + "markdownDescription": "The retention rule for snapshots or AMIs created by the policy.", + "title": "RetainRule" + }, + "ShareRules": { + "items": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.ShareRule" + }, + "markdownDescription": "*[Custom snapshot policies only]* The rule for sharing snapshots with other AWS accounts .", + "title": "ShareRules", + "type": "array" + }, + "TagsToAdd": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to apply to policy-created resources. These user-defined tags are in addition to the AWS -added lifecycle tags.", + "title": "TagsToAdd", + "type": "array" + }, + "VariableTags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "*[AMI policies and snapshot policies that target instances only]* A collection of key/value pairs with values determined dynamically when the policy is executed. Keys may be any valid Amazon EC2 tag key. Values must be in one of the two following formats: `$(instance-id)` or `$(timestamp)` . Variable tags are only valid for EBS Snapshot Management \u2013 Instance policies.", + "title": "VariableTags", + "type": "array" } }, - "required": [ - "SubnetIds", - "VpcId" - ], "type": "object" }, - "AWS::DocDB::DBCluster": { + "AWS::DLM::LifecyclePolicy.Script": { "additionalProperties": false, "properties": { - "Condition": { + "ExecuteOperationOnScriptFailure": { + "markdownDescription": "Indicates whether Amazon Data Lifecycle Manager should default to crash-consistent snapshots if the pre script fails.\n\n- To default to crash consistent snapshot if the pre script fails, specify `true` .\n- To skip the instance for snapshot creation if the pre script fails, specify `false` .\n\nThis parameter is supported only if you run a pre script. If you run a post script only, omit this parameter.\n\nDefault: true", + "title": "ExecuteOperationOnScriptFailure", + "type": "boolean" + }, + "ExecutionHandler": { + "markdownDescription": "The SSM document that includes the pre and/or post scripts to run.\n\n- If you are automating VSS backups, specify `AWS_VSS_BACKUP` . In this case, Amazon Data Lifecycle Manager automatically uses the `AWSEC2-CreateVssSnapshot` SSM document.\n- If you are automating application-consistent snapshots for SAP HANA workloads, specify `AWSSystemsManagerSAP-CreateDLMSnapshotForSAPHANA` .\n- If you are using a custom SSM document that you own, specify either the name or ARN of the SSM document. If you are using a custom SSM document that is shared with you, specify the ARN of the SSM document.", + "title": "ExecutionHandler", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ExecutionHandlerService": { + "markdownDescription": "Indicates the service used to execute the pre and/or post scripts.\n\n- If you are using custom SSM documents or automating application-consistent snapshots of SAP HANA workloads, specify `AWS_SYSTEMS_MANAGER` .\n- If you are automating VSS Backups, omit this parameter.\n\nDefault: AWS_SYSTEMS_MANAGER", + "title": "ExecutionHandlerService", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ExecutionTimeout": { + "markdownDescription": "Specifies a timeout period, in seconds, after which Amazon Data Lifecycle Manager fails the script run attempt if it has not completed. If a script does not complete within its timeout period, Amazon Data Lifecycle Manager fails the attempt. The timeout period applies to the pre and post scripts individually.\n\nIf you are automating VSS Backups, omit this parameter.\n\nDefault: 10", + "title": "ExecutionTimeout", + "type": "number" }, - "Metadata": { - "type": "object" + "MaximumRetryCount": { + "markdownDescription": "Specifies the number of times Amazon Data Lifecycle Manager should retry scripts that fail.\n\n- If the pre script fails, Amazon Data Lifecycle Manager retries the entire snapshot creation process, including running the pre and post scripts.\n- If the post script fails, Amazon Data Lifecycle Manager retries the post script only; in this case, the pre script will have completed and the snapshot might have been created.\n\nIf you do not want Amazon Data Lifecycle Manager to retry failed scripts, specify `0` .\n\nDefault: 0", + "title": "MaximumRetryCount", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AvailabilityZones": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of Amazon EC2 Availability Zones that instances in the cluster can be created in.", - "title": "AvailabilityZones", - "type": "array" - }, - "BackupRetentionPeriod": { - "markdownDescription": "The number of days for which automated backups are retained. You must specify a minimum value of 1.\n\nDefault: 1\n\nConstraints:\n\n- Must be a value from 1 to 35.", - "title": "BackupRetentionPeriod", - "type": "number" - }, - "CopyTagsToSnapshot": { - "markdownDescription": "Set to `true` to copy all tags from the source cluster snapshot to the target cluster snapshot, and otherwise `false` . The default is `false` .", - "title": "CopyTagsToSnapshot", - "type": "boolean" - }, - "DBClusterIdentifier": { - "markdownDescription": "The cluster identifier. This parameter is stored as a lowercase string.\n\nConstraints:\n\n- Must contain from 1 to 63 letters, numbers, or hyphens.\n- The first character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.\n\nExample: `my-cluster`", - "title": "DBClusterIdentifier", - "type": "string" - }, - "DBClusterParameterGroupName": { - "markdownDescription": "The name of the cluster parameter group to associate with this cluster.", - "title": "DBClusterParameterGroupName", - "type": "string" - }, - "DBSubnetGroupName": { - "markdownDescription": "A subnet group to associate with this cluster.\n\nConstraints: Must match the name of an existing `DBSubnetGroup` . Must not be default.\n\nExample: `mySubnetgroup`", - "title": "DBSubnetGroupName", - "type": "string" - }, - "DeletionProtection": { - "markdownDescription": "Protects clusters from being accidentally deleted. If enabled, the cluster cannot be deleted unless it is modified and `DeletionProtection` is disabled.", - "title": "DeletionProtection", - "type": "boolean" - }, - "EnableCloudwatchLogsExports": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of log types that need to be enabled for exporting to Amazon CloudWatch Logs. You can enable audit logs or profiler logs. For more information, see [Auditing Amazon DocumentDB Events](https://docs.aws.amazon.com/documentdb/latest/developerguide/event-auditing.html) and [Profiling Amazon DocumentDB Operations](https://docs.aws.amazon.com/documentdb/latest/developerguide/profiling.html) .", - "title": "EnableCloudwatchLogsExports", - "type": "array" - }, - "EngineVersion": { - "markdownDescription": "The version number of the database engine to use. The `--engine-version` will default to the latest major engine version. For production workloads, we recommend explicitly declaring this parameter with the intended major engine version.\n\nIf you intend to trigger an in-place upgrade, please refer to [Amazon DocumentDB in-place major version upgrade](https://docs.aws.amazon.com/documentdb/latest/developerguide/docdb-mvu.html) . Note that for an in-place engine version upgrade, you need to remove other cluster properties changes (e.g. SecurityGroupId) from the CFN template.", - "title": "EngineVersion", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "The AWS KMS key identifier for an encrypted cluster.\n\nThe AWS KMS key identifier is the Amazon Resource Name (ARN) for the AWS KMS encryption key. If you are creating a cluster using the same AWS account that owns the AWS KMS encryption key that is used to encrypt the new cluster, you can use the AWS KMS key alias instead of the ARN for the AWS KMS encryption key.\n\nIf an encryption key is not specified in `KmsKeyId` :\n\n- If the `StorageEncrypted` parameter is `true` , Amazon DocumentDB uses your default encryption key.\n\nAWS KMS creates the default encryption key for your AWS account . Your AWS account has a different default encryption key for each AWS Regions .", - "title": "KmsKeyId", - "type": "string" - }, - "MasterUserPassword": { - "markdownDescription": "The password for the master database user. This password can contain any printable ASCII character except forward slash (/), double quote (\"), or the \"at\" symbol (@).\n\nConstraints: Must contain from 8 to 100 characters.", - "title": "MasterUserPassword", - "type": "string" - }, - "MasterUsername": { - "markdownDescription": "The name of the master user for the cluster.\n\nConstraints:\n\n- Must be from 1 to 63 letters or numbers.\n- The first character must be a letter.\n- Cannot be a reserved word for the chosen database engine.", - "title": "MasterUsername", - "type": "string" - }, - "Port": { - "markdownDescription": "Specifies the port that the database engine is listening on.", - "title": "Port", - "type": "number" - }, - "PreferredBackupWindow": { - "markdownDescription": "The daily time range during which automated backups are created if automated backups are enabled using the `BackupRetentionPeriod` parameter.\n\nThe default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region .\n\nConstraints:\n\n- Must be in the format `hh24:mi-hh24:mi` .\n- Must be in Universal Coordinated Time (UTC).\n- Must not conflict with the preferred maintenance window.\n- Must be at least 30 minutes.", - "title": "PreferredBackupWindow", - "type": "string" - }, - "PreferredMaintenanceWindow": { - "markdownDescription": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n\nFormat: `ddd:hh24:mi-ddd:hh24:mi`\n\nThe default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region , occurring on a random day of the week.\n\nValid days: Mon, Tue, Wed, Thu, Fri, Sat, Sun\n\nConstraints: Minimum 30-minute window.", - "title": "PreferredMaintenanceWindow", - "type": "string" - }, - "RestoreToTime": { - "markdownDescription": "The date and time to restore the cluster to.\n\nValid values: A time in Universal Coordinated Time (UTC) format.\n\nConstraints:\n\n- Must be before the latest restorable time for the instance.\n- Must be specified if the `UseLatestRestorableTime` parameter is not provided.\n- Cannot be specified if the `UseLatestRestorableTime` parameter is `true` .\n- Cannot be specified if the `RestoreType` parameter is `copy-on-write` .\n\nExample: `2015-03-07T23:45:00Z`", - "title": "RestoreToTime", - "type": "string" - }, - "RestoreType": { - "markdownDescription": "The type of restore to be performed. You can specify one of the following values:\n\n- `full-copy` - The new DB cluster is restored as a full copy of the source DB cluster.\n- `copy-on-write` - The new DB cluster is restored as a clone of the source DB cluster.\n\nConstraints: You can't specify `copy-on-write` if the engine version of the source DB cluster is earlier than 1.11.\n\nIf you don't specify a `RestoreType` value, then the new DB cluster is restored as a full copy of the source DB cluster.", - "title": "RestoreType", - "type": "string" - }, - "SnapshotIdentifier": { - "markdownDescription": "The identifier for the snapshot or cluster snapshot to restore from.\n\nYou can use either the name or the Amazon Resource Name (ARN) to specify a cluster snapshot. However, you can use only the ARN to specify a snapshot.\n\nConstraints:\n\n- Must match the identifier of an existing snapshot.", - "title": "SnapshotIdentifier", - "type": "string" - }, - "SourceDBClusterIdentifier": { - "markdownDescription": "The identifier of the source cluster from which to restore.\n\nConstraints:\n\n- Must match the identifier of an existing `DBCluster` .", - "title": "SourceDBClusterIdentifier", - "type": "string" - }, - "StorageEncrypted": { - "markdownDescription": "Specifies whether the cluster is encrypted.\n\nIf you specify `SourceDBClusterIdentifier` or `SnapshotIdentifier` and don\u2019t specify `StorageEncrypted` , the encryption property is inherited from the source cluster or snapshot (unless `KMSKeyId` is specified, in which case the restored cluster will be encrypted with that KMS key). If the source is encrypted and `StorageEncrypted` is specified to be true, the restored cluster will be encrypted (if you want to use a different KMS key, specify the `KMSKeyId` property as well). If the source is unencrypted and `StorageEncrypted` is specified to be true, then the `KMSKeyId` property must be specified. If the source is encrypted, don\u2019t specify `StorageEncrypted` to be false as opting out of encryption is not allowed.", - "title": "StorageEncrypted", - "type": "boolean" - }, - "StorageType": { - "markdownDescription": "The storage type to associate with the DB cluster.\n\nFor information on storage types for Amazon DocumentDB clusters, see Cluster storage configurations in the *Amazon DocumentDB Developer Guide* .\n\nValid values for storage type - `standard | iopt1`\n\nDefault value is `standard`\n\n> When you create a DocumentDB DB cluster with the storage type set to `iopt1` , the storage type is returned in the response. The storage type isn't returned when you set it to `standard` .", - "title": "StorageType", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to be assigned to the cluster.", - "title": "Tags", - "type": "array" - }, - "UseLatestRestorableTime": { - "markdownDescription": "A value that is set to `true` to restore the cluster to the latest restorable backup time, and `false` otherwise.\n\nDefault: `false`\n\nConstraints: Cannot be specified if the `RestoreToTime` parameter is provided.", - "title": "UseLatestRestorableTime", - "type": "boolean" - }, - "VpcSecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of EC2 VPC security groups to associate with this cluster.", - "title": "VpcSecurityGroupIds", - "type": "array" - } + "Stages": { + "items": { + "type": "string" }, - "type": "object" + "markdownDescription": "Indicate which scripts Amazon Data Lifecycle Manager should run on target instances. Pre scripts run before Amazon Data Lifecycle Manager initiates snapshot creation. Post scripts run after Amazon Data Lifecycle Manager initiates snapshot creation.\n\n- To run a pre script only, specify `PRE` . In this case, Amazon Data Lifecycle Manager calls the SSM document with the `pre-script` parameter before initiating snapshot creation.\n- To run a post script only, specify `POST` . In this case, Amazon Data Lifecycle Manager calls the SSM document with the `post-script` parameter after initiating snapshot creation.\n- To run both pre and post scripts, specify both `PRE` and `POST` . In this case, Amazon Data Lifecycle Manager calls the SSM document with the `pre-script` parameter before initiating snapshot creation, and then it calls the SSM document again with the `post-script` parameter after initiating snapshot creation.\n\nIf you are automating VSS Backups, omit this parameter.\n\nDefault: PRE and POST", + "title": "Stages", + "type": "array" + } + }, + "type": "object" + }, + "AWS::DLM::LifecyclePolicy.ShareRule": { + "additionalProperties": false, + "properties": { + "TargetAccounts": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the AWS accounts with which to share the snapshots.", + "title": "TargetAccounts", + "type": "array" }, - "Type": { - "enum": [ - "AWS::DocDB::DBCluster" - ], - "type": "string" + "UnshareInterval": { + "markdownDescription": "The period after which snapshots that are shared with other AWS accounts are automatically unshared.", + "title": "UnshareInterval", + "type": "number" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "UnshareIntervalUnit": { + "markdownDescription": "The unit of time for the automatic unsharing interval.", + "title": "UnshareIntervalUnit", "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::DocDB::DBClusterParameterGroup": { + "AWS::DLM::LifecyclePolicy.VolumeTypeValues": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::DMS::Certificate": { "additionalProperties": false, "properties": { "Condition": { @@ -66675,45 +72803,27 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description for the cluster parameter group.", - "title": "Description", + "CertificateIdentifier": { + "markdownDescription": "A customer-assigned name for the certificate. Identifiers must begin with a letter and must contain only ASCII letters, digits, and hyphens. They can't end with a hyphen or contain two consecutive hyphens.", + "title": "CertificateIdentifier", "type": "string" }, - "Family": { - "markdownDescription": "The cluster parameter group family name.", - "title": "Family", + "CertificatePem": { + "markdownDescription": "The contents of a `.pem` file, which contains an X.509 certificate.", + "title": "CertificatePem", "type": "string" }, - "Name": { - "markdownDescription": "The name of the DB cluster parameter group.\n\nConstraints:\n\n- Must not match the name of an existing `DBClusterParameterGroup` .\n\n> This value is stored as a lowercase string.", - "title": "Name", + "CertificateWallet": { + "markdownDescription": "The location of an imported Oracle Wallet certificate for use with SSL. An example is: `filebase64(\"${path.root}/rds-ca-2019-root.sso\")`", + "title": "CertificateWallet", "type": "string" - }, - "Parameters": { - "markdownDescription": "Provides a list of parameters for the cluster parameter group.", - "title": "Parameters", - "type": "object" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to be assigned to the cluster parameter group.", - "title": "Tags", - "type": "array" } }, - "required": [ - "Description", - "Family", - "Parameters" - ], "type": "object" }, "Type": { "enum": [ - "AWS::DocDB::DBClusterParameterGroup" + "AWS::DMS::Certificate" ], "type": "string" }, @@ -66727,12 +72837,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::DocDB::DBInstance": { + "AWS::DMS::DataMigration": { "additionalProperties": false, "properties": { "Condition": { @@ -66767,69 +72876,63 @@ "Properties": { "additionalProperties": false, "properties": { - "AutoMinorVersionUpgrade": { - "markdownDescription": "This parameter does not apply to Amazon DocumentDB. Amazon DocumentDB does not perform minor version upgrades regardless of the value set.\n\nDefault: `false`", - "title": "AutoMinorVersionUpgrade", - "type": "boolean" - }, - "AvailabilityZone": { - "markdownDescription": "The Amazon EC2 Availability Zone that the instance is created in.\n\nDefault: A random, system-chosen Availability Zone in the endpoint's AWS Region .\n\nExample: `us-east-1d`", - "title": "AvailabilityZone", + "DataMigrationIdentifier": { + "markdownDescription": "", + "title": "DataMigrationIdentifier", "type": "string" }, - "CACertificateIdentifier": { - "markdownDescription": "The identifier of the CA certificate for this DB instance.", - "title": "CACertificateIdentifier", + "DataMigrationName": { + "markdownDescription": "The user-friendly name for the data migration.", + "title": "DataMigrationName", "type": "string" }, - "CertificateRotationRestart": { - "markdownDescription": "Specifies whether the DB instance is restarted when you rotate your SSL/TLS certificate.\n\nBy default, the DB instance is restarted when you rotate your SSL/TLS certificate. The certificate is not updated until the DB instance is restarted.\n\n> Set this parameter only if you are *not* using SSL/TLS to connect to the DB instance. \n\nIf you are using SSL/TLS to connect to the DB instance, see [Updating Your Amazon DocumentDB TLS Certificates](https://docs.aws.amazon.com/documentdb/latest/developerguide/ca_cert_rotation.html) and [Encrypting Data in Transit](https://docs.aws.amazon.com/documentdb/latest/developerguide/security.encryption.ssl.html) in the *Amazon DocumentDB Developer Guide* .", - "title": "CertificateRotationRestart", - "type": "boolean" + "DataMigrationSettings": { + "$ref": "#/definitions/AWS::DMS::DataMigration.DataMigrationSettings", + "markdownDescription": "Specifies CloudWatch settings and selection rules for the data migration.", + "title": "DataMigrationSettings" }, - "DBClusterIdentifier": { - "markdownDescription": "The identifier of the cluster that the instance will belong to.", - "title": "DBClusterIdentifier", + "DataMigrationType": { + "markdownDescription": "Specifies whether the data migration is full-load only, change data capture (CDC) only, or full-load and CDC.", + "title": "DataMigrationType", "type": "string" }, - "DBInstanceClass": { - "markdownDescription": "The compute and memory capacity of the instance; for example, `db.m4.large` . If you change the class of an instance there can be some interruption in the cluster's service.", - "title": "DBInstanceClass", + "MigrationProjectIdentifier": { + "markdownDescription": "", + "title": "MigrationProjectIdentifier", "type": "string" }, - "DBInstanceIdentifier": { - "markdownDescription": "The instance identifier. This parameter is stored as a lowercase string.\n\nConstraints:\n\n- Must contain from 1 to 63 letters, numbers, or hyphens.\n- The first character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.\n\nExample: `mydbinstance`", - "title": "DBInstanceIdentifier", + "ServiceAccessRoleArn": { + "markdownDescription": "The IAM role that the data migration uses to access AWS resources.", + "title": "ServiceAccessRoleArn", "type": "string" }, - "EnablePerformanceInsights": { - "markdownDescription": "A value that indicates whether to enable Performance Insights for the DB Instance. For more information, see [Using Amazon Performance Insights](https://docs.aws.amazon.com/documentdb/latest/developerguide/performance-insights.html) .", - "title": "EnablePerformanceInsights", - "type": "boolean" - }, - "PreferredMaintenanceWindow": { - "markdownDescription": "The time range each week during which system maintenance can occur, in Universal Coordinated Time (UTC).\n\nFormat: `ddd:hh24:mi-ddd:hh24:mi`\n\nThe default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region , occurring on a random day of the week.\n\nValid days: Mon, Tue, Wed, Thu, Fri, Sat, Sun\n\nConstraints: Minimum 30-minute window.", - "title": "PreferredMaintenanceWindow", - "type": "string" + "SourceDataSettings": { + "items": { + "$ref": "#/definitions/AWS::DMS::DataMigration.SourceDataSettings" + }, + "markdownDescription": "Specifies information about the data migration's source data provider.", + "title": "SourceDataSettings", + "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to be assigned to the instance. You can assign up to 10 tags to an instance.", + "markdownDescription": "", "title": "Tags", "type": "array" } }, "required": [ - "DBClusterIdentifier", - "DBInstanceClass" + "DataMigrationType", + "MigrationProjectIdentifier", + "ServiceAccessRoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::DocDB::DBInstance" + "AWS::DMS::DataMigration" ], "type": "string" }, @@ -66848,194 +72951,54 @@ ], "type": "object" }, - "AWS::DocDB::DBSubnetGroup": { + "AWS::DMS::DataMigration.DataMigrationSettings": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DBSubnetGroupDescription": { - "markdownDescription": "The description for the subnet group.", - "title": "DBSubnetGroupDescription", - "type": "string" - }, - "DBSubnetGroupName": { - "markdownDescription": "The name for the subnet group. This value is stored as a lowercase string.\n\nConstraints: Must contain no more than 255 letters, numbers, periods, underscores, spaces, or hyphens. Must not be default.\n\nExample: `mySubnetgroup`", - "title": "DBSubnetGroupName", - "type": "string" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon EC2 subnet IDs for the subnet group.", - "title": "SubnetIds", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to be assigned to the subnet group.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "DBSubnetGroupDescription", - "SubnetIds" - ], - "type": "object" + "CloudwatchLogsEnabled": { + "markdownDescription": "Whether to enable CloudWatch logging for the data migration.", + "title": "CloudwatchLogsEnabled", + "type": "boolean" }, - "Type": { - "enum": [ - "AWS::DocDB::DBSubnetGroup" - ], - "type": "string" + "NumberOfJobs": { + "markdownDescription": "The number of parallel jobs that trigger parallel threads to unload the tables from the source, and then load them to the target.", + "title": "NumberOfJobs", + "type": "number" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SelectionRules": { + "markdownDescription": "A JSON-formatted string that defines what objects to include and exclude from the migration.", + "title": "SelectionRules", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::DocDB::EventSubscription": { + "AWS::DMS::DataMigration.SourceDataSettings": { "additionalProperties": false, "properties": { - "Condition": { + "CDCStartPosition": { + "markdownDescription": "", + "title": "CDCStartPosition", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "CDCStartTime": { + "markdownDescription": "", + "title": "CDCStartTime", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "A Boolean value; set to `true` to activate the subscription, set to `false` to create the subscription but not active it.", - "title": "Enabled", - "type": "boolean" - }, - "EventCategories": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of event categories for a `SourceType` that you want to subscribe to.", - "title": "EventCategories", - "type": "array" - }, - "SnsTopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the SNS topic created for event notification. Amazon SNS creates the ARN when you create a topic and subscribe to it.", - "title": "SnsTopicArn", - "type": "string" - }, - "SourceIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of identifiers of the event sources for which events are returned. If not specified, then all sources are included in the response. An identifier must begin with a letter and must contain only ASCII letters, digits, and hyphens; it can't end with a hyphen or contain two consecutive hyphens.\n\nConstraints:\n\n- If `SourceIds` are provided, `SourceType` must also be provided.\n- If the source type is an instance, a `DBInstanceIdentifier` must be provided.\n- If the source type is a security group, a `DBSecurityGroupName` must be provided.\n- If the source type is a parameter group, a `DBParameterGroupName` must be provided.\n- If the source type is a snapshot, a `DBSnapshotIdentifier` must be provided.", - "title": "SourceIds", - "type": "array" - }, - "SourceType": { - "markdownDescription": "The type of source that is generating the events. For example, if you want to be notified of events generated by an instance, you would set this parameter to `db-instance` . If this value is not specified, all events are returned.\n\nValid values: `db-instance` , `db-cluster` , `db-parameter-group` , `db-security-group` , `db-cluster-snapshot`", - "title": "SourceType", - "type": "string" - }, - "SubscriptionName": { - "markdownDescription": "The name of the subscription.\n\nConstraints: The name must be fewer than 255 characters.", - "title": "SubscriptionName", - "type": "string" - } - }, - "required": [ - "SnsTopicArn" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::DocDB::EventSubscription" - ], + "CDCStopTime": { + "markdownDescription": "", + "title": "CDCStopTime", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SlotName": { + "markdownDescription": "", + "title": "SlotName", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::DocDBElastic::Cluster": { + "AWS::DMS::DataProvider": { "additionalProperties": false, "properties": { "Condition": { @@ -67070,98 +73033,53 @@ "Properties": { "additionalProperties": false, "properties": { - "AdminUserName": { - "markdownDescription": "The name of the Amazon DocumentDB elastic clusters administrator.\n\n*Constraints* :\n\n- Must be from 1 to 63 letters or numbers.\n- The first character must be a letter.\n- Cannot be a reserved word.", - "title": "AdminUserName", - "type": "string" - }, - "AdminUserPassword": { - "markdownDescription": "The password for the Elastic DocumentDB cluster administrator and can contain any printable ASCII characters.\n\n*Constraints* :\n\n- Must contain from 8 to 100 characters.\n- Cannot contain a forward slash (/), double quote (\"), or the \"at\" symbol (@).\n- A valid `AdminUserName` entry is also required.", - "title": "AdminUserPassword", - "type": "string" - }, - "AuthType": { - "markdownDescription": "The authentication type used to determine where to fetch the password used for accessing the elastic cluster. Valid types are `PLAIN_TEXT` or `SECRET_ARN` .", - "title": "AuthType", - "type": "string" - }, - "BackupRetentionPeriod": { - "markdownDescription": "The number of days for which automatic snapshots are retained.", - "title": "BackupRetentionPeriod", - "type": "number" - }, - "ClusterName": { - "markdownDescription": "The name of the new elastic cluster. This parameter is stored as a lowercase string.\n\n*Constraints* :\n\n- Must contain from 1 to 63 letters, numbers, or hyphens.\n- The first character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.\n\n*Example* : `my-cluster`", - "title": "ClusterName", + "DataProviderIdentifier": { + "markdownDescription": "The identifier of the data provider. Identifiers must begin with a letter and must contain only ASCII letters, digits, and hyphens. They can't end with a hyphen, or contain two consecutive hyphens.", + "title": "DataProviderIdentifier", "type": "string" }, - "KmsKeyId": { - "markdownDescription": "The KMS key identifier to use to encrypt the new elastic cluster.\n\nThe KMS key identifier is the Amazon Resource Name (ARN) for the KMS encryption key. If you are creating a cluster using the same Amazon account that owns this KMS encryption key, you can use the KMS key alias instead of the ARN as the KMS encryption key.\n\nIf an encryption key is not specified, Amazon DocumentDB uses the default encryption key that KMS creates for your account. Your account has a different default encryption key for each Amazon Region.", - "title": "KmsKeyId", + "DataProviderName": { + "markdownDescription": "The name of the data provider.", + "title": "DataProviderName", "type": "string" }, - "PreferredBackupWindow": { - "markdownDescription": "The daily time range during which automated backups are created if automated backups are enabled, as determined by `backupRetentionPeriod` .", - "title": "PreferredBackupWindow", + "Description": { + "markdownDescription": "A description of the data provider. Descriptions can have up to 31 characters. A description can contain only ASCII letters, digits, and hyphens ('-'). Also, it can't end with a hyphen or contain two consecutive hyphens, and can only begin with a letter.", + "title": "Description", "type": "string" }, - "PreferredMaintenanceWindow": { - "markdownDescription": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n\n*Format* : `ddd:hh24:mi-ddd:hh24:mi`\n\n*Default* : a 30-minute window selected at random from an 8-hour block of time for each AWS Region , occurring on a random day of the week.\n\n*Valid days* : Mon, Tue, Wed, Thu, Fri, Sat, Sun\n\n*Constraints* : Minimum 30-minute window.", - "title": "PreferredMaintenanceWindow", + "Engine": { + "markdownDescription": "The type of database engine for the data provider. Valid values include `\"aurora\"` , `\"aurora-postgresql\"` , `\"mysql\"` , `\"oracle\"` , `\"postgres\"` , `\"sqlserver\"` , `redshift` , `mariadb` , `mongodb` , `db2` , `db2-zos` and `docdb` . A value of `\"aurora\"` represents Amazon Aurora MySQL-Compatible Edition.", + "title": "Engine", "type": "string" }, - "ShardCapacity": { - "markdownDescription": "The number of vCPUs assigned to each elastic cluster shard. Maximum is 64. Allowed values are 2, 4, 8, 16, 32, 64.", - "title": "ShardCapacity", - "type": "number" - }, - "ShardCount": { - "markdownDescription": "The number of shards assigned to the elastic cluster. Maximum is 32.", - "title": "ShardCount", - "type": "number" - }, - "ShardInstanceCount": { - "markdownDescription": "The number of replica instances applying to all shards in the cluster. A `shardInstanceCount` value of 1 means there is one writer instance, and any additional instances are replicas that can be used for reads and to improve availability.", - "title": "ShardInstanceCount", - "type": "number" + "ExactSettings": { + "markdownDescription": "", + "title": "ExactSettings", + "type": "boolean" }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon EC2 subnet IDs for the new elastic cluster.", - "title": "SubnetIds", - "type": "array" + "Settings": { + "$ref": "#/definitions/AWS::DMS::DataProvider.Settings", + "markdownDescription": "The settings in JSON format for a data provider.", + "title": "Settings" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to be assigned to the new elastic cluster.", + "markdownDescription": "", "title": "Tags", "type": "array" - }, - "VpcSecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of EC2 VPC security groups to associate with the new elastic cluster.", - "title": "VpcSecurityGroupIds", - "type": "array" } }, "required": [ - "AdminUserName", - "AuthType", - "ClusterName", - "ShardCapacity", - "ShardCount" + "Engine" ], "type": "object" }, "Type": { "enum": [ - "AWS::DocDBElastic::Cluster" + "AWS::DMS::DataProvider" ], "type": "string" }, @@ -67180,587 +73098,447 @@ ], "type": "object" }, - "AWS::DynamoDB::GlobalTable": { + "AWS::DMS::DataProvider.DocDbSettings": { "additionalProperties": false, "properties": { - "Condition": { + "CertificateArn": { + "markdownDescription": "", + "title": "CertificateArn", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DatabaseName": { + "markdownDescription": "The database name on the DocumentDB source endpoint.", + "title": "DatabaseName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AttributeDefinitions": { - "items": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.AttributeDefinition" - }, - "markdownDescription": "A list of attributes that describe the key schema for the global table and indexes.", - "title": "AttributeDefinitions", - "type": "array" - }, - "BillingMode": { - "markdownDescription": "Specifies how you are charged for read and write throughput and how you manage capacity. Valid values are:\n\n- `PAY_PER_REQUEST`\n- `PROVISIONED`\n\nAll replicas in your global table will have the same billing mode. If you use `PROVISIONED` billing mode, you must provide an auto scaling configuration via the `WriteProvisionedThroughputSettings` property. The default value of this property is `PROVISIONED` .", - "title": "BillingMode", - "type": "string" - }, - "GlobalSecondaryIndexes": { - "items": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.GlobalSecondaryIndex" - }, - "markdownDescription": "Global secondary indexes to be created on the global table. You can create up to 20 global secondary indexes. Each replica in your global table will have the same global secondary index settings. You can only create or delete one global secondary index in a single stack operation.\n\nSince the backfilling of an index could take a long time, CloudFormation does not wait for the index to become active. If a stack operation rolls back, CloudFormation might not delete an index that has been added. In that case, you will need to delete the index manually.", - "title": "GlobalSecondaryIndexes", - "type": "array" - }, - "KeySchema": { - "items": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.KeySchema" - }, - "markdownDescription": "Specifies the attributes that make up the primary key for the table. The attributes in the `KeySchema` property must also be defined in the `AttributeDefinitions` property.", - "title": "KeySchema", - "type": "array" - }, - "LocalSecondaryIndexes": { - "items": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.LocalSecondaryIndex" - }, - "markdownDescription": "Local secondary indexes to be created on the table. You can create up to five local secondary indexes. Each index is scoped to a given hash key value. The size of each hash key can be up to 10 gigabytes. Each replica in your global table will have the same local secondary index settings.", - "title": "LocalSecondaryIndexes", - "type": "array" - }, - "Replicas": { - "items": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReplicaSpecification" - }, - "markdownDescription": "Specifies the list of replicas for your global table. The list must contain at least one element, the region where the stack defining the global table is deployed. For example, if you define your table in a stack deployed to us-east-1, you must have an entry in `Replicas` with the region us-east-1. You cannot remove the replica in the stack region.\n\n> Adding a replica might take a few minutes for an empty table, or up to several hours for large tables. If you want to add or remove a replica, we recommend submitting an `UpdateStack` operation containing only that change.\n> \n> If you add or delete a replica during an update, we recommend that you don't update any other resources. If your stack fails to update and is rolled back while adding a new replica, you might need to manually delete the replica. \n\nYou can create a new global table with as many replicas as needed. You can add or remove replicas after table creation, but you can only add or remove a single replica in each update.", - "title": "Replicas", - "type": "array" - }, - "SSESpecification": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.SSESpecification", - "markdownDescription": "Specifies the settings to enable server-side encryption. These settings will be applied to all replicas. If you plan to use customer-managed KMS keys, you must provide a key for each replica using the `ReplicaSpecification.ReplicaSSESpecification` property.", - "title": "SSESpecification" - }, - "StreamSpecification": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.StreamSpecification", - "markdownDescription": "Specifies the streams settings on your global table. You must provide a value for this property if your global table contains more than one replica. You can only change the streams settings if your global table has only one replica.", - "title": "StreamSpecification" - }, - "TableName": { - "markdownDescription": "A name for the global table. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID as the table name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "TableName", - "type": "string" - }, - "TimeToLiveSpecification": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.TimeToLiveSpecification", - "markdownDescription": "Specifies the time to live (TTL) settings for the table. This setting will be applied to all replicas.", - "title": "TimeToLiveSpecification" - }, - "WriteProvisionedThroughputSettings": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.WriteProvisionedThroughputSettings", - "markdownDescription": "Specifies an auto scaling policy for write capacity. This policy will be applied to all replicas. This setting must be specified if `BillingMode` is set to `PROVISIONED` .", - "title": "WriteProvisionedThroughputSettings" - } - }, - "required": [ - "AttributeDefinitions", - "KeySchema", - "Replicas" - ], - "type": "object" + "Port": { + "markdownDescription": "The port value for the DocumentDB source endpoint.", + "title": "Port", + "type": "number" }, - "Type": { - "enum": [ - "AWS::DynamoDB::GlobalTable" - ], + "ServerName": { + "markdownDescription": "The name of the server on the DocumentDB source endpoint.", + "title": "ServerName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SslMode": { + "markdownDescription": "", + "title": "SslMode", "type": "string" } }, "required": [ - "Type", - "Properties" + "DatabaseName", + "Port", + "ServerName" ], "type": "object" }, - "AWS::DynamoDB::GlobalTable.AttributeDefinition": { + "AWS::DMS::DataProvider.IbmDb2LuwSettings": { "additionalProperties": false, "properties": { - "AttributeName": { - "markdownDescription": "A name for the attribute.", - "title": "AttributeName", + "CertificateArn": { + "markdownDescription": "", + "title": "CertificateArn", "type": "string" }, - "AttributeType": { - "markdownDescription": "The data type for the attribute, where:\n\n- `S` - the attribute is of type String\n- `N` - the attribute is of type Number\n- `B` - the attribute is of type Binary", - "title": "AttributeType", + "DatabaseName": { + "markdownDescription": "", + "title": "DatabaseName", "type": "string" - } - }, - "required": [ - "AttributeName", - "AttributeType" - ], - "type": "object" - }, - "AWS::DynamoDB::GlobalTable.CapacityAutoScalingSettings": { - "additionalProperties": false, - "properties": { - "MaxCapacity": { - "markdownDescription": "The maximum provisioned capacity units for the global table.", - "title": "MaxCapacity", - "type": "number" }, - "MinCapacity": { - "markdownDescription": "The minimum provisioned capacity units for the global table.", - "title": "MinCapacity", + "Port": { + "markdownDescription": "", + "title": "Port", "type": "number" }, - "SeedCapacity": { - "markdownDescription": "When switching billing mode from `PAY_PER_REQUEST` to `PROVISIONED` , DynamoDB requires you to specify read and write capacity unit values for the table and for each global secondary index. These values will be applied to all replicas. The table will use these provisioned values until CloudFormation creates the autoscaling policies you configured in your template. CloudFormation cannot determine what capacity the table and its global secondary indexes will require in this time period, since they are application-dependent.\n\nIf you want to switch a table's billing mode from `PAY_PER_REQUEST` to `PROVISIONED` , you must specify a value for this property for each autoscaled resource. If you specify different values for the same resource in different regions, CloudFormation will use the highest value found in either the `SeedCapacity` or `ReadCapacityUnits` properties. For example, if your global secondary index `myGSI` has a `SeedCapacity` of 10 in us-east-1 and a fixed `ReadCapacityUnits` of 20 in eu-west-1, CloudFormation will initially set the read capacity for `myGSI` to 20. Note that if you disable `ScaleIn` for `myGSI` in us-east-1, its read capacity units might not be set back to 10.\n\nYou must also specify a value for `SeedCapacity` when you plan to switch a table's billing mode from `PROVISIONED` to `PAY_PER_REQUEST` , because CloudFormation might need to roll back the operation (reverting the billing mode to `PROVISIONED` ) and this cannot succeed without specifying a value for `SeedCapacity` .", - "title": "SeedCapacity", - "type": "number" + "ServerName": { + "markdownDescription": "", + "title": "ServerName", + "type": "string" }, - "TargetTrackingScalingPolicyConfiguration": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.TargetTrackingScalingPolicyConfiguration", - "markdownDescription": "Defines a target tracking scaling policy.", - "title": "TargetTrackingScalingPolicyConfiguration" - } - }, - "required": [ - "MaxCapacity", - "MinCapacity", - "TargetTrackingScalingPolicyConfiguration" - ], - "type": "object" - }, - "AWS::DynamoDB::GlobalTable.ContributorInsightsSpecification": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Indicates whether CloudWatch Contributor Insights are to be enabled (true) or disabled (false).", - "title": "Enabled", - "type": "boolean" + "SslMode": { + "markdownDescription": "", + "title": "SslMode", + "type": "string" } }, "required": [ - "Enabled" + "DatabaseName", + "Port", + "ServerName", + "SslMode" ], "type": "object" }, - "AWS::DynamoDB::GlobalTable.GlobalSecondaryIndex": { + "AWS::DMS::DataProvider.IbmDb2zOsSettings": { "additionalProperties": false, "properties": { - "IndexName": { - "markdownDescription": "The name of the global secondary index. The name must be unique among all other indexes on this table.", - "title": "IndexName", + "CertificateArn": { + "markdownDescription": "", + "title": "CertificateArn", "type": "string" }, - "KeySchema": { - "items": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.KeySchema" - }, - "markdownDescription": "The complete key schema for a global secondary index, which consists of one or more pairs of attribute names and key types:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.", - "title": "KeySchema", - "type": "array" + "DatabaseName": { + "markdownDescription": "", + "title": "DatabaseName", + "type": "string" }, - "Projection": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.Projection", - "markdownDescription": "Represents attributes that are copied (projected) from the table into the global secondary index. These are in addition to the primary key attributes and index key attributes, which are automatically projected.", - "title": "Projection" + "Port": { + "markdownDescription": "", + "title": "Port", + "type": "number" }, - "WriteProvisionedThroughputSettings": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.WriteProvisionedThroughputSettings", - "markdownDescription": "Defines write capacity settings for the global secondary index. You must specify a value for this property if the table's `BillingMode` is `PROVISIONED` . All replicas will have the same write capacity settings for this global secondary index.", - "title": "WriteProvisionedThroughputSettings" - } - }, - "required": [ - "IndexName", - "KeySchema", - "Projection" - ], - "type": "object" - }, - "AWS::DynamoDB::GlobalTable.KeySchema": { - "additionalProperties": false, - "properties": { - "AttributeName": { - "markdownDescription": "The name of a key attribute.", - "title": "AttributeName", + "ServerName": { + "markdownDescription": "", + "title": "ServerName", "type": "string" }, - "KeyType": { - "markdownDescription": "The role that this key attribute will assume:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.", - "title": "KeyType", + "SslMode": { + "markdownDescription": "", + "title": "SslMode", "type": "string" } }, "required": [ - "AttributeName", - "KeyType" + "DatabaseName", + "Port", + "ServerName", + "SslMode" ], "type": "object" }, - "AWS::DynamoDB::GlobalTable.KinesisStreamSpecification": { + "AWS::DMS::DataProvider.MariaDbSettings": { "additionalProperties": false, "properties": { - "ApproximateCreationDateTimePrecision": { - "markdownDescription": "The precision for the time and date that the stream was created.", - "title": "ApproximateCreationDateTimePrecision", + "CertificateArn": { + "markdownDescription": "", + "title": "CertificateArn", "type": "string" }, - "StreamArn": { - "markdownDescription": "The ARN for a specific Kinesis data stream.", - "title": "StreamArn", + "Port": { + "markdownDescription": "", + "title": "Port", + "type": "number" + }, + "ServerName": { + "markdownDescription": "", + "title": "ServerName", + "type": "string" + }, + "SslMode": { + "markdownDescription": "", + "title": "SslMode", "type": "string" } }, "required": [ - "StreamArn" + "Port", + "ServerName", + "SslMode" ], "type": "object" }, - "AWS::DynamoDB::GlobalTable.LocalSecondaryIndex": { + "AWS::DMS::DataProvider.MicrosoftSqlServerSettings": { "additionalProperties": false, "properties": { - "IndexName": { - "markdownDescription": "The name of the local secondary index. The name must be unique among all other indexes on this table.", - "title": "IndexName", + "CertificateArn": { + "markdownDescription": "", + "title": "CertificateArn", "type": "string" }, - "KeySchema": { - "items": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.KeySchema" - }, - "markdownDescription": "The complete key schema for the local secondary index, consisting of one or more pairs of attribute names and key types:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.", - "title": "KeySchema", - "type": "array" + "DatabaseName": { + "markdownDescription": "Database name for the endpoint.", + "title": "DatabaseName", + "type": "string" }, - "Projection": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.Projection", - "markdownDescription": "Represents attributes that are copied (projected) from the table into the local secondary index. These are in addition to the primary key attributes and index key attributes, which are automatically projected.", - "title": "Projection" + "Port": { + "markdownDescription": "Endpoint TCP port.", + "title": "Port", + "type": "number" + }, + "ServerName": { + "markdownDescription": "Fully qualified domain name of the endpoint. For an Amazon RDS SQL Server instance, this is the output of [DescribeDBInstances](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html) , in the `[Endpoint](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_Endpoint.html) .Address` field.", + "title": "ServerName", + "type": "string" + }, + "SslMode": { + "markdownDescription": "", + "title": "SslMode", + "type": "string" } }, "required": [ - "IndexName", - "KeySchema", - "Projection" + "DatabaseName", + "Port", + "ServerName", + "SslMode" ], "type": "object" }, - "AWS::DynamoDB::GlobalTable.PointInTimeRecoverySpecification": { - "additionalProperties": false, - "properties": { - "PointInTimeRecoveryEnabled": { - "markdownDescription": "Indicates whether point in time recovery is enabled (true) or disabled (false) on the table.", - "title": "PointInTimeRecoveryEnabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::DynamoDB::GlobalTable.Projection": { + "AWS::DMS::DataProvider.MongoDbSettings": { "additionalProperties": false, "properties": { - "NonKeyAttributes": { - "items": { - "type": "string" - }, - "markdownDescription": "Represents the non-key attribute names which will be projected into the index.\n\nFor global and local secondary indexes, the total count of `NonKeyAttributes` summed across all of the secondary indexes, must not exceed 100. If you project the same attribute into two different indexes, this counts as two distinct attributes when determining the total. This limit only applies when you specify the ProjectionType of `INCLUDE` . You still can specify the ProjectionType of `ALL` to project all attributes from the source table, even if the table has more than 100 attributes.", - "title": "NonKeyAttributes", - "type": "array" + "AuthMechanism": { + "markdownDescription": "The authentication mechanism you use to access the MongoDB source endpoint.\n\nFor the default value, in MongoDB version 2.x, `\"default\"` is `\"mongodb_cr\"` . For MongoDB version 3.x or later, `\"default\"` is `\"scram_sha_1\"` . This setting isn't used when `AuthType` is set to `\"no\"` .", + "title": "AuthMechanism", + "type": "string" }, - "ProjectionType": { - "markdownDescription": "The set of attributes that are projected into the index:\n\n- `KEYS_ONLY` - Only the index and primary keys are projected into the index.\n- `INCLUDE` - In addition to the attributes described in `KEYS_ONLY` , the secondary index will include other non-key attributes that you specify.\n- `ALL` - All of the table attributes are projected into the index.\n\nWhen using the DynamoDB console, `ALL` is selected by default.", - "title": "ProjectionType", + "AuthSource": { + "markdownDescription": "The MongoDB database name. This setting isn't used when `AuthType` is set to `\"no\"` .\n\nThe default is `\"admin\"` .", + "title": "AuthSource", "type": "string" - } - }, - "type": "object" - }, - "AWS::DynamoDB::GlobalTable.ReadProvisionedThroughputSettings": { - "additionalProperties": false, - "properties": { - "ReadCapacityAutoScalingSettings": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.CapacityAutoScalingSettings", - "markdownDescription": "Specifies auto scaling settings for the replica table or global secondary index.", - "title": "ReadCapacityAutoScalingSettings" }, - "ReadCapacityUnits": { - "markdownDescription": "Specifies a fixed read capacity for the replica table or global secondary index.", - "title": "ReadCapacityUnits", + "AuthType": { + "markdownDescription": "The authentication type you use to access the MongoDB source endpoint.\n\nWhen when set to `\"no\"` , user name and password parameters are not used and can be empty.", + "title": "AuthType", + "type": "string" + }, + "CertificateArn": { + "markdownDescription": "", + "title": "CertificateArn", + "type": "string" + }, + "DatabaseName": { + "markdownDescription": "The database name on the MongoDB source endpoint.", + "title": "DatabaseName", + "type": "string" + }, + "Port": { + "markdownDescription": "The port value for the MongoDB source endpoint.", + "title": "Port", "type": "number" - } - }, - "type": "object" - }, - "AWS::DynamoDB::GlobalTable.ReplicaGlobalSecondaryIndexSpecification": { - "additionalProperties": false, - "properties": { - "ContributorInsightsSpecification": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ContributorInsightsSpecification", - "markdownDescription": "Updates the status for contributor insights for a specific table or index. CloudWatch Contributor Insights for DynamoDB graphs display the partition key and (if applicable) sort key of frequently accessed items and frequently throttled items in plaintext. If you require the use of AWS Key Management Service (KMS) to encrypt this table\u2019s partition key and sort key data with an AWS managed key or customer managed key, you should not enable CloudWatch Contributor Insights for DynamoDB for this table.", - "title": "ContributorInsightsSpecification" }, - "IndexName": { - "markdownDescription": "The name of the global secondary index. The name must be unique among all other indexes on this table.", - "title": "IndexName", + "ServerName": { + "markdownDescription": "The name of the server on the MongoDB source endpoint. For MongoDB Atlas, provide the server name for any of the servers in the replication set.", + "title": "ServerName", "type": "string" }, - "ReadProvisionedThroughputSettings": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReadProvisionedThroughputSettings", - "markdownDescription": "Allows you to specify the read capacity settings for a replica global secondary index when the `BillingMode` is set to `PROVISIONED` .", - "title": "ReadProvisionedThroughputSettings" + "SslMode": { + "markdownDescription": "", + "title": "SslMode", + "type": "string" } }, "required": [ - "IndexName" + "Port", + "ServerName" ], "type": "object" }, - "AWS::DynamoDB::GlobalTable.ReplicaSSESpecification": { + "AWS::DMS::DataProvider.MySqlSettings": { "additionalProperties": false, "properties": { - "KMSMasterKeyId": { - "markdownDescription": "The AWS KMS key that should be used for the AWS KMS encryption. To specify a key, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. Note that you should only provide this parameter if the key is different from the default DynamoDB key `alias/aws/dynamodb` .", - "title": "KMSMasterKeyId", + "CertificateArn": { + "markdownDescription": "", + "title": "CertificateArn", + "type": "string" + }, + "Port": { + "markdownDescription": "Endpoint TCP port.", + "title": "Port", + "type": "number" + }, + "ServerName": { + "markdownDescription": "The host name of the endpoint database.\n\nFor an Amazon RDS MySQL instance, this is the output of [DescribeDBInstances](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html) , in the `[Endpoint](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_Endpoint.html) .Address` field.\n\nFor an Aurora MySQL instance, this is the output of [DescribeDBClusters](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBClusters.html) , in the `Endpoint` field.", + "title": "ServerName", + "type": "string" + }, + "SslMode": { + "markdownDescription": "", + "title": "SslMode", "type": "string" } }, "required": [ - "KMSMasterKeyId" + "Port", + "ServerName", + "SslMode" ], "type": "object" }, - "AWS::DynamoDB::GlobalTable.ReplicaSpecification": { + "AWS::DMS::DataProvider.OracleSettings": { "additionalProperties": false, "properties": { - "ContributorInsightsSpecification": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ContributorInsightsSpecification", - "markdownDescription": "The settings used to enable or disable CloudWatch Contributor Insights for the specified replica. When not specified, defaults to contributor insights disabled for the replica.", - "title": "ContributorInsightsSpecification" - }, - "DeletionProtectionEnabled": { - "markdownDescription": "Determines if a replica is protected from deletion. When enabled, the table cannot be deleted by any user or process. This setting is disabled by default. For more information, see [Using deletion protection](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/WorkingWithTables.Basics.html#WorkingWithTables.Basics.DeletionProtection) in the *Amazon DynamoDB Developer Guide* .", - "title": "DeletionProtectionEnabled", - "type": "boolean" - }, - "GlobalSecondaryIndexes": { - "items": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReplicaGlobalSecondaryIndexSpecification" - }, - "markdownDescription": "Defines additional settings for the global secondary indexes of this replica.", - "title": "GlobalSecondaryIndexes", - "type": "array" + "AsmServer": { + "markdownDescription": "For an Oracle source endpoint, your ASM server address. You can set this value from the `asm_server` value. You set `asm_server` as part of the extra connection attribute string to access an Oracle server with Binary Reader that uses ASM. For more information, see [Configuration for change data capture (CDC) on an Oracle source database](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.CDC.Configuration) .", + "title": "AsmServer", + "type": "string" }, - "KinesisStreamSpecification": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.KinesisStreamSpecification", - "markdownDescription": "Defines the Kinesis Data Streams configuration for the specified replica.", - "title": "KinesisStreamSpecification" + "CertificateArn": { + "markdownDescription": "", + "title": "CertificateArn", + "type": "string" }, - "PointInTimeRecoverySpecification": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.PointInTimeRecoverySpecification", - "markdownDescription": "The settings used to enable point in time recovery. When not specified, defaults to point in time recovery disabled for the replica.", - "title": "PointInTimeRecoverySpecification" + "DatabaseName": { + "markdownDescription": "Database name for the endpoint.", + "title": "DatabaseName", + "type": "string" }, - "ReadProvisionedThroughputSettings": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReadProvisionedThroughputSettings", - "markdownDescription": "Defines read capacity settings for the replica table.", - "title": "ReadProvisionedThroughputSettings" + "Port": { + "markdownDescription": "Endpoint TCP port.", + "title": "Port", + "type": "number" }, - "Region": { - "markdownDescription": "The region in which this replica exists.", - "title": "Region", + "SecretsManagerOracleAsmAccessRoleArn": { + "markdownDescription": "Required only if your Oracle endpoint uses Automatic Storage Management (ASM). The full ARN of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the `SecretsManagerOracleAsmSecret` . This `SecretsManagerOracleAsmSecret` has the secret value that allows access to the Oracle ASM of the endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerOracleAsmSecretId` . Or you can specify clear-text values for `AsmUser` , `AsmPassword` , and `AsmServerName` . You can't specify both. For more information on creating this `SecretsManagerOracleAsmSecret` and the `SecretsManagerOracleAsmAccessRoleArn` and `SecretsManagerOracleAsmSecretId` required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", + "title": "SecretsManagerOracleAsmAccessRoleArn", "type": "string" }, - "ReplicaStreamSpecification": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReplicaStreamSpecification", - "markdownDescription": "Represents the DynamoDB Streams configuration for a global table replica.", - "title": "ReplicaStreamSpecification" - }, - "ResourcePolicy": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ResourcePolicy", - "markdownDescription": "A resource-based policy document that contains permissions to add to the specified replica of a DynamoDB global table. Resource-based policies let you define access permissions by specifying who has access to each resource, and the actions they are allowed to perform on each resource.\n\nIn a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) .", - "title": "ResourcePolicy" + "SecretsManagerOracleAsmSecretId": { + "markdownDescription": "Required only if your Oracle endpoint uses Automatic Storage Management (ASM). The full ARN, partial ARN, or friendly name of the `SecretsManagerOracleAsmSecret` that contains the Oracle ASM connection details for the Oracle endpoint.", + "title": "SecretsManagerOracleAsmSecretId", + "type": "string" }, - "SSESpecification": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReplicaSSESpecification", - "markdownDescription": "Allows you to specify a customer-managed key for the replica. When using customer-managed keys for server-side encryption, this property must have a value in all replicas.", - "title": "SSESpecification" + "SecretsManagerSecurityDbEncryptionAccessRoleArn": { + "markdownDescription": "", + "title": "SecretsManagerSecurityDbEncryptionAccessRoleArn", + "type": "string" }, - "TableClass": { - "markdownDescription": "The table class of the specified table. Valid values are `STANDARD` and `STANDARD_INFREQUENT_ACCESS` .", - "title": "TableClass", + "SecretsManagerSecurityDbEncryptionSecretId": { + "markdownDescription": "", + "title": "SecretsManagerSecurityDbEncryptionSecretId", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this replica.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Region" - ], - "type": "object" - }, - "AWS::DynamoDB::GlobalTable.ReplicaStreamSpecification": { - "additionalProperties": false, - "properties": { - "ResourcePolicy": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ResourcePolicy", - "markdownDescription": "A resource-based policy document that contains the permissions for the specified stream of a DynamoDB global table replica. Resource-based policies let you define access permissions by specifying who has access to each resource, and the actions they are allowed to perform on each resource.\n\nIn a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) .\n\nYou can update the `ResourcePolicy` property if you've specified more than one table using the [AWS ::DynamoDB::GlobalTable](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-globaltable.html) resource.", - "title": "ResourcePolicy" - } - }, - "required": [ - "ResourcePolicy" - ], - "type": "object" - }, - "AWS::DynamoDB::GlobalTable.ResourcePolicy": { - "additionalProperties": false, - "properties": { - "PolicyDocument": { - "markdownDescription": "A resource-based policy document that contains permissions to add to the specified DynamoDB table, its indexes, and stream. In a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) .", - "title": "PolicyDocument", - "type": "object" - } - }, - "required": [ - "PolicyDocument" - ], - "type": "object" - }, - "AWS::DynamoDB::GlobalTable.SSESpecification": { - "additionalProperties": false, - "properties": { - "SSEEnabled": { - "markdownDescription": "Indicates whether server-side encryption is performed using an AWS managed key or an AWS owned key. If enabled (true), server-side encryption type is set to KMS and an AWS managed key is used ( AWS KMS charges apply). If disabled (false) or not specified,server-side encryption is set to an AWS owned key. If you choose to use KMS encryption, you can also use customer managed KMS keys by specifying them in the `ReplicaSpecification.SSESpecification` object. You cannot mix AWS managed and customer managed KMS keys.", - "title": "SSEEnabled", - "type": "boolean" + "ServerName": { + "markdownDescription": "Fully qualified domain name of the endpoint.\n\nFor an Amazon RDS Oracle instance, this is the output of [DescribeDBInstances](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html) , in the `[Endpoint](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_Endpoint.html) .Address` field.", + "title": "ServerName", + "type": "string" }, - "SSEType": { - "markdownDescription": "Server-side encryption type. The only supported value is:\n\n- `KMS` - Server-side encryption that uses AWS Key Management Service . The key is stored in your account and is managed by AWS KMS ( AWS KMS charges apply).", - "title": "SSEType", + "SslMode": { + "markdownDescription": "", + "title": "SslMode", "type": "string" } }, "required": [ - "SSEEnabled" + "DatabaseName", + "Port", + "ServerName", + "SslMode" ], "type": "object" }, - "AWS::DynamoDB::GlobalTable.StreamSpecification": { + "AWS::DMS::DataProvider.PostgreSqlSettings": { "additionalProperties": false, "properties": { - "StreamViewType": { - "markdownDescription": "When an item in the table is modified, `StreamViewType` determines what information is written to the stream for this table. Valid values for `StreamViewType` are:\n\n- `KEYS_ONLY` - Only the key attributes of the modified item are written to the stream.\n- `NEW_IMAGE` - The entire item, as it appears after it was modified, is written to the stream.\n- `OLD_IMAGE` - The entire item, as it appeared before it was modified, is written to the stream.\n- `NEW_AND_OLD_IMAGES` - Both the new and the old item images of the item are written to the stream.", - "title": "StreamViewType", + "CertificateArn": { + "markdownDescription": "", + "title": "CertificateArn", "type": "string" - } - }, - "required": [ - "StreamViewType" - ], - "type": "object" - }, - "AWS::DynamoDB::GlobalTable.TargetTrackingScalingPolicyConfiguration": { - "additionalProperties": false, - "properties": { - "DisableScaleIn": { - "markdownDescription": "Indicates whether scale in by the target tracking scaling policy is disabled. The default value is `false` .", - "title": "DisableScaleIn", - "type": "boolean" }, - "ScaleInCooldown": { - "markdownDescription": "The amount of time, in seconds, after a scale-in activity completes before another scale-in activity can start.", - "title": "ScaleInCooldown", - "type": "number" + "DatabaseName": { + "markdownDescription": "Database name for the endpoint.", + "title": "DatabaseName", + "type": "string" }, - "ScaleOutCooldown": { - "markdownDescription": "The amount of time, in seconds, after a scale-out activity completes before another scale-out activity can start.", - "title": "ScaleOutCooldown", + "Port": { + "markdownDescription": "Endpoint TCP port. The default is 5432.", + "title": "Port", "type": "number" }, - "TargetValue": { - "markdownDescription": "Defines a target value for the scaling policy.", - "title": "TargetValue", - "type": "number" + "ServerName": { + "markdownDescription": "The host name of the endpoint database.\n\nFor an Amazon RDS PostgreSQL instance, this is the output of [DescribeDBInstances](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html) , in the `[Endpoint](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_Endpoint.html) .Address` field.\n\nFor an Aurora PostgreSQL instance, this is the output of [DescribeDBClusters](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBClusters.html) , in the `Endpoint` field.", + "title": "ServerName", + "type": "string" + }, + "SslMode": { + "markdownDescription": "", + "title": "SslMode", + "type": "string" } }, "required": [ - "TargetValue" + "DatabaseName", + "Port", + "ServerName", + "SslMode" ], "type": "object" }, - "AWS::DynamoDB::GlobalTable.TimeToLiveSpecification": { + "AWS::DMS::DataProvider.RedshiftSettings": { "additionalProperties": false, "properties": { - "AttributeName": { - "markdownDescription": "The name of the attribute used to store the expiration time for items in the table.\n\nCurrently, you cannot directly change the attribute name used to evaluate time to live. In order to do so, you must first disable time to live, and then re-enable it with the new attribute name. It can take up to one hour for changes to time to live to take effect. If you attempt to modify time to live within that time window, your stack operation might be delayed.", - "title": "AttributeName", + "DatabaseName": { + "markdownDescription": "The name of the Amazon Redshift data warehouse (service) that you are working with.", + "title": "DatabaseName", "type": "string" }, - "Enabled": { - "markdownDescription": "Indicates whether TTL is to be enabled (true) or disabled (false) on the table.", - "title": "Enabled", - "type": "boolean" + "Port": { + "markdownDescription": "The port number for Amazon Redshift. The default value is 5439.", + "title": "Port", + "type": "number" + }, + "ServerName": { + "markdownDescription": "The name of the Amazon Redshift cluster you are using.", + "title": "ServerName", + "type": "string" } }, "required": [ - "Enabled" + "DatabaseName", + "Port", + "ServerName" ], "type": "object" }, - "AWS::DynamoDB::GlobalTable.WriteProvisionedThroughputSettings": { + "AWS::DMS::DataProvider.Settings": { "additionalProperties": false, "properties": { - "WriteCapacityAutoScalingSettings": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.CapacityAutoScalingSettings", - "markdownDescription": "Specifies auto scaling settings for the replica table or global secondary index.", - "title": "WriteCapacityAutoScalingSettings" + "DocDbSettings": { + "$ref": "#/definitions/AWS::DMS::DataProvider.DocDbSettings", + "markdownDescription": "", + "title": "DocDbSettings" + }, + "IbmDb2LuwSettings": { + "$ref": "#/definitions/AWS::DMS::DataProvider.IbmDb2LuwSettings", + "markdownDescription": "", + "title": "IbmDb2LuwSettings" + }, + "IbmDb2zOsSettings": { + "$ref": "#/definitions/AWS::DMS::DataProvider.IbmDb2zOsSettings", + "markdownDescription": "", + "title": "IbmDb2zOsSettings" + }, + "MariaDbSettings": { + "$ref": "#/definitions/AWS::DMS::DataProvider.MariaDbSettings", + "markdownDescription": "", + "title": "MariaDbSettings" + }, + "MicrosoftSqlServerSettings": { + "$ref": "#/definitions/AWS::DMS::DataProvider.MicrosoftSqlServerSettings", + "markdownDescription": "", + "title": "MicrosoftSqlServerSettings" + }, + "MongoDbSettings": { + "$ref": "#/definitions/AWS::DMS::DataProvider.MongoDbSettings", + "markdownDescription": "", + "title": "MongoDbSettings" + }, + "MySqlSettings": { + "$ref": "#/definitions/AWS::DMS::DataProvider.MySqlSettings", + "markdownDescription": "", + "title": "MySqlSettings" + }, + "OracleSettings": { + "$ref": "#/definitions/AWS::DMS::DataProvider.OracleSettings", + "markdownDescription": "", + "title": "OracleSettings" + }, + "PostgreSqlSettings": { + "$ref": "#/definitions/AWS::DMS::DataProvider.PostgreSqlSettings", + "markdownDescription": "", + "title": "PostgreSqlSettings" + }, + "RedshiftSettings": { + "$ref": "#/definitions/AWS::DMS::DataProvider.RedshiftSettings", + "markdownDescription": "", + "title": "RedshiftSettings" } }, "type": "object" }, - "AWS::DynamoDB::Table": { + "AWS::DMS::Endpoint": { "additionalProperties": false, "properties": { "Condition": { @@ -67795,120 +73573,174 @@ "Properties": { "additionalProperties": false, "properties": { - "AttributeDefinitions": { - "items": { - "$ref": "#/definitions/AWS::DynamoDB::Table.AttributeDefinition" - }, - "markdownDescription": "A list of attributes that describe the key schema for the table and indexes.\n\nThis property is required to create a DynamoDB table.\n\nUpdate requires: [Some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt) . Replacement if you edit an existing AttributeDefinition.", - "title": "AttributeDefinitions", - "type": "array" + "CertificateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the certificate.", + "title": "CertificateArn", + "type": "string" }, - "BillingMode": { - "markdownDescription": "Specify how you are charged for read and write throughput and how you manage capacity.\n\nValid values include:\n\n- `PAY_PER_REQUEST` - We recommend using `PAY_PER_REQUEST` for most DynamoDB workloads. `PAY_PER_REQUEST` sets the billing mode to [On-demand capacity mode](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/on-demand-capacity-mode.html) .\n- `PROVISIONED` - We recommend using `PROVISIONED` for steady workloads with predictable growth where capacity requirements can be reliably forecasted. `PROVISIONED` sets the billing mode to [Provisioned capacity mode](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/provisioned-capacity-mode.html) .\n\nIf not specified, the default is `PROVISIONED` .", - "title": "BillingMode", + "DatabaseName": { + "markdownDescription": "The name of the endpoint database. For a MySQL source or target endpoint, don't specify `DatabaseName` . To migrate to a specific database, use this setting and `targetDbType` .", + "title": "DatabaseName", "type": "string" }, - "ContributorInsightsSpecification": { - "$ref": "#/definitions/AWS::DynamoDB::Table.ContributorInsightsSpecification", - "markdownDescription": "The settings used to enable or disable CloudWatch Contributor Insights for the specified table.", - "title": "ContributorInsightsSpecification" + "DocDbSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.DocDbSettings", + "markdownDescription": "Settings in JSON format for the source and target DocumentDB endpoint. For more information about other available settings, see [Using extra connections attributes with Amazon DocumentDB as a source](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.DocumentDB.html#CHAP_Source.DocumentDB.ECAs) and [Using Amazon DocumentDB as a target for AWS Database Migration Service](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.DocumentDB.html) in the *AWS Database Migration Service User Guide* .", + "title": "DocDbSettings" }, - "DeletionProtectionEnabled": { - "markdownDescription": "Determines if a table is protected from deletion. When enabled, the table cannot be deleted by any user or process. This setting is disabled by default. For more information, see [Using deletion protection](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/WorkingWithTables.Basics.html#WorkingWithTables.Basics.DeletionProtection) in the *Amazon DynamoDB Developer Guide* .", - "title": "DeletionProtectionEnabled", - "type": "boolean" + "DynamoDbSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.DynamoDbSettings", + "markdownDescription": "Settings in JSON format for the target Amazon DynamoDB endpoint. For information about other available settings, see [Using object mapping to migrate data to DynamoDB](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.DynamoDB.html#CHAP_Target.DynamoDB.ObjectMapping) in the *AWS Database Migration Service User Guide* .", + "title": "DynamoDbSettings" }, - "GlobalSecondaryIndexes": { - "items": { - "$ref": "#/definitions/AWS::DynamoDB::Table.GlobalSecondaryIndex" - }, - "markdownDescription": "Global secondary indexes to be created on the table. You can create up to 20 global secondary indexes.\n\n> If you update a table to include a new global secondary index, AWS CloudFormation initiates the index creation and then proceeds with the stack update. AWS CloudFormation doesn't wait for the index to complete creation because the backfilling phase can take a long time, depending on the size of the table. You can't use the index or update the table until the index's status is `ACTIVE` . You can track its status by using the DynamoDB [DescribeTable](https://docs.aws.amazon.com/cli/latest/reference/dynamodb/describe-table.html) command.\n> \n> If you add or delete an index during an update, we recommend that you don't update any other resources. If your stack fails to update and is rolled back while adding a new index, you must manually delete the index.\n> \n> Updates are not supported. The following are exceptions:\n> \n> - If you update either the contributor insights specification or the provisioned throughput values of global secondary indexes, you can update the table without interruption.\n> - You can delete or add one global secondary index without interruption. If you do both in the same update (for example, by changing the index's logical ID), the update fails.", - "title": "GlobalSecondaryIndexes", - "type": "array" + "ElasticsearchSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.ElasticsearchSettings", + "markdownDescription": "Settings in JSON format for the target OpenSearch endpoint. For more information about the available settings, see [Extra connection attributes when using OpenSearch as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Elasticsearch.html#CHAP_Target.Elasticsearch.Configuration) in the *AWS Database Migration Service User Guide* .", + "title": "ElasticsearchSettings" }, - "ImportSourceSpecification": { - "$ref": "#/definitions/AWS::DynamoDB::Table.ImportSourceSpecification", - "markdownDescription": "Specifies the properties of data being imported from the S3 bucket source to the\" table.\n\n> If you specify the `ImportSourceSpecification` property, and also specify either the `StreamSpecification` , the `TableClass` property, the `DeletionProtectionEnabled` property, or the `WarmThroughput` property, the IAM entity creating/updating stack must have `UpdateTable` permission.", - "title": "ImportSourceSpecification" + "EndpointIdentifier": { + "markdownDescription": "The database endpoint identifier. Identifiers must begin with a letter and must contain only ASCII letters, digits, and hyphens. They can't end with a hyphen, or contain two consecutive hyphens.", + "title": "EndpointIdentifier", + "type": "string" }, - "KeySchema": { - "items": { - "$ref": "#/definitions/AWS::DynamoDB::Table.KeySchema" - }, - "markdownDescription": "Specifies the attributes that make up the primary key for the table. The attributes in the `KeySchema` property must also be defined in the `AttributeDefinitions` property.", - "title": "KeySchema", - "type": "array" + "EndpointType": { + "markdownDescription": "The type of endpoint. Valid values are `source` and `target` .", + "title": "EndpointType", + "type": "string" }, - "KinesisStreamSpecification": { - "$ref": "#/definitions/AWS::DynamoDB::Table.KinesisStreamSpecification", - "markdownDescription": "The Kinesis Data Streams configuration for the specified table.", - "title": "KinesisStreamSpecification" + "EngineName": { + "markdownDescription": "The type of engine for the endpoint, depending on the `EndpointType` value.\n\n*Valid values* : `mysql` | `oracle` | `postgres` | `mariadb` | `aurora` | `aurora-postgresql` | `opensearch` | `redshift` | `redshift-serverless` | `s3` | `db2` | `azuredb` | `sybase` | `dynamodb` | `mongodb` | `kinesis` | `kafka` | `elasticsearch` | `docdb` | `sqlserver` | `neptune`", + "title": "EngineName", + "type": "string" }, - "LocalSecondaryIndexes": { - "items": { - "$ref": "#/definitions/AWS::DynamoDB::Table.LocalSecondaryIndex" - }, - "markdownDescription": "Local secondary indexes to be created on the table. You can create up to 5 local secondary indexes. Each index is scoped to a given hash key value. The size of each hash key can be up to 10 gigabytes.", - "title": "LocalSecondaryIndexes", - "type": "array" + "ExtraConnectionAttributes": { + "markdownDescription": "Additional attributes associated with the connection. Each attribute is specified as a name-value pair associated by an equal sign (=). Multiple attributes are separated by a semicolon (;) with no additional white space. For information on the attributes available for connecting your source or target endpoint, see [Working with AWS DMS Endpoints](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Endpoints.html) in the *AWS Database Migration Service User Guide* .", + "title": "ExtraConnectionAttributes", + "type": "string" }, - "PointInTimeRecoverySpecification": { - "$ref": "#/definitions/AWS::DynamoDB::Table.PointInTimeRecoverySpecification", - "markdownDescription": "The settings used to enable point in time recovery.", - "title": "PointInTimeRecoverySpecification" + "GcpMySQLSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.GcpMySQLSettings", + "markdownDescription": "Settings in JSON format for the source GCP MySQL endpoint. These settings are much the same as the settings for any MySQL-compatible endpoint. For more information, see [Extra connection attributes when using MySQL as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.MySQL.html#CHAP_Source.MySQL.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", + "title": "GcpMySQLSettings" }, - "ProvisionedThroughput": { - "$ref": "#/definitions/AWS::DynamoDB::Table.ProvisionedThroughput", - "markdownDescription": "Throughput for the specified table, which consists of values for `ReadCapacityUnits` and `WriteCapacityUnits` . For more information about the contents of a provisioned throughput structure, see [Amazon DynamoDB Table ProvisionedThroughput](https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_ProvisionedThroughput.html) .\n\nIf you set `BillingMode` as `PROVISIONED` , you must specify this property. If you set `BillingMode` as `PAY_PER_REQUEST` , you cannot specify this property.", - "title": "ProvisionedThroughput" + "IbmDb2Settings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.IbmDb2Settings", + "markdownDescription": "Settings in JSON format for the source IBM Db2 LUW endpoint. For information about other available settings, see [Extra connection attributes when using Db2 LUW as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.DB2.html#CHAP_Source.DB2.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", + "title": "IbmDb2Settings" }, - "ResourcePolicy": { - "$ref": "#/definitions/AWS::DynamoDB::Table.ResourcePolicy", - "markdownDescription": "A resource-based policy document that contains permissions to add to the specified table. In a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) .\n\nWhen you attach a resource-based policy while creating a table, the policy creation is *strongly consistent* . For information about the considerations that you should keep in mind while attaching a resource-based policy, see [Resource-based policy considerations](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-considerations.html) .", - "title": "ResourcePolicy" + "KafkaSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.KafkaSettings", + "markdownDescription": "Settings in JSON format for the target Apache Kafka endpoint. For more information about other available settings, see [Using object mapping to migrate data to a Kafka topic](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Kafka.html#CHAP_Target.Kafka.ObjectMapping) in the *AWS Database Migration Service User Guide* .", + "title": "KafkaSettings" }, - "SSESpecification": { - "$ref": "#/definitions/AWS::DynamoDB::Table.SSESpecification", - "markdownDescription": "Specifies the settings to enable server-side encryption.", - "title": "SSESpecification" + "KinesisSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.KinesisSettings", + "markdownDescription": "Settings in JSON format for the target endpoint for Amazon Kinesis Data Streams. For more information about other available settings, see [Using object mapping to migrate data to a Kinesis data stream](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Kinesis.html#CHAP_Target.Kinesis.ObjectMapping) in the *AWS Database Migration Service User Guide* .", + "title": "KinesisSettings" }, - "StreamSpecification": { - "$ref": "#/definitions/AWS::DynamoDB::Table.StreamSpecification", - "markdownDescription": "The settings for the DynamoDB table stream, which capture changes to items stored in the table.", - "title": "StreamSpecification" + "KmsKeyId": { + "markdownDescription": "An AWS KMS key identifier that is used to encrypt the connection parameters for the endpoint.\n\nIf you don't specify a value for the `KmsKeyId` parameter, AWS DMS uses your default encryption key.\n\nAWS KMS creates the default encryption key for your AWS account . Your AWS account has a different default encryption key for each AWS Region .", + "title": "KmsKeyId", + "type": "string" }, - "TableClass": { - "markdownDescription": "The table class of the new table. Valid values are `STANDARD` and `STANDARD_INFREQUENT_ACCESS` .", - "title": "TableClass", + "MicrosoftSqlServerSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.MicrosoftSqlServerSettings", + "markdownDescription": "Settings in JSON format for the source and target Microsoft SQL Server endpoint. For information about other available settings, see [Extra connection attributes when using SQL Server as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.SQLServer.html#CHAP_Source.SQLServer.ConnectionAttrib) and [Extra connection attributes when using SQL Server as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.SQLServer.html#CHAP_Target.SQLServer.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", + "title": "MicrosoftSqlServerSettings" + }, + "MongoDbSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.MongoDbSettings", + "markdownDescription": "Settings in JSON format for the source MongoDB endpoint. For more information about the available settings, see [Using MongoDB as a target for AWS Database Migration Service](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.MongoDB.html#CHAP_Source.MongoDB.Configuration) in the *AWS Database Migration Service User Guide* .", + "title": "MongoDbSettings" + }, + "MySqlSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.MySqlSettings", + "markdownDescription": "Settings in JSON format for the source and target MySQL endpoint. For information about other available settings, see [Extra connection attributes when using MySQL as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.MySQL.html#CHAP_Source.MySQL.ConnectionAttrib) and [Extra connection attributes when using a MySQL-compatible database as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.MySQL.html#CHAP_Target.MySQL.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", + "title": "MySqlSettings" + }, + "NeptuneSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.NeptuneSettings", + "markdownDescription": "Settings in JSON format for the target Amazon Neptune endpoint. For more information about the available settings, see [Specifying endpoint settings for Amazon Neptune as a target](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Neptune.html#CHAP_Target.Neptune.EndpointSettings) in the *AWS Database Migration Service User Guide* .", + "title": "NeptuneSettings" + }, + "OracleSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.OracleSettings", + "markdownDescription": "Settings in JSON format for the source and target Oracle endpoint. For information about other available settings, see [Extra connection attributes when using Oracle as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.ConnectionAttrib) and [Extra connection attributes when using Oracle as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Oracle.html#CHAP_Target.Oracle.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", + "title": "OracleSettings" + }, + "Password": { + "markdownDescription": "The password to be used to log in to the endpoint database.", + "title": "Password", "type": "string" }, - "TableName": { - "markdownDescription": "A name for the table. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the table name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "TableName", + "Port": { + "markdownDescription": "The port used by the endpoint database.", + "title": "Port", + "type": "number" + }, + "PostgreSqlSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.PostgreSqlSettings", + "markdownDescription": "Settings in JSON format for the source and target PostgreSQL endpoint.\n\nFor information about other available settings, see [Extra connection attributes when using PostgreSQL as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.PostgreSQL.html#CHAP_Source.PostgreSQL.ConnectionAttrib) and [Extra connection attributes when using PostgreSQL as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.PostgreSQL.html#CHAP_Target.PostgreSQL.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", + "title": "PostgreSqlSettings" + }, + "RedisSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.RedisSettings", + "markdownDescription": "Settings in JSON format for the target Redis endpoint. For information about other available settings, see [Specifying endpoint settings for Redis as a target](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Redis.html#CHAP_Target.Redis.EndpointSettings) in the *AWS Database Migration Service User Guide* .", + "title": "RedisSettings" + }, + "RedshiftSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.RedshiftSettings", + "markdownDescription": "Settings in JSON format for the Amazon Redshift endpoint.\n\nFor more information about other available settings, see [Extra connection attributes when using Amazon Redshift as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Redshift.html#CHAP_Target.Redshift.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", + "title": "RedshiftSettings" + }, + "ResourceIdentifier": { + "markdownDescription": "A display name for the resource identifier at the end of the `EndpointArn` response parameter that is returned in the created `Endpoint` object. The value for this parameter can have up to 31 characters. It can contain only ASCII letters, digits, and hyphen ('-'). Also, it can't end with a hyphen or contain two consecutive hyphens, and can only begin with a letter, such as `Example-App-ARN1` .\n\nFor example, this value might result in the `EndpointArn` value `arn:aws:dms:eu-west-1:012345678901:rep:Example-App-ARN1` . If you don't specify a `ResourceIdentifier` value, AWS DMS generates a default identifier value for the end of `EndpointArn` .", + "title": "ResourceIdentifier", + "type": "string" + }, + "S3Settings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.S3Settings", + "markdownDescription": "Settings in JSON format for the source and target Amazon S3 endpoint. For more information about other available settings, see [Extra connection attributes when using Amazon S3 as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.S3.html#CHAP_Source.S3.Configuring) and [Extra connection attributes when using Amazon S3 as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.Configuring) in the *AWS Database Migration Service User Guide* .", + "title": "S3Settings" + }, + "ServerName": { + "markdownDescription": "The name of the server where the endpoint database resides.", + "title": "ServerName", + "type": "string" + }, + "SslMode": { + "markdownDescription": "The Secure Sockets Layer (SSL) mode to use for the SSL connection. The default is `none` .\n\n> When `engine_name` is set to S3, the only allowed value is `none` .", + "title": "SslMode", "type": "string" }, + "SybaseSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.SybaseSettings", + "markdownDescription": "Settings in JSON format for the source and target SAP ASE endpoint. For information about other available settings, see [Extra connection attributes when using SAP ASE as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.SAP.html#CHAP_Source.SAP.ConnectionAttrib) and [Extra connection attributes when using SAP ASE as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.SAP.html#CHAP_Target.SAP.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", + "title": "SybaseSettings" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "One or more tags to be assigned to the endpoint.", "title": "Tags", "type": "array" }, - "TimeToLiveSpecification": { - "$ref": "#/definitions/AWS::DynamoDB::Table.TimeToLiveSpecification", - "markdownDescription": "Specifies the Time to Live (TTL) settings for the table.\n\n> For detailed information about the limits in DynamoDB, see [Limits in Amazon DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Limits.html) in the Amazon DynamoDB Developer Guide.", - "title": "TimeToLiveSpecification" + "Username": { + "markdownDescription": "The user name to be used to log in to the endpoint database.", + "title": "Username", + "type": "string" } }, "required": [ - "KeySchema" + "EndpointType", + "EngineName" ], "type": "object" }, "Type": { "enum": [ - "AWS::DynamoDB::Table" + "AWS::DMS::Endpoint" ], "type": "string" }, @@ -67927,1160 +73759,1277 @@ ], "type": "object" }, - "AWS::DynamoDB::Table.AttributeDefinition": { + "AWS::DMS::Endpoint.DocDbSettings": { "additionalProperties": false, "properties": { - "AttributeName": { - "markdownDescription": "A name for the attribute.", - "title": "AttributeName", + "DocsToInvestigate": { + "markdownDescription": "Indicates the number of documents to preview to determine the document organization. Use this setting when `NestingLevel` is set to `\"one\"` .\n\nMust be a positive value greater than `0` . Default value is `1000` .", + "title": "DocsToInvestigate", + "type": "number" + }, + "ExtractDocId": { + "markdownDescription": "Specifies the document ID. Use this setting when `NestingLevel` is set to `\"none\"` .\n\nDefault value is `\"false\"` .", + "title": "ExtractDocId", + "type": "boolean" + }, + "NestingLevel": { + "markdownDescription": "Specifies either document or table mode.\n\nDefault value is `\"none\"` . Specify `\"none\"` to use document mode. Specify `\"one\"` to use table mode.", + "title": "NestingLevel", "type": "string" }, - "AttributeType": { - "markdownDescription": "The data type for the attribute, where:\n\n- `S` - the attribute is of type String\n- `N` - the attribute is of type Number\n- `B` - the attribute is of type Binary", - "title": "AttributeType", + "SecretsManagerAccessRoleArn": { + "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the DocumentDB endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", + "title": "SecretsManagerAccessRoleArn", + "type": "string" + }, + "SecretsManagerSecretId": { + "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the DocumentDB endpoint connection details.", + "title": "SecretsManagerSecretId", "type": "string" } }, - "required": [ - "AttributeName", - "AttributeType" - ], - "type": "object" - }, - "AWS::DynamoDB::Table.ContributorInsightsSpecification": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Indicates whether CloudWatch Contributor Insights are to be enabled (true) or disabled (false).", - "title": "Enabled", - "type": "boolean" - } - }, - "required": [ - "Enabled" - ], "type": "object" }, - "AWS::DynamoDB::Table.Csv": { + "AWS::DMS::Endpoint.DynamoDbSettings": { "additionalProperties": false, "properties": { - "Delimiter": { - "markdownDescription": "The delimiter used for separating items in the CSV file being imported.", - "title": "Delimiter", + "ServiceAccessRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) used by the service to access the IAM role. The role must allow the `iam:PassRole` action.", + "title": "ServiceAccessRoleArn", "type": "string" - }, - "HeaderList": { - "items": { - "type": "string" - }, - "markdownDescription": "List of the headers used to specify a common header for all source CSV files being imported. If this field is specified then the first line of each CSV file is treated as data instead of the header. If this field is not specified the the first line of each CSV file is treated as the header.", - "title": "HeaderList", - "type": "array" } }, "type": "object" }, - "AWS::DynamoDB::Table.GlobalSecondaryIndex": { + "AWS::DMS::Endpoint.ElasticsearchSettings": { "additionalProperties": false, "properties": { - "ContributorInsightsSpecification": { - "$ref": "#/definitions/AWS::DynamoDB::Table.ContributorInsightsSpecification", - "markdownDescription": "The settings used to enable or disable CloudWatch Contributor Insights for the specified global secondary index.", - "title": "ContributorInsightsSpecification" - }, - "IndexName": { - "markdownDescription": "The name of the global secondary index. The name must be unique among all other indexes on this table.", - "title": "IndexName", + "EndpointUri": { + "markdownDescription": "The endpoint for the OpenSearch cluster. AWS DMS uses HTTPS if a transport protocol (either HTTP or HTTPS) isn't specified.", + "title": "EndpointUri", "type": "string" }, - "KeySchema": { - "items": { - "$ref": "#/definitions/AWS::DynamoDB::Table.KeySchema" - }, - "markdownDescription": "The complete key schema for a global secondary index, which consists of one or more pairs of attribute names and key types:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.", - "title": "KeySchema", - "type": "array" + "ErrorRetryDuration": { + "markdownDescription": "The maximum number of seconds for which DMS retries failed API requests to the OpenSearch cluster.", + "title": "ErrorRetryDuration", + "type": "number" }, - "Projection": { - "$ref": "#/definitions/AWS::DynamoDB::Table.Projection", - "markdownDescription": "Represents attributes that are copied (projected) from the table into the global secondary index. These are in addition to the primary key attributes and index key attributes, which are automatically projected.", - "title": "Projection" + "FullLoadErrorPercentage": { + "markdownDescription": "The maximum percentage of records that can fail to be written before a full load operation stops.\n\nTo avoid early failure, this counter is only effective after 1,000 records are transferred. OpenSearch also has the concept of error monitoring during the last 10 minutes of an Observation Window. If transfer of all records fail in the last 10 minutes, the full load operation stops.", + "title": "FullLoadErrorPercentage", + "type": "number" }, - "ProvisionedThroughput": { - "$ref": "#/definitions/AWS::DynamoDB::Table.ProvisionedThroughput", - "markdownDescription": "Represents the provisioned throughput settings for the specified global secondary index. You must use either `OnDemandThroughput` or `ProvisionedThroughput` based on your table's capacity mode.\n\nFor current minimum and maximum provisioned throughput values, see [Service, Account, and Table Quotas](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Limits.html) in the *Amazon DynamoDB Developer Guide* .", - "title": "ProvisionedThroughput" + "ServiceAccessRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) used by the service to access the IAM role. The role must allow the `iam:PassRole` action.", + "title": "ServiceAccessRoleArn", + "type": "string" } }, - "required": [ - "IndexName", - "KeySchema", - "Projection" - ], "type": "object" }, - "AWS::DynamoDB::Table.ImportSourceSpecification": { + "AWS::DMS::Endpoint.GcpMySQLSettings": { "additionalProperties": false, "properties": { - "InputCompressionType": { - "markdownDescription": "Type of compression to be used on the input coming from the imported table.", - "title": "InputCompressionType", + "AfterConnectScript": { + "markdownDescription": "Specifies a script to run immediately after AWS DMS connects to the endpoint. The migration task continues running regardless if the SQL statement succeeds or fails.\n\nFor this parameter, provide the code of the script itself, not the name of a file containing the script.", + "title": "AfterConnectScript", "type": "string" }, - "InputFormat": { - "markdownDescription": "The format of the source data. Valid values for `ImportFormat` are `CSV` , `DYNAMODB_JSON` or `ION` .", - "title": "InputFormat", - "type": "string" + "CleanSourceMetadataOnMismatch": { + "markdownDescription": "Adjusts the behavior of AWS DMS when migrating from an SQL Server source database that is hosted as part of an Always On availability group cluster. If you need AWS DMS to poll all the nodes in the Always On cluster for transaction backups, set this attribute to `false` .", + "title": "CleanSourceMetadataOnMismatch", + "type": "boolean" }, - "InputFormatOptions": { - "$ref": "#/definitions/AWS::DynamoDB::Table.InputFormatOptions", - "markdownDescription": "Additional properties that specify how the input is formatted,", - "title": "InputFormatOptions" + "DatabaseName": { + "markdownDescription": "Database name for the endpoint. For a MySQL source or target endpoint, don't explicitly specify the database using the `DatabaseName` request parameter on either the `CreateEndpoint` or `ModifyEndpoint` API call. Specifying `DatabaseName` when you create or modify a MySQL endpoint replicates all the task tables to this single database. For MySQL endpoints, you specify the database only when you specify the schema in the table-mapping rules of the AWS DMS task.", + "title": "DatabaseName", + "type": "string" }, - "S3BucketSource": { - "$ref": "#/definitions/AWS::DynamoDB::Table.S3BucketSource", - "markdownDescription": "The S3 bucket that provides the source for the import.", - "title": "S3BucketSource" - } - }, - "required": [ - "InputFormat", - "S3BucketSource" - ], - "type": "object" - }, - "AWS::DynamoDB::Table.InputFormatOptions": { - "additionalProperties": false, - "properties": { - "Csv": { - "$ref": "#/definitions/AWS::DynamoDB::Table.Csv", - "markdownDescription": "The options for imported source files in CSV format. The values are Delimiter and HeaderList.", - "title": "Csv" - } - }, - "type": "object" - }, - "AWS::DynamoDB::Table.KeySchema": { - "additionalProperties": false, - "properties": { - "AttributeName": { - "markdownDescription": "The name of a key attribute.", - "title": "AttributeName", + "EventsPollInterval": { + "markdownDescription": "Specifies how often to check the binary log for new changes/events when the database is idle. The default is five seconds.\n\nExample: `eventsPollInterval=5;`\n\nIn the example, AWS DMS checks for changes in the binary logs every five seconds.", + "title": "EventsPollInterval", + "type": "number" + }, + "MaxFileSize": { + "markdownDescription": "Specifies the maximum size (in KB) of any .csv file used to transfer data to a MySQL-compatible database.\n\nExample: `maxFileSize=512`", + "title": "MaxFileSize", + "type": "number" + }, + "ParallelLoadThreads": { + "markdownDescription": "Improves performance when loading data into the MySQL-compatible target database. Specifies how many threads to use to load the data into the MySQL-compatible target database. Setting a large number of threads can have an adverse effect on database performance, because a separate connection is required for each thread. The default is one.\n\nExample: `parallelLoadThreads=1`", + "title": "ParallelLoadThreads", + "type": "number" + }, + "Password": { + "markdownDescription": "Endpoint connection password.", + "title": "Password", "type": "string" }, - "KeyType": { - "markdownDescription": "The role that this key attribute will assume:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.", - "title": "KeyType", + "Port": { + "markdownDescription": "The port used by the endpoint database.", + "title": "Port", + "type": "number" + }, + "SecretsManagerAccessRoleArn": { + "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret.` The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the MySQL endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", + "title": "SecretsManagerAccessRoleArn", "type": "string" - } - }, - "required": [ - "AttributeName", - "KeyType" - ], - "type": "object" - }, - "AWS::DynamoDB::Table.KinesisStreamSpecification": { - "additionalProperties": false, - "properties": { - "ApproximateCreationDateTimePrecision": { - "markdownDescription": "The precision for the time and date that the stream was created.", - "title": "ApproximateCreationDateTimePrecision", + }, + "SecretsManagerSecretId": { + "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the MySQL endpoint connection details.", + "title": "SecretsManagerSecretId", "type": "string" }, - "StreamArn": { - "markdownDescription": "The ARN for a specific Kinesis data stream.\n\nLength Constraints: Minimum length of 37. Maximum length of 1024.", - "title": "StreamArn", + "ServerName": { + "markdownDescription": "The MySQL host name.", + "title": "ServerName", + "type": "string" + }, + "ServerTimezone": { + "markdownDescription": "Specifies the time zone for the source MySQL database. Don't enclose time zones in single quotation marks.\n\nExample: `serverTimezone=US/Pacific;`", + "title": "ServerTimezone", + "type": "string" + }, + "Username": { + "markdownDescription": "Endpoint connection user name.", + "title": "Username", "type": "string" } }, - "required": [ - "StreamArn" - ], "type": "object" }, - "AWS::DynamoDB::Table.LocalSecondaryIndex": { + "AWS::DMS::Endpoint.IbmDb2Settings": { "additionalProperties": false, "properties": { - "IndexName": { - "markdownDescription": "The name of the local secondary index. The name must be unique among all other indexes on this table.", - "title": "IndexName", + "CurrentLsn": { + "markdownDescription": "For ongoing replication (CDC), use CurrentLSN to specify a log sequence number (LSN) where you want the replication to start.", + "title": "CurrentLsn", "type": "string" }, - "KeySchema": { - "items": { - "$ref": "#/definitions/AWS::DynamoDB::Table.KeySchema" - }, - "markdownDescription": "The complete key schema for the local secondary index, consisting of one or more pairs of attribute names and key types:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.", - "title": "KeySchema", - "type": "array" + "KeepCsvFiles": { + "markdownDescription": "If true, AWS DMS saves any .csv files to the Db2 LUW target that were used to replicate data. DMS uses these files for analysis and troubleshooting.\n\nThe default value is false.", + "title": "KeepCsvFiles", + "type": "boolean" }, - "Projection": { - "$ref": "#/definitions/AWS::DynamoDB::Table.Projection", - "markdownDescription": "Represents attributes that are copied (projected) from the table into the local secondary index. These are in addition to the primary key attributes and index key attributes, which are automatically projected.", - "title": "Projection" - } - }, - "required": [ - "IndexName", - "KeySchema", - "Projection" - ], - "type": "object" - }, - "AWS::DynamoDB::Table.PointInTimeRecoverySpecification": { - "additionalProperties": false, - "properties": { - "PointInTimeRecoveryEnabled": { - "markdownDescription": "Indicates whether point in time recovery is enabled (true) or disabled (false) on the table.", - "title": "PointInTimeRecoveryEnabled", + "LoadTimeout": { + "markdownDescription": "The amount of time (in milliseconds) before AWS DMS times out operations performed by DMS on the Db2 target. The default value is 1200 (20 minutes).", + "title": "LoadTimeout", + "type": "number" + }, + "MaxFileSize": { + "markdownDescription": "Specifies the maximum size (in KB) of .csv files used to transfer data to Db2 LUW.", + "title": "MaxFileSize", + "type": "number" + }, + "MaxKBytesPerRead": { + "markdownDescription": "Maximum number of bytes per read, as a NUMBER value. The default is 64 KB.", + "title": "MaxKBytesPerRead", + "type": "number" + }, + "SecretsManagerAccessRoleArn": { + "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value ofthe AWS Secrets Manager secret that allows access to the Db2 LUW endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", + "title": "SecretsManagerAccessRoleArn", + "type": "string" + }, + "SecretsManagerSecretId": { + "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the IBMDB2 endpoint connection details.", + "title": "SecretsManagerSecretId", + "type": "string" + }, + "SetDataCaptureChanges": { + "markdownDescription": "Enables ongoing replication (CDC) as a BOOLEAN value. The default is true.", + "title": "SetDataCaptureChanges", "type": "boolean" + }, + "WriteBufferSize": { + "markdownDescription": "The size (in KB) of the in-memory file write buffer used when generating .csv files on the local disk on the DMS replication instance. The default value is 1024 (1 MB).", + "title": "WriteBufferSize", + "type": "number" } }, "type": "object" }, - "AWS::DynamoDB::Table.Projection": { + "AWS::DMS::Endpoint.KafkaSettings": { "additionalProperties": false, "properties": { - "NonKeyAttributes": { - "items": { - "type": "string" - }, - "markdownDescription": "Represents the non-key attribute names which will be projected into the index.\n\nFor global and local secondary indexes, the total count of `NonKeyAttributes` summed across all of the secondary indexes, must not exceed 100. If you project the same attribute into two different indexes, this counts as two distinct attributes when determining the total. This limit only applies when you specify the ProjectionType of `INCLUDE` . You still can specify the ProjectionType of `ALL` to project all attributes from the source table, even if the table has more than 100 attributes.", - "title": "NonKeyAttributes", - "type": "array" + "Broker": { + "markdownDescription": "A comma-separated list of one or more broker locations in your Kafka cluster that host your Kafka instance. Specify each broker location in the form `*broker-hostname-or-ip* : *port*` . For example, `\"ec2-12-345-678-901.compute-1.amazonaws.com:2345\"` . For more information and examples of specifying a list of broker locations, see [Using Apache Kafka as a target for AWS Database Migration Service](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Kafka.html) in the *AWS Database Migration Service User Guide* .", + "title": "Broker", + "type": "string" }, - "ProjectionType": { - "markdownDescription": "The set of attributes that are projected into the index:\n\n- `KEYS_ONLY` - Only the index and primary keys are projected into the index.\n- `INCLUDE` - In addition to the attributes described in `KEYS_ONLY` , the secondary index will include other non-key attributes that you specify.\n- `ALL` - All of the table attributes are projected into the index.\n\nWhen using the DynamoDB console, `ALL` is selected by default.", - "title": "ProjectionType", + "IncludeControlDetails": { + "markdownDescription": "Shows detailed control information for table definition, column definition, and table and column changes in the Kafka message output. The default is `false` .", + "title": "IncludeControlDetails", + "type": "boolean" + }, + "IncludeNullAndEmpty": { + "markdownDescription": "Include NULL and empty columns for records migrated to the endpoint. The default is `false` .", + "title": "IncludeNullAndEmpty", + "type": "boolean" + }, + "IncludePartitionValue": { + "markdownDescription": "Shows the partition value within the Kafka message output unless the partition type is `schema-table-type` . The default is `false` .", + "title": "IncludePartitionValue", + "type": "boolean" + }, + "IncludeTableAlterOperations": { + "markdownDescription": "Includes any data definition language (DDL) operations that change the table in the control data, such as `rename-table` , `drop-table` , `add-column` , `drop-column` , and `rename-column` . The default is `false` .", + "title": "IncludeTableAlterOperations", + "type": "boolean" + }, + "IncludeTransactionDetails": { + "markdownDescription": "Provides detailed transaction information from the source database. This information includes a commit timestamp, a log position, and values for `transaction_id` , previous `transaction_id` , and `transaction_record_id` (the record offset within a transaction). The default is `false` .", + "title": "IncludeTransactionDetails", + "type": "boolean" + }, + "MessageFormat": { + "markdownDescription": "The output format for the records created on the endpoint. The message format is `JSON` (default) or `JSON_UNFORMATTED` (a single line with no tab).", + "title": "MessageFormat", "type": "string" - } - }, - "type": "object" - }, - "AWS::DynamoDB::Table.ProvisionedThroughput": { - "additionalProperties": false, - "properties": { - "ReadCapacityUnits": { - "markdownDescription": "The maximum number of strongly consistent reads consumed per second before DynamoDB returns a `ThrottlingException` . For more information, see [Specifying Read and Write Requirements](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/ProvisionedThroughput.html) in the *Amazon DynamoDB Developer Guide* .\n\nIf read/write capacity mode is `PAY_PER_REQUEST` the value is set to 0.", - "title": "ReadCapacityUnits", - "type": "number" }, - "WriteCapacityUnits": { - "markdownDescription": "The maximum number of writes consumed per second before DynamoDB returns a `ThrottlingException` . For more information, see [Specifying Read and Write Requirements](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/ProvisionedThroughput.html) in the *Amazon DynamoDB Developer Guide* .\n\nIf read/write capacity mode is `PAY_PER_REQUEST` the value is set to 0.", - "title": "WriteCapacityUnits", + "MessageMaxBytes": { + "markdownDescription": "The maximum size in bytes for records created on the endpoint The default is 1,000,000.", + "title": "MessageMaxBytes", "type": "number" - } - }, - "required": [ - "ReadCapacityUnits", - "WriteCapacityUnits" - ], - "type": "object" - }, - "AWS::DynamoDB::Table.ResourcePolicy": { - "additionalProperties": false, - "properties": { - "PolicyDocument": { - "markdownDescription": "A resource-based policy document that contains permissions to add to the specified DynamoDB table, index, or both. In a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) .", - "title": "PolicyDocument", - "type": "object" - } - }, - "required": [ - "PolicyDocument" - ], - "type": "object" - }, - "AWS::DynamoDB::Table.S3BucketSource": { - "additionalProperties": false, - "properties": { - "S3Bucket": { - "markdownDescription": "The S3 bucket that is being imported from.", - "title": "S3Bucket", + }, + "NoHexPrefix": { + "markdownDescription": "Set this optional parameter to `true` to avoid adding a '0x' prefix to raw data in hexadecimal format. For example, by default, AWS DMS adds a '0x' prefix to the LOB column type in hexadecimal format moving from an Oracle source to a Kafka target. Use the `NoHexPrefix` endpoint setting to enable migration of RAW data type columns without adding the '0x' prefix.", + "title": "NoHexPrefix", + "type": "boolean" + }, + "PartitionIncludeSchemaTable": { + "markdownDescription": "Prefixes schema and table names to partition values, when the partition type is `primary-key-type` . Doing this increases data distribution among Kafka partitions. For example, suppose that a SysBench schema has thousands of tables and each table has only limited range for a primary key. In this case, the same primary key is sent from thousands of tables to the same partition, which causes throttling. The default is `false` .", + "title": "PartitionIncludeSchemaTable", + "type": "boolean" + }, + "SaslPassword": { + "markdownDescription": "The secure password that you created when you first set up your Amazon MSK cluster to validate a client identity and make an encrypted connection between server and client using SASL-SSL authentication.", + "title": "SaslPassword", "type": "string" }, - "S3BucketOwner": { - "markdownDescription": "The account number of the S3 bucket that is being imported from. If the bucket is owned by the requester this is optional.", - "title": "S3BucketOwner", + "SaslUserName": { + "markdownDescription": "The secure user name you created when you first set up your Amazon MSK cluster to validate a client identity and make an encrypted connection between server and client using SASL-SSL authentication.", + "title": "SaslUserName", "type": "string" }, - "S3KeyPrefix": { - "markdownDescription": "The key prefix shared by all S3 Objects that are being imported.", - "title": "S3KeyPrefix", + "SecurityProtocol": { + "markdownDescription": "Set secure connection to a Kafka target endpoint using Transport Layer Security (TLS). Options include `ssl-encryption` , `ssl-authentication` , and `sasl-ssl` . `sasl-ssl` requires `SaslUsername` and `SaslPassword` .", + "title": "SecurityProtocol", "type": "string" - } - }, - "required": [ - "S3Bucket" - ], - "type": "object" - }, - "AWS::DynamoDB::Table.SSESpecification": { - "additionalProperties": false, - "properties": { - "KMSMasterKeyId": { - "markdownDescription": "The AWS KMS key that should be used for the AWS KMS encryption. To specify a key, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. Note that you should only provide this parameter if the key is different from the default DynamoDB key `alias/aws/dynamodb` .", - "title": "KMSMasterKeyId", + }, + "SslCaCertificateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the private certificate authority (CA) cert that AWS DMS uses to securely connect to your Kafka target endpoint.", + "title": "SslCaCertificateArn", "type": "string" }, - "SSEEnabled": { - "markdownDescription": "Indicates whether server-side encryption is done using an AWS managed key or an AWS owned key. If enabled (true), server-side encryption type is set to `KMS` and an AWS managed key is used ( AWS KMS charges apply). If disabled (false) or not specified, server-side encryption is set to AWS owned key.", - "title": "SSEEnabled", - "type": "boolean" + "SslClientCertificateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the client certificate used to securely connect to a Kafka target endpoint.", + "title": "SslClientCertificateArn", + "type": "string" }, - "SSEType": { - "markdownDescription": "Server-side encryption type. The only supported value is:\n\n- `KMS` - Server-side encryption that uses AWS Key Management Service . The key is stored in your account and is managed by AWS KMS ( AWS KMS charges apply).", - "title": "SSEType", + "SslClientKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the client private key used to securely connect to a Kafka target endpoint.", + "title": "SslClientKeyArn", "type": "string" - } - }, - "required": [ - "SSEEnabled" - ], - "type": "object" - }, - "AWS::DynamoDB::Table.StreamSpecification": { - "additionalProperties": false, - "properties": { - "ResourcePolicy": { - "$ref": "#/definitions/AWS::DynamoDB::Table.ResourcePolicy", - "markdownDescription": "Creates or updates a resource-based policy document that contains the permissions for DynamoDB resources, such as a table's streams. Resource-based policies let you define access permissions by specifying who has access to each resource, and the actions they are allowed to perform on each resource.\n\nIn a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) .", - "title": "ResourcePolicy" }, - "StreamViewType": { - "markdownDescription": "When an item in the table is modified, `StreamViewType` determines what information is written to the stream for this table. Valid values for `StreamViewType` are:\n\n- `KEYS_ONLY` - Only the key attributes of the modified item are written to the stream.\n- `NEW_IMAGE` - The entire item, as it appears after it was modified, is written to the stream.\n- `OLD_IMAGE` - The entire item, as it appeared before it was modified, is written to the stream.\n- `NEW_AND_OLD_IMAGES` - Both the new and the old item images of the item are written to the stream.", - "title": "StreamViewType", + "SslClientKeyPassword": { + "markdownDescription": "The password for the client private key used to securely connect to a Kafka target endpoint.", + "title": "SslClientKeyPassword", + "type": "string" + }, + "Topic": { + "markdownDescription": "The topic to which you migrate the data. If you don't specify a topic, AWS DMS specifies `\"kafka-default-topic\"` as the migration topic.", + "title": "Topic", "type": "string" } }, - "required": [ - "StreamViewType" - ], "type": "object" }, - "AWS::DynamoDB::Table.TimeToLiveSpecification": { + "AWS::DMS::Endpoint.KinesisSettings": { "additionalProperties": false, "properties": { - "AttributeName": { - "markdownDescription": "The name of the TTL attribute used to store the expiration time for items in the table.\n\n> - The `AttributeName` property is required when enabling the TTL, or when TTL is already enabled.\n> - To update this property, you must first disable TTL and then enable TTL with the new attribute name.", - "title": "AttributeName", + "IncludeControlDetails": { + "markdownDescription": "Shows detailed control information for table definition, column definition, and table and column changes in the Kinesis message output. The default is `false` .", + "title": "IncludeControlDetails", + "type": "boolean" + }, + "IncludeNullAndEmpty": { + "markdownDescription": "Include NULL and empty columns for records migrated to the endpoint. The default is `false` .", + "title": "IncludeNullAndEmpty", + "type": "boolean" + }, + "IncludePartitionValue": { + "markdownDescription": "Shows the partition value within the Kinesis message output, unless the partition type is `schema-table-type` . The default is `false` .", + "title": "IncludePartitionValue", + "type": "boolean" + }, + "IncludeTableAlterOperations": { + "markdownDescription": "Includes any data definition language (DDL) operations that change the table in the control data, such as `rename-table` , `drop-table` , `add-column` , `drop-column` , and `rename-column` . The default is `false` .", + "title": "IncludeTableAlterOperations", + "type": "boolean" + }, + "IncludeTransactionDetails": { + "markdownDescription": "Provides detailed transaction information from the source database. This information includes a commit timestamp, a log position, and values for `transaction_id` , previous `transaction_id` , and `transaction_record_id` (the record offset within a transaction). The default is `false` .", + "title": "IncludeTransactionDetails", + "type": "boolean" + }, + "MessageFormat": { + "markdownDescription": "The output format for the records created on the endpoint. The message format is `JSON` (default) or `JSON_UNFORMATTED` (a single line with no tab).", + "title": "MessageFormat", "type": "string" }, - "Enabled": { - "markdownDescription": "Indicates whether TTL is to be enabled (true) or disabled (false) on the table.", - "title": "Enabled", + "NoHexPrefix": { + "markdownDescription": "Set this optional parameter to `true` to avoid adding a '0x' prefix to raw data in hexadecimal format. For example, by default, AWS DMS adds a '0x' prefix to the LOB column type in hexadecimal format moving from an Oracle source to an Amazon Kinesis target. Use the `NoHexPrefix` endpoint setting to enable migration of RAW data type columns without adding the '0x' prefix.", + "title": "NoHexPrefix", + "type": "boolean" + }, + "PartitionIncludeSchemaTable": { + "markdownDescription": "Prefixes schema and table names to partition values, when the partition type is `primary-key-type` . Doing this increases data distribution among Kinesis shards. For example, suppose that a SysBench schema has thousands of tables and each table has only limited range for a primary key. In this case, the same primary key is sent from thousands of tables to the same shard, which causes throttling. The default is `false` .", + "title": "PartitionIncludeSchemaTable", "type": "boolean" + }, + "ServiceAccessRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the IAM role that AWS DMS uses to write to the Kinesis data stream. The role must allow the `iam:PassRole` action.", + "title": "ServiceAccessRoleArn", + "type": "string" + }, + "StreamArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the Amazon Kinesis Data Streams endpoint.", + "title": "StreamArn", + "type": "string" } }, - "required": [ - "Enabled" - ], "type": "object" }, - "AWS::EC2::CapacityReservation": { + "AWS::DMS::Endpoint.MicrosoftSqlServerSettings": { "additionalProperties": false, "properties": { - "Condition": { + "BcpPacketSize": { + "markdownDescription": "The maximum size of the packets (in bytes) used to transfer data using BCP.", + "title": "BcpPacketSize", + "type": "number" + }, + "ControlTablesFileGroup": { + "markdownDescription": "Specifies a file group for the AWS DMS internal tables. When the replication task starts, all the internal AWS DMS control tables (awsdms_ apply_exception, awsdms_apply, awsdms_changes) are created for the specified file group.", + "title": "ControlTablesFileGroup", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DatabaseName": { + "markdownDescription": "Database name for the endpoint.", + "title": "DatabaseName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ForceLobLookup": { + "markdownDescription": "Forces LOB lookup on inline LOB.", + "title": "ForceLobLookup", + "type": "boolean" }, - "Metadata": { - "type": "object" + "Password": { + "markdownDescription": "Endpoint connection password.", + "title": "Password", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AvailabilityZone": { - "markdownDescription": "The Availability Zone in which to create the Capacity Reservation.", - "title": "AvailabilityZone", - "type": "string" - }, - "EbsOptimized": { - "markdownDescription": "Indicates whether the Capacity Reservation supports EBS-optimized instances. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS- optimized instance.", - "title": "EbsOptimized", - "type": "boolean" - }, - "EndDate": { - "markdownDescription": "The date and time at which the Capacity Reservation expires. When a Capacity Reservation expires, the reserved capacity is released and you can no longer launch instances into it. The Capacity Reservation's state changes to `expired` when it reaches its end date and time.\n\nYou must provide an `EndDate` value if `EndDateType` is `limited` . Omit `EndDate` if `EndDateType` is `unlimited` .\n\nIf the `EndDateType` is `limited` , the Capacity Reservation is cancelled within an hour from the specified time. For example, if you specify 5/31/2019, 13:30:55, the Capacity Reservation is guaranteed to end between 13:30:55 and 14:30:55 on 5/31/2019.\n\nIf you are requesting a future-dated Capacity Reservation, you can't specify an end date and time that is within the commitment duration.", - "title": "EndDate", - "type": "string" - }, - "EndDateType": { - "markdownDescription": "Indicates the way in which the Capacity Reservation ends. A Capacity Reservation can have one of the following end types:\n\n- `unlimited` - The Capacity Reservation remains active until you explicitly cancel it. Do not provide an `EndDate` if the `EndDateType` is `unlimited` .\n- `limited` - The Capacity Reservation expires automatically at a specified date and time. You must provide an `EndDate` value if the `EndDateType` value is `limited` .", - "title": "EndDateType", - "type": "string" - }, - "EphemeralStorage": { - "markdownDescription": "*Deprecated.*", - "title": "EphemeralStorage", - "type": "boolean" - }, - "InstanceCount": { - "markdownDescription": "The number of instances for which to reserve capacity.\n\n> You can request future-dated Capacity Reservations for an instance count with a minimum of 100 vCPUs. For example, if you request a future-dated Capacity Reservation for `m5.xlarge` instances, you must request at least 25 instances ( *25 * m5.xlarge = 100 vCPUs* ). \n\nValid range: 1 - 1000", - "title": "InstanceCount", - "type": "number" - }, - "InstanceMatchCriteria": { - "markdownDescription": "Indicates the type of instance launches that the Capacity Reservation accepts. The options include:\n\n- `open` - The Capacity Reservation automatically matches all instances that have matching attributes (instance type, platform, and Availability Zone). Instances that have matching attributes run in the Capacity Reservation automatically without specifying any additional parameters.\n- `targeted` - The Capacity Reservation only accepts instances that have matching attributes (instance type, platform, and Availability Zone), and explicitly target the Capacity Reservation. This ensures that only permitted instances can use the reserved capacity.\n\n> If you are requesting a future-dated Capacity Reservation, you must specify `targeted` . \n\nDefault: `open`", - "title": "InstanceMatchCriteria", - "type": "string" - }, - "InstancePlatform": { - "markdownDescription": "The type of operating system for which to reserve capacity.", - "title": "InstancePlatform", - "type": "string" - }, - "InstanceType": { - "markdownDescription": "The instance type for which to reserve capacity.\n\n> You can request future-dated Capacity Reservations for instance types in the C, M, R, I, and T instance families only. \n\nFor more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .", - "title": "InstanceType", - "type": "string" - }, - "OutPostArn": { - "markdownDescription": "> Not supported for future-dated Capacity Reservations. \n\nThe Amazon Resource Name (ARN) of the Outpost on which to create the Capacity Reservation.", - "title": "OutPostArn", - "type": "string" - }, - "PlacementGroupArn": { - "markdownDescription": "> Not supported for future-dated Capacity Reservations. \n\nThe Amazon Resource Name (ARN) of the cluster placement group in which to create the Capacity Reservation. For more information, see [Capacity Reservations for cluster placement groups](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/cr-cpg.html) in the *Amazon EC2 User Guide* .", - "title": "PlacementGroupArn", - "type": "string" - }, - "TagSpecifications": { - "items": { - "$ref": "#/definitions/AWS::EC2::CapacityReservation.TagSpecification" - }, - "markdownDescription": "The tags to apply to the Capacity Reservation during launch.", - "title": "TagSpecifications", - "type": "array" - }, - "Tenancy": { - "markdownDescription": "Indicates the tenancy of the Capacity Reservation. A Capacity Reservation can have one of the following tenancy settings:\n\n- `default` - The Capacity Reservation is created on hardware that is shared with other AWS accounts .\n- `dedicated` - The Capacity Reservation is created on single-tenant hardware that is dedicated to a single AWS account .", - "title": "Tenancy", - "type": "string" - } - }, - "required": [ - "AvailabilityZone", - "InstanceCount", - "InstancePlatform", - "InstanceType" - ], - "type": "object" + "Port": { + "markdownDescription": "Endpoint TCP port.", + "title": "Port", + "type": "number" }, - "Type": { - "enum": [ - "AWS::EC2::CapacityReservation" - ], - "type": "string" + "QuerySingleAlwaysOnNode": { + "markdownDescription": "Cleans and recreates table metadata information on the replication instance when a mismatch occurs. An example is a situation where running an alter DDL statement on a table might result in different information about the table cached in the replication instance.", + "title": "QuerySingleAlwaysOnNode", + "type": "boolean" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ReadBackupOnly": { + "markdownDescription": "When this attribute is set to `Y` , AWS DMS only reads changes from transaction log backups and doesn't read from the active transaction log file during ongoing replication. Setting this parameter to `Y` enables you to control active transaction log file growth during full load and ongoing replication tasks. However, it can add some source latency to ongoing replication.", + "title": "ReadBackupOnly", + "type": "boolean" + }, + "SafeguardPolicy": { + "markdownDescription": "Use this attribute to minimize the need to access the backup log and enable AWS DMS to prevent truncation using one of the following two methods.\n\n*Start transactions in the database:* This is the default method. When this method is used, AWS DMS prevents TLOG truncation by mimicking a transaction in the database. As long as such a transaction is open, changes that appear after the transaction started aren't truncated. If you need Microsoft Replication to be enabled in your database, then you must choose this method.\n\n*Exclusively use sp_repldone within a single task* : When this method is used, AWS DMS reads the changes and then uses sp_repldone to mark the TLOG transactions as ready for truncation. Although this method doesn't involve any transactional activities, it can only be used when Microsoft Replication isn't running. Also, when using this method, only one AWS DMS task can access the database at any given time. Therefore, if you need to run parallel AWS DMS tasks against the same database, use the default method.", + "title": "SafeguardPolicy", "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::EC2::CapacityReservation.TagSpecification": { - "additionalProperties": false, - "properties": { - "ResourceType": { - "markdownDescription": "The type of resource to tag. Specify `capacity-reservation` .", - "title": "ResourceType", + }, + "SecretsManagerAccessRoleArn": { + "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the SQL Server endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", + "title": "SecretsManagerAccessRoleArn", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to apply to the resource.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, - "AWS::EC2::CapacityReservationFleet": { - "additionalProperties": false, - "properties": { - "Condition": { + "SecretsManagerSecretId": { + "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the MicrosoftSQLServer endpoint connection details.", + "title": "SecretsManagerSecretId", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ServerName": { + "markdownDescription": "Fully qualified domain name of the endpoint. For an Amazon RDS SQL Server instance, this is the output of [DescribeDBInstances](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html) , in the `[Endpoint](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_Endpoint.html) .Address` field.", + "title": "ServerName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "TlogAccessMode": { + "markdownDescription": "Indicates the mode used to fetch CDC data.", + "title": "TlogAccessMode", + "type": "string" }, - "Metadata": { - "type": "object" + "TrimSpaceInChar": { + "markdownDescription": "Use the `TrimSpaceInChar` source endpoint setting to right-trim data on CHAR and NCHAR data types during migration. Setting `TrimSpaceInChar` does not left-trim data. The default value is `true` .", + "title": "TrimSpaceInChar", + "type": "boolean" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AllocationStrategy": { - "markdownDescription": "The strategy used by the Capacity Reservation Fleet to determine which of the specified instance types to use. Currently, only the `prioritized` allocation strategy is supported. For more information, see [Allocation strategy](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/crfleet-concepts.html#allocation-strategy) in the *Amazon EC2 User Guide* .\n\nValid values: `prioritized`", - "title": "AllocationStrategy", - "type": "string" - }, - "EndDate": { - "markdownDescription": "The date and time at which the Capacity Reservation Fleet expires. When the Capacity Reservation Fleet expires, its state changes to `expired` and all of the Capacity Reservations in the Fleet expire.\n\nThe Capacity Reservation Fleet expires within an hour after the specified time. For example, if you specify `5/31/2019` , `13:30:55` , the Capacity Reservation Fleet is guaranteed to expire between `13:30:55` and `14:30:55` on `5/31/2019` .", - "title": "EndDate", - "type": "string" - }, - "InstanceMatchCriteria": { - "markdownDescription": "Indicates the type of instance launches that the Capacity Reservation Fleet accepts. All Capacity Reservations in the Fleet inherit this instance matching criteria.\n\nCurrently, Capacity Reservation Fleets support `open` instance matching criteria only. This means that instances that have matching attributes (instance type, platform, and Availability Zone) run in the Capacity Reservations automatically. Instances do not need to explicitly target a Capacity Reservation Fleet to use its reserved capacity.", - "title": "InstanceMatchCriteria", - "type": "string" - }, - "InstanceTypeSpecifications": { - "items": { - "$ref": "#/definitions/AWS::EC2::CapacityReservationFleet.InstanceTypeSpecification" - }, - "markdownDescription": "Information about the instance types for which to reserve the capacity.", - "title": "InstanceTypeSpecifications", - "type": "array" - }, - "NoRemoveEndDate": { - "markdownDescription": "Used to add an end date to a Capacity Reservation Fleet that has no end date and time. To add an end date to a Capacity Reservation Fleet, specify `true` for this paramater and specify the end date and time (in UTC time format) for the *EndDate* parameter.", - "title": "NoRemoveEndDate", - "type": "boolean" - }, - "RemoveEndDate": { - "markdownDescription": "Used to remove an end date from a Capacity Reservation Fleet that is configured to end automatically at a specific date and time. To remove the end date from a Capacity Reservation Fleet, specify `true` for this paramater and omit the *EndDate* parameter.", - "title": "RemoveEndDate", - "type": "boolean" - }, - "TagSpecifications": { - "items": { - "$ref": "#/definitions/AWS::EC2::CapacityReservationFleet.TagSpecification" - }, - "markdownDescription": "The tags to assign to the Capacity Reservation Fleet. The tags are automatically assigned to the Capacity Reservations in the Fleet.", - "title": "TagSpecifications", - "type": "array" - }, - "Tenancy": { - "markdownDescription": "Indicates the tenancy of the Capacity Reservation Fleet. All Capacity Reservations in the Fleet inherit this tenancy. The Capacity Reservation Fleet can have one of the following tenancy settings:\n\n- `default` - The Capacity Reservation Fleet is created on hardware that is shared with other AWS accounts .\n- `dedicated` - The Capacity Reservations are created on single-tenant hardware that is dedicated to a single AWS account .", - "title": "Tenancy", - "type": "string" - }, - "TotalTargetCapacity": { - "markdownDescription": "The total number of capacity units to be reserved by the Capacity Reservation Fleet. This value, together with the instance type weights that you assign to each instance type used by the Fleet determine the number of instances for which the Fleet reserves capacity. Both values are based on units that make sense for your workload. For more information, see [Total target capacity](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/crfleet-concepts.html#target-capacity) in the *Amazon EC2 User Guide* .", - "title": "TotalTargetCapacity", - "type": "number" - } - }, - "type": "object" + "UseBcpFullLoad": { + "markdownDescription": "Use this to attribute to transfer data for full-load operations using BCP. When the target table contains an identity column that does not exist in the source table, you must disable the use BCP for loading table option.", + "title": "UseBcpFullLoad", + "type": "boolean" }, - "Type": { - "enum": [ - "AWS::EC2::CapacityReservationFleet" - ], - "type": "string" + "UseThirdPartyBackupDevice": { + "markdownDescription": "When this attribute is set to `Y` , DMS processes third-party transaction log backups if they are created in native format.", + "title": "UseThirdPartyBackupDevice", + "type": "boolean" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Username": { + "markdownDescription": "Endpoint connection user name.", + "title": "Username", "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::EC2::CapacityReservationFleet.InstanceTypeSpecification": { + "AWS::DMS::Endpoint.MongoDbSettings": { "additionalProperties": false, "properties": { - "AvailabilityZone": { - "markdownDescription": "The Availability Zone in which the Capacity Reservation Fleet reserves the capacity. A Capacity Reservation Fleet can't span Availability Zones. All instance type specifications that you specify for the Fleet must use the same Availability Zone.", - "title": "AvailabilityZone", + "AuthMechanism": { + "markdownDescription": "The authentication mechanism you use to access the MongoDB source endpoint.\n\nFor the default value, in MongoDB version 2.x, `\"default\"` is `\"mongodb_cr\"` . For MongoDB version 3.x or later, `\"default\"` is `\"scram_sha_1\"` . This setting isn't used when `AuthType` is set to `\"no\"` .", + "title": "AuthMechanism", "type": "string" }, - "AvailabilityZoneId": { - "markdownDescription": "The ID of the Availability Zone in which the Capacity Reservation Fleet reserves the capacity. A Capacity Reservation Fleet can't span Availability Zones. All instance type specifications that you specify for the Fleet must use the same Availability Zone.", - "title": "AvailabilityZoneId", + "AuthSource": { + "markdownDescription": "The MongoDB database name. This setting isn't used when `AuthType` is set to `\"no\"` .\n\nThe default is `\"admin\"` .", + "title": "AuthSource", "type": "string" }, - "EbsOptimized": { - "markdownDescription": "Indicates whether the Capacity Reservation Fleet supports EBS-optimized instances types. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using EBS-optimized instance types.", - "title": "EbsOptimized", - "type": "boolean" + "AuthType": { + "markdownDescription": "The authentication type you use to access the MongoDB source endpoint.\n\nWhen set to `\"no\"` , user name and password parameters are not used and can be empty.", + "title": "AuthType", + "type": "string" }, - "InstancePlatform": { - "markdownDescription": "The type of operating system for which the Capacity Reservation Fleet reserves capacity.", - "title": "InstancePlatform", + "DatabaseName": { + "markdownDescription": "The database name on the MongoDB source endpoint.", + "title": "DatabaseName", "type": "string" }, - "InstanceType": { - "markdownDescription": "The instance type for which the Capacity Reservation Fleet reserves capacity.", - "title": "InstanceType", + "DocsToInvestigate": { + "markdownDescription": "Indicates the number of documents to preview to determine the document organization. Use this setting when `NestingLevel` is set to `\"one\"` .\n\nMust be a positive value greater than `0` . Default value is `1000` .", + "title": "DocsToInvestigate", "type": "string" }, - "Priority": { - "markdownDescription": "The priority to assign to the instance type. This value is used to determine which of the instance types specified for the Fleet should be prioritized for use. A lower value indicates a high priority. For more information, see [Instance type priority](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/crfleet-concepts.html#instance-priority) in the *Amazon EC2 User Guide* .", - "title": "Priority", - "type": "number" + "ExtractDocId": { + "markdownDescription": "Specifies the document ID. Use this setting when `NestingLevel` is set to `\"none\"` .\n\nDefault value is `\"false\"` .", + "title": "ExtractDocId", + "type": "string" }, - "Weight": { - "markdownDescription": "The number of capacity units provided by the specified instance type. This value, together with the total target capacity that you specify for the Fleet determine the number of instances for which the Fleet reserves capacity. Both values are based on units that make sense for your workload. For more information, see [Total target capacity](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/crfleet-concepts.html#target-capacity) in the Amazon EC2 User Guide.\n\nValid Range: Minimum value of `0.001` . Maximum value of `99.999` .", - "title": "Weight", + "NestingLevel": { + "markdownDescription": "Specifies either document or table mode.\n\nDefault value is `\"none\"` . Specify `\"none\"` to use document mode. Specify `\"one\"` to use table mode.", + "title": "NestingLevel", + "type": "string" + }, + "Password": { + "markdownDescription": "The password for the user account you use to access the MongoDB source endpoint.", + "title": "Password", + "type": "string" + }, + "Port": { + "markdownDescription": "The port value for the MongoDB source endpoint.", + "title": "Port", "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::CapacityReservationFleet.TagSpecification": { - "additionalProperties": false, - "properties": { - "ResourceType": { - "markdownDescription": "The type of resource to tag on creation. Specify `capacity-reservation-fleet` .\n\nTo tag a resource after it has been created, see [CreateTags](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTags.html) .", - "title": "ResourceType", + }, + "SecretsManagerAccessRoleArn": { + "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the MongoDB endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", + "title": "SecretsManagerAccessRoleArn", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to apply to the resource.", - "title": "Tags", - "type": "array" + "SecretsManagerSecretId": { + "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the MongoDB endpoint connection details.", + "title": "SecretsManagerSecretId", + "type": "string" + }, + "ServerName": { + "markdownDescription": "The name of the server on the MongoDB source endpoint.", + "title": "ServerName", + "type": "string" + }, + "Username": { + "markdownDescription": "The user name you use to access the MongoDB source endpoint.", + "title": "Username", + "type": "string" } }, "type": "object" }, - "AWS::EC2::CarrierGateway": { + "AWS::DMS::Endpoint.MySqlSettings": { "additionalProperties": false, "properties": { - "Condition": { + "AfterConnectScript": { + "markdownDescription": "Specifies a script to run immediately after AWS DMS connects to the endpoint. The migration task continues running regardless if the SQL statement succeeds or fails.\n\nFor this parameter, provide the code of the script itself, not the name of a file containing the script.", + "title": "AfterConnectScript", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "CleanSourceMetadataOnMismatch": { + "markdownDescription": "Cleans and recreates table metadata information on the replication instance when a mismatch occurs. For example, in a situation where running an alter DDL on the table could result in different information about the table cached in the replication instance.", + "title": "CleanSourceMetadataOnMismatch", + "type": "boolean" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "EventsPollInterval": { + "markdownDescription": "Specifies how often to check the binary log for new changes/events when the database is idle. The default is five seconds.\n\nExample: `eventsPollInterval=5;`\n\nIn the example, AWS DMS checks for changes in the binary logs every five seconds.", + "title": "EventsPollInterval", + "type": "number" }, - "Metadata": { - "type": "object" + "MaxFileSize": { + "markdownDescription": "Specifies the maximum size (in KB) of any .csv file used to transfer data to a MySQL-compatible database.\n\nExample: `maxFileSize=512`", + "title": "MaxFileSize", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags assigned to the carrier gateway.", - "title": "Tags", - "type": "array" - }, - "VpcId": { - "markdownDescription": "The ID of the VPC associated with the carrier gateway.", - "title": "VpcId", - "type": "string" - } - }, - "required": [ - "VpcId" - ], - "type": "object" + "ParallelLoadThreads": { + "markdownDescription": "Improves performance when loading data into the MySQL-compatible target database. Specifies how many threads to use to load the data into the MySQL-compatible target database. Setting a large number of threads can have an adverse effect on database performance, because a separate connection is required for each thread. The default is one.\n\nExample: `parallelLoadThreads=1`", + "title": "ParallelLoadThreads", + "type": "number" }, - "Type": { - "enum": [ - "AWS::EC2::CarrierGateway" - ], + "SecretsManagerAccessRoleArn": { + "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the MySQL endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", + "title": "SecretsManagerAccessRoleArn", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SecretsManagerSecretId": { + "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the MySQL endpoint connection details.", + "title": "SecretsManagerSecretId", + "type": "string" + }, + "ServerTimezone": { + "markdownDescription": "Specifies the time zone for the source MySQL database.\n\nExample: `serverTimezone=US/Pacific;`\n\nNote: Do not enclose time zones in single quotes.", + "title": "ServerTimezone", + "type": "string" + }, + "TargetDbType": { + "markdownDescription": "Specifies where to migrate source tables on the target, either to a single database or multiple databases. If you specify `SPECIFIC_DATABASE` , specify the database name using the `DatabaseName` parameter of the `Endpoint` object.\n\nExample: `targetDbType=MULTIPLE_DATABASES`", + "title": "TargetDbType", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::EC2::ClientVpnAuthorizationRule": { + "AWS::DMS::Endpoint.NeptuneSettings": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "ErrorRetryDuration": { + "markdownDescription": "The number of milliseconds for AWS DMS to wait to retry a bulk-load of migrated graph data to the Neptune target database before raising an error. The default is 250.", + "title": "ErrorRetryDuration", + "type": "number" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "IamAuthEnabled": { + "markdownDescription": "If you want IAM authorization enabled for this endpoint, set this parameter to `true` . Then attach the appropriate IAM policy document to your service role specified by `ServiceAccessRoleArn` . The default is `false` .", + "title": "IamAuthEnabled", + "type": "boolean" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "MaxFileSize": { + "markdownDescription": "The maximum size in kilobytes of migrated graph data stored in a .csv file before AWS DMS bulk-loads the data to the Neptune target database. The default is 1,048,576 KB. If the bulk load is successful, AWS DMS clears the bucket, ready to store the next batch of migrated graph data.", + "title": "MaxFileSize", + "type": "number" }, - "Metadata": { - "type": "object" + "MaxRetryCount": { + "markdownDescription": "The number of times for AWS DMS to retry a bulk load of migrated graph data to the Neptune target database before raising an error. The default is 5.", + "title": "MaxRetryCount", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AccessGroupId": { - "markdownDescription": "The ID of the group to grant access to, for example, the Active Directory group or identity provider (IdP) group. Required if `AuthorizeAllGroups` is `false` or not specified.", - "title": "AccessGroupId", - "type": "string" - }, - "AuthorizeAllGroups": { - "markdownDescription": "Indicates whether to grant access to all clients. Specify `true` to grant all clients who successfully establish a VPN connection access to the network. Must be set to `true` if `AccessGroupId` is not specified.", - "title": "AuthorizeAllGroups", - "type": "boolean" - }, - "ClientVpnEndpointId": { - "markdownDescription": "The ID of the Client VPN endpoint.", - "title": "ClientVpnEndpointId", - "type": "string" - }, - "Description": { - "markdownDescription": "A brief description of the authorization rule.", - "title": "Description", - "type": "string" - }, - "TargetNetworkCidr": { - "markdownDescription": "The IPv4 address range, in CIDR notation, of the network for which access is being authorized.", - "title": "TargetNetworkCidr", - "type": "string" - } - }, - "required": [ - "ClientVpnEndpointId", - "TargetNetworkCidr" - ], - "type": "object" + "S3BucketFolder": { + "markdownDescription": "A folder path where you want AWS DMS to store migrated graph data in the S3 bucket specified by `S3BucketName`", + "title": "S3BucketFolder", + "type": "string" }, - "Type": { - "enum": [ - "AWS::EC2::ClientVpnAuthorizationRule" - ], + "S3BucketName": { + "markdownDescription": "The name of the Amazon S3 bucket where AWS DMS can temporarily store migrated graph data in .csv files before bulk-loading it to the Neptune target database. AWS DMS maps the SQL source data to graph data before storing it in these .csv files.", + "title": "S3BucketName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ServiceAccessRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the service role that you created for the Neptune target endpoint. The role must allow the `iam:PassRole` action.\n\nFor more information, see [Creating an IAM Service Role for Accessing Amazon Neptune as a Target](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Neptune.html#CHAP_Target.Neptune.ServiceRole) in the *AWS Database Migration Service User Guide* .", + "title": "ServiceAccessRoleArn", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::EC2::ClientVpnEndpoint": { + "AWS::DMS::Endpoint.OracleSettings": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "AccessAlternateDirectly": { + "markdownDescription": "Set this attribute to `false` in order to use the Binary Reader to capture change data for an Amazon RDS for Oracle as the source. This tells the DMS instance to not access redo logs through any specified path prefix replacement using direct file access.", + "title": "AccessAlternateDirectly", + "type": "boolean" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "AddSupplementalLogging": { + "markdownDescription": "Set this attribute to set up table-level supplemental logging for the Oracle database. This attribute enables PRIMARY KEY supplemental logging on all tables selected for a migration task.\n\nIf you use this option, you still need to enable database-level supplemental logging.", + "title": "AddSupplementalLogging", + "type": "boolean" }, - "Metadata": { - "type": "object" + "AdditionalArchivedLogDestId": { + "markdownDescription": "Set this attribute with `ArchivedLogDestId` in a primary/ standby setup. This attribute is useful in the case of a switchover. In this case, AWS DMS needs to know which destination to get archive redo logs from to read changes. This need arises because the previous primary instance is now a standby instance after switchover.\n\nAlthough AWS DMS supports the use of the Oracle `RESETLOGS` option to open the database, never use `RESETLOGS` unless necessary. For additional information about `RESETLOGS` , see [RMAN Data Repair Concepts](https://docs.aws.amazon.com/https://docs.oracle.com/en/database/oracle/oracle-database/19/bradv/rman-data-repair-concepts.html#GUID-1805CCF7-4AF2-482D-B65A-998192F89C2B) in the *Oracle Database Backup and Recovery User's Guide* .", + "title": "AdditionalArchivedLogDestId", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AuthenticationOptions": { - "items": { - "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.ClientAuthenticationRequest" - }, - "markdownDescription": "Information about the authentication method to be used to authenticate clients.", - "title": "AuthenticationOptions", - "type": "array" - }, - "ClientCidrBlock": { - "markdownDescription": "The IPv4 address range, in CIDR notation, from which to assign client IP addresses. The address range cannot overlap with the local CIDR of the VPC in which the associated subnet is located, or the routes that you add manually. The address range cannot be changed after the Client VPN endpoint has been created. Client CIDR range must have a size of at least /22 and must not be greater than /12.", - "title": "ClientCidrBlock", - "type": "string" - }, - "ClientConnectOptions": { - "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.ClientConnectOptions", - "markdownDescription": "The options for managing connection authorization for new client connections.", - "title": "ClientConnectOptions" - }, - "ClientLoginBannerOptions": { - "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.ClientLoginBannerOptions", - "markdownDescription": "Options for enabling a customizable text banner that will be displayed on AWS provided clients when a VPN session is established.", - "title": "ClientLoginBannerOptions" - }, - "ConnectionLogOptions": { - "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.ConnectionLogOptions", - "markdownDescription": "Information about the client connection logging options.\n\nIf you enable client connection logging, data about client connections is sent to a Cloudwatch Logs log stream. The following information is logged:\n\n- Client connection requests\n- Client connection results (successful and unsuccessful)\n- Reasons for unsuccessful client connection requests\n- Client connection termination time", - "title": "ConnectionLogOptions" - }, - "Description": { - "markdownDescription": "A brief description of the Client VPN endpoint.", - "title": "Description", - "type": "string" - }, - "DnsServers": { - "items": { - "type": "string" - }, - "markdownDescription": "Information about the DNS servers to be used for DNS resolution. A Client VPN endpoint can have up to two DNS servers. If no DNS server is specified, the DNS address configured on the device is used for the DNS server.", - "title": "DnsServers", - "type": "array" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of one or more security groups to apply to the target network. You must also specify the ID of the VPC that contains the security groups.", - "title": "SecurityGroupIds", - "type": "array" - }, - "SelfServicePortal": { - "markdownDescription": "Specify whether to enable the self-service portal for the Client VPN endpoint.\n\nDefault Value: `enabled`", - "title": "SelfServicePortal", - "type": "string" - }, - "ServerCertificateArn": { - "markdownDescription": "The ARN of the server certificate. For more information, see the [AWS Certificate Manager User Guide](https://docs.aws.amazon.com/acm/latest/userguide/) .", - "title": "ServerCertificateArn", - "type": "string" - }, - "SessionTimeoutHours": { - "markdownDescription": "The maximum VPN session duration time in hours.\n\nValid values: `8 | 10 | 12 | 24`\n\nDefault value: `24`", - "title": "SessionTimeoutHours", - "type": "number" - }, - "SplitTunnel": { - "markdownDescription": "Indicates whether split-tunnel is enabled on the AWS Client VPN endpoint.\n\nBy default, split-tunnel on a VPN endpoint is disabled.\n\nFor information about split-tunnel VPN endpoints, see [Split-tunnel AWS Client VPN endpoint](https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/split-tunnel-vpn.html) in the *AWS Client VPN Administrator Guide* .", - "title": "SplitTunnel", - "type": "boolean" - }, - "TagSpecifications": { - "items": { - "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.TagSpecification" - }, - "markdownDescription": "The tags to apply to the Client VPN endpoint during creation.", - "title": "TagSpecifications", - "type": "array" - }, - "TransportProtocol": { - "markdownDescription": "The transport protocol to be used by the VPN session.\n\nDefault value: `udp`", - "title": "TransportProtocol", - "type": "string" - }, - "VpcId": { - "markdownDescription": "The ID of the VPC to associate with the Client VPN endpoint. If no security group IDs are specified in the request, the default security group for the VPC is applied.", - "title": "VpcId", - "type": "string" - }, - "VpnPort": { - "markdownDescription": "The port number to assign to the Client VPN endpoint for TCP and UDP traffic.\n\nValid Values: `443` | `1194`\n\nDefault Value: `443`", - "title": "VpnPort", - "type": "number" - } + "AllowSelectNestedTables": { + "markdownDescription": "Set this attribute to `true` to enable replication of Oracle tables containing columns that are nested tables or defined types.", + "title": "AllowSelectNestedTables", + "type": "boolean" + }, + "ArchivedLogDestId": { + "markdownDescription": "Specifies the ID of the destination for the archived redo logs. This value should be the same as a number in the dest_id column of the v$archived_log view. If you work with an additional redo log destination, use the `AdditionalArchivedLogDestId` option to specify the additional destination ID. Doing this improves performance by ensuring that the correct logs are accessed from the outset.", + "title": "ArchivedLogDestId", + "type": "number" + }, + "ArchivedLogsOnly": { + "markdownDescription": "When this field is set to `True` , AWS DMS only accesses the archived redo logs. If the archived redo logs are stored on Automatic Storage Management (ASM) only, the AWS DMS user account needs to be granted ASM privileges.", + "title": "ArchivedLogsOnly", + "type": "boolean" + }, + "AsmPassword": { + "markdownDescription": "For an Oracle source endpoint, your Oracle Automatic Storage Management (ASM) password. You can set this value from the `*asm_user_password*` value. You set this value as part of the comma-separated value that you set to the `Password` request parameter when you create the endpoint to access transaction logs using Binary Reader. For more information, see [Configuration for change data capture (CDC) on an Oracle source database](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.CDC.Configuration) .", + "title": "AsmPassword", + "type": "string" + }, + "AsmServer": { + "markdownDescription": "For an Oracle source endpoint, your ASM server address. You can set this value from the `asm_server` value. You set `asm_server` as part of the extra connection attribute string to access an Oracle server with Binary Reader that uses ASM. For more information, see [Configuration for change data capture (CDC) on an Oracle source database](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.CDC.Configuration) .", + "title": "AsmServer", + "type": "string" + }, + "AsmUser": { + "markdownDescription": "For an Oracle source endpoint, your ASM user name. You can set this value from the `asm_user` value. You set `asm_user` as part of the extra connection attribute string to access an Oracle server with Binary Reader that uses ASM. For more information, see [Configuration for change data capture (CDC) on an Oracle source database](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.CDC.Configuration) .", + "title": "AsmUser", + "type": "string" + }, + "CharLengthSemantics": { + "markdownDescription": "Specifies whether the length of a character column is in bytes or in characters. To indicate that the character column length is in characters, set this attribute to `CHAR` . Otherwise, the character column length is in bytes.\n\nExample: `charLengthSemantics=CHAR;`", + "title": "CharLengthSemantics", + "type": "string" + }, + "DirectPathNoLog": { + "markdownDescription": "When set to `true` , this attribute helps to increase the commit rate on the Oracle target database by writing directly to tables and not writing a trail to database logs.", + "title": "DirectPathNoLog", + "type": "boolean" + }, + "DirectPathParallelLoad": { + "markdownDescription": "When set to `true` , this attribute specifies a parallel load when `useDirectPathFullLoad` is set to `Y` . This attribute also only applies when you use the AWS DMS parallel load feature. Note that the target table cannot have any constraints or indexes.", + "title": "DirectPathParallelLoad", + "type": "boolean" + }, + "EnableHomogenousTablespace": { + "markdownDescription": "Set this attribute to enable homogenous tablespace replication and create existing tables or indexes under the same tablespace on the target.", + "title": "EnableHomogenousTablespace", + "type": "boolean" + }, + "ExtraArchivedLogDestIds": { + "items": { + "type": "number" }, - "required": [ - "AuthenticationOptions", - "ClientCidrBlock", - "ConnectionLogOptions", - "ServerCertificateArn" - ], - "type": "object" + "markdownDescription": "Specifies the IDs of one more destinations for one or more archived redo logs. These IDs are the values of the `dest_id` column in the `v$archived_log` view. Use this setting with the `archivedLogDestId` extra connection attribute in a primary-to-single setup or a primary-to-multiple-standby setup.\n\nThis setting is useful in a switchover when you use an Oracle Data Guard database as a source. In this case, AWS DMS needs information about what destination to get archive redo logs from to read changes. AWS DMS needs this because after the switchover the previous primary is a standby instance. For example, in a primary-to-single standby setup you might apply the following settings.\n\n`archivedLogDestId=1; ExtraArchivedLogDestIds=[2]`\n\nIn a primary-to-multiple-standby setup, you might apply the following settings.\n\n`archivedLogDestId=1; ExtraArchivedLogDestIds=[2,3,4]`\n\nAlthough AWS DMS supports the use of the Oracle `RESETLOGS` option to open the database, never use `RESETLOGS` unless it's necessary. For more information about `RESETLOGS` , see [RMAN Data Repair Concepts](https://docs.aws.amazon.com/https://docs.oracle.com/en/database/oracle/oracle-database/19/bradv/rman-data-repair-concepts.html#GUID-1805CCF7-4AF2-482D-B65A-998192F89C2B) in the *Oracle Database Backup and Recovery User's Guide* .", + "title": "ExtraArchivedLogDestIds", + "type": "array" }, - "Type": { - "enum": [ - "AWS::EC2::ClientVpnEndpoint" - ], + "FailTasksOnLobTruncation": { + "markdownDescription": "When set to `true` , this attribute causes a task to fail if the actual size of an LOB column is greater than the specified `LobMaxSize` .\n\nIf a task is set to limited LOB mode and this option is set to `true` , the task fails instead of truncating the LOB data.", + "title": "FailTasksOnLobTruncation", + "type": "boolean" + }, + "NumberDatatypeScale": { + "markdownDescription": "Specifies the number scale. You can select a scale up to 38, or you can select FLOAT. By default, the NUMBER data type is converted to precision 38, scale 10.\n\nExample: `numberDataTypeScale=12`", + "title": "NumberDatatypeScale", + "type": "number" + }, + "OraclePathPrefix": { + "markdownDescription": "Set this string attribute to the required value in order to use the Binary Reader to capture change data for an Amazon RDS for Oracle as the source. This value specifies the default Oracle root used to access the redo logs.", + "title": "OraclePathPrefix", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ParallelAsmReadThreads": { + "markdownDescription": "Set this attribute to change the number of threads that DMS configures to perform a change data capture (CDC) load using Oracle Automatic Storage Management (ASM). You can specify an integer value between 2 (the default) and 8 (the maximum). Use this attribute together with the `readAheadBlocks` attribute.", + "title": "ParallelAsmReadThreads", + "type": "number" + }, + "ReadAheadBlocks": { + "markdownDescription": "Set this attribute to change the number of read-ahead blocks that DMS configures to perform a change data capture (CDC) load using Oracle Automatic Storage Management (ASM). You can specify an integer value between 1000 (the default) and 200,000 (the maximum).", + "title": "ReadAheadBlocks", + "type": "number" + }, + "ReadTableSpaceName": { + "markdownDescription": "When set to `true` , this attribute supports tablespace replication.", + "title": "ReadTableSpaceName", + "type": "boolean" + }, + "ReplacePathPrefix": { + "markdownDescription": "Set this attribute to true in order to use the Binary Reader to capture change data for an Amazon RDS for Oracle as the source. This setting tells DMS instance to replace the default Oracle root with the specified `usePathPrefix` setting to access the redo logs.", + "title": "ReplacePathPrefix", + "type": "boolean" + }, + "RetryInterval": { + "markdownDescription": "Specifies the number of seconds that the system waits before resending a query.\n\nExample: `retryInterval=6;`", + "title": "RetryInterval", + "type": "number" + }, + "SecretsManagerAccessRoleArn": { + "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the Oracle endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", + "title": "SecretsManagerAccessRoleArn", + "type": "string" + }, + "SecretsManagerOracleAsmAccessRoleArn": { + "markdownDescription": "Required only if your Oracle endpoint uses Advanced Storage Manager (ASM). The full ARN of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the `SecretsManagerOracleAsmSecret` . This `SecretsManagerOracleAsmSecret` has the secret value that allows access to the Oracle ASM of the endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerOracleAsmSecretId` . Or you can specify clear-text values for `AsmUser` , `AsmPassword` , and `AsmServerName` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerOracleAsmSecret` , the corresponding `SecretsManagerOracleAsmAccessRoleArn` , and the `SecretsManagerOracleAsmSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", + "title": "SecretsManagerOracleAsmAccessRoleArn", + "type": "string" + }, + "SecretsManagerOracleAsmSecretId": { + "markdownDescription": "Required only if your Oracle endpoint uses Advanced Storage Manager (ASM). The full ARN, partial ARN, or display name of the `SecretsManagerOracleAsmSecret` that contains the Oracle ASM connection details for the Oracle endpoint.", + "title": "SecretsManagerOracleAsmSecretId", + "type": "string" + }, + "SecretsManagerSecretId": { + "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the Oracle endpoint connection details.", + "title": "SecretsManagerSecretId", + "type": "string" + }, + "SecurityDbEncryption": { + "markdownDescription": "For an Oracle source endpoint, the transparent data encryption (TDE) password required by AWM DMS to access Oracle redo logs encrypted by TDE using Binary Reader. It is also the `*TDE_Password*` part of the comma-separated value you set to the `Password` request parameter when you create the endpoint. The `SecurityDbEncryptian` setting is related to this `SecurityDbEncryptionName` setting. For more information, see [Supported encryption methods for using Oracle as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.Encryption) in the *AWS Database Migration Service User Guide* .", + "title": "SecurityDbEncryption", + "type": "string" + }, + "SecurityDbEncryptionName": { + "markdownDescription": "For an Oracle source endpoint, the name of a key used for the transparent data encryption (TDE) of the columns and tablespaces in an Oracle source database that is encrypted using TDE. The key value is the value of the `SecurityDbEncryption` setting. For more information on setting the key name value of `SecurityDbEncryptionName` , see the information and example for setting the `securityDbEncryptionName` extra connection attribute in [Supported encryption methods for using Oracle as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.Encryption) in the *AWS Database Migration Service User Guide* .", + "title": "SecurityDbEncryptionName", + "type": "string" + }, + "SpatialDataOptionToGeoJsonFunctionName": { + "markdownDescription": "Use this attribute to convert `SDO_GEOMETRY` to `GEOJSON` format. By default, DMS calls the `SDO2GEOJSON` custom function if present and accessible. Or you can create your own custom function that mimics the operation of `SDOGEOJSON` and set `SpatialDataOptionToGeoJsonFunctionName` to call it instead.", + "title": "SpatialDataOptionToGeoJsonFunctionName", + "type": "string" + }, + "StandbyDelayTime": { + "markdownDescription": "Use this attribute to specify a time in minutes for the delay in standby sync. If the source is an Oracle Active Data Guard standby database, use this attribute to specify the time lag between primary and standby databases.\n\nIn AWS DMS , you can create an Oracle CDC task that uses an Active Data Guard standby instance as a source for replicating ongoing changes. Doing this eliminates the need to connect to an active database that might be in production.", + "title": "StandbyDelayTime", + "type": "number" + }, + "UseAlternateFolderForOnline": { + "markdownDescription": "Set this attribute to `true` in order to use the Binary Reader to capture change data for an Amazon RDS for Oracle as the source. This tells the DMS instance to use any specified prefix replacement to access all online redo logs.", + "title": "UseAlternateFolderForOnline", + "type": "boolean" + }, + "UseBFile": { + "markdownDescription": "Set this attribute to True to capture change data using the Binary Reader utility. Set `UseLogminerReader` to False to set this attribute to True. To use Binary Reader with Amazon RDS for Oracle as the source, you set additional attributes. For more information about using this setting with Oracle Automatic Storage Management (ASM), see [Using Oracle LogMiner or AWS DMS Binary Reader for CDC](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.CDC) .", + "title": "UseBFile", + "type": "boolean" + }, + "UseDirectPathFullLoad": { + "markdownDescription": "Set this attribute to True to have AWS DMS use a direct path full load. Specify this value to use the direct path protocol in the Oracle Call Interface (OCI). By using this OCI protocol, you can bulk-load Oracle target tables during a full load.", + "title": "UseDirectPathFullLoad", + "type": "boolean" + }, + "UseLogminerReader": { + "markdownDescription": "Set this attribute to True to capture change data using the Oracle LogMiner utility (the default). Set this attribute to False if you want to access the redo logs as a binary file. When you set `UseLogminerReader` to False, also set `UseBfile` to True. For more information on this setting and using Oracle ASM, see [Using Oracle LogMiner or AWS DMS Binary Reader for CDC](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.CDC) in the *AWS DMS User Guide* .", + "title": "UseLogminerReader", + "type": "boolean" + }, + "UsePathPrefix": { + "markdownDescription": "Set this string attribute to the required value in order to use the Binary Reader to capture change data for an Amazon RDS for Oracle as the source. This value specifies the path prefix used to replace the default Oracle root to access the redo logs.", + "title": "UsePathPrefix", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::EC2::ClientVpnEndpoint.CertificateAuthenticationRequest": { + "AWS::DMS::Endpoint.PostgreSqlSettings": { "additionalProperties": false, "properties": { - "ClientRootCertificateChainArn": { - "markdownDescription": "The ARN of the client certificate. The certificate must be signed by a certificate authority (CA) and it must be provisioned in AWS Certificate Manager (ACM).", - "title": "ClientRootCertificateChainArn", + "AfterConnectScript": { + "markdownDescription": "For use with change data capture (CDC) only, this attribute has AWS DMS bypass foreign keys and user triggers to reduce the time it takes to bulk load data.\n\nExample: `afterConnectScript=SET session_replication_role='replica'`", + "title": "AfterConnectScript", + "type": "string" + }, + "BabelfishDatabaseName": { + "markdownDescription": "The Babelfish for Aurora PostgreSQL database name for the endpoint.", + "title": "BabelfishDatabaseName", + "type": "string" + }, + "CaptureDdls": { + "markdownDescription": "To capture DDL events, AWS DMS creates various artifacts in the PostgreSQL database when the task starts. You can later remove these artifacts.\n\nIf this value is set to `True` , you don't have to create tables or triggers on the source database.", + "title": "CaptureDdls", + "type": "boolean" + }, + "DatabaseMode": { + "markdownDescription": "Specifies the default behavior of the replication's handling of PostgreSQL- compatible endpoints that require some additional configuration, such as Babelfish endpoints.", + "title": "DatabaseMode", + "type": "string" + }, + "DdlArtifactsSchema": { + "markdownDescription": "The schema in which the operational DDL database artifacts are created.\n\nThe default value is `public` .\n\nExample: `ddlArtifactsSchema=xyzddlschema;`", + "title": "DdlArtifactsSchema", + "type": "string" + }, + "ExecuteTimeout": { + "markdownDescription": "Sets the client statement timeout for the PostgreSQL instance, in seconds. The default value is 60 seconds.\n\nExample: `executeTimeout=100;`", + "title": "ExecuteTimeout", + "type": "number" + }, + "FailTasksOnLobTruncation": { + "markdownDescription": "When set to `true` , this value causes a task to fail if the actual size of a LOB column is greater than the specified `LobMaxSize` .\n\nThe default value is `false` .\n\nIf task is set to Limited LOB mode and this option is set to true, the task fails instead of truncating the LOB data.", + "title": "FailTasksOnLobTruncation", + "type": "boolean" + }, + "HeartbeatEnable": { + "markdownDescription": "The write-ahead log (WAL) heartbeat feature mimics a dummy transaction. By doing this, it prevents idle logical replication slots from holding onto old WAL logs, which can result in storage full situations on the source. This heartbeat keeps `restart_lsn` moving and prevents storage full scenarios.\n\nThe default value is `false` .", + "title": "HeartbeatEnable", + "type": "boolean" + }, + "HeartbeatFrequency": { + "markdownDescription": "Sets the WAL heartbeat frequency (in minutes).\n\nThe default value is 5 minutes.", + "title": "HeartbeatFrequency", + "type": "number" + }, + "HeartbeatSchema": { + "markdownDescription": "Sets the schema in which the heartbeat artifacts are created.\n\nThe default value is `public` .", + "title": "HeartbeatSchema", + "type": "string" + }, + "MapBooleanAsBoolean": { + "markdownDescription": "When true, lets PostgreSQL migrate the boolean type as boolean. By default, PostgreSQL migrates booleans as `varchar(5)` . You must set this setting on both the source and target endpoints for it to take effect.\n\nThe default value is `false` .", + "title": "MapBooleanAsBoolean", + "type": "boolean" + }, + "MaxFileSize": { + "markdownDescription": "Specifies the maximum size (in KB) of any .csv file used to transfer data to PostgreSQL.\n\nThe default value is 32,768 KB (32 MB).\n\nExample: `maxFileSize=512`", + "title": "MaxFileSize", + "type": "number" + }, + "PluginName": { + "markdownDescription": "Specifies the plugin to use to create a replication slot.\n\nThe default value is `pglogical` .", + "title": "PluginName", + "type": "string" + }, + "SecretsManagerAccessRoleArn": { + "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the PostgreSQL endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", + "title": "SecretsManagerAccessRoleArn", + "type": "string" + }, + "SecretsManagerSecretId": { + "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the PostgreSQL endpoint connection details.", + "title": "SecretsManagerSecretId", + "type": "string" + }, + "SlotName": { + "markdownDescription": "Sets the name of a previously created logical replication slot for a change data capture (CDC) load of the PostgreSQL source instance.\n\nWhen used with the `CdcStartPosition` request parameter for the AWS DMS API , this attribute also makes it possible to use native CDC start points. DMS verifies that the specified logical replication slot exists before starting the CDC load task. It also verifies that the task was created with a valid setting of `CdcStartPosition` . If the specified slot doesn't exist or the task doesn't have a valid `CdcStartPosition` setting, DMS raises an error.\n\nFor more information about setting the `CdcStartPosition` request parameter, see [Determining a CDC native start point](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Task.CDC.html#CHAP_Task.CDC.StartPoint.Native) in the *AWS Database Migration Service User Guide* . For more information about using `CdcStartPosition` , see [CreateReplicationTask](https://docs.aws.amazon.com/dms/latest/APIReference/API_CreateReplicationTask.html) , [StartReplicationTask](https://docs.aws.amazon.com/dms/latest/APIReference/API_StartReplicationTask.html) , and [ModifyReplicationTask](https://docs.aws.amazon.com/dms/latest/APIReference/API_ModifyReplicationTask.html) .", + "title": "SlotName", "type": "string" } }, - "required": [ - "ClientRootCertificateChainArn" - ], "type": "object" }, - "AWS::EC2::ClientVpnEndpoint.ClientAuthenticationRequest": { + "AWS::DMS::Endpoint.RedisSettings": { "additionalProperties": false, "properties": { - "ActiveDirectory": { - "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.DirectoryServiceAuthenticationRequest", - "markdownDescription": "Information about the Active Directory to be used, if applicable. You must provide this information if *Type* is `directory-service-authentication` .", - "title": "ActiveDirectory" + "AuthPassword": { + "markdownDescription": "The password provided with the `auth-role` and `auth-token` options of the `AuthType` setting for a Redis target endpoint.", + "title": "AuthPassword", + "type": "string" }, - "FederatedAuthentication": { - "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.FederatedAuthenticationRequest", - "markdownDescription": "Information about the IAM SAML identity provider, if applicable.", - "title": "FederatedAuthentication" + "AuthType": { + "markdownDescription": "The type of authentication to perform when connecting to a Redis target. Options include `none` , `auth-token` , and `auth-role` . The `auth-token` option requires an `AuthPassword` value to be provided. The `auth-role` option requires `AuthUserName` and `AuthPassword` values to be provided.", + "title": "AuthType", + "type": "string" }, - "MutualAuthentication": { - "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.CertificateAuthenticationRequest", - "markdownDescription": "Information about the authentication certificates to be used, if applicable. You must provide this information if *Type* is `certificate-authentication` .", - "title": "MutualAuthentication" + "AuthUserName": { + "markdownDescription": "The user name provided with the `auth-role` option of the `AuthType` setting for a Redis target endpoint.", + "title": "AuthUserName", + "type": "string" }, - "Type": { - "markdownDescription": "The type of client authentication to be used.", - "title": "Type", + "Port": { + "markdownDescription": "Transmission Control Protocol (TCP) port for the endpoint.", + "title": "Port", + "type": "number" + }, + "ServerName": { + "markdownDescription": "Fully qualified domain name of the endpoint.", + "title": "ServerName", + "type": "string" + }, + "SslCaCertificateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the certificate authority (CA) that DMS uses to connect to your Redis target endpoint.", + "title": "SslCaCertificateArn", + "type": "string" + }, + "SslSecurityProtocol": { + "markdownDescription": "The connection to a Redis target endpoint using Transport Layer Security (TLS). Valid values include `plaintext` and `ssl-encryption` . The default is `ssl-encryption` . The `ssl-encryption` option makes an encrypted connection. Optionally, you can identify an Amazon Resource Name (ARN) for an SSL certificate authority (CA) using the `SslCaCertificateArn` setting. If an ARN isn't given for a CA, DMS uses the Amazon root CA.\n\nThe `plaintext` option doesn't provide Transport Layer Security (TLS) encryption for traffic between endpoint and database.", + "title": "SslSecurityProtocol", "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::EC2::ClientVpnEndpoint.ClientConnectOptions": { + "AWS::DMS::Endpoint.RedshiftSettings": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Indicates whether client connect options are enabled. The default is `false` (not enabled).", - "title": "Enabled", + "AcceptAnyDate": { + "markdownDescription": "A value that indicates to allow any date format, including invalid formats such as 00/00/00 00:00:00, to be loaded without generating an error. You can choose `true` or `false` (the default).\n\nThis parameter applies only to TIMESTAMP and DATE columns. Always use ACCEPTANYDATE with the DATEFORMAT parameter. If the date format for the data doesn't match the DATEFORMAT specification, Amazon Redshift inserts a NULL value into that field.", + "title": "AcceptAnyDate", "type": "boolean" }, - "LambdaFunctionArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Lambda function used for connection authorization.", - "title": "LambdaFunctionArn", + "AfterConnectScript": { + "markdownDescription": "Code to run after connecting. This parameter should contain the code itself, not the name of a file containing the code.", + "title": "AfterConnectScript", "type": "string" - } - }, - "required": [ - "Enabled" - ], - "type": "object" - }, - "AWS::EC2::ClientVpnEndpoint.ClientLoginBannerOptions": { - "additionalProperties": false, - "properties": { - "BannerText": { - "markdownDescription": "Customizable text that will be displayed in a banner on AWS provided clients when a VPN session is established. UTF-8 encoded characters only. Maximum of 1400 characters.", - "title": "BannerText", + }, + "BucketFolder": { + "markdownDescription": "An S3 folder where the comma-separated-value (.csv) files are stored before being uploaded to the target Redshift cluster.\n\nFor full load mode, AWS DMS converts source records into .csv files and loads them to the *BucketFolder/TableID* path. AWS DMS uses the Redshift `COPY` command to upload the .csv files to the target table. The files are deleted once the `COPY` operation has finished. For more information, see [COPY](https://docs.aws.amazon.com/redshift/latest/dg/r_COPY.html) in the *Amazon Redshift Database Developer Guide* .\n\nFor change-data-capture (CDC) mode, AWS DMS creates a *NetChanges* table, and loads the .csv files to this *BucketFolder/NetChangesTableID* path.", + "title": "BucketFolder", "type": "string" }, - "Enabled": { - "markdownDescription": "Enable or disable a customizable text banner that will be displayed on AWS provided clients when a VPN session is established.\n\nValid values: `true | false`\n\nDefault value: `false`", - "title": "Enabled", + "BucketName": { + "markdownDescription": "The name of the intermediate S3 bucket used to store .csv files before uploading data to Redshift.", + "title": "BucketName", + "type": "string" + }, + "CaseSensitiveNames": { + "markdownDescription": "If Amazon Redshift is configured to support case sensitive schema names, set `CaseSensitiveNames` to `true` . The default is `false` .", + "title": "CaseSensitiveNames", "type": "boolean" - } - }, - "required": [ - "Enabled" - ], - "type": "object" - }, - "AWS::EC2::ClientVpnEndpoint.ConnectionLogOptions": { - "additionalProperties": false, - "properties": { - "CloudwatchLogGroup": { - "markdownDescription": "The name of the CloudWatch Logs log group. Required if connection logging is enabled.", - "title": "CloudwatchLogGroup", + }, + "CompUpdate": { + "markdownDescription": "If you set `CompUpdate` to `true` Amazon Redshift applies automatic compression if the table is empty. This applies even if the table columns already have encodings other than `RAW` . If you set `CompUpdate` to `false` , automatic compression is disabled and existing column encodings aren't changed. The default is `true` .", + "title": "CompUpdate", + "type": "boolean" + }, + "ConnectionTimeout": { + "markdownDescription": "A value that sets the amount of time to wait (in milliseconds) before timing out, beginning from when you initially establish a connection.", + "title": "ConnectionTimeout", + "type": "number" + }, + "DateFormat": { + "markdownDescription": "The date format that you are using. Valid values are `auto` (case-sensitive), your date format string enclosed in quotes, or NULL. If this parameter is left unset (NULL), it defaults to a format of 'YYYY-MM-DD'. Using `auto` recognizes most strings, even some that aren't supported when you use a date format string.\n\nIf your date and time values use formats different from each other, set this to `auto` .", + "title": "DateFormat", "type": "string" }, - "CloudwatchLogStream": { - "markdownDescription": "The name of the CloudWatch Logs log stream to which the connection data is published.", - "title": "CloudwatchLogStream", + "EmptyAsNull": { + "markdownDescription": "A value that specifies whether AWS DMS should migrate empty CHAR and VARCHAR fields as NULL. A value of `true` sets empty CHAR and VARCHAR fields to null. The default is `false` .", + "title": "EmptyAsNull", + "type": "boolean" + }, + "EncryptionMode": { + "markdownDescription": "The type of server-side encryption that you want to use for your data. This encryption type is part of the endpoint settings or the extra connections attributes for Amazon S3. You can choose either `SSE_S3` (the default) or `SSE_KMS` .\n\n> For the `ModifyEndpoint` operation, you can change the existing value of the `EncryptionMode` parameter from `SSE_KMS` to `SSE_S3` . But you can\u2019t change the existing value from `SSE_S3` to `SSE_KMS` . \n\nTo use `SSE_S3` , create an AWS Identity and Access Management (IAM) role with a policy that allows `\"arn:aws:s3:::*\"` to use the following actions: `\"s3:PutObject\", \"s3:ListBucket\"`", + "title": "EncryptionMode", "type": "string" }, - "Enabled": { - "markdownDescription": "Indicates whether connection logging is enabled.", - "title": "Enabled", + "ExplicitIds": { + "markdownDescription": "This setting is only valid for a full-load migration task. Set `ExplicitIds` to `true` to have tables with `IDENTITY` columns override their auto-generated values with explicit values loaded from the source data files used to populate the tables. The default is `false` .", + "title": "ExplicitIds", "type": "boolean" - } - }, - "required": [ - "Enabled" - ], - "type": "object" - }, - "AWS::EC2::ClientVpnEndpoint.DirectoryServiceAuthenticationRequest": { - "additionalProperties": false, - "properties": { - "DirectoryId": { - "markdownDescription": "The ID of the Active Directory to be used for authentication.", - "title": "DirectoryId", + }, + "FileTransferUploadStreams": { + "markdownDescription": "The number of threads used to upload a single file. This parameter accepts a value from 1 through 64. It defaults to 10.\n\nThe number of parallel streams used to upload a single .csv file to an S3 bucket using S3 Multipart Upload. For more information, see [Multipart upload overview](https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html) .\n\n`FileTransferUploadStreams` accepts a value from 1 through 64. It defaults to 10.", + "title": "FileTransferUploadStreams", + "type": "number" + }, + "LoadTimeout": { + "markdownDescription": "The amount of time to wait (in milliseconds) before timing out of operations performed by AWS DMS on a Redshift cluster, such as Redshift COPY, INSERT, DELETE, and UPDATE.", + "title": "LoadTimeout", + "type": "number" + }, + "MapBooleanAsBoolean": { + "markdownDescription": "When true, lets Redshift migrate the boolean type as boolean. By default, Redshift migrates booleans as `varchar(1)` . You must set this setting on both the source and target endpoints for it to take effect.", + "title": "MapBooleanAsBoolean", + "type": "boolean" + }, + "MaxFileSize": { + "markdownDescription": "The maximum size (in KB) of any .csv file used to load data on an S3 bucket and transfer data to Amazon Redshift. It defaults to 1048576KB (1 GB).", + "title": "MaxFileSize", + "type": "number" + }, + "RemoveQuotes": { + "markdownDescription": "A value that specifies to remove surrounding quotation marks from strings in the incoming data. All characters within the quotation marks, including delimiters, are retained. Choose `true` to remove quotation marks. The default is `false` .", + "title": "RemoveQuotes", + "type": "boolean" + }, + "ReplaceChars": { + "markdownDescription": "A value that specifies to replaces the invalid characters specified in `ReplaceInvalidChars` , substituting the specified characters instead. The default is `\"?\"` .", + "title": "ReplaceChars", + "type": "string" + }, + "ReplaceInvalidChars": { + "markdownDescription": "A list of characters that you want to replace. Use with `ReplaceChars` .", + "title": "ReplaceInvalidChars", + "type": "string" + }, + "SecretsManagerAccessRoleArn": { + "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the Amazon Redshift endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", + "title": "SecretsManagerAccessRoleArn", + "type": "string" + }, + "SecretsManagerSecretId": { + "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the Amazon Redshift endpoint connection details.", + "title": "SecretsManagerSecretId", + "type": "string" + }, + "ServerSideEncryptionKmsKeyId": { + "markdownDescription": "The AWS KMS key ID. If you are using `SSE_KMS` for the `EncryptionMode` , provide this key ID. The key that you use needs an attached policy that enables IAM user permissions and allows use of the key.", + "title": "ServerSideEncryptionKmsKeyId", + "type": "string" + }, + "ServiceAccessRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that has access to the Amazon Redshift service. The role must allow the `iam:PassRole` action.", + "title": "ServiceAccessRoleArn", + "type": "string" + }, + "TimeFormat": { + "markdownDescription": "The time format that you want to use. Valid values are `auto` (case-sensitive), `'timeformat_string'` , `'epochsecs'` , or `'epochmillisecs'` . It defaults to 10. Using `auto` recognizes most strings, even some that aren't supported when you use a time format string.\n\nIf your date and time values use formats different from each other, set this parameter to `auto` .", + "title": "TimeFormat", "type": "string" + }, + "TrimBlanks": { + "markdownDescription": "A value that specifies to remove the trailing white space characters from a VARCHAR string. This parameter applies only to columns with a VARCHAR data type. Choose `true` to remove unneeded white space. The default is `false` .", + "title": "TrimBlanks", + "type": "boolean" + }, + "TruncateColumns": { + "markdownDescription": "A value that specifies to truncate data in columns to the appropriate number of characters, so that the data fits in the column. This parameter applies only to columns with a VARCHAR or CHAR data type, and rows with a size of 4 MB or less. Choose `true` to truncate data. The default is `false` .", + "title": "TruncateColumns", + "type": "boolean" + }, + "WriteBufferSize": { + "markdownDescription": "The size (in KB) of the in-memory file write buffer used when generating .csv files on the local disk at the DMS replication instance. The default value is 1000 (buffer size is 1000KB).", + "title": "WriteBufferSize", + "type": "number" } }, - "required": [ - "DirectoryId" - ], "type": "object" }, - "AWS::EC2::ClientVpnEndpoint.FederatedAuthenticationRequest": { + "AWS::DMS::Endpoint.S3Settings": { "additionalProperties": false, "properties": { - "SAMLProviderArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM SAML identity provider.", - "title": "SAMLProviderArn", + "AddColumnName": { + "markdownDescription": "An optional parameter that, when set to `true` or `y` , you can use to add column name information to the .csv output file.\n\nThe default value is `false` . Valid values are `true` , `false` , `y` , and `n` .", + "title": "AddColumnName", + "type": "boolean" + }, + "AddTrailingPaddingCharacter": { + "markdownDescription": "Use the S3 target endpoint setting `AddTrailingPaddingCharacter` to add padding on string data. The default value is `false` .", + "title": "AddTrailingPaddingCharacter", + "type": "boolean" + }, + "BucketFolder": { + "markdownDescription": "An optional parameter to set a folder name in the S3 bucket. If provided, tables are created in the path `*bucketFolder* / *schema_name* / *table_name* /` . If this parameter isn't specified, the path used is `*schema_name* / *table_name* /` .", + "title": "BucketFolder", "type": "string" }, - "SelfServiceSAMLProviderArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM SAML identity provider for the self-service portal.", - "title": "SelfServiceSAMLProviderArn", + "BucketName": { + "markdownDescription": "The name of the S3 bucket.", + "title": "BucketName", + "type": "string" + }, + "CannedAclForObjects": { + "markdownDescription": "A value that enables AWS DMS to specify a predefined (canned) access control list (ACL) for objects created in an Amazon S3 bucket as .csv or .parquet files. For more information about Amazon S3 canned ACLs, see [Canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) in the *Amazon S3 Developer Guide* .\n\nThe default value is NONE. Valid values include NONE, PRIVATE, PUBLIC_READ, PUBLIC_READ_WRITE, AUTHENTICATED_READ, AWS_EXEC_READ, BUCKET_OWNER_READ, and BUCKET_OWNER_FULL_CONTROL.", + "title": "CannedAclForObjects", + "type": "string" + }, + "CdcInsertsAndUpdates": { + "markdownDescription": "A value that enables a change data capture (CDC) load to write INSERT and UPDATE operations to .csv or .parquet (columnar storage) output files. The default setting is `false` , but when `CdcInsertsAndUpdates` is set to `true` or `y` , only INSERTs and UPDATEs from the source database are migrated to the .csv or .parquet file.\n\nFor .csv file format only, how these INSERTs and UPDATEs are recorded depends on the value of the `IncludeOpForFullLoad` parameter. If `IncludeOpForFullLoad` is set to `true` , the first field of every CDC record is set to either `I` or `U` to indicate INSERT and UPDATE operations at the source. But if `IncludeOpForFullLoad` is set to `false` , CDC records are written without an indication of INSERT or UPDATE operations at the source. For more information about how these settings work together, see [Indicating Source DB Operations in Migrated S3 Data](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.Configuring.InsertOps) in the *AWS Database Migration Service User Guide* .\n\n> AWS DMS supports the use of the `CdcInsertsAndUpdates` parameter in versions 3.3.1 and later.\n> \n> `CdcInsertsOnly` and `CdcInsertsAndUpdates` can't both be set to `true` for the same endpoint. Set either `CdcInsertsOnly` or `CdcInsertsAndUpdates` to `true` for the same endpoint, but not both.", + "title": "CdcInsertsAndUpdates", + "type": "boolean" + }, + "CdcInsertsOnly": { + "markdownDescription": "A value that enables a change data capture (CDC) load to write only INSERT operations to .csv or columnar storage (.parquet) output files. By default (the `false` setting), the first field in a .csv or .parquet record contains the letter I (INSERT), U (UPDATE), or D (DELETE). These values indicate whether the row was inserted, updated, or deleted at the source database for a CDC load to the target.\n\nIf `CdcInsertsOnly` is set to `true` or `y` , only INSERTs from the source database are migrated to the .csv or .parquet file. For .csv format only, how these INSERTs are recorded depends on the value of `IncludeOpForFullLoad` . If `IncludeOpForFullLoad` is set to `true` , the first field of every CDC record is set to I to indicate the INSERT operation at the source. If `IncludeOpForFullLoad` is set to `false` , every CDC record is written without a first field to indicate the INSERT operation at the source. For more information about how these settings work together, see [Indicating Source DB Operations in Migrated S3 Data](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.Configuring.InsertOps) in the *AWS Database Migration Service User Guide* .\n\n> AWS DMS supports the interaction described preceding between the `CdcInsertsOnly` and `IncludeOpForFullLoad` parameters in versions 3.1.4 and later.\n> \n> `CdcInsertsOnly` and `CdcInsertsAndUpdates` can't both be set to `true` for the same endpoint. Set either `CdcInsertsOnly` or `CdcInsertsAndUpdates` to `true` for the same endpoint, but not both.", + "title": "CdcInsertsOnly", + "type": "boolean" + }, + "CdcMaxBatchInterval": { + "markdownDescription": "Maximum length of the interval, defined in seconds, after which to output a file to Amazon S3.\n\nWhen `CdcMaxBatchInterval` and `CdcMinFileSize` are both specified, the file write is triggered by whichever parameter condition is met first within an AWS DMS CloudFormation template.\n\nThe default value is 60 seconds.", + "title": "CdcMaxBatchInterval", + "type": "number" + }, + "CdcMinFileSize": { + "markdownDescription": "Minimum file size, defined in kilobytes, to reach for a file output to Amazon S3.\n\nWhen `CdcMinFileSize` and `CdcMaxBatchInterval` are both specified, the file write is triggered by whichever parameter condition is met first within an AWS DMS CloudFormation template.\n\nThe default value is 32 MB.", + "title": "CdcMinFileSize", + "type": "number" + }, + "CdcPath": { + "markdownDescription": "Specifies the folder path of CDC files. For an S3 source, this setting is required if a task captures change data; otherwise, it's optional. If `CdcPath` is set, AWS DMS reads CDC files from this path and replicates the data changes to the target endpoint. For an S3 target if you set [`PreserveTransactions`](https://docs.aws.amazon.com/dms/latest/APIReference/API_S3Settings.html#DMS-Type-S3Settings-PreserveTransactions) to `true` , AWS DMS verifies that you have set this parameter to a folder path on your S3 target where AWS DMS can save the transaction order for the CDC load. AWS DMS creates this CDC folder path in either your S3 target working directory or the S3 target location specified by [`BucketFolder`](https://docs.aws.amazon.com/dms/latest/APIReference/API_S3Settings.html#DMS-Type-S3Settings-BucketFolder) and [`BucketName`](https://docs.aws.amazon.com/dms/latest/APIReference/API_S3Settings.html#DMS-Type-S3Settings-BucketName) .\n\nFor example, if you specify `CdcPath` as `MyChangedData` , and you specify `BucketName` as `MyTargetBucket` but do not specify `BucketFolder` , AWS DMS creates the CDC folder path following: `MyTargetBucket/MyChangedData` .\n\nIf you specify the same `CdcPath` , and you specify `BucketName` as `MyTargetBucket` and `BucketFolder` as `MyTargetData` , AWS DMS creates the CDC folder path following: `MyTargetBucket/MyTargetData/MyChangedData` .\n\nFor more information on CDC including transaction order on an S3 target, see [Capturing data changes (CDC) including transaction order on the S3 target](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.EndpointSettings.CdcPath) .\n\n> This setting is supported in AWS DMS versions 3.4.2 and later.", + "title": "CdcPath", + "type": "string" + }, + "CompressionType": { + "markdownDescription": "An optional parameter. When set to GZIP it enables the service to compress the target files. To allow the service to write the target files uncompressed, either set this parameter to NONE (the default) or don't specify the parameter at all. This parameter applies to both .csv and .parquet file formats.", + "title": "CompressionType", + "type": "string" + }, + "CsvDelimiter": { + "markdownDescription": "The delimiter used to separate columns in the .csv file for both source and target. The default is a comma.", + "title": "CsvDelimiter", + "type": "string" + }, + "CsvNoSupValue": { + "markdownDescription": "This setting only applies if your Amazon S3 output files during a change data capture (CDC) load are written in .csv format. If [`UseCsvNoSupValue`](https://docs.aws.amazon.com/dms/latest/APIReference/API_S3Settings.html#DMS-Type-S3Settings-UseCsvNoSupValue) is set to true, specify a string value that you want AWS DMS to use for all columns not included in the supplemental log. If you do not specify a string value, AWS DMS uses the null value for these columns regardless of the `UseCsvNoSupValue` setting.\n\n> This setting is supported in AWS DMS versions 3.4.1 and later.", + "title": "CsvNoSupValue", + "type": "string" + }, + "CsvNullValue": { + "markdownDescription": "An optional parameter that specifies how AWS DMS treats null values. While handling the null value, you can use this parameter to pass a user-defined string as null when writing to the target. For example, when target columns are not nullable, you can use this option to differentiate between the empty string value and the null value. So, if you set this parameter value to the empty string (\"\" or ''), AWS DMS treats the empty string as the null value instead of `NULL` .\n\nThe default value is `NULL` . Valid values include any valid string.", + "title": "CsvNullValue", + "type": "string" + }, + "CsvRowDelimiter": { + "markdownDescription": "The delimiter used to separate rows in the .csv file for both source and target.\n\nThe default is a carriage return ( `\\n` ).", + "title": "CsvRowDelimiter", + "type": "string" + }, + "DataFormat": { + "markdownDescription": "The format of the data that you want to use for output. You can choose one of the following:\n\n- `csv` : This is a row-based file format with comma-separated values (.csv).\n- `parquet` : Apache Parquet (.parquet) is a columnar storage file format that features efficient compression and provides faster query response.", + "title": "DataFormat", + "type": "string" + }, + "DataPageSize": { + "markdownDescription": "The size of one data page in bytes. This parameter defaults to 1024 * 1024 bytes (1 MiB). This number is used for .parquet file format only.", + "title": "DataPageSize", + "type": "number" + }, + "DatePartitionDelimiter": { + "markdownDescription": "Specifies a date separating delimiter to use during folder partitioning. The default value is `SLASH` . Use this parameter when `DatePartitionedEnabled` is set to `true` .", + "title": "DatePartitionDelimiter", + "type": "string" + }, + "DatePartitionEnabled": { + "markdownDescription": "When set to `true` , this parameter partitions S3 bucket folders based on transaction commit dates. The default value is `false` . For more information about date-based folder partitioning, see [Using date-based folder partitioning](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.DatePartitioning) .", + "title": "DatePartitionEnabled", + "type": "boolean" + }, + "DatePartitionSequence": { + "markdownDescription": "Identifies the sequence of the date format to use during folder partitioning. The default value is `YYYYMMDD` . Use this parameter when `DatePartitionedEnabled` is set to `true` .", + "title": "DatePartitionSequence", + "type": "string" + }, + "DatePartitionTimezone": { + "markdownDescription": "When creating an S3 target endpoint, set `DatePartitionTimezone` to convert the current UTC time into a specified time zone. The conversion occurs when a date partition folder is created and a change data capture (CDC) file name is generated. The time zone format is Area/Location. Use this parameter when `DatePartitionedEnabled` is set to `true` , as shown in the following example.\n\n`s3-settings='{\"DatePartitionEnabled\": true, \"DatePartitionSequence\": \"YYYYMMDDHH\", \"DatePartitionDelimiter\": \"SLASH\", \"DatePartitionTimezone\":\" *Asia/Seoul* \", \"BucketName\": \"dms-nattarat-test\"}'`", + "title": "DatePartitionTimezone", + "type": "string" + }, + "DictPageSizeLimit": { + "markdownDescription": "The maximum size of an encoded dictionary page of a column. If the dictionary page exceeds this, this column is stored using an encoding type of `PLAIN` . This parameter defaults to 1024 * 1024 bytes (1 MiB), the maximum size of a dictionary page before it reverts to `PLAIN` encoding. This size is used for .parquet file format only.", + "title": "DictPageSizeLimit", + "type": "number" + }, + "EnableStatistics": { + "markdownDescription": "A value that enables statistics for Parquet pages and row groups. Choose `true` to enable statistics, `false` to disable. Statistics include `NULL` , `DISTINCT` , `MAX` , and `MIN` values. This parameter defaults to `true` . This value is used for .parquet file format only.", + "title": "EnableStatistics", + "type": "boolean" + }, + "EncodingType": { + "markdownDescription": "The type of encoding that you're using:\n\n- `RLE_DICTIONARY` uses a combination of bit-packing and run-length encoding to store repeated values more efficiently. This is the default.\n- `PLAIN` doesn't use encoding at all. Values are stored as they are.\n- `PLAIN_DICTIONARY` builds a dictionary of the values encountered in a given column. The dictionary is stored in a dictionary page for each column chunk.", + "title": "EncodingType", + "type": "string" + }, + "EncryptionMode": { + "markdownDescription": "The type of server-side encryption that you want to use for your data. This encryption type is part of the endpoint settings or the extra connections attributes for Amazon S3. You can choose either `SSE_S3` (the default) or `SSE_KMS` .\n\n> For the `ModifyEndpoint` operation, you can change the existing value of the `EncryptionMode` parameter from `SSE_KMS` to `SSE_S3` . But you can\u2019t change the existing value from `SSE_S3` to `SSE_KMS` . \n\nTo use `SSE_S3` , you need an IAM role with permission to allow `\"arn:aws:s3:::dms-*\"` to use the following actions:\n\n- `s3:CreateBucket`\n- `s3:ListBucket`\n- `s3:DeleteBucket`\n- `s3:GetBucketLocation`\n- `s3:GetObject`\n- `s3:PutObject`\n- `s3:DeleteObject`\n- `s3:GetObjectVersion`\n- `s3:GetBucketPolicy`\n- `s3:PutBucketPolicy`\n- `s3:DeleteBucketPolicy`", + "title": "EncryptionMode", + "type": "string" + }, + "ExpectedBucketOwner": { + "markdownDescription": "To specify a bucket owner and prevent sniping, you can use the `ExpectedBucketOwner` endpoint setting.\n\nExample: `--s3-settings='{\"ExpectedBucketOwner\": \" *AWS_Account_ID* \"}'`\n\nWhen you make a request to test a connection or perform a migration, S3 checks the account ID of the bucket owner against the specified parameter.", + "title": "ExpectedBucketOwner", + "type": "string" + }, + "ExternalTableDefinition": { + "markdownDescription": "The external table definition.\n\nConditional: If `S3` is used as a source then `ExternalTableDefinition` is required.", + "title": "ExternalTableDefinition", + "type": "string" + }, + "GlueCatalogGeneration": { + "markdownDescription": "When true, allows AWS Glue to catalog your S3 bucket. Creating an AWS Glue catalog lets you use Athena to query your data.", + "title": "GlueCatalogGeneration", + "type": "boolean" + }, + "IgnoreHeaderRows": { + "markdownDescription": "When this value is set to 1, AWS DMS ignores the first row header in a .csv file. A value of 1 turns on the feature; a value of 0 turns off the feature.\n\nThe default is 0.", + "title": "IgnoreHeaderRows", + "type": "number" + }, + "IncludeOpForFullLoad": { + "markdownDescription": "A value that enables a full load to write INSERT operations to the comma-separated value (.csv) output files only to indicate how the rows were added to the source database.\n\n> AWS DMS supports the `IncludeOpForFullLoad` parameter in versions 3.1.4 and later. \n\nFor full load, records can only be inserted. By default (the `false` setting), no information is recorded in these output files for a full load to indicate that the rows were inserted at the source database. If `IncludeOpForFullLoad` is set to `true` or `y` , the INSERT is recorded as an I annotation in the first field of the .csv file. This allows the format of your target records from a full load to be consistent with the target records from a CDC load.\n\n> This setting works together with the `CdcInsertsOnly` and the `CdcInsertsAndUpdates` parameters for output to .csv files only. For more information about how these settings work together, see [Indicating Source DB Operations in Migrated S3 Data](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.Configuring.InsertOps) in the *AWS Database Migration Service User Guide* .", + "title": "IncludeOpForFullLoad", + "type": "boolean" + }, + "MaxFileSize": { + "markdownDescription": "A value that specifies the maximum size (in KB) of any .csv file to be created while migrating to an S3 target during full load.\n\nThe default value is 1,048,576 KB (1 GB). Valid values include 1 to 1,048,576.", + "title": "MaxFileSize", + "type": "number" + }, + "ParquetTimestampInMillisecond": { + "markdownDescription": "A value that specifies the precision of any `TIMESTAMP` column values that are written to an Amazon S3 object file in .parquet format.\n\n> AWS DMS supports the `ParquetTimestampInMillisecond` parameter in versions 3.1.4 and later. \n\nWhen `ParquetTimestampInMillisecond` is set to `true` or `y` , AWS DMS writes all `TIMESTAMP` columns in a .parquet formatted file with millisecond precision. Otherwise, DMS writes them with microsecond precision.\n\nCurrently, Amazon Athena and AWS Glue can handle only millisecond precision for `TIMESTAMP` values. Set this parameter to `true` for S3 endpoint object files that are .parquet formatted only if you plan to query or process the data with Athena or AWS Glue .\n\n> AWS DMS writes any `TIMESTAMP` column values written to an S3 file in .csv format with microsecond precision.\n> \n> Setting `ParquetTimestampInMillisecond` has no effect on the string format of the timestamp column value that is inserted by setting the `TimestampColumnName` parameter.", + "title": "ParquetTimestampInMillisecond", + "type": "boolean" + }, + "ParquetVersion": { + "markdownDescription": "The version of the Apache Parquet format that you want to use: `parquet_1_0` (the default) or `parquet_2_0` .", + "title": "ParquetVersion", + "type": "string" + }, + "PreserveTransactions": { + "markdownDescription": "If this setting is set to `true` , AWS DMS saves the transaction order for a change data capture (CDC) load on the Amazon S3 target specified by [`CdcPath`](https://docs.aws.amazon.com/dms/latest/APIReference/API_S3Settings.html#DMS-Type-S3Settings-CdcPath) . For more information, see [Capturing data changes (CDC) including transaction order on the S3 target](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.EndpointSettings.CdcPath) .\n\n> This setting is supported in AWS DMS versions 3.4.2 and later.", + "title": "PreserveTransactions", + "type": "boolean" + }, + "Rfc4180": { + "markdownDescription": "For an S3 source, when this value is set to `true` or `y` , each leading double quotation mark has to be followed by an ending double quotation mark. This formatting complies with RFC 4180. When this value is set to `false` or `n` , string literals are copied to the target as is. In this case, a delimiter (row or column) signals the end of the field. Thus, you can't use a delimiter as part of the string, because it signals the end of the value.\n\nFor an S3 target, an optional parameter used to set behavior to comply with RFC 4180 for data migrated to Amazon S3 using .csv file format only. When this value is set to `true` or `y` using Amazon S3 as a target, if the data has quotation marks or newline characters in it, AWS DMS encloses the entire column with an additional pair of double quotation marks (\"). Every quotation mark within the data is repeated twice.\n\nThe default value is `true` . Valid values include `true` , `false` , `y` , and `n` .", + "title": "Rfc4180", + "type": "boolean" + }, + "RowGroupLength": { + "markdownDescription": "The number of rows in a row group. A smaller row group size provides faster reads. But as the number of row groups grows, the slower writes become. This parameter defaults to 10,000 rows. This number is used for .parquet file format only.\n\nIf you choose a value larger than the maximum, `RowGroupLength` is set to the max row group length in bytes (64 * 1024 * 1024).", + "title": "RowGroupLength", + "type": "number" + }, + "ServerSideEncryptionKmsKeyId": { + "markdownDescription": "If you are using `SSE_KMS` for the `EncryptionMode` , provide the AWS KMS key ID. The key that you use needs an attached policy that enables IAM user permissions and allows use of the key.\n\nHere is a CLI example: `aws dms create-endpoint --endpoint-identifier *value* --endpoint-type target --engine-name s3 --s3-settings ServiceAccessRoleArn= *value* ,BucketFolder= *value* ,BucketName= *value* ,EncryptionMode=SSE_KMS,ServerSideEncryptionKmsKeyId= *value*`", + "title": "ServerSideEncryptionKmsKeyId", + "type": "string" + }, + "ServiceAccessRoleArn": { + "markdownDescription": "A required parameter that specifies the Amazon Resource Name (ARN) used by the service to access the IAM role. The role must allow the `iam:PassRole` action. It enables AWS DMS to read and write objects from an S3 bucket.", + "title": "ServiceAccessRoleArn", + "type": "string" + }, + "TimestampColumnName": { + "markdownDescription": "A value that when nonblank causes AWS DMS to add a column with timestamp information to the endpoint data for an Amazon S3 target.\n\n> AWS DMS supports the `TimestampColumnName` parameter in versions 3.1.4 and later. \n\nAWS DMS includes an additional `STRING` column in the .csv or .parquet object files of your migrated data when you set `TimestampColumnName` to a nonblank value.\n\nFor a full load, each row of this timestamp column contains a timestamp for when the data was transferred from the source to the target by DMS.\n\nFor a change data capture (CDC) load, each row of the timestamp column contains the timestamp for the commit of that row in the source database.\n\nThe string format for this timestamp column value is `yyyy-MM-dd HH:mm:ss.SSSSSS` . By default, the precision of this value is in microseconds. For a CDC load, the rounding of the precision depends on the commit timestamp supported by DMS for the source database.\n\nWhen the `AddColumnName` parameter is set to `true` , DMS also includes a name for the timestamp column that you set with `TimestampColumnName` .", + "title": "TimestampColumnName", "type": "string" + }, + "UseCsvNoSupValue": { + "markdownDescription": "This setting applies if the S3 output files during a change data capture (CDC) load are written in .csv format. If this setting is set to `true` for columns not included in the supplemental log, AWS DMS uses the value specified by [`CsvNoSupValue`](https://docs.aws.amazon.com/dms/latest/APIReference/API_S3Settings.html#DMS-Type-S3Settings-CsvNoSupValue) . If this setting isn't set or is set to `false` , AWS DMS uses the null value for these columns.\n\n> This setting is supported in AWS DMS versions 3.4.1 and later.", + "title": "UseCsvNoSupValue", + "type": "boolean" + }, + "UseTaskStartTimeForFullLoadTimestamp": { + "markdownDescription": "When set to true, this parameter uses the task start time as the timestamp column value instead of the time data is written to target. For full load, when `useTaskStartTimeForFullLoadTimestamp` is set to `true` , each row of the timestamp column contains the task start time. For CDC loads, each row of the timestamp column contains the transaction commit time.\n\nWhen `useTaskStartTimeForFullLoadTimestamp` is set to `false` , the full load timestamp in the timestamp column increments with the time data arrives at the target.", + "title": "UseTaskStartTimeForFullLoadTimestamp", + "type": "boolean" } }, - "required": [ - "SAMLProviderArn" - ], "type": "object" }, - "AWS::EC2::ClientVpnEndpoint.TagSpecification": { + "AWS::DMS::Endpoint.SybaseSettings": { "additionalProperties": false, "properties": { - "ResourceType": { - "markdownDescription": "The type of resource to tag. To tag a Client VPN endpoint, `ResourceType` must be `client-vpn-endpoint` .", - "title": "ResourceType", + "SecretsManagerAccessRoleArn": { + "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the SAP ASE endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", + "title": "SecretsManagerAccessRoleArn", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to apply to the resource.", - "title": "Tags", - "type": "array" + "SecretsManagerSecretId": { + "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the SAP SAE endpoint connection details.", + "title": "SecretsManagerSecretId", + "type": "string" } }, - "required": [ - "ResourceType", - "Tags" - ], "type": "object" }, - "AWS::EC2::ClientVpnRoute": { + "AWS::DMS::EventSubscription": { "additionalProperties": false, "properties": { "Condition": { @@ -69115,37 +75064,59 @@ "Properties": { "additionalProperties": false, "properties": { - "ClientVpnEndpointId": { - "markdownDescription": "The ID of the Client VPN endpoint to which to add the route.", - "title": "ClientVpnEndpointId", - "type": "string" + "Enabled": { + "markdownDescription": "Indicates whether to activate the subscription. If you don't specify this property, AWS CloudFormation activates the subscription.", + "title": "Enabled", + "type": "boolean" }, - "Description": { - "markdownDescription": "A brief description of the route.", - "title": "Description", + "EventCategories": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of event categories for a source type that you want to subscribe to. If you don't specify this property, you are notified about all event categories. For more information, see [Working with Events and Notifications](https://docs.aws.amazon.com//dms/latest/userguide/CHAP_Events.html) in the *AWS DMS User Guide* .", + "title": "EventCategories", + "type": "array" + }, + "SnsTopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic created for event notification. The ARN is created by Amazon SNS when you create a topic and subscribe to it.", + "title": "SnsTopicArn", "type": "string" }, - "DestinationCidrBlock": { - "markdownDescription": "The IPv4 address range, in CIDR notation, of the route destination. For example:\n\n- To add a route for Internet access, enter `0.0.0.0/0`\n- To add a route for a peered VPC, enter the peered VPC's IPv4 CIDR range\n- To add a route for an on-premises network, enter the AWS Site-to-Site VPN connection's IPv4 CIDR range\n- To add a route for the local network, enter the client CIDR range", - "title": "DestinationCidrBlock", + "SourceIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of identifiers for which AWS DMS provides notification events.\n\nIf you don't specify a value, notifications are provided for all sources.\n\nIf you specify multiple values, they must be of the same type. For example, if you specify a database instance ID, then all of the other values must be database instance IDs.", + "title": "SourceIds", + "type": "array" + }, + "SourceType": { + "markdownDescription": "The type of AWS DMS resource that generates the events. For example, if you want to be notified of events generated by a replication instance, you set this parameter to `replication-instance` . If this value isn't specified, all events are returned.\n\n*Valid values* : `replication-instance` | `replication-task`", + "title": "SourceType", "type": "string" }, - "TargetVpcSubnetId": { - "markdownDescription": "The ID of the subnet through which you want to route traffic. The specified subnet must be an existing target network of the Client VPN endpoint.\n\nAlternatively, if you're adding a route for the local network, specify `local` .", - "title": "TargetVpcSubnetId", + "SubscriptionName": { + "markdownDescription": "The name of the AWS DMS event notification subscription. This name must be less than 255 characters.", + "title": "SubscriptionName", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "One or more tags to be assigned to the event subscription.", + "title": "Tags", + "type": "array" } }, "required": [ - "ClientVpnEndpointId", - "DestinationCidrBlock", - "TargetVpcSubnetId" + "SnsTopicArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::ClientVpnRoute" + "AWS::DMS::EventSubscription" ], "type": "string" }, @@ -69164,7 +75135,7 @@ ], "type": "object" }, - "AWS::EC2::ClientVpnTargetNetworkAssociation": { + "AWS::DMS::InstanceProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -69199,26 +75170,68 @@ "Properties": { "additionalProperties": false, "properties": { - "ClientVpnEndpointId": { - "markdownDescription": "The ID of the Client VPN endpoint.", - "title": "ClientVpnEndpointId", + "AvailabilityZone": { + "markdownDescription": "The Availability Zone where the instance profile runs.", + "title": "AvailabilityZone", "type": "string" }, - "SubnetId": { - "markdownDescription": "The ID of the subnet to associate with the Client VPN endpoint.", - "title": "SubnetId", + "Description": { + "markdownDescription": "A description of the instance profile. Descriptions can have up to 31 characters. A description can contain only ASCII letters, digits, and hyphens ('-'). Also, it can't end with a hyphen or contain two consecutive hyphens, and can only begin with a letter.", + "title": "Description", + "type": "string" + }, + "InstanceProfileIdentifier": { + "markdownDescription": "The identifier of the instance profile. Identifiers must begin with a letter and must contain only ASCII letters, digits, and hyphens. They can't end with a hyphen, or contain two consecutive hyphens.", + "title": "InstanceProfileIdentifier", + "type": "string" + }, + "InstanceProfileName": { + "markdownDescription": "The user-friendly name for the instance profile.", + "title": "InstanceProfileName", + "type": "string" + }, + "KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key that is used to encrypt the connection parameters for the instance profile.\n\nIf you don't specify a value for the `KmsKeyArn` parameter, then AWS DMS uses your default encryption key.\n\nAWS KMS creates the default encryption key for your AWS account . Your AWS account has a different default encryption key for each AWS Region .", + "title": "KmsKeyArn", + "type": "string" + }, + "NetworkType": { + "markdownDescription": "Specifies the network type for the instance profile. A value of `IPV4` represents an instance profile with IPv4 network type and only supports IPv4 addressing. A value of `IPV6` represents an instance profile with IPv6 network type and only supports IPv6 addressing. A value of `DUAL` represents an instance profile with dual network type that supports IPv4 and IPv6 addressing.", + "title": "NetworkType", "type": "string" + }, + "PubliclyAccessible": { + "markdownDescription": "Specifies the accessibility options for the instance profile. A value of `true` represents an instance profile with a public IP address. A value of `false` represents an instance profile with a private IP address. The default value is `true` .", + "title": "PubliclyAccessible", + "type": "boolean" + }, + "SubnetGroupIdentifier": { + "markdownDescription": "The identifier of the subnet group that is associated with the instance profile.", + "title": "SubnetGroupIdentifier", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + }, + "VpcSecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The VPC security groups that are used with the instance profile. The VPC security group must work with the VPC containing the instance profile.", + "title": "VpcSecurityGroups", + "type": "array" } }, - "required": [ - "ClientVpnEndpointId", - "SubnetId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::ClientVpnTargetNetworkAssociation" + "AWS::DMS::InstanceProfile" ], "type": "string" }, @@ -69232,12 +75245,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::EC2::CustomerGateway": { + "AWS::DMS::MigrationProject": { "additionalProperties": false, "properties": { "Condition": { @@ -69272,49 +75284,76 @@ "Properties": { "additionalProperties": false, "properties": { - "BgpAsn": { - "markdownDescription": "For customer gateway devices that support BGP, specify the device's ASN. You must specify either `BgpAsn` or `BgpAsnExtended` when creating the customer gateway. If the ASN is larger than `2,147,483,647` , you must use `BgpAsnExtended` .\n\nDefault: 65000\n\nValid values: `1` to `2,147,483,647`", - "title": "BgpAsn", - "type": "number" + "Description": { + "markdownDescription": "A user-friendly description of the migration project.", + "title": "Description", + "type": "string" }, - "CertificateArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the customer gateway certificate.", - "title": "CertificateArn", + "InstanceProfileArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance profile for your migration project.", + "title": "InstanceProfileArn", "type": "string" }, - "DeviceName": { - "markdownDescription": "The name of customer gateway device.", - "title": "DeviceName", + "InstanceProfileIdentifier": { + "markdownDescription": "The identifier of the instance profile for your migration project.", + "title": "InstanceProfileIdentifier", "type": "string" }, - "IpAddress": { - "markdownDescription": "IPv4 address for the customer gateway device's outside interface. The address must be static. If `OutsideIpAddressType` in your VPN connection options is set to `PrivateIpv4` , you can use an RFC6598 or RFC1918 private IPv4 address. If `OutsideIpAddressType` is set to `PublicIpv4` , you can use a public IPv4 address.", - "title": "IpAddress", + "InstanceProfileName": { + "markdownDescription": "The name of the associated instance profile.", + "title": "InstanceProfileName", + "type": "string" + }, + "MigrationProjectIdentifier": { + "markdownDescription": "The identifier of the migration project. Identifiers must begin with a letter and must contain only ASCII letters, digits, and hyphens. They can't end with a hyphen, or contain two consecutive hyphens.", + "title": "MigrationProjectIdentifier", + "type": "string" + }, + "MigrationProjectName": { + "markdownDescription": "The name of the migration project.", + "title": "MigrationProjectName", "type": "string" }, + "SchemaConversionApplicationAttributes": { + "$ref": "#/definitions/AWS::DMS::MigrationProject.SchemaConversionApplicationAttributes", + "markdownDescription": "The schema conversion application attributes, including the Amazon S3 bucket name and Amazon S3 role ARN.", + "title": "SchemaConversionApplicationAttributes" + }, + "SourceDataProviderDescriptors": { + "items": { + "$ref": "#/definitions/AWS::DMS::MigrationProject.DataProviderDescriptor" + }, + "markdownDescription": "Information about the source data provider, including the name or ARN, and AWS Secrets Manager parameters.", + "title": "SourceDataProviderDescriptors", + "type": "array" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "One or more tags for the customer gateway.", + "markdownDescription": "", "title": "Tags", "type": "array" }, - "Type": { - "markdownDescription": "The type of VPN connection that this customer gateway supports ( `ipsec.1` ).", - "title": "Type", + "TargetDataProviderDescriptors": { + "items": { + "$ref": "#/definitions/AWS::DMS::MigrationProject.DataProviderDescriptor" + }, + "markdownDescription": "Information about the target data provider, including the name or ARN, and AWS Secrets Manager parameters.", + "title": "TargetDataProviderDescriptors", + "type": "array" + }, + "TransformationRules": { + "markdownDescription": "The settings in JSON format for migration rules. Migration rules make it possible for you to change the object names according to the rules that you specify. For example, you can change an object name to lowercase or uppercase, add or remove a prefix or suffix, or rename objects.", + "title": "TransformationRules", "type": "string" } }, - "required": [ - "IpAddress", - "Type" - ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::CustomerGateway" + "AWS::DMS::MigrationProject" ], "type": "string" }, @@ -69328,117 +75367,58 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::EC2::DHCPOptions": { + "AWS::DMS::MigrationProject.DataProviderDescriptor": { "additionalProperties": false, "properties": { - "Condition": { + "DataProviderArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the data provider.", + "title": "DataProviderArn", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DataProviderIdentifier": { + "markdownDescription": "", + "title": "DataProviderIdentifier", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "DataProviderName": { + "markdownDescription": "The user-friendly name of the data provider.", + "title": "DataProviderName", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DomainName": { - "markdownDescription": "This value is used to complete unqualified DNS hostnames. If you're using AmazonProvidedDNS in `us-east-1` , specify `ec2.internal` . If you're using AmazonProvidedDNS in another Region, specify *region* . `compute.internal` (for example, `ap-northeast-1.compute.internal` ). Otherwise, specify a domain name (for example, *MyCompany.com* ).", - "title": "DomainName", - "type": "string" - }, - "DomainNameServers": { - "items": { - "type": "string" - }, - "markdownDescription": "The IPv4 addresses of up to four domain name servers, or `AmazonProvidedDNS` . The default is `AmazonProvidedDNS` . To have your instance receive a custom DNS hostname as specified in `DomainName` , you must set this property to a custom DNS server.", - "title": "DomainNameServers", - "type": "array" - }, - "Ipv6AddressPreferredLeaseTime": { - "markdownDescription": "A value (in seconds, minutes, hours, or years) for how frequently a running instance with an IPv6 assigned to it goes through DHCPv6 lease renewal. Acceptable values are between 140 and 2147483647 seconds (approximately 68 years). If no value is entered, the default lease time is 140 seconds. If you use long-term addressing for EC2 instances, you can increase the lease time and avoid frequent lease renewal requests. Lease renewal typically occurs when half of the lease time has elapsed.", - "title": "Ipv6AddressPreferredLeaseTime", - "type": "number" - }, - "NetbiosNameServers": { - "items": { - "type": "string" - }, - "markdownDescription": "The IPv4 addresses of up to four NetBIOS name servers.", - "title": "NetbiosNameServers", - "type": "array" - }, - "NetbiosNodeType": { - "markdownDescription": "The NetBIOS node type (1, 2, 4, or 8). We recommend that you specify 2 (broadcast and multicast are not currently supported).", - "title": "NetbiosNodeType", - "type": "number" - }, - "NtpServers": { - "items": { - "type": "string" - }, - "markdownDescription": "The IPv4 addresses of up to four Network Time Protocol (NTP) servers.", - "title": "NtpServers", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Any tags assigned to the DHCP options set.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" + "SecretsManagerAccessRoleArn": { + "markdownDescription": "The ARN of the role used to access AWS Secrets Manager.", + "title": "SecretsManagerAccessRoleArn", + "type": "string" }, - "Type": { - "enum": [ - "AWS::EC2::DHCPOptions" - ], + "SecretsManagerSecretId": { + "markdownDescription": "The identifier of the AWS Secrets Manager Secret used to store access credentials for the data provider.", + "title": "SecretsManagerSecretId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DMS::MigrationProject.SchemaConversionApplicationAttributes": { + "additionalProperties": false, + "properties": { + "S3BucketPath": { + "markdownDescription": "", + "title": "S3BucketPath", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "S3BucketRoleArn": { + "markdownDescription": "", + "title": "S3BucketRoleArn", "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::EC2::EC2Fleet": { + "AWS::DMS::ReplicationConfig": { "additionalProperties": false, "properties": { "Condition": { @@ -69473,82 +75453,73 @@ "Properties": { "additionalProperties": false, "properties": { - "Context": { - "markdownDescription": "Reserved.", - "title": "Context", + "ComputeConfig": { + "$ref": "#/definitions/AWS::DMS::ReplicationConfig.ComputeConfig", + "markdownDescription": "Configuration parameters for provisioning an AWS DMS Serverless replication.", + "title": "ComputeConfig" + }, + "ReplicationConfigIdentifier": { + "markdownDescription": "A unique identifier that you want to use to create a `ReplicationConfigArn` that is returned as part of the output from this action. You can then pass this output `ReplicationConfigArn` as the value of the `ReplicationConfigArn` option for other actions to identify both AWS DMS Serverless replications and replication configurations that you want those actions to operate on. For some actions, you can also use either this unique identifier or a corresponding ARN in action filters to identify the specific replication and replication configuration to operate on.", + "title": "ReplicationConfigIdentifier", "type": "string" }, - "ExcessCapacityTerminationPolicy": { - "markdownDescription": "Indicates whether running instances should be terminated if the total target capacity of the EC2 Fleet is decreased below the current size of the EC2 Fleet.\n\nSupported only for fleets of type `maintain` .", - "title": "ExcessCapacityTerminationPolicy", + "ReplicationSettings": { + "markdownDescription": "Optional JSON settings for AWS DMS Serverless replications that are provisioned using this replication configuration. For example, see [Change processing tuning settings](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TaskSettings.ChangeProcessingTuning.html) .", + "title": "ReplicationSettings", + "type": "object" + }, + "ReplicationType": { + "markdownDescription": "The type of AWS DMS Serverless replication to provision using this replication configuration.\n\nPossible values:\n\n- `\"full-load\"`\n- `\"cdc\"`\n- `\"full-load-and-cdc\"`", + "title": "ReplicationType", "type": "string" }, - "LaunchTemplateConfigs": { - "items": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.FleetLaunchTemplateConfigRequest" - }, - "markdownDescription": "The configuration for the EC2 Fleet.", - "title": "LaunchTemplateConfigs", - "type": "array" + "ResourceIdentifier": { + "markdownDescription": "Optional unique value or name that you set for a given resource that can be used to construct an Amazon Resource Name (ARN) for that resource. For more information, see [Fine-grained access control using resource names and tags](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#CHAP_Security.FineGrainedAccess) .", + "title": "ResourceIdentifier", + "type": "string" }, - "OnDemandOptions": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.OnDemandOptionsRequest", - "markdownDescription": "Describes the configuration of On-Demand Instances in an EC2 Fleet.", - "title": "OnDemandOptions" + "SourceEndpointArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the source endpoint for this AWS DMS Serverless replication configuration.", + "title": "SourceEndpointArn", + "type": "string" }, - "ReplaceUnhealthyInstances": { - "markdownDescription": "Indicates whether EC2 Fleet should replace unhealthy Spot Instances. Supported only for fleets of type `maintain` . For more information, see [EC2 Fleet health checks](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/manage-ec2-fleet.html#ec2-fleet-health-checks) in the *Amazon EC2 User Guide* .", - "title": "ReplaceUnhealthyInstances", - "type": "boolean" + "SupplementalSettings": { + "markdownDescription": "Optional JSON settings for specifying supplemental data. For more information, see [Specifying supplemental data for task settings](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.TaskData.html) .", + "title": "SupplementalSettings", + "type": "object" }, - "SpotOptions": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.SpotOptionsRequest", - "markdownDescription": "Describes the configuration of Spot Instances in an EC2 Fleet.", - "title": "SpotOptions" + "TableMappings": { + "markdownDescription": "JSON table mappings for AWS DMS Serverless replications that are provisioned using this replication configuration. For more information, see [Specifying table selection and transformations rules using JSON](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TableMapping.SelectionTransformation.html) .", + "title": "TableMappings", + "type": "object" }, - "TagSpecifications": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.TagSpecification" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The key-value pair for tagging the EC2 Fleet request on creation. For more information, see [Tag your resources](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#tag-resources) .\n\nIf the fleet type is `instant` , specify a resource type of `fleet` to tag the fleet or `instance` to tag the instances at launch.\n\nIf the fleet type is `maintain` or `request` , specify a resource type of `fleet` to tag the fleet. You cannot specify a resource type of `instance` . To tag instances at launch, specify the tags in a [launch template](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html#create-launch-template) .", - "title": "TagSpecifications", + "markdownDescription": "One or more optional tags associated with resources used by the AWS DMS Serverless replication. For more information, see [Tagging resources in AWS Database Migration Service](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tagging.html) .", + "title": "Tags", "type": "array" }, - "TargetCapacitySpecification": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.TargetCapacitySpecificationRequest", - "markdownDescription": "The number of units to request.", - "title": "TargetCapacitySpecification" - }, - "TerminateInstancesWithExpiration": { - "markdownDescription": "Indicates whether running instances should be terminated when the EC2 Fleet expires.", - "title": "TerminateInstancesWithExpiration", - "type": "boolean" - }, - "Type": { - "markdownDescription": "The fleet type. The default value is `maintain` .\n\n- `maintain` - The EC2 Fleet places an asynchronous request for your desired capacity, and continues to maintain your desired Spot capacity by replenishing interrupted Spot Instances.\n- `request` - The EC2 Fleet places an asynchronous one-time request for your desired capacity, but does submit Spot requests in alternative capacity pools if Spot capacity is unavailable, and does not maintain Spot capacity if Spot Instances are interrupted.\n- `instant` - The EC2 Fleet places a synchronous one-time request for your desired capacity, and returns errors for any instances that could not be launched.\n\nFor more information, see [EC2 Fleet request types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-request-type.html) in the *Amazon EC2 User Guide* .", - "title": "Type", - "type": "string" - }, - "ValidFrom": { - "markdownDescription": "The start date and time of the request, in UTC format (for example, *YYYY* - *MM* - *DD* T *HH* : *MM* : *SS* Z). The default is to start fulfilling the request immediately.", - "title": "ValidFrom", - "type": "string" - }, - "ValidUntil": { - "markdownDescription": "The end date and time of the request, in UTC format (for example, *YYYY* - *MM* - *DD* T *HH* : *MM* : *SS* Z). At this point, no new EC2 Fleet requests are placed or able to fulfill the request. If no value is specified, the request remains until you cancel it.", - "title": "ValidUntil", + "TargetEndpointArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the target endpoint for this AWS DMS serverless replication configuration.", + "title": "TargetEndpointArn", "type": "string" } }, "required": [ - "LaunchTemplateConfigs", - "TargetCapacitySpecification" + "ComputeConfig", + "ReplicationConfigIdentifier", + "ReplicationType", + "SourceEndpointArn", + "TableMappings", + "TargetEndpointArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::EC2Fleet" + "AWS::DMS::ReplicationConfig" ], "type": "string" }, @@ -69567,609 +75538,64 @@ ], "type": "object" }, - "AWS::EC2::EC2Fleet.AcceleratorCountRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum number of accelerators. To specify no maximum limit, omit this parameter. To exclude accelerator-enabled instance types, set `Max` to `0` .", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum number of accelerators. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::EC2Fleet.AcceleratorTotalMemoryMiBRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum amount of accelerator memory, in MiB. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum amount of accelerator memory, in MiB. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::EC2Fleet.BaselineEbsBandwidthMbpsRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum baseline bandwidth, in Mbps. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum baseline bandwidth, in Mbps. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::EC2Fleet.CapacityRebalance": { - "additionalProperties": false, - "properties": { - "ReplacementStrategy": { - "markdownDescription": "The replacement strategy to use. Only available for fleets of type `maintain` .\n\n`launch` - EC2 Fleet launches a replacement Spot Instance when a rebalance notification is emitted for an existing Spot Instance in the fleet. EC2 Fleet does not terminate the instances that receive a rebalance notification. You can terminate the old instances, or you can leave them running. You are charged for all instances while they are running.\n\n`launch-before-terminate` - EC2 Fleet launches a replacement Spot Instance when a rebalance notification is emitted for an existing Spot Instance in the fleet, and then, after a delay that you specify (in `TerminationDelay` ), terminates the instances that received a rebalance notification.", - "title": "ReplacementStrategy", - "type": "string" - }, - "TerminationDelay": { - "markdownDescription": "The amount of time (in seconds) that Amazon EC2 waits before terminating the old Spot Instance after launching a new replacement Spot Instance.\n\nRequired when `ReplacementStrategy` is set to `launch-before-terminate` .\n\nNot valid when `ReplacementStrategy` is set to `launch` .\n\nValid values: Minimum value of `120` seconds. Maximum value of `7200` seconds.", - "title": "TerminationDelay", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::EC2Fleet.CapacityReservationOptionsRequest": { - "additionalProperties": false, - "properties": { - "UsageStrategy": { - "markdownDescription": "Indicates whether to use unused Capacity Reservations for fulfilling On-Demand capacity.\n\nIf you specify `use-capacity-reservations-first` , the fleet uses unused Capacity Reservations to fulfill On-Demand capacity up to the target On-Demand capacity. If multiple instance pools have unused Capacity Reservations, the On-Demand allocation strategy ( `lowest-price` or `prioritized` ) is applied. If the number of unused Capacity Reservations is less than the On-Demand target capacity, the remaining On-Demand target capacity is launched according to the On-Demand allocation strategy ( `lowest-price` or `prioritized` ).\n\nIf you do not specify a value, the fleet fulfils the On-Demand capacity according to the chosen On-Demand allocation strategy.", - "title": "UsageStrategy", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::EC2Fleet.FleetLaunchTemplateConfigRequest": { - "additionalProperties": false, - "properties": { - "LaunchTemplateSpecification": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.FleetLaunchTemplateSpecificationRequest", - "markdownDescription": "The launch template to use. You must specify either the launch template ID or launch template name in the request.", - "title": "LaunchTemplateSpecification" - }, - "Overrides": { - "items": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.FleetLaunchTemplateOverridesRequest" - }, - "markdownDescription": "Any parameters that you specify override the same parameters in the launch template.\n\nFor fleets of type `request` and `maintain` , a maximum of 300 items is allowed across all launch templates.", - "title": "Overrides", - "type": "array" - } - }, - "type": "object" - }, - "AWS::EC2::EC2Fleet.FleetLaunchTemplateOverridesRequest": { + "AWS::DMS::ReplicationConfig.ComputeConfig": { "additionalProperties": false, "properties": { "AvailabilityZone": { - "markdownDescription": "The Availability Zone in which to launch the instances.", + "markdownDescription": "The Availability Zone where the AWS DMS Serverless replication using this configuration will run. The default value is a random, system-chosen Availability Zone in the configuration's AWS Region , for example, `\"us-west-2\"` . You can't set this parameter if the `MultiAZ` parameter is set to `true` .", "title": "AvailabilityZone", "type": "string" }, - "InstanceRequirements": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.InstanceRequirementsRequest", - "markdownDescription": "The attributes for the instance types. When you specify instance attributes, Amazon EC2 will identify instance types with those attributes.\n\n> If you specify `InstanceRequirements` , you can't specify `InstanceType` .", - "title": "InstanceRequirements" - }, - "InstanceType": { - "markdownDescription": "The instance type.\n\n`mac1.metal` is not supported as a launch template override.\n\n> If you specify `InstanceType` , you can't specify `InstanceRequirements` .", - "title": "InstanceType", - "type": "string" - }, - "MaxPrice": { - "markdownDescription": "The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.\n\n> If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.\n> \n> If you specify a maximum price, it must be more than USD $0.001. Specifying a value below USD $0.001 will result in an `InvalidParameterValue` error message.", - "title": "MaxPrice", - "type": "string" - }, - "Placement": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.Placement", - "markdownDescription": "The location where the instance launched, if applicable.", - "title": "Placement" - }, - "Priority": { - "markdownDescription": "The priority for the launch template override. The highest priority is launched first.\n\nIf the On-Demand `AllocationStrategy` is set to `prioritized` , EC2 Fleet uses priority to determine which launch template override to use first in fulfilling On-Demand capacity.\n\nIf the Spot `AllocationStrategy` is set to `capacity-optimized-prioritized` , EC2 Fleet uses priority on a best-effort basis to determine which launch template override to use in fulfilling Spot capacity, but optimizes for capacity first.\n\nValid values are whole numbers starting at `0` . The lower the number, the higher the priority. If no number is set, the launch template override has the lowest priority. You can set the same priority for different launch template overrides.", - "title": "Priority", - "type": "number" - }, - "SubnetId": { - "markdownDescription": "The IDs of the subnets in which to launch the instances. Separate multiple subnet IDs using commas (for example, `subnet-1234abcdeexample1, subnet-0987cdef6example2` ). A request of type `instant` can have only one subnet ID.", - "title": "SubnetId", - "type": "string" - }, - "WeightedCapacity": { - "markdownDescription": "The number of units provided by the specified instance type. These are the same units that you chose to set the target capacity in terms of instances, or a performance characteristic such as vCPUs, memory, or I/O.\n\nIf the target capacity divided by this value is not a whole number, Amazon EC2 rounds the number of instances to the next whole number. If this value is not specified, the default is 1.\n\n> When specifying weights, the price used in the `lowest-price` and `price-capacity-optimized` allocation strategies is per *unit* hour (where the instance price is divided by the specified weight). However, if all the specified weights are above the requested `TargetCapacity` , resulting in only 1 instance being launched, the price used is per *instance* hour.", - "title": "WeightedCapacity", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::EC2Fleet.FleetLaunchTemplateSpecificationRequest": { - "additionalProperties": false, - "properties": { - "LaunchTemplateId": { - "markdownDescription": "The ID of the launch template.\n\nYou must specify the `LaunchTemplateId` or the `LaunchTemplateName` , but not both.", - "title": "LaunchTemplateId", - "type": "string" - }, - "LaunchTemplateName": { - "markdownDescription": "The name of the launch template.\n\nYou must specify the `LaunchTemplateName` or the `LaunchTemplateId` , but not both.", - "title": "LaunchTemplateName", - "type": "string" - }, - "Version": { - "markdownDescription": "The launch template version number, `$Latest` , or `$Default` . You must specify a value, otherwise the request fails.\n\nIf the value is `$Latest` , Amazon EC2 uses the latest version of the launch template.\n\nIf the value is `$Default` , Amazon EC2 uses the default version of the launch template.", - "title": "Version", - "type": "string" - } - }, - "required": [ - "Version" - ], - "type": "object" - }, - "AWS::EC2::EC2Fleet.InstanceRequirementsRequest": { - "additionalProperties": false, - "properties": { - "AcceleratorCount": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.AcceleratorCountRequest", - "markdownDescription": "The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferentia chips) on an instance.\n\nTo exclude accelerator-enabled instance types, set `Max` to `0` .\n\nDefault: No minimum or maximum limits", - "title": "AcceleratorCount" - }, - "AcceleratorManufacturers": { - "items": { - "type": "string" - }, - "markdownDescription": "Indicates whether instance types must have accelerators by specific manufacturers.\n\n- For instance types with AWS devices, specify `amazon-web-services` .\n- For instance types with AMD devices, specify `amd` .\n- For instance types with Habana devices, specify `habana` .\n- For instance types with NVIDIA devices, specify `nvidia` .\n- For instance types with Xilinx devices, specify `xilinx` .\n\nDefault: Any manufacturer", - "title": "AcceleratorManufacturers", - "type": "array" - }, - "AcceleratorNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The accelerators that must be on the instance type.\n\n- For instance types with NVIDIA A10G GPUs, specify `a10g` .\n- For instance types with NVIDIA A100 GPUs, specify `a100` .\n- For instance types with NVIDIA H100 GPUs, specify `h100` .\n- For instance types with AWS Inferentia chips, specify `inferentia` .\n- For instance types with NVIDIA GRID K520 GPUs, specify `k520` .\n- For instance types with NVIDIA K80 GPUs, specify `k80` .\n- For instance types with NVIDIA M60 GPUs, specify `m60` .\n- For instance types with AMD Radeon Pro V520 GPUs, specify `radeon-pro-v520` .\n- For instance types with NVIDIA T4 GPUs, specify `t4` .\n- For instance types with NVIDIA T4G GPUs, specify `t4g` .\n- For instance types with Xilinx VU9P FPGAs, specify `vu9p` .\n- For instance types with NVIDIA V100 GPUs, specify `v100` .\n\nDefault: Any accelerator", - "title": "AcceleratorNames", - "type": "array" - }, - "AcceleratorTotalMemoryMiB": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.AcceleratorTotalMemoryMiBRequest", - "markdownDescription": "The minimum and maximum amount of total accelerator memory, in MiB.\n\nDefault: No minimum or maximum limits", - "title": "AcceleratorTotalMemoryMiB" - }, - "AcceleratorTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The accelerator types that must be on the instance type.\n\n- For instance types with FPGA accelerators, specify `fpga` .\n- For instance types with GPU accelerators, specify `gpu` .\n- For instance types with Inference accelerators, specify `inference` .\n\nDefault: Any accelerator type", - "title": "AcceleratorTypes", - "type": "array" - }, - "AllowedInstanceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The instance types to apply your specified attributes against. All other instance types are ignored, even if they match your specified attributes.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to allow an instance type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will allow the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will allow all the M5a instance types, but not the M5n instance types.\n\n> If you specify `AllowedInstanceTypes` , you can't specify `ExcludedInstanceTypes` . \n\nDefault: All instance types", - "title": "AllowedInstanceTypes", - "type": "array" - }, - "BareMetal": { - "markdownDescription": "Indicates whether bare metal instance types must be included, excluded, or required.\n\n- To include bare metal instance types, specify `included` .\n- To require only bare metal instance types, specify `required` .\n- To exclude bare metal instance types, specify `excluded` .\n\nDefault: `excluded`", - "title": "BareMetal", - "type": "string" - }, - "BaselineEbsBandwidthMbps": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.BaselineEbsBandwidthMbpsRequest", - "markdownDescription": "The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps. For more information, see [Amazon EBS\u2013optimized instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-optimized.html) in the *Amazon EC2 User Guide* .\n\nDefault: No minimum or maximum limits", - "title": "BaselineEbsBandwidthMbps" - }, - "BurstablePerformance": { - "markdownDescription": "Indicates whether burstable performance T instance types are included, excluded, or required. For more information, see [Burstable performance instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) .\n\n- To include burstable performance instance types, specify `included` .\n- To require only burstable performance instance types, specify `required` .\n- To exclude burstable performance instance types, specify `excluded` .\n\nDefault: `excluded`", - "title": "BurstablePerformance", + "DnsNameServers": { + "markdownDescription": "A list of custom DNS name servers supported for the AWS DMS Serverless replication to access your source or target database. This list overrides the default name servers supported by the AWS DMS Serverless replication. You can specify a comma-separated list of internet addresses for up to four DNS name servers. For example: `\"1.1.1.1,2.2.2.2,3.3.3.3,4.4.4.4\"`", + "title": "DnsNameServers", "type": "string" }, - "CpuManufacturers": { - "items": { - "type": "string" - }, - "markdownDescription": "The CPU manufacturers to include.\n\n- For instance types with Intel CPUs, specify `intel` .\n- For instance types with AMD CPUs, specify `amd` .\n- For instance types with AWS CPUs, specify `amazon-web-services` .\n- For instance types with Apple CPUs, specify `apple` .\n\n> Don't confuse the CPU manufacturer with the CPU architecture. Instances will be launched with a compatible CPU architecture based on the Amazon Machine Image (AMI) that you specify in your launch template. \n\nDefault: Any manufacturer", - "title": "CpuManufacturers", - "type": "array" - }, - "ExcludedInstanceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The instance types to exclude.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to exclude an instance family, type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will exclude the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will exclude all the M5a instance types, but not the M5n instance types.\n\n> If you specify `ExcludedInstanceTypes` , you can't specify `AllowedInstanceTypes` . \n\nDefault: No excluded instance types", - "title": "ExcludedInstanceTypes", - "type": "array" - }, - "InstanceGenerations": { - "items": { - "type": "string" - }, - "markdownDescription": "Indicates whether current or previous generation instance types are included. The current generation instance types are recommended for use. Current generation instance types are typically the latest two to three generations in each instance family. For more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .\n\nFor current generation instance types, specify `current` .\n\nFor previous generation instance types, specify `previous` .\n\nDefault: Current and previous generation instance types", - "title": "InstanceGenerations", - "type": "array" - }, - "LocalStorage": { - "markdownDescription": "Indicates whether instance types with instance store volumes are included, excluded, or required. For more information, [Amazon EC2 instance store](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html) in the *Amazon EC2 User Guide* .\n\n- To include instance types with instance store volumes, specify `included` .\n- To require only instance types with instance store volumes, specify `required` .\n- To exclude instance types with instance store volumes, specify `excluded` .\n\nDefault: `included`", - "title": "LocalStorage", + "KmsKeyId": { + "markdownDescription": "An AWS Key Management Service ( AWS KMS ) key Amazon Resource Name (ARN) that is used to encrypt the data during AWS DMS Serverless replication.\n\nIf you don't specify a value for the `KmsKeyId` parameter, AWS DMS uses your default encryption key.\n\nAWS KMS creates the default encryption key for your Amazon Web Services account. Your AWS account has a different default encryption key for each AWS Region .", + "title": "KmsKeyId", "type": "string" }, - "LocalStorageTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The type of local storage that is required.\n\n- For instance types with hard disk drive (HDD) storage, specify `hdd` .\n- For instance types with solid state drive (SSD) storage, specify `ssd` .\n\nDefault: `hdd` and `ssd`", - "title": "LocalStorageTypes", - "type": "array" - }, - "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice": { - "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage of an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is based on the per vCPU or per memory price instead of the per instance price.\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` .", - "title": "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice", - "type": "number" - }, - "MemoryGiBPerVCpu": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.MemoryGiBPerVCpuRequest", - "markdownDescription": "The minimum and maximum amount of memory per vCPU, in GiB.\n\nDefault: No minimum or maximum limits", - "title": "MemoryGiBPerVCpu" - }, - "MemoryMiB": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.MemoryMiBRequest", - "markdownDescription": "The minimum and maximum amount of memory, in MiB.", - "title": "MemoryMiB" - }, - "NetworkBandwidthGbps": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.NetworkBandwidthGbpsRequest", - "markdownDescription": "The minimum and maximum amount of baseline network bandwidth, in gigabits per second (Gbps). For more information, see [Amazon EC2 instance network bandwidth](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-network-bandwidth.html) in the *Amazon EC2 User Guide* .\n\nDefault: No minimum or maximum limits", - "title": "NetworkBandwidthGbps" - }, - "NetworkInterfaceCount": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.NetworkInterfaceCountRequest", - "markdownDescription": "The minimum and maximum number of network interfaces.\n\nDefault: No minimum or maximum limits", - "title": "NetworkInterfaceCount" - }, - "OnDemandMaxPricePercentageOverLowestPrice": { - "markdownDescription": "[Price protection] The price protection threshold for On-Demand Instances, as a percentage higher than an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nTo indicate no price protection threshold, specify a high value, such as `999999` .\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n> If you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price. \n\nDefault: `20`", - "title": "OnDemandMaxPricePercentageOverLowestPrice", - "type": "number" - }, - "RequireHibernateSupport": { - "markdownDescription": "Indicates whether instance types must support hibernation for On-Demand Instances.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) .\n\nDefault: `false`", - "title": "RequireHibernateSupport", - "type": "boolean" - }, - "SpotMaxPricePercentageOverLowestPrice": { - "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage higher than an identified Spot price. The identified Spot price is the Spot price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified Spot price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose Spot price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` . \n\nDefault: `100`", - "title": "SpotMaxPricePercentageOverLowestPrice", - "type": "number" - }, - "TotalLocalStorageGB": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.TotalLocalStorageGBRequest", - "markdownDescription": "The minimum and maximum amount of total local storage, in GB.\n\nDefault: No minimum or maximum limits", - "title": "TotalLocalStorageGB" - }, - "VCpuCount": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.VCpuCountRangeRequest", - "markdownDescription": "The minimum and maximum number of vCPUs.", - "title": "VCpuCount" - } - }, - "type": "object" - }, - "AWS::EC2::EC2Fleet.MaintenanceStrategies": { - "additionalProperties": false, - "properties": { - "CapacityRebalance": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.CapacityRebalance", - "markdownDescription": "The strategy to use when Amazon EC2 emits a signal that your Spot Instance is at an elevated risk of being interrupted.", - "title": "CapacityRebalance" - } - }, - "type": "object" - }, - "AWS::EC2::EC2Fleet.MemoryGiBPerVCpuRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum amount of memory per vCPU, in GiB. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum amount of memory per vCPU, in GiB. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::EC2Fleet.MemoryMiBRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum amount of memory, in MiB. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum amount of memory, in MiB. To specify no minimum limit, specify `0` .", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::EC2Fleet.NetworkBandwidthGbpsRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum amount of network bandwidth, in Gbps. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum amount of network bandwidth, in Gbps. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::EC2Fleet.NetworkInterfaceCountRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum number of network interfaces. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum number of network interfaces. To specify no minimum limit, omit this parameter.", - "title": "Min", + "MaxCapacityUnits": { + "markdownDescription": "Specifies the maximum value of the AWS DMS capacity units (DCUs) for which a given AWS DMS Serverless replication can be provisioned. A single DCU is 2GB of RAM, with 1 DCU as the minimum value allowed. The list of valid DCU values includes 1, 2, 4, 8, 16, 32, 64, 128, 192, 256, and 384. So, the maximum value that you can specify for AWS DMS Serverless is 384. The `MaxCapacityUnits` parameter is the only DCU parameter you are required to specify.", + "title": "MaxCapacityUnits", "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::EC2Fleet.OnDemandOptionsRequest": { - "additionalProperties": false, - "properties": { - "AllocationStrategy": { - "markdownDescription": "The strategy that determines the order of the launch template overrides to use in fulfilling On-Demand capacity.\n\n`lowest-price` - EC2 Fleet uses price to determine the order, launching the lowest price first.\n\n`prioritized` - EC2 Fleet uses the priority that you assigned to each launch template override, launching the highest priority first.\n\nDefault: `lowest-price`", - "title": "AllocationStrategy", - "type": "string" - }, - "CapacityReservationOptions": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.CapacityReservationOptionsRequest", - "markdownDescription": "The strategy for using unused Capacity Reservations for fulfilling On-Demand capacity.\n\nSupported only for fleets of type `instant` .", - "title": "CapacityReservationOptions" - }, - "MaxTotalPrice": { - "markdownDescription": "The maximum amount per hour for On-Demand Instances that you're willing to pay.\n\n> If your fleet includes T instances that are configured as `unlimited` , and if their average CPU usage exceeds the baseline utilization, you will incur a charge for surplus credits. The `MaxTotalPrice` does not account for surplus credits, and, if you use surplus credits, your final cost might be higher than what you specified for `MaxTotalPrice` . For more information, see [Surplus credits can incur charges](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) in the *Amazon EC2 User Guide* .", - "title": "MaxTotalPrice", - "type": "string" }, - "MinTargetCapacity": { - "markdownDescription": "The minimum target capacity for On-Demand Instances in the fleet. If this minimum capacity isn't reached, no instances are launched.\n\nConstraints: Maximum value of `1000` . Supported only for fleets of type `instant` .\n\nAt least one of the following must be specified: `SingleAvailabilityZone` | `SingleInstanceType`", - "title": "MinTargetCapacity", + "MinCapacityUnits": { + "markdownDescription": "Specifies the minimum value of the AWS DMS capacity units (DCUs) for which a given AWS DMS Serverless replication can be provisioned. A single DCU is 2GB of RAM, with 1 DCU as the minimum value allowed. The list of valid DCU values includes 1, 2, 4, 8, 16, 32, 64, 128, 192, 256, and 384. So, the minimum DCU value that you can specify for AWS DMS Serverless is 1. If you don't set this value, AWS DMS sets this parameter to the minimum DCU value allowed, 1. If there is no current source activity, AWS DMS scales down your replication until it reaches the value specified in `MinCapacityUnits` .", + "title": "MinCapacityUnits", "type": "number" }, - "SingleAvailabilityZone": { - "markdownDescription": "Indicates that the fleet launches all On-Demand Instances into a single Availability Zone.\n\nSupported only for fleets of type `instant` .", - "title": "SingleAvailabilityZone", - "type": "boolean" - }, - "SingleInstanceType": { - "markdownDescription": "Indicates that the fleet uses a single instance type to launch all On-Demand Instances in the fleet.\n\nSupported only for fleets of type `instant` .", - "title": "SingleInstanceType", + "MultiAZ": { + "markdownDescription": "Specifies whether the AWS DMS Serverless replication is a Multi-AZ deployment. You can't set the `AvailabilityZone` parameter if the `MultiAZ` parameter is set to `true` .", + "title": "MultiAZ", "type": "boolean" - } - }, - "type": "object" - }, - "AWS::EC2::EC2Fleet.Placement": { - "additionalProperties": false, - "properties": { - "Affinity": { - "markdownDescription": "The affinity setting for the instance on the Dedicated Host.\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) or [ImportInstance](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportInstance.html) .", - "title": "Affinity", - "type": "string" - }, - "AvailabilityZone": { - "markdownDescription": "The Availability Zone of the instance.\n\nIf not specified, an Availability Zone will be automatically chosen for you based on the load balancing criteria for the Region.\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) .", - "title": "AvailabilityZone", - "type": "string" - }, - "GroupName": { - "markdownDescription": "The name of the placement group that the instance is in. If you specify `GroupName` , you can't specify `GroupId` .", - "title": "GroupName", - "type": "string" - }, - "HostId": { - "markdownDescription": "The ID of the Dedicated Host on which the instance resides.\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) or [ImportInstance](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportInstance.html) .", - "title": "HostId", - "type": "string" - }, - "HostResourceGroupArn": { - "markdownDescription": "The ARN of the host resource group in which to launch the instances.\n\nIf you specify this parameter, either omit the *Tenancy* parameter or set it to `host` .\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) .", - "title": "HostResourceGroupArn", - "type": "string" - }, - "PartitionNumber": { - "markdownDescription": "The number of the partition that the instance is in. Valid only if the placement group strategy is set to `partition` .\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) .", - "title": "PartitionNumber", - "type": "number" - }, - "SpreadDomain": { - "markdownDescription": "Reserved for future use.", - "title": "SpreadDomain", - "type": "string" - }, - "Tenancy": { - "markdownDescription": "The tenancy of the instance. An instance with a tenancy of `dedicated` runs on single-tenant hardware.\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) . The `host` tenancy is not supported for [ImportInstance](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportInstance.html) or for T3 instances that are configured for the `unlimited` CPU credit option.", - "title": "Tenancy", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::EC2Fleet.SpotOptionsRequest": { - "additionalProperties": false, - "properties": { - "AllocationStrategy": { - "markdownDescription": "Indicates how to allocate the target Spot Instance capacity across the Spot Instance pools specified by the EC2 Fleet.\n\nIf the allocation strategy is `lowestPrice` , EC2 Fleet launches instances from the Spot Instance pools with the lowest price. This is the default allocation strategy.\n\nIf the allocation strategy is `diversified` , EC2 Fleet launches instances from all the Spot Instance pools that you specify.\n\nIf the allocation strategy is `capacityOptimized` , EC2 Fleet launches instances from Spot Instance pools that are optimally chosen based on the available Spot Instance capacity.\n\n*Allowed Values* : `lowestPrice` | `diversified` | `capacityOptimized` | `capacityOptimizedPrioritized`", - "title": "AllocationStrategy", - "type": "string" - }, - "InstanceInterruptionBehavior": { - "markdownDescription": "The behavior when a Spot Instance is interrupted.\n\nDefault: `terminate`", - "title": "InstanceInterruptionBehavior", - "type": "string" - }, - "InstancePoolsToUseCount": { - "markdownDescription": "The number of Spot pools across which to allocate your target Spot capacity. Supported only when Spot `AllocationStrategy` is set to `lowest-price` . EC2 Fleet selects the cheapest Spot pools and evenly allocates your target Spot capacity across the number of Spot pools that you specify.\n\nNote that EC2 Fleet attempts to draw Spot Instances from the number of pools that you specify on a best effort basis. If a pool runs out of Spot capacity before fulfilling your target capacity, EC2 Fleet will continue to fulfill your request by drawing from the next cheapest pool. To ensure that your target capacity is met, you might receive Spot Instances from more than the number of pools that you specified. Similarly, if most of the pools have no Spot capacity, you might receive your full target capacity from fewer than the number of pools that you specified.", - "title": "InstancePoolsToUseCount", - "type": "number" - }, - "MaintenanceStrategies": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.MaintenanceStrategies", - "markdownDescription": "The strategies for managing your Spot Instances that are at an elevated risk of being interrupted.", - "title": "MaintenanceStrategies" }, - "MaxTotalPrice": { - "markdownDescription": "The maximum amount per hour for Spot Instances that you're willing to pay. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.\n\n> If you specify a maximum price, your Spot Instances will be interrupted more frequently than if you do not specify this parameter. > If your fleet includes T instances that are configured as `unlimited` , and if their average CPU usage exceeds the baseline utilization, you will incur a charge for surplus credits. The `MaxTotalPrice` does not account for surplus credits, and, if you use surplus credits, your final cost might be higher than what you specified for `MaxTotalPrice` . For more information, see [Surplus credits can incur charges](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) in the *Amazon EC2 User Guide* .", - "title": "MaxTotalPrice", + "PreferredMaintenanceWindow": { + "markdownDescription": "The weekly time range during which system maintenance can occur for the AWS DMS Serverless replication, in Universal Coordinated Time (UTC). The format is `ddd:hh24:mi-ddd:hh24:mi` .\n\nThe default is a 30-minute window selected at random from an 8-hour block of time per AWS Region . This maintenance occurs on a random day of the week. Valid values for days of the week include `Mon` , `Tue` , `Wed` , `Thu` , `Fri` , `Sat` , and `Sun` .\n\nConstraints include a minimum 30-minute window.", + "title": "PreferredMaintenanceWindow", "type": "string" }, - "MinTargetCapacity": { - "markdownDescription": "The minimum target capacity for Spot Instances in the fleet. If this minimum capacity isn't reached, no instances are launched.\n\nConstraints: Maximum value of `1000` . Supported only for fleets of type `instant` .\n\nAt least one of the following must be specified: `SingleAvailabilityZone` | `SingleInstanceType`", - "title": "MinTargetCapacity", - "type": "number" - }, - "SingleAvailabilityZone": { - "markdownDescription": "Indicates that the fleet launches all Spot Instances into a single Availability Zone.\n\nSupported only for fleets of type `instant` .", - "title": "SingleAvailabilityZone", - "type": "boolean" - }, - "SingleInstanceType": { - "markdownDescription": "Indicates that the fleet uses a single instance type to launch all Spot Instances in the fleet.\n\nSupported only for fleets of type `instant` .", - "title": "SingleInstanceType", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::EC2::EC2Fleet.TagSpecification": { - "additionalProperties": false, - "properties": { - "ResourceType": { - "markdownDescription": "The type of resource to tag.", - "title": "ResourceType", + "ReplicationSubnetGroupId": { + "markdownDescription": "Specifies a subnet group identifier to associate with the AWS DMS Serverless replication.", + "title": "ReplicationSubnetGroupId", "type": "string" }, - "Tags": { + "VpcSecurityGroupIds": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "The tags to apply to the resource.", - "title": "Tags", + "markdownDescription": "Specifies the virtual private cloud (VPC) security group to use with the AWS DMS Serverless replication. The VPC security group must work with the VPC containing the replication.", + "title": "VpcSecurityGroupIds", "type": "array" } }, - "type": "object" - }, - "AWS::EC2::EC2Fleet.TargetCapacitySpecificationRequest": { - "additionalProperties": false, - "properties": { - "DefaultTargetCapacityType": { - "markdownDescription": "The default target capacity type.", - "title": "DefaultTargetCapacityType", - "type": "string" - }, - "OnDemandTargetCapacity": { - "markdownDescription": "The number of On-Demand units to request.", - "title": "OnDemandTargetCapacity", - "type": "number" - }, - "SpotTargetCapacity": { - "markdownDescription": "The number of Spot units to request.", - "title": "SpotTargetCapacity", - "type": "number" - }, - "TargetCapacityUnitType": { - "markdownDescription": "The unit for the target capacity. You can specify this parameter only when using attributed-based instance type selection.\n\nDefault: `units` (the number of instances)", - "title": "TargetCapacityUnitType", - "type": "string" - }, - "TotalTargetCapacity": { - "markdownDescription": "The number of units to request, filled using the default target capacity type.", - "title": "TotalTargetCapacity", - "type": "number" - } - }, "required": [ - "TotalTargetCapacity" + "MaxCapacityUnits" ], "type": "object" }, - "AWS::EC2::EC2Fleet.TotalLocalStorageGBRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum amount of total local storage, in GB. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum amount of total local storage, in GB. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::EC2Fleet.VCpuCountRangeRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum number of vCPUs. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum number of vCPUs. To specify no minimum limit, specify `0` .", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::EIP": { + "AWS::DMS::ReplicationInstance": { "additionalProperties": false, "properties": { "Condition": { @@ -70204,45 +75630,106 @@ "Properties": { "additionalProperties": false, "properties": { - "Domain": { - "markdownDescription": "The network ( `vpc` ).\n\nIf you define an Elastic IP address and associate it with a VPC that is defined in the same template, you must declare a dependency on the VPC-gateway attachment by using the [DependsOn Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) on this resource.", - "title": "Domain", + "AllocatedStorage": { + "markdownDescription": "The amount of storage (in gigabytes) to be initially allocated for the replication instance.", + "title": "AllocatedStorage", + "type": "number" + }, + "AllowMajorVersionUpgrade": { + "markdownDescription": "Indicates that major version upgrades are allowed. Changing this parameter does not result in an outage, and the change is asynchronously applied as soon as possible.\n\nThis parameter must be set to `true` when specifying a value for the `EngineVersion` parameter that is a different major version than the replication instance's current version.", + "title": "AllowMajorVersionUpgrade", + "type": "boolean" + }, + "AutoMinorVersionUpgrade": { + "markdownDescription": "A value that indicates whether minor engine upgrades are applied automatically to the replication instance during the maintenance window. This parameter defaults to `true` .\n\nDefault: `true`", + "title": "AutoMinorVersionUpgrade", + "type": "boolean" + }, + "AvailabilityZone": { + "markdownDescription": "The Availability Zone that the replication instance will be created in.\n\nThe default value is a random, system-chosen Availability Zone in the endpoint's AWS Region , for example `us-east-1d` .", + "title": "AvailabilityZone", "type": "string" }, - "InstanceId": { - "markdownDescription": "The ID of the instance.\n\n> Updates to the `InstanceId` property may require *some interruptions* . Updates on an EIP reassociates the address on its associated resource.", - "title": "InstanceId", + "DnsNameServers": { + "markdownDescription": "A list of custom DNS name servers supported for the replication instance to access your on-premise source or target database. This list overrides the default name servers supported by the replication instance. You can specify a comma-separated list of internet addresses for up to four on-premise DNS name servers. For example: `\"1.1.1.1,2.2.2.2,3.3.3.3,4.4.4.4\"`", + "title": "DnsNameServers", "type": "string" }, - "NetworkBorderGroup": { - "markdownDescription": "A unique set of Availability Zones, Local Zones, or Wavelength Zones from which AWS advertises IP addresses. Use this parameter to limit the IP address to this location. IP addresses cannot move between network border groups.\n\nUse [DescribeAvailabilityZones](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAvailabilityZones.html) to view the network border groups.", - "title": "NetworkBorderGroup", + "EngineVersion": { + "markdownDescription": "The engine version number of the replication instance.\n\nIf an engine version number is not specified when a replication instance is created, the default is the latest engine version available.", + "title": "EngineVersion", "type": "string" }, - "PublicIpv4Pool": { - "markdownDescription": "The ID of an address pool that you own. Use this parameter to let Amazon EC2 select an address from the address pool.\n\n> Updates to the `PublicIpv4Pool` property may require *some interruptions* . Updates on an EIP reassociates the address on its associated resource.", - "title": "PublicIpv4Pool", + "KmsKeyId": { + "markdownDescription": "An AWS KMS key identifier that is used to encrypt the data on the replication instance.\n\nIf you don't specify a value for the `KmsKeyId` parameter, AWS DMS uses your default encryption key.\n\nAWS KMS creates the default encryption key for your AWS account . Your AWS account has a different default encryption key for each AWS Region .", + "title": "KmsKeyId", + "type": "string" + }, + "MultiAZ": { + "markdownDescription": "Specifies whether the replication instance is a Multi-AZ deployment. You can't set the `AvailabilityZone` parameter if the Multi-AZ parameter is set to `true` .", + "title": "MultiAZ", + "type": "boolean" + }, + "NetworkType": { + "markdownDescription": "The type of IP address protocol used by a replication instance, such as IPv4 only or Dual-stack that supports both IPv4 and IPv6 addressing. IPv6 only is not yet supported.", + "title": "NetworkType", + "type": "string" + }, + "PreferredMaintenanceWindow": { + "markdownDescription": "The weekly time range during which system maintenance can occur, in UTC.\n\n*Format* : `ddd:hh24:mi-ddd:hh24:mi`\n\n*Default* : A 30-minute window selected at random from an 8-hour block of time per AWS Region , occurring on a random day of the week.\n\n*Valid days* ( `ddd` ): `Mon` | `Tue` | `Wed` | `Thu` | `Fri` | `Sat` | `Sun`\n\n*Constraints* : Minimum 30-minute window.", + "title": "PreferredMaintenanceWindow", + "type": "string" + }, + "PubliclyAccessible": { + "markdownDescription": "Specifies the accessibility options for the replication instance. A value of `true` represents an instance with a public IP address. A value of `false` represents an instance with a private IP address. The default value is `true` .", + "title": "PubliclyAccessible", + "type": "boolean" + }, + "ReplicationInstanceClass": { + "markdownDescription": "The compute and memory capacity of the replication instance as defined for the specified replication instance class. For example, to specify the instance class dms.c4.large, set this parameter to `\"dms.c4.large\"` . For more information on the settings and capacities for the available replication instance classes, see [Selecting the right AWS DMS replication instance for your migration](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_ReplicationInstance.html#CHAP_ReplicationInstance.InDepth) in the *AWS Database Migration Service User Guide* .", + "title": "ReplicationInstanceClass", + "type": "string" + }, + "ReplicationInstanceIdentifier": { + "markdownDescription": "The replication instance identifier. This parameter is stored as a lowercase string.\n\nConstraints:\n\n- Must contain 1-63 alphanumeric characters or hyphens.\n- First character must be a letter.\n- Can't end with a hyphen or contain two consecutive hyphens.\n\nExample: `myrepinstance`", + "title": "ReplicationInstanceIdentifier", + "type": "string" + }, + "ReplicationSubnetGroupIdentifier": { + "markdownDescription": "A subnet group to associate with the replication instance.", + "title": "ReplicationSubnetGroupIdentifier", + "type": "string" + }, + "ResourceIdentifier": { + "markdownDescription": "A display name for the resource identifier at the end of the `EndpointArn` response parameter that is returned in the created `Endpoint` object. The value for this parameter can have up to 31 characters. It can contain only ASCII letters, digits, and hyphen ('-'). Also, it can't end with a hyphen or contain two consecutive hyphens, and can only begin with a letter, such as `Example-App-ARN1` . For example, this value might result in the `EndpointArn` value `arn:aws:dms:eu-west-1:012345678901:rep:Example-App-ARN1` . If you don't specify a `ResourceIdentifier` value, AWS DMS generates a default identifier value for the end of `EndpointArn` .", + "title": "ResourceIdentifier", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Any tags assigned to the Elastic IP address.\n\n> Updates to the `Tags` property may require *some interruptions* . Updates on an EIP reassociates the address on its associated resource.", + "markdownDescription": "One or more tags to be assigned to the replication instance.", "title": "Tags", "type": "array" }, - "TransferAddress": { - "markdownDescription": "The Elastic IP address you are accepting for transfer. You can only accept one transferred address. For more information on Elastic IP address transfers, see [Transfer Elastic IP addresses](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-eips.html#transfer-EIPs-intro) in the *Amazon Virtual Private Cloud User Guide* .", - "title": "TransferAddress", - "type": "string" + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the virtual private cloud (VPC) security group to be used with the replication instance. The VPC security group must work with the VPC containing the replication instance.", + "title": "VpcSecurityGroupIds", + "type": "array" } }, + "required": [ + "ReplicationInstanceClass" + ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::EIP" + "AWS::DMS::ReplicationInstance" ], "type": "string" }, @@ -70256,11 +75743,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::EC2::EIPAssociation": { + "AWS::DMS::ReplicationSubnetGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -70295,98 +75783,42 @@ "Properties": { "additionalProperties": false, "properties": { - "AllocationId": { - "markdownDescription": "The allocation ID. This is required.", - "title": "AllocationId", - "type": "string" - }, - "InstanceId": { - "markdownDescription": "The ID of the instance. The instance must have exactly one attached network interface. You can specify either the instance ID or the network interface ID, but not both.", - "title": "InstanceId", - "type": "string" - }, - "NetworkInterfaceId": { - "markdownDescription": "The ID of the network interface. If the instance has more than one network interface, you must specify a network interface ID.\n\nYou can specify either the instance ID or the network interface ID, but not both.", - "title": "NetworkInterfaceId", + "ReplicationSubnetGroupDescription": { + "markdownDescription": "The description for the subnet group.", + "title": "ReplicationSubnetGroupDescription", "type": "string" }, - "PrivateIpAddress": { - "markdownDescription": "The primary or secondary private IP address to associate with the Elastic IP address. If no private IP address is specified, the Elastic IP address is associated with the primary private IP address.", - "title": "PrivateIpAddress", - "type": "string" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::EC2::EIPAssociation" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::EC2::EgressOnlyInternetGateway": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + "ReplicationSubnetGroupIdentifier": { + "markdownDescription": "The identifier for the replication subnet group. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the identifier.", + "title": "ReplicationSubnetGroupIdentifier", "type": "string" }, - { + "SubnetIds": { "items": { - "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, + "markdownDescription": "One or more subnet IDs to be assigned to the subnet group.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "One or more tags to be assigned to the subnet group.", + "title": "Tags", "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "VpcId": { - "markdownDescription": "The ID of the VPC for which to create the egress-only internet gateway.", - "title": "VpcId", - "type": "string" } }, "required": [ - "VpcId" + "ReplicationSubnetGroupDescription", + "SubnetIds" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::EgressOnlyInternetGateway" + "AWS::DMS::ReplicationSubnetGroup" ], "type": "string" }, @@ -70405,7 +75837,7 @@ ], "type": "object" }, - "AWS::EC2::EnclaveCertificateIamRoleAssociation": { + "AWS::DMS::ReplicationTask": { "additionalProperties": false, "properties": { "Condition": { @@ -70440,26 +75872,87 @@ "Properties": { "additionalProperties": false, "properties": { - "CertificateArn": { - "markdownDescription": "The ARN of the ACM certificate with which to associate the IAM role.", - "title": "CertificateArn", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role to associate with the ACM certificate. You can associate up to 16 IAM roles with an ACM certificate.", - "title": "RoleArn", + "CdcStartPosition": { + "markdownDescription": "Indicates when you want a change data capture (CDC) operation to start. Use either `CdcStartPosition` or `CdcStartTime` to specify when you want a CDC operation to start. Specifying both values results in an error.\n\nThe value can be in date, checkpoint, log sequence number (LSN), or system change number (SCN) format.\n\nHere is a date example: `--cdc-start-position \"2018-03-08T12:12:12\"`\n\nHere is a checkpoint example: `--cdc-start-position \"checkpoint:V1#27#mysql-bin-changelog.157832:1975:-1:2002:677883278264080:mysql-bin-changelog.157832:1876#0#0#*#0#93\"`\n\nHere is an LSN example: `--cdc-start-position \u201cmysql-bin-changelog.000024:373\u201d`\n\n> When you use this task setting with a source PostgreSQL database, a logical replication slot should already be created and associated with the source endpoint. You can verify this by setting the `slotName` extra connection attribute to the name of this logical replication slot. For more information, see [Extra Connection Attributes When Using PostgreSQL as a Source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.PostgreSQL.html#CHAP_Source.PostgreSQL.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", + "title": "CdcStartPosition", + "type": "string" + }, + "CdcStartTime": { + "markdownDescription": "Indicates the start time for a change data capture (CDC) operation.", + "title": "CdcStartTime", + "type": "number" + }, + "CdcStopPosition": { + "markdownDescription": "Indicates when you want a change data capture (CDC) operation to stop. The value can be either server time or commit time.\n\nHere is a server time example: `--cdc-stop-position \"server_time:2018-02-09T12:12:12\"`\n\nHere is a commit time example: `--cdc-stop-position \"commit_time: 2018-02-09T12:12:12\"`", + "title": "CdcStopPosition", + "type": "string" + }, + "MigrationType": { + "markdownDescription": "The migration type. Valid values: `full-load` | `cdc` | `full-load-and-cdc`", + "title": "MigrationType", + "type": "string" + }, + "ReplicationInstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of a replication instance.", + "title": "ReplicationInstanceArn", + "type": "string" + }, + "ReplicationTaskIdentifier": { + "markdownDescription": "An identifier for the replication task.\n\nConstraints:\n\n- Must contain 1-255 alphanumeric characters or hyphens.\n- First character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.", + "title": "ReplicationTaskIdentifier", + "type": "string" + }, + "ReplicationTaskSettings": { + "markdownDescription": "Overall settings for the task, in JSON format. For more information, see [Specifying Task Settings for AWS Database Migration Service Tasks](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TaskSettings.html) in the *AWS Database Migration Service User Guide* .", + "title": "ReplicationTaskSettings", + "type": "string" + }, + "ResourceIdentifier": { + "markdownDescription": "A display name for the resource identifier at the end of the `EndpointArn` response parameter that is returned in the created `Endpoint` object. The value for this parameter can have up to 31 characters. It can contain only ASCII letters, digits, and hyphen ('-'). Also, it can't end with a hyphen or contain two consecutive hyphens, and can only begin with a letter, such as `Example-App-ARN1` .\n\nFor example, this value might result in the `EndpointArn` value `arn:aws:dms:eu-west-1:012345678901:rep:Example-App-ARN1` . If you don't specify a `ResourceIdentifier` value, AWS DMS generates a default identifier value for the end of `EndpointArn` .", + "title": "ResourceIdentifier", + "type": "string" + }, + "SourceEndpointArn": { + "markdownDescription": "An Amazon Resource Name (ARN) that uniquely identifies the source endpoint.", + "title": "SourceEndpointArn", + "type": "string" + }, + "TableMappings": { + "markdownDescription": "The table mappings for the task, in JSON format. For more information, see [Using Table Mapping to Specify Task Settings](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TableMapping.html) in the *AWS Database Migration Service User Guide* .", + "title": "TableMappings", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "One or more tags to be assigned to the replication task.", + "title": "Tags", + "type": "array" + }, + "TargetEndpointArn": { + "markdownDescription": "An Amazon Resource Name (ARN) that uniquely identifies the target endpoint.", + "title": "TargetEndpointArn", + "type": "string" + }, + "TaskData": { + "markdownDescription": "Supplemental information that the task requires to migrate the data for certain source and target endpoints. For more information, see [Specifying Supplemental Data for Task Settings](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.TaskData.html) in the *AWS Database Migration Service User Guide.*", + "title": "TaskData", "type": "string" } }, "required": [ - "CertificateArn", - "RoleArn" + "MigrationType", + "ReplicationInstanceArn", + "SourceEndpointArn", + "TableMappings", + "TargetEndpointArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::EnclaveCertificateIamRoleAssociation" + "AWS::DMS::ReplicationTask" ], "type": "string" }, @@ -70478,7 +75971,7 @@ ], "type": "object" }, - "AWS::EC2::FlowLog": { + "AWS::DSQL::Cluster": { "additionalProperties": false, "properties": { "Condition": { @@ -70513,79 +76006,35 @@ "Properties": { "additionalProperties": false, "properties": { - "DeliverCrossAccountRole": { - "markdownDescription": "The ARN of the IAM role that allows the service to publish flow logs across accounts.", - "title": "DeliverCrossAccountRole", - "type": "string" - }, - "DeliverLogsPermissionArn": { - "markdownDescription": "The ARN of the IAM role that allows Amazon EC2 to publish flow logs to the log destination.\n\nThis parameter is required if the destination type is `cloud-watch-logs` , or if the destination type is `kinesis-data-firehose` and the delivery stream and the resources to monitor are in different accounts.", - "title": "DeliverLogsPermissionArn", - "type": "string" - }, - "DestinationOptions": { - "$ref": "#/definitions/AWS::EC2::FlowLog.DestinationOptions", - "markdownDescription": "The destination options.", - "title": "DestinationOptions" - }, - "LogDestination": { - "markdownDescription": "The destination for the flow log data. The meaning of this parameter depends on the destination type.\n\n- If the destination type is `cloud-watch-logs` , specify the ARN of a CloudWatch Logs log group. For example:\n\narn:aws:logs: *region* : *account_id* :log-group: *my_group*\n\nAlternatively, use the `LogGroupName` parameter.\n- If the destination type is `s3` , specify the ARN of an S3 bucket. For example:\n\narn:aws:s3::: *my_bucket* / *my_subfolder* /\n\nThe subfolder is optional. Note that you can't use `AWSLogs` as a subfolder name.\n- If the destination type is `kinesis-data-firehose` , specify the ARN of a Kinesis Data Firehose delivery stream. For example:\n\narn:aws:firehose: *region* : *account_id* :deliverystream: *my_stream*", - "title": "LogDestination", - "type": "string" - }, - "LogDestinationType": { - "markdownDescription": "The type of destination for the flow log data.\n\nDefault: `cloud-watch-logs`", - "title": "LogDestinationType", - "type": "string" - }, - "LogFormat": { - "markdownDescription": "The fields to include in the flow log record, in the order in which they should appear. If you omit this parameter, the flow log is created using the default format. If you specify this parameter, you must include at least one field. For more information about the available fields, see [Flow log records](https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html#flow-log-records) in the *Amazon VPC User Guide* or [Transit Gateway Flow Log records](https://docs.aws.amazon.com/vpc/latest/tgw/tgw-flow-logs.html#flow-log-records) in the *AWS Transit Gateway Guide* .\n\nSpecify the fields using the `${field-id}` format, separated by spaces.", - "title": "LogFormat", - "type": "string" - }, - "LogGroupName": { - "markdownDescription": "The name of a new or existing CloudWatch Logs log group where Amazon EC2 publishes your flow logs.\n\nThis parameter is valid only if the destination type is `cloud-watch-logs` .", - "title": "LogGroupName", - "type": "string" - }, - "MaxAggregationInterval": { - "markdownDescription": "The maximum interval of time during which a flow of packets is captured and aggregated into a flow log record. The possible values are 60 seconds (1 minute) or 600 seconds (10 minutes). This parameter must be 60 seconds for transit gateway resource types.\n\nWhen a network interface is attached to a [Nitro-based instance](https://docs.aws.amazon.com/ec2/latest/instancetypes/ec2-nitro-instances.html) , the aggregation interval is always 60 seconds or less, regardless of the value that you specify.\n\nDefault: 600", - "title": "MaxAggregationInterval", - "type": "number" + "DeletionProtectionEnabled": { + "markdownDescription": "Whether deletion protection is enabled on this cluster.", + "title": "DeletionProtectionEnabled", + "type": "boolean" }, - "ResourceId": { - "markdownDescription": "The ID of the resource to monitor. For example, if the resource type is `VPC` , specify the ID of the VPC.", - "title": "ResourceId", + "KmsEncryptionKey": { + "markdownDescription": "", + "title": "KmsEncryptionKey", "type": "string" }, - "ResourceType": { - "markdownDescription": "The type of resource to monitor.", - "title": "ResourceType", - "type": "string" + "MultiRegionProperties": { + "$ref": "#/definitions/AWS::DSQL::Cluster.MultiRegionProperties", + "markdownDescription": "Defines the structure for multi-Region cluster configurations, containing the witness Region and peered cluster settings.", + "title": "MultiRegionProperties" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to apply to the flow logs.", + "markdownDescription": "A map of key and value pairs this cluster is tagged with.", "title": "Tags", "type": "array" - }, - "TrafficType": { - "markdownDescription": "The type of traffic to monitor (accepted traffic, rejected traffic, or all traffic). This parameter is not supported for transit gateway resource types. It is required for the other resource types.", - "title": "TrafficType", - "type": "string" } }, - "required": [ - "ResourceId", - "ResourceType" - ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::FlowLog" + "AWS::DSQL::Cluster" ], "type": "string" }, @@ -70599,38 +76048,51 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::EC2::FlowLog.DestinationOptions": { + "AWS::DSQL::Cluster.EncryptionDetails": { "additionalProperties": false, "properties": { - "FileFormat": { - "markdownDescription": "The format for the flow log. The default is `plain-text` .", - "title": "FileFormat", + "EncryptionStatus": { + "markdownDescription": "The status of encryption for the cluster.", + "title": "EncryptionStatus", "type": "string" }, - "HiveCompatiblePartitions": { - "markdownDescription": "Indicates whether to use Hive-compatible prefixes for flow logs stored in Amazon S3. The default is `false` .", - "title": "HiveCompatiblePartitions", - "type": "boolean" + "EncryptionType": { + "markdownDescription": "The type of encryption that protects the data on your cluster.", + "title": "EncryptionType", + "type": "string" }, - "PerHourPartition": { - "markdownDescription": "Indicates whether to partition the flow log per hour. This reduces the cost and response time for queries. The default is `false` .", - "title": "PerHourPartition", - "type": "boolean" + "KmsKeyArn": { + "markdownDescription": "The ARN of the AWS KMS key that encrypts data in the cluster.", + "title": "KmsKeyArn", + "type": "string" } }, - "required": [ - "FileFormat", - "HiveCompatiblePartitions", - "PerHourPartition" - ], "type": "object" }, - "AWS::EC2::GatewayRouteTableAssociation": { + "AWS::DSQL::Cluster.MultiRegionProperties": { + "additionalProperties": false, + "properties": { + "Clusters": { + "items": { + "type": "string" + }, + "markdownDescription": "The set of peered clusters that form the multi-Region cluster configuration. Each peered cluster represents a database instance in a different Region.", + "title": "Clusters", + "type": "array" + }, + "WitnessRegion": { + "markdownDescription": "The Region that serves as the witness Region for a multi-Region cluster. The witness Region helps maintain cluster consistency and quorum.", + "title": "WitnessRegion", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataBrew::Dataset": { "additionalProperties": false, "properties": { "Condition": { @@ -70665,26 +76127,54 @@ "Properties": { "additionalProperties": false, "properties": { - "GatewayId": { - "markdownDescription": "The ID of the gateway.", - "title": "GatewayId", + "Format": { + "markdownDescription": "The file format of a dataset that is created from an Amazon S3 file or folder.", + "title": "Format", "type": "string" }, - "RouteTableId": { - "markdownDescription": "The ID of the route table.", - "title": "RouteTableId", + "FormatOptions": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.FormatOptions", + "markdownDescription": "A set of options that define how DataBrew interprets the data in the dataset.", + "title": "FormatOptions" + }, + "Input": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.Input", + "markdownDescription": "Information on how DataBrew can find the dataset, in either the AWS Glue Data Catalog or Amazon S3 .", + "title": "Input" + }, + "Name": { + "markdownDescription": "The unique name of the dataset.", + "title": "Name", + "type": "string" + }, + "PathOptions": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.PathOptions", + "markdownDescription": "A set of options that defines how DataBrew interprets an Amazon S3 path of the dataset.", + "title": "PathOptions" + }, + "Source": { + "markdownDescription": "The location of the data for the dataset, either Amazon S3 or the AWS Glue Data Catalog .", + "title": "Source", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata tags that have been applied to the dataset.", + "title": "Tags", + "type": "array" } }, "required": [ - "GatewayId", - "RouteTableId" + "Input", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::GatewayRouteTableAssociation" + "AWS::DataBrew::Dataset" ], "type": "string" }, @@ -70703,289 +76193,368 @@ ], "type": "object" }, - "AWS::EC2::Host": { + "AWS::DataBrew::Dataset.CsvOptions": { "additionalProperties": false, "properties": { - "Condition": { + "Delimiter": { + "markdownDescription": "A single character that specifies the delimiter being used in the CSV file.", + "title": "Delimiter", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "HeaderRow": { + "markdownDescription": "A variable that specifies whether the first row in the file is parsed as the header. If this value is false, column names are auto-generated.", + "title": "HeaderRow", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::DataBrew::Dataset.DataCatalogInputDefinition": { + "additionalProperties": false, + "properties": { + "CatalogId": { + "markdownDescription": "The unique identifier of the AWS account that holds the Data Catalog that stores the data.", + "title": "CatalogId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "DatabaseName": { + "markdownDescription": "The name of a database in the Data Catalog.", + "title": "DatabaseName", + "type": "string" }, - "Metadata": { - "type": "object" + "TableName": { + "markdownDescription": "The name of a database table in the Data Catalog. This table corresponds to a DataBrew dataset.", + "title": "TableName", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AssetId": { - "markdownDescription": "The ID of the Outpost hardware asset on which the Dedicated Host is allocated.", - "title": "AssetId", - "type": "string" - }, - "AutoPlacement": { - "markdownDescription": "Indicates whether the host accepts any untargeted instance launches that match its instance type configuration, or if it only accepts Host tenancy instance launches that specify its unique host ID. For more information, see [Understanding auto-placement and affinity](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/how-dedicated-hosts-work.html#dedicated-hosts-understanding) in the *Amazon EC2 User Guide* .\n\nDefault: `off`", - "title": "AutoPlacement", - "type": "string" - }, - "AvailabilityZone": { - "markdownDescription": "The Availability Zone in which to allocate the Dedicated Host.", - "title": "AvailabilityZone", - "type": "string" - }, - "HostMaintenance": { - "markdownDescription": "Indicates whether host maintenance is enabled or disabled for the Dedicated Host.", - "title": "HostMaintenance", - "type": "string" - }, - "HostRecovery": { - "markdownDescription": "Indicates whether to enable or disable host recovery for the Dedicated Host. Host recovery is disabled by default. For more information, see [Host recovery](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-hosts-recovery.html) in the *Amazon EC2 User Guide* .\n\nDefault: `off`", - "title": "HostRecovery", - "type": "string" - }, - "InstanceFamily": { - "markdownDescription": "The instance family supported by the Dedicated Host. For example, `m5` .", - "title": "InstanceFamily", - "type": "string" - }, - "InstanceType": { - "markdownDescription": "Specifies the instance type to be supported by the Dedicated Hosts. If you specify an instance type, the Dedicated Hosts support instances of the specified instance type only.", - "title": "InstanceType", - "type": "string" - }, - "OutpostArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Outpost on which the Dedicated Host is allocated.", - "title": "OutpostArn", - "type": "string" - } - }, - "required": [ - "AvailabilityZone" - ], - "type": "object" + "TempDirectory": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.S3Location", + "markdownDescription": "An Amazon location that AWS Glue Data Catalog can use as a temporary directory.", + "title": "TempDirectory" + } + }, + "type": "object" + }, + "AWS::DataBrew::Dataset.DatabaseInputDefinition": { + "additionalProperties": false, + "properties": { + "DatabaseTableName": { + "markdownDescription": "The table within the target database.", + "title": "DatabaseTableName", + "type": "string" }, - "Type": { - "enum": [ - "AWS::EC2::Host" - ], + "GlueConnectionName": { + "markdownDescription": "The AWS Glue Connection that stores the connection information for the target database.", + "title": "GlueConnectionName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "QueryString": { + "markdownDescription": "Custom SQL to run against the provided AWS Glue connection. This SQL will be used as the input for DataBrew projects and jobs.", + "title": "QueryString", "type": "string" + }, + "TempDirectory": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.S3Location", + "markdownDescription": "An Amazon location that AWS Glue Data Catalog can use as a temporary directory.", + "title": "TempDirectory" } }, "required": [ - "Type", - "Properties" + "GlueConnectionName" ], "type": "object" }, - "AWS::EC2::IPAM": { + "AWS::DataBrew::Dataset.DatasetParameter": { "additionalProperties": false, "properties": { - "Condition": { + "CreateColumn": { + "markdownDescription": "Optional boolean value that defines whether the captured value of this parameter should be loaded as an additional column in the dataset.", + "title": "CreateColumn", + "type": "boolean" + }, + "DatetimeOptions": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.DatetimeOptions", + "markdownDescription": "Additional parameter options such as a format and a timezone. Required for datetime parameters.", + "title": "DatetimeOptions" + }, + "Filter": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.FilterExpression", + "markdownDescription": "The optional filter expression structure to apply additional matching criteria to the parameter.", + "title": "Filter" + }, + "Name": { + "markdownDescription": "The name of the parameter that is used in the dataset's Amazon S3 path.", + "title": "Name", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Type": { + "markdownDescription": "The type of the dataset parameter, can be one of a 'String', 'Number' or 'Datetime'.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Name", + "Type" + ], + "type": "object" + }, + "AWS::DataBrew::Dataset.DatetimeOptions": { + "additionalProperties": false, + "properties": { + "Format": { + "markdownDescription": "Required option, that defines the datetime format used for a date parameter in the Amazon S3 path. Should use only supported datetime specifiers and separation characters, all litera a-z or A-Z character should be escaped with single quotes. E.g. \"MM.dd.yyyy-'at'-HH:mm\".", + "title": "Format", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "LocaleCode": { + "markdownDescription": "Optional value for a non-US locale code, needed for correct interpretation of some date formats.", + "title": "LocaleCode", + "type": "string" }, - "Metadata": { - "type": "object" + "TimezoneOffset": { + "markdownDescription": "Optional value for a timezone offset of the datetime parameter value in the Amazon S3 path. Shouldn't be used if Format for this parameter includes timezone fields. If no offset specified, UTC is assumed.", + "title": "TimezoneOffset", + "type": "string" + } + }, + "required": [ + "Format" + ], + "type": "object" + }, + "AWS::DataBrew::Dataset.ExcelOptions": { + "additionalProperties": false, + "properties": { + "HeaderRow": { + "markdownDescription": "A variable that specifies whether the first row in the file is parsed as the header. If this value is false, column names are auto-generated.", + "title": "HeaderRow", + "type": "boolean" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The description for the IPAM.", - "title": "Description", - "type": "string" - }, - "OperatingRegions": { - "items": { - "$ref": "#/definitions/AWS::EC2::IPAM.IpamOperatingRegion" - }, - "markdownDescription": "The operating Regions for an IPAM. Operating Regions are AWS Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only discovers and monitors resources in the AWS Regions you select as operating Regions.\n\nFor more information about operating Regions, see [Create an IPAM](https://docs.aws.amazon.com//vpc/latest/ipam/create-ipam.html) in the *Amazon VPC IPAM User Guide* .", - "title": "OperatingRegions", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key `Owner` and the value `TeamA` , specify `tag:Owner` for the filter name and `TeamA` for the filter value.", - "title": "Tags", - "type": "array" - }, - "Tier": { - "markdownDescription": "IPAM is offered in a Free Tier and an Advanced Tier. For more information about the features available in each tier and the costs associated with the tiers, see the [VPC IPAM product pricing page](https://docs.aws.amazon.com//vpc/pricing/) .", - "title": "Tier", - "type": "string" - } + "SheetIndexes": { + "items": { + "type": "number" }, - "type": "object" + "markdownDescription": "One or more sheet numbers in the Excel file that will be included in the dataset.", + "title": "SheetIndexes", + "type": "array" }, - "Type": { - "enum": [ - "AWS::EC2::IPAM" - ], + "SheetNames": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more named sheets in the Excel file that will be included in the dataset.", + "title": "SheetNames", + "type": "array" + } + }, + "type": "object" + }, + "AWS::DataBrew::Dataset.FilesLimit": { + "additionalProperties": false, + "properties": { + "MaxFiles": { + "markdownDescription": "The number of Amazon S3 files to select.", + "title": "MaxFiles", + "type": "number" + }, + "Order": { + "markdownDescription": "A criteria to use for Amazon S3 files sorting before their selection. By default uses DESCENDING order, i.e. most recent files are selected first. Anotherpossible value is ASCENDING.", + "title": "Order", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "OrderedBy": { + "markdownDescription": "A criteria to use for Amazon S3 files sorting before their selection. By default uses LAST_MODIFIED_DATE as a sorting criteria. Currently it's the only allowed value.", + "title": "OrderedBy", "type": "string" } }, "required": [ - "Type" + "MaxFiles" ], "type": "object" }, - "AWS::EC2::IPAM.IpamOperatingRegion": { + "AWS::DataBrew::Dataset.FilterExpression": { "additionalProperties": false, "properties": { - "RegionName": { - "markdownDescription": "The name of the operating Region.", - "title": "RegionName", + "Expression": { + "markdownDescription": "The expression which includes condition names followed by substitution variables, possibly grouped and combined with other conditions. For example, \"(starts_with :prefix1 or starts_with :prefix2) and (ends_with :suffix1 or ends_with :suffix2)\". Substitution variables should start with ':' symbol.", + "title": "Expression", "type": "string" + }, + "ValuesMap": { + "items": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.FilterValue" + }, + "markdownDescription": "The map of substitution variable names to their values used in this filter expression.", + "title": "ValuesMap", + "type": "array" } }, "required": [ - "RegionName" + "Expression", + "ValuesMap" ], "type": "object" }, - "AWS::EC2::IPAMAllocation": { + "AWS::DataBrew::Dataset.FilterValue": { "additionalProperties": false, "properties": { - "Condition": { + "Value": { + "markdownDescription": "The value to be associated with the substitution variable.", + "title": "Value", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ValueReference": { + "markdownDescription": "The substitution variable reference.", + "title": "ValueReference", "type": "string" + } + }, + "required": [ + "Value", + "ValueReference" + ], + "type": "object" + }, + "AWS::DataBrew::Dataset.FormatOptions": { + "additionalProperties": false, + "properties": { + "Csv": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.CsvOptions", + "markdownDescription": "Options that define how CSV input is to be interpreted by DataBrew.", + "title": "Csv" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Excel": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.ExcelOptions", + "markdownDescription": "Options that define how Excel input is to be interpreted by DataBrew.", + "title": "Excel" + }, + "Json": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.JsonOptions", + "markdownDescription": "Options that define how JSON input is to be interpreted by DataBrew.", + "title": "Json" + } + }, + "type": "object" + }, + "AWS::DataBrew::Dataset.Input": { + "additionalProperties": false, + "properties": { + "DataCatalogInputDefinition": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.DataCatalogInputDefinition", + "markdownDescription": "The AWS Glue Data Catalog parameters for the data.", + "title": "DataCatalogInputDefinition" + }, + "DatabaseInputDefinition": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.DatabaseInputDefinition", + "markdownDescription": "Connection information for dataset input files stored in a database.", + "title": "DatabaseInputDefinition" }, "Metadata": { - "type": "object" + "$ref": "#/definitions/AWS::DataBrew::Dataset.Metadata", + "markdownDescription": "Contains additional resource information needed for specific datasets.", + "title": "Metadata" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Cidr": { - "markdownDescription": "The CIDR you would like to allocate from the IPAM pool. Note the following:\n\n- If there is no DefaultNetmaskLength allocation rule set on the pool, you must specify either the NetmaskLength or the CIDR.\n- If the DefaultNetmaskLength allocation rule is set on the pool, you can specify either the NetmaskLength or the CIDR and the DefaultNetmaskLength allocation rule will be ignored.\n\nPossible values: Any available IPv4 or IPv6 CIDR.", - "title": "Cidr", - "type": "string" - }, - "Description": { - "markdownDescription": "A description for the allocation.", - "title": "Description", - "type": "string" - }, - "IpamPoolId": { - "markdownDescription": "The ID of the IPAM pool from which you would like to allocate a CIDR.", - "title": "IpamPoolId", - "type": "string" - }, - "NetmaskLength": { - "markdownDescription": "The netmask length of the CIDR you would like to allocate from the IPAM pool. Note the following:\n\n- If there is no DefaultNetmaskLength allocation rule set on the pool, you must specify either the NetmaskLength or the CIDR.\n- If the DefaultNetmaskLength allocation rule is set on the pool, you can specify either the NetmaskLength or the CIDR and the DefaultNetmaskLength allocation rule will be ignored.\n\nPossible netmask lengths for IPv4 addresses are 0 - 32. Possible netmask lengths for IPv6 addresses are 0 - 128.", - "title": "NetmaskLength", - "type": "number" - } + "S3InputDefinition": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.S3Location", + "markdownDescription": "The Amazon S3 location where the data is stored.", + "title": "S3InputDefinition" + } + }, + "type": "object" + }, + "AWS::DataBrew::Dataset.JsonOptions": { + "additionalProperties": false, + "properties": { + "MultiLine": { + "markdownDescription": "A value that specifies whether JSON input contains embedded new line characters.", + "title": "MultiLine", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::DataBrew::Dataset.Metadata": { + "additionalProperties": false, + "properties": { + "SourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) associated with the dataset. Currently, DataBrew only supports ARNs from Amazon AppFlow.", + "title": "SourceArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataBrew::Dataset.PathOptions": { + "additionalProperties": false, + "properties": { + "FilesLimit": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.FilesLimit", + "markdownDescription": "If provided, this structure imposes a limit on a number of files that should be selected.", + "title": "FilesLimit" + }, + "LastModifiedDateCondition": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.FilterExpression", + "markdownDescription": "If provided, this structure defines a date range for matching Amazon S3 objects based on their LastModifiedDate attribute in Amazon S3 .", + "title": "LastModifiedDateCondition" + }, + "Parameters": { + "items": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.PathParameter" }, - "required": [ - "IpamPoolId" - ], - "type": "object" + "markdownDescription": "A structure that maps names of parameters used in the Amazon S3 path of a dataset to their definitions.", + "title": "Parameters", + "type": "array" + } + }, + "type": "object" + }, + "AWS::DataBrew::Dataset.PathParameter": { + "additionalProperties": false, + "properties": { + "DatasetParameter": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.DatasetParameter", + "markdownDescription": "The path parameter definition.", + "title": "DatasetParameter" }, - "Type": { - "enum": [ - "AWS::EC2::IPAMAllocation" - ], + "PathParameterName": { + "markdownDescription": "The name of the path parameter.", + "title": "PathParameterName", + "type": "string" + } + }, + "required": [ + "DatasetParameter", + "PathParameterName" + ], + "type": "object" + }, + "AWS::DataBrew::Dataset.S3Location": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The Amazon S3 bucket name.", + "title": "Bucket", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "BucketOwner": { + "markdownDescription": "The AWS account ID of the bucket owner.", + "title": "BucketOwner", + "type": "string" + }, + "Key": { + "markdownDescription": "The unique name of the object in the bucket.", + "title": "Key", "type": "string" } }, "required": [ - "Type", - "Properties" + "Bucket" ], "type": "object" }, - "AWS::EC2::IPAMPool": { + "AWS::DataBrew::Job": { "additionalProperties": false, "properties": { "Condition": { @@ -71020,105 +76589,132 @@ "Properties": { "additionalProperties": false, "properties": { - "AddressFamily": { - "markdownDescription": "The address family of the pool.", - "title": "AddressFamily", - "type": "string" - }, - "AllocationDefaultNetmaskLength": { - "markdownDescription": "The default netmask length for allocations added to this pool. If, for example, the CIDR assigned to this pool is 10.0.0.0/8 and you enter 16 here, new allocations will default to 10.0.0.0/16.", - "title": "AllocationDefaultNetmaskLength", - "type": "number" - }, - "AllocationMaxNetmaskLength": { - "markdownDescription": "The maximum netmask length possible for CIDR allocations in this IPAM pool to be compliant. The maximum netmask length must be greater than the minimum netmask length. Possible netmask lengths for IPv4 addresses are 0 - 32. Possible netmask lengths for IPv6 addresses are 0 - 128.", - "title": "AllocationMaxNetmaskLength", - "type": "number" - }, - "AllocationMinNetmaskLength": { - "markdownDescription": "The minimum netmask length required for CIDR allocations in this IPAM pool to be compliant. The minimum netmask length must be less than the maximum netmask length. Possible netmask lengths for IPv4 addresses are 0 - 32. Possible netmask lengths for IPv6 addresses are 0 - 128.", - "title": "AllocationMinNetmaskLength", - "type": "number" + "DataCatalogOutputs": { + "items": { + "$ref": "#/definitions/AWS::DataBrew::Job.DataCatalogOutput" + }, + "markdownDescription": "One or more artifacts that represent the AWS Glue Data Catalog output from running the job.", + "title": "DataCatalogOutputs", + "type": "array" }, - "AllocationResourceTags": { + "DatabaseOutputs": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::DataBrew::Job.DatabaseOutput" }, - "markdownDescription": "Tags that are required for resources that use CIDRs from this IPAM pool. Resources that do not have these tags will not be allowed to allocate space from the pool. If the resources have their tags changed after they have allocated space or if the allocation tagging requirements are changed on the pool, the resource may be marked as noncompliant.", - "title": "AllocationResourceTags", + "markdownDescription": "Represents a list of JDBC database output objects which defines the output destination for a DataBrew recipe job to write into.", + "title": "DatabaseOutputs", "type": "array" }, - "AutoImport": { - "markdownDescription": "If selected, IPAM will continuously look for resources within the CIDR range of this pool and automatically import them as allocations into your IPAM. The CIDRs that will be allocated for these resources must not already be allocated to other resources in order for the import to succeed. IPAM will import a CIDR regardless of its compliance with the pool's allocation rules, so a resource might be imported and subsequently marked as noncompliant. If IPAM discovers multiple CIDRs that overlap, IPAM will import the largest CIDR only. If IPAM discovers multiple CIDRs with matching CIDRs, IPAM will randomly import one of them only.\n\nA locale must be set on the pool for this feature to work.", - "title": "AutoImport", - "type": "boolean" + "DatasetName": { + "markdownDescription": "A dataset that the job is to process.", + "title": "DatasetName", + "type": "string" }, - "AwsService": { - "markdownDescription": "Limits which service in AWS that the pool can be used in. \"ec2\", for example, allows users to use space for Elastic IP addresses and VPCs.", - "title": "AwsService", + "EncryptionKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an encryption key that is used to protect the job output. For more information, see [Encrypting data written by DataBrew jobs](https://docs.aws.amazon.com/databrew/latest/dg/encryption-security-configuration.html)", + "title": "EncryptionKeyArn", "type": "string" }, - "Description": { - "markdownDescription": "The description of the IPAM pool.", - "title": "Description", + "EncryptionMode": { + "markdownDescription": "The encryption mode for the job, which can be one of the following:\n\n- `SSE-KMS` - Server-side encryption with keys managed by AWS KMS .\n- `SSE-S3` - Server-side encryption with keys managed by Amazon S3.", + "title": "EncryptionMode", "type": "string" }, - "IpamScopeId": { - "markdownDescription": "The ID of the scope in which you would like to create the IPAM pool.", - "title": "IpamScopeId", + "JobSample": { + "$ref": "#/definitions/AWS::DataBrew::Job.JobSample", + "markdownDescription": "A sample configuration for profile jobs only, which determines the number of rows on which the profile job is run. If a `JobSample` value isn't provided, the default value is used. The default value is CUSTOM_ROWS for the mode parameter and 20,000 for the size parameter.", + "title": "JobSample" + }, + "LogSubscription": { + "markdownDescription": "The current status of Amazon CloudWatch logging for the job.", + "title": "LogSubscription", "type": "string" }, - "Locale": { - "markdownDescription": "The locale of the IPAM pool.\n\nThe locale for the pool should be one of the following:\n\n- An AWS Region where you want this IPAM pool to be available for allocations.\n- The network border group for an AWS Local Zone where you want this IPAM pool to be available for allocations ( [supported Local Zones](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-byoip.html#byoip-zone-avail) ). This option is only available for IPAM IPv4 pools in the public scope.\n\nIf you choose an AWS Region for locale that has not been configured as an operating Region for the IPAM, you'll get an error.", - "title": "Locale", + "MaxCapacity": { + "markdownDescription": "The maximum number of nodes that can be consumed when the job processes data.", + "title": "MaxCapacity", + "type": "number" + }, + "MaxRetries": { + "markdownDescription": "The maximum number of times to retry the job after a job run fails.", + "title": "MaxRetries", + "type": "number" + }, + "Name": { + "markdownDescription": "The unique name of the job.", + "title": "Name", "type": "string" }, - "ProvisionedCidrs": { + "OutputLocation": { + "$ref": "#/definitions/AWS::DataBrew::Job.OutputLocation", + "markdownDescription": "The location in Amazon S3 where the job writes its output.", + "title": "OutputLocation" + }, + "Outputs": { "items": { - "$ref": "#/definitions/AWS::EC2::IPAMPool.ProvisionedCidr" + "$ref": "#/definitions/AWS::DataBrew::Job.Output" }, - "markdownDescription": "Information about the CIDRs provisioned to an IPAM pool.", - "title": "ProvisionedCidrs", + "markdownDescription": "One or more artifacts that represent output from running the job.", + "title": "Outputs", "type": "array" }, - "PublicIpSource": { - "markdownDescription": "The IP address source for pools in the public scope. Only used for provisioning IP address CIDRs to pools in the public scope. Default is `BYOIP` . For more information, see [Create IPv6 pools](https://docs.aws.amazon.com//vpc/latest/ipam/intro-create-ipv6-pools.html) in the *Amazon VPC IPAM User Guide* . By default, you can add only one Amazon-provided IPv6 CIDR block to a top-level IPv6 pool. For information on increasing the default limit, see [Quotas for your IPAM](https://docs.aws.amazon.com//vpc/latest/ipam/quotas-ipam.html) in the *Amazon VPC IPAM User Guide* .", - "title": "PublicIpSource", + "ProfileConfiguration": { + "$ref": "#/definitions/AWS::DataBrew::Job.ProfileConfiguration", + "markdownDescription": "Configuration for profile jobs. Configuration can be used to select columns, do evaluations, and override default parameters of evaluations. When configuration is undefined, the profile job will apply default settings to all supported columns.", + "title": "ProfileConfiguration" + }, + "ProjectName": { + "markdownDescription": "The name of the project that the job is associated with.", + "title": "ProjectName", "type": "string" }, - "PubliclyAdvertisable": { - "markdownDescription": "Determines if a pool is publicly advertisable. This option is not available for pools with AddressFamily set to `ipv4` .", - "title": "PubliclyAdvertisable", - "type": "boolean" + "Recipe": { + "$ref": "#/definitions/AWS::DataBrew::Job.Recipe", + "markdownDescription": "A series of data transformation steps that the job runs.", + "title": "Recipe" }, - "SourceIpamPoolId": { - "markdownDescription": "The ID of the source IPAM pool. You can use this option to create an IPAM pool within an existing source pool.", - "title": "SourceIpamPoolId", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role to be assumed for this job.", + "title": "RoleArn", "type": "string" }, - "SourceResource": { - "$ref": "#/definitions/AWS::EC2::IPAMPool.SourceResource", - "markdownDescription": "The resource used to provision CIDRs to a resource planning pool.", - "title": "SourceResource" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key `Owner` and the value `TeamA` , specify `tag:Owner` for the filter name and `TeamA` for the filter value.", + "markdownDescription": "Metadata tags that have been applied to the job.", "title": "Tags", "type": "array" + }, + "Timeout": { + "markdownDescription": "The job's timeout in minutes. A job that attempts to run longer than this timeout period ends with a status of `TIMEOUT` .", + "title": "Timeout", + "type": "number" + }, + "Type": { + "markdownDescription": "The job type of the job, which must be one of the following:\n\n- `PROFILE` - A job to analyze a dataset, to determine its size, data types, data distribution, and more.\n- `RECIPE` - A job to apply one or more transformations to a dataset.", + "title": "Type", + "type": "string" + }, + "ValidationConfigurations": { + "items": { + "$ref": "#/definitions/AWS::DataBrew::Job.ValidationConfiguration" + }, + "markdownDescription": "List of validation configurations that are applied to the profile job.", + "title": "ValidationConfigurations", + "type": "array" } }, "required": [ - "AddressFamily", - "IpamScopeId" + "Name", + "RoleArn", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::IPAMPool" + "AWS::DataBrew::Job" ], "type": "string" }, @@ -71137,304 +76733,433 @@ ], "type": "object" }, - "AWS::EC2::IPAMPool.ProvisionedCidr": { + "AWS::DataBrew::Job.AllowedStatistics": { "additionalProperties": false, "properties": { - "Cidr": { - "markdownDescription": "The CIDR provisioned to the IPAM pool. A CIDR is a representation of an IP address and its associated network mask (or netmask) and refers to a range of IP addresses. An IPv4 CIDR example is `10.24.34.0/23` . An IPv6 CIDR example is `2001:DB8::/32` .", - "title": "Cidr", - "type": "string" + "Statistics": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more column statistics to allow for columns that contain detected entities.", + "title": "Statistics", + "type": "array" } }, "required": [ - "Cidr" + "Statistics" ], "type": "object" }, - "AWS::EC2::IPAMPool.SourceResource": { + "AWS::DataBrew::Job.ColumnSelector": { "additionalProperties": false, "properties": { - "ResourceId": { - "markdownDescription": "The source resource ID.", - "title": "ResourceId", - "type": "string" - }, - "ResourceOwner": { - "markdownDescription": "The source resource owner.", - "title": "ResourceOwner", - "type": "string" - }, - "ResourceRegion": { - "markdownDescription": "The source resource Region.", - "title": "ResourceRegion", + "Name": { + "markdownDescription": "The name of a column from a dataset.", + "title": "Name", "type": "string" }, - "ResourceType": { - "markdownDescription": "The source resource type.", - "title": "ResourceType", + "Regex": { + "markdownDescription": "A regular expression for selecting a column from a dataset.", + "title": "Regex", "type": "string" } }, - "required": [ - "ResourceId", - "ResourceOwner", - "ResourceRegion", - "ResourceType" - ], "type": "object" }, - "AWS::EC2::IPAMPoolCidr": { + "AWS::DataBrew::Job.ColumnStatisticsConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Cidr": { - "markdownDescription": "The CIDR provisioned to the IPAM pool. A CIDR is a representation of an IP address and its associated network mask (or netmask) and refers to a range of IP addresses. An IPv4 CIDR example is `10.24.34.0/23` . An IPv6 CIDR example is `2001:DB8::/32` .", - "title": "Cidr", - "type": "string" - }, - "IpamPoolId": { - "markdownDescription": "The ID of the IPAM pool.", - "title": "IpamPoolId", - "type": "string" - }, - "NetmaskLength": { - "markdownDescription": "The netmask length of the CIDR you'd like to provision to a pool. Can be used for provisioning Amazon-provided IPv6 CIDRs to top-level pools and for provisioning CIDRs to pools with source pools. Cannot be used to provision BYOIP CIDRs to top-level pools. \"NetmaskLength\" or \"Cidr\" is required.", - "title": "NetmaskLength", - "type": "number" - } + "Selectors": { + "items": { + "$ref": "#/definitions/AWS::DataBrew::Job.ColumnSelector" }, - "required": [ - "IpamPoolId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::EC2::IPAMPoolCidr" - ], - "type": "string" + "markdownDescription": "List of column selectors. Selectors can be used to select columns from the dataset. When selectors are undefined, configuration will be applied to all supported columns.", + "title": "Selectors", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Statistics": { + "$ref": "#/definitions/AWS::DataBrew::Job.StatisticsConfiguration", + "markdownDescription": "Configuration for evaluations. Statistics can be used to select evaluations and override parameters of evaluations.", + "title": "Statistics" } }, "required": [ - "Type", - "Properties" + "Statistics" ], "type": "object" }, - "AWS::EC2::IPAMResourceDiscovery": { + "AWS::DataBrew::Job.CsvOutputOptions": { "additionalProperties": false, "properties": { - "Condition": { + "Delimiter": { + "markdownDescription": "A single character that specifies the delimiter used to create CSV job output.", + "title": "Delimiter", "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + } + }, + "type": "object" + }, + "AWS::DataBrew::Job.DataCatalogOutput": { + "additionalProperties": false, + "properties": { + "CatalogId": { + "markdownDescription": "The unique identifier of the AWS account that holds the Data Catalog that stores the data.", + "title": "CatalogId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "DatabaseName": { + "markdownDescription": "The name of a database in the Data Catalog.", + "title": "DatabaseName", + "type": "string" }, - "Metadata": { - "type": "object" + "DatabaseOptions": { + "$ref": "#/definitions/AWS::DataBrew::Job.DatabaseTableOutputOptions", + "markdownDescription": "Represents options that specify how and where DataBrew writes the database output generated by recipe jobs.", + "title": "DatabaseOptions" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The resource discovery description.", - "title": "Description", - "type": "string" - }, - "OperatingRegions": { - "items": { - "$ref": "#/definitions/AWS::EC2::IPAMResourceDiscovery.IpamOperatingRegion" - }, - "markdownDescription": "The operating Regions for the resource discovery. Operating Regions are AWS Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only discovers and monitors resources in the AWS Regions you select as operating Regions.", - "title": "OperatingRegions", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A tag is a label that you assign to an AWS resource. Each tag consists of a key and an optional value. You can use tags to search and filter your resources or track your AWS costs.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" + "Overwrite": { + "markdownDescription": "A value that, if true, means that any data in the location specified for output is overwritten with new output. Not supported with DatabaseOptions.", + "title": "Overwrite", + "type": "boolean" }, - "Type": { - "enum": [ - "AWS::EC2::IPAMResourceDiscovery" - ], + "S3Options": { + "$ref": "#/definitions/AWS::DataBrew::Job.S3TableOutputOptions", + "markdownDescription": "Represents options that specify how and where DataBrew writes the Amazon S3 output generated by recipe jobs.", + "title": "S3Options" + }, + "TableName": { + "markdownDescription": "The name of a table in the Data Catalog.", + "title": "TableName", "type": "string" + } + }, + "required": [ + "DatabaseName", + "TableName" + ], + "type": "object" + }, + "AWS::DataBrew::Job.DatabaseOutput": { + "additionalProperties": false, + "properties": { + "DatabaseOptions": { + "$ref": "#/definitions/AWS::DataBrew::Job.DatabaseTableOutputOptions", + "markdownDescription": "Represents options that specify how and where DataBrew writes the database output generated by recipe jobs.", + "title": "DatabaseOptions" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DatabaseOutputMode": { + "markdownDescription": "The output mode to write into the database. Currently supported option: NEW_TABLE.", + "title": "DatabaseOutputMode", + "type": "string" + }, + "GlueConnectionName": { + "markdownDescription": "The AWS Glue connection that stores the connection information for the target database.", + "title": "GlueConnectionName", "type": "string" } }, "required": [ - "Type" + "DatabaseOptions", + "GlueConnectionName" ], "type": "object" }, - "AWS::EC2::IPAMResourceDiscovery.IpamOperatingRegion": { + "AWS::DataBrew::Job.DatabaseTableOutputOptions": { "additionalProperties": false, "properties": { - "RegionName": { - "markdownDescription": "The name of the operating Region.", - "title": "RegionName", + "TableName": { + "markdownDescription": "A prefix for the name of a table DataBrew will create in the database.", + "title": "TableName", "type": "string" + }, + "TempDirectory": { + "$ref": "#/definitions/AWS::DataBrew::Job.S3Location", + "markdownDescription": "Represents an Amazon S3 location (bucket name and object key) where DataBrew can store intermediate results.", + "title": "TempDirectory" } }, "required": [ - "RegionName" + "TableName" ], "type": "object" }, - "AWS::EC2::IPAMResourceDiscoveryAssociation": { + "AWS::DataBrew::Job.EntityDetectorConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "AllowedStatistics": { + "$ref": "#/definitions/AWS::DataBrew::Job.AllowedStatistics", + "markdownDescription": "Configuration of statistics that are allowed to be run on columns that contain detected entities. When undefined, no statistics will be computed on columns that contain detected entities.", + "title": "AllowedStatistics" + }, + "EntityTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "Entity types to detect. Can be any of the following:\n\n- USA_SSN\n- EMAIL\n- USA_ITIN\n- USA_PASSPORT_NUMBER\n- PHONE_NUMBER\n- USA_DRIVING_LICENSE\n- BANK_ACCOUNT\n- CREDIT_CARD\n- IP_ADDRESS\n- MAC_ADDRESS\n- USA_DEA_NUMBER\n- USA_HCPCS_CODE\n- USA_NATIONAL_PROVIDER_IDENTIFIER\n- USA_NATIONAL_DRUG_CODE\n- USA_HEALTH_INSURANCE_CLAIM_NUMBER\n- USA_MEDICARE_BENEFICIARY_IDENTIFIER\n- USA_CPT_CODE\n- PERSON_NAME\n- DATE\n\nThe Entity type group USA_ALL is also supported, and includes all of the above entity types except PERSON_NAME and DATE.", + "title": "EntityTypes", + "type": "array" + } + }, + "required": [ + "EntityTypes" + ], + "type": "object" + }, + "AWS::DataBrew::Job.JobSample": { + "additionalProperties": false, + "properties": { + "Mode": { + "markdownDescription": "A value that determines whether the profile job is run on the entire dataset or a specified number of rows. This value must be one of the following:\n\n- FULL_DATASET - The profile job is run on the entire dataset.\n- CUSTOM_ROWS - The profile job is run on the number of rows specified in the `Size` parameter.", + "title": "Mode", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Size": { + "markdownDescription": "The `Size` parameter is only required when the mode is CUSTOM_ROWS. The profile job is run on the specified number of rows. The maximum value for size is Long.MAX_VALUE.\n\nLong.MAX_VALUE = 9223372036854775807", + "title": "Size", + "type": "number" + } + }, + "type": "object" + }, + "AWS::DataBrew::Job.Output": { + "additionalProperties": false, + "properties": { + "CompressionFormat": { + "markdownDescription": "The compression algorithm used to compress the output text of the job.", + "title": "CompressionFormat", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Format": { + "markdownDescription": "The data format of the output of the job.", + "title": "Format", + "type": "string" }, - "Metadata": { - "type": "object" + "FormatOptions": { + "$ref": "#/definitions/AWS::DataBrew::Job.OutputFormatOptions", + "markdownDescription": "Represents options that define how DataBrew formats job output files.", + "title": "FormatOptions" }, - "Properties": { - "additionalProperties": false, - "properties": { - "IpamId": { - "markdownDescription": "The IPAM ID.", - "title": "IpamId", - "type": "string" - }, - "IpamResourceDiscoveryId": { - "markdownDescription": "The resource discovery ID.", - "title": "IpamResourceDiscoveryId", + "Location": { + "$ref": "#/definitions/AWS::DataBrew::Job.S3Location", + "markdownDescription": "The location in Amazon S3 where the job writes its output.", + "title": "Location" + }, + "MaxOutputFiles": { + "markdownDescription": "The maximum number of files to be generated by the job and written to the output folder.", + "title": "MaxOutputFiles", + "type": "number" + }, + "Overwrite": { + "markdownDescription": "A value that, if true, means that any data in the location specified for output is overwritten with new output.", + "title": "Overwrite", + "type": "boolean" + }, + "PartitionColumns": { + "items": { + "type": "string" + }, + "markdownDescription": "The names of one or more partition columns for the output of the job.", + "title": "PartitionColumns", + "type": "array" + } + }, + "required": [ + "Location" + ], + "type": "object" + }, + "AWS::DataBrew::Job.OutputFormatOptions": { + "additionalProperties": false, + "properties": { + "Csv": { + "$ref": "#/definitions/AWS::DataBrew::Job.CsvOutputOptions", + "markdownDescription": "Represents a set of options that define the structure of comma-separated value (CSV) job output.", + "title": "Csv" + } + }, + "type": "object" + }, + "AWS::DataBrew::Job.OutputLocation": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The Amazon S3 bucket name.", + "title": "Bucket", + "type": "string" + }, + "BucketOwner": { + "markdownDescription": "", + "title": "BucketOwner", + "type": "string" + }, + "Key": { + "markdownDescription": "The unique name of the object in the bucket.", + "title": "Key", + "type": "string" + } + }, + "required": [ + "Bucket" + ], + "type": "object" + }, + "AWS::DataBrew::Job.ProfileConfiguration": { + "additionalProperties": false, + "properties": { + "ColumnStatisticsConfigurations": { + "items": { + "$ref": "#/definitions/AWS::DataBrew::Job.ColumnStatisticsConfiguration" + }, + "markdownDescription": "List of configurations for column evaluations. ColumnStatisticsConfigurations are used to select evaluations and override parameters of evaluations for particular columns. When ColumnStatisticsConfigurations is undefined, the profile job will profile all supported columns and run all supported evaluations.", + "title": "ColumnStatisticsConfigurations", + "type": "array" + }, + "DatasetStatisticsConfiguration": { + "$ref": "#/definitions/AWS::DataBrew::Job.StatisticsConfiguration", + "markdownDescription": "Configuration for inter-column evaluations. Configuration can be used to select evaluations and override parameters of evaluations. When configuration is undefined, the profile job will run all supported inter-column evaluations.", + "title": "DatasetStatisticsConfiguration" + }, + "EntityDetectorConfiguration": { + "$ref": "#/definitions/AWS::DataBrew::Job.EntityDetectorConfiguration", + "markdownDescription": "Configuration of entity detection for a profile job. When undefined, entity detection is disabled.", + "title": "EntityDetectorConfiguration" + }, + "ProfileColumns": { + "items": { + "$ref": "#/definitions/AWS::DataBrew::Job.ColumnSelector" + }, + "markdownDescription": "List of column selectors. ProfileColumns can be used to select columns from the dataset. When ProfileColumns is undefined, the profile job will profile all supported columns.", + "title": "ProfileColumns", + "type": "array" + } + }, + "type": "object" + }, + "AWS::DataBrew::Job.Recipe": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The unique name for the recipe.", + "title": "Name", + "type": "string" + }, + "Version": { + "markdownDescription": "The identifier for the version for the recipe.", + "title": "Version", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::DataBrew::Job.S3Location": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The Amazon S3 bucket name.", + "title": "Bucket", + "type": "string" + }, + "BucketOwner": { + "markdownDescription": "The AWS account ID of the bucket owner.", + "title": "BucketOwner", + "type": "string" + }, + "Key": { + "markdownDescription": "The unique name of the object in the bucket.", + "title": "Key", + "type": "string" + } + }, + "required": [ + "Bucket" + ], + "type": "object" + }, + "AWS::DataBrew::Job.S3TableOutputOptions": { + "additionalProperties": false, + "properties": { + "Location": { + "$ref": "#/definitions/AWS::DataBrew::Job.S3Location", + "markdownDescription": "Represents an Amazon S3 location (bucket name and object key) where DataBrew can write output from a job.", + "title": "Location" + } + }, + "required": [ + "Location" + ], + "type": "object" + }, + "AWS::DataBrew::Job.StatisticOverride": { + "additionalProperties": false, + "properties": { + "Parameters": { + "additionalProperties": true, + "markdownDescription": "A map that includes overrides of an evaluation\u2019s parameters.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A tag is a label that you assign to an AWS resource. Each tag consists of a key and an optional value. You can use tags to search and filter your resources or track your AWS costs.", - "title": "Tags", - "type": "array" } }, - "required": [ - "IpamId", - "IpamResourceDiscoveryId" - ], + "title": "Parameters", "type": "object" }, - "Type": { - "enum": [ - "AWS::EC2::IPAMResourceDiscoveryAssociation" - ], + "Statistic": { + "markdownDescription": "The name of an evaluation", + "title": "Statistic", "type": "string" + } + }, + "required": [ + "Parameters", + "Statistic" + ], + "type": "object" + }, + "AWS::DataBrew::Job.StatisticsConfiguration": { + "additionalProperties": false, + "properties": { + "IncludedStatistics": { + "items": { + "type": "string" + }, + "markdownDescription": "List of included evaluations. When the list is undefined, all supported evaluations will be included.", + "title": "IncludedStatistics", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Overrides": { + "items": { + "$ref": "#/definitions/AWS::DataBrew::Job.StatisticOverride" + }, + "markdownDescription": "List of overrides for evaluations.", + "title": "Overrides", + "type": "array" + } + }, + "type": "object" + }, + "AWS::DataBrew::Job.ValidationConfiguration": { + "additionalProperties": false, + "properties": { + "RulesetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the ruleset to be validated in the profile job. The TargetArn of the selected ruleset should be the same as the Amazon Resource Name (ARN) of the dataset that is associated with the profile job.", + "title": "RulesetArn", + "type": "string" + }, + "ValidationMode": { + "markdownDescription": "Mode of data quality validation. Default mode is \u201cCHECK_ALL\u201d which verifies all rules defined in the selected ruleset.", + "title": "ValidationMode", "type": "string" } }, "required": [ - "Type", - "Properties" + "RulesetArn" ], "type": "object" }, - "AWS::EC2::IPAMScope": { + "AWS::DataBrew::Project": { "additionalProperties": false, "properties": { "Condition": { @@ -71469,33 +77194,51 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the scope.", - "title": "Description", + "DatasetName": { + "markdownDescription": "The dataset that the project is to act upon.", + "title": "DatasetName", "type": "string" }, - "IpamId": { - "markdownDescription": "The ID of the IPAM for which you're creating this scope.", - "title": "IpamId", + "Name": { + "markdownDescription": "The unique name of a project.", + "title": "Name", + "type": "string" + }, + "RecipeName": { + "markdownDescription": "The name of a recipe that will be developed during a project session.", + "title": "RecipeName", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role that will be assumed for this project.", + "title": "RoleArn", "type": "string" }, + "Sample": { + "$ref": "#/definitions/AWS::DataBrew::Project.Sample", + "markdownDescription": "The sample size and sampling type to apply to the data. If this parameter isn't specified, then the sample consists of the first 500 rows from the dataset.", + "title": "Sample" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key `Owner` and the value `TeamA` , specify `tag:Owner` for the filter name and `TeamA` for the filter value.", + "markdownDescription": "Metadata tags that have been applied to the project.", "title": "Tags", "type": "array" } }, "required": [ - "IpamId" + "DatasetName", + "Name", + "RecipeName", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::IPAMScope" + "AWS::DataBrew::Project" ], "type": "string" }, @@ -71514,15 +77257,31 @@ ], "type": "object" }, - "AWS::EC2::Instance": { + "AWS::DataBrew::Project.Sample": { + "additionalProperties": false, + "properties": { + "Size": { + "markdownDescription": "The number of rows in the sample.", + "title": "Size", + "type": "number" + }, + "Type": { + "markdownDescription": "The way in which DataBrew obtains rows from a dataset.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::DataBrew::Recipe": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, - "CreationPolicy": { - "type": "object" - }, "DeletionPolicy": { "enum": [ "Delete", @@ -71552,245 +77311,42 @@ "Properties": { "additionalProperties": false, "properties": { - "AdditionalInfo": { - "markdownDescription": "This property is reserved for internal use. If you use it, the stack fails with this error: `Bad property set: [Testing this property] (Service: AmazonEC2; Status Code: 400; Error Code: InvalidParameterCombination; Request ID: 0XXXXXX-49c7-4b40-8bcc-76885dcXXXXX)` .", - "title": "AdditionalInfo", - "type": "string" - }, - "Affinity": { - "markdownDescription": "Indicates whether the instance is associated with a dedicated host. If you want the instance to always restart on the same host on which it was launched, specify `host` . If you want the instance to restart on any available host, but try to launch onto the last host it ran on (on a best-effort basis), specify `default` .", - "title": "Affinity", - "type": "string" - }, - "AvailabilityZone": { - "markdownDescription": "The Availability Zone of the instance.\n\nIf not specified, an Availability Zone will be automatically chosen for you based on the load balancing criteria for the Region.\n\nThis parameter is not supported by [DescribeImageAttribute](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeImageAttribute.html) .", - "title": "AvailabilityZone", - "type": "string" - }, - "BlockDeviceMappings": { - "items": { - "$ref": "#/definitions/AWS::EC2::Instance.BlockDeviceMapping" - }, - "markdownDescription": "The block device mapping entries that defines the block devices to attach to the instance at launch.\n\nBy default, the block devices specified in the block device mapping for the AMI are used. You can override the AMI block device mapping using the instance block device mapping. For the root volume, you can override only the volume size, volume type, volume encryption settings, and the `DeleteOnTermination` setting.\n\n> After the instance is running, you can modify only the `DeleteOnTermination` parameter for the attached volumes without interrupting the instance. Modifying any other parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "BlockDeviceMappings", - "type": "array" - }, - "CpuOptions": { - "$ref": "#/definitions/AWS::EC2::Instance.CpuOptions", - "markdownDescription": "The CPU options for the instance. For more information, see [Optimize CPU options](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html) in the *Amazon Elastic Compute Cloud User Guide* .", - "title": "CpuOptions" - }, - "CreditSpecification": { - "$ref": "#/definitions/AWS::EC2::Instance.CreditSpecification", - "markdownDescription": "The credit option for CPU usage of the burstable performance instance. Valid values are `standard` and `unlimited` . To change this attribute after launch, use [ModifyInstanceCreditSpecification](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyInstanceCreditSpecification.html) . For more information, see [Burstable performance instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) in the *Amazon EC2 User Guide* .\n\nDefault: `standard` (T2 instances) or `unlimited` (T3/T3a/T4g instances)\n\nFor T3 instances with `host` tenancy, only `standard` is supported.", - "title": "CreditSpecification" - }, - "DisableApiTermination": { - "markdownDescription": "Indicates whether termination protection is enabled for the instance. The default is `false` , which means that you can terminate the instance using the Amazon EC2 console, command line tools, or API. You can enable termination protection when you launch an instance, while the instance is running, or while the instance is stopped.", - "title": "DisableApiTermination", - "type": "boolean" - }, - "EbsOptimized": { - "markdownDescription": "Indicates whether the instance is optimized for Amazon EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal Amazon EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS-optimized instance.\n\nDefault: `false`", - "title": "EbsOptimized", - "type": "boolean" - }, - "ElasticGpuSpecifications": { - "items": { - "$ref": "#/definitions/AWS::EC2::Instance.ElasticGpuSpecification" - }, - "markdownDescription": "An elastic GPU to associate with the instance.\n\n> Amazon Elastic Graphics reached end of life on January 8, 2024.", - "title": "ElasticGpuSpecifications", - "type": "array" - }, - "ElasticInferenceAccelerators": { - "items": { - "$ref": "#/definitions/AWS::EC2::Instance.ElasticInferenceAccelerator" - }, - "markdownDescription": "An elastic inference accelerator to associate with the instance.\n\n> Amazon Elastic Inference is no longer available.", - "title": "ElasticInferenceAccelerators", - "type": "array" - }, - "EnclaveOptions": { - "$ref": "#/definitions/AWS::EC2::Instance.EnclaveOptions", - "markdownDescription": "Indicates whether the instance is enabled for AWS Nitro Enclaves.", - "title": "EnclaveOptions" - }, - "HibernationOptions": { - "$ref": "#/definitions/AWS::EC2::Instance.HibernationOptions", - "markdownDescription": "Indicates whether an instance is enabled for hibernation. This parameter is valid only if the instance meets the [hibernation prerequisites](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/hibernating-prerequisites.html) . For more information, see [Hibernate your Amazon EC2 instance](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) in the *Amazon EC2 User Guide* .\n\nYou can't enable hibernation and AWS Nitro Enclaves on the same instance.", - "title": "HibernationOptions" - }, - "HostId": { - "markdownDescription": "If you specify host for the `Affinity` property, the ID of a dedicated host that the instance is associated with. If you don't specify an ID, Amazon EC2 launches the instance onto any available, compatible dedicated host in your account. This type of launch is called an untargeted launch. Note that for untargeted launches, you must have a compatible, dedicated host available to successfully launch instances.", - "title": "HostId", - "type": "string" - }, - "HostResourceGroupArn": { - "markdownDescription": "The ARN of the host resource group in which to launch the instances. If you specify a host resource group ARN, omit the *Tenancy* parameter or set it to `host` .", - "title": "HostResourceGroupArn", - "type": "string" - }, - "IamInstanceProfile": { - "markdownDescription": "The name of an IAM instance profile. To create a new IAM instance profile, use the [AWS::IAM::InstanceProfile](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-instanceprofile.html) resource.", - "title": "IamInstanceProfile", - "type": "string" - }, - "ImageId": { - "markdownDescription": "The ID of the AMI. An AMI ID is required to launch an instance and must be specified here or in a launch template.", - "title": "ImageId", - "type": "string" - }, - "InstanceInitiatedShutdownBehavior": { - "markdownDescription": "Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).\n\nDefault: `stop`", - "title": "InstanceInitiatedShutdownBehavior", - "type": "string" - }, - "InstanceType": { - "markdownDescription": "The instance type. For more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .\n\nWhen you change your EBS-backed instance type, instance restart or replacement behavior depends on the instance type compatibility between the old and new types. An instance with an instance store volume as the root volume is always replaced. For more information, see [Change the instance type](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-resize.html) in the *Amazon EC2 User Guide* .", - "title": "InstanceType", - "type": "string" - }, - "Ipv6AddressCount": { - "markdownDescription": "The number of IPv6 addresses to associate with the primary network interface. Amazon EC2 chooses the IPv6 addresses from the range of your subnet. You cannot specify this option and the option to assign specific IPv6 addresses in the same request. You can specify this option if you've specified a minimum number of instances to launch.\n\nYou cannot specify this option and the network interfaces option in the same request.", - "title": "Ipv6AddressCount", - "type": "number" - }, - "Ipv6Addresses": { - "items": { - "$ref": "#/definitions/AWS::EC2::Instance.InstanceIpv6Address" - }, - "markdownDescription": "The IPv6 addresses from the range of the subnet to associate with the primary network interface. You cannot specify this option and the option to assign a number of IPv6 addresses in the same request. You cannot specify this option if you've specified a minimum number of instances to launch.\n\nYou cannot specify this option and the network interfaces option in the same request.", - "title": "Ipv6Addresses", - "type": "array" - }, - "KernelId": { - "markdownDescription": "The ID of the kernel.\n\n> We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see [PV-GRUB](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) in the *Amazon EC2 User Guide* .", - "title": "KernelId", - "type": "string" - }, - "KeyName": { - "markdownDescription": "The name of the key pair. You can create a key pair using [CreateKeyPair](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateKeyPair.html) or [ImportKeyPair](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportKeyPair.html) .\n\n> If you do not specify a key pair, you can't connect to the instance unless you choose an AMI that is configured to allow users another way to log in.", - "title": "KeyName", - "type": "string" - }, - "LaunchTemplate": { - "$ref": "#/definitions/AWS::EC2::Instance.LaunchTemplateSpecification", - "markdownDescription": "The launch template. Any additional parameters that you specify for the new instance overwrite the corresponding parameters included in the launch template.", - "title": "LaunchTemplate" - }, - "LicenseSpecifications": { - "items": { - "$ref": "#/definitions/AWS::EC2::Instance.LicenseSpecification" - }, - "markdownDescription": "The license configurations.", - "title": "LicenseSpecifications", - "type": "array" - }, - "Monitoring": { - "markdownDescription": "Specifies whether detailed monitoring is enabled for the instance. Specify `true` to enable detailed monitoring. Otherwise, basic monitoring is enabled. For more information about detailed monitoring, see [Enable or turn off detailed monitoring for your instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-cloudwatch-new.html) in the *Amazon EC2 User Guide* .", - "title": "Monitoring", - "type": "boolean" - }, - "NetworkInterfaces": { - "items": { - "$ref": "#/definitions/AWS::EC2::Instance.NetworkInterface" - }, - "markdownDescription": "The network interfaces to associate with the instance.\n\n> If you use this property to point to a network interface, you must terminate the original interface before attaching a new one to allow the update of the instance to succeed.\n> \n> If this resource has a public IP address and is also in a VPC that is defined in the same template, you must use the [DependsOn Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) to declare a dependency on the VPC-gateway attachment.", - "title": "NetworkInterfaces", - "type": "array" - }, - "PlacementGroupName": { - "markdownDescription": "The name of an existing placement group that you want to launch the instance into (cluster | partition | spread).", - "title": "PlacementGroupName", - "type": "string" - }, - "PrivateDnsNameOptions": { - "$ref": "#/definitions/AWS::EC2::Instance.PrivateDnsNameOptions", - "markdownDescription": "The options for the instance hostname.", - "title": "PrivateDnsNameOptions" - }, - "PrivateIpAddress": { - "markdownDescription": "The primary IPv4 address. You must specify a value from the IPv4 address range of the subnet.\n\nOnly one private IP address can be designated as primary. You can't specify this option if you've specified the option to designate a private IP address as the primary IP address in a network interface specification. You cannot specify this option if you're launching more than one instance in the request.\n\nYou cannot specify this option and the network interfaces option in the same request.\n\nIf you make an update to an instance that requires replacement, you must assign a new private IP address. During a replacement, AWS CloudFormation creates a new instance but doesn't delete the old instance until the stack has successfully updated. If the stack update fails, AWS CloudFormation uses the old instance to roll back the stack to the previous working state. The old and new instances cannot have the same private IP address.", - "title": "PrivateIpAddress", + "Description": { + "markdownDescription": "The description of the recipe.", + "title": "Description", "type": "string" }, - "PropagateTagsToVolumeOnCreation": { - "markdownDescription": "Indicates whether to assign the tags specified in the `Tags` property to the volumes specified in the `BlockDeviceMappings` property.\n\nNote that using this feature does not assign the tags to volumes that are created separately and then attached using `AWS::EC2::VolumeAttachment` .", - "title": "PropagateTagsToVolumeOnCreation", - "type": "boolean" - }, - "RamdiskId": { - "markdownDescription": "The ID of the RAM disk to select. Some kernels require additional drivers at launch. Check the kernel requirements for information about whether you need to specify a RAM disk. To find kernel requirements, go to the AWS Resource Center and search for the kernel ID.\n\n> We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see [PV-GRUB](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) in the *Amazon EC2 User Guide* .", - "title": "RamdiskId", + "Name": { + "markdownDescription": "The unique name for the recipe.", + "title": "Name", "type": "string" }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the security groups. You can specify the IDs of existing security groups and references to resources created by the stack template.\n\nIf you specify a network interface, you must specify any security groups as part of the network interface.", - "title": "SecurityGroupIds", - "type": "array" - }, - "SecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "[Default VPC] The names of the security groups. For a nondefault VPC, you must use security group IDs instead.\n\nYou cannot specify this option and the network interfaces option in the same request. The list can contain both the name of existing Amazon EC2 security groups or references to AWS::EC2::SecurityGroup resources created in the template.\n\nDefault: Amazon EC2 uses the default security group.", - "title": "SecurityGroups", - "type": "array" - }, - "SourceDestCheck": { - "markdownDescription": "Enable or disable source/destination checks, which ensure that the instance is either the source or the destination of any traffic that it receives. If the value is `true` , source/destination checks are enabled; otherwise, they are disabled. The default value is `true` . You must disable source/destination checks if the instance runs services such as network address translation, routing, or firewalls.", - "title": "SourceDestCheck", - "type": "boolean" - }, - "SsmAssociations": { + "Steps": { "items": { - "$ref": "#/definitions/AWS::EC2::Instance.SsmAssociation" + "$ref": "#/definitions/AWS::DataBrew::Recipe.RecipeStep" }, - "markdownDescription": "The SSM [document](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-document.html) and parameter values in AWS Systems Manager to associate with this instance. To use this property, you must specify an IAM instance profile role for the instance. For more information, see [Create an IAM instance profile for Systems Manager](https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-configuring-access-role.html) in the *AWS Systems Manager User Guide* .\n\n> You can associate only one document with an instance.", - "title": "SsmAssociations", + "markdownDescription": "A list of steps that are defined by the recipe.", + "title": "Steps", "type": "array" }, - "SubnetId": { - "markdownDescription": "The ID of the subnet to launch the instance into.\n\nIf you specify a network interface, you must specify any subnets as part of the network interface instead of using this parameter.", - "title": "SubnetId", - "type": "string" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to add to the instance. These tags are not applied to the EBS volumes, such as the root volume, unless [PropagateTagsToVolumeOnCreation](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html#cfn-ec2-instance-propagatetagstovolumeoncreation) is `true` .", + "markdownDescription": "Metadata tags that have been applied to the recipe.", "title": "Tags", "type": "array" - }, - "Tenancy": { - "markdownDescription": "The tenancy of the instance. An instance with a tenancy of `dedicated` runs on single-tenant hardware.", - "title": "Tenancy", - "type": "string" - }, - "UserData": { - "markdownDescription": "The parameters or scripts to store as user data. Any scripts in user data are run when you launch the instance. User data is limited to 16 KB. You must provide base64-encoded text. For more information, see [Fn::Base64](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-base64.html) .\n\nIf the root volume is an EBS volume and you update user data, CloudFormation restarts the instance. If the root volume is an instance store volume and you update user data, the instance is replaced.", - "title": "UserData", - "type": "string" - }, - "Volumes": { - "items": { - "$ref": "#/definitions/AWS::EC2::Instance.Volume" - }, - "markdownDescription": "The volumes to attach to the instance.", - "title": "Volumes", - "type": "array" } }, + "required": [ + "Name", + "Steps" + ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::Instance" + "AWS::DataBrew::Recipe" ], "type": "string" }, @@ -71804,404 +77360,675 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::EC2::Instance.AssociationParameter": { + "AWS::DataBrew::Recipe.Action": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The name of an input parameter that is in the associated SSM document.", - "title": "Key", + "Operation": { + "markdownDescription": "The name of a valid DataBrew transformation to be performed on the data.", + "title": "Operation", "type": "string" }, - "Value": { - "items": { - "type": "string" - }, - "markdownDescription": "The value of an input parameter.", - "title": "Value", - "type": "array" + "Parameters": { + "$ref": "#/definitions/AWS::DataBrew::Recipe.RecipeParameters", + "markdownDescription": "Contextual parameters for the transformation.", + "title": "Parameters" } }, "required": [ - "Key", - "Value" + "Operation" ], "type": "object" }, - "AWS::EC2::Instance.BlockDeviceMapping": { + "AWS::DataBrew::Recipe.ConditionExpression": { "additionalProperties": false, "properties": { - "DeviceName": { - "markdownDescription": "The device name (for example, `/dev/sdh` or `xvdh` ).\n\n> After the instance is running, this parameter is used to specify the device name of the block device mapping to update.", - "title": "DeviceName", + "Condition": { + "markdownDescription": "A specific condition to apply to a recipe action. For more information, see [Recipe structure](https://docs.aws.amazon.com/databrew/latest/dg/recipe-structure.html) in the *AWS Glue DataBrew Developer Guide* .", + "title": "Condition", "type": "string" }, - "Ebs": { - "$ref": "#/definitions/AWS::EC2::Instance.Ebs", - "markdownDescription": "Parameters used to automatically set up EBS volumes when the instance is launched.\n\n> After the instance is running, you can modify only the `DeleteOnTermination` parameter for the attached volumes without interrupting the instance. Modifying any other parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) .", - "title": "Ebs" - }, - "NoDevice": { - "markdownDescription": "To omit the device from the block device mapping, specify an empty string.\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "NoDevice", - "type": "object" + "TargetColumn": { + "markdownDescription": "A column to apply this condition to.", + "title": "TargetColumn", + "type": "string" }, - "VirtualName": { - "markdownDescription": "The virtual device name ( `ephemeral` N). The name must be in the form `ephemeral` *X* where *X* is a number starting from zero (0). For example, an instance type with 2 available instance store volumes can specify mappings for `ephemeral0` and `ephemeral1` . The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume.\n\nNVMe instance store volumes are automatically enumerated and assigned a device name. Including them in your block device mapping has no effect.\n\n*Constraints* : For M3 instances, you must specify instance store volumes in the block device mapping for the instance. When you launch an M3 instance, we ignore any instance store volumes specified in the block device mapping for the AMI.\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "VirtualName", + "Value": { + "markdownDescription": "A value that the condition must evaluate to for the condition to succeed.", + "title": "Value", "type": "string" } }, "required": [ - "DeviceName" + "Condition", + "TargetColumn" ], "type": "object" }, - "AWS::EC2::Instance.CpuOptions": { + "AWS::DataBrew::Recipe.DataCatalogInputDefinition": { "additionalProperties": false, "properties": { - "CoreCount": { - "markdownDescription": "The number of CPU cores for the instance.", - "title": "CoreCount", - "type": "number" + "CatalogId": { + "markdownDescription": "The unique identifier of the AWS account that holds the Data Catalog that stores the data.", + "title": "CatalogId", + "type": "string" }, - "ThreadsPerCore": { - "markdownDescription": "The number of threads per CPU core.", - "title": "ThreadsPerCore", - "type": "number" + "DatabaseName": { + "markdownDescription": "The name of a database in the Data Catalog.", + "title": "DatabaseName", + "type": "string" + }, + "TableName": { + "markdownDescription": "The name of a database table in the Data Catalog. This table corresponds to a DataBrew dataset.", + "title": "TableName", + "type": "string" + }, + "TempDirectory": { + "$ref": "#/definitions/AWS::DataBrew::Recipe.S3Location", + "markdownDescription": "Represents an Amazon location where DataBrew can store intermediate results.", + "title": "TempDirectory" } }, "type": "object" }, - "AWS::EC2::Instance.CreditSpecification": { + "AWS::DataBrew::Recipe.Input": { "additionalProperties": false, "properties": { - "CPUCredits": { - "markdownDescription": "The credit option for CPU usage of the instance.\n\nValid values: `standard` | `unlimited`\n\nT3 instances with `host` tenancy do not support the `unlimited` CPU credit option.", - "title": "CPUCredits", - "type": "string" + "DataCatalogInputDefinition": { + "$ref": "#/definitions/AWS::DataBrew::Recipe.DataCatalogInputDefinition", + "markdownDescription": "The AWS Glue Data Catalog parameters for the data.", + "title": "DataCatalogInputDefinition" + }, + "S3InputDefinition": { + "$ref": "#/definitions/AWS::DataBrew::Recipe.S3Location", + "markdownDescription": "The Amazon S3 location where the data is stored.", + "title": "S3InputDefinition" } }, "type": "object" }, - "AWS::EC2::Instance.Ebs": { + "AWS::DataBrew::Recipe.RecipeParameters": { "additionalProperties": false, "properties": { - "DeleteOnTermination": { - "markdownDescription": "Indicates whether the EBS volume is deleted on instance termination. For more information, see [Preserving Amazon EBS volumes on instance termination](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#preserving-volumes-on-termination) in the *Amazon EC2 User Guide* .", - "title": "DeleteOnTermination", - "type": "boolean" + "AggregateFunction": { + "markdownDescription": "The name of an aggregation function to apply.", + "title": "AggregateFunction", + "type": "string" }, - "Encrypted": { - "markdownDescription": "Indicates whether the volume should be encrypted. The effect of setting the encryption state to `true` depends on the volume origin (new or from a snapshot), starting encryption state, ownership, and whether encryption by default is enabled. For more information, see [Encryption by default](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#encryption-by-default) in the *Amazon Elastic Compute Cloud User Guide* .\n\nEncrypted Amazon EBS volumes must be attached to instances that support Amazon EBS encryption. For more information, see [Supported instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#EBSEncryption_supported_instances) .\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "Encrypted", - "type": "boolean" + "Base": { + "markdownDescription": "The number of digits used in a counting system.", + "title": "Base", + "type": "string" }, - "Iops": { - "markdownDescription": "The number of I/O operations per second (IOPS). For `gp3` , `io1` , and `io2` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n\nThe following are the supported values for each volume type:\n\n- `gp3` : 3,000-16,000 IOPS\n- `io1` : 100-64,000 IOPS\n- `io2` : 100-64,000 IOPS\n\nFor `io1` and `io2` volumes, we guarantee 64,000 IOPS only for [Instances built on the Nitro System](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances) . Other instance families guarantee performance up to 32,000 IOPS.\n\nThis parameter is required for `io1` and `io2` volumes. The default for `gp3` volumes is 3,000 IOPS. This parameter is not supported for `gp2` , `st1` , `sc1` , or `standard` volumes.\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "Iops", - "type": "number" + "CaseStatement": { + "markdownDescription": "A case statement associated with a recipe.", + "title": "CaseStatement", + "type": "string" }, - "KmsKeyId": { - "markdownDescription": "The identifier of the AWS KMS key to use for Amazon EBS encryption. If `KmsKeyId` is specified, the encrypted state must be `true` . If the encrypted state is `true` but you do not specify `KmsKeyId` , your KMS key for EBS is used.\n\nYou can specify the KMS key using any of the following:\n\n- Key ID. For example, 1234abcd-12ab-34cd-56ef-1234567890ab.\n- Key alias. For example, alias/ExampleAlias.\n- Key ARN. For example, arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab.\n- Alias ARN. For example, arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias.\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "KmsKeyId", + "CategoryMap": { + "markdownDescription": "A category map used for one-hot encoding.", + "title": "CategoryMap", "type": "string" }, - "SnapshotId": { - "markdownDescription": "The ID of the snapshot.\n\nIf you specify both `SnapshotId` and `VolumeSize` , `VolumeSize` must be equal or greater than the size of the snapshot.\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "SnapshotId", + "CharsToRemove": { + "markdownDescription": "Characters to remove from a step that applies one-hot encoding or tokenization.", + "title": "CharsToRemove", "type": "string" }, - "VolumeSize": { - "markdownDescription": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. If you specify a snapshot, the default is the snapshot size. You can specify a volume size that is equal to or larger than the snapshot size.\n\nThe following are the supported volumes sizes for each volume type:\n\n- `gp2` and `gp3` :1-16,384\n- `io1` and `io2` : 4-16,384\n- `st1` and `sc1` : 125-16,384\n- `standard` : 1-1,024\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "VolumeSize", - "type": "number" + "CollapseConsecutiveWhitespace": { + "markdownDescription": "Remove any non-word non-punctuation character.", + "title": "CollapseConsecutiveWhitespace", + "type": "string" }, - "VolumeType": { - "markdownDescription": "The volume type. For more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) in the *Amazon EC2 User Guide* . If the volume type is `io1` or `io2` , you must specify the IOPS that the volume supports.\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "VolumeType", + "ColumnDataType": { + "markdownDescription": "The data type of the column.", + "title": "ColumnDataType", "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::Instance.ElasticGpuSpecification": { - "additionalProperties": false, - "properties": { - "Type": { - "markdownDescription": "The type of Elastic Graphics accelerator.", - "title": "Type", + }, + "ColumnRange": { + "markdownDescription": "A range of columns to which a step is applied.", + "title": "ColumnRange", "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::EC2::Instance.ElasticInferenceAccelerator": { - "additionalProperties": false, - "properties": { + }, "Count": { - "markdownDescription": "The number of elastic inference accelerators to attach to the instance.", + "markdownDescription": "The number of times a string needs to be repeated.", "title": "Count", - "type": "number" - }, - "Type": { - "markdownDescription": "The type of elastic inference accelerator. The possible values are `eia1.medium` , `eia1.large` , `eia1.xlarge` , `eia2.medium` , `eia2.large` , and `eia2.xlarge` .", - "title": "Type", "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::EC2::Instance.EnclaveOptions": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "If this parameter is set to `true` , the instance is enabled for AWS Nitro Enclaves; otherwise, it is not enabled for AWS Nitro Enclaves.", - "title": "Enabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::EC2::Instance.HibernationOptions": { - "additionalProperties": false, - "properties": { - "Configured": { - "markdownDescription": "Set to `true` to enable your instance for hibernation.\n\nFor Spot Instances, if you set `Configured` to `true` , either omit the `InstanceInterruptionBehavior` parameter (for [`SpotMarketOptions`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotMarketOptions.html) ), or set it to `hibernate` . When `Configured` is true:\n\n- If you omit `InstanceInterruptionBehavior` , it defaults to `hibernate` .\n- If you set `InstanceInterruptionBehavior` to a value other than `hibernate` , you'll get an error.\n\nDefault: `false`", - "title": "Configured", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::EC2::Instance.InstanceIpv6Address": { - "additionalProperties": false, - "properties": { - "Ipv6Address": { - "markdownDescription": "The IPv6 address.", - "title": "Ipv6Address", + }, + "CustomCharacters": { + "markdownDescription": "One or more characters that can be substituted or removed, depending on the context.", + "title": "CustomCharacters", "type": "string" - } - }, - "required": [ - "Ipv6Address" - ], - "type": "object" - }, - "AWS::EC2::Instance.LaunchTemplateSpecification": { - "additionalProperties": false, - "properties": { - "LaunchTemplateId": { - "markdownDescription": "The ID of the launch template.\n\nYou must specify either the launch template ID or the launch template name, but not both.", - "title": "LaunchTemplateId", + }, + "CustomStopWords": { + "markdownDescription": "A list of words to ignore in a step that applies word tokenization.", + "title": "CustomStopWords", "type": "string" }, - "LaunchTemplateName": { - "markdownDescription": "The name of the launch template.\n\nYou must specify either the launch template ID or the launch template name, but not both.", - "title": "LaunchTemplateName", + "CustomValue": { + "markdownDescription": "A list of custom values to use in a step that requires that you provide a value to finish the operation.", + "title": "CustomValue", "type": "string" }, - "Version": { - "markdownDescription": "The version number of the launch template. You must specify this property.\n\nTo specify the default version of the template, use the `Fn::GetAtt` intrinsic function to retrieve the `DefaultVersionNumber` attribute of the launch template. To specify the latest version of the template, use `Fn::GetAtt` to retrieve the `LatestVersionNumber` attribute. For more information, see [AWS::EC2:LaunchTemplate return values for Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html#aws-resource-ec2-launchtemplate-return-values-fn--getatt) .", - "title": "Version", + "DatasetsColumns": { + "markdownDescription": "A list of the dataset columns included in a project.", + "title": "DatasetsColumns", "type": "string" - } - }, - "required": [ - "Version" - ], - "type": "object" - }, - "AWS::EC2::Instance.LicenseSpecification": { - "additionalProperties": false, - "properties": { - "LicenseConfigurationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the license configuration.", - "title": "LicenseConfigurationArn", + }, + "DateAddValue": { + "markdownDescription": "A value that specifies how many units of time to add or subtract for a date math operation.", + "title": "DateAddValue", "type": "string" - } - }, - "required": [ - "LicenseConfigurationArn" - ], - "type": "object" - }, - "AWS::EC2::Instance.NetworkInterface": { - "additionalProperties": false, - "properties": { - "AssociateCarrierIpAddress": { - "markdownDescription": "Indicates whether to assign a carrier IP address to the network interface.\n\nYou can only assign a carrier IP address to a network interface that is in a subnet in a Wavelength Zone. For more information about carrier IP addresses, see [Carrier IP address](https://docs.aws.amazon.com/wavelength/latest/developerguide/how-wavelengths-work.html#provider-owned-ip) in the *AWS Wavelength Developer Guide* .", - "title": "AssociateCarrierIpAddress", - "type": "boolean" }, - "AssociatePublicIpAddress": { - "markdownDescription": "Indicates whether to assign a public IPv4 address to an instance. Applies only if creating a network interface when launching an instance. The network interface must be the primary network interface. If launching into a default subnet, the default value is `true` .\n\nAWS charges for all public IPv4 addresses, including public IPv4 addresses associated with running instances and Elastic IP addresses. For more information, see the *Public IPv4 Address* tab on the [VPC pricing page](https://docs.aws.amazon.com/vpc/pricing/) .", - "title": "AssociatePublicIpAddress", - "type": "boolean" + "DateTimeFormat": { + "markdownDescription": "A date format to apply to a date.", + "title": "DateTimeFormat", + "type": "string" }, - "DeleteOnTermination": { - "markdownDescription": "Indicates whether the network interface is deleted when the instance is terminated. Applies only if creating a network interface when launching an instance.", - "title": "DeleteOnTermination", + "DateTimeParameters": { + "markdownDescription": "A set of parameters associated with a datetime.", + "title": "DateTimeParameters", + "type": "string" + }, + "DeleteOtherRows": { + "markdownDescription": "Determines whether unmapped rows in a categorical mapping should be deleted", + "title": "DeleteOtherRows", + "type": "string" + }, + "Delimiter": { + "markdownDescription": "The delimiter to use when parsing separated values in a text file.", + "title": "Delimiter", + "type": "string" + }, + "EndPattern": { + "markdownDescription": "The end pattern to locate.", + "title": "EndPattern", + "type": "string" + }, + "EndPosition": { + "markdownDescription": "The end position to locate.", + "title": "EndPosition", + "type": "string" + }, + "EndValue": { + "markdownDescription": "The end value to locate.", + "title": "EndValue", + "type": "string" + }, + "ExpandContractions": { + "markdownDescription": "A list of word contractions and what they expand to. For eample: *can't* ; *cannot* ; *can not* .", + "title": "ExpandContractions", + "type": "string" + }, + "Exponent": { + "markdownDescription": "The exponent to apply in an exponential operation.", + "title": "Exponent", + "type": "string" + }, + "FalseString": { + "markdownDescription": "A value that represents `FALSE` .", + "title": "FalseString", + "type": "string" + }, + "GroupByAggFunctionOptions": { + "markdownDescription": "Specifies options to apply to the `GROUP BY` used in an aggregation.", + "title": "GroupByAggFunctionOptions", + "type": "string" + }, + "GroupByColumns": { + "markdownDescription": "The columns to use in the `GROUP BY` clause.", + "title": "GroupByColumns", + "type": "string" + }, + "HiddenColumns": { + "markdownDescription": "A list of columns to hide.", + "title": "HiddenColumns", + "type": "string" + }, + "IgnoreCase": { + "markdownDescription": "Indicates that lower and upper case letters are treated equally.", + "title": "IgnoreCase", + "type": "string" + }, + "IncludeInSplit": { + "markdownDescription": "Indicates if this column is participating in a split transform.", + "title": "IncludeInSplit", + "type": "string" + }, + "Input": { + "$ref": "#/definitions/AWS::DataBrew::Recipe.Input", + "markdownDescription": "The input location to load the dataset from - Amazon S3 or AWS Glue Data Catalog .", + "title": "Input" + }, + "Interval": { + "markdownDescription": "The number of characters to split by.", + "title": "Interval", + "type": "string" + }, + "IsText": { + "markdownDescription": "Indicates if the content is text.", + "title": "IsText", + "type": "string" + }, + "JoinKeys": { + "markdownDescription": "The keys or columns involved in a join.", + "title": "JoinKeys", + "type": "string" + }, + "JoinType": { + "markdownDescription": "The type of join to use, for example, `INNER JOIN` , `OUTER JOIN` , and so on.", + "title": "JoinType", + "type": "string" + }, + "LeftColumns": { + "markdownDescription": "The columns on the left side of the join.", + "title": "LeftColumns", + "type": "string" + }, + "Limit": { + "markdownDescription": "The number of times to perform `split` or `replaceBy` in a string", + "title": "Limit", + "type": "string" + }, + "LowerBound": { + "markdownDescription": "The lower boundary for a value.", + "title": "LowerBound", + "type": "string" + }, + "MapType": { + "markdownDescription": "The type of mappings to apply to construct a new dynamic frame.", + "title": "MapType", + "type": "string" + }, + "ModeType": { + "markdownDescription": "Determines the manner in which mode value is calculated, in case there is more than one mode value. Valid values: `NONE` | `AVERAGE` | `MINIMUM` | `MAXIMUM`", + "title": "ModeType", + "type": "string" + }, + "MultiLine": { + "markdownDescription": "Specifies whether JSON input contains embedded new line characters.", + "title": "MultiLine", "type": "boolean" }, - "Description": { - "markdownDescription": "The description of the network interface. Applies only if creating a network interface when launching an instance.", - "title": "Description", + "NumRows": { + "markdownDescription": "The number of rows to consider in a window.", + "title": "NumRows", "type": "string" }, - "DeviceIndex": { - "markdownDescription": "The position of the network interface in the attachment order. A primary network interface has a device index of 0.\n\nIf you create a network interface when launching an instance, you must specify the device index.", - "title": "DeviceIndex", + "NumRowsAfter": { + "markdownDescription": "The number of rows to consider after the current row in a window", + "title": "NumRowsAfter", "type": "string" }, - "GroupSet": { + "NumRowsBefore": { + "markdownDescription": "The number of rows to consider before the current row in a window", + "title": "NumRowsBefore", + "type": "string" + }, + "OrderByColumn": { + "markdownDescription": "A column to sort the results by.", + "title": "OrderByColumn", + "type": "string" + }, + "OrderByColumns": { + "markdownDescription": "The columns to sort the results by.", + "title": "OrderByColumns", + "type": "string" + }, + "Other": { + "markdownDescription": "The value to assign to unmapped cells, in categorical mapping", + "title": "Other", + "type": "string" + }, + "Pattern": { + "markdownDescription": "The pattern to locate.", + "title": "Pattern", + "type": "string" + }, + "PatternOption1": { + "markdownDescription": "The starting pattern to split between.", + "title": "PatternOption1", + "type": "string" + }, + "PatternOption2": { + "markdownDescription": "The ending pattern to split between.", + "title": "PatternOption2", + "type": "string" + }, + "PatternOptions": { + "markdownDescription": "For splitting by multiple delimiters: A JSON-encoded string that lists the patterns in the format. For example: `[{\\\"pattern\\\":\\\"1\\\",\\\"includeInSplit\\\":true}]`", + "title": "PatternOptions", + "type": "string" + }, + "Period": { + "markdownDescription": "The size of the rolling window.", + "title": "Period", + "type": "string" + }, + "Position": { + "markdownDescription": "The character index within a string", + "title": "Position", + "type": "string" + }, + "RemoveAllPunctuation": { + "markdownDescription": "If `true` , removes all of the following characters: `.` `.!` `.,` `.?`", + "title": "RemoveAllPunctuation", + "type": "string" + }, + "RemoveAllQuotes": { + "markdownDescription": "If `true` , removes all single quotes and double quotes.", + "title": "RemoveAllQuotes", + "type": "string" + }, + "RemoveAllWhitespace": { + "markdownDescription": "If `true` , removes all whitespaces from the value.", + "title": "RemoveAllWhitespace", + "type": "string" + }, + "RemoveCustomCharacters": { + "markdownDescription": "If `true` , removes all chraracters specified by `CustomCharacters` .", + "title": "RemoveCustomCharacters", + "type": "string" + }, + "RemoveCustomValue": { + "markdownDescription": "If `true` , removes all chraracters specified by `CustomValue` .", + "title": "RemoveCustomValue", + "type": "string" + }, + "RemoveLeadingAndTrailingPunctuation": { + "markdownDescription": "If `true` , removes the following characters if they occur at the start or end of the value: `.` `!` `,` `?`", + "title": "RemoveLeadingAndTrailingPunctuation", + "type": "string" + }, + "RemoveLeadingAndTrailingQuotes": { + "markdownDescription": "If `true` , removes single quotes and double quotes from the beginning and end of the value.", + "title": "RemoveLeadingAndTrailingQuotes", + "type": "string" + }, + "RemoveLeadingAndTrailingWhitespace": { + "markdownDescription": "If `true` , removes all whitespaces from the beginning and end of the value.", + "title": "RemoveLeadingAndTrailingWhitespace", + "type": "string" + }, + "RemoveLetters": { + "markdownDescription": "If `true` , removes all uppercase and lowercase alphabetic characters (A through Z; a through z).", + "title": "RemoveLetters", + "type": "string" + }, + "RemoveNumbers": { + "markdownDescription": "If `true` , removes all numeric characters (0 through 9).", + "title": "RemoveNumbers", + "type": "string" + }, + "RemoveSourceColumn": { + "markdownDescription": "If `true` , the source column will be removed after un-nesting that column. (Used with nested column types, such as Map, Struct, or Array.)", + "title": "RemoveSourceColumn", + "type": "string" + }, + "RemoveSpecialCharacters": { + "markdownDescription": "If `true` , removes all of the following characters: `! \" # $ % & ' ( ) * + , - . / : ; < = > ? @ [ \\ ] ^ _ ` { | } ~`", + "title": "RemoveSpecialCharacters", + "type": "string" + }, + "RightColumns": { + "markdownDescription": "The columns on the right side of a join.", + "title": "RightColumns", + "type": "string" + }, + "SampleSize": { + "markdownDescription": "The number of rows in the sample.", + "title": "SampleSize", + "type": "string" + }, + "SampleType": { + "markdownDescription": "The sampling type to apply to the dataset. Valid values: `FIRST_N` | `LAST_N` | `RANDOM`", + "title": "SampleType", + "type": "string" + }, + "SecondInput": { + "markdownDescription": "A object value to indicate the second dataset used in a join.", + "title": "SecondInput", + "type": "string" + }, + "SecondaryInputs": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::DataBrew::Recipe.SecondaryInput" }, - "markdownDescription": "The IDs of the security groups for the network interface. Applies only if creating a network interface when launching an instance.", - "title": "GroupSet", + "markdownDescription": "A list of secondary inputs in a UNION transform", + "title": "SecondaryInputs", "type": "array" }, - "Ipv6AddressCount": { - "markdownDescription": "A number of IPv6 addresses to assign to the network interface. Amazon EC2 chooses the IPv6 addresses from the range of the subnet. You cannot specify this option and the option to assign specific IPv6 addresses in the same request. You can specify this option if you've specified a minimum number of instances to launch.", - "title": "Ipv6AddressCount", - "type": "number" + "SheetIndexes": { + "items": { + "type": "number" + }, + "markdownDescription": "One or more sheet numbers in the Excel file, which will be included in a dataset.", + "title": "SheetIndexes", + "type": "array" }, - "Ipv6Addresses": { + "SheetNames": { "items": { - "$ref": "#/definitions/AWS::EC2::Instance.InstanceIpv6Address" + "type": "string" }, - "markdownDescription": "The IPv6 addresses to assign to the network interface. You cannot specify this option and the option to assign a number of IPv6 addresses in the same request. You cannot specify this option if you've specified a minimum number of instances to launch.", - "title": "Ipv6Addresses", + "markdownDescription": "Oone or more named sheets in the Excel file, which will be included in a dataset.", + "title": "SheetNames", "type": "array" }, - "NetworkInterfaceId": { - "markdownDescription": "The ID of the network interface, when attaching an existing network interface.", - "title": "NetworkInterfaceId", + "SourceColumn": { + "markdownDescription": "A source column needed for an operation, step, or transform.", + "title": "SourceColumn", "type": "string" }, - "PrivateIpAddress": { - "markdownDescription": "The private IPv4 address of the network interface. Applies only if creating a network interface when launching an instance.", - "title": "PrivateIpAddress", + "SourceColumn1": { + "markdownDescription": "A source column needed for an operation, step, or transform.", + "title": "SourceColumn1", "type": "string" }, - "PrivateIpAddresses": { - "items": { - "$ref": "#/definitions/AWS::EC2::Instance.PrivateIpAddressSpecification" - }, - "markdownDescription": "One or more private IPv4 addresses to assign to the network interface. Only one private IPv4 address can be designated as primary.", - "title": "PrivateIpAddresses", - "type": "array" + "SourceColumn2": { + "markdownDescription": "A source column needed for an operation, step, or transform.", + "title": "SourceColumn2", + "type": "string" }, - "SecondaryPrivateIpAddressCount": { - "markdownDescription": "The number of secondary private IPv4 addresses. You can't specify this option and specify more than one private IP address using the private IP addresses option.", - "title": "SecondaryPrivateIpAddressCount", - "type": "number" + "SourceColumns": { + "markdownDescription": "A list of source columns needed for an operation, step, or transform.", + "title": "SourceColumns", + "type": "string" }, - "SubnetId": { - "markdownDescription": "The ID of the subnet associated with the network interface.", - "title": "SubnetId", + "StartColumnIndex": { + "markdownDescription": "The index number of the first column used by an operation, step, or transform.", + "title": "StartColumnIndex", "type": "string" - } - }, - "required": [ - "DeviceIndex" - ], - "type": "object" - }, - "AWS::EC2::Instance.PrivateDnsNameOptions": { - "additionalProperties": false, - "properties": { - "EnableResourceNameDnsAAAARecord": { - "markdownDescription": "Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .", - "title": "EnableResourceNameDnsAAAARecord", - "type": "boolean" }, - "EnableResourceNameDnsARecord": { - "markdownDescription": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .", - "title": "EnableResourceNameDnsARecord", - "type": "boolean" + "StartPattern": { + "markdownDescription": "The starting pattern to locate.", + "title": "StartPattern", + "type": "string" }, - "HostnameType": { - "markdownDescription": "The type of hostnames to assign to instances in the subnet at launch. For IPv4 only subnets, an instance DNS name must be based on the instance IPv4 address. For IPv6 only subnets, an instance DNS name must be based on the instance ID. For dual-stack subnets, you can specify whether DNS names use the instance IPv4 address or the instance ID. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .", - "title": "HostnameType", + "StartPosition": { + "markdownDescription": "The starting position to locate.", + "title": "StartPosition", + "type": "string" + }, + "StartValue": { + "markdownDescription": "The starting value to locate.", + "title": "StartValue", + "type": "string" + }, + "StemmingMode": { + "markdownDescription": "Indicates this operation uses stems and lemmas (base words) for word tokenization.", + "title": "StemmingMode", + "type": "string" + }, + "StepCount": { + "markdownDescription": "The total number of transforms in this recipe.", + "title": "StepCount", + "type": "string" + }, + "StepIndex": { + "markdownDescription": "The index ID of a step.", + "title": "StepIndex", + "type": "string" + }, + "StopWordsMode": { + "markdownDescription": "Indicates this operation uses stop words as part of word tokenization.", + "title": "StopWordsMode", + "type": "string" + }, + "Strategy": { + "markdownDescription": "The resolution strategy to apply in resolving ambiguities.", + "title": "Strategy", + "type": "string" + }, + "TargetColumn": { + "markdownDescription": "The column targeted by this operation.", + "title": "TargetColumn", + "type": "string" + }, + "TargetColumnNames": { + "markdownDescription": "The names to give columns altered by this operation.", + "title": "TargetColumnNames", + "type": "string" + }, + "TargetDateFormat": { + "markdownDescription": "The date format to convert to.", + "title": "TargetDateFormat", + "type": "string" + }, + "TargetIndex": { + "markdownDescription": "The index number of an object that is targeted by this operation.", + "title": "TargetIndex", + "type": "string" + }, + "TimeZone": { + "markdownDescription": "The current timezone that you want to use for dates.", + "title": "TimeZone", + "type": "string" + }, + "TokenizerPattern": { + "markdownDescription": "A regex expression to use when splitting text into terms, also called words or tokens.", + "title": "TokenizerPattern", + "type": "string" + }, + "TrueString": { + "markdownDescription": "A value to use to represent `TRUE` .", + "title": "TrueString", + "type": "string" + }, + "UdfLang": { + "markdownDescription": "The language that's used in the user-defined function.", + "title": "UdfLang", + "type": "string" + }, + "Units": { + "markdownDescription": "Specifies a unit of time. For example: `MINUTES` ; `SECONDS` ; `HOURS` ; etc.", + "title": "Units", + "type": "string" + }, + "UnpivotColumn": { + "markdownDescription": "Cast columns as rows, so that each value is a different row in a single column.", + "title": "UnpivotColumn", + "type": "string" + }, + "UpperBound": { + "markdownDescription": "The upper boundary for a value.", + "title": "UpperBound", + "type": "string" + }, + "UseNewDataFrame": { + "markdownDescription": "Create a new container to hold a dataset.", + "title": "UseNewDataFrame", + "type": "string" + }, + "Value": { + "markdownDescription": "A static value that can be used in a comparison, a substitution, or in another context-specific way. A `Value` can be a number, string, or other datatype, depending on the recipe action in which it's used.", + "title": "Value", + "type": "string" + }, + "Value1": { + "markdownDescription": "A value that's used by this operation.", + "title": "Value1", + "type": "string" + }, + "Value2": { + "markdownDescription": "A value that's used by this operation.", + "title": "Value2", + "type": "string" + }, + "ValueColumn": { + "markdownDescription": "The column that is provided as a value that's used by this operation.", + "title": "ValueColumn", + "type": "string" + }, + "ViewFrame": { + "markdownDescription": "The subset of rows currently available for viewing.", + "title": "ViewFrame", "type": "string" } }, "type": "object" }, - "AWS::EC2::Instance.PrivateIpAddressSpecification": { + "AWS::DataBrew::Recipe.RecipeStep": { "additionalProperties": false, "properties": { - "Primary": { - "markdownDescription": "Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.", - "title": "Primary", - "type": "boolean" + "Action": { + "$ref": "#/definitions/AWS::DataBrew::Recipe.Action", + "markdownDescription": "The particular action to be performed in the recipe step.", + "title": "Action" }, - "PrivateIpAddress": { - "markdownDescription": "The private IPv4 address.", - "title": "PrivateIpAddress", - "type": "string" + "ConditionExpressions": { + "items": { + "$ref": "#/definitions/AWS::DataBrew::Recipe.ConditionExpression" + }, + "markdownDescription": "One or more conditions that must be met for the recipe step to succeed.\n\n> All of the conditions in the array must be met. In other words, all of the conditions must be combined using a logical AND operation.", + "title": "ConditionExpressions", + "type": "array" } }, "required": [ - "Primary", - "PrivateIpAddress" + "Action" ], "type": "object" }, - "AWS::EC2::Instance.SsmAssociation": { + "AWS::DataBrew::Recipe.S3Location": { "additionalProperties": false, "properties": { - "AssociationParameters": { - "items": { - "$ref": "#/definitions/AWS::EC2::Instance.AssociationParameter" - }, - "markdownDescription": "The input parameter values to use with the associated SSM document.", - "title": "AssociationParameters", - "type": "array" + "Bucket": { + "markdownDescription": "The Amazon S3 bucket name.", + "title": "Bucket", + "type": "string" }, - "DocumentName": { - "markdownDescription": "The name of an SSM document to associate with the instance.", - "title": "DocumentName", + "Key": { + "markdownDescription": "The unique name of the object in the bucket.", + "title": "Key", "type": "string" } }, "required": [ - "DocumentName" + "Bucket" ], "type": "object" }, - "AWS::EC2::Instance.Volume": { + "AWS::DataBrew::Recipe.SecondaryInput": { "additionalProperties": false, "properties": { - "Device": { - "markdownDescription": "The device name (for example, `/dev/sdh` or `xvdh` ).", - "title": "Device", - "type": "string" + "DataCatalogInputDefinition": { + "$ref": "#/definitions/AWS::DataBrew::Recipe.DataCatalogInputDefinition", + "markdownDescription": "The AWS Glue Data Catalog parameters for the data.", + "title": "DataCatalogInputDefinition" }, - "VolumeId": { - "markdownDescription": "The ID of the EBS volume. The volume and instance must be within the same Availability Zone.", - "title": "VolumeId", - "type": "string" + "S3InputDefinition": { + "$ref": "#/definitions/AWS::DataBrew::Recipe.S3Location", + "markdownDescription": "The Amazon S3 location where the data is stored.", + "title": "S3InputDefinition" } }, - "required": [ - "Device", - "VolumeId" - ], "type": "object" }, - "AWS::EC2::InstanceConnectEndpoint": { + "AWS::DataBrew::Ruleset": { "additionalProperties": false, "properties": { "Condition": { @@ -72236,46 +78063,48 @@ "Properties": { "additionalProperties": false, "properties": { - "ClientToken": { - "markdownDescription": "Unique, case-sensitive identifier that you provide to ensure the idempotency of the request.", - "title": "ClientToken", + "Description": { + "markdownDescription": "The description of the ruleset.", + "title": "Description", "type": "string" }, - "PreserveClientIp": { - "markdownDescription": "Indicates whether the client IP address is preserved as the source. The following are the possible values.\n\n- `true` - Use the client IP address as the source.\n- `false` - Use the network interface IP address as the source.\n\nDefault: `false`", - "title": "PreserveClientIp", - "type": "boolean" + "Name": { + "markdownDescription": "The name of the ruleset.", + "title": "Name", + "type": "string" }, - "SecurityGroupIds": { + "Rules": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::DataBrew::Ruleset.Rule" }, - "markdownDescription": "One or more security groups to associate with the endpoint. If you don't specify a security group, the default security group for your VPC will be associated with the endpoint.", - "title": "SecurityGroupIds", + "markdownDescription": "Contains metadata about the ruleset.", + "title": "Rules", "type": "array" }, - "SubnetId": { - "markdownDescription": "The ID of the subnet in which to create the EC2 Instance Connect Endpoint.", - "title": "SubnetId", - "type": "string" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to apply to the EC2 Instance Connect Endpoint during creation.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" + }, + "TargetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of a resource (dataset) that the ruleset is associated with.", + "title": "TargetArn", + "type": "string" } }, "required": [ - "SubnetId" + "Name", + "Rules", + "TargetArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::InstanceConnectEndpoint" + "AWS::DataBrew::Ruleset" ], "type": "string" }, @@ -72294,73 +78123,113 @@ ], "type": "object" }, - "AWS::EC2::InternetGateway": { + "AWS::DataBrew::Ruleset.ColumnSelector": { "additionalProperties": false, "properties": { - "Condition": { + "Name": { + "markdownDescription": "The name of a column from a dataset.", + "title": "Name", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Regex": { + "markdownDescription": "A regular expression for selecting a column from a dataset.", + "title": "Regex", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataBrew::Ruleset.Rule": { + "additionalProperties": false, + "properties": { + "CheckExpression": { + "markdownDescription": "The expression which includes column references, condition names followed by variable references, possibly grouped and combined with other conditions. For example, `(:col1 starts_with :prefix1 or :col1 starts_with :prefix2) and (:col1 ends_with :suffix1 or :col1 ends_with :suffix2)` . Column and value references are substitution variables that should start with the ':' symbol. Depending on the context, substitution variables' values can be either an actual value or a column name. These values are defined in the SubstitutionMap. If a CheckExpression starts with a column reference, then ColumnSelectors in the rule should be null. If ColumnSelectors has been defined, then there should be no columnn reference in the left side of a condition, for example, `is_between :val1 and :val2` .", + "title": "CheckExpression", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ColumnSelectors": { + "items": { + "$ref": "#/definitions/AWS::DataBrew::Ruleset.ColumnSelector" + }, + "markdownDescription": "List of column selectors. Selectors can be used to select columns using a name or regular expression from the dataset. Rule will be applied to selected columns.", + "title": "ColumnSelectors", + "type": "array" }, - "Metadata": { - "type": "object" + "Disabled": { + "markdownDescription": "A value that specifies whether the rule is disabled. Once a rule is disabled, a profile job will not validate it during a job run. Default value is false.", + "title": "Disabled", + "type": "boolean" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Any tags to assign to the internet gateway.", - "title": "Tags", - "type": "array" - } + "Name": { + "markdownDescription": "The name of the rule.", + "title": "Name", + "type": "string" + }, + "SubstitutionMap": { + "items": { + "$ref": "#/definitions/AWS::DataBrew::Ruleset.SubstitutionValue" }, - "type": "object" + "markdownDescription": "The map of substitution variable names to their values used in a check expression. Variable names should start with a ':' (colon). Variable values can either be actual values or column names. To differentiate between the two, column names should be enclosed in backticks, for example, `\":col1\": \"`Column A`\".`", + "title": "SubstitutionMap", + "type": "array" + }, + "Threshold": { + "$ref": "#/definitions/AWS::DataBrew::Ruleset.Threshold", + "markdownDescription": "The threshold used with a non-aggregate check expression. Non-aggregate check expressions will be applied to each row in a specific column, and the threshold will be used to determine whether the validation succeeds.", + "title": "Threshold" + } + }, + "required": [ + "CheckExpression", + "Name" + ], + "type": "object" + }, + "AWS::DataBrew::Ruleset.SubstitutionValue": { + "additionalProperties": false, + "properties": { + "Value": { + "markdownDescription": "Value or column name.", + "title": "Value", + "type": "string" }, + "ValueReference": { + "markdownDescription": "Variable name.", + "title": "ValueReference", + "type": "string" + } + }, + "required": [ + "Value", + "ValueReference" + ], + "type": "object" + }, + "AWS::DataBrew::Ruleset.Threshold": { + "additionalProperties": false, + "properties": { "Type": { - "enum": [ - "AWS::EC2::InternetGateway" - ], + "markdownDescription": "The type of a threshold. Used for comparison of an actual count of rows that satisfy the rule to the threshold value.", + "title": "Type", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Unit": { + "markdownDescription": "Unit of threshold value. Can be either a COUNT or PERCENTAGE of the full sample size used for validation.", + "title": "Unit", "type": "string" + }, + "Value": { + "markdownDescription": "The value of a threshold.", + "title": "Value", + "type": "number" } }, "required": [ - "Type" + "Value" ], "type": "object" }, - "AWS::EC2::KeyPair": { + "AWS::DataBrew::Schedule": { "additionalProperties": false, "properties": { "Condition": { @@ -72395,43 +78264,42 @@ "Properties": { "additionalProperties": false, "properties": { - "KeyFormat": { - "markdownDescription": "The format of the key pair.\n\nDefault: `pem`", - "title": "KeyFormat", - "type": "string" - }, - "KeyName": { - "markdownDescription": "A unique name for the key pair.\n\nConstraints: Up to 255 ASCII characters", - "title": "KeyName", + "CronExpression": { + "markdownDescription": "The dates and times when the job is to run. For more information, see [Working with cron expressions for recipe jobs](https://docs.aws.amazon.com/databrew/latest/dg/jobs.recipe.html#jobs.cron) in the *AWS Glue DataBrew Developer Guide* .", + "title": "CronExpression", "type": "string" }, - "KeyType": { - "markdownDescription": "The type of key pair. Note that ED25519 keys are not supported for Windows instances.\n\nIf the `PublicKeyMaterial` property is specified, the `KeyType` property is ignored, and the key type is inferred from the `PublicKeyMaterial` value.\n\nDefault: `rsa`", - "title": "KeyType", - "type": "string" + "JobNames": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of jobs to be run, according to the schedule.", + "title": "JobNames", + "type": "array" }, - "PublicKeyMaterial": { - "markdownDescription": "The public key material. The `PublicKeyMaterial` property is used to import a key pair. If this property is not specified, then a new key pair will be created.", - "title": "PublicKeyMaterial", + "Name": { + "markdownDescription": "The name of the schedule.", + "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to apply to the key pair.", + "markdownDescription": "Metadata tags that have been applied to the schedule.", "title": "Tags", "type": "array" } }, "required": [ - "KeyName" + "CronExpression", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::KeyPair" + "AWS::DataBrew::Schedule" ], "type": "string" }, @@ -72450,7 +78318,7 @@ ], "type": "object" }, - "AWS::EC2::LaunchTemplate": { + "AWS::DataPipeline::Pipeline": { "additionalProperties": false, "properties": { "Condition": { @@ -72485,38 +78353,62 @@ "Properties": { "additionalProperties": false, "properties": { - "LaunchTemplateData": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.LaunchTemplateData", - "markdownDescription": "The information for the launch template.", - "title": "LaunchTemplateData" + "Activate": { + "markdownDescription": "Indicates whether to validate and start the pipeline or stop an active pipeline. By default, the value is set to `true` .", + "title": "Activate", + "type": "boolean" }, - "LaunchTemplateName": { - "markdownDescription": "A name for the launch template.", - "title": "LaunchTemplateName", + "Description": { + "markdownDescription": "A description of the pipeline.", + "title": "Description", "type": "string" }, - "TagSpecifications": { + "Name": { + "markdownDescription": "The name of the pipeline.", + "title": "Name", + "type": "string" + }, + "ParameterObjects": { "items": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.LaunchTemplateTagSpecification" + "$ref": "#/definitions/AWS::DataPipeline::Pipeline.ParameterObject" }, - "markdownDescription": "The tags to apply to the launch template on creation. To tag the launch template, the resource type must be `launch-template` .\n\nTo specify the tags for resources that are created during instance launch, use [TagSpecifications](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-launchtemplatedata.html#cfn-ec2-launchtemplate-launchtemplatedata-tagspecifications) .", - "title": "TagSpecifications", + "markdownDescription": "The parameter objects used with the pipeline.", + "title": "ParameterObjects", "type": "array" }, - "VersionDescription": { - "markdownDescription": "A description for the first version of the launch template.", - "title": "VersionDescription", - "type": "string" + "ParameterValues": { + "items": { + "$ref": "#/definitions/AWS::DataPipeline::Pipeline.ParameterValue" + }, + "markdownDescription": "The parameter values used with the pipeline.", + "title": "ParameterValues", + "type": "array" + }, + "PipelineObjects": { + "items": { + "$ref": "#/definitions/AWS::DataPipeline::Pipeline.PipelineObject" + }, + "markdownDescription": "The objects that define the pipeline. These objects overwrite the existing pipeline definition. Not all objects, fields, and values can be updated. For information about restrictions, see [Editing Your Pipeline](https://docs.aws.amazon.com/datapipeline/latest/DeveloperGuide/dp-manage-pipeline-modify-console.html) in the *AWS Data Pipeline Developer Guide* .", + "title": "PipelineObjects", + "type": "array" + }, + "PipelineTags": { + "items": { + "$ref": "#/definitions/AWS::DataPipeline::Pipeline.PipelineTag" + }, + "markdownDescription": "A list of arbitrary tags (key-value pairs) to associate with the pipeline, which you can use to control permissions. For more information, see [Controlling Access to Pipelines and Resources](https://docs.aws.amazon.com/datapipeline/latest/DeveloperGuide/dp-control-access.html) in the *AWS Data Pipeline Developer Guide* .", + "title": "PipelineTags", + "type": "array" } }, "required": [ - "LaunchTemplateData" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::LaunchTemplate" + "AWS::DataPipeline::Pipeline" ], "type": "string" }, @@ -72535,1136 +78427,940 @@ ], "type": "object" }, - "AWS::EC2::LaunchTemplate.AcceleratorCount": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum number of accelerators. To specify no maximum limit, omit this parameter. To exclude accelerator-enabled instance types, set `Max` to `0` .", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum number of accelerators. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::LaunchTemplate.AcceleratorTotalMemoryMiB": { + "AWS::DataPipeline::Pipeline.Field": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum amount of accelerator memory, in MiB. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" + "Key": { + "markdownDescription": "Specifies the name of a field for a particular object. To view valid values for a particular field, see [Pipeline Object Reference](https://docs.aws.amazon.com/datapipeline/latest/DeveloperGuide/dp-pipeline-objects.html) in the *AWS Data Pipeline Developer Guide* .", + "title": "Key", + "type": "string" }, - "Min": { - "markdownDescription": "The minimum amount of accelerator memory, in MiB. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::LaunchTemplate.BaselineEbsBandwidthMbps": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum baseline bandwidth, in Mbps. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" + "RefValue": { + "markdownDescription": "A field value that you specify as an identifier of another object in the same pipeline definition.\n\n> You can specify the field value as either a string value ( `StringValue` ) or a reference to another object ( `RefValue` ), but not both. \n\nRequired if the key that you are using requires it.", + "title": "RefValue", + "type": "string" }, - "Min": { - "markdownDescription": "The minimum baseline bandwidth, in Mbps. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" + "StringValue": { + "markdownDescription": "A field value that you specify as a string. To view valid values for a particular field, see [Pipeline Object Reference](https://docs.aws.amazon.com/datapipeline/latest/DeveloperGuide/dp-pipeline-objects.html) in the *AWS Data Pipeline Developer Guide* .\n\n> You can specify the field value as either a string value ( `StringValue` ) or a reference to another object ( `RefValue` ), but not both. \n\nRequired if the key that you are using requires it.", + "title": "StringValue", + "type": "string" } }, + "required": [ + "Key" + ], "type": "object" }, - "AWS::EC2::LaunchTemplate.BlockDeviceMapping": { + "AWS::DataPipeline::Pipeline.ParameterAttribute": { "additionalProperties": false, "properties": { - "DeviceName": { - "markdownDescription": "The device name (for example, /dev/sdh or xvdh).", - "title": "DeviceName", - "type": "string" - }, - "Ebs": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Ebs", - "markdownDescription": "Parameters used to automatically set up EBS volumes when the instance is launched.", - "title": "Ebs" - }, - "NoDevice": { - "markdownDescription": "To omit the device from the block device mapping, specify an empty string.", - "title": "NoDevice", + "Key": { + "markdownDescription": "The field identifier.", + "title": "Key", "type": "string" }, - "VirtualName": { - "markdownDescription": "The virtual device name (ephemeralN). Instance store volumes are numbered starting from 0. An instance type with 2 available instance store volumes can specify mappings for ephemeral0 and ephemeral1. The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume.", - "title": "VirtualName", + "StringValue": { + "markdownDescription": "The field value, expressed as a String.", + "title": "StringValue", "type": "string" } }, + "required": [ + "Key", + "StringValue" + ], "type": "object" }, - "AWS::EC2::LaunchTemplate.CapacityReservationSpecification": { + "AWS::DataPipeline::Pipeline.ParameterObject": { "additionalProperties": false, "properties": { - "CapacityReservationPreference": { - "markdownDescription": "Indicates the instance's Capacity Reservation preferences. Possible preferences include:\n\n- `capacity-reservations-only` - The instance will only run in a Capacity Reservation or Capacity Reservation group. If capacity isn't available, the instance will fail to launch.\n- `open` - The instance can run in any `open` Capacity Reservation that has matching attributes (instance type, platform, Availability Zone, tenancy).\n- `none` - The instance avoids running in a Capacity Reservation even if one is available. The instance runs in On-Demand capacity.", - "title": "CapacityReservationPreference", - "type": "string" + "Attributes": { + "items": { + "$ref": "#/definitions/AWS::DataPipeline::Pipeline.ParameterAttribute" + }, + "markdownDescription": "The attributes of the parameter object.", + "title": "Attributes", + "type": "array" }, - "CapacityReservationTarget": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.CapacityReservationTarget", - "markdownDescription": "Information about the target Capacity Reservation or Capacity Reservation group.", - "title": "CapacityReservationTarget" + "Id": { + "markdownDescription": "The ID of the parameter object.", + "title": "Id", + "type": "string" } }, + "required": [ + "Attributes", + "Id" + ], "type": "object" }, - "AWS::EC2::LaunchTemplate.CapacityReservationTarget": { + "AWS::DataPipeline::Pipeline.ParameterValue": { "additionalProperties": false, "properties": { - "CapacityReservationId": { - "markdownDescription": "The ID of the Capacity Reservation in which to run the instance.", - "title": "CapacityReservationId", + "Id": { + "markdownDescription": "The ID of the parameter value.", + "title": "Id", "type": "string" }, - "CapacityReservationResourceGroupArn": { - "markdownDescription": "The ARN of the Capacity Reservation resource group in which to run the instance.", - "title": "CapacityReservationResourceGroupArn", + "StringValue": { + "markdownDescription": "The field value, expressed as a String.", + "title": "StringValue", "type": "string" } }, + "required": [ + "Id", + "StringValue" + ], "type": "object" }, - "AWS::EC2::LaunchTemplate.ConnectionTrackingSpecification": { + "AWS::DataPipeline::Pipeline.PipelineObject": { "additionalProperties": false, "properties": { - "TcpEstablishedTimeout": { - "markdownDescription": "Timeout (in seconds) for idle TCP connections in an established state. Min: 60 seconds. Max: 432000 seconds (5 days). Default: 432000 seconds. Recommended: Less than 432000 seconds.", - "title": "TcpEstablishedTimeout", - "type": "number" + "Fields": { + "items": { + "$ref": "#/definitions/AWS::DataPipeline::Pipeline.Field" + }, + "markdownDescription": "Key-value pairs that define the properties of the object.", + "title": "Fields", + "type": "array" }, - "UdpStreamTimeout": { - "markdownDescription": "Timeout (in seconds) for idle UDP flows classified as streams which have seen more than one request-response transaction. Min: 60 seconds. Max: 180 seconds (3 minutes). Default: 180 seconds.", - "title": "UdpStreamTimeout", - "type": "number" + "Id": { + "markdownDescription": "The ID of the object.", + "title": "Id", + "type": "string" }, - "UdpTimeout": { - "markdownDescription": "Timeout (in seconds) for idle UDP flows that have seen traffic only in a single direction or a single request-response transaction. Min: 30 seconds. Max: 60 seconds. Default: 30 seconds.", - "title": "UdpTimeout", - "type": "number" + "Name": { + "markdownDescription": "The name of the object.", + "title": "Name", + "type": "string" } }, + "required": [ + "Fields", + "Id", + "Name" + ], "type": "object" }, - "AWS::EC2::LaunchTemplate.CpuOptions": { + "AWS::DataPipeline::Pipeline.PipelineTag": { "additionalProperties": false, "properties": { - "AmdSevSnp": { - "markdownDescription": "Indicates whether to enable the instance for AMD SEV-SNP. AMD SEV-SNP is supported with M6a, R6a, and C6a instance types only. For more information, see [AMD SEV-SNP for Amazon EC2 instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/sev-snp.html) .", - "title": "AmdSevSnp", + "Key": { + "markdownDescription": "The key name of a tag.", + "title": "Key", "type": "string" }, - "CoreCount": { - "markdownDescription": "The number of CPU cores for the instance.", - "title": "CoreCount", - "type": "number" - }, - "ThreadsPerCore": { - "markdownDescription": "The number of threads per CPU core. To disable multithreading for the instance, specify a value of `1` . Otherwise, specify the default value of `2` .", - "title": "ThreadsPerCore", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::LaunchTemplate.CreditSpecification": { - "additionalProperties": false, - "properties": { - "CpuCredits": { - "markdownDescription": "The credit option for CPU usage of a T instance.\n\nValid values: `standard` | `unlimited`", - "title": "CpuCredits", + "Value": { + "markdownDescription": "The value to associate with the key name.", + "title": "Value", "type": "string" } }, + "required": [ + "Key", + "Value" + ], "type": "object" }, - "AWS::EC2::LaunchTemplate.Ebs": { + "AWS::DataSync::Agent": { "additionalProperties": false, "properties": { - "DeleteOnTermination": { - "markdownDescription": "Indicates whether the EBS volume is deleted on instance termination.", - "title": "DeleteOnTermination", - "type": "boolean" - }, - "Encrypted": { - "markdownDescription": "Indicates whether the EBS volume is encrypted. Encrypted volumes can only be attached to instances that support Amazon EBS encryption. If you are creating a volume from a snapshot, you can't specify an encryption value.", - "title": "Encrypted", - "type": "boolean" - }, - "Iops": { - "markdownDescription": "The number of I/O operations per second (IOPS). For `gp3` , `io1` , and `io2` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n\nThe following are the supported values for each volume type:\n\n- `gp3` : 3,000 - 16,000 IOPS\n- `io1` : 100 - 64,000 IOPS\n- `io2` : 100 - 256,000 IOPS\n\nFor `io2` volumes, you can achieve up to 256,000 IOPS on [instances built on the Nitro System](https://docs.aws.amazon.com/ec2/latest/instancetypes/ec2-nitro-instances.html) . On other instances, you can achieve performance up to 32,000 IOPS.\n\nThis parameter is supported for `io1` , `io2` , and `gp3` volumes only.", - "title": "Iops", - "type": "number" + "Condition": { + "type": "string" }, - "KmsKeyId": { - "markdownDescription": "Identifier (key ID, key alias, key ARN, or alias ARN) of the customer managed KMS key to use for EBS encryption.", - "title": "KmsKeyId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SnapshotId": { - "markdownDescription": "The ID of the snapshot.", - "title": "SnapshotId", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Throughput": { - "markdownDescription": "The throughput to provision for a `gp3` volume, with a maximum of 1,000 MiB/s.\n\nValid Range: Minimum value of 125. Maximum value of 1000.", - "title": "Throughput", - "type": "number" + "Metadata": { + "type": "object" }, - "VolumeSize": { - "markdownDescription": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. The following are the supported volumes sizes for each volume type:\n\n- `gp2` and `gp3` : 1 - 16,384 GiB\n- `io1` : 4 - 16,384 GiB\n- `io2` : 4 - 65,536 GiB\n- `st1` and `sc1` : 125 - 16,384 GiB\n- `standard` : 1 - 1024 GiB", - "title": "VolumeSize", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "ActivationKey": { + "markdownDescription": "Specifies your DataSync agent's activation key. If you don't have an activation key, see [Activating your agent](https://docs.aws.amazon.com/datasync/latest/userguide/activate-agent.html) .", + "title": "ActivationKey", + "type": "string" + }, + "AgentName": { + "markdownDescription": "Specifies a name for your agent. We recommend specifying a name that you can remember.", + "title": "AgentName", + "type": "string" + }, + "SecurityGroupArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Names (ARNs) of the security groups used to protect your data transfer task subnets. See [SecurityGroupArns](https://docs.aws.amazon.com/datasync/latest/userguide/API_Ec2Config.html#DataSync-Type-Ec2Config-SecurityGroupArns) .\n\n*Pattern* : `^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):ec2:[a-z\\-0-9]*:[0-9]{12}:security-group/.*$`", + "title": "SecurityGroupArns", + "type": "array" + }, + "SubnetArns": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the ARN of the subnet where your VPC service endpoint is located. You can only specify one ARN.", + "title": "SubnetArns", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least one tag for your agent.", + "title": "Tags", + "type": "array" + }, + "VpcEndpointId": { + "markdownDescription": "The ID of the virtual private cloud (VPC) endpoint that the agent has access to. This is the client-side VPC endpoint, powered by AWS PrivateLink . If you don't have an AWS PrivateLink VPC endpoint, see [AWS PrivateLink and VPC endpoints](https://docs.aws.amazon.com//vpc/latest/userguide/endpoint-services-overview.html) in the *Amazon VPC User Guide* .\n\nFor more information about activating your agent in a private network based on a VPC, see [Using AWS DataSync in a Virtual Private Cloud](https://docs.aws.amazon.com/datasync/latest/userguide/datasync-in-vpc.html) in the *AWS DataSync User Guide.*\n\nA VPC endpoint ID looks like this: `vpce-01234d5aff67890e1` .", + "title": "VpcEndpointId", + "type": "string" + } + }, + "type": "object" }, - "VolumeType": { - "markdownDescription": "The volume type. For more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volume-types.html) in the *Amazon EBS User Guide* .", - "title": "VolumeType", + "Type": { + "enum": [ + "AWS::DataSync::Agent" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::EC2::LaunchTemplate.ElasticGpuSpecification": { + "AWS::DataSync::LocationAzureBlob": { "additionalProperties": false, "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AgentArns": { + "items": { + "type": "string" + }, + "markdownDescription": "(Optional) Specifies the Amazon Resource Name (ARN) of the DataSync agent that can connect with your Azure Blob Storage container. If you are setting up an agentless cross-cloud transfer, you do not need to specify a value for this parameter.\n\nYou can specify more than one agent. For more information, see [Using multiple agents for your transfer](https://docs.aws.amazon.com/datasync/latest/userguide/multiple-agents.html) .\n\n> Make sure you configure this parameter correctly when you first create your storage location. You cannot add or remove agents from a storage location after you create it.", + "title": "AgentArns", + "type": "array" + }, + "AzureAccessTier": { + "markdownDescription": "Specifies the access tier that you want your objects or files transferred into. This only applies when using the location as a transfer destination. For more information, see [Access tiers](https://docs.aws.amazon.com/datasync/latest/userguide/creating-azure-blob-location.html#azure-blob-access-tiers) .", + "title": "AzureAccessTier", + "type": "string" + }, + "AzureBlobAuthenticationType": { + "markdownDescription": "Specifies the authentication method DataSync uses to access your Azure Blob Storage. DataSync can access blob storage using a shared access signature (SAS).", + "title": "AzureBlobAuthenticationType", + "type": "string" + }, + "AzureBlobContainerUrl": { + "markdownDescription": "Specifies the URL of the Azure Blob Storage container involved in your transfer.", + "title": "AzureBlobContainerUrl", + "type": "string" + }, + "AzureBlobSasConfiguration": { + "$ref": "#/definitions/AWS::DataSync::LocationAzureBlob.AzureBlobSasConfiguration", + "markdownDescription": "Specifies the SAS configuration that allows DataSync to access your Azure Blob Storage.\n\n> If you provide an authentication token using `SasConfiguration` , but do not provide secret configuration details using `CmkSecretConfig` or `CustomSecretConfig` , then DataSync stores the token using your AWS account's secrets manager secret.", + "title": "AzureBlobSasConfiguration" + }, + "AzureBlobType": { + "markdownDescription": "Specifies the type of blob that you want your objects or files to be when transferring them into Azure Blob Storage. Currently, DataSync only supports moving data into Azure Blob Storage as block blobs. For more information on blob types, see the [Azure Blob Storage documentation](https://docs.aws.amazon.com/https://learn.microsoft.com/en-us/rest/api/storageservices/understanding-block-blobs--append-blobs--and-page-blobs) .", + "title": "AzureBlobType", + "type": "string" + }, + "CmkSecretConfig": { + "$ref": "#/definitions/AWS::DataSync::LocationAzureBlob.CmkSecretConfig", + "markdownDescription": "Specifies configuration information for a DataSync-managed secret, such as an authentication token or secret key that DataSync uses to access a specific storage location, with a customer-managed AWS KMS key .\n\n> You can use either `CmkSecretConfig` or `CustomSecretConfig` to provide credentials for a `CreateLocation` request. Do not provide both parameters for the same request.", + "title": "CmkSecretConfig" + }, + "CustomSecretConfig": { + "$ref": "#/definitions/AWS::DataSync::LocationAzureBlob.CustomSecretConfig", + "markdownDescription": "Specifies configuration information for a customer-managed Secrets Manager secret where a storage location authentication token or secret key is stored in plain text. This configuration includes the secret ARN, and the ARN for an IAM role that provides access to the secret.\n\n> You can use either `CmkSecretConfig` or `CustomSecretConfig` to provide credentials for a `CreateLocation` request. Do not provide both parameters for the same request.", + "title": "CustomSecretConfig" + }, + "Subdirectory": { + "markdownDescription": "Specifies path segments if you want to limit your transfer to a virtual directory in your container (for example, `/my/images` ).", + "title": "Subdirectory", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your transfer location.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "AzureBlobAuthenticationType" + ], + "type": "object" + }, "Type": { - "markdownDescription": "The type of Elastic Graphics accelerator.", - "title": "Type", + "enum": [ + "AWS::DataSync::LocationAzureBlob" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::EC2::LaunchTemplate.EnaSrdSpecification": { + "AWS::DataSync::LocationAzureBlob.AzureBlobSasConfiguration": { "additionalProperties": false, "properties": { - "EnaSrdEnabled": { - "markdownDescription": "Indicates whether ENA Express is enabled for the network interface.", - "title": "EnaSrdEnabled", - "type": "boolean" - }, - "EnaSrdUdpSpecification": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.EnaSrdUdpSpecification", - "markdownDescription": "Configures ENA Express for UDP network traffic.", - "title": "EnaSrdUdpSpecification" + "AzureBlobSasToken": { + "markdownDescription": "Specifies a SAS token that provides permissions to access your Azure Blob Storage.\n\nThe token is part of the SAS URI string that comes after the storage resource URI and a question mark. A token looks something like this:\n\n`sp=r&st=2023-12-20T14:54:52Z&se=2023-12-20T22:54:52Z&spr=https&sv=2021-06-08&sr=c&sig=aBBKDWQvyuVcTPH9EBp%2FXTI9E%2F%2Fmq171%2BZU178wcwqU%3D`", + "title": "AzureBlobSasToken", + "type": "string" } }, + "required": [ + "AzureBlobSasToken" + ], "type": "object" }, - "AWS::EC2::LaunchTemplate.EnaSrdUdpSpecification": { + "AWS::DataSync::LocationAzureBlob.CmkSecretConfig": { "additionalProperties": false, "properties": { - "EnaSrdUdpEnabled": { - "markdownDescription": "Indicates whether UDP traffic to and from the instance uses ENA Express. To specify this setting, you must first enable ENA Express.", - "title": "EnaSrdUdpEnabled", - "type": "boolean" + "KmsKeyArn": { + "markdownDescription": "Specifies the ARN for the customer-managed AWS KMS key that DataSync uses to encrypt the DataSync-managed secret stored for `SecretArn` . DataSync provides this key to AWS Secrets Manager .", + "title": "KmsKeyArn", + "type": "string" + }, + "SecretArn": { + "markdownDescription": "Specifies the ARN for the DataSync-managed AWS Secrets Manager secret that that is used to access a specific storage location. This property is generated by DataSync and is read-only. DataSync encrypts this secret with the KMS key that you specify for `KmsKeyArn` .", + "title": "SecretArn", + "type": "string" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.EnclaveOptions": { + "AWS::DataSync::LocationAzureBlob.CustomSecretConfig": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "If this parameter is set to `true` , the instance is enabled for AWS Nitro Enclaves; otherwise, it is not enabled for AWS Nitro Enclaves.", - "title": "Enabled", - "type": "boolean" + "SecretAccessRoleArn": { + "markdownDescription": "Specifies the ARN for the AWS Identity and Access Management role that DataSync uses to access the secret specified for `SecretArn` .", + "title": "SecretAccessRoleArn", + "type": "string" + }, + "SecretArn": { + "markdownDescription": "Specifies the ARN for an AWS Secrets Manager secret.", + "title": "SecretArn", + "type": "string" } }, + "required": [ + "SecretAccessRoleArn", + "SecretArn" + ], "type": "object" }, - "AWS::EC2::LaunchTemplate.HibernationOptions": { + "AWS::DataSync::LocationAzureBlob.ManagedSecretConfig": { "additionalProperties": false, "properties": { - "Configured": { - "markdownDescription": "If you set this parameter to `true` , the instance is enabled for hibernation.\n\nDefault: `false`", - "title": "Configured", - "type": "boolean" + "SecretArn": { + "markdownDescription": "Specifies the ARN for an AWS Secrets Manager secret.", + "title": "SecretArn", + "type": "string" } }, + "required": [ + "SecretArn" + ], "type": "object" }, - "AWS::EC2::LaunchTemplate.IamInstanceProfile": { + "AWS::DataSync::LocationEFS": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the instance profile.", - "title": "Arn", + "Condition": { "type": "string" }, - "Name": { - "markdownDescription": "The name of the instance profile.", - "title": "Name", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AccessPointArn": { + "markdownDescription": "Specifies the Amazon Resource Name (ARN) of the access point that DataSync uses to mount your Amazon EFS file system.\n\nFor more information, see [Accessing restricted file systems](https://docs.aws.amazon.com/datasync/latest/userguide/create-efs-location.html#create-efs-location-iam) .", + "title": "AccessPointArn", + "type": "string" + }, + "Ec2Config": { + "$ref": "#/definitions/AWS::DataSync::LocationEFS.Ec2Config", + "markdownDescription": "Specifies the subnet and security groups DataSync uses to connect to one of your Amazon EFS file system's [mount targets](https://docs.aws.amazon.com/efs/latest/ug/accessing-fs.html) .", + "title": "Ec2Config" + }, + "EfsFilesystemArn": { + "markdownDescription": "Specifies the ARN for your Amazon EFS file system.", + "title": "EfsFilesystemArn", + "type": "string" + }, + "FileSystemAccessRoleArn": { + "markdownDescription": "Specifies an AWS Identity and Access Management (IAM) role that allows DataSync to access your Amazon EFS file system.\n\nFor information on creating this role, see [Creating a DataSync IAM role for file system access](https://docs.aws.amazon.com/datasync/latest/userguide/create-efs-location.html#create-efs-location-iam-role) .", + "title": "FileSystemAccessRoleArn", + "type": "string" + }, + "InTransitEncryption": { + "markdownDescription": "Specifies whether you want DataSync to use Transport Layer Security (TLS) 1.2 encryption when it transfers data to or from your Amazon EFS file system.\n\nIf you specify an access point using `AccessPointArn` or an IAM role using `FileSystemAccessRoleArn` , you must set this parameter to `TLS1_2` .", + "title": "InTransitEncryption", + "type": "string" + }, + "Subdirectory": { + "markdownDescription": "Specifies a mount path for your Amazon EFS file system. This is where DataSync reads or writes data on your file system (depending on if this is a source or destination location).\n\nBy default, DataSync uses the root directory (or [access point](https://docs.aws.amazon.com/efs/latest/ug/efs-access-points.html) if you provide one by using `AccessPointArn` ). You can also include subdirectories using forward slashes (for example, `/path/to/folder` ).", + "title": "Subdirectory", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies the key-value pair that represents a tag that you want to add to the resource. The value can be an empty string. This value helps you manage, filter, and search for your resources. We recommend that you create a name tag for your location.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Ec2Config" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::DataSync::LocationEFS" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::EC2::LaunchTemplate.InstanceMarketOptions": { + "AWS::DataSync::LocationEFS.Ec2Config": { "additionalProperties": false, "properties": { - "MarketType": { - "markdownDescription": "The market type.", - "title": "MarketType", - "type": "string" + "SecurityGroupArns": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the Amazon Resource Names (ARNs) of the security groups associated with an Amazon EFS file system's mount target.", + "title": "SecurityGroupArns", + "type": "array" }, - "SpotOptions": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.SpotOptions", - "markdownDescription": "The options for Spot Instances.", - "title": "SpotOptions" + "SubnetArn": { + "markdownDescription": "Specifies the ARN of a subnet where DataSync creates the [network interfaces](https://docs.aws.amazon.com/datasync/latest/userguide/datasync-network.html#required-network-interfaces.html) for managing traffic during your transfer.\n\nThe subnet must be located:\n\n- In the same virtual private cloud (VPC) as the Amazon EFS file system.\n- In the same Availability Zone as at least one mount target for the Amazon EFS file system.\n\n> You don't need to specify a subnet that includes a file system mount target.", + "title": "SubnetArn", + "type": "string" } }, + "required": [ + "SecurityGroupArns", + "SubnetArn" + ], "type": "object" }, - "AWS::EC2::LaunchTemplate.InstanceRequirements": { + "AWS::DataSync::LocationFSxLustre": { "additionalProperties": false, "properties": { - "AcceleratorCount": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.AcceleratorCount", - "markdownDescription": "The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferentia chips) on an instance.\n\nTo exclude accelerator-enabled instance types, set `Max` to `0` .\n\nDefault: No minimum or maximum limits", - "title": "AcceleratorCount" - }, - "AcceleratorManufacturers": { - "items": { - "type": "string" - }, - "markdownDescription": "Indicates whether instance types must have accelerators by specific manufacturers.\n\n- For instance types with AWS devices, specify `amazon-web-services` .\n- For instance types with AMD devices, specify `amd` .\n- For instance types with Habana devices, specify `habana` .\n- For instance types with NVIDIA devices, specify `nvidia` .\n- For instance types with Xilinx devices, specify `xilinx` .\n\nDefault: Any manufacturer", - "title": "AcceleratorManufacturers", - "type": "array" + "Condition": { + "type": "string" }, - "AcceleratorNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The accelerators that must be on the instance type.\n\n- For instance types with NVIDIA A10G GPUs, specify `a10g` .\n- For instance types with NVIDIA A100 GPUs, specify `a100` .\n- For instance types with NVIDIA H100 GPUs, specify `h100` .\n- For instance types with AWS Inferentia chips, specify `inferentia` .\n- For instance types with NVIDIA GRID K520 GPUs, specify `k520` .\n- For instance types with NVIDIA K80 GPUs, specify `k80` .\n- For instance types with NVIDIA M60 GPUs, specify `m60` .\n- For instance types with AMD Radeon Pro V520 GPUs, specify `radeon-pro-v520` .\n- For instance types with NVIDIA T4 GPUs, specify `t4` .\n- For instance types with NVIDIA T4G GPUs, specify `t4g` .\n- For instance types with Xilinx VU9P FPGAs, specify `vu9p` .\n- For instance types with NVIDIA V100 GPUs, specify `v100` .\n\nDefault: Any accelerator", - "title": "AcceleratorNames", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "AcceleratorTotalMemoryMiB": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.AcceleratorTotalMemoryMiB", - "markdownDescription": "The minimum and maximum amount of total accelerator memory, in MiB.\n\nDefault: No minimum or maximum limits", - "title": "AcceleratorTotalMemoryMiB" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "AcceleratorTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The accelerator types that must be on the instance type.\n\n- For instance types with FPGA accelerators, specify `fpga` .\n- For instance types with GPU accelerators, specify `gpu` .\n- For instance types with Inference accelerators, specify `inference` .\n\nDefault: Any accelerator type", - "title": "AcceleratorTypes", - "type": "array" + "Metadata": { + "type": "object" }, - "AllowedInstanceTypes": { - "items": { - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "FsxFilesystemArn": { + "markdownDescription": "Specifies the Amazon Resource Name (ARN) of the FSx for Lustre file system.", + "title": "FsxFilesystemArn", + "type": "string" + }, + "SecurityGroupArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The ARNs of the security groups that are used to configure the FSx for Lustre file system.\n\n*Pattern* : `^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):ec2:[a-z\\-0-9]*:[0-9]{12}:security-group/.*$`\n\n*Length constraints* : Maximum length of 128.", + "title": "SecurityGroupArns", + "type": "array" + }, + "Subdirectory": { + "markdownDescription": "Specifies a mount path for your FSx for Lustre file system. The path can include subdirectories.\n\nWhen the location is used as a source, DataSync reads data from the mount path. When the location is used as a destination, DataSync writes data to the mount path. If you don't include this parameter, DataSync uses the file system's root directory ( `/` ).", + "title": "Subdirectory", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your location.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The instance types to apply your specified attributes against. All other instance types are ignored, even if they match your specified attributes.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to allow an instance type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will allow the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will allow all the M5a instance types, but not the M5n instance types.\n\n> If you specify `AllowedInstanceTypes` , you can't specify `ExcludedInstanceTypes` . \n\nDefault: All instance types", - "title": "AllowedInstanceTypes", - "type": "array" + "required": [ + "SecurityGroupArns" + ], + "type": "object" }, - "BareMetal": { - "markdownDescription": "Indicates whether bare metal instance types must be included, excluded, or required.\n\n- To include bare metal instance types, specify `included` .\n- To require only bare metal instance types, specify `required` .\n- To exclude bare metal instance types, specify `excluded` .\n\nDefault: `excluded`", - "title": "BareMetal", + "Type": { + "enum": [ + "AWS::DataSync::LocationFSxLustre" + ], "type": "string" }, - "BaselineEbsBandwidthMbps": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.BaselineEbsBandwidthMbps", - "markdownDescription": "The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps. For more information, see [Amazon EBS\u2013optimized instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-optimized.html) in the *Amazon EC2 User Guide* .\n\nDefault: No minimum or maximum limits", - "title": "BaselineEbsBandwidthMbps" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::DataSync::LocationFSxONTAP": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" }, - "BurstablePerformance": { - "markdownDescription": "Indicates whether burstable performance T instance types are included, excluded, or required. For more information, see [Burstable performance instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) .\n\n- To include burstable performance instance types, specify `included` .\n- To require only burstable performance instance types, specify `required` .\n- To exclude burstable performance instance types, specify `excluded` .\n\nDefault: `excluded`", - "title": "BurstablePerformance", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "CpuManufacturers": { - "items": { - "type": "string" - }, - "markdownDescription": "The CPU manufacturers to include.\n\n- For instance types with Intel CPUs, specify `intel` .\n- For instance types with AMD CPUs, specify `amd` .\n- For instance types with AWS CPUs, specify `amazon-web-services` .\n- For instance types with Apple CPUs, specify `apple` .\n\n> Don't confuse the CPU manufacturer with the CPU architecture. Instances will be launched with a compatible CPU architecture based on the Amazon Machine Image (AMI) that you specify in your launch template. \n\nDefault: Any manufacturer", - "title": "CpuManufacturers", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ExcludedInstanceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The instance types to exclude.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to exclude an instance type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will exclude the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will exclude all the M5a instance types, but not the M5n instance types.\n\n> If you specify `ExcludedInstanceTypes` , you can't specify `AllowedInstanceTypes` . \n\nDefault: No excluded instance types", - "title": "ExcludedInstanceTypes", - "type": "array" + "Metadata": { + "type": "object" }, - "InstanceGenerations": { - "items": { - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Protocol": { + "$ref": "#/definitions/AWS::DataSync::LocationFSxONTAP.Protocol", + "markdownDescription": "Specifies the data transfer protocol that DataSync uses to access your Amazon FSx file system.", + "title": "Protocol" + }, + "SecurityGroupArns": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the Amazon Resource Names (ARNs) of the security groups that DataSync can use to access your FSx for ONTAP file system. You must configure the security groups to allow outbound traffic on the following ports (depending on the protocol that you're using):\n\n- *Network File System (NFS)* : TCP ports 111, 635, and 2049\n- *Server Message Block (SMB)* : TCP port 445\n\nYour file system's security groups must also allow inbound traffic on the same port.", + "title": "SecurityGroupArns", + "type": "array" + }, + "StorageVirtualMachineArn": { + "markdownDescription": "Specifies the ARN of the storage virtual machine (SVM) in your file system where you want to copy data to or from.", + "title": "StorageVirtualMachineArn", + "type": "string" + }, + "Subdirectory": { + "markdownDescription": "Specifies a path to the file share in the SVM where you want to transfer data to or from.\n\nYou can specify a junction path (also known as a mount point), qtree path (for NFS file shares), or share name (for SMB file shares). For example, your mount path might be `/vol1` , `/vol1/tree1` , or `/share1` .\n\n> Don't specify a junction path in the SVM's root volume. For more information, see [Managing FSx for ONTAP storage virtual machines](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-svms.html) in the *Amazon FSx for NetApp ONTAP User Guide* .", + "title": "Subdirectory", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your location.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "Indicates whether current or previous generation instance types are included. The current generation instance types are recommended for use. Current generation instance types are typically the latest two to three generations in each instance family. For more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .\n\nFor current generation instance types, specify `current` .\n\nFor previous generation instance types, specify `previous` .\n\nDefault: Current and previous generation instance types", - "title": "InstanceGenerations", - "type": "array" + "required": [ + "SecurityGroupArns", + "StorageVirtualMachineArn" + ], + "type": "object" }, - "LocalStorage": { - "markdownDescription": "Indicates whether instance types with instance store volumes are included, excluded, or required. For more information, [Amazon EC2 instance store](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html) in the *Amazon EC2 User Guide* .\n\n- To include instance types with instance store volumes, specify `included` .\n- To require only instance types with instance store volumes, specify `required` .\n- To exclude instance types with instance store volumes, specify `excluded` .\n\nDefault: `included`", - "title": "LocalStorage", + "Type": { + "enum": [ + "AWS::DataSync::LocationFSxONTAP" + ], "type": "string" }, - "LocalStorageTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The type of local storage that is required.\n\n- For instance types with hard disk drive (HDD) storage, specify `hdd` .\n- For instance types with solid state drive (SSD) storage, specify `ssd` .\n\nDefault: `hdd` and `ssd`", - "title": "LocalStorageTypes", - "type": "array" - }, - "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice": { - "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage of an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is based on the per vCPU or per memory price instead of the per instance price.\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` .", - "title": "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice", - "type": "number" - }, - "MemoryGiBPerVCpu": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.MemoryGiBPerVCpu", - "markdownDescription": "The minimum and maximum amount of memory per vCPU, in GiB.\n\nDefault: No minimum or maximum limits", - "title": "MemoryGiBPerVCpu" - }, - "MemoryMiB": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.MemoryMiB", - "markdownDescription": "The minimum and maximum amount of memory, in MiB.", - "title": "MemoryMiB" - }, - "NetworkBandwidthGbps": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.NetworkBandwidthGbps", - "markdownDescription": "The minimum and maximum amount of network bandwidth, in gigabits per second (Gbps).\n\nDefault: No minimum or maximum limits", - "title": "NetworkBandwidthGbps" - }, - "NetworkInterfaceCount": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.NetworkInterfaceCount", - "markdownDescription": "The minimum and maximum number of network interfaces.\n\nDefault: No minimum or maximum limits", - "title": "NetworkInterfaceCount" - }, - "OnDemandMaxPricePercentageOverLowestPrice": { - "markdownDescription": "[Price protection] The price protection threshold for On-Demand Instances, as a percentage higher than an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nTo turn off price protection, specify a high value, such as `999999` .\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n> If you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price. \n\nDefault: `20`", - "title": "OnDemandMaxPricePercentageOverLowestPrice", - "type": "number" - }, - "RequireHibernateSupport": { - "markdownDescription": "Indicates whether instance types must support hibernation for On-Demand Instances.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) .\n\nDefault: `false`", - "title": "RequireHibernateSupport", - "type": "boolean" - }, - "SpotMaxPricePercentageOverLowestPrice": { - "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage higher than an identified Spot price. The identified Spot price is the Spot price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified Spot price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose Spot price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` . \n\nDefault: `100`", - "title": "SpotMaxPricePercentageOverLowestPrice", - "type": "number" - }, - "TotalLocalStorageGB": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.TotalLocalStorageGB", - "markdownDescription": "The minimum and maximum amount of total local storage, in GB.\n\nDefault: No minimum or maximum limits", - "title": "TotalLocalStorageGB" - }, - "VCpuCount": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.VCpuCount", - "markdownDescription": "The minimum and maximum number of vCPUs.", - "title": "VCpuCount" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::EC2::LaunchTemplate.Ipv4PrefixSpecification": { + "AWS::DataSync::LocationFSxONTAP.NFS": { "additionalProperties": false, "properties": { - "Ipv4Prefix": { - "markdownDescription": "The IPv4 prefix. For information, see [Assigning prefixes to network interfaces](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-prefix-eni.html) in the *Amazon EC2 User Guide* .", - "title": "Ipv4Prefix", - "type": "string" + "MountOptions": { + "$ref": "#/definitions/AWS::DataSync::LocationFSxONTAP.NfsMountOptions", + "markdownDescription": "Specifies how DataSync can access a location using the NFS protocol.", + "title": "MountOptions" } }, + "required": [ + "MountOptions" + ], "type": "object" }, - "AWS::EC2::LaunchTemplate.Ipv6Add": { + "AWS::DataSync::LocationFSxONTAP.NfsMountOptions": { "additionalProperties": false, "properties": { - "Ipv6Address": { - "markdownDescription": "One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet. You can't use this option if you're specifying a number of IPv6 addresses.", - "title": "Ipv6Address", + "Version": { + "markdownDescription": "Specifies the NFS version that you want DataSync to use when mounting your NFS share. If the server refuses to use the version specified, the task fails.\n\nYou can specify the following options:\n\n- `AUTOMATIC` (default): DataSync chooses NFS version 4.1.\n- `NFS3` : Stateless protocol version that allows for asynchronous writes on the server.\n- `NFSv4_0` : Stateful, firewall-friendly protocol version that supports delegations and pseudo file systems.\n- `NFSv4_1` : Stateful protocol version that supports sessions, directory delegations, and parallel data processing. NFS version 4.1 also includes all features available in version 4.0.\n\n> DataSync currently only supports NFS version 3 with Amazon FSx for NetApp ONTAP locations.", + "title": "Version", "type": "string" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.Ipv6PrefixSpecification": { + "AWS::DataSync::LocationFSxONTAP.Protocol": { "additionalProperties": false, "properties": { - "Ipv6Prefix": { - "markdownDescription": "The IPv6 prefix.", - "title": "Ipv6Prefix", - "type": "string" + "NFS": { + "$ref": "#/definitions/AWS::DataSync::LocationFSxONTAP.NFS", + "markdownDescription": "Specifies the Network File System (NFS) protocol configuration that DataSync uses to access your FSx for ONTAP file system's storage virtual machine (SVM).", + "title": "NFS" + }, + "SMB": { + "$ref": "#/definitions/AWS::DataSync::LocationFSxONTAP.SMB", + "markdownDescription": "Specifies the Server Message Block (SMB) protocol configuration that DataSync uses to access your FSx for ONTAP file system's SVM.", + "title": "SMB" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.LaunchTemplateData": { + "AWS::DataSync::LocationFSxONTAP.SMB": { "additionalProperties": false, "properties": { - "BlockDeviceMappings": { - "items": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.BlockDeviceMapping" - }, - "markdownDescription": "The block device mapping.", - "title": "BlockDeviceMappings", - "type": "array" - }, - "CapacityReservationSpecification": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.CapacityReservationSpecification", - "markdownDescription": "The Capacity Reservation targeting option. If you do not specify this parameter, the instance's Capacity Reservation preference defaults to `open` , which enables it to run in any open Capacity Reservation that has matching attributes (instance type, platform, Availability Zone).", - "title": "CapacityReservationSpecification" - }, - "CpuOptions": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.CpuOptions", - "markdownDescription": "The CPU options for the instance. For more information, see [CPU options for Amazon EC2 instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html) in the *Amazon EC2 User Guide* .", - "title": "CpuOptions" - }, - "CreditSpecification": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.CreditSpecification", - "markdownDescription": "The credit option for CPU usage of the instance. Valid only for T instances.", - "title": "CreditSpecification" - }, - "DisableApiStop": { - "markdownDescription": "Indicates whether to enable the instance for stop protection. For more information, see [Enable stop protection for your EC2 instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-stop-protection.html) in the *Amazon EC2 User Guide* .", - "title": "DisableApiStop", - "type": "boolean" - }, - "DisableApiTermination": { - "markdownDescription": "Indicates whether termination protection is enabled for the instance. The default is `false` , which means that you can terminate the instance using the Amazon EC2 console, command line tools, or API. You can enable termination protection when you launch an instance, while the instance is running, or while the instance is stopped.", - "title": "DisableApiTermination", - "type": "boolean" - }, - "EbsOptimized": { - "markdownDescription": "Indicates whether the instance is optimized for Amazon EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal Amazon EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS-optimized instance.", - "title": "EbsOptimized", - "type": "boolean" - }, - "ElasticGpuSpecifications": { - "items": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.ElasticGpuSpecification" - }, - "markdownDescription": "Deprecated.\n\n> Amazon Elastic Graphics reached end of life on January 8, 2024.", - "title": "ElasticGpuSpecifications", - "type": "array" - }, - "ElasticInferenceAccelerators": { - "items": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.LaunchTemplateElasticInferenceAccelerator" - }, - "markdownDescription": "> Amazon Elastic Inference is no longer available. \n\nAn elastic inference accelerator to associate with the instance. Elastic inference accelerators are a resource you can attach to your Amazon EC2 instances to accelerate your Deep Learning (DL) inference workloads.\n\nYou cannot specify accelerators from different generations in the same request.", - "title": "ElasticInferenceAccelerators", - "type": "array" - }, - "EnclaveOptions": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.EnclaveOptions", - "markdownDescription": "Indicates whether the instance is enabled for AWS Nitro Enclaves. For more information, see [What is Nitro Enclaves?](https://docs.aws.amazon.com/enclaves/latest/user/nitro-enclave.html) in the *AWS Nitro Enclaves User Guide* .\n\nYou can't enable AWS Nitro Enclaves and hibernation on the same instance.", - "title": "EnclaveOptions" - }, - "HibernationOptions": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.HibernationOptions", - "markdownDescription": "Indicates whether an instance is enabled for hibernation. This parameter is valid only if the instance meets the [hibernation prerequisites](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/hibernating-prerequisites.html) . For more information, see [Hibernate your Amazon EC2 instance](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) in the *Amazon EC2 User Guide* .", - "title": "HibernationOptions" + "Domain": { + "markdownDescription": "Specifies the name of the Windows domain that your storage virtual machine (SVM) belongs to.\n\nIf you have multiple domains in your environment, configuring this setting makes sure that DataSync connects to the right SVM.\n\nIf you have multiple Active Directory domains in your environment, configuring this parameter makes sure that DataSync connects to the right SVM.", + "title": "Domain", + "type": "string" }, - "IamInstanceProfile": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.IamInstanceProfile", - "markdownDescription": "The name or Amazon Resource Name (ARN) of an IAM instance profile.", - "title": "IamInstanceProfile" + "MountOptions": { + "$ref": "#/definitions/AWS::DataSync::LocationFSxONTAP.SmbMountOptions", + "markdownDescription": "Specifies how DataSync can access a location using the SMB protocol.", + "title": "MountOptions" }, - "ImageId": { - "markdownDescription": "The ID of the AMI. Alternatively, you can specify a Systems Manager parameter, which will resolve to an AMI ID on launch.\n\nValid formats:\n\n- `ami-0ac394d6a3example`\n- `resolve:ssm:parameter-name`\n- `resolve:ssm:parameter-name:version-number`\n- `resolve:ssm:parameter-name:label`\n\nFor more information, see [Use a Systems Manager parameter to find an AMI](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/finding-an-ami.html#using-systems-manager-parameter-to-find-AMI) in the *Amazon Elastic Compute Cloud User Guide* .", - "title": "ImageId", + "Password": { + "markdownDescription": "Specifies the password of a user who has permission to access your SVM.", + "title": "Password", "type": "string" }, - "InstanceInitiatedShutdownBehavior": { - "markdownDescription": "Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).\n\nDefault: `stop`", - "title": "InstanceInitiatedShutdownBehavior", + "User": { + "markdownDescription": "Specifies a user name that can mount the location and access the files, folders, and metadata that you need in the SVM.\n\nIf you provide a user in your Active Directory, note the following:\n\n- If you're using AWS Directory Service for Microsoft Active Directory , the user must be a member of the AWS Delegated FSx Administrators group.\n- If you're using a self-managed Active Directory, the user must be a member of either the Domain Admins group or a custom group that you specified for file system administration when you created your file system.\n\nMake sure that the user has the permissions it needs to copy the data you want:\n\n- `SE_TCB_NAME` : Required to set object ownership and file metadata. With this privilege, you also can copy NTFS discretionary access lists (DACLs).\n- `SE_SECURITY_NAME` : May be needed to copy NTFS system access control lists (SACLs). This operation specifically requires the Windows privilege, which is granted to members of the Domain Admins group. If you configure your task to copy SACLs, make sure that the user has the required privileges. For information about copying SACLs, see [Ownership and permissions-related options](https://docs.aws.amazon.com/datasync/latest/userguide/create-task.html#configure-ownership-and-permissions) .", + "title": "User", "type": "string" - }, - "InstanceMarketOptions": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.InstanceMarketOptions", - "markdownDescription": "The market (purchasing) option for the instances.", - "title": "InstanceMarketOptions" - }, - "InstanceRequirements": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.InstanceRequirements", - "markdownDescription": "The attributes for the instance types. When you specify instance attributes, Amazon EC2 will identify instance types with these attributes.\n\nYou must specify `VCpuCount` and `MemoryMiB` . All other attributes are optional. Any unspecified optional attribute is set to its default.\n\nWhen you specify multiple attributes, you get instance types that satisfy all of the specified attributes. If you specify multiple values for an attribute, you get instance types that satisfy any of the specified values.\n\nTo limit the list of instance types from which Amazon EC2 can identify matching instance types, you can use one of the following parameters, but not both in the same request:\n\n- `AllowedInstanceTypes` - The instance types to include in the list. All other instance types are ignored, even if they match your specified attributes.\n- `ExcludedInstanceTypes` - The instance types to exclude from the list, even if they match your specified attributes.\n\n> If you specify `InstanceRequirements` , you can't specify `InstanceType` .\n> \n> Attribute-based instance type selection is only supported when using Auto Scaling groups, EC2 Fleet, and Spot Fleet to launch instances. If you plan to use the launch template in the [launch instance wizard](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-instance-wizard.html) , or with the [RunInstances](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html) API or [AWS::EC2::Instance](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html) AWS CloudFormation resource, you can't specify `InstanceRequirements` . \n\nFor more information, see [Specify attributes for instance type selection for EC2 Fleet or Spot Fleet](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-attribute-based-instance-type-selection.html) and [Spot placement score](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-placement-score.html) in the *Amazon EC2 User Guide* .", - "title": "InstanceRequirements" - }, - "InstanceType": { - "markdownDescription": "The instance type. For more information, see [Amazon EC2 instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .\n\nIf you specify `InstanceType` , you can't specify `InstanceRequirements` .", - "title": "InstanceType", + } + }, + "required": [ + "MountOptions", + "Password", + "User" + ], + "type": "object" + }, + "AWS::DataSync::LocationFSxONTAP.SmbMountOptions": { + "additionalProperties": false, + "properties": { + "Version": { + "markdownDescription": "By default, DataSync automatically chooses an SMB protocol version based on negotiation with your SMB file server. You also can configure DataSync to use a specific SMB version, but we recommend doing this only if DataSync has trouble negotiating with the SMB file server automatically.\n\nThese are the following options for configuring the SMB version:\n\n- `AUTOMATIC` (default): DataSync and the SMB file server negotiate the highest version of SMB that they mutually support between 2.1 and 3.1.1.\n\nThis is the recommended option. If you instead choose a specific version that your file server doesn't support, you may get an `Operation Not Supported` error.\n- `SMB3` : Restricts the protocol negotiation to only SMB version 3.0.2.\n- `SMB2` : Restricts the protocol negotiation to only SMB version 2.1.\n- `SMB2_0` : Restricts the protocol negotiation to only SMB version 2.0.\n- `SMB1` : Restricts the protocol negotiation to only SMB version 1.0.\n\n> The `SMB1` option isn't available when [creating an Amazon FSx for NetApp ONTAP location](https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateLocationFsxOntap.html) .", + "title": "Version", "type": "string" - }, - "KernelId": { - "markdownDescription": "The ID of the kernel.\n\nWe recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see [User Provided Kernels](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) in the *Amazon EC2 User Guide* .", - "title": "KernelId", + } + }, + "type": "object" + }, + "AWS::DataSync::LocationFSxOpenZFS": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "KeyName": { - "markdownDescription": "The name of the key pair. You can create a key pair using [CreateKeyPair](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateKeyPair.html) or [ImportKeyPair](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportKeyPair.html) .\n\n> If you do not specify a key pair, you can't connect to the instance unless you choose an AMI that is configured to allow users another way to log in.", - "title": "KeyName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "LicenseSpecifications": { - "items": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.LicenseSpecification" - }, - "markdownDescription": "The license configurations.", - "title": "LicenseSpecifications", - "type": "array" - }, - "MaintenanceOptions": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.MaintenanceOptions", - "markdownDescription": "The maintenance options of your instance.", - "title": "MaintenanceOptions" - }, - "MetadataOptions": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.MetadataOptions", - "markdownDescription": "The metadata options for the instance. For more information, see [Configure the Instance Metadata Service options](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-options.html) in the *Amazon EC2 User Guide* .", - "title": "MetadataOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Monitoring": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Monitoring", - "markdownDescription": "The monitoring for the instance.", - "title": "Monitoring" + "Metadata": { + "type": "object" }, - "NetworkInterfaces": { - "items": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.NetworkInterface" + "Properties": { + "additionalProperties": false, + "properties": { + "FsxFilesystemArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the FSx for OpenZFS file system.", + "title": "FsxFilesystemArn", + "type": "string" + }, + "Protocol": { + "$ref": "#/definitions/AWS::DataSync::LocationFSxOpenZFS.Protocol", + "markdownDescription": "The type of protocol that AWS DataSync uses to access your file system.", + "title": "Protocol" + }, + "SecurityGroupArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The ARNs of the security groups that are used to configure the FSx for OpenZFS file system.\n\n*Pattern* : `^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):ec2:[a-z\\-0-9]*:[0-9]{12}:security-group/.*$`\n\n*Length constraints* : Maximum length of 128.", + "title": "SecurityGroupArns", + "type": "array" + }, + "Subdirectory": { + "markdownDescription": "A subdirectory in the location's path that must begin with `/fsx` . DataSync uses this subdirectory to read or write data (depending on whether the file system is a source or destination location).", + "title": "Subdirectory", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The key-value pair that represents a tag that you want to add to the resource. The value can be an empty string. This value helps you manage, filter, and search for your resources. We recommend that you create a name tag for your location.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The network interfaces for the instance.", - "title": "NetworkInterfaces", - "type": "array" - }, - "Placement": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Placement", - "markdownDescription": "The placement for the instance.", - "title": "Placement" - }, - "PrivateDnsNameOptions": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.PrivateDnsNameOptions", - "markdownDescription": "The hostname type for EC2 instances launched into this subnet and how DNS A and AAAA record queries should be handled. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .", - "title": "PrivateDnsNameOptions" + "required": [ + "Protocol", + "SecurityGroupArns" + ], + "type": "object" }, - "RamDiskId": { - "markdownDescription": "The ID of the RAM disk.\n\n> We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see [User provided kernels](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) in the *Amazon EC2 User Guide* .", - "title": "RamDiskId", + "Type": { + "enum": [ + "AWS::DataSync::LocationFSxOpenZFS" + ], "type": "string" }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the security groups. You can specify the IDs of existing security groups and references to resources created by the stack template.\n\nIf you specify a network interface, you must specify any security groups as part of the network interface instead.", - "title": "SecurityGroupIds", - "type": "array" - }, - "SecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "The names of the security groups. For a nondefault VPC, you must use security group IDs instead.\n\nIf you specify a network interface, you must specify any security groups as part of the network interface instead of using this parameter.", - "title": "SecurityGroups", - "type": "array" - }, - "TagSpecifications": { - "items": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.TagSpecification" - }, - "markdownDescription": "The tags to apply to resources that are created during instance launch.\n\nTo tag the launch template itself, use [TagSpecifications](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html#cfn-ec2-launchtemplate-tagspecifications) .", - "title": "TagSpecifications", - "type": "array" - }, - "UserData": { - "markdownDescription": "The user data to make available to the instance. You must provide base64-encoded text. User data is limited to 16 KB. For more information, see [Run commands when you launch an EC2 instance with user data input](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html) in the *Amazon EC2 User Guide* .\n\nIf you are creating the launch template for use with AWS Batch , the user data must be provided in the [MIME multi-part archive format](https://docs.aws.amazon.com/https://cloudinit.readthedocs.io/en/latest/topics/format.html#mime-multi-part-archive) . For more information, see [Amazon EC2 user data in launch templates](https://docs.aws.amazon.com/batch/latest/userguide/launch-templates.html#lt-user-data) in the *AWS Batch User Guide* .", - "title": "UserData", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::EC2::LaunchTemplate.LaunchTemplateElasticInferenceAccelerator": { + "AWS::DataSync::LocationFSxOpenZFS.MountOptions": { "additionalProperties": false, "properties": { - "Count": { - "markdownDescription": "The number of elastic inference accelerators to attach to the instance.\n\nDefault: 1", - "title": "Count", - "type": "number" - }, - "Type": { - "markdownDescription": "The type of elastic inference accelerator. The possible values are eia1.medium, eia1.large, and eia1.xlarge.", - "title": "Type", + "Version": { + "markdownDescription": "The specific NFS version that you want DataSync to use to mount your NFS share. If the server refuses to use the version specified, the sync will fail. If you don't specify a version, DataSync defaults to `AUTOMATIC` . That is, DataSync automatically selects a version based on negotiation with the NFS server.\n\nYou can specify the following NFS versions:\n\n- *[NFSv3](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc1813)* : Stateless protocol version that allows for asynchronous writes on the server.\n- *[NFSv4.0](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc3530)* : Stateful, firewall-friendly protocol version that supports delegations and pseudo file systems.\n- *[NFSv4.1](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc5661)* : Stateful protocol version that supports sessions, directory delegations, and parallel data processing. Version 4.1 also includes all features available in version 4.0.", + "title": "Version", "type": "string" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.LaunchTemplateTagSpecification": { + "AWS::DataSync::LocationFSxOpenZFS.NFS": { "additionalProperties": false, "properties": { - "ResourceType": { - "markdownDescription": "The type of resource. To tag a launch template, `ResourceType` must be `launch-template` .", - "title": "ResourceType", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags for the resource.", - "title": "Tags", - "type": "array" + "MountOptions": { + "$ref": "#/definitions/AWS::DataSync::LocationFSxOpenZFS.MountOptions", + "markdownDescription": "Represents the mount options that are available for DataSync to access an NFS location.", + "title": "MountOptions" } }, + "required": [ + "MountOptions" + ], "type": "object" }, - "AWS::EC2::LaunchTemplate.LicenseSpecification": { + "AWS::DataSync::LocationFSxOpenZFS.Protocol": { "additionalProperties": false, "properties": { - "LicenseConfigurationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the license configuration.", - "title": "LicenseConfigurationArn", - "type": "string" + "NFS": { + "$ref": "#/definitions/AWS::DataSync::LocationFSxOpenZFS.NFS", + "markdownDescription": "Represents the Network File System (NFS) protocol that DataSync uses to access your FSx for OpenZFS file system.", + "title": "NFS" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.MaintenanceOptions": { - "additionalProperties": false, - "properties": { - "AutoRecovery": { - "markdownDescription": "Disables the automatic recovery behavior of your instance or sets it to default.", - "title": "AutoRecovery", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::LaunchTemplate.MemoryGiBPerVCpu": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum amount of memory per vCPU, in GiB. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum amount of memory per vCPU, in GiB. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::LaunchTemplate.MemoryMiB": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum amount of memory, in MiB. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum amount of memory, in MiB. To specify no minimum limit, specify `0` .", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::LaunchTemplate.MetadataOptions": { - "additionalProperties": false, - "properties": { - "HttpEndpoint": { - "markdownDescription": "Enables or disables the HTTP metadata endpoint on your instances. If the parameter is not specified, the default state is `enabled` .\n\n> If you specify a value of `disabled` , you will not be able to access your instance metadata.", - "title": "HttpEndpoint", - "type": "string" - }, - "HttpProtocolIpv6": { - "markdownDescription": "Enables or disables the IPv6 endpoint for the instance metadata service.\n\nDefault: `disabled`", - "title": "HttpProtocolIpv6", - "type": "string" - }, - "HttpPutResponseHopLimit": { - "markdownDescription": "The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel.\n\nDefault: `1`\n\nPossible values: Integers from 1 to 64", - "title": "HttpPutResponseHopLimit", - "type": "number" - }, - "HttpTokens": { - "markdownDescription": "Indicates whether IMDSv2 is required.\n\n- `optional` - IMDSv2 is optional. You can choose whether to send a session token in your instance metadata retrieval requests. If you retrieve IAM role credentials without a session token, you receive the IMDSv1 role credentials. If you retrieve IAM role credentials using a valid session token, you receive the IMDSv2 role credentials.\n- `required` - IMDSv2 is required. You must send a session token in your instance metadata retrieval requests. With this option, retrieving the IAM role credentials always returns IMDSv2 credentials; IMDSv1 credentials are not available.\n\nDefault: If the value of `ImdsSupport` for the Amazon Machine Image (AMI) for your instance is `v2.0` , the default is `required` .", - "title": "HttpTokens", - "type": "string" - }, - "InstanceMetadataTags": { - "markdownDescription": "Set to `enabled` to allow access to instance tags from the instance metadata. Set to `disabled` to turn off access to instance tags from the instance metadata. For more information, see [View tags for your EC2 instances using instance metadata](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/work-with-tags-in-IMDS.html) .\n\nDefault: `disabled`", - "title": "InstanceMetadataTags", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::LaunchTemplate.Monitoring": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Specify `true` to enable detailed monitoring. Otherwise, basic monitoring is enabled.", - "title": "Enabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::EC2::LaunchTemplate.NetworkBandwidthGbps": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum amount of network bandwidth, in Gbps. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum amount of network bandwidth, in Gbps. If this parameter is not specified, there is no minimum limit.", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::LaunchTemplate.NetworkInterface": { - "additionalProperties": false, - "properties": { - "AssociateCarrierIpAddress": { - "markdownDescription": "Associates a Carrier IP address with eth0 for a new network interface.\n\nUse this option when you launch an instance in a Wavelength Zone and want to associate a Carrier IP address with the network interface. For more information about Carrier IP addresses, see [Carrier IP addresses](https://docs.aws.amazon.com/wavelength/latest/developerguide/how-wavelengths-work.html#provider-owned-ip) in the *AWS Wavelength Developer Guide* .", - "title": "AssociateCarrierIpAddress", - "type": "boolean" - }, - "AssociatePublicIpAddress": { - "markdownDescription": "Associates a public IPv4 address with eth0 for a new network interface.\n\nAWS charges for all public IPv4 addresses, including public IPv4 addresses associated with running instances and Elastic IP addresses. For more information, see the *Public IPv4 Address* tab on the [Amazon VPC pricing page](https://docs.aws.amazon.com/vpc/pricing/) .", - "title": "AssociatePublicIpAddress", - "type": "boolean" - }, - "ConnectionTrackingSpecification": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.ConnectionTrackingSpecification", - "markdownDescription": "A connection tracking specification for the network interface.", - "title": "ConnectionTrackingSpecification" - }, - "DeleteOnTermination": { - "markdownDescription": "Indicates whether the network interface is deleted when the instance is terminated.", - "title": "DeleteOnTermination", - "type": "boolean" - }, - "Description": { - "markdownDescription": "A description for the network interface.", - "title": "Description", - "type": "string" - }, - "DeviceIndex": { - "markdownDescription": "The device index for the network interface attachment. The primary network interface has a device index of 0. If the network interface is of type `interface` , you must specify a device index.\n\nIf you create a launch template that includes secondary network interfaces but no primary network interface, and you specify it using the `LaunchTemplate` property of `AWS::EC2::Instance` , then you must include a primary network interface using the `NetworkInterfaces` property of `AWS::EC2::Instance` .", - "title": "DeviceIndex", - "type": "number" - }, - "EnaSrdSpecification": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.EnaSrdSpecification", - "markdownDescription": "The ENA Express configuration for the network interface.", - "title": "EnaSrdSpecification" - }, - "Groups": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of one or more security groups.", - "title": "Groups", - "type": "array" - }, - "InterfaceType": { - "markdownDescription": "The type of network interface. To create an Elastic Fabric Adapter (EFA), specify `efa` or `efa` . For more information, see [Elastic Fabric Adapter for AI/ML and HPC workloads on Amazon EC2](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/efa.html) in the *Amazon EC2 User Guide* .\n\nIf you are not creating an EFA, specify `interface` or omit this parameter.\n\nIf you specify `efa-only` , do not assign any IP addresses to the network interface. EFA-only network interfaces do not support IP addresses.\n\nValid values: `interface` | `efa` | `efa-only`", - "title": "InterfaceType", - "type": "string" - }, - "Ipv4PrefixCount": { - "markdownDescription": "The number of IPv4 prefixes to be automatically assigned to the network interface. You cannot use this option if you use the `Ipv4Prefix` option.", - "title": "Ipv4PrefixCount", - "type": "number" - }, - "Ipv4Prefixes": { - "items": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Ipv4PrefixSpecification" - }, - "markdownDescription": "One or more IPv4 prefixes to be assigned to the network interface. You cannot use this option if you use the `Ipv4PrefixCount` option.", - "title": "Ipv4Prefixes", - "type": "array" - }, - "Ipv6AddressCount": { - "markdownDescription": "The number of IPv6 addresses to assign to a network interface. Amazon EC2 automatically selects the IPv6 addresses from the subnet range. You can't use this option if specifying specific IPv6 addresses.", - "title": "Ipv6AddressCount", - "type": "number" - }, - "Ipv6Addresses": { - "items": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Ipv6Add" - }, - "markdownDescription": "One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet. You can't use this option if you're specifying a number of IPv6 addresses.", - "title": "Ipv6Addresses", - "type": "array" - }, - "Ipv6PrefixCount": { - "markdownDescription": "The number of IPv6 prefixes to be automatically assigned to the network interface. You cannot use this option if you use the `Ipv6Prefix` option.", - "title": "Ipv6PrefixCount", - "type": "number" - }, - "Ipv6Prefixes": { - "items": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Ipv6PrefixSpecification" - }, - "markdownDescription": "One or more IPv6 prefixes to be assigned to the network interface. You cannot use this option if you use the `Ipv6PrefixCount` option.", - "title": "Ipv6Prefixes", - "type": "array" - }, - "NetworkCardIndex": { - "markdownDescription": "The index of the network card. Some instance types support multiple network cards. The primary network interface must be assigned to network card index 0. The default is network card index 0.", - "title": "NetworkCardIndex", - "type": "number" - }, - "NetworkInterfaceId": { - "markdownDescription": "The ID of the network interface.", - "title": "NetworkInterfaceId", - "type": "string" - }, - "PrimaryIpv6": { - "markdownDescription": "The primary IPv6 address of the network interface. When you enable an IPv6 GUA address to be a primary IPv6, the first IPv6 GUA will be made the primary IPv6 address until the instance is terminated or the network interface is detached. For more information about primary IPv6 addresses, see [RunInstances](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html) .", - "title": "PrimaryIpv6", - "type": "boolean" - }, - "PrivateIpAddress": { - "markdownDescription": "The primary private IPv4 address of the network interface.", - "title": "PrivateIpAddress", - "type": "string" - }, - "PrivateIpAddresses": { - "items": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.PrivateIpAdd" - }, - "markdownDescription": "One or more private IPv4 addresses.", - "title": "PrivateIpAddresses", - "type": "array" - }, - "SecondaryPrivateIpAddressCount": { - "markdownDescription": "The number of secondary private IPv4 addresses to assign to a network interface.", - "title": "SecondaryPrivateIpAddressCount", - "type": "number" - }, - "SubnetId": { - "markdownDescription": "The ID of the subnet for the network interface.", - "title": "SubnetId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::LaunchTemplate.NetworkInterfaceCount": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum number of network interfaces. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum number of network interfaces. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::LaunchTemplate.Placement": { - "additionalProperties": false, - "properties": { - "Affinity": { - "markdownDescription": "The affinity setting for an instance on a Dedicated Host.", - "title": "Affinity", - "type": "string" - }, - "AvailabilityZone": { - "markdownDescription": "The Availability Zone for the instance.", - "title": "AvailabilityZone", - "type": "string" - }, - "GroupId": { - "markdownDescription": "The Group Id of a placement group. You must specify the Placement Group *Group Id* to launch an instance in a shared placement group.", - "title": "GroupId", - "type": "string" - }, - "GroupName": { - "markdownDescription": "The name of the placement group for the instance.", - "title": "GroupName", - "type": "string" - }, - "HostId": { - "markdownDescription": "The ID of the Dedicated Host for the instance.", - "title": "HostId", - "type": "string" - }, - "HostResourceGroupArn": { - "markdownDescription": "The ARN of the host resource group in which to launch the instances. If you specify a host resource group ARN, omit the *Tenancy* parameter or set it to `host` .", - "title": "HostResourceGroupArn", - "type": "string" - }, - "PartitionNumber": { - "markdownDescription": "The number of the partition the instance should launch in. Valid only if the placement group strategy is set to `partition` .", - "title": "PartitionNumber", - "type": "number" - }, - "SpreadDomain": { - "markdownDescription": "Reserved for future use.", - "title": "SpreadDomain", - "type": "string" - }, - "Tenancy": { - "markdownDescription": "The tenancy of the instance. An instance with a tenancy of dedicated runs on single-tenant hardware.", - "title": "Tenancy", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::LaunchTemplate.PrivateDnsNameOptions": { - "additionalProperties": false, - "properties": { - "EnableResourceNameDnsAAAARecord": { - "markdownDescription": "Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records.", - "title": "EnableResourceNameDnsAAAARecord", - "type": "boolean" - }, - "EnableResourceNameDnsARecord": { - "markdownDescription": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records.", - "title": "EnableResourceNameDnsARecord", - "type": "boolean" - }, - "HostnameType": { - "markdownDescription": "The type of hostname for EC2 instances. For IPv4 only subnets, an instance DNS name must be based on the instance IPv4 address. For IPv6 only subnets, an instance DNS name must be based on the instance ID. For dual-stack subnets, you can specify whether DNS names use the instance IPv4 address or the instance ID. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .", - "title": "HostnameType", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::LaunchTemplate.PrivateIpAdd": { - "additionalProperties": false, - "properties": { - "Primary": { - "markdownDescription": "Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.", - "title": "Primary", - "type": "boolean" - }, - "PrivateIpAddress": { - "markdownDescription": "The private IPv4 address.", - "title": "PrivateIpAddress", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::LaunchTemplate.SpotOptions": { - "additionalProperties": false, - "properties": { - "BlockDurationMinutes": { - "markdownDescription": "Deprecated.", - "title": "BlockDurationMinutes", - "type": "number" - }, - "InstanceInterruptionBehavior": { - "markdownDescription": "The behavior when a Spot Instance is interrupted. The default is `terminate` .", - "title": "InstanceInterruptionBehavior", - "type": "string" - }, - "MaxPrice": { - "markdownDescription": "The maximum hourly price you're willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price. If you do specify this parameter, it must be more than USD $0.001. Specifying a value below USD $0.001 will result in an `InvalidParameterValue` error message when the launch template is used to launch an instance.\n\n> If you specify a maximum price, your Spot Instances will be interrupted more frequently than if you do not specify this parameter.", - "title": "MaxPrice", - "type": "string" - }, - "SpotInstanceType": { - "markdownDescription": "The Spot Instance request type.\n\nIf you are using Spot Instances with an Auto Scaling group, use `one-time` requests, as the Amazon EC2 Auto Scaling service handles requesting new Spot Instances whenever the group is below its desired capacity.", - "title": "SpotInstanceType", - "type": "string" - }, - "ValidUntil": { - "markdownDescription": "The end date of the request, in UTC format ( *YYYY-MM-DD* T *HH:MM:SS* Z). Supported only for persistent requests.\n\n- For a persistent request, the request remains active until the `ValidUntil` date and time is reached. Otherwise, the request remains active until you cancel it.\n- For a one-time request, `ValidUntil` is not supported. The request remains active until all instances launch or you cancel the request.\n\nDefault: 7 days from the current date", - "title": "ValidUntil", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::LaunchTemplate.TagSpecification": { - "additionalProperties": false, - "properties": { - "ResourceType": { - "markdownDescription": "The type of resource to tag. You can specify tags for the following resource types only: `instance` | `volume` | `network-interface` | `spot-instances-request` . If the instance does not include the resource type that you specify, the instance launch fails. For example, not all instance types include a volume.\n\nTo tag a resource after it has been created, see [CreateTags](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTags.html) .", - "title": "ResourceType", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to apply to the resource.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, - "AWS::EC2::LaunchTemplate.TotalLocalStorageGB": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum amount of total local storage, in GB. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum amount of total local storage, in GB. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::LaunchTemplate.VCpuCount": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum number of vCPUs. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum number of vCPUs. To specify no minimum limit, specify `0` .", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::LocalGatewayRoute": { + "AWS::DataSync::LocationFSxWindows": { "additionalProperties": false, "properties": { "Condition": { @@ -73699,36 +79395,57 @@ "Properties": { "additionalProperties": false, "properties": { - "DestinationCidrBlock": { - "markdownDescription": "The CIDR block used for destination matches.", - "title": "DestinationCidrBlock", + "Domain": { + "markdownDescription": "Specifies the name of the Windows domain that the FSx for Windows File Server file system belongs to.\n\nIf you have multiple Active Directory domains in your environment, configuring this parameter makes sure that DataSync connects to the right file system.", + "title": "Domain", "type": "string" }, - "LocalGatewayRouteTableId": { - "markdownDescription": "The ID of the local gateway route table.", - "title": "LocalGatewayRouteTableId", + "FsxFilesystemArn": { + "markdownDescription": "Specifies the Amazon Resource Name (ARN) for the FSx for Windows File Server file system.", + "title": "FsxFilesystemArn", "type": "string" }, - "LocalGatewayVirtualInterfaceGroupId": { - "markdownDescription": "The ID of the virtual interface group.", - "title": "LocalGatewayVirtualInterfaceGroupId", + "Password": { + "markdownDescription": "Specifies the password of the user with the permissions to mount and access the files, folders, and file metadata in your FSx for Windows File Server file system.", + "title": "Password", "type": "string" }, - "NetworkInterfaceId": { - "markdownDescription": "The ID of the network interface.", - "title": "NetworkInterfaceId", + "SecurityGroupArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Names (ARNs) of the security groups that are used to configure the FSx for Windows File Server file system.\n\n*Pattern* : `^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):ec2:[a-z\\-0-9]*:[0-9]{12}:security-group/.*$`\n\n*Length constraints* : Maximum length of 128.", + "title": "SecurityGroupArns", + "type": "array" + }, + "Subdirectory": { + "markdownDescription": "Specifies a mount path for your file system using forward slashes. This is where DataSync reads or writes data (depending on if this is a source or destination location).", + "title": "Subdirectory", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your location.", + "title": "Tags", + "type": "array" + }, + "User": { + "markdownDescription": "The user who has the permissions to access files and folders in the FSx for Windows File Server file system.\n\nFor information about choosing a user name that ensures sufficient permissions to files, folders, and metadata, see [user](https://docs.aws.amazon.com/datasync/latest/userguide/create-fsx-location.html#FSxWuser) .", + "title": "User", "type": "string" } }, "required": [ - "DestinationCidrBlock", - "LocalGatewayRouteTableId" + "SecurityGroupArns", + "User" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::LocalGatewayRoute" + "AWS::DataSync::LocationFSxWindows" ], "type": "string" }, @@ -73747,7 +79464,7 @@ ], "type": "object" }, - "AWS::EC2::LocalGatewayRouteTable": { + "AWS::DataSync::LocationHDFS": { "additionalProperties": false, "properties": { "Condition": { @@ -73782,33 +79499,91 @@ "Properties": { "additionalProperties": false, "properties": { - "LocalGatewayId": { - "markdownDescription": "The ID of the local gateway.", - "title": "LocalGatewayId", + "AgentArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Names (ARNs) of the DataSync agents that can connect to your HDFS cluster.", + "title": "AgentArns", + "type": "array" + }, + "AuthenticationType": { + "markdownDescription": "", + "title": "AuthenticationType", "type": "string" }, - "Mode": { - "markdownDescription": "The mode of the local gateway route table.", - "title": "Mode", + "BlockSize": { + "markdownDescription": "The size of data blocks to write into the HDFS cluster. The block size must be a multiple of 512 bytes. The default block size is 128 mebibytes (MiB).", + "title": "BlockSize", + "type": "number" + }, + "KerberosKeytab": { + "markdownDescription": "The Kerberos key table (keytab) that contains mappings between the defined Kerberos principal and the encrypted keys. Provide the base64-encoded file text. If `KERBEROS` is specified for `AuthType` , this value is required.", + "title": "KerberosKeytab", + "type": "string" + }, + "KerberosKrb5Conf": { + "markdownDescription": "The `krb5.conf` file that contains the Kerberos configuration information. You can load the `krb5.conf` by providing a string of the file's contents or an Amazon S3 presigned URL of the file. If `KERBEROS` is specified for `AuthType` , this value is required.", + "title": "KerberosKrb5Conf", + "type": "string" + }, + "KerberosPrincipal": { + "markdownDescription": "The Kerberos principal with access to the files and folders on the HDFS cluster.\n\n> If `KERBEROS` is specified for `AuthenticationType` , this parameter is required.", + "title": "KerberosPrincipal", + "type": "string" + }, + "KmsKeyProviderUri": { + "markdownDescription": "The URI of the HDFS cluster's Key Management Server (KMS).", + "title": "KmsKeyProviderUri", + "type": "string" + }, + "NameNodes": { + "items": { + "$ref": "#/definitions/AWS::DataSync::LocationHDFS.NameNode" + }, + "markdownDescription": "The NameNode that manages the HDFS namespace. The NameNode performs operations such as opening, closing, and renaming files and directories. The NameNode contains the information to map blocks of data to the DataNodes. You can use only one NameNode.", + "title": "NameNodes", + "type": "array" + }, + "QopConfiguration": { + "$ref": "#/definitions/AWS::DataSync::LocationHDFS.QopConfiguration", + "markdownDescription": "The Quality of Protection (QOP) configuration specifies the Remote Procedure Call (RPC) and data transfer protection settings configured on the Hadoop Distributed File System (HDFS) cluster. If `QopConfiguration` isn't specified, `RpcProtection` and `DataTransferProtection` default to `PRIVACY` . If you set `RpcProtection` or `DataTransferProtection` , the other parameter assumes the same value.", + "title": "QopConfiguration" + }, + "ReplicationFactor": { + "markdownDescription": "The number of DataNodes to replicate the data to when writing to the HDFS cluster. By default, data is replicated to three DataNodes.", + "title": "ReplicationFactor", + "type": "number" + }, + "SimpleUser": { + "markdownDescription": "The user name used to identify the client on the host operating system.\n\n> If `SIMPLE` is specified for `AuthenticationType` , this parameter is required.", + "title": "SimpleUser", + "type": "string" + }, + "Subdirectory": { + "markdownDescription": "A subdirectory in the HDFS cluster. This subdirectory is used to read data from or write data to the HDFS cluster. If the subdirectory isn't specified, it will default to `/` .", + "title": "Subdirectory", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags assigned to the local gateway route table.", + "markdownDescription": "The key-value pair that represents the tag that you want to add to the location. The value can be an empty string. We recommend using tags to name your resources.", "title": "Tags", "type": "array" } }, "required": [ - "LocalGatewayId" + "AgentArns", + "AuthenticationType", + "NameNodes" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::LocalGatewayRouteTable" + "AWS::DataSync::LocationHDFS" ], "type": "string" }, @@ -73827,7 +79602,43 @@ ], "type": "object" }, - "AWS::EC2::LocalGatewayRouteTableVPCAssociation": { + "AWS::DataSync::LocationHDFS.NameNode": { + "additionalProperties": false, + "properties": { + "Hostname": { + "markdownDescription": "The hostname of the NameNode in the HDFS cluster. This value is the IP address or Domain Name Service (DNS) name of the NameNode. An agent that's installed on-premises uses this hostname to communicate with the NameNode in the network.", + "title": "Hostname", + "type": "string" + }, + "Port": { + "markdownDescription": "The port that the NameNode uses to listen to client requests.", + "title": "Port", + "type": "number" + } + }, + "required": [ + "Hostname", + "Port" + ], + "type": "object" + }, + "AWS::DataSync::LocationHDFS.QopConfiguration": { + "additionalProperties": false, + "properties": { + "DataTransferProtection": { + "markdownDescription": "The data transfer protection setting configured on the HDFS cluster. This setting corresponds to your `dfs.data.transfer.protection` setting in the `hdfs-site.xml` file on your Hadoop cluster.", + "title": "DataTransferProtection", + "type": "string" + }, + "RpcProtection": { + "markdownDescription": "The Remote Procedure Call (RPC) protection setting configured on the HDFS cluster. This setting corresponds to your `hadoop.rpc.protection` setting in your `core-site.xml` file on your Hadoop cluster.", + "title": "RpcProtection", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataSync::LocationNFS": { "additionalProperties": false, "properties": { "Condition": { @@ -73862,34 +79673,43 @@ "Properties": { "additionalProperties": false, "properties": { - "LocalGatewayRouteTableId": { - "markdownDescription": "The ID of the local gateway route table.", - "title": "LocalGatewayRouteTableId", + "MountOptions": { + "$ref": "#/definitions/AWS::DataSync::LocationNFS.MountOptions", + "markdownDescription": "Specifies the options that DataSync can use to mount your NFS file server.", + "title": "MountOptions" + }, + "OnPremConfig": { + "$ref": "#/definitions/AWS::DataSync::LocationNFS.OnPremConfig", + "markdownDescription": "Specifies the Amazon Resource Name (ARN) of the DataSync agent that can connect to your NFS file server.\n\nYou can specify more than one agent. For more information, see [Using multiple DataSync agents](https://docs.aws.amazon.com/datasync/latest/userguide/do-i-need-datasync-agent.html#multiple-agents) .", + "title": "OnPremConfig" + }, + "ServerHostname": { + "markdownDescription": "Specifies the DNS name or IP address (IPv4 or IPv6) of the NFS file server that your DataSync agent connects to.", + "title": "ServerHostname", + "type": "string" + }, + "Subdirectory": { + "markdownDescription": "Specifies the export path in your NFS file server that you want DataSync to mount.\n\nThis path (or a subdirectory of the path) is where DataSync transfers data to or from. For information on configuring an export for DataSync, see [Accessing NFS file servers](https://docs.aws.amazon.com/datasync/latest/userguide/create-nfs-location.html#accessing-nfs) .", + "title": "Subdirectory", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags assigned to the association.", + "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your location.", "title": "Tags", "type": "array" - }, - "VpcId": { - "markdownDescription": "The ID of the VPC.", - "title": "VpcId", - "type": "string" } }, "required": [ - "LocalGatewayRouteTableId", - "VpcId" + "OnPremConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::LocalGatewayRouteTableVPCAssociation" + "AWS::DataSync::LocationNFS" ], "type": "string" }, @@ -73908,7 +79728,35 @@ ], "type": "object" }, - "AWS::EC2::LocalGatewayRouteTableVirtualInterfaceGroupAssociation": { + "AWS::DataSync::LocationNFS.MountOptions": { + "additionalProperties": false, + "properties": { + "Version": { + "markdownDescription": "Specifies the NFS version that you want DataSync to use when mounting your NFS share. If the server refuses to use the version specified, the task fails.\n\nYou can specify the following options:\n\n- `AUTOMATIC` (default): DataSync chooses NFS version 4.1.\n- `NFS3` : Stateless protocol version that allows for asynchronous writes on the server.\n- `NFSv4_0` : Stateful, firewall-friendly protocol version that supports delegations and pseudo file systems.\n- `NFSv4_1` : Stateful protocol version that supports sessions, directory delegations, and parallel data processing. NFS version 4.1 also includes all features available in version 4.0.\n\n> DataSync currently only supports NFS version 3 with Amazon FSx for NetApp ONTAP locations.", + "title": "Version", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataSync::LocationNFS.OnPremConfig": { + "additionalProperties": false, + "properties": { + "AgentArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Names (ARNs) of the DataSync agents that can connect to your NFS file server.\n\nYou can specify more than one agent. For more information, see [Using multiple DataSync agents](https://docs.aws.amazon.com/datasync/latest/userguide/do-i-need-datasync-agent.html#multiple-agents) .", + "title": "AgentArns", + "type": "array" + } + }, + "required": [ + "AgentArns" + ], + "type": "object" + }, + "AWS::DataSync::LocationObjectStorage": { "additionalProperties": false, "properties": { "Condition": { @@ -73943,34 +79791,78 @@ "Properties": { "additionalProperties": false, "properties": { - "LocalGatewayRouteTableId": { - "markdownDescription": "The ID of the local gateway route table.", - "title": "LocalGatewayRouteTableId", + "AccessKey": { + "markdownDescription": "Specifies the access key (for example, a user name) if credentials are required to authenticate with the object storage server.", + "title": "AccessKey", "type": "string" }, - "LocalGatewayVirtualInterfaceGroupId": { - "markdownDescription": "The ID of the virtual interface group.", - "title": "LocalGatewayVirtualInterfaceGroupId", + "AgentArns": { + "items": { + "type": "string" + }, + "markdownDescription": "(Optional) Specifies the Amazon Resource Names (ARNs) of the DataSync agents that can connect with your object storage system. If you are setting up an agentless cross-cloud transfer, you do not need to specify a value for this parameter.\n\n> Make sure you configure this parameter correctly when you first create your storage location. You cannot add or remove agents from a storage location after you create it.", + "title": "AgentArns", + "type": "array" + }, + "BucketName": { + "markdownDescription": "Specifies the name of the object storage bucket involved in the transfer.", + "title": "BucketName", + "type": "string" + }, + "CmkSecretConfig": { + "$ref": "#/definitions/AWS::DataSync::LocationObjectStorage.CmkSecretConfig", + "markdownDescription": "Specifies configuration information for a DataSync-managed secret, which includes the `SecretKey` that DataSync uses to access a specific object storage location, with a customer-managed AWS KMS key .\n\nWhen you include this paramater as part of a `CreateLocationObjectStorage` request, you provide only the KMS key ARN. DataSync uses this KMS key together with the value you specify for the `SecretKey` parameter to create a DataSync-managed secret to store the location access credentials.\n\nMake sure the DataSync has permission to access the KMS key that you specify.\n\n> You can use either `CmkSecretConfig` (with `SecretKey` ) or `CustomSecretConfig` (without `SecretKey` ) to provide credentials for a `CreateLocationObjectStorage` request. Do not provide both parameters for the same request.", + "title": "CmkSecretConfig" + }, + "CustomSecretConfig": { + "$ref": "#/definitions/AWS::DataSync::LocationObjectStorage.CustomSecretConfig", + "markdownDescription": "Specifies configuration information for a customer-managed Secrets Manager secret where the secret key for a specific object storage location is stored in plain text. This configuration includes the secret ARN, and the ARN for an IAM role that provides access to the secret.\n\n> You can use either `CmkSecretConfig` (with `SecretKey` ) or `CustomSecretConfig` (without `SecretKey` ) to provide credentials for a `CreateLocationObjectStorage` request. Do not provide both parameters for the same request.", + "title": "CustomSecretConfig" + }, + "SecretKey": { + "markdownDescription": "Specifies the secret key (for example, a password) if credentials are required to authenticate with the object storage server.\n\n> If you provide a secret using `SecretKey` , but do not provide secret configuration details using `CmkSecretConfig` or `CustomSecretConfig` , then DataSync stores the token using your AWS account's Secrets Manager secret.", + "title": "SecretKey", + "type": "string" + }, + "ServerCertificate": { + "markdownDescription": "Specifies a certificate chain for DataSync to authenticate with your object storage system if the system uses a private or self-signed certificate authority (CA). You must specify a single `.pem` file with a full certificate chain (for example, `file:///home/user/.ssh/object_storage_certificates.pem` ).\n\nThe certificate chain might include:\n\n- The object storage system's certificate\n- All intermediate certificates (if there are any)\n- The root certificate of the signing CA\n\nYou can concatenate your certificates into a `.pem` file (which can be up to 32768 bytes before base64 encoding). The following example `cat` command creates an `object_storage_certificates.pem` file that includes three certificates:\n\n`cat object_server_certificate.pem intermediate_certificate.pem ca_root_certificate.pem > object_storage_certificates.pem`\n\nTo use this parameter, configure `ServerProtocol` to `HTTPS` .", + "title": "ServerCertificate", + "type": "string" + }, + "ServerHostname": { + "markdownDescription": "Specifies the domain name or IP address (IPv4 or IPv6) of the object storage server that your DataSync agent connects to.", + "title": "ServerHostname", + "type": "string" + }, + "ServerPort": { + "markdownDescription": "Specifies the port that your object storage server accepts inbound network traffic on (for example, port 443).", + "title": "ServerPort", + "type": "number" + }, + "ServerProtocol": { + "markdownDescription": "Specifies the protocol that your object storage server uses to communicate. If not specified, the default value is `HTTPS` .", + "title": "ServerProtocol", + "type": "string" + }, + "Subdirectory": { + "markdownDescription": "Specifies the object prefix for your object storage server. If this is a source location, DataSync only copies objects with this prefix. If this is a destination location, DataSync writes all objects with this prefix.", + "title": "Subdirectory", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags assigned to the association.", + "markdownDescription": "Specifies the key-value pair that represents a tag that you want to add to the resource. Tags can help you manage, filter, and search for your resources. We recommend creating a name tag for your location.", "title": "Tags", "type": "array" } }, - "required": [ - "LocalGatewayRouteTableId", - "LocalGatewayVirtualInterfaceGroupId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::LocalGatewayRouteTableVirtualInterfaceGroupAssociation" + "AWS::DataSync::LocationObjectStorage" ], "type": "string" }, @@ -73984,12 +79876,61 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::EC2::NatGateway": { + "AWS::DataSync::LocationObjectStorage.CmkSecretConfig": { + "additionalProperties": false, + "properties": { + "KmsKeyArn": { + "markdownDescription": "Specifies the ARN for the customer-managed AWS KMS key that DataSync uses to encrypt the DataSync-managed secret stored for `SecretArn` . DataSync provides this key to AWS Secrets Manager .", + "title": "KmsKeyArn", + "type": "string" + }, + "SecretArn": { + "markdownDescription": "Specifies the ARN for the DataSync-managed AWS Secrets Manager secret that that is used to access a specific storage location. This property is generated by DataSync and is read-only. DataSync encrypts this secret with the KMS key that you specify for `KmsKeyArn` .", + "title": "SecretArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataSync::LocationObjectStorage.CustomSecretConfig": { + "additionalProperties": false, + "properties": { + "SecretAccessRoleArn": { + "markdownDescription": "Specifies the ARN for the AWS Identity and Access Management role that DataSync uses to access the secret specified for `SecretArn` .", + "title": "SecretAccessRoleArn", + "type": "string" + }, + "SecretArn": { + "markdownDescription": "Specifies the ARN for an AWS Secrets Manager secret.", + "title": "SecretArn", + "type": "string" + } + }, + "required": [ + "SecretAccessRoleArn", + "SecretArn" + ], + "type": "object" + }, + "AWS::DataSync::LocationObjectStorage.ManagedSecretConfig": { + "additionalProperties": false, + "properties": { + "SecretArn": { + "markdownDescription": "Specifies the ARN for an AWS Secrets Manager secret.", + "title": "SecretArn", + "type": "string" + } + }, + "required": [ + "SecretArn" + ], + "type": "object" + }, + "AWS::DataSync::LocationS3": { "additionalProperties": false, "properties": { "Condition": { @@ -74024,69 +79965,43 @@ "Properties": { "additionalProperties": false, "properties": { - "AllocationId": { - "markdownDescription": "[Public NAT gateway only] The allocation ID of the Elastic IP address that's associated with the NAT gateway. This property is required for a public NAT gateway and cannot be specified with a private NAT gateway.", - "title": "AllocationId", - "type": "string" - }, - "ConnectivityType": { - "markdownDescription": "Indicates whether the NAT gateway supports public or private connectivity. The default is public connectivity.", - "title": "ConnectivityType", + "S3BucketArn": { + "markdownDescription": "The ARN of the Amazon S3 bucket.", + "title": "S3BucketArn", "type": "string" }, - "MaxDrainDurationSeconds": { - "markdownDescription": "The maximum amount of time to wait (in seconds) before forcibly releasing the IP addresses if connections are still in progress. Default value is 350 seconds.", - "title": "MaxDrainDurationSeconds", - "type": "number" + "S3Config": { + "$ref": "#/definitions/AWS::DataSync::LocationS3.S3Config", + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that is used to access an Amazon S3 bucket.\n\nFor detailed information about using such a role, see [Creating a Location for Amazon S3](https://docs.aws.amazon.com/datasync/latest/userguide/working-with-locations.html#create-s3-location) in the *AWS DataSync User Guide* .", + "title": "S3Config" }, - "PrivateIpAddress": { - "markdownDescription": "The private IPv4 address to assign to the NAT gateway. If you don't provide an address, a private IPv4 address will be automatically assigned.", - "title": "PrivateIpAddress", + "S3StorageClass": { + "markdownDescription": "The Amazon S3 storage class that you want to store your files in when this location is used as a task destination. For buckets in AWS Regions , the storage class defaults to S3 Standard.\n\nFor more information about S3 storage classes, see [Amazon S3 Storage Classes](https://docs.aws.amazon.com/s3/storage-classes/) . Some storage classes have behaviors that can affect your S3 storage costs. For detailed information, see [Considerations When Working with Amazon S3 Storage Classes in DataSync](https://docs.aws.amazon.com/datasync/latest/userguide/create-s3-location.html#using-storage-classes) .", + "title": "S3StorageClass", "type": "string" }, - "SecondaryAllocationIds": { - "items": { - "type": "string" - }, - "markdownDescription": "Secondary EIP allocation IDs. For more information, see [Create a NAT gateway](https://docs.aws.amazon.com/vpc/latest/userguide/nat-gateway-working-with.html) in the *Amazon VPC User Guide* .", - "title": "SecondaryAllocationIds", - "type": "array" - }, - "SecondaryPrivateIpAddressCount": { - "markdownDescription": "[Private NAT gateway only] The number of secondary private IPv4 addresses you want to assign to the NAT gateway. For more information about secondary addresses, see [Create a NAT gateway](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html#nat-gateway-creating) in the *Amazon Virtual Private Cloud User Guide* .\n\n`SecondaryPrivateIpAddressCount` and `SecondaryPrivateIpAddresses` cannot be set at the same time.", - "title": "SecondaryPrivateIpAddressCount", - "type": "number" - }, - "SecondaryPrivateIpAddresses": { - "items": { - "type": "string" - }, - "markdownDescription": "Secondary private IPv4 addresses. For more information about secondary addresses, see [Create a NAT gateway](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html#nat-gateway-creating) in the *Amazon Virtual Private Cloud User Guide* .\n\n`SecondaryPrivateIpAddressCount` and `SecondaryPrivateIpAddresses` cannot be set at the same time.", - "title": "SecondaryPrivateIpAddresses", - "type": "array" - }, - "SubnetId": { - "markdownDescription": "The ID of the subnet in which the NAT gateway is located.", - "title": "SubnetId", + "Subdirectory": { + "markdownDescription": "Specifies a prefix in the S3 bucket that DataSync reads from or writes to (depending on whether the bucket is a source or destination location).\n\n> DataSync can't transfer objects with a prefix that begins with a slash ( `/` ) or includes `//` , `/./` , or `/../` patterns. For example:\n> \n> - `/photos`\n> - `photos//2006/January`\n> - `photos/./2006/February`\n> - `photos/../2006/March`", + "title": "Subdirectory", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags for the NAT gateway.", + "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your transfer location.", "title": "Tags", "type": "array" } }, "required": [ - "SubnetId" + "S3Config" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::NatGateway" + "AWS::DataSync::LocationS3" ], "type": "string" }, @@ -74105,7 +80020,21 @@ ], "type": "object" }, - "AWS::EC2::NetworkAcl": { + "AWS::DataSync::LocationS3.S3Config": { + "additionalProperties": false, + "properties": { + "BucketAccessRoleArn": { + "markdownDescription": "Specifies the ARN of the IAM role that DataSync uses to access your S3 bucket.", + "title": "BucketAccessRoleArn", + "type": "string" + } + }, + "required": [ + "BucketAccessRoleArn" + ], + "type": "object" + }, + "AWS::DataSync::LocationSMB": { "additionalProperties": false, "properties": { "Condition": { @@ -74140,28 +80069,89 @@ "Properties": { "additionalProperties": false, "properties": { + "AgentArns": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the DataSync agent (or agents) that can connect to your SMB file server. You specify an agent by using its Amazon Resource Name (ARN).", + "title": "AgentArns", + "type": "array" + }, + "AuthenticationType": { + "markdownDescription": "", + "title": "AuthenticationType", + "type": "string" + }, + "DnsIpAddresses": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "DnsIpAddresses", + "type": "array" + }, + "Domain": { + "markdownDescription": "Specifies the Windows domain name that your SMB file server belongs to. This parameter applies only if `AuthenticationType` is set to `NTLM` .\n\nIf you have multiple domains in your environment, configuring this parameter makes sure that DataSync connects to the right file server.", + "title": "Domain", + "type": "string" + }, + "KerberosKeytab": { + "markdownDescription": "", + "title": "KerberosKeytab", + "type": "string" + }, + "KerberosKrb5Conf": { + "markdownDescription": "", + "title": "KerberosKrb5Conf", + "type": "string" + }, + "KerberosPrincipal": { + "markdownDescription": "", + "title": "KerberosPrincipal", + "type": "string" + }, + "MountOptions": { + "$ref": "#/definitions/AWS::DataSync::LocationSMB.MountOptions", + "markdownDescription": "Specifies the version of the SMB protocol that DataSync uses to access your SMB file server.", + "title": "MountOptions" + }, + "Password": { + "markdownDescription": "Specifies the password of the user who can mount your SMB file server and has permission to access the files and folders involved in your transfer. This parameter applies only if `AuthenticationType` is set to `NTLM` .", + "title": "Password", + "type": "string" + }, + "ServerHostname": { + "markdownDescription": "Specifies the domain name or IP address (IPv4 or IPv6) of the SMB file server that your DataSync agent connects to.\n\n> If you're using Kerberos authentication, you must specify a domain name.", + "title": "ServerHostname", + "type": "string" + }, + "Subdirectory": { + "markdownDescription": "Specifies the name of the share exported by your SMB file server where DataSync will read or write data. You can include a subdirectory in the share path (for example, `/path/to/subdirectory` ). Make sure that other SMB clients in your network can also mount this path.\n\nTo copy all data in the subdirectory, DataSync must be able to mount the SMB share and access all of its data. For more information, see [Providing DataSync access to SMB file servers](https://docs.aws.amazon.com/datasync/latest/userguide/create-smb-location.html#configuring-smb-permissions) .", + "title": "Subdirectory", + "type": "string" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags for the network ACL.", + "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your location.", "title": "Tags", "type": "array" }, - "VpcId": { - "markdownDescription": "The ID of the VPC for the network ACL.", - "title": "VpcId", + "User": { + "markdownDescription": "Specifies the user that can mount and access the files, folders, and file metadata in your SMB file server. This parameter applies only if `AuthenticationType` is set to `NTLM` .\n\nFor information about choosing a user with the right level of access for your transfer, see [Providing DataSync access to SMB file servers](https://docs.aws.amazon.com/datasync/latest/userguide/create-smb-location.html#configuring-smb-permissions) .", + "title": "User", "type": "string" } }, "required": [ - "VpcId" + "AgentArns" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::NetworkAcl" + "AWS::DataSync::LocationSMB" ], "type": "string" }, @@ -74180,7 +80170,18 @@ ], "type": "object" }, - "AWS::EC2::NetworkAclEntry": { + "AWS::DataSync::LocationSMB.MountOptions": { + "additionalProperties": false, + "properties": { + "Version": { + "markdownDescription": "By default, DataSync automatically chooses an SMB protocol version based on negotiation with your SMB file server. You also can configure DataSync to use a specific SMB version, but we recommend doing this only if DataSync has trouble negotiating with the SMB file server automatically.\n\nThese are the following options for configuring the SMB version:\n\n- `AUTOMATIC` (default): DataSync and the SMB file server negotiate the highest version of SMB that they mutually support between 2.1 and 3.1.1.\n\nThis is the recommended option. If you instead choose a specific version that your file server doesn't support, you may get an `Operation Not Supported` error.\n- `SMB3` : Restricts the protocol negotiation to only SMB version 3.0.2.\n- `SMB2` : Restricts the protocol negotiation to only SMB version 2.1.\n- `SMB2_0` : Restricts the protocol negotiation to only SMB version 2.0.\n- `SMB1` : Restricts the protocol negotiation to only SMB version 1.0.\n\n> The `SMB1` option isn't available when [creating an Amazon FSx for NetApp ONTAP location](https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateLocationFsxOntap.html) .", + "title": "Version", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataSync::Task": { "additionalProperties": false, "properties": { "Condition": { @@ -74215,63 +80216,85 @@ "Properties": { "additionalProperties": false, "properties": { - "CidrBlock": { - "markdownDescription": "The IPv4 CIDR range to allow or deny, in CIDR notation (for example, 172.16.0.0/24). You must specify an IPv4 CIDR block or an IPv6 CIDR block.", - "title": "CidrBlock", + "CloudWatchLogGroupArn": { + "markdownDescription": "Specifies the Amazon Resource Name (ARN) of an Amazon CloudWatch log group for monitoring your task.\n\nFor Enhanced mode tasks, you don't need to specify anything. DataSync automatically sends logs to a CloudWatch log group named `/aws/datasync` .\n\nFor more information, see [Monitoring data transfers with CloudWatch Logs](https://docs.aws.amazon.com/datasync/latest/userguide/configure-logging.html) .", + "title": "CloudWatchLogGroupArn", "type": "string" }, - "Egress": { - "markdownDescription": "Whether this rule applies to egress traffic from the subnet ( `true` ) or ingress traffic to the subnet ( `false` ). By default, AWS CloudFormation specifies `false` .", - "title": "Egress", - "type": "boolean" + "DestinationLocationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS storage resource's location.", + "title": "DestinationLocationArn", + "type": "string" }, - "Icmp": { - "$ref": "#/definitions/AWS::EC2::NetworkAclEntry.Icmp", - "markdownDescription": "The Internet Control Message Protocol (ICMP) code and type. Required if specifying 1 (ICMP) for the protocol parameter.", - "title": "Icmp" + "Excludes": { + "items": { + "$ref": "#/definitions/AWS::DataSync::Task.FilterRule" + }, + "markdownDescription": "Specifies exclude filters that define the files, objects, and folders in your source location that you don't want DataSync to transfer. For more information and examples, see [Specifying what DataSync transfers by using filters](https://docs.aws.amazon.com/datasync/latest/userguide/filtering.html) .", + "title": "Excludes", + "type": "array" }, - "Ipv6CidrBlock": { - "markdownDescription": "The IPv6 network range to allow or deny, in CIDR notation. You must specify an IPv4 CIDR block or an IPv6 CIDR block.", - "title": "Ipv6CidrBlock", - "type": "string" + "Includes": { + "items": { + "$ref": "#/definitions/AWS::DataSync::Task.FilterRule" + }, + "markdownDescription": "Specifies include filters that define the files, objects, and folders in your source location that you want DataSync to transfer. For more information and examples, see [Specifying what DataSync transfers by using filters](https://docs.aws.amazon.com/datasync/latest/userguide/filtering.html) .", + "title": "Includes", + "type": "array" }, - "NetworkAclId": { - "markdownDescription": "The ID of the ACL for the entry.", - "title": "NetworkAclId", + "ManifestConfig": { + "$ref": "#/definitions/AWS::DataSync::Task.ManifestConfig", + "markdownDescription": "The configuration of the manifest that lists the files or objects that you want DataSync to transfer. For more information, see [Specifying what DataSync transfers by using a manifest](https://docs.aws.amazon.com/datasync/latest/userguide/transferring-with-manifest.html) .", + "title": "ManifestConfig" + }, + "Name": { + "markdownDescription": "Specifies the name of your task.", + "title": "Name", "type": "string" }, - "PortRange": { - "$ref": "#/definitions/AWS::EC2::NetworkAclEntry.PortRange", - "markdownDescription": "The range of port numbers for the UDP/TCP protocol. Required if specifying 6 (TCP) or 17 (UDP) for the protocol parameter.", - "title": "PortRange" + "Options": { + "$ref": "#/definitions/AWS::DataSync::Task.Options", + "markdownDescription": "Specifies your task's settings, such as preserving file metadata, verifying data integrity, among other options.", + "title": "Options" }, - "Protocol": { - "markdownDescription": "The IP protocol that the rule applies to. You must specify -1 or a protocol number. You can specify -1 for all protocols.\n\n> If you specify -1, all ports are opened and the `PortRange` property is ignored.", - "title": "Protocol", - "type": "number" + "Schedule": { + "$ref": "#/definitions/AWS::DataSync::Task.TaskSchedule", + "markdownDescription": "Specifies a schedule for when you want your task to run. For more information, see [Scheduling your task](https://docs.aws.amazon.com/datasync/latest/userguide/task-scheduling.html) .", + "title": "Schedule" }, - "RuleAction": { - "markdownDescription": "Whether to allow or deny traffic that matches the rule; valid values are \"allow\" or \"deny\".", - "title": "RuleAction", + "SourceLocationArn": { + "markdownDescription": "Specifies the ARN of your transfer's source location.", + "title": "SourceLocationArn", "type": "string" }, - "RuleNumber": { - "markdownDescription": "Rule number to assign to the entry, such as 100. ACL entries are processed in ascending order by rule number. Entries can't use the same rule number unless one is an egress rule and the other is an ingress rule.", - "title": "RuleNumber", - "type": "number" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies the tags that you want to apply to your task.\n\n*Tags* are key-value pairs that help you manage, filter, and search for your DataSync resources.", + "title": "Tags", + "type": "array" + }, + "TaskMode": { + "markdownDescription": "The task mode that you're using. For more information, see [Choosing a task mode for your data transfer](https://docs.aws.amazon.com/datasync/latest/userguide/choosing-task-mode.html) .", + "title": "TaskMode", + "type": "string" + }, + "TaskReportConfig": { + "$ref": "#/definitions/AWS::DataSync::Task.TaskReportConfig", + "markdownDescription": "The configuration of your task report, which provides detailed information about your DataSync transfer. For more information, see [Monitoring your DataSync transfers with task reports](https://docs.aws.amazon.com/datasync/latest/userguide/task-reports.html) .", + "title": "TaskReportConfig" } }, "required": [ - "NetworkAclId", - "Protocol", - "RuleAction", - "RuleNumber" + "DestinationLocationArn", + "SourceLocationArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::NetworkAclEntry" + "AWS::DataSync::Task" ], "type": "string" }, @@ -74290,331 +80313,318 @@ ], "type": "object" }, - "AWS::EC2::NetworkAclEntry.Icmp": { + "AWS::DataSync::Task.Deleted": { "additionalProperties": false, "properties": { - "Code": { - "markdownDescription": "The Internet Control Message Protocol (ICMP) code. You can use -1 to specify all ICMP codes for the given ICMP type. Required if you specify 1 (ICMP) for the protocol parameter.", - "title": "Code", - "type": "number" - }, - "Type": { - "markdownDescription": "The Internet Control Message Protocol (ICMP) type. You can use -1 to specify all ICMP types. Conditional requirement: Required if you specify 1 (ICMP) for the `CreateNetworkAclEntry` protocol parameter.", - "title": "Type", - "type": "number" + "ReportLevel": { + "markdownDescription": "", + "title": "ReportLevel", + "type": "string" } }, "type": "object" }, - "AWS::EC2::NetworkAclEntry.PortRange": { + "AWS::DataSync::Task.Destination": { "additionalProperties": false, "properties": { - "From": { - "markdownDescription": "The first port in the range. Required if you specify 6 (TCP) or 17 (UDP) for the protocol parameter.", - "title": "From", - "type": "number" - }, - "To": { - "markdownDescription": "The last port in the range. Required if you specify 6 (TCP) or 17 (UDP) for the protocol parameter.", - "title": "To", - "type": "number" + "S3": { + "$ref": "#/definitions/AWS::DataSync::Task.TaskReportConfigDestinationS3", + "markdownDescription": "", + "title": "S3" } }, "type": "object" }, - "AWS::EC2::NetworkInsightsAccessScope": { + "AWS::DataSync::Task.FilterRule": { "additionalProperties": false, "properties": { - "Condition": { + "FilterType": { + "markdownDescription": "The type of filter rule to apply. AWS DataSync only supports the SIMPLE_PATTERN rule type.", + "title": "FilterType", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Value": { + "markdownDescription": "A single filter string that consists of the patterns to include or exclude. The patterns are delimited by \"|\" (that is, a pipe), for example: `/folder1|/folder2`", + "title": "Value", "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ExcludePaths": { - "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.AccessScopePathRequest" - }, - "markdownDescription": "The paths to exclude.", - "title": "ExcludePaths", - "type": "array" - }, - "MatchPaths": { - "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.AccessScopePathRequest" - }, - "markdownDescription": "The paths to match.", - "title": "MatchPaths", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::EC2::NetworkInsightsAccessScope" - ], + } + }, + "type": "object" + }, + "AWS::DataSync::Task.ManifestConfig": { + "additionalProperties": false, + "properties": { + "Action": { + "markdownDescription": "Specifies what DataSync uses the manifest for.", + "title": "Action", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Format": { + "markdownDescription": "Specifies the file format of your manifest. For more information, see [Creating a manifest](https://docs.aws.amazon.com/datasync/latest/userguide/transferring-with-manifest.html#transferring-with-manifest-create) .", + "title": "Format", "type": "string" + }, + "Source": { + "$ref": "#/definitions/AWS::DataSync::Task.Source", + "markdownDescription": "Specifies the manifest that you want DataSync to use and where it's hosted.\n\n> You must specify this parameter if you're configuring a new manifest on or after February 7, 2024.\n> \n> If you don't, you'll get a 400 status code and `ValidationException` error stating that you're missing the IAM role for DataSync to access the S3 bucket where you're hosting your manifest. For more information, see [Providing DataSync access to your manifest](https://docs.aws.amazon.com/datasync/latest/userguide/transferring-with-manifest.html#transferring-with-manifest-access) .", + "title": "Source" } }, "required": [ - "Type" + "Source" ], "type": "object" }, - "AWS::EC2::NetworkInsightsAccessScope.AccessScopePathRequest": { + "AWS::DataSync::Task.ManifestConfigSourceS3": { "additionalProperties": false, "properties": { - "Destination": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.PathStatementRequest", - "markdownDescription": "The destination.", - "title": "Destination" + "BucketAccessRoleArn": { + "markdownDescription": "", + "title": "BucketAccessRoleArn", + "type": "string" }, - "Source": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.PathStatementRequest", - "markdownDescription": "The source.", - "title": "Source" + "ManifestObjectPath": { + "markdownDescription": "", + "title": "ManifestObjectPath", + "type": "string" }, - "ThroughResources": { - "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.ThroughResourcesStatementRequest" - }, - "markdownDescription": "The through resources.", - "title": "ThroughResources", - "type": "array" + "ManifestObjectVersionId": { + "markdownDescription": "", + "title": "ManifestObjectVersionId", + "type": "string" + }, + "S3BucketArn": { + "markdownDescription": "", + "title": "S3BucketArn", + "type": "string" } }, "type": "object" }, - "AWS::EC2::NetworkInsightsAccessScope.PacketHeaderStatementRequest": { + "AWS::DataSync::Task.Options": { "additionalProperties": false, "properties": { - "DestinationAddresses": { - "items": { - "type": "string" - }, - "markdownDescription": "The destination addresses.", - "title": "DestinationAddresses", - "type": "array" + "Atime": { + "markdownDescription": "A file metadata value that shows the last time that a file was accessed (that is, when the file was read or written to). If you set `Atime` to `BEST_EFFORT` , AWS DataSync attempts to preserve the original `Atime` attribute on all source files (that is, the version before the PREPARING phase). However, `Atime` 's behavior is not fully standard across platforms, so AWS DataSync can only do this on a best-effort basis.\n\nDefault value: `BEST_EFFORT`\n\n`BEST_EFFORT` : Attempt to preserve the per-file `Atime` value (recommended).\n\n`NONE` : Ignore `Atime` .\n\n> If `Atime` is set to `BEST_EFFORT` , `Mtime` must be set to `PRESERVE` .\n> \n> If `Atime` is set to `NONE` , `Mtime` must also be `NONE` .", + "title": "Atime", + "type": "string" }, - "DestinationPorts": { - "items": { - "type": "string" - }, - "markdownDescription": "The destination ports.", - "title": "DestinationPorts", - "type": "array" + "BytesPerSecond": { + "markdownDescription": "A value that limits the bandwidth used by AWS DataSync . For example, if you want AWS DataSync to use a maximum of 1 MB, set this value to `1048576` (=1024*1024).", + "title": "BytesPerSecond", + "type": "number" }, - "DestinationPrefixLists": { - "items": { - "type": "string" - }, - "markdownDescription": "The destination prefix lists.", - "title": "DestinationPrefixLists", - "type": "array" + "Gid": { + "markdownDescription": "The group ID (GID) of the file's owners.\n\nDefault value: `INT_VALUE`\n\n`INT_VALUE` : Preserve the integer value of the user ID (UID) and group ID (GID) (recommended).\n\n`NAME` : Currently not supported.\n\n`NONE` : Ignore the UID and GID.", + "title": "Gid", + "type": "string" }, - "Protocols": { - "items": { - "type": "string" - }, - "markdownDescription": "The protocols.", - "title": "Protocols", - "type": "array" + "LogLevel": { + "markdownDescription": "Specifies the type of logs that DataSync publishes to a Amazon CloudWatch Logs log group. To specify the log group, see [CloudWatchLogGroupArn](https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateTask.html#DataSync-CreateTask-request-CloudWatchLogGroupArn) .\n\n- `BASIC` - Publishes logs with only basic information (such as transfer errors).\n- `TRANSFER` - Publishes logs for all files or objects that your DataSync task transfers and performs data-integrity checks on.\n- `OFF` - No logs are published.", + "title": "LogLevel", + "type": "string" }, - "SourceAddresses": { - "items": { - "type": "string" - }, - "markdownDescription": "The source addresses.", - "title": "SourceAddresses", - "type": "array" + "Mtime": { + "markdownDescription": "A value that indicates the last time that a file was modified (that is, a file was written to) before the PREPARING phase. This option is required for cases when you need to run the same task more than one time.\n\nDefault value: `PRESERVE`\n\n`PRESERVE` : Preserve original `Mtime` (recommended)\n\n`NONE` : Ignore `Mtime` .\n\n> If `Mtime` is set to `PRESERVE` , `Atime` must be set to `BEST_EFFORT` .\n> \n> If `Mtime` is set to `NONE` , `Atime` must also be set to `NONE` .", + "title": "Mtime", + "type": "string" }, - "SourcePorts": { - "items": { - "type": "string" - }, - "markdownDescription": "The source ports.", - "title": "SourcePorts", - "type": "array" + "ObjectTags": { + "markdownDescription": "Specifies whether you want DataSync to `PRESERVE` object tags (default behavior) when transferring between object storage systems. If you want your DataSync task to ignore object tags, specify the `NONE` value.", + "title": "ObjectTags", + "type": "string" }, - "SourcePrefixLists": { - "items": { - "type": "string" - }, - "markdownDescription": "The source prefix lists.", - "title": "SourcePrefixLists", - "type": "array" + "OverwriteMode": { + "markdownDescription": "Specifies whether DataSync should modify or preserve data at the destination location.\n\n- `ALWAYS` (default) - DataSync modifies data in the destination location when source data (including metadata) has changed.\n\nIf DataSync overwrites objects, you might incur additional charges for certain Amazon S3 storage classes (for example, for retrieval or early deletion). For more information, see [Storage class considerations with Amazon S3 transfers](https://docs.aws.amazon.com/datasync/latest/userguide/create-s3-location.html#using-storage-classes) .\n- `NEVER` - DataSync doesn't overwrite data in the destination location even if the source data has changed. You can use this option to protect against overwriting changes made to files or objects in the destination.", + "title": "OverwriteMode", + "type": "string" + }, + "PosixPermissions": { + "markdownDescription": "A value that determines which users or groups can access a file for a specific purpose, such as reading, writing, or execution of the file. This option should be set only for Network File System (NFS), Amazon EFS, and Amazon S3 locations. For more information about what metadata is copied by DataSync, see [Metadata Copied by DataSync](https://docs.aws.amazon.com/datasync/latest/userguide/special-files.html#metadata-copied) .\n\nDefault value: `PRESERVE`\n\n`PRESERVE` : Preserve POSIX-style permissions (recommended).\n\n`NONE` : Ignore permissions.\n\n> AWS DataSync can preserve extant permissions of a source location.", + "title": "PosixPermissions", + "type": "string" + }, + "PreserveDeletedFiles": { + "markdownDescription": "A value that specifies whether files in the destination that don't exist in the source file system are preserved. This option can affect your storage costs. If your task deletes objects, you might incur minimum storage duration charges for certain storage classes. For detailed information, see [Considerations when working with Amazon S3 storage classes in DataSync](https://docs.aws.amazon.com/datasync/latest/userguide/create-s3-location.html#using-storage-classes) in the *AWS DataSync User Guide* .\n\nDefault value: `PRESERVE`\n\n`PRESERVE` : Ignore destination files that aren't present in the source (recommended).\n\n`REMOVE` : Delete destination files that aren't present in the source.", + "title": "PreserveDeletedFiles", + "type": "string" + }, + "PreserveDevices": { + "markdownDescription": "A value that determines whether AWS DataSync should preserve the metadata of block and character devices in the source file system, and re-create the files with that device name and metadata on the destination. DataSync does not copy the contents of such devices, only the name and metadata.\n\n> AWS DataSync can't sync the actual contents of such devices, because they are nonterminal and don't return an end-of-file (EOF) marker. \n\nDefault value: `NONE`\n\n`NONE` : Ignore special devices (recommended).\n\n`PRESERVE` : Preserve character and block device metadata. This option isn't currently supported for Amazon EFS.", + "title": "PreserveDevices", + "type": "string" + }, + "SecurityDescriptorCopyFlags": { + "markdownDescription": "A value that determines which components of the SMB security descriptor are copied from source to destination objects.\n\nThis value is only used for transfers between SMB and Amazon FSx for Windows File Server locations, or between two Amazon FSx for Windows File Server locations. For more information about how DataSync handles metadata, see [How DataSync Handles Metadata and Special Files](https://docs.aws.amazon.com/datasync/latest/userguide/special-files.html) .\n\nDefault value: `OWNER_DACL`\n\n`OWNER_DACL` : For each copied object, DataSync copies the following metadata:\n\n- Object owner.\n- NTFS discretionary access control lists (DACLs), which determine whether to grant access to an object.\n\nWhen you use option, DataSync does NOT copy the NTFS system access control lists (SACLs), which are used by administrators to log attempts to access a secured object.\n\n`OWNER_DACL_SACL` : For each copied object, DataSync copies the following metadata:\n\n- Object owner.\n- NTFS discretionary access control lists (DACLs), which determine whether to grant access to an object.\n- NTFS system access control lists (SACLs), which are used by administrators to log attempts to access a secured object.\n\nCopying SACLs requires granting additional permissions to the Windows user that DataSync uses to access your SMB location. For information about choosing a user that ensures sufficient permissions to files, folders, and metadata, see [user](https://docs.aws.amazon.com/datasync/latest/userguide/create-smb-location.html#SMBuser) .\n\n`NONE` : None of the SMB security descriptor components are copied. Destination objects are owned by the user that was provided for accessing the destination location. DACLs and SACLs are set based on the destination server\u2019s configuration.", + "title": "SecurityDescriptorCopyFlags", + "type": "string" + }, + "TaskQueueing": { + "markdownDescription": "Specifies whether your transfer tasks should be put into a queue during certain scenarios when [running multiple tasks](https://docs.aws.amazon.com/datasync/latest/userguide/run-task.html#running-multiple-tasks) . This is `ENABLED` by default.", + "title": "TaskQueueing", + "type": "string" + }, + "TransferMode": { + "markdownDescription": "A value that determines whether DataSync transfers only the data and metadata that differ between the source and the destination location, or whether DataSync transfers all the content from the source, without comparing it to the destination location.\n\n`CHANGED` : DataSync copies only data or metadata that is new or different from the source location to the destination location.\n\n`ALL` : DataSync copies all source location content to the destination, without comparing it to existing content on the destination.", + "title": "TransferMode", + "type": "string" + }, + "Uid": { + "markdownDescription": "The user ID (UID) of the file's owner.\n\nDefault value: `INT_VALUE`\n\n`INT_VALUE` : Preserve the integer value of the UID and group ID (GID) (recommended).\n\n`NAME` : Currently not supported\n\n`NONE` : Ignore the UID and GID.", + "title": "Uid", + "type": "string" + }, + "VerifyMode": { + "markdownDescription": "A value that determines whether a data integrity verification is performed at the end of a task execution after all data and metadata have been transferred. For more information, see [Configure task settings](https://docs.aws.amazon.com/datasync/latest/userguide/create-task.html) .\n\nDefault value: `POINT_IN_TIME_CONSISTENT`\n\n`ONLY_FILES_TRANSFERRED` (recommended): Perform verification only on files that were transferred.\n\n`POINT_IN_TIME_CONSISTENT` : Scan the entire source and entire destination at the end of the transfer to verify that the source and destination are fully synchronized. This option isn't supported when transferring to S3 Glacier or S3 Glacier Deep Archive storage classes.\n\n`NONE` : No additional verification is done at the end of the transfer, but all data transmissions are integrity-checked with checksum verification during the transfer.", + "title": "VerifyMode", + "type": "string" } }, "type": "object" }, - "AWS::EC2::NetworkInsightsAccessScope.PathStatementRequest": { + "AWS::DataSync::Task.Overrides": { "additionalProperties": false, "properties": { - "PacketHeaderStatement": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.PacketHeaderStatementRequest", - "markdownDescription": "The packet header statement.", - "title": "PacketHeaderStatement" + "Deleted": { + "$ref": "#/definitions/AWS::DataSync::Task.Deleted", + "markdownDescription": "", + "title": "Deleted" }, - "ResourceStatement": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.ResourceStatementRequest", - "markdownDescription": "The resource statement.", - "title": "ResourceStatement" + "Skipped": { + "$ref": "#/definitions/AWS::DataSync::Task.Skipped", + "markdownDescription": "", + "title": "Skipped" + }, + "Transferred": { + "$ref": "#/definitions/AWS::DataSync::Task.Transferred", + "markdownDescription": "", + "title": "Transferred" + }, + "Verified": { + "$ref": "#/definitions/AWS::DataSync::Task.Verified", + "markdownDescription": "", + "title": "Verified" } }, "type": "object" }, - "AWS::EC2::NetworkInsightsAccessScope.ResourceStatementRequest": { + "AWS::DataSync::Task.Skipped": { "additionalProperties": false, "properties": { - "ResourceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The resource types.", - "title": "ResourceTypes", - "type": "array" - }, - "Resources": { - "items": { - "type": "string" - }, - "markdownDescription": "The resources.", - "title": "Resources", - "type": "array" + "ReportLevel": { + "markdownDescription": "", + "title": "ReportLevel", + "type": "string" } }, "type": "object" }, - "AWS::EC2::NetworkInsightsAccessScope.ThroughResourcesStatementRequest": { + "AWS::DataSync::Task.Source": { "additionalProperties": false, "properties": { - "ResourceStatement": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.ResourceStatementRequest", - "markdownDescription": "The resource statement.", - "title": "ResourceStatement" + "S3": { + "$ref": "#/definitions/AWS::DataSync::Task.ManifestConfigSourceS3", + "markdownDescription": "", + "title": "S3" } }, "type": "object" }, - "AWS::EC2::NetworkInsightsAccessScopeAnalysis": { + "AWS::DataSync::Task.TaskReportConfig": { "additionalProperties": false, "properties": { - "Condition": { + "Destination": { + "$ref": "#/definitions/AWS::DataSync::Task.Destination", + "markdownDescription": "Specifies the Amazon S3 bucket where DataSync uploads your task report. For more information, see [Task reports](https://docs.aws.amazon.com/datasync/latest/userguide/task-reports.html#task-report-access) .", + "title": "Destination" + }, + "ObjectVersionIds": { + "markdownDescription": "Specifies whether your task report includes the new version of each object transferred into an S3 bucket. This only applies if you [enable versioning on your bucket](https://docs.aws.amazon.com/AmazonS3/latest/userguide/manage-versioning-examples.html) . Keep in mind that setting this to `INCLUDE` can increase the duration of your task execution.", + "title": "ObjectVersionIds", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "OutputType": { + "markdownDescription": "Specifies the type of task report that you want:\n\n- `SUMMARY_ONLY` : Provides necessary details about your task, including the number of files, objects, and directories transferred and transfer duration.\n- `STANDARD` : Provides complete details about your task, including a full list of files, objects, and directories that were transferred, skipped, verified, and more.", + "title": "OutputType", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Overrides": { + "$ref": "#/definitions/AWS::DataSync::Task.Overrides", + "markdownDescription": "Customizes the reporting level for aspects of your task report. For example, your report might generally only include errors, but you could specify that you want a list of successes and errors just for the files that DataSync attempted to delete in your destination location.", + "title": "Overrides" }, - "Metadata": { - "type": "object" + "ReportLevel": { + "markdownDescription": "Specifies whether you want your task report to include only what went wrong with your transfer or a list of what succeeded and didn't.\n\n- `ERRORS_ONLY` : A report shows what DataSync was unable to transfer, skip, verify, and delete.\n- `SUCCESSES_AND_ERRORS` : A report shows what DataSync was able and unable to transfer, skip, verify, and delete.", + "title": "ReportLevel", + "type": "string" + } + }, + "required": [ + "Destination", + "OutputType" + ], + "type": "object" + }, + "AWS::DataSync::Task.TaskReportConfigDestinationS3": { + "additionalProperties": false, + "properties": { + "BucketAccessRoleArn": { + "markdownDescription": "", + "title": "BucketAccessRoleArn", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "NetworkInsightsAccessScopeId": { - "markdownDescription": "The ID of the Network Access Scope.", - "title": "NetworkInsightsAccessScopeId", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "NetworkInsightsAccessScopeId" - ], - "type": "object" + "S3BucketArn": { + "markdownDescription": "", + "title": "S3BucketArn", + "type": "string" }, - "Type": { - "enum": [ - "AWS::EC2::NetworkInsightsAccessScopeAnalysis" - ], + "Subdirectory": { + "markdownDescription": "", + "title": "Subdirectory", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataSync::Task.TaskSchedule": { + "additionalProperties": false, + "properties": { + "ScheduleExpression": { + "markdownDescription": "Specifies your task schedule by using a cron or rate expression.\n\nUse cron expressions for task schedules that run on a specific time and day. For example, the following cron expression creates a task schedule that runs at 8 AM on the first Wednesday of every month:\n\n`cron(0 8 * * 3#1)`\n\nUse rate expressions for task schedules that run on a regular interval. For example, the following rate expression creates a task schedule that runs every 12 hours:\n\n`rate(12 hours)`\n\nFor information about cron and rate expression syntax, see the [*Amazon EventBridge User Guide*](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-scheduled-rule-pattern.html) .", + "title": "ScheduleExpression", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Status": { + "markdownDescription": "Specifies whether to enable or disable your task schedule. Your schedule is enabled by default, but there can be situations where you need to disable it. For example, you might need to pause a recurring transfer to fix an issue with your task or perform maintenance on your storage system.\n\nDataSync might disable your schedule automatically if your task fails repeatedly with the same error. For more information, see [TaskScheduleDetails](https://docs.aws.amazon.com/datasync/latest/userguide/API_TaskScheduleDetails.html) .", + "title": "Status", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::EC2::NetworkInsightsAnalysis": { + "AWS::DataSync::Task.Transferred": { + "additionalProperties": false, + "properties": { + "ReportLevel": { + "markdownDescription": "", + "title": "ReportLevel", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataSync::Task.Verified": { + "additionalProperties": false, + "properties": { + "ReportLevel": { + "markdownDescription": "", + "title": "ReportLevel", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataZone::Connection": { "additionalProperties": false, "properties": { "Condition": { @@ -74649,44 +80659,47 @@ "Properties": { "additionalProperties": false, "properties": { - "AdditionalAccounts": { - "items": { - "type": "string" - }, - "markdownDescription": "The member accounts that contain resources that the path can traverse.", - "title": "AdditionalAccounts", - "type": "array" + "AwsLocation": { + "$ref": "#/definitions/AWS::DataZone::Connection.AwsLocation", + "markdownDescription": "The location where the connection is created.", + "title": "AwsLocation" }, - "FilterInArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Names (ARN) of the resources that the path must traverse.", - "title": "FilterInArns", - "type": "array" + "Description": { + "markdownDescription": "Connection description.", + "title": "Description", + "type": "string" }, - "NetworkInsightsPathId": { - "markdownDescription": "The ID of the path.", - "title": "NetworkInsightsPathId", + "DomainIdentifier": { + "markdownDescription": "The ID of the domain where the connection is created.", + "title": "DomainIdentifier", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to apply.", - "title": "Tags", - "type": "array" + "EnvironmentIdentifier": { + "markdownDescription": "The ID of the environment where the connection is created.", + "title": "EnvironmentIdentifier", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the connection.", + "title": "Name", + "type": "string" + }, + "Props": { + "$ref": "#/definitions/AWS::DataZone::Connection.ConnectionPropertiesInput", + "markdownDescription": "Connection props.", + "title": "Props" } }, "required": [ - "NetworkInsightsPathId" + "DomainIdentifier", + "EnvironmentIdentifier", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::NetworkInsightsAnalysis" + "AWS::DataZone::Connection" ], "type": "string" }, @@ -74705,722 +80718,620 @@ ], "type": "object" }, - "AWS::EC2::NetworkInsightsAnalysis.AdditionalDetail": { + "AWS::DataZone::Connection.AthenaPropertiesInput": { "additionalProperties": false, "properties": { - "AdditionalDetailType": { - "markdownDescription": "The additional detail code.", - "title": "AdditionalDetailType", + "WorkgroupName": { + "markdownDescription": "The Amazon Athena workgroup name of a connection.", + "title": "WorkgroupName", + "type": "string" + } + }, + "required": [ + "WorkgroupName" + ], + "type": "object" + }, + "AWS::DataZone::Connection.AuthenticationConfigurationInput": { + "additionalProperties": false, + "properties": { + "AuthenticationType": { + "markdownDescription": "The authentication type of a connection.", + "title": "AuthenticationType", "type": "string" }, - "Component": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The path component.", - "title": "Component" + "BasicAuthenticationCredentials": { + "$ref": "#/definitions/AWS::DataZone::Connection.BasicAuthenticationCredentials", + "markdownDescription": "The basic authentication credentials of a connection.", + "title": "BasicAuthenticationCredentials" }, - "LoadBalancers": { - "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent" + "CustomAuthenticationCredentials": { + "additionalProperties": true, + "markdownDescription": "The custom authentication credentials of a connection.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "The load balancers.", - "title": "LoadBalancers", - "type": "array" + "title": "CustomAuthenticationCredentials", + "type": "object" }, - "ServiceName": { - "markdownDescription": "The name of the VPC endpoint service.", - "title": "ServiceName", + "KmsKeyArn": { + "markdownDescription": "The KMS key ARN of a connection.", + "title": "KmsKeyArn", + "type": "string" + }, + "OAuth2Properties": { + "$ref": "#/definitions/AWS::DataZone::Connection.OAuth2Properties", + "markdownDescription": "The oAuth2 properties of a connection.", + "title": "OAuth2Properties" + }, + "SecretArn": { + "markdownDescription": "The secret ARN of a connection.", + "title": "SecretArn", "type": "string" } }, "type": "object" }, - "AWS::EC2::NetworkInsightsAnalysis.AlternatePathHint": { + "AWS::DataZone::Connection.AuthorizationCodeProperties": { "additionalProperties": false, "properties": { - "ComponentArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the component.", - "title": "ComponentArn", + "AuthorizationCode": { + "markdownDescription": "The authorization code of a connection.", + "title": "AuthorizationCode", "type": "string" }, - "ComponentId": { - "markdownDescription": "The ID of the component.", - "title": "ComponentId", + "RedirectUri": { + "markdownDescription": "The redirect URI of a connection.", + "title": "RedirectUri", "type": "string" } }, "type": "object" }, - "AWS::EC2::NetworkInsightsAnalysis.AnalysisAclRule": { + "AWS::DataZone::Connection.AwsLocation": { "additionalProperties": false, "properties": { - "Cidr": { - "markdownDescription": "The IPv4 address range, in CIDR notation.", - "title": "Cidr", + "AccessRole": { + "markdownDescription": "The access role of a connection.", + "title": "AccessRole", "type": "string" }, - "Egress": { - "markdownDescription": "Indicates whether the rule is an outbound rule.", - "title": "Egress", - "type": "boolean" - }, - "PortRange": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.PortRange", - "markdownDescription": "The range of ports.", - "title": "PortRange" - }, - "Protocol": { - "markdownDescription": "The protocol.", - "title": "Protocol", + "AwsAccountId": { + "markdownDescription": "The account ID of a connection.", + "title": "AwsAccountId", "type": "string" }, - "RuleAction": { - "markdownDescription": "Indicates whether to allow or deny traffic that matches the rule.", - "title": "RuleAction", + "AwsRegion": { + "markdownDescription": "The Region of a connection.", + "title": "AwsRegion", "type": "string" }, - "RuleNumber": { - "markdownDescription": "The rule number.", - "title": "RuleNumber", - "type": "number" + "IamConnectionId": { + "markdownDescription": "The IAM connection ID of a connection.", + "title": "IamConnectionId", + "type": "string" } }, "type": "object" }, - "AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent": { + "AWS::DataZone::Connection.BasicAuthenticationCredentials": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the component.", - "title": "Arn", + "Password": { + "markdownDescription": "The password for a connection.", + "title": "Password", "type": "string" }, - "Id": { - "markdownDescription": "The ID of the component.", - "title": "Id", + "UserName": { + "markdownDescription": "The user name for the connecion.", + "title": "UserName", "type": "string" } }, "type": "object" }, - "AWS::EC2::NetworkInsightsAnalysis.AnalysisLoadBalancerListener": { + "AWS::DataZone::Connection.ConnectionPropertiesInput": { "additionalProperties": false, "properties": { - "InstancePort": { - "markdownDescription": "[Classic Load Balancers] The back-end port for the listener.", - "title": "InstancePort", - "type": "number" + "AthenaProperties": { + "$ref": "#/definitions/AWS::DataZone::Connection.AthenaPropertiesInput", + "markdownDescription": "The Amazon Athena properties of a connection.", + "title": "AthenaProperties" }, - "LoadBalancerPort": { - "markdownDescription": "The port on which the load balancer is listening.", - "title": "LoadBalancerPort", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::NetworkInsightsAnalysis.AnalysisLoadBalancerTarget": { - "additionalProperties": false, - "properties": { - "Address": { - "markdownDescription": "The IP address.", - "title": "Address", - "type": "string" + "GlueProperties": { + "$ref": "#/definitions/AWS::DataZone::Connection.GluePropertiesInput", + "markdownDescription": "The AWS Glue properties of a connection.", + "title": "GlueProperties" }, - "AvailabilityZone": { - "markdownDescription": "The Availability Zone.", - "title": "AvailabilityZone", - "type": "string" + "HyperPodProperties": { + "$ref": "#/definitions/AWS::DataZone::Connection.HyperPodPropertiesInput", + "markdownDescription": "The hyper pod properties of a connection.", + "title": "HyperPodProperties" }, - "Instance": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "Information about the instance.", - "title": "Instance" + "IamProperties": { + "$ref": "#/definitions/AWS::DataZone::Connection.IamPropertiesInput", + "markdownDescription": "The IAM properties of a connection.", + "title": "IamProperties" }, - "Port": { - "markdownDescription": "The port on which the target is listening.", - "title": "Port", - "type": "number" + "RedshiftProperties": { + "$ref": "#/definitions/AWS::DataZone::Connection.RedshiftPropertiesInput", + "markdownDescription": "The Amazon Redshift properties of a connection.", + "title": "RedshiftProperties" + }, + "SparkEmrProperties": { + "$ref": "#/definitions/AWS::DataZone::Connection.SparkEmrPropertiesInput", + "markdownDescription": "The Spark EMR properties of a connection.", + "title": "SparkEmrProperties" + }, + "SparkGlueProperties": { + "$ref": "#/definitions/AWS::DataZone::Connection.SparkGluePropertiesInput", + "markdownDescription": "The Spark AWS Glue properties of a connection.", + "title": "SparkGlueProperties" } }, "type": "object" }, - "AWS::EC2::NetworkInsightsAnalysis.AnalysisPacketHeader": { + "AWS::DataZone::Connection.GlueConnectionInput": { "additionalProperties": false, "properties": { - "DestinationAddresses": { - "items": { - "type": "string" + "AthenaProperties": { + "additionalProperties": true, + "markdownDescription": "The Amazon Athena properties of the AWS Glue connection.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "The destination addresses.", - "title": "DestinationAddresses", - "type": "array" + "title": "AthenaProperties", + "type": "object" }, - "DestinationPortRanges": { - "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.PortRange" + "AuthenticationConfiguration": { + "$ref": "#/definitions/AWS::DataZone::Connection.AuthenticationConfigurationInput", + "markdownDescription": "The authentication configuration of the AWS Glue connection.", + "title": "AuthenticationConfiguration" + }, + "ConnectionProperties": { + "additionalProperties": true, + "markdownDescription": "The connection properties of the AWS Glue connection.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "The destination port ranges.", - "title": "DestinationPortRanges", - "type": "array" + "title": "ConnectionProperties", + "type": "object" }, - "Protocol": { - "markdownDescription": "The protocol.", - "title": "Protocol", + "ConnectionType": { + "markdownDescription": "The connection type of the AWS Glue connection.", + "title": "ConnectionType", "type": "string" }, - "SourceAddresses": { - "items": { - "type": "string" + "Description": { + "markdownDescription": "The description of the AWS Glue connection.", + "title": "Description", + "type": "string" + }, + "MatchCriteria": { + "markdownDescription": "The match criteria of the AWS Glue connection.", + "title": "MatchCriteria", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the AWS Glue connection.", + "title": "Name", + "type": "string" + }, + "PhysicalConnectionRequirements": { + "$ref": "#/definitions/AWS::DataZone::Connection.PhysicalConnectionRequirements", + "markdownDescription": "The physical connection requirements for the AWS Glue connection.", + "title": "PhysicalConnectionRequirements" + }, + "PythonProperties": { + "additionalProperties": true, + "markdownDescription": "The Python properties of the AWS Glue connection.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "The source addresses.", - "title": "SourceAddresses", - "type": "array" + "title": "PythonProperties", + "type": "object" }, - "SourcePortRanges": { + "SparkProperties": { + "additionalProperties": true, + "markdownDescription": "The Spark properties of the AWS Glue connection.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "SparkProperties", + "type": "object" + }, + "ValidateCredentials": { + "markdownDescription": "Speciefies whether to validate credentials of the AWS Glue connection.", + "title": "ValidateCredentials", + "type": "boolean" + }, + "ValidateForComputeEnvironments": { "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.PortRange" + "type": "string" }, - "markdownDescription": "The source port ranges.", - "title": "SourcePortRanges", + "markdownDescription": "Speciefies whether to validate for compute environments of the AWS Glue connection.", + "title": "ValidateForComputeEnvironments", "type": "array" } }, "type": "object" }, - "AWS::EC2::NetworkInsightsAnalysis.AnalysisRouteTableRoute": { + "AWS::DataZone::Connection.GlueOAuth2Credentials": { "additionalProperties": false, "properties": { - "NatGatewayId": { - "markdownDescription": "The ID of a NAT gateway.", - "title": "NatGatewayId", - "type": "string" - }, - "NetworkInterfaceId": { - "markdownDescription": "The ID of a network interface.", - "title": "NetworkInterfaceId", - "type": "string" - }, - "Origin": { - "markdownDescription": "Describes how the route was created. The following are the possible values:\n\n- CreateRouteTable - The route was automatically created when the route table was created.\n- CreateRoute - The route was manually added to the route table.\n- EnableVgwRoutePropagation - The route was propagated by route propagation.", - "title": "Origin", - "type": "string" - }, - "State": { - "markdownDescription": "The state. The following are the possible values:\n\n- active\n- blackhole", - "title": "State", + "AccessToken": { + "markdownDescription": "The access token of a connection.", + "title": "AccessToken", "type": "string" }, - "TransitGatewayId": { - "markdownDescription": "The ID of a transit gateway.", - "title": "TransitGatewayId", + "JwtToken": { + "markdownDescription": "The jwt token of the connection.", + "title": "JwtToken", "type": "string" }, - "VpcPeeringConnectionId": { - "markdownDescription": "The ID of a VPC peering connection.", - "title": "VpcPeeringConnectionId", + "RefreshToken": { + "markdownDescription": "The refresh token of the connection.", + "title": "RefreshToken", "type": "string" }, - "destinationCidr": { - "markdownDescription": "The destination IPv4 address, in CIDR notation.", - "title": "destinationCidr", + "UserManagedClientApplicationClientSecret": { + "markdownDescription": "The user managed client application client secret of the connection.", + "title": "UserManagedClientApplicationClientSecret", "type": "string" - }, - "destinationPrefixListId": { - "markdownDescription": "The prefix of the AWS service.", - "title": "destinationPrefixListId", + } + }, + "type": "object" + }, + "AWS::DataZone::Connection.GluePropertiesInput": { + "additionalProperties": false, + "properties": { + "GlueConnectionInput": { + "$ref": "#/definitions/AWS::DataZone::Connection.GlueConnectionInput", + "markdownDescription": "The AWS Glue connection.", + "title": "GlueConnectionInput" + } + }, + "type": "object" + }, + "AWS::DataZone::Connection.HyperPodPropertiesInput": { + "additionalProperties": false, + "properties": { + "ClusterName": { + "markdownDescription": "The cluster name the hyper pod properties.", + "title": "ClusterName", "type": "string" - }, - "egressOnlyInternetGatewayId": { - "markdownDescription": "The ID of an egress-only internet gateway.", - "title": "egressOnlyInternetGatewayId", + } + }, + "required": [ + "ClusterName" + ], + "type": "object" + }, + "AWS::DataZone::Connection.IamPropertiesInput": { + "additionalProperties": false, + "properties": { + "GlueLineageSyncEnabled": { + "markdownDescription": "Specifies whether AWS Glue lineage sync is enabled for a connection.", + "title": "GlueLineageSyncEnabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::DataZone::Connection.LineageSyncSchedule": { + "additionalProperties": false, + "properties": { + "Schedule": { + "markdownDescription": "The lineage sync schedule.", + "title": "Schedule", "type": "string" - }, - "gatewayId": { - "markdownDescription": "The ID of the gateway, such as an internet gateway or virtual private gateway.", - "title": "gatewayId", + } + }, + "type": "object" + }, + "AWS::DataZone::Connection.OAuth2ClientApplication": { + "additionalProperties": false, + "properties": { + "AWSManagedClientApplicationReference": { + "markdownDescription": "The AWS managed client application reference in the OAuth2Client application.", + "title": "AWSManagedClientApplicationReference", "type": "string" }, - "instanceId": { - "markdownDescription": "The ID of the instance, such as a NAT instance.", - "title": "instanceId", + "UserManagedClientApplicationClientId": { + "markdownDescription": "The user managed client application client ID in the OAuth2Client application.", + "title": "UserManagedClientApplicationClientId", "type": "string" } }, "type": "object" }, - "AWS::EC2::NetworkInsightsAnalysis.AnalysisSecurityGroupRule": { + "AWS::DataZone::Connection.OAuth2Properties": { "additionalProperties": false, "properties": { - "Cidr": { - "markdownDescription": "The IPv4 address range, in CIDR notation.", - "title": "Cidr", - "type": "string" + "AuthorizationCodeProperties": { + "$ref": "#/definitions/AWS::DataZone::Connection.AuthorizationCodeProperties", + "markdownDescription": "The authorization code properties of the OAuth2 properties.", + "title": "AuthorizationCodeProperties" }, - "Direction": { - "markdownDescription": "The direction. The following are the possible values:\n\n- egress\n- ingress", - "title": "Direction", - "type": "string" + "OAuth2ClientApplication": { + "$ref": "#/definitions/AWS::DataZone::Connection.OAuth2ClientApplication", + "markdownDescription": "The OAuth2 client application of the OAuth2 properties.", + "title": "OAuth2ClientApplication" }, - "PortRange": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.PortRange", - "markdownDescription": "The port range.", - "title": "PortRange" + "OAuth2Credentials": { + "$ref": "#/definitions/AWS::DataZone::Connection.GlueOAuth2Credentials", + "markdownDescription": "The OAuth2 credentials of the OAuth2 properties.", + "title": "OAuth2Credentials" }, - "PrefixListId": { - "markdownDescription": "The prefix list ID.", - "title": "PrefixListId", + "OAuth2GrantType": { + "markdownDescription": "The OAuth2 grant type of the OAuth2 properties.", + "title": "OAuth2GrantType", "type": "string" }, - "Protocol": { - "markdownDescription": "The protocol name.", - "title": "Protocol", + "TokenUrl": { + "markdownDescription": "The OAuth2 token URL of the OAuth2 properties.", + "title": "TokenUrl", "type": "string" }, - "SecurityGroupId": { - "markdownDescription": "The security group ID.", - "title": "SecurityGroupId", - "type": "string" + "TokenUrlParametersMap": { + "additionalProperties": true, + "markdownDescription": "The OAuth2 token URL parameter map of the OAuth2 properties.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "TokenUrlParametersMap", + "type": "object" } }, "type": "object" }, - "AWS::EC2::NetworkInsightsAnalysis.Explanation": { + "AWS::DataZone::Connection.PhysicalConnectionRequirements": { "additionalProperties": false, "properties": { - "Acl": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The network ACL.", - "title": "Acl" - }, - "AclRule": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisAclRule", - "markdownDescription": "The network ACL rule.", - "title": "AclRule" - }, - "Address": { - "markdownDescription": "The IPv4 address, in CIDR notation.", - "title": "Address", + "AvailabilityZone": { + "markdownDescription": "The availability zone of the physical connection requirements of a connection.", + "title": "AvailabilityZone", "type": "string" }, - "Addresses": { + "SecurityGroupIdList": { "items": { "type": "string" }, - "markdownDescription": "The IPv4 addresses, in CIDR notation.", - "title": "Addresses", + "markdownDescription": "The group ID list of the physical connection requirements of a connection.", + "title": "SecurityGroupIdList", "type": "array" }, - "AttachedTo": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The resource to which the component is attached.", - "title": "AttachedTo" - }, - "AvailabilityZones": { - "items": { - "type": "string" - }, - "markdownDescription": "The Availability Zones.", - "title": "AvailabilityZones", - "type": "array" + "SubnetId": { + "markdownDescription": "The subnet ID of the physical connection requirements of a connection.", + "title": "SubnetId", + "type": "string" }, - "Cidrs": { + "SubnetIdList": { "items": { "type": "string" }, - "markdownDescription": "The CIDR ranges.", - "title": "Cidrs", + "markdownDescription": "The subnet ID list of the physical connection requirements of a connection.", + "title": "SubnetIdList", "type": "array" + } + }, + "type": "object" + }, + "AWS::DataZone::Connection.RedshiftCredentials": { + "additionalProperties": false, + "properties": { + "SecretArn": { + "markdownDescription": "The secret ARN of the Amazon Redshift credentials of a connection.", + "title": "SecretArn", + "type": "string" }, - "ClassicLoadBalancerListener": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisLoadBalancerListener", - "markdownDescription": "The listener for a Classic Load Balancer.", - "title": "ClassicLoadBalancerListener" + "UsernamePassword": { + "$ref": "#/definitions/AWS::DataZone::Connection.UsernamePassword", + "markdownDescription": "The username and password of the Amazon Redshift credentials of a connection.", + "title": "UsernamePassword" + } + }, + "type": "object" + }, + "AWS::DataZone::Connection.RedshiftLineageSyncConfigurationInput": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Specifies whether the Amaon Redshift lineage sync configuration is enabled.", + "title": "Enabled", + "type": "boolean" }, - "Component": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The component.", - "title": "Component" + "Schedule": { + "$ref": "#/definitions/AWS::DataZone::Connection.LineageSyncSchedule", + "markdownDescription": "The schedule of the Amaon Redshift lineage sync configuration.", + "title": "Schedule" + } + }, + "type": "object" + }, + "AWS::DataZone::Connection.RedshiftPropertiesInput": { + "additionalProperties": false, + "properties": { + "Credentials": { + "$ref": "#/definitions/AWS::DataZone::Connection.RedshiftCredentials", + "markdownDescription": "The Amaon Redshift credentials.", + "title": "Credentials" }, - "ComponentAccount": { - "markdownDescription": "The AWS account for the component.", - "title": "ComponentAccount", + "DatabaseName": { + "markdownDescription": "The Amazon Redshift database name.", + "title": "DatabaseName", "type": "string" }, - "ComponentRegion": { - "markdownDescription": "The Region for the component.", - "title": "ComponentRegion", + "Host": { + "markdownDescription": "The Amazon Redshift host.", + "title": "Host", "type": "string" }, - "CustomerGateway": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The customer gateway.", - "title": "CustomerGateway" - }, - "Destination": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The destination.", - "title": "Destination" + "LineageSync": { + "$ref": "#/definitions/AWS::DataZone::Connection.RedshiftLineageSyncConfigurationInput", + "markdownDescription": "The lineage sync of the Amazon Redshift.", + "title": "LineageSync" }, - "DestinationVpc": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The destination VPC.", - "title": "DestinationVpc" + "Port": { + "markdownDescription": "The Amaon Redshift port.", + "title": "Port", + "type": "number" }, - "Direction": { - "markdownDescription": "The direction. The following are the possible values:\n\n- egress\n- ingress", - "title": "Direction", + "Storage": { + "$ref": "#/definitions/AWS::DataZone::Connection.RedshiftStorageProperties", + "markdownDescription": "The Amazon Redshift storage.", + "title": "Storage" + } + }, + "type": "object" + }, + "AWS::DataZone::Connection.RedshiftStorageProperties": { + "additionalProperties": false, + "properties": { + "ClusterName": { + "markdownDescription": "The cluster name in the Amazon Redshift storage properties.", + "title": "ClusterName", "type": "string" }, - "ElasticLoadBalancerListener": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The load balancer listener.", - "title": "ElasticLoadBalancerListener" + "WorkgroupName": { + "markdownDescription": "The workgroup name in the Amazon Redshift storage properties.", + "title": "WorkgroupName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataZone::Connection.SparkEmrPropertiesInput": { + "additionalProperties": false, + "properties": { + "ComputeArn": { + "markdownDescription": "The compute ARN of Spark EMR.", + "title": "ComputeArn", + "type": "string" }, - "ExplanationCode": { - "markdownDescription": "The explanation code.", - "title": "ExplanationCode", + "InstanceProfileArn": { + "markdownDescription": "The instance profile ARN of Spark EMR.", + "title": "InstanceProfileArn", "type": "string" }, - "IngressRouteTable": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The route table.", - "title": "IngressRouteTable" + "JavaVirtualEnv": { + "markdownDescription": "The java virtual env of the Spark EMR.", + "title": "JavaVirtualEnv", + "type": "string" }, - "InternetGateway": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The internet gateway.", - "title": "InternetGateway" + "LogUri": { + "markdownDescription": "The log URI of the Spark EMR.", + "title": "LogUri", + "type": "string" }, - "LoadBalancerArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the load balancer.", - "title": "LoadBalancerArn", + "PythonVirtualEnv": { + "markdownDescription": "The Python virtual env of the Spark EMR.", + "title": "PythonVirtualEnv", "type": "string" }, - "LoadBalancerListenerPort": { - "markdownDescription": "The listener port of the load balancer.", - "title": "LoadBalancerListenerPort", - "type": "number" + "RuntimeRole": { + "markdownDescription": "The runtime role of the Spark EMR.", + "title": "RuntimeRole", + "type": "string" }, - "LoadBalancerTarget": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisLoadBalancerTarget", - "markdownDescription": "The target.", - "title": "LoadBalancerTarget" + "TrustedCertificatesS3Uri": { + "markdownDescription": "The certificates S3 URI of the Spark EMR.", + "title": "TrustedCertificatesS3Uri", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataZone::Connection.SparkGlueArgs": { + "additionalProperties": false, + "properties": { + "Connection": { + "markdownDescription": "The connection in the Spark AWS Glue args.", + "title": "Connection", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataZone::Connection.SparkGluePropertiesInput": { + "additionalProperties": false, + "properties": { + "AdditionalArgs": { + "$ref": "#/definitions/AWS::DataZone::Connection.SparkGlueArgs", + "markdownDescription": "The additional args in the Spark AWS Glue properties.", + "title": "AdditionalArgs" }, - "LoadBalancerTargetGroup": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The target group.", - "title": "LoadBalancerTargetGroup" + "GlueConnectionName": { + "markdownDescription": "The AWS Glue connection name in the Spark AWS Glue properties.", + "title": "GlueConnectionName", + "type": "string" }, - "LoadBalancerTargetGroups": { - "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent" - }, - "markdownDescription": "The target groups.", - "title": "LoadBalancerTargetGroups", - "type": "array" + "GlueVersion": { + "markdownDescription": "The AWS Glue version in the Spark AWS Glue properties.", + "title": "GlueVersion", + "type": "string" }, - "LoadBalancerTargetPort": { - "markdownDescription": "The target port.", - "title": "LoadBalancerTargetPort", + "IdleTimeout": { + "markdownDescription": "The idle timeout in the Spark AWS Glue properties.", + "title": "IdleTimeout", "type": "number" }, - "MissingComponent": { - "markdownDescription": "The missing component.", - "title": "MissingComponent", + "JavaVirtualEnv": { + "markdownDescription": "The Java virtual env in the Spark AWS Glue properties.", + "title": "JavaVirtualEnv", "type": "string" }, - "NatGateway": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The NAT gateway.", - "title": "NatGateway" + "NumberOfWorkers": { + "markdownDescription": "The number of workers in the Spark AWS Glue properties.", + "title": "NumberOfWorkers", + "type": "number" }, - "NetworkInterface": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The network interface.", - "title": "NetworkInterface" - }, - "PacketField": { - "markdownDescription": "The packet field.", - "title": "PacketField", - "type": "string" - }, - "Port": { - "markdownDescription": "The port.", - "title": "Port", - "type": "number" - }, - "PortRanges": { - "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.PortRange" - }, - "markdownDescription": "The port ranges.", - "title": "PortRanges", - "type": "array" - }, - "PrefixList": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The prefix list.", - "title": "PrefixList" - }, - "Protocols": { - "items": { - "type": "string" - }, - "markdownDescription": "The protocols.", - "title": "Protocols", - "type": "array" - }, - "RouteTable": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The route table.", - "title": "RouteTable" - }, - "RouteTableRoute": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisRouteTableRoute", - "markdownDescription": "The route table route.", - "title": "RouteTableRoute" - }, - "SecurityGroup": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The security group.", - "title": "SecurityGroup" - }, - "SecurityGroupRule": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisSecurityGroupRule", - "markdownDescription": "The security group rule.", - "title": "SecurityGroupRule" - }, - "SecurityGroups": { - "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent" - }, - "markdownDescription": "The security groups.", - "title": "SecurityGroups", - "type": "array" - }, - "SourceVpc": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The source VPC.", - "title": "SourceVpc" - }, - "State": { - "markdownDescription": "The state.", - "title": "State", + "PythonVirtualEnv": { + "markdownDescription": "The Python virtual env in the Spark AWS Glue properties.", + "title": "PythonVirtualEnv", "type": "string" }, - "Subnet": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The subnet.", - "title": "Subnet" - }, - "SubnetRouteTable": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The route table for the subnet.", - "title": "SubnetRouteTable" - }, - "TransitGateway": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The transit gateway.", - "title": "TransitGateway" - }, - "TransitGatewayAttachment": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The transit gateway attachment.", - "title": "TransitGatewayAttachment" - }, - "TransitGatewayRouteTable": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The transit gateway route table.", - "title": "TransitGatewayRouteTable" - }, - "TransitGatewayRouteTableRoute": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.TransitGatewayRouteTableRoute", - "markdownDescription": "The transit gateway route table route.", - "title": "TransitGatewayRouteTableRoute" - }, - "Vpc": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The component VPC.", - "title": "Vpc" - }, - "VpcPeeringConnection": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The VPC peering connection.", - "title": "VpcPeeringConnection" - }, - "VpnConnection": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The VPN connection.", - "title": "VpnConnection" - }, - "VpnGateway": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The VPN gateway.", - "title": "VpnGateway" - }, - "vpcEndpoint": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The VPC endpoint.", - "title": "vpcEndpoint" - } - }, - "type": "object" - }, - "AWS::EC2::NetworkInsightsAnalysis.PathComponent": { - "additionalProperties": false, - "properties": { - "AclRule": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisAclRule", - "markdownDescription": "The network ACL rule.", - "title": "AclRule" - }, - "AdditionalDetails": { - "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AdditionalDetail" - }, - "markdownDescription": "The additional details.", - "title": "AdditionalDetails", - "type": "array" - }, - "Component": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The component.", - "title": "Component" - }, - "DestinationVpc": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The destination VPC.", - "title": "DestinationVpc" - }, - "ElasticLoadBalancerListener": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The load balancer listener.", - "title": "ElasticLoadBalancerListener" - }, - "Explanations": { - "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.Explanation" - }, - "markdownDescription": "The explanation codes.", - "title": "Explanations", - "type": "array" - }, - "InboundHeader": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisPacketHeader", - "markdownDescription": "The inbound header.", - "title": "InboundHeader" - }, - "OutboundHeader": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisPacketHeader", - "markdownDescription": "The outbound header.", - "title": "OutboundHeader" - }, - "RouteTableRoute": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisRouteTableRoute", - "markdownDescription": "The route table route.", - "title": "RouteTableRoute" - }, - "SecurityGroupRule": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisSecurityGroupRule", - "markdownDescription": "The security group rule.", - "title": "SecurityGroupRule" - }, - "SequenceNumber": { - "markdownDescription": "The sequence number.", - "title": "SequenceNumber", - "type": "number" - }, - "ServiceName": { - "markdownDescription": "The name of the VPC endpoint service.", - "title": "ServiceName", + "WorkerType": { + "markdownDescription": "The worker type in the Spark AWS Glue properties.", + "title": "WorkerType", "type": "string" - }, - "SourceVpc": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The source VPC.", - "title": "SourceVpc" - }, - "Subnet": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The subnet.", - "title": "Subnet" - }, - "TransitGateway": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The transit gateway.", - "title": "TransitGateway" - }, - "TransitGatewayRouteTableRoute": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.TransitGatewayRouteTableRoute", - "markdownDescription": "The route in a transit gateway route table.", - "title": "TransitGatewayRouteTableRoute" - }, - "Vpc": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The component VPC.", - "title": "Vpc" - } - }, - "type": "object" - }, - "AWS::EC2::NetworkInsightsAnalysis.PortRange": { - "additionalProperties": false, - "properties": { - "From": { - "markdownDescription": "The first port in the range.", - "title": "From", - "type": "number" - }, - "To": { - "markdownDescription": "The last port in the range.", - "title": "To", - "type": "number" } }, "type": "object" }, - "AWS::EC2::NetworkInsightsAnalysis.TransitGatewayRouteTableRoute": { + "AWS::DataZone::Connection.UsernamePassword": { "additionalProperties": false, "properties": { - "AttachmentId": { - "markdownDescription": "The ID of the route attachment.", - "title": "AttachmentId", - "type": "string" - }, - "DestinationCidr": { - "markdownDescription": "The CIDR block used for destination matches.", - "title": "DestinationCidr", - "type": "string" - }, - "PrefixListId": { - "markdownDescription": "The ID of the prefix list.", - "title": "PrefixListId", - "type": "string" - }, - "ResourceId": { - "markdownDescription": "The ID of the resource for the route attachment.", - "title": "ResourceId", - "type": "string" - }, - "ResourceType": { - "markdownDescription": "The resource type for the route attachment.", - "title": "ResourceType", - "type": "string" - }, - "RouteOrigin": { - "markdownDescription": "The route origin. The following are the possible values:\n\n- static\n- propagated", - "title": "RouteOrigin", + "Password": { + "markdownDescription": "The password of a connection.", + "title": "Password", "type": "string" }, - "State": { - "markdownDescription": "The state of the route.", - "title": "State", + "Username": { + "markdownDescription": "The username of a connection.", + "title": "Username", "type": "string" } }, + "required": [ + "Password", + "Username" + ], "type": "object" }, - "AWS::EC2::NetworkInsightsPath": { + "AWS::DataZone::DataSource": { "additionalProperties": false, "properties": { "Condition": { @@ -75455,64 +81366,86 @@ "Properties": { "additionalProperties": false, "properties": { - "Destination": { - "markdownDescription": "The ID or ARN of the destination. If the resource is in another account, you must specify an ARN.", - "title": "Destination", - "type": "string" + "AssetFormsInput": { + "items": { + "$ref": "#/definitions/AWS::DataZone::DataSource.FormInput" + }, + "markdownDescription": "The metadata forms attached to the assets that the data source works with.", + "title": "AssetFormsInput", + "type": "array" }, - "DestinationIp": { - "markdownDescription": "The IP address of the destination.", - "title": "DestinationIp", + "Configuration": { + "$ref": "#/definitions/AWS::DataZone::DataSource.DataSourceConfigurationInput", + "markdownDescription": "The configuration of the data source.", + "title": "Configuration" + }, + "ConnectionIdentifier": { + "markdownDescription": "", + "title": "ConnectionIdentifier", "type": "string" }, - "DestinationPort": { - "markdownDescription": "The destination port.", - "title": "DestinationPort", - "type": "number" + "Description": { + "markdownDescription": "The description of the data source.", + "title": "Description", + "type": "string" }, - "FilterAtDestination": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsPath.PathFilter", - "markdownDescription": "Scopes the analysis to network paths that match specific filters at the destination. If you specify this parameter, you can't specify the parameter for the destination IP address.", - "title": "FilterAtDestination" + "DomainIdentifier": { + "markdownDescription": "The ID of the Amazon DataZone domain where the data source is created.", + "title": "DomainIdentifier", + "type": "string" }, - "FilterAtSource": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsPath.PathFilter", - "markdownDescription": "Scopes the analysis to network paths that match specific filters at the source. If you specify this parameter, you can't specify the parameters for the source IP address or the destination port.", - "title": "FilterAtSource" + "EnableSetting": { + "markdownDescription": "Specifies whether the data source is enabled.", + "title": "EnableSetting", + "type": "string" }, - "Protocol": { - "markdownDescription": "The protocol.", - "title": "Protocol", + "EnvironmentIdentifier": { + "markdownDescription": "The unique identifier of the Amazon DataZone environment to which the data source publishes assets.", + "title": "EnvironmentIdentifier", "type": "string" }, - "Source": { - "markdownDescription": "The ID or ARN of the source. If the resource is in another account, you must specify an ARN.", - "title": "Source", + "Name": { + "markdownDescription": "The name of the data source.", + "title": "Name", "type": "string" }, - "SourceIp": { - "markdownDescription": "The IP address of the source.", - "title": "SourceIp", + "ProjectIdentifier": { + "markdownDescription": "The identifier of the Amazon DataZone project in which you want to add this data source.", + "title": "ProjectIdentifier", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to add to the path.", - "title": "Tags", - "type": "array" + "PublishOnImport": { + "markdownDescription": "Specifies whether the assets that this data source creates in the inventory are to be also automatically published to the catalog.", + "title": "PublishOnImport", + "type": "boolean" + }, + "Recommendation": { + "$ref": "#/definitions/AWS::DataZone::DataSource.RecommendationConfiguration", + "markdownDescription": "Specifies whether the business name generation is to be enabled for this data source.", + "title": "Recommendation" + }, + "Schedule": { + "$ref": "#/definitions/AWS::DataZone::DataSource.ScheduleConfiguration", + "markdownDescription": "The schedule of the data source runs.", + "title": "Schedule" + }, + "Type": { + "markdownDescription": "The type of the data source. In Amazon DataZone, you can use data sources to import technical metadata of assets (data) from the source databases or data warehouses into Amazon DataZone. In the current release of Amazon DataZone, you can create and run data sources for AWS Glue and Amazon Redshift.", + "title": "Type", + "type": "string" } }, "required": [ - "Protocol", - "Source" + "DomainIdentifier", + "Name", + "ProjectIdentifier", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::NetworkInsightsPath" + "AWS::DataZone::DataSource" ], "type": "string" }, @@ -75531,292 +81464,267 @@ ], "type": "object" }, - "AWS::EC2::NetworkInsightsPath.FilterPortRange": { + "AWS::DataZone::DataSource.DataSourceConfigurationInput": { "additionalProperties": false, "properties": { - "FromPort": { - "markdownDescription": "The first port in the range.", - "title": "FromPort", - "type": "number" + "GlueRunConfiguration": { + "$ref": "#/definitions/AWS::DataZone::DataSource.GlueRunConfigurationInput", + "markdownDescription": "The configuration of the AWS Glue data source.", + "title": "GlueRunConfiguration" }, - "ToPort": { - "markdownDescription": "The last port in the range.", - "title": "ToPort", - "type": "number" + "RedshiftRunConfiguration": { + "$ref": "#/definitions/AWS::DataZone::DataSource.RedshiftRunConfigurationInput", + "markdownDescription": "The configuration of the Amazon Redshift data source.", + "title": "RedshiftRunConfiguration" + }, + "SageMakerRunConfiguration": { + "$ref": "#/definitions/AWS::DataZone::DataSource.SageMakerRunConfigurationInput", + "markdownDescription": "", + "title": "SageMakerRunConfiguration" } }, "type": "object" }, - "AWS::EC2::NetworkInsightsPath.PathFilter": { + "AWS::DataZone::DataSource.FilterExpression": { "additionalProperties": false, "properties": { - "DestinationAddress": { - "markdownDescription": "The destination IPv4 address.", - "title": "DestinationAddress", + "Expression": { + "markdownDescription": "The search filter expression.", + "title": "Expression", "type": "string" }, - "DestinationPortRange": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsPath.FilterPortRange", - "markdownDescription": "The destination port range.", - "title": "DestinationPortRange" - }, - "SourceAddress": { - "markdownDescription": "The source IPv4 address.", - "title": "SourceAddress", + "Type": { + "markdownDescription": "The search filter explresison type.", + "title": "Type", "type": "string" - }, - "SourcePortRange": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsPath.FilterPortRange", - "markdownDescription": "The source port range.", - "title": "SourcePortRange" } }, + "required": [ + "Expression", + "Type" + ], "type": "object" }, - "AWS::EC2::NetworkInterface": { + "AWS::DataZone::DataSource.FormInput": { "additionalProperties": false, "properties": { - "Condition": { + "Content": { + "markdownDescription": "", + "title": "Content", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FormName": { + "markdownDescription": "", + "title": "FormName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ConnectionTrackingSpecification": { - "$ref": "#/definitions/AWS::EC2::NetworkInterface.ConnectionTrackingSpecification", - "markdownDescription": "A connection tracking specification for the network interface.", - "title": "ConnectionTrackingSpecification" - }, - "Description": { - "markdownDescription": "A description for the network interface.", - "title": "Description", - "type": "string" - }, - "GroupSet": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the security groups associated with this network interface.", - "title": "GroupSet", - "type": "array" - }, - "InterfaceType": { - "markdownDescription": "The type of network interface. The default is `interface` . The supported values are `efa` and `trunk` .", - "title": "InterfaceType", - "type": "string" - }, - "Ipv4PrefixCount": { - "markdownDescription": "The number of IPv4 prefixes to be automatically assigned to the network interface.\n\nWhen creating a network interface, you can't specify a count of IPv4 prefixes if you've specified one of the following: specific IPv4 prefixes, specific private IPv4 addresses, or a count of private IPv4 addresses.", - "title": "Ipv4PrefixCount", - "type": "number" - }, - "Ipv4Prefixes": { - "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInterface.Ipv4PrefixSpecification" - }, - "markdownDescription": "The IPv4 delegated prefixes that are assigned to the network interface.\n\nWhen creating a network interface, you can't specify IPv4 prefixes if you've specified one of the following: a count of IPv4 prefixes, specific private IPv4 addresses, or a count of private IPv4 addresses.", - "title": "Ipv4Prefixes", - "type": "array" - }, - "Ipv6AddressCount": { - "markdownDescription": "The number of IPv6 addresses to assign to the network interface. Amazon EC2 automatically selects the IPv6 addresses from the subnet range. To specify specific IPv6 addresses, use the `Ipv6Addresses` property and don't specify this property.\n\nWhen creating a network interface, you can't specify a count of IPv6 addresses if you've specified one of the following: specific IPv6 addresses, specific IPv6 prefixes, or a count of IPv6 prefixes.", - "title": "Ipv6AddressCount", - "type": "number" - }, - "Ipv6Addresses": { - "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInterface.InstanceIpv6Address" - }, - "markdownDescription": "The IPv6 addresses from the IPv6 CIDR block range of your subnet to assign to the network interface. If you're specifying a number of IPv6 addresses, use the `Ipv6AddressCount` property and don't specify this property.\n\nWhen creating a network interface, you can't specify IPv6 addresses if you've specified one of the following: a count of IPv6 addresses, specific IPv6 prefixes, or a count of IPv6 prefixes.", - "title": "Ipv6Addresses", - "type": "array" - }, - "Ipv6PrefixCount": { - "markdownDescription": "The number of IPv6 prefixes to be automatically assigned to the network interface.\n\nWhen creating a network interface, you can't specify a count of IPv6 prefixes if you've specified one of the following: specific IPv6 prefixes, specific IPv6 addresses, or a count of IPv6 addresses.", - "title": "Ipv6PrefixCount", - "type": "number" - }, - "Ipv6Prefixes": { - "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInterface.Ipv6PrefixSpecification" - }, - "markdownDescription": "The IPv6 delegated prefixes that are assigned to the network interface.\n\nWhen creating a network interface, you can't specify IPv6 prefixes if you've specified one of the following: a count of IPv6 prefixes, specific IPv6 addresses, or a count of IPv6 addresses.", - "title": "Ipv6Prefixes", - "type": "array" - }, - "PrivateIpAddress": { - "markdownDescription": "The private IPv4 address to assign to the network interface as the primary private IP address. If you want to specify multiple private IP addresses, use the `PrivateIpAddresses` property.", - "title": "PrivateIpAddress", - "type": "string" - }, - "PrivateIpAddresses": { - "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInterface.PrivateIpAddressSpecification" - }, - "markdownDescription": "The private IPv4 addresses to assign to the network interface. You can specify a primary private IP address by setting the value of the `Primary` property to `true` in the `PrivateIpAddressSpecification` property. If you want EC2 to automatically assign private IP addresses, use the `SecondaryPrivateIpAddressCount` property and do not specify this property.\n\nWhen creating a network interface, you can't specify private IPv4 addresses if you've specified one of the following: a count of private IPv4 addresses, specific IPv4 prefixes, or a count of IPv4 prefixes.", - "title": "PrivateIpAddresses", - "type": "array" - }, - "SecondaryPrivateIpAddressCount": { - "markdownDescription": "The number of secondary private IPv4 addresses to assign to a network interface. When you specify a number of secondary IPv4 addresses, Amazon EC2 selects these IP addresses within the subnet's IPv4 CIDR range. You can't specify this option and specify more than one private IP address using `privateIpAddresses` .\n\nWhen creating a Network Interface, you can't specify a count of private IPv4 addresses if you've specified one of the following: specific private IPv4 addresses, specific IPv4 prefixes, or a count of IPv4 prefixes.", - "title": "SecondaryPrivateIpAddressCount", - "type": "number" - }, - "SourceDestCheck": { - "markdownDescription": "Enable or disable source/destination checks, which ensure that the instance is either the source or the destination of any traffic that it receives. If the value is `true` , source/destination checks are enabled; otherwise, they are disabled. The default value is `true` . You must disable source/destination checks if the instance runs services such as network address translation, routing, or firewalls.", - "title": "SourceDestCheck", - "type": "boolean" - }, - "SubnetId": { - "markdownDescription": "The ID of the subnet to associate with the network interface.", - "title": "SubnetId", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to apply to the network interface.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "SubnetId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::EC2::NetworkInterface" - ], + "TypeIdentifier": { + "markdownDescription": "", + "title": "TypeIdentifier", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TypeRevision": { + "markdownDescription": "", + "title": "TypeRevision", "type": "string" } }, "required": [ - "Type", - "Properties" + "FormName" ], "type": "object" }, - "AWS::EC2::NetworkInterface.ConnectionTrackingSpecification": { + "AWS::DataZone::DataSource.GlueRunConfigurationInput": { "additionalProperties": false, "properties": { - "TcpEstablishedTimeout": { - "markdownDescription": "Timeout (in seconds) for idle TCP connections in an established state. Min: 60 seconds. Max: 432000 seconds (5 days). Default: 432000 seconds. Recommended: Less than 432000 seconds.", - "title": "TcpEstablishedTimeout", - "type": "number" + "AutoImportDataQualityResult": { + "markdownDescription": "Specifies whether to automatically import data quality metrics as part of the data source run.", + "title": "AutoImportDataQualityResult", + "type": "boolean" }, - "UdpStreamTimeout": { - "markdownDescription": "Timeout (in seconds) for idle UDP flows classified as streams which have seen more than one request-response transaction. Min: 60 seconds. Max: 180 seconds (3 minutes). Default: 180 seconds.", - "title": "UdpStreamTimeout", - "type": "number" + "CatalogName": { + "markdownDescription": "", + "title": "CatalogName", + "type": "string" }, - "UdpTimeout": { - "markdownDescription": "Timeout (in seconds) for idle UDP flows that have seen traffic only in a single direction or a single request-response transaction. Min: 30 seconds. Max: 60 seconds. Default: 30 seconds.", - "title": "UdpTimeout", - "type": "number" + "DataAccessRole": { + "markdownDescription": "The data access role included in the configuration details of the AWS Glue data source.", + "title": "DataAccessRole", + "type": "string" + }, + "RelationalFilterConfigurations": { + "items": { + "$ref": "#/definitions/AWS::DataZone::DataSource.RelationalFilterConfiguration" + }, + "markdownDescription": "The relational filter configurations included in the configuration details of the AWS Glue data source.", + "title": "RelationalFilterConfigurations", + "type": "array" } }, + "required": [ + "RelationalFilterConfigurations" + ], "type": "object" }, - "AWS::EC2::NetworkInterface.InstanceIpv6Address": { + "AWS::DataZone::DataSource.RecommendationConfiguration": { "additionalProperties": false, "properties": { - "Ipv6Address": { - "markdownDescription": "An IPv6 address to associate with the network interface.", - "title": "Ipv6Address", + "EnableBusinessNameGeneration": { + "markdownDescription": "Specifies whether automatic business name generation is to be enabled or not as part of the recommendation configuration.", + "title": "EnableBusinessNameGeneration", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::DataZone::DataSource.RedshiftClusterStorage": { + "additionalProperties": false, + "properties": { + "ClusterName": { + "markdownDescription": "The name of an Amazon Redshift cluster.", + "title": "ClusterName", "type": "string" } }, "required": [ - "Ipv6Address" + "ClusterName" ], "type": "object" }, - "AWS::EC2::NetworkInterface.Ipv4PrefixSpecification": { + "AWS::DataZone::DataSource.RedshiftCredentialConfiguration": { "additionalProperties": false, "properties": { - "Ipv4Prefix": { - "markdownDescription": "The IPv4 prefix. For information, see [Assigning prefixes to network interfaces](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-prefix-eni.html) in the *Amazon EC2 User Guide* .", - "title": "Ipv4Prefix", + "SecretManagerArn": { + "markdownDescription": "The ARN of a secret manager for an Amazon Redshift cluster.", + "title": "SecretManagerArn", "type": "string" } }, "required": [ - "Ipv4Prefix" + "SecretManagerArn" ], "type": "object" }, - "AWS::EC2::NetworkInterface.Ipv6PrefixSpecification": { + "AWS::DataZone::DataSource.RedshiftRunConfigurationInput": { "additionalProperties": false, "properties": { - "Ipv6Prefix": { - "markdownDescription": "The IPv6 prefix. For information, see [Assigning prefixes to Amazon EC2 network interfaces](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-prefix-eni.html) in the *Amazon Elastic Compute Cloud User Guide* .", - "title": "Ipv6Prefix", + "DataAccessRole": { + "markdownDescription": "The data access role included in the configuration details of the Amazon Redshift data source.", + "title": "DataAccessRole", "type": "string" + }, + "RedshiftCredentialConfiguration": { + "$ref": "#/definitions/AWS::DataZone::DataSource.RedshiftCredentialConfiguration", + "markdownDescription": "The details of the credentials required to access an Amazon Redshift cluster.", + "title": "RedshiftCredentialConfiguration" + }, + "RedshiftStorage": { + "$ref": "#/definitions/AWS::DataZone::DataSource.RedshiftStorage", + "markdownDescription": "The details of the Amazon Redshift storage as part of the configuration of an Amazon Redshift data source run.", + "title": "RedshiftStorage" + }, + "RelationalFilterConfigurations": { + "items": { + "$ref": "#/definitions/AWS::DataZone::DataSource.RelationalFilterConfiguration" + }, + "markdownDescription": "The relational filter configurations included in the configuration details of the AWS Glue data source.", + "title": "RelationalFilterConfigurations", + "type": "array" } }, "required": [ - "Ipv6Prefix" + "RelationalFilterConfigurations" ], "type": "object" }, - "AWS::EC2::NetworkInterface.PrivateIpAddressSpecification": { + "AWS::DataZone::DataSource.RedshiftServerlessStorage": { "additionalProperties": false, "properties": { - "Primary": { - "markdownDescription": "Sets the private IP address as the primary private address. You can set only one primary private IP address. If you don't specify a primary private IP address, Amazon EC2 automatically assigns a primary private IP address.", - "title": "Primary", - "type": "boolean" + "WorkgroupName": { + "markdownDescription": "The name of the Amazon Redshift Serverless workgroup.", + "title": "WorkgroupName", + "type": "string" + } + }, + "required": [ + "WorkgroupName" + ], + "type": "object" + }, + "AWS::DataZone::DataSource.RedshiftStorage": { + "additionalProperties": false, + "properties": { + "RedshiftClusterSource": { + "$ref": "#/definitions/AWS::DataZone::DataSource.RedshiftClusterStorage", + "markdownDescription": "The details of the Amazon Redshift cluster source.", + "title": "RedshiftClusterSource" }, - "PrivateIpAddress": { - "markdownDescription": "The private IP address of the network interface.", - "title": "PrivateIpAddress", + "RedshiftServerlessSource": { + "$ref": "#/definitions/AWS::DataZone::DataSource.RedshiftServerlessStorage", + "markdownDescription": "The details of the Amazon Redshift Serverless workgroup source.", + "title": "RedshiftServerlessSource" + } + }, + "type": "object" + }, + "AWS::DataZone::DataSource.RelationalFilterConfiguration": { + "additionalProperties": false, + "properties": { + "DatabaseName": { + "markdownDescription": "The database name specified in the relational filter configuration for the data source.", + "title": "DatabaseName", + "type": "string" + }, + "FilterExpressions": { + "items": { + "$ref": "#/definitions/AWS::DataZone::DataSource.FilterExpression" + }, + "markdownDescription": "The filter expressions specified in the relational filter configuration for the data source.", + "title": "FilterExpressions", + "type": "array" + }, + "SchemaName": { + "markdownDescription": "The schema name specified in the relational filter configuration for the data source.", + "title": "SchemaName", "type": "string" } }, "required": [ - "Primary", - "PrivateIpAddress" + "DatabaseName" ], "type": "object" }, - "AWS::EC2::NetworkInterfaceAttachment": { + "AWS::DataZone::DataSource.SageMakerRunConfigurationInput": { + "additionalProperties": false, + "properties": { + "TrackingAssets": { + "markdownDescription": "", + "title": "TrackingAssets", + "type": "object" + } + }, + "required": [ + "TrackingAssets" + ], + "type": "object" + }, + "AWS::DataZone::DataSource.ScheduleConfiguration": { + "additionalProperties": false, + "properties": { + "Schedule": { + "markdownDescription": "The schedule of the data source runs.", + "title": "Schedule", + "type": "string" + }, + "Timezone": { + "markdownDescription": "The timezone of the data source run.", + "title": "Timezone", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataZone::Domain": { "additionalProperties": false, "properties": { "Condition": { @@ -75851,42 +81759,59 @@ "Properties": { "additionalProperties": false, "properties": { - "DeleteOnTermination": { - "markdownDescription": "Whether to delete the network interface when the instance terminates. By default, this value is set to `true` .", - "title": "DeleteOnTermination", - "type": "boolean" + "Description": { + "markdownDescription": "The description of the Amazon DataZone domain.", + "title": "Description", + "type": "string" }, - "DeviceIndex": { - "markdownDescription": "The network interface's position in the attachment order. For example, the first attached network interface has a `DeviceIndex` of 0.", - "title": "DeviceIndex", + "DomainExecutionRole": { + "markdownDescription": "The domain execution role that is created when an Amazon DataZone domain is created. The domain execution role is created in the AWS account that houses the Amazon DataZone domain.", + "title": "DomainExecutionRole", "type": "string" }, - "EnaSrdSpecification": { - "$ref": "#/definitions/AWS::EC2::NetworkInterfaceAttachment.EnaSrdSpecification", - "markdownDescription": "Configures ENA Express for the network interface that this action attaches to the instance.", - "title": "EnaSrdSpecification" + "DomainVersion": { + "markdownDescription": "The domain version.", + "title": "DomainVersion", + "type": "string" }, - "InstanceId": { - "markdownDescription": "The ID of the instance to which you will attach the ENI.", - "title": "InstanceId", + "KmsKeyIdentifier": { + "markdownDescription": "The identifier of the AWS Key Management Service (KMS) key that is used to encrypt the Amazon DataZone domain, metadata, and reporting data.", + "title": "KmsKeyIdentifier", "type": "string" }, - "NetworkInterfaceId": { - "markdownDescription": "The ID of the ENI that you want to attach.", - "title": "NetworkInterfaceId", + "Name": { + "markdownDescription": "The name of the Amazon DataZone domain.", + "title": "Name", + "type": "string" + }, + "ServiceRole": { + "markdownDescription": "The service role of the domain.", + "title": "ServiceRole", "type": "string" + }, + "SingleSignOn": { + "$ref": "#/definitions/AWS::DataZone::Domain.SingleSignOn", + "markdownDescription": "The single sign-on details in Amazon DataZone.", + "title": "SingleSignOn" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags specified for the Amazon DataZone domain.", + "title": "Tags", + "type": "array" } }, "required": [ - "DeviceIndex", - "InstanceId", - "NetworkInterfaceId" + "DomainExecutionRole", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::NetworkInterfaceAttachment" + "AWS::DataZone::Domain" ], "type": "string" }, @@ -75905,34 +81830,28 @@ ], "type": "object" }, - "AWS::EC2::NetworkInterfaceAttachment.EnaSrdSpecification": { + "AWS::DataZone::Domain.SingleSignOn": { "additionalProperties": false, "properties": { - "EnaSrdEnabled": { - "markdownDescription": "Indicates whether ENA Express is enabled for the network interface.", - "title": "EnaSrdEnabled", - "type": "boolean" + "IdcInstanceArn": { + "markdownDescription": "The ARN of the IDC instance.", + "title": "IdcInstanceArn", + "type": "string" }, - "EnaSrdUdpSpecification": { - "$ref": "#/definitions/AWS::EC2::NetworkInterfaceAttachment.EnaSrdUdpSpecification", - "markdownDescription": "Configures ENA Express for UDP network traffic.", - "title": "EnaSrdUdpSpecification" - } - }, - "type": "object" - }, - "AWS::EC2::NetworkInterfaceAttachment.EnaSrdUdpSpecification": { - "additionalProperties": false, - "properties": { - "EnaSrdUdpEnabled": { - "markdownDescription": "Indicates whether UDP traffic to and from the instance uses ENA Express. To specify this setting, you must first enable ENA Express.", - "title": "EnaSrdUdpEnabled", - "type": "boolean" + "Type": { + "markdownDescription": "The type of single sign-on in Amazon DataZone.", + "title": "Type", + "type": "string" + }, + "UserAssignment": { + "markdownDescription": "The single sign-on user assignment in Amazon DataZone.", + "title": "UserAssignment", + "type": "string" } }, "type": "object" }, - "AWS::EC2::NetworkInterfacePermission": { + "AWS::DataZone::DomainUnit": { "additionalProperties": false, "properties": { "Condition": { @@ -75967,32 +81886,37 @@ "Properties": { "additionalProperties": false, "properties": { - "AwsAccountId": { - "markdownDescription": "The AWS account ID.", - "title": "AwsAccountId", + "Description": { + "markdownDescription": "The description of the domain unit.", + "title": "Description", "type": "string" }, - "NetworkInterfaceId": { - "markdownDescription": "The ID of the network interface.", - "title": "NetworkInterfaceId", + "DomainIdentifier": { + "markdownDescription": "The ID of the domain where you want to crate a domain unit.", + "title": "DomainIdentifier", "type": "string" }, - "Permission": { - "markdownDescription": "The type of permission to grant: `INSTANCE-ATTACH` or `EIP-ASSOCIATE` .", - "title": "Permission", + "Name": { + "markdownDescription": "The name of the domain unit.", + "title": "Name", + "type": "string" + }, + "ParentDomainUnitIdentifier": { + "markdownDescription": "The ID of the parent domain unit.", + "title": "ParentDomainUnitIdentifier", "type": "string" } }, "required": [ - "AwsAccountId", - "NetworkInterfaceId", - "Permission" + "DomainIdentifier", + "Name", + "ParentDomainUnitIdentifier" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::NetworkInterfacePermission" + "AWS::DataZone::DomainUnit" ], "type": "string" }, @@ -76011,7 +81935,7 @@ ], "type": "object" }, - "AWS::EC2::NetworkPerformanceMetricSubscription": { + "AWS::DataZone::Environment": { "additionalProperties": false, "properties": { "Condition": { @@ -76046,38 +81970,73 @@ "Properties": { "additionalProperties": false, "properties": { - "Destination": { - "markdownDescription": "The Region or Availability Zone that's the target for the subscription. For example, `eu-west-1` .", - "title": "Destination", + "Description": { + "markdownDescription": "The description of the environment.", + "title": "Description", "type": "string" }, - "Metric": { - "markdownDescription": "The metric used for the subscription.", - "title": "Metric", + "DomainIdentifier": { + "markdownDescription": "The identifier of the Amazon DataZone domain in which the environment is created.", + "title": "DomainIdentifier", "type": "string" }, - "Source": { - "markdownDescription": "The Region or Availability Zone that's the source for the subscription. For example, `us-east-1` .", - "title": "Source", + "EnvironmentAccountIdentifier": { + "markdownDescription": "The identifier of the AWS account in which an environment exists.", + "title": "EnvironmentAccountIdentifier", "type": "string" }, - "Statistic": { - "markdownDescription": "The statistic used for the subscription.", - "title": "Statistic", + "EnvironmentAccountRegion": { + "markdownDescription": "The AWS Region in which an environment exists.", + "title": "EnvironmentAccountRegion", + "type": "string" + }, + "EnvironmentProfileIdentifier": { + "markdownDescription": "The identifier of the environment profile that is used to create this Amazon DataZone environment.", + "title": "EnvironmentProfileIdentifier", + "type": "string" + }, + "EnvironmentRoleArn": { + "markdownDescription": "The ARN of the environment role.", + "title": "EnvironmentRoleArn", + "type": "string" + }, + "GlossaryTerms": { + "items": { + "type": "string" + }, + "markdownDescription": "The glossary terms that can be used in this Amazon DataZone environment.", + "title": "GlossaryTerms", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the Amazon DataZone environment.", + "title": "Name", + "type": "string" + }, + "ProjectIdentifier": { + "markdownDescription": "The identifier of the Amazon DataZone project in which this environment is created.", + "title": "ProjectIdentifier", "type": "string" + }, + "UserParameters": { + "items": { + "$ref": "#/definitions/AWS::DataZone::Environment.EnvironmentParameter" + }, + "markdownDescription": "The user parameters of this Amazon DataZone environment.", + "title": "UserParameters", + "type": "array" } }, "required": [ - "Destination", - "Metric", - "Source", - "Statistic" + "DomainIdentifier", + "Name", + "ProjectIdentifier" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::NetworkPerformanceMetricSubscription" + "AWS::DataZone::Environment" ], "type": "string" }, @@ -76096,7 +82055,23 @@ ], "type": "object" }, - "AWS::EC2::PlacementGroup": { + "AWS::DataZone::Environment.EnvironmentParameter": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the environment parameter.", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the environment parameter.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataZone::EnvironmentActions": { "additionalProperties": false, "properties": { "Condition": { @@ -76131,35 +82106,45 @@ "Properties": { "additionalProperties": false, "properties": { - "PartitionCount": { - "markdownDescription": "The number of partitions. Valid only when *Strategy* is set to `partition` .", - "title": "PartitionCount", - "type": "number" + "Description": { + "markdownDescription": "The environment action description.", + "title": "Description", + "type": "string" }, - "SpreadLevel": { - "markdownDescription": "Determines how placement groups spread instances.\n\n- Host \u2013 You can use `host` only with Outpost placement groups.\n- Rack \u2013 No usage restrictions.", - "title": "SpreadLevel", + "DomainIdentifier": { + "markdownDescription": "The Amazon DataZone domain ID of the environment action.", + "title": "DomainIdentifier", "type": "string" }, - "Strategy": { - "markdownDescription": "The placement strategy.", - "title": "Strategy", + "EnvironmentIdentifier": { + "markdownDescription": "The environment ID of the environment action.", + "title": "EnvironmentIdentifier", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to apply to the new placement group.", - "title": "Tags", - "type": "array" + "Identifier": { + "markdownDescription": "The ID of the environment action.", + "title": "Identifier", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the environment action.", + "title": "Name", + "type": "string" + }, + "Parameters": { + "$ref": "#/definitions/AWS::DataZone::EnvironmentActions.AwsConsoleLinkParameters", + "markdownDescription": "The parameters of the environment action.", + "title": "Parameters" } }, + "required": [ + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::PlacementGroup" + "AWS::DataZone::EnvironmentActions" ], "type": "string" }, @@ -76173,11 +82158,23 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::EC2::PrefixList": { + "AWS::DataZone::EnvironmentActions.AwsConsoleLinkParameters": { + "additionalProperties": false, + "properties": { + "Uri": { + "markdownDescription": "The URI of the console link specified as part of the environment action.", + "title": "Uri", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataZone::EnvironmentBlueprintConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -76212,47 +82209,66 @@ "Properties": { "additionalProperties": false, "properties": { - "AddressFamily": { - "markdownDescription": "The IP address type.\n\nValid Values: `IPv4` | `IPv6`", - "title": "AddressFamily", + "DomainIdentifier": { + "markdownDescription": "The identifier of the Amazon DataZone domain in which an environment blueprint exists.", + "title": "DomainIdentifier", "type": "string" }, - "Entries": { + "EnabledRegions": { "items": { - "$ref": "#/definitions/AWS::EC2::PrefixList.Entry" + "type": "string" }, - "markdownDescription": "The entries for the prefix list.", - "title": "Entries", + "markdownDescription": "The enabled AWS Regions specified in a blueprint configuration.", + "title": "EnabledRegions", "type": "array" }, - "MaxEntries": { - "markdownDescription": "The maximum number of entries for the prefix list. You can't modify the entries and the size of a prefix list at the same time.\n\nThis property is required when you create a prefix list.", - "title": "MaxEntries", - "type": "number" + "EnvironmentBlueprintIdentifier": { + "markdownDescription": "The identifier of the environment blueprint.\n\nIn the current release, only the following values are supported: `DefaultDataLake` and `DefaultDataWarehouse` .", + "title": "EnvironmentBlueprintIdentifier", + "type": "string" }, - "PrefixListName": { - "markdownDescription": "A name for the prefix list.\n\nConstraints: Up to 255 characters in length. The name cannot start with `com.amazonaws` .", - "title": "PrefixListName", + "EnvironmentRolePermissionBoundary": { + "markdownDescription": "The environment role permission boundary.", + "title": "EnvironmentRolePermissionBoundary", "type": "string" }, - "Tags": { + "ManageAccessRoleArn": { + "markdownDescription": "The ARN of the manage access role.", + "title": "ManageAccessRoleArn", + "type": "string" + }, + "ProvisioningConfigurations": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::DataZone::EnvironmentBlueprintConfiguration.ProvisioningConfiguration" }, - "markdownDescription": "The tags for the prefix list.", - "title": "Tags", + "markdownDescription": "The provisioning configuration of a blueprint.", + "title": "ProvisioningConfigurations", + "type": "array" + }, + "ProvisioningRoleArn": { + "markdownDescription": "The ARN of the provisioning role.", + "title": "ProvisioningRoleArn", + "type": "string" + }, + "RegionalParameters": { + "items": { + "$ref": "#/definitions/AWS::DataZone::EnvironmentBlueprintConfiguration.RegionalParameter" + }, + "markdownDescription": "The regional parameters of the environment blueprint.", + "title": "RegionalParameters", "type": "array" } }, "required": [ - "AddressFamily", - "PrefixListName" + "DomainIdentifier", + "EnabledRegions", + "EnvironmentBlueprintIdentifier" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::PrefixList" + "AWS::DataZone::EnvironmentBlueprintConfiguration" ], "type": "string" }, @@ -76271,26 +82287,62 @@ ], "type": "object" }, - "AWS::EC2::PrefixList.Entry": { + "AWS::DataZone::EnvironmentBlueprintConfiguration.LakeFormationConfiguration": { "additionalProperties": false, "properties": { - "Cidr": { - "markdownDescription": "The CIDR block.", - "title": "Cidr", - "type": "string" + "LocationRegistrationExcludeS3Locations": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies certain Amazon S3 locations if you do not want Amazon DataZone to automatically register them in hybrid mode.", + "title": "LocationRegistrationExcludeS3Locations", + "type": "array" }, - "Description": { - "markdownDescription": "A description for the entry.\n\nConstraints: Up to 255 characters in length.", - "title": "Description", + "LocationRegistrationRole": { + "markdownDescription": "The role that is used to manage read/write access to the chosen Amazon S3 bucket(s) for Data Lake using AWS Lake Formation hybrid access mode.", + "title": "LocationRegistrationRole", "type": "string" } }, + "type": "object" + }, + "AWS::DataZone::EnvironmentBlueprintConfiguration.ProvisioningConfiguration": { + "additionalProperties": false, + "properties": { + "LakeFormationConfiguration": { + "$ref": "#/definitions/AWS::DataZone::EnvironmentBlueprintConfiguration.LakeFormationConfiguration", + "markdownDescription": "The Lake Formation configuration of the Data Lake blueprint.", + "title": "LakeFormationConfiguration" + } + }, "required": [ - "Cidr" + "LakeFormationConfiguration" ], "type": "object" }, - "AWS::EC2::Route": { + "AWS::DataZone::EnvironmentBlueprintConfiguration.RegionalParameter": { + "additionalProperties": false, + "properties": { + "Parameters": { + "additionalProperties": true, + "markdownDescription": "A string to string map containing parameters for the region.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Parameters", + "type": "object" + }, + "Region": { + "markdownDescription": "The region specified in the environment parameter.", + "title": "Region", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataZone::EnvironmentProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -76325,90 +82377,157 @@ "Properties": { "additionalProperties": false, "properties": { - "CarrierGatewayId": { - "markdownDescription": "The ID of the carrier gateway.\n\nYou can only use this option when the VPC contains a subnet which is associated with a Wavelength Zone.", - "title": "CarrierGatewayId", - "type": "string" - }, - "CoreNetworkArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the core network.", - "title": "CoreNetworkArn", - "type": "string" - }, - "DestinationCidrBlock": { - "markdownDescription": "The IPv4 CIDR address block used for the destination match. Routing decisions are based on the most specific match. We modify the specified CIDR block to its canonical form; for example, if you specify `100.68.0.18/18` , we modify it to `100.68.0.0/18` .", - "title": "DestinationCidrBlock", - "type": "string" - }, - "DestinationIpv6CidrBlock": { - "markdownDescription": "The IPv6 CIDR block used for the destination match. Routing decisions are based on the most specific match.", - "title": "DestinationIpv6CidrBlock", - "type": "string" - }, - "DestinationPrefixListId": { - "markdownDescription": "The ID of a prefix list used for the destination match.", - "title": "DestinationPrefixListId", + "AwsAccountId": { + "markdownDescription": "The identifier of an AWS account in which an environment profile exists.", + "title": "AwsAccountId", "type": "string" }, - "EgressOnlyInternetGatewayId": { - "markdownDescription": "[IPv6 traffic only] The ID of an egress-only internet gateway.", - "title": "EgressOnlyInternetGatewayId", + "AwsAccountRegion": { + "markdownDescription": "The AWS Region in which an environment profile exists.", + "title": "AwsAccountRegion", "type": "string" }, - "GatewayId": { - "markdownDescription": "The ID of an internet gateway or virtual private gateway attached to your VPC.", - "title": "GatewayId", + "Description": { + "markdownDescription": "The description of the environment profile.", + "title": "Description", "type": "string" }, - "InstanceId": { - "markdownDescription": "The ID of a NAT instance in your VPC. The operation fails if you specify an instance ID unless exactly one network interface is attached.", - "title": "InstanceId", + "DomainIdentifier": { + "markdownDescription": "The identifier of the Amazon DataZone domain in which the environment profile exists.", + "title": "DomainIdentifier", "type": "string" }, - "LocalGatewayId": { - "markdownDescription": "The ID of the local gateway.", - "title": "LocalGatewayId", + "EnvironmentBlueprintIdentifier": { + "markdownDescription": "The identifier of a blueprint with which an environment profile is created.", + "title": "EnvironmentBlueprintIdentifier", "type": "string" }, - "NatGatewayId": { - "markdownDescription": "[IPv4 traffic only] The ID of a NAT gateway.", - "title": "NatGatewayId", + "Name": { + "markdownDescription": "The name of the environment profile.", + "title": "Name", "type": "string" }, - "NetworkInterfaceId": { - "markdownDescription": "The ID of a network interface.", - "title": "NetworkInterfaceId", + "ProjectIdentifier": { + "markdownDescription": "The identifier of a project in which an environment profile exists.", + "title": "ProjectIdentifier", "type": "string" }, - "RouteTableId": { - "markdownDescription": "The ID of the route table for the route.", - "title": "RouteTableId", + "UserParameters": { + "items": { + "$ref": "#/definitions/AWS::DataZone::EnvironmentProfile.EnvironmentParameter" + }, + "markdownDescription": "The user parameters of this Amazon DataZone environment profile.", + "title": "UserParameters", + "type": "array" + } + }, + "required": [ + "AwsAccountId", + "AwsAccountRegion", + "DomainIdentifier", + "EnvironmentBlueprintIdentifier", + "Name", + "ProjectIdentifier" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::DataZone::EnvironmentProfile" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::DataZone::EnvironmentProfile.EnvironmentParameter": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name specified in the environment parameter.", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the environment profile.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataZone::GroupProfile": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, - "TransitGatewayId": { - "markdownDescription": "The ID of a transit gateway.", - "title": "TransitGatewayId", + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DomainIdentifier": { + "markdownDescription": "The identifier of the Amazon DataZone domain in which a group profile exists.", + "title": "DomainIdentifier", "type": "string" }, - "VpcEndpointId": { - "markdownDescription": "The ID of a VPC endpoint. Supported for Gateway Load Balancer endpoints only.", - "title": "VpcEndpointId", + "GroupIdentifier": { + "markdownDescription": "The ID of the group of a project member.", + "title": "GroupIdentifier", "type": "string" }, - "VpcPeeringConnectionId": { - "markdownDescription": "The ID of a VPC peering connection.", - "title": "VpcPeeringConnectionId", + "Status": { + "markdownDescription": "The status of a group profile.", + "title": "Status", "type": "string" } }, "required": [ - "RouteTableId" + "DomainIdentifier", + "GroupIdentifier" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::Route" + "AWS::DataZone::GroupProfile" ], "type": "string" }, @@ -76427,7 +82546,7 @@ ], "type": "object" }, - "AWS::EC2::RouteTable": { + "AWS::DataZone::Owner": { "additionalProperties": false, "properties": { "Condition": { @@ -76462,28 +82581,38 @@ "Properties": { "additionalProperties": false, "properties": { - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Any tags assigned to the route table.", - "title": "Tags", - "type": "array" + "DomainIdentifier": { + "markdownDescription": "The ID of the domain in which you want to add the entity owner.", + "title": "DomainIdentifier", + "type": "string" }, - "VpcId": { - "markdownDescription": "The ID of the VPC.", - "title": "VpcId", + "EntityIdentifier": { + "markdownDescription": "The ID of the entity to which you want to add an owner.", + "title": "EntityIdentifier", + "type": "string" + }, + "EntityType": { + "markdownDescription": "The type of an entity.", + "title": "EntityType", "type": "string" + }, + "Owner": { + "$ref": "#/definitions/AWS::DataZone::Owner.OwnerProperties", + "markdownDescription": "The owner that you want to add to the entity.", + "title": "Owner" } }, "required": [ - "VpcId" + "DomainIdentifier", + "EntityIdentifier", + "EntityType", + "Owner" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::RouteTable" + "AWS::DataZone::Owner" ], "type": "string" }, @@ -76502,7 +82631,45 @@ ], "type": "object" }, - "AWS::EC2::SecurityGroup": { + "AWS::DataZone::Owner.OwnerGroupProperties": { + "additionalProperties": false, + "properties": { + "GroupIdentifier": { + "markdownDescription": "The ID of the domain unit owners group.", + "title": "GroupIdentifier", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataZone::Owner.OwnerProperties": { + "additionalProperties": false, + "properties": { + "Group": { + "$ref": "#/definitions/AWS::DataZone::Owner.OwnerGroupProperties", + "markdownDescription": "Specifies that the domain unit owner is a group.", + "title": "Group" + }, + "User": { + "$ref": "#/definitions/AWS::DataZone::Owner.OwnerUserProperties", + "markdownDescription": "Specifies that the domain unit owner is a user.", + "title": "User" + } + }, + "type": "object" + }, + "AWS::DataZone::Owner.OwnerUserProperties": { + "additionalProperties": false, + "properties": { + "UserIdentifier": { + "markdownDescription": "The ID of the owner user.", + "title": "UserIdentifier", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataZone::Project": { "additionalProperties": false, "properties": { "Condition": { @@ -76537,54 +82704,187 @@ "Properties": { "additionalProperties": false, "properties": { - "GroupDescription": { - "markdownDescription": "A description for the security group.\n\nConstraints: Up to 255 characters in length\n\nValid characters: a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*", - "title": "GroupDescription", + "Description": { + "markdownDescription": "The description of a project.", + "title": "Description", "type": "string" }, - "GroupName": { - "markdownDescription": "The name of the security group. Names are case-insensitive and must be unique within the VPC.\n\nConstraints: Up to 255 characters in length. Can't start with `sg-` .\n\nValid characters: a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*", - "title": "GroupName", + "DomainIdentifier": { + "markdownDescription": "The identifier of a Amazon DataZone domain where the project exists.", + "title": "DomainIdentifier", "type": "string" }, - "SecurityGroupEgress": { + "DomainUnitId": { + "markdownDescription": "The ID of the domain unit. This parameter is not required and if it is not specified, then the project is created at the root domain unit level.", + "title": "DomainUnitId", + "type": "string" + }, + "GlossaryTerms": { "items": { - "$ref": "#/definitions/AWS::EC2::SecurityGroup.Egress" + "type": "string" }, - "markdownDescription": "The outbound rules associated with the security group.", - "title": "SecurityGroupEgress", + "markdownDescription": "The glossary terms that can be used in this Amazon DataZone project.", + "title": "GlossaryTerms", "type": "array" }, - "SecurityGroupIngress": { + "Name": { + "markdownDescription": "The name of a project.", + "title": "Name", + "type": "string" + }, + "ProjectProfileId": { + "markdownDescription": "The ID of the project profile.", + "title": "ProjectProfileId", + "type": "string" + }, + "ProjectProfileVersion": { + "markdownDescription": "The project profile version to which the project should be updated. You can only specify the following string for this parameter: `latest` .", + "title": "ProjectProfileVersion", + "type": "string" + }, + "UserParameters": { "items": { - "$ref": "#/definitions/AWS::EC2::SecurityGroup.Ingress" + "$ref": "#/definitions/AWS::DataZone::Project.EnvironmentConfigurationUserParameter" }, - "markdownDescription": "The inbound rules associated with the security group.", - "title": "SecurityGroupIngress", + "markdownDescription": "The user parameters of the project.", + "title": "UserParameters", "type": "array" + } + }, + "required": [ + "DomainIdentifier", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::DataZone::Project" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::DataZone::Project.EnvironmentConfigurationUserParameter": { + "additionalProperties": false, + "properties": { + "EnvironmentConfigurationName": { + "markdownDescription": "The environment configuration name.", + "title": "EnvironmentConfigurationName", + "type": "string" + }, + "EnvironmentId": { + "markdownDescription": "The ID of the environment.", + "title": "EnvironmentId", + "type": "string" + }, + "EnvironmentParameters": { + "items": { + "$ref": "#/definitions/AWS::DataZone::Project.EnvironmentParameter" + }, + "markdownDescription": "The environment parameters.", + "title": "EnvironmentParameters", + "type": "array" + } + }, + "type": "object" + }, + "AWS::DataZone::Project.EnvironmentParameter": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of an environment profile parameter.", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of an environment profile parameter.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataZone::ProjectMembership": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" }, - "Tags": { + { "items": { - "$ref": "#/definitions/Tag" + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" }, - "markdownDescription": "Any tags assigned to the security group.", - "title": "Tags", "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Designation": { + "markdownDescription": "The designated role of a project member.", + "title": "Designation", + "type": "string" }, - "VpcId": { - "markdownDescription": "The ID of the VPC for the security group. If you do not specify a VPC, the default is to use the default VPC for the Region. If there's no specified VPC and no default VPC, security group creation fails.", - "title": "VpcId", + "DomainIdentifier": { + "markdownDescription": "The ID of the Amazon DataZone domain in which project membership is created.", + "title": "DomainIdentifier", + "type": "string" + }, + "Member": { + "$ref": "#/definitions/AWS::DataZone::ProjectMembership.Member", + "markdownDescription": "The details about a project member.", + "title": "Member" + }, + "ProjectIdentifier": { + "markdownDescription": "The ID of the project for which this project membership was created.", + "title": "ProjectIdentifier", "type": "string" } }, "required": [ - "GroupDescription" + "Designation", + "DomainIdentifier", + "Member", + "ProjectIdentifier" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::SecurityGroup" + "AWS::DataZone::ProjectMembership" ], "type": "string" }, @@ -76603,115 +82903,250 @@ ], "type": "object" }, - "AWS::EC2::SecurityGroup.Egress": { + "AWS::DataZone::ProjectMembership.Member": { "additionalProperties": false, "properties": { - "CidrIp": { - "markdownDescription": "The IPv4 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", - "title": "CidrIp", + "GroupIdentifier": { + "markdownDescription": "The ID of the group of a project member.", + "title": "GroupIdentifier", "type": "string" }, - "CidrIpv6": { - "markdownDescription": "The IPv6 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", - "title": "CidrIpv6", + "UserIdentifier": { + "markdownDescription": "The user ID of a project member.", + "title": "UserIdentifier", "type": "string" - }, - "Description": { - "markdownDescription": "A description for the security group rule.\n\nConstraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*", - "title": "Description", + } + }, + "type": "object" + }, + "AWS::DataZone::ProjectProfile": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "DestinationPrefixListId": { - "markdownDescription": "The prefix list IDs for the destination AWS service. This is the AWS service that you want to access through a VPC endpoint from instances associated with the security group.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .", - "title": "DestinationPrefixListId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "DestinationSecurityGroupId": { - "markdownDescription": "The ID of the destination VPC security group.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .", - "title": "DestinationSecurityGroupId", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "FromPort": { - "markdownDescription": "If the protocol is TCP or UDP, this is the start of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP type or -1 (all ICMP types).", - "title": "FromPort", - "type": "number" + "Metadata": { + "type": "object" }, - "IpProtocol": { - "markdownDescription": "The IP protocol name ( `tcp` , `udp` , `icmp` , `icmpv6` ) or number (see [Protocol Numbers](https://docs.aws.amazon.com/http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) ).\n\nUse `-1` to specify all protocols. When authorizing security group rules, specifying `-1` or a protocol number other than `tcp` , `udp` , `icmp` , or `icmpv6` allows traffic on all ports, regardless of any port range you specify. For `tcp` , `udp` , and `icmp` , you must specify a port range. For `icmpv6` , the port range is optional; if you omit the port range, traffic for all types and codes is allowed.", - "title": "IpProtocol", + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the project profile.", + "title": "Description", + "type": "string" + }, + "DomainIdentifier": { + "markdownDescription": "A domain ID of the project profile.", + "title": "DomainIdentifier", + "type": "string" + }, + "DomainUnitIdentifier": { + "markdownDescription": "A domain unit ID of the project profile.", + "title": "DomainUnitIdentifier", + "type": "string" + }, + "EnvironmentConfigurations": { + "items": { + "$ref": "#/definitions/AWS::DataZone::ProjectProfile.EnvironmentConfiguration" + }, + "markdownDescription": "Environment configurations of a project profile.", + "title": "EnvironmentConfigurations", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of a project profile.", + "title": "Name", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of a project profile.", + "title": "Status", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::DataZone::ProjectProfile" + ], "type": "string" }, - "ToPort": { - "markdownDescription": "If the protocol is TCP or UDP, this is the end of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP code or -1 (all ICMP codes). If the start port is -1 (all ICMP types), then the end port must be -1 (all ICMP codes).", - "title": "ToPort", - "type": "number" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "IpProtocol" + "Type", + "Properties" ], "type": "object" }, - "AWS::EC2::SecurityGroup.Ingress": { + "AWS::DataZone::ProjectProfile.AwsAccount": { "additionalProperties": false, "properties": { - "CidrIp": { - "markdownDescription": "The IPv4 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `SourcePrefixListId` , or `SourceSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", - "title": "CidrIp", + "AwsAccountId": { + "markdownDescription": "The account ID of a project.", + "title": "AwsAccountId", "type": "string" + } + }, + "required": [ + "AwsAccountId" + ], + "type": "object" + }, + "AWS::DataZone::ProjectProfile.EnvironmentConfiguration": { + "additionalProperties": false, + "properties": { + "AwsAccount": { + "$ref": "#/definitions/AWS::DataZone::ProjectProfile.AwsAccount", + "markdownDescription": "The AWS account of the environment.", + "title": "AwsAccount" }, - "CidrIpv6": { - "markdownDescription": "The IPv6 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `SourcePrefixListId` , or `SourceSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", - "title": "CidrIpv6", + "AwsRegion": { + "$ref": "#/definitions/AWS::DataZone::ProjectProfile.Region", + "markdownDescription": "The AWS Region of the environment.", + "title": "AwsRegion" + }, + "ConfigurationParameters": { + "$ref": "#/definitions/AWS::DataZone::ProjectProfile.EnvironmentConfigurationParametersDetails", + "markdownDescription": "The configuration parameters of the environment.", + "title": "ConfigurationParameters" + }, + "DeploymentMode": { + "markdownDescription": "The deployment mode of the environment.", + "title": "DeploymentMode", "type": "string" }, + "DeploymentOrder": { + "markdownDescription": "The deployment order of the environment.", + "title": "DeploymentOrder", + "type": "number" + }, "Description": { - "markdownDescription": "Updates the description of an ingress (inbound) security group rule. You can replace an existing description, or add a description to a rule that did not have one previously.\n\nConstraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*", + "markdownDescription": "The environment description.", "title": "Description", "type": "string" }, - "FromPort": { - "markdownDescription": "If the protocol is TCP or UDP, this is the start of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP type or -1 (all ICMP types).", - "title": "FromPort", - "type": "number" - }, - "IpProtocol": { - "markdownDescription": "The IP protocol name ( `tcp` , `udp` , `icmp` , `icmpv6` ) or number (see [Protocol Numbers](https://docs.aws.amazon.com/http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) ).\n\nUse `-1` to specify all protocols. When authorizing security group rules, specifying `-1` or a protocol number other than `tcp` , `udp` , `icmp` , or `icmpv6` allows traffic on all ports, regardless of any port range you specify. For `tcp` , `udp` , and `icmp` , you must specify a port range. For `icmpv6` , the port range is optional; if you omit the port range, traffic for all types and codes is allowed.", - "title": "IpProtocol", + "EnvironmentBlueprintId": { + "markdownDescription": "The environment blueprint ID.", + "title": "EnvironmentBlueprintId", "type": "string" }, - "SourcePrefixListId": { - "markdownDescription": "The ID of a prefix list.", - "title": "SourcePrefixListId", + "Id": { + "markdownDescription": "The environment ID.", + "title": "Id", "type": "string" }, - "SourceSecurityGroupId": { - "markdownDescription": "The ID of the security group.", - "title": "SourceSecurityGroupId", + "Name": { + "markdownDescription": "The environment name.", + "title": "Name", "type": "string" + } + }, + "required": [ + "AwsRegion", + "EnvironmentBlueprintId", + "Name" + ], + "type": "object" + }, + "AWS::DataZone::ProjectProfile.EnvironmentConfigurationParameter": { + "additionalProperties": false, + "properties": { + "IsEditable": { + "markdownDescription": "Specifies whether the environment parameter is editable.", + "title": "IsEditable", + "type": "boolean" }, - "SourceSecurityGroupName": { - "markdownDescription": "[Default VPC] The name of the source security group. You must specify either the security group ID or the security group name. You can't specify the group name in combination with an IP address range. Creates rules that grant full ICMP, UDP, and TCP access.\n\nFor security groups in a nondefault VPC, you must specify the group ID.", - "title": "SourceSecurityGroupName", + "Name": { + "markdownDescription": "The name of the environment configuration parameter.", + "title": "Name", "type": "string" }, - "SourceSecurityGroupOwnerId": { - "markdownDescription": "[nondefault VPC] The AWS account ID for the source security group, if the source security group is in a different account. You can't specify this property with an IP address range. Creates rules that grant full ICMP, UDP, and TCP access.\n\nIf you specify `SourceSecurityGroupName` or `SourceSecurityGroupId` and that security group is owned by a different account than the account creating the stack, you must specify the `SourceSecurityGroupOwnerId` ; otherwise, this property is optional.", - "title": "SourceSecurityGroupOwnerId", + "Value": { + "markdownDescription": "The value of the environment configuration parameter.", + "title": "Value", "type": "string" + } + }, + "type": "object" + }, + "AWS::DataZone::ProjectProfile.EnvironmentConfigurationParametersDetails": { + "additionalProperties": false, + "properties": { + "ParameterOverrides": { + "items": { + "$ref": "#/definitions/AWS::DataZone::ProjectProfile.EnvironmentConfigurationParameter" + }, + "markdownDescription": "The parameter overrides.", + "title": "ParameterOverrides", + "type": "array" }, - "ToPort": { - "markdownDescription": "If the protocol is TCP or UDP, this is the end of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP code or -1 (all ICMP codes). If the start port is -1 (all ICMP types), then the end port must be -1 (all ICMP codes).", - "title": "ToPort", - "type": "number" + "ResolvedParameters": { + "items": { + "$ref": "#/definitions/AWS::DataZone::ProjectProfile.EnvironmentConfigurationParameter" + }, + "markdownDescription": "The resolved environment configuration parameters.", + "title": "ResolvedParameters", + "type": "array" + }, + "SsmPath": { + "markdownDescription": "Ssm path environment configuration parameters.", + "title": "SsmPath", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataZone::ProjectProfile.Region": { + "additionalProperties": false, + "properties": { + "RegionName": { + "markdownDescription": "The AWS Region name.", + "title": "RegionName", + "type": "string" } }, "required": [ - "IpProtocol" + "RegionName" ], "type": "object" }, - "AWS::EC2::SecurityGroupEgress": { + "AWS::DataZone::SubscriptionTarget": { "additionalProperties": false, "properties": { "Condition": { @@ -76746,61 +83181,75 @@ "Properties": { "additionalProperties": false, "properties": { - "CidrIp": { - "markdownDescription": "The IPv4 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", - "title": "CidrIp", - "type": "string" + "ApplicableAssetTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The asset types included in the subscription target.", + "title": "ApplicableAssetTypes", + "type": "array" }, - "CidrIpv6": { - "markdownDescription": "The IPv6 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", - "title": "CidrIpv6", - "type": "string" + "AuthorizedPrincipals": { + "items": { + "type": "string" + }, + "markdownDescription": "The authorized principals included in the subscription target.", + "title": "AuthorizedPrincipals", + "type": "array" }, - "Description": { - "markdownDescription": "The description of an egress (outbound) security group rule.\n\nConstraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*", - "title": "Description", + "DomainIdentifier": { + "markdownDescription": "The ID of the Amazon DataZone domain in which subscription target is created.", + "title": "DomainIdentifier", "type": "string" }, - "DestinationPrefixListId": { - "markdownDescription": "The prefix list IDs for an AWS service. This is the AWS service to access through a VPC endpoint from instances associated with the security group.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .", - "title": "DestinationPrefixListId", + "EnvironmentIdentifier": { + "markdownDescription": "The ID of the environment in which subscription target is created.", + "title": "EnvironmentIdentifier", "type": "string" }, - "DestinationSecurityGroupId": { - "markdownDescription": "The ID of the security group.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .", - "title": "DestinationSecurityGroupId", + "ManageAccessRole": { + "markdownDescription": "The manage access role that is used to create the subscription target.", + "title": "ManageAccessRole", "type": "string" }, - "FromPort": { - "markdownDescription": "If the protocol is TCP or UDP, this is the start of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP type or -1 (all ICMP types).", - "title": "FromPort", - "type": "number" - }, - "GroupId": { - "markdownDescription": "The ID of the security group. You must specify either the security group ID or the security group name in the request. For security groups in a nondefault VPC, you must specify the security group ID.", - "title": "GroupId", + "Name": { + "markdownDescription": "The name of the subscription target.", + "title": "Name", "type": "string" }, - "IpProtocol": { - "markdownDescription": "The IP protocol name ( `tcp` , `udp` , `icmp` , `icmpv6` ) or number (see [Protocol Numbers](https://docs.aws.amazon.com/http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) ).\n\nUse `-1` to specify all protocols. When authorizing security group rules, specifying `-1` or a protocol number other than `tcp` , `udp` , `icmp` , or `icmpv6` allows traffic on all ports, regardless of any port range you specify. For `tcp` , `udp` , and `icmp` , you must specify a port range. For `icmpv6` , the port range is optional; if you omit the port range, traffic for all types and codes is allowed.", - "title": "IpProtocol", + "Provider": { + "markdownDescription": "The provider of the subscription target.", + "title": "Provider", "type": "string" }, - "ToPort": { - "markdownDescription": "If the protocol is TCP or UDP, this is the end of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP code or -1 (all ICMP codes). If the start port is -1 (all ICMP types), then the end port must be -1 (all ICMP codes).", - "title": "ToPort", - "type": "number" + "SubscriptionTargetConfig": { + "items": { + "$ref": "#/definitions/AWS::DataZone::SubscriptionTarget.SubscriptionTargetForm" + }, + "markdownDescription": "The configuration of the subscription target.", + "title": "SubscriptionTargetConfig", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of the subscription target.", + "title": "Type", + "type": "string" } }, "required": [ - "GroupId", - "IpProtocol" + "ApplicableAssetTypes", + "AuthorizedPrincipals", + "DomainIdentifier", + "EnvironmentIdentifier", + "Name", + "SubscriptionTargetConfig", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::SecurityGroupEgress" + "AWS::DataZone::SubscriptionTarget" ], "type": "string" }, @@ -76819,7 +83268,27 @@ ], "type": "object" }, - "AWS::EC2::SecurityGroupIngress": { + "AWS::DataZone::SubscriptionTarget.SubscriptionTargetForm": { + "additionalProperties": false, + "properties": { + "Content": { + "markdownDescription": "The content of the subscription target configuration.", + "title": "Content", + "type": "string" + }, + "FormName": { + "markdownDescription": "The form name included in the subscription target configuration.", + "title": "FormName", + "type": "string" + } + }, + "required": [ + "Content", + "FormName" + ], + "type": "object" + }, + "AWS::DataZone::UserProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -76854,75 +83323,36 @@ "Properties": { "additionalProperties": false, "properties": { - "CidrIp": { - "markdownDescription": "The IPv4 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `SourcePrefixListId` , or `SourceSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", - "title": "CidrIp", - "type": "string" - }, - "CidrIpv6": { - "markdownDescription": "The IPv6 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `SourcePrefixListId` , or `SourceSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", - "title": "CidrIpv6", - "type": "string" - }, - "Description": { - "markdownDescription": "Updates the description of an ingress (inbound) security group rule. You can replace an existing description, or add a description to a rule that did not have one previously.\n\nConstraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*", - "title": "Description", - "type": "string" - }, - "FromPort": { - "markdownDescription": "The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type number. A value of `-1` indicates all ICMP/ICMPv6 types. If you specify all ICMP/ICMPv6 types, you must specify all codes.\n\nUse this for ICMP and any protocol that uses ports.", - "title": "FromPort", - "type": "number" - }, - "GroupId": { - "markdownDescription": "The ID of the security group.", - "title": "GroupId", - "type": "string" - }, - "GroupName": { - "markdownDescription": "[Default VPC] The name of the security group. For security groups for a default VPC you can specify either the ID or the name of the security group. For security groups for a nondefault VPC, you must specify the ID of the security group.", - "title": "GroupName", - "type": "string" - }, - "IpProtocol": { - "markdownDescription": "The IP protocol name ( `tcp` , `udp` , `icmp` , `icmpv6` ) or number (see [Protocol Numbers](https://docs.aws.amazon.com/http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) ).\n\nUse `-1` to specify all protocols. When authorizing security group rules, specifying `-1` or a protocol number other than `tcp` , `udp` , `icmp` , or `icmpv6` allows traffic on all ports, regardless of any port range you specify. For `tcp` , `udp` , and `icmp` , you must specify a port range. For `icmpv6` , the port range is optional; if you omit the port range, traffic for all types and codes is allowed.", - "title": "IpProtocol", - "type": "string" - }, - "SourcePrefixListId": { - "markdownDescription": "The ID of a prefix list.", - "title": "SourcePrefixListId", + "DomainIdentifier": { + "markdownDescription": "The identifier of a Amazon DataZone domain in which a user profile exists.", + "title": "DomainIdentifier", "type": "string" }, - "SourceSecurityGroupId": { - "markdownDescription": "The ID of the security group. You must specify either the security group ID or the security group name. For security groups in a nondefault VPC, you must specify the security group ID.", - "title": "SourceSecurityGroupId", + "Status": { + "markdownDescription": "The status of the user profile.", + "title": "Status", "type": "string" }, - "SourceSecurityGroupName": { - "markdownDescription": "[Default VPC] The name of the source security group. You must specify either the security group ID or the security group name. You can't specify the group name in combination with an IP address range. Creates rules that grant full ICMP, UDP, and TCP access.\n\nFor security groups in a nondefault VPC, you must specify the group ID.", - "title": "SourceSecurityGroupName", + "UserIdentifier": { + "markdownDescription": "The identifier of the user for which the user profile is created.", + "title": "UserIdentifier", "type": "string" }, - "SourceSecurityGroupOwnerId": { - "markdownDescription": "[nondefault VPC] The AWS account ID for the source security group, if the source security group is in a different account. You can't specify this property with an IP address range. Creates rules that grant full ICMP, UDP, and TCP access.\n\nIf you specify `SourceSecurityGroupName` or `SourceSecurityGroupId` and that security group is owned by a different account than the account creating the stack, you must specify `SourceSecurityGroupOwnerId` ; otherwise, this property is optional.", - "title": "SourceSecurityGroupOwnerId", + "UserType": { + "markdownDescription": "The user type of the user for which the user profile is created.", + "title": "UserType", "type": "string" - }, - "ToPort": { - "markdownDescription": "The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code. A value of `-1` indicates all ICMP/ICMPv6 codes for the specified ICMP type. If you specify all ICMP/ICMPv6 types, you must specify all codes.\n\nUse this for ICMP and any protocol that uses ports.", - "title": "ToPort", - "type": "number" } }, "required": [ - "IpProtocol" + "DomainIdentifier", + "UserIdentifier" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::SecurityGroupIngress" + "AWS::DataZone::UserProfile" ], "type": "string" }, @@ -76941,7 +83371,55 @@ ], "type": "object" }, - "AWS::EC2::SnapshotBlockPublicAccess": { + "AWS::DataZone::UserProfile.IamUserProfileDetails": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The ARN of an IAM user profile in Amazon DataZone.", + "title": "Arn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataZone::UserProfile.SsoUserProfileDetails": { + "additionalProperties": false, + "properties": { + "FirstName": { + "markdownDescription": "The first name included in the single sign-on details of the user profile.", + "title": "FirstName", + "type": "string" + }, + "LastName": { + "markdownDescription": "The last name included in the single sign-on details of the user profile.", + "title": "LastName", + "type": "string" + }, + "Username": { + "markdownDescription": "The username included in the single sign-on details of the user profile.", + "title": "Username", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataZone::UserProfile.UserProfileDetails": { + "additionalProperties": false, + "properties": { + "Iam": { + "$ref": "#/definitions/AWS::DataZone::UserProfile.IamUserProfileDetails", + "markdownDescription": "The IAM details included in the user profile details.", + "title": "Iam" + }, + "Sso": { + "$ref": "#/definitions/AWS::DataZone::UserProfile.SsoUserProfileDetails", + "markdownDescription": "The single sign-on details included in the user profile details.", + "title": "Sso" + } + }, + "type": "object" + }, + "AWS::Deadline::Farm": { "additionalProperties": false, "properties": { "Condition": { @@ -76976,20 +83454,38 @@ "Properties": { "additionalProperties": false, "properties": { - "State": { - "markdownDescription": "The mode in which to enable block public access for snapshots for the Region. Specify one of the following values:\n\n- `block-all-sharing` - Prevents all public sharing of snapshots in the Region. Users in the account will no longer be able to request new public sharing. Additionally, snapshots that are already publicly shared are treated as private and they are no longer publicly available.\n\n> If you enable block public access for snapshots in `block-all-sharing` mode, it does not change the permissions for snapshots that are already publicly shared. Instead, it prevents these snapshots from be publicly visible and publicly accessible. Therefore, the attributes for these snapshots still indicate that they are publicly shared, even though they are not publicly available.\n- `block-new-sharing` - Prevents only new public sharing of snapshots in the Region. Users in the account will no longer be able to request new public sharing. However, snapshots that are already publicly shared, remain publicly available.", - "title": "State", + "Description": { + "markdownDescription": "A description of the farm that helps identify what the farm is used for.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", + "title": "Description", + "type": "string" + }, + "DisplayName": { + "markdownDescription": "The display name of the farm.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", + "title": "DisplayName", + "type": "string" + }, + "KmsKeyArn": { + "markdownDescription": "The ARN for the KMS key.", + "title": "KmsKeyArn", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to add to your farm. Each tag consists of a tag key and a tag value. Tag keys and values are both required, but tag values can be empty strings.", + "title": "Tags", + "type": "array" } }, "required": [ - "State" + "DisplayName" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::SnapshotBlockPublicAccess" + "AWS::Deadline::Farm" ], "type": "string" }, @@ -77008,7 +83504,7 @@ ], "type": "object" }, - "AWS::EC2::SpotFleet": { + "AWS::Deadline::Fleet": { "additionalProperties": false, "properties": { "Condition": { @@ -77043,20 +83539,67 @@ "Properties": { "additionalProperties": false, "properties": { - "SpotFleetRequestConfigData": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotFleetRequestConfigData", - "markdownDescription": "Describes the configuration of a Spot Fleet request.", - "title": "SpotFleetRequestConfigData" + "Configuration": { + "$ref": "#/definitions/AWS::Deadline::Fleet.FleetConfiguration", + "markdownDescription": "The configuration details for the fleet.", + "title": "Configuration" + }, + "Description": { + "markdownDescription": "A description that helps identify what the fleet is used for.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", + "title": "Description", + "type": "string" + }, + "DisplayName": { + "markdownDescription": "The display name of the fleet summary to update.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", + "title": "DisplayName", + "type": "string" + }, + "FarmId": { + "markdownDescription": "The farm ID.", + "title": "FarmId", + "type": "string" + }, + "HostConfiguration": { + "$ref": "#/definitions/AWS::Deadline::Fleet.HostConfiguration", + "markdownDescription": "Provides a script that runs as a worker is starting up that you can use to provide additional configuration for workers in your fleet.\n\nTo remove a script from a fleet, use the [UpdateFleet](https://docs.aws.amazon.com/deadline-cloud/latest/APIReference/API_UpdateFleet.html) operation with the `hostConfiguration` `scriptBody` parameter set to an empty string (\"\").", + "title": "HostConfiguration" + }, + "MaxWorkerCount": { + "markdownDescription": "The maximum number of workers specified in the fleet.", + "title": "MaxWorkerCount", + "type": "number" + }, + "MinWorkerCount": { + "markdownDescription": "The minimum number of workers in the fleet.", + "title": "MinWorkerCount", + "type": "number" + }, + "RoleArn": { + "markdownDescription": "The IAM role that workers in the fleet use when processing jobs.", + "title": "RoleArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to add to your fleet. Each tag consists of a tag key and a tag value. Tag keys and values are both required, but tag values can be empty strings.", + "title": "Tags", + "type": "array" } }, "required": [ - "SpotFleetRequestConfigData" + "Configuration", + "DisplayName", + "FarmId", + "MaxWorkerCount", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::SpotFleet" + "AWS::Deadline::Fleet" ], "type": "string" }, @@ -77075,979 +83618,459 @@ ], "type": "object" }, - "AWS::EC2::SpotFleet.AcceleratorCountRequest": { + "AWS::Deadline::Fleet.AcceleratorCapabilities": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum number of accelerators. To specify no maximum limit, omit this parameter. To exclude accelerator-enabled instance types, set `Max` to `0` .", - "title": "Max", - "type": "number" + "Count": { + "$ref": "#/definitions/AWS::Deadline::Fleet.AcceleratorCountRange", + "markdownDescription": "The number of GPU accelerators specified for worker hosts in this fleet.", + "title": "Count" }, - "Min": { - "markdownDescription": "The minimum number of accelerators. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" + "Selections": { + "items": { + "$ref": "#/definitions/AWS::Deadline::Fleet.AcceleratorSelection" + }, + "markdownDescription": "A list of accelerator capabilities requested for this fleet. Only Amazon Elastic Compute Cloud instances that provide these capabilities will be used. For example, if you specify both L4 and T4 chips, Deadline Cloud will use Amazon EC2 instances that have either the L4 or the T4 chip installed.", + "title": "Selections", + "type": "array" } }, + "required": [ + "Selections" + ], "type": "object" }, - "AWS::EC2::SpotFleet.AcceleratorTotalMemoryMiBRequest": { + "AWS::Deadline::Fleet.AcceleratorCountRange": { "additionalProperties": false, "properties": { "Max": { - "markdownDescription": "The maximum amount of accelerator memory, in MiB. To specify no maximum limit, omit this parameter.", + "markdownDescription": "The maximum number of GPU accelerators in the worker host.", "title": "Max", "type": "number" }, "Min": { - "markdownDescription": "The minimum amount of accelerator memory, in MiB. To specify no minimum limit, omit this parameter.", + "markdownDescription": "The minimum number of GPU accelerators in the worker host.", "title": "Min", "type": "number" } }, + "required": [ + "Min" + ], "type": "object" }, - "AWS::EC2::SpotFleet.BaselineEbsBandwidthMbpsRequest": { + "AWS::Deadline::Fleet.AcceleratorSelection": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the chip used by the GPU accelerator.\n\nIf you specify `l4` as the name of the accelerator, you must specify `latest` or `grid:r570` as the runtime.\n\nThe available GPU accelerators are:\n\n- `t4` - NVIDIA T4 Tensor Core GPU\n- `a10g` - NVIDIA A10G Tensor Core GPU\n- `l4` - NVIDIA L4 Tensor Core GPU\n- `l40s` - NVIDIA L40S Tensor Core GPU", + "title": "Name", + "type": "string" + }, + "Runtime": { + "markdownDescription": "Specifies the runtime driver to use for the GPU accelerator. You must use the same runtime for all GPUs.\n\nYou can choose from the following runtimes:\n\n- `latest` - Use the latest runtime available for the chip. If you specify `latest` and a new version of the runtime is released, the new version of the runtime is used.\n- `grid:r570` - [NVIDIA vGPU software 18](https://docs.aws.amazon.com/https://docs.nvidia.com/vgpu/18.0/index.html)\n- `grid:r535` - [NVIDIA vGPU software 16](https://docs.aws.amazon.com/https://docs.nvidia.com/vgpu/16.0/index.html)\n\nIf you don't specify a runtime, Deadline Cloud uses `latest` as the default. However, if you have multiple accelerators and specify `latest` for some and leave others blank, Deadline Cloud raises an exception.", + "title": "Runtime", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::Deadline::Fleet.AcceleratorTotalMemoryMiBRange": { "additionalProperties": false, "properties": { "Max": { - "markdownDescription": "The maximum baseline bandwidth, in Mbps. To specify no maximum limit, omit this parameter.", + "markdownDescription": "The maximum amount of memory to use for the accelerator, measured in MiB.", "title": "Max", "type": "number" }, "Min": { - "markdownDescription": "The minimum baseline bandwidth, in Mbps. To specify no minimum limit, omit this parameter.", + "markdownDescription": "The minimum amount of memory to use for the accelerator, measured in MiB.", "title": "Min", "type": "number" } }, + "required": [ + "Min" + ], "type": "object" }, - "AWS::EC2::SpotFleet.BlockDeviceMapping": { + "AWS::Deadline::Fleet.CustomerManagedFleetConfiguration": { "additionalProperties": false, "properties": { - "DeviceName": { - "markdownDescription": "The device name (for example, `/dev/sdh` or `xvdh` ).", - "title": "DeviceName", + "Mode": { + "markdownDescription": "The AWS Auto Scaling mode for the customer managed fleet configuration.", + "title": "Mode", "type": "string" }, - "Ebs": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.EbsBlockDevice", - "markdownDescription": "Parameters used to automatically set up EBS volumes when the instance is launched.", - "title": "Ebs" - }, - "NoDevice": { - "markdownDescription": "To omit the device from the block device mapping, specify an empty string. When this property is specified, the device is removed from the block device mapping regardless of the assigned value.", - "title": "NoDevice", + "StorageProfileId": { + "markdownDescription": "The storage profile ID.", + "title": "StorageProfileId", "type": "string" }, - "VirtualName": { - "markdownDescription": "The virtual device name ( `ephemeral` N). Instance store volumes are numbered starting from 0. An instance type with 2 available instance store volumes can specify mappings for `ephemeral0` and `ephemeral1` . The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume.\n\nNVMe instance store volumes are automatically enumerated and assigned a device name. Including them in your block device mapping has no effect.\n\nConstraints: For M3 instances, you must specify instance store volumes in the block device mapping for the instance. When you launch an M3 instance, we ignore any instance store volumes specified in the block device mapping for the AMI.", - "title": "VirtualName", - "type": "string" - } - }, - "required": [ - "DeviceName" - ], - "type": "object" - }, - "AWS::EC2::SpotFleet.ClassicLoadBalancer": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the load balancer.", - "title": "Name", + "TagPropagationMode": { + "markdownDescription": "Specifies whether tags associated with a fleet are attached to workers when the worker is launched.\n\nWhen the `tagPropagationMode` is set to `PROPAGATE_TAGS_TO_WORKERS_AT_LAUNCH` any tag associated with a fleet is attached to workers when they launch. If the tags for a fleet change, the tags associated with running workers *do not* change.\n\nIf you don't specify `tagPropagationMode` , the default is `NO_PROPAGATION` .", + "title": "TagPropagationMode", "type": "string" + }, + "WorkerCapabilities": { + "$ref": "#/definitions/AWS::Deadline::Fleet.CustomerManagedWorkerCapabilities", + "markdownDescription": "The worker capabilities for a customer managed fleet configuration.", + "title": "WorkerCapabilities" } }, "required": [ - "Name" + "Mode", + "WorkerCapabilities" ], "type": "object" }, - "AWS::EC2::SpotFleet.ClassicLoadBalancersConfig": { + "AWS::Deadline::Fleet.CustomerManagedWorkerCapabilities": { "additionalProperties": false, "properties": { - "ClassicLoadBalancers": { + "AcceleratorCount": { + "$ref": "#/definitions/AWS::Deadline::Fleet.AcceleratorCountRange", + "markdownDescription": "The range of the accelerator.", + "title": "AcceleratorCount" + }, + "AcceleratorTotalMemoryMiB": { + "$ref": "#/definitions/AWS::Deadline::Fleet.AcceleratorTotalMemoryMiBRange", + "markdownDescription": "The total memory (MiB) for the customer managed worker capabilities.", + "title": "AcceleratorTotalMemoryMiB" + }, + "AcceleratorTypes": { "items": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.ClassicLoadBalancer" + "type": "string" }, - "markdownDescription": "One or more Classic Load Balancers.", - "title": "ClassicLoadBalancers", + "markdownDescription": "The accelerator types for the customer managed worker capabilities.", + "title": "AcceleratorTypes", + "type": "array" + }, + "CpuArchitectureType": { + "markdownDescription": "The CPU architecture type for the customer managed worker capabilities.", + "title": "CpuArchitectureType", + "type": "string" + }, + "CustomAmounts": { + "items": { + "$ref": "#/definitions/AWS::Deadline::Fleet.FleetAmountCapability" + }, + "markdownDescription": "Custom requirement ranges for customer managed worker capabilities.", + "title": "CustomAmounts", + "type": "array" + }, + "CustomAttributes": { + "items": { + "$ref": "#/definitions/AWS::Deadline::Fleet.FleetAttributeCapability" + }, + "markdownDescription": "Custom attributes for the customer manged worker capabilities.", + "title": "CustomAttributes", "type": "array" + }, + "MemoryMiB": { + "$ref": "#/definitions/AWS::Deadline::Fleet.MemoryMiBRange", + "markdownDescription": "The memory (MiB).", + "title": "MemoryMiB" + }, + "OsFamily": { + "markdownDescription": "The operating system (OS) family.", + "title": "OsFamily", + "type": "string" + }, + "VCpuCount": { + "$ref": "#/definitions/AWS::Deadline::Fleet.VCpuCountRange", + "markdownDescription": "The vCPU count for the customer manged worker capabilities.", + "title": "VCpuCount" } }, "required": [ - "ClassicLoadBalancers" + "CpuArchitectureType", + "MemoryMiB", + "OsFamily", + "VCpuCount" ], "type": "object" }, - "AWS::EC2::SpotFleet.EbsBlockDevice": { + "AWS::Deadline::Fleet.Ec2EbsVolume": { "additionalProperties": false, "properties": { - "DeleteOnTermination": { - "markdownDescription": "Indicates whether the EBS volume is deleted on instance termination. For more information, see [Preserving Amazon EBS volumes on instance termination](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#preserving-volumes-on-termination) in the *Amazon EC2 User Guide* .", - "title": "DeleteOnTermination", - "type": "boolean" - }, - "Encrypted": { - "markdownDescription": "Indicates whether the encryption state of an EBS volume is changed while being restored from a backing snapshot. The effect of setting the encryption state to `true` depends on the volume origin (new or from a snapshot), starting encryption state, ownership, and whether encryption by default is enabled. For more information, see [Amazon EBS Encryption](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#encryption-parameters) in the *Amazon EC2 User Guide* .\n\nIn no case can you remove encryption from an encrypted volume.\n\nEncrypted volumes can only be attached to instances that support Amazon EBS encryption. For more information, see [Supported Instance Types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#EBSEncryption_supported_instances) .\n\nThis parameter is not returned by [DescribeImageAttribute](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeImageAttribute.html) .", - "title": "Encrypted", - "type": "boolean" - }, "Iops": { - "markdownDescription": "The number of I/O operations per second (IOPS). For `gp3` , `io1` , and `io2` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n\nThe following are the supported values for each volume type:\n\n- `gp3` : 3,000 - 16,000 IOPS\n- `io1` : 100 - 64,000 IOPS\n- `io2` : 100 - 256,000 IOPS\n\nFor `io2` volumes, you can achieve up to 256,000 IOPS on [instances built on the Nitro System](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances) . On other instances, you can achieve performance up to 32,000 IOPS.\n\nThis parameter is required for `io1` and `io2` volumes. The default for `gp3` volumes is 3,000 IOPS.", + "markdownDescription": "The IOPS per volume.", "title": "Iops", "type": "number" }, - "SnapshotId": { - "markdownDescription": "The ID of the snapshot.", - "title": "SnapshotId", - "type": "string" - }, - "VolumeSize": { - "markdownDescription": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. If you specify a snapshot, the default is the snapshot size. You can specify a volume size that is equal to or larger than the snapshot size.\n\nThe following are the supported sizes for each volume type:\n\n- `gp2` and `gp3` : 1 - 16,384 GiB\n- `io1` : 4 - 16,384 GiB\n- `io2` : 4 - 65,536 GiB\n- `st1` and `sc1` : 125 - 16,384 GiB\n- `standard` : 1 - 1024 GiB", - "title": "VolumeSize", + "SizeGiB": { + "markdownDescription": "The EBS volume size in GiB.", + "title": "SizeGiB", "type": "number" }, - "VolumeType": { - "markdownDescription": "The volume type. For more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volume-types.html) in the *Amazon EBS User Guide* .", - "title": "VolumeType", - "type": "string" + "ThroughputMiB": { + "markdownDescription": "The throughput per volume in MiB.", + "title": "ThroughputMiB", + "type": "number" } }, "type": "object" }, - "AWS::EC2::SpotFleet.FleetLaunchTemplateSpecification": { + "AWS::Deadline::Fleet.FleetAmountCapability": { "additionalProperties": false, "properties": { - "LaunchTemplateId": { - "markdownDescription": "The ID of the launch template.\n\nYou must specify the `LaunchTemplateId` or the `LaunchTemplateName` , but not both.", - "title": "LaunchTemplateId", - "type": "string" + "Max": { + "markdownDescription": "The maximum amount of the fleet worker capability.", + "title": "Max", + "type": "number" }, - "LaunchTemplateName": { - "markdownDescription": "The name of the launch template.\n\nYou must specify the `LaunchTemplateName` or the `LaunchTemplateId` , but not both.", - "title": "LaunchTemplateName", - "type": "string" + "Min": { + "markdownDescription": "The minimum amount of fleet worker capability.", + "title": "Min", + "type": "number" }, - "Version": { - "markdownDescription": "The version number of the launch template.\n\nSpecifying `$Latest` or `$Default` for the template version number is not supported. However, you can specify `LatestVersionNumber` or `DefaultVersionNumber` using the `Fn::GetAtt` intrinsic function. For more information, see [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html#aws-resource-ec2-launchtemplate-return-values-fn--getatt) .", - "title": "Version", - "type": "string" - } - }, - "required": [ - "Version" - ], - "type": "object" - }, - "AWS::EC2::SpotFleet.GroupIdentifier": { - "additionalProperties": false, - "properties": { - "GroupId": { - "markdownDescription": "The ID of the security group.", - "title": "GroupId", - "type": "string" - } - }, - "required": [ - "GroupId" - ], - "type": "object" - }, - "AWS::EC2::SpotFleet.IamInstanceProfileSpecification": { - "additionalProperties": false, - "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the instance profile.", - "title": "Arn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::SpotFleet.InstanceIpv6Address": { - "additionalProperties": false, - "properties": { - "Ipv6Address": { - "markdownDescription": "The IPv6 address.", - "title": "Ipv6Address", + "Name": { + "markdownDescription": "The name of the fleet capability.", + "title": "Name", "type": "string" } }, "required": [ - "Ipv6Address" + "Min", + "Name" ], "type": "object" }, - "AWS::EC2::SpotFleet.InstanceNetworkInterfaceSpecification": { + "AWS::Deadline::Fleet.FleetAttributeCapability": { "additionalProperties": false, "properties": { - "AssociatePublicIpAddress": { - "markdownDescription": "Indicates whether to assign a public IPv4 address to an instance you launch in a VPC. The public IP address can only be assigned to a network interface for eth0, and can only be assigned to a new network interface, not an existing one. You cannot specify more than one network interface in the request. If launching into a default subnet, the default value is `true` .\n\nAWS charges for all public IPv4 addresses, including public IPv4 addresses associated with running instances and Elastic IP addresses. For more information, see the *Public IPv4 Address* tab on the [Amazon VPC pricing page](https://docs.aws.amazon.com/vpc/pricing/) .", - "title": "AssociatePublicIpAddress", - "type": "boolean" - }, - "DeleteOnTermination": { - "markdownDescription": "Indicates whether the network interface is deleted when the instance is terminated.", - "title": "DeleteOnTermination", - "type": "boolean" - }, - "Description": { - "markdownDescription": "The description of the network interface. Applies only if creating a network interface when launching an instance.", - "title": "Description", + "Name": { + "markdownDescription": "The name of the fleet attribute capability for the worker.", + "title": "Name", "type": "string" }, - "DeviceIndex": { - "markdownDescription": "The position of the network interface in the attachment order. A primary network interface has a device index of 0.\n\nIf you specify a network interface when launching an instance, you must specify the device index.", - "title": "DeviceIndex", - "type": "number" - }, - "Groups": { + "Values": { "items": { "type": "string" }, - "markdownDescription": "The IDs of the security groups for the network interface. Applies only if creating a network interface when launching an instance.", - "title": "Groups", - "type": "array" - }, - "Ipv6AddressCount": { - "markdownDescription": "A number of IPv6 addresses to assign to the network interface. Amazon EC2 chooses the IPv6 addresses from the range of the subnet. You cannot specify this option and the option to assign specific IPv6 addresses in the same request. You can specify this option if you've specified a minimum number of instances to launch.", - "title": "Ipv6AddressCount", - "type": "number" - }, - "Ipv6Addresses": { - "items": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.InstanceIpv6Address" - }, - "markdownDescription": "The IPv6 addresses to assign to the network interface. You cannot specify this option and the option to assign a number of IPv6 addresses in the same request. You cannot specify this option if you've specified a minimum number of instances to launch.", - "title": "Ipv6Addresses", - "type": "array" - }, - "NetworkInterfaceId": { - "markdownDescription": "The ID of the network interface.\n\nIf you are creating a Spot Fleet, omit this parameter because you can\u2019t specify a network interface ID in a launch specification.", - "title": "NetworkInterfaceId", - "type": "string" - }, - "PrivateIpAddresses": { - "items": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.PrivateIpAddressSpecification" - }, - "markdownDescription": "The private IPv4 addresses to assign to the network interface. Only one private IPv4 address can be designated as primary. You cannot specify this option if you're launching more than one instance in a [RunInstances](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html) request.", - "title": "PrivateIpAddresses", + "markdownDescription": "The number of fleet attribute capabilities.", + "title": "Values", "type": "array" - }, - "SecondaryPrivateIpAddressCount": { - "markdownDescription": "The number of secondary private IPv4 addresses. You can\u2019t specify this parameter and also specify a secondary private IP address using the `PrivateIpAddress` parameter.", - "title": "SecondaryPrivateIpAddressCount", - "type": "number" - }, - "SubnetId": { - "markdownDescription": "The ID of the subnet associated with the network interface.", - "title": "SubnetId", - "type": "string" } }, + "required": [ + "Name", + "Values" + ], "type": "object" }, - "AWS::EC2::SpotFleet.InstanceRequirementsRequest": { + "AWS::Deadline::Fleet.FleetCapabilities": { "additionalProperties": false, "properties": { - "AcceleratorCount": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.AcceleratorCountRequest", - "markdownDescription": "The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferentia chips) on an instance.\n\nTo exclude accelerator-enabled instance types, set `Max` to `0` .\n\nDefault: No minimum or maximum limits", - "title": "AcceleratorCount" - }, - "AcceleratorManufacturers": { - "items": { - "type": "string" - }, - "markdownDescription": "Indicates whether instance types must have accelerators by specific manufacturers.\n\n- For instance types with AWS devices, specify `amazon-web-services` .\n- For instance types with AMD devices, specify `amd` .\n- For instance types with Habana devices, specify `habana` .\n- For instance types with NVIDIA devices, specify `nvidia` .\n- For instance types with Xilinx devices, specify `xilinx` .\n\nDefault: Any manufacturer", - "title": "AcceleratorManufacturers", - "type": "array" - }, - "AcceleratorNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The accelerators that must be on the instance type.\n\n- For instance types with NVIDIA A10G GPUs, specify `a10g` .\n- For instance types with NVIDIA A100 GPUs, specify `a100` .\n- For instance types with NVIDIA H100 GPUs, specify `h100` .\n- For instance types with AWS Inferentia chips, specify `inferentia` .\n- For instance types with NVIDIA GRID K520 GPUs, specify `k520` .\n- For instance types with NVIDIA K80 GPUs, specify `k80` .\n- For instance types with NVIDIA M60 GPUs, specify `m60` .\n- For instance types with AMD Radeon Pro V520 GPUs, specify `radeon-pro-v520` .\n- For instance types with NVIDIA T4 GPUs, specify `t4` .\n- For instance types with NVIDIA T4G GPUs, specify `t4g` .\n- For instance types with Xilinx VU9P FPGAs, specify `vu9p` .\n- For instance types with NVIDIA V100 GPUs, specify `v100` .\n\nDefault: Any accelerator", - "title": "AcceleratorNames", - "type": "array" - }, - "AcceleratorTotalMemoryMiB": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.AcceleratorTotalMemoryMiBRequest", - "markdownDescription": "The minimum and maximum amount of total accelerator memory, in MiB.\n\nDefault: No minimum or maximum limits", - "title": "AcceleratorTotalMemoryMiB" - }, - "AcceleratorTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The accelerator types that must be on the instance type.\n\n- For instance types with FPGA accelerators, specify `fpga` .\n- For instance types with GPU accelerators, specify `gpu` .\n- For instance types with Inference accelerators, specify `inference` .\n\nDefault: Any accelerator type", - "title": "AcceleratorTypes", - "type": "array" - }, - "AllowedInstanceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The instance types to apply your specified attributes against. All other instance types are ignored, even if they match your specified attributes.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to allow an instance type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will allow the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will allow all the M5a instance types, but not the M5n instance types.\n\n> If you specify `AllowedInstanceTypes` , you can't specify `ExcludedInstanceTypes` . \n\nDefault: All instance types", - "title": "AllowedInstanceTypes", - "type": "array" - }, - "BareMetal": { - "markdownDescription": "Indicates whether bare metal instance types must be included, excluded, or required.\n\n- To include bare metal instance types, specify `included` .\n- To require only bare metal instance types, specify `required` .\n- To exclude bare metal instance types, specify `excluded` .\n\nDefault: `excluded`", - "title": "BareMetal", - "type": "string" - }, - "BaselineEbsBandwidthMbps": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.BaselineEbsBandwidthMbpsRequest", - "markdownDescription": "The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps. For more information, see [Amazon EBS\u2013optimized instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-optimized.html) in the *Amazon EC2 User Guide* .\n\nDefault: No minimum or maximum limits", - "title": "BaselineEbsBandwidthMbps" - }, - "BurstablePerformance": { - "markdownDescription": "Indicates whether burstable performance T instance types are included, excluded, or required. For more information, see [Burstable performance instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) .\n\n- To include burstable performance instance types, specify `included` .\n- To require only burstable performance instance types, specify `required` .\n- To exclude burstable performance instance types, specify `excluded` .\n\nDefault: `excluded`", - "title": "BurstablePerformance", - "type": "string" - }, - "CpuManufacturers": { - "items": { - "type": "string" - }, - "markdownDescription": "The CPU manufacturers to include.\n\n- For instance types with Intel CPUs, specify `intel` .\n- For instance types with AMD CPUs, specify `amd` .\n- For instance types with AWS CPUs, specify `amazon-web-services` .\n- For instance types with Apple CPUs, specify `apple` .\n\n> Don't confuse the CPU manufacturer with the CPU architecture. Instances will be launched with a compatible CPU architecture based on the Amazon Machine Image (AMI) that you specify in your launch template. \n\nDefault: Any manufacturer", - "title": "CpuManufacturers", - "type": "array" - }, - "ExcludedInstanceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The instance types to exclude.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to exclude an instance family, type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will exclude the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will exclude all the M5a instance types, but not the M5n instance types.\n\n> If you specify `ExcludedInstanceTypes` , you can't specify `AllowedInstanceTypes` . \n\nDefault: No excluded instance types", - "title": "ExcludedInstanceTypes", - "type": "array" - }, - "InstanceGenerations": { + "Amounts": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Deadline::Fleet.FleetAmountCapability" }, - "markdownDescription": "Indicates whether current or previous generation instance types are included. The current generation instance types are recommended for use. Current generation instance types are typically the latest two to three generations in each instance family. For more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .\n\nFor current generation instance types, specify `current` .\n\nFor previous generation instance types, specify `previous` .\n\nDefault: Current and previous generation instance types", - "title": "InstanceGenerations", + "markdownDescription": "Amount capabilities of the fleet.", + "title": "Amounts", "type": "array" }, - "LocalStorage": { - "markdownDescription": "Indicates whether instance types with instance store volumes are included, excluded, or required. For more information, [Amazon EC2 instance store](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html) in the *Amazon EC2 User Guide* .\n\n- To include instance types with instance store volumes, specify `included` .\n- To require only instance types with instance store volumes, specify `required` .\n- To exclude instance types with instance store volumes, specify `excluded` .\n\nDefault: `included`", - "title": "LocalStorage", - "type": "string" - }, - "LocalStorageTypes": { + "Attributes": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Deadline::Fleet.FleetAttributeCapability" }, - "markdownDescription": "The type of local storage that is required.\n\n- For instance types with hard disk drive (HDD) storage, specify `hdd` .\n- For instance types with solid state drive (SSD) storage, specify `ssd` .\n\nDefault: `hdd` and `ssd`", - "title": "LocalStorageTypes", + "markdownDescription": "Attribute capabilities of the fleet.", + "title": "Attributes", "type": "array" - }, - "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice": { - "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage of an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is based on the per vCPU or per memory price instead of the per instance price.\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` .", - "title": "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice", - "type": "number" - }, - "MemoryGiBPerVCpu": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.MemoryGiBPerVCpuRequest", - "markdownDescription": "The minimum and maximum amount of memory per vCPU, in GiB.\n\nDefault: No minimum or maximum limits", - "title": "MemoryGiBPerVCpu" - }, - "MemoryMiB": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.MemoryMiBRequest", - "markdownDescription": "The minimum and maximum amount of memory, in MiB.", - "title": "MemoryMiB" - }, - "NetworkBandwidthGbps": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.NetworkBandwidthGbpsRequest", - "markdownDescription": "The minimum and maximum amount of baseline network bandwidth, in gigabits per second (Gbps). For more information, see [Amazon EC2 instance network bandwidth](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-network-bandwidth.html) in the *Amazon EC2 User Guide* .\n\nDefault: No minimum or maximum limits", - "title": "NetworkBandwidthGbps" - }, - "NetworkInterfaceCount": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.NetworkInterfaceCountRequest", - "markdownDescription": "The minimum and maximum number of network interfaces.\n\nDefault: No minimum or maximum limits", - "title": "NetworkInterfaceCount" - }, - "OnDemandMaxPricePercentageOverLowestPrice": { - "markdownDescription": "[Price protection] The price protection threshold for On-Demand Instances, as a percentage higher than an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nTo indicate no price protection threshold, specify a high value, such as `999999` .\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n> If you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price. \n\nDefault: `20`", - "title": "OnDemandMaxPricePercentageOverLowestPrice", - "type": "number" - }, - "RequireHibernateSupport": { - "markdownDescription": "Indicates whether instance types must support hibernation for On-Demand Instances.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) .\n\nDefault: `false`", - "title": "RequireHibernateSupport", - "type": "boolean" - }, - "SpotMaxPricePercentageOverLowestPrice": { - "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage higher than an identified Spot price. The identified Spot price is the Spot price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified Spot price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose Spot price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` . \n\nDefault: `100`", - "title": "SpotMaxPricePercentageOverLowestPrice", - "type": "number" - }, - "TotalLocalStorageGB": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.TotalLocalStorageGBRequest", - "markdownDescription": "The minimum and maximum amount of total local storage, in GB.\n\nDefault: No minimum or maximum limits", - "title": "TotalLocalStorageGB" - }, - "VCpuCount": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.VCpuCountRangeRequest", - "markdownDescription": "The minimum and maximum number of vCPUs.", - "title": "VCpuCount" } }, "type": "object" }, - "AWS::EC2::SpotFleet.LaunchTemplateConfig": { + "AWS::Deadline::Fleet.FleetConfiguration": { "additionalProperties": false, "properties": { - "LaunchTemplateSpecification": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.FleetLaunchTemplateSpecification", - "markdownDescription": "The launch template to use. Make sure that the launch template does not contain the `NetworkInterfaceId` parameter because you can't specify a network interface ID in a Spot Fleet.", - "title": "LaunchTemplateSpecification" + "CustomerManaged": { + "$ref": "#/definitions/AWS::Deadline::Fleet.CustomerManagedFleetConfiguration", + "markdownDescription": "The customer managed fleets within a fleet configuration.", + "title": "CustomerManaged" }, - "Overrides": { - "items": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.LaunchTemplateOverrides" - }, - "markdownDescription": "Any parameters that you specify override the same parameters in the launch template.", - "title": "Overrides", - "type": "array" + "ServiceManagedEc2": { + "$ref": "#/definitions/AWS::Deadline::Fleet.ServiceManagedEc2FleetConfiguration", + "markdownDescription": "The service managed Amazon EC2 instances for a fleet configuration.", + "title": "ServiceManagedEc2" } }, "type": "object" }, - "AWS::EC2::SpotFleet.LaunchTemplateOverrides": { + "AWS::Deadline::Fleet.HostConfiguration": { "additionalProperties": false, "properties": { - "AvailabilityZone": { - "markdownDescription": "The Availability Zone in which to launch the instances.", - "title": "AvailabilityZone", + "ScriptBody": { + "markdownDescription": "The text of the script that runs as a worker is starting up that you can use to provide additional configuration for workers in your fleet. The script runs after a worker enters the `STARTING` state and before the worker processes tasks.\n\nFor more information about using the script, see [Run scripts as an administrator to configure workers](https://docs.aws.amazon.com/deadline-cloud/latest/developerguide/smf-admin.html) in the *Deadline Cloud Developer Guide* .\n\n> The script runs as an administrative user ( `sudo root` on Linux, as an Administrator on Windows).", + "title": "ScriptBody", "type": "string" }, - "InstanceRequirements": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.InstanceRequirementsRequest", - "markdownDescription": "The instance requirements. When you specify instance requirements, Amazon EC2 will identify instance types with the provided requirements, and then use your On-Demand and Spot allocation strategies to launch instances from these instance types, in the same way as when you specify a list of instance types.\n\n> If you specify `InstanceRequirements` , you can't specify `InstanceType` .", - "title": "InstanceRequirements" - }, - "InstanceType": { - "markdownDescription": "The instance type.", - "title": "InstanceType", - "type": "string" - }, - "Priority": { - "markdownDescription": "The priority for the launch template override. The highest priority is launched first.\n\nIf `OnDemandAllocationStrategy` is set to `prioritized` , Spot Fleet uses priority to determine which launch template override to use first in fulfilling On-Demand capacity.\n\nIf the Spot `AllocationStrategy` is set to `capacityOptimizedPrioritized` , Spot Fleet uses priority on a best-effort basis to determine which launch template override to use in fulfilling Spot capacity, but optimizes for capacity first.\n\nValid values are whole numbers starting at `0` . The lower the number, the higher the priority. If no number is set, the launch template override has the lowest priority. You can set the same priority for different launch template overrides.", - "title": "Priority", - "type": "number" - }, - "SpotPrice": { - "markdownDescription": "The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.\n\n> If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.", - "title": "SpotPrice", - "type": "string" - }, - "SubnetId": { - "markdownDescription": "The ID of the subnet in which to launch the instances.", - "title": "SubnetId", - "type": "string" - }, - "WeightedCapacity": { - "markdownDescription": "The number of units provided by the specified instance type. These are the same units that you chose to set the target capacity in terms of instances, or a performance characteristic such as vCPUs, memory, or I/O.\n\nIf the target capacity divided by this value is not a whole number, Amazon EC2 rounds the number of instances to the next whole number. If this value is not specified, the default is 1.\n\n> When specifying weights, the price used in the `lowestPrice` and `priceCapacityOptimized` allocation strategies is per *unit* hour (where the instance price is divided by the specified weight). However, if all the specified weights are above the requested `TargetCapacity` , resulting in only 1 instance being launched, the price used is per *instance* hour.", - "title": "WeightedCapacity", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::SpotFleet.LoadBalancersConfig": { - "additionalProperties": false, - "properties": { - "ClassicLoadBalancersConfig": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.ClassicLoadBalancersConfig", - "markdownDescription": "The Classic Load Balancers.", - "title": "ClassicLoadBalancersConfig" - }, - "TargetGroupsConfig": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.TargetGroupsConfig", - "markdownDescription": "The target groups.", - "title": "TargetGroupsConfig" - } - }, - "type": "object" - }, - "AWS::EC2::SpotFleet.MemoryGiBPerVCpuRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum amount of memory per vCPU, in GiB. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum amount of memory per vCPU, in GiB. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::SpotFleet.MemoryMiBRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum amount of memory, in MiB. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum amount of memory, in MiB. To specify no minimum limit, specify `0` .", - "title": "Min", + "ScriptTimeoutSeconds": { + "markdownDescription": "The maximum time that the host configuration can run. If the timeout expires, the worker enters the `NOT RESPONDING` state and shuts down. You are charged for the time that the worker is running the host configuration script.\n\n> You should configure your fleet for a maximum of one worker while testing your host configuration script to avoid starting additional workers. \n\nThe default is 300 seconds (5 minutes).", + "title": "ScriptTimeoutSeconds", "type": "number" } }, + "required": [ + "ScriptBody" + ], "type": "object" }, - "AWS::EC2::SpotFleet.NetworkBandwidthGbpsRequest": { + "AWS::Deadline::Fleet.MemoryMiBRange": { "additionalProperties": false, "properties": { "Max": { - "markdownDescription": "The maximum amount of network bandwidth, in Gbps. To specify no maximum limit, omit this parameter.", + "markdownDescription": "The maximum amount of memory (in MiB).", "title": "Max", "type": "number" }, "Min": { - "markdownDescription": "The minimum amount of network bandwidth, in Gbps. To specify no minimum limit, omit this parameter.", + "markdownDescription": "The minimum amount of memory (in MiB).", "title": "Min", "type": "number" } }, + "required": [ + "Min" + ], "type": "object" }, - "AWS::EC2::SpotFleet.NetworkInterfaceCountRequest": { + "AWS::Deadline::Fleet.ServiceManagedEc2FleetConfiguration": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum number of network interfaces. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" + "InstanceCapabilities": { + "$ref": "#/definitions/AWS::Deadline::Fleet.ServiceManagedEc2InstanceCapabilities", + "markdownDescription": "The Amazon EC2 instance capabilities.", + "title": "InstanceCapabilities" }, - "Min": { - "markdownDescription": "The minimum number of network interfaces. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::SpotFleet.PrivateIpAddressSpecification": { - "additionalProperties": false, - "properties": { - "Primary": { - "markdownDescription": "Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.", - "title": "Primary", - "type": "boolean" + "InstanceMarketOptions": { + "$ref": "#/definitions/AWS::Deadline::Fleet.ServiceManagedEc2InstanceMarketOptions", + "markdownDescription": "The Amazon EC2 market type.", + "title": "InstanceMarketOptions" }, - "PrivateIpAddress": { - "markdownDescription": "The private IPv4 address.", - "title": "PrivateIpAddress", + "StorageProfileId": { + "markdownDescription": "The storage profile ID.", + "title": "StorageProfileId", "type": "string" } }, "required": [ - "PrivateIpAddress" + "InstanceCapabilities", + "InstanceMarketOptions" ], "type": "object" }, - "AWS::EC2::SpotFleet.SpotCapacityRebalance": { - "additionalProperties": false, - "properties": { - "ReplacementStrategy": { - "markdownDescription": "The replacement strategy to use. Only available for fleets of type `maintain` .\n\n`launch` - Spot Fleet launches a new replacement Spot Instance when a rebalance notification is emitted for an existing Spot Instance in the fleet. Spot Fleet does not terminate the instances that receive a rebalance notification. You can terminate the old instances, or you can leave them running. You are charged for all instances while they are running.\n\n`launch-before-terminate` - Spot Fleet launches a new replacement Spot Instance when a rebalance notification is emitted for an existing Spot Instance in the fleet, and then, after a delay that you specify (in `TerminationDelay` ), terminates the instances that received a rebalance notification.", - "title": "ReplacementStrategy", - "type": "string" - }, - "TerminationDelay": { - "markdownDescription": "The amount of time (in seconds) that Amazon EC2 waits before terminating the old Spot Instance after launching a new replacement Spot Instance.\n\nRequired when `ReplacementStrategy` is set to `launch-before-terminate` .\n\nNot valid when `ReplacementStrategy` is set to `launch` .\n\nValid values: Minimum value of `120` seconds. Maximum value of `7200` seconds.", - "title": "TerminationDelay", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::SpotFleet.SpotFleetLaunchSpecification": { + "AWS::Deadline::Fleet.ServiceManagedEc2InstanceCapabilities": { "additionalProperties": false, "properties": { - "BlockDeviceMappings": { - "items": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.BlockDeviceMapping" - }, - "markdownDescription": "One or more block devices that are mapped to the Spot Instances. You can't specify both a snapshot ID and an encryption value. This is because only blank volumes can be encrypted on creation. If a snapshot is the basis for a volume, it is not blank and its encryption status is used for the volume encryption status.", - "title": "BlockDeviceMappings", - "type": "array" - }, - "EbsOptimized": { - "markdownDescription": "Indicates whether the instances are optimized for EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS Optimized instance.\n\nDefault: `false`", - "title": "EbsOptimized", - "type": "boolean" - }, - "IamInstanceProfile": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.IamInstanceProfileSpecification", - "markdownDescription": "The IAM instance profile.", - "title": "IamInstanceProfile" - }, - "ImageId": { - "markdownDescription": "The ID of the AMI.", - "title": "ImageId", - "type": "string" - }, - "InstanceRequirements": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.InstanceRequirementsRequest", - "markdownDescription": "The attributes for the instance types. When you specify instance attributes, Amazon EC2 will identify instance types with those attributes.\n\n> If you specify `InstanceRequirements` , you can't specify `InstanceType` .", - "title": "InstanceRequirements" - }, - "InstanceType": { - "markdownDescription": "The instance type.", - "title": "InstanceType", - "type": "string" - }, - "KernelId": { - "markdownDescription": "The ID of the kernel.", - "title": "KernelId", - "type": "string" - }, - "KeyName": { - "markdownDescription": "The name of the key pair.", - "title": "KeyName", - "type": "string" - }, - "Monitoring": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotFleetMonitoring", - "markdownDescription": "Enable or disable monitoring for the instances.", - "title": "Monitoring" - }, - "NetworkInterfaces": { - "items": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.InstanceNetworkInterfaceSpecification" - }, - "markdownDescription": "The network interfaces.", - "title": "NetworkInterfaces", - "type": "array" - }, - "Placement": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotPlacement", - "markdownDescription": "The placement information.", - "title": "Placement" - }, - "RamdiskId": { - "markdownDescription": "The ID of the RAM disk. Some kernels require additional drivers at launch. Check the kernel requirements for information about whether you need to specify a RAM disk. To find kernel requirements, refer to the AWS Resource Center and search for the kernel ID.", - "title": "RamdiskId", - "type": "string" - }, - "SecurityGroups": { - "items": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.GroupIdentifier" - }, - "markdownDescription": "The security groups.\n\nIf you specify a network interface, you must specify any security groups as part of the network interface instead of using this parameter.", - "title": "SecurityGroups", - "type": "array" - }, - "SpotPrice": { - "markdownDescription": "The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.\n\n> If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.", - "title": "SpotPrice", - "type": "string" - }, - "SubnetId": { - "markdownDescription": "The IDs of the subnets in which to launch the instances. To specify multiple subnets, separate them using commas; for example, \"subnet-1234abcdeexample1, subnet-0987cdef6example2\".\n\nIf you specify a network interface, you must specify any subnets as part of the network interface instead of using this parameter.", - "title": "SubnetId", - "type": "string" + "AcceleratorCapabilities": { + "$ref": "#/definitions/AWS::Deadline::Fleet.AcceleratorCapabilities", + "markdownDescription": "Describes the GPU accelerator capabilities required for worker host instances in this fleet.", + "title": "AcceleratorCapabilities" }, - "TagSpecifications": { + "AllowedInstanceTypes": { "items": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotFleetTagSpecification" + "type": "string" }, - "markdownDescription": "The tags to apply during creation.", - "title": "TagSpecifications", + "markdownDescription": "The allowable Amazon EC2 instance types.", + "title": "AllowedInstanceTypes", "type": "array" }, - "UserData": { - "markdownDescription": "The base64-encoded user data that instances use when starting up. User data is limited to 16 KB.", - "title": "UserData", - "type": "string" - }, - "WeightedCapacity": { - "markdownDescription": "The number of units provided by the specified instance type. These are the same units that you chose to set the target capacity in terms of instances, or a performance characteristic such as vCPUs, memory, or I/O.\n\nIf the target capacity divided by this value is not a whole number, Amazon EC2 rounds the number of instances to the next whole number. If this value is not specified, the default is 1.\n\n> When specifying weights, the price used in the `lowestPrice` and `priceCapacityOptimized` allocation strategies is per *unit* hour (where the instance price is divided by the specified weight). However, if all the specified weights are above the requested `TargetCapacity` , resulting in only 1 instance being launched, the price used is per *instance* hour.", - "title": "WeightedCapacity", - "type": "number" - } - }, - "required": [ - "ImageId" - ], - "type": "object" - }, - "AWS::EC2::SpotFleet.SpotFleetMonitoring": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Enables monitoring for the instance.\n\nDefault: `false`", - "title": "Enabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::EC2::SpotFleet.SpotFleetRequestConfigData": { - "additionalProperties": false, - "properties": { - "AllocationStrategy": { - "markdownDescription": "The strategy that determines how to allocate the target Spot Instance capacity across the Spot Instance pools specified by the Spot Fleet launch configuration. For more information, see [Allocation strategies for Spot Instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-allocation-strategy.html) in the *Amazon EC2 User Guide* .\n\n- **priceCapacityOptimized (recommended)** - Spot Fleet identifies the pools with the highest capacity availability for the number of instances that are launching. This means that we will request Spot Instances from the pools that we believe have the lowest chance of interruption in the near term. Spot Fleet then requests Spot Instances from the lowest priced of these pools.\n- **capacityOptimized** - Spot Fleet identifies the pools with the highest capacity availability for the number of instances that are launching. This means that we will request Spot Instances from the pools that we believe have the lowest chance of interruption in the near term. To give certain instance types a higher chance of launching first, use `capacityOptimizedPrioritized` . Set a priority for each instance type by using the `Priority` parameter for `LaunchTemplateOverrides` . You can assign the same priority to different `LaunchTemplateOverrides` . EC2 implements the priorities on a best-effort basis, but optimizes for capacity first. `capacityOptimizedPrioritized` is supported only if your Spot Fleet uses a launch template. Note that if the `OnDemandAllocationStrategy` is set to `prioritized` , the same priority is applied when fulfilling On-Demand capacity.\n- **diversified** - Spot Fleet requests instances from all of the Spot Instance pools that you specify.\n- **lowestPrice (not recommended)** - > We don't recommend the `lowestPrice` allocation strategy because it has the highest risk of interruption for your Spot Instances. \n\nSpot Fleet requests instances from the lowest priced Spot Instance pool that has available capacity. If the lowest priced pool doesn't have available capacity, the Spot Instances come from the next lowest priced pool that has available capacity. If a pool runs out of capacity before fulfilling your desired capacity, Spot Fleet will continue to fulfill your request by drawing from the next lowest priced pool. To ensure that your desired capacity is met, you might receive Spot Instances from several pools. Because this strategy only considers instance price and not capacity availability, it might lead to high interruption rates.\n\nDefault: `lowestPrice`", - "title": "AllocationStrategy", - "type": "string" - }, - "Context": { - "markdownDescription": "Reserved.", - "title": "Context", - "type": "string" - }, - "ExcessCapacityTerminationPolicy": { - "markdownDescription": "Indicates whether running Spot Instances should be terminated if you decrease the target capacity of the Spot Fleet request below the current size of the Spot Fleet.\n\nSupported only for fleets of type `maintain` .", - "title": "ExcessCapacityTerminationPolicy", - "type": "string" - }, - "IamFleetRole": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Identity and Access Management (IAM) role that grants the Spot Fleet the permission to request, launch, terminate, and tag instances on your behalf. For more information, see [Spot Fleet Prerequisites](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-requests.html#spot-fleet-prerequisites) in the *Amazon EC2 User Guide* . Spot Fleet can terminate Spot Instances on your behalf when you cancel its Spot Fleet request or when the Spot Fleet request expires, if you set `TerminateInstancesWithExpiration` .", - "title": "IamFleetRole", - "type": "string" - }, - "InstanceInterruptionBehavior": { - "markdownDescription": "The behavior when a Spot Instance is interrupted. The default is `terminate` .", - "title": "InstanceInterruptionBehavior", + "CpuArchitectureType": { + "markdownDescription": "The CPU architecture type.", + "title": "CpuArchitectureType", "type": "string" }, - "InstancePoolsToUseCount": { - "markdownDescription": "The number of Spot pools across which to allocate your target Spot capacity. Valid only when Spot *AllocationStrategy* is set to `lowest-price` . Spot Fleet selects the cheapest Spot pools and evenly allocates your target Spot capacity across the number of Spot pools that you specify.\n\nNote that Spot Fleet attempts to draw Spot Instances from the number of pools that you specify on a best effort basis. If a pool runs out of Spot capacity before fulfilling your target capacity, Spot Fleet will continue to fulfill your request by drawing from the next cheapest pool. To ensure that your target capacity is met, you might receive Spot Instances from more than the number of pools that you specified. Similarly, if most of the pools have no Spot capacity, you might receive your full target capacity from fewer than the number of pools that you specified.", - "title": "InstancePoolsToUseCount", - "type": "number" - }, - "LaunchSpecifications": { + "CustomAmounts": { "items": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotFleetLaunchSpecification" + "$ref": "#/definitions/AWS::Deadline::Fleet.FleetAmountCapability" }, - "markdownDescription": "The launch specifications for the Spot Fleet request. If you specify `LaunchSpecifications` , you can't specify `LaunchTemplateConfigs` .", - "title": "LaunchSpecifications", + "markdownDescription": "The custom capability amounts to require for instances in this fleet.", + "title": "CustomAmounts", "type": "array" }, - "LaunchTemplateConfigs": { + "CustomAttributes": { "items": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.LaunchTemplateConfig" + "$ref": "#/definitions/AWS::Deadline::Fleet.FleetAttributeCapability" }, - "markdownDescription": "The launch template and overrides. If you specify `LaunchTemplateConfigs` , you can't specify `LaunchSpecifications` .", - "title": "LaunchTemplateConfigs", + "markdownDescription": "The custom capability attributes to require for instances in this fleet.", + "title": "CustomAttributes", "type": "array" }, - "LoadBalancersConfig": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.LoadBalancersConfig", - "markdownDescription": "One or more Classic Load Balancers and target groups to attach to the Spot Fleet request. Spot Fleet registers the running Spot Instances with the specified Classic Load Balancers and target groups.\n\nWith Network Load Balancers, Spot Fleet cannot register instances that have the following instance types: C1, CC1, CC2, CG1, CG2, CR1, CS1, G1, G2, HI1, HS1, M1, M2, M3, and T1.", - "title": "LoadBalancersConfig" - }, - "OnDemandAllocationStrategy": { - "markdownDescription": "The order of the launch template overrides to use in fulfilling On-Demand capacity. If you specify `lowestPrice` , Spot Fleet uses price to determine the order, launching the lowest price first. If you specify `prioritized` , Spot Fleet uses the priority that you assign to each Spot Fleet launch template override, launching the highest priority first. If you do not specify a value, Spot Fleet defaults to `lowestPrice` .", - "title": "OnDemandAllocationStrategy", - "type": "string" - }, - "OnDemandMaxTotalPrice": { - "markdownDescription": "The maximum amount per hour for On-Demand Instances that you're willing to pay. You can use the `onDemandMaxTotalPrice` parameter, the `spotMaxTotalPrice` parameter, or both parameters to ensure that your fleet cost does not exceed your budget. If you set a maximum price per hour for the On-Demand Instances and Spot Instances in your request, Spot Fleet will launch instances until it reaches the maximum amount you're willing to pay. When the maximum amount you're willing to pay is reached, the fleet stops launching instances even if it hasn\u2019t met the target capacity.\n\n> If your fleet includes T instances that are configured as `unlimited` , and if their average CPU usage exceeds the baseline utilization, you will incur a charge for surplus credits. The `onDemandMaxTotalPrice` does not account for surplus credits, and, if you use surplus credits, your final cost might be higher than what you specified for `onDemandMaxTotalPrice` . For more information, see [Surplus credits can incur charges](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) in the *Amazon EC2 User Guide* .", - "title": "OnDemandMaxTotalPrice", - "type": "string" - }, - "OnDemandTargetCapacity": { - "markdownDescription": "The number of On-Demand units to request. You can choose to set the target capacity in terms of instances or a performance characteristic that is important to your application workload, such as vCPUs, memory, or I/O. If the request type is `maintain` , you can specify a target capacity of 0 and add capacity later.", - "title": "OnDemandTargetCapacity", - "type": "number" - }, - "ReplaceUnhealthyInstances": { - "markdownDescription": "Indicates whether Spot Fleet should replace unhealthy instances.", - "title": "ReplaceUnhealthyInstances", - "type": "boolean" - }, - "SpotMaintenanceStrategies": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotMaintenanceStrategies", - "markdownDescription": "The strategies for managing your Spot Instances that are at an elevated risk of being interrupted.", - "title": "SpotMaintenanceStrategies" - }, - "SpotMaxTotalPrice": { - "markdownDescription": "The maximum amount per hour for Spot Instances that you're willing to pay. You can use the `spotMaxTotalPrice` parameter, the `onDemandMaxTotalPrice` parameter, or both parameters to ensure that your fleet cost does not exceed your budget. If you set a maximum price per hour for the On-Demand Instances and Spot Instances in your request, Spot Fleet will launch instances until it reaches the maximum amount you're willing to pay. When the maximum amount you're willing to pay is reached, the fleet stops launching instances even if it hasn\u2019t met the target capacity.\n\n> If your fleet includes T instances that are configured as `unlimited` , and if their average CPU usage exceeds the baseline utilization, you will incur a charge for surplus credits. The `spotMaxTotalPrice` does not account for surplus credits, and, if you use surplus credits, your final cost might be higher than what you specified for `spotMaxTotalPrice` . For more information, see [Surplus credits can incur charges](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) in the *Amazon EC2 User Guide* .", - "title": "SpotMaxTotalPrice", - "type": "string" - }, - "SpotPrice": { - "markdownDescription": "The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.\n\n> If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.", - "title": "SpotPrice", - "type": "string" - }, - "TagSpecifications": { + "ExcludedInstanceTypes": { "items": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotFleetTagSpecification" + "type": "string" }, - "markdownDescription": "The key-value pair for tagging the Spot Fleet request on creation. The value for `ResourceType` must be `spot-fleet-request` , otherwise the Spot Fleet request fails. To tag instances at launch, specify the tags in the [launch template](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html#create-launch-template) (valid only if you use `LaunchTemplateConfigs` ) or in the `[SpotFleetTagSpecification](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotFleetTagSpecification.html)` (valid only if you use `LaunchSpecifications` ). For information about tagging after launch, see [Tag your resources](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#tag-resources) .", - "title": "TagSpecifications", + "markdownDescription": "The instance types to exclude from the fleet.", + "title": "ExcludedInstanceTypes", "type": "array" }, - "TargetCapacity": { - "markdownDescription": "The number of units to request for the Spot Fleet. You can choose to set the target capacity in terms of instances or a performance characteristic that is important to your application workload, such as vCPUs, memory, or I/O. If the request type is `maintain` , you can specify a target capacity of 0 and add capacity later.", - "title": "TargetCapacity", - "type": "number" - }, - "TargetCapacityUnitType": { - "markdownDescription": "The unit for the target capacity. You can specify this parameter only when using attribute-based instance type selection.\n\nDefault: `units` (the number of instances)", - "title": "TargetCapacityUnitType", - "type": "string" - }, - "TerminateInstancesWithExpiration": { - "markdownDescription": "Indicates whether running Spot Instances are terminated when the Spot Fleet request expires.", - "title": "TerminateInstancesWithExpiration", - "type": "boolean" + "MemoryMiB": { + "$ref": "#/definitions/AWS::Deadline::Fleet.MemoryMiBRange", + "markdownDescription": "The memory, as MiB, for the Amazon EC2 instance type.", + "title": "MemoryMiB" }, - "Type": { - "markdownDescription": "The type of request. Indicates whether the Spot Fleet only requests the target capacity or also attempts to maintain it. When this value is `request` , the Spot Fleet only places the required requests. It does not attempt to replenish Spot Instances if capacity is diminished, nor does it submit requests in alternative Spot pools if capacity is not available. When this value is `maintain` , the Spot Fleet maintains the target capacity. The Spot Fleet places the required requests to meet capacity and automatically replenishes any interrupted instances. Default: `maintain` . `instant` is listed but is not used by Spot Fleet.", - "title": "Type", + "OsFamily": { + "markdownDescription": "The operating system (OS) family.", + "title": "OsFamily", "type": "string" }, - "ValidFrom": { - "markdownDescription": "The start date and time of the request, in UTC format ( *YYYY* - *MM* - *DD* T *HH* : *MM* : *SS* Z). By default, Amazon EC2 starts fulfilling the request immediately.", - "title": "ValidFrom", - "type": "string" + "RootEbsVolume": { + "$ref": "#/definitions/AWS::Deadline::Fleet.Ec2EbsVolume", + "markdownDescription": "The root EBS volume.", + "title": "RootEbsVolume" }, - "ValidUntil": { - "markdownDescription": "The end date and time of the request, in UTC format ( *YYYY* - *MM* - *DD* T *HH* : *MM* : *SS* Z). After the end date and time, no new Spot Instance requests are placed or able to fulfill the request. If no value is specified, the Spot Fleet request remains until you cancel it.", - "title": "ValidUntil", - "type": "string" + "VCpuCount": { + "$ref": "#/definitions/AWS::Deadline::Fleet.VCpuCountRange", + "markdownDescription": "The amount of vCPU to require for instances in this fleet.", + "title": "VCpuCount" } }, "required": [ - "IamFleetRole", - "TargetCapacity" + "CpuArchitectureType", + "MemoryMiB", + "OsFamily", + "VCpuCount" ], "type": "object" }, - "AWS::EC2::SpotFleet.SpotFleetTagSpecification": { - "additionalProperties": false, - "properties": { - "ResourceType": { - "markdownDescription": "The type of resource. Currently, the only resource type that is supported is `instance` . To tag the Spot Fleet request on creation, use the `TagSpecifications` parameter in `[SpotFleetRequestConfigData](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotFleetRequestConfigData.html)` .", - "title": "ResourceType", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, - "AWS::EC2::SpotFleet.SpotMaintenanceStrategies": { - "additionalProperties": false, - "properties": { - "CapacityRebalance": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotCapacityRebalance", - "markdownDescription": "The Spot Instance replacement strategy to use when Amazon EC2 emits a signal that your Spot Instance is at an elevated risk of being interrupted. For more information, see [Capacity rebalancing](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-capacity-rebalance.html) in the *Amazon EC2 User Guide* .", - "title": "CapacityRebalance" - } - }, - "type": "object" - }, - "AWS::EC2::SpotFleet.SpotPlacement": { - "additionalProperties": false, - "properties": { - "AvailabilityZone": { - "markdownDescription": "The Availability Zone.\n\nTo specify multiple Availability Zones, separate them using commas; for example, \"us-west-2a, us-west-2b\".", - "title": "AvailabilityZone", - "type": "string" - }, - "GroupName": { - "markdownDescription": "The name of the placement group.", - "title": "GroupName", - "type": "string" - }, - "Tenancy": { - "markdownDescription": "The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of `dedicated` runs on single-tenant hardware. The `host` tenancy is not supported for Spot Instances.", - "title": "Tenancy", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::SpotFleet.TargetGroup": { + "AWS::Deadline::Fleet.ServiceManagedEc2InstanceMarketOptions": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the target group.", - "title": "Arn", + "Type": { + "markdownDescription": "The Amazon EC2 instance type.", + "title": "Type", "type": "string" } }, "required": [ - "Arn" - ], - "type": "object" - }, - "AWS::EC2::SpotFleet.TargetGroupsConfig": { - "additionalProperties": false, - "properties": { - "TargetGroups": { - "items": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.TargetGroup" - }, - "markdownDescription": "One or more target groups.", - "title": "TargetGroups", - "type": "array" - } - }, - "required": [ - "TargetGroups" + "Type" ], "type": "object" }, - "AWS::EC2::SpotFleet.TotalLocalStorageGBRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum amount of total local storage, in GB. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum amount of total local storage, in GB. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::SpotFleet.VCpuCountRangeRequest": { + "AWS::Deadline::Fleet.VCpuCountRange": { "additionalProperties": false, "properties": { "Max": { - "markdownDescription": "The maximum number of vCPUs. To specify no maximum limit, omit this parameter.", + "markdownDescription": "The maximum amount of vCPU.", "title": "Max", "type": "number" }, "Min": { - "markdownDescription": "The minimum number of vCPUs. To specify no minimum limit, specify `0` .", + "markdownDescription": "The minimum amount of vCPU.", "title": "Min", "type": "number" } }, + "required": [ + "Min" + ], "type": "object" }, - "AWS::EC2::Subnet": { + "AWS::Deadline::LicenseEndpoint": { "additionalProperties": false, "properties": { "Condition": { @@ -78082,109 +84105,46 @@ "Properties": { "additionalProperties": false, "properties": { - "AssignIpv6AddressOnCreation": { - "markdownDescription": "Indicates whether a network interface created in this subnet receives an IPv6 address. The default value is `false` .\n\nIf you specify `AssignIpv6AddressOnCreation` , you must also specify an IPv6 CIDR block.", - "title": "AssignIpv6AddressOnCreation", - "type": "boolean" - }, - "AvailabilityZone": { - "markdownDescription": "The Availability Zone of the subnet.\n\nIf you update this property, you must also update the `CidrBlock` property.", - "title": "AvailabilityZone", - "type": "string" - }, - "AvailabilityZoneId": { - "markdownDescription": "The AZ ID of the subnet.", - "title": "AvailabilityZoneId", - "type": "string" - }, - "CidrBlock": { - "markdownDescription": "The IPv4 CIDR block assigned to the subnet.\n\nIf you update this property, we create a new subnet, and then delete the existing one.", - "title": "CidrBlock", - "type": "string" - }, - "EnableDns64": { - "markdownDescription": "Indicates whether DNS queries made to the Amazon-provided DNS Resolver in this subnet should return synthetic IPv6 addresses for IPv4-only destinations.\n\n> You must first configure a NAT gateway in a public subnet (separate from the subnet containing the IPv6-only workloads). For example, the subnet containing the NAT gateway should have a `0.0.0.0/0` route pointing to the internet gateway. For more information, see [Configure DNS64 and NAT64](https://docs.aws.amazon.com/vpc/latest/userguide/nat-gateway-nat64-dns64.html#nat-gateway-nat64-dns64-walkthrough) in the *Amazon Virtual Private Cloud User Guide* .", - "title": "EnableDns64", - "type": "boolean" - }, - "EnableLniAtDeviceIndex": { - "markdownDescription": "Indicates the device position for local network interfaces in this subnet. For example, `1` indicates local network interfaces in this subnet are the secondary network interface (eth1).", - "title": "EnableLniAtDeviceIndex", - "type": "number" - }, - "Ipv4IpamPoolId": { - "markdownDescription": "An IPv4 IPAM pool ID for the subnet.", - "title": "Ipv4IpamPoolId", - "type": "string" - }, - "Ipv4NetmaskLength": { - "markdownDescription": "An IPv4 netmask length for the subnet.", - "title": "Ipv4NetmaskLength", - "type": "number" - }, - "Ipv6CidrBlock": { - "markdownDescription": "The IPv6 CIDR block.\n\nIf you specify `AssignIpv6AddressOnCreation` , you must also specify an IPv6 CIDR block.", - "title": "Ipv6CidrBlock", - "type": "string" - }, - "Ipv6CidrBlocks": { + "SecurityGroupIds": { "items": { "type": "string" }, + "markdownDescription": "The identifier of the Amazon EC2 security group that controls access to the license endpoint.", + "title": "SecurityGroupIds", "type": "array" }, - "Ipv6IpamPoolId": { - "markdownDescription": "An IPv6 IPAM pool ID for the subnet.", - "title": "Ipv6IpamPoolId", - "type": "string" - }, - "Ipv6Native": { - "markdownDescription": "Indicates whether this is an IPv6 only subnet. For more information, see [Subnet basics](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html#subnet-basics) in the *Amazon Virtual Private Cloud User Guide* .", - "title": "Ipv6Native", - "type": "boolean" - }, - "Ipv6NetmaskLength": { - "markdownDescription": "An IPv6 netmask length for the subnet.", - "title": "Ipv6NetmaskLength", - "type": "number" - }, - "MapPublicIpOnLaunch": { - "markdownDescription": "Indicates whether instances launched in this subnet receive a public IPv4 address. The default value is `false` .\n\nAWS charges for all public IPv4 addresses, including public IPv4 addresses associated with running instances and Elastic IP addresses. For more information, see the *Public IPv4 Address* tab on the [VPC pricing page](https://docs.aws.amazon.com/vpc/pricing/) .", - "title": "MapPublicIpOnLaunch", - "type": "boolean" - }, - "OutpostArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Outpost.", - "title": "OutpostArn", - "type": "string" - }, - "PrivateDnsNameOptionsOnLaunch": { - "$ref": "#/definitions/AWS::EC2::Subnet.PrivateDnsNameOptionsOnLaunch", - "markdownDescription": "The hostname type for EC2 instances launched into this subnet and how DNS A and AAAA record queries to the instances should be handled. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .\n\nAvailable options:\n\n- EnableResourceNameDnsAAAARecord (true | false)\n- EnableResourceNameDnsARecord (true | false)\n- HostnameType (ip-name | resource-name)", - "title": "PrivateDnsNameOptionsOnLaunch" + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "Identifies the VPC subnets that can connect to a license endpoint.", + "title": "SubnetIds", + "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Any tags assigned to the subnet.", + "markdownDescription": "The tags to add to your license endpoint. Each tag consists of a tag key and a tag value. Tag keys and values are both required, but tag values can be empty strings.", "title": "Tags", "type": "array" }, "VpcId": { - "markdownDescription": "The ID of the VPC the subnet is in.\n\nIf you update this property, you must also update the `CidrBlock` property.", + "markdownDescription": "The VCP(virtual private cloud) ID associated with the license endpoint.", "title": "VpcId", "type": "string" } }, "required": [ + "SecurityGroupIds", + "SubnetIds", "VpcId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::Subnet" + "AWS::Deadline::LicenseEndpoint" ], "type": "string" }, @@ -78203,28 +84163,7 @@ ], "type": "object" }, - "AWS::EC2::Subnet.PrivateDnsNameOptionsOnLaunch": { - "additionalProperties": false, - "properties": { - "EnableResourceNameDnsAAAARecord": { - "markdownDescription": "Indicates whether to respond to DNS queries for instance hostname with DNS AAAA records.", - "title": "EnableResourceNameDnsAAAARecord", - "type": "boolean" - }, - "EnableResourceNameDnsARecord": { - "markdownDescription": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records.", - "title": "EnableResourceNameDnsARecord", - "type": "boolean" - }, - "HostnameType": { - "markdownDescription": "The type of hostname for EC2 instances. For IPv4 only subnets, an instance DNS name must be based on the instance IPv4 address. For IPv6 only subnets, an instance DNS name must be based on the instance ID. For dual-stack subnets, you can specify whether DNS names use the instance IPv4 address or the instance ID.", - "title": "HostnameType", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::SubnetCidrBlock": { + "AWS::Deadline::Limit": { "additionalProperties": false, "properties": { "Condition": { @@ -78259,35 +84198,43 @@ "Properties": { "additionalProperties": false, "properties": { - "Ipv6CidrBlock": { - "markdownDescription": "The IPv6 network range for the subnet, in CIDR notation.", - "title": "Ipv6CidrBlock", + "AmountRequirementName": { + "markdownDescription": "The value that you specify as the `name` in the `amounts` field of the `hostRequirements` in a step of a job template to declare the limit requirement.", + "title": "AmountRequirementName", "type": "string" }, - "Ipv6IpamPoolId": { - "markdownDescription": "An IPv6 IPAM pool ID for the subnet.", - "title": "Ipv6IpamPoolId", + "Description": { + "markdownDescription": "A description of the limit. A clear description helps you identify the purpose of the limit.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", + "title": "Description", "type": "string" }, - "Ipv6NetmaskLength": { - "markdownDescription": "An IPv6 netmask length for the subnet.", - "title": "Ipv6NetmaskLength", - "type": "number" + "DisplayName": { + "markdownDescription": "The name of the limit used in lists to identify the limit.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", + "title": "DisplayName", + "type": "string" }, - "SubnetId": { - "markdownDescription": "The ID of the subnet.", - "title": "SubnetId", + "FarmId": { + "markdownDescription": "The unique identifier of the farm that contains the limit.", + "title": "FarmId", "type": "string" + }, + "MaxCount": { + "markdownDescription": "The maximum number of resources constrained by this limit. When all of the resources are in use, steps that require the limit won't be scheduled until the resource is available.\n\nThe `maxValue` must not be 0. If the value is -1, there is no restriction on the number of resources that can be acquired for this limit.", + "title": "MaxCount", + "type": "number" } }, "required": [ - "SubnetId" + "AmountRequirementName", + "DisplayName", + "FarmId", + "MaxCount" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::SubnetCidrBlock" + "AWS::Deadline::Limit" ], "type": "string" }, @@ -78306,7 +84253,7 @@ ], "type": "object" }, - "AWS::EC2::SubnetNetworkAclAssociation": { + "AWS::Deadline::MeteredProduct": { "additionalProperties": false, "properties": { "Condition": { @@ -78341,26 +84288,22 @@ "Properties": { "additionalProperties": false, "properties": { - "NetworkAclId": { - "markdownDescription": "The ID of the network ACL.", - "title": "NetworkAclId", + "LicenseEndpointId": { + "markdownDescription": "The Amazon EC2 identifier of the license endpoint.", + "title": "LicenseEndpointId", "type": "string" }, - "SubnetId": { - "markdownDescription": "The ID of the subnet.", - "title": "SubnetId", + "ProductId": { + "markdownDescription": "The product ID.", + "title": "ProductId", "type": "string" } }, - "required": [ - "NetworkAclId", - "SubnetId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::SubnetNetworkAclAssociation" + "AWS::Deadline::MeteredProduct" ], "type": "string" }, @@ -78374,12 +84317,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::EC2::SubnetRouteTableAssociation": { + "AWS::Deadline::Monitor": { "additionalProperties": false, "properties": { "Condition": { @@ -78414,26 +84356,38 @@ "Properties": { "additionalProperties": false, "properties": { - "RouteTableId": { - "markdownDescription": "The ID of the route table.\n\nThe physical ID changes when the route table ID is changed.", - "title": "RouteTableId", + "DisplayName": { + "markdownDescription": "The name of the monitor that displays on the Deadline Cloud console.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", + "title": "DisplayName", "type": "string" }, - "SubnetId": { - "markdownDescription": "The ID of the subnet.", - "title": "SubnetId", + "IdentityCenterInstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM Identity Center instance responsible for authenticating monitor users.", + "title": "IdentityCenterInstanceArn", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role for the monitor. Users of the monitor use this role to access Deadline Cloud resources.", + "title": "RoleArn", + "type": "string" + }, + "Subdomain": { + "markdownDescription": "The subdomain used for the monitor URL. The full URL of the monitor is subdomain.Region.deadlinecloud.amazonaws.com.", + "title": "Subdomain", "type": "string" } }, "required": [ - "RouteTableId", - "SubnetId" + "DisplayName", + "IdentityCenterInstanceArn", + "RoleArn", + "Subdomain" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::SubnetRouteTableAssociation" + "AWS::Deadline::Monitor" ], "type": "string" }, @@ -78452,7 +84406,7 @@ ], "type": "object" }, - "AWS::EC2::TrafficMirrorFilter": { + "AWS::Deadline::Queue": { "additionalProperties": false, "properties": { "Condition": { @@ -78487,33 +84441,75 @@ "Properties": { "additionalProperties": false, "properties": { + "AllowedStorageProfileIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The identifiers of the storage profiles that this queue can use to share assets between workers using different operating systems.", + "title": "AllowedStorageProfileIds", + "type": "array" + }, + "DefaultBudgetAction": { + "markdownDescription": "The default action taken on a queue summary if a budget wasn't configured.", + "title": "DefaultBudgetAction", + "type": "string" + }, "Description": { - "markdownDescription": "The description of the Traffic Mirror filter.", + "markdownDescription": "A description of the queue that helps identify what the queue is used for.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", "title": "Description", "type": "string" }, - "NetworkServices": { + "DisplayName": { + "markdownDescription": "The display name of the queue summary to update.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", + "title": "DisplayName", + "type": "string" + }, + "FarmId": { + "markdownDescription": "The farm ID.", + "title": "FarmId", + "type": "string" + }, + "JobAttachmentSettings": { + "$ref": "#/definitions/AWS::Deadline::Queue.JobAttachmentSettings", + "markdownDescription": "The job attachment settings. These are the Amazon S3 bucket name and the Amazon S3 prefix.", + "title": "JobAttachmentSettings" + }, + "JobRunAsUser": { + "$ref": "#/definitions/AWS::Deadline::Queue.JobRunAsUser", + "markdownDescription": "Identifies the user for a job.", + "title": "JobRunAsUser" + }, + "RequiredFileSystemLocationNames": { "items": { "type": "string" }, - "markdownDescription": "The network service traffic that is associated with the Traffic Mirror filter.\n\nValid values are `amazon-dns` .", - "title": "NetworkServices", + "markdownDescription": "The file system location that the queue uses.", + "title": "RequiredFileSystemLocationNames", "type": "array" }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that workers use when running jobs in this queue.", + "title": "RoleArn", + "type": "string" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to assign to a Traffic Mirror filter.", + "markdownDescription": "The tags to add to your queue. Each tag consists of a tag key and a tag value. Tag keys and values are both required, but tag values can be empty strings.", "title": "Tags", "type": "array" } }, + "required": [ + "DisplayName", + "FarmId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::TrafficMirrorFilter" + "AWS::Deadline::Queue" ], "type": "string" }, @@ -78527,148 +84523,96 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::EC2::TrafficMirrorFilterRule": { + "AWS::Deadline::Queue.JobAttachmentSettings": { "additionalProperties": false, "properties": { - "Condition": { + "RootPrefix": { + "markdownDescription": "The root prefix.", + "title": "RootPrefix", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "S3BucketName": { + "markdownDescription": "The Amazon S3 bucket name.", + "title": "S3BucketName", "type": "string" + } + }, + "required": [ + "RootPrefix", + "S3BucketName" + ], + "type": "object" + }, + "AWS::Deadline::Queue.JobRunAsUser": { + "additionalProperties": false, + "properties": { + "Posix": { + "$ref": "#/definitions/AWS::Deadline::Queue.PosixUser", + "markdownDescription": "The user and group that the jobs in the queue run as.", + "title": "Posix" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The description of the Traffic Mirror rule.", - "title": "Description", - "type": "string" - }, - "DestinationCidrBlock": { - "markdownDescription": "The destination CIDR block to assign to the Traffic Mirror rule.", - "title": "DestinationCidrBlock", - "type": "string" - }, - "DestinationPortRange": { - "$ref": "#/definitions/AWS::EC2::TrafficMirrorFilterRule.TrafficMirrorPortRange", - "markdownDescription": "The destination port range.", - "title": "DestinationPortRange" - }, - "Protocol": { - "markdownDescription": "The protocol, for example UDP, to assign to the Traffic Mirror rule.\n\nFor information about the protocol value, see [Protocol Numbers](https://docs.aws.amazon.com/https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) on the Internet Assigned Numbers Authority (IANA) website.", - "title": "Protocol", - "type": "number" - }, - "RuleAction": { - "markdownDescription": "The action to take on the filtered traffic.", - "title": "RuleAction", - "type": "string" - }, - "RuleNumber": { - "markdownDescription": "The number of the Traffic Mirror rule. This number must be unique for each Traffic Mirror rule in a given direction. The rules are processed in ascending order by rule number.", - "title": "RuleNumber", - "type": "number" - }, - "SourceCidrBlock": { - "markdownDescription": "The source CIDR block to assign to the Traffic Mirror rule.", - "title": "SourceCidrBlock", - "type": "string" - }, - "SourcePortRange": { - "$ref": "#/definitions/AWS::EC2::TrafficMirrorFilterRule.TrafficMirrorPortRange", - "markdownDescription": "The source port range.", - "title": "SourcePortRange" - }, - "TrafficDirection": { - "markdownDescription": "The type of traffic.", - "title": "TrafficDirection", - "type": "string" - }, - "TrafficMirrorFilterId": { - "markdownDescription": "The ID of the filter that this rule is associated with.", - "title": "TrafficMirrorFilterId", - "type": "string" - } - }, - "required": [ - "DestinationCidrBlock", - "RuleAction", - "RuleNumber", - "SourceCidrBlock", - "TrafficDirection", - "TrafficMirrorFilterId" - ], - "type": "object" + "RunAs": { + "markdownDescription": "Specifies whether the job should run using the queue's system user or if the job should run using the worker agent system user.", + "title": "RunAs", + "type": "string" }, - "Type": { - "enum": [ - "AWS::EC2::TrafficMirrorFilterRule" - ], + "Windows": { + "$ref": "#/definitions/AWS::Deadline::Queue.WindowsUser", + "markdownDescription": "Identifies a Microsoft Windows user.", + "title": "Windows" + } + }, + "required": [ + "RunAs" + ], + "type": "object" + }, + "AWS::Deadline::Queue.PosixUser": { + "additionalProperties": false, + "properties": { + "Group": { + "markdownDescription": "The name of the POSIX user's group.", + "title": "Group", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "User": { + "markdownDescription": "The name of the POSIX user.", + "title": "User", "type": "string" } }, "required": [ - "Type", - "Properties" + "Group", + "User" ], "type": "object" }, - "AWS::EC2::TrafficMirrorFilterRule.TrafficMirrorPortRange": { + "AWS::Deadline::Queue.WindowsUser": { "additionalProperties": false, "properties": { - "FromPort": { - "markdownDescription": "The start of the Traffic Mirror port range. This applies to the TCP and UDP protocols.", - "title": "FromPort", - "type": "number" + "PasswordArn": { + "markdownDescription": "The password ARN for the Windows user.", + "title": "PasswordArn", + "type": "string" }, - "ToPort": { - "markdownDescription": "The end of the Traffic Mirror port range. This applies to the TCP and UDP protocols.", - "title": "ToPort", - "type": "number" + "User": { + "markdownDescription": "The user.", + "title": "User", + "type": "string" } }, "required": [ - "FromPort", - "ToPort" + "PasswordArn", + "User" ], "type": "object" }, - "AWS::EC2::TrafficMirrorSession": { + "AWS::Deadline::QueueEnvironment": { "additionalProperties": false, "properties": { "Condition": { @@ -78703,61 +84647,44 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the Traffic Mirror session.", - "title": "Description", - "type": "string" - }, - "NetworkInterfaceId": { - "markdownDescription": "The ID of the source network interface.", - "title": "NetworkInterfaceId", + "FarmId": { + "markdownDescription": "The identifier assigned to the farm that contains the queue.", + "title": "FarmId", "type": "string" }, - "PacketLength": { - "markdownDescription": "The number of bytes in each packet to mirror. These are bytes after the VXLAN header. Do not specify this parameter when you want to mirror the entire packet. To mirror a subset of the packet, set this to the length (in bytes) that you want to mirror. For example, if you set this value to 100, then the first 100 bytes that meet the filter criteria are copied to the target.\n\nIf you do not want to mirror the entire packet, use the `PacketLength` parameter to specify the number of bytes in each packet to mirror.\n\nFor sessions with Network Load Balancer (NLB) Traffic Mirror targets the default `PacketLength` will be set to 8500. Valid values are 1-8500. Setting a `PacketLength` greater than 8500 will result in an error response.", - "title": "PacketLength", - "type": "number" - }, - "SessionNumber": { - "markdownDescription": "The session number determines the order in which sessions are evaluated when an interface is used by multiple sessions. The first session with a matching filter is the one that mirrors the packets.\n\nValid values are 1-32766.", - "title": "SessionNumber", + "Priority": { + "markdownDescription": "The queue environment's priority.", + "title": "Priority", "type": "number" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to assign to a Traffic Mirror session.", - "title": "Tags", - "type": "array" - }, - "TrafficMirrorFilterId": { - "markdownDescription": "The ID of the Traffic Mirror filter.", - "title": "TrafficMirrorFilterId", + "QueueId": { + "markdownDescription": "The unique identifier of the queue that contains the environment.", + "title": "QueueId", "type": "string" }, - "TrafficMirrorTargetId": { - "markdownDescription": "The ID of the Traffic Mirror target.", - "title": "TrafficMirrorTargetId", + "Template": { + "markdownDescription": "A JSON or YAML template that describes the processing environment for the queue.", + "title": "Template", "type": "string" }, - "VirtualNetworkId": { - "markdownDescription": "The VXLAN ID for the Traffic Mirror session. For more information about the VXLAN protocol, see [RFC 7348](https://docs.aws.amazon.com/https://datatracker.ietf.org/doc/html/rfc7348) . If you do not specify a `VirtualNetworkId` , an account-wide unique ID is chosen at random.", - "title": "VirtualNetworkId", - "type": "number" + "TemplateType": { + "markdownDescription": "Specifies whether the template for the queue environment is JSON or YAML.", + "title": "TemplateType", + "type": "string" } }, "required": [ - "NetworkInterfaceId", - "SessionNumber", - "TrafficMirrorFilterId", - "TrafficMirrorTargetId" + "FarmId", + "Priority", + "QueueId", + "Template", + "TemplateType" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::TrafficMirrorSession" + "AWS::Deadline::QueueEnvironment" ], "type": "string" }, @@ -78776,7 +84703,7 @@ ], "type": "object" }, - "AWS::EC2::TrafficMirrorTarget": { + "AWS::Deadline::QueueFleetAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -78811,40 +84738,32 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the Traffic Mirror target.", - "title": "Description", - "type": "string" - }, - "GatewayLoadBalancerEndpointId": { - "markdownDescription": "The ID of the Gateway Load Balancer endpoint.", - "title": "GatewayLoadBalancerEndpointId", + "FarmId": { + "markdownDescription": "The identifier of the farm that contains the queue and the fleet.", + "title": "FarmId", "type": "string" }, - "NetworkInterfaceId": { - "markdownDescription": "The network interface ID that is associated with the target.", - "title": "NetworkInterfaceId", + "FleetId": { + "markdownDescription": "The fleet ID.", + "title": "FleetId", "type": "string" }, - "NetworkLoadBalancerArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Network Load Balancer that is associated with the target.", - "title": "NetworkLoadBalancerArn", + "QueueId": { + "markdownDescription": "The queue ID.", + "title": "QueueId", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to assign to the Traffic Mirror target.", - "title": "Tags", - "type": "array" } }, + "required": [ + "FarmId", + "FleetId", + "QueueId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::TrafficMirrorTarget" + "AWS::Deadline::QueueFleetAssociation" ], "type": "string" }, @@ -78858,11 +84777,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::EC2::TransitGateway": { + "AWS::Deadline::QueueLimitAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -78897,78 +84817,32 @@ "Properties": { "additionalProperties": false, "properties": { - "AmazonSideAsn": { - "markdownDescription": "A private Autonomous System Number (ASN) for the Amazon side of a BGP session. The range is 64512 to 65534 for 16-bit ASNs. The default is 64512.", - "title": "AmazonSideAsn", - "type": "number" - }, - "AssociationDefaultRouteTableId": { - "markdownDescription": "The ID of the default association route table.", - "title": "AssociationDefaultRouteTableId", - "type": "string" - }, - "AutoAcceptSharedAttachments": { - "markdownDescription": "Enable or disable automatic acceptance of attachment requests. Disabled by default.", - "title": "AutoAcceptSharedAttachments", - "type": "string" - }, - "DefaultRouteTableAssociation": { - "markdownDescription": "Enable or disable automatic association with the default association route table. Enabled by default. If `DefaultRouteTableAssociation` is set to enable, AWS Transit Gateway will create the default transit gateway route table.", - "title": "DefaultRouteTableAssociation", - "type": "string" - }, - "DefaultRouteTablePropagation": { - "markdownDescription": "Enable or disable automatic propagation of routes to the default propagation route table. Enabled by default. If `DefaultRouteTablePropagation` is set to enable, AWS Transit Gateway will create the default transit gateway route table.", - "title": "DefaultRouteTablePropagation", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the transit gateway.", - "title": "Description", - "type": "string" - }, - "DnsSupport": { - "markdownDescription": "Enable or disable DNS support. Enabled by default.", - "title": "DnsSupport", - "type": "string" - }, - "MulticastSupport": { - "markdownDescription": "Indicates whether multicast is enabled on the transit gateway", - "title": "MulticastSupport", + "FarmId": { + "markdownDescription": "The unique identifier of the farm that contains the queue-limit association.", + "title": "FarmId", "type": "string" }, - "PropagationDefaultRouteTableId": { - "markdownDescription": "The ID of the default propagation route table.", - "title": "PropagationDefaultRouteTableId", + "LimitId": { + "markdownDescription": "The unique identifier of the limit in the association.", + "title": "LimitId", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags for the transit gateway.", - "title": "Tags", - "type": "array" - }, - "TransitGatewayCidrBlocks": { - "items": { - "type": "string" - }, - "markdownDescription": "The transit gateway CIDR blocks.", - "title": "TransitGatewayCidrBlocks", - "type": "array" - }, - "VpnEcmpSupport": { - "markdownDescription": "Enable or disable Equal Cost Multipath Protocol support. Enabled by default.", - "title": "VpnEcmpSupport", + "QueueId": { + "markdownDescription": "The unique identifier of the queue in the association.", + "title": "QueueId", "type": "string" } }, + "required": [ + "FarmId", + "LimitId", + "QueueId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::TransitGateway" + "AWS::Deadline::QueueLimitAssociation" ], "type": "string" }, @@ -78982,11 +84856,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::EC2::TransitGatewayAttachment": { + "AWS::Deadline::StorageProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -79021,48 +84896,40 @@ "Properties": { "additionalProperties": false, "properties": { - "Options": { - "$ref": "#/definitions/AWS::EC2::TransitGatewayAttachment.Options", - "markdownDescription": "The VPC attachment options.", - "title": "Options" + "DisplayName": { + "markdownDescription": "The display name of the storage profile summary to update.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", + "title": "DisplayName", + "type": "string" }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of one or more subnets. You can specify only one subnet per Availability Zone. You must specify at least one subnet, but we recommend that you specify two subnets for better availability. The transit gateway uses one IP address from each specified subnet.", - "title": "SubnetIds", - "type": "array" + "FarmId": { + "markdownDescription": "The unique identifier of the farm that contains the storage profile.", + "title": "FarmId", + "type": "string" }, - "Tags": { + "FileSystemLocations": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Deadline::StorageProfile.FileSystemLocation" }, - "markdownDescription": "The tags for the attachment.", - "title": "Tags", + "markdownDescription": "Operating system specific file system path to the storage location.", + "title": "FileSystemLocations", "type": "array" }, - "TransitGatewayId": { - "markdownDescription": "The ID of the transit gateway.", - "title": "TransitGatewayId", - "type": "string" - }, - "VpcId": { - "markdownDescription": "The ID of the VPC.", - "title": "VpcId", + "OsFamily": { + "markdownDescription": "The operating system (OS) family.", + "title": "OsFamily", "type": "string" } }, "required": [ - "SubnetIds", - "TransitGatewayId", - "VpcId" + "DisplayName", + "FarmId", + "OsFamily" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::TransitGatewayAttachment" + "AWS::Deadline::StorageProfile" ], "type": "string" }, @@ -79081,33 +84948,33 @@ ], "type": "object" }, - "AWS::EC2::TransitGatewayAttachment.Options": { + "AWS::Deadline::StorageProfile.FileSystemLocation": { "additionalProperties": false, "properties": { - "ApplianceModeSupport": { - "markdownDescription": "Enable or disable appliance mode support. The default is `disable` .", - "title": "ApplianceModeSupport", - "type": "string" - }, - "DnsSupport": { - "markdownDescription": "Enable or disable DNS support. The default is `disable` .", - "title": "DnsSupport", + "Name": { + "markdownDescription": "The location name.", + "title": "Name", "type": "string" }, - "Ipv6Support": { - "markdownDescription": "Enable or disable IPv6 support. The default is `disable` .", - "title": "Ipv6Support", + "Path": { + "markdownDescription": "The file path.", + "title": "Path", "type": "string" }, - "SecurityGroupReferencingSupport": { - "markdownDescription": "Enables you to reference a security group across VPCs attached to a transit gateway (TGW). Use this option to simplify security group management and control of instance-to-instance traffic across VPCs that are connected by transit gateway. You can also use this option to migrate from VPC peering (which was the only option that supported security group referencing) to transit gateways (which now also support security group referencing). This option is disabled by default and there are no additional costs to use this feature.\n\nFor important information about this feature, see [Create a transit gateway](https://docs.aws.amazon.com/vpc/latest/tgw/tgw-transit-gateways.html#create-tgw) in the *AWS Transit Gateway Guide* .", - "title": "SecurityGroupReferencingSupport", + "Type": { + "markdownDescription": "The type of file.", + "title": "Type", "type": "string" } }, + "required": [ + "Name", + "Path", + "Type" + ], "type": "object" }, - "AWS::EC2::TransitGatewayConnect": { + "AWS::Detective::Graph": { "additionalProperties": false, "properties": { "Condition": { @@ -79142,34 +85009,25 @@ "Properties": { "additionalProperties": false, "properties": { - "Options": { - "$ref": "#/definitions/AWS::EC2::TransitGatewayConnect.TransitGatewayConnectOptions", - "markdownDescription": "The Connect attachment options.\n\n- protocol (gre)", - "title": "Options" + "AutoEnableMembers": { + "markdownDescription": "Indicates whether to automatically enable new organization accounts as member accounts in the organization behavior graph.\n\nBy default, this property is set to `false` . If you want to change the value of this property, you must be the Detective administrator for the organization. For more information on setting a Detective administrator account, see [AWS::Detective::OrganizationAdmin](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-detective-organizationadmin.html) .", + "title": "AutoEnableMembers", + "type": "boolean" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags for the attachment.", + "markdownDescription": "The tag values to assign to the new behavior graph.", "title": "Tags", "type": "array" - }, - "TransportTransitGatewayAttachmentId": { - "markdownDescription": "The ID of the attachment from which the Connect attachment was created.", - "title": "TransportTransitGatewayAttachmentId", - "type": "string" } }, - "required": [ - "Options", - "TransportTransitGatewayAttachmentId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::TransitGatewayConnect" + "AWS::Detective::Graph" ], "type": "string" }, @@ -79183,23 +85041,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::EC2::TransitGatewayConnect.TransitGatewayConnectOptions": { - "additionalProperties": false, - "properties": { - "Protocol": { - "markdownDescription": "The tunnel protocol.", - "title": "Protocol", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::TransitGatewayMulticastDomain": { + "AWS::Detective::MemberInvitation": { "additionalProperties": false, "properties": { "Condition": { @@ -79234,33 +85080,42 @@ "Properties": { "additionalProperties": false, "properties": { - "Options": { - "$ref": "#/definitions/AWS::EC2::TransitGatewayMulticastDomain.Options", - "markdownDescription": "The options for the transit gateway multicast domain.\n\n- AutoAcceptSharedAssociations (enable | disable)\n- Igmpv2Support (enable | disable)\n- StaticSourcesSupport (enable | disable)", - "title": "Options" + "DisableEmailNotification": { + "markdownDescription": "Whether to send an invitation email to the member account. If set to true, the member account does not receive an invitation email.", + "title": "DisableEmailNotification", + "type": "boolean" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags for the transit gateway multicast domain.", - "title": "Tags", - "type": "array" + "GraphArn": { + "markdownDescription": "The ARN of the behavior graph to invite the account to contribute data to.", + "title": "GraphArn", + "type": "string" }, - "TransitGatewayId": { - "markdownDescription": "The ID of the transit gateway.", - "title": "TransitGatewayId", + "MemberEmailAddress": { + "markdownDescription": "The root user email address of the invited account. If the email address provided is not the root user email address for the provided account, the invitation creation fails.", + "title": "MemberEmailAddress", + "type": "string" + }, + "MemberId": { + "markdownDescription": "The AWS account identifier of the invited account", + "title": "MemberId", + "type": "string" + }, + "Message": { + "markdownDescription": "Customized text to include in the invitation email message.", + "title": "Message", "type": "string" } }, "required": [ - "TransitGatewayId" + "GraphArn", + "MemberEmailAddress", + "MemberId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::TransitGatewayMulticastDomain" + "AWS::Detective::MemberInvitation" ], "type": "string" }, @@ -79279,28 +85134,7 @@ ], "type": "object" }, - "AWS::EC2::TransitGatewayMulticastDomain.Options": { - "additionalProperties": false, - "properties": { - "AutoAcceptSharedAssociations": { - "markdownDescription": "Indicates whether to automatically accept cross-account subnet associations that are associated with the transit gateway multicast domain.", - "title": "AutoAcceptSharedAssociations", - "type": "string" - }, - "Igmpv2Support": { - "markdownDescription": "Specify whether to enable Internet Group Management Protocol (IGMP) version 2 for the transit gateway multicast domain.", - "title": "Igmpv2Support", - "type": "string" - }, - "StaticSourcesSupport": { - "markdownDescription": "Specify whether to enable support for statically configuring multicast group sources for a domain.", - "title": "StaticSourcesSupport", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::TransitGatewayMulticastDomainAssociation": { + "AWS::Detective::OrganizationAdmin": { "additionalProperties": false, "properties": { "Condition": { @@ -79335,32 +85169,20 @@ "Properties": { "additionalProperties": false, "properties": { - "SubnetId": { - "markdownDescription": "The IDs of the subnets to associate with the transit gateway multicast domain.", - "title": "SubnetId", - "type": "string" - }, - "TransitGatewayAttachmentId": { - "markdownDescription": "The ID of the transit gateway attachment.", - "title": "TransitGatewayAttachmentId", - "type": "string" - }, - "TransitGatewayMulticastDomainId": { - "markdownDescription": "The ID of the transit gateway multicast domain.", - "title": "TransitGatewayMulticastDomainId", + "AccountId": { + "markdownDescription": "The AWS account identifier of the account to designate as the Detective administrator account for the organization.", + "title": "AccountId", "type": "string" } }, "required": [ - "SubnetId", - "TransitGatewayAttachmentId", - "TransitGatewayMulticastDomainId" + "AccountId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::TransitGatewayMulticastDomainAssociation" + "AWS::Detective::OrganizationAdmin" ], "type": "string" }, @@ -79379,7 +85201,7 @@ ], "type": "object" }, - "AWS::EC2::TransitGatewayMulticastGroupMember": { + "AWS::DevOpsGuru::LogAnomalyDetectionIntegration": { "additionalProperties": false, "properties": { "Condition": { @@ -79413,33 +85235,12 @@ }, "Properties": { "additionalProperties": false, - "properties": { - "GroupIpAddress": { - "markdownDescription": "The IP address assigned to the transit gateway multicast group.", - "title": "GroupIpAddress", - "type": "string" - }, - "NetworkInterfaceId": { - "markdownDescription": "The group members' network interface IDs to register with the transit gateway multicast group.", - "title": "NetworkInterfaceId", - "type": "string" - }, - "TransitGatewayMulticastDomainId": { - "markdownDescription": "The ID of the transit gateway multicast domain.", - "title": "TransitGatewayMulticastDomainId", - "type": "string" - } - }, - "required": [ - "GroupIpAddress", - "NetworkInterfaceId", - "TransitGatewayMulticastDomainId" - ], + "properties": {}, "type": "object" }, "Type": { "enum": [ - "AWS::EC2::TransitGatewayMulticastGroupMember" + "AWS::DevOpsGuru::LogAnomalyDetectionIntegration" ], "type": "string" }, @@ -79453,12 +85254,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::EC2::TransitGatewayMulticastGroupSource": { + "AWS::DevOpsGuru::NotificationChannel": { "additionalProperties": false, "properties": { "Condition": { @@ -79493,32 +85293,20 @@ "Properties": { "additionalProperties": false, "properties": { - "GroupIpAddress": { - "markdownDescription": "The IP address assigned to the transit gateway multicast group.", - "title": "GroupIpAddress", - "type": "string" - }, - "NetworkInterfaceId": { - "markdownDescription": "The group sources' network interface IDs to register with the transit gateway multicast group.", - "title": "NetworkInterfaceId", - "type": "string" - }, - "TransitGatewayMulticastDomainId": { - "markdownDescription": "The ID of the transit gateway multicast domain.", - "title": "TransitGatewayMulticastDomainId", - "type": "string" + "Config": { + "$ref": "#/definitions/AWS::DevOpsGuru::NotificationChannel.NotificationChannelConfig", + "markdownDescription": "A `NotificationChannelConfig` object that contains information about configured notification channels.", + "title": "Config" } }, "required": [ - "GroupIpAddress", - "NetworkInterfaceId", - "TransitGatewayMulticastDomainId" + "Config" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::TransitGatewayMulticastGroupSource" + "AWS::DevOpsGuru::NotificationChannel" ], "type": "string" }, @@ -79537,7 +85325,56 @@ ], "type": "object" }, - "AWS::EC2::TransitGatewayPeeringAttachment": { + "AWS::DevOpsGuru::NotificationChannel.NotificationChannelConfig": { + "additionalProperties": false, + "properties": { + "Filters": { + "$ref": "#/definitions/AWS::DevOpsGuru::NotificationChannel.NotificationFilterConfig", + "markdownDescription": "The filter configurations for the Amazon SNS notification topic you use with DevOps Guru. If you do not provide filter configurations, the default configurations are to receive notifications for all message types of `High` or `Medium` severity.", + "title": "Filters" + }, + "Sns": { + "$ref": "#/definitions/AWS::DevOpsGuru::NotificationChannel.SnsChannelConfig", + "markdownDescription": "Information about a notification channel configured in DevOps Guru to send notifications when insights are created.\n\nIf you use an Amazon SNS topic in another account, you must attach a policy to it that grants DevOps Guru permission to send it notifications. DevOps Guru adds the required policy on your behalf to send notifications using Amazon SNS in your account. DevOps Guru only supports standard SNS topics. For more information, see [Permissions for Amazon SNS topics](https://docs.aws.amazon.com/devops-guru/latest/userguide/sns-required-permissions.html) .\n\nIf you use an Amazon SNS topic that is encrypted by an AWS Key Management Service customer-managed key (CMK), then you must add permissions to the CMK. For more information, see [Permissions for AWS KMS\u2013encrypted Amazon SNS topics](https://docs.aws.amazon.com/devops-guru/latest/userguide/sns-kms-permissions.html) .", + "title": "Sns" + } + }, + "type": "object" + }, + "AWS::DevOpsGuru::NotificationChannel.NotificationFilterConfig": { + "additionalProperties": false, + "properties": { + "MessageTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The events that you want to receive notifications for. For example, you can choose to receive notifications only when the severity level is upgraded or a new insight is created.", + "title": "MessageTypes", + "type": "array" + }, + "Severities": { + "items": { + "type": "string" + }, + "markdownDescription": "The severity levels that you want to receive notifications for. For example, you can choose to receive notifications only for insights with `HIGH` and `MEDIUM` severity levels. For more information, see [Understanding insight severities](https://docs.aws.amazon.com/devops-guru/latest/userguide/working-with-insights.html#understanding-insights-severities) .", + "title": "Severities", + "type": "array" + } + }, + "type": "object" + }, + "AWS::DevOpsGuru::NotificationChannel.SnsChannelConfig": { + "additionalProperties": false, + "properties": { + "TopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an Amazon Simple Notification Service topic.", + "title": "TopicArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DevOpsGuru::ResourceCollection": { "additionalProperties": false, "properties": { "Condition": { @@ -79572,46 +85409,20 @@ "Properties": { "additionalProperties": false, "properties": { - "PeerAccountId": { - "markdownDescription": "The ID of the AWS account that owns the transit gateway.", - "title": "PeerAccountId", - "type": "string" - }, - "PeerRegion": { - "markdownDescription": "The Region where the transit gateway that you want to create the peer for is located.", - "title": "PeerRegion", - "type": "string" - }, - "PeerTransitGatewayId": { - "markdownDescription": "The ID of the transit gateway in the PeerRegion.", - "title": "PeerTransitGatewayId", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags for the transit gateway peering attachment.", - "title": "Tags", - "type": "array" - }, - "TransitGatewayId": { - "markdownDescription": "The ID of the transit gateway peering attachment.", - "title": "TransitGatewayId", - "type": "string" + "ResourceCollectionFilter": { + "$ref": "#/definitions/AWS::DevOpsGuru::ResourceCollection.ResourceCollectionFilter", + "markdownDescription": "Information about a filter used to specify which AWS resources are analyzed for anomalous behavior by DevOps Guru.", + "title": "ResourceCollectionFilter" } }, "required": [ - "PeerAccountId", - "PeerRegion", - "PeerTransitGatewayId", - "TransitGatewayId" + "ResourceCollectionFilter" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::TransitGatewayPeeringAttachment" + "AWS::DevOpsGuru::ResourceCollection" ], "type": "string" }, @@ -79630,23 +85441,59 @@ ], "type": "object" }, - "AWS::EC2::TransitGatewayPeeringAttachment.PeeringAttachmentStatus": { + "AWS::DevOpsGuru::ResourceCollection.CloudFormationCollectionFilter": { "additionalProperties": false, "properties": { - "Code": { - "markdownDescription": "The status code.", - "title": "Code", - "type": "string" + "StackNames": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of CloudFormation stack names.", + "title": "StackNames", + "type": "array" + } + }, + "type": "object" + }, + "AWS::DevOpsGuru::ResourceCollection.ResourceCollectionFilter": { + "additionalProperties": false, + "properties": { + "CloudFormation": { + "$ref": "#/definitions/AWS::DevOpsGuru::ResourceCollection.CloudFormationCollectionFilter", + "markdownDescription": "Information about AWS CloudFormation stacks. You can use up to 1000 stacks to specify which AWS resources in your account to analyze. For more information, see [Stacks](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacks.html) in the *AWS CloudFormation User Guide* .", + "title": "CloudFormation" }, - "Message": { - "markdownDescription": "The status message, if applicable.", - "title": "Message", + "Tags": { + "items": { + "$ref": "#/definitions/AWS::DevOpsGuru::ResourceCollection.TagCollection" + }, + "markdownDescription": "The AWS tags used to filter the resources in the resource collection.\n\nTags help you identify and organize your AWS resources. Many AWS services support tagging, so you can assign the same tag to resources from different services to indicate that the resources are related. For example, you can assign the same tag to an Amazon DynamoDB table resource that you assign to an AWS Lambda function. For more information about using tags, see the [Tagging best practices](https://docs.aws.amazon.com/whitepapers/latest/tagging-best-practices/tagging-best-practices.html) whitepaper.\n\nEach AWS tag has two parts.\n\n- A tag *key* (for example, `CostCenter` , `Environment` , `Project` , or `Secret` ). Tag *keys* are case-sensitive.\n- A field known as a tag *value* (for example, `111122223333` , `Production` , or a team name). Omitting the tag *value* is the same as using an empty string. Like tag *keys* , tag *values* are case-sensitive. The tag value is a required property when AppBoundaryKey is specified.\n\nTogether these are known as *key* - *value* pairs.\n\n> The string used for a *key* in a tag that you use to define your resource coverage must begin with the prefix `Devops-guru-` . The tag *key* might be `DevOps-Guru-deployment-application` or `devops-guru-rds-application` . When you create a *key* , the case of characters in the *key* can be whatever you choose. After you create a *key* , it is case-sensitive. For example, DevOps Guru works with a *key* named `devops-guru-rds` and a *key* named `DevOps-Guru-RDS` , and these act as two different *keys* . Possible *key* / *value* pairs in your application might be `Devops-Guru-production-application/RDS` or `Devops-Guru-production-application/containers` .", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "AWS::DevOpsGuru::ResourceCollection.TagCollection": { + "additionalProperties": false, + "properties": { + "AppBoundaryKey": { + "markdownDescription": "An AWS tag *key* that is used to identify the AWS resources that DevOps Guru analyzes. All AWS resources in your account and Region tagged with this *key* make up your DevOps Guru application and analysis boundary.\n\n> When you create a *key* , the case of characters in the *key* can be whatever you choose. After you create a *key* , it is case-sensitive. For example, DevOps Guru works with a *key* named `devops-guru-rds` and a *key* named `DevOps-Guru-RDS` , and these act as two different *keys* . Possible *key* / *value* pairs in your application might be `Devops-Guru-production-application/RDS` or `Devops-Guru-production-application/containers` .", + "title": "AppBoundaryKey", "type": "string" + }, + "TagValues": { + "items": { + "type": "string" + }, + "markdownDescription": "The values in an AWS tag collection.\n\nThe tag's *value* is a field used to associate a string with the tag *key* (for example, `111122223333` , `Production` , or a team name). The *key* and *value* are the tag's *key* pair. Omitting the tag *value* is the same as using an empty string. Like tag *keys* , tag *values* are case-sensitive. You can specify a maximum of 256 characters for a tag value. The tag value is a required property when *AppBoundaryKey* is specified.", + "title": "TagValues", + "type": "array" } }, "type": "object" }, - "AWS::EC2::TransitGatewayRoute": { + "AWS::DirectoryService::MicrosoftAD": { "additionalProperties": false, "properties": { "Condition": { @@ -79681,35 +85528,52 @@ "Properties": { "additionalProperties": false, "properties": { - "Blackhole": { - "markdownDescription": "Indicates whether to drop traffic that matches this route.", - "title": "Blackhole", + "CreateAlias": { + "markdownDescription": "Specifies an alias for a directory and assigns the alias to the directory. The alias is used to construct the access URL for the directory, such as `http://.awsapps.com` . By default, AWS CloudFormation does not create an alias.\n\n> After an alias has been created, it cannot be deleted or reused, so this operation should only be used when absolutely necessary.", + "title": "CreateAlias", "type": "boolean" }, - "DestinationCidrBlock": { - "markdownDescription": "The CIDR block used for destination matches.", - "title": "DestinationCidrBlock", + "Edition": { + "markdownDescription": "AWS Managed Microsoft AD is available in two editions: `Standard` and `Enterprise` . `Enterprise` is the default.", + "title": "Edition", "type": "string" }, - "TransitGatewayAttachmentId": { - "markdownDescription": "The ID of the attachment.", - "title": "TransitGatewayAttachmentId", + "EnableSso": { + "markdownDescription": "Whether to enable single sign-on for a Microsoft Active Directory in AWS . Single sign-on allows users in your directory to access certain AWS services from a computer joined to the directory without having to enter their credentials separately. If you don't specify a value, AWS CloudFormation disables single sign-on by default.", + "title": "EnableSso", + "type": "boolean" + }, + "Name": { + "markdownDescription": "The fully qualified domain name for the AWS Managed Microsoft AD directory, such as `corp.example.com` . This name will resolve inside your VPC only. It does not need to be publicly resolvable.", + "title": "Name", "type": "string" }, - "TransitGatewayRouteTableId": { - "markdownDescription": "The ID of the transit gateway route table.", - "title": "TransitGatewayRouteTableId", + "Password": { + "markdownDescription": "The password for the default administrative user named `Admin` .\n\nIf you need to change the password for the administrator account, see the [ResetUserPassword](https://docs.aws.amazon.com/directoryservice/latest/devguide/API_ResetUserPassword.html) API call in the *AWS Directory Service API Reference* .", + "title": "Password", + "type": "string" + }, + "ShortName": { + "markdownDescription": "The NetBIOS name for your domain, such as `CORP` . If you don't specify a NetBIOS name, it will default to the first part of your directory DNS. For example, `CORP` for the directory DNS `corp.example.com` .", + "title": "ShortName", "type": "string" + }, + "VpcSettings": { + "$ref": "#/definitions/AWS::DirectoryService::MicrosoftAD.VpcSettings", + "markdownDescription": "Specifies the VPC settings of the Microsoft AD directory server in AWS .", + "title": "VpcSettings" } }, "required": [ - "TransitGatewayRouteTableId" + "Name", + "Password", + "VpcSettings" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::TransitGatewayRoute" + "AWS::DirectoryService::MicrosoftAD" ], "type": "string" }, @@ -79728,7 +85592,30 @@ ], "type": "object" }, - "AWS::EC2::TransitGatewayRouteTable": { + "AWS::DirectoryService::MicrosoftAD.VpcSettings": { + "additionalProperties": false, + "properties": { + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The identifiers of the subnets for the directory servers. The two subnets must be in different Availability Zones. AWS Directory Service specifies a directory server and a DNS server in each of these subnets.", + "title": "SubnetIds", + "type": "array" + }, + "VpcId": { + "markdownDescription": "The identifier of the VPC in which to create the directory.", + "title": "VpcId", + "type": "string" + } + }, + "required": [ + "SubnetIds", + "VpcId" + ], + "type": "object" + }, + "AWS::DirectoryService::SimpleAD": { "additionalProperties": false, "properties": { "Condition": { @@ -79763,28 +85650,57 @@ "Properties": { "additionalProperties": false, "properties": { - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Any tags assigned to the route table.", - "title": "Tags", - "type": "array" + "CreateAlias": { + "markdownDescription": "If set to `true` , specifies an alias for a directory and assigns the alias to the directory. The alias is used to construct the access URL for the directory, such as `http://.awsapps.com` . By default, this property is set to `false` .\n\n> After an alias has been created, it cannot be deleted or reused, so this operation should only be used when absolutely necessary.", + "title": "CreateAlias", + "type": "boolean" }, - "TransitGatewayId": { - "markdownDescription": "The ID of the transit gateway.", - "title": "TransitGatewayId", + "Description": { + "markdownDescription": "A description for the directory.", + "title": "Description", + "type": "string" + }, + "EnableSso": { + "markdownDescription": "Whether to enable single sign-on for a directory. If you don't specify a value, AWS CloudFormation disables single sign-on by default.", + "title": "EnableSso", + "type": "boolean" + }, + "Name": { + "markdownDescription": "The fully qualified name for the directory, such as `corp.example.com` .", + "title": "Name", + "type": "string" + }, + "Password": { + "markdownDescription": "The password for the directory administrator. The directory creation process creates a directory administrator account with the user name `Administrator` and this password.\n\nIf you need to change the password for the administrator account, see the [ResetUserPassword](https://docs.aws.amazon.com/directoryservice/latest/devguide/API_ResetUserPassword.html) API call in the *AWS Directory Service API Reference* .", + "title": "Password", + "type": "string" + }, + "ShortName": { + "markdownDescription": "The NetBIOS name of the directory, such as `CORP` .", + "title": "ShortName", "type": "string" + }, + "Size": { + "markdownDescription": "The size of the directory. For valid values, see [CreateDirectory](https://docs.aws.amazon.com/directoryservice/latest/devguide/API_CreateDirectory.html) in the *AWS Directory Service API Reference* .", + "title": "Size", + "type": "string" + }, + "VpcSettings": { + "$ref": "#/definitions/AWS::DirectoryService::SimpleAD.VpcSettings", + "markdownDescription": "A [DirectoryVpcSettings](https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DirectoryVpcSettings.html) object that contains additional information for the operation.", + "title": "VpcSettings" } }, "required": [ - "TransitGatewayId" + "Name", + "Size", + "VpcSettings" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::TransitGatewayRouteTable" + "AWS::DirectoryService::SimpleAD" ], "type": "string" }, @@ -79803,7 +85719,30 @@ ], "type": "object" }, - "AWS::EC2::TransitGatewayRouteTableAssociation": { + "AWS::DirectoryService::SimpleAD.VpcSettings": { + "additionalProperties": false, + "properties": { + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The identifiers of the subnets for the directory servers. The two subnets must be in different Availability Zones. AWS Directory Service specifies a directory server and a DNS server in each of these subnets.", + "title": "SubnetIds", + "type": "array" + }, + "VpcId": { + "markdownDescription": "The identifier of the VPC in which to create the directory.", + "title": "VpcId", + "type": "string" + } + }, + "required": [ + "SubnetIds", + "VpcId" + ], + "type": "object" + }, + "AWS::DocDB::DBCluster": { "additionalProperties": false, "properties": { "Condition": { @@ -79838,210 +85777,174 @@ "Properties": { "additionalProperties": false, "properties": { - "TransitGatewayAttachmentId": { - "markdownDescription": "The ID of the attachment.", - "title": "TransitGatewayAttachmentId", - "type": "string" + "AvailabilityZones": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of Amazon EC2 Availability Zones that instances in the cluster can be created in.", + "title": "AvailabilityZones", + "type": "array" }, - "TransitGatewayRouteTableId": { - "markdownDescription": "The ID of the route table for the transit gateway.", - "title": "TransitGatewayRouteTableId", - "type": "string" - } - }, - "required": [ - "TransitGatewayAttachmentId", - "TransitGatewayRouteTableId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::EC2::TransitGatewayRouteTableAssociation" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::EC2::TransitGatewayRouteTablePropagation": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + "BackupRetentionPeriod": { + "markdownDescription": "The number of days for which automated backups are retained. You must specify a minimum value of 1.\n\nDefault: 1\n\nConstraints:\n\n- Must be a value from 1 to 35.", + "title": "BackupRetentionPeriod", + "type": "number" + }, + "CopyTagsToSnapshot": { + "markdownDescription": "Set to `true` to copy all tags from the source cluster snapshot to the target cluster snapshot, and otherwise `false` . The default is `false` .", + "title": "CopyTagsToSnapshot", + "type": "boolean" + }, + "DBClusterIdentifier": { + "markdownDescription": "The cluster identifier. This parameter is stored as a lowercase string.\n\nConstraints:\n\n- Must contain from 1 to 63 letters, numbers, or hyphens.\n- The first character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.\n\nExample: `my-cluster`", + "title": "DBClusterIdentifier", "type": "string" }, - { + "DBClusterParameterGroupName": { + "markdownDescription": "The name of the cluster parameter group to associate with this cluster.", + "title": "DBClusterParameterGroupName", + "type": "string" + }, + "DBSubnetGroupName": { + "markdownDescription": "A subnet group to associate with this cluster.\n\nConstraints: Must match the name of an existing `DBSubnetGroup` . Must not be default.\n\nExample: `mySubnetgroup`", + "title": "DBSubnetGroupName", + "type": "string" + }, + "DeletionProtection": { + "markdownDescription": "Protects clusters from being accidentally deleted. If enabled, the cluster cannot be deleted unless it is modified and `DeletionProtection` is disabled.", + "title": "DeletionProtection", + "type": "boolean" + }, + "EnableCloudwatchLogsExports": { "items": { - "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, + "markdownDescription": "The list of log types that need to be enabled for exporting to Amazon CloudWatch Logs. You can enable audit logs or profiler logs. For more information, see [Auditing Amazon DocumentDB Events](https://docs.aws.amazon.com/documentdb/latest/developerguide/event-auditing.html) and [Profiling Amazon DocumentDB Operations](https://docs.aws.amazon.com/documentdb/latest/developerguide/profiling.html) .", + "title": "EnableCloudwatchLogsExports", "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "TransitGatewayAttachmentId": { - "markdownDescription": "The ID of the attachment.", - "title": "TransitGatewayAttachmentId", + }, + "EngineVersion": { + "markdownDescription": "The version number of the database engine to use. The `--engine-version` will default to the latest major engine version. For production workloads, we recommend explicitly declaring this parameter with the intended major engine version.\n\nIf you intend to trigger an in-place upgrade, please refer to [Amazon DocumentDB in-place major version upgrade](https://docs.aws.amazon.com/documentdb/latest/developerguide/docdb-mvu.html) . Note that for an in-place engine version upgrade, you need to remove other cluster properties changes (e.g. SecurityGroupId) from the CFN template.", + "title": "EngineVersion", "type": "string" }, - "TransitGatewayRouteTableId": { - "markdownDescription": "The ID of the propagation route table.", - "title": "TransitGatewayRouteTableId", + "GlobalClusterIdentifier": { + "markdownDescription": "The cluster identifier of the new global cluster.", + "title": "GlobalClusterIdentifier", "type": "string" - } - }, - "required": [ - "TransitGatewayAttachmentId", - "TransitGatewayRouteTableId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::EC2::TransitGatewayRouteTablePropagation" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::EC2::TransitGatewayVpcAttachment": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + }, + "KmsKeyId": { + "markdownDescription": "The AWS KMS key identifier for an encrypted cluster.\n\nThe AWS KMS key identifier is the Amazon Resource Name (ARN) for the AWS KMS encryption key. If you are creating a cluster using the same AWS account that owns the AWS KMS encryption key that is used to encrypt the new cluster, you can use the AWS KMS key alias instead of the ARN for the AWS KMS encryption key.\n\nIf an encryption key is not specified in `KmsKeyId` :\n\n- If the `StorageEncrypted` parameter is `true` , Amazon DocumentDB uses your default encryption key.\n\nAWS KMS creates the default encryption key for your AWS account . Your AWS account has a different default encryption key for each AWS Regions .", + "title": "KmsKeyId", "type": "string" }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AddSubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of one or more subnets to add. You can specify at most one subnet per Availability Zone.", - "title": "AddSubnetIds", - "type": "array" + "ManageMasterUserPassword": { + "markdownDescription": "Specifies whether to manage the master user password with Amazon Web Services Secrets Manager.\n\nConstraint: You can't manage the master user password with Amazon Web Services Secrets Manager if `MasterUserPassword` is specified.", + "title": "ManageMasterUserPassword", + "type": "boolean" }, - "Options": { - "$ref": "#/definitions/AWS::EC2::TransitGatewayVpcAttachment.Options", - "markdownDescription": "The VPC attachment options.", - "title": "Options" + "MasterUserPassword": { + "markdownDescription": "The password for the master database user. This password can contain any printable ASCII character except forward slash (/), double quote (\"), or the \"at\" symbol (@).\n\nConstraints: Must contain from 8 to 100 characters.", + "title": "MasterUserPassword", + "type": "string" }, - "RemoveSubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of one or more subnets to remove.", - "title": "RemoveSubnetIds", - "type": "array" + "MasterUserSecretKmsKeyId": { + "markdownDescription": "The Amazon Web Services KMS key identifier to encrypt a secret that is automatically generated and managed in Amazon Web Services Secrets Manager. This setting is valid only if the master user password is managed by Amazon DocumentDB in Amazon Web Services Secrets Manager for the DB cluster.\n\nThe Amazon Web Services KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key. To use a KMS key in a different Amazon Web Services account, specify the key ARN or alias ARN.\n\nIf you don't specify `MasterUserSecretKmsKeyId` , then the `aws/secretsmanager` KMS key is used to encrypt the secret. If the secret is in a different Amazon Web Services account, then you can't use the `aws/secretsmanager` KMS key to encrypt the secret, and you must use a customer managed KMS key.\n\nThere is a default KMS key for your Amazon Web Services account. Your Amazon Web Services account has a different default KMS key for each Amazon Web Services Region.", + "title": "MasterUserSecretKmsKeyId", + "type": "string" }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the subnets.", - "title": "SubnetIds", - "type": "array" + "MasterUsername": { + "markdownDescription": "The name of the master user for the cluster.\n\nConstraints:\n\n- Must be from 1 to 63 letters or numbers.\n- The first character must be a letter.\n- Cannot be a reserved word for the chosen database engine.", + "title": "MasterUsername", + "type": "string" + }, + "NetworkType": { + "markdownDescription": "", + "title": "NetworkType", + "type": "string" + }, + "Port": { + "markdownDescription": "Specifies the port that the database engine is listening on.", + "title": "Port", + "type": "number" + }, + "PreferredBackupWindow": { + "markdownDescription": "The daily time range during which automated backups are created if automated backups are enabled using the `BackupRetentionPeriod` parameter.\n\nThe default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region .\n\nConstraints:\n\n- Must be in the format `hh24:mi-hh24:mi` .\n- Must be in Universal Coordinated Time (UTC).\n- Must not conflict with the preferred maintenance window.\n- Must be at least 30 minutes.", + "title": "PreferredBackupWindow", + "type": "string" + }, + "PreferredMaintenanceWindow": { + "markdownDescription": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n\nFormat: `ddd:hh24:mi-ddd:hh24:mi`\n\nThe default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region , occurring on a random day of the week.\n\nValid days: Mon, Tue, Wed, Thu, Fri, Sat, Sun\n\nConstraints: Minimum 30-minute window.", + "title": "PreferredMaintenanceWindow", + "type": "string" + }, + "RestoreToTime": { + "markdownDescription": "The date and time to restore the cluster to.\n\nValid values: A time in Universal Coordinated Time (UTC) format.\n\nConstraints:\n\n- Must be before the latest restorable time for the instance.\n- Must be specified if the `UseLatestRestorableTime` parameter is not provided.\n- Cannot be specified if the `UseLatestRestorableTime` parameter is `true` .\n- Cannot be specified if the `RestoreType` parameter is `copy-on-write` .\n\nExample: `2015-03-07T23:45:00Z`", + "title": "RestoreToTime", + "type": "string" + }, + "RestoreType": { + "markdownDescription": "The type of restore to be performed. You can specify one of the following values:\n\n- `full-copy` - The new DB cluster is restored as a full copy of the source DB cluster.\n- `copy-on-write` - The new DB cluster is restored as a clone of the source DB cluster.\n\nConstraints: You can't specify `copy-on-write` if the engine version of the source DB cluster is earlier than 1.11.\n\nIf you don't specify a `RestoreType` value, then the new DB cluster is restored as a full copy of the source DB cluster.", + "title": "RestoreType", + "type": "string" + }, + "RotateMasterUserPassword": { + "markdownDescription": "Specifies whether to rotate the secret managed by Amazon Web Services Secrets Manager for the master user password.\n\nThis setting is valid only if the master user password is managed by Amazon DocumentDB in Amazon Web Services Secrets Manager for the cluster. The secret value contains the updated password.\n\nConstraint: You must apply the change immediately when rotating the master user password.", + "title": "RotateMasterUserPassword", + "type": "boolean" + }, + "ServerlessV2ScalingConfiguration": { + "$ref": "#/definitions/AWS::DocDB::DBCluster.ServerlessV2ScalingConfiguration", + "markdownDescription": "", + "title": "ServerlessV2ScalingConfiguration" + }, + "SnapshotIdentifier": { + "markdownDescription": "The identifier for the snapshot or cluster snapshot to restore from.\n\nYou can use either the name or the Amazon Resource Name (ARN) to specify a cluster snapshot. However, you can use only the ARN to specify a snapshot.\n\nConstraints:\n\n- Must match the identifier of an existing snapshot.", + "title": "SnapshotIdentifier", + "type": "string" + }, + "SourceDBClusterIdentifier": { + "markdownDescription": "The identifier of the source cluster from which to restore.\n\nConstraints:\n\n- Must match the identifier of an existing `DBCluster` .", + "title": "SourceDBClusterIdentifier", + "type": "string" + }, + "StorageEncrypted": { + "markdownDescription": "Specifies whether the cluster is encrypted.\n\nIf you specify `SourceDBClusterIdentifier` or `SnapshotIdentifier` and don\u2019t specify `StorageEncrypted` , the encryption property is inherited from the source cluster or snapshot (unless `KMSKeyId` is specified, in which case the restored cluster will be encrypted with that KMS key). If the source is encrypted and `StorageEncrypted` is specified to be true, the restored cluster will be encrypted (if you want to use a different KMS key, specify the `KMSKeyId` property as well). If the source is unencrypted and `StorageEncrypted` is specified to be true, then the `KMSKeyId` property must be specified. If the source is encrypted, don\u2019t specify `StorageEncrypted` to be false as opting out of encryption is not allowed.", + "title": "StorageEncrypted", + "type": "boolean" + }, + "StorageType": { + "markdownDescription": "The storage type to associate with the DB cluster.\n\nFor information on storage types for Amazon DocumentDB clusters, see Cluster storage configurations in the *Amazon DocumentDB Developer Guide* .\n\nValid values for storage type - `standard | iopt1`\n\nDefault value is `standard`\n\n> When you create a DocumentDB DB cluster with the storage type set to `iopt1` , the storage type is returned in the response. The storage type isn't returned when you set it to `standard` .", + "title": "StorageType", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags for the VPC attachment.", + "markdownDescription": "The tags to be assigned to the cluster.", "title": "Tags", "type": "array" }, - "TransitGatewayId": { - "markdownDescription": "The ID of the transit gateway.", - "title": "TransitGatewayId", - "type": "string" + "UseLatestRestorableTime": { + "markdownDescription": "A value that is set to `true` to restore the cluster to the latest restorable backup time, and `false` otherwise.\n\nDefault: `false`\n\nConstraints: Cannot be specified if the `RestoreToTime` parameter is provided.", + "title": "UseLatestRestorableTime", + "type": "boolean" }, - "VpcId": { - "markdownDescription": "The ID of the VPC.", - "title": "VpcId", - "type": "string" + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of EC2 VPC security groups to associate with this cluster.", + "title": "VpcSecurityGroupIds", + "type": "array" } }, - "required": [ - "SubnetIds", - "TransitGatewayId", - "VpcId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::TransitGatewayVpcAttachment" + "AWS::DocDB::DBCluster" ], "type": "string" }, @@ -80055,33 +85958,31 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::EC2::TransitGatewayVpcAttachment.Options": { + "AWS::DocDB::DBCluster.ServerlessV2ScalingConfiguration": { "additionalProperties": false, "properties": { - "ApplianceModeSupport": { - "markdownDescription": "Enable or disable appliance mode support. The default is `disable` .", - "title": "ApplianceModeSupport", - "type": "string" - }, - "DnsSupport": { - "markdownDescription": "Enable or disable DNS support. The default is `disable` .", - "title": "DnsSupport", - "type": "string" + "MaxCapacity": { + "markdownDescription": "", + "title": "MaxCapacity", + "type": "number" }, - "Ipv6Support": { - "markdownDescription": "Enable or disable IPv6 support. The default is `disable` .", - "title": "Ipv6Support", - "type": "string" + "MinCapacity": { + "markdownDescription": "", + "title": "MinCapacity", + "type": "number" } }, + "required": [ + "MaxCapacity", + "MinCapacity" + ], "type": "object" }, - "AWS::EC2::VPC": { + "AWS::DocDB::DBClusterParameterGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -80116,50 +86017,45 @@ "Properties": { "additionalProperties": false, "properties": { - "CidrBlock": { - "markdownDescription": "The IPv4 network range for the VPC, in CIDR notation. For example, `10.0.0.0/16` . We modify the specified CIDR block to its canonical form; for example, if you specify `100.68.0.18/18` , we modify it to `100.68.0.0/18` .\n\nYou must specify either `CidrBlock` or `Ipv4IpamPoolId` .", - "title": "CidrBlock", + "Description": { + "markdownDescription": "The description for the cluster parameter group.", + "title": "Description", "type": "string" }, - "EnableDnsHostnames": { - "markdownDescription": "Indicates whether the instances launched in the VPC get DNS hostnames. If enabled, instances in the VPC get DNS hostnames; otherwise, they do not. Disabled by default for nondefault VPCs. For more information, see [DNS attributes in your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-dns.html#vpc-dns-support) .\n\nYou can only enable DNS hostnames if you've enabled DNS support.", - "title": "EnableDnsHostnames", - "type": "boolean" - }, - "EnableDnsSupport": { - "markdownDescription": "Indicates whether the DNS resolution is supported for the VPC. If enabled, queries to the Amazon provided DNS server at the 169.254.169.253 IP address, or the reserved IP address at the base of the VPC network range \"plus two\" succeed. If disabled, the Amazon provided DNS service in the VPC that resolves public DNS hostnames to IP addresses is not enabled. Enabled by default. For more information, see [DNS attributes in your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-dns.html#vpc-dns-support) .", - "title": "EnableDnsSupport", - "type": "boolean" - }, - "InstanceTenancy": { - "markdownDescription": "The allowed tenancy of instances launched into the VPC.\n\n- `default` : An instance launched into the VPC runs on shared hardware by default, unless you explicitly specify a different tenancy during instance launch.\n- `dedicated` : An instance launched into the VPC runs on dedicated hardware by default, unless you explicitly specify a tenancy of `host` during instance launch. You cannot specify a tenancy of `default` during instance launch.\n\nUpdating `InstanceTenancy` requires no replacement only if you are updating its value from `dedicated` to `default` . Updating `InstanceTenancy` from `default` to `dedicated` requires replacement.", - "title": "InstanceTenancy", + "Family": { + "markdownDescription": "The cluster parameter group family name.", + "title": "Family", "type": "string" }, - "Ipv4IpamPoolId": { - "markdownDescription": "The ID of an IPv4 IPAM pool you want to use for allocating this VPC's CIDR. For more information, see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide* .\n\nYou must specify either `CidrBlock` or `Ipv4IpamPoolId` .", - "title": "Ipv4IpamPoolId", + "Name": { + "markdownDescription": "The name of the DB cluster parameter group.\n\nConstraints:\n\n- Must not match the name of an existing `DBClusterParameterGroup` .\n\n> This value is stored as a lowercase string.", + "title": "Name", "type": "string" }, - "Ipv4NetmaskLength": { - "markdownDescription": "The netmask length of the IPv4 CIDR you want to allocate to this VPC from an Amazon VPC IP Address Manager (IPAM) pool. For more information about IPAM, see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide* .", - "title": "Ipv4NetmaskLength", - "type": "number" + "Parameters": { + "markdownDescription": "Provides a list of parameters for the cluster parameter group.", + "title": "Parameters", + "type": "object" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags for the VPC.", + "markdownDescription": "The tags to be assigned to the cluster parameter group.", "title": "Tags", "type": "array" } }, + "required": [ + "Description", + "Family", + "Parameters" + ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::VPC" + "AWS::DocDB::DBClusterParameterGroup" ], "type": "string" }, @@ -80173,11 +86069,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::EC2::VPCCidrBlock": { + "AWS::DocDB::DBInstance": { "additionalProperties": false, "properties": { "Condition": { @@ -80212,60 +86109,69 @@ "Properties": { "additionalProperties": false, "properties": { - "AmazonProvidedIpv6CidrBlock": { - "markdownDescription": "Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC. You cannot specify the range of IPv6 addresses or the size of the CIDR block.", - "title": "AmazonProvidedIpv6CidrBlock", + "AutoMinorVersionUpgrade": { + "markdownDescription": "This parameter does not apply to Amazon DocumentDB. Amazon DocumentDB does not perform minor version upgrades regardless of the value set.\n\nDefault: `false`", + "title": "AutoMinorVersionUpgrade", "type": "boolean" }, - "CidrBlock": { - "markdownDescription": "An IPv4 CIDR block to associate with the VPC.", - "title": "CidrBlock", + "AvailabilityZone": { + "markdownDescription": "The Amazon EC2 Availability Zone that the instance is created in.\n\nDefault: A random, system-chosen Availability Zone in the endpoint's AWS Region .\n\nExample: `us-east-1d`", + "title": "AvailabilityZone", "type": "string" }, - "Ipv4IpamPoolId": { - "markdownDescription": "Associate a CIDR allocated from an IPv4 IPAM pool to a VPC. For more information about Amazon VPC IP Address Manager (IPAM), see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide* .", - "title": "Ipv4IpamPoolId", + "CACertificateIdentifier": { + "markdownDescription": "The identifier of the CA certificate for this DB instance.", + "title": "CACertificateIdentifier", "type": "string" }, - "Ipv4NetmaskLength": { - "markdownDescription": "The netmask length of the IPv4 CIDR you would like to associate from an Amazon VPC IP Address Manager (IPAM) pool. For more information about IPAM, see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide* .", - "title": "Ipv4NetmaskLength", - "type": "number" + "CertificateRotationRestart": { + "markdownDescription": "Specifies whether the DB instance is restarted when you rotate your SSL/TLS certificate.\n\nBy default, the DB instance is restarted when you rotate your SSL/TLS certificate. The certificate is not updated until the DB instance is restarted.\n\n> Set this parameter only if you are *not* using SSL/TLS to connect to the DB instance. \n\nIf you are using SSL/TLS to connect to the DB instance, see [Updating Your Amazon DocumentDB TLS Certificates](https://docs.aws.amazon.com/documentdb/latest/developerguide/ca_cert_rotation.html) and [Encrypting Data in Transit](https://docs.aws.amazon.com/documentdb/latest/developerguide/security.encryption.ssl.html) in the *Amazon DocumentDB Developer Guide* .", + "title": "CertificateRotationRestart", + "type": "boolean" }, - "Ipv6CidrBlock": { - "markdownDescription": "An IPv6 CIDR block from the IPv6 address pool. You must also specify `Ipv6Pool` in the request.\n\nTo let Amazon choose the IPv6 CIDR block for you, omit this parameter.", - "title": "Ipv6CidrBlock", + "DBClusterIdentifier": { + "markdownDescription": "The identifier of the cluster that the instance will belong to.", + "title": "DBClusterIdentifier", "type": "string" }, - "Ipv6IpamPoolId": { - "markdownDescription": "Associates a CIDR allocated from an IPv6 IPAM pool to a VPC. For more information about Amazon VPC IP Address Manager (IPAM), see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide* .", - "title": "Ipv6IpamPoolId", + "DBInstanceClass": { + "markdownDescription": "The compute and memory capacity of the instance; for example, `db.m4.large` . If you change the class of an instance there can be some interruption in the cluster's service.", + "title": "DBInstanceClass", "type": "string" }, - "Ipv6NetmaskLength": { - "markdownDescription": "The netmask length of the IPv6 CIDR you would like to associate from an Amazon VPC IP Address Manager (IPAM) pool. For more information about IPAM, see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide* .", - "title": "Ipv6NetmaskLength", - "type": "number" - }, - "Ipv6Pool": { - "markdownDescription": "The ID of an IPv6 address pool from which to allocate the IPv6 CIDR block.", - "title": "Ipv6Pool", + "DBInstanceIdentifier": { + "markdownDescription": "The instance identifier. This parameter is stored as a lowercase string.\n\nConstraints:\n\n- Must contain from 1 to 63 letters, numbers, or hyphens.\n- The first character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.\n\nExample: `mydbinstance`", + "title": "DBInstanceIdentifier", "type": "string" }, - "VpcId": { - "markdownDescription": "The ID of the VPC.", - "title": "VpcId", + "EnablePerformanceInsights": { + "markdownDescription": "A value that indicates whether to enable Performance Insights for the DB Instance. For more information, see [Using Amazon Performance Insights](https://docs.aws.amazon.com/documentdb/latest/developerguide/performance-insights.html) .", + "title": "EnablePerformanceInsights", + "type": "boolean" + }, + "PreferredMaintenanceWindow": { + "markdownDescription": "The time range each week during which system maintenance can occur, in Universal Coordinated Time (UTC).\n\nFormat: `ddd:hh24:mi-ddd:hh24:mi`\n\nThe default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region , occurring on a random day of the week.\n\nValid days: Mon, Tue, Wed, Thu, Fri, Sat, Sun\n\nConstraints: Minimum 30-minute window.", + "title": "PreferredMaintenanceWindow", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to be assigned to the instance. You can assign up to 10 tags to an instance.", + "title": "Tags", + "type": "array" } }, "required": [ - "VpcId" + "DBClusterIdentifier", + "DBInstanceClass" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::VPCCidrBlock" + "AWS::DocDB::DBInstance" ], "type": "string" }, @@ -80284,7 +86190,7 @@ ], "type": "object" }, - "AWS::EC2::VPCDHCPOptionsAssociation": { + "AWS::DocDB::DBSubnetGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -80319,26 +86225,42 @@ "Properties": { "additionalProperties": false, "properties": { - "DhcpOptionsId": { - "markdownDescription": "The ID of the DHCP options set, or `default` to associate no DHCP options with the VPC.", - "title": "DhcpOptionsId", + "DBSubnetGroupDescription": { + "markdownDescription": "The description for the subnet group.", + "title": "DBSubnetGroupDescription", "type": "string" }, - "VpcId": { - "markdownDescription": "The ID of the VPC.", - "title": "VpcId", + "DBSubnetGroupName": { + "markdownDescription": "The name for the subnet group. This value is stored as a lowercase string.\n\nConstraints: Must contain no more than 255 letters, numbers, periods, underscores, spaces, or hyphens. Must not be default.\n\nExample: `mySubnetgroup`", + "title": "DBSubnetGroupName", "type": "string" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon EC2 subnet IDs for the subnet group.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to be assigned to the subnet group.", + "title": "Tags", + "type": "array" } }, "required": [ - "DhcpOptionsId", - "VpcId" + "DBSubnetGroupDescription", + "SubnetIds" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::VPCDHCPOptionsAssociation" + "AWS::DocDB::DBSubnetGroup" ], "type": "string" }, @@ -80357,7 +86279,7 @@ ], "type": "object" }, - "AWS::EC2::VPCEndpoint": { + "AWS::DocDB::EventSubscription": { "additionalProperties": false, "properties": { "Condition": { @@ -80392,65 +86314,51 @@ "Properties": { "additionalProperties": false, "properties": { - "PolicyDocument": { - "markdownDescription": "An endpoint policy, which controls access to the service from the VPC. The default endpoint policy allows full access to the service. Endpoint policies are supported only for gateway and interface endpoints.\n\nFor CloudFormation templates in YAML, you can provide the policy in JSON or YAML format. For example, if you have a JSON policy, you can convert it to YAML before including it in the YAML template, and AWS CloudFormation converts the policy to JSON format before calling the API actions for AWS PrivateLink . Alternatively, you can include the JSON directly in the YAML, as shown in the following `Properties` section:\n\n`Properties: VpcEndpointType: 'Interface' ServiceName: !Sub 'com.amazonaws.${AWS::Region}.logs' PolicyDocument: '{ \"Version\":\"2012-10-17\", \"Statement\": [{ \"Effect\":\"Allow\", \"Principal\":\"*\", \"Action\":[\"logs:Describe*\",\"logs:Get*\",\"logs:List*\",\"logs:FilterLogEvents\"], \"Resource\":\"*\" }] }'`", - "title": "PolicyDocument", - "type": "object" - }, - "PrivateDnsEnabled": { - "markdownDescription": "Indicate whether to associate a private hosted zone with the specified VPC. The private hosted zone contains a record set for the default public DNS name for the service for the Region (for example, `kinesis.us-east-1.amazonaws.com` ), which resolves to the private IP addresses of the endpoint network interfaces in the VPC. This enables you to make requests to the default public DNS name for the service instead of the public DNS names that are automatically generated by the VPC endpoint service.\n\nTo use a private hosted zone, you must set the following VPC attributes to `true` : `enableDnsHostnames` and `enableDnsSupport` .\n\nThis property is supported only for interface endpoints.\n\nDefault: `false`", - "title": "PrivateDnsEnabled", + "Enabled": { + "markdownDescription": "A Boolean value; set to `true` to activate the subscription, set to `false` to create the subscription but not active it.", + "title": "Enabled", "type": "boolean" }, - "RouteTableIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the route tables. Routing is supported only for gateway endpoints.", - "title": "RouteTableIds", - "type": "array" - }, - "SecurityGroupIds": { + "EventCategories": { "items": { "type": "string" }, - "markdownDescription": "The IDs of the security groups to associate with the endpoint network interfaces. If this parameter is not specified, we use the default security group for the VPC. Security groups are supported only for interface endpoints.", - "title": "SecurityGroupIds", + "markdownDescription": "A list of event categories for a `SourceType` that you want to subscribe to.", + "title": "EventCategories", "type": "array" }, - "ServiceName": { - "markdownDescription": "The name of the endpoint service.", - "title": "ServiceName", + "SnsTopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the SNS topic created for event notification. Amazon SNS creates the ARN when you create a topic and subscribe to it.", + "title": "SnsTopicArn", "type": "string" }, - "SubnetIds": { + "SourceIds": { "items": { "type": "string" }, - "markdownDescription": "The IDs of the subnets in which to create endpoint network interfaces. You must specify this property for an interface endpoint or a Gateway Load Balancer endpoint. You can't specify this property for a gateway endpoint. For a Gateway Load Balancer endpoint, you can specify only one subnet.", - "title": "SubnetIds", + "markdownDescription": "The list of identifiers of the event sources for which events are returned. If not specified, then all sources are included in the response. An identifier must begin with a letter and must contain only ASCII letters, digits, and hyphens; it can't end with a hyphen or contain two consecutive hyphens.\n\nConstraints:\n\n- If `SourceIds` are provided, `SourceType` must also be provided.\n- If the source type is an instance, a `DBInstanceIdentifier` must be provided.\n- If the source type is a security group, a `DBSecurityGroupName` must be provided.\n- If the source type is a parameter group, a `DBParameterGroupName` must be provided.\n- If the source type is a snapshot, a `DBSnapshotIdentifier` must be provided.", + "title": "SourceIds", "type": "array" }, - "VpcEndpointType": { - "markdownDescription": "The type of endpoint.\n\nDefault: Gateway", - "title": "VpcEndpointType", + "SourceType": { + "markdownDescription": "The type of source that is generating the events. For example, if you want to be notified of events generated by an instance, you would set this parameter to `db-instance` . If this value is not specified, all events are returned.\n\nValid values: `db-instance` , `db-cluster` , `db-parameter-group` , `db-security-group` , `db-cluster-snapshot`", + "title": "SourceType", "type": "string" }, - "VpcId": { - "markdownDescription": "The ID of the VPC.", - "title": "VpcId", + "SubscriptionName": { + "markdownDescription": "The name of the subscription.\n\nConstraints: The name must be fewer than 255 characters.", + "title": "SubscriptionName", "type": "string" } }, "required": [ - "ServiceName", - "VpcId" + "SnsTopicArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::VPCEndpoint" + "AWS::DocDB::EventSubscription" ], "type": "string" }, @@ -80469,7 +86377,7 @@ ], "type": "object" }, - "AWS::EC2::VPCEndpointConnectionNotification": { + "AWS::DocDBElastic::Cluster": { "additionalProperties": false, "properties": { "Condition": { @@ -80504,39 +86412,98 @@ "Properties": { "additionalProperties": false, "properties": { - "ConnectionEvents": { - "items": { - "type": "string" - }, - "markdownDescription": "The endpoint events for which to receive notifications. Valid values are `Accept` , `Connect` , `Delete` , and `Reject` .", - "title": "ConnectionEvents", - "type": "array" + "AdminUserName": { + "markdownDescription": "The name of the Amazon DocumentDB elastic clusters administrator.\n\n*Constraints* :\n\n- Must be from 1 to 63 letters or numbers.\n- The first character must be a letter.\n- Cannot be a reserved word.", + "title": "AdminUserName", + "type": "string" }, - "ConnectionNotificationArn": { - "markdownDescription": "The ARN of the SNS topic for the notifications.", - "title": "ConnectionNotificationArn", + "AdminUserPassword": { + "markdownDescription": "The password for the Elastic DocumentDB cluster administrator and can contain any printable ASCII characters.\n\n*Constraints* :\n\n- Must contain from 8 to 100 characters.\n- Cannot contain a forward slash (/), double quote (\"), or the \"at\" symbol (@).\n- A valid `AdminUserName` entry is also required.", + "title": "AdminUserPassword", "type": "string" }, - "ServiceId": { - "markdownDescription": "The ID of the endpoint service.", - "title": "ServiceId", + "AuthType": { + "markdownDescription": "The authentication type used to determine where to fetch the password used for accessing the elastic cluster. Valid types are `PLAIN_TEXT` or `SECRET_ARN` .", + "title": "AuthType", "type": "string" }, - "VPCEndpointId": { - "markdownDescription": "The ID of the endpoint.", - "title": "VPCEndpointId", + "BackupRetentionPeriod": { + "markdownDescription": "The number of days for which automatic snapshots are retained.", + "title": "BackupRetentionPeriod", + "type": "number" + }, + "ClusterName": { + "markdownDescription": "The name of the new elastic cluster. This parameter is stored as a lowercase string.\n\n*Constraints* :\n\n- Must contain from 1 to 63 letters, numbers, or hyphens.\n- The first character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.\n\n*Example* : `my-cluster`", + "title": "ClusterName", + "type": "string" + }, + "KmsKeyId": { + "markdownDescription": "The KMS key identifier to use to encrypt the new elastic cluster.\n\nThe KMS key identifier is the Amazon Resource Name (ARN) for the KMS encryption key. If you are creating a cluster using the same Amazon account that owns this KMS encryption key, you can use the KMS key alias instead of the ARN as the KMS encryption key.\n\nIf an encryption key is not specified, Amazon DocumentDB uses the default encryption key that KMS creates for your account. Your account has a different default encryption key for each Amazon Region.", + "title": "KmsKeyId", "type": "string" + }, + "PreferredBackupWindow": { + "markdownDescription": "The daily time range during which automated backups are created if automated backups are enabled, as determined by `backupRetentionPeriod` .", + "title": "PreferredBackupWindow", + "type": "string" + }, + "PreferredMaintenanceWindow": { + "markdownDescription": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n\n*Format* : `ddd:hh24:mi-ddd:hh24:mi`\n\n*Default* : a 30-minute window selected at random from an 8-hour block of time for each AWS Region , occurring on a random day of the week.\n\n*Valid days* : Mon, Tue, Wed, Thu, Fri, Sat, Sun\n\n*Constraints* : Minimum 30-minute window.", + "title": "PreferredMaintenanceWindow", + "type": "string" + }, + "ShardCapacity": { + "markdownDescription": "The number of vCPUs assigned to each elastic cluster shard. Maximum is 64. Allowed values are 2, 4, 8, 16, 32, 64.", + "title": "ShardCapacity", + "type": "number" + }, + "ShardCount": { + "markdownDescription": "The number of shards assigned to the elastic cluster. Maximum is 32.", + "title": "ShardCount", + "type": "number" + }, + "ShardInstanceCount": { + "markdownDescription": "The number of replica instances applying to all shards in the cluster. A `shardInstanceCount` value of 1 means there is one writer instance, and any additional instances are replicas that can be used for reads and to improve availability.", + "title": "ShardInstanceCount", + "type": "number" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon EC2 subnet IDs for the new elastic cluster.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to be assigned to the new elastic cluster.", + "title": "Tags", + "type": "array" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of EC2 VPC security groups to associate with the new elastic cluster.", + "title": "VpcSecurityGroupIds", + "type": "array" } }, "required": [ - "ConnectionEvents", - "ConnectionNotificationArn" + "AdminUserName", + "AuthType", + "ClusterName", + "ShardCapacity", + "ShardCount" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::VPCEndpointConnectionNotification" + "AWS::DocDBElastic::Cluster" ], "type": "string" }, @@ -80555,7 +86522,7 @@ ], "type": "object" }, - "AWS::EC2::VPCEndpointService": { + "AWS::DynamoDB::GlobalTable": { "additionalProperties": false, "properties": { "Condition": { @@ -80590,117 +86557,110 @@ "Properties": { "additionalProperties": false, "properties": { - "AcceptanceRequired": { - "markdownDescription": "Indicates whether requests from service consumers to create an endpoint to your service must be accepted.", - "title": "AcceptanceRequired", - "type": "boolean" + "AttributeDefinitions": { + "items": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.AttributeDefinition" + }, + "markdownDescription": "A list of attributes that describe the key schema for the global table and indexes.", + "title": "AttributeDefinitions", + "type": "array" }, - "ContributorInsightsEnabled": { - "markdownDescription": "Indicates whether to enable the built-in Contributor Insights rules provided by AWS PrivateLink .", - "title": "ContributorInsightsEnabled", - "type": "boolean" + "BillingMode": { + "markdownDescription": "Specifies how you are charged for read and write throughput and how you manage capacity. Valid values are:\n\n- `PAY_PER_REQUEST`\n- `PROVISIONED`\n\nAll replicas in your global table will have the same billing mode. If you use `PROVISIONED` billing mode, you must provide an auto scaling configuration via the `WriteProvisionedThroughputSettings` property. The default value of this property is `PROVISIONED` .", + "title": "BillingMode", + "type": "string" }, - "GatewayLoadBalancerArns": { + "GlobalSecondaryIndexes": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.GlobalSecondaryIndex" }, - "markdownDescription": "The Amazon Resource Names (ARNs) of the Gateway Load Balancers.", - "title": "GatewayLoadBalancerArns", + "markdownDescription": "Global secondary indexes to be created on the global table. You can create up to 20 global secondary indexes. Each replica in your global table will have the same global secondary index settings. You can only create or delete one global secondary index in a single stack operation.\n\nSince the backfilling of an index could take a long time, CloudFormation does not wait for the index to become active. If a stack operation rolls back, CloudFormation might not delete an index that has been added. In that case, you will need to delete the index manually.", + "title": "GlobalSecondaryIndexes", "type": "array" }, - "NetworkLoadBalancerArns": { + "GlobalTableWitnesses": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.GlobalTableWitness" }, - "markdownDescription": "The Amazon Resource Names (ARNs) of the Network Load Balancers.", - "title": "NetworkLoadBalancerArns", + "markdownDescription": "The list of witnesses of the MRSC global table. Only one witness Region can be configured per MRSC global table.", + "title": "GlobalTableWitnesses", "type": "array" }, - "PayerResponsibility": { - "markdownDescription": "The entity that is responsible for the endpoint costs. The default is the endpoint owner. If you set the payer responsibility to the service owner, you cannot set it back to the endpoint owner.", - "title": "PayerResponsibility", - "type": "string" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::EC2::VPCEndpointService" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::EC2::VPCEndpointServicePermissions": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" + "KeySchema": { + "items": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.KeySchema" + }, + "markdownDescription": "Specifies the attributes that make up the primary key for the table. The attributes in the `KeySchema` property must also be defined in the `AttributeDefinitions` property.", + "title": "KeySchema", + "type": "array" }, - { + "LocalSecondaryIndexes": { "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.LocalSecondaryIndex" }, + "markdownDescription": "Local secondary indexes to be created on the table. You can create up to five local secondary indexes. Each index is scoped to a given hash key value. The size of each hash key can be up to 10 gigabytes. Each replica in your global table will have the same local secondary index settings.", + "title": "LocalSecondaryIndexes", "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AllowedPrincipals": { + }, + "MultiRegionConsistency": { + "markdownDescription": "Specifies the consistency mode for a new global table.\n\nYou can specify one of the following consistency modes:\n\n- `EVENTUAL` : Configures a new global table for multi-Region eventual consistency (MREC).\n- `STRONG` : Configures a new global table for multi-Region strong consistency (MRSC).\n\nIf you don't specify this field, the global table consistency mode defaults to `EVENTUAL` . For more information about global tables consistency modes, see [Consistency modes](https://docs.aws.amazon.com/V2globaltables_HowItWorks.html#V2globaltables_HowItWorks.consistency-modes) in DynamoDB developer guide.", + "title": "MultiRegionConsistency", + "type": "string" + }, + "Replicas": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReplicaSpecification" }, - "markdownDescription": "The Amazon Resource Names (ARN) of one or more principals (for example, users, IAM roles, and AWS accounts ). Permissions are granted to the principals in this list. To grant permissions to all principals, specify an asterisk (*). Permissions are revoked for principals not in this list. If the list is empty, then all permissions are revoked.", - "title": "AllowedPrincipals", + "markdownDescription": "Specifies the list of replicas for your global table. The list must contain at least one element, the region where the stack defining the global table is deployed. For example, if you define your table in a stack deployed to us-east-1, you must have an entry in `Replicas` with the region us-east-1. You cannot remove the replica in the stack region.\n\n> Adding a replica might take a few minutes for an empty table, or up to several hours for large tables. If you want to add or remove a replica, we recommend submitting an `UpdateStack` operation containing only that change.\n> \n> If you add or delete a replica during an update, we recommend that you don't update any other resources. If your stack fails to update and is rolled back while adding a new replica, you might need to manually delete the replica. \n\nYou can create a new global table with as many replicas as needed. You can add or remove replicas after table creation, but you can only add or remove a single replica in each update. For Multi-Region Strong Consistency (MRSC), you can add or remove up to 3 replicas, or 2 replicas plus a witness Region.", + "title": "Replicas", "type": "array" }, - "ServiceId": { - "markdownDescription": "The ID of the service.", - "title": "ServiceId", + "SSESpecification": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.SSESpecification", + "markdownDescription": "Specifies the settings to enable server-side encryption. These settings will be applied to all replicas. If you plan to use customer-managed KMS keys, you must provide a key for each replica using the `ReplicaSpecification.ReplicaSSESpecification` property.", + "title": "SSESpecification" + }, + "StreamSpecification": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.StreamSpecification", + "markdownDescription": "Specifies the streams settings on your global table. You must provide a value for this property if your global table contains more than one replica. You can only change the streams settings if your global table has only one replica. For Multi-Region Strong Consistency (MRSC), you do not need to provide a value for this property and can change the settings at any time.", + "title": "StreamSpecification" + }, + "TableName": { + "markdownDescription": "A name for the global table. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID as the table name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "TableName", "type": "string" + }, + "TimeToLiveSpecification": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.TimeToLiveSpecification", + "markdownDescription": "Specifies the time to live (TTL) settings for the table. This setting will be applied to all replicas.", + "title": "TimeToLiveSpecification" + }, + "WarmThroughput": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.WarmThroughput", + "markdownDescription": "Provides visibility into the number of read and write operations your table or secondary index can instantaneously support. The settings can be modified using the `UpdateTable` operation to meet the throughput requirements of an upcoming peak event.", + "title": "WarmThroughput" + }, + "WriteOnDemandThroughputSettings": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.WriteOnDemandThroughputSettings", + "markdownDescription": "Sets the write request settings for a global table or a global secondary index. You can only specify this setting if your resource uses the `PAY_PER_REQUEST` `BillingMode` .", + "title": "WriteOnDemandThroughputSettings" + }, + "WriteProvisionedThroughputSettings": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.WriteProvisionedThroughputSettings", + "markdownDescription": "Specifies an auto scaling policy for write capacity. This policy will be applied to all replicas. This setting must be specified if `BillingMode` is set to `PROVISIONED` .", + "title": "WriteProvisionedThroughputSettings" } }, "required": [ - "ServiceId" + "AttributeDefinitions", + "KeySchema", + "Replicas" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::VPCEndpointServicePermissions" + "AWS::DynamoDB::GlobalTable" ], "type": "string" }, @@ -80719,849 +86679,527 @@ ], "type": "object" }, - "AWS::EC2::VPCGatewayAttachment": { + "AWS::DynamoDB::GlobalTable.AttributeDefinition": { "additionalProperties": false, "properties": { - "Condition": { + "AttributeName": { + "markdownDescription": "A name for the attribute.", + "title": "AttributeName", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "AttributeType": { + "markdownDescription": "The data type for the attribute, where:\n\n- `S` - the attribute is of type String\n- `N` - the attribute is of type Number\n- `B` - the attribute is of type Binary", + "title": "AttributeType", "type": "string" + } + }, + "required": [ + "AttributeName", + "AttributeType" + ], + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.CapacityAutoScalingSettings": { + "additionalProperties": false, + "properties": { + "MaxCapacity": { + "markdownDescription": "The maximum provisioned capacity units for the global table.", + "title": "MaxCapacity", + "type": "number" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "InternetGatewayId": { - "markdownDescription": "The ID of the internet gateway.\n\nYou must specify either `InternetGatewayId` or `VpnGatewayId` , but not both.", - "title": "InternetGatewayId", - "type": "string" - }, - "VpcId": { - "markdownDescription": "The ID of the VPC.", - "title": "VpcId", - "type": "string" - }, - "VpnGatewayId": { - "markdownDescription": "The ID of the virtual private gateway.\n\nYou must specify either `InternetGatewayId` or `VpnGatewayId` , but not both.", - "title": "VpnGatewayId", - "type": "string" - } - }, - "required": [ - "VpcId" - ], - "type": "object" + "MinCapacity": { + "markdownDescription": "The minimum provisioned capacity units for the global table.", + "title": "MinCapacity", + "type": "number" }, - "Type": { - "enum": [ - "AWS::EC2::VPCGatewayAttachment" - ], - "type": "string" + "SeedCapacity": { + "markdownDescription": "When switching billing mode from `PAY_PER_REQUEST` to `PROVISIONED` , DynamoDB requires you to specify read and write capacity unit values for the table and for each global secondary index. These values will be applied to all replicas. The table will use these provisioned values until CloudFormation creates the autoscaling policies you configured in your template. CloudFormation cannot determine what capacity the table and its global secondary indexes will require in this time period, since they are application-dependent.\n\nIf you want to switch a table's billing mode from `PAY_PER_REQUEST` to `PROVISIONED` , you must specify a value for this property for each autoscaled resource. If you specify different values for the same resource in different regions, CloudFormation will use the highest value found in either the `SeedCapacity` or `ReadCapacityUnits` properties. For example, if your global secondary index `myGSI` has a `SeedCapacity` of 10 in us-east-1 and a fixed `ReadCapacityUnits` of 20 in eu-west-1, CloudFormation will initially set the read capacity for `myGSI` to 20. Note that if you disable `ScaleIn` for `myGSI` in us-east-1, its read capacity units might not be set back to 10.\n\nYou must also specify a value for `SeedCapacity` when you plan to switch a table's billing mode from `PROVISIONED` to `PAY_PER_REQUEST` , because CloudFormation might need to roll back the operation (reverting the billing mode to `PROVISIONED` ) and this cannot succeed without specifying a value for `SeedCapacity` .", + "title": "SeedCapacity", + "type": "number" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "TargetTrackingScalingPolicyConfiguration": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.TargetTrackingScalingPolicyConfiguration", + "markdownDescription": "Defines a target tracking scaling policy.", + "title": "TargetTrackingScalingPolicyConfiguration" } }, "required": [ - "Type", - "Properties" + "MaxCapacity", + "MinCapacity", + "TargetTrackingScalingPolicyConfiguration" ], "type": "object" }, - "AWS::EC2::VPCPeeringConnection": { + "AWS::DynamoDB::GlobalTable.ContributorInsightsSpecification": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Enabled": { + "markdownDescription": "Indicates whether CloudWatch Contributor Insights are to be enabled (true) or disabled (false).", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.GlobalSecondaryIndex": { + "additionalProperties": false, + "properties": { + "IndexName": { + "markdownDescription": "The name of the global secondary index. The name must be unique among all other indexes on this table.", + "title": "IndexName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "KeySchema": { + "items": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.KeySchema" + }, + "markdownDescription": "The complete key schema for a global secondary index, which consists of one or more pairs of attribute names and key types:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.", + "title": "KeySchema", + "type": "array" }, - "Metadata": { - "type": "object" + "Projection": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.Projection", + "markdownDescription": "Represents attributes that are copied (projected) from the table into the global secondary index. These are in addition to the primary key attributes and index key attributes, which are automatically projected.", + "title": "Projection" }, - "Properties": { - "additionalProperties": false, - "properties": { - "PeerOwnerId": { - "markdownDescription": "The AWS account ID of the owner of the accepter VPC.\n\nDefault: Your AWS account ID", - "title": "PeerOwnerId", - "type": "string" - }, - "PeerRegion": { - "markdownDescription": "The Region code for the accepter VPC, if the accepter VPC is located in a Region other than the Region in which you make the request.\n\nDefault: The Region in which you make the request.", - "title": "PeerRegion", - "type": "string" - }, - "PeerRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the VPC peer role for the peering connection in another AWS account.\n\nThis is required when you are peering a VPC in a different AWS account.", - "title": "PeerRoleArn", - "type": "string" - }, - "PeerVpcId": { - "markdownDescription": "The ID of the VPC with which you are creating the VPC peering connection. You must specify this parameter in the request.", - "title": "PeerVpcId", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Any tags assigned to the resource.", - "title": "Tags", - "type": "array" - }, - "VpcId": { - "markdownDescription": "The ID of the VPC.", - "title": "VpcId", - "type": "string" - } - }, - "required": [ - "PeerVpcId", - "VpcId" - ], - "type": "object" + "WarmThroughput": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.WarmThroughput", + "markdownDescription": "Represents the warm throughput value (in read units per second and write units per second) for the specified secondary index. If you use this parameter, you must specify `ReadUnitsPerSecond` , `WriteUnitsPerSecond` , or both.", + "title": "WarmThroughput" }, - "Type": { - "enum": [ - "AWS::EC2::VPCPeeringConnection" - ], - "type": "string" + "WriteOnDemandThroughputSettings": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.WriteOnDemandThroughputSettings", + "markdownDescription": "Sets the write request settings for a global table or a global secondary index. You can only specify this setting if your resource uses the `PAY_PER_REQUEST` `BillingMode` .", + "title": "WriteOnDemandThroughputSettings" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "WriteProvisionedThroughputSettings": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.WriteProvisionedThroughputSettings", + "markdownDescription": "Defines write capacity settings for the global secondary index. You must specify a value for this property if the table's `BillingMode` is `PROVISIONED` . All replicas will have the same write capacity settings for this global secondary index.", + "title": "WriteProvisionedThroughputSettings" } }, "required": [ - "Type", - "Properties" + "IndexName", + "KeySchema", + "Projection" ], "type": "object" }, - "AWS::EC2::VPNConnection": { + "AWS::DynamoDB::GlobalTable.GlobalTableWitness": { "additionalProperties": false, "properties": { - "Condition": { + "Region": { + "markdownDescription": "The name of the AWS Region that serves as a witness for the MRSC global table.", + "title": "Region", "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + } + }, + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.KeySchema": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "markdownDescription": "The name of a key attribute.", + "title": "AttributeName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "CustomerGatewayId": { - "markdownDescription": "The ID of the customer gateway at your end of the VPN connection.", - "title": "CustomerGatewayId", - "type": "string" - }, - "StaticRoutesOnly": { - "markdownDescription": "Indicates whether the VPN connection uses static routes only. Static routes must be used for devices that don't support BGP.\n\nIf you are creating a VPN connection for a device that does not support Border Gateway Protocol (BGP), you must specify `true` .", - "title": "StaticRoutesOnly", - "type": "boolean" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Any tags assigned to the VPN connection.", - "title": "Tags", - "type": "array" - }, - "TransitGatewayId": { - "markdownDescription": "The ID of the transit gateway associated with the VPN connection.\n\nYou must specify either `TransitGatewayId` or `VpnGatewayId` , but not both.", - "title": "TransitGatewayId", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of VPN connection.", - "title": "Type", - "type": "string" - }, - "VpnGatewayId": { - "markdownDescription": "The ID of the virtual private gateway at the AWS side of the VPN connection.\n\nYou must specify either `TransitGatewayId` or `VpnGatewayId` , but not both.", - "title": "VpnGatewayId", - "type": "string" - }, - "VpnTunnelOptionsSpecifications": { - "items": { - "$ref": "#/definitions/AWS::EC2::VPNConnection.VpnTunnelOptionsSpecification" - }, - "markdownDescription": "The tunnel options for the VPN connection.", - "title": "VpnTunnelOptionsSpecifications", - "type": "array" - } - }, - "required": [ - "CustomerGatewayId", - "Type" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::EC2::VPNConnection" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "KeyType": { + "markdownDescription": "The role that this key attribute will assume:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.", + "title": "KeyType", "type": "string" } }, "required": [ - "Type", - "Properties" + "AttributeName", + "KeyType" ], "type": "object" }, - "AWS::EC2::VPNConnection.VpnTunnelOptionsSpecification": { + "AWS::DynamoDB::GlobalTable.KinesisStreamSpecification": { "additionalProperties": false, "properties": { - "PreSharedKey": { - "markdownDescription": "The pre-shared key (PSK) to establish initial authentication between the virtual private gateway and customer gateway.\n\nConstraints: Allowed characters are alphanumeric characters, periods (.), and underscores (_). Must be between 8 and 64 characters in length and cannot start with zero (0).", - "title": "PreSharedKey", + "ApproximateCreationDateTimePrecision": { + "markdownDescription": "The precision for the time and date that the stream was created.", + "title": "ApproximateCreationDateTimePrecision", "type": "string" }, - "TunnelInsideCidr": { - "markdownDescription": "The range of inside IP addresses for the tunnel. Any specified CIDR blocks must be unique across all VPN connections that use the same virtual private gateway.\n\nConstraints: A size /30 CIDR block from the `169.254.0.0/16` range. The following CIDR blocks are reserved and cannot be used:\n\n- `169.254.0.0/30`\n- `169.254.1.0/30`\n- `169.254.2.0/30`\n- `169.254.3.0/30`\n- `169.254.4.0/30`\n- `169.254.5.0/30`\n- `169.254.169.252/30`", - "title": "TunnelInsideCidr", + "StreamArn": { + "markdownDescription": "The ARN for a specific Kinesis data stream.", + "title": "StreamArn", "type": "string" } }, + "required": [ + "StreamArn" + ], "type": "object" }, - "AWS::EC2::VPNConnectionRoute": { + "AWS::DynamoDB::GlobalTable.LocalSecondaryIndex": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "IndexName": { + "markdownDescription": "The name of the local secondary index. The name must be unique among all other indexes on this table.", + "title": "IndexName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DestinationCidrBlock": { - "markdownDescription": "The CIDR block associated with the local subnet of the customer network.", - "title": "DestinationCidrBlock", - "type": "string" - }, - "VpnConnectionId": { - "markdownDescription": "The ID of the VPN connection.", - "title": "VpnConnectionId", - "type": "string" - } + "KeySchema": { + "items": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.KeySchema" }, - "required": [ - "DestinationCidrBlock", - "VpnConnectionId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::EC2::VPNConnectionRoute" - ], - "type": "string" + "markdownDescription": "The complete key schema for the local secondary index, consisting of one or more pairs of attribute names and key types:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.", + "title": "KeySchema", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Projection": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.Projection", + "markdownDescription": "Represents attributes that are copied (projected) from the table into the local secondary index. These are in addition to the primary key attributes and index key attributes, which are automatically projected.", + "title": "Projection" } }, "required": [ - "Type", - "Properties" + "IndexName", + "KeySchema", + "Projection" ], "type": "object" }, - "AWS::EC2::VPNGateway": { + "AWS::DynamoDB::GlobalTable.PointInTimeRecoverySpecification": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "PointInTimeRecoveryEnabled": { + "markdownDescription": "Indicates whether point in time recovery is enabled (true) or disabled (false) on the table.", + "title": "PointInTimeRecoveryEnabled", + "type": "boolean" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AmazonSideAsn": { - "markdownDescription": "The private Autonomous System Number (ASN) for the Amazon side of a BGP session.", - "title": "AmazonSideAsn", - "type": "number" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Any tags assigned to the virtual private gateway.", - "title": "Tags", - "type": "array" - }, - "Type": { - "markdownDescription": "The type of VPN connection the virtual private gateway supports.", - "title": "Type", - "type": "string" - } + "RecoveryPeriodInDays": { + "markdownDescription": "The number of preceding days for which continuous backups are taken and maintained. Your table data is only recoverable to any point-in-time from within the configured recovery period. This parameter is optional. If no value is provided, the value will default to 35.", + "title": "RecoveryPeriodInDays", + "type": "number" + } + }, + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.Projection": { + "additionalProperties": false, + "properties": { + "NonKeyAttributes": { + "items": { + "type": "string" }, - "required": [ - "Type" - ], - "type": "object" + "markdownDescription": "Represents the non-key attribute names which will be projected into the index.\n\nFor global and local secondary indexes, the total count of `NonKeyAttributes` summed across all of the secondary indexes, must not exceed 100. If you project the same attribute into two different indexes, this counts as two distinct attributes when determining the total. This limit only applies when you specify the ProjectionType of `INCLUDE` . You still can specify the ProjectionType of `ALL` to project all attributes from the source table, even if the table has more than 100 attributes.", + "title": "NonKeyAttributes", + "type": "array" }, - "Type": { - "enum": [ - "AWS::EC2::VPNGateway" - ], + "ProjectionType": { + "markdownDescription": "The set of attributes that are projected into the index:\n\n- `KEYS_ONLY` - Only the index and primary keys are projected into the index.\n- `INCLUDE` - In addition to the attributes described in `KEYS_ONLY` , the secondary index will include other non-key attributes that you specify.\n- `ALL` - All of the table attributes are projected into the index.\n\nWhen using the DynamoDB console, `ALL` is selected by default.", + "title": "ProjectionType", "type": "string" + } + }, + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.ReadOnDemandThroughputSettings": { + "additionalProperties": false, + "properties": { + "MaxReadRequestUnits": { + "markdownDescription": "Maximum number of read request units for the specified replica of a global table.", + "title": "MaxReadRequestUnits", + "type": "number" + } + }, + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.ReadProvisionedThroughputSettings": { + "additionalProperties": false, + "properties": { + "ReadCapacityAutoScalingSettings": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.CapacityAutoScalingSettings", + "markdownDescription": "Specifies auto scaling settings for the replica table or global secondary index.", + "title": "ReadCapacityAutoScalingSettings" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "ReadCapacityUnits": { + "markdownDescription": "Specifies a fixed read capacity for the replica table or global secondary index.", + "title": "ReadCapacityUnits", + "type": "number" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::EC2::VPNGatewayRoutePropagation": { + "AWS::DynamoDB::GlobalTable.ReplicaGlobalSecondaryIndexSpecification": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "ContributorInsightsSpecification": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ContributorInsightsSpecification", + "markdownDescription": "Updates the status for contributor insights for a specific table or index. CloudWatch Contributor Insights for DynamoDB graphs display the partition key and (if applicable) sort key of frequently accessed items and frequently throttled items in plaintext. If you require the use of AWS Key Management Service (KMS) to encrypt this table\u2019s partition key and sort key data with an AWS managed key or customer managed key, you should not enable CloudWatch Contributor Insights for DynamoDB for this table.", + "title": "ContributorInsightsSpecification" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "IndexName": { + "markdownDescription": "The name of the global secondary index. The name must be unique among all other indexes on this table.", + "title": "IndexName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "RouteTableIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The ID of the route table. The routing table must be associated with the same VPC that the virtual private gateway is attached to.", - "title": "RouteTableIds", - "type": "array" - }, - "VpnGatewayId": { - "markdownDescription": "The ID of the virtual private gateway that is attached to a VPC. The virtual private gateway must be attached to the same VPC that the routing tables are associated with.", - "title": "VpnGatewayId", - "type": "string" - } - }, - "required": [ - "RouteTableIds", - "VpnGatewayId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::EC2::VPNGatewayRoutePropagation" - ], - "type": "string" + "ReadOnDemandThroughputSettings": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReadOnDemandThroughputSettings", + "markdownDescription": "Sets the read request settings for a replica global secondary index. You can only specify this setting if your resource uses the `PAY_PER_REQUEST` `BillingMode` .", + "title": "ReadOnDemandThroughputSettings" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "ReadProvisionedThroughputSettings": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReadProvisionedThroughputSettings", + "markdownDescription": "Allows you to specify the read capacity settings for a replica global secondary index when the `BillingMode` is set to `PROVISIONED` .", + "title": "ReadProvisionedThroughputSettings" } }, "required": [ - "Type", - "Properties" + "IndexName" ], "type": "object" }, - "AWS::EC2::VerifiedAccessEndpoint": { + "AWS::DynamoDB::GlobalTable.ReplicaSSESpecification": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ApplicationDomain": { - "markdownDescription": "The DNS name for users to reach your application.", - "title": "ApplicationDomain", - "type": "string" - }, - "AttachmentType": { - "markdownDescription": "The type of attachment used to provide connectivity between the AWS Verified Access endpoint and the application.", - "title": "AttachmentType", - "type": "string" - }, - "Description": { - "markdownDescription": "A description for the AWS Verified Access endpoint.", - "title": "Description", - "type": "string" - }, - "DomainCertificateArn": { - "markdownDescription": "The ARN of a public TLS/SSL certificate imported into or created with ACM.", - "title": "DomainCertificateArn", - "type": "string" - }, - "EndpointDomainPrefix": { - "markdownDescription": "A custom identifier that is prepended to the DNS name that is generated for the endpoint.", - "title": "EndpointDomainPrefix", - "type": "string" - }, - "EndpointType": { - "markdownDescription": "The type of AWS Verified Access endpoint. Incoming application requests will be sent to an IP address, load balancer or a network interface depending on the endpoint type specified.", - "title": "EndpointType", - "type": "string" - }, - "LoadBalancerOptions": { - "$ref": "#/definitions/AWS::EC2::VerifiedAccessEndpoint.LoadBalancerOptions", - "markdownDescription": "The load balancer details if creating the AWS Verified Access endpoint as `load-balancer` type.", - "title": "LoadBalancerOptions" - }, - "NetworkInterfaceOptions": { - "$ref": "#/definitions/AWS::EC2::VerifiedAccessEndpoint.NetworkInterfaceOptions", - "markdownDescription": "The options for network-interface type endpoint.", - "title": "NetworkInterfaceOptions" - }, - "PolicyDocument": { - "markdownDescription": "The Verified Access policy document.", - "title": "PolicyDocument", - "type": "string" - }, - "PolicyEnabled": { - "markdownDescription": "The status of the Verified Access policy.", - "title": "PolicyEnabled", - "type": "boolean" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the security groups for the endpoint.", - "title": "SecurityGroupIds", - "type": "array" - }, - "SseSpecification": { - "$ref": "#/definitions/AWS::EC2::VerifiedAccessEndpoint.SseSpecification", - "markdownDescription": "The options for additional server side encryption.", - "title": "SseSpecification" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags.", - "title": "Tags", - "type": "array" - }, - "VerifiedAccessGroupId": { - "markdownDescription": "The ID of the AWS Verified Access group.", - "title": "VerifiedAccessGroupId", - "type": "string" - } - }, - "required": [ - "ApplicationDomain", - "AttachmentType", - "DomainCertificateArn", - "EndpointDomainPrefix", - "EndpointType", - "VerifiedAccessGroupId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::EC2::VerifiedAccessEndpoint" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "KMSMasterKeyId": { + "markdownDescription": "The AWS KMS key that should be used for the AWS KMS encryption. To specify a key, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. Note that you should only provide this parameter if the key is different from the default DynamoDB key `alias/aws/dynamodb` .", + "title": "KMSMasterKeyId", "type": "string" } }, "required": [ - "Type", - "Properties" + "KMSMasterKeyId" ], "type": "object" }, - "AWS::EC2::VerifiedAccessEndpoint.LoadBalancerOptions": { + "AWS::DynamoDB::GlobalTable.ReplicaSpecification": { "additionalProperties": false, "properties": { - "LoadBalancerArn": { - "markdownDescription": "The ARN of the load balancer.", - "title": "LoadBalancerArn", + "ContributorInsightsSpecification": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ContributorInsightsSpecification", + "markdownDescription": "The settings used to enable or disable CloudWatch Contributor Insights for the specified replica. When not specified, defaults to contributor insights disabled for the replica.", + "title": "ContributorInsightsSpecification" + }, + "DeletionProtectionEnabled": { + "markdownDescription": "Determines if a replica is protected from deletion. When enabled, the table cannot be deleted by any user or process. This setting is disabled by default. For more information, see [Using deletion protection](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/WorkingWithTables.Basics.html#WorkingWithTables.Basics.DeletionProtection) in the *Amazon DynamoDB Developer Guide* .", + "title": "DeletionProtectionEnabled", + "type": "boolean" + }, + "GlobalSecondaryIndexes": { + "items": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReplicaGlobalSecondaryIndexSpecification" + }, + "markdownDescription": "Defines additional settings for the global secondary indexes of this replica.", + "title": "GlobalSecondaryIndexes", + "type": "array" + }, + "KinesisStreamSpecification": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.KinesisStreamSpecification", + "markdownDescription": "Defines the Kinesis Data Streams configuration for the specified replica.", + "title": "KinesisStreamSpecification" + }, + "PointInTimeRecoverySpecification": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.PointInTimeRecoverySpecification", + "markdownDescription": "The settings used to enable point in time recovery. When not specified, defaults to point in time recovery disabled for the replica.", + "title": "PointInTimeRecoverySpecification" + }, + "ReadOnDemandThroughputSettings": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReadOnDemandThroughputSettings", + "markdownDescription": "Sets read request settings for the replica table.", + "title": "ReadOnDemandThroughputSettings" + }, + "ReadProvisionedThroughputSettings": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReadProvisionedThroughputSettings", + "markdownDescription": "Defines read capacity settings for the replica table.", + "title": "ReadProvisionedThroughputSettings" + }, + "Region": { + "markdownDescription": "The region in which this replica exists.", + "title": "Region", "type": "string" }, - "Port": { - "markdownDescription": "The IP port number.", - "title": "Port", - "type": "number" + "ReplicaStreamSpecification": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReplicaStreamSpecification", + "markdownDescription": "Represents the DynamoDB Streams configuration for a global table replica.", + "title": "ReplicaStreamSpecification" }, - "Protocol": { - "markdownDescription": "The IP protocol.", - "title": "Protocol", + "ResourcePolicy": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ResourcePolicy", + "markdownDescription": "A resource-based policy document that contains permissions to add to the specified replica of a DynamoDB global table. Resource-based policies let you define access permissions by specifying who has access to each resource, and the actions they are allowed to perform on each resource.\n\nIn a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) .", + "title": "ResourcePolicy" + }, + "SSESpecification": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReplicaSSESpecification", + "markdownDescription": "Allows you to specify a customer-managed key for the replica. When using customer-managed keys for server-side encryption, this property must have a value in all replicas.", + "title": "SSESpecification" + }, + "TableClass": { + "markdownDescription": "The table class of the specified table. Valid values are `STANDARD` and `STANDARD_INFREQUENT_ACCESS` .", + "title": "TableClass", "type": "string" }, - "SubnetIds": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The IDs of the subnets. You can specify only one subnet per Availability Zone.", - "title": "SubnetIds", + "markdownDescription": "An array of key-value pairs to apply to this replica.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", "type": "array" } }, + "required": [ + "Region" + ], "type": "object" }, - "AWS::EC2::VerifiedAccessEndpoint.NetworkInterfaceOptions": { + "AWS::DynamoDB::GlobalTable.ReplicaStreamSpecification": { "additionalProperties": false, "properties": { - "NetworkInterfaceId": { - "markdownDescription": "The ID of the network interface.", - "title": "NetworkInterfaceId", - "type": "string" - }, - "Port": { - "markdownDescription": "The IP port number.", - "title": "Port", - "type": "number" - }, - "Protocol": { - "markdownDescription": "The IP protocol.", - "title": "Protocol", - "type": "string" + "ResourcePolicy": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ResourcePolicy", + "markdownDescription": "A resource-based policy document that contains the permissions for the specified stream of a DynamoDB global table replica. Resource-based policies let you define access permissions by specifying who has access to each resource, and the actions they are allowed to perform on each resource.\n\nIn a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) .\n\nYou can update the `ResourcePolicy` property if you've specified more than one table using the [AWS ::DynamoDB::GlobalTable](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-globaltable.html) resource.", + "title": "ResourcePolicy" } }, + "required": [ + "ResourcePolicy" + ], "type": "object" }, - "AWS::EC2::VerifiedAccessEndpoint.SseSpecification": { + "AWS::DynamoDB::GlobalTable.ResourcePolicy": { "additionalProperties": false, "properties": { - "CustomerManagedKeyEnabled": { - "markdownDescription": "Enable or disable the use of customer managed KMS keys for server side encryption.\n\nValid values: `True` | `False`", - "title": "CustomerManagedKeyEnabled", + "PolicyDocument": { + "markdownDescription": "A resource-based policy document that contains permissions to add to the specified DynamoDB table, its indexes, and stream. In a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) .", + "title": "PolicyDocument", + "type": "object" + } + }, + "required": [ + "PolicyDocument" + ], + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.SSESpecification": { + "additionalProperties": false, + "properties": { + "SSEEnabled": { + "markdownDescription": "Indicates whether server-side encryption is performed using an AWS managed key or an AWS owned key. If enabled (true), server-side encryption type is set to KMS and an AWS managed key is used ( AWS KMS charges apply). If disabled (false) or not specified,server-side encryption is set to an AWS owned key. If you choose to use KMS encryption, you can also use customer managed KMS keys by specifying them in the `ReplicaSpecification.SSESpecification` object. You cannot mix AWS managed and customer managed KMS keys.", + "title": "SSEEnabled", "type": "boolean" }, - "KmsKeyArn": { - "markdownDescription": "The ARN of the KMS key.", - "title": "KmsKeyArn", + "SSEType": { + "markdownDescription": "Server-side encryption type. The only supported value is:\n\n- `KMS` - Server-side encryption that uses AWS Key Management Service . The key is stored in your account and is managed by AWS KMS ( AWS KMS charges apply).", + "title": "SSEType", "type": "string" } }, + "required": [ + "SSEEnabled" + ], "type": "object" }, - "AWS::EC2::VerifiedAccessGroup": { + "AWS::DynamoDB::GlobalTable.StreamSpecification": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "StreamViewType": { + "markdownDescription": "When an item in the table is modified, `StreamViewType` determines what information is written to the stream for this table. Valid values for `StreamViewType` are:\n\n- `KEYS_ONLY` - Only the key attributes of the modified item are written to the stream.\n- `NEW_IMAGE` - The entire item, as it appears after it was modified, is written to the stream.\n- `OLD_IMAGE` - The entire item, as it appeared before it was modified, is written to the stream.\n- `NEW_AND_OLD_IMAGES` - Both the new and the old item images of the item are written to the stream.", + "title": "StreamViewType", "type": "string" + } + }, + "required": [ + "StreamViewType" + ], + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.TargetTrackingScalingPolicyConfiguration": { + "additionalProperties": false, + "properties": { + "DisableScaleIn": { + "markdownDescription": "Indicates whether scale in by the target tracking scaling policy is disabled. The default value is `false` .", + "title": "DisableScaleIn", + "type": "boolean" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "ScaleInCooldown": { + "markdownDescription": "The amount of time, in seconds, after a scale-in activity completes before another scale-in activity can start.", + "title": "ScaleInCooldown", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description for the AWS Verified Access group.", - "title": "Description", - "type": "string" - }, - "PolicyDocument": { - "markdownDescription": "The Verified Access policy document.", - "title": "PolicyDocument", - "type": "string" - }, - "PolicyEnabled": { - "markdownDescription": "The status of the Verified Access policy.", - "title": "PolicyEnabled", - "type": "boolean" - }, - "SseSpecification": { - "$ref": "#/definitions/AWS::EC2::VerifiedAccessGroup.SseSpecification", - "markdownDescription": "The options for additional server side encryption.", - "title": "SseSpecification" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags.", - "title": "Tags", - "type": "array" - }, - "VerifiedAccessInstanceId": { - "markdownDescription": "The ID of the AWS Verified Access instance.", - "title": "VerifiedAccessInstanceId", - "type": "string" - } - }, - "required": [ - "VerifiedAccessInstanceId" - ], - "type": "object" + "ScaleOutCooldown": { + "markdownDescription": "The amount of time, in seconds, after a scale-out activity completes before another scale-out activity can start.", + "title": "ScaleOutCooldown", + "type": "number" }, - "Type": { - "enum": [ - "AWS::EC2::VerifiedAccessGroup" - ], + "TargetValue": { + "markdownDescription": "Defines a target value for the scaling policy.", + "title": "TargetValue", + "type": "number" + } + }, + "required": [ + "TargetValue" + ], + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.TimeToLiveSpecification": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "markdownDescription": "The name of the attribute used to store the expiration time for items in the table.\n\nCurrently, you cannot directly change the attribute name used to evaluate time to live. In order to do so, you must first disable time to live, and then re-enable it with the new attribute name. It can take up to one hour for changes to time to live to take effect. If you attempt to modify time to live within that time window, your stack operation might be delayed.", + "title": "AttributeName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Enabled": { + "markdownDescription": "Indicates whether TTL is to be enabled (true) or disabled (false) on the table.", + "title": "Enabled", + "type": "boolean" } }, "required": [ - "Type", - "Properties" + "Enabled" ], "type": "object" }, - "AWS::EC2::VerifiedAccessGroup.SseSpecification": { + "AWS::DynamoDB::GlobalTable.WarmThroughput": { "additionalProperties": false, "properties": { - "CustomerManagedKeyEnabled": { - "markdownDescription": "Enable or disable the use of customer managed KMS keys for server side encryption.\n\nValid values: `True` | `False`", - "title": "CustomerManagedKeyEnabled", - "type": "boolean" + "ReadUnitsPerSecond": { + "markdownDescription": "Represents the number of read operations your base table can instantaneously support.", + "title": "ReadUnitsPerSecond", + "type": "number" }, - "KmsKeyArn": { - "markdownDescription": "The ARN of the KMS key.", - "title": "KmsKeyArn", - "type": "string" + "WriteUnitsPerSecond": { + "markdownDescription": "Represents the number of write operations your base table can instantaneously support.", + "title": "WriteUnitsPerSecond", + "type": "number" } }, "type": "object" }, - "AWS::EC2::VerifiedAccessInstance": { + "AWS::DynamoDB::GlobalTable.WriteOnDemandThroughputSettings": { + "additionalProperties": false, + "properties": { + "MaxWriteRequestUnits": { + "markdownDescription": "Maximum number of write request settings for the specified replica of a global table.", + "title": "MaxWriteRequestUnits", + "type": "number" + } + }, + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.WriteProvisionedThroughputSettings": { + "additionalProperties": false, + "properties": { + "WriteCapacityAutoScalingSettings": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.CapacityAutoScalingSettings", + "markdownDescription": "Specifies auto scaling settings for the replica table or global secondary index.", + "title": "WriteCapacityAutoScalingSettings" + } + }, + "type": "object" + }, + "AWS::DynamoDB::Table": { "additionalProperties": false, "properties": { "Condition": { @@ -81596,51 +87234,130 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description for the AWS Verified Access instance.", - "title": "Description", + "AttributeDefinitions": { + "items": { + "$ref": "#/definitions/AWS::DynamoDB::Table.AttributeDefinition" + }, + "markdownDescription": "A list of attributes that describe the key schema for the table and indexes.\n\nThis property is required to create a DynamoDB table.\n\nUpdate requires: [Some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt) . Replacement if you edit an existing AttributeDefinition.", + "title": "AttributeDefinitions", + "type": "array" + }, + "BillingMode": { + "markdownDescription": "Specify how you are charged for read and write throughput and how you manage capacity.\n\nValid values include:\n\n- `PAY_PER_REQUEST` - We recommend using `PAY_PER_REQUEST` for most DynamoDB workloads. `PAY_PER_REQUEST` sets the billing mode to [On-demand capacity mode](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/on-demand-capacity-mode.html) .\n- `PROVISIONED` - We recommend using `PROVISIONED` for steady workloads with predictable growth where capacity requirements can be reliably forecasted. `PROVISIONED` sets the billing mode to [Provisioned capacity mode](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/provisioned-capacity-mode.html) .\n\nIf not specified, the default is `PROVISIONED` .", + "title": "BillingMode", "type": "string" }, - "FipsEnabled": { - "markdownDescription": "Indicates whether support for Federal Information Processing Standards (FIPS) is enabled on the instance.", - "title": "FipsEnabled", + "ContributorInsightsSpecification": { + "$ref": "#/definitions/AWS::DynamoDB::Table.ContributorInsightsSpecification", + "markdownDescription": "The settings used to enable or disable CloudWatch Contributor Insights for the specified table.", + "title": "ContributorInsightsSpecification" + }, + "DeletionProtectionEnabled": { + "markdownDescription": "Determines if a table is protected from deletion. When enabled, the table cannot be deleted by any user or process. This setting is disabled by default. For more information, see [Using deletion protection](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/WorkingWithTables.Basics.html#WorkingWithTables.Basics.DeletionProtection) in the *Amazon DynamoDB Developer Guide* .", + "title": "DeletionProtectionEnabled", "type": "boolean" }, - "LoggingConfigurations": { - "$ref": "#/definitions/AWS::EC2::VerifiedAccessInstance.VerifiedAccessLogs", - "markdownDescription": "The logging configuration for the Verified Access instances.", - "title": "LoggingConfigurations" + "GlobalSecondaryIndexes": { + "items": { + "$ref": "#/definitions/AWS::DynamoDB::Table.GlobalSecondaryIndex" + }, + "markdownDescription": "Global secondary indexes to be created on the table. You can create up to 20 global secondary indexes.\n\n> If you update a table to include a new global secondary index, AWS CloudFormation initiates the index creation and then proceeds with the stack update. AWS CloudFormation doesn't wait for the index to complete creation because the backfilling phase can take a long time, depending on the size of the table. You can't use the index or update the table until the index's status is `ACTIVE` . You can track its status by using the DynamoDB [DescribeTable](https://docs.aws.amazon.com/cli/latest/reference/dynamodb/describe-table.html) command.\n> \n> If you add or delete an index during an update, we recommend that you don't update any other resources. If your stack fails to update and is rolled back while adding a new index, you must manually delete the index.\n> \n> Updates are not supported. The following are exceptions:\n> \n> - If you update either the contributor insights specification or the provisioned throughput values of global secondary indexes, you can update the table without interruption.\n> - You can delete or add one global secondary index without interruption. If you do both in the same update (for example, by changing the index's logical ID), the update fails.", + "title": "GlobalSecondaryIndexes", + "type": "array" }, - "Tags": { + "ImportSourceSpecification": { + "$ref": "#/definitions/AWS::DynamoDB::Table.ImportSourceSpecification", + "markdownDescription": "Specifies the properties of data being imported from the S3 bucket source to the\" table.\n\n> If you specify the `ImportSourceSpecification` property, and also specify either the `StreamSpecification` , the `TableClass` property, the `DeletionProtectionEnabled` property, or the `WarmThroughput` property, the IAM entity creating/updating stack must have `UpdateTable` permission.", + "title": "ImportSourceSpecification" + }, + "KeySchema": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::DynamoDB::Table.KeySchema" }, - "markdownDescription": "The tags.", - "title": "Tags", + "markdownDescription": "Specifies the attributes that make up the primary key for the table. The attributes in the `KeySchema` property must also be defined in the `AttributeDefinitions` property.", + "title": "KeySchema", "type": "array" }, - "VerifiedAccessTrustProviderIds": { + "KinesisStreamSpecification": { + "$ref": "#/definitions/AWS::DynamoDB::Table.KinesisStreamSpecification", + "markdownDescription": "The Kinesis Data Streams configuration for the specified table.", + "title": "KinesisStreamSpecification" + }, + "LocalSecondaryIndexes": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::DynamoDB::Table.LocalSecondaryIndex" }, - "markdownDescription": "The IDs of the AWS Verified Access trust providers.", - "title": "VerifiedAccessTrustProviderIds", + "markdownDescription": "Local secondary indexes to be created on the table. You can create up to 5 local secondary indexes. Each index is scoped to a given hash key value. The size of each hash key can be up to 10 gigabytes.", + "title": "LocalSecondaryIndexes", "type": "array" }, - "VerifiedAccessTrustProviders": { + "OnDemandThroughput": { + "$ref": "#/definitions/AWS::DynamoDB::Table.OnDemandThroughput", + "markdownDescription": "Sets the maximum number of read and write units for the specified on-demand table. If you use this property, you must specify `MaxReadRequestUnits` , `MaxWriteRequestUnits` , or both.", + "title": "OnDemandThroughput" + }, + "PointInTimeRecoverySpecification": { + "$ref": "#/definitions/AWS::DynamoDB::Table.PointInTimeRecoverySpecification", + "markdownDescription": "The settings used to enable point in time recovery.", + "title": "PointInTimeRecoverySpecification" + }, + "ProvisionedThroughput": { + "$ref": "#/definitions/AWS::DynamoDB::Table.ProvisionedThroughput", + "markdownDescription": "Throughput for the specified table, which consists of values for `ReadCapacityUnits` and `WriteCapacityUnits` . For more information about the contents of a provisioned throughput structure, see [Amazon DynamoDB Table ProvisionedThroughput](https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_ProvisionedThroughput.html) .\n\nIf you set `BillingMode` as `PROVISIONED` , you must specify this property. If you set `BillingMode` as `PAY_PER_REQUEST` , you cannot specify this property.", + "title": "ProvisionedThroughput" + }, + "ResourcePolicy": { + "$ref": "#/definitions/AWS::DynamoDB::Table.ResourcePolicy", + "markdownDescription": "An AWS resource-based policy document in JSON format that will be attached to the table.\n\nWhen you attach a resource-based policy while creating a table, the policy application is *strongly consistent* .\n\nThe maximum size supported for a resource-based policy document is 20 KB. DynamoDB counts whitespaces when calculating the size of a policy against this limit. For a full list of all considerations that apply for resource-based policies, see [Resource-based policy considerations](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-considerations.html) .\n\n> You need to specify the `CreateTable` and `PutResourcePolicy` IAM actions for authorizing a user to create a table with a resource-based policy.", + "title": "ResourcePolicy" + }, + "SSESpecification": { + "$ref": "#/definitions/AWS::DynamoDB::Table.SSESpecification", + "markdownDescription": "Specifies the settings to enable server-side encryption.", + "title": "SSESpecification" + }, + "StreamSpecification": { + "$ref": "#/definitions/AWS::DynamoDB::Table.StreamSpecification", + "markdownDescription": "The settings for the DynamoDB table stream, which capture changes to items stored in the table.", + "title": "StreamSpecification" + }, + "TableClass": { + "markdownDescription": "The table class of the new table. Valid values are `STANDARD` and `STANDARD_INFREQUENT_ACCESS` .", + "title": "TableClass", + "type": "string" + }, + "TableName": { + "markdownDescription": "A name for the table. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the table name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "TableName", + "type": "string" + }, + "Tags": { "items": { - "$ref": "#/definitions/AWS::EC2::VerifiedAccessInstance.VerifiedAccessTrustProvider" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The IDs of the AWS Verified Access trust providers.", - "title": "VerifiedAccessTrustProviders", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", "type": "array" + }, + "TimeToLiveSpecification": { + "$ref": "#/definitions/AWS::DynamoDB::Table.TimeToLiveSpecification", + "markdownDescription": "Specifies the Time to Live (TTL) settings for the table.\n\n> For detailed information about the limits in DynamoDB, see [Limits in Amazon DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Limits.html) in the Amazon DynamoDB Developer Guide.", + "title": "TimeToLiveSpecification" + }, + "WarmThroughput": { + "$ref": "#/definitions/AWS::DynamoDB::Table.WarmThroughput", + "markdownDescription": "Represents the warm throughput (in read units per second and write units per second) for creating a table.", + "title": "WarmThroughput" } }, + "required": [ + "KeySchema" + ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::VerifiedAccessInstance" + "AWS::DynamoDB::Table" ], "type": "string" }, @@ -81654,315 +87371,410 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::EC2::VerifiedAccessInstance.CloudWatchLogs": { + "AWS::DynamoDB::Table.AttributeDefinition": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Indicates whether logging is enabled.", - "title": "Enabled", - "type": "boolean" + "AttributeName": { + "markdownDescription": "A name for the attribute.", + "title": "AttributeName", + "type": "string" }, - "LogGroup": { - "markdownDescription": "The ID of the CloudWatch Logs log group.", - "title": "LogGroup", + "AttributeType": { + "markdownDescription": "The data type for the attribute, where:\n\n- `S` - the attribute is of type String\n- `N` - the attribute is of type Number\n- `B` - the attribute is of type Binary", + "title": "AttributeType", "type": "string" } }, + "required": [ + "AttributeName", + "AttributeType" + ], "type": "object" }, - "AWS::EC2::VerifiedAccessInstance.KinesisDataFirehose": { + "AWS::DynamoDB::Table.ContributorInsightsSpecification": { "additionalProperties": false, "properties": { - "DeliveryStream": { - "markdownDescription": "The ID of the delivery stream.", - "title": "DeliveryStream", - "type": "string" - }, "Enabled": { - "markdownDescription": "Indicates whether logging is enabled.", + "markdownDescription": "Indicates whether CloudWatch Contributor Insights are to be enabled (true) or disabled (false).", "title": "Enabled", "type": "boolean" } }, + "required": [ + "Enabled" + ], "type": "object" }, - "AWS::EC2::VerifiedAccessInstance.S3": { + "AWS::DynamoDB::Table.Csv": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "The bucket name.", - "title": "BucketName", - "type": "string" - }, - "BucketOwner": { - "markdownDescription": "The AWS account number that owns the bucket.", - "title": "BucketOwner", + "Delimiter": { + "markdownDescription": "The delimiter used for separating items in the CSV file being imported.", + "title": "Delimiter", "type": "string" }, - "Enabled": { - "markdownDescription": "Indicates whether logging is enabled.", - "title": "Enabled", - "type": "boolean" - }, - "Prefix": { - "markdownDescription": "The bucket prefix.", - "title": "Prefix", - "type": "string" + "HeaderList": { + "items": { + "type": "string" + }, + "markdownDescription": "List of the headers used to specify a common header for all source CSV files being imported. If this field is specified then the first line of each CSV file is treated as data instead of the header. If this field is not specified the the first line of each CSV file is treated as the header.", + "title": "HeaderList", + "type": "array" } }, "type": "object" }, - "AWS::EC2::VerifiedAccessInstance.VerifiedAccessLogs": { + "AWS::DynamoDB::Table.GlobalSecondaryIndex": { "additionalProperties": false, "properties": { - "CloudWatchLogs": { - "$ref": "#/definitions/AWS::EC2::VerifiedAccessInstance.CloudWatchLogs", - "markdownDescription": "CloudWatch Logs logging destination.", - "title": "CloudWatchLogs" + "ContributorInsightsSpecification": { + "$ref": "#/definitions/AWS::DynamoDB::Table.ContributorInsightsSpecification", + "markdownDescription": "The settings used to enable or disable CloudWatch Contributor Insights for the specified global secondary index.", + "title": "ContributorInsightsSpecification" }, - "IncludeTrustContext": { - "markdownDescription": "Indicates whether to include trust data sent by trust providers in the logs.", - "title": "IncludeTrustContext", - "type": "boolean" + "IndexName": { + "markdownDescription": "The name of the global secondary index. The name must be unique among all other indexes on this table.", + "title": "IndexName", + "type": "string" }, - "KinesisDataFirehose": { - "$ref": "#/definitions/AWS::EC2::VerifiedAccessInstance.KinesisDataFirehose", - "markdownDescription": "Kinesis logging destination.", - "title": "KinesisDataFirehose" + "KeySchema": { + "items": { + "$ref": "#/definitions/AWS::DynamoDB::Table.KeySchema" + }, + "markdownDescription": "The complete key schema for a global secondary index, which consists of one or more pairs of attribute names and key types:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.", + "title": "KeySchema", + "type": "array" }, - "LogVersion": { - "markdownDescription": "The logging version.\n\nValid values: `ocsf-0.1` | `ocsf-1.0.0-rc.2`", - "title": "LogVersion", - "type": "string" + "OnDemandThroughput": { + "$ref": "#/definitions/AWS::DynamoDB::Table.OnDemandThroughput", + "markdownDescription": "The maximum number of read and write units for the specified global secondary index. If you use this parameter, you must specify `MaxReadRequestUnits` , `MaxWriteRequestUnits` , or both. You must use either `OnDemandThroughput` or `ProvisionedThroughput` based on your table's capacity mode.", + "title": "OnDemandThroughput" }, - "S3": { - "$ref": "#/definitions/AWS::EC2::VerifiedAccessInstance.S3", - "markdownDescription": "Amazon S3 logging options.", - "title": "S3" + "Projection": { + "$ref": "#/definitions/AWS::DynamoDB::Table.Projection", + "markdownDescription": "Represents attributes that are copied (projected) from the table into the global secondary index. These are in addition to the primary key attributes and index key attributes, which are automatically projected.", + "title": "Projection" + }, + "ProvisionedThroughput": { + "$ref": "#/definitions/AWS::DynamoDB::Table.ProvisionedThroughput", + "markdownDescription": "Represents the provisioned throughput settings for the specified global secondary index. You must use either `OnDemandThroughput` or `ProvisionedThroughput` based on your table's capacity mode.\n\nFor current minimum and maximum provisioned throughput values, see [Service, Account, and Table Quotas](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Limits.html) in the *Amazon DynamoDB Developer Guide* .", + "title": "ProvisionedThroughput" + }, + "WarmThroughput": { + "$ref": "#/definitions/AWS::DynamoDB::Table.WarmThroughput", + "markdownDescription": "Represents the warm throughput value (in read units per second and write units per second) for the specified secondary index. If you use this parameter, you must specify `ReadUnitsPerSecond` , `WriteUnitsPerSecond` , or both.", + "title": "WarmThroughput" } }, - "type": "object" - }, - "AWS::EC2::VerifiedAccessInstance.VerifiedAccessTrustProvider": { + "required": [ + "IndexName", + "KeySchema", + "Projection" + ], + "type": "object" + }, + "AWS::DynamoDB::Table.ImportSourceSpecification": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description for the AWS Verified Access trust provider.", - "title": "Description", + "InputCompressionType": { + "markdownDescription": "Type of compression to be used on the input coming from the imported table.", + "title": "InputCompressionType", "type": "string" }, - "DeviceTrustProviderType": { - "markdownDescription": "The type of device-based trust provider.", - "title": "DeviceTrustProviderType", + "InputFormat": { + "markdownDescription": "The format of the source data. Valid values for `ImportFormat` are `CSV` , `DYNAMODB_JSON` or `ION` .", + "title": "InputFormat", "type": "string" }, - "TrustProviderType": { - "markdownDescription": "The type of Verified Access trust provider.", - "title": "TrustProviderType", - "type": "string" + "InputFormatOptions": { + "$ref": "#/definitions/AWS::DynamoDB::Table.InputFormatOptions", + "markdownDescription": "Additional properties that specify how the input is formatted,", + "title": "InputFormatOptions" }, - "UserTrustProviderType": { - "markdownDescription": "The type of user-based trust provider.", - "title": "UserTrustProviderType", + "S3BucketSource": { + "$ref": "#/definitions/AWS::DynamoDB::Table.S3BucketSource", + "markdownDescription": "The S3 bucket that provides the source for the import.", + "title": "S3BucketSource" + } + }, + "required": [ + "InputFormat", + "S3BucketSource" + ], + "type": "object" + }, + "AWS::DynamoDB::Table.InputFormatOptions": { + "additionalProperties": false, + "properties": { + "Csv": { + "$ref": "#/definitions/AWS::DynamoDB::Table.Csv", + "markdownDescription": "The options for imported source files in CSV format. The values are Delimiter and HeaderList.", + "title": "Csv" + } + }, + "type": "object" + }, + "AWS::DynamoDB::Table.KeySchema": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "markdownDescription": "The name of a key attribute.", + "title": "AttributeName", "type": "string" }, - "VerifiedAccessTrustProviderId": { - "markdownDescription": "The ID of the AWS Verified Access trust provider.", - "title": "VerifiedAccessTrustProviderId", + "KeyType": { + "markdownDescription": "The role that this key attribute will assume:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.", + "title": "KeyType", "type": "string" } }, + "required": [ + "AttributeName", + "KeyType" + ], "type": "object" }, - "AWS::EC2::VerifiedAccessTrustProvider": { + "AWS::DynamoDB::Table.KinesisStreamSpecification": { "additionalProperties": false, "properties": { - "Condition": { + "ApproximateCreationDateTimePrecision": { + "markdownDescription": "The precision for the time and date that the stream was created.", + "title": "ApproximateCreationDateTimePrecision", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "StreamArn": { + "markdownDescription": "The ARN for a specific Kinesis data stream.\n\nLength Constraints: Minimum length of 37. Maximum length of 1024.", + "title": "StreamArn", + "type": "string" + } + }, + "required": [ + "StreamArn" + ], + "type": "object" + }, + "AWS::DynamoDB::Table.LocalSecondaryIndex": { + "additionalProperties": false, + "properties": { + "IndexName": { + "markdownDescription": "The name of the local secondary index. The name must be unique among all other indexes on this table.", + "title": "IndexName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "KeySchema": { + "items": { + "$ref": "#/definitions/AWS::DynamoDB::Table.KeySchema" + }, + "markdownDescription": "The complete key schema for the local secondary index, consisting of one or more pairs of attribute names and key types:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.", + "title": "KeySchema", + "type": "array" }, - "Metadata": { - "type": "object" + "Projection": { + "$ref": "#/definitions/AWS::DynamoDB::Table.Projection", + "markdownDescription": "Represents attributes that are copied (projected) from the table into the local secondary index. These are in addition to the primary key attributes and index key attributes, which are automatically projected.", + "title": "Projection" + } + }, + "required": [ + "IndexName", + "KeySchema", + "Projection" + ], + "type": "object" + }, + "AWS::DynamoDB::Table.OnDemandThroughput": { + "additionalProperties": false, + "properties": { + "MaxReadRequestUnits": { + "markdownDescription": "Maximum number of read request units for the specified table.\n\nTo specify a maximum `OnDemandThroughput` on your table, set the value of `MaxReadRequestUnits` as greater than or equal to 1. To remove the maximum `OnDemandThroughput` that is currently set on your table, set the value of `MaxReadRequestUnits` to -1.", + "title": "MaxReadRequestUnits", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description for the AWS Verified Access trust provider.", - "title": "Description", - "type": "string" - }, - "DeviceOptions": { - "$ref": "#/definitions/AWS::EC2::VerifiedAccessTrustProvider.DeviceOptions", - "markdownDescription": "The options for device-identity trust provider.", - "title": "DeviceOptions" - }, - "DeviceTrustProviderType": { - "markdownDescription": "The type of device-based trust provider.", - "title": "DeviceTrustProviderType", - "type": "string" - }, - "OidcOptions": { - "$ref": "#/definitions/AWS::EC2::VerifiedAccessTrustProvider.OidcOptions", - "markdownDescription": "The options for an OpenID Connect-compatible user-identity trust provider.", - "title": "OidcOptions" - }, - "PolicyReferenceName": { - "markdownDescription": "The identifier to be used when working with policy rules.", - "title": "PolicyReferenceName", - "type": "string" - }, - "SseSpecification": { - "$ref": "#/definitions/AWS::EC2::VerifiedAccessTrustProvider.SseSpecification", - "markdownDescription": "The options for additional server side encryption.", - "title": "SseSpecification" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags.", - "title": "Tags", - "type": "array" - }, - "TrustProviderType": { - "markdownDescription": "The type of Verified Access trust provider.", - "title": "TrustProviderType", - "type": "string" - }, - "UserTrustProviderType": { - "markdownDescription": "The type of user-based trust provider.", - "title": "UserTrustProviderType", - "type": "string" - } + "MaxWriteRequestUnits": { + "markdownDescription": "Maximum number of write request units for the specified table.\n\nTo specify a maximum `OnDemandThroughput` on your table, set the value of `MaxWriteRequestUnits` as greater than or equal to 1. To remove the maximum `OnDemandThroughput` that is currently set on your table, set the value of `MaxWriteRequestUnits` to -1.", + "title": "MaxWriteRequestUnits", + "type": "number" + } + }, + "type": "object" + }, + "AWS::DynamoDB::Table.PointInTimeRecoverySpecification": { + "additionalProperties": false, + "properties": { + "PointInTimeRecoveryEnabled": { + "markdownDescription": "Indicates whether point in time recovery is enabled (true) or disabled (false) on the table.", + "title": "PointInTimeRecoveryEnabled", + "type": "boolean" + }, + "RecoveryPeriodInDays": { + "markdownDescription": "The number of preceding days for which continuous backups are taken and maintained. Your table data is only recoverable to any point-in-time from within the configured recovery period. This parameter is optional. If no value is provided, the value will default to 35.", + "title": "RecoveryPeriodInDays", + "type": "number" + } + }, + "type": "object" + }, + "AWS::DynamoDB::Table.Projection": { + "additionalProperties": false, + "properties": { + "NonKeyAttributes": { + "items": { + "type": "string" }, - "required": [ - "PolicyReferenceName", - "TrustProviderType" - ], - "type": "object" + "markdownDescription": "Represents the non-key attribute names which will be projected into the index.\n\nFor global and local secondary indexes, the total count of `NonKeyAttributes` summed across all of the secondary indexes, must not exceed 100. If you project the same attribute into two different indexes, this counts as two distinct attributes when determining the total. This limit only applies when you specify the ProjectionType of `INCLUDE` . You still can specify the ProjectionType of `ALL` to project all attributes from the source table, even if the table has more than 100 attributes.", + "title": "NonKeyAttributes", + "type": "array" }, - "Type": { - "enum": [ - "AWS::EC2::VerifiedAccessTrustProvider" - ], + "ProjectionType": { + "markdownDescription": "The set of attributes that are projected into the index:\n\n- `KEYS_ONLY` - Only the index and primary keys are projected into the index.\n- `INCLUDE` - In addition to the attributes described in `KEYS_ONLY` , the secondary index will include other non-key attributes that you specify.\n- `ALL` - All of the table attributes are projected into the index.\n\nWhen using the DynamoDB console, `ALL` is selected by default.", + "title": "ProjectionType", "type": "string" + } + }, + "type": "object" + }, + "AWS::DynamoDB::Table.ProvisionedThroughput": { + "additionalProperties": false, + "properties": { + "ReadCapacityUnits": { + "markdownDescription": "The maximum number of strongly consistent reads consumed per second before DynamoDB returns a `ThrottlingException` . For more information, see [Specifying Read and Write Requirements](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/ProvisionedThroughput.html) in the *Amazon DynamoDB Developer Guide* .\n\nIf read/write capacity mode is `PAY_PER_REQUEST` the value is set to 0.", + "title": "ReadCapacityUnits", + "type": "number" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "WriteCapacityUnits": { + "markdownDescription": "The maximum number of writes consumed per second before DynamoDB returns a `ThrottlingException` . For more information, see [Specifying Read and Write Requirements](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/ProvisionedThroughput.html) in the *Amazon DynamoDB Developer Guide* .\n\nIf read/write capacity mode is `PAY_PER_REQUEST` the value is set to 0.", + "title": "WriteCapacityUnits", + "type": "number" } }, "required": [ - "Type", - "Properties" + "ReadCapacityUnits", + "WriteCapacityUnits" ], "type": "object" }, - "AWS::EC2::VerifiedAccessTrustProvider.DeviceOptions": { + "AWS::DynamoDB::Table.ResourcePolicy": { "additionalProperties": false, "properties": { - "PublicSigningKeyUrl": { - "markdownDescription": "The URL AWS Verified Access will use to verify the authenticity of the device tokens.", - "title": "PublicSigningKeyUrl", - "type": "string" - }, - "TenantId": { - "markdownDescription": "The ID of the tenant application with the device-identity provider.", - "title": "TenantId", - "type": "string" + "PolicyDocument": { + "markdownDescription": "A resource-based policy document that contains permissions to add to the specified DynamoDB table, index, or both. In a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) .", + "title": "PolicyDocument", + "type": "object" } }, + "required": [ + "PolicyDocument" + ], "type": "object" }, - "AWS::EC2::VerifiedAccessTrustProvider.OidcOptions": { + "AWS::DynamoDB::Table.S3BucketSource": { "additionalProperties": false, "properties": { - "AuthorizationEndpoint": { - "markdownDescription": "The OIDC authorization endpoint.", - "title": "AuthorizationEndpoint", + "S3Bucket": { + "markdownDescription": "The S3 bucket that is being imported from.", + "title": "S3Bucket", "type": "string" }, - "ClientId": { - "markdownDescription": "The client identifier.", - "title": "ClientId", + "S3BucketOwner": { + "markdownDescription": "The account number of the S3 bucket that is being imported from. If the bucket is owned by the requester this is optional.", + "title": "S3BucketOwner", "type": "string" }, - "ClientSecret": { - "markdownDescription": "The client secret.", - "title": "ClientSecret", + "S3KeyPrefix": { + "markdownDescription": "The key prefix shared by all S3 Objects that are being imported.", + "title": "S3KeyPrefix", "type": "string" - }, - "Issuer": { - "markdownDescription": "The OIDC issuer.", - "title": "Issuer", + } + }, + "required": [ + "S3Bucket" + ], + "type": "object" + }, + "AWS::DynamoDB::Table.SSESpecification": { + "additionalProperties": false, + "properties": { + "KMSMasterKeyId": { + "markdownDescription": "The AWS KMS key that should be used for the AWS KMS encryption. To specify a key, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. Note that you should only provide this parameter if the key is different from the default DynamoDB key `alias/aws/dynamodb` .", + "title": "KMSMasterKeyId", "type": "string" }, - "Scope": { - "markdownDescription": "The OpenID Connect (OIDC) scope specified.", - "title": "Scope", - "type": "string" + "SSEEnabled": { + "markdownDescription": "Indicates whether server-side encryption is done using an AWS managed key or an AWS owned key. If enabled (true), server-side encryption type is set to `KMS` and an AWS managed key is used ( AWS KMS charges apply). If disabled (false) or not specified, server-side encryption is set to AWS owned key.", + "title": "SSEEnabled", + "type": "boolean" }, - "TokenEndpoint": { - "markdownDescription": "The OIDC token endpoint.", - "title": "TokenEndpoint", + "SSEType": { + "markdownDescription": "Server-side encryption type. The only supported value is:\n\n- `KMS` - Server-side encryption that uses AWS Key Management Service . The key is stored in your account and is managed by AWS KMS ( AWS KMS charges apply).", + "title": "SSEType", "type": "string" + } + }, + "required": [ + "SSEEnabled" + ], + "type": "object" + }, + "AWS::DynamoDB::Table.StreamSpecification": { + "additionalProperties": false, + "properties": { + "ResourcePolicy": { + "$ref": "#/definitions/AWS::DynamoDB::Table.ResourcePolicy", + "markdownDescription": "Creates or updates a resource-based policy document that contains the permissions for DynamoDB resources, such as a table's streams. Resource-based policies let you define access permissions by specifying who has access to each resource, and the actions they are allowed to perform on each resource.\n\nIn a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) .", + "title": "ResourcePolicy" }, - "UserInfoEndpoint": { - "markdownDescription": "The OIDC user info endpoint.", - "title": "UserInfoEndpoint", + "StreamViewType": { + "markdownDescription": "When an item in the table is modified, `StreamViewType` determines what information is written to the stream for this table. Valid values for `StreamViewType` are:\n\n- `KEYS_ONLY` - Only the key attributes of the modified item are written to the stream.\n- `NEW_IMAGE` - The entire item, as it appears after it was modified, is written to the stream.\n- `OLD_IMAGE` - The entire item, as it appeared before it was modified, is written to the stream.\n- `NEW_AND_OLD_IMAGES` - Both the new and the old item images of the item are written to the stream.", + "title": "StreamViewType", "type": "string" } }, + "required": [ + "StreamViewType" + ], "type": "object" }, - "AWS::EC2::VerifiedAccessTrustProvider.SseSpecification": { + "AWS::DynamoDB::Table.TimeToLiveSpecification": { "additionalProperties": false, "properties": { - "CustomerManagedKeyEnabled": { - "markdownDescription": "Enable or disable the use of customer managed KMS keys for server side encryption.\n\nValid values: `True` | `False`", - "title": "CustomerManagedKeyEnabled", + "AttributeName": { + "markdownDescription": "The name of the TTL attribute used to store the expiration time for items in the table.\n\n> - The `AttributeName` property is required when enabling the TTL, or when TTL is already enabled.\n> - To update this property, you must first disable TTL and then enable TTL with the new attribute name.", + "title": "AttributeName", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Indicates whether TTL is to be enabled (true) or disabled (false) on the table.", + "title": "Enabled", "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::DynamoDB::Table.WarmThroughput": { + "additionalProperties": false, + "properties": { + "ReadUnitsPerSecond": { + "markdownDescription": "Represents the number of read operations your base table can instantaneously support.", + "title": "ReadUnitsPerSecond", + "type": "number" }, - "KmsKeyArn": { - "markdownDescription": "The ARN of the KMS key.", - "title": "KmsKeyArn", - "type": "string" + "WriteUnitsPerSecond": { + "markdownDescription": "Represents the number of write operations your base table can instantaneously support.", + "title": "WriteUnitsPerSecond", + "type": "number" } }, "type": "object" }, - "AWS::EC2::Volume": { + "AWS::EC2::CapacityReservation": { "additionalProperties": false, "properties": { "Condition": { @@ -81997,78 +87809,95 @@ "Properties": { "additionalProperties": false, "properties": { - "AutoEnableIO": { - "markdownDescription": "Indicates whether the volume is auto-enabled for I/O operations. By default, Amazon EBS disables I/O to the volume from attached EC2 instances when it determines that a volume's data is potentially inconsistent. If the consistency of the volume is not a concern, and you prefer that the volume be made available immediately if it's impaired, you can configure the volume to automatically enable I/O.", - "title": "AutoEnableIO", - "type": "boolean" - }, "AvailabilityZone": { - "markdownDescription": "The ID of the Availability Zone in which to create the volume. For example, `us-east-1a` .", + "markdownDescription": "The Availability Zone in which to create the Capacity Reservation.", "title": "AvailabilityZone", "type": "string" }, - "Encrypted": { - "markdownDescription": "Indicates whether the volume should be encrypted. The effect of setting the encryption state to `true` depends on the volume origin (new or from a snapshot), starting encryption state, ownership, and whether encryption by default is enabled. For more information, see [Encryption by default](https://docs.aws.amazon.com/ebs/latest/userguide/work-with-ebs-encr.html#encryption-by-default) in the *Amazon EBS User Guide* .\n\nEncrypted Amazon EBS volumes must be attached to instances that support Amazon EBS encryption. For more information, see [Supported instance types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption-requirements.html#ebs-encryption_supported_instances) .", - "title": "Encrypted", + "AvailabilityZoneId": { + "markdownDescription": "The Availability Zone ID of the Capacity Reservation.", + "title": "AvailabilityZoneId", + "type": "string" + }, + "EbsOptimized": { + "markdownDescription": "Indicates whether the Capacity Reservation supports EBS-optimized instances. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS- optimized instance.", + "title": "EbsOptimized", "type": "boolean" }, - "Iops": { - "markdownDescription": "The number of I/O operations per second (IOPS). For `gp3` , `io1` , and `io2` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n\nThe following are the supported values for each volume type:\n\n- `gp3` : 3,000 - 16,000 IOPS\n- `io1` : 100 - 64,000 IOPS\n- `io2` : 100 - 256,000 IOPS\n\nFor `io2` volumes, you can achieve up to 256,000 IOPS on [instances built on the Nitro System](https://docs.aws.amazon.com/ec2/latest/instancetypes/ec2-nitro-instances.html) . On other instances, you can achieve performance up to 32,000 IOPS.\n\nThis parameter is required for `io1` and `io2` volumes. The default for `gp3` volumes is 3,000 IOPS. This parameter is not supported for `gp2` , `st1` , `sc1` , or `standard` volumes.", - "title": "Iops", - "type": "number" + "EndDate": { + "markdownDescription": "The date and time at which the Capacity Reservation expires. When a Capacity Reservation expires, the reserved capacity is released and you can no longer launch instances into it. The Capacity Reservation's state changes to `expired` when it reaches its end date and time.\n\nYou must provide an `EndDate` value if `EndDateType` is `limited` . Omit `EndDate` if `EndDateType` is `unlimited` .\n\nIf the `EndDateType` is `limited` , the Capacity Reservation is cancelled within an hour from the specified time. For example, if you specify 5/31/2019, 13:30:55, the Capacity Reservation is guaranteed to end between 13:30:55 and 14:30:55 on 5/31/2019.\n\nIf you are requesting a future-dated Capacity Reservation, you can't specify an end date and time that is within the commitment duration.", + "title": "EndDate", + "type": "string" }, - "KmsKeyId": { - "markdownDescription": "The identifier of the AWS KMS key to use for Amazon EBS encryption. If `KmsKeyId` is specified, the encrypted state must be `true` .\n\nIf you omit this property and your account is enabled for encryption by default, or *Encrypted* is set to `true` , then the volume is encrypted using the default key specified for your account. If your account does not have a default key, then the volume is encrypted using the AWS managed key .\n\nAlternatively, if you want to specify a different key, you can specify one of the following:\n\n- Key ID. For example, 1234abcd-12ab-34cd-56ef-1234567890ab.\n- Key alias. Specify the alias for the key, prefixed with `alias/` . For example, for a key with the alias `my_cmk` , use `alias/my_cmk` . Or to specify the AWS managed key , use `alias/aws/ebs` .\n- Key ARN. For example, arn:aws:kms:us-east-1:012345678910:key/1234abcd-12ab-34cd-56ef-1234567890ab.\n- Alias ARN. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias.", - "title": "KmsKeyId", + "EndDateType": { + "markdownDescription": "Indicates the way in which the Capacity Reservation ends. A Capacity Reservation can have one of the following end types:\n\n- `unlimited` - The Capacity Reservation remains active until you explicitly cancel it. Do not provide an `EndDate` if the `EndDateType` is `unlimited` .\n- `limited` - The Capacity Reservation expires automatically at a specified date and time. You must provide an `EndDate` value if the `EndDateType` value is `limited` .", + "title": "EndDateType", "type": "string" }, - "MultiAttachEnabled": { - "markdownDescription": "Indicates whether Amazon EBS Multi-Attach is enabled.\n\nAWS CloudFormation does not currently support updating a single-attach volume to be multi-attach enabled, updating a multi-attach enabled volume to be single-attach, or updating the size or number of I/O operations per second (IOPS) of a multi-attach enabled volume.", - "title": "MultiAttachEnabled", + "EphemeralStorage": { + "markdownDescription": "*Deprecated.*", + "title": "EphemeralStorage", "type": "boolean" }, - "OutpostArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Outpost.", - "title": "OutpostArn", + "InstanceCount": { + "markdownDescription": "The number of instances for which to reserve capacity.\n\n> You can request future-dated Capacity Reservations for an instance count with a minimum of 64 vCPUs. For example, if you request a future-dated Capacity Reservation for `m5.xlarge` instances, you must request at least 25 instances ( *16 * m5.xlarge = 64 vCPUs* ). \n\nValid range: 1 - 1000", + "title": "InstanceCount", + "type": "number" + }, + "InstanceMatchCriteria": { + "markdownDescription": "Indicates the type of instance launches that the Capacity Reservation accepts. The options include:\n\n- `open` - The Capacity Reservation automatically matches all instances that have matching attributes (instance type, platform, and Availability Zone). Instances that have matching attributes run in the Capacity Reservation automatically without specifying any additional parameters.\n- `targeted` - The Capacity Reservation only accepts instances that have matching attributes (instance type, platform, and Availability Zone), and explicitly target the Capacity Reservation. This ensures that only permitted instances can use the reserved capacity.\n\n> If you are requesting a future-dated Capacity Reservation, you must specify `targeted` . \n\nDefault: `open`", + "title": "InstanceMatchCriteria", "type": "string" }, - "Size": { - "markdownDescription": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. If you specify a snapshot, the default is the snapshot size. You can specify a volume size that is equal to or larger than the snapshot size.\n\nThe following are the supported volumes sizes for each volume type:\n\n- `gp2` and `gp3` : 1 - 16,384 GiB\n- `io1` : 4 - 16,384 GiB\n- `io2` : 4 - 65,536 GiB\n- `st1` and `sc1` : 125 - 16,384 GiB\n- `standard` : 1 - 1024 GiB", - "title": "Size", - "type": "number" + "InstancePlatform": { + "markdownDescription": "The type of operating system for which to reserve capacity.", + "title": "InstancePlatform", + "type": "string" }, - "SnapshotId": { - "markdownDescription": "The snapshot from which to create the volume. You must specify either a snapshot ID or a volume size.", - "title": "SnapshotId", + "InstanceType": { + "markdownDescription": "The instance type for which to reserve capacity.\n\n> You can request future-dated Capacity Reservations for instance types in the C, M, R, I, T, and G instance families only. \n\nFor more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .", + "title": "InstanceType", "type": "string" }, - "Tags": { + "OutPostArn": { + "markdownDescription": "> Not supported for future-dated Capacity Reservations. \n\nThe Amazon Resource Name (ARN) of the Outpost on which to create the Capacity Reservation.", + "title": "OutPostArn", + "type": "string" + }, + "PlacementGroupArn": { + "markdownDescription": "> Not supported for future-dated Capacity Reservations. \n\nThe Amazon Resource Name (ARN) of the cluster placement group in which to create the Capacity Reservation. For more information, see [Capacity Reservations for cluster placement groups](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/cr-cpg.html) in the *Amazon EC2 User Guide* .", + "title": "PlacementGroupArn", + "type": "string" + }, + "TagSpecifications": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::EC2::CapacityReservation.TagSpecification" }, - "markdownDescription": "The tags to apply to the volume during creation.", - "title": "Tags", + "markdownDescription": "The tags to apply to the Capacity Reservation during launch.", + "title": "TagSpecifications", "type": "array" }, - "Throughput": { - "markdownDescription": "The throughput to provision for a volume, with a maximum of 1,000 MiB/s.\n\nThis parameter is valid only for `gp3` volumes. The default value is 125.\n\nValid Range: Minimum value of 125. Maximum value of 1000.", - "title": "Throughput", - "type": "number" + "Tenancy": { + "markdownDescription": "Indicates the tenancy of the Capacity Reservation. A Capacity Reservation can have one of the following tenancy settings:\n\n- `default` - The Capacity Reservation is created on hardware that is shared with other AWS accounts .\n- `dedicated` - The Capacity Reservation is created on single-tenant hardware that is dedicated to a single AWS account .", + "title": "Tenancy", + "type": "string" }, - "VolumeType": { - "markdownDescription": "The volume type. This parameter can be one of the following values:\n\n- General Purpose SSD: `gp2` | `gp3`\n- Provisioned IOPS SSD: `io1` | `io2`\n- Throughput Optimized HDD: `st1`\n- Cold HDD: `sc1`\n- Magnetic: `standard`\n\nFor more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volume-types.html) .\n\nDefault: `gp2`", - "title": "VolumeType", + "UnusedReservationBillingOwnerId": { + "markdownDescription": "The ID of the AWS account to which to assign billing of the unused capacity of the Capacity Reservation. A request will be sent to the specified account. That account must accept the request for the billing to be assigned to their account. For more information, see [Billing assignment for shared Amazon EC2 Capacity Reservations](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/assign-billing.html) .\n\nYou can assign billing only for shared Capacity Reservations. To share a Capacity Reservation, you must add it to a resource share. For more information, see [AWS::RAM::ResourceShare](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ram-resourceshare.html) .", + "title": "UnusedReservationBillingOwnerId", "type": "string" } }, "required": [ - "AvailabilityZone" + "InstanceCount", + "InstancePlatform", + "InstanceType" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::Volume" + "AWS::EC2::CapacityReservation" ], "type": "string" }, @@ -82087,85 +87916,58 @@ ], "type": "object" }, - "AWS::EC2::VolumeAttachment": { + "AWS::EC2::CapacityReservation.CapacityAllocation": { "additionalProperties": false, "properties": { - "Condition": { + "AllocationType": { + "markdownDescription": "The usage type. `used` indicates that the instance capacity is in use by instances that are running in the Capacity Reservation.", + "title": "AllocationType", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Count": { + "markdownDescription": "The amount of instance capacity associated with the usage. For example a value of `4` indicates that instance capacity for 4 instances is currently in use.", + "title": "Count", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::CapacityReservation.CommitmentInfo": { + "additionalProperties": false, + "properties": { + "CommitmentEndDate": { + "markdownDescription": "The date and time at which the commitment duration expires, in the ISO8601 format in the UTC time zone ( `YYYY-MM-DDThh:mm:ss.sssZ` ). You can't decrease the instance count or cancel the Capacity Reservation before this date and time.", + "title": "CommitmentEndDate", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Device": { - "markdownDescription": "The device name (for example, `/dev/sdh` or `xvdh` ).", - "title": "Device", - "type": "string" - }, - "InstanceId": { - "markdownDescription": "The ID of the instance to which the volume attaches. This value can be a reference to an [`AWS::EC2::Instance`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html) resource, or it can be the physical ID of an existing EC2 instance.", - "title": "InstanceId", - "type": "string" - }, - "VolumeId": { - "markdownDescription": "The ID of the Amazon EBS volume. The volume and instance must be within the same Availability Zone. This value can be a reference to an [`AWS::EC2::Volume`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-ebs-volume.html) resource, or it can be the volume ID of an existing Amazon EBS volume.", - "title": "VolumeId", - "type": "string" - } - }, - "required": [ - "InstanceId", - "VolumeId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::EC2::VolumeAttachment" - ], + "CommittedInstanceCount": { + "markdownDescription": "The instance capacity that you committed to when you requested the future-dated Capacity Reservation.", + "title": "CommittedInstanceCount", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::CapacityReservation.TagSpecification": { + "additionalProperties": false, + "properties": { + "ResourceType": { + "markdownDescription": "The type of resource to tag. Specify `capacity-reservation` .", + "title": "ResourceType", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to apply to the resource.", + "title": "Tags", + "type": "array" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::ECR::PublicRepository": { + "AWS::EC2::CapacityReservationFleet": { "additionalProperties": false, "properties": { "Condition": { @@ -82200,35 +88002,63 @@ "Properties": { "additionalProperties": false, "properties": { - "RepositoryCatalogData": { - "$ref": "#/definitions/AWS::ECR::PublicRepository.RepositoryCatalogData", - "markdownDescription": "The details about the repository that are publicly visible in the Amazon ECR Public Gallery. For more information, see [Amazon ECR Public repository catalog data](https://docs.aws.amazon.com/AmazonECR/latest/public/public-repository-catalog-data.html) in the *Amazon ECR Public User Guide* .", - "title": "RepositoryCatalogData" + "AllocationStrategy": { + "markdownDescription": "The strategy used by the Capacity Reservation Fleet to determine which of the specified instance types to use. Currently, only the `prioritized` allocation strategy is supported. For more information, see [Allocation strategy](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/crfleet-concepts.html#allocation-strategy) in the *Amazon EC2 User Guide* .\n\nValid values: `prioritized`", + "title": "AllocationStrategy", + "type": "string" }, - "RepositoryName": { - "markdownDescription": "The name to use for the public repository. The repository name may be specified on its own (such as `nginx-web-app` ) or it can be prepended with a namespace to group the repository into a category (such as `project-a/nginx-web-app` ). If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the repository name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "RepositoryName", + "EndDate": { + "markdownDescription": "The date and time at which the Capacity Reservation Fleet expires. When the Capacity Reservation Fleet expires, its state changes to `expired` and all of the Capacity Reservations in the Fleet expire.\n\nThe Capacity Reservation Fleet expires within an hour after the specified time. For example, if you specify `5/31/2019` , `13:30:55` , the Capacity Reservation Fleet is guaranteed to expire between `13:30:55` and `14:30:55` on `5/31/2019` .", + "title": "EndDate", "type": "string" }, - "RepositoryPolicyText": { - "markdownDescription": "The JSON repository policy text to apply to the public repository. For more information, see [Amazon ECR Public repository policies](https://docs.aws.amazon.com/AmazonECR/latest/public/public-repository-policies.html) in the *Amazon ECR Public User Guide* .", - "title": "RepositoryPolicyText", - "type": "object" + "InstanceMatchCriteria": { + "markdownDescription": "Indicates the type of instance launches that the Capacity Reservation Fleet accepts. All Capacity Reservations in the Fleet inherit this instance matching criteria.\n\nCurrently, Capacity Reservation Fleets support `open` instance matching criteria only. This means that instances that have matching attributes (instance type, platform, and Availability Zone) run in the Capacity Reservations automatically. Instances do not need to explicitly target a Capacity Reservation Fleet to use its reserved capacity.", + "title": "InstanceMatchCriteria", + "type": "string" }, - "Tags": { + "InstanceTypeSpecifications": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::EC2::CapacityReservationFleet.InstanceTypeSpecification" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.", - "title": "Tags", + "markdownDescription": "Information about the instance types for which to reserve the capacity.", + "title": "InstanceTypeSpecifications", + "type": "array" + }, + "NoRemoveEndDate": { + "markdownDescription": "Used to add an end date to a Capacity Reservation Fleet that has no end date and time. To add an end date to a Capacity Reservation Fleet, specify `true` for this paramater and specify the end date and time (in UTC time format) for the *EndDate* parameter.", + "title": "NoRemoveEndDate", + "type": "boolean" + }, + "RemoveEndDate": { + "markdownDescription": "Used to remove an end date from a Capacity Reservation Fleet that is configured to end automatically at a specific date and time. To remove the end date from a Capacity Reservation Fleet, specify `true` for this paramater and omit the *EndDate* parameter.", + "title": "RemoveEndDate", + "type": "boolean" + }, + "TagSpecifications": { + "items": { + "$ref": "#/definitions/AWS::EC2::CapacityReservationFleet.TagSpecification" + }, + "markdownDescription": "The tags to assign to the Capacity Reservation Fleet. The tags are automatically assigned to the Capacity Reservations in the Fleet.", + "title": "TagSpecifications", "type": "array" + }, + "Tenancy": { + "markdownDescription": "Indicates the tenancy of the Capacity Reservation Fleet. All Capacity Reservations in the Fleet inherit this tenancy. The Capacity Reservation Fleet can have one of the following tenancy settings:\n\n- `default` - The Capacity Reservation Fleet is created on hardware that is shared with other AWS accounts .\n- `dedicated` - The Capacity Reservations are created on single-tenant hardware that is dedicated to a single AWS account .", + "title": "Tenancy", + "type": "string" + }, + "TotalTargetCapacity": { + "markdownDescription": "The total number of capacity units to be reserved by the Capacity Reservation Fleet. This value, together with the instance type weights that you assign to each instance type used by the Fleet determine the number of instances for which the Fleet reserves capacity. Both values are based on units that make sense for your workload. For more information, see [Total target capacity](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/crfleet-concepts.html#target-capacity) in the *Amazon EC2 User Guide* .", + "title": "TotalTargetCapacity", + "type": "number" } }, "type": "object" }, "Type": { "enum": [ - "AWS::ECR::PublicRepository" + "AWS::EC2::CapacityReservationFleet" ], "type": "string" }, @@ -82246,44 +88076,67 @@ ], "type": "object" }, - "AWS::ECR::PublicRepository.RepositoryCatalogData": { + "AWS::EC2::CapacityReservationFleet.InstanceTypeSpecification": { "additionalProperties": false, "properties": { - "AboutText": { - "markdownDescription": "The longform description of the contents of the repository. This text appears in the repository details on the Amazon ECR Public Gallery.", - "title": "AboutText", + "AvailabilityZone": { + "markdownDescription": "The Availability Zone in which the Capacity Reservation Fleet reserves the capacity. A Capacity Reservation Fleet can't span Availability Zones. All instance type specifications that you specify for the Fleet must use the same Availability Zone.", + "title": "AvailabilityZone", "type": "string" }, - "Architectures": { - "items": { - "type": "string" - }, - "markdownDescription": "The architecture tags that are associated with the repository.", - "title": "Architectures", - "type": "array" + "AvailabilityZoneId": { + "markdownDescription": "The ID of the Availability Zone in which the Capacity Reservation Fleet reserves the capacity. A Capacity Reservation Fleet can't span Availability Zones. All instance type specifications that you specify for the Fleet must use the same Availability Zone.", + "title": "AvailabilityZoneId", + "type": "string" }, - "OperatingSystems": { - "items": { - "type": "string" - }, - "markdownDescription": "The operating system tags that are associated with the repository.", - "title": "OperatingSystems", - "type": "array" + "EbsOptimized": { + "markdownDescription": "Indicates whether the Capacity Reservation Fleet supports EBS-optimized instances types. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using EBS-optimized instance types.", + "title": "EbsOptimized", + "type": "boolean" }, - "RepositoryDescription": { - "markdownDescription": "The short description of the repository.", - "title": "RepositoryDescription", + "InstancePlatform": { + "markdownDescription": "The type of operating system for which the Capacity Reservation Fleet reserves capacity.", + "title": "InstancePlatform", "type": "string" }, - "UsageText": { - "markdownDescription": "The longform usage details of the contents of the repository. The usage text provides context for users of the repository.", - "title": "UsageText", + "InstanceType": { + "markdownDescription": "The instance type for which the Capacity Reservation Fleet reserves capacity.", + "title": "InstanceType", + "type": "string" + }, + "Priority": { + "markdownDescription": "The priority to assign to the instance type. This value is used to determine which of the instance types specified for the Fleet should be prioritized for use. A lower value indicates a high priority. For more information, see [Instance type priority](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/crfleet-concepts.html#instance-priority) in the *Amazon EC2 User Guide* .", + "title": "Priority", + "type": "number" + }, + "Weight": { + "markdownDescription": "The number of capacity units provided by the specified instance type. This value, together with the total target capacity that you specify for the Fleet determine the number of instances for which the Fleet reserves capacity. Both values are based on units that make sense for your workload. For more information, see [Total target capacity](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/crfleet-concepts.html#target-capacity) in the Amazon EC2 User Guide.\n\nValid Range: Minimum value of `0.001` . Maximum value of `99.999` .", + "title": "Weight", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::CapacityReservationFleet.TagSpecification": { + "additionalProperties": false, + "properties": { + "ResourceType": { + "markdownDescription": "The type of resource to tag on creation. Specify `capacity-reservation-fleet` .\n\nTo tag a resource after it has been created, see [CreateTags](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTags.html) .", + "title": "ResourceType", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to apply to the resource.", + "title": "Tags", + "type": "array" } }, "type": "object" }, - "AWS::ECR::PullThroughCacheRule": { + "AWS::EC2::CarrierGateway": { "additionalProperties": false, "properties": { "Condition": { @@ -82318,32 +88171,28 @@ "Properties": { "additionalProperties": false, "properties": { - "CredentialArn": { - "markdownDescription": "The ARN of the Secrets Manager secret associated with the pull through cache rule.", - "title": "CredentialArn", - "type": "string" - }, - "EcrRepositoryPrefix": { - "markdownDescription": "The Amazon ECR repository prefix associated with the pull through cache rule.", - "title": "EcrRepositoryPrefix", - "type": "string" - }, - "UpstreamRegistry": { - "markdownDescription": "The name of the upstream source registry associated with the pull through cache rule.", - "title": "UpstreamRegistry", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags assigned to the carrier gateway.", + "title": "Tags", + "type": "array" }, - "UpstreamRegistryUrl": { - "markdownDescription": "The upstream registry URL associated with the pull through cache rule.", - "title": "UpstreamRegistryUrl", + "VpcId": { + "markdownDescription": "The ID of the VPC associated with the carrier gateway.", + "title": "VpcId", "type": "string" } }, + "required": [ + "VpcId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::ECR::PullThroughCacheRule" + "AWS::EC2::CarrierGateway" ], "type": "string" }, @@ -82357,11 +88206,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::ECR::RegistryPolicy": { + "AWS::EC2::ClientVpnAuthorizationRule": { "additionalProperties": false, "properties": { "Condition": { @@ -82396,20 +88246,41 @@ "Properties": { "additionalProperties": false, "properties": { - "PolicyText": { - "markdownDescription": "The JSON policy text for your registry.", - "title": "PolicyText", - "type": "object" + "AccessGroupId": { + "markdownDescription": "The ID of the group to grant access to, for example, the Active Directory group or identity provider (IdP) group. Required if `AuthorizeAllGroups` is `false` or not specified.", + "title": "AccessGroupId", + "type": "string" + }, + "AuthorizeAllGroups": { + "markdownDescription": "Indicates whether to grant access to all clients. Specify `true` to grant all clients who successfully establish a VPN connection access to the network. Must be set to `true` if `AccessGroupId` is not specified.", + "title": "AuthorizeAllGroups", + "type": "boolean" + }, + "ClientVpnEndpointId": { + "markdownDescription": "The ID of the Client VPN endpoint.", + "title": "ClientVpnEndpointId", + "type": "string" + }, + "Description": { + "markdownDescription": "A brief description of the authorization rule.", + "title": "Description", + "type": "string" + }, + "TargetNetworkCidr": { + "markdownDescription": "The IPv4 address range, in CIDR notation, of the network for which access is being authorized.", + "title": "TargetNetworkCidr", + "type": "string" } }, "required": [ - "PolicyText" + "ClientVpnEndpointId", + "TargetNetworkCidr" ], "type": "object" }, "Type": { "enum": [ - "AWS::ECR::RegistryPolicy" + "AWS::EC2::ClientVpnAuthorizationRule" ], "type": "string" }, @@ -82428,7 +88299,7 @@ ], "type": "object" }, - "AWS::ECR::ReplicationConfiguration": { + "AWS::EC2::ClientVpnEndpoint": { "additionalProperties": false, "properties": { "Condition": { @@ -82463,20 +88334,120 @@ "Properties": { "additionalProperties": false, "properties": { - "ReplicationConfiguration": { - "$ref": "#/definitions/AWS::ECR::ReplicationConfiguration.ReplicationConfiguration", - "markdownDescription": "The replication configuration for a registry.", - "title": "ReplicationConfiguration" + "AuthenticationOptions": { + "items": { + "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.ClientAuthenticationRequest" + }, + "markdownDescription": "Information about the authentication method to be used to authenticate clients.", + "title": "AuthenticationOptions", + "type": "array" + }, + "ClientCidrBlock": { + "markdownDescription": "The IPv4 address range, in CIDR notation, from which to assign client IP addresses. The address range cannot overlap with the local CIDR of the VPC in which the associated subnet is located, or the routes that you add manually. The address range cannot be changed after the Client VPN endpoint has been created. Client CIDR range must have a size of at least /22 and must not be greater than /12.", + "title": "ClientCidrBlock", + "type": "string" + }, + "ClientConnectOptions": { + "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.ClientConnectOptions", + "markdownDescription": "The options for managing connection authorization for new client connections.", + "title": "ClientConnectOptions" + }, + "ClientLoginBannerOptions": { + "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.ClientLoginBannerOptions", + "markdownDescription": "Options for enabling a customizable text banner that will be displayed on AWS provided clients when a VPN session is established.", + "title": "ClientLoginBannerOptions" + }, + "ClientRouteEnforcementOptions": { + "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.ClientRouteEnforcementOptions", + "markdownDescription": "Client route enforcement is a feature of the Client VPN service that helps enforce administrator defined routes on devices connected through the VPN. T his feature helps improve your security posture by ensuring that network traffic originating from a connected client is not inadvertently sent outside the VPN tunnel.\n\nClient route enforcement works by monitoring the route table of a connected device for routing policy changes to the VPN connection. If the feature detects any VPN routing policy modifications, it will automatically force an update to the route table, reverting it back to the expected route configurations.", + "title": "ClientRouteEnforcementOptions" + }, + "ConnectionLogOptions": { + "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.ConnectionLogOptions", + "markdownDescription": "Information about the client connection logging options.\n\nIf you enable client connection logging, data about client connections is sent to a Cloudwatch Logs log stream. The following information is logged:\n\n- Client connection requests\n- Client connection results (successful and unsuccessful)\n- Reasons for unsuccessful client connection requests\n- Client connection termination time", + "title": "ConnectionLogOptions" + }, + "Description": { + "markdownDescription": "A brief description of the Client VPN endpoint.", + "title": "Description", + "type": "string" + }, + "DisconnectOnSessionTimeout": { + "markdownDescription": "Indicates whether the client VPN session is disconnected after the maximum `sessionTimeoutHours` is reached. If `true` , users are prompted to reconnect client VPN. If `false` , client VPN attempts to reconnect automatically. The default value is `true` .", + "title": "DisconnectOnSessionTimeout", + "type": "boolean" + }, + "DnsServers": { + "items": { + "type": "string" + }, + "markdownDescription": "Information about the DNS servers to be used for DNS resolution. A Client VPN endpoint can have up to two DNS servers. If no DNS server is specified, the DNS address configured on the device is used for the DNS server.", + "title": "DnsServers", + "type": "array" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of one or more security groups to apply to the target network. You must also specify the ID of the VPC that contains the security groups.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SelfServicePortal": { + "markdownDescription": "Specify whether to enable the self-service portal for the Client VPN endpoint.\n\nDefault Value: `enabled`", + "title": "SelfServicePortal", + "type": "string" + }, + "ServerCertificateArn": { + "markdownDescription": "The ARN of the server certificate. For more information, see the [AWS Certificate Manager User Guide](https://docs.aws.amazon.com/acm/latest/userguide/) .", + "title": "ServerCertificateArn", + "type": "string" + }, + "SessionTimeoutHours": { + "markdownDescription": "The maximum VPN session duration time in hours.\n\nValid values: `8 | 10 | 12 | 24`\n\nDefault value: `24`", + "title": "SessionTimeoutHours", + "type": "number" + }, + "SplitTunnel": { + "markdownDescription": "Indicates whether split-tunnel is enabled on the AWS Client VPN endpoint.\n\nBy default, split-tunnel on a VPN endpoint is disabled.\n\nFor information about split-tunnel VPN endpoints, see [Split-tunnel AWS Client VPN endpoint](https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/split-tunnel-vpn.html) in the *AWS Client VPN Administrator Guide* .", + "title": "SplitTunnel", + "type": "boolean" + }, + "TagSpecifications": { + "items": { + "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.TagSpecification" + }, + "markdownDescription": "The tags to apply to the Client VPN endpoint during creation.", + "title": "TagSpecifications", + "type": "array" + }, + "TransportProtocol": { + "markdownDescription": "The transport protocol to be used by the VPN session.\n\nDefault value: `udp`", + "title": "TransportProtocol", + "type": "string" + }, + "VpcId": { + "markdownDescription": "The ID of the VPC to associate with the Client VPN endpoint. If no security group IDs are specified in the request, the default security group for the VPC is applied.", + "title": "VpcId", + "type": "string" + }, + "VpnPort": { + "markdownDescription": "The port number to assign to the Client VPN endpoint for TCP and UDP traffic.\n\nValid Values: `443` | `1194`\n\nDefault Value: `443`", + "title": "VpnPort", + "type": "number" } }, "required": [ - "ReplicationConfiguration" + "AuthenticationOptions", + "ClientCidrBlock", + "ConnectionLogOptions", + "ServerCertificateArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::ECR::ReplicationConfiguration" + "AWS::EC2::ClientVpnEndpoint" ], "type": "string" }, @@ -82495,236 +88466,179 @@ ], "type": "object" }, - "AWS::ECR::ReplicationConfiguration.ReplicationConfiguration": { + "AWS::EC2::ClientVpnEndpoint.CertificateAuthenticationRequest": { "additionalProperties": false, "properties": { - "Rules": { - "items": { - "$ref": "#/definitions/AWS::ECR::ReplicationConfiguration.ReplicationRule" - }, - "markdownDescription": "An array of objects representing the replication destinations and repository filters for a replication configuration.", - "title": "Rules", - "type": "array" + "ClientRootCertificateChainArn": { + "markdownDescription": "The ARN of the client certificate. The certificate must be signed by a certificate authority (CA) and it must be provisioned in AWS Certificate Manager (ACM).", + "title": "ClientRootCertificateChainArn", + "type": "string" } }, "required": [ - "Rules" + "ClientRootCertificateChainArn" ], "type": "object" }, - "AWS::ECR::ReplicationConfiguration.ReplicationDestination": { + "AWS::EC2::ClientVpnEndpoint.ClientAuthenticationRequest": { "additionalProperties": false, "properties": { - "Region": { - "markdownDescription": "The Region to replicate to.", - "title": "Region", + "ActiveDirectory": { + "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.DirectoryServiceAuthenticationRequest", + "markdownDescription": "Information about the Active Directory to be used, if applicable. You must provide this information if *Type* is `directory-service-authentication` .", + "title": "ActiveDirectory" + }, + "FederatedAuthentication": { + "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.FederatedAuthenticationRequest", + "markdownDescription": "Information about the IAM SAML identity provider, if applicable.", + "title": "FederatedAuthentication" + }, + "MutualAuthentication": { + "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.CertificateAuthenticationRequest", + "markdownDescription": "Information about the authentication certificates to be used, if applicable. You must provide this information if *Type* is `certificate-authentication` .", + "title": "MutualAuthentication" + }, + "Type": { + "markdownDescription": "The type of client authentication to be used.", + "title": "Type", "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::EC2::ClientVpnEndpoint.ClientConnectOptions": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Indicates whether client connect options are enabled. The default is `false` (not enabled).", + "title": "Enabled", + "type": "boolean" }, - "RegistryId": { - "markdownDescription": "The AWS account ID of the Amazon ECR private registry to replicate to. When configuring cross-Region replication within your own registry, specify your own account ID.", - "title": "RegistryId", + "LambdaFunctionArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Lambda function used for connection authorization.", + "title": "LambdaFunctionArn", "type": "string" } }, "required": [ - "Region", - "RegistryId" + "Enabled" ], "type": "object" }, - "AWS::ECR::ReplicationConfiguration.ReplicationRule": { + "AWS::EC2::ClientVpnEndpoint.ClientLoginBannerOptions": { "additionalProperties": false, "properties": { - "Destinations": { - "items": { - "$ref": "#/definitions/AWS::ECR::ReplicationConfiguration.ReplicationDestination" - }, - "markdownDescription": "An array of objects representing the destination for a replication rule.", - "title": "Destinations", - "type": "array" + "BannerText": { + "markdownDescription": "Customizable text that will be displayed in a banner on AWS provided clients when a VPN session is established. UTF-8 encoded characters only. Maximum of 1400 characters.", + "title": "BannerText", + "type": "string" }, - "RepositoryFilters": { - "items": { - "$ref": "#/definitions/AWS::ECR::ReplicationConfiguration.RepositoryFilter" - }, - "markdownDescription": "An array of objects representing the filters for a replication rule. Specifying a repository filter for a replication rule provides a method for controlling which repositories in a private registry are replicated.", - "title": "RepositoryFilters", - "type": "array" + "Enabled": { + "markdownDescription": "Enable or disable a customizable text banner that will be displayed on AWS provided clients when a VPN session is established.\n\nValid values: `true | false`\n\nDefault value: `false`", + "title": "Enabled", + "type": "boolean" } }, "required": [ - "Destinations" + "Enabled" ], "type": "object" }, - "AWS::ECR::ReplicationConfiguration.RepositoryFilter": { + "AWS::EC2::ClientVpnEndpoint.ClientRouteEnforcementOptions": { "additionalProperties": false, "properties": { - "Filter": { - "markdownDescription": "The repository filter details. When the `PREFIX_MATCH` filter type is specified, this value is required and should be the repository name prefix to configure replication for.", - "title": "Filter", + "Enforced": { + "markdownDescription": "Enable or disable Client Route Enforcement. The state can either be `true` (enabled) or `false` (disabled). The default is `false` .\n\nValid values: `true | false`\n\nDefault value: `false`", + "title": "Enforced", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EC2::ClientVpnEndpoint.ConnectionLogOptions": { + "additionalProperties": false, + "properties": { + "CloudwatchLogGroup": { + "markdownDescription": "The name of the CloudWatch Logs log group. Required if connection logging is enabled.", + "title": "CloudwatchLogGroup", "type": "string" }, - "FilterType": { - "markdownDescription": "The repository filter type. The only supported value is `PREFIX_MATCH` , which is a repository name prefix specified with the `filter` parameter.", - "title": "FilterType", + "CloudwatchLogStream": { + "markdownDescription": "The name of the CloudWatch Logs log stream to which the connection data is published.", + "title": "CloudwatchLogStream", "type": "string" + }, + "Enabled": { + "markdownDescription": "Indicates whether connection logging is enabled.", + "title": "Enabled", + "type": "boolean" } }, "required": [ - "Filter", - "FilterType" + "Enabled" ], "type": "object" }, - "AWS::ECR::Repository": { + "AWS::EC2::ClientVpnEndpoint.DirectoryServiceAuthenticationRequest": { "additionalProperties": false, "properties": { - "Condition": { + "DirectoryId": { + "markdownDescription": "The ID of the Active Directory to be used for authentication.", + "title": "DirectoryId", "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + } + }, + "required": [ + "DirectoryId" + ], + "type": "object" + }, + "AWS::EC2::ClientVpnEndpoint.FederatedAuthenticationRequest": { + "additionalProperties": false, + "properties": { + "SAMLProviderArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM SAML identity provider.", + "title": "SAMLProviderArn", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "EmptyOnDelete": { - "markdownDescription": "If true, deleting the repository force deletes the contents of the repository. If false, the repository must be empty before attempting to delete it.", - "title": "EmptyOnDelete", - "type": "boolean" - }, - "EncryptionConfiguration": { - "$ref": "#/definitions/AWS::ECR::Repository.EncryptionConfiguration", - "markdownDescription": "The encryption configuration for the repository. This determines how the contents of your repository are encrypted at rest.", - "title": "EncryptionConfiguration" - }, - "ImageScanningConfiguration": { - "$ref": "#/definitions/AWS::ECR::Repository.ImageScanningConfiguration", - "markdownDescription": "The image scanning configuration for the repository. This determines whether images are scanned for known vulnerabilities after being pushed to the repository.", - "title": "ImageScanningConfiguration" - }, - "ImageTagMutability": { - "markdownDescription": "The tag mutability setting for the repository. If this parameter is omitted, the default setting of `MUTABLE` will be used which will allow image tags to be overwritten. If `IMMUTABLE` is specified, all image tags within the repository will be immutable which will prevent them from being overwritten.", - "title": "ImageTagMutability", - "type": "string" - }, - "LifecyclePolicy": { - "$ref": "#/definitions/AWS::ECR::Repository.LifecyclePolicy", - "markdownDescription": "Creates or updates a lifecycle policy. For information about lifecycle policy syntax, see [Lifecycle policy template](https://docs.aws.amazon.com/AmazonECR/latest/userguide/LifecyclePolicies.html) .", - "title": "LifecyclePolicy" - }, - "RepositoryName": { - "markdownDescription": "The name to use for the repository. The repository name may be specified on its own (such as `nginx-web-app` ) or it can be prepended with a namespace to group the repository into a category (such as `project-a/nginx-web-app` ). If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the repository name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nThe repository name must start with a letter and can only contain lowercase letters, numbers, hyphens, underscores, and forward slashes.\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "RepositoryName", - "type": "string" - }, - "RepositoryPolicyText": { - "markdownDescription": "The JSON repository policy text to apply to the repository. For more information, see [Amazon ECR repository policies](https://docs.aws.amazon.com/AmazonECR/latest/userguide/repository-policy-examples.html) in the *Amazon Elastic Container Registry User Guide* .", - "title": "RepositoryPolicyText", - "type": "object" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::ECR::Repository" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SelfServiceSAMLProviderArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM SAML identity provider for the self-service portal.", + "title": "SelfServiceSAMLProviderArn", "type": "string" } }, "required": [ - "Type" + "SAMLProviderArn" ], "type": "object" }, - "AWS::ECR::Repository.EncryptionConfiguration": { + "AWS::EC2::ClientVpnEndpoint.TagSpecification": { "additionalProperties": false, "properties": { - "EncryptionType": { - "markdownDescription": "The encryption type to use.\n\nIf you use the `KMS` encryption type, the contents of the repository will be encrypted using server-side encryption with AWS Key Management Service key stored in AWS KMS . When you use AWS KMS to encrypt your data, you can either use the default AWS managed AWS KMS key for Amazon ECR, or specify your own AWS KMS key, which you already created.\n\nIf you use the `KMS_DSSE` encryption type, the contents of the repository will be encrypted with two layers of encryption using server-side encryption with the AWS KMS Management Service key stored in AWS KMS . Similar to the `KMS` encryption type, you can either use the default AWS managed AWS KMS key for Amazon ECR, or specify your own AWS KMS key, which you've already created.\n\nIf you use the `AES256` encryption type, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts the images in the repository using an AES256 encryption algorithm.\n\nFor more information, see [Amazon ECR encryption at rest](https://docs.aws.amazon.com/AmazonECR/latest/userguide/encryption-at-rest.html) in the *Amazon Elastic Container Registry User Guide* .", - "title": "EncryptionType", + "ResourceType": { + "markdownDescription": "The type of resource to tag. To tag a Client VPN endpoint, `ResourceType` must be `client-vpn-endpoint` .", + "title": "ResourceType", "type": "string" }, - "KmsKey": { - "markdownDescription": "If you use the `KMS` encryption type, specify the AWS KMS key to use for encryption. The alias, key ID, or full ARN of the AWS KMS key can be specified. The key must exist in the same Region as the repository. If no key is specified, the default AWS managed AWS KMS key for Amazon ECR will be used.", - "title": "KmsKey", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to apply to the resource.", + "title": "Tags", + "type": "array" } }, "required": [ - "EncryptionType" + "ResourceType", + "Tags" ], "type": "object" }, - "AWS::ECR::Repository.ImageScanningConfiguration": { - "additionalProperties": false, - "properties": { - "ScanOnPush": { - "markdownDescription": "The setting that determines whether images are scanned after being pushed to a repository. If set to `true` , images will be scanned after being pushed. If this parameter is not specified, it will default to `false` and images will not be scanned unless a scan is manually started.", - "title": "ScanOnPush", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::ECR::Repository.LifecyclePolicy": { - "additionalProperties": false, - "properties": { - "LifecyclePolicyText": { - "markdownDescription": "The JSON repository policy text to apply to the repository.", - "title": "LifecyclePolicyText", - "type": "string" - }, - "RegistryId": { - "markdownDescription": "The AWS account ID associated with the registry that contains the repository. If you do not specify a registry, the default registry is assumed.", - "title": "RegistryId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ECR::RepositoryCreationTemplate": { + "AWS::EC2::ClientVpnRoute": { "additionalProperties": false, "properties": { "Condition": { @@ -82759,62 +88673,37 @@ "Properties": { "additionalProperties": false, "properties": { - "AppliedFor": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of enumerable Strings representing the repository creation scenarios that this template will apply towards. The two supported scenarios are PULL_THROUGH_CACHE and REPLICATION", - "title": "AppliedFor", - "type": "array" + "ClientVpnEndpointId": { + "markdownDescription": "The ID of the Client VPN endpoint to which to add the route.", + "title": "ClientVpnEndpointId", + "type": "string" }, "Description": { - "markdownDescription": "The description associated with the repository creation template.", + "markdownDescription": "A brief description of the route.", "title": "Description", "type": "string" }, - "EncryptionConfiguration": { - "$ref": "#/definitions/AWS::ECR::RepositoryCreationTemplate.EncryptionConfiguration", - "markdownDescription": "The encryption configuration associated with the repository creation template.", - "title": "EncryptionConfiguration" - }, - "ImageTagMutability": { - "markdownDescription": "The tag mutability setting for the repository. If this parameter is omitted, the default setting of MUTABLE will be used which will allow image tags to be overwritten. If IMMUTABLE is specified, all image tags within the repository will be immutable which will prevent them from being overwritten.", - "title": "ImageTagMutability", - "type": "string" - }, - "LifecyclePolicy": { - "markdownDescription": "The lifecycle policy to use for repositories created using the template.", - "title": "LifecyclePolicy", - "type": "string" - }, - "Prefix": { - "markdownDescription": "The repository namespace prefix associated with the repository creation template.", - "title": "Prefix", + "DestinationCidrBlock": { + "markdownDescription": "The IPv4 address range, in CIDR notation, of the route destination. For example:\n\n- To add a route for Internet access, enter `0.0.0.0/0`\n- To add a route for a peered VPC, enter the peered VPC's IPv4 CIDR range\n- To add a route for an on-premises network, enter the AWS Site-to-Site VPN connection's IPv4 CIDR range\n- To add a route for the local network, enter the client CIDR range", + "title": "DestinationCidrBlock", "type": "string" }, - "RepositoryPolicy": { - "markdownDescription": "The repository policy to apply to repositories created using the template. A repository policy is a permissions policy associated with a repository to control access permissions.", - "title": "RepositoryPolicy", + "TargetVpcSubnetId": { + "markdownDescription": "The ID of the subnet through which you want to route traffic. The specified subnet must be an existing target network of the Client VPN endpoint.\n\nAlternatively, if you're adding a route for the local network, specify `local` .", + "title": "TargetVpcSubnetId", "type": "string" - }, - "ResourceTags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The metadata to apply to the repository to help you categorize and organize. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.", - "title": "ResourceTags", - "type": "array" } }, "required": [ - "AppliedFor", - "Prefix" + "ClientVpnEndpointId", + "DestinationCidrBlock", + "TargetVpcSubnetId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ECR::RepositoryCreationTemplate" + "AWS::EC2::ClientVpnRoute" ], "type": "string" }, @@ -82833,26 +88722,7 @@ ], "type": "object" }, - "AWS::ECR::RepositoryCreationTemplate.EncryptionConfiguration": { - "additionalProperties": false, - "properties": { - "EncryptionType": { - "markdownDescription": "The encryption type to use.\n\nIf you use the `KMS` encryption type, the contents of the repository will be encrypted using server-side encryption with AWS Key Management Service key stored in AWS KMS . When you use AWS KMS to encrypt your data, you can either use the default AWS managed AWS KMS key for Amazon ECR, or specify your own AWS KMS key, which you already created.\n\nIf you use the `KMS_DSSE` encryption type, the contents of the repository will be encrypted with two layers of encryption using server-side encryption with the AWS KMS Management Service key stored in AWS KMS . Similar to the `KMS` encryption type, you can either use the default AWS managed AWS KMS key for Amazon ECR, or specify your own AWS KMS key, which you've already created.\n\nIf you use the `AES256` encryption type, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts the images in the repository using an AES256 encryption algorithm.\n\nFor more information, see [Amazon ECR encryption at rest](https://docs.aws.amazon.com/AmazonECR/latest/userguide/encryption-at-rest.html) in the *Amazon Elastic Container Registry User Guide* .", - "title": "EncryptionType", - "type": "string" - }, - "KmsKey": { - "markdownDescription": "If you use the `KMS` encryption type, specify the AWS KMS key to use for encryption. The alias, key ID, or full ARN of the AWS KMS key can be specified. The key must exist in the same Region as the repository. If no key is specified, the default AWS managed AWS KMS key for Amazon ECR will be used.", - "title": "KmsKey", - "type": "string" - } - }, - "required": [ - "EncryptionType" - ], - "type": "object" - }, - "AWS::ECS::CapacityProvider": { + "AWS::EC2::ClientVpnTargetNetworkAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -82887,33 +88757,26 @@ "Properties": { "additionalProperties": false, "properties": { - "AutoScalingGroupProvider": { - "$ref": "#/definitions/AWS::ECS::CapacityProvider.AutoScalingGroupProvider", - "markdownDescription": "The Auto Scaling group settings for the capacity provider.", - "title": "AutoScalingGroupProvider" - }, - "Name": { - "markdownDescription": "The name of the capacity provider. If a name is specified, it cannot start with `aws` , `ecs` , or `fargate` . If no name is specified, a default name in the `CFNStackName-CFNResourceName-RandomString` format is used.", - "title": "Name", + "ClientVpnEndpointId": { + "markdownDescription": "The ID of the Client VPN endpoint.", + "title": "ClientVpnEndpointId", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The metadata that you apply to the capacity provider to help you categorize and organize it. Each tag consists of a key and an optional value. You define both.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8\n- Maximum value length - 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", - "title": "Tags", - "type": "array" + "SubnetId": { + "markdownDescription": "The ID of the subnet to associate with the Client VPN endpoint.", + "title": "SubnetId", + "type": "string" } }, "required": [ - "AutoScalingGroupProvider" + "ClientVpnEndpointId", + "SubnetId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ECS::CapacityProvider" + "AWS::EC2::ClientVpnTargetNetworkAssociation" ], "type": "string" }, @@ -82932,67 +88795,7 @@ ], "type": "object" }, - "AWS::ECS::CapacityProvider.AutoScalingGroupProvider": { - "additionalProperties": false, - "properties": { - "AutoScalingGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) that identifies the Auto Scaling group, or the Auto Scaling group name.", - "title": "AutoScalingGroupArn", - "type": "string" - }, - "ManagedDraining": { - "markdownDescription": "The managed draining option for the Auto Scaling group capacity provider. When you enable this, Amazon ECS manages and gracefully drains the EC2 container instances that are in the Auto Scaling group capacity provider.", - "title": "ManagedDraining", - "type": "string" - }, - "ManagedScaling": { - "$ref": "#/definitions/AWS::ECS::CapacityProvider.ManagedScaling", - "markdownDescription": "The managed scaling settings for the Auto Scaling group capacity provider.", - "title": "ManagedScaling" - }, - "ManagedTerminationProtection": { - "markdownDescription": "The managed termination protection setting to use for the Auto Scaling group capacity provider. This determines whether the Auto Scaling group has managed termination protection. The default is off.\n\n> When using managed termination protection, managed scaling must also be used otherwise managed termination protection doesn't work. \n\nWhen managed termination protection is on, Amazon ECS prevents the Amazon EC2 instances in an Auto Scaling group that contain tasks from being terminated during a scale-in action. The Auto Scaling group and each instance in the Auto Scaling group must have instance protection from scale-in actions on as well. For more information, see [Instance Protection](https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-instance-termination.html#instance-protection) in the *AWS Auto Scaling User Guide* .\n\nWhen managed termination protection is off, your Amazon EC2 instances aren't protected from termination when the Auto Scaling group scales in.", - "title": "ManagedTerminationProtection", - "type": "string" - } - }, - "required": [ - "AutoScalingGroupArn" - ], - "type": "object" - }, - "AWS::ECS::CapacityProvider.ManagedScaling": { - "additionalProperties": false, - "properties": { - "InstanceWarmupPeriod": { - "markdownDescription": "The period of time, in seconds, after a newly launched Amazon EC2 instance can contribute to CloudWatch metrics for Auto Scaling group. If this parameter is omitted, the default value of `300` seconds is used.", - "title": "InstanceWarmupPeriod", - "type": "number" - }, - "MaximumScalingStepSize": { - "markdownDescription": "The maximum number of Amazon EC2 instances that Amazon ECS will scale out at one time. If this parameter is omitted, the default value of `10000` is used.", - "title": "MaximumScalingStepSize", - "type": "number" - }, - "MinimumScalingStepSize": { - "markdownDescription": "The minimum number of Amazon EC2 instances that Amazon ECS will scale out at one time. The scale in process is not affected by this parameter If this parameter is omitted, the default value of `1` is used.\n\nWhen additional capacity is required, Amazon ECS will scale up the minimum scaling step size even if the actual demand is less than the minimum scaling step size.\n\nIf you use a capacity provider with an Auto Scaling group configured with more than one Amazon EC2 instance type or Availability Zone, Amazon ECS will scale up by the exact minimum scaling step size value and will ignore both the maximum scaling step size as well as the capacity demand.", - "title": "MinimumScalingStepSize", - "type": "number" - }, - "Status": { - "markdownDescription": "Determines whether to use managed scaling for the capacity provider.", - "title": "Status", - "type": "string" - }, - "TargetCapacity": { - "markdownDescription": "The target capacity utilization as a percentage for the capacity provider. The specified value must be greater than `0` and less than or equal to `100` . For example, if you want the capacity provider to maintain 10% spare capacity, then that means the utilization is 90%, so use a `targetCapacity` of `90` . The default value of `100` percent results in the Amazon EC2 instances in your Auto Scaling group being completely used.", - "title": "TargetCapacity", - "type": "number" - } - }, - "type": "object" - }, - "AWS::ECS::Cluster": { + "AWS::EC2::CustomerGateway": { "additionalProperties": false, "properties": { "Condition": { @@ -83027,59 +88830,54 @@ "Properties": { "additionalProperties": false, "properties": { - "CapacityProviders": { - "items": { - "type": "string" - }, - "markdownDescription": "The short name of one or more capacity providers to associate with the cluster. A capacity provider must be associated with a cluster before it can be included as part of the default capacity provider strategy of the cluster or used in a capacity provider strategy when calling the [CreateService](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_CreateService.html) or [RunTask](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RunTask.html) actions.\n\nIf specifying a capacity provider that uses an Auto Scaling group, the capacity provider must be created but not associated with another cluster. New Auto Scaling group capacity providers can be created with the [CreateCapacityProvider](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_CreateCapacityProvider.html) API operation.\n\nTo use a AWS Fargate capacity provider, specify either the `FARGATE` or `FARGATE_SPOT` capacity providers. The AWS Fargate capacity providers are available to all accounts and only need to be associated with a cluster to be used.\n\nThe [PutCapacityProvider](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutCapacityProvider.html) API operation is used to update the list of available capacity providers for a cluster after the cluster is created.", - "title": "CapacityProviders", - "type": "array" - }, - "ClusterName": { - "markdownDescription": "A user-generated string that you use to identify your cluster. If you don't specify a name, AWS CloudFormation generates a unique physical ID for the name.", - "title": "ClusterName", - "type": "string" + "BgpAsn": { + "markdownDescription": "For customer gateway devices that support BGP, specify the device's ASN. You must specify either `BgpAsn` or `BgpAsnExtended` when creating the customer gateway. If the ASN is larger than `2,147,483,647` , you must use `BgpAsnExtended` .\n\nDefault: 65000\n\nValid values: `1` to `2,147,483,647`", + "title": "BgpAsn", + "type": "number" }, - "ClusterSettings": { - "items": { - "$ref": "#/definitions/AWS::ECS::Cluster.ClusterSettings" - }, - "markdownDescription": "The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights with enhanced observability or CloudWatch Container Insights for a cluster.\n\nContainer Insights with enhanced observability provides all the Container Insights metrics, plus additional task and container metrics. This version supports enhanced observability for Amazon ECS clusters using the Amazon EC2 and Fargate launch types. After you configure Container Insights with enhanced observability on Amazon ECS, Container Insights auto-collects detailed infrastructure telemetry from the cluster level down to the container level in your environment and displays these critical performance data in curated dashboards removing the heavy lifting in observability set-up.\n\nFor more information, see [Monitor Amazon ECS containers using Container Insights with enhanced observability](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cloudwatch-container-insights.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "ClusterSettings", - "type": "array" + "BgpAsnExtended": { + "markdownDescription": "For customer gateway devices that support BGP, specify the device's ASN. You must specify either `BgpAsn` or `BgpAsnExtended` when creating the customer gateway. If the ASN is larger than `2,147,483,647` , you must use `BgpAsnExtended` .\n\nValid values: `2,147,483,648` to `4,294,967,295`", + "title": "BgpAsnExtended", + "type": "number" }, - "Configuration": { - "$ref": "#/definitions/AWS::ECS::Cluster.ClusterConfiguration", - "markdownDescription": "The execute command and managed storage configuration for the cluster.", - "title": "Configuration" + "CertificateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the customer gateway certificate.", + "title": "CertificateArn", + "type": "string" }, - "DefaultCapacityProviderStrategy": { - "items": { - "$ref": "#/definitions/AWS::ECS::Cluster.CapacityProviderStrategyItem" - }, - "markdownDescription": "The default capacity provider strategy for the cluster. When services or tasks are run in the cluster with no launch type or capacity provider strategy specified, the default capacity provider strategy is used.", - "title": "DefaultCapacityProviderStrategy", - "type": "array" + "DeviceName": { + "markdownDescription": "The name of customer gateway device.", + "title": "DeviceName", + "type": "string" }, - "ServiceConnectDefaults": { - "$ref": "#/definitions/AWS::ECS::Cluster.ServiceConnectDefaults", - "markdownDescription": "Use this parameter to set a default Service Connect namespace. After you set a default Service Connect namespace, any new services with Service Connect turned on that are created in the cluster are added as client services in the namespace. This setting only applies to new services that set the `enabled` parameter to `true` in the `ServiceConnectConfiguration` . You can set the namespace of each service individually in the `ServiceConnectConfiguration` to override this default parameter.\n\nTasks that run in a namespace can use short names to connect to services in the namespace. Tasks can connect to services across all of the clusters in the namespace. Tasks connect through a managed proxy container that collects logs and metrics for increased visibility. Only the tasks that Amazon ECS services create are supported with Service Connect. For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "ServiceConnectDefaults" + "IpAddress": { + "markdownDescription": "The IP address for the customer gateway device's outside interface. The address must be static. If `OutsideIpAddressType` in your VPN connection options is set to `PrivateIpv4` , you can use an RFC6598 or RFC1918 private IPv4 address. If `OutsideIpAddressType` is set to `Ipv6` , you can use an IPv6 address.", + "title": "IpAddress", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The metadata that you apply to the cluster to help you categorize and organize them. Each tag consists of a key and an optional value. You define both.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8\n- Maximum value length - 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", + "markdownDescription": "One or more tags for the customer gateway.", "title": "Tags", "type": "array" + }, + "Type": { + "markdownDescription": "The type of VPN connection that this customer gateway supports ( `ipsec.1` ).", + "title": "Type", + "type": "string" } }, + "required": [ + "IpAddress", + "Type" + ], "type": "object" }, "Type": { "enum": [ - "AWS::ECS::Cluster" + "AWS::EC2::CustomerGateway" ], "type": "string" }, @@ -83093,122 +88891,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::ECS::Cluster.CapacityProviderStrategyItem": { - "additionalProperties": false, - "properties": { - "Base": { - "markdownDescription": "The *base* value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a *base* defined. If no value is specified, the default value of `0` is used.", - "title": "Base", - "type": "number" - }, - "CapacityProvider": { - "markdownDescription": "The short name of the capacity provider.", - "title": "CapacityProvider", - "type": "string" - }, - "Weight": { - "markdownDescription": "The *weight* value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The `weight` value is taken into consideration after the `base` value, if defined, is satisfied.\n\nIf no `weight` value is specified, the default value of `0` is used. When multiple capacity providers are specified within a capacity provider strategy, at least one of the capacity providers must have a weight value greater than zero and any capacity providers with a weight of `0` can't be used to place tasks. If you specify multiple capacity providers in a strategy that all have a weight of `0` , any `RunTask` or `CreateService` actions using the capacity provider strategy will fail.\n\nAn example scenario for using weights is defining a strategy that contains two capacity providers and both have a weight of `1` , then when the `base` is satisfied, the tasks will be split evenly across the two capacity providers. Using that same logic, if you specify a weight of `1` for *capacityProviderA* and a weight of `4` for *capacityProviderB* , then for every one task that's run using *capacityProviderA* , four tasks would use *capacityProviderB* .", - "title": "Weight", - "type": "number" - } - }, - "type": "object" - }, - "AWS::ECS::Cluster.ClusterConfiguration": { - "additionalProperties": false, - "properties": { - "ExecuteCommandConfiguration": { - "$ref": "#/definitions/AWS::ECS::Cluster.ExecuteCommandConfiguration", - "markdownDescription": "The details of the execute command configuration.", - "title": "ExecuteCommandConfiguration" - } - }, - "type": "object" - }, - "AWS::ECS::Cluster.ClusterSettings": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the cluster setting. The value is `containerInsights` .", - "title": "Name", - "type": "string" - }, - "Value": { - "markdownDescription": "The value to set for the cluster setting. The supported values are `enhanced` , `enabled` , and `disabled` .\n\nTo use Container Insights with enhanced observability, set the `containerInsights` account setting to `enhanced` .\n\nTo use Container Insights, set the `containerInsights` account setting to `enabled` .\n\nIf a cluster value is specified, it will override the `containerInsights` value set with [PutAccountSetting](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSetting.html) or [PutAccountSettingDefault](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSettingDefault.html) .", - "title": "Value", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ECS::Cluster.ExecuteCommandConfiguration": { - "additionalProperties": false, - "properties": { - "KmsKeyId": { - "markdownDescription": "Specify an AWS Key Management Service key ID to encrypt the data between the local client and the container.", - "title": "KmsKeyId", - "type": "string" - }, - "LogConfiguration": { - "$ref": "#/definitions/AWS::ECS::Cluster.ExecuteCommandLogConfiguration", - "markdownDescription": "The log configuration for the results of the execute command actions. The logs can be sent to CloudWatch Logs or an Amazon S3 bucket. When `logging=OVERRIDE` is specified, a `logConfiguration` must be provided.", - "title": "LogConfiguration" - }, - "Logging": { - "markdownDescription": "The log setting to use for redirecting logs for your execute command results. The following log settings are available.\n\n- `NONE` : The execute command session is not logged.\n- `DEFAULT` : The `awslogs` configuration in the task definition is used. If no logging parameter is specified, it defaults to this value. If no `awslogs` log driver is configured in the task definition, the output won't be logged.\n- `OVERRIDE` : Specify the logging details as a part of `logConfiguration` . If the `OVERRIDE` logging option is specified, the `logConfiguration` is required.", - "title": "Logging", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ECS::Cluster.ExecuteCommandLogConfiguration": { - "additionalProperties": false, - "properties": { - "CloudWatchEncryptionEnabled": { - "markdownDescription": "Determines whether to use encryption on the CloudWatch logs. If not specified, encryption will be off.", - "title": "CloudWatchEncryptionEnabled", - "type": "boolean" - }, - "CloudWatchLogGroupName": { - "markdownDescription": "The name of the CloudWatch log group to send logs to.\n\n> The CloudWatch log group must already be created.", - "title": "CloudWatchLogGroupName", - "type": "string" - }, - "S3BucketName": { - "markdownDescription": "The name of the S3 bucket to send logs to.\n\n> The S3 bucket must already be created.", - "title": "S3BucketName", - "type": "string" - }, - "S3EncryptionEnabled": { - "markdownDescription": "Determines whether to use encryption on the S3 logs. If not specified, encryption is not used.", - "title": "S3EncryptionEnabled", - "type": "boolean" - }, - "S3KeyPrefix": { - "markdownDescription": "An optional folder in the S3 bucket to place logs in.", - "title": "S3KeyPrefix", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ECS::Cluster.ServiceConnectDefaults": { - "additionalProperties": false, - "properties": { - "Namespace": { - "markdownDescription": "The namespace name or full Amazon Resource Name (ARN) of the AWS Cloud Map namespace that's used when you create a service and don't specify a Service Connect configuration. The namespace name can include up to 1024 characters. The name is case-sensitive. The name can't include greater than (>), less than (<), double quotation marks (\"), or slash (/).\n\nIf you enter an existing namespace name or ARN, then that namespace will be used. Any namespace type is supported. The namespace must be in this account and this AWS Region.\n\nIf you enter a new name, a AWS Cloud Map namespace will be created. Amazon ECS creates a AWS Cloud Map namespace with the \"API calls\" method of instance discovery only. This instance discovery method is the \"HTTP\" namespace type in the AWS Command Line Interface . Other types of instance discovery aren't used by Service Connect.\n\nIf you update the cluster with an empty string `\"\"` for the namespace name, the cluster configuration for Service Connect is removed. Note that the namespace will remain in AWS Cloud Map and must be deleted separately.\n\nFor more information about AWS Cloud Map , see [Working with Services](https://docs.aws.amazon.com/cloud-map/latest/dg/working-with-services.html) in the *AWS Cloud Map Developer Guide* .", - "title": "Namespace", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ECS::ClusterCapacityProviderAssociations": { + "AWS::EC2::DHCPOptions": { "additionalProperties": false, "properties": { "Condition": { @@ -83243,141 +88931,59 @@ "Properties": { "additionalProperties": false, "properties": { - "CapacityProviders": { + "DomainName": { + "markdownDescription": "This value is used to complete unqualified DNS hostnames. If you're using AmazonProvidedDNS in `us-east-1` , specify `ec2.internal` . If you're using AmazonProvidedDNS in another Region, specify *region* . `compute.internal` (for example, `ap-northeast-1.compute.internal` ). Otherwise, specify a domain name (for example, *MyCompany.com* ).", + "title": "DomainName", + "type": "string" + }, + "DomainNameServers": { "items": { "type": "string" }, - "markdownDescription": "The capacity providers to associate with the cluster.", - "title": "CapacityProviders", + "markdownDescription": "The IPv4 addresses of up to four domain name servers, or `AmazonProvidedDNS` . The default is `AmazonProvidedDNS` . To have your instance receive a custom DNS hostname as specified in `DomainName` , you must set this property to a custom DNS server.", + "title": "DomainNameServers", "type": "array" }, - "Cluster": { - "markdownDescription": "The cluster the capacity provider association is the target of.", - "title": "Cluster", - "type": "string" + "Ipv6AddressPreferredLeaseTime": { + "markdownDescription": "A value (in seconds, minutes, hours, or years) for how frequently a running instance with an IPv6 assigned to it goes through DHCPv6 lease renewal. Acceptable values are between 140 and 2147483647 seconds (approximately 68 years). If no value is entered, the default lease time is 140 seconds. If you use long-term addressing for EC2 instances, you can increase the lease time and avoid frequent lease renewal requests. Lease renewal typically occurs when half of the lease time has elapsed.", + "title": "Ipv6AddressPreferredLeaseTime", + "type": "number" }, - "DefaultCapacityProviderStrategy": { + "NetbiosNameServers": { "items": { - "$ref": "#/definitions/AWS::ECS::ClusterCapacityProviderAssociations.CapacityProviderStrategy" + "type": "string" }, - "markdownDescription": "The default capacity provider strategy to associate with the cluster.", - "title": "DefaultCapacityProviderStrategy", + "markdownDescription": "The IPv4 addresses of up to four NetBIOS name servers.", + "title": "NetbiosNameServers", "type": "array" - } - }, - "required": [ - "CapacityProviders", - "Cluster", - "DefaultCapacityProviderStrategy" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::ECS::ClusterCapacityProviderAssociations" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::ECS::ClusterCapacityProviderAssociations.CapacityProviderStrategy": { - "additionalProperties": false, - "properties": { - "Base": { - "markdownDescription": "The *base* value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a *base* defined. If no value is specified, the default value of `0` is used.", - "title": "Base", - "type": "number" - }, - "CapacityProvider": { - "markdownDescription": "The short name of the capacity provider.", - "title": "CapacityProvider", - "type": "string" - }, - "Weight": { - "markdownDescription": "The *weight* value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The `weight` value is taken into consideration after the `base` value, if defined, is satisfied.\n\nIf no `weight` value is specified, the default value of `0` is used. When multiple capacity providers are specified within a capacity provider strategy, at least one of the capacity providers must have a weight value greater than zero and any capacity providers with a weight of `0` can't be used to place tasks. If you specify multiple capacity providers in a strategy that all have a weight of `0` , any `RunTask` or `CreateService` actions using the capacity provider strategy will fail.\n\nAn example scenario for using weights is defining a strategy that contains two capacity providers and both have a weight of `1` , then when the `base` is satisfied, the tasks will be split evenly across the two capacity providers. Using that same logic, if you specify a weight of `1` for *capacityProviderA* and a weight of `4` for *capacityProviderB* , then for every one task that's run using *capacityProviderA* , four tasks would use *capacityProviderB* .", - "title": "Weight", - "type": "number" - } - }, - "required": [ - "CapacityProvider" - ], - "type": "object" - }, - "AWS::ECS::PrimaryTaskSet": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" }, - { + "NetbiosNodeType": { + "markdownDescription": "The NetBIOS node type (1, 2, 4, or 8). We recommend that you specify 2 (broadcast and multicast are not currently supported).", + "title": "NetbiosNodeType", + "type": "number" + }, + "NtpServers": { "items": { - "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, + "markdownDescription": "The IPv4 addresses of up to four Network Time Protocol (NTP) servers.", + "title": "NtpServers", "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Cluster": { - "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the cluster that hosts the service that the task set exists in.", - "title": "Cluster", - "type": "string" - }, - "Service": { - "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the service that the task set exists in.", - "title": "Service", - "type": "string" }, - "TaskSetId": { - "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the task set to set as the primary task set in the deployment.", - "title": "TaskSetId", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Any tags assigned to the DHCP options set.", + "title": "Tags", + "type": "array" } }, - "required": [ - "Cluster", - "Service", - "TaskSetId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::ECS::PrimaryTaskSet" + "AWS::EC2::DHCPOptions" ], "type": "string" }, @@ -83391,12 +88997,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::ECS::Service": { + "AWS::EC2::EC2Fleet": { "additionalProperties": false, "properties": { "Condition": { @@ -83431,148 +89036,82 @@ "Properties": { "additionalProperties": false, "properties": { - "CapacityProviderStrategy": { - "items": { - "$ref": "#/definitions/AWS::ECS::Service.CapacityProviderStrategyItem" - }, - "markdownDescription": "The capacity provider strategy to use for the service.\n\nIf a `capacityProviderStrategy` is specified, the `launchType` parameter must be omitted. If no `capacityProviderStrategy` or `launchType` is specified, the `defaultCapacityProviderStrategy` for the cluster is used.\n\nA capacity provider strategy can contain a maximum of 20 capacity providers.\n\n> To remove this property from your service resource, specify an empty `CapacityProviderStrategyItem` array.", - "title": "CapacityProviderStrategy", - "type": "array" - }, - "Cluster": { - "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the cluster that you run your service on. If you do not specify a cluster, the default cluster is assumed.", - "title": "Cluster", + "Context": { + "markdownDescription": "Reserved.", + "title": "Context", "type": "string" }, - "DeploymentConfiguration": { - "$ref": "#/definitions/AWS::ECS::Service.DeploymentConfiguration", - "markdownDescription": "Optional deployment parameters that control how many tasks run during the deployment and the ordering of stopping and starting tasks.", - "title": "DeploymentConfiguration" - }, - "DeploymentController": { - "$ref": "#/definitions/AWS::ECS::Service.DeploymentController", - "markdownDescription": "The deployment controller to use for the service. If no deployment controller is specified, the default value of `ECS` is used.", - "title": "DeploymentController" - }, - "DesiredCount": { - "markdownDescription": "The number of instantiations of the specified task definition to place and keep running in your service.\n\nFor new services, if a desired count is not specified, a default value of `1` is used. When using the `DAEMON` scheduling strategy, the desired count is not required.\n\nFor existing services, if a desired count is not specified, it is omitted from the operation.", - "title": "DesiredCount", - "type": "number" - }, - "EnableECSManagedTags": { - "markdownDescription": "Specifies whether to turn on Amazon ECS managed tags for the tasks within the service. For more information, see [Tagging your Amazon ECS resources](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-using-tags.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nWhen you use Amazon ECS managed tags, you need to set the `propagateTags` request parameter.", - "title": "EnableECSManagedTags", - "type": "boolean" - }, - "EnableExecuteCommand": { - "markdownDescription": "Determines whether the execute command functionality is turned on for the service. If `true` , the execute command functionality is turned on for all containers in tasks as part of the service.", - "title": "EnableExecuteCommand", - "type": "boolean" - }, - "HealthCheckGracePeriodSeconds": { - "markdownDescription": "The period of time, in seconds, that the Amazon ECS service scheduler ignores unhealthy Elastic Load Balancing, VPC Lattice, and container health checks after a task has first started. If you don't specify a health check grace period value, the default value of `0` is used. If you don't use any of the health checks, then `healthCheckGracePeriodSeconds` is unused.\n\nIf your service's tasks take a while to start and respond to health checks, you can specify a health check grace period of up to 2,147,483,647 seconds (about 69 years). During that time, the Amazon ECS service scheduler ignores health check status. This grace period can prevent the service scheduler from marking tasks as unhealthy and stopping them before they have time to come up.", - "title": "HealthCheckGracePeriodSeconds", - "type": "number" - }, - "LaunchType": { - "markdownDescription": "The launch type on which to run your service. For more information, see [Amazon ECS Launch Types](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/launch_types.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "LaunchType", + "ExcessCapacityTerminationPolicy": { + "markdownDescription": "Indicates whether running instances should be terminated if the total target capacity of the EC2 Fleet is decreased below the current size of the EC2 Fleet.\n\nSupported only for fleets of type `maintain` .", + "title": "ExcessCapacityTerminationPolicy", "type": "string" }, - "LoadBalancers": { + "LaunchTemplateConfigs": { "items": { - "$ref": "#/definitions/AWS::ECS::Service.LoadBalancer" + "$ref": "#/definitions/AWS::EC2::EC2Fleet.FleetLaunchTemplateConfigRequest" }, - "markdownDescription": "A list of load balancer objects to associate with the service. If you specify the `Role` property, `LoadBalancers` must be specified as well. For information about the number of load balancers that you can specify per service, see [Service Load Balancing](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-load-balancing.html) in the *Amazon Elastic Container Service Developer Guide* .\n\n> To remove this property from your service resource, specify an empty `LoadBalancer` array.", - "title": "LoadBalancers", + "markdownDescription": "The configuration for the EC2 Fleet.", + "title": "LaunchTemplateConfigs", "type": "array" }, - "NetworkConfiguration": { - "$ref": "#/definitions/AWS::ECS::Service.NetworkConfiguration", - "markdownDescription": "The network configuration for the service. This parameter is required for task definitions that use the `awsvpc` network mode to receive their own elastic network interface, and it is not supported for other network modes. For more information, see [Task Networking](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-networking.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "NetworkConfiguration" + "OnDemandOptions": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.OnDemandOptionsRequest", + "markdownDescription": "Describes the configuration of On-Demand Instances in an EC2 Fleet.", + "title": "OnDemandOptions" }, - "PlacementConstraints": { - "items": { - "$ref": "#/definitions/AWS::ECS::Service.PlacementConstraint" - }, - "markdownDescription": "An array of placement constraint objects to use for tasks in your service. You can specify a maximum of 10 constraints for each task. This limit includes constraints in the task definition and those specified at runtime.\n\n> To remove this property from your service resource, specify an empty `PlacementConstraint` array.", - "title": "PlacementConstraints", - "type": "array" + "ReplaceUnhealthyInstances": { + "markdownDescription": "Indicates whether EC2 Fleet should replace unhealthy Spot Instances. Supported only for fleets of type `maintain` . For more information, see [EC2 Fleet health checks](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/manage-ec2-fleet.html#ec2-fleet-health-checks) in the *Amazon EC2 User Guide* .", + "title": "ReplaceUnhealthyInstances", + "type": "boolean" }, - "PlacementStrategies": { + "SpotOptions": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.SpotOptionsRequest", + "markdownDescription": "Describes the configuration of Spot Instances in an EC2 Fleet.", + "title": "SpotOptions" + }, + "TagSpecifications": { "items": { - "$ref": "#/definitions/AWS::ECS::Service.PlacementStrategy" + "$ref": "#/definitions/AWS::EC2::EC2Fleet.TagSpecification" }, - "markdownDescription": "The placement strategy objects to use for tasks in your service. You can specify a maximum of 5 strategy rules for each service.\n\n> To remove this property from your service resource, specify an empty `PlacementStrategy` array.", - "title": "PlacementStrategies", + "markdownDescription": "The key-value pair for tagging the EC2 Fleet request on creation. For more information, see [Tag your resources](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#tag-resources) .\n\nIf the fleet type is `instant` , specify a resource type of `fleet` to tag the fleet or `instance` to tag the instances at launch.\n\nIf the fleet type is `maintain` or `request` , specify a resource type of `fleet` to tag the fleet. You cannot specify a resource type of `instance` . To tag instances at launch, specify the tags in a [launch template](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html#create-launch-template) .", + "title": "TagSpecifications", "type": "array" }, - "PlatformVersion": { - "markdownDescription": "The platform version that your tasks in the service are running on. A platform version is specified only for tasks using the Fargate launch type. If one isn't specified, the `LATEST` platform version is used. For more information, see [AWS Fargate platform versions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "PlatformVersion", - "type": "string" - }, - "PropagateTags": { - "markdownDescription": "Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags aren't propagated. Tags can only be propagated to the task during task creation. To add tags to a task after task creation, use the [TagResource](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_TagResource.html) API action.\n\nYou must set this to a value other than `NONE` when you use Cost Explorer. For more information, see [Amazon ECS usage reports](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/usage-reports.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nThe default is `NONE` .", - "title": "PropagateTags", - "type": "string" + "TargetCapacitySpecification": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.TargetCapacitySpecificationRequest", + "markdownDescription": "The number of units to request.", + "title": "TargetCapacitySpecification" }, - "Role": { - "markdownDescription": "The name or full Amazon Resource Name (ARN) of the IAM role that allows Amazon ECS to make calls to your load balancer on your behalf. This parameter is only permitted if you are using a load balancer with your service and your task definition doesn't use the `awsvpc` network mode. If you specify the `role` parameter, you must also specify a load balancer object with the `loadBalancers` parameter.\n\n> If your account has already created the Amazon ECS service-linked role, that role is used for your service unless you specify a role here. The service-linked role is required if your task definition uses the `awsvpc` network mode or if the service is configured to use service discovery, an external deployment controller, multiple target groups, or Elastic Inference accelerators in which case you don't specify a role here. For more information, see [Using service-linked roles for Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using-service-linked-roles.html) in the *Amazon Elastic Container Service Developer Guide* . \n\nIf your specified role has a path other than `/` , then you must either specify the full role ARN (this is recommended) or prefix the role name with the path. For example, if a role with the name `bar` has a path of `/foo/` then you would specify `/foo/bar` as the role name. For more information, see [Friendly names and paths](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-friendly-names) in the *IAM User Guide* .", - "title": "Role", - "type": "string" + "TerminateInstancesWithExpiration": { + "markdownDescription": "Indicates whether running instances should be terminated when the EC2 Fleet expires.", + "title": "TerminateInstancesWithExpiration", + "type": "boolean" }, - "SchedulingStrategy": { - "markdownDescription": "The scheduling strategy to use for the service. For more information, see [Services](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs_services.html) .\n\nThere are two service scheduler strategies available:\n\n- `REPLICA` -The replica scheduling strategy places and maintains the desired number of tasks across your cluster. By default, the service scheduler spreads tasks across Availability Zones. You can use task placement strategies and constraints to customize task placement decisions. This scheduler strategy is required if the service uses the `CODE_DEPLOY` or `EXTERNAL` deployment controller types.\n- `DAEMON` -The daemon scheduling strategy deploys exactly one task on each active container instance that meets all of the task placement constraints that you specify in your cluster. The service scheduler also evaluates the task placement constraints for running tasks and will stop tasks that don't meet the placement constraints. When you're using this strategy, you don't need to specify a desired number of tasks, a task placement strategy, or use Service Auto Scaling policies.\n\n> Tasks using the Fargate launch type or the `CODE_DEPLOY` or `EXTERNAL` deployment controller types don't support the `DAEMON` scheduling strategy.", - "title": "SchedulingStrategy", + "Type": { + "markdownDescription": "The fleet type. The default value is `maintain` .\n\n- `maintain` - The EC2 Fleet places an asynchronous request for your desired capacity, and continues to maintain your desired Spot capacity by replenishing interrupted Spot Instances.\n- `request` - The EC2 Fleet places an asynchronous one-time request for your desired capacity, but does submit Spot requests in alternative capacity pools if Spot capacity is unavailable, and does not maintain Spot capacity if Spot Instances are interrupted.\n- `instant` - The EC2 Fleet places a synchronous one-time request for your desired capacity, and returns errors for any instances that could not be launched.\n\nFor more information, see [EC2 Fleet request types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-request-type.html) in the *Amazon EC2 User Guide* .", + "title": "Type", "type": "string" }, - "ServiceConnectConfiguration": { - "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectConfiguration", - "markdownDescription": "The configuration for this service to discover and connect to services, and be discovered by, and connected from, other services within a namespace.\n\nTasks that run in a namespace can use short names to connect to services in the namespace. Tasks can connect to services across all of the clusters in the namespace. Tasks connect through a managed proxy container that collects logs and metrics for increased visibility. Only the tasks that Amazon ECS services create are supported with Service Connect. For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "ServiceConnectConfiguration" - }, - "ServiceName": { - "markdownDescription": "The name of your service. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed. Service names must be unique within a cluster, but you can have similarly named services in multiple clusters within a Region or across multiple Regions.\n\n> The stack update fails if you change any properties that require replacement and the `ServiceName` is configured. This is because AWS CloudFormation creates the replacement service first, but each `ServiceName` must be unique in the cluster.", - "title": "ServiceName", + "ValidFrom": { + "markdownDescription": "The start date and time of the request, in UTC format (for example, *YYYY* - *MM* - *DD* T *HH* : *MM* : *SS* Z). The default is to start fulfilling the request immediately.", + "title": "ValidFrom", "type": "string" }, - "ServiceRegistries": { - "items": { - "$ref": "#/definitions/AWS::ECS::Service.ServiceRegistry" - }, - "markdownDescription": "The details of the service discovery registry to associate with this service. For more information, see [Service discovery](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-discovery.html) .\n\n> Each service may be associated with one service registry. Multiple service registries for each service isn't supported. > To remove this property from your service resource, specify an empty `ServiceRegistry` array.", - "title": "ServiceRegistries", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The metadata that you apply to the service to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define. When a service is deleted, the tags are deleted as well.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8\n- Maximum value length - 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", - "title": "Tags", - "type": "array" - }, - "TaskDefinition": { - "markdownDescription": "The `family` and `revision` ( `family:revision` ) or full ARN of the task definition to run in your service. If a `revision` isn't specified, the latest `ACTIVE` revision is used.\n\nA task definition must be specified if the service uses either the `ECS` or `CODE_DEPLOY` deployment controllers.\n\nFor more information about deployment types, see [Amazon ECS deployment types](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-types.html) .", - "title": "TaskDefinition", + "ValidUntil": { + "markdownDescription": "The end date and time of the request, in UTC format (for example, *YYYY* - *MM* - *DD* T *HH* : *MM* : *SS* Z). At this point, no new EC2 Fleet requests are placed or able to fulfill the request. If no value is specified, the request remains until you cancel it.", + "title": "ValidUntil", "type": "string" - }, - "VolumeConfigurations": { - "items": { - "$ref": "#/definitions/AWS::ECS::Service.ServiceVolumeConfiguration" - }, - "markdownDescription": "The configuration for a volume specified in the task definition as a volume that is configured at launch time. Currently, the only supported volume type is an Amazon EBS volume.\n\n> To remove this property from your service resource, specify an empty `ServiceVolumeConfiguration` array.", - "title": "VolumeConfigurations", - "type": "array" } }, + "required": [ + "LaunchTemplateConfigs", + "TargetCapacitySpecification" + ], "type": "object" }, "Type": { "enum": [ - "AWS::ECS::Service" + "AWS::EC2::EC2Fleet" ], "type": "string" }, @@ -83586,548 +89125,730 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::ECS::Service.AwsVpcConfiguration": { + "AWS::EC2::EC2Fleet.AcceleratorCountRequest": { "additionalProperties": false, "properties": { - "AssignPublicIp": { - "markdownDescription": "Whether the task's elastic network interface receives a public IP address.\n\nConsider the following when you set this value:\n\n- When you use `create-service` or `update-service` , the default is `DISABLED` .\n- When the service `deploymentController` is `ECS` , the value must be `DISABLED` .", - "title": "AssignPublicIp", - "type": "string" - }, - "SecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the security groups associated with the task or service. If you don't specify a security group, the default security group for the VPC is used. There's a limit of 5 security groups that can be specified.\n\n> All specified security groups must be from the same VPC.", - "title": "SecurityGroups", - "type": "array" + "Max": { + "markdownDescription": "The maximum number of accelerators. To specify no maximum limit, omit this parameter. To exclude accelerator-enabled instance types, set `Max` to `0` .", + "title": "Max", + "type": "number" }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the subnets associated with the task or service. There's a limit of 16 subnets that can be specified.\n\n> All specified subnets must be from the same VPC.", - "title": "Subnets", - "type": "array" + "Min": { + "markdownDescription": "The minimum number of accelerators. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" } }, "type": "object" }, - "AWS::ECS::Service.CapacityProviderStrategyItem": { + "AWS::EC2::EC2Fleet.AcceleratorTotalMemoryMiBRequest": { "additionalProperties": false, "properties": { - "Base": { - "markdownDescription": "The *base* value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a *base* defined. If no value is specified, the default value of `0` is used.", - "title": "Base", + "Max": { + "markdownDescription": "The maximum amount of accelerator memory, in MiB. To specify no maximum limit, omit this parameter.", + "title": "Max", "type": "number" }, - "CapacityProvider": { - "markdownDescription": "The short name of the capacity provider.", - "title": "CapacityProvider", - "type": "string" - }, - "Weight": { - "markdownDescription": "The *weight* value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The `weight` value is taken into consideration after the `base` value, if defined, is satisfied.\n\nIf no `weight` value is specified, the default value of `0` is used. When multiple capacity providers are specified within a capacity provider strategy, at least one of the capacity providers must have a weight value greater than zero and any capacity providers with a weight of `0` can't be used to place tasks. If you specify multiple capacity providers in a strategy that all have a weight of `0` , any `RunTask` or `CreateService` actions using the capacity provider strategy will fail.\n\nAn example scenario for using weights is defining a strategy that contains two capacity providers and both have a weight of `1` , then when the `base` is satisfied, the tasks will be split evenly across the two capacity providers. Using that same logic, if you specify a weight of `1` for *capacityProviderA* and a weight of `4` for *capacityProviderB* , then for every one task that's run using *capacityProviderA* , four tasks would use *capacityProviderB* .", - "title": "Weight", + "Min": { + "markdownDescription": "The minimum amount of accelerator memory, in MiB. To specify no minimum limit, omit this parameter.", + "title": "Min", "type": "number" } }, "type": "object" }, - "AWS::ECS::Service.DeploymentAlarms": { + "AWS::EC2::EC2Fleet.BaselineEbsBandwidthMbpsRequest": { "additionalProperties": false, "properties": { - "AlarmNames": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more CloudWatch alarm names. Use a \",\" to separate the alarms.", - "title": "AlarmNames", - "type": "array" - }, - "Enable": { - "markdownDescription": "Determines whether to use the CloudWatch alarm option in the service deployment process.", - "title": "Enable", - "type": "boolean" + "Max": { + "markdownDescription": "The maximum baseline bandwidth, in Mbps. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" }, - "Rollback": { - "markdownDescription": "Determines whether to configure Amazon ECS to roll back the service if a service deployment fails. If rollback is used, when a service deployment fails, the service is rolled back to the last deployment that completed successfully.", - "title": "Rollback", - "type": "boolean" + "Min": { + "markdownDescription": "The minimum baseline bandwidth, in Mbps. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" } }, - "required": [ - "AlarmNames", - "Enable", - "Rollback" - ], "type": "object" }, - "AWS::ECS::Service.DeploymentCircuitBreaker": { + "AWS::EC2::EC2Fleet.BaselinePerformanceFactorsRequest": { "additionalProperties": false, "properties": { - "Enable": { - "markdownDescription": "Determines whether to use the deployment circuit breaker logic for the service.", - "title": "Enable", - "type": "boolean" - }, - "Rollback": { - "markdownDescription": "Determines whether to configure Amazon ECS to roll back the service if a service deployment fails. If rollback is on, when a service deployment fails, the service is rolled back to the last deployment that completed successfully.", - "title": "Rollback", - "type": "boolean" + "Cpu": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.CpuPerformanceFactorRequest", + "markdownDescription": "The CPU performance to consider, using an instance family as the baseline reference.", + "title": "Cpu" } }, - "required": [ - "Enable", - "Rollback" - ], "type": "object" }, - "AWS::ECS::Service.DeploymentConfiguration": { + "AWS::EC2::EC2Fleet.BlockDeviceMapping": { "additionalProperties": false, "properties": { - "Alarms": { - "$ref": "#/definitions/AWS::ECS::Service.DeploymentAlarms", - "markdownDescription": "Information about the CloudWatch alarms.", - "title": "Alarms" + "DeviceName": { + "markdownDescription": "The device name (for example, `/dev/sdh` or `xvdh` ).", + "title": "DeviceName", + "type": "string" }, - "DeploymentCircuitBreaker": { - "$ref": "#/definitions/AWS::ECS::Service.DeploymentCircuitBreaker", - "markdownDescription": "> The deployment circuit breaker can only be used for services using the rolling update ( `ECS` ) deployment type. \n\nThe *deployment circuit breaker* determines whether a service deployment will fail if the service can't reach a steady state. If you use the deployment circuit breaker, a service deployment will transition to a failed state and stop launching new tasks. If you use the rollback option, when a service deployment fails, the service is rolled back to the last deployment that completed successfully. For more information, see [Rolling update](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-type-ecs.html) in the *Amazon Elastic Container Service Developer Guide*", - "title": "DeploymentCircuitBreaker" + "Ebs": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.EbsBlockDevice", + "markdownDescription": "Parameters used to automatically set up EBS volumes when the instance is launched.", + "title": "Ebs" }, - "MaximumPercent": { - "markdownDescription": "If a service is using the rolling update ( `ECS` ) deployment type, the `maximumPercent` parameter represents an upper limit on the number of your service's tasks that are allowed in the `RUNNING` or `PENDING` state during a deployment, as a percentage of the `desiredCount` (rounded down to the nearest integer). This parameter enables you to define the deployment batch size. For example, if your service is using the `REPLICA` service scheduler and has a `desiredCount` of four tasks and a `maximumPercent` value of 200%, the scheduler may start four new tasks before stopping the four older tasks (provided that the cluster resources required to do this are available). The default `maximumPercent` value for a service using the `REPLICA` service scheduler is 200%.\n\nThe Amazon ECS scheduler uses this parameter to replace unhealthy tasks by starting replacement tasks first and then stopping the unhealthy tasks, as long as cluster resources for starting replacement tasks are available. For more information about how the scheduler replaces unhealthy tasks, see [Amazon ECS services](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs_services.html) .\n\nIf a service is using either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types, and tasks in the service use the EC2 launch type, the *maximum percent* value is set to the default value. The *maximum percent* value is used to define the upper limit on the number of the tasks in the service that remain in the `RUNNING` state while the container instances are in the `DRAINING` state.\n\n> You can't specify a custom `maximumPercent` value for a service that uses either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types and has tasks that use the EC2 launch type. \n\nIf the service uses either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types, and the tasks in the service use the Fargate launch type, the maximum percent value is not used. The value is still returned when describing your service.", - "title": "MaximumPercent", - "type": "number" + "NoDevice": { + "markdownDescription": "To omit the device from the block device mapping, specify an empty string. When this property is specified, the device is removed from the block device mapping regardless of the assigned value.", + "title": "NoDevice", + "type": "string" }, - "MinimumHealthyPercent": { - "markdownDescription": "If a service is using the rolling update ( `ECS` ) deployment type, the `minimumHealthyPercent` represents a lower limit on the number of your service's tasks that must remain in the `RUNNING` state during a deployment, as a percentage of the `desiredCount` (rounded up to the nearest integer). This parameter enables you to deploy without using additional cluster capacity. For example, if your service has a `desiredCount` of four tasks and a `minimumHealthyPercent` of 50%, the service scheduler may stop two existing tasks to free up cluster capacity before starting two new tasks.\n\nIf any tasks are unhealthy and if `maximumPercent` doesn't allow the Amazon ECS scheduler to start replacement tasks, the scheduler stops the unhealthy tasks one-by-one \u2014 using the `minimumHealthyPercent` as a constraint \u2014 to clear up capacity to launch replacement tasks. For more information about how the scheduler replaces unhealthy tasks, see [Amazon ECS services](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs_services.html) .\n\nFor services that *do not* use a load balancer, the following should be noted:\n\n- A service is considered healthy if all essential containers within the tasks in the service pass their health checks.\n- If a task has no essential containers with a health check defined, the service scheduler will wait for 40 seconds after a task reaches a `RUNNING` state before the task is counted towards the minimum healthy percent total.\n- If a task has one or more essential containers with a health check defined, the service scheduler will wait for the task to reach a healthy status before counting it towards the minimum healthy percent total. A task is considered healthy when all essential containers within the task have passed their health checks. The amount of time the service scheduler can wait for is determined by the container health check settings.\n\nFor services that *do* use a load balancer, the following should be noted:\n\n- If a task has no essential containers with a health check defined, the service scheduler will wait for the load balancer target group health check to return a healthy status before counting the task towards the minimum healthy percent total.\n- If a task has an essential container with a health check defined, the service scheduler will wait for both the task to reach a healthy status and the load balancer target group health check to return a healthy status before counting the task towards the minimum healthy percent total.\n\nThe default value for a replica service for `minimumHealthyPercent` is 100%. The default `minimumHealthyPercent` value for a service using the `DAEMON` service schedule is 0% for the AWS CLI , the AWS SDKs, and the APIs and 50% for the AWS Management Console.\n\nThe minimum number of healthy tasks during a deployment is the `desiredCount` multiplied by the `minimumHealthyPercent` /100, rounded up to the nearest integer value.\n\nIf a service is using either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types and is running tasks that use the EC2 launch type, the *minimum healthy percent* value is set to the default value. The *minimum healthy percent* value is used to define the lower limit on the number of the tasks in the service that remain in the `RUNNING` state while the container instances are in the `DRAINING` state.\n\n> You can't specify a custom `minimumHealthyPercent` value for a service that uses either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types and has tasks that use the EC2 launch type. \n\nIf a service is using either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types and is running tasks that use the Fargate launch type, the minimum healthy percent value is not used, although it is returned when describing your service.", - "title": "MinimumHealthyPercent", - "type": "number" + "VirtualName": { + "markdownDescription": "The virtual device name ( `ephemeral` N). Instance store volumes are numbered starting from 0. An instance type with 2 available instance store volumes can specify mappings for `ephemeral0` and `ephemeral1` . The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume.\n\nNVMe instance store volumes are automatically enumerated and assigned a device name. Including them in your block device mapping has no effect.\n\nConstraints: For M3 instances, you must specify instance store volumes in the block device mapping for the instance. When you launch an M3 instance, we ignore any instance store volumes specified in the block device mapping for the AMI.", + "title": "VirtualName", + "type": "string" } }, "type": "object" }, - "AWS::ECS::Service.DeploymentController": { + "AWS::EC2::EC2Fleet.CapacityRebalance": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The deployment controller type to use. There are three deployment controller types available:\n\n- **ECS** - The rolling update ( `ECS` ) deployment type involves replacing the current running version of the container with the latest version. The number of containers Amazon ECS adds or removes from the service during a rolling update is controlled by adjusting the minimum and maximum number of healthy tasks allowed during a service deployment, as specified in the [DeploymentConfiguration](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DeploymentConfiguration.html) .\n- **CODE_DEPLOY** - The blue/green ( `CODE_DEPLOY` ) deployment type uses the blue/green deployment model powered by AWS CodeDeploy , which allows you to verify a new deployment of a service before sending production traffic to it.\n- **EXTERNAL** - The external ( `EXTERNAL` ) deployment type enables you to use any third-party deployment controller for full control over the deployment process for an Amazon ECS service.", - "title": "Type", + "ReplacementStrategy": { + "markdownDescription": "The replacement strategy to use. Only available for fleets of type `maintain` .\n\n`launch` - EC2 Fleet launches a replacement Spot Instance when a rebalance notification is emitted for an existing Spot Instance in the fleet. EC2 Fleet does not terminate the instances that receive a rebalance notification. You can terminate the old instances, or you can leave them running. You are charged for all instances while they are running.\n\n`launch-before-terminate` - EC2 Fleet launches a replacement Spot Instance when a rebalance notification is emitted for an existing Spot Instance in the fleet, and then, after a delay that you specify (in `TerminationDelay` ), terminates the instances that received a rebalance notification.", + "title": "ReplacementStrategy", "type": "string" + }, + "TerminationDelay": { + "markdownDescription": "The amount of time (in seconds) that Amazon EC2 waits before terminating the old Spot Instance after launching a new replacement Spot Instance.\n\nRequired when `ReplacementStrategy` is set to `launch-before-terminate` .\n\nNot valid when `ReplacementStrategy` is set to `launch` .\n\nValid values: Minimum value of `120` seconds. Maximum value of `7200` seconds.", + "title": "TerminationDelay", + "type": "number" } }, "type": "object" }, - "AWS::ECS::Service.EBSTagSpecification": { + "AWS::EC2::EC2Fleet.CapacityReservationOptionsRequest": { "additionalProperties": false, "properties": { - "PropagateTags": { - "markdownDescription": "Determines whether to propagate the tags from the task definition to the Amazon EBS volume. Tags can only propagate to a `SERVICE` specified in `ServiceVolumeConfiguration` . If no value is specified, the tags aren't propagated.", - "title": "PropagateTags", - "type": "string" - }, - "ResourceType": { - "markdownDescription": "The type of volume resource.", - "title": "ResourceType", + "UsageStrategy": { + "markdownDescription": "Indicates whether to use unused Capacity Reservations for fulfilling On-Demand capacity.\n\nIf you specify `use-capacity-reservations-first` , the fleet uses unused Capacity Reservations to fulfill On-Demand capacity up to the target On-Demand capacity. If multiple instance pools have unused Capacity Reservations, the On-Demand allocation strategy ( `lowest-price` or `prioritized` ) is applied. If the number of unused Capacity Reservations is less than the On-Demand target capacity, the remaining On-Demand target capacity is launched according to the On-Demand allocation strategy ( `lowest-price` or `prioritized` ).\n\nIf you do not specify a value, the fleet fulfils the On-Demand capacity according to the chosen On-Demand allocation strategy.", + "title": "UsageStrategy", "type": "string" - }, - "Tags": { + } + }, + "type": "object" + }, + "AWS::EC2::EC2Fleet.CpuPerformanceFactorRequest": { + "additionalProperties": false, + "properties": { + "References": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::EC2::EC2Fleet.PerformanceFactorReferenceRequest" }, - "markdownDescription": "The tags applied to this Amazon EBS volume. `AmazonECSCreated` and `AmazonECSManaged` are reserved tags that can't be used.", - "title": "Tags", + "markdownDescription": "Specify an instance family to use as the baseline reference for CPU performance. All instance types that match your specified attributes will be compared against the CPU performance of the referenced instance family, regardless of CPU manufacturer or architecture differences.\n\n> Currently, only one instance family can be specified in the list.", + "title": "References", "type": "array" } }, - "required": [ - "ResourceType" - ], "type": "object" }, - "AWS::ECS::Service.LoadBalancer": { + "AWS::EC2::EC2Fleet.EbsBlockDevice": { "additionalProperties": false, "properties": { - "ContainerName": { - "markdownDescription": "The name of the container (as it appears in a container definition) to associate with the load balancer.\n\nYou need to specify the container name when configuring the target group for an Amazon ECS load balancer.", - "title": "ContainerName", - "type": "string" + "DeleteOnTermination": { + "markdownDescription": "Indicates whether the EBS volume is deleted on instance termination. For more information, see [Preserving Amazon EBS volumes on instance termination](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#preserving-volumes-on-termination) in the *Amazon EC2 User Guide* .", + "title": "DeleteOnTermination", + "type": "boolean" }, - "ContainerPort": { - "markdownDescription": "The port on the container to associate with the load balancer. This port must correspond to a `containerPort` in the task definition the tasks in the service are using. For tasks that use the EC2 launch type, the container instance they're launched on must allow ingress traffic on the `hostPort` of the port mapping.", - "title": "ContainerPort", + "Encrypted": { + "markdownDescription": "Indicates whether the encryption state of an EBS volume is changed while being restored from a backing snapshot. The effect of setting the encryption state to `true` depends on the volume origin (new or from a snapshot), starting encryption state, ownership, and whether encryption by default is enabled. For more information, see [Amazon EBS encryption](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption.html#encryption-parameters) in the *Amazon EBS User Guide* .\n\nIn no case can you remove encryption from an encrypted volume.\n\nEncrypted volumes can only be attached to instances that support Amazon EBS encryption. For more information, see [Supported instance types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption-requirements.html#ebs-encryption_supported_instances) .\n\n- If you are creating a block device mapping for a *new (empty) volume* , you can include this parameter, and specify either `true` for an encrypted volume, or `false` for an unencrypted volume. If you omit this parameter, it defaults to `false` (unencrypted).\n- If you are creating a block device mapping from an *existing encrypted or unencrypted snapshot* , you must omit this parameter. If you include this parameter, the request will fail, regardless of the value that you specify.\n- If you are creating a block device mapping from an *existing unencrypted volume* , you can include this parameter, but you must specify `false` . If you specify `true` , the request will fail. In this case, we recommend that you omit the parameter.\n- If you are creating a block device mapping from an *existing encrypted volume* , you can include this parameter, and specify either `true` or `false` . However, if you specify `false` , the parameter is ignored and the block device mapping is always encrypted. In this case, we recommend that you omit the parameter.", + "title": "Encrypted", + "type": "boolean" + }, + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS). For `gp3` , `io1` , and `io2` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n\nThe following are the supported values for each volume type:\n\n- `gp3` : 3,000 - 16,000 IOPS\n- `io1` : 100 - 64,000 IOPS\n- `io2` : 100 - 256,000 IOPS\n\nFor `io2` volumes, you can achieve up to 256,000 IOPS on [instances built on the Nitro System](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances) . On other instances, you can achieve performance up to 32,000 IOPS.\n\nThis parameter is required for `io1` and `io2` volumes. The default for `gp3` volumes is 3,000 IOPS.", + "title": "Iops", "type": "number" }, - "LoadBalancerName": { - "markdownDescription": "The name of the load balancer to associate with the Amazon ECS service or task set.\n\nIf you are using an Application Load Balancer or a Network Load Balancer the load balancer name parameter should be omitted.", - "title": "LoadBalancerName", + "KmsKeyId": { + "markdownDescription": "Identifier (key ID, key alias, key ARN, or alias ARN) of the customer managed KMS key to use for EBS encryption.\n\nThis parameter is only supported on `BlockDeviceMapping` objects called by [RunInstances](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html) , [RequestSpotFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RequestSpotFleet.html) , and [RequestSpotInstances](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RequestSpotInstances.html) .", + "title": "KmsKeyId", "type": "string" }, - "TargetGroupArn": { - "markdownDescription": "The full Amazon Resource Name (ARN) of the Elastic Load Balancing target group or groups associated with a service or task set.\n\nA target group ARN is only specified when using an Application Load Balancer or Network Load Balancer.\n\nFor services using the `ECS` deployment controller, you can specify one or multiple target groups. For more information, see [Registering multiple target groups with a service](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/register-multiple-targetgroups.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nFor services using the `CODE_DEPLOY` deployment controller, you're required to define two target groups for the load balancer. For more information, see [Blue/green deployment with CodeDeploy](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-type-bluegreen.html) in the *Amazon Elastic Container Service Developer Guide* .\n\n> If your service's task definition uses the `awsvpc` network mode, you must choose `ip` as the target type, not `instance` . Do this when creating your target groups because tasks that use the `awsvpc` network mode are associated with an elastic network interface, not an Amazon EC2 instance. This network mode is required for the Fargate launch type.", - "title": "TargetGroupArn", + "SnapshotId": { + "markdownDescription": "The ID of the snapshot.", + "title": "SnapshotId", + "type": "string" + }, + "VolumeSize": { + "markdownDescription": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. If you specify a snapshot, the default is the snapshot size. You can specify a volume size that is equal to or larger than the snapshot size.\n\nThe following are the supported sizes for each volume type:\n\n- `gp2` and `gp3` : 1 - 16,384 GiB\n- `io1` : 4 - 16,384 GiB\n- `io2` : 4 - 65,536 GiB\n- `st1` and `sc1` : 125 - 16,384 GiB\n- `standard` : 1 - 1024 GiB", + "title": "VolumeSize", + "type": "number" + }, + "VolumeType": { + "markdownDescription": "The volume type. For more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volume-types.html) in the *Amazon EBS User Guide* .", + "title": "VolumeType", "type": "string" } }, "type": "object" }, - "AWS::ECS::Service.LogConfiguration": { + "AWS::EC2::EC2Fleet.FleetLaunchTemplateConfigRequest": { "additionalProperties": false, "properties": { - "LogDriver": { - "markdownDescription": "The log driver to use for the container.\n\nFor tasks on AWS Fargate , the supported log drivers are `awslogs` , `splunk` , and `awsfirelens` .\n\nFor tasks hosted on Amazon EC2 instances, the supported log drivers are `awslogs` , `fluentd` , `gelf` , `json-file` , `journald` , `syslog` , `splunk` , and `awsfirelens` .\n\nFor more information about using the `awslogs` log driver, see [Send Amazon ECS logs to CloudWatch](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_awslogs.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nFor more information about using the `awsfirelens` log driver, see [Send Amazon ECS logs to an AWS service or AWS Partner](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html) .\n\n> If you have a custom driver that isn't listed, you can fork the Amazon ECS container agent project that's [available on GitHub](https://docs.aws.amazon.com/https://github.com/aws/amazon-ecs-agent) and customize it to work with that driver. We encourage you to submit pull requests for changes that you would like to have included. However, we don't currently provide support for running modified copies of this software.", - "title": "LogDriver", - "type": "string" - }, - "Options": { - "additionalProperties": true, - "markdownDescription": "The configuration options to send to the log driver.\n\nThe options you can specify depend on the log driver. Some of the options you can specify when you use the `awslogs` log driver to route logs to Amazon CloudWatch include the following:\n\n- **awslogs-create-group** - Required: No\n\nSpecify whether you want the log group to be created automatically. If this option isn't specified, it defaults to `false` .\n\n> Your IAM policy must include the `logs:CreateLogGroup` permission before you attempt to use `awslogs-create-group` .\n- **awslogs-region** - Required: Yes\n\nSpecify the AWS Region that the `awslogs` log driver is to send your Docker logs to. You can choose to send all of your logs from clusters in different Regions to a single region in CloudWatch Logs. This is so that they're all visible in one location. Otherwise, you can separate them by Region for more granularity. Make sure that the specified log group exists in the Region that you specify with this option.\n- **awslogs-group** - Required: Yes\n\nMake sure to specify a log group that the `awslogs` log driver sends its log streams to.\n- **awslogs-stream-prefix** - Required: Yes, when using Fargate.Optional when using EC2.\n\nUse the `awslogs-stream-prefix` option to associate a log stream with the specified prefix, the container name, and the ID of the Amazon ECS task that the container belongs to. If you specify a prefix with this option, then the log stream takes the format `prefix-name/container-name/ecs-task-id` .\n\nIf you don't specify a prefix with this option, then the log stream is named after the container ID that's assigned by the Docker daemon on the container instance. Because it's difficult to trace logs back to the container that sent them with just the Docker container ID (which is only available on the container instance), we recommend that you specify a prefix with this option.\n\nFor Amazon ECS services, you can use the service name as the prefix. Doing so, you can trace log streams to the service that the container belongs to, the name of the container that sent them, and the ID of the task that the container belongs to.\n\nYou must specify a stream-prefix for your logs to have your logs appear in the Log pane when using the Amazon ECS console.\n- **awslogs-datetime-format** - Required: No\n\nThis option defines a multiline start pattern in Python `strftime` format. A log message consists of a line that matches the pattern and any following lines that don\u2019t match the pattern. The matched line is the delimiter between log messages.\n\nOne example of a use case for using this format is for parsing output such as a stack dump, which might otherwise be logged in multiple entries. The correct pattern allows it to be captured in a single entry.\n\nFor more information, see [awslogs-datetime-format](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/awslogs/#awslogs-datetime-format) .\n\nYou cannot configure both the `awslogs-datetime-format` and `awslogs-multiline-pattern` options.\n\n> Multiline logging performs regular expression parsing and matching of all log messages. This might have a negative impact on logging performance.\n- **awslogs-multiline-pattern** - Required: No\n\nThis option defines a multiline start pattern that uses a regular expression. A log message consists of a line that matches the pattern and any following lines that don\u2019t match the pattern. The matched line is the delimiter between log messages.\n\nFor more information, see [awslogs-multiline-pattern](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/awslogs/#awslogs-multiline-pattern) .\n\nThis option is ignored if `awslogs-datetime-format` is also configured.\n\nYou cannot configure both the `awslogs-datetime-format` and `awslogs-multiline-pattern` options.\n\n> Multiline logging performs regular expression parsing and matching of all log messages. This might have a negative impact on logging performance.\n\nThe following options apply to all supported log drivers.\n\n- **mode** - Required: No\n\nValid values: `non-blocking` | `blocking`\n\nThis option defines the delivery mode of log messages from the container to the log driver specified using `logDriver` . The delivery mode you choose affects application availability when the flow of logs from container is interrupted.\n\nIf you use the `blocking` mode and the flow of logs is interrupted, calls from container code to write to the `stdout` and `stderr` streams will block. The logging thread of the application will block as a result. This may cause the application to become unresponsive and lead to container healthcheck failure.\n\nIf you use the `non-blocking` mode, the container's logs are instead stored in an in-memory intermediate buffer configured with the `max-buffer-size` option. This prevents the application from becoming unresponsive when logs cannot be sent. We recommend using this mode if you want to ensure service availability and are okay with some log loss. For more information, see [Preventing log loss with non-blocking mode in the `awslogs` container log driver](https://docs.aws.amazon.com/containers/preventing-log-loss-with-non-blocking-mode-in-the-awslogs-container-log-driver/) .\n\nYou can set a default `mode` for all containers in a specific AWS Region by using the `defaultLogDriverMode` account setting. If you don't specify the `mode` option or configure the account setting, Amazon ECS will default to the `blocking` mode. For more information about the account setting, see [Default log driver mode](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-account-settings.html#default-log-driver-mode) in the *Amazon Elastic Container Service Developer Guide* .\n\n> On June 25, 2025, Amazon ECS is changing the default log driver mode from `blocking` to `non-blocking` to prioritize task availability over logging. To continue using the `blocking` mode after this change, do one of the following:\n> \n> - Set the `mode` option in your container definition's `logConfiguration` as `blocking` .\n> - Set the `defaultLogDriverMode` account setting to `blocking` .\n- **max-buffer-size** - Required: No\n\nDefault value: `1m`\n\nWhen `non-blocking` mode is used, the `max-buffer-size` log option controls the size of the buffer that's used for intermediate message storage. Make sure to specify an adequate buffer size based on your application. When the buffer fills up, further logs cannot be stored. Logs that cannot be stored are lost.\n\nTo route logs using the `splunk` log router, you need to specify a `splunk-token` and a `splunk-url` .\n\nWhen you use the `awsfirelens` log router to route logs to an AWS Service or AWS Partner Network destination for log storage and analytics, you can set the `log-driver-buffer-limit` option to limit the number of events that are buffered in memory, before being sent to the log router container. It can help to resolve potential log loss issue because high throughput might result in memory running out for the buffer inside of Docker.\n\nOther options you can specify when using `awsfirelens` to route logs depend on the destination. When you export logs to Amazon Data Firehose, you can specify the AWS Region with `region` and a name for the log stream with `delivery_stream` .\n\nWhen you export logs to Amazon Kinesis Data Streams, you can specify an AWS Region with `region` and a data stream name with `stream` .\n\nWhen you export logs to Amazon OpenSearch Service, you can specify options like `Name` , `Host` (OpenSearch Service endpoint without protocol), `Port` , `Index` , `Type` , `Aws_auth` , `Aws_region` , `Suppress_Type_Name` , and `tls` . For more information, see [Under the hood: FireLens for Amazon ECS Tasks](https://docs.aws.amazon.com/containers/under-the-hood-firelens-for-amazon-ecs-tasks/) .\n\nWhen you export logs to Amazon S3, you can specify the bucket using the `bucket` option. You can also specify `region` , `total_file_size` , `upload_timeout` , and `use_put_object` as options.\n\nThis parameter requires version 1.19 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Options", - "type": "object" + "LaunchTemplateSpecification": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.FleetLaunchTemplateSpecificationRequest", + "markdownDescription": "The launch template to use. You must specify either the launch template ID or launch template name in the request.", + "title": "LaunchTemplateSpecification" }, - "SecretOptions": { + "Overrides": { "items": { - "$ref": "#/definitions/AWS::ECS::Service.Secret" + "$ref": "#/definitions/AWS::EC2::EC2Fleet.FleetLaunchTemplateOverridesRequest" }, - "markdownDescription": "The secrets to pass to the log configuration. For more information, see [Specifying sensitive data](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "SecretOptions", + "markdownDescription": "Any parameters that you specify override the same parameters in the launch template.\n\nFor fleets of type `request` and `maintain` , a maximum of 300 items is allowed across all launch templates.", + "title": "Overrides", "type": "array" } }, "type": "object" }, - "AWS::ECS::Service.NetworkConfiguration": { + "AWS::EC2::EC2Fleet.FleetLaunchTemplateOverridesRequest": { "additionalProperties": false, "properties": { - "AwsvpcConfiguration": { - "$ref": "#/definitions/AWS::ECS::Service.AwsVpcConfiguration", - "markdownDescription": "The VPC subnets and security groups that are associated with a task.\n\n> All specified subnets and security groups must be from the same VPC.", - "title": "AwsvpcConfiguration" + "AvailabilityZone": { + "markdownDescription": "The Availability Zone in which to launch the instances.", + "title": "AvailabilityZone", + "type": "string" + }, + "BlockDeviceMappings": { + "items": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.BlockDeviceMapping" + }, + "markdownDescription": "The block device mappings, which define the EBS volumes and instance store volumes to attach to the instance at launch.\n\nSupported only for fleets of type `instant` .\n\nFor more information, see [Block device mappings for volumes on Amazon EC2 instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/block-device-mapping-concepts.html) in the *Amazon EC2 User Guide* .", + "title": "BlockDeviceMappings", + "type": "array" + }, + "InstanceRequirements": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.InstanceRequirementsRequest", + "markdownDescription": "The attributes for the instance types. When you specify instance attributes, Amazon EC2 will identify instance types with those attributes.\n\n> If you specify `InstanceRequirements` , you can't specify `InstanceType` .", + "title": "InstanceRequirements" + }, + "InstanceType": { + "markdownDescription": "The instance type.\n\n`mac1.metal` is not supported as a launch template override.\n\n> If you specify `InstanceType` , you can't specify `InstanceRequirements` .", + "title": "InstanceType", + "type": "string" + }, + "MaxPrice": { + "markdownDescription": "The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.\n\n> If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.\n> \n> If you specify a maximum price, it must be more than USD $0.001. Specifying a value below USD $0.001 will result in an `InvalidParameterValue` error message.", + "title": "MaxPrice", + "type": "string" + }, + "Placement": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.Placement", + "markdownDescription": "The location where the instance launched, if applicable.", + "title": "Placement" + }, + "Priority": { + "markdownDescription": "The priority for the launch template override. The highest priority is launched first.\n\nIf the On-Demand `AllocationStrategy` is set to `prioritized` , EC2 Fleet uses priority to determine which launch template override to use first in fulfilling On-Demand capacity.\n\nIf the Spot `AllocationStrategy` is set to `capacity-optimized-prioritized` , EC2 Fleet uses priority on a best-effort basis to determine which launch template override to use in fulfilling Spot capacity, but optimizes for capacity first.\n\nValid values are whole numbers starting at `0` . The lower the number, the higher the priority. If no number is set, the launch template override has the lowest priority. You can set the same priority for different launch template overrides.", + "title": "Priority", + "type": "number" + }, + "SubnetId": { + "markdownDescription": "The IDs of the subnets in which to launch the instances. Separate multiple subnet IDs using commas (for example, `subnet-1234abcdeexample1, subnet-0987cdef6example2` ). A request of type `instant` can have only one subnet ID.", + "title": "SubnetId", + "type": "string" + }, + "WeightedCapacity": { + "markdownDescription": "The number of units provided by the specified instance type. These are the same units that you chose to set the target capacity in terms of instances, or a performance characteristic such as vCPUs, memory, or I/O.\n\nIf the target capacity divided by this value is not a whole number, Amazon EC2 rounds the number of instances to the next whole number. If this value is not specified, the default is 1.\n\n> When specifying weights, the price used in the `lowest-price` and `price-capacity-optimized` allocation strategies is per *unit* hour (where the instance price is divided by the specified weight). However, if all the specified weights are above the requested `TargetCapacity` , resulting in only 1 instance being launched, the price used is per *instance* hour.", + "title": "WeightedCapacity", + "type": "number" } }, "type": "object" }, - "AWS::ECS::Service.PlacementConstraint": { + "AWS::EC2::EC2Fleet.FleetLaunchTemplateSpecificationRequest": { "additionalProperties": false, "properties": { - "Expression": { - "markdownDescription": "A cluster query language expression to apply to the constraint. The expression can have a maximum length of 2000 characters. You can't specify an expression if the constraint type is `distinctInstance` . For more information, see [Cluster query language](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "Expression", + "LaunchTemplateId": { + "markdownDescription": "The ID of the launch template.\n\nYou must specify the `LaunchTemplateId` or the `LaunchTemplateName` , but not both.", + "title": "LaunchTemplateId", "type": "string" }, - "Type": { - "markdownDescription": "The type of constraint. Use `distinctInstance` to ensure that each task in a particular group is running on a different container instance. Use `memberOf` to restrict the selection to a group of valid candidates.", - "title": "Type", + "LaunchTemplateName": { + "markdownDescription": "The name of the launch template.\n\nYou must specify the `LaunchTemplateName` or the `LaunchTemplateId` , but not both.", + "title": "LaunchTemplateName", + "type": "string" + }, + "Version": { + "markdownDescription": "The launch template version number, `$Latest` , or `$Default` . You must specify a value, otherwise the request fails.\n\nIf the value is `$Latest` , Amazon EC2 uses the latest version of the launch template.\n\nIf the value is `$Default` , Amazon EC2 uses the default version of the launch template.", + "title": "Version", "type": "string" } }, "required": [ - "Type" + "Version" ], "type": "object" }, - "AWS::ECS::Service.PlacementStrategy": { + "AWS::EC2::EC2Fleet.InstanceRequirementsRequest": { "additionalProperties": false, "properties": { - "Field": { - "markdownDescription": "The field to apply the placement strategy against. For the `spread` placement strategy, valid values are `instanceId` (or `host` , which has the same effect), or any platform or custom attribute that's applied to a container instance, such as `attribute:ecs.availability-zone` . For the `binpack` placement strategy, valid values are `cpu` and `memory` . For the `random` placement strategy, this field is not used.", - "title": "Field", + "AcceleratorCount": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.AcceleratorCountRequest", + "markdownDescription": "The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferentia chips) on an instance.\n\nTo exclude accelerator-enabled instance types, set `Max` to `0` .\n\nDefault: No minimum or maximum limits", + "title": "AcceleratorCount" + }, + "AcceleratorManufacturers": { + "items": { + "type": "string" + }, + "markdownDescription": "Indicates whether instance types must have accelerators by specific manufacturers.\n\n- For instance types with AWS devices, specify `amazon-web-services` .\n- For instance types with AMD devices, specify `amd` .\n- For instance types with Habana devices, specify `habana` .\n- For instance types with NVIDIA devices, specify `nvidia` .\n- For instance types with Xilinx devices, specify `xilinx` .\n\nDefault: Any manufacturer", + "title": "AcceleratorManufacturers", + "type": "array" + }, + "AcceleratorNames": { + "items": { + "type": "string" + }, + "markdownDescription": "The accelerators that must be on the instance type.\n\n- For instance types with NVIDIA A10G GPUs, specify `a10g` .\n- For instance types with NVIDIA A100 GPUs, specify `a100` .\n- For instance types with NVIDIA H100 GPUs, specify `h100` .\n- For instance types with AWS Inferentia chips, specify `inferentia` .\n- For instance types with NVIDIA GRID K520 GPUs, specify `k520` .\n- For instance types with NVIDIA K80 GPUs, specify `k80` .\n- For instance types with NVIDIA M60 GPUs, specify `m60` .\n- For instance types with AMD Radeon Pro V520 GPUs, specify `radeon-pro-v520` .\n- For instance types with NVIDIA T4 GPUs, specify `t4` .\n- For instance types with NVIDIA T4G GPUs, specify `t4g` .\n- For instance types with Xilinx VU9P FPGAs, specify `vu9p` .\n- For instance types with NVIDIA V100 GPUs, specify `v100` .\n\nDefault: Any accelerator", + "title": "AcceleratorNames", + "type": "array" + }, + "AcceleratorTotalMemoryMiB": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.AcceleratorTotalMemoryMiBRequest", + "markdownDescription": "The minimum and maximum amount of total accelerator memory, in MiB.\n\nDefault: No minimum or maximum limits", + "title": "AcceleratorTotalMemoryMiB" + }, + "AcceleratorTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The accelerator types that must be on the instance type.\n\n- For instance types with FPGA accelerators, specify `fpga` .\n- For instance types with GPU accelerators, specify `gpu` .\n- For instance types with Inference accelerators, specify `inference` .\n\nDefault: Any accelerator type", + "title": "AcceleratorTypes", + "type": "array" + }, + "AllowedInstanceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The instance types to apply your specified attributes against. All other instance types are ignored, even if they match your specified attributes.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to allow an instance type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will allow the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will allow all the M5a instance types, but not the M5n instance types.\n\n> If you specify `AllowedInstanceTypes` , you can't specify `ExcludedInstanceTypes` . \n\nDefault: All instance types", + "title": "AllowedInstanceTypes", + "type": "array" + }, + "BareMetal": { + "markdownDescription": "Indicates whether bare metal instance types must be included, excluded, or required.\n\n- To include bare metal instance types, specify `included` .\n- To require only bare metal instance types, specify `required` .\n- To exclude bare metal instance types, specify `excluded` .\n\nDefault: `excluded`", + "title": "BareMetal", "type": "string" }, - "Type": { - "markdownDescription": "The type of placement strategy. The `random` placement strategy randomly places tasks on available candidates. The `spread` placement strategy spreads placement across available candidates evenly based on the `field` parameter. The `binpack` strategy places tasks on available candidates that have the least available amount of the resource that's specified with the `field` parameter. For example, if you binpack on memory, a task is placed on the instance with the least amount of remaining memory but still enough to run the task.", - "title": "Type", + "BaselineEbsBandwidthMbps": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.BaselineEbsBandwidthMbpsRequest", + "markdownDescription": "The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps. For more information, see [Amazon EBS\u2013optimized instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-optimized.html) in the *Amazon EC2 User Guide* .\n\nDefault: No minimum or maximum limits", + "title": "BaselineEbsBandwidthMbps" + }, + "BaselinePerformanceFactors": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.BaselinePerformanceFactorsRequest", + "markdownDescription": "The baseline performance to consider, using an instance family as a baseline reference. The instance family establishes the lowest acceptable level of performance. Amazon EC2 uses this baseline to guide instance type selection, but there is no guarantee that the selected instance types will always exceed the baseline for every application. Currently, this parameter only supports CPU performance as a baseline performance factor. For more information, see [Performance protection](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-attribute-based-instance-type-selection.html#ec2fleet-abis-performance-protection) in the *Amazon EC2 User Guide* .", + "title": "BaselinePerformanceFactors" + }, + "BurstablePerformance": { + "markdownDescription": "Indicates whether burstable performance T instance types are included, excluded, or required. For more information, see [Burstable performance instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) .\n\n- To include burstable performance instance types, specify `included` .\n- To require only burstable performance instance types, specify `required` .\n- To exclude burstable performance instance types, specify `excluded` .\n\nDefault: `excluded`", + "title": "BurstablePerformance", + "type": "string" + }, + "CpuManufacturers": { + "items": { + "type": "string" + }, + "markdownDescription": "The CPU manufacturers to include.\n\n- For instance types with Intel CPUs, specify `intel` .\n- For instance types with AMD CPUs, specify `amd` .\n- For instance types with AWS CPUs, specify `amazon-web-services` .\n- For instance types with Apple CPUs, specify `apple` .\n\n> Don't confuse the CPU manufacturer with the CPU architecture. Instances will be launched with a compatible CPU architecture based on the Amazon Machine Image (AMI) that you specify in your launch template. \n\nDefault: Any manufacturer", + "title": "CpuManufacturers", + "type": "array" + }, + "ExcludedInstanceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The instance types to exclude.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to exclude an instance family, type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will exclude the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will exclude all the M5a instance types, but not the M5n instance types.\n\n> If you specify `ExcludedInstanceTypes` , you can't specify `AllowedInstanceTypes` . \n\nDefault: No excluded instance types", + "title": "ExcludedInstanceTypes", + "type": "array" + }, + "InstanceGenerations": { + "items": { + "type": "string" + }, + "markdownDescription": "Indicates whether current or previous generation instance types are included. The current generation instance types are recommended for use. Current generation instance types are typically the latest two to three generations in each instance family. For more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .\n\nFor current generation instance types, specify `current` .\n\nFor previous generation instance types, specify `previous` .\n\nDefault: Current and previous generation instance types", + "title": "InstanceGenerations", + "type": "array" + }, + "LocalStorage": { + "markdownDescription": "Indicates whether instance types with instance store volumes are included, excluded, or required. For more information, [Amazon EC2 instance store](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html) in the *Amazon EC2 User Guide* .\n\n- To include instance types with instance store volumes, specify `included` .\n- To require only instance types with instance store volumes, specify `required` .\n- To exclude instance types with instance store volumes, specify `excluded` .\n\nDefault: `included`", + "title": "LocalStorage", "type": "string" + }, + "LocalStorageTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The type of local storage that is required.\n\n- For instance types with hard disk drive (HDD) storage, specify `hdd` .\n- For instance types with solid state drive (SSD) storage, specify `ssd` .\n\nDefault: `hdd` and `ssd`", + "title": "LocalStorageTypes", + "type": "array" + }, + "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice": { + "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage of an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is based on the per vCPU or per memory price instead of the per instance price.\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` .", + "title": "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice", + "type": "number" + }, + "MemoryGiBPerVCpu": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.MemoryGiBPerVCpuRequest", + "markdownDescription": "The minimum and maximum amount of memory per vCPU, in GiB.\n\nDefault: No minimum or maximum limits", + "title": "MemoryGiBPerVCpu" + }, + "MemoryMiB": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.MemoryMiBRequest", + "markdownDescription": "The minimum and maximum amount of memory, in MiB.", + "title": "MemoryMiB" + }, + "NetworkBandwidthGbps": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.NetworkBandwidthGbpsRequest", + "markdownDescription": "The minimum and maximum amount of baseline network bandwidth, in gigabits per second (Gbps). For more information, see [Amazon EC2 instance network bandwidth](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-network-bandwidth.html) in the *Amazon EC2 User Guide* .\n\nDefault: No minimum or maximum limits", + "title": "NetworkBandwidthGbps" + }, + "NetworkInterfaceCount": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.NetworkInterfaceCountRequest", + "markdownDescription": "The minimum and maximum number of network interfaces.\n\nDefault: No minimum or maximum limits", + "title": "NetworkInterfaceCount" + }, + "OnDemandMaxPricePercentageOverLowestPrice": { + "markdownDescription": "[Price protection] The price protection threshold for On-Demand Instances, as a percentage higher than an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nTo indicate no price protection threshold, specify a high value, such as `999999` .\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n> If you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price. \n\nDefault: `20`", + "title": "OnDemandMaxPricePercentageOverLowestPrice", + "type": "number" + }, + "RequireHibernateSupport": { + "markdownDescription": "Indicates whether instance types must support hibernation for On-Demand Instances.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) .\n\nDefault: `false`", + "title": "RequireHibernateSupport", + "type": "boolean" + }, + "SpotMaxPricePercentageOverLowestPrice": { + "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage higher than an identified Spot price. The identified Spot price is the Spot price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified Spot price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose Spot price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` . \n\nDefault: `100`", + "title": "SpotMaxPricePercentageOverLowestPrice", + "type": "number" + }, + "TotalLocalStorageGB": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.TotalLocalStorageGBRequest", + "markdownDescription": "The minimum and maximum amount of total local storage, in GB.\n\nDefault: No minimum or maximum limits", + "title": "TotalLocalStorageGB" + }, + "VCpuCount": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.VCpuCountRangeRequest", + "markdownDescription": "The minimum and maximum number of vCPUs.", + "title": "VCpuCount" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::ECS::Service.Secret": { + "AWS::EC2::EC2Fleet.MaintenanceStrategies": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the secret.", - "title": "Name", - "type": "string" - }, - "ValueFrom": { - "markdownDescription": "The secret to expose to the container. The supported values are either the full ARN of the AWS Secrets Manager secret or the full ARN of the parameter in the SSM Parameter Store.\n\nFor information about the require AWS Identity and Access Management permissions, see [Required IAM permissions for Amazon ECS secrets](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data-secrets.html#secrets-iam) (for Secrets Manager) or [Required IAM permissions for Amazon ECS secrets](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data-parameters.html) (for Systems Manager Parameter store) in the *Amazon Elastic Container Service Developer Guide* .\n\n> If the SSM Parameter Store parameter exists in the same Region as the task you're launching, then you can use either the full ARN or name of the parameter. If the parameter exists in a different Region, then the full ARN must be specified.", - "title": "ValueFrom", - "type": "string" + "CapacityRebalance": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.CapacityRebalance", + "markdownDescription": "The strategy to use when Amazon EC2 emits a signal that your Spot Instance is at an elevated risk of being interrupted.", + "title": "CapacityRebalance" } }, - "required": [ - "Name", - "ValueFrom" - ], "type": "object" }, - "AWS::ECS::Service.ServiceConnectClientAlias": { + "AWS::EC2::EC2Fleet.MemoryGiBPerVCpuRequest": { "additionalProperties": false, "properties": { - "DnsName": { - "markdownDescription": "The `dnsName` is the name that you use in the applications of client tasks to connect to this service. The name must be a valid DNS name but doesn't need to be fully-qualified. The name can include up to 127 characters. The name can include lowercase letters, numbers, underscores (_), hyphens (-), and periods (.). The name can't start with a hyphen.\n\nIf this parameter isn't specified, the default value of `discoveryName.namespace` is used. If the `discoveryName` isn't specified, the port mapping name from the task definition is used in `portName.namespace` .\n\nTo avoid changing your applications in client Amazon ECS services, set this to the same name that the client application uses by default. For example, a few common names are `database` , `db` , or the lowercase name of a database, such as `mysql` or `redis` . For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "DnsName", - "type": "string" + "Max": { + "markdownDescription": "The maximum amount of memory per vCPU, in GiB. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" }, - "Port": { - "markdownDescription": "The listening port number for the Service Connect proxy. This port is available inside of all of the tasks within the same namespace.\n\nTo avoid changing your applications in client Amazon ECS services, set this to the same port that the client application uses by default. For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "Port", + "Min": { + "markdownDescription": "The minimum amount of memory per vCPU, in GiB. To specify no minimum limit, omit this parameter.", + "title": "Min", "type": "number" } }, - "required": [ - "Port" - ], "type": "object" }, - "AWS::ECS::Service.ServiceConnectConfiguration": { + "AWS::EC2::EC2Fleet.MemoryMiBRequest": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Specifies whether to use Service Connect with this service.", - "title": "Enabled", - "type": "boolean" - }, - "LogConfiguration": { - "$ref": "#/definitions/AWS::ECS::Service.LogConfiguration", - "markdownDescription": "The log configuration for the container. This parameter maps to `LogConfig` in the docker container create command and the `--log-driver` option to docker run.\n\nBy default, containers use the same logging driver that the Docker daemon uses. However, the container might use a different logging driver than the Docker daemon by specifying a log driver configuration in the container definition.\n\nUnderstand the following when specifying a log configuration for your containers.\n\n- Amazon ECS currently supports a subset of the logging drivers available to the Docker daemon. Additional log drivers may be available in future releases of the Amazon ECS container agent.\n\nFor tasks on AWS Fargate , the supported log drivers are `awslogs` , `splunk` , and `awsfirelens` .\n\nFor tasks hosted on Amazon EC2 instances, the supported log drivers are `awslogs` , `fluentd` , `gelf` , `json-file` , `journald` , `syslog` , `splunk` , and `awsfirelens` .\n- This parameter requires version 1.18 of the Docker Remote API or greater on your container instance.\n- For tasks that are hosted on Amazon EC2 instances, the Amazon ECS container agent must register the available logging drivers with the `ECS_AVAILABLE_LOGGING_DRIVERS` environment variable before containers placed on that instance can use these log configuration options. For more information, see [Amazon ECS container agent configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the *Amazon Elastic Container Service Developer Guide* .\n- For tasks that are on AWS Fargate , because you don't have access to the underlying infrastructure your tasks are hosted on, any additional software needed must be installed outside of the task. For example, the Fluentd output aggregators or a remote host running Logstash to send Gelf logs to.", - "title": "LogConfiguration" + "Max": { + "markdownDescription": "The maximum amount of memory, in MiB. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" }, - "Namespace": { - "markdownDescription": "The namespace name or full Amazon Resource Name (ARN) of the AWS Cloud Map namespace for use with Service Connect. The namespace must be in the same AWS Region as the Amazon ECS service and cluster. The type of namespace doesn't affect Service Connect. For more information about AWS Cloud Map , see [Working with Services](https://docs.aws.amazon.com/cloud-map/latest/dg/working-with-services.html) in the *AWS Cloud Map Developer Guide* .", - "title": "Namespace", - "type": "string" + "Min": { + "markdownDescription": "The minimum amount of memory, in MiB. To specify no minimum limit, specify `0` .", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::EC2Fleet.NetworkBandwidthGbpsRequest": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum amount of network bandwidth, in Gbps. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" }, - "Services": { - "items": { - "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectService" - }, - "markdownDescription": "The list of Service Connect service objects. These are names and aliases (also known as endpoints) that are used by other Amazon ECS services to connect to this service.\n\nThis field is not required for a \"client\" Amazon ECS service that's a member of a namespace only to connect to other services within the namespace. An example of this would be a frontend application that accepts incoming requests from either a load balancer that's attached to the service or by other means.\n\nAn object selects a port from the task definition, assigns a name for the AWS Cloud Map service, and a list of aliases (endpoints) and ports for client applications to refer to this service.", - "title": "Services", - "type": "array" + "Min": { + "markdownDescription": "The minimum amount of network bandwidth, in Gbps. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" } }, - "required": [ - "Enabled" - ], "type": "object" }, - "AWS::ECS::Service.ServiceConnectService": { + "AWS::EC2::EC2Fleet.NetworkInterfaceCountRequest": { "additionalProperties": false, "properties": { - "ClientAliases": { - "items": { - "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectClientAlias" - }, - "markdownDescription": "The list of client aliases for this Service Connect service. You use these to assign names that can be used by client applications. The maximum number of client aliases that you can have in this list is 1.\n\nEach alias (\"endpoint\") is a fully-qualified name and port number that other Amazon ECS tasks (\"clients\") can use to connect to this service.\n\nEach name and port mapping must be unique within the namespace.\n\nFor each `ServiceConnectService` , you must provide at least one `clientAlias` with one `port` .", - "title": "ClientAliases", - "type": "array" + "Max": { + "markdownDescription": "The maximum number of network interfaces. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" }, - "DiscoveryName": { - "markdownDescription": "The `discoveryName` is the name of the new AWS Cloud Map service that Amazon ECS creates for this Amazon ECS service. This must be unique within the AWS Cloud Map namespace. The name can contain up to 64 characters. The name can include lowercase letters, numbers, underscores (_), and hyphens (-). The name can't start with a hyphen.\n\nIf the `discoveryName` isn't specified, the port mapping name from the task definition is used in `portName.namespace` .", - "title": "DiscoveryName", + "Min": { + "markdownDescription": "The minimum number of network interfaces. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::EC2Fleet.OnDemandOptionsRequest": { + "additionalProperties": false, + "properties": { + "AllocationStrategy": { + "markdownDescription": "The strategy that determines the order of the launch template overrides to use in fulfilling On-Demand capacity.\n\n`lowest-price` - EC2 Fleet uses price to determine the order, launching the lowest price first.\n\n`prioritized` - EC2 Fleet uses the priority that you assigned to each launch template override, launching the highest priority first.\n\nDefault: `lowest-price`", + "title": "AllocationStrategy", "type": "string" }, - "IngressPortOverride": { - "markdownDescription": "The port number for the Service Connect proxy to listen on.\n\nUse the value of this field to bypass the proxy for traffic on the port number specified in the named `portMapping` in the task definition of this application, and then use it in your VPC security groups to allow traffic into the proxy for this Amazon ECS service.\n\nIn `awsvpc` mode and Fargate, the default value is the container port number. The container port number is in the `portMapping` in the task definition. In bridge mode, the default value is the ephemeral port of the Service Connect proxy.", - "title": "IngressPortOverride", - "type": "number" + "CapacityReservationOptions": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.CapacityReservationOptionsRequest", + "markdownDescription": "The strategy for using unused Capacity Reservations for fulfilling On-Demand capacity.\n\nSupported only for fleets of type `instant` .", + "title": "CapacityReservationOptions" }, - "PortName": { - "markdownDescription": "The `portName` must match the name of one of the `portMappings` from all the containers in the task definition of this Amazon ECS service.", - "title": "PortName", + "MaxTotalPrice": { + "markdownDescription": "The maximum amount per hour for On-Demand Instances that you're willing to pay.\n\n> If your fleet includes T instances that are configured as `unlimited` , and if their average CPU usage exceeds the baseline utilization, you will incur a charge for surplus credits. The `MaxTotalPrice` does not account for surplus credits, and, if you use surplus credits, your final cost might be higher than what you specified for `MaxTotalPrice` . For more information, see [Surplus credits can incur charges](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) in the *Amazon EC2 User Guide* .", + "title": "MaxTotalPrice", "type": "string" }, - "Timeout": { - "$ref": "#/definitions/AWS::ECS::Service.TimeoutConfiguration", - "markdownDescription": "A reference to an object that represents the configured timeouts for Service Connect.", - "title": "Timeout" + "MinTargetCapacity": { + "markdownDescription": "The minimum target capacity for On-Demand Instances in the fleet. If this minimum capacity isn't reached, no instances are launched.\n\nConstraints: Maximum value of `1000` . Supported only for fleets of type `instant` .\n\nAt least one of the following must be specified: `SingleAvailabilityZone` | `SingleInstanceType`", + "title": "MinTargetCapacity", + "type": "number" }, - "Tls": { - "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectTlsConfiguration", - "markdownDescription": "A reference to an object that represents a Transport Layer Security (TLS) configuration.", - "title": "Tls" + "SingleAvailabilityZone": { + "markdownDescription": "Indicates that the fleet launches all On-Demand Instances into a single Availability Zone.\n\nSupported only for fleets of type `instant` .", + "title": "SingleAvailabilityZone", + "type": "boolean" + }, + "SingleInstanceType": { + "markdownDescription": "Indicates that the fleet uses a single instance type to launch all On-Demand Instances in the fleet.\n\nSupported only for fleets of type `instant` .", + "title": "SingleInstanceType", + "type": "boolean" } }, - "required": [ - "PortName" - ], "type": "object" }, - "AWS::ECS::Service.ServiceConnectTlsCertificateAuthority": { + "AWS::EC2::EC2Fleet.PerformanceFactorReferenceRequest": { "additionalProperties": false, "properties": { - "AwsPcaAuthorityArn": { - "markdownDescription": "The ARN of the AWS Private Certificate Authority certificate.", - "title": "AwsPcaAuthorityArn", + "InstanceFamily": { + "markdownDescription": "The instance family to use as a baseline reference.\n\n> Ensure that you specify the correct value for the instance family. The instance family is everything before the period ( `.` ) in the instance type name. For example, in the instance type `c6i.large` , the instance family is `c6i` , not `c6` . For more information, see [Amazon EC2 instance type naming conventions](https://docs.aws.amazon.com/ec2/latest/instancetypes/instance-type-names.html) in *Amazon EC2 Instance Types* . \n\nThe following instance families are *not supported* for performance protection:\n\n- `c1`\n- `g3` | `g3s`\n- `hpc7g`\n- `m1` | `m2`\n- `mac1` | `mac2` | `mac2-m1ultra` | `mac2-m2` | `mac2-m2pro`\n- `p3dn` | `p4d` | `p5`\n- `t1`\n- `u-12tb1` | `u-18tb1` | `u-24tb1` | `u-3tb1` | `u-6tb1` | `u-9tb1` | `u7i-12tb` | `u7in-16tb` | `u7in-24tb` | `u7in-32tb`\n\nIf you enable performance protection by specifying a supported instance family, the returned instance types will exclude the above unsupported instance families.\n\nIf you specify an unsupported instance family as a value for baseline performance, the API returns an empty response response for [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) and an exception for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet.html) , [RequestSpotFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RequestSpotFleet.html) , [ModifyFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyFleet.html) , and [ModifySpotFleetRequest](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifySpotFleetRequest.html) .", + "title": "InstanceFamily", "type": "string" } }, "type": "object" }, - "AWS::ECS::Service.ServiceConnectTlsConfiguration": { + "AWS::EC2::EC2Fleet.Placement": { "additionalProperties": false, "properties": { - "IssuerCertificateAuthority": { - "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectTlsCertificateAuthority", - "markdownDescription": "The signer certificate authority.", - "title": "IssuerCertificateAuthority" + "Affinity": { + "markdownDescription": "The affinity setting for the instance on the Dedicated Host.\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) or [ImportInstance](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportInstance.html) .", + "title": "Affinity", + "type": "string" }, - "KmsKey": { - "markdownDescription": "The AWS Key Management Service key.", - "title": "KmsKey", + "AvailabilityZone": { + "markdownDescription": "The Availability Zone of the instance.\n\nIf not specified, an Availability Zone will be automatically chosen for you based on the load balancing criteria for the Region.\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) .", + "title": "AvailabilityZone", "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that's associated with the Service Connect TLS.", - "title": "RoleArn", + "GroupName": { + "markdownDescription": "The name of the placement group that the instance is in. If you specify `GroupName` , you can't specify `GroupId` .", + "title": "GroupName", + "type": "string" + }, + "HostId": { + "markdownDescription": "The ID of the Dedicated Host on which the instance resides.\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) or [ImportInstance](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportInstance.html) .", + "title": "HostId", + "type": "string" + }, + "HostResourceGroupArn": { + "markdownDescription": "The ARN of the host resource group in which to launch the instances.\n\nIf you specify this parameter, either omit the *Tenancy* parameter or set it to `host` .\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) .", + "title": "HostResourceGroupArn", + "type": "string" + }, + "PartitionNumber": { + "markdownDescription": "The number of the partition that the instance is in. Valid only if the placement group strategy is set to `partition` .\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) .", + "title": "PartitionNumber", + "type": "number" + }, + "SpreadDomain": { + "markdownDescription": "Reserved for future use.", + "title": "SpreadDomain", + "type": "string" + }, + "Tenancy": { + "markdownDescription": "The tenancy of the instance. An instance with a tenancy of `dedicated` runs on single-tenant hardware.\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) . The `host` tenancy is not supported for [ImportInstance](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportInstance.html) or for T3 instances that are configured for the `unlimited` CPU credit option.", + "title": "Tenancy", "type": "string" } }, - "required": [ - "IssuerCertificateAuthority" - ], "type": "object" }, - "AWS::ECS::Service.ServiceManagedEBSVolumeConfiguration": { + "AWS::EC2::EC2Fleet.SpotOptionsRequest": { "additionalProperties": false, "properties": { - "Encrypted": { - "markdownDescription": "Indicates whether the volume should be encrypted. If you turn on Region-level Amazon EBS encryption by default but set this value as `false` , the setting is overridden and the volume is encrypted with the KMS key specified for Amazon EBS encryption by default. This parameter maps 1:1 with the `Encrypted` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .", - "title": "Encrypted", - "type": "boolean" + "AllocationStrategy": { + "markdownDescription": "Indicates how to allocate the target Spot Instance capacity across the Spot Instance pools specified by the EC2 Fleet.\n\nIf the allocation strategy is `lowestPrice` , EC2 Fleet launches instances from the Spot Instance pools with the lowest price. This is the default allocation strategy.\n\nIf the allocation strategy is `diversified` , EC2 Fleet launches instances from all the Spot Instance pools that you specify.\n\nIf the allocation strategy is `capacityOptimized` , EC2 Fleet launches instances from Spot Instance pools that are optimally chosen based on the available Spot Instance capacity.\n\n*Allowed Values* : `lowestPrice` | `diversified` | `capacityOptimized` | `capacityOptimizedPrioritized`", + "title": "AllocationStrategy", + "type": "string" }, - "FilesystemType": { - "markdownDescription": "The filesystem type for the volume. For volumes created from a snapshot, you must specify the same filesystem type that the volume was using when the snapshot was created. If there is a filesystem type mismatch, the tasks will fail to start.\n\nThe available Linux filesystem types are `ext3` , `ext4` , and `xfs` . If no value is specified, the `xfs` filesystem type is used by default.\n\nThe available Windows filesystem types are `NTFS` .", - "title": "FilesystemType", + "InstanceInterruptionBehavior": { + "markdownDescription": "The behavior when a Spot Instance is interrupted.\n\nDefault: `terminate`", + "title": "InstanceInterruptionBehavior", "type": "string" }, - "Iops": { - "markdownDescription": "The number of I/O operations per second (IOPS). For `gp3` , `io1` , and `io2` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n\nThe following are the supported values for each volume type.\n\n- `gp3` : 3,000 - 16,000 IOPS\n- `io1` : 100 - 64,000 IOPS\n- `io2` : 100 - 256,000 IOPS\n\nThis parameter is required for `io1` and `io2` volume types. The default for `gp3` volumes is `3,000 IOPS` . This parameter is not supported for `st1` , `sc1` , or `standard` volume types.\n\nThis parameter maps 1:1 with the `Iops` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .", - "title": "Iops", + "InstancePoolsToUseCount": { + "markdownDescription": "The number of Spot pools across which to allocate your target Spot capacity. Supported only when Spot `AllocationStrategy` is set to `lowest-price` . EC2 Fleet selects the cheapest Spot pools and evenly allocates your target Spot capacity across the number of Spot pools that you specify.\n\nNote that EC2 Fleet attempts to draw Spot Instances from the number of pools that you specify on a best effort basis. If a pool runs out of Spot capacity before fulfilling your target capacity, EC2 Fleet will continue to fulfill your request by drawing from the next cheapest pool. To ensure that your target capacity is met, you might receive Spot Instances from more than the number of pools that you specified. Similarly, if most of the pools have no Spot capacity, you might receive your full target capacity from fewer than the number of pools that you specified.", + "title": "InstancePoolsToUseCount", "type": "number" }, - "KmsKeyId": { - "markdownDescription": "The Amazon Resource Name (ARN) identifier of the AWS Key Management Service key to use for Amazon EBS encryption. When a key is specified using this parameter, it overrides Amazon EBS default encryption or any KMS key that you specified for cluster-level managed storage encryption. This parameter maps 1:1 with the `KmsKeyId` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* . For more information about encrypting Amazon EBS volumes attached to tasks, see [Encrypt data stored in Amazon EBS volumes attached to Amazon ECS tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ebs-kms-encryption.html) .\n\n> AWS authenticates the AWS Key Management Service key asynchronously. Therefore, if you specify an ID, alias, or ARN that is invalid, the action can appear to complete, but eventually fails.", - "title": "KmsKeyId", - "type": "string" + "MaintenanceStrategies": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.MaintenanceStrategies", + "markdownDescription": "The strategies for managing your Spot Instances that are at an elevated risk of being interrupted.", + "title": "MaintenanceStrategies" }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role to associate with this volume. This is the Amazon ECS infrastructure IAM role that is used to manage your AWS infrastructure. We recommend using the Amazon ECS-managed `AmazonECSInfrastructureRolePolicyForVolumes` IAM policy with this role. For more information, see [Amazon ECS infrastructure IAM role](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/infrastructure_IAM_role.html) in the *Amazon ECS Developer Guide* .", - "title": "RoleArn", + "MaxTotalPrice": { + "markdownDescription": "The maximum amount per hour for Spot Instances that you're willing to pay. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.\n\n> If you specify a maximum price, your Spot Instances will be interrupted more frequently than if you do not specify this parameter. > If your fleet includes T instances that are configured as `unlimited` , and if their average CPU usage exceeds the baseline utilization, you will incur a charge for surplus credits. The `MaxTotalPrice` does not account for surplus credits, and, if you use surplus credits, your final cost might be higher than what you specified for `MaxTotalPrice` . For more information, see [Surplus credits can incur charges](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) in the *Amazon EC2 User Guide* .", + "title": "MaxTotalPrice", "type": "string" }, - "SizeInGiB": { - "markdownDescription": "The size of the volume in GiB. You must specify either a volume size or a snapshot ID. If you specify a snapshot ID, the snapshot size is used for the volume size by default. You can optionally specify a volume size greater than or equal to the snapshot size. This parameter maps 1:1 with the `Size` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .\n\nThe following are the supported volume size values for each volume type.\n\n- `gp2` and `gp3` : 1-16,384\n- `io1` and `io2` : 4-16,384\n- `st1` and `sc1` : 125-16,384\n- `standard` : 1-1,024", - "title": "SizeInGiB", + "MinTargetCapacity": { + "markdownDescription": "The minimum target capacity for Spot Instances in the fleet. If this minimum capacity isn't reached, no instances are launched.\n\nConstraints: Maximum value of `1000` . Supported only for fleets of type `instant` .\n\nAt least one of the following must be specified: `SingleAvailabilityZone` | `SingleInstanceType`", + "title": "MinTargetCapacity", "type": "number" }, - "SnapshotId": { - "markdownDescription": "The snapshot that Amazon ECS uses to create volumes for attachment to tasks maintained by the service. You must specify either `snapshotId` or `sizeInGiB` in your volume configuration. This parameter maps 1:1 with the `SnapshotId` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .", - "title": "SnapshotId", + "SingleAvailabilityZone": { + "markdownDescription": "Indicates that the fleet launches all Spot Instances into a single Availability Zone.\n\nSupported only for fleets of type `instant` .", + "title": "SingleAvailabilityZone", + "type": "boolean" + }, + "SingleInstanceType": { + "markdownDescription": "Indicates that the fleet uses a single instance type to launch all Spot Instances in the fleet.\n\nSupported only for fleets of type `instant` .", + "title": "SingleInstanceType", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EC2::EC2Fleet.TagSpecification": { + "additionalProperties": false, + "properties": { + "ResourceType": { + "markdownDescription": "The type of resource to tag.", + "title": "ResourceType", "type": "string" }, - "TagSpecifications": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::ECS::Service.EBSTagSpecification" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to apply to the volume. Amazon ECS applies service-managed tags by default. This parameter maps 1:1 with the `TagSpecifications.N` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .", - "title": "TagSpecifications", + "markdownDescription": "The tags to apply to the resource.", + "title": "Tags", "type": "array" - }, - "Throughput": { - "markdownDescription": "The throughput to provision for a volume, in MiB/s, with a maximum of 1,000 MiB/s. This parameter maps 1:1 with the `Throughput` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .\n\n> This parameter is only supported for the `gp3` volume type.", - "title": "Throughput", - "type": "number" - }, - "VolumeType": { - "markdownDescription": "The volume type. This parameter maps 1:1 with the `VolumeType` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* . For more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-volume-types.html) in the *Amazon EC2 User Guide* .\n\nThe following are the supported volume types.\n\n- General Purpose SSD: `gp2` | `gp3`\n- Provisioned IOPS SSD: `io1` | `io2`\n- Throughput Optimized HDD: `st1`\n- Cold HDD: `sc1`\n- Magnetic: `standard`\n\n> The magnetic volume type is not supported on Fargate.", - "title": "VolumeType", - "type": "string" } }, - "required": [ - "RoleArn" - ], "type": "object" }, - "AWS::ECS::Service.ServiceRegistry": { + "AWS::EC2::EC2Fleet.TargetCapacitySpecificationRequest": { "additionalProperties": false, "properties": { - "ContainerName": { - "markdownDescription": "The container name value to be used for your service discovery service. It's already specified in the task definition. If the task definition that your service task specifies uses the `bridge` or `host` network mode, you must specify a `containerName` and `containerPort` combination from the task definition. If the task definition that your service task specifies uses the `awsvpc` network mode and a type SRV DNS record is used, you must specify either a `containerName` and `containerPort` combination or a `port` value. However, you can't specify both.", - "title": "ContainerName", + "DefaultTargetCapacityType": { + "markdownDescription": "The default target capacity type.", + "title": "DefaultTargetCapacityType", "type": "string" }, - "ContainerPort": { - "markdownDescription": "The port value to be used for your service discovery service. It's already specified in the task definition. If the task definition your service task specifies uses the `bridge` or `host` network mode, you must specify a `containerName` and `containerPort` combination from the task definition. If the task definition your service task specifies uses the `awsvpc` network mode and a type SRV DNS record is used, you must specify either a `containerName` and `containerPort` combination or a `port` value. However, you can't specify both.", - "title": "ContainerPort", + "OnDemandTargetCapacity": { + "markdownDescription": "The number of On-Demand units to request.", + "title": "OnDemandTargetCapacity", "type": "number" }, - "Port": { - "markdownDescription": "The port value used if your service discovery service specified an SRV record. This field might be used if both the `awsvpc` network mode and SRV records are used.", - "title": "Port", + "SpotTargetCapacity": { + "markdownDescription": "The number of Spot units to request.", + "title": "SpotTargetCapacity", "type": "number" }, - "RegistryArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the service registry. The currently supported service registry is AWS Cloud Map . For more information, see [CreateService](https://docs.aws.amazon.com/cloud-map/latest/api/API_CreateService.html) .", - "title": "RegistryArn", + "TargetCapacityUnitType": { + "markdownDescription": "The unit for the target capacity. You can specify this parameter only when using attributed-based instance type selection.\n\nDefault: `units` (the number of instances)", + "title": "TargetCapacityUnitType", "type": "string" + }, + "TotalTargetCapacity": { + "markdownDescription": "The number of units to request, filled using the default target capacity type.", + "title": "TotalTargetCapacity", + "type": "number" } }, + "required": [ + "TotalTargetCapacity" + ], "type": "object" }, - "AWS::ECS::Service.ServiceVolumeConfiguration": { + "AWS::EC2::EC2Fleet.TotalLocalStorageGBRequest": { "additionalProperties": false, "properties": { - "ManagedEBSVolume": { - "$ref": "#/definitions/AWS::ECS::Service.ServiceManagedEBSVolumeConfiguration", - "markdownDescription": "The configuration for the Amazon EBS volume that Amazon ECS creates and manages on your behalf. These settings are used to create each Amazon EBS volume, with one volume created for each task in the service. The Amazon EBS volumes are visible in your account in the Amazon EC2 console once they are created.", - "title": "ManagedEBSVolume" + "Max": { + "markdownDescription": "The maximum amount of total local storage, in GB. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" }, - "Name": { - "markdownDescription": "The name of the volume. This value must match the volume name from the `Volume` object in the task definition.", - "title": "Name", - "type": "string" + "Min": { + "markdownDescription": "The minimum amount of total local storage, in GB. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" } }, - "required": [ - "Name" - ], "type": "object" }, - "AWS::ECS::Service.TimeoutConfiguration": { + "AWS::EC2::EC2Fleet.VCpuCountRangeRequest": { "additionalProperties": false, "properties": { - "IdleTimeoutSeconds": { - "markdownDescription": "The amount of time in seconds a connection will stay active while idle. A value of `0` can be set to disable `idleTimeout` .\n\nThe `idleTimeout` default for `HTTP` / `HTTP2` / `GRPC` is 5 minutes.\n\nThe `idleTimeout` default for `TCP` is 1 hour.", - "title": "IdleTimeoutSeconds", + "Max": { + "markdownDescription": "The maximum number of vCPUs. To specify no maximum limit, omit this parameter.", + "title": "Max", "type": "number" }, - "PerRequestTimeoutSeconds": { - "markdownDescription": "The amount of time waiting for the upstream to respond with a complete response per request. A value of `0` can be set to disable `perRequestTimeout` . `perRequestTimeout` can only be set if Service Connect `appProtocol` isn't `TCP` . Only `idleTimeout` is allowed for `TCP` `appProtocol` .", - "title": "PerRequestTimeoutSeconds", + "Min": { + "markdownDescription": "The minimum number of vCPUs. To specify no minimum limit, specify `0` .", + "title": "Min", "type": "number" } }, "type": "object" }, - "AWS::ECS::TaskDefinition": { + "AWS::EC2::EIP": { "additionalProperties": false, "properties": { "Condition": { @@ -84162,115 +89883,55 @@ "Properties": { "additionalProperties": false, "properties": { - "ContainerDefinitions": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.ContainerDefinition" - }, - "markdownDescription": "A list of container definitions in JSON format that describe the different containers that make up your task. For more information about container definition parameters and defaults, see [Amazon ECS Task Definitions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_defintions.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "ContainerDefinitions", - "type": "array" - }, - "Cpu": { - "markdownDescription": "The number of `cpu` units used by the task. If you use the EC2 launch type, this field is optional. Any value can be used. If you use the Fargate launch type, this field is required. You must use one of the following values. The value that you choose determines your range of valid values for the `memory` parameter.\n\nIf you're using the EC2 launch type or the external launch type, this field is optional. Supported values are between `128` CPU units ( `0.125` vCPUs) and `196608` CPU units ( `192` vCPUs).\n\nThis field is required for Fargate. For information about the valid values, see [Task size](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html#task_size) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "Cpu", - "type": "string" - }, - "EphemeralStorage": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.EphemeralStorage", - "markdownDescription": "The ephemeral storage settings to use for tasks run with the task definition.", - "title": "EphemeralStorage" - }, - "ExecutionRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the task execution role that grants the Amazon ECS container agent permission to make AWS API calls on your behalf. For informationabout the required IAM roles for Amazon ECS, see [IAM roles for Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/security-ecs-iam-role-overview.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "ExecutionRoleArn", + "Address": { + "markdownDescription": "An Elastic IP address or a carrier IP address in a Wavelength Zone.", + "title": "Address", "type": "string" }, - "Family": { - "markdownDescription": "The name of a family that this task definition is registered to. Up to 255 letters (uppercase and lowercase), numbers, hyphens, and underscores are allowed.\n\nA family groups multiple versions of a task definition. Amazon ECS gives the first task definition that you registered to a family a revision number of 1. Amazon ECS gives sequential revision numbers to each task definition that you add.\n\n> To use revision numbers when you update a task definition, specify this property. If you don't specify a value, AWS CloudFormation generates a new task definition each time that you update it.", - "title": "Family", + "Domain": { + "markdownDescription": "The network ( `vpc` ).\n\nIf you define an Elastic IP address and associate it with a VPC that is defined in the same template, you must declare a dependency on the VPC-gateway attachment by using the [DependsOn Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) on this resource.", + "title": "Domain", "type": "string" }, - "InferenceAccelerators": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.InferenceAccelerator" - }, - "markdownDescription": "The Elastic Inference accelerators to use for the containers in the task.", - "title": "InferenceAccelerators", - "type": "array" - }, - "IpcMode": { - "markdownDescription": "The IPC resource namespace to use for the containers in the task. The valid values are `host` , `task` , or `none` . If `host` is specified, then all containers within the tasks that specified the `host` IPC mode on the same container instance share the same IPC resources with the host Amazon EC2 instance. If `task` is specified, all containers within the specified task share the same IPC resources. If `none` is specified, then IPC resources within the containers of a task are private and not shared with other containers in a task or on the container instance. If no value is specified, then the IPC resource namespace sharing depends on the Docker daemon setting on the container instance.\n\nIf the `host` IPC mode is used, be aware that there is a heightened risk of undesired IPC namespace expose.\n\nIf you are setting namespaced kernel parameters using `systemControls` for the containers in the task, the following will apply to your IPC resource namespace. For more information, see [System Controls](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html) in the *Amazon Elastic Container Service Developer Guide* .\n\n- For tasks that use the `host` IPC mode, IPC namespace related `systemControls` are not supported.\n- For tasks that use the `task` IPC mode, IPC namespace related `systemControls` will apply to all containers within a task.\n\n> This parameter is not supported for Windows containers or tasks run on AWS Fargate .", - "title": "IpcMode", + "InstanceId": { + "markdownDescription": "The ID of the instance.\n\n> Updates to the `InstanceId` property may require *some interruptions* . Updates on an EIP reassociates the address on its associated resource.", + "title": "InstanceId", "type": "string" }, - "Memory": { - "markdownDescription": "The amount (in MiB) of memory used by the task.\n\nIf your tasks runs on Amazon EC2 instances, you must specify either a task-level memory value or a container-level memory value. This field is optional and any value can be used. If a task-level memory value is specified, the container-level memory value is optional. For more information regarding container-level memory and memory reservation, see [ContainerDefinition](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ContainerDefinition.html) .\n\nIf your tasks runs on AWS Fargate , this field is required. You must use one of the following values. The value you choose determines your range of valid values for the `cpu` parameter.\n\n- 512 (0.5 GB), 1024 (1 GB), 2048 (2 GB) - Available `cpu` values: 256 (.25 vCPU)\n- 1024 (1 GB), 2048 (2 GB), 3072 (3 GB), 4096 (4 GB) - Available `cpu` values: 512 (.5 vCPU)\n- 2048 (2 GB), 3072 (3 GB), 4096 (4 GB), 5120 (5 GB), 6144 (6 GB), 7168 (7 GB), 8192 (8 GB) - Available `cpu` values: 1024 (1 vCPU)\n- Between 4096 (4 GB) and 16384 (16 GB) in increments of 1024 (1 GB) - Available `cpu` values: 2048 (2 vCPU)\n- Between 8192 (8 GB) and 30720 (30 GB) in increments of 1024 (1 GB) - Available `cpu` values: 4096 (4 vCPU)\n- Between 16 GB and 60 GB in 4 GB increments - Available `cpu` values: 8192 (8 vCPU)\n\nThis option requires Linux platform `1.4.0` or later.\n- Between 32GB and 120 GB in 8 GB increments - Available `cpu` values: 16384 (16 vCPU)\n\nThis option requires Linux platform `1.4.0` or later.", - "title": "Memory", + "IpamPoolId": { + "markdownDescription": "The ID of an IPAM pool which has an Amazon-provided or BYOIP public IPv4 CIDR provisioned to it. For more information, see [Allocate sequential Elastic IP addresses from an IPAM pool](https://docs.aws.amazon.com/vpc/latest/ipam/tutorials-eip-pool.html) in the *Amazon VPC IPAM User Guide* .", + "title": "IpamPoolId", "type": "string" }, - "NetworkMode": { - "markdownDescription": "The Docker networking mode to use for the containers in the task. The valid values are `none` , `bridge` , `awsvpc` , and `host` . If no network mode is specified, the default is `bridge` .\n\nFor Amazon ECS tasks on Fargate, the `awsvpc` network mode is required. For Amazon ECS tasks on Amazon EC2 Linux instances, any network mode can be used. For Amazon ECS tasks on Amazon EC2 Windows instances, `` or `awsvpc` can be used. If the network mode is set to `none` , you cannot specify port mappings in your container definitions, and the tasks containers do not have external connectivity. The `host` and `awsvpc` network modes offer the highest networking performance for containers because they use the EC2 network stack instead of the virtualized network stack provided by the `bridge` mode.\n\nWith the `host` and `awsvpc` network modes, exposed container ports are mapped directly to the corresponding host port (for the `host` network mode) or the attached elastic network interface port (for the `awsvpc` network mode), so you cannot take advantage of dynamic host port mappings.\n\n> When using the `host` network mode, you should not run containers using the root user (UID 0). It is considered best practice to use a non-root user. \n\nIf the network mode is `awsvpc` , the task is allocated an elastic network interface, and you must specify a [NetworkConfiguration](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_NetworkConfiguration.html) value when you create a service or run a task with the task definition. For more information, see [Task Networking](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-networking.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nIf the network mode is `host` , you cannot run multiple instantiations of the same task on a single container instance when port mappings are used.", - "title": "NetworkMode", + "NetworkBorderGroup": { + "markdownDescription": "A unique set of Availability Zones, Local Zones, or Wavelength Zones from which AWS advertises IP addresses. Use this parameter to limit the IP address to this location. IP addresses cannot move between network border groups.\n\nUse [DescribeAvailabilityZones](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAvailabilityZones.html) to view the network border groups.", + "title": "NetworkBorderGroup", "type": "string" }, - "PidMode": { - "markdownDescription": "The process namespace to use for the containers in the task. The valid values are `host` or `task` . On Fargate for Linux containers, the only valid value is `task` . For example, monitoring sidecars might need `pidMode` to access information about other containers running in the same task.\n\nIf `host` is specified, all containers within the tasks that specified the `host` PID mode on the same container instance share the same process namespace with the host Amazon EC2 instance.\n\nIf `task` is specified, all containers within the specified task share the same process namespace.\n\nIf no value is specified, the default is a private namespace for each container.\n\nIf the `host` PID mode is used, there's a heightened risk of undesired process namespace exposure.\n\n> This parameter is not supported for Windows containers. > This parameter is only supported for tasks that are hosted on AWS Fargate if the tasks are using platform version `1.4.0` or later (Linux). This isn't supported for Windows containers on Fargate.", - "title": "PidMode", + "PublicIpv4Pool": { + "markdownDescription": "The ID of an address pool that you own. Use this parameter to let Amazon EC2 select an address from the address pool.\n\n> Updates to the `PublicIpv4Pool` property may require *some interruptions* . Updates on an EIP reassociates the address on its associated resource.", + "title": "PublicIpv4Pool", "type": "string" }, - "PlacementConstraints": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.TaskDefinitionPlacementConstraint" - }, - "markdownDescription": "An array of placement constraint objects to use for tasks.\n\n> This parameter isn't supported for tasks run on AWS Fargate .", - "title": "PlacementConstraints", - "type": "array" - }, - "ProxyConfiguration": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.ProxyConfiguration", - "markdownDescription": "The configuration details for the App Mesh proxy.\n\nYour Amazon ECS container instances require at least version 1.26.0 of the container agent and at least version 1.26.0-1 of the `ecs-init` package to use a proxy configuration. If your container instances are launched from the Amazon ECS optimized AMI version `20190301` or later, they contain the required versions of the container agent and `ecs-init` . For more information, see [Amazon ECS-optimized Linux AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "ProxyConfiguration" - }, - "RequiresCompatibilities": { - "items": { - "type": "string" - }, - "markdownDescription": "The task launch types the task definition was validated against. The valid values are `EC2` , `FARGATE` , and `EXTERNAL` . For more information, see [Amazon ECS launch types](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/launch_types.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "RequiresCompatibilities", - "type": "array" - }, - "RuntimePlatform": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.RuntimePlatform", - "markdownDescription": "The operating system that your tasks definitions run on. A platform family is specified only for tasks using the Fargate launch type.", - "title": "RuntimePlatform" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The metadata that you apply to the task definition to help you categorize and organize them. Each tag consists of a key and an optional value. You define both of them.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8\n- Maximum value length - 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", + "markdownDescription": "Any tags assigned to the Elastic IP address.\n\n> Updates to the `Tags` property may require *some interruptions* . Updates on an EIP reassociates the address on its associated resource.", "title": "Tags", "type": "array" }, - "TaskRoleArn": { - "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the AWS Identity and Access Management role that grants containers in the task permission to call AWS APIs on your behalf. For more information, see [Amazon ECS Task Role](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-iam-roles.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nIAM roles for tasks on Windows require that the `-EnableTaskIAMRole` option is set when you launch the Amazon ECS-optimized Windows AMI. Your containers must also run some configuration code to use the feature. For more information, see [Windows IAM roles for tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/windows_task_IAM_roles.html) in the *Amazon Elastic Container Service Developer Guide* .\n\n> String validation is done on the ECS side. If an invalid string value is given for `TaskRoleArn` , it may cause the Cloudformation job to hang.", - "title": "TaskRoleArn", + "TransferAddress": { + "markdownDescription": "The Elastic IP address you are accepting for transfer. You can only accept one transferred address. For more information on Elastic IP address transfers, see [Transfer Elastic IP addresses](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-eips.html#transfer-EIPs-intro) in the *Amazon Virtual Private Cloud User Guide* .", + "title": "TransferAddress", "type": "string" - }, - "Volumes": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.Volume" - }, - "markdownDescription": "The list of data volume definitions for the task. For more information, see [Using data volumes in tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_data_volumes.html) in the *Amazon Elastic Container Service Developer Guide* .\n\n> The `host` and `sourcePath` parameters aren't supported for tasks run on AWS Fargate .", - "title": "Volumes", - "type": "array" } }, "type": "object" }, "Type": { "enum": [ - "AWS::ECS::TaskDefinition" + "AWS::EC2::EIP" ], "type": "string" }, @@ -84288,876 +89949,1133 @@ ], "type": "object" }, - "AWS::ECS::TaskDefinition.AuthorizationConfig": { + "AWS::EC2::EIPAssociation": { "additionalProperties": false, "properties": { - "AccessPointId": { - "markdownDescription": "The Amazon EFS access point ID to use. If an access point is specified, the root directory value specified in the `EFSVolumeConfiguration` must either be omitted or set to `/` which will enforce the path set on the EFS access point. If an access point is used, transit encryption must be on in the `EFSVolumeConfiguration` . For more information, see [Working with Amazon EFS access points](https://docs.aws.amazon.com/efs/latest/ug/efs-access-points.html) in the *Amazon Elastic File System User Guide* .", - "title": "AccessPointId", + "Condition": { "type": "string" }, - "IAM": { - "markdownDescription": "Determines whether to use the Amazon ECS task role defined in a task definition when mounting the Amazon EFS file system. If it is turned on, transit encryption must be turned on in the `EFSVolumeConfiguration` . If this parameter is omitted, the default value of `DISABLED` is used. For more information, see [Using Amazon EFS access points](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/efs-volumes.html#efs-volume-accesspoints) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "IAM", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AllocationId": { + "markdownDescription": "The allocation ID. This is required.", + "title": "AllocationId", + "type": "string" + }, + "InstanceId": { + "markdownDescription": "The ID of the instance. The instance must have exactly one attached network interface. You can specify either the instance ID or the network interface ID, but not both.", + "title": "InstanceId", + "type": "string" + }, + "NetworkInterfaceId": { + "markdownDescription": "The ID of the network interface. If the instance has more than one network interface, you must specify a network interface ID.\n\nYou can specify either the instance ID or the network interface ID, but not both.", + "title": "NetworkInterfaceId", + "type": "string" + }, + "PrivateIpAddress": { + "markdownDescription": "The primary or secondary private IP address to associate with the Elastic IP address. If no private IP address is specified, the Elastic IP address is associated with the primary private IP address.", + "title": "PrivateIpAddress", + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::EC2::EIPAssociation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::ECS::TaskDefinition.ContainerDefinition": { + "AWS::EC2::EgressOnlyInternetGateway": { "additionalProperties": false, "properties": { - "Command": { - "items": { - "type": "string" - }, - "markdownDescription": "The command that's passed to the container. This parameter maps to `Cmd` in the docker container create command and the `COMMAND` parameter to docker run. If there are multiple arguments, each argument is a separated string in the array.", - "title": "Command", - "type": "array" - }, - "Cpu": { - "markdownDescription": "The number of `cpu` units reserved for the container. This parameter maps to `CpuShares` in the docker container create commandand the `--cpu-shares` option to docker run.\n\nThis field is optional for tasks using the Fargate launch type, and the only requirement is that the total amount of CPU reserved for all containers within a task be lower than the task-level `cpu` value.\n\n> You can determine the number of CPU units that are available per EC2 instance type by multiplying the vCPUs listed for that instance type on the [Amazon EC2 Instances](https://docs.aws.amazon.com/ec2/instance-types/) detail page by 1,024. \n\nLinux containers share unallocated CPU units with other containers on the container instance with the same ratio as their allocated amount. For example, if you run a single-container task on a single-core instance type with 512 CPU units specified for that container, and that's the only task running on the container instance, that container could use the full 1,024 CPU unit share at any given time. However, if you launched another copy of the same task on that container instance, each task is guaranteed a minimum of 512 CPU units when needed. Moreover, each container could float to higher CPU usage if the other container was not using it. If both tasks were 100% active all of the time, they would be limited to 512 CPU units.\n\nOn Linux container instances, the Docker daemon on the container instance uses the CPU value to calculate the relative CPU share ratios for running containers. The minimum valid CPU share value that the Linux kernel allows is 2, and the maximum valid CPU share value that the Linux kernel allows is 262144. However, the CPU parameter isn't required, and you can use CPU values below 2 or above 262144 in your container definitions. For CPU values below 2 (including null) or above 262144, the behavior varies based on your Amazon ECS container agent version:\n\n- *Agent versions less than or equal to 1.1.0:* Null and zero CPU values are passed to Docker as 0, which Docker then converts to 1,024 CPU shares. CPU values of 1 are passed to Docker as 1, which the Linux kernel converts to two CPU shares.\n- *Agent versions greater than or equal to 1.2.0:* Null, zero, and CPU values of 1 are passed to Docker as 2.\n- *Agent versions greater than or equal to 1.84.0:* CPU values greater than 256 vCPU are passed to Docker as 256, which is equivalent to 262144 CPU shares.\n\nOn Windows container instances, the CPU limit is enforced as an absolute limit, or a quota. Windows containers only have access to the specified amount of CPU that's described in the task definition. A null or zero CPU value is passed to Docker as `0` , which Windows interprets as 1% of one CPU.", - "title": "Cpu", - "type": "number" + "Condition": { + "type": "string" }, - "CredentialSpecs": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of ARNs in SSM or Amazon S3 to a credential spec ( `CredSpec` ) file that configures the container for Active Directory authentication. We recommend that you use this parameter instead of the `dockerSecurityOptions` . The maximum number of ARNs is 1.\n\nThere are two formats for each ARN.\n\n- **credentialspecdomainless:MyARN** - You use `credentialspecdomainless:MyARN` to provide a `CredSpec` with an additional section for a secret in AWS Secrets Manager . You provide the login credentials to the domain in the secret.\n\nEach task that runs on any container instance can join different domains.\n\nYou can use this format without joining the container instance to a domain.\n- **credentialspec:MyARN** - You use `credentialspec:MyARN` to provide a `CredSpec` for a single domain.\n\nYou must join the container instance to the domain before you start any tasks that use this task definition.\n\nIn both formats, replace `MyARN` with the ARN in SSM or Amazon S3.\n\nIf you provide a `credentialspecdomainless:MyARN` , the `credspec` must provide a ARN in AWS Secrets Manager for a secret containing the username, password, and the domain to connect to. For better security, the instance isn't joined to the domain for domainless authentication. Other applications on the instance can't use the domainless credentials. You can use this parameter to run tasks on the same instance, even it the tasks need to join different domains. For more information, see [Using gMSAs for Windows Containers](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/windows-gmsa.html) and [Using gMSAs for Linux Containers](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/linux-gmsa.html) .", - "title": "CredentialSpecs", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, "DependsOn": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.ContainerDependency" - }, - "markdownDescription": "The dependencies defined for container startup and shutdown. A container can contain multiple dependencies. When a dependency is defined for container startup, for container shutdown it is reversed.\n\nFor tasks using the EC2 launch type, the container instances require at least version 1.26.0 of the container agent to turn on container dependencies. However, we recommend using the latest container agent version. For information about checking your agent version and updating to the latest version, see [Updating the Amazon ECS Container Agent](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-update.html) in the *Amazon Elastic Container Service Developer Guide* . If you're using an Amazon ECS-optimized Linux AMI, your instance needs at least version 1.26.0-1 of the `ecs-init` package. If your container instances are launched from version `20190301` or later, then they contain the required versions of the container agent and `ecs-init` . For more information, see [Amazon ECS-optimized Linux AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nFor tasks using the Fargate launch type, the task or service requires the following platforms:\n\n- Linux platform version `1.3.0` or later.\n- Windows platform version `1.0.0` or later.\n\nIf the task definition is used in a blue/green deployment that uses [AWS::CodeDeploy::DeploymentGroup BlueGreenDeploymentConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-codedeploy-deploymentgroup-bluegreendeploymentconfiguration.html) , the `dependsOn` parameter is not supported.", - "title": "DependsOn", - "type": "array" - }, - "DisableNetworking": { - "markdownDescription": "When this parameter is true, networking is off within the container. This parameter maps to `NetworkDisabled` in the docker container create command.\n\n> This parameter is not supported for Windows containers.", - "title": "DisableNetworking", - "type": "boolean" - }, - "DnsSearchDomains": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of DNS search domains that are presented to the container. This parameter maps to `DnsSearch` in the docker container create command and the `--dns-search` option to docker run.\n\n> This parameter is not supported for Windows containers.", - "title": "DnsSearchDomains", - "type": "array" + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "DnsServers": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of DNS servers that are presented to the container. This parameter maps to `Dns` in the docker container create command and the `--dns` option to docker run.\n\n> This parameter is not supported for Windows containers.", - "title": "DnsServers", - "type": "array" + "Metadata": { + "type": "object" }, - "DockerLabels": { - "additionalProperties": true, - "markdownDescription": "A key/value map of labels to add to the container. This parameter maps to `Labels` in the docker container create command and the `--label` option to docker run. This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`", - "patternProperties": { - "^[a-zA-Z0-9]+$": { + "Properties": { + "additionalProperties": false, + "properties": { + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags assigned to the egress-only internet gateway.", + "title": "Tags", + "type": "array" + }, + "VpcId": { + "markdownDescription": "The ID of the VPC for which to create the egress-only internet gateway.", + "title": "VpcId", "type": "string" } }, - "title": "DockerLabels", + "required": [ + "VpcId" + ], "type": "object" }, - "DockerSecurityOptions": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of strings to provide custom configuration for multiple security systems. This field isn't valid for containers in tasks using the Fargate launch type.\n\nFor Linux tasks on EC2, this parameter can be used to reference custom labels for SELinux and AppArmor multi-level security systems.\n\nFor any tasks on EC2, this parameter can be used to reference a credential spec file that configures a container for Active Directory authentication. For more information, see [Using gMSAs for Windows Containers](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/windows-gmsa.html) and [Using gMSAs for Linux Containers](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/linux-gmsa.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nThis parameter maps to `SecurityOpt` in the docker container create command and the `--security-opt` option to docker run.\n\n> The Amazon ECS container agent running on a container instance must register with the `ECS_SELINUX_CAPABLE=true` or `ECS_APPARMOR_CAPABLE=true` environment variables before containers placed on that instance can use these security options. For more information, see [Amazon ECS Container Agent Configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the *Amazon Elastic Container Service Developer Guide* . \n\nValid values: \"no-new-privileges\" | \"apparmor:PROFILE\" | \"label:value\" | \"credentialspec:CredentialSpecFilePath\"", - "title": "DockerSecurityOptions", - "type": "array" + "Type": { + "enum": [ + "AWS::EC2::EgressOnlyInternetGateway" + ], + "type": "string" }, - "EntryPoint": { - "items": { - "type": "string" - }, - "markdownDescription": "> Early versions of the Amazon ECS container agent don't properly handle `entryPoint` parameters. If you have problems using `entryPoint` , update your container agent or enter your commands and arguments as `command` array items instead. \n\nThe entry point that's passed to the container. This parameter maps to `Entrypoint` in the docker container create command and the `--entrypoint` option to docker run.", - "title": "EntryPoint", - "type": "array" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::EC2::EnclaveCertificateIamRoleAssociation": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" }, - "Environment": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.KeyValuePair" - }, - "markdownDescription": "The environment variables to pass to a container. This parameter maps to `Env` in the docker container create command and the `--env` option to docker run.\n\n> We don't recommend that you use plaintext environment variables for sensitive information, such as credential data.", - "title": "Environment", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "EnvironmentFiles": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.EnvironmentFile" - }, - "markdownDescription": "A list of files containing the environment variables to pass to a container. This parameter maps to the `--env-file` option to docker run.\n\nYou can specify up to ten environment files. The file must have a `.env` file extension. Each line in an environment file contains an environment variable in `VARIABLE=VALUE` format. Lines beginning with `#` are treated as comments and are ignored.\n\nIf there are environment variables specified using the `environment` parameter in a container definition, they take precedence over the variables contained within an environment file. If multiple environment files are specified that contain the same variable, they're processed from the top down. We recommend that you use unique variable names. For more information, see [Specifying Environment Variables](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/taskdef-envfiles.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "EnvironmentFiles", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Essential": { - "markdownDescription": "If the `essential` parameter of a container is marked as `true` , and that container fails or stops for any reason, all other containers that are part of the task are stopped. If the `essential` parameter of a container is marked as `false` , its failure doesn't affect the rest of the containers in a task. If this parameter is omitted, a container is assumed to be essential.\n\nAll tasks must have at least one essential container. If you have an application that's composed of multiple containers, group containers that are used for a common purpose into components, and separate the different components into multiple task definitions. For more information, see [Application Architecture](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/application_architecture.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "Essential", - "type": "boolean" + "Metadata": { + "type": "object" }, - "ExtraHosts": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.HostEntry" + "Properties": { + "additionalProperties": false, + "properties": { + "CertificateArn": { + "markdownDescription": "The ARN of the ACM certificate with which to associate the IAM role.", + "title": "CertificateArn", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the IAM role to associate with the ACM certificate. You can associate up to 16 IAM roles with an ACM certificate.", + "title": "RoleArn", + "type": "string" + } }, - "markdownDescription": "A list of hostnames and IP address mappings to append to the `/etc/hosts` file on the container. This parameter maps to `ExtraHosts` in the docker container create command and the `--add-host` option to docker run.\n\n> This parameter isn't supported for Windows containers or tasks that use the `awsvpc` network mode.", - "title": "ExtraHosts", - "type": "array" - }, - "FirelensConfiguration": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.FirelensConfiguration", - "markdownDescription": "The FireLens configuration for the container. This is used to specify and configure a log router for container logs. For more information, see [Custom Log Routing](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "FirelensConfiguration" + "required": [ + "CertificateArn", + "RoleArn" + ], + "type": "object" }, - "HealthCheck": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.HealthCheck", - "markdownDescription": "The container health check command and associated configuration parameters for the container. This parameter maps to `HealthCheck` in the docker container create command and the `HEALTHCHECK` parameter of docker run.", - "title": "HealthCheck" + "Type": { + "enum": [ + "AWS::EC2::EnclaveCertificateIamRoleAssociation" + ], + "type": "string" }, - "Hostname": { - "markdownDescription": "The hostname to use for your container. This parameter maps to `Hostname` in the docker container create command and the `--hostname` option to docker run.\n\n> The `hostname` parameter is not supported if you're using the `awsvpc` network mode.", - "title": "Hostname", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::EC2::FlowLog": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "Image": { - "markdownDescription": "The image used to start a container. This string is passed directly to the Docker daemon. By default, images in the Docker Hub registry are available. Other repositories are specified with either `*repository-url* / *image* : *tag*` or `*repository-url* / *image* @ *digest*` . Up to 255 letters (uppercase and lowercase), numbers, hyphens, underscores, colons, periods, forward slashes, and number signs are allowed. This parameter maps to `Image` in the docker container create command and the `IMAGE` parameter of docker run.\n\n- When a new task starts, the Amazon ECS container agent pulls the latest version of the specified image and tag for the container to use. However, subsequent updates to a repository image aren't propagated to already running tasks.\n- Images in Amazon ECR repositories can be specified by either using the full `registry/repository:tag` or `registry/repository@digest` . For example, `012345678910.dkr.ecr..amazonaws.com/:latest` or `012345678910.dkr.ecr..amazonaws.com/@sha256:94afd1f2e64d908bc90dbca0035a5b567EXAMPLE` .\n- Images in official repositories on Docker Hub use a single name (for example, `ubuntu` or `mongo` ).\n- Images in other repositories on Docker Hub are qualified with an organization name (for example, `amazon/amazon-ecs-agent` ).\n- Images in other online repositories are qualified further by a domain name (for example, `quay.io/assemblyline/ubuntu` ).", - "title": "Image", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Interactive": { - "markdownDescription": "When this parameter is `true` , you can deploy containerized applications that require `stdin` or a `tty` to be allocated. This parameter maps to `OpenStdin` in the docker container create command and the `--interactive` option to docker run.", - "title": "Interactive", - "type": "boolean" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Links": { - "items": { - "type": "string" - }, - "markdownDescription": "The `links` parameter allows containers to communicate with each other without the need for port mappings. This parameter is only supported if the network mode of a task definition is `bridge` . The `name:internalName` construct is analogous to `name:alias` in Docker links. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed.. This parameter maps to `Links` in the docker container create command and the `--link` option to docker run.\n\n> This parameter is not supported for Windows containers. > Containers that are collocated on a single container instance may be able to communicate with each other without requiring links or host port mappings. Network isolation is achieved on the container instance using security groups and VPC settings.", - "title": "Links", - "type": "array" - }, - "LinuxParameters": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.LinuxParameters", - "markdownDescription": "Linux-specific modifications that are applied to the container, such as Linux kernel capabilities. For more information see [KernelCapabilities](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_KernelCapabilities.html) .\n\n> This parameter is not supported for Windows containers.", - "title": "LinuxParameters" - }, - "LogConfiguration": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.LogConfiguration", - "markdownDescription": "The log configuration specification for the container.\n\nThis parameter maps to `LogConfig` in the docker Create a container command and the `--log-driver` option to docker run. By default, containers use the same logging driver that the Docker daemon uses. However, the container may use a different logging driver than the Docker daemon by specifying a log driver with this parameter in the container definition. To use a different logging driver for a container, the log system must be configured properly on the container instance (or on a different log server for remote logging options). For more information on the options for different supported log drivers, see [Configure logging drivers](https://docs.aws.amazon.com/https://docs.docker.com/engine/admin/logging/overview/) in the Docker documentation.\n\n> Amazon ECS currently supports a subset of the logging drivers available to the Docker daemon (shown in the [LogConfiguration](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_LogConfiguration.html) data type). Additional log drivers may be available in future releases of the Amazon ECS container agent. \n\nThis parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`\n\n> The Amazon ECS container agent running on a container instance must register the logging drivers available on that instance with the `ECS_AVAILABLE_LOGGING_DRIVERS` environment variable before containers placed on that instance can use these log configuration options. For more information, see [Amazon ECS Container Agent Configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "LogConfiguration" - }, - "Memory": { - "markdownDescription": "The amount (in MiB) of memory to present to the container. If your container attempts to exceed the memory specified here, the container is killed. The total amount of memory reserved for all containers within a task must be lower than the task `memory` value, if one is specified. This parameter maps to `Memory` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--memory` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .\n\nIf using the Fargate launch type, this parameter is optional.\n\nIf using the EC2 launch type, you must specify either a task-level memory value or a container-level memory value. If you specify both a container-level `memory` and `memoryReservation` value, `memory` must be greater than `memoryReservation` . If you specify `memoryReservation` , then that value is subtracted from the available memory resources for the container instance where the container is placed. Otherwise, the value of `memory` is used.\n\nThe Docker 20.10.0 or later daemon reserves a minimum of 6 MiB of memory for a container, so you should not specify fewer than 6 MiB of memory for your containers.\n\nThe Docker 19.03.13-ce or earlier daemon reserves a minimum of 4 MiB of memory for a container, so you should not specify fewer than 4 MiB of memory for your containers.", - "title": "Memory", - "type": "number" - }, - "MemoryReservation": { - "markdownDescription": "The soft limit (in MiB) of memory to reserve for the container. When system memory is under heavy contention, Docker attempts to keep the container memory to this soft limit. However, your container can consume more memory when it needs to, up to either the hard limit specified with the `memory` parameter (if applicable), or all of the available memory on the container instance, whichever comes first. This parameter maps to `MemoryReservation` in the docker container create command and the `--memory-reservation` option to docker run.\n\nIf a task-level memory value is not specified, you must specify a non-zero integer for one or both of `memory` or `memoryReservation` in a container definition. If you specify both, `memory` must be greater than `memoryReservation` . If you specify `memoryReservation` , then that value is subtracted from the available memory resources for the container instance where the container is placed. Otherwise, the value of `memory` is used.\n\nFor example, if your container normally uses 128 MiB of memory, but occasionally bursts to 256 MiB of memory for short periods of time, you can set a `memoryReservation` of 128 MiB, and a `memory` hard limit of 300 MiB. This configuration would allow the container to only reserve 128 MiB of memory from the remaining resources on the container instance, but also allow the container to consume more memory resources when needed.\n\nThe Docker 20.10.0 or later daemon reserves a minimum of 6 MiB of memory for a container. So, don't specify less than 6 MiB of memory for your containers.\n\nThe Docker 19.03.13-ce or earlier daemon reserves a minimum of 4 MiB of memory for a container. So, don't specify less than 4 MiB of memory for your containers.", - "title": "MemoryReservation", - "type": "number" - }, - "MountPoints": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.MountPoint" - }, - "markdownDescription": "The mount points for data volumes in your container.\n\nThis parameter maps to `Volumes` in the docker container create command and the `--volume` option to docker run.\n\nWindows containers can mount whole directories on the same drive as `$env:ProgramData` . Windows containers can't mount directories on a different drive, and mount point can't be across drives.", - "title": "MountPoints", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of a container. If you're linking multiple containers together in a task definition, the `name` of one container can be entered in the `links` of another container to connect the containers. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed. This parameter maps to `name` in the docker container create command and the `--name` option to docker run.", - "title": "Name", - "type": "string" - }, - "PortMappings": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.PortMapping" - }, - "markdownDescription": "The list of port mappings for the container. Port mappings allow containers to access ports on the host container instance to send or receive traffic.\n\nFor task definitions that use the `awsvpc` network mode, you should only specify the `containerPort` . The `hostPort` can be left blank or it must be the same value as the `containerPort` .\n\nPort mappings on Windows use the `NetNAT` gateway address rather than `localhost` . There is no loopback for port mappings on Windows, so you cannot access a container's mapped port from the host itself.\n\nThis parameter maps to `PortBindings` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--publish` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . If the network mode of a task definition is set to `none` , then you can't specify port mappings. If the network mode of a task definition is set to `host` , then host ports must either be undefined or they must match the container port in the port mapping.\n\n> After a task reaches the `RUNNING` status, manual and automatic host and container port assignments are visible in the *Network Bindings* section of a container description for a selected task in the Amazon ECS console. The assignments are also visible in the `networkBindings` section [DescribeTasks](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DescribeTasks.html) responses.", - "title": "PortMappings", - "type": "array" - }, - "Privileged": { - "markdownDescription": "When this parameter is true, the container is given elevated privileges on the host container instance (similar to the `root` user). This parameter maps to `Privileged` in the docker container create command and the `--privileged` option to docker run\n\n> This parameter is not supported for Windows containers or tasks run on AWS Fargate .", - "title": "Privileged", - "type": "boolean" - }, - "PseudoTerminal": { - "markdownDescription": "When this parameter is `true` , a TTY is allocated. This parameter maps to `Tty` in the docker container create command and the `--tty` option to docker run.", - "title": "PseudoTerminal", - "type": "boolean" - }, - "ReadonlyRootFilesystem": { - "markdownDescription": "When this parameter is true, the container is given read-only access to its root file system. This parameter maps to `ReadonlyRootfs` in the docker container create command and the `--read-only` option to docker run.\n\n> This parameter is not supported for Windows containers.", - "title": "ReadonlyRootFilesystem", - "type": "boolean" - }, - "RepositoryCredentials": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.RepositoryCredentials", - "markdownDescription": "The private repository authentication credentials to use.", - "title": "RepositoryCredentials" - }, - "ResourceRequirements": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.ResourceRequirement" - }, - "markdownDescription": "The type and amount of a resource to assign to a container. The only supported resource is a GPU.", - "title": "ResourceRequirements", - "type": "array" - }, - "Secrets": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.Secret" - }, - "markdownDescription": "The secrets to pass to the container. For more information, see [Specifying Sensitive Data](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "Secrets", - "type": "array" - }, - "StartTimeout": { - "markdownDescription": "Time duration (in seconds) to wait before giving up on resolving dependencies for a container. For example, you specify two containers in a task definition with containerA having a dependency on containerB reaching a `COMPLETE` , `SUCCESS` , or `HEALTHY` status. If a `startTimeout` value is specified for containerB and it doesn't reach the desired status within that time then containerA gives up and not start. This results in the task transitioning to a `STOPPED` state.\n\n> When the `ECS_CONTAINER_START_TIMEOUT` container agent configuration variable is used, it's enforced independently from this start timeout value. \n\nFor tasks using the Fargate launch type, the task or service requires the following platforms:\n\n- Linux platform version `1.3.0` or later.\n- Windows platform version `1.0.0` or later.\n\nFor tasks using the EC2 launch type, your container instances require at least version `1.26.0` of the container agent to use a container start timeout value. However, we recommend using the latest container agent version. For information about checking your agent version and updating to the latest version, see [Updating the Amazon ECS Container Agent](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-update.html) in the *Amazon Elastic Container Service Developer Guide* . If you're using an Amazon ECS-optimized Linux AMI, your instance needs at least version `1.26.0-1` of the `ecs-init` package. If your container instances are launched from version `20190301` or later, then they contain the required versions of the container agent and `ecs-init` . For more information, see [Amazon ECS-optimized Linux AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nThe valid values for Fargate are 2-120 seconds.", - "title": "StartTimeout", - "type": "number" - }, - "StopTimeout": { - "markdownDescription": "Time duration (in seconds) to wait before the container is forcefully killed if it doesn't exit normally on its own.\n\nFor tasks using the Fargate launch type, the task or service requires the following platforms:\n\n- Linux platform version `1.3.0` or later.\n- Windows platform version `1.0.0` or later.\n\nFor tasks that use the Fargate launch type, the max stop timeout value is 120 seconds and if the parameter is not specified, the default value of 30 seconds is used.\n\nFor tasks that use the EC2 launch type, if the `stopTimeout` parameter isn't specified, the value set for the Amazon ECS container agent configuration variable `ECS_CONTAINER_STOP_TIMEOUT` is used. If neither the `stopTimeout` parameter or the `ECS_CONTAINER_STOP_TIMEOUT` agent configuration variable are set, then the default values of 30 seconds for Linux containers and 30 seconds on Windows containers are used. Your container instances require at least version 1.26.0 of the container agent to use a container stop timeout value. However, we recommend using the latest container agent version. For information about checking your agent version and updating to the latest version, see [Updating the Amazon ECS Container Agent](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-update.html) in the *Amazon Elastic Container Service Developer Guide* . If you're using an Amazon ECS-optimized Linux AMI, your instance needs at least version 1.26.0-1 of the `ecs-init` package. If your container instances are launched from version `20190301` or later, then they contain the required versions of the container agent and `ecs-init` . For more information, see [Amazon ECS-optimized Linux AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nThe valid values for Fargate are 2-120 seconds.", - "title": "StopTimeout", - "type": "number" - }, - "SystemControls": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.SystemControl" - }, - "markdownDescription": "A list of namespaced kernel parameters to set in the container. This parameter maps to `Sysctls` in the docker container create command and the `--sysctl` option to docker run. For example, you can configure `net.ipv4.tcp_keepalive_time` setting to maintain longer lived connections.", - "title": "SystemControls", - "type": "array" + "Metadata": { + "type": "object" }, - "Ulimits": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.Ulimit" + "Properties": { + "additionalProperties": false, + "properties": { + "DeliverCrossAccountRole": { + "markdownDescription": "The ARN of the IAM role that allows the service to publish flow logs across accounts.", + "title": "DeliverCrossAccountRole", + "type": "string" + }, + "DeliverLogsPermissionArn": { + "markdownDescription": "The ARN of the IAM role that allows Amazon EC2 to publish flow logs to the log destination.\n\nThis parameter is required if the destination type is `cloud-watch-logs` , or if the destination type is `kinesis-data-firehose` and the delivery stream and the resources to monitor are in different accounts.", + "title": "DeliverLogsPermissionArn", + "type": "string" + }, + "DestinationOptions": { + "$ref": "#/definitions/AWS::EC2::FlowLog.DestinationOptions", + "markdownDescription": "The destination options.", + "title": "DestinationOptions" + }, + "LogDestination": { + "markdownDescription": "The destination for the flow log data. The meaning of this parameter depends on the destination type.\n\n- If the destination type is `cloud-watch-logs` , specify the ARN of a CloudWatch Logs log group. For example:\n\narn:aws:logs: *region* : *account_id* :log-group: *my_group*\n\nAlternatively, use the `LogGroupName` parameter.\n- If the destination type is `s3` , specify the ARN of an S3 bucket. For example:\n\narn:aws:s3::: *my_bucket* / *my_subfolder* /\n\nThe subfolder is optional. Note that you can't use `AWSLogs` as a subfolder name.\n- If the destination type is `kinesis-data-firehose` , specify the ARN of a Kinesis Data Firehose delivery stream. For example:\n\narn:aws:firehose: *region* : *account_id* :deliverystream: *my_stream*", + "title": "LogDestination", + "type": "string" + }, + "LogDestinationType": { + "markdownDescription": "The type of destination for the flow log data.\n\nDefault: `cloud-watch-logs`", + "title": "LogDestinationType", + "type": "string" + }, + "LogFormat": { + "markdownDescription": "The fields to include in the flow log record, in the order in which they should appear. If you omit this parameter, the flow log is created using the default format. If you specify this parameter, you must include at least one field. For more information about the available fields, see [Flow log records](https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html#flow-log-records) in the *Amazon VPC User Guide* or [Transit Gateway Flow Log records](https://docs.aws.amazon.com/vpc/latest/tgw/tgw-flow-logs.html#flow-log-records) in the *AWS Transit Gateway Guide* .\n\nSpecify the fields using the `${field-id}` format, separated by spaces.", + "title": "LogFormat", + "type": "string" + }, + "LogGroupName": { + "markdownDescription": "The name of a new or existing CloudWatch Logs log group where Amazon EC2 publishes your flow logs.\n\nThis parameter is valid only if the destination type is `cloud-watch-logs` .", + "title": "LogGroupName", + "type": "string" + }, + "MaxAggregationInterval": { + "markdownDescription": "The maximum interval of time during which a flow of packets is captured and aggregated into a flow log record. The possible values are 60 seconds (1 minute) or 600 seconds (10 minutes). This parameter must be 60 seconds for transit gateway resource types.\n\nWhen a network interface is attached to a [Nitro-based instance](https://docs.aws.amazon.com/ec2/latest/instancetypes/ec2-nitro-instances.html) , the aggregation interval is always 60 seconds or less, regardless of the value that you specify.\n\nDefault: 600", + "title": "MaxAggregationInterval", + "type": "number" + }, + "ResourceId": { + "markdownDescription": "The ID of the resource to monitor. For example, if the resource type is `VPC` , specify the ID of the VPC.", + "title": "ResourceId", + "type": "string" + }, + "ResourceType": { + "markdownDescription": "The type of resource to monitor.", + "title": "ResourceType", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to apply to the flow logs.", + "title": "Tags", + "type": "array" + }, + "TrafficType": { + "markdownDescription": "The type of traffic to monitor (accepted traffic, rejected traffic, or all traffic). This parameter is not supported for transit gateway resource types. It is required for the other resource types.", + "title": "TrafficType", + "type": "string" + } }, - "markdownDescription": "A list of `ulimits` to set in the container. This parameter maps to `Ulimits` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--ulimit` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . Valid naming values are displayed in the [Ulimit](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_Ulimit.html) data type. This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`\n\n> This parameter is not supported for Windows containers.", - "title": "Ulimits", - "type": "array" + "required": [ + "ResourceId", + "ResourceType" + ], + "type": "object" }, - "User": { - "markdownDescription": "The user to use inside the container. This parameter maps to `User` in the docker container create command and the `--user` option to docker run.\n\n> When running tasks using the `host` network mode, don't run containers using the root user (UID 0). We recommend using a non-root user for better security. \n\nYou can specify the `user` using the following formats. If specifying a UID or GID, you must specify it as a positive integer.\n\n- `user`\n- `user:group`\n- `uid`\n- `uid:gid`\n- `user:gid`\n- `uid:group`\n\n> This parameter is not supported for Windows containers.", - "title": "User", + "Type": { + "enum": [ + "AWS::EC2::FlowLog" + ], "type": "string" }, - "VolumesFrom": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.VolumeFrom" - }, - "markdownDescription": "Data volumes to mount from another container. This parameter maps to `VolumesFrom` in the docker container create command and the `--volumes-from` option to docker run.", - "title": "VolumesFrom", - "type": "array" - }, - "WorkingDirectory": { - "markdownDescription": "The working directory to run commands inside the container in. This parameter maps to `WorkingDir` in the docker container create command and the `--workdir` option to docker run.", - "title": "WorkingDirectory", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Image", - "Name" + "Type", + "Properties" ], "type": "object" }, - "AWS::ECS::TaskDefinition.ContainerDependency": { + "AWS::EC2::FlowLog.DestinationOptions": { "additionalProperties": false, "properties": { - "Condition": { - "markdownDescription": "The dependency condition of the container. The following are the available conditions and their behavior:\n\n- `START` - This condition emulates the behavior of links and volumes today. It validates that a dependent container is started before permitting other containers to start.\n- `COMPLETE` - This condition validates that a dependent container runs to completion (exits) before permitting other containers to start. This can be useful for nonessential containers that run a script and then exit. This condition can't be set on an essential container.\n- `SUCCESS` - This condition is the same as `COMPLETE` , but it also requires that the container exits with a `zero` status. This condition can't be set on an essential container.\n- `HEALTHY` - This condition validates that the dependent container passes its Docker health check before permitting other containers to start. This requires that the dependent container has health checks configured. This condition is confirmed only at task startup.", - "title": "Condition", + "FileFormat": { + "markdownDescription": "The format for the flow log. The default is `plain-text` .", + "title": "FileFormat", "type": "string" }, - "ContainerName": { - "markdownDescription": "The name of a container.", - "title": "ContainerName", - "type": "string" + "HiveCompatiblePartitions": { + "markdownDescription": "Indicates whether to use Hive-compatible prefixes for flow logs stored in Amazon S3. The default is `false` .", + "title": "HiveCompatiblePartitions", + "type": "boolean" + }, + "PerHourPartition": { + "markdownDescription": "Indicates whether to partition the flow log per hour. This reduces the cost and response time for queries. The default is `false` .", + "title": "PerHourPartition", + "type": "boolean" } }, + "required": [ + "FileFormat", + "HiveCompatiblePartitions", + "PerHourPartition" + ], "type": "object" }, - "AWS::ECS::TaskDefinition.Device": { + "AWS::EC2::GatewayRouteTableAssociation": { "additionalProperties": false, "properties": { - "ContainerPath": { - "markdownDescription": "The path inside the container at which to expose the host device.", - "title": "ContainerPath", + "Condition": { "type": "string" }, - "HostPath": { - "markdownDescription": "The path for the device on the host container instance.", - "title": "HostPath", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Permissions": { - "items": { - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "GatewayId": { + "markdownDescription": "The ID of the gateway.", + "title": "GatewayId", + "type": "string" + }, + "RouteTableId": { + "markdownDescription": "The ID of the route table.", + "title": "RouteTableId", + "type": "string" + } }, - "markdownDescription": "The explicit permissions to provide to the container for the device. By default, the container has permissions for `read` , `write` , and `mknod` for the device.", - "title": "Permissions", - "type": "array" + "required": [ + "GatewayId", + "RouteTableId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::EC2::GatewayRouteTableAssociation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::ECS::TaskDefinition.DockerVolumeConfiguration": { + "AWS::EC2::Host": { "additionalProperties": false, "properties": { - "Autoprovision": { - "markdownDescription": "If this value is `true` , the Docker volume is created if it doesn't already exist.\n\n> This field is only used if the `scope` is `shared` .", - "title": "Autoprovision", - "type": "boolean" + "Condition": { + "type": "string" }, - "Driver": { - "markdownDescription": "The Docker volume driver to use. The driver value must match the driver name provided by Docker because it is used for task placement. If the driver was installed using the Docker plugin CLI, use `docker plugin ls` to retrieve the driver name from your container instance. If the driver was installed using another method, use Docker plugin discovery to retrieve the driver name. This parameter maps to `Driver` in the docker container create command and the `xxdriver` option to docker volume create.", - "title": "Driver", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "DriverOpts": { - "additionalProperties": true, - "markdownDescription": "A map of Docker driver-specific options passed through. This parameter maps to `DriverOpts` in the docker create-volume command and the `xxopt` option to docker volume create.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" } - }, - "title": "DriverOpts", + ] + }, + "Metadata": { "type": "object" }, - "Labels": { - "additionalProperties": true, - "markdownDescription": "Custom metadata to add to your Docker volume. This parameter maps to `Labels` in the docker container create command and the `xxlabel` option to docker volume create.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { + "Properties": { + "additionalProperties": false, + "properties": { + "AssetId": { + "markdownDescription": "The ID of the Outpost hardware asset on which the Dedicated Host is allocated.", + "title": "AssetId", + "type": "string" + }, + "AutoPlacement": { + "markdownDescription": "Indicates whether the host accepts any untargeted instance launches that match its instance type configuration, or if it only accepts Host tenancy instance launches that specify its unique host ID. For more information, see [Understanding auto-placement and affinity](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/how-dedicated-hosts-work.html#dedicated-hosts-understanding) in the *Amazon EC2 User Guide* .\n\nDefault: `off`", + "title": "AutoPlacement", + "type": "string" + }, + "AvailabilityZone": { + "markdownDescription": "The Availability Zone in which to allocate the Dedicated Host.", + "title": "AvailabilityZone", + "type": "string" + }, + "HostMaintenance": { + "markdownDescription": "Indicates whether host maintenance is enabled or disabled for the Dedicated Host.", + "title": "HostMaintenance", + "type": "string" + }, + "HostRecovery": { + "markdownDescription": "Indicates whether to enable or disable host recovery for the Dedicated Host. Host recovery is disabled by default. For more information, see [Host recovery](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-hosts-recovery.html) in the *Amazon EC2 User Guide* .\n\nDefault: `off`", + "title": "HostRecovery", + "type": "string" + }, + "InstanceFamily": { + "markdownDescription": "The instance family supported by the Dedicated Host. For example, `m5` .", + "title": "InstanceFamily", + "type": "string" + }, + "InstanceType": { + "markdownDescription": "Specifies the instance type to be supported by the Dedicated Hosts. If you specify an instance type, the Dedicated Hosts support instances of the specified instance type only.", + "title": "InstanceType", + "type": "string" + }, + "OutpostArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Outpost on which the Dedicated Host is allocated.", + "title": "OutpostArn", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Any tags assigned to the Dedicated Host.", + "title": "Tags", + "type": "array" } }, - "title": "Labels", + "required": [ + "AvailabilityZone" + ], "type": "object" }, - "Scope": { - "markdownDescription": "The scope for the Docker volume that determines its lifecycle. Docker volumes that are scoped to a `task` are automatically provisioned when the task starts and destroyed when the task stops. Docker volumes that are scoped as `shared` persist after the task stops.", - "title": "Scope", + "Type": { + "enum": [ + "AWS::EC2::Host" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::ECS::TaskDefinition.EFSVolumeConfiguration": { + "AWS::EC2::IPAM": { "additionalProperties": false, "properties": { - "AuthorizationConfig": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.AuthorizationConfig", - "markdownDescription": "The authorization configuration details for the Amazon EFS file system.", - "title": "AuthorizationConfig" - }, - "FilesystemId": { - "markdownDescription": "The Amazon EFS file system ID to use.", - "title": "FilesystemId", + "Condition": { "type": "string" }, - "RootDirectory": { - "markdownDescription": "The directory within the Amazon EFS file system to mount as the root directory inside the host. If this parameter is omitted, the root of the Amazon EFS volume will be used. Specifying `/` will have the same effect as omitting this parameter.\n\n> If an EFS access point is specified in the `authorizationConfig` , the root directory parameter must either be omitted or set to `/` which will enforce the path set on the EFS access point.", - "title": "RootDirectory", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "TransitEncryption": { - "markdownDescription": "Determines whether to use encryption for Amazon EFS data in transit between the Amazon ECS host and the Amazon EFS server. Transit encryption must be turned on if Amazon EFS IAM authorization is used. If this parameter is omitted, the default value of `DISABLED` is used. For more information, see [Encrypting data in transit](https://docs.aws.amazon.com/efs/latest/ug/encryption-in-transit.html) in the *Amazon Elastic File System User Guide* .", - "title": "TransitEncryption", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DefaultResourceDiscoveryOrganizationalUnitExclusions": { + "items": { + "$ref": "#/definitions/AWS::EC2::IPAM.IpamOrganizationalUnitExclusion" + }, + "markdownDescription": "If your IPAM is integrated with AWS Organizations, you can exclude an [organizational unit (OU)](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html#organizationalunit) from being managed by IPAM. When you exclude an OU, IPAM will not manage the IP addresses in accounts in that OU. For more information, see [Exclude organizational units from IPAM](https://docs.aws.amazon.com/vpc/latest/ipam/exclude-ous.html) in the *Amazon Virtual Private Cloud IP Address Manager User Guide* .", + "title": "DefaultResourceDiscoveryOrganizationalUnitExclusions", + "type": "array" + }, + "Description": { + "markdownDescription": "The description for the IPAM.", + "title": "Description", + "type": "string" + }, + "EnablePrivateGua": { + "markdownDescription": "Enable this option to use your own GUA ranges as private IPv6 addresses. This option is disabled by default.", + "title": "EnablePrivateGua", + "type": "boolean" + }, + "MeteredAccount": { + "markdownDescription": "A metered account is an AWS account that is charged for active IP addresses managed in IPAM. For more information, see [Enable cost distribution](https://docs.aws.amazon.com/vpc/latest/ipam/ipam-enable-cost-distro.html) in the *Amazon VPC IPAM User Guide* .\n\nPossible values:\n\n- `ipam-owner` (default): The AWS account which owns the IPAM is charged for all active IP addresses managed in IPAM.\n- `resource-owner` : The AWS account that owns the IP address is charged for the active IP address.", + "title": "MeteredAccount", + "type": "string" + }, + "OperatingRegions": { + "items": { + "$ref": "#/definitions/AWS::EC2::IPAM.IpamOperatingRegion" + }, + "markdownDescription": "The operating Regions for an IPAM. Operating Regions are AWS Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only discovers and monitors resources in the AWS Regions you select as operating Regions.\n\nFor more information about operating Regions, see [Create an IPAM](https://docs.aws.amazon.com//vpc/latest/ipam/create-ipam.html) in the *Amazon VPC IPAM User Guide* .", + "title": "OperatingRegions", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key `Owner` and the value `TeamA` , specify `tag:Owner` for the filter name and `TeamA` for the filter value.", + "title": "Tags", + "type": "array" + }, + "Tier": { + "markdownDescription": "IPAM is offered in a Free Tier and an Advanced Tier. For more information about the features available in each tier and the costs associated with the tiers, see the [VPC IPAM product pricing page](https://docs.aws.amazon.com//vpc/pricing/) .", + "title": "Tier", + "type": "string" + } + }, + "type": "object" }, - "TransitEncryptionPort": { - "markdownDescription": "The port to use when sending encrypted data between the Amazon ECS host and the Amazon EFS server. If you do not specify a transit encryption port, it will use the port selection strategy that the Amazon EFS mount helper uses. For more information, see [EFS mount helper](https://docs.aws.amazon.com/efs/latest/ug/efs-mount-helper.html) in the *Amazon Elastic File System User Guide* .", - "title": "TransitEncryptionPort", - "type": "number" - } - }, - "required": [ - "FilesystemId" - ], - "type": "object" - }, - "AWS::ECS::TaskDefinition.EnvironmentFile": { - "additionalProperties": false, - "properties": { "Type": { - "markdownDescription": "The file type to use. Environment files are objects in Amazon S3. The only supported value is `s3` .", - "title": "Type", + "enum": [ + "AWS::EC2::IPAM" + ], "type": "string" }, - "Value": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon S3 object containing the environment variable file.", - "title": "Value", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::ECS::TaskDefinition.EphemeralStorage": { - "additionalProperties": false, - "properties": { - "SizeInGiB": { - "markdownDescription": "The total amount, in GiB, of ephemeral storage to set for the task. The minimum supported value is `21` GiB and the maximum supported value is `200` GiB.", - "title": "SizeInGiB", - "type": "number" - } - }, - "type": "object" - }, - "AWS::ECS::TaskDefinition.FSxAuthorizationConfig": { + "AWS::EC2::IPAM.IpamOperatingRegion": { "additionalProperties": false, "properties": { - "CredentialsParameter": { - "markdownDescription": "The authorization credential option to use. The authorization credential options can be provided using either the Amazon Resource Name (ARN) of an AWS Secrets Manager secret or SSM Parameter Store parameter. The ARN refers to the stored credentials.", - "title": "CredentialsParameter", - "type": "string" - }, - "Domain": { - "markdownDescription": "A fully qualified domain name hosted by an [AWS Directory Service](https://docs.aws.amazon.com/directoryservice/latest/admin-guide/directory_microsoft_ad.html) Managed Microsoft AD (Active Directory) or self-hosted AD on Amazon EC2.", - "title": "Domain", + "RegionName": { + "markdownDescription": "The name of the operating Region.", + "title": "RegionName", "type": "string" } }, "required": [ - "CredentialsParameter", - "Domain" + "RegionName" ], "type": "object" }, - "AWS::ECS::TaskDefinition.FSxWindowsFileServerVolumeConfiguration": { + "AWS::EC2::IPAM.IpamOrganizationalUnitExclusion": { "additionalProperties": false, "properties": { - "AuthorizationConfig": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.FSxAuthorizationConfig", - "markdownDescription": "The authorization configuration details for the Amazon FSx for Windows File Server file system.", - "title": "AuthorizationConfig" - }, - "FileSystemId": { - "markdownDescription": "The Amazon FSx for Windows File Server file system ID to use.", - "title": "FileSystemId", - "type": "string" - }, - "RootDirectory": { - "markdownDescription": "The directory within the Amazon FSx for Windows File Server file system to mount as the root directory inside the host.", - "title": "RootDirectory", + "OrganizationsEntityPath": { + "markdownDescription": "An AWS Organizations entity path. For more information on the entity path, see [Understand the AWS Organizations entity path](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_last-accessed-view-data-orgs.html#access_policies_access-advisor-viewing-orgs-entity-path) in the *AWS Identity and Access Management User Guide* .", + "title": "OrganizationsEntityPath", "type": "string" } }, "required": [ - "FileSystemId", - "RootDirectory" + "OrganizationsEntityPath" ], "type": "object" }, - "AWS::ECS::TaskDefinition.FirelensConfiguration": { + "AWS::EC2::IPAMAllocation": { "additionalProperties": false, "properties": { - "Options": { - "additionalProperties": true, - "markdownDescription": "The options to use when configuring the log router. This field is optional and can be used to add additional metadata, such as the task, task definition, cluster, and container instance details to the log event.\n\nIf specified, valid option keys are:\n\n- `enable-ecs-log-metadata` , which can be `true` or `false`\n- `config-file-type` , which can be `s3` or `file`\n- `config-file-value` , which is either an S3 ARN or a file path", - "patternProperties": { - "^[a-zA-Z0-9]+$": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Cidr": { + "markdownDescription": "The CIDR you would like to allocate from the IPAM pool. Note the following:\n\n- If there is no DefaultNetmaskLength allocation rule set on the pool, you must specify either the NetmaskLength or the CIDR.\n- If the DefaultNetmaskLength allocation rule is set on the pool, you can specify either the NetmaskLength or the CIDR and the DefaultNetmaskLength allocation rule will be ignored.\n\nPossible values: Any available IPv4 or IPv6 CIDR.", + "title": "Cidr", + "type": "string" + }, + "Description": { + "markdownDescription": "A description for the allocation.", + "title": "Description", + "type": "string" + }, + "IpamPoolId": { + "markdownDescription": "The ID of the IPAM pool from which you would like to allocate a CIDR.", + "title": "IpamPoolId", "type": "string" + }, + "NetmaskLength": { + "markdownDescription": "The netmask length of the CIDR you would like to allocate from the IPAM pool. Note the following:\n\n- If there is no DefaultNetmaskLength allocation rule set on the pool, you must specify either the NetmaskLength or the CIDR.\n- If the DefaultNetmaskLength allocation rule is set on the pool, you can specify either the NetmaskLength or the CIDR and the DefaultNetmaskLength allocation rule will be ignored.\n\nPossible netmask lengths for IPv4 addresses are 0 - 32. Possible netmask lengths for IPv6 addresses are 0 - 128.", + "title": "NetmaskLength", + "type": "number" } }, - "title": "Options", + "required": [ + "IpamPoolId" + ], "type": "object" }, "Type": { - "markdownDescription": "The log router to use. The valid values are `fluentd` or `fluentbit` .", - "title": "Type", + "enum": [ + "AWS::EC2::IPAMAllocation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::ECS::TaskDefinition.HealthCheck": { + "AWS::EC2::IPAMPool": { "additionalProperties": false, "properties": { - "Command": { - "items": { - "type": "string" - }, - "markdownDescription": "A string array representing the command that the container runs to determine if it is healthy. The string array must start with `CMD` to run the command arguments directly, or `CMD-SHELL` to run the command with the container's default shell.\n\nWhen you use the AWS Management Console JSON panel, the AWS Command Line Interface , or the APIs, enclose the list of commands in double quotes and brackets.\n\n`[ \"CMD-SHELL\", \"curl -f http://localhost/ || exit 1\" ]`\n\nYou don't include the double quotes and brackets when you use the AWS Management Console.\n\n`CMD-SHELL, curl -f http://localhost/ || exit 1`\n\nAn exit code of 0 indicates success, and non-zero exit code indicates failure. For more information, see `HealthCheck` in the docker container create command.", - "title": "Command", - "type": "array" + "Condition": { + "type": "string" }, - "Interval": { - "markdownDescription": "The time period in seconds between each health check execution. You may specify between 5 and 300 seconds. The default value is 30 seconds. This value applies only when you specify a `command` .", - "title": "Interval", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Retries": { - "markdownDescription": "The number of times to retry a failed health check before the container is considered unhealthy. You may specify between 1 and 10 retries. The default value is 3. This value applies only when you specify a `command` .", - "title": "Retries", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "StartPeriod": { - "markdownDescription": "The optional grace period to provide containers time to bootstrap before failed health checks count towards the maximum number of retries. You can specify between 0 and 300 seconds. By default, the `startPeriod` is off. This value applies only when you specify a `command` .\n\n> If a health check succeeds within the `startPeriod` , then the container is considered healthy and any subsequent failures count toward the maximum number of retries.", - "title": "StartPeriod", - "type": "number" + "Metadata": { + "type": "object" }, - "Timeout": { - "markdownDescription": "The time period in seconds to wait for a health check to succeed before it is considered a failure. You may specify between 2 and 60 seconds. The default value is 5. This value applies only when you specify a `command` .", - "title": "Timeout", - "type": "number" - } - }, - "type": "object" - }, - "AWS::ECS::TaskDefinition.HostEntry": { - "additionalProperties": false, - "properties": { - "Hostname": { - "markdownDescription": "The hostname to use in the `/etc/hosts` entry.", - "title": "Hostname", + "Properties": { + "additionalProperties": false, + "properties": { + "AddressFamily": { + "markdownDescription": "The address family of the pool.", + "title": "AddressFamily", + "type": "string" + }, + "AllocationDefaultNetmaskLength": { + "markdownDescription": "The default netmask length for allocations added to this pool. If, for example, the CIDR assigned to this pool is 10.0.0.0/8 and you enter 16 here, new allocations will default to 10.0.0.0/16.", + "title": "AllocationDefaultNetmaskLength", + "type": "number" + }, + "AllocationMaxNetmaskLength": { + "markdownDescription": "The maximum netmask length possible for CIDR allocations in this IPAM pool to be compliant. The maximum netmask length must be greater than the minimum netmask length. Possible netmask lengths for IPv4 addresses are 0 - 32. Possible netmask lengths for IPv6 addresses are 0 - 128.", + "title": "AllocationMaxNetmaskLength", + "type": "number" + }, + "AllocationMinNetmaskLength": { + "markdownDescription": "The minimum netmask length required for CIDR allocations in this IPAM pool to be compliant. The minimum netmask length must be less than the maximum netmask length. Possible netmask lengths for IPv4 addresses are 0 - 32. Possible netmask lengths for IPv6 addresses are 0 - 128.", + "title": "AllocationMinNetmaskLength", + "type": "number" + }, + "AllocationResourceTags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags that are required for resources that use CIDRs from this IPAM pool. Resources that do not have these tags will not be allowed to allocate space from the pool. If the resources have their tags changed after they have allocated space or if the allocation tagging requirements are changed on the pool, the resource may be marked as noncompliant.", + "title": "AllocationResourceTags", + "type": "array" + }, + "AutoImport": { + "markdownDescription": "If selected, IPAM will continuously look for resources within the CIDR range of this pool and automatically import them as allocations into your IPAM. The CIDRs that will be allocated for these resources must not already be allocated to other resources in order for the import to succeed. IPAM will import a CIDR regardless of its compliance with the pool's allocation rules, so a resource might be imported and subsequently marked as noncompliant. If IPAM discovers multiple CIDRs that overlap, IPAM will import the largest CIDR only. If IPAM discovers multiple CIDRs with matching CIDRs, IPAM will randomly import one of them only.\n\nA locale must be set on the pool for this feature to work.", + "title": "AutoImport", + "type": "boolean" + }, + "AwsService": { + "markdownDescription": "Limits which service in AWS that the pool can be used in. \"ec2\", for example, allows users to use space for Elastic IP addresses and VPCs.", + "title": "AwsService", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the IPAM pool.", + "title": "Description", + "type": "string" + }, + "IpamScopeId": { + "markdownDescription": "The ID of the scope in which you would like to create the IPAM pool.", + "title": "IpamScopeId", + "type": "string" + }, + "Locale": { + "markdownDescription": "The locale of the IPAM pool.\n\nThe locale for the pool should be one of the following:\n\n- An AWS Region where you want this IPAM pool to be available for allocations.\n- The network border group for an AWS Local Zone where you want this IPAM pool to be available for allocations ( [supported Local Zones](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-byoip.html#byoip-zone-avail) ). This option is only available for IPAM IPv4 pools in the public scope.\n\nIf you choose an AWS Region for locale that has not been configured as an operating Region for the IPAM, you'll get an error.", + "title": "Locale", + "type": "string" + }, + "ProvisionedCidrs": { + "items": { + "$ref": "#/definitions/AWS::EC2::IPAMPool.ProvisionedCidr" + }, + "markdownDescription": "Information about the CIDRs provisioned to an IPAM pool.", + "title": "ProvisionedCidrs", + "type": "array" + }, + "PublicIpSource": { + "markdownDescription": "The IP address source for pools in the public scope. Only used for provisioning IP address CIDRs to pools in the public scope. Default is `BYOIP` . For more information, see [Create IPv6 pools](https://docs.aws.amazon.com//vpc/latest/ipam/intro-create-ipv6-pools.html) in the *Amazon VPC IPAM User Guide* . By default, you can add only one Amazon-provided IPv6 CIDR block to a top-level IPv6 pool. For information on increasing the default limit, see [Quotas for your IPAM](https://docs.aws.amazon.com//vpc/latest/ipam/quotas-ipam.html) in the *Amazon VPC IPAM User Guide* .", + "title": "PublicIpSource", + "type": "string" + }, + "PubliclyAdvertisable": { + "markdownDescription": "Determines if a pool is publicly advertisable. This option is not available for pools with AddressFamily set to `ipv4` .", + "title": "PubliclyAdvertisable", + "type": "boolean" + }, + "SourceIpamPoolId": { + "markdownDescription": "The ID of the source IPAM pool. You can use this option to create an IPAM pool within an existing source pool.", + "title": "SourceIpamPoolId", + "type": "string" + }, + "SourceResource": { + "$ref": "#/definitions/AWS::EC2::IPAMPool.SourceResource", + "markdownDescription": "The resource used to provision CIDRs to a resource planning pool.", + "title": "SourceResource" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key `Owner` and the value `TeamA` , specify `tag:Owner` for the filter name and `TeamA` for the filter value.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "AddressFamily", + "IpamScopeId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::EC2::IPAMPool" + ], "type": "string" }, - "IpAddress": { - "markdownDescription": "The IP address to use in the `/etc/hosts` entry.", - "title": "IpAddress", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::ECS::TaskDefinition.HostVolumeProperties": { + "AWS::EC2::IPAMPool.ProvisionedCidr": { "additionalProperties": false, "properties": { - "SourcePath": { - "markdownDescription": "When the `host` parameter is used, specify a `sourcePath` to declare the path on the host container instance that's presented to the container. If this parameter is empty, then the Docker daemon has assigned a host path for you. If the `host` parameter contains a `sourcePath` file location, then the data volume persists at the specified location on the host container instance until you delete it manually. If the `sourcePath` value doesn't exist on the host container instance, the Docker daemon creates it. If the location does exist, the contents of the source path folder are exported.\n\nIf you're using the Fargate launch type, the `sourcePath` parameter is not supported.", - "title": "SourcePath", + "Cidr": { + "markdownDescription": "The CIDR provisioned to the IPAM pool. A CIDR is a representation of an IP address and its associated network mask (or netmask) and refers to a range of IP addresses. An IPv4 CIDR example is `10.24.34.0/23` . An IPv6 CIDR example is `2001:DB8::/32` .", + "title": "Cidr", "type": "string" } }, + "required": [ + "Cidr" + ], "type": "object" }, - "AWS::ECS::TaskDefinition.InferenceAccelerator": { + "AWS::EC2::IPAMPool.SourceResource": { "additionalProperties": false, "properties": { - "DeviceName": { - "markdownDescription": "The Elastic Inference accelerator device name. The `deviceName` must also be referenced in a container definition as a [ResourceRequirement](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ResourceRequirement.html) .", - "title": "DeviceName", + "ResourceId": { + "markdownDescription": "The source resource ID.", + "title": "ResourceId", "type": "string" }, - "DeviceType": { - "markdownDescription": "The Elastic Inference accelerator type to use.", - "title": "DeviceType", + "ResourceOwner": { + "markdownDescription": "The source resource owner.", + "title": "ResourceOwner", "type": "string" - } - }, - "type": "object" - }, - "AWS::ECS::TaskDefinition.KernelCapabilities": { - "additionalProperties": false, - "properties": { - "Add": { - "items": { - "type": "string" - }, - "markdownDescription": "The Linux capabilities for the container that have been added to the default configuration provided by Docker. This parameter maps to `CapAdd` in the docker container create command and the `--cap-add` option to docker run.\n\n> Tasks launched on AWS Fargate only support adding the `SYS_PTRACE` kernel capability. \n\nValid values: `\"ALL\" | \"AUDIT_CONTROL\" | \"AUDIT_WRITE\" | \"BLOCK_SUSPEND\" | \"CHOWN\" | \"DAC_OVERRIDE\" | \"DAC_READ_SEARCH\" | \"FOWNER\" | \"FSETID\" | \"IPC_LOCK\" | \"IPC_OWNER\" | \"KILL\" | \"LEASE\" | \"LINUX_IMMUTABLE\" | \"MAC_ADMIN\" | \"MAC_OVERRIDE\" | \"MKNOD\" | \"NET_ADMIN\" | \"NET_BIND_SERVICE\" | \"NET_BROADCAST\" | \"NET_RAW\" | \"SETFCAP\" | \"SETGID\" | \"SETPCAP\" | \"SETUID\" | \"SYS_ADMIN\" | \"SYS_BOOT\" | \"SYS_CHROOT\" | \"SYS_MODULE\" | \"SYS_NICE\" | \"SYS_PACCT\" | \"SYS_PTRACE\" | \"SYS_RAWIO\" | \"SYS_RESOURCE\" | \"SYS_TIME\" | \"SYS_TTY_CONFIG\" | \"SYSLOG\" | \"WAKE_ALARM\"`", - "title": "Add", - "type": "array" }, - "Drop": { - "items": { - "type": "string" - }, - "markdownDescription": "The Linux capabilities for the container that have been removed from the default configuration provided by Docker. This parameter maps to `CapDrop` in the docker container create command and the `--cap-drop` option to docker run.\n\nValid values: `\"ALL\" | \"AUDIT_CONTROL\" | \"AUDIT_WRITE\" | \"BLOCK_SUSPEND\" | \"CHOWN\" | \"DAC_OVERRIDE\" | \"DAC_READ_SEARCH\" | \"FOWNER\" | \"FSETID\" | \"IPC_LOCK\" | \"IPC_OWNER\" | \"KILL\" | \"LEASE\" | \"LINUX_IMMUTABLE\" | \"MAC_ADMIN\" | \"MAC_OVERRIDE\" | \"MKNOD\" | \"NET_ADMIN\" | \"NET_BIND_SERVICE\" | \"NET_BROADCAST\" | \"NET_RAW\" | \"SETFCAP\" | \"SETGID\" | \"SETPCAP\" | \"SETUID\" | \"SYS_ADMIN\" | \"SYS_BOOT\" | \"SYS_CHROOT\" | \"SYS_MODULE\" | \"SYS_NICE\" | \"SYS_PACCT\" | \"SYS_PTRACE\" | \"SYS_RAWIO\" | \"SYS_RESOURCE\" | \"SYS_TIME\" | \"SYS_TTY_CONFIG\" | \"SYSLOG\" | \"WAKE_ALARM\"`", - "title": "Drop", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ECS::TaskDefinition.KeyValuePair": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the key-value pair. For environment variables, this is the name of the environment variable.", - "title": "Name", + "ResourceRegion": { + "markdownDescription": "The source resource Region.", + "title": "ResourceRegion", "type": "string" }, - "Value": { - "markdownDescription": "The value of the key-value pair. For environment variables, this is the value of the environment variable.", - "title": "Value", + "ResourceType": { + "markdownDescription": "The source resource type.", + "title": "ResourceType", "type": "string" } }, + "required": [ + "ResourceId", + "ResourceOwner", + "ResourceRegion", + "ResourceType" + ], "type": "object" }, - "AWS::ECS::TaskDefinition.LinuxParameters": { + "AWS::EC2::IPAMPoolCidr": { "additionalProperties": false, "properties": { - "Capabilities": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.KernelCapabilities", - "markdownDescription": "The Linux capabilities for the container that are added to or dropped from the default configuration provided by Docker.\n\n> For tasks that use the Fargate launch type, `capabilities` is supported for all platform versions but the `add` parameter is only supported if using platform version 1.4.0 or later.", - "title": "Capabilities" - }, - "Devices": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.Device" - }, - "markdownDescription": "Any host devices to expose to the container. This parameter maps to `Devices` in the docker container create command and the `--device` option to docker run.\n\n> If you're using tasks that use the Fargate launch type, the `devices` parameter isn't supported.", - "title": "Devices", - "type": "array" - }, - "InitProcessEnabled": { - "markdownDescription": "Run an `init` process inside the container that forwards signals and reaps processes. This parameter maps to the `--init` option to docker run. This parameter requires version 1.25 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`", - "title": "InitProcessEnabled", - "type": "boolean" - }, - "MaxSwap": { - "markdownDescription": "The total amount of swap memory (in MiB) a container can use. This parameter will be translated to the `--memory-swap` option to docker run where the value would be the sum of the container memory plus the `maxSwap` value.\n\nIf a `maxSwap` value of `0` is specified, the container will not use swap. Accepted values are `0` or any positive integer. If the `maxSwap` parameter is omitted, the container will use the swap configuration for the container instance it is running on. A `maxSwap` value must be set for the `swappiness` parameter to be used.\n\n> If you're using tasks that use the Fargate launch type, the `maxSwap` parameter isn't supported.\n> \n> If you're using tasks on Amazon Linux 2023 the `swappiness` parameter isn't supported.", - "title": "MaxSwap", - "type": "number" + "Condition": { + "type": "string" }, - "SharedMemorySize": { - "markdownDescription": "The value for the size (in MiB) of the `/dev/shm` volume. This parameter maps to the `--shm-size` option to docker run.\n\n> If you are using tasks that use the Fargate launch type, the `sharedMemorySize` parameter is not supported.", - "title": "SharedMemorySize", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Swappiness": { - "markdownDescription": "This allows you to tune a container's memory swappiness behavior. A `swappiness` value of `0` will cause swapping to not happen unless absolutely necessary. A `swappiness` value of `100` will cause pages to be swapped very aggressively. Accepted values are whole numbers between `0` and `100` . If the `swappiness` parameter is not specified, a default value of `60` is used. If a value is not specified for `maxSwap` then this parameter is ignored. This parameter maps to the `--memory-swappiness` option to docker run.\n\n> If you're using tasks that use the Fargate launch type, the `swappiness` parameter isn't supported.\n> \n> If you're using tasks on Amazon Linux 2023 the `swappiness` parameter isn't supported.", - "title": "Swappiness", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Tmpfs": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.Tmpfs" - }, - "markdownDescription": "The container path, mount options, and size (in MiB) of the tmpfs mount. This parameter maps to the `--tmpfs` option to docker run.\n\n> If you're using tasks that use the Fargate launch type, the `tmpfs` parameter isn't supported.", - "title": "Tmpfs", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ECS::TaskDefinition.LogConfiguration": { - "additionalProperties": false, - "properties": { - "LogDriver": { - "markdownDescription": "The log driver to use for the container.\n\nFor tasks on AWS Fargate , the supported log drivers are `awslogs` , `splunk` , and `awsfirelens` .\n\nFor tasks hosted on Amazon EC2 instances, the supported log drivers are `awslogs` , `fluentd` , `gelf` , `json-file` , `journald` , `syslog` , `splunk` , and `awsfirelens` .\n\nFor more information about using the `awslogs` log driver, see [Send Amazon ECS logs to CloudWatch](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_awslogs.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nFor more information about using the `awsfirelens` log driver, see [Send Amazon ECS logs to an AWS service or AWS Partner](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html) .\n\n> If you have a custom driver that isn't listed, you can fork the Amazon ECS container agent project that's [available on GitHub](https://docs.aws.amazon.com/https://github.com/aws/amazon-ecs-agent) and customize it to work with that driver. We encourage you to submit pull requests for changes that you would like to have included. However, we don't currently provide support for running modified copies of this software.", - "title": "LogDriver", - "type": "string" + "Metadata": { + "type": "object" }, - "Options": { - "additionalProperties": true, - "markdownDescription": "The configuration options to send to the log driver.\n\nThe options you can specify depend on the log driver. Some of the options you can specify when you use the `awslogs` log driver to route logs to Amazon CloudWatch include the following:\n\n- **awslogs-create-group** - Required: No\n\nSpecify whether you want the log group to be created automatically. If this option isn't specified, it defaults to `false` .\n\n> Your IAM policy must include the `logs:CreateLogGroup` permission before you attempt to use `awslogs-create-group` .\n- **awslogs-region** - Required: Yes\n\nSpecify the AWS Region that the `awslogs` log driver is to send your Docker logs to. You can choose to send all of your logs from clusters in different Regions to a single region in CloudWatch Logs. This is so that they're all visible in one location. Otherwise, you can separate them by Region for more granularity. Make sure that the specified log group exists in the Region that you specify with this option.\n- **awslogs-group** - Required: Yes\n\nMake sure to specify a log group that the `awslogs` log driver sends its log streams to.\n- **awslogs-stream-prefix** - Required: Yes, when using Fargate.Optional when using EC2.\n\nUse the `awslogs-stream-prefix` option to associate a log stream with the specified prefix, the container name, and the ID of the Amazon ECS task that the container belongs to. If you specify a prefix with this option, then the log stream takes the format `prefix-name/container-name/ecs-task-id` .\n\nIf you don't specify a prefix with this option, then the log stream is named after the container ID that's assigned by the Docker daemon on the container instance. Because it's difficult to trace logs back to the container that sent them with just the Docker container ID (which is only available on the container instance), we recommend that you specify a prefix with this option.\n\nFor Amazon ECS services, you can use the service name as the prefix. Doing so, you can trace log streams to the service that the container belongs to, the name of the container that sent them, and the ID of the task that the container belongs to.\n\nYou must specify a stream-prefix for your logs to have your logs appear in the Log pane when using the Amazon ECS console.\n- **awslogs-datetime-format** - Required: No\n\nThis option defines a multiline start pattern in Python `strftime` format. A log message consists of a line that matches the pattern and any following lines that don\u2019t match the pattern. The matched line is the delimiter between log messages.\n\nOne example of a use case for using this format is for parsing output such as a stack dump, which might otherwise be logged in multiple entries. The correct pattern allows it to be captured in a single entry.\n\nFor more information, see [awslogs-datetime-format](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/awslogs/#awslogs-datetime-format) .\n\nYou cannot configure both the `awslogs-datetime-format` and `awslogs-multiline-pattern` options.\n\n> Multiline logging performs regular expression parsing and matching of all log messages. This might have a negative impact on logging performance.\n- **awslogs-multiline-pattern** - Required: No\n\nThis option defines a multiline start pattern that uses a regular expression. A log message consists of a line that matches the pattern and any following lines that don\u2019t match the pattern. The matched line is the delimiter between log messages.\n\nFor more information, see [awslogs-multiline-pattern](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/awslogs/#awslogs-multiline-pattern) .\n\nThis option is ignored if `awslogs-datetime-format` is also configured.\n\nYou cannot configure both the `awslogs-datetime-format` and `awslogs-multiline-pattern` options.\n\n> Multiline logging performs regular expression parsing and matching of all log messages. This might have a negative impact on logging performance.\n\nThe following options apply to all supported log drivers.\n\n- **mode** - Required: No\n\nValid values: `non-blocking` | `blocking`\n\nThis option defines the delivery mode of log messages from the container to the log driver specified using `logDriver` . The delivery mode you choose affects application availability when the flow of logs from container is interrupted.\n\nIf you use the `blocking` mode and the flow of logs is interrupted, calls from container code to write to the `stdout` and `stderr` streams will block. The logging thread of the application will block as a result. This may cause the application to become unresponsive and lead to container healthcheck failure.\n\nIf you use the `non-blocking` mode, the container's logs are instead stored in an in-memory intermediate buffer configured with the `max-buffer-size` option. This prevents the application from becoming unresponsive when logs cannot be sent. We recommend using this mode if you want to ensure service availability and are okay with some log loss. For more information, see [Preventing log loss with non-blocking mode in the `awslogs` container log driver](https://docs.aws.amazon.com/containers/preventing-log-loss-with-non-blocking-mode-in-the-awslogs-container-log-driver/) .\n\nYou can set a default `mode` for all containers in a specific AWS Region by using the `defaultLogDriverMode` account setting. If you don't specify the `mode` option or configure the account setting, Amazon ECS will default to the `blocking` mode. For more information about the account setting, see [Default log driver mode](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-account-settings.html#default-log-driver-mode) in the *Amazon Elastic Container Service Developer Guide* .\n\n> On June 25, 2025, Amazon ECS is changing the default log driver mode from `blocking` to `non-blocking` to prioritize task availability over logging. To continue using the `blocking` mode after this change, do one of the following:\n> \n> - Set the `mode` option in your container definition's `logConfiguration` as `blocking` .\n> - Set the `defaultLogDriverMode` account setting to `blocking` .\n- **max-buffer-size** - Required: No\n\nDefault value: `1m`\n\nWhen `non-blocking` mode is used, the `max-buffer-size` log option controls the size of the buffer that's used for intermediate message storage. Make sure to specify an adequate buffer size based on your application. When the buffer fills up, further logs cannot be stored. Logs that cannot be stored are lost.\n\nTo route logs using the `splunk` log router, you need to specify a `splunk-token` and a `splunk-url` .\n\nWhen you use the `awsfirelens` log router to route logs to an AWS Service or AWS Partner Network destination for log storage and analytics, you can set the `log-driver-buffer-limit` option to limit the number of events that are buffered in memory, before being sent to the log router container. It can help to resolve potential log loss issue because high throughput might result in memory running out for the buffer inside of Docker.\n\nOther options you can specify when using `awsfirelens` to route logs depend on the destination. When you export logs to Amazon Data Firehose, you can specify the AWS Region with `region` and a name for the log stream with `delivery_stream` .\n\nWhen you export logs to Amazon Kinesis Data Streams, you can specify an AWS Region with `region` and a data stream name with `stream` .\n\nWhen you export logs to Amazon OpenSearch Service, you can specify options like `Name` , `Host` (OpenSearch Service endpoint without protocol), `Port` , `Index` , `Type` , `Aws_auth` , `Aws_region` , `Suppress_Type_Name` , and `tls` . For more information, see [Under the hood: FireLens for Amazon ECS Tasks](https://docs.aws.amazon.com/containers/under-the-hood-firelens-for-amazon-ecs-tasks/) .\n\nWhen you export logs to Amazon S3, you can specify the bucket using the `bucket` option. You can also specify `region` , `total_file_size` , `upload_timeout` , and `use_put_object` as options.\n\nThis parameter requires version 1.19 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`", - "patternProperties": { - "^[a-zA-Z0-9]+$": { + "Properties": { + "additionalProperties": false, + "properties": { + "Cidr": { + "markdownDescription": "The CIDR provisioned to the IPAM pool. A CIDR is a representation of an IP address and its associated network mask (or netmask) and refers to a range of IP addresses. An IPv4 CIDR example is `10.24.34.0/23` . An IPv6 CIDR example is `2001:DB8::/32` .", + "title": "Cidr", + "type": "string" + }, + "IpamPoolId": { + "markdownDescription": "The ID of the IPAM pool.", + "title": "IpamPoolId", "type": "string" + }, + "NetmaskLength": { + "markdownDescription": "The netmask length of the CIDR you'd like to provision to a pool. Can be used for provisioning Amazon-provided IPv6 CIDRs to top-level pools and for provisioning CIDRs to pools with source pools. Cannot be used to provision BYOIP CIDRs to top-level pools. \"NetmaskLength\" or \"Cidr\" is required.", + "title": "NetmaskLength", + "type": "number" } }, - "title": "Options", + "required": [ + "IpamPoolId" + ], "type": "object" }, - "SecretOptions": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.Secret" - }, - "markdownDescription": "The secrets to pass to the log configuration. For more information, see [Specifying sensitive data](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "SecretOptions", - "type": "array" + "Type": { + "enum": [ + "AWS::EC2::IPAMPoolCidr" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "LogDriver" + "Type", + "Properties" ], "type": "object" }, - "AWS::ECS::TaskDefinition.MountPoint": { + "AWS::EC2::IPAMResourceDiscovery": { "additionalProperties": false, "properties": { - "ContainerPath": { - "markdownDescription": "The path on the container to mount the host volume at.", - "title": "ContainerPath", - "type": "string" - }, - "ReadOnly": { - "markdownDescription": "If this value is `true` , the container has read-only access to the volume. If this value is `false` , then the container can write to the volume. The default value is `false` .", - "title": "ReadOnly", - "type": "boolean" - }, - "SourceVolume": { - "markdownDescription": "The name of the volume to mount. Must be a volume name referenced in the `name` parameter of task definition `volume` .", - "title": "SourceVolume", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ECS::TaskDefinition.PortMapping": { - "additionalProperties": false, - "properties": { - "AppProtocol": { - "markdownDescription": "The application protocol that's used for the port mapping. This parameter only applies to Service Connect. We recommend that you set this parameter to be consistent with the protocol that your application uses. If you set this parameter, Amazon ECS adds protocol-specific connection handling to the Service Connect proxy. If you set this parameter, Amazon ECS adds protocol-specific telemetry in the Amazon ECS console and CloudWatch.\n\nIf you don't set a value for this parameter, then TCP is used. However, Amazon ECS doesn't add protocol-specific telemetry for TCP.\n\n`appProtocol` is immutable in a Service Connect service. Updating this field requires a service deletion and redeployment.\n\nTasks that run in a namespace can use short names to connect to services in the namespace. Tasks can connect to services across all of the clusters in the namespace. Tasks connect through a managed proxy container that collects logs and metrics for increased visibility. Only the tasks that Amazon ECS services create are supported with Service Connect. For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "AppProtocol", + "Condition": { "type": "string" }, - "ContainerPort": { - "markdownDescription": "The port number on the container that's bound to the user-specified or automatically assigned host port.\n\nIf you use containers in a task with the `awsvpc` or `host` network mode, specify the exposed ports using `containerPort` .\n\nIf you use containers in a task with the `bridge` network mode and you specify a container port and not a host port, your container automatically receives a host port in the ephemeral port range. For more information, see `hostPort` . Port mappings that are automatically assigned in this way do not count toward the 100 reserved ports limit of a container instance.", - "title": "ContainerPort", - "type": "number" - }, - "ContainerPortRange": { - "markdownDescription": "The port number range on the container that's bound to the dynamically mapped host port range.\n\nThe following rules apply when you specify a `containerPortRange` :\n\n- You must use either the `bridge` network mode or the `awsvpc` network mode.\n- This parameter is available for both the EC2 and AWS Fargate launch types.\n- This parameter is available for both the Linux and Windows operating systems.\n- The container instance must have at least version 1.67.0 of the container agent and at least version 1.67.0-1 of the `ecs-init` package\n- You can specify a maximum of 100 port ranges per container.\n- You do not specify a `hostPortRange` . The value of the `hostPortRange` is set as follows:\n\n- For containers in a task with the `awsvpc` network mode, the `hostPortRange` is set to the same value as the `containerPortRange` . This is a static mapping strategy.\n- For containers in a task with the `bridge` network mode, the Amazon ECS agent finds open host ports from the default ephemeral range and passes it to docker to bind them to the container ports.\n- The `containerPortRange` valid values are between 1 and 65535.\n- A port can only be included in one port mapping per container.\n- You cannot specify overlapping port ranges.\n- The first port in the range must be less than last port in the range.\n- Docker recommends that you turn off the docker-proxy in the Docker daemon config file when you have a large number of ports.\n\nFor more information, see [Issue #11185](https://docs.aws.amazon.com/https://github.com/moby/moby/issues/11185) on the Github website.\n\nFor information about how to turn off the docker-proxy in the Docker daemon config file, see [Docker daemon](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/bootstrap_container_instance.html#bootstrap_docker_daemon) in the *Amazon ECS Developer Guide* .\n\nYou can call [`DescribeTasks`](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DescribeTasks.html) to view the `hostPortRange` which are the host ports that are bound to the container ports.", - "title": "ContainerPortRange", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "HostPort": { - "markdownDescription": "The port number on the container instance to reserve for your container.\n\nIf you specify a `containerPortRange` , leave this field empty and the value of the `hostPort` is set as follows:\n\n- For containers in a task with the `awsvpc` network mode, the `hostPort` is set to the same value as the `containerPort` . This is a static mapping strategy.\n- For containers in a task with the `bridge` network mode, the Amazon ECS agent finds open ports on the host and automatically binds them to the container ports. This is a dynamic mapping strategy.\n\nIf you use containers in a task with the `awsvpc` or `host` network mode, the `hostPort` can either be left blank or set to the same value as the `containerPort` .\n\nIf you use containers in a task with the `bridge` network mode, you can specify a non-reserved host port for your container port mapping, or you can omit the `hostPort` (or set it to `0` ) while specifying a `containerPort` and your container automatically receives a port in the ephemeral port range for your container instance operating system and Docker version.\n\nThe default ephemeral port range for Docker version 1.6.0 and later is listed on the instance under `/proc/sys/net/ipv4/ip_local_port_range` . If this kernel parameter is unavailable, the default ephemeral port range from 49153 through 65535 (Linux) or 49152 through 65535 (Windows) is used. Do not attempt to specify a host port in the ephemeral port range as these are reserved for automatic assignment. In general, ports below 32768 are outside of the ephemeral port range.\n\nThe default reserved ports are 22 for SSH, the Docker ports 2375 and 2376, and the Amazon ECS container agent ports 51678-51680. Any host port that was previously specified in a running task is also reserved while the task is running. That is, after a task stops, the host port is released. The current reserved ports are displayed in the `remainingResources` of [DescribeContainerInstances](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DescribeContainerInstances.html) output. A container instance can have up to 100 reserved ports at a time. This number includes the default reserved ports. Automatically assigned ports aren't included in the 100 reserved ports quota.", - "title": "HostPort", - "type": "number" - }, - "Name": { - "markdownDescription": "The name that's used for the port mapping. This parameter is the name that you use in the `serviceConnectConfiguration` and the `vpcLatticeConfigurations` of a service. The name can include up to 64 characters. The characters can include lowercase letters, numbers, underscores (_), and hyphens (-). The name can't start with a hyphen.", - "title": "Name", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Protocol": { - "markdownDescription": "The protocol used for the port mapping. Valid values are `tcp` and `udp` . The default is `tcp` . `protocol` is immutable in a Service Connect service. Updating this field requires a service deletion and redeployment.", - "title": "Protocol", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ECS::TaskDefinition.ProxyConfiguration": { - "additionalProperties": false, - "properties": { - "ContainerName": { - "markdownDescription": "The name of the container that will serve as the App Mesh proxy.", - "title": "ContainerName", - "type": "string" + "Metadata": { + "type": "object" }, - "ProxyConfigurationProperties": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.KeyValuePair" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The resource discovery description.", + "title": "Description", + "type": "string" + }, + "OperatingRegions": { + "items": { + "$ref": "#/definitions/AWS::EC2::IPAMResourceDiscovery.IpamOperatingRegion" + }, + "markdownDescription": "The operating Regions for the resource discovery. Operating Regions are AWS Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only discovers and monitors resources in the AWS Regions you select as operating Regions.", + "title": "OperatingRegions", + "type": "array" + }, + "OrganizationalUnitExclusions": { + "items": { + "$ref": "#/definitions/AWS::EC2::IPAMResourceDiscovery.IpamResourceDiscoveryOrganizationalUnitExclusion" + }, + "markdownDescription": "If your IPAM is integrated with AWS Organizations, you can exclude an [organizational unit (OU)](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html#organizationalunit) from being managed by IPAM. When you exclude an OU, IPAM will not manage the IP addresses in accounts in that OU. For more information, see [Exclude organizational units from IPAM](https://docs.aws.amazon.com/vpc/latest/ipam/exclude-ous.html) in the *Amazon Virtual Private Cloud IP Address Manager User Guide* .", + "title": "OrganizationalUnitExclusions", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A tag is a label that you assign to an AWS resource. Each tag consists of a key and an optional value. You can use tags to search and filter your resources or track your AWS costs.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The set of network configuration parameters to provide the Container Network Interface (CNI) plugin, specified as key-value pairs.\n\n- `IgnoredUID` - (Required) The user ID (UID) of the proxy container as defined by the `user` parameter in a container definition. This is used to ensure the proxy ignores its own traffic. If `IgnoredGID` is specified, this field can be empty.\n- `IgnoredGID` - (Required) The group ID (GID) of the proxy container as defined by the `user` parameter in a container definition. This is used to ensure the proxy ignores its own traffic. If `IgnoredUID` is specified, this field can be empty.\n- `AppPorts` - (Required) The list of ports that the application uses. Network traffic to these ports is forwarded to the `ProxyIngressPort` and `ProxyEgressPort` .\n- `ProxyIngressPort` - (Required) Specifies the port that incoming traffic to the `AppPorts` is directed to.\n- `ProxyEgressPort` - (Required) Specifies the port that outgoing traffic from the `AppPorts` is directed to.\n- `EgressIgnoredPorts` - (Required) The egress traffic going to the specified ports is ignored and not redirected to the `ProxyEgressPort` . It can be an empty list.\n- `EgressIgnoredIPs` - (Required) The egress traffic going to the specified IP addresses is ignored and not redirected to the `ProxyEgressPort` . It can be an empty list.", - "title": "ProxyConfigurationProperties", - "type": "array" + "type": "object" }, "Type": { - "markdownDescription": "The proxy type. The only supported value is `APPMESH` .", - "title": "Type", - "type": "string" - } - }, - "required": [ - "ContainerName" - ], - "type": "object" - }, - "AWS::ECS::TaskDefinition.RepositoryCredentials": { - "additionalProperties": false, - "properties": { - "CredentialsParameter": { - "markdownDescription": "The Amazon Resource Name (ARN) of the secret containing the private repository credentials.\n\n> When you use the Amazon ECS API, AWS CLI , or AWS SDK, if the secret exists in the same Region as the task that you're launching then you can use either the full ARN or the name of the secret. When you use the AWS Management Console, you must specify the full ARN of the secret.", - "title": "CredentialsParameter", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ECS::TaskDefinition.ResourceRequirement": { - "additionalProperties": false, - "properties": { - "Type": { - "markdownDescription": "The type of resource to assign to a container.", - "title": "Type", - "type": "string" - }, - "Value": { - "markdownDescription": "The value for the specified resource type.\n\nWhen the type is `GPU` , the value is the number of physical `GPUs` the Amazon ECS container agent reserves for the container. The number of GPUs that's reserved for all containers in a task can't exceed the number of available GPUs on the container instance that the task is launched on.\n\nWhen the type is `InferenceAccelerator` , the `value` matches the `deviceName` for an [InferenceAccelerator](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_InferenceAccelerator.html) specified in a task definition.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Type", - "Value" - ], - "type": "object" - }, - "AWS::ECS::TaskDefinition.RuntimePlatform": { - "additionalProperties": false, - "properties": { - "CpuArchitecture": { - "markdownDescription": "The CPU architecture.\n\nYou can run your Linux tasks on an ARM-based platform by setting the value to `ARM64` . This option is available for tasks that run on Linux Amazon EC2 instance or Linux containers on Fargate.", - "title": "CpuArchitecture", - "type": "string" - }, - "OperatingSystemFamily": { - "markdownDescription": "The operating system.", - "title": "OperatingSystemFamily", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ECS::TaskDefinition.Secret": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the secret.", - "title": "Name", - "type": "string" - }, - "ValueFrom": { - "markdownDescription": "The secret to expose to the container. The supported values are either the full ARN of the AWS Secrets Manager secret or the full ARN of the parameter in the SSM Parameter Store.\n\nFor information about the require AWS Identity and Access Management permissions, see [Required IAM permissions for Amazon ECS secrets](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data-secrets.html#secrets-iam) (for Secrets Manager) or [Required IAM permissions for Amazon ECS secrets](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data-parameters.html) (for Systems Manager Parameter store) in the *Amazon Elastic Container Service Developer Guide* .\n\n> If the SSM Parameter Store parameter exists in the same Region as the task you're launching, then you can use either the full ARN or name of the parameter. If the parameter exists in a different Region, then the full ARN must be specified.", - "title": "ValueFrom", - "type": "string" - } - }, - "required": [ - "Name", - "ValueFrom" - ], - "type": "object" - }, - "AWS::ECS::TaskDefinition.SystemControl": { - "additionalProperties": false, - "properties": { - "Namespace": { - "markdownDescription": "The namespaced kernel parameter to set a `value` for.", - "title": "Namespace", - "type": "string" - }, - "Value": { - "markdownDescription": "The namespaced kernel parameter to set a `value` for.\n\nValid IPC namespace values: `\"kernel.msgmax\" | \"kernel.msgmnb\" | \"kernel.msgmni\" | \"kernel.sem\" | \"kernel.shmall\" | \"kernel.shmmax\" | \"kernel.shmmni\" | \"kernel.shm_rmid_forced\"` , and `Sysctls` that start with `\"fs.mqueue.*\"`\n\nValid network namespace values: `Sysctls` that start with `\"net.*\"` . Only namespaced `Sysctls` that exist within the container starting with \"net.* are accepted.\n\nAll of these values are supported by Fargate.", - "title": "Value", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ECS::TaskDefinition.TaskDefinitionPlacementConstraint": { - "additionalProperties": false, - "properties": { - "Expression": { - "markdownDescription": "A cluster query language expression to apply to the constraint. For more information, see [Cluster query language](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "Expression", + "enum": [ + "AWS::EC2::IPAMResourceDiscovery" + ], "type": "string" }, - "Type": { - "markdownDescription": "The type of constraint. The `MemberOf` constraint restricts selection to be from a group of valid candidates.", - "title": "Type", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, @@ -85166,112 +91084,35 @@ ], "type": "object" }, - "AWS::ECS::TaskDefinition.Tmpfs": { + "AWS::EC2::IPAMResourceDiscovery.IpamOperatingRegion": { "additionalProperties": false, "properties": { - "ContainerPath": { - "markdownDescription": "The absolute file path where the tmpfs volume is to be mounted.", - "title": "ContainerPath", + "RegionName": { + "markdownDescription": "The name of the operating Region.", + "title": "RegionName", "type": "string" - }, - "MountOptions": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of tmpfs volume mount options.\n\nValid values: `\"defaults\" | \"ro\" | \"rw\" | \"suid\" | \"nosuid\" | \"dev\" | \"nodev\" | \"exec\" | \"noexec\" | \"sync\" | \"async\" | \"dirsync\" | \"remount\" | \"mand\" | \"nomand\" | \"atime\" | \"noatime\" | \"diratime\" | \"nodiratime\" | \"bind\" | \"rbind\" | \"unbindable\" | \"runbindable\" | \"private\" | \"rprivate\" | \"shared\" | \"rshared\" | \"slave\" | \"rslave\" | \"relatime\" | \"norelatime\" | \"strictatime\" | \"nostrictatime\" | \"mode\" | \"uid\" | \"gid\" | \"nr_inodes\" | \"nr_blocks\" | \"mpol\"`", - "title": "MountOptions", - "type": "array" - }, - "Size": { - "markdownDescription": "The maximum size (in MiB) of the tmpfs volume.", - "title": "Size", - "type": "number" } }, "required": [ - "Size" + "RegionName" ], "type": "object" }, - "AWS::ECS::TaskDefinition.Ulimit": { + "AWS::EC2::IPAMResourceDiscovery.IpamResourceDiscoveryOrganizationalUnitExclusion": { "additionalProperties": false, "properties": { - "HardLimit": { - "markdownDescription": "The hard limit for the `ulimit` type. The value can be specified in bytes, seconds, or as a count, depending on the `type` of the `ulimit` .", - "title": "HardLimit", - "type": "number" - }, - "Name": { - "markdownDescription": "The `type` of the `ulimit` .", - "title": "Name", + "OrganizationsEntityPath": { + "markdownDescription": "An AWS Organizations entity path. For more information on the entity path, see [Understand the AWS Organizations entity path](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_last-accessed-view-data-orgs.html#access_policies_access-advisor-viewing-orgs-entity-path) in the *AWS Identity and Access Management User Guide* .", + "title": "OrganizationsEntityPath", "type": "string" - }, - "SoftLimit": { - "markdownDescription": "The soft limit for the `ulimit` type. The value can be specified in bytes, seconds, or as a count, depending on the `type` of the `ulimit` .", - "title": "SoftLimit", - "type": "number" } }, "required": [ - "HardLimit", - "Name", - "SoftLimit" + "OrganizationsEntityPath" ], "type": "object" }, - "AWS::ECS::TaskDefinition.Volume": { - "additionalProperties": false, - "properties": { - "ConfiguredAtLaunch": { - "markdownDescription": "Indicates whether the volume should be configured at launch time. This is used to create Amazon EBS volumes for standalone tasks or tasks created as part of a service. Each task definition revision may only have one volume configured at launch in the volume configuration.\n\nTo configure a volume at launch time, use this task definition revision and specify a `volumeConfigurations` object when calling the `CreateService` , `UpdateService` , `RunTask` or `StartTask` APIs.", - "title": "ConfiguredAtLaunch", - "type": "boolean" - }, - "DockerVolumeConfiguration": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.DockerVolumeConfiguration", - "markdownDescription": "This parameter is specified when you use Docker volumes.\n\nWindows containers only support the use of the `local` driver. To use bind mounts, specify the `host` parameter instead.\n\n> Docker volumes aren't supported by tasks run on AWS Fargate .", - "title": "DockerVolumeConfiguration" - }, - "EFSVolumeConfiguration": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.EFSVolumeConfiguration", - "markdownDescription": "This parameter is specified when you use an Amazon Elastic File System file system for task storage.", - "title": "EFSVolumeConfiguration" - }, - "FSxWindowsFileServerVolumeConfiguration": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.FSxWindowsFileServerVolumeConfiguration", - "markdownDescription": "This parameter is specified when you use Amazon FSx for Windows File Server file system for task storage.", - "title": "FSxWindowsFileServerVolumeConfiguration" - }, - "Host": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.HostVolumeProperties", - "markdownDescription": "This parameter is specified when you use bind mount host volumes. The contents of the `host` parameter determine whether your bind mount host volume persists on the host container instance and where it's stored. If the `host` parameter is empty, then the Docker daemon assigns a host path for your data volume. However, the data isn't guaranteed to persist after the containers that are associated with it stop running.\n\nWindows containers can mount whole directories on the same drive as `$env:ProgramData` . Windows containers can't mount directories on a different drive, and mount point can't be across drives. For example, you can mount `C:\\my\\path:C:\\my\\path` and `D:\\:D:\\` , but not `D:\\my\\path:C:\\my\\path` or `D:\\:C:\\my\\path` .", - "title": "Host" - }, - "Name": { - "markdownDescription": "The name of the volume. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed.\n\nWhen using a volume configured at launch, the `name` is required and must also be specified as the volume name in the `ServiceVolumeConfiguration` or `TaskVolumeConfiguration` parameter when creating your service or standalone task.\n\nFor all other types of volumes, this name is referenced in the `sourceVolume` parameter of the `mountPoints` object in the container definition.\n\nWhen a volume is using the `efsVolumeConfiguration` , the name is required.", - "title": "Name", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ECS::TaskDefinition.VolumeFrom": { - "additionalProperties": false, - "properties": { - "ReadOnly": { - "markdownDescription": "If this value is `true` , the container has read-only access to the volume. If this value is `false` , then the container can write to the volume. The default value is `false` .", - "title": "ReadOnly", - "type": "boolean" - }, - "SourceContainer": { - "markdownDescription": "The name of another container within the same task definition to mount volumes from.", - "title": "SourceContainer", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ECS::TaskSet": { + "AWS::EC2::IPAMResourceDiscoveryAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -85306,81 +91147,34 @@ "Properties": { "additionalProperties": false, "properties": { - "Cluster": { - "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the cluster that hosts the service to create the task set in.", - "title": "Cluster", - "type": "string" - }, - "ExternalId": { - "markdownDescription": "An optional non-unique tag that identifies this task set in external systems. If the task set is associated with a service discovery registry, the tasks in this task set will have the `ECS_TASK_SET_EXTERNAL_ID` AWS Cloud Map attribute set to the provided value.", - "title": "ExternalId", - "type": "string" - }, - "LaunchType": { - "markdownDescription": "The launch type that new tasks in the task set uses. For more information, see [Amazon ECS launch types](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/launch_types.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nIf a `launchType` is specified, the `capacityProviderStrategy` parameter must be omitted.", - "title": "LaunchType", - "type": "string" - }, - "LoadBalancers": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskSet.LoadBalancer" - }, - "markdownDescription": "A load balancer object representing the load balancer to use with the task set. The supported load balancer types are either an Application Load Balancer or a Network Load Balancer.", - "title": "LoadBalancers", - "type": "array" - }, - "NetworkConfiguration": { - "$ref": "#/definitions/AWS::ECS::TaskSet.NetworkConfiguration", - "markdownDescription": "The network configuration for the task set.", - "title": "NetworkConfiguration" - }, - "PlatformVersion": { - "markdownDescription": "The platform version that the tasks in the task set uses. A platform version is specified only for tasks using the Fargate launch type. If one isn't specified, the `LATEST` platform version is used.", - "title": "PlatformVersion", + "IpamId": { + "markdownDescription": "The IPAM ID.", + "title": "IpamId", "type": "string" }, - "Scale": { - "$ref": "#/definitions/AWS::ECS::TaskSet.Scale", - "markdownDescription": "A floating-point percentage of your desired number of tasks to place and keep running in the task set.", - "title": "Scale" - }, - "Service": { - "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the service to create the task set in.", - "title": "Service", + "IpamResourceDiscoveryId": { + "markdownDescription": "The resource discovery ID.", + "title": "IpamResourceDiscoveryId", "type": "string" }, - "ServiceRegistries": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskSet.ServiceRegistry" - }, - "markdownDescription": "The details of the service discovery registries to assign to this task set. For more information, see [Service discovery](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-discovery.html) .", - "title": "ServiceRegistries", - "type": "array" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The metadata that you apply to the task set to help you categorize and organize them. Each tag consists of a key and an optional value. You define both.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8\n- Maximum value length - 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", + "markdownDescription": "A tag is a label that you assign to an AWS resource. Each tag consists of a key and an optional value. You can use tags to search and filter your resources or track your AWS costs.", "title": "Tags", "type": "array" - }, - "TaskDefinition": { - "markdownDescription": "The task definition for the tasks in the task set to use. If a revision isn't specified, the latest `ACTIVE` revision is used.", - "title": "TaskDefinition", - "type": "string" } }, "required": [ - "Cluster", - "Service", - "TaskDefinition" + "IpamId", + "IpamResourceDiscoveryId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ECS::TaskSet" + "AWS::EC2::IPAMResourceDiscoveryAssociation" ], "type": "string" }, @@ -85399,111 +91193,7 @@ ], "type": "object" }, - "AWS::ECS::TaskSet.AwsVpcConfiguration": { - "additionalProperties": false, - "properties": { - "AssignPublicIp": { - "markdownDescription": "Whether the task's elastic network interface receives a public IP address.\n\nConsider the following when you set this value:\n\n- When you use `create-service` or `update-service` , the default is `DISABLED` .\n- When the service `deploymentController` is `ECS` , the value must be `DISABLED` .", - "title": "AssignPublicIp", - "type": "string" - }, - "SecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the security groups associated with the task or service. If you don't specify a security group, the default security group for the VPC is used. There's a limit of 5 security groups that can be specified.\n\n> All specified security groups must be from the same VPC.", - "title": "SecurityGroups", - "type": "array" - }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the subnets associated with the task or service. There's a limit of 16 subnets that can be specified.\n\n> All specified subnets must be from the same VPC.", - "title": "Subnets", - "type": "array" - } - }, - "required": [ - "Subnets" - ], - "type": "object" - }, - "AWS::ECS::TaskSet.LoadBalancer": { - "additionalProperties": false, - "properties": { - "ContainerName": { - "markdownDescription": "The name of the container (as it appears in a container definition) to associate with the load balancer.\n\nYou need to specify the container name when configuring the target group for an Amazon ECS load balancer.", - "title": "ContainerName", - "type": "string" - }, - "ContainerPort": { - "markdownDescription": "The port on the container to associate with the load balancer. This port must correspond to a `containerPort` in the task definition the tasks in the service are using. For tasks that use the EC2 launch type, the container instance they're launched on must allow ingress traffic on the `hostPort` of the port mapping.", - "title": "ContainerPort", - "type": "number" - }, - "TargetGroupArn": { - "markdownDescription": "The full Amazon Resource Name (ARN) of the Elastic Load Balancing target group or groups associated with a service or task set.\n\nA target group ARN is only specified when using an Application Load Balancer or Network Load Balancer.\n\nFor services using the `ECS` deployment controller, you can specify one or multiple target groups. For more information, see [Registering multiple target groups with a service](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/register-multiple-targetgroups.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nFor services using the `CODE_DEPLOY` deployment controller, you're required to define two target groups for the load balancer. For more information, see [Blue/green deployment with CodeDeploy](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-type-bluegreen.html) in the *Amazon Elastic Container Service Developer Guide* .\n\n> If your service's task definition uses the `awsvpc` network mode, you must choose `ip` as the target type, not `instance` . Do this when creating your target groups because tasks that use the `awsvpc` network mode are associated with an elastic network interface, not an Amazon EC2 instance. This network mode is required for the Fargate launch type.", - "title": "TargetGroupArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ECS::TaskSet.NetworkConfiguration": { - "additionalProperties": false, - "properties": { - "AwsVpcConfiguration": { - "$ref": "#/definitions/AWS::ECS::TaskSet.AwsVpcConfiguration", - "markdownDescription": "The VPC subnets and security groups that are associated with a task.\n\n> All specified subnets and security groups must be from the same VPC.", - "title": "AwsVpcConfiguration" - } - }, - "type": "object" - }, - "AWS::ECS::TaskSet.Scale": { - "additionalProperties": false, - "properties": { - "Unit": { - "markdownDescription": "The unit of measure for the scale value.", - "title": "Unit", - "type": "string" - }, - "Value": { - "markdownDescription": "The value, specified as a percent total of a service's `desiredCount` , to scale the task set. Accepted values are numbers between 0 and 100.", - "title": "Value", - "type": "number" - } - }, - "type": "object" - }, - "AWS::ECS::TaskSet.ServiceRegistry": { - "additionalProperties": false, - "properties": { - "ContainerName": { - "markdownDescription": "The container name value to be used for your service discovery service. It's already specified in the task definition. If the task definition that your service task specifies uses the `bridge` or `host` network mode, you must specify a `containerName` and `containerPort` combination from the task definition. If the task definition that your service task specifies uses the `awsvpc` network mode and a type SRV DNS record is used, you must specify either a `containerName` and `containerPort` combination or a `port` value. However, you can't specify both.", - "title": "ContainerName", - "type": "string" - }, - "ContainerPort": { - "markdownDescription": "The port value to be used for your service discovery service. It's already specified in the task definition. If the task definition your service task specifies uses the `bridge` or `host` network mode, you must specify a `containerName` and `containerPort` combination from the task definition. If the task definition your service task specifies uses the `awsvpc` network mode and a type SRV DNS record is used, you must specify either a `containerName` and `containerPort` combination or a `port` value. However, you can't specify both.", - "title": "ContainerPort", - "type": "number" - }, - "Port": { - "markdownDescription": "The port value used if your service discovery service specified an SRV record. This field might be used if both the `awsvpc` network mode and SRV records are used.", - "title": "Port", - "type": "number" - }, - "RegistryArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the service registry. The currently supported service registry is AWS Cloud Map . For more information, see [CreateService](https://docs.aws.amazon.com/cloud-map/latest/api/API_CreateService.html) .", - "title": "RegistryArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EFS::AccessPoint": { + "AWS::EC2::IPAMScope": { "additionalProperties": false, "properties": { "Condition": { @@ -85538,43 +91228,33 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessPointTags": { - "items": { - "$ref": "#/definitions/AWS::EFS::AccessPoint.AccessPointTag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "AccessPointTags", - "type": "array" - }, - "ClientToken": { - "markdownDescription": "The opaque string specified in the request to ensure idempotent creation.", - "title": "ClientToken", + "Description": { + "markdownDescription": "The description of the scope.", + "title": "Description", "type": "string" }, - "FileSystemId": { - "markdownDescription": "The ID of the EFS file system that the access point applies to. Accepts only the ID format for input when specifying a file system, for example `fs-0123456789abcedf2` .", - "title": "FileSystemId", + "IpamId": { + "markdownDescription": "The ID of the IPAM for which you're creating this scope.", + "title": "IpamId", "type": "string" }, - "PosixUser": { - "$ref": "#/definitions/AWS::EFS::AccessPoint.PosixUser", - "markdownDescription": "The full POSIX identity, including the user ID, group ID, and secondary group IDs on the access point that is used for all file operations by NFS clients using the access point.", - "title": "PosixUser" - }, - "RootDirectory": { - "$ref": "#/definitions/AWS::EFS::AccessPoint.RootDirectory", - "markdownDescription": "The directory on the EFS file system that the access point exposes as the root directory to NFS clients using the access point.", - "title": "RootDirectory" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key `Owner` and the value `TeamA` , specify `tag:Owner` for the filter name and `TeamA` for the filter value.", + "title": "Tags", + "type": "array" } }, "required": [ - "FileSystemId" + "IpamId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EFS::AccessPoint" + "AWS::EC2::IPAMScope" ], "type": "string" }, @@ -85593,98 +91273,15 @@ ], "type": "object" }, - "AWS::EFS::AccessPoint.AccessPointTag": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "The tag key (String). The key can't start with `aws:` .", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "The value of the tag key.", - "title": "Value", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EFS::AccessPoint.CreationInfo": { - "additionalProperties": false, - "properties": { - "OwnerGid": { - "markdownDescription": "Specifies the POSIX group ID to apply to the `RootDirectory` . Accepts values from 0 to 2^32 (4294967295).", - "title": "OwnerGid", - "type": "string" - }, - "OwnerUid": { - "markdownDescription": "Specifies the POSIX user ID to apply to the `RootDirectory` . Accepts values from 0 to 2^32 (4294967295).", - "title": "OwnerUid", - "type": "string" - }, - "Permissions": { - "markdownDescription": "Specifies the POSIX permissions to apply to the `RootDirectory` , in the format of an octal number representing the file's mode bits.", - "title": "Permissions", - "type": "string" - } - }, - "required": [ - "OwnerGid", - "OwnerUid", - "Permissions" - ], - "type": "object" - }, - "AWS::EFS::AccessPoint.PosixUser": { - "additionalProperties": false, - "properties": { - "Gid": { - "markdownDescription": "The POSIX group ID used for all file system operations using this access point.", - "title": "Gid", - "type": "string" - }, - "SecondaryGids": { - "items": { - "type": "string" - }, - "markdownDescription": "Secondary POSIX group IDs used for all file system operations using this access point.", - "title": "SecondaryGids", - "type": "array" - }, - "Uid": { - "markdownDescription": "The POSIX user ID used for all file system operations using this access point.", - "title": "Uid", - "type": "string" - } - }, - "required": [ - "Gid", - "Uid" - ], - "type": "object" - }, - "AWS::EFS::AccessPoint.RootDirectory": { - "additionalProperties": false, - "properties": { - "CreationInfo": { - "$ref": "#/definitions/AWS::EFS::AccessPoint.CreationInfo", - "markdownDescription": "(Optional) Specifies the POSIX IDs and permissions to apply to the access point's `RootDirectory` . If the `RootDirectory` > `Path` specified does not exist, EFS creates the root directory using the `CreationInfo` settings when a client connects to an access point. When specifying the `CreationInfo` , you must provide values for all properties.\n\n> If you do not provide `CreationInfo` and the specified `RootDirectory` > `Path` does not exist, attempts to mount the file system using the access point will fail.", - "title": "CreationInfo" - }, - "Path": { - "markdownDescription": "Specifies the path on the EFS file system to expose as the root directory to NFS clients using the access point to access the EFS file system. A path can have up to four subdirectories. If the specified path does not exist, you are required to provide the `CreationInfo` .", - "title": "Path", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EFS::FileSystem": { + "AWS::EC2::Instance": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, + "CreationPolicy": { + "type": "object" + }, "DeletionPolicy": { "enum": [ "Delete", @@ -85714,83 +91311,250 @@ "Properties": { "additionalProperties": false, "properties": { - "AvailabilityZoneName": { - "markdownDescription": "For One Zone file systems, specify the AWS Availability Zone in which to create the file system. Use the format `us-east-1a` to specify the Availability Zone. For more information about One Zone file systems, see [EFS file system types](https://docs.aws.amazon.com/efs/latest/ug/availability-durability.html#file-system-type) in the *Amazon EFS User Guide* .\n\n> One Zone file systems are not available in all Availability Zones in AWS Regions where Amazon EFS is available.", - "title": "AvailabilityZoneName", + "AdditionalInfo": { + "markdownDescription": "This property is reserved for internal use. If you use it, the stack fails with this error: `Bad property set: [Testing this property] (Service: AmazonEC2; Status Code: 400; Error Code: InvalidParameterCombination; Request ID: 0XXXXXX-49c7-4b40-8bcc-76885dcXXXXX)` .", + "title": "AdditionalInfo", "type": "string" }, - "BackupPolicy": { - "$ref": "#/definitions/AWS::EFS::FileSystem.BackupPolicy", - "markdownDescription": "Use the `BackupPolicy` to turn automatic backups on or off for the file system.", - "title": "BackupPolicy" + "Affinity": { + "markdownDescription": "Indicates whether the instance is associated with a dedicated host. If you want the instance to always restart on the same host on which it was launched, specify `host` . If you want the instance to restart on any available host, but try to launch onto the last host it ran on (on a best-effort basis), specify `default` .", + "title": "Affinity", + "type": "string" }, - "BypassPolicyLockoutSafetyCheck": { - "markdownDescription": "(Optional) A boolean that specifies whether or not to bypass the `FileSystemPolicy` lockout safety check. The lockout safety check determines whether the policy in the request will lock out, or prevent, the IAM principal that is making the request from making future `PutFileSystemPolicy` requests on this file system. Set `BypassPolicyLockoutSafetyCheck` to `True` only when you intend to prevent the IAM principal that is making the request from making subsequent `PutFileSystemPolicy` requests on this file system. The default value is `False` .", - "title": "BypassPolicyLockoutSafetyCheck", + "AvailabilityZone": { + "markdownDescription": "The Availability Zone of the instance.\n\nIf not specified, an Availability Zone will be automatically chosen for you based on the load balancing criteria for the Region.\n\nThis parameter is not supported by [DescribeImageAttribute](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeImageAttribute.html) .", + "title": "AvailabilityZone", + "type": "string" + }, + "BlockDeviceMappings": { + "items": { + "$ref": "#/definitions/AWS::EC2::Instance.BlockDeviceMapping" + }, + "markdownDescription": "The block device mapping entries that defines the block devices to attach to the instance at launch.\n\nBy default, the block devices specified in the block device mapping for the AMI are used. You can override the AMI block device mapping using the instance block device mapping. For the root volume, you can override only the volume size, volume type, volume encryption settings, and the `DeleteOnTermination` setting.\n\n> After the instance is running, you can modify only the `DeleteOnTermination` parameter for the attached volumes without interrupting the instance. Modifying any other parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", + "title": "BlockDeviceMappings", + "type": "array" + }, + "CpuOptions": { + "$ref": "#/definitions/AWS::EC2::Instance.CpuOptions", + "markdownDescription": "The CPU options for the instance. For more information, see [Optimize CPU options](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html) in the *Amazon Elastic Compute Cloud User Guide* .", + "title": "CpuOptions" + }, + "CreditSpecification": { + "$ref": "#/definitions/AWS::EC2::Instance.CreditSpecification", + "markdownDescription": "The credit option for CPU usage of the burstable performance instance. Valid values are `standard` and `unlimited` . To change this attribute after launch, use [ModifyInstanceCreditSpecification](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyInstanceCreditSpecification.html) . For more information, see [Burstable performance instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) in the *Amazon EC2 User Guide* .\n\nDefault: `standard` (T2 instances) or `unlimited` (T3/T3a/T4g instances)\n\nFor T3 instances with `host` tenancy, only `standard` is supported.", + "title": "CreditSpecification" + }, + "DisableApiTermination": { + "markdownDescription": "Indicates whether termination protection is enabled for the instance. The default is `false` , which means that you can terminate the instance using the Amazon EC2 console, command line tools, or API. You can enable termination protection when you launch an instance, while the instance is running, or while the instance is stopped.", + "title": "DisableApiTermination", "type": "boolean" }, - "Encrypted": { - "markdownDescription": "A Boolean value that, if true, creates an encrypted file system. When creating an encrypted file system, you have the option of specifying a KmsKeyId for an existing AWS KMS key . If you don't specify a KMS key , then the default KMS key for Amazon EFS , `/aws/elasticfilesystem` , is used to protect the encrypted file system.", - "title": "Encrypted", + "EbsOptimized": { + "markdownDescription": "Indicates whether the instance is optimized for Amazon EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal Amazon EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS-optimized instance.\n\nDefault: `false`", + "title": "EbsOptimized", "type": "boolean" }, - "FileSystemPolicy": { - "markdownDescription": "The `FileSystemPolicy` for the EFS file system. A file system policy is an IAM resource policy used to control NFS access to an EFS file system. For more information, see [Using IAM to control NFS access to Amazon EFS](https://docs.aws.amazon.com/efs/latest/ug/iam-access-control-nfs-efs.html) in the *Amazon EFS User Guide* .", - "title": "FileSystemPolicy", - "type": "object" + "ElasticGpuSpecifications": { + "items": { + "$ref": "#/definitions/AWS::EC2::Instance.ElasticGpuSpecification" + }, + "markdownDescription": "An elastic GPU to associate with the instance.\n\n> Amazon Elastic Graphics reached end of life on January 8, 2024.", + "title": "ElasticGpuSpecifications", + "type": "array" }, - "FileSystemProtection": { - "$ref": "#/definitions/AWS::EFS::FileSystem.FileSystemProtection", - "markdownDescription": "Describes the protection on the file system.", - "title": "FileSystemProtection" + "ElasticInferenceAccelerators": { + "items": { + "$ref": "#/definitions/AWS::EC2::Instance.ElasticInferenceAccelerator" + }, + "markdownDescription": "An elastic inference accelerator to associate with the instance.\n\n> Amazon Elastic Inference is no longer available.", + "title": "ElasticInferenceAccelerators", + "type": "array" }, - "FileSystemTags": { + "EnclaveOptions": { + "$ref": "#/definitions/AWS::EC2::Instance.EnclaveOptions", + "markdownDescription": "Indicates whether the instance is enabled for AWS Nitro Enclaves.", + "title": "EnclaveOptions" + }, + "HibernationOptions": { + "$ref": "#/definitions/AWS::EC2::Instance.HibernationOptions", + "markdownDescription": "Indicates whether an instance is enabled for hibernation. This parameter is valid only if the instance meets the [hibernation prerequisites](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/hibernating-prerequisites.html) . For more information, see [Hibernate your Amazon EC2 instance](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) in the *Amazon EC2 User Guide* .\n\nYou can't enable hibernation and AWS Nitro Enclaves on the same instance.", + "title": "HibernationOptions" + }, + "HostId": { + "markdownDescription": "If you specify host for the `Affinity` property, the ID of a dedicated host that the instance is associated with. If you don't specify an ID, Amazon EC2 launches the instance onto any available, compatible dedicated host in your account. This type of launch is called an untargeted launch. Note that for untargeted launches, you must have a compatible, dedicated host available to successfully launch instances.", + "title": "HostId", + "type": "string" + }, + "HostResourceGroupArn": { + "markdownDescription": "The ARN of the host resource group in which to launch the instances. If you specify a host resource group ARN, omit the *Tenancy* parameter or set it to `host` .", + "title": "HostResourceGroupArn", + "type": "string" + }, + "IamInstanceProfile": { + "markdownDescription": "The name of an IAM instance profile. To create a new IAM instance profile, use the [AWS::IAM::InstanceProfile](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-instanceprofile.html) resource.", + "title": "IamInstanceProfile", + "type": "string" + }, + "ImageId": { + "markdownDescription": "The ID of the AMI. An AMI ID is required to launch an instance and must be specified here or in a launch template.", + "title": "ImageId", + "type": "string" + }, + "InstanceInitiatedShutdownBehavior": { + "markdownDescription": "Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).\n\nDefault: `stop`", + "title": "InstanceInitiatedShutdownBehavior", + "type": "string" + }, + "InstanceType": { + "markdownDescription": "The instance type. For more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .\n\nWhen you change your EBS-backed instance type, instance restart or replacement behavior depends on the instance type compatibility between the old and new types. An instance with an instance store volume as the root volume is always replaced. For more information, see [Change the instance type](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-resize.html) in the *Amazon EC2 User Guide* .", + "title": "InstanceType", + "type": "string" + }, + "Ipv6AddressCount": { + "markdownDescription": "The number of IPv6 addresses to associate with the primary network interface. Amazon EC2 chooses the IPv6 addresses from the range of your subnet. You cannot specify this option and the option to assign specific IPv6 addresses in the same request. You can specify this option if you've specified a minimum number of instances to launch.\n\nYou cannot specify this option and the network interfaces option in the same request.", + "title": "Ipv6AddressCount", + "type": "number" + }, + "Ipv6Addresses": { "items": { - "$ref": "#/definitions/AWS::EFS::FileSystem.ElasticFileSystemTag" + "$ref": "#/definitions/AWS::EC2::Instance.InstanceIpv6Address" }, - "markdownDescription": "Use to create one or more tags associated with the file system. Each tag is a user-defined key-value pair. Name your file system on creation by including a `\"Key\":\"Name\",\"Value\":\"{value}\"` key-value pair. Each key must be unique. For more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference Guide* .", - "title": "FileSystemTags", + "markdownDescription": "The IPv6 addresses from the range of the subnet to associate with the primary network interface. You cannot specify this option and the option to assign a number of IPv6 addresses in the same request. You cannot specify this option if you've specified a minimum number of instances to launch.\n\nYou cannot specify this option and the network interfaces option in the same request.", + "title": "Ipv6Addresses", "type": "array" }, - "KmsKeyId": { - "markdownDescription": "The ID of the AWS KMS key to be used to protect the encrypted file system. This parameter is only required if you want to use a nondefault KMS key . If this parameter is not specified, the default KMS key for Amazon EFS is used. This ID can be in one of the following formats:\n\n- Key ID - A unique identifier of the key, for example `1234abcd-12ab-34cd-56ef-1234567890ab` .\n- ARN - An Amazon Resource Name (ARN) for the key, for example `arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab` .\n- Key alias - A previously created display name for a key, for example `alias/projectKey1` .\n- Key alias ARN - An ARN for a key alias, for example `arn:aws:kms:us-west-2:444455556666:alias/projectKey1` .\n\nIf `KmsKeyId` is specified, the `Encrypted` parameter must be set to true.", - "title": "KmsKeyId", + "KernelId": { + "markdownDescription": "The ID of the kernel.\n\n> We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see [PV-GRUB](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) in the *Amazon EC2 User Guide* .", + "title": "KernelId", "type": "string" }, - "LifecyclePolicies": { + "KeyName": { + "markdownDescription": "The name of the key pair. For more information, see [Create a key pair for your EC2 instance](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/create-key-pairs.html) .\n\n> If you do not specify a key pair, you can't connect to the instance unless you choose an AMI that is configured to allow users another way to log in.", + "title": "KeyName", + "type": "string" + }, + "LaunchTemplate": { + "$ref": "#/definitions/AWS::EC2::Instance.LaunchTemplateSpecification", + "markdownDescription": "The launch template. Any additional parameters that you specify for the new instance overwrite the corresponding parameters included in the launch template.", + "title": "LaunchTemplate" + }, + "LicenseSpecifications": { "items": { - "$ref": "#/definitions/AWS::EFS::FileSystem.LifecyclePolicy" + "$ref": "#/definitions/AWS::EC2::Instance.LicenseSpecification" }, - "markdownDescription": "An array of `LifecyclePolicy` objects that define the file system's `LifecycleConfiguration` object. A `LifecycleConfiguration` object informs Lifecycle management of the following:\n\n- When to move files in the file system from primary storage to IA storage.\n- When to move files in the file system from primary storage or IA storage to Archive storage.\n- When to move files that are in IA or Archive storage to primary storage.\n\n> Amazon EFS requires that each `LifecyclePolicy` object have only a single transition. This means that in a request body, `LifecyclePolicies` needs to be structured as an array of `LifecyclePolicy` objects, one object for each transition, `TransitionToIA` , `TransitionToArchive` `TransitionToPrimaryStorageClass` . See the example requests in the following section for more information.", - "title": "LifecyclePolicies", + "markdownDescription": "The license configurations.", + "title": "LicenseSpecifications", "type": "array" }, - "PerformanceMode": { - "markdownDescription": "The performance mode of the file system. We recommend `generalPurpose` performance mode for all file systems. File systems using the `maxIO` performance mode can scale to higher levels of aggregate throughput and operations per second with a tradeoff of slightly higher latencies for most file operations. The performance mode can't be changed after the file system has been created. The `maxIO` mode is not supported on One Zone file systems.\n\n> Due to the higher per-operation latencies with Max I/O, we recommend using General Purpose performance mode for all file systems. \n\nDefault is `generalPurpose` .", - "title": "PerformanceMode", + "MetadataOptions": { + "$ref": "#/definitions/AWS::EC2::Instance.MetadataOptions", + "markdownDescription": "The metadata options for the instance.", + "title": "MetadataOptions" + }, + "Monitoring": { + "markdownDescription": "Specifies whether detailed monitoring is enabled for the instance. Specify `true` to enable detailed monitoring. Otherwise, basic monitoring is enabled. For more information about detailed monitoring, see [Enable or turn off detailed monitoring for your instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-cloudwatch-new.html) in the *Amazon EC2 User Guide* .", + "title": "Monitoring", + "type": "boolean" + }, + "NetworkInterfaces": { + "items": { + "$ref": "#/definitions/AWS::EC2::Instance.NetworkInterface" + }, + "markdownDescription": "The network interfaces to associate with the instance.\n\n> If you use this property to point to a network interface, you must terminate the original interface before attaching a new one to allow the update of the instance to succeed.\n> \n> If this resource has a public IP address and is also in a VPC that is defined in the same template, you must use the [DependsOn Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) to declare a dependency on the VPC-gateway attachment.", + "title": "NetworkInterfaces", + "type": "array" + }, + "PlacementGroupName": { + "markdownDescription": "The name of an existing placement group that you want to launch the instance into (cluster | partition | spread).", + "title": "PlacementGroupName", "type": "string" }, - "ProvisionedThroughputInMibps": { - "markdownDescription": "The throughput, measured in mebibytes per second (MiBps), that you want to provision for a file system that you're creating. Required if `ThroughputMode` is set to `provisioned` . Valid values are 1-3414 MiBps, with the upper limit depending on Region. To increase this limit, contact Support . For more information, see [Amazon EFS quotas that you can increase](https://docs.aws.amazon.com/efs/latest/ug/limits.html#soft-limits) in the *Amazon EFS User Guide* .", - "title": "ProvisionedThroughputInMibps", - "type": "number" + "PrivateDnsNameOptions": { + "$ref": "#/definitions/AWS::EC2::Instance.PrivateDnsNameOptions", + "markdownDescription": "The options for the instance hostname.", + "title": "PrivateDnsNameOptions" }, - "ReplicationConfiguration": { - "$ref": "#/definitions/AWS::EFS::FileSystem.ReplicationConfiguration", - "markdownDescription": "Describes the replication configuration for a specific file system.", - "title": "ReplicationConfiguration" + "PrivateIpAddress": { + "markdownDescription": "The primary IPv4 address. You must specify a value from the IPv4 address range of the subnet.\n\nOnly one private IP address can be designated as primary. You can't specify this option if you've specified the option to designate a private IP address as the primary IP address in a network interface specification. You cannot specify this option if you're launching more than one instance in the request.\n\nYou cannot specify this option and the network interfaces option in the same request.\n\nIf you make an update to an instance that requires replacement, you must assign a new private IP address. During a replacement, AWS CloudFormation creates a new instance but doesn't delete the old instance until the stack has successfully updated. If the stack update fails, AWS CloudFormation uses the old instance to roll back the stack to the previous working state. The old and new instances cannot have the same private IP address.", + "title": "PrivateIpAddress", + "type": "string" }, - "ThroughputMode": { - "markdownDescription": "Specifies the throughput mode for the file system. The mode can be `bursting` , `provisioned` , or `elastic` . If you set `ThroughputMode` to `provisioned` , you must also set a value for `ProvisionedThroughputInMibps` . After you create the file system, you can decrease your file system's Provisioned throughput or change between the throughput modes, with certain time restrictions. For more information, see [Specifying throughput with provisioned mode](https://docs.aws.amazon.com/efs/latest/ug/performance.html#provisioned-throughput) in the *Amazon EFS User Guide* .\n\nDefault is `bursting` .", - "title": "ThroughputMode", + "PropagateTagsToVolumeOnCreation": { + "markdownDescription": "Indicates whether to assign the tags specified in the `Tags` property to the volumes specified in the `BlockDeviceMappings` property.\n\nNote that using this feature does not assign the tags to volumes that are created separately and then attached using `AWS::EC2::VolumeAttachment` .", + "title": "PropagateTagsToVolumeOnCreation", + "type": "boolean" + }, + "RamdiskId": { + "markdownDescription": "The ID of the RAM disk to select. Some kernels require additional drivers at launch. Check the kernel requirements for information about whether you need to specify a RAM disk. To find kernel requirements, go to the AWS Resource Center and search for the kernel ID.\n\n> We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see [PV-GRUB](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) in the *Amazon EC2 User Guide* .", + "title": "RamdiskId", + "type": "string" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the security groups. You can specify the IDs of existing security groups and references to resources created by the stack template.\n\nIf you specify a network interface, you must specify any security groups as part of the network interface.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "[Default VPC] The names of the security groups. For a nondefault VPC, you must use security group IDs instead.\n\nYou cannot specify this option and the network interfaces option in the same request. The list can contain both the name of existing Amazon EC2 security groups or references to AWS::EC2::SecurityGroup resources created in the template.\n\nDefault: Amazon EC2 uses the default security group.", + "title": "SecurityGroups", + "type": "array" + }, + "SourceDestCheck": { + "markdownDescription": "Enable or disable source/destination checks, which ensure that the instance is either the source or the destination of any traffic that it receives. If the value is `true` , source/destination checks are enabled; otherwise, they are disabled. The default value is `true` . You must disable source/destination checks if the instance runs services such as network address translation, routing, or firewalls.", + "title": "SourceDestCheck", + "type": "boolean" + }, + "SsmAssociations": { + "items": { + "$ref": "#/definitions/AWS::EC2::Instance.SsmAssociation" + }, + "markdownDescription": "The SSM [document](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-document.html) and parameter values in AWS Systems Manager to associate with this instance. To use this property, you must specify an IAM instance profile role for the instance. For more information, see [Create an IAM instance profile for Systems Manager](https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-configuring-access-role.html) in the *AWS Systems Manager User Guide* .\n\n> You can associate only one document with an instance.", + "title": "SsmAssociations", + "type": "array" + }, + "SubnetId": { + "markdownDescription": "The ID of the subnet to launch the instance into.\n\nIf you specify a network interface, you must specify any subnets as part of the network interface instead of using this parameter.", + "title": "SubnetId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to add to the instance. These tags are not applied to the EBS volumes, such as the root volume, unless [PropagateTagsToVolumeOnCreation](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html#cfn-ec2-instance-propagatetagstovolumeoncreation) is `true` .", + "title": "Tags", + "type": "array" + }, + "Tenancy": { + "markdownDescription": "The tenancy of the instance. An instance with a tenancy of `dedicated` runs on single-tenant hardware.", + "title": "Tenancy", "type": "string" + }, + "UserData": { + "markdownDescription": "The parameters or scripts to store as user data. Any scripts in user data are run when you launch the instance. User data is limited to 16 KB. You must provide base64-encoded text. For more information, see [Fn::Base64](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-base64.html) .\n\nIf the root volume is an EBS volume and you update user data, CloudFormation restarts the instance. If the root volume is an instance store volume and you update user data, the instance is replaced.", + "title": "UserData", + "type": "string" + }, + "Volumes": { + "items": { + "$ref": "#/definitions/AWS::EC2::Instance.Volume" + }, + "markdownDescription": "The volumes to attach to the instance.", + "title": "Volumes", + "type": "array" } }, "type": "object" }, "Type": { "enum": [ - "AWS::EFS::FileSystem" + "AWS::EC2::Instance" ], "type": "string" }, @@ -85808,32 +91572,21 @@ ], "type": "object" }, - "AWS::EFS::FileSystem.BackupPolicy": { - "additionalProperties": false, - "properties": { - "Status": { - "markdownDescription": "Set the backup policy status for the file system.\n\n- *`ENABLED`* - Turns automatic backups on for the file system.\n- *`DISABLED`* - Turns automatic backups off for the file system.", - "title": "Status", - "type": "string" - } - }, - "required": [ - "Status" - ], - "type": "object" - }, - "AWS::EFS::FileSystem.ElasticFileSystemTag": { + "AWS::EC2::Instance.AssociationParameter": { "additionalProperties": false, "properties": { "Key": { - "markdownDescription": "The tag key (String). The key can't start with `aws:` .", + "markdownDescription": "The name of an input parameter that is in the associated SSM document.", "title": "Key", "type": "string" }, "Value": { - "markdownDescription": "The value of the tag key.", + "items": { + "type": "string" + }, + "markdownDescription": "The value of an input parameter.", "title": "Value", - "type": "string" + "type": "array" } }, "required": [ @@ -85842,94 +91595,471 @@ ], "type": "object" }, - "AWS::EFS::FileSystem.FileSystemProtection": { + "AWS::EC2::Instance.BlockDeviceMapping": { "additionalProperties": false, "properties": { - "ReplicationOverwriteProtection": { - "markdownDescription": "The status of the file system's replication overwrite protection.\n\n- `ENABLED` \u2013 The file system cannot be used as the destination file system in a replication configuration. The file system is writeable. Replication overwrite protection is `ENABLED` by default.\n- `DISABLED` \u2013 The file system can be used as the destination file system in a replication configuration. The file system is read-only and can only be modified by EFS replication.\n- `REPLICATING` \u2013 The file system is being used as the destination file system in a replication configuration. The file system is read-only and is modified only by EFS replication.\n\nIf the replication configuration is deleted, the file system's replication overwrite protection is re-enabled, the file system becomes writeable.", - "title": "ReplicationOverwriteProtection", + "DeviceName": { + "markdownDescription": "The device name (for example, `/dev/sdh` or `xvdh` ).\n\n> After the instance is running, this parameter is used to specify the device name of the block device mapping to update.", + "title": "DeviceName", + "type": "string" + }, + "Ebs": { + "$ref": "#/definitions/AWS::EC2::Instance.Ebs", + "markdownDescription": "Parameters used to automatically set up EBS volumes when the instance is launched.\n\n> After the instance is running, you can modify only the `DeleteOnTermination` parameter for the attached volumes without interrupting the instance. Modifying any other parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) .", + "title": "Ebs" + }, + "NoDevice": { + "markdownDescription": "To omit the device from the block device mapping, specify an empty string.\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", + "title": "NoDevice", + "type": "object" + }, + "VirtualName": { + "markdownDescription": "The virtual device name ( `ephemeral` N). The name must be in the form `ephemeral` *X* where *X* is a number starting from zero (0). For example, an instance type with 2 available instance store volumes can specify mappings for `ephemeral0` and `ephemeral1` . The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume.\n\nNVMe instance store volumes are automatically enumerated and assigned a device name. Including them in your block device mapping has no effect.\n\n*Constraints* : For M3 instances, you must specify instance store volumes in the block device mapping for the instance. When you launch an M3 instance, we ignore any instance store volumes specified in the block device mapping for the AMI.\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", + "title": "VirtualName", "type": "string" } }, + "required": [ + "DeviceName" + ], "type": "object" }, - "AWS::EFS::FileSystem.LifecyclePolicy": { + "AWS::EC2::Instance.CpuOptions": { "additionalProperties": false, "properties": { - "TransitionToArchive": { - "markdownDescription": "The number of days after files were last accessed in primary storage (the Standard storage class) at which to move them to Archive storage. Metadata operations such as listing the contents of a directory don't count as file access events.", - "title": "TransitionToArchive", - "type": "string" - }, - "TransitionToIA": { - "markdownDescription": "The number of days after files were last accessed in primary storage (the Standard storage class) at which to move them to Infrequent Access (IA) storage. Metadata operations such as listing the contents of a directory don't count as file access events.", - "title": "TransitionToIA", - "type": "string" + "CoreCount": { + "markdownDescription": "The number of CPU cores for the instance.", + "title": "CoreCount", + "type": "number" }, - "TransitionToPrimaryStorageClass": { - "markdownDescription": "Whether to move files back to primary (Standard) storage after they are accessed in IA or Archive storage. Metadata operations such as listing the contents of a directory don't count as file access events.", - "title": "TransitionToPrimaryStorageClass", - "type": "string" + "ThreadsPerCore": { + "markdownDescription": "The number of threads per CPU core.", + "title": "ThreadsPerCore", + "type": "number" } }, "type": "object" }, - "AWS::EFS::FileSystem.ReplicationConfiguration": { + "AWS::EC2::Instance.CreditSpecification": { "additionalProperties": false, "properties": { - "Destinations": { - "items": { - "$ref": "#/definitions/AWS::EFS::FileSystem.ReplicationDestination" - }, - "markdownDescription": "An array of destination objects. Only one destination object is supported.", - "title": "Destinations", - "type": "array" + "CPUCredits": { + "markdownDescription": "The credit option for CPU usage of the instance.\n\nValid values: `standard` | `unlimited`\n\nT3 instances with `host` tenancy do not support the `unlimited` CPU credit option.", + "title": "CPUCredits", + "type": "string" } }, "type": "object" }, - "AWS::EFS::FileSystem.ReplicationDestination": { + "AWS::EC2::Instance.Ebs": { "additionalProperties": false, "properties": { - "AvailabilityZoneName": { - "markdownDescription": "For One Zone file systems, the replication configuration must specify the Availability Zone in which the destination file system is located.\n\nUse the format `us-east-1a` to specify the Availability Zone. For more information about One Zone file systems, see [EFS file system types](https://docs.aws.amazon.com/efs/latest/ug/storage-classes.html) in the *Amazon EFS User Guide* .\n\n> One Zone file system type is not available in all Availability Zones in AWS Regions where Amazon EFS is available.", - "title": "AvailabilityZoneName", - "type": "string" + "DeleteOnTermination": { + "markdownDescription": "Indicates whether the EBS volume is deleted on instance termination. For more information, see [Preserving Amazon EBS volumes on instance termination](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#preserving-volumes-on-termination) in the *Amazon EC2 User Guide* .", + "title": "DeleteOnTermination", + "type": "boolean" }, - "FileSystemId": { - "markdownDescription": "The ID of the destination Amazon EFS file system.", - "title": "FileSystemId", - "type": "string" + "Encrypted": { + "markdownDescription": "Indicates whether the volume should be encrypted. The effect of setting the encryption state to `true` depends on the volume origin (new or from a snapshot), starting encryption state, ownership, and whether encryption by default is enabled. For more information, see [Encryption by default](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#encryption-by-default) in the *Amazon Elastic Compute Cloud User Guide* .\n\nEncrypted Amazon EBS volumes must be attached to instances that support Amazon EBS encryption. For more information, see [Supported instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#EBSEncryption_supported_instances) .\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", + "title": "Encrypted", + "type": "boolean" + }, + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS). For `gp3` , `io1` , and `io2` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n\nThe following are the supported values for each volume type:\n\n- `gp3` : 3,000-16,000 IOPS\n- `io1` : 100-64,000 IOPS\n- `io2` : 100-64,000 IOPS\n\nFor `io1` and `io2` volumes, we guarantee 64,000 IOPS only for [Instances built on the Nitro System](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances) . Other instance families guarantee performance up to 32,000 IOPS.\n\nThis parameter is required for `io1` and `io2` volumes. The default for `gp3` volumes is 3,000 IOPS. This parameter is not supported for `gp2` , `st1` , `sc1` , or `standard` volumes.\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", + "title": "Iops", + "type": "number" }, "KmsKeyId": { - "markdownDescription": "The ID of an AWS KMS key used to protect the encrypted file system.", + "markdownDescription": "The identifier of the AWS KMS key to use for Amazon EBS encryption. If `KmsKeyId` is specified, the encrypted state must be `true` . If the encrypted state is `true` but you do not specify `KmsKeyId` , your KMS key for EBS is used.\n\nYou can specify the KMS key using any of the following:\n\n- Key ID. For example, 1234abcd-12ab-34cd-56ef-1234567890ab.\n- Key alias. For example, alias/ExampleAlias.\n- Key ARN. For example, arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab.\n- Alias ARN. For example, arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias.\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", "title": "KmsKeyId", "type": "string" }, - "Region": { - "markdownDescription": "The AWS Region in which the destination file system is located.\n\n> For One Zone file systems, the replication configuration must specify the AWS Region in which the destination file system is located.", - "title": "Region", + "SnapshotId": { + "markdownDescription": "The ID of the snapshot.\n\nIf you specify both `SnapshotId` and `VolumeSize` , `VolumeSize` must be equal or greater than the size of the snapshot.\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", + "title": "SnapshotId", + "type": "string" + }, + "VolumeSize": { + "markdownDescription": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. If you specify a snapshot, the default is the snapshot size. You can specify a volume size that is equal to or larger than the snapshot size.\n\nThe following are the supported volumes sizes for each volume type:\n\n- `gp2` and `gp3` :1-16,384\n- `io1` and `io2` : 4-16,384\n- `st1` and `sc1` : 125-16,384\n- `standard` : 1-1,024\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", + "title": "VolumeSize", + "type": "number" + }, + "VolumeType": { + "markdownDescription": "The volume type. For more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) in the *Amazon EC2 User Guide* . If the volume type is `io1` or `io2` , you must specify the IOPS that the volume supports.\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", + "title": "VolumeType", "type": "string" } }, "type": "object" }, - "AWS::EFS::MountTarget": { + "AWS::EC2::Instance.ElasticGpuSpecification": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Type": { + "markdownDescription": "The type of Elastic Graphics accelerator.", + "title": "Type", "type": "string" - }, - "DependsOn": { - "anyOf": [ + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::EC2::Instance.ElasticInferenceAccelerator": { + "additionalProperties": false, + "properties": { + "Count": { + "markdownDescription": "The number of elastic inference accelerators to attach to the instance.", + "title": "Count", + "type": "number" + }, + "Type": { + "markdownDescription": "The type of elastic inference accelerator. The possible values are `eia1.medium` , `eia1.large` , `eia1.xlarge` , `eia2.medium` , `eia2.large` , and `eia2.xlarge` .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::EC2::Instance.EnaSrdSpecification": { + "additionalProperties": false, + "properties": { + "EnaSrdEnabled": { + "markdownDescription": "Indicates whether ENA Express is enabled for the network interface.", + "title": "EnaSrdEnabled", + "type": "boolean" + }, + "EnaSrdUdpSpecification": { + "$ref": "#/definitions/AWS::EC2::Instance.EnaSrdUdpSpecification", + "markdownDescription": "Configures ENA Express for UDP network traffic.", + "title": "EnaSrdUdpSpecification" + } + }, + "type": "object" + }, + "AWS::EC2::Instance.EnaSrdUdpSpecification": { + "additionalProperties": false, + "properties": { + "EnaSrdUdpEnabled": { + "markdownDescription": "Indicates whether UDP traffic to and from the instance uses ENA Express. To specify this setting, you must first enable ENA Express.", + "title": "EnaSrdUdpEnabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EC2::Instance.EnclaveOptions": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "If this parameter is set to `true` , the instance is enabled for AWS Nitro Enclaves; otherwise, it is not enabled for AWS Nitro Enclaves.", + "title": "Enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EC2::Instance.HibernationOptions": { + "additionalProperties": false, + "properties": { + "Configured": { + "markdownDescription": "Set to `true` to enable your instance for hibernation.\n\nFor Spot Instances, if you set `Configured` to `true` , either omit the `InstanceInterruptionBehavior` parameter (for [`SpotMarketOptions`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotMarketOptions.html) ), or set it to `hibernate` . When `Configured` is true:\n\n- If you omit `InstanceInterruptionBehavior` , it defaults to `hibernate` .\n- If you set `InstanceInterruptionBehavior` to a value other than `hibernate` , you'll get an error.\n\nDefault: `false`", + "title": "Configured", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EC2::Instance.InstanceIpv6Address": { + "additionalProperties": false, + "properties": { + "Ipv6Address": { + "markdownDescription": "The IPv6 address.", + "title": "Ipv6Address", + "type": "string" + } + }, + "required": [ + "Ipv6Address" + ], + "type": "object" + }, + "AWS::EC2::Instance.LaunchTemplateSpecification": { + "additionalProperties": false, + "properties": { + "LaunchTemplateId": { + "markdownDescription": "The ID of the launch template.\n\nYou must specify either the launch template ID or the launch template name, but not both.", + "title": "LaunchTemplateId", + "type": "string" + }, + "LaunchTemplateName": { + "markdownDescription": "The name of the launch template.\n\nYou must specify either the launch template ID or the launch template name, but not both.", + "title": "LaunchTemplateName", + "type": "string" + }, + "Version": { + "markdownDescription": "The version number of the launch template. You must specify this property.\n\nTo specify the default version of the template, use the `Fn::GetAtt` intrinsic function to retrieve the `DefaultVersionNumber` attribute of the launch template. To specify the latest version of the template, use `Fn::GetAtt` to retrieve the `LatestVersionNumber` attribute. For more information, see [AWS::EC2:LaunchTemplate return values for Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html#aws-resource-ec2-launchtemplate-return-values-fn--getatt) .", + "title": "Version", + "type": "string" + } + }, + "required": [ + "Version" + ], + "type": "object" + }, + "AWS::EC2::Instance.LicenseSpecification": { + "additionalProperties": false, + "properties": { + "LicenseConfigurationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the license configuration.", + "title": "LicenseConfigurationArn", + "type": "string" + } + }, + "required": [ + "LicenseConfigurationArn" + ], + "type": "object" + }, + "AWS::EC2::Instance.MetadataOptions": { + "additionalProperties": false, + "properties": { + "HttpEndpoint": { + "markdownDescription": "Enables or disables the HTTP metadata endpoint on your instances.\n\nIf you specify a value of `disabled` , you cannot access your instance metadata.\n\nDefault: `enabled`", + "title": "HttpEndpoint", + "type": "string" + }, + "HttpProtocolIpv6": { + "markdownDescription": "Enables or disables the IPv6 endpoint for the instance metadata service.\n\nDefault: `disabled`", + "title": "HttpProtocolIpv6", + "type": "string" + }, + "HttpPutResponseHopLimit": { + "markdownDescription": "The maximum number of hops that the metadata token can travel.\n\nPossible values: Integers from 1 to 64", + "title": "HttpPutResponseHopLimit", + "type": "number" + }, + "HttpTokens": { + "markdownDescription": "Indicates whether IMDSv2 is required.\n\n- `optional` - IMDSv2 is optional, which means that you can use either IMDSv2 or IMDSv1.\n- `required` - IMDSv2 is required, which means that IMDSv1 is disabled, and you must use IMDSv2.\n\nDefault:\n\n- If the value of `ImdsSupport` for the Amazon Machine Image (AMI) for your instance is `v2.0` and the account level default is set to `no-preference` , the default is `required` .\n- If the value of `ImdsSupport` for the Amazon Machine Image (AMI) for your instance is `v2.0` , but the account level default is set to `V1 or V2` , the default is `optional` .\n\nThe default value can also be affected by other combinations of parameters. For more information, see [Order of precedence for instance metadata options](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-options.html#instance-metadata-options-order-of-precedence) in the *Amazon EC2 User Guide* .", + "title": "HttpTokens", + "type": "string" + }, + "InstanceMetadataTags": { + "markdownDescription": "Set to `enabled` to allow access to instance tags from the instance metadata. Set to `disabled` to turn off access to instance tags from the instance metadata. For more information, see [Work with instance tags using the instance metadata](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#work-with-tags-in-IMDS) .\n\nDefault: `disabled`", + "title": "InstanceMetadataTags", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::Instance.NetworkInterface": { + "additionalProperties": false, + "properties": { + "AssociateCarrierIpAddress": { + "markdownDescription": "Indicates whether to assign a carrier IP address to the network interface.\n\nYou can only assign a carrier IP address to a network interface that is in a subnet in a Wavelength Zone. For more information about carrier IP addresses, see [Carrier IP address](https://docs.aws.amazon.com/wavelength/latest/developerguide/how-wavelengths-work.html#provider-owned-ip) in the *AWS Wavelength Developer Guide* .", + "title": "AssociateCarrierIpAddress", + "type": "boolean" + }, + "AssociatePublicIpAddress": { + "markdownDescription": "Indicates whether to assign a public IPv4 address to an instance. Applies only if creating a network interface when launching an instance. The network interface must be the primary network interface. If launching into a default subnet, the default value is `true` .\n\nAWS charges for all public IPv4 addresses, including public IPv4 addresses associated with running instances and Elastic IP addresses. For more information, see the *Public IPv4 Address* tab on the [VPC pricing page](https://docs.aws.amazon.com/vpc/pricing/) .", + "title": "AssociatePublicIpAddress", + "type": "boolean" + }, + "DeleteOnTermination": { + "markdownDescription": "Indicates whether the network interface is deleted when the instance is terminated. Applies only if creating a network interface when launching an instance.", + "title": "DeleteOnTermination", + "type": "boolean" + }, + "Description": { + "markdownDescription": "The description of the network interface. Applies only if creating a network interface when launching an instance.", + "title": "Description", + "type": "string" + }, + "DeviceIndex": { + "markdownDescription": "The position of the network interface in the attachment order. A primary network interface has a device index of 0.\n\nIf you create a network interface when launching an instance, you must specify the device index.", + "title": "DeviceIndex", + "type": "string" + }, + "EnaSrdSpecification": { + "$ref": "#/definitions/AWS::EC2::Instance.EnaSrdSpecification", + "markdownDescription": "Configures ENA Express for UDP network traffic.", + "title": "EnaSrdSpecification" + }, + "GroupSet": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the security groups for the network interface. Applies only if creating a network interface when launching an instance.", + "title": "GroupSet", + "type": "array" + }, + "Ipv6AddressCount": { + "markdownDescription": "A number of IPv6 addresses to assign to the network interface. Amazon EC2 chooses the IPv6 addresses from the range of the subnet. You cannot specify this option and the option to assign specific IPv6 addresses in the same request. You can specify this option if you've specified a minimum number of instances to launch.", + "title": "Ipv6AddressCount", + "type": "number" + }, + "Ipv6Addresses": { + "items": { + "$ref": "#/definitions/AWS::EC2::Instance.InstanceIpv6Address" + }, + "markdownDescription": "The IPv6 addresses to assign to the network interface. You cannot specify this option and the option to assign a number of IPv6 addresses in the same request. You cannot specify this option if you've specified a minimum number of instances to launch.", + "title": "Ipv6Addresses", + "type": "array" + }, + "NetworkInterfaceId": { + "markdownDescription": "The ID of the network interface, when attaching an existing network interface.", + "title": "NetworkInterfaceId", + "type": "string" + }, + "PrivateIpAddress": { + "markdownDescription": "The private IPv4 address of the network interface. Applies only if creating a network interface when launching an instance.", + "title": "PrivateIpAddress", + "type": "string" + }, + "PrivateIpAddresses": { + "items": { + "$ref": "#/definitions/AWS::EC2::Instance.PrivateIpAddressSpecification" + }, + "markdownDescription": "One or more private IPv4 addresses to assign to the network interface. Only one private IPv4 address can be designated as primary.", + "title": "PrivateIpAddresses", + "type": "array" + }, + "SecondaryPrivateIpAddressCount": { + "markdownDescription": "The number of secondary private IPv4 addresses. You can't specify this option and specify more than one private IP address using the private IP addresses option.", + "title": "SecondaryPrivateIpAddressCount", + "type": "number" + }, + "SubnetId": { + "markdownDescription": "The ID of the subnet associated with the network interface.", + "title": "SubnetId", + "type": "string" + } + }, + "required": [ + "DeviceIndex" + ], + "type": "object" + }, + "AWS::EC2::Instance.PrivateDnsNameOptions": { + "additionalProperties": false, + "properties": { + "EnableResourceNameDnsAAAARecord": { + "markdownDescription": "Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .", + "title": "EnableResourceNameDnsAAAARecord", + "type": "boolean" + }, + "EnableResourceNameDnsARecord": { + "markdownDescription": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .", + "title": "EnableResourceNameDnsARecord", + "type": "boolean" + }, + "HostnameType": { + "markdownDescription": "The type of hostnames to assign to instances in the subnet at launch. For IPv4 only subnets, an instance DNS name must be based on the instance IPv4 address. For IPv6 only subnets, an instance DNS name must be based on the instance ID. For dual-stack subnets, you can specify whether DNS names use the instance IPv4 address or the instance ID. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .", + "title": "HostnameType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::Instance.PrivateIpAddressSpecification": { + "additionalProperties": false, + "properties": { + "Primary": { + "markdownDescription": "Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.", + "title": "Primary", + "type": "boolean" + }, + "PrivateIpAddress": { + "markdownDescription": "The private IPv4 address.", + "title": "PrivateIpAddress", + "type": "string" + } + }, + "required": [ + "Primary", + "PrivateIpAddress" + ], + "type": "object" + }, + "AWS::EC2::Instance.SsmAssociation": { + "additionalProperties": false, + "properties": { + "AssociationParameters": { + "items": { + "$ref": "#/definitions/AWS::EC2::Instance.AssociationParameter" + }, + "markdownDescription": "The input parameter values to use with the associated SSM document.", + "title": "AssociationParameters", + "type": "array" + }, + "DocumentName": { + "markdownDescription": "The name of an SSM document to associate with the instance.", + "title": "DocumentName", + "type": "string" + } + }, + "required": [ + "DocumentName" + ], + "type": "object" + }, + "AWS::EC2::Instance.State": { + "additionalProperties": false, + "properties": { + "Code": { + "markdownDescription": "The state of the instance as a 16-bit unsigned integer.\n\nThe high byte is all of the bits between 2^8 and (2^16)-1, which equals decimal values between 256 and 65,535. These numerical values are used for internal purposes and should be ignored.\n\nThe low byte is all of the bits between 2^0 and (2^8)-1, which equals decimal values between 0 and 255.\n\nThe valid values for instance-state-code will all be in the range of the low byte and they are:\n\n- `0` : `pending`\n- `16` : `running`\n- `32` : `shutting-down`\n- `48` : `terminated`\n- `64` : `stopping`\n- `80` : `stopped`\n\nYou can ignore the high byte value by zeroing out all of the bits above 2^8 or 256 in decimal.", + "title": "Code", + "type": "string" + }, + "Name": { + "markdownDescription": "The current state of the instance.", + "title": "Name", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::Instance.Volume": { + "additionalProperties": false, + "properties": { + "Device": { + "markdownDescription": "The device name (for example, `/dev/sdh` or `xvdh` ).", + "title": "Device", + "type": "string" + }, + "VolumeId": { + "markdownDescription": "The ID of the EBS volume. The volume and instance must be within the same Availability Zone.", + "title": "VolumeId", + "type": "string" + } + }, + "required": [ + "Device", + "VolumeId" + ], + "type": "object" + }, + "AWS::EC2::InstanceConnectEndpoint": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" @@ -85949,40 +92079,46 @@ "Properties": { "additionalProperties": false, "properties": { - "FileSystemId": { - "markdownDescription": "The ID of the file system for which to create the mount target.", - "title": "FileSystemId", + "ClientToken": { + "markdownDescription": "Unique, case-sensitive identifier that you provide to ensure the idempotency of the request.", + "title": "ClientToken", "type": "string" }, - "IpAddress": { - "markdownDescription": "Valid IPv4 address within the address range of the specified subnet.", - "title": "IpAddress", - "type": "string" + "PreserveClientIp": { + "markdownDescription": "Indicates whether the client IP address is preserved as the source. The following are the possible values.\n\n- `true` - Use the client IP address as the source.\n- `false` - Use the network interface IP address as the source.\n\n> `PreserveClientIp` is only supported on IPv4 EC2 Instance Connect Endpoints. To use `PreserveClientIp` , the value for `IpAddressType` must be `ipv4` . \n\nDefault: `false`", + "title": "PreserveClientIp", + "type": "boolean" }, - "SecurityGroups": { + "SecurityGroupIds": { "items": { "type": "string" }, - "markdownDescription": "VPC security group IDs, of the form `sg-xxxxxxxx` . These must be for the same VPC as the subnet specified. The maximum number of security groups depends on account quota. For more information, see [Amazon VPC Quotas](https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html) in the *Amazon VPC User Guide* (see the *Security Groups* table).", - "title": "SecurityGroups", + "markdownDescription": "One or more security groups to associate with the endpoint. If you don't specify a security group, the default security group for your VPC will be associated with the endpoint.", + "title": "SecurityGroupIds", "type": "array" }, "SubnetId": { - "markdownDescription": "The ID of the subnet to add the mount target in. For One Zone file systems, use the subnet that is associated with the file system's Availability Zone.", + "markdownDescription": "The ID of the subnet in which to create the EC2 Instance Connect Endpoint.", "title": "SubnetId", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to apply to the EC2 Instance Connect Endpoint during creation.", + "title": "Tags", + "type": "array" } }, "required": [ - "FileSystemId", - "SecurityGroups", "SubnetId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EFS::MountTarget" + "AWS::EC2::InstanceConnectEndpoint" ], "type": "string" }, @@ -86001,7 +92137,7 @@ ], "type": "object" }, - "AWS::EKS::AccessEntry": { + "AWS::EC2::InternetGateway": { "additionalProperties": false, "properties": { "Condition": { @@ -86036,60 +92172,20 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessPolicies": { - "items": { - "$ref": "#/definitions/AWS::EKS::AccessEntry.AccessPolicy" - }, - "markdownDescription": "The access policies to associate to the access entry.", - "title": "AccessPolicies", - "type": "array" - }, - "ClusterName": { - "markdownDescription": "The name of your cluster.", - "title": "ClusterName", - "type": "string" - }, - "KubernetesGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "The value for `name` that you've specified for `kind: Group` as a `subject` in a Kubernetes `RoleBinding` or `ClusterRoleBinding` object. Amazon EKS doesn't confirm that the value for `name` exists in any bindings on your cluster. You can specify one or more names.\n\nKubernetes authorizes the `principalArn` of the access entry to access any cluster objects that you've specified in a Kubernetes `Role` or `ClusterRole` object that is also specified in a binding's `roleRef` . For more information about creating Kubernetes `RoleBinding` , `ClusterRoleBinding` , `Role` , or `ClusterRole` objects, see [Using RBAC Authorization in the Kubernetes documentation](https://docs.aws.amazon.com/https://kubernetes.io/docs/reference/access-authn-authz/rbac/) .\n\nIf you want Amazon EKS to authorize the `principalArn` (instead of, or in addition to Kubernetes authorizing the `principalArn` ), you can associate one or more access policies to the access entry using `AssociateAccessPolicy` . If you associate any access policies, the `principalARN` has all permissions assigned in the associated access policies and all permissions in any Kubernetes `Role` or `ClusterRole` objects that the group names are bound to.", - "title": "KubernetesGroups", - "type": "array" - }, - "PrincipalArn": { - "markdownDescription": "The ARN of the IAM principal for the `AccessEntry` . You can specify one ARN for each access entry. You can't specify the same ARN in more than one access entry. This value can't be changed after access entry creation.\n\nThe valid principals differ depending on the type of the access entry in the `type` field. For `STANDARD` access entries, you can use every IAM principal type. For nodes ( `EC2` (for EKS Auto Mode), `EC2_LINUX` , `EC2_WINDOWS` , `FARGATE_LINUX` , and `HYBRID_LINUX` ), the only valid ARN is IAM roles. You can't use the STS session principal type with access entries because this is a temporary principal for each session and not a permanent identity that can be assigned permissions.\n\n[IAM best practices](https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#bp-users-federation-idp) recommend using IAM roles with temporary credentials, rather than IAM users with long-term credentials.", - "title": "PrincipalArn", - "type": "string" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or AWS resources.", + "markdownDescription": "Any tags to assign to the internet gateway.", "title": "Tags", "type": "array" - }, - "Type": { - "markdownDescription": "The type of the new access entry. Valid values are `STANDARD` , `FARGATE_LINUX` , `EC2_LINUX` , `EC2_WINDOWS` , `EC2` (for EKS Auto Mode), `HYBRID_LINUX` , and `HYPERPOD_LINUX` .\n\nIf the `principalArn` is for an IAM role that's used for self-managed Amazon EC2 nodes, specify `EC2_LINUX` or `EC2_WINDOWS` . Amazon EKS grants the necessary permissions to the node for you. If the `principalArn` is for any other purpose, specify `STANDARD` . If you don't specify a value, Amazon EKS sets the value to `STANDARD` . If you have the access mode of the cluster set to `API_AND_CONFIG_MAP` , it's unnecessary to create access entries for IAM roles used with Fargate profiles or managed Amazon EC2 nodes, because Amazon EKS creates entries in the `aws-auth` `ConfigMap` for the roles. You can't change this value once you've created the access entry.\n\nIf you set the value to `EC2_LINUX` or `EC2_WINDOWS` , you can't specify values for `kubernetesGroups` , or associate an `AccessPolicy` to the access entry.", - "title": "Type", - "type": "string" - }, - "Username": { - "markdownDescription": "The username to authenticate to Kubernetes with. We recommend not specifying a username and letting Amazon EKS specify it for you. For more information about the value Amazon EKS specifies for you, or constraints before specifying your own username, see [Creating access entries](https://docs.aws.amazon.com/eks/latest/userguide/access-entries.html#creating-access-entries) in the *Amazon EKS User Guide* .", - "title": "Username", - "type": "string" } }, - "required": [ - "ClusterName", - "PrincipalArn" - ], "type": "object" }, "Type": { "enum": [ - "AWS::EKS::AccessEntry" + "AWS::EC2::InternetGateway" ], "type": "string" }, @@ -86102,55 +92198,12 @@ "type": "string" } }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::EKS::AccessEntry.AccessPolicy": { - "additionalProperties": false, - "properties": { - "AccessScope": { - "$ref": "#/definitions/AWS::EKS::AccessEntry.AccessScope", - "markdownDescription": "The scope of an `AccessPolicy` that's associated to an `AccessEntry` .", - "title": "AccessScope" - }, - "PolicyArn": { - "markdownDescription": "The ARN of the access policy.", - "title": "PolicyArn", - "type": "string" - } - }, - "required": [ - "AccessScope", - "PolicyArn" - ], - "type": "object" - }, - "AWS::EKS::AccessEntry.AccessScope": { - "additionalProperties": false, - "properties": { - "Namespaces": { - "items": { - "type": "string" - }, - "markdownDescription": "A Kubernetes `namespace` that an access policy is scoped to. A value is required if you specified `namespace` for `Type` .", - "title": "Namespaces", - "type": "array" - }, - "Type": { - "markdownDescription": "The scope type of an access policy.", - "title": "Type", - "type": "string" - } - }, "required": [ "Type" ], "type": "object" }, - "AWS::EKS::Addon": { + "AWS::EC2::KeyPair": { "additionalProperties": false, "properties": { "Condition": { @@ -86185,59 +92238,43 @@ "Properties": { "additionalProperties": false, "properties": { - "AddonName": { - "markdownDescription": "The name of the add-on.", - "title": "AddonName", - "type": "string" - }, - "AddonVersion": { - "markdownDescription": "The version of the add-on.", - "title": "AddonVersion", - "type": "string" - }, - "ClusterName": { - "markdownDescription": "The name of your cluster.", - "title": "ClusterName", + "KeyFormat": { + "markdownDescription": "The format of the key pair.\n\nDefault: `pem`", + "title": "KeyFormat", "type": "string" }, - "ConfigurationValues": { - "markdownDescription": "The configuration values that you provided.", - "title": "ConfigurationValues", + "KeyName": { + "markdownDescription": "A unique name for the key pair.\n\nConstraints: Up to 255 ASCII characters", + "title": "KeyName", "type": "string" }, - "PreserveOnDelete": { - "markdownDescription": "Specifying this option preserves the add-on software on your cluster but Amazon EKS stops managing any settings for the add-on. If an IAM account is associated with the add-on, it isn't removed.", - "title": "PreserveOnDelete", - "type": "boolean" - }, - "ResolveConflicts": { - "markdownDescription": "How to resolve field value conflicts for an Amazon EKS add-on. Conflicts are handled based on the value you choose:\n\n- *None* \u2013 If the self-managed version of the add-on is installed on your cluster, Amazon EKS doesn't change the value. Creation of the add-on might fail.\n- *Overwrite* \u2013 If the self-managed version of the add-on is installed on your cluster and the Amazon EKS default value is different than the existing value, Amazon EKS changes the value to the Amazon EKS default value.\n- *Preserve* \u2013 This is similar to the NONE option. If the self-managed version of the add-on is installed on your cluster Amazon EKS doesn't change the add-on resource properties. Creation of the add-on might fail if conflicts are detected. This option works differently during the update operation. For more information, see [`UpdateAddon`](https://docs.aws.amazon.com/eks/latest/APIReference/API_UpdateAddon.html) .\n\nIf you don't currently have the self-managed version of the add-on installed on your cluster, the Amazon EKS add-on is installed. Amazon EKS sets all values to default values, regardless of the option that you specify.", - "title": "ResolveConflicts", + "KeyType": { + "markdownDescription": "The type of key pair. Note that ED25519 keys are not supported for Windows instances.\n\nIf the `PublicKeyMaterial` property is specified, the `KeyType` property is ignored, and the key type is inferred from the `PublicKeyMaterial` value.\n\nDefault: `rsa`", + "title": "KeyType", "type": "string" }, - "ServiceAccountRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an existing IAM role to bind to the add-on's service account. The role must be assigned the IAM permissions required by the add-on. If you don't specify an existing IAM role, then the add-on uses the permissions assigned to the node IAM role. For more information, see [Amazon EKS node IAM role](https://docs.aws.amazon.com/eks/latest/userguide/create-node-role.html) in the *Amazon EKS User Guide* .\n\n> To specify an existing IAM role, you must have an IAM OpenID Connect (OIDC) provider created for your cluster. For more information, see [Enabling IAM roles for service accounts on your cluster](https://docs.aws.amazon.com/eks/latest/userguide/enable-iam-roles-for-service-accounts.html) in the *Amazon EKS User Guide* .", - "title": "ServiceAccountRoleArn", + "PublicKeyMaterial": { + "markdownDescription": "The public key material. The `PublicKeyMaterial` property is used to import a key pair. If this property is not specified, then a new key pair will be created.", + "title": "PublicKeyMaterial", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The metadata that you apply to the add-on to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Add-on tags do not propagate to any other resources associated with the cluster.", + "markdownDescription": "The tags to apply to the key pair.", "title": "Tags", "type": "array" } }, "required": [ - "AddonName", - "ClusterName" + "KeyName" ], "type": "object" }, "Type": { "enum": [ - "AWS::EKS::Addon" + "AWS::EC2::KeyPair" ], "type": "string" }, @@ -86256,7 +92293,7 @@ ], "type": "object" }, - "AWS::EKS::Cluster": { + "AWS::EC2::LaunchTemplate": { "additionalProperties": false, "properties": { "Condition": { @@ -86291,72 +92328,38 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessConfig": { - "$ref": "#/definitions/AWS::EKS::Cluster.AccessConfig", - "markdownDescription": "The access configuration for the cluster.", - "title": "AccessConfig" - }, - "EncryptionConfig": { - "items": { - "$ref": "#/definitions/AWS::EKS::Cluster.EncryptionConfig" - }, - "markdownDescription": "The encryption configuration for the cluster.", - "title": "EncryptionConfig", - "type": "array" - }, - "KubernetesNetworkConfig": { - "$ref": "#/definitions/AWS::EKS::Cluster.KubernetesNetworkConfig", - "markdownDescription": "The Kubernetes network configuration for the cluster.", - "title": "KubernetesNetworkConfig" - }, - "Logging": { - "$ref": "#/definitions/AWS::EKS::Cluster.Logging", - "markdownDescription": "The logging configuration for your cluster.", - "title": "Logging" - }, - "Name": { - "markdownDescription": "The unique name to give to your cluster. The name can contain only alphanumeric characters (case-sensitive) and hyphens. It must start with an alphanumeric character and can't be longer than 100 characters. The name must be unique within the AWS Region and AWS account that you're creating the cluster in. Note that underscores can't be used in AWS CloudFormation .", - "title": "Name", - "type": "string" - }, - "OutpostConfig": { - "$ref": "#/definitions/AWS::EKS::Cluster.OutpostConfig", - "markdownDescription": "An object representing the configuration of your local Amazon EKS cluster on an AWS Outpost. This object isn't available for clusters on the AWS cloud.", - "title": "OutpostConfig" - }, - "ResourcesVpcConfig": { - "$ref": "#/definitions/AWS::EKS::Cluster.ResourcesVpcConfig", - "markdownDescription": "The VPC configuration that's used by the cluster control plane. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see [Cluster VPC Considerations](https://docs.aws.amazon.com/eks/latest/userguide/network_reqs.html) and [Cluster Security Group Considerations](https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html) in the *Amazon EKS User Guide* . You must specify at least two subnets. You can specify up to five security groups, but we recommend that you use a dedicated security group for your cluster control plane.", - "title": "ResourcesVpcConfig" + "LaunchTemplateData": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.LaunchTemplateData", + "markdownDescription": "The information for the launch template.", + "title": "LaunchTemplateData" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf. For more information, see [Amazon EKS Service IAM Role](https://docs.aws.amazon.com/eks/latest/userguide/service_IAM_role.html) in the **Amazon EKS User Guide** .", - "title": "RoleArn", + "LaunchTemplateName": { + "markdownDescription": "A name for the launch template.", + "title": "LaunchTemplateName", "type": "string" }, - "Tags": { + "TagSpecifications": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.LaunchTemplateTagSpecification" }, - "markdownDescription": "The metadata that you apply to the cluster to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Cluster tags don't propagate to any other resources associated with the cluster.\n\n> You must have the `eks:TagResource` and `eks:UntagResource` permissions for your [IAM principal](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html) to manage the AWS CloudFormation stack. If you don't have these permissions, there might be unexpected behavior with stack-level tags propagating to the resource during resource creation and update.", - "title": "Tags", + "markdownDescription": "The tags to apply to the launch template on creation. To tag the launch template, the resource type must be `launch-template` .\n\nTo specify the tags for resources that are created during instance launch, use [TagSpecifications](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-launchtemplatedata.html#cfn-ec2-launchtemplate-launchtemplatedata-tagspecifications) .", + "title": "TagSpecifications", "type": "array" }, - "Version": { - "markdownDescription": "The desired Kubernetes version for your cluster. If you don't specify a value here, the default version available in Amazon EKS is used.\n\n> The default version might not be the latest version available.", - "title": "Version", + "VersionDescription": { + "markdownDescription": "A description for the first version of the launch template.", + "title": "VersionDescription", "type": "string" } }, "required": [ - "ResourcesVpcConfig", - "RoleArn" + "LaunchTemplateData" ], "type": "object" }, "Type": { "enum": [ - "AWS::EKS::Cluster" + "AWS::EC2::LaunchTemplate" ], "type": "string" }, @@ -86375,1986 +92378,1856 @@ ], "type": "object" }, - "AWS::EKS::Cluster.AccessConfig": { + "AWS::EC2::LaunchTemplate.AcceleratorCount": { "additionalProperties": false, "properties": { - "AuthenticationMode": { - "markdownDescription": "The desired authentication mode for the cluster. If you create a cluster by using the EKS API, AWS SDKs, or AWS CloudFormation , the default is `CONFIG_MAP` . If you create the cluster by using the AWS Management Console , the default value is `API_AND_CONFIG_MAP` .", - "title": "AuthenticationMode", - "type": "string" + "Max": { + "markdownDescription": "The maximum number of accelerators. To specify no maximum limit, omit this parameter. To exclude accelerator-enabled instance types, set `Max` to `0` .", + "title": "Max", + "type": "number" }, - "BootstrapClusterCreatorAdminPermissions": { - "markdownDescription": "Specifies whether or not the cluster creator IAM principal was set as a cluster admin access entry during cluster creation time. The default value is `true` .", - "title": "BootstrapClusterCreatorAdminPermissions", - "type": "boolean" + "Min": { + "markdownDescription": "The minimum number of accelerators. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" } }, "type": "object" }, - "AWS::EKS::Cluster.ClusterLogging": { + "AWS::EC2::LaunchTemplate.AcceleratorTotalMemoryMiB": { "additionalProperties": false, "properties": { - "EnabledTypes": { - "items": { - "$ref": "#/definitions/AWS::EKS::Cluster.LoggingTypeConfig" - }, - "markdownDescription": "The enabled control plane logs for your cluster. All log types are disabled if the array is empty.\n\n> When updating a resource, you must include this `EnabledTypes` property if the previous CloudFormation template of the resource had it.", - "title": "EnabledTypes", - "type": "array" + "Max": { + "markdownDescription": "The maximum amount of accelerator memory, in MiB. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The minimum amount of accelerator memory, in MiB. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" } }, "type": "object" }, - "AWS::EKS::Cluster.ControlPlanePlacement": { + "AWS::EC2::LaunchTemplate.BaselineEbsBandwidthMbps": { "additionalProperties": false, "properties": { - "GroupName": { - "markdownDescription": "The name of the placement group for the Kubernetes control plane instances. This property is only used for a local cluster on an AWS Outpost.", - "title": "GroupName", - "type": "string" + "Max": { + "markdownDescription": "The maximum baseline bandwidth, in Mbps. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The minimum baseline bandwidth, in Mbps. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" } }, "type": "object" }, - "AWS::EKS::Cluster.EncryptionConfig": { + "AWS::EC2::LaunchTemplate.BaselinePerformanceFactors": { "additionalProperties": false, "properties": { - "Provider": { - "$ref": "#/definitions/AWS::EKS::Cluster.Provider", - "markdownDescription": "The encryption provider for the cluster.", - "title": "Provider" - }, - "Resources": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the resources to be encrypted. The only supported value is `secrets` .", - "title": "Resources", - "type": "array" + "Cpu": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Cpu", + "markdownDescription": "The CPU performance to consider, using an instance family as the baseline reference.", + "title": "Cpu" } }, "type": "object" }, - "AWS::EKS::Cluster.KubernetesNetworkConfig": { + "AWS::EC2::LaunchTemplate.BlockDeviceMapping": { "additionalProperties": false, "properties": { - "IpFamily": { - "markdownDescription": "Specify which IP family is used to assign Kubernetes pod and service IP addresses. If you don't specify a value, `ipv4` is used by default. You can only specify an IP family when you create a cluster and can't change this value once the cluster is created. If you specify `ipv6` , the VPC and subnets that you specify for cluster creation must have both `IPv4` and `IPv6` CIDR blocks assigned to them. You can't specify `ipv6` for clusters in China Regions.\n\nYou can only specify `ipv6` for `1.21` and later clusters that use version `1.10.1` or later of the Amazon VPC CNI add-on. If you specify `ipv6` , then ensure that your VPC meets the requirements listed in the considerations listed in [Assigning IPv6 addresses to pods and services](https://docs.aws.amazon.com/eks/latest/userguide/cni-ipv6.html) in the *Amazon EKS User Guide* . Kubernetes assigns services `IPv6` addresses from the unique local address range `(fc00::/7)` . You can't specify a custom `IPv6` CIDR block. Pod addresses are assigned from the subnet's `IPv6` CIDR.", - "title": "IpFamily", + "DeviceName": { + "markdownDescription": "The device name (for example, /dev/sdh or xvdh).", + "title": "DeviceName", "type": "string" }, - "ServiceIpv4Cidr": { - "markdownDescription": "Don't specify a value if you select `ipv6` for *ipFamily* . The CIDR block to assign Kubernetes service IP addresses from. If you don't specify a block, Kubernetes assigns addresses from either the `10.100.0.0/16` or `172.20.0.0/16` CIDR blocks. We recommend that you specify a block that does not overlap with resources in other networks that are peered or connected to your VPC. The block must meet the following requirements:\n\n- Within one of the following private IP address blocks: `10.0.0.0/8` , `172.16.0.0/12` , or `192.168.0.0/16` .\n- Doesn't overlap with any CIDR block assigned to the VPC that you selected for VPC.\n- Between `/24` and `/12` .\n\n> You can only specify a custom CIDR block when you create a cluster. You can't change this value after the cluster is created.", - "title": "ServiceIpv4Cidr", + "Ebs": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Ebs", + "markdownDescription": "Parameters used to automatically set up EBS volumes when the instance is launched.", + "title": "Ebs" + }, + "NoDevice": { + "markdownDescription": "To omit the device from the block device mapping, specify an empty string.", + "title": "NoDevice", "type": "string" }, - "ServiceIpv6Cidr": { - "markdownDescription": "The CIDR block that Kubernetes pod and service IP addresses are assigned from if you created a 1.21 or later cluster with version 1.10.1 or later of the Amazon VPC CNI add-on and specified `ipv6` for *ipFamily* when you created the cluster. Kubernetes assigns service addresses from the unique local address range ( `fc00::/7` ) because you can't specify a custom IPv6 CIDR block when you create the cluster.", - "title": "ServiceIpv6Cidr", + "VirtualName": { + "markdownDescription": "The virtual device name (ephemeralN). Instance store volumes are numbered starting from 0. An instance type with 2 available instance store volumes can specify mappings for ephemeral0 and ephemeral1. The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume.", + "title": "VirtualName", "type": "string" } }, "type": "object" }, - "AWS::EKS::Cluster.Logging": { + "AWS::EC2::LaunchTemplate.CapacityReservationSpecification": { "additionalProperties": false, "properties": { - "ClusterLogging": { - "$ref": "#/definitions/AWS::EKS::Cluster.ClusterLogging", - "markdownDescription": "The cluster control plane logging configuration for your cluster.", - "title": "ClusterLogging" + "CapacityReservationPreference": { + "markdownDescription": "Indicates the instance's Capacity Reservation preferences. Possible preferences include:\n\n- `capacity-reservations-only` - The instance will only run in a Capacity Reservation or Capacity Reservation group. If capacity isn't available, the instance will fail to launch.\n- `open` - The instance can run in any `open` Capacity Reservation that has matching attributes (instance type, platform, Availability Zone, tenancy).\n- `none` - The instance avoids running in a Capacity Reservation even if one is available. The instance runs in On-Demand capacity.", + "title": "CapacityReservationPreference", + "type": "string" + }, + "CapacityReservationTarget": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.CapacityReservationTarget", + "markdownDescription": "Information about the target Capacity Reservation or Capacity Reservation group.", + "title": "CapacityReservationTarget" } }, "type": "object" }, - "AWS::EKS::Cluster.LoggingTypeConfig": { + "AWS::EC2::LaunchTemplate.CapacityReservationTarget": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The name of the log type.", - "title": "Type", + "CapacityReservationId": { + "markdownDescription": "The ID of the Capacity Reservation in which to run the instance.", + "title": "CapacityReservationId", + "type": "string" + }, + "CapacityReservationResourceGroupArn": { + "markdownDescription": "The ARN of the Capacity Reservation resource group in which to run the instance.", + "title": "CapacityReservationResourceGroupArn", "type": "string" } }, "type": "object" }, - "AWS::EKS::Cluster.OutpostConfig": { + "AWS::EC2::LaunchTemplate.ConnectionTrackingSpecification": { "additionalProperties": false, "properties": { - "ControlPlaneInstanceType": { - "markdownDescription": "The Amazon EC2 instance type that you want to use for your local Amazon EKS cluster on Outposts. Choose an instance type based on the number of nodes that your cluster will have. For more information, see [Capacity considerations](https://docs.aws.amazon.com/eks/latest/userguide/eks-outposts-capacity-considerations.html) in the *Amazon EKS User Guide* .\n\nThe instance type that you specify is used for all Kubernetes control plane instances. The instance type can't be changed after cluster creation. The control plane is not automatically scaled by Amazon EKS.", - "title": "ControlPlaneInstanceType", - "type": "string" + "TcpEstablishedTimeout": { + "markdownDescription": "Timeout (in seconds) for idle TCP connections in an established state. Min: 60 seconds. Max: 432000 seconds (5 days). Default: 432000 seconds. Recommended: Less than 432000 seconds.", + "title": "TcpEstablishedTimeout", + "type": "number" }, - "ControlPlanePlacement": { - "$ref": "#/definitions/AWS::EKS::Cluster.ControlPlanePlacement", - "markdownDescription": "An object representing the placement configuration for all the control plane instances of your local Amazon EKS cluster on an AWS Outpost. For more information, see [Capacity considerations](https://docs.aws.amazon.com/eks/latest/userguide/eks-outposts-capacity-considerations.html) in the *Amazon EKS User Guide* .", - "title": "ControlPlanePlacement" + "UdpStreamTimeout": { + "markdownDescription": "Timeout (in seconds) for idle UDP flows classified as streams which have seen more than one request-response transaction. Min: 60 seconds. Max: 180 seconds (3 minutes). Default: 180 seconds.", + "title": "UdpStreamTimeout", + "type": "number" }, - "OutpostArns": { + "UdpTimeout": { + "markdownDescription": "Timeout (in seconds) for idle UDP flows that have seen traffic only in a single direction or a single request-response transaction. Min: 30 seconds. Max: 60 seconds. Default: 30 seconds.", + "title": "UdpTimeout", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::LaunchTemplate.Cpu": { + "additionalProperties": false, + "properties": { + "References": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Reference" }, - "markdownDescription": "The ARN of the Outpost that you want to use for your local Amazon EKS cluster on Outposts. Only a single Outpost ARN is supported.", - "title": "OutpostArns", + "markdownDescription": "The instance family to use as the baseline reference for CPU performance. All instance types that match your specified attributes are compared against the CPU performance of the referenced instance family, regardless of CPU manufacturer or architecture differences.", + "title": "References", "type": "array" } }, - "required": [ - "ControlPlaneInstanceType", - "OutpostArns" - ], "type": "object" }, - "AWS::EKS::Cluster.Provider": { + "AWS::EC2::LaunchTemplate.CpuOptions": { "additionalProperties": false, "properties": { - "KeyArn": { - "markdownDescription": "Amazon Resource Name (ARN) or alias of the KMS key. The KMS key must be symmetric and created in the same AWS Region as the cluster. If the KMS key was created in a different account, the [IAM principal](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html) must have access to the KMS key. For more information, see [Allowing users in other accounts to use a KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-policy-modifying-external-accounts.html) in the *AWS Key Management Service Developer Guide* .", - "title": "KeyArn", + "AmdSevSnp": { + "markdownDescription": "Indicates whether to enable the instance for AMD SEV-SNP. AMD SEV-SNP is supported with M6a, R6a, and C6a instance types only. For more information, see [AMD SEV-SNP for Amazon EC2 instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/sev-snp.html) .", + "title": "AmdSevSnp", "type": "string" + }, + "CoreCount": { + "markdownDescription": "The number of CPU cores for the instance.", + "title": "CoreCount", + "type": "number" + }, + "ThreadsPerCore": { + "markdownDescription": "The number of threads per CPU core. To disable multithreading for the instance, specify a value of `1` . Otherwise, specify the default value of `2` .", + "title": "ThreadsPerCore", + "type": "number" } }, "type": "object" }, - "AWS::EKS::Cluster.ResourcesVpcConfig": { + "AWS::EC2::LaunchTemplate.CreditSpecification": { "additionalProperties": false, "properties": { - "EndpointPrivateAccess": { - "markdownDescription": "Set this value to `true` to enable private access for your cluster's Kubernetes API server endpoint. If you enable private access, Kubernetes API requests from within your cluster's VPC use the private VPC endpoint. The default value for this parameter is `false` , which disables private access for your Kubernetes API server. If you disable private access and you have nodes or AWS Fargate pods in the cluster, then ensure that `publicAccessCidrs` includes the necessary CIDR blocks for communication with the nodes or Fargate pods. For more information, see [Cluster API server endpoint](https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html) in the **Amazon EKS User Guide** .", - "title": "EndpointPrivateAccess", - "type": "boolean" - }, - "EndpointPublicAccess": { - "markdownDescription": "Set this value to `false` to disable public access to your cluster's Kubernetes API server endpoint. If you disable public access, your cluster's Kubernetes API server can only receive requests from within the cluster VPC. The default value for this parameter is `true` , which enables public access for your Kubernetes API server. The endpoint domain name and IP address family depends on the value of the `ipFamily` for the cluster. For more information, see [Cluster API server endpoint](https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html) in the **Amazon EKS User Guide** .", - "title": "EndpointPublicAccess", - "type": "boolean" - }, - "PublicAccessCidrs": { - "items": { - "type": "string" - }, - "markdownDescription": "The CIDR blocks that are allowed access to your cluster's public Kubernetes API server endpoint. Communication to the endpoint from addresses outside of the CIDR blocks that you specify is denied. The default value is `0.0.0.0/0` and additionally `::/0` for dual-stack `IPv6` clusters. If you've disabled private endpoint access, make sure that you specify the necessary CIDR blocks for every node and AWS Fargate `Pod` in the cluster. For more information, see [Cluster API server endpoint](https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html) in the **Amazon EKS User Guide** .\n\nNote that the public endpoints are dual-stack for only `IPv6` clusters that are made after October 2024. You can't add `IPv6` CIDR blocks to `IPv4` clusters or `IPv6` clusters that were made before October 2024.", - "title": "PublicAccessCidrs", - "type": "array" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "Specify one or more security groups for the cross-account elastic network interfaces that Amazon EKS creates to use that allow communication between your nodes and the Kubernetes control plane. If you don't specify any security groups, then familiarize yourself with the difference between Amazon EKS defaults for clusters deployed with Kubernetes. For more information, see [Amazon EKS security group considerations](https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html) in the **Amazon EKS User Guide** .", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "Specify subnets for your Amazon EKS nodes. Amazon EKS creates cross-account elastic network interfaces in these subnets to allow communication between your nodes and the Kubernetes control plane.", - "title": "SubnetIds", - "type": "array" + "CpuCredits": { + "markdownDescription": "The credit option for CPU usage of a T instance.\n\nValid values: `standard` | `unlimited`", + "title": "CpuCredits", + "type": "string" } }, - "required": [ - "SubnetIds" - ], "type": "object" }, - "AWS::EKS::FargateProfile": { + "AWS::EC2::LaunchTemplate.Ebs": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "DeleteOnTermination": { + "markdownDescription": "Indicates whether the EBS volume is deleted on instance termination.", + "title": "DeleteOnTermination", + "type": "boolean" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Encrypted": { + "markdownDescription": "Indicates whether the EBS volume is encrypted. Encrypted volumes can only be attached to instances that support Amazon EBS encryption. If you are creating a volume from a snapshot, you can't specify an encryption value.", + "title": "Encrypted", + "type": "boolean" + }, + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS). For `gp3` , `io1` , and `io2` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n\nThe following are the supported values for each volume type:\n\n- `gp3` : 3,000 - 16,000 IOPS\n- `io1` : 100 - 64,000 IOPS\n- `io2` : 100 - 256,000 IOPS\n\nFor `io2` volumes, you can achieve up to 256,000 IOPS on [instances built on the Nitro System](https://docs.aws.amazon.com/ec2/latest/instancetypes/ec2-nitro-instances.html) . On other instances, you can achieve performance up to 32,000 IOPS.\n\nThis parameter is supported for `io1` , `io2` , and `gp3` volumes only.", + "title": "Iops", + "type": "number" + }, + "KmsKeyId": { + "markdownDescription": "Identifier (key ID, key alias, key ARN, or alias ARN) of the customer managed KMS key to use for EBS encryption.", + "title": "KmsKeyId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "SnapshotId": { + "markdownDescription": "The ID of the snapshot.", + "title": "SnapshotId", + "type": "string" }, - "Metadata": { - "type": "object" + "Throughput": { + "markdownDescription": "The throughput to provision for a `gp3` volume, with a maximum of 1,000 MiB/s.\n\nValid Range: Minimum value of 125. Maximum value of 1000.", + "title": "Throughput", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ClusterName": { - "markdownDescription": "The name of your cluster.", - "title": "ClusterName", - "type": "string" - }, - "FargateProfileName": { - "markdownDescription": "The name of the Fargate profile.", - "title": "FargateProfileName", - "type": "string" - }, - "PodExecutionRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the `Pod` execution role to use for a `Pod` that matches the selectors in the Fargate profile. The `Pod` execution role allows Fargate infrastructure to register with your cluster as a node, and it provides read access to Amazon ECR image repositories. For more information, see [`Pod` execution role](https://docs.aws.amazon.com/eks/latest/userguide/pod-execution-role.html) in the *Amazon EKS User Guide* .", - "title": "PodExecutionRoleArn", - "type": "string" - }, - "Selectors": { - "items": { - "$ref": "#/definitions/AWS::EKS::FargateProfile.Selector" - }, - "markdownDescription": "The selectors to match for a `Pod` to use this Fargate profile. Each selector must have an associated Kubernetes `namespace` . Optionally, you can also specify `labels` for a `namespace` . You may specify up to five selectors in a Fargate profile.", - "title": "Selectors", - "type": "array" - }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of subnets to launch a `Pod` into. A `Pod` running on Fargate isn't assigned a public IP address, so only private subnets (with no direct route to an Internet Gateway) are accepted for this parameter.", - "title": "Subnets", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or AWS resources.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "ClusterName", - "PodExecutionRoleArn", - "Selectors" - ], - "type": "object" + "VolumeInitializationRate": { + "markdownDescription": "Specifies the Amazon EBS Provisioned Rate for Volume Initialization (volume initialization rate), in MiB/s, at which to download the snapshot blocks from Amazon S3 to the volume. This is also known as *volume initialization* . Specifying a volume initialization rate ensures that the volume is initialized at a predictable and consistent rate after creation.\n\nThis parameter is supported only for volumes created from snapshots. Omit this parameter if:\n\n- You want to create the volume using fast snapshot restore. You must specify a snapshot that is enabled for fast snapshot restore. In this case, the volume is fully initialized at creation.\n\n> If you specify a snapshot that is enabled for fast snapshot restore and a volume initialization rate, the volume will be initialized at the specified rate instead of fast snapshot restore.\n- You want to create a volume that is initialized at the default rate.\n\nFor more information, see [Initialize Amazon EBS volumes](https://docs.aws.amazon.com/ebs/latest/userguide/initalize-volume.html) in the *Amazon EC2 User Guide* .\n\nValid range: 100 - 300 MiB/s", + "title": "VolumeInitializationRate", + "type": "number" }, - "Type": { - "enum": [ - "AWS::EKS::FargateProfile" - ], - "type": "string" + "VolumeSize": { + "markdownDescription": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. The following are the supported volumes sizes for each volume type:\n\n- `gp2` and `gp3` : 1 - 16,384 GiB\n- `io1` : 4 - 16,384 GiB\n- `io2` : 4 - 65,536 GiB\n- `st1` and `sc1` : 125 - 16,384 GiB\n- `standard` : 1 - 1024 GiB", + "title": "VolumeSize", + "type": "number" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VolumeType": { + "markdownDescription": "The volume type. For more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volume-types.html) in the *Amazon EBS User Guide* .", + "title": "VolumeType", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::EKS::FargateProfile.Label": { + "AWS::EC2::LaunchTemplate.ElasticGpuSpecification": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "Enter a key.", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "Enter a value.", - "title": "Value", + "Type": { + "markdownDescription": "The type of Elastic Graphics accelerator.", + "title": "Type", "type": "string" } }, - "required": [ - "Key", - "Value" - ], "type": "object" }, - "AWS::EKS::FargateProfile.Selector": { + "AWS::EC2::LaunchTemplate.EnaSrdSpecification": { "additionalProperties": false, "properties": { - "Labels": { - "items": { - "$ref": "#/definitions/AWS::EKS::FargateProfile.Label" - }, - "markdownDescription": "The Kubernetes labels that the selector should match. A pod must contain all of the labels that are specified in the selector for it to be considered a match.", - "title": "Labels", - "type": "array" + "EnaSrdEnabled": { + "markdownDescription": "Indicates whether ENA Express is enabled for the network interface.", + "title": "EnaSrdEnabled", + "type": "boolean" }, - "Namespace": { - "markdownDescription": "The Kubernetes `namespace` that the selector should match.", - "title": "Namespace", - "type": "string" + "EnaSrdUdpSpecification": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.EnaSrdUdpSpecification", + "markdownDescription": "Configures ENA Express for UDP network traffic.", + "title": "EnaSrdUdpSpecification" } }, - "required": [ - "Namespace" - ], "type": "object" }, - "AWS::EKS::IdentityProviderConfig": { + "AWS::EC2::LaunchTemplate.EnaSrdUdpSpecification": { "additionalProperties": false, "properties": { - "Condition": { + "EnaSrdUdpEnabled": { + "markdownDescription": "Indicates whether UDP traffic to and from the instance uses ENA Express. To specify this setting, you must first enable ENA Express.", + "title": "EnaSrdUdpEnabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EC2::LaunchTemplate.EnclaveOptions": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "If this parameter is set to `true` , the instance is enabled for AWS Nitro Enclaves; otherwise, it is not enabled for AWS Nitro Enclaves.", + "title": "Enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EC2::LaunchTemplate.HibernationOptions": { + "additionalProperties": false, + "properties": { + "Configured": { + "markdownDescription": "If you set this parameter to `true` , the instance is enabled for hibernation.\n\nDefault: `false`", + "title": "Configured", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EC2::LaunchTemplate.IamInstanceProfile": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance profile.", + "title": "Arn", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "The name of the instance profile.", + "title": "Name", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::LaunchTemplate.InstanceMarketOptions": { + "additionalProperties": false, + "properties": { + "MarketType": { + "markdownDescription": "The market type.", + "title": "MarketType", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ClusterName": { - "markdownDescription": "The name of your cluster.", - "title": "ClusterName", - "type": "string" - }, - "IdentityProviderConfigName": { - "markdownDescription": "The name of the configuration.", - "title": "IdentityProviderConfigName", - "type": "string" - }, - "Oidc": { - "$ref": "#/definitions/AWS::EKS::IdentityProviderConfig.OidcIdentityProviderConfig", - "markdownDescription": "An object representing an OpenID Connect (OIDC) identity provider configuration.", - "title": "Oidc" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or AWS resources.", - "title": "Tags", - "type": "array" - }, - "Type": { - "markdownDescription": "The type of the identity provider configuration. The only type available is `oidc` .", - "title": "Type", - "type": "string" - } - }, - "required": [ - "ClusterName", - "Type" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::EKS::IdentityProviderConfig" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "SpotOptions": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.SpotOptions", + "markdownDescription": "The options for Spot Instances.", + "title": "SpotOptions" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::EKS::IdentityProviderConfig.OidcIdentityProviderConfig": { + "AWS::EC2::LaunchTemplate.InstanceRequirements": { "additionalProperties": false, "properties": { - "ClientId": { - "markdownDescription": "This is also known as *audience* . The ID of the client application that makes authentication requests to the OIDC identity provider.", - "title": "ClientId", - "type": "string" + "AcceleratorCount": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.AcceleratorCount", + "markdownDescription": "The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferentia chips) on an instance.\n\nTo exclude accelerator-enabled instance types, set `Max` to `0` .\n\nDefault: No minimum or maximum limits", + "title": "AcceleratorCount" }, - "GroupsClaim": { - "markdownDescription": "The JSON web token (JWT) claim that the provider uses to return your groups.", - "title": "GroupsClaim", - "type": "string" + "AcceleratorManufacturers": { + "items": { + "type": "string" + }, + "markdownDescription": "Indicates whether instance types must have accelerators by specific manufacturers.\n\n- For instance types with AWS devices, specify `amazon-web-services` .\n- For instance types with AMD devices, specify `amd` .\n- For instance types with Habana devices, specify `habana` .\n- For instance types with NVIDIA devices, specify `nvidia` .\n- For instance types with Xilinx devices, specify `xilinx` .\n\nDefault: Any manufacturer", + "title": "AcceleratorManufacturers", + "type": "array" }, - "GroupsPrefix": { - "markdownDescription": "The prefix that is prepended to group claims to prevent clashes with existing names (such as `system:` groups). For example, the value `oidc:` creates group names like `oidc:engineering` and `oidc:infra` . The prefix can't contain `system:`", - "title": "GroupsPrefix", + "AcceleratorNames": { + "items": { + "type": "string" + }, + "markdownDescription": "The accelerators that must be on the instance type.\n\n- For instance types with NVIDIA A10G GPUs, specify `a10g` .\n- For instance types with NVIDIA A100 GPUs, specify `a100` .\n- For instance types with NVIDIA H100 GPUs, specify `h100` .\n- For instance types with AWS Inferentia chips, specify `inferentia` .\n- For instance types with NVIDIA GRID K520 GPUs, specify `k520` .\n- For instance types with NVIDIA K80 GPUs, specify `k80` .\n- For instance types with NVIDIA M60 GPUs, specify `m60` .\n- For instance types with AMD Radeon Pro V520 GPUs, specify `radeon-pro-v520` .\n- For instance types with NVIDIA T4 GPUs, specify `t4` .\n- For instance types with NVIDIA T4G GPUs, specify `t4g` .\n- For instance types with Xilinx VU9P FPGAs, specify `vu9p` .\n- For instance types with NVIDIA V100 GPUs, specify `v100` .\n\nDefault: Any accelerator", + "title": "AcceleratorNames", + "type": "array" + }, + "AcceleratorTotalMemoryMiB": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.AcceleratorTotalMemoryMiB", + "markdownDescription": "The minimum and maximum amount of total accelerator memory, in MiB.\n\nDefault: No minimum or maximum limits", + "title": "AcceleratorTotalMemoryMiB" + }, + "AcceleratorTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The accelerator types that must be on the instance type.\n\n- For instance types with FPGA accelerators, specify `fpga` .\n- For instance types with GPU accelerators, specify `gpu` .\n- For instance types with Inference accelerators, specify `inference` .\n\nDefault: Any accelerator type", + "title": "AcceleratorTypes", + "type": "array" + }, + "AllowedInstanceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The instance types to apply your specified attributes against. All other instance types are ignored, even if they match your specified attributes.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to allow an instance type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will allow the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will allow all the M5a instance types, but not the M5n instance types.\n\n> If you specify `AllowedInstanceTypes` , you can't specify `ExcludedInstanceTypes` . \n\nDefault: All instance types", + "title": "AllowedInstanceTypes", + "type": "array" + }, + "BareMetal": { + "markdownDescription": "Indicates whether bare metal instance types must be included, excluded, or required.\n\n- To include bare metal instance types, specify `included` .\n- To require only bare metal instance types, specify `required` .\n- To exclude bare metal instance types, specify `excluded` .\n\nDefault: `excluded`", + "title": "BareMetal", "type": "string" }, - "IssuerUrl": { - "markdownDescription": "The URL of the OIDC identity provider that allows the API server to discover public signing keys for verifying tokens.", - "title": "IssuerUrl", + "BaselineEbsBandwidthMbps": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.BaselineEbsBandwidthMbps", + "markdownDescription": "The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps. For more information, see [Amazon EBS\u2013optimized instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-optimized.html) in the *Amazon EC2 User Guide* .\n\nDefault: No minimum or maximum limits", + "title": "BaselineEbsBandwidthMbps" + }, + "BaselinePerformanceFactors": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.BaselinePerformanceFactors", + "markdownDescription": "The baseline performance to consider, using an instance family as a baseline reference. The instance family establishes the lowest acceptable level of performance. Amazon EC2 uses this baseline to guide instance type selection, but there is no guarantee that the selected instance types will always exceed the baseline for every application. Currently, this parameter only supports CPU performance as a baseline performance factor. For more information, see [Performance protection](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-attribute-based-instance-type-selection.html#ec2fleet-abis-performance-protection) in the *Amazon EC2 User Guide* .", + "title": "BaselinePerformanceFactors" + }, + "BurstablePerformance": { + "markdownDescription": "Indicates whether burstable performance T instance types are included, excluded, or required. For more information, see [Burstable performance instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) .\n\n- To include burstable performance instance types, specify `included` .\n- To require only burstable performance instance types, specify `required` .\n- To exclude burstable performance instance types, specify `excluded` .\n\nDefault: `excluded`", + "title": "BurstablePerformance", "type": "string" }, - "RequiredClaims": { + "CpuManufacturers": { "items": { - "$ref": "#/definitions/AWS::EKS::IdentityProviderConfig.RequiredClaim" + "type": "string" }, - "markdownDescription": "The key-value pairs that describe required claims in the identity token. If set, each claim is verified to be present in the token with a matching value.", - "title": "RequiredClaims", + "markdownDescription": "The CPU manufacturers to include.\n\n- For instance types with Intel CPUs, specify `intel` .\n- For instance types with AMD CPUs, specify `amd` .\n- For instance types with AWS CPUs, specify `amazon-web-services` .\n- For instance types with Apple CPUs, specify `apple` .\n\n> Don't confuse the CPU manufacturer with the CPU architecture. Instances will be launched with a compatible CPU architecture based on the Amazon Machine Image (AMI) that you specify in your launch template. \n\nDefault: Any manufacturer", + "title": "CpuManufacturers", "type": "array" }, - "UsernameClaim": { - "markdownDescription": "The JSON Web token (JWT) claim that is used as the username.", - "title": "UsernameClaim", + "ExcludedInstanceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The instance types to exclude.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to exclude an instance type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will exclude the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will exclude all the M5a instance types, but not the M5n instance types.\n\n> If you specify `ExcludedInstanceTypes` , you can't specify `AllowedInstanceTypes` . \n\nDefault: No excluded instance types", + "title": "ExcludedInstanceTypes", + "type": "array" + }, + "InstanceGenerations": { + "items": { + "type": "string" + }, + "markdownDescription": "Indicates whether current or previous generation instance types are included. The current generation instance types are recommended for use. Current generation instance types are typically the latest two to three generations in each instance family. For more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .\n\nFor current generation instance types, specify `current` .\n\nFor previous generation instance types, specify `previous` .\n\nDefault: Current and previous generation instance types", + "title": "InstanceGenerations", + "type": "array" + }, + "LocalStorage": { + "markdownDescription": "Indicates whether instance types with instance store volumes are included, excluded, or required. For more information, [Amazon EC2 instance store](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html) in the *Amazon EC2 User Guide* .\n\n- To include instance types with instance store volumes, specify `included` .\n- To require only instance types with instance store volumes, specify `required` .\n- To exclude instance types with instance store volumes, specify `excluded` .\n\nDefault: `included`", + "title": "LocalStorage", "type": "string" }, - "UsernamePrefix": { - "markdownDescription": "The prefix that is prepended to username claims to prevent clashes with existing names. The prefix can't contain `system:`", - "title": "UsernamePrefix", + "LocalStorageTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The type of local storage that is required.\n\n- For instance types with hard disk drive (HDD) storage, specify `hdd` .\n- For instance types with solid state drive (SSD) storage, specify `ssd` .\n\nDefault: `hdd` and `ssd`", + "title": "LocalStorageTypes", + "type": "array" + }, + "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice": { + "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage of an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is based on the per vCPU or per memory price instead of the per instance price.\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` .", + "title": "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice", + "type": "number" + }, + "MemoryGiBPerVCpu": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.MemoryGiBPerVCpu", + "markdownDescription": "The minimum and maximum amount of memory per vCPU, in GiB.\n\nDefault: No minimum or maximum limits", + "title": "MemoryGiBPerVCpu" + }, + "MemoryMiB": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.MemoryMiB", + "markdownDescription": "The minimum and maximum amount of memory, in MiB.", + "title": "MemoryMiB" + }, + "NetworkBandwidthGbps": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.NetworkBandwidthGbps", + "markdownDescription": "The minimum and maximum amount of network bandwidth, in gigabits per second (Gbps).\n\nDefault: No minimum or maximum limits", + "title": "NetworkBandwidthGbps" + }, + "NetworkInterfaceCount": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.NetworkInterfaceCount", + "markdownDescription": "The minimum and maximum number of network interfaces.\n\nDefault: No minimum or maximum limits", + "title": "NetworkInterfaceCount" + }, + "OnDemandMaxPricePercentageOverLowestPrice": { + "markdownDescription": "[Price protection] The price protection threshold for On-Demand Instances, as a percentage higher than an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nTo turn off price protection, specify a high value, such as `999999` .\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n> If you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price. \n\nDefault: `20`", + "title": "OnDemandMaxPricePercentageOverLowestPrice", + "type": "number" + }, + "RequireHibernateSupport": { + "markdownDescription": "Indicates whether instance types must support hibernation for On-Demand Instances.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) .\n\nDefault: `false`", + "title": "RequireHibernateSupport", + "type": "boolean" + }, + "SpotMaxPricePercentageOverLowestPrice": { + "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage higher than an identified Spot price. The identified Spot price is the Spot price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified Spot price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose Spot price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` . \n\nDefault: `100`", + "title": "SpotMaxPricePercentageOverLowestPrice", + "type": "number" + }, + "TotalLocalStorageGB": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.TotalLocalStorageGB", + "markdownDescription": "The minimum and maximum amount of total local storage, in GB.\n\nDefault: No minimum or maximum limits", + "title": "TotalLocalStorageGB" + }, + "VCpuCount": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.VCpuCount", + "markdownDescription": "The minimum and maximum number of vCPUs.", + "title": "VCpuCount" + } + }, + "type": "object" + }, + "AWS::EC2::LaunchTemplate.Ipv4PrefixSpecification": { + "additionalProperties": false, + "properties": { + "Ipv4Prefix": { + "markdownDescription": "The IPv4 prefix. For information, see [Assigning prefixes to network interfaces](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-prefix-eni.html) in the *Amazon EC2 User Guide* .", + "title": "Ipv4Prefix", "type": "string" } }, - "required": [ - "ClientId", - "IssuerUrl" - ], "type": "object" }, - "AWS::EKS::IdentityProviderConfig.RequiredClaim": { + "AWS::EC2::LaunchTemplate.Ipv6Add": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The key to match from the token.", - "title": "Key", + "Ipv6Address": { + "markdownDescription": "One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet. You can't use this option if you're specifying a number of IPv6 addresses.", + "title": "Ipv6Address", "type": "string" - }, - "Value": { - "markdownDescription": "The value for the key from the token.", - "title": "Value", + } + }, + "type": "object" + }, + "AWS::EC2::LaunchTemplate.Ipv6PrefixSpecification": { + "additionalProperties": false, + "properties": { + "Ipv6Prefix": { + "markdownDescription": "The IPv6 prefix.", + "title": "Ipv6Prefix", "type": "string" } }, - "required": [ - "Key", - "Value" - ], "type": "object" }, - "AWS::EKS::Nodegroup": { + "AWS::EC2::LaunchTemplate.LaunchTemplateData": { "additionalProperties": false, "properties": { - "Condition": { + "BlockDeviceMappings": { + "items": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.BlockDeviceMapping" + }, + "markdownDescription": "The block device mapping.", + "title": "BlockDeviceMappings", + "type": "array" + }, + "CapacityReservationSpecification": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.CapacityReservationSpecification", + "markdownDescription": "The Capacity Reservation targeting option. If you do not specify this parameter, the instance's Capacity Reservation preference defaults to `open` , which enables it to run in any open Capacity Reservation that has matching attributes (instance type, platform, Availability Zone).", + "title": "CapacityReservationSpecification" + }, + "CpuOptions": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.CpuOptions", + "markdownDescription": "The CPU options for the instance. For more information, see [CPU options for Amazon EC2 instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html) in the *Amazon EC2 User Guide* .", + "title": "CpuOptions" + }, + "CreditSpecification": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.CreditSpecification", + "markdownDescription": "The credit option for CPU usage of the instance. Valid only for T instances.", + "title": "CreditSpecification" + }, + "DisableApiStop": { + "markdownDescription": "Indicates whether to enable the instance for stop protection. For more information, see [Enable stop protection for your EC2 instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-stop-protection.html) in the *Amazon EC2 User Guide* .", + "title": "DisableApiStop", + "type": "boolean" + }, + "DisableApiTermination": { + "markdownDescription": "Indicates whether termination protection is enabled for the instance. The default is `false` , which means that you can terminate the instance using the Amazon EC2 console, command line tools, or API. You can enable termination protection when you launch an instance, while the instance is running, or while the instance is stopped.", + "title": "DisableApiTermination", + "type": "boolean" + }, + "EbsOptimized": { + "markdownDescription": "Indicates whether the instance is optimized for Amazon EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal Amazon EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS-optimized instance.", + "title": "EbsOptimized", + "type": "boolean" + }, + "ElasticGpuSpecifications": { + "items": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.ElasticGpuSpecification" + }, + "markdownDescription": "Deprecated.\n\n> Amazon Elastic Graphics reached end of life on January 8, 2024.", + "title": "ElasticGpuSpecifications", + "type": "array" + }, + "ElasticInferenceAccelerators": { + "items": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.LaunchTemplateElasticInferenceAccelerator" + }, + "markdownDescription": "> Amazon Elastic Inference is no longer available. \n\nAn elastic inference accelerator to associate with the instance. Elastic inference accelerators are a resource you can attach to your Amazon EC2 instances to accelerate your Deep Learning (DL) inference workloads.\n\nYou cannot specify accelerators from different generations in the same request.", + "title": "ElasticInferenceAccelerators", + "type": "array" + }, + "EnclaveOptions": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.EnclaveOptions", + "markdownDescription": "Indicates whether the instance is enabled for AWS Nitro Enclaves. For more information, see [What is Nitro Enclaves?](https://docs.aws.amazon.com/enclaves/latest/user/nitro-enclave.html) in the *AWS Nitro Enclaves User Guide* .\n\nYou can't enable AWS Nitro Enclaves and hibernation on the same instance.", + "title": "EnclaveOptions" + }, + "HibernationOptions": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.HibernationOptions", + "markdownDescription": "Indicates whether an instance is enabled for hibernation. This parameter is valid only if the instance meets the [hibernation prerequisites](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/hibernating-prerequisites.html) . For more information, see [Hibernate your Amazon EC2 instance](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) in the *Amazon EC2 User Guide* .", + "title": "HibernationOptions" + }, + "IamInstanceProfile": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.IamInstanceProfile", + "markdownDescription": "The name or Amazon Resource Name (ARN) of an IAM instance profile.", + "title": "IamInstanceProfile" + }, + "ImageId": { + "markdownDescription": "The ID of the AMI. Alternatively, you can specify a Systems Manager parameter, which will resolve to an AMI ID on launch.\n\nValid formats:\n\n- `ami-0ac394d6a3example`\n- `resolve:ssm:parameter-name`\n- `resolve:ssm:parameter-name:version-number`\n- `resolve:ssm:parameter-name:label`\n\nFor more information, see [Use a Systems Manager parameter to find an AMI](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/finding-an-ami.html#using-systems-manager-parameter-to-find-AMI) in the *Amazon Elastic Compute Cloud User Guide* .", + "title": "ImageId", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "InstanceInitiatedShutdownBehavior": { + "markdownDescription": "Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).\n\nDefault: `stop`", + "title": "InstanceInitiatedShutdownBehavior", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "InstanceMarketOptions": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.InstanceMarketOptions", + "markdownDescription": "The market (purchasing) option for the instances.", + "title": "InstanceMarketOptions" }, - "Metadata": { - "type": "object" + "InstanceRequirements": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.InstanceRequirements", + "markdownDescription": "The attributes for the instance types. When you specify instance attributes, Amazon EC2 will identify instance types with these attributes.\n\nYou must specify `VCpuCount` and `MemoryMiB` . All other attributes are optional. Any unspecified optional attribute is set to its default.\n\nWhen you specify multiple attributes, you get instance types that satisfy all of the specified attributes. If you specify multiple values for an attribute, you get instance types that satisfy any of the specified values.\n\nTo limit the list of instance types from which Amazon EC2 can identify matching instance types, you can use one of the following parameters, but not both in the same request:\n\n- `AllowedInstanceTypes` - The instance types to include in the list. All other instance types are ignored, even if they match your specified attributes.\n- `ExcludedInstanceTypes` - The instance types to exclude from the list, even if they match your specified attributes.\n\n> If you specify `InstanceRequirements` , you can't specify `InstanceType` .\n> \n> Attribute-based instance type selection is only supported when using Auto Scaling groups, EC2 Fleet, and Spot Fleet to launch instances. If you plan to use the launch template in the [launch instance wizard](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-instance-wizard.html) , or with the [RunInstances](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html) API or [AWS::EC2::Instance](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html) AWS CloudFormation resource, you can't specify `InstanceRequirements` . \n\nFor more information, see [Specify attributes for instance type selection for EC2 Fleet or Spot Fleet](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-attribute-based-instance-type-selection.html) and [Spot placement score](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-placement-score.html) in the *Amazon EC2 User Guide* .", + "title": "InstanceRequirements" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AmiType": { - "markdownDescription": "The AMI type for your node group. If you specify `launchTemplate` , and your launch template uses a custom AMI, then don't specify `amiType` , or the node group deployment will fail. If your launch template uses a Windows custom AMI, then add `eks:kube-proxy-windows` to your Windows nodes `rolearn` in the `aws-auth` `ConfigMap` . For more information about using launch templates with Amazon EKS, see [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", - "title": "AmiType", - "type": "string" - }, - "CapacityType": { - "markdownDescription": "The capacity type of your managed node group.", - "title": "CapacityType", - "type": "string" - }, - "ClusterName": { - "markdownDescription": "The name of your cluster.", - "title": "ClusterName", - "type": "string" - }, - "DiskSize": { - "markdownDescription": "The root device disk size (in GiB) for your node group instances. The default disk size is 20 GiB for Linux and Bottlerocket. The default disk size is 50 GiB for Windows. If you specify `launchTemplate` , then don't specify `diskSize` , or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", - "title": "DiskSize", - "type": "number" - }, - "ForceUpdateEnabled": { - "markdownDescription": "Force the update if any `Pod` on the existing node group can't be drained due to a `Pod` disruption budget issue. If an update fails because all Pods can't be drained, you can force the update after it fails to terminate the old node whether or not any `Pod` is running on the node.", - "title": "ForceUpdateEnabled", - "type": "boolean" - }, - "InstanceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "Specify the instance types for a node group. If you specify a GPU instance type, make sure to also specify an applicable GPU AMI type with the `amiType` parameter. If you specify `launchTemplate` , then you can specify zero or one instance type in your launch template *or* you can specify 0-20 instance types for `instanceTypes` . If however, you specify an instance type in your launch template *and* specify any `instanceTypes` , the node group deployment will fail. If you don't specify an instance type in a launch template or for `instanceTypes` , then `t3.medium` is used, by default. If you specify `Spot` for `capacityType` , then we recommend specifying multiple values for `instanceTypes` . For more information, see [Managed node group capacity types](https://docs.aws.amazon.com/eks/latest/userguide/managed-node-groups.html#managed-node-group-capacity-types) and [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", - "title": "InstanceTypes", - "type": "array" - }, - "Labels": { - "additionalProperties": true, - "markdownDescription": "The Kubernetes `labels` applied to the nodes in the node group.\n\n> Only `labels` that are applied with the Amazon EKS API are shown here. There may be other Kubernetes `labels` applied to the nodes in this group.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Labels", - "type": "object" - }, - "LaunchTemplate": { - "$ref": "#/definitions/AWS::EKS::Nodegroup.LaunchTemplateSpecification", - "markdownDescription": "An object representing a node group's launch template specification. When using this object, don't directly specify `instanceTypes` , `diskSize` , or `remoteAccess` . You cannot later specify a different launch template ID or name than what was used to create the node group.\n\nMake sure that the launch template meets the requirements in `launchTemplateSpecification` . Also refer to [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", - "title": "LaunchTemplate" - }, - "NodeRole": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to associate with your node group. The Amazon EKS worker node `kubelet` daemon makes calls to AWS APIs on your behalf. Nodes receive permissions for these API calls through an IAM instance profile and associated policies. Before you can launch nodes and register them into a cluster, you must create an IAM role for those nodes to use when they are launched. For more information, see [Amazon EKS node IAM role](https://docs.aws.amazon.com/eks/latest/userguide/create-node-role.html) in the **Amazon EKS User Guide** . If you specify `launchTemplate` , then don't specify `[IamInstanceProfile](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_IamInstanceProfile.html)` in your launch template, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", - "title": "NodeRole", - "type": "string" - }, - "NodegroupName": { - "markdownDescription": "The unique name to give your node group.", - "title": "NodegroupName", - "type": "string" - }, - "ReleaseVersion": { - "markdownDescription": "The AMI version of the Amazon EKS optimized AMI to use with your node group (for example, `1.14.7- *YYYYMMDD*` ). By default, the latest available AMI version for the node group's current Kubernetes version is used. For more information, see [Amazon EKS optimized Linux AMI Versions](https://docs.aws.amazon.com/eks/latest/userguide/eks-linux-ami-versions.html) in the *Amazon EKS User Guide* .\n\n> Changing this value triggers an update of the node group if one is available. You can't update other properties at the same time as updating `Release Version` .", - "title": "ReleaseVersion", - "type": "string" - }, - "RemoteAccess": { - "$ref": "#/definitions/AWS::EKS::Nodegroup.RemoteAccess", - "markdownDescription": "The remote access configuration to use with your node group. For Linux, the protocol is SSH. For Windows, the protocol is RDP. If you specify `launchTemplate` , then don't specify `remoteAccess` , or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", - "title": "RemoteAccess" - }, - "ScalingConfig": { - "$ref": "#/definitions/AWS::EKS::Nodegroup.ScalingConfig", - "markdownDescription": "The scaling configuration details for the Auto Scaling group that is created for your node group.", - "title": "ScalingConfig" - }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "The subnets to use for the Auto Scaling group that is created for your node group. If you specify `launchTemplate` , then don't specify `[SubnetId](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateNetworkInterface.html)` in your launch template, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", - "title": "Subnets", - "type": "array" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or AWS resources.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - }, - "Taints": { - "items": { - "$ref": "#/definitions/AWS::EKS::Nodegroup.Taint" - }, - "markdownDescription": "The Kubernetes taints to be applied to the nodes in the node group when they are created. Effect is one of `No_Schedule` , `Prefer_No_Schedule` , or `No_Execute` . Kubernetes taints can be used together with tolerations to control how workloads are scheduled to your nodes. For more information, see [Node taints on managed node groups](https://docs.aws.amazon.com/eks/latest/userguide/node-taints-managed-node-groups.html) .", - "title": "Taints", - "type": "array" - }, - "UpdateConfig": { - "$ref": "#/definitions/AWS::EKS::Nodegroup.UpdateConfig", - "markdownDescription": "The node group update configuration.", - "title": "UpdateConfig" - }, - "Version": { - "markdownDescription": "The Kubernetes version to use for your managed nodes. By default, the Kubernetes version of the cluster is used, and this is the only accepted specified value. If you specify `launchTemplate` , and your launch template uses a custom AMI, then don't specify `version` , or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see [Launch template support](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .\n\n> You can't update other properties at the same time as updating `Version` .", - "title": "Version", - "type": "string" - } + "InstanceType": { + "markdownDescription": "The instance type. For more information, see [Amazon EC2 instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .\n\nIf you specify `InstanceType` , you can't specify `InstanceRequirements` .", + "title": "InstanceType", + "type": "string" + }, + "KernelId": { + "markdownDescription": "The ID of the kernel.\n\nWe recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see [User Provided Kernels](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) in the *Amazon EC2 User Guide* .", + "title": "KernelId", + "type": "string" + }, + "KeyName": { + "markdownDescription": "The name of the key pair. You can create a key pair using [CreateKeyPair](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateKeyPair.html) or [ImportKeyPair](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportKeyPair.html) .\n\n> If you do not specify a key pair, you can't connect to the instance unless you choose an AMI that is configured to allow users another way to log in.", + "title": "KeyName", + "type": "string" + }, + "LicenseSpecifications": { + "items": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.LicenseSpecification" }, - "required": [ - "ClusterName", - "NodeRole", - "Subnets" - ], - "type": "object" + "markdownDescription": "The license configurations.", + "title": "LicenseSpecifications", + "type": "array" }, - "Type": { - "enum": [ - "AWS::EKS::Nodegroup" - ], + "MaintenanceOptions": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.MaintenanceOptions", + "markdownDescription": "The maintenance options of your instance.", + "title": "MaintenanceOptions" + }, + "MetadataOptions": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.MetadataOptions", + "markdownDescription": "The metadata options for the instance. For more information, see [Configure the Instance Metadata Service options](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-options.html) in the *Amazon EC2 User Guide* .", + "title": "MetadataOptions" + }, + "Monitoring": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Monitoring", + "markdownDescription": "The monitoring for the instance.", + "title": "Monitoring" + }, + "NetworkInterfaces": { + "items": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.NetworkInterface" + }, + "markdownDescription": "The network interfaces for the instance.", + "title": "NetworkInterfaces", + "type": "array" + }, + "NetworkPerformanceOptions": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.NetworkPerformanceOptions", + "markdownDescription": "The settings for the network performance options for the instance. For more information, see [EC2 instance bandwidth weighting configuration](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configure-bandwidth-weighting.html) .", + "title": "NetworkPerformanceOptions" + }, + "Placement": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Placement", + "markdownDescription": "The placement for the instance.", + "title": "Placement" + }, + "PrivateDnsNameOptions": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.PrivateDnsNameOptions", + "markdownDescription": "The hostname type for EC2 instances launched into this subnet and how DNS A and AAAA record queries should be handled. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .", + "title": "PrivateDnsNameOptions" + }, + "RamDiskId": { + "markdownDescription": "The ID of the RAM disk.\n\n> We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see [User provided kernels](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) in the *Amazon EC2 User Guide* .", + "title": "RamDiskId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the security groups. You can specify the IDs of existing security groups and references to resources created by the stack template.\n\nIf you specify a network interface, you must specify any security groups as part of the network interface instead.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The names of the security groups. For a nondefault VPC, you must use security group IDs instead.\n\nIf you specify a network interface, you must specify any security groups as part of the network interface instead of using this parameter.", + "title": "SecurityGroups", + "type": "array" + }, + "TagSpecifications": { + "items": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.TagSpecification" + }, + "markdownDescription": "The tags to apply to resources that are created during instance launch.\n\nTo tag the launch template itself, use [TagSpecifications](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html#cfn-ec2-launchtemplate-tagspecifications) .", + "title": "TagSpecifications", + "type": "array" + }, + "UserData": { + "markdownDescription": "The user data to make available to the instance. You must provide base64-encoded text. User data is limited to 16 KB. For more information, see [Run commands when you launch an EC2 instance with user data input](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html) in the *Amazon EC2 User Guide* .\n\nIf you are creating the launch template for use with AWS Batch , the user data must be provided in the [MIME multi-part archive format](https://docs.aws.amazon.com/https://cloudinit.readthedocs.io/en/latest/topics/format.html#mime-multi-part-archive) . For more information, see [Amazon EC2 user data in launch templates](https://docs.aws.amazon.com/batch/latest/userguide/launch-templates.html#lt-user-data) in the *AWS Batch User Guide* .", + "title": "UserData", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::EKS::Nodegroup.LaunchTemplateSpecification": { + "AWS::EC2::LaunchTemplate.LaunchTemplateElasticInferenceAccelerator": { "additionalProperties": false, "properties": { - "Id": { - "markdownDescription": "The ID of the launch template.\n\nYou must specify either the launch template ID or the launch template name in the request, but not both. After node group creation, you cannot use a different ID.", - "title": "Id", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the launch template.\n\nYou must specify either the launch template name or the launch template ID in the request, but not both. After node group creation, you cannot use a different name.", - "title": "Name", - "type": "string" + "Count": { + "markdownDescription": "The number of elastic inference accelerators to attach to the instance.\n\nDefault: 1", + "title": "Count", + "type": "number" }, - "Version": { - "markdownDescription": "The version number of the launch template to use. If no version is specified, then the template's default version is used. You can use a different version for node group updates.", - "title": "Version", + "Type": { + "markdownDescription": "The type of elastic inference accelerator. The possible values are eia1.medium, eia1.large, and eia1.xlarge.", + "title": "Type", "type": "string" } }, "type": "object" }, - "AWS::EKS::Nodegroup.RemoteAccess": { + "AWS::EC2::LaunchTemplate.LaunchTemplateTagSpecification": { "additionalProperties": false, "properties": { - "Ec2SshKey": { - "markdownDescription": "The Amazon EC2 SSH key name that provides access for SSH communication with the nodes in the managed node group. For more information, see [Amazon EC2 key pairs and Linux instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html) in the *Amazon Elastic Compute Cloud User Guide for Linux Instances* . For Windows, an Amazon EC2 SSH key is used to obtain the RDP password. For more information, see [Amazon EC2 key pairs and Windows instances](https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ec2-key-pairs.html) in the *Amazon Elastic Compute Cloud User Guide for Windows Instances* .", - "title": "Ec2SshKey", + "ResourceType": { + "markdownDescription": "The type of resource. To tag a launch template, `ResourceType` must be `launch-template` .", + "title": "ResourceType", "type": "string" }, - "SourceSecurityGroups": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The security group IDs that are allowed SSH access (port 22) to the nodes. For Windows, the port is 3389. If you specify an Amazon EC2 SSH key but don't specify a source security group when you create a managed node group, then the port on the nodes is opened to the internet ( `0.0.0.0/0` ). For more information, see [Security Groups for Your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) in the *Amazon Virtual Private Cloud User Guide* .", - "title": "SourceSecurityGroups", + "markdownDescription": "The tags for the resource.", + "title": "Tags", "type": "array" } }, - "required": [ - "Ec2SshKey" - ], "type": "object" }, - "AWS::EKS::Nodegroup.ScalingConfig": { + "AWS::EC2::LaunchTemplate.LicenseSpecification": { "additionalProperties": false, "properties": { - "DesiredSize": { - "markdownDescription": "The current number of nodes that the managed node group should maintain.\n\n> If you use the Kubernetes [Cluster Autoscaler](https://docs.aws.amazon.com/https://github.com/kubernetes/autoscaler#kubernetes-autoscaler) , you shouldn't change the `desiredSize` value directly, as this can cause the Cluster Autoscaler to suddenly scale up or scale down. \n\nWhenever this parameter changes, the number of worker nodes in the node group is updated to the specified size. If this parameter is given a value that is smaller than the current number of running worker nodes, the necessary number of worker nodes are terminated to match the given value. When using CloudFormation, no action occurs if you remove this parameter from your CFN template.\n\nThis parameter can be different from `minSize` in some cases, such as when starting with extra hosts for testing. This parameter can also be different when you want to start with an estimated number of needed hosts, but let the Cluster Autoscaler reduce the number if there are too many. When the Cluster Autoscaler is used, the `desiredSize` parameter is altered by the Cluster Autoscaler (but can be out-of-date for short periods of time). the Cluster Autoscaler doesn't scale a managed node group lower than `minSize` or higher than `maxSize` .", - "title": "DesiredSize", + "LicenseConfigurationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the license configuration.", + "title": "LicenseConfigurationArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::LaunchTemplate.MaintenanceOptions": { + "additionalProperties": false, + "properties": { + "AutoRecovery": { + "markdownDescription": "Disables the automatic recovery behavior of your instance or sets it to default.", + "title": "AutoRecovery", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::LaunchTemplate.MemoryGiBPerVCpu": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum amount of memory per vCPU, in GiB. To specify no maximum limit, omit this parameter.", + "title": "Max", "type": "number" }, - "MaxSize": { - "markdownDescription": "The maximum number of nodes that the managed node group can scale out to. For information about the maximum number that you can specify, see [Amazon EKS service quotas](https://docs.aws.amazon.com/eks/latest/userguide/service-quotas.html) in the *Amazon EKS User Guide* .", - "title": "MaxSize", + "Min": { + "markdownDescription": "The minimum amount of memory per vCPU, in GiB. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::LaunchTemplate.MemoryMiB": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum amount of memory, in MiB. To specify no maximum limit, omit this parameter.", + "title": "Max", "type": "number" }, - "MinSize": { - "markdownDescription": "The minimum number of nodes that the managed node group can scale in to.", - "title": "MinSize", + "Min": { + "markdownDescription": "The minimum amount of memory, in MiB. To specify no minimum limit, specify `0` .", + "title": "Min", "type": "number" } }, "type": "object" }, - "AWS::EKS::Nodegroup.Taint": { + "AWS::EC2::LaunchTemplate.MetadataOptions": { "additionalProperties": false, "properties": { - "Effect": { - "markdownDescription": "The effect of the taint.", - "title": "Effect", + "HttpEndpoint": { + "markdownDescription": "Enables or disables the HTTP metadata endpoint on your instances. If the parameter is not specified, the default state is `enabled` .\n\n> If you specify a value of `disabled` , you will not be able to access your instance metadata.", + "title": "HttpEndpoint", "type": "string" }, - "Key": { - "markdownDescription": "The key of the taint.", - "title": "Key", + "HttpProtocolIpv6": { + "markdownDescription": "Enables or disables the IPv6 endpoint for the instance metadata service.\n\nDefault: `disabled`", + "title": "HttpProtocolIpv6", "type": "string" }, - "Value": { - "markdownDescription": "The value of the taint.", - "title": "Value", + "HttpPutResponseHopLimit": { + "markdownDescription": "The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel.\n\nDefault: `1`\n\nPossible values: Integers from 1 to 64", + "title": "HttpPutResponseHopLimit", + "type": "number" + }, + "HttpTokens": { + "markdownDescription": "Indicates whether IMDSv2 is required.\n\n- `optional` - IMDSv2 is optional. You can choose whether to send a session token in your instance metadata retrieval requests. If you retrieve IAM role credentials without a session token, you receive the IMDSv1 role credentials. If you retrieve IAM role credentials using a valid session token, you receive the IMDSv2 role credentials.\n- `required` - IMDSv2 is required. You must send a session token in your instance metadata retrieval requests. With this option, retrieving the IAM role credentials always returns IMDSv2 credentials; IMDSv1 credentials are not available.\n\nDefault: If the value of `ImdsSupport` for the Amazon Machine Image (AMI) for your instance is `v2.0` , the default is `required` .", + "title": "HttpTokens", + "type": "string" + }, + "InstanceMetadataTags": { + "markdownDescription": "Set to `enabled` to allow access to instance tags from the instance metadata. Set to `disabled` to turn off access to instance tags from the instance metadata. For more information, see [View tags for your EC2 instances using instance metadata](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/work-with-tags-in-IMDS.html) .\n\nDefault: `disabled`", + "title": "InstanceMetadataTags", "type": "string" } }, "type": "object" }, - "AWS::EKS::Nodegroup.UpdateConfig": { + "AWS::EC2::LaunchTemplate.Monitoring": { "additionalProperties": false, "properties": { - "MaxUnavailable": { - "markdownDescription": "The maximum number of nodes unavailable at once during a version update. Nodes are updated in parallel. This value or `maxUnavailablePercentage` is required to have a value.The maximum number is 100.", - "title": "MaxUnavailable", + "Enabled": { + "markdownDescription": "Specify `true` to enable detailed monitoring. Otherwise, basic monitoring is enabled.", + "title": "Enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EC2::LaunchTemplate.NetworkBandwidthGbps": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum amount of network bandwidth, in Gbps. To specify no maximum limit, omit this parameter.", + "title": "Max", "type": "number" }, - "MaxUnavailablePercentage": { - "markdownDescription": "The maximum percentage of nodes unavailable during a version update. This percentage of nodes are updated in parallel, up to 100 nodes at once. This value or `maxUnavailable` is required to have a value.", - "title": "MaxUnavailablePercentage", + "Min": { + "markdownDescription": "The minimum amount of network bandwidth, in Gbps. If this parameter is not specified, there is no minimum limit.", + "title": "Min", "type": "number" } }, "type": "object" }, - "AWS::EKS::PodIdentityAssociation": { + "AWS::EC2::LaunchTemplate.NetworkInterface": { "additionalProperties": false, "properties": { - "Condition": { + "AssociateCarrierIpAddress": { + "markdownDescription": "Associates a Carrier IP address with eth0 for a new network interface.\n\nUse this option when you launch an instance in a Wavelength Zone and want to associate a Carrier IP address with the network interface. For more information about Carrier IP addresses, see [Carrier IP addresses](https://docs.aws.amazon.com/wavelength/latest/developerguide/how-wavelengths-work.html#provider-owned-ip) in the *AWS Wavelength Developer Guide* .", + "title": "AssociateCarrierIpAddress", + "type": "boolean" + }, + "AssociatePublicIpAddress": { + "markdownDescription": "Associates a public IPv4 address with eth0 for a new network interface.\n\nAWS charges for all public IPv4 addresses, including public IPv4 addresses associated with running instances and Elastic IP addresses. For more information, see the *Public IPv4 Address* tab on the [Amazon VPC pricing page](https://docs.aws.amazon.com/vpc/pricing/) .", + "title": "AssociatePublicIpAddress", + "type": "boolean" + }, + "ConnectionTrackingSpecification": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.ConnectionTrackingSpecification", + "markdownDescription": "A connection tracking specification for the network interface.", + "title": "ConnectionTrackingSpecification" + }, + "DeleteOnTermination": { + "markdownDescription": "Indicates whether the network interface is deleted when the instance is terminated.", + "title": "DeleteOnTermination", + "type": "boolean" + }, + "Description": { + "markdownDescription": "A description for the network interface.", + "title": "Description", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DeviceIndex": { + "markdownDescription": "The device index for the network interface attachment. The primary network interface has a device index of 0. If the network interface is of type `interface` , you must specify a device index.\n\nIf you create a launch template that includes secondary network interfaces but no primary network interface, and you specify it using the `LaunchTemplate` property of `AWS::EC2::Instance` , then you must include a primary network interface using the `NetworkInterfaces` property of `AWS::EC2::Instance` .", + "title": "DeviceIndex", + "type": "number" + }, + "EnaSrdSpecification": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.EnaSrdSpecification", + "markdownDescription": "The ENA Express configuration for the network interface.", + "title": "EnaSrdSpecification" + }, + "Groups": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of one or more security groups.", + "title": "Groups", + "type": "array" + }, + "InterfaceType": { + "markdownDescription": "The type of network interface. To create an Elastic Fabric Adapter (EFA), specify `efa` or `efa` . For more information, see [Elastic Fabric Adapter for AI/ML and HPC workloads on Amazon EC2](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/efa.html) in the *Amazon EC2 User Guide* .\n\nIf you are not creating an EFA, specify `interface` or omit this parameter.\n\nIf you specify `efa-only` , do not assign any IP addresses to the network interface. EFA-only network interfaces do not support IP addresses.\n\nValid values: `interface` | `efa` | `efa-only`", + "title": "InterfaceType", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Ipv4PrefixCount": { + "markdownDescription": "The number of IPv4 prefixes to be automatically assigned to the network interface. You cannot use this option if you use the `Ipv4Prefix` option.", + "title": "Ipv4PrefixCount", + "type": "number" }, - "Metadata": { - "type": "object" + "Ipv4Prefixes": { + "items": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Ipv4PrefixSpecification" + }, + "markdownDescription": "One or more IPv4 prefixes to be assigned to the network interface. You cannot use this option if you use the `Ipv4PrefixCount` option.", + "title": "Ipv4Prefixes", + "type": "array" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ClusterName": { - "markdownDescription": "The name of the cluster that the association is in.", - "title": "ClusterName", - "type": "string" - }, - "Namespace": { - "markdownDescription": "The name of the Kubernetes namespace inside the cluster to create the association in. The service account and the pods that use the service account must be in this namespace.", - "title": "Namespace", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to associate with the service account. The EKS Pod Identity agent manages credentials to assume this role for applications in the containers in the pods that use this service account.", - "title": "RoleArn", - "type": "string" - }, - "ServiceAccount": { - "markdownDescription": "The name of the Kubernetes service account inside the cluster to associate the IAM credentials with.", - "title": "ServiceAccount", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or AWS resources.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource \u2013 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length \u2013 128 Unicode characters in UTF-8\n- Maximum value length \u2013 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", - "title": "Tags", - "type": "array" - } + "Ipv6AddressCount": { + "markdownDescription": "The number of IPv6 addresses to assign to a network interface. Amazon EC2 automatically selects the IPv6 addresses from the subnet range. You can't use this option if specifying specific IPv6 addresses.", + "title": "Ipv6AddressCount", + "type": "number" + }, + "Ipv6Addresses": { + "items": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Ipv6Add" }, - "required": [ - "ClusterName", - "Namespace", - "RoleArn", - "ServiceAccount" - ], - "type": "object" + "markdownDescription": "One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet. You can't use this option if you're specifying a number of IPv6 addresses.", + "title": "Ipv6Addresses", + "type": "array" }, - "Type": { - "enum": [ - "AWS::EKS::PodIdentityAssociation" - ], + "Ipv6PrefixCount": { + "markdownDescription": "The number of IPv6 prefixes to be automatically assigned to the network interface. You cannot use this option if you use the `Ipv6Prefix` option.", + "title": "Ipv6PrefixCount", + "type": "number" + }, + "Ipv6Prefixes": { + "items": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Ipv6PrefixSpecification" + }, + "markdownDescription": "One or more IPv6 prefixes to be assigned to the network interface. You cannot use this option if you use the `Ipv6PrefixCount` option.", + "title": "Ipv6Prefixes", + "type": "array" + }, + "NetworkCardIndex": { + "markdownDescription": "The index of the network card. Some instance types support multiple network cards. The primary network interface must be assigned to network card index 0. The default is network card index 0.", + "title": "NetworkCardIndex", + "type": "number" + }, + "NetworkInterfaceId": { + "markdownDescription": "The ID of the network interface.", + "title": "NetworkInterfaceId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "PrimaryIpv6": { + "markdownDescription": "The primary IPv6 address of the network interface. When you enable an IPv6 GUA address to be a primary IPv6, the first IPv6 GUA will be made the primary IPv6 address until the instance is terminated or the network interface is detached. For more information about primary IPv6 addresses, see [RunInstances](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html) .", + "title": "PrimaryIpv6", + "type": "boolean" + }, + "PrivateIpAddress": { + "markdownDescription": "The primary private IPv4 address of the network interface.", + "title": "PrivateIpAddress", + "type": "string" + }, + "PrivateIpAddresses": { + "items": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.PrivateIpAdd" + }, + "markdownDescription": "One or more private IPv4 addresses.", + "title": "PrivateIpAddresses", + "type": "array" + }, + "SecondaryPrivateIpAddressCount": { + "markdownDescription": "The number of secondary private IPv4 addresses to assign to a network interface.", + "title": "SecondaryPrivateIpAddressCount", + "type": "number" + }, + "SubnetId": { + "markdownDescription": "The ID of the subnet for the network interface.", + "title": "SubnetId", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::EMR::Cluster": { + "AWS::EC2::LaunchTemplate.NetworkInterfaceCount": { "additionalProperties": false, "properties": { - "Condition": { + "Max": { + "markdownDescription": "The maximum number of network interfaces. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The minimum number of network interfaces. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::LaunchTemplate.NetworkPerformanceOptions": { + "additionalProperties": false, + "properties": { + "BandwidthWeighting": { + "markdownDescription": "Specify the bandwidth weighting option to boost the associated type of baseline bandwidth, as follows:\n\n- **default** - This option uses the standard bandwidth configuration for your instance type.\n- **vpc-1** - This option boosts your networking baseline bandwidth and reduces your EBS baseline bandwidth.\n- **ebs-1** - This option boosts your EBS baseline bandwidth and reduces your networking baseline bandwidth.", + "title": "BandwidthWeighting", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::LaunchTemplate.Placement": { + "additionalProperties": false, + "properties": { + "Affinity": { + "markdownDescription": "The affinity setting for an instance on a Dedicated Host.", + "title": "Affinity", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "AvailabilityZone": { + "markdownDescription": "The Availability Zone for the instance.", + "title": "AvailabilityZone", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "GroupId": { + "markdownDescription": "The Group Id of a placement group. You must specify the Placement Group *Group Id* to launch an instance in a shared placement group.", + "title": "GroupId", + "type": "string" }, - "Metadata": { - "type": "object" + "GroupName": { + "markdownDescription": "The name of the placement group for the instance.", + "title": "GroupName", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AdditionalInfo": { - "markdownDescription": "A JSON string for selecting additional features.", - "title": "AdditionalInfo", - "type": "object" - }, - "Applications": { - "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.Application" - }, - "markdownDescription": "The applications to install on this cluster, for example, Spark, Flink, Oozie, Zeppelin, and so on.", - "title": "Applications", - "type": "array" - }, - "AutoScalingRole": { - "markdownDescription": "An IAM role for automatic scaling policies. The default role is `EMR_AutoScaling_DefaultRole` . The IAM role provides permissions that the automatic scaling feature requires to launch and terminate Amazon EC2 instances in an instance group.", - "title": "AutoScalingRole", - "type": "string" - }, - "AutoTerminationPolicy": { - "$ref": "#/definitions/AWS::EMR::Cluster.AutoTerminationPolicy", - "markdownDescription": "An auto-termination policy for an Amazon EMR cluster. An auto-termination policy defines the amount of idle time in seconds after which a cluster automatically terminates. For alternative cluster termination options, see [Control cluster termination](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-plan-termination.html) .", - "title": "AutoTerminationPolicy" - }, - "BootstrapActions": { - "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.BootstrapActionConfig" - }, - "markdownDescription": "A list of bootstrap actions to run before Hadoop starts on the cluster nodes.", - "title": "BootstrapActions", - "type": "array" - }, - "Configurations": { - "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.Configuration" - }, - "markdownDescription": "Applies only to Amazon EMR releases 4.x and later. The list of configurations that are supplied to the Amazon EMR cluster.", - "title": "Configurations", - "type": "array" - }, - "CustomAmiId": { - "markdownDescription": "Available only in Amazon EMR releases 5.7.0 and later. The ID of a custom Amazon EBS-backed Linux AMI if the cluster uses a custom AMI.", - "title": "CustomAmiId", - "type": "string" - }, - "EbsRootVolumeIops": { - "markdownDescription": "The IOPS, of the Amazon EBS root device volume of the Linux AMI that is used for each Amazon EC2 instance. Available in Amazon EMR releases 6.15.0 and later.", - "title": "EbsRootVolumeIops", - "type": "number" - }, - "EbsRootVolumeSize": { - "markdownDescription": "The size, in GiB, of the Amazon EBS root device volume of the Linux AMI that is used for each Amazon EC2 instance. Available in Amazon EMR releases 4.x and later.", - "title": "EbsRootVolumeSize", - "type": "number" - }, - "EbsRootVolumeThroughput": { - "markdownDescription": "The throughput, in MiB/s, of the Amazon EBS root device volume of the Linux AMI that is used for each Amazon EC2 instance. Available in Amazon EMR releases 6.15.0 and later.", - "title": "EbsRootVolumeThroughput", - "type": "number" - }, - "Instances": { - "$ref": "#/definitions/AWS::EMR::Cluster.JobFlowInstancesConfig", - "markdownDescription": "A specification of the number and type of Amazon EC2 instances.", - "title": "Instances" - }, - "JobFlowRole": { - "markdownDescription": "Also called instance profile and Amazon EC2 role. An IAM role for an Amazon EMR cluster. The Amazon EC2 instances of the cluster assume this role. The default role is `EMR_EC2_DefaultRole` . In order to use the default role, you must have already created it using the AWS CLI or console.", - "title": "JobFlowRole", - "type": "string" - }, - "KerberosAttributes": { - "$ref": "#/definitions/AWS::EMR::Cluster.KerberosAttributes", - "markdownDescription": "Attributes for Kerberos configuration when Kerberos authentication is enabled using a security configuration. For more information see [Use Kerberos Authentication](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-kerberos.html) in the *Amazon EMR Management Guide* .", - "title": "KerberosAttributes" - }, - "LogEncryptionKmsKeyId": { - "markdownDescription": "The AWS KMS key used for encrypting log files. This attribute is only available with Amazon EMR 5.30.0 and later, excluding Amazon EMR 6.0.0.", - "title": "LogEncryptionKmsKeyId", - "type": "string" - }, - "LogUri": { - "markdownDescription": "The path to the Amazon S3 location where logs for this cluster are stored.", - "title": "LogUri", - "type": "string" - }, - "ManagedScalingPolicy": { - "$ref": "#/definitions/AWS::EMR::Cluster.ManagedScalingPolicy", - "markdownDescription": "Creates or updates a managed scaling policy for an Amazon EMR cluster. The managed scaling policy defines the limits for resources, such as Amazon EC2 instances that can be added or terminated from a cluster. The policy only applies to the core and task nodes. The master node cannot be scaled after initial configuration.", - "title": "ManagedScalingPolicy" - }, - "Name": { - "markdownDescription": "The name of the cluster. This parameter can't contain the characters <, >, $, |, or ` (backtick).", - "title": "Name", - "type": "string" - }, - "OSReleaseLabel": { - "markdownDescription": "The Amazon Linux release specified in a cluster launch RunJobFlow request. If no Amazon Linux release was specified, the default Amazon Linux release is shown in the response.", - "title": "OSReleaseLabel", - "type": "string" - }, - "PlacementGroupConfigs": { - "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.PlacementGroupConfig" - }, - "markdownDescription": "", - "title": "PlacementGroupConfigs", - "type": "array" - }, - "ReleaseLabel": { - "markdownDescription": "The Amazon EMR release label, which determines the version of open-source application packages installed on the cluster. Release labels are in the form `emr-x.x.x` , where x.x.x is an Amazon EMR release version such as `emr-5.14.0` . For more information about Amazon EMR release versions and included application versions and features, see [](https://docs.aws.amazon.com/emr/latest/ReleaseGuide/) . The release label applies only to Amazon EMR releases version 4.0 and later. Earlier versions use `AmiVersion` .", - "title": "ReleaseLabel", - "type": "string" - }, - "ScaleDownBehavior": { - "markdownDescription": "The way that individual Amazon EC2 instances terminate when an automatic scale-in activity occurs or an instance group is resized. `TERMINATE_AT_INSTANCE_HOUR` indicates that Amazon EMR terminates nodes at the instance-hour boundary, regardless of when the request to terminate the instance was submitted. This option is only available with Amazon EMR 5.1.0 and later and is the default for clusters created using that version. `TERMINATE_AT_TASK_COMPLETION` indicates that Amazon EMR adds nodes to a deny list and drains tasks from nodes before terminating the Amazon EC2 instances, regardless of the instance-hour boundary. With either behavior, Amazon EMR removes the least active nodes first and blocks instance termination if it could lead to HDFS corruption. `TERMINATE_AT_TASK_COMPLETION` is available only in Amazon EMR releases 4.1.0 and later, and is the default for versions of Amazon EMR earlier than 5.1.0.", - "title": "ScaleDownBehavior", - "type": "string" - }, - "SecurityConfiguration": { - "markdownDescription": "The name of the security configuration applied to the cluster.", - "title": "SecurityConfiguration", - "type": "string" - }, - "ServiceRole": { - "markdownDescription": "The IAM role that Amazon EMR assumes in order to access AWS resources on your behalf.", - "title": "ServiceRole", - "type": "string" - }, - "StepConcurrencyLevel": { - "markdownDescription": "Specifies the number of steps that can be executed concurrently. The default value is `1` . The maximum value is `256` .", - "title": "StepConcurrencyLevel", - "type": "number" - }, - "Steps": { - "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.StepConfig" - }, - "markdownDescription": "A list of steps to run.", - "title": "Steps", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of tags associated with a cluster.", - "title": "Tags", - "type": "array" - }, - "VisibleToAllUsers": { - "markdownDescription": "Indicates whether the cluster is visible to all IAM users of the AWS account associated with the cluster. If this value is set to `true` , all IAM users of that AWS account can view and manage the cluster if they have the proper policy permissions set. If this value is `false` , only the IAM user that created the cluster can view and manage it. This value can be changed using the SetVisibleToAllUsers action.\n\n> When you create clusters directly through the EMR console or API, this value is set to `true` by default. However, for `AWS::EMR::Cluster` resources in CloudFormation, the default is `false` .", - "title": "VisibleToAllUsers", - "type": "boolean" - } - }, - "required": [ - "Instances", - "JobFlowRole", - "Name", - "ServiceRole" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::EMR::Cluster" - ], + "HostId": { + "markdownDescription": "The ID of the Dedicated Host for the instance.", + "title": "HostId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "HostResourceGroupArn": { + "markdownDescription": "The ARN of the host resource group in which to launch the instances. If you specify a host resource group ARN, omit the *Tenancy* parameter or set it to `host` .", + "title": "HostResourceGroupArn", "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::EMR::Cluster.Application": { - "additionalProperties": false, - "properties": { - "AdditionalInfo": { - "additionalProperties": true, - "markdownDescription": "This option is for advanced users only. This is meta information about clusters and applications that are used for testing and troubleshooting.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "AdditionalInfo", - "type": "object" }, - "Args": { - "items": { - "type": "string" - }, - "markdownDescription": "Arguments for Amazon EMR to pass to the application.", - "title": "Args", - "type": "array" + "PartitionNumber": { + "markdownDescription": "The number of the partition the instance should launch in. Valid only if the placement group strategy is set to `partition` .", + "title": "PartitionNumber", + "type": "number" }, - "Name": { - "markdownDescription": "The name of the application.", - "title": "Name", + "SpreadDomain": { + "markdownDescription": "Reserved for future use.", + "title": "SpreadDomain", "type": "string" }, - "Version": { - "markdownDescription": "The version of the application.", - "title": "Version", + "Tenancy": { + "markdownDescription": "The tenancy of the instance. An instance with a tenancy of dedicated runs on single-tenant hardware.", + "title": "Tenancy", "type": "string" } }, "type": "object" }, - "AWS::EMR::Cluster.AutoScalingPolicy": { + "AWS::EC2::LaunchTemplate.PrivateDnsNameOptions": { "additionalProperties": false, "properties": { - "Constraints": { - "$ref": "#/definitions/AWS::EMR::Cluster.ScalingConstraints", - "markdownDescription": "The upper and lower Amazon EC2 instance limits for an automatic scaling policy. Automatic scaling activity will not cause an instance group to grow above or below these limits.", - "title": "Constraints" + "EnableResourceNameDnsAAAARecord": { + "markdownDescription": "Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records.", + "title": "EnableResourceNameDnsAAAARecord", + "type": "boolean" }, - "Rules": { - "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.ScalingRule" - }, - "markdownDescription": "The scale-in and scale-out rules that comprise the automatic scaling policy.", - "title": "Rules", - "type": "array" + "EnableResourceNameDnsARecord": { + "markdownDescription": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records.", + "title": "EnableResourceNameDnsARecord", + "type": "boolean" + }, + "HostnameType": { + "markdownDescription": "The type of hostname for EC2 instances. For IPv4 only subnets, an instance DNS name must be based on the instance IPv4 address. For IPv6 only subnets, an instance DNS name must be based on the instance ID. For dual-stack subnets, you can specify whether DNS names use the instance IPv4 address or the instance ID. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .", + "title": "HostnameType", + "type": "string" } }, - "required": [ - "Constraints", - "Rules" - ], "type": "object" }, - "AWS::EMR::Cluster.AutoTerminationPolicy": { + "AWS::EC2::LaunchTemplate.PrivateIpAdd": { "additionalProperties": false, "properties": { - "IdleTimeout": { - "markdownDescription": "Specifies the amount of idle time in seconds after which the cluster automatically terminates. You can specify a minimum of 60 seconds and a maximum of 604800 seconds (seven days).", - "title": "IdleTimeout", - "type": "number" + "Primary": { + "markdownDescription": "Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.", + "title": "Primary", + "type": "boolean" + }, + "PrivateIpAddress": { + "markdownDescription": "The private IPv4 address.", + "title": "PrivateIpAddress", + "type": "string" } }, "type": "object" }, - "AWS::EMR::Cluster.BootstrapActionConfig": { + "AWS::EC2::LaunchTemplate.Reference": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the bootstrap action.", - "title": "Name", + "InstanceFamily": { + "markdownDescription": "The instance family to use as a baseline reference.\n\n> Ensure that you specify the correct value for the instance family. The instance family is everything before the period ( `.` ) in the instance type name. For example, in the instance type `c6i.large` , the instance family is `c6i` , not `c6` . For more information, see [Amazon EC2 instance type naming conventions](https://docs.aws.amazon.com/ec2/latest/instancetypes/instance-type-names.html) in *Amazon EC2 Instance Types* . \n\nThe following instance families are *not supported* for performance protection:\n\n- `c1`\n- `g3` | `g3s`\n- `hpc7g`\n- `m1` | `m2`\n- `mac1` | `mac2` | `mac2-m1ultra` | `mac2-m2` | `mac2-m2pro`\n- `p3dn` | `p4d` | `p5`\n- `t1`\n- `u-12tb1` | `u-18tb1` | `u-24tb1` | `u-3tb1` | `u-6tb1` | `u-9tb1` | `u7i-12tb` | `u7in-16tb` | `u7in-24tb` | `u7in-32tb`\n\nIf you enable performance protection by specifying a supported instance family, the returned instance types will exclude the above unsupported instance families.", + "title": "InstanceFamily", "type": "string" - }, - "ScriptBootstrapAction": { - "$ref": "#/definitions/AWS::EMR::Cluster.ScriptBootstrapActionConfig", - "markdownDescription": "The script run by the bootstrap action.", - "title": "ScriptBootstrapAction" } }, - "required": [ - "Name", - "ScriptBootstrapAction" - ], "type": "object" }, - "AWS::EMR::Cluster.CloudWatchAlarmDefinition": { + "AWS::EC2::LaunchTemplate.SpotOptions": { "additionalProperties": false, "properties": { - "ComparisonOperator": { - "markdownDescription": "Determines how the metric specified by `MetricName` is compared to the value specified by `Threshold` .", - "title": "ComparisonOperator", - "type": "string" - }, - "Dimensions": { - "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.MetricDimension" - }, - "markdownDescription": "A CloudWatch metric dimension.", - "title": "Dimensions", - "type": "array" - }, - "EvaluationPeriods": { - "markdownDescription": "The number of periods, in five-minute increments, during which the alarm condition must exist before the alarm triggers automatic scaling activity. The default value is `1` .", - "title": "EvaluationPeriods", + "BlockDurationMinutes": { + "markdownDescription": "Deprecated.", + "title": "BlockDurationMinutes", "type": "number" }, - "MetricName": { - "markdownDescription": "The name of the CloudWatch metric that is watched to determine an alarm condition.", - "title": "MetricName", - "type": "string" - }, - "Namespace": { - "markdownDescription": "The namespace for the CloudWatch metric. The default is `AWS/ElasticMapReduce` .", - "title": "Namespace", + "InstanceInterruptionBehavior": { + "markdownDescription": "The behavior when a Spot Instance is interrupted. The default is `terminate` .", + "title": "InstanceInterruptionBehavior", "type": "string" }, - "Period": { - "markdownDescription": "The period, in seconds, over which the statistic is applied. CloudWatch metrics for Amazon EMR are emitted every five minutes (300 seconds), so if you specify a CloudWatch metric, specify `300` .", - "title": "Period", - "type": "number" - }, - "Statistic": { - "markdownDescription": "The statistic to apply to the metric associated with the alarm. The default is `AVERAGE` .", - "title": "Statistic", + "MaxPrice": { + "markdownDescription": "The maximum hourly price you're willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price. If you do specify this parameter, it must be more than USD $0.001. Specifying a value below USD $0.001 will result in an `InvalidParameterValue` error message when the launch template is used to launch an instance.\n\n> If you specify a maximum price, your Spot Instances will be interrupted more frequently than if you do not specify this parameter.", + "title": "MaxPrice", "type": "string" }, - "Threshold": { - "markdownDescription": "The value against which the specified statistic is compared.", - "title": "Threshold", - "type": "number" - }, - "Unit": { - "markdownDescription": "The unit of measure associated with the CloudWatch metric being watched. The value specified for `Unit` must correspond to the units specified in the CloudWatch metric.", - "title": "Unit", + "SpotInstanceType": { + "markdownDescription": "The Spot Instance request type.\n\nIf you are using Spot Instances with an Auto Scaling group, use `one-time` requests, as the Amazon EC2 Auto Scaling service handles requesting new Spot Instances whenever the group is below its desired capacity.", + "title": "SpotInstanceType", "type": "string" - } - }, - "required": [ - "ComparisonOperator", - "MetricName", - "Period", - "Threshold" - ], - "type": "object" - }, - "AWS::EMR::Cluster.ComputeLimits": { - "additionalProperties": false, - "properties": { - "MaximumCapacityUnits": { - "markdownDescription": "The upper boundary of Amazon EC2 units. It is measured through vCPU cores or instances for instance groups and measured through units for instance fleets. Managed scaling activities are not allowed beyond this boundary. The limit only applies to the core and task nodes. The master node cannot be scaled after initial configuration.", - "title": "MaximumCapacityUnits", - "type": "number" - }, - "MaximumCoreCapacityUnits": { - "markdownDescription": "The upper boundary of Amazon EC2 units for core node type in a cluster. It is measured through vCPU cores or instances for instance groups and measured through units for instance fleets. The core units are not allowed to scale beyond this boundary. The parameter is used to split capacity allocation between core and task nodes.", - "title": "MaximumCoreCapacityUnits", - "type": "number" - }, - "MaximumOnDemandCapacityUnits": { - "markdownDescription": "The upper boundary of On-Demand Amazon EC2 units. It is measured through vCPU cores or instances for instance groups and measured through units for instance fleets. The On-Demand units are not allowed to scale beyond this boundary. The parameter is used to split capacity allocation between On-Demand and Spot Instances.", - "title": "MaximumOnDemandCapacityUnits", - "type": "number" - }, - "MinimumCapacityUnits": { - "markdownDescription": "The lower boundary of Amazon EC2 units. It is measured through vCPU cores or instances for instance groups and measured through units for instance fleets. Managed scaling activities are not allowed beyond this boundary. The limit only applies to the core and task nodes. The master node cannot be scaled after initial configuration.", - "title": "MinimumCapacityUnits", - "type": "number" }, - "UnitType": { - "markdownDescription": "The unit type used for specifying a managed scaling policy.", - "title": "UnitType", + "ValidUntil": { + "markdownDescription": "The end date of the request, in UTC format ( *YYYY-MM-DD* T *HH:MM:SS* Z). Supported only for persistent requests.\n\n- For a persistent request, the request remains active until the `ValidUntil` date and time is reached. Otherwise, the request remains active until you cancel it.\n- For a one-time request, `ValidUntil` is not supported. The request remains active until all instances launch or you cancel the request.\n\nDefault: 7 days from the current date", + "title": "ValidUntil", "type": "string" } }, - "required": [ - "MaximumCapacityUnits", - "MinimumCapacityUnits", - "UnitType" - ], "type": "object" }, - "AWS::EMR::Cluster.Configuration": { + "AWS::EC2::LaunchTemplate.TagSpecification": { "additionalProperties": false, "properties": { - "Classification": { - "markdownDescription": "The classification within a configuration.", - "title": "Classification", + "ResourceType": { + "markdownDescription": "The type of resource to tag. You can specify tags for the following resource types only: `instance` | `volume` | `network-interface` | `spot-instances-request` . If the instance does not include the resource type that you specify, the instance launch fails. For example, not all instance types include a volume.\n\nTo tag a resource after it has been created, see [CreateTags](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTags.html) .", + "title": "ResourceType", "type": "string" }, - "ConfigurationProperties": { - "additionalProperties": true, - "markdownDescription": "A list of additional configurations to apply within a configuration object.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "ConfigurationProperties", - "type": "object" - }, - "Configurations": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.Configuration" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of additional configurations to apply within a configuration object.", - "title": "Configurations", + "markdownDescription": "The tags to apply to the resource.", + "title": "Tags", "type": "array" } }, "type": "object" }, - "AWS::EMR::Cluster.EbsBlockDeviceConfig": { + "AWS::EC2::LaunchTemplate.TotalLocalStorageGB": { "additionalProperties": false, "properties": { - "VolumeSpecification": { - "$ref": "#/definitions/AWS::EMR::Cluster.VolumeSpecification", - "markdownDescription": "EBS volume specifications such as volume type, IOPS, size (GiB) and throughput (MiB/s) that are requested for the EBS volume attached to an Amazon EC2 instance in the cluster.", - "title": "VolumeSpecification" + "Max": { + "markdownDescription": "The maximum amount of total local storage, in GB. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" }, - "VolumesPerInstance": { - "markdownDescription": "Number of EBS volumes with a specific volume configuration that are associated with every instance in the instance group", - "title": "VolumesPerInstance", + "Min": { + "markdownDescription": "The minimum amount of total local storage, in GB. To specify no minimum limit, omit this parameter.", + "title": "Min", "type": "number" } }, - "required": [ - "VolumeSpecification" - ], "type": "object" }, - "AWS::EMR::Cluster.EbsConfiguration": { + "AWS::EC2::LaunchTemplate.VCpuCount": { "additionalProperties": false, "properties": { - "EbsBlockDeviceConfigs": { - "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.EbsBlockDeviceConfig" - }, - "markdownDescription": "An array of Amazon EBS volume specifications attached to a cluster instance.", - "title": "EbsBlockDeviceConfigs", - "type": "array" + "Max": { + "markdownDescription": "The maximum number of vCPUs. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" }, - "EbsOptimized": { - "markdownDescription": "Indicates whether an Amazon EBS volume is EBS-optimized. The default is false. You should explicitly set this value to true to enable the Amazon EBS-optimized setting for an EC2 instance.", - "title": "EbsOptimized", - "type": "boolean" + "Min": { + "markdownDescription": "The minimum number of vCPUs. To specify no minimum limit, specify `0` .", + "title": "Min", + "type": "number" } }, "type": "object" }, - "AWS::EMR::Cluster.HadoopJarStepConfig": { + "AWS::EC2::LocalGatewayRoute": { "additionalProperties": false, "properties": { - "Args": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of command line arguments passed to the JAR file's main function when executed.", - "title": "Args", - "type": "array" - }, - "Jar": { - "markdownDescription": "A path to a JAR file run during the step.", - "title": "Jar", + "Condition": { "type": "string" }, - "MainClass": { - "markdownDescription": "The name of the main class in the specified Java file. If not specified, the JAR file should specify a Main-Class in its manifest file.", - "title": "MainClass", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "StepProperties": { - "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.KeyValue" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DestinationCidrBlock": { + "markdownDescription": "The CIDR block used for destination matches.", + "title": "DestinationCidrBlock", + "type": "string" + }, + "LocalGatewayRouteTableId": { + "markdownDescription": "The ID of the local gateway route table.", + "title": "LocalGatewayRouteTableId", + "type": "string" + }, + "LocalGatewayVirtualInterfaceGroupId": { + "markdownDescription": "The ID of the virtual interface group.", + "title": "LocalGatewayVirtualInterfaceGroupId", + "type": "string" + }, + "NetworkInterfaceId": { + "markdownDescription": "The ID of the network interface.", + "title": "NetworkInterfaceId", + "type": "string" + } }, - "markdownDescription": "A list of Java properties that are set when the step runs. You can use these properties to pass key-value pairs to your main function.", - "title": "StepProperties", - "type": "array" + "required": [ + "DestinationCidrBlock", + "LocalGatewayRouteTableId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::EC2::LocalGatewayRoute" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Jar" + "Type", + "Properties" ], "type": "object" }, - "AWS::EMR::Cluster.InstanceFleetConfig": { + "AWS::EC2::LocalGatewayRouteTable": { "additionalProperties": false, "properties": { - "InstanceTypeConfigs": { - "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.InstanceTypeConfig" - }, - "markdownDescription": "The instance type configurations that define the Amazon EC2 instances in the instance fleet.", - "title": "InstanceTypeConfigs", - "type": "array" - }, - "LaunchSpecifications": { - "$ref": "#/definitions/AWS::EMR::Cluster.InstanceFleetProvisioningSpecifications", - "markdownDescription": "The launch specification for the instance fleet.", - "title": "LaunchSpecifications" + "Condition": { + "type": "string" }, - "Name": { - "markdownDescription": "The friendly name of the instance fleet.", - "title": "Name", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "TargetOnDemandCapacity": { - "markdownDescription": "The target capacity of On-Demand units for the instance fleet, which determines how many On-Demand instances to provision. When the instance fleet launches, Amazon EMR tries to provision On-Demand instances as specified by `InstanceTypeConfig` . Each instance configuration has a specified `WeightedCapacity` . When an On-Demand instance is provisioned, the `WeightedCapacity` units count toward the target capacity. Amazon EMR provisions instances until the target capacity is totally fulfilled, even if this results in an overage. For example, if there are 2 units remaining to fulfill capacity, and Amazon EMR can only provision an instance with a `WeightedCapacity` of 5 units, the instance is provisioned, and the target capacity is exceeded by 3 units.\n\n> If not specified or set to 0, only Spot instances are provisioned for the instance fleet using `TargetSpotCapacity` . At least one of `TargetSpotCapacity` and `TargetOnDemandCapacity` should be greater than 0. For a master instance fleet, only one of `TargetSpotCapacity` and `TargetOnDemandCapacity` can be specified, and its value must be 1.", - "title": "TargetOnDemandCapacity", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "TargetSpotCapacity": { - "markdownDescription": "The target capacity of Spot units for the instance fleet, which determines how many Spot instances to provision. When the instance fleet launches, Amazon EMR tries to provision Spot instances as specified by `InstanceTypeConfig` . Each instance configuration has a specified `WeightedCapacity` . When a Spot instance is provisioned, the `WeightedCapacity` units count toward the target capacity. Amazon EMR provisions instances until the target capacity is totally fulfilled, even if this results in an overage. For example, if there are 2 units remaining to fulfill capacity, and Amazon EMR can only provision an instance with a `WeightedCapacity` of 5 units, the instance is provisioned, and the target capacity is exceeded by 3 units.\n\n> If not specified or set to 0, only On-Demand instances are provisioned for the instance fleet. At least one of `TargetSpotCapacity` and `TargetOnDemandCapacity` should be greater than 0. For a master instance fleet, only one of `TargetSpotCapacity` and `TargetOnDemandCapacity` can be specified, and its value must be 1.", - "title": "TargetSpotCapacity", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EMR::Cluster.InstanceFleetProvisioningSpecifications": { - "additionalProperties": false, - "properties": { - "OnDemandSpecification": { - "$ref": "#/definitions/AWS::EMR::Cluster.OnDemandProvisioningSpecification", - "markdownDescription": "The launch specification for On-Demand Instances in the instance fleet, which determines the allocation strategy and capacity reservation options.\n\n> The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and later, excluding 5.0.x versions. On-Demand Instances allocation strategy is available in Amazon EMR releases 5.12.1 and later.", - "title": "OnDemandSpecification" + "Metadata": { + "type": "object" }, - "SpotSpecification": { - "$ref": "#/definitions/AWS::EMR::Cluster.SpotProvisioningSpecification", - "markdownDescription": "The launch specification for Spot instances in the fleet, which determines the allocation strategy, defined duration, and provisioning timeout behavior.", - "title": "SpotSpecification" + "Properties": { + "additionalProperties": false, + "properties": { + "LocalGatewayId": { + "markdownDescription": "The ID of the local gateway.", + "title": "LocalGatewayId", + "type": "string" + }, + "Mode": { + "markdownDescription": "The mode of the local gateway route table.", + "title": "Mode", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags assigned to the local gateway route table.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "LocalGatewayId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::EC2::LocalGatewayRouteTable" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::EMR::Cluster.InstanceGroupConfig": { + "AWS::EC2::LocalGatewayRouteTableVPCAssociation": { "additionalProperties": false, "properties": { - "AutoScalingPolicy": { - "$ref": "#/definitions/AWS::EMR::Cluster.AutoScalingPolicy", - "markdownDescription": "`AutoScalingPolicy` is a subproperty of the [InstanceGroupConfig](https://docs.aws.amazon.com//AWSCloudFormation/latest/UserGuide/aws-properties-emr-cluster-jobflowinstancesconfig-instancegroupconfig.html) property type that specifies the constraints and rules of an automatic scaling policy in Amazon EMR . The automatic scaling policy defines how an instance group dynamically adds and terminates EC2 instances in response to the value of a CloudWatch metric. Only core and task instance groups can use automatic scaling policies. For more information, see [Using Automatic Scaling in Amazon EMR](https://docs.aws.amazon.com//emr/latest/ManagementGuide/emr-automatic-scaling.html) .", - "title": "AutoScalingPolicy" - }, - "BidPrice": { - "markdownDescription": "If specified, indicates that the instance group uses Spot Instances. This is the maximum price you are willing to pay for Spot Instances. Specify `OnDemandPrice` to set the amount equal to the On-Demand price, or specify an amount in USD.", - "title": "BidPrice", + "Condition": { "type": "string" }, - "Configurations": { - "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.Configuration" - }, - "markdownDescription": "> Amazon EMR releases 4.x or later. \n\nThe list of configurations supplied for an Amazon EMR cluster instance group. You can specify a separate configuration for each instance group (master, core, and task).", - "title": "Configurations", - "type": "array" - }, - "CustomAmiId": { - "markdownDescription": "The custom AMI ID to use for the provisioned instance group.", - "title": "CustomAmiId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "EbsConfiguration": { - "$ref": "#/definitions/AWS::EMR::Cluster.EbsConfiguration", - "markdownDescription": "EBS configurations that will be attached to each Amazon EC2 instance in the instance group.", - "title": "EbsConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "InstanceCount": { - "markdownDescription": "Target number of instances for the instance group.", - "title": "InstanceCount", - "type": "number" + "Metadata": { + "type": "object" }, - "InstanceType": { - "markdownDescription": "The Amazon EC2 instance type for all instances in the instance group.", - "title": "InstanceType", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "LocalGatewayRouteTableId": { + "markdownDescription": "The ID of the local gateway route table.", + "title": "LocalGatewayRouteTableId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags assigned to the association.", + "title": "Tags", + "type": "array" + }, + "VpcId": { + "markdownDescription": "The ID of the VPC.", + "title": "VpcId", + "type": "string" + } + }, + "required": [ + "LocalGatewayRouteTableId", + "VpcId" + ], + "type": "object" }, - "Market": { - "markdownDescription": "Market type of the Amazon EC2 instances used to create a cluster node.", - "title": "Market", + "Type": { + "enum": [ + "AWS::EC2::LocalGatewayRouteTableVPCAssociation" + ], "type": "string" }, - "Name": { - "markdownDescription": "Friendly name given to the instance group.", - "title": "Name", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "InstanceCount", - "InstanceType" + "Type", + "Properties" ], "type": "object" }, - "AWS::EMR::Cluster.InstanceTypeConfig": { + "AWS::EC2::LocalGatewayRouteTableVirtualInterfaceGroupAssociation": { "additionalProperties": false, "properties": { - "BidPrice": { - "markdownDescription": "The bid price for each Amazon EC2 Spot Instance type as defined by `InstanceType` . Expressed in USD. If neither `BidPrice` nor `BidPriceAsPercentageOfOnDemandPrice` is provided, `BidPriceAsPercentageOfOnDemandPrice` defaults to 100%.", - "title": "BidPrice", + "Condition": { "type": "string" }, - "BidPriceAsPercentageOfOnDemandPrice": { - "markdownDescription": "The bid price, as a percentage of On-Demand price, for each Amazon EC2 Spot Instance as defined by `InstanceType` . Expressed as a number (for example, 20 specifies 20%). If neither `BidPrice` nor `BidPriceAsPercentageOfOnDemandPrice` is provided, `BidPriceAsPercentageOfOnDemandPrice` defaults to 100%.", - "title": "BidPriceAsPercentageOfOnDemandPrice", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Configurations": { - "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.Configuration" - }, - "markdownDescription": "A configuration classification that applies when provisioning cluster instances, which can include configurations for applications and software that run on the cluster.", - "title": "Configurations", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "CustomAmiId": { - "markdownDescription": "The custom AMI ID to use for the instance type.", - "title": "CustomAmiId", - "type": "string" + "Metadata": { + "type": "object" }, - "EbsConfiguration": { - "$ref": "#/definitions/AWS::EMR::Cluster.EbsConfiguration", - "markdownDescription": "The configuration of Amazon Elastic Block Store (Amazon EBS) attached to each instance as defined by `InstanceType` .", - "title": "EbsConfiguration" + "Properties": { + "additionalProperties": false, + "properties": { + "LocalGatewayRouteTableId": { + "markdownDescription": "The ID of the local gateway route table.", + "title": "LocalGatewayRouteTableId", + "type": "string" + }, + "LocalGatewayVirtualInterfaceGroupId": { + "markdownDescription": "The ID of the virtual interface group.", + "title": "LocalGatewayVirtualInterfaceGroupId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags assigned to the association.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "LocalGatewayRouteTableId", + "LocalGatewayVirtualInterfaceGroupId" + ], + "type": "object" }, - "InstanceType": { - "markdownDescription": "An Amazon EC2 instance type, such as `m3.xlarge` .", - "title": "InstanceType", + "Type": { + "enum": [ + "AWS::EC2::LocalGatewayRouteTableVirtualInterfaceGroupAssociation" + ], "type": "string" }, - "WeightedCapacity": { - "markdownDescription": "The number of units that a provisioned instance of this type provides toward fulfilling the target capacities defined in `InstanceFleetConfig` . This value is 1 for a master instance fleet, and must be 1 or greater for core and task instance fleets. Defaults to 1 if not specified.", - "title": "WeightedCapacity", - "type": "number" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "InstanceType" + "Type", + "Properties" ], "type": "object" }, - "AWS::EMR::Cluster.JobFlowInstancesConfig": { + "AWS::EC2::NatGateway": { "additionalProperties": false, "properties": { - "AdditionalMasterSecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of additional Amazon EC2 security group IDs for the master node.", - "title": "AdditionalMasterSecurityGroups", - "type": "array" - }, - "AdditionalSlaveSecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of additional Amazon EC2 security group IDs for the core and task nodes.", - "title": "AdditionalSlaveSecurityGroups", - "type": "array" - }, - "CoreInstanceFleet": { - "$ref": "#/definitions/AWS::EMR::Cluster.InstanceFleetConfig", - "markdownDescription": "Describes the EC2 instances and instance configurations for the core instance fleet when using clusters with the instance fleet configuration.", - "title": "CoreInstanceFleet" - }, - "CoreInstanceGroup": { - "$ref": "#/definitions/AWS::EMR::Cluster.InstanceGroupConfig", - "markdownDescription": "Describes the EC2 instances and instance configurations for core instance groups when using clusters with the uniform instance group configuration.", - "title": "CoreInstanceGroup" - }, - "Ec2KeyName": { - "markdownDescription": "The name of the Amazon EC2 key pair that can be used to connect to the master node using SSH as the user called \"hadoop.\"", - "title": "Ec2KeyName", + "Condition": { "type": "string" }, - "Ec2SubnetId": { - "markdownDescription": "Applies to clusters that use the uniform instance group configuration. To launch the cluster in Amazon Virtual Private Cloud (Amazon VPC), set this parameter to the identifier of the Amazon VPC subnet where you want the cluster to launch. If you do not specify this value and your account supports EC2-Classic, the cluster launches in EC2-Classic.", - "title": "Ec2SubnetId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Ec2SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "Applies to clusters that use the instance fleet configuration. When multiple Amazon EC2 subnet IDs are specified, Amazon EMR evaluates them and launches instances in the optimal subnet.\n\n> The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and later, excluding 5.0.x versions.", - "title": "Ec2SubnetIds", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "EmrManagedMasterSecurityGroup": { - "markdownDescription": "The identifier of the Amazon EC2 security group for the master node. If you specify `EmrManagedMasterSecurityGroup` , you must also specify `EmrManagedSlaveSecurityGroup` .", - "title": "EmrManagedMasterSecurityGroup", - "type": "string" + "Metadata": { + "type": "object" }, - "EmrManagedSlaveSecurityGroup": { - "markdownDescription": "The identifier of the Amazon EC2 security group for the core and task nodes. If you specify `EmrManagedSlaveSecurityGroup` , you must also specify `EmrManagedMasterSecurityGroup` .", - "title": "EmrManagedSlaveSecurityGroup", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "AllocationId": { + "markdownDescription": "[Public NAT gateway only] The allocation ID of the Elastic IP address that's associated with the NAT gateway. This property is required for a public NAT gateway and cannot be specified with a private NAT gateway.", + "title": "AllocationId", + "type": "string" + }, + "ConnectivityType": { + "markdownDescription": "Indicates whether the NAT gateway supports public or private connectivity. The default is public connectivity.", + "title": "ConnectivityType", + "type": "string" + }, + "MaxDrainDurationSeconds": { + "markdownDescription": "The maximum amount of time to wait (in seconds) before forcibly releasing the IP addresses if connections are still in progress. Default value is 350 seconds.", + "title": "MaxDrainDurationSeconds", + "type": "number" + }, + "PrivateIpAddress": { + "markdownDescription": "The private IPv4 address to assign to the NAT gateway. If you don't provide an address, a private IPv4 address will be automatically assigned.", + "title": "PrivateIpAddress", + "type": "string" + }, + "SecondaryAllocationIds": { + "items": { + "type": "string" + }, + "markdownDescription": "Secondary EIP allocation IDs. For more information, see [Create a NAT gateway](https://docs.aws.amazon.com/vpc/latest/userguide/nat-gateway-working-with.html) in the *Amazon VPC User Guide* .", + "title": "SecondaryAllocationIds", + "type": "array" + }, + "SecondaryPrivateIpAddressCount": { + "markdownDescription": "[Private NAT gateway only] The number of secondary private IPv4 addresses you want to assign to the NAT gateway. For more information about secondary addresses, see [Create a NAT gateway](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html#nat-gateway-creating) in the *Amazon Virtual Private Cloud User Guide* .\n\n`SecondaryPrivateIpAddressCount` and `SecondaryPrivateIpAddresses` cannot be set at the same time.", + "title": "SecondaryPrivateIpAddressCount", + "type": "number" + }, + "SecondaryPrivateIpAddresses": { + "items": { + "type": "string" + }, + "markdownDescription": "Secondary private IPv4 addresses. For more information about secondary addresses, see [Create a NAT gateway](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html#nat-gateway-creating) in the *Amazon Virtual Private Cloud User Guide* .\n\n`SecondaryPrivateIpAddressCount` and `SecondaryPrivateIpAddresses` cannot be set at the same time.", + "title": "SecondaryPrivateIpAddresses", + "type": "array" + }, + "SubnetId": { + "markdownDescription": "The ID of the subnet in which the NAT gateway is located.", + "title": "SubnetId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the NAT gateway.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "SubnetId" + ], + "type": "object" }, - "HadoopVersion": { - "markdownDescription": "Applies only to Amazon EMR release versions earlier than 4.0. The Hadoop version for the cluster. Valid inputs are \"0.18\" (no longer maintained), \"0.20\" (no longer maintained), \"0.20.205\" (no longer maintained), \"1.0.3\", \"2.2.0\", or \"2.4.0\". If you do not set this value, the default of 0.18 is used, unless the `AmiVersion` parameter is set in the RunJobFlow call, in which case the default version of Hadoop for that AMI version is used.", - "title": "HadoopVersion", + "Type": { + "enum": [ + "AWS::EC2::NatGateway" + ], "type": "string" }, - "KeepJobFlowAliveWhenNoSteps": { - "markdownDescription": "Specifies whether the cluster should remain available after completing all steps. Defaults to `false` . For more information about configuring cluster termination, see [Control Cluster Termination](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-plan-termination.html) in the *EMR Management Guide* .", - "title": "KeepJobFlowAliveWhenNoSteps", - "type": "boolean" - }, - "MasterInstanceFleet": { - "$ref": "#/definitions/AWS::EMR::Cluster.InstanceFleetConfig", - "markdownDescription": "Describes the EC2 instances and instance configurations for the master instance fleet when using clusters with the instance fleet configuration.", - "title": "MasterInstanceFleet" - }, - "MasterInstanceGroup": { - "$ref": "#/definitions/AWS::EMR::Cluster.InstanceGroupConfig", - "markdownDescription": "Describes the EC2 instances and instance configurations for the master instance group when using clusters with the uniform instance group configuration.", - "title": "MasterInstanceGroup" - }, - "Placement": { - "$ref": "#/definitions/AWS::EMR::Cluster.PlacementType", - "markdownDescription": "The Availability Zone in which the cluster runs.", - "title": "Placement" - }, - "ServiceAccessSecurityGroup": { - "markdownDescription": "The identifier of the Amazon EC2 security group for the Amazon EMR service to access clusters in VPC private subnets.", - "title": "ServiceAccessSecurityGroup", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "TaskInstanceFleets": { - "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.InstanceFleetConfig" - }, - "markdownDescription": "Describes the EC2 instances and instance configurations for the task instance fleets when using clusters with the instance fleet configuration. These task instance fleets are added to the cluster as part of the cluster launch. Each task instance fleet must have a unique name specified so that CloudFormation can differentiate between the task instance fleets.\n\n> You can currently specify only one task instance fleet for a cluster. After creating the cluster, you can only modify the mutable properties of `InstanceFleetConfig` , which are `TargetOnDemandCapacity` and `TargetSpotCapacity` . Modifying any other property results in cluster replacement. > To allow a maximum of 30 Amazon EC2 instance types per fleet, include `TaskInstanceFleets` when you create your cluster. If you create your cluster without `TaskInstanceFleets` , Amazon EMR uses its default allocation strategy, which allows for a maximum of five Amazon EC2 instance types.", - "title": "TaskInstanceFleets", - "type": "array" - }, - "TaskInstanceGroups": { - "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.InstanceGroupConfig" - }, - "markdownDescription": "Describes the EC2 instances and instance configurations for task instance groups when using clusters with the uniform instance group configuration. These task instance groups are added to the cluster as part of the cluster launch. Each task instance group must have a unique name specified so that CloudFormation can differentiate between the task instance groups.\n\n> After creating the cluster, you can only modify the mutable properties of `InstanceGroupConfig` , which are `AutoScalingPolicy` and `InstanceCount` . Modifying any other property results in cluster replacement.", - "title": "TaskInstanceGroups", - "type": "array" - }, - "TerminationProtected": { - "markdownDescription": "Specifies whether to lock the cluster to prevent the Amazon EC2 instances from being terminated by API call, user intervention, or in the event of a job-flow error.", - "title": "TerminationProtected", - "type": "boolean" - }, - "UnhealthyNodeReplacement": { - "markdownDescription": "Indicates whether Amazon EMR should gracefully replace core nodes that have degraded within the cluster.", - "title": "UnhealthyNodeReplacement", - "type": "boolean" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::EMR::Cluster.KerberosAttributes": { + "AWS::EC2::NetworkAcl": { "additionalProperties": false, "properties": { - "ADDomainJoinPassword": { - "markdownDescription": "The Active Directory password for `ADDomainJoinUser` .", - "title": "ADDomainJoinPassword", + "Condition": { "type": "string" }, - "ADDomainJoinUser": { - "markdownDescription": "Required only when establishing a cross-realm trust with an Active Directory domain. A user with sufficient privileges to join resources to the domain.", - "title": "ADDomainJoinUser", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "CrossRealmTrustPrincipalPassword": { - "markdownDescription": "Required only when establishing a cross-realm trust with a KDC in a different realm. The cross-realm principal password, which must be identical across realms.", - "title": "CrossRealmTrustPrincipalPassword", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "KdcAdminPassword": { - "markdownDescription": "The password used within the cluster for the kadmin service on the cluster-dedicated KDC, which maintains Kerberos principals, password policies, and keytabs for the cluster.", - "title": "KdcAdminPassword", - "type": "string" + "Metadata": { + "type": "object" }, - "Realm": { - "markdownDescription": "The name of the Kerberos realm to which all nodes in a cluster belong. For example, `EC2.INTERNAL` .", - "title": "Realm", - "type": "string" - } - }, - "required": [ - "KdcAdminPassword", - "Realm" - ], - "type": "object" - }, - "AWS::EMR::Cluster.KeyValue": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "The unique identifier of a key-value pair.", - "title": "Key", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the network ACL.", + "title": "Tags", + "type": "array" + }, + "VpcId": { + "markdownDescription": "The ID of the VPC for the network ACL.", + "title": "VpcId", + "type": "string" + } + }, + "required": [ + "VpcId" + ], + "type": "object" }, - "Value": { - "markdownDescription": "The value part of the identified key.", - "title": "Value", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EMR::Cluster.ManagedScalingPolicy": { - "additionalProperties": false, - "properties": { - "ComputeLimits": { - "$ref": "#/definitions/AWS::EMR::Cluster.ComputeLimits", - "markdownDescription": "The Amazon EC2 unit limits for a managed scaling policy. The managed scaling activity of a cluster is not allowed to go above or below these limits. The limit only applies to the core and task nodes. The master node cannot be scaled after initial configuration.", - "title": "ComputeLimits" - } - }, - "type": "object" - }, - "AWS::EMR::Cluster.MetricDimension": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "The dimension name.", - "title": "Key", + "Type": { + "enum": [ + "AWS::EC2::NetworkAcl" + ], "type": "string" }, - "Value": { - "markdownDescription": "The dimension value.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - }, - "AWS::EMR::Cluster.OnDemandProvisioningSpecification": { - "additionalProperties": false, - "properties": { - "AllocationStrategy": { - "markdownDescription": "Specifies the strategy to use in launching On-Demand instance fleets. Available options are `lowest-price` and `prioritized` . `lowest-price` specifies to launch the instances with the lowest price first, and `prioritized` specifies that Amazon EMR should launch the instances with the highest priority first. The default is `lowest-price` .", - "title": "AllocationStrategy", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "AllocationStrategy" + "Type", + "Properties" ], "type": "object" }, - "AWS::EMR::Cluster.PlacementGroupConfig": { + "AWS::EC2::NetworkAclEntry": { "additionalProperties": false, "properties": { - "InstanceRole": { - "markdownDescription": "Role of the instance in the cluster.\n\nStarting with Amazon EMR release 5.23.0, the only supported instance role is `MASTER` .", - "title": "InstanceRole", + "Condition": { "type": "string" }, - "PlacementStrategy": { - "markdownDescription": "Amazon EC2 Placement Group strategy associated with instance role.\n\nStarting with Amazon EMR release 5.23.0, the only supported placement strategy is `SPREAD` for the `MASTER` instance role.", - "title": "PlacementStrategy", - "type": "string" - } - }, - "required": [ - "InstanceRole" - ], - "type": "object" - }, - "AWS::EMR::Cluster.PlacementType": { - "additionalProperties": false, - "properties": { - "AvailabilityZone": { - "markdownDescription": "The Amazon EC2 Availability Zone for the cluster. `AvailabilityZone` is used for uniform instance groups, while `AvailabilityZones` (plural) is used for instance fleets.", - "title": "AvailabilityZone", - "type": "string" - } - }, - "required": [ - "AvailabilityZone" - ], - "type": "object" - }, - "AWS::EMR::Cluster.ScalingAction": { - "additionalProperties": false, - "properties": { - "Market": { - "markdownDescription": "Not available for instance groups. Instance groups use the market type specified for the group.", - "title": "Market", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SimpleScalingPolicyConfiguration": { - "$ref": "#/definitions/AWS::EMR::Cluster.SimpleScalingPolicyConfiguration", - "markdownDescription": "The type of adjustment the automatic scaling activity makes when triggered, and the periodicity of the adjustment.", - "title": "SimpleScalingPolicyConfiguration" - } - }, - "required": [ - "SimpleScalingPolicyConfiguration" - ], - "type": "object" - }, - "AWS::EMR::Cluster.ScalingConstraints": { - "additionalProperties": false, - "properties": { - "MaxCapacity": { - "markdownDescription": "The upper boundary of Amazon EC2 instances in an instance group beyond which scaling activities are not allowed to grow. Scale-out activities will not add instances beyond this boundary.", - "title": "MaxCapacity", - "type": "number" - }, - "MinCapacity": { - "markdownDescription": "The lower boundary of Amazon EC2 instances in an instance group below which scaling activities are not allowed to shrink. Scale-in activities will not terminate instances below this boundary.", - "title": "MinCapacity", - "type": "number" - } - }, - "required": [ - "MaxCapacity", - "MinCapacity" - ], - "type": "object" - }, - "AWS::EMR::Cluster.ScalingRule": { - "additionalProperties": false, - "properties": { - "Action": { - "$ref": "#/definitions/AWS::EMR::Cluster.ScalingAction", - "markdownDescription": "The conditions that trigger an automatic scaling activity.", - "title": "Action" - }, - "Description": { - "markdownDescription": "A friendly, more verbose description of the automatic scaling rule.", - "title": "Description", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Name": { - "markdownDescription": "The name used to identify an automatic scaling rule. Rule names must be unique within a scaling policy.", - "title": "Name", - "type": "string" + "Metadata": { + "type": "object" }, - "Trigger": { - "$ref": "#/definitions/AWS::EMR::Cluster.ScalingTrigger", - "markdownDescription": "The CloudWatch alarm definition that determines when automatic scaling activity is triggered.", - "title": "Trigger" - } - }, - "required": [ - "Action", - "Name", - "Trigger" - ], - "type": "object" - }, - "AWS::EMR::Cluster.ScalingTrigger": { - "additionalProperties": false, - "properties": { - "CloudWatchAlarmDefinition": { - "$ref": "#/definitions/AWS::EMR::Cluster.CloudWatchAlarmDefinition", - "markdownDescription": "The definition of a CloudWatch metric alarm. When the defined alarm conditions are met along with other trigger parameters, scaling activity begins.", - "title": "CloudWatchAlarmDefinition" - } - }, - "required": [ - "CloudWatchAlarmDefinition" - ], - "type": "object" - }, - "AWS::EMR::Cluster.ScriptBootstrapActionConfig": { - "additionalProperties": false, - "properties": { - "Args": { - "items": { - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "CidrBlock": { + "markdownDescription": "The IPv4 CIDR range to allow or deny, in CIDR notation (for example, 172.16.0.0/24). You must specify an IPv4 CIDR block or an IPv6 CIDR block.", + "title": "CidrBlock", + "type": "string" + }, + "Egress": { + "markdownDescription": "Whether this rule applies to egress traffic from the subnet ( `true` ) or ingress traffic to the subnet ( `false` ). By default, AWS CloudFormation specifies `false` .", + "title": "Egress", + "type": "boolean" + }, + "Icmp": { + "$ref": "#/definitions/AWS::EC2::NetworkAclEntry.Icmp", + "markdownDescription": "The Internet Control Message Protocol (ICMP) code and type. Required if specifying 1 (ICMP) for the protocol parameter.", + "title": "Icmp" + }, + "Ipv6CidrBlock": { + "markdownDescription": "The IPv6 network range to allow or deny, in CIDR notation. You must specify an IPv4 CIDR block or an IPv6 CIDR block.", + "title": "Ipv6CidrBlock", + "type": "string" + }, + "NetworkAclId": { + "markdownDescription": "The ID of the ACL for the entry.", + "title": "NetworkAclId", + "type": "string" + }, + "PortRange": { + "$ref": "#/definitions/AWS::EC2::NetworkAclEntry.PortRange", + "markdownDescription": "The range of port numbers for the UDP/TCP protocol. Required if specifying 6 (TCP) or 17 (UDP) for the protocol parameter.", + "title": "PortRange" + }, + "Protocol": { + "markdownDescription": "The IP protocol that the rule applies to. You must specify -1 or a protocol number. You can specify -1 for all protocols.\n\n> If you specify -1, all ports are opened and the `PortRange` property is ignored.", + "title": "Protocol", + "type": "number" + }, + "RuleAction": { + "markdownDescription": "Whether to allow or deny traffic that matches the rule; valid values are \"allow\" or \"deny\".", + "title": "RuleAction", + "type": "string" + }, + "RuleNumber": { + "markdownDescription": "Rule number to assign to the entry, such as 100. ACL entries are processed in ascending order by rule number. Entries can't use the same rule number unless one is an egress rule and the other is an ingress rule.", + "title": "RuleNumber", + "type": "number" + } }, - "markdownDescription": "A list of command line arguments to pass to the bootstrap action script.", - "title": "Args", - "type": "array" + "required": [ + "NetworkAclId", + "Protocol", + "RuleAction", + "RuleNumber" + ], + "type": "object" }, - "Path": { - "markdownDescription": "Location in Amazon S3 of the script to run during a bootstrap action.", - "title": "Path", - "type": "string" - } - }, - "required": [ - "Path" - ], - "type": "object" - }, - "AWS::EMR::Cluster.SimpleScalingPolicyConfiguration": { - "additionalProperties": false, - "properties": { - "AdjustmentType": { - "markdownDescription": "The way in which Amazon EC2 instances are added (if `ScalingAdjustment` is a positive number) or terminated (if `ScalingAdjustment` is a negative number) each time the scaling activity is triggered. `CHANGE_IN_CAPACITY` is the default. `CHANGE_IN_CAPACITY` indicates that the Amazon EC2 instance count increments or decrements by `ScalingAdjustment` , which should be expressed as an integer. `PERCENT_CHANGE_IN_CAPACITY` indicates the instance count increments or decrements by the percentage specified by `ScalingAdjustment` , which should be expressed as an integer. For example, 20 indicates an increase in 20% increments of cluster capacity. `EXACT_CAPACITY` indicates the scaling activity results in an instance group with the number of Amazon EC2 instances specified by `ScalingAdjustment` , which should be expressed as a positive integer.", - "title": "AdjustmentType", + "Type": { + "enum": [ + "AWS::EC2::NetworkAclEntry" + ], "type": "string" }, - "CoolDown": { - "markdownDescription": "The amount of time, in seconds, after a scaling activity completes before any further trigger-related scaling activities can start. The default value is 0.", - "title": "CoolDown", - "type": "number" - }, - "ScalingAdjustment": { - "markdownDescription": "The amount by which to scale in or scale out, based on the specified `AdjustmentType` . A positive value adds to the instance group's Amazon EC2 instance count while a negative number removes instances. If `AdjustmentType` is set to `EXACT_CAPACITY` , the number should only be a positive integer. If `AdjustmentType` is set to `PERCENT_CHANGE_IN_CAPACITY` , the value should express the percentage as an integer. For example, -20 indicates a decrease in 20% increments of cluster capacity.", - "title": "ScalingAdjustment", - "type": "number" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "ScalingAdjustment" + "Type", + "Properties" ], "type": "object" }, - "AWS::EMR::Cluster.SpotProvisioningSpecification": { + "AWS::EC2::NetworkAclEntry.Icmp": { "additionalProperties": false, "properties": { - "AllocationStrategy": { - "markdownDescription": "Specifies one of the following strategies to launch Spot Instance fleets: `capacity-optimized` , `price-capacity-optimized` , `lowest-price` , or `diversified` , and `capacity-optimized-prioritized` . For more information on the provisioning strategies, see [Allocation strategies for Spot Instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-allocation-strategy.html) in the *Amazon EC2 User Guide for Linux Instances* .\n\n> When you launch a Spot Instance fleet with the old console, it automatically launches with the `capacity-optimized` strategy. You can't change the allocation strategy from the old console.", - "title": "AllocationStrategy", - "type": "string" - }, - "BlockDurationMinutes": { - "markdownDescription": "The defined duration for Spot Instances (also known as Spot blocks) in minutes. When specified, the Spot Instance does not terminate before the defined duration expires, and defined duration pricing for Spot Instances applies. Valid values are 60, 120, 180, 240, 300, or 360. The duration period starts as soon as a Spot Instance receives its instance ID. At the end of the duration, Amazon EC2 marks the Spot Instance for termination and provides a Spot Instance termination notice, which gives the instance a two-minute warning before it terminates.\n\n> Spot Instances with a defined duration (also known as Spot blocks) are no longer available to new customers from July 1, 2021. For customers who have previously used the feature, we will continue to support Spot Instances with a defined duration until December 31, 2022.", - "title": "BlockDurationMinutes", + "Code": { + "markdownDescription": "The Internet Control Message Protocol (ICMP) code. You can use -1 to specify all ICMP codes for the given ICMP type. Required if you specify 1 (ICMP) for the protocol parameter.", + "title": "Code", "type": "number" }, - "TimeoutAction": { - "markdownDescription": "The action to take when `TargetSpotCapacity` has not been fulfilled when the `TimeoutDurationMinutes` has expired; that is, when all Spot Instances could not be provisioned within the Spot provisioning timeout. Valid values are `TERMINATE_CLUSTER` and `SWITCH_TO_ON_DEMAND` . SWITCH_TO_ON_DEMAND specifies that if no Spot Instances are available, On-Demand Instances should be provisioned to fulfill any remaining Spot capacity.", - "title": "TimeoutAction", - "type": "string" - }, - "TimeoutDurationMinutes": { - "markdownDescription": "The Spot provisioning timeout period in minutes. If Spot Instances are not provisioned within this time period, the `TimeOutAction` is taken. Minimum value is 5 and maximum value is 1440. The timeout applies only during initial provisioning, when the cluster is first created.", - "title": "TimeoutDurationMinutes", + "Type": { + "markdownDescription": "The Internet Control Message Protocol (ICMP) type. You can use -1 to specify all ICMP types. Conditional requirement: Required if you specify 1 (ICMP) for the `CreateNetworkAclEntry` protocol parameter.", + "title": "Type", "type": "number" } }, - "required": [ - "TimeoutAction", - "TimeoutDurationMinutes" - ], - "type": "object" - }, - "AWS::EMR::Cluster.StepConfig": { - "additionalProperties": false, - "properties": { - "ActionOnFailure": { - "markdownDescription": "The action to take when the cluster step fails. Possible values are `CANCEL_AND_WAIT` and `CONTINUE` .", - "title": "ActionOnFailure", - "type": "string" - }, - "HadoopJarStep": { - "$ref": "#/definitions/AWS::EMR::Cluster.HadoopJarStepConfig", - "markdownDescription": "The JAR file used for the step.", - "title": "HadoopJarStep" - }, - "Name": { - "markdownDescription": "The name of the step.", - "title": "Name", - "type": "string" - } - }, - "required": [ - "HadoopJarStep", - "Name" - ], "type": "object" }, - "AWS::EMR::Cluster.VolumeSpecification": { + "AWS::EC2::NetworkAclEntry.PortRange": { "additionalProperties": false, "properties": { - "Iops": { - "markdownDescription": "The number of I/O operations per second (IOPS) that the volume supports.", - "title": "Iops", - "type": "number" - }, - "SizeInGB": { - "markdownDescription": "The volume size, in gibibytes (GiB). This can be a number from 1 - 1024. If the volume type is EBS-optimized, the minimum value is 10.", - "title": "SizeInGB", + "From": { + "markdownDescription": "The first port in the range. Required if you specify 6 (TCP) or 17 (UDP) for the protocol parameter.", + "title": "From", "type": "number" }, - "Throughput": { - "markdownDescription": "The throughput, in mebibyte per second (MiB/s). This optional parameter can be a number from 125 - 1000 and is valid only for gp3 volumes.", - "title": "Throughput", + "To": { + "markdownDescription": "The last port in the range. Required if you specify 6 (TCP) or 17 (UDP) for the protocol parameter.", + "title": "To", "type": "number" - }, - "VolumeType": { - "markdownDescription": "The volume type. Volume types supported are gp3, gp2, io1, st1, sc1, and standard.", - "title": "VolumeType", - "type": "string" } }, - "required": [ - "SizeInGB", - "VolumeType" - ], "type": "object" }, - "AWS::EMR::InstanceFleetConfig": { + "AWS::EC2::NetworkInsightsAccessScope": { "additionalProperties": false, "properties": { "Condition": { @@ -88389,54 +94262,36 @@ "Properties": { "additionalProperties": false, "properties": { - "ClusterId": { - "markdownDescription": "The unique identifier of the EMR cluster.", - "title": "ClusterId", - "type": "string" - }, - "InstanceFleetType": { - "markdownDescription": "The node type that the instance fleet hosts.\n\n*Allowed Values* : TASK", - "title": "InstanceFleetType", - "type": "string" - }, - "InstanceTypeConfigs": { + "ExcludePaths": { "items": { - "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.InstanceTypeConfig" + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.AccessScopePathRequest" }, - "markdownDescription": "`InstanceTypeConfigs` determine the EC2 instances that Amazon EMR attempts to provision to fulfill On-Demand and Spot target capacities.\n\n> The instance fleet configuration is available only in Amazon EMR versions 4.8.0 and later, excluding 5.0.x versions.", - "title": "InstanceTypeConfigs", + "markdownDescription": "The paths to exclude.", + "title": "ExcludePaths", "type": "array" }, - "LaunchSpecifications": { - "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.InstanceFleetProvisioningSpecifications", - "markdownDescription": "The launch specification for the instance fleet.", - "title": "LaunchSpecifications" - }, - "Name": { - "markdownDescription": "The friendly name of the instance fleet.", - "title": "Name", - "type": "string" - }, - "TargetOnDemandCapacity": { - "markdownDescription": "The target capacity of On-Demand units for the instance fleet, which determines how many On-Demand instances to provision. When the instance fleet launches, Amazon EMR tries to provision On-Demand instances as specified by `InstanceTypeConfig` . Each instance configuration has a specified `WeightedCapacity` . When an On-Demand instance is provisioned, the `WeightedCapacity` units count toward the target capacity. Amazon EMR provisions instances until the target capacity is totally fulfilled, even if this results in an overage. For example, if there are 2 units remaining to fulfill capacity, and Amazon EMR can only provision an instance with a `WeightedCapacity` of 5 units, the instance is provisioned, and the target capacity is exceeded by 3 units.\n\n> If not specified or set to 0, only Spot instances are provisioned for the instance fleet using `TargetSpotCapacity` . At least one of `TargetSpotCapacity` and `TargetOnDemandCapacity` should be greater than 0. For a master instance fleet, only one of `TargetSpotCapacity` and `TargetOnDemandCapacity` can be specified, and its value must be 1.", - "title": "TargetOnDemandCapacity", - "type": "number" + "MatchPaths": { + "items": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.AccessScopePathRequest" + }, + "markdownDescription": "The paths to match.", + "title": "MatchPaths", + "type": "array" }, - "TargetSpotCapacity": { - "markdownDescription": "The target capacity of Spot units for the instance fleet, which determines how many Spot instances to provision. When the instance fleet launches, Amazon EMR tries to provision Spot instances as specified by `InstanceTypeConfig` . Each instance configuration has a specified `WeightedCapacity` . When a Spot instance is provisioned, the `WeightedCapacity` units count toward the target capacity. Amazon EMR provisions instances until the target capacity is totally fulfilled, even if this results in an overage. For example, if there are 2 units remaining to fulfill capacity, and Amazon EMR can only provision an instance with a `WeightedCapacity` of 5 units, the instance is provisioned, and the target capacity is exceeded by 3 units.\n\n> If not specified or set to 0, only On-Demand instances are provisioned for the instance fleet. At least one of `TargetSpotCapacity` and `TargetOnDemandCapacity` should be greater than 0. For a master instance fleet, only one of `TargetSpotCapacity` and `TargetOnDemandCapacity` can be specified, and its value must be 1.", - "title": "TargetSpotCapacity", - "type": "number" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags.", + "title": "Tags", + "type": "array" } }, - "required": [ - "ClusterId", - "InstanceFleetType" - ], "type": "object" }, "Type": { "enum": [ - "AWS::EMR::InstanceFleetConfig" + "AWS::EC2::NetworkInsightsAccessScope" ], "type": "string" }, @@ -88450,217 +94305,221 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::EMR::InstanceFleetConfig.Configuration": { + "AWS::EC2::NetworkInsightsAccessScope.AccessScopePathRequest": { "additionalProperties": false, "properties": { - "Classification": { - "markdownDescription": "The classification within a configuration.", - "title": "Classification", - "type": "string" + "Destination": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.PathStatementRequest", + "markdownDescription": "The destination.", + "title": "Destination" }, - "ConfigurationProperties": { - "additionalProperties": true, - "markdownDescription": "Within a configuration classification, a set of properties that represent the settings that you want to change in the configuration file. Duplicates not allowed.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "ConfigurationProperties", - "type": "object" + "Source": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.PathStatementRequest", + "markdownDescription": "The source.", + "title": "Source" }, - "Configurations": { + "ThroughResources": { "items": { - "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.Configuration" + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.ThroughResourcesStatementRequest" }, - "markdownDescription": "A list of additional configurations to apply within a configuration object.", - "title": "Configurations", + "markdownDescription": "The through resources.", + "title": "ThroughResources", "type": "array" } }, "type": "object" }, - "AWS::EMR::InstanceFleetConfig.EbsBlockDeviceConfig": { + "AWS::EC2::NetworkInsightsAccessScope.PacketHeaderStatementRequest": { "additionalProperties": false, "properties": { - "VolumeSpecification": { - "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.VolumeSpecification", - "markdownDescription": "EBS volume specifications such as volume type, IOPS, size (GiB) and throughput (MiB/s) that are requested for the EBS volume attached to an Amazon EC2 instance in the cluster.", - "title": "VolumeSpecification" + "DestinationAddresses": { + "items": { + "type": "string" + }, + "markdownDescription": "The destination addresses.", + "title": "DestinationAddresses", + "type": "array" }, - "VolumesPerInstance": { - "markdownDescription": "Number of EBS volumes with a specific volume configuration that are associated with every instance in the instance group", - "title": "VolumesPerInstance", - "type": "number" - } - }, - "required": [ - "VolumeSpecification" - ], - "type": "object" - }, - "AWS::EMR::InstanceFleetConfig.EbsConfiguration": { - "additionalProperties": false, - "properties": { - "EbsBlockDeviceConfigs": { + "DestinationPorts": { "items": { - "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.EbsBlockDeviceConfig" + "type": "string" }, - "markdownDescription": "An array of Amazon EBS volume specifications attached to a cluster instance.", - "title": "EbsBlockDeviceConfigs", + "markdownDescription": "The destination ports.", + "title": "DestinationPorts", "type": "array" }, - "EbsOptimized": { - "markdownDescription": "Indicates whether an Amazon EBS volume is EBS-optimized. The default is false. You should explicitly set this value to true to enable the Amazon EBS-optimized setting for an EC2 instance.", - "title": "EbsOptimized", - "type": "boolean" + "DestinationPrefixLists": { + "items": { + "type": "string" + }, + "markdownDescription": "The destination prefix lists.", + "title": "DestinationPrefixLists", + "type": "array" + }, + "Protocols": { + "items": { + "type": "string" + }, + "markdownDescription": "The protocols.", + "title": "Protocols", + "type": "array" + }, + "SourceAddresses": { + "items": { + "type": "string" + }, + "markdownDescription": "The source addresses.", + "title": "SourceAddresses", + "type": "array" + }, + "SourcePorts": { + "items": { + "type": "string" + }, + "markdownDescription": "The source ports.", + "title": "SourcePorts", + "type": "array" + }, + "SourcePrefixLists": { + "items": { + "type": "string" + }, + "markdownDescription": "The source prefix lists.", + "title": "SourcePrefixLists", + "type": "array" } }, "type": "object" }, - "AWS::EMR::InstanceFleetConfig.InstanceFleetProvisioningSpecifications": { + "AWS::EC2::NetworkInsightsAccessScope.PathStatementRequest": { "additionalProperties": false, "properties": { - "OnDemandSpecification": { - "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.OnDemandProvisioningSpecification", - "markdownDescription": "The launch specification for On-Demand Instances in the instance fleet, which determines the allocation strategy and capacity reservation options.\n\n> The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and later, excluding 5.0.x versions. On-Demand Instances allocation strategy is available in Amazon EMR releases 5.12.1 and later.", - "title": "OnDemandSpecification" + "PacketHeaderStatement": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.PacketHeaderStatementRequest", + "markdownDescription": "The packet header statement.", + "title": "PacketHeaderStatement" }, - "SpotSpecification": { - "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.SpotProvisioningSpecification", - "markdownDescription": "The launch specification for Spot instances in the fleet, which determines the allocation strategy, defined duration, and provisioning timeout behavior.", - "title": "SpotSpecification" + "ResourceStatement": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.ResourceStatementRequest", + "markdownDescription": "The resource statement.", + "title": "ResourceStatement" } }, "type": "object" }, - "AWS::EMR::InstanceFleetConfig.InstanceTypeConfig": { + "AWS::EC2::NetworkInsightsAccessScope.ResourceStatementRequest": { "additionalProperties": false, "properties": { - "BidPrice": { - "markdownDescription": "The bid price for each Amazon EC2 Spot Instance type as defined by `InstanceType` . Expressed in USD. If neither `BidPrice` nor `BidPriceAsPercentageOfOnDemandPrice` is provided, `BidPriceAsPercentageOfOnDemandPrice` defaults to 100%.", - "title": "BidPrice", - "type": "string" - }, - "BidPriceAsPercentageOfOnDemandPrice": { - "markdownDescription": "The bid price, as a percentage of On-Demand price, for each Amazon EC2 Spot Instance as defined by `InstanceType` . Expressed as a number (for example, 20 specifies 20%). If neither `BidPrice` nor `BidPriceAsPercentageOfOnDemandPrice` is provided, `BidPriceAsPercentageOfOnDemandPrice` defaults to 100%.", - "title": "BidPriceAsPercentageOfOnDemandPrice", - "type": "number" - }, - "Configurations": { + "ResourceTypes": { "items": { - "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.Configuration" + "type": "string" }, - "markdownDescription": "> Amazon EMR releases 4.x or later. \n\nAn optional configuration specification to be used when provisioning cluster instances, which can include configurations for applications and software bundled with Amazon EMR. A configuration consists of a classification, properties, and optional nested configurations. A classification refers to an application-specific configuration file. Properties are the settings you want to change in that file. For more information, see [Configuring Applications](https://docs.aws.amazon.com/emr/latest/ReleaseGuide/emr-configure-apps.html) .", - "title": "Configurations", + "markdownDescription": "The resource types.", + "title": "ResourceTypes", "type": "array" }, - "CustomAmiId": { - "markdownDescription": "The custom AMI ID to use for the instance type.", - "title": "CustomAmiId", - "type": "string" - }, - "EbsConfiguration": { - "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.EbsConfiguration", - "markdownDescription": "The configuration of Amazon Elastic Block Store (Amazon EBS) attached to each instance as defined by `InstanceType` .", - "title": "EbsConfiguration" - }, - "InstanceType": { - "markdownDescription": "An Amazon EC2 instance type, such as `m3.xlarge` .", - "title": "InstanceType", - "type": "string" - }, - "WeightedCapacity": { - "markdownDescription": "The number of units that a provisioned instance of this type provides toward fulfilling the target capacities defined in `InstanceFleetConfig` . This value is 1 for a master instance fleet, and must be 1 or greater for core and task instance fleets. Defaults to 1 if not specified.", - "title": "WeightedCapacity", - "type": "number" + "Resources": { + "items": { + "type": "string" + }, + "markdownDescription": "The resources.", + "title": "Resources", + "type": "array" } }, - "required": [ - "InstanceType" - ], "type": "object" }, - "AWS::EMR::InstanceFleetConfig.OnDemandProvisioningSpecification": { + "AWS::EC2::NetworkInsightsAccessScope.ThroughResourcesStatementRequest": { "additionalProperties": false, "properties": { - "AllocationStrategy": { - "markdownDescription": "Specifies the strategy to use in launching On-Demand instance fleets. Available options are `lowest-price` and `prioritized` . `lowest-price` specifies to launch the instances with the lowest price first, and `prioritized` specifies that Amazon EMR should launch the instances with the highest priority first. The default is `lowest-price` .", - "title": "AllocationStrategy", - "type": "string" + "ResourceStatement": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.ResourceStatementRequest", + "markdownDescription": "The resource statement.", + "title": "ResourceStatement" } }, - "required": [ - "AllocationStrategy" - ], "type": "object" }, - "AWS::EMR::InstanceFleetConfig.SpotProvisioningSpecification": { + "AWS::EC2::NetworkInsightsAccessScopeAnalysis": { "additionalProperties": false, "properties": { - "AllocationStrategy": { - "markdownDescription": "Specifies one of the following strategies to launch Spot Instance fleets: `capacity-optimized` , `price-capacity-optimized` , `lowest-price` , or `diversified` , and `capacity-optimized-prioritized` . For more information on the provisioning strategies, see [Allocation strategies for Spot Instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-allocation-strategy.html) in the *Amazon EC2 User Guide for Linux Instances* .\n\n> When you launch a Spot Instance fleet with the old console, it automatically launches with the `capacity-optimized` strategy. You can't change the allocation strategy from the old console.", - "title": "AllocationStrategy", + "Condition": { "type": "string" }, - "BlockDurationMinutes": { - "markdownDescription": "The defined duration for Spot Instances (also known as Spot blocks) in minutes. When specified, the Spot Instance does not terminate before the defined duration expires, and defined duration pricing for Spot Instances applies. Valid values are 60, 120, 180, 240, 300, or 360. The duration period starts as soon as a Spot Instance receives its instance ID. At the end of the duration, Amazon EC2 marks the Spot Instance for termination and provides a Spot Instance termination notice, which gives the instance a two-minute warning before it terminates.\n\n> Spot Instances with a defined duration (also known as Spot blocks) are no longer available to new customers from July 1, 2021. For customers who have previously used the feature, we will continue to support Spot Instances with a defined duration until December 31, 2022.", - "title": "BlockDurationMinutes", - "type": "number" - }, - "TimeoutAction": { - "markdownDescription": "The action to take when `TargetSpotCapacity` has not been fulfilled when the `TimeoutDurationMinutes` has expired; that is, when all Spot Instances could not be provisioned within the Spot provisioning timeout. Valid values are `TERMINATE_CLUSTER` and `SWITCH_TO_ON_DEMAND` . SWITCH_TO_ON_DEMAND specifies that if no Spot Instances are available, On-Demand Instances should be provisioned to fulfill any remaining Spot capacity.", - "title": "TimeoutAction", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "TimeoutDurationMinutes": { - "markdownDescription": "The Spot provisioning timeout period in minutes. If Spot Instances are not provisioned within this time period, the `TimeOutAction` is taken. Minimum value is 5 and maximum value is 1440. The timeout applies only during initial provisioning, when the cluster is first created.", - "title": "TimeoutDurationMinutes", - "type": "number" - } - }, - "required": [ - "TimeoutAction", - "TimeoutDurationMinutes" - ], - "type": "object" - }, - "AWS::EMR::InstanceFleetConfig.VolumeSpecification": { - "additionalProperties": false, - "properties": { - "Iops": { - "markdownDescription": "The number of I/O operations per second (IOPS) that the volume supports.", - "title": "Iops", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SizeInGB": { - "markdownDescription": "The volume size, in gibibytes (GiB). This can be a number from 1 - 1024. If the volume type is EBS-optimized, the minimum value is 10.", - "title": "SizeInGB", - "type": "number" + "Metadata": { + "type": "object" }, - "Throughput": { - "markdownDescription": "The throughput, in mebibyte per second (MiB/s). This optional parameter can be a number from 125 - 1000 and is valid only for gp3 volumes.", - "title": "Throughput", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "NetworkInsightsAccessScopeId": { + "markdownDescription": "The ID of the Network Access Scope.", + "title": "NetworkInsightsAccessScopeId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "NetworkInsightsAccessScopeId" + ], + "type": "object" }, - "VolumeType": { - "markdownDescription": "The volume type. Volume types supported are gp3, gp2, io1, st1, sc1, and standard.", - "title": "VolumeType", + "Type": { + "enum": [ + "AWS::EC2::NetworkInsightsAccessScopeAnalysis" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "SizeInGB", - "VolumeType" + "Type", + "Properties" ], "type": "object" }, - "AWS::EMR::InstanceGroupConfig": { + "AWS::EC2::NetworkInsightsAnalysis": { "additionalProperties": false, "properties": { "Condition": { @@ -88695,76 +94554,52 @@ "Properties": { "additionalProperties": false, "properties": { - "AutoScalingPolicy": { - "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.AutoScalingPolicy", - "markdownDescription": "`AutoScalingPolicy` is a subproperty of `InstanceGroupConfig` . `AutoScalingPolicy` defines how an instance group dynamically adds and terminates EC2 instances in response to the value of a CloudWatch metric. For more information, see [Using Automatic Scaling in Amazon EMR](https://docs.aws.amazon.com//emr/latest/ManagementGuide/emr-automatic-scaling.html) in the *Amazon EMR Management Guide* .", - "title": "AutoScalingPolicy" - }, - "BidPrice": { - "markdownDescription": "If specified, indicates that the instance group uses Spot Instances. This is the maximum price you are willing to pay for Spot Instances. Specify `OnDemandPrice` to set the amount equal to the On-Demand price, or specify an amount in USD.", - "title": "BidPrice", - "type": "string" - }, - "Configurations": { + "AdditionalAccounts": { "items": { - "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.Configuration" + "type": "string" }, - "markdownDescription": "> Amazon EMR releases 4.x or later. \n\nThe list of configurations supplied for an Amazon EMR cluster instance group. You can specify a separate configuration for each instance group (master, core, and task).", - "title": "Configurations", + "markdownDescription": "The member accounts that contain resources that the path can traverse.", + "title": "AdditionalAccounts", "type": "array" }, - "CustomAmiId": { - "markdownDescription": "The custom AMI ID to use for the provisioned instance group.", - "title": "CustomAmiId", - "type": "string" - }, - "EbsConfiguration": { - "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.EbsConfiguration", - "markdownDescription": "`EbsConfiguration` determines the EBS volumes to attach to EMR cluster instances.", - "title": "EbsConfiguration" - }, - "InstanceCount": { - "markdownDescription": "Target number of instances for the instance group.", - "title": "InstanceCount", - "type": "number" - }, - "InstanceRole": { - "markdownDescription": "The role of the instance group in the cluster.\n\n*Allowed Values* : TASK", - "title": "InstanceRole", - "type": "string" - }, - "InstanceType": { - "markdownDescription": "The Amazon EC2 instance type for all instances in the instance group.", - "title": "InstanceType", - "type": "string" + "FilterInArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Names (ARN) of the resources that the path must traverse.", + "title": "FilterInArns", + "type": "array" }, - "JobFlowId": { - "markdownDescription": "The ID of an Amazon EMR cluster that you want to associate this instance group with.", - "title": "JobFlowId", - "type": "string" + "FilterOutArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Names (ARN) of the resources that the path must ignore.", + "title": "FilterOutArns", + "type": "array" }, - "Market": { - "markdownDescription": "Market type of the Amazon EC2 instances used to create a cluster node.", - "title": "Market", + "NetworkInsightsPathId": { + "markdownDescription": "The ID of the path.", + "title": "NetworkInsightsPathId", "type": "string" }, - "Name": { - "markdownDescription": "Friendly name given to the instance group.", - "title": "Name", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to apply.", + "title": "Tags", + "type": "array" } }, "required": [ - "InstanceCount", - "InstanceRole", - "InstanceType", - "JobFlowId" + "NetworkInsightsPathId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EMR::InstanceGroupConfig" + "AWS::EC2::NetworkInsightsAnalysis" ], "type": "string" }, @@ -88783,316 +94618,722 @@ ], "type": "object" }, - "AWS::EMR::InstanceGroupConfig.AutoScalingPolicy": { + "AWS::EC2::NetworkInsightsAnalysis.AdditionalDetail": { "additionalProperties": false, "properties": { - "Constraints": { - "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.ScalingConstraints", - "markdownDescription": "The upper and lower Amazon EC2 instance limits for an automatic scaling policy. Automatic scaling activity will not cause an instance group to grow above or below these limits.", - "title": "Constraints" + "AdditionalDetailType": { + "markdownDescription": "The additional detail code.", + "title": "AdditionalDetailType", + "type": "string" }, - "Rules": { + "Component": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The path component.", + "title": "Component" + }, + "LoadBalancers": { "items": { - "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.ScalingRule" + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent" }, - "markdownDescription": "The scale-in and scale-out rules that comprise the automatic scaling policy.", - "title": "Rules", + "markdownDescription": "The load balancers.", + "title": "LoadBalancers", "type": "array" + }, + "ServiceName": { + "markdownDescription": "The name of the VPC endpoint service.", + "title": "ServiceName", + "type": "string" } }, - "required": [ - "Constraints", - "Rules" - ], "type": "object" }, - "AWS::EMR::InstanceGroupConfig.CloudWatchAlarmDefinition": { + "AWS::EC2::NetworkInsightsAnalysis.AlternatePathHint": { "additionalProperties": false, "properties": { - "ComparisonOperator": { - "markdownDescription": "Determines how the metric specified by `MetricName` is compared to the value specified by `Threshold` .", - "title": "ComparisonOperator", + "ComponentArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the component.", + "title": "ComponentArn", "type": "string" }, - "Dimensions": { - "items": { - "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.MetricDimension" - }, - "markdownDescription": "A CloudWatch metric dimension.", - "title": "Dimensions", - "type": "array" + "ComponentId": { + "markdownDescription": "The ID of the component.", + "title": "ComponentId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::NetworkInsightsAnalysis.AnalysisAclRule": { + "additionalProperties": false, + "properties": { + "Cidr": { + "markdownDescription": "The IPv4 address range, in CIDR notation.", + "title": "Cidr", + "type": "string" }, - "EvaluationPeriods": { - "markdownDescription": "The number of periods, in five-minute increments, during which the alarm condition must exist before the alarm triggers automatic scaling activity. The default value is `1` .", - "title": "EvaluationPeriods", - "type": "number" + "Egress": { + "markdownDescription": "Indicates whether the rule is an outbound rule.", + "title": "Egress", + "type": "boolean" }, - "MetricName": { - "markdownDescription": "The name of the CloudWatch metric that is watched to determine an alarm condition.", - "title": "MetricName", - "type": "string" + "PortRange": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.PortRange", + "markdownDescription": "The range of ports.", + "title": "PortRange" }, - "Namespace": { - "markdownDescription": "The namespace for the CloudWatch metric. The default is `AWS/ElasticMapReduce` .", - "title": "Namespace", + "Protocol": { + "markdownDescription": "The protocol.", + "title": "Protocol", "type": "string" }, - "Period": { - "markdownDescription": "The period, in seconds, over which the statistic is applied. CloudWatch metrics for Amazon EMR are emitted every five minutes (300 seconds), so if you specify a CloudWatch metric, specify `300` .", - "title": "Period", - "type": "number" - }, - "Statistic": { - "markdownDescription": "The statistic to apply to the metric associated with the alarm. The default is `AVERAGE` .", - "title": "Statistic", + "RuleAction": { + "markdownDescription": "Indicates whether to allow or deny traffic that matches the rule.", + "title": "RuleAction", "type": "string" }, - "Threshold": { - "markdownDescription": "The value against which the specified statistic is compared.", - "title": "Threshold", + "RuleNumber": { + "markdownDescription": "The rule number.", + "title": "RuleNumber", "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the component.", + "title": "Arn", + "type": "string" }, - "Unit": { - "markdownDescription": "The unit of measure associated with the CloudWatch metric being watched. The value specified for `Unit` must correspond to the units specified in the CloudWatch metric.", - "title": "Unit", + "Id": { + "markdownDescription": "The ID of the component.", + "title": "Id", "type": "string" } }, - "required": [ - "ComparisonOperator", - "MetricName", - "Period", - "Threshold" - ], "type": "object" }, - "AWS::EMR::InstanceGroupConfig.Configuration": { + "AWS::EC2::NetworkInsightsAnalysis.AnalysisLoadBalancerListener": { "additionalProperties": false, "properties": { - "Classification": { - "markdownDescription": "The classification within a configuration.", - "title": "Classification", - "type": "string" + "InstancePort": { + "markdownDescription": "[Classic Load Balancers] The back-end port for the listener.", + "title": "InstancePort", + "type": "number" }, - "ConfigurationProperties": { - "additionalProperties": true, - "markdownDescription": "Within a configuration classification, a set of properties that represent the settings that you want to change in the configuration file. Duplicates not allowed.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "ConfigurationProperties", - "type": "object" - }, - "Configurations": { - "items": { - "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.Configuration" - }, - "markdownDescription": "A list of additional configurations to apply within a configuration object.", - "title": "Configurations", - "type": "array" + "LoadBalancerPort": { + "markdownDescription": "The port on which the load balancer is listening.", + "title": "LoadBalancerPort", + "type": "number" } }, "type": "object" }, - "AWS::EMR::InstanceGroupConfig.EbsBlockDeviceConfig": { + "AWS::EC2::NetworkInsightsAnalysis.AnalysisLoadBalancerTarget": { "additionalProperties": false, "properties": { - "VolumeSpecification": { - "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.VolumeSpecification", - "markdownDescription": "EBS volume specifications such as volume type, IOPS, size (GiB) and throughput (MiB/s) that are requested for the EBS volume attached to an Amazon EC2 instance in the cluster.", - "title": "VolumeSpecification" + "Address": { + "markdownDescription": "The IP address.", + "title": "Address", + "type": "string" }, - "VolumesPerInstance": { - "markdownDescription": "Number of EBS volumes with a specific volume configuration that are associated with every instance in the instance group", - "title": "VolumesPerInstance", + "AvailabilityZone": { + "markdownDescription": "The Availability Zone.", + "title": "AvailabilityZone", + "type": "string" + }, + "Instance": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "Information about the instance.", + "title": "Instance" + }, + "Port": { + "markdownDescription": "The port on which the target is listening.", + "title": "Port", "type": "number" } }, - "required": [ - "VolumeSpecification" - ], "type": "object" }, - "AWS::EMR::InstanceGroupConfig.EbsConfiguration": { + "AWS::EC2::NetworkInsightsAnalysis.AnalysisPacketHeader": { "additionalProperties": false, "properties": { - "EbsBlockDeviceConfigs": { + "DestinationAddresses": { "items": { - "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.EbsBlockDeviceConfig" + "type": "string" }, - "markdownDescription": "An array of Amazon EBS volume specifications attached to a cluster instance.", - "title": "EbsBlockDeviceConfigs", + "markdownDescription": "The destination addresses.", + "title": "DestinationAddresses", "type": "array" }, - "EbsOptimized": { - "markdownDescription": "Indicates whether an Amazon EBS volume is EBS-optimized. The default is false. You should explicitly set this value to true to enable the Amazon EBS-optimized setting for an EC2 instance.", - "title": "EbsOptimized", - "type": "boolean" + "DestinationPortRanges": { + "items": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.PortRange" + }, + "markdownDescription": "The destination port ranges.", + "title": "DestinationPortRanges", + "type": "array" + }, + "Protocol": { + "markdownDescription": "The protocol.", + "title": "Protocol", + "type": "string" + }, + "SourceAddresses": { + "items": { + "type": "string" + }, + "markdownDescription": "The source addresses.", + "title": "SourceAddresses", + "type": "array" + }, + "SourcePortRanges": { + "items": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.PortRange" + }, + "markdownDescription": "The source port ranges.", + "title": "SourcePortRanges", + "type": "array" } }, "type": "object" }, - "AWS::EMR::InstanceGroupConfig.MetricDimension": { + "AWS::EC2::NetworkInsightsAnalysis.AnalysisRouteTableRoute": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The dimension name.", - "title": "Key", + "NatGatewayId": { + "markdownDescription": "The ID of a NAT gateway.", + "title": "NatGatewayId", "type": "string" }, - "Value": { - "markdownDescription": "The dimension value.", - "title": "Value", + "NetworkInterfaceId": { + "markdownDescription": "The ID of a network interface.", + "title": "NetworkInterfaceId", + "type": "string" + }, + "Origin": { + "markdownDescription": "Describes how the route was created. The following are the possible values:\n\n- CreateRouteTable - The route was automatically created when the route table was created.\n- CreateRoute - The route was manually added to the route table.\n- EnableVgwRoutePropagation - The route was propagated by route propagation.", + "title": "Origin", + "type": "string" + }, + "State": { + "markdownDescription": "The state. The following are the possible values:\n\n- active\n- blackhole", + "title": "State", + "type": "string" + }, + "TransitGatewayId": { + "markdownDescription": "The ID of a transit gateway.", + "title": "TransitGatewayId", + "type": "string" + }, + "VpcPeeringConnectionId": { + "markdownDescription": "The ID of a VPC peering connection.", + "title": "VpcPeeringConnectionId", + "type": "string" + }, + "destinationCidr": { + "markdownDescription": "The destination IPv4 address, in CIDR notation.", + "title": "destinationCidr", + "type": "string" + }, + "destinationPrefixListId": { + "markdownDescription": "The prefix of the AWS service.", + "title": "destinationPrefixListId", + "type": "string" + }, + "egressOnlyInternetGatewayId": { + "markdownDescription": "The ID of an egress-only internet gateway.", + "title": "egressOnlyInternetGatewayId", + "type": "string" + }, + "gatewayId": { + "markdownDescription": "The ID of the gateway, such as an internet gateway or virtual private gateway.", + "title": "gatewayId", + "type": "string" + }, + "instanceId": { + "markdownDescription": "The ID of the instance, such as a NAT instance.", + "title": "instanceId", "type": "string" } }, - "required": [ - "Key", - "Value" - ], "type": "object" }, - "AWS::EMR::InstanceGroupConfig.ScalingAction": { + "AWS::EC2::NetworkInsightsAnalysis.AnalysisSecurityGroupRule": { "additionalProperties": false, "properties": { - "Market": { - "markdownDescription": "Not available for instance groups. Instance groups use the market type specified for the group.", - "title": "Market", + "Cidr": { + "markdownDescription": "The IPv4 address range, in CIDR notation.", + "title": "Cidr", "type": "string" }, - "SimpleScalingPolicyConfiguration": { - "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.SimpleScalingPolicyConfiguration", - "markdownDescription": "The type of adjustment the automatic scaling activity makes when triggered, and the periodicity of the adjustment.", - "title": "SimpleScalingPolicyConfiguration" + "Direction": { + "markdownDescription": "The direction. The following are the possible values:\n\n- egress\n- ingress", + "title": "Direction", + "type": "string" + }, + "PortRange": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.PortRange", + "markdownDescription": "The port range.", + "title": "PortRange" + }, + "PrefixListId": { + "markdownDescription": "The prefix list ID.", + "title": "PrefixListId", + "type": "string" + }, + "Protocol": { + "markdownDescription": "The protocol name.", + "title": "Protocol", + "type": "string" + }, + "SecurityGroupId": { + "markdownDescription": "The security group ID.", + "title": "SecurityGroupId", + "type": "string" } }, - "required": [ - "SimpleScalingPolicyConfiguration" - ], "type": "object" }, - "AWS::EMR::InstanceGroupConfig.ScalingConstraints": { + "AWS::EC2::NetworkInsightsAnalysis.Explanation": { "additionalProperties": false, "properties": { - "MaxCapacity": { - "markdownDescription": "The upper boundary of Amazon EC2 instances in an instance group beyond which scaling activities are not allowed to grow. Scale-out activities will not add instances beyond this boundary.", - "title": "MaxCapacity", + "Acl": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The network ACL.", + "title": "Acl" + }, + "AclRule": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisAclRule", + "markdownDescription": "The network ACL rule.", + "title": "AclRule" + }, + "Address": { + "markdownDescription": "The IPv4 address, in CIDR notation.", + "title": "Address", + "type": "string" + }, + "Addresses": { + "items": { + "type": "string" + }, + "markdownDescription": "The IPv4 addresses, in CIDR notation.", + "title": "Addresses", + "type": "array" + }, + "AttachedTo": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The resource to which the component is attached.", + "title": "AttachedTo" + }, + "AvailabilityZones": { + "items": { + "type": "string" + }, + "markdownDescription": "The Availability Zones.", + "title": "AvailabilityZones", + "type": "array" + }, + "Cidrs": { + "items": { + "type": "string" + }, + "markdownDescription": "The CIDR ranges.", + "title": "Cidrs", + "type": "array" + }, + "ClassicLoadBalancerListener": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisLoadBalancerListener", + "markdownDescription": "The listener for a Classic Load Balancer.", + "title": "ClassicLoadBalancerListener" + }, + "Component": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The component.", + "title": "Component" + }, + "ComponentAccount": { + "markdownDescription": "The AWS account for the component.", + "title": "ComponentAccount", + "type": "string" + }, + "ComponentRegion": { + "markdownDescription": "The Region for the component.", + "title": "ComponentRegion", + "type": "string" + }, + "CustomerGateway": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The customer gateway.", + "title": "CustomerGateway" + }, + "Destination": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The destination.", + "title": "Destination" + }, + "DestinationVpc": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The destination VPC.", + "title": "DestinationVpc" + }, + "Direction": { + "markdownDescription": "The direction. The following are the possible values:\n\n- egress\n- ingress", + "title": "Direction", + "type": "string" + }, + "ElasticLoadBalancerListener": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The load balancer listener.", + "title": "ElasticLoadBalancerListener" + }, + "ExplanationCode": { + "markdownDescription": "The explanation code.", + "title": "ExplanationCode", + "type": "string" + }, + "IngressRouteTable": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The route table.", + "title": "IngressRouteTable" + }, + "InternetGateway": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The internet gateway.", + "title": "InternetGateway" + }, + "LoadBalancerArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the load balancer.", + "title": "LoadBalancerArn", + "type": "string" + }, + "LoadBalancerListenerPort": { + "markdownDescription": "The listener port of the load balancer.", + "title": "LoadBalancerListenerPort", "type": "number" }, - "MinCapacity": { - "markdownDescription": "The lower boundary of Amazon EC2 instances in an instance group below which scaling activities are not allowed to shrink. Scale-in activities will not terminate instances below this boundary.", - "title": "MinCapacity", + "LoadBalancerTarget": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisLoadBalancerTarget", + "markdownDescription": "The target.", + "title": "LoadBalancerTarget" + }, + "LoadBalancerTargetGroup": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The target group.", + "title": "LoadBalancerTargetGroup" + }, + "LoadBalancerTargetGroups": { + "items": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent" + }, + "markdownDescription": "The target groups.", + "title": "LoadBalancerTargetGroups", + "type": "array" + }, + "LoadBalancerTargetPort": { + "markdownDescription": "The target port.", + "title": "LoadBalancerTargetPort", "type": "number" - } - }, - "required": [ - "MaxCapacity", - "MinCapacity" - ], - "type": "object" - }, - "AWS::EMR::InstanceGroupConfig.ScalingRule": { - "additionalProperties": false, - "properties": { - "Action": { - "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.ScalingAction", - "markdownDescription": "The conditions that trigger an automatic scaling activity.", - "title": "Action" }, - "Description": { - "markdownDescription": "A friendly, more verbose description of the automatic scaling rule.", - "title": "Description", + "MissingComponent": { + "markdownDescription": "The missing component.", + "title": "MissingComponent", "type": "string" }, - "Name": { - "markdownDescription": "The name used to identify an automatic scaling rule. Rule names must be unique within a scaling policy.", - "title": "Name", + "NatGateway": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The NAT gateway.", + "title": "NatGateway" + }, + "NetworkInterface": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The network interface.", + "title": "NetworkInterface" + }, + "PacketField": { + "markdownDescription": "The packet field.", + "title": "PacketField", "type": "string" }, - "Trigger": { - "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.ScalingTrigger", - "markdownDescription": "The CloudWatch alarm definition that determines when automatic scaling activity is triggered.", - "title": "Trigger" + "Port": { + "markdownDescription": "The port.", + "title": "Port", + "type": "number" + }, + "PortRanges": { + "items": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.PortRange" + }, + "markdownDescription": "The port ranges.", + "title": "PortRanges", + "type": "array" + }, + "PrefixList": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The prefix list.", + "title": "PrefixList" + }, + "Protocols": { + "items": { + "type": "string" + }, + "markdownDescription": "The protocols.", + "title": "Protocols", + "type": "array" + }, + "RouteTable": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The route table.", + "title": "RouteTable" + }, + "RouteTableRoute": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisRouteTableRoute", + "markdownDescription": "The route table route.", + "title": "RouteTableRoute" + }, + "SecurityGroup": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The security group.", + "title": "SecurityGroup" + }, + "SecurityGroupRule": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisSecurityGroupRule", + "markdownDescription": "The security group rule.", + "title": "SecurityGroupRule" + }, + "SecurityGroups": { + "items": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent" + }, + "markdownDescription": "The security groups.", + "title": "SecurityGroups", + "type": "array" + }, + "SourceVpc": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The source VPC.", + "title": "SourceVpc" + }, + "State": { + "markdownDescription": "The state.", + "title": "State", + "type": "string" + }, + "Subnet": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The subnet.", + "title": "Subnet" + }, + "SubnetRouteTable": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The route table for the subnet.", + "title": "SubnetRouteTable" + }, + "TransitGateway": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The transit gateway.", + "title": "TransitGateway" + }, + "TransitGatewayAttachment": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The transit gateway attachment.", + "title": "TransitGatewayAttachment" + }, + "TransitGatewayRouteTable": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The transit gateway route table.", + "title": "TransitGatewayRouteTable" + }, + "TransitGatewayRouteTableRoute": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.TransitGatewayRouteTableRoute", + "markdownDescription": "The transit gateway route table route.", + "title": "TransitGatewayRouteTableRoute" + }, + "Vpc": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The component VPC.", + "title": "Vpc" + }, + "VpcPeeringConnection": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The VPC peering connection.", + "title": "VpcPeeringConnection" + }, + "VpnConnection": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The VPN connection.", + "title": "VpnConnection" + }, + "VpnGateway": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The VPN gateway.", + "title": "VpnGateway" + }, + "vpcEndpoint": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The VPC endpoint.", + "title": "vpcEndpoint" } }, - "required": [ - "Action", - "Name", - "Trigger" - ], "type": "object" }, - "AWS::EMR::InstanceGroupConfig.ScalingTrigger": { + "AWS::EC2::NetworkInsightsAnalysis.PathComponent": { "additionalProperties": false, "properties": { - "CloudWatchAlarmDefinition": { - "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.CloudWatchAlarmDefinition", - "markdownDescription": "The definition of a CloudWatch metric alarm. When the defined alarm conditions are met along with other trigger parameters, scaling activity begins.", - "title": "CloudWatchAlarmDefinition" + "AclRule": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisAclRule", + "markdownDescription": "The network ACL rule.", + "title": "AclRule" + }, + "AdditionalDetails": { + "items": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AdditionalDetail" + }, + "markdownDescription": "The additional details.", + "title": "AdditionalDetails", + "type": "array" + }, + "Component": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The component.", + "title": "Component" + }, + "DestinationVpc": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The destination VPC.", + "title": "DestinationVpc" + }, + "ElasticLoadBalancerListener": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The load balancer listener.", + "title": "ElasticLoadBalancerListener" + }, + "Explanations": { + "items": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.Explanation" + }, + "markdownDescription": "The explanation codes.", + "title": "Explanations", + "type": "array" + }, + "InboundHeader": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisPacketHeader", + "markdownDescription": "The inbound header.", + "title": "InboundHeader" + }, + "OutboundHeader": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisPacketHeader", + "markdownDescription": "The outbound header.", + "title": "OutboundHeader" + }, + "RouteTableRoute": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisRouteTableRoute", + "markdownDescription": "The route table route.", + "title": "RouteTableRoute" + }, + "SecurityGroupRule": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisSecurityGroupRule", + "markdownDescription": "The security group rule.", + "title": "SecurityGroupRule" + }, + "SequenceNumber": { + "markdownDescription": "The sequence number.", + "title": "SequenceNumber", + "type": "number" + }, + "ServiceName": { + "markdownDescription": "The name of the VPC endpoint service.", + "title": "ServiceName", + "type": "string" + }, + "SourceVpc": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The source VPC.", + "title": "SourceVpc" + }, + "Subnet": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The subnet.", + "title": "Subnet" + }, + "TransitGateway": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The transit gateway.", + "title": "TransitGateway" + }, + "TransitGatewayRouteTableRoute": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.TransitGatewayRouteTableRoute", + "markdownDescription": "The route in a transit gateway route table.", + "title": "TransitGatewayRouteTableRoute" + }, + "Vpc": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The component VPC.", + "title": "Vpc" } }, - "required": [ - "CloudWatchAlarmDefinition" - ], "type": "object" }, - "AWS::EMR::InstanceGroupConfig.SimpleScalingPolicyConfiguration": { + "AWS::EC2::NetworkInsightsAnalysis.PortRange": { "additionalProperties": false, "properties": { - "AdjustmentType": { - "markdownDescription": "The way in which Amazon EC2 instances are added (if `ScalingAdjustment` is a positive number) or terminated (if `ScalingAdjustment` is a negative number) each time the scaling activity is triggered. `CHANGE_IN_CAPACITY` is the default. `CHANGE_IN_CAPACITY` indicates that the Amazon EC2 instance count increments or decrements by `ScalingAdjustment` , which should be expressed as an integer. `PERCENT_CHANGE_IN_CAPACITY` indicates the instance count increments or decrements by the percentage specified by `ScalingAdjustment` , which should be expressed as an integer. For example, 20 indicates an increase in 20% increments of cluster capacity. `EXACT_CAPACITY` indicates the scaling activity results in an instance group with the number of Amazon EC2 instances specified by `ScalingAdjustment` , which should be expressed as a positive integer.", - "title": "AdjustmentType", - "type": "string" - }, - "CoolDown": { - "markdownDescription": "The amount of time, in seconds, after a scaling activity completes before any further trigger-related scaling activities can start. The default value is 0.", - "title": "CoolDown", + "From": { + "markdownDescription": "The first port in the range.", + "title": "From", "type": "number" }, - "ScalingAdjustment": { - "markdownDescription": "The amount by which to scale in or scale out, based on the specified `AdjustmentType` . A positive value adds to the instance group's Amazon EC2 instance count while a negative number removes instances. If `AdjustmentType` is set to `EXACT_CAPACITY` , the number should only be a positive integer. If `AdjustmentType` is set to `PERCENT_CHANGE_IN_CAPACITY` , the value should express the percentage as an integer. For example, -20 indicates a decrease in 20% increments of cluster capacity.", - "title": "ScalingAdjustment", + "To": { + "markdownDescription": "The last port in the range.", + "title": "To", "type": "number" } }, - "required": [ - "ScalingAdjustment" - ], "type": "object" }, - "AWS::EMR::InstanceGroupConfig.VolumeSpecification": { + "AWS::EC2::NetworkInsightsAnalysis.TransitGatewayRouteTableRoute": { "additionalProperties": false, "properties": { - "Iops": { - "markdownDescription": "The number of I/O operations per second (IOPS) that the volume supports.", - "title": "Iops", - "type": "number" + "AttachmentId": { + "markdownDescription": "The ID of the route attachment.", + "title": "AttachmentId", + "type": "string" }, - "SizeInGB": { - "markdownDescription": "The volume size, in gibibytes (GiB). This can be a number from 1 - 1024. If the volume type is EBS-optimized, the minimum value is 10.", - "title": "SizeInGB", - "type": "number" + "DestinationCidr": { + "markdownDescription": "The CIDR block used for destination matches.", + "title": "DestinationCidr", + "type": "string" }, - "Throughput": { - "markdownDescription": "The throughput, in mebibyte per second (MiB/s). This optional parameter can be a number from 125 - 1000 and is valid only for gp3 volumes.", - "title": "Throughput", - "type": "number" + "PrefixListId": { + "markdownDescription": "The ID of the prefix list.", + "title": "PrefixListId", + "type": "string" }, - "VolumeType": { - "markdownDescription": "The volume type. Volume types supported are gp3, gp2, io1, st1, sc1, and standard.", - "title": "VolumeType", + "ResourceId": { + "markdownDescription": "The ID of the resource for the route attachment.", + "title": "ResourceId", + "type": "string" + }, + "ResourceType": { + "markdownDescription": "The resource type for the route attachment.", + "title": "ResourceType", + "type": "string" + }, + "RouteOrigin": { + "markdownDescription": "The route origin. The following are the possible values:\n\n- static\n- propagated", + "title": "RouteOrigin", + "type": "string" + }, + "State": { + "markdownDescription": "The state of the route.", + "title": "State", "type": "string" } }, - "required": [ - "SizeInGB", - "VolumeType" - ], "type": "object" }, - "AWS::EMR::SecurityConfiguration": { + "AWS::EC2::NetworkInsightsPath": { "additionalProperties": false, "properties": { "Condition": { @@ -89127,25 +95368,64 @@ "Properties": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the security configuration.", - "title": "Name", + "Destination": { + "markdownDescription": "The ID or ARN of the destination. If the resource is in another account, you must specify an ARN.", + "title": "Destination", "type": "string" }, - "SecurityConfiguration": { - "markdownDescription": "The security configuration details in JSON format. For JSON parameters and examples, see [Use Security Configurations to Set Up Cluster Security](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-security-configurations.html) in the *Amazon EMR Management Guide* .", - "title": "SecurityConfiguration", - "type": "object" + "DestinationIp": { + "markdownDescription": "The IP address of the destination.", + "title": "DestinationIp", + "type": "string" + }, + "DestinationPort": { + "markdownDescription": "The destination port.", + "title": "DestinationPort", + "type": "number" + }, + "FilterAtDestination": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsPath.PathFilter", + "markdownDescription": "Scopes the analysis to network paths that match specific filters at the destination. If you specify this parameter, you can't specify the parameter for the destination IP address.", + "title": "FilterAtDestination" + }, + "FilterAtSource": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsPath.PathFilter", + "markdownDescription": "Scopes the analysis to network paths that match specific filters at the source. If you specify this parameter, you can't specify the parameters for the source IP address or the destination port.", + "title": "FilterAtSource" + }, + "Protocol": { + "markdownDescription": "The protocol.", + "title": "Protocol", + "type": "string" + }, + "Source": { + "markdownDescription": "The ID or ARN of the source. If the resource is in another account, you must specify an ARN.", + "title": "Source", + "type": "string" + }, + "SourceIp": { + "markdownDescription": "The IP address of the source.", + "title": "SourceIp", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to add to the path.", + "title": "Tags", + "type": "array" } }, "required": [ - "SecurityConfiguration" + "Protocol", + "Source" ], "type": "object" }, "Type": { "enum": [ - "AWS::EMR::SecurityConfiguration" + "AWS::EC2::NetworkInsightsPath" ], "type": "string" }, @@ -89164,7 +95444,49 @@ ], "type": "object" }, - "AWS::EMR::Step": { + "AWS::EC2::NetworkInsightsPath.FilterPortRange": { + "additionalProperties": false, + "properties": { + "FromPort": { + "markdownDescription": "The first port in the range.", + "title": "FromPort", + "type": "number" + }, + "ToPort": { + "markdownDescription": "The last port in the range.", + "title": "ToPort", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::NetworkInsightsPath.PathFilter": { + "additionalProperties": false, + "properties": { + "DestinationAddress": { + "markdownDescription": "The destination IPv4 address.", + "title": "DestinationAddress", + "type": "string" + }, + "DestinationPortRange": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsPath.FilterPortRange", + "markdownDescription": "The destination port range.", + "title": "DestinationPortRange" + }, + "SourceAddress": { + "markdownDescription": "The source IPv4 address.", + "title": "SourceAddress", + "type": "string" + }, + "SourcePortRange": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsPath.FilterPortRange", + "markdownDescription": "The source port range.", + "title": "SourcePortRange" + } + }, + "type": "object" + }, + "AWS::EC2::NetworkInterface": { "additionalProperties": false, "properties": { "Condition": { @@ -89199,38 +95521,113 @@ "Properties": { "additionalProperties": false, "properties": { - "ActionOnFailure": { - "markdownDescription": "This specifies what action to take when the cluster step fails. Possible values are `CANCEL_AND_WAIT` and `CONTINUE` .", - "title": "ActionOnFailure", + "ConnectionTrackingSpecification": { + "$ref": "#/definitions/AWS::EC2::NetworkInterface.ConnectionTrackingSpecification", + "markdownDescription": "A connection tracking specification for the network interface.", + "title": "ConnectionTrackingSpecification" + }, + "Description": { + "markdownDescription": "A description for the network interface.", + "title": "Description", "type": "string" }, - "HadoopJarStep": { - "$ref": "#/definitions/AWS::EMR::Step.HadoopJarStepConfig", - "markdownDescription": "The `HadoopJarStepConfig` property type specifies a job flow step consisting of a JAR file whose main function will be executed. The main function submits a job for the cluster to execute as a step on the master node, and then waits for the job to finish or fail before executing subsequent steps.", - "title": "HadoopJarStep" + "GroupSet": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the security groups associated with this network interface.", + "title": "GroupSet", + "type": "array" }, - "JobFlowId": { - "markdownDescription": "A string that uniquely identifies the cluster (job flow).", - "title": "JobFlowId", + "InterfaceType": { + "markdownDescription": "The type of network interface. The default is `interface` . The supported values are `efa` and `trunk` .", + "title": "InterfaceType", "type": "string" }, - "Name": { - "markdownDescription": "The name of the cluster step.", - "title": "Name", + "Ipv4PrefixCount": { + "markdownDescription": "The number of IPv4 prefixes to be automatically assigned to the network interface.\n\nWhen creating a network interface, you can't specify a count of IPv4 prefixes if you've specified one of the following: specific IPv4 prefixes, specific private IPv4 addresses, or a count of private IPv4 addresses.", + "title": "Ipv4PrefixCount", + "type": "number" + }, + "Ipv4Prefixes": { + "items": { + "$ref": "#/definitions/AWS::EC2::NetworkInterface.Ipv4PrefixSpecification" + }, + "markdownDescription": "The IPv4 delegated prefixes that are assigned to the network interface.\n\nWhen creating a network interface, you can't specify IPv4 prefixes if you've specified one of the following: a count of IPv4 prefixes, specific private IPv4 addresses, or a count of private IPv4 addresses.", + "title": "Ipv4Prefixes", + "type": "array" + }, + "Ipv6AddressCount": { + "markdownDescription": "The number of IPv6 addresses to assign to the network interface. Amazon EC2 automatically selects the IPv6 addresses from the subnet range. To specify specific IPv6 addresses, use the `Ipv6Addresses` property and don't specify this property.\n\nWhen creating a network interface, you can't specify a count of IPv6 addresses if you've specified one of the following: specific IPv6 addresses, specific IPv6 prefixes, or a count of IPv6 prefixes.", + "title": "Ipv6AddressCount", + "type": "number" + }, + "Ipv6Addresses": { + "items": { + "$ref": "#/definitions/AWS::EC2::NetworkInterface.InstanceIpv6Address" + }, + "markdownDescription": "The IPv6 addresses from the IPv6 CIDR block range of your subnet to assign to the network interface. If you're specifying a number of IPv6 addresses, use the `Ipv6AddressCount` property and don't specify this property.\n\nWhen creating a network interface, you can't specify IPv6 addresses if you've specified one of the following: a count of IPv6 addresses, specific IPv6 prefixes, or a count of IPv6 prefixes.", + "title": "Ipv6Addresses", + "type": "array" + }, + "Ipv6PrefixCount": { + "markdownDescription": "The number of IPv6 prefixes to be automatically assigned to the network interface.\n\nWhen creating a network interface, you can't specify a count of IPv6 prefixes if you've specified one of the following: specific IPv6 prefixes, specific IPv6 addresses, or a count of IPv6 addresses.", + "title": "Ipv6PrefixCount", + "type": "number" + }, + "Ipv6Prefixes": { + "items": { + "$ref": "#/definitions/AWS::EC2::NetworkInterface.Ipv6PrefixSpecification" + }, + "markdownDescription": "The IPv6 delegated prefixes that are assigned to the network interface.\n\nWhen creating a network interface, you can't specify IPv6 prefixes if you've specified one of the following: a count of IPv6 prefixes, specific IPv6 addresses, or a count of IPv6 addresses.", + "title": "Ipv6Prefixes", + "type": "array" + }, + "PrivateIpAddress": { + "markdownDescription": "The private IPv4 address to assign to the network interface as the primary private IP address. If you want to specify multiple private IP addresses, use the `PrivateIpAddresses` property.", + "title": "PrivateIpAddress", + "type": "string" + }, + "PrivateIpAddresses": { + "items": { + "$ref": "#/definitions/AWS::EC2::NetworkInterface.PrivateIpAddressSpecification" + }, + "markdownDescription": "The private IPv4 addresses to assign to the network interface. You can specify a primary private IP address by setting the value of the `Primary` property to `true` in the `PrivateIpAddressSpecification` property. If you want EC2 to automatically assign private IP addresses, use the `SecondaryPrivateIpAddressCount` property and do not specify this property.\n\nWhen creating a network interface, you can't specify private IPv4 addresses if you've specified one of the following: a count of private IPv4 addresses, specific IPv4 prefixes, or a count of IPv4 prefixes.", + "title": "PrivateIpAddresses", + "type": "array" + }, + "SecondaryPrivateIpAddressCount": { + "markdownDescription": "The number of secondary private IPv4 addresses to assign to a network interface. When you specify a number of secondary IPv4 addresses, Amazon EC2 selects these IP addresses within the subnet's IPv4 CIDR range. You can't specify this option and specify more than one private IP address using `privateIpAddresses` .\n\nWhen creating a Network Interface, you can't specify a count of private IPv4 addresses if you've specified one of the following: specific private IPv4 addresses, specific IPv4 prefixes, or a count of IPv4 prefixes.", + "title": "SecondaryPrivateIpAddressCount", + "type": "number" + }, + "SourceDestCheck": { + "markdownDescription": "Enable or disable source/destination checks, which ensure that the instance is either the source or the destination of any traffic that it receives. If the value is `true` , source/destination checks are enabled; otherwise, they are disabled. The default value is `true` . You must disable source/destination checks if the instance runs services such as network address translation, routing, or firewalls.", + "title": "SourceDestCheck", + "type": "boolean" + }, + "SubnetId": { + "markdownDescription": "The ID of the subnet to associate with the network interface.", + "title": "SubnetId", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to apply to the network interface.", + "title": "Tags", + "type": "array" } }, "required": [ - "ActionOnFailure", - "HadoopJarStep", - "JobFlowId", - "Name" + "SubnetId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EMR::Step" + "AWS::EC2::NetworkInterface" ], "type": "string" }, @@ -89249,58 +95646,90 @@ ], "type": "object" }, - "AWS::EMR::Step.HadoopJarStepConfig": { + "AWS::EC2::NetworkInterface.ConnectionTrackingSpecification": { "additionalProperties": false, "properties": { - "Args": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of command line arguments passed to the JAR file's main function when executed.", - "title": "Args", - "type": "array" + "TcpEstablishedTimeout": { + "markdownDescription": "Timeout (in seconds) for idle TCP connections in an established state. Min: 60 seconds. Max: 432000 seconds (5 days). Default: 432000 seconds. Recommended: Less than 432000 seconds.", + "title": "TcpEstablishedTimeout", + "type": "number" }, - "Jar": { - "markdownDescription": "A path to a JAR file run during the step.", - "title": "Jar", - "type": "string" + "UdpStreamTimeout": { + "markdownDescription": "Timeout (in seconds) for idle UDP flows classified as streams which have seen more than one request-response transaction. Min: 60 seconds. Max: 180 seconds (3 minutes). Default: 180 seconds.", + "title": "UdpStreamTimeout", + "type": "number" }, - "MainClass": { - "markdownDescription": "The name of the main class in the specified Java file. If not specified, the JAR file should specify a Main-Class in its manifest file.", - "title": "MainClass", + "UdpTimeout": { + "markdownDescription": "Timeout (in seconds) for idle UDP flows that have seen traffic only in a single direction or a single request-response transaction. Min: 30 seconds. Max: 60 seconds. Default: 30 seconds.", + "title": "UdpTimeout", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::NetworkInterface.InstanceIpv6Address": { + "additionalProperties": false, + "properties": { + "Ipv6Address": { + "markdownDescription": "An IPv6 address to associate with the network interface.", + "title": "Ipv6Address", "type": "string" - }, - "StepProperties": { - "items": { - "$ref": "#/definitions/AWS::EMR::Step.KeyValue" - }, - "markdownDescription": "A list of Java properties that are set when the step runs. You can use these properties to pass key value pairs to your main function.", - "title": "StepProperties", - "type": "array" } }, "required": [ - "Jar" + "Ipv6Address" ], "type": "object" }, - "AWS::EMR::Step.KeyValue": { + "AWS::EC2::NetworkInterface.Ipv4PrefixSpecification": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The unique identifier of a key-value pair.", - "title": "Key", + "Ipv4Prefix": { + "markdownDescription": "The IPv4 prefix. For information, see [Assigning prefixes to network interfaces](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-prefix-eni.html) in the *Amazon EC2 User Guide* .", + "title": "Ipv4Prefix", + "type": "string" + } + }, + "required": [ + "Ipv4Prefix" + ], + "type": "object" + }, + "AWS::EC2::NetworkInterface.Ipv6PrefixSpecification": { + "additionalProperties": false, + "properties": { + "Ipv6Prefix": { + "markdownDescription": "The IPv6 prefix. For information, see [Assigning prefixes to Amazon EC2 network interfaces](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-prefix-eni.html) in the *Amazon Elastic Compute Cloud User Guide* .", + "title": "Ipv6Prefix", "type": "string" + } + }, + "required": [ + "Ipv6Prefix" + ], + "type": "object" + }, + "AWS::EC2::NetworkInterface.PrivateIpAddressSpecification": { + "additionalProperties": false, + "properties": { + "Primary": { + "markdownDescription": "Sets the private IP address as the primary private address. You can set only one primary private IP address. If you don't specify a primary private IP address, Amazon EC2 automatically assigns a primary private IP address.", + "title": "Primary", + "type": "boolean" }, - "Value": { - "markdownDescription": "The value part of the identified key.", - "title": "Value", + "PrivateIpAddress": { + "markdownDescription": "The private IP address of the network interface.", + "title": "PrivateIpAddress", "type": "string" } }, + "required": [ + "Primary", + "PrivateIpAddress" + ], "type": "object" }, - "AWS::EMR::Studio": { + "AWS::EC2::NetworkInterfaceAttachment": { "additionalProperties": false, "properties": { "Condition": { @@ -89335,113 +95764,42 @@ "Properties": { "additionalProperties": false, "properties": { - "AuthMode": { - "markdownDescription": "Specifies whether the Studio authenticates users using IAM Identity Center or IAM.", - "title": "AuthMode", - "type": "string" - }, - "DefaultS3Location": { - "markdownDescription": "The Amazon S3 location to back up EMR Studio Workspaces and notebook files.", - "title": "DefaultS3Location", - "type": "string" - }, - "Description": { - "markdownDescription": "A detailed description of the Amazon EMR Studio.", - "title": "Description", - "type": "string" + "DeleteOnTermination": { + "markdownDescription": "Whether to delete the network interface when the instance terminates. By default, this value is set to `true` .", + "title": "DeleteOnTermination", + "type": "boolean" }, - "EncryptionKeyArn": { - "markdownDescription": "The AWS KMS key identifier (ARN) used to encrypt Amazon EMR Studio workspace and notebook files when backed up to Amazon S3.", - "title": "EncryptionKeyArn", + "DeviceIndex": { + "markdownDescription": "The network interface's position in the attachment order. For example, the first attached network interface has a `DeviceIndex` of 0.", + "title": "DeviceIndex", "type": "string" }, - "EngineSecurityGroupId": { - "markdownDescription": "The ID of the Amazon EMR Studio Engine security group. The Engine security group allows inbound network traffic from the Workspace security group, and it must be in the same VPC specified by `VpcId` .", - "title": "EngineSecurityGroupId", - "type": "string" + "EnaSrdSpecification": { + "$ref": "#/definitions/AWS::EC2::NetworkInterfaceAttachment.EnaSrdSpecification", + "markdownDescription": "Configures ENA Express for the network interface that this action attaches to the instance.", + "title": "EnaSrdSpecification" }, - "IdcInstanceArn": { - "markdownDescription": "The ARN of the IAM Identity Center instance the Studio application belongs to.", - "title": "IdcInstanceArn", + "InstanceId": { + "markdownDescription": "The ID of the instance to which you will attach the ENI.", + "title": "InstanceId", "type": "string" }, - "IdcUserAssignment": { - "markdownDescription": "Indicates whether the Studio has `REQUIRED` or `OPTIONAL` IAM Identity Center user assignment. If the value is set to `REQUIRED` , users must be explicitly assigned to the Studio application to access the Studio.", - "title": "IdcUserAssignment", - "type": "string" - }, - "IdpAuthUrl": { - "markdownDescription": "Your identity provider's authentication endpoint. Amazon EMR Studio redirects federated users to this endpoint for authentication when logging in to a Studio with the Studio URL.", - "title": "IdpAuthUrl", - "type": "string" - }, - "IdpRelayStateParameterName": { - "markdownDescription": "The name of your identity provider's `RelayState` parameter.", - "title": "IdpRelayStateParameterName", - "type": "string" - }, - "Name": { - "markdownDescription": "A descriptive name for the Amazon EMR Studio.", - "title": "Name", - "type": "string" - }, - "ServiceRole": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that will be assumed by the Amazon EMR Studio. The service role provides a way for Amazon EMR Studio to interoperate with other AWS services.", - "title": "ServiceRole", - "type": "string" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of subnet IDs to associate with the Amazon EMR Studio. A Studio can have a maximum of 5 subnets. The subnets must belong to the VPC specified by `VpcId` . Studio users can create a Workspace in any of the specified subnets.", - "title": "SubnetIds", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - }, - "TrustedIdentityPropagationEnabled": { - "markdownDescription": "Indicates whether the Studio has Trusted identity propagation enabled. The default value is `false` .", - "title": "TrustedIdentityPropagationEnabled", - "type": "boolean" - }, - "UserRole": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM user role that will be assumed by users and groups logged in to a Studio. The permissions attached to this IAM role can be scoped down for each user or group using session policies. You only need to specify `UserRole` when you set `AuthMode` to `SSO` .", - "title": "UserRole", - "type": "string" - }, - "VpcId": { - "markdownDescription": "The ID of the Amazon Virtual Private Cloud (Amazon VPC) to associate with the Studio.", - "title": "VpcId", - "type": "string" - }, - "WorkspaceSecurityGroupId": { - "markdownDescription": "The ID of the Workspace security group associated with the Amazon EMR Studio. The Workspace security group allows outbound network traffic to resources in the Engine security group and to the internet.", - "title": "WorkspaceSecurityGroupId", + "NetworkInterfaceId": { + "markdownDescription": "The ID of the ENI that you want to attach.", + "title": "NetworkInterfaceId", "type": "string" } }, "required": [ - "AuthMode", - "DefaultS3Location", - "EngineSecurityGroupId", - "Name", - "ServiceRole", - "SubnetIds", - "VpcId", - "WorkspaceSecurityGroupId" + "DeviceIndex", + "InstanceId", + "NetworkInterfaceId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EMR::Studio" + "AWS::EC2::NetworkInterfaceAttachment" ], "type": "string" }, @@ -89460,7 +95818,34 @@ ], "type": "object" }, - "AWS::EMR::StudioSessionMapping": { + "AWS::EC2::NetworkInterfaceAttachment.EnaSrdSpecification": { + "additionalProperties": false, + "properties": { + "EnaSrdEnabled": { + "markdownDescription": "Indicates whether ENA Express is enabled for the network interface.", + "title": "EnaSrdEnabled", + "type": "boolean" + }, + "EnaSrdUdpSpecification": { + "$ref": "#/definitions/AWS::EC2::NetworkInterfaceAttachment.EnaSrdUdpSpecification", + "markdownDescription": "Configures ENA Express for UDP network traffic.", + "title": "EnaSrdUdpSpecification" + } + }, + "type": "object" + }, + "AWS::EC2::NetworkInterfaceAttachment.EnaSrdUdpSpecification": { + "additionalProperties": false, + "properties": { + "EnaSrdUdpEnabled": { + "markdownDescription": "Indicates whether UDP traffic to and from the instance uses ENA Express. To specify this setting, you must first enable ENA Express.", + "title": "EnaSrdUdpEnabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EC2::NetworkInterfacePermission": { "additionalProperties": false, "properties": { "Condition": { @@ -89495,38 +95880,32 @@ "Properties": { "additionalProperties": false, "properties": { - "IdentityName": { - "markdownDescription": "The name of the user or group. For more information, see [UserName](https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_User.html#singlesignon-Type-User-UserName) and [DisplayName](https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_Group.html#singlesignon-Type-Group-DisplayName) in the *IAM Identity Center Identity Store API Reference* .", - "title": "IdentityName", - "type": "string" - }, - "IdentityType": { - "markdownDescription": "Specifies whether the identity to map to the Amazon EMR Studio is a user or a group.", - "title": "IdentityType", + "AwsAccountId": { + "markdownDescription": "The AWS account ID.", + "title": "AwsAccountId", "type": "string" }, - "SessionPolicyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the session policy that will be applied to the user or group. Session policies refine Studio user permissions without the need to use multiple IAM user roles. For more information, see [Create an EMR Studio user role with session policies](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-studio-user-role.html) in the *Amazon EMR Management Guide* .", - "title": "SessionPolicyArn", + "NetworkInterfaceId": { + "markdownDescription": "The ID of the network interface.", + "title": "NetworkInterfaceId", "type": "string" }, - "StudioId": { - "markdownDescription": "The ID of the Amazon EMR Studio to which the user or group will be mapped.", - "title": "StudioId", + "Permission": { + "markdownDescription": "The type of permission to grant: `INSTANCE-ATTACH` or `EIP-ASSOCIATE` .", + "title": "Permission", "type": "string" } }, "required": [ - "IdentityName", - "IdentityType", - "SessionPolicyArn", - "StudioId" + "AwsAccountId", + "NetworkInterfaceId", + "Permission" ], "type": "object" }, "Type": { "enum": [ - "AWS::EMR::StudioSessionMapping" + "AWS::EC2::NetworkInterfacePermission" ], "type": "string" }, @@ -89545,7 +95924,7 @@ ], "type": "object" }, - "AWS::EMR::WALWorkspace": { + "AWS::EC2::NetworkPerformanceMetricSubscription": { "additionalProperties": false, "properties": { "Condition": { @@ -89580,25 +95959,38 @@ "Properties": { "additionalProperties": false, "properties": { - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "", - "title": "Tags", - "type": "array" + "Destination": { + "markdownDescription": "The Region or Availability Zone that's the target for the subscription. For example, `eu-west-1` .", + "title": "Destination", + "type": "string" }, - "WALWorkspaceName": { - "markdownDescription": "", - "title": "WALWorkspaceName", + "Metric": { + "markdownDescription": "The metric used for the subscription.", + "title": "Metric", + "type": "string" + }, + "Source": { + "markdownDescription": "The Region or Availability Zone that's the source for the subscription. For example, `us-east-1` .", + "title": "Source", + "type": "string" + }, + "Statistic": { + "markdownDescription": "The statistic used for the subscription.", + "title": "Statistic", "type": "string" } }, + "required": [ + "Destination", + "Metric", + "Source", + "Statistic" + ], "type": "object" }, "Type": { "enum": [ - "AWS::EMR::WALWorkspace" + "AWS::EC2::NetworkPerformanceMetricSubscription" ], "type": "string" }, @@ -89612,11 +96004,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::EMRContainers::VirtualCluster": { + "AWS::EC2::PlacementGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -89651,34 +96044,35 @@ "Properties": { "additionalProperties": false, "properties": { - "ContainerProvider": { - "$ref": "#/definitions/AWS::EMRContainers::VirtualCluster.ContainerProvider", - "markdownDescription": "The container provider of the virtual cluster.", - "title": "ContainerProvider" + "PartitionCount": { + "markdownDescription": "The number of partitions. Valid only when *Strategy* is set to `partition` .", + "title": "PartitionCount", + "type": "number" }, - "Name": { - "markdownDescription": "The name of the virtual cluster.", - "title": "Name", + "SpreadLevel": { + "markdownDescription": "Determines how placement groups spread instances.\n\n- Host \u2013 You can use `host` only with Outpost placement groups.\n- Rack \u2013 No usage restrictions.", + "title": "SpreadLevel", + "type": "string" + }, + "Strategy": { + "markdownDescription": "The placement strategy.", + "title": "Strategy", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "The tags to apply to the new placement group.", "title": "Tags", "type": "array" } }, - "required": [ - "ContainerProvider", - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::EMRContainers::VirtualCluster" + "AWS::EC2::PlacementGroup" ], "type": "string" }, @@ -89692,66 +96086,11 @@ } }, "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::EMRContainers::VirtualCluster.ContainerInfo": { - "additionalProperties": false, - "properties": { - "EksInfo": { - "$ref": "#/definitions/AWS::EMRContainers::VirtualCluster.EksInfo", - "markdownDescription": "The information about the Amazon EKS cluster.", - "title": "EksInfo" - } - }, - "required": [ - "EksInfo" - ], - "type": "object" - }, - "AWS::EMRContainers::VirtualCluster.ContainerProvider": { - "additionalProperties": false, - "properties": { - "Id": { - "markdownDescription": "The ID of the container cluster.\n\n*Minimum* : 1\n\n*Maximum* : 100\n\n*Pattern* : `^[0-9A-Za-z][A-Za-z0-9\\-_]*`", - "title": "Id", - "type": "string" - }, - "Info": { - "$ref": "#/definitions/AWS::EMRContainers::VirtualCluster.ContainerInfo", - "markdownDescription": "The information about the container cluster.", - "title": "Info" - }, - "Type": { - "markdownDescription": "The type of the container provider. Amazon EKS is the only supported type as of now.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Id", - "Info", "Type" ], "type": "object" }, - "AWS::EMRContainers::VirtualCluster.EksInfo": { - "additionalProperties": false, - "properties": { - "Namespace": { - "markdownDescription": "The namespaces of the EKS cluster.\n\n*Minimum* : 1\n\n*Maximum* : 63\n\n*Pattern* : `[a-z0-9]([-a-z0-9]*[a-z0-9])?`", - "title": "Namespace", - "type": "string" - } - }, - "required": [ - "Namespace" - ], - "type": "object" - }, - "AWS::EMRServerless::Application": { + "AWS::EC2::PrefixList": { "additionalProperties": false, "properties": { "Condition": { @@ -89786,101 +96125,47 @@ "Properties": { "additionalProperties": false, "properties": { - "Architecture": { - "markdownDescription": "The CPU architecture of an application.", - "title": "Architecture", + "AddressFamily": { + "markdownDescription": "The IP address type.\n\nValid Values: `IPv4` | `IPv6`", + "title": "AddressFamily", "type": "string" }, - "AutoStartConfiguration": { - "$ref": "#/definitions/AWS::EMRServerless::Application.AutoStartConfiguration", - "markdownDescription": "The configuration for an application to automatically start on job submission.", - "title": "AutoStartConfiguration" - }, - "AutoStopConfiguration": { - "$ref": "#/definitions/AWS::EMRServerless::Application.AutoStopConfiguration", - "markdownDescription": "The configuration for an application to automatically stop after a certain amount of time being idle.", - "title": "AutoStopConfiguration" - }, - "ImageConfiguration": { - "$ref": "#/definitions/AWS::EMRServerless::Application.ImageConfigurationInput", - "markdownDescription": "The image configuration applied to all worker types.", - "title": "ImageConfiguration" - }, - "InitialCapacity": { + "Entries": { "items": { - "$ref": "#/definitions/AWS::EMRServerless::Application.InitialCapacityConfigKeyValuePair" + "$ref": "#/definitions/AWS::EC2::PrefixList.Entry" }, - "markdownDescription": "The initial capacity of the application.", - "title": "InitialCapacity", + "markdownDescription": "The entries for the prefix list.", + "title": "Entries", "type": "array" }, - "MaximumCapacity": { - "$ref": "#/definitions/AWS::EMRServerless::Application.MaximumAllowedResources", - "markdownDescription": "The maximum capacity of the application. This is cumulative across all workers at any given point in time during the lifespan of the application is created. No new resources will be created once any one of the defined limits is hit.", - "title": "MaximumCapacity" - }, - "MonitoringConfiguration": { - "$ref": "#/definitions/AWS::EMRServerless::Application.MonitoringConfiguration", - "markdownDescription": "A configuration specification to be used when provisioning an application. A configuration consists of a classification, properties, and optional nested configurations. A classification refers to an application-specific configuration file. Properties are the settings you want to change in that file.", - "title": "MonitoringConfiguration" - }, - "Name": { - "markdownDescription": "The name of the application.", - "title": "Name", - "type": "string" - }, - "NetworkConfiguration": { - "$ref": "#/definitions/AWS::EMRServerless::Application.NetworkConfiguration", - "markdownDescription": "The network configuration for customer VPC connectivity for the application.", - "title": "NetworkConfiguration" + "MaxEntries": { + "markdownDescription": "The maximum number of entries for the prefix list. You can't modify the entries and the size of a prefix list at the same time.\n\nThis property is required when you create a prefix list.", + "title": "MaxEntries", + "type": "number" }, - "ReleaseLabel": { - "markdownDescription": "The EMR release associated with the application.", - "title": "ReleaseLabel", + "PrefixListName": { + "markdownDescription": "A name for the prefix list.\n\nConstraints: Up to 255 characters in length. The name cannot start with `com.amazonaws` .", + "title": "PrefixListName", "type": "string" }, - "RuntimeConfiguration": { - "items": { - "$ref": "#/definitions/AWS::EMRServerless::Application.ConfigurationObject" - }, - "markdownDescription": "The [Configuration](https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_Configuration.html) specifications of an application. Each configuration consists of a classification and properties. You use this parameter when creating or updating an application. To see the runtimeConfiguration object of an application, run the [GetApplication](https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_GetApplication.html) API operation.", - "title": "RuntimeConfiguration", - "type": "array" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags assigned to the application.", + "markdownDescription": "The tags for the prefix list.", "title": "Tags", "type": "array" - }, - "Type": { - "markdownDescription": "The type of application, such as Spark or Hive.", - "title": "Type", - "type": "string" - }, - "WorkerTypeSpecifications": { - "additionalProperties": false, - "markdownDescription": "The specification applied to each worker type.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::EMRServerless::Application.WorkerTypeSpecificationInput" - } - }, - "title": "WorkerTypeSpecifications", - "type": "object" } }, "required": [ - "ReleaseLabel", - "Type" + "AddressFamily", + "PrefixListName" ], "type": "object" }, "Type": { "enum": [ - "AWS::EMRServerless::Application" + "AWS::EC2::PrefixList" ], "type": "string" }, @@ -89899,311 +96184,26 @@ ], "type": "object" }, - "AWS::EMRServerless::Application.AutoStartConfiguration": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Enables the application to automatically start on job submission.", - "title": "Enabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::EMRServerless::Application.AutoStopConfiguration": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Enables the application to automatically stop after a certain amount of time being idle. Defaults to true.", - "title": "Enabled", - "type": "boolean" - }, - "IdleTimeoutMinutes": { - "markdownDescription": "The amount of idle time in minutes after which your application will automatically stop. Defaults to 15 minutes.", - "title": "IdleTimeoutMinutes", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EMRServerless::Application.CloudWatchLoggingConfiguration": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Enables CloudWatch logging.", - "title": "Enabled", - "type": "boolean" - }, - "EncryptionKeyArn": { - "markdownDescription": "The AWS Key Management Service (KMS) key ARN to encrypt the logs that you store in CloudWatch Logs.", - "title": "EncryptionKeyArn", - "type": "string" - }, - "LogGroupName": { - "markdownDescription": "The name of the log group in Amazon CloudWatch Logs where you want to publish your logs.", - "title": "LogGroupName", - "type": "string" - }, - "LogStreamNamePrefix": { - "markdownDescription": "Prefix for the CloudWatch log stream name.", - "title": "LogStreamNamePrefix", - "type": "string" - }, - "LogTypeMap": { - "items": { - "$ref": "#/definitions/AWS::EMRServerless::Application.LogTypeMapKeyValuePair" - }, - "markdownDescription": "", - "title": "LogTypeMap", - "type": "array" - } - }, - "type": "object" - }, - "AWS::EMRServerless::Application.ConfigurationObject": { - "additionalProperties": false, - "properties": { - "Classification": { - "markdownDescription": "The classification within a configuration.", - "title": "Classification", - "type": "string" - }, - "Configurations": { - "items": { - "$ref": "#/definitions/AWS::EMRServerless::Application.ConfigurationObject" - }, - "markdownDescription": "A list of additional configurations to apply within a configuration object.", - "title": "Configurations", - "type": "array" - }, - "Properties": { - "additionalProperties": true, - "markdownDescription": "A set of properties specified within a configuration classification.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Properties", - "type": "object" - } - }, - "required": [ - "Classification" - ], - "type": "object" - }, - "AWS::EMRServerless::Application.ImageConfigurationInput": { - "additionalProperties": false, - "properties": { - "ImageUri": { - "markdownDescription": "The URI of an image in the Amazon ECR registry. This field is required when you create a new application. If you leave this field blank in an update, Amazon EMR will remove the image configuration.", - "title": "ImageUri", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EMRServerless::Application.InitialCapacityConfig": { - "additionalProperties": false, - "properties": { - "WorkerConfiguration": { - "$ref": "#/definitions/AWS::EMRServerless::Application.WorkerConfiguration", - "markdownDescription": "The resource configuration of the initial capacity configuration.", - "title": "WorkerConfiguration" - }, - "WorkerCount": { - "markdownDescription": "The number of workers in the initial capacity configuration.", - "title": "WorkerCount", - "type": "number" - } - }, - "required": [ - "WorkerConfiguration", - "WorkerCount" - ], - "type": "object" - }, - "AWS::EMRServerless::Application.InitialCapacityConfigKeyValuePair": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "", - "title": "Key", - "type": "string" - }, - "Value": { - "$ref": "#/definitions/AWS::EMRServerless::Application.InitialCapacityConfig", - "markdownDescription": "", - "title": "Value" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - }, - "AWS::EMRServerless::Application.LogTypeMapKeyValuePair": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "", - "title": "Key", - "type": "string" - }, - "Value": { - "items": { - "type": "string" - }, - "markdownDescription": "", - "title": "Value", - "type": "array" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - }, - "AWS::EMRServerless::Application.ManagedPersistenceMonitoringConfiguration": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Enables managed logging and defaults to true. If set to false, managed logging will be turned off.", - "title": "Enabled", - "type": "boolean" - }, - "EncryptionKeyArn": { - "markdownDescription": "The KMS key ARN to encrypt the logs stored in managed log persistence.", - "title": "EncryptionKeyArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EMRServerless::Application.MaximumAllowedResources": { - "additionalProperties": false, - "properties": { - "Cpu": { - "markdownDescription": "The maximum allowed CPU for an application.", - "title": "Cpu", - "type": "string" - }, - "Disk": { - "markdownDescription": "The maximum allowed disk for an application.", - "title": "Disk", - "type": "string" - }, - "Memory": { - "markdownDescription": "The maximum allowed resources for an application.", - "title": "Memory", - "type": "string" - } - }, - "required": [ - "Cpu", - "Memory" - ], - "type": "object" - }, - "AWS::EMRServerless::Application.MonitoringConfiguration": { - "additionalProperties": false, - "properties": { - "CloudWatchLoggingConfiguration": { - "$ref": "#/definitions/AWS::EMRServerless::Application.CloudWatchLoggingConfiguration", - "markdownDescription": "The Amazon CloudWatch configuration for monitoring logs. You can configure your jobs to send log information to CloudWatch.", - "title": "CloudWatchLoggingConfiguration" - }, - "ManagedPersistenceMonitoringConfiguration": { - "$ref": "#/definitions/AWS::EMRServerless::Application.ManagedPersistenceMonitoringConfiguration", - "markdownDescription": "The managed log persistence configuration for a job run.", - "title": "ManagedPersistenceMonitoringConfiguration" - }, - "S3MonitoringConfiguration": { - "$ref": "#/definitions/AWS::EMRServerless::Application.S3MonitoringConfiguration", - "markdownDescription": "The Amazon S3 configuration for monitoring log publishing.", - "title": "S3MonitoringConfiguration" - } - }, - "type": "object" - }, - "AWS::EMRServerless::Application.NetworkConfiguration": { - "additionalProperties": false, - "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The array of security group Ids for customer VPC connectivity.", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The array of subnet Ids for customer VPC connectivity.", - "title": "SubnetIds", - "type": "array" - } - }, - "type": "object" - }, - "AWS::EMRServerless::Application.S3MonitoringConfiguration": { - "additionalProperties": false, - "properties": { - "EncryptionKeyArn": { - "markdownDescription": "The KMS key ARN to encrypt the logs published to the given Amazon S3 destination.", - "title": "EncryptionKeyArn", - "type": "string" - }, - "LogUri": { - "markdownDescription": "The Amazon S3 destination URI for log publishing.", - "title": "LogUri", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EMRServerless::Application.WorkerConfiguration": { + "AWS::EC2::PrefixList.Entry": { "additionalProperties": false, "properties": { - "Cpu": { - "markdownDescription": "The CPU requirements of the worker configuration. Each worker can have 1, 2, 4, 8, or 16 vCPUs.", - "title": "Cpu", - "type": "string" - }, - "Disk": { - "markdownDescription": "The disk requirements of the worker configuration.", - "title": "Disk", + "Cidr": { + "markdownDescription": "The CIDR block.", + "title": "Cidr", "type": "string" }, - "Memory": { - "markdownDescription": "The memory requirements of the worker configuration.", - "title": "Memory", + "Description": { + "markdownDescription": "A description for the entry.\n\nConstraints: Up to 255 characters in length.", + "title": "Description", "type": "string" } }, "required": [ - "Cpu", - "Memory" + "Cidr" ], "type": "object" }, - "AWS::EMRServerless::Application.WorkerTypeSpecificationInput": { - "additionalProperties": false, - "properties": { - "ImageConfiguration": { - "$ref": "#/definitions/AWS::EMRServerless::Application.ImageConfigurationInput", - "markdownDescription": "The image configuration for a worker type.", - "title": "ImageConfiguration" - } - }, - "type": "object" - }, - "AWS::ElastiCache::CacheCluster": { + "AWS::EC2::Route": { "additionalProperties": false, "properties": { "Condition": { @@ -90238,160 +96238,90 @@ "Properties": { "additionalProperties": false, "properties": { - "AZMode": { - "markdownDescription": "Specifies whether the nodes in this Memcached cluster are created in a single Availability Zone or created across multiple Availability Zones in the cluster's region.\n\nThis parameter is only supported for Memcached clusters.\n\nIf the `AZMode` and `PreferredAvailabilityZones` are not specified, ElastiCache assumes `single-az` mode.", - "title": "AZMode", + "CarrierGatewayId": { + "markdownDescription": "The ID of the carrier gateway.\n\nYou can only use this option when the VPC contains a subnet which is associated with a Wavelength Zone.", + "title": "CarrierGatewayId", "type": "string" }, - "AutoMinorVersionUpgrade": { - "markdownDescription": "If you are running Valkey 7.2 or later, or Redis OSS engine version 6.0 or later, set this parameter to yes if you want to opt-in to the next minor version upgrade campaign. This parameter is disabled for previous versions.", - "title": "AutoMinorVersionUpgrade", - "type": "boolean" - }, - "CacheNodeType": { - "markdownDescription": "The compute and memory capacity of the nodes in the node group (shard).\n\nThe following node types are supported by ElastiCache. Generally speaking, the current generation types provide more memory and computational power at lower cost when compared to their equivalent previous generation counterparts. Changing the CacheNodeType of a Memcached instance is currently not supported. If you need to scale using Memcached, we recommend forcing a replacement update by changing the `LogicalResourceId` of the resource.\n\n- General purpose:\n\n- Current generation:\n\n*M6g node types:* `cache.m6g.large` , `cache.m6g.xlarge` , `cache.m6g.2xlarge` , `cache.m6g.4xlarge` , `cache.m6g.8xlarge` , `cache.m6g.12xlarge` , `cache.m6g.16xlarge` , `cache.m6g.24xlarge`\n\n*M5 node types:* `cache.m5.large` , `cache.m5.xlarge` , `cache.m5.2xlarge` , `cache.m5.4xlarge` , `cache.m5.12xlarge` , `cache.m5.24xlarge`\n\n*M4 node types:* `cache.m4.large` , `cache.m4.xlarge` , `cache.m4.2xlarge` , `cache.m4.4xlarge` , `cache.m4.10xlarge`\n\n*T4g node types:* `cache.t4g.micro` , `cache.t4g.small` , `cache.t4g.medium`\n\n*T3 node types:* `cache.t3.micro` , `cache.t3.small` , `cache.t3.medium`\n\n*T2 node types:* `cache.t2.micro` , `cache.t2.small` , `cache.t2.medium`\n- Previous generation: (not recommended)\n\n*T1 node types:* `cache.t1.micro`\n\n*M1 node types:* `cache.m1.small` , `cache.m1.medium` , `cache.m1.large` , `cache.m1.xlarge`\n\n*M3 node types:* `cache.m3.medium` , `cache.m3.large` , `cache.m3.xlarge` , `cache.m3.2xlarge`\n- Compute optimized:\n\n- Previous generation: (not recommended)\n\n*C1 node types:* `cache.c1.xlarge`\n- Memory optimized:\n\n- Current generation:\n\n*R6gd node types:* `cache.r6gd.xlarge` , `cache.r6gd.2xlarge` , `cache.r6gd.4xlarge` , `cache.r6gd.8xlarge` , `cache.r6gd.12xlarge` , `cache.r6gd.16xlarge`\n\n> The `r6gd` family is available in the following regions: `us-east-2` , `us-east-1` , `us-west-2` , `us-west-1` , `eu-west-1` , `eu-central-1` , `ap-northeast-1` , `ap-southeast-1` , `ap-southeast-2` . \n\n*R6g node types:* `cache.r6g.large` , `cache.r6g.xlarge` , `cache.r6g.2xlarge` , `cache.r6g.4xlarge` , `cache.r6g.8xlarge` , `cache.r6g.12xlarge` , `cache.r6g.16xlarge` , `cache.r6g.24xlarge`\n\n*R5 node types:* `cache.r5.large` , `cache.r5.xlarge` , `cache.r5.2xlarge` , `cache.r5.4xlarge` , `cache.r5.12xlarge` , `cache.r5.24xlarge`\n\n*R4 node types:* `cache.r4.large` , `cache.r4.xlarge` , `cache.r4.2xlarge` , `cache.r4.4xlarge` , `cache.r4.8xlarge` , `cache.r4.16xlarge`\n- Previous generation: (not recommended)\n\n*M2 node types:* `cache.m2.xlarge` , `cache.m2.2xlarge` , `cache.m2.4xlarge`\n\n*R3 node types:* `cache.r3.large` , `cache.r3.xlarge` , `cache.r3.2xlarge` , `cache.r3.4xlarge` , `cache.r3.8xlarge`\n\nFor region availability, see [Supported Node Types by Region](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/CacheNodes.SupportedTypes.html#CacheNodes.SupportedTypesByRegion)\n\n*Additional node type info*\n\n- All current generation instance types are created in Amazon VPC by default.\n- Valkey and Redis OSS append-only files (AOF) are not supported for T1 or T2 instances.\n- Valkey and Redis OSS Multi-AZ with automatic failover is not supported on T1 instances.\n- Redis OSS configuration variables `appendonly` and `appendfsync` are not supported on Redis OSS version 2.8.22 and later.", - "title": "CacheNodeType", + "CoreNetworkArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the core network.", + "title": "CoreNetworkArn", "type": "string" }, - "CacheParameterGroupName": { - "markdownDescription": "The name of the parameter group to associate with this cluster. If this argument is omitted, the default parameter group for the specified engine is used. You cannot use any parameter group which has `cluster-enabled='yes'` when creating a cluster.", - "title": "CacheParameterGroupName", + "DestinationCidrBlock": { + "markdownDescription": "The IPv4 CIDR address block used for the destination match. Routing decisions are based on the most specific match. We modify the specified CIDR block to its canonical form; for example, if you specify `100.68.0.18/18` , we modify it to `100.68.0.0/18` .", + "title": "DestinationCidrBlock", "type": "string" }, - "CacheSecurityGroupNames": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of security group names to associate with this cluster.\n\nUse this parameter only when you are creating a cluster outside of an Amazon Virtual Private Cloud (Amazon VPC).", - "title": "CacheSecurityGroupNames", - "type": "array" - }, - "CacheSubnetGroupName": { - "markdownDescription": "The name of the subnet group to be used for the cluster.\n\nUse this parameter only when you are creating a cluster in an Amazon Virtual Private Cloud (Amazon VPC).\n\n> If you're going to launch your cluster in an Amazon VPC, you need to create a subnet group before you start creating a cluster. For more information, see `[AWS::ElastiCache::SubnetGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticache-subnetgroup.html) .`", - "title": "CacheSubnetGroupName", + "DestinationIpv6CidrBlock": { + "markdownDescription": "The IPv6 CIDR block used for the destination match. Routing decisions are based on the most specific match.", + "title": "DestinationIpv6CidrBlock", "type": "string" }, - "ClusterName": { - "markdownDescription": "A name for the cache cluster. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the cache cluster. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nThe name must contain 1 to 50 alphanumeric characters or hyphens. The name must start with a letter and cannot end with a hyphen or contain two consecutive hyphens.", - "title": "ClusterName", + "DestinationPrefixListId": { + "markdownDescription": "The ID of a prefix list used for the destination match.", + "title": "DestinationPrefixListId", "type": "string" }, - "Engine": { - "markdownDescription": "The name of the cache engine to be used for this cluster.\n\nValid values for this parameter are: `memcached` | valkey | `redis`", - "title": "Engine", + "EgressOnlyInternetGatewayId": { + "markdownDescription": "[IPv6 traffic only] The ID of an egress-only internet gateway.", + "title": "EgressOnlyInternetGatewayId", "type": "string" }, - "EngineVersion": { - "markdownDescription": "The version number of the cache engine to be used for this cluster. To view the supported cache engine versions, use the DescribeCacheEngineVersions operation.\n\n*Important:* You can upgrade to a newer engine version (see [Selecting a Cache Engine and Version](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/SelectEngine.html#VersionManagement) ), but you cannot downgrade to an earlier engine version. If you want to use an earlier engine version, you must delete the existing cluster or replication group and create it anew with the earlier engine version.", - "title": "EngineVersion", + "GatewayId": { + "markdownDescription": "The ID of an internet gateway or virtual private gateway attached to your VPC.", + "title": "GatewayId", "type": "string" }, - "IpDiscovery": { - "markdownDescription": "The network type you choose when modifying a cluster, either `ipv4` | `ipv6` . IPv6 is supported for workloads using Valkey 7.2 and above, Redis OSS engine version 6.2 to 7.1 and Memcached engine version 1.6.6 and above on all instances built on the [Nitro system](https://docs.aws.amazon.com/ec2/nitro/) .", - "title": "IpDiscovery", + "InstanceId": { + "markdownDescription": "The ID of a NAT instance in your VPC. The operation fails if you specify an instance ID unless exactly one network interface is attached.", + "title": "InstanceId", "type": "string" }, - "LogDeliveryConfigurations": { - "items": { - "$ref": "#/definitions/AWS::ElastiCache::CacheCluster.LogDeliveryConfigurationRequest" - }, - "markdownDescription": "Specifies the destination, format and type of the logs.", - "title": "LogDeliveryConfigurations", - "type": "array" - }, - "NetworkType": { - "markdownDescription": "Must be either `ipv4` | `ipv6` | `dual_stack` . IPv6 is supported for workloads using Valkey 7.2 and above, Redis OSS engine version 6.2 to 7.1 and Memcached engine version 1.6.6 and above on all instances built on the [Nitro system](https://docs.aws.amazon.com/ec2/nitro/) .", - "title": "NetworkType", + "LocalGatewayId": { + "markdownDescription": "The ID of the local gateway.", + "title": "LocalGatewayId", "type": "string" }, - "NotificationTopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Simple Notification Service (SNS) topic to which notifications are sent.\n\n> The Amazon SNS topic owner must be the same as the cluster owner.", - "title": "NotificationTopicArn", + "NatGatewayId": { + "markdownDescription": "[IPv4 traffic only] The ID of a NAT gateway.", + "title": "NatGatewayId", "type": "string" }, - "NumCacheNodes": { - "markdownDescription": "The number of cache nodes that the cache cluster should have.\n\n> However, if the `PreferredAvailabilityZone` and `PreferredAvailabilityZones` properties were not previously specified and you don't specify any new values, an update requires [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "NumCacheNodes", - "type": "number" - }, - "Port": { - "markdownDescription": "The port number on which each of the cache nodes accepts connections.", - "title": "Port", - "type": "number" - }, - "PreferredAvailabilityZone": { - "markdownDescription": "The EC2 Availability Zone in which the cluster is created.\n\nAll nodes belonging to this cluster are placed in the preferred Availability Zone. If you want to create your nodes across multiple Availability Zones, use `PreferredAvailabilityZones` .\n\nDefault: System chosen Availability Zone.", - "title": "PreferredAvailabilityZone", + "NetworkInterfaceId": { + "markdownDescription": "The ID of a network interface.", + "title": "NetworkInterfaceId", "type": "string" }, - "PreferredAvailabilityZones": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the Availability Zones in which cache nodes are created. The order of the zones in the list is not important.\n\nThis option is only supported on Memcached.\n\n> If you are creating your cluster in an Amazon VPC (recommended) you can only locate nodes in Availability Zones that are associated with the subnets in the selected subnet group.\n> \n> The number of Availability Zones listed must equal the value of `NumCacheNodes` . \n\nIf you want all the nodes in the same Availability Zone, use `PreferredAvailabilityZone` instead, or repeat the Availability Zone multiple times in the list.\n\nDefault: System chosen Availability Zones.", - "title": "PreferredAvailabilityZones", - "type": "array" - }, - "PreferredMaintenanceWindow": { - "markdownDescription": "Specifies the weekly time range during which maintenance on the cluster is performed. It is specified as a range in the format ddd:hh24:mi-ddd:hh24:mi (24H Clock UTC). The minimum maintenance window is a 60 minute period.\n\nValid values for `ddd` are:\n\n- `sun`\n- `mon`\n- `tue`\n- `wed`\n- `thu`\n- `fri`\n- `sat`\n\nExample: `sun:23:00-mon:01:30`", - "title": "PreferredMaintenanceWindow", + "RouteTableId": { + "markdownDescription": "The ID of the route table for the route.", + "title": "RouteTableId", "type": "string" }, - "SnapshotArns": { - "items": { - "type": "string" - }, - "markdownDescription": "A single-element string list containing an Amazon Resource Name (ARN) that uniquely identifies a Valkey or Redis OSS RDB snapshot file stored in Amazon S3. The snapshot file is used to populate the node group (shard). The Amazon S3 object name in the ARN cannot contain any commas.\n\n> This parameter is only valid if the `Engine` parameter is `redis` . \n\nExample of an Amazon S3 ARN: `arn:aws:s3:::my_bucket/snapshot1.rdb`", - "title": "SnapshotArns", - "type": "array" - }, - "SnapshotName": { - "markdownDescription": "The name of a Valkey or Redis OSS snapshot from which to restore data into the new node group (shard). The snapshot status changes to `restoring` while the new node group (shard) is being created.\n\n> This parameter is only valid if the `Engine` parameter is `redis` .", - "title": "SnapshotName", + "TransitGatewayId": { + "markdownDescription": "The ID of a transit gateway.", + "title": "TransitGatewayId", "type": "string" }, - "SnapshotRetentionLimit": { - "markdownDescription": "The number of days for which ElastiCache retains automatic snapshots before deleting them. For example, if you set `SnapshotRetentionLimit` to 5, a snapshot taken today is retained for 5 days before being deleted.\n\n> This parameter is only valid if the `Engine` parameter is `redis` . \n\nDefault: 0 (i.e., automatic backups are disabled for this cache cluster).", - "title": "SnapshotRetentionLimit", - "type": "number" - }, - "SnapshotWindow": { - "markdownDescription": "The daily time range (in UTC) during which ElastiCache begins taking a daily snapshot of your node group (shard).\n\nExample: `05:00-09:00`\n\nIf you do not specify this parameter, ElastiCache automatically chooses an appropriate time range.\n\n> This parameter is only valid if the `Engine` parameter is `redis` .", - "title": "SnapshotWindow", + "VpcEndpointId": { + "markdownDescription": "The ID of a VPC endpoint. Supported for Gateway Load Balancer endpoints only.", + "title": "VpcEndpointId", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of tags to be added to this resource.", - "title": "Tags", - "type": "array" - }, - "TransitEncryptionEnabled": { - "markdownDescription": "A flag that enables in-transit encryption when set to true.", - "title": "TransitEncryptionEnabled", - "type": "boolean" - }, - "VpcSecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more VPC security groups associated with the cluster.\n\nUse this parameter only when you are creating a cluster in an Amazon Virtual Private Cloud (Amazon VPC).", - "title": "VpcSecurityGroupIds", - "type": "array" + "VpcPeeringConnectionId": { + "markdownDescription": "The ID of a VPC peering connection.", + "title": "VpcPeeringConnectionId", + "type": "string" } }, "required": [ - "CacheNodeType", - "Engine", - "NumCacheNodes" + "RouteTableId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElastiCache::CacheCluster" + "AWS::EC2::Route" ], "type": "string" }, @@ -90410,83 +96340,7 @@ ], "type": "object" }, - "AWS::ElastiCache::CacheCluster.CloudWatchLogsDestinationDetails": { - "additionalProperties": false, - "properties": { - "LogGroup": { - "markdownDescription": "The name of the CloudWatch Logs log group.", - "title": "LogGroup", - "type": "string" - } - }, - "required": [ - "LogGroup" - ], - "type": "object" - }, - "AWS::ElastiCache::CacheCluster.DestinationDetails": { - "additionalProperties": false, - "properties": { - "CloudWatchLogsDetails": { - "$ref": "#/definitions/AWS::ElastiCache::CacheCluster.CloudWatchLogsDestinationDetails", - "markdownDescription": "The configuration details of the CloudWatch Logs destination. Note that this field is marked as required but only if CloudWatch Logs was chosen as the destination.", - "title": "CloudWatchLogsDetails" - }, - "KinesisFirehoseDetails": { - "$ref": "#/definitions/AWS::ElastiCache::CacheCluster.KinesisFirehoseDestinationDetails", - "markdownDescription": "The configuration details of the Kinesis Data Firehose destination. Note that this field is marked as required but only if Kinesis Data Firehose was chosen as the destination.", - "title": "KinesisFirehoseDetails" - } - }, - "type": "object" - }, - "AWS::ElastiCache::CacheCluster.KinesisFirehoseDestinationDetails": { - "additionalProperties": false, - "properties": { - "DeliveryStream": { - "markdownDescription": "The name of the Kinesis Data Firehose delivery stream.", - "title": "DeliveryStream", - "type": "string" - } - }, - "required": [ - "DeliveryStream" - ], - "type": "object" - }, - "AWS::ElastiCache::CacheCluster.LogDeliveryConfigurationRequest": { - "additionalProperties": false, - "properties": { - "DestinationDetails": { - "$ref": "#/definitions/AWS::ElastiCache::CacheCluster.DestinationDetails", - "markdownDescription": "Configuration details of either a CloudWatch Logs destination or Kinesis Data Firehose destination.", - "title": "DestinationDetails" - }, - "DestinationType": { - "markdownDescription": "Specify either CloudWatch Logs or Kinesis Data Firehose as the destination type. Valid values are either `cloudwatch-logs` or `kinesis-firehose` .", - "title": "DestinationType", - "type": "string" - }, - "LogFormat": { - "markdownDescription": "Valid values are either `json` or `text` .", - "title": "LogFormat", - "type": "string" - }, - "LogType": { - "markdownDescription": "Valid value is either `slow-log` , which refers to [slow-log](https://docs.aws.amazon.com/https://redis.io/commands/slowlog) or `engine-log` .", - "title": "LogType", - "type": "string" - } - }, - "required": [ - "DestinationDetails", - "DestinationType", - "LogFormat", - "LogType" - ], - "type": "object" - }, - "AWS::ElastiCache::GlobalReplicationGroup": { + "AWS::EC2::RouteServer": { "additionalProperties": false, "properties": { "Condition": { @@ -90521,66 +96375,43 @@ "Properties": { "additionalProperties": false, "properties": { - "AutomaticFailoverEnabled": { - "markdownDescription": "Specifies whether a read-only replica is automatically promoted to read/write primary if the existing primary fails.\n\n`AutomaticFailoverEnabled` must be enabled for Valkey or Redis OSS (cluster mode enabled) replication groups.", - "title": "AutomaticFailoverEnabled", - "type": "boolean" - }, - "CacheNodeType": { - "markdownDescription": "The cache node type of the Global datastore", - "title": "CacheNodeType", - "type": "string" - }, - "CacheParameterGroupName": { - "markdownDescription": "The name of the cache parameter group to use with the Global datastore. It must be compatible with the major engine version used by the Global datastore.", - "title": "CacheParameterGroupName", - "type": "string" - }, - "EngineVersion": { - "markdownDescription": "The Elasticache Valkey or Redis OSS engine version.", - "title": "EngineVersion", - "type": "string" - }, - "GlobalNodeGroupCount": { - "markdownDescription": "The number of node groups that comprise the Global Datastore.", - "title": "GlobalNodeGroupCount", + "AmazonSideAsn": { + "markdownDescription": "The Border Gateway Protocol (BGP) Autonomous System Number (ASN) for the appliance. Valid values are from 1 to 4294967295. We recommend using a private ASN in the 64512\u201365534 (16-bit ASN) or 4200000000\u20134294967294 (32-bit ASN) range.", + "title": "AmazonSideAsn", "type": "number" }, - "GlobalReplicationGroupDescription": { - "markdownDescription": "The optional description of the Global datastore", - "title": "GlobalReplicationGroupDescription", + "PersistRoutes": { + "markdownDescription": "Indicates whether routes should be persisted after all BGP sessions are terminated.", + "title": "PersistRoutes", "type": "string" }, - "GlobalReplicationGroupIdSuffix": { - "markdownDescription": "The suffix name of a Global Datastore. The suffix guarantees uniqueness of the Global Datastore name across multiple regions.", - "title": "GlobalReplicationGroupIdSuffix", - "type": "string" + "PersistRoutesDuration": { + "markdownDescription": "The number of minutes a route server will wait after BGP is re-established to unpersist the routes in the FIB and RIB. Value must be in the range of 1-5. The default value is 1. Only valid if `persistRoutesState` is 'enabled'.\n\nIf you set the duration to 1 minute, then when your network appliance re-establishes BGP with route server, it has 1 minute to relearn it's adjacent network and advertise those routes to route server before route server resumes normal functionality. In most cases, 1 minute is probably sufficient. If, however, you have concerns that your BGP network may not be capable of fully re-establishing and re-learning everything in 1 minute, you can increase the duration up to 5 minutes.", + "title": "PersistRoutesDuration", + "type": "number" }, - "Members": { - "items": { - "$ref": "#/definitions/AWS::ElastiCache::GlobalReplicationGroup.GlobalReplicationGroupMember" - }, - "markdownDescription": "The replication groups that comprise the Global datastore.", - "title": "Members", - "type": "array" + "SnsNotificationsEnabled": { + "markdownDescription": "Indicates whether SNS notifications are enabled for the route server. Enabling SNS notifications persists BGP status changes to an SNS topic provisioned by AWS .", + "title": "SnsNotificationsEnabled", + "type": "boolean" }, - "RegionalConfigurations": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::ElastiCache::GlobalReplicationGroup.RegionalConfiguration" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The Regions that comprise the Global Datastore.", - "title": "RegionalConfigurations", + "markdownDescription": "Any tags assigned to the route server.", + "title": "Tags", "type": "array" } }, "required": [ - "Members" + "AmazonSideAsn" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElastiCache::GlobalReplicationGroup" + "AWS::EC2::RouteServer" ], "type": "string" }, @@ -90599,71 +96430,7 @@ ], "type": "object" }, - "AWS::ElastiCache::GlobalReplicationGroup.GlobalReplicationGroupMember": { - "additionalProperties": false, - "properties": { - "ReplicationGroupId": { - "markdownDescription": "The replication group id of the Global datastore member.", - "title": "ReplicationGroupId", - "type": "string" - }, - "ReplicationGroupRegion": { - "markdownDescription": "The Amazon region of the Global datastore member.", - "title": "ReplicationGroupRegion", - "type": "string" - }, - "Role": { - "markdownDescription": "Indicates the role of the replication group, `PRIMARY` or `SECONDARY` .", - "title": "Role", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ElastiCache::GlobalReplicationGroup.RegionalConfiguration": { - "additionalProperties": false, - "properties": { - "ReplicationGroupId": { - "markdownDescription": "The name of the secondary cluster", - "title": "ReplicationGroupId", - "type": "string" - }, - "ReplicationGroupRegion": { - "markdownDescription": "The Amazon region where the cluster is stored", - "title": "ReplicationGroupRegion", - "type": "string" - }, - "ReshardingConfigurations": { - "items": { - "$ref": "#/definitions/AWS::ElastiCache::GlobalReplicationGroup.ReshardingConfiguration" - }, - "markdownDescription": "A list of PreferredAvailabilityZones objects that specifies the configuration of a node group in the resharded cluster.", - "title": "ReshardingConfigurations", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ElastiCache::GlobalReplicationGroup.ReshardingConfiguration": { - "additionalProperties": false, - "properties": { - "NodeGroupId": { - "markdownDescription": "Either the ElastiCache supplied 4-digit id or a user supplied id for the node group these configuration values apply to.", - "title": "NodeGroupId", - "type": "string" - }, - "PreferredAvailabilityZones": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of preferred availability zones for the nodes in this cluster.", - "title": "PreferredAvailabilityZones", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ElastiCache::ParameterGroup": { + "AWS::EC2::RouteServerAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -90698,45 +96465,26 @@ "Properties": { "additionalProperties": false, "properties": { - "CacheParameterGroupFamily": { - "markdownDescription": "The name of the cache parameter group family that this cache parameter group is compatible with.\n\nValid values are: `valkey8` | `valkey7` | `memcached1.4` | `memcached1.5` | `memcached1.6` | `redis2.6` | `redis2.8` | `redis3.2` | `redis4.0` | `redis5.0` | `redis6.x` | `redis7`", - "title": "CacheParameterGroupFamily", + "RouteServerId": { + "markdownDescription": "The ID of the associated route server.", + "title": "RouteServerId", "type": "string" }, - "Description": { - "markdownDescription": "The description for this cache parameter group.", - "title": "Description", + "VpcId": { + "markdownDescription": "The ID of the associated VPC.", + "title": "VpcId", "type": "string" - }, - "Properties": { - "additionalProperties": true, - "markdownDescription": "A comma-delimited list of parameter name/value pairs.\n\nFor example:\n\n```\n\"Properties\" : { \"cas_disabled\" : \"1\", \"chunk_size_growth_factor\" : \"1.02\"\n}\n```", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Properties", - "type": "object" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A tag that can be added to an ElastiCache parameter group. Tags are composed of a Key/Value pair. You can use tags to categorize and track all your parameter groups. A tag with a null Value is permitted.", - "title": "Tags", - "type": "array" } }, "required": [ - "CacheParameterGroupFamily", - "Description" + "RouteServerId", + "VpcId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElastiCache::ParameterGroup" + "AWS::EC2::RouteServerAssociation" ], "type": "string" }, @@ -90755,7 +96503,7 @@ ], "type": "object" }, - "AWS::ElastiCache::ReplicationGroup": { + "AWS::EC2::RouteServerEndpoint": { "additionalProperties": false, "properties": { "Condition": { @@ -90790,234 +96538,34 @@ "Properties": { "additionalProperties": false, "properties": { - "AtRestEncryptionEnabled": { - "markdownDescription": "A flag that enables encryption at rest when set to `true` .\n\n*Required:* Only available when creating a replication group in an Amazon VPC using Redis OSS version `3.2.6` or `4.x` onward.\n\nDefault: `false`", - "title": "AtRestEncryptionEnabled", - "type": "boolean" - }, - "AuthToken": { - "markdownDescription": "*Reserved parameter.* The password used to access a password protected server.\n\n`AuthToken` can be specified only on replication groups where `TransitEncryptionEnabled` is `true` . For more information, see [Authenticating Valkey or Redis OSS users with the AUTH Command](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/auth.html) .\n\n> For HIPAA compliance, you must specify `TransitEncryptionEnabled` as `true` , an `AuthToken` , and a `CacheSubnetGroup` . \n\nPassword constraints:\n\n- Must be only printable ASCII characters.\n- Must be at least 16 characters and no more than 128 characters in length.\n- Nonalphanumeric characters are restricted to (!, &, #, $, ^, <, >, -, ).\n\nFor more information, see [AUTH password](https://docs.aws.amazon.com/http://redis.io/commands/AUTH) at http://redis.io/commands/AUTH.\n\n> If ADDING the AuthToken, update requires [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "AuthToken", - "type": "string" - }, - "AutoMinorVersionUpgrade": { - "markdownDescription": "If you are running Valkey 7.2 or later, or Redis OSS 6.0 or later, set this parameter to yes if you want to opt-in to the next minor version upgrade campaign. This parameter is disabled for previous versions.", - "title": "AutoMinorVersionUpgrade", - "type": "boolean" - }, - "AutomaticFailoverEnabled": { - "markdownDescription": "Specifies whether a read-only replica is automatically promoted to read/write primary if the existing primary fails.\n\n`AutomaticFailoverEnabled` must be enabled for Valkey or Redis OSS (cluster mode enabled) replication groups.\n\nDefault: false", - "title": "AutomaticFailoverEnabled", - "type": "boolean" - }, - "CacheNodeType": { - "markdownDescription": "The compute and memory capacity of the nodes in the node group (shard).\n\nThe following node types are supported by ElastiCache. Generally speaking, the current generation types provide more memory and computational power at lower cost when compared to their equivalent previous generation counterparts.\n\n- General purpose:\n\n- Current generation:\n\n*M6g node types:* `cache.m6g.large` , `cache.m6g.xlarge` , `cache.m6g.2xlarge` , `cache.m6g.4xlarge` , `cache.m6g.12xlarge` , `cache.m6g.24xlarge`\n\n*M5 node types:* `cache.m5.large` , `cache.m5.xlarge` , `cache.m5.2xlarge` , `cache.m5.4xlarge` , `cache.m5.12xlarge` , `cache.m5.24xlarge`\n\n*M4 node types:* `cache.m4.large` , `cache.m4.xlarge` , `cache.m4.2xlarge` , `cache.m4.4xlarge` , `cache.m4.10xlarge`\n\n*T4g node types:* `cache.t4g.micro` , `cache.t4g.small` , `cache.t4g.medium`\n\n*T3 node types:* `cache.t3.micro` , `cache.t3.small` , `cache.t3.medium`\n\n*T2 node types:* `cache.t2.micro` , `cache.t2.small` , `cache.t2.medium`\n- Previous generation: (not recommended)\n\n*T1 node types:* `cache.t1.micro`\n\n*M1 node types:* `cache.m1.small` , `cache.m1.medium` , `cache.m1.large` , `cache.m1.xlarge`\n\n*M3 node types:* `cache.m3.medium` , `cache.m3.large` , `cache.m3.xlarge` , `cache.m3.2xlarge`\n- Compute optimized:\n\n- Previous generation: (not recommended)\n\n*C1 node types:* `cache.c1.xlarge`\n- Memory optimized:\n\n- Current generation:\n\n*R6gd node types:* `cache.r6gd.xlarge` , `cache.r6gd.2xlarge` , `cache.r6gd.4xlarge` , `cache.r6gd.8xlarge` , `cache.r6gd.12xlarge` , `cache.r6gd.16xlarge`\n\n> The `r6gd` family is available in the following regions: `us-east-2` , `us-east-1` , `us-west-2` , `us-west-1` , `eu-west-1` , `eu-central-1` , `ap-northeast-1` , `ap-southeast-1` , `ap-southeast-2` . \n\n*R6g node types:* `cache.r6g.large` , `cache.r6g.xlarge` , `cache.r6g.2xlarge` , `cache.r6g.4xlarge` , `cache.r6g.12xlarge` , `cache.r6g.24xlarge`\n\n*R5 node types:* `cache.r5.large` , `cache.r5.xlarge` , `cache.r5.2xlarge` , `cache.r5.4xlarge` , `cache.r5.12xlarge` , `cache.r5.24xlarge`\n\n*R4 node types:* `cache.r4.large` , `cache.r4.xlarge` , `cache.r4.2xlarge` , `cache.r4.4xlarge` , `cache.r4.8xlarge` , `cache.r4.16xlarge`\n- Previous generation: (not recommended)\n\n*M2 node types:* `cache.m2.xlarge` , `cache.m2.2xlarge` , `cache.m2.4xlarge`\n\n*R3 node types:* `cache.r3.large` , `cache.r3.xlarge` , `cache.r3.2xlarge` , `cache.r3.4xlarge` , `cache.r3.8xlarge`\n\nFor region availability, see [Supported Node Types by Amazon Region](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/CacheNodes.SupportedTypes.html#CacheNodes.SupportedTypesByRegion)", - "title": "CacheNodeType", - "type": "string" - }, - "CacheParameterGroupName": { - "markdownDescription": "The name of the parameter group to associate with this replication group. If this argument is omitted, the default cache parameter group for the specified engine is used.\n\nIf you are running Valkey or Redis OSS version 3.2.4 or later, only one node group (shard), and want to use a default parameter group, we recommend that you specify the parameter group by name.\n\n- To create a Valkey or Redis OSS (cluster mode disabled) replication group, use `CacheParameterGroupName=default.redis3.2` .\n- To create a Valkey or Redis OSS (cluster mode enabled) replication group, use `CacheParameterGroupName=default.redis3.2.cluster.on` .", - "title": "CacheParameterGroupName", - "type": "string" - }, - "CacheSecurityGroupNames": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of cache security group names to associate with this replication group.", - "title": "CacheSecurityGroupNames", - "type": "array" - }, - "CacheSubnetGroupName": { - "markdownDescription": "The name of the cache subnet group to be used for the replication group.\n\n> If you're going to launch your cluster in an Amazon VPC, you need to create a subnet group before you start creating a cluster. For more information, see [AWS::ElastiCache::SubnetGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticache-subnetgroup.html) .", - "title": "CacheSubnetGroupName", - "type": "string" - }, - "ClusterMode": { - "markdownDescription": "The mode can be enabled or disabled. To change the cluster mode from disabled to enabled, you must first set the cluster mode to compatible. The compatible mode allows your Valkey or Redis OSS clients to connect using both cluster mode enabled and cluster mode disabled. After you migrate all Valkey or Redis OSS clients to use cluster mode enabled, you can then complete cluster mode configuration and set the cluster mode to enabled. For more information, see [Modify cluster mode](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/modify-cluster-mode.html) .", - "title": "ClusterMode", - "type": "string" - }, - "DataTieringEnabled": { - "markdownDescription": "Enables data tiering. Data tiering is only supported for replication groups using the r6gd node type. This parameter must be set to true when using r6gd nodes. For more information, see [Data tiering](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/data-tiering.html) .", - "title": "DataTieringEnabled", - "type": "boolean" - }, - "Engine": { - "markdownDescription": "The name of the cache engine to be used for the clusters in this replication group. The value must be set to `valkey` or `redis` .\n\n> Upgrading an existing engine from redis to valkey is done through in-place migration, and requires a parameter group.", - "title": "Engine", - "type": "string" - }, - "EngineVersion": { - "markdownDescription": "The version number of the cache engine to be used for the clusters in this replication group. To view the supported cache engine versions, use the `DescribeCacheEngineVersions` operation.\n\n*Important:* You can upgrade to a newer engine version (see [Selecting a Cache Engine and Version](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/SelectEngine.html#VersionManagement) ) in the *ElastiCache User Guide* , but you cannot downgrade to an earlier engine version. If you want to use an earlier engine version, you must delete the existing cluster or replication group and create it anew with the earlier engine version.", - "title": "EngineVersion", - "type": "string" - }, - "GlobalReplicationGroupId": { - "markdownDescription": "The name of the Global datastore", - "title": "GlobalReplicationGroupId", - "type": "string" - }, - "IpDiscovery": { - "markdownDescription": "The network type you choose when creating a replication group, either `ipv4` | `ipv6` . IPv6 is supported for workloads using Valkey 7.2 and above, Redis OSS engine version 6.2 to 7.1 or Memcached engine version 1.6.6 and above on all instances built on the [Nitro system](https://docs.aws.amazon.com/ec2/nitro/) .", - "title": "IpDiscovery", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "The ID of the KMS key used to encrypt the disk on the cluster.", - "title": "KmsKeyId", - "type": "string" - }, - "LogDeliveryConfigurations": { - "items": { - "$ref": "#/definitions/AWS::ElastiCache::ReplicationGroup.LogDeliveryConfigurationRequest" - }, - "markdownDescription": "Specifies the destination, format and type of the logs.", - "title": "LogDeliveryConfigurations", - "type": "array" - }, - "MultiAZEnabled": { - "markdownDescription": "A flag indicating if you have Multi-AZ enabled to enhance fault tolerance. For more information, see [Minimizing Downtime: Multi-AZ](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/AutoFailover.html) .", - "title": "MultiAZEnabled", - "type": "boolean" - }, - "NetworkType": { - "markdownDescription": "Must be either `ipv4` | `ipv6` | `dual_stack` . IPv6 is supported for workloads using Valkey 7.2 and above, Redis OSS engine version 6.2 to 7.1 and Memcached engine version 1.6.6 and above on all instances built on the [Nitro system](https://docs.aws.amazon.com/ec2/nitro/) .", - "title": "NetworkType", - "type": "string" - }, - "NodeGroupConfiguration": { - "items": { - "$ref": "#/definitions/AWS::ElastiCache::ReplicationGroup.NodeGroupConfiguration" - }, - "markdownDescription": "`NodeGroupConfiguration` is a property of the `AWS::ElastiCache::ReplicationGroup` resource that configures an Amazon ElastiCache (ElastiCache) Valkey or Redis OSS cluster node group.\n\nIf you set [UseOnlineResharding](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-useonlineresharding) to `true` , you can update `NodeGroupConfiguration` without interruption. When `UseOnlineResharding` is set to `false` , or is not specified, updating `NodeGroupConfiguration` results in [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "NodeGroupConfiguration", - "type": "array" - }, - "NotificationTopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Simple Notification Service (SNS) topic to which notifications are sent.\n\n> The Amazon SNS topic owner must be the same as the cluster owner.", - "title": "NotificationTopicArn", - "type": "string" - }, - "NumCacheClusters": { - "markdownDescription": "The number of clusters this replication group initially has.\n\nThis parameter is not used if there is more than one node group (shard). You should use `ReplicasPerNodeGroup` instead.\n\nIf `AutomaticFailoverEnabled` is `true` , the value of this parameter must be at least 2. If `AutomaticFailoverEnabled` is `false` you can omit this parameter (it will default to 1), or you can explicitly set it to a value between 2 and 6.\n\nThe maximum permitted value for `NumCacheClusters` is 6 (1 primary plus 5 replicas).", - "title": "NumCacheClusters", - "type": "number" - }, - "NumNodeGroups": { - "markdownDescription": "An optional parameter that specifies the number of node groups (shards) for this Valkey or Redis OSS (cluster mode enabled) replication group. For Valkey or Redis OSS (cluster mode disabled) either omit this parameter or set it to 1.\n\nIf you set [UseOnlineResharding](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-useonlineresharding) to `true` , you can update `NumNodeGroups` without interruption. When `UseOnlineResharding` is set to `false` , or is not specified, updating `NumNodeGroups` results in [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .\n\nDefault: 1", - "title": "NumNodeGroups", - "type": "number" - }, - "Port": { - "markdownDescription": "The port number on which each member of the replication group accepts connections.", - "title": "Port", - "type": "number" - }, - "PreferredCacheClusterAZs": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of EC2 Availability Zones in which the replication group's clusters are created. The order of the Availability Zones in the list is the order in which clusters are allocated. The primary cluster is created in the first AZ in the list.\n\nThis parameter is not used if there is more than one node group (shard). You should use `NodeGroupConfiguration` instead.\n\n> If you are creating your replication group in an Amazon VPC (recommended), you can only locate clusters in Availability Zones associated with the subnets in the selected subnet group.\n> \n> The number of Availability Zones listed must equal the value of `NumCacheClusters` . \n\nDefault: system chosen Availability Zones.", - "title": "PreferredCacheClusterAZs", - "type": "array" - }, - "PreferredMaintenanceWindow": { - "markdownDescription": "Specifies the weekly time range during which maintenance on the cluster is performed. It is specified as a range in the format ddd:hh24:mi-ddd:hh24:mi (24H Clock UTC). The minimum maintenance window is a 60 minute period.\n\nValid values for `ddd` are:\n\n- `sun`\n- `mon`\n- `tue`\n- `wed`\n- `thu`\n- `fri`\n- `sat`\n\nExample: `sun:23:00-mon:01:30`", - "title": "PreferredMaintenanceWindow", - "type": "string" - }, - "PrimaryClusterId": { - "markdownDescription": "The identifier of the cluster that serves as the primary for this replication group. This cluster must already exist and have a status of `available` .\n\nThis parameter is not required if `NumCacheClusters` , `NumNodeGroups` , or `ReplicasPerNodeGroup` is specified.", - "title": "PrimaryClusterId", - "type": "string" - }, - "ReplicasPerNodeGroup": { - "markdownDescription": "An optional parameter that specifies the number of replica nodes in each node group (shard). Valid values are 0 to 5.", - "title": "ReplicasPerNodeGroup", - "type": "number" - }, - "ReplicationGroupDescription": { - "markdownDescription": "A user-created description for the replication group.", - "title": "ReplicationGroupDescription", - "type": "string" - }, - "ReplicationGroupId": { - "markdownDescription": "The replication group identifier. This parameter is stored as a lowercase string.\n\nConstraints:\n\n- A name must contain from 1 to 40 alphanumeric characters or hyphens.\n- The first character must be a letter.\n- A name cannot end with a hyphen or contain two consecutive hyphens.", - "title": "ReplicationGroupId", - "type": "string" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more Amazon VPC security groups associated with this replication group.\n\nUse this parameter only when you are creating a replication group in an Amazon Virtual Private Cloud (Amazon VPC).", - "title": "SecurityGroupIds", - "type": "array" - }, - "SnapshotArns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of Amazon Resource Names (ARN) that uniquely identify the Valkey or Redis OSS RDB snapshot files stored in Amazon S3. The snapshot files are used to populate the new replication group. The Amazon S3 object name in the ARN cannot contain any commas. The new replication group will have the number of node groups (console: shards) specified by the parameter *NumNodeGroups* or the number of node groups configured by *NodeGroupConfiguration* regardless of the number of ARNs specified here.\n\nExample of an Amazon S3 ARN: `arn:aws:s3:::my_bucket/snapshot1.rdb`", - "title": "SnapshotArns", - "type": "array" - }, - "SnapshotName": { - "markdownDescription": "The name of a snapshot from which to restore data into the new replication group. The snapshot status changes to `restoring` while the new replication group is being created.", - "title": "SnapshotName", - "type": "string" - }, - "SnapshotRetentionLimit": { - "markdownDescription": "The number of days for which ElastiCache retains automatic snapshots before deleting them. For example, if you set `SnapshotRetentionLimit` to 5, a snapshot that was taken today is retained for 5 days before being deleted.\n\nDefault: 0 (i.e., automatic backups are disabled for this cluster).", - "title": "SnapshotRetentionLimit", - "type": "number" - }, - "SnapshotWindow": { - "markdownDescription": "The daily time range (in UTC) during which ElastiCache begins taking a daily snapshot of your node group (shard).\n\nExample: `05:00-09:00`\n\nIf you do not specify this parameter, ElastiCache automatically chooses an appropriate time range.", - "title": "SnapshotWindow", + "RouteServerId": { + "markdownDescription": "The ID of the route server associated with this endpoint.", + "title": "RouteServerId", "type": "string" }, - "SnapshottingClusterId": { - "markdownDescription": "The cluster ID that is used as the daily snapshot source for the replication group. This parameter cannot be set for Valkey or Redis OSS (cluster mode enabled) replication groups.", - "title": "SnapshottingClusterId", + "SubnetId": { + "markdownDescription": "The ID of the subnet to place the route server endpoint into.", + "title": "SubnetId", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tags to be added to this resource. Tags are comma-separated key,value pairs (e.g. Key= `myKey` , Value= `myKeyValue` . You can include multiple tags as shown following: Key= `myKey` , Value= `myKeyValue` Key= `mySecondKey` , Value= `mySecondKeyValue` . Tags on replication groups will be replicated to all nodes.", + "markdownDescription": "Any tags assigned to the route server endpoint.", "title": "Tags", "type": "array" - }, - "TransitEncryptionEnabled": { - "markdownDescription": "A flag that enables in-transit encryption when set to `true` .\n\nThis parameter is only available when creating a replication group in an Amazon VPC using Valkey version `7.2` and above, Redis OSS version `3.2.6` , or Redis OSS version `4.x` and above, and the cluster is being created in an Amazon VPC.\n\nIf you enable in-transit encryption, you must also specify a value for `CacheSubnetGroup` .\n\n> TransitEncryptionEnabled is required when creating a new valkey replication group. \n\nDefault: `false`\n\n> For HIPAA compliance, you must specify `TransitEncryptionEnabled` as `true` , an `AuthToken` , and a `CacheSubnetGroup` .", - "title": "TransitEncryptionEnabled", - "type": "boolean" - }, - "TransitEncryptionMode": { - "markdownDescription": "A setting that allows you to migrate your clients to use in-transit encryption, with no downtime.\n\nWhen setting `TransitEncryptionEnabled` to `true` , you can set your `TransitEncryptionMode` to `preferred` in the same request, to allow both encrypted and unencrypted connections at the same time. Once you migrate all your Valkey or Redis OSS clients to use encrypted connections you can modify the value to `required` to allow encrypted connections only.\n\nSetting `TransitEncryptionMode` to `required` is a two-step process that requires you to first set the `TransitEncryptionMode` to `preferred` , after that you can set `TransitEncryptionMode` to `required` .\n\nThis process will not trigger the replacement of the replication group.", - "title": "TransitEncryptionMode", - "type": "string" - }, - "UserGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The ID of user group to associate with the replication group.", - "title": "UserGroupIds", - "type": "array" } }, "required": [ - "ReplicationGroupDescription" + "RouteServerId", + "SubnetId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElastiCache::ReplicationGroup" + "AWS::EC2::RouteServerEndpoint" ], "type": "string" }, @@ -91036,117 +96584,110 @@ ], "type": "object" }, - "AWS::ElastiCache::ReplicationGroup.CloudWatchLogsDestinationDetails": { + "AWS::EC2::RouteServerPeer": { "additionalProperties": false, "properties": { - "LogGroup": { - "markdownDescription": "The name of the CloudWatch Logs log group.", - "title": "LogGroup", + "Condition": { "type": "string" - } - }, - "required": [ - "LogGroup" - ], - "type": "object" - }, - "AWS::ElastiCache::ReplicationGroup.DestinationDetails": { - "additionalProperties": false, - "properties": { - "CloudWatchLogsDetails": { - "$ref": "#/definitions/AWS::ElastiCache::ReplicationGroup.CloudWatchLogsDestinationDetails", - "markdownDescription": "The configuration details of the CloudWatch Logs destination. Note that this field is marked as required but only if CloudWatch Logs was chosen as the destination.", - "title": "CloudWatchLogsDetails" }, - "KinesisFirehoseDetails": { - "$ref": "#/definitions/AWS::ElastiCache::ReplicationGroup.KinesisFirehoseDestinationDetails", - "markdownDescription": "The configuration details of the Kinesis Data Firehose destination. Note that this field is marked as required but only if Kinesis Data Firehose was chosen as the destination.", - "title": "KinesisFirehoseDetails" - } - }, - "type": "object" - }, - "AWS::ElastiCache::ReplicationGroup.KinesisFirehoseDestinationDetails": { - "additionalProperties": false, - "properties": { - "DeliveryStream": { - "markdownDescription": "The name of the Kinesis Data Firehose delivery stream.", - "title": "DeliveryStream", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "required": [ - "DeliveryStream" - ], - "type": "object" - }, - "AWS::ElastiCache::ReplicationGroup.LogDeliveryConfigurationRequest": { - "additionalProperties": false, - "properties": { - "DestinationDetails": { - "$ref": "#/definitions/AWS::ElastiCache::ReplicationGroup.DestinationDetails", - "markdownDescription": "Configuration details of either a CloudWatch Logs destination or Kinesis Data Firehose destination.", - "title": "DestinationDetails" }, - "DestinationType": { - "markdownDescription": "Specify either CloudWatch Logs or Kinesis Data Firehose as the destination type. Valid values are either `cloudwatch-logs` or `kinesis-firehose` .", - "title": "DestinationType", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "LogFormat": { - "markdownDescription": "Valid values are either `json` or `text` .", - "title": "LogFormat", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "BgpOptions": { + "$ref": "#/definitions/AWS::EC2::RouteServerPeer.BgpOptions", + "markdownDescription": "The BGP configuration options for this peer, including ASN (Autonomous System Number) and BFD (Bidrectional Forwarding Detection) settings.", + "title": "BgpOptions" + }, + "PeerAddress": { + "markdownDescription": "The IPv4 address of the peer device.", + "title": "PeerAddress", + "type": "string" + }, + "RouteServerEndpointId": { + "markdownDescription": "The ID of the route server endpoint associated with this peer.", + "title": "RouteServerEndpointId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Any tags assigned to the route server peer.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "BgpOptions", + "PeerAddress", + "RouteServerEndpointId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::EC2::RouteServerPeer" + ], "type": "string" }, - "LogType": { - "markdownDescription": "Valid value is either `slow-log` , which refers to [slow-log](https://docs.aws.amazon.com/https://redis.io/commands/slowlog) or `engine-log` .", - "title": "LogType", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "DestinationDetails", - "DestinationType", - "LogFormat", - "LogType" + "Type", + "Properties" ], "type": "object" }, - "AWS::ElastiCache::ReplicationGroup.NodeGroupConfiguration": { + "AWS::EC2::RouteServerPeer.BgpOptions": { "additionalProperties": false, "properties": { - "NodeGroupId": { - "markdownDescription": "Either the ElastiCache supplied 4-digit id or a user supplied id for the node group these configuration values apply to.", - "title": "NodeGroupId", - "type": "string" - }, - "PrimaryAvailabilityZone": { - "markdownDescription": "The Availability Zone where the primary node of this node group (shard) is launched.", - "title": "PrimaryAvailabilityZone", - "type": "string" - }, - "ReplicaAvailabilityZones": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of Availability Zones to be used for the read replicas. The number of Availability Zones in this list must match the value of `ReplicaCount` or `ReplicasPerNodeGroup` if not specified.", - "title": "ReplicaAvailabilityZones", - "type": "array" - }, - "ReplicaCount": { - "markdownDescription": "The number of read replica nodes in this node group (shard).", - "title": "ReplicaCount", + "PeerAsn": { + "markdownDescription": "The Border Gateway Protocol (BGP) Autonomous System Number (ASN) for the appliance. Valid values are from 1 to 4294967295. We recommend using a private ASN in the 64512\u201365534 (16-bit ASN) or 4200000000\u20134294967294 (32-bit ASN) range.", + "title": "PeerAsn", "type": "number" }, - "Slots": { - "markdownDescription": "A string of comma-separated values where the first set of values are the slot numbers (zero based), and the second set of values are the keyspaces for each slot. The following example specifies three slots (numbered 0, 1, and 2): `0,1,2,0-4999,5000-9999,10000-16,383` .\n\nIf you don't specify a value, ElastiCache allocates keys equally among each slot.\n\nWhen you use an `UseOnlineResharding` update policy to update the number of node groups without interruption, ElastiCache evenly distributes the keyspaces between the specified number of slots. This cannot be updated later. Therefore, after updating the number of node groups in this way, you should remove the value specified for the `Slots` property of each `NodeGroupConfiguration` from the stack template, as it no longer reflects the actual values in each node group. For more information, see [UseOnlineResharding Policy](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-useonlineresharding) .", - "title": "Slots", + "PeerLivenessDetection": { + "markdownDescription": "The liveness detection protocol used for the BGP peer.\n\nThe requested liveness detection protocol for the BGP peer.\n\n- `bgp-keepalive` : The standard BGP keep alive mechanism ( [RFC4271](https://docs.aws.amazon.com/https://www.rfc-editor.org/rfc/rfc4271#page-21) ) that is stable but may take longer to fail-over in cases of network impact or router failure.\n- `bfd` : An additional Bidirectional Forwarding Detection (BFD) protocol ( [RFC5880](https://docs.aws.amazon.com/https://www.rfc-editor.org/rfc/rfc5880) ) that enables fast failover by using more sensitive liveness detection.\n\nDefaults to `bgp-keepalive` .", + "title": "PeerLivenessDetection", "type": "string" } }, "type": "object" }, - "AWS::ElastiCache::SecurityGroup": { + "AWS::EC2::RouteServerPropagation": { "additionalProperties": false, "properties": { "Condition": { @@ -91181,28 +96722,26 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description for the cache security group.", - "title": "Description", + "RouteServerId": { + "markdownDescription": "The ID of the route server configured for route propagation.", + "title": "RouteServerId", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A tag that can be added to an ElastiCache security group. Tags are composed of a Key/Value pair. You can use tags to categorize and track all your security groups. A tag with a null Value is permitted.", - "title": "Tags", - "type": "array" + "RouteTableId": { + "markdownDescription": "The ID of the route table configured for route server propagation.", + "title": "RouteTableId", + "type": "string" } }, "required": [ - "Description" + "RouteServerId", + "RouteTableId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElastiCache::SecurityGroup" + "AWS::EC2::RouteServerPropagation" ], "type": "string" }, @@ -91221,7 +96760,7 @@ ], "type": "object" }, - "AWS::ElastiCache::SecurityGroupIngress": { + "AWS::EC2::RouteTable": { "additionalProperties": false, "properties": { "Condition": { @@ -91256,31 +96795,28 @@ "Properties": { "additionalProperties": false, "properties": { - "CacheSecurityGroupName": { - "markdownDescription": "The name of the Cache Security Group to authorize.", - "title": "CacheSecurityGroupName", - "type": "string" - }, - "EC2SecurityGroupName": { - "markdownDescription": "Name of the EC2 Security Group to include in the authorization.", - "title": "EC2SecurityGroupName", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Any tags assigned to the route table.", + "title": "Tags", + "type": "array" }, - "EC2SecurityGroupOwnerId": { - "markdownDescription": "Specifies the Amazon Account ID of the owner of the EC2 security group specified in the EC2SecurityGroupName property. The Amazon access key ID is not an acceptable value.", - "title": "EC2SecurityGroupOwnerId", + "VpcId": { + "markdownDescription": "The ID of the VPC.", + "title": "VpcId", "type": "string" } }, "required": [ - "CacheSecurityGroupName", - "EC2SecurityGroupName" + "VpcId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElastiCache::SecurityGroupIngress" + "AWS::EC2::RouteTable" ], "type": "string" }, @@ -91299,7 +96835,7 @@ ], "type": "object" }, - "AWS::ElastiCache::ServerlessCache": { + "AWS::EC2::SecurityGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -91334,108 +96870,54 @@ "Properties": { "additionalProperties": false, "properties": { - "CacheUsageLimits": { - "$ref": "#/definitions/AWS::ElastiCache::ServerlessCache.CacheUsageLimits", - "markdownDescription": "The cache usage limit for the serverless cache.", - "title": "CacheUsageLimits" - }, - "DailySnapshotTime": { - "markdownDescription": "The daily time that a cache snapshot will be created. Default is NULL, i.e. snapshots will not be created at a specific time on a daily basis. Available for Valkey, Redis OSS and Serverless Memcached only.", - "title": "DailySnapshotTime", - "type": "string" - }, - "Description": { - "markdownDescription": "A description of the serverless cache.", - "title": "Description", - "type": "string" - }, - "Endpoint": { - "$ref": "#/definitions/AWS::ElastiCache::ServerlessCache.Endpoint", - "markdownDescription": "Represents the information required for client programs to connect to a cache node. This value is read-only.", - "title": "Endpoint" - }, - "Engine": { - "markdownDescription": "The engine the serverless cache is compatible with.", - "title": "Engine", - "type": "string" - }, - "FinalSnapshotName": { - "markdownDescription": "The name of the final snapshot taken of a cache before the cache is deleted.", - "title": "FinalSnapshotName", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "The ID of the AWS Key Management Service (KMS) key that is used to encrypt data at rest in the serverless cache.", - "title": "KmsKeyId", - "type": "string" - }, - "MajorEngineVersion": { - "markdownDescription": "The version number of the engine the serverless cache is compatible with.", - "title": "MajorEngineVersion", + "GroupDescription": { + "markdownDescription": "A description for the security group.\n\nConstraints: Up to 255 characters in length\n\nValid characters: a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*", + "title": "GroupDescription", "type": "string" }, - "ReaderEndpoint": { - "$ref": "#/definitions/AWS::ElastiCache::ServerlessCache.Endpoint", - "markdownDescription": "Represents the information required for client programs to connect to a cache node. This value is read-only.", - "title": "ReaderEndpoint" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the EC2 security groups associated with the serverless cache.", - "title": "SecurityGroupIds", - "type": "array" - }, - "ServerlessCacheName": { - "markdownDescription": "The unique identifier of the serverless cache.", - "title": "ServerlessCacheName", + "GroupName": { + "markdownDescription": "The name of the security group. Names are case-insensitive and must be unique within the VPC.\n\nConstraints: Up to 255 characters in length. Can't start with `sg-` .\n\nValid characters: a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*", + "title": "GroupName", "type": "string" }, - "SnapshotArnsToRestore": { + "SecurityGroupEgress": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EC2::SecurityGroup.Egress" }, - "markdownDescription": "The ARN of the snapshot from which to restore data into the new cache.", - "title": "SnapshotArnsToRestore", + "markdownDescription": "The outbound rules associated with the security group.", + "title": "SecurityGroupEgress", "type": "array" }, - "SnapshotRetentionLimit": { - "markdownDescription": "The current setting for the number of serverless cache snapshots the system will retain. Available for Valkey, Redis OSS and Serverless Memcached only.", - "title": "SnapshotRetentionLimit", - "type": "number" - }, - "SubnetIds": { + "SecurityGroupIngress": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EC2::SecurityGroup.Ingress" }, - "markdownDescription": "If no subnet IDs are given and your VPC is in us-west-1, then ElastiCache will select 2 default subnets across AZs in your VPC. For all other Regions, if no subnet IDs are given then ElastiCache will select 3 default subnets across AZs in your default VPC.", - "title": "SubnetIds", + "markdownDescription": "The inbound rules associated with the security group.", + "title": "SecurityGroupIngress", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tags to be added to this resource.", + "markdownDescription": "Any tags assigned to the security group.", "title": "Tags", "type": "array" }, - "UserGroupId": { - "markdownDescription": "The identifier of the user group associated with the serverless cache. Available for Valkey and Redis OSS only. Default is NULL.", - "title": "UserGroupId", + "VpcId": { + "markdownDescription": "The ID of the VPC for the security group. If you do not specify a VPC, the default is to use the default VPC for the Region. If there's no specified VPC and no default VPC, security group creation fails.", + "title": "VpcId", "type": "string" } }, "required": [ - "Engine", - "ServerlessCacheName" + "GroupDescription" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElastiCache::ServerlessCache" + "AWS::EC2::SecurityGroup" ], "type": "string" }, @@ -91454,79 +96936,115 @@ ], "type": "object" }, - "AWS::ElastiCache::ServerlessCache.CacheUsageLimits": { + "AWS::EC2::SecurityGroup.Egress": { "additionalProperties": false, "properties": { - "DataStorage": { - "$ref": "#/definitions/AWS::ElastiCache::ServerlessCache.DataStorage", - "markdownDescription": "The maximum data storage limit in the cache, expressed in Gigabytes.", - "title": "DataStorage" + "CidrIp": { + "markdownDescription": "The IPv4 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", + "title": "CidrIp", + "type": "string" }, - "ECPUPerSecond": { - "$ref": "#/definitions/AWS::ElastiCache::ServerlessCache.ECPUPerSecond", - "markdownDescription": "The number of ElastiCache Processing Units (ECPU) the cache can consume per second.", - "title": "ECPUPerSecond" - } - }, - "type": "object" - }, - "AWS::ElastiCache::ServerlessCache.DataStorage": { - "additionalProperties": false, - "properties": { - "Maximum": { - "markdownDescription": "The upper limit for data storage the cache is set to use.", - "title": "Maximum", - "type": "number" + "CidrIpv6": { + "markdownDescription": "The IPv6 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", + "title": "CidrIpv6", + "type": "string" }, - "Minimum": { - "markdownDescription": "The lower limit for data storage the cache is set to use.", - "title": "Minimum", + "Description": { + "markdownDescription": "A description for the security group rule.\n\nConstraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*", + "title": "Description", + "type": "string" + }, + "DestinationPrefixListId": { + "markdownDescription": "The prefix list IDs for the destination AWS service. This is the AWS service that you want to access through a VPC endpoint from instances associated with the security group.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .", + "title": "DestinationPrefixListId", + "type": "string" + }, + "DestinationSecurityGroupId": { + "markdownDescription": "The ID of the destination VPC security group.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .", + "title": "DestinationSecurityGroupId", + "type": "string" + }, + "FromPort": { + "markdownDescription": "If the protocol is TCP or UDP, this is the start of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP type or -1 (all ICMP types).", + "title": "FromPort", "type": "number" }, - "Unit": { - "markdownDescription": "The unit that the storage is measured in, in GB.", - "title": "Unit", + "IpProtocol": { + "markdownDescription": "The IP protocol name ( `tcp` , `udp` , `icmp` , `icmpv6` ) or number (see [Protocol Numbers](https://docs.aws.amazon.com/http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) ).\n\nUse `-1` to specify all protocols. When authorizing security group rules, specifying `-1` or a protocol number other than `tcp` , `udp` , `icmp` , or `icmpv6` allows traffic on all ports, regardless of any port range you specify. For `tcp` , `udp` , and `icmp` , you must specify a port range. For `icmpv6` , the port range is optional; if you omit the port range, traffic for all types and codes is allowed.", + "title": "IpProtocol", "type": "string" + }, + "ToPort": { + "markdownDescription": "If the protocol is TCP or UDP, this is the end of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP code or -1 (all ICMP codes). If the start port is -1 (all ICMP types), then the end port must be -1 (all ICMP codes).", + "title": "ToPort", + "type": "number" } }, "required": [ - "Unit" + "IpProtocol" ], "type": "object" }, - "AWS::ElastiCache::ServerlessCache.ECPUPerSecond": { + "AWS::EC2::SecurityGroup.Ingress": { "additionalProperties": false, "properties": { - "Maximum": { - "markdownDescription": "The configuration for the maximum number of ECPUs the cache can consume per second.", - "title": "Maximum", - "type": "number" + "CidrIp": { + "markdownDescription": "The IPv4 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `SourcePrefixListId` , or `SourceSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", + "title": "CidrIp", + "type": "string" }, - "Minimum": { - "markdownDescription": "The configuration for the minimum number of ECPUs the cache should be able consume per second.", - "title": "Minimum", + "CidrIpv6": { + "markdownDescription": "The IPv6 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `SourcePrefixListId` , or `SourceSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", + "title": "CidrIpv6", + "type": "string" + }, + "Description": { + "markdownDescription": "Updates the description of an ingress (inbound) security group rule. You can replace an existing description, or add a description to a rule that did not have one previously.\n\nConstraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*", + "title": "Description", + "type": "string" + }, + "FromPort": { + "markdownDescription": "If the protocol is TCP or UDP, this is the start of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP type or -1 (all ICMP types).", + "title": "FromPort", "type": "number" - } - }, - "type": "object" - }, - "AWS::ElastiCache::ServerlessCache.Endpoint": { - "additionalProperties": false, - "properties": { - "Address": { - "markdownDescription": "The DNS hostname of the cache node.", - "title": "Address", + }, + "IpProtocol": { + "markdownDescription": "The IP protocol name ( `tcp` , `udp` , `icmp` , `icmpv6` ) or number (see [Protocol Numbers](https://docs.aws.amazon.com/http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) ).\n\nUse `-1` to specify all protocols. When authorizing security group rules, specifying `-1` or a protocol number other than `tcp` , `udp` , `icmp` , or `icmpv6` allows traffic on all ports, regardless of any port range you specify. For `tcp` , `udp` , and `icmp` , you must specify a port range. For `icmpv6` , the port range is optional; if you omit the port range, traffic for all types and codes is allowed.", + "title": "IpProtocol", "type": "string" }, - "Port": { - "markdownDescription": "The port number that the cache engine is listening on.", - "title": "Port", + "SourcePrefixListId": { + "markdownDescription": "The ID of a prefix list.", + "title": "SourcePrefixListId", "type": "string" + }, + "SourceSecurityGroupId": { + "markdownDescription": "The ID of the security group.", + "title": "SourceSecurityGroupId", + "type": "string" + }, + "SourceSecurityGroupName": { + "markdownDescription": "[Default VPC] The name of the source security group. You must specify either the security group ID or the security group name. You can't specify the group name in combination with an IP address range. Creates rules that grant full ICMP, UDP, and TCP access.\n\nFor security groups in a nondefault VPC, you must specify the group ID.", + "title": "SourceSecurityGroupName", + "type": "string" + }, + "SourceSecurityGroupOwnerId": { + "markdownDescription": "[nondefault VPC] The AWS account ID for the source security group, if the source security group is in a different account. You can't specify this property with an IP address range. Creates rules that grant full ICMP, UDP, and TCP access.\n\nIf you specify `SourceSecurityGroupName` or `SourceSecurityGroupId` and that security group is owned by a different account than the account creating the stack, you must specify the `SourceSecurityGroupOwnerId` ; otherwise, this property is optional.", + "title": "SourceSecurityGroupOwnerId", + "type": "string" + }, + "ToPort": { + "markdownDescription": "If the protocol is TCP or UDP, this is the end of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP code or -1 (all ICMP codes). If the start port is -1 (all ICMP types), then the end port must be -1 (all ICMP codes).", + "title": "ToPort", + "type": "number" } }, + "required": [ + "IpProtocol" + ], "type": "object" }, - "AWS::ElastiCache::SubnetGroup": { + "AWS::EC2::SecurityGroupEgress": { "additionalProperties": false, "properties": { "Condition": { @@ -91561,42 +97079,61 @@ "Properties": { "additionalProperties": false, "properties": { - "CacheSubnetGroupName": { - "markdownDescription": "The name for the cache subnet group. This value is stored as a lowercase string.\n\nConstraints: Must contain no more than 255 alphanumeric characters or hyphens.\n\nExample: `mysubnetgroup`", - "title": "CacheSubnetGroupName", + "CidrIp": { + "markdownDescription": "The IPv4 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", + "title": "CidrIp", + "type": "string" + }, + "CidrIpv6": { + "markdownDescription": "The IPv6 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", + "title": "CidrIpv6", "type": "string" }, "Description": { - "markdownDescription": "The description for the cache subnet group.", + "markdownDescription": "The description of an egress (outbound) security group rule.\n\nConstraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*", "title": "Description", "type": "string" }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The EC2 subnet IDs for the cache subnet group.", - "title": "SubnetIds", - "type": "array" + "DestinationPrefixListId": { + "markdownDescription": "The prefix list IDs for an AWS service. This is the AWS service to access through a VPC endpoint from instances associated with the security group.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .", + "title": "DestinationPrefixListId", + "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A tag that can be added to an ElastiCache subnet group. Tags are composed of a Key/Value pair. You can use tags to categorize and track all your subnet groups. A tag with a null Value is permitted.", - "title": "Tags", - "type": "array" + "DestinationSecurityGroupId": { + "markdownDescription": "The ID of the security group.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .", + "title": "DestinationSecurityGroupId", + "type": "string" + }, + "FromPort": { + "markdownDescription": "If the protocol is TCP or UDP, this is the start of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP type or -1 (all ICMP types).", + "title": "FromPort", + "type": "number" + }, + "GroupId": { + "markdownDescription": "The ID of the security group. You must specify either the security group ID or the security group name in the request. For security groups in a nondefault VPC, you must specify the security group ID.", + "title": "GroupId", + "type": "string" + }, + "IpProtocol": { + "markdownDescription": "The IP protocol name ( `tcp` , `udp` , `icmp` , `icmpv6` ) or number (see [Protocol Numbers](https://docs.aws.amazon.com/http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) ).\n\nUse `-1` to specify all protocols. When authorizing security group rules, specifying `-1` or a protocol number other than `tcp` , `udp` , `icmp` , or `icmpv6` allows traffic on all ports, regardless of any port range you specify. For `tcp` , `udp` , and `icmp` , you must specify a port range. For `icmpv6` , the port range is optional; if you omit the port range, traffic for all types and codes is allowed.", + "title": "IpProtocol", + "type": "string" + }, + "ToPort": { + "markdownDescription": "If the protocol is TCP or UDP, this is the end of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP code or -1 (all ICMP codes). If the start port is -1 (all ICMP types), then the end port must be -1 (all ICMP codes).", + "title": "ToPort", + "type": "number" } }, "required": [ - "Description", - "SubnetIds" + "GroupId", + "IpProtocol" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElastiCache::SubnetGroup" + "AWS::EC2::SecurityGroupEgress" ], "type": "string" }, @@ -91615,7 +97152,7 @@ ], "type": "object" }, - "AWS::ElastiCache::User": { + "AWS::EC2::SecurityGroupIngress": { "additionalProperties": false, "properties": { "Condition": { @@ -91650,63 +97187,75 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessString": { - "markdownDescription": "Access permissions string used for this user.", - "title": "AccessString", + "CidrIp": { + "markdownDescription": "The IPv4 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `SourcePrefixListId` , or `SourceSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", + "title": "CidrIp", "type": "string" }, - "AuthenticationMode": { - "$ref": "#/definitions/AWS::ElastiCache::User.AuthenticationMode", - "markdownDescription": "Specifies the authentication mode to use. Below is an example of the possible JSON values:\n\n```\n{ Passwords: [\"*****\", \"******\"] // If Type is password.\n}\n```", - "title": "AuthenticationMode" + "CidrIpv6": { + "markdownDescription": "The IPv6 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `SourcePrefixListId` , or `SourceSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", + "title": "CidrIpv6", + "type": "string" }, - "Engine": { - "markdownDescription": "The current supported values are valkey and redis.", - "title": "Engine", + "Description": { + "markdownDescription": "Updates the description of an ingress (inbound) security group rule. You can replace an existing description, or add a description to a rule that did not have one previously.\n\nConstraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*", + "title": "Description", "type": "string" }, - "NoPasswordRequired": { - "markdownDescription": "Indicates a password is not required for this user.", - "title": "NoPasswordRequired", - "type": "boolean" + "FromPort": { + "markdownDescription": "The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type number. A value of `-1` indicates all ICMP/ICMPv6 types. If you specify all ICMP/ICMPv6 types, you must specify all codes.\n\nUse this for ICMP and any protocol that uses ports.", + "title": "FromPort", + "type": "number" }, - "Passwords": { - "items": { - "type": "string" - }, - "markdownDescription": "Passwords used for this user. You can create up to two passwords for each user.", - "title": "Passwords", - "type": "array" + "GroupId": { + "markdownDescription": "The ID of the security group.", + "title": "GroupId", + "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The list of tags.", - "title": "Tags", - "type": "array" + "GroupName": { + "markdownDescription": "[Default VPC] The name of the security group. For security groups for a default VPC you can specify either the ID or the name of the security group. For security groups for a nondefault VPC, you must specify the ID of the security group.", + "title": "GroupName", + "type": "string" }, - "UserId": { - "markdownDescription": "The ID of the user.", - "title": "UserId", + "IpProtocol": { + "markdownDescription": "The IP protocol name ( `tcp` , `udp` , `icmp` , `icmpv6` ) or number (see [Protocol Numbers](https://docs.aws.amazon.com/http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) ).\n\nUse `-1` to specify all protocols. When authorizing security group rules, specifying `-1` or a protocol number other than `tcp` , `udp` , `icmp` , or `icmpv6` allows traffic on all ports, regardless of any port range you specify. For `tcp` , `udp` , and `icmp` , you must specify a port range. For `icmpv6` , the port range is optional; if you omit the port range, traffic for all types and codes is allowed.", + "title": "IpProtocol", "type": "string" }, - "UserName": { - "markdownDescription": "The username of the user.", - "title": "UserName", + "SourcePrefixListId": { + "markdownDescription": "The ID of a prefix list.", + "title": "SourcePrefixListId", + "type": "string" + }, + "SourceSecurityGroupId": { + "markdownDescription": "The ID of the security group. You must specify either the security group ID or the security group name. For security groups in a nondefault VPC, you must specify the security group ID.", + "title": "SourceSecurityGroupId", + "type": "string" + }, + "SourceSecurityGroupName": { + "markdownDescription": "[Default VPC] The name of the source security group. You must specify either the security group ID or the security group name. You can't specify the group name in combination with an IP address range. Creates rules that grant full ICMP, UDP, and TCP access.\n\nFor security groups in a nondefault VPC, you must specify the group ID.", + "title": "SourceSecurityGroupName", "type": "string" + }, + "SourceSecurityGroupOwnerId": { + "markdownDescription": "[nondefault VPC] The AWS account ID for the source security group, if the source security group is in a different account. You can't specify this property with an IP address range. Creates rules that grant full ICMP, UDP, and TCP access.\n\nIf you specify `SourceSecurityGroupName` or `SourceSecurityGroupId` and that security group is owned by a different account than the account creating the stack, you must specify `SourceSecurityGroupOwnerId` ; otherwise, this property is optional.", + "title": "SourceSecurityGroupOwnerId", + "type": "string" + }, + "ToPort": { + "markdownDescription": "The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code. A value of `-1` indicates all ICMP/ICMPv6 codes for the specified ICMP type. If you specify all ICMP/ICMPv6 types, you must specify all codes.\n\nUse this for ICMP and any protocol that uses ports.", + "title": "ToPort", + "type": "number" } }, "required": [ - "Engine", - "UserId", - "UserName" + "IpProtocol" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElastiCache::User" + "AWS::EC2::SecurityGroupIngress" ], "type": "string" }, @@ -91725,29 +97274,7 @@ ], "type": "object" }, - "AWS::ElastiCache::User.AuthenticationMode": { - "additionalProperties": false, - "properties": { - "Passwords": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the passwords to use for authentication if `Type` is set to `password` .", - "title": "Passwords", - "type": "array" - }, - "Type": { - "markdownDescription": "Specifies the authentication type. Possible options are IAM authentication, password and no password.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::ElastiCache::UserGroup": { + "AWS::EC2::SecurityGroupVpcAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -91782,43 +97309,26 @@ "Properties": { "additionalProperties": false, "properties": { - "Engine": { - "markdownDescription": "The current supported values are valkey and redis.", - "title": "Engine", + "GroupId": { + "markdownDescription": "The association's security group ID.", + "title": "GroupId", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The list of tags.", - "title": "Tags", - "type": "array" - }, - "UserGroupId": { - "markdownDescription": "The ID of the user group.", - "title": "UserGroupId", + "VpcId": { + "markdownDescription": "The association's VPC ID.", + "title": "VpcId", "type": "string" - }, - "UserIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of user IDs that belong to the user group. A user named `default` must be included.", - "title": "UserIds", - "type": "array" } }, "required": [ - "Engine", - "UserGroupId", - "UserIds" + "GroupId", + "VpcId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElastiCache::UserGroup" + "AWS::EC2::SecurityGroupVpcAssociation" ], "type": "string" }, @@ -91837,7 +97347,7 @@ ], "type": "object" }, - "AWS::ElasticBeanstalk::Application": { + "AWS::EC2::SnapshotBlockPublicAccess": { "additionalProperties": false, "properties": { "Condition": { @@ -91872,27 +97382,20 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationName": { - "markdownDescription": "A name for the Elastic Beanstalk application. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the application name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "ApplicationName", - "type": "string" - }, - "Description": { - "markdownDescription": "Your description of the application.", - "title": "Description", + "State": { + "markdownDescription": "The mode in which to enable block public access for snapshots for the Region. Specify one of the following values:\n\n- `block-all-sharing` - Prevents all public sharing of snapshots in the Region. Users in the account will no longer be able to request new public sharing. Additionally, snapshots that are already publicly shared are treated as private and they are no longer publicly available.\n\n> If you enable block public access for snapshots in `block-all-sharing` mode, it does not change the permissions for snapshots that are already publicly shared. Instead, it prevents these snapshots from be publicly visible and publicly accessible. Therefore, the attributes for these snapshots still indicate that they are publicly shared, even though they are not publicly available.\n- `block-new-sharing` - Prevents only new public sharing of snapshots in the Region. Users in the account will no longer be able to request new public sharing. However, snapshots that are already publicly shared, remain publicly available.", + "title": "State", "type": "string" - }, - "ResourceLifecycleConfig": { - "$ref": "#/definitions/AWS::ElasticBeanstalk::Application.ApplicationResourceLifecycleConfig", - "markdownDescription": "Specifies an application resource lifecycle configuration to prevent your application from accumulating too many versions.", - "title": "ResourceLifecycleConfig" } }, + "required": [ + "State" + ], "type": "object" }, "Type": { "enum": [ - "AWS::ElasticBeanstalk::Application" + "AWS::EC2::SnapshotBlockPublicAccess" ], "type": "string" }, @@ -91906,85 +97409,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::ElasticBeanstalk::Application.ApplicationResourceLifecycleConfig": { - "additionalProperties": false, - "properties": { - "ServiceRole": { - "markdownDescription": "The ARN of an IAM service role that Elastic Beanstalk has permission to assume.\n\nThe `ServiceRole` property is required the first time that you provide a `ResourceLifecycleConfig` for the application. After you provide it once, Elastic Beanstalk persists the Service Role with the application, and you don't need to specify it again. You can, however, specify it in subsequent updates to change the Service Role to another value.", - "title": "ServiceRole", - "type": "string" - }, - "VersionLifecycleConfig": { - "$ref": "#/definitions/AWS::ElasticBeanstalk::Application.ApplicationVersionLifecycleConfig", - "markdownDescription": "Defines lifecycle settings for application versions.", - "title": "VersionLifecycleConfig" - } - }, - "type": "object" - }, - "AWS::ElasticBeanstalk::Application.ApplicationVersionLifecycleConfig": { - "additionalProperties": false, - "properties": { - "MaxAgeRule": { - "$ref": "#/definitions/AWS::ElasticBeanstalk::Application.MaxAgeRule", - "markdownDescription": "Specify a max age rule to restrict the length of time that application versions are retained for an application.", - "title": "MaxAgeRule" - }, - "MaxCountRule": { - "$ref": "#/definitions/AWS::ElasticBeanstalk::Application.MaxCountRule", - "markdownDescription": "Specify a max count rule to restrict the number of application versions that are retained for an application.", - "title": "MaxCountRule" - } - }, - "type": "object" - }, - "AWS::ElasticBeanstalk::Application.MaxAgeRule": { - "additionalProperties": false, - "properties": { - "DeleteSourceFromS3": { - "markdownDescription": "Set to `true` to delete a version's source bundle from Amazon S3 when Elastic Beanstalk deletes the application version.", - "title": "DeleteSourceFromS3", - "type": "boolean" - }, - "Enabled": { - "markdownDescription": "Specify `true` to apply the rule, or `false` to disable it.", - "title": "Enabled", - "type": "boolean" - }, - "MaxAgeInDays": { - "markdownDescription": "Specify the number of days to retain an application versions.", - "title": "MaxAgeInDays", - "type": "number" - } - }, - "type": "object" - }, - "AWS::ElasticBeanstalk::Application.MaxCountRule": { - "additionalProperties": false, - "properties": { - "DeleteSourceFromS3": { - "markdownDescription": "Set to `true` to delete a version's source bundle from Amazon S3 when Elastic Beanstalk deletes the application version.", - "title": "DeleteSourceFromS3", - "type": "boolean" - }, - "Enabled": { - "markdownDescription": "Specify `true` to apply the rule, or `false` to disable it.", - "title": "Enabled", - "type": "boolean" - }, - "MaxCount": { - "markdownDescription": "Specify the maximum number of application versions to retain.", - "title": "MaxCount", - "type": "number" - } - }, - "type": "object" - }, - "AWS::ElasticBeanstalk::ApplicationVersion": { + "AWS::EC2::SpotFleet": { "additionalProperties": false, "properties": { "Condition": { @@ -92019,31 +97449,20 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationName": { - "markdownDescription": "The name of the Elastic Beanstalk application that is associated with this application version.", - "title": "ApplicationName", - "type": "string" - }, - "Description": { - "markdownDescription": "A description of this application version.", - "title": "Description", - "type": "string" - }, - "SourceBundle": { - "$ref": "#/definitions/AWS::ElasticBeanstalk::ApplicationVersion.SourceBundle", - "markdownDescription": "The Amazon S3 bucket and key that identify the location of the source bundle for this version.\n\n> The Amazon S3 bucket must be in the same region as the environment.", - "title": "SourceBundle" + "SpotFleetRequestConfigData": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotFleetRequestConfigData", + "markdownDescription": "Describes the configuration of a Spot Fleet request.", + "title": "SpotFleetRequestConfigData" } }, "required": [ - "ApplicationName", - "SourceBundle" + "SpotFleetRequestConfigData" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElasticBeanstalk::ApplicationVersion" + "AWS::EC2::SpotFleet" ], "type": "string" }, @@ -92062,1194 +97481,1020 @@ ], "type": "object" }, - "AWS::ElasticBeanstalk::ApplicationVersion.SourceBundle": { + "AWS::EC2::SpotFleet.AcceleratorCountRequest": { "additionalProperties": false, "properties": { - "S3Bucket": { - "markdownDescription": "The Amazon S3 bucket where the data is located.", - "title": "S3Bucket", - "type": "string" + "Max": { + "markdownDescription": "The maximum number of accelerators. To specify no maximum limit, omit this parameter. To exclude accelerator-enabled instance types, set `Max` to `0` .", + "title": "Max", + "type": "number" }, - "S3Key": { - "markdownDescription": "The Amazon S3 key where the data is located.", - "title": "S3Key", - "type": "string" + "Min": { + "markdownDescription": "The minimum number of accelerators. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" } }, - "required": [ - "S3Bucket", - "S3Key" - ], "type": "object" }, - "AWS::ElasticBeanstalk::ConfigurationTemplate": { + "AWS::EC2::SpotFleet.AcceleratorTotalMemoryMiBRequest": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Max": { + "markdownDescription": "The maximum amount of accelerator memory, in MiB. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ApplicationName": { - "markdownDescription": "The name of the Elastic Beanstalk application to associate with this configuration template.", - "title": "ApplicationName", - "type": "string" - }, - "Description": { - "markdownDescription": "An optional description for this configuration.", - "title": "Description", - "type": "string" - }, - "EnvironmentId": { - "markdownDescription": "The ID of an environment whose settings you want to use to create the configuration template. You must specify `EnvironmentId` if you don't specify `PlatformArn` , `SolutionStackName` , or `SourceConfiguration` .", - "title": "EnvironmentId", - "type": "string" - }, - "OptionSettings": { - "items": { - "$ref": "#/definitions/AWS::ElasticBeanstalk::ConfigurationTemplate.ConfigurationOptionSetting" - }, - "markdownDescription": "Option values for the Elastic Beanstalk configuration, such as the instance type. If specified, these values override the values obtained from the solution stack or the source configuration template. For a complete list of Elastic Beanstalk configuration options, see [Option Values](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/command-options.html) in the *AWS Elastic Beanstalk Developer Guide* .", - "title": "OptionSettings", - "type": "array" - }, - "PlatformArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the custom platform. For more information, see [Custom Platforms](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/custom-platforms.html) in the *AWS Elastic Beanstalk Developer Guide* .\n\n> If you specify `PlatformArn` , then don't specify `SolutionStackName` .", - "title": "PlatformArn", - "type": "string" - }, - "SolutionStackName": { - "markdownDescription": "The name of an Elastic Beanstalk solution stack (platform version) that this configuration uses. For example, `64bit Amazon Linux 2013.09 running Tomcat 7 Java 7` . A solution stack specifies the operating system, runtime, and application server for a configuration template. It also determines the set of configuration options as well as the possible and default values. For more information, see [Supported Platforms](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/concepts.platforms.html) in the *AWS Elastic Beanstalk Developer Guide* .\n\nYou must specify `SolutionStackName` if you don't specify `PlatformArn` , `EnvironmentId` , or `SourceConfiguration` .\n\nUse the [`ListAvailableSolutionStacks`](https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_ListAvailableSolutionStacks.html) API to obtain a list of available solution stacks.", - "title": "SolutionStackName", - "type": "string" - }, - "SourceConfiguration": { - "$ref": "#/definitions/AWS::ElasticBeanstalk::ConfigurationTemplate.SourceConfiguration", - "markdownDescription": "An Elastic Beanstalk configuration template to base this one on. If specified, Elastic Beanstalk uses the configuration values from the specified configuration template to create a new configuration.\n\nValues specified in `OptionSettings` override any values obtained from the `SourceConfiguration` .\n\nYou must specify `SourceConfiguration` if you don't specify `PlatformArn` , `EnvironmentId` , or `SolutionStackName` .\n\nConstraint: If both solution stack name and source configuration are specified, the solution stack of the source configuration template must match the specified solution stack name.", - "title": "SourceConfiguration" - } - }, - "required": [ - "ApplicationName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::ElasticBeanstalk::ConfigurationTemplate" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Min": { + "markdownDescription": "The minimum amount of accelerator memory, in MiB. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::ElasticBeanstalk::ConfigurationTemplate.ConfigurationOptionSetting": { + "AWS::EC2::SpotFleet.BaselineEbsBandwidthMbpsRequest": { "additionalProperties": false, "properties": { - "Namespace": { - "markdownDescription": "A unique namespace that identifies the option's associated AWS resource.", - "title": "Namespace", - "type": "string" - }, - "OptionName": { - "markdownDescription": "The name of the configuration option.", - "title": "OptionName", - "type": "string" - }, - "ResourceName": { - "markdownDescription": "A unique resource name for the option setting. Use it for a time\u2013based scaling configuration option.", - "title": "ResourceName", - "type": "string" + "Max": { + "markdownDescription": "The maximum baseline bandwidth, in Mbps. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" }, - "Value": { - "markdownDescription": "The current value for the configuration option.", - "title": "Value", - "type": "string" + "Min": { + "markdownDescription": "The minimum baseline bandwidth, in Mbps. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" } }, - "required": [ - "Namespace", - "OptionName" - ], "type": "object" }, - "AWS::ElasticBeanstalk::ConfigurationTemplate.SourceConfiguration": { + "AWS::EC2::SpotFleet.BaselinePerformanceFactorsRequest": { "additionalProperties": false, "properties": { - "ApplicationName": { - "markdownDescription": "The name of the application associated with the configuration.", - "title": "ApplicationName", - "type": "string" - }, - "TemplateName": { - "markdownDescription": "The name of the configuration template.", - "title": "TemplateName", - "type": "string" + "Cpu": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.CpuPerformanceFactorRequest", + "markdownDescription": "The CPU performance to consider, using an instance family as the baseline reference.", + "title": "Cpu" } }, - "required": [ - "ApplicationName", - "TemplateName" - ], "type": "object" }, - "AWS::ElasticBeanstalk::Environment": { + "AWS::EC2::SpotFleet.BlockDeviceMapping": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DeviceName": { + "markdownDescription": "The device name (for example, `/dev/sdh` or `xvdh` ).", + "title": "DeviceName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ApplicationName": { - "markdownDescription": "The name of the application that is associated with this environment.", - "title": "ApplicationName", - "type": "string" - }, - "CNAMEPrefix": { - "markdownDescription": "If specified, the environment attempts to use this value as the prefix for the CNAME in your Elastic Beanstalk environment URL. If not specified, the CNAME is generated automatically by appending a random alphanumeric string to the environment name.", - "title": "CNAMEPrefix", - "type": "string" - }, - "Description": { - "markdownDescription": "Your description for this environment.", - "title": "Description", - "type": "string" - }, - "EnvironmentName": { - "markdownDescription": "A unique name for the environment.\n\nConstraint: Must be from 4 to 40 characters in length. The name can contain only letters, numbers, and hyphens. It can't start or end with a hyphen. This name must be unique within a region in your account.\n\nIf you don't specify the `CNAMEPrefix` parameter, the environment name becomes part of the CNAME, and therefore part of the visible URL for your application.\n\nIf you don't specify an environment name, AWS CloudFormation generates a unique physical ID and uses that ID for the environment name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "EnvironmentName", - "type": "string" - }, - "OperationsRole": { - "markdownDescription": "> The operations role feature of AWS Elastic Beanstalk is in beta release and is subject to change. \n\nThe Amazon Resource Name (ARN) of an existing IAM role to be used as the environment's operations role. If specified, Elastic Beanstalk uses the operations role for permissions to downstream services during this call and during subsequent calls acting on this environment. To specify an operations role, you must have the `iam:PassRole` permission for the role.", - "title": "OperationsRole", - "type": "string" - }, - "OptionSettings": { - "items": { - "$ref": "#/definitions/AWS::ElasticBeanstalk::Environment.OptionSetting" - }, - "markdownDescription": "Key-value pairs defining configuration options for this environment, such as the instance type. These options override the values that are defined in the solution stack or the [configuration template](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-beanstalk-configurationtemplate.html) . If you remove any options during a stack update, the removed options retain their current values.", - "title": "OptionSettings", - "type": "array" - }, - "PlatformArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the custom platform to use with the environment. For more information, see [Custom Platforms](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/custom-platforms.html) in the *AWS Elastic Beanstalk Developer Guide* .\n\n> If you specify `PlatformArn` , don't specify `SolutionStackName` .", - "title": "PlatformArn", - "type": "string" - }, - "SolutionStackName": { - "markdownDescription": "The name of an Elastic Beanstalk solution stack (platform version) to use with the environment. If specified, Elastic Beanstalk sets the configuration values to the default values associated with the specified solution stack. For a list of current solution stacks, see [Elastic Beanstalk Supported Platforms](https://docs.aws.amazon.com/elasticbeanstalk/latest/platforms/platforms-supported.html) in the *AWS Elastic Beanstalk Platforms* guide.\n\n> If you specify `SolutionStackName` , don't specify `PlatformArn` or `TemplateName` .", - "title": "SolutionStackName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Specifies the tags applied to resources in the environment.", - "title": "Tags", - "type": "array" - }, - "TemplateName": { - "markdownDescription": "The name of the Elastic Beanstalk configuration template to use with the environment.\n\n> If you specify `TemplateName` , then don't specify `SolutionStackName` .", - "title": "TemplateName", - "type": "string" - }, - "Tier": { - "$ref": "#/definitions/AWS::ElasticBeanstalk::Environment.Tier", - "markdownDescription": "Specifies the tier to use in creating this environment. The environment tier that you choose determines whether Elastic Beanstalk provisions resources to support a web application that handles HTTP(S) requests or a web application that handles background-processing tasks.", - "title": "Tier" - }, - "VersionLabel": { - "markdownDescription": "The name of the application version to deploy.\n\nDefault: If not specified, Elastic Beanstalk attempts to deploy the sample application.", - "title": "VersionLabel", - "type": "string" - } - }, - "required": [ - "ApplicationName" - ], - "type": "object" + "Ebs": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.EbsBlockDevice", + "markdownDescription": "Parameters used to automatically set up EBS volumes when the instance is launched.", + "title": "Ebs" }, - "Type": { - "enum": [ - "AWS::ElasticBeanstalk::Environment" - ], + "NoDevice": { + "markdownDescription": "To omit the device from the block device mapping, specify an empty string. When this property is specified, the device is removed from the block device mapping regardless of the assigned value.", + "title": "NoDevice", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VirtualName": { + "markdownDescription": "The virtual device name ( `ephemeral` N). Instance store volumes are numbered starting from 0. An instance type with 2 available instance store volumes can specify mappings for `ephemeral0` and `ephemeral1` . The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume.\n\nNVMe instance store volumes are automatically enumerated and assigned a device name. Including them in your block device mapping has no effect.\n\nConstraints: For M3 instances, you must specify instance store volumes in the block device mapping for the instance. When you launch an M3 instance, we ignore any instance store volumes specified in the block device mapping for the AMI.", + "title": "VirtualName", "type": "string" } }, "required": [ - "Type", - "Properties" + "DeviceName" ], "type": "object" }, - "AWS::ElasticBeanstalk::Environment.OptionSetting": { + "AWS::EC2::SpotFleet.ClassicLoadBalancer": { "additionalProperties": false, "properties": { - "Namespace": { - "markdownDescription": "A unique namespace that identifies the option's associated AWS resource.", - "title": "Namespace", - "type": "string" - }, - "OptionName": { - "markdownDescription": "The name of the configuration option.", - "title": "OptionName", - "type": "string" - }, - "ResourceName": { - "markdownDescription": "A unique resource name for the option setting. Use it for a time\u2013based scaling configuration option.", - "title": "ResourceName", - "type": "string" - }, - "Value": { - "markdownDescription": "The current value for the configuration option.", - "title": "Value", + "Name": { + "markdownDescription": "The name of the load balancer.", + "title": "Name", "type": "string" } }, "required": [ - "Namespace", - "OptionName" + "Name" ], "type": "object" }, - "AWS::ElasticBeanstalk::Environment.Tier": { + "AWS::EC2::SpotFleet.ClassicLoadBalancersConfig": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of this environment tier.\n\nValid values:\n\n- For *Web server tier* \u2013 `WebServer`\n- For *Worker tier* \u2013 `Worker`", - "title": "Name", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of this environment tier.\n\nValid values:\n\n- For *Web server tier* \u2013 `Standard`\n- For *Worker tier* \u2013 `SQS/HTTP`", - "title": "Type", - "type": "string" - }, - "Version": { - "markdownDescription": "The version of this environment tier. When you don't set a value to it, Elastic Beanstalk uses the latest compatible worker tier version.\n\n> This member is deprecated. Any specific version that you set may become out of date. We recommend leaving it unspecified.", - "title": "Version", - "type": "string" + "ClassicLoadBalancers": { + "items": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.ClassicLoadBalancer" + }, + "markdownDescription": "One or more Classic Load Balancers.", + "title": "ClassicLoadBalancers", + "type": "array" } }, + "required": [ + "ClassicLoadBalancers" + ], "type": "object" }, - "AWS::ElasticLoadBalancing::LoadBalancer": { + "AWS::EC2::SpotFleet.CpuPerformanceFactorRequest": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AccessLoggingPolicy": { - "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.AccessLoggingPolicy", - "markdownDescription": "Information about where and how access logs are stored for the load balancer.", - "title": "AccessLoggingPolicy" - }, - "AppCookieStickinessPolicy": { - "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.AppCookieStickinessPolicy" - }, - "markdownDescription": "Information about a policy for application-controlled session stickiness.", - "title": "AppCookieStickinessPolicy", - "type": "array" - }, - "AvailabilityZones": { - "items": { - "type": "string" - }, - "markdownDescription": "The Availability Zones for a load balancer in a default VPC. For a load balancer in a nondefault VPC, specify `Subnets` instead.\n\nUpdate requires replacement if you did not previously specify an Availability Zone or if you are removing all Availability Zones. Otherwise, update requires no interruption.", - "title": "AvailabilityZones", - "type": "array" - }, - "ConnectionDrainingPolicy": { - "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.ConnectionDrainingPolicy", - "markdownDescription": "If enabled, the load balancer allows existing requests to complete before the load balancer shifts traffic away from a deregistered or unhealthy instance.\n\nFor more information, see [Configure connection draining](https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/config-conn-drain.html) in the *User Guide for Classic Load Balancers* .", - "title": "ConnectionDrainingPolicy" - }, - "ConnectionSettings": { - "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.ConnectionSettings", - "markdownDescription": "If enabled, the load balancer allows the connections to remain idle (no data is sent over the connection) for the specified duration.\n\nBy default, Elastic Load Balancing maintains a 60-second idle connection timeout for both front-end and back-end connections of your load balancer. For more information, see [Configure idle connection timeout](https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/config-idle-timeout.html) in the *User Guide for Classic Load Balancers* .", - "title": "ConnectionSettings" - }, - "CrossZone": { - "markdownDescription": "If enabled, the load balancer routes the request traffic evenly across all instances regardless of the Availability Zones.\n\nFor more information, see [Configure cross-zone load balancing](https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-disable-crosszone-lb.html) in the *User Guide for Classic Load Balancers* .", - "title": "CrossZone", - "type": "boolean" - }, - "HealthCheck": { - "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.HealthCheck", - "markdownDescription": "The health check settings to use when evaluating the health of your EC2 instances.\n\nUpdate requires replacement if you did not previously specify health check settings or if you are removing the health check settings. Otherwise, update requires no interruption.", - "title": "HealthCheck" - }, - "Instances": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the instances for the load balancer.", - "title": "Instances", - "type": "array" - }, - "LBCookieStickinessPolicy": { - "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.LBCookieStickinessPolicy" - }, - "markdownDescription": "Information about a policy for duration-based session stickiness.", - "title": "LBCookieStickinessPolicy", - "type": "array" - }, - "Listeners": { - "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.Listeners" - }, - "markdownDescription": "The listeners for the load balancer. You can specify at most one listener per port.\n\nIf you update the properties for a listener, AWS CloudFormation deletes the existing listener and creates a new one with the specified properties. While the new listener is being created, clients cannot connect to the load balancer.", - "title": "Listeners", - "type": "array" - }, - "LoadBalancerName": { - "markdownDescription": "The name of the load balancer. This name must be unique within your set of load balancers for the region.\n\nIf you don't specify a name, AWS CloudFormation generates a unique physical ID for the load balancer. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) . If you specify a name, you cannot perform updates that require replacement of this resource, but you can perform other updates. To replace the resource, specify a new name.", - "title": "LoadBalancerName", - "type": "string" - }, - "Policies": { - "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.Policies" - }, - "markdownDescription": "The policies defined for your Classic Load Balancer. Specify only back-end server policies.", - "title": "Policies", - "type": "array" - }, - "Scheme": { - "markdownDescription": "The type of load balancer. Valid only for load balancers in a VPC.\n\nIf `Scheme` is `internet-facing` , the load balancer has a public DNS name that resolves to a public IP address.\n\nIf `Scheme` is `internal` , the load balancer has a public DNS name that resolves to a private IP address.", - "title": "Scheme", - "type": "string" - }, - "SecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "The security groups for the load balancer. Valid only for load balancers in a VPC.", - "title": "SecurityGroups", - "type": "array" - }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the subnets for the load balancer. You can specify at most one subnet per Availability Zone.\n\nUpdate requires replacement if you did not previously specify a subnet or if you are removing all subnets. Otherwise, update requires no interruption. To update to a different subnet in the current Availability Zone, you must first update to a subnet in a different Availability Zone, then update to the new subnet in the original Availability Zone.", - "title": "Subnets", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags associated with a load balancer.", - "title": "Tags", - "type": "array" - } + "References": { + "items": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.PerformanceFactorReferenceRequest" }, - "required": [ - "Listeners" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::ElasticLoadBalancing::LoadBalancer" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "markdownDescription": "Specify an instance family to use as the baseline reference for CPU performance. All instance types that match your specified attributes will be compared against the CPU performance of the referenced instance family, regardless of CPU manufacturer or architecture differences.\n\n> Currently, only one instance family can be specified in the list.", + "title": "References", + "type": "array" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::ElasticLoadBalancing::LoadBalancer.AccessLoggingPolicy": { + "AWS::EC2::SpotFleet.EbsBlockDevice": { "additionalProperties": false, "properties": { - "EmitInterval": { - "markdownDescription": "The interval for publishing the access logs. You can specify an interval of either 5 minutes or 60 minutes.\n\nDefault: 60 minutes", - "title": "EmitInterval", - "type": "number" + "DeleteOnTermination": { + "markdownDescription": "Indicates whether the EBS volume is deleted on instance termination. For more information, see [Preserving Amazon EBS volumes on instance termination](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#preserving-volumes-on-termination) in the *Amazon EC2 User Guide* .", + "title": "DeleteOnTermination", + "type": "boolean" }, - "Enabled": { - "markdownDescription": "Specifies whether access logs are enabled for the load balancer.", - "title": "Enabled", + "Encrypted": { + "markdownDescription": "Indicates whether the encryption state of an EBS volume is changed while being restored from a backing snapshot. The effect of setting the encryption state to `true` depends on the volume origin (new or from a snapshot), starting encryption state, ownership, and whether encryption by default is enabled. For more information, see [Amazon EBS Encryption](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#encryption-parameters) in the *Amazon EC2 User Guide* .\n\nIn no case can you remove encryption from an encrypted volume.\n\nEncrypted volumes can only be attached to instances that support Amazon EBS encryption. For more information, see [Supported Instance Types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#EBSEncryption_supported_instances) .\n\nThis parameter is not returned by [DescribeImageAttribute](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeImageAttribute.html) .", + "title": "Encrypted", "type": "boolean" }, - "S3BucketName": { - "markdownDescription": "The name of the Amazon S3 bucket where the access logs are stored.", - "title": "S3BucketName", + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS). For `gp3` , `io1` , and `io2` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n\nThe following are the supported values for each volume type:\n\n- `gp3` : 3,000 - 16,000 IOPS\n- `io1` : 100 - 64,000 IOPS\n- `io2` : 100 - 256,000 IOPS\n\nFor `io2` volumes, you can achieve up to 256,000 IOPS on [instances built on the Nitro System](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances) . On other instances, you can achieve performance up to 32,000 IOPS.\n\nThis parameter is required for `io1` and `io2` volumes. The default for `gp3` volumes is 3,000 IOPS.", + "title": "Iops", + "type": "number" + }, + "SnapshotId": { + "markdownDescription": "The ID of the snapshot.", + "title": "SnapshotId", "type": "string" }, - "S3BucketPrefix": { - "markdownDescription": "The logical hierarchy you created for your Amazon S3 bucket, for example `my-bucket-prefix/prod` . If the prefix is not provided, the log is placed at the root level of the bucket.", - "title": "S3BucketPrefix", + "VolumeSize": { + "markdownDescription": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. If you specify a snapshot, the default is the snapshot size. You can specify a volume size that is equal to or larger than the snapshot size.\n\nThe following are the supported sizes for each volume type:\n\n- `gp2` and `gp3` : 1 - 16,384 GiB\n- `io1` : 4 - 16,384 GiB\n- `io2` : 4 - 65,536 GiB\n- `st1` and `sc1` : 125 - 16,384 GiB\n- `standard` : 1 - 1024 GiB", + "title": "VolumeSize", + "type": "number" + }, + "VolumeType": { + "markdownDescription": "The volume type. For more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volume-types.html) in the *Amazon EBS User Guide* .", + "title": "VolumeType", "type": "string" } }, - "required": [ - "Enabled", - "S3BucketName" - ], "type": "object" }, - "AWS::ElasticLoadBalancing::LoadBalancer.AppCookieStickinessPolicy": { + "AWS::EC2::SpotFleet.FleetLaunchTemplateSpecification": { "additionalProperties": false, "properties": { - "CookieName": { - "markdownDescription": "The name of the application cookie used for stickiness.", - "title": "CookieName", + "LaunchTemplateId": { + "markdownDescription": "The ID of the launch template.\n\nYou must specify the `LaunchTemplateId` or the `LaunchTemplateName` , but not both.", + "title": "LaunchTemplateId", "type": "string" }, - "PolicyName": { - "markdownDescription": "The mnemonic name for the policy being created. The name must be unique within a set of policies for this load balancer.", - "title": "PolicyName", + "LaunchTemplateName": { + "markdownDescription": "The name of the launch template.\n\nYou must specify the `LaunchTemplateName` or the `LaunchTemplateId` , but not both.", + "title": "LaunchTemplateName", + "type": "string" + }, + "Version": { + "markdownDescription": "The version number of the launch template.\n\nSpecifying `$Latest` or `$Default` for the template version number is not supported. However, you can specify `LatestVersionNumber` or `DefaultVersionNumber` using the `Fn::GetAtt` intrinsic function. For more information, see [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html#aws-resource-ec2-launchtemplate-return-values-fn--getatt) .", + "title": "Version", "type": "string" } }, "required": [ - "CookieName", - "PolicyName" + "Version" ], "type": "object" }, - "AWS::ElasticLoadBalancing::LoadBalancer.ConnectionDrainingPolicy": { + "AWS::EC2::SpotFleet.GroupIdentifier": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Specifies whether connection draining is enabled for the load balancer.", - "title": "Enabled", - "type": "boolean" - }, - "Timeout": { - "markdownDescription": "The maximum time, in seconds, to keep the existing connections open before deregistering the instances.", - "title": "Timeout", - "type": "number" + "GroupId": { + "markdownDescription": "The ID of the security group.", + "title": "GroupId", + "type": "string" } }, "required": [ - "Enabled" + "GroupId" ], "type": "object" }, - "AWS::ElasticLoadBalancing::LoadBalancer.ConnectionSettings": { + "AWS::EC2::SpotFleet.IamInstanceProfileSpecification": { "additionalProperties": false, "properties": { - "IdleTimeout": { - "markdownDescription": "The time, in seconds, that the connection is allowed to be idle (no data has been sent over the connection) before it is closed by the load balancer.", - "title": "IdleTimeout", - "type": "number" + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance profile.", + "title": "Arn", + "type": "string" } }, - "required": [ - "IdleTimeout" - ], "type": "object" }, - "AWS::ElasticLoadBalancing::LoadBalancer.HealthCheck": { + "AWS::EC2::SpotFleet.InstanceIpv6Address": { "additionalProperties": false, "properties": { - "HealthyThreshold": { - "markdownDescription": "The number of consecutive health checks successes required before moving the instance to the `Healthy` state.", - "title": "HealthyThreshold", - "type": "string" - }, - "Interval": { - "markdownDescription": "The approximate interval, in seconds, between health checks of an individual instance.", - "title": "Interval", - "type": "string" - }, - "Target": { - "markdownDescription": "The instance being checked. The protocol is either TCP, HTTP, HTTPS, or SSL. The range of valid ports is one (1) through 65535.\n\nTCP is the default, specified as a TCP: port pair, for example \"TCP:5000\". In this case, a health check simply attempts to open a TCP connection to the instance on the specified port. Failure to connect within the configured timeout is considered unhealthy.\n\nSSL is also specified as SSL: port pair, for example, SSL:5000.\n\nFor HTTP/HTTPS, you must include a ping path in the string. HTTP is specified as a HTTP:port;/;PathToPing; grouping, for example \"HTTP:80/weather/us/wa/seattle\". In this case, a HTTP GET request is issued to the instance on the given port and path. Any answer other than \"200 OK\" within the timeout period is considered unhealthy.\n\nThe total length of the HTTP ping target must be 1024 16-bit Unicode characters or less.", - "title": "Target", - "type": "string" - }, - "Timeout": { - "markdownDescription": "The amount of time, in seconds, during which no response means a failed health check.\n\nThis value must be less than the `Interval` value.", - "title": "Timeout", - "type": "string" - }, - "UnhealthyThreshold": { - "markdownDescription": "The number of consecutive health check failures required before moving the instance to the `Unhealthy` state.", - "title": "UnhealthyThreshold", + "Ipv6Address": { + "markdownDescription": "The IPv6 address.", + "title": "Ipv6Address", "type": "string" } }, "required": [ - "HealthyThreshold", - "Interval", - "Target", - "Timeout", - "UnhealthyThreshold" + "Ipv6Address" ], "type": "object" }, - "AWS::ElasticLoadBalancing::LoadBalancer.LBCookieStickinessPolicy": { + "AWS::EC2::SpotFleet.InstanceNetworkInterfaceSpecification": { "additionalProperties": false, "properties": { - "CookieExpirationPeriod": { - "markdownDescription": "The time period, in seconds, after which the cookie should be considered stale. If this parameter is not specified, the stickiness session lasts for the duration of the browser session.", - "title": "CookieExpirationPeriod", - "type": "string" + "AssociatePublicIpAddress": { + "markdownDescription": "Indicates whether to assign a public IPv4 address to an instance you launch in a VPC. The public IP address can only be assigned to a network interface for eth0, and can only be assigned to a new network interface, not an existing one. You cannot specify more than one network interface in the request. If launching into a default subnet, the default value is `true` .\n\nAWS charges for all public IPv4 addresses, including public IPv4 addresses associated with running instances and Elastic IP addresses. For more information, see the *Public IPv4 Address* tab on the [Amazon VPC pricing page](https://docs.aws.amazon.com/vpc/pricing/) .", + "title": "AssociatePublicIpAddress", + "type": "boolean" }, - "PolicyName": { - "markdownDescription": "The name of the policy. This name must be unique within the set of policies for this load balancer.", - "title": "PolicyName", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancing::LoadBalancer.Listeners": { - "additionalProperties": false, - "properties": { - "InstancePort": { - "markdownDescription": "The port on which the instance is listening.", - "title": "InstancePort", - "type": "string" + "DeleteOnTermination": { + "markdownDescription": "Indicates whether the network interface is deleted when the instance is terminated.", + "title": "DeleteOnTermination", + "type": "boolean" }, - "InstanceProtocol": { - "markdownDescription": "The protocol to use for routing traffic to instances: HTTP, HTTPS, TCP, or SSL.\n\nIf the front-end protocol is TCP or SSL, the back-end protocol must be TCP or SSL. If the front-end protocol is HTTP or HTTPS, the back-end protocol must be HTTP or HTTPS.\n\nIf there is another listener with the same `InstancePort` whose `InstanceProtocol` is secure, (HTTPS or SSL), the listener's `InstanceProtocol` must also be secure.\n\nIf there is another listener with the same `InstancePort` whose `InstanceProtocol` is HTTP or TCP, the listener's `InstanceProtocol` must be HTTP or TCP.", - "title": "InstanceProtocol", + "Description": { + "markdownDescription": "The description of the network interface. Applies only if creating a network interface when launching an instance.", + "title": "Description", "type": "string" }, - "LoadBalancerPort": { - "markdownDescription": "The port on which the load balancer is listening. On EC2-VPC, you can specify any port from the range 1-65535. On EC2-Classic, you can specify any port from the following list: 25, 80, 443, 465, 587, 1024-65535.", - "title": "LoadBalancerPort", - "type": "string" + "DeviceIndex": { + "markdownDescription": "The position of the network interface in the attachment order. A primary network interface has a device index of 0.\n\nIf you specify a network interface when launching an instance, you must specify the device index.", + "title": "DeviceIndex", + "type": "number" }, - "PolicyNames": { + "Groups": { "items": { "type": "string" }, - "markdownDescription": "The names of the policies to associate with the listener.", - "title": "PolicyNames", + "markdownDescription": "The IDs of the security groups for the network interface. Applies only if creating a network interface when launching an instance.", + "title": "Groups", "type": "array" }, - "Protocol": { - "markdownDescription": "The load balancer transport protocol to use for routing: HTTP, HTTPS, TCP, or SSL.", - "title": "Protocol", + "Ipv6AddressCount": { + "markdownDescription": "A number of IPv6 addresses to assign to the network interface. Amazon EC2 chooses the IPv6 addresses from the range of the subnet. You cannot specify this option and the option to assign specific IPv6 addresses in the same request. You can specify this option if you've specified a minimum number of instances to launch.", + "title": "Ipv6AddressCount", + "type": "number" + }, + "Ipv6Addresses": { + "items": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.InstanceIpv6Address" + }, + "markdownDescription": "The IPv6 addresses to assign to the network interface. You cannot specify this option and the option to assign a number of IPv6 addresses in the same request. You cannot specify this option if you've specified a minimum number of instances to launch.", + "title": "Ipv6Addresses", + "type": "array" + }, + "NetworkInterfaceId": { + "markdownDescription": "The ID of the network interface.\n\nIf you are creating a Spot Fleet, omit this parameter because you can\u2019t specify a network interface ID in a launch specification.", + "title": "NetworkInterfaceId", "type": "string" }, - "SSLCertificateId": { - "markdownDescription": "The Amazon Resource Name (ARN) of the server certificate.", - "title": "SSLCertificateId", + "PrivateIpAddresses": { + "items": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.PrivateIpAddressSpecification" + }, + "markdownDescription": "The private IPv4 addresses to assign to the network interface. Only one private IPv4 address can be designated as primary. You cannot specify this option if you're launching more than one instance in a [RunInstances](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html) request.", + "title": "PrivateIpAddresses", + "type": "array" + }, + "SecondaryPrivateIpAddressCount": { + "markdownDescription": "The number of secondary private IPv4 addresses. You can\u2019t specify this parameter and also specify a secondary private IP address using the `PrivateIpAddress` parameter.", + "title": "SecondaryPrivateIpAddressCount", + "type": "number" + }, + "SubnetId": { + "markdownDescription": "The ID of the subnet associated with the network interface.", + "title": "SubnetId", "type": "string" } }, - "required": [ - "InstancePort", - "LoadBalancerPort", - "Protocol" - ], "type": "object" }, - "AWS::ElasticLoadBalancing::LoadBalancer.Policies": { + "AWS::EC2::SpotFleet.InstanceRequirementsRequest": { "additionalProperties": false, "properties": { - "Attributes": { + "AcceleratorCount": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.AcceleratorCountRequest", + "markdownDescription": "The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferentia chips) on an instance.\n\nTo exclude accelerator-enabled instance types, set `Max` to `0` .\n\nDefault: No minimum or maximum limits", + "title": "AcceleratorCount" + }, + "AcceleratorManufacturers": { "items": { - "type": "object" + "type": "string" }, - "markdownDescription": "The policy attributes.", - "title": "Attributes", + "markdownDescription": "Indicates whether instance types must have accelerators by specific manufacturers.\n\n- For instance types with AWS devices, specify `amazon-web-services` .\n- For instance types with AMD devices, specify `amd` .\n- For instance types with Habana devices, specify `habana` .\n- For instance types with NVIDIA devices, specify `nvidia` .\n- For instance types with Xilinx devices, specify `xilinx` .\n\nDefault: Any manufacturer", + "title": "AcceleratorManufacturers", "type": "array" }, - "InstancePorts": { + "AcceleratorNames": { "items": { "type": "string" }, - "markdownDescription": "The instance ports for the policy. Required only for some policy types.", - "title": "InstancePorts", + "markdownDescription": "The accelerators that must be on the instance type.\n\n- For instance types with NVIDIA A10G GPUs, specify `a10g` .\n- For instance types with NVIDIA A100 GPUs, specify `a100` .\n- For instance types with NVIDIA H100 GPUs, specify `h100` .\n- For instance types with AWS Inferentia chips, specify `inferentia` .\n- For instance types with NVIDIA GRID K520 GPUs, specify `k520` .\n- For instance types with NVIDIA K80 GPUs, specify `k80` .\n- For instance types with NVIDIA M60 GPUs, specify `m60` .\n- For instance types with AMD Radeon Pro V520 GPUs, specify `radeon-pro-v520` .\n- For instance types with NVIDIA T4 GPUs, specify `t4` .\n- For instance types with NVIDIA T4G GPUs, specify `t4g` .\n- For instance types with Xilinx VU9P FPGAs, specify `vu9p` .\n- For instance types with NVIDIA V100 GPUs, specify `v100` .\n\nDefault: Any accelerator", + "title": "AcceleratorNames", "type": "array" }, - "LoadBalancerPorts": { + "AcceleratorTotalMemoryMiB": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.AcceleratorTotalMemoryMiBRequest", + "markdownDescription": "The minimum and maximum amount of total accelerator memory, in MiB.\n\nDefault: No minimum or maximum limits", + "title": "AcceleratorTotalMemoryMiB" + }, + "AcceleratorTypes": { "items": { "type": "string" }, - "markdownDescription": "The load balancer ports for the policy. Required only for some policy types.", - "title": "LoadBalancerPorts", + "markdownDescription": "The accelerator types that must be on the instance type.\n\n- For instance types with FPGA accelerators, specify `fpga` .\n- For instance types with GPU accelerators, specify `gpu` .\n- For instance types with Inference accelerators, specify `inference` .\n\nDefault: Any accelerator type", + "title": "AcceleratorTypes", "type": "array" }, - "PolicyName": { - "markdownDescription": "The name of the policy.", - "title": "PolicyName", - "type": "string" + "AllowedInstanceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The instance types to apply your specified attributes against. All other instance types are ignored, even if they match your specified attributes.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to allow an instance type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will allow the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will allow all the M5a instance types, but not the M5n instance types.\n\n> If you specify `AllowedInstanceTypes` , you can't specify `ExcludedInstanceTypes` . \n\nDefault: All instance types", + "title": "AllowedInstanceTypes", + "type": "array" }, - "PolicyType": { - "markdownDescription": "The name of the policy type.", - "title": "PolicyType", - "type": "string" - } - }, - "required": [ - "Attributes", - "PolicyName", - "PolicyType" - ], - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::Listener": { - "additionalProperties": false, - "properties": { - "Condition": { + "BareMetal": { + "markdownDescription": "Indicates whether bare metal instance types must be included, excluded, or required.\n\n- To include bare metal instance types, specify `included` .\n- To require only bare metal instance types, specify `required` .\n- To exclude bare metal instance types, specify `excluded` .\n\nDefault: `excluded`", + "title": "BareMetal", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "BaselineEbsBandwidthMbps": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.BaselineEbsBandwidthMbpsRequest", + "markdownDescription": "The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps. For more information, see [Amazon EBS\u2013optimized instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-optimized.html) in the *Amazon EC2 User Guide* .\n\nDefault: No minimum or maximum limits", + "title": "BaselineEbsBandwidthMbps" + }, + "BaselinePerformanceFactors": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.BaselinePerformanceFactorsRequest", + "markdownDescription": "The baseline performance to consider, using an instance family as a baseline reference. The instance family establishes the lowest acceptable level of performance. Amazon EC2 uses this baseline to guide instance type selection, but there is no guarantee that the selected instance types will always exceed the baseline for every application. Currently, this parameter only supports CPU performance as a baseline performance factor. For more information, see [Performance protection](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-attribute-based-instance-type-selection.html#ec2fleet-abis-performance-protection) in the *Amazon EC2 User Guide* .", + "title": "BaselinePerformanceFactors" + }, + "BurstablePerformance": { + "markdownDescription": "Indicates whether burstable performance T instance types are included, excluded, or required. For more information, see [Burstable performance instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) .\n\n- To include burstable performance instance types, specify `included` .\n- To require only burstable performance instance types, specify `required` .\n- To exclude burstable performance instance types, specify `excluded` .\n\nDefault: `excluded`", + "title": "BurstablePerformance", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "CpuManufacturers": { + "items": { + "type": "string" + }, + "markdownDescription": "The CPU manufacturers to include.\n\n- For instance types with Intel CPUs, specify `intel` .\n- For instance types with AMD CPUs, specify `amd` .\n- For instance types with AWS CPUs, specify `amazon-web-services` .\n- For instance types with Apple CPUs, specify `apple` .\n\n> Don't confuse the CPU manufacturer with the CPU architecture. Instances will be launched with a compatible CPU architecture based on the Amazon Machine Image (AMI) that you specify in your launch template. \n\nDefault: Any manufacturer", + "title": "CpuManufacturers", + "type": "array" }, - "Metadata": { - "type": "object" + "ExcludedInstanceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The instance types to exclude.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to exclude an instance family, type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will exclude the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will exclude all the M5a instance types, but not the M5n instance types.\n\n> If you specify `ExcludedInstanceTypes` , you can't specify `AllowedInstanceTypes` . \n\nDefault: No excluded instance types", + "title": "ExcludedInstanceTypes", + "type": "array" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AlpnPolicy": { - "items": { - "type": "string" - }, - "markdownDescription": "[TLS listener] The name of the Application-Layer Protocol Negotiation (ALPN) policy.", - "title": "AlpnPolicy", - "type": "array" - }, - "Certificates": { - "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.Certificate" - }, - "markdownDescription": "The default SSL server certificate for a secure listener. You must provide exactly one certificate if the listener protocol is HTTPS or TLS.\n\nTo create a certificate list for a secure listener, use [AWS::ElasticLoadBalancingV2::ListenerCertificate](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-listenercertificate.html) .", - "title": "Certificates", - "type": "array" - }, - "DefaultActions": { - "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.Action" - }, - "markdownDescription": "The actions for the default rule. You cannot define a condition for a default rule.\n\nTo create additional rules for an Application Load Balancer, use [AWS::ElasticLoadBalancingV2::ListenerRule](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-listenerrule.html) .", - "title": "DefaultActions", - "type": "array" - }, - "LoadBalancerArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the load balancer.", - "title": "LoadBalancerArn", - "type": "string" - }, - "MutualAuthentication": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.MutualAuthentication", - "markdownDescription": "The mutual authentication configuration information.", - "title": "MutualAuthentication" - }, - "Port": { - "markdownDescription": "The port on which the load balancer is listening. You can't specify a port for a Gateway Load Balancer.", - "title": "Port", - "type": "number" - }, - "Protocol": { - "markdownDescription": "The protocol for connections from clients to the load balancer. For Application Load Balancers, the supported protocols are HTTP and HTTPS. For Network Load Balancers, the supported protocols are TCP, TLS, UDP, and TCP_UDP. You can\u2019t specify the UDP or TCP_UDP protocol if dual-stack mode is enabled. You can't specify a protocol for a Gateway Load Balancer.", - "title": "Protocol", - "type": "string" - }, - "SslPolicy": { - "markdownDescription": "[HTTPS and TLS listeners] The security policy that defines which protocols and ciphers are supported. For more information, see [Security policies](https://docs.aws.amazon.com/elasticloadbalancing/latest/application/describe-ssl-policies.html) in the *Application Load Balancers Guide* and [Security policies](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/describe-ssl-policies.html) in the *Network Load Balancers Guide* .\n\n[HTTPS listeners] Updating the security policy can result in interruptions if the load balancer is handling a high volume of traffic. To decrease the possibility of an interruption if your load balancer is handling a high volume of traffic, create an additional load balancer or request an LCU reservation.", - "title": "SslPolicy", - "type": "string" - } + "InstanceGenerations": { + "items": { + "type": "string" }, - "required": [ - "DefaultActions", - "LoadBalancerArn" - ], - "type": "object" + "markdownDescription": "Indicates whether current or previous generation instance types are included. The current generation instance types are recommended for use. Current generation instance types are typically the latest two to three generations in each instance family. For more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .\n\nFor current generation instance types, specify `current` .\n\nFor previous generation instance types, specify `previous` .\n\nDefault: Current and previous generation instance types", + "title": "InstanceGenerations", + "type": "array" }, - "Type": { - "enum": [ - "AWS::ElasticLoadBalancingV2::Listener" - ], + "LocalStorage": { + "markdownDescription": "Indicates whether instance types with instance store volumes are included, excluded, or required. For more information, [Amazon EC2 instance store](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html) in the *Amazon EC2 User Guide* .\n\n- To include instance types with instance store volumes, specify `included` .\n- To require only instance types with instance store volumes, specify `required` .\n- To exclude instance types with instance store volumes, specify `excluded` .\n\nDefault: `included`", + "title": "LocalStorage", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "LocalStorageTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The type of local storage that is required.\n\n- For instance types with hard disk drive (HDD) storage, specify `hdd` .\n- For instance types with solid state drive (SSD) storage, specify `ssd` .\n\nDefault: `hdd` and `ssd`", + "title": "LocalStorageTypes", + "type": "array" + }, + "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice": { + "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage of an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is based on the per vCPU or per memory price instead of the per instance price.\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` .", + "title": "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice", + "type": "number" + }, + "MemoryGiBPerVCpu": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.MemoryGiBPerVCpuRequest", + "markdownDescription": "The minimum and maximum amount of memory per vCPU, in GiB.\n\nDefault: No minimum or maximum limits", + "title": "MemoryGiBPerVCpu" + }, + "MemoryMiB": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.MemoryMiBRequest", + "markdownDescription": "The minimum and maximum amount of memory, in MiB.", + "title": "MemoryMiB" + }, + "NetworkBandwidthGbps": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.NetworkBandwidthGbpsRequest", + "markdownDescription": "The minimum and maximum amount of baseline network bandwidth, in gigabits per second (Gbps). For more information, see [Amazon EC2 instance network bandwidth](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-network-bandwidth.html) in the *Amazon EC2 User Guide* .\n\nDefault: No minimum or maximum limits", + "title": "NetworkBandwidthGbps" + }, + "NetworkInterfaceCount": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.NetworkInterfaceCountRequest", + "markdownDescription": "The minimum and maximum number of network interfaces.\n\nDefault: No minimum or maximum limits", + "title": "NetworkInterfaceCount" + }, + "OnDemandMaxPricePercentageOverLowestPrice": { + "markdownDescription": "[Price protection] The price protection threshold for On-Demand Instances, as a percentage higher than an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nTo indicate no price protection threshold, specify a high value, such as `999999` .\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n> If you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price. \n\nDefault: `20`", + "title": "OnDemandMaxPricePercentageOverLowestPrice", + "type": "number" + }, + "RequireHibernateSupport": { + "markdownDescription": "Indicates whether instance types must support hibernation for On-Demand Instances.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) .\n\nDefault: `false`", + "title": "RequireHibernateSupport", + "type": "boolean" + }, + "SpotMaxPricePercentageOverLowestPrice": { + "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage higher than an identified Spot price. The identified Spot price is the Spot price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified Spot price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose Spot price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` . \n\nDefault: `100`", + "title": "SpotMaxPricePercentageOverLowestPrice", + "type": "number" + }, + "TotalLocalStorageGB": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.TotalLocalStorageGBRequest", + "markdownDescription": "The minimum and maximum amount of total local storage, in GB.\n\nDefault: No minimum or maximum limits", + "title": "TotalLocalStorageGB" + }, + "VCpuCount": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.VCpuCountRangeRequest", + "markdownDescription": "The minimum and maximum number of vCPUs.", + "title": "VCpuCount" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::Listener.Action": { + "AWS::EC2::SpotFleet.LaunchTemplateConfig": { "additionalProperties": false, "properties": { - "AuthenticateCognitoConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.AuthenticateCognitoConfig", - "markdownDescription": "[HTTPS listeners] Information for using Amazon Cognito to authenticate users. Specify only when `Type` is `authenticate-cognito` .", - "title": "AuthenticateCognitoConfig" + "LaunchTemplateSpecification": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.FleetLaunchTemplateSpecification", + "markdownDescription": "The launch template to use. Make sure that the launch template does not contain the `NetworkInterfaceId` parameter because you can't specify a network interface ID in a Spot Fleet.", + "title": "LaunchTemplateSpecification" }, - "AuthenticateOidcConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.AuthenticateOidcConfig", - "markdownDescription": "[HTTPS listeners] Information about an identity provider that is compliant with OpenID Connect (OIDC). Specify only when `Type` is `authenticate-oidc` .", - "title": "AuthenticateOidcConfig" + "Overrides": { + "items": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.LaunchTemplateOverrides" + }, + "markdownDescription": "Any parameters that you specify override the same parameters in the launch template.", + "title": "Overrides", + "type": "array" + } + }, + "type": "object" + }, + "AWS::EC2::SpotFleet.LaunchTemplateOverrides": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "markdownDescription": "The Availability Zone in which to launch the instances.", + "title": "AvailabilityZone", + "type": "string" }, - "FixedResponseConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.FixedResponseConfig", - "markdownDescription": "[Application Load Balancer] Information for creating an action that returns a custom HTTP response. Specify only when `Type` is `fixed-response` .", - "title": "FixedResponseConfig" + "InstanceRequirements": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.InstanceRequirementsRequest", + "markdownDescription": "The instance requirements. When you specify instance requirements, Amazon EC2 will identify instance types with the provided requirements, and then use your On-Demand and Spot allocation strategies to launch instances from these instance types, in the same way as when you specify a list of instance types.\n\n> If you specify `InstanceRequirements` , you can't specify `InstanceType` .", + "title": "InstanceRequirements" }, - "ForwardConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.ForwardConfig", - "markdownDescription": "Information for creating an action that distributes requests among one or more target groups. For Network Load Balancers, you can specify a single target group. Specify only when `Type` is `forward` . If you specify both `ForwardConfig` and `TargetGroupArn` , you can specify only one target group using `ForwardConfig` and it must be the same target group specified in `TargetGroupArn` .", - "title": "ForwardConfig" + "InstanceType": { + "markdownDescription": "The instance type.", + "title": "InstanceType", + "type": "string" }, - "Order": { - "markdownDescription": "The order for the action. This value is required for rules with multiple actions. The action with the lowest value for order is performed first.", - "title": "Order", + "Priority": { + "markdownDescription": "The priority for the launch template override. The highest priority is launched first.\n\nIf `OnDemandAllocationStrategy` is set to `prioritized` , Spot Fleet uses priority to determine which launch template override to use first in fulfilling On-Demand capacity.\n\nIf the Spot `AllocationStrategy` is set to `capacityOptimizedPrioritized` , Spot Fleet uses priority on a best-effort basis to determine which launch template override to use in fulfilling Spot capacity, but optimizes for capacity first.\n\nValid values are whole numbers starting at `0` . The lower the number, the higher the priority. If no number is set, the launch template override has the lowest priority. You can set the same priority for different launch template overrides.", + "title": "Priority", "type": "number" }, - "RedirectConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.RedirectConfig", - "markdownDescription": "[Application Load Balancer] Information for creating a redirect action. Specify only when `Type` is `redirect` .", - "title": "RedirectConfig" - }, - "TargetGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the target group. Specify only when `Type` is `forward` and you want to route to a single target group. To route to one or more target groups, use `ForwardConfig` instead.", - "title": "TargetGroupArn", + "SpotPrice": { + "markdownDescription": "The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.\n\n> If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.", + "title": "SpotPrice", "type": "string" }, - "Type": { - "markdownDescription": "The type of action.", - "title": "Type", + "SubnetId": { + "markdownDescription": "The ID of the subnet in which to launch the instances.", + "title": "SubnetId", "type": "string" + }, + "WeightedCapacity": { + "markdownDescription": "The number of units provided by the specified instance type. These are the same units that you chose to set the target capacity in terms of instances, or a performance characteristic such as vCPUs, memory, or I/O.\n\nIf the target capacity divided by this value is not a whole number, Amazon EC2 rounds the number of instances to the next whole number. If this value is not specified, the default is 1.\n\n> When specifying weights, the price used in the `lowestPrice` and `priceCapacityOptimized` allocation strategies is per *unit* hour (where the instance price is divided by the specified weight). However, if all the specified weights are above the requested `TargetCapacity` , resulting in only 1 instance being launched, the price used is per *instance* hour.", + "title": "WeightedCapacity", + "type": "number" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::Listener.AuthenticateCognitoConfig": { + "AWS::EC2::SpotFleet.LoadBalancersConfig": { "additionalProperties": false, "properties": { - "AuthenticationRequestExtraParams": { - "additionalProperties": true, - "markdownDescription": "The query parameters (up to 10) to include in the redirect request to the authorization endpoint.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "AuthenticationRequestExtraParams", - "type": "object" - }, - "OnUnauthenticatedRequest": { - "markdownDescription": "The behavior if the user is not authenticated. The following are possible values:\n\n- deny `` - Return an HTTP 401 Unauthorized error.\n- allow `` - Allow the request to be forwarded to the target.\n- authenticate `` - Redirect the request to the IdP authorization endpoint. This is the default value.", - "title": "OnUnauthenticatedRequest", - "type": "string" + "ClassicLoadBalancersConfig": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.ClassicLoadBalancersConfig", + "markdownDescription": "The Classic Load Balancers.", + "title": "ClassicLoadBalancersConfig" }, - "Scope": { - "markdownDescription": "The set of user claims to be requested from the IdP. The default is `openid` .\n\nTo verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.", - "title": "Scope", - "type": "string" + "TargetGroupsConfig": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.TargetGroupsConfig", + "markdownDescription": "The target groups.", + "title": "TargetGroupsConfig" + } + }, + "type": "object" + }, + "AWS::EC2::SpotFleet.MemoryGiBPerVCpuRequest": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum amount of memory per vCPU, in GiB. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" }, - "SessionCookieName": { - "markdownDescription": "The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.", - "title": "SessionCookieName", - "type": "string" + "Min": { + "markdownDescription": "The minimum amount of memory per vCPU, in GiB. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::SpotFleet.MemoryMiBRequest": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum amount of memory, in MiB. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" }, - "SessionTimeout": { - "markdownDescription": "The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).", - "title": "SessionTimeout", - "type": "string" + "Min": { + "markdownDescription": "The minimum amount of memory, in MiB. To specify no minimum limit, specify `0` .", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::SpotFleet.NetworkBandwidthGbpsRequest": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum amount of network bandwidth, in Gbps. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" }, - "UserPoolArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Cognito user pool.", - "title": "UserPoolArn", - "type": "string" + "Min": { + "markdownDescription": "The minimum amount of network bandwidth, in Gbps. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::SpotFleet.NetworkInterfaceCountRequest": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum number of network interfaces. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" }, - "UserPoolClientId": { - "markdownDescription": "The ID of the Amazon Cognito user pool client.", - "title": "UserPoolClientId", + "Min": { + "markdownDescription": "The minimum number of network interfaces. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::SpotFleet.PerformanceFactorReferenceRequest": { + "additionalProperties": false, + "properties": { + "InstanceFamily": { + "markdownDescription": "The instance family to use as a baseline reference.\n\n> Ensure that you specify the correct value for the instance family. The instance family is everything before the period ( `.` ) in the instance type name. For example, in the instance type `c6i.large` , the instance family is `c6i` , not `c6` . For more information, see [Amazon EC2 instance type naming conventions](https://docs.aws.amazon.com/ec2/latest/instancetypes/instance-type-names.html) in *Amazon EC2 Instance Types* . \n\nThe following instance families are *not supported* for performance protection:\n\n- `c1`\n- `g3` | `g3s`\n- `hpc7g`\n- `m1` | `m2`\n- `mac1` | `mac2` | `mac2-m1ultra` | `mac2-m2` | `mac2-m2pro`\n- `p3dn` | `p4d` | `p5`\n- `t1`\n- `u-12tb1` | `u-18tb1` | `u-24tb1` | `u-3tb1` | `u-6tb1` | `u-9tb1` | `u7i-12tb` | `u7in-16tb` | `u7in-24tb` | `u7in-32tb`\n\nIf you enable performance protection by specifying a supported instance family, the returned instance types will exclude the above unsupported instance families.\n\nIf you specify an unsupported instance family as a value for baseline performance, the API returns an empty response for [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) and an exception for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet.html) , [RequestSpotFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RequestSpotFleet.html) , [ModifyFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyFleet.html) , and [ModifySpotFleetRequest](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifySpotFleetRequest.html) .", + "title": "InstanceFamily", "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::SpotFleet.PrivateIpAddressSpecification": { + "additionalProperties": false, + "properties": { + "Primary": { + "markdownDescription": "Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.", + "title": "Primary", + "type": "boolean" }, - "UserPoolDomain": { - "markdownDescription": "The domain prefix or fully-qualified domain name of the Amazon Cognito user pool.", - "title": "UserPoolDomain", + "PrivateIpAddress": { + "markdownDescription": "The private IPv4 address.", + "title": "PrivateIpAddress", "type": "string" } }, "required": [ - "UserPoolArn", - "UserPoolClientId", - "UserPoolDomain" + "PrivateIpAddress" ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::Listener.AuthenticateOidcConfig": { + "AWS::EC2::SpotFleet.SpotCapacityRebalance": { "additionalProperties": false, "properties": { - "AuthenticationRequestExtraParams": { - "additionalProperties": true, - "markdownDescription": "The query parameters (up to 10) to include in the redirect request to the authorization endpoint.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "ReplacementStrategy": { + "markdownDescription": "The replacement strategy to use. Only available for fleets of type `maintain` .\n\n`launch` - Spot Fleet launches a new replacement Spot Instance when a rebalance notification is emitted for an existing Spot Instance in the fleet. Spot Fleet does not terminate the instances that receive a rebalance notification. You can terminate the old instances, or you can leave them running. You are charged for all instances while they are running.\n\n`launch-before-terminate` - Spot Fleet launches a new replacement Spot Instance when a rebalance notification is emitted for an existing Spot Instance in the fleet, and then, after a delay that you specify (in `TerminationDelay` ), terminates the instances that received a rebalance notification.", + "title": "ReplacementStrategy", + "type": "string" + }, + "TerminationDelay": { + "markdownDescription": "The amount of time (in seconds) that Amazon EC2 waits before terminating the old Spot Instance after launching a new replacement Spot Instance.\n\nRequired when `ReplacementStrategy` is set to `launch-before-terminate` .\n\nNot valid when `ReplacementStrategy` is set to `launch` .\n\nValid values: Minimum value of `120` seconds. Maximum value of `7200` seconds.", + "title": "TerminationDelay", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::SpotFleet.SpotFleetLaunchSpecification": { + "additionalProperties": false, + "properties": { + "BlockDeviceMappings": { + "items": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.BlockDeviceMapping" }, - "title": "AuthenticationRequestExtraParams", - "type": "object" + "markdownDescription": "One or more block devices that are mapped to the Spot Instances. You can't specify both a snapshot ID and an encryption value. This is because only blank volumes can be encrypted on creation. If a snapshot is the basis for a volume, it is not blank and its encryption status is used for the volume encryption status.", + "title": "BlockDeviceMappings", + "type": "array" }, - "AuthorizationEndpoint": { - "markdownDescription": "The authorization endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", - "title": "AuthorizationEndpoint", - "type": "string" + "EbsOptimized": { + "markdownDescription": "Indicates whether the instances are optimized for EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS Optimized instance.\n\nDefault: `false`", + "title": "EbsOptimized", + "type": "boolean" }, - "ClientId": { - "markdownDescription": "The OAuth 2.0 client identifier.", - "title": "ClientId", - "type": "string" + "IamInstanceProfile": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.IamInstanceProfileSpecification", + "markdownDescription": "The IAM instance profile.", + "title": "IamInstanceProfile" }, - "ClientSecret": { - "markdownDescription": "The OAuth 2.0 client secret. This parameter is required if you are creating a rule. If you are modifying a rule, you can omit this parameter if you set `UseExistingClientSecret` to true.", - "title": "ClientSecret", + "ImageId": { + "markdownDescription": "The ID of the AMI.", + "title": "ImageId", "type": "string" }, - "Issuer": { - "markdownDescription": "The OIDC issuer identifier of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", - "title": "Issuer", + "InstanceRequirements": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.InstanceRequirementsRequest", + "markdownDescription": "The attributes for the instance types. When you specify instance attributes, Amazon EC2 will identify instance types with those attributes.\n\n> If you specify `InstanceRequirements` , you can't specify `InstanceType` .", + "title": "InstanceRequirements" + }, + "InstanceType": { + "markdownDescription": "The instance type.", + "title": "InstanceType", "type": "string" }, - "OnUnauthenticatedRequest": { - "markdownDescription": "The behavior if the user is not authenticated. The following are possible values:\n\n- deny `` - Return an HTTP 401 Unauthorized error.\n- allow `` - Allow the request to be forwarded to the target.\n- authenticate `` - Redirect the request to the IdP authorization endpoint. This is the default value.", - "title": "OnUnauthenticatedRequest", + "KernelId": { + "markdownDescription": "The ID of the kernel.", + "title": "KernelId", "type": "string" }, - "Scope": { - "markdownDescription": "The set of user claims to be requested from the IdP. The default is `openid` .\n\nTo verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.", - "title": "Scope", + "KeyName": { + "markdownDescription": "The name of the key pair.", + "title": "KeyName", "type": "string" }, - "SessionCookieName": { - "markdownDescription": "The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.", - "title": "SessionCookieName", + "Monitoring": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotFleetMonitoring", + "markdownDescription": "Enable or disable monitoring for the instances.", + "title": "Monitoring" + }, + "NetworkInterfaces": { + "items": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.InstanceNetworkInterfaceSpecification" + }, + "markdownDescription": "The network interfaces.", + "title": "NetworkInterfaces", + "type": "array" + }, + "Placement": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotPlacement", + "markdownDescription": "The placement information.", + "title": "Placement" + }, + "RamdiskId": { + "markdownDescription": "The ID of the RAM disk. Some kernels require additional drivers at launch. Check the kernel requirements for information about whether you need to specify a RAM disk. To find kernel requirements, refer to the AWS Resource Center and search for the kernel ID.", + "title": "RamdiskId", "type": "string" }, - "SessionTimeout": { - "markdownDescription": "The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).", - "title": "SessionTimeout", + "SecurityGroups": { + "items": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.GroupIdentifier" + }, + "markdownDescription": "The security groups.\n\nIf you specify a network interface, you must specify any security groups as part of the network interface instead of using this parameter.", + "title": "SecurityGroups", + "type": "array" + }, + "SpotPrice": { + "markdownDescription": "The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.\n\n> If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.", + "title": "SpotPrice", "type": "string" }, - "TokenEndpoint": { - "markdownDescription": "The token endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", - "title": "TokenEndpoint", + "SubnetId": { + "markdownDescription": "The IDs of the subnets in which to launch the instances. To specify multiple subnets, separate them using commas; for example, \"subnet-1234abcdeexample1, subnet-0987cdef6example2\".\n\nIf you specify a network interface, you must specify any subnets as part of the network interface instead of using this parameter.", + "title": "SubnetId", "type": "string" }, - "UseExistingClientSecret": { - "markdownDescription": "Indicates whether to use the existing client secret when modifying a rule. If you are creating a rule, you can omit this parameter or set it to false.", - "title": "UseExistingClientSecret", - "type": "boolean" + "TagSpecifications": { + "items": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotFleetTagSpecification" + }, + "markdownDescription": "The tags to apply during creation.", + "title": "TagSpecifications", + "type": "array" }, - "UserInfoEndpoint": { - "markdownDescription": "The user info endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", - "title": "UserInfoEndpoint", + "UserData": { + "markdownDescription": "The base64-encoded user data that instances use when starting up. User data is limited to 16 KB.", + "title": "UserData", "type": "string" + }, + "WeightedCapacity": { + "markdownDescription": "The number of units provided by the specified instance type. These are the same units that you chose to set the target capacity in terms of instances, or a performance characteristic such as vCPUs, memory, or I/O.\n\nIf the target capacity divided by this value is not a whole number, Amazon EC2 rounds the number of instances to the next whole number. If this value is not specified, the default is 1.\n\n> When specifying weights, the price used in the `lowestPrice` and `priceCapacityOptimized` allocation strategies is per *unit* hour (where the instance price is divided by the specified weight). However, if all the specified weights are above the requested `TargetCapacity` , resulting in only 1 instance being launched, the price used is per *instance* hour.", + "title": "WeightedCapacity", + "type": "number" } }, "required": [ - "AuthorizationEndpoint", - "ClientId", - "Issuer", - "TokenEndpoint", - "UserInfoEndpoint" + "ImageId" ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::Listener.Certificate": { + "AWS::EC2::SpotFleet.SpotFleetMonitoring": { "additionalProperties": false, "properties": { - "CertificateArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the certificate.", - "title": "CertificateArn", - "type": "string" + "Enabled": { + "markdownDescription": "Enables monitoring for the instance.\n\nDefault: `false`", + "title": "Enabled", + "type": "boolean" } }, "type": "object" }, - "AWS::ElasticLoadBalancingV2::Listener.FixedResponseConfig": { + "AWS::EC2::SpotFleet.SpotFleetRequestConfigData": { "additionalProperties": false, "properties": { - "ContentType": { - "markdownDescription": "The content type.\n\nValid Values: text/plain | text/css | text/html | application/javascript | application/json", - "title": "ContentType", + "AllocationStrategy": { + "markdownDescription": "The strategy that determines how to allocate the target Spot Instance capacity across the Spot Instance pools specified by the Spot Fleet launch configuration. For more information, see [Allocation strategies for Spot Instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-allocation-strategy.html) in the *Amazon EC2 User Guide* .\n\n- **priceCapacityOptimized (recommended)** - Spot Fleet identifies the pools with the highest capacity availability for the number of instances that are launching. This means that we will request Spot Instances from the pools that we believe have the lowest chance of interruption in the near term. Spot Fleet then requests Spot Instances from the lowest priced of these pools.\n- **capacityOptimized** - Spot Fleet identifies the pools with the highest capacity availability for the number of instances that are launching. This means that we will request Spot Instances from the pools that we believe have the lowest chance of interruption in the near term. To give certain instance types a higher chance of launching first, use `capacityOptimizedPrioritized` . Set a priority for each instance type by using the `Priority` parameter for `LaunchTemplateOverrides` . You can assign the same priority to different `LaunchTemplateOverrides` . EC2 implements the priorities on a best-effort basis, but optimizes for capacity first. `capacityOptimizedPrioritized` is supported only if your Spot Fleet uses a launch template. Note that if the `OnDemandAllocationStrategy` is set to `prioritized` , the same priority is applied when fulfilling On-Demand capacity.\n- **diversified** - Spot Fleet requests instances from all of the Spot Instance pools that you specify.\n- **lowestPrice (not recommended)** - > We don't recommend the `lowestPrice` allocation strategy because it has the highest risk of interruption for your Spot Instances. \n\nSpot Fleet requests instances from the lowest priced Spot Instance pool that has available capacity. If the lowest priced pool doesn't have available capacity, the Spot Instances come from the next lowest priced pool that has available capacity. If a pool runs out of capacity before fulfilling your desired capacity, Spot Fleet will continue to fulfill your request by drawing from the next lowest priced pool. To ensure that your desired capacity is met, you might receive Spot Instances from several pools. Because this strategy only considers instance price and not capacity availability, it might lead to high interruption rates.\n\nDefault: `lowestPrice`", + "title": "AllocationStrategy", "type": "string" }, - "MessageBody": { - "markdownDescription": "The message.", - "title": "MessageBody", + "Context": { + "markdownDescription": "Reserved.", + "title": "Context", "type": "string" }, - "StatusCode": { - "markdownDescription": "The HTTP response code (2XX, 4XX, or 5XX).", - "title": "StatusCode", + "ExcessCapacityTerminationPolicy": { + "markdownDescription": "Indicates whether running Spot Instances should be terminated if you decrease the target capacity of the Spot Fleet request below the current size of the Spot Fleet.\n\nSupported only for fleets of type `maintain` .", + "title": "ExcessCapacityTerminationPolicy", + "type": "string" + }, + "IamFleetRole": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Identity and Access Management (IAM) role that grants the Spot Fleet the permission to request, launch, terminate, and tag instances on your behalf. For more information, see [Spot Fleet Prerequisites](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-requests.html#spot-fleet-prerequisites) in the *Amazon EC2 User Guide* . Spot Fleet can terminate Spot Instances on your behalf when you cancel its Spot Fleet request or when the Spot Fleet request expires, if you set `TerminateInstancesWithExpiration` .", + "title": "IamFleetRole", + "type": "string" + }, + "InstanceInterruptionBehavior": { + "markdownDescription": "The behavior when a Spot Instance is interrupted. The default is `terminate` .", + "title": "InstanceInterruptionBehavior", + "type": "string" + }, + "InstancePoolsToUseCount": { + "markdownDescription": "The number of Spot pools across which to allocate your target Spot capacity. Valid only when Spot *AllocationStrategy* is set to `lowest-price` . Spot Fleet selects the cheapest Spot pools and evenly allocates your target Spot capacity across the number of Spot pools that you specify.\n\nNote that Spot Fleet attempts to draw Spot Instances from the number of pools that you specify on a best effort basis. If a pool runs out of Spot capacity before fulfilling your target capacity, Spot Fleet will continue to fulfill your request by drawing from the next cheapest pool. To ensure that your target capacity is met, you might receive Spot Instances from more than the number of pools that you specified. Similarly, if most of the pools have no Spot capacity, you might receive your full target capacity from fewer than the number of pools that you specified.", + "title": "InstancePoolsToUseCount", + "type": "number" + }, + "LaunchSpecifications": { + "items": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotFleetLaunchSpecification" + }, + "markdownDescription": "The launch specifications for the Spot Fleet request. If you specify `LaunchSpecifications` , you can't specify `LaunchTemplateConfigs` .", + "title": "LaunchSpecifications", + "type": "array" + }, + "LaunchTemplateConfigs": { + "items": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.LaunchTemplateConfig" + }, + "markdownDescription": "The launch template and overrides. If you specify `LaunchTemplateConfigs` , you can't specify `LaunchSpecifications` .", + "title": "LaunchTemplateConfigs", + "type": "array" + }, + "LoadBalancersConfig": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.LoadBalancersConfig", + "markdownDescription": "One or more Classic Load Balancers and target groups to attach to the Spot Fleet request. Spot Fleet registers the running Spot Instances with the specified Classic Load Balancers and target groups.\n\nWith Network Load Balancers, Spot Fleet cannot register instances that have the following instance types: C1, CC1, CC2, CG1, CG2, CR1, CS1, G1, G2, HI1, HS1, M1, M2, M3, and T1.", + "title": "LoadBalancersConfig" + }, + "OnDemandAllocationStrategy": { + "markdownDescription": "The order of the launch template overrides to use in fulfilling On-Demand capacity. If you specify `lowestPrice` , Spot Fleet uses price to determine the order, launching the lowest price first. If you specify `prioritized` , Spot Fleet uses the priority that you assign to each Spot Fleet launch template override, launching the highest priority first. If you do not specify a value, Spot Fleet defaults to `lowestPrice` .", + "title": "OnDemandAllocationStrategy", + "type": "string" + }, + "OnDemandMaxTotalPrice": { + "markdownDescription": "The maximum amount per hour for On-Demand Instances that you're willing to pay. You can use the `onDemandMaxTotalPrice` parameter, the `spotMaxTotalPrice` parameter, or both parameters to ensure that your fleet cost does not exceed your budget. If you set a maximum price per hour for the On-Demand Instances and Spot Instances in your request, Spot Fleet will launch instances until it reaches the maximum amount you're willing to pay. When the maximum amount you're willing to pay is reached, the fleet stops launching instances even if it hasn\u2019t met the target capacity.\n\n> If your fleet includes T instances that are configured as `unlimited` , and if their average CPU usage exceeds the baseline utilization, you will incur a charge for surplus credits. The `onDemandMaxTotalPrice` does not account for surplus credits, and, if you use surplus credits, your final cost might be higher than what you specified for `onDemandMaxTotalPrice` . For more information, see [Surplus credits can incur charges](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) in the *Amazon EC2 User Guide* .", + "title": "OnDemandMaxTotalPrice", + "type": "string" + }, + "OnDemandTargetCapacity": { + "markdownDescription": "The number of On-Demand units to request. You can choose to set the target capacity in terms of instances or a performance characteristic that is important to your application workload, such as vCPUs, memory, or I/O. If the request type is `maintain` , you can specify a target capacity of 0 and add capacity later.", + "title": "OnDemandTargetCapacity", + "type": "number" + }, + "ReplaceUnhealthyInstances": { + "markdownDescription": "Indicates whether Spot Fleet should replace unhealthy instances.", + "title": "ReplaceUnhealthyInstances", + "type": "boolean" + }, + "SpotMaintenanceStrategies": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotMaintenanceStrategies", + "markdownDescription": "The strategies for managing your Spot Instances that are at an elevated risk of being interrupted.", + "title": "SpotMaintenanceStrategies" + }, + "SpotMaxTotalPrice": { + "markdownDescription": "The maximum amount per hour for Spot Instances that you're willing to pay. You can use the `spotMaxTotalPrice` parameter, the `onDemandMaxTotalPrice` parameter, or both parameters to ensure that your fleet cost does not exceed your budget. If you set a maximum price per hour for the On-Demand Instances and Spot Instances in your request, Spot Fleet will launch instances until it reaches the maximum amount you're willing to pay. When the maximum amount you're willing to pay is reached, the fleet stops launching instances even if it hasn\u2019t met the target capacity.\n\n> If your fleet includes T instances that are configured as `unlimited` , and if their average CPU usage exceeds the baseline utilization, you will incur a charge for surplus credits. The `spotMaxTotalPrice` does not account for surplus credits, and, if you use surplus credits, your final cost might be higher than what you specified for `spotMaxTotalPrice` . For more information, see [Surplus credits can incur charges](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) in the *Amazon EC2 User Guide* .", + "title": "SpotMaxTotalPrice", + "type": "string" + }, + "SpotPrice": { + "markdownDescription": "The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.\n\n> If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.", + "title": "SpotPrice", + "type": "string" + }, + "TagSpecifications": { + "items": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotFleetTagSpecification" + }, + "markdownDescription": "The key-value pair for tagging the Spot Fleet request on creation. The value for `ResourceType` must be `spot-fleet-request` , otherwise the Spot Fleet request fails. To tag instances at launch, specify the tags in the [launch template](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html#create-launch-template) (valid only if you use `LaunchTemplateConfigs` ) or in the `[SpotFleetTagSpecification](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotFleetTagSpecification.html)` (valid only if you use `LaunchSpecifications` ). For information about tagging after launch, see [Tag your resources](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#tag-resources) .", + "title": "TagSpecifications", + "type": "array" + }, + "TargetCapacity": { + "markdownDescription": "The number of units to request for the Spot Fleet. You can choose to set the target capacity in terms of instances or a performance characteristic that is important to your application workload, such as vCPUs, memory, or I/O. If the request type is `maintain` , you can specify a target capacity of 0 and add capacity later.", + "title": "TargetCapacity", + "type": "number" + }, + "TargetCapacityUnitType": { + "markdownDescription": "The unit for the target capacity. You can specify this parameter only when using attribute-based instance type selection.\n\nDefault: `units` (the number of instances)", + "title": "TargetCapacityUnitType", + "type": "string" + }, + "TerminateInstancesWithExpiration": { + "markdownDescription": "Indicates whether running Spot Instances are terminated when the Spot Fleet request expires.", + "title": "TerminateInstancesWithExpiration", + "type": "boolean" + }, + "Type": { + "markdownDescription": "The type of request. Indicates whether the Spot Fleet only requests the target capacity or also attempts to maintain it. When this value is `request` , the Spot Fleet only places the required requests. It does not attempt to replenish Spot Instances if capacity is diminished, nor does it submit requests in alternative Spot pools if capacity is not available. When this value is `maintain` , the Spot Fleet maintains the target capacity. The Spot Fleet places the required requests to meet capacity and automatically replenishes any interrupted instances. Default: `maintain` . `instant` is listed but is not used by Spot Fleet.", + "title": "Type", + "type": "string" + }, + "ValidFrom": { + "markdownDescription": "The start date and time of the request, in UTC format ( *YYYY* - *MM* - *DD* T *HH* : *MM* : *SS* Z). By default, Amazon EC2 starts fulfilling the request immediately.", + "title": "ValidFrom", + "type": "string" + }, + "ValidUntil": { + "markdownDescription": "The end date and time of the request, in UTC format ( *YYYY* - *MM* - *DD* T *HH* : *MM* : *SS* Z). After the end date and time, no new Spot Instance requests are placed or able to fulfill the request. If no value is specified, the Spot Fleet request remains until you cancel it.", + "title": "ValidUntil", "type": "string" } }, "required": [ - "StatusCode" + "IamFleetRole", + "TargetCapacity" ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::Listener.ForwardConfig": { + "AWS::EC2::SpotFleet.SpotFleetTagSpecification": { "additionalProperties": false, "properties": { - "TargetGroupStickinessConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.TargetGroupStickinessConfig", - "markdownDescription": "Information about the target group stickiness for a rule.", - "title": "TargetGroupStickinessConfig" + "ResourceType": { + "markdownDescription": "The type of resource. Currently, the only resource type that is supported is `instance` . To tag the Spot Fleet request on creation, use the `TagSpecifications` parameter in `[SpotFleetRequestConfigData](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotFleetRequestConfigData.html)` .", + "title": "ResourceType", + "type": "string" }, - "TargetGroups": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.TargetGroupTuple" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "Information about how traffic will be distributed between multiple target groups in a forward rule.", - "title": "TargetGroups", + "markdownDescription": "The tags.", + "title": "Tags", "type": "array" } }, "type": "object" }, - "AWS::ElasticLoadBalancingV2::Listener.MutualAuthentication": { + "AWS::EC2::SpotFleet.SpotMaintenanceStrategies": { "additionalProperties": false, "properties": { - "IgnoreClientCertificateExpiry": { - "markdownDescription": "Indicates whether expired client certificates are ignored.", - "title": "IgnoreClientCertificateExpiry", - "type": "boolean" - }, - "Mode": { - "markdownDescription": "The client certificate handling method. Options are `off` , `passthrough` or `verify` . The default value is `off` .", - "title": "Mode", - "type": "string" - }, - "TrustStoreArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the trust store.", - "title": "TrustStoreArn", - "type": "string" + "CapacityRebalance": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotCapacityRebalance", + "markdownDescription": "The Spot Instance replacement strategy to use when Amazon EC2 emits a signal that your Spot Instance is at an elevated risk of being interrupted. For more information, see [Capacity rebalancing](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-capacity-rebalance.html) in the *Amazon EC2 User Guide* .", + "title": "CapacityRebalance" } }, "type": "object" }, - "AWS::ElasticLoadBalancingV2::Listener.RedirectConfig": { + "AWS::EC2::SpotFleet.SpotPlacement": { "additionalProperties": false, "properties": { - "Host": { - "markdownDescription": "The hostname. This component is not percent-encoded. The hostname can contain #{host}.", - "title": "Host", - "type": "string" - }, - "Path": { - "markdownDescription": "The absolute path, starting with the leading \"/\". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}.", - "title": "Path", - "type": "string" - }, - "Port": { - "markdownDescription": "The port. You can specify a value from 1 to 65535 or #{port}.", - "title": "Port", + "AvailabilityZone": { + "markdownDescription": "The Availability Zone.\n\nTo specify multiple Availability Zones, separate them using commas; for example, \"us-west-2a, us-west-2b\".", + "title": "AvailabilityZone", "type": "string" }, - "Protocol": { - "markdownDescription": "The protocol. You can specify HTTP, HTTPS, or #{protocol}. You can redirect HTTP to HTTP, HTTP to HTTPS, and HTTPS to HTTPS. You can't redirect HTTPS to HTTP.", - "title": "Protocol", + "GroupName": { + "markdownDescription": "The name of the placement group.", + "title": "GroupName", "type": "string" }, - "Query": { - "markdownDescription": "The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading \"?\", as it is automatically added. You can specify any of the reserved keywords.", - "title": "Query", + "Tenancy": { + "markdownDescription": "The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of `dedicated` runs on single-tenant hardware. The `host` tenancy is not supported for Spot Instances.", + "title": "Tenancy", "type": "string" - }, - "StatusCode": { - "markdownDescription": "The HTTP redirect code. The redirect is either permanent (HTTP 301) or temporary (HTTP 302).", - "title": "StatusCode", + } + }, + "type": "object" + }, + "AWS::EC2::SpotFleet.TargetGroup": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the target group.", + "title": "Arn", "type": "string" } }, "required": [ - "StatusCode" + "Arn" ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::Listener.TargetGroupStickinessConfig": { + "AWS::EC2::SpotFleet.TargetGroupsConfig": { "additionalProperties": false, "properties": { - "DurationSeconds": { - "markdownDescription": "The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days). You must specify this value when enabling target group stickiness.", - "title": "DurationSeconds", + "TargetGroups": { + "items": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.TargetGroup" + }, + "markdownDescription": "One or more target groups.", + "title": "TargetGroups", + "type": "array" + } + }, + "required": [ + "TargetGroups" + ], + "type": "object" + }, + "AWS::EC2::SpotFleet.TotalLocalStorageGBRequest": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum amount of total local storage, in GB. To specify no maximum limit, omit this parameter.", + "title": "Max", "type": "number" }, - "Enabled": { - "markdownDescription": "Indicates whether target group stickiness is enabled.", - "title": "Enabled", - "type": "boolean" + "Min": { + "markdownDescription": "The minimum amount of total local storage, in GB. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" } }, "type": "object" }, - "AWS::ElasticLoadBalancingV2::Listener.TargetGroupTuple": { + "AWS::EC2::SpotFleet.VCpuCountRangeRequest": { "additionalProperties": false, "properties": { - "TargetGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the target group.", - "title": "TargetGroupArn", - "type": "string" + "Max": { + "markdownDescription": "The maximum number of vCPUs. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" }, - "Weight": { - "markdownDescription": "The weight. The range is 0 to 999.", - "title": "Weight", + "Min": { + "markdownDescription": "The minimum number of vCPUs. To specify no minimum limit, specify `0` .", + "title": "Min", "type": "number" } }, "type": "object" }, - "AWS::ElasticLoadBalancingV2::ListenerCertificate": { + "AWS::EC2::Subnet": { "additionalProperties": false, "properties": { "Condition": { @@ -93284,29 +98529,103 @@ "Properties": { "additionalProperties": false, "properties": { - "Certificates": { + "AssignIpv6AddressOnCreation": { + "markdownDescription": "Indicates whether a network interface created in this subnet receives an IPv6 address. The default value is `false` .\n\nIf you specify `AssignIpv6AddressOnCreation` , you must also specify an IPv6 CIDR block.", + "title": "AssignIpv6AddressOnCreation", + "type": "boolean" + }, + "AvailabilityZone": { + "markdownDescription": "The Availability Zone of the subnet.\n\nIf you update this property, you must also update the `CidrBlock` property.", + "title": "AvailabilityZone", + "type": "string" + }, + "AvailabilityZoneId": { + "markdownDescription": "The AZ ID of the subnet.", + "title": "AvailabilityZoneId", + "type": "string" + }, + "CidrBlock": { + "markdownDescription": "The IPv4 CIDR block assigned to the subnet.\n\nIf you update this property, we create a new subnet, and then delete the existing one.", + "title": "CidrBlock", + "type": "string" + }, + "EnableDns64": { + "markdownDescription": "Indicates whether DNS queries made to the Amazon-provided DNS Resolver in this subnet should return synthetic IPv6 addresses for IPv4-only destinations.\n\n> You must first configure a NAT gateway in a public subnet (separate from the subnet containing the IPv6-only workloads). For example, the subnet containing the NAT gateway should have a `0.0.0.0/0` route pointing to the internet gateway. For more information, see [Configure DNS64 and NAT64](https://docs.aws.amazon.com/vpc/latest/userguide/nat-gateway-nat64-dns64.html#nat-gateway-nat64-dns64-walkthrough) in the *Amazon Virtual Private Cloud User Guide* .", + "title": "EnableDns64", + "type": "boolean" + }, + "EnableLniAtDeviceIndex": { + "markdownDescription": "Indicates the device position for local network interfaces in this subnet. For example, `1` indicates local network interfaces in this subnet are the secondary network interface (eth1).", + "title": "EnableLniAtDeviceIndex", + "type": "number" + }, + "Ipv4IpamPoolId": { + "markdownDescription": "An IPv4 IPAM pool ID for the subnet.", + "title": "Ipv4IpamPoolId", + "type": "string" + }, + "Ipv4NetmaskLength": { + "markdownDescription": "An IPv4 netmask length for the subnet.", + "title": "Ipv4NetmaskLength", + "type": "number" + }, + "Ipv6CidrBlock": { + "markdownDescription": "The IPv6 CIDR block.\n\nIf you specify `AssignIpv6AddressOnCreation` , you must also specify an IPv6 CIDR block.", + "title": "Ipv6CidrBlock", + "type": "string" + }, + "Ipv6IpamPoolId": { + "markdownDescription": "An IPv6 IPAM pool ID for the subnet.", + "title": "Ipv6IpamPoolId", + "type": "string" + }, + "Ipv6Native": { + "markdownDescription": "Indicates whether this is an IPv6 only subnet. For more information, see [Subnet basics](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html#subnet-basics) in the *Amazon Virtual Private Cloud User Guide* .", + "title": "Ipv6Native", + "type": "boolean" + }, + "Ipv6NetmaskLength": { + "markdownDescription": "An IPv6 netmask length for the subnet.", + "title": "Ipv6NetmaskLength", + "type": "number" + }, + "MapPublicIpOnLaunch": { + "markdownDescription": "Indicates whether instances launched in this subnet receive a public IPv4 address. The default value is `false` .\n\nAWS charges for all public IPv4 addresses, including public IPv4 addresses associated with running instances and Elastic IP addresses. For more information, see the *Public IPv4 Address* tab on the [VPC pricing page](https://docs.aws.amazon.com/vpc/pricing/) .", + "title": "MapPublicIpOnLaunch", + "type": "boolean" + }, + "OutpostArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Outpost.", + "title": "OutpostArn", + "type": "string" + }, + "PrivateDnsNameOptionsOnLaunch": { + "$ref": "#/definitions/AWS::EC2::Subnet.PrivateDnsNameOptionsOnLaunch", + "markdownDescription": "The hostname type for EC2 instances launched into this subnet and how DNS A and AAAA record queries to the instances should be handled. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .\n\nAvailable options:\n\n- EnableResourceNameDnsAAAARecord (true | false)\n- EnableResourceNameDnsARecord (true | false)\n- HostnameType (ip-name | resource-name)", + "title": "PrivateDnsNameOptionsOnLaunch" + }, + "Tags": { "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerCertificate.Certificate" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The certificate. You can specify one certificate per resource.", - "title": "Certificates", + "markdownDescription": "Any tags assigned to the subnet.", + "title": "Tags", "type": "array" }, - "ListenerArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the listener.", - "title": "ListenerArn", + "VpcId": { + "markdownDescription": "The ID of the VPC the subnet is in.\n\nIf you update this property, you must also update the `CidrBlock` property.", + "title": "VpcId", "type": "string" } }, "required": [ - "Certificates", - "ListenerArn" + "VpcId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElasticLoadBalancingV2::ListenerCertificate" + "AWS::EC2::Subnet" ], "type": "string" }, @@ -93325,18 +98644,39 @@ ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::ListenerCertificate.Certificate": { + "AWS::EC2::Subnet.BlockPublicAccessStates": { "additionalProperties": false, "properties": { - "CertificateArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the certificate.", - "title": "CertificateArn", + "InternetGatewayBlockMode": { + "markdownDescription": "The mode of VPC BPA.\n\n- `off` : VPC BPA is not enabled and traffic is allowed to and from internet gateways and egress-only internet gateways in this Region.\n- `block-bidirectional` : Block all traffic to and from internet gateways and egress-only internet gateways in this Region (except for excluded VPCs and subnets).\n- `block-ingress` : Block all internet traffic to the VPCs in this Region (except for VPCs or subnets which are excluded). Only traffic to and from NAT gateways and egress-only internet gateways is allowed because these gateways only allow outbound connections to be established.", + "title": "InternetGatewayBlockMode", "type": "string" } }, "type": "object" }, - "AWS::ElasticLoadBalancingV2::ListenerRule": { + "AWS::EC2::Subnet.PrivateDnsNameOptionsOnLaunch": { + "additionalProperties": false, + "properties": { + "EnableResourceNameDnsAAAARecord": { + "markdownDescription": "Indicates whether to respond to DNS queries for instance hostname with DNS AAAA records.", + "title": "EnableResourceNameDnsAAAARecord", + "type": "boolean" + }, + "EnableResourceNameDnsARecord": { + "markdownDescription": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records.", + "title": "EnableResourceNameDnsARecord", + "type": "boolean" + }, + "HostnameType": { + "markdownDescription": "The type of hostname for EC2 instances. For IPv4 only subnets, an instance DNS name must be based on the instance IPv4 address. For IPv6 only subnets, an instance DNS name must be based on the instance ID. For dual-stack subnets, you can specify whether DNS names use the instance IPv4 address or the instance ID.", + "title": "HostnameType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::SubnetCidrBlock": { "additionalProperties": false, "properties": { "Condition": { @@ -93371,43 +98711,35 @@ "Properties": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.Action" - }, - "markdownDescription": "The actions.\n\nThe rule must include exactly one of the following types of actions: `forward` , `fixed-response` , or `redirect` , and it must be the last action to be performed. If the rule is for an HTTPS listener, it can also optionally include an authentication action.", - "title": "Actions", - "type": "array" - }, - "Conditions": { - "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.RuleCondition" - }, - "markdownDescription": "The conditions.\n\nThe rule can optionally include up to one of each of the following conditions: `http-request-method` , `host-header` , `path-pattern` , and `source-ip` . A rule can also optionally include one or more of each of the following conditions: `http-header` and `query-string` .", - "title": "Conditions", - "type": "array" + "Ipv6CidrBlock": { + "markdownDescription": "The IPv6 network range for the subnet, in CIDR notation.", + "title": "Ipv6CidrBlock", + "type": "string" }, - "ListenerArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the listener.", - "title": "ListenerArn", + "Ipv6IpamPoolId": { + "markdownDescription": "An IPv6 IPAM pool ID for the subnet.", + "title": "Ipv6IpamPoolId", "type": "string" }, - "Priority": { - "markdownDescription": "The rule priority. A listener can't have multiple rules with the same priority.\n\nIf you try to reorder rules by updating their priorities, do not specify a new priority if an existing rule already uses this priority, as this can cause an error. If you need to reuse a priority with a different rule, you must remove it as a priority first, and then specify it in a subsequent update.", - "title": "Priority", + "Ipv6NetmaskLength": { + "markdownDescription": "An IPv6 netmask length for the subnet.", + "title": "Ipv6NetmaskLength", "type": "number" + }, + "SubnetId": { + "markdownDescription": "The ID of the subnet.", + "title": "SubnetId", + "type": "string" } }, "required": [ - "Actions", - "Conditions", - "Priority" + "SubnetId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElasticLoadBalancingV2::ListenerRule" + "AWS::EC2::SubnetCidrBlock" ], "type": "string" }, @@ -93426,460 +98758,377 @@ ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::ListenerRule.Action": { + "AWS::EC2::SubnetNetworkAclAssociation": { "additionalProperties": false, "properties": { - "AuthenticateCognitoConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.AuthenticateCognitoConfig", - "markdownDescription": "[HTTPS listeners] Information for using Amazon Cognito to authenticate users. Specify only when `Type` is `authenticate-cognito` .", - "title": "AuthenticateCognitoConfig" - }, - "AuthenticateOidcConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.AuthenticateOidcConfig", - "markdownDescription": "[HTTPS listeners] Information about an identity provider that is compliant with OpenID Connect (OIDC). Specify only when `Type` is `authenticate-oidc` .", - "title": "AuthenticateOidcConfig" + "Condition": { + "type": "string" }, - "FixedResponseConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.FixedResponseConfig", - "markdownDescription": "[Application Load Balancer] Information for creating an action that returns a custom HTTP response. Specify only when `Type` is `fixed-response` .", - "title": "FixedResponseConfig" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ForwardConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.ForwardConfig", - "markdownDescription": "Information for creating an action that distributes requests among one or more target groups. For Network Load Balancers, you can specify a single target group. Specify only when `Type` is `forward` . If you specify both `ForwardConfig` and `TargetGroupArn` , you can specify only one target group using `ForwardConfig` and it must be the same target group specified in `TargetGroupArn` .", - "title": "ForwardConfig" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Order": { - "markdownDescription": "The order for the action. This value is required for rules with multiple actions. The action with the lowest value for order is performed first.", - "title": "Order", - "type": "number" + "Metadata": { + "type": "object" }, - "RedirectConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.RedirectConfig", - "markdownDescription": "[Application Load Balancer] Information for creating a redirect action. Specify only when `Type` is `redirect` .", - "title": "RedirectConfig" + "Properties": { + "additionalProperties": false, + "properties": { + "NetworkAclId": { + "markdownDescription": "The ID of the network ACL.", + "title": "NetworkAclId", + "type": "string" + }, + "SubnetId": { + "markdownDescription": "The ID of the subnet.", + "title": "SubnetId", + "type": "string" + } + }, + "required": [ + "NetworkAclId", + "SubnetId" + ], + "type": "object" }, - "TargetGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the target group. Specify only when `Type` is `forward` and you want to route to a single target group. To route to one or more target groups, use `ForwardConfig` instead.", - "title": "TargetGroupArn", + "Type": { + "enum": [ + "AWS::EC2::SubnetNetworkAclAssociation" + ], "type": "string" }, - "Type": { - "markdownDescription": "The type of action.", - "title": "Type", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::ListenerRule.AuthenticateCognitoConfig": { + "AWS::EC2::SubnetRouteTableAssociation": { "additionalProperties": false, "properties": { - "AuthenticationRequestExtraParams": { - "additionalProperties": true, - "markdownDescription": "The query parameters (up to 10) to include in the redirect request to the authorization endpoint.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "AuthenticationRequestExtraParams", - "type": "object" - }, - "OnUnauthenticatedRequest": { - "markdownDescription": "The behavior if the user is not authenticated. The following are possible values:\n\n- deny `` - Return an HTTP 401 Unauthorized error.\n- allow `` - Allow the request to be forwarded to the target.\n- authenticate `` - Redirect the request to the IdP authorization endpoint. This is the default value.", - "title": "OnUnauthenticatedRequest", + "Condition": { "type": "string" }, - "Scope": { - "markdownDescription": "The set of user claims to be requested from the IdP. The default is `openid` .\n\nTo verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.", - "title": "Scope", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SessionCookieName": { - "markdownDescription": "The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.", - "title": "SessionCookieName", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SessionTimeout": { - "markdownDescription": "The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).", - "title": "SessionTimeout", - "type": "number" + "Metadata": { + "type": "object" }, - "UserPoolArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Cognito user pool.", - "title": "UserPoolArn", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "RouteTableId": { + "markdownDescription": "The ID of the route table.\n\nThe physical ID changes when the route table ID is changed.", + "title": "RouteTableId", + "type": "string" + }, + "SubnetId": { + "markdownDescription": "The ID of the subnet.", + "title": "SubnetId", + "type": "string" + } + }, + "required": [ + "RouteTableId", + "SubnetId" + ], + "type": "object" }, - "UserPoolClientId": { - "markdownDescription": "The ID of the Amazon Cognito user pool client.", - "title": "UserPoolClientId", + "Type": { + "enum": [ + "AWS::EC2::SubnetRouteTableAssociation" + ], "type": "string" }, - "UserPoolDomain": { - "markdownDescription": "The domain prefix or fully-qualified domain name of the Amazon Cognito user pool.", - "title": "UserPoolDomain", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "UserPoolArn", - "UserPoolClientId", - "UserPoolDomain" + "Type", + "Properties" ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::ListenerRule.AuthenticateOidcConfig": { + "AWS::EC2::TrafficMirrorFilter": { "additionalProperties": false, "properties": { - "AuthenticationRequestExtraParams": { - "additionalProperties": true, - "markdownDescription": "The query parameters (up to 10) to include in the redirect request to the authorization endpoint.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "AuthenticationRequestExtraParams", - "type": "object" - }, - "AuthorizationEndpoint": { - "markdownDescription": "The authorization endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", - "title": "AuthorizationEndpoint", - "type": "string" - }, - "ClientId": { - "markdownDescription": "The OAuth 2.0 client identifier.", - "title": "ClientId", - "type": "string" - }, - "ClientSecret": { - "markdownDescription": "The OAuth 2.0 client secret. This parameter is required if you are creating a rule. If you are modifying a rule, you can omit this parameter if you set `UseExistingClientSecret` to true.", - "title": "ClientSecret", - "type": "string" - }, - "Issuer": { - "markdownDescription": "The OIDC issuer identifier of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", - "title": "Issuer", + "Condition": { "type": "string" }, - "OnUnauthenticatedRequest": { - "markdownDescription": "The behavior if the user is not authenticated. The following are possible values:\n\n- deny `` - Return an HTTP 401 Unauthorized error.\n- allow `` - Allow the request to be forwarded to the target.\n- authenticate `` - Redirect the request to the IdP authorization endpoint. This is the default value.", - "title": "OnUnauthenticatedRequest", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Scope": { - "markdownDescription": "The set of user claims to be requested from the IdP. The default is `openid` .\n\nTo verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.", - "title": "Scope", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SessionCookieName": { - "markdownDescription": "The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.", - "title": "SessionCookieName", - "type": "string" + "Metadata": { + "type": "object" }, - "SessionTimeout": { - "markdownDescription": "The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).", - "title": "SessionTimeout", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the Traffic Mirror filter.", + "title": "Description", + "type": "string" + }, + "NetworkServices": { + "items": { + "type": "string" + }, + "markdownDescription": "The network service traffic that is associated with the Traffic Mirror filter.\n\nValid values are `amazon-dns` .", + "title": "NetworkServices", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to assign to a Traffic Mirror filter.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" }, - "TokenEndpoint": { - "markdownDescription": "The token endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", - "title": "TokenEndpoint", + "Type": { + "enum": [ + "AWS::EC2::TrafficMirrorFilter" + ], "type": "string" }, - "UseExistingClientSecret": { - "markdownDescription": "Indicates whether to use the existing client secret when modifying a rule. If you are creating a rule, you can omit this parameter or set it to false.", - "title": "UseExistingClientSecret", - "type": "boolean" - }, - "UserInfoEndpoint": { - "markdownDescription": "The user info endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", - "title": "UserInfoEndpoint", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "AuthorizationEndpoint", - "ClientId", - "Issuer", - "TokenEndpoint", - "UserInfoEndpoint" + "Type" ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::ListenerRule.FixedResponseConfig": { + "AWS::EC2::TrafficMirrorFilterRule": { "additionalProperties": false, "properties": { - "ContentType": { - "markdownDescription": "The content type.\n\nValid Values: text/plain | text/css | text/html | application/javascript | application/json", - "title": "ContentType", + "Condition": { "type": "string" }, - "MessageBody": { - "markdownDescription": "The message.", - "title": "MessageBody", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "StatusCode": { - "markdownDescription": "The HTTP response code (2XX, 4XX, or 5XX).", - "title": "StatusCode", - "type": "string" - } - }, - "required": [ - "StatusCode" - ], - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::ListenerRule.ForwardConfig": { - "additionalProperties": false, - "properties": { - "TargetGroupStickinessConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.TargetGroupStickinessConfig", - "markdownDescription": "Information about the target group stickiness for a rule.", - "title": "TargetGroupStickinessConfig" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "TargetGroups": { - "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.TargetGroupTuple" - }, - "markdownDescription": "Information about how traffic will be distributed between multiple target groups in a forward rule.", - "title": "TargetGroups", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::ListenerRule.HostHeaderConfig": { - "additionalProperties": false, - "properties": { - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The host names. The maximum size of each name is 128 characters. The comparison is case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character). You must include at least one \".\" character. You can include only alphabetical characters after the final \".\" character.\n\nIf you specify multiple strings, the condition is satisfied if one of the strings matches the host name.", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::ListenerRule.HttpHeaderConfig": { - "additionalProperties": false, - "properties": { - "HttpHeaderName": { - "markdownDescription": "The name of the HTTP header field. The maximum size is 40 characters. The header name is case insensitive. The allowed characters are specified by RFC 7230. Wildcards are not supported.", - "title": "HttpHeaderName", - "type": "string" + "Metadata": { + "type": "object" }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The strings to compare against the value of the HTTP header. The maximum size of each string is 128 characters. The comparison strings are case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character).\n\nIf the same header appears multiple times in the request, we search them in order until a match is found.\n\nIf you specify multiple strings, the condition is satisfied if one of the strings matches the value of the HTTP header. To require that all of the strings are a match, create one condition per string.", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::ListenerRule.HttpRequestMethodConfig": { - "additionalProperties": false, - "properties": { - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The name of the request method. The maximum size is 40 characters. The allowed characters are A-Z, hyphen (-), and underscore (_). The comparison is case sensitive. Wildcards are not supported; therefore, the method name must be an exact match.\n\nIf you specify multiple strings, the condition is satisfied if one of the strings matches the HTTP request method. We recommend that you route GET and HEAD requests in the same way, because the response to a HEAD request may be cached.", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::ListenerRule.PathPatternConfig": { - "additionalProperties": false, - "properties": { - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The path patterns to compare against the request URL. The maximum size of each string is 128 characters. The comparison is case sensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character).\n\nIf you specify multiple strings, the condition is satisfied if one of them matches the request URL. The path pattern is compared only to the path of the URL, not to its query string.", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::ListenerRule.QueryStringConfig": { - "additionalProperties": false, - "properties": { - "Values": { - "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.QueryStringKeyValue" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the Traffic Mirror rule.", + "title": "Description", + "type": "string" + }, + "DestinationCidrBlock": { + "markdownDescription": "The destination CIDR block to assign to the Traffic Mirror rule.", + "title": "DestinationCidrBlock", + "type": "string" + }, + "DestinationPortRange": { + "$ref": "#/definitions/AWS::EC2::TrafficMirrorFilterRule.TrafficMirrorPortRange", + "markdownDescription": "The destination port range.", + "title": "DestinationPortRange" + }, + "Protocol": { + "markdownDescription": "The protocol, for example UDP, to assign to the Traffic Mirror rule.\n\nFor information about the protocol value, see [Protocol Numbers](https://docs.aws.amazon.com/https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) on the Internet Assigned Numbers Authority (IANA) website.", + "title": "Protocol", + "type": "number" + }, + "RuleAction": { + "markdownDescription": "The action to take on the filtered traffic.", + "title": "RuleAction", + "type": "string" + }, + "RuleNumber": { + "markdownDescription": "The number of the Traffic Mirror rule. This number must be unique for each Traffic Mirror rule in a given direction. The rules are processed in ascending order by rule number.", + "title": "RuleNumber", + "type": "number" + }, + "SourceCidrBlock": { + "markdownDescription": "The source CIDR block to assign to the Traffic Mirror rule.", + "title": "SourceCidrBlock", + "type": "string" + }, + "SourcePortRange": { + "$ref": "#/definitions/AWS::EC2::TrafficMirrorFilterRule.TrafficMirrorPortRange", + "markdownDescription": "The source port range.", + "title": "SourcePortRange" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags on Traffic Mirroring filter rules.", + "title": "Tags", + "type": "array" + }, + "TrafficDirection": { + "markdownDescription": "The type of traffic.", + "title": "TrafficDirection", + "type": "string" + }, + "TrafficMirrorFilterId": { + "markdownDescription": "The ID of the filter that this rule is associated with.", + "title": "TrafficMirrorFilterId", + "type": "string" + } }, - "markdownDescription": "The key/value pairs or values to find in the query string. The maximum size of each string is 128 characters. The comparison is case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character). To search for a literal '*' or '?' character in a query string, you must escape these characters in `Values` using a '\\' character.\n\nIf you specify multiple key/value pairs or values, the condition is satisfied if one of them is found in the query string.", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::ListenerRule.QueryStringKeyValue": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "The key. You can omit the key.", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "The value.", - "title": "Value", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::ListenerRule.RedirectConfig": { - "additionalProperties": false, - "properties": { - "Host": { - "markdownDescription": "The hostname. This component is not percent-encoded. The hostname can contain #{host}.", - "title": "Host", - "type": "string" - }, - "Path": { - "markdownDescription": "The absolute path, starting with the leading \"/\". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}.", - "title": "Path", - "type": "string" - }, - "Port": { - "markdownDescription": "The port. You can specify a value from 1 to 65535 or #{port}.", - "title": "Port", - "type": "string" - }, - "Protocol": { - "markdownDescription": "The protocol. You can specify HTTP, HTTPS, or #{protocol}. You can redirect HTTP to HTTP, HTTP to HTTPS, and HTTPS to HTTPS. You can't redirect HTTPS to HTTP.", - "title": "Protocol", - "type": "string" + "required": [ + "DestinationCidrBlock", + "RuleAction", + "RuleNumber", + "SourceCidrBlock", + "TrafficDirection", + "TrafficMirrorFilterId" + ], + "type": "object" }, - "Query": { - "markdownDescription": "The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading \"?\", as it is automatically added. You can specify any of the reserved keywords.", - "title": "Query", + "Type": { + "enum": [ + "AWS::EC2::TrafficMirrorFilterRule" + ], "type": "string" }, - "StatusCode": { - "markdownDescription": "The HTTP redirect code. The redirect is either permanent (HTTP 301) or temporary (HTTP 302).", - "title": "StatusCode", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "StatusCode" + "Type", + "Properties" ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::ListenerRule.RuleCondition": { - "additionalProperties": false, - "properties": { - "Field": { - "markdownDescription": "The field in the HTTP request. The following are the possible values:\n\n- `http-header`\n- `http-request-method`\n- `host-header`\n- `path-pattern`\n- `query-string`\n- `source-ip`", - "title": "Field", - "type": "string" - }, - "HostHeaderConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.HostHeaderConfig", - "markdownDescription": "Information for a host header condition. Specify only when `Field` is `host-header` .", - "title": "HostHeaderConfig" - }, - "HttpHeaderConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.HttpHeaderConfig", - "markdownDescription": "Information for an HTTP header condition. Specify only when `Field` is `http-header` .", - "title": "HttpHeaderConfig" - }, - "HttpRequestMethodConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.HttpRequestMethodConfig", - "markdownDescription": "Information for an HTTP method condition. Specify only when `Field` is `http-request-method` .", - "title": "HttpRequestMethodConfig" - }, - "PathPatternConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.PathPatternConfig", - "markdownDescription": "Information for a path pattern condition. Specify only when `Field` is `path-pattern` .", - "title": "PathPatternConfig" - }, - "QueryStringConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.QueryStringConfig", - "markdownDescription": "Information for a query string condition. Specify only when `Field` is `query-string` .", - "title": "QueryStringConfig" - }, - "SourceIpConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.SourceIpConfig", - "markdownDescription": "Information for a source IP condition. Specify only when `Field` is `source-ip` .", - "title": "SourceIpConfig" - }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The condition value. Specify only when `Field` is `host-header` or `path-pattern` . Alternatively, to specify multiple host names or multiple path patterns, use `HostHeaderConfig` or `PathPatternConfig` .\n\nIf `Field` is `host-header` and you're not using `HostHeaderConfig` , you can specify a single host name (for example, my.example.com). A host name is case insensitive, can be up to 128 characters in length, and can contain any of the following characters.\n\n- A-Z, a-z, 0-9\n- - .\n- * (matches 0 or more characters)\n- ? (matches exactly 1 character)\n\nIf `Field` is `path-pattern` and you're not using `PathPatternConfig` , you can specify a single path pattern (for example, /img/*). A path pattern is case-sensitive, can be up to 128 characters in length, and can contain any of the following characters.\n\n- A-Z, a-z, 0-9\n- _ - . $ / ~ \" ' @ : +\n- & (using &)\n- * (matches 0 or more characters)\n- ? (matches exactly 1 character)", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::ListenerRule.SourceIpConfig": { - "additionalProperties": false, - "properties": { - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The source IP addresses, in CIDR format. You can use both IPv4 and IPv6 addresses. Wildcards are not supported.\n\nIf you specify multiple addresses, the condition is satisfied if the source IP address of the request matches one of the CIDR blocks. This condition is not satisfied by the addresses in the X-Forwarded-For header.", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::ListenerRule.TargetGroupStickinessConfig": { + "AWS::EC2::TrafficMirrorFilterRule.TrafficMirrorPortRange": { "additionalProperties": false, "properties": { - "DurationSeconds": { - "markdownDescription": "The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days). You must specify this value when enabling target group stickiness.", - "title": "DurationSeconds", + "FromPort": { + "markdownDescription": "The start of the Traffic Mirror port range. This applies to the TCP and UDP protocols.", + "title": "FromPort", "type": "number" }, - "Enabled": { - "markdownDescription": "Indicates whether target group stickiness is enabled.", - "title": "Enabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::ListenerRule.TargetGroupTuple": { - "additionalProperties": false, - "properties": { - "TargetGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the target group.", - "title": "TargetGroupArn", - "type": "string" - }, - "Weight": { - "markdownDescription": "The weight. The range is 0 to 999.", - "title": "Weight", + "ToPort": { + "markdownDescription": "The end of the Traffic Mirror port range. This applies to the TCP and UDP protocols.", + "title": "ToPort", "type": "number" } }, + "required": [ + "FromPort", + "ToPort" + ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::LoadBalancer": { + "AWS::EC2::TrafficMirrorSession": { "additionalProperties": false, "properties": { "Condition": { @@ -93914,77 +99163,66 @@ "Properties": { "additionalProperties": false, "properties": { - "EnforceSecurityGroupInboundRulesOnPrivateLinkTraffic": { - "markdownDescription": "Indicates whether to evaluate inbound security group rules for traffic sent to a Network Load Balancer through AWS PrivateLink . The default is `on` .\n\nYou can't configure this property on a Network Load Balancer unless you associated a security group with the load balancer when you created it.", - "title": "EnforceSecurityGroupInboundRulesOnPrivateLinkTraffic", - "type": "string" - }, - "IpAddressType": { - "markdownDescription": "The IP address type. Internal load balancers must use `ipv4` .\n\n[Application Load Balancers] The possible values are `ipv4` (IPv4 addresses), `dualstack` (IPv4 and IPv6 addresses), and `dualstack-without-public-ipv4` (public IPv6 addresses and private IPv4 and IPv6 addresses).\n\nApplication Load Balancer authentication supports IPv4 addresses only when connecting to an Identity Provider (IdP) or Amazon Cognito endpoint. Without a public IPv4 address the load balancer can't complete the authentication process, resulting in HTTP 500 errors.\n\n[Network Load Balancers and Gateway Load Balancers] The possible values are `ipv4` (IPv4 addresses) and `dualstack` (IPv4 and IPv6 addresses).", - "title": "IpAddressType", + "Description": { + "markdownDescription": "The description of the Traffic Mirror session.", + "title": "Description", "type": "string" }, - "LoadBalancerAttributes": { - "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::LoadBalancer.LoadBalancerAttribute" - }, - "markdownDescription": "The load balancer attributes. Attributes that you do not modify retain their current values.", - "title": "LoadBalancerAttributes", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the load balancer. This name must be unique per region per account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, must not begin or end with a hyphen, and must not begin with \"internal-\".\n\nIf you don't specify a name, AWS CloudFormation generates a unique physical ID for the load balancer. If you specify a name, you cannot perform updates that require replacement of this resource, but you can perform other updates. To replace the resource, specify a new name.", - "title": "Name", + "NetworkInterfaceId": { + "markdownDescription": "The ID of the source network interface.", + "title": "NetworkInterfaceId", "type": "string" }, - "Scheme": { - "markdownDescription": "The nodes of an Internet-facing load balancer have public IP addresses. The DNS name of an Internet-facing load balancer is publicly resolvable to the public IP addresses of the nodes. Therefore, Internet-facing load balancers can route requests from clients over the internet.\n\nThe nodes of an internal load balancer have only private IP addresses. The DNS name of an internal load balancer is publicly resolvable to the private IP addresses of the nodes. Therefore, internal load balancers can route requests only from clients with access to the VPC for the load balancer.\n\nThe default is an Internet-facing load balancer.\n\nYou can't specify a scheme for a Gateway Load Balancer.", - "title": "Scheme", + "OwnerId": { + "markdownDescription": "The ID of the account that owns the Traffic Mirror session.", + "title": "OwnerId", "type": "string" }, - "SecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "[Application Load Balancers and Network Load Balancers] The IDs of the security groups for the load balancer.", - "title": "SecurityGroups", - "type": "array" - }, - "SubnetMappings": { - "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::LoadBalancer.SubnetMapping" - }, - "markdownDescription": "The IDs of the subnets. You can specify only one subnet per Availability Zone. You must specify either subnets or subnet mappings, but not both.\n\n[Application Load Balancers] You must specify subnets from at least two Availability Zones. You can't specify Elastic IP addresses for your subnets.\n\n[Application Load Balancers on Outposts] You must specify one Outpost subnet.\n\n[Application Load Balancers on Local Zones] You can specify subnets from one or more Local Zones.\n\n[Network Load Balancers] You can specify subnets from one or more Availability Zones. You can specify one Elastic IP address per subnet if you need static IP addresses for your internet-facing load balancer. For internal load balancers, you can specify one private IP address per subnet from the IPv4 range of the subnet. For internet-facing load balancer, you can specify one IPv6 address per subnet.\n\n[Gateway Load Balancers] You can specify subnets from one or more Availability Zones. You can't specify Elastic IP addresses for your subnets.", - "title": "SubnetMappings", - "type": "array" + "PacketLength": { + "markdownDescription": "The number of bytes in each packet to mirror. These are bytes after the VXLAN header. Do not specify this parameter when you want to mirror the entire packet. To mirror a subset of the packet, set this to the length (in bytes) that you want to mirror. For example, if you set this value to 100, then the first 100 bytes that meet the filter criteria are copied to the target.\n\nIf you do not want to mirror the entire packet, use the `PacketLength` parameter to specify the number of bytes in each packet to mirror.\n\nFor sessions with Network Load Balancer (NLB) Traffic Mirror targets the default `PacketLength` will be set to 8500. Valid values are 1-8500. Setting a `PacketLength` greater than 8500 will result in an error response.", + "title": "PacketLength", + "type": "number" }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the subnets. You can specify only one subnet per Availability Zone. You must specify either subnets or subnet mappings, but not both. To specify an Elastic IP address, specify subnet mappings instead of subnets.\n\n[Application Load Balancers] You must specify subnets from at least two Availability Zones.\n\n[Application Load Balancers on Outposts] You must specify one Outpost subnet.\n\n[Application Load Balancers on Local Zones] You can specify subnets from one or more Local Zones.\n\n[Network Load Balancers and Gateway Load Balancers] You can specify subnets from one or more Availability Zones.", - "title": "Subnets", - "type": "array" + "SessionNumber": { + "markdownDescription": "The session number determines the order in which sessions are evaluated when an interface is used by multiple sessions. The first session with a matching filter is the one that mirrors the packets.\n\nValid values are 1-32766.", + "title": "SessionNumber", + "type": "number" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to assign to the load balancer.", + "markdownDescription": "The tags to assign to a Traffic Mirror session.", "title": "Tags", "type": "array" }, - "Type": { - "markdownDescription": "The type of load balancer. The default is `application` .", - "title": "Type", + "TrafficMirrorFilterId": { + "markdownDescription": "The ID of the Traffic Mirror filter.", + "title": "TrafficMirrorFilterId", + "type": "string" + }, + "TrafficMirrorTargetId": { + "markdownDescription": "The ID of the Traffic Mirror target.", + "title": "TrafficMirrorTargetId", "type": "string" + }, + "VirtualNetworkId": { + "markdownDescription": "The VXLAN ID for the Traffic Mirror session. For more information about the VXLAN protocol, see [RFC 7348](https://docs.aws.amazon.com/https://datatracker.ietf.org/doc/html/rfc7348) . If you do not specify a `VirtualNetworkId` , an account-wide unique ID is chosen at random.", + "title": "VirtualNetworkId", + "type": "number" } }, + "required": [ + "NetworkInterfaceId", + "SessionNumber", + "TrafficMirrorFilterId", + "TrafficMirrorTargetId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::ElasticLoadBalancingV2::LoadBalancer" + "AWS::EC2::TrafficMirrorSession" ], "type": "string" }, @@ -93998,56 +99236,98 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::LoadBalancer.LoadBalancerAttribute": { + "AWS::EC2::TrafficMirrorTarget": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The name of the attribute.\n\nThe following attributes are supported by all load balancers:\n\n- `deletion_protection.enabled` - Indicates whether deletion protection is enabled. The value is `true` or `false` . The default is `false` .\n- `load_balancing.cross_zone.enabled` - Indicates whether cross-zone load balancing is enabled. The possible values are `true` and `false` . The default for Network Load Balancers and Gateway Load Balancers is `false` . The default for Application Load Balancers is `true` , and can't be changed.\n\nThe following attributes are supported by both Application Load Balancers and Network Load Balancers:\n\n- `access_logs.s3.enabled` - Indicates whether access logs are enabled. The value is `true` or `false` . The default is `false` .\n- `access_logs.s3.bucket` - The name of the S3 bucket for the access logs. This attribute is required if access logs are enabled. The bucket must exist in the same region as the load balancer and have a bucket policy that grants Elastic Load Balancing permissions to write to the bucket.\n- `access_logs.s3.prefix` - The prefix for the location in the S3 bucket for the access logs.\n- `ipv6.deny_all_igw_traffic` - Blocks internet gateway (IGW) access to the load balancer. It is set to `false` for internet-facing load balancers and `true` for internal load balancers, preventing unintended access to your internal load balancer through an internet gateway.\n- `zonal_shift.config.enabled` - Indicates whether zonal shift is enabled. The possible values are `true` and `false` . The default is `false` .\n\nThe following attributes are supported by only Application Load Balancers:\n\n- `idle_timeout.timeout_seconds` - The idle timeout value, in seconds. The valid range is 1-4000 seconds. The default is 60 seconds.\n- `client_keep_alive.seconds` - The client keep alive value, in seconds. The valid range is 60-604800 seconds. The default is 3600 seconds.\n- `connection_logs.s3.enabled` - Indicates whether connection logs are enabled. The value is `true` or `false` . The default is `false` .\n- `connection_logs.s3.bucket` - The name of the S3 bucket for the connection logs. This attribute is required if connection logs are enabled. The bucket must exist in the same region as the load balancer and have a bucket policy that grants Elastic Load Balancing permissions to write to the bucket.\n- `connection_logs.s3.prefix` - The prefix for the location in the S3 bucket for the connection logs.\n- `routing.http.desync_mitigation_mode` - Determines how the load balancer handles requests that might pose a security risk to your application. The possible values are `monitor` , `defensive` , and `strictest` . The default is `defensive` .\n- `routing.http.drop_invalid_header_fields.enabled` - Indicates whether HTTP headers with invalid header fields are removed by the load balancer ( `true` ) or routed to targets ( `false` ). The default is `false` .\n- `routing.http.preserve_host_header.enabled` - Indicates whether the Application Load Balancer should preserve the `Host` header in the HTTP request and send it to the target without any change. The possible values are `true` and `false` . The default is `false` .\n- `routing.http.x_amzn_tls_version_and_cipher_suite.enabled` - Indicates whether the two headers ( `x-amzn-tls-version` and `x-amzn-tls-cipher-suite` ), which contain information about the negotiated TLS version and cipher suite, are added to the client request before sending it to the target. The `x-amzn-tls-version` header has information about the TLS protocol version negotiated with the client, and the `x-amzn-tls-cipher-suite` header has information about the cipher suite negotiated with the client. Both headers are in OpenSSL format. The possible values for the attribute are `true` and `false` . The default is `false` .\n- `routing.http.xff_client_port.enabled` - Indicates whether the `X-Forwarded-For` header should preserve the source port that the client used to connect to the load balancer. The possible values are `true` and `false` . The default is `false` .\n- `routing.http.xff_header_processing.mode` - Enables you to modify, preserve, or remove the `X-Forwarded-For` header in the HTTP request before the Application Load Balancer sends the request to the target. The possible values are `append` , `preserve` , and `remove` . The default is `append` .\n\n- If the value is `append` , the Application Load Balancer adds the client IP address (of the last hop) to the `X-Forwarded-For` header in the HTTP request before it sends it to targets.\n- If the value is `preserve` the Application Load Balancer preserves the `X-Forwarded-For` header in the HTTP request, and sends it to targets without any change.\n- If the value is `remove` , the Application Load Balancer removes the `X-Forwarded-For` header in the HTTP request before it sends it to targets.\n- `routing.http2.enabled` - Indicates whether HTTP/2 is enabled. The possible values are `true` and `false` . The default is `true` . Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens.\n- `waf.fail_open.enabled` - Indicates whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to AWS WAF. The possible values are `true` and `false` . The default is `false` .\n\nThe following attributes are supported by only Network Load Balancers:\n\n- `dns_record.client_routing_policy` - Indicates how traffic is distributed among the load balancer Availability Zones. The possible values are `availability_zone_affinity` with 100 percent zonal affinity, `partial_availability_zone_affinity` with 85 percent zonal affinity, and `any_availability_zone` with 0 percent zonal affinity.", - "title": "Key", + "Condition": { "type": "string" }, - "Value": { - "markdownDescription": "The value of the attribute.", - "title": "Value", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::LoadBalancer.SubnetMapping": { - "additionalProperties": false, - "properties": { - "AllocationId": { - "markdownDescription": "[Network Load Balancers] The allocation ID of the Elastic IP address for an internet-facing load balancer.", - "title": "AllocationId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "IPv6Address": { - "markdownDescription": "[Network Load Balancers] The IPv6 address.", - "title": "IPv6Address", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "PrivateIPv4Address": { - "markdownDescription": "[Network Load Balancers] The private IPv4 address for an internal load balancer.", - "title": "PrivateIPv4Address", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the Traffic Mirror target.", + "title": "Description", + "type": "string" + }, + "GatewayLoadBalancerEndpointId": { + "markdownDescription": "The ID of the Gateway Load Balancer endpoint.", + "title": "GatewayLoadBalancerEndpointId", + "type": "string" + }, + "NetworkInterfaceId": { + "markdownDescription": "The network interface ID that is associated with the target.", + "title": "NetworkInterfaceId", + "type": "string" + }, + "NetworkLoadBalancerArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Network Load Balancer that is associated with the target.", + "title": "NetworkLoadBalancerArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to assign to the Traffic Mirror target.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::EC2::TrafficMirrorTarget" + ], "type": "string" }, - "SubnetId": { - "markdownDescription": "The ID of the subnet.", - "title": "SubnetId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "SubnetId" + "Type" ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::TargetGroup": { + "AWS::EC2::TransitGateway": { "additionalProperties": false, "properties": { "Condition": { @@ -94082,108 +99362,75 @@ "Properties": { "additionalProperties": false, "properties": { - "HealthCheckEnabled": { - "markdownDescription": "Indicates whether health checks are enabled. If the target type is `lambda` , health checks are disabled by default but can be enabled. If the target type is `instance` , `ip` , or `alb` , health checks are always enabled and can't be disabled.", - "title": "HealthCheckEnabled", - "type": "boolean" - }, - "HealthCheckIntervalSeconds": { - "markdownDescription": "The approximate amount of time, in seconds, between health checks of an individual target. The range is 5-300. If the target group protocol is TCP, TLS, UDP, TCP_UDP, HTTP or HTTPS, the default is 30 seconds. If the target group protocol is GENEVE, the default is 10 seconds. If the target type is `lambda` , the default is 35 seconds.", - "title": "HealthCheckIntervalSeconds", + "AmazonSideAsn": { + "markdownDescription": "A private Autonomous System Number (ASN) for the Amazon side of a BGP session. The range is 64512 to 65534 for 16-bit ASNs. The default is 64512.", + "title": "AmazonSideAsn", "type": "number" }, - "HealthCheckPath": { - "markdownDescription": "[HTTP/HTTPS health checks] The destination for health checks on the targets.\n\n[HTTP1 or HTTP2 protocol version] The ping path. The default is /.\n\n[GRPC protocol version] The path of a custom health check method with the format /package.service/method. The default is / AWS .ALB/healthcheck.", - "title": "HealthCheckPath", + "AssociationDefaultRouteTableId": { + "markdownDescription": "The ID of the default association route table.", + "title": "AssociationDefaultRouteTableId", "type": "string" }, - "HealthCheckPort": { - "markdownDescription": "The port the load balancer uses when performing health checks on targets. If the protocol is HTTP, HTTPS, TCP, TLS, UDP, or TCP_UDP, the default is `traffic-port` , which is the port on which each target receives traffic from the load balancer. If the protocol is GENEVE, the default is port 80.", - "title": "HealthCheckPort", + "AutoAcceptSharedAttachments": { + "markdownDescription": "Enable or disable automatic acceptance of attachment requests. Disabled by default.", + "title": "AutoAcceptSharedAttachments", "type": "string" }, - "HealthCheckProtocol": { - "markdownDescription": "The protocol the load balancer uses when performing health checks on targets. For Application Load Balancers, the default is HTTP. For Network Load Balancers and Gateway Load Balancers, the default is TCP. The TCP protocol is not supported for health checks if the protocol of the target group is HTTP or HTTPS. The GENEVE, TLS, UDP, and TCP_UDP protocols are not supported for health checks.", - "title": "HealthCheckProtocol", + "DefaultRouteTableAssociation": { + "markdownDescription": "Enable or disable automatic association with the default association route table. Enabled by default. If `DefaultRouteTableAssociation` is set to enable, AWS Transit Gateway will create the default transit gateway route table.", + "title": "DefaultRouteTableAssociation", "type": "string" }, - "HealthCheckTimeoutSeconds": { - "markdownDescription": "The amount of time, in seconds, during which no response from a target means a failed health check. The range is 2\u2013120 seconds. For target groups with a protocol of HTTP, the default is 6 seconds. For target groups with a protocol of TCP, TLS or HTTPS, the default is 10 seconds. For target groups with a protocol of GENEVE, the default is 5 seconds. If the target type is `lambda` , the default is 30 seconds.", - "title": "HealthCheckTimeoutSeconds", - "type": "number" - }, - "HealthyThresholdCount": { - "markdownDescription": "The number of consecutive health check successes required before considering a target healthy. The range is 2-10. If the target group protocol is TCP, TCP_UDP, UDP, TLS, HTTP or HTTPS, the default is 5. For target groups with a protocol of GENEVE, the default is 5. If the target type is `lambda` , the default is 5.", - "title": "HealthyThresholdCount", - "type": "number" - }, - "IpAddressType": { - "markdownDescription": "The IP address type. The default value is `ipv4` .", - "title": "IpAddressType", + "DefaultRouteTablePropagation": { + "markdownDescription": "Enable or disable automatic propagation of routes to the default propagation route table. Enabled by default. If `DefaultRouteTablePropagation` is set to enable, AWS Transit Gateway will create the default transit gateway route table.", + "title": "DefaultRouteTablePropagation", "type": "string" }, - "Matcher": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::TargetGroup.Matcher", - "markdownDescription": "[HTTP/HTTPS health checks] The HTTP or gRPC codes to use when checking for a successful response from a target. For target groups with a protocol of TCP, TCP_UDP, UDP or TLS the range is 200-599. For target groups with a protocol of HTTP or HTTPS, the range is 200-499. For target groups with a protocol of GENEVE, the range is 200-399.", - "title": "Matcher" + "Description": { + "markdownDescription": "The description of the transit gateway.", + "title": "Description", + "type": "string" }, - "Name": { - "markdownDescription": "The name of the target group.\n\nThis name must be unique per region per account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen.", - "title": "Name", + "DnsSupport": { + "markdownDescription": "Enable or disable DNS support. Enabled by default.", + "title": "DnsSupport", "type": "string" }, - "Port": { - "markdownDescription": "The port on which the targets receive traffic. This port is used unless you specify a port override when registering the target. If the target is a Lambda function, this parameter does not apply. If the protocol is GENEVE, the supported port is 6081.", - "title": "Port", - "type": "number" + "MulticastSupport": { + "markdownDescription": "Indicates whether multicast is enabled on the transit gateway", + "title": "MulticastSupport", + "type": "string" }, - "Protocol": { - "markdownDescription": "The protocol to use for routing traffic to the targets. For Application Load Balancers, the supported protocols are HTTP and HTTPS. For Network Load Balancers, the supported protocols are TCP, TLS, UDP, or TCP_UDP. For Gateway Load Balancers, the supported protocol is GENEVE. A TCP_UDP listener must be associated with a TCP_UDP target group. If the target is a Lambda function, this parameter does not apply.", - "title": "Protocol", + "PropagationDefaultRouteTableId": { + "markdownDescription": "The ID of the default propagation route table.", + "title": "PropagationDefaultRouteTableId", "type": "string" }, - "ProtocolVersion": { - "markdownDescription": "[HTTP/HTTPS protocol] The protocol version. The possible values are `GRPC` , `HTTP1` , and `HTTP2` .", - "title": "ProtocolVersion", + "SecurityGroupReferencingSupport": { + "markdownDescription": "Enables you to reference a security group across VPCs attached to a transit gateway (TGW). Use this option to simplify security group management and control of instance-to-instance traffic across VPCs that are connected by transit gateway. You can also use this option to migrate from VPC peering (which was the only option that supported security group referencing) to transit gateways (which now also support security group referencing). This option is disabled by default and there are no additional costs to use this feature.\n\nFor important information about this feature, see [Create a transit gateway](https://docs.aws.amazon.com/vpc/latest/tgw/tgw-transit-gateways.html#create-tgw) in the *AWS Transit Gateway Guide* .", + "title": "SecurityGroupReferencingSupport", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags.", + "markdownDescription": "The tags for the transit gateway.", "title": "Tags", "type": "array" }, - "TargetGroupAttributes": { - "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::TargetGroup.TargetGroupAttribute" - }, - "markdownDescription": "The target group attributes. Attributes that you do not modify retain their current values.", - "title": "TargetGroupAttributes", - "type": "array" - }, - "TargetType": { - "markdownDescription": "The type of target that you must specify when registering targets with this target group. You can't specify targets for a target group using more than one target type.\n\n- `instance` - Register targets by instance ID. This is the default value.\n- `ip` - Register targets by IP address. You can specify IP addresses from the subnets of the virtual private cloud (VPC) for the target group, the RFC 1918 range (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16), and the RFC 6598 range (100.64.0.0/10). You can't specify publicly routable IP addresses.\n- `lambda` - Register a single Lambda function as a target.\n- `alb` - Register a single Application Load Balancer as a target.", - "title": "TargetType", - "type": "string" - }, - "Targets": { + "TransitGatewayCidrBlocks": { "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::TargetGroup.TargetDescription" + "type": "string" }, - "markdownDescription": "The targets.", - "title": "Targets", + "markdownDescription": "The transit gateway CIDR blocks.", + "title": "TransitGatewayCidrBlocks", "type": "array" }, - "UnhealthyThresholdCount": { - "markdownDescription": "The number of consecutive health check failures required before considering a target unhealthy. The range is 2-10. If the target group protocol is TCP, TCP_UDP, UDP, TLS, HTTP or HTTPS, the default is 2. For target groups with a protocol of GENEVE, the default is 2. If the target type is `lambda` , the default is 5.", - "title": "UnhealthyThresholdCount", - "type": "number" - }, - "VpcId": { - "markdownDescription": "The identifier of the virtual private cloud (VPC). If the target is a Lambda function, this parameter does not apply. Otherwise, this parameter is required.", - "title": "VpcId", + "VpnEcmpSupport": { + "markdownDescription": "Enable or disable Equal Cost Multipath Protocol support. Enabled by default.", + "title": "VpnEcmpSupport", "type": "string" } }, @@ -94191,7 +99438,7 @@ }, "Type": { "enum": [ - "AWS::ElasticLoadBalancingV2::TargetGroup" + "AWS::EC2::TransitGateway" ], "type": "string" }, @@ -94209,63 +99456,128 @@ ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::TargetGroup.Matcher": { + "AWS::EC2::TransitGatewayAttachment": { "additionalProperties": false, "properties": { - "GrpcCode": { - "markdownDescription": "You can specify values between 0 and 99. You can specify multiple values (for example, \"0,1\") or a range of values (for example, \"0-5\"). The default value is 12.", - "title": "GrpcCode", + "Condition": { "type": "string" }, - "HttpCode": { - "markdownDescription": "For Application Load Balancers, you can specify values between 200 and 499, with the default value being 200. You can specify multiple values (for example, \"200,202\") or a range of values (for example, \"200-299\").\n\nFor Network Load Balancers, you can specify values between 200 and 599, with the default value being 200-399. You can specify multiple values (for example, \"200,202\") or a range of values (for example, \"200-299\").\n\nFor Gateway Load Balancers, this must be \"200\u2013399\".\n\nNote that when using shorthand syntax, some values such as commas need to be escaped.", - "title": "HttpCode", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::TargetGroup.TargetDescription": { - "additionalProperties": false, - "properties": { - "AvailabilityZone": { - "markdownDescription": "An Availability Zone or `all` . This determines whether the target receives traffic from the load balancer nodes in the specified Availability Zone or from all enabled Availability Zones for the load balancer.\n\nFor Application Load Balancer target groups, the specified Availability Zone value is only applicable when cross-zone load balancing is off. Otherwise the parameter is ignored and treated as `all` .\n\nThis parameter is not supported if the target type of the target group is `instance` or `alb` .\n\nIf the target type is `ip` and the IP address is in a subnet of the VPC for the target group, the Availability Zone is automatically detected and this parameter is optional. If the IP address is outside the VPC, this parameter is required.\n\nFor Application Load Balancer target groups with cross-zone load balancing off, if the target type is `ip` and the IP address is outside of the VPC for the target group, this should be an Availability Zone inside the VPC for the target group.\n\nIf the target type is `lambda` , this parameter is optional and the only supported value is `all` .", - "title": "AvailabilityZone", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Id": { - "markdownDescription": "The ID of the target. If the target type of the target group is `instance` , specify an instance ID. If the target type is `ip` , specify an IP address. If the target type is `lambda` , specify the ARN of the Lambda function. If the target type is `alb` , specify the ARN of the Application Load Balancer target.", - "title": "Id", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Options": { + "$ref": "#/definitions/AWS::EC2::TransitGatewayAttachment.Options", + "markdownDescription": "The VPC attachment options.", + "title": "Options" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of one or more subnets. You can specify only one subnet per Availability Zone. You must specify at least one subnet, but we recommend that you specify two subnets for better availability. The transit gateway uses one IP address from each specified subnet.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the attachment.", + "title": "Tags", + "type": "array" + }, + "TransitGatewayId": { + "markdownDescription": "The ID of the transit gateway.", + "title": "TransitGatewayId", + "type": "string" + }, + "VpcId": { + "markdownDescription": "The ID of the VPC.", + "title": "VpcId", + "type": "string" + } + }, + "required": [ + "SubnetIds", + "TransitGatewayId", + "VpcId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::EC2::TransitGatewayAttachment" + ], "type": "string" }, - "Port": { - "markdownDescription": "The port on which the target is listening. If the target group protocol is GENEVE, the supported port is 6081. If the target type is `alb` , the targeted Application Load Balancer must have at least one listener whose port matches the target group port. This parameter is not used if the target is a Lambda function.", - "title": "Port", - "type": "number" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Id" + "Type", + "Properties" ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::TargetGroup.TargetGroupAttribute": { + "AWS::EC2::TransitGatewayAttachment.Options": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The name of the attribute.\n\nThe following attributes are supported by all load balancers:\n\n- `deregistration_delay.timeout_seconds` - The amount of time, in seconds, for Elastic Load Balancing to wait before changing the state of a deregistering target from `draining` to `unused` . The range is 0-3600 seconds. The default value is 300 seconds. If the target is a Lambda function, this attribute is not supported.\n- `stickiness.enabled` - Indicates whether target stickiness is enabled. The value is `true` or `false` . The default is `false` .\n- `stickiness.type` - Indicates the type of stickiness. The possible values are:\n\n- `lb_cookie` and `app_cookie` for Application Load Balancers.\n- `source_ip` for Network Load Balancers.\n- `source_ip_dest_ip` and `source_ip_dest_ip_proto` for Gateway Load Balancers.\n\nThe following attributes are supported by Application Load Balancers and Network Load Balancers:\n\n- `load_balancing.cross_zone.enabled` - Indicates whether cross zone load balancing is enabled. The value is `true` , `false` or `use_load_balancer_configuration` . The default is `use_load_balancer_configuration` .\n- `target_group_health.dns_failover.minimum_healthy_targets.count` - The minimum number of targets that must be healthy. If the number of healthy targets is below this value, mark the zone as unhealthy in DNS, so that traffic is routed only to healthy zones. The possible values are `off` or an integer from 1 to the maximum number of targets. The default is 1.\n- `target_group_health.dns_failover.minimum_healthy_targets.percentage` - The minimum percentage of targets that must be healthy. If the percentage of healthy targets is below this value, mark the zone as unhealthy in DNS, so that traffic is routed only to healthy zones. The possible values are `off` or an integer from 1 to 100. The default is `off` .\n- `target_group_health.unhealthy_state_routing.minimum_healthy_targets.count` - The minimum number of targets that must be healthy. If the number of healthy targets is below this value, send traffic to all targets, including unhealthy targets. The possible values are 1 to the maximum number of targets. The default is 1.\n- `target_group_health.unhealthy_state_routing.minimum_healthy_targets.percentage` - The minimum percentage of targets that must be healthy. If the percentage of healthy targets is below this value, send traffic to all targets, including unhealthy targets. The possible values are `off` or an integer from 1 to 100. The default is `off` .\n\nThe following attributes are supported only if the load balancer is an Application Load Balancer and the target is an instance or an IP address:\n\n- `load_balancing.algorithm.type` - The load balancing algorithm determines how the load balancer selects targets when routing requests. The value is `round_robin` , `least_outstanding_requests` , or `weighted_random` . The default is `round_robin` .\n- `load_balancing.algorithm.anomaly_mitigation` - Only available when `load_balancing.algorithm.type` is `weighted_random` . Indicates whether anomaly mitigation is enabled. The value is `on` or `off` . The default is `off` .\n- `slow_start.duration_seconds` - The time period, in seconds, during which a newly registered target receives an increasing share of the traffic to the target group. After this time period ends, the target receives its full share of traffic. The range is 30-900 seconds (15 minutes). The default is 0 seconds (disabled).\n- `stickiness.app_cookie.cookie_name` - Indicates the name of the application-based cookie. Names that start with the following prefixes are not allowed: `AWSALB` , `AWSALBAPP` , and `AWSALBTG` ; they're reserved for use by the load balancer.\n- `stickiness.app_cookie.duration_seconds` - The time period, in seconds, during which requests from a client should be routed to the same target. After this time period expires, the application-based cookie is considered stale. The range is 1 second to 1 week (604800 seconds). The default value is 1 day (86400 seconds).\n- `stickiness.lb_cookie.duration_seconds` - The time period, in seconds, during which requests from a client should be routed to the same target. After this time period expires, the load balancer-generated cookie is considered stale. The range is 1 second to 1 week (604800 seconds). The default value is 1 day (86400 seconds).\n\nThe following attribute is supported only if the load balancer is an Application Load Balancer and the target is a Lambda function:\n\n- `lambda.multi_value_headers.enabled` - Indicates whether the request and response headers that are exchanged between the load balancer and the Lambda function include arrays of values or strings. The value is `true` or `false` . The default is `false` . If the value is `false` and the request contains a duplicate header field name or query parameter key, the load balancer uses the last value sent by the client.\n\nThe following attributes are supported only by Network Load Balancers:\n\n- `deregistration_delay.connection_termination.enabled` - Indicates whether the load balancer terminates connections at the end of the deregistration timeout. The value is `true` or `false` . For new UDP/TCP_UDP target groups the default is `true` . Otherwise, the default is `false` .\n- `preserve_client_ip.enabled` - Indicates whether client IP preservation is enabled. The value is `true` or `false` . The default is disabled if the target group type is IP address and the target group protocol is TCP or TLS. Otherwise, the default is enabled. Client IP preservation can't be disabled for UDP and TCP_UDP target groups.\n- `proxy_protocol_v2.enabled` - Indicates whether Proxy Protocol version 2 is enabled. The value is `true` or `false` . The default is `false` .\n- `target_health_state.unhealthy.connection_termination.enabled` - Indicates whether the load balancer terminates connections to unhealthy targets. The value is `true` or `false` . The default is `true` . This attribute can't be enabled for UDP and TCP_UDP target groups.\n- `target_health_state.unhealthy.draining_interval_seconds` - The amount of time for Elastic Load Balancing to wait before changing the state of an unhealthy target from `unhealthy.draining` to `unhealthy` . The range is 0-360000 seconds. The default value is 0 seconds.\n\nNote: This attribute can only be configured when `target_health_state.unhealthy.connection_termination.enabled` is `false` .\n\nThe following attributes are supported only by Gateway Load Balancers:\n\n- `target_failover.on_deregistration` - Indicates how the Gateway Load Balancer handles existing flows when a target is deregistered. The possible values are `rebalance` and `no_rebalance` . The default is `no_rebalance` . The two attributes ( `target_failover.on_deregistration` and `target_failover.on_unhealthy` ) can't be set independently. The value you set for both attributes must be the same.\n- `target_failover.on_unhealthy` - Indicates how the Gateway Load Balancer handles existing flows when a target is unhealthy. The possible values are `rebalance` and `no_rebalance` . The default is `no_rebalance` . The two attributes ( `target_failover.on_deregistration` and `target_failover.on_unhealthy` ) can't be set independently. The value you set for both attributes must be the same.", - "title": "Key", + "ApplianceModeSupport": { + "markdownDescription": "Enable or disable appliance mode support. The default is `disable` .", + "title": "ApplianceModeSupport", "type": "string" }, - "Value": { - "markdownDescription": "The value of the attribute.", - "title": "Value", + "DnsSupport": { + "markdownDescription": "Enable or disable DNS support. The default is `disable` .", + "title": "DnsSupport", + "type": "string" + }, + "Ipv6Support": { + "markdownDescription": "Enable or disable IPv6 support. The default is `disable` .", + "title": "Ipv6Support", + "type": "string" + }, + "SecurityGroupReferencingSupport": { + "markdownDescription": "Enables you to reference a security group across VPCs attached to a transit gateway (TGW). Use this option to simplify security group management and control of instance-to-instance traffic across VPCs that are connected by transit gateway. You can also use this option to migrate from VPC peering (which was the only option that supported security group referencing) to transit gateways (which now also support security group referencing). This option is disabled by default and there are no additional costs to use this feature.\n\nFor important information about this feature, see [Create a transit gateway](https://docs.aws.amazon.com/vpc/latest/tgw/tgw-transit-gateways.html#create-tgw) in the *AWS Transit Gateway Guide* .", + "title": "SecurityGroupReferencingSupport", "type": "string" } }, "type": "object" }, - "AWS::ElasticLoadBalancingV2::TrustStore": { + "AWS::EC2::TransitGatewayConnect": { "additionalProperties": false, "properties": { "Condition": { @@ -94300,40 +99612,34 @@ "Properties": { "additionalProperties": false, "properties": { - "CaCertificatesBundleS3Bucket": { - "markdownDescription": "The Amazon S3 bucket for the ca certificates bundle.", - "title": "CaCertificatesBundleS3Bucket", - "type": "string" - }, - "CaCertificatesBundleS3Key": { - "markdownDescription": "The Amazon S3 path for the ca certificates bundle.", - "title": "CaCertificatesBundleS3Key", - "type": "string" - }, - "CaCertificatesBundleS3ObjectVersion": { - "markdownDescription": "The Amazon S3 object version for the ca certificates bundle. If undefined the current version is used.", - "title": "CaCertificatesBundleS3ObjectVersion", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the trust store.", - "title": "Name", - "type": "string" + "Options": { + "$ref": "#/definitions/AWS::EC2::TransitGatewayConnect.TransitGatewayConnectOptions", + "markdownDescription": "The Connect attachment options.\n\n- protocol (gre)", + "title": "Options" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to assign to the trust store.", + "markdownDescription": "The tags for the attachment.", "title": "Tags", "type": "array" + }, + "TransportTransitGatewayAttachmentId": { + "markdownDescription": "The ID of the attachment from which the Connect attachment was created.", + "title": "TransportTransitGatewayAttachmentId", + "type": "string" } }, + "required": [ + "Options", + "TransportTransitGatewayAttachmentId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::ElasticLoadBalancingV2::TrustStore" + "AWS::EC2::TransitGatewayConnect" ], "type": "string" }, @@ -94347,11 +99653,23 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::TrustStoreRevocation": { + "AWS::EC2::TransitGatewayConnect.TransitGatewayConnectOptions": { + "additionalProperties": false, + "properties": { + "Protocol": { + "markdownDescription": "The tunnel protocol.", + "title": "Protocol", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::TransitGatewayMulticastDomain": { "additionalProperties": false, "properties": { "Condition": { @@ -94386,25 +99704,33 @@ "Properties": { "additionalProperties": false, "properties": { - "RevocationContents": { + "Options": { + "$ref": "#/definitions/AWS::EC2::TransitGatewayMulticastDomain.Options", + "markdownDescription": "The options for the transit gateway multicast domain.\n\n- AutoAcceptSharedAssociations (enable | disable)\n- Igmpv2Support (enable | disable)\n- StaticSourcesSupport (enable | disable)", + "title": "Options" + }, + "Tags": { "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::TrustStoreRevocation.RevocationContent" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The revocation file to add.", - "title": "RevocationContents", + "markdownDescription": "The tags for the transit gateway multicast domain.", + "title": "Tags", "type": "array" }, - "TrustStoreArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the trust store.", - "title": "TrustStoreArn", + "TransitGatewayId": { + "markdownDescription": "The ID of the transit gateway.", + "title": "TransitGatewayId", "type": "string" } }, + "required": [ + "TransitGatewayId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::ElasticLoadBalancingV2::TrustStoreRevocation" + "AWS::EC2::TransitGatewayMulticastDomain" ], "type": "string" }, @@ -94418,63 +99744,33 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::TrustStoreRevocation.RevocationContent": { - "additionalProperties": false, - "properties": { - "RevocationType": { - "markdownDescription": "The type of revocation file.", - "title": "RevocationType", - "type": "string" - }, - "S3Bucket": { - "markdownDescription": "The Amazon S3 bucket for the revocation file.", - "title": "S3Bucket", - "type": "string" - }, - "S3Key": { - "markdownDescription": "The Amazon S3 path for the revocation file.", - "title": "S3Key", - "type": "string" - }, - "S3ObjectVersion": { - "markdownDescription": "The Amazon S3 object version of the revocation file.", - "title": "S3ObjectVersion", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::TrustStoreRevocation.TrustStoreRevocation": { + "AWS::EC2::TransitGatewayMulticastDomain.Options": { "additionalProperties": false, "properties": { - "NumberOfRevokedEntries": { - "markdownDescription": "The number of revoked certificates.", - "title": "NumberOfRevokedEntries", - "type": "number" - }, - "RevocationId": { - "markdownDescription": "The revocation ID of the revocation file.", - "title": "RevocationId", + "AutoAcceptSharedAssociations": { + "markdownDescription": "Indicates whether to automatically accept cross-account subnet associations that are associated with the transit gateway multicast domain.", + "title": "AutoAcceptSharedAssociations", "type": "string" }, - "RevocationType": { - "markdownDescription": "The type of revocation file.", - "title": "RevocationType", + "Igmpv2Support": { + "markdownDescription": "Specify whether to enable Internet Group Management Protocol (IGMP) version 2 for the transit gateway multicast domain.", + "title": "Igmpv2Support", "type": "string" }, - "TrustStoreArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the trust store.", - "title": "TrustStoreArn", + "StaticSourcesSupport": { + "markdownDescription": "Specify whether to enable support for statically configuring multicast group sources for a domain.", + "title": "StaticSourcesSupport", "type": "string" } }, "type": "object" }, - "AWS::Elasticsearch::Domain": { + "AWS::EC2::TransitGatewayMulticastDomainAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -94509,102 +99805,32 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessPolicies": { - "markdownDescription": "An AWS Identity and Access Management ( IAM ) policy document that specifies who can access the OpenSearch Service domain and their permissions. For more information, see [Configuring access policies](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ac.html#ac-creating) in the *Amazon OpenSearch Service Developer Guid* e.", - "title": "AccessPolicies", - "type": "object" - }, - "AdvancedOptions": { - "additionalProperties": true, - "markdownDescription": "Additional options to specify for the OpenSearch Service domain. For more information, see [Advanced cluster parameters](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/createupdatedomains.html#createdomain-configure-advanced-options) in the *Amazon OpenSearch Service Developer Guide* .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "AdvancedOptions", - "type": "object" - }, - "AdvancedSecurityOptions": { - "$ref": "#/definitions/AWS::Elasticsearch::Domain.AdvancedSecurityOptionsInput", - "markdownDescription": "Specifies options for fine-grained access control.", - "title": "AdvancedSecurityOptions" - }, - "CognitoOptions": { - "$ref": "#/definitions/AWS::Elasticsearch::Domain.CognitoOptions", - "markdownDescription": "Configures OpenSearch Service to use Amazon Cognito authentication for OpenSearch Dashboards.", - "title": "CognitoOptions" - }, - "DomainEndpointOptions": { - "$ref": "#/definitions/AWS::Elasticsearch::Domain.DomainEndpointOptions", - "markdownDescription": "Specifies additional options for the domain endpoint, such as whether to require HTTPS for all traffic or whether to use a custom endpoint rather than the default endpoint.", - "title": "DomainEndpointOptions" - }, - "DomainName": { - "markdownDescription": "A name for the OpenSearch Service domain. For valid values, see the [DomainName](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-datatypes-domainname) data type in the *Amazon OpenSearch Service Developer Guide* . If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the domain name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "DomainName", + "SubnetId": { + "markdownDescription": "The IDs of the subnets to associate with the transit gateway multicast domain.", + "title": "SubnetId", "type": "string" }, - "EBSOptions": { - "$ref": "#/definitions/AWS::Elasticsearch::Domain.EBSOptions", - "markdownDescription": "The configurations of Amazon Elastic Block Store (Amazon EBS) volumes that are attached to data nodes in the OpenSearch Service domain. For more information, see [EBS volume size limits](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/limits.html#ebsresource) in the *Amazon OpenSearch Service Developer Guide* .", - "title": "EBSOptions" - }, - "ElasticsearchClusterConfig": { - "$ref": "#/definitions/AWS::Elasticsearch::Domain.ElasticsearchClusterConfig", - "markdownDescription": "ElasticsearchClusterConfig is a property of the AWS::Elasticsearch::Domain resource that configures the cluster of an Amazon OpenSearch Service domain.", - "title": "ElasticsearchClusterConfig" - }, - "ElasticsearchVersion": { - "markdownDescription": "The version of Elasticsearch to use, such as 2.3. If not specified, 1.5 is used as the default. For information about the versions that OpenSearch Service supports, see [Supported versions of OpenSearch and Elasticsearch](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/what-is.html#choosing-version) in the *Amazon OpenSearch Service Developer Guide* .\n\nIf you set the [EnableVersionUpgrade](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-upgradeopensearchdomain) update policy to `true` , you can update `ElasticsearchVersion` without interruption. When `EnableVersionUpgrade` is set to `false` , or is not specified, updating `ElasticsearchVersion` results in [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "ElasticsearchVersion", + "TransitGatewayAttachmentId": { + "markdownDescription": "The ID of the transit gateway attachment.", + "title": "TransitGatewayAttachmentId", "type": "string" }, - "EncryptionAtRestOptions": { - "$ref": "#/definitions/AWS::Elasticsearch::Domain.EncryptionAtRestOptions", - "markdownDescription": "Whether the domain should encrypt data at rest, and if so, the AWS Key Management Service key to use. See [Encryption of data at rest for Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/encryption-at-rest.html) .", - "title": "EncryptionAtRestOptions" - }, - "LogPublishingOptions": { - "additionalProperties": false, - "markdownDescription": "An object with one or more of the following keys: `SEARCH_SLOW_LOGS` , `ES_APPLICATION_LOGS` , `INDEX_SLOW_LOGS` , `AUDIT_LOGS` , depending on the types of logs you want to publish. Each key needs a valid `LogPublishingOption` value.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::Elasticsearch::Domain.LogPublishingOption" - } - }, - "title": "LogPublishingOptions", - "type": "object" - }, - "NodeToNodeEncryptionOptions": { - "$ref": "#/definitions/AWS::Elasticsearch::Domain.NodeToNodeEncryptionOptions", - "markdownDescription": "Specifies whether node-to-node encryption is enabled. See [Node-to-node encryption for Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ntn.html) .", - "title": "NodeToNodeEncryptionOptions" - }, - "SnapshotOptions": { - "$ref": "#/definitions/AWS::Elasticsearch::Domain.SnapshotOptions", - "markdownDescription": "*DEPRECATED* . The automated snapshot configuration for the OpenSearch Service domain indices.", - "title": "SnapshotOptions" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An arbitrary set of tags (key\u2013value pairs) to associate with the OpenSearch Service domain.", - "title": "Tags", - "type": "array" - }, - "VPCOptions": { - "$ref": "#/definitions/AWS::Elasticsearch::Domain.VPCOptions", - "markdownDescription": "The virtual private cloud (VPC) configuration for the OpenSearch Service domain. For more information, see [Launching your Amazon OpenSearch Service domains within a VPC](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/vpc.html) in the *Amazon OpenSearch Service Developer Guide* .", - "title": "VPCOptions" + "TransitGatewayMulticastDomainId": { + "markdownDescription": "The ID of the transit gateway multicast domain.", + "title": "TransitGatewayMulticastDomainId", + "type": "string" } }, + "required": [ + "SubnetId", + "TransitGatewayAttachmentId", + "TransitGatewayMulticastDomainId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Elasticsearch::Domain" + "AWS::EC2::TransitGatewayMulticastDomainAssociation" ], "type": "string" }, @@ -94618,300 +99844,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Elasticsearch::Domain.AdvancedSecurityOptionsInput": { - "additionalProperties": false, - "properties": { - "AnonymousAuthEnabled": { - "markdownDescription": "", - "title": "AnonymousAuthEnabled", - "type": "boolean" - }, - "Enabled": { - "markdownDescription": "True to enable fine-grained access control. You must also enable encryption of data at rest and node-to-node encryption.", - "title": "Enabled", - "type": "boolean" - }, - "InternalUserDatabaseEnabled": { - "markdownDescription": "True to enable the internal user database.", - "title": "InternalUserDatabaseEnabled", - "type": "boolean" - }, - "MasterUserOptions": { - "$ref": "#/definitions/AWS::Elasticsearch::Domain.MasterUserOptions", - "markdownDescription": "Specifies information about the master user.", - "title": "MasterUserOptions" - } - }, - "type": "object" - }, - "AWS::Elasticsearch::Domain.CognitoOptions": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Whether to enable or disable Amazon Cognito authentication for OpenSearch Dashboards. See [Amazon Cognito authentication for OpenSearch Dashboards](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/cognito-auth.html) .", - "title": "Enabled", - "type": "boolean" - }, - "IdentityPoolId": { - "markdownDescription": "The Amazon Cognito identity pool ID that you want OpenSearch Service to use for OpenSearch Dashboards authentication. Required if you enable Cognito authentication.", - "title": "IdentityPoolId", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The `AmazonESCognitoAccess` role that allows OpenSearch Service to configure your user pool and identity pool. Required if you enable Cognito authentication.", - "title": "RoleArn", - "type": "string" - }, - "UserPoolId": { - "markdownDescription": "The Amazon Cognito user pool ID that you want OpenSearch Service to use for OpenSearch Dashboards authentication. Required if you enable Cognito authentication.", - "title": "UserPoolId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Elasticsearch::Domain.ColdStorageOptions": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Whether to enable or disable cold storage on the domain. You must enable UltraWarm storage in order to enable cold storage.", - "title": "Enabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::Elasticsearch::Domain.DomainEndpointOptions": { - "additionalProperties": false, - "properties": { - "CustomEndpoint": { - "markdownDescription": "The fully qualified URL for your custom endpoint. Required if you enabled a custom endpoint for the domain.", - "title": "CustomEndpoint", - "type": "string" - }, - "CustomEndpointCertificateArn": { - "markdownDescription": "The AWS Certificate Manager ARN for your domain's SSL/TLS certificate. Required if you enabled a custom endpoint for the domain.", - "title": "CustomEndpointCertificateArn", - "type": "string" - }, - "CustomEndpointEnabled": { - "markdownDescription": "True to enable a custom endpoint for the domain. If enabled, you must also provide values for `CustomEndpoint` and `CustomEndpointCertificateArn` .", - "title": "CustomEndpointEnabled", - "type": "boolean" - }, - "EnforceHTTPS": { - "markdownDescription": "True to require that all traffic to the domain arrive over HTTPS.", - "title": "EnforceHTTPS", - "type": "boolean" - }, - "TLSSecurityPolicy": { - "markdownDescription": "The minimum TLS version required for traffic to the domain. Valid values are TLS 1.3 (recommended) or 1.2:\n\n- `Policy-Min-TLS-1-0-2019-07`\n- `Policy-Min-TLS-1-2-2019-07`", - "title": "TLSSecurityPolicy", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Elasticsearch::Domain.EBSOptions": { - "additionalProperties": false, - "properties": { - "EBSEnabled": { - "markdownDescription": "Specifies whether Amazon EBS volumes are attached to data nodes in the OpenSearch Service domain.", - "title": "EBSEnabled", - "type": "boolean" - }, - "Iops": { - "markdownDescription": "The number of I/O operations per second (IOPS) that the volume supports. This property applies only to provisioned IOPS EBS volume types.", - "title": "Iops", - "type": "number" - }, - "VolumeSize": { - "markdownDescription": "The size (in GiB) of the EBS volume for each data node. The minimum and maximum size of an EBS volume depends on the EBS volume type and the instance type to which it is attached. For more information, see [EBS volume size limits](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/limits.html#ebsresource) in the *Amazon OpenSearch Service Developer Guide* .", - "title": "VolumeSize", - "type": "number" - }, - "VolumeType": { - "markdownDescription": "The EBS volume type to use with the OpenSearch Service domain, such as standard, gp2, or io1. For more information about each type, see [Amazon EBS volume types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) in the *Amazon EC2 User Guide for Linux Instances* .", - "title": "VolumeType", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Elasticsearch::Domain.ElasticsearchClusterConfig": { - "additionalProperties": false, - "properties": { - "ColdStorageOptions": { - "$ref": "#/definitions/AWS::Elasticsearch::Domain.ColdStorageOptions", - "markdownDescription": "Specifies cold storage options for the domain.", - "title": "ColdStorageOptions" - }, - "DedicatedMasterCount": { - "markdownDescription": "The number of instances to use for the master node. If you specify this property, you must specify true for the DedicatedMasterEnabled property.", - "title": "DedicatedMasterCount", - "type": "number" - }, - "DedicatedMasterEnabled": { - "markdownDescription": "Indicates whether to use a dedicated master node for the OpenSearch Service domain. A dedicated master node is a cluster node that performs cluster management tasks, but doesn't hold data or respond to data upload requests. Dedicated master nodes offload cluster management tasks to increase the stability of your search clusters. See [Dedicated master nodes in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-dedicatedmasternodes.html) .", - "title": "DedicatedMasterEnabled", - "type": "boolean" - }, - "DedicatedMasterType": { - "markdownDescription": "The hardware configuration of the computer that hosts the dedicated master node, such as `m3.medium.elasticsearch` . If you specify this property, you must specify true for the `DedicatedMasterEnabled` property. For valid values, see [Supported instance types in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/supported-instance-types.html) .", - "title": "DedicatedMasterType", - "type": "string" - }, - "InstanceCount": { - "markdownDescription": "The number of data nodes (instances) to use in the OpenSearch Service domain.", - "title": "InstanceCount", - "type": "number" - }, - "InstanceType": { - "markdownDescription": "The instance type for your data nodes, such as `m3.medium.elasticsearch` . For valid values, see [Supported instance types in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/supported-instance-types.html) .", - "title": "InstanceType", - "type": "string" - }, - "WarmCount": { - "markdownDescription": "The number of warm nodes in the cluster. Required if you enable warm storage.", - "title": "WarmCount", - "type": "number" - }, - "WarmEnabled": { - "markdownDescription": "Whether to enable warm storage for the cluster.", - "title": "WarmEnabled", - "type": "boolean" - }, - "WarmType": { - "markdownDescription": "The instance type for the cluster's warm nodes. Required if you enable warm storage.", - "title": "WarmType", - "type": "string" - }, - "ZoneAwarenessConfig": { - "$ref": "#/definitions/AWS::Elasticsearch::Domain.ZoneAwarenessConfig", - "markdownDescription": "Specifies zone awareness configuration options. Only use if `ZoneAwarenessEnabled` is `true` .", - "title": "ZoneAwarenessConfig" - }, - "ZoneAwarenessEnabled": { - "markdownDescription": "Indicates whether to enable zone awareness for the OpenSearch Service domain. When you enable zone awareness, OpenSearch Service allocates the nodes and replica index shards that belong to a cluster across two Availability Zones (AZs) in the same region to prevent data loss and minimize downtime in the event of node or data center failure. Don't enable zone awareness if your cluster has no replica index shards or is a single-node cluster. For more information, see [Configuring a multi-AZ domain in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-multiaz.html) .", - "title": "ZoneAwarenessEnabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::Elasticsearch::Domain.EncryptionAtRestOptions": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Specify `true` to enable encryption at rest.", - "title": "Enabled", - "type": "boolean" - }, - "KmsKeyId": { - "markdownDescription": "The KMS key ID. Takes the form `1a2a3a4-1a2a-3a4a-5a6a-1a2a3a4a5a6a` . Required if you enable encryption at rest.", - "title": "KmsKeyId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Elasticsearch::Domain.LogPublishingOption": { - "additionalProperties": false, - "properties": { - "CloudWatchLogsLogGroupArn": { - "markdownDescription": "Specifies the CloudWatch log group to publish to. Required if you enable log publishing for the domain.", - "title": "CloudWatchLogsLogGroupArn", - "type": "string" - }, - "Enabled": { - "markdownDescription": "If `true` , enables the publishing of logs to CloudWatch.\n\nDefault: `false` .", - "title": "Enabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::Elasticsearch::Domain.MasterUserOptions": { - "additionalProperties": false, - "properties": { - "MasterUserARN": { - "markdownDescription": "ARN for the master user. Only specify if `InternalUserDatabaseEnabled` is false in `AdvancedSecurityOptions` .", - "title": "MasterUserARN", - "type": "string" - }, - "MasterUserName": { - "markdownDescription": "Username for the master user. Only specify if `InternalUserDatabaseEnabled` is true in `AdvancedSecurityOptions` .", - "title": "MasterUserName", - "type": "string" - }, - "MasterUserPassword": { - "markdownDescription": "Password for the master user. Only specify if `InternalUserDatabaseEnabled` is true in `AdvancedSecurityOptions` .", - "title": "MasterUserPassword", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Elasticsearch::Domain.NodeToNodeEncryptionOptions": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Specifies whether node-to-node encryption is enabled, as a Boolean.", - "title": "Enabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::Elasticsearch::Domain.SnapshotOptions": { - "additionalProperties": false, - "properties": { - "AutomatedSnapshotStartHour": { - "markdownDescription": "The hour in UTC during which the service takes an automated daily snapshot of the indices in the OpenSearch Service domain. For example, if you specify 0, OpenSearch Service takes an automated snapshot everyday between midnight and 1 am. You can specify a value between 0 and 23.", - "title": "AutomatedSnapshotStartHour", - "type": "number" - } - }, - "type": "object" - }, - "AWS::Elasticsearch::Domain.VPCOptions": { - "additionalProperties": false, - "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of security group IDs that are associated with the VPC endpoints for the domain. If you don't provide a security group ID, OpenSearch Service uses the default security group for the VPC. To learn more, see [Security groups for your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) in the *Amazon VPC User Guide* .", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "Provide one subnet ID for each Availability Zone that your domain uses. For example, you must specify three subnet IDs for a three Availability Zone domain. To learn more, see [VPCs and subnets](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) in the *Amazon VPC User Guide* .\n\nRequired if you're creating your domain inside a VPC.", - "title": "SubnetIds", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Elasticsearch::Domain.ZoneAwarenessConfig": { - "additionalProperties": false, - "properties": { - "AvailabilityZoneCount": { - "markdownDescription": "If you enabled multiple Availability Zones (AZs), the number of AZs that you want the domain to use.\n\nValid values are `2` and `3` . Default is 2.", - "title": "AvailabilityZoneCount", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EntityResolution::IdMappingWorkflow": { + "AWS::EC2::TransitGatewayMulticastGroupMember": { "additionalProperties": false, "properties": { "Condition": { @@ -94946,62 +99884,32 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the workflow.", - "title": "Description", + "GroupIpAddress": { + "markdownDescription": "The IP address assigned to the transit gateway multicast group.", + "title": "GroupIpAddress", "type": "string" }, - "IdMappingTechniques": { - "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow.IdMappingTechniques", - "markdownDescription": "An object which defines the ID mapping technique and any additional configurations.", - "title": "IdMappingTechniques" - }, - "InputSourceConfig": { - "items": { - "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow.IdMappingWorkflowInputSource" - }, - "markdownDescription": "A list of `InputSource` objects, which have the fields `InputSourceARN` and `SchemaName` .", - "title": "InputSourceConfig", - "type": "array" - }, - "OutputSourceConfig": { - "items": { - "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow.IdMappingWorkflowOutputSource" - }, - "markdownDescription": "A list of `IdMappingWorkflowOutputSource` objects, each of which contains fields `OutputS3Path` and `Output` .", - "title": "OutputSourceConfig", - "type": "array" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role. AWS Entity Resolution assumes this role to create resources on your behalf as part of workflow execution.", - "title": "RoleArn", + "NetworkInterfaceId": { + "markdownDescription": "The group members' network interface IDs to register with the transit gateway multicast group.", + "title": "NetworkInterfaceId", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags used to organize, track, or control access for this resource.", - "title": "Tags", - "type": "array" - }, - "WorkflowName": { - "markdownDescription": "The name of the workflow. There can't be multiple `IdMappingWorkflows` with the same name.", - "title": "WorkflowName", + "TransitGatewayMulticastDomainId": { + "markdownDescription": "The ID of the transit gateway multicast domain.", + "title": "TransitGatewayMulticastDomainId", "type": "string" } }, "required": [ - "IdMappingTechniques", - "InputSourceConfig", - "RoleArn", - "WorkflowName" + "GroupIpAddress", + "NetworkInterfaceId", + "TransitGatewayMulticastDomainId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EntityResolution::IdMappingWorkflow" + "AWS::EC2::TransitGatewayMulticastGroupMember" ], "type": "string" }, @@ -95020,110 +99928,7 @@ ], "type": "object" }, - "AWS::EntityResolution::IdMappingWorkflow.IdMappingTechniques": { - "additionalProperties": false, - "properties": { - "IdMappingType": { - "markdownDescription": "The type of ID mapping.", - "title": "IdMappingType", - "type": "string" - }, - "ProviderProperties": { - "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow.ProviderProperties", - "markdownDescription": "An object which defines any additional configurations required by the provider service.", - "title": "ProviderProperties" - } - }, - "type": "object" - }, - "AWS::EntityResolution::IdMappingWorkflow.IdMappingWorkflowInputSource": { - "additionalProperties": false, - "properties": { - "InputSourceARN": { - "markdownDescription": "An AWS Glue table Amazon Resource Name (ARN) or a matching workflow ARN for the input source table.", - "title": "InputSourceARN", - "type": "string" - }, - "SchemaArn": { - "markdownDescription": "The ARN (Amazon Resource Name) that AWS Entity Resolution generated for the `SchemaMapping` .", - "title": "SchemaArn", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of ID namespace. There are two types: `SOURCE` and `TARGET` .\n\nThe `SOURCE` contains configurations for `sourceId` data that will be processed in an ID mapping workflow.\n\nThe `TARGET` contains a configuration of `targetId` which all `sourceIds` will resolve to.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "InputSourceARN" - ], - "type": "object" - }, - "AWS::EntityResolution::IdMappingWorkflow.IdMappingWorkflowOutputSource": { - "additionalProperties": false, - "properties": { - "KMSArn": { - "markdownDescription": "Customer AWS KMS ARN for encryption at rest. If not provided, system will use an AWS Entity Resolution managed KMS key.", - "title": "KMSArn", - "type": "string" - }, - "OutputS3Path": { - "markdownDescription": "The S3 path to which AWS Entity Resolution will write the output table.", - "title": "OutputS3Path", - "type": "string" - } - }, - "required": [ - "OutputS3Path" - ], - "type": "object" - }, - "AWS::EntityResolution::IdMappingWorkflow.IntermediateSourceConfiguration": { - "additionalProperties": false, - "properties": { - "IntermediateS3Path": { - "markdownDescription": "The Amazon S3 location (bucket and prefix). For example: `s3://provider_bucket/DOC-EXAMPLE-BUCKET`", - "title": "IntermediateS3Path", - "type": "string" - } - }, - "required": [ - "IntermediateS3Path" - ], - "type": "object" - }, - "AWS::EntityResolution::IdMappingWorkflow.ProviderProperties": { - "additionalProperties": false, - "properties": { - "IntermediateSourceConfiguration": { - "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow.IntermediateSourceConfiguration", - "markdownDescription": "The Amazon S3 location that temporarily stores your data while it processes. Your information won't be saved permanently.", - "title": "IntermediateSourceConfiguration" - }, - "ProviderConfiguration": { - "additionalProperties": true, - "markdownDescription": "The required configuration fields to use with the provider service.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "ProviderConfiguration", - "type": "object" - }, - "ProviderServiceArn": { - "markdownDescription": "The ARN of the provider service.", - "title": "ProviderServiceArn", - "type": "string" - } - }, - "required": [ - "ProviderServiceArn" - ], - "type": "object" - }, - "AWS::EntityResolution::IdNamespace": { + "AWS::EC2::TransitGatewayMulticastGroupSource": { "additionalProperties": false, "properties": { "Condition": { @@ -95158,60 +99963,32 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the ID namespace.", - "title": "Description", - "type": "string" - }, - "IdMappingWorkflowProperties": { - "items": { - "$ref": "#/definitions/AWS::EntityResolution::IdNamespace.IdNamespaceIdMappingWorkflowProperties" - }, - "markdownDescription": "Determines the properties of `IdMappingWorflow` where this `IdNamespace` can be used as a `Source` or a `Target` .", - "title": "IdMappingWorkflowProperties", - "type": "array" - }, - "IdNamespaceName": { - "markdownDescription": "The name of the ID namespace.", - "title": "IdNamespaceName", + "GroupIpAddress": { + "markdownDescription": "The IP address assigned to the transit gateway multicast group.", + "title": "GroupIpAddress", "type": "string" }, - "InputSourceConfig": { - "items": { - "$ref": "#/definitions/AWS::EntityResolution::IdNamespace.IdNamespaceInputSource" - }, - "markdownDescription": "A list of `InputSource` objects, which have the fields `InputSourceARN` and `SchemaName` .", - "title": "InputSourceConfig", - "type": "array" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role. AWS Entity Resolution assumes this role to access the resources defined in this `IdNamespace` on your behalf as part of the workflow run.", - "title": "RoleArn", + "NetworkInterfaceId": { + "markdownDescription": "The group sources' network interface IDs to register with the transit gateway multicast group.", + "title": "NetworkInterfaceId", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags used to organize, track, or control access for this resource.", - "title": "Tags", - "type": "array" - }, - "Type": { - "markdownDescription": "The type of ID namespace. There are two types: `SOURCE` and `TARGET` .\n\nThe `SOURCE` contains configurations for `sourceId` data that will be processed in an ID mapping workflow.\n\nThe `TARGET` contains a configuration of `targetId` which all `sourceIds` will resolve to.", - "title": "Type", + "TransitGatewayMulticastDomainId": { + "markdownDescription": "The ID of the transit gateway multicast domain.", + "title": "TransitGatewayMulticastDomainId", "type": "string" } }, "required": [ - "IdNamespaceName", - "Type" + "GroupIpAddress", + "NetworkInterfaceId", + "TransitGatewayMulticastDomainId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EntityResolution::IdNamespace" + "AWS::EC2::TransitGatewayMulticastGroupSource" ], "type": "string" }, @@ -95230,70 +100007,7 @@ ], "type": "object" }, - "AWS::EntityResolution::IdNamespace.IdNamespaceIdMappingWorkflowProperties": { - "additionalProperties": false, - "properties": { - "IdMappingType": { - "markdownDescription": "The type of ID mapping.", - "title": "IdMappingType", - "type": "string" - }, - "ProviderProperties": { - "$ref": "#/definitions/AWS::EntityResolution::IdNamespace.NamespaceProviderProperties", - "markdownDescription": "An object which defines any additional configurations required by the provider service.", - "title": "ProviderProperties" - } - }, - "required": [ - "IdMappingType" - ], - "type": "object" - }, - "AWS::EntityResolution::IdNamespace.IdNamespaceInputSource": { - "additionalProperties": false, - "properties": { - "InputSourceARN": { - "markdownDescription": "An AWS Glue table Amazon Resource Name (ARN) or a matching workflow ARN for the input source table.", - "title": "InputSourceARN", - "type": "string" - }, - "SchemaName": { - "markdownDescription": "The name of the schema.", - "title": "SchemaName", - "type": "string" - } - }, - "required": [ - "InputSourceARN" - ], - "type": "object" - }, - "AWS::EntityResolution::IdNamespace.NamespaceProviderProperties": { - "additionalProperties": false, - "properties": { - "ProviderConfiguration": { - "additionalProperties": true, - "markdownDescription": "An object which defines any additional configurations required by the provider service.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "ProviderConfiguration", - "type": "object" - }, - "ProviderServiceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the provider service.", - "title": "ProviderServiceArn", - "type": "string" - } - }, - "required": [ - "ProviderServiceArn" - ], - "type": "object" - }, - "AWS::EntityResolution::MatchingWorkflow": { + "AWS::EC2::TransitGatewayPeeringAttachment": { "additionalProperties": false, "properties": { "Condition": { @@ -95328,63 +100042,46 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the workflow.", - "title": "Description", + "PeerAccountId": { + "markdownDescription": "The ID of the AWS account that owns the transit gateway.", + "title": "PeerAccountId", "type": "string" }, - "InputSourceConfig": { - "items": { - "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.InputSource" - }, - "markdownDescription": "A list of `InputSource` objects, which have the fields `InputSourceARN` and `SchemaName` .", - "title": "InputSourceConfig", - "type": "array" - }, - "OutputSourceConfig": { - "items": { - "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.OutputSource" - }, - "markdownDescription": "A list of `OutputSource` objects, each of which contains fields `OutputS3Path` , `ApplyNormalization` , and `Output` .", - "title": "OutputSourceConfig", - "type": "array" - }, - "ResolutionTechniques": { - "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.ResolutionTechniques", - "markdownDescription": "An object which defines the `resolutionType` and the `ruleBasedProperties` .", - "title": "ResolutionTechniques" + "PeerRegion": { + "markdownDescription": "The Region where the transit gateway that you want to create the peer for is located.", + "title": "PeerRegion", + "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role. AWS Entity Resolution assumes this role to create resources on your behalf as part of workflow execution.", - "title": "RoleArn", + "PeerTransitGatewayId": { + "markdownDescription": "The ID of the transit gateway in the PeerRegion.", + "title": "PeerTransitGatewayId", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "markdownDescription": "The tags for the transit gateway peering attachment.", "title": "Tags", "type": "array" }, - "WorkflowName": { - "markdownDescription": "The name of the workflow. There can't be multiple `MatchingWorkflows` with the same name.", - "title": "WorkflowName", + "TransitGatewayId": { + "markdownDescription": "The ID of the transit gateway peering attachment.", + "title": "TransitGatewayId", "type": "string" } }, "required": [ - "InputSourceConfig", - "OutputSourceConfig", - "ResolutionTechniques", - "RoleArn", - "WorkflowName" + "PeerAccountId", + "PeerRegion", + "PeerTransitGatewayId", + "TransitGatewayId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EntityResolution::MatchingWorkflow" + "AWS::EC2::TransitGatewayPeeringAttachment" ], "type": "string" }, @@ -95403,195 +100100,23 @@ ], "type": "object" }, - "AWS::EntityResolution::MatchingWorkflow.InputSource": { - "additionalProperties": false, - "properties": { - "ApplyNormalization": { - "markdownDescription": "Normalizes the attributes defined in the schema in the input data. For example, if an attribute has an `AttributeType` of `PHONE_NUMBER` , and the data in the input table is in a format of 1234567890, AWS Entity Resolution will normalize this field in the output to (123)-456-7890.", - "title": "ApplyNormalization", - "type": "boolean" - }, - "InputSourceARN": { - "markdownDescription": "An object containing `InputSourceARN` , `SchemaName` , and `ApplyNormalization` .", - "title": "InputSourceARN", - "type": "string" - }, - "SchemaArn": { - "markdownDescription": "The name of the schema.", - "title": "SchemaArn", - "type": "string" - } - }, - "required": [ - "InputSourceARN", - "SchemaArn" - ], - "type": "object" - }, - "AWS::EntityResolution::MatchingWorkflow.IntermediateSourceConfiguration": { - "additionalProperties": false, - "properties": { - "IntermediateS3Path": { - "markdownDescription": "The Amazon S3 location (bucket and prefix). For example: `s3://provider_bucket/DOC-EXAMPLE-BUCKET`", - "title": "IntermediateS3Path", - "type": "string" - } - }, - "required": [ - "IntermediateS3Path" - ], - "type": "object" - }, - "AWS::EntityResolution::MatchingWorkflow.OutputAttribute": { - "additionalProperties": false, - "properties": { - "Hashed": { - "markdownDescription": "Enables the ability to hash the column values in the output.", - "title": "Hashed", - "type": "boolean" - }, - "Name": { - "markdownDescription": "A name of a column to be written to the output. This must be an `InputField` name in the schema mapping.", - "title": "Name", - "type": "string" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "AWS::EntityResolution::MatchingWorkflow.OutputSource": { - "additionalProperties": false, - "properties": { - "ApplyNormalization": { - "markdownDescription": "Normalizes the attributes defined in the schema in the input data. For example, if an attribute has an `AttributeType` of `PHONE_NUMBER` , and the data in the input table is in a format of 1234567890, AWS Entity Resolution will normalize this field in the output to (123)-456-7890.", - "title": "ApplyNormalization", - "type": "boolean" - }, - "KMSArn": { - "markdownDescription": "Customer KMS ARN for encryption at rest. If not provided, system will use an AWS Entity Resolution managed KMS key.", - "title": "KMSArn", - "type": "string" - }, - "Output": { - "items": { - "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.OutputAttribute" - }, - "markdownDescription": "A list of `OutputAttribute` objects, each of which have the fields `Name` and `Hashed` . Each of these objects selects a column to be included in the output table, and whether the values of the column should be hashed.", - "title": "Output", - "type": "array" - }, - "OutputS3Path": { - "markdownDescription": "The S3 path to which AWS Entity Resolution will write the output table.", - "title": "OutputS3Path", - "type": "string" - } - }, - "required": [ - "Output", - "OutputS3Path" - ], - "type": "object" - }, - "AWS::EntityResolution::MatchingWorkflow.ProviderProperties": { - "additionalProperties": false, - "properties": { - "IntermediateSourceConfiguration": { - "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.IntermediateSourceConfiguration", - "markdownDescription": "The Amazon S3 location that temporarily stores your data while it processes. Your information won't be saved permanently.", - "title": "IntermediateSourceConfiguration" - }, - "ProviderConfiguration": { - "additionalProperties": true, - "markdownDescription": "The required configuration fields to use with the provider service.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "ProviderConfiguration", - "type": "object" - }, - "ProviderServiceArn": { - "markdownDescription": "The ARN of the provider service.", - "title": "ProviderServiceArn", - "type": "string" - } - }, - "required": [ - "ProviderServiceArn" - ], - "type": "object" - }, - "AWS::EntityResolution::MatchingWorkflow.ResolutionTechniques": { + "AWS::EC2::TransitGatewayPeeringAttachment.PeeringAttachmentStatus": { "additionalProperties": false, "properties": { - "ProviderProperties": { - "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.ProviderProperties", - "markdownDescription": "The properties of the provider service.", - "title": "ProviderProperties" - }, - "ResolutionType": { - "markdownDescription": "The type of matching. There are three types of matching: `RULE_MATCHING` , `ML_MATCHING` , and `PROVIDER` .", - "title": "ResolutionType", + "Code": { + "markdownDescription": "The status code.", + "title": "Code", "type": "string" }, - "RuleBasedProperties": { - "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.RuleBasedProperties", - "markdownDescription": "An object which defines the list of matching rules to run and has a field `Rules` , which is a list of rule objects.", - "title": "RuleBasedProperties" - } - }, - "type": "object" - }, - "AWS::EntityResolution::MatchingWorkflow.Rule": { - "additionalProperties": false, - "properties": { - "MatchingKeys": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of `MatchingKeys` . The `MatchingKeys` must have been defined in the `SchemaMapping` . Two records are considered to match according to this rule if all of the `MatchingKeys` match.", - "title": "MatchingKeys", - "type": "array" - }, - "RuleName": { - "markdownDescription": "A name for the matching rule.", - "title": "RuleName", - "type": "string" - } - }, - "required": [ - "MatchingKeys", - "RuleName" - ], - "type": "object" - }, - "AWS::EntityResolution::MatchingWorkflow.RuleBasedProperties": { - "additionalProperties": false, - "properties": { - "AttributeMatchingModel": { - "markdownDescription": "The comparison type. You can either choose `ONE_TO_ONE` or `MANY_TO_MANY` as the `attributeMatchingModel` .\n\nIf you choose `MANY_TO_MANY` , the system can match attributes across the sub-types of an attribute type. For example, if the value of the `Email` field of Profile A and the value of `BusinessEmail` field of Profile B matches, the two profiles are matched on the `Email` attribute type.\n\nIf you choose `ONE_TO_ONE` , the system can only match attributes if the sub-types are an exact match. For example, for the `Email` attribute type, the system will only consider it a match if the value of the `Email` field of Profile A matches the value of the `Email` field of Profile B.", - "title": "AttributeMatchingModel", + "Message": { + "markdownDescription": "The status message, if applicable.", + "title": "Message", "type": "string" - }, - "Rules": { - "items": { - "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.Rule" - }, - "markdownDescription": "A list of `Rule` objects, each of which have fields `RuleName` and `MatchingKeys` .", - "title": "Rules", - "type": "array" } }, - "required": [ - "AttributeMatchingModel", - "Rules" - ], "type": "object" }, - "AWS::EntityResolution::PolicyStatement": { + "AWS::EC2::TransitGatewayRoute": { "additionalProperties": false, "properties": { "Condition": { @@ -95626,52 +100151,36 @@ "Properties": { "additionalProperties": false, "properties": { - "Action": { - "items": { - "type": "string" - }, - "markdownDescription": "The action that the principal can use on the resource.\n\nFor example, `entityresolution:GetIdMappingJob` , `entityresolution:GetMatchingJob` .", - "title": "Action", - "type": "array" - }, - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource that will be accessed by the principal.", - "title": "Arn", - "type": "string" + "Blackhole": { + "markdownDescription": "Indicates whether to drop traffic that matches this route.", + "title": "Blackhole", + "type": "boolean" }, - "Condition": { - "markdownDescription": "A set of condition keys that you can use in key policies.", - "title": "Condition", + "DestinationCidrBlock": { + "markdownDescription": "The CIDR block used for destination matches.", + "title": "DestinationCidrBlock", "type": "string" }, - "Effect": { - "markdownDescription": "Determines whether the permissions specified in the policy are to be allowed ( `Allow` ) or denied ( `Deny` ).\n\n> If you set the value of the `effect` parameter to `Deny` for the `AddPolicyStatement` operation, you must also set the value of the `effect` parameter in the `policy` to `Deny` for the `PutPolicy` operation.", - "title": "Effect", + "TransitGatewayAttachmentId": { + "markdownDescription": "The ID of the attachment.", + "title": "TransitGatewayAttachmentId", "type": "string" }, - "Principal": { - "items": { - "type": "string" - }, - "markdownDescription": "The AWS service or AWS account that can access the resource defined as ARN.", - "title": "Principal", - "type": "array" - }, - "StatementId": { - "markdownDescription": "A statement identifier that differentiates the statement from others in the same policy.", - "title": "StatementId", + "TransitGatewayRouteTableId": { + "markdownDescription": "The ID of the transit gateway route table.", + "title": "TransitGatewayRouteTableId", "type": "string" } }, "required": [ - "Arn", - "StatementId" + "DestinationCidrBlock", + "TransitGatewayRouteTableId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EntityResolution::PolicyStatement" + "AWS::EC2::TransitGatewayRoute" ], "type": "string" }, @@ -95690,7 +100199,7 @@ ], "type": "object" }, - "AWS::EntityResolution::SchemaMapping": { + "AWS::EC2::TransitGatewayRouteTable": { "additionalProperties": false, "properties": { "Condition": { @@ -95725,42 +100234,28 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the schema.", - "title": "Description", - "type": "string" - }, - "MappedInputFields": { - "items": { - "$ref": "#/definitions/AWS::EntityResolution::SchemaMapping.SchemaInputAttribute" - }, - "markdownDescription": "A list of `MappedInputFields` . Each `MappedInputField` corresponds to a column the source data table, and contains column name plus additional information that AWS Entity Resolution uses for matching.", - "title": "MappedInputFields", - "type": "array" - }, - "SchemaName": { - "markdownDescription": "The name of the schema. There can't be multiple `SchemaMappings` with the same name.", - "title": "SchemaName", - "type": "string" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "markdownDescription": "Any tags assigned to the route table.", "title": "Tags", "type": "array" + }, + "TransitGatewayId": { + "markdownDescription": "The ID of the transit gateway.", + "title": "TransitGatewayId", + "type": "string" } }, "required": [ - "MappedInputFields", - "SchemaName" + "TransitGatewayId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EntityResolution::SchemaMapping" + "AWS::EC2::TransitGatewayRouteTable" ], "type": "string" }, @@ -95779,42 +100274,7 @@ ], "type": "object" }, - "AWS::EntityResolution::SchemaMapping.SchemaInputAttribute": { - "additionalProperties": false, - "properties": { - "FieldName": { - "markdownDescription": "A string containing the field name.", - "title": "FieldName", - "type": "string" - }, - "GroupName": { - "markdownDescription": "A string that instructs AWS Entity Resolution to combine several columns into a unified column with the identical attribute type.\n\nFor example, when working with columns such as `NAME_FIRST` , `NAME_MIDDLE` , and `NAME_LAST` , assigning them a common `groupName` will prompt AWS Entity Resolution to concatenate them into a single value.", - "title": "GroupName", - "type": "string" - }, - "MatchKey": { - "markdownDescription": "A key that allows grouping of multiple input attributes into a unified matching group.\n\nFor example, consider a scenario where the source table contains various addresses, such as `business_address` and `shipping_address` . By assigning a `matchKey` called `address` to both attributes, AWS Entity Resolution will match records across these fields to create a consolidated matching group.\n\nIf no `matchKey` is specified for a column, it won't be utilized for matching purposes but will still be included in the output table.", - "title": "MatchKey", - "type": "string" - }, - "SubType": { - "markdownDescription": "The subtype of the attribute, selected from a list of values.", - "title": "SubType", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of the attribute, selected from a list of values.\n\nLiveRamp supports: `NAME` | `NAME_FIRST` | `NAME_MIDDLE` | `NAME_LAST` | `ADDRESS` | `ADDRESS_STREET1` | `ADDRESS_STREET2` | `ADDRESS_STREET3` | `ADDRESS_CITY` | `ADDRESS_STATE` | `ADDRESS_COUNTRY` | `ADDRESS_POSTALCODE` | `PHONE` | `PHONE_NUMBER` | `EMAIL_ADDRESS` | `UNIQUE_ID` | `PROVIDER_ID`\n\nTransUnion supports: `NAME` | `NAME_FIRST` | `NAME_LAST` | `ADDRESS` | `ADDRESS_CITY` | `ADDRESS_STATE` | `ADDRESS_COUNTRY` | `ADDRESS_POSTALCODE` | `PHONE_NUMBER` | `EMAIL_ADDRESS` | `UNIQUE_ID` | `IPV4` | `IPV6` | `MAID`\n\nUnified ID 2.0 supports: `PHONE_NUMBER` | `EMAIL_ADDRESS` | `UNIQUE_ID`\n\n> Normalization is only supported for `NAME` , `ADDRESS` , `PHONE` , and `EMAIL_ADDRESS` .\n> \n> If you want to normalize `NAME_FIRST` , `NAME_MIDDLE` , and `NAME_LAST` , you must group them by assigning them to the `NAME` `groupName` .\n> \n> If you want to normalize `ADDRESS_STREET1` , `ADDRESS_STREET2` , `ADDRESS_STREET3` , `ADDRESS_CITY` , `ADDRESS_STATE` , `ADDRESS_COUNTRY` , and `ADDRESS_POSTALCODE` , you must group them by assigning them to the `ADDRESS` `groupName` .\n> \n> If you want to normalize `PHONE_NUMBER` and `PHONE_COUNTRYCODE` , you must group them by assigning them to the `PHONE` `groupName` .", - "title": "Type", - "type": "string" - } - }, - "required": [ - "FieldName", - "Type" - ], - "type": "object" - }, - "AWS::EventSchemas::Discoverer": { + "AWS::EC2::TransitGatewayRouteTableAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -95849,38 +100309,26 @@ "Properties": { "additionalProperties": false, "properties": { - "CrossAccount": { - "markdownDescription": "Allows for the discovery of the event schemas that are sent to the event bus from another account.", - "title": "CrossAccount", - "type": "boolean" - }, - "Description": { - "markdownDescription": "A description for the discoverer.", - "title": "Description", + "TransitGatewayAttachmentId": { + "markdownDescription": "The ID of the attachment.", + "title": "TransitGatewayAttachmentId", "type": "string" }, - "SourceArn": { - "markdownDescription": "The ARN of the event bus.", - "title": "SourceArn", + "TransitGatewayRouteTableId": { + "markdownDescription": "The ID of the route table for the transit gateway.", + "title": "TransitGatewayRouteTableId", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/AWS::EventSchemas::Discoverer.TagsEntry" - }, - "markdownDescription": "Tags associated with the resource.", - "title": "Tags", - "type": "array" } }, "required": [ - "SourceArn" + "TransitGatewayAttachmentId", + "TransitGatewayRouteTableId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EventSchemas::Discoverer" + "AWS::EC2::TransitGatewayRouteTableAssociation" ], "type": "string" }, @@ -95899,27 +100347,7 @@ ], "type": "object" }, - "AWS::EventSchemas::Discoverer.TagsEntry": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "The key of a key-value pair.", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "The value of a key-value pair.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - }, - "AWS::EventSchemas::Registry": { + "AWS::EC2::TransitGatewayRouteTablePropagation": { "additionalProperties": false, "properties": { "Condition": { @@ -95954,30 +100382,26 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the registry to be created.", - "title": "Description", + "TransitGatewayAttachmentId": { + "markdownDescription": "The ID of the attachment.", + "title": "TransitGatewayAttachmentId", "type": "string" }, - "RegistryName": { - "markdownDescription": "The name of the schema registry.", - "title": "RegistryName", + "TransitGatewayRouteTableId": { + "markdownDescription": "The ID of the propagation route table.", + "title": "TransitGatewayRouteTableId", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/AWS::EventSchemas::Registry.TagsEntry" - }, - "markdownDescription": "Tags to associate with the registry.", - "title": "Tags", - "type": "array" } }, + "required": [ + "TransitGatewayAttachmentId", + "TransitGatewayRouteTableId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::EventSchemas::Registry" + "AWS::EC2::TransitGatewayRouteTablePropagation" ], "type": "string" }, @@ -95991,34 +100415,15 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::EventSchemas::Registry.TagsEntry": { + "AWS::EC2::TransitGatewayVpcAttachment": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The key of a key-value pair.", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "The value of a key-value pair.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - }, - "AWS::EventSchemas::RegistryPolicy": { - "additionalProperties": false, - "properties": { - "Condition": { + "Condition": { "type": "string" }, "DeletionPolicy": { @@ -96050,31 +100455,64 @@ "Properties": { "additionalProperties": false, "properties": { - "Policy": { - "markdownDescription": "A resource-based policy.", - "title": "Policy", - "type": "object" + "AddSubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of one or more subnets to add. You can specify at most one subnet per Availability Zone.", + "title": "AddSubnetIds", + "type": "array" }, - "RegistryName": { - "markdownDescription": "The name of the registry.", - "title": "RegistryName", + "Options": { + "$ref": "#/definitions/AWS::EC2::TransitGatewayVpcAttachment.Options", + "markdownDescription": "The VPC attachment options.", + "title": "Options" + }, + "RemoveSubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of one or more subnets to remove.", + "title": "RemoveSubnetIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the subnets.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the VPC attachment.", + "title": "Tags", + "type": "array" + }, + "TransitGatewayId": { + "markdownDescription": "The ID of the transit gateway.", + "title": "TransitGatewayId", "type": "string" }, - "RevisionId": { - "markdownDescription": "The revision ID of the policy.", - "title": "RevisionId", + "VpcId": { + "markdownDescription": "The ID of the VPC.", + "title": "VpcId", "type": "string" } }, "required": [ - "Policy", - "RegistryName" + "SubnetIds", + "TransitGatewayId", + "VpcId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EventSchemas::RegistryPolicy" + "AWS::EC2::TransitGatewayVpcAttachment" ], "type": "string" }, @@ -96093,7 +100531,33 @@ ], "type": "object" }, - "AWS::EventSchemas::Schema": { + "AWS::EC2::TransitGatewayVpcAttachment.Options": { + "additionalProperties": false, + "properties": { + "ApplianceModeSupport": { + "markdownDescription": "Enable or disable appliance mode support. The default is `disable` .", + "title": "ApplianceModeSupport", + "type": "string" + }, + "DnsSupport": { + "markdownDescription": "Enable or disable DNS support. The default is `disable` .", + "title": "DnsSupport", + "type": "string" + }, + "Ipv6Support": { + "markdownDescription": "Enable or disable IPv6 support. The default is `disable` .", + "title": "Ipv6Support", + "type": "string" + }, + "SecurityGroupReferencingSupport": { + "markdownDescription": "Enables you to reference a security group across VPCs attached to a transit gateway (TGW). Use this option to simplify security group management and control of instance-to-instance traffic across VPCs that are connected by transit gateway. You can also use this option to migrate from VPC peering (which was the only option that supported security group referencing) to transit gateways (which now also support security group referencing). This option is disabled by default and there are no additional costs to use this feature.\n\nFor important information about this feature, see [Create a transit gateway](https://docs.aws.amazon.com/vpc/latest/tgw/tgw-transit-gateways.html#create-tgw) in the *AWS Transit Gateway Guide* .", + "title": "SecurityGroupReferencingSupport", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::VPC": { "additionalProperties": false, "properties": { "Condition": { @@ -96128,50 +100592,50 @@ "Properties": { "additionalProperties": false, "properties": { - "Content": { - "markdownDescription": "The source of the schema definition.", - "title": "Content", + "CidrBlock": { + "markdownDescription": "The IPv4 network range for the VPC, in CIDR notation. For example, `10.0.0.0/16` . We modify the specified CIDR block to its canonical form; for example, if you specify `100.68.0.18/18` , we modify it to `100.68.0.0/18` .\n\nYou must specify either `CidrBlock` or `Ipv4IpamPoolId` .", + "title": "CidrBlock", "type": "string" }, - "Description": { - "markdownDescription": "A description of the schema.", - "title": "Description", - "type": "string" + "EnableDnsHostnames": { + "markdownDescription": "Indicates whether the instances launched in the VPC get DNS hostnames. If enabled, instances in the VPC get DNS hostnames; otherwise, they do not. Disabled by default for nondefault VPCs. For more information, see [DNS attributes in your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-dns.html#vpc-dns-support) .\n\nYou can only enable DNS hostnames if you've enabled DNS support.", + "title": "EnableDnsHostnames", + "type": "boolean" }, - "RegistryName": { - "markdownDescription": "The name of the schema registry.", - "title": "RegistryName", + "EnableDnsSupport": { + "markdownDescription": "Indicates whether the DNS resolution is supported for the VPC. If enabled, queries to the Amazon provided DNS server at the 169.254.169.253 IP address, or the reserved IP address at the base of the VPC network range \"plus two\" succeed. If disabled, the Amazon provided DNS service in the VPC that resolves public DNS hostnames to IP addresses is not enabled. Enabled by default. For more information, see [DNS attributes in your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-dns.html#vpc-dns-support) .", + "title": "EnableDnsSupport", + "type": "boolean" + }, + "InstanceTenancy": { + "markdownDescription": "The allowed tenancy of instances launched into the VPC.\n\n- `default` : An instance launched into the VPC runs on shared hardware by default, unless you explicitly specify a different tenancy during instance launch.\n- `dedicated` : An instance launched into the VPC runs on dedicated hardware by default, unless you explicitly specify a tenancy of `host` during instance launch. You cannot specify a tenancy of `default` during instance launch.\n\nUpdating `InstanceTenancy` requires no replacement only if you are updating its value from `dedicated` to `default` . Updating `InstanceTenancy` from `default` to `dedicated` requires replacement.", + "title": "InstanceTenancy", "type": "string" }, - "SchemaName": { - "markdownDescription": "The name of the schema.", - "title": "SchemaName", + "Ipv4IpamPoolId": { + "markdownDescription": "The ID of an IPv4 IPAM pool you want to use for allocating this VPC's CIDR. For more information, see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide* .\n\nYou must specify either `CidrBlock` or `Ipv4IpamPoolId` .", + "title": "Ipv4IpamPoolId", "type": "string" }, + "Ipv4NetmaskLength": { + "markdownDescription": "The netmask length of the IPv4 CIDR you want to allocate to this VPC from an Amazon VPC IP Address Manager (IPAM) pool. For more information about IPAM, see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide* .", + "title": "Ipv4NetmaskLength", + "type": "number" + }, "Tags": { "items": { - "$ref": "#/definitions/AWS::EventSchemas::Schema.TagsEntry" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "Tags associated with the schema.", + "markdownDescription": "The tags for the VPC.", "title": "Tags", "type": "array" - }, - "Type": { - "markdownDescription": "The type of schema.\n\nValid types include `OpenApi3` and `JSONSchemaDraft4` .", - "title": "Type", - "type": "string" } }, - "required": [ - "Content", - "RegistryName", - "Type" - ], "type": "object" }, "Type": { "enum": [ - "AWS::EventSchemas::Schema" + "AWS::EC2::VPC" ], "type": "string" }, @@ -96185,32 +100649,11 @@ } }, "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::EventSchemas::Schema.TagsEntry": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "The key of a key-value pair.", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "The value of a key-value pair.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Key", - "Value" + "Type" ], "type": "object" }, - "AWS::Events::ApiDestination": { + "AWS::EC2::VPCBlockPublicAccessExclusion": { "additionalProperties": false, "properties": { "Condition": { @@ -96245,47 +100688,38 @@ "Properties": { "additionalProperties": false, "properties": { - "ConnectionArn": { - "markdownDescription": "The ARN of the connection to use for the API destination. The destination endpoint must support the authorization type specified for the connection.", - "title": "ConnectionArn", - "type": "string" - }, - "Description": { - "markdownDescription": "A description for the API destination to create.", - "title": "Description", - "type": "string" - }, - "HttpMethod": { - "markdownDescription": "The method to use for the request to the HTTP invocation endpoint.", - "title": "HttpMethod", + "InternetGatewayExclusionMode": { + "markdownDescription": "The desired VPC Block Public Access mode for a specific VPC or subnet exclusion.\n\n- `allow-bidirectional` : Allow all internet traffic to and from the excluded VPCs and subnets.\n- `allow-egress` : Allow outbound internet traffic from the excluded VPCs and subnets. Block inbound internet traffic to the excluded VPCs and subnets. Only applies when VPC Block Public Access is set to `block-bidirectional` .", + "title": "InternetGatewayExclusionMode", "type": "string" }, - "InvocationEndpoint": { - "markdownDescription": "The URL to the HTTP invocation endpoint for the API destination.", - "title": "InvocationEndpoint", + "SubnetId": { + "markdownDescription": "The ID of the subnet you want to exclude. Required only if you don't specify VpcId.", + "title": "SubnetId", "type": "string" }, - "InvocationRateLimitPerSecond": { - "markdownDescription": "The maximum number of requests per second to send to the HTTP invocation endpoint.", - "title": "InvocationRateLimitPerSecond", - "type": "number" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.", + "title": "Tags", + "type": "array" }, - "Name": { - "markdownDescription": "The name for the API destination to create.", - "title": "Name", + "VpcId": { + "markdownDescription": "The ID of the VPC you want to exclude. Required only if you don't specify SubnetId.", + "title": "VpcId", "type": "string" } }, "required": [ - "ConnectionArn", - "HttpMethod", - "InvocationEndpoint" + "InternetGatewayExclusionMode" ], "type": "object" }, "Type": { "enum": [ - "AWS::Events::ApiDestination" + "AWS::EC2::VPCBlockPublicAccessExclusion" ], "type": "string" }, @@ -96304,7 +100738,7 @@ ], "type": "object" }, - "AWS::Events::Archive": { + "AWS::EC2::VPCBlockPublicAccessOptions": { "additionalProperties": false, "properties": { "Condition": { @@ -96339,40 +100773,20 @@ "Properties": { "additionalProperties": false, "properties": { - "ArchiveName": { - "markdownDescription": "The name for the archive to create.", - "title": "ArchiveName", - "type": "string" - }, - "Description": { - "markdownDescription": "A description for the archive.", - "title": "Description", - "type": "string" - }, - "EventPattern": { - "markdownDescription": "An event pattern to use to filter events sent to the archive.", - "title": "EventPattern", - "type": "object" - }, - "RetentionDays": { - "markdownDescription": "The number of days to retain events for. Default value is 0. If set to 0, events are retained indefinitely", - "title": "RetentionDays", - "type": "number" - }, - "SourceArn": { - "markdownDescription": "The ARN of the event bus that sends events to the archive.", - "title": "SourceArn", + "InternetGatewayBlockMode": { + "markdownDescription": "The desired VPC Block Public Access mode for internet gateways in your account. We do not allow you to create this resource type in an \"off\" mode since off is the default value.\n\n- `block-bidirectional` : Block all traffic to and from internet gateways and egress-only internet gateways in this Region (except for excluded VPCs and subnets).\n- `block-ingress` : Block all internet traffic to the VPCs in this Region (except for VPCs or subnets which are excluded). Only traffic to and from NAT gateways and egress-only internet gateways is allowed because these gateways only allow outbound connections to be established.", + "title": "InternetGatewayBlockMode", "type": "string" } }, "required": [ - "SourceArn" + "InternetGatewayBlockMode" ], "type": "object" }, "Type": { "enum": [ - "AWS::Events::Archive" + "AWS::EC2::VPCBlockPublicAccessOptions" ], "type": "string" }, @@ -96391,7 +100805,7 @@ ], "type": "object" }, - "AWS::Events::Connection": { + "AWS::EC2::VPCCidrBlock": { "additionalProperties": false, "properties": { "Condition": { @@ -96426,32 +100840,65 @@ "Properties": { "additionalProperties": false, "properties": { - "AuthParameters": { - "$ref": "#/definitions/AWS::Events::Connection.AuthParameters", - "markdownDescription": "The authorization parameters to use to authorize with the endpoint.\n\nYou must include only authorization parameters for the `AuthorizationType` you specify.", - "title": "AuthParameters" + "AmazonProvidedIpv6CidrBlock": { + "markdownDescription": "Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC. You cannot specify the range of IPv6 addresses or the size of the CIDR block.", + "title": "AmazonProvidedIpv6CidrBlock", + "type": "boolean" }, - "AuthorizationType": { - "markdownDescription": "The type of authorization to use for the connection.\n\n> OAUTH tokens are refreshed when a 401 or 407 response is returned.", - "title": "AuthorizationType", + "CidrBlock": { + "markdownDescription": "An IPv4 CIDR block to associate with the VPC.", + "title": "CidrBlock", "type": "string" }, - "Description": { - "markdownDescription": "A description for the connection to create.", - "title": "Description", + "Ipv4IpamPoolId": { + "markdownDescription": "Associate a CIDR allocated from an IPv4 IPAM pool to a VPC. For more information about Amazon VPC IP Address Manager (IPAM), see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide* .", + "title": "Ipv4IpamPoolId", "type": "string" }, - "Name": { - "markdownDescription": "The name for the connection to create.", - "title": "Name", + "Ipv4NetmaskLength": { + "markdownDescription": "The netmask length of the IPv4 CIDR you would like to associate from an Amazon VPC IP Address Manager (IPAM) pool. For more information about IPAM, see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide* .", + "title": "Ipv4NetmaskLength", + "type": "number" + }, + "Ipv6CidrBlock": { + "markdownDescription": "An IPv6 CIDR block from the IPv6 address pool. You must also specify `Ipv6Pool` in the request.\n\nTo let Amazon choose the IPv6 CIDR block for you, omit this parameter.", + "title": "Ipv6CidrBlock", + "type": "string" + }, + "Ipv6CidrBlockNetworkBorderGroup": { + "markdownDescription": "The name of the location from which we advertise the IPV6 CIDR block. Use this parameter to limit the CIDR block to this location.\n\nYou must set `AmazonProvidedIpv6CidrBlock` to `true` to use this parameter.\n\nYou can have one IPv6 CIDR block association per network border group.", + "title": "Ipv6CidrBlockNetworkBorderGroup", + "type": "string" + }, + "Ipv6IpamPoolId": { + "markdownDescription": "Associates a CIDR allocated from an IPv6 IPAM pool to a VPC. For more information about Amazon VPC IP Address Manager (IPAM), see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide* .", + "title": "Ipv6IpamPoolId", + "type": "string" + }, + "Ipv6NetmaskLength": { + "markdownDescription": "The netmask length of the IPv6 CIDR you would like to associate from an Amazon VPC IP Address Manager (IPAM) pool. For more information about IPAM, see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide* .", + "title": "Ipv6NetmaskLength", + "type": "number" + }, + "Ipv6Pool": { + "markdownDescription": "The ID of an IPv6 address pool from which to allocate the IPv6 CIDR block.", + "title": "Ipv6Pool", + "type": "string" + }, + "VpcId": { + "markdownDescription": "The ID of the VPC.", + "title": "VpcId", "type": "string" } }, + "required": [ + "VpcId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Events::Connection" + "AWS::EC2::VPCCidrBlock" ], "type": "string" }, @@ -96465,183 +100912,245 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Events::Connection.ApiKeyAuthParameters": { + "AWS::EC2::VPCDHCPOptionsAssociation": { "additionalProperties": false, "properties": { - "ApiKeyName": { - "markdownDescription": "The name of the API key to use for authorization.", - "title": "ApiKeyName", + "Condition": { "type": "string" }, - "ApiKeyValue": { - "markdownDescription": "The value for the API key to use for authorization.", - "title": "ApiKeyValue", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "required": [ - "ApiKeyName", - "ApiKeyValue" - ], - "type": "object" - }, - "AWS::Events::Connection.AuthParameters": { - "additionalProperties": false, - "properties": { - "ApiKeyAuthParameters": { - "$ref": "#/definitions/AWS::Events::Connection.ApiKeyAuthParameters", - "markdownDescription": "The API Key parameters to use for authorization.", - "title": "ApiKeyAuthParameters" }, - "BasicAuthParameters": { - "$ref": "#/definitions/AWS::Events::Connection.BasicAuthParameters", - "markdownDescription": "The authorization parameters for Basic authorization.", - "title": "BasicAuthParameters" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "InvocationHttpParameters": { - "$ref": "#/definitions/AWS::Events::Connection.ConnectionHttpParameters", - "markdownDescription": "Additional parameters for the connection that are passed through with every invocation to the HTTP endpoint.", - "title": "InvocationHttpParameters" + "Metadata": { + "type": "object" }, - "OAuthParameters": { - "$ref": "#/definitions/AWS::Events::Connection.OAuthParameters", - "markdownDescription": "The OAuth parameters to use for authorization.", - "title": "OAuthParameters" - } - }, - "type": "object" - }, - "AWS::Events::Connection.BasicAuthParameters": { - "additionalProperties": false, - "properties": { - "Password": { - "markdownDescription": "The password associated with the user name to use for Basic authorization.", - "title": "Password", + "Properties": { + "additionalProperties": false, + "properties": { + "DhcpOptionsId": { + "markdownDescription": "The ID of the DHCP options set, or `default` to associate no DHCP options with the VPC.", + "title": "DhcpOptionsId", + "type": "string" + }, + "VpcId": { + "markdownDescription": "The ID of the VPC.", + "title": "VpcId", + "type": "string" + } + }, + "required": [ + "DhcpOptionsId", + "VpcId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::EC2::VPCDHCPOptionsAssociation" + ], "type": "string" }, - "Username": { - "markdownDescription": "The user name to use for Basic authorization.", - "title": "Username", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Password", - "Username" + "Type", + "Properties" ], "type": "object" }, - "AWS::Events::Connection.ClientParameters": { + "AWS::EC2::VPCEndpoint": { "additionalProperties": false, "properties": { - "ClientID": { - "markdownDescription": "The client ID to use for OAuth authorization.", - "title": "ClientID", + "Condition": { "type": "string" }, - "ClientSecret": { - "markdownDescription": "The client secret assciated with the client ID to use for OAuth authorization.", - "title": "ClientSecret", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "required": [ - "ClientID", - "ClientSecret" - ], - "type": "object" - }, - "AWS::Events::Connection.ConnectionHttpParameters": { - "additionalProperties": false, - "properties": { - "BodyParameters": { - "items": { - "$ref": "#/definitions/AWS::Events::Connection.Parameter" - }, - "markdownDescription": "Any additional body string parameters for the connection.", - "title": "BodyParameters", - "type": "array" }, - "HeaderParameters": { - "items": { - "$ref": "#/definitions/AWS::Events::Connection.Parameter" - }, - "markdownDescription": "Any additional header parameters for the connection.", - "title": "HeaderParameters", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "QueryStringParameters": { - "items": { - "$ref": "#/definitions/AWS::Events::Connection.Parameter" - }, - "markdownDescription": "Any additional query string parameters for the connection.", - "title": "QueryStringParameters", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Events::Connection.OAuthParameters": { - "additionalProperties": false, - "properties": { - "AuthorizationEndpoint": { - "markdownDescription": "The URL to the authorization endpoint when OAuth is specified as the authorization type.", - "title": "AuthorizationEndpoint", - "type": "string" + "Metadata": { + "type": "object" }, - "ClientParameters": { - "$ref": "#/definitions/AWS::Events::Connection.ClientParameters", - "markdownDescription": "The client parameters for OAuth authorization.", - "title": "ClientParameters" + "Properties": { + "additionalProperties": false, + "properties": { + "DnsOptions": { + "$ref": "#/definitions/AWS::EC2::VPCEndpoint.DnsOptionsSpecification", + "markdownDescription": "Describes the DNS options for an endpoint.", + "title": "DnsOptions" + }, + "IpAddressType": { + "markdownDescription": "The supported IP address types.", + "title": "IpAddressType", + "type": "string" + }, + "PolicyDocument": { + "markdownDescription": "An endpoint policy, which controls access to the service from the VPC. The default endpoint policy allows full access to the service. Endpoint policies are supported only for gateway and interface endpoints.\n\nFor CloudFormation templates in YAML, you can provide the policy in JSON or YAML format. For example, if you have a JSON policy, you can convert it to YAML before including it in the YAML template, and AWS CloudFormation converts the policy to JSON format before calling the API actions for AWS PrivateLink . Alternatively, you can include the JSON directly in the YAML, as shown in the following `Properties` section:\n\n`Properties: VpcEndpointType: 'Interface' ServiceName: !Sub 'com.amazonaws.${AWS::Region}.logs' PolicyDocument: '{ \"Version\":\"2012-10-17\", \"Statement\": [{ \"Effect\":\"Allow\", \"Principal\":\"*\", \"Action\":[\"logs:Describe*\",\"logs:Get*\",\"logs:List*\",\"logs:FilterLogEvents\"], \"Resource\":\"*\" }] }'`", + "title": "PolicyDocument", + "type": "object" + }, + "PrivateDnsEnabled": { + "markdownDescription": "Indicate whether to associate a private hosted zone with the specified VPC. The private hosted zone contains a record set for the default public DNS name for the service for the Region (for example, `kinesis.us-east-1.amazonaws.com` ), which resolves to the private IP addresses of the endpoint network interfaces in the VPC. This enables you to make requests to the default public DNS name for the service instead of the public DNS names that are automatically generated by the VPC endpoint service.\n\nTo use a private hosted zone, you must set the following VPC attributes to `true` : `enableDnsHostnames` and `enableDnsSupport` .\n\nThis property is supported only for interface endpoints.\n\nDefault: `false`", + "title": "PrivateDnsEnabled", + "type": "boolean" + }, + "ResourceConfigurationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource configuration.", + "title": "ResourceConfigurationArn", + "type": "string" + }, + "RouteTableIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the route tables. Routing is supported only for gateway endpoints.", + "title": "RouteTableIds", + "type": "array" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the security groups to associate with the endpoint network interfaces. If this parameter is not specified, we use the default security group for the VPC. Security groups are supported only for interface endpoints.", + "title": "SecurityGroupIds", + "type": "array" + }, + "ServiceName": { + "markdownDescription": "The name of the endpoint service.", + "title": "ServiceName", + "type": "string" + }, + "ServiceNetworkArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the service network.", + "title": "ServiceNetworkArn", + "type": "string" + }, + "ServiceRegion": { + "markdownDescription": "Describes a Region.", + "title": "ServiceRegion", + "type": "string" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the subnets in which to create endpoint network interfaces. You must specify this property for an interface endpoint or a Gateway Load Balancer endpoint. You can't specify this property for a gateway endpoint. For a Gateway Load Balancer endpoint, you can specify only one subnet.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to associate with the endpoint.", + "title": "Tags", + "type": "array" + }, + "VpcEndpointType": { + "markdownDescription": "The type of endpoint.\n\nDefault: Gateway", + "title": "VpcEndpointType", + "type": "string" + }, + "VpcId": { + "markdownDescription": "The ID of the VPC.", + "title": "VpcId", + "type": "string" + } + }, + "required": [ + "VpcId" + ], + "type": "object" }, - "HttpMethod": { - "markdownDescription": "The method to use for the authorization request.", - "title": "HttpMethod", + "Type": { + "enum": [ + "AWS::EC2::VPCEndpoint" + ], "type": "string" }, - "OAuthHttpParameters": { - "$ref": "#/definitions/AWS::Events::Connection.ConnectionHttpParameters", - "markdownDescription": "Details about the additional parameters to use for the connection.", - "title": "OAuthHttpParameters" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "AuthorizationEndpoint", - "ClientParameters", - "HttpMethod" + "Type", + "Properties" ], "type": "object" }, - "AWS::Events::Connection.Parameter": { + "AWS::EC2::VPCEndpoint.DnsOptionsSpecification": { "additionalProperties": false, "properties": { - "IsValueSecret": { - "markdownDescription": "Specifies whether the value is secret.", - "title": "IsValueSecret", - "type": "boolean" - }, - "Key": { - "markdownDescription": "The key for a query string parameter.", - "title": "Key", + "DnsRecordIpType": { + "markdownDescription": "The DNS records created for the endpoint.", + "title": "DnsRecordIpType", "type": "string" }, - "Value": { - "markdownDescription": "The value associated with the key for the query string parameter.", - "title": "Value", + "PrivateDnsOnlyForInboundResolverEndpoint": { + "markdownDescription": "Indicates whether to enable private DNS only for inbound endpoints. This option is available only for services that support both gateway and interface endpoints. It routes traffic that originates from the VPC to the gateway endpoint and traffic that originates from on-premises to the interface endpoint.", + "title": "PrivateDnsOnlyForInboundResolverEndpoint", "type": "string" } }, - "required": [ - "Key", - "Value" - ], "type": "object" }, - "AWS::Events::Endpoint": { + "AWS::EC2::VPCEndpointConnectionNotification": { "additionalProperties": false, "properties": { "Condition": { @@ -96676,49 +101185,39 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description for the endpoint.", - "title": "Description", - "type": "string" - }, - "EventBuses": { + "ConnectionEvents": { "items": { - "$ref": "#/definitions/AWS::Events::Endpoint.EndpointEventBus" + "type": "string" }, - "markdownDescription": "The event buses being used by the endpoint.\n\n*Exactly* : `2`", - "title": "EventBuses", + "markdownDescription": "The endpoint events for which to receive notifications. Valid values are `Accept` , `Connect` , `Delete` , and `Reject` .", + "title": "ConnectionEvents", "type": "array" }, - "Name": { - "markdownDescription": "The name of the endpoint.", - "title": "Name", + "ConnectionNotificationArn": { + "markdownDescription": "The ARN of the SNS topic for the notifications.", + "title": "ConnectionNotificationArn", "type": "string" }, - "ReplicationConfig": { - "$ref": "#/definitions/AWS::Events::Endpoint.ReplicationConfig", - "markdownDescription": "Whether event replication was enabled or disabled for this endpoint. The default state is `ENABLED` which means you must supply a `RoleArn` . If you don't have a `RoleArn` or you don't want event replication enabled, set the state to `DISABLED` .", - "title": "ReplicationConfig" - }, - "RoleArn": { - "markdownDescription": "The ARN of the role used by event replication for the endpoint.", - "title": "RoleArn", + "ServiceId": { + "markdownDescription": "The ID of the endpoint service.", + "title": "ServiceId", "type": "string" }, - "RoutingConfig": { - "$ref": "#/definitions/AWS::Events::Endpoint.RoutingConfig", - "markdownDescription": "The routing configuration of the endpoint.", - "title": "RoutingConfig" + "VPCEndpointId": { + "markdownDescription": "The ID of the endpoint.", + "title": "VPCEndpointId", + "type": "string" } }, "required": [ - "EventBuses", - "RoutingConfig" + "ConnectionEvents", + "ConnectionNotificationArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Events::Endpoint" + "AWS::EC2::VPCEndpointConnectionNotification" ], "type": "string" }, @@ -96737,97 +101236,120 @@ ], "type": "object" }, - "AWS::Events::Endpoint.EndpointEventBus": { + "AWS::EC2::VPCEndpointService": { "additionalProperties": false, "properties": { - "EventBusArn": { - "markdownDescription": "The ARN of the event bus the endpoint is associated with.", - "title": "EventBusArn", + "Condition": { "type": "string" - } - }, - "required": [ - "EventBusArn" - ], - "type": "object" - }, - "AWS::Events::Endpoint.FailoverConfig": { - "additionalProperties": false, - "properties": { - "Primary": { - "$ref": "#/definitions/AWS::Events::Endpoint.Primary", - "markdownDescription": "The main Region of the endpoint.", - "title": "Primary" }, - "Secondary": { - "$ref": "#/definitions/AWS::Events::Endpoint.Secondary", - "markdownDescription": "The Region that events are routed to when failover is triggered or event replication is enabled.", - "title": "Secondary" - } - }, - "required": [ - "Primary", - "Secondary" - ], - "type": "object" - }, - "AWS::Events::Endpoint.Primary": { - "additionalProperties": false, - "properties": { - "HealthCheck": { - "markdownDescription": "The ARN of the health check used by the endpoint to determine whether failover is triggered.", - "title": "HealthCheck", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "required": [ - "HealthCheck" - ], - "type": "object" - }, - "AWS::Events::Endpoint.ReplicationConfig": { - "additionalProperties": false, - "properties": { - "State": { - "markdownDescription": "The state of event replication.", - "title": "State", + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AcceptanceRequired": { + "markdownDescription": "Indicates whether requests from service consumers to create an endpoint to your service must be accepted.", + "title": "AcceptanceRequired", + "type": "boolean" + }, + "ContributorInsightsEnabled": { + "markdownDescription": "Indicates whether to enable the built-in Contributor Insights rules provided by AWS PrivateLink .", + "title": "ContributorInsightsEnabled", + "type": "boolean" + }, + "GatewayLoadBalancerArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Names (ARNs) of the Gateway Load Balancers.", + "title": "GatewayLoadBalancerArns", + "type": "array" + }, + "NetworkLoadBalancerArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Names (ARNs) of the Network Load Balancers.", + "title": "NetworkLoadBalancerArns", + "type": "array" + }, + "PayerResponsibility": { + "markdownDescription": "The entity that is responsible for the endpoint costs. The default is the endpoint owner. If you set the payer responsibility to the service owner, you cannot set it back to the endpoint owner.", + "title": "PayerResponsibility", + "type": "string" + }, + "SupportedIpAddressTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The supported IP address types. The possible values are `ipv4` and `ipv6` .", + "title": "SupportedIpAddressTypes", + "type": "array" + }, + "SupportedRegions": { + "items": { + "type": "string" + }, + "markdownDescription": "The Regions from which service consumers can access the service.", + "title": "SupportedRegions", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to associate with the service.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::EC2::VPCEndpointService" + ], "type": "string" - } - }, - "required": [ - "State" - ], - "type": "object" - }, - "AWS::Events::Endpoint.RoutingConfig": { - "additionalProperties": false, - "properties": { - "FailoverConfig": { - "$ref": "#/definitions/AWS::Events::Endpoint.FailoverConfig", - "markdownDescription": "The failover configuration for an endpoint. This includes what triggers failover and what happens when it's triggered.", - "title": "FailoverConfig" - } - }, - "required": [ - "FailoverConfig" - ], - "type": "object" - }, - "AWS::Events::Endpoint.Secondary": { - "additionalProperties": false, - "properties": { - "Route": { - "markdownDescription": "Defines the secondary Region.", - "title": "Route", + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Route" + "Type" ], "type": "object" }, - "AWS::Events::EventBus": { + "AWS::EC2::VPCEndpointServicePermissions": { "additionalProperties": false, "properties": { "Condition": { @@ -96862,38 +101384,28 @@ "Properties": { "additionalProperties": false, "properties": { - "EventSourceName": { - "markdownDescription": "If you are creating a partner event bus, this specifies the partner event source that the new event bus will be matched with.", - "title": "EventSourceName", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the new event bus.\n\nCustom event bus names can't contain the `/` character, but you can use the `/` character in partner event bus names. In addition, for partner event buses, the name must exactly match the name of the partner event source that this event bus is matched to.\n\nYou can't use the name `default` for a custom event bus, as this name is already used for your account's default event bus.", - "title": "Name", - "type": "string" - }, - "Policy": { - "markdownDescription": "The permissions policy of the event bus, describing which other AWS accounts can write events to this event bus.", - "title": "Policy", - "type": "object" - }, - "Tags": { + "AllowedPrincipals": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "Tags to associate with the event bus.", - "title": "Tags", + "markdownDescription": "The Amazon Resource Names (ARN) of one or more principals (for example, users, IAM roles, and AWS accounts ). Permissions are granted to the principals in this list. To grant permissions to all principals, specify an asterisk (*). Permissions are revoked for principals not in this list. If the list is empty, then all permissions are revoked.", + "title": "AllowedPrincipals", "type": "array" + }, + "ServiceId": { + "markdownDescription": "The ID of the service.", + "title": "ServiceId", + "type": "string" } }, "required": [ - "Name" + "ServiceId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Events::EventBus" + "AWS::EC2::VPCEndpointServicePermissions" ], "type": "string" }, @@ -96912,7 +101424,7 @@ ], "type": "object" }, - "AWS::Events::EventBusPolicy": { + "AWS::EC2::VPCGatewayAttachment": { "additionalProperties": false, "properties": { "Condition": { @@ -96947,45 +101459,30 @@ "Properties": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The action that you are enabling the other account to perform.", - "title": "Action", - "type": "string" - }, - "Condition": { - "$ref": "#/definitions/AWS::Events::EventBusPolicy.Condition", - "markdownDescription": "This parameter enables you to limit the permission to accounts that fulfill a certain condition, such as being a member of a certain AWS organization. For more information about AWS Organizations, see [What Is AWS Organizations](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_introduction.html) in the *AWS Organizations User Guide* .\n\nIf you specify `Condition` with an AWS organization ID, and specify \"*\" as the value for `Principal` , you grant permission to all the accounts in the named organization.\n\nThe `Condition` is a JSON string which must contain `Type` , `Key` , and `Value` fields.", - "title": "Condition" - }, - "EventBusName": { - "markdownDescription": "The name of the event bus associated with the rule. If you omit this, the default event bus is used.", - "title": "EventBusName", + "InternetGatewayId": { + "markdownDescription": "The ID of the internet gateway.\n\nYou must specify either `InternetGatewayId` or `VpnGatewayId` , but not both.", + "title": "InternetGatewayId", "type": "string" }, - "Principal": { - "markdownDescription": "The 12-digit AWS account ID that you are permitting to put events to your default event bus. Specify \"*\" to permit any account to put events to your default event bus.\n\nIf you specify \"*\" without specifying `Condition` , avoid creating rules that may match undesirable events. To create more secure rules, make sure that the event pattern for each rule contains an `account` field with a specific account ID from which to receive events. Rules with an account field do not match any events sent from other accounts.", - "title": "Principal", + "VpcId": { + "markdownDescription": "The ID of the VPC.", + "title": "VpcId", "type": "string" }, - "Statement": { - "markdownDescription": "A JSON string that describes the permission policy statement. You can include a `Policy` parameter in the request instead of using the `StatementId` , `Action` , `Principal` , or `Condition` parameters.", - "title": "Statement", - "type": "object" - }, - "StatementId": { - "markdownDescription": "An identifier string for the external account that you are granting permissions to. If you later want to revoke the permission for this external account, specify this `StatementId` when you run [RemovePermission](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_RemovePermission.html) .\n\n> Each `StatementId` must be unique.", - "title": "StatementId", + "VpnGatewayId": { + "markdownDescription": "The ID of the virtual private gateway.\n\nYou must specify either `InternetGatewayId` or `VpnGatewayId` , but not both.", + "title": "VpnGatewayId", "type": "string" } }, "required": [ - "StatementId" + "VpcId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Events::EventBusPolicy" + "AWS::EC2::VPCGatewayAttachment" ], "type": "string" }, @@ -97004,28 +101501,7 @@ ], "type": "object" }, - "AWS::Events::EventBusPolicy.Condition": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "Specifies the key for the condition. Currently the only supported key is `aws:PrincipalOrgID` .", - "title": "Key", - "type": "string" - }, - "Type": { - "markdownDescription": "Specifies the type of condition. Currently the only supported value is `StringEquals` .", - "title": "Type", - "type": "string" - }, - "Value": { - "markdownDescription": "Specifies the value for the key. Currently, this must be the ID of the organization.", - "title": "Value", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Events::Rule": { + "AWS::EC2::VPCPeeringConnection": { "additionalProperties": false, "properties": { "Condition": { @@ -97060,55 +101536,49 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the rule.", - "title": "Description", - "type": "string" - }, - "EventBusName": { - "markdownDescription": "The name or ARN of the event bus associated with the rule. If you omit this, the default event bus is used.", - "title": "EventBusName", - "type": "string" - }, - "EventPattern": { - "markdownDescription": "The event pattern of the rule. For more information, see [Events and Event Patterns](https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-and-event-patterns.html) in the **Amazon EventBridge User Guide** .", - "title": "EventPattern", - "type": "object" - }, - "Name": { - "markdownDescription": "The name of the rule.", - "title": "Name", + "PeerOwnerId": { + "markdownDescription": "The AWS account ID of the owner of the accepter VPC.\n\nDefault: Your AWS account ID", + "title": "PeerOwnerId", "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role that is used for target invocation.\n\nIf you're setting an event bus in another account as the target and that account granted permission to your account through an organization instead of directly by the account ID, you must specify a `RoleArn` with proper permissions in the `Target` structure, instead of here in this parameter.", - "title": "RoleArn", + "PeerRegion": { + "markdownDescription": "The Region code for the accepter VPC, if the accepter VPC is located in a Region other than the Region in which you make the request.\n\nDefault: The Region in which you make the request.", + "title": "PeerRegion", "type": "string" }, - "ScheduleExpression": { - "markdownDescription": "The scheduling expression. For example, \"cron(0 20 * * ? *)\", \"rate(5 minutes)\". For more information, see [Creating an Amazon EventBridge rule that runs on a schedule](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-create-rule-schedule.html) .", - "title": "ScheduleExpression", + "PeerRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the VPC peer role for the peering connection in another AWS account.\n\nThis is required when you are peering a VPC in a different AWS account.", + "title": "PeerRoleArn", "type": "string" }, - "State": { - "markdownDescription": "The state of the rule.\n\nValid values include:\n\n- `DISABLED` : The rule is disabled. EventBridge does not match any events against the rule.\n- `ENABLED` : The rule is enabled. EventBridge matches events against the rule, *except* for AWS management events delivered through CloudTrail.\n- `ENABLED_WITH_ALL_CLOUDTRAIL_MANAGEMENT_EVENTS` : The rule is enabled for all events, including AWS management events delivered through CloudTrail.\n\nManagement events provide visibility into management operations that are performed on resources in your AWS account. These are also known as control plane operations. For more information, see [Logging management events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-events-with-cloudtrail.html#logging-management-events) in the *CloudTrail User Guide* , and [Filtering management events from AWS services](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-service-event.html#eb-service-event-cloudtrail) in the **Amazon EventBridge User Guide** .\n\nThis value is only valid for rules on the [default](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-what-is-how-it-works-concepts.html#eb-bus-concepts-buses) event bus or [custom event buses](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-create-event-bus.html) . It does not apply to [partner event buses](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-saas.html) .", - "title": "State", + "PeerVpcId": { + "markdownDescription": "The ID of the VPC with which you are creating the VPC peering connection. You must specify this parameter in the request.", + "title": "PeerVpcId", "type": "string" }, - "Targets": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::Events::Rule.Target" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "Adds the specified targets to the specified rule, or updates the targets if they are already associated with the rule.\n\nTargets are the resources that are invoked when a rule is triggered.\n\nThe maximum number of entries per request is 10.\n\n> Each rule can have up to five (5) targets associated with it at one time. \n\nFor a list of services you can configure as targets for events, see [EventBridge targets](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-targets.html) in the **Amazon EventBridge User Guide** .\n\nCreating rules with built-in targets is supported only in the AWS Management Console . The built-in targets are:\n\n- `Amazon EBS CreateSnapshot API call`\n- `Amazon EC2 RebootInstances API call`\n- `Amazon EC2 StopInstances API call`\n- `Amazon EC2 TerminateInstances API call`\n\nFor some target types, `PutTargets` provides target-specific parameters. If the target is a Kinesis data stream, you can optionally specify which shard the event goes to by using the `KinesisParameters` argument. To invoke a command on multiple EC2 instances with one rule, you can use the `RunCommandParameters` field.\n\nTo be able to make API calls against the resources that you own, Amazon EventBridge needs the appropriate permissions:\n\n- For AWS Lambda and Amazon SNS resources, EventBridge relies on resource-based policies.\n- For EC2 instances, Kinesis Data Streams, AWS Step Functions state machines and API Gateway APIs, EventBridge relies on IAM roles that you specify in the `RoleARN` argument in `PutTargets` .\n\nFor more information, see [Authentication and Access Control](https://docs.aws.amazon.com/eventbridge/latest/userguide/auth-and-access-control-eventbridge.html) in the **Amazon EventBridge User Guide** .\n\nIf another AWS account is in the same region and has granted you permission (using `PutPermission` ), you can send events to that account. Set that account's event bus as a target of the rules in your account. To send the matched events to the other account, specify that account's event bus as the `Arn` value when you run `PutTargets` . If your account sends events to another account, your account is charged for each sent event. Each event sent to another account is charged as a custom event. The account receiving the event is not charged. For more information, see [Amazon EventBridge Pricing](https://docs.aws.amazon.com/eventbridge/pricing/) .\n\n> `Input` , `InputPath` , and `InputTransformer` are not available with `PutTarget` if the target is an event bus of a different AWS account. \n\nIf you are setting the event bus of another account as the target, and that account granted permission to your account through an organization instead of directly by the account ID, then you must specify a `RoleArn` with proper permissions in the `Target` structure. For more information, see [Sending and Receiving Events Between AWS Accounts](https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-cross-account-event-delivery.html) in the *Amazon EventBridge User Guide* .\n\n> If you have an IAM role on a cross-account event bus target, a `PutTargets` call without a role on the same target (same `Id` and `Arn` ) will not remove the role. \n\nFor more information about enabling cross-account events, see [PutPermission](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_PutPermission.html) .\n\n*Input* , *InputPath* , and *InputTransformer* are mutually exclusive and optional parameters of a target. When a rule is triggered due to a matched event:\n\n- If none of the following arguments are specified for a target, then the entire event is passed to the target in JSON format (unless the target is Amazon EC2 Run Command or Amazon ECS task, in which case nothing from the event is passed to the target).\n- If *Input* is specified in the form of valid JSON, then the matched event is overridden with this constant.\n- If *InputPath* is specified in the form of JSONPath (for example, `$.detail` ), then only the part of the event specified in the path is passed to the target (for example, only the detail part of the event is passed).\n- If *InputTransformer* is specified, then one or more specified JSONPaths are extracted from the event and used as values in a template that you specify as the input to the target.\n\nWhen you specify `InputPath` or `InputTransformer` , you must use JSON dot notation, not bracket notation.\n\nWhen you add targets to a rule and the associated rule triggers soon after, new or updated targets might not be immediately invoked. Allow a short period of time for changes to take effect.\n\nThis action can partially fail if too many requests are made at the same time. If that happens, `FailedEntryCount` is non-zero in the response and each entry in `FailedEntries` provides the ID of the failed target and the error code.", - "title": "Targets", + "markdownDescription": "Any tags assigned to the resource.", + "title": "Tags", "type": "array" + }, + "VpcId": { + "markdownDescription": "The ID of the VPC.", + "title": "VpcId", + "type": "string" } }, + "required": [ + "PeerVpcId", + "VpcId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Events::Rule" + "AWS::EC2::VPCPeeringConnection" ], "type": "string" }, @@ -97122,597 +101592,392 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Events::Rule.AppSyncParameters": { + "AWS::EC2::VPNConnection": { "additionalProperties": false, "properties": { - "GraphQLOperation": { - "markdownDescription": "The GraphQL operation; that is, the query, mutation, or subscription to be parsed and executed by the GraphQL service.\n\nFor more information, see [Operations](https://docs.aws.amazon.com/appsync/latest/devguide/graphql-architecture.html#graphql-operations) in the *AWS AppSync User Guide* .", - "title": "GraphQLOperation", + "Condition": { "type": "string" - } - }, - "required": [ - "GraphQLOperation" - ], - "type": "object" - }, - "AWS::Events::Rule.AwsVpcConfiguration": { - "additionalProperties": false, - "properties": { - "AssignPublicIp": { - "markdownDescription": "Specifies whether the task's elastic network interface receives a public IP address. You can specify `ENABLED` only when `LaunchType` in `EcsParameters` is set to `FARGATE` .", - "title": "AssignPublicIp", + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the security groups associated with the task. These security groups must all be in the same VPC. You can specify as many as five security groups. If you do not specify a security group, the default security group for the VPC is used.", - "title": "SecurityGroups", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Subnets": { - "items": { - "type": "string" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CustomerGatewayId": { + "markdownDescription": "The ID of the customer gateway at your end of the VPN connection.", + "title": "CustomerGatewayId", + "type": "string" + }, + "EnableAcceleration": { + "markdownDescription": "Indicate whether to enable acceleration for the VPN connection.\n\nDefault: `false`", + "title": "EnableAcceleration", + "type": "boolean" + }, + "LocalIpv4NetworkCidr": { + "markdownDescription": "The IPv4 CIDR on the customer gateway (on-premises) side of the VPN connection.\n\nDefault: `0.0.0.0/0`", + "title": "LocalIpv4NetworkCidr", + "type": "string" + }, + "LocalIpv6NetworkCidr": { + "markdownDescription": "The IPv6 CIDR on the customer gateway (on-premises) side of the VPN connection.\n\nDefault: `::/0`", + "title": "LocalIpv6NetworkCidr", + "type": "string" + }, + "OutsideIpAddressType": { + "markdownDescription": "The type of IP address assigned to the outside interface of the customer gateway device.\n\nValid values: `PrivateIpv4` | `PublicIpv4` | `Ipv6`\n\nDefault: `PublicIpv4`", + "title": "OutsideIpAddressType", + "type": "string" + }, + "RemoteIpv4NetworkCidr": { + "markdownDescription": "The IPv4 CIDR on the AWS side of the VPN connection.\n\nDefault: `0.0.0.0/0`", + "title": "RemoteIpv4NetworkCidr", + "type": "string" + }, + "RemoteIpv6NetworkCidr": { + "markdownDescription": "The IPv6 CIDR on the AWS side of the VPN connection.\n\nDefault: `::/0`", + "title": "RemoteIpv6NetworkCidr", + "type": "string" + }, + "StaticRoutesOnly": { + "markdownDescription": "Indicates whether the VPN connection uses static routes only. Static routes must be used for devices that don't support BGP.\n\nIf you are creating a VPN connection for a device that does not support Border Gateway Protocol (BGP), you must specify `true` .", + "title": "StaticRoutesOnly", + "type": "boolean" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Any tags assigned to the VPN connection.", + "title": "Tags", + "type": "array" + }, + "TransitGatewayId": { + "markdownDescription": "The ID of the transit gateway associated with the VPN connection.\n\nYou must specify either `TransitGatewayId` or `VpnGatewayId` , but not both.", + "title": "TransitGatewayId", + "type": "string" + }, + "TransportTransitGatewayAttachmentId": { + "markdownDescription": "The transit gateway attachment ID to use for the VPN tunnel.\n\nRequired if `OutsideIpAddressType` is set to `PrivateIpv4` .", + "title": "TransportTransitGatewayAttachmentId", + "type": "string" + }, + "TunnelInsideIpVersion": { + "markdownDescription": "Indicate whether the VPN tunnels process IPv4 or IPv6 traffic.\n\nDefault: `ipv4`", + "title": "TunnelInsideIpVersion", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of VPN connection.", + "title": "Type", + "type": "string" + }, + "VpnGatewayId": { + "markdownDescription": "The ID of the virtual private gateway at the AWS side of the VPN connection.\n\nYou must specify either `TransitGatewayId` or `VpnGatewayId` , but not both.", + "title": "VpnGatewayId", + "type": "string" + }, + "VpnTunnelOptionsSpecifications": { + "items": { + "$ref": "#/definitions/AWS::EC2::VPNConnection.VpnTunnelOptionsSpecification" + }, + "markdownDescription": "The tunnel options for the VPN connection.", + "title": "VpnTunnelOptionsSpecifications", + "type": "array" + } }, - "markdownDescription": "Specifies the subnets associated with the task. These subnets must all be in the same VPC. You can specify as many as 16 subnets.", - "title": "Subnets", - "type": "array" - } - }, - "required": [ - "Subnets" - ], - "type": "object" - }, - "AWS::Events::Rule.BatchArrayProperties": { - "additionalProperties": false, - "properties": { - "Size": { - "markdownDescription": "The size of the array, if this is an array batch job. Valid values are integers between 2 and 10,000.", - "title": "Size", - "type": "number" - } - }, - "type": "object" - }, - "AWS::Events::Rule.BatchParameters": { - "additionalProperties": false, - "properties": { - "ArrayProperties": { - "$ref": "#/definitions/AWS::Events::Rule.BatchArrayProperties", - "markdownDescription": "The array properties for the submitted job, such as the size of the array. The array size can be between 2 and 10,000. If you specify array properties for a job, it becomes an array job. This parameter is used only if the target is an AWS Batch job.", - "title": "ArrayProperties" + "required": [ + "CustomerGatewayId", + "Type" + ], + "type": "object" }, - "JobDefinition": { - "markdownDescription": "The ARN or name of the job definition to use if the event target is an AWS Batch job. This job definition must already exist.", - "title": "JobDefinition", + "Type": { + "enum": [ + "AWS::EC2::VPNConnection" + ], "type": "string" }, - "JobName": { - "markdownDescription": "The name to use for this execution of the job, if the target is an AWS Batch job.", - "title": "JobName", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "RetryStrategy": { - "$ref": "#/definitions/AWS::Events::Rule.BatchRetryStrategy", - "markdownDescription": "The retry strategy to use for failed jobs, if the target is an AWS Batch job. The retry strategy is the number of times to retry the failed job execution. Valid values are 1\u201310. When you specify a retry strategy here, it overrides the retry strategy defined in the job definition.", - "title": "RetryStrategy" } }, "required": [ - "JobDefinition", - "JobName" + "Type", + "Properties" ], "type": "object" }, - "AWS::Events::Rule.BatchRetryStrategy": { - "additionalProperties": false, - "properties": { - "Attempts": { - "markdownDescription": "The number of times to attempt to retry, if the job fails. Valid values are 1\u201310.", - "title": "Attempts", - "type": "number" - } - }, - "type": "object" - }, - "AWS::Events::Rule.CapacityProviderStrategyItem": { + "AWS::EC2::VPNConnection.CloudwatchLogOptionsSpecification": { "additionalProperties": false, "properties": { - "Base": { - "markdownDescription": "The base value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined. If no value is specified, the default value of 0 is used.", - "title": "Base", - "type": "number" + "LogEnabled": { + "markdownDescription": "Enable or disable VPN tunnel logging feature. Default value is `False` .\n\nValid values: `True` | `False`", + "title": "LogEnabled", + "type": "boolean" }, - "CapacityProvider": { - "markdownDescription": "The short name of the capacity provider.", - "title": "CapacityProvider", + "LogGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the CloudWatch log group to send logs to.", + "title": "LogGroupArn", "type": "string" }, - "Weight": { - "markdownDescription": "The weight value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The weight value is taken into consideration after the base value, if defined, is satisfied.", - "title": "Weight", - "type": "number" + "LogOutputFormat": { + "markdownDescription": "Set log format. Default format is `json` .\n\nValid values: `json` | `text`", + "title": "LogOutputFormat", + "type": "string" } }, - "required": [ - "CapacityProvider" - ], "type": "object" }, - "AWS::Events::Rule.DeadLetterConfig": { + "AWS::EC2::VPNConnection.IKEVersionsRequestListValue": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The ARN of the SQS queue specified as the target for the dead-letter queue.", - "title": "Arn", + "Value": { + "markdownDescription": "The IKE version.", + "title": "Value", "type": "string" } }, "type": "object" }, - "AWS::Events::Rule.EcsParameters": { + "AWS::EC2::VPNConnection.Phase1DHGroupNumbersRequestListValue": { "additionalProperties": false, "properties": { - "CapacityProviderStrategy": { - "items": { - "$ref": "#/definitions/AWS::Events::Rule.CapacityProviderStrategyItem" - }, - "markdownDescription": "The capacity provider strategy to use for the task.\n\nIf a `capacityProviderStrategy` is specified, the `launchType` parameter must be omitted. If no `capacityProviderStrategy` or launchType is specified, the `defaultCapacityProviderStrategy` for the cluster is used.", - "title": "CapacityProviderStrategy", - "type": "array" - }, - "EnableECSManagedTags": { - "markdownDescription": "Specifies whether to enable Amazon ECS managed tags for the task. For more information, see [Tagging Your Amazon ECS Resources](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-using-tags.html) in the Amazon Elastic Container Service Developer Guide.", - "title": "EnableECSManagedTags", - "type": "boolean" - }, - "EnableExecuteCommand": { - "markdownDescription": "Whether or not to enable the execute command functionality for the containers in this task. If true, this enables execute command functionality on all containers in the task.", - "title": "EnableExecuteCommand", - "type": "boolean" - }, - "Group": { - "markdownDescription": "Specifies an ECS task group for the task. The maximum length is 255 characters.", - "title": "Group", - "type": "string" - }, - "LaunchType": { - "markdownDescription": "Specifies the launch type on which your task is running. The launch type that you specify here must match one of the launch type (compatibilities) of the target task. The `FARGATE` value is supported only in the Regions where AWS Fargate with Amazon ECS is supported. For more information, see [AWS Fargate on Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/AWS-Fargate.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "LaunchType", - "type": "string" - }, - "NetworkConfiguration": { - "$ref": "#/definitions/AWS::Events::Rule.NetworkConfiguration", - "markdownDescription": "Use this structure if the Amazon ECS task uses the `awsvpc` network mode. This structure specifies the VPC subnets and security groups associated with the task, and whether a public IP address is to be used. This structure is required if `LaunchType` is `FARGATE` because the `awsvpc` mode is required for Fargate tasks.\n\nIf you specify `NetworkConfiguration` when the target ECS task does not use the `awsvpc` network mode, the task fails.", - "title": "NetworkConfiguration" - }, - "PlacementConstraints": { - "items": { - "$ref": "#/definitions/AWS::Events::Rule.PlacementConstraint" - }, - "markdownDescription": "An array of placement constraint objects to use for the task. You can specify up to 10 constraints per task (including constraints in the task definition and those specified at runtime).", - "title": "PlacementConstraints", - "type": "array" - }, - "PlacementStrategies": { - "items": { - "$ref": "#/definitions/AWS::Events::Rule.PlacementStrategy" - }, - "markdownDescription": "The placement strategy objects to use for the task. You can specify a maximum of five strategy rules per task.", - "title": "PlacementStrategies", - "type": "array" - }, - "PlatformVersion": { - "markdownDescription": "Specifies the platform version for the task. Specify only the numeric portion of the platform version, such as `1.1.0` .\n\nThis structure is used only if `LaunchType` is `FARGATE` . For more information about valid platform versions, see [AWS Fargate Platform Versions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "PlatformVersion", - "type": "string" - }, - "PropagateTags": { - "markdownDescription": "Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags are not propagated. Tags can only be propagated to the task during task creation. To add tags to a task after task creation, use the TagResource API action.", - "title": "PropagateTags", - "type": "string" - }, - "ReferenceId": { - "markdownDescription": "The reference ID to use for the task.", - "title": "ReferenceId", - "type": "string" - }, - "TagList": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The metadata that you apply to the task to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define. To learn more, see [RunTask](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RunTask.html#ECS-RunTask-request-tags) in the Amazon ECS API Reference.", - "title": "TagList", - "type": "array" - }, - "TaskCount": { - "markdownDescription": "The number of tasks to create based on `TaskDefinition` . The default is 1.", - "title": "TaskCount", + "Value": { + "markdownDescription": "The Diffie-Hellmann group number.", + "title": "Value", "type": "number" - }, - "TaskDefinitionArn": { - "markdownDescription": "The ARN of the task definition to use if the event target is an Amazon ECS task.", - "title": "TaskDefinitionArn", - "type": "string" } }, - "required": [ - "TaskDefinitionArn" - ], "type": "object" }, - "AWS::Events::Rule.HttpParameters": { + "AWS::EC2::VPNConnection.Phase1EncryptionAlgorithmsRequestListValue": { "additionalProperties": false, "properties": { - "HeaderParameters": { - "additionalProperties": true, - "markdownDescription": "The headers that need to be sent as part of request invoking the API Gateway API or EventBridge ApiDestination.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "HeaderParameters", - "type": "object" - }, - "PathParameterValues": { - "items": { - "type": "string" - }, - "markdownDescription": "The path parameter values to be used to populate API Gateway API or EventBridge ApiDestination path wildcards (\"*\").", - "title": "PathParameterValues", - "type": "array" - }, - "QueryStringParameters": { - "additionalProperties": true, - "markdownDescription": "The query string keys/values that need to be sent as part of request invoking the API Gateway API or EventBridge ApiDestination.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "QueryStringParameters", - "type": "object" + "Value": { + "markdownDescription": "The value for the encryption algorithm.", + "title": "Value", + "type": "string" } }, "type": "object" }, - "AWS::Events::Rule.InputTransformer": { + "AWS::EC2::VPNConnection.Phase1IntegrityAlgorithmsRequestListValue": { "additionalProperties": false, "properties": { - "InputPathsMap": { - "additionalProperties": true, - "markdownDescription": "Map of JSON paths to be extracted from the event. You can then insert these in the template in `InputTemplate` to produce the output you want to be sent to the target.\n\n`InputPathsMap` is an array key-value pairs, where each value is a valid JSON path. You can have as many as 100 key-value pairs. You must use JSON dot notation, not bracket notation.\n\nThe keys cannot start with \" AWS .\"", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "InputPathsMap", - "type": "object" - }, - "InputTemplate": { - "markdownDescription": "Input template where you specify placeholders that will be filled with the values of the keys from `InputPathsMap` to customize the data sent to the target. Enclose each `InputPathsMaps` value in brackets: < *value* >\n\nIf `InputTemplate` is a JSON object (surrounded by curly braces), the following restrictions apply:\n\n- The placeholder cannot be used as an object key.\n\nThe following example shows the syntax for using `InputPathsMap` and `InputTemplate` .\n\n`\"InputTransformer\":`\n\n`{`\n\n`\"InputPathsMap\": {\"instance\": \"$.detail.instance\",\"status\": \"$.detail.status\"},`\n\n`\"InputTemplate\": \" is in state \"`\n\n`}`\n\nTo have the `InputTemplate` include quote marks within a JSON string, escape each quote marks with a slash, as in the following example:\n\n`\"InputTransformer\":`\n\n`{`\n\n`\"InputPathsMap\": {\"instance\": \"$.detail.instance\",\"status\": \"$.detail.status\"},`\n\n`\"InputTemplate\": \" is in state \\\"\\\"\"`\n\n`}`\n\nThe `InputTemplate` can also be valid JSON with varibles in quotes or out, as in the following example:\n\n`\"InputTransformer\":`\n\n`{`\n\n`\"InputPathsMap\": {\"instance\": \"$.detail.instance\",\"status\": \"$.detail.status\"},`\n\n`\"InputTemplate\": '{\"myInstance\": ,\"myStatus\": \" is in state \\\"\\\"\"}'`\n\n`}`", - "title": "InputTemplate", + "Value": { + "markdownDescription": "The value for the integrity algorithm.", + "title": "Value", "type": "string" } }, - "required": [ - "InputTemplate" - ], "type": "object" }, - "AWS::Events::Rule.KinesisParameters": { + "AWS::EC2::VPNConnection.Phase2DHGroupNumbersRequestListValue": { "additionalProperties": false, "properties": { - "PartitionKeyPath": { - "markdownDescription": "The JSON path to be extracted from the event and used as the partition key. For more information, see [Amazon Kinesis Streams Key Concepts](https://docs.aws.amazon.com/streams/latest/dev/key-concepts.html#partition-key) in the *Amazon Kinesis Streams Developer Guide* .", - "title": "PartitionKeyPath", - "type": "string" + "Value": { + "markdownDescription": "The Diffie-Hellmann group number.", + "title": "Value", + "type": "number" } }, - "required": [ - "PartitionKeyPath" - ], "type": "object" }, - "AWS::Events::Rule.NetworkConfiguration": { + "AWS::EC2::VPNConnection.Phase2EncryptionAlgorithmsRequestListValue": { "additionalProperties": false, "properties": { - "AwsVpcConfiguration": { - "$ref": "#/definitions/AWS::Events::Rule.AwsVpcConfiguration", - "markdownDescription": "Use this structure to specify the VPC subnets and security groups for the task, and whether a public IP address is to be used. This structure is relevant only for ECS tasks that use the `awsvpc` network mode.", - "title": "AwsVpcConfiguration" + "Value": { + "markdownDescription": "The encryption algorithm.", + "title": "Value", + "type": "string" } }, "type": "object" }, - "AWS::Events::Rule.PlacementConstraint": { + "AWS::EC2::VPNConnection.Phase2IntegrityAlgorithmsRequestListValue": { "additionalProperties": false, "properties": { - "Expression": { - "markdownDescription": "A cluster query language expression to apply to the constraint. You cannot specify an expression if the constraint type is `distinctInstance` . To learn more, see [Cluster Query Language](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html) in the Amazon Elastic Container Service Developer Guide.", - "title": "Expression", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of constraint. Use distinctInstance to ensure that each task in a particular group is running on a different container instance. Use memberOf to restrict the selection to a group of valid candidates.", - "title": "Type", + "Value": { + "markdownDescription": "The integrity algorithm.", + "title": "Value", "type": "string" } }, "type": "object" }, - "AWS::Events::Rule.PlacementStrategy": { + "AWS::EC2::VPNConnection.VpnTunnelLogOptionsSpecification": { "additionalProperties": false, "properties": { - "Field": { - "markdownDescription": "The field to apply the placement strategy against. For the spread placement strategy, valid values are instanceId (or host, which has the same effect), or any platform or custom attribute that is applied to a container instance, such as attribute:ecs.availability-zone. For the binpack placement strategy, valid values are cpu and memory. For the random placement strategy, this field is not used.", - "title": "Field", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of placement strategy. The random placement strategy randomly places tasks on available candidates. The spread placement strategy spreads placement across available candidates evenly based on the field parameter. The binpack strategy places tasks on available candidates that have the least available amount of the resource that is specified with the field parameter. For example, if you binpack on memory, a task is placed on the instance with the least amount of remaining memory (but still enough to run the task).", - "title": "Type", - "type": "string" + "CloudwatchLogOptions": { + "$ref": "#/definitions/AWS::EC2::VPNConnection.CloudwatchLogOptionsSpecification", + "markdownDescription": "Options for sending VPN tunnel logs to CloudWatch.", + "title": "CloudwatchLogOptions" } }, "type": "object" }, - "AWS::Events::Rule.RedshiftDataParameters": { + "AWS::EC2::VPNConnection.VpnTunnelOptionsSpecification": { "additionalProperties": false, "properties": { - "Database": { - "markdownDescription": "The name of the database. Required when authenticating using temporary credentials.", - "title": "Database", + "DPDTimeoutAction": { + "markdownDescription": "The action to take after DPD timeout occurs. Specify `restart` to restart the IKE initiation. Specify `clear` to end the IKE session.\n\nValid Values: `clear` | `none` | `restart`\n\nDefault: `clear`", + "title": "DPDTimeoutAction", "type": "string" }, - "DbUser": { - "markdownDescription": "The database user name. Required when authenticating using temporary credentials.", - "title": "DbUser", - "type": "string" - }, - "SecretManagerArn": { - "markdownDescription": "The name or ARN of the secret that enables access to the database. Required when authenticating using AWS Secrets Manager.", - "title": "SecretManagerArn", - "type": "string" + "DPDTimeoutSeconds": { + "markdownDescription": "The number of seconds after which a DPD timeout occurs.\n\nConstraints: A value greater than or equal to 30.\n\nDefault: `30`", + "title": "DPDTimeoutSeconds", + "type": "number" }, - "Sql": { - "markdownDescription": "The SQL statement text to run.", - "title": "Sql", - "type": "string" + "EnableTunnelLifecycleControl": { + "markdownDescription": "Turn on or off tunnel endpoint lifecycle control feature.", + "title": "EnableTunnelLifecycleControl", + "type": "boolean" }, - "Sqls": { + "IKEVersions": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EC2::VPNConnection.IKEVersionsRequestListValue" }, - "markdownDescription": "One or more SQL statements to run. The SQL statements are run as a single transaction. They run serially in the order of the array. Subsequent SQL statements don't start until the previous statement in the array completes. If any SQL statement fails, then because they are run as one transaction, all work is rolled back.", - "title": "Sqls", + "markdownDescription": "The IKE versions that are permitted for the VPN tunnel.\n\nValid values: `ikev1` | `ikev2`", + "title": "IKEVersions", "type": "array" }, - "StatementName": { - "markdownDescription": "The name of the SQL statement. You can name the SQL statement when you create it to identify the query.", - "title": "StatementName", - "type": "string" - }, - "WithEvent": { - "markdownDescription": "Indicates whether to send an event back to EventBridge after the SQL statement runs.", - "title": "WithEvent", - "type": "boolean" - } - }, - "required": [ - "Database" - ], - "type": "object" - }, - "AWS::Events::Rule.RetryPolicy": { - "additionalProperties": false, - "properties": { - "MaximumEventAgeInSeconds": { - "markdownDescription": "The maximum amount of time, in seconds, to continue to make retry attempts.", - "title": "MaximumEventAgeInSeconds", - "type": "number" + "LogOptions": { + "$ref": "#/definitions/AWS::EC2::VPNConnection.VpnTunnelLogOptionsSpecification", + "markdownDescription": "Options for logging VPN tunnel activity.", + "title": "LogOptions" }, - "MaximumRetryAttempts": { - "markdownDescription": "The maximum number of retry attempts to make before the request fails. Retry attempts continue until either the maximum number of attempts is made or until the duration of the `MaximumEventAgeInSeconds` is met.", - "title": "MaximumRetryAttempts", - "type": "number" - } - }, - "type": "object" - }, - "AWS::Events::Rule.RunCommandParameters": { - "additionalProperties": false, - "properties": { - "RunCommandTargets": { + "Phase1DHGroupNumbers": { "items": { - "$ref": "#/definitions/AWS::Events::Rule.RunCommandTarget" + "$ref": "#/definitions/AWS::EC2::VPNConnection.Phase1DHGroupNumbersRequestListValue" }, - "markdownDescription": "Currently, we support including only one RunCommandTarget block, which specifies either an array of InstanceIds or a tag.", - "title": "RunCommandTargets", + "markdownDescription": "One or more Diffie-Hellman group numbers that are permitted for the VPN tunnel for phase 1 IKE negotiations.\n\nValid values: `2` | `14` | `15` | `16` | `17` | `18` | `19` | `20` | `21` | `22` | `23` | `24`", + "title": "Phase1DHGroupNumbers", "type": "array" - } - }, - "required": [ - "RunCommandTargets" - ], - "type": "object" - }, - "AWS::Events::Rule.RunCommandTarget": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "Can be either `tag:` *tag-key* or `InstanceIds` .", - "title": "Key", - "type": "string" }, - "Values": { + "Phase1EncryptionAlgorithms": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EC2::VPNConnection.Phase1EncryptionAlgorithmsRequestListValue" }, - "markdownDescription": "If `Key` is `tag:` *tag-key* , `Values` is a list of tag values. If `Key` is `InstanceIds` , `Values` is a list of Amazon EC2 instance IDs.", - "title": "Values", + "markdownDescription": "One or more encryption algorithms that are permitted for the VPN tunnel for phase 1 IKE negotiations.\n\nValid values: `AES128` | `AES256` | `AES128-GCM-16` | `AES256-GCM-16`", + "title": "Phase1EncryptionAlgorithms", "type": "array" - } - }, - "required": [ - "Key", - "Values" - ], - "type": "object" - }, - "AWS::Events::Rule.SageMakerPipelineParameter": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "Name of parameter to start execution of a SageMaker AI Model Building Pipeline.", - "title": "Name", - "type": "string" }, - "Value": { - "markdownDescription": "Value of parameter to start execution of a SageMaker AI Model Building Pipeline.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Name", - "Value" - ], - "type": "object" - }, - "AWS::Events::Rule.SageMakerPipelineParameters": { - "additionalProperties": false, - "properties": { - "PipelineParameterList": { + "Phase1IntegrityAlgorithms": { "items": { - "$ref": "#/definitions/AWS::Events::Rule.SageMakerPipelineParameter" + "$ref": "#/definitions/AWS::EC2::VPNConnection.Phase1IntegrityAlgorithmsRequestListValue" }, - "markdownDescription": "List of Parameter names and values for SageMaker AI Model Building Pipeline execution.", - "title": "PipelineParameterList", + "markdownDescription": "One or more integrity algorithms that are permitted for the VPN tunnel for phase 1 IKE negotiations.\n\nValid values: `SHA1` | `SHA2-256` | `SHA2-384` | `SHA2-512`", + "title": "Phase1IntegrityAlgorithms", "type": "array" - } - }, - "type": "object" - }, - "AWS::Events::Rule.SqsParameters": { - "additionalProperties": false, - "properties": { - "MessageGroupId": { - "markdownDescription": "The FIFO message group ID to use as the target.", - "title": "MessageGroupId", - "type": "string" - } - }, - "required": [ - "MessageGroupId" - ], - "type": "object" - }, - "AWS::Events::Rule.Target": { - "additionalProperties": false, - "properties": { - "AppSyncParameters": { - "$ref": "#/definitions/AWS::Events::Rule.AppSyncParameters", - "markdownDescription": "Contains the GraphQL operation to be parsed and executed, if the event target is an AWS AppSync API.", - "title": "AppSyncParameters" - }, - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the target.", - "title": "Arn", - "type": "string" - }, - "BatchParameters": { - "$ref": "#/definitions/AWS::Events::Rule.BatchParameters", - "markdownDescription": "If the event target is an AWS Batch job, this contains the job definition, job name, and other parameters. For more information, see [Jobs](https://docs.aws.amazon.com/batch/latest/userguide/jobs.html) in the *AWS Batch User Guide* .", - "title": "BatchParameters" }, - "DeadLetterConfig": { - "$ref": "#/definitions/AWS::Events::Rule.DeadLetterConfig", - "markdownDescription": "The `DeadLetterConfig` that defines the target queue to send dead-letter queue events to.", - "title": "DeadLetterConfig" + "Phase1LifetimeSeconds": { + "markdownDescription": "The lifetime for phase 1 of the IKE negotiation, in seconds.\n\nConstraints: A value between 900 and 28,800.\n\nDefault: `28800`", + "title": "Phase1LifetimeSeconds", + "type": "number" }, - "EcsParameters": { - "$ref": "#/definitions/AWS::Events::Rule.EcsParameters", - "markdownDescription": "Contains the Amazon ECS task definition and task count to be used, if the event target is an Amazon ECS task. For more information about Amazon ECS tasks, see [Task Definitions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_defintions.html) in the *Amazon EC2 Container Service Developer Guide* .", - "title": "EcsParameters" + "Phase2DHGroupNumbers": { + "items": { + "$ref": "#/definitions/AWS::EC2::VPNConnection.Phase2DHGroupNumbersRequestListValue" + }, + "markdownDescription": "One or more Diffie-Hellman group numbers that are permitted for the VPN tunnel for phase 2 IKE negotiations.\n\nValid values: `2` | `5` | `14` | `15` | `16` | `17` | `18` | `19` | `20` | `21` | `22` | `23` | `24`", + "title": "Phase2DHGroupNumbers", + "type": "array" }, - "HttpParameters": { - "$ref": "#/definitions/AWS::Events::Rule.HttpParameters", - "markdownDescription": "Contains the HTTP parameters to use when the target is a API Gateway endpoint or EventBridge ApiDestination.\n\nIf you specify an API Gateway API or EventBridge ApiDestination as a target, you can use this parameter to specify headers, path parameters, and query string keys/values as part of your target invoking request. If you're using ApiDestinations, the corresponding Connection can also have these values configured. In case of any conflicting keys, values from the Connection take precedence.", - "title": "HttpParameters" + "Phase2EncryptionAlgorithms": { + "items": { + "$ref": "#/definitions/AWS::EC2::VPNConnection.Phase2EncryptionAlgorithmsRequestListValue" + }, + "markdownDescription": "One or more encryption algorithms that are permitted for the VPN tunnel for phase 2 IKE negotiations.\n\nValid values: `AES128` | `AES256` | `AES128-GCM-16` | `AES256-GCM-16`", + "title": "Phase2EncryptionAlgorithms", + "type": "array" }, - "Id": { - "markdownDescription": "The ID of the target within the specified rule. Use this ID to reference the target when updating the rule. We recommend using a memorable and unique string.", - "title": "Id", - "type": "string" + "Phase2IntegrityAlgorithms": { + "items": { + "$ref": "#/definitions/AWS::EC2::VPNConnection.Phase2IntegrityAlgorithmsRequestListValue" + }, + "markdownDescription": "One or more integrity algorithms that are permitted for the VPN tunnel for phase 2 IKE negotiations.\n\nValid values: `SHA1` | `SHA2-256` | `SHA2-384` | `SHA2-512`", + "title": "Phase2IntegrityAlgorithms", + "type": "array" }, - "Input": { - "markdownDescription": "Valid JSON text passed to the target. In this case, nothing from the event itself is passed to the target. For more information, see [The JavaScript Object Notation (JSON) Data Interchange Format](https://docs.aws.amazon.com/http://www.rfc-editor.org/rfc/rfc7159.txt) .", - "title": "Input", - "type": "string" + "Phase2LifetimeSeconds": { + "markdownDescription": "The lifetime for phase 2 of the IKE negotiation, in seconds.\n\nConstraints: A value between 900 and 3,600. The value must be less than the value for `Phase1LifetimeSeconds` .\n\nDefault: `3600`", + "title": "Phase2LifetimeSeconds", + "type": "number" }, - "InputPath": { - "markdownDescription": "The value of the JSONPath that is used for extracting part of the matched event when passing it to the target. You may use JSON dot notation or bracket notation. For more information about JSON paths, see [JSONPath](https://docs.aws.amazon.com/http://goessner.net/articles/JsonPath/) .", - "title": "InputPath", + "PreSharedKey": { + "markdownDescription": "The pre-shared key (PSK) to establish initial authentication between the virtual private gateway and customer gateway.\n\nConstraints: Allowed characters are alphanumeric characters, periods (.), and underscores (_). Must be between 8 and 64 characters in length and cannot start with zero (0).", + "title": "PreSharedKey", "type": "string" }, - "InputTransformer": { - "$ref": "#/definitions/AWS::Events::Rule.InputTransformer", - "markdownDescription": "Settings to enable you to provide custom input to a target based on certain event data. You can extract one or more key-value pairs from the event and then use that data to send customized input to the target.", - "title": "InputTransformer" - }, - "KinesisParameters": { - "$ref": "#/definitions/AWS::Events::Rule.KinesisParameters", - "markdownDescription": "The custom parameter you can use to control the shard assignment, when the target is a Kinesis data stream. If you do not include this parameter, the default is to use the `eventId` as the partition key.", - "title": "KinesisParameters" + "RekeyFuzzPercentage": { + "markdownDescription": "The percentage of the rekey window (determined by `RekeyMarginTimeSeconds` ) during which the rekey time is randomly selected.\n\nConstraints: A value between 0 and 100.\n\nDefault: `100`", + "title": "RekeyFuzzPercentage", + "type": "number" }, - "RedshiftDataParameters": { - "$ref": "#/definitions/AWS::Events::Rule.RedshiftDataParameters", - "markdownDescription": "Contains the Amazon Redshift Data API parameters to use when the target is a Amazon Redshift cluster.\n\nIf you specify a Amazon Redshift Cluster as a Target, you can use this to specify parameters to invoke the Amazon Redshift Data API ExecuteStatement based on EventBridge events.", - "title": "RedshiftDataParameters" + "RekeyMarginTimeSeconds": { + "markdownDescription": "The margin time, in seconds, before the phase 2 lifetime expires, during which the AWS side of the VPN connection performs an IKE rekey. The exact time of the rekey is randomly selected based on the value for `RekeyFuzzPercentage` .\n\nConstraints: A value between 60 and half of `Phase2LifetimeSeconds` .\n\nDefault: `270`", + "title": "RekeyMarginTimeSeconds", + "type": "number" }, - "RetryPolicy": { - "$ref": "#/definitions/AWS::Events::Rule.RetryPolicy", - "markdownDescription": "The retry policy configuration to use for the dead-letter queue.", - "title": "RetryPolicy" + "ReplayWindowSize": { + "markdownDescription": "The number of packets in an IKE replay window.\n\nConstraints: A value between 64 and 2048.\n\nDefault: `1024`", + "title": "ReplayWindowSize", + "type": "number" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to be used for this target when the rule is triggered. If one rule triggers multiple targets, you can use a different IAM role for each target.", - "title": "RoleArn", + "StartupAction": { + "markdownDescription": "The action to take when the establishing the tunnel for the VPN connection. By default, your customer gateway device must initiate the IKE negotiation and bring up the tunnel. Specify `start` for AWS to initiate the IKE negotiation.\n\nValid Values: `add` | `start`\n\nDefault: `add`", + "title": "StartupAction", "type": "string" }, - "RunCommandParameters": { - "$ref": "#/definitions/AWS::Events::Rule.RunCommandParameters", - "markdownDescription": "Parameters used when you are using the rule to invoke Amazon EC2 Run Command.", - "title": "RunCommandParameters" - }, - "SageMakerPipelineParameters": { - "$ref": "#/definitions/AWS::Events::Rule.SageMakerPipelineParameters", - "markdownDescription": "Contains the SageMaker AI Model Building Pipeline parameters to start execution of a SageMaker AI Model Building Pipeline.\n\nIf you specify a SageMaker AI Model Building Pipeline as a target, you can use this to specify parameters to start a pipeline execution based on EventBridge events.", - "title": "SageMakerPipelineParameters" + "TunnelInsideCidr": { + "markdownDescription": "The range of inside IP addresses for the tunnel. Any specified CIDR blocks must be unique across all VPN connections that use the same virtual private gateway.\n\nConstraints: A size /30 CIDR block from the `169.254.0.0/16` range. The following CIDR blocks are reserved and cannot be used:\n\n- `169.254.0.0/30`\n- `169.254.1.0/30`\n- `169.254.2.0/30`\n- `169.254.3.0/30`\n- `169.254.4.0/30`\n- `169.254.5.0/30`\n- `169.254.169.252/30`", + "title": "TunnelInsideCidr", + "type": "string" }, - "SqsParameters": { - "$ref": "#/definitions/AWS::Events::Rule.SqsParameters", - "markdownDescription": "Contains the message group ID to use when the target is a FIFO queue.\n\nIf you specify an SQS FIFO queue as a target, the queue must have content-based deduplication enabled.", - "title": "SqsParameters" + "TunnelInsideIpv6Cidr": { + "markdownDescription": "The range of inside IPv6 addresses for the tunnel. Any specified CIDR blocks must be unique across all VPN connections that use the same transit gateway.\n\nConstraints: A size /126 CIDR block from the local `fd00::/8` range.", + "title": "TunnelInsideIpv6Cidr", + "type": "string" } }, - "required": [ - "Arn", - "Id" - ], "type": "object" }, - "AWS::Evidently::Experiment": { + "AWS::EC2::VPNConnectionRoute": { "additionalProperties": false, "properties": { "Condition": { @@ -97747,88 +102012,26 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "An optional description of the experiment.", - "title": "Description", - "type": "string" - }, - "MetricGoals": { - "items": { - "$ref": "#/definitions/AWS::Evidently::Experiment.MetricGoalObject" - }, - "markdownDescription": "An array of structures that defines the metrics used for the experiment, and whether a higher or lower value for each metric is the goal. You can use up to three metrics in an experiment.", - "title": "MetricGoals", - "type": "array" - }, - "Name": { - "markdownDescription": "A name for the new experiment.", - "title": "Name", - "type": "string" - }, - "OnlineAbConfig": { - "$ref": "#/definitions/AWS::Evidently::Experiment.OnlineAbConfigObject", - "markdownDescription": "A structure that contains the configuration of which variation to use as the \"control\" version. The \"control\" version is used for comparison with other variations. This structure also specifies how much experiment traffic is allocated to each variation.", - "title": "OnlineAbConfig" - }, - "Project": { - "markdownDescription": "The name or the ARN of the project where this experiment is to be created.", - "title": "Project", - "type": "string" - }, - "RandomizationSalt": { - "markdownDescription": "When Evidently assigns a particular user session to an experiment, it must use a randomization ID to determine which variation the user session is served. This randomization ID is a combination of the entity ID and `randomizationSalt` . If you omit `randomizationSalt` , Evidently uses the experiment name as the `randomizationSalt` .", - "title": "RandomizationSalt", + "DestinationCidrBlock": { + "markdownDescription": "The CIDR block associated with the local subnet of the customer network.", + "title": "DestinationCidrBlock", "type": "string" }, - "RemoveSegment": { - "markdownDescription": "Set this to `true` to remove the segment that is associated with this experiment. You can't use this parameter if the experiment is currently running.", - "title": "RemoveSegment", - "type": "boolean" - }, - "RunningStatus": { - "$ref": "#/definitions/AWS::Evidently::Experiment.RunningStatusObject", - "markdownDescription": "A structure that you can use to start and stop the experiment.", - "title": "RunningStatus" - }, - "SamplingRate": { - "markdownDescription": "The portion of the available audience that you want to allocate to this experiment, in thousandths of a percent. The available audience is the total audience minus the audience that you have allocated to overrides or current launches of this feature.\n\nThis is represented in thousandths of a percent. For example, specify 10,000 to allocate 10% of the available audience.", - "title": "SamplingRate", - "type": "number" - }, - "Segment": { - "markdownDescription": "Specifies an audience *segment* to use in the experiment. When a segment is used in an experiment, only user sessions that match the segment pattern are used in the experiment.\n\nFor more information, see [Segment rule pattern syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Evidently-segments.html#CloudWatch-Evidently-segments-syntax) .", - "title": "Segment", + "VpnConnectionId": { + "markdownDescription": "The ID of the VPN connection.", + "title": "VpnConnectionId", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Assigns one or more tags (key-value pairs) to the experiment.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with an experiment.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .", - "title": "Tags", - "type": "array" - }, - "Treatments": { - "items": { - "$ref": "#/definitions/AWS::Evidently::Experiment.TreatmentObject" - }, - "markdownDescription": "An array of structures that describe the configuration of each feature variation used in the experiment.", - "title": "Treatments", - "type": "array" } }, "required": [ - "MetricGoals", - "Name", - "OnlineAbConfig", - "Project", - "Treatments" + "DestinationCidrBlock", + "VpnConnectionId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Evidently::Experiment" + "AWS::EC2::VPNConnectionRoute" ], "type": "string" }, @@ -97847,148 +102050,7 @@ ], "type": "object" }, - "AWS::Evidently::Experiment.MetricGoalObject": { - "additionalProperties": false, - "properties": { - "DesiredChange": { - "markdownDescription": "`INCREASE` means that a variation with a higher number for this metric is performing better.\n\n`DECREASE` means that a variation with a lower number for this metric is performing better.", - "title": "DesiredChange", - "type": "string" - }, - "EntityIdKey": { - "markdownDescription": "The entity, such as a user or session, that does an action that causes a metric value to be recorded. An example is `userDetails.userID` .", - "title": "EntityIdKey", - "type": "string" - }, - "EventPattern": { - "markdownDescription": "The EventBridge event pattern that defines how the metric is recorded.\n\nFor more information about EventBridge event patterns, see [Amazon EventBridge event patterns](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-event-patterns.html) .", - "title": "EventPattern", - "type": "string" - }, - "MetricName": { - "markdownDescription": "A name for the metric. It can include up to 255 characters.", - "title": "MetricName", - "type": "string" - }, - "UnitLabel": { - "markdownDescription": "A label for the units that the metric is measuring.", - "title": "UnitLabel", - "type": "string" - }, - "ValueKey": { - "markdownDescription": "The JSON path to reference the numerical metric value in the event.", - "title": "ValueKey", - "type": "string" - } - }, - "required": [ - "DesiredChange", - "EntityIdKey", - "MetricName", - "ValueKey" - ], - "type": "object" - }, - "AWS::Evidently::Experiment.OnlineAbConfigObject": { - "additionalProperties": false, - "properties": { - "ControlTreatmentName": { - "markdownDescription": "The name of the variation that is to be the default variation that the other variations are compared to.", - "title": "ControlTreatmentName", - "type": "string" - }, - "TreatmentWeights": { - "items": { - "$ref": "#/definitions/AWS::Evidently::Experiment.TreatmentToWeight" - }, - "markdownDescription": "A set of key-value pairs. The keys are treatment names, and the values are the portion of experiment traffic to be assigned to that treatment. Specify the traffic portion in thousandths of a percent, so 20,000 for a variation would allocate 20% of the experiment traffic to that variation.", - "title": "TreatmentWeights", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Evidently::Experiment.RunningStatusObject": { - "additionalProperties": false, - "properties": { - "AnalysisCompleteTime": { - "markdownDescription": "If you are using AWS CloudFormation to start the experiment, use this field to specify when the experiment is to end. The format is as a UNIX timestamp. For more information about this format, see [The Current Epoch Unix Timestamp](https://docs.aws.amazon.com/https://www.unixtimestamp.com/index.php) .", - "title": "AnalysisCompleteTime", - "type": "string" - }, - "DesiredState": { - "markdownDescription": "If you are using AWS CloudFormation to stop this experiment, specify either `COMPLETED` or `CANCELLED` here to indicate how to classify this experiment.", - "title": "DesiredState", - "type": "string" - }, - "Reason": { - "markdownDescription": "If you are using AWS CloudFormation to stop this experiment, this is an optional field that you can use to record why the experiment is being stopped or cancelled.", - "title": "Reason", - "type": "string" - }, - "Status": { - "markdownDescription": "To start the experiment now, specify `START` for this parameter. If this experiment is currently running and you want to stop it now, specify `STOP` .", - "title": "Status", - "type": "string" - } - }, - "required": [ - "Status" - ], - "type": "object" - }, - "AWS::Evidently::Experiment.TreatmentObject": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The description of the treatment.", - "title": "Description", - "type": "string" - }, - "Feature": { - "markdownDescription": "The name of the feature for this experiment.", - "title": "Feature", - "type": "string" - }, - "TreatmentName": { - "markdownDescription": "A name for this treatment. It can include up to 127 characters.", - "title": "TreatmentName", - "type": "string" - }, - "Variation": { - "markdownDescription": "The name of the variation to use for this treatment.", - "title": "Variation", - "type": "string" - } - }, - "required": [ - "Feature", - "TreatmentName", - "Variation" - ], - "type": "object" - }, - "AWS::Evidently::Experiment.TreatmentToWeight": { - "additionalProperties": false, - "properties": { - "SplitWeight": { - "markdownDescription": "The portion of experiment traffic to allocate to this treatment. Specify the traffic portion in thousandths of a percent, so 20,000 allocated to a treatment would allocate 20% of the experiment traffic to that treatment.", - "title": "SplitWeight", - "type": "number" - }, - "Treatment": { - "markdownDescription": "The name of the treatment.", - "title": "Treatment", - "type": "string" - } - }, - "required": [ - "SplitWeight", - "Treatment" - ], - "type": "object" - }, - "AWS::Evidently::Feature": { + "AWS::EC2::VPNGateway": { "additionalProperties": false, "properties": { "Condition": { @@ -98023,66 +102085,33 @@ "Properties": { "additionalProperties": false, "properties": { - "DefaultVariation": { - "markdownDescription": "The name of the variation to use as the default variation. The default variation is served to users who are not allocated to any ongoing launches or experiments of this feature.\n\nThis variation must also be listed in the `Variations` structure.\n\nIf you omit `DefaultVariation` , the first variation listed in the `Variations` structure is used as the default variation.", - "title": "DefaultVariation", - "type": "string" - }, - "Description": { - "markdownDescription": "An optional description of the feature.", - "title": "Description", - "type": "string" - }, - "EntityOverrides": { - "items": { - "$ref": "#/definitions/AWS::Evidently::Feature.EntityOverride" - }, - "markdownDescription": "Specify users that should always be served a specific variation of a feature. Each user is specified by a key-value pair . For each key, specify a user by entering their user ID, account ID, or some other identifier. For the value, specify the name of the variation that they are to be served.", - "title": "EntityOverrides", - "type": "array" - }, - "EvaluationStrategy": { - "markdownDescription": "Specify `ALL_RULES` to activate the traffic allocation specified by any ongoing launches or experiments. Specify `DEFAULT_VARIATION` to serve the default variation to all users instead.", - "title": "EvaluationStrategy", - "type": "string" - }, - "Name": { - "markdownDescription": "The name for the feature. It can include up to 127 characters.", - "title": "Name", - "type": "string" - }, - "Project": { - "markdownDescription": "The name or ARN of the project that is to contain the new feature.", - "title": "Project", - "type": "string" + "AmazonSideAsn": { + "markdownDescription": "The private Autonomous System Number (ASN) for the Amazon side of a BGP session.", + "title": "AmazonSideAsn", + "type": "number" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Assigns one or more tags (key-value pairs) to the feature.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with a feature.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .", + "markdownDescription": "Any tags assigned to the virtual private gateway.", "title": "Tags", "type": "array" }, - "Variations": { - "items": { - "$ref": "#/definitions/AWS::Evidently::Feature.VariationObject" - }, - "markdownDescription": "An array of structures that contain the configuration of the feature's different variations.\n\nEach `VariationObject` in the `Variations` array for a feature must have the same type of value ( `BooleanValue` , `DoubleValue` , `LongValue` or `StringValue` ).", - "title": "Variations", - "type": "array" + "Type": { + "markdownDescription": "The type of VPN connection the virtual private gateway supports.", + "title": "Type", + "type": "string" } }, "required": [ - "Name", - "Project", - "Variations" + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::Evidently::Feature" + "AWS::EC2::VPNGateway" ], "type": "string" }, @@ -98101,57 +102130,7 @@ ], "type": "object" }, - "AWS::Evidently::Feature.EntityOverride": { - "additionalProperties": false, - "properties": { - "EntityId": { - "markdownDescription": "The entity ID to be served the variation specified in `Variation` .", - "title": "EntityId", - "type": "string" - }, - "Variation": { - "markdownDescription": "The name of the variation to serve to the user session that matches the `EntityId` .", - "title": "Variation", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Evidently::Feature.VariationObject": { - "additionalProperties": false, - "properties": { - "BooleanValue": { - "markdownDescription": "The value assigned to this variation, if the variation type is boolean.", - "title": "BooleanValue", - "type": "boolean" - }, - "DoubleValue": { - "markdownDescription": "The value assigned to this variation, if the variation type is a double.", - "title": "DoubleValue", - "type": "number" - }, - "LongValue": { - "markdownDescription": "The value assigned to this variation, if the variation type is a long.", - "title": "LongValue", - "type": "number" - }, - "StringValue": { - "markdownDescription": "The value assigned to this variation, if the variation type is a string.", - "title": "StringValue", - "type": "string" - }, - "VariationName": { - "markdownDescription": "A name for the variation. It can include up to 127 characters.", - "title": "VariationName", - "type": "string" - } - }, - "required": [ - "VariationName" - ], - "type": "object" - }, - "AWS::Evidently::Launch": { + "AWS::EC2::VPNGatewayRoutePropagation": { "additionalProperties": false, "properties": { "Condition": { @@ -98186,75 +102165,29 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "An optional description for the launch.", - "title": "Description", - "type": "string" - }, - "ExecutionStatus": { - "$ref": "#/definitions/AWS::Evidently::Launch.ExecutionStatusObject", - "markdownDescription": "A structure that you can use to start and stop the launch.", - "title": "ExecutionStatus" - }, - "Groups": { - "items": { - "$ref": "#/definitions/AWS::Evidently::Launch.LaunchGroupObject" - }, - "markdownDescription": "An array of structures that contains the feature and variations that are to be used for the launch. You can up to five launch groups in a launch.", - "title": "Groups", - "type": "array" - }, - "MetricMonitors": { + "RouteTableIds": { "items": { - "$ref": "#/definitions/AWS::Evidently::Launch.MetricDefinitionObject" + "type": "string" }, - "markdownDescription": "An array of structures that define the metrics that will be used to monitor the launch performance. You can have up to three metric monitors in the array.", - "title": "MetricMonitors", + "markdownDescription": "The ID of the route table. The routing table must be associated with the same VPC that the virtual private gateway is attached to.", + "title": "RouteTableIds", "type": "array" }, - "Name": { - "markdownDescription": "The name for the launch. It can include up to 127 characters.", - "title": "Name", - "type": "string" - }, - "Project": { - "markdownDescription": "The name or ARN of the project that you want to create the launch in.", - "title": "Project", - "type": "string" - }, - "RandomizationSalt": { - "markdownDescription": "When Evidently assigns a particular user session to a launch, it must use a randomization ID to determine which variation the user session is served. This randomization ID is a combination of the entity ID and `randomizationSalt` . If you omit `randomizationSalt` , Evidently uses the launch name as the `randomizationsSalt` .", - "title": "RandomizationSalt", + "VpnGatewayId": { + "markdownDescription": "The ID of the virtual private gateway that is attached to a VPC. The virtual private gateway must be attached to the same VPC that the routing tables are associated with.", + "title": "VpnGatewayId", "type": "string" - }, - "ScheduledSplitsConfig": { - "items": { - "$ref": "#/definitions/AWS::Evidently::Launch.StepConfig" - }, - "markdownDescription": "An array of structures that define the traffic allocation percentages among the feature variations during each step of the launch.", - "title": "ScheduledSplitsConfig", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Assigns one or more tags (key-value pairs) to the launch.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with a launch.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .", - "title": "Tags", - "type": "array" } }, "required": [ - "Groups", - "Name", - "Project", - "ScheduledSplitsConfig" + "RouteTableIds", + "VpnGatewayId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Evidently::Launch" + "AWS::EC2::VPNGatewayRoutePropagation" ], "type": "string" }, @@ -98273,178 +102206,331 @@ ], "type": "object" }, - "AWS::Evidently::Launch.ExecutionStatusObject": { + "AWS::EC2::VerifiedAccessEndpoint": { "additionalProperties": false, "properties": { - "DesiredState": { - "markdownDescription": "If you are using AWS CloudFormation to stop this launch, specify either `COMPLETED` or `CANCELLED` here to indicate how to classify this experiment. If you omit this parameter, the default of `COMPLETED` is used.", - "title": "DesiredState", + "Condition": { "type": "string" }, - "Reason": { - "markdownDescription": "If you are using AWS CloudFormation to stop this launch, this is an optional field that you can use to record why the launch is being stopped or cancelled.", - "title": "Reason", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Status": { - "markdownDescription": "To start the launch now, specify `START` for this parameter. If this launch is currently running and you want to stop it now, specify `STOP` .", - "title": "Status", - "type": "string" - } - }, - "required": [ - "Status" - ], - "type": "object" - }, - "AWS::Evidently::Launch.GroupToWeight": { - "additionalProperties": false, - "properties": { - "GroupName": { - "markdownDescription": "The name of the launch group. It can include up to 127 characters.", - "title": "GroupName", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SplitWeight": { - "markdownDescription": "The portion of launch traffic to allocate to this launch group.\n\nThis is represented in thousandths of a percent. For example, specify 20,000 to allocate 20% of the launch audience to this launch group.", - "title": "SplitWeight", - "type": "number" - } - }, - "required": [ - "GroupName", - "SplitWeight" - ], - "type": "object" - }, - "AWS::Evidently::Launch.LaunchGroupObject": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description of the launch group.", - "title": "Description", - "type": "string" + "Metadata": { + "type": "object" }, - "Feature": { - "markdownDescription": "The feature that this launch is using.", - "title": "Feature", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationDomain": { + "markdownDescription": "The DNS name for users to reach your application.", + "title": "ApplicationDomain", + "type": "string" + }, + "AttachmentType": { + "markdownDescription": "The type of attachment used to provide connectivity between the AWS Verified Access endpoint and the application.", + "title": "AttachmentType", + "type": "string" + }, + "CidrOptions": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessEndpoint.CidrOptions", + "markdownDescription": "The options for a CIDR endpoint.", + "title": "CidrOptions" + }, + "Description": { + "markdownDescription": "A description for the AWS Verified Access endpoint.", + "title": "Description", + "type": "string" + }, + "DomainCertificateArn": { + "markdownDescription": "The ARN of a public TLS/SSL certificate imported into or created with ACM.", + "title": "DomainCertificateArn", + "type": "string" + }, + "EndpointDomainPrefix": { + "markdownDescription": "A custom identifier that is prepended to the DNS name that is generated for the endpoint.", + "title": "EndpointDomainPrefix", + "type": "string" + }, + "EndpointType": { + "markdownDescription": "The type of AWS Verified Access endpoint. Incoming application requests will be sent to an IP address, load balancer or a network interface depending on the endpoint type specified.", + "title": "EndpointType", + "type": "string" + }, + "LoadBalancerOptions": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessEndpoint.LoadBalancerOptions", + "markdownDescription": "The load balancer details if creating the AWS Verified Access endpoint as `load-balancer` type.", + "title": "LoadBalancerOptions" + }, + "NetworkInterfaceOptions": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessEndpoint.NetworkInterfaceOptions", + "markdownDescription": "The options for network-interface type endpoint.", + "title": "NetworkInterfaceOptions" + }, + "PolicyDocument": { + "markdownDescription": "The Verified Access policy document.", + "title": "PolicyDocument", + "type": "string" + }, + "PolicyEnabled": { + "markdownDescription": "The status of the Verified Access policy.", + "title": "PolicyEnabled", + "type": "boolean" + }, + "RdsOptions": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessEndpoint.RdsOptions", + "markdownDescription": "The options for an RDS endpoint.", + "title": "RdsOptions" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the security groups for the endpoint.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SseSpecification": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessEndpoint.SseSpecification", + "markdownDescription": "The options for additional server side encryption.", + "title": "SseSpecification" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags.", + "title": "Tags", + "type": "array" + }, + "VerifiedAccessGroupId": { + "markdownDescription": "The ID of the AWS Verified Access group.", + "title": "VerifiedAccessGroupId", + "type": "string" + } + }, + "required": [ + "AttachmentType", + "EndpointType", + "VerifiedAccessGroupId" + ], + "type": "object" }, - "GroupName": { - "markdownDescription": "A name for this launch group. It can include up to 127 characters.", - "title": "GroupName", + "Type": { + "enum": [ + "AWS::EC2::VerifiedAccessEndpoint" + ], "type": "string" }, - "Variation": { - "markdownDescription": "The feature variation to use for this launch group.", - "title": "Variation", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Feature", - "GroupName", - "Variation" + "Type", + "Properties" ], "type": "object" }, - "AWS::Evidently::Launch.MetricDefinitionObject": { + "AWS::EC2::VerifiedAccessEndpoint.CidrOptions": { "additionalProperties": false, "properties": { - "EntityIdKey": { - "markdownDescription": "The entity, such as a user or session, that does an action that causes a metric value to be recorded. An example is `userDetails.userID` .", - "title": "EntityIdKey", - "type": "string" - }, - "EventPattern": { - "markdownDescription": "The EventBridge event pattern that defines how the metric is recorded.\n\nFor more information about EventBridge event patterns, see [Amazon EventBridge event patterns](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-event-patterns.html) .", - "title": "EventPattern", + "Cidr": { + "markdownDescription": "The CIDR.", + "title": "Cidr", "type": "string" }, - "MetricName": { - "markdownDescription": "A name for the metric. It can include up to 255 characters.", - "title": "MetricName", - "type": "string" + "PortRanges": { + "items": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessEndpoint.PortRange" + }, + "markdownDescription": "The port ranges.", + "title": "PortRanges", + "type": "array" }, - "UnitLabel": { - "markdownDescription": "A label for the units that the metric is measuring.", - "title": "UnitLabel", + "Protocol": { + "markdownDescription": "The protocol.", + "title": "Protocol", "type": "string" }, - "ValueKey": { - "markdownDescription": "The value that is tracked to produce the metric.", - "title": "ValueKey", - "type": "string" + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the subnets.", + "title": "SubnetIds", + "type": "array" } }, - "required": [ - "EntityIdKey", - "MetricName", - "ValueKey" - ], "type": "object" }, - "AWS::Evidently::Launch.SegmentOverride": { + "AWS::EC2::VerifiedAccessEndpoint.LoadBalancerOptions": { "additionalProperties": false, "properties": { - "EvaluationOrder": { - "markdownDescription": "A number indicating the order to use to evaluate segment overrides, if there are more than one. Segment overrides with lower numbers are evaluated first.", - "title": "EvaluationOrder", + "LoadBalancerArn": { + "markdownDescription": "The ARN of the load balancer.", + "title": "LoadBalancerArn", + "type": "string" + }, + "Port": { + "markdownDescription": "The IP port number.", + "title": "Port", "type": "number" }, - "Segment": { - "markdownDescription": "The ARN of the segment to use for this override.", - "title": "Segment", + "PortRanges": { + "items": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessEndpoint.PortRange" + }, + "markdownDescription": "The port ranges.", + "title": "PortRanges", + "type": "array" + }, + "Protocol": { + "markdownDescription": "The IP protocol.", + "title": "Protocol", "type": "string" }, - "Weights": { + "SubnetIds": { "items": { - "$ref": "#/definitions/AWS::Evidently::Launch.GroupToWeight" + "type": "string" }, - "markdownDescription": "The traffic allocation percentages among the feature variations to assign to this segment. This is a set of key-value pairs. The keys are variation names. The values represent the amount of traffic to allocate to that variation for this segment. This is expressed in thousandths of a percent, so a weight of 50000 represents 50% of traffic.", - "title": "Weights", + "markdownDescription": "The IDs of the subnets. You can specify only one subnet per Availability Zone.", + "title": "SubnetIds", "type": "array" } }, - "required": [ - "EvaluationOrder", - "Segment", - "Weights" - ], "type": "object" }, - "AWS::Evidently::Launch.StepConfig": { + "AWS::EC2::VerifiedAccessEndpoint.NetworkInterfaceOptions": { "additionalProperties": false, "properties": { - "GroupWeights": { + "NetworkInterfaceId": { + "markdownDescription": "The ID of the network interface.", + "title": "NetworkInterfaceId", + "type": "string" + }, + "Port": { + "markdownDescription": "The IP port number.", + "title": "Port", + "type": "number" + }, + "PortRanges": { "items": { - "$ref": "#/definitions/AWS::Evidently::Launch.GroupToWeight" + "$ref": "#/definitions/AWS::EC2::VerifiedAccessEndpoint.PortRange" }, - "markdownDescription": "An array of structures that define how much launch traffic to allocate to each launch group during this step of the launch.", - "title": "GroupWeights", + "markdownDescription": "The port ranges.", + "title": "PortRanges", "type": "array" }, - "SegmentOverrides": { + "Protocol": { + "markdownDescription": "The IP protocol.", + "title": "Protocol", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::VerifiedAccessEndpoint.PortRange": { + "additionalProperties": false, + "properties": { + "FromPort": { + "markdownDescription": "The start of the port range.", + "title": "FromPort", + "type": "number" + }, + "ToPort": { + "markdownDescription": "The end of the port range.", + "title": "ToPort", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::VerifiedAccessEndpoint.RdsOptions": { + "additionalProperties": false, + "properties": { + "Port": { + "markdownDescription": "The port.", + "title": "Port", + "type": "number" + }, + "Protocol": { + "markdownDescription": "The protocol.", + "title": "Protocol", + "type": "string" + }, + "RdsDbClusterArn": { + "markdownDescription": "The ARN of the DB cluster.", + "title": "RdsDbClusterArn", + "type": "string" + }, + "RdsDbInstanceArn": { + "markdownDescription": "The ARN of the RDS instance.", + "title": "RdsDbInstanceArn", + "type": "string" + }, + "RdsDbProxyArn": { + "markdownDescription": "The ARN of the RDS proxy.", + "title": "RdsDbProxyArn", + "type": "string" + }, + "RdsEndpoint": { + "markdownDescription": "The RDS endpoint.", + "title": "RdsEndpoint", + "type": "string" + }, + "SubnetIds": { "items": { - "$ref": "#/definitions/AWS::Evidently::Launch.SegmentOverride" + "type": "string" }, - "markdownDescription": "An array of structures that you can use to specify different traffic splits for one or more audience *segments* . A segment is a portion of your audience that share one or more characteristics. Examples could be Chrome browser users, users in Europe, or Firefox browser users in Europe who also fit other criteria that your application collects, such as age.\n\nFor more information, see [Use segments to focus your audience](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Evidently-segments.html) .", - "title": "SegmentOverrides", + "markdownDescription": "The IDs of the subnets. You can specify only one subnet per Availability Zone.", + "title": "SubnetIds", "type": "array" + } + }, + "type": "object" + }, + "AWS::EC2::VerifiedAccessEndpoint.SseSpecification": { + "additionalProperties": false, + "properties": { + "CustomerManagedKeyEnabled": { + "markdownDescription": "Enable or disable the use of customer managed KMS keys for server side encryption.\n\nValid values: `True` | `False`", + "title": "CustomerManagedKeyEnabled", + "type": "boolean" }, - "StartTime": { - "markdownDescription": "The date and time to start this step of the launch. Use UTC format, `yyyy-MM-ddTHH:mm:ssZ` . For example, `2025-11-25T23:59:59Z`", - "title": "StartTime", + "KmsKeyArn": { + "markdownDescription": "The ARN of the KMS key.", + "title": "KmsKeyArn", "type": "string" } }, - "required": [ - "GroupWeights", - "StartTime" - ], "type": "object" }, - "AWS::Evidently::Project": { + "AWS::EC2::VerifiedAccessGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -98479,43 +102565,48 @@ "Properties": { "additionalProperties": false, "properties": { - "AppConfigResource": { - "$ref": "#/definitions/AWS::Evidently::Project.AppConfigResourceObject", - "markdownDescription": "Use this parameter if the project will use *client-side evaluation powered by AWS AppConfig* . Client-side evaluation allows your application to assign variations to user sessions locally instead of by calling the [EvaluateFeature](https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_EvaluateFeature.html) operation. This mitigates the latency and availability risks that come with an API call. For more information, see [Use client-side evaluation - powered by AWS AppConfig .](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Evidently-client-side-evaluation.html)\n\nThis parameter is a structure that contains information about the AWS AppConfig application that will be used as for client-side evaluation.\n\nTo create a project that uses client-side evaluation, you must have the `evidently:ExportProjectAsConfiguration` permission.", - "title": "AppConfigResource" - }, - "DataDelivery": { - "$ref": "#/definitions/AWS::Evidently::Project.DataDeliveryObject", - "markdownDescription": "A structure that contains information about where Evidently is to store evaluation events for longer term storage, if you choose to do so. If you choose not to store these events, Evidently deletes them after using them to produce metrics and other experiment results that you can view.\n\nYou can't specify both `CloudWatchLogs` and `S3Destination` in the same operation.", - "title": "DataDelivery" - }, "Description": { - "markdownDescription": "An optional description of the project.", + "markdownDescription": "A description for the AWS Verified Access group.", "title": "Description", "type": "string" }, - "Name": { - "markdownDescription": "The name for the project. It can include up to 127 characters.", - "title": "Name", + "PolicyDocument": { + "markdownDescription": "The Verified Access policy document.", + "title": "PolicyDocument", "type": "string" }, + "PolicyEnabled": { + "markdownDescription": "The status of the Verified Access policy.", + "title": "PolicyEnabled", + "type": "boolean" + }, + "SseSpecification": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessGroup.SseSpecification", + "markdownDescription": "The options for additional server side encryption.", + "title": "SseSpecification" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Assigns one or more tags (key-value pairs) to the project.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with a project.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .", + "markdownDescription": "The tags.", "title": "Tags", "type": "array" + }, + "VerifiedAccessInstanceId": { + "markdownDescription": "The ID of the AWS Verified Access instance.", + "title": "VerifiedAccessInstanceId", + "type": "string" } }, "required": [ - "Name" + "VerifiedAccessInstanceId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Evidently::Project" + "AWS::EC2::VerifiedAccessGroup" ], "type": "string" }, @@ -98534,62 +102625,23 @@ ], "type": "object" }, - "AWS::Evidently::Project.AppConfigResourceObject": { - "additionalProperties": false, - "properties": { - "ApplicationId": { - "markdownDescription": "The ID of the AWS AppConfig application to use for client-side evaluation.", - "title": "ApplicationId", - "type": "string" - }, - "EnvironmentId": { - "markdownDescription": "The ID of the AWS AppConfig environment to use for client-side evaluation.", - "title": "EnvironmentId", - "type": "string" - } - }, - "required": [ - "ApplicationId", - "EnvironmentId" - ], - "type": "object" - }, - "AWS::Evidently::Project.DataDeliveryObject": { - "additionalProperties": false, - "properties": { - "LogGroup": { - "markdownDescription": "If the project stores evaluation events in CloudWatch Logs , this structure stores the log group name.", - "title": "LogGroup", - "type": "string" - }, - "S3": { - "$ref": "#/definitions/AWS::Evidently::Project.S3Destination", - "markdownDescription": "If the project stores evaluation events in an Amazon S3 bucket, this structure stores the bucket name and bucket prefix.", - "title": "S3" - } - }, - "type": "object" - }, - "AWS::Evidently::Project.S3Destination": { + "AWS::EC2::VerifiedAccessGroup.SseSpecification": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "The name of the bucket in which Evidently stores evaluation events.", - "title": "BucketName", - "type": "string" + "CustomerManagedKeyEnabled": { + "markdownDescription": "Enable or disable the use of customer managed KMS keys for server side encryption.\n\nValid values: `True` | `False`", + "title": "CustomerManagedKeyEnabled", + "type": "boolean" }, - "Prefix": { - "markdownDescription": "The bucket prefix in which Evidently stores evaluation events.", - "title": "Prefix", + "KmsKeyArn": { + "markdownDescription": "The ARN of the KMS key.", + "title": "KmsKeyArn", "type": "string" } }, - "required": [ - "BucketName" - ], "type": "object" }, - "AWS::Evidently::Segment": { + "AWS::EC2::VerifiedAccessInstance": { "additionalProperties": false, "properties": { "Condition": { @@ -98624,38 +102676,56 @@ "Properties": { "additionalProperties": false, "properties": { + "CidrEndpointsCustomSubDomain": { + "markdownDescription": "The custom subdomain.", + "title": "CidrEndpointsCustomSubDomain", + "type": "string" + }, "Description": { - "markdownDescription": "An optional description for this segment.", + "markdownDescription": "A description for the AWS Verified Access instance.", "title": "Description", "type": "string" }, - "Name": { - "markdownDescription": "A name for the segment.", - "title": "Name", - "type": "string" + "FipsEnabled": { + "markdownDescription": "Indicates whether support for Federal Information Processing Standards (FIPS) is enabled on the instance.", + "title": "FipsEnabled", + "type": "boolean" }, - "Pattern": { - "markdownDescription": "The pattern to use for the segment. For more information about pattern syntax, see [Segment rule pattern syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Evidently-segments.html#CloudWatch-Evidently-segments-syntax) .", - "title": "Pattern", - "type": "string" + "LoggingConfigurations": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessInstance.VerifiedAccessLogs", + "markdownDescription": "The logging configuration for the Verified Access instances.", + "title": "LoggingConfigurations" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Assigns one or more tags (key-value pairs) to the feature.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with a feature.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .", + "markdownDescription": "The tags.", "title": "Tags", "type": "array" + }, + "VerifiedAccessTrustProviderIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the AWS Verified Access trust providers.", + "title": "VerifiedAccessTrustProviderIds", + "type": "array" + }, + "VerifiedAccessTrustProviders": { + "items": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessInstance.VerifiedAccessTrustProvider" + }, + "markdownDescription": "The IDs of the AWS Verified Access trust providers.", + "title": "VerifiedAccessTrustProviders", + "type": "array" } }, - "required": [ - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Evidently::Segment" + "AWS::EC2::VerifiedAccessInstance" ], "type": "string" }, @@ -98669,12 +102739,131 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::FIS::ExperimentTemplate": { + "AWS::EC2::VerifiedAccessInstance.CloudWatchLogs": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Indicates whether logging is enabled.", + "title": "Enabled", + "type": "boolean" + }, + "LogGroup": { + "markdownDescription": "The ID of the CloudWatch Logs log group.", + "title": "LogGroup", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::VerifiedAccessInstance.KinesisDataFirehose": { + "additionalProperties": false, + "properties": { + "DeliveryStream": { + "markdownDescription": "The ID of the delivery stream.", + "title": "DeliveryStream", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Indicates whether logging is enabled.", + "title": "Enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EC2::VerifiedAccessInstance.S3": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "The bucket name.", + "title": "BucketName", + "type": "string" + }, + "BucketOwner": { + "markdownDescription": "The AWS account number that owns the bucket.", + "title": "BucketOwner", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Indicates whether logging is enabled.", + "title": "Enabled", + "type": "boolean" + }, + "Prefix": { + "markdownDescription": "The bucket prefix.", + "title": "Prefix", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::VerifiedAccessInstance.VerifiedAccessLogs": { + "additionalProperties": false, + "properties": { + "CloudWatchLogs": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessInstance.CloudWatchLogs", + "markdownDescription": "CloudWatch Logs logging destination.", + "title": "CloudWatchLogs" + }, + "IncludeTrustContext": { + "markdownDescription": "Indicates whether to include trust data sent by trust providers in the logs.", + "title": "IncludeTrustContext", + "type": "boolean" + }, + "KinesisDataFirehose": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessInstance.KinesisDataFirehose", + "markdownDescription": "Kinesis logging destination.", + "title": "KinesisDataFirehose" + }, + "LogVersion": { + "markdownDescription": "The logging version.\n\nValid values: `ocsf-0.1` | `ocsf-1.0.0-rc.2`", + "title": "LogVersion", + "type": "string" + }, + "S3": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessInstance.S3", + "markdownDescription": "Amazon S3 logging options.", + "title": "S3" + } + }, + "type": "object" + }, + "AWS::EC2::VerifiedAccessInstance.VerifiedAccessTrustProvider": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description for the AWS Verified Access trust provider.", + "title": "Description", + "type": "string" + }, + "DeviceTrustProviderType": { + "markdownDescription": "The type of device-based trust provider.", + "title": "DeviceTrustProviderType", + "type": "string" + }, + "TrustProviderType": { + "markdownDescription": "The type of Verified Access trust provider.", + "title": "TrustProviderType", + "type": "string" + }, + "UserTrustProviderType": { + "markdownDescription": "The type of user-based trust provider.", + "title": "UserTrustProviderType", + "type": "string" + }, + "VerifiedAccessTrustProviderId": { + "markdownDescription": "The ID of the AWS Verified Access trust provider.", + "title": "VerifiedAccessTrustProviderId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::VerifiedAccessTrustProvider": { "additionalProperties": false, "properties": { "Condition": { @@ -98709,80 +102898,69 @@ "Properties": { "additionalProperties": false, "properties": { - "Actions": { - "additionalProperties": false, - "markdownDescription": "The actions for the experiment.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateAction" - } - }, - "title": "Actions", - "type": "object" - }, "Description": { - "markdownDescription": "The description for the experiment template.", + "markdownDescription": "A description for the AWS Verified Access trust provider.", "title": "Description", "type": "string" }, - "ExperimentOptions": { - "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateExperimentOptions", - "markdownDescription": "The experiment options for an experiment template.", - "title": "ExperimentOptions" + "DeviceOptions": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessTrustProvider.DeviceOptions", + "markdownDescription": "The options for device-identity trust provider.", + "title": "DeviceOptions" }, - "LogConfiguration": { - "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateLogConfiguration", - "markdownDescription": "The configuration for experiment logging.", - "title": "LogConfiguration" + "DeviceTrustProviderType": { + "markdownDescription": "The type of device-based trust provider.", + "title": "DeviceTrustProviderType", + "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role.", - "title": "RoleArn", + "NativeApplicationOidcOptions": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessTrustProvider.NativeApplicationOidcOptions", + "markdownDescription": "The OpenID Connect (OIDC) options.", + "title": "NativeApplicationOidcOptions" + }, + "OidcOptions": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessTrustProvider.OidcOptions", + "markdownDescription": "The options for an OpenID Connect-compatible user-identity trust provider.", + "title": "OidcOptions" + }, + "PolicyReferenceName": { + "markdownDescription": "The identifier to be used when working with policy rules.", + "title": "PolicyReferenceName", "type": "string" }, - "StopConditions": { - "items": { - "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateStopCondition" - }, - "markdownDescription": "The stop conditions for the experiment.", - "title": "StopConditions", - "type": "array" + "SseSpecification": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessTrustProvider.SseSpecification", + "markdownDescription": "The options for additional server side encryption.", + "title": "SseSpecification" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "The tags for the experiment template.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "The tags.", "title": "Tags", - "type": "object" + "type": "array" }, - "Targets": { - "additionalProperties": false, - "markdownDescription": "The targets for the experiment.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateTarget" - } - }, - "title": "Targets", - "type": "object" + "TrustProviderType": { + "markdownDescription": "The type of Verified Access trust provider.", + "title": "TrustProviderType", + "type": "string" + }, + "UserTrustProviderType": { + "markdownDescription": "The type of user-based trust provider.", + "title": "UserTrustProviderType", + "type": "string" } }, "required": [ - "Description", - "RoleArn", - "StopConditions", - "Tags", - "Targets" + "PolicyReferenceName", + "TrustProviderType" ], "type": "object" }, "Type": { "enum": [ - "AWS::FIS::ExperimentTemplate" + "AWS::EC2::VerifiedAccessTrustProvider" ], "type": "string" }, @@ -98801,229 +102979,126 @@ ], "type": "object" }, - "AWS::FIS::ExperimentTemplate.CloudWatchLogsConfiguration": { + "AWS::EC2::VerifiedAccessTrustProvider.DeviceOptions": { "additionalProperties": false, "properties": { - "LogGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the destination Amazon CloudWatch Logs log group.", - "title": "LogGroupArn", + "PublicSigningKeyUrl": { + "markdownDescription": "The URL AWS Verified Access will use to verify the authenticity of the device tokens.", + "title": "PublicSigningKeyUrl", + "type": "string" + }, + "TenantId": { + "markdownDescription": "The ID of the tenant application with the device-identity provider.", + "title": "TenantId", "type": "string" } }, - "required": [ - "LogGroupArn" - ], "type": "object" }, - "AWS::FIS::ExperimentTemplate.ExperimentTemplateAction": { + "AWS::EC2::VerifiedAccessTrustProvider.NativeApplicationOidcOptions": { "additionalProperties": false, "properties": { - "ActionId": { - "markdownDescription": "The ID of the action.", - "title": "ActionId", + "AuthorizationEndpoint": { + "markdownDescription": "The authorization endpoint of the IdP.", + "title": "AuthorizationEndpoint", "type": "string" }, - "Description": { - "markdownDescription": "A description for the action.", - "title": "Description", + "ClientId": { + "markdownDescription": "The OAuth 2.0 client identifier.", + "title": "ClientId", "type": "string" }, - "Parameters": { - "additionalProperties": true, - "markdownDescription": "The parameters for the action.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Parameters", - "type": "object" - }, - "StartAfter": { - "items": { - "type": "string" - }, - "markdownDescription": "The name of the action that must be completed before the current action starts.", - "title": "StartAfter", - "type": "array" + "ClientSecret": { + "markdownDescription": "The OAuth 2.0 client secret.", + "title": "ClientSecret", + "type": "string" }, - "Targets": { - "additionalProperties": true, - "markdownDescription": "The targets for the action.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Targets", - "type": "object" - } - }, - "required": [ - "ActionId" - ], - "type": "object" - }, - "AWS::FIS::ExperimentTemplate.ExperimentTemplateExperimentOptions": { - "additionalProperties": false, - "properties": { - "AccountTargeting": { - "markdownDescription": "The account targeting setting for an experiment template.", - "title": "AccountTargeting", + "Issuer": { + "markdownDescription": "The OIDC issuer identifier of the IdP.", + "title": "Issuer", "type": "string" }, - "EmptyTargetResolutionMode": { - "markdownDescription": "The empty target resolution mode for an experiment template.", - "title": "EmptyTargetResolutionMode", + "PublicSigningKeyEndpoint": { + "markdownDescription": "The public signing key endpoint.", + "title": "PublicSigningKeyEndpoint", "type": "string" - } - }, - "type": "object" - }, - "AWS::FIS::ExperimentTemplate.ExperimentTemplateLogConfiguration": { - "additionalProperties": false, - "properties": { - "CloudWatchLogsConfiguration": { - "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.CloudWatchLogsConfiguration", - "markdownDescription": "The configuration for experiment logging to CloudWatch Logs .", - "title": "CloudWatchLogsConfiguration" }, - "LogSchemaVersion": { - "markdownDescription": "The schema version.", - "title": "LogSchemaVersion", - "type": "number" + "Scope": { + "markdownDescription": "The set of user claims to be requested from the IdP.", + "title": "Scope", + "type": "string" }, - "S3Configuration": { - "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.S3Configuration", - "markdownDescription": "The configuration for experiment logging to Amazon S3 .", - "title": "S3Configuration" - } - }, - "required": [ - "LogSchemaVersion" - ], - "type": "object" - }, - "AWS::FIS::ExperimentTemplate.ExperimentTemplateStopCondition": { - "additionalProperties": false, - "properties": { - "Source": { - "markdownDescription": "The source for the stop condition.", - "title": "Source", + "TokenEndpoint": { + "markdownDescription": "The token endpoint of the IdP.", + "title": "TokenEndpoint", "type": "string" }, - "Value": { - "markdownDescription": "The Amazon Resource Name (ARN) of the CloudWatch alarm, if applicable.", - "title": "Value", + "UserInfoEndpoint": { + "markdownDescription": "The user info endpoint of the IdP.", + "title": "UserInfoEndpoint", "type": "string" } }, - "required": [ - "Source" - ], "type": "object" }, - "AWS::FIS::ExperimentTemplate.ExperimentTemplateTarget": { + "AWS::EC2::VerifiedAccessTrustProvider.OidcOptions": { "additionalProperties": false, "properties": { - "Filters": { - "items": { - "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateTargetFilter" - }, - "markdownDescription": "The filters to apply to identify target resources using specific attributes.", - "title": "Filters", - "type": "array" - }, - "Parameters": { - "additionalProperties": true, - "markdownDescription": "The parameters for the resource type.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Parameters", - "type": "object" + "AuthorizationEndpoint": { + "markdownDescription": "The OIDC authorization endpoint.", + "title": "AuthorizationEndpoint", + "type": "string" }, - "ResourceArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Names (ARNs) of the targets.", - "title": "ResourceArns", - "type": "array" + "ClientId": { + "markdownDescription": "The client identifier.", + "title": "ClientId", + "type": "string" }, - "ResourceTags": { - "additionalProperties": true, - "markdownDescription": "The tags for the target resources.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "ResourceTags", - "type": "object" + "ClientSecret": { + "markdownDescription": "The client secret.", + "title": "ClientSecret", + "type": "string" }, - "ResourceType": { - "markdownDescription": "The resource type.", - "title": "ResourceType", + "Issuer": { + "markdownDescription": "The OIDC issuer.", + "title": "Issuer", "type": "string" }, - "SelectionMode": { - "markdownDescription": "Scopes the identified resources to a specific count or percentage.", - "title": "SelectionMode", + "Scope": { + "markdownDescription": "The OpenID Connect (OIDC) scope specified.", + "title": "Scope", "type": "string" - } - }, - "required": [ - "ResourceType", - "SelectionMode" - ], - "type": "object" - }, - "AWS::FIS::ExperimentTemplate.ExperimentTemplateTargetFilter": { - "additionalProperties": false, - "properties": { - "Path": { - "markdownDescription": "The attribute path for the filter.", - "title": "Path", + }, + "TokenEndpoint": { + "markdownDescription": "The OIDC token endpoint.", + "title": "TokenEndpoint", "type": "string" }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The attribute values for the filter.", - "title": "Values", - "type": "array" + "UserInfoEndpoint": { + "markdownDescription": "The OIDC user info endpoint.", + "title": "UserInfoEndpoint", + "type": "string" } }, - "required": [ - "Path", - "Values" - ], "type": "object" }, - "AWS::FIS::ExperimentTemplate.S3Configuration": { + "AWS::EC2::VerifiedAccessTrustProvider.SseSpecification": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "The name of the destination bucket.", - "title": "BucketName", - "type": "string" + "CustomerManagedKeyEnabled": { + "markdownDescription": "Enable or disable the use of customer managed KMS keys for server side encryption.\n\nValid values: `True` | `False`", + "title": "CustomerManagedKeyEnabled", + "type": "boolean" }, - "Prefix": { - "markdownDescription": "The bucket prefix.", - "title": "Prefix", + "KmsKeyArn": { + "markdownDescription": "The ARN of the KMS key.", + "title": "KmsKeyArn", "type": "string" } }, - "required": [ - "BucketName" - ], "type": "object" }, - "AWS::FIS::TargetAccountConfiguration": { + "AWS::EC2::Volume": { "additionalProperties": false, "properties": { "Condition": { @@ -99058,37 +103133,83 @@ "Properties": { "additionalProperties": false, "properties": { - "AccountId": { - "markdownDescription": "The AWS account ID of the target account.", - "title": "AccountId", + "AutoEnableIO": { + "markdownDescription": "Indicates whether the volume is auto-enabled for I/O operations. By default, Amazon EBS disables I/O to the volume from attached EC2 instances when it determines that a volume's data is potentially inconsistent. If the consistency of the volume is not a concern, and you prefer that the volume be made available immediately if it's impaired, you can configure the volume to automatically enable I/O.", + "title": "AutoEnableIO", + "type": "boolean" + }, + "AvailabilityZone": { + "markdownDescription": "The ID of the Availability Zone in which to create the volume. For example, `us-east-1a` .", + "title": "AvailabilityZone", "type": "string" }, - "Description": { - "markdownDescription": "The description of the target account.", - "title": "Description", + "Encrypted": { + "markdownDescription": "Indicates whether the volume should be encrypted. The effect of setting the encryption state to `true` depends on the volume origin (new or from a snapshot), starting encryption state, ownership, and whether encryption by default is enabled. For more information, see [Encryption by default](https://docs.aws.amazon.com/ebs/latest/userguide/work-with-ebs-encr.html#encryption-by-default) in the *Amazon EBS User Guide* .\n\nEncrypted Amazon EBS volumes must be attached to instances that support Amazon EBS encryption. For more information, see [Supported instance types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption-requirements.html#ebs-encryption_supported_instances) .", + "title": "Encrypted", + "type": "boolean" + }, + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS). For `gp3` , `io1` , and `io2` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n\nThe following are the supported values for each volume type:\n\n- `gp3` : 3,000 - 16,000 IOPS\n- `io1` : 100 - 64,000 IOPS\n- `io2` : 100 - 256,000 IOPS\n\nFor `io2` volumes, you can achieve up to 256,000 IOPS on [instances built on the Nitro System](https://docs.aws.amazon.com/ec2/latest/instancetypes/ec2-nitro-instances.html) . On other instances, you can achieve performance up to 32,000 IOPS.\n\nThis parameter is required for `io1` and `io2` volumes. The default for `gp3` volumes is 3,000 IOPS. This parameter is not supported for `gp2` , `st1` , `sc1` , or `standard` volumes.", + "title": "Iops", + "type": "number" + }, + "KmsKeyId": { + "markdownDescription": "The identifier of the AWS KMS key to use for Amazon EBS encryption. If `KmsKeyId` is specified, the encrypted state must be `true` .\n\nIf you omit this property and your account is enabled for encryption by default, or *Encrypted* is set to `true` , then the volume is encrypted using the default key specified for your account. If your account does not have a default key, then the volume is encrypted using the AWS managed key .\n\nAlternatively, if you want to specify a different key, you can specify one of the following:\n\n- Key ID. For example, 1234abcd-12ab-34cd-56ef-1234567890ab.\n- Key alias. Specify the alias for the key, prefixed with `alias/` . For example, for a key with the alias `my_cmk` , use `alias/my_cmk` . Or to specify the AWS managed key , use `alias/aws/ebs` .\n- Key ARN. For example, arn:aws:kms:us-east-1:012345678910:key/1234abcd-12ab-34cd-56ef-1234567890ab.\n- Alias ARN. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias.", + "title": "KmsKeyId", "type": "string" }, - "ExperimentTemplateId": { - "markdownDescription": "The ID of the experiment template.", - "title": "ExperimentTemplateId", + "MultiAttachEnabled": { + "markdownDescription": "Indicates whether Amazon EBS Multi-Attach is enabled.\n\nAWS CloudFormation does not currently support updating a single-attach volume to be multi-attach enabled, updating a multi-attach enabled volume to be single-attach, or updating the size or number of I/O operations per second (IOPS) of a multi-attach enabled volume.", + "title": "MultiAttachEnabled", + "type": "boolean" + }, + "OutpostArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Outpost.", + "title": "OutpostArn", "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role for the target account.", - "title": "RoleArn", + "Size": { + "markdownDescription": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. If you specify a snapshot, the default is the snapshot size. You can specify a volume size that is equal to or larger than the snapshot size.\n\nThe following are the supported volumes sizes for each volume type:\n\n- `gp2` and `gp3` : 1 - 16,384 GiB\n- `io1` : 4 - 16,384 GiB\n- `io2` : 4 - 65,536 GiB\n- `st1` and `sc1` : 125 - 16,384 GiB\n- `standard` : 1 - 1024 GiB", + "title": "Size", + "type": "number" + }, + "SnapshotId": { + "markdownDescription": "The snapshot from which to create the volume. You must specify either a snapshot ID or a volume size.", + "title": "SnapshotId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to apply to the volume during creation.", + "title": "Tags", + "type": "array" + }, + "Throughput": { + "markdownDescription": "The throughput to provision for a volume, with a maximum of 1,000 MiB/s.\n\nThis parameter is valid only for `gp3` volumes. The default value is 125.\n\nValid Range: Minimum value of 125. Maximum value of 1000.", + "title": "Throughput", + "type": "number" + }, + "VolumeInitializationRate": { + "markdownDescription": "Specifies the Amazon EBS Provisioned Rate for Volume Initialization (volume initialization rate), in MiB/s, at which to download the snapshot blocks from Amazon S3 to the volume. This is also known as *volume initialization* . Specifying a volume initialization rate ensures that the volume is initialized at a predictable and consistent rate after creation.\n\nThis parameter is supported only for volumes created from snapshots. Omit this parameter if:\n\n- You want to create the volume using fast snapshot restore. You must specify a snapshot that is enabled for fast snapshot restore. In this case, the volume is fully initialized at creation.\n\n> If you specify a snapshot that is enabled for fast snapshot restore and a volume initialization rate, the volume will be initialized at the specified rate instead of fast snapshot restore.\n- You want to create a volume that is initialized at the default rate.\n\nFor more information, see [Initialize Amazon EBS volumes](https://docs.aws.amazon.com/ebs/latest/userguide/initalize-volume.html) in the *Amazon EC2 User Guide* .\n\nValid range: 100 - 300 MiB/s", + "title": "VolumeInitializationRate", + "type": "number" + }, + "VolumeType": { + "markdownDescription": "The volume type. This parameter can be one of the following values:\n\n- General Purpose SSD: `gp2` | `gp3`\n- Provisioned IOPS SSD: `io1` | `io2`\n- Throughput Optimized HDD: `st1`\n- Cold HDD: `sc1`\n- Magnetic: `standard`\n\nFor more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volume-types.html) .\n\nDefault: `gp2`", + "title": "VolumeType", "type": "string" } }, "required": [ - "AccountId", - "ExperimentTemplateId", - "RoleArn" + "AvailabilityZone" ], "type": "object" }, "Type": { "enum": [ - "AWS::FIS::TargetAccountConfiguration" + "AWS::EC2::Volume" ], "type": "string" }, @@ -99107,7 +103228,7 @@ ], "type": "object" }, - "AWS::FMS::NotificationChannel": { + "AWS::EC2::VolumeAttachment": { "additionalProperties": false, "properties": { "Condition": { @@ -99142,26 +103263,31 @@ "Properties": { "additionalProperties": false, "properties": { - "SnsRoleName": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that allows Amazon SNS to record AWS Firewall Manager activity.", - "title": "SnsRoleName", + "Device": { + "markdownDescription": "The device name (for example, `/dev/sdh` or `xvdh` ).", + "title": "Device", "type": "string" }, - "SnsTopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the SNS topic that collects notifications from AWS Firewall Manager .", - "title": "SnsTopicArn", + "InstanceId": { + "markdownDescription": "The ID of the instance to which the volume attaches. This value can be a reference to an [`AWS::EC2::Instance`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html) resource, or it can be the physical ID of an existing EC2 instance.", + "title": "InstanceId", + "type": "string" + }, + "VolumeId": { + "markdownDescription": "The ID of the Amazon EBS volume. The volume and instance must be within the same Availability Zone. This value can be a reference to an [`AWS::EC2::Volume`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-ebs-volume.html) resource, or it can be the volume ID of an existing Amazon EBS volume.", + "title": "VolumeId", "type": "string" } }, "required": [ - "SnsRoleName", - "SnsTopicArn" + "InstanceId", + "VolumeId" ], "type": "object" }, "Type": { "enum": [ - "AWS::FMS::NotificationChannel" + "AWS::EC2::VolumeAttachment" ], "type": "string" }, @@ -99180,7 +103306,7 @@ ], "type": "object" }, - "AWS::FMS::Policy": { + "AWS::ECR::PublicRepository": { "additionalProperties": false, "properties": { "Condition": { @@ -99215,100 +103341,35 @@ "Properties": { "additionalProperties": false, "properties": { - "DeleteAllPolicyResources": { - "markdownDescription": "Used when deleting a policy. If `true` , Firewall Manager performs cleanup according to the policy type.\n\nFor AWS WAF and Shield Advanced policies, Firewall Manager does the following:\n\n- Deletes rule groups created by Firewall Manager\n- Removes web ACLs from in-scope resources\n- Deletes web ACLs that contain no rules or rule groups\n\nFor security group policies, Firewall Manager does the following for each security group in the policy:\n\n- Disassociates the security group from in-scope resources\n- Deletes the security group if it was created through Firewall Manager and if it's no longer associated with any resources through another policy\n\nAfter the cleanup, in-scope resources are no longer protected by web ACLs in this policy. Protection of out-of-scope resources remains unchanged. Scope is determined by tags that you create and accounts that you associate with the policy. When creating the policy, if you specify that only resources in specific accounts or with specific tags are in scope of the policy, those accounts and resources are handled by the policy. All others are out of scope. If you don't specify tags or accounts, all resources are in scope.", - "title": "DeleteAllPolicyResources", - "type": "boolean" - }, - "ExcludeMap": { - "$ref": "#/definitions/AWS::FMS::Policy.IEMap", - "markdownDescription": "Specifies the AWS account IDs and AWS Organizations organizational units (OUs) to exclude from the policy. Specifying an OU is the equivalent of specifying all accounts in the OU and in any of its child OUs, including any child OUs and accounts that are added at a later time.\n\nYou can specify inclusions or exclusions, but not both. If you specify an `IncludeMap` , AWS Firewall Manager applies the policy to all accounts specified by the `IncludeMap` , and does not evaluate any `ExcludeMap` specifications. If you do not specify an `IncludeMap` , then Firewall Manager applies the policy to all accounts except for those specified by the `ExcludeMap` .\n\nYou can specify account IDs, OUs, or a combination:\n\n- Specify account IDs by setting the key to `ACCOUNT` . For example, the following is a valid map: `{\u201cACCOUNT\u201d : [\u201caccountID1\u201d, \u201caccountID2\u201d]}` .\n- Specify OUs by setting the key to `ORGUNIT` . For example, the following is a valid map: `{\u201cORGUNIT\u201d : [\u201couid111\u201d, \u201couid112\u201d]}` .\n- Specify accounts and OUs together in a single map, separated with a comma. For example, the following is a valid map: `{\u201cACCOUNT\u201d : [\u201caccountID1\u201d, \u201caccountID2\u201d], \u201cORGUNIT\u201d : [\u201couid111\u201d, \u201couid112\u201d]}` .", - "title": "ExcludeMap" - }, - "ExcludeResourceTags": { - "markdownDescription": "Used only when tags are specified in the `ResourceTags` property. If this property is `True` , resources with the specified tags are not in scope of the policy. If it's `False` , only resources with the specified tags are in scope of the policy.", - "title": "ExcludeResourceTags", - "type": "boolean" - }, - "IncludeMap": { - "$ref": "#/definitions/AWS::FMS::Policy.IEMap", - "markdownDescription": "Specifies the AWS account IDs and AWS Organizations organizational units (OUs) to include in the policy. Specifying an OU is the equivalent of specifying all accounts in the OU and in any of its child OUs, including any child OUs and accounts that are added at a later time.\n\nYou can specify inclusions or exclusions, but not both. If you specify an `IncludeMap` , AWS Firewall Manager applies the policy to all accounts specified by the `IncludeMap` , and does not evaluate any `ExcludeMap` specifications. If you do not specify an `IncludeMap` , then Firewall Manager applies the policy to all accounts except for those specified by the `ExcludeMap` .\n\nYou can specify account IDs, OUs, or a combination:\n\n- Specify account IDs by setting the key to `ACCOUNT` . For example, the following is a valid map: `{\u201cACCOUNT\u201d : [\u201caccountID1\u201d, \u201caccountID2\u201d]}` .\n- Specify OUs by setting the key to `ORGUNIT` . For example, the following is a valid map: `{\u201cORGUNIT\u201d : [\u201couid111\u201d, \u201couid112\u201d]}` .\n- Specify accounts and OUs together in a single map, separated with a comma. For example, the following is a valid map: `{\u201cACCOUNT\u201d : [\u201caccountID1\u201d, \u201caccountID2\u201d], \u201cORGUNIT\u201d : [\u201couid111\u201d, \u201couid112\u201d]}` .", - "title": "IncludeMap" + "RepositoryCatalogData": { + "$ref": "#/definitions/AWS::ECR::PublicRepository.RepositoryCatalogData", + "markdownDescription": "The details about the repository that are publicly visible in the Amazon ECR Public Gallery. For more information, see [Amazon ECR Public repository catalog data](https://docs.aws.amazon.com/AmazonECR/latest/public/public-repository-catalog-data.html) in the *Amazon ECR Public User Guide* .", + "title": "RepositoryCatalogData" }, - "PolicyDescription": { - "markdownDescription": "Your description of the AWS Firewall Manager policy.", - "title": "PolicyDescription", + "RepositoryName": { + "markdownDescription": "The name to use for the public repository. The repository name may be specified on its own (such as `nginx-web-app` ) or it can be prepended with a namespace to group the repository into a category (such as `project-a/nginx-web-app` ). If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the repository name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "RepositoryName", "type": "string" }, - "PolicyName": { - "markdownDescription": "The name of the AWS Firewall Manager policy.", - "title": "PolicyName", - "type": "string" - }, - "RemediationEnabled": { - "markdownDescription": "Indicates if the policy should be automatically applied to new resources.", - "title": "RemediationEnabled", - "type": "boolean" - }, - "ResourceSetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The unique identifiers of the resource sets used by the policy.", - "title": "ResourceSetIds", - "type": "array" - }, - "ResourceTags": { - "items": { - "$ref": "#/definitions/AWS::FMS::Policy.ResourceTag" - }, - "markdownDescription": "An array of `ResourceTag` objects, used to explicitly include resources in the policy scope or explicitly exclude them. If this isn't set, then tags aren't used to modify policy scope. See also `ExcludeResourceTags` .", - "title": "ResourceTags", - "type": "array" - }, - "ResourceType": { - "markdownDescription": "The type of resource protected by or in scope of the policy. This is in the format shown in the [AWS Resource Types Reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html) . To apply this policy to multiple resource types, specify a resource type of `ResourceTypeList` and then specify the resource types in a `ResourceTypeList` .\n\nThe following are valid resource types for each Firewall Manager policy type:\n\n- AWS WAF Classic - `AWS::ApiGateway::Stage` , `AWS::CloudFront::Distribution` , and `AWS::ElasticLoadBalancingV2::LoadBalancer` .\n- AWS WAF - `AWS::ApiGateway::Stage` , `AWS::ElasticLoadBalancingV2::LoadBalancer` , and `AWS::CloudFront::Distribution` .\n- Shield Advanced - `AWS::ElasticLoadBalancingV2::LoadBalancer` , `AWS::ElasticLoadBalancing::LoadBalancer` , `AWS::EC2::EIP` , and `AWS::CloudFront::Distribution` .\n- Network ACL - `AWS::EC2::Subnet` .\n- Security group usage audit - `AWS::EC2::SecurityGroup` .\n- Security group content audit - `AWS::EC2::SecurityGroup` , `AWS::EC2::NetworkInterface` , and `AWS::EC2::Instance` .\n- DNS Firewall, AWS Network Firewall , and third-party firewall - `AWS::EC2::VPC` .", - "title": "ResourceType", - "type": "string" - }, - "ResourceTypeList": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of `ResourceType` objects. Use this only to specify multiple resource types. To specify a single resource type, use `ResourceType` .", - "title": "ResourceTypeList", - "type": "array" - }, - "ResourcesCleanUp": { - "markdownDescription": "Indicates whether AWS Firewall Manager should automatically remove protections from resources that leave the policy scope and clean up resources that Firewall Manager is managing for accounts when those accounts leave policy scope. For example, Firewall Manager will disassociate a Firewall Manager managed web ACL from a protected customer resource when the customer resource leaves policy scope.\n\nBy default, Firewall Manager doesn't remove protections or delete Firewall Manager managed resources.\n\nThis option is not available for Shield Advanced or AWS WAF Classic policies.", - "title": "ResourcesCleanUp", - "type": "boolean" - }, - "SecurityServicePolicyData": { - "$ref": "#/definitions/AWS::FMS::Policy.SecurityServicePolicyData", - "markdownDescription": "Details about the security service that is being used to protect the resources.\n\nThis contains the following settings:\n\n- Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting .\n\nValid values: `DNS_FIREWALL` | `NETWORK_FIREWALL` | `SECURITY_GROUPS_COMMON` | `SECURITY_GROUPS_CONTENT_AUDIT` | `SECURITY_GROUPS_USAGE_AUDIT` | `SHIELD_ADVANCED` | `THIRD_PARTY_FIREWALL` | `WAFV2` | `WAF`\n- ManagedServiceData - Details about the service that are specific to the service type, in JSON format.\n\n- Example: `DNS_FIREWALL`\n\n`\"{\\\"type\\\":\\\"DNS_FIREWALL\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-1\\\",\\\"priority\\\":10}],\\\"postProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-2\\\",\\\"priority\\\":9911}]}\"`\n\n> Valid values for `preProcessRuleGroups` are between 1 and 99. Valid values for `postProcessRuleGroups` are between 9901 and 10000.\n- Example: `NETWORK_FIREWALL` - Centralized deployment model\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"awsNetworkFirewallConfig\\\":{\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}},\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"OFF\\\"},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nWith automatic Availbility Zone configuration, Firewall Manager chooses which Availability Zones to create the endpoints in. To use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"]},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\": \\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\", \\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{ \\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[ \\\"10.0.0.0/28\\\"]}]} },\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"OFF\\\",\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nWith custom Availability Zone configuration, you define which specific Availability Zones to create endpoints in by configuring `firewallCreationConfig` . To configure the Availability Zones in `firewallCreationConfig` , specify either the `availabilityZoneName` or `availabilityZoneId` parameter, not both parameters.\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"],\\\"routeManagementConfig\\\":{\\\"allowCrossAZTrafficIfNoEndpoint\\\":true}},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall centralized deployment model\n\n`\"{ \\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\", \\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\", \\\"thirdPartyFirewallConfig\\\":{ \\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `CENTRALIZED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall distributed deployment model\n\n`\"{\\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\",\\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\",\\\"thirdPartyFirewallConfig\\\":{\\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{ \\\"distributedFirewallDeploymentModel\\\":{ \\\"distributedFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{ \\\"availabilityZoneConfigList\\\":[ {\\\"availabilityZoneName\\\":\\\"${AvailabilityZone}\\\" } ] } }, \\\"allowedIPV4CidrList\\\":[ ] } } } }\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `DISTRIBUTED` .\n- Specification for `SHIELD_ADVANCED` for Amazon CloudFront distributions\n\n`\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED|IGNORED|DISABLED\\\", \\\"automaticResponseAction\\\":\\\"BLOCK|COUNT\\\"}, \\\"overrideCustomerWebaclClassic\\\":true|false}\"`\n\nFor example: `\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED\\\", \\\"automaticResponseAction\\\":\\\"COUNT\\\"}}\"`\n\nThe default value for `automaticResponseStatus` is `IGNORED` . The value for `automaticResponseAction` is only required when `automaticResponseStatus` is set to `ENABLED` . The default value for `overrideCustomerWebaclClassic` is `false` .\n\nFor other resource types that you can protect with a Shield Advanced policy, this `ManagedServiceData` configuration is an empty string.\n- Example: `WAFV2`\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"version\\\":null,\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesAmazonIpReputationList\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nIn the `loggingConfiguration` , you can specify one `logDestinationConfigs` , you can optionally provide up to 20 `redactedFields` , and the `RedactedFieldType` must be one of `URI` , `QUERY_STRING` , `HEADER` , or `METHOD` .\n- Example: `AWS WAF Classic`\n\n`\"{\\\"type\\\": \\\"WAF\\\", \\\"ruleGroups\\\": [{\\\"id\\\":\\\"12345678-1bcd-9012-efga-0987654321ab\\\", \\\"overrideAction\\\" : {\\\"type\\\": \\\"COUNT\\\"}}], \\\"defaultAction\\\": {\\\"type\\\": \\\"BLOCK\\\"}}\"`\n- Example: `WAFV2` - AWS Firewall Manager support for AWS WAF managed rule group versioning\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"versionEnabled\\\":true,\\\"version\\\":\\\"Version_2.0\\\",\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesCommonRuleSet\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nTo use a specific version of a AWS WAF managed rule group in your Firewall Manager policy, you must set `versionEnabled` to `true` , and set `version` to the version you'd like to use. If you don't set `versionEnabled` to `true` , or if you omit `versionEnabled` , then Firewall Manager uses the default version of the AWS WAF managed rule group.\n- Example: `SECURITY_GROUPS_COMMON`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: Shared VPCs. Apply the preceding policy to resources in shared VPCs as well as to those in VPCs that the account owns\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"includeSharedVPC\\\":true,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: `SECURITY_GROUPS_CONTENT_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_CONTENT_AUDIT\\\",\\\"securityGroups\\\":[{\\\"id\\\":\\\"sg-000e55995d61a06bd\\\"}],\\\"securityGroupAction\\\":{\\\"type\\\":\\\"ALLOW\\\"}}\"`\n\nThe security group action for content audit can be `ALLOW` or `DENY` . For `ALLOW` , all in-scope security group rules must be within the allowed range of the policy's security group rules. For `DENY` , all in-scope security group rules must not contain a value or a range that matches a rule value or range in the policy security group.\n- Example: `SECURITY_GROUPS_USAGE_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_USAGE_AUDIT\\\",\\\"deleteUnusedSecurityGroups\\\":true,\\\"coalesceRedundantSecurityGroups\\\":true}\"`", - "title": "SecurityServicePolicyData" + "RepositoryPolicyText": { + "markdownDescription": "The JSON repository policy text to apply to the public repository. For more information, see [Amazon ECR Public repository policies](https://docs.aws.amazon.com/AmazonECR/latest/public/public-repository-policies.html) in the *Amazon ECR Public User Guide* .", + "title": "RepositoryPolicyText", + "type": "object" }, "Tags": { "items": { - "$ref": "#/definitions/AWS::FMS::Policy.PolicyTag" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "A collection of key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.", + "markdownDescription": "An array of key-value pairs to apply to this resource.", "title": "Tags", "type": "array" } }, - "required": [ - "ExcludeResourceTags", - "PolicyName", - "RemediationEnabled", - "SecurityServicePolicyData" - ], "type": "object" }, "Type": { "enum": [ - "AWS::FMS::Policy" + "AWS::ECR::PublicRepository" ], "type": "string" }, @@ -99322,141 +103383,48 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::FMS::Policy.IEMap": { + "AWS::ECR::PublicRepository.RepositoryCatalogData": { "additionalProperties": false, "properties": { - "ACCOUNT": { + "AboutText": { + "markdownDescription": "The longform description of the contents of the repository. This text appears in the repository details on the Amazon ECR Public Gallery.", + "title": "AboutText", + "type": "string" + }, + "Architectures": { "items": { "type": "string" }, - "markdownDescription": "The account list for the map.", - "title": "ACCOUNT", + "markdownDescription": "The architecture tags that are associated with the repository.", + "title": "Architectures", "type": "array" }, - "ORGUNIT": { + "OperatingSystems": { "items": { "type": "string" }, - "markdownDescription": "The organizational unit list for the map.", - "title": "ORGUNIT", + "markdownDescription": "The operating system tags that are associated with the repository.", + "title": "OperatingSystems", "type": "array" - } - }, - "type": "object" - }, - "AWS::FMS::Policy.NetworkFirewallPolicy": { - "additionalProperties": false, - "properties": { - "FirewallDeploymentModel": { - "markdownDescription": "Defines the deployment model to use for the firewall policy. To use a distributed model, set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `DISTRIBUTED` .", - "title": "FirewallDeploymentModel", - "type": "string" - } - }, - "required": [ - "FirewallDeploymentModel" - ], - "type": "object" - }, - "AWS::FMS::Policy.PolicyOption": { - "additionalProperties": false, - "properties": { - "NetworkFirewallPolicy": { - "$ref": "#/definitions/AWS::FMS::Policy.NetworkFirewallPolicy", - "markdownDescription": "Defines the deployment model to use for the firewall policy.", - "title": "NetworkFirewallPolicy" - }, - "ThirdPartyFirewallPolicy": { - "$ref": "#/definitions/AWS::FMS::Policy.ThirdPartyFirewallPolicy", - "markdownDescription": "Defines the policy options for a third-party firewall policy.", - "title": "ThirdPartyFirewallPolicy" - } - }, - "type": "object" - }, - "AWS::FMS::Policy.PolicyTag": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "Part of the key:value pair that defines a tag. You can use a tag key to describe a category of information, such as \"customer.\" Tag keys are case-sensitive.", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "Part of the key:value pair that defines a tag. You can use a tag value to describe a specific value within a category, such as \"companyA\" or \"companyB.\" Tag values are case-sensitive.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - }, - "AWS::FMS::Policy.ResourceTag": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "The resource tag key.", - "title": "Key", - "type": "string" }, - "Value": { - "markdownDescription": "The resource tag value.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Key" - ], - "type": "object" - }, - "AWS::FMS::Policy.SecurityServicePolicyData": { - "additionalProperties": false, - "properties": { - "ManagedServiceData": { - "markdownDescription": "Details about the service that are specific to the service type, in JSON format.\n\n- Example: `DNS_FIREWALL`\n\n`\"{\\\"type\\\":\\\"DNS_FIREWALL\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-1\\\",\\\"priority\\\":10}],\\\"postProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-2\\\",\\\"priority\\\":9911}]}\"`\n\n> Valid values for `preProcessRuleGroups` are between 1 and 99. Valid values for `postProcessRuleGroups` are between 9901 and 10000.\n- Example: `NETWORK_FIREWALL` - Centralized deployment model\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"awsNetworkFirewallConfig\\\":{\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}},\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"OFF\\\"},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nWith automatic Availbility Zone configuration, Firewall Manager chooses which Availability Zones to create the endpoints in. To use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"]},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\": \\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\", \\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{ \\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[ \\\"10.0.0.0/28\\\"]}]} },\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"OFF\\\",\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nWith custom Availability Zone configuration, you define which specific Availability Zones to create endpoints in by configuring `firewallCreationConfig` . To configure the Availability Zones in `firewallCreationConfig` , specify either the `availabilityZoneName` or `availabilityZoneId` parameter, not both parameters.\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"],\\\"routeManagementConfig\\\":{\\\"allowCrossAZTrafficIfNoEndpoint\\\":true}},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall centralized deployment model\n\n`\"{ \\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\", \\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\", \\\"thirdPartyFirewallConfig\\\":{ \\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `CENTRALIZED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall distributed deployment model\n\n`\"{\\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\",\\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\",\\\"thirdPartyFirewallConfig\\\":{\\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{ \\\"distributedFirewallDeploymentModel\\\":{ \\\"distributedFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{ \\\"availabilityZoneConfigList\\\":[ {\\\"availabilityZoneName\\\":\\\"${AvailabilityZone}\\\" } ] } }, \\\"allowedIPV4CidrList\\\":[ ] } } } }\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `DISTRIBUTED` .\n- Specification for `SHIELD_ADVANCED` for Amazon CloudFront distributions\n\n`\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED|IGNORED|DISABLED\\\", \\\"automaticResponseAction\\\":\\\"BLOCK|COUNT\\\"}, \\\"overrideCustomerWebaclClassic\\\":true|false}\"`\n\nFor example: `\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED\\\", \\\"automaticResponseAction\\\":\\\"COUNT\\\"}}\"`\n\nThe default value for `automaticResponseStatus` is `IGNORED` . The value for `automaticResponseAction` is only required when `automaticResponseStatus` is set to `ENABLED` . The default value for `overrideCustomerWebaclClassic` is `false` .\n\nFor other resource types that you can protect with a Shield Advanced policy, this `ManagedServiceData` configuration is an empty string.\n- Example: `WAFV2`\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"version\\\":null,\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesAmazonIpReputationList\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nIn the `loggingConfiguration` , you can specify one `logDestinationConfigs` , you can optionally provide up to 20 `redactedFields` , and the `RedactedFieldType` must be one of `URI` , `QUERY_STRING` , `HEADER` , or `METHOD` .\n- Example: `AWS WAF Classic`\n\n`\"{\\\"type\\\": \\\"WAF\\\", \\\"ruleGroups\\\": [{\\\"id\\\":\\\"12345678-1bcd-9012-efga-0987654321ab\\\", \\\"overrideAction\\\" : {\\\"type\\\": \\\"COUNT\\\"}}], \\\"defaultAction\\\": {\\\"type\\\": \\\"BLOCK\\\"}}\"`\n- Example: `WAFV2` - AWS Firewall Manager support for AWS WAF managed rule group versioning\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"versionEnabled\\\":true,\\\"version\\\":\\\"Version_2.0\\\",\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesCommonRuleSet\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nTo use a specific version of a AWS WAF managed rule group in your Firewall Manager policy, you must set `versionEnabled` to `true` , and set `version` to the version you'd like to use. If you don't set `versionEnabled` to `true` , or if you omit `versionEnabled` , then Firewall Manager uses the default version of the AWS WAF managed rule group.\n- Example: `SECURITY_GROUPS_COMMON`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: Shared VPCs. Apply the preceding policy to resources in shared VPCs as well as to those in VPCs that the account owns\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"includeSharedVPC\\\":true,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: `SECURITY_GROUPS_CONTENT_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_CONTENT_AUDIT\\\",\\\"securityGroups\\\":[{\\\"id\\\":\\\"sg-000e55995d61a06bd\\\"}],\\\"securityGroupAction\\\":{\\\"type\\\":\\\"ALLOW\\\"}}\"`\n\nThe security group action for content audit can be `ALLOW` or `DENY` . For `ALLOW` , all in-scope security group rules must be within the allowed range of the policy's security group rules. For `DENY` , all in-scope security group rules must not contain a value or a range that matches a rule value or range in the policy security group.\n- Example: `SECURITY_GROUPS_USAGE_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_USAGE_AUDIT\\\",\\\"deleteUnusedSecurityGroups\\\":true,\\\"coalesceRedundantSecurityGroups\\\":true}\"`", - "title": "ManagedServiceData", + "RepositoryDescription": { + "markdownDescription": "The short description of the repository.", + "title": "RepositoryDescription", "type": "string" }, - "PolicyOption": { - "$ref": "#/definitions/AWS::FMS::Policy.PolicyOption", - "markdownDescription": "Contains the settings to configure a network ACL policy, a AWS Network Firewall firewall policy deployment model, or a third-party firewall policy.", - "title": "PolicyOption" - }, - "Type": { - "markdownDescription": "The service that the policy is using to protect the resources. This specifies the type of policy that is created, either an AWS WAF policy, a Shield Advanced policy, or a security group policy. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting SUPlong .", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::FMS::Policy.ThirdPartyFirewallPolicy": { - "additionalProperties": false, - "properties": { - "FirewallDeploymentModel": { - "markdownDescription": "Defines the deployment model to use for the third-party firewall policy.", - "title": "FirewallDeploymentModel", + "UsageText": { + "markdownDescription": "The longform usage details of the contents of the repository. The usage text provides context for users of the repository.", + "title": "UsageText", "type": "string" } }, - "required": [ - "FirewallDeploymentModel" - ], "type": "object" }, - "AWS::FMS::ResourceSet": { + "AWS::ECR::PullThroughCacheRule": { "additionalProperties": false, "properties": { "Condition": { @@ -99491,50 +103459,42 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the resource set.", - "title": "Description", + "CredentialArn": { + "markdownDescription": "The ARN of the Secrets Manager secret associated with the pull through cache rule.", + "title": "CredentialArn", "type": "string" }, - "Name": { - "markdownDescription": "The descriptive name of the resource set. You can't change the name of a resource set after you create it.", - "title": "Name", + "CustomRoleArn": { + "markdownDescription": "The ARN of the IAM role associated with the pull through cache rule.", + "title": "CustomRoleArn", "type": "string" }, - "ResourceTypeList": { - "items": { - "type": "string" - }, - "markdownDescription": "Determines the resources that can be associated to the resource set. Depending on your setting for max results and the number of resource sets, a single call might not return the full list.", - "title": "ResourceTypeList", - "type": "array" + "EcrRepositoryPrefix": { + "markdownDescription": "The Amazon ECR repository prefix associated with the pull through cache rule.", + "title": "EcrRepositoryPrefix", + "type": "string" }, - "Resources": { - "items": { - "type": "string" - }, - "markdownDescription": "", - "title": "Resources", - "type": "array" + "UpstreamRegistry": { + "markdownDescription": "The name of the upstream source registry associated with the pull through cache rule.", + "title": "UpstreamRegistry", + "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "", - "title": "Tags", - "type": "array" + "UpstreamRegistryUrl": { + "markdownDescription": "The upstream registry URL associated with the pull through cache rule.", + "title": "UpstreamRegistryUrl", + "type": "string" + }, + "UpstreamRepositoryPrefix": { + "markdownDescription": "The upstream repository prefix associated with the pull through cache rule.", + "title": "UpstreamRepositoryPrefix", + "type": "string" } }, - "required": [ - "Name", - "ResourceTypeList" - ], "type": "object" }, "Type": { "enum": [ - "AWS::FMS::ResourceSet" + "AWS::ECR::PullThroughCacheRule" ], "type": "string" }, @@ -99548,12 +103508,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::FSx::DataRepositoryAssociation": { + "AWS::ECR::RegistryPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -99588,55 +103547,20 @@ "Properties": { "additionalProperties": false, "properties": { - "BatchImportMetaDataOnCreate": { - "markdownDescription": "A boolean flag indicating whether an import data repository task to import metadata should run after the data repository association is created. The task runs if this flag is set to `true` .", - "title": "BatchImportMetaDataOnCreate", - "type": "boolean" - }, - "DataRepositoryPath": { - "markdownDescription": "The path to the Amazon S3 data repository that will be linked to the file system. The path can be an S3 bucket or prefix in the format `s3://myBucket/myPrefix/` . This path specifies where in the S3 data repository files will be imported from or exported to.", - "title": "DataRepositoryPath", - "type": "string" - }, - "FileSystemId": { - "markdownDescription": "The ID of the file system on which the data repository association is configured.", - "title": "FileSystemId", - "type": "string" - }, - "FileSystemPath": { - "markdownDescription": "A path on the Amazon FSx for Lustre file system that points to a high-level directory (such as `/ns1/` ) or subdirectory (such as `/ns1/subdir/` ) that will be mapped 1-1 with `DataRepositoryPath` . The leading forward slash in the name is required. Two data repository associations cannot have overlapping file system paths. For example, if a data repository is associated with file system path `/ns1/` , then you cannot link another data repository with file system path `/ns1/ns2` .\n\nThis path specifies where in your file system files will be exported from or imported to. This file system directory can be linked to only one Amazon S3 bucket, and no other S3 bucket can be linked to the directory.\n\n> If you specify only a forward slash ( `/` ) as the file system path, you can link only one data repository to the file system. You can only specify \"/\" as the file system path for the first data repository associated with a file system.", - "title": "FileSystemPath", - "type": "string" - }, - "ImportedFileChunkSize": { - "markdownDescription": "For files imported from a data repository, this value determines the stripe count and maximum amount of data per file (in MiB) stored on a single physical disk. The maximum number of disks that a single file can be striped across is limited by the total number of disks that make up the file system or cache.\n\nThe default chunk size is 1,024 MiB (1 GiB) and can go as high as 512,000 MiB (500 GiB). Amazon S3 objects have a maximum size of 5 TB.", - "title": "ImportedFileChunkSize", - "type": "number" - }, - "S3": { - "$ref": "#/definitions/AWS::FSx::DataRepositoryAssociation.S3", - "markdownDescription": "The configuration for an Amazon S3 data repository linked to an Amazon FSx Lustre file system with a data repository association. The configuration defines which file events (new, changed, or deleted files or directories) are automatically imported from the linked data repository to the file system or automatically exported from the file system to the data repository.", - "title": "S3" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of `Tag` values, with a maximum of 50 elements.", - "title": "Tags", - "type": "array" + "PolicyText": { + "markdownDescription": "The JSON policy text for your registry.", + "title": "PolicyText", + "type": "object" } }, "required": [ - "DataRepositoryPath", - "FileSystemId", - "FileSystemPath" + "PolicyText" ], "type": "object" }, "Type": { "enum": [ - "AWS::FSx::DataRepositoryAssociation" + "AWS::ECR::RegistryPolicy" ], "type": "string" }, @@ -99655,57 +103579,7 @@ ], "type": "object" }, - "AWS::FSx::DataRepositoryAssociation.AutoExportPolicy": { - "additionalProperties": false, - "properties": { - "Events": { - "items": { - "type": "string" - }, - "markdownDescription": "The `AutoExportPolicy` can have the following event values:\n\n- `NEW` - New files and directories are automatically exported to the data repository as they are added to the file system.\n- `CHANGED` - Changes to files and directories on the file system are automatically exported to the data repository.\n- `DELETED` - Files and directories are automatically deleted on the data repository when they are deleted on the file system.\n\nYou can define any combination of event types for your `AutoExportPolicy` .", - "title": "Events", - "type": "array" - } - }, - "required": [ - "Events" - ], - "type": "object" - }, - "AWS::FSx::DataRepositoryAssociation.AutoImportPolicy": { - "additionalProperties": false, - "properties": { - "Events": { - "items": { - "type": "string" - }, - "markdownDescription": "The `AutoImportPolicy` can have the following event values:\n\n- `NEW` - Amazon FSx automatically imports metadata of files added to the linked S3 bucket that do not currently exist in the FSx file system.\n- `CHANGED` - Amazon FSx automatically updates file metadata and invalidates existing file content on the file system as files change in the data repository.\n- `DELETED` - Amazon FSx automatically deletes files on the file system as corresponding files are deleted in the data repository.\n\nYou can define any combination of event types for your `AutoImportPolicy` .", - "title": "Events", - "type": "array" - } - }, - "required": [ - "Events" - ], - "type": "object" - }, - "AWS::FSx::DataRepositoryAssociation.S3": { - "additionalProperties": false, - "properties": { - "AutoExportPolicy": { - "$ref": "#/definitions/AWS::FSx::DataRepositoryAssociation.AutoExportPolicy", - "markdownDescription": "Describes a data repository association's automatic export policy. The `AutoExportPolicy` defines the types of updated objects on the file system that will be automatically exported to the data repository. As you create, modify, or delete files, Amazon FSx for Lustre automatically exports the defined changes asynchronously once your application finishes modifying the file.\n\nThe `AutoExportPolicy` is only supported on Amazon FSx for Lustre file systems with a data repository association.", - "title": "AutoExportPolicy" - }, - "AutoImportPolicy": { - "$ref": "#/definitions/AWS::FSx::DataRepositoryAssociation.AutoImportPolicy", - "markdownDescription": "Describes the data repository association's automatic import policy. The AutoImportPolicy defines how Amazon FSx keeps your file metadata and directory listings up to date by importing changes to your Amazon FSx for Lustre file system as you modify objects in a linked S3 bucket.\n\nThe `AutoImportPolicy` is only supported on Amazon FSx for Lustre file systems with a data repository association.", - "title": "AutoImportPolicy" - } - }, - "type": "object" - }, - "AWS::FSx::FileSystem": { + "AWS::ECR::RegistryScanningConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -99740,90 +103614,29 @@ "Properties": { "additionalProperties": false, "properties": { - "BackupId": { - "markdownDescription": "The ID of the file system backup that you are using to create a file system. For more information, see [CreateFileSystemFromBackup](https://docs.aws.amazon.com/fsx/latest/APIReference/API_CreateFileSystemFromBackup.html) .", - "title": "BackupId", - "type": "string" - }, - "FileSystemType": { - "markdownDescription": "The type of Amazon FSx file system, which can be `LUSTRE` , `WINDOWS` , `ONTAP` , or `OPENZFS` .", - "title": "FileSystemType", - "type": "string" - }, - "FileSystemTypeVersion": { - "markdownDescription": "For FSx for Lustre file systems, sets the Lustre version for the file system that you're creating. Valid values are `2.10` , `2.12` , and `2.15` :\n\n- `2.10` is supported by the Scratch and Persistent_1 Lustre deployment types.\n- `2.12` is supported by all Lustre deployment types, except for `PERSISTENT_2` with a metadata configuration mode.\n- `2.15` is supported by all Lustre deployment types and is recommended for all new file systems.\n\nDefault value is `2.10` , except for the following deployments:\n\n- Default value is `2.12` when `DeploymentType` is set to `PERSISTENT_2` without a metadata configuration mode.\n- Default value is `2.15` when `DeploymentType` is set to `PERSISTENT_2` with a metadata configuration mode.", - "title": "FileSystemTypeVersion", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "The ID of the AWS Key Management Service ( AWS KMS ) key used to encrypt Amazon FSx file system data. Used as follows with Amazon FSx file system types:\n\n- Amazon FSx for Lustre `PERSISTENT_1` and `PERSISTENT_2` deployment types only.\n\n`SCRATCH_1` and `SCRATCH_2` types are encrypted using the Amazon FSx service AWS KMS key for your account.\n- Amazon FSx for NetApp ONTAP\n- Amazon FSx for OpenZFS\n- Amazon FSx for Windows File Server", - "title": "KmsKeyId", - "type": "string" - }, - "LustreConfiguration": { - "$ref": "#/definitions/AWS::FSx::FileSystem.LustreConfiguration", - "markdownDescription": "The Lustre configuration for the file system being created.\n\n> The following parameters are not supported when creating Lustre file systems with a data repository association.\n> \n> - `AutoImportPolicy`\n> - `ExportPath`\n> - `ImportedChunkSize`\n> - `ImportPath`", - "title": "LustreConfiguration" - }, - "OntapConfiguration": { - "$ref": "#/definitions/AWS::FSx::FileSystem.OntapConfiguration", - "markdownDescription": "The ONTAP configuration properties of the FSx for ONTAP file system that you are creating.", - "title": "OntapConfiguration" - }, - "OpenZFSConfiguration": { - "$ref": "#/definitions/AWS::FSx::FileSystem.OpenZFSConfiguration", - "markdownDescription": "The Amazon FSx for OpenZFS configuration properties for the file system that you are creating.", - "title": "OpenZFSConfiguration" - }, - "SecurityGroupIds": { + "Rules": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::ECR::RegistryScanningConfiguration.ScanningRule" }, - "markdownDescription": "A list of IDs specifying the security groups to apply to all network interfaces created for file system access. This list isn't returned in later requests to describe the file system.\n\n> You must specify a security group if you are creating a Multi-AZ FSx for ONTAP file system in a VPC subnet that has been shared with you.", - "title": "SecurityGroupIds", + "markdownDescription": "The scanning rules associated with the registry.", + "title": "Rules", "type": "array" }, - "StorageCapacity": { - "markdownDescription": "Sets the storage capacity of the file system that you're creating.\n\n`StorageCapacity` is required if you are creating a new file system. It is not required if you are creating a file system by restoring a backup.\n\n*FSx for Lustre file systems* - The amount of storage capacity that you can configure depends on the value that you set for `StorageType` and the Lustre `DeploymentType` , as follows:\n\n- For `SCRATCH_2` , `PERSISTENT_2` and `PERSISTENT_1` deployment types using SSD storage type, the valid values are 1200 GiB, 2400 GiB, and increments of 2400 GiB.\n- For `PERSISTENT_1` HDD file systems, valid values are increments of 6000 GiB for 12 MB/s/TiB file systems and increments of 1800 GiB for 40 MB/s/TiB file systems.\n- For `SCRATCH_1` deployment type, valid values are 1200 GiB, 2400 GiB, and increments of 3600 GiB.\n\n*FSx for ONTAP file systems* - The amount of SSD storage capacity that you can configure depends on the value of the `HAPairs` property. The minimum value is calculated as 1,024 GiB * HAPairs and the maximum is calculated as 524,288 GiB * HAPairs, up to a maximum amount of SSD storage capacity of 1,048,576 GiB (1 pebibyte).\n\n*FSx for OpenZFS file systems* - The amount of storage capacity that you can configure is from 64 GiB up to 524,288 GiB (512 TiB). If you are creating a file system from a backup, you can specify a storage capacity equal to or greater than the original file system's storage capacity.\n\n*FSx for Windows File Server file systems* - The amount of storage capacity that you can configure depends on the value that you set for `StorageType` as follows:\n\n- For SSD storage, valid values are 32 GiB-65,536 GiB (64 TiB).\n- For HDD storage, valid values are 2000 GiB-65,536 GiB (64 TiB).", - "title": "StorageCapacity", - "type": "number" - }, - "StorageType": { - "markdownDescription": "Sets the storage class for the file system that you're creating. Valid values are `SSD` , `HDD` , and `INTELLIGENT_TIERING` .\n\n- Set to `SSD` to use solid state drive storage. SSD is supported on all Windows, Lustre, ONTAP, and OpenZFS deployment types.\n- Set to `HDD` to use hard disk drive storage, which is supported on `SINGLE_AZ_2` and `MULTI_AZ_1` Windows file system deployment types, and on `PERSISTENT_1` Lustre file system deployment types.\n- Set to `INTELLIGENT_TIERING` to use fully elastic, intelligently-tiered storage. Intelligent-Tiering is only available for OpenZFS file systems with the Multi-AZ deployment type and for Lustre file systems with the Persistent_2 deployment type.\n\nDefault value is `SSD` . For more information, see [Storage type options](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/optimize-fsx-costs.html#storage-type-options) in the *FSx for Windows File Server User Guide* , [FSx for Lustre storage classes](https://docs.aws.amazon.com/fsx/latest/LustreGuide/using-fsx-lustre.html#lustre-storage-classes) in the *FSx for Lustre User Guide* , and [Working with Intelligent-Tiering](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/performance-intelligent-tiering) in the *Amazon FSx for OpenZFS User Guide* .", - "title": "StorageType", + "ScanType": { + "markdownDescription": "The type of scanning configured for the registry.", + "title": "ScanType", "type": "string" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the IDs of the subnets that the file system will be accessible from. For Windows and ONTAP `MULTI_AZ_1` deployment types,provide exactly two subnet IDs, one for the preferred file server and one for the standby file server. You specify one of these subnets as the preferred subnet using the `WindowsConfiguration > PreferredSubnetID` or `OntapConfiguration > PreferredSubnetID` properties. For more information about Multi-AZ file system configuration, see [Availability and durability: Single-AZ and Multi-AZ file systems](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/high-availability-multiAZ.html) in the *Amazon FSx for Windows User Guide* and [Availability and durability](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/high-availability-multiAZ.html) in the *Amazon FSx for ONTAP User Guide* .\n\nFor Windows `SINGLE_AZ_1` and `SINGLE_AZ_2` and all Lustre deployment types, provide exactly one subnet ID. The file server is launched in that subnet's Availability Zone.", - "title": "SubnetIds", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to associate with the file system. For more information, see [Tagging your Amazon FSx resources](https://docs.aws.amazon.com/fsx/latest/LustreGuide/tag-resources.html) in the *Amazon FSx for Lustre User Guide* .", - "title": "Tags", - "type": "array" - }, - "WindowsConfiguration": { - "$ref": "#/definitions/AWS::FSx::FileSystem.WindowsConfiguration", - "markdownDescription": "The configuration object for the Microsoft Windows file system you are creating.\n\nThis value is required if `FileSystemType` is set to `WINDOWS` .", - "title": "WindowsConfiguration" } }, "required": [ - "FileSystemType", - "SubnetIds" + "Rules", + "ScanType" ], "type": "object" }, "Type": { "enum": [ - "AWS::FSx::FileSystem" + "AWS::ECR::RegistryScanningConfiguration" ], "type": "string" }, @@ -99842,473 +103655,199 @@ ], "type": "object" }, - "AWS::FSx::FileSystem.AuditLogConfiguration": { + "AWS::ECR::RegistryScanningConfiguration.RepositoryFilter": { "additionalProperties": false, "properties": { - "AuditLogDestination": { - "markdownDescription": "The Amazon Resource Name (ARN) for the destination of the audit logs. The destination can be any Amazon CloudWatch Logs log group ARN or Amazon Kinesis Data Firehose delivery stream ARN.\n\nThe name of the Amazon CloudWatch Logs log group must begin with the `/aws/fsx` prefix. The name of the Amazon Kinesis Data Firehose delivery stream must begin with the `aws-fsx` prefix.\n\nThe destination ARN (either CloudWatch Logs log group or Kinesis Data Firehose delivery stream) must be in the same AWS partition, AWS Region , and AWS account as your Amazon FSx file system.", - "title": "AuditLogDestination", - "type": "string" - }, - "FileAccessAuditLogLevel": { - "markdownDescription": "Sets which attempt type is logged by Amazon FSx for file and folder accesses.\n\n- `SUCCESS_ONLY` - only successful attempts to access files or folders are logged.\n- `FAILURE_ONLY` - only failed attempts to access files or folders are logged.\n- `SUCCESS_AND_FAILURE` - both successful attempts and failed attempts to access files or folders are logged.\n- `DISABLED` - access auditing of files and folders is turned off.", - "title": "FileAccessAuditLogLevel", + "Filter": { + "markdownDescription": "The filter to use when scanning.", + "title": "Filter", "type": "string" }, - "FileShareAccessAuditLogLevel": { - "markdownDescription": "Sets which attempt type is logged by Amazon FSx for file share accesses.\n\n- `SUCCESS_ONLY` - only successful attempts to access file shares are logged.\n- `FAILURE_ONLY` - only failed attempts to access file shares are logged.\n- `SUCCESS_AND_FAILURE` - both successful attempts and failed attempts to access file shares are logged.\n- `DISABLED` - access auditing of file shares is turned off.", - "title": "FileShareAccessAuditLogLevel", + "FilterType": { + "markdownDescription": "The type associated with the filter.", + "title": "FilterType", "type": "string" } }, "required": [ - "FileAccessAuditLogLevel", - "FileShareAccessAuditLogLevel" + "Filter", + "FilterType" ], "type": "object" }, - "AWS::FSx::FileSystem.ClientConfigurations": { + "AWS::ECR::RegistryScanningConfiguration.ScanningRule": { "additionalProperties": false, "properties": { - "Clients": { - "markdownDescription": "A value that specifies who can mount the file system. You can provide a wildcard character ( `*` ), an IP address ( `0.0.0.0` ), or a CIDR address ( `192.0.2.0/24` ). By default, Amazon FSx uses the wildcard character when specifying the client.", - "title": "Clients", - "type": "string" - }, - "Options": { + "RepositoryFilters": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::ECR::RegistryScanningConfiguration.RepositoryFilter" }, - "markdownDescription": "The options to use when mounting the file system. For a list of options that you can use with Network File System (NFS), see the [exports(5) - Linux man page](https://docs.aws.amazon.com/https://linux.die.net/man/5/exports) . When choosing your options, consider the following:\n\n- `crossmnt` is used by default. If you don't specify `crossmnt` when changing the client configuration, you won't be able to see or access snapshots in your file system's snapshot directory.\n- `sync` is used by default. If you instead specify `async` , the system acknowledges writes before writing to disk. If the system crashes before the writes are finished, you lose the unwritten data.", - "title": "Options", + "markdownDescription": "The details of a scanning repository filter. For more information on how to use filters, see [Using filters](https://docs.aws.amazon.com/AmazonECR/latest/userguide/image-scanning.html#image-scanning-filters) in the *Amazon Elastic Container Registry User Guide* .", + "title": "RepositoryFilters", "type": "array" - } - }, - "type": "object" - }, - "AWS::FSx::FileSystem.DiskIopsConfiguration": { - "additionalProperties": false, - "properties": { - "Iops": { - "markdownDescription": "The total number of SSD IOPS provisioned for the file system.\n\nThe minimum and maximum values for this property depend on the value of `HAPairs` and `StorageCapacity` . The minimum value is calculated as `StorageCapacity` * 3 * `HAPairs` (3 IOPS per GB of `StorageCapacity` ). The maximum value is calculated as 200,000 * `HAPairs` .\n\nAmazon FSx responds with an HTTP status code 400 (Bad Request) if the value of `Iops` is outside of the minimum or maximum values.", - "title": "Iops", - "type": "number" }, - "Mode": { - "markdownDescription": "Specifies whether the file system is using the `AUTOMATIC` setting of SSD IOPS of 3 IOPS per GB of storage capacity, or if it using a `USER_PROVISIONED` value.", - "title": "Mode", + "ScanFrequency": { + "markdownDescription": "The frequency that scans are performed at for a private registry. When the `ENHANCED` scan type is specified, the supported scan frequencies are `CONTINUOUS_SCAN` and `SCAN_ON_PUSH` . When the `BASIC` scan type is specified, the `SCAN_ON_PUSH` scan frequency is supported. If scan on push is not specified, then the `MANUAL` scan frequency is set by default.", + "title": "ScanFrequency", "type": "string" } }, + "required": [ + "RepositoryFilters", + "ScanFrequency" + ], "type": "object" }, - "AWS::FSx::FileSystem.LustreConfiguration": { + "AWS::ECR::ReplicationConfiguration": { "additionalProperties": false, "properties": { - "AutoImportPolicy": { - "markdownDescription": "(Optional) When you create your file system, your existing S3 objects appear as file and directory listings. Use this property to choose how Amazon FSx keeps your file and directory listings up to date as you add or modify objects in your linked S3 bucket. `AutoImportPolicy` can have the following values:\n\n- `NONE` - (Default) AutoImport is off. Amazon FSx only updates file and directory listings from the linked S3 bucket when the file system is created. FSx does not update file and directory listings for any new or changed objects after choosing this option.\n- `NEW` - AutoImport is on. Amazon FSx automatically imports directory listings of any new objects added to the linked S3 bucket that do not currently exist in the FSx file system.\n- `NEW_CHANGED` - AutoImport is on. Amazon FSx automatically imports file and directory listings of any new objects added to the S3 bucket and any existing objects that are changed in the S3 bucket after you choose this option.\n- `NEW_CHANGED_DELETED` - AutoImport is on. Amazon FSx automatically imports file and directory listings of any new objects added to the S3 bucket, any existing objects that are changed in the S3 bucket, and any objects that were deleted in the S3 bucket.\n\nFor more information, see [Automatically import updates from your S3 bucket](https://docs.aws.amazon.com/fsx/latest/LustreGuide/autoimport-data-repo.html) .\n\n> This parameter is not supported for Lustre file systems with a data repository association.", - "title": "AutoImportPolicy", - "type": "string" - }, - "AutomaticBackupRetentionDays": { - "markdownDescription": "The number of days to retain automatic backups. Setting this property to `0` disables automatic backups. You can retain automatic backups for a maximum of 90 days. The default is `0` .", - "title": "AutomaticBackupRetentionDays", - "type": "number" - }, - "CopyTagsToBackups": { - "markdownDescription": "(Optional) Not available for use with file systems that are linked to a data repository. A boolean flag indicating whether tags for the file system should be copied to backups. The default value is false. If `CopyTagsToBackups` is set to true, all file system tags are copied to all automatic and user-initiated backups when the user doesn't specify any backup-specific tags. If `CopyTagsToBackups` is set to true and you specify one or more backup tags, only the specified tags are copied to backups. If you specify one or more tags when creating a user-initiated backup, no tags are copied from the file system, regardless of this value.\n\n(Default = `false` )\n\nFor more information, see [Working with backups](https://docs.aws.amazon.com/fsx/latest/LustreGuide/using-backups-fsx.html) in the *Amazon FSx for Lustre User Guide* .", - "title": "CopyTagsToBackups", - "type": "boolean" - }, - "DailyAutomaticBackupStartTime": { - "markdownDescription": "A recurring daily time, in the format `HH:MM` . `HH` is the zero-padded hour of the day (0-23), and `MM` is the zero-padded minute of the hour. For example, `05:00` specifies 5 AM daily.", - "title": "DailyAutomaticBackupStartTime", + "Condition": { "type": "string" }, - "DataCompressionType": { - "markdownDescription": "Sets the data compression configuration for the file system. `DataCompressionType` can have the following values:\n\n- `NONE` - (Default) Data compression is turned off when the file system is created.\n- `LZ4` - Data compression is turned on with the LZ4 algorithm.\n\nFor more information, see [Lustre data compression](https://docs.aws.amazon.com/fsx/latest/LustreGuide/data-compression.html) in the *Amazon FSx for Lustre User Guide* .", - "title": "DataCompressionType", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "DeploymentType": { - "markdownDescription": "(Optional) Choose `SCRATCH_1` and `SCRATCH_2` deployment types when you need temporary storage and shorter-term processing of data. The `SCRATCH_2` deployment type provides in-transit encryption of data and higher burst throughput capacity than `SCRATCH_1` .\n\nChoose `PERSISTENT_1` for longer-term storage and for throughput-focused workloads that aren\u2019t latency-sensitive. `PERSISTENT_1` supports encryption of data in transit, and is available in all AWS Regions in which FSx for Lustre is available.\n\nChoose `PERSISTENT_2` for longer-term storage and for latency-sensitive workloads that require the highest levels of IOPS/throughput. `PERSISTENT_2` supports the SSD and Intelligent-Tiering storage classes. You can optionally specify a metadata configuration mode for `PERSISTENT_2` which supports increasing metadata performance. `PERSISTENT_2` is available in a limited number of AWS Regions . For more information, and an up-to-date list of AWS Regions in which `PERSISTENT_2` is available, see [Deployment and storage class options for FSx for Lustre file systems](https://docs.aws.amazon.com/fsx/latest/LustreGuide/using-fsx-lustre.html) in the *Amazon FSx for Lustre User Guide* .\n\n> If you choose `PERSISTENT_2` , and you set `FileSystemTypeVersion` to `2.10` , the `CreateFileSystem` operation fails. \n\nEncryption of data in transit is automatically turned on when you access `SCRATCH_2` , `PERSISTENT_1` , and `PERSISTENT_2` file systems from Amazon EC2 instances that support automatic encryption in the AWS Regions where they are available. For more information about encryption in transit for FSx for Lustre file systems, see [Encrypting data in transit](https://docs.aws.amazon.com/fsx/latest/LustreGuide/encryption-in-transit-fsxl.html) in the *Amazon FSx for Lustre User Guide* .\n\n(Default = `SCRATCH_1` )", - "title": "DeploymentType", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "DriveCacheType": { - "markdownDescription": "The type of drive cache used by `PERSISTENT_1` file systems that are provisioned with HDD storage devices. This parameter is required when storage type is HDD. Set this property to `READ` to improve the performance for frequently accessed files by caching up to 20% of the total storage capacity of the file system.\n\nThis parameter is required when `StorageType` is set to `HDD` and `DeploymentType` is `PERSISTENT_1` .", - "title": "DriveCacheType", - "type": "string" + "Metadata": { + "type": "object" }, - "ExportPath": { - "markdownDescription": "(Optional) Specifies the path in the Amazon S3 bucket where the root of your Amazon FSx file system is exported. The path must use the same Amazon S3 bucket as specified in ImportPath. You can provide an optional prefix to which new and changed data is to be exported from your Amazon FSx for Lustre file system. If an `ExportPath` value is not provided, Amazon FSx sets a default export path, `s3://import-bucket/FSxLustre[creation-timestamp]` . The timestamp is in UTC format, for example `s3://import-bucket/FSxLustre20181105T222312Z` .\n\nThe Amazon S3 export bucket must be the same as the import bucket specified by `ImportPath` . If you specify only a bucket name, such as `s3://import-bucket` , you get a 1:1 mapping of file system objects to S3 bucket objects. This mapping means that the input data in S3 is overwritten on export. If you provide a custom prefix in the export path, such as `s3://import-bucket/[custom-optional-prefix]` , Amazon FSx exports the contents of your file system to that export prefix in the Amazon S3 bucket.\n\n> This parameter is not supported for file systems with a data repository association.", - "title": "ExportPath", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "ReplicationConfiguration": { + "$ref": "#/definitions/AWS::ECR::ReplicationConfiguration.ReplicationConfiguration", + "markdownDescription": "The replication configuration for a registry.", + "title": "ReplicationConfiguration" + } + }, + "required": [ + "ReplicationConfiguration" + ], + "type": "object" }, - "ImportPath": { - "markdownDescription": "(Optional) The path to the Amazon S3 bucket (including the optional prefix) that you're using as the data repository for your Amazon FSx for Lustre file system. The root of your FSx for Lustre file system will be mapped to the root of the Amazon S3 bucket you select. An example is `s3://import-bucket/optional-prefix` . If you specify a prefix after the Amazon S3 bucket name, only object keys with that prefix are loaded into the file system.\n\n> This parameter is not supported for Lustre file systems with a data repository association.", - "title": "ImportPath", + "Type": { + "enum": [ + "AWS::ECR::ReplicationConfiguration" + ], "type": "string" }, - "ImportedFileChunkSize": { - "markdownDescription": "(Optional) For files imported from a data repository, this value determines the stripe count and maximum amount of data per file (in MiB) stored on a single physical disk. The maximum number of disks that a single file can be striped across is limited by the total number of disks that make up the file system.\n\nThe default chunk size is 1,024 MiB (1 GiB) and can go as high as 512,000 MiB (500 GiB). Amazon S3 objects have a maximum size of 5 TB.\n\n> This parameter is not supported for Lustre file systems with a data repository association.", - "title": "ImportedFileChunkSize", - "type": "number" - }, - "PerUnitStorageThroughput": { - "markdownDescription": "Required with `PERSISTENT_1` and `PERSISTENT_2` deployment types, provisions the amount of read and write throughput for each 1 tebibyte (TiB) of file system storage capacity, in MB/s/TiB. File system throughput capacity is calculated by multiplying \ufb01le system storage capacity (TiB) by the `PerUnitStorageThroughput` (MB/s/TiB). For a 2.4-TiB \ufb01le system, provisioning 50 MB/s/TiB of `PerUnitStorageThroughput` yields 120 MB/s of \ufb01le system throughput. You pay for the amount of throughput that you provision.\n\nValid values:\n\n- For `PERSISTENT_1` SSD storage: 50, 100, 200 MB/s/TiB.\n- For `PERSISTENT_1` HDD storage: 12, 40 MB/s/TiB.\n- For `PERSISTENT_2` SSD storage: 125, 250, 500, 1000 MB/s/TiB.", - "title": "PerUnitStorageThroughput", - "type": "number" - }, - "WeeklyMaintenanceStartTime": { - "markdownDescription": "The preferred start time to perform weekly maintenance, formatted d:HH:MM in the UTC time zone, where d is the weekday number, from 1 through 7, beginning with Monday and ending with Sunday.\n\nFor example, `1:05:00` specifies maintenance at 5 AM Monday.", - "title": "WeeklyMaintenanceStartTime", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::FSx::FileSystem.NfsExports": { - "additionalProperties": false, - "properties": { - "ClientConfigurations": { - "items": { - "$ref": "#/definitions/AWS::FSx::FileSystem.ClientConfigurations" - }, - "markdownDescription": "A list of configuration objects that contain the client and options for mounting the OpenZFS file system.", - "title": "ClientConfigurations", - "type": "array" - } - }, - "type": "object" - }, - "AWS::FSx::FileSystem.OntapConfiguration": { + "AWS::ECR::ReplicationConfiguration.ReplicationConfiguration": { "additionalProperties": false, "properties": { - "AutomaticBackupRetentionDays": { - "markdownDescription": "The number of days to retain automatic backups. Setting this property to `0` disables automatic backups. You can retain automatic backups for a maximum of 90 days. The default is `30` .", - "title": "AutomaticBackupRetentionDays", - "type": "number" - }, - "DailyAutomaticBackupStartTime": { - "markdownDescription": "A recurring daily time, in the format `HH:MM` . `HH` is the zero-padded hour of the day (0-23), and `MM` is the zero-padded minute of the hour. For example, `05:00` specifies 5 AM daily.", - "title": "DailyAutomaticBackupStartTime", - "type": "string" - }, - "DeploymentType": { - "markdownDescription": "Specifies the FSx for ONTAP file system deployment type to use in creating the file system.\n\n- `MULTI_AZ_1` - A high availability file system configured for Multi-AZ redundancy to tolerate temporary Availability Zone (AZ) unavailability. This is a first-generation FSx for ONTAP file system.\n- `MULTI_AZ_2` - A high availability file system configured for Multi-AZ redundancy to tolerate temporary AZ unavailability. This is a second-generation FSx for ONTAP file system.\n- `SINGLE_AZ_1` - A file system configured for Single-AZ redundancy. This is a first-generation FSx for ONTAP file system.\n- `SINGLE_AZ_2` - A file system configured with multiple high-availability (HA) pairs for Single-AZ redundancy. This is a second-generation FSx for ONTAP file system.\n\nFor information about the use cases for Multi-AZ and Single-AZ deployments, refer to [Choosing a file system deployment type](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/high-availability-AZ.html) .", - "title": "DeploymentType", - "type": "string" - }, - "DiskIopsConfiguration": { - "$ref": "#/definitions/AWS::FSx::FileSystem.DiskIopsConfiguration", - "markdownDescription": "The SSD IOPS configuration for the FSx for ONTAP file system.", - "title": "DiskIopsConfiguration" - }, - "EndpointIpAddressRange": { - "markdownDescription": "(Multi-AZ only) Specifies the IP address range in which the endpoints to access your file system will be created. By default in the Amazon FSx API, Amazon FSx selects an unused IP address range for you from the 198.19.* range. By default in the Amazon FSx console, Amazon FSx chooses the last 64 IP addresses from the VPC\u2019s primary CIDR range to use as the endpoint IP address range for the file system. You can have overlapping endpoint IP addresses for file systems deployed in the same VPC/route tables, as long as they don't overlap with any subnet.", - "title": "EndpointIpAddressRange", - "type": "string" - }, - "FsxAdminPassword": { - "markdownDescription": "The ONTAP administrative password for the `fsxadmin` user with which you administer your file system using the NetApp ONTAP CLI and REST API.", - "title": "FsxAdminPassword", - "type": "string" - }, - "HAPairs": { - "markdownDescription": "Specifies how many high-availability (HA) pairs of file servers will power your file system. First-generation file systems are powered by 1 HA pair. Second-generation multi-AZ file systems are powered by 1 HA pair. Second generation single-AZ file systems are powered by up to 12 HA pairs. The default value is 1. The value of this property affects the values of `StorageCapacity` , `Iops` , and `ThroughputCapacity` . For more information, see [High-availability (HA) pairs](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/administering-file-systems.html#HA-pairs) in the FSx for ONTAP user guide. Block storage protocol support (iSCSI and NVMe over TCP) is disabled on file systems with more than 6 HA pairs. For more information, see [Using block storage protocols](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/supported-fsx-clients.html#using-block-storage) .\n\nAmazon FSx responds with an HTTP status code 400 (Bad Request) for the following conditions:\n\n- The value of `HAPairs` is less than 1 or greater than 12.\n- The value of `HAPairs` is greater than 1 and the value of `DeploymentType` is `SINGLE_AZ_1` , `MULTI_AZ_1` , or `MULTI_AZ_2` .", - "title": "HAPairs", - "type": "number" - }, - "PreferredSubnetId": { - "markdownDescription": "Required when `DeploymentType` is set to `MULTI_AZ_1` or `MULTI_AZ_2` . This specifies the subnet in which you want the preferred file server to be located.", - "title": "PreferredSubnetId", - "type": "string" - }, - "RouteTableIds": { + "Rules": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::ECR::ReplicationConfiguration.ReplicationRule" }, - "markdownDescription": "(Multi-AZ only) Specifies the route tables in which Amazon FSx creates the rules for routing traffic to the correct file server. You should specify all virtual private cloud (VPC) route tables associated with the subnets in which your clients are located. By default, Amazon FSx selects your VPC's default route table.\n\n> Amazon FSx manages these route tables for Multi-AZ file systems using tag-based authentication. These route tables are tagged with `Key: AmazonFSx; Value: ManagedByAmazonFSx` . When creating FSx for ONTAP Multi-AZ file systems using AWS CloudFormation we recommend that you add the `Key: AmazonFSx; Value: ManagedByAmazonFSx` tag manually.", - "title": "RouteTableIds", + "markdownDescription": "An array of objects representing the replication destinations and repository filters for a replication configuration.", + "title": "Rules", "type": "array" - }, - "ThroughputCapacity": { - "markdownDescription": "Sets the throughput capacity for the file system that you're creating in megabytes per second (MBps). For more information, see [Managing throughput capacity](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-throughput-capacity.html) in the FSx for ONTAP User Guide.\n\nAmazon FSx responds with an HTTP status code 400 (Bad Request) for the following conditions:\n\n- The value of `ThroughputCapacity` and `ThroughputCapacityPerHAPair` are not the same value.\n- The value of `ThroughputCapacity` when divided by the value of `HAPairs` is outside of the valid range for `ThroughputCapacity` .", - "title": "ThroughputCapacity", - "type": "number" - }, - "ThroughputCapacityPerHAPair": { - "markdownDescription": "Use to choose the throughput capacity per HA pair, rather than the total throughput for the file system.\n\nYou can define either the `ThroughputCapacityPerHAPair` or the `ThroughputCapacity` when creating a file system, but not both.\n\nThis field and `ThroughputCapacity` are the same for file systems powered by one HA pair.\n\n- For `SINGLE_AZ_1` and `MULTI_AZ_1` file systems, valid values are 128, 256, 512, 1024, 2048, or 4096 MBps.\n- For `SINGLE_AZ_2` , valid values are 1536, 3072, or 6144 MBps.\n- For `MULTI_AZ_2` , valid values are 384, 768, 1536, 3072, or 6144 MBps.\n\nAmazon FSx responds with an HTTP status code 400 (Bad Request) for the following conditions:\n\n- The value of `ThroughputCapacity` and `ThroughputCapacityPerHAPair` are not the same value for file systems with one HA pair.\n- The value of deployment type is `SINGLE_AZ_2` and `ThroughputCapacity` / `ThroughputCapacityPerHAPair` is not a valid HA pair (a value between 1 and 12).\n- The value of `ThroughputCapacityPerHAPair` is not a valid value.", - "title": "ThroughputCapacityPerHAPair", - "type": "number" - }, - "WeeklyMaintenanceStartTime": { - "markdownDescription": "The preferred start time to perform weekly maintenance, formatted d:HH:MM in the UTC time zone, where d is the weekday number, from 1 through 7, beginning with Monday and ending with Sunday.\n\nFor example, `1:05:00` specifies maintenance at 5 AM Monday.", - "title": "WeeklyMaintenanceStartTime", - "type": "string" } }, "required": [ - "DeploymentType" + "Rules" ], "type": "object" }, - "AWS::FSx::FileSystem.OpenZFSConfiguration": { + "AWS::ECR::ReplicationConfiguration.ReplicationDestination": { "additionalProperties": false, "properties": { - "AutomaticBackupRetentionDays": { - "markdownDescription": "The number of days to retain automatic backups. Setting this property to `0` disables automatic backups. You can retain automatic backups for a maximum of 90 days. The default is `30` .", - "title": "AutomaticBackupRetentionDays", - "type": "number" - }, - "CopyTagsToBackups": { - "markdownDescription": "A Boolean value indicating whether tags for the file system should be copied to backups. This value defaults to `false` . If it's set to `true` , all tags for the file system are copied to all automatic and user-initiated backups where the user doesn't specify tags. If this value is `true` , and you specify one or more tags, only the specified tags are copied to backups. If you specify one or more tags when creating a user-initiated backup, no tags are copied from the file system, regardless of this value.", - "title": "CopyTagsToBackups", - "type": "boolean" - }, - "CopyTagsToVolumes": { - "markdownDescription": "A Boolean value indicating whether tags for the file system should be copied to volumes. This value defaults to `false` . If it's set to `true` , all tags for the file system are copied to volumes where the user doesn't specify tags. If this value is `true` , and you specify one or more tags, only the specified tags are copied to volumes. If you specify one or more tags when creating the volume, no tags are copied from the file system, regardless of this value.", - "title": "CopyTagsToVolumes", - "type": "boolean" - }, - "DailyAutomaticBackupStartTime": { - "markdownDescription": "A recurring daily time, in the format `HH:MM` . `HH` is the zero-padded hour of the day (0-23), and `MM` is the zero-padded minute of the hour. For example, `05:00` specifies 5 AM daily.", - "title": "DailyAutomaticBackupStartTime", - "type": "string" - }, - "DeploymentType": { - "markdownDescription": "Specifies the file system deployment type. Valid values are the following:\n\n- `MULTI_AZ_1` - Creates file systems with high availability and durability by replicating your data and supporting failover across multiple Availability Zones in the same AWS Region .\n- `SINGLE_AZ_HA_2` - Creates file systems with high availability and throughput capacities of 160 - 10,240 MB/s using an NVMe L2ARC cache by deploying a primary and standby file system within the same Availability Zone.\n- `SINGLE_AZ_HA_1` - Creates file systems with high availability and throughput capacities of 64 - 4,096 MB/s by deploying a primary and standby file system within the same Availability Zone.\n- `SINGLE_AZ_2` - Creates file systems with throughput capacities of 160 - 10,240 MB/s using an NVMe L2ARC cache that automatically recover within a single Availability Zone.\n- `SINGLE_AZ_1` - Creates file systems with throughput capacities of 64 - 4,096 MBs that automatically recover within a single Availability Zone.\n\nFor a list of which AWS Regions each deployment type is available in, see [Deployment type availability](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/availability-durability.html#available-aws-regions) . For more information on the differences in performance between deployment types, see [File system performance](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/performance.html#zfs-fs-performance) in the *Amazon FSx for OpenZFS User Guide* .", - "title": "DeploymentType", - "type": "string" - }, - "DiskIopsConfiguration": { - "$ref": "#/definitions/AWS::FSx::FileSystem.DiskIopsConfiguration", - "markdownDescription": "The SSD IOPS (input/output operations per second) configuration for an Amazon FSx for NetApp ONTAP, Amazon FSx for Windows File Server, or FSx for OpenZFS file system. By default, Amazon FSx automatically provisions 3 IOPS per GB of storage capacity. You can provision additional IOPS per GB of storage. The configuration consists of the total number of provisioned SSD IOPS and how it is was provisioned, or the mode (by the customer or by Amazon FSx).", - "title": "DiskIopsConfiguration" - }, - "EndpointIpAddressRange": { - "markdownDescription": "(Multi-AZ only) Specifies the IP address range in which the endpoints to access your file system will be created. By default in the Amazon FSx API and Amazon FSx console, Amazon FSx selects an available /28 IP address range for you from one of the VPC's CIDR ranges. You can have overlapping endpoint IP addresses for file systems deployed in the same VPC/route tables, as long as they don't overlap with any subnet.", - "title": "EndpointIpAddressRange", - "type": "string" - }, - "Options": { - "items": { - "type": "string" - }, - "markdownDescription": "To delete a file system if there are child volumes present below the root volume, use the string `DELETE_CHILD_VOLUMES_AND_SNAPSHOTS` . If your file system has child volumes and you don't use this option, the delete request will fail.", - "title": "Options", - "type": "array" - }, - "PreferredSubnetId": { - "markdownDescription": "Required when `DeploymentType` is set to `MULTI_AZ_1` . This specifies the subnet in which you want the preferred file server to be located.", - "title": "PreferredSubnetId", + "Region": { + "markdownDescription": "The Region to replicate to.", + "title": "Region", "type": "string" }, - "RootVolumeConfiguration": { - "$ref": "#/definitions/AWS::FSx::FileSystem.RootVolumeConfiguration", - "markdownDescription": "The configuration Amazon FSx uses when creating the root value of the Amazon FSx for OpenZFS file system. All volumes are children of the root volume.", - "title": "RootVolumeConfiguration" - }, - "RouteTableIds": { - "items": { - "type": "string" - }, - "markdownDescription": "(Multi-AZ only) Specifies the route tables in which Amazon FSx creates the rules for routing traffic to the correct file server. You should specify all virtual private cloud (VPC) route tables associated with the subnets in which your clients are located. By default, Amazon FSx selects your VPC's default route table.", - "title": "RouteTableIds", - "type": "array" - }, - "ThroughputCapacity": { - "markdownDescription": "Specifies the throughput of an Amazon FSx for OpenZFS file system, measured in megabytes per second (MBps). Valid values depend on the `DeploymentType` that you choose, as follows:\n\n- For `MULTI_AZ_1` and `SINGLE_AZ_2` , valid values are 160, 320, 640, 1280, 2560, 3840, 5120, 7680, or 10240 MBps.\n- For `SINGLE_AZ_1` , valid values are 64, 128, 256, 512, 1024, 2048, 3072, or 4096 MBps.\n\nYou pay for additional throughput capacity that you provision.", - "title": "ThroughputCapacity", - "type": "number" - }, - "WeeklyMaintenanceStartTime": { - "markdownDescription": "The preferred start time to perform weekly maintenance, formatted d:HH:MM in the UTC time zone, where d is the weekday number, from 1 through 7, beginning with Monday and ending with Sunday.\n\nFor example, `1:05:00` specifies maintenance at 5 AM Monday.", - "title": "WeeklyMaintenanceStartTime", + "RegistryId": { + "markdownDescription": "The AWS account ID of the Amazon ECR private registry to replicate to. When configuring cross-Region replication within your own registry, specify your own account ID.", + "title": "RegistryId", "type": "string" } }, "required": [ - "DeploymentType" + "Region", + "RegistryId" ], "type": "object" }, - "AWS::FSx::FileSystem.RootVolumeConfiguration": { + "AWS::ECR::ReplicationConfiguration.ReplicationRule": { "additionalProperties": false, "properties": { - "CopyTagsToSnapshots": { - "markdownDescription": "A Boolean value indicating whether tags for the volume should be copied to snapshots of the volume. This value defaults to `false` . If it's set to `true` , all tags for the volume are copied to snapshots where the user doesn't specify tags. If this value is `true` and you specify one or more tags, only the specified tags are copied to snapshots. If you specify one or more tags when creating the snapshot, no tags are copied from the volume, regardless of this value.", - "title": "CopyTagsToSnapshots", - "type": "boolean" - }, - "DataCompressionType": { - "markdownDescription": "Specifies the method used to compress the data on the volume. The compression type is `NONE` by default.\n\n- `NONE` - Doesn't compress the data on the volume. `NONE` is the default.\n- `ZSTD` - Compresses the data in the volume using the Zstandard (ZSTD) compression algorithm. Compared to LZ4, Z-Standard provides a better compression ratio to minimize on-disk storage utilization.\n- `LZ4` - Compresses the data in the volume using the LZ4 compression algorithm. Compared to Z-Standard, LZ4 is less compute-intensive and delivers higher write throughput speeds.", - "title": "DataCompressionType", - "type": "string" - }, - "NfsExports": { + "Destinations": { "items": { - "$ref": "#/definitions/AWS::FSx::FileSystem.NfsExports" + "$ref": "#/definitions/AWS::ECR::ReplicationConfiguration.ReplicationDestination" }, - "markdownDescription": "The configuration object for mounting a file system.", - "title": "NfsExports", + "markdownDescription": "An array of objects representing the destination for a replication rule.", + "title": "Destinations", "type": "array" }, - "ReadOnly": { - "markdownDescription": "A Boolean value indicating whether the volume is read-only. Setting this value to `true` can be useful after you have completed changes to a volume and no longer want changes to occur.", - "title": "ReadOnly", - "type": "boolean" - }, - "RecordSizeKiB": { - "markdownDescription": "Specifies the record size of an OpenZFS root volume, in kibibytes (KiB). Valid values are 4, 8, 16, 32, 64, 128, 256, 512, or 1024 KiB. The default is 128 KiB. Most workloads should use the default record size. Database workflows can benefit from a smaller record size, while streaming workflows can benefit from a larger record size. For additional guidance on setting a custom record size, see [Tips for maximizing performance](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/performance.html#performance-tips-zfs) in the *Amazon FSx for OpenZFS User Guide* .", - "title": "RecordSizeKiB", - "type": "number" - }, - "UserAndGroupQuotas": { - "items": { - "$ref": "#/definitions/AWS::FSx::FileSystem.UserAndGroupQuotas" - }, - "markdownDescription": "An object specifying how much storage users or groups can use on the volume.", - "title": "UserAndGroupQuotas", - "type": "array" - } - }, - "type": "object" - }, - "AWS::FSx::FileSystem.SelfManagedActiveDirectoryConfiguration": { - "additionalProperties": false, - "properties": { - "DnsIps": { + "RepositoryFilters": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::ECR::ReplicationConfiguration.RepositoryFilter" }, - "markdownDescription": "A list of up to three IP addresses of DNS servers or domain controllers in the self-managed AD directory.", - "title": "DnsIps", + "markdownDescription": "An array of objects representing the filters for a replication rule. Specifying a repository filter for a replication rule provides a method for controlling which repositories in a private registry are replicated.", + "title": "RepositoryFilters", "type": "array" - }, - "DomainName": { - "markdownDescription": "The fully qualified domain name of the self-managed AD directory, such as `corp.example.com` .", - "title": "DomainName", - "type": "string" - }, - "FileSystemAdministratorsGroup": { - "markdownDescription": "(Optional) The name of the domain group whose members are granted administrative privileges for the file system. Administrative privileges include taking ownership of files and folders, setting audit controls (audit ACLs) on files and folders, and administering the file system remotely by using the FSx Remote PowerShell. The group that you specify must already exist in your domain. If you don't provide one, your AD domain's Domain Admins group is used.", - "title": "FileSystemAdministratorsGroup", - "type": "string" - }, - "OrganizationalUnitDistinguishedName": { - "markdownDescription": "(Optional) The fully qualified distinguished name of the organizational unit within your self-managed AD directory. Amazon FSx only accepts OU as the direct parent of the file system. An example is `OU=FSx,DC=yourdomain,DC=corp,DC=com` . To learn more, see [RFC 2253](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc2253) . If none is provided, the FSx file system is created in the default location of your self-managed AD directory.\n\n> Only Organizational Unit (OU) objects can be the direct parent of the file system that you're creating.", - "title": "OrganizationalUnitDistinguishedName", - "type": "string" - }, - "Password": { - "markdownDescription": "The password for the service account on your self-managed AD domain that Amazon FSx will use to join to your AD domain.", - "title": "Password", - "type": "string" - }, - "UserName": { - "markdownDescription": "The user name for the service account on your self-managed AD domain that Amazon FSx will use to join to your AD domain. This account must have the permission to join computers to the domain in the organizational unit provided in `OrganizationalUnitDistinguishedName` , or in the default location of your AD domain.", - "title": "UserName", - "type": "string" - } - }, - "type": "object" - }, - "AWS::FSx::FileSystem.UserAndGroupQuotas": { - "additionalProperties": false, - "properties": { - "Id": { - "markdownDescription": "The ID of the user or group that the quota applies to.", - "title": "Id", - "type": "number" - }, - "StorageCapacityQuotaGiB": { - "markdownDescription": "The user or group's storage quota, in gibibytes (GiB).", - "title": "StorageCapacityQuotaGiB", - "type": "number" - }, - "Type": { - "markdownDescription": "Specifies whether the quota applies to a user or group.", - "title": "Type", - "type": "string" } }, + "required": [ + "Destinations" + ], "type": "object" }, - "AWS::FSx::FileSystem.WindowsConfiguration": { + "AWS::ECR::ReplicationConfiguration.RepositoryFilter": { "additionalProperties": false, "properties": { - "ActiveDirectoryId": { - "markdownDescription": "The ID for an existing AWS Managed Microsoft Active Directory (AD) instance that the file system should join when it's created. Required if you are joining the file system to an existing AWS Managed Microsoft AD.", - "title": "ActiveDirectoryId", - "type": "string" - }, - "Aliases": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of one or more DNS alias names that you want to associate with the Amazon FSx file system. Aliases allow you to use existing DNS names to access the data in your Amazon FSx file system. You can associate up to 50 aliases with a file system at any time.\n\nFor more information, see [Working with DNS Aliases](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/managing-dns-aliases.html) and [Walkthrough 5: Using DNS aliases to access your file system](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/walkthrough05-file-system-custom-CNAME.html) , including additional steps you must take to be able to access your file system using a DNS alias.\n\nAn alias name has to meet the following requirements:\n\n- Formatted as a fully-qualified domain name (FQDN), `hostname.domain` , for example, `accounting.example.com` .\n- Can contain alphanumeric characters, the underscore (_), and the hyphen (-).\n- Cannot start or end with a hyphen.\n- Can start with a numeric.\n\nFor DNS alias names, Amazon FSx stores alphabetical characters as lowercase letters (a-z), regardless of how you specify them: as uppercase letters, lowercase letters, or the corresponding letters in escape codes.", - "title": "Aliases", - "type": "array" - }, - "AuditLogConfiguration": { - "$ref": "#/definitions/AWS::FSx::FileSystem.AuditLogConfiguration", - "markdownDescription": "The configuration that Amazon FSx for Windows File Server uses to audit and log user accesses of files, folders, and file shares on the Amazon FSx for Windows File Server file system.", - "title": "AuditLogConfiguration" - }, - "AutomaticBackupRetentionDays": { - "markdownDescription": "The number of days to retain automatic backups. Setting this property to `0` disables automatic backups. You can retain automatic backups for a maximum of 90 days. The default is `30` .", - "title": "AutomaticBackupRetentionDays", - "type": "number" - }, - "CopyTagsToBackups": { - "markdownDescription": "A boolean flag indicating whether tags for the file system should be copied to backups. This value defaults to false. If it's set to true, all tags for the file system are copied to all automatic and user-initiated backups where the user doesn't specify tags. If this value is true, and you specify one or more tags, only the specified tags are copied to backups. If you specify one or more tags when creating a user-initiated backup, no tags are copied from the file system, regardless of this value.", - "title": "CopyTagsToBackups", - "type": "boolean" - }, - "DailyAutomaticBackupStartTime": { - "markdownDescription": "A recurring daily time, in the format `HH:MM` . `HH` is the zero-padded hour of the day (0-23), and `MM` is the zero-padded minute of the hour. For example, `05:00` specifies 5 AM daily.", - "title": "DailyAutomaticBackupStartTime", - "type": "string" - }, - "DeploymentType": { - "markdownDescription": "Specifies the file system deployment type, valid values are the following:\n\n- `MULTI_AZ_1` - Deploys a high availability file system that is configured for Multi-AZ redundancy to tolerate temporary Availability Zone (AZ) unavailability. You can only deploy a Multi-AZ file system in AWS Regions that have a minimum of three Availability Zones. Also supports HDD storage type\n- `SINGLE_AZ_1` - (Default) Choose to deploy a file system that is configured for single AZ redundancy.\n- `SINGLE_AZ_2` - The latest generation Single AZ file system. Specifies a file system that is configured for single AZ redundancy and supports HDD storage type.\n\nFor more information, see [Availability and Durability: Single-AZ and Multi-AZ File Systems](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/high-availability-multiAZ.html) .", - "title": "DeploymentType", - "type": "string" - }, - "DiskIopsConfiguration": { - "$ref": "#/definitions/AWS::FSx::FileSystem.DiskIopsConfiguration", - "markdownDescription": "The SSD IOPS (input/output operations per second) configuration for an Amazon FSx for Windows file system. By default, Amazon FSx automatically provisions 3 IOPS per GiB of storage capacity. You can provision additional IOPS per GiB of storage, up to the maximum limit associated with your chosen throughput capacity.", - "title": "DiskIopsConfiguration" - }, - "PreferredSubnetId": { - "markdownDescription": "Required when `DeploymentType` is set to `MULTI_AZ_1` . This specifies the subnet in which you want the preferred file server to be located. For in- AWS applications, we recommend that you launch your clients in the same availability zone as your preferred file server to reduce cross-availability zone data transfer costs and minimize latency.", - "title": "PreferredSubnetId", + "Filter": { + "markdownDescription": "The repository filter details. When the `PREFIX_MATCH` filter type is specified, this value is required and should be the repository name prefix to configure replication for.", + "title": "Filter", "type": "string" }, - "SelfManagedActiveDirectoryConfiguration": { - "$ref": "#/definitions/AWS::FSx::FileSystem.SelfManagedActiveDirectoryConfiguration", - "markdownDescription": "The configuration that Amazon FSx uses to join a FSx for Windows File Server file system or an FSx for ONTAP storage virtual machine (SVM) to a self-managed (including on-premises) Microsoft Active Directory (AD) directory. For more information, see [Using Amazon FSx for Windows with your self-managed Microsoft Active Directory](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/self-managed-AD.html) or [Managing FSx for ONTAP SVMs](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-svms.html) .", - "title": "SelfManagedActiveDirectoryConfiguration" - }, - "ThroughputCapacity": { - "markdownDescription": "Sets the throughput capacity of an Amazon FSx file system, measured in megabytes per second (MB/s), in 2 to the *n* th increments, between 2^3 (8) and 2^11 (2048).\n\n> To increase storage capacity, a file system must have a minimum throughput capacity of 16 MB/s.", - "title": "ThroughputCapacity", - "type": "number" - }, - "WeeklyMaintenanceStartTime": { - "markdownDescription": "The preferred start time to perform weekly maintenance, formatted d:HH:MM in the UTC time zone, where d is the weekday number, from 1 through 7, beginning with Monday and ending with Sunday.", - "title": "WeeklyMaintenanceStartTime", + "FilterType": { + "markdownDescription": "The repository filter type. The only supported value is `PREFIX_MATCH` , which is a repository name prefix specified with the `filter` parameter.", + "title": "FilterType", "type": "string" } }, "required": [ - "ThroughputCapacity" + "Filter", + "FilterType" ], "type": "object" }, - "AWS::FSx::Snapshot": { + "AWS::ECR::Repository": { "additionalProperties": false, "properties": { "Condition": { @@ -100343,34 +103882,55 @@ "Properties": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the snapshot.", - "title": "Name", + "EmptyOnDelete": { + "markdownDescription": "If true, deleting the repository force deletes the contents of the repository. If false, the repository must be empty before attempting to delete it.", + "title": "EmptyOnDelete", + "type": "boolean" + }, + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::ECR::Repository.EncryptionConfiguration", + "markdownDescription": "The encryption configuration for the repository. This determines how the contents of your repository are encrypted at rest.", + "title": "EncryptionConfiguration" + }, + "ImageScanningConfiguration": { + "$ref": "#/definitions/AWS::ECR::Repository.ImageScanningConfiguration", + "markdownDescription": "The image scanning configuration for the repository. This determines whether images are scanned for known vulnerabilities after being pushed to the repository.", + "title": "ImageScanningConfiguration" + }, + "ImageTagMutability": { + "markdownDescription": "The tag mutability setting for the repository. If this parameter is omitted, the default setting of `MUTABLE` will be used which will allow image tags to be overwritten. If `IMMUTABLE` is specified, all image tags within the repository will be immutable which will prevent them from being overwritten.", + "title": "ImageTagMutability", + "type": "string" + }, + "LifecyclePolicy": { + "$ref": "#/definitions/AWS::ECR::Repository.LifecyclePolicy", + "markdownDescription": "Creates or updates a lifecycle policy. For information about lifecycle policy syntax, see [Lifecycle policy template](https://docs.aws.amazon.com/AmazonECR/latest/userguide/LifecyclePolicies.html) .", + "title": "LifecyclePolicy" + }, + "RepositoryName": { + "markdownDescription": "The name to use for the repository. The repository name may be specified on its own (such as `nginx-web-app` ) or it can be prepended with a namespace to group the repository into a category (such as `project-a/nginx-web-app` ). If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the repository name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nThe repository name must start with a letter and can only contain lowercase letters, numbers, hyphens, underscores, and forward slashes.\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "RepositoryName", "type": "string" }, + "RepositoryPolicyText": { + "markdownDescription": "The JSON repository policy text to apply to the repository. For more information, see [Amazon ECR repository policies](https://docs.aws.amazon.com/AmazonECR/latest/userguide/repository-policy-examples.html) in the *Amazon Elastic Container Registry User Guide* .", + "title": "RepositoryPolicyText", + "type": "object" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of `Tag` values, with a maximum of 50 elements.", + "markdownDescription": "An array of key-value pairs to apply to this resource.", "title": "Tags", "type": "array" - }, - "VolumeId": { - "markdownDescription": "The ID of the volume that the snapshot is of.", - "title": "VolumeId", - "type": "string" } }, - "required": [ - "Name", - "VolumeId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::FSx::Snapshot" + "AWS::ECR::Repository" ], "type": "string" }, @@ -100384,12 +103944,57 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::FSx::StorageVirtualMachine": { + "AWS::ECR::Repository.EncryptionConfiguration": { + "additionalProperties": false, + "properties": { + "EncryptionType": { + "markdownDescription": "The encryption type to use.\n\nIf you use the `KMS` encryption type, the contents of the repository will be encrypted using server-side encryption with AWS Key Management Service key stored in AWS KMS . When you use AWS KMS to encrypt your data, you can either use the default AWS managed AWS KMS key for Amazon ECR, or specify your own AWS KMS key, which you already created.\n\nIf you use the `KMS_DSSE` encryption type, the contents of the repository will be encrypted with two layers of encryption using server-side encryption with the AWS KMS Management Service key stored in AWS KMS . Similar to the `KMS` encryption type, you can either use the default AWS managed AWS KMS key for Amazon ECR, or specify your own AWS KMS key, which you've already created.\n\nIf you use the `AES256` encryption type, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts the images in the repository using an AES256 encryption algorithm.\n\nFor more information, see [Amazon ECR encryption at rest](https://docs.aws.amazon.com/AmazonECR/latest/userguide/encryption-at-rest.html) in the *Amazon Elastic Container Registry User Guide* .", + "title": "EncryptionType", + "type": "string" + }, + "KmsKey": { + "markdownDescription": "If you use the `KMS` encryption type, specify the AWS KMS key to use for encryption. The alias, key ID, or full ARN of the AWS KMS key can be specified. The key must exist in the same Region as the repository. If no key is specified, the default AWS managed AWS KMS key for Amazon ECR will be used.", + "title": "KmsKey", + "type": "string" + } + }, + "required": [ + "EncryptionType" + ], + "type": "object" + }, + "AWS::ECR::Repository.ImageScanningConfiguration": { + "additionalProperties": false, + "properties": { + "ScanOnPush": { + "markdownDescription": "The setting that determines whether images are scanned after being pushed to a repository. If set to `true` , images will be scanned after being pushed. If this parameter is not specified, it will default to `false` and images will not be scanned unless a scan is manually started.", + "title": "ScanOnPush", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::ECR::Repository.LifecyclePolicy": { + "additionalProperties": false, + "properties": { + "LifecyclePolicyText": { + "markdownDescription": "The JSON repository policy text to apply to the repository.", + "title": "LifecyclePolicyText", + "type": "string" + }, + "RegistryId": { + "markdownDescription": "The AWS account ID associated with the registry that contains the repository. If you do not specify a registry, the default registry is assumed.", + "title": "RegistryId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ECR::RepositoryCreationTemplate": { "additionalProperties": false, "properties": { "Condition": { @@ -100424,49 +104029,67 @@ "Properties": { "additionalProperties": false, "properties": { - "ActiveDirectoryConfiguration": { - "$ref": "#/definitions/AWS::FSx::StorageVirtualMachine.ActiveDirectoryConfiguration", - "markdownDescription": "Describes the Microsoft Active Directory configuration to which the SVM is joined, if applicable.", - "title": "ActiveDirectoryConfiguration" + "AppliedFor": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of enumerable Strings representing the repository creation scenarios that this template will apply towards. The two supported scenarios are PULL_THROUGH_CACHE and REPLICATION", + "title": "AppliedFor", + "type": "array" }, - "FileSystemId": { - "markdownDescription": "Specifies the FSx for ONTAP file system on which to create the SVM.", - "title": "FileSystemId", + "CustomRoleArn": { + "markdownDescription": "The ARN of the role to be assumed by Amazon ECR. Amazon ECR will assume your supplied role when the customRoleArn is specified. When this field isn't specified, Amazon ECR will use the service-linked role for the repository creation template.", + "title": "CustomRoleArn", "type": "string" }, - "Name": { - "markdownDescription": "The name of the SVM.", - "title": "Name", + "Description": { + "markdownDescription": "The description associated with the repository creation template.", + "title": "Description", "type": "string" }, - "RootVolumeSecurityStyle": { - "markdownDescription": "The security style of the root volume of the SVM. Specify one of the following values:\n\n- `UNIX` if the file system is managed by a UNIX administrator, the majority of users are NFS clients, and an application accessing the data uses a UNIX user as the service account.\n- `NTFS` if the file system is managed by a Microsoft Windows administrator, the majority of users are SMB clients, and an application accessing the data uses a Microsoft Windows user as the service account.\n- `MIXED` This is an advanced setting. For more information, see [Volume security style](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/volume-security-style.html) in the Amazon FSx for NetApp ONTAP User Guide.", - "title": "RootVolumeSecurityStyle", - "type": "string" + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::ECR::RepositoryCreationTemplate.EncryptionConfiguration", + "markdownDescription": "The encryption configuration associated with the repository creation template.", + "title": "EncryptionConfiguration" }, - "SvmAdminPassword": { - "markdownDescription": "Specifies the password to use when logging on to the SVM using a secure shell (SSH) connection to the SVM's management endpoint. Doing so enables you to manage the SVM using the NetApp ONTAP CLI or REST API. If you do not specify a password, you can still use the file system's `fsxadmin` user to manage the SVM. For more information, see [Managing SVMs using the NetApp ONTAP CLI](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-resources-ontap-apps.html#vsadmin-ontap-cli) in the *FSx for ONTAP User Guide* .", - "title": "SvmAdminPassword", + "ImageTagMutability": { + "markdownDescription": "The tag mutability setting for the repository. If this parameter is omitted, the default setting of `MUTABLE` will be used which will allow image tags to be overwritten. If `IMMUTABLE` is specified, all image tags within the repository will be immutable which will prevent them from being overwritten.", + "title": "ImageTagMutability", "type": "string" }, - "Tags": { + "LifecyclePolicy": { + "markdownDescription": "The lifecycle policy to use for repositories created using the template.", + "title": "LifecyclePolicy", + "type": "string" + }, + "Prefix": { + "markdownDescription": "The repository namespace prefix associated with the repository creation template.", + "title": "Prefix", + "type": "string" + }, + "RepositoryPolicy": { + "markdownDescription": "The repository policy to apply to repositories created using the template. A repository policy is a permissions policy associated with a repository to control access permissions.", + "title": "RepositoryPolicy", + "type": "string" + }, + "ResourceTags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of `Tag` values, with a maximum of 50 elements.", - "title": "Tags", + "markdownDescription": "The metadata to apply to the repository to help you categorize and organize. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.", + "title": "ResourceTags", "type": "array" } }, "required": [ - "FileSystemId", - "Name" + "AppliedFor", + "Prefix" ], "type": "object" }, "Type": { "enum": [ - "AWS::FSx::StorageVirtualMachine" + "AWS::ECR::RepositoryCreationTemplate" ], "type": "string" }, @@ -100485,62 +104108,26 @@ ], "type": "object" }, - "AWS::FSx::StorageVirtualMachine.ActiveDirectoryConfiguration": { - "additionalProperties": false, - "properties": { - "NetBiosName": { - "markdownDescription": "The NetBIOS name of the Active Directory computer object that will be created for your SVM.", - "title": "NetBiosName", - "type": "string" - }, - "SelfManagedActiveDirectoryConfiguration": { - "$ref": "#/definitions/AWS::FSx::StorageVirtualMachine.SelfManagedActiveDirectoryConfiguration", - "markdownDescription": "The configuration that Amazon FSx uses to join the ONTAP storage virtual machine (SVM) to your self-managed (including on-premises) Microsoft Active Directory directory.", - "title": "SelfManagedActiveDirectoryConfiguration" - } - }, - "type": "object" - }, - "AWS::FSx::StorageVirtualMachine.SelfManagedActiveDirectoryConfiguration": { + "AWS::ECR::RepositoryCreationTemplate.EncryptionConfiguration": { "additionalProperties": false, "properties": { - "DnsIps": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of up to three IP addresses of DNS servers or domain controllers in the self-managed AD directory.", - "title": "DnsIps", - "type": "array" - }, - "DomainName": { - "markdownDescription": "The fully qualified domain name of the self-managed AD directory, such as `corp.example.com` .", - "title": "DomainName", - "type": "string" - }, - "FileSystemAdministratorsGroup": { - "markdownDescription": "(Optional) The name of the domain group whose members are granted administrative privileges for the file system. Administrative privileges include taking ownership of files and folders, setting audit controls (audit ACLs) on files and folders, and administering the file system remotely by using the FSx Remote PowerShell. The group that you specify must already exist in your domain. If you don't provide one, your AD domain's Domain Admins group is used.", - "title": "FileSystemAdministratorsGroup", - "type": "string" - }, - "OrganizationalUnitDistinguishedName": { - "markdownDescription": "(Optional) The fully qualified distinguished name of the organizational unit within your self-managed AD directory. Amazon FSx only accepts OU as the direct parent of the file system. An example is `OU=FSx,DC=yourdomain,DC=corp,DC=com` . To learn more, see [RFC 2253](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc2253) . If none is provided, the FSx file system is created in the default location of your self-managed AD directory.\n\n> Only Organizational Unit (OU) objects can be the direct parent of the file system that you're creating.", - "title": "OrganizationalUnitDistinguishedName", - "type": "string" - }, - "Password": { - "markdownDescription": "The password for the service account on your self-managed AD domain that Amazon FSx will use to join to your AD domain.", - "title": "Password", + "EncryptionType": { + "markdownDescription": "The encryption type to use.\n\nIf you use the `KMS` encryption type, the contents of the repository will be encrypted using server-side encryption with AWS Key Management Service key stored in AWS KMS . When you use AWS KMS to encrypt your data, you can either use the default AWS managed AWS KMS key for Amazon ECR, or specify your own AWS KMS key, which you already created.\n\nIf you use the `KMS_DSSE` encryption type, the contents of the repository will be encrypted with two layers of encryption using server-side encryption with the AWS KMS Management Service key stored in AWS KMS . Similar to the `KMS` encryption type, you can either use the default AWS managed AWS KMS key for Amazon ECR, or specify your own AWS KMS key, which you've already created.\n\nIf you use the `AES256` encryption type, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts the images in the repository using an AES256 encryption algorithm.\n\nFor more information, see [Amazon ECR encryption at rest](https://docs.aws.amazon.com/AmazonECR/latest/userguide/encryption-at-rest.html) in the *Amazon Elastic Container Registry User Guide* .", + "title": "EncryptionType", "type": "string" }, - "UserName": { - "markdownDescription": "The user name for the service account on your self-managed AD domain that Amazon FSx will use to join to your AD domain. This account must have the permission to join computers to the domain in the organizational unit provided in `OrganizationalUnitDistinguishedName` , or in the default location of your AD domain.", - "title": "UserName", + "KmsKey": { + "markdownDescription": "If you use the `KMS` encryption type, specify the AWS KMS key to use for encryption. The alias, key ID, or full ARN of the AWS KMS key can be specified. The key must exist in the same Region as the repository. If no key is specified, the default AWS managed AWS KMS key for Amazon ECR will be used.", + "title": "KmsKey", "type": "string" } }, + "required": [ + "EncryptionType" + ], "type": "object" }, - "AWS::FSx::Volume": { + "AWS::ECS::CapacityProvider": { "additionalProperties": false, "properties": { "Condition": { @@ -100575,48 +104162,30 @@ "Properties": { "additionalProperties": false, "properties": { - "BackupId": { - "markdownDescription": "Specifies the ID of the volume backup to use to create a new volume.", - "title": "BackupId", - "type": "string" + "AutoScalingGroupProvider": { + "$ref": "#/definitions/AWS::ECS::CapacityProvider.AutoScalingGroupProvider", + "markdownDescription": "The Auto Scaling group settings for the capacity provider.", + "title": "AutoScalingGroupProvider" }, "Name": { - "markdownDescription": "The name of the volume.", + "markdownDescription": "The name of the capacity provider. If a name is specified, it cannot start with `aws` , `ecs` , or `fargate` . If no name is specified, a default name in the `CFNStackName-CFNResourceName-RandomString` format is used.", "title": "Name", "type": "string" }, - "OntapConfiguration": { - "$ref": "#/definitions/AWS::FSx::Volume.OntapConfiguration", - "markdownDescription": "The configuration of an Amazon FSx for NetApp ONTAP volume.", - "title": "OntapConfiguration" - }, - "OpenZFSConfiguration": { - "$ref": "#/definitions/AWS::FSx::Volume.OpenZFSConfiguration", - "markdownDescription": "The configuration of an Amazon FSx for OpenZFS volume.", - "title": "OpenZFSConfiguration" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "The metadata that you apply to the capacity provider to help you categorize and organize it. Each tag consists of a key and an optional value. You define both.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8\n- Maximum value length - 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", "title": "Tags", "type": "array" - }, - "VolumeType": { - "markdownDescription": "The type of the volume.", - "title": "VolumeType", - "type": "string" } }, - "required": [ - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::FSx::Volume" + "AWS::ECS::CapacityProvider" ], "type": "string" }, @@ -100629,384 +104198,72 @@ "type": "string" } }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::FSx::Volume.AggregateConfiguration": { - "additionalProperties": false, - "properties": { - "Aggregates": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of aggregates that this volume resides on. Aggregates are storage pools which make up your primary storage tier. Each high-availability (HA) pair has one aggregate. The names of the aggregates map to the names of the aggregates in the ONTAP CLI and REST API. For FlexVols, there will always be a single entry.\n\nAmazon FSx responds with an HTTP status code 400 (Bad Request) for the following conditions:\n\n- The strings in the value of `Aggregates` are not are not formatted as `aggrX` , where X is a number between 1 and 12.\n- The value of `Aggregates` contains aggregates that are not present.\n- One or more of the aggregates supplied are too close to the volume limit to support adding more volumes.", - "title": "Aggregates", - "type": "array" - }, - "ConstituentsPerAggregate": { - "markdownDescription": "Used to explicitly set the number of constituents within the FlexGroup per storage aggregate. This field is optional when creating a FlexGroup volume. If unspecified, the default value will be 8. This field cannot be provided when creating a FlexVol volume.", - "title": "ConstituentsPerAggregate", - "type": "number" - } - }, - "type": "object" - }, - "AWS::FSx::Volume.AutocommitPeriod": { - "additionalProperties": false, - "properties": { - "Type": { - "markdownDescription": "Defines the type of time for the autocommit period of a file in an FSx for ONTAP SnapLock volume. Setting this value to `NONE` disables autocommit. The default value is `NONE` .", - "title": "Type", - "type": "string" - }, - "Value": { - "markdownDescription": "Defines the amount of time for the autocommit period of a file in an FSx for ONTAP SnapLock volume. The following ranges are valid:\n\n- `Minutes` : 5 - 65,535\n- `Hours` : 1 - 65,535\n- `Days` : 1 - 3,650\n- `Months` : 1 - 120\n- `Years` : 1 - 10", - "title": "Value", - "type": "number" - } - }, "required": [ "Type" ], "type": "object" }, - "AWS::FSx::Volume.ClientConfigurations": { - "additionalProperties": false, - "properties": { - "Clients": { - "markdownDescription": "A value that specifies who can mount the file system. You can provide a wildcard character ( `*` ), an IP address ( `0.0.0.0` ), or a CIDR address ( `192.0.2.0/24` ). By default, Amazon FSx uses the wildcard character when specifying the client.", - "title": "Clients", - "type": "string" - }, - "Options": { - "items": { - "type": "string" - }, - "markdownDescription": "The options to use when mounting the file system. For a list of options that you can use with Network File System (NFS), see the [exports(5) - Linux man page](https://docs.aws.amazon.com/https://linux.die.net/man/5/exports) . When choosing your options, consider the following:\n\n- `crossmnt` is used by default. If you don't specify `crossmnt` when changing the client configuration, you won't be able to see or access snapshots in your file system's snapshot directory.\n- `sync` is used by default. If you instead specify `async` , the system acknowledges writes before writing to disk. If the system crashes before the writes are finished, you lose the unwritten data.", - "title": "Options", - "type": "array" - } - }, - "required": [ - "Clients", - "Options" - ], - "type": "object" - }, - "AWS::FSx::Volume.NfsExports": { - "additionalProperties": false, - "properties": { - "ClientConfigurations": { - "items": { - "$ref": "#/definitions/AWS::FSx::Volume.ClientConfigurations" - }, - "markdownDescription": "A list of configuration objects that contain the client and options for mounting the OpenZFS file system.", - "title": "ClientConfigurations", - "type": "array" - } - }, - "required": [ - "ClientConfigurations" - ], - "type": "object" - }, - "AWS::FSx::Volume.OntapConfiguration": { + "AWS::ECS::CapacityProvider.AutoScalingGroupProvider": { "additionalProperties": false, "properties": { - "AggregateConfiguration": { - "$ref": "#/definitions/AWS::FSx::Volume.AggregateConfiguration", - "markdownDescription": "Used to specify the configuration options for an FSx for ONTAP volume's storage aggregate or aggregates.", - "title": "AggregateConfiguration" - }, - "CopyTagsToBackups": { - "markdownDescription": "A boolean flag indicating whether tags for the volume should be copied to backups. This value defaults to false. If it's set to true, all tags for the volume are copied to all automatic and user-initiated backups where the user doesn't specify tags. If this value is true, and you specify one or more tags, only the specified tags are copied to backups. If you specify one or more tags when creating a user-initiated backup, no tags are copied from the volume, regardless of this value.", - "title": "CopyTagsToBackups", - "type": "string" - }, - "JunctionPath": { - "markdownDescription": "Specifies the location in the SVM's namespace where the volume is mounted. This parameter is required. The `JunctionPath` must have a leading forward slash, such as `/vol3` .", - "title": "JunctionPath", - "type": "string" - }, - "OntapVolumeType": { - "markdownDescription": "Specifies the type of volume you are creating. Valid values are the following:\n\n- `RW` specifies a read/write volume. `RW` is the default.\n- `DP` specifies a data-protection volume. A `DP` volume is read-only and can be used as the destination of a NetApp SnapMirror relationship.\n\nFor more information, see [Volume types](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-volumes.html#volume-types) in the Amazon FSx for NetApp ONTAP User Guide.", - "title": "OntapVolumeType", - "type": "string" - }, - "SecurityStyle": { - "markdownDescription": "Specifies the security style for the volume. If a volume's security style is not specified, it is automatically set to the root volume's security style. The security style determines the type of permissions that FSx for ONTAP uses to control data access. Specify one of the following values:\n\n- `UNIX` if the file system is managed by a UNIX administrator, the majority of users are NFS clients, and an application accessing the data uses a UNIX user as the service account.\n- `NTFS` if the file system is managed by a Windows administrator, the majority of users are SMB clients, and an application accessing the data uses a Windows user as the service account.\n- `MIXED` This is an advanced setting. For more information, see the topic [What the security styles and their effects are](https://docs.aws.amazon.com/https://docs.netapp.com/us-en/ontap/nfs-admin/security-styles-their-effects-concept.html) in the NetApp Documentation Center.\n\nFor more information, see [Volume security style](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-volumes.html#volume-security-style) in the FSx for ONTAP User Guide.", - "title": "SecurityStyle", - "type": "string" - }, - "SizeInBytes": { - "markdownDescription": "Specifies the configured size of the volume, in bytes.", - "title": "SizeInBytes", - "type": "string" - }, - "SizeInMegabytes": { - "markdownDescription": "Use `SizeInBytes` instead. Specifies the size of the volume, in megabytes (MB), that you are creating.", - "title": "SizeInMegabytes", - "type": "string" - }, - "SnaplockConfiguration": { - "$ref": "#/definitions/AWS::FSx::Volume.SnaplockConfiguration", - "markdownDescription": "The SnapLock configuration object for an FSx for ONTAP SnapLock volume.", - "title": "SnaplockConfiguration" - }, - "SnapshotPolicy": { - "markdownDescription": "Specifies the snapshot policy for the volume. There are three built-in snapshot policies:\n\n- `default` : This is the default policy. A maximum of six hourly snapshots taken five minutes past the hour. A maximum of two daily snapshots taken Monday through Saturday at 10 minutes after midnight. A maximum of two weekly snapshots taken every Sunday at 15 minutes after midnight.\n- `default-1weekly` : This policy is the same as the `default` policy except that it only retains one snapshot from the weekly schedule.\n- `none` : This policy does not take any snapshots. This policy can be assigned to volumes to prevent automatic snapshots from being taken.\n\nYou can also provide the name of a custom policy that you created with the ONTAP CLI or REST API.\n\nFor more information, see [Snapshot policies](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/snapshots-ontap.html#snapshot-policies) in the Amazon FSx for NetApp ONTAP User Guide.", - "title": "SnapshotPolicy", - "type": "string" - }, - "StorageEfficiencyEnabled": { - "markdownDescription": "Set to true to enable deduplication, compression, and compaction storage efficiency features on the volume, or set to false to disable them.\n\n`StorageEfficiencyEnabled` is required when creating a `RW` volume ( `OntapVolumeType` set to `RW` ).", - "title": "StorageEfficiencyEnabled", + "AutoScalingGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that identifies the Auto Scaling group, or the Auto Scaling group name.", + "title": "AutoScalingGroupArn", "type": "string" }, - "StorageVirtualMachineId": { - "markdownDescription": "Specifies the ONTAP SVM in which to create the volume.", - "title": "StorageVirtualMachineId", + "ManagedDraining": { + "markdownDescription": "The managed draining option for the Auto Scaling group capacity provider. When you enable this, Amazon ECS manages and gracefully drains the EC2 container instances that are in the Auto Scaling group capacity provider.", + "title": "ManagedDraining", "type": "string" }, - "TieringPolicy": { - "$ref": "#/definitions/AWS::FSx::Volume.TieringPolicy", - "markdownDescription": "Describes the data tiering policy for an ONTAP volume. When enabled, Amazon FSx for ONTAP's intelligent tiering automatically transitions a volume's data between the file system's primary storage and capacity pool storage based on your access patterns.\n\nValid tiering policies are the following:\n\n- `SNAPSHOT_ONLY` - (Default value) moves cold snapshots to the capacity pool storage tier.\n\n- `AUTO` - moves cold user data and snapshots to the capacity pool storage tier based on your access patterns.\n\n- `ALL` - moves all user data blocks in both the active file system and Snapshot copies to the storage pool tier.\n\n- `NONE` - keeps a volume's data in the primary storage tier, preventing it from being moved to the capacity pool tier.", - "title": "TieringPolicy" + "ManagedScaling": { + "$ref": "#/definitions/AWS::ECS::CapacityProvider.ManagedScaling", + "markdownDescription": "The managed scaling settings for the Auto Scaling group capacity provider.", + "title": "ManagedScaling" }, - "VolumeStyle": { - "markdownDescription": "Use to specify the style of an ONTAP volume. FSx for ONTAP offers two styles of volumes that you can use for different purposes, FlexVol and FlexGroup volumes. For more information, see [Volume styles](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-volumes.html#volume-styles) in the Amazon FSx for NetApp ONTAP User Guide.", - "title": "VolumeStyle", + "ManagedTerminationProtection": { + "markdownDescription": "The managed termination protection setting to use for the Auto Scaling group capacity provider. This determines whether the Auto Scaling group has managed termination protection. The default is off.\n\n> When using managed termination protection, managed scaling must also be used otherwise managed termination protection doesn't work. \n\nWhen managed termination protection is on, Amazon ECS prevents the Amazon EC2 instances in an Auto Scaling group that contain tasks from being terminated during a scale-in action. The Auto Scaling group and each instance in the Auto Scaling group must have instance protection from scale-in actions on as well. For more information, see [Instance Protection](https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-instance-termination.html#instance-protection) in the *AWS Auto Scaling User Guide* .\n\nWhen managed termination protection is off, your Amazon EC2 instances aren't protected from termination when the Auto Scaling group scales in.", + "title": "ManagedTerminationProtection", "type": "string" } }, "required": [ - "StorageVirtualMachineId" + "AutoScalingGroupArn" ], "type": "object" }, - "AWS::FSx::Volume.OpenZFSConfiguration": { + "AWS::ECS::CapacityProvider.ManagedScaling": { "additionalProperties": false, "properties": { - "CopyTagsToSnapshots": { - "markdownDescription": "A Boolean value indicating whether tags for the volume should be copied to snapshots. This value defaults to `false` . If this value is set to `true` , and you do not specify any tags, all tags for the original volume are copied over to snapshots. If this value is\u00a0set to `true` , and you do specify one or more tags, only the specified tags for the original volume are copied over to snapshots. If you specify one or more tags when creating a new snapshot, no tags are copied over from the original volume, regardless of this value.", - "title": "CopyTagsToSnapshots", - "type": "boolean" - }, - "DataCompressionType": { - "markdownDescription": "Specifies the method used to compress the data on the volume. The compression type is `NONE` by default.\n\n- `NONE` - Doesn't compress the data on the volume. `NONE` is the default.\n- `ZSTD` - Compresses the data in the volume using the Zstandard (ZSTD) compression algorithm. Compared to LZ4, Z-Standard provides a better compression ratio to minimize on-disk storage utilization.\n- `LZ4` - Compresses the data in the volume using the LZ4 compression algorithm. Compared to Z-Standard, LZ4 is less compute-intensive and delivers higher write throughput speeds.", - "title": "DataCompressionType", - "type": "string" - }, - "NfsExports": { - "items": { - "$ref": "#/definitions/AWS::FSx::Volume.NfsExports" - }, - "markdownDescription": "The configuration object for mounting a Network File System (NFS) file system.", - "title": "NfsExports", - "type": "array" - }, - "Options": { - "items": { - "type": "string" - }, - "markdownDescription": "To delete the volume's child volumes, snapshots, and clones, use the string `DELETE_CHILD_VOLUMES_AND_SNAPSHOTS` .", - "title": "Options", - "type": "array" - }, - "OriginSnapshot": { - "$ref": "#/definitions/AWS::FSx::Volume.OriginSnapshot", - "markdownDescription": "The configuration object that specifies the snapshot to use as the origin of the data for the volume.", - "title": "OriginSnapshot" - }, - "ParentVolumeId": { - "markdownDescription": "The ID of the volume to use as the parent volume of the volume that you are creating.", - "title": "ParentVolumeId", - "type": "string" - }, - "ReadOnly": { - "markdownDescription": "A Boolean value indicating whether the volume is read-only.", - "title": "ReadOnly", - "type": "boolean" - }, - "RecordSizeKiB": { - "markdownDescription": "Specifies the suggested block size for a volume in a ZFS dataset, in kibibytes (KiB). For file systems using the Intelligent-Tiering storage class, valid values are 128, 256, 512, 1024, 2048, or 4096 KiB, with a default of 1024 KiB. For all other file systems, valid values are 4, 8, 16, 32, 64, 128, 256, 512, or 1024 KiB, with a default of 128 KiB. We recommend using the default setting for the majority of use cases. Generally, workloads that write in fixed small or large record sizes may benefit from setting a custom record size, like database workloads (small record size) or media streaming workloads (large record size). For additional guidance on when to set a custom record size, see [ZFS Record size](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/performance.html#record-size-performance) in the *Amazon FSx for OpenZFS User Guide* .", - "title": "RecordSizeKiB", - "type": "number" - }, - "StorageCapacityQuotaGiB": { - "markdownDescription": "Sets the maximum storage size in gibibytes (GiB) for the volume. You can specify a quota that is larger than the storage on the parent volume. A volume quota limits the amount of storage that the volume can consume to the configured amount, but does not guarantee the space will be available on the parent volume. To guarantee quota space, you must also set `StorageCapacityReservationGiB` . To *not* specify a storage capacity quota, set this to `-1` .\n\nFor more information, see [Volume properties](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/managing-volumes.html#volume-properties) in the *Amazon FSx for OpenZFS User Guide* .", - "title": "StorageCapacityQuotaGiB", - "type": "number" - }, - "StorageCapacityReservationGiB": { - "markdownDescription": "Specifies the amount of storage in gibibytes (GiB) to reserve from the parent volume. Setting `StorageCapacityReservationGiB` guarantees that the specified amount of storage space on the parent volume will always be available for the volume. You can't reserve more storage than the parent volume has. To *not* specify a storage capacity reservation, set this to `0` or `-1` . For more information, see [Volume properties](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/managing-volumes.html#volume-properties) in the *Amazon FSx for OpenZFS User Guide* .", - "title": "StorageCapacityReservationGiB", + "InstanceWarmupPeriod": { + "markdownDescription": "The period of time, in seconds, after a newly launched Amazon EC2 instance can contribute to CloudWatch metrics for Auto Scaling group. If this parameter is omitted, the default value of `300` seconds is used.", + "title": "InstanceWarmupPeriod", "type": "number" }, - "UserAndGroupQuotas": { - "items": { - "$ref": "#/definitions/AWS::FSx::Volume.UserAndGroupQuotas" - }, - "markdownDescription": "Configures how much storage users and groups can use on the volume.", - "title": "UserAndGroupQuotas", - "type": "array" - } - }, - "required": [ - "ParentVolumeId" - ], - "type": "object" - }, - "AWS::FSx::Volume.OriginSnapshot": { - "additionalProperties": false, - "properties": { - "CopyStrategy": { - "markdownDescription": "Specifies the strategy used when copying data from the snapshot to the new volume.\n\n- `CLONE` - The new volume references the data in the origin snapshot. Cloning a snapshot is faster than copying data from the snapshot to a new volume and doesn't consume disk throughput. However, the origin snapshot can't be deleted if there is a volume using its copied data.\n- `FULL_COPY` - Copies all data from the snapshot to the new volume.\n\nSpecify this option to create the volume from a snapshot on another FSx for OpenZFS file system.\n\n> The `INCREMENTAL_COPY` option is only for updating an existing volume by using a snapshot from another FSx for OpenZFS file system. For more information, see [CopySnapshotAndUpdateVolume](https://docs.aws.amazon.com/fsx/latest/APIReference/API_CopySnapshotAndUpdateVolume.html) .", - "title": "CopyStrategy", - "type": "string" - }, - "SnapshotARN": { - "markdownDescription": "Specifies the snapshot to use when creating an OpenZFS volume from a snapshot.", - "title": "SnapshotARN", - "type": "string" - } - }, - "required": [ - "CopyStrategy", - "SnapshotARN" - ], - "type": "object" - }, - "AWS::FSx::Volume.RetentionPeriod": { - "additionalProperties": false, - "properties": { - "Type": { - "markdownDescription": "Defines the type of time for the retention period of an FSx for ONTAP SnapLock volume. Set it to one of the valid types. If you set it to `INFINITE` , the files are retained forever. If you set it to `UNSPECIFIED` , the files are retained until you set an explicit retention period.", - "title": "Type", - "type": "string" - }, - "Value": { - "markdownDescription": "Defines the amount of time for the retention period of an FSx for ONTAP SnapLock volume. You can't set a value for `INFINITE` or `UNSPECIFIED` . For all other options, the following ranges are valid:\n\n- `Seconds` : 0 - 65,535\n- `Minutes` : 0 - 65,535\n- `Hours` : 0 - 24\n- `Days` : 0 - 365\n- `Months` : 0 - 12\n- `Years` : 0 - 100", - "title": "Value", + "MaximumScalingStepSize": { + "markdownDescription": "The maximum number of Amazon EC2 instances that Amazon ECS will scale out at one time. If this parameter is omitted, the default value of `10000` is used.", + "title": "MaximumScalingStepSize", "type": "number" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::FSx::Volume.SnaplockConfiguration": { - "additionalProperties": false, - "properties": { - "AuditLogVolume": { - "markdownDescription": "Enables or disables the audit log volume for an FSx for ONTAP SnapLock volume. The default value is `false` . If you set `AuditLogVolume` to `true` , the SnapLock volume is created as an audit log volume. The minimum retention period for an audit log volume is six months.\n\nFor more information, see [SnapLock audit log volumes](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/how-snaplock-works.html#snaplock-audit-log-volume) .", - "title": "AuditLogVolume", - "type": "string" - }, - "AutocommitPeriod": { - "$ref": "#/definitions/AWS::FSx::Volume.AutocommitPeriod", - "markdownDescription": "The configuration object for setting the autocommit period of files in an FSx for ONTAP SnapLock volume.", - "title": "AutocommitPeriod" - }, - "PrivilegedDelete": { - "markdownDescription": "Enables, disables, or permanently disables privileged delete on an FSx for ONTAP SnapLock Enterprise volume. Enabling privileged delete allows SnapLock administrators to delete write once, read many (WORM) files even if they have active retention periods. `PERMANENTLY_DISABLED` is a terminal state. If privileged delete is permanently disabled on a SnapLock volume, you can't re-enable it. The default value is `DISABLED` .\n\nFor more information, see [Privileged delete](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/snaplock-enterprise.html#privileged-delete) .", - "title": "PrivilegedDelete", - "type": "string" - }, - "RetentionPeriod": { - "$ref": "#/definitions/AWS::FSx::Volume.SnaplockRetentionPeriod", - "markdownDescription": "Specifies the retention period of an FSx for ONTAP SnapLock volume.", - "title": "RetentionPeriod" - }, - "SnaplockType": { - "markdownDescription": "Specifies the retention mode of an FSx for ONTAP SnapLock volume. After it is set, it can't be changed. You can choose one of the following retention modes:\n\n- `COMPLIANCE` : Files transitioned to write once, read many (WORM) on a Compliance volume can't be deleted until their retention periods expire. This retention mode is used to address government or industry-specific mandates or to protect against ransomware attacks. For more information, see [SnapLock Compliance](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/snaplock-compliance.html) .\n- `ENTERPRISE` : Files transitioned to WORM on an Enterprise volume can be deleted by authorized users before their retention periods expire using privileged delete. This retention mode is used to advance an organization's data integrity and internal compliance or to test retention settings before using SnapLock Compliance. For more information, see [SnapLock Enterprise](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/snaplock-enterprise.html) .", - "title": "SnaplockType", - "type": "string" - }, - "VolumeAppendModeEnabled": { - "markdownDescription": "Enables or disables volume-append mode on an FSx for ONTAP SnapLock volume. Volume-append mode allows you to create WORM-appendable files and write data to them incrementally. The default value is `false` .\n\nFor more information, see [Volume-append mode](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/worm-state.html#worm-state-append) .", - "title": "VolumeAppendModeEnabled", - "type": "string" - } - }, - "required": [ - "SnaplockType" - ], - "type": "object" - }, - "AWS::FSx::Volume.SnaplockRetentionPeriod": { - "additionalProperties": false, - "properties": { - "DefaultRetention": { - "$ref": "#/definitions/AWS::FSx::Volume.RetentionPeriod", - "markdownDescription": "The retention period assigned to a write once, read many (WORM) file by default if an explicit retention period is not set for an FSx for ONTAP SnapLock volume. The default retention period must be greater than or equal to the minimum retention period and less than or equal to the maximum retention period.", - "title": "DefaultRetention" - }, - "MaximumRetention": { - "$ref": "#/definitions/AWS::FSx::Volume.RetentionPeriod", - "markdownDescription": "The longest retention period that can be assigned to a WORM file on an FSx for ONTAP SnapLock volume.", - "title": "MaximumRetention" }, - "MinimumRetention": { - "$ref": "#/definitions/AWS::FSx::Volume.RetentionPeriod", - "markdownDescription": "The shortest retention period that can be assigned to a WORM file on an FSx for ONTAP SnapLock volume.", - "title": "MinimumRetention" - } - }, - "required": [ - "DefaultRetention", - "MaximumRetention", - "MinimumRetention" - ], - "type": "object" - }, - "AWS::FSx::Volume.TieringPolicy": { - "additionalProperties": false, - "properties": { - "CoolingPeriod": { - "markdownDescription": "Specifies the number of days that user data in a volume must remain inactive before it is considered \"cold\" and moved to the capacity pool. Used with the `AUTO` and `SNAPSHOT_ONLY` tiering policies. Enter a whole number between 2 and 183. Default values are 31 days for `AUTO` and 2 days for `SNAPSHOT_ONLY` .", - "title": "CoolingPeriod", + "MinimumScalingStepSize": { + "markdownDescription": "The minimum number of Amazon EC2 instances that Amazon ECS will scale out at one time. The scale in process is not affected by this parameter If this parameter is omitted, the default value of `1` is used.\n\nWhen additional capacity is required, Amazon ECS will scale up the minimum scaling step size even if the actual demand is less than the minimum scaling step size.\n\nIf you use a capacity provider with an Auto Scaling group configured with more than one Amazon EC2 instance type or Availability Zone, Amazon ECS will scale up by the exact minimum scaling step size value and will ignore both the maximum scaling step size as well as the capacity demand.", + "title": "MinimumScalingStepSize", "type": "number" }, - "Name": { - "markdownDescription": "Specifies the tiering policy used to transition data. Default value is `SNAPSHOT_ONLY` .\n\n- `SNAPSHOT_ONLY` - moves cold snapshots to the capacity pool storage tier.\n- `AUTO` - moves cold user data and snapshots to the capacity pool storage tier based on your access patterns.\n- `ALL` - moves all user data blocks in both the active file system and Snapshot copies to the storage pool tier.\n- `NONE` - keeps a volume's data in the primary storage tier, preventing it from being moved to the capacity pool tier.", - "title": "Name", + "Status": { + "markdownDescription": "Determines whether to use managed scaling for the capacity provider.", + "title": "Status", "type": "string" - } - }, - "type": "object" - }, - "AWS::FSx::Volume.UserAndGroupQuotas": { - "additionalProperties": false, - "properties": { - "Id": { - "markdownDescription": "The ID of the user or group that the quota applies to.", - "title": "Id", - "type": "number" }, - "StorageCapacityQuotaGiB": { - "markdownDescription": "The user or group's storage quota, in gibibytes (GiB).", - "title": "StorageCapacityQuotaGiB", + "TargetCapacity": { + "markdownDescription": "The target capacity utilization as a percentage for the capacity provider. The specified value must be greater than `0` and less than or equal to `100` . For example, if you want the capacity provider to maintain 10% spare capacity, then that means the utilization is 90%, so use a `targetCapacity` of `90` . The default value of `100` percent results in the Amazon EC2 instances in your Auto Scaling group being completely used.", + "title": "TargetCapacity", "type": "number" - }, - "Type": { - "markdownDescription": "Specifies whether the quota applies to a user or group.", - "title": "Type", - "type": "string" } }, - "required": [ - "Id", - "StorageCapacityQuotaGiB", - "Type" - ], "type": "object" }, - "AWS::FinSpace::Environment": { + "AWS::ECS::Cluster": { "additionalProperties": false, "properties": { "Condition": { @@ -101041,53 +104298,59 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the FinSpace environment.", - "title": "Description", - "type": "string" + "CapacityProviders": { + "items": { + "type": "string" + }, + "markdownDescription": "The short name of one or more capacity providers to associate with the cluster. A capacity provider must be associated with a cluster before it can be included as part of the default capacity provider strategy of the cluster or used in a capacity provider strategy when calling the [CreateService](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_CreateService.html) or [RunTask](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RunTask.html) actions.\n\nIf specifying a capacity provider that uses an Auto Scaling group, the capacity provider must be created but not associated with another cluster. New Auto Scaling group capacity providers can be created with the [CreateCapacityProvider](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_CreateCapacityProvider.html) API operation.\n\nTo use a AWS Fargate capacity provider, specify either the `FARGATE` or `FARGATE_SPOT` capacity providers. The AWS Fargate capacity providers are available to all accounts and only need to be associated with a cluster to be used.\n\nThe [PutCapacityProvider](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutCapacityProvider.html) API operation is used to update the list of available capacity providers for a cluster after the cluster is created.", + "title": "CapacityProviders", + "type": "array" }, - "FederationMode": { - "markdownDescription": "The authentication mode for the environment.", - "title": "FederationMode", + "ClusterName": { + "markdownDescription": "A user-generated string that you use to identify your cluster. If you don't specify a name, AWS CloudFormation generates a unique physical ID for the name.", + "title": "ClusterName", "type": "string" }, - "FederationParameters": { - "$ref": "#/definitions/AWS::FinSpace::Environment.FederationParameters", - "markdownDescription": "Configuration information when authentication mode is FEDERATED.", - "title": "FederationParameters" + "ClusterSettings": { + "items": { + "$ref": "#/definitions/AWS::ECS::Cluster.ClusterSettings" + }, + "markdownDescription": "The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights with enhanced observability or CloudWatch Container Insights for a cluster.\n\nContainer Insights with enhanced observability provides all the Container Insights metrics, plus additional task and container metrics. This version supports enhanced observability for Amazon ECS clusters using the Amazon EC2 and Fargate launch types. After you configure Container Insights with enhanced observability on Amazon ECS, Container Insights auto-collects detailed infrastructure telemetry from the cluster level down to the container level in your environment and displays these critical performance data in curated dashboards removing the heavy lifting in observability set-up.\n\nFor more information, see [Monitor Amazon ECS containers using Container Insights with enhanced observability](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cloudwatch-container-insights.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "ClusterSettings", + "type": "array" }, - "KmsKeyId": { - "markdownDescription": "The KMS key id used to encrypt in the FinSpace environment.", - "title": "KmsKeyId", - "type": "string" + "Configuration": { + "$ref": "#/definitions/AWS::ECS::Cluster.ClusterConfiguration", + "markdownDescription": "The execute command and managed storage configuration for the cluster.", + "title": "Configuration" }, - "Name": { - "markdownDescription": "The name of the FinSpace environment.", - "title": "Name", - "type": "string" + "DefaultCapacityProviderStrategy": { + "items": { + "$ref": "#/definitions/AWS::ECS::Cluster.CapacityProviderStrategyItem" + }, + "markdownDescription": "The default capacity provider strategy for the cluster. When services or tasks are run in the cluster with no launch type or capacity provider strategy specified, the default capacity provider strategy is used.", + "title": "DefaultCapacityProviderStrategy", + "type": "array" }, - "SuperuserParameters": { - "$ref": "#/definitions/AWS::FinSpace::Environment.SuperuserParameters", - "markdownDescription": "Configuration information for the superuser.", - "title": "SuperuserParameters" + "ServiceConnectDefaults": { + "$ref": "#/definitions/AWS::ECS::Cluster.ServiceConnectDefaults", + "markdownDescription": "Use this parameter to set a default Service Connect namespace. After you set a default Service Connect namespace, any new services with Service Connect turned on that are created in the cluster are added as client services in the namespace. This setting only applies to new services that set the `enabled` parameter to `true` in the `ServiceConnectConfiguration` . You can set the namespace of each service individually in the `ServiceConnectConfiguration` to override this default parameter.\n\nTasks that run in a namespace can use short names to connect to services in the namespace. Tasks can connect to services across all of the clusters in the namespace. Tasks connect through a managed proxy container that collects logs and metrics for increased visibility. Only the tasks that Amazon ECS services create are supported with Service Connect. For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "ServiceConnectDefaults" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "", + "markdownDescription": "The metadata that you apply to the cluster to help you categorize and organize them. Each tag consists of a key and an optional value. You define both.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8\n- Maximum value length - 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", "title": "Tags", "type": "array" } }, - "required": [ - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::FinSpace::Environment" + "AWS::ECS::Cluster" ], "type": "string" }, @@ -101101,88 +104364,143 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::FinSpace::Environment.AttributeMapItems": { + "AWS::ECS::Cluster.CapacityProviderStrategyItem": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "", - "title": "Key", + "Base": { + "markdownDescription": "The *base* value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a *base* defined. If no value is specified, the default value of `0` is used.", + "title": "Base", + "type": "number" + }, + "CapacityProvider": { + "markdownDescription": "The short name of the capacity provider.", + "title": "CapacityProvider", + "type": "string" + }, + "Weight": { + "markdownDescription": "The *weight* value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The `weight` value is taken into consideration after the `base` value, if defined, is satisfied.\n\nIf no `weight` value is specified, the default value of `0` is used. When multiple capacity providers are specified within a capacity provider strategy, at least one of the capacity providers must have a weight value greater than zero and any capacity providers with a weight of `0` can't be used to place tasks. If you specify multiple capacity providers in a strategy that all have a weight of `0` , any `RunTask` or `CreateService` actions using the capacity provider strategy will fail.\n\nAn example scenario for using weights is defining a strategy that contains two capacity providers and both have a weight of `1` , then when the `base` is satisfied, the tasks will be split evenly across the two capacity providers. Using that same logic, if you specify a weight of `1` for *capacityProviderA* and a weight of `4` for *capacityProviderB* , then for every one task that's run using *capacityProviderA* , four tasks would use *capacityProviderB* .", + "title": "Weight", + "type": "number" + } + }, + "type": "object" + }, + "AWS::ECS::Cluster.ClusterConfiguration": { + "additionalProperties": false, + "properties": { + "ExecuteCommandConfiguration": { + "$ref": "#/definitions/AWS::ECS::Cluster.ExecuteCommandConfiguration", + "markdownDescription": "The details of the execute command configuration.", + "title": "ExecuteCommandConfiguration" + }, + "ManagedStorageConfiguration": { + "$ref": "#/definitions/AWS::ECS::Cluster.ManagedStorageConfiguration", + "markdownDescription": "The details of the managed storage configuration.", + "title": "ManagedStorageConfiguration" + } + }, + "type": "object" + }, + "AWS::ECS::Cluster.ClusterSettings": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the cluster setting. The value is `containerInsights` .", + "title": "Name", "type": "string" }, "Value": { - "markdownDescription": "", + "markdownDescription": "The value to set for the cluster setting. The supported values are `enhanced` , `enabled` , and `disabled` .\n\nTo use Container Insights with enhanced observability, set the `containerInsights` account setting to `enhanced` .\n\nTo use Container Insights, set the `containerInsights` account setting to `enabled` .\n\nIf a cluster value is specified, it will override the `containerInsights` value set with [PutAccountSetting](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSetting.html) or [PutAccountSettingDefault](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSettingDefault.html) .", "title": "Value", "type": "string" } }, "type": "object" }, - "AWS::FinSpace::Environment.FederationParameters": { + "AWS::ECS::Cluster.ExecuteCommandConfiguration": { "additionalProperties": false, "properties": { - "ApplicationCallBackURL": { - "markdownDescription": "The redirect or sign-in URL that should be entered into the SAML 2.0 compliant identity provider configuration (IdP).", - "title": "ApplicationCallBackURL", + "KmsKeyId": { + "markdownDescription": "Specify an AWS Key Management Service key ID to encrypt the data between the local client and the container.", + "title": "KmsKeyId", "type": "string" }, - "AttributeMap": { - "items": { - "$ref": "#/definitions/AWS::FinSpace::Environment.AttributeMapItems" - }, - "markdownDescription": "SAML attribute name and value. The name must always be `Email` and the value should be set to the attribute definition in which user email is set. For example, name would be `Email` and value `http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress` . Please check your SAML 2.0 compliant identity provider (IdP) documentation for details.", - "title": "AttributeMap", - "type": "array" + "LogConfiguration": { + "$ref": "#/definitions/AWS::ECS::Cluster.ExecuteCommandLogConfiguration", + "markdownDescription": "The log configuration for the results of the execute command actions. The logs can be sent to CloudWatch Logs or an Amazon S3 bucket. When `logging=OVERRIDE` is specified, a `logConfiguration` must be provided.", + "title": "LogConfiguration" }, - "FederationProviderName": { - "markdownDescription": "Name of the identity provider (IdP).", - "title": "FederationProviderName", + "Logging": { + "markdownDescription": "The log setting to use for redirecting logs for your execute command results. The following log settings are available.\n\n- `NONE` : The execute command session is not logged.\n- `DEFAULT` : The `awslogs` configuration in the task definition is used. If no logging parameter is specified, it defaults to this value. If no `awslogs` log driver is configured in the task definition, the output won't be logged.\n- `OVERRIDE` : Specify the logging details as a part of `logConfiguration` . If the `OVERRIDE` logging option is specified, the `logConfiguration` is required.", + "title": "Logging", "type": "string" + } + }, + "type": "object" + }, + "AWS::ECS::Cluster.ExecuteCommandLogConfiguration": { + "additionalProperties": false, + "properties": { + "CloudWatchEncryptionEnabled": { + "markdownDescription": "Determines whether to use encryption on the CloudWatch logs. If not specified, encryption will be off.", + "title": "CloudWatchEncryptionEnabled", + "type": "boolean" }, - "FederationURN": { - "markdownDescription": "The Uniform Resource Name (URN). Also referred as Service Provider URN or Audience URI or Service Provider Entity ID.", - "title": "FederationURN", + "CloudWatchLogGroupName": { + "markdownDescription": "The name of the CloudWatch log group to send logs to.\n\n> The CloudWatch log group must already be created.", + "title": "CloudWatchLogGroupName", "type": "string" }, - "SamlMetadataDocument": { - "markdownDescription": "SAML 2.0 Metadata document from identity provider (IdP).", - "title": "SamlMetadataDocument", + "S3BucketName": { + "markdownDescription": "The name of the S3 bucket to send logs to.\n\n> The S3 bucket must already be created.", + "title": "S3BucketName", "type": "string" }, - "SamlMetadataURL": { - "markdownDescription": "Provide the metadata URL from your SAML 2.0 compliant identity provider (IdP).", - "title": "SamlMetadataURL", + "S3EncryptionEnabled": { + "markdownDescription": "Determines whether to use encryption on the S3 logs. If not specified, encryption is not used.", + "title": "S3EncryptionEnabled", + "type": "boolean" + }, + "S3KeyPrefix": { + "markdownDescription": "An optional folder in the S3 bucket to place logs in.", + "title": "S3KeyPrefix", "type": "string" } }, "type": "object" }, - "AWS::FinSpace::Environment.SuperuserParameters": { + "AWS::ECS::Cluster.ManagedStorageConfiguration": { "additionalProperties": false, "properties": { - "EmailAddress": { - "markdownDescription": "The email address of the superuser.", - "title": "EmailAddress", + "FargateEphemeralStorageKmsKeyId": { + "markdownDescription": "Specify the AWS Key Management Service key ID for Fargate ephemeral storage.\n\nWhen you specify a `fargateEphemeralStorageKmsKeyId` , AWS Fargate uses the key to encrypt data at rest in ephemeral storage. For more information about Fargate ephemeral storage encryption, see [Customer managed keys for AWS Fargate ephemeral storage for Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/fargate-storage-encryption.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nThe key must be a single Region key.", + "title": "FargateEphemeralStorageKmsKeyId", "type": "string" }, - "FirstName": { - "markdownDescription": "The first name of the superuser.", - "title": "FirstName", + "KmsKeyId": { + "markdownDescription": "Specify a AWS Key Management Service key ID to encrypt Amazon ECS managed storage.\n\nWhen you specify a `kmsKeyId` , Amazon ECS uses the key to encrypt data volumes managed by Amazon ECS that are attached to tasks in the cluster. The following data volumes are managed by Amazon ECS: Amazon EBS. For more information about encryption of Amazon EBS volumes attached to Amazon ECS tasks, see [Encrypt data stored in Amazon EBS volumes for Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ebs-kms-encryption.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nThe key must be a single Region key.", + "title": "KmsKeyId", "type": "string" - }, - "LastName": { - "markdownDescription": "The last name of the superuser.", - "title": "LastName", + } + }, + "type": "object" + }, + "AWS::ECS::Cluster.ServiceConnectDefaults": { + "additionalProperties": false, + "properties": { + "Namespace": { + "markdownDescription": "The namespace name or full Amazon Resource Name (ARN) of the AWS Cloud Map namespace that's used when you create a service and don't specify a Service Connect configuration. The namespace name can include up to 1024 characters. The name is case-sensitive. The name can't include greater than (>), less than (<), double quotation marks (\"), or slash (/).\n\nIf you enter an existing namespace name or ARN, then that namespace will be used. Any namespace type is supported. The namespace must be in this account and this AWS Region.\n\nIf you enter a new name, a AWS Cloud Map namespace will be created. Amazon ECS creates a AWS Cloud Map namespace with the \"API calls\" method of instance discovery only. This instance discovery method is the \"HTTP\" namespace type in the AWS Command Line Interface . Other types of instance discovery aren't used by Service Connect.\n\nIf you update the cluster with an empty string `\"\"` for the namespace name, the cluster configuration for Service Connect is removed. Note that the namespace will remain in AWS Cloud Map and must be deleted separately.\n\nFor more information about AWS Cloud Map , see [Working with Services](https://docs.aws.amazon.com/cloud-map/latest/dg/working-with-services.html) in the *AWS Cloud Map Developer Guide* .", + "title": "Namespace", "type": "string" } }, "type": "object" }, - "AWS::Forecast::Dataset": { + "AWS::ECS::ClusterCapacityProviderAssociations": { "additionalProperties": false, "properties": { "Condition": { @@ -101217,56 +104535,38 @@ "Properties": { "additionalProperties": false, "properties": { - "DataFrequency": { - "markdownDescription": "The frequency of data collection. This parameter is required for RELATED_TIME_SERIES datasets.\n\nValid intervals are an integer followed by Y (Year), M (Month), W (Week), D (Day), H (Hour), and min (Minute). For example, \"1D\" indicates every day and \"15min\" indicates every 15 minutes. You cannot specify a value that would overlap with the next larger frequency. That means, for example, you cannot specify a frequency of 60 minutes, because that is equivalent to 1 hour. The valid values for each frequency are the following:\n\n- Minute - 1-59\n- Hour - 1-23\n- Day - 1-6\n- Week - 1-4\n- Month - 1-11\n- Year - 1\n\nThus, if you want every other week forecasts, specify \"2W\". Or, if you want quarterly forecasts, you specify \"3M\".", - "title": "DataFrequency", - "type": "string" - }, - "DatasetName": { - "markdownDescription": "The name of the dataset.", - "title": "DatasetName", - "type": "string" - }, - "DatasetType": { - "markdownDescription": "The dataset type.", - "title": "DatasetType", - "type": "string" + "CapacityProviders": { + "items": { + "type": "string" + }, + "markdownDescription": "The capacity providers to associate with the cluster.", + "title": "CapacityProviders", + "type": "array" }, - "Domain": { - "markdownDescription": "The domain associated with the dataset.", - "title": "Domain", + "Cluster": { + "markdownDescription": "The cluster the capacity provider association is the target of.", + "title": "Cluster", "type": "string" }, - "EncryptionConfig": { - "$ref": "#/definitions/AWS::Forecast::Dataset.EncryptionConfig", - "markdownDescription": "A Key Management Service (KMS) key and the Identity and Access Management (IAM) role that Amazon Forecast can assume to access the key.", - "title": "EncryptionConfig" - }, - "Schema": { - "$ref": "#/definitions/AWS::Forecast::Dataset.Schema", - "markdownDescription": "The schema for the dataset. The schema attributes and their order must match the fields in your data. The dataset `Domain` and `DatasetType` that you choose determine the minimum required fields in your training data. For information about the required fields for a specific dataset domain and type, see [Dataset Domains and Dataset Types](https://docs.aws.amazon.com/forecast/latest/dg/howitworks-domains-ds-types.html) .", - "title": "Schema" - }, - "Tags": { + "DefaultCapacityProviderStrategy": { "items": { - "$ref": "#/definitions/AWS::Forecast::Dataset.TagsItems" + "$ref": "#/definitions/AWS::ECS::ClusterCapacityProviderAssociations.CapacityProviderStrategy" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", + "markdownDescription": "The default capacity provider strategy to associate with the cluster.", + "title": "DefaultCapacityProviderStrategy", "type": "array" } }, "required": [ - "DatasetName", - "DatasetType", - "Domain", - "Schema" + "CapacityProviders", + "Cluster", + "DefaultCapacityProviderStrategy" ], "type": "object" }, "Type": { "enum": [ - "AWS::Forecast::Dataset" + "AWS::ECS::ClusterCapacityProviderAssociations" ], "type": "string" }, @@ -101285,73 +104585,31 @@ ], "type": "object" }, - "AWS::Forecast::Dataset.AttributesItems": { - "additionalProperties": false, - "properties": { - "AttributeName": { - "markdownDescription": "", - "title": "AttributeName", - "type": "string" - }, - "AttributeType": { - "markdownDescription": "", - "title": "AttributeType", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Forecast::Dataset.EncryptionConfig": { + "AWS::ECS::ClusterCapacityProviderAssociations.CapacityProviderStrategy": { "additionalProperties": false, "properties": { - "KmsKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key.", - "title": "KmsKeyArn", - "type": "string" + "Base": { + "markdownDescription": "The *base* value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a *base* defined. If no value is specified, the default value of `0` is used.", + "title": "Base", + "type": "number" }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role that Amazon Forecast can assume to access the AWS KMS key.\n\nPassing a role across AWS accounts is not allowed. If you pass a role that isn't in your account, you get an `InvalidInputException` error.", - "title": "RoleArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Forecast::Dataset.Schema": { - "additionalProperties": false, - "properties": { - "Attributes": { - "items": { - "$ref": "#/definitions/AWS::Forecast::Dataset.AttributesItems" - }, - "markdownDescription": "An array of attributes specifying the name and type of each field in a dataset.", - "title": "Attributes", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Forecast::Dataset.TagsItems": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "", - "title": "Key", + "CapacityProvider": { + "markdownDescription": "The short name of the capacity provider.", + "title": "CapacityProvider", "type": "string" }, - "Value": { - "markdownDescription": "", - "title": "Value", - "type": "string" + "Weight": { + "markdownDescription": "The *weight* value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The `weight` value is taken into consideration after the `base` value, if defined, is satisfied.\n\nIf no `weight` value is specified, the default value of `0` is used. When multiple capacity providers are specified within a capacity provider strategy, at least one of the capacity providers must have a weight value greater than zero and any capacity providers with a weight of `0` can't be used to place tasks. If you specify multiple capacity providers in a strategy that all have a weight of `0` , any `RunTask` or `CreateService` actions using the capacity provider strategy will fail.\n\nAn example scenario for using weights is defining a strategy that contains two capacity providers and both have a weight of `1` , then when the `base` is satisfied, the tasks will be split evenly across the two capacity providers. Using that same logic, if you specify a weight of `1` for *capacityProviderA* and a weight of `4` for *capacityProviderB* , then for every one task that's run using *capacityProviderA* , four tasks would use *capacityProviderB* .", + "title": "Weight", + "type": "number" } }, "required": [ - "Key", - "Value" + "CapacityProvider" ], "type": "object" }, - "AWS::Forecast::DatasetGroup": { + "AWS::ECS::PrimaryTaskSet": { "additionalProperties": false, "properties": { "Condition": { @@ -101386,42 +104644,32 @@ "Properties": { "additionalProperties": false, "properties": { - "DatasetArns": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of Amazon Resource Names (ARNs) of the datasets that you want to include in the dataset group.", - "title": "DatasetArns", - "type": "array" - }, - "DatasetGroupName": { - "markdownDescription": "The name of the dataset group.", - "title": "DatasetGroupName", + "Cluster": { + "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the cluster that hosts the service that the task set exists in.", + "title": "Cluster", "type": "string" }, - "Domain": { - "markdownDescription": "The domain associated with the dataset group. When you add a dataset to a dataset group, this value and the value specified for the `Domain` parameter of the [CreateDataset](https://docs.aws.amazon.com/forecast/latest/dg/API_CreateDataset.html) operation must match.\n\nThe `Domain` and `DatasetType` that you choose determine the fields that must be present in training data that you import to a dataset. For example, if you choose the `RETAIL` domain and `TARGET_TIME_SERIES` as the `DatasetType` , Amazon Forecast requires that `item_id` , `timestamp` , and `demand` fields are present in your data. For more information, see [Dataset groups](https://docs.aws.amazon.com/forecast/latest/dg/howitworks-datasets-groups.html) .", - "title": "Domain", + "Service": { + "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the service that the task set exists in.", + "title": "Service", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" + "TaskSetId": { + "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the task set to set as the primary task set in the deployment.", + "title": "TaskSetId", + "type": "string" } }, "required": [ - "DatasetGroupName", - "Domain" + "Cluster", + "Service", + "TaskSetId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Forecast::DatasetGroup" + "AWS::ECS::PrimaryTaskSet" ], "type": "string" }, @@ -101440,7 +104688,7 @@ ], "type": "object" }, - "AWS::FraudDetector::Detector": { + "AWS::ECS::Service": { "additionalProperties": false, "properties": { "Condition": { @@ -101475,66 +104723,161 @@ "Properties": { "additionalProperties": false, "properties": { - "AssociatedModels": { + "AvailabilityZoneRebalancing": { + "markdownDescription": "Indicates whether to use Availability Zone rebalancing for the service.\n\nFor more information, see [Balancing an Amazon ECS service across Availability Zones](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-rebalancing.html) in the **Amazon Elastic Container Service Developer Guide** .", + "title": "AvailabilityZoneRebalancing", + "type": "string" + }, + "CapacityProviderStrategy": { "items": { - "$ref": "#/definitions/AWS::FraudDetector::Detector.Model" + "$ref": "#/definitions/AWS::ECS::Service.CapacityProviderStrategyItem" }, - "markdownDescription": "The models to associate with this detector. You must provide the ARNs of all the models you want to associate.", - "title": "AssociatedModels", + "markdownDescription": "The capacity provider strategy to use for the service.\n\nIf a `capacityProviderStrategy` is specified, the `launchType` parameter must be omitted. If no `capacityProviderStrategy` or `launchType` is specified, the `defaultCapacityProviderStrategy` for the cluster is used.\n\nA capacity provider strategy can contain a maximum of 20 capacity providers.\n\n> To remove this property from your service resource, specify an empty `CapacityProviderStrategyItem` array.", + "title": "CapacityProviderStrategy", "type": "array" }, - "Description": { - "markdownDescription": "The detector description.", - "title": "Description", + "Cluster": { + "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the cluster that you run your service on. If you do not specify a cluster, the default cluster is assumed.", + "title": "Cluster", "type": "string" }, - "DetectorId": { - "markdownDescription": "The name of the detector.", - "title": "DetectorId", + "DeploymentConfiguration": { + "$ref": "#/definitions/AWS::ECS::Service.DeploymentConfiguration", + "markdownDescription": "Optional deployment parameters that control how many tasks run during the deployment and the ordering of stopping and starting tasks.", + "title": "DeploymentConfiguration" + }, + "DeploymentController": { + "$ref": "#/definitions/AWS::ECS::Service.DeploymentController", + "markdownDescription": "The deployment controller to use for the service.", + "title": "DeploymentController" + }, + "DesiredCount": { + "markdownDescription": "The number of instantiations of the specified task definition to place and keep running in your service.\n\nFor new services, if a desired count is not specified, a default value of `1` is used. When using the `DAEMON` scheduling strategy, the desired count is not required.\n\nFor existing services, if a desired count is not specified, it is omitted from the operation.", + "title": "DesiredCount", + "type": "number" + }, + "EnableECSManagedTags": { + "markdownDescription": "Specifies whether to turn on Amazon ECS managed tags for the tasks within the service. For more information, see [Tagging your Amazon ECS resources](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-using-tags.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nWhen you use Amazon ECS managed tags, you must set the `propagateTags` request parameter.", + "title": "EnableECSManagedTags", + "type": "boolean" + }, + "EnableExecuteCommand": { + "markdownDescription": "Determines whether the execute command functionality is turned on for the service. If `true` , the execute command functionality is turned on for all containers in tasks as part of the service.", + "title": "EnableExecuteCommand", + "type": "boolean" + }, + "HealthCheckGracePeriodSeconds": { + "markdownDescription": "The period of time, in seconds, that the Amazon ECS service scheduler ignores unhealthy Elastic Load Balancing, VPC Lattice, and container health checks after a task has first started. If you don't specify a health check grace period value, the default value of `0` is used. If you don't use any of the health checks, then `healthCheckGracePeriodSeconds` is unused.\n\nIf your service's tasks take a while to start and respond to health checks, you can specify a health check grace period of up to 2,147,483,647 seconds (about 69 years). During that time, the Amazon ECS service scheduler ignores health check status. This grace period can prevent the service scheduler from marking tasks as unhealthy and stopping them before they have time to come up.", + "title": "HealthCheckGracePeriodSeconds", + "type": "number" + }, + "LaunchType": { + "markdownDescription": "The launch type on which to run your service. For more information, see [Amazon ECS Launch Types](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/launch_types.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "LaunchType", "type": "string" }, - "DetectorVersionStatus": { - "markdownDescription": "The status of the detector version. If a value is not provided for this property, AWS CloudFormation assumes `DRAFT` status.\n\nValid values: `ACTIVE | DRAFT`", - "title": "DetectorVersionStatus", + "LoadBalancers": { + "items": { + "$ref": "#/definitions/AWS::ECS::Service.LoadBalancer" + }, + "markdownDescription": "A list of load balancer objects to associate with the service. If you specify the `Role` property, `LoadBalancers` must be specified as well. For information about the number of load balancers that you can specify per service, see [Service Load Balancing](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-load-balancing.html) in the *Amazon Elastic Container Service Developer Guide* .\n\n> To remove this property from your service resource, specify an empty `LoadBalancer` array.", + "title": "LoadBalancers", + "type": "array" + }, + "NetworkConfiguration": { + "$ref": "#/definitions/AWS::ECS::Service.NetworkConfiguration", + "markdownDescription": "The network configuration for the service. This parameter is required for task definitions that use the `awsvpc` network mode to receive their own elastic network interface, and it is not supported for other network modes. For more information, see [Task Networking](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-networking.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "NetworkConfiguration" + }, + "PlacementConstraints": { + "items": { + "$ref": "#/definitions/AWS::ECS::Service.PlacementConstraint" + }, + "markdownDescription": "An array of placement constraint objects to use for tasks in your service. You can specify a maximum of 10 constraints for each task. This limit includes constraints in the task definition and those specified at runtime.\n\n> To remove this property from your service resource, specify an empty `PlacementConstraint` array.", + "title": "PlacementConstraints", + "type": "array" + }, + "PlacementStrategies": { + "items": { + "$ref": "#/definitions/AWS::ECS::Service.PlacementStrategy" + }, + "markdownDescription": "The placement strategy objects to use for tasks in your service. You can specify a maximum of 5 strategy rules for each service.\n\n> To remove this property from your service resource, specify an empty `PlacementStrategy` array.", + "title": "PlacementStrategies", + "type": "array" + }, + "PlatformVersion": { + "markdownDescription": "The platform version that your tasks in the service are running on. A platform version is specified only for tasks using the Fargate launch type. If one isn't specified, the `LATEST` platform version is used. For more information, see [AWS Fargate platform versions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "PlatformVersion", "type": "string" }, - "EventType": { - "$ref": "#/definitions/AWS::FraudDetector::Detector.EventType", - "markdownDescription": "The event type associated with this detector.", - "title": "EventType" + "PropagateTags": { + "markdownDescription": "Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags aren't propagated. Tags can only be propagated to the task during task creation. To add tags to a task after task creation, use the [TagResource](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_TagResource.html) API action.\n\nYou must set this to a value other than `NONE` when you use Cost Explorer. For more information, see [Amazon ECS usage reports](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/usage-reports.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nThe default is `NONE` .", + "title": "PropagateTags", + "type": "string" }, - "RuleExecutionMode": { - "markdownDescription": "The rule execution mode for the rules included in the detector version.\n\nValid values: `FIRST_MATCHED | ALL_MATCHED` Default value: `FIRST_MATCHED`\n\nYou can define and edit the rule mode at the detector version level, when it is in draft status.\n\nIf you specify `FIRST_MATCHED` , Amazon Fraud Detector evaluates rules sequentially, first to last, stopping at the first matched rule. Amazon Fraud dectector then provides the outcomes for that single rule.\n\nIf you specifiy `ALL_MATCHED` , Amazon Fraud Detector evaluates all rules and returns the outcomes for all matched rules.", - "title": "RuleExecutionMode", + "Role": { + "markdownDescription": "The name or full Amazon Resource Name (ARN) of the IAM role that allows Amazon ECS to make calls to your load balancer on your behalf. This parameter is only permitted if you are using a load balancer with your service and your task definition doesn't use the `awsvpc` network mode. If you specify the `role` parameter, you must also specify a load balancer object with the `loadBalancers` parameter.\n\n> If your account has already created the Amazon ECS service-linked role, that role is used for your service unless you specify a role here. The service-linked role is required if your task definition uses the `awsvpc` network mode or if the service is configured to use service discovery, an external deployment controller, multiple target groups, or Elastic Inference accelerators in which case you don't specify a role here. For more information, see [Using service-linked roles for Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using-service-linked-roles.html) in the *Amazon Elastic Container Service Developer Guide* . \n\nIf your specified role has a path other than `/` , then you must either specify the full role ARN (this is recommended) or prefix the role name with the path. For example, if a role with the name `bar` has a path of `/foo/` then you would specify `/foo/bar` as the role name. For more information, see [Friendly names and paths](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-friendly-names) in the *IAM User Guide* .", + "title": "Role", "type": "string" }, - "Rules": { + "SchedulingStrategy": { + "markdownDescription": "The scheduling strategy to use for the service. For more information, see [Services](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs_services.html) .\n\nThere are two service scheduler strategies available:\n\n- `REPLICA` -The replica scheduling strategy places and maintains the desired number of tasks across your cluster. By default, the service scheduler spreads tasks across Availability Zones. You can use task placement strategies and constraints to customize task placement decisions. This scheduler strategy is required if the service uses the `CODE_DEPLOY` or `EXTERNAL` deployment controller types.\n- `DAEMON` -The daemon scheduling strategy deploys exactly one task on each active container instance that meets all of the task placement constraints that you specify in your cluster. The service scheduler also evaluates the task placement constraints for running tasks and will stop tasks that don't meet the placement constraints. When you're using this strategy, you don't need to specify a desired number of tasks, a task placement strategy, or use Service Auto Scaling policies.\n\n> Tasks using the Fargate launch type or the `CODE_DEPLOY` or `EXTERNAL` deployment controller types don't support the `DAEMON` scheduling strategy.", + "title": "SchedulingStrategy", + "type": "string" + }, + "ServiceConnectConfiguration": { + "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectConfiguration", + "markdownDescription": "The configuration for this service to discover and connect to services, and be discovered by, and connected from, other services within a namespace.\n\nTasks that run in a namespace can use short names to connect to services in the namespace. Tasks can connect to services across all of the clusters in the namespace. Tasks connect through a managed proxy container that collects logs and metrics for increased visibility. Only the tasks that Amazon ECS services create are supported with Service Connect. For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "ServiceConnectConfiguration" + }, + "ServiceName": { + "markdownDescription": "The name of your service. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed. Service names must be unique within a cluster, but you can have similarly named services in multiple clusters within a Region or across multiple Regions.\n\n> The stack update fails if you change any properties that require replacement and the `ServiceName` is configured. This is because AWS CloudFormation creates the replacement service first, but each `ServiceName` must be unique in the cluster.", + "title": "ServiceName", + "type": "string" + }, + "ServiceRegistries": { "items": { - "$ref": "#/definitions/AWS::FraudDetector::Detector.Rule" + "$ref": "#/definitions/AWS::ECS::Service.ServiceRegistry" }, - "markdownDescription": "The rules to include in the detector version.", - "title": "Rules", + "markdownDescription": "The details of the service discovery registry to associate with this service. For more information, see [Service discovery](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-discovery.html) .\n\n> Each service may be associated with one service registry. Multiple service registries for each service isn't supported. > To remove this property from your service resource, specify an empty `ServiceRegistry` array.", + "title": "ServiceRegistries", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "The metadata that you apply to the service to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define. When a service is deleted, the tags are deleted as well.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8\n- Maximum value length - 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", "title": "Tags", "type": "array" + }, + "TaskDefinition": { + "markdownDescription": "The `family` and `revision` ( `family:revision` ) or full ARN of the task definition to run in your service. If a `revision` isn't specified, the latest `ACTIVE` revision is used.\n\nA task definition must be specified if the service uses either the `ECS` or `CODE_DEPLOY` deployment controllers.\n\nFor more information about deployment types, see [Amazon ECS deployment types](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-types.html) .", + "title": "TaskDefinition", + "type": "string" + }, + "VolumeConfigurations": { + "items": { + "$ref": "#/definitions/AWS::ECS::Service.ServiceVolumeConfiguration" + }, + "markdownDescription": "The configuration for a volume specified in the task definition as a volume that is configured at launch time. Currently, the only supported volume type is an Amazon EBS volume.\n\n> To remove this property from your service resource, specify an empty `ServiceVolumeConfiguration` array.", + "title": "VolumeConfigurations", + "type": "array" + }, + "VpcLatticeConfigurations": { + "items": { + "$ref": "#/definitions/AWS::ECS::Service.VpcLatticeConfiguration" + }, + "markdownDescription": "The VPC Lattice configuration for the service being created.", + "title": "VpcLatticeConfigurations", + "type": "array" } }, - "required": [ - "DetectorId", - "EventType", - "Rules" - ], "type": "object" }, "Type": { "enum": [ - "AWS::FraudDetector::Detector" + "AWS::ECS::Service" ], "type": "string" }, @@ -101548,434 +104891,712 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::FraudDetector::Detector.EntityType": { + "AWS::ECS::Service.AdvancedConfiguration": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The entity type ARN.", - "title": "Arn", + "AlternateTargetGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the alternate target group for Amazon ECS blue/green deployments.", + "title": "AlternateTargetGroupArn", "type": "string" }, - "CreatedTime": { - "markdownDescription": "Timestamp of when the entity type was created.", - "title": "CreatedTime", + "ProductionListenerRule": { + "markdownDescription": "The Amazon Resource Name (ARN) that that identifies the production listener rule (in the case of an Application Load Balancer) or listener (in the case for an Network Load Balancer) for routing production traffic.", + "title": "ProductionListenerRule", "type": "string" }, - "Description": { - "markdownDescription": "The entity type description.", - "title": "Description", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that grants Amazon ECS permission to call the Elastic Load Balancing APIs for you.", + "title": "RoleArn", "type": "string" }, - "Inline": { - "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these Variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables.", - "title": "Inline", - "type": "boolean" - }, - "LastUpdatedTime": { - "markdownDescription": "Timestamp of when the entity type was last updated.", - "title": "LastUpdatedTime", + "TestListenerRule": { + "markdownDescription": "The Amazon Resource Name (ARN) that identifies ) that identifies the test listener rule (in the case of an Application Load Balancer) or listener (in the case for an Network Load Balancer) for routing test traffic.", + "title": "TestListenerRule", "type": "string" - }, - "Name": { - "markdownDescription": "The entity type name.", - "title": "Name", + } + }, + "required": [ + "AlternateTargetGroupArn" + ], + "type": "object" + }, + "AWS::ECS::Service.AwsVpcConfiguration": { + "additionalProperties": false, + "properties": { + "AssignPublicIp": { + "markdownDescription": "Whether the task's elastic network interface receives a public IP address.\n\nConsider the following when you set this value:\n\n- When you use `create-service` or `update-service` , the default is `DISABLED` .\n- When the service `deploymentController` is `ECS` , the value must be `DISABLED` .", + "title": "AssignPublicIp", "type": "string" }, - "Tags": { + "SecurityGroups": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", + "markdownDescription": "The IDs of the security groups associated with the task or service. If you don't specify a security group, the default security group for the VPC is used. There's a limit of 5 security groups that can be specified.\n\n> All specified security groups must be from the same VPC.", + "title": "SecurityGroups", + "type": "array" + }, + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the subnets associated with the task or service. There's a limit of 16 subnets that can be specified.\n\n> All specified subnets must be from the same VPC.", + "title": "Subnets", "type": "array" } }, "type": "object" }, - "AWS::FraudDetector::Detector.EventType": { + "AWS::ECS::Service.CapacityProviderStrategyItem": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The entity type ARN.", - "title": "Arn", - "type": "string" - }, - "CreatedTime": { - "markdownDescription": "Timestamp of when the event type was created.", - "title": "CreatedTime", - "type": "string" + "Base": { + "markdownDescription": "The *base* value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a *base* defined. If no value is specified, the default value of `0` is used.", + "title": "Base", + "type": "number" }, - "Description": { - "markdownDescription": "The event type description.", - "title": "Description", + "CapacityProvider": { + "markdownDescription": "The short name of the capacity provider.", + "title": "CapacityProvider", "type": "string" }, - "EntityTypes": { + "Weight": { + "markdownDescription": "The *weight* value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The `weight` value is taken into consideration after the `base` value, if defined, is satisfied.\n\nIf no `weight` value is specified, the default value of `0` is used. When multiple capacity providers are specified within a capacity provider strategy, at least one of the capacity providers must have a weight value greater than zero and any capacity providers with a weight of `0` can't be used to place tasks. If you specify multiple capacity providers in a strategy that all have a weight of `0` , any `RunTask` or `CreateService` actions using the capacity provider strategy will fail.\n\nAn example scenario for using weights is defining a strategy that contains two capacity providers and both have a weight of `1` , then when the `base` is satisfied, the tasks will be split evenly across the two capacity providers. Using that same logic, if you specify a weight of `1` for *capacityProviderA* and a weight of `4` for *capacityProviderB* , then for every one task that's run using *capacityProviderA* , four tasks would use *capacityProviderB* .", + "title": "Weight", + "type": "number" + } + }, + "type": "object" + }, + "AWS::ECS::Service.DeploymentAlarms": { + "additionalProperties": false, + "properties": { + "AlarmNames": { "items": { - "$ref": "#/definitions/AWS::FraudDetector::Detector.EntityType" + "type": "string" }, - "markdownDescription": "The event type entity types.", - "title": "EntityTypes", + "markdownDescription": "One or more CloudWatch alarm names. Use a \",\" to separate the alarms.", + "title": "AlarmNames", "type": "array" }, - "EventVariables": { + "Enable": { + "markdownDescription": "Determines whether to use the CloudWatch alarm option in the service deployment process.", + "title": "Enable", + "type": "boolean" + }, + "Rollback": { + "markdownDescription": "Determines whether to configure Amazon ECS to roll back the service if a service deployment fails. If rollback is used, when a service deployment fails, the service is rolled back to the last deployment that completed successfully.", + "title": "Rollback", + "type": "boolean" + } + }, + "required": [ + "AlarmNames", + "Enable", + "Rollback" + ], + "type": "object" + }, + "AWS::ECS::Service.DeploymentCircuitBreaker": { + "additionalProperties": false, + "properties": { + "Enable": { + "markdownDescription": "Determines whether to use the deployment circuit breaker logic for the service.", + "title": "Enable", + "type": "boolean" + }, + "Rollback": { + "markdownDescription": "Determines whether to configure Amazon ECS to roll back the service if a service deployment fails. If rollback is on, when a service deployment fails, the service is rolled back to the last deployment that completed successfully.", + "title": "Rollback", + "type": "boolean" + } + }, + "required": [ + "Enable", + "Rollback" + ], + "type": "object" + }, + "AWS::ECS::Service.DeploymentConfiguration": { + "additionalProperties": false, + "properties": { + "Alarms": { + "$ref": "#/definitions/AWS::ECS::Service.DeploymentAlarms", + "markdownDescription": "Information about the CloudWatch alarms.", + "title": "Alarms" + }, + "BakeTimeInMinutes": { + "markdownDescription": "The duration when both blue and green service revisions are running simultaneously after the production traffic has shifted.\n\nThe following rules apply when you don't specify a value:\n\n- For rolling deployments, the value is set to 3 hours (180 minutes).\n- When you use an external deployment controller ( `EXTERNAL` ), or the CodeDeploy blue/green deployment controller ( `CODE_DEPLOY` ), the value is set to 3 hours (180 minutes).\n- For all other cases, the value is set to 36 hours (2160 minutes).", + "title": "BakeTimeInMinutes", + "type": "number" + }, + "DeploymentCircuitBreaker": { + "$ref": "#/definitions/AWS::ECS::Service.DeploymentCircuitBreaker", + "markdownDescription": "> The deployment circuit breaker can only be used for services using the rolling update ( `ECS` ) deployment type. \n\nThe *deployment circuit breaker* determines whether a service deployment will fail if the service can't reach a steady state. If you use the deployment circuit breaker, a service deployment will transition to a failed state and stop launching new tasks. If you use the rollback option, when a service deployment fails, the service is rolled back to the last deployment that completed successfully. For more information, see [Rolling update](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-type-ecs.html) in the *Amazon Elastic Container Service Developer Guide*", + "title": "DeploymentCircuitBreaker" + }, + "LifecycleHooks": { "items": { - "$ref": "#/definitions/AWS::FraudDetector::Detector.EventVariable" + "$ref": "#/definitions/AWS::ECS::Service.DeploymentLifecycleHook" }, - "markdownDescription": "The event type event variables.", - "title": "EventVariables", + "markdownDescription": "An array of deployment lifecycle hook objects to run custom logic at specific stages of the deployment lifecycle.", + "title": "LifecycleHooks", "type": "array" }, - "Inline": { - "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the Variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables.", - "title": "Inline", - "type": "boolean" + "MaximumPercent": { + "markdownDescription": "If a service is using the rolling update ( `ECS` ) deployment type, the `maximumPercent` parameter represents an upper limit on the number of your service's tasks that are allowed in the `RUNNING` or `PENDING` state during a deployment, as a percentage of the `desiredCount` (rounded down to the nearest integer). This parameter enables you to define the deployment batch size. For example, if your service is using the `REPLICA` service scheduler and has a `desiredCount` of four tasks and a `maximumPercent` value of 200%, the scheduler may start four new tasks before stopping the four older tasks (provided that the cluster resources required to do this are available). The default `maximumPercent` value for a service using the `REPLICA` service scheduler is 200%.\n\nThe Amazon ECS scheduler uses this parameter to replace unhealthy tasks by starting replacement tasks first and then stopping the unhealthy tasks, as long as cluster resources for starting replacement tasks are available. For more information about how the scheduler replaces unhealthy tasks, see [Amazon ECS services](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs_services.html) .\n\nIf a service is using either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types, and tasks in the service use the EC2 launch type, the *maximum percent* value is set to the default value. The *maximum percent* value is used to define the upper limit on the number of the tasks in the service that remain in the `RUNNING` state while the container instances are in the `DRAINING` state.\n\n> You can't specify a custom `maximumPercent` value for a service that uses either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types and has tasks that use the EC2 launch type. \n\nIf the service uses either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types, and the tasks in the service use the Fargate launch type, the maximum percent value is not used. The value is still returned when describing your service.", + "title": "MaximumPercent", + "type": "number" }, - "Labels": { + "MinimumHealthyPercent": { + "markdownDescription": "If a service is using the rolling update ( `ECS` ) deployment type, the `minimumHealthyPercent` represents a lower limit on the number of your service's tasks that must remain in the `RUNNING` state during a deployment, as a percentage of the `desiredCount` (rounded up to the nearest integer). This parameter enables you to deploy without using additional cluster capacity. For example, if your service has a `desiredCount` of four tasks and a `minimumHealthyPercent` of 50%, the service scheduler may stop two existing tasks to free up cluster capacity before starting two new tasks.\n\nIf any tasks are unhealthy and if `maximumPercent` doesn't allow the Amazon ECS scheduler to start replacement tasks, the scheduler stops the unhealthy tasks one-by-one \u2014 using the `minimumHealthyPercent` as a constraint \u2014 to clear up capacity to launch replacement tasks. For more information about how the scheduler replaces unhealthy tasks, see [Amazon ECS services](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs_services.html) .\n\nFor services that *do not* use a load balancer, the following should be noted:\n\n- A service is considered healthy if all essential containers within the tasks in the service pass their health checks.\n- If a task has no essential containers with a health check defined, the service scheduler will wait for 40 seconds after a task reaches a `RUNNING` state before the task is counted towards the minimum healthy percent total.\n- If a task has one or more essential containers with a health check defined, the service scheduler will wait for the task to reach a healthy status before counting it towards the minimum healthy percent total. A task is considered healthy when all essential containers within the task have passed their health checks. The amount of time the service scheduler can wait for is determined by the container health check settings.\n\nFor services that *do* use a load balancer, the following should be noted:\n\n- If a task has no essential containers with a health check defined, the service scheduler will wait for the load balancer target group health check to return a healthy status before counting the task towards the minimum healthy percent total.\n- If a task has an essential container with a health check defined, the service scheduler will wait for both the task to reach a healthy status and the load balancer target group health check to return a healthy status before counting the task towards the minimum healthy percent total.\n\nThe default value for a replica service for `minimumHealthyPercent` is 100%. The default `minimumHealthyPercent` value for a service using the `DAEMON` service schedule is 0% for the AWS CLI , the AWS SDKs, and the APIs and 50% for the AWS Management Console.\n\nThe minimum number of healthy tasks during a deployment is the `desiredCount` multiplied by the `minimumHealthyPercent` /100, rounded up to the nearest integer value.\n\nIf a service is using either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types and is running tasks that use the EC2 launch type, the *minimum healthy percent* value is set to the default value. The *minimum healthy percent* value is used to define the lower limit on the number of the tasks in the service that remain in the `RUNNING` state while the container instances are in the `DRAINING` state.\n\n> You can't specify a custom `minimumHealthyPercent` value for a service that uses either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types and has tasks that use the EC2 launch type. \n\nIf a service is using either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types and is running tasks that use the Fargate launch type, the minimum healthy percent value is not used, although it is returned when describing your service.", + "title": "MinimumHealthyPercent", + "type": "number" + }, + "Strategy": { + "markdownDescription": "The deployment strategy for the service. Choose from these valid values:\n\n- `ROLLING` - When you create a service which uses the rolling update ( `ROLLING` ) deployment strategy, the Amazon ECS service scheduler replaces the currently running tasks with new tasks. The number of tasks that Amazon ECS adds or removes from the service during a rolling update is controlled by the service deployment configuration.\n- `BLUE_GREEN` - A blue/green deployment strategy ( `BLUE_GREEN` ) is a release methodology that reduces downtime and risk by running two identical production environments called blue and green. With Amazon ECS blue/green deployments, you can validate new service revisions before directing production traffic to them. This approach provides a safer way to deploy changes with the ability to quickly roll back if needed.", + "title": "Strategy", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ECS::Service.DeploymentController": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "The deployment controller type to use.\n\nThe deployment controller is the mechanism that determines how tasks are deployed for your service. The valid options are:\n\n- ECS\n\nWhen you create a service which uses the `ECS` deployment controller, you can choose between the following deployment strategies:\n\n- `ROLLING` : When you create a service which uses the *rolling update* ( `ROLLING` ) deployment strategy, the Amazon ECS service scheduler replaces the currently running tasks with new tasks. The number of tasks that Amazon ECS adds or removes from the service during a rolling update is controlled by the service deployment configuration.\n\nRolling update deployments are best suited for the following scenarios:\n\n- Gradual service updates: You need to update your service incrementally without taking the entire service offline at once.\n- Limited resource requirements: You want to avoid the additional resource costs of running two complete environments simultaneously (as required by blue/green deployments).\n- Acceptable deployment time: Your application can tolerate a longer deployment process, as rolling updates replace tasks one by one.\n- No need for instant roll back: Your service can tolerate a rollback process that takes minutes rather than seconds.\n- Simple deployment process: You prefer a straightforward deployment approach without the complexity of managing multiple environments, target groups, and listeners.\n- No load balancer requirement: Your service doesn't use or require a load balancer, Application Load Balancer , Network Load Balancer , or Service Connect (which are required for blue/green deployments).\n- Stateful applications: Your application maintains state that makes it difficult to run two parallel environments.\n- Cost sensitivity: You want to minimize deployment costs by not running duplicate environments during deployment.\n\nRolling updates are the default deployment strategy for services and provide a balance between deployment safety and resource efficiency for many common application scenarios.\n- `BLUE_GREEN` : A *blue/green* deployment strategy ( `BLUE_GREEN` ) is a release methodology that reduces downtime and risk by running two identical production environments called blue and green. With Amazon ECS blue/green deployments, you can validate new service revisions before directing production traffic to them. This approach provides a safer way to deploy changes with the ability to quickly roll back if needed.\n\nAmazon ECS blue/green deployments are best suited for the following scenarios:\n\n- Service validation: When you need to validate new service revisions before directing production traffic to them\n- Zero downtime: When your service requires zero-downtime deployments\n- Instant roll back: When you need the ability to quickly roll back if issues are detected\n- Load balancer requirement: When your service uses Application Load Balancer , Network Load Balancer , or Service Connect\n- External\n\nUse a third-party deployment controller.\n- Blue/green deployment (powered by CodeDeploy )\n\nCodeDeploy installs an updated version of the application as a new replacement task set and reroutes production traffic from the original application task set to the replacement task set. The original task set is terminated after a successful deployment. Use this deployment controller to verify a new deployment of a service before sending production traffic to it.\n\nWhen updating the deployment controller for a service, consider the following depending on the type of migration you're performing.\n\n- If you have a template that contains the `EXTERNAL` deployment controller information as well as `TaskSet` and `PrimaryTaskSet` resources, and you remove the task set resources from the template when updating from `EXTERNAL` to `ECS` , the `DescribeTaskSet` and `DeleteTaskSet` API calls will return a 400 error after the deployment controller is updated to `ECS` . This results in a delete failure on the task set resources, even though the stack transitions to `UPDATE_COMPLETE` status. For more information, see [Resource removed from stack but not deleted](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/troubleshooting.html#troubleshooting-errors-resource-removed-not-deleted) in the AWS CloudFormation User Guide. To fix this issue, delete the task sets directly using the Amazon ECS `DeleteTaskSet` API. For more information about how to delete a task set, see [DeleteTaskSet](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DeleteTaskSet.html) in the Amazon Elastic Container Service API Reference.\n- If you're migrating from `CODE_DEPLOY` to `ECS` with a new task definition and AWS CloudFormation performs a rollback operation, the Amazon ECS `UpdateService` request fails with the following error:\n\nResource handler returned message: \"Invalid request provided: Unable to update task definition on services with a CODE_DEPLOY deployment controller.\n- After a successful migration from `ECS` to `EXTERNAL` deployment controller, you need to manually remove the `ACTIVE` task set, because Amazon ECS no longer manages the deployment. For information about how to delete a task set, see [DeleteTaskSet](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DeleteTaskSet.html) in the Amazon Elastic Container Service API Reference.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ECS::Service.DeploymentLifecycleHook": { + "additionalProperties": false, + "properties": { + "HookTargetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the hook target. Currently, only Lambda function ARNs are supported.\n\nYou must provide this parameter when configuring a deployment lifecycle hook.", + "title": "HookTargetArn", + "type": "string" + }, + "LifecycleStages": { "items": { - "$ref": "#/definitions/AWS::FraudDetector::Detector.Label" + "type": "string" }, - "markdownDescription": "The event type labels.", - "title": "Labels", + "markdownDescription": "The lifecycle stages at which to run the hook. Choose from these valid values:\n\n- RECONCILE_SERVICE\n\nThe reconciliation stage that only happens when you start a new service deployment with more than 1 service revision in an ACTIVE state.\n\nYou can use a lifecycle hook for this stage.\n- PRE_SCALE_UP\n\nThe green service revision has not started. The blue service revision is handling 100% of the production traffic. There is no test traffic.\n\nYou can use a lifecycle hook for this stage.\n- POST_SCALE_UP\n\nThe green service revision has started. The blue service revision is handling 100% of the production traffic. There is no test traffic.\n\nYou can use a lifecycle hook for this stage.\n- TEST_TRAFFIC_SHIFT\n\nThe blue and green service revisions are running. The blue service revision handles 100% of the production traffic. The green service revision is migrating from 0% to 100% of test traffic.\n\nYou can use a lifecycle hook for this stage.\n- POST_TEST_TRAFFIC_SHIFT\n\nThe test traffic shift is complete. The green service revision handles 100% of the test traffic.\n\nYou can use a lifecycle hook for this stage.\n- PRODUCTION_TRAFFIC_SHIFT\n\nProduction traffic is shifting to the green service revision. The green service revision is migrating from 0% to 100% of production traffic.\n\nYou can use a lifecycle hook for this stage.\n- POST_PRODUCTION_TRAFFIC_SHIFT\n\nThe production traffic shift is complete.\n\nYou can use a lifecycle hook for this stage.\n\nYou must provide this parameter when configuring a deployment lifecycle hook.", + "title": "LifecycleStages", "type": "array" }, - "LastUpdatedTime": { - "markdownDescription": "Timestamp of when the event type was last updated.", - "title": "LastUpdatedTime", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that grants Amazon ECS permission to call Lambda functions on your behalf.\n\nFor more information, see [Permissions required for Lambda functions in Amazon ECS blue/green deployments](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/blue-green-permissions.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "HookTargetArn", + "LifecycleStages", + "RoleArn" + ], + "type": "object" + }, + "AWS::ECS::Service.EBSTagSpecification": { + "additionalProperties": false, + "properties": { + "PropagateTags": { + "markdownDescription": "Determines whether to propagate the tags from the task definition to the Amazon EBS volume. Tags can only propagate to a `SERVICE` specified in `ServiceVolumeConfiguration` . If no value is specified, the tags aren't propagated.", + "title": "PropagateTags", "type": "string" }, - "Name": { - "markdownDescription": "The event type name.", - "title": "Name", + "ResourceType": { + "markdownDescription": "The type of volume resource.", + "title": "ResourceType", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "The tags applied to this Amazon EBS volume. `AmazonECSCreated` and `AmazonECSManaged` are reserved tags that can't be used.", "title": "Tags", "type": "array" } }, + "required": [ + "ResourceType" + ], "type": "object" }, - "AWS::FraudDetector::Detector.EventVariable": { + "AWS::ECS::Service.LoadBalancer": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The event variable ARN.", - "title": "Arn", - "type": "string" - }, - "CreatedTime": { - "markdownDescription": "Timestamp for when the event variable was created.", - "title": "CreatedTime", - "type": "string" + "AdvancedConfiguration": { + "$ref": "#/definitions/AWS::ECS::Service.AdvancedConfiguration", + "markdownDescription": "The advanced settings for the load balancer used in blue/green deployments. Specify the alternate target group, listener rules, and IAM role required for traffic shifting during blue/green deployments.", + "title": "AdvancedConfiguration" }, - "DataSource": { - "markdownDescription": "The data source of the event variable.\n\nValid values: `EVENT | EXTERNAL_MODEL_SCORE`\n\nWhen defining a variable within a detector, you can only use the `EVENT` value for DataSource when the *Inline* property is set to true. If the *Inline* property is set false, you can use either `EVENT` or `MODEL_SCORE` for DataSource.", - "title": "DataSource", + "ContainerName": { + "markdownDescription": "The name of the container (as it appears in a container definition) to associate with the load balancer.\n\nYou need to specify the container name when configuring the target group for an Amazon ECS load balancer.", + "title": "ContainerName", "type": "string" }, - "DataType": { - "markdownDescription": "The data type of the event variable.\n\nValid values: `STRING | INTEGER | BOOLEAN | FLOAT`", - "title": "DataType", - "type": "string" + "ContainerPort": { + "markdownDescription": "The port on the container to associate with the load balancer. This port must correspond to a `containerPort` in the task definition the tasks in the service are using. For tasks that use the EC2 launch type, the container instance they're launched on must allow ingress traffic on the `hostPort` of the port mapping.", + "title": "ContainerPort", + "type": "number" }, - "DefaultValue": { - "markdownDescription": "The default value of the event variable. This is required if you are providing the details of your variables instead of the ARN.", - "title": "DefaultValue", + "LoadBalancerName": { + "markdownDescription": "The name of the load balancer to associate with the Amazon ECS service or task set.\n\nIf you are using an Application Load Balancer or a Network Load Balancer the load balancer name parameter should be omitted.", + "title": "LoadBalancerName", "type": "string" }, - "Description": { - "markdownDescription": "The description of the event variable.", - "title": "Description", + "TargetGroupArn": { + "markdownDescription": "The full Amazon Resource Name (ARN) of the Elastic Load Balancing target group or groups associated with a service or task set.\n\nA target group ARN is only specified when using an Application Load Balancer or Network Load Balancer.\n\nFor services using the `ECS` deployment controller, you can specify one or multiple target groups. For more information, see [Registering multiple target groups with a service](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/register-multiple-targetgroups.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nFor services using the `CODE_DEPLOY` deployment controller, you're required to define two target groups for the load balancer. For more information, see [Blue/green deployment with CodeDeploy](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-type-bluegreen.html) in the *Amazon Elastic Container Service Developer Guide* .\n\n> If your service's task definition uses the `awsvpc` network mode, you must choose `ip` as the target type, not `instance` . Do this when creating your target groups because tasks that use the `awsvpc` network mode are associated with an elastic network interface, not an Amazon EC2 instance. This network mode is required for the Fargate launch type.", + "title": "TargetGroupArn", "type": "string" - }, - "Inline": { - "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables.", - "title": "Inline", - "type": "boolean" - }, - "LastUpdatedTime": { - "markdownDescription": "Timestamp for when the event variable was last updated.", - "title": "LastUpdatedTime", + } + }, + "type": "object" + }, + "AWS::ECS::Service.LogConfiguration": { + "additionalProperties": false, + "properties": { + "LogDriver": { + "markdownDescription": "The log driver to use for the container.\n\nFor tasks on AWS Fargate , the supported log drivers are `awslogs` , `splunk` , and `awsfirelens` .\n\nFor tasks hosted on Amazon EC2 instances, the supported log drivers are `awslogs` , `fluentd` , `gelf` , `json-file` , `journald` , `syslog` , `splunk` , and `awsfirelens` .\n\nFor more information about using the `awslogs` log driver, see [Send Amazon ECS logs to CloudWatch](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_awslogs.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nFor more information about using the `awsfirelens` log driver, see [Send Amazon ECS logs to an AWS service or AWS Partner](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html) .\n\n> If you have a custom driver that isn't listed, you can fork the Amazon ECS container agent project that's [available on GitHub](https://docs.aws.amazon.com/https://github.com/aws/amazon-ecs-agent) and customize it to work with that driver. We encourage you to submit pull requests for changes that you would like to have included. However, we don't currently provide support for running modified copies of this software.", + "title": "LogDriver", "type": "string" }, - "Name": { - "markdownDescription": "The name of the event variable.", - "title": "Name", - "type": "string" + "Options": { + "additionalProperties": true, + "markdownDescription": "The configuration options to send to the log driver.\n\nThe options you can specify depend on the log driver. Some of the options you can specify when you use the `awslogs` log driver to route logs to Amazon CloudWatch include the following:\n\n- **awslogs-create-group** - Required: No\n\nSpecify whether you want the log group to be created automatically. If this option isn't specified, it defaults to `false` .\n\n> Your IAM policy must include the `logs:CreateLogGroup` permission before you attempt to use `awslogs-create-group` .\n- **awslogs-region** - Required: Yes\n\nSpecify the AWS Region that the `awslogs` log driver is to send your Docker logs to. You can choose to send all of your logs from clusters in different Regions to a single region in CloudWatch Logs. This is so that they're all visible in one location. Otherwise, you can separate them by Region for more granularity. Make sure that the specified log group exists in the Region that you specify with this option.\n- **awslogs-group** - Required: Yes\n\nMake sure to specify a log group that the `awslogs` log driver sends its log streams to.\n- **awslogs-stream-prefix** - Required: Yes, when using Fargate.Optional when using EC2.\n\nUse the `awslogs-stream-prefix` option to associate a log stream with the specified prefix, the container name, and the ID of the Amazon ECS task that the container belongs to. If you specify a prefix with this option, then the log stream takes the format `prefix-name/container-name/ecs-task-id` .\n\nIf you don't specify a prefix with this option, then the log stream is named after the container ID that's assigned by the Docker daemon on the container instance. Because it's difficult to trace logs back to the container that sent them with just the Docker container ID (which is only available on the container instance), we recommend that you specify a prefix with this option.\n\nFor Amazon ECS services, you can use the service name as the prefix. Doing so, you can trace log streams to the service that the container belongs to, the name of the container that sent them, and the ID of the task that the container belongs to.\n\nYou must specify a stream-prefix for your logs to have your logs appear in the Log pane when using the Amazon ECS console.\n- **awslogs-datetime-format** - Required: No\n\nThis option defines a multiline start pattern in Python `strftime` format. A log message consists of a line that matches the pattern and any following lines that don\u2019t match the pattern. The matched line is the delimiter between log messages.\n\nOne example of a use case for using this format is for parsing output such as a stack dump, which might otherwise be logged in multiple entries. The correct pattern allows it to be captured in a single entry.\n\nFor more information, see [awslogs-datetime-format](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/awslogs/#awslogs-datetime-format) .\n\nYou cannot configure both the `awslogs-datetime-format` and `awslogs-multiline-pattern` options.\n\n> Multiline logging performs regular expression parsing and matching of all log messages. This might have a negative impact on logging performance.\n- **awslogs-multiline-pattern** - Required: No\n\nThis option defines a multiline start pattern that uses a regular expression. A log message consists of a line that matches the pattern and any following lines that don\u2019t match the pattern. The matched line is the delimiter between log messages.\n\nFor more information, see [awslogs-multiline-pattern](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/awslogs/#awslogs-multiline-pattern) .\n\nThis option is ignored if `awslogs-datetime-format` is also configured.\n\nYou cannot configure both the `awslogs-datetime-format` and `awslogs-multiline-pattern` options.\n\n> Multiline logging performs regular expression parsing and matching of all log messages. This might have a negative impact on logging performance.\n\nThe following options apply to all supported log drivers.\n\n- **mode** - Required: No\n\nValid values: `non-blocking` | `blocking`\n\nThis option defines the delivery mode of log messages from the container to the log driver specified using `logDriver` . The delivery mode you choose affects application availability when the flow of logs from container is interrupted.\n\nIf you use the `blocking` mode and the flow of logs is interrupted, calls from container code to write to the `stdout` and `stderr` streams will block. The logging thread of the application will block as a result. This may cause the application to become unresponsive and lead to container healthcheck failure.\n\nIf you use the `non-blocking` mode, the container's logs are instead stored in an in-memory intermediate buffer configured with the `max-buffer-size` option. This prevents the application from becoming unresponsive when logs cannot be sent. We recommend using this mode if you want to ensure service availability and are okay with some log loss. For more information, see [Preventing log loss with non-blocking mode in the `awslogs` container log driver](https://docs.aws.amazon.com/containers/preventing-log-loss-with-non-blocking-mode-in-the-awslogs-container-log-driver/) .\n\nYou can set a default `mode` for all containers in a specific AWS Region by using the `defaultLogDriverMode` account setting. If you don't specify the `mode` option or configure the account setting, Amazon ECS will default to the `non-blocking` mode. For more information about the account setting, see [Default log driver mode](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-account-settings.html#default-log-driver-mode) in the *Amazon Elastic Container Service Developer Guide* .\n\n> On June 25, 2025, Amazon ECS changed the default log driver mode from `blocking` to `non-blocking` to prioritize task availability over logging. To continue using the `blocking` mode after this change, do one of the following:\n> \n> - Set the `mode` option in your container definition's `logConfiguration` as `blocking` .\n> - Set the `defaultLogDriverMode` account setting to `blocking` .\n- **max-buffer-size** - Required: No\n\nDefault value: `1m`\n\nWhen `non-blocking` mode is used, the `max-buffer-size` log option controls the size of the buffer that's used for intermediate message storage. Make sure to specify an adequate buffer size based on your application. When the buffer fills up, further logs cannot be stored. Logs that cannot be stored are lost.\n\nTo route logs using the `splunk` log router, you need to specify a `splunk-token` and a `splunk-url` .\n\nWhen you use the `awsfirelens` log router to route logs to an AWS Service or AWS Partner Network destination for log storage and analytics, you can set the `log-driver-buffer-limit` option to limit the number of events that are buffered in memory, before being sent to the log router container. It can help to resolve potential log loss issue because high throughput might result in memory running out for the buffer inside of Docker.\n\nOther options you can specify when using `awsfirelens` to route logs depend on the destination. When you export logs to Amazon Data Firehose, you can specify the AWS Region with `region` and a name for the log stream with `delivery_stream` .\n\nWhen you export logs to Amazon Kinesis Data Streams, you can specify an AWS Region with `region` and a data stream name with `stream` .\n\nWhen you export logs to Amazon OpenSearch Service, you can specify options like `Name` , `Host` (OpenSearch Service endpoint without protocol), `Port` , `Index` , `Type` , `Aws_auth` , `Aws_region` , `Suppress_Type_Name` , and `tls` . For more information, see [Under the hood: FireLens for Amazon ECS Tasks](https://docs.aws.amazon.com/containers/under-the-hood-firelens-for-amazon-ecs-tasks/) .\n\nWhen you export logs to Amazon S3, you can specify the bucket using the `bucket` option. You can also specify `region` , `total_file_size` , `upload_timeout` , and `use_put_object` as options.\n\nThis parameter requires version 1.19 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Options", + "type": "object" }, - "Tags": { + "SecretOptions": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::ECS::Service.Secret" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", + "markdownDescription": "The secrets to pass to the log configuration. For more information, see [Specifying sensitive data](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "SecretOptions", "type": "array" - }, - "VariableType": { - "markdownDescription": "The type of event variable. For more information, see [Variable types](https://docs.aws.amazon.com/frauddetector/latest/ug/create-a-variable.html#variable-types) .", - "title": "VariableType", - "type": "string" } }, "type": "object" }, - "AWS::FraudDetector::Detector.Label": { + "AWS::ECS::Service.NetworkConfiguration": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The label ARN.", - "title": "Arn", + "AwsvpcConfiguration": { + "$ref": "#/definitions/AWS::ECS::Service.AwsVpcConfiguration", + "markdownDescription": "The VPC subnets and security groups that are associated with a task.\n\n> All specified subnets and security groups must be from the same VPC.", + "title": "AwsvpcConfiguration" + } + }, + "type": "object" + }, + "AWS::ECS::Service.PlacementConstraint": { + "additionalProperties": false, + "properties": { + "Expression": { + "markdownDescription": "A cluster query language expression to apply to the constraint. The expression can have a maximum length of 2000 characters. You can't specify an expression if the constraint type is `distinctInstance` . For more information, see [Cluster query language](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "Expression", "type": "string" }, - "CreatedTime": { - "markdownDescription": "Timestamp of when the event type was created.", - "title": "CreatedTime", + "Type": { + "markdownDescription": "The type of constraint. Use `distinctInstance` to ensure that each task in a particular group is running on a different container instance. Use `memberOf` to restrict the selection to a group of valid candidates.", + "title": "Type", "type": "string" - }, - "Description": { - "markdownDescription": "The label description.", - "title": "Description", + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::ECS::Service.PlacementStrategy": { + "additionalProperties": false, + "properties": { + "Field": { + "markdownDescription": "The field to apply the placement strategy against. For the `spread` placement strategy, valid values are `instanceId` (or `host` , which has the same effect), or any platform or custom attribute that's applied to a container instance, such as `attribute:ecs.availability-zone` . For the `binpack` placement strategy, valid values are `cpu` and `memory` . For the `random` placement strategy, this field is not used.", + "title": "Field", "type": "string" }, - "Inline": { - "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables.", - "title": "Inline", - "type": "boolean" - }, - "LastUpdatedTime": { - "markdownDescription": "Timestamp of when the label was last updated.", - "title": "LastUpdatedTime", + "Type": { + "markdownDescription": "The type of placement strategy. The `random` placement strategy randomly places tasks on available candidates. The `spread` placement strategy spreads placement across available candidates evenly based on the `field` parameter. The `binpack` strategy places tasks on available candidates that have the least available amount of the resource that's specified with the `field` parameter. For example, if you binpack on memory, a task is placed on the instance with the least amount of remaining memory but still enough to run the task.", + "title": "Type", "type": "string" - }, + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::ECS::Service.Secret": { + "additionalProperties": false, + "properties": { "Name": { - "markdownDescription": "The label name.", + "markdownDescription": "The name of the secret.", "title": "Name", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" + "ValueFrom": { + "markdownDescription": "The secret to expose to the container. The supported values are either the full ARN of the AWS Secrets Manager secret or the full ARN of the parameter in the SSM Parameter Store.\n\nFor information about the require AWS Identity and Access Management permissions, see [Required IAM permissions for Amazon ECS secrets](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data-secrets.html#secrets-iam) (for Secrets Manager) or [Required IAM permissions for Amazon ECS secrets](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data-parameters.html) (for Systems Manager Parameter store) in the *Amazon Elastic Container Service Developer Guide* .\n\n> If the SSM Parameter Store parameter exists in the same Region as the task you're launching, then you can use either the full ARN or name of the parameter. If the parameter exists in a different Region, then the full ARN must be specified.", + "title": "ValueFrom", + "type": "string" } }, + "required": [ + "Name", + "ValueFrom" + ], "type": "object" }, - "AWS::FraudDetector::Detector.Model": { + "AWS::ECS::Service.ServiceConnectClientAlias": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The ARN of the model.", - "title": "Arn", + "DnsName": { + "markdownDescription": "The `dnsName` is the name that you use in the applications of client tasks to connect to this service. The name must be a valid DNS name but doesn't need to be fully-qualified. The name can include up to 127 characters. The name can include lowercase letters, numbers, underscores (_), hyphens (-), and periods (.). The name can't start with a hyphen.\n\nIf this parameter isn't specified, the default value of `discoveryName.namespace` is used. If the `discoveryName` isn't specified, the port mapping name from the task definition is used in `portName.namespace` .\n\nTo avoid changing your applications in client Amazon ECS services, set this to the same name that the client application uses by default. For example, a few common names are `database` , `db` , or the lowercase name of a database, such as `mysql` or `redis` . For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "DnsName", "type": "string" + }, + "Port": { + "markdownDescription": "The listening port number for the Service Connect proxy. This port is available inside of all of the tasks within the same namespace.\n\nTo avoid changing your applications in client Amazon ECS services, set this to the same port that the client application uses by default. For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "Port", + "type": "number" + }, + "TestTrafficRules": { + "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectTestTrafficRules", + "markdownDescription": "The configuration for test traffic routing rules used during blue/green deployments with Amazon ECS Service Connect. This allows you to route a portion of traffic to the new service revision of your service for testing before shifting all production traffic.", + "title": "TestTrafficRules" } }, + "required": [ + "Port" + ], "type": "object" }, - "AWS::FraudDetector::Detector.Outcome": { + "AWS::ECS::Service.ServiceConnectConfiguration": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The outcome ARN.", - "title": "Arn", - "type": "string" + "Enabled": { + "markdownDescription": "Specifies whether to use Service Connect with this service.", + "title": "Enabled", + "type": "boolean" }, - "CreatedTime": { - "markdownDescription": "The timestamp when the outcome was created.", - "title": "CreatedTime", + "LogConfiguration": { + "$ref": "#/definitions/AWS::ECS::Service.LogConfiguration", + "markdownDescription": "The log configuration for the container. This parameter maps to `LogConfig` in the docker container create command and the `--log-driver` option to docker run.\n\nBy default, containers use the same logging driver that the Docker daemon uses. However, the container might use a different logging driver than the Docker daemon by specifying a log driver configuration in the container definition.\n\nUnderstand the following when specifying a log configuration for your containers.\n\n- Amazon ECS currently supports a subset of the logging drivers available to the Docker daemon. Additional log drivers may be available in future releases of the Amazon ECS container agent.\n\nFor tasks on AWS Fargate , the supported log drivers are `awslogs` , `splunk` , and `awsfirelens` .\n\nFor tasks hosted on Amazon EC2 instances, the supported log drivers are `awslogs` , `fluentd` , `gelf` , `json-file` , `journald` , `syslog` , `splunk` , and `awsfirelens` .\n- This parameter requires version 1.18 of the Docker Remote API or greater on your container instance.\n- For tasks that are hosted on Amazon EC2 instances, the Amazon ECS container agent must register the available logging drivers with the `ECS_AVAILABLE_LOGGING_DRIVERS` environment variable before containers placed on that instance can use these log configuration options. For more information, see [Amazon ECS container agent configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the *Amazon Elastic Container Service Developer Guide* .\n- For tasks that are on AWS Fargate , because you don't have access to the underlying infrastructure your tasks are hosted on, any additional software needed must be installed outside of the task. For example, the Fluentd output aggregators or a remote host running Logstash to send Gelf logs to.", + "title": "LogConfiguration" + }, + "Namespace": { + "markdownDescription": "The namespace name or full Amazon Resource Name (ARN) of the AWS Cloud Map namespace for use with Service Connect. The namespace must be in the same AWS Region as the Amazon ECS service and cluster. The type of namespace doesn't affect Service Connect. For more information about AWS Cloud Map , see [Working with Services](https://docs.aws.amazon.com/cloud-map/latest/dg/working-with-services.html) in the *AWS Cloud Map Developer Guide* .", + "title": "Namespace", "type": "string" }, - "Description": { - "markdownDescription": "The outcome description.", - "title": "Description", + "Services": { + "items": { + "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectService" + }, + "markdownDescription": "The list of Service Connect service objects. These are names and aliases (also known as endpoints) that are used by other Amazon ECS services to connect to this service.\n\nThis field is not required for a \"client\" Amazon ECS service that's a member of a namespace only to connect to other services within the namespace. An example of this would be a frontend application that accepts incoming requests from either a load balancer that's attached to the service or by other means.\n\nAn object selects a port from the task definition, assigns a name for the AWS Cloud Map service, and a list of aliases (endpoints) and ports for client applications to refer to this service.", + "title": "Services", + "type": "array" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::ECS::Service.ServiceConnectService": { + "additionalProperties": false, + "properties": { + "ClientAliases": { + "items": { + "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectClientAlias" + }, + "markdownDescription": "The list of client aliases for this Service Connect service. You use these to assign names that can be used by client applications. The maximum number of client aliases that you can have in this list is 1.\n\nEach alias (\"endpoint\") is a fully-qualified name and port number that other Amazon ECS tasks (\"clients\") can use to connect to this service.\n\nEach name and port mapping must be unique within the namespace.\n\nFor each `ServiceConnectService` , you must provide at least one `clientAlias` with one `port` .", + "title": "ClientAliases", + "type": "array" + }, + "DiscoveryName": { + "markdownDescription": "The `discoveryName` is the name of the new AWS Cloud Map service that Amazon ECS creates for this Amazon ECS service. This must be unique within the AWS Cloud Map namespace. The name can contain up to 64 characters. The name can include lowercase letters, numbers, underscores (_), and hyphens (-). The name can't start with a hyphen.\n\nIf the `discoveryName` isn't specified, the port mapping name from the task definition is used in `portName.namespace` .", + "title": "DiscoveryName", "type": "string" }, - "Inline": { - "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables.", - "title": "Inline", - "type": "boolean" + "IngressPortOverride": { + "markdownDescription": "The port number for the Service Connect proxy to listen on.\n\nUse the value of this field to bypass the proxy for traffic on the port number specified in the named `portMapping` in the task definition of this application, and then use it in your VPC security groups to allow traffic into the proxy for this Amazon ECS service.\n\nIn `awsvpc` mode and Fargate, the default value is the container port number. The container port number is in the `portMapping` in the task definition. In bridge mode, the default value is the ephemeral port of the Service Connect proxy.", + "title": "IngressPortOverride", + "type": "number" }, - "LastUpdatedTime": { - "markdownDescription": "The timestamp when the outcome was last updated.", - "title": "LastUpdatedTime", + "PortName": { + "markdownDescription": "The `portName` must match the name of one of the `portMappings` from all the containers in the task definition of this Amazon ECS service.", + "title": "PortName", "type": "string" }, + "Timeout": { + "$ref": "#/definitions/AWS::ECS::Service.TimeoutConfiguration", + "markdownDescription": "A reference to an object that represents the configured timeouts for Service Connect.", + "title": "Timeout" + }, + "Tls": { + "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectTlsConfiguration", + "markdownDescription": "A reference to an object that represents a Transport Layer Security (TLS) configuration.", + "title": "Tls" + } + }, + "required": [ + "PortName" + ], + "type": "object" + }, + "AWS::ECS::Service.ServiceConnectTestTrafficRules": { + "additionalProperties": false, + "properties": { + "Header": { + "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectTestTrafficRulesHeader", + "markdownDescription": "The HTTP header-based routing rules that determine which requests should be routed to the new service version during blue/green deployment testing. These rules provide fine-grained control over test traffic routing based on request headers.", + "title": "Header" + } + }, + "required": [ + "Header" + ], + "type": "object" + }, + "AWS::ECS::Service.ServiceConnectTestTrafficRulesHeader": { + "additionalProperties": false, + "properties": { "Name": { - "markdownDescription": "The outcome name.", + "markdownDescription": "", "title": "Name", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" + "Value": { + "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectTestTrafficRulesHeaderValue", + "markdownDescription": "", + "title": "Value" } }, + "required": [ + "Name" + ], "type": "object" }, - "AWS::FraudDetector::Detector.Rule": { + "AWS::ECS::Service.ServiceConnectTestTrafficRulesHeaderValue": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The rule ARN.", - "title": "Arn", + "Exact": { + "markdownDescription": "", + "title": "Exact", + "type": "string" + } + }, + "required": [ + "Exact" + ], + "type": "object" + }, + "AWS::ECS::Service.ServiceConnectTlsCertificateAuthority": { + "additionalProperties": false, + "properties": { + "AwsPcaAuthorityArn": { + "markdownDescription": "The ARN of the AWS Private Certificate Authority certificate.", + "title": "AwsPcaAuthorityArn", "type": "string" + } + }, + "type": "object" + }, + "AWS::ECS::Service.ServiceConnectTlsConfiguration": { + "additionalProperties": false, + "properties": { + "IssuerCertificateAuthority": { + "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectTlsCertificateAuthority", + "markdownDescription": "The signer certificate authority.", + "title": "IssuerCertificateAuthority" }, - "CreatedTime": { - "markdownDescription": "Timestamp for when the rule was created.", - "title": "CreatedTime", + "KmsKey": { + "markdownDescription": "The AWS Key Management Service key.", + "title": "KmsKey", "type": "string" }, - "Description": { - "markdownDescription": "The rule description.", - "title": "Description", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that's associated with the Service Connect TLS.", + "title": "RoleArn", "type": "string" + } + }, + "required": [ + "IssuerCertificateAuthority" + ], + "type": "object" + }, + "AWS::ECS::Service.ServiceManagedEBSVolumeConfiguration": { + "additionalProperties": false, + "properties": { + "Encrypted": { + "markdownDescription": "Indicates whether the volume should be encrypted. If you turn on Region-level Amazon EBS encryption by default but set this value as `false` , the setting is overridden and the volume is encrypted with the KMS key specified for Amazon EBS encryption by default. This parameter maps 1:1 with the `Encrypted` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .", + "title": "Encrypted", + "type": "boolean" }, - "DetectorId": { - "markdownDescription": "The detector for which the rule is associated.", - "title": "DetectorId", + "FilesystemType": { + "markdownDescription": "The filesystem type for the volume. For volumes created from a snapshot, you must specify the same filesystem type that the volume was using when the snapshot was created. If there is a filesystem type mismatch, the tasks will fail to start.\n\nThe available Linux filesystem types are `ext3` , `ext4` , and `xfs` . If no value is specified, the `xfs` filesystem type is used by default.\n\nThe available Windows filesystem types are `NTFS` .", + "title": "FilesystemType", "type": "string" }, - "Expression": { - "markdownDescription": "The rule expression. A rule expression captures the business logic. For more information, see [Rule language reference](https://docs.aws.amazon.com/frauddetector/latest/ug/rule-language-reference.html) .", - "title": "Expression", + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS). For `gp3` , `io1` , and `io2` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n\nThe following are the supported values for each volume type.\n\n- `gp3` : 3,000 - 16,000 IOPS\n- `io1` : 100 - 64,000 IOPS\n- `io2` : 100 - 256,000 IOPS\n\nThis parameter is required for `io1` and `io2` volume types. The default for `gp3` volumes is `3,000 IOPS` . This parameter is not supported for `st1` , `sc1` , or `standard` volume types.\n\nThis parameter maps 1:1 with the `Iops` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .", + "title": "Iops", + "type": "number" + }, + "KmsKeyId": { + "markdownDescription": "The Amazon Resource Name (ARN) identifier of the AWS Key Management Service key to use for Amazon EBS encryption. When a key is specified using this parameter, it overrides Amazon EBS default encryption or any KMS key that you specified for cluster-level managed storage encryption. This parameter maps 1:1 with the `KmsKeyId` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* . For more information about encrypting Amazon EBS volumes attached to tasks, see [Encrypt data stored in Amazon EBS volumes attached to Amazon ECS tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ebs-kms-encryption.html) .\n\n> AWS authenticates the AWS Key Management Service key asynchronously. Therefore, if you specify an ID, alias, or ARN that is invalid, the action can appear to complete, but eventually fails.", + "title": "KmsKeyId", "type": "string" }, - "Language": { - "markdownDescription": "The rule language.\n\nValid Value: DETECTORPL", - "title": "Language", + "RoleArn": { + "markdownDescription": "The ARN of the IAM role to associate with this volume. This is the Amazon ECS infrastructure IAM role that is used to manage your AWS infrastructure. We recommend using the Amazon ECS-managed `AmazonECSInfrastructureRolePolicyForVolumes` IAM policy with this role. For more information, see [Amazon ECS infrastructure IAM role](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/infrastructure_IAM_role.html) in the *Amazon ECS Developer Guide* .", + "title": "RoleArn", "type": "string" }, - "LastUpdatedTime": { - "markdownDescription": "Timestamp for when the rule was last updated.", - "title": "LastUpdatedTime", + "SizeInGiB": { + "markdownDescription": "The size of the volume in GiB. You must specify either a volume size or a snapshot ID. If you specify a snapshot ID, the snapshot size is used for the volume size by default. You can optionally specify a volume size greater than or equal to the snapshot size. This parameter maps 1:1 with the `Size` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .\n\nThe following are the supported volume size values for each volume type.\n\n- `gp2` and `gp3` : 1-16,384\n- `io1` and `io2` : 4-16,384\n- `st1` and `sc1` : 125-16,384\n- `standard` : 1-1,024", + "title": "SizeInGiB", + "type": "number" + }, + "SnapshotId": { + "markdownDescription": "The snapshot that Amazon ECS uses to create volumes for attachment to tasks maintained by the service. You must specify either `snapshotId` or `sizeInGiB` in your volume configuration. This parameter maps 1:1 with the `SnapshotId` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .", + "title": "SnapshotId", "type": "string" }, - "Outcomes": { + "TagSpecifications": { "items": { - "$ref": "#/definitions/AWS::FraudDetector::Detector.Outcome" + "$ref": "#/definitions/AWS::ECS::Service.EBSTagSpecification" }, - "markdownDescription": "The rule outcome.", - "title": "Outcomes", + "markdownDescription": "The tags to apply to the volume. Amazon ECS applies service-managed tags by default. This parameter maps 1:1 with the `TagSpecifications.N` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .", + "title": "TagSpecifications", "type": "array" }, - "RuleId": { - "markdownDescription": "The rule ID.", - "title": "RuleId", - "type": "string" + "Throughput": { + "markdownDescription": "The throughput to provision for a volume, in MiB/s, with a maximum of 1,000 MiB/s. This parameter maps 1:1 with the `Throughput` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .\n\n> This parameter is only supported for the `gp3` volume type.", + "title": "Throughput", + "type": "number" }, - "RuleVersion": { - "markdownDescription": "The rule version.", - "title": "RuleVersion", - "type": "string" + "VolumeInitializationRate": { + "markdownDescription": "The rate, in MiB/s, at which data is fetched from a snapshot of an existing EBS volume to create new volumes for attachment to the tasks maintained by the service. This property can be specified only if you specify a `snapshotId` . For more information, see [Initialize Amazon EBS volumes](https://docs.aws.amazon.com/ebs/latest/userguide/initalize-volume.html) in the *Amazon EBS User Guide* .", + "title": "VolumeInitializationRate", + "type": "number" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" + "VolumeType": { + "markdownDescription": "The volume type. This parameter maps 1:1 with the `VolumeType` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* . For more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-volume-types.html) in the *Amazon EC2 User Guide* .\n\nThe following are the supported volume types.\n\n- General Purpose SSD: `gp2` | `gp3`\n- Provisioned IOPS SSD: `io1` | `io2`\n- Throughput Optimized HDD: `st1`\n- Cold HDD: `sc1`\n- Magnetic: `standard`\n\n> The magnetic volume type is not supported on Fargate.", + "title": "VolumeType", + "type": "string" } }, + "required": [ + "RoleArn" + ], "type": "object" }, - "AWS::FraudDetector::EntityType": { + "AWS::ECS::Service.ServiceRegistry": { "additionalProperties": false, "properties": { - "Condition": { + "ContainerName": { + "markdownDescription": "The container name value to be used for your service discovery service. It's already specified in the task definition. If the task definition that your service task specifies uses the `bridge` or `host` network mode, you must specify a `containerName` and `containerPort` combination from the task definition. If the task definition that your service task specifies uses the `awsvpc` network mode and a type SRV DNS record is used, you must specify either a `containerName` and `containerPort` combination or a `port` value. However, you can't specify both.", + "title": "ContainerName", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "ContainerPort": { + "markdownDescription": "The port value to be used for your service discovery service. It's already specified in the task definition. If the task definition your service task specifies uses the `bridge` or `host` network mode, you must specify a `containerName` and `containerPort` combination from the task definition. If the task definition your service task specifies uses the `awsvpc` network mode and a type SRV DNS record is used, you must specify either a `containerName` and `containerPort` combination or a `port` value. However, you can't specify both.", + "title": "ContainerPort", + "type": "number" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Port": { + "markdownDescription": "The port value used if your service discovery service specified an SRV record. This field might be used if both the `awsvpc` network mode and SRV records are used.", + "title": "Port", + "type": "number" }, - "Metadata": { - "type": "object" + "RegistryArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the service registry. The currently supported service registry is AWS Cloud Map . For more information, see [CreateService](https://docs.aws.amazon.com/cloud-map/latest/api/API_CreateService.html) .", + "title": "RegistryArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ECS::Service.ServiceVolumeConfiguration": { + "additionalProperties": false, + "properties": { + "ManagedEBSVolume": { + "$ref": "#/definitions/AWS::ECS::Service.ServiceManagedEBSVolumeConfiguration", + "markdownDescription": "The configuration for the Amazon EBS volume that Amazon ECS creates and manages on your behalf. These settings are used to create each Amazon EBS volume, with one volume created for each task in the service. The Amazon EBS volumes are visible in your account in the Amazon EC2 console once they are created.", + "title": "ManagedEBSVolume" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The entity type description.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The entity type name.\n\nPattern: `^[0-9a-z_-]+$`", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A key and value pair.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Name" - ], - "type": "object" + "Name": { + "markdownDescription": "The name of the volume. This value must match the volume name from the `Volume` object in the task definition.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::ECS::Service.TimeoutConfiguration": { + "additionalProperties": false, + "properties": { + "IdleTimeoutSeconds": { + "markdownDescription": "The amount of time in seconds a connection will stay active while idle. A value of `0` can be set to disable `idleTimeout` .\n\nThe `idleTimeout` default for `HTTP` / `HTTP2` / `GRPC` is 5 minutes.\n\nThe `idleTimeout` default for `TCP` is 1 hour.", + "title": "IdleTimeoutSeconds", + "type": "number" }, - "Type": { - "enum": [ - "AWS::FraudDetector::EntityType" - ], + "PerRequestTimeoutSeconds": { + "markdownDescription": "The amount of time waiting for the upstream to respond with a complete response per request. A value of `0` can be set to disable `perRequestTimeout` . `perRequestTimeout` can only be set if Service Connect `appProtocol` isn't `TCP` . Only `idleTimeout` is allowed for `TCP` `appProtocol` .", + "title": "PerRequestTimeoutSeconds", + "type": "number" + } + }, + "type": "object" + }, + "AWS::ECS::Service.VpcLatticeConfiguration": { + "additionalProperties": false, + "properties": { + "PortName": { + "markdownDescription": "The name of the port mapping to register in the VPC Lattice target group. This is the name of the `portMapping` you defined in your task definition.", + "title": "PortName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "RoleArn": { + "markdownDescription": "The ARN of the IAM role to associate with this VPC Lattice configuration. This is the Amazon ECS infrastructure IAM role that is used to manage your VPC Lattice infrastructure.", + "title": "RoleArn", + "type": "string" + }, + "TargetGroupArn": { + "markdownDescription": "The full Amazon Resource Name (ARN) of the target group or groups associated with the VPC Lattice configuration that the Amazon ECS tasks will be registered to.", + "title": "TargetGroupArn", "type": "string" } }, "required": [ - "Type", - "Properties" + "PortName", + "RoleArn", + "TargetGroupArn" ], "type": "object" }, - "AWS::FraudDetector::EventType": { + "AWS::ECS::TaskDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -102010,60 +105631,112 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The event type description.", - "title": "Description", - "type": "string" - }, - "EntityTypes": { + "ContainerDefinitions": { "items": { - "$ref": "#/definitions/AWS::FraudDetector::EventType.EntityType" + "$ref": "#/definitions/AWS::ECS::TaskDefinition.ContainerDefinition" }, - "markdownDescription": "The event type entity types.", - "title": "EntityTypes", + "markdownDescription": "A list of container definitions in JSON format that describe the different containers that make up your task. For more information about container definition parameters and defaults, see [Amazon ECS Task Definitions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_defintions.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "ContainerDefinitions", "type": "array" }, - "EventVariables": { + "Cpu": { + "markdownDescription": "The number of `cpu` units used by the task. If you use the EC2 launch type, this field is optional. Any value can be used. If you use the Fargate launch type, this field is required. You must use one of the following values. The value that you choose determines your range of valid values for the `memory` parameter.\n\nIf you're using the EC2 launch type or the external launch type, this field is optional. Supported values are between `128` CPU units ( `0.125` vCPUs) and `196608` CPU units ( `192` vCPUs).\n\nThis field is required for Fargate. For information about the valid values, see [Task size](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html#task_size) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "Cpu", + "type": "string" + }, + "EnableFaultInjection": { + "markdownDescription": "Enables fault injection and allows for fault injection requests to be accepted from the task's containers. The default value is `false` .", + "title": "EnableFaultInjection", + "type": "boolean" + }, + "EphemeralStorage": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.EphemeralStorage", + "markdownDescription": "The ephemeral storage settings to use for tasks run with the task definition.", + "title": "EphemeralStorage" + }, + "ExecutionRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the task execution role that grants the Amazon ECS container agent permission to make AWS API calls on your behalf. For informationabout the required IAM roles for Amazon ECS, see [IAM roles for Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/security-ecs-iam-role-overview.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "ExecutionRoleArn", + "type": "string" + }, + "Family": { + "markdownDescription": "The name of a family that this task definition is registered to. Up to 255 letters (uppercase and lowercase), numbers, hyphens, and underscores are allowed.\n\nA family groups multiple versions of a task definition. Amazon ECS gives the first task definition that you registered to a family a revision number of 1. Amazon ECS gives sequential revision numbers to each task definition that you add.\n\n> To use revision numbers when you update a task definition, specify this property. If you don't specify a value, AWS CloudFormation generates a new task definition each time that you update it.", + "title": "Family", + "type": "string" + }, + "IpcMode": { + "markdownDescription": "The IPC resource namespace to use for the containers in the task. The valid values are `host` , `task` , or `none` . If `host` is specified, then all containers within the tasks that specified the `host` IPC mode on the same container instance share the same IPC resources with the host Amazon EC2 instance. If `task` is specified, all containers within the specified task share the same IPC resources. If `none` is specified, then IPC resources within the containers of a task are private and not shared with other containers in a task or on the container instance. If no value is specified, then the IPC resource namespace sharing depends on the Docker daemon setting on the container instance.\n\nIf the `host` IPC mode is used, be aware that there is a heightened risk of undesired IPC namespace expose.\n\nIf you are setting namespaced kernel parameters using `systemControls` for the containers in the task, the following will apply to your IPC resource namespace. For more information, see [System Controls](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html) in the *Amazon Elastic Container Service Developer Guide* .\n\n- For tasks that use the `host` IPC mode, IPC namespace related `systemControls` are not supported.\n- For tasks that use the `task` IPC mode, IPC namespace related `systemControls` will apply to all containers within a task.\n\n> This parameter is not supported for Windows containers or tasks run on AWS Fargate .", + "title": "IpcMode", + "type": "string" + }, + "Memory": { + "markdownDescription": "The amount (in MiB) of memory used by the task.\n\nIf your tasks runs on Amazon EC2 instances, you must specify either a task-level memory value or a container-level memory value. This field is optional and any value can be used. If a task-level memory value is specified, the container-level memory value is optional. For more information regarding container-level memory and memory reservation, see [ContainerDefinition](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ContainerDefinition.html) .\n\nIf your tasks runs on AWS Fargate , this field is required. You must use one of the following values. The value you choose determines your range of valid values for the `cpu` parameter.\n\n- 512 (0.5 GB), 1024 (1 GB), 2048 (2 GB) - Available `cpu` values: 256 (.25 vCPU)\n- 1024 (1 GB), 2048 (2 GB), 3072 (3 GB), 4096 (4 GB) - Available `cpu` values: 512 (.5 vCPU)\n- 2048 (2 GB), 3072 (3 GB), 4096 (4 GB), 5120 (5 GB), 6144 (6 GB), 7168 (7 GB), 8192 (8 GB) - Available `cpu` values: 1024 (1 vCPU)\n- Between 4096 (4 GB) and 16384 (16 GB) in increments of 1024 (1 GB) - Available `cpu` values: 2048 (2 vCPU)\n- Between 8192 (8 GB) and 30720 (30 GB) in increments of 1024 (1 GB) - Available `cpu` values: 4096 (4 vCPU)\n- Between 16 GB and 60 GB in 4 GB increments - Available `cpu` values: 8192 (8 vCPU)\n\nThis option requires Linux platform `1.4.0` or later.\n- Between 32GB and 120 GB in 8 GB increments - Available `cpu` values: 16384 (16 vCPU)\n\nThis option requires Linux platform `1.4.0` or later.", + "title": "Memory", + "type": "string" + }, + "NetworkMode": { + "markdownDescription": "The Docker networking mode to use for the containers in the task. The valid values are `none` , `bridge` , `awsvpc` , and `host` . If no network mode is specified, the default is `bridge` .\n\nFor Amazon ECS tasks on Fargate, the `awsvpc` network mode is required. For Amazon ECS tasks on Amazon EC2 Linux instances, any network mode can be used. For Amazon ECS tasks on Amazon EC2 Windows instances, `` or `awsvpc` can be used. If the network mode is set to `none` , you cannot specify port mappings in your container definitions, and the tasks containers do not have external connectivity. The `host` and `awsvpc` network modes offer the highest networking performance for containers because they use the EC2 network stack instead of the virtualized network stack provided by the `bridge` mode.\n\nWith the `host` and `awsvpc` network modes, exposed container ports are mapped directly to the corresponding host port (for the `host` network mode) or the attached elastic network interface port (for the `awsvpc` network mode), so you cannot take advantage of dynamic host port mappings.\n\n> When using the `host` network mode, you should not run containers using the root user (UID 0). It is considered best practice to use a non-root user. \n\nIf the network mode is `awsvpc` , the task is allocated an elastic network interface, and you must specify a [NetworkConfiguration](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_NetworkConfiguration.html) value when you create a service or run a task with the task definition. For more information, see [Task Networking](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-networking.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nIf the network mode is `host` , you cannot run multiple instantiations of the same task on a single container instance when port mappings are used.", + "title": "NetworkMode", + "type": "string" + }, + "PidMode": { + "markdownDescription": "The process namespace to use for the containers in the task. The valid values are `host` or `task` . On Fargate for Linux containers, the only valid value is `task` . For example, monitoring sidecars might need `pidMode` to access information about other containers running in the same task.\n\nIf `host` is specified, all containers within the tasks that specified the `host` PID mode on the same container instance share the same process namespace with the host Amazon EC2 instance.\n\nIf `task` is specified, all containers within the specified task share the same process namespace.\n\nIf no value is specified, the default is a private namespace for each container.\n\nIf the `host` PID mode is used, there's a heightened risk of undesired process namespace exposure.\n\n> This parameter is not supported for Windows containers. > This parameter is only supported for tasks that are hosted on AWS Fargate if the tasks are using platform version `1.4.0` or later (Linux). This isn't supported for Windows containers on Fargate.", + "title": "PidMode", + "type": "string" + }, + "PlacementConstraints": { "items": { - "$ref": "#/definitions/AWS::FraudDetector::EventType.EventVariable" + "$ref": "#/definitions/AWS::ECS::TaskDefinition.TaskDefinitionPlacementConstraint" }, - "markdownDescription": "The event type event variables.", - "title": "EventVariables", + "markdownDescription": "An array of placement constraint objects to use for tasks.\n\n> This parameter isn't supported for tasks run on AWS Fargate .", + "title": "PlacementConstraints", "type": "array" }, - "Labels": { + "ProxyConfiguration": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.ProxyConfiguration", + "markdownDescription": "The configuration details for the App Mesh proxy.\n\nYour Amazon ECS container instances require at least version 1.26.0 of the container agent and at least version 1.26.0-1 of the `ecs-init` package to use a proxy configuration. If your container instances are launched from the Amazon ECS optimized AMI version `20190301` or later, they contain the required versions of the container agent and `ecs-init` . For more information, see [Amazon ECS-optimized Linux AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "ProxyConfiguration" + }, + "RequiresCompatibilities": { "items": { - "$ref": "#/definitions/AWS::FraudDetector::EventType.Label" + "type": "string" }, - "markdownDescription": "The event type labels.", - "title": "Labels", + "markdownDescription": "The task launch types the task definition was validated against. The valid values are `EC2` , `FARGATE` , and `EXTERNAL` . For more information, see [Amazon ECS launch types](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/launch_types.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "RequiresCompatibilities", "type": "array" }, - "Name": { - "markdownDescription": "The event type name.\n\nPattern : `^[0-9a-z_-]+$`", - "title": "Name", - "type": "string" + "RuntimePlatform": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.RuntimePlatform", + "markdownDescription": "The operating system that your tasks definitions run on. A platform family is specified only for tasks using the Fargate launch type.", + "title": "RuntimePlatform" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "The metadata that you apply to the task definition to help you categorize and organize them. Each tag consists of a key and an optional value. You define both of them.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8\n- Maximum value length - 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", "title": "Tags", "type": "array" + }, + "TaskRoleArn": { + "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the AWS Identity and Access Management role that grants containers in the task permission to call AWS APIs on your behalf. For more information, see [Amazon ECS Task Role](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-iam-roles.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nIAM roles for tasks on Windows require that the `-EnableTaskIAMRole` option is set when you launch the Amazon ECS-optimized Windows AMI. Your containers must also run some configuration code to use the feature. For more information, see [Windows IAM roles for tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/windows_task_IAM_roles.html) in the *Amazon Elastic Container Service Developer Guide* .\n\n> String validation is done on the ECS side. If an invalid string value is given for `TaskRoleArn` , it may cause the Cloudformation job to hang.", + "title": "TaskRoleArn", + "type": "string" + }, + "Volumes": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.Volume" + }, + "markdownDescription": "The list of data volume definitions for the task. For more information, see [Using data volumes in tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_data_volumes.html) in the *Amazon Elastic Container Service Developer Guide* .\n\n> The `host` and `sourcePath` parameters aren't supported for tasks run on AWS Fargate .", + "title": "Volumes", + "type": "array" } }, - "required": [ - "EntityTypes", - "EventVariables", - "Labels", - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::FraudDetector::EventType" + "AWS::ECS::TaskDefinition" ], "type": "string" }, @@ -102077,1523 +105750,1012 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::FraudDetector::EventType.EntityType": { + "AWS::ECS::TaskDefinition.AuthorizationConfig": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The entity type ARN.", - "title": "Arn", - "type": "string" - }, - "CreatedTime": { - "markdownDescription": "Timestamp of when the entity type was created.", - "title": "CreatedTime", - "type": "string" - }, - "Description": { - "markdownDescription": "The entity type description.", - "title": "Description", - "type": "string" - }, - "Inline": { - "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::EventType` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your event type but not execute any changes to the variables.", - "title": "Inline", - "type": "boolean" - }, - "LastUpdatedTime": { - "markdownDescription": "Timestamp of when the entity type was last updated.", - "title": "LastUpdatedTime", + "AccessPointId": { + "markdownDescription": "The Amazon EFS access point ID to use. If an access point is specified, the root directory value specified in the `EFSVolumeConfiguration` must either be omitted or set to `/` which will enforce the path set on the EFS access point. If an access point is used, transit encryption must be on in the `EFSVolumeConfiguration` . For more information, see [Working with Amazon EFS access points](https://docs.aws.amazon.com/efs/latest/ug/efs-access-points.html) in the *Amazon Elastic File System User Guide* .", + "title": "AccessPointId", "type": "string" }, - "Name": { - "markdownDescription": "The entity type name.\n\n`^[0-9a-z_-]+$`", - "title": "Name", + "IAM": { + "markdownDescription": "Determines whether to use the Amazon ECS task role defined in a task definition when mounting the Amazon EFS file system. If it is turned on, transit encryption must be turned on in the `EFSVolumeConfiguration` . If this parameter is omitted, the default value of `DISABLED` is used. For more information, see [Using Amazon EFS access points](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/efs-volumes.html#efs-volume-accesspoints) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "IAM", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" } }, "type": "object" }, - "AWS::FraudDetector::EventType.EventVariable": { + "AWS::ECS::TaskDefinition.ContainerDefinition": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The event variable ARN.", - "title": "Arn", - "type": "string" - }, - "CreatedTime": { - "markdownDescription": "Timestamp for when event variable was created.", - "title": "CreatedTime", - "type": "string" - }, - "DataSource": { - "markdownDescription": "The source of the event variable.\n\nValid values: `EVENT | EXTERNAL_MODEL_SCORE`\n\nWhen defining a variable within a event type, you can only use the `EVENT` value for DataSource when the *Inline* property is set to true. If the *Inline* property is set false, you can use either `EVENT` or `MODEL_SCORE` for DataSource.", - "title": "DataSource", - "type": "string" - }, - "DataType": { - "markdownDescription": "The data type of the event variable. For more information, see [Data types](https://docs.aws.amazon.com/frauddetector/latest/ug/variables.html#data-types) .", - "title": "DataType", - "type": "string" - }, - "DefaultValue": { - "markdownDescription": "The default value of the event variable", - "title": "DefaultValue", - "type": "string" - }, - "Description": { - "markdownDescription": "The event variable description.", - "title": "Description", - "type": "string" - }, - "Inline": { - "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::EventType` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the Variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your event type but not execute any changes to the variables.", - "title": "Inline", - "type": "boolean" - }, - "LastUpdatedTime": { - "markdownDescription": "Timestamp for when the event variable was last updated.", - "title": "LastUpdatedTime", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the event variable.", - "title": "Name", - "type": "string" - }, - "Tags": { + "Command": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", + "markdownDescription": "The command that's passed to the container. This parameter maps to `Cmd` in the docker container create command and the `COMMAND` parameter to docker run. If there are multiple arguments, each argument is a separated string in the array.", + "title": "Command", "type": "array" }, - "VariableType": { - "markdownDescription": "The type of event variable. For more information, see [Variable types](https://docs.aws.amazon.com/frauddetector/latest/ug/variables.html#variable-types) .", - "title": "VariableType", - "type": "string" - } - }, - "type": "object" - }, - "AWS::FraudDetector::EventType.Label": { - "additionalProperties": false, - "properties": { - "Arn": { - "markdownDescription": "The label ARN.", - "title": "Arn", - "type": "string" + "Cpu": { + "markdownDescription": "The number of `cpu` units reserved for the container. This parameter maps to `CpuShares` in the docker container create commandand the `--cpu-shares` option to docker run.\n\nThis field is optional for tasks using the Fargate launch type, and the only requirement is that the total amount of CPU reserved for all containers within a task be lower than the task-level `cpu` value.\n\n> You can determine the number of CPU units that are available per EC2 instance type by multiplying the vCPUs listed for that instance type on the [Amazon EC2 Instances](https://docs.aws.amazon.com/ec2/instance-types/) detail page by 1,024. \n\nLinux containers share unallocated CPU units with other containers on the container instance with the same ratio as their allocated amount. For example, if you run a single-container task on a single-core instance type with 512 CPU units specified for that container, and that's the only task running on the container instance, that container could use the full 1,024 CPU unit share at any given time. However, if you launched another copy of the same task on that container instance, each task is guaranteed a minimum of 512 CPU units when needed. Moreover, each container could float to higher CPU usage if the other container was not using it. If both tasks were 100% active all of the time, they would be limited to 512 CPU units.\n\nOn Linux container instances, the Docker daemon on the container instance uses the CPU value to calculate the relative CPU share ratios for running containers. The minimum valid CPU share value that the Linux kernel allows is 2, and the maximum valid CPU share value that the Linux kernel allows is 262144. However, the CPU parameter isn't required, and you can use CPU values below 2 or above 262144 in your container definitions. For CPU values below 2 (including null) or above 262144, the behavior varies based on your Amazon ECS container agent version:\n\n- *Agent versions less than or equal to 1.1.0:* Null and zero CPU values are passed to Docker as 0, which Docker then converts to 1,024 CPU shares. CPU values of 1 are passed to Docker as 1, which the Linux kernel converts to two CPU shares.\n- *Agent versions greater than or equal to 1.2.0:* Null, zero, and CPU values of 1 are passed to Docker as 2.\n- *Agent versions greater than or equal to 1.84.0:* CPU values greater than 256 vCPU are passed to Docker as 256, which is equivalent to 262144 CPU shares.\n\nOn Windows container instances, the CPU limit is enforced as an absolute limit, or a quota. Windows containers only have access to the specified amount of CPU that's described in the task definition. A null or zero CPU value is passed to Docker as `0` , which Windows interprets as 1% of one CPU.", + "title": "Cpu", + "type": "number" }, - "CreatedTime": { - "markdownDescription": "Timestamp of when the event type was created.", - "title": "CreatedTime", - "type": "string" + "CredentialSpecs": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of ARNs in SSM or Amazon S3 to a credential spec ( `CredSpec` ) file that configures the container for Active Directory authentication. We recommend that you use this parameter instead of the `dockerSecurityOptions` . The maximum number of ARNs is 1.\n\nThere are two formats for each ARN.\n\n- **credentialspecdomainless:MyARN** - You use `credentialspecdomainless:MyARN` to provide a `CredSpec` with an additional section for a secret in AWS Secrets Manager . You provide the login credentials to the domain in the secret.\n\nEach task that runs on any container instance can join different domains.\n\nYou can use this format without joining the container instance to a domain.\n- **credentialspec:MyARN** - You use `credentialspec:MyARN` to provide a `CredSpec` for a single domain.\n\nYou must join the container instance to the domain before you start any tasks that use this task definition.\n\nIn both formats, replace `MyARN` with the ARN in SSM or Amazon S3.\n\nIf you provide a `credentialspecdomainless:MyARN` , the `credspec` must provide a ARN in AWS Secrets Manager for a secret containing the username, password, and the domain to connect to. For better security, the instance isn't joined to the domain for domainless authentication. Other applications on the instance can't use the domainless credentials. You can use this parameter to run tasks on the same instance, even it the tasks need to join different domains. For more information, see [Using gMSAs for Windows Containers](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/windows-gmsa.html) and [Using gMSAs for Linux Containers](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/linux-gmsa.html) .", + "title": "CredentialSpecs", + "type": "array" }, - "Description": { - "markdownDescription": "The label description.", - "title": "Description", - "type": "string" + "DependsOn": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.ContainerDependency" + }, + "markdownDescription": "The dependencies defined for container startup and shutdown. A container can contain multiple dependencies. When a dependency is defined for container startup, for container shutdown it is reversed.\n\nFor tasks using the EC2 launch type, the container instances require at least version 1.26.0 of the container agent to turn on container dependencies. However, we recommend using the latest container agent version. For information about checking your agent version and updating to the latest version, see [Updating the Amazon ECS Container Agent](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-update.html) in the *Amazon Elastic Container Service Developer Guide* . If you're using an Amazon ECS-optimized Linux AMI, your instance needs at least version 1.26.0-1 of the `ecs-init` package. If your container instances are launched from version `20190301` or later, then they contain the required versions of the container agent and `ecs-init` . For more information, see [Amazon ECS-optimized Linux AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nFor tasks using the Fargate launch type, the task or service requires the following platforms:\n\n- Linux platform version `1.3.0` or later.\n- Windows platform version `1.0.0` or later.\n\nIf the task definition is used in a blue/green deployment that uses [AWS::CodeDeploy::DeploymentGroup BlueGreenDeploymentConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-codedeploy-deploymentgroup-bluegreendeploymentconfiguration.html) , the `dependsOn` parameter is not supported.", + "title": "DependsOn", + "type": "array" }, - "Inline": { - "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::EventType` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your EventType but not execute any changes to the variables.", - "title": "Inline", + "DisableNetworking": { + "markdownDescription": "When this parameter is true, networking is off within the container. This parameter maps to `NetworkDisabled` in the docker container create command.\n\n> This parameter is not supported for Windows containers.", + "title": "DisableNetworking", "type": "boolean" }, - "LastUpdatedTime": { - "markdownDescription": "Timestamp of when the label was last updated.", - "title": "LastUpdatedTime", - "type": "string" - }, - "Name": { - "markdownDescription": "The label name.", - "title": "Name", - "type": "string" + "DnsSearchDomains": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of DNS search domains that are presented to the container. This parameter maps to `DnsSearch` in the docker container create command and the `--dns-search` option to docker run.\n\n> This parameter is not supported for Windows containers.", + "title": "DnsSearchDomains", + "type": "array" }, - "Tags": { + "DnsServers": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", + "markdownDescription": "A list of DNS servers that are presented to the container. This parameter maps to `Dns` in the docker container create command and the `--dns` option to docker run.\n\n> This parameter is not supported for Windows containers.", + "title": "DnsServers", "type": "array" - } - }, - "type": "object" - }, - "AWS::FraudDetector::Label": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + "DockerLabels": { + "additionalProperties": true, + "markdownDescription": "A key/value map of labels to add to the container. This parameter maps to `Labels` in the docker container create command and the `--label` option to docker run. This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`", + "patternProperties": { + "^[a-zA-Z0-9]+$": { "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" } - ] - }, - "Metadata": { + }, + "title": "DockerLabels", "type": "object" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The label description.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The label name.\n\nPattern: `^[0-9a-z_-]+$`", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } + "DockerSecurityOptions": { + "items": { + "type": "string" }, - "required": [ - "Name" - ], - "type": "object" + "markdownDescription": "A list of strings to provide custom configuration for multiple security systems. This field isn't valid for containers in tasks using the Fargate launch type.\n\nFor Linux tasks on EC2, this parameter can be used to reference custom labels for SELinux and AppArmor multi-level security systems.\n\nFor any tasks on EC2, this parameter can be used to reference a credential spec file that configures a container for Active Directory authentication. For more information, see [Using gMSAs for Windows Containers](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/windows-gmsa.html) and [Using gMSAs for Linux Containers](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/linux-gmsa.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nThis parameter maps to `SecurityOpt` in the docker container create command and the `--security-opt` option to docker run.\n\n> The Amazon ECS container agent running on a container instance must register with the `ECS_SELINUX_CAPABLE=true` or `ECS_APPARMOR_CAPABLE=true` environment variables before containers placed on that instance can use these security options. For more information, see [Amazon ECS Container Agent Configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the *Amazon Elastic Container Service Developer Guide* . \n\nValid values: \"no-new-privileges\" | \"apparmor:PROFILE\" | \"label:value\" | \"credentialspec:CredentialSpecFilePath\"", + "title": "DockerSecurityOptions", + "type": "array" }, - "Type": { - "enum": [ - "AWS::FraudDetector::Label" - ], - "type": "string" + "EntryPoint": { + "items": { + "type": "string" + }, + "markdownDescription": "> Early versions of the Amazon ECS container agent don't properly handle `entryPoint` parameters. If you have problems using `entryPoint` , update your container agent or enter your commands and arguments as `command` array items instead. \n\nThe entry point that's passed to the container. This parameter maps to `Entrypoint` in the docker container create command and the `--entrypoint` option to docker run.", + "title": "EntryPoint", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::FraudDetector::List": { - "additionalProperties": false, - "properties": { - "Condition": { + "Environment": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.KeyValuePair" + }, + "markdownDescription": "The environment variables to pass to a container. This parameter maps to `Env` in the docker container create command and the `--env` option to docker run.\n\n> We don't recommend that you use plaintext environment variables for sensitive information, such as credential data.", + "title": "Environment", + "type": "array" + }, + "EnvironmentFiles": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.EnvironmentFile" + }, + "markdownDescription": "A list of files containing the environment variables to pass to a container. This parameter maps to the `--env-file` option to docker run.\n\nYou can specify up to ten environment files. The file must have a `.env` file extension. Each line in an environment file contains an environment variable in `VARIABLE=VALUE` format. Lines beginning with `#` are treated as comments and are ignored.\n\nIf there are environment variables specified using the `environment` parameter in a container definition, they take precedence over the variables contained within an environment file. If multiple environment files are specified that contain the same variable, they're processed from the top down. We recommend that you use unique variable names. For more information, see [Specifying Environment Variables](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/taskdef-envfiles.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "EnvironmentFiles", + "type": "array" + }, + "Essential": { + "markdownDescription": "If the `essential` parameter of a container is marked as `true` , and that container fails or stops for any reason, all other containers that are part of the task are stopped. If the `essential` parameter of a container is marked as `false` , its failure doesn't affect the rest of the containers in a task. If this parameter is omitted, a container is assumed to be essential.\n\nAll tasks must have at least one essential container. If you have an application that's composed of multiple containers, group containers that are used for a common purpose into components, and separate the different components into multiple task definitions. For more information, see [Application Architecture](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/application_architecture.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "Essential", + "type": "boolean" + }, + "ExtraHosts": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.HostEntry" + }, + "markdownDescription": "A list of hostnames and IP address mappings to append to the `/etc/hosts` file on the container. This parameter maps to `ExtraHosts` in the docker container create command and the `--add-host` option to docker run.\n\n> This parameter isn't supported for Windows containers or tasks that use the `awsvpc` network mode.", + "title": "ExtraHosts", + "type": "array" + }, + "FirelensConfiguration": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.FirelensConfiguration", + "markdownDescription": "The FireLens configuration for the container. This is used to specify and configure a log router for container logs. For more information, see [Custom Log Routing](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "FirelensConfiguration" + }, + "HealthCheck": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.HealthCheck", + "markdownDescription": "The container health check command and associated configuration parameters for the container. This parameter maps to `HealthCheck` in the docker container create command and the `HEALTHCHECK` parameter of docker run.", + "title": "HealthCheck" + }, + "Hostname": { + "markdownDescription": "The hostname to use for your container. This parameter maps to `Hostname` in the docker container create command and the `--hostname` option to docker run.\n\n> The `hostname` parameter is not supported if you're using the `awsvpc` network mode.", + "title": "Hostname", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Image": { + "markdownDescription": "The image used to start a container. This string is passed directly to the Docker daemon. By default, images in the Docker Hub registry are available. Other repositories are specified with either `*repository-url* / *image* : *tag*` or `*repository-url* / *image* @ *digest*` . For images using tags (repository-url/image:tag), up to 255 characters total are allowed, including letters (uppercase and lowercase), numbers, hyphens, underscores, colons, periods, forward slashes, and number signs (#). For images using digests (repository-url/image@digest), the 255 character limit applies only to the repository URL and image name (everything before the @ sign). The only supported hash function is sha256, and the hash value after sha256: must be exactly 64 characters (only letters A-F, a-f, and numbers 0-9 are allowed). This parameter maps to `Image` in the docker container create command and the `IMAGE` parameter of docker run.\n\n- When a new task starts, the Amazon ECS container agent pulls the latest version of the specified image and tag for the container to use. However, subsequent updates to a repository image aren't propagated to already running tasks.\n- Images in Amazon ECR repositories can be specified by either using the full `registry/repository:tag` or `registry/repository@digest` . For example, `012345678910.dkr.ecr..amazonaws.com/:latest` or `012345678910.dkr.ecr..amazonaws.com/@sha256:94afd1f2e64d908bc90dbca0035a5b567EXAMPLE` .\n- Images in official repositories on Docker Hub use a single name (for example, `ubuntu` or `mongo` ).\n- Images in other repositories on Docker Hub are qualified with an organization name (for example, `amazon/amazon-ecs-agent` ).\n- Images in other online repositories are qualified further by a domain name (for example, `quay.io/assemblyline/ubuntu` ).", + "title": "Image", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Interactive": { + "markdownDescription": "When this parameter is `true` , you can deploy containerized applications that require `stdin` or a `tty` to be allocated. This parameter maps to `OpenStdin` in the docker container create command and the `--interactive` option to docker run.", + "title": "Interactive", + "type": "boolean" }, - "Metadata": { - "type": "object" + "Links": { + "items": { + "type": "string" + }, + "markdownDescription": "The `links` parameter allows containers to communicate with each other without the need for port mappings. This parameter is only supported if the network mode of a task definition is `bridge` . The `name:internalName` construct is analogous to `name:alias` in Docker links. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed.. This parameter maps to `Links` in the docker container create command and the `--link` option to docker run.\n\n> This parameter is not supported for Windows containers. > Containers that are collocated on a single container instance may be able to communicate with each other without requiring links or host port mappings. Network isolation is achieved on the container instance using security groups and VPC settings.", + "title": "Links", + "type": "array" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The description of the list.", - "title": "Description", - "type": "string" - }, - "Elements": { - "items": { - "type": "string" - }, - "markdownDescription": "The elements in the list.", - "title": "Elements", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the list.", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - }, - "VariableType": { - "markdownDescription": "The variable type of the list. For more information, see [Variable types](https://docs.aws.amazon.com/frauddetector/latest/ug/variables.html#variable-types)", - "title": "VariableType", - "type": "string" - } + "LinuxParameters": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.LinuxParameters", + "markdownDescription": "Linux-specific modifications that are applied to the container, such as Linux kernel capabilities. For more information see [KernelCapabilities](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_KernelCapabilities.html) .\n\n> This parameter is not supported for Windows containers.", + "title": "LinuxParameters" + }, + "LogConfiguration": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.LogConfiguration", + "markdownDescription": "The log configuration specification for the container.\n\nThis parameter maps to `LogConfig` in the docker Create a container command and the `--log-driver` option to docker run. By default, containers use the same logging driver that the Docker daemon uses. However, the container may use a different logging driver than the Docker daemon by specifying a log driver with this parameter in the container definition. To use a different logging driver for a container, the log system must be configured properly on the container instance (or on a different log server for remote logging options). For more information on the options for different supported log drivers, see [Configure logging drivers](https://docs.aws.amazon.com/https://docs.docker.com/engine/admin/logging/overview/) in the Docker documentation.\n\n> Amazon ECS currently supports a subset of the logging drivers available to the Docker daemon (shown in the [LogConfiguration](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_LogConfiguration.html) data type). Additional log drivers may be available in future releases of the Amazon ECS container agent. \n\nThis parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`\n\n> The Amazon ECS container agent running on a container instance must register the logging drivers available on that instance with the `ECS_AVAILABLE_LOGGING_DRIVERS` environment variable before containers placed on that instance can use these log configuration options. For more information, see [Amazon ECS Container Agent Configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "LogConfiguration" + }, + "Memory": { + "markdownDescription": "The amount (in MiB) of memory to present to the container. If your container attempts to exceed the memory specified here, the container is killed. The total amount of memory reserved for all containers within a task must be lower than the task `memory` value, if one is specified. This parameter maps to `Memory` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--memory` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .\n\nIf using the Fargate launch type, this parameter is optional.\n\nIf using the EC2 launch type, you must specify either a task-level memory value or a container-level memory value. If you specify both a container-level `memory` and `memoryReservation` value, `memory` must be greater than `memoryReservation` . If you specify `memoryReservation` , then that value is subtracted from the available memory resources for the container instance where the container is placed. Otherwise, the value of `memory` is used.\n\nThe Docker 20.10.0 or later daemon reserves a minimum of 6 MiB of memory for a container, so you should not specify fewer than 6 MiB of memory for your containers.\n\nThe Docker 19.03.13-ce or earlier daemon reserves a minimum of 4 MiB of memory for a container, so you should not specify fewer than 4 MiB of memory for your containers.", + "title": "Memory", + "type": "number" + }, + "MemoryReservation": { + "markdownDescription": "The soft limit (in MiB) of memory to reserve for the container. When system memory is under heavy contention, Docker attempts to keep the container memory to this soft limit. However, your container can consume more memory when it needs to, up to either the hard limit specified with the `memory` parameter (if applicable), or all of the available memory on the container instance, whichever comes first. This parameter maps to `MemoryReservation` in the docker container create command and the `--memory-reservation` option to docker run.\n\nIf a task-level memory value is not specified, you must specify a non-zero integer for one or both of `memory` or `memoryReservation` in a container definition. If you specify both, `memory` must be greater than `memoryReservation` . If you specify `memoryReservation` , then that value is subtracted from the available memory resources for the container instance where the container is placed. Otherwise, the value of `memory` is used.\n\nFor example, if your container normally uses 128 MiB of memory, but occasionally bursts to 256 MiB of memory for short periods of time, you can set a `memoryReservation` of 128 MiB, and a `memory` hard limit of 300 MiB. This configuration would allow the container to only reserve 128 MiB of memory from the remaining resources on the container instance, but also allow the container to consume more memory resources when needed.\n\nThe Docker 20.10.0 or later daemon reserves a minimum of 6 MiB of memory for a container. So, don't specify less than 6 MiB of memory for your containers.\n\nThe Docker 19.03.13-ce or earlier daemon reserves a minimum of 4 MiB of memory for a container. So, don't specify less than 4 MiB of memory for your containers.", + "title": "MemoryReservation", + "type": "number" + }, + "MountPoints": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.MountPoint" }, - "required": [ - "Name" - ], - "type": "object" + "markdownDescription": "The mount points for data volumes in your container.\n\nThis parameter maps to `Volumes` in the docker container create command and the `--volume` option to docker run.\n\nWindows containers can mount whole directories on the same drive as `$env:ProgramData` . Windows containers can't mount directories on a different drive, and mount point can't be across drives.", + "title": "MountPoints", + "type": "array" }, - "Type": { - "enum": [ - "AWS::FraudDetector::List" - ], + "Name": { + "markdownDescription": "The name of a container. If you're linking multiple containers together in a task definition, the `name` of one container can be entered in the `links` of another container to connect the containers. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed. This parameter maps to `name` in the docker container create command and the `--name` option to docker run.", + "title": "Name", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::FraudDetector::Outcome": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" + "PortMappings": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.PortMapping" + }, + "markdownDescription": "The list of port mappings for the container. Port mappings allow containers to access ports on the host container instance to send or receive traffic.\n\nFor task definitions that use the `awsvpc` network mode, you should only specify the `containerPort` . The `hostPort` can be left blank or it must be the same value as the `containerPort` .\n\nPort mappings on Windows use the `NetNAT` gateway address rather than `localhost` . There is no loopback for port mappings on Windows, so you cannot access a container's mapped port from the host itself.\n\nThis parameter maps to `PortBindings` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--publish` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . If the network mode of a task definition is set to `none` , then you can't specify port mappings. If the network mode of a task definition is set to `host` , then host ports must either be undefined or they must match the container port in the port mapping.\n\n> After a task reaches the `RUNNING` status, manual and automatic host and container port assignments are visible in the *Network Bindings* section of a container description for a selected task in the Amazon ECS console. The assignments are also visible in the `networkBindings` section [DescribeTasks](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DescribeTasks.html) responses.", + "title": "PortMappings", + "type": "array" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Privileged": { + "markdownDescription": "When this parameter is true, the container is given elevated privileges on the host container instance (similar to the `root` user). This parameter maps to `Privileged` in the docker container create command and the `--privileged` option to docker run\n\n> This parameter is not supported for Windows containers or tasks run on AWS Fargate .", + "title": "Privileged", + "type": "boolean" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "PseudoTerminal": { + "markdownDescription": "When this parameter is `true` , a TTY is allocated. This parameter maps to `Tty` in the docker container create command and the `--tty` option to docker run.", + "title": "PseudoTerminal", + "type": "boolean" }, - "Metadata": { - "type": "object" + "ReadonlyRootFilesystem": { + "markdownDescription": "When this parameter is true, the container is given read-only access to its root file system. This parameter maps to `ReadonlyRootfs` in the docker container create command and the `--read-only` option to docker run.\n\n> This parameter is not supported for Windows containers.", + "title": "ReadonlyRootFilesystem", + "type": "boolean" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The outcome description.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The outcome name.", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } + "RepositoryCredentials": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.RepositoryCredentials", + "markdownDescription": "The private repository authentication credentials to use.", + "title": "RepositoryCredentials" + }, + "ResourceRequirements": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.ResourceRequirement" }, - "required": [ - "Name" - ], - "type": "object" + "markdownDescription": "The type and amount of a resource to assign to a container. The only supported resource is a GPU.", + "title": "ResourceRequirements", + "type": "array" }, - "Type": { - "enum": [ - "AWS::FraudDetector::Outcome" - ], - "type": "string" + "RestartPolicy": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.RestartPolicy", + "markdownDescription": "The restart policy for a container. When you set up a restart policy, Amazon ECS can restart the container without needing to replace the task. For more information, see [Restart individual containers in Amazon ECS tasks with container restart policies](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/container-restart-policy.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "RestartPolicy" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::FraudDetector::Variable": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" + "Secrets": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.Secret" + }, + "markdownDescription": "The secrets to pass to the container. For more information, see [Specifying Sensitive Data](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "Secrets", + "type": "array" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "StartTimeout": { + "markdownDescription": "Time duration (in seconds) to wait before giving up on resolving dependencies for a container. For example, you specify two containers in a task definition with containerA having a dependency on containerB reaching a `COMPLETE` , `SUCCESS` , or `HEALTHY` status. If a `startTimeout` value is specified for containerB and it doesn't reach the desired status within that time then containerA gives up and not start. This results in the task transitioning to a `STOPPED` state.\n\n> When the `ECS_CONTAINER_START_TIMEOUT` container agent configuration variable is used, it's enforced independently from this start timeout value. \n\nFor tasks using the Fargate launch type, the task or service requires the following platforms:\n\n- Linux platform version `1.3.0` or later.\n- Windows platform version `1.0.0` or later.\n\nFor tasks using the EC2 launch type, your container instances require at least version `1.26.0` of the container agent to use a container start timeout value. However, we recommend using the latest container agent version. For information about checking your agent version and updating to the latest version, see [Updating the Amazon ECS Container Agent](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-update.html) in the *Amazon Elastic Container Service Developer Guide* . If you're using an Amazon ECS-optimized Linux AMI, your instance needs at least version `1.26.0-1` of the `ecs-init` package. If your container instances are launched from version `20190301` or later, then they contain the required versions of the container agent and `ecs-init` . For more information, see [Amazon ECS-optimized Linux AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nThe valid values for Fargate are 2-120 seconds.", + "title": "StartTimeout", + "type": "number" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "StopTimeout": { + "markdownDescription": "Time duration (in seconds) to wait before the container is forcefully killed if it doesn't exit normally on its own.\n\nFor tasks using the Fargate launch type, the task or service requires the following platforms:\n\n- Linux platform version `1.3.0` or later.\n- Windows platform version `1.0.0` or later.\n\nFor tasks that use the Fargate launch type, the max stop timeout value is 120 seconds and if the parameter is not specified, the default value of 30 seconds is used.\n\nFor tasks that use the EC2 launch type, if the `stopTimeout` parameter isn't specified, the value set for the Amazon ECS container agent configuration variable `ECS_CONTAINER_STOP_TIMEOUT` is used. If neither the `stopTimeout` parameter or the `ECS_CONTAINER_STOP_TIMEOUT` agent configuration variable are set, then the default values of 30 seconds for Linux containers and 30 seconds on Windows containers are used. Your container instances require at least version 1.26.0 of the container agent to use a container stop timeout value. However, we recommend using the latest container agent version. For information about checking your agent version and updating to the latest version, see [Updating the Amazon ECS Container Agent](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-update.html) in the *Amazon Elastic Container Service Developer Guide* . If you're using an Amazon ECS-optimized Linux AMI, your instance needs at least version 1.26.0-1 of the `ecs-init` package. If your container instances are launched from version `20190301` or later, then they contain the required versions of the container agent and `ecs-init` . For more information, see [Amazon ECS-optimized Linux AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nThe valid values for Fargate are 2-120 seconds.", + "title": "StopTimeout", + "type": "number" }, - "Metadata": { - "type": "object" + "SystemControls": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.SystemControl" + }, + "markdownDescription": "A list of namespaced kernel parameters to set in the container. This parameter maps to `Sysctls` in the docker container create command and the `--sysctl` option to docker run. For example, you can configure `net.ipv4.tcp_keepalive_time` setting to maintain longer lived connections.", + "title": "SystemControls", + "type": "array" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DataSource": { - "markdownDescription": "The data source of the variable.\n\nValid values: `EVENT | EXTERNAL_MODEL_SCORE`\n\nWhen defining a variable within a detector, you can only use the `EVENT` value for DataSource when the *Inline* property is set to true. If the *Inline* property is set false, you can use either `EVENT` or `MODEL_SCORE` for DataSource.", - "title": "DataSource", - "type": "string" - }, - "DataType": { - "markdownDescription": "The data type of the variable.\n\nValid data types: `STRING | INTEGER | BOOLEAN | FLOAT`", - "title": "DataType", - "type": "string" - }, - "DefaultValue": { - "markdownDescription": "The default value of the variable.", - "title": "DefaultValue", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the variable.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the variable.\n\nPattern: `^[0-9a-z_-]+$`", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - }, - "VariableType": { - "markdownDescription": "The type of the variable. For more information see [Variable types](https://docs.aws.amazon.com/frauddetector/latest/ug/create-a-variable.html#variable-types) .\n\nValid Values: `AUTH_CODE | AVS | BILLING_ADDRESS_L1 | BILLING_ADDRESS_L2 | BILLING_CITY | BILLING_COUNTRY | BILLING_NAME | BILLING_PHONE | BILLING_STATE | BILLING_ZIP | CARD_BIN | CATEGORICAL | CURRENCY_CODE | EMAIL_ADDRESS | FINGERPRINT | FRAUD_LABEL | FREE_FORM_TEXT | IP_ADDRESS | NUMERIC | ORDER_ID | PAYMENT_TYPE | PHONE_NUMBER | PRICE | PRODUCT_CATEGORY | SHIPPING_ADDRESS_L1 | SHIPPING_ADDRESS_L2 | SHIPPING_CITY | SHIPPING_COUNTRY | SHIPPING_NAME | SHIPPING_PHONE | SHIPPING_STATE | SHIPPING_ZIP | USERAGENT`", - "title": "VariableType", - "type": "string" - } + "Ulimits": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.Ulimit" }, - "required": [ - "DataSource", - "DataType", - "DefaultValue", - "Name" - ], - "type": "object" + "markdownDescription": "A list of `ulimits` to set in the container. This parameter maps to `Ulimits` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--ulimit` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . Valid naming values are displayed in the [Ulimit](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_Ulimit.html) data type. This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`\n\n> This parameter is not supported for Windows containers.", + "title": "Ulimits", + "type": "array" }, - "Type": { - "enum": [ - "AWS::FraudDetector::Variable" - ], + "User": { + "markdownDescription": "The user to use inside the container. This parameter maps to `User` in the docker container create command and the `--user` option to docker run.\n\n> When running tasks using the `host` network mode, don't run containers using the root user (UID 0). We recommend using a non-root user for better security. \n\nYou can specify the `user` using the following formats. If specifying a UID or GID, you must specify it as a positive integer.\n\n- `user`\n- `user:group`\n- `uid`\n- `uid:gid`\n- `user:gid`\n- `uid:group`\n\n> This parameter is not supported for Windows containers.", + "title": "User", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VersionConsistency": { + "markdownDescription": "Specifies whether Amazon ECS will resolve the container image tag provided in the container definition to an image digest. By default, the value is `enabled` . If you set the value for a container as `disabled` , Amazon ECS will not resolve the provided container image tag to a digest and will use the original image URI specified in the container definition for deployment. For more information about container image resolution, see [Container image resolution](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-type-ecs.html#deployment-container-image-stability) in the *Amazon ECS Developer Guide* .", + "title": "VersionConsistency", + "type": "string" + }, + "VolumesFrom": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.VolumeFrom" + }, + "markdownDescription": "Data volumes to mount from another container. This parameter maps to `VolumesFrom` in the docker container create command and the `--volumes-from` option to docker run.", + "title": "VolumesFrom", + "type": "array" + }, + "WorkingDirectory": { + "markdownDescription": "The working directory to run commands inside the container in. This parameter maps to `WorkingDir` in the docker container create command and the `--workdir` option to docker run.", + "title": "WorkingDirectory", "type": "string" } }, "required": [ - "Type", - "Properties" + "Image", + "Name" ], "type": "object" }, - "AWS::GameLift::Alias": { + "AWS::ECS::TaskDefinition.ContainerDependency": { "additionalProperties": false, "properties": { "Condition": { + "markdownDescription": "The dependency condition of the container. The following are the available conditions and their behavior:\n\n- `START` - This condition emulates the behavior of links and volumes today. It validates that a dependent container is started before permitting other containers to start.\n- `COMPLETE` - This condition validates that a dependent container runs to completion (exits) before permitting other containers to start. This can be useful for nonessential containers that run a script and then exit. This condition can't be set on an essential container.\n- `SUCCESS` - This condition is the same as `COMPLETE` , but it also requires that the container exits with a `zero` status. This condition can't be set on an essential container.\n- `HEALTHY` - This condition validates that the dependent container passes its Docker health check before permitting other containers to start. This requires that the dependent container has health checks configured. This condition is confirmed only at task startup.", + "title": "Condition", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A human-readable description of the alias.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "A descriptive label that is associated with an alias. Alias names do not need to be unique.", - "title": "Name", - "type": "string" - }, - "RoutingStrategy": { - "$ref": "#/definitions/AWS::GameLift::Alias.RoutingStrategy", - "markdownDescription": "The routing configuration, including routing type and fleet target, for the alias.", - "title": "RoutingStrategy" - } - }, - "required": [ - "Name", - "RoutingStrategy" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::GameLift::Alias" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ContainerName": { + "markdownDescription": "The name of a container.", + "title": "ContainerName", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::GameLift::Alias.RoutingStrategy": { + "AWS::ECS::TaskDefinition.Device": { "additionalProperties": false, "properties": { - "FleetId": { - "markdownDescription": "A unique identifier for a fleet that the alias points to. If you specify `SIMPLE` for the `Type` property, you must specify this property.", - "title": "FleetId", + "ContainerPath": { + "markdownDescription": "The path inside the container at which to expose the host device.", + "title": "ContainerPath", "type": "string" }, - "Message": { - "markdownDescription": "The message text to be used with a terminal routing strategy. If you specify `TERMINAL` for the `Type` property, you must specify this property.", - "title": "Message", + "HostPath": { + "markdownDescription": "The path for the device on the host container instance.", + "title": "HostPath", "type": "string" }, - "Type": { - "markdownDescription": "A type of routing strategy.\n\nPossible routing types include the following:\n\n- *SIMPLE* - The alias resolves to one specific fleet. Use this type when routing to active fleets.\n- *TERMINAL* - The alias does not resolve to a fleet but instead can be used to display a message to the user. A terminal alias throws a `TerminalRoutingStrategyException` with the message that you specified in the `Message` property.", - "title": "Type", - "type": "string" + "Permissions": { + "items": { + "type": "string" + }, + "markdownDescription": "The explicit permissions to provide to the container for the device. By default, the container has permissions for `read` , `write` , and `mknod` for the device.", + "title": "Permissions", + "type": "array" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::GameLift::Build": { + "AWS::ECS::TaskDefinition.DockerVolumeConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Autoprovision": { + "markdownDescription": "If this value is `true` , the Docker volume is created if it doesn't already exist.\n\n> This field is only used if the `scope` is `shared` .", + "title": "Autoprovision", + "type": "boolean" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Driver": { + "markdownDescription": "The Docker volume driver to use. The driver value must match the driver name provided by Docker because it is used for task placement. If the driver was installed using the Docker plugin CLI, use `docker plugin ls` to retrieve the driver name from your container instance. If the driver was installed using another method, use Docker plugin discovery to retrieve the driver name. This parameter maps to `Driver` in the docker container create command and the `xxdriver` option to docker volume create.", + "title": "Driver", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + "DriverOpts": { + "additionalProperties": true, + "markdownDescription": "A map of Docker driver-specific options passed through. This parameter maps to `DriverOpts` in the docker create-volume command and the `xxopt` option to docker volume create.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" } - ] - }, - "Metadata": { + }, + "title": "DriverOpts", "type": "object" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "A descriptive label that is associated with a build. Build names do not need to be unique.", - "title": "Name", - "type": "string" - }, - "OperatingSystem": { - "markdownDescription": "The operating system that your game server binaries run on. This value determines the type of fleet resources that you use for this build. If your game build contains multiple executables, they all must run on the same operating system. You must specify a valid operating system in this request. There is no default value. You can't change a build's operating system later.\n\n> Amazon Linux 2 (AL2) will reach end of support on 6/30/2025. See more details in the [Amazon Linux 2 FAQs](https://docs.aws.amazon.com/amazon-linux-2/faqs/) . For game servers that are hosted on AL2 and use server SDK version 4.x for Amazon GameLift Servers, first update the game server build to server SDK 5.x, and then deploy to AL2023 instances. See [Migrate to server SDK version 5.](https://docs.aws.amazon.com/gamelift/latest/developerguide/reference-serversdk5-migration.html)", - "title": "OperatingSystem", - "type": "string" - }, - "ServerSdkVersion": { - "markdownDescription": "A server SDK version you used when integrating your game server build with Amazon GameLift Servers. For more information see [Integrate games with custom game servers](https://docs.aws.amazon.com/gamelift/latest/developerguide/integration-custom-intro.html) . By default Amazon GameLift Servers sets this value to `4.0.2` .", - "title": "ServerSdkVersion", - "type": "string" - }, - "StorageLocation": { - "$ref": "#/definitions/AWS::GameLift::Build.StorageLocation", - "markdownDescription": "Information indicating where your game build files are stored. Use this parameter only when creating a build with files stored in an Amazon S3 bucket that you own. The storage location must specify an Amazon S3 bucket name and key. The location must also specify a role ARN that you set up to allow Amazon GameLift Servers to access your Amazon S3 bucket. The S3 bucket and your new build must be in the same Region.\n\nIf a `StorageLocation` is specified, the size of your file can be found in your Amazon S3 bucket. Amazon GameLift Servers will report a `SizeOnDisk` of 0.", - "title": "StorageLocation" - }, - "Version": { - "markdownDescription": "Version information that is associated with this build. Version strings do not need to be unique.", - "title": "Version", + "Labels": { + "additionalProperties": true, + "markdownDescription": "Custom metadata to add to your Docker volume. This parameter maps to `Labels` in the docker container create command and the `xxlabel` option to docker volume create.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { "type": "string" } }, + "title": "Labels", "type": "object" }, - "Type": { - "enum": [ - "AWS::GameLift::Build" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Scope": { + "markdownDescription": "The scope for the Docker volume that determines its lifecycle. Docker volumes that are scoped to a `task` are automatically provisioned when the task starts and destroyed when the task stops. Docker volumes that are scoped as `shared` persist after the task stops.", + "title": "Scope", "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::GameLift::Build.StorageLocation": { + "AWS::ECS::TaskDefinition.EFSVolumeConfiguration": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "An Amazon S3 bucket identifier. The name of the S3 bucket.\n\n> Amazon GameLift doesn't support uploading from Amazon S3 buckets with names that contain a dot (.).", - "title": "Bucket", - "type": "string" + "AuthorizationConfig": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.AuthorizationConfig", + "markdownDescription": "The authorization configuration details for the Amazon EFS file system.", + "title": "AuthorizationConfig" }, - "Key": { - "markdownDescription": "The name of the zip file that contains the build files or script files.", - "title": "Key", + "FilesystemId": { + "markdownDescription": "The Amazon EFS file system ID to use.", + "title": "FilesystemId", "type": "string" }, - "ObjectVersion": { - "markdownDescription": "A version of a stored file to retrieve, if the object versioning feature is turned on for the S3 bucket. Use this parameter to specify a specific version. If this parameter isn't set, Amazon GameLift Servers retrieves the latest version of the file.", - "title": "ObjectVersion", + "RootDirectory": { + "markdownDescription": "The directory within the Amazon EFS file system to mount as the root directory inside the host. If this parameter is omitted, the root of the Amazon EFS volume will be used. Specifying `/` will have the same effect as omitting this parameter.\n\n> If an EFS access point is specified in the `authorizationConfig` , the root directory parameter must either be omitted or set to `/` which will enforce the path set on the EFS access point.", + "title": "RootDirectory", "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARNfor an IAM role that allows Amazon GameLift to access the S3 bucket.", - "title": "RoleArn", + "TransitEncryption": { + "markdownDescription": "Determines whether to use encryption for Amazon EFS data in transit between the Amazon ECS host and the Amazon EFS server. Transit encryption must be turned on if Amazon EFS IAM authorization is used. If this parameter is omitted, the default value of `DISABLED` is used. For more information, see [Encrypting data in transit](https://docs.aws.amazon.com/efs/latest/ug/encryption-in-transit.html) in the *Amazon Elastic File System User Guide* .", + "title": "TransitEncryption", "type": "string" + }, + "TransitEncryptionPort": { + "markdownDescription": "The port to use when sending encrypted data between the Amazon ECS host and the Amazon EFS server. If you do not specify a transit encryption port, it will use the port selection strategy that the Amazon EFS mount helper uses. For more information, see [EFS mount helper](https://docs.aws.amazon.com/efs/latest/ug/efs-mount-helper.html) in the *Amazon Elastic File System User Guide* .", + "title": "TransitEncryptionPort", + "type": "number" } }, "required": [ - "Bucket", - "Key", - "RoleArn" + "FilesystemId" ], "type": "object" }, - "AWS::GameLift::ContainerGroupDefinition": { + "AWS::ECS::TaskDefinition.EnvironmentFile": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ContainerDefinitions": { - "items": { - "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerDefinition" - }, - "type": "array" - }, - "Name": { - "markdownDescription": "A descriptive identifier for the container group definition. The name value is unique in an AWS Region.", - "title": "Name", - "type": "string" - }, - "OperatingSystem": { - "markdownDescription": "The platform that all containers in the container group definition run on.\n\n> Amazon Linux 2 (AL2) will reach end of support on 6/30/2025. See more details in the [Amazon Linux 2 FAQs](https://docs.aws.amazon.com/amazon-linux-2/faqs/) . For game servers that are hosted on AL2 and use server SDK version 4.x for Amazon GameLift Servers, first update the game server build to server SDK 5.x, and then deploy to AL2023 instances. See [Migrate to server SDK version 5.](https://docs.aws.amazon.com/gamelift/latest/developerguide/reference-serversdk5-migration.html)", - "title": "OperatingSystem", - "type": "string" - }, - "SchedulingStrategy": { - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "", - "title": "Tags", - "type": "array" - }, - "TotalCpuLimit": { - "type": "number" - }, - "TotalMemoryLimit": { - "type": "number" - } - }, - "required": [ - "ContainerDefinitions", - "Name", - "OperatingSystem", - "TotalCpuLimit", - "TotalMemoryLimit" - ], - "type": "object" - }, "Type": { - "enum": [ - "AWS::GameLift::ContainerGroupDefinition" - ], + "markdownDescription": "The file type to use. Environment files are objects in Amazon S3. The only supported value is `s3` .", + "title": "Type", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Value": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon S3 object containing the environment variable file.", + "title": "Value", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::GameLift::ContainerGroupDefinition.ContainerDefinition": { + "AWS::ECS::TaskDefinition.EphemeralStorage": { "additionalProperties": false, "properties": { - "Command": { - "items": { - "type": "string" - }, - "type": "array" - }, - "ContainerName": { - "type": "string" - }, - "Cpu": { + "SizeInGiB": { + "markdownDescription": "The total amount, in GiB, of ephemeral storage to set for the task. The minimum supported value is `21` GiB and the maximum supported value is `200` GiB.", + "title": "SizeInGiB", "type": "number" - }, - "DependsOn": { - "items": { - "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerDependency" - }, - "type": "array" - }, - "EntryPoint": { - "items": { - "type": "string" - }, - "type": "array" - }, - "Environment": { - "items": { - "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerEnvironment" - }, - "type": "array" - }, - "Essential": { - "type": "boolean" - }, - "HealthCheck": { - "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerHealthCheck" - }, - "ImageUri": { - "type": "string" - }, - "MemoryLimits": { - "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.MemoryLimits" - }, - "PortConfiguration": { - "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.PortConfiguration" - }, - "ResolvedImageDigest": { + } + }, + "type": "object" + }, + "AWS::ECS::TaskDefinition.FSxAuthorizationConfig": { + "additionalProperties": false, + "properties": { + "CredentialsParameter": { + "markdownDescription": "The authorization credential option to use. The authorization credential options can be provided using either the Amazon Resource Name (ARN) of an AWS Secrets Manager secret or SSM Parameter Store parameter. The ARN refers to the stored credentials.", + "title": "CredentialsParameter", "type": "string" }, - "WorkingDirectory": { + "Domain": { + "markdownDescription": "A fully qualified domain name hosted by an [AWS Directory Service](https://docs.aws.amazon.com/directoryservice/latest/admin-guide/directory_microsoft_ad.html) Managed Microsoft AD (Active Directory) or self-hosted AD on Amazon EC2.", + "title": "Domain", "type": "string" } }, "required": [ - "ContainerName", - "ImageUri" + "CredentialsParameter", + "Domain" ], "type": "object" }, - "AWS::GameLift::ContainerGroupDefinition.ContainerDependency": { + "AWS::ECS::TaskDefinition.FSxWindowsFileServerVolumeConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "markdownDescription": "The condition that the dependency container must reach before the dependent container can start. Valid conditions include:\n\n- START - The dependency container must have started.\n- COMPLETE - The dependency container has run to completion (exits). Use this condition with nonessential containers, such as those that run a script and then exit. The dependency container can't be an essential container.\n- SUCCESS - The dependency container has run to completion and exited with a zero status. The dependency container can't be an essential container.\n- HEALTHY - The dependency container has passed its Docker health check. Use this condition with dependency containers that have health checks configured. This condition is confirmed at container group startup only.", - "title": "Condition", + "AuthorizationConfig": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.FSxAuthorizationConfig", + "markdownDescription": "The authorization configuration details for the Amazon FSx for Windows File Server file system.", + "title": "AuthorizationConfig" + }, + "FileSystemId": { + "markdownDescription": "The Amazon FSx for Windows File Server file system ID to use.", + "title": "FileSystemId", "type": "string" }, - "ContainerName": { - "markdownDescription": "A descriptive label for the container definition that this container depends on.", - "title": "ContainerName", + "RootDirectory": { + "markdownDescription": "The directory within the Amazon FSx for Windows File Server file system to mount as the root directory inside the host.", + "title": "RootDirectory", "type": "string" } }, "required": [ - "Condition", - "ContainerName" + "FileSystemId", + "RootDirectory" ], "type": "object" }, - "AWS::GameLift::ContainerGroupDefinition.ContainerEnvironment": { + "AWS::ECS::TaskDefinition.FirelensConfiguration": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The environment variable name.", - "title": "Name", - "type": "string" + "Options": { + "additionalProperties": true, + "markdownDescription": "The options to use when configuring the log router. This field is optional and can be used to add additional metadata, such as the task, task definition, cluster, and container instance details to the log event.\n\nIf specified, valid option keys are:\n\n- `enable-ecs-log-metadata` , which can be `true` or `false`\n- `config-file-type` , which can be `s3` or `file`\n- `config-file-value` , which is either an S3 ARN or a file path", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Options", + "type": "object" }, - "Value": { - "markdownDescription": "The environment variable value.", - "title": "Value", + "Type": { + "markdownDescription": "The log router to use. The valid values are `fluentd` or `fluentbit` .", + "title": "Type", "type": "string" } }, - "required": [ - "Name", - "Value" - ], "type": "object" }, - "AWS::GameLift::ContainerGroupDefinition.ContainerHealthCheck": { + "AWS::ECS::TaskDefinition.HealthCheck": { "additionalProperties": false, "properties": { "Command": { "items": { "type": "string" }, - "markdownDescription": "A string array that specifies the command that the container runs to determine if it's healthy.", + "markdownDescription": "A string array representing the command that the container runs to determine if it is healthy. The string array must start with `CMD` to run the command arguments directly, or `CMD-SHELL` to run the command with the container's default shell.\n\nWhen you use the AWS Management Console JSON panel, the AWS Command Line Interface , or the APIs, enclose the list of commands in double quotes and brackets.\n\n`[ \"CMD-SHELL\", \"curl -f http://localhost/ || exit 1\" ]`\n\nYou don't include the double quotes and brackets when you use the AWS Management Console.\n\n`CMD-SHELL, curl -f http://localhost/ || exit 1`\n\nAn exit code of 0 indicates success, and non-zero exit code indicates failure. For more information, see `HealthCheck` in the docker container create command.", "title": "Command", "type": "array" }, "Interval": { - "markdownDescription": "The time period (in seconds) between each health check.", + "markdownDescription": "The time period in seconds between each health check execution. You may specify between 5 and 300 seconds. The default value is 30 seconds. This value applies only when you specify a `command` .", "title": "Interval", "type": "number" }, "Retries": { - "markdownDescription": "The number of times to retry a failed health check before flagging the container unhealthy. The first run of the command does not count as a retry.", + "markdownDescription": "The number of times to retry a failed health check before the container is considered unhealthy. You may specify between 1 and 10 retries. The default value is 3. This value applies only when you specify a `command` .", "title": "Retries", "type": "number" }, "StartPeriod": { - "markdownDescription": "The optional grace period (in seconds) to give a container time to bootstrap before the first failed health check counts toward the number of retries.", + "markdownDescription": "The optional grace period to provide containers time to bootstrap before failed health checks count towards the maximum number of retries. You can specify between 0 and 300 seconds. By default, the `startPeriod` is off. This value applies only when you specify a `command` .\n\n> If a health check succeeds within the `startPeriod` , then the container is considered healthy and any subsequent failures count toward the maximum number of retries.", "title": "StartPeriod", "type": "number" }, "Timeout": { - "markdownDescription": "The time period (in seconds) to wait for a health check to succeed before counting a failed health check.", + "markdownDescription": "The time period in seconds to wait for a health check to succeed before it is considered a failure. You may specify between 2 and 60 seconds. The default value is 5. This value applies only when you specify a `command` .", "title": "Timeout", "type": "number" } }, - "required": [ - "Command" - ], "type": "object" }, - "AWS::GameLift::ContainerGroupDefinition.ContainerPortRange": { + "AWS::ECS::TaskDefinition.HostEntry": { "additionalProperties": false, "properties": { - "FromPort": { - "markdownDescription": "A starting value for the range of allowed port numbers.", - "title": "FromPort", - "type": "number" - }, - "Protocol": { - "markdownDescription": "The network protocol that these ports support.", - "title": "Protocol", + "Hostname": { + "markdownDescription": "The hostname to use in the `/etc/hosts` entry.", + "title": "Hostname", "type": "string" }, - "ToPort": { - "markdownDescription": "An ending value for the range of allowed port numbers. Port numbers are end-inclusive. This value must be equal to or greater than `FromPort` .", - "title": "ToPort", - "type": "number" + "IpAddress": { + "markdownDescription": "The IP address to use in the `/etc/hosts` entry.", + "title": "IpAddress", + "type": "string" } }, - "required": [ - "FromPort", - "Protocol", - "ToPort" - ], "type": "object" }, - "AWS::GameLift::ContainerGroupDefinition.MemoryLimits": { + "AWS::ECS::TaskDefinition.HostVolumeProperties": { "additionalProperties": false, "properties": { - "HardLimit": { - "type": "number" - }, - "SoftLimit": { - "type": "number" + "SourcePath": { + "markdownDescription": "When the `host` parameter is used, specify a `sourcePath` to declare the path on the host container instance that's presented to the container. If this parameter is empty, then the Docker daemon has assigned a host path for you. If the `host` parameter contains a `sourcePath` file location, then the data volume persists at the specified location on the host container instance until you delete it manually. If the `sourcePath` value doesn't exist on the host container instance, the Docker daemon creates it. If the location does exist, the contents of the source path folder are exported.\n\nIf you're using the Fargate launch type, the `sourcePath` parameter is not supported.", + "title": "SourcePath", + "type": "string" } }, "type": "object" }, - "AWS::GameLift::ContainerGroupDefinition.PortConfiguration": { + "AWS::ECS::TaskDefinition.KernelCapabilities": { "additionalProperties": false, "properties": { - "ContainerPortRanges": { + "Add": { "items": { - "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerPortRange" + "type": "string" }, - "markdownDescription": "", - "title": "ContainerPortRanges", + "markdownDescription": "The Linux capabilities for the container that have been added to the default configuration provided by Docker. This parameter maps to `CapAdd` in the docker container create command and the `--cap-add` option to docker run.\n\n> Tasks launched on AWS Fargate only support adding the `SYS_PTRACE` kernel capability. \n\nValid values: `\"ALL\" | \"AUDIT_CONTROL\" | \"AUDIT_WRITE\" | \"BLOCK_SUSPEND\" | \"CHOWN\" | \"DAC_OVERRIDE\" | \"DAC_READ_SEARCH\" | \"FOWNER\" | \"FSETID\" | \"IPC_LOCK\" | \"IPC_OWNER\" | \"KILL\" | \"LEASE\" | \"LINUX_IMMUTABLE\" | \"MAC_ADMIN\" | \"MAC_OVERRIDE\" | \"MKNOD\" | \"NET_ADMIN\" | \"NET_BIND_SERVICE\" | \"NET_BROADCAST\" | \"NET_RAW\" | \"SETFCAP\" | \"SETGID\" | \"SETPCAP\" | \"SETUID\" | \"SYS_ADMIN\" | \"SYS_BOOT\" | \"SYS_CHROOT\" | \"SYS_MODULE\" | \"SYS_NICE\" | \"SYS_PACCT\" | \"SYS_PTRACE\" | \"SYS_RAWIO\" | \"SYS_RESOURCE\" | \"SYS_TIME\" | \"SYS_TTY_CONFIG\" | \"SYSLOG\" | \"WAKE_ALARM\"`", + "title": "Add", + "type": "array" + }, + "Drop": { + "items": { + "type": "string" + }, + "markdownDescription": "The Linux capabilities for the container that have been removed from the default configuration provided by Docker. This parameter maps to `CapDrop` in the docker container create command and the `--cap-drop` option to docker run.\n\nValid values: `\"ALL\" | \"AUDIT_CONTROL\" | \"AUDIT_WRITE\" | \"BLOCK_SUSPEND\" | \"CHOWN\" | \"DAC_OVERRIDE\" | \"DAC_READ_SEARCH\" | \"FOWNER\" | \"FSETID\" | \"IPC_LOCK\" | \"IPC_OWNER\" | \"KILL\" | \"LEASE\" | \"LINUX_IMMUTABLE\" | \"MAC_ADMIN\" | \"MAC_OVERRIDE\" | \"MKNOD\" | \"NET_ADMIN\" | \"NET_BIND_SERVICE\" | \"NET_BROADCAST\" | \"NET_RAW\" | \"SETFCAP\" | \"SETGID\" | \"SETPCAP\" | \"SETUID\" | \"SYS_ADMIN\" | \"SYS_BOOT\" | \"SYS_CHROOT\" | \"SYS_MODULE\" | \"SYS_NICE\" | \"SYS_PACCT\" | \"SYS_PTRACE\" | \"SYS_RAWIO\" | \"SYS_RESOURCE\" | \"SYS_TIME\" | \"SYS_TTY_CONFIG\" | \"SYSLOG\" | \"WAKE_ALARM\"`", + "title": "Drop", "type": "array" } }, - "required": [ - "ContainerPortRanges" - ], "type": "object" }, - "AWS::GameLift::Fleet": { + "AWS::ECS::TaskDefinition.KeyValuePair": { "additionalProperties": false, "properties": { - "Condition": { + "Name": { + "markdownDescription": "The name of the key-value pair. For environment variables, this is the name of the environment variable.", + "title": "Name", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Value": { + "markdownDescription": "The value of the key-value pair. For environment variables, this is the value of the environment variable.", + "title": "Value", "type": "string" + } + }, + "type": "object" + }, + "AWS::ECS::TaskDefinition.LinuxParameters": { + "additionalProperties": false, + "properties": { + "Capabilities": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.KernelCapabilities", + "markdownDescription": "The Linux capabilities for the container that are added to or dropped from the default configuration provided by Docker.\n\n> For tasks that use the Fargate launch type, `capabilities` is supported for all platform versions but the `add` parameter is only supported if using platform version 1.4.0 or later.", + "title": "Capabilities" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AnywhereConfiguration": { - "$ref": "#/definitions/AWS::GameLift::Fleet.AnywhereConfiguration", - "markdownDescription": "Amazon GameLift Servers Anywhere configuration options.", - "title": "AnywhereConfiguration" - }, - "ApplyCapacity": { - "markdownDescription": "Current resource capacity settings for managed EC2 fleets and managed container fleets. For multi-location fleets, location values might refer to a fleet's remote location or its home Region.\n\n*Returned by:* [DescribeFleetCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetCapacity.html) , [DescribeFleetLocationCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetLocationCapacity.html) , [UpdateFleetCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateFleetCapacity.html)", - "title": "ApplyCapacity", - "type": "string" - }, - "BuildId": { - "markdownDescription": "A unique identifier for a build to be deployed on the new fleet. If you are deploying the fleet with a custom game build, you must specify this property. The build must have been successfully uploaded to Amazon GameLift and be in a `READY` status. This fleet setting cannot be changed once the fleet is created.", - "title": "BuildId", - "type": "string" - }, - "CertificateConfiguration": { - "$ref": "#/definitions/AWS::GameLift::Fleet.CertificateConfiguration", - "markdownDescription": "Prompts Amazon GameLift Servers to generate a TLS/SSL certificate for the fleet. Amazon GameLift Servers uses the certificates to encrypt traffic between game clients and the game servers running on Amazon GameLift Servers. By default, the `CertificateConfiguration` is `DISABLED` . You can't change this property after you create the fleet.\n\nAWS Certificate Manager (ACM) certificates expire after 13 months. Certificate expiration can cause fleets to fail, preventing players from connecting to instances in the fleet. We recommend you replace fleets before 13 months, consider using fleet aliases for a smooth transition.\n\n> ACM isn't available in all AWS regions. A fleet creation request with certificate generation enabled in an unsupported Region, fails with a 4xx error. For more information about the supported Regions, see [Supported Regions](https://docs.aws.amazon.com/acm/latest/userguide/acm-regions.html) in the *AWS Certificate Manager User Guide* .", - "title": "CertificateConfiguration" - }, - "ComputeType": { - "markdownDescription": "The type of compute resource used to host your game servers.\n\n- `EC2` \u2013 The game server build is deployed to Amazon EC2 instances for cloud hosting. This is the default setting.\n- `ANYWHERE` \u2013 Game servers and supporting software are deployed to compute resources that you provide and manage. With this compute type, you can also set the `AnywhereConfiguration` parameter.", - "title": "ComputeType", - "type": "string" - }, - "ContainerGroupsConfiguration": { - "$ref": "#/definitions/AWS::GameLift::Fleet.ContainerGroupsConfiguration" - }, - "Description": { - "markdownDescription": "A description for the fleet.", - "title": "Description", - "type": "string" - }, - "DesiredEC2Instances": { - "type": "number" - }, - "EC2InboundPermissions": { - "items": { - "$ref": "#/definitions/AWS::GameLift::Fleet.IpPermission" - }, - "markdownDescription": "The IP address ranges and port settings that allow inbound traffic to access game server processes and other processes on this fleet. Set this parameter for managed EC2 fleets. You can leave this parameter empty when creating the fleet, but you must call [](https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateFleetPortSettings) to set it before players can connect to game sessions. As a best practice, we recommend opening ports for remote access only when you need them and closing them when you're finished. For Amazon GameLift Servers Realtime fleets, Amazon GameLift Servers automatically sets TCP and UDP ranges.", - "title": "EC2InboundPermissions", - "type": "array" - }, - "EC2InstanceType": { - "markdownDescription": "The Amazon GameLift Servers-supported Amazon EC2 instance type to use with managed EC2 fleets. Instance type determines the computing resources that will be used to host your game servers, including CPU, memory, storage, and networking capacity. See [Amazon Elastic Compute Cloud Instance Types](https://docs.aws.amazon.com/ec2/instance-types/) for detailed descriptions of Amazon EC2 instance types.", - "title": "EC2InstanceType", - "type": "string" - }, - "FleetType": { - "markdownDescription": "Indicates whether to use On-Demand or Spot instances for this fleet. By default, this property is set to `ON_DEMAND` . Learn more about when to use [On-Demand versus Spot Instances](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-ec2-instances.html#gamelift-ec2-instances-spot) . This fleet property can't be changed after the fleet is created.", - "title": "FleetType", - "type": "string" - }, - "InstanceRoleARN": { - "markdownDescription": "A unique identifier for an IAM role that manages access to your AWS services. With an instance role ARN set, any application that runs on an instance in this fleet can assume the role, including install scripts, server processes, and daemons (background processes). Create a role or look up a role's ARN by using the [IAM dashboard](https://docs.aws.amazon.com/iam/) in the AWS Management Console . Learn more about using on-box credentials for your game servers at [Access external resources from a game server](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-sdk-server-resources.html) . This attribute is used with fleets where `ComputeType` is `EC2` .", - "title": "InstanceRoleARN", - "type": "string" - }, - "InstanceRoleCredentialsProvider": { - "markdownDescription": "Indicates that fleet instances maintain a shared credentials file for the IAM role defined in `InstanceRoleArn` . Shared credentials allow applications that are deployed with the game server executable to communicate with other AWS resources. This property is used only when the game server is integrated with the server SDK version 5.x. For more information about using shared credentials, see [Communicate with other AWS resources from your fleets](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-sdk-server-resources.html) . This attribute is used with fleets where `ComputeType` is `EC2` .", - "title": "InstanceRoleCredentialsProvider", - "type": "string" - }, - "Locations": { - "items": { - "$ref": "#/definitions/AWS::GameLift::Fleet.LocationConfiguration" - }, - "markdownDescription": "A set of remote locations to deploy additional instances to and manage as a multi-location fleet. Use this parameter when creating a fleet in AWS Regions that support multiple locations. You can add any AWS Region or Local Zone that's supported by Amazon GameLift Servers. Provide a list of one or more AWS Region codes, such as `us-west-2` , or Local Zone names. When using this parameter, Amazon GameLift Servers requires you to include your home location in the request. For a list of supported Regions and Local Zones, see [Amazon GameLift Servers service locations](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-regions.html) for managed hosting.", - "title": "Locations", - "type": "array" - }, - "MaxSize": { - "type": "number" - }, - "MetricGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "The name of an AWS CloudWatch metric group to add this fleet to. A metric group is used to aggregate the metrics for multiple fleets. You can specify an existing metric group name or set a new name to create a new metric group. A fleet can be included in only one metric group at a time.", - "title": "MetricGroups", - "type": "array" - }, - "MinSize": { - "type": "number" - }, - "Name": { - "markdownDescription": "A descriptive label that is associated with a fleet. Fleet names do not need to be unique.", - "title": "Name", - "type": "string" - }, - "NewGameSessionProtectionPolicy": { - "markdownDescription": "The status of termination protection for active game sessions on the fleet. By default, this property is set to `NoProtection` .\n\n- *NoProtection* - Game sessions can be terminated during active gameplay as a result of a scale-down event.\n- *FullProtection* - Game sessions in `ACTIVE` status cannot be terminated during a scale-down event.", - "title": "NewGameSessionProtectionPolicy", - "type": "string" - }, - "PeerVpcAwsAccountId": { - "markdownDescription": "Used when peering your Amazon GameLift Servers fleet with a VPC, the unique identifier for the AWS account that owns the VPC. You can find your account ID in the AWS Management Console under account settings.", - "title": "PeerVpcAwsAccountId", - "type": "string" - }, - "PeerVpcId": { - "markdownDescription": "A unique identifier for a VPC with resources to be accessed by your Amazon GameLift Servers fleet. The VPC must be in the same Region as your fleet. To look up a VPC ID, use the [VPC Dashboard](https://docs.aws.amazon.com/vpc/) in the AWS Management Console . Learn more about VPC peering in [VPC Peering with Amazon GameLift Servers Fleets](https://docs.aws.amazon.com/gamelift/latest/developerguide/vpc-peering.html) .", - "title": "PeerVpcId", - "type": "string" - }, - "ResourceCreationLimitPolicy": { - "$ref": "#/definitions/AWS::GameLift::Fleet.ResourceCreationLimitPolicy", - "markdownDescription": "A policy that limits the number of game sessions that an individual player can create on instances in this fleet within a specified span of time.", - "title": "ResourceCreationLimitPolicy" - }, - "RuntimeConfiguration": { - "$ref": "#/definitions/AWS::GameLift::Fleet.RuntimeConfiguration", - "markdownDescription": "Instructions for how to launch and maintain server processes on instances in the fleet. The runtime configuration defines one or more server process configurations, each identifying a build executable or Realtime script file and the number of processes of that type to run concurrently.\n\n> The `RuntimeConfiguration` parameter is required unless the fleet is being configured using the older parameters `ServerLaunchPath` and `ServerLaunchParameters` , which are still supported for backward compatibility.", - "title": "RuntimeConfiguration" - }, - "ScalingPolicies": { - "items": { - "$ref": "#/definitions/AWS::GameLift::Fleet.ScalingPolicy" - }, - "markdownDescription": "Rule that controls how a fleet is scaled. Scaling policies are uniquely identified by the combination of name and fleet ID.", - "title": "ScalingPolicies", - "type": "array" - }, - "ScriptId": { - "markdownDescription": "The unique identifier for a Realtime configuration script to be deployed on fleet instances. You can use either the script ID or ARN. Scripts must be uploaded to Amazon GameLift Servers prior to creating the fleet. This fleet property cannot be changed later.\n\n> You can't use the `!Ref` command to reference a script created with a CloudFormation template for the fleet property `ScriptId` . Instead, use `Fn::GetAtt Script.Arn` or `Fn::GetAtt Script.Id` to retrieve either of these properties as input for `ScriptId` . Alternatively, enter a `ScriptId` string manually.", - "title": "ScriptId", - "type": "string" - } + "Devices": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.Device" }, - "required": [ - "Name" - ], - "type": "object" + "markdownDescription": "Any host devices to expose to the container. This parameter maps to `Devices` in the docker container create command and the `--device` option to docker run.\n\n> If you're using tasks that use the Fargate launch type, the `devices` parameter isn't supported.", + "title": "Devices", + "type": "array" }, - "Type": { - "enum": [ - "AWS::GameLift::Fleet" - ], - "type": "string" + "InitProcessEnabled": { + "markdownDescription": "Run an `init` process inside the container that forwards signals and reaps processes. This parameter maps to the `--init` option to docker run. This parameter requires version 1.25 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`", + "title": "InitProcessEnabled", + "type": "boolean" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "MaxSwap": { + "markdownDescription": "The total amount of swap memory (in MiB) a container can use. This parameter will be translated to the `--memory-swap` option to docker run where the value would be the sum of the container memory plus the `maxSwap` value.\n\nIf a `maxSwap` value of `0` is specified, the container will not use swap. Accepted values are `0` or any positive integer. If the `maxSwap` parameter is omitted, the container will use the swap configuration for the container instance it is running on. A `maxSwap` value must be set for the `swappiness` parameter to be used.\n\n> If you're using tasks that use the Fargate launch type, the `maxSwap` parameter isn't supported.\n> \n> If you're using tasks on Amazon Linux 2023 the `swappiness` parameter isn't supported.", + "title": "MaxSwap", + "type": "number" + }, + "SharedMemorySize": { + "markdownDescription": "The value for the size (in MiB) of the `/dev/shm` volume. This parameter maps to the `--shm-size` option to docker run.\n\n> If you are using tasks that use the Fargate launch type, the `sharedMemorySize` parameter is not supported.", + "title": "SharedMemorySize", + "type": "number" + }, + "Swappiness": { + "markdownDescription": "This allows you to tune a container's memory swappiness behavior. A `swappiness` value of `0` will cause swapping to not happen unless absolutely necessary. A `swappiness` value of `100` will cause pages to be swapped very aggressively. Accepted values are whole numbers between `0` and `100` . If the `swappiness` parameter is not specified, a default value of `60` is used. If a value is not specified for `maxSwap` then this parameter is ignored. This parameter maps to the `--memory-swappiness` option to docker run.\n\n> If you're using tasks that use the Fargate launch type, the `swappiness` parameter isn't supported.\n> \n> If you're using tasks on Amazon Linux 2023 the `swappiness` parameter isn't supported.", + "title": "Swappiness", + "type": "number" + }, + "Tmpfs": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.Tmpfs" + }, + "markdownDescription": "The container path, mount options, and size (in MiB) of the tmpfs mount. This parameter maps to the `--tmpfs` option to docker run.\n\n> If you're using tasks that use the Fargate launch type, the `tmpfs` parameter isn't supported.", + "title": "Tmpfs", + "type": "array" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::GameLift::Fleet.AnywhereConfiguration": { + "AWS::ECS::TaskDefinition.LogConfiguration": { "additionalProperties": false, "properties": { - "Cost": { - "markdownDescription": "The cost to run your fleet per hour. Amazon GameLift Servers uses the provided cost of your fleet to balance usage in queues. For more information about queues, see [Setting up queues](https://docs.aws.amazon.com/gamelift/latest/developerguide/queues-intro.html) in the *Amazon GameLift Servers Developer Guide* .", - "title": "Cost", + "LogDriver": { + "markdownDescription": "The log driver to use for the container.\n\nFor tasks on AWS Fargate , the supported log drivers are `awslogs` , `splunk` , and `awsfirelens` .\n\nFor tasks hosted on Amazon EC2 instances, the supported log drivers are `awslogs` , `fluentd` , `gelf` , `json-file` , `journald` , `syslog` , `splunk` , and `awsfirelens` .\n\nFor more information about using the `awslogs` log driver, see [Send Amazon ECS logs to CloudWatch](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_awslogs.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nFor more information about using the `awsfirelens` log driver, see [Send Amazon ECS logs to an AWS service or AWS Partner](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html) .\n\n> If you have a custom driver that isn't listed, you can fork the Amazon ECS container agent project that's [available on GitHub](https://docs.aws.amazon.com/https://github.com/aws/amazon-ecs-agent) and customize it to work with that driver. We encourage you to submit pull requests for changes that you would like to have included. However, we don't currently provide support for running modified copies of this software.", + "title": "LogDriver", "type": "string" + }, + "Options": { + "additionalProperties": true, + "markdownDescription": "The configuration options to send to the log driver.\n\nThe options you can specify depend on the log driver. Some of the options you can specify when you use the `awslogs` log driver to route logs to Amazon CloudWatch include the following:\n\n- **awslogs-create-group** - Required: No\n\nSpecify whether you want the log group to be created automatically. If this option isn't specified, it defaults to `false` .\n\n> Your IAM policy must include the `logs:CreateLogGroup` permission before you attempt to use `awslogs-create-group` .\n- **awslogs-region** - Required: Yes\n\nSpecify the AWS Region that the `awslogs` log driver is to send your Docker logs to. You can choose to send all of your logs from clusters in different Regions to a single region in CloudWatch Logs. This is so that they're all visible in one location. Otherwise, you can separate them by Region for more granularity. Make sure that the specified log group exists in the Region that you specify with this option.\n- **awslogs-group** - Required: Yes\n\nMake sure to specify a log group that the `awslogs` log driver sends its log streams to.\n- **awslogs-stream-prefix** - Required: Yes, when using Fargate.Optional when using EC2.\n\nUse the `awslogs-stream-prefix` option to associate a log stream with the specified prefix, the container name, and the ID of the Amazon ECS task that the container belongs to. If you specify a prefix with this option, then the log stream takes the format `prefix-name/container-name/ecs-task-id` .\n\nIf you don't specify a prefix with this option, then the log stream is named after the container ID that's assigned by the Docker daemon on the container instance. Because it's difficult to trace logs back to the container that sent them with just the Docker container ID (which is only available on the container instance), we recommend that you specify a prefix with this option.\n\nFor Amazon ECS services, you can use the service name as the prefix. Doing so, you can trace log streams to the service that the container belongs to, the name of the container that sent them, and the ID of the task that the container belongs to.\n\nYou must specify a stream-prefix for your logs to have your logs appear in the Log pane when using the Amazon ECS console.\n- **awslogs-datetime-format** - Required: No\n\nThis option defines a multiline start pattern in Python `strftime` format. A log message consists of a line that matches the pattern and any following lines that don\u2019t match the pattern. The matched line is the delimiter between log messages.\n\nOne example of a use case for using this format is for parsing output such as a stack dump, which might otherwise be logged in multiple entries. The correct pattern allows it to be captured in a single entry.\n\nFor more information, see [awslogs-datetime-format](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/awslogs/#awslogs-datetime-format) .\n\nYou cannot configure both the `awslogs-datetime-format` and `awslogs-multiline-pattern` options.\n\n> Multiline logging performs regular expression parsing and matching of all log messages. This might have a negative impact on logging performance.\n- **awslogs-multiline-pattern** - Required: No\n\nThis option defines a multiline start pattern that uses a regular expression. A log message consists of a line that matches the pattern and any following lines that don\u2019t match the pattern. The matched line is the delimiter between log messages.\n\nFor more information, see [awslogs-multiline-pattern](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/awslogs/#awslogs-multiline-pattern) .\n\nThis option is ignored if `awslogs-datetime-format` is also configured.\n\nYou cannot configure both the `awslogs-datetime-format` and `awslogs-multiline-pattern` options.\n\n> Multiline logging performs regular expression parsing and matching of all log messages. This might have a negative impact on logging performance.\n\nThe following options apply to all supported log drivers.\n\n- **mode** - Required: No\n\nValid values: `non-blocking` | `blocking`\n\nThis option defines the delivery mode of log messages from the container to the log driver specified using `logDriver` . The delivery mode you choose affects application availability when the flow of logs from container is interrupted.\n\nIf you use the `blocking` mode and the flow of logs is interrupted, calls from container code to write to the `stdout` and `stderr` streams will block. The logging thread of the application will block as a result. This may cause the application to become unresponsive and lead to container healthcheck failure.\n\nIf you use the `non-blocking` mode, the container's logs are instead stored in an in-memory intermediate buffer configured with the `max-buffer-size` option. This prevents the application from becoming unresponsive when logs cannot be sent. We recommend using this mode if you want to ensure service availability and are okay with some log loss. For more information, see [Preventing log loss with non-blocking mode in the `awslogs` container log driver](https://docs.aws.amazon.com/containers/preventing-log-loss-with-non-blocking-mode-in-the-awslogs-container-log-driver/) .\n\nYou can set a default `mode` for all containers in a specific AWS Region by using the `defaultLogDriverMode` account setting. If you don't specify the `mode` option or configure the account setting, Amazon ECS will default to the `non-blocking` mode. For more information about the account setting, see [Default log driver mode](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-account-settings.html#default-log-driver-mode) in the *Amazon Elastic Container Service Developer Guide* .\n\n> On June 25, 2025, Amazon ECS changed the default log driver mode from `blocking` to `non-blocking` to prioritize task availability over logging. To continue using the `blocking` mode after this change, do one of the following:\n> \n> - Set the `mode` option in your container definition's `logConfiguration` as `blocking` .\n> - Set the `defaultLogDriverMode` account setting to `blocking` .\n- **max-buffer-size** - Required: No\n\nDefault value: `1m`\n\nWhen `non-blocking` mode is used, the `max-buffer-size` log option controls the size of the buffer that's used for intermediate message storage. Make sure to specify an adequate buffer size based on your application. When the buffer fills up, further logs cannot be stored. Logs that cannot be stored are lost.\n\nTo route logs using the `splunk` log router, you need to specify a `splunk-token` and a `splunk-url` .\n\nWhen you use the `awsfirelens` log router to route logs to an AWS Service or AWS Partner Network destination for log storage and analytics, you can set the `log-driver-buffer-limit` option to limit the number of events that are buffered in memory, before being sent to the log router container. It can help to resolve potential log loss issue because high throughput might result in memory running out for the buffer inside of Docker.\n\nOther options you can specify when using `awsfirelens` to route logs depend on the destination. When you export logs to Amazon Data Firehose, you can specify the AWS Region with `region` and a name for the log stream with `delivery_stream` .\n\nWhen you export logs to Amazon Kinesis Data Streams, you can specify an AWS Region with `region` and a data stream name with `stream` .\n\nWhen you export logs to Amazon OpenSearch Service, you can specify options like `Name` , `Host` (OpenSearch Service endpoint without protocol), `Port` , `Index` , `Type` , `Aws_auth` , `Aws_region` , `Suppress_Type_Name` , and `tls` . For more information, see [Under the hood: FireLens for Amazon ECS Tasks](https://docs.aws.amazon.com/containers/under-the-hood-firelens-for-amazon-ecs-tasks/) .\n\nWhen you export logs to Amazon S3, you can specify the bucket using the `bucket` option. You can also specify `region` , `total_file_size` , `upload_timeout` , and `use_put_object` as options.\n\nThis parameter requires version 1.19 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Options", + "type": "object" + }, + "SecretOptions": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.Secret" + }, + "markdownDescription": "The secrets to pass to the log configuration. For more information, see [Specifying sensitive data](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "SecretOptions", + "type": "array" } }, "required": [ - "Cost" + "LogDriver" ], "type": "object" }, - "AWS::GameLift::Fleet.CertificateConfiguration": { + "AWS::ECS::TaskDefinition.MountPoint": { "additionalProperties": false, "properties": { - "CertificateType": { - "markdownDescription": "Indicates whether a TLS/SSL certificate is generated for a fleet.\n\nValid values include:\n\n- *GENERATED* - Generate a TLS/SSL certificate for this fleet.\n- *DISABLED* - (default) Do not generate a TLS/SSL certificate for this fleet.", - "title": "CertificateType", + "ContainerPath": { + "markdownDescription": "The path on the container to mount the host volume at.", + "title": "ContainerPath", + "type": "string" + }, + "ReadOnly": { + "markdownDescription": "If this value is `true` , the container has read-only access to the volume. If this value is `false` , then the container can write to the volume. The default value is `false` .", + "title": "ReadOnly", + "type": "boolean" + }, + "SourceVolume": { + "markdownDescription": "The name of the volume to mount. Must be a volume name referenced in the `name` parameter of task definition `volume` .", + "title": "SourceVolume", "type": "string" } }, - "required": [ - "CertificateType" - ], "type": "object" }, - "AWS::GameLift::Fleet.ConnectionPortRange": { + "AWS::ECS::TaskDefinition.PortMapping": { "additionalProperties": false, "properties": { - "FromPort": { + "AppProtocol": { + "markdownDescription": "The application protocol that's used for the port mapping. This parameter only applies to Service Connect. We recommend that you set this parameter to be consistent with the protocol that your application uses. If you set this parameter, Amazon ECS adds protocol-specific connection handling to the Service Connect proxy. If you set this parameter, Amazon ECS adds protocol-specific telemetry in the Amazon ECS console and CloudWatch.\n\nIf you don't set a value for this parameter, then TCP is used. However, Amazon ECS doesn't add protocol-specific telemetry for TCP.\n\n`appProtocol` is immutable in a Service Connect service. Updating this field requires a service deletion and redeployment.\n\nTasks that run in a namespace can use short names to connect to services in the namespace. Tasks can connect to services across all of the clusters in the namespace. Tasks connect through a managed proxy container that collects logs and metrics for increased visibility. Only the tasks that Amazon ECS services create are supported with Service Connect. For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "AppProtocol", + "type": "string" + }, + "ContainerPort": { + "markdownDescription": "The port number on the container that's bound to the user-specified or automatically assigned host port.\n\nIf you use containers in a task with the `awsvpc` or `host` network mode, specify the exposed ports using `containerPort` .\n\nIf you use containers in a task with the `bridge` network mode and you specify a container port and not a host port, your container automatically receives a host port in the ephemeral port range. For more information, see `hostPort` . Port mappings that are automatically assigned in this way do not count toward the 100 reserved ports limit of a container instance.", + "title": "ContainerPort", "type": "number" }, - "ToPort": { + "ContainerPortRange": { + "markdownDescription": "The port number range on the container that's bound to the dynamically mapped host port range.\n\nThe following rules apply when you specify a `containerPortRange` :\n\n- You must use either the `bridge` network mode or the `awsvpc` network mode.\n- This parameter is available for both the EC2 and AWS Fargate launch types.\n- This parameter is available for both the Linux and Windows operating systems.\n- The container instance must have at least version 1.67.0 of the container agent and at least version 1.67.0-1 of the `ecs-init` package\n- You can specify a maximum of 100 port ranges per container.\n- You do not specify a `hostPortRange` . The value of the `hostPortRange` is set as follows:\n\n- For containers in a task with the `awsvpc` network mode, the `hostPortRange` is set to the same value as the `containerPortRange` . This is a static mapping strategy.\n- For containers in a task with the `bridge` network mode, the Amazon ECS agent finds open host ports from the default ephemeral range and passes it to docker to bind them to the container ports.\n- The `containerPortRange` valid values are between 1 and 65535.\n- A port can only be included in one port mapping per container.\n- You cannot specify overlapping port ranges.\n- The first port in the range must be less than last port in the range.\n- Docker recommends that you turn off the docker-proxy in the Docker daemon config file when you have a large number of ports.\n\nFor more information, see [Issue #11185](https://docs.aws.amazon.com/https://github.com/moby/moby/issues/11185) on the Github website.\n\nFor information about how to turn off the docker-proxy in the Docker daemon config file, see [Docker daemon](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/bootstrap_container_instance.html#bootstrap_docker_daemon) in the *Amazon ECS Developer Guide* .\n\nYou can call [`DescribeTasks`](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DescribeTasks.html) to view the `hostPortRange` which are the host ports that are bound to the container ports.", + "title": "ContainerPortRange", + "type": "string" + }, + "HostPort": { + "markdownDescription": "The port number on the container instance to reserve for your container.\n\nIf you specify a `containerPortRange` , leave this field empty and the value of the `hostPort` is set as follows:\n\n- For containers in a task with the `awsvpc` network mode, the `hostPort` is set to the same value as the `containerPort` . This is a static mapping strategy.\n- For containers in a task with the `bridge` network mode, the Amazon ECS agent finds open ports on the host and automatically binds them to the container ports. This is a dynamic mapping strategy.\n\nIf you use containers in a task with the `awsvpc` or `host` network mode, the `hostPort` can either be left blank or set to the same value as the `containerPort` .\n\nIf you use containers in a task with the `bridge` network mode, you can specify a non-reserved host port for your container port mapping, or you can omit the `hostPort` (or set it to `0` ) while specifying a `containerPort` and your container automatically receives a port in the ephemeral port range for your container instance operating system and Docker version.\n\nThe default ephemeral port range for Docker version 1.6.0 and later is listed on the instance under `/proc/sys/net/ipv4/ip_local_port_range` . If this kernel parameter is unavailable, the default ephemeral port range from 49153 through 65535 (Linux) or 49152 through 65535 (Windows) is used. Do not attempt to specify a host port in the ephemeral port range as these are reserved for automatic assignment. In general, ports below 32768 are outside of the ephemeral port range.\n\nThe default reserved ports are 22 for SSH, the Docker ports 2375 and 2376, and the Amazon ECS container agent ports 51678-51680. Any host port that was previously specified in a running task is also reserved while the task is running. That is, after a task stops, the host port is released. The current reserved ports are displayed in the `remainingResources` of [DescribeContainerInstances](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DescribeContainerInstances.html) output. A container instance can have up to 100 reserved ports at a time. This number includes the default reserved ports. Automatically assigned ports aren't included in the 100 reserved ports quota.", + "title": "HostPort", "type": "number" + }, + "Name": { + "markdownDescription": "The name that's used for the port mapping. This parameter is the name that you use in the `serviceConnectConfiguration` and the `vpcLatticeConfigurations` of a service. The name can include up to 64 characters. The characters can include lowercase letters, numbers, underscores (_), and hyphens (-). The name can't start with a hyphen.", + "title": "Name", + "type": "string" + }, + "Protocol": { + "markdownDescription": "The protocol used for the port mapping. Valid values are `tcp` and `udp` . The default is `tcp` . `protocol` is immutable in a Service Connect service. Updating this field requires a service deletion and redeployment.", + "title": "Protocol", + "type": "string" } }, - "required": [ - "FromPort", - "ToPort" - ], "type": "object" }, - "AWS::GameLift::Fleet.ContainerGroupsConfiguration": { + "AWS::ECS::TaskDefinition.ProxyConfiguration": { "additionalProperties": false, "properties": { - "ConnectionPortRange": { - "$ref": "#/definitions/AWS::GameLift::Fleet.ConnectionPortRange" + "ContainerName": { + "markdownDescription": "The name of the container that will serve as the App Mesh proxy.", + "title": "ContainerName", + "type": "string" }, - "ContainerGroupDefinitionNames": { + "ProxyConfigurationProperties": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::ECS::TaskDefinition.KeyValuePair" }, + "markdownDescription": "The set of network configuration parameters to provide the Container Network Interface (CNI) plugin, specified as key-value pairs.\n\n- `IgnoredUID` - (Required) The user ID (UID) of the proxy container as defined by the `user` parameter in a container definition. This is used to ensure the proxy ignores its own traffic. If `IgnoredGID` is specified, this field can be empty.\n- `IgnoredGID` - (Required) The group ID (GID) of the proxy container as defined by the `user` parameter in a container definition. This is used to ensure the proxy ignores its own traffic. If `IgnoredUID` is specified, this field can be empty.\n- `AppPorts` - (Required) The list of ports that the application uses. Network traffic to these ports is forwarded to the `ProxyIngressPort` and `ProxyEgressPort` .\n- `ProxyIngressPort` - (Required) Specifies the port that incoming traffic to the `AppPorts` is directed to.\n- `ProxyEgressPort` - (Required) Specifies the port that outgoing traffic from the `AppPorts` is directed to.\n- `EgressIgnoredPorts` - (Required) The egress traffic going to the specified ports is ignored and not redirected to the `ProxyEgressPort` . It can be an empty list.\n- `EgressIgnoredIPs` - (Required) The egress traffic going to the specified IP addresses is ignored and not redirected to the `ProxyEgressPort` . It can be an empty list.", + "title": "ProxyConfigurationProperties", "type": "array" }, - "ContainerGroupsPerInstance": { - "$ref": "#/definitions/AWS::GameLift::Fleet.ContainerGroupsPerInstance" + "Type": { + "markdownDescription": "The proxy type. The only supported value is `APPMESH` .", + "title": "Type", + "type": "string" } }, "required": [ - "ConnectionPortRange", - "ContainerGroupDefinitionNames" + "ContainerName" ], "type": "object" }, - "AWS::GameLift::Fleet.ContainerGroupsPerInstance": { + "AWS::ECS::TaskDefinition.RepositoryCredentials": { "additionalProperties": false, "properties": { - "DesiredReplicaContainerGroupsPerInstance": { - "type": "number" - }, - "MaxReplicaContainerGroupsPerInstance": { - "type": "number" + "CredentialsParameter": { + "markdownDescription": "The Amazon Resource Name (ARN) of the secret containing the private repository credentials.\n\n> When you use the Amazon ECS API, AWS CLI , or AWS SDK, if the secret exists in the same Region as the task that you're launching then you can use either the full ARN or the name of the secret. When you use the AWS Management Console, you must specify the full ARN of the secret.", + "title": "CredentialsParameter", + "type": "string" } }, "type": "object" }, - "AWS::GameLift::Fleet.IpPermission": { + "AWS::ECS::TaskDefinition.ResourceRequirement": { "additionalProperties": false, "properties": { - "FromPort": { - "markdownDescription": "A starting value for a range of allowed port numbers.\n\nFor fleets using Linux builds, only ports `22` and `1026-60000` are valid.\n\nFor fleets using Windows builds, only ports `1026-60000` are valid.", - "title": "FromPort", - "type": "number" - }, - "IpRange": { - "markdownDescription": "A range of allowed IP addresses. This value must be expressed in CIDR notation. Example: \" `000.000.000.000/[subnet mask]` \" or optionally the shortened version \" `0.0.0.0/[subnet mask]` \".", - "title": "IpRange", + "Type": { + "markdownDescription": "The type of resource to assign to a container.", + "title": "Type", "type": "string" }, - "Protocol": { - "markdownDescription": "The network communication protocol used by the fleet.", - "title": "Protocol", + "Value": { + "markdownDescription": "The value for the specified resource type.\n\nWhen the type is `GPU` , the value is the number of physical `GPUs` the Amazon ECS container agent reserves for the container. The number of GPUs that's reserved for all containers in a task can't exceed the number of available GPUs on the container instance that the task is launched on.\n\nWhen the type is `InferenceAccelerator` , the `value` matches the `deviceName` for an [InferenceAccelerator](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_InferenceAccelerator.html) specified in a task definition.", + "title": "Value", "type": "string" - }, - "ToPort": { - "markdownDescription": "An ending value for a range of allowed port numbers. Port numbers are end-inclusive. This value must be equal to or greater than `FromPort` .\n\nFor fleets using Linux builds, only ports `22` and `1026-60000` are valid.\n\nFor fleets using Windows builds, only ports `1026-60000` are valid.", - "title": "ToPort", - "type": "number" } }, "required": [ - "FromPort", - "IpRange", - "Protocol", - "ToPort" + "Type", + "Value" ], "type": "object" }, - "AWS::GameLift::Fleet.LocationCapacity": { + "AWS::ECS::TaskDefinition.RestartPolicy": { "additionalProperties": false, "properties": { - "DesiredEC2Instances": { - "markdownDescription": "The number of Amazon EC2 instances you want to maintain in the specified fleet location. This value must fall between the minimum and maximum size limits. Changes in desired instance value can take up to 1 minute to be reflected when viewing the fleet's capacity settings.", - "title": "DesiredEC2Instances", - "type": "number" + "Enabled": { + "markdownDescription": "Specifies whether a restart policy is enabled for the container.", + "title": "Enabled", + "type": "boolean" }, - "MaxSize": { - "markdownDescription": "The maximum number of instances that are allowed in the specified fleet location. If this parameter is not set, the default is 1.", - "title": "MaxSize", - "type": "number" + "IgnoredExitCodes": { + "items": { + "type": "number" + }, + "markdownDescription": "A list of exit codes that Amazon ECS will ignore and not attempt a restart on. You can specify a maximum of 50 container exit codes. By default, Amazon ECS does not ignore any exit codes.", + "title": "IgnoredExitCodes", + "type": "array" }, - "MinSize": { - "markdownDescription": "The minimum number of instances that are allowed in the specified fleet location. If this parameter is not set, the default is 0.", - "title": "MinSize", + "RestartAttemptPeriod": { + "markdownDescription": "A period of time (in seconds) that the container must run for before a restart can be attempted. A container can be restarted only once every `restartAttemptPeriod` seconds. If a container isn't able to run for this time period and exits early, it will not be restarted. You can set a minimum `restartAttemptPeriod` of 60 seconds and a maximum `restartAttemptPeriod` of 1800 seconds. By default, a container must run for 300 seconds before it can be restarted.", + "title": "RestartAttemptPeriod", "type": "number" } }, - "required": [ - "DesiredEC2Instances", - "MaxSize", - "MinSize" - ], "type": "object" }, - "AWS::GameLift::Fleet.LocationConfiguration": { + "AWS::ECS::TaskDefinition.RuntimePlatform": { "additionalProperties": false, "properties": { - "Location": { - "markdownDescription": "An AWS Region code, such as `us-west-2` . For a list of supported Regions and Local Zones, see [Amazon GameLift Servers service locations](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-regions.html) for managed hosting.", - "title": "Location", + "CpuArchitecture": { + "markdownDescription": "The CPU architecture.\n\nYou can run your Linux tasks on an ARM-based platform by setting the value to `ARM64` . This option is available for tasks that run on Linux Amazon EC2 instance or Linux containers on Fargate.", + "title": "CpuArchitecture", "type": "string" }, - "LocationCapacity": { - "$ref": "#/definitions/AWS::GameLift::Fleet.LocationCapacity", - "markdownDescription": "Current resource capacity settings for managed EC2 fleets and managed container fleets. For multi-location fleets, location values might refer to a fleet's remote location or its home Region.\n\n*Returned by:* [DescribeFleetCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetCapacity.html) , [DescribeFleetLocationCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetLocationCapacity.html) , [UpdateFleetCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateFleetCapacity.html)", - "title": "LocationCapacity" + "OperatingSystemFamily": { + "markdownDescription": "The operating system.", + "title": "OperatingSystemFamily", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ECS::TaskDefinition.Secret": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the secret.", + "title": "Name", + "type": "string" + }, + "ValueFrom": { + "markdownDescription": "The secret to expose to the container. The supported values are either the full ARN of the AWS Secrets Manager secret or the full ARN of the parameter in the SSM Parameter Store.\n\nFor information about the require AWS Identity and Access Management permissions, see [Required IAM permissions for Amazon ECS secrets](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data-secrets.html#secrets-iam) (for Secrets Manager) or [Required IAM permissions for Amazon ECS secrets](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data-parameters.html) (for Systems Manager Parameter store) in the *Amazon Elastic Container Service Developer Guide* .\n\n> If the SSM Parameter Store parameter exists in the same Region as the task you're launching, then you can use either the full ARN or name of the parameter. If the parameter exists in a different Region, then the full ARN must be specified.", + "title": "ValueFrom", + "type": "string" } }, "required": [ - "Location" + "Name", + "ValueFrom" ], "type": "object" }, - "AWS::GameLift::Fleet.ResourceCreationLimitPolicy": { + "AWS::ECS::TaskDefinition.SystemControl": { "additionalProperties": false, "properties": { - "NewGameSessionsPerCreator": { - "markdownDescription": "A policy that puts limits on the number of game sessions that a player can create within a specified span of time. With this policy, you can control players' ability to consume available resources.\n\nThe policy is evaluated when a player tries to create a new game session. On receiving a `CreateGameSession` request, Amazon GameLift Servers checks that the player (identified by `CreatorId` ) has created fewer than game session limit in the specified time period.", - "title": "NewGameSessionsPerCreator", - "type": "number" + "Namespace": { + "markdownDescription": "The namespaced kernel parameter to set a `value` for.", + "title": "Namespace", + "type": "string" }, - "PolicyPeriodInMinutes": { - "markdownDescription": "The time span used in evaluating the resource creation limit policy.", - "title": "PolicyPeriodInMinutes", - "type": "number" + "Value": { + "markdownDescription": "The namespaced kernel parameter to set a `value` for.\n\nValid IPC namespace values: `\"kernel.msgmax\" | \"kernel.msgmnb\" | \"kernel.msgmni\" | \"kernel.sem\" | \"kernel.shmall\" | \"kernel.shmmax\" | \"kernel.shmmni\" | \"kernel.shm_rmid_forced\"` , and `Sysctls` that start with `\"fs.mqueue.*\"`\n\nValid network namespace values: `Sysctls` that start with `\"net.*\"` . Only namespaced `Sysctls` that exist within the container starting with \"net.* are accepted.\n\nAll of these values are supported by Fargate.", + "title": "Value", + "type": "string" } }, "type": "object" }, - "AWS::GameLift::Fleet.RuntimeConfiguration": { + "AWS::ECS::TaskDefinition.TaskDefinitionPlacementConstraint": { "additionalProperties": false, "properties": { - "GameSessionActivationTimeoutSeconds": { - "markdownDescription": "The maximum amount of time (in seconds) allowed to launch a new game session and have it report ready to host players. During this time, the game session is in status `ACTIVATING` . If the game session does not become active before the timeout, it is ended and the game session status is changed to `TERMINATED` .", - "title": "GameSessionActivationTimeoutSeconds", - "type": "number" + "Expression": { + "markdownDescription": "A cluster query language expression to apply to the constraint. For more information, see [Cluster query language](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "Expression", + "type": "string" }, - "MaxConcurrentGameSessionActivations": { - "markdownDescription": "The number of game sessions in status `ACTIVATING` to allow on an instance or compute. This setting limits the instance resources that can be used for new game activations at any one time.", - "title": "MaxConcurrentGameSessionActivations", - "type": "number" + "Type": { + "markdownDescription": "The type of constraint. The `MemberOf` constraint restricts selection to be from a group of valid candidates.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::ECS::TaskDefinition.Tmpfs": { + "additionalProperties": false, + "properties": { + "ContainerPath": { + "markdownDescription": "The absolute file path where the tmpfs volume is to be mounted.", + "title": "ContainerPath", + "type": "string" }, - "ServerProcesses": { + "MountOptions": { "items": { - "$ref": "#/definitions/AWS::GameLift::Fleet.ServerProcess" + "type": "string" }, - "markdownDescription": "A collection of server process configurations that identify what server processes to run on fleet computes.", - "title": "ServerProcesses", + "markdownDescription": "The list of tmpfs volume mount options.\n\nValid values: `\"defaults\" | \"ro\" | \"rw\" | \"suid\" | \"nosuid\" | \"dev\" | \"nodev\" | \"exec\" | \"noexec\" | \"sync\" | \"async\" | \"dirsync\" | \"remount\" | \"mand\" | \"nomand\" | \"atime\" | \"noatime\" | \"diratime\" | \"nodiratime\" | \"bind\" | \"rbind\" | \"unbindable\" | \"runbindable\" | \"private\" | \"rprivate\" | \"shared\" | \"rshared\" | \"slave\" | \"rslave\" | \"relatime\" | \"norelatime\" | \"strictatime\" | \"nostrictatime\" | \"mode\" | \"uid\" | \"gid\" | \"nr_inodes\" | \"nr_blocks\" | \"mpol\"`", + "title": "MountOptions", "type": "array" + }, + "Size": { + "markdownDescription": "The maximum size (in MiB) of the tmpfs volume.", + "title": "Size", + "type": "number" } }, + "required": [ + "Size" + ], "type": "object" }, - "AWS::GameLift::Fleet.ScalingPolicy": { + "AWS::ECS::TaskDefinition.Ulimit": { "additionalProperties": false, "properties": { - "ComparisonOperator": { - "markdownDescription": "Comparison operator to use when measuring a metric against the threshold value.", - "title": "ComparisonOperator", - "type": "string" - }, - "EvaluationPeriods": { - "markdownDescription": "Length of time (in minutes) the metric must be at or beyond the threshold before a scaling event is triggered.", - "title": "EvaluationPeriods", + "HardLimit": { + "markdownDescription": "The hard limit for the `ulimit` type. The value can be specified in bytes, seconds, or as a count, depending on the `type` of the `ulimit` .", + "title": "HardLimit", "type": "number" }, - "Location": { - "markdownDescription": "The fleet location.", - "title": "Location", - "type": "string" - }, - "MetricName": { - "markdownDescription": "Name of the Amazon GameLift Servers-defined metric that is used to trigger a scaling adjustment. For detailed descriptions of fleet metrics, see [Monitor Amazon GameLift Servers with Amazon CloudWatch](https://docs.aws.amazon.com/gamelift/latest/developerguide/monitoring-cloudwatch.html) .\n\n- *ActivatingGameSessions* -- Game sessions in the process of being created.\n- *ActiveGameSessions* -- Game sessions that are currently running.\n- *ActiveInstances* -- Fleet instances that are currently running at least one game session.\n- *AvailableGameSessions* -- Additional game sessions that fleet could host simultaneously, given current capacity.\n- *AvailablePlayerSessions* -- Empty player slots in currently active game sessions. This includes game sessions that are not currently accepting players. Reserved player slots are not included.\n- *CurrentPlayerSessions* -- Player slots in active game sessions that are being used by a player or are reserved for a player.\n- *IdleInstances* -- Active instances that are currently hosting zero game sessions.\n- *PercentAvailableGameSessions* -- Unused percentage of the total number of game sessions that a fleet could host simultaneously, given current capacity. Use this metric for a target-based scaling policy.\n- *PercentIdleInstances* -- Percentage of the total number of active instances that are hosting zero game sessions.\n- *QueueDepth* -- Pending game session placement requests, in any queue, where the current fleet is the top-priority destination.\n- *WaitTime* -- Current wait time for pending game session placement requests, in any queue, where the current fleet is the top-priority destination.", - "title": "MetricName", - "type": "string" - }, "Name": { - "markdownDescription": "A descriptive label that is associated with a fleet's scaling policy. Policy names do not need to be unique.", + "markdownDescription": "The `type` of the `ulimit` .", "title": "Name", "type": "string" }, - "PolicyType": { - "markdownDescription": "The type of scaling policy to create. For a target-based policy, set the parameter *MetricName* to 'PercentAvailableGameSessions' and specify a *TargetConfiguration* . For a rule-based policy set the following parameters: *MetricName* , *ComparisonOperator* , *Threshold* , *EvaluationPeriods* , *ScalingAdjustmentType* , and *ScalingAdjustment* .", - "title": "PolicyType", - "type": "string" - }, - "ScalingAdjustment": { - "markdownDescription": "Amount of adjustment to make, based on the scaling adjustment type.", - "title": "ScalingAdjustment", - "type": "number" - }, - "ScalingAdjustmentType": { - "markdownDescription": "The type of adjustment to make to a fleet's instance count.\n\n- *ChangeInCapacity* -- add (or subtract) the scaling adjustment value from the current instance count. Positive values scale up while negative values scale down.\n- *ExactCapacity* -- set the instance count to the scaling adjustment value.\n- *PercentChangeInCapacity* -- increase or reduce the current instance count by the scaling adjustment, read as a percentage. Positive values scale up while negative values scale down.", - "title": "ScalingAdjustmentType", - "type": "string" - }, - "Status": { - "markdownDescription": "Current status of the scaling policy. The scaling policy can be in force only when in an `ACTIVE` status. Scaling policies can be suspended for individual fleets. If the policy is suspended for a fleet, the policy status does not change.\n\n- *ACTIVE* -- The scaling policy can be used for auto-scaling a fleet.\n- *UPDATE_REQUESTED* -- A request to update the scaling policy has been received.\n- *UPDATING* -- A change is being made to the scaling policy.\n- *DELETE_REQUESTED* -- A request to delete the scaling policy has been received.\n- *DELETING* -- The scaling policy is being deleted.\n- *DELETED* -- The scaling policy has been deleted.\n- *ERROR* -- An error occurred in creating the policy. It should be removed and recreated.", - "title": "Status", - "type": "string" - }, - "TargetConfiguration": { - "$ref": "#/definitions/AWS::GameLift::Fleet.TargetConfiguration", - "markdownDescription": "An object that contains settings for a target-based scaling policy.", - "title": "TargetConfiguration" - }, - "Threshold": { - "markdownDescription": "Metric value used to trigger a scaling event.", - "title": "Threshold", + "SoftLimit": { + "markdownDescription": "The soft limit for the `ulimit` type. The value can be specified in bytes, seconds, or as a count, depending on the `type` of the `ulimit` .", + "title": "SoftLimit", "type": "number" - }, - "UpdateStatus": { - "markdownDescription": "The current status of the fleet's scaling policies in a requested fleet location. The status `PENDING_UPDATE` indicates that an update was requested for the fleet but has not yet been completed for the location.", - "title": "UpdateStatus", - "type": "string" } }, "required": [ - "MetricName", - "Name" + "HardLimit", + "Name", + "SoftLimit" ], "type": "object" }, - "AWS::GameLift::Fleet.ServerProcess": { + "AWS::ECS::TaskDefinition.Volume": { "additionalProperties": false, "properties": { - "ConcurrentExecutions": { - "markdownDescription": "The number of server processes using this configuration that run concurrently on each instance or compute.", - "title": "ConcurrentExecutions", - "type": "number" + "ConfiguredAtLaunch": { + "markdownDescription": "Indicates whether the volume should be configured at launch time. This is used to create Amazon EBS volumes for standalone tasks or tasks created as part of a service. Each task definition revision may only have one volume configured at launch in the volume configuration.\n\nTo configure a volume at launch time, use this task definition revision and specify a `volumeConfigurations` object when calling the `CreateService` , `UpdateService` , `RunTask` or `StartTask` APIs.", + "title": "ConfiguredAtLaunch", + "type": "boolean" }, - "LaunchPath": { - "markdownDescription": "The location of a game build executable or Realtime script. Game builds and Realtime scripts are installed on instances at the root:\n\n- Windows (custom game builds only): `C:\\game` . Example: \" `C:\\game\\MyGame\\server.exe` \"\n- Linux: `/local/game` . Examples: \" `/local/game/MyGame/server.exe` \" or \" `/local/game/MyRealtimeScript.js` \"\n\n> Amazon GameLift Servers doesn't support the use of setup scripts that launch the game executable. For custom game builds, this parameter must indicate the executable that calls the server SDK operations `initSDK()` and `ProcessReady()` .", - "title": "LaunchPath", - "type": "string" + "DockerVolumeConfiguration": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.DockerVolumeConfiguration", + "markdownDescription": "This parameter is specified when you use Docker volumes.\n\nWindows containers only support the use of the `local` driver. To use bind mounts, specify the `host` parameter instead.\n\n> Docker volumes aren't supported by tasks run on AWS Fargate .", + "title": "DockerVolumeConfiguration" }, - "Parameters": { - "markdownDescription": "An optional list of parameters to pass to the server executable or Realtime script on launch.\n\nLength Constraints: Minimum length of 1. Maximum length of 1024.\n\nPattern: [A-Za-z0-9_:.+\\/\\\\\\- =@{},?'\\[\\]\"]+", - "title": "Parameters", + "EFSVolumeConfiguration": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.EFSVolumeConfiguration", + "markdownDescription": "This parameter is specified when you use an Amazon Elastic File System file system for task storage.", + "title": "EFSVolumeConfiguration" + }, + "FSxWindowsFileServerVolumeConfiguration": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.FSxWindowsFileServerVolumeConfiguration", + "markdownDescription": "This parameter is specified when you use Amazon FSx for Windows File Server file system for task storage.", + "title": "FSxWindowsFileServerVolumeConfiguration" + }, + "Host": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.HostVolumeProperties", + "markdownDescription": "This parameter is specified when you use bind mount host volumes. The contents of the `host` parameter determine whether your bind mount host volume persists on the host container instance and where it's stored. If the `host` parameter is empty, then the Docker daemon assigns a host path for your data volume. However, the data isn't guaranteed to persist after the containers that are associated with it stop running.\n\nWindows containers can mount whole directories on the same drive as `$env:ProgramData` . Windows containers can't mount directories on a different drive, and mount point can't be across drives. For example, you can mount `C:\\my\\path:C:\\my\\path` and `D:\\:D:\\` , but not `D:\\my\\path:C:\\my\\path` or `D:\\:C:\\my\\path` .", + "title": "Host" + }, + "Name": { + "markdownDescription": "The name of the volume. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed.\n\nWhen using a volume configured at launch, the `name` is required and must also be specified as the volume name in the `ServiceVolumeConfiguration` or `TaskVolumeConfiguration` parameter when creating your service or standalone task.\n\nFor all other types of volumes, this name is referenced in the `sourceVolume` parameter of the `mountPoints` object in the container definition.\n\nWhen a volume is using the `efsVolumeConfiguration` , the name is required.", + "title": "Name", "type": "string" } }, - "required": [ - "ConcurrentExecutions", - "LaunchPath" - ], "type": "object" }, - "AWS::GameLift::Fleet.TargetConfiguration": { + "AWS::ECS::TaskDefinition.VolumeFrom": { "additionalProperties": false, "properties": { - "TargetValue": { - "markdownDescription": "Desired value to use with a target-based scaling policy. The value must be relevant for whatever metric the scaling policy is using. For example, in a policy using the metric PercentAvailableGameSessions, the target value should be the preferred size of the fleet's buffer (the percent of capacity that should be idle and ready for new game sessions).", - "title": "TargetValue", - "type": "number" + "ReadOnly": { + "markdownDescription": "If this value is `true` , the container has read-only access to the volume. If this value is `false` , then the container can write to the volume. The default value is `false` .", + "title": "ReadOnly", + "type": "boolean" + }, + "SourceContainer": { + "markdownDescription": "The name of another container within the same task definition to mount volumes from.", + "title": "SourceContainer", + "type": "string" } }, - "required": [ - "TargetValue" - ], "type": "object" }, - "AWS::GameLift::GameServerGroup": { + "AWS::ECS::TaskSet": { "additionalProperties": false, "properties": { "Condition": { @@ -103628,86 +106790,89 @@ "Properties": { "additionalProperties": false, "properties": { - "AutoScalingPolicy": { - "$ref": "#/definitions/AWS::GameLift::GameServerGroup.AutoScalingPolicy", - "markdownDescription": "Configuration settings to define a scaling policy for the Auto Scaling group that is optimized for game hosting. The scaling policy uses the metric `\"PercentUtilizedGameServers\"` to maintain a buffer of idle game servers that can immediately accommodate new games and players. After the Auto Scaling group is created, update this value directly in the Auto Scaling group using the AWS console or APIs.", - "title": "AutoScalingPolicy" - }, - "BalancingStrategy": { - "markdownDescription": "Indicates how Amazon GameLift Servers FleetIQ balances the use of Spot Instances and On-Demand Instances in the game server group. Method options include the following:\n\n- `SPOT_ONLY` - Only Spot Instances are used in the game server group. If Spot Instances are unavailable or not viable for game hosting, the game server group provides no hosting capacity until Spot Instances can again be used. Until then, no new instances are started, and the existing nonviable Spot Instances are terminated (after current gameplay ends) and are not replaced.\n- `SPOT_PREFERRED` - (default value) Spot Instances are used whenever available in the game server group. If Spot Instances are unavailable, the game server group continues to provide hosting capacity by falling back to On-Demand Instances. Existing nonviable Spot Instances are terminated (after current gameplay ends) and are replaced with new On-Demand Instances.\n- `ON_DEMAND_ONLY` - Only On-Demand Instances are used in the game server group. No Spot Instances are used, even when available, while this balancing strategy is in force.", - "title": "BalancingStrategy", - "type": "string" + "CapacityProviderStrategy": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskSet.CapacityProviderStrategyItem" + }, + "markdownDescription": "The capacity provider strategy that are associated with the task set.", + "title": "CapacityProviderStrategy", + "type": "array" }, - "DeleteOption": { - "markdownDescription": "The type of delete to perform. To delete a game server group, specify the `DeleteOption` . Options include the following:\n\n- `SAFE_DELETE` \u2013 (default) Terminates the game server group and Amazon EC2 Auto Scaling group only when it has no game servers that are in `UTILIZED` status.\n- `FORCE_DELETE` \u2013 Terminates the game server group, including all active game servers regardless of their utilization status, and the Amazon EC2 Auto Scaling group.\n- `RETAIN` \u2013 Does a safe delete of the game server group but retains the Amazon EC2 Auto Scaling group as is.", - "title": "DeleteOption", + "Cluster": { + "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the cluster that hosts the service to create the task set in.", + "title": "Cluster", "type": "string" }, - "GameServerGroupName": { - "markdownDescription": "A developer-defined identifier for the game server group. The name is unique for each Region in each AWS account.", - "title": "GameServerGroupName", + "ExternalId": { + "markdownDescription": "An optional non-unique tag that identifies this task set in external systems. If the task set is associated with a service discovery registry, the tasks in this task set will have the `ECS_TASK_SET_EXTERNAL_ID` AWS Cloud Map attribute set to the provided value.", + "title": "ExternalId", "type": "string" }, - "GameServerProtectionPolicy": { - "markdownDescription": "A flag that indicates whether instances in the game server group are protected from early termination. Unprotected instances that have active game servers running might be terminated during a scale-down event, causing players to be dropped from the game. Protected instances cannot be terminated while there are active game servers running except in the event of a forced game server group deletion (see ). An exception to this is with Spot Instances, which can be terminated by AWS regardless of protection status.", - "title": "GameServerProtectionPolicy", + "LaunchType": { + "markdownDescription": "The launch type that new tasks in the task set uses. For more information, see [Amazon ECS launch types](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/launch_types.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nIf a `launchType` is specified, the `capacityProviderStrategy` parameter must be omitted.", + "title": "LaunchType", "type": "string" }, - "InstanceDefinitions": { + "LoadBalancers": { "items": { - "$ref": "#/definitions/AWS::GameLift::GameServerGroup.InstanceDefinition" + "$ref": "#/definitions/AWS::ECS::TaskSet.LoadBalancer" }, - "markdownDescription": "The set of Amazon EC2 instance types that Amazon GameLift Servers FleetIQ can use when balancing and automatically scaling instances in the corresponding Auto Scaling group.", - "title": "InstanceDefinitions", + "markdownDescription": "A load balancer object representing the load balancer to use with the task set. The supported load balancer types are either an Application Load Balancer or a Network Load Balancer.", + "title": "LoadBalancers", "type": "array" }, - "LaunchTemplate": { - "$ref": "#/definitions/AWS::GameLift::GameServerGroup.LaunchTemplate", - "markdownDescription": "The Amazon EC2 launch template that contains configuration settings and game server code to be deployed to all instances in the game server group. You can specify the template using either the template name or ID. For help with creating a launch template, see [Creating a Launch Template for an Auto Scaling Group](https://docs.aws.amazon.com/autoscaling/ec2/userguide/create-launch-template.html) in the *Amazon Elastic Compute Cloud Auto Scaling User Guide* . After the Auto Scaling group is created, update this value directly in the Auto Scaling group using the AWS console or APIs.\n\n> If you specify network interfaces in your launch template, you must explicitly set the property `AssociatePublicIpAddress` to \"true\". If no network interface is specified in the launch template, Amazon GameLift Servers FleetIQ uses your account's default VPC.", - "title": "LaunchTemplate" + "NetworkConfiguration": { + "$ref": "#/definitions/AWS::ECS::TaskSet.NetworkConfiguration", + "markdownDescription": "The network configuration for the task set.", + "title": "NetworkConfiguration" }, - "MaxSize": { - "markdownDescription": "The maximum number of instances allowed in the Amazon EC2 Auto Scaling group. During automatic scaling events, Amazon GameLift Servers FleetIQ and EC2 do not scale up the group above this maximum. After the Auto Scaling group is created, update this value directly in the Auto Scaling group using the AWS console or APIs.", - "title": "MaxSize", - "type": "number" + "PlatformVersion": { + "markdownDescription": "The platform version that the tasks in the task set uses. A platform version is specified only for tasks using the Fargate launch type. If one isn't specified, the `LATEST` platform version is used.", + "title": "PlatformVersion", + "type": "string" }, - "MinSize": { - "markdownDescription": "The minimum number of instances allowed in the Amazon EC2 Auto Scaling group. During automatic scaling events, Amazon GameLift Servers FleetIQ and Amazon EC2 do not scale down the group below this minimum. In production, this value should be set to at least 1. After the Auto Scaling group is created, update this value directly in the Auto Scaling group using the AWS console or APIs.", - "title": "MinSize", - "type": "number" + "Scale": { + "$ref": "#/definitions/AWS::ECS::TaskSet.Scale", + "markdownDescription": "A floating-point percentage of your desired number of tasks to place and keep running in the task set.", + "title": "Scale" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name ( [ARN](https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-arn-format.html) ) for an IAM role that allows Amazon GameLift Servers to access your Amazon EC2 Auto Scaling groups.", - "title": "RoleArn", + "Service": { + "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the service to create the task set in.", + "title": "Service", "type": "string" }, - "Tags": { + "ServiceRegistries": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::ECS::TaskSet.ServiceRegistry" }, - "markdownDescription": "A list of labels to assign to the new game server group resource. Tags are developer-defined key-value pairs. Tagging AWS resources is useful for resource management, access management, and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference* . Once the resource is created, you can use TagResource, UntagResource, and ListTagsForResource to add, remove, and view tags, respectively. The maximum tag limit may be lower than stated. See the AWS General Reference for actual tagging limits.", - "title": "Tags", + "markdownDescription": "The details of the service discovery registries to assign to this task set. For more information, see [Service discovery](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-discovery.html) .", + "title": "ServiceRegistries", "type": "array" }, - "VpcSubnets": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of virtual private cloud (VPC) subnets to use with instances in the game server group. By default, all Amazon GameLift Servers FleetIQ-supported Availability Zones are used. You can use this parameter to specify VPCs that you've set up. This property cannot be updated after the game server group is created, and the corresponding Auto Scaling group will always use the property value that is set with this request, even if the Auto Scaling group is updated directly.", - "title": "VpcSubnets", + "markdownDescription": "The metadata that you apply to the task set to help you categorize and organize them. Each tag consists of a key and an optional value. You define both.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8\n- Maximum value length - 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", + "title": "Tags", "type": "array" + }, + "TaskDefinition": { + "markdownDescription": "The task definition for the tasks in the task set to use. If a revision isn't specified, the latest `ACTIVE` revision is used.", + "title": "TaskDefinition", + "type": "string" } }, "required": [ - "GameServerGroupName", - "InstanceDefinitions", - "RoleArn" + "Cluster", + "Service", + "TaskDefinition" ], "type": "object" }, "Type": { "enum": [ - "AWS::GameLift::GameServerGroup" + "AWS::ECS::TaskSet" ], "type": "string" }, @@ -103726,80 +106891,132 @@ ], "type": "object" }, - "AWS::GameLift::GameServerGroup.AutoScalingPolicy": { + "AWS::ECS::TaskSet.AwsVpcConfiguration": { "additionalProperties": false, "properties": { - "EstimatedInstanceWarmup": { - "markdownDescription": "Length of time, in seconds, it takes for a new instance to start new game server processes and register with Amazon GameLift Servers FleetIQ. Specifying a warm-up time can be useful, particularly with game servers that take a long time to start up, because it avoids prematurely starting new instances.", - "title": "EstimatedInstanceWarmup", - "type": "number" + "AssignPublicIp": { + "markdownDescription": "Whether the task's elastic network interface receives a public IP address.\n\nConsider the following when you set this value:\n\n- When you use `create-service` or `update-service` , the default is `DISABLED` .\n- When the service `deploymentController` is `ECS` , the value must be `DISABLED` .", + "title": "AssignPublicIp", + "type": "string" }, - "TargetTrackingConfiguration": { - "$ref": "#/definitions/AWS::GameLift::GameServerGroup.TargetTrackingConfiguration", - "markdownDescription": "Settings for a target-based scaling policy applied to Auto Scaling group. These settings are used to create a target-based policy that tracks the GameLift FleetIQ metric `PercentUtilizedGameServers` and specifies a target value for the metric. As player usage changes, the policy triggers to adjust the game server group capacity so that the metric returns to the target value.", - "title": "TargetTrackingConfiguration" + "SecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the security groups associated with the task or service. If you don't specify a security group, the default security group for the VPC is used. There's a limit of 5 security groups that can be specified.\n\n> All specified security groups must be from the same VPC.", + "title": "SecurityGroups", + "type": "array" + }, + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the subnets associated with the task or service. There's a limit of 16 subnets that can be specified.\n\n> All specified subnets must be from the same VPC.", + "title": "Subnets", + "type": "array" } }, "required": [ - "TargetTrackingConfiguration" + "Subnets" ], "type": "object" }, - "AWS::GameLift::GameServerGroup.InstanceDefinition": { + "AWS::ECS::TaskSet.CapacityProviderStrategyItem": { "additionalProperties": false, "properties": { - "InstanceType": { - "markdownDescription": "An Amazon EC2 instance type designation.", - "title": "InstanceType", - "type": "string" + "Base": { + "markdownDescription": "The *base* value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a *base* defined. If no value is specified, the default value of `0` is used.", + "title": "Base", + "type": "number" }, - "WeightedCapacity": { - "markdownDescription": "Instance weighting that indicates how much this instance type contributes to the total capacity of a game server group. Instance weights are used by Amazon GameLift Servers FleetIQ to calculate the instance type's cost per unit hour and better identify the most cost-effective options. For detailed information on weighting instance capacity, see [Instance Weighting](https://docs.aws.amazon.com/autoscaling/ec2/userguide/asg-instance-weighting.html) in the *Amazon Elastic Compute Cloud Auto Scaling User Guide* . Default value is \"1\".", - "title": "WeightedCapacity", + "CapacityProvider": { + "markdownDescription": "The short name of the capacity provider.", + "title": "CapacityProvider", "type": "string" + }, + "Weight": { + "markdownDescription": "The *weight* value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The `weight` value is taken into consideration after the `base` value, if defined, is satisfied.\n\nIf no `weight` value is specified, the default value of `0` is used. When multiple capacity providers are specified within a capacity provider strategy, at least one of the capacity providers must have a weight value greater than zero and any capacity providers with a weight of `0` can't be used to place tasks. If you specify multiple capacity providers in a strategy that all have a weight of `0` , any `RunTask` or `CreateService` actions using the capacity provider strategy will fail.\n\nAn example scenario for using weights is defining a strategy that contains two capacity providers and both have a weight of `1` , then when the `base` is satisfied, the tasks will be split evenly across the two capacity providers. Using that same logic, if you specify a weight of `1` for *capacityProviderA* and a weight of `4` for *capacityProviderB* , then for every one task that's run using *capacityProviderA* , four tasks would use *capacityProviderB* .", + "title": "Weight", + "type": "number" } }, - "required": [ - "InstanceType" - ], "type": "object" }, - "AWS::GameLift::GameServerGroup.LaunchTemplate": { + "AWS::ECS::TaskSet.LoadBalancer": { "additionalProperties": false, "properties": { - "LaunchTemplateId": { - "markdownDescription": "A unique identifier for an existing Amazon EC2 launch template.", - "title": "LaunchTemplateId", + "ContainerName": { + "markdownDescription": "The name of the container (as it appears in a container definition) to associate with the load balancer.\n\nYou need to specify the container name when configuring the target group for an Amazon ECS load balancer.", + "title": "ContainerName", "type": "string" }, - "LaunchTemplateName": { - "markdownDescription": "A readable identifier for an existing Amazon EC2 launch template.", - "title": "LaunchTemplateName", - "type": "string" + "ContainerPort": { + "markdownDescription": "The port on the container to associate with the load balancer. This port must correspond to a `containerPort` in the task definition the tasks in the service are using. For tasks that use the EC2 launch type, the container instance they're launched on must allow ingress traffic on the `hostPort` of the port mapping.", + "title": "ContainerPort", + "type": "number" }, - "Version": { - "markdownDescription": "The version of the Amazon EC2 launch template to use. If no version is specified, the default version will be used. With Amazon EC2, you can specify a default version for a launch template. If none is set, the default is the first version created.", - "title": "Version", + "TargetGroupArn": { + "markdownDescription": "The full Amazon Resource Name (ARN) of the Elastic Load Balancing target group or groups associated with a service or task set.\n\nA target group ARN is only specified when using an Application Load Balancer or Network Load Balancer.\n\nFor services using the `ECS` deployment controller, you can specify one or multiple target groups. For more information, see [Registering multiple target groups with a service](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/register-multiple-targetgroups.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nFor services using the `CODE_DEPLOY` deployment controller, you're required to define two target groups for the load balancer. For more information, see [Blue/green deployment with CodeDeploy](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-type-bluegreen.html) in the *Amazon Elastic Container Service Developer Guide* .\n\n> If your service's task definition uses the `awsvpc` network mode, you must choose `ip` as the target type, not `instance` . Do this when creating your target groups because tasks that use the `awsvpc` network mode are associated with an elastic network interface, not an Amazon EC2 instance. This network mode is required for the Fargate launch type.", + "title": "TargetGroupArn", "type": "string" } }, "type": "object" }, - "AWS::GameLift::GameServerGroup.TargetTrackingConfiguration": { + "AWS::ECS::TaskSet.NetworkConfiguration": { "additionalProperties": false, "properties": { - "TargetValue": { - "markdownDescription": "Desired value to use with a game server group target-based scaling policy.", - "title": "TargetValue", + "AwsVpcConfiguration": { + "$ref": "#/definitions/AWS::ECS::TaskSet.AwsVpcConfiguration", + "markdownDescription": "The VPC subnets and security groups that are associated with a task.\n\n> All specified subnets and security groups must be from the same VPC.", + "title": "AwsVpcConfiguration" + } + }, + "type": "object" + }, + "AWS::ECS::TaskSet.Scale": { + "additionalProperties": false, + "properties": { + "Unit": { + "markdownDescription": "The unit of measure for the scale value.", + "title": "Unit", + "type": "string" + }, + "Value": { + "markdownDescription": "The value, specified as a percent total of a service's `desiredCount` , to scale the task set. Accepted values are numbers between 0 and 100.", + "title": "Value", "type": "number" } }, - "required": [ - "TargetValue" - ], "type": "object" }, - "AWS::GameLift::GameSessionQueue": { + "AWS::ECS::TaskSet.ServiceRegistry": { + "additionalProperties": false, + "properties": { + "ContainerName": { + "markdownDescription": "The container name value to be used for your service discovery service. It's already specified in the task definition. If the task definition that your service task specifies uses the `bridge` or `host` network mode, you must specify a `containerName` and `containerPort` combination from the task definition. If the task definition that your service task specifies uses the `awsvpc` network mode and a type SRV DNS record is used, you must specify either a `containerName` and `containerPort` combination or a `port` value. However, you can't specify both.", + "title": "ContainerName", + "type": "string" + }, + "ContainerPort": { + "markdownDescription": "The port value to be used for your service discovery service. It's already specified in the task definition. If the task definition your service task specifies uses the `bridge` or `host` network mode, you must specify a `containerName` and `containerPort` combination from the task definition. If the task definition your service task specifies uses the `awsvpc` network mode and a type SRV DNS record is used, you must specify either a `containerName` and `containerPort` combination or a `port` value. However, you can't specify both.", + "title": "ContainerPort", + "type": "number" + }, + "Port": { + "markdownDescription": "The port value used if your service discovery service specified an SRV record. This field might be used if both the `awsvpc` network mode and SRV records are used.", + "title": "Port", + "type": "number" + }, + "RegistryArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the service registry. The currently supported service registry is AWS Cloud Map . For more information, see [CreateService](https://docs.aws.amazon.com/cloud-map/latest/api/API_CreateService.html) .", + "title": "RegistryArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EFS::AccessPoint": { "additionalProperties": false, "properties": { "Condition": { @@ -103834,69 +107051,43 @@ "Properties": { "additionalProperties": false, "properties": { - "CustomEventData": { - "markdownDescription": "Information to be added to all events that are related to this game session queue.", - "title": "CustomEventData", - "type": "string" - }, - "Destinations": { + "AccessPointTags": { "items": { - "$ref": "#/definitions/AWS::GameLift::GameSessionQueue.GameSessionQueueDestination" + "$ref": "#/definitions/AWS::EFS::AccessPoint.AccessPointTag" }, - "markdownDescription": "A list of fleets and/or fleet aliases that can be used to fulfill game session placement requests in the queue. Destinations are identified by either a fleet ARN or a fleet alias ARN, and are listed in order of placement preference.", - "title": "Destinations", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "AccessPointTags", "type": "array" }, - "FilterConfiguration": { - "$ref": "#/definitions/AWS::GameLift::GameSessionQueue.FilterConfiguration", - "markdownDescription": "A list of locations where a queue is allowed to place new game sessions. Locations are specified in the form of AWS Region codes, such as `us-west-2` . If this parameter is not set, game sessions can be placed in any queue location.", - "title": "FilterConfiguration" - }, - "Name": { - "markdownDescription": "A descriptive label that is associated with game session queue. Queue names must be unique within each Region.", - "title": "Name", + "ClientToken": { + "markdownDescription": "The opaque string specified in the request to ensure idempotent creation.", + "title": "ClientToken", "type": "string" }, - "NotificationTarget": { - "markdownDescription": "An SNS topic ARN that is set up to receive game session placement notifications. See [Setting up notifications for game session placement](https://docs.aws.amazon.com/gamelift/latest/developerguide/queue-notification.html) .", - "title": "NotificationTarget", + "FileSystemId": { + "markdownDescription": "The ID of the EFS file system that the access point applies to. Accepts only the ID format for input when specifying a file system, for example `fs-0123456789abcedf2` .", + "title": "FileSystemId", "type": "string" }, - "PlayerLatencyPolicies": { - "items": { - "$ref": "#/definitions/AWS::GameLift::GameSessionQueue.PlayerLatencyPolicy" - }, - "markdownDescription": "A set of policies that enforce a sliding cap on player latency when processing game sessions placement requests. Use multiple policies to gradually relax the cap over time if Amazon GameLift Servers can't make a placement. Policies are evaluated in order starting with the lowest maximum latency value.", - "title": "PlayerLatencyPolicies", - "type": "array" - }, - "PriorityConfiguration": { - "$ref": "#/definitions/AWS::GameLift::GameSessionQueue.PriorityConfiguration", - "markdownDescription": "Custom settings to use when prioritizing destinations and locations for game session placements. This configuration replaces the FleetIQ default prioritization process. Priority types that are not explicitly named will be automatically applied at the end of the prioritization process.", - "title": "PriorityConfiguration" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of labels to assign to the new game session queue resource. Tags are developer-defined key-value pairs. Tagging AWS resources are useful for resource management, access management and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference* . Once the resource is created, you can use TagResource, UntagResource, and ListTagsForResource to add, remove, and view tags. The maximum tag limit may be lower than stated. See the AWS General Reference for actual tagging limits.", - "title": "Tags", - "type": "array" + "PosixUser": { + "$ref": "#/definitions/AWS::EFS::AccessPoint.PosixUser", + "markdownDescription": "The full POSIX identity, including the user ID, group ID, and secondary group IDs on the access point that is used for all file operations by NFS clients using the access point.", + "title": "PosixUser" }, - "TimeoutInSeconds": { - "markdownDescription": "The maximum time, in seconds, that a new game session placement request remains in the queue. When a request exceeds this time, the game session placement changes to a `TIMED_OUT` status. If you don't specify a request timeout, the queue uses a default value.", - "title": "TimeoutInSeconds", - "type": "number" + "RootDirectory": { + "$ref": "#/definitions/AWS::EFS::AccessPoint.RootDirectory", + "markdownDescription": "The directory on the EFS file system that the access point exposes as the root directory to NFS clients using the access point.", + "title": "RootDirectory" } }, "required": [ - "Name" + "FileSystemId" ], "type": "object" }, "Type": { "enum": [ - "AWS::GameLift::GameSessionQueue" + "AWS::EFS::AccessPoint" ], "type": "string" }, @@ -103915,70 +107106,93 @@ ], "type": "object" }, - "AWS::GameLift::GameSessionQueue.FilterConfiguration": { + "AWS::EFS::AccessPoint.AccessPointTag": { "additionalProperties": false, "properties": { - "AllowedLocations": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of locations to allow game session placement in, in the form of AWS Region codes such as `us-west-2` .", - "title": "AllowedLocations", - "type": "array" + "Key": { + "markdownDescription": "The tag key (String). The key can't start with `aws:` .", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the tag key.", + "title": "Value", + "type": "string" } }, "type": "object" }, - "AWS::GameLift::GameSessionQueue.GameSessionQueueDestination": { + "AWS::EFS::AccessPoint.CreationInfo": { "additionalProperties": false, "properties": { - "DestinationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) that is assigned to fleet or fleet alias. ARNs, which include a fleet ID or alias ID and a Region name, provide a unique identifier across all Regions.", - "title": "DestinationArn", + "OwnerGid": { + "markdownDescription": "Specifies the POSIX group ID to apply to the `RootDirectory` . Accepts values from 0 to 2^32 (4294967295).", + "title": "OwnerGid", + "type": "string" + }, + "OwnerUid": { + "markdownDescription": "Specifies the POSIX user ID to apply to the `RootDirectory` . Accepts values from 0 to 2^32 (4294967295).", + "title": "OwnerUid", + "type": "string" + }, + "Permissions": { + "markdownDescription": "Specifies the POSIX permissions to apply to the `RootDirectory` , in the format of an octal number representing the file's mode bits.", + "title": "Permissions", "type": "string" } }, + "required": [ + "OwnerGid", + "OwnerUid", + "Permissions" + ], "type": "object" }, - "AWS::GameLift::GameSessionQueue.PlayerLatencyPolicy": { + "AWS::EFS::AccessPoint.PosixUser": { "additionalProperties": false, "properties": { - "MaximumIndividualPlayerLatencyMilliseconds": { - "markdownDescription": "The maximum latency value that is allowed for any player, in milliseconds. All policies must have a value set for this property.", - "title": "MaximumIndividualPlayerLatencyMilliseconds", - "type": "number" + "Gid": { + "markdownDescription": "The POSIX group ID used for all file system operations using this access point.", + "title": "Gid", + "type": "string" }, - "PolicyDurationSeconds": { - "markdownDescription": "The length of time, in seconds, that the policy is enforced while placing a new game session. A null value for this property means that the policy is enforced until the queue times out.", - "title": "PolicyDurationSeconds", - "type": "number" + "SecondaryGids": { + "items": { + "type": "string" + }, + "markdownDescription": "Secondary POSIX group IDs used for all file system operations using this access point.", + "title": "SecondaryGids", + "type": "array" + }, + "Uid": { + "markdownDescription": "The POSIX user ID used for all file system operations using this access point.", + "title": "Uid", + "type": "string" } }, + "required": [ + "Gid", + "Uid" + ], "type": "object" }, - "AWS::GameLift::GameSessionQueue.PriorityConfiguration": { + "AWS::EFS::AccessPoint.RootDirectory": { "additionalProperties": false, "properties": { - "LocationOrder": { - "items": { - "type": "string" - }, - "markdownDescription": "The prioritization order to use for fleet locations, when the `PriorityOrder` property includes `LOCATION` . Locations can include AWS Region codes (such as `us-west-2` ), local zones, and custom locations (for Anywhere fleets). Each location must be listed only once. For details, see [Amazon GameLift Servers service locations.](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-regions.html)", - "title": "LocationOrder", - "type": "array" + "CreationInfo": { + "$ref": "#/definitions/AWS::EFS::AccessPoint.CreationInfo", + "markdownDescription": "(Optional) Specifies the POSIX IDs and permissions to apply to the access point's `RootDirectory` . If the `RootDirectory` > `Path` specified does not exist, EFS creates the root directory using the `CreationInfo` settings when a client connects to an access point. When specifying the `CreationInfo` , you must provide values for all properties.\n\n> If you do not provide `CreationInfo` and the specified `RootDirectory` > `Path` does not exist, attempts to mount the file system using the access point will fail.", + "title": "CreationInfo" }, - "PriorityOrder": { - "items": { - "type": "string" - }, - "markdownDescription": "A custom sequence to use when prioritizing where to place new game sessions. Each priority type is listed once.\n\n- `LATENCY` -- Amazon GameLift Servers prioritizes locations where the average player latency is lowest. Player latency data is provided in each game session placement request.\n- `COST` -- Amazon GameLift Servers prioritizes queue destinations with the lowest current hosting costs. Cost is evaluated based on the destination's location, instance type, and fleet type (Spot or On-Demand).\n- `DESTINATION` -- Amazon GameLift Servers prioritizes based on the list order of destinations in the queue configuration.\n- `LOCATION` -- Amazon GameLift Servers prioritizes based on the provided order of locations, as defined in `LocationOrder` .", - "title": "PriorityOrder", - "type": "array" + "Path": { + "markdownDescription": "Specifies the path on the EFS file system to expose as the root directory to NFS clients using the access point to access the EFS file system. A path can have up to four subdirectories. If the specified path does not exist, you are required to provide the `CreationInfo` .", + "title": "Path", + "type": "string" } }, "type": "object" }, - "AWS::GameLift::Location": { + "AWS::EFS::FileSystem": { "additionalProperties": false, "properties": { "Condition": { @@ -104013,187 +107227,83 @@ "Properties": { "additionalProperties": false, "properties": { - "LocationName": { - "markdownDescription": "A descriptive name for the custom location.", - "title": "LocationName", + "AvailabilityZoneName": { + "markdownDescription": "For One Zone file systems, specify the AWS Availability Zone in which to create the file system. Use the format `us-east-1a` to specify the Availability Zone. For more information about One Zone file systems, see [EFS file system types](https://docs.aws.amazon.com/efs/latest/ug/availability-durability.html#file-system-type) in the *Amazon EFS User Guide* .\n\n> One Zone file systems are not available in all Availability Zones in AWS Regions where Amazon EFS is available.", + "title": "AvailabilityZoneName", "type": "string" }, - "Tags": { + "BackupPolicy": { + "$ref": "#/definitions/AWS::EFS::FileSystem.BackupPolicy", + "markdownDescription": "Use the `BackupPolicy` to turn automatic backups on or off for the file system.", + "title": "BackupPolicy" + }, + "BypassPolicyLockoutSafetyCheck": { + "markdownDescription": "(Optional) A boolean that specifies whether or not to bypass the `FileSystemPolicy` lockout safety check. The lockout safety check determines whether the policy in the request will lock out, or prevent, the IAM principal that is making the request from making future `PutFileSystemPolicy` requests on this file system. Set `BypassPolicyLockoutSafetyCheck` to `True` only when you intend to prevent the IAM principal that is making the request from making subsequent `PutFileSystemPolicy` requests on this file system. The default value is `False` .", + "title": "BypassPolicyLockoutSafetyCheck", + "type": "boolean" + }, + "Encrypted": { + "markdownDescription": "A Boolean value that, if true, creates an encrypted file system. When creating an encrypted file system, you have the option of specifying a KmsKeyId for an existing AWS KMS key . If you don't specify a KMS key , then the default KMS key for Amazon EFS , `/aws/elasticfilesystem` , is used to protect the encrypted file system.", + "title": "Encrypted", + "type": "boolean" + }, + "FileSystemPolicy": { + "markdownDescription": "The `FileSystemPolicy` for the EFS file system. A file system policy is an IAM resource policy used to control NFS access to an EFS file system. For more information, see [Using IAM to control NFS access to Amazon EFS](https://docs.aws.amazon.com/efs/latest/ug/iam-access-control-nfs-efs.html) in the *Amazon EFS User Guide* .", + "title": "FileSystemPolicy", + "type": "object" + }, + "FileSystemProtection": { + "$ref": "#/definitions/AWS::EFS::FileSystem.FileSystemProtection", + "markdownDescription": "Describes the protection on the file system.", + "title": "FileSystemProtection" + }, + "FileSystemTags": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::EFS::FileSystem.ElasticFileSystemTag" }, - "markdownDescription": "A list of labels to assign to the new resource. Tags are developer-defined key-value pairs. Tagging AWS resources are useful for resource management, access management, and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Rareference* .", - "title": "Tags", + "markdownDescription": "Use to create one or more tags associated with the file system. Each tag is a user-defined key-value pair. Name your file system on creation by including a `\"Key\":\"Name\",\"Value\":\"{value}\"` key-value pair. Each key must be unique. For more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference Guide* .", + "title": "FileSystemTags", "type": "array" - } - }, - "required": [ - "LocationName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::GameLift::Location" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::GameLift::MatchmakingConfiguration": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AcceptanceRequired": { - "markdownDescription": "A flag that determines whether a match that was created with this configuration must be accepted by the matched players. To require acceptance, set to `TRUE` . With this option enabled, matchmaking tickets use the status `REQUIRES_ACCEPTANCE` to indicate when a completed potential match is waiting for player acceptance.", - "title": "AcceptanceRequired", - "type": "boolean" }, - "AcceptanceTimeoutSeconds": { - "markdownDescription": "The length of time (in seconds) to wait for players to accept a proposed match, if acceptance is required.", - "title": "AcceptanceTimeoutSeconds", - "type": "number" - }, - "AdditionalPlayerCount": { - "markdownDescription": "The number of player slots in a match to keep open for future players. For example, if the configuration's rule set specifies a match for a single 12-person team, and the additional player count is set to 2, only 10 players are selected for the match. This parameter is not used if `FlexMatchMode` is set to `STANDALONE` .", - "title": "AdditionalPlayerCount", - "type": "number" - }, - "BackfillMode": { - "markdownDescription": "The method used to backfill game sessions that are created with this matchmaking configuration. Specify `MANUAL` when your game manages backfill requests manually or does not use the match backfill feature. Specify `AUTOMATIC` to have GameLift create a `StartMatchBackfill` request whenever a game session has one or more open slots. Learn more about manual and automatic backfill in [Backfill Existing Games with FlexMatch](https://docs.aws.amazon.com/gamelift/latest/flexmatchguide/match-backfill.html) . Automatic backfill is not available when `FlexMatchMode` is set to `STANDALONE` .", - "title": "BackfillMode", - "type": "string" - }, - "CreationTime": { - "markdownDescription": "A time stamp indicating when this data object was created. Format is a number expressed in Unix time as milliseconds (for example `\"1469498468.057\"` ).", - "title": "CreationTime", - "type": "string" - }, - "CustomEventData": { - "markdownDescription": "Information to add to all events related to the matchmaking configuration.", - "title": "CustomEventData", - "type": "string" - }, - "Description": { - "markdownDescription": "A description for the matchmaking configuration.", - "title": "Description", - "type": "string" - }, - "FlexMatchMode": { - "markdownDescription": "Indicates whether this matchmaking configuration is being used with Amazon GameLift Servers hosting or as a standalone matchmaking solution.\n\n- *STANDALONE* - FlexMatch forms matches and returns match information, including players and team assignments, in a [MatchmakingSucceeded](https://docs.aws.amazon.com/gamelift/latest/flexmatchguide/match-events.html#match-events-matchmakingsucceeded) event.\n- *WITH_QUEUE* - FlexMatch forms matches and uses the specified Amazon GameLift Servers queue to start a game session for the match.", - "title": "FlexMatchMode", - "type": "string" - }, - "GameProperties": { - "items": { - "$ref": "#/definitions/AWS::GameLift::MatchmakingConfiguration.GameProperty" - }, - "markdownDescription": "A set of custom properties for a game session, formatted as key-value pairs. These properties are passed to a game server process with a request to start a new game session. See [Start a Game Session](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-sdk-server-api.html#gamelift-sdk-server-startsession) . This parameter is not used if `FlexMatchMode` is set to `STANDALONE` .", - "title": "GameProperties", - "type": "array" - }, - "GameSessionData": { - "markdownDescription": "A set of custom game session properties, formatted as a single string value. This data is passed to a game server process with a request to start a new game session. See [Start a Game Session](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-sdk-server-api.html#gamelift-sdk-server-startsession) . This parameter is not used if `FlexMatchMode` is set to `STANDALONE` .", - "title": "GameSessionData", + "KmsKeyId": { + "markdownDescription": "The ID of the AWS KMS key to be used to protect the encrypted file system. This parameter is only required if you want to use a nondefault KMS key . If this parameter is not specified, the default KMS key for Amazon EFS is used. This ID can be in one of the following formats:\n\n- Key ID - A unique identifier of the key, for example `1234abcd-12ab-34cd-56ef-1234567890ab` .\n- ARN - An Amazon Resource Name (ARN) for the key, for example `arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab` .\n- Key alias - A previously created display name for a key, for example `alias/projectKey1` .\n- Key alias ARN - An ARN for a key alias, for example `arn:aws:kms:us-west-2:444455556666:alias/projectKey1` .\n\nIf `KmsKeyId` is specified, the `Encrypted` parameter must be set to true.", + "title": "KmsKeyId", "type": "string" }, - "GameSessionQueueArns": { + "LifecyclePolicies": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EFS::FileSystem.LifecyclePolicy" }, - "markdownDescription": "The Amazon Resource Name ( [ARN](https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-arn-format.html) ) that is assigned to a Amazon GameLift Servers game session queue resource and uniquely identifies it. ARNs are unique across all Regions. Format is `arn:aws:gamelift:::gamesessionqueue/` . Queues can be located in any Region. Queues are used to start new Amazon GameLift Servers-hosted game sessions for matches that are created with this matchmaking configuration. If `FlexMatchMode` is set to `STANDALONE` , do not set this parameter.", - "title": "GameSessionQueueArns", + "markdownDescription": "An array of `LifecyclePolicy` objects that define the file system's `LifecycleConfiguration` object. A `LifecycleConfiguration` object informs Lifecycle management of the following:\n\n- When to move files in the file system from primary storage to IA storage.\n- When to move files in the file system from primary storage or IA storage to Archive storage.\n- When to move files that are in IA or Archive storage to primary storage.\n\n> Amazon EFS requires that each `LifecyclePolicy` object have only a single transition. This means that in a request body, `LifecyclePolicies` needs to be structured as an array of `LifecyclePolicy` objects, one object for each transition, `TransitionToIA` , `TransitionToArchive` `TransitionToPrimaryStorageClass` . See the example requests in the following section for more information.", + "title": "LifecyclePolicies", "type": "array" }, - "Name": { - "markdownDescription": "A unique identifier for the matchmaking configuration. This name is used to identify the configuration associated with a matchmaking request or ticket.", - "title": "Name", - "type": "string" - }, - "NotificationTarget": { - "markdownDescription": "An SNS topic ARN that is set up to receive matchmaking notifications. See [Setting up notifications for matchmaking](https://docs.aws.amazon.com/gamelift/latest/flexmatchguide/match-notification.html) for more information.", - "title": "NotificationTarget", + "PerformanceMode": { + "markdownDescription": "The performance mode of the file system. We recommend `generalPurpose` performance mode for all file systems. File systems using the `maxIO` performance mode can scale to higher levels of aggregate throughput and operations per second with a tradeoff of slightly higher latencies for most file operations. The performance mode can't be changed after the file system has been created. The `maxIO` mode is not supported on One Zone file systems.\n\n> Due to the higher per-operation latencies with Max I/O, we recommend using General Purpose performance mode for all file systems. \n\nDefault is `generalPurpose` .", + "title": "PerformanceMode", "type": "string" }, - "RequestTimeoutSeconds": { - "markdownDescription": "The maximum duration, in seconds, that a matchmaking ticket can remain in process before timing out. Requests that fail due to timing out can be resubmitted as needed.", - "title": "RequestTimeoutSeconds", + "ProvisionedThroughputInMibps": { + "markdownDescription": "The throughput, measured in mebibytes per second (MiBps), that you want to provision for a file system that you're creating. Required if `ThroughputMode` is set to `provisioned` . Valid values are 1-3414 MiBps, with the upper limit depending on Region. To increase this limit, contact Support . For more information, see [Amazon EFS quotas that you can increase](https://docs.aws.amazon.com/efs/latest/ug/limits.html#soft-limits) in the *Amazon EFS User Guide* .", + "title": "ProvisionedThroughputInMibps", "type": "number" }, - "RuleSetArn": { - "markdownDescription": "The Amazon Resource Name ( [ARN](https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-arn-format.html) ) associated with the GameLift matchmaking rule set resource that this configuration uses.", - "title": "RuleSetArn", - "type": "string" + "ReplicationConfiguration": { + "$ref": "#/definitions/AWS::EFS::FileSystem.ReplicationConfiguration", + "markdownDescription": "Describes the replication configuration for a specific file system.", + "title": "ReplicationConfiguration" }, - "RuleSetName": { - "markdownDescription": "A unique identifier for the matchmaking rule set to use with this configuration. You can use either the rule set name or ARN value. A matchmaking configuration can only use rule sets that are defined in the same Region.", - "title": "RuleSetName", + "ThroughputMode": { + "markdownDescription": "Specifies the throughput mode for the file system. The mode can be `bursting` , `provisioned` , or `elastic` . If you set `ThroughputMode` to `provisioned` , you must also set a value for `ProvisionedThroughputInMibps` . After you create the file system, you can decrease your file system's Provisioned throughput or change between the throughput modes, with certain time restrictions. For more information, see [Specifying throughput with provisioned mode](https://docs.aws.amazon.com/efs/latest/ug/performance.html#provisioned-throughput) in the *Amazon EFS User Guide* .\n\nDefault is `bursting` .", + "title": "ThroughputMode", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of labels to assign to the new matchmaking configuration resource. Tags are developer-defined key-value pairs. Tagging AWS resources are useful for resource management, access management and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference* . Once the resource is created, you can use TagResource, UntagResource, and ListTagsForResource to add, remove, and view tags. The maximum tag limit may be lower than stated. See the AWS General Reference for actual tagging limits.", - "title": "Tags", - "type": "array" } }, - "required": [ - "AcceptanceRequired", - "Name", - "RequestTimeoutSeconds", - "RuleSetName" - ], "type": "object" }, "Type": { "enum": [ - "AWS::GameLift::MatchmakingConfiguration" + "AWS::EFS::FileSystem" ], "type": "string" }, @@ -104207,21 +107317,34 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::GameLift::MatchmakingConfiguration.GameProperty": { + "AWS::EFS::FileSystem.BackupPolicy": { + "additionalProperties": false, + "properties": { + "Status": { + "markdownDescription": "Set the backup policy status for the file system.\n\n- *`ENABLED`* - Turns automatic backups on for the file system.\n- *`DISABLED`* - Turns automatic backups off for the file system.", + "title": "Status", + "type": "string" + } + }, + "required": [ + "Status" + ], + "type": "object" + }, + "AWS::EFS::FileSystem.ElasticFileSystemTag": { "additionalProperties": false, "properties": { "Key": { - "markdownDescription": "The game property identifier.", + "markdownDescription": "The tag key (String). The key can't start with `aws:` .", "title": "Key", "type": "string" }, "Value": { - "markdownDescription": "The game property value.", + "markdownDescription": "The value of the tag key.", "title": "Value", "type": "string" } @@ -104232,7 +107355,94 @@ ], "type": "object" }, - "AWS::GameLift::MatchmakingRuleSet": { + "AWS::EFS::FileSystem.FileSystemProtection": { + "additionalProperties": false, + "properties": { + "ReplicationOverwriteProtection": { + "markdownDescription": "The status of the file system's replication overwrite protection.\n\n- `ENABLED` \u2013 The file system cannot be used as the destination file system in a replication configuration. The file system is writeable. Replication overwrite protection is `ENABLED` by default.\n- `DISABLED` \u2013 The file system can be used as the destination file system in a replication configuration. The file system is read-only and can only be modified by EFS replication.\n- `REPLICATING` \u2013 The file system is being used as the destination file system in a replication configuration. The file system is read-only and is modified only by EFS replication.\n\nIf the replication configuration is deleted, the file system's replication overwrite protection is re-enabled, the file system becomes writeable.", + "title": "ReplicationOverwriteProtection", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EFS::FileSystem.LifecyclePolicy": { + "additionalProperties": false, + "properties": { + "TransitionToArchive": { + "markdownDescription": "The number of days after files were last accessed in primary storage (the Standard storage class) at which to move them to Archive storage. Metadata operations such as listing the contents of a directory don't count as file access events.", + "title": "TransitionToArchive", + "type": "string" + }, + "TransitionToIA": { + "markdownDescription": "The number of days after files were last accessed in primary storage (the Standard storage class) at which to move them to Infrequent Access (IA) storage. Metadata operations such as listing the contents of a directory don't count as file access events.", + "title": "TransitionToIA", + "type": "string" + }, + "TransitionToPrimaryStorageClass": { + "markdownDescription": "Whether to move files back to primary (Standard) storage after they are accessed in IA or Archive storage. Metadata operations such as listing the contents of a directory don't count as file access events.", + "title": "TransitionToPrimaryStorageClass", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EFS::FileSystem.ReplicationConfiguration": { + "additionalProperties": false, + "properties": { + "Destinations": { + "items": { + "$ref": "#/definitions/AWS::EFS::FileSystem.ReplicationDestination" + }, + "markdownDescription": "An array of destination objects. Only one destination object is supported.", + "title": "Destinations", + "type": "array" + } + }, + "type": "object" + }, + "AWS::EFS::FileSystem.ReplicationDestination": { + "additionalProperties": false, + "properties": { + "AvailabilityZoneName": { + "markdownDescription": "For One Zone file systems, the replication configuration must specify the Availability Zone in which the destination file system is located.\n\nUse the format `us-east-1a` to specify the Availability Zone. For more information about One Zone file systems, see [EFS file system types](https://docs.aws.amazon.com/efs/latest/ug/storage-classes.html) in the *Amazon EFS User Guide* .\n\n> One Zone file system type is not available in all Availability Zones in AWS Regions where Amazon EFS is available.", + "title": "AvailabilityZoneName", + "type": "string" + }, + "FileSystemId": { + "markdownDescription": "The ID of the destination Amazon EFS file system.", + "title": "FileSystemId", + "type": "string" + }, + "KmsKeyId": { + "markdownDescription": "The ID of an AWS KMS key used to protect the encrypted file system.", + "title": "KmsKeyId", + "type": "string" + }, + "Region": { + "markdownDescription": "The AWS Region in which the destination file system is located.\n\n> For One Zone file systems, the replication configuration must specify the AWS Region in which the destination file system is located.", + "title": "Region", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the current source file system in the replication configuration.", + "title": "RoleArn", + "type": "string" + }, + "Status": { + "markdownDescription": "Describes the status of the replication configuration. For more information about replication status, see [Viewing replication details](https://docs.aws.amazon.com//efs/latest/ug/awsbackup.html#restoring-backup-efsmonitoring-replication-status.html) in the *Amazon EFS User Guide* .", + "title": "Status", + "type": "string" + }, + "StatusMessage": { + "markdownDescription": "Message that provides details about the `PAUSED` or `ERRROR` state of the replication destination configuration. For more information about replication status messages, see [Viewing replication details](https://docs.aws.amazon.com//efs/latest/ug/awsbackup.html#restoring-backup-efsmonitoring-replication-status.html) in the *Amazon EFS User Guide* .", + "title": "StatusMessage", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EFS::MountTarget": { "additionalProperties": false, "properties": { "Condition": { @@ -104267,34 +107477,50 @@ "Properties": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "A unique identifier for the matchmaking rule set. A matchmaking configuration identifies the rule set it uses by this name value. Note that the rule set name is different from the optional `name` field in the rule set body.", - "title": "Name", + "FileSystemId": { + "markdownDescription": "The ID of the file system for which to create the mount target.", + "title": "FileSystemId", "type": "string" }, - "RuleSetBody": { - "markdownDescription": "A collection of matchmaking rules, formatted as a JSON string. Comments are not allowed in JSON, but most elements support a description field.", - "title": "RuleSetBody", + "IpAddress": { + "markdownDescription": "If the `IpAddressType` for the mount target is IPv4 ( `IPV4_ONLY` or `DUAL_STACK` ), then specify the IPv4 address to use. If you do not specify an `IpAddress` , then Amazon EFS selects an unused IP address from the subnet specified for `SubnetId` .", + "title": "IpAddress", "type": "string" }, - "Tags": { + "IpAddressType": { + "markdownDescription": "The IP address type for the mount target. The possible values are `IPV4_ONLY` (only IPv4 addresses), `IPV6_ONLY` (only IPv6 addresses), and `DUAL_STACK` (dual-stack, both IPv4 and IPv6 addresses). If you don\u2019t specify an `IpAddressType` , then `IPV4_ONLY` is used.\n\n> The `IPAddressType` must match the IP type of the subnet. Additionally, the `IPAddressType` parameter overrides the value set as the default IP address for the subnet in the VPC. For example, if the `IPAddressType` is `IPV4_ONLY` and `AssignIpv6AddressOnCreation` is `true` , then IPv4 is used for the mount target. For more information, see [Modify the IP addressing attributes of your subnet](https://docs.aws.amazon.com/vpc/latest/userguide/subnet-public-ip.html) .", + "title": "IpAddressType", + "type": "string" + }, + "Ipv6Address": { + "markdownDescription": "If the `IPAddressType` for the mount target is IPv6 ( `IPV6_ONLY` or `DUAL_STACK` ), then specify the IPv6 address to use. If you do not specify an `Ipv6Address` , then Amazon EFS selects an unused IP address from the subnet specified for `SubnetId` .", + "title": "Ipv6Address", + "type": "string" + }, + "SecurityGroups": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "A list of labels to assign to the new matchmaking rule set resource. Tags are developer-defined key-value pairs. Tagging AWS resources are useful for resource management, access management and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference* . Once the resource is created, you can use TagResource, UntagResource, and ListTagsForResource to add, remove, and view tags. The maximum tag limit may be lower than stated. See the AWS General Reference for actual tagging limits.", - "title": "Tags", + "markdownDescription": "VPC security group IDs, of the form `sg-xxxxxxxx` . These must be for the same VPC as the subnet specified. The maximum number of security groups depends on account quota. For more information, see [Amazon VPC Quotas](https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html) in the *Amazon VPC User Guide* (see the *Security Groups* table). If you don't specify a security group, then Amazon EFS uses the default security group for the subnet's VPC.", + "title": "SecurityGroups", "type": "array" + }, + "SubnetId": { + "markdownDescription": "The ID of the subnet to add the mount target in. For One Zone file systems, use the subnet that is associated with the file system's Availability Zone. The subnet type must be the same type as the `IpAddressType` .", + "title": "SubnetId", + "type": "string" } }, "required": [ - "Name", - "RuleSetBody" + "FileSystemId", + "SecurityGroups", + "SubnetId" ], "type": "object" }, "Type": { "enum": [ - "AWS::GameLift::MatchmakingRuleSet" + "AWS::EFS::MountTarget" ], "type": "string" }, @@ -104313,7 +107539,7 @@ ], "type": "object" }, - "AWS::GameLift::Script": { + "AWS::EKS::AccessEntry": { "additionalProperties": false, "properties": { "Condition": { @@ -104348,38 +107574,60 @@ "Properties": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "A descriptive label that is associated with a script. Script names do not need to be unique.", - "title": "Name", + "AccessPolicies": { + "items": { + "$ref": "#/definitions/AWS::EKS::AccessEntry.AccessPolicy" + }, + "markdownDescription": "The access policies to associate to the access entry.", + "title": "AccessPolicies", + "type": "array" + }, + "ClusterName": { + "markdownDescription": "The name of your cluster.", + "title": "ClusterName", "type": "string" }, - "StorageLocation": { - "$ref": "#/definitions/AWS::GameLift::Script.S3Location", - "markdownDescription": "The location of the Amazon S3 bucket where a zipped file containing your Realtime scripts is stored. The storage location must specify the Amazon S3 bucket name, the zip file name (the \"key\"), and a role ARN that allows Amazon GameLift Servers to access the Amazon S3 storage location. The S3 bucket must be in the same Region where you want to create a new script. By default, Amazon GameLift Servers uploads the latest version of the zip file; if you have S3 object versioning turned on, you can use the `ObjectVersion` parameter to specify an earlier version.", - "title": "StorageLocation" + "KubernetesGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The value for `name` that you've specified for `kind: Group` as a `subject` in a Kubernetes `RoleBinding` or `ClusterRoleBinding` object. Amazon EKS doesn't confirm that the value for `name` exists in any bindings on your cluster. You can specify one or more names.\n\nKubernetes authorizes the `principalArn` of the access entry to access any cluster objects that you've specified in a Kubernetes `Role` or `ClusterRole` object that is also specified in a binding's `roleRef` . For more information about creating Kubernetes `RoleBinding` , `ClusterRoleBinding` , `Role` , or `ClusterRole` objects, see [Using RBAC Authorization in the Kubernetes documentation](https://docs.aws.amazon.com/https://kubernetes.io/docs/reference/access-authn-authz/rbac/) .\n\nIf you want Amazon EKS to authorize the `principalArn` (instead of, or in addition to Kubernetes authorizing the `principalArn` ), you can associate one or more access policies to the access entry using `AssociateAccessPolicy` . If you associate any access policies, the `principalARN` has all permissions assigned in the associated access policies and all permissions in any Kubernetes `Role` or `ClusterRole` objects that the group names are bound to.", + "title": "KubernetesGroups", + "type": "array" + }, + "PrincipalArn": { + "markdownDescription": "The ARN of the IAM principal for the `AccessEntry` . You can specify one ARN for each access entry. You can't specify the same ARN in more than one access entry. This value can't be changed after access entry creation.\n\nThe valid principals differ depending on the type of the access entry in the `type` field. For `STANDARD` access entries, you can use every IAM principal type. For nodes ( `EC2` (for EKS Auto Mode), `EC2_LINUX` , `EC2_WINDOWS` , `FARGATE_LINUX` , and `HYBRID_LINUX` ), the only valid ARN is IAM roles. You can't use the STS session principal type with access entries because this is a temporary principal for each session and not a permanent identity that can be assigned permissions.\n\n[IAM best practices](https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#bp-users-federation-idp) recommend using IAM roles with temporary credentials, rather than IAM users with long-term credentials.", + "title": "PrincipalArn", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of labels to assign to the new script resource. Tags are developer-defined key-value pairs. Tagging AWS resources are useful for resource management, access management and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference* . Once the resource is created, you can use TagResource, UntagResource, and ListTagsForResource to add, remove, and view tags. The maximum tag limit may be lower than stated. See the AWS General Reference for actual tagging limits.", + "markdownDescription": "Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or AWS resources.", "title": "Tags", "type": "array" }, - "Version": { - "markdownDescription": "The version that is associated with a build or script. Version strings do not need to be unique.", - "title": "Version", + "Type": { + "markdownDescription": "The type of the new access entry. Valid values are `STANDARD` , `FARGATE_LINUX` , `EC2_LINUX` , `EC2_WINDOWS` , `EC2` (for EKS Auto Mode), `HYBRID_LINUX` , and `HYPERPOD_LINUX` .\n\nIf the `principalArn` is for an IAM role that's used for self-managed Amazon EC2 nodes, specify `EC2_LINUX` or `EC2_WINDOWS` . Amazon EKS grants the necessary permissions to the node for you. If the `principalArn` is for any other purpose, specify `STANDARD` . If you don't specify a value, Amazon EKS sets the value to `STANDARD` . If you have the access mode of the cluster set to `API_AND_CONFIG_MAP` , it's unnecessary to create access entries for IAM roles used with Fargate profiles or managed Amazon EC2 nodes, because Amazon EKS creates entries in the `aws-auth` `ConfigMap` for the roles. You can't change this value once you've created the access entry.\n\nIf you set the value to `EC2_LINUX` or `EC2_WINDOWS` , you can't specify values for `kubernetesGroups` , or associate an `AccessPolicy` to the access entry.", + "title": "Type", + "type": "string" + }, + "Username": { + "markdownDescription": "The username to authenticate to Kubernetes with. We recommend not specifying a username and letting Amazon EKS specify it for you. For more information about the value Amazon EKS specifies for you, or constraints before specifying your own username, see [Creating access entries](https://docs.aws.amazon.com/eks/latest/userguide/access-entries.html#creating-access-entries) in the *Amazon EKS User Guide* .", + "title": "Username", "type": "string" } }, "required": [ - "StorageLocation" + "ClusterName", + "PrincipalArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::GameLift::Script" + "AWS::EKS::AccessEntry" ], "type": "string" }, @@ -104398,38 +107646,49 @@ ], "type": "object" }, - "AWS::GameLift::Script.S3Location": { + "AWS::EKS::AccessEntry.AccessPolicy": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "An Amazon S3 bucket identifier. Thename of the S3 bucket.\n\n> Amazon GameLift Servers doesn't support uploading from Amazon S3 buckets with names that contain a dot (.).", - "title": "Bucket", - "type": "string" - }, - "Key": { - "markdownDescription": "The name of the zip file that contains the build files or script files.", - "title": "Key", - "type": "string" + "AccessScope": { + "$ref": "#/definitions/AWS::EKS::AccessEntry.AccessScope", + "markdownDescription": "The scope of an `AccessPolicy` that's associated to an `AccessEntry` .", + "title": "AccessScope" }, - "ObjectVersion": { - "markdownDescription": "The version of the file, if object versioning is turned on for the bucket. Amazon GameLift Servers uses this information when retrieving files from an S3 bucket that you own. Use this parameter to specify a specific version of the file. If not set, the latest version of the file is retrieved.", - "title": "ObjectVersion", + "PolicyArn": { + "markdownDescription": "The ARN of the access policy.", + "title": "PolicyArn", "type": "string" + } + }, + "required": [ + "AccessScope", + "PolicyArn" + ], + "type": "object" + }, + "AWS::EKS::AccessEntry.AccessScope": { + "additionalProperties": false, + "properties": { + "Namespaces": { + "items": { + "type": "string" + }, + "markdownDescription": "A Kubernetes `namespace` that an access policy is scoped to. A value is required if you specified `namespace` for `Type` .", + "title": "Namespaces", + "type": "array" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name ( [ARN](https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-arn-format.html) ) for an IAM role that allows Amazon GameLift Servers to access the S3 bucket.", - "title": "RoleArn", + "Type": { + "markdownDescription": "The scope type of an access policy.", + "title": "Type", "type": "string" } }, "required": [ - "Bucket", - "Key", - "RoleArn" + "Type" ], "type": "object" }, - "AWS::GlobalAccelerator::Accelerator": { + "AWS::EKS::Addon": { "additionalProperties": false, "properties": { "Condition": { @@ -104464,46 +107723,67 @@ "Properties": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Indicates whether the accelerator is enabled. The value is true or false. The default value is true.\n\nIf the value is set to true, the accelerator cannot be deleted. If set to false, accelerator can be deleted.", - "title": "Enabled", - "type": "boolean" + "AddonName": { + "markdownDescription": "The name of the add-on.", + "title": "AddonName", + "type": "string" }, - "IpAddressType": { - "markdownDescription": "The IP address type that an accelerator supports. For a standard accelerator, the value can be IPV4 or DUAL_STACK.", - "title": "IpAddressType", + "AddonVersion": { + "markdownDescription": "The version of the add-on.", + "title": "AddonVersion", "type": "string" }, - "IpAddresses": { + "ClusterName": { + "markdownDescription": "The name of your cluster.", + "title": "ClusterName", + "type": "string" + }, + "ConfigurationValues": { + "markdownDescription": "The configuration values that you provided.", + "title": "ConfigurationValues", + "type": "string" + }, + "PodIdentityAssociations": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EKS::Addon.PodIdentityAssociation" }, - "markdownDescription": "Optionally, if you've added your own IP address pool to Global Accelerator (BYOIP), you can choose IP addresses from your own pool to use for the accelerator's static IP addresses when you create an accelerator. You can specify one or two addresses, separated by a comma. Do not include the /32 suffix.\n\nOnly one IP address from each of your IP address ranges can be used for each accelerator. If you specify only one IP address from your IP address range, Global Accelerator assigns a second static IP address for the accelerator from the AWS IP address pool.\n\nNote that you can't update IP addresses for an existing accelerator. To change them, you must create a new accelerator with the new addresses.\n\nFor more information, see [Bring Your Own IP Addresses (BYOIP)](https://docs.aws.amazon.com/global-accelerator/latest/dg/using-byoip.html) in the *AWS Global Accelerator Developer Guide* .", - "title": "IpAddresses", + "markdownDescription": "An array of EKS Pod Identity associations owned by the add-on. Each association maps a role to a service account in a namespace in the cluster.\n\nFor more information, see [Attach an IAM Role to an Amazon EKS add-on using EKS Pod Identity](https://docs.aws.amazon.com/eks/latest/userguide/add-ons-iam.html) in the *Amazon EKS User Guide* .", + "title": "PodIdentityAssociations", "type": "array" }, - "Name": { - "markdownDescription": "The name of the accelerator. The name must contain only alphanumeric characters or hyphens (-), and must not begin or end with a hyphen.", - "title": "Name", + "PreserveOnDelete": { + "markdownDescription": "Specifying this option preserves the add-on software on your cluster but Amazon EKS stops managing any settings for the add-on. If an IAM account is associated with the add-on, it isn't removed.", + "title": "PreserveOnDelete", + "type": "boolean" + }, + "ResolveConflicts": { + "markdownDescription": "How to resolve field value conflicts for an Amazon EKS add-on. Conflicts are handled based on the value you choose:\n\n- *None* \u2013 If the self-managed version of the add-on is installed on your cluster, Amazon EKS doesn't change the value. Creation of the add-on might fail.\n- *Overwrite* \u2013 If the self-managed version of the add-on is installed on your cluster and the Amazon EKS default value is different than the existing value, Amazon EKS changes the value to the Amazon EKS default value.\n- *Preserve* \u2013 This is similar to the NONE option. If the self-managed version of the add-on is installed on your cluster Amazon EKS doesn't change the add-on resource properties. Creation of the add-on might fail if conflicts are detected. This option works differently during the update operation. For more information, see [`UpdateAddon`](https://docs.aws.amazon.com/eks/latest/APIReference/API_UpdateAddon.html) .\n\nIf you don't currently have the self-managed version of the add-on installed on your cluster, the Amazon EKS add-on is installed. Amazon EKS sets all values to default values, regardless of the option that you specify.", + "title": "ResolveConflicts", + "type": "string" + }, + "ServiceAccountRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an existing IAM role to bind to the add-on's service account. The role must be assigned the IAM permissions required by the add-on. If you don't specify an existing IAM role, then the add-on uses the permissions assigned to the node IAM role. For more information, see [Amazon EKS node IAM role](https://docs.aws.amazon.com/eks/latest/userguide/create-node-role.html) in the *Amazon EKS User Guide* .\n\n> To specify an existing IAM role, you must have an IAM OpenID Connect (OIDC) provider created for your cluster. For more information, see [Enabling IAM roles for service accounts on your cluster](https://docs.aws.amazon.com/eks/latest/userguide/enable-iam-roles-for-service-accounts.html) in the *Amazon EKS User Guide* .", + "title": "ServiceAccountRoleArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Create tags for an accelerator.\n\nFor more information, see [Tagging](https://docs.aws.amazon.com/global-accelerator/latest/dg/tagging-in-global-accelerator.html) in the *AWS Global Accelerator Developer Guide* .", + "markdownDescription": "The metadata that you apply to the add-on to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Add-on tags do not propagate to any other resources associated with the cluster.", "title": "Tags", "type": "array" } }, "required": [ - "Name" + "AddonName", + "ClusterName" ], "type": "object" }, "Type": { "enum": [ - "AWS::GlobalAccelerator::Accelerator" + "AWS::EKS::Addon" ], "type": "string" }, @@ -104522,7 +107802,27 @@ ], "type": "object" }, - "AWS::GlobalAccelerator::CrossAccountAttachment": { + "AWS::EKS::Addon.PodIdentityAssociation": { + "additionalProperties": false, + "properties": { + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to associate with the service account. The EKS Pod Identity agent manages credentials to assume this role for applications in the containers in the Pods that use this service account.", + "title": "RoleArn", + "type": "string" + }, + "ServiceAccount": { + "markdownDescription": "The name of the Kubernetes service account inside the cluster to associate the IAM credentials with.", + "title": "ServiceAccount", + "type": "string" + } + }, + "required": [ + "RoleArn", + "ServiceAccount" + ], + "type": "object" + }, + "AWS::EKS::Cluster": { "additionalProperties": false, "properties": { "Condition": { @@ -104557,44 +107857,107 @@ "Properties": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the cross-account attachment.", - "title": "Name", - "type": "string" + "AccessConfig": { + "$ref": "#/definitions/AWS::EKS::Cluster.AccessConfig", + "markdownDescription": "The access configuration for the cluster.", + "title": "AccessConfig" }, - "Principals": { - "items": { - "type": "string" - }, - "markdownDescription": "The principals included in the cross-account attachment.", - "title": "Principals", - "type": "array" + "BootstrapSelfManagedAddons": { + "markdownDescription": "If you set this value to `False` when creating a cluster, the default networking add-ons will not be installed.\n\nThe default networking add-ons include `vpc-cni` , `coredns` , and `kube-proxy` .\n\nUse this option when you plan to install third-party alternative add-ons or self-manage the default networking add-ons.", + "title": "BootstrapSelfManagedAddons", + "type": "boolean" }, - "Resources": { + "ComputeConfig": { + "$ref": "#/definitions/AWS::EKS::Cluster.ComputeConfig", + "markdownDescription": "Indicates the current configuration of the compute capability on your EKS Auto Mode cluster. For example, if the capability is enabled or disabled. If the compute capability is enabled, EKS Auto Mode will create and delete EC2 Managed Instances in your AWS account. For more information, see EKS Auto Mode compute capability in the *Amazon EKS User Guide* .", + "title": "ComputeConfig" + }, + "EncryptionConfig": { "items": { - "$ref": "#/definitions/AWS::GlobalAccelerator::CrossAccountAttachment.Resource" + "$ref": "#/definitions/AWS::EKS::Cluster.EncryptionConfig" }, - "markdownDescription": "The resources included in the cross-account attachment.", - "title": "Resources", + "markdownDescription": "The encryption configuration for the cluster.", + "title": "EncryptionConfig", "type": "array" }, + "Force": { + "markdownDescription": "Set this value to `true` to override upgrade-blocking readiness checks when updating a cluster.", + "title": "Force", + "type": "boolean" + }, + "KubernetesNetworkConfig": { + "$ref": "#/definitions/AWS::EKS::Cluster.KubernetesNetworkConfig", + "markdownDescription": "The Kubernetes network configuration for the cluster.", + "title": "KubernetesNetworkConfig" + }, + "Logging": { + "$ref": "#/definitions/AWS::EKS::Cluster.Logging", + "markdownDescription": "The logging configuration for your cluster.", + "title": "Logging" + }, + "Name": { + "markdownDescription": "The unique name to give to your cluster. The name can contain only alphanumeric characters (case-sensitive) and hyphens. It must start with an alphanumeric character and can't be longer than 100 characters. The name must be unique within the AWS Region and AWS account that you're creating the cluster in. Note that underscores can't be used in AWS CloudFormation .", + "title": "Name", + "type": "string" + }, + "OutpostConfig": { + "$ref": "#/definitions/AWS::EKS::Cluster.OutpostConfig", + "markdownDescription": "An object representing the configuration of your local Amazon EKS cluster on an AWS Outpost. This object isn't available for clusters on the AWS cloud.", + "title": "OutpostConfig" + }, + "RemoteNetworkConfig": { + "$ref": "#/definitions/AWS::EKS::Cluster.RemoteNetworkConfig", + "markdownDescription": "The configuration in the cluster for EKS Hybrid Nodes. You can add, change, or remove this configuration after the cluster is created.", + "title": "RemoteNetworkConfig" + }, + "ResourcesVpcConfig": { + "$ref": "#/definitions/AWS::EKS::Cluster.ResourcesVpcConfig", + "markdownDescription": "The VPC configuration that's used by the cluster control plane. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see [Cluster VPC Considerations](https://docs.aws.amazon.com/eks/latest/userguide/network_reqs.html) and [Cluster Security Group Considerations](https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html) in the *Amazon EKS User Guide* . You must specify at least two subnets. You can specify up to five security groups, but we recommend that you use a dedicated security group for your cluster control plane.", + "title": "ResourcesVpcConfig" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf. For more information, see [Amazon EKS Service IAM Role](https://docs.aws.amazon.com/eks/latest/userguide/service_IAM_role.html) in the **Amazon EKS User Guide** .", + "title": "RoleArn", + "type": "string" + }, + "StorageConfig": { + "$ref": "#/definitions/AWS::EKS::Cluster.StorageConfig", + "markdownDescription": "Indicates the current configuration of the block storage capability on your EKS Auto Mode cluster. For example, if the capability is enabled or disabled. If the block storage capability is enabled, EKS Auto Mode will create and delete EBS volumes in your AWS account. For more information, see EKS Auto Mode block storage capability in the *Amazon EKS User Guide* .", + "title": "StorageConfig" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Add tags for a cross-account attachment.\n\nFor more information, see [Tagging in AWS Global Accelerator](https://docs.aws.amazon.com/global-accelerator/latest/dg/tagging-in-global-accelerator.html) in the *AWS Global Accelerator Developer Guide* .", + "markdownDescription": "The metadata that you apply to the cluster to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Cluster tags don't propagate to any other resources associated with the cluster.\n\n> You must have the `eks:TagResource` and `eks:UntagResource` permissions for your [IAM principal](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html) to manage the AWS CloudFormation stack. If you don't have these permissions, there might be unexpected behavior with stack-level tags propagating to the resource during resource creation and update.", "title": "Tags", "type": "array" + }, + "UpgradePolicy": { + "$ref": "#/definitions/AWS::EKS::Cluster.UpgradePolicy", + "markdownDescription": "This value indicates if extended support is enabled or disabled for the cluster.\n\n[Learn more about EKS Extended Support in the *Amazon EKS User Guide* .](https://docs.aws.amazon.com/eks/latest/userguide/extended-support-control.html)", + "title": "UpgradePolicy" + }, + "Version": { + "markdownDescription": "The desired Kubernetes version for your cluster. If you don't specify a value here, the default version available in Amazon EKS is used.\n\n> The default version might not be the latest version available.", + "title": "Version", + "type": "string" + }, + "ZonalShiftConfig": { + "$ref": "#/definitions/AWS::EKS::Cluster.ZonalShiftConfig", + "markdownDescription": "The configuration for zonal shift for the cluster.", + "title": "ZonalShiftConfig" } }, "required": [ - "Name" + "ResourcesVpcConfig", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::GlobalAccelerator::CrossAccountAttachment" + "AWS::EKS::Cluster" ], "type": "string" }, @@ -104613,26 +107976,335 @@ ], "type": "object" }, - "AWS::GlobalAccelerator::CrossAccountAttachment.Resource": { + "AWS::EKS::Cluster.AccessConfig": { "additionalProperties": false, "properties": { - "EndpointId": { - "markdownDescription": "The endpoint ID for the endpoint that is specified as a AWS resource.\n\nAn endpoint ID for the cross-account feature is the ARN of an AWS resource, such as a Network Load Balancer, that Global Accelerator supports as an endpoint for an accelerator.", - "title": "EndpointId", + "AuthenticationMode": { + "markdownDescription": "The desired authentication mode for the cluster. If you create a cluster by using the EKS API, AWS SDKs, or AWS CloudFormation , the default is `CONFIG_MAP` . If you create the cluster by using the AWS Management Console , the default value is `API_AND_CONFIG_MAP` .", + "title": "AuthenticationMode", "type": "string" }, - "Region": { - "markdownDescription": "The AWS Region where a shared endpoint resource is located.", - "title": "Region", + "BootstrapClusterCreatorAdminPermissions": { + "markdownDescription": "Specifies whether or not the cluster creator IAM principal was set as a cluster admin access entry during cluster creation time. The default value is `true` .", + "title": "BootstrapClusterCreatorAdminPermissions", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EKS::Cluster.BlockStorage": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Indicates if the block storage capability is enabled on your EKS Auto Mode cluster. If the block storage capability is enabled, EKS Auto Mode will create and delete EBS volumes in your AWS account.", + "title": "Enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EKS::Cluster.ClusterLogging": { + "additionalProperties": false, + "properties": { + "EnabledTypes": { + "items": { + "$ref": "#/definitions/AWS::EKS::Cluster.LoggingTypeConfig" + }, + "markdownDescription": "The enabled control plane logs for your cluster. All log types are disabled if the array is empty.\n\n> When updating a resource, you must include this `EnabledTypes` property if the previous CloudFormation template of the resource had it.", + "title": "EnabledTypes", + "type": "array" + } + }, + "type": "object" + }, + "AWS::EKS::Cluster.ComputeConfig": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Request to enable or disable the compute capability on your EKS Auto Mode cluster. If the compute capability is enabled, EKS Auto Mode will create and delete EC2 Managed Instances in your AWS account.", + "title": "Enabled", + "type": "boolean" + }, + "NodePools": { + "items": { + "type": "string" + }, + "markdownDescription": "Configuration for node pools that defines the compute resources for your EKS Auto Mode cluster. For more information, see EKS Auto Mode Node Pools in the *Amazon EKS User Guide* .", + "title": "NodePools", + "type": "array" + }, + "NodeRoleArn": { + "markdownDescription": "The ARN of the IAM Role EKS will assign to EC2 Managed Instances in your EKS Auto Mode cluster. This value cannot be changed after the compute capability of EKS Auto Mode is enabled. For more information, see the IAM Reference in the *Amazon EKS User Guide* .", + "title": "NodeRoleArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EKS::Cluster.ControlPlanePlacement": { + "additionalProperties": false, + "properties": { + "GroupName": { + "markdownDescription": "The name of the placement group for the Kubernetes control plane instances. This property is only used for a local cluster on an AWS Outpost.", + "title": "GroupName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EKS::Cluster.ElasticLoadBalancing": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Indicates if the load balancing capability is enabled on your EKS Auto Mode cluster. If the load balancing capability is enabled, EKS Auto Mode will create and delete load balancers in your AWS account.", + "title": "Enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EKS::Cluster.EncryptionConfig": { + "additionalProperties": false, + "properties": { + "Provider": { + "$ref": "#/definitions/AWS::EKS::Cluster.Provider", + "markdownDescription": "The encryption provider for the cluster.", + "title": "Provider" + }, + "Resources": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the resources to be encrypted. The only supported value is `secrets` .", + "title": "Resources", + "type": "array" + } + }, + "type": "object" + }, + "AWS::EKS::Cluster.KubernetesNetworkConfig": { + "additionalProperties": false, + "properties": { + "ElasticLoadBalancing": { + "$ref": "#/definitions/AWS::EKS::Cluster.ElasticLoadBalancing", + "markdownDescription": "Request to enable or disable the load balancing capability on your EKS Auto Mode cluster. For more information, see EKS Auto Mode load balancing capability in the *Amazon EKS User Guide* .", + "title": "ElasticLoadBalancing" + }, + "IpFamily": { + "markdownDescription": "Specify which IP family is used to assign Kubernetes pod and service IP addresses. If you don't specify a value, `ipv4` is used by default. You can only specify an IP family when you create a cluster and can't change this value once the cluster is created. If you specify `ipv6` , the VPC and subnets that you specify for cluster creation must have both `IPv4` and `IPv6` CIDR blocks assigned to them. You can't specify `ipv6` for clusters in China Regions.\n\nYou can only specify `ipv6` for `1.21` and later clusters that use version `1.10.1` or later of the Amazon VPC CNI add-on. If you specify `ipv6` , then ensure that your VPC meets the requirements listed in the considerations listed in [Assigning IPv6 addresses to pods and services](https://docs.aws.amazon.com/eks/latest/userguide/cni-ipv6.html) in the *Amazon EKS User Guide* . Kubernetes assigns services `IPv6` addresses from the unique local address range `(fc00::/7)` . You can't specify a custom `IPv6` CIDR block. Pod addresses are assigned from the subnet's `IPv6` CIDR.", + "title": "IpFamily", + "type": "string" + }, + "ServiceIpv4Cidr": { + "markdownDescription": "Don't specify a value if you select `ipv6` for *ipFamily* . The CIDR block to assign Kubernetes service IP addresses from. If you don't specify a block, Kubernetes assigns addresses from either the `10.100.0.0/16` or `172.20.0.0/16` CIDR blocks. We recommend that you specify a block that does not overlap with resources in other networks that are peered or connected to your VPC. The block must meet the following requirements:\n\n- Within one of the following private IP address blocks: `10.0.0.0/8` , `172.16.0.0/12` , or `192.168.0.0/16` .\n- Doesn't overlap with any CIDR block assigned to the VPC that you selected for VPC.\n- Between `/24` and `/12` .\n\n> You can only specify a custom CIDR block when you create a cluster. You can't change this value after the cluster is created.", + "title": "ServiceIpv4Cidr", + "type": "string" + }, + "ServiceIpv6Cidr": { + "markdownDescription": "The CIDR block that Kubernetes pod and service IP addresses are assigned from if you created a 1.21 or later cluster with version 1.10.1 or later of the Amazon VPC CNI add-on and specified `ipv6` for *ipFamily* when you created the cluster. Kubernetes assigns service addresses from the unique local address range ( `fc00::/7` ) because you can't specify a custom IPv6 CIDR block when you create the cluster.", + "title": "ServiceIpv6Cidr", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EKS::Cluster.Logging": { + "additionalProperties": false, + "properties": { + "ClusterLogging": { + "$ref": "#/definitions/AWS::EKS::Cluster.ClusterLogging", + "markdownDescription": "The cluster control plane logging configuration for your cluster.", + "title": "ClusterLogging" + } + }, + "type": "object" + }, + "AWS::EKS::Cluster.LoggingTypeConfig": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "The name of the log type.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EKS::Cluster.OutpostConfig": { + "additionalProperties": false, + "properties": { + "ControlPlaneInstanceType": { + "markdownDescription": "The Amazon EC2 instance type that you want to use for your local Amazon EKS cluster on Outposts. Choose an instance type based on the number of nodes that your cluster will have. For more information, see [Capacity considerations](https://docs.aws.amazon.com/eks/latest/userguide/eks-outposts-capacity-considerations.html) in the *Amazon EKS User Guide* .\n\nThe instance type that you specify is used for all Kubernetes control plane instances. The instance type can't be changed after cluster creation. The control plane is not automatically scaled by Amazon EKS.", + "title": "ControlPlaneInstanceType", + "type": "string" + }, + "ControlPlanePlacement": { + "$ref": "#/definitions/AWS::EKS::Cluster.ControlPlanePlacement", + "markdownDescription": "An object representing the placement configuration for all the control plane instances of your local Amazon EKS cluster on an AWS Outpost. For more information, see [Capacity considerations](https://docs.aws.amazon.com/eks/latest/userguide/eks-outposts-capacity-considerations.html) in the *Amazon EKS User Guide* .", + "title": "ControlPlanePlacement" + }, + "OutpostArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The ARN of the Outpost that you want to use for your local Amazon EKS cluster on Outposts. Only a single Outpost ARN is supported.", + "title": "OutpostArns", + "type": "array" + } + }, + "required": [ + "ControlPlaneInstanceType", + "OutpostArns" + ], + "type": "object" + }, + "AWS::EKS::Cluster.Provider": { + "additionalProperties": false, + "properties": { + "KeyArn": { + "markdownDescription": "Amazon Resource Name (ARN) or alias of the KMS key. The KMS key must be symmetric and created in the same AWS Region as the cluster. If the KMS key was created in a different account, the [IAM principal](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html) must have access to the KMS key. For more information, see [Allowing users in other accounts to use a KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-policy-modifying-external-accounts.html) in the *AWS Key Management Service Developer Guide* .", + "title": "KeyArn", "type": "string" } }, + "type": "object" + }, + "AWS::EKS::Cluster.RemoteNetworkConfig": { + "additionalProperties": false, + "properties": { + "RemoteNodeNetworks": { + "items": { + "$ref": "#/definitions/AWS::EKS::Cluster.RemoteNodeNetwork" + }, + "markdownDescription": "The list of network CIDRs that can contain hybrid nodes.\n\nThese CIDR blocks define the expected IP address range of the hybrid nodes that join the cluster. These blocks are typically determined by your network administrator.\n\nEnter one or more IPv4 CIDR blocks in decimal dotted-quad notation (for example, `10.2.0.0/16` ).\n\nIt must satisfy the following requirements:\n\n- Each block must be within an `IPv4` RFC-1918 network range. Minimum allowed size is /32, maximum allowed size is /8. Publicly-routable addresses aren't supported.\n- Each block cannot overlap with the range of the VPC CIDR blocks for your EKS resources, or the block of the Kubernetes service IP range.\n- Each block must have a route to the VPC that uses the VPC CIDR blocks, not public IPs or Elastic IPs. There are many options including AWS Transit Gateway , AWS Site-to-Site VPN , or AWS Direct Connect .\n- Each host must allow outbound connection to the EKS cluster control plane on TCP ports `443` and `10250` .\n- Each host must allow inbound connection from the EKS cluster control plane on TCP port 10250 for logs, exec and port-forward operations.\n- Each host must allow TCP and UDP network connectivity to and from other hosts that are running `CoreDNS` on UDP port `53` for service and pod DNS names.", + "title": "RemoteNodeNetworks", + "type": "array" + }, + "RemotePodNetworks": { + "items": { + "$ref": "#/definitions/AWS::EKS::Cluster.RemotePodNetwork" + }, + "markdownDescription": "The list of network CIDRs that can contain pods that run Kubernetes webhooks on hybrid nodes.\n\nThese CIDR blocks are determined by configuring your Container Network Interface (CNI) plugin. We recommend the Calico CNI or Cilium CNI. Note that the Amazon VPC CNI plugin for Kubernetes isn't available for on-premises and edge locations.\n\nEnter one or more IPv4 CIDR blocks in decimal dotted-quad notation (for example, `10.2.0.0/16` ).\n\nIt must satisfy the following requirements:\n\n- Each block must be within an `IPv4` RFC-1918 network range. Minimum allowed size is /32, maximum allowed size is /8. Publicly-routable addresses aren't supported.\n- Each block cannot overlap with the range of the VPC CIDR blocks for your EKS resources, or the block of the Kubernetes service IP range.", + "title": "RemotePodNetworks", + "type": "array" + } + }, "required": [ - "EndpointId" + "RemoteNodeNetworks" ], "type": "object" }, - "AWS::GlobalAccelerator::EndpointGroup": { + "AWS::EKS::Cluster.RemoteNodeNetwork": { + "additionalProperties": false, + "properties": { + "Cidrs": { + "items": { + "type": "string" + }, + "markdownDescription": "A network CIDR that can contain hybrid nodes.\n\nThese CIDR blocks define the expected IP address range of the hybrid nodes that join the cluster. These blocks are typically determined by your network administrator.\n\nEnter one or more IPv4 CIDR blocks in decimal dotted-quad notation (for example, `10.2.0.0/16` ).\n\nIt must satisfy the following requirements:\n\n- Each block must be within an `IPv4` RFC-1918 network range. Minimum allowed size is /32, maximum allowed size is /8. Publicly-routable addresses aren't supported.\n- Each block cannot overlap with the range of the VPC CIDR blocks for your EKS resources, or the block of the Kubernetes service IP range.\n- Each block must have a route to the VPC that uses the VPC CIDR blocks, not public IPs or Elastic IPs. There are many options including AWS Transit Gateway , AWS Site-to-Site VPN , or AWS Direct Connect .\n- Each host must allow outbound connection to the EKS cluster control plane on TCP ports `443` and `10250` .\n- Each host must allow inbound connection from the EKS cluster control plane on TCP port 10250 for logs, exec and port-forward operations.\n- Each host must allow TCP and UDP network connectivity to and from other hosts that are running `CoreDNS` on UDP port `53` for service and pod DNS names.", + "title": "Cidrs", + "type": "array" + } + }, + "required": [ + "Cidrs" + ], + "type": "object" + }, + "AWS::EKS::Cluster.RemotePodNetwork": { + "additionalProperties": false, + "properties": { + "Cidrs": { + "items": { + "type": "string" + }, + "markdownDescription": "A network CIDR that can contain pods that run Kubernetes webhooks on hybrid nodes.\n\nThese CIDR blocks are determined by configuring your Container Network Interface (CNI) plugin. We recommend the Calico CNI or Cilium CNI. Note that the Amazon VPC CNI plugin for Kubernetes isn't available for on-premises and edge locations.\n\nEnter one or more IPv4 CIDR blocks in decimal dotted-quad notation (for example, `10.2.0.0/16` ).\n\nIt must satisfy the following requirements:\n\n- Each block must be within an `IPv4` RFC-1918 network range. Minimum allowed size is /32, maximum allowed size is /8. Publicly-routable addresses aren't supported.\n- Each block cannot overlap with the range of the VPC CIDR blocks for your EKS resources, or the block of the Kubernetes service IP range.", + "title": "Cidrs", + "type": "array" + } + }, + "required": [ + "Cidrs" + ], + "type": "object" + }, + "AWS::EKS::Cluster.ResourcesVpcConfig": { + "additionalProperties": false, + "properties": { + "EndpointPrivateAccess": { + "markdownDescription": "Set this value to `true` to enable private access for your cluster's Kubernetes API server endpoint. If you enable private access, Kubernetes API requests from within your cluster's VPC use the private VPC endpoint. The default value for this parameter is `false` , which disables private access for your Kubernetes API server. If you disable private access and you have nodes or AWS Fargate pods in the cluster, then ensure that `publicAccessCidrs` includes the necessary CIDR blocks for communication with the nodes or Fargate pods. For more information, see [Cluster API server endpoint](https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html) in the **Amazon EKS User Guide** .", + "title": "EndpointPrivateAccess", + "type": "boolean" + }, + "EndpointPublicAccess": { + "markdownDescription": "Set this value to `false` to disable public access to your cluster's Kubernetes API server endpoint. If you disable public access, your cluster's Kubernetes API server can only receive requests from within the cluster VPC. The default value for this parameter is `true` , which enables public access for your Kubernetes API server. The endpoint domain name and IP address family depends on the value of the `ipFamily` for the cluster. For more information, see [Cluster API server endpoint](https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html) in the **Amazon EKS User Guide** .", + "title": "EndpointPublicAccess", + "type": "boolean" + }, + "PublicAccessCidrs": { + "items": { + "type": "string" + }, + "markdownDescription": "The CIDR blocks that are allowed access to your cluster's public Kubernetes API server endpoint. Communication to the endpoint from addresses outside of the CIDR blocks that you specify is denied. The default value is `0.0.0.0/0` and additionally `::/0` for dual-stack `IPv6` clusters. If you've disabled private endpoint access, make sure that you specify the necessary CIDR blocks for every node and AWS Fargate `Pod` in the cluster. For more information, see [Cluster API server endpoint](https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html) in the **Amazon EKS User Guide** .\n\nNote that the public endpoints are dual-stack for only `IPv6` clusters that are made after October 2024. You can't add `IPv6` CIDR blocks to `IPv4` clusters or `IPv6` clusters that were made before October 2024.", + "title": "PublicAccessCidrs", + "type": "array" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "Specify one or more security groups for the cross-account elastic network interfaces that Amazon EKS creates to use that allow communication between your nodes and the Kubernetes control plane. If you don't specify any security groups, then familiarize yourself with the difference between Amazon EKS defaults for clusters deployed with Kubernetes. For more information, see [Amazon EKS security group considerations](https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html) in the **Amazon EKS User Guide** .", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "Specify subnets for your Amazon EKS nodes. Amazon EKS creates cross-account elastic network interfaces in these subnets to allow communication between your nodes and the Kubernetes control plane.", + "title": "SubnetIds", + "type": "array" + } + }, + "required": [ + "SubnetIds" + ], + "type": "object" + }, + "AWS::EKS::Cluster.StorageConfig": { + "additionalProperties": false, + "properties": { + "BlockStorage": { + "$ref": "#/definitions/AWS::EKS::Cluster.BlockStorage", + "markdownDescription": "Request to configure EBS Block Storage settings for your EKS Auto Mode cluster.", + "title": "BlockStorage" + } + }, + "type": "object" + }, + "AWS::EKS::Cluster.UpgradePolicy": { + "additionalProperties": false, + "properties": { + "SupportType": { + "markdownDescription": "If the cluster is set to `EXTENDED` , it will enter extended support at the end of standard support. If the cluster is set to `STANDARD` , it will be automatically upgraded at the end of standard support.\n\n[Learn more about EKS Extended Support in the *Amazon EKS User Guide* .](https://docs.aws.amazon.com/eks/latest/userguide/extended-support-control.html)", + "title": "SupportType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EKS::Cluster.ZonalShiftConfig": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "If zonal shift is enabled, AWS configures zonal autoshift for the cluster.", + "title": "Enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EKS::FargateProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -104667,72 +108339,56 @@ "Properties": { "additionalProperties": false, "properties": { - "EndpointConfigurations": { - "items": { - "$ref": "#/definitions/AWS::GlobalAccelerator::EndpointGroup.EndpointConfiguration" - }, - "markdownDescription": "The list of endpoint objects.", - "title": "EndpointConfigurations", - "type": "array" - }, - "EndpointGroupRegion": { - "markdownDescription": "The AWS Regions where the endpoint group is located.", - "title": "EndpointGroupRegion", - "type": "string" - }, - "HealthCheckIntervalSeconds": { - "markdownDescription": "The time\u201410 seconds or 30 seconds\u2014between health checks for each endpoint. The default value is 30.", - "title": "HealthCheckIntervalSeconds", - "type": "number" - }, - "HealthCheckPath": { - "markdownDescription": "If the protocol is HTTP/S, then this value provides the ping path that Global Accelerator uses for the destination on the endpoints for health checks. The default is slash (/).", - "title": "HealthCheckPath", + "ClusterName": { + "markdownDescription": "The name of your cluster.", + "title": "ClusterName", "type": "string" }, - "HealthCheckPort": { - "markdownDescription": "The port that Global Accelerator uses to perform health checks on endpoints that are part of this endpoint group.\n\nThe default port is the port for the listener that this endpoint group is associated with. If the listener port is a list, Global Accelerator uses the first specified port in the list of ports.", - "title": "HealthCheckPort", - "type": "number" - }, - "HealthCheckProtocol": { - "markdownDescription": "The protocol that Global Accelerator uses to perform health checks on endpoints that are part of this endpoint group. The default value is TCP.", - "title": "HealthCheckProtocol", + "FargateProfileName": { + "markdownDescription": "The name of the Fargate profile.", + "title": "FargateProfileName", "type": "string" }, - "ListenerArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the listener.", - "title": "ListenerArn", + "PodExecutionRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the `Pod` execution role to use for a `Pod` that matches the selectors in the Fargate profile. The `Pod` execution role allows Fargate infrastructure to register with your cluster as a node, and it provides read access to Amazon ECR image repositories. For more information, see [`Pod` execution role](https://docs.aws.amazon.com/eks/latest/userguide/pod-execution-role.html) in the *Amazon EKS User Guide* .", + "title": "PodExecutionRoleArn", "type": "string" }, - "PortOverrides": { + "Selectors": { "items": { - "$ref": "#/definitions/AWS::GlobalAccelerator::EndpointGroup.PortOverride" + "$ref": "#/definitions/AWS::EKS::FargateProfile.Selector" }, - "markdownDescription": "Allows you to override the destination ports used to route traffic to an endpoint. Using a port override lets you map a list of external destination ports (that your users send traffic to) to a list of internal destination ports that you want an application endpoint to receive traffic on.", - "title": "PortOverrides", + "markdownDescription": "The selectors to match for a `Pod` to use this Fargate profile. Each selector must have an associated Kubernetes `namespace` . Optionally, you can also specify `labels` for a `namespace` . You may specify up to five selectors in a Fargate profile.", + "title": "Selectors", "type": "array" }, - "ThresholdCount": { - "markdownDescription": "The number of consecutive health checks required to set the state of a healthy endpoint to unhealthy, or to set an unhealthy endpoint to healthy. The default value is 3.", - "title": "ThresholdCount", - "type": "number" + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of subnets to launch a `Pod` into. A `Pod` running on Fargate isn't assigned a public IP address, so only private subnets (with no direct route to an Internet Gateway) are accepted for this parameter.", + "title": "Subnets", + "type": "array" }, - "TrafficDialPercentage": { - "markdownDescription": "The percentage of traffic to send to an AWS Regions . Additional traffic is distributed to other endpoint groups for this listener.\n\nUse this action to increase (dial up) or decrease (dial down) traffic to a specific Region. The percentage is applied to the traffic that would otherwise have been routed to the Region based on optimal routing.\n\nThe default value is 100.", - "title": "TrafficDialPercentage", - "type": "number" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or AWS resources.", + "title": "Tags", + "type": "array" } }, "required": [ - "EndpointGroupRegion", - "ListenerArn" + "ClusterName", + "PodExecutionRoleArn", + "Selectors" ], "type": "object" }, "Type": { "enum": [ - "AWS::GlobalAccelerator::EndpointGroup" + "AWS::EKS::FargateProfile" ], "type": "string" }, @@ -104751,56 +108407,49 @@ ], "type": "object" }, - "AWS::GlobalAccelerator::EndpointGroup.EndpointConfiguration": { + "AWS::EKS::FargateProfile.Label": { "additionalProperties": false, "properties": { - "AttachmentArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the cross-account attachment that specifies the endpoints (resources) that can be added to accelerators and principals that have permission to add the endpoints.", - "title": "AttachmentArn", + "Key": { + "markdownDescription": "Enter a key.", + "title": "Key", "type": "string" }, - "ClientIPPreservationEnabled": { - "markdownDescription": "Indicates whether client IP address preservation is enabled for an Application Load Balancer endpoint. The value is true or false. The default value is true for new accelerators.\n\nIf the value is set to true, the client's IP address is preserved in the `X-Forwarded-For` request header as traffic travels to applications on the Application Load Balancer endpoint fronted by the accelerator.\n\nFor more information, see [Preserve Client IP Addresses](https://docs.aws.amazon.com/global-accelerator/latest/dg/preserve-client-ip-address.html) in the *AWS Global Accelerator Developer Guide* .", - "title": "ClientIPPreservationEnabled", - "type": "boolean" - }, - "EndpointId": { - "markdownDescription": "An ID for the endpoint. If the endpoint is a Network Load Balancer or Application Load Balancer, this is the Amazon Resource Name (ARN) of the resource. If the endpoint is an Elastic IP address, this is the Elastic IP address allocation ID. For Amazon EC2 instances, this is the EC2 instance ID. A resource must be valid and active when you add it as an endpoint.\n\nFor cross-account endpoints, this must be the ARN of the resource.", - "title": "EndpointId", + "Value": { + "markdownDescription": "Enter a value.", + "title": "Value", "type": "string" - }, - "Weight": { - "markdownDescription": "The weight associated with the endpoint. When you add weights to endpoints, you configure Global Accelerator to route traffic based on proportions that you specify. For example, you might specify endpoint weights of 4, 5, 5, and 6 (sum=20). The result is that 4/20 of your traffic, on average, is routed to the first endpoint, 5/20 is routed both to the second and third endpoints, and 6/20 is routed to the last endpoint. For more information, see [Endpoint Weights](https://docs.aws.amazon.com/global-accelerator/latest/dg/about-endpoints-endpoint-weights.html) in the *AWS Global Accelerator Developer Guide* .", - "title": "Weight", - "type": "number" } }, "required": [ - "EndpointId" + "Key", + "Value" ], "type": "object" }, - "AWS::GlobalAccelerator::EndpointGroup.PortOverride": { + "AWS::EKS::FargateProfile.Selector": { "additionalProperties": false, "properties": { - "EndpointPort": { - "markdownDescription": "The endpoint port that you want a listener port to be mapped to. This is the port on the endpoint, such as the Application Load Balancer or Amazon EC2 instance.", - "title": "EndpointPort", - "type": "number" + "Labels": { + "items": { + "$ref": "#/definitions/AWS::EKS::FargateProfile.Label" + }, + "markdownDescription": "The Kubernetes labels that the selector should match. A pod must contain all of the labels that are specified in the selector for it to be considered a match.", + "title": "Labels", + "type": "array" }, - "ListenerPort": { - "markdownDescription": "The listener port that you want to map to a specific endpoint port. This is the port that user traffic arrives to the Global Accelerator on.", - "title": "ListenerPort", - "type": "number" + "Namespace": { + "markdownDescription": "The Kubernetes `namespace` that the selector should match.", + "title": "Namespace", + "type": "string" } }, "required": [ - "EndpointPort", - "ListenerPort" + "Namespace" ], "type": "object" }, - "AWS::GlobalAccelerator::Listener": { + "AWS::EKS::IdentityProviderConfig": { "additionalProperties": false, "properties": { "Condition": { @@ -104835,40 +108484,44 @@ "Properties": { "additionalProperties": false, "properties": { - "AcceleratorArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of your accelerator.", - "title": "AcceleratorArn", + "ClusterName": { + "markdownDescription": "The name of your cluster.", + "title": "ClusterName", "type": "string" }, - "ClientAffinity": { - "markdownDescription": "Client affinity lets you direct all requests from a user to the same endpoint, if you have stateful applications, regardless of the port and protocol of the client request. Client affinity gives you control over whether to always route each client to the same specific endpoint.\n\nAWS Global Accelerator uses a consistent-flow hashing algorithm to choose the optimal endpoint for a connection. If client affinity is `NONE` , Global Accelerator uses the \"five-tuple\" (5-tuple) properties\u2014source IP address, source port, destination IP address, destination port, and protocol\u2014to select the hash value, and then chooses the best endpoint. However, with this setting, if someone uses different ports to connect to Global Accelerator, their connections might not be always routed to the same endpoint because the hash value changes.\n\nIf you want a given client to always be routed to the same endpoint, set client affinity to `SOURCE_IP` instead. When you use the `SOURCE_IP` setting, Global Accelerator uses the \"two-tuple\" (2-tuple) properties\u2014 source (client) IP address and destination IP address\u2014to select the hash value.\n\nThe default value is `NONE` .", - "title": "ClientAffinity", + "IdentityProviderConfigName": { + "markdownDescription": "The name of the configuration.", + "title": "IdentityProviderConfigName", "type": "string" }, - "PortRanges": { + "Oidc": { + "$ref": "#/definitions/AWS::EKS::IdentityProviderConfig.OidcIdentityProviderConfig", + "markdownDescription": "An object representing an OpenID Connect (OIDC) identity provider configuration.", + "title": "Oidc" + }, + "Tags": { "items": { - "$ref": "#/definitions/AWS::GlobalAccelerator::Listener.PortRange" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The list of port ranges for the connections from clients to the accelerator.", - "title": "PortRanges", + "markdownDescription": "Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or AWS resources.", + "title": "Tags", "type": "array" }, - "Protocol": { - "markdownDescription": "The protocol for the connections from clients to the accelerator.", - "title": "Protocol", + "Type": { + "markdownDescription": "The type of the identity provider configuration. The only type available is `oidc` .", + "title": "Type", "type": "string" } }, "required": [ - "AcceleratorArn", - "PortRanges", - "Protocol" + "ClusterName", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::GlobalAccelerator::Listener" + "AWS::EKS::IdentityProviderConfig" ], "type": "string" }, @@ -104887,27 +108540,75 @@ ], "type": "object" }, - "AWS::GlobalAccelerator::Listener.PortRange": { + "AWS::EKS::IdentityProviderConfig.OidcIdentityProviderConfig": { "additionalProperties": false, "properties": { - "FromPort": { - "markdownDescription": "The first port in the range of ports, inclusive.", - "title": "FromPort", - "type": "number" + "ClientId": { + "markdownDescription": "This is also known as *audience* . The ID of the client application that makes authentication requests to the OIDC identity provider.", + "title": "ClientId", + "type": "string" }, - "ToPort": { - "markdownDescription": "The last port in the range of ports, inclusive.", - "title": "ToPort", - "type": "number" - } - }, + "GroupsClaim": { + "markdownDescription": "The JSON web token (JWT) claim that the provider uses to return your groups.", + "title": "GroupsClaim", + "type": "string" + }, + "GroupsPrefix": { + "markdownDescription": "The prefix that is prepended to group claims to prevent clashes with existing names (such as `system:` groups). For example, the value `oidc:` creates group names like `oidc:engineering` and `oidc:infra` . The prefix can't contain `system:`", + "title": "GroupsPrefix", + "type": "string" + }, + "IssuerUrl": { + "markdownDescription": "The URL of the OIDC identity provider that allows the API server to discover public signing keys for verifying tokens.", + "title": "IssuerUrl", + "type": "string" + }, + "RequiredClaims": { + "items": { + "$ref": "#/definitions/AWS::EKS::IdentityProviderConfig.RequiredClaim" + }, + "markdownDescription": "The key-value pairs that describe required claims in the identity token. If set, each claim is verified to be present in the token with a matching value.", + "title": "RequiredClaims", + "type": "array" + }, + "UsernameClaim": { + "markdownDescription": "The JSON Web token (JWT) claim that is used as the username.", + "title": "UsernameClaim", + "type": "string" + }, + "UsernamePrefix": { + "markdownDescription": "The prefix that is prepended to username claims to prevent clashes with existing names. The prefix can't contain `system:`", + "title": "UsernamePrefix", + "type": "string" + } + }, "required": [ - "FromPort", - "ToPort" + "ClientId", + "IssuerUrl" ], "type": "object" }, - "AWS::Glue::Classifier": { + "AWS::EKS::IdentityProviderConfig.RequiredClaim": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The key to match from the token.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The value for the key from the token.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::EKS::Nodegroup": { "additionalProperties": false, "properties": { "Condition": { @@ -104942,32 +108643,133 @@ "Properties": { "additionalProperties": false, "properties": { - "CsvClassifier": { - "$ref": "#/definitions/AWS::Glue::Classifier.CsvClassifier", - "markdownDescription": "A classifier for comma-separated values (CSV).", - "title": "CsvClassifier" + "AmiType": { + "markdownDescription": "The AMI type for your node group. If you specify `launchTemplate` , and your launch template uses a custom AMI, then don't specify `amiType` , or the node group deployment will fail. If your launch template uses a Windows custom AMI, then add `eks:kube-proxy-windows` to your Windows nodes `rolearn` in the `aws-auth` `ConfigMap` . For more information about using launch templates with Amazon EKS, see [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", + "title": "AmiType", + "type": "string" }, - "GrokClassifier": { - "$ref": "#/definitions/AWS::Glue::Classifier.GrokClassifier", - "markdownDescription": "A classifier that uses `grok` .", - "title": "GrokClassifier" + "CapacityType": { + "markdownDescription": "The capacity type of your managed node group.", + "title": "CapacityType", + "type": "string" }, - "JsonClassifier": { - "$ref": "#/definitions/AWS::Glue::Classifier.JsonClassifier", - "markdownDescription": "A classifier for JSON content.", - "title": "JsonClassifier" + "ClusterName": { + "markdownDescription": "The name of your cluster.", + "title": "ClusterName", + "type": "string" }, - "XMLClassifier": { - "$ref": "#/definitions/AWS::Glue::Classifier.XMLClassifier", - "markdownDescription": "A classifier for XML content.", - "title": "XMLClassifier" + "DiskSize": { + "markdownDescription": "The root device disk size (in GiB) for your node group instances. The default disk size is 20 GiB for Linux and Bottlerocket. The default disk size is 50 GiB for Windows. If you specify `launchTemplate` , then don't specify `diskSize` , or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", + "title": "DiskSize", + "type": "number" + }, + "ForceUpdateEnabled": { + "markdownDescription": "Force the update if any `Pod` on the existing node group can't be drained due to a `Pod` disruption budget issue. If an update fails because all Pods can't be drained, you can force the update after it fails to terminate the old node whether or not any `Pod` is running on the node.", + "title": "ForceUpdateEnabled", + "type": "boolean" + }, + "InstanceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "Specify the instance types for a node group. If you specify a GPU instance type, make sure to also specify an applicable GPU AMI type with the `amiType` parameter. If you specify `launchTemplate` , then you can specify zero or one instance type in your launch template *or* you can specify 0-20 instance types for `instanceTypes` . If however, you specify an instance type in your launch template *and* specify any `instanceTypes` , the node group deployment will fail. If you don't specify an instance type in a launch template or for `instanceTypes` , then `t3.medium` is used, by default. If you specify `Spot` for `capacityType` , then we recommend specifying multiple values for `instanceTypes` . For more information, see [Managed node group capacity types](https://docs.aws.amazon.com/eks/latest/userguide/managed-node-groups.html#managed-node-group-capacity-types) and [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", + "title": "InstanceTypes", + "type": "array" + }, + "Labels": { + "additionalProperties": true, + "markdownDescription": "The Kubernetes `labels` applied to the nodes in the node group.\n\n> Only `labels` that are applied with the Amazon EKS API are shown here. There may be other Kubernetes `labels` applied to the nodes in this group.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Labels", + "type": "object" + }, + "LaunchTemplate": { + "$ref": "#/definitions/AWS::EKS::Nodegroup.LaunchTemplateSpecification", + "markdownDescription": "An object representing a node group's launch template specification. When using this object, don't directly specify `instanceTypes` , `diskSize` , or `remoteAccess` . You cannot later specify a different launch template ID or name than what was used to create the node group.\n\nMake sure that the launch template meets the requirements in `launchTemplateSpecification` . Also refer to [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", + "title": "LaunchTemplate" + }, + "NodeRepairConfig": { + "$ref": "#/definitions/AWS::EKS::Nodegroup.NodeRepairConfig", + "markdownDescription": "The node auto repair configuration for the node group.", + "title": "NodeRepairConfig" + }, + "NodeRole": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to associate with your node group. The Amazon EKS worker node `kubelet` daemon makes calls to AWS APIs on your behalf. Nodes receive permissions for these API calls through an IAM instance profile and associated policies. Before you can launch nodes and register them into a cluster, you must create an IAM role for those nodes to use when they are launched. For more information, see [Amazon EKS node IAM role](https://docs.aws.amazon.com/eks/latest/userguide/create-node-role.html) in the **Amazon EKS User Guide** . If you specify `launchTemplate` , then don't specify `[IamInstanceProfile](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_IamInstanceProfile.html)` in your launch template, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", + "title": "NodeRole", + "type": "string" + }, + "NodegroupName": { + "markdownDescription": "The unique name to give your node group.", + "title": "NodegroupName", + "type": "string" + }, + "ReleaseVersion": { + "markdownDescription": "The AMI version of the Amazon EKS optimized AMI to use with your node group (for example, `1.14.7- *YYYYMMDD*` ). By default, the latest available AMI version for the node group's current Kubernetes version is used. For more information, see [Amazon EKS optimized Linux AMI Versions](https://docs.aws.amazon.com/eks/latest/userguide/eks-linux-ami-versions.html) in the *Amazon EKS User Guide* .\n\n> Changing this value triggers an update of the node group if one is available. You can't update other properties at the same time as updating `Release Version` .", + "title": "ReleaseVersion", + "type": "string" + }, + "RemoteAccess": { + "$ref": "#/definitions/AWS::EKS::Nodegroup.RemoteAccess", + "markdownDescription": "The remote access configuration to use with your node group. For Linux, the protocol is SSH. For Windows, the protocol is RDP. If you specify `launchTemplate` , then don't specify `remoteAccess` , or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", + "title": "RemoteAccess" + }, + "ScalingConfig": { + "$ref": "#/definitions/AWS::EKS::Nodegroup.ScalingConfig", + "markdownDescription": "The scaling configuration details for the Auto Scaling group that is created for your node group.", + "title": "ScalingConfig" + }, + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The subnets to use for the Auto Scaling group that is created for your node group. If you specify `launchTemplate` , then don't specify `[SubnetId](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateNetworkInterface.html)` in your launch template, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", + "title": "Subnets", + "type": "array" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or AWS resources.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "Taints": { + "items": { + "$ref": "#/definitions/AWS::EKS::Nodegroup.Taint" + }, + "markdownDescription": "The Kubernetes taints to be applied to the nodes in the node group when they are created. Effect is one of `No_Schedule` , `Prefer_No_Schedule` , or `No_Execute` . Kubernetes taints can be used together with tolerations to control how workloads are scheduled to your nodes. For more information, see [Node taints on managed node groups](https://docs.aws.amazon.com/eks/latest/userguide/node-taints-managed-node-groups.html) .", + "title": "Taints", + "type": "array" + }, + "UpdateConfig": { + "$ref": "#/definitions/AWS::EKS::Nodegroup.UpdateConfig", + "markdownDescription": "The node group update configuration.", + "title": "UpdateConfig" + }, + "Version": { + "markdownDescription": "The Kubernetes version to use for your managed nodes. By default, the Kubernetes version of the cluster is used, and this is the only accepted specified value. If you specify `launchTemplate` , and your launch template uses a custom AMI, then don't specify `version` , or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see [Launch template support](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .\n\n> You can't update other properties at the same time as updating `Version` .", + "title": "Version", + "type": "string" } }, + "required": [ + "ClusterName", + "NodeRole", + "Subnets" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Glue::Classifier" + "AWS::EKS::Nodegroup" ], "type": "string" }, @@ -104981,142 +108783,129 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Glue::Classifier.CsvClassifier": { + "AWS::EKS::Nodegroup.LaunchTemplateSpecification": { "additionalProperties": false, "properties": { - "AllowSingleColumn": { - "markdownDescription": "Enables the processing of files that contain only one column.", - "title": "AllowSingleColumn", - "type": "boolean" - }, - "ContainsCustomDatatype": { - "items": { - "type": "string" - }, - "markdownDescription": "Indicates whether the CSV file contains custom data types.", - "title": "ContainsCustomDatatype", - "type": "array" - }, - "ContainsHeader": { - "markdownDescription": "Indicates whether the CSV file contains a header.\n\nA value of `UNKNOWN` specifies that the classifier will detect whether the CSV file contains headings.\n\nA value of `PRESENT` specifies that the CSV file contains headings.\n\nA value of `ABSENT` specifies that the CSV file does not contain headings.", - "title": "ContainsHeader", + "Id": { + "markdownDescription": "The ID of the launch template.\n\nYou must specify either the launch template ID or the launch template name in the request, but not both. After node group creation, you cannot use a different ID.", + "title": "Id", "type": "string" }, - "CustomDatatypeConfigured": { - "markdownDescription": "Enables the configuration of custom data types.", - "title": "CustomDatatypeConfigured", - "type": "boolean" - }, - "Delimiter": { - "markdownDescription": "A custom symbol to denote what separates each column entry in the row.", - "title": "Delimiter", + "Name": { + "markdownDescription": "The name of the launch template.\n\nYou must specify either the launch template name or the launch template ID in the request, but not both. After node group creation, you cannot use a different name.", + "title": "Name", "type": "string" }, - "DisableValueTrimming": { - "markdownDescription": "Specifies not to trim values before identifying the type of column values. The default value is `true` .", - "title": "DisableValueTrimming", + "Version": { + "markdownDescription": "The version number of the launch template to use. If no version is specified, then the template's default version is used. You can use a different version for node group updates.", + "title": "Version", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EKS::Nodegroup.NodeRepairConfig": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Specifies whether to enable node auto repair for the node group. Node auto repair is disabled by default.", + "title": "Enabled", "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EKS::Nodegroup.RemoteAccess": { + "additionalProperties": false, + "properties": { + "Ec2SshKey": { + "markdownDescription": "The Amazon EC2 SSH key name that provides access for SSH communication with the nodes in the managed node group. For more information, see [Amazon EC2 key pairs and Linux instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html) in the *Amazon Elastic Compute Cloud User Guide for Linux Instances* . For Windows, an Amazon EC2 SSH key is used to obtain the RDP password. For more information, see [Amazon EC2 key pairs and Windows instances](https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ec2-key-pairs.html) in the *Amazon Elastic Compute Cloud User Guide for Windows Instances* .", + "title": "Ec2SshKey", + "type": "string" }, - "Header": { + "SourceSecurityGroups": { "items": { "type": "string" }, - "markdownDescription": "A list of strings representing column names.", - "title": "Header", + "markdownDescription": "The security group IDs that are allowed SSH access (port 22) to the nodes. For Windows, the port is 3389. If you specify an Amazon EC2 SSH key but don't specify a source security group when you create a managed node group, then the port on the nodes is opened to the internet ( `0.0.0.0/0` ). For more information, see [Security Groups for Your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) in the *Amazon Virtual Private Cloud User Guide* .", + "title": "SourceSecurityGroups", "type": "array" - }, - "Name": { - "markdownDescription": "The name of the classifier.", - "title": "Name", - "type": "string" - }, - "QuoteSymbol": { - "markdownDescription": "A custom symbol to denote what combines content into a single column value. It must be different from the column delimiter.", - "title": "QuoteSymbol", - "type": "string" } }, + "required": [ + "Ec2SshKey" + ], "type": "object" }, - "AWS::Glue::Classifier.GrokClassifier": { + "AWS::EKS::Nodegroup.ScalingConfig": { "additionalProperties": false, "properties": { - "Classification": { - "markdownDescription": "An identifier of the data format that the classifier matches, such as Twitter, JSON, Omniture logs, and so on.", - "title": "Classification", - "type": "string" - }, - "CustomPatterns": { - "markdownDescription": "Optional custom grok patterns defined by this classifier. For more information, see custom patterns in [Writing Custom Classifiers](https://docs.aws.amazon.com/glue/latest/dg/custom-classifier.html) .", - "title": "CustomPatterns", - "type": "string" + "DesiredSize": { + "markdownDescription": "The current number of nodes that the managed node group should maintain.\n\n> If you use the Kubernetes [Cluster Autoscaler](https://docs.aws.amazon.com/https://github.com/kubernetes/autoscaler#kubernetes-autoscaler) , you shouldn't change the `desiredSize` value directly, as this can cause the Cluster Autoscaler to suddenly scale up or scale down. \n\nWhenever this parameter changes, the number of worker nodes in the node group is updated to the specified size. If this parameter is given a value that is smaller than the current number of running worker nodes, the necessary number of worker nodes are terminated to match the given value. When using CloudFormation, no action occurs if you remove this parameter from your CFN template.\n\nThis parameter can be different from `minSize` in some cases, such as when starting with extra hosts for testing. This parameter can also be different when you want to start with an estimated number of needed hosts, but let the Cluster Autoscaler reduce the number if there are too many. When the Cluster Autoscaler is used, the `desiredSize` parameter is altered by the Cluster Autoscaler (but can be out-of-date for short periods of time). the Cluster Autoscaler doesn't scale a managed node group lower than `minSize` or higher than `maxSize` .", + "title": "DesiredSize", + "type": "number" }, - "GrokPattern": { - "markdownDescription": "The grok pattern applied to a data store by this classifier. For more information, see built-in patterns in [Writing Custom Classifiers](https://docs.aws.amazon.com/glue/latest/dg/custom-classifier.html) .", - "title": "GrokPattern", - "type": "string" + "MaxSize": { + "markdownDescription": "The maximum number of nodes that the managed node group can scale out to. For information about the maximum number that you can specify, see [Amazon EKS service quotas](https://docs.aws.amazon.com/eks/latest/userguide/service-quotas.html) in the *Amazon EKS User Guide* .", + "title": "MaxSize", + "type": "number" }, - "Name": { - "markdownDescription": "The name of the classifier.", - "title": "Name", - "type": "string" + "MinSize": { + "markdownDescription": "The minimum number of nodes that the managed node group can scale in to.", + "title": "MinSize", + "type": "number" } }, - "required": [ - "Classification", - "GrokPattern" - ], "type": "object" }, - "AWS::Glue::Classifier.JsonClassifier": { + "AWS::EKS::Nodegroup.Taint": { "additionalProperties": false, "properties": { - "JsonPath": { - "markdownDescription": "A `JsonPath` string defining the JSON data for the classifier to classify. AWS Glue supports a subset of `JsonPath` , as described in [Writing JsonPath Custom Classifiers](https://docs.aws.amazon.com/glue/latest/dg/custom-classifier.html#custom-classifier-json) .", - "title": "JsonPath", + "Effect": { + "markdownDescription": "The effect of the taint.", + "title": "Effect", "type": "string" }, - "Name": { - "markdownDescription": "The name of the classifier.", - "title": "Name", + "Key": { + "markdownDescription": "The key of the taint.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the taint.", + "title": "Value", "type": "string" } }, - "required": [ - "JsonPath" - ], "type": "object" }, - "AWS::Glue::Classifier.XMLClassifier": { + "AWS::EKS::Nodegroup.UpdateConfig": { "additionalProperties": false, "properties": { - "Classification": { - "markdownDescription": "An identifier of the data format that the classifier matches.", - "title": "Classification", - "type": "string" + "MaxUnavailable": { + "markdownDescription": "The maximum number of nodes unavailable at once during a version update. Nodes are updated in parallel. This value or `maxUnavailablePercentage` is required to have a value.The maximum number is 100.", + "title": "MaxUnavailable", + "type": "number" }, - "Name": { - "markdownDescription": "The name of the classifier.", - "title": "Name", - "type": "string" + "MaxUnavailablePercentage": { + "markdownDescription": "The maximum percentage of nodes unavailable during a version update. This percentage of nodes are updated in parallel, up to 100 nodes at once. This value or `maxUnavailable` is required to have a value.", + "title": "MaxUnavailablePercentage", + "type": "number" }, - "RowTag": { - "markdownDescription": "The XML tag designating the element that contains each record in an XML document being parsed. This can't identify a self-closing element (closed by `/>` ). An empty row element that contains only attributes can be parsed as long as it ends with a closing tag (for example, `` is okay, but `` is not).", - "title": "RowTag", + "UpdateStrategy": { + "markdownDescription": "The configuration for the behavior to follow during a node group version update of this managed node group. You choose between two possible strategies for replacing nodes during an [`UpdateNodegroupVersion`](https://docs.aws.amazon.com/eks/latest/APIReference/API_UpdateNodegroupVersion.html) action.\n\nAn Amazon EKS managed node group updates by replacing nodes with new nodes of newer AMI versions in parallel. The *update strategy* changes the managed node update behavior of the managed node group for each quantity. The *default* strategy has guardrails to protect you from misconfiguration and launches the new instances first, before terminating the old instances. The *minimal* strategy removes the guardrails and terminates the old instances before launching the new instances. This minimal strategy is useful in scenarios where you are constrained to resources or costs (for example, with hardware accelerators such as GPUs).", + "title": "UpdateStrategy", "type": "string" } }, - "required": [ - "Classification", - "RowTag" - ], "type": "object" }, - "AWS::Glue::Connection": { + "AWS::EKS::PodIdentityAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -105151,26 +108940,56 @@ "Properties": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The ID of the data catalog to create the catalog object in. Currently, this should be the AWS account ID.\n\n> To specify the account ID, you can use the `Ref` intrinsic function with the `AWS::AccountId` pseudo parameter. For example: `!Ref AWS::AccountId` .", - "title": "CatalogId", + "ClusterName": { + "markdownDescription": "The name of the cluster that the association is in.", + "title": "ClusterName", "type": "string" }, - "ConnectionInput": { - "$ref": "#/definitions/AWS::Glue::Connection.ConnectionInput", - "markdownDescription": "The connection that you want to create.", - "title": "ConnectionInput" + "DisableSessionTags": { + "markdownDescription": "The state of the automatic sessions tags. The value of *true* disables these tags.\n\nEKS Pod Identity adds a pre-defined set of session tags when it assumes the role. You can use these tags to author a single role that can work across resources by allowing access to AWS resources based on matching tags. By default, EKS Pod Identity attaches six tags, including tags for cluster name, namespace, and service account name. For the list of tags added by EKS Pod Identity, see [List of session tags added by EKS Pod Identity](https://docs.aws.amazon.com/eks/latest/userguide/pod-id-abac.html#pod-id-abac-tags) in the *Amazon EKS User Guide* .", + "title": "DisableSessionTags", + "type": "boolean" + }, + "Namespace": { + "markdownDescription": "The name of the Kubernetes namespace inside the cluster to create the association in. The service account and the Pods that use the service account must be in this namespace.", + "title": "Namespace", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to associate with the service account. The EKS Pod Identity agent manages credentials to assume this role for applications in the containers in the Pods that use this service account.", + "title": "RoleArn", + "type": "string" + }, + "ServiceAccount": { + "markdownDescription": "The name of the Kubernetes service account inside the cluster to associate the IAM credentials with.", + "title": "ServiceAccount", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or AWS resources.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource \u2013 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length \u2013 128 Unicode characters in UTF-8\n- Maximum value length \u2013 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", + "title": "Tags", + "type": "array" + }, + "TargetRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the target IAM role to associate with the service account. This role is assumed by using the EKS Pod Identity association role, then the credentials for this role are injected into the Pod.", + "title": "TargetRoleArn", + "type": "string" } }, "required": [ - "CatalogId", - "ConnectionInput" + "ClusterName", + "Namespace", + "RoleArn", + "ServiceAccount" ], "type": "object" }, "Type": { "enum": [ - "AWS::Glue::Connection" + "AWS::EKS::PodIdentityAssociation" ], "type": "string" }, @@ -105189,73 +109008,7 @@ ], "type": "object" }, - "AWS::Glue::Connection.ConnectionInput": { - "additionalProperties": false, - "properties": { - "ConnectionProperties": { - "markdownDescription": "These key-value pairs define parameters for the connection.", - "title": "ConnectionProperties", - "type": "object" - }, - "ConnectionType": { - "markdownDescription": "The type of the connection. Currently, these types are supported:\n\n- `JDBC` - Designates a connection to a database through Java Database Connectivity (JDBC).\n\n`JDBC` Connections use the following ConnectionParameters.\n\n- Required: All of ( `HOST` , `PORT` , `JDBC_ENGINE` ) or `JDBC_CONNECTION_URL` .\n- Required: All of ( `USERNAME` , `PASSWORD` ) or `SECRET_ID` .\n- Optional: `JDBC_ENFORCE_SSL` , `CUSTOM_JDBC_CERT` , `CUSTOM_JDBC_CERT_STRING` , `SKIP_CUSTOM_JDBC_CERT_VALIDATION` . These parameters are used to configure SSL with JDBC.\n- `KAFKA` - Designates a connection to an Apache Kafka streaming platform.\n\n`KAFKA` Connections use the following ConnectionParameters.\n\n- Required: `KAFKA_BOOTSTRAP_SERVERS` .\n- Optional: `KAFKA_SSL_ENABLED` , `KAFKA_CUSTOM_CERT` , `KAFKA_SKIP_CUSTOM_CERT_VALIDATION` . These parameters are used to configure SSL with `KAFKA` .\n- Optional: `KAFKA_CLIENT_KEYSTORE` , `KAFKA_CLIENT_KEYSTORE_PASSWORD` , `KAFKA_CLIENT_KEY_PASSWORD` , `ENCRYPTED_KAFKA_CLIENT_KEYSTORE_PASSWORD` , `ENCRYPTED_KAFKA_CLIENT_KEY_PASSWORD` . These parameters are used to configure TLS client configuration with SSL in `KAFKA` .\n- Optional: `KAFKA_SASL_MECHANISM` . Can be specified as `SCRAM-SHA-512` , `GSSAPI` , or `AWS_MSK_IAM` .\n- Optional: `KAFKA_SASL_SCRAM_USERNAME` , `KAFKA_SASL_SCRAM_PASSWORD` , `ENCRYPTED_KAFKA_SASL_SCRAM_PASSWORD` . These parameters are used to configure SASL/SCRAM-SHA-512 authentication with `KAFKA` .\n- Optional: `KAFKA_SASL_GSSAPI_KEYTAB` , `KAFKA_SASL_GSSAPI_KRB5_CONF` , `KAFKA_SASL_GSSAPI_SERVICE` , `KAFKA_SASL_GSSAPI_PRINCIPAL` . These parameters are used to configure SASL/GSSAPI authentication with `KAFKA` .\n- `MONGODB` - Designates a connection to a MongoDB document database.\n\n`MONGODB` Connections use the following ConnectionParameters.\n\n- Required: `CONNECTION_URL` .\n- Required: All of ( `USERNAME` , `PASSWORD` ) or `SECRET_ID` .\n- `VIEW_VALIDATION_REDSHIFT` - Designates a connection used for view validation by Amazon Redshift.\n- `VIEW_VALIDATION_ATHENA` - Designates a connection used for view validation by Amazon Athena.\n- `NETWORK` - Designates a network connection to a data source within an Amazon Virtual Private Cloud environment (Amazon VPC).\n\n`NETWORK` Connections do not require ConnectionParameters. Instead, provide a PhysicalConnectionRequirements.\n- `MARKETPLACE` - Uses configuration settings contained in a connector purchased from AWS Marketplace to read from and write to data stores that are not natively supported by AWS Glue .\n\n`MARKETPLACE` Connections use the following ConnectionParameters.\n\n- Required: `CONNECTOR_TYPE` , `CONNECTOR_URL` , `CONNECTOR_CLASS_NAME` , `CONNECTION_URL` .\n- Required for `JDBC` `CONNECTOR_TYPE` connections: All of ( `USERNAME` , `PASSWORD` ) or `SECRET_ID` .\n- `CUSTOM` - Uses configuration settings contained in a custom connector to read from and write to data stores that are not natively supported by AWS Glue .\n\nAdditionally, a `ConnectionType` for the following SaaS connectors is supported:\n\n- `FACEBOOKADS` - Designates a connection to Facebook Ads.\n- `GOOGLEADS` - Designates a connection to Google Ads.\n- `GOOGLESHEETS` - Designates a connection to Google Sheets.\n- `GOOGLEANALYTICS4` - Designates a connection to Google Analytics 4.\n- `HUBSPOT` - Designates a connection to HubSpot.\n- `INSTAGRAMADS` - Designates a connection to Instagram Ads.\n- `INTERCOM` - Designates a connection to Intercom.\n- `JIRACLOUD` - Designates a connection to Jira Cloud.\n- `MARKETO` - Designates a connection to Adobe Marketo Engage.\n- `NETSUITEERP` - Designates a connection to Oracle NetSuite.\n- `SALESFORCE` - Designates a connection to Salesforce using OAuth authentication.\n- `SALESFORCEMARKETINGCLOUD` - Designates a connection to Salesforce Marketing Cloud.\n- `SALESFORCEPARDOT` - Designates a connection to Salesforce Marketing Cloud Account Engagement (MCAE).\n- `SAPODATA` - Designates a connection to SAP OData.\n- `SERVICENOW` - Designates a connection to ServiceNow.\n- `SLACK` - Designates a connection to Slack.\n- `SNAPCHATADS` - Designates a connection to Snapchat Ads.\n- `STRIPE` - Designates a connection to Stripe.\n- `ZENDESK` - Designates a connection to Zendesk.\n- `ZOHOCRM` - Designates a connection to Zoho CRM.\n\nFor more information on the connection parameters needed for a particular connector, see the documentation for the connector in [Adding an AWS Glue connection](https://docs.aws.amazon.com/glue/latest/dg/console-connections.html) in the AWS Glue User Guide.\n\n`SFTP` is not supported.\n\nFor more information about how optional ConnectionProperties are used to configure features in AWS Glue , consult [AWS Glue connection properties](https://docs.aws.amazon.com/glue/latest/dg/connection-defining.html) .\n\nFor more information about how optional ConnectionProperties are used to configure features in AWS Glue Studio, consult [Using connectors and connections](https://docs.aws.amazon.com/glue/latest/ug/connectors-chapter.html) .", - "title": "ConnectionType", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the connection.", - "title": "Description", - "type": "string" - }, - "MatchCriteria": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of criteria that can be used in selecting this connection.", - "title": "MatchCriteria", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the connection.", - "title": "Name", - "type": "string" - }, - "PhysicalConnectionRequirements": { - "$ref": "#/definitions/AWS::Glue::Connection.PhysicalConnectionRequirements", - "markdownDescription": "The physical connection requirements, such as virtual private cloud (VPC) and `SecurityGroup` , that are needed to successfully make this connection.", - "title": "PhysicalConnectionRequirements" - } - }, - "required": [ - "ConnectionType" - ], - "type": "object" - }, - "AWS::Glue::Connection.PhysicalConnectionRequirements": { - "additionalProperties": false, - "properties": { - "AvailabilityZone": { - "markdownDescription": "The connection's Availability Zone.", - "title": "AvailabilityZone", - "type": "string" - }, - "SecurityGroupIdList": { - "items": { - "type": "string" - }, - "markdownDescription": "The security group ID list used by the connection.", - "title": "SecurityGroupIdList", - "type": "array" - }, - "SubnetId": { - "markdownDescription": "The subnet ID used by the connection.", - "title": "SubnetId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Glue::Crawler": { + "AWS::EMR::Cluster": { "additionalProperties": false, "properties": { "Condition": { @@ -105290,89 +109043,171 @@ "Properties": { "additionalProperties": false, "properties": { - "Classifiers": { + "AdditionalInfo": { + "markdownDescription": "A JSON string for selecting additional features.", + "title": "AdditionalInfo", + "type": "object" + }, + "Applications": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EMR::Cluster.Application" }, - "markdownDescription": "A list of UTF-8 strings that specify the names of custom classifiers that are associated with the crawler.", - "title": "Classifiers", + "markdownDescription": "The applications to install on this cluster, for example, Spark, Flink, Oozie, Zeppelin, and so on.", + "title": "Applications", "type": "array" }, - "Configuration": { - "markdownDescription": "Crawler configuration information. This versioned JSON string allows users to specify aspects of a crawler's behavior. For more information, see [Configuring a Crawler](https://docs.aws.amazon.com/glue/latest/dg/crawler-configuration.html) .", - "title": "Configuration", + "AutoScalingRole": { + "markdownDescription": "An IAM role for automatic scaling policies. The default role is `EMR_AutoScaling_DefaultRole` . The IAM role provides permissions that the automatic scaling feature requires to launch and terminate Amazon EC2 instances in an instance group.", + "title": "AutoScalingRole", "type": "string" }, - "CrawlerSecurityConfiguration": { - "markdownDescription": "The name of the `SecurityConfiguration` structure to be used by this crawler.", - "title": "CrawlerSecurityConfiguration", + "AutoTerminationPolicy": { + "$ref": "#/definitions/AWS::EMR::Cluster.AutoTerminationPolicy", + "markdownDescription": "An auto-termination policy for an Amazon EMR cluster. An auto-termination policy defines the amount of idle time in seconds after which a cluster automatically terminates. For alternative cluster termination options, see [Control cluster termination](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-plan-termination.html) .", + "title": "AutoTerminationPolicy" + }, + "BootstrapActions": { + "items": { + "$ref": "#/definitions/AWS::EMR::Cluster.BootstrapActionConfig" + }, + "markdownDescription": "A list of bootstrap actions to run before Hadoop starts on the cluster nodes.", + "title": "BootstrapActions", + "type": "array" + }, + "Configurations": { + "items": { + "$ref": "#/definitions/AWS::EMR::Cluster.Configuration" + }, + "markdownDescription": "Applies only to Amazon EMR releases 4.x and later. The list of configurations that are supplied to the Amazon EMR cluster.", + "title": "Configurations", + "type": "array" + }, + "CustomAmiId": { + "markdownDescription": "Available only in Amazon EMR releases 5.7.0 and later. The ID of a custom Amazon EBS-backed Linux AMI if the cluster uses a custom AMI.", + "title": "CustomAmiId", "type": "string" }, - "DatabaseName": { - "markdownDescription": "The name of the database in which the crawler's output is stored.", - "title": "DatabaseName", + "EbsRootVolumeIops": { + "markdownDescription": "The IOPS, of the Amazon EBS root device volume of the Linux AMI that is used for each Amazon EC2 instance. Available in Amazon EMR releases 6.15.0 and later.", + "title": "EbsRootVolumeIops", + "type": "number" + }, + "EbsRootVolumeSize": { + "markdownDescription": "The size, in GiB, of the Amazon EBS root device volume of the Linux AMI that is used for each Amazon EC2 instance. Available in Amazon EMR releases 4.x and later.", + "title": "EbsRootVolumeSize", + "type": "number" + }, + "EbsRootVolumeThroughput": { + "markdownDescription": "The throughput, in MiB/s, of the Amazon EBS root device volume of the Linux AMI that is used for each Amazon EC2 instance. Available in Amazon EMR releases 6.15.0 and later.", + "title": "EbsRootVolumeThroughput", + "type": "number" + }, + "Instances": { + "$ref": "#/definitions/AWS::EMR::Cluster.JobFlowInstancesConfig", + "markdownDescription": "A specification of the number and type of Amazon EC2 instances.", + "title": "Instances" + }, + "JobFlowRole": { + "markdownDescription": "Also called instance profile and Amazon EC2 role. An IAM role for an Amazon EMR cluster. The Amazon EC2 instances of the cluster assume this role. The default role is `EMR_EC2_DefaultRole` . In order to use the default role, you must have already created it using the AWS CLI or console.", + "title": "JobFlowRole", "type": "string" }, - "Description": { - "markdownDescription": "A description of the crawler.", - "title": "Description", + "KerberosAttributes": { + "$ref": "#/definitions/AWS::EMR::Cluster.KerberosAttributes", + "markdownDescription": "Attributes for Kerberos configuration when Kerberos authentication is enabled using a security configuration. For more information see [Use Kerberos Authentication](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-kerberos.html) in the *Amazon EMR Management Guide* .", + "title": "KerberosAttributes" + }, + "LogEncryptionKmsKeyId": { + "markdownDescription": "The AWS KMS key used for encrypting log files. This attribute is only available with Amazon EMR 5.30.0 and later, excluding Amazon EMR 6.0.0.", + "title": "LogEncryptionKmsKeyId", "type": "string" }, - "LakeFormationConfiguration": { - "$ref": "#/definitions/AWS::Glue::Crawler.LakeFormationConfiguration", - "markdownDescription": "Specifies whether the crawler should use AWS Lake Formation credentials for the crawler instead of the IAM role credentials.", - "title": "LakeFormationConfiguration" + "LogUri": { + "markdownDescription": "The path to the Amazon S3 location where logs for this cluster are stored.", + "title": "LogUri", + "type": "string" + }, + "ManagedScalingPolicy": { + "$ref": "#/definitions/AWS::EMR::Cluster.ManagedScalingPolicy", + "markdownDescription": "Creates or updates a managed scaling policy for an Amazon EMR cluster. The managed scaling policy defines the limits for resources, such as Amazon EC2 instances that can be added or terminated from a cluster. The policy only applies to the core and task nodes. The master node cannot be scaled after initial configuration.", + "title": "ManagedScalingPolicy" }, "Name": { - "markdownDescription": "The name of the crawler.", + "markdownDescription": "The name of the cluster. This parameter can't contain the characters <, >, $, |, or ` (backtick).", "title": "Name", "type": "string" }, - "RecrawlPolicy": { - "$ref": "#/definitions/AWS::Glue::Crawler.RecrawlPolicy", - "markdownDescription": "A policy that specifies whether to crawl the entire dataset again, or to crawl only folders that were added since the last crawler run.", - "title": "RecrawlPolicy" + "OSReleaseLabel": { + "markdownDescription": "The Amazon Linux release specified in a cluster launch RunJobFlow request. If no Amazon Linux release was specified, the default Amazon Linux release is shown in the response.", + "title": "OSReleaseLabel", + "type": "string" }, - "Role": { - "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role that's used to access customer resources, such as Amazon Simple Storage Service (Amazon S3) data.", - "title": "Role", + "PlacementGroupConfigs": { + "items": { + "$ref": "#/definitions/AWS::EMR::Cluster.PlacementGroupConfig" + }, + "markdownDescription": "", + "title": "PlacementGroupConfigs", + "type": "array" + }, + "ReleaseLabel": { + "markdownDescription": "The Amazon EMR release label, which determines the version of open-source application packages installed on the cluster. Release labels are in the form `emr-x.x.x` , where x.x.x is an Amazon EMR release version such as `emr-5.14.0` . For more information about Amazon EMR release versions and included application versions and features, see [](https://docs.aws.amazon.com/emr/latest/ReleaseGuide/) . The release label applies only to Amazon EMR releases version 4.0 and later. Earlier versions use `AmiVersion` .", + "title": "ReleaseLabel", "type": "string" }, - "Schedule": { - "$ref": "#/definitions/AWS::Glue::Crawler.Schedule", - "markdownDescription": "For scheduled crawlers, the schedule when the crawler runs.", - "title": "Schedule" + "ScaleDownBehavior": { + "markdownDescription": "The way that individual Amazon EC2 instances terminate when an automatic scale-in activity occurs or an instance group is resized. `TERMINATE_AT_INSTANCE_HOUR` indicates that Amazon EMR terminates nodes at the instance-hour boundary, regardless of when the request to terminate the instance was submitted. This option is only available with Amazon EMR 5.1.0 and later and is the default for clusters created using that version. `TERMINATE_AT_TASK_COMPLETION` indicates that Amazon EMR adds nodes to a deny list and drains tasks from nodes before terminating the Amazon EC2 instances, regardless of the instance-hour boundary. With either behavior, Amazon EMR removes the least active nodes first and blocks instance termination if it could lead to HDFS corruption. `TERMINATE_AT_TASK_COMPLETION` is available only in Amazon EMR releases 4.1.0 and later, and is the default for versions of Amazon EMR earlier than 5.1.0.", + "title": "ScaleDownBehavior", + "type": "string" }, - "SchemaChangePolicy": { - "$ref": "#/definitions/AWS::Glue::Crawler.SchemaChangePolicy", - "markdownDescription": "The policy that specifies update and delete behaviors for the crawler. The policy tells the crawler what to do in the event that it detects a change in a table that already exists in the customer's database at the time of the crawl. The `SchemaChangePolicy` does not affect whether or how new tables and partitions are added. New tables and partitions are always created regardless of the `SchemaChangePolicy` on a crawler.\n\nThe SchemaChangePolicy consists of two components, `UpdateBehavior` and `DeleteBehavior` .", - "title": "SchemaChangePolicy" + "SecurityConfiguration": { + "markdownDescription": "The name of the security configuration applied to the cluster.", + "title": "SecurityConfiguration", + "type": "string" }, - "TablePrefix": { - "markdownDescription": "The prefix added to the names of tables that are created.", - "title": "TablePrefix", + "ServiceRole": { + "markdownDescription": "The IAM role that Amazon EMR assumes in order to access AWS resources on your behalf.", + "title": "ServiceRole", "type": "string" }, + "StepConcurrencyLevel": { + "markdownDescription": "Specifies the number of steps that can be executed concurrently. The default value is `1` . The maximum value is `256` .", + "title": "StepConcurrencyLevel", + "type": "number" + }, + "Steps": { + "items": { + "$ref": "#/definitions/AWS::EMR::Cluster.StepConfig" + }, + "markdownDescription": "A list of steps to run.", + "title": "Steps", + "type": "array" + }, "Tags": { - "markdownDescription": "The tags to use with this crawler.", + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags associated with a cluster.", "title": "Tags", - "type": "object" + "type": "array" }, - "Targets": { - "$ref": "#/definitions/AWS::Glue::Crawler.Targets", - "markdownDescription": "A collection of targets to crawl.", - "title": "Targets" + "VisibleToAllUsers": { + "markdownDescription": "Indicates whether the cluster is visible to all IAM users of the AWS account associated with the cluster. If this value is set to `true` , all IAM users of that AWS account can view and manage the cluster if they have the proper policy permissions set. If this value is `false` , only the IAM user that created the cluster can view and manage it. This value can be changed using the SetVisibleToAllUsers action.\n\n> When you create clusters directly through the EMR console or API, this value is set to `true` by default. However, for `AWS::EMR::Cluster` resources in CloudFormation, the default is `false` .", + "title": "VisibleToAllUsers", + "type": "boolean" } }, "required": [ - "Role", - "Targets" + "Instances", + "JobFlowRole", + "Name", + "ServiceRole" ], "type": "object" }, "Type": { "enum": [ - "AWS::Glue::Crawler" + "AWS::EMR::Cluster" ], "type": "string" }, @@ -105391,803 +109226,1009 @@ ], "type": "object" }, - "AWS::Glue::Crawler.CatalogTarget": { + "AWS::EMR::Cluster.Application": { "additionalProperties": false, "properties": { - "ConnectionName": { - "markdownDescription": "The name of the connection for an Amazon S3-backed Data Catalog table to be a target of the crawl when using a `Catalog` connection type paired with a `NETWORK` Connection type.", - "title": "ConnectionName", - "type": "string" - }, - "DatabaseName": { - "markdownDescription": "The name of the database to be synchronized.", - "title": "DatabaseName", - "type": "string" - }, - "DlqEventQueueArn": { - "markdownDescription": "A valid Amazon dead-letter SQS ARN. For example, `arn:aws:sqs:region:account:deadLetterQueue` .", - "title": "DlqEventQueueArn", - "type": "string" - }, - "EventQueueArn": { - "markdownDescription": "A valid Amazon SQS ARN. For example, `arn:aws:sqs:region:account:sqs` .", - "title": "EventQueueArn", - "type": "string" + "AdditionalInfo": { + "additionalProperties": true, + "markdownDescription": "This option is for advanced users only. This is meta information about clusters and applications that are used for testing and troubleshooting.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AdditionalInfo", + "type": "object" }, - "Tables": { + "Args": { "items": { "type": "string" }, - "markdownDescription": "A list of the tables to be synchronized.", - "title": "Tables", + "markdownDescription": "Arguments for Amazon EMR to pass to the application.", + "title": "Args", "type": "array" + }, + "Name": { + "markdownDescription": "The name of the application.", + "title": "Name", + "type": "string" + }, + "Version": { + "markdownDescription": "The version of the application.", + "title": "Version", + "type": "string" } }, "type": "object" }, - "AWS::Glue::Crawler.DeltaTarget": { + "AWS::EMR::Cluster.AutoScalingPolicy": { "additionalProperties": false, "properties": { - "ConnectionName": { - "markdownDescription": "The name of the connection to use to connect to the Delta table target.", - "title": "ConnectionName", - "type": "string" - }, - "CreateNativeDeltaTable": { - "markdownDescription": "Specifies whether the crawler will create native tables, to allow integration with query engines that support querying of the Delta transaction log directly.", - "title": "CreateNativeDeltaTable", - "type": "boolean" + "Constraints": { + "$ref": "#/definitions/AWS::EMR::Cluster.ScalingConstraints", + "markdownDescription": "The upper and lower Amazon EC2 instance limits for an automatic scaling policy. Automatic scaling activity will not cause an instance group to grow above or below these limits.", + "title": "Constraints" }, - "DeltaTables": { + "Rules": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EMR::Cluster.ScalingRule" }, - "markdownDescription": "A list of the Amazon S3 paths to the Delta tables.", - "title": "DeltaTables", + "markdownDescription": "The scale-in and scale-out rules that comprise the automatic scaling policy.", + "title": "Rules", "type": "array" - }, - "WriteManifest": { - "markdownDescription": "Specifies whether to write the manifest files to the Delta table path.", - "title": "WriteManifest", - "type": "boolean" } }, + "required": [ + "Constraints", + "Rules" + ], "type": "object" }, - "AWS::Glue::Crawler.DynamoDBTarget": { + "AWS::EMR::Cluster.AutoTerminationPolicy": { "additionalProperties": false, "properties": { - "Path": { - "markdownDescription": "The name of the DynamoDB table to crawl.", - "title": "Path", + "IdleTimeout": { + "markdownDescription": "Specifies the amount of idle time in seconds after which the cluster automatically terminates. You can specify a minimum of 60 seconds and a maximum of 604800 seconds (seven days).", + "title": "IdleTimeout", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EMR::Cluster.BootstrapActionConfig": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the bootstrap action.", + "title": "Name", "type": "string" + }, + "ScriptBootstrapAction": { + "$ref": "#/definitions/AWS::EMR::Cluster.ScriptBootstrapActionConfig", + "markdownDescription": "The script run by the bootstrap action.", + "title": "ScriptBootstrapAction" } }, + "required": [ + "Name", + "ScriptBootstrapAction" + ], "type": "object" }, - "AWS::Glue::Crawler.IcebergTarget": { + "AWS::EMR::Cluster.CloudWatchAlarmDefinition": { "additionalProperties": false, "properties": { - "ConnectionName": { - "markdownDescription": "The name of the connection to use to connect to the Iceberg target.", - "title": "ConnectionName", + "ComparisonOperator": { + "markdownDescription": "Determines how the metric specified by `MetricName` is compared to the value specified by `Threshold` .", + "title": "ComparisonOperator", "type": "string" }, - "Exclusions": { + "Dimensions": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EMR::Cluster.MetricDimension" }, - "markdownDescription": "A list of global patterns used to exclude from the crawl.", - "title": "Exclusions", + "markdownDescription": "A CloudWatch metric dimension.", + "title": "Dimensions", "type": "array" }, - "MaximumTraversalDepth": { - "markdownDescription": "The maximum depth of Amazon S3 paths that the crawler can traverse to discover the Iceberg metadata folder in your Amazon S3 path. Used to limit the crawler run time.", - "title": "MaximumTraversalDepth", + "EvaluationPeriods": { + "markdownDescription": "The number of periods, in five-minute increments, during which the alarm condition must exist before the alarm triggers automatic scaling activity. The default value is `1` .", + "title": "EvaluationPeriods", "type": "number" }, - "Paths": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more Amazon S3 paths that contains Iceberg metadata folders as s3://bucket/prefix .", - "title": "Paths", - "type": "array" + "MetricName": { + "markdownDescription": "The name of the CloudWatch metric that is watched to determine an alarm condition.", + "title": "MetricName", + "type": "string" + }, + "Namespace": { + "markdownDescription": "The namespace for the CloudWatch metric. The default is `AWS/ElasticMapReduce` .", + "title": "Namespace", + "type": "string" + }, + "Period": { + "markdownDescription": "The period, in seconds, over which the statistic is applied. CloudWatch metrics for Amazon EMR are emitted every five minutes (300 seconds), so if you specify a CloudWatch metric, specify `300` .", + "title": "Period", + "type": "number" + }, + "Statistic": { + "markdownDescription": "The statistic to apply to the metric associated with the alarm. The default is `AVERAGE` .", + "title": "Statistic", + "type": "string" + }, + "Threshold": { + "markdownDescription": "The value against which the specified statistic is compared.", + "title": "Threshold", + "type": "number" + }, + "Unit": { + "markdownDescription": "The unit of measure associated with the CloudWatch metric being watched. The value specified for `Unit` must correspond to the units specified in the CloudWatch metric.", + "title": "Unit", + "type": "string" } }, + "required": [ + "ComparisonOperator", + "MetricName", + "Period", + "Threshold" + ], "type": "object" }, - "AWS::Glue::Crawler.JdbcTarget": { + "AWS::EMR::Cluster.ComputeLimits": { "additionalProperties": false, "properties": { - "ConnectionName": { - "markdownDescription": "The name of the connection to use to connect to the JDBC target.", - "title": "ConnectionName", - "type": "string" + "MaximumCapacityUnits": { + "markdownDescription": "The upper boundary of Amazon EC2 units. It is measured through vCPU cores or instances for instance groups and measured through units for instance fleets. Managed scaling activities are not allowed beyond this boundary. The limit only applies to the core and task nodes. The master node cannot be scaled after initial configuration.", + "title": "MaximumCapacityUnits", + "type": "number" }, - "Exclusions": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of glob patterns used to exclude from the crawl. For more information, see [Catalog Tables with a Crawler](https://docs.aws.amazon.com/glue/latest/dg/add-crawler.html) .", - "title": "Exclusions", - "type": "array" + "MaximumCoreCapacityUnits": { + "markdownDescription": "The upper boundary of Amazon EC2 units for core node type in a cluster. It is measured through vCPU cores or instances for instance groups and measured through units for instance fleets. The core units are not allowed to scale beyond this boundary. The parameter is used to split capacity allocation between core and task nodes.", + "title": "MaximumCoreCapacityUnits", + "type": "number" }, - "Path": { - "markdownDescription": "The path of the JDBC target.", - "title": "Path", + "MaximumOnDemandCapacityUnits": { + "markdownDescription": "The upper boundary of On-Demand Amazon EC2 units. It is measured through vCPU cores or instances for instance groups and measured through units for instance fleets. The On-Demand units are not allowed to scale beyond this boundary. The parameter is used to split capacity allocation between On-Demand and Spot Instances.", + "title": "MaximumOnDemandCapacityUnits", + "type": "number" + }, + "MinimumCapacityUnits": { + "markdownDescription": "The lower boundary of Amazon EC2 units. It is measured through vCPU cores or instances for instance groups and measured through units for instance fleets. Managed scaling activities are not allowed beyond this boundary. The limit only applies to the core and task nodes. The master node cannot be scaled after initial configuration.", + "title": "MinimumCapacityUnits", + "type": "number" + }, + "UnitType": { + "markdownDescription": "The unit type used for specifying a managed scaling policy.", + "title": "UnitType", "type": "string" } }, + "required": [ + "MaximumCapacityUnits", + "MinimumCapacityUnits", + "UnitType" + ], "type": "object" }, - "AWS::Glue::Crawler.LakeFormationConfiguration": { + "AWS::EMR::Cluster.Configuration": { "additionalProperties": false, "properties": { - "AccountId": { - "markdownDescription": "Required for cross account crawls. For same account crawls as the target data, this can be left as null.", - "title": "AccountId", + "Classification": { + "markdownDescription": "The classification within a configuration.", + "title": "Classification", "type": "string" }, - "UseLakeFormationCredentials": { - "markdownDescription": "Specifies whether to use AWS Lake Formation credentials for the crawler instead of the IAM role credentials.", - "title": "UseLakeFormationCredentials", - "type": "boolean" + "ConfigurationProperties": { + "additionalProperties": true, + "markdownDescription": "A list of additional configurations to apply within a configuration object.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "ConfigurationProperties", + "type": "object" + }, + "Configurations": { + "items": { + "$ref": "#/definitions/AWS::EMR::Cluster.Configuration" + }, + "markdownDescription": "A list of additional configurations to apply within a configuration object.", + "title": "Configurations", + "type": "array" } }, "type": "object" }, - "AWS::Glue::Crawler.MongoDBTarget": { + "AWS::EMR::Cluster.EbsBlockDeviceConfig": { "additionalProperties": false, "properties": { - "ConnectionName": { - "markdownDescription": "The name of the connection to use to connect to the Amazon DocumentDB or MongoDB target.", - "title": "ConnectionName", - "type": "string" + "VolumeSpecification": { + "$ref": "#/definitions/AWS::EMR::Cluster.VolumeSpecification", + "markdownDescription": "EBS volume specifications such as volume type, IOPS, size (GiB) and throughput (MiB/s) that are requested for the EBS volume attached to an Amazon EC2 instance in the cluster.", + "title": "VolumeSpecification" }, - "Path": { - "markdownDescription": "The path of the Amazon DocumentDB or MongoDB target (database/collection).", - "title": "Path", - "type": "string" + "VolumesPerInstance": { + "markdownDescription": "Number of EBS volumes with a specific volume configuration that are associated with every instance in the instance group", + "title": "VolumesPerInstance", + "type": "number" } }, + "required": [ + "VolumeSpecification" + ], "type": "object" }, - "AWS::Glue::Crawler.RecrawlPolicy": { + "AWS::EMR::Cluster.EbsConfiguration": { "additionalProperties": false, "properties": { - "RecrawlBehavior": { - "markdownDescription": "Specifies whether to crawl the entire dataset again or to crawl only folders that were added since the last crawler run.\n\nA value of `CRAWL_EVERYTHING` specifies crawling the entire dataset again.\n\nA value of `CRAWL_NEW_FOLDERS_ONLY` specifies crawling only folders that were added since the last crawler run.\n\nA value of `CRAWL_EVENT_MODE` specifies crawling only the changes identified by Amazon S3 events.", - "title": "RecrawlBehavior", - "type": "string" + "EbsBlockDeviceConfigs": { + "items": { + "$ref": "#/definitions/AWS::EMR::Cluster.EbsBlockDeviceConfig" + }, + "markdownDescription": "An array of Amazon EBS volume specifications attached to a cluster instance.", + "title": "EbsBlockDeviceConfigs", + "type": "array" + }, + "EbsOptimized": { + "markdownDescription": "Indicates whether an Amazon EBS volume is EBS-optimized. The default is false. You should explicitly set this value to true to enable the Amazon EBS-optimized setting for an EC2 instance.", + "title": "EbsOptimized", + "type": "boolean" } }, "type": "object" }, - "AWS::Glue::Crawler.S3Target": { + "AWS::EMR::Cluster.HadoopJarStepConfig": { "additionalProperties": false, "properties": { - "ConnectionName": { - "markdownDescription": "The name of a connection which allows a job or crawler to access data in Amazon S3 within an Amazon Virtual Private Cloud environment (Amazon VPC).", - "title": "ConnectionName", - "type": "string" + "Args": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of command line arguments passed to the JAR file's main function when executed.", + "title": "Args", + "type": "array" }, - "DlqEventQueueArn": { - "markdownDescription": "A valid Amazon dead-letter SQS ARN. For example, `arn:aws:sqs:region:account:deadLetterQueue` .", - "title": "DlqEventQueueArn", + "Jar": { + "markdownDescription": "A path to a JAR file run during the step.", + "title": "Jar", "type": "string" }, - "EventQueueArn": { - "markdownDescription": "A valid Amazon SQS ARN. For example, `arn:aws:sqs:region:account:sqs` .", - "title": "EventQueueArn", + "MainClass": { + "markdownDescription": "The name of the main class in the specified Java file. If not specified, the JAR file should specify a Main-Class in its manifest file.", + "title": "MainClass", "type": "string" }, - "Exclusions": { + "StepProperties": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EMR::Cluster.KeyValue" }, - "markdownDescription": "A list of glob patterns used to exclude from the crawl. For more information, see [Catalog Tables with a Crawler](https://docs.aws.amazon.com/glue/latest/dg/add-crawler.html) .", - "title": "Exclusions", + "markdownDescription": "A list of Java properties that are set when the step runs. You can use these properties to pass key-value pairs to your main function.", + "title": "StepProperties", + "type": "array" + } + }, + "required": [ + "Jar" + ], + "type": "object" + }, + "AWS::EMR::Cluster.InstanceFleetConfig": { + "additionalProperties": false, + "properties": { + "InstanceTypeConfigs": { + "items": { + "$ref": "#/definitions/AWS::EMR::Cluster.InstanceTypeConfig" + }, + "markdownDescription": "The instance type configurations that define the Amazon EC2 instances in the instance fleet.", + "title": "InstanceTypeConfigs", "type": "array" }, - "Path": { - "markdownDescription": "The path to the Amazon S3 target.", - "title": "Path", + "LaunchSpecifications": { + "$ref": "#/definitions/AWS::EMR::Cluster.InstanceFleetProvisioningSpecifications", + "markdownDescription": "The launch specification for the instance fleet.", + "title": "LaunchSpecifications" + }, + "Name": { + "markdownDescription": "The friendly name of the instance fleet.", + "title": "Name", "type": "string" }, - "SampleSize": { - "markdownDescription": "Sets the number of files in each leaf folder to be crawled when crawling sample files in a dataset. If not set, all the files are crawled. A valid value is an integer between 1 and 249.", - "title": "SampleSize", + "ResizeSpecifications": { + "$ref": "#/definitions/AWS::EMR::Cluster.InstanceFleetResizingSpecifications", + "markdownDescription": "The resize specification for the instance fleet.", + "title": "ResizeSpecifications" + }, + "TargetOnDemandCapacity": { + "markdownDescription": "The target capacity of On-Demand units for the instance fleet, which determines how many On-Demand instances to provision. When the instance fleet launches, Amazon EMR tries to provision On-Demand instances as specified by `InstanceTypeConfig` . Each instance configuration has a specified `WeightedCapacity` . When an On-Demand instance is provisioned, the `WeightedCapacity` units count toward the target capacity. Amazon EMR provisions instances until the target capacity is totally fulfilled, even if this results in an overage. For example, if there are 2 units remaining to fulfill capacity, and Amazon EMR can only provision an instance with a `WeightedCapacity` of 5 units, the instance is provisioned, and the target capacity is exceeded by 3 units.\n\n> If not specified or set to 0, only Spot instances are provisioned for the instance fleet using `TargetSpotCapacity` . At least one of `TargetSpotCapacity` and `TargetOnDemandCapacity` should be greater than 0. For a master instance fleet, only one of `TargetSpotCapacity` and `TargetOnDemandCapacity` can be specified, and its value must be 1.", + "title": "TargetOnDemandCapacity", + "type": "number" + }, + "TargetSpotCapacity": { + "markdownDescription": "The target capacity of Spot units for the instance fleet, which determines how many Spot instances to provision. When the instance fleet launches, Amazon EMR tries to provision Spot instances as specified by `InstanceTypeConfig` . Each instance configuration has a specified `WeightedCapacity` . When a Spot instance is provisioned, the `WeightedCapacity` units count toward the target capacity. Amazon EMR provisions instances until the target capacity is totally fulfilled, even if this results in an overage. For example, if there are 2 units remaining to fulfill capacity, and Amazon EMR can only provision an instance with a `WeightedCapacity` of 5 units, the instance is provisioned, and the target capacity is exceeded by 3 units.\n\n> If not specified or set to 0, only On-Demand instances are provisioned for the instance fleet. At least one of `TargetSpotCapacity` and `TargetOnDemandCapacity` should be greater than 0. For a master instance fleet, only one of `TargetSpotCapacity` and `TargetOnDemandCapacity` can be specified, and its value must be 1.", + "title": "TargetSpotCapacity", "type": "number" } }, "type": "object" }, - "AWS::Glue::Crawler.Schedule": { + "AWS::EMR::Cluster.InstanceFleetProvisioningSpecifications": { "additionalProperties": false, "properties": { - "ScheduleExpression": { - "markdownDescription": "A `cron` expression used to specify the schedule. For more information, see [Time-Based Schedules for Jobs and Crawlers](https://docs.aws.amazon.com/glue/latest/dg/monitor-data-warehouse-schedule.html) . For example, to run something every day at 12:15 UTC, specify `cron(15 12 * * ? *)` .", - "title": "ScheduleExpression", - "type": "string" + "OnDemandSpecification": { + "$ref": "#/definitions/AWS::EMR::Cluster.OnDemandProvisioningSpecification", + "markdownDescription": "The launch specification for On-Demand Instances in the instance fleet, which determines the allocation strategy and capacity reservation options.\n\n> The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and later, excluding 5.0.x versions. On-Demand Instances allocation strategy is available in Amazon EMR releases 5.12.1 and later.", + "title": "OnDemandSpecification" + }, + "SpotSpecification": { + "$ref": "#/definitions/AWS::EMR::Cluster.SpotProvisioningSpecification", + "markdownDescription": "The launch specification for Spot instances in the fleet, which determines the allocation strategy, defined duration, and provisioning timeout behavior.", + "title": "SpotSpecification" } }, "type": "object" }, - "AWS::Glue::Crawler.SchemaChangePolicy": { + "AWS::EMR::Cluster.InstanceFleetResizingSpecifications": { "additionalProperties": false, "properties": { - "DeleteBehavior": { - "markdownDescription": "The deletion behavior when the crawler finds a deleted object.\n\nA value of `LOG` specifies that if a table or partition is found to no longer exist, do not delete it, only log that it was found to no longer exist.\n\nA value of `DELETE_FROM_DATABASE` specifies that if a table or partition is found to have been removed, delete it from the database.\n\nA value of `DEPRECATE_IN_DATABASE` specifies that if a table has been found to no longer exist, to add a property to the table that says \"DEPRECATED\" and includes a timestamp with the time of deprecation.", - "title": "DeleteBehavior", - "type": "string" + "OnDemandResizeSpecification": { + "$ref": "#/definitions/AWS::EMR::Cluster.OnDemandResizingSpecification", + "markdownDescription": "The resize specification for On-Demand Instances in the instance fleet, which contains the allocation strategy, capacity reservation options, and the resize timeout period.", + "title": "OnDemandResizeSpecification" }, - "UpdateBehavior": { - "markdownDescription": "The update behavior when the crawler finds a changed schema.\n\nA value of `LOG` specifies that if a table or a partition already exists, and a change is detected, do not update it, only log that a change was detected. Add new tables and new partitions (including on existing tables).\n\nA value of `UPDATE_IN_DATABASE` specifies that if a table or partition already exists, and a change is detected, update it. Add new tables and partitions.", - "title": "UpdateBehavior", - "type": "string" + "SpotResizeSpecification": { + "$ref": "#/definitions/AWS::EMR::Cluster.SpotResizingSpecification", + "markdownDescription": "The resize specification for Spot Instances in the instance fleet, which contains the allocation strategy and the resize timeout period.", + "title": "SpotResizeSpecification" } }, "type": "object" }, - "AWS::Glue::Crawler.Targets": { + "AWS::EMR::Cluster.InstanceGroupConfig": { "additionalProperties": false, "properties": { - "CatalogTargets": { + "AutoScalingPolicy": { + "$ref": "#/definitions/AWS::EMR::Cluster.AutoScalingPolicy", + "markdownDescription": "`AutoScalingPolicy` is a subproperty of the [InstanceGroupConfig](https://docs.aws.amazon.com//AWSCloudFormation/latest/UserGuide/aws-properties-emr-cluster-jobflowinstancesconfig-instancegroupconfig.html) property type that specifies the constraints and rules of an automatic scaling policy in Amazon EMR . The automatic scaling policy defines how an instance group dynamically adds and terminates EC2 instances in response to the value of a CloudWatch metric. Only core and task instance groups can use automatic scaling policies. For more information, see [Using Automatic Scaling in Amazon EMR](https://docs.aws.amazon.com//emr/latest/ManagementGuide/emr-automatic-scaling.html) .", + "title": "AutoScalingPolicy" + }, + "BidPrice": { + "markdownDescription": "If specified, indicates that the instance group uses Spot Instances. This is the maximum price you are willing to pay for Spot Instances. Specify `OnDemandPrice` to set the amount equal to the On-Demand price, or specify an amount in USD.", + "title": "BidPrice", + "type": "string" + }, + "Configurations": { "items": { - "$ref": "#/definitions/AWS::Glue::Crawler.CatalogTarget" + "$ref": "#/definitions/AWS::EMR::Cluster.Configuration" }, - "markdownDescription": "Specifies AWS Glue Data Catalog targets.", - "title": "CatalogTargets", + "markdownDescription": "> Amazon EMR releases 4.x or later. \n\nThe list of configurations supplied for an Amazon EMR cluster instance group. You can specify a separate configuration for each instance group (master, core, and task).", + "title": "Configurations", "type": "array" }, - "DeltaTargets": { + "CustomAmiId": { + "markdownDescription": "The custom AMI ID to use for the provisioned instance group.", + "title": "CustomAmiId", + "type": "string" + }, + "EbsConfiguration": { + "$ref": "#/definitions/AWS::EMR::Cluster.EbsConfiguration", + "markdownDescription": "EBS configurations that will be attached to each Amazon EC2 instance in the instance group.", + "title": "EbsConfiguration" + }, + "InstanceCount": { + "markdownDescription": "Target number of instances for the instance group.", + "title": "InstanceCount", + "type": "number" + }, + "InstanceType": { + "markdownDescription": "The Amazon EC2 instance type for all instances in the instance group.", + "title": "InstanceType", + "type": "string" + }, + "Market": { + "markdownDescription": "Market type of the Amazon EC2 instances used to create a cluster node.", + "title": "Market", + "type": "string" + }, + "Name": { + "markdownDescription": "Friendly name given to the instance group.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "InstanceCount", + "InstanceType" + ], + "type": "object" + }, + "AWS::EMR::Cluster.InstanceTypeConfig": { + "additionalProperties": false, + "properties": { + "BidPrice": { + "markdownDescription": "The bid price for each Amazon EC2 Spot Instance type as defined by `InstanceType` . Expressed in USD. If neither `BidPrice` nor `BidPriceAsPercentageOfOnDemandPrice` is provided, `BidPriceAsPercentageOfOnDemandPrice` defaults to 100%.", + "title": "BidPrice", + "type": "string" + }, + "BidPriceAsPercentageOfOnDemandPrice": { + "markdownDescription": "The bid price, as a percentage of On-Demand price, for each Amazon EC2 Spot Instance as defined by `InstanceType` . Expressed as a number (for example, 20 specifies 20%). If neither `BidPrice` nor `BidPriceAsPercentageOfOnDemandPrice` is provided, `BidPriceAsPercentageOfOnDemandPrice` defaults to 100%.", + "title": "BidPriceAsPercentageOfOnDemandPrice", + "type": "number" + }, + "Configurations": { "items": { - "$ref": "#/definitions/AWS::Glue::Crawler.DeltaTarget" + "$ref": "#/definitions/AWS::EMR::Cluster.Configuration" }, - "markdownDescription": "Specifies an array of Delta data store targets.", - "title": "DeltaTargets", + "markdownDescription": "A configuration classification that applies when provisioning cluster instances, which can include configurations for applications and software that run on the cluster.", + "title": "Configurations", "type": "array" }, - "DynamoDBTargets": { + "CustomAmiId": { + "markdownDescription": "The custom AMI ID to use for the instance type.", + "title": "CustomAmiId", + "type": "string" + }, + "EbsConfiguration": { + "$ref": "#/definitions/AWS::EMR::Cluster.EbsConfiguration", + "markdownDescription": "The configuration of Amazon Elastic Block Store (Amazon EBS) attached to each instance as defined by `InstanceType` .", + "title": "EbsConfiguration" + }, + "InstanceType": { + "markdownDescription": "An Amazon EC2 instance type, such as `m3.xlarge` .", + "title": "InstanceType", + "type": "string" + }, + "Priority": { + "markdownDescription": "The priority at which Amazon EMR launches the Amazon EC2 instances with this instance type. Priority starts at 0, which is the highest priority. Amazon EMR considers the highest priority first.", + "title": "Priority", + "type": "number" + }, + "WeightedCapacity": { + "markdownDescription": "The number of units that a provisioned instance of this type provides toward fulfilling the target capacities defined in `InstanceFleetConfig` . This value is 1 for a master instance fleet, and must be 1 or greater for core and task instance fleets. Defaults to 1 if not specified.", + "title": "WeightedCapacity", + "type": "number" + } + }, + "required": [ + "InstanceType" + ], + "type": "object" + }, + "AWS::EMR::Cluster.JobFlowInstancesConfig": { + "additionalProperties": false, + "properties": { + "AdditionalMasterSecurityGroups": { "items": { - "$ref": "#/definitions/AWS::Glue::Crawler.DynamoDBTarget" + "type": "string" }, - "markdownDescription": "Specifies Amazon DynamoDB targets.", - "title": "DynamoDBTargets", + "markdownDescription": "A list of additional Amazon EC2 security group IDs for the master node.", + "title": "AdditionalMasterSecurityGroups", "type": "array" }, - "IcebergTargets": { + "AdditionalSlaveSecurityGroups": { "items": { - "$ref": "#/definitions/AWS::Glue::Crawler.IcebergTarget" + "type": "string" }, - "markdownDescription": "Specifies Apache Iceberg data store targets.", - "title": "IcebergTargets", + "markdownDescription": "A list of additional Amazon EC2 security group IDs for the core and task nodes.", + "title": "AdditionalSlaveSecurityGroups", "type": "array" }, - "JdbcTargets": { + "CoreInstanceFleet": { + "$ref": "#/definitions/AWS::EMR::Cluster.InstanceFleetConfig", + "markdownDescription": "Describes the EC2 instances and instance configurations for the core instance fleet when using clusters with the instance fleet configuration.", + "title": "CoreInstanceFleet" + }, + "CoreInstanceGroup": { + "$ref": "#/definitions/AWS::EMR::Cluster.InstanceGroupConfig", + "markdownDescription": "Describes the EC2 instances and instance configurations for core instance groups when using clusters with the uniform instance group configuration.", + "title": "CoreInstanceGroup" + }, + "Ec2KeyName": { + "markdownDescription": "The name of the Amazon EC2 key pair that can be used to connect to the master node using SSH as the user called \"hadoop.\"", + "title": "Ec2KeyName", + "type": "string" + }, + "Ec2SubnetId": { + "markdownDescription": "Applies to clusters that use the uniform instance group configuration. To launch the cluster in Amazon Virtual Private Cloud (Amazon VPC), set this parameter to the identifier of the Amazon VPC subnet where you want the cluster to launch. If you do not specify this value and your account supports EC2-Classic, the cluster launches in EC2-Classic.", + "title": "Ec2SubnetId", + "type": "string" + }, + "Ec2SubnetIds": { "items": { - "$ref": "#/definitions/AWS::Glue::Crawler.JdbcTarget" + "type": "string" }, - "markdownDescription": "Specifies JDBC targets.", - "title": "JdbcTargets", + "markdownDescription": "Applies to clusters that use the instance fleet configuration. When multiple Amazon EC2 subnet IDs are specified, Amazon EMR evaluates them and launches instances in the optimal subnet.\n\n> The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and later, excluding 5.0.x versions.", + "title": "Ec2SubnetIds", "type": "array" }, - "MongoDBTargets": { + "EmrManagedMasterSecurityGroup": { + "markdownDescription": "The identifier of the Amazon EC2 security group for the master node. If you specify `EmrManagedMasterSecurityGroup` , you must also specify `EmrManagedSlaveSecurityGroup` .", + "title": "EmrManagedMasterSecurityGroup", + "type": "string" + }, + "EmrManagedSlaveSecurityGroup": { + "markdownDescription": "The identifier of the Amazon EC2 security group for the core and task nodes. If you specify `EmrManagedSlaveSecurityGroup` , you must also specify `EmrManagedMasterSecurityGroup` .", + "title": "EmrManagedSlaveSecurityGroup", + "type": "string" + }, + "HadoopVersion": { + "markdownDescription": "Applies only to Amazon EMR release versions earlier than 4.0. The Hadoop version for the cluster. Valid inputs are \"0.18\" (no longer maintained), \"0.20\" (no longer maintained), \"0.20.205\" (no longer maintained), \"1.0.3\", \"2.2.0\", or \"2.4.0\". If you do not set this value, the default of 0.18 is used, unless the `AmiVersion` parameter is set in the RunJobFlow call, in which case the default version of Hadoop for that AMI version is used.", + "title": "HadoopVersion", + "type": "string" + }, + "KeepJobFlowAliveWhenNoSteps": { + "markdownDescription": "Specifies whether the cluster should remain available after completing all steps. Defaults to `false` . For more information about configuring cluster termination, see [Control Cluster Termination](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-plan-termination.html) in the *EMR Management Guide* .", + "title": "KeepJobFlowAliveWhenNoSteps", + "type": "boolean" + }, + "MasterInstanceFleet": { + "$ref": "#/definitions/AWS::EMR::Cluster.InstanceFleetConfig", + "markdownDescription": "Describes the EC2 instances and instance configurations for the master instance fleet when using clusters with the instance fleet configuration.", + "title": "MasterInstanceFleet" + }, + "MasterInstanceGroup": { + "$ref": "#/definitions/AWS::EMR::Cluster.InstanceGroupConfig", + "markdownDescription": "Describes the EC2 instances and instance configurations for the master instance group when using clusters with the uniform instance group configuration.", + "title": "MasterInstanceGroup" + }, + "Placement": { + "$ref": "#/definitions/AWS::EMR::Cluster.PlacementType", + "markdownDescription": "The Availability Zone in which the cluster runs.", + "title": "Placement" + }, + "ServiceAccessSecurityGroup": { + "markdownDescription": "The identifier of the Amazon EC2 security group for the Amazon EMR service to access clusters in VPC private subnets.", + "title": "ServiceAccessSecurityGroup", + "type": "string" + }, + "TaskInstanceFleets": { "items": { - "$ref": "#/definitions/AWS::Glue::Crawler.MongoDBTarget" + "$ref": "#/definitions/AWS::EMR::Cluster.InstanceFleetConfig" }, - "markdownDescription": "A list of Mongo DB targets.", - "title": "MongoDBTargets", + "markdownDescription": "Describes the EC2 instances and instance configurations for the task instance fleets when using clusters with the instance fleet configuration. These task instance fleets are added to the cluster as part of the cluster launch. Each task instance fleet must have a unique name specified so that CloudFormation can differentiate between the task instance fleets.\n\n> You can currently specify only one task instance fleet for a cluster. After creating the cluster, you can only modify the mutable properties of `InstanceFleetConfig` , which are `TargetOnDemandCapacity` and `TargetSpotCapacity` . Modifying any other property results in cluster replacement. > To allow a maximum of 30 Amazon EC2 instance types per fleet, include `TaskInstanceFleets` when you create your cluster. If you create your cluster without `TaskInstanceFleets` , Amazon EMR uses its default allocation strategy, which allows for a maximum of five Amazon EC2 instance types.", + "title": "TaskInstanceFleets", "type": "array" }, - "S3Targets": { + "TaskInstanceGroups": { "items": { - "$ref": "#/definitions/AWS::Glue::Crawler.S3Target" + "$ref": "#/definitions/AWS::EMR::Cluster.InstanceGroupConfig" }, - "markdownDescription": "Specifies Amazon Simple Storage Service (Amazon S3) targets.", - "title": "S3Targets", + "markdownDescription": "Describes the EC2 instances and instance configurations for task instance groups when using clusters with the uniform instance group configuration. These task instance groups are added to the cluster as part of the cluster launch. Each task instance group must have a unique name specified so that CloudFormation can differentiate between the task instance groups.\n\n> After creating the cluster, you can only modify the mutable properties of `InstanceGroupConfig` , which are `AutoScalingPolicy` and `InstanceCount` . Modifying any other property results in cluster replacement.", + "title": "TaskInstanceGroups", "type": "array" + }, + "TerminationProtected": { + "markdownDescription": "Specifies whether to lock the cluster to prevent the Amazon EC2 instances from being terminated by API call, user intervention, or in the event of a job-flow error.", + "title": "TerminationProtected", + "type": "boolean" + }, + "UnhealthyNodeReplacement": { + "markdownDescription": "Indicates whether Amazon EMR should gracefully replace core nodes that have degraded within the cluster.", + "title": "UnhealthyNodeReplacement", + "type": "boolean" } }, "type": "object" }, - "AWS::Glue::CustomEntityType": { + "AWS::EMR::Cluster.KerberosAttributes": { "additionalProperties": false, "properties": { - "Condition": { + "ADDomainJoinPassword": { + "markdownDescription": "The Active Directory password for `ADDomainJoinUser` .", + "title": "ADDomainJoinPassword", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ADDomainJoinUser": { + "markdownDescription": "Required only when establishing a cross-realm trust with an Active Directory domain. A user with sufficient privileges to join resources to the domain.", + "title": "ADDomainJoinUser", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ContextWords": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of context words. If none of these context words are found within the vicinity of the regular expression the data will not be detected as sensitive data.\n\nIf no context words are passed only a regular expression is checked.", - "title": "ContextWords", - "type": "array" - }, - "Name": { - "markdownDescription": "A name for the custom pattern that allows it to be retrieved or deleted later. This name must be unique per AWS account.", - "title": "Name", - "type": "string" - }, - "RegexString": { - "markdownDescription": "A regular expression string that is used for detecting sensitive data in a custom pattern.", - "title": "RegexString", - "type": "string" - }, - "Tags": { - "markdownDescription": "AWS tags that contain a key value pair and may be searched by console, command line, or API.", - "title": "Tags", - "type": "object" - } - }, - "type": "object" + "CrossRealmTrustPrincipalPassword": { + "markdownDescription": "Required only when establishing a cross-realm trust with a KDC in a different realm. The cross-realm principal password, which must be identical across realms.", + "title": "CrossRealmTrustPrincipalPassword", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Glue::CustomEntityType" - ], + "KdcAdminPassword": { + "markdownDescription": "The password used within the cluster for the kadmin service on the cluster-dedicated KDC, which maintains Kerberos principals, password policies, and keytabs for the cluster.", + "title": "KdcAdminPassword", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Realm": { + "markdownDescription": "The name of the Kerberos realm to which all nodes in a cluster belong. For example, `EC2.INTERNAL` .", + "title": "Realm", "type": "string" } }, "required": [ - "Type" + "KdcAdminPassword", + "Realm" ], "type": "object" }, - "AWS::Glue::DataCatalogEncryptionSettings": { + "AWS::EMR::Cluster.KeyValue": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "CatalogId": { - "markdownDescription": "The ID of the Data Catalog in which the settings are created.", - "title": "CatalogId", - "type": "string" - }, - "DataCatalogEncryptionSettings": { - "$ref": "#/definitions/AWS::Glue::DataCatalogEncryptionSettings.DataCatalogEncryptionSettings", - "markdownDescription": "Contains configuration information for maintaining Data Catalog security.", - "title": "DataCatalogEncryptionSettings" - } - }, - "required": [ - "CatalogId", - "DataCatalogEncryptionSettings" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Glue::DataCatalogEncryptionSettings" - ], + "Key": { + "markdownDescription": "The unique identifier of a key-value pair.", + "title": "Key", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Value": { + "markdownDescription": "The value part of the identified key.", + "title": "Value", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Glue::DataCatalogEncryptionSettings.ConnectionPasswordEncryption": { + "AWS::EMR::Cluster.ManagedScalingPolicy": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "An AWS KMS key that is used to encrypt the connection password.\n\nIf connection password protection is enabled, the caller of `CreateConnection` and `UpdateConnection` needs at least `kms:Encrypt` permission on the specified AWS KMS key, to encrypt passwords before storing them in the Data Catalog. You can set the decrypt permission to enable or restrict access on the password key according to your security requirements.", - "title": "KmsKeyId", + "ComputeLimits": { + "$ref": "#/definitions/AWS::EMR::Cluster.ComputeLimits", + "markdownDescription": "The Amazon EC2 unit limits for a managed scaling policy. The managed scaling activity of a cluster is not allowed to go above or below these limits. The limit only applies to the core and task nodes. The master node cannot be scaled after initial configuration.", + "title": "ComputeLimits" + }, + "ScalingStrategy": { + "markdownDescription": "Determines whether a custom scaling utilization performance index can be set. Possible values include *ADVANCED* or *DEFAULT* .", + "title": "ScalingStrategy", "type": "string" }, - "ReturnConnectionPasswordEncrypted": { - "markdownDescription": "When the `ReturnConnectionPasswordEncrypted` flag is set to \"true\", passwords remain encrypted in the responses of `GetConnection` and `GetConnections` . This encryption takes effect independently from catalog encryption.", - "title": "ReturnConnectionPasswordEncrypted", - "type": "boolean" + "UtilizationPerformanceIndex": { + "markdownDescription": "An integer value that represents an advanced scaling strategy. Setting a higher value optimizes for performance. Setting a lower value optimizes for resource conservation. Setting the value to 50 balances performance and resource conservation. Possible values are 1, 25, 50, 75, and 100.", + "title": "UtilizationPerformanceIndex", + "type": "number" } }, "type": "object" }, - "AWS::Glue::DataCatalogEncryptionSettings.DataCatalogEncryptionSettings": { + "AWS::EMR::Cluster.MetricDimension": { "additionalProperties": false, "properties": { - "ConnectionPasswordEncryption": { - "$ref": "#/definitions/AWS::Glue::DataCatalogEncryptionSettings.ConnectionPasswordEncryption", - "markdownDescription": "When connection password protection is enabled, the Data Catalog uses a customer-provided key to encrypt the password as part of `CreateConnection` or `UpdateConnection` and store it in the `ENCRYPTED_PASSWORD` field in the connection properties. You can enable catalog encryption or only password encryption.", - "title": "ConnectionPasswordEncryption" + "Key": { + "markdownDescription": "The dimension name.", + "title": "Key", + "type": "string" }, - "EncryptionAtRest": { - "$ref": "#/definitions/AWS::Glue::DataCatalogEncryptionSettings.EncryptionAtRest", - "markdownDescription": "Specifies the encryption-at-rest configuration for the Data Catalog.", - "title": "EncryptionAtRest" + "Value": { + "markdownDescription": "The dimension value.", + "title": "Value", + "type": "string" } }, + "required": [ + "Key", + "Value" + ], "type": "object" }, - "AWS::Glue::DataCatalogEncryptionSettings.EncryptionAtRest": { + "AWS::EMR::Cluster.OnDemandCapacityReservationOptions": { "additionalProperties": false, "properties": { - "CatalogEncryptionMode": { - "markdownDescription": "The encryption-at-rest mode for encrypting Data Catalog data.", - "title": "CatalogEncryptionMode", + "CapacityReservationPreference": { + "markdownDescription": "Indicates the instance's Capacity Reservation preferences. Possible preferences include:\n\n- `open` - The instance can run in any open Capacity Reservation that has matching attributes (instance type, platform, Availability Zone).\n- `none` - The instance avoids running in a Capacity Reservation even if one is available. The instance runs as an On-Demand Instance.", + "title": "CapacityReservationPreference", "type": "string" }, - "CatalogEncryptionServiceRole": { - "markdownDescription": "The role that AWS Glue assumes to encrypt and decrypt the Data Catalog objects on the caller's behalf.", - "title": "CatalogEncryptionServiceRole", + "CapacityReservationResourceGroupArn": { + "markdownDescription": "The ARN of the Capacity Reservation resource group in which to run the instance.", + "title": "CapacityReservationResourceGroupArn", "type": "string" }, - "SseAwsKmsKeyId": { - "markdownDescription": "The ID of the AWS KMS key to use for encryption at rest.", - "title": "SseAwsKmsKeyId", + "UsageStrategy": { + "markdownDescription": "Indicates whether to use unused Capacity Reservations for fulfilling On-Demand capacity.\n\nIf you specify `use-capacity-reservations-first` , the fleet uses unused Capacity Reservations to fulfill On-Demand capacity up to the target On-Demand capacity. If multiple instance pools have unused Capacity Reservations, the On-Demand allocation strategy ( `lowest-price` ) is applied. If the number of unused Capacity Reservations is less than the On-Demand target capacity, the remaining On-Demand target capacity is launched according to the On-Demand allocation strategy ( `lowest-price` ).\n\nIf you do not specify a value, the fleet fulfills the On-Demand capacity according to the chosen On-Demand allocation strategy.", + "title": "UsageStrategy", "type": "string" } }, "type": "object" }, - "AWS::Glue::DataQualityRuleset": { + "AWS::EMR::Cluster.OnDemandProvisioningSpecification": { "additionalProperties": false, "properties": { - "Condition": { + "AllocationStrategy": { + "markdownDescription": "Specifies the strategy to use in launching On-Demand instance fleets. Available options are `lowest-price` and `prioritized` . `lowest-price` specifies to launch the instances with the lowest price first, and `prioritized` specifies that Amazon EMR should launch the instances with the highest priority first. The default is `lowest-price` .", + "title": "AllocationStrategy", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "CapacityReservationOptions": { + "$ref": "#/definitions/AWS::EMR::Cluster.OnDemandCapacityReservationOptions", + "markdownDescription": "The launch specification for On-Demand instances in the instance fleet, which determines the allocation strategy.", + "title": "CapacityReservationOptions" + } + }, + "required": [ + "AllocationStrategy" + ], + "type": "object" + }, + "AWS::EMR::Cluster.OnDemandResizingSpecification": { + "additionalProperties": false, + "properties": { + "AllocationStrategy": { + "markdownDescription": "Specifies the allocation strategy to use to launch On-Demand instances during a resize. The default is `lowest-price` .", + "title": "AllocationStrategy", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ClientToken": { - "markdownDescription": "Used for idempotency and is recommended to be set to a random ID (such as a UUID) to avoid creating or starting multiple instances of the same resource.", - "title": "ClientToken", - "type": "string" - }, - "Description": { - "markdownDescription": "A description of the data quality ruleset.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the data quality ruleset.", - "title": "Name", - "type": "string" - }, - "Ruleset": { - "markdownDescription": "A Data Quality Definition Language (DQDL) ruleset. For more information see the AWS Glue Developer Guide.", - "title": "Ruleset", - "type": "string" - }, - "Tags": { - "markdownDescription": "A list of tags applied to the data quality ruleset.", - "title": "Tags", - "type": "object" - }, - "TargetTable": { - "$ref": "#/definitions/AWS::Glue::DataQualityRuleset.DataQualityTargetTable", - "markdownDescription": "An object representing an AWS Glue table.", - "title": "TargetTable" - } - }, - "type": "object" + "CapacityReservationOptions": { + "$ref": "#/definitions/AWS::EMR::Cluster.OnDemandCapacityReservationOptions", + "markdownDescription": "", + "title": "CapacityReservationOptions" }, - "Type": { - "enum": [ - "AWS::Glue::DataQualityRuleset" - ], + "TimeoutDurationMinutes": { + "markdownDescription": "On-Demand resize timeout in minutes. If On-Demand Instances are not provisioned within this time, the resize workflow stops. The minimum value is 5 minutes, and the maximum value is 10,080 minutes (7 days). The timeout applies to all resize workflows on the Instance Fleet. The resize could be triggered by Amazon EMR Managed Scaling or by the customer (via Amazon EMR Console, Amazon EMR CLI modify-instance-fleet or Amazon EMR SDK ModifyInstanceFleet API) or by Amazon EMR due to Amazon EC2 Spot Reclamation.", + "title": "TimeoutDurationMinutes", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EMR::Cluster.PlacementGroupConfig": { + "additionalProperties": false, + "properties": { + "InstanceRole": { + "markdownDescription": "Role of the instance in the cluster.\n\nStarting with Amazon EMR release 5.23.0, the only supported instance role is `MASTER` .", + "title": "InstanceRole", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "PlacementStrategy": { + "markdownDescription": "Amazon EC2 Placement Group strategy associated with instance role.\n\nStarting with Amazon EMR release 5.23.0, the only supported placement strategy is `SPREAD` for the `MASTER` instance role.", + "title": "PlacementStrategy", "type": "string" } }, "required": [ - "Type" + "InstanceRole" ], "type": "object" }, - "AWS::Glue::DataQualityRuleset.DataQualityTargetTable": { + "AWS::EMR::Cluster.PlacementType": { "additionalProperties": false, "properties": { - "DatabaseName": { - "markdownDescription": "The name of the database where the AWS Glue table exists.", - "title": "DatabaseName", - "type": "string" - }, - "TableName": { - "markdownDescription": "The name of the AWS Glue table.", - "title": "TableName", + "AvailabilityZone": { + "markdownDescription": "The Amazon EC2 Availability Zone for the cluster. `AvailabilityZone` is used for uniform instance groups, while `AvailabilityZones` (plural) is used for instance fleets.", + "title": "AvailabilityZone", "type": "string" } }, + "required": [ + "AvailabilityZone" + ], "type": "object" }, - "AWS::Glue::Database": { + "AWS::EMR::Cluster.ScalingAction": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "CatalogId": { - "markdownDescription": "The AWS account ID for the account in which to create the catalog object.\n\n> To specify the account ID, you can use the `Ref` intrinsic function with the `AWS::AccountId` pseudo parameter. For example: `!Ref AWS::AccountId`", - "title": "CatalogId", - "type": "string" - }, - "DatabaseInput": { - "$ref": "#/definitions/AWS::Glue::Database.DatabaseInput", - "markdownDescription": "The metadata for the database.", - "title": "DatabaseInput" - } - }, - "required": [ - "CatalogId", - "DatabaseInput" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Glue::Database" - ], + "Market": { + "markdownDescription": "Not available for instance groups. Instance groups use the market type specified for the group.", + "title": "Market", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "SimpleScalingPolicyConfiguration": { + "$ref": "#/definitions/AWS::EMR::Cluster.SimpleScalingPolicyConfiguration", + "markdownDescription": "The type of adjustment the automatic scaling activity makes when triggered, and the periodicity of the adjustment.", + "title": "SimpleScalingPolicyConfiguration" } }, "required": [ - "Type", - "Properties" + "SimpleScalingPolicyConfiguration" ], "type": "object" }, - "AWS::Glue::Database.DataLakePrincipal": { + "AWS::EMR::Cluster.ScalingConstraints": { "additionalProperties": false, "properties": { - "DataLakePrincipalIdentifier": { - "markdownDescription": "An identifier for the AWS Lake Formation principal.", - "title": "DataLakePrincipalIdentifier", - "type": "string" + "MaxCapacity": { + "markdownDescription": "The upper boundary of Amazon EC2 instances in an instance group beyond which scaling activities are not allowed to grow. Scale-out activities will not add instances beyond this boundary.", + "title": "MaxCapacity", + "type": "number" + }, + "MinCapacity": { + "markdownDescription": "The lower boundary of Amazon EC2 instances in an instance group below which scaling activities are not allowed to shrink. Scale-in activities will not terminate instances below this boundary.", + "title": "MinCapacity", + "type": "number" } }, + "required": [ + "MaxCapacity", + "MinCapacity" + ], "type": "object" }, - "AWS::Glue::Database.DatabaseIdentifier": { + "AWS::EMR::Cluster.ScalingRule": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The ID of the Data Catalog in which the database resides.", - "title": "CatalogId", - "type": "string" + "Action": { + "$ref": "#/definitions/AWS::EMR::Cluster.ScalingAction", + "markdownDescription": "The conditions that trigger an automatic scaling activity.", + "title": "Action" }, - "DatabaseName": { - "markdownDescription": "The name of the catalog database.", - "title": "DatabaseName", + "Description": { + "markdownDescription": "A friendly, more verbose description of the automatic scaling rule.", + "title": "Description", "type": "string" }, - "Region": { - "markdownDescription": "The Region of the database.", - "title": "Region", + "Name": { + "markdownDescription": "The name used to identify an automatic scaling rule. Rule names must be unique within a scaling policy.", + "title": "Name", "type": "string" + }, + "Trigger": { + "$ref": "#/definitions/AWS::EMR::Cluster.ScalingTrigger", + "markdownDescription": "The CloudWatch alarm definition that determines when automatic scaling activity is triggered.", + "title": "Trigger" + } + }, + "required": [ + "Action", + "Name", + "Trigger" + ], + "type": "object" + }, + "AWS::EMR::Cluster.ScalingTrigger": { + "additionalProperties": false, + "properties": { + "CloudWatchAlarmDefinition": { + "$ref": "#/definitions/AWS::EMR::Cluster.CloudWatchAlarmDefinition", + "markdownDescription": "The definition of a CloudWatch metric alarm. When the defined alarm conditions are met along with other trigger parameters, scaling activity begins.", + "title": "CloudWatchAlarmDefinition" } }, + "required": [ + "CloudWatchAlarmDefinition" + ], "type": "object" }, - "AWS::Glue::Database.DatabaseInput": { + "AWS::EMR::Cluster.ScriptBootstrapActionConfig": { "additionalProperties": false, "properties": { - "CreateTableDefaultPermissions": { + "Args": { "items": { - "$ref": "#/definitions/AWS::Glue::Database.PrincipalPrivileges" + "type": "string" }, - "markdownDescription": "Creates a set of default permissions on the table for principals. Used by AWS Lake Formation . Not used in the normal course of AWS Glue operations.", - "title": "CreateTableDefaultPermissions", + "markdownDescription": "A list of command line arguments to pass to the bootstrap action script.", + "title": "Args", "type": "array" }, - "Description": { - "markdownDescription": "A description of the database.", - "title": "Description", + "Path": { + "markdownDescription": "Location in Amazon S3 of the script to run during a bootstrap action.", + "title": "Path", + "type": "string" + } + }, + "required": [ + "Path" + ], + "type": "object" + }, + "AWS::EMR::Cluster.SimpleScalingPolicyConfiguration": { + "additionalProperties": false, + "properties": { + "AdjustmentType": { + "markdownDescription": "The way in which Amazon EC2 instances are added (if `ScalingAdjustment` is a positive number) or terminated (if `ScalingAdjustment` is a negative number) each time the scaling activity is triggered. `CHANGE_IN_CAPACITY` is the default. `CHANGE_IN_CAPACITY` indicates that the Amazon EC2 instance count increments or decrements by `ScalingAdjustment` , which should be expressed as an integer. `PERCENT_CHANGE_IN_CAPACITY` indicates the instance count increments or decrements by the percentage specified by `ScalingAdjustment` , which should be expressed as an integer. For example, 20 indicates an increase in 20% increments of cluster capacity. `EXACT_CAPACITY` indicates the scaling activity results in an instance group with the number of Amazon EC2 instances specified by `ScalingAdjustment` , which should be expressed as a positive integer.", + "title": "AdjustmentType", "type": "string" }, - "FederatedDatabase": { - "$ref": "#/definitions/AWS::Glue::Database.FederatedDatabase", - "markdownDescription": "A `FederatedDatabase` structure that references an entity outside the AWS Glue Data Catalog .", - "title": "FederatedDatabase" + "CoolDown": { + "markdownDescription": "The amount of time, in seconds, after a scaling activity completes before any further trigger-related scaling activities can start. The default value is 0.", + "title": "CoolDown", + "type": "number" }, - "LocationUri": { - "markdownDescription": "The location of the database (for example, an HDFS path).", - "title": "LocationUri", + "ScalingAdjustment": { + "markdownDescription": "The amount by which to scale in or scale out, based on the specified `AdjustmentType` . A positive value adds to the instance group's Amazon EC2 instance count while a negative number removes instances. If `AdjustmentType` is set to `EXACT_CAPACITY` , the number should only be a positive integer. If `AdjustmentType` is set to `PERCENT_CHANGE_IN_CAPACITY` , the value should express the percentage as an integer. For example, -20 indicates a decrease in 20% increments of cluster capacity.", + "title": "ScalingAdjustment", + "type": "number" + } + }, + "required": [ + "ScalingAdjustment" + ], + "type": "object" + }, + "AWS::EMR::Cluster.SpotProvisioningSpecification": { + "additionalProperties": false, + "properties": { + "AllocationStrategy": { + "markdownDescription": "Specifies one of the following strategies to launch Spot Instance fleets: `capacity-optimized` , `price-capacity-optimized` , `lowest-price` , or `diversified` , and `capacity-optimized-prioritized` . For more information on the provisioning strategies, see [Allocation strategies for Spot Instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-allocation-strategy.html) in the *Amazon EC2 User Guide for Linux Instances* .\n\n> When you launch a Spot Instance fleet with the old console, it automatically launches with the `capacity-optimized` strategy. You can't change the allocation strategy from the old console.", + "title": "AllocationStrategy", "type": "string" }, - "Name": { - "markdownDescription": "The name of the database. For Hive compatibility, this is folded to lowercase when it is stored.", - "title": "Name", + "BlockDurationMinutes": { + "markdownDescription": "The defined duration for Spot Instances (also known as Spot blocks) in minutes. When specified, the Spot Instance does not terminate before the defined duration expires, and defined duration pricing for Spot Instances applies. Valid values are 60, 120, 180, 240, 300, or 360. The duration period starts as soon as a Spot Instance receives its instance ID. At the end of the duration, Amazon EC2 marks the Spot Instance for termination and provides a Spot Instance termination notice, which gives the instance a two-minute warning before it terminates.\n\n> Spot Instances with a defined duration (also known as Spot blocks) are no longer available to new customers from July 1, 2021. For customers who have previously used the feature, we will continue to support Spot Instances with a defined duration until December 31, 2022.", + "title": "BlockDurationMinutes", + "type": "number" + }, + "TimeoutAction": { + "markdownDescription": "The action to take when `TargetSpotCapacity` has not been fulfilled when the `TimeoutDurationMinutes` has expired; that is, when all Spot Instances could not be provisioned within the Spot provisioning timeout. Valid values are `TERMINATE_CLUSTER` and `SWITCH_TO_ON_DEMAND` . SWITCH_TO_ON_DEMAND specifies that if no Spot Instances are available, On-Demand Instances should be provisioned to fulfill any remaining Spot capacity.", + "title": "TimeoutAction", "type": "string" }, - "Parameters": { - "markdownDescription": "These key-value pairs define parameters and properties of the database.", - "title": "Parameters", - "type": "object" + "TimeoutDurationMinutes": { + "markdownDescription": "The Spot provisioning timeout period in minutes. If Spot Instances are not provisioned within this time period, the `TimeOutAction` is taken. Minimum value is 5 and maximum value is 1440. The timeout applies only during initial provisioning, when the cluster is first created.", + "title": "TimeoutDurationMinutes", + "type": "number" + } + }, + "required": [ + "TimeoutAction", + "TimeoutDurationMinutes" + ], + "type": "object" + }, + "AWS::EMR::Cluster.SpotResizingSpecification": { + "additionalProperties": false, + "properties": { + "AllocationStrategy": { + "markdownDescription": "Specifies the allocation strategy to use to launch Spot instances during a resize. If you run Amazon EMR releases 6.9.0 or higher, the default is `price-capacity-optimized` . If you run Amazon EMR releases 6.8.0 or lower, the default is `capacity-optimized` .", + "title": "AllocationStrategy", + "type": "string" }, - "TargetDatabase": { - "$ref": "#/definitions/AWS::Glue::Database.DatabaseIdentifier", - "markdownDescription": "A `DatabaseIdentifier` structure that describes a target database for resource linking.", - "title": "TargetDatabase" + "TimeoutDurationMinutes": { + "markdownDescription": "Spot resize timeout in minutes. If Spot Instances are not provisioned within this time, the resize workflow will stop provisioning of Spot instances. Minimum value is 5 minutes and maximum value is 10,080 minutes (7 days). The timeout applies to all resize workflows on the Instance Fleet. The resize could be triggered by Amazon EMR Managed Scaling or by the customer (via Amazon EMR Console, Amazon EMR CLI modify-instance-fleet or Amazon EMR SDK ModifyInstanceFleet API) or by Amazon EMR due to Amazon EC2 Spot Reclamation.", + "title": "TimeoutDurationMinutes", + "type": "number" } }, "type": "object" }, - "AWS::Glue::Database.FederatedDatabase": { + "AWS::EMR::Cluster.StepConfig": { "additionalProperties": false, "properties": { - "ConnectionName": { - "markdownDescription": "The name of the connection to the external metastore.", - "title": "ConnectionName", + "ActionOnFailure": { + "markdownDescription": "The action to take when the cluster step fails. Possible values are `CANCEL_AND_WAIT` and `CONTINUE` .", + "title": "ActionOnFailure", "type": "string" }, - "Identifier": { - "markdownDescription": "A unique identifier for the federated database.", - "title": "Identifier", + "HadoopJarStep": { + "$ref": "#/definitions/AWS::EMR::Cluster.HadoopJarStepConfig", + "markdownDescription": "The JAR file used for the step.", + "title": "HadoopJarStep" + }, + "Name": { + "markdownDescription": "The name of the step.", + "title": "Name", "type": "string" } }, + "required": [ + "HadoopJarStep", + "Name" + ], "type": "object" }, - "AWS::Glue::Database.PrincipalPrivileges": { + "AWS::EMR::Cluster.VolumeSpecification": { "additionalProperties": false, "properties": { - "Permissions": { - "items": { - "type": "string" - }, - "markdownDescription": "The permissions that are granted to the principal.", - "title": "Permissions", - "type": "array" + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS) that the volume supports.", + "title": "Iops", + "type": "number" }, - "Principal": { - "$ref": "#/definitions/AWS::Glue::Database.DataLakePrincipal", - "markdownDescription": "The principal who is granted permissions.", - "title": "Principal" + "SizeInGB": { + "markdownDescription": "The volume size, in gibibytes (GiB). This can be a number from 1 - 1024. If the volume type is EBS-optimized, the minimum value is 10.", + "title": "SizeInGB", + "type": "number" + }, + "Throughput": { + "markdownDescription": "The throughput, in mebibyte per second (MiB/s). This optional parameter can be a number from 125 - 1000 and is valid only for gp3 volumes.", + "title": "Throughput", + "type": "number" + }, + "VolumeType": { + "markdownDescription": "The volume type. Volume types supported are gp3, gp2, io1, st1, sc1, and standard.", + "title": "VolumeType", + "type": "string" } }, + "required": [ + "SizeInGB", + "VolumeType" + ], "type": "object" }, - "AWS::Glue::DevEndpoint": { + "AWS::EMR::InstanceFleetConfig": { "additionalProperties": false, "properties": { "Condition": { @@ -106222,96 +110263,59 @@ "Properties": { "additionalProperties": false, "properties": { - "Arguments": { - "markdownDescription": "A map of arguments used to configure the `DevEndpoint` .\n\nValid arguments are:\n\n- `\"--enable-glue-datacatalog\": \"\"`\n- `\"GLUE_PYTHON_VERSION\": \"3\"`\n- `\"GLUE_PYTHON_VERSION\": \"2\"`\n\nYou can specify a version of Python support for development endpoints by using the `Arguments` parameter in the `CreateDevEndpoint` or `UpdateDevEndpoint` APIs. If no arguments are provided, the version defaults to Python 2.", - "title": "Arguments", - "type": "object" - }, - "EndpointName": { - "markdownDescription": "The name of the `DevEndpoint` .", - "title": "EndpointName", - "type": "string" - }, - "ExtraJarsS3Path": { - "markdownDescription": "The path to one or more Java `.jar` files in an S3 bucket that should be loaded in your `DevEndpoint` .\n\n> You can only use pure Java/Scala libraries with a `DevEndpoint` .", - "title": "ExtraJarsS3Path", - "type": "string" - }, - "ExtraPythonLibsS3Path": { - "markdownDescription": "The paths to one or more Python libraries in an Amazon S3 bucket that should be loaded in your `DevEndpoint` . Multiple values must be complete paths separated by a comma.\n\n> You can only use pure Python libraries with a `DevEndpoint` . Libraries that rely on C extensions, such as the [pandas](https://docs.aws.amazon.com/http://pandas.pydata.org/) Python data analysis library, are not currently supported.", - "title": "ExtraPythonLibsS3Path", - "type": "string" - }, - "GlueVersion": { - "markdownDescription": "The AWS Glue version determines the versions of Apache Spark and Python that AWS Glue supports. The Python version indicates the version supported for running your ETL scripts on development endpoints.\n\nFor more information about the available AWS Glue versions and corresponding Spark and Python versions, see [Glue version](https://docs.aws.amazon.com/glue/latest/dg/add-job.html) in the developer guide.\n\nDevelopment endpoints that are created without specifying a Glue version default to Glue 0.9.\n\nYou can specify a version of Python support for development endpoints by using the `Arguments` parameter in the `CreateDevEndpoint` or `UpdateDevEndpoint` APIs. If no arguments are provided, the version defaults to Python 2.", - "title": "GlueVersion", + "ClusterId": { + "markdownDescription": "The unique identifier of the EMR cluster.", + "title": "ClusterId", "type": "string" }, - "NumberOfNodes": { - "markdownDescription": "The number of AWS Glue Data Processing Units (DPUs) allocated to this `DevEndpoint` .", - "title": "NumberOfNodes", - "type": "number" - }, - "NumberOfWorkers": { - "markdownDescription": "The number of workers of a defined `workerType` that are allocated to the development endpoint.\n\nThe maximum number of workers you can define are 299 for `G.1X` , and 149 for `G.2X` .", - "title": "NumberOfWorkers", - "type": "number" - }, - "PublicKey": { - "markdownDescription": "The public key to be used by this `DevEndpoint` for authentication. This attribute is provided for backward compatibility because the recommended attribute to use is public keys.", - "title": "PublicKey", + "InstanceFleetType": { + "markdownDescription": "The node type that the instance fleet hosts.\n\n*Allowed Values* : TASK", + "title": "InstanceFleetType", "type": "string" }, - "PublicKeys": { + "InstanceTypeConfigs": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.InstanceTypeConfig" }, - "markdownDescription": "A list of public keys to be used by the `DevEndpoints` for authentication. Using this attribute is preferred over a single public key because the public keys allow you to have a different private key per client.\n\n> If you previously created an endpoint with a public key, you must remove that key to be able to set a list of public keys. Call the `UpdateDevEndpoint` API operation with the public key content in the `deletePublicKeys` attribute, and the list of new keys in the `addPublicKeys` attribute.", - "title": "PublicKeys", + "markdownDescription": "`InstanceTypeConfigs` determine the EC2 instances that Amazon EMR attempts to provision to fulfill On-Demand and Spot target capacities.\n\n> The instance fleet configuration is available only in Amazon EMR versions 4.8.0 and later, excluding 5.0.x versions.", + "title": "InstanceTypeConfigs", "type": "array" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role used in this `DevEndpoint` .", - "title": "RoleArn", - "type": "string" + "LaunchSpecifications": { + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.InstanceFleetProvisioningSpecifications", + "markdownDescription": "The launch specification for the instance fleet.", + "title": "LaunchSpecifications" }, - "SecurityConfiguration": { - "markdownDescription": "The name of the `SecurityConfiguration` structure to be used with this `DevEndpoint` .", - "title": "SecurityConfiguration", + "Name": { + "markdownDescription": "The friendly name of the instance fleet.", + "title": "Name", "type": "string" }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of security group identifiers used in this `DevEndpoint` .", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetId": { - "markdownDescription": "The subnet ID for this `DevEndpoint` .", - "title": "SubnetId", - "type": "string" + "ResizeSpecifications": { + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.InstanceFleetResizingSpecifications", + "markdownDescription": "The resize specification for the instance fleet.", + "title": "ResizeSpecifications" }, - "Tags": { - "markdownDescription": "The tags to use with this DevEndpoint.", - "title": "Tags", - "type": "object" + "TargetOnDemandCapacity": { + "markdownDescription": "The target capacity of On-Demand units for the instance fleet, which determines how many On-Demand instances to provision. When the instance fleet launches, Amazon EMR tries to provision On-Demand instances as specified by `InstanceTypeConfig` . Each instance configuration has a specified `WeightedCapacity` . When an On-Demand instance is provisioned, the `WeightedCapacity` units count toward the target capacity. Amazon EMR provisions instances until the target capacity is totally fulfilled, even if this results in an overage. For example, if there are 2 units remaining to fulfill capacity, and Amazon EMR can only provision an instance with a `WeightedCapacity` of 5 units, the instance is provisioned, and the target capacity is exceeded by 3 units.\n\n> If not specified or set to 0, only Spot instances are provisioned for the instance fleet using `TargetSpotCapacity` . At least one of `TargetSpotCapacity` and `TargetOnDemandCapacity` should be greater than 0. For a master instance fleet, only one of `TargetSpotCapacity` and `TargetOnDemandCapacity` can be specified, and its value must be 1.", + "title": "TargetOnDemandCapacity", + "type": "number" }, - "WorkerType": { - "markdownDescription": "The type of predefined worker that is allocated to the development endpoint. Accepts a value of Standard, G.1X, or G.2X.\n\n- For the `Standard` worker type, each worker provides 4 vCPU, 16 GB of memory and a 50GB disk, and 2 executors per worker.\n- For the `G.1X` worker type, each worker maps to 1 DPU (4 vCPU, 16 GB of memory, 64 GB disk), and provides 1 executor per worker. We recommend this worker type for memory-intensive jobs.\n- For the `G.2X` worker type, each worker maps to 2 DPU (8 vCPU, 32 GB of memory, 128 GB disk), and provides 1 executor per worker. We recommend this worker type for memory-intensive jobs.\n\nKnown issue: when a development endpoint is created with the `G.2X` `WorkerType` configuration, the Spark drivers for the development endpoint will run on 4 vCPU, 16 GB of memory, and a 64 GB disk.", - "title": "WorkerType", - "type": "string" + "TargetSpotCapacity": { + "markdownDescription": "The target capacity of Spot units for the instance fleet, which determines how many Spot instances to provision. When the instance fleet launches, Amazon EMR tries to provision Spot instances as specified by `InstanceTypeConfig` . Each instance configuration has a specified `WeightedCapacity` . When a Spot instance is provisioned, the `WeightedCapacity` units count toward the target capacity. Amazon EMR provisions instances until the target capacity is totally fulfilled, even if this results in an overage. For example, if there are 2 units remaining to fulfill capacity, and Amazon EMR can only provision an instance with a `WeightedCapacity` of 5 units, the instance is provisioned, and the target capacity is exceeded by 3 units.\n\n> If not specified or set to 0, only On-Demand instances are provisioned for the instance fleet. At least one of `TargetSpotCapacity` and `TargetOnDemandCapacity` should be greater than 0. For a master instance fleet, only one of `TargetSpotCapacity` and `TargetOnDemandCapacity` can be specified, and its value must be 1.", + "title": "TargetSpotCapacity", + "type": "number" } }, "required": [ - "RoleArn" + "ClusterId", + "InstanceFleetType" ], "type": "object" }, "Type": { "enum": [ - "AWS::Glue::DevEndpoint" + "AWS::EMR::InstanceFleetConfig" ], "type": "string" }, @@ -106330,488 +110334,296 @@ ], "type": "object" }, - "AWS::Glue::Job": { + "AWS::EMR::InstanceFleetConfig.Configuration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Classification": { + "markdownDescription": "The classification within a configuration.", + "title": "Classification", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + "ConfigurationProperties": { + "additionalProperties": true, + "markdownDescription": "Within a configuration classification, a set of properties that represent the settings that you want to change in the configuration file. Duplicates not allowed.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" } - ] - }, - "Metadata": { + }, + "title": "ConfigurationProperties", "type": "object" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AllocatedCapacity": { - "markdownDescription": "This parameter is no longer supported. Use `MaxCapacity` instead.\n\nThe number of capacity units that are allocated to this job.", - "title": "AllocatedCapacity", - "type": "number" - }, - "Command": { - "$ref": "#/definitions/AWS::Glue::Job.JobCommand", - "markdownDescription": "The code that executes a job.", - "title": "Command" - }, - "Connections": { - "$ref": "#/definitions/AWS::Glue::Job.ConnectionsList", - "markdownDescription": "The connections used for this job.", - "title": "Connections" - }, - "DefaultArguments": { - "markdownDescription": "The default arguments for this job, specified as name-value pairs.\n\nYou can specify arguments here that your own job-execution script consumes, in addition to arguments that AWS Glue itself consumes.\n\nFor information about how to specify and consume your own job arguments, see [Calling AWS Glue APIs in Python](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-python-calling.html) in the *AWS Glue Developer Guide* .\n\nFor information about the key-value pairs that AWS Glue consumes to set up your job, see [Special Parameters Used by AWS Glue](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-etl-glue-arguments.html) in the *AWS Glue Developer Guide* .", - "title": "DefaultArguments", - "type": "object" - }, - "Description": { - "markdownDescription": "A description of the job.", - "title": "Description", - "type": "string" - }, - "ExecutionClass": { - "markdownDescription": "Indicates whether the job is run with a standard or flexible execution class. The standard execution class is ideal for time-sensitive workloads that require fast job startup and dedicated resources.\n\nThe flexible execution class is appropriate for time-insensitive jobs whose start and completion times may vary.\n\nOnly jobs with AWS Glue version 3.0 and above and command type `glueetl` will be allowed to set `ExecutionClass` to `FLEX` . The flexible execution class is available for Spark jobs.", - "title": "ExecutionClass", - "type": "string" - }, - "ExecutionProperty": { - "$ref": "#/definitions/AWS::Glue::Job.ExecutionProperty", - "markdownDescription": "The maximum number of concurrent runs that are allowed for this job.", - "title": "ExecutionProperty" - }, - "GlueVersion": { - "markdownDescription": "Glue version determines the versions of Apache Spark and Python that AWS Glue supports. The Python version indicates the version supported for jobs of type Spark.\n\nFor more information about the available AWS Glue versions and corresponding Spark and Python versions, see [Glue version](https://docs.aws.amazon.com/glue/latest/dg/add-job.html) in the developer guide.\n\nJobs that are created without specifying a Glue version default to the latest Glue version available.", - "title": "GlueVersion", - "type": "string" - }, - "LogUri": { - "markdownDescription": "This field is reserved for future use.", - "title": "LogUri", - "type": "string" - }, - "MaxCapacity": { - "markdownDescription": "The number of AWS Glue data processing units (DPUs) that can be allocated when this job runs. A DPU is a relative measure of processing power that consists of 4 vCPUs of compute capacity and 16 GB of memory.\n\nDo not set `Max Capacity` if using `WorkerType` and `NumberOfWorkers` .\n\nThe value that can be allocated for `MaxCapacity` depends on whether you are running a Python shell job or an Apache Spark ETL job:\n\n- When you specify a Python shell job ( `JobCommand.Name` =\"pythonshell\"), you can allocate either 0.0625 or 1 DPU. The default is 0.0625 DPU.\n- When you specify an Apache Spark ETL job ( `JobCommand.Name` =\"glueetl\"), you can allocate from 2 to 100 DPUs. The default is 10 DPUs. This job type cannot have a fractional DPU allocation.", - "title": "MaxCapacity", - "type": "number" - }, - "MaxRetries": { - "markdownDescription": "The maximum number of times to retry this job after a JobRun fails.", - "title": "MaxRetries", - "type": "number" - }, - "Name": { - "markdownDescription": "The name you assign to this job definition.", - "title": "Name", - "type": "string" - }, - "NonOverridableArguments": { - "markdownDescription": "Non-overridable arguments for this job, specified as name-value pairs.", - "title": "NonOverridableArguments", - "type": "object" - }, - "NotificationProperty": { - "$ref": "#/definitions/AWS::Glue::Job.NotificationProperty", - "markdownDescription": "Specifies configuration properties of a notification.", - "title": "NotificationProperty" - }, - "NumberOfWorkers": { - "markdownDescription": "The number of workers of a defined `workerType` that are allocated when a job runs.\n\nThe maximum number of workers you can define are 299 for `G.1X` , and 149 for `G.2X` .", - "title": "NumberOfWorkers", - "type": "number" - }, - "Role": { - "markdownDescription": "The name or Amazon Resource Name (ARN) of the IAM role associated with this job.", - "title": "Role", - "type": "string" - }, - "SecurityConfiguration": { - "markdownDescription": "The name of the `SecurityConfiguration` structure to be used with this job.", - "title": "SecurityConfiguration", - "type": "string" - }, - "Tags": { - "markdownDescription": "The tags to use with this job.", - "title": "Tags", - "type": "object" - }, - "Timeout": { - "markdownDescription": "The job timeout in minutes. This is the maximum time that a job run can consume resources before it is terminated and enters TIMEOUT status. The default is 2,880 minutes (48 hours).", - "title": "Timeout", - "type": "number" - }, - "WorkerType": { - "markdownDescription": "The type of predefined worker that is allocated when a job runs. Accepts a value of G.1X, G.2X, G.4X, G.8X or G.025X for Spark jobs. Accepts the value Z.2X for Ray jobs.\n\n- For the `G.1X` worker type, each worker maps to 1 DPU (4 vCPUs, 16 GB of memory) with 94GB disk, and provides 1 executor per worker. We recommend this worker type for workloads such as data transforms, joins, and queries, to offers a scalable and cost effective way to run most jobs.\n- For the `G.2X` worker type, each worker maps to 2 DPU (8 vCPUs, 32 GB of memory) with 138GB disk, and provides 1 executor per worker. We recommend this worker type for workloads such as data transforms, joins, and queries, to offers a scalable and cost effective way to run most jobs.\n- For the `G.4X` worker type, each worker maps to 4 DPU (16 vCPUs, 64 GB of memory) with 256GB disk, and provides 1 executor per worker. We recommend this worker type for jobs whose workloads contain your most demanding transforms, aggregations, joins, and queries. This worker type is available only for AWS Glue version 3.0 or later Spark ETL jobs in the following AWS Regions: US East (Ohio), US East (N. Virginia), US West (Oregon), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Canada (Central), Europe (Frankfurt), Europe (Ireland), and Europe (Stockholm).\n- For the `G.8X` worker type, each worker maps to 8 DPU (32 vCPUs, 128 GB of memory) with 512GB disk, and provides 1 executor per worker. We recommend this worker type for jobs whose workloads contain your most demanding transforms, aggregations, joins, and queries. This worker type is available only for AWS Glue version 3.0 or later Spark ETL jobs, in the same AWS Regions as supported for the `G.4X` worker type.\n- For the `G.025X` worker type, each worker maps to 0.25 DPU (2 vCPUs, 4 GB of memory) with 84GB disk, and provides 1 executor per worker. We recommend this worker type for low volume streaming jobs. This worker type is only available for AWS Glue version 3.0 or later streaming jobs.\n- For the `Z.2X` worker type, each worker maps to 2 M-DPU (8vCPUs, 64 GB of memory) with 128 GB disk, and provides up to 8 Ray workers based on the autoscaler.", - "title": "WorkerType", - "type": "string" - } + "Configurations": { + "items": { + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.Configuration" }, - "required": [ - "Command", - "Role" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Glue::Job" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "markdownDescription": "A list of additional configurations to apply within a configuration object.", + "title": "Configurations", + "type": "array" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Glue::Job.ConnectionsList": { + "AWS::EMR::InstanceFleetConfig.EbsBlockDeviceConfig": { "additionalProperties": false, "properties": { - "Connections": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of connections used by the job.", - "title": "Connections", - "type": "array" + "VolumeSpecification": { + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.VolumeSpecification", + "markdownDescription": "EBS volume specifications such as volume type, IOPS, size (GiB) and throughput (MiB/s) that are requested for the EBS volume attached to an Amazon EC2 instance in the cluster.", + "title": "VolumeSpecification" + }, + "VolumesPerInstance": { + "markdownDescription": "Number of EBS volumes with a specific volume configuration that are associated with every instance in the instance group", + "title": "VolumesPerInstance", + "type": "number" } }, + "required": [ + "VolumeSpecification" + ], "type": "object" }, - "AWS::Glue::Job.ExecutionProperty": { + "AWS::EMR::InstanceFleetConfig.EbsConfiguration": { "additionalProperties": false, "properties": { - "MaxConcurrentRuns": { - "markdownDescription": "The maximum number of concurrent runs allowed for the job. The default is 1. An error is returned when this threshold is reached. The maximum value you can specify is controlled by a service limit.", - "title": "MaxConcurrentRuns", - "type": "number" + "EbsBlockDeviceConfigs": { + "items": { + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.EbsBlockDeviceConfig" + }, + "markdownDescription": "An array of Amazon EBS volume specifications attached to a cluster instance.", + "title": "EbsBlockDeviceConfigs", + "type": "array" + }, + "EbsOptimized": { + "markdownDescription": "Indicates whether an Amazon EBS volume is EBS-optimized. The default is false. You should explicitly set this value to true to enable the Amazon EBS-optimized setting for an EC2 instance.", + "title": "EbsOptimized", + "type": "boolean" } }, "type": "object" }, - "AWS::Glue::Job.JobCommand": { + "AWS::EMR::InstanceFleetConfig.InstanceFleetProvisioningSpecifications": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the job command. For an Apache Spark ETL job, this must be `glueetl` . For a Python shell job, it must be `pythonshell` . For an Apache Spark streaming ETL job, this must be `gluestreaming` . For a Ray job, this must be `glueray` .", - "title": "Name", - "type": "string" - }, - "PythonVersion": { - "markdownDescription": "The Python version being used to execute a Python shell job. Allowed values are 3 or 3.9. Version 2 is deprecated.", - "title": "PythonVersion", - "type": "string" - }, - "Runtime": { - "markdownDescription": "In Ray jobs, Runtime is used to specify the versions of Ray, Python and additional libraries available in your environment. This field is not used in other job types. For supported runtime environment values, see [Working with Ray jobs](https://docs.aws.amazon.com/glue/latest/dg/ray-jobs-section.html) in the AWS Glue Developer Guide.", - "title": "Runtime", - "type": "string" + "OnDemandSpecification": { + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.OnDemandProvisioningSpecification", + "markdownDescription": "The launch specification for On-Demand Instances in the instance fleet, which determines the allocation strategy and capacity reservation options.\n\n> The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and later, excluding 5.0.x versions. On-Demand Instances allocation strategy is available in Amazon EMR releases 5.12.1 and later.", + "title": "OnDemandSpecification" }, - "ScriptLocation": { - "markdownDescription": "Specifies the Amazon Simple Storage Service (Amazon S3) path to a script that executes a job (required).", - "title": "ScriptLocation", - "type": "string" + "SpotSpecification": { + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.SpotProvisioningSpecification", + "markdownDescription": "The launch specification for Spot instances in the fleet, which determines the allocation strategy, defined duration, and provisioning timeout behavior.", + "title": "SpotSpecification" } }, "type": "object" }, - "AWS::Glue::Job.NotificationProperty": { + "AWS::EMR::InstanceFleetConfig.InstanceFleetResizingSpecifications": { "additionalProperties": false, "properties": { - "NotifyDelayAfter": { - "markdownDescription": "After a job run starts, the number of minutes to wait before sending a job run delay notification.", - "title": "NotifyDelayAfter", - "type": "number" + "OnDemandResizeSpecification": { + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.OnDemandResizingSpecification", + "markdownDescription": "The resize specification for On-Demand Instances in the instance fleet, which contains the allocation strategy, capacity reservation options, and the resize timeout period.", + "title": "OnDemandResizeSpecification" + }, + "SpotResizeSpecification": { + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.SpotResizingSpecification", + "markdownDescription": "The resize specification for Spot Instances in the instance fleet, which contains the allocation strategy and the resize timeout period.", + "title": "SpotResizeSpecification" } }, "type": "object" }, - "AWS::Glue::MLTransform": { + "AWS::EMR::InstanceFleetConfig.InstanceTypeConfig": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "BidPrice": { + "markdownDescription": "The bid price for each Amazon EC2 Spot Instance type as defined by `InstanceType` . Expressed in USD. If neither `BidPrice` nor `BidPriceAsPercentageOfOnDemandPrice` is provided, `BidPriceAsPercentageOfOnDemandPrice` defaults to 100%.", + "title": "BidPrice", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "BidPriceAsPercentageOfOnDemandPrice": { + "markdownDescription": "The bid price, as a percentage of On-Demand price, for each Amazon EC2 Spot Instance as defined by `InstanceType` . Expressed as a number (for example, 20 specifies 20%). If neither `BidPrice` nor `BidPriceAsPercentageOfOnDemandPrice` is provided, `BidPriceAsPercentageOfOnDemandPrice` defaults to 100%.", + "title": "BidPriceAsPercentageOfOnDemandPrice", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A user-defined, long-form description text for the machine learning transform.", - "title": "Description", - "type": "string" - }, - "GlueVersion": { - "markdownDescription": "This value determines which version of AWS Glue this machine learning transform is compatible with. Glue 1.0 is recommended for most customers. If the value is not set, the Glue compatibility defaults to Glue 0.9. For more information, see [AWS Glue Versions](https://docs.aws.amazon.com/glue/latest/dg/release-notes.html#release-notes-versions) in the developer guide.", - "title": "GlueVersion", - "type": "string" - }, - "InputRecordTables": { - "$ref": "#/definitions/AWS::Glue::MLTransform.InputRecordTables", - "markdownDescription": "A list of AWS Glue table definitions used by the transform.", - "title": "InputRecordTables" - }, - "MaxCapacity": { - "markdownDescription": "The number of AWS Glue data processing units (DPUs) that are allocated to task runs for this transform. You can allocate from 2 to 100 DPUs; the default is 10. A DPU is a relative measure of processing power that consists of 4 vCPUs of compute capacity and 16 GB of memory. For more information, see the [AWS Glue pricing page](https://docs.aws.amazon.com/glue/pricing/) .\n\n`MaxCapacity` is a mutually exclusive option with `NumberOfWorkers` and `WorkerType` .\n\n- If either `NumberOfWorkers` or `WorkerType` is set, then `MaxCapacity` cannot be set.\n- If `MaxCapacity` is set then neither `NumberOfWorkers` or `WorkerType` can be set.\n- If `WorkerType` is set, then `NumberOfWorkers` is required (and vice versa).\n- `MaxCapacity` and `NumberOfWorkers` must both be at least 1.\n\nWhen the `WorkerType` field is set to a value other than `Standard` , the `MaxCapacity` field is set automatically and becomes read-only.", - "title": "MaxCapacity", - "type": "number" - }, - "MaxRetries": { - "markdownDescription": "The maximum number of times to retry after an `MLTaskRun` of the machine learning transform fails.", - "title": "MaxRetries", - "type": "number" - }, - "Name": { - "markdownDescription": "A user-defined name for the machine learning transform. Names are required to be unique. `Name` is optional:\n\n- If you supply `Name` , the stack cannot be repeatedly created.\n- If `Name` is not provided, a randomly generated name will be used instead.", - "title": "Name", - "type": "string" - }, - "NumberOfWorkers": { - "markdownDescription": "The number of workers of a defined `workerType` that are allocated when a task of the transform runs.\n\nIf `WorkerType` is set, then `NumberOfWorkers` is required (and vice versa).", - "title": "NumberOfWorkers", - "type": "number" - }, - "Role": { - "markdownDescription": "The name or Amazon Resource Name (ARN) of the IAM role with the required permissions. The required permissions include both AWS Glue service role permissions to AWS Glue resources, and Amazon S3 permissions required by the transform.\n\n- This role needs AWS Glue service role permissions to allow access to resources in AWS Glue . See [Attach a Policy to IAM Users That Access AWS Glue](https://docs.aws.amazon.com/glue/latest/dg/attach-policy-iam-user.html) .\n- This role needs permission to your Amazon Simple Storage Service (Amazon S3) sources, targets, temporary directory, scripts, and any libraries used by the task run for this transform.", - "title": "Role", - "type": "string" - }, - "Tags": { - "markdownDescription": "The tags to use with this machine learning transform. You may use tags to limit access to the machine learning transform. For more information about tags in AWS Glue , see [AWS Tags in AWS Glue](https://docs.aws.amazon.com/glue/latest/dg/monitor-tags.html) in the developer guide.", - "title": "Tags", - "type": "object" - }, - "Timeout": { - "markdownDescription": "The timeout in minutes of the machine learning transform.", - "title": "Timeout", - "type": "number" - }, - "TransformEncryption": { - "$ref": "#/definitions/AWS::Glue::MLTransform.TransformEncryption", - "markdownDescription": "The encryption-at-rest settings of the transform that apply to accessing user data. Machine learning\ntransforms can access user data encrypted in Amazon S3 using KMS.\n\nAdditionally, imported labels and trained transforms can now be encrypted using a customer provided\nKMS key.", - "title": "TransformEncryption" - }, - "TransformParameters": { - "$ref": "#/definitions/AWS::Glue::MLTransform.TransformParameters", - "markdownDescription": "The algorithm-specific parameters that are associated with the machine learning transform.", - "title": "TransformParameters" - }, - "WorkerType": { - "markdownDescription": "The type of predefined worker that is allocated when a task of this transform runs. Accepts a value of Standard, G.1X, or G.2X.\n\n- For the `Standard` worker type, each worker provides 4 vCPU, 16 GB of memory and a 50GB disk, and 2 executors per worker.\n- For the `G.1X` worker type, each worker provides 4 vCPU, 16 GB of memory and a 64GB disk, and 1 executor per worker.\n- For the `G.2X` worker type, each worker provides 8 vCPU, 32 GB of memory and a 128GB disk, and 1 executor per worker.\n\n`MaxCapacity` is a mutually exclusive option with `NumberOfWorkers` and `WorkerType` .\n\n- If either `NumberOfWorkers` or `WorkerType` is set, then `MaxCapacity` cannot be set.\n- If `MaxCapacity` is set then neither `NumberOfWorkers` or `WorkerType` can be set.\n- If `WorkerType` is set, then `NumberOfWorkers` is required (and vice versa).\n- `MaxCapacity` and `NumberOfWorkers` must both be at least 1.", - "title": "WorkerType", - "type": "string" - } + "Configurations": { + "items": { + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.Configuration" }, - "required": [ - "InputRecordTables", - "Role", - "TransformParameters" - ], - "type": "object" + "markdownDescription": "> Amazon EMR releases 4.x or later. \n\nAn optional configuration specification to be used when provisioning cluster instances, which can include configurations for applications and software bundled with Amazon EMR. A configuration consists of a classification, properties, and optional nested configurations. A classification refers to an application-specific configuration file. Properties are the settings you want to change in that file. For more information, see [Configuring Applications](https://docs.aws.amazon.com/emr/latest/ReleaseGuide/emr-configure-apps.html) .", + "title": "Configurations", + "type": "array" }, - "Type": { - "enum": [ - "AWS::Glue::MLTransform" - ], + "CustomAmiId": { + "markdownDescription": "The custom AMI ID to use for the instance type.", + "title": "CustomAmiId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "EbsConfiguration": { + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.EbsConfiguration", + "markdownDescription": "The configuration of Amazon Elastic Block Store (Amazon EBS) attached to each instance as defined by `InstanceType` .", + "title": "EbsConfiguration" + }, + "InstanceType": { + "markdownDescription": "An Amazon EC2 instance type, such as `m3.xlarge` .", + "title": "InstanceType", "type": "string" + }, + "Priority": { + "markdownDescription": "The priority at which Amazon EMR launches the Amazon EC2 instances with this instance type. Priority starts at 0, which is the highest priority. Amazon EMR considers the highest priority first.", + "title": "Priority", + "type": "number" + }, + "WeightedCapacity": { + "markdownDescription": "The number of units that a provisioned instance of this type provides toward fulfilling the target capacities defined in `InstanceFleetConfig` . This value is 1 for a master instance fleet, and must be 1 or greater for core and task instance fleets. Defaults to 1 if not specified.", + "title": "WeightedCapacity", + "type": "number" } }, "required": [ - "Type", - "Properties" + "InstanceType" ], "type": "object" }, - "AWS::Glue::MLTransform.FindMatchesParameters": { + "AWS::EMR::InstanceFleetConfig.OnDemandCapacityReservationOptions": { "additionalProperties": false, "properties": { - "AccuracyCostTradeoff": { - "markdownDescription": "The value that is selected when tuning your transform for a balance between accuracy and cost. A value of 0.5 means that the system balances accuracy and cost concerns. A value of 1.0 means a bias purely for accuracy, which typically results in a higher cost, sometimes substantially higher. A value of 0.0 means a bias purely for cost, which results in a less accurate `FindMatches` transform, sometimes with unacceptable accuracy.\n\nAccuracy measures how well the transform finds true positives and true negatives. Increasing accuracy requires more machine resources and cost. But it also results in increased recall.\n\nCost measures how many compute resources, and thus money, are consumed to run the transform.", - "title": "AccuracyCostTradeoff", - "type": "number" - }, - "EnforceProvidedLabels": { - "markdownDescription": "The value to switch on or off to force the output to match the provided labels from users. If the value is `True` , the `find matches` transform forces the output to match the provided labels. The results override the normal conflation results. If the value is `False` , the `find matches` transform does not ensure all the labels provided are respected, and the results rely on the trained model.\n\nNote that setting this value to true may increase the conflation execution time.", - "title": "EnforceProvidedLabels", - "type": "boolean" + "CapacityReservationPreference": { + "markdownDescription": "Indicates the instance's Capacity Reservation preferences. Possible preferences include:\n\n- `open` - The instance can run in any open Capacity Reservation that has matching attributes (instance type, platform, Availability Zone).\n- `none` - The instance avoids running in a Capacity Reservation even if one is available. The instance runs as an On-Demand Instance.", + "title": "CapacityReservationPreference", + "type": "string" }, - "PrecisionRecallTradeoff": { - "markdownDescription": "The value selected when tuning your transform for a balance between precision and recall. A value of 0.5 means no preference; a value of 1.0 means a bias purely for precision, and a value of 0.0 means a bias for recall. Because this is a tradeoff, choosing values close to 1.0 means very low recall, and choosing values close to 0.0 results in very low precision.\n\nThe precision metric indicates how often your model is correct when it predicts a match.\n\nThe recall metric indicates that for an actual match, how often your model predicts the match.", - "title": "PrecisionRecallTradeoff", - "type": "number" + "CapacityReservationResourceGroupArn": { + "markdownDescription": "The ARN of the Capacity Reservation resource group in which to run the instance.", + "title": "CapacityReservationResourceGroupArn", + "type": "string" }, - "PrimaryKeyColumnName": { - "markdownDescription": "The name of a column that uniquely identifies rows in the source table. Used to help identify matching records.", - "title": "PrimaryKeyColumnName", + "UsageStrategy": { + "markdownDescription": "Indicates whether to use unused Capacity Reservations for fulfilling On-Demand capacity.\n\nIf you specify `use-capacity-reservations-first` , the fleet uses unused Capacity Reservations to fulfill On-Demand capacity up to the target On-Demand capacity. If multiple instance pools have unused Capacity Reservations, the On-Demand allocation strategy ( `lowest-price` ) is applied. If the number of unused Capacity Reservations is less than the On-Demand target capacity, the remaining On-Demand target capacity is launched according to the On-Demand allocation strategy ( `lowest-price` ).\n\nIf you do not specify a value, the fleet fulfills the On-Demand capacity according to the chosen On-Demand allocation strategy.", + "title": "UsageStrategy", "type": "string" } }, - "required": [ - "PrimaryKeyColumnName" - ], "type": "object" }, - "AWS::Glue::MLTransform.GlueTables": { + "AWS::EMR::InstanceFleetConfig.OnDemandProvisioningSpecification": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "A unique identifier for the AWS Glue Data Catalog .", - "title": "CatalogId", - "type": "string" - }, - "ConnectionName": { - "markdownDescription": "The name of the connection to the AWS Glue Data Catalog .", - "title": "ConnectionName", - "type": "string" - }, - "DatabaseName": { - "markdownDescription": "A database name in the AWS Glue Data Catalog .", - "title": "DatabaseName", + "AllocationStrategy": { + "markdownDescription": "Specifies the strategy to use in launching On-Demand instance fleets. Available options are `lowest-price` and `prioritized` . `lowest-price` specifies to launch the instances with the lowest price first, and `prioritized` specifies that Amazon EMR should launch the instances with the highest priority first. The default is `lowest-price` .", + "title": "AllocationStrategy", "type": "string" }, - "TableName": { - "markdownDescription": "A table name in the AWS Glue Data Catalog .", - "title": "TableName", - "type": "string" + "CapacityReservationOptions": { + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.OnDemandCapacityReservationOptions", + "markdownDescription": "The launch specification for On-Demand instances in the instance fleet, which determines the allocation strategy.", + "title": "CapacityReservationOptions" } }, "required": [ - "DatabaseName", - "TableName" + "AllocationStrategy" ], "type": "object" }, - "AWS::Glue::MLTransform.InputRecordTables": { + "AWS::EMR::InstanceFleetConfig.OnDemandResizingSpecification": { "additionalProperties": false, "properties": { - "GlueTables": { - "items": { - "$ref": "#/definitions/AWS::Glue::MLTransform.GlueTables" - }, - "markdownDescription": "The database and table in the AWS Glue Data Catalog that is used for input or output data.", - "title": "GlueTables", - "type": "array" + "AllocationStrategy": { + "markdownDescription": "Specifies the allocation strategy to use to launch On-Demand instances during a resize. The default is `lowest-price` .", + "title": "AllocationStrategy", + "type": "string" + }, + "CapacityReservationOptions": { + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.OnDemandCapacityReservationOptions", + "markdownDescription": "", + "title": "CapacityReservationOptions" + }, + "TimeoutDurationMinutes": { + "markdownDescription": "On-Demand resize timeout in minutes. If On-Demand Instances are not provisioned within this time, the resize workflow stops. The minimum value is 5 minutes, and the maximum value is 10,080 minutes (7 days). The timeout applies to all resize workflows on the Instance Fleet. The resize could be triggered by Amazon EMR Managed Scaling or by the customer (via Amazon EMR Console, Amazon EMR CLI modify-instance-fleet or Amazon EMR SDK ModifyInstanceFleet API) or by Amazon EMR due to Amazon EC2 Spot Reclamation.", + "title": "TimeoutDurationMinutes", + "type": "number" } }, "type": "object" }, - "AWS::Glue::MLTransform.MLUserDataEncryption": { + "AWS::EMR::InstanceFleetConfig.SpotProvisioningSpecification": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "The ID for the customer-provided KMS key.", - "title": "KmsKeyId", + "AllocationStrategy": { + "markdownDescription": "Specifies one of the following strategies to launch Spot Instance fleets: `capacity-optimized` , `price-capacity-optimized` , `lowest-price` , or `diversified` , and `capacity-optimized-prioritized` . For more information on the provisioning strategies, see [Allocation strategies for Spot Instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-allocation-strategy.html) in the *Amazon EC2 User Guide for Linux Instances* .\n\n> When you launch a Spot Instance fleet with the old console, it automatically launches with the `capacity-optimized` strategy. You can't change the allocation strategy from the old console.", + "title": "AllocationStrategy", "type": "string" }, - "MLUserDataEncryptionMode": { - "markdownDescription": "The encryption mode applied to user data. Valid values are:\n\n- DISABLED: encryption is disabled.\n- SSEKMS: use of server-side encryption with AWS Key Management Service (SSE-KMS) for user data\nstored in Amazon S3.", - "title": "MLUserDataEncryptionMode", + "BlockDurationMinutes": { + "markdownDescription": "The defined duration for Spot Instances (also known as Spot blocks) in minutes. When specified, the Spot Instance does not terminate before the defined duration expires, and defined duration pricing for Spot Instances applies. Valid values are 60, 120, 180, 240, 300, or 360. The duration period starts as soon as a Spot Instance receives its instance ID. At the end of the duration, Amazon EC2 marks the Spot Instance for termination and provides a Spot Instance termination notice, which gives the instance a two-minute warning before it terminates.\n\n> Spot Instances with a defined duration (also known as Spot blocks) are no longer available to new customers from July 1, 2021. For customers who have previously used the feature, we will continue to support Spot Instances with a defined duration until December 31, 2022.", + "title": "BlockDurationMinutes", + "type": "number" + }, + "TimeoutAction": { + "markdownDescription": "The action to take when `TargetSpotCapacity` has not been fulfilled when the `TimeoutDurationMinutes` has expired; that is, when all Spot Instances could not be provisioned within the Spot provisioning timeout. Valid values are `TERMINATE_CLUSTER` and `SWITCH_TO_ON_DEMAND` . SWITCH_TO_ON_DEMAND specifies that if no Spot Instances are available, On-Demand Instances should be provisioned to fulfill any remaining Spot capacity.", + "title": "TimeoutAction", "type": "string" + }, + "TimeoutDurationMinutes": { + "markdownDescription": "The Spot provisioning timeout period in minutes. If Spot Instances are not provisioned within this time period, the `TimeOutAction` is taken. Minimum value is 5 and maximum value is 1440. The timeout applies only during initial provisioning, when the cluster is first created.", + "title": "TimeoutDurationMinutes", + "type": "number" } }, "required": [ - "MLUserDataEncryptionMode" + "TimeoutAction", + "TimeoutDurationMinutes" ], "type": "object" }, - "AWS::Glue::MLTransform.TransformEncryption": { + "AWS::EMR::InstanceFleetConfig.SpotResizingSpecification": { "additionalProperties": false, "properties": { - "MLUserDataEncryption": { - "$ref": "#/definitions/AWS::Glue::MLTransform.MLUserDataEncryption", - "markdownDescription": "The encryption-at-rest settings of the transform that apply to accessing user data.", - "title": "MLUserDataEncryption" - }, - "TaskRunSecurityConfigurationName": { - "markdownDescription": "The name of the security configuration.", - "title": "TaskRunSecurityConfigurationName", + "AllocationStrategy": { + "markdownDescription": "Specifies the allocation strategy to use to launch Spot instances during a resize. If you run Amazon EMR releases 6.9.0 or higher, the default is `price-capacity-optimized` . If you run Amazon EMR releases 6.8.0 or lower, the default is `capacity-optimized` .", + "title": "AllocationStrategy", "type": "string" + }, + "TimeoutDurationMinutes": { + "markdownDescription": "Spot resize timeout in minutes. If Spot Instances are not provisioned within this time, the resize workflow will stop provisioning of Spot instances. Minimum value is 5 minutes and maximum value is 10,080 minutes (7 days). The timeout applies to all resize workflows on the Instance Fleet. The resize could be triggered by Amazon EMR Managed Scaling or by the customer (via Amazon EMR Console, Amazon EMR CLI modify-instance-fleet or Amazon EMR SDK ModifyInstanceFleet API) or by Amazon EMR due to Amazon EC2 Spot Reclamation.", + "title": "TimeoutDurationMinutes", + "type": "number" } }, "type": "object" }, - "AWS::Glue::MLTransform.TransformParameters": { + "AWS::EMR::InstanceFleetConfig.VolumeSpecification": { "additionalProperties": false, "properties": { - "FindMatchesParameters": { - "$ref": "#/definitions/AWS::Glue::MLTransform.FindMatchesParameters", - "markdownDescription": "The parameters for the find matches algorithm.", - "title": "FindMatchesParameters" + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS) that the volume supports.", + "title": "Iops", + "type": "number" }, - "TransformType": { - "markdownDescription": "The type of machine learning transform. `FIND_MATCHES` is the only option.\n\nFor information about the types of machine learning transforms, see [Working with machine learning transforms](https://docs.aws.amazon.com/glue/latest/dg/console-machine-learning-transforms.html) .", - "title": "TransformType", + "SizeInGB": { + "markdownDescription": "The volume size, in gibibytes (GiB). This can be a number from 1 - 1024. If the volume type is EBS-optimized, the minimum value is 10.", + "title": "SizeInGB", + "type": "number" + }, + "Throughput": { + "markdownDescription": "The throughput, in mebibyte per second (MiB/s). This optional parameter can be a number from 125 - 1000 and is valid only for gp3 volumes.", + "title": "Throughput", + "type": "number" + }, + "VolumeType": { + "markdownDescription": "The volume type. Volume types supported are gp3, gp2, io1, st1, sc1, and standard.", + "title": "VolumeType", "type": "string" } }, "required": [ - "TransformType" + "SizeInGB", + "VolumeType" ], "type": "object" }, - "AWS::Glue::Partition": { + "AWS::EMR::InstanceGroupConfig": { "additionalProperties": false, "properties": { "Condition": { @@ -106846,38 +110658,76 @@ "Properties": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The AWS account ID of the catalog in which the partion is to be created.\n\n> To specify the account ID, you can use the `Ref` intrinsic function with the `AWS::AccountId` pseudo parameter. For example: `!Ref AWS::AccountId`", - "title": "CatalogId", + "AutoScalingPolicy": { + "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.AutoScalingPolicy", + "markdownDescription": "`AutoScalingPolicy` is a subproperty of `InstanceGroupConfig` . `AutoScalingPolicy` defines how an instance group dynamically adds and terminates EC2 instances in response to the value of a CloudWatch metric. For more information, see [Using Automatic Scaling in Amazon EMR](https://docs.aws.amazon.com//emr/latest/ManagementGuide/emr-automatic-scaling.html) in the *Amazon EMR Management Guide* .", + "title": "AutoScalingPolicy" + }, + "BidPrice": { + "markdownDescription": "If specified, indicates that the instance group uses Spot Instances. This is the maximum price you are willing to pay for Spot Instances. Specify `OnDemandPrice` to set the amount equal to the On-Demand price, or specify an amount in USD.", + "title": "BidPrice", "type": "string" }, - "DatabaseName": { - "markdownDescription": "The name of the catalog database in which to create the partition.", - "title": "DatabaseName", + "Configurations": { + "items": { + "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.Configuration" + }, + "markdownDescription": "> Amazon EMR releases 4.x or later. \n\nThe list of configurations supplied for an Amazon EMR cluster instance group. You can specify a separate configuration for each instance group (master, core, and task).", + "title": "Configurations", + "type": "array" + }, + "CustomAmiId": { + "markdownDescription": "The custom AMI ID to use for the provisioned instance group.", + "title": "CustomAmiId", "type": "string" }, - "PartitionInput": { - "$ref": "#/definitions/AWS::Glue::Partition.PartitionInput", - "markdownDescription": "The structure used to create and update a partition.", - "title": "PartitionInput" + "EbsConfiguration": { + "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.EbsConfiguration", + "markdownDescription": "`EbsConfiguration` determines the EBS volumes to attach to EMR cluster instances.", + "title": "EbsConfiguration" }, - "TableName": { - "markdownDescription": "The name of the metadata table in which the partition is to be created.", - "title": "TableName", + "InstanceCount": { + "markdownDescription": "Target number of instances for the instance group.", + "title": "InstanceCount", + "type": "number" + }, + "InstanceRole": { + "markdownDescription": "The role of the instance group in the cluster.\n\n*Allowed Values* : TASK", + "title": "InstanceRole", + "type": "string" + }, + "InstanceType": { + "markdownDescription": "The Amazon EC2 instance type for all instances in the instance group.", + "title": "InstanceType", + "type": "string" + }, + "JobFlowId": { + "markdownDescription": "The ID of an Amazon EMR cluster that you want to associate this instance group with.", + "title": "JobFlowId", + "type": "string" + }, + "Market": { + "markdownDescription": "Market type of the Amazon EC2 instances used to create a cluster node.", + "title": "Market", + "type": "string" + }, + "Name": { + "markdownDescription": "Friendly name given to the instance group.", + "title": "Name", "type": "string" } }, "required": [ - "CatalogId", - "DatabaseName", - "PartitionInput", - "TableName" + "InstanceCount", + "InstanceRole", + "InstanceType", + "JobFlowId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Glue::Partition" + "AWS::EMR::InstanceGroupConfig" ], "type": "string" }, @@ -106896,247 +110746,316 @@ ], "type": "object" }, - "AWS::Glue::Partition.Column": { + "AWS::EMR::InstanceGroupConfig.AutoScalingPolicy": { "additionalProperties": false, "properties": { - "Comment": { - "markdownDescription": "A free-form text comment.", - "title": "Comment", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the `Column` .", - "title": "Name", - "type": "string" + "Constraints": { + "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.ScalingConstraints", + "markdownDescription": "The upper and lower Amazon EC2 instance limits for an automatic scaling policy. Automatic scaling activity will not cause an instance group to grow above or below these limits.", + "title": "Constraints" }, - "Type": { - "markdownDescription": "The data type of the `Column` .", - "title": "Type", - "type": "string" + "Rules": { + "items": { + "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.ScalingRule" + }, + "markdownDescription": "The scale-in and scale-out rules that comprise the automatic scaling policy.", + "title": "Rules", + "type": "array" } }, "required": [ - "Name" + "Constraints", + "Rules" ], "type": "object" }, - "AWS::Glue::Partition.Order": { + "AWS::EMR::InstanceGroupConfig.CloudWatchAlarmDefinition": { "additionalProperties": false, "properties": { - "Column": { - "markdownDescription": "The name of the column.", - "title": "Column", + "ComparisonOperator": { + "markdownDescription": "Determines how the metric specified by `MetricName` is compared to the value specified by `Threshold` .", + "title": "ComparisonOperator", "type": "string" }, - "SortOrder": { - "markdownDescription": "Indicates that the column is sorted in ascending order ( `== 1` ), or in descending order ( `==0` ).", - "title": "SortOrder", + "Dimensions": { + "items": { + "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.MetricDimension" + }, + "markdownDescription": "A CloudWatch metric dimension.", + "title": "Dimensions", + "type": "array" + }, + "EvaluationPeriods": { + "markdownDescription": "The number of periods, in five-minute increments, during which the alarm condition must exist before the alarm triggers automatic scaling activity. The default value is `1` .", + "title": "EvaluationPeriods", + "type": "number" + }, + "MetricName": { + "markdownDescription": "The name of the CloudWatch metric that is watched to determine an alarm condition.", + "title": "MetricName", + "type": "string" + }, + "Namespace": { + "markdownDescription": "The namespace for the CloudWatch metric. The default is `AWS/ElasticMapReduce` .", + "title": "Namespace", + "type": "string" + }, + "Period": { + "markdownDescription": "The period, in seconds, over which the statistic is applied. CloudWatch metrics for Amazon EMR are emitted every five minutes (300 seconds), so if you specify a CloudWatch metric, specify `300` .", + "title": "Period", + "type": "number" + }, + "Statistic": { + "markdownDescription": "The statistic to apply to the metric associated with the alarm. The default is `AVERAGE` .", + "title": "Statistic", + "type": "string" + }, + "Threshold": { + "markdownDescription": "The value against which the specified statistic is compared.", + "title": "Threshold", "type": "number" + }, + "Unit": { + "markdownDescription": "The unit of measure associated with the CloudWatch metric being watched. The value specified for `Unit` must correspond to the units specified in the CloudWatch metric.", + "title": "Unit", + "type": "string" } }, "required": [ - "Column" + "ComparisonOperator", + "MetricName", + "Period", + "Threshold" ], "type": "object" }, - "AWS::Glue::Partition.PartitionInput": { + "AWS::EMR::InstanceGroupConfig.Configuration": { "additionalProperties": false, "properties": { - "Parameters": { - "markdownDescription": "These key-value pairs define partition parameters.", - "title": "Parameters", - "type": "object" + "Classification": { + "markdownDescription": "The classification within a configuration.", + "title": "Classification", + "type": "string" }, - "StorageDescriptor": { - "$ref": "#/definitions/AWS::Glue::Partition.StorageDescriptor", - "markdownDescription": "Provides information about the physical location where the partition is stored.", - "title": "StorageDescriptor" + "ConfigurationProperties": { + "additionalProperties": true, + "markdownDescription": "Within a configuration classification, a set of properties that represent the settings that you want to change in the configuration file. Duplicates not allowed.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "ConfigurationProperties", + "type": "object" }, - "Values": { + "Configurations": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.Configuration" }, - "markdownDescription": "The values of the partition. Although this parameter is not required by the SDK, you must specify this parameter for a valid input.\n\nThe values for the keys for the new partition must be passed as an array of String objects that must be ordered in the same order as the partition keys appearing in the Amazon S3 prefix. Otherwise AWS Glue will add the values to the wrong keys.", - "title": "Values", + "markdownDescription": "A list of additional configurations to apply within a configuration object.", + "title": "Configurations", "type": "array" } }, + "type": "object" + }, + "AWS::EMR::InstanceGroupConfig.EbsBlockDeviceConfig": { + "additionalProperties": false, + "properties": { + "VolumeSpecification": { + "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.VolumeSpecification", + "markdownDescription": "EBS volume specifications such as volume type, IOPS, size (GiB) and throughput (MiB/s) that are requested for the EBS volume attached to an Amazon EC2 instance in the cluster.", + "title": "VolumeSpecification" + }, + "VolumesPerInstance": { + "markdownDescription": "Number of EBS volumes with a specific volume configuration that are associated with every instance in the instance group", + "title": "VolumesPerInstance", + "type": "number" + } + }, "required": [ - "Values" + "VolumeSpecification" ], "type": "object" }, - "AWS::Glue::Partition.SchemaId": { + "AWS::EMR::InstanceGroupConfig.EbsConfiguration": { "additionalProperties": false, "properties": { - "RegistryName": { - "markdownDescription": "The name of the schema registry that contains the schema.", - "title": "RegistryName", - "type": "string" + "EbsBlockDeviceConfigs": { + "items": { + "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.EbsBlockDeviceConfig" + }, + "markdownDescription": "An array of Amazon EBS volume specifications attached to a cluster instance.", + "title": "EbsBlockDeviceConfigs", + "type": "array" }, - "SchemaArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the schema. One of `SchemaArn` or `SchemaName` has to be\nprovided.", - "title": "SchemaArn", + "EbsOptimized": { + "markdownDescription": "Indicates whether an Amazon EBS volume is EBS-optimized. The default is false. You should explicitly set this value to true to enable the Amazon EBS-optimized setting for an EC2 instance.", + "title": "EbsOptimized", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EMR::InstanceGroupConfig.MetricDimension": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The dimension name.", + "title": "Key", "type": "string" }, - "SchemaName": { - "markdownDescription": "The name of the schema. One of `SchemaArn` or `SchemaName` has to be provided.", - "title": "SchemaName", + "Value": { + "markdownDescription": "The dimension value.", + "title": "Value", "type": "string" } }, + "required": [ + "Key", + "Value" + ], "type": "object" }, - "AWS::Glue::Partition.SchemaReference": { + "AWS::EMR::InstanceGroupConfig.ScalingAction": { "additionalProperties": false, "properties": { - "SchemaId": { - "$ref": "#/definitions/AWS::Glue::Partition.SchemaId", - "markdownDescription": "A structure that contains schema identity fields. Either this or the `SchemaVersionId` has to be\nprovided.", - "title": "SchemaId" - }, - "SchemaVersionId": { - "markdownDescription": "The unique ID assigned to a version of the schema. Either this or the `SchemaId` has to be provided.", - "title": "SchemaVersionId", + "Market": { + "markdownDescription": "Not available for instance groups. Instance groups use the market type specified for the group.", + "title": "Market", "type": "string" }, - "SchemaVersionNumber": { - "markdownDescription": "The version number of the schema.", - "title": "SchemaVersionNumber", + "SimpleScalingPolicyConfiguration": { + "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.SimpleScalingPolicyConfiguration", + "markdownDescription": "The type of adjustment the automatic scaling activity makes when triggered, and the periodicity of the adjustment.", + "title": "SimpleScalingPolicyConfiguration" + } + }, + "required": [ + "SimpleScalingPolicyConfiguration" + ], + "type": "object" + }, + "AWS::EMR::InstanceGroupConfig.ScalingConstraints": { + "additionalProperties": false, + "properties": { + "MaxCapacity": { + "markdownDescription": "The upper boundary of Amazon EC2 instances in an instance group beyond which scaling activities are not allowed to grow. Scale-out activities will not add instances beyond this boundary.", + "title": "MaxCapacity", + "type": "number" + }, + "MinCapacity": { + "markdownDescription": "The lower boundary of Amazon EC2 instances in an instance group below which scaling activities are not allowed to shrink. Scale-in activities will not terminate instances below this boundary.", + "title": "MinCapacity", "type": "number" } }, + "required": [ + "MaxCapacity", + "MinCapacity" + ], "type": "object" }, - "AWS::Glue::Partition.SerdeInfo": { + "AWS::EMR::InstanceGroupConfig.ScalingRule": { "additionalProperties": false, "properties": { + "Action": { + "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.ScalingAction", + "markdownDescription": "The conditions that trigger an automatic scaling activity.", + "title": "Action" + }, + "Description": { + "markdownDescription": "A friendly, more verbose description of the automatic scaling rule.", + "title": "Description", + "type": "string" + }, "Name": { - "markdownDescription": "Name of the SerDe.", + "markdownDescription": "The name used to identify an automatic scaling rule. Rule names must be unique within a scaling policy.", "title": "Name", "type": "string" }, - "Parameters": { - "markdownDescription": "These key-value pairs define initialization parameters for the SerDe.", - "title": "Parameters", - "type": "object" - }, - "SerializationLibrary": { - "markdownDescription": "Usually the class that implements the SerDe. An example is `org.apache.hadoop.hive.serde2.columnar.ColumnarSerDe` .", - "title": "SerializationLibrary", - "type": "string" + "Trigger": { + "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.ScalingTrigger", + "markdownDescription": "The CloudWatch alarm definition that determines when automatic scaling activity is triggered.", + "title": "Trigger" } }, + "required": [ + "Action", + "Name", + "Trigger" + ], "type": "object" }, - "AWS::Glue::Partition.SkewedInfo": { + "AWS::EMR::InstanceGroupConfig.ScalingTrigger": { "additionalProperties": false, "properties": { - "SkewedColumnNames": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of names of columns that contain skewed values.", - "title": "SkewedColumnNames", - "type": "array" - }, - "SkewedColumnValueLocationMaps": { - "markdownDescription": "A mapping of skewed values to the columns that contain them.", - "title": "SkewedColumnValueLocationMaps", - "type": "object" - }, - "SkewedColumnValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of values that appear so frequently as to be considered skewed.", - "title": "SkewedColumnValues", - "type": "array" + "CloudWatchAlarmDefinition": { + "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.CloudWatchAlarmDefinition", + "markdownDescription": "The definition of a CloudWatch metric alarm. When the defined alarm conditions are met along with other trigger parameters, scaling activity begins.", + "title": "CloudWatchAlarmDefinition" } }, + "required": [ + "CloudWatchAlarmDefinition" + ], "type": "object" }, - "AWS::Glue::Partition.StorageDescriptor": { + "AWS::EMR::InstanceGroupConfig.SimpleScalingPolicyConfiguration": { "additionalProperties": false, "properties": { - "BucketColumns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of reducer grouping columns, clustering columns, and bucketing columns in the table.", - "title": "BucketColumns", - "type": "array" - }, - "Columns": { - "items": { - "$ref": "#/definitions/AWS::Glue::Partition.Column" - }, - "markdownDescription": "A list of the `Columns` in the table.", - "title": "Columns", - "type": "array" - }, - "Compressed": { - "markdownDescription": "`True` if the data in the table is compressed, or `False` if not.", - "title": "Compressed", - "type": "boolean" - }, - "InputFormat": { - "markdownDescription": "The input format: `SequenceFileInputFormat` (binary), or `TextInputFormat` , or a custom format.", - "title": "InputFormat", - "type": "string" - }, - "Location": { - "markdownDescription": "The physical location of the table. By default, this takes the form of the warehouse location, followed by the database location in the warehouse, followed by the table name.", - "title": "Location", + "AdjustmentType": { + "markdownDescription": "The way in which Amazon EC2 instances are added (if `ScalingAdjustment` is a positive number) or terminated (if `ScalingAdjustment` is a negative number) each time the scaling activity is triggered. `CHANGE_IN_CAPACITY` is the default. `CHANGE_IN_CAPACITY` indicates that the Amazon EC2 instance count increments or decrements by `ScalingAdjustment` , which should be expressed as an integer. `PERCENT_CHANGE_IN_CAPACITY` indicates the instance count increments or decrements by the percentage specified by `ScalingAdjustment` , which should be expressed as an integer. For example, 20 indicates an increase in 20% increments of cluster capacity. `EXACT_CAPACITY` indicates the scaling activity results in an instance group with the number of Amazon EC2 instances specified by `ScalingAdjustment` , which should be expressed as a positive integer.", + "title": "AdjustmentType", "type": "string" }, - "NumberOfBuckets": { - "markdownDescription": "The number of buckets.\n\nYou must specify this property if the partition contains any dimension columns.", - "title": "NumberOfBuckets", + "CoolDown": { + "markdownDescription": "The amount of time, in seconds, after a scaling activity completes before any further trigger-related scaling activities can start. The default value is 0.", + "title": "CoolDown", "type": "number" }, - "OutputFormat": { - "markdownDescription": "The output format: `SequenceFileOutputFormat` (binary), or `IgnoreKeyTextOutputFormat` , or a custom format.", - "title": "OutputFormat", - "type": "string" - }, - "Parameters": { - "markdownDescription": "The user-supplied properties in key-value form.", - "title": "Parameters", - "type": "object" - }, - "SchemaReference": { - "$ref": "#/definitions/AWS::Glue::Partition.SchemaReference", - "markdownDescription": "An object that references a schema stored in the AWS Glue Schema Registry.", - "title": "SchemaReference" - }, - "SerdeInfo": { - "$ref": "#/definitions/AWS::Glue::Partition.SerdeInfo", - "markdownDescription": "The serialization/deserialization (SerDe) information.", - "title": "SerdeInfo" + "ScalingAdjustment": { + "markdownDescription": "The amount by which to scale in or scale out, based on the specified `AdjustmentType` . A positive value adds to the instance group's Amazon EC2 instance count while a negative number removes instances. If `AdjustmentType` is set to `EXACT_CAPACITY` , the number should only be a positive integer. If `AdjustmentType` is set to `PERCENT_CHANGE_IN_CAPACITY` , the value should express the percentage as an integer. For example, -20 indicates a decrease in 20% increments of cluster capacity.", + "title": "ScalingAdjustment", + "type": "number" + } + }, + "required": [ + "ScalingAdjustment" + ], + "type": "object" + }, + "AWS::EMR::InstanceGroupConfig.VolumeSpecification": { + "additionalProperties": false, + "properties": { + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS) that the volume supports.", + "title": "Iops", + "type": "number" }, - "SkewedInfo": { - "$ref": "#/definitions/AWS::Glue::Partition.SkewedInfo", - "markdownDescription": "The information about values that appear frequently in a column (skewed values).", - "title": "SkewedInfo" + "SizeInGB": { + "markdownDescription": "The volume size, in gibibytes (GiB). This can be a number from 1 - 1024. If the volume type is EBS-optimized, the minimum value is 10.", + "title": "SizeInGB", + "type": "number" }, - "SortColumns": { - "items": { - "$ref": "#/definitions/AWS::Glue::Partition.Order" - }, - "markdownDescription": "A list specifying the sort order of each bucket in the table.", - "title": "SortColumns", - "type": "array" + "Throughput": { + "markdownDescription": "The throughput, in mebibyte per second (MiB/s). This optional parameter can be a number from 125 - 1000 and is valid only for gp3 volumes.", + "title": "Throughput", + "type": "number" }, - "StoredAsSubDirectories": { - "markdownDescription": "`True` if the table data is stored in subdirectories, or `False` if not.", - "title": "StoredAsSubDirectories", - "type": "boolean" + "VolumeType": { + "markdownDescription": "The volume type. Volume types supported are gp3, gp2, io1, st1, sc1, and standard.", + "title": "VolumeType", + "type": "string" } }, + "required": [ + "SizeInGB", + "VolumeType" + ], "type": "object" }, - "AWS::Glue::Registry": { + "AWS::EMR::SecurityConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -107171,33 +111090,25 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the registry.", - "title": "Description", - "type": "string" - }, "Name": { - "markdownDescription": "The name of the registry.", + "markdownDescription": "The name of the security configuration.", "title": "Name", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "AWS tags that contain a key value pair and may be searched by console, command line, or API.", - "title": "Tags", - "type": "array" + "SecurityConfiguration": { + "markdownDescription": "The security configuration details in JSON format. For JSON parameters and examples, see [Use Security Configurations to Set Up Cluster Security](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-security-configurations.html) in the *Amazon EMR Management Guide* .", + "title": "SecurityConfiguration", + "type": "object" } }, "required": [ - "Name" + "SecurityConfiguration" ], "type": "object" }, "Type": { "enum": [ - "AWS::Glue::Registry" + "AWS::EMR::SecurityConfiguration" ], "type": "string" }, @@ -107216,7 +111127,7 @@ ], "type": "object" }, - "AWS::Glue::Schema": { + "AWS::EMR::Step": { "additionalProperties": false, "properties": { "Condition": { @@ -107251,61 +111162,38 @@ "Properties": { "additionalProperties": false, "properties": { - "CheckpointVersion": { - "$ref": "#/definitions/AWS::Glue::Schema.SchemaVersion", - "markdownDescription": "Specify the `VersionNumber` or the `IsLatest` for setting the checkpoint for the schema. This is only required for updating a checkpoint.", - "title": "CheckpointVersion" - }, - "Compatibility": { - "markdownDescription": "The compatibility mode of the schema.", - "title": "Compatibility", + "ActionOnFailure": { + "markdownDescription": "This specifies what action to take when the cluster step fails. Possible values are `CANCEL_AND_WAIT` and `CONTINUE` .", + "title": "ActionOnFailure", "type": "string" }, - "DataFormat": { - "markdownDescription": "The data format of the schema definition. Currently only `AVRO` is supported.", - "title": "DataFormat", - "type": "string" + "HadoopJarStep": { + "$ref": "#/definitions/AWS::EMR::Step.HadoopJarStepConfig", + "markdownDescription": "The `HadoopJarStepConfig` property type specifies a job flow step consisting of a JAR file whose main function will be executed. The main function submits a job for the cluster to execute as a step on the master node, and then waits for the job to finish or fail before executing subsequent steps.", + "title": "HadoopJarStep" }, - "Description": { - "markdownDescription": "A description of the schema if specified when created.", - "title": "Description", + "JobFlowId": { + "markdownDescription": "A string that uniquely identifies the cluster (job flow).", + "title": "JobFlowId", "type": "string" }, "Name": { - "markdownDescription": "Name of the schema to be created of max length of 255, and may only contain letters, numbers, hyphen, underscore, dollar sign, or hash mark. No whitespace.", + "markdownDescription": "The name of the cluster step.", "title": "Name", "type": "string" - }, - "Registry": { - "$ref": "#/definitions/AWS::Glue::Schema.Registry", - "markdownDescription": "The registry where a schema is stored.", - "title": "Registry" - }, - "SchemaDefinition": { - "markdownDescription": "The schema definition using the `DataFormat` setting for `SchemaName` .", - "title": "SchemaDefinition", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "AWS tags that contain a key value pair and may be searched by console, command line, or API.", - "title": "Tags", - "type": "array" } }, "required": [ - "Compatibility", - "DataFormat", - "Name", - "SchemaDefinition" + "ActionOnFailure", + "HadoopJarStep", + "JobFlowId", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Glue::Schema" + "AWS::EMR::Step" ], "type": "string" }, @@ -107324,39 +111212,58 @@ ], "type": "object" }, - "AWS::Glue::Schema.Registry": { + "AWS::EMR::Step.HadoopJarStepConfig": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the registry.", - "title": "Arn", + "Args": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of command line arguments passed to the JAR file's main function when executed.", + "title": "Args", + "type": "array" + }, + "Jar": { + "markdownDescription": "A path to a JAR file run during the step.", + "title": "Jar", "type": "string" }, - "Name": { - "markdownDescription": "The name of the registry.", - "title": "Name", + "MainClass": { + "markdownDescription": "The name of the main class in the specified Java file. If not specified, the JAR file should specify a Main-Class in its manifest file.", + "title": "MainClass", "type": "string" - } - }, - "type": "object" - }, - "AWS::Glue::Schema.SchemaVersion": { + }, + "StepProperties": { + "items": { + "$ref": "#/definitions/AWS::EMR::Step.KeyValue" + }, + "markdownDescription": "A list of Java properties that are set when the step runs. You can use these properties to pass key value pairs to your main function.", + "title": "StepProperties", + "type": "array" + } + }, + "required": [ + "Jar" + ], + "type": "object" + }, + "AWS::EMR::Step.KeyValue": { "additionalProperties": false, "properties": { - "IsLatest": { - "markdownDescription": "Indicates if this version is the latest version of the schema.", - "title": "IsLatest", - "type": "boolean" + "Key": { + "markdownDescription": "The unique identifier of a key-value pair.", + "title": "Key", + "type": "string" }, - "VersionNumber": { - "markdownDescription": "The version number of the schema.", - "title": "VersionNumber", - "type": "number" + "Value": { + "markdownDescription": "The value part of the identified key.", + "title": "Value", + "type": "string" } }, "type": "object" }, - "AWS::Glue::SchemaVersion": { + "AWS::EMR::Studio": { "additionalProperties": false, "properties": { "Condition": { @@ -107391,26 +111298,113 @@ "Properties": { "additionalProperties": false, "properties": { - "Schema": { - "$ref": "#/definitions/AWS::Glue::SchemaVersion.Schema", - "markdownDescription": "The schema that includes the schema version.", - "title": "Schema" + "AuthMode": { + "markdownDescription": "Specifies whether the Studio authenticates users using IAM Identity Center or IAM.", + "title": "AuthMode", + "type": "string" }, - "SchemaDefinition": { - "markdownDescription": "The schema definition for the schema version.", - "title": "SchemaDefinition", + "DefaultS3Location": { + "markdownDescription": "The Amazon S3 location to back up EMR Studio Workspaces and notebook files.", + "title": "DefaultS3Location", + "type": "string" + }, + "Description": { + "markdownDescription": "A detailed description of the Amazon EMR Studio.", + "title": "Description", + "type": "string" + }, + "EncryptionKeyArn": { + "markdownDescription": "The AWS KMS key identifier (ARN) used to encrypt Amazon EMR Studio workspace and notebook files when backed up to Amazon S3.", + "title": "EncryptionKeyArn", + "type": "string" + }, + "EngineSecurityGroupId": { + "markdownDescription": "The ID of the Amazon EMR Studio Engine security group. The Engine security group allows inbound network traffic from the Workspace security group, and it must be in the same VPC specified by `VpcId` .", + "title": "EngineSecurityGroupId", + "type": "string" + }, + "IdcInstanceArn": { + "markdownDescription": "The ARN of the IAM Identity Center instance the Studio application belongs to.", + "title": "IdcInstanceArn", + "type": "string" + }, + "IdcUserAssignment": { + "markdownDescription": "Indicates whether the Studio has `REQUIRED` or `OPTIONAL` IAM Identity Center user assignment. If the value is set to `REQUIRED` , users must be explicitly assigned to the Studio application to access the Studio.", + "title": "IdcUserAssignment", + "type": "string" + }, + "IdpAuthUrl": { + "markdownDescription": "Your identity provider's authentication endpoint. Amazon EMR Studio redirects federated users to this endpoint for authentication when logging in to a Studio with the Studio URL.", + "title": "IdpAuthUrl", + "type": "string" + }, + "IdpRelayStateParameterName": { + "markdownDescription": "The name of your identity provider's `RelayState` parameter.", + "title": "IdpRelayStateParameterName", + "type": "string" + }, + "Name": { + "markdownDescription": "A descriptive name for the Amazon EMR Studio.", + "title": "Name", + "type": "string" + }, + "ServiceRole": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that will be assumed by the Amazon EMR Studio. The service role provides a way for Amazon EMR Studio to interoperate with other AWS services.", + "title": "ServiceRole", + "type": "string" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of subnet IDs to associate with the Amazon EMR Studio. A Studio can have a maximum of 5 subnets. The subnets must belong to the VPC specified by `VpcId` . Studio users can create a Workspace in any of the specified subnets.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + }, + "TrustedIdentityPropagationEnabled": { + "markdownDescription": "Indicates whether the Studio has Trusted identity propagation enabled. The default value is `false` .", + "title": "TrustedIdentityPropagationEnabled", + "type": "boolean" + }, + "UserRole": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM user role that will be assumed by users and groups logged in to a Studio. The permissions attached to this IAM role can be scoped down for each user or group using session policies. You only need to specify `UserRole` when you set `AuthMode` to `SSO` .", + "title": "UserRole", + "type": "string" + }, + "VpcId": { + "markdownDescription": "The ID of the Amazon Virtual Private Cloud (Amazon VPC) to associate with the Studio.", + "title": "VpcId", + "type": "string" + }, + "WorkspaceSecurityGroupId": { + "markdownDescription": "The ID of the Workspace security group associated with the Amazon EMR Studio. The Workspace security group allows outbound network traffic to resources in the Engine security group and to the internet.", + "title": "WorkspaceSecurityGroupId", "type": "string" } }, "required": [ - "Schema", - "SchemaDefinition" + "AuthMode", + "DefaultS3Location", + "EngineSecurityGroupId", + "Name", + "ServiceRole", + "SubnetIds", + "VpcId", + "WorkspaceSecurityGroupId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Glue::SchemaVersion" + "AWS::EMR::Studio" ], "type": "string" }, @@ -107429,28 +111423,92 @@ ], "type": "object" }, - "AWS::Glue::SchemaVersion.Schema": { + "AWS::EMR::StudioSessionMapping": { "additionalProperties": false, "properties": { - "RegistryName": { - "markdownDescription": "The name of the registry where the schema is stored. Either `SchemaArn` , or `SchemaName` and `RegistryName` has to be provided.", - "title": "RegistryName", + "Condition": { "type": "string" }, - "SchemaArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the schema. Either `SchemaArn` , or `SchemaName` and `RegistryName` has to be provided.", - "title": "SchemaArn", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SchemaName": { - "markdownDescription": "The name of the schema. Either `SchemaArn` , or `SchemaName` and `RegistryName` has to be provided.", - "title": "SchemaName", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "IdentityName": { + "markdownDescription": "The name of the user or group. For more information, see [UserName](https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_User.html#singlesignon-Type-User-UserName) and [DisplayName](https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_Group.html#singlesignon-Type-Group-DisplayName) in the *IAM Identity Center Identity Store API Reference* .", + "title": "IdentityName", + "type": "string" + }, + "IdentityType": { + "markdownDescription": "Specifies whether the identity to map to the Amazon EMR Studio is a user or a group.", + "title": "IdentityType", + "type": "string" + }, + "SessionPolicyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the session policy that will be applied to the user or group. Session policies refine Studio user permissions without the need to use multiple IAM user roles. For more information, see [Create an EMR Studio user role with session policies](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-studio-user-role.html) in the *Amazon EMR Management Guide* .", + "title": "SessionPolicyArn", + "type": "string" + }, + "StudioId": { + "markdownDescription": "The ID of the Amazon EMR Studio to which the user or group will be mapped.", + "title": "StudioId", + "type": "string" + } + }, + "required": [ + "IdentityName", + "IdentityType", + "SessionPolicyArn", + "StudioId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::EMR::StudioSessionMapping" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::Glue::SchemaVersionMetadata": { + "AWS::EMR::WALWorkspace": { "additionalProperties": false, "properties": { "Condition": { @@ -107485,32 +111543,25 @@ "Properties": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "A metadata key in a key-value pair for metadata.", - "title": "Key", - "type": "string" - }, - "SchemaVersionId": { - "markdownDescription": "The version number of the schema.", - "title": "SchemaVersionId", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" }, - "Value": { - "markdownDescription": "A metadata key's corresponding value.", - "title": "Value", + "WALWorkspaceName": { + "markdownDescription": "", + "title": "WALWorkspaceName", "type": "string" } }, - "required": [ - "Key", - "SchemaVersionId", - "Value" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Glue::SchemaVersionMetadata" + "AWS::EMR::WALWorkspace" ], "type": "string" }, @@ -107524,12 +111575,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Glue::SecurityConfiguration": { + "AWS::EMRContainers::VirtualCluster": { "additionalProperties": false, "properties": { "Condition": { @@ -107564,26 +111614,39 @@ "Properties": { "additionalProperties": false, "properties": { - "EncryptionConfiguration": { - "$ref": "#/definitions/AWS::Glue::SecurityConfiguration.EncryptionConfiguration", - "markdownDescription": "The encryption configuration associated with this security configuration.", - "title": "EncryptionConfiguration" + "ContainerProvider": { + "$ref": "#/definitions/AWS::EMRContainers::VirtualCluster.ContainerProvider", + "markdownDescription": "The container provider of the virtual cluster.", + "title": "ContainerProvider" }, "Name": { - "markdownDescription": "The name of the security configuration.", + "markdownDescription": "The name of the virtual cluster.", "title": "Name", "type": "string" + }, + "SecurityConfigurationId": { + "markdownDescription": "The ID of the security configuration.", + "title": "SecurityConfigurationId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, "required": [ - "EncryptionConfiguration", + "ContainerProvider", "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Glue::SecurityConfiguration" + "AWS::EMRContainers::VirtualCluster" ], "type": "string" }, @@ -107602,81 +111665,61 @@ ], "type": "object" }, - "AWS::Glue::SecurityConfiguration.CloudWatchEncryption": { - "additionalProperties": false, - "properties": { - "CloudWatchEncryptionMode": { - "markdownDescription": "The encryption mode to use for CloudWatch data.", - "title": "CloudWatchEncryptionMode", - "type": "string" - }, - "KmsKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key to be used to encrypt the data.", - "title": "KmsKeyArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Glue::SecurityConfiguration.EncryptionConfiguration": { + "AWS::EMRContainers::VirtualCluster.ContainerInfo": { "additionalProperties": false, "properties": { - "CloudWatchEncryption": { - "$ref": "#/definitions/AWS::Glue::SecurityConfiguration.CloudWatchEncryption", - "markdownDescription": "The encryption configuration for Amazon CloudWatch.", - "title": "CloudWatchEncryption" - }, - "JobBookmarksEncryption": { - "$ref": "#/definitions/AWS::Glue::SecurityConfiguration.JobBookmarksEncryption", - "markdownDescription": "The encryption configuration for job bookmarks.", - "title": "JobBookmarksEncryption" - }, - "S3Encryptions": { - "$ref": "#/definitions/AWS::Glue::SecurityConfiguration.S3Encryptions", - "markdownDescription": "The encyption configuration for Amazon Simple Storage Service (Amazon S3) data.", - "title": "S3Encryptions" + "EksInfo": { + "$ref": "#/definitions/AWS::EMRContainers::VirtualCluster.EksInfo", + "markdownDescription": "The information about the Amazon EKS cluster.", + "title": "EksInfo" } }, + "required": [ + "EksInfo" + ], "type": "object" }, - "AWS::Glue::SecurityConfiguration.JobBookmarksEncryption": { + "AWS::EMRContainers::VirtualCluster.ContainerProvider": { "additionalProperties": false, "properties": { - "JobBookmarksEncryptionMode": { - "markdownDescription": "The encryption mode to use for job bookmarks data.", - "title": "JobBookmarksEncryptionMode", + "Id": { + "markdownDescription": "The ID of the container cluster.\n\n*Minimum* : 1\n\n*Maximum* : 100\n\n*Pattern* : `^[0-9A-Za-z][A-Za-z0-9\\-_]*`", + "title": "Id", "type": "string" }, - "KmsKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key to be used to encrypt the data.", - "title": "KmsKeyArn", + "Info": { + "$ref": "#/definitions/AWS::EMRContainers::VirtualCluster.ContainerInfo", + "markdownDescription": "The information about the container cluster.", + "title": "Info" + }, + "Type": { + "markdownDescription": "The type of the container provider. Amazon EKS is the only supported type as of now.", + "title": "Type", "type": "string" } }, + "required": [ + "Id", + "Info", + "Type" + ], "type": "object" }, - "AWS::Glue::SecurityConfiguration.S3Encryption": { + "AWS::EMRContainers::VirtualCluster.EksInfo": { "additionalProperties": false, "properties": { - "KmsKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key to be used to encrypt the data.", - "title": "KmsKeyArn", - "type": "string" - }, - "S3EncryptionMode": { - "markdownDescription": "The encryption mode to use for Amazon S3 data.", - "title": "S3EncryptionMode", + "Namespace": { + "markdownDescription": "The namespaces of the EKS cluster.\n\n*Minimum* : 1\n\n*Maximum* : 63\n\n*Pattern* : `[a-z0-9]([-a-z0-9]*[a-z0-9])?`", + "title": "Namespace", "type": "string" } }, + "required": [ + "Namespace" + ], "type": "object" }, - "AWS::Glue::SecurityConfiguration.S3Encryptions": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::Glue::Table": { + "AWS::EMRServerless::Application": { "additionalProperties": false, "properties": { "Condition": { @@ -107711,37 +111754,116 @@ "Properties": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The ID of the Data Catalog in which to create the `Table` .", - "title": "CatalogId", + "Architecture": { + "markdownDescription": "The CPU architecture of an application.", + "title": "Architecture", "type": "string" }, - "DatabaseName": { - "markdownDescription": "The name of the database where the table metadata resides. For Hive compatibility, this must be all lowercase.", - "title": "DatabaseName", + "AutoStartConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.AutoStartConfiguration", + "markdownDescription": "The configuration for an application to automatically start on job submission.", + "title": "AutoStartConfiguration" + }, + "AutoStopConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.AutoStopConfiguration", + "markdownDescription": "The configuration for an application to automatically stop after a certain amount of time being idle.", + "title": "AutoStopConfiguration" + }, + "IdentityCenterConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.IdentityCenterConfiguration", + "markdownDescription": "A configuration specification to be used when provisioning an application. A configuration consists of a classification, properties, and optional nested configurations. A classification refers to an application-specific configuration file. Properties are the settings you want to change in that file.", + "title": "IdentityCenterConfiguration" + }, + "ImageConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.ImageConfigurationInput", + "markdownDescription": "The image configuration applied to all worker types.", + "title": "ImageConfiguration" + }, + "InitialCapacity": { + "items": { + "$ref": "#/definitions/AWS::EMRServerless::Application.InitialCapacityConfigKeyValuePair" + }, + "markdownDescription": "The initial capacity of the application.", + "title": "InitialCapacity", + "type": "array" + }, + "InteractiveConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.InteractiveConfiguration", + "markdownDescription": "The interactive configuration object that enables the interactive use cases for an application.", + "title": "InteractiveConfiguration" + }, + "MaximumCapacity": { + "$ref": "#/definitions/AWS::EMRServerless::Application.MaximumAllowedResources", + "markdownDescription": "The maximum capacity of the application. This is cumulative across all workers at any given point in time during the lifespan of the application is created. No new resources will be created once any one of the defined limits is hit.", + "title": "MaximumCapacity" + }, + "MonitoringConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.MonitoringConfiguration", + "markdownDescription": "A configuration specification to be used when provisioning an application. A configuration consists of a classification, properties, and optional nested configurations. A classification refers to an application-specific configuration file. Properties are the settings you want to change in that file.", + "title": "MonitoringConfiguration" + }, + "Name": { + "markdownDescription": "The name of the application.", + "title": "Name", "type": "string" }, - "OpenTableFormatInput": { - "$ref": "#/definitions/AWS::Glue::Table.OpenTableFormatInput", - "markdownDescription": "Specifies an `OpenTableFormatInput` structure when creating an open format table.", - "title": "OpenTableFormatInput" + "NetworkConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.NetworkConfiguration", + "markdownDescription": "The network configuration for customer VPC connectivity for the application.", + "title": "NetworkConfiguration" }, - "TableInput": { - "$ref": "#/definitions/AWS::Glue::Table.TableInput", - "markdownDescription": "A structure used to define a table.", - "title": "TableInput" + "ReleaseLabel": { + "markdownDescription": "The EMR release associated with the application.", + "title": "ReleaseLabel", + "type": "string" + }, + "RuntimeConfiguration": { + "items": { + "$ref": "#/definitions/AWS::EMRServerless::Application.ConfigurationObject" + }, + "markdownDescription": "The [Configuration](https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_Configuration.html) specifications of an application. Each configuration consists of a classification and properties. You use this parameter when creating or updating an application. To see the runtimeConfiguration object of an application, run the [GetApplication](https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_GetApplication.html) API operation.", + "title": "RuntimeConfiguration", + "type": "array" + }, + "SchedulerConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.SchedulerConfiguration", + "markdownDescription": "The scheduler configuration for batch and streaming jobs running on this application. Supported with release labels emr-7.0.0 and above.", + "title": "SchedulerConfiguration" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags assigned to the application.", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of application, such as Spark or Hive.", + "title": "Type", + "type": "string" + }, + "WorkerTypeSpecifications": { + "additionalProperties": false, + "markdownDescription": "The specification applied to each worker type.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::EMRServerless::Application.WorkerTypeSpecificationInput" + } + }, + "title": "WorkerTypeSpecifications", + "type": "object" } }, "required": [ - "CatalogId", - "DatabaseName", - "TableInput" + "ReleaseLabel", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::Glue::Table" + "AWS::EMRServerless::Application" ], "type": "string" }, @@ -107760,343 +111882,375 @@ ], "type": "object" }, - "AWS::Glue::Table.Column": { + "AWS::EMRServerless::Application.AutoStartConfiguration": { "additionalProperties": false, "properties": { - "Comment": { - "markdownDescription": "A free-form text comment.", - "title": "Comment", + "Enabled": { + "markdownDescription": "Enables the application to automatically start on job submission.", + "title": "Enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EMRServerless::Application.AutoStopConfiguration": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Enables the application to automatically stop after a certain amount of time being idle. Defaults to true.", + "title": "Enabled", + "type": "boolean" + }, + "IdleTimeoutMinutes": { + "markdownDescription": "The amount of idle time in minutes after which your application will automatically stop. Defaults to 15 minutes.", + "title": "IdleTimeoutMinutes", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EMRServerless::Application.CloudWatchLoggingConfiguration": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Enables CloudWatch logging.", + "title": "Enabled", + "type": "boolean" + }, + "EncryptionKeyArn": { + "markdownDescription": "The AWS Key Management Service (KMS) key ARN to encrypt the logs that you store in CloudWatch Logs.", + "title": "EncryptionKeyArn", "type": "string" }, - "Name": { - "markdownDescription": "The name of the `Column` .", - "title": "Name", + "LogGroupName": { + "markdownDescription": "The name of the log group in Amazon CloudWatch Logs where you want to publish your logs.", + "title": "LogGroupName", "type": "string" }, - "Type": { - "markdownDescription": "The data type of the `Column` .", - "title": "Type", + "LogStreamNamePrefix": { + "markdownDescription": "Prefix for the CloudWatch log stream name.", + "title": "LogStreamNamePrefix", + "type": "string" + }, + "LogTypeMap": { + "items": { + "$ref": "#/definitions/AWS::EMRServerless::Application.LogTypeMapKeyValuePair" + }, + "markdownDescription": "", + "title": "LogTypeMap", + "type": "array" + } + }, + "type": "object" + }, + "AWS::EMRServerless::Application.ConfigurationObject": { + "additionalProperties": false, + "properties": { + "Classification": { + "markdownDescription": "The classification within a configuration.", + "title": "Classification", "type": "string" + }, + "Configurations": { + "items": { + "$ref": "#/definitions/AWS::EMRServerless::Application.ConfigurationObject" + }, + "markdownDescription": "A list of additional configurations to apply within a configuration object.", + "title": "Configurations", + "type": "array" + }, + "Properties": { + "additionalProperties": true, + "markdownDescription": "A set of properties specified within a configuration classification.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Properties", + "type": "object" } }, "required": [ - "Name" + "Classification" ], "type": "object" }, - "AWS::Glue::Table.IcebergInput": { + "AWS::EMRServerless::Application.IdentityCenterConfiguration": { "additionalProperties": false, "properties": { - "MetadataOperation": { - "$ref": "#/definitions/AWS::Glue::Table.MetadataOperation", - "markdownDescription": "A required metadata operation. Can only be set to CREATE.", - "title": "MetadataOperation" - }, - "Version": { - "markdownDescription": "The table version for the Iceberg table. Defaults to 2.", - "title": "Version", + "IdentityCenterInstanceArn": { + "markdownDescription": "", + "title": "IdentityCenterInstanceArn", "type": "string" } }, "type": "object" }, - "AWS::Glue::Table.MetadataOperation": { + "AWS::EMRServerless::Application.ImageConfigurationInput": { "additionalProperties": false, - "properties": {}, + "properties": { + "ImageUri": { + "markdownDescription": "The URI of an image in the Amazon ECR registry. This field is required when you create a new application. If you leave this field blank in an update, Amazon EMR will remove the image configuration.", + "title": "ImageUri", + "type": "string" + } + }, "type": "object" }, - "AWS::Glue::Table.OpenTableFormatInput": { + "AWS::EMRServerless::Application.InitialCapacityConfig": { "additionalProperties": false, "properties": { - "IcebergInput": { - "$ref": "#/definitions/AWS::Glue::Table.IcebergInput", - "markdownDescription": "Specifies an `IcebergInput` structure that defines an Apache Iceberg metadata table.", - "title": "IcebergInput" + "WorkerConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.WorkerConfiguration", + "markdownDescription": "The resource configuration of the initial capacity configuration.", + "title": "WorkerConfiguration" + }, + "WorkerCount": { + "markdownDescription": "The number of workers in the initial capacity configuration.", + "title": "WorkerCount", + "type": "number" } }, + "required": [ + "WorkerConfiguration", + "WorkerCount" + ], "type": "object" }, - "AWS::Glue::Table.Order": { + "AWS::EMRServerless::Application.InitialCapacityConfigKeyValuePair": { "additionalProperties": false, "properties": { - "Column": { - "markdownDescription": "The name of the column.", - "title": "Column", + "Key": { + "markdownDescription": "", + "title": "Key", "type": "string" }, - "SortOrder": { - "markdownDescription": "Indicates that the column is sorted in ascending order ( `== 1` ), or in descending order ( `==0` ).", - "title": "SortOrder", - "type": "number" + "Value": { + "$ref": "#/definitions/AWS::EMRServerless::Application.InitialCapacityConfig", + "markdownDescription": "", + "title": "Value" } }, "required": [ - "Column", - "SortOrder" + "Key", + "Value" ], "type": "object" }, - "AWS::Glue::Table.SchemaId": { + "AWS::EMRServerless::Application.InteractiveConfiguration": { "additionalProperties": false, "properties": { - "RegistryName": { - "markdownDescription": "The name of the schema registry that contains the schema.", - "title": "RegistryName", - "type": "string" + "LivyEndpointEnabled": { + "markdownDescription": "Enables an Apache Livy endpoint that you can connect to and run interactive jobs.", + "title": "LivyEndpointEnabled", + "type": "boolean" }, - "SchemaArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the schema. One of `SchemaArn` or `SchemaName` has to be\nprovided.", - "title": "SchemaArn", + "StudioEnabled": { + "markdownDescription": "Enables you to connect an application to Amazon EMR Studio to run interactive workloads in a notebook.", + "title": "StudioEnabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EMRServerless::Application.LogTypeMapKeyValuePair": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "", + "title": "Key", "type": "string" }, - "SchemaName": { - "markdownDescription": "The name of the schema. One of `SchemaArn` or `SchemaName` has to be provided.", - "title": "SchemaName", - "type": "string" + "Value": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "Value", + "type": "array" } }, + "required": [ + "Key", + "Value" + ], "type": "object" }, - "AWS::Glue::Table.SchemaReference": { + "AWS::EMRServerless::Application.ManagedPersistenceMonitoringConfiguration": { "additionalProperties": false, "properties": { - "SchemaId": { - "$ref": "#/definitions/AWS::Glue::Table.SchemaId", - "markdownDescription": "A structure that contains schema identity fields. Either this or the `SchemaVersionId` has to be\nprovided.", - "title": "SchemaId" + "Enabled": { + "markdownDescription": "Enables managed logging and defaults to true. If set to false, managed logging will be turned off.", + "title": "Enabled", + "type": "boolean" }, - "SchemaVersionId": { - "markdownDescription": "The unique ID assigned to a version of the schema. Either this or the `SchemaId` has to be provided.", - "title": "SchemaVersionId", + "EncryptionKeyArn": { + "markdownDescription": "The KMS key ARN to encrypt the logs stored in managed log persistence.", + "title": "EncryptionKeyArn", "type": "string" - }, - "SchemaVersionNumber": { - "markdownDescription": "The version number of the schema.", - "title": "SchemaVersionNumber", - "type": "number" } }, "type": "object" }, - "AWS::Glue::Table.SerdeInfo": { + "AWS::EMRServerless::Application.MaximumAllowedResources": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "Name of the SerDe.", - "title": "Name", + "Cpu": { + "markdownDescription": "The maximum allowed CPU for an application.", + "title": "Cpu", "type": "string" }, - "Parameters": { - "markdownDescription": "These key-value pairs define initialization parameters for the SerDe.", - "title": "Parameters", - "type": "object" + "Disk": { + "markdownDescription": "The maximum allowed disk for an application.", + "title": "Disk", + "type": "string" }, - "SerializationLibrary": { - "markdownDescription": "Usually the class that implements the SerDe. An example is `org.apache.hadoop.hive.serde2.columnar.ColumnarSerDe` .", - "title": "SerializationLibrary", + "Memory": { + "markdownDescription": "The maximum allowed resources for an application.", + "title": "Memory", "type": "string" } }, + "required": [ + "Cpu", + "Memory" + ], "type": "object" }, - "AWS::Glue::Table.SkewedInfo": { + "AWS::EMRServerless::Application.MonitoringConfiguration": { "additionalProperties": false, "properties": { - "SkewedColumnNames": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of names of columns that contain skewed values.", - "title": "SkewedColumnNames", - "type": "array" + "CloudWatchLoggingConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.CloudWatchLoggingConfiguration", + "markdownDescription": "The Amazon CloudWatch configuration for monitoring logs. You can configure your jobs to send log information to CloudWatch.", + "title": "CloudWatchLoggingConfiguration" }, - "SkewedColumnValueLocationMaps": { - "markdownDescription": "A mapping of skewed values to the columns that contain them.", - "title": "SkewedColumnValueLocationMaps", - "type": "object" + "ManagedPersistenceMonitoringConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.ManagedPersistenceMonitoringConfiguration", + "markdownDescription": "The managed log persistence configuration for a job run.", + "title": "ManagedPersistenceMonitoringConfiguration" }, - "SkewedColumnValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of values that appear so frequently as to be considered skewed.", - "title": "SkewedColumnValues", - "type": "array" + "PrometheusMonitoringConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.PrometheusMonitoringConfiguration", + "markdownDescription": "The monitoring configuration object you can configure to send metrics to Amazon Managed Service for Prometheus for a job run.", + "title": "PrometheusMonitoringConfiguration" + }, + "S3MonitoringConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.S3MonitoringConfiguration", + "markdownDescription": "The Amazon S3 configuration for monitoring log publishing.", + "title": "S3MonitoringConfiguration" } }, "type": "object" }, - "AWS::Glue::Table.StorageDescriptor": { + "AWS::EMRServerless::Application.NetworkConfiguration": { "additionalProperties": false, "properties": { - "BucketColumns": { + "SecurityGroupIds": { "items": { "type": "string" }, - "markdownDescription": "A list of reducer grouping columns, clustering columns, and bucketing columns in the table.", - "title": "BucketColumns", - "type": "array" - }, - "Columns": { - "items": { - "$ref": "#/definitions/AWS::Glue::Table.Column" - }, - "markdownDescription": "A list of the `Columns` in the table.", - "title": "Columns", + "markdownDescription": "The array of security group Ids for customer VPC connectivity.", + "title": "SecurityGroupIds", "type": "array" }, - "Compressed": { - "markdownDescription": "`True` if the data in the table is compressed, or `False` if not.", - "title": "Compressed", - "type": "boolean" - }, - "InputFormat": { - "markdownDescription": "The input format: `SequenceFileInputFormat` (binary), or `TextInputFormat` , or a custom format.", - "title": "InputFormat", - "type": "string" - }, - "Location": { - "markdownDescription": "The physical location of the table. By default, this takes the form of the warehouse location, followed by the database location in the warehouse, followed by the table name.", - "title": "Location", - "type": "string" - }, - "NumberOfBuckets": { - "markdownDescription": "Must be specified if the table contains any dimension columns.", - "title": "NumberOfBuckets", - "type": "number" - }, - "OutputFormat": { - "markdownDescription": "The output format: `SequenceFileOutputFormat` (binary), or `IgnoreKeyTextOutputFormat` , or a custom format.", - "title": "OutputFormat", - "type": "string" - }, - "Parameters": { - "markdownDescription": "The user-supplied properties in key-value form.", - "title": "Parameters", - "type": "object" - }, - "SchemaReference": { - "$ref": "#/definitions/AWS::Glue::Table.SchemaReference", - "markdownDescription": "An object that references a schema stored in the AWS Glue Schema Registry.", - "title": "SchemaReference" - }, - "SerdeInfo": { - "$ref": "#/definitions/AWS::Glue::Table.SerdeInfo", - "markdownDescription": "The serialization/deserialization (SerDe) information.", - "title": "SerdeInfo" - }, - "SkewedInfo": { - "$ref": "#/definitions/AWS::Glue::Table.SkewedInfo", - "markdownDescription": "The information about values that appear frequently in a column (skewed values).", - "title": "SkewedInfo" - }, - "SortColumns": { + "SubnetIds": { "items": { - "$ref": "#/definitions/AWS::Glue::Table.Order" + "type": "string" }, - "markdownDescription": "A list specifying the sort order of each bucket in the table.", - "title": "SortColumns", + "markdownDescription": "The array of subnet Ids for customer VPC connectivity.", + "title": "SubnetIds", "type": "array" - }, - "StoredAsSubDirectories": { - "markdownDescription": "`True` if the table data is stored in subdirectories, or `False` if not.", - "title": "StoredAsSubDirectories", - "type": "boolean" } }, "type": "object" }, - "AWS::Glue::Table.TableIdentifier": { + "AWS::EMRServerless::Application.PrometheusMonitoringConfiguration": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The ID of the Data Catalog in which the table resides.", - "title": "CatalogId", - "type": "string" - }, - "DatabaseName": { - "markdownDescription": "The name of the catalog database that contains the target table.", - "title": "DatabaseName", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the target table.", - "title": "Name", - "type": "string" - }, - "Region": { - "markdownDescription": "The Region of the table.", - "title": "Region", + "RemoteWriteUrl": { + "markdownDescription": "The remote write URL in the Amazon Managed Service for Prometheus workspace to send metrics to.", + "title": "RemoteWriteUrl", "type": "string" } }, "type": "object" }, - "AWS::Glue::Table.TableInput": { + "AWS::EMRServerless::Application.S3MonitoringConfiguration": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the table.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The table name. For Hive compatibility, this is folded to lowercase when it is stored.", - "title": "Name", + "EncryptionKeyArn": { + "markdownDescription": "The KMS key ARN to encrypt the logs published to the given Amazon S3 destination.", + "title": "EncryptionKeyArn", "type": "string" }, - "Owner": { - "markdownDescription": "The table owner. Included for Apache Hive compatibility. Not used in the normal course of AWS Glue operations.", - "title": "Owner", + "LogUri": { + "markdownDescription": "The Amazon S3 destination URI for log publishing.", + "title": "LogUri", "type": "string" - }, - "Parameters": { - "markdownDescription": "These key-value pairs define properties associated with the table.", - "title": "Parameters", - "type": "object" - }, - "PartitionKeys": { - "items": { - "$ref": "#/definitions/AWS::Glue::Table.Column" - }, - "markdownDescription": "A list of columns by which the table is partitioned. Only primitive types are supported as partition keys.\n\nWhen you create a table used by Amazon Athena, and you do not specify any `partitionKeys` , you must at least set the value of `partitionKeys` to an empty list. For example:\n\n`\"PartitionKeys\": []`", - "title": "PartitionKeys", - "type": "array" - }, - "Retention": { - "markdownDescription": "The retention time for this table.", - "title": "Retention", + } + }, + "type": "object" + }, + "AWS::EMRServerless::Application.SchedulerConfiguration": { + "additionalProperties": false, + "properties": { + "MaxConcurrentRuns": { + "markdownDescription": "The maximum concurrent job runs on this application. If scheduler configuration is enabled on your application, the default value is 15. The valid range is 1 to 1000.", + "title": "MaxConcurrentRuns", "type": "number" }, - "StorageDescriptor": { - "$ref": "#/definitions/AWS::Glue::Table.StorageDescriptor", - "markdownDescription": "A storage descriptor containing information about the physical storage of this table.", - "title": "StorageDescriptor" - }, - "TableType": { - "markdownDescription": "The type of this table. AWS Glue will create tables with the `EXTERNAL_TABLE` type. Other services, such as Athena, may create tables with additional table types.\n\nAWS Glue related table types:\n\n- **EXTERNAL_TABLE** - Hive compatible attribute - indicates a non-Hive managed table.\n- **GOVERNED** - Used by AWS Lake Formation . The AWS Glue Data Catalog understands `GOVERNED` .", - "title": "TableType", + "QueueTimeoutMinutes": { + "markdownDescription": "The maximum duration in minutes for the job in QUEUED state. If scheduler configuration is enabled on your application, the default value is 360 minutes (6 hours). The valid range is from 15 to 720.", + "title": "QueueTimeoutMinutes", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EMRServerless::Application.WorkerConfiguration": { + "additionalProperties": false, + "properties": { + "Cpu": { + "markdownDescription": "The CPU requirements of the worker configuration. Each worker can have 1, 2, 4, 8, or 16 vCPUs.", + "title": "Cpu", "type": "string" }, - "TargetTable": { - "$ref": "#/definitions/AWS::Glue::Table.TableIdentifier", - "markdownDescription": "A `TableIdentifier` structure that describes a target table for resource linking.", - "title": "TargetTable" + "Disk": { + "markdownDescription": "The disk requirements of the worker configuration.", + "title": "Disk", + "type": "string" }, - "ViewExpandedText": { - "markdownDescription": "Included for Apache Hive compatibility. Not used in the normal course of AWS Glue operations.", - "title": "ViewExpandedText", + "DiskType": { + "markdownDescription": "The disk type for every worker instance of the work type. Shuffle optimized disks have higher performance characteristics and are better for shuffle heavy workloads. Default is `STANDARD` .", + "title": "DiskType", "type": "string" }, - "ViewOriginalText": { - "markdownDescription": "Included for Apache Hive compatibility. Not used in the normal course of AWS Glue operations. If the table is a `VIRTUAL_VIEW` , certain Athena configuration encoded in base64.", - "title": "ViewOriginalText", + "Memory": { + "markdownDescription": "The memory requirements of the worker configuration.", + "title": "Memory", "type": "string" } }, + "required": [ + "Cpu", + "Memory" + ], "type": "object" }, - "AWS::Glue::TableOptimizer": { + "AWS::EMRServerless::Application.WorkerTypeSpecificationInput": { + "additionalProperties": false, + "properties": { + "ImageConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.ImageConfigurationInput", + "markdownDescription": "The image configuration for a worker type.", + "title": "ImageConfiguration" + } + }, + "type": "object" + }, + "AWS::EVS::Environment": { "additionalProperties": false, "properties": { "Condition": { @@ -108131,44 +112285,98 @@ "Properties": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The catalog ID of the table.", - "title": "CatalogId", + "ConnectivityInfo": { + "$ref": "#/definitions/AWS::EVS::Environment.ConnectivityInfo", + "markdownDescription": "The connectivity configuration for the environment. Amazon EVS requires that you specify two route server peer IDs. During environment creation, the route server endpoints peer with the NSX uplink VLAN for connectivity to the NSX overlay network.", + "title": "ConnectivityInfo" + }, + "EnvironmentName": { + "markdownDescription": "The name of the environment.", + "title": "EnvironmentName", "type": "string" }, - "DatabaseName": { - "markdownDescription": "The name of the database. For Hive compatibility, this is folded to lowercase when it is stored.", - "title": "DatabaseName", + "Hosts": { + "items": { + "$ref": "#/definitions/AWS::EVS::Environment.HostInfoForCreate" + }, + "markdownDescription": "Required for environment resource creation.", + "title": "Hosts", + "type": "array" + }, + "InitialVlans": { + "$ref": "#/definitions/AWS::EVS::Environment.InitialVlans", + "markdownDescription": "> Amazon EVS is in public preview release and is subject to change. \n\nThe initial VLAN subnets for the environment. Amazon EVS VLAN subnets have a minimum CIDR block size of /28 and a maximum size of /24. Amazon EVS VLAN subnet CIDR blocks must not overlap with other subnets in the VPC.\n\nRequired for environment resource creation.", + "title": "InitialVlans" + }, + "KmsKeyId": { + "markdownDescription": "The AWS KMS key ID that AWS Secrets Manager uses to encrypt secrets that are associated with the environment. These secrets contain the VCF credentials that are needed to install vCenter Server, NSX, and SDDC Manager.\n\nBy default, Amazon EVS use the AWS Secrets Manager managed key `aws/secretsmanager` . You can also specify a customer managed key.", + "title": "KmsKeyId", "type": "string" }, - "TableName": { - "markdownDescription": "The table name. For Hive compatibility, this must be entirely lowercase.", - "title": "TableName", + "LicenseInfo": { + "$ref": "#/definitions/AWS::EVS::Environment.LicenseInfo", + "markdownDescription": "The license information that Amazon EVS requires to create an environment. Amazon EVS requires two license keys: a VCF solution key and a vSAN license key. The VCF solution key must cover a minimum of 256 cores. The vSAN license key must provide at least 110 TiB of vSAN capacity.", + "title": "LicenseInfo" + }, + "ServiceAccessSecurityGroups": { + "$ref": "#/definitions/AWS::EVS::Environment.ServiceAccessSecurityGroups", + "markdownDescription": "The security groups that allow traffic between the Amazon EVS control plane and your VPC for service access. If a security group is not specified, Amazon EVS uses the default security group in your account for service access.", + "title": "ServiceAccessSecurityGroups" + }, + "ServiceAccessSubnetId": { + "markdownDescription": "The subnet that is used to establish connectivity between the Amazon EVS control plane and VPC. Amazon EVS uses this subnet to perform validations and create the environment.", + "title": "ServiceAccessSubnetId", "type": "string" }, - "TableOptimizerConfiguration": { - "$ref": "#/definitions/AWS::Glue::TableOptimizer.TableOptimizerConfiguration", - "markdownDescription": "Specifies configuration details of a table optimizer.", - "title": "TableOptimizerConfiguration" + "SiteId": { + "markdownDescription": "The Broadcom Site ID that is associated with your Amazon EVS environment. Amazon EVS uses the Broadcom Site ID that you provide to meet Broadcom VCF license usage reporting requirements for Amazon EVS.", + "title": "SiteId", + "type": "string" }, - "Type": { - "markdownDescription": "The type of table optimizer. The valid values are:\n\n- compaction - for managing compaction with a table optimizer.\n- retention - for managing the retention of snapshot with a table optimizer.\n- orphan_file_deletion - for managing the deletion of orphan files with a table optimizer.", - "title": "Type", + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or AWS resources.", + "title": "Tags", + "type": "array" + }, + "TermsAccepted": { + "markdownDescription": "Customer confirmation that the customer has purchased and will continue to maintain the required number of VCF software licenses to cover all physical processor cores in the Amazon EVS environment. Information about your VCF software in Amazon EVS will be shared with Broadcom to verify license compliance.", + "title": "TermsAccepted", + "type": "boolean" + }, + "VcfHostnames": { + "$ref": "#/definitions/AWS::EVS::Environment.VcfHostnames", + "markdownDescription": "The DNS hostnames to be used by the VCF management appliances in your environment.\n\nFor environment creation to be successful, each hostname entry must resolve to a domain name that you've registered in your DNS service of choice and configured in the DHCP option set of your VPC. DNS hostnames cannot be changed after environment creation has started.", + "title": "VcfHostnames" + }, + "VcfVersion": { + "markdownDescription": "The VCF version of the environment.", + "title": "VcfVersion", + "type": "string" + }, + "VpcId": { + "markdownDescription": "The VPC associated with the environment.", + "title": "VpcId", "type": "string" } }, "required": [ - "CatalogId", - "DatabaseName", - "TableName", - "TableOptimizerConfiguration", - "Type" + "ConnectivityInfo", + "LicenseInfo", + "ServiceAccessSubnetId", + "SiteId", + "TermsAccepted", + "VcfHostnames", + "VcfVersion", + "VpcId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Glue::TableOptimizer" + "AWS::EVS::Environment" ], "type": "string" }, @@ -108187,342 +112395,274 @@ ], "type": "object" }, - "AWS::Glue::TableOptimizer.TableOptimizerConfiguration": { + "AWS::EVS::Environment.Check": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Whether the table optimization is enabled.", - "title": "Enabled", - "type": "boolean" + "ImpairedSince": { + "markdownDescription": "The time when environment health began to be impaired.", + "title": "ImpairedSince", + "type": "string" }, - "RoleArn": { - "markdownDescription": "A role passed by the caller which gives the service permission to update the resources associated with the optimizer on the caller's behalf.", - "title": "RoleArn", + "Result": { + "markdownDescription": "The check result.", + "title": "Result", + "type": "string" + }, + "Type": { + "markdownDescription": "The check type. Amazon EVS performs the following checks.\n\n- `KEY_REUSE` : checks that the VCF license key is not used by another Amazon EVS environment. This check fails if a used license is added to the environment.\n- `KEY_COVERAGE` : checks that your VCF license key allocates sufficient vCPU cores for all deployed hosts. The check fails when any assigned hosts in the EVS environment are not covered by license keys, or when any unassigned hosts cannot be covered by available vCPU cores in keys.\n- `REACHABILITY` : checks that the Amazon EVS control plane has a persistent connection to SDDC Manager. If Amazon EVS cannot reach the environment, this check fails.\n- `HOST_COUNT` : Checks that your environment has a minimum of 4 hosts, which is a requirement for VCF 5.2.1.\n\nIf this check fails, you will need to add hosts so that your environment meets this minimum requirement. Amazon EVS only supports environments with 4-16 hosts.", + "title": "Type", "type": "string" } }, "required": [ - "Enabled", - "RoleArn" + "Result", + "Type" ], "type": "object" }, - "AWS::Glue::Trigger": { + "AWS::EVS::Environment.ConnectivityInfo": { "additionalProperties": false, "properties": { - "Condition": { + "PrivateRouteServerPeerings": { + "items": { + "type": "string" + }, + "markdownDescription": "The unique IDs for private route server peers.", + "title": "PrivateRouteServerPeerings", + "type": "array" + } + }, + "required": [ + "PrivateRouteServerPeerings" + ], + "type": "object" + }, + "AWS::EVS::Environment.HostInfoForCreate": { + "additionalProperties": false, + "properties": { + "DedicatedHostId": { + "markdownDescription": "The unique ID of the Amazon EC2 Dedicated Host.", + "title": "DedicatedHostId", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "HostName": { + "markdownDescription": "The DNS hostname of the host. DNS hostnames for hosts must be unique across Amazon EVS environments and within VCF.", + "title": "HostName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::Glue::Trigger.Action" - }, - "markdownDescription": "The actions initiated by this trigger.", - "title": "Actions", - "type": "array" - }, - "Description": { - "markdownDescription": "A description of this trigger.", - "title": "Description", - "type": "string" - }, - "EventBatchingCondition": { - "$ref": "#/definitions/AWS::Glue::Trigger.EventBatchingCondition", - "markdownDescription": "Batch condition that must be met (specified number of events received or batch time window expired) before EventBridge event trigger fires.", - "title": "EventBatchingCondition" - }, - "Name": { - "markdownDescription": "The name of the trigger.", - "title": "Name", - "type": "string" - }, - "Predicate": { - "$ref": "#/definitions/AWS::Glue::Trigger.Predicate", - "markdownDescription": "The predicate of this trigger, which defines when it will fire.", - "title": "Predicate" - }, - "Schedule": { - "markdownDescription": "A `cron` expression used to specify the schedule. For more information, see [Time-Based Schedules for Jobs and Crawlers](https://docs.aws.amazon.com/glue/latest/dg/monitor-data-warehouse-schedule.html) in the *AWS Glue Developer Guide* . For example, to run something every day at 12:15 UTC, specify `cron(15 12 * * ? *)` .", - "title": "Schedule", - "type": "string" - }, - "StartOnCreation": { - "markdownDescription": "Set to true to start `SCHEDULED` and `CONDITIONAL` triggers when created. True is not supported for `ON_DEMAND` triggers.", - "title": "StartOnCreation", - "type": "boolean" - }, - "Tags": { - "markdownDescription": "The tags to use with this trigger.", - "title": "Tags", - "type": "object" - }, - "Type": { - "markdownDescription": "The type of trigger that this is.", - "title": "Type", - "type": "string" - }, - "WorkflowName": { - "markdownDescription": "The name of the workflow associated with the trigger.", - "title": "WorkflowName", - "type": "string" - } - }, - "required": [ - "Actions", - "Type" - ], - "type": "object" + "InstanceType": { + "markdownDescription": "The EC2 instance type that represents the host.", + "title": "InstanceType", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Glue::Trigger" - ], + "KeyName": { + "markdownDescription": "The name of the SSH key that is used to access the host.", + "title": "KeyName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "PlacementGroupId": { + "markdownDescription": "The unique ID of the placement group where the host is placed.", + "title": "PlacementGroupId", "type": "string" } }, "required": [ - "Type", - "Properties" + "HostName", + "InstanceType", + "KeyName" ], "type": "object" }, - "AWS::Glue::Trigger.Action": { + "AWS::EVS::Environment.InitialVlanInfo": { "additionalProperties": false, "properties": { - "Arguments": { - "markdownDescription": "The job arguments used when this trigger fires. For this job run, they replace the default arguments set in the job definition itself.\n\nYou can specify arguments here that your own job-execution script consumes, in addition to arguments that AWS Glue itself consumes.\n\nFor information about how to specify and consume your own job arguments, see [Calling AWS Glue APIs in Python](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-python-calling.html) in the *AWS Glue Developer Guide* .\n\nFor information about the key-value pairs that AWS Glue consumes to set up your job, see the [Special Parameters Used by AWS Glue](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-etl-glue-arguments.html) topic in the developer guide.", - "title": "Arguments", - "type": "object" - }, - "CrawlerName": { - "markdownDescription": "The name of the crawler to be used with this action.", - "title": "CrawlerName", - "type": "string" - }, - "JobName": { - "markdownDescription": "The name of a job to be executed.", - "title": "JobName", - "type": "string" - }, - "NotificationProperty": { - "$ref": "#/definitions/AWS::Glue::Trigger.NotificationProperty", - "markdownDescription": "Specifies configuration properties of a job run notification.", - "title": "NotificationProperty" - }, - "SecurityConfiguration": { - "markdownDescription": "The name of the `SecurityConfiguration` structure to be used with this action.", - "title": "SecurityConfiguration", + "Cidr": { + "markdownDescription": "The CIDR block that you provide to create an Amazon EVS VLAN subnet. Amazon EVS VLAN subnets have a minimum CIDR block size of /28 and a maximum size of /24. Amazon EVS VLAN subnet CIDR blocks must not overlap with other subnets in the VPC.", + "title": "Cidr", "type": "string" - }, - "Timeout": { - "markdownDescription": "The `JobRun` timeout in minutes. This is the maximum time that a job run can consume resources before it is terminated and enters TIMEOUT status. The default is 2,880 minutes (48 hours). This overrides the timeout value set in the parent job.", - "title": "Timeout", - "type": "number" } }, + "required": [ + "Cidr" + ], "type": "object" }, - "AWS::Glue::Trigger.Condition": { + "AWS::EVS::Environment.InitialVlans": { "additionalProperties": false, "properties": { - "CrawlState": { - "markdownDescription": "The state of the crawler to which this condition applies.", - "title": "CrawlState", - "type": "string" + "EdgeVTep": { + "$ref": "#/definitions/AWS::EVS::Environment.InitialVlanInfo", + "markdownDescription": "The edge VTEP VLAN subnet. This VLAN subnet manages traffic flowing between the internal network and external networks, including internet access and other site connections.", + "title": "EdgeVTep" }, - "CrawlerName": { - "markdownDescription": "The name of the crawler to which this condition applies.", - "title": "CrawlerName", - "type": "string" + "ExpansionVlan1": { + "$ref": "#/definitions/AWS::EVS::Environment.InitialVlanInfo", + "markdownDescription": "An additional VLAN subnet that can be used to extend VCF capabilities once configured. For example, you can configure an expansion VLAN subnet to use NSX Federation for centralized management and synchronization of multiple NSX deployments across different locations.", + "title": "ExpansionVlan1" }, - "JobName": { - "markdownDescription": "The name of the job whose `JobRuns` this condition applies to, and on which this trigger waits.", - "title": "JobName", - "type": "string" + "ExpansionVlan2": { + "$ref": "#/definitions/AWS::EVS::Environment.InitialVlanInfo", + "markdownDescription": "An additional VLAN subnet that can be used to extend VCF capabilities once configured. For example, you can configure an expansion VLAN subnet to use NSX Federation for centralized management and synchronization of multiple NSX deployments across different locations.", + "title": "ExpansionVlan2" }, - "LogicalOperator": { - "markdownDescription": "A logical operator.", - "title": "LogicalOperator", - "type": "string" + "Hcx": { + "$ref": "#/definitions/AWS::EVS::Environment.InitialVlanInfo", + "markdownDescription": "The HCX VLAN subnet. This VLAN subnet allows the HCX Interconnnect (IX) and HCX Network Extension (NE) to reach their peers and enable HCX Service Mesh creation.", + "title": "Hcx" }, - "State": { - "markdownDescription": "The condition state. Currently, the values supported are `SUCCEEDED` , `STOPPED` , `TIMEOUT` , and `FAILED` .", - "title": "State", - "type": "string" + "NsxUpLink": { + "$ref": "#/definitions/AWS::EVS::Environment.InitialVlanInfo", + "markdownDescription": "The NSX uplink VLAN subnet. This VLAN subnet allows connectivity to the NSX overlay network.", + "title": "NsxUpLink" + }, + "VMotion": { + "$ref": "#/definitions/AWS::EVS::Environment.InitialVlanInfo", + "markdownDescription": "The vMotion VLAN subnet. This VLAN subnet carries traffic for vSphere vMotion.", + "title": "VMotion" + }, + "VSan": { + "$ref": "#/definitions/AWS::EVS::Environment.InitialVlanInfo", + "markdownDescription": "The vSAN VLAN subnet. This VLAN subnet carries the communication between ESXi hosts to implement a vSAN shared storage pool.", + "title": "VSan" + }, + "VTep": { + "$ref": "#/definitions/AWS::EVS::Environment.InitialVlanInfo", + "markdownDescription": "The VTEP VLAN subnet. This VLAN subnet handles internal network traffic between virtual machines within a VCF instance.", + "title": "VTep" + }, + "VmManagement": { + "$ref": "#/definitions/AWS::EVS::Environment.InitialVlanInfo", + "markdownDescription": "The VM management VLAN subnet. This VLAN subnet carries traffic for vSphere virtual machines.", + "title": "VmManagement" + }, + "VmkManagement": { + "$ref": "#/definitions/AWS::EVS::Environment.InitialVlanInfo", + "markdownDescription": "The host VMkernel management VLAN subnet. This VLAN subnet carries traffic for managing ESXi hosts and communicating with VMware vCenter Server.", + "title": "VmkManagement" } }, + "required": [ + "EdgeVTep", + "ExpansionVlan1", + "ExpansionVlan2", + "Hcx", + "NsxUpLink", + "VMotion", + "VSan", + "VTep", + "VmManagement", + "VmkManagement" + ], "type": "object" }, - "AWS::Glue::Trigger.EventBatchingCondition": { + "AWS::EVS::Environment.LicenseInfo": { "additionalProperties": false, "properties": { - "BatchSize": { - "markdownDescription": "Number of events that must be received from Amazon EventBridge before EventBridge event trigger fires.", - "title": "BatchSize", - "type": "number" + "SolutionKey": { + "markdownDescription": "The VCF solution key. This license unlocks VMware VCF product features, including vSphere, NSX, SDDC Manager, and vCenter Server. The VCF solution key must cover a minimum of 256 cores.", + "title": "SolutionKey", + "type": "string" }, - "BatchWindow": { - "markdownDescription": "Window of time in seconds after which EventBridge event trigger fires. Window starts when first event is received.", - "title": "BatchWindow", - "type": "number" + "VsanKey": { + "markdownDescription": "The VSAN license key. This license unlocks vSAN features. The vSAN license key must provide at least 110 TiB of vSAN capacity.", + "title": "VsanKey", + "type": "string" } }, "required": [ - "BatchSize" + "SolutionKey", + "VsanKey" ], "type": "object" }, - "AWS::Glue::Trigger.NotificationProperty": { + "AWS::EVS::Environment.Secret": { "additionalProperties": false, "properties": { - "NotifyDelayAfter": { - "markdownDescription": "After a job run starts, the number of minutes to wait before sending a job run delay notification", - "title": "NotifyDelayAfter", - "type": "number" + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the secret.", + "title": "SecretArn", + "type": "string" } }, "type": "object" }, - "AWS::Glue::Trigger.Predicate": { + "AWS::EVS::Environment.ServiceAccessSecurityGroups": { "additionalProperties": false, "properties": { - "Conditions": { + "SecurityGroups": { "items": { - "$ref": "#/definitions/AWS::Glue::Trigger.Condition" + "type": "string" }, - "markdownDescription": "A list of the conditions that determine when the trigger will fire.", - "title": "Conditions", + "markdownDescription": "The security groups that allow service access.", + "title": "SecurityGroups", "type": "array" - }, - "Logical": { - "markdownDescription": "An optional field if only one condition is listed. If multiple conditions are listed, then this field is required.", - "title": "Logical", - "type": "string" } }, "type": "object" }, - "AWS::Glue::Workflow": { + "AWS::EVS::Environment.VcfHostnames": { "additionalProperties": false, "properties": { - "Condition": { + "CloudBuilder": { + "markdownDescription": "The hostname for VMware Cloud Builder.", + "title": "CloudBuilder", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Nsx": { + "markdownDescription": "The VMware NSX hostname.", + "title": "Nsx", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "NsxEdge1": { + "markdownDescription": "The hostname for the first NSX Edge node.", + "title": "NsxEdge1", + "type": "string" }, - "Metadata": { - "type": "object" + "NsxEdge2": { + "markdownDescription": "The hostname for the second NSX Edge node.", + "title": "NsxEdge2", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DefaultRunProperties": { - "markdownDescription": "A collection of properties to be used as part of each execution of the workflow", - "title": "DefaultRunProperties", - "type": "object" - }, - "Description": { - "markdownDescription": "A description of the workflow", - "title": "Description", - "type": "string" - }, - "MaxConcurrentRuns": { - "markdownDescription": "You can use this parameter to prevent unwanted multiple updates to data, to control costs, or in some cases, to prevent exceeding the maximum number of concurrent runs of any of the component jobs. If you leave this parameter blank, there is no limit to the number of concurrent workflow runs.", - "title": "MaxConcurrentRuns", - "type": "number" - }, - "Name": { - "markdownDescription": "The name of the workflow representing the flow", - "title": "Name", - "type": "string" - }, - "Tags": { - "markdownDescription": "The tags to use with this workflow.", - "title": "Tags", - "type": "object" - } - }, - "type": "object" + "NsxManager1": { + "markdownDescription": "The hostname for the first VMware NSX Manager virtual machine (VM).", + "title": "NsxManager1", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Glue::Workflow" - ], + "NsxManager2": { + "markdownDescription": "The hostname for the second VMware NSX Manager virtual machine (VM).", + "title": "NsxManager2", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "NsxManager3": { + "markdownDescription": "The hostname for the third VMware NSX Manager virtual machine (VM).", + "title": "NsxManager3", + "type": "string" + }, + "SddcManager": { + "markdownDescription": "The hostname for SDDC Manager.", + "title": "SddcManager", + "type": "string" + }, + "VCenter": { + "markdownDescription": "The VMware vCenter hostname.", + "title": "VCenter", "type": "string" } }, "required": [ - "Type" + "CloudBuilder", + "Nsx", + "NsxEdge1", + "NsxEdge2", + "NsxManager1", + "NsxManager2", + "NsxManager3", + "SddcManager", + "VCenter" ], "type": "object" }, - "AWS::Grafana::Workspace": { + "AWS::ElastiCache::CacheCluster": { "additionalProperties": false, "properties": { "Condition": { @@ -108557,114 +112697,160 @@ "Properties": { "additionalProperties": false, "properties": { - "AccountAccessType": { - "markdownDescription": "Specifies whether the workspace can access AWS resources in this AWS account only, or whether it can also access AWS resources in other accounts in the same organization. If this is `ORGANIZATION` , the `OrganizationalUnits` parameter specifies which organizational units the workspace can access.", - "title": "AccountAccessType", + "AZMode": { + "markdownDescription": "Specifies whether the nodes in this Memcached cluster are created in a single Availability Zone or created across multiple Availability Zones in the cluster's region.\n\nThis parameter is only supported for Memcached clusters.\n\nIf the `AZMode` and `PreferredAvailabilityZones` are not specified, ElastiCache assumes `single-az` mode.", + "title": "AZMode", "type": "string" }, - "AuthenticationProviders": { + "AutoMinorVersionUpgrade": { + "markdownDescription": "If you are running Valkey 7.2 or later, or Redis OSS engine version 6.0 or later, set this parameter to yes if you want to opt-in to the next minor version upgrade campaign. This parameter is disabled for previous versions.", + "title": "AutoMinorVersionUpgrade", + "type": "boolean" + }, + "CacheNodeType": { + "markdownDescription": "The compute and memory capacity of the nodes in the node group (shard).\n\nThe following node types are supported by ElastiCache. Generally speaking, the current generation types provide more memory and computational power at lower cost when compared to their equivalent previous generation counterparts. Changing the CacheNodeType of a Memcached instance is currently not supported. If you need to scale using Memcached, we recommend forcing a replacement update by changing the `LogicalResourceId` of the resource.\n\n- General purpose:\n\n- Current generation:\n\n*M6g node types:* `cache.m6g.large` , `cache.m6g.xlarge` , `cache.m6g.2xlarge` , `cache.m6g.4xlarge` , `cache.m6g.8xlarge` , `cache.m6g.12xlarge` , `cache.m6g.16xlarge` , `cache.m6g.24xlarge`\n\n*M5 node types:* `cache.m5.large` , `cache.m5.xlarge` , `cache.m5.2xlarge` , `cache.m5.4xlarge` , `cache.m5.12xlarge` , `cache.m5.24xlarge`\n\n*M4 node types:* `cache.m4.large` , `cache.m4.xlarge` , `cache.m4.2xlarge` , `cache.m4.4xlarge` , `cache.m4.10xlarge`\n\n*T4g node types:* `cache.t4g.micro` , `cache.t4g.small` , `cache.t4g.medium`\n\n*T3 node types:* `cache.t3.micro` , `cache.t3.small` , `cache.t3.medium`\n\n*T2 node types:* `cache.t2.micro` , `cache.t2.small` , `cache.t2.medium`\n- Previous generation: (not recommended)\n\n*T1 node types:* `cache.t1.micro`\n\n*M1 node types:* `cache.m1.small` , `cache.m1.medium` , `cache.m1.large` , `cache.m1.xlarge`\n\n*M3 node types:* `cache.m3.medium` , `cache.m3.large` , `cache.m3.xlarge` , `cache.m3.2xlarge`\n- Compute optimized:\n\n- Previous generation: (not recommended)\n\n*C1 node types:* `cache.c1.xlarge`\n- Memory optimized:\n\n- Current generation:\n\n*R6gd node types:* `cache.r6gd.xlarge` , `cache.r6gd.2xlarge` , `cache.r6gd.4xlarge` , `cache.r6gd.8xlarge` , `cache.r6gd.12xlarge` , `cache.r6gd.16xlarge`\n\n> The `r6gd` family is available in the following regions: `us-east-2` , `us-east-1` , `us-west-2` , `us-west-1` , `eu-west-1` , `eu-central-1` , `ap-northeast-1` , `ap-southeast-1` , `ap-southeast-2` . \n\n*R6g node types:* `cache.r6g.large` , `cache.r6g.xlarge` , `cache.r6g.2xlarge` , `cache.r6g.4xlarge` , `cache.r6g.8xlarge` , `cache.r6g.12xlarge` , `cache.r6g.16xlarge` , `cache.r6g.24xlarge`\n\n*R5 node types:* `cache.r5.large` , `cache.r5.xlarge` , `cache.r5.2xlarge` , `cache.r5.4xlarge` , `cache.r5.12xlarge` , `cache.r5.24xlarge`\n\n*R4 node types:* `cache.r4.large` , `cache.r4.xlarge` , `cache.r4.2xlarge` , `cache.r4.4xlarge` , `cache.r4.8xlarge` , `cache.r4.16xlarge`\n- Previous generation: (not recommended)\n\n*M2 node types:* `cache.m2.xlarge` , `cache.m2.2xlarge` , `cache.m2.4xlarge`\n\n*R3 node types:* `cache.r3.large` , `cache.r3.xlarge` , `cache.r3.2xlarge` , `cache.r3.4xlarge` , `cache.r3.8xlarge`\n\nFor region availability, see [Supported Node Types by Region](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/CacheNodes.SupportedTypes.html#CacheNodes.SupportedTypesByRegion)\n\n*Additional node type info*\n\n- All current generation instance types are created in Amazon VPC by default.\n- Valkey and Redis OSS append-only files (AOF) are not supported for T1 or T2 instances.\n- Valkey and Redis OSS Multi-AZ with automatic failover is not supported on T1 instances.\n- Redis OSS configuration variables `appendonly` and `appendfsync` are not supported on Redis OSS version 2.8.22 and later.", + "title": "CacheNodeType", + "type": "string" + }, + "CacheParameterGroupName": { + "markdownDescription": "The name of the parameter group to associate with this cluster. If this argument is omitted, the default parameter group for the specified engine is used. You cannot use any parameter group which has `cluster-enabled='yes'` when creating a cluster.", + "title": "CacheParameterGroupName", + "type": "string" + }, + "CacheSecurityGroupNames": { "items": { "type": "string" }, - "markdownDescription": "Specifies whether this workspace uses SAML 2.0, AWS IAM Identity Center , or both to authenticate users for using the Grafana console within a workspace. For more information, see [User authentication in Amazon Managed Grafana](https://docs.aws.amazon.com/grafana/latest/userguide/authentication-in-AMG.html) .\n\n*Allowed Values* : `AWS_SSO | SAML`", - "title": "AuthenticationProviders", + "markdownDescription": "A list of security group names to associate with this cluster.\n\nUse this parameter only when you are creating a cluster outside of an Amazon Virtual Private Cloud (Amazon VPC).", + "title": "CacheSecurityGroupNames", "type": "array" }, - "ClientToken": { - "markdownDescription": "A unique, case-sensitive, user-provided identifier to ensure the idempotency of the request.", - "title": "ClientToken", + "CacheSubnetGroupName": { + "markdownDescription": "The name of the subnet group to be used for the cluster.\n\nUse this parameter only when you are creating a cluster in an Amazon Virtual Private Cloud (Amazon VPC).\n\n> If you're going to launch your cluster in an Amazon VPC, you need to create a subnet group before you start creating a cluster. For more information, see `[AWS::ElastiCache::SubnetGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticache-subnetgroup.html) .`", + "title": "CacheSubnetGroupName", "type": "string" }, - "DataSources": { + "ClusterName": { + "markdownDescription": "A name for the cache cluster. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the cache cluster. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nThe name must contain 1 to 50 alphanumeric characters or hyphens. The name must start with a letter and cannot end with a hyphen or contain two consecutive hyphens.", + "title": "ClusterName", + "type": "string" + }, + "Engine": { + "markdownDescription": "The name of the cache engine to be used for this cluster.\n\nValid values for this parameter are: `memcached` | valkey | `redis`", + "title": "Engine", + "type": "string" + }, + "EngineVersion": { + "markdownDescription": "The version number of the cache engine to be used for this cluster. To view the supported cache engine versions, use the DescribeCacheEngineVersions operation.\n\n*Important:* You can upgrade to a newer engine version (see [Selecting a Cache Engine and Version](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/SelectEngine.html#VersionManagement) ), but you cannot downgrade to an earlier engine version. If you want to use an earlier engine version, you must delete the existing cluster or replication group and create it anew with the earlier engine version.", + "title": "EngineVersion", + "type": "string" + }, + "IpDiscovery": { + "markdownDescription": "The network type you choose when modifying a cluster, either `ipv4` | `ipv6` . IPv6 is supported for workloads using Valkey 7.2 and above, Redis OSS engine version 6.2 to 7.1 and Memcached engine version 1.6.6 and above on all instances built on the [Nitro system](https://docs.aws.amazon.com/ec2/nitro/) .", + "title": "IpDiscovery", + "type": "string" + }, + "LogDeliveryConfigurations": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::ElastiCache::CacheCluster.LogDeliveryConfigurationRequest" }, - "markdownDescription": "Specifies the AWS data sources that have been configured to have IAM roles and permissions created to allow Amazon Managed Grafana to read data from these sources.\n\nThis list is only used when the workspace was created through the AWS console, and the `permissionType` is `SERVICE_MANAGED` .", - "title": "DataSources", + "markdownDescription": "Specifies the destination, format and type of the logs.", + "title": "LogDeliveryConfigurations", "type": "array" }, - "Description": { - "markdownDescription": "The user-defined description of the workspace.", - "title": "Description", + "NetworkType": { + "markdownDescription": "Must be either `ipv4` | `ipv6` | `dual_stack` . IPv6 is supported for workloads using Valkey 7.2 and above, Redis OSS engine version 6.2 to 7.1 and Memcached engine version 1.6.6 and above on all instances built on the [Nitro system](https://docs.aws.amazon.com/ec2/nitro/) .", + "title": "NetworkType", "type": "string" }, - "GrafanaVersion": { - "markdownDescription": "Specifies the version of Grafana to support in the workspace. Defaults to the latest version on create (for example, 9.4), or the current version of the workspace on update.\n\nCan only be used to upgrade (for example, from 8.4 to 9.4), not downgrade (for example, from 9.4 to 8.4).\n\nTo know what versions are available to upgrade to for a specific workspace, see the [ListVersions](https://docs.aws.amazon.com/grafana/latest/APIReference/API_ListVersions.html) operation.", - "title": "GrafanaVersion", + "NotificationTopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Simple Notification Service (SNS) topic to which notifications are sent.\n\n> The Amazon SNS topic owner must be the same as the cluster owner.", + "title": "NotificationTopicArn", "type": "string" }, - "Name": { - "markdownDescription": "The name of the workspace.", - "title": "Name", - "type": "string" + "NumCacheNodes": { + "markdownDescription": "The number of cache nodes that the cache cluster should have.\n\n> However, if the `PreferredAvailabilityZone` and `PreferredAvailabilityZones` properties were not previously specified and you don't specify any new values, an update requires [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", + "title": "NumCacheNodes", + "type": "number" }, - "NetworkAccessControl": { - "$ref": "#/definitions/AWS::Grafana::Workspace.NetworkAccessControl", - "markdownDescription": "The configuration settings for network access to your workspace.", - "title": "NetworkAccessControl" + "Port": { + "markdownDescription": "The port number on which each of the cache nodes accepts connections.", + "title": "Port", + "type": "number" }, - "NotificationDestinations": { + "PreferredAvailabilityZone": { + "markdownDescription": "The EC2 Availability Zone in which the cluster is created.\n\nAll nodes belonging to this cluster are placed in the preferred Availability Zone. If you want to create your nodes across multiple Availability Zones, use `PreferredAvailabilityZones` .\n\nDefault: System chosen Availability Zone.", + "title": "PreferredAvailabilityZone", + "type": "string" + }, + "PreferredAvailabilityZones": { "items": { "type": "string" }, - "markdownDescription": "The AWS notification channels that Amazon Managed Grafana can automatically create IAM roles and permissions for, to allow Amazon Managed Grafana to use these channels.\n\n*AllowedValues* : `SNS`", - "title": "NotificationDestinations", + "markdownDescription": "A list of the Availability Zones in which cache nodes are created. The order of the zones in the list is not important.\n\nThis option is only supported on Memcached.\n\n> If you are creating your cluster in an Amazon VPC (recommended) you can only locate nodes in Availability Zones that are associated with the subnets in the selected subnet group.\n> \n> The number of Availability Zones listed must equal the value of `NumCacheNodes` . \n\nIf you want all the nodes in the same Availability Zone, use `PreferredAvailabilityZone` instead, or repeat the Availability Zone multiple times in the list.\n\nDefault: System chosen Availability Zones.", + "title": "PreferredAvailabilityZones", "type": "array" }, - "OrganizationRoleName": { - "markdownDescription": "The name of the IAM role that is used to access resources through Organizations.", - "title": "OrganizationRoleName", + "PreferredMaintenanceWindow": { + "markdownDescription": "Specifies the weekly time range during which maintenance on the cluster is performed. It is specified as a range in the format ddd:hh24:mi-ddd:hh24:mi (24H Clock UTC). The minimum maintenance window is a 60 minute period.\n\nValid values for `ddd` are:\n\n- `sun`\n- `mon`\n- `tue`\n- `wed`\n- `thu`\n- `fri`\n- `sat`\n\nExample: `sun:23:00-mon:01:30`", + "title": "PreferredMaintenanceWindow", "type": "string" }, - "OrganizationalUnits": { + "SnapshotArns": { "items": { "type": "string" }, - "markdownDescription": "Specifies the organizational units that this workspace is allowed to use data sources from, if this workspace is in an account that is part of an organization.", - "title": "OrganizationalUnits", + "markdownDescription": "A single-element string list containing an Amazon Resource Name (ARN) that uniquely identifies a Valkey or Redis OSS RDB snapshot file stored in Amazon S3. The snapshot file is used to populate the node group (shard). The Amazon S3 object name in the ARN cannot contain any commas.\n\n> This parameter is only valid if the `Engine` parameter is `redis` . \n\nExample of an Amazon S3 ARN: `arn:aws:s3:::my_bucket/snapshot1.rdb`", + "title": "SnapshotArns", "type": "array" }, - "PermissionType": { - "markdownDescription": "If this is `SERVICE_MANAGED` , and the workplace was created through the Amazon Managed Grafana console, then Amazon Managed Grafana automatically creates the IAM roles and provisions the permissions that the workspace needs to use AWS data sources and notification channels.\n\nIf this is `CUSTOMER_MANAGED` , you must manage those roles and permissions yourself.\n\nIf you are working with a workspace in a member account of an organization and that account is not a delegated administrator account, and you want the workspace to access data sources in other AWS accounts in the organization, this parameter must be set to `CUSTOMER_MANAGED` .\n\nFor more information about converting between customer and service managed, see [Managing permissions for data sources and notification channels](https://docs.aws.amazon.com/grafana/latest/userguide/AMG-datasource-and-notification.html) . For more information about the roles and permissions that must be managed for customer managed workspaces, see [Amazon Managed Grafana permissions and policies for AWS data sources and notification channels](https://docs.aws.amazon.com/grafana/latest/userguide/AMG-manage-permissions.html)", - "title": "PermissionType", + "SnapshotName": { + "markdownDescription": "The name of a Valkey or Redis OSS snapshot from which to restore data into the new node group (shard). The snapshot status changes to `restoring` while the new node group (shard) is being created.\n\n> This parameter is only valid if the `Engine` parameter is `redis` .", + "title": "SnapshotName", "type": "string" }, - "PluginAdminEnabled": { - "markdownDescription": "Whether plugin administration is enabled in the workspace. Setting to `true` allows workspace admins to install, uninstall, and update plugins from within the Grafana workspace.\n\n> This option is only valid for workspaces that support Grafana version 9 or newer.", - "title": "PluginAdminEnabled", - "type": "boolean" + "SnapshotRetentionLimit": { + "markdownDescription": "The number of days for which ElastiCache retains automatic snapshots before deleting them. For example, if you set `SnapshotRetentionLimit` to 5, a snapshot taken today is retained for 5 days before being deleted.\n\n> This parameter is only valid if the `Engine` parameter is `redis` . \n\nDefault: 0 (i.e., automatic backups are disabled for this cache cluster).", + "title": "SnapshotRetentionLimit", + "type": "number" }, - "RoleArn": { - "markdownDescription": "The IAM role that grants permissions to the AWS resources that the workspace will view data from. This role must already exist.", - "title": "RoleArn", + "SnapshotWindow": { + "markdownDescription": "The daily time range (in UTC) during which ElastiCache begins taking a daily snapshot of your node group (shard).\n\nExample: `05:00-09:00`\n\nIf you do not specify this parameter, ElastiCache automatically chooses an appropriate time range.\n\n> This parameter is only valid if the `Engine` parameter is `redis` .", + "title": "SnapshotWindow", "type": "string" }, - "SamlConfiguration": { - "$ref": "#/definitions/AWS::Grafana::Workspace.SamlConfiguration", - "markdownDescription": "If the workspace uses SAML, use this structure to map SAML assertion attributes to workspace user information and define which groups in the assertion attribute are to have the `Admin` and `Editor` roles in the workspace.", - "title": "SamlConfiguration" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags to be added to this resource.", + "title": "Tags", + "type": "array" }, - "StackSetName": { - "markdownDescription": "The name of the AWS CloudFormation stack set that is used to generate IAM roles to be used for this workspace.", - "title": "StackSetName", - "type": "string" + "TransitEncryptionEnabled": { + "markdownDescription": "A flag that enables in-transit encryption when set to true.", + "title": "TransitEncryptionEnabled", + "type": "boolean" }, - "VpcConfiguration": { - "$ref": "#/definitions/AWS::Grafana::Workspace.VpcConfiguration", - "markdownDescription": "The configuration settings for an Amazon VPC that contains data sources for your Grafana workspace to connect to.\n\n> Connecting to a private VPC is not yet available in the Asia Pacific (Seoul) Region (ap-northeast-2).", - "title": "VpcConfiguration" + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more VPC security groups associated with the cluster.\n\nUse this parameter only when you are creating a cluster in an Amazon Virtual Private Cloud (Amazon VPC).", + "title": "VpcSecurityGroupIds", + "type": "array" } }, "required": [ - "AccountAccessType", - "AuthenticationProviders", - "PermissionType" + "CacheNodeType", + "Engine", + "NumCacheNodes" ], "type": "object" }, "Type": { "enum": [ - "AWS::Grafana::Workspace" + "AWS::ElastiCache::CacheCluster" ], "type": "string" }, @@ -108683,166 +112869,83 @@ ], "type": "object" }, - "AWS::Grafana::Workspace.AssertionAttributes": { - "additionalProperties": false, - "properties": { - "Email": { - "markdownDescription": "The name of the attribute within the SAML assertion to use as the email names for SAML users.", - "title": "Email", - "type": "string" - }, - "Groups": { - "markdownDescription": "The name of the attribute within the SAML assertion to use as the user full \"friendly\" names for user groups.", - "title": "Groups", - "type": "string" - }, - "Login": { - "markdownDescription": "The name of the attribute within the SAML assertion to use as the login names for SAML users.", - "title": "Login", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the attribute within the SAML assertion to use as the user full \"friendly\" names for SAML users.", - "title": "Name", - "type": "string" - }, - "Org": { - "markdownDescription": "The name of the attribute within the SAML assertion to use as the user full \"friendly\" names for the users' organizations.", - "title": "Org", - "type": "string" - }, - "Role": { - "markdownDescription": "The name of the attribute within the SAML assertion to use as the user roles.", - "title": "Role", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Grafana::Workspace.IdpMetadata": { + "AWS::ElastiCache::CacheCluster.CloudWatchLogsDestinationDetails": { "additionalProperties": false, "properties": { - "Url": { - "markdownDescription": "The URL of the location containing the IdP metadata.", - "title": "Url", - "type": "string" - }, - "Xml": { - "markdownDescription": "The full IdP metadata, in XML format.", - "title": "Xml", + "LogGroup": { + "markdownDescription": "The name of the CloudWatch Logs log group.", + "title": "LogGroup", "type": "string" } }, + "required": [ + "LogGroup" + ], "type": "object" }, - "AWS::Grafana::Workspace.NetworkAccessControl": { - "additionalProperties": false, - "properties": { - "PrefixListIds": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of prefix list IDs. A prefix list is a list of CIDR ranges of IP addresses. The IP addresses specified are allowed to access your workspace. If the list is not included in the configuration (passed an empty array) then no IP addresses are allowed to access the workspace. You create a prefix list using the Amazon VPC console.\n\nPrefix list IDs have the format `pl- *1a2b3c4d*` .\n\nFor more information about prefix lists, see [Group CIDR blocks using managed prefix lists](https://docs.aws.amazon.com/vpc/latest/userguide/managed-prefix-lists.html) in the *Amazon Virtual Private Cloud User Guide* .", - "title": "PrefixListIds", - "type": "array" - }, - "VpceIds": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of Amazon VPC endpoint IDs for the workspace. You can create VPC endpoints to your Amazon Managed Grafana workspace for access from within a VPC. If a `NetworkAccessConfiguration` is specified then only VPC endpoints specified here are allowed to access the workspace. If you pass in an empty array of strings, then no VPCs are allowed to access the workspace.\n\nVPC endpoint IDs have the format `vpce- *1a2b3c4d*` .\n\nFor more information about creating an interface VPC endpoint, see [Interface VPC endpoints](https://docs.aws.amazon.com/grafana/latest/userguide/VPC-endpoints) in the *Amazon Managed Grafana User Guide* .\n\n> The only VPC endpoints that can be specified here are interface VPC endpoints for Grafana workspaces (using the `com.amazonaws.[region].grafana-workspace` service endpoint). Other VPC endpoints are ignored.", - "title": "VpceIds", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Grafana::Workspace.RoleValues": { + "AWS::ElastiCache::CacheCluster.DestinationDetails": { "additionalProperties": false, "properties": { - "Admin": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of groups from the SAML assertion attribute to grant the Grafana `Admin` role to.", - "title": "Admin", - "type": "array" + "CloudWatchLogsDetails": { + "$ref": "#/definitions/AWS::ElastiCache::CacheCluster.CloudWatchLogsDestinationDetails", + "markdownDescription": "The configuration details of the CloudWatch Logs destination. Note that this field is marked as required but only if CloudWatch Logs was chosen as the destination.", + "title": "CloudWatchLogsDetails" }, - "Editor": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of groups from the SAML assertion attribute to grant the Grafana `Editor` role to.", - "title": "Editor", - "type": "array" + "KinesisFirehoseDetails": { + "$ref": "#/definitions/AWS::ElastiCache::CacheCluster.KinesisFirehoseDestinationDetails", + "markdownDescription": "The configuration details of the Kinesis Data Firehose destination. Note that this field is marked as required but only if Kinesis Data Firehose was chosen as the destination.", + "title": "KinesisFirehoseDetails" } }, "type": "object" }, - "AWS::Grafana::Workspace.SamlConfiguration": { + "AWS::ElastiCache::CacheCluster.KinesisFirehoseDestinationDetails": { "additionalProperties": false, "properties": { - "AllowedOrganizations": { - "items": { - "type": "string" - }, - "markdownDescription": "Lists which organizations defined in the SAML assertion are allowed to use the Amazon Managed Grafana workspace. If this is empty, all organizations in the assertion attribute have access.", - "title": "AllowedOrganizations", - "type": "array" - }, - "AssertionAttributes": { - "$ref": "#/definitions/AWS::Grafana::Workspace.AssertionAttributes", - "markdownDescription": "A structure that defines which attributes in the SAML assertion are to be used to define information about the users authenticated by that IdP to use the workspace.", - "title": "AssertionAttributes" - }, - "IdpMetadata": { - "$ref": "#/definitions/AWS::Grafana::Workspace.IdpMetadata", - "markdownDescription": "A structure containing the identity provider (IdP) metadata used to integrate the identity provider with this workspace.", - "title": "IdpMetadata" - }, - "LoginValidityDuration": { - "markdownDescription": "How long a sign-on session by a SAML user is valid, before the user has to sign on again.", - "title": "LoginValidityDuration", - "type": "number" - }, - "RoleValues": { - "$ref": "#/definitions/AWS::Grafana::Workspace.RoleValues", - "markdownDescription": "A structure containing arrays that map group names in the SAML assertion to the Grafana `Admin` and `Editor` roles in the workspace.", - "title": "RoleValues" + "DeliveryStream": { + "markdownDescription": "The name of the Kinesis Data Firehose delivery stream.", + "title": "DeliveryStream", + "type": "string" } }, "required": [ - "IdpMetadata" + "DeliveryStream" ], "type": "object" }, - "AWS::Grafana::Workspace.VpcConfiguration": { + "AWS::ElastiCache::CacheCluster.LogDeliveryConfigurationRequest": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of Amazon EC2 security group IDs attached to the Amazon VPC for your Grafana workspace to connect. Duplicates not allowed.\n\n*Array Members* : Minimum number of 1 items. Maximum number of 5 items.\n\n*Length* : Minimum length of 0. Maximum length of 255.", - "title": "SecurityGroupIds", - "type": "array" + "DestinationDetails": { + "$ref": "#/definitions/AWS::ElastiCache::CacheCluster.DestinationDetails", + "markdownDescription": "Configuration details of either a CloudWatch Logs destination or Kinesis Data Firehose destination.", + "title": "DestinationDetails" }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of Amazon EC2 subnet IDs created in the Amazon VPC for your Grafana workspace to connect. Duplicates not allowed.\n\n*Array Members* : Minimum number of 2 items. Maximum number of 6 items.\n\n*Length* : Minimum length of 0. Maximum length of 255.", - "title": "SubnetIds", - "type": "array" + "DestinationType": { + "markdownDescription": "Specify either CloudWatch Logs or Kinesis Data Firehose as the destination type. Valid values are either `cloudwatch-logs` or `kinesis-firehose` .", + "title": "DestinationType", + "type": "string" + }, + "LogFormat": { + "markdownDescription": "Valid values are either `json` or `text` .", + "title": "LogFormat", + "type": "string" + }, + "LogType": { + "markdownDescription": "Valid value is either `slow-log` , which refers to [slow-log](https://docs.aws.amazon.com/https://redis.io/commands/slowlog) or `engine-log` .", + "title": "LogType", + "type": "string" } }, "required": [ - "SecurityGroupIds", - "SubnetIds" + "DestinationDetails", + "DestinationType", + "LogFormat", + "LogType" ], "type": "object" }, - "AWS::Greengrass::ConnectorDefinition": { + "AWS::ElastiCache::GlobalReplicationGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -108877,148 +112980,71 @@ "Properties": { "additionalProperties": false, "properties": { - "InitialVersion": { - "$ref": "#/definitions/AWS::Greengrass::ConnectorDefinition.ConnectorDefinitionVersion", - "markdownDescription": "The connector definition version to include when the connector definition is created. A connector definition version contains a list of [`connector`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-connectordefinition-connector.html) property types.\n\n> To associate a connector definition version after the connector definition is created, create an [`AWS::Greengrass::ConnectorDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-connectordefinitionversion.html) resource and specify the ID of this connector definition.", - "title": "InitialVersion" + "AutomaticFailoverEnabled": { + "markdownDescription": "Specifies whether a read-only replica is automatically promoted to read/write primary if the existing primary fails.\n\n`AutomaticFailoverEnabled` must be enabled for Valkey or Redis OSS (cluster mode enabled) replication groups.", + "title": "AutomaticFailoverEnabled", + "type": "boolean" }, - "Name": { - "markdownDescription": "The name of the connector definition.", - "title": "Name", + "CacheNodeType": { + "markdownDescription": "The cache node type of the Global datastore", + "title": "CacheNodeType", "type": "string" }, - "Tags": { - "markdownDescription": "Application-specific metadata to attach to the connector definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", - "title": "Tags", - "type": "object" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Greengrass::ConnectorDefinition" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::Greengrass::ConnectorDefinition.Connector": { - "additionalProperties": false, - "properties": { - "ConnectorArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the connector.\n\nFor more information about connectors provided by AWS , see [Greengrass Connectors Provided by AWS](https://docs.aws.amazon.com/greengrass/v1/developerguide/connectors-list.html) .", - "title": "ConnectorArn", - "type": "string" - }, - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the connector. This value must be unique within the connector definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", - "type": "string" - }, - "Parameters": { - "markdownDescription": "The parameters or configuration used by the connector.\n\nFor more information about connectors provided by AWS , see [Greengrass Connectors Provided by AWS](https://docs.aws.amazon.com/greengrass/v1/developerguide/connectors-list.html) .", - "title": "Parameters", - "type": "object" - } - }, - "required": [ - "ConnectorArn", - "Id" - ], - "type": "object" - }, - "AWS::Greengrass::ConnectorDefinition.ConnectorDefinitionVersion": { - "additionalProperties": false, - "properties": { - "Connectors": { - "items": { - "$ref": "#/definitions/AWS::Greengrass::ConnectorDefinition.Connector" - }, - "markdownDescription": "The connectors in this version. Only one instance of a given connector can be added to a connector definition version at a time.", - "title": "Connectors", - "type": "array" - } - }, - "required": [ - "Connectors" - ], - "type": "object" - }, - "AWS::Greengrass::ConnectorDefinitionVersion": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + "CacheParameterGroupName": { + "markdownDescription": "The name of the cache parameter group to use with the Global datastore. It must be compatible with the major engine version used by the Global datastore.", + "title": "CacheParameterGroupName", "type": "string" }, - { + "Engine": { + "markdownDescription": "The ElastiCache engine. For Valkey or Redis OSS only.", + "title": "Engine", + "type": "string" + }, + "EngineVersion": { + "markdownDescription": "The Elasticache Valkey or Redis OSS engine version.", + "title": "EngineVersion", + "type": "string" + }, + "GlobalNodeGroupCount": { + "markdownDescription": "The number of node groups that comprise the Global Datastore.", + "title": "GlobalNodeGroupCount", + "type": "number" + }, + "GlobalReplicationGroupDescription": { + "markdownDescription": "The optional description of the Global datastore", + "title": "GlobalReplicationGroupDescription", + "type": "string" + }, + "GlobalReplicationGroupIdSuffix": { + "markdownDescription": "The suffix name of a Global Datastore. The suffix guarantees uniqueness of the Global Datastore name across multiple regions.", + "title": "GlobalReplicationGroupIdSuffix", + "type": "string" + }, + "Members": { "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" + "$ref": "#/definitions/AWS::ElastiCache::GlobalReplicationGroup.GlobalReplicationGroupMember" }, + "markdownDescription": "The replication groups that comprise the Global datastore.", + "title": "Members", "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ConnectorDefinitionId": { - "markdownDescription": "The ID of the connector definition associated with this version. This value is a GUID.", - "title": "ConnectorDefinitionId", - "type": "string" }, - "Connectors": { + "RegionalConfigurations": { "items": { - "$ref": "#/definitions/AWS::Greengrass::ConnectorDefinitionVersion.Connector" + "$ref": "#/definitions/AWS::ElastiCache::GlobalReplicationGroup.RegionalConfiguration" }, - "markdownDescription": "The connectors in this version. Only one instance of a given connector can be added to the connector definition version at a time.", - "title": "Connectors", + "markdownDescription": "The Regions that comprise the Global Datastore.", + "title": "RegionalConfigurations", "type": "array" } }, "required": [ - "ConnectorDefinitionId", - "Connectors" + "Members" ], "type": "object" }, "Type": { "enum": [ - "AWS::Greengrass::ConnectorDefinitionVersion" + "AWS::ElastiCache::GlobalReplicationGroup" ], "type": "string" }, @@ -109037,157 +113063,71 @@ ], "type": "object" }, - "AWS::Greengrass::ConnectorDefinitionVersion.Connector": { + "AWS::ElastiCache::GlobalReplicationGroup.GlobalReplicationGroupMember": { "additionalProperties": false, "properties": { - "ConnectorArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the connector.\n\nFor more information about connectors provided by AWS , see [Greengrass Connectors Provided by AWS](https://docs.aws.amazon.com/greengrass/v1/developerguide/connectors-list.html) .", - "title": "ConnectorArn", + "ReplicationGroupId": { + "markdownDescription": "The replication group id of the Global datastore member.", + "title": "ReplicationGroupId", "type": "string" }, - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the connector. This value must be unique within the connector definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", + "ReplicationGroupRegion": { + "markdownDescription": "The Amazon region of the Global datastore member.", + "title": "ReplicationGroupRegion", "type": "string" }, - "Parameters": { - "markdownDescription": "The parameters or configuration that the connector uses.\n\nFor more information about connectors provided by AWS , see [Greengrass Connectors Provided by AWS](https://docs.aws.amazon.com/greengrass/v1/developerguide/connectors-list.html) .", - "title": "Parameters", - "type": "object" + "Role": { + "markdownDescription": "Indicates the role of the replication group, `PRIMARY` or `SECONDARY` .", + "title": "Role", + "type": "string" } }, - "required": [ - "ConnectorArn", - "Id" - ], "type": "object" }, - "AWS::Greengrass::CoreDefinition": { + "AWS::ElastiCache::GlobalReplicationGroup.RegionalConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "ReplicationGroupId": { + "markdownDescription": "The name of the secondary cluster", + "title": "ReplicationGroupId", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ReplicationGroupRegion": { + "markdownDescription": "The Amazon region where the cluster is stored", + "title": "ReplicationGroupRegion", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "InitialVersion": { - "$ref": "#/definitions/AWS::Greengrass::CoreDefinition.CoreDefinitionVersion", - "markdownDescription": "The core definition version to include when the core definition is created. Currently, a core definition version can contain only one [`core`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-coredefinition-core.html) .\n\n> To associate a core definition version after the core definition is created, create an [`AWS::Greengrass::CoreDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-coredefinitionversion.html) resource and specify the ID of this core definition.", - "title": "InitialVersion" - }, - "Name": { - "markdownDescription": "The name of the core definition.", - "title": "Name", - "type": "string" - }, - "Tags": { - "markdownDescription": "Application-specific metadata to attach to the core definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", - "title": "Tags", - "type": "object" - } + "ReshardingConfigurations": { + "items": { + "$ref": "#/definitions/AWS::ElastiCache::GlobalReplicationGroup.ReshardingConfiguration" }, - "required": [ - "Name" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Greengrass::CoreDefinition" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "markdownDescription": "A list of PreferredAvailabilityZones objects that specifies the configuration of a node group in the resharded cluster.", + "title": "ReshardingConfigurations", + "type": "array" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Greengrass::CoreDefinition.Core": { + "AWS::ElastiCache::GlobalReplicationGroup.ReshardingConfiguration": { "additionalProperties": false, "properties": { - "CertificateArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the device certificate for the core. This X.509 certificate is used to authenticate the core with AWS IoT and AWS IoT Greengrass services.", - "title": "CertificateArn", - "type": "string" - }, - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the core. This value must be unique within the core definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", + "NodeGroupId": { + "markdownDescription": "Either the ElastiCache supplied 4-digit id or a user supplied id for the node group these configuration values apply to.", + "title": "NodeGroupId", "type": "string" }, - "SyncShadow": { - "markdownDescription": "Indicates whether the core's local shadow is synced with the cloud automatically. The default is false.", - "title": "SyncShadow", - "type": "boolean" - }, - "ThingArn": { - "markdownDescription": "The ARN of the core, which is an AWS IoT device (thing).", - "title": "ThingArn", - "type": "string" - } - }, - "required": [ - "CertificateArn", - "Id", - "ThingArn" - ], - "type": "object" - }, - "AWS::Greengrass::CoreDefinition.CoreDefinitionVersion": { - "additionalProperties": false, - "properties": { - "Cores": { + "PreferredAvailabilityZones": { "items": { - "$ref": "#/definitions/AWS::Greengrass::CoreDefinition.Core" + "type": "string" }, - "markdownDescription": "The Greengrass core in this version. Currently, the `Cores` property for a core definition version can contain only one core.", - "title": "Cores", + "markdownDescription": "A list of preferred availability zones for the nodes in this cluster.", + "title": "PreferredAvailabilityZones", "type": "array" } }, - "required": [ - "Cores" - ], "type": "object" }, - "AWS::Greengrass::CoreDefinitionVersion": { + "AWS::ElastiCache::ParameterGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -109222,29 +113162,45 @@ "Properties": { "additionalProperties": false, "properties": { - "CoreDefinitionId": { - "markdownDescription": "The ID of the core definition associated with this version. This value is a GUID.", - "title": "CoreDefinitionId", + "CacheParameterGroupFamily": { + "markdownDescription": "The name of the cache parameter group family that this cache parameter group is compatible with.\n\nValid values are: `valkey8` | `valkey7` | `memcached1.4` | `memcached1.5` | `memcached1.6` | `redis2.6` | `redis2.8` | `redis3.2` | `redis4.0` | `redis5.0` | `redis6.x` | `redis7`", + "title": "CacheParameterGroupFamily", "type": "string" }, - "Cores": { + "Description": { + "markdownDescription": "The description for this cache parameter group.", + "title": "Description", + "type": "string" + }, + "Properties": { + "additionalProperties": true, + "markdownDescription": "A comma-delimited list of parameter name/value pairs.\n\nFor example:\n\n```\n\"Properties\" : { \"cas_disabled\" : \"1\", \"chunk_size_growth_factor\" : \"1.02\"\n}\n```", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Properties", + "type": "object" + }, + "Tags": { "items": { - "$ref": "#/definitions/AWS::Greengrass::CoreDefinitionVersion.Core" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The Greengrass core in this version. Currently, the `Cores` property for a core definition version can contain only one core.", - "title": "Cores", + "markdownDescription": "A tag that can be added to an ElastiCache parameter group. Tags are composed of a Key/Value pair. You can use tags to categorize and track all your parameter groups. A tag with a null Value is permitted.", + "title": "Tags", "type": "array" } }, "required": [ - "CoreDefinitionId", - "Cores" + "CacheParameterGroupFamily", + "Description" ], "type": "object" }, "Type": { "enum": [ - "AWS::Greengrass::CoreDefinitionVersion" + "AWS::ElastiCache::ParameterGroup" ], "type": "string" }, @@ -109263,38 +113219,7 @@ ], "type": "object" }, - "AWS::Greengrass::CoreDefinitionVersion.Core": { - "additionalProperties": false, - "properties": { - "CertificateArn": { - "markdownDescription": "The ARN of the device certificate for the core. This X.509 certificate is used to authenticate the core with AWS IoT and AWS IoT Greengrass services.", - "title": "CertificateArn", - "type": "string" - }, - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the core. This value must be unique within the core definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", - "type": "string" - }, - "SyncShadow": { - "markdownDescription": "Indicates whether the core's local shadow is synced with the cloud automatically. The default is false.", - "title": "SyncShadow", - "type": "boolean" - }, - "ThingArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the core, which is an AWS IoT device (thing).", - "title": "ThingArn", - "type": "string" - } - }, - "required": [ - "CertificateArn", - "Id", - "ThingArn" - ], - "type": "object" - }, - "AWS::Greengrass::DeviceDefinition": { + "AWS::ElastiCache::ReplicationGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -109329,30 +113254,234 @@ "Properties": { "additionalProperties": false, "properties": { - "InitialVersion": { - "$ref": "#/definitions/AWS::Greengrass::DeviceDefinition.DeviceDefinitionVersion", - "markdownDescription": "The device definition version to include when the device definition is created. A device definition version contains a list of [`device`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-devicedefinition-device.html) property types.\n\n> To associate a device definition version after the device definition is created, create an [`AWS::Greengrass::DeviceDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-devicedefinitionversion.html) resource and specify the ID of this device definition.", - "title": "InitialVersion" + "AtRestEncryptionEnabled": { + "markdownDescription": "A flag that enables encryption at rest when set to `true` .\n\n*Required:* Only available when creating a replication group in an Amazon VPC using Redis OSS version `3.2.6` or `4.x` onward.\n\nDefault: `false`", + "title": "AtRestEncryptionEnabled", + "type": "boolean" }, - "Name": { - "markdownDescription": "The name of the device definition.", - "title": "Name", + "AuthToken": { + "markdownDescription": "*Reserved parameter.* The password used to access a password protected server.\n\n`AuthToken` can be specified only on replication groups where `TransitEncryptionEnabled` is `true` . For more information, see [Authenticating Valkey or Redis OSS users with the AUTH Command](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/auth.html) .\n\n> For HIPAA compliance, you must specify `TransitEncryptionEnabled` as `true` , an `AuthToken` , and a `CacheSubnetGroup` . \n\nPassword constraints:\n\n- Must be only printable ASCII characters.\n- Must be at least 16 characters and no more than 128 characters in length.\n- Nonalphanumeric characters are restricted to (!, &, #, $, ^, <, >, -, ).\n\nFor more information, see [AUTH password](https://docs.aws.amazon.com/http://redis.io/commands/AUTH) at http://redis.io/commands/AUTH.\n\n> If ADDING the AuthToken, update requires [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", + "title": "AuthToken", "type": "string" }, - "Tags": { - "markdownDescription": "Application-specific metadata to attach to the device definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", - "title": "Tags", - "type": "object" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "Type": { + "AutoMinorVersionUpgrade": { + "markdownDescription": "If you are running Valkey 7.2 or later, or Redis OSS 6.0 or later, set this parameter to yes if you want to opt-in to the next minor version upgrade campaign. This parameter is disabled for previous versions.", + "title": "AutoMinorVersionUpgrade", + "type": "boolean" + }, + "AutomaticFailoverEnabled": { + "markdownDescription": "Specifies whether a read-only replica is automatically promoted to read/write primary if the existing primary fails.\n\n`AutomaticFailoverEnabled` must be enabled for Valkey or Redis OSS (cluster mode enabled) replication groups.\n\nDefault: false", + "title": "AutomaticFailoverEnabled", + "type": "boolean" + }, + "CacheNodeType": { + "markdownDescription": "The compute and memory capacity of the nodes in the node group (shard).\n\nThe following node types are supported by ElastiCache. Generally speaking, the current generation types provide more memory and computational power at lower cost when compared to their equivalent previous generation counterparts.\n\n- General purpose:\n\n- Current generation:\n\n*M6g node types:* `cache.m6g.large` , `cache.m6g.xlarge` , `cache.m6g.2xlarge` , `cache.m6g.4xlarge` , `cache.m6g.12xlarge` , `cache.m6g.24xlarge`\n\n*M5 node types:* `cache.m5.large` , `cache.m5.xlarge` , `cache.m5.2xlarge` , `cache.m5.4xlarge` , `cache.m5.12xlarge` , `cache.m5.24xlarge`\n\n*M4 node types:* `cache.m4.large` , `cache.m4.xlarge` , `cache.m4.2xlarge` , `cache.m4.4xlarge` , `cache.m4.10xlarge`\n\n*T4g node types:* `cache.t4g.micro` , `cache.t4g.small` , `cache.t4g.medium`\n\n*T3 node types:* `cache.t3.micro` , `cache.t3.small` , `cache.t3.medium`\n\n*T2 node types:* `cache.t2.micro` , `cache.t2.small` , `cache.t2.medium`\n- Previous generation: (not recommended)\n\n*T1 node types:* `cache.t1.micro`\n\n*M1 node types:* `cache.m1.small` , `cache.m1.medium` , `cache.m1.large` , `cache.m1.xlarge`\n\n*M3 node types:* `cache.m3.medium` , `cache.m3.large` , `cache.m3.xlarge` , `cache.m3.2xlarge`\n- Compute optimized:\n\n- Previous generation: (not recommended)\n\n*C1 node types:* `cache.c1.xlarge`\n- Memory optimized:\n\n- Current generation:\n\n*R6gd node types:* `cache.r6gd.xlarge` , `cache.r6gd.2xlarge` , `cache.r6gd.4xlarge` , `cache.r6gd.8xlarge` , `cache.r6gd.12xlarge` , `cache.r6gd.16xlarge`\n\n> The `r6gd` family is available in the following regions: `us-east-2` , `us-east-1` , `us-west-2` , `us-west-1` , `eu-west-1` , `eu-central-1` , `ap-northeast-1` , `ap-southeast-1` , `ap-southeast-2` . \n\n*R6g node types:* `cache.r6g.large` , `cache.r6g.xlarge` , `cache.r6g.2xlarge` , `cache.r6g.4xlarge` , `cache.r6g.12xlarge` , `cache.r6g.24xlarge`\n\n*R5 node types:* `cache.r5.large` , `cache.r5.xlarge` , `cache.r5.2xlarge` , `cache.r5.4xlarge` , `cache.r5.12xlarge` , `cache.r5.24xlarge`\n\n*R4 node types:* `cache.r4.large` , `cache.r4.xlarge` , `cache.r4.2xlarge` , `cache.r4.4xlarge` , `cache.r4.8xlarge` , `cache.r4.16xlarge`\n- Previous generation: (not recommended)\n\n*M2 node types:* `cache.m2.xlarge` , `cache.m2.2xlarge` , `cache.m2.4xlarge`\n\n*R3 node types:* `cache.r3.large` , `cache.r3.xlarge` , `cache.r3.2xlarge` , `cache.r3.4xlarge` , `cache.r3.8xlarge`\n\nFor region availability, see [Supported Node Types by Amazon Region](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/CacheNodes.SupportedTypes.html#CacheNodes.SupportedTypesByRegion)", + "title": "CacheNodeType", + "type": "string" + }, + "CacheParameterGroupName": { + "markdownDescription": "The name of the parameter group to associate with this replication group. If this argument is omitted, the default cache parameter group for the specified engine is used.\n\nIf you are running Valkey or Redis OSS version 3.2.4 or later, only one node group (shard), and want to use a default parameter group, we recommend that you specify the parameter group by name.\n\n- To create a Valkey or Redis OSS (cluster mode disabled) replication group, use `CacheParameterGroupName=default.redis3.2` .\n- To create a Valkey or Redis OSS (cluster mode enabled) replication group, use `CacheParameterGroupName=default.redis3.2.cluster.on` .", + "title": "CacheParameterGroupName", + "type": "string" + }, + "CacheSecurityGroupNames": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of cache security group names to associate with this replication group.", + "title": "CacheSecurityGroupNames", + "type": "array" + }, + "CacheSubnetGroupName": { + "markdownDescription": "The name of the cache subnet group to be used for the replication group.\n\n> If you're going to launch your cluster in an Amazon VPC, you need to create a subnet group before you start creating a cluster. For more information, see [AWS::ElastiCache::SubnetGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticache-subnetgroup.html) .", + "title": "CacheSubnetGroupName", + "type": "string" + }, + "ClusterMode": { + "markdownDescription": "The mode can be enabled or disabled. To change the cluster mode from disabled to enabled, you must first set the cluster mode to compatible. The compatible mode allows your Valkey or Redis OSS clients to connect using both cluster mode enabled and cluster mode disabled. After you migrate all Valkey or Redis OSS clients to use cluster mode enabled, you can then complete cluster mode configuration and set the cluster mode to enabled. For more information, see [Modify cluster mode](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/modify-cluster-mode.html) .", + "title": "ClusterMode", + "type": "string" + }, + "DataTieringEnabled": { + "markdownDescription": "Enables data tiering. Data tiering is only supported for replication groups using the r6gd node type. This parameter must be set to true when using r6gd nodes. For more information, see [Data tiering](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/data-tiering.html) .", + "title": "DataTieringEnabled", + "type": "boolean" + }, + "Engine": { + "markdownDescription": "The name of the cache engine to be used for the clusters in this replication group. The value must be set to `valkey` or `redis` .\n\n> Upgrading an existing engine from redis to valkey is done through in-place migration, and requires a parameter group.", + "title": "Engine", + "type": "string" + }, + "EngineVersion": { + "markdownDescription": "The version number of the cache engine to be used for the clusters in this replication group. To view the supported cache engine versions, use the `DescribeCacheEngineVersions` operation.\n\n*Important:* You can upgrade to a newer engine version (see [Selecting a Cache Engine and Version](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/SelectEngine.html#VersionManagement) ) in the *ElastiCache User Guide* , but you cannot downgrade to an earlier engine version. If you want to use an earlier engine version, you must delete the existing cluster or replication group and create it anew with the earlier engine version.", + "title": "EngineVersion", + "type": "string" + }, + "GlobalReplicationGroupId": { + "markdownDescription": "The name of the Global datastore", + "title": "GlobalReplicationGroupId", + "type": "string" + }, + "IpDiscovery": { + "markdownDescription": "The network type you choose when creating a replication group, either `ipv4` | `ipv6` . IPv6 is supported for workloads using Valkey 7.2 and above, Redis OSS engine version 6.2 to 7.1 or Memcached engine version 1.6.6 and above on all instances built on the [Nitro system](https://docs.aws.amazon.com/ec2/nitro/) .", + "title": "IpDiscovery", + "type": "string" + }, + "KmsKeyId": { + "markdownDescription": "The ID of the KMS key used to encrypt the disk on the cluster.", + "title": "KmsKeyId", + "type": "string" + }, + "LogDeliveryConfigurations": { + "items": { + "$ref": "#/definitions/AWS::ElastiCache::ReplicationGroup.LogDeliveryConfigurationRequest" + }, + "markdownDescription": "Specifies the destination, format and type of the logs.", + "title": "LogDeliveryConfigurations", + "type": "array" + }, + "MultiAZEnabled": { + "markdownDescription": "A flag indicating if you have Multi-AZ enabled to enhance fault tolerance. For more information, see [Minimizing Downtime: Multi-AZ](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/AutoFailover.html) .", + "title": "MultiAZEnabled", + "type": "boolean" + }, + "NetworkType": { + "markdownDescription": "Must be either `ipv4` | `ipv6` | `dual_stack` . IPv6 is supported for workloads using Valkey 7.2 and above, Redis OSS engine version 6.2 to 7.1 and Memcached engine version 1.6.6 and above on all instances built on the [Nitro system](https://docs.aws.amazon.com/ec2/nitro/) .", + "title": "NetworkType", + "type": "string" + }, + "NodeGroupConfiguration": { + "items": { + "$ref": "#/definitions/AWS::ElastiCache::ReplicationGroup.NodeGroupConfiguration" + }, + "markdownDescription": "`NodeGroupConfiguration` is a property of the `AWS::ElastiCache::ReplicationGroup` resource that configures an Amazon ElastiCache (ElastiCache) Valkey or Redis OSS cluster node group.\n\nIf you set [UseOnlineResharding](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-useonlineresharding) to `true` , you can update `NodeGroupConfiguration` without interruption. When `UseOnlineResharding` is set to `false` , or is not specified, updating `NodeGroupConfiguration` results in [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", + "title": "NodeGroupConfiguration", + "type": "array" + }, + "NotificationTopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Simple Notification Service (SNS) topic to which notifications are sent.\n\n> The Amazon SNS topic owner must be the same as the cluster owner.", + "title": "NotificationTopicArn", + "type": "string" + }, + "NumCacheClusters": { + "markdownDescription": "The number of clusters this replication group initially has.\n\nThis parameter is not used if there is more than one node group (shard). You should use `ReplicasPerNodeGroup` instead.\n\nIf `AutomaticFailoverEnabled` is `true` , the value of this parameter must be at least 2. If `AutomaticFailoverEnabled` is `false` you can omit this parameter (it will default to 1), or you can explicitly set it to a value between 2 and 6.\n\nThe maximum permitted value for `NumCacheClusters` is 6 (1 primary plus 5 replicas).", + "title": "NumCacheClusters", + "type": "number" + }, + "NumNodeGroups": { + "markdownDescription": "An optional parameter that specifies the number of node groups (shards) for this Valkey or Redis OSS (cluster mode enabled) replication group. For Valkey or Redis OSS (cluster mode disabled) either omit this parameter or set it to 1.\n\nIf you set [UseOnlineResharding](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-useonlineresharding) to `true` , you can update `NumNodeGroups` without interruption. When `UseOnlineResharding` is set to `false` , or is not specified, updating `NumNodeGroups` results in [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .\n\nDefault: 1", + "title": "NumNodeGroups", + "type": "number" + }, + "Port": { + "markdownDescription": "The port number on which each member of the replication group accepts connections.", + "title": "Port", + "type": "number" + }, + "PreferredCacheClusterAZs": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of EC2 Availability Zones in which the replication group's clusters are created. The order of the Availability Zones in the list is the order in which clusters are allocated. The primary cluster is created in the first AZ in the list.\n\nThis parameter is not used if there is more than one node group (shard). You should use `NodeGroupConfiguration` instead.\n\n> If you are creating your replication group in an Amazon VPC (recommended), you can only locate clusters in Availability Zones associated with the subnets in the selected subnet group.\n> \n> The number of Availability Zones listed must equal the value of `NumCacheClusters` . \n\nDefault: system chosen Availability Zones.", + "title": "PreferredCacheClusterAZs", + "type": "array" + }, + "PreferredMaintenanceWindow": { + "markdownDescription": "Specifies the weekly time range during which maintenance on the cluster is performed. It is specified as a range in the format ddd:hh24:mi-ddd:hh24:mi (24H Clock UTC). The minimum maintenance window is a 60 minute period.\n\nValid values for `ddd` are:\n\n- `sun`\n- `mon`\n- `tue`\n- `wed`\n- `thu`\n- `fri`\n- `sat`\n\nExample: `sun:23:00-mon:01:30`", + "title": "PreferredMaintenanceWindow", + "type": "string" + }, + "PrimaryClusterId": { + "markdownDescription": "The identifier of the cluster that serves as the primary for this replication group. This cluster must already exist and have a status of `available` .\n\nThis parameter is not required if `NumCacheClusters` , `NumNodeGroups` , or `ReplicasPerNodeGroup` is specified.", + "title": "PrimaryClusterId", + "type": "string" + }, + "ReplicasPerNodeGroup": { + "markdownDescription": "An optional parameter that specifies the number of replica nodes in each node group (shard). Valid values are 0 to 5.", + "title": "ReplicasPerNodeGroup", + "type": "number" + }, + "ReplicationGroupDescription": { + "markdownDescription": "A user-created description for the replication group.", + "title": "ReplicationGroupDescription", + "type": "string" + }, + "ReplicationGroupId": { + "markdownDescription": "The replication group identifier. This parameter is stored as a lowercase string.\n\nConstraints:\n\n- A name must contain from 1 to 40 alphanumeric characters or hyphens.\n- The first character must be a letter.\n- A name cannot end with a hyphen or contain two consecutive hyphens.", + "title": "ReplicationGroupId", + "type": "string" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more Amazon VPC security groups associated with this replication group.\n\nUse this parameter only when you are creating a replication group in an Amazon Virtual Private Cloud (Amazon VPC).", + "title": "SecurityGroupIds", + "type": "array" + }, + "SnapshotArns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of Amazon Resource Names (ARN) that uniquely identify the Valkey or Redis OSS RDB snapshot files stored in Amazon S3. The snapshot files are used to populate the new replication group. The Amazon S3 object name in the ARN cannot contain any commas. The new replication group will have the number of node groups (console: shards) specified by the parameter *NumNodeGroups* or the number of node groups configured by *NodeGroupConfiguration* regardless of the number of ARNs specified here.\n\nExample of an Amazon S3 ARN: `arn:aws:s3:::my_bucket/snapshot1.rdb`", + "title": "SnapshotArns", + "type": "array" + }, + "SnapshotName": { + "markdownDescription": "The name of a snapshot from which to restore data into the new replication group. The snapshot status changes to `restoring` while the new replication group is being created.", + "title": "SnapshotName", + "type": "string" + }, + "SnapshotRetentionLimit": { + "markdownDescription": "The number of days for which ElastiCache retains automatic snapshots before deleting them. For example, if you set `SnapshotRetentionLimit` to 5, a snapshot that was taken today is retained for 5 days before being deleted.\n\nDefault: 0 (i.e., automatic backups are disabled for this cluster).", + "title": "SnapshotRetentionLimit", + "type": "number" + }, + "SnapshotWindow": { + "markdownDescription": "The daily time range (in UTC) during which ElastiCache begins taking a daily snapshot of your node group (shard).\n\nExample: `05:00-09:00`\n\nIf you do not specify this parameter, ElastiCache automatically chooses an appropriate time range.", + "title": "SnapshotWindow", + "type": "string" + }, + "SnapshottingClusterId": { + "markdownDescription": "The cluster ID that is used as the daily snapshot source for the replication group. This parameter cannot be set for Valkey or Redis OSS (cluster mode enabled) replication groups.", + "title": "SnapshottingClusterId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags to be added to this resource. Tags are comma-separated key,value pairs (e.g. Key= `myKey` , Value= `myKeyValue` . You can include multiple tags as shown following: Key= `myKey` , Value= `myKeyValue` Key= `mySecondKey` , Value= `mySecondKeyValue` . Tags on replication groups will be replicated to all nodes.", + "title": "Tags", + "type": "array" + }, + "TransitEncryptionEnabled": { + "markdownDescription": "A flag that enables in-transit encryption when set to `true` .\n\nThis parameter is only available when creating a replication group in an Amazon VPC using Valkey version `7.2` and above, Redis OSS version `3.2.6` , or Redis OSS version `4.x` and above, and the cluster is being created in an Amazon VPC.\n\nIf you enable in-transit encryption, you must also specify a value for `CacheSubnetGroup` .\n\n> TransitEncryptionEnabled is required when creating a new valkey replication group. \n\nDefault: `false`\n\n> For HIPAA compliance, you must specify `TransitEncryptionEnabled` as `true` , an `AuthToken` , and a `CacheSubnetGroup` .", + "title": "TransitEncryptionEnabled", + "type": "boolean" + }, + "TransitEncryptionMode": { + "markdownDescription": "A setting that allows you to migrate your clients to use in-transit encryption, with no downtime.\n\nWhen setting `TransitEncryptionEnabled` to `true` , you can set your `TransitEncryptionMode` to `preferred` in the same request, to allow both encrypted and unencrypted connections at the same time. Once you migrate all your Valkey or Redis OSS clients to use encrypted connections you can modify the value to `required` to allow encrypted connections only.\n\nSetting `TransitEncryptionMode` to `required` is a two-step process that requires you to first set the `TransitEncryptionMode` to `preferred` , after that you can set `TransitEncryptionMode` to `required` .\n\nThis process will not trigger the replacement of the replication group.", + "title": "TransitEncryptionMode", + "type": "string" + }, + "UserGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The ID of user group to associate with the replication group.", + "title": "UserGroupIds", + "type": "array" + } + }, + "required": [ + "ReplicationGroupDescription" + ], + "type": "object" + }, + "Type": { "enum": [ - "AWS::Greengrass::DeviceDefinition" + "AWS::ElastiCache::ReplicationGroup" ], "type": "string" }, @@ -109371,55 +113500,117 @@ ], "type": "object" }, - "AWS::Greengrass::DeviceDefinition.Device": { + "AWS::ElastiCache::ReplicationGroup.CloudWatchLogsDestinationDetails": { "additionalProperties": false, "properties": { - "CertificateArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the device certificate for the device. This X.509 certificate is used to authenticate the device with AWS IoT and AWS IoT Greengrass services.", - "title": "CertificateArn", + "LogGroup": { + "markdownDescription": "The name of the CloudWatch Logs log group.", + "title": "LogGroup", "type": "string" + } + }, + "required": [ + "LogGroup" + ], + "type": "object" + }, + "AWS::ElastiCache::ReplicationGroup.DestinationDetails": { + "additionalProperties": false, + "properties": { + "CloudWatchLogsDetails": { + "$ref": "#/definitions/AWS::ElastiCache::ReplicationGroup.CloudWatchLogsDestinationDetails", + "markdownDescription": "The configuration details of the CloudWatch Logs destination. Note that this field is marked as required but only if CloudWatch Logs was chosen as the destination.", + "title": "CloudWatchLogsDetails" }, - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the device. This value must be unique within the device definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", + "KinesisFirehoseDetails": { + "$ref": "#/definitions/AWS::ElastiCache::ReplicationGroup.KinesisFirehoseDestinationDetails", + "markdownDescription": "The configuration details of the Kinesis Data Firehose destination. Note that this field is marked as required but only if Kinesis Data Firehose was chosen as the destination.", + "title": "KinesisFirehoseDetails" + } + }, + "type": "object" + }, + "AWS::ElastiCache::ReplicationGroup.KinesisFirehoseDestinationDetails": { + "additionalProperties": false, + "properties": { + "DeliveryStream": { + "markdownDescription": "The name of the Kinesis Data Firehose delivery stream.", + "title": "DeliveryStream", "type": "string" + } + }, + "required": [ + "DeliveryStream" + ], + "type": "object" + }, + "AWS::ElastiCache::ReplicationGroup.LogDeliveryConfigurationRequest": { + "additionalProperties": false, + "properties": { + "DestinationDetails": { + "$ref": "#/definitions/AWS::ElastiCache::ReplicationGroup.DestinationDetails", + "markdownDescription": "Configuration details of either a CloudWatch Logs destination or Kinesis Data Firehose destination.", + "title": "DestinationDetails" }, - "SyncShadow": { - "markdownDescription": "Indicates whether the device's local shadow is synced with the cloud automatically.", - "title": "SyncShadow", - "type": "boolean" + "DestinationType": { + "markdownDescription": "Specify either CloudWatch Logs or Kinesis Data Firehose as the destination type. Valid values are either `cloudwatch-logs` or `kinesis-firehose` .", + "title": "DestinationType", + "type": "string" }, - "ThingArn": { - "markdownDescription": "The ARN of the device, which is an AWS IoT device (thing).", - "title": "ThingArn", + "LogFormat": { + "markdownDescription": "Valid values are either `json` or `text` .", + "title": "LogFormat", + "type": "string" + }, + "LogType": { + "markdownDescription": "Valid value is either `slow-log` , which refers to [slow-log](https://docs.aws.amazon.com/https://redis.io/commands/slowlog) or `engine-log` .", + "title": "LogType", "type": "string" } }, "required": [ - "CertificateArn", - "Id", - "ThingArn" + "DestinationDetails", + "DestinationType", + "LogFormat", + "LogType" ], "type": "object" }, - "AWS::Greengrass::DeviceDefinition.DeviceDefinitionVersion": { + "AWS::ElastiCache::ReplicationGroup.NodeGroupConfiguration": { "additionalProperties": false, "properties": { - "Devices": { + "NodeGroupId": { + "markdownDescription": "Either the ElastiCache supplied 4-digit id or a user supplied id for the node group these configuration values apply to.", + "title": "NodeGroupId", + "type": "string" + }, + "PrimaryAvailabilityZone": { + "markdownDescription": "The Availability Zone where the primary node of this node group (shard) is launched.", + "title": "PrimaryAvailabilityZone", + "type": "string" + }, + "ReplicaAvailabilityZones": { "items": { - "$ref": "#/definitions/AWS::Greengrass::DeviceDefinition.Device" + "type": "string" }, - "markdownDescription": "The devices in this version.", - "title": "Devices", + "markdownDescription": "A list of Availability Zones to be used for the read replicas. The number of Availability Zones in this list must match the value of `ReplicaCount` or `ReplicasPerNodeGroup` if not specified.", + "title": "ReplicaAvailabilityZones", "type": "array" + }, + "ReplicaCount": { + "markdownDescription": "The number of read replica nodes in this node group (shard).", + "title": "ReplicaCount", + "type": "number" + }, + "Slots": { + "markdownDescription": "A string of comma-separated values where the first set of values are the slot numbers (zero based), and the second set of values are the keyspaces for each slot. The following example specifies three slots (numbered 0, 1, and 2): `0,1,2,0-4999,5000-9999,10000-16,383` .\n\nIf you don't specify a value, ElastiCache allocates keys equally among each slot.\n\nWhen you use an `UseOnlineResharding` update policy to update the number of node groups without interruption, ElastiCache evenly distributes the keyspaces between the specified number of slots. This cannot be updated later. Therefore, after updating the number of node groups in this way, you should remove the value specified for the `Slots` property of each `NodeGroupConfiguration` from the stack template, as it no longer reflects the actual values in each node group. For more information, see [UseOnlineResharding Policy](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-useonlineresharding) .", + "title": "Slots", + "type": "string" } }, - "required": [ - "Devices" - ], "type": "object" }, - "AWS::Greengrass::DeviceDefinitionVersion": { + "AWS::ElastiCache::SecurityGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -109454,29 +113645,28 @@ "Properties": { "additionalProperties": false, "properties": { - "DeviceDefinitionId": { - "markdownDescription": "The ID of the device definition associated with this version. This value is a GUID.", - "title": "DeviceDefinitionId", + "Description": { + "markdownDescription": "A description for the cache security group.", + "title": "Description", "type": "string" }, - "Devices": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::Greengrass::DeviceDefinitionVersion.Device" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The devices in this version.", - "title": "Devices", + "markdownDescription": "A tag that can be added to an ElastiCache security group. Tags are composed of a Key/Value pair. You can use tags to categorize and track all your security groups. A tag with a null Value is permitted.", + "title": "Tags", "type": "array" } }, "required": [ - "DeviceDefinitionId", - "Devices" + "Description" ], "type": "object" }, "Type": { "enum": [ - "AWS::Greengrass::DeviceDefinitionVersion" + "AWS::ElastiCache::SecurityGroup" ], "type": "string" }, @@ -109495,38 +113685,7 @@ ], "type": "object" }, - "AWS::Greengrass::DeviceDefinitionVersion.Device": { - "additionalProperties": false, - "properties": { - "CertificateArn": { - "markdownDescription": "The ARN of the device certificate for the device. This X.509 certificate is used to authenticate the device with AWS IoT and AWS IoT Greengrass services.", - "title": "CertificateArn", - "type": "string" - }, - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the device. This value must be unique within the device definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", - "type": "string" - }, - "SyncShadow": { - "markdownDescription": "Indicates whether the device's local shadow is synced with the cloud automatically.", - "title": "SyncShadow", - "type": "boolean" - }, - "ThingArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the device, which is an AWS IoT device (thing).", - "title": "ThingArn", - "type": "string" - } - }, - "required": [ - "CertificateArn", - "Id", - "ThingArn" - ], - "type": "object" - }, - "AWS::Greengrass::FunctionDefinition": { + "AWS::ElastiCache::SecurityGroupIngress": { "additionalProperties": false, "properties": { "Condition": { @@ -109561,30 +113720,31 @@ "Properties": { "additionalProperties": false, "properties": { - "InitialVersion": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.FunctionDefinitionVersion", - "markdownDescription": "The function definition version to include when the function definition is created. A function definition version contains a list of [`function`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinition-function.html) property types.\n\n> To associate a function definition version after the function definition is created, create an [`AWS::Greengrass::FunctionDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-functiondefinitionversion.html) resource and specify the ID of this function definition.", - "title": "InitialVersion" + "CacheSecurityGroupName": { + "markdownDescription": "The name of the Cache Security Group to authorize.", + "title": "CacheSecurityGroupName", + "type": "string" }, - "Name": { - "markdownDescription": "The name of the function definition.", - "title": "Name", + "EC2SecurityGroupName": { + "markdownDescription": "Name of the EC2 Security Group to include in the authorization.", + "title": "EC2SecurityGroupName", "type": "string" }, - "Tags": { - "markdownDescription": "Application-specific metadata to attach to the function definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", - "title": "Tags", - "type": "object" + "EC2SecurityGroupOwnerId": { + "markdownDescription": "Specifies the Amazon Account ID of the owner of the EC2 security group specified in the EC2SecurityGroupName property. The Amazon access key ID is not an acceptable value.", + "title": "EC2SecurityGroupOwnerId", + "type": "string" } }, "required": [ - "Name" + "CacheSecurityGroupName", + "EC2SecurityGroupName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Greengrass::FunctionDefinition" + "AWS::ElastiCache::SecurityGroupIngress" ], "type": "string" }, @@ -109603,190 +113763,7 @@ ], "type": "object" }, - "AWS::Greengrass::FunctionDefinition.DefaultConfig": { - "additionalProperties": false, - "properties": { - "Execution": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.Execution", - "markdownDescription": "Configuration settings for the Lambda execution environment on the AWS IoT Greengrass core.", - "title": "Execution" - } - }, - "required": [ - "Execution" - ], - "type": "object" - }, - "AWS::Greengrass::FunctionDefinition.Environment": { - "additionalProperties": false, - "properties": { - "AccessSysfs": { - "markdownDescription": "Indicates whether the function is allowed to access the `/sys` directory on the core device, which allows the read device information from `/sys` .\n\n> This property applies only to Lambda functions that run in a Greengrass container.", - "title": "AccessSysfs", - "type": "boolean" - }, - "Execution": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.Execution", - "markdownDescription": "Settings for the Lambda execution environment in AWS IoT Greengrass .", - "title": "Execution" - }, - "ResourceAccessPolicies": { - "items": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.ResourceAccessPolicy" - }, - "markdownDescription": "A list of the [resources](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-resourcedefinitionversion-resourceinstance.html) in the group that the function can access, with the corresponding read-only or read-write permissions. The maximum is 10 resources.\n\n> This property applies only for Lambda functions that run in a Greengrass container.", - "title": "ResourceAccessPolicies", - "type": "array" - }, - "Variables": { - "markdownDescription": "Environment variables for the Lambda function.", - "title": "Variables", - "type": "object" - } - }, - "type": "object" - }, - "AWS::Greengrass::FunctionDefinition.Execution": { - "additionalProperties": false, - "properties": { - "IsolationMode": { - "markdownDescription": "The containerization that the Lambda function runs in. Valid values are `GreengrassContainer` or `NoContainer` . Typically, this is `GreengrassContainer` . For more information, see [Containerization](https://docs.aws.amazon.com/greengrass/v1/developerguide/lambda-group-config.html#lambda-function-containerization) in the *Developer Guide* .\n\n- When set on the [`DefaultConfig`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-defaultconfig.html) property of a function definition version, this setting is used as the default containerization for all Lambda functions in the function definition version.\n- When set on the [`Environment`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-environment.html) property of a function, this setting applies to the individual function and overrides the default. Omit this value to run the function with the default containerization.\n\n> We recommend that you run in a Greengrass container unless your business case requires that you run without containerization.", - "title": "IsolationMode", - "type": "string" - }, - "RunAs": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.RunAs", - "markdownDescription": "The user and group permissions used to run the Lambda function. Typically, this is the ggc_user and ggc_group. For more information, see [Run as](https://docs.aws.amazon.com/greengrass/v1/developerguide/lambda-group-config.html#lambda-access-identity.html) in the *Developer Guide* .\n\n- When set on the [`DefaultConfig`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-defaultconfig.html) property of a function definition version, this setting is used as the default access identity for all Lambda functions in the function definition version.\n- When set on the [`Environment`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-environment.html) property of a function, this setting applies to the individual function and overrides the default. You can override the user, group, or both. Omit this value to run the function with the default permissions.\n\n> Running as the root user increases risks to your data and device. Do not run as root (UID/GID=0) unless your business case requires it. For more information and requirements, see [Running a Lambda Function as Root](https://docs.aws.amazon.com/greengrass/v1/developerguide/lambda-group-config.html#lambda-running-as-root) .", - "title": "RunAs" - } - }, - "type": "object" - }, - "AWS::Greengrass::FunctionDefinition.Function": { - "additionalProperties": false, - "properties": { - "FunctionArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the alias (recommended) or version of the referenced Lambda function.", - "title": "FunctionArn", - "type": "string" - }, - "FunctionConfiguration": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.FunctionConfiguration", - "markdownDescription": "The group-specific settings of the Lambda function. These settings configure the function's behavior in the Greengrass group.", - "title": "FunctionConfiguration" - }, - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the function. This value must be unique within the function definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", - "type": "string" - } - }, - "required": [ - "FunctionArn", - "FunctionConfiguration", - "Id" - ], - "type": "object" - }, - "AWS::Greengrass::FunctionDefinition.FunctionConfiguration": { - "additionalProperties": false, - "properties": { - "EncodingType": { - "markdownDescription": "The expected encoding type of the input payload for the function. Valid values are `json` (default) and `binary` .", - "title": "EncodingType", - "type": "string" - }, - "Environment": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.Environment", - "markdownDescription": "The environment configuration of the function.", - "title": "Environment" - }, - "ExecArgs": { - "markdownDescription": "The execution arguments.", - "title": "ExecArgs", - "type": "string" - }, - "Executable": { - "markdownDescription": "The name of the function executable.", - "title": "Executable", - "type": "string" - }, - "MemorySize": { - "markdownDescription": "The memory size (in KB) required by the function.\n\n> This property applies only to Lambda functions that run in a Greengrass container.", - "title": "MemorySize", - "type": "number" - }, - "Pinned": { - "markdownDescription": "Indicates whether the function is pinned (or *long-lived* ). Pinned functions start when the core starts and process all requests in the same container. The default value is false.", - "title": "Pinned", - "type": "boolean" - }, - "Timeout": { - "markdownDescription": "The allowed execution time (in seconds) after which the function should terminate. For pinned functions, this timeout applies for each request.", - "title": "Timeout", - "type": "number" - } - }, - "type": "object" - }, - "AWS::Greengrass::FunctionDefinition.FunctionDefinitionVersion": { - "additionalProperties": false, - "properties": { - "DefaultConfig": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.DefaultConfig", - "markdownDescription": "The default configuration that applies to all Lambda functions in the group. Individual Lambda functions can override these settings.", - "title": "DefaultConfig" - }, - "Functions": { - "items": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.Function" - }, - "markdownDescription": "The functions in this version.", - "title": "Functions", - "type": "array" - } - }, - "required": [ - "Functions" - ], - "type": "object" - }, - "AWS::Greengrass::FunctionDefinition.ResourceAccessPolicy": { - "additionalProperties": false, - "properties": { - "Permission": { - "markdownDescription": "The read-only or read-write access that the Lambda function has to the resource. Valid values are `ro` or `rw` .", - "title": "Permission", - "type": "string" - }, - "ResourceId": { - "markdownDescription": "The ID of the resource. This ID is assigned to the resource when you create the resource definition.", - "title": "ResourceId", - "type": "string" - } - }, - "required": [ - "ResourceId" - ], - "type": "object" - }, - "AWS::Greengrass::FunctionDefinition.RunAs": { - "additionalProperties": false, - "properties": { - "Gid": { - "markdownDescription": "The group ID whose permissions are used to run the Lambda function. You can use the `getent group` command on your core device to look up the group ID.", - "title": "Gid", - "type": "number" - }, - "Uid": { - "markdownDescription": "The user ID whose permissions are used to run the Lambda function. You can use the `getent passwd` command on your core device to look up the user ID.", - "title": "Uid", - "type": "number" - } - }, - "type": "object" - }, - "AWS::Greengrass::FunctionDefinitionVersion": { + "AWS::ElastiCache::ServerlessCache": { "additionalProperties": false, "properties": { "Condition": { @@ -109821,34 +113798,108 @@ "Properties": { "additionalProperties": false, "properties": { - "DefaultConfig": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.DefaultConfig", - "markdownDescription": "The default configuration that applies to all Lambda functions in the group. Individual Lambda functions can override these settings.", - "title": "DefaultConfig" + "CacheUsageLimits": { + "$ref": "#/definitions/AWS::ElastiCache::ServerlessCache.CacheUsageLimits", + "markdownDescription": "The cache usage limit for the serverless cache.", + "title": "CacheUsageLimits" }, - "FunctionDefinitionId": { - "markdownDescription": "The ID of the function definition associated with this version. This value is a GUID.", - "title": "FunctionDefinitionId", + "DailySnapshotTime": { + "markdownDescription": "The daily time that a cache snapshot will be created. Default is NULL, i.e. snapshots will not be created at a specific time on a daily basis. Available for Valkey, Redis OSS and Serverless Memcached only.", + "title": "DailySnapshotTime", "type": "string" }, - "Functions": { + "Description": { + "markdownDescription": "A description of the serverless cache.", + "title": "Description", + "type": "string" + }, + "Endpoint": { + "$ref": "#/definitions/AWS::ElastiCache::ServerlessCache.Endpoint", + "markdownDescription": "Represents the information required for client programs to connect to a cache node. This value is read-only.", + "title": "Endpoint" + }, + "Engine": { + "markdownDescription": "The engine the serverless cache is compatible with.", + "title": "Engine", + "type": "string" + }, + "FinalSnapshotName": { + "markdownDescription": "The name of the final snapshot taken of a cache before the cache is deleted.", + "title": "FinalSnapshotName", + "type": "string" + }, + "KmsKeyId": { + "markdownDescription": "The ID of the AWS Key Management Service (KMS) key that is used to encrypt data at rest in the serverless cache.", + "title": "KmsKeyId", + "type": "string" + }, + "MajorEngineVersion": { + "markdownDescription": "The version number of the engine the serverless cache is compatible with.", + "title": "MajorEngineVersion", + "type": "string" + }, + "ReaderEndpoint": { + "$ref": "#/definitions/AWS::ElastiCache::ServerlessCache.Endpoint", + "markdownDescription": "Represents the information required for client programs to connect to a cache node. This value is read-only.", + "title": "ReaderEndpoint" + }, + "SecurityGroupIds": { "items": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.Function" + "type": "string" }, - "markdownDescription": "The functions in this version.", - "title": "Functions", + "markdownDescription": "The IDs of the EC2 security groups associated with the serverless cache.", + "title": "SecurityGroupIds", + "type": "array" + }, + "ServerlessCacheName": { + "markdownDescription": "The unique identifier of the serverless cache.", + "title": "ServerlessCacheName", + "type": "string" + }, + "SnapshotArnsToRestore": { + "items": { + "type": "string" + }, + "markdownDescription": "The ARN of the snapshot from which to restore data into the new cache.", + "title": "SnapshotArnsToRestore", + "type": "array" + }, + "SnapshotRetentionLimit": { + "markdownDescription": "The current setting for the number of serverless cache snapshots the system will retain. Available for Valkey, Redis OSS and Serverless Memcached only.", + "title": "SnapshotRetentionLimit", + "type": "number" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "If no subnet IDs are given and your VPC is in us-west-1, then ElastiCache will select 2 default subnets across AZs in your VPC. For all other Regions, if no subnet IDs are given then ElastiCache will select 3 default subnets across AZs in your default VPC.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags to be added to this resource.", + "title": "Tags", "type": "array" + }, + "UserGroupId": { + "markdownDescription": "The identifier of the user group associated with the serverless cache. Available for Valkey and Redis OSS only. Default is NULL.", + "title": "UserGroupId", + "type": "string" } }, "required": [ - "FunctionDefinitionId", - "Functions" + "Engine", + "ServerlessCacheName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Greengrass::FunctionDefinitionVersion" + "AWS::ElastiCache::ServerlessCache" ], "type": "string" }, @@ -109867,168 +113918,79 @@ ], "type": "object" }, - "AWS::Greengrass::FunctionDefinitionVersion.DefaultConfig": { - "additionalProperties": false, - "properties": { - "Execution": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.Execution", - "markdownDescription": "Configuration settings for the Lambda execution environment on the AWS IoT Greengrass core.", - "title": "Execution" - } - }, - "required": [ - "Execution" - ], - "type": "object" - }, - "AWS::Greengrass::FunctionDefinitionVersion.Environment": { - "additionalProperties": false, - "properties": { - "AccessSysfs": { - "markdownDescription": "Indicates whether the function is allowed to access the `/sys` directory on the core device, which allows the read device information from `/sys` .\n\n> This property applies only to Lambda functions that run in a Greengrass container.", - "title": "AccessSysfs", - "type": "boolean" - }, - "Execution": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.Execution", - "markdownDescription": "Settings for the Lambda execution environment in AWS IoT Greengrass .", - "title": "Execution" - }, - "ResourceAccessPolicies": { - "items": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.ResourceAccessPolicy" - }, - "markdownDescription": "A list of the [resources](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-resourcedefinitionversion-resourceinstance.html) in the group that the function can access, with the corresponding read-only or read-write permissions. The maximum is 10 resources.\n\n> This property applies only to Lambda functions that run in a Greengrass container.", - "title": "ResourceAccessPolicies", - "type": "array" - }, - "Variables": { - "markdownDescription": "Environment variables for the Lambda function.", - "title": "Variables", - "type": "object" - } - }, - "type": "object" - }, - "AWS::Greengrass::FunctionDefinitionVersion.Execution": { + "AWS::ElastiCache::ServerlessCache.CacheUsageLimits": { "additionalProperties": false, "properties": { - "IsolationMode": { - "markdownDescription": "The containerization that the Lambda function runs in. Valid values are `GreengrassContainer` or `NoContainer` . Typically, this is `GreengrassContainer` . For more information, see [Containerization](https://docs.aws.amazon.com/greengrass/v1/developerguide/lambda-group-config.html#lambda-function-containerization) in the *Developer Guide* .\n\n- When set on the [`DefaultConfig`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-defaultconfig.html) property of a function definition version, this setting is used as the default containerization for all Lambda functions in the function definition version.\n- When set on the [`Environment`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-environment.html) property of a function, this setting applies to the individual function and overrides the default. Omit this value to run the function with the default containerization.\n\n> We recommend that you run in a Greengrass container unless your business case requires that you run without containerization.", - "title": "IsolationMode", - "type": "string" + "DataStorage": { + "$ref": "#/definitions/AWS::ElastiCache::ServerlessCache.DataStorage", + "markdownDescription": "The maximum data storage limit in the cache, expressed in Gigabytes.", + "title": "DataStorage" }, - "RunAs": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.RunAs", - "markdownDescription": "The user and group permissions used to run the Lambda function. Typically, this is the ggc_user and ggc_group. For more information, see [Run as](https://docs.aws.amazon.com/greengrass/v1/developerguide/lambda-group-config.html#lambda-access-identity.html) in the *Developer Guide* .\n\n- When set on the [`DefaultConfig`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-defaultconfig.html) property of a function definition version, this setting is used as the default access identity for all Lambda functions in the function definition version.\n- When set on the [`Environment`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-environment.html) property of a function, this setting applies to the individual function and overrides the default. You can override the user, group, or both. Omit this value to run the function with the default permissions.\n\n> Running as the root user increases risks to your data and device. Do not run as root (UID/GID=0) unless your business case requires it. For more information and requirements, see [Running a Lambda Function as Root](https://docs.aws.amazon.com/greengrass/v1/developerguide/lambda-group-config.html#lambda-running-as-root) .", - "title": "RunAs" + "ECPUPerSecond": { + "$ref": "#/definitions/AWS::ElastiCache::ServerlessCache.ECPUPerSecond", + "markdownDescription": "The number of ElastiCache Processing Units (ECPU) the cache can consume per second.", + "title": "ECPUPerSecond" } }, "type": "object" }, - "AWS::Greengrass::FunctionDefinitionVersion.Function": { + "AWS::ElastiCache::ServerlessCache.DataStorage": { "additionalProperties": false, "properties": { - "FunctionArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the alias (recommended) or version of the referenced Lambda function.", - "title": "FunctionArn", - "type": "string" + "Maximum": { + "markdownDescription": "The upper limit for data storage the cache is set to use.", + "title": "Maximum", + "type": "number" }, - "FunctionConfiguration": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.FunctionConfiguration", - "markdownDescription": "The group-specific settings of the Lambda function. These settings configure the function's behavior in the Greengrass group.", - "title": "FunctionConfiguration" + "Minimum": { + "markdownDescription": "The lower limit for data storage the cache is set to use.", + "title": "Minimum", + "type": "number" }, - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the function. This value must be unique within the function definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", + "Unit": { + "markdownDescription": "The unit that the storage is measured in, in GB.", + "title": "Unit", "type": "string" } }, "required": [ - "FunctionArn", - "FunctionConfiguration", - "Id" + "Unit" ], "type": "object" }, - "AWS::Greengrass::FunctionDefinitionVersion.FunctionConfiguration": { + "AWS::ElastiCache::ServerlessCache.ECPUPerSecond": { "additionalProperties": false, "properties": { - "EncodingType": { - "markdownDescription": "The expected encoding type of the input payload for the function. Valid values are `json` (default) and `binary` .", - "title": "EncodingType", - "type": "string" - }, - "Environment": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.Environment", - "markdownDescription": "The environment configuration of the function.", - "title": "Environment" - }, - "ExecArgs": { - "markdownDescription": "The execution arguments.", - "title": "ExecArgs", - "type": "string" - }, - "Executable": { - "markdownDescription": "The name of the function executable.", - "title": "Executable", - "type": "string" - }, - "MemorySize": { - "markdownDescription": "The memory size (in KB) required by the function.\n\n> This property applies only to Lambda functions that run in a Greengrass container.", - "title": "MemorySize", + "Maximum": { + "markdownDescription": "The configuration for the maximum number of ECPUs the cache can consume per second.", + "title": "Maximum", "type": "number" }, - "Pinned": { - "markdownDescription": "Indicates whether the function is pinned (or *long-lived* ). Pinned functions start when the core starts and process all requests in the same container. The default value is false.", - "title": "Pinned", - "type": "boolean" - }, - "Timeout": { - "markdownDescription": "The allowed execution time (in seconds) after which the function should terminate. For pinned functions, this timeout applies for each request.", - "title": "Timeout", + "Minimum": { + "markdownDescription": "The configuration for the minimum number of ECPUs the cache should be able consume per second.", + "title": "Minimum", "type": "number" } }, "type": "object" }, - "AWS::Greengrass::FunctionDefinitionVersion.ResourceAccessPolicy": { + "AWS::ElastiCache::ServerlessCache.Endpoint": { "additionalProperties": false, "properties": { - "Permission": { - "markdownDescription": "The read-only or read-write access that the Lambda function has to the resource. Valid values are `ro` or `rw` .", - "title": "Permission", + "Address": { + "markdownDescription": "The DNS hostname of the cache node.", + "title": "Address", "type": "string" }, - "ResourceId": { - "markdownDescription": "The ID of the resource. This ID is assigned to the resource when you create the resource definition.", - "title": "ResourceId", + "Port": { + "markdownDescription": "The port number that the cache engine is listening on.", + "title": "Port", "type": "string" } }, - "required": [ - "ResourceId" - ], - "type": "object" - }, - "AWS::Greengrass::FunctionDefinitionVersion.RunAs": { - "additionalProperties": false, - "properties": { - "Gid": { - "markdownDescription": "The group ID whose permissions are used to run the Lambda function. You can use the `getent group` command on your core device to look up the group ID.", - "title": "Gid", - "type": "number" - }, - "Uid": { - "markdownDescription": "The user ID whose permissions are used to run the Lambda function. You can use the `getent passwd` command on your core device to look up the user ID.", - "title": "Uid", - "type": "number" - } - }, "type": "object" }, - "AWS::Greengrass::Group": { + "AWS::ElastiCache::SubnetGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -110063,35 +114025,42 @@ "Properties": { "additionalProperties": false, "properties": { - "InitialVersion": { - "$ref": "#/definitions/AWS::Greengrass::Group.GroupVersion", - "markdownDescription": "The group version to include when the group is created. A group version references the Amazon Resource Name (ARN) of a core definition version, device definition version, subscription definition version, and other version types. The group version must reference a core definition version that contains one core. Other version types are optionally included, depending on your business need.\n\n> To associate a group version after the group is created, create an [`AWS::Greengrass::GroupVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-groupversion.html) resource and specify the ID of this group.", - "title": "InitialVersion" - }, - "Name": { - "markdownDescription": "The name of the group.", - "title": "Name", + "CacheSubnetGroupName": { + "markdownDescription": "The name for the cache subnet group. This value is stored as a lowercase string.\n\nConstraints: Must contain no more than 255 alphanumeric characters or hyphens.\n\nExample: `mysubnetgroup`", + "title": "CacheSubnetGroupName", "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role attached to the group. This role contains the permissions that Lambda functions and connectors use to interact with other AWS services.", - "title": "RoleArn", + "Description": { + "markdownDescription": "The description for the cache subnet group.", + "title": "Description", "type": "string" }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The EC2 subnet IDs for the cache subnet group.", + "title": "SubnetIds", + "type": "array" + }, "Tags": { - "markdownDescription": "Application-specific metadata to attach to the group. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A tag that can be added to an ElastiCache subnet group. Tags are composed of a Key/Value pair. You can use tags to categorize and track all your subnet groups. A tag with a null Value is permitted.", "title": "Tags", - "type": "object" + "type": "array" } }, "required": [ - "Name" + "Description", + "SubnetIds" ], "type": "object" }, "Type": { "enum": [ - "AWS::Greengrass::Group" + "AWS::ElastiCache::SubnetGroup" ], "type": "string" }, @@ -110110,48 +114079,7 @@ ], "type": "object" }, - "AWS::Greengrass::Group.GroupVersion": { - "additionalProperties": false, - "properties": { - "ConnectorDefinitionVersionArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the connector definition version that contains the connectors you want to deploy with the group version.", - "title": "ConnectorDefinitionVersionArn", - "type": "string" - }, - "CoreDefinitionVersionArn": { - "markdownDescription": "The ARN of the core definition version that contains the core you want to deploy with the group version. Currently, the core definition version can contain only one core.", - "title": "CoreDefinitionVersionArn", - "type": "string" - }, - "DeviceDefinitionVersionArn": { - "markdownDescription": "The ARN of the device definition version that contains the devices you want to deploy with the group version.", - "title": "DeviceDefinitionVersionArn", - "type": "string" - }, - "FunctionDefinitionVersionArn": { - "markdownDescription": "The ARN of the function definition version that contains the functions you want to deploy with the group version.", - "title": "FunctionDefinitionVersionArn", - "type": "string" - }, - "LoggerDefinitionVersionArn": { - "markdownDescription": "The ARN of the logger definition version that contains the loggers you want to deploy with the group version.", - "title": "LoggerDefinitionVersionArn", - "type": "string" - }, - "ResourceDefinitionVersionArn": { - "markdownDescription": "The ARN of the resource definition version that contains the resources you want to deploy with the group version.", - "title": "ResourceDefinitionVersionArn", - "type": "string" - }, - "SubscriptionDefinitionVersionArn": { - "markdownDescription": "The ARN of the subscription definition version that contains the subscriptions you want to deploy with the group version.", - "title": "SubscriptionDefinitionVersionArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Greengrass::GroupVersion": { + "AWS::ElastiCache::User": { "additionalProperties": false, "properties": { "Condition": { @@ -110186,55 +114114,63 @@ "Properties": { "additionalProperties": false, "properties": { - "ConnectorDefinitionVersionArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the connector definition version that contains the connectors you want to deploy with the group version.", - "title": "ConnectorDefinitionVersionArn", + "AccessString": { + "markdownDescription": "Access permissions string used for this user.", + "title": "AccessString", "type": "string" }, - "CoreDefinitionVersionArn": { - "markdownDescription": "The ARN of the core definition version that contains the core you want to deploy with the group version. Currently, the core definition version can contain only one core.", - "title": "CoreDefinitionVersionArn", - "type": "string" + "AuthenticationMode": { + "$ref": "#/definitions/AWS::ElastiCache::User.AuthenticationMode", + "markdownDescription": "Specifies the authentication mode to use. Below is an example of the possible JSON values:\n\n```\n{ Passwords: [\"*****\", \"******\"] // If Type is password.\n}\n```", + "title": "AuthenticationMode" }, - "DeviceDefinitionVersionArn": { - "markdownDescription": "The ARN of the device definition version that contains the devices you want to deploy with the group version.", - "title": "DeviceDefinitionVersionArn", + "Engine": { + "markdownDescription": "The current supported values are valkey and redis.", + "title": "Engine", "type": "string" }, - "FunctionDefinitionVersionArn": { - "markdownDescription": "The ARN of the function definition version that contains the functions you want to deploy with the group version.", - "title": "FunctionDefinitionVersionArn", - "type": "string" + "NoPasswordRequired": { + "markdownDescription": "Indicates a password is not required for this user.", + "title": "NoPasswordRequired", + "type": "boolean" }, - "GroupId": { - "markdownDescription": "The ID of the group associated with this version. This value is a GUID.", - "title": "GroupId", - "type": "string" + "Passwords": { + "items": { + "type": "string" + }, + "markdownDescription": "Passwords used for this user. You can create up to two passwords for each user.", + "title": "Passwords", + "type": "array" }, - "LoggerDefinitionVersionArn": { - "markdownDescription": "The ARN of the logger definition version that contains the loggers you want to deploy with the group version.", - "title": "LoggerDefinitionVersionArn", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of tags.", + "title": "Tags", + "type": "array" }, - "ResourceDefinitionVersionArn": { - "markdownDescription": "The ARN of the resource definition version that contains the resources you want to deploy with the group version.", - "title": "ResourceDefinitionVersionArn", + "UserId": { + "markdownDescription": "The ID of the user.", + "title": "UserId", "type": "string" }, - "SubscriptionDefinitionVersionArn": { - "markdownDescription": "The ARN of the subscription definition version that contains the subscriptions you want to deploy with the group version.", - "title": "SubscriptionDefinitionVersionArn", + "UserName": { + "markdownDescription": "The username of the user.", + "title": "UserName", "type": "string" } }, "required": [ - "GroupId" + "Engine", + "UserId", + "UserName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Greengrass::GroupVersion" + "AWS::ElastiCache::User" ], "type": "string" }, @@ -110253,16 +114189,38 @@ ], "type": "object" }, - "AWS::Greengrass::LoggerDefinition": { + "AWS::ElastiCache::User.AuthenticationMode": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Passwords": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the passwords to use for authentication if `Type` is set to `password` .", + "title": "Passwords", + "type": "array" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", + "Type": { + "markdownDescription": "Specifies the authentication type. Possible options are IAM authentication, password and no password.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::ElastiCache::UserGroup": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", "Snapshot" ], "type": "string" @@ -110288,30 +114246,43 @@ "Properties": { "additionalProperties": false, "properties": { - "InitialVersion": { - "$ref": "#/definitions/AWS::Greengrass::LoggerDefinition.LoggerDefinitionVersion", - "markdownDescription": "The logger definition version to include when the logger definition is created. A logger definition version contains a list of [`logger`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-loggerdefinition-logger.html) property types.\n\n> To associate a logger definition version after the logger definition is created, create an [`AWS::Greengrass::LoggerDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-loggerdefinitionversion.html) resource and specify the ID of this logger definition.", - "title": "InitialVersion" - }, - "Name": { - "markdownDescription": "The name of the logger definition.", - "title": "Name", + "Engine": { + "markdownDescription": "The current supported values are valkey and redis.", + "title": "Engine", "type": "string" }, "Tags": { - "markdownDescription": "Application-specific metadata to attach to the logger definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of tags.", "title": "Tags", - "type": "object" + "type": "array" + }, + "UserGroupId": { + "markdownDescription": "The ID of the user group.", + "title": "UserGroupId", + "type": "string" + }, + "UserIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of user IDs that belong to the user group. A user named `default` must be included.", + "title": "UserIds", + "type": "array" } }, "required": [ - "Name" + "Engine", + "UserGroupId", + "UserIds" ], "type": "object" }, "Type": { "enum": [ - "AWS::Greengrass::LoggerDefinition" + "AWS::ElastiCache::UserGroup" ], "type": "string" }, @@ -110330,61 +114301,7 @@ ], "type": "object" }, - "AWS::Greengrass::LoggerDefinition.Logger": { - "additionalProperties": false, - "properties": { - "Component": { - "markdownDescription": "The source of the log event. Valid values are `GreengrassSystem` or `Lambda` . When `GreengrassSystem` is used, events from Greengrass system components are logged. When `Lambda` is used, events from user-defined Lambda functions are logged.", - "title": "Component", - "type": "string" - }, - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the logger. This value must be unique within the logger definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", - "type": "string" - }, - "Level": { - "markdownDescription": "The log-level threshold. Log events below this threshold are filtered out and aren't stored. Valid values are `DEBUG` , `INFO` (recommended), `WARN` , `ERROR` , or `FATAL` .", - "title": "Level", - "type": "string" - }, - "Space": { - "markdownDescription": "The amount of file space (in KB) to use when writing logs to the local file system. This property does not apply for CloudWatch Logs .", - "title": "Space", - "type": "number" - }, - "Type": { - "markdownDescription": "The storage mechanism for log events. Valid values are `FileSystem` or `AWSCloudWatch` . When `AWSCloudWatch` is used, log events are sent to CloudWatch Logs . When `FileSystem` is used, log events are stored on the local file system.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Component", - "Id", - "Level", - "Type" - ], - "type": "object" - }, - "AWS::Greengrass::LoggerDefinition.LoggerDefinitionVersion": { - "additionalProperties": false, - "properties": { - "Loggers": { - "items": { - "$ref": "#/definitions/AWS::Greengrass::LoggerDefinition.Logger" - }, - "markdownDescription": "The loggers in this version.", - "title": "Loggers", - "type": "array" - } - }, - "required": [ - "Loggers" - ], - "type": "object" - }, - "AWS::Greengrass::LoggerDefinitionVersion": { + "AWS::ElasticBeanstalk::Application": { "additionalProperties": false, "properties": { "Condition": { @@ -110419,29 +114336,27 @@ "Properties": { "additionalProperties": false, "properties": { - "LoggerDefinitionId": { - "markdownDescription": "The ID of the logger definition associated with this version. This value is a GUID.", - "title": "LoggerDefinitionId", + "ApplicationName": { + "markdownDescription": "A name for the Elastic Beanstalk application. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the application name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "ApplicationName", "type": "string" }, - "Loggers": { - "items": { - "$ref": "#/definitions/AWS::Greengrass::LoggerDefinitionVersion.Logger" - }, - "markdownDescription": "The loggers in this version.", - "title": "Loggers", - "type": "array" + "Description": { + "markdownDescription": "Your description of the application.", + "title": "Description", + "type": "string" + }, + "ResourceLifecycleConfig": { + "$ref": "#/definitions/AWS::ElasticBeanstalk::Application.ApplicationResourceLifecycleConfig", + "markdownDescription": "Specifies an application resource lifecycle configuration to prevent your application from accumulating too many versions.", + "title": "ResourceLifecycleConfig" } }, - "required": [ - "LoggerDefinitionId", - "Loggers" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Greengrass::LoggerDefinitionVersion" + "AWS::ElasticBeanstalk::Application" ], "type": "string" }, @@ -110455,49 +114370,85 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Greengrass::LoggerDefinitionVersion.Logger": { + "AWS::ElasticBeanstalk::Application.ApplicationResourceLifecycleConfig": { "additionalProperties": false, "properties": { - "Component": { - "markdownDescription": "The source of the log event. Valid values are `GreengrassSystem` or `Lambda` . When `GreengrassSystem` is used, events from Greengrass system components are logged. When `Lambda` is used, events from user-defined Lambda functions are logged.", - "title": "Component", + "ServiceRole": { + "markdownDescription": "The ARN of an IAM service role that Elastic Beanstalk has permission to assume.\n\nThe `ServiceRole` property is required the first time that you provide a `ResourceLifecycleConfig` for the application. After you provide it once, Elastic Beanstalk persists the Service Role with the application, and you don't need to specify it again. You can, however, specify it in subsequent updates to change the Service Role to another value.", + "title": "ServiceRole", "type": "string" }, - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the logger. This value must be unique within the logger definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", - "type": "string" + "VersionLifecycleConfig": { + "$ref": "#/definitions/AWS::ElasticBeanstalk::Application.ApplicationVersionLifecycleConfig", + "markdownDescription": "Defines lifecycle settings for application versions.", + "title": "VersionLifecycleConfig" + } + }, + "type": "object" + }, + "AWS::ElasticBeanstalk::Application.ApplicationVersionLifecycleConfig": { + "additionalProperties": false, + "properties": { + "MaxAgeRule": { + "$ref": "#/definitions/AWS::ElasticBeanstalk::Application.MaxAgeRule", + "markdownDescription": "Specify a max age rule to restrict the length of time that application versions are retained for an application.", + "title": "MaxAgeRule" }, - "Level": { - "markdownDescription": "The log-level threshold. Log events below this threshold are filtered out and aren't stored. Valid values are `DEBUG` , `INFO` (recommended), `WARN` , `ERROR` , or `FATAL` .", - "title": "Level", - "type": "string" + "MaxCountRule": { + "$ref": "#/definitions/AWS::ElasticBeanstalk::Application.MaxCountRule", + "markdownDescription": "Specify a max count rule to restrict the number of application versions that are retained for an application.", + "title": "MaxCountRule" + } + }, + "type": "object" + }, + "AWS::ElasticBeanstalk::Application.MaxAgeRule": { + "additionalProperties": false, + "properties": { + "DeleteSourceFromS3": { + "markdownDescription": "Set to `true` to delete a version's source bundle from Amazon S3 when Elastic Beanstalk deletes the application version.", + "title": "DeleteSourceFromS3", + "type": "boolean" }, - "Space": { - "markdownDescription": "The amount of file space (in KB) to use when writing logs to the local file system. This property does not apply for CloudWatch Logs .", - "title": "Space", + "Enabled": { + "markdownDescription": "Specify `true` to apply the rule, or `false` to disable it.", + "title": "Enabled", + "type": "boolean" + }, + "MaxAgeInDays": { + "markdownDescription": "Specify the number of days to retain an application versions.", + "title": "MaxAgeInDays", "type": "number" + } + }, + "type": "object" + }, + "AWS::ElasticBeanstalk::Application.MaxCountRule": { + "additionalProperties": false, + "properties": { + "DeleteSourceFromS3": { + "markdownDescription": "Set to `true` to delete a version's source bundle from Amazon S3 when Elastic Beanstalk deletes the application version.", + "title": "DeleteSourceFromS3", + "type": "boolean" }, - "Type": { - "markdownDescription": "The storage mechanism for log events. Valid values are `FileSystem` or `AWSCloudWatch` . When `AWSCloudWatch` is used, log events are sent to CloudWatch Logs . When `FileSystem` is used, log events are stored on the local file system.", - "title": "Type", - "type": "string" + "Enabled": { + "markdownDescription": "Specify `true` to apply the rule, or `false` to disable it.", + "title": "Enabled", + "type": "boolean" + }, + "MaxCount": { + "markdownDescription": "Specify the maximum number of application versions to retain.", + "title": "MaxCount", + "type": "number" } }, - "required": [ - "Component", - "Id", - "Level", - "Type" - ], "type": "object" }, - "AWS::Greengrass::ResourceDefinition": { + "AWS::ElasticBeanstalk::ApplicationVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -110532,30 +114483,31 @@ "Properties": { "additionalProperties": false, "properties": { - "InitialVersion": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.ResourceDefinitionVersion", - "markdownDescription": "The resource definition version to include when the resource definition is created. A resource definition version contains a list of [`resource instance`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-resourcedefinition-resourceinstance.html) property types.\n\n> To associate a resource definition version after the resource definition is created, create an [`AWS::Greengrass::ResourceDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-resourcedefinitionversion.html) resource and specify the ID of this resource definition.", - "title": "InitialVersion" + "ApplicationName": { + "markdownDescription": "The name of the Elastic Beanstalk application that is associated with this application version.", + "title": "ApplicationName", + "type": "string" }, - "Name": { - "markdownDescription": "The name of the resource definition.", - "title": "Name", + "Description": { + "markdownDescription": "A description of this application version.", + "title": "Description", "type": "string" }, - "Tags": { - "markdownDescription": "Application-specific metadata to attach to the resource definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", - "title": "Tags", - "type": "object" + "SourceBundle": { + "$ref": "#/definitions/AWS::ElasticBeanstalk::ApplicationVersion.SourceBundle", + "markdownDescription": "The Amazon S3 bucket and key that identify the location of the source bundle for this version.\n\n> The Amazon S3 bucket must be in the same region as the environment.", + "title": "SourceBundle" } }, "required": [ - "Name" + "ApplicationName", + "SourceBundle" ], "type": "object" }, "Type": { "enum": [ - "AWS::Greengrass::ResourceDefinition" + "AWS::ElasticBeanstalk::ApplicationVersion" ], "type": "string" }, @@ -110574,236 +114526,27 @@ ], "type": "object" }, - "AWS::Greengrass::ResourceDefinition.GroupOwnerSetting": { - "additionalProperties": false, - "properties": { - "AutoAddGroupOwner": { - "markdownDescription": "Indicates whether to give the privileges of the Linux group that owns the resource to the Lambda process. This gives the Lambda process the file access permissions of the Linux group.", - "title": "AutoAddGroupOwner", - "type": "boolean" - }, - "GroupOwner": { - "markdownDescription": "The name of the Linux group whose privileges you want to add to the Lambda process. This value is ignored if `AutoAddGroupOwner` is true.", - "title": "GroupOwner", - "type": "string" - } - }, - "required": [ - "AutoAddGroupOwner" - ], - "type": "object" - }, - "AWS::Greengrass::ResourceDefinition.LocalDeviceResourceData": { - "additionalProperties": false, - "properties": { - "GroupOwnerSetting": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.GroupOwnerSetting", - "markdownDescription": "Settings that define additional Linux OS group permissions to give to the Lambda function process.", - "title": "GroupOwnerSetting" - }, - "SourcePath": { - "markdownDescription": "The local absolute path of the device resource. The source path for a device resource can refer only to a character device or block device under `/dev` .", - "title": "SourcePath", - "type": "string" - } - }, - "required": [ - "SourcePath" - ], - "type": "object" - }, - "AWS::Greengrass::ResourceDefinition.LocalVolumeResourceData": { - "additionalProperties": false, - "properties": { - "DestinationPath": { - "markdownDescription": "The absolute local path of the resource in the Lambda environment.", - "title": "DestinationPath", - "type": "string" - }, - "GroupOwnerSetting": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.GroupOwnerSetting", - "markdownDescription": "Settings that define additional Linux OS group permissions to give to the Lambda function process.", - "title": "GroupOwnerSetting" - }, - "SourcePath": { - "markdownDescription": "The local absolute path of the volume resource on the host. The source path for a volume resource type cannot start with `/sys` .", - "title": "SourcePath", - "type": "string" - } - }, - "required": [ - "DestinationPath", - "SourcePath" - ], - "type": "object" - }, - "AWS::Greengrass::ResourceDefinition.ResourceDataContainer": { - "additionalProperties": false, - "properties": { - "LocalDeviceResourceData": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.LocalDeviceResourceData", - "markdownDescription": "Settings for a local device resource.", - "title": "LocalDeviceResourceData" - }, - "LocalVolumeResourceData": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.LocalVolumeResourceData", - "markdownDescription": "Settings for a local volume resource.", - "title": "LocalVolumeResourceData" - }, - "S3MachineLearningModelResourceData": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.S3MachineLearningModelResourceData", - "markdownDescription": "Settings for a machine learning resource stored in Amazon S3 .", - "title": "S3MachineLearningModelResourceData" - }, - "SageMakerMachineLearningModelResourceData": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.SageMakerMachineLearningModelResourceData", - "markdownDescription": "Settings for a machine learning resource saved as an SageMaker AI training job.", - "title": "SageMakerMachineLearningModelResourceData" - }, - "SecretsManagerSecretResourceData": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.SecretsManagerSecretResourceData", - "markdownDescription": "Settings for a secret resource.", - "title": "SecretsManagerSecretResourceData" - } - }, - "type": "object" - }, - "AWS::Greengrass::ResourceDefinition.ResourceDefinitionVersion": { - "additionalProperties": false, - "properties": { - "Resources": { - "items": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.ResourceInstance" - }, - "markdownDescription": "The resources in this version.", - "title": "Resources", - "type": "array" - } - }, - "required": [ - "Resources" - ], - "type": "object" - }, - "AWS::Greengrass::ResourceDefinition.ResourceDownloadOwnerSetting": { - "additionalProperties": false, - "properties": { - "GroupOwner": { - "markdownDescription": "The group owner of the machine learning resource. This is the group ID (GID) of an existing Linux OS group on the system. The group's permissions are added to the Lambda process.", - "title": "GroupOwner", - "type": "string" - }, - "GroupPermission": { - "markdownDescription": "The permissions that the group owner has to the machine learning resource. Valid values are `rw` (read-write) or `ro` (read-only).", - "title": "GroupPermission", - "type": "string" - } - }, - "required": [ - "GroupOwner", - "GroupPermission" - ], - "type": "object" - }, - "AWS::Greengrass::ResourceDefinition.ResourceInstance": { - "additionalProperties": false, - "properties": { - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the resource. This value must be unique within the resource definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", - "type": "string" - }, - "Name": { - "markdownDescription": "The descriptive resource name, which is displayed on the AWS IoT Greengrass console. Maximum length 128 characters with pattern [a-zA-Z0-9:_-]+. This must be unique within a Greengrass group.", - "title": "Name", - "type": "string" - }, - "ResourceDataContainer": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.ResourceDataContainer", - "markdownDescription": "A container for resource data. The container takes only one of the following supported resource data types: `LocalDeviceResourceData` , `LocalVolumeResourceData` , `SageMakerMachineLearningModelResourceData` , `S3MachineLearningModelResourceData` , or `SecretsManagerSecretResourceData` .\n\n> Only one resource type can be defined for a `ResourceDataContainer` instance.", - "title": "ResourceDataContainer" - } - }, - "required": [ - "Id", - "Name", - "ResourceDataContainer" - ], - "type": "object" - }, - "AWS::Greengrass::ResourceDefinition.S3MachineLearningModelResourceData": { - "additionalProperties": false, - "properties": { - "DestinationPath": { - "markdownDescription": "The absolute local path of the resource inside the Lambda environment.", - "title": "DestinationPath", - "type": "string" - }, - "OwnerSetting": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.ResourceDownloadOwnerSetting", - "markdownDescription": "The owner setting for the downloaded machine learning resource. For more information, see [Access Machine Learning Resources from Lambda Functions](https://docs.aws.amazon.com/greengrass/v1/developerguide/access-ml-resources.html) in the *Developer Guide* .", - "title": "OwnerSetting" - }, - "S3Uri": { - "markdownDescription": "The URI of the source model in an Amazon S3 bucket. The model package must be in `tar.gz` or `.zip` format.", - "title": "S3Uri", - "type": "string" - } - }, - "required": [ - "DestinationPath", - "S3Uri" - ], - "type": "object" - }, - "AWS::Greengrass::ResourceDefinition.SageMakerMachineLearningModelResourceData": { + "AWS::ElasticBeanstalk::ApplicationVersion.SourceBundle": { "additionalProperties": false, "properties": { - "DestinationPath": { - "markdownDescription": "The absolute local path of the resource inside the Lambda environment.", - "title": "DestinationPath", + "S3Bucket": { + "markdownDescription": "The Amazon S3 bucket where the data is located.", + "title": "S3Bucket", "type": "string" }, - "OwnerSetting": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.ResourceDownloadOwnerSetting", - "markdownDescription": "The owner setting for the downloaded machine learning resource. For more information, see [Access Machine Learning Resources from Lambda Functions](https://docs.aws.amazon.com/greengrass/v1/developerguide/access-ml-resources.html) in the *Developer Guide* .", - "title": "OwnerSetting" - }, - "SageMakerJobArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SageMaker AI training job that represents the source model.", - "title": "SageMakerJobArn", - "type": "string" - } - }, - "required": [ - "DestinationPath", - "SageMakerJobArn" - ], - "type": "object" - }, - "AWS::Greengrass::ResourceDefinition.SecretsManagerSecretResourceData": { - "additionalProperties": false, - "properties": { - "ARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Secrets Manager secret to make available on the core. The value of the secret's latest version (represented by the `AWSCURRENT` staging label) is included by default.", - "title": "ARN", + "S3Key": { + "markdownDescription": "The Amazon S3 key where the data is located.", + "title": "S3Key", "type": "string" - }, - "AdditionalStagingLabelsToDownload": { - "items": { - "type": "string" - }, - "markdownDescription": "The staging labels whose values you want to make available on the core, in addition to `AWSCURRENT` .", - "title": "AdditionalStagingLabelsToDownload", - "type": "array" } }, "required": [ - "ARN" + "S3Bucket", + "S3Key" ], "type": "object" }, - "AWS::Greengrass::ResourceDefinitionVersion": { + "AWS::ElasticBeanstalk::ConfigurationTemplate": { "additionalProperties": false, "properties": { "Condition": { @@ -110838,29 +114581,53 @@ "Properties": { "additionalProperties": false, "properties": { - "ResourceDefinitionId": { - "markdownDescription": "The ID of the resource definition associated with this version. This value is a GUID.", - "title": "ResourceDefinitionId", + "ApplicationName": { + "markdownDescription": "The name of the Elastic Beanstalk application to associate with this configuration template.", + "title": "ApplicationName", "type": "string" }, - "Resources": { + "Description": { + "markdownDescription": "An optional description for this configuration.", + "title": "Description", + "type": "string" + }, + "EnvironmentId": { + "markdownDescription": "The ID of an environment whose settings you want to use to create the configuration template. You must specify `EnvironmentId` if you don't specify `PlatformArn` , `SolutionStackName` , or `SourceConfiguration` .", + "title": "EnvironmentId", + "type": "string" + }, + "OptionSettings": { "items": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.ResourceInstance" + "$ref": "#/definitions/AWS::ElasticBeanstalk::ConfigurationTemplate.ConfigurationOptionSetting" }, - "markdownDescription": "The resources in this version.", - "title": "Resources", + "markdownDescription": "Option values for the Elastic Beanstalk configuration, such as the instance type. If specified, these values override the values obtained from the solution stack or the source configuration template. For a complete list of Elastic Beanstalk configuration options, see [Option Values](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/command-options.html) in the *AWS Elastic Beanstalk Developer Guide* .", + "title": "OptionSettings", "type": "array" + }, + "PlatformArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the custom platform. For more information, see [Custom Platforms](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/custom-platforms.html) in the *AWS Elastic Beanstalk Developer Guide* .\n\n> If you specify `PlatformArn` , then don't specify `SolutionStackName` .", + "title": "PlatformArn", + "type": "string" + }, + "SolutionStackName": { + "markdownDescription": "The name of an Elastic Beanstalk solution stack (platform version) that this configuration uses. For example, `64bit Amazon Linux 2013.09 running Tomcat 7 Java 7` . A solution stack specifies the operating system, runtime, and application server for a configuration template. It also determines the set of configuration options as well as the possible and default values. For more information, see [Supported Platforms](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/concepts.platforms.html) in the *AWS Elastic Beanstalk Developer Guide* .\n\nYou must specify `SolutionStackName` if you don't specify `PlatformArn` , `EnvironmentId` , or `SourceConfiguration` .\n\nUse the [`ListAvailableSolutionStacks`](https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_ListAvailableSolutionStacks.html) API to obtain a list of available solution stacks.", + "title": "SolutionStackName", + "type": "string" + }, + "SourceConfiguration": { + "$ref": "#/definitions/AWS::ElasticBeanstalk::ConfigurationTemplate.SourceConfiguration", + "markdownDescription": "An Elastic Beanstalk configuration template to base this one on. If specified, Elastic Beanstalk uses the configuration values from the specified configuration template to create a new configuration.\n\nValues specified in `OptionSettings` override any values obtained from the `SourceConfiguration` .\n\nYou must specify `SourceConfiguration` if you don't specify `PlatformArn` , `EnvironmentId` , or `SolutionStackName` .\n\nConstraint: If both solution stack name and source configuration are specified, the solution stack of the source configuration template must match the specified solution stack name.", + "title": "SourceConfiguration" } }, "required": [ - "ResourceDefinitionId", - "Resources" + "ApplicationName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Greengrass::ResourceDefinitionVersion" + "AWS::ElasticBeanstalk::ConfigurationTemplate" ], "type": "string" }, @@ -110879,219 +114646,57 @@ ], "type": "object" }, - "AWS::Greengrass::ResourceDefinitionVersion.GroupOwnerSetting": { - "additionalProperties": false, - "properties": { - "AutoAddGroupOwner": { - "markdownDescription": "Indicates whether to give the privileges of the Linux group that owns the resource to the Lambda process. This gives the Lambda process the file access permissions of the Linux group.", - "title": "AutoAddGroupOwner", - "type": "boolean" - }, - "GroupOwner": { - "markdownDescription": "The name of the Linux group whose privileges you want to add to the Lambda process. This value is ignored if `AutoAddGroupOwner` is true.", - "title": "GroupOwner", - "type": "string" - } - }, - "required": [ - "AutoAddGroupOwner" - ], - "type": "object" - }, - "AWS::Greengrass::ResourceDefinitionVersion.LocalDeviceResourceData": { - "additionalProperties": false, - "properties": { - "GroupOwnerSetting": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.GroupOwnerSetting", - "markdownDescription": "Settings that define additional Linux OS group permissions to give to the Lambda function process.", - "title": "GroupOwnerSetting" - }, - "SourcePath": { - "markdownDescription": "The local absolute path of the device resource. The source path for a device resource can refer only to a character device or block device under `/dev` .", - "title": "SourcePath", - "type": "string" - } - }, - "required": [ - "SourcePath" - ], - "type": "object" - }, - "AWS::Greengrass::ResourceDefinitionVersion.LocalVolumeResourceData": { - "additionalProperties": false, - "properties": { - "DestinationPath": { - "markdownDescription": "The absolute local path of the resource in the Lambda environment.", - "title": "DestinationPath", - "type": "string" - }, - "GroupOwnerSetting": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.GroupOwnerSetting", - "markdownDescription": "Settings that define additional Linux OS group permissions to give to the Lambda function process.", - "title": "GroupOwnerSetting" - }, - "SourcePath": { - "markdownDescription": "The local absolute path of the volume resource on the host. The source path for a volume resource type cannot start with `/sys` .", - "title": "SourcePath", - "type": "string" - } - }, - "required": [ - "DestinationPath", - "SourcePath" - ], - "type": "object" - }, - "AWS::Greengrass::ResourceDefinitionVersion.ResourceDataContainer": { - "additionalProperties": false, - "properties": { - "LocalDeviceResourceData": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.LocalDeviceResourceData", - "markdownDescription": "Settings for a local device resource.", - "title": "LocalDeviceResourceData" - }, - "LocalVolumeResourceData": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.LocalVolumeResourceData", - "markdownDescription": "Settings for a local volume resource.", - "title": "LocalVolumeResourceData" - }, - "S3MachineLearningModelResourceData": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.S3MachineLearningModelResourceData", - "markdownDescription": "Settings for a machine learning resource stored in Amazon S3 .", - "title": "S3MachineLearningModelResourceData" - }, - "SageMakerMachineLearningModelResourceData": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.SageMakerMachineLearningModelResourceData", - "markdownDescription": "Settings for a machine learning resource saved as an SageMaker AI training job.", - "title": "SageMakerMachineLearningModelResourceData" - }, - "SecretsManagerSecretResourceData": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.SecretsManagerSecretResourceData", - "markdownDescription": "Settings for a secret resource.", - "title": "SecretsManagerSecretResourceData" - } - }, - "type": "object" - }, - "AWS::Greengrass::ResourceDefinitionVersion.ResourceDownloadOwnerSetting": { - "additionalProperties": false, - "properties": { - "GroupOwner": { - "markdownDescription": "The group owner of the machine learning resource. This is the group ID (GID) of an existing Linux OS group on the system. The group's permissions are added to the Lambda process.", - "title": "GroupOwner", - "type": "string" - }, - "GroupPermission": { - "markdownDescription": "The permissions that the group owner has to the machine learning resource. Valid values are `rw` (read-write) or `ro` (read-only).", - "title": "GroupPermission", - "type": "string" - } - }, - "required": [ - "GroupOwner", - "GroupPermission" - ], - "type": "object" - }, - "AWS::Greengrass::ResourceDefinitionVersion.ResourceInstance": { + "AWS::ElasticBeanstalk::ConfigurationTemplate.ConfigurationOptionSetting": { "additionalProperties": false, "properties": { - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the resource. This value must be unique within the resource definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", + "Namespace": { + "markdownDescription": "A unique namespace that identifies the option's associated AWS resource.", + "title": "Namespace", "type": "string" }, - "Name": { - "markdownDescription": "The descriptive resource name, which is displayed on the AWS IoT Greengrass console. Maximum length 128 characters with pattern [a-zA-Z0-9:_-]+. This must be unique within a Greengrass group.", - "title": "Name", + "OptionName": { + "markdownDescription": "The name of the configuration option.", + "title": "OptionName", "type": "string" }, - "ResourceDataContainer": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.ResourceDataContainer", - "markdownDescription": "A container for resource data. The container takes only one of the following supported resource data types: `LocalDeviceResourceData` , `LocalVolumeResourceData` , `SageMakerMachineLearningModelResourceData` , `S3MachineLearningModelResourceData` , or `SecretsManagerSecretResourceData` .\n\n> Only one resource type can be defined for a `ResourceDataContainer` instance.", - "title": "ResourceDataContainer" - } - }, - "required": [ - "Id", - "Name", - "ResourceDataContainer" - ], - "type": "object" - }, - "AWS::Greengrass::ResourceDefinitionVersion.S3MachineLearningModelResourceData": { - "additionalProperties": false, - "properties": { - "DestinationPath": { - "markdownDescription": "The absolute local path of the resource inside the Lambda environment.", - "title": "DestinationPath", + "ResourceName": { + "markdownDescription": "A unique resource name for the option setting. Use it for a time\u2013based scaling configuration option.", + "title": "ResourceName", "type": "string" }, - "OwnerSetting": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.ResourceDownloadOwnerSetting", - "markdownDescription": "The owner setting for the downloaded machine learning resource. For more information, see [Access Machine Learning Resources from Lambda Functions](https://docs.aws.amazon.com/greengrass/v1/developerguide/access-ml-resources.html) in the *Developer Guide* .", - "title": "OwnerSetting" - }, - "S3Uri": { - "markdownDescription": "The URI of the source model in an Amazon S3 bucket. The model package must be in `tar.gz` or `.zip` format.", - "title": "S3Uri", + "Value": { + "markdownDescription": "The current value for the configuration option.", + "title": "Value", "type": "string" } }, "required": [ - "DestinationPath", - "S3Uri" + "Namespace", + "OptionName" ], "type": "object" }, - "AWS::Greengrass::ResourceDefinitionVersion.SageMakerMachineLearningModelResourceData": { + "AWS::ElasticBeanstalk::ConfigurationTemplate.SourceConfiguration": { "additionalProperties": false, "properties": { - "DestinationPath": { - "markdownDescription": "The absolute local path of the resource inside the Lambda environment.", - "title": "DestinationPath", + "ApplicationName": { + "markdownDescription": "The name of the application associated with the configuration.", + "title": "ApplicationName", "type": "string" }, - "OwnerSetting": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.ResourceDownloadOwnerSetting", - "markdownDescription": "The owner setting for the downloaded machine learning resource. For more information, see [Access Machine Learning Resources from Lambda Functions](https://docs.aws.amazon.com/greengrass/v1/developerguide/access-ml-resources.html) in the *Developer Guide* .", - "title": "OwnerSetting" - }, - "SageMakerJobArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SageMaker AI training job that represents the source model.", - "title": "SageMakerJobArn", - "type": "string" - } - }, - "required": [ - "DestinationPath", - "SageMakerJobArn" - ], - "type": "object" - }, - "AWS::Greengrass::ResourceDefinitionVersion.SecretsManagerSecretResourceData": { - "additionalProperties": false, - "properties": { - "ARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Secrets Manager secret to make available on the core. The value of the secret's latest version (represented by the `AWSCURRENT` staging label) is included by default.", - "title": "ARN", + "TemplateName": { + "markdownDescription": "The name of the configuration template.", + "title": "TemplateName", "type": "string" - }, - "AdditionalStagingLabelsToDownload": { - "items": { - "type": "string" - }, - "markdownDescription": "The staging labels whose values you want to make available on the core, in addition to `AWSCURRENT` .", - "title": "AdditionalStagingLabelsToDownload", - "type": "array" } }, "required": [ - "ARN" + "ApplicationName", + "TemplateName" ], "type": "object" }, - "AWS::Greengrass::SubscriptionDefinition": { + "AWS::ElasticBeanstalk::Environment": { "additionalProperties": false, "properties": { "Condition": { @@ -111126,30 +114731,81 @@ "Properties": { "additionalProperties": false, "properties": { - "InitialVersion": { - "$ref": "#/definitions/AWS::Greengrass::SubscriptionDefinition.SubscriptionDefinitionVersion", - "markdownDescription": "The subscription definition version to include when the subscription definition is created. A subscription definition version contains a list of [`subscription`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-subscriptiondefinition-subscription.html) property types.\n\n> To associate a subscription definition version after the subscription definition is created, create an [`AWS::Greengrass::SubscriptionDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-subscriptiondefinitionversion.html) resource and specify the ID of this subscription definition.", - "title": "InitialVersion" + "ApplicationName": { + "markdownDescription": "The name of the application that is associated with this environment.", + "title": "ApplicationName", + "type": "string" }, - "Name": { - "markdownDescription": "The name of the subscription definition.", - "title": "Name", + "CNAMEPrefix": { + "markdownDescription": "If specified, the environment attempts to use this value as the prefix for the CNAME in your Elastic Beanstalk environment URL. If not specified, the CNAME is generated automatically by appending a random alphanumeric string to the environment name.", + "title": "CNAMEPrefix", + "type": "string" + }, + "Description": { + "markdownDescription": "Your description for this environment.", + "title": "Description", + "type": "string" + }, + "EnvironmentName": { + "markdownDescription": "A unique name for the environment.\n\nConstraint: Must be from 4 to 40 characters in length. The name can contain only letters, numbers, and hyphens. It can't start or end with a hyphen. This name must be unique within a region in your account.\n\nIf you don't specify the `CNAMEPrefix` parameter, the environment name becomes part of the CNAME, and therefore part of the visible URL for your application.\n\nIf you don't specify an environment name, AWS CloudFormation generates a unique physical ID and uses that ID for the environment name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "EnvironmentName", + "type": "string" + }, + "OperationsRole": { + "markdownDescription": "> The operations role feature of AWS Elastic Beanstalk is in beta release and is subject to change. \n\nThe Amazon Resource Name (ARN) of an existing IAM role to be used as the environment's operations role. If specified, Elastic Beanstalk uses the operations role for permissions to downstream services during this call and during subsequent calls acting on this environment. To specify an operations role, you must have the `iam:PassRole` permission for the role.", + "title": "OperationsRole", + "type": "string" + }, + "OptionSettings": { + "items": { + "$ref": "#/definitions/AWS::ElasticBeanstalk::Environment.OptionSetting" + }, + "markdownDescription": "Key-value pairs defining configuration options for this environment, such as the instance type. These options override the values that are defined in the solution stack or the [configuration template](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-beanstalk-configurationtemplate.html) . If you remove any options during a stack update, the removed options retain their current values.", + "title": "OptionSettings", + "type": "array" + }, + "PlatformArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the custom platform to use with the environment. For more information, see [Custom Platforms](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/custom-platforms.html) in the *AWS Elastic Beanstalk Developer Guide* .\n\n> If you specify `PlatformArn` , don't specify `SolutionStackName` .", + "title": "PlatformArn", + "type": "string" + }, + "SolutionStackName": { + "markdownDescription": "The name of an Elastic Beanstalk solution stack (platform version) to use with the environment. If specified, Elastic Beanstalk sets the configuration values to the default values associated with the specified solution stack. For a list of current solution stacks, see [Elastic Beanstalk Supported Platforms](https://docs.aws.amazon.com/elasticbeanstalk/latest/platforms/platforms-supported.html) in the *AWS Elastic Beanstalk Platforms* guide.\n\n> If you specify `SolutionStackName` , don't specify `PlatformArn` or `TemplateName` .", + "title": "SolutionStackName", "type": "string" }, "Tags": { - "markdownDescription": "Application-specific metadata to attach to the subscription definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies the tags applied to resources in the environment.", "title": "Tags", - "type": "object" + "type": "array" + }, + "TemplateName": { + "markdownDescription": "The name of the Elastic Beanstalk configuration template to use with the environment.\n\n> If you specify `TemplateName` , then don't specify `SolutionStackName` .", + "title": "TemplateName", + "type": "string" + }, + "Tier": { + "$ref": "#/definitions/AWS::ElasticBeanstalk::Environment.Tier", + "markdownDescription": "Specifies the tier to use in creating this environment. The environment tier that you choose determines whether Elastic Beanstalk provisions resources to support a web application that handles HTTP(S) requests or a web application that handles background-processing tasks.", + "title": "Tier" + }, + "VersionLabel": { + "markdownDescription": "The name of the application version to deploy.\n\nDefault: If not specified, Elastic Beanstalk attempts to deploy the sample application.", + "title": "VersionLabel", + "type": "string" } }, "required": [ - "Name" + "ApplicationName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Greengrass::SubscriptionDefinition" + "AWS::ElasticBeanstalk::Environment" ], "type": "string" }, @@ -111168,56 +114824,58 @@ ], "type": "object" }, - "AWS::Greengrass::SubscriptionDefinition.Subscription": { + "AWS::ElasticBeanstalk::Environment.OptionSetting": { "additionalProperties": false, "properties": { - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the subscription. This value must be unique within the subscription definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", + "Namespace": { + "markdownDescription": "A unique namespace that identifies the option's associated AWS resource.", + "title": "Namespace", "type": "string" }, - "Source": { - "markdownDescription": "The originator of the message. The value can be a thing ARN, the ARN of a Lambda function alias (recommended) or version, a connector ARN, `cloud` (which represents the AWS IoT cloud), or `GGShadowService` .", - "title": "Source", + "OptionName": { + "markdownDescription": "The name of the configuration option.", + "title": "OptionName", "type": "string" }, - "Subject": { - "markdownDescription": "The MQTT topic used to route the message.", - "title": "Subject", + "ResourceName": { + "markdownDescription": "A unique resource name for the option setting. Use it for a time\u2013based scaling configuration option.", + "title": "ResourceName", "type": "string" }, - "Target": { - "markdownDescription": "The destination of the message. The value can be a thing ARN, the ARN of a Lambda function alias (recommended) or version, a connector ARN, `cloud` (which represents the AWS IoT cloud), or `GGShadowService` .", - "title": "Target", + "Value": { + "markdownDescription": "The current value for the configuration option.", + "title": "Value", "type": "string" } }, "required": [ - "Id", - "Source", - "Subject", - "Target" + "Namespace", + "OptionName" ], "type": "object" }, - "AWS::Greengrass::SubscriptionDefinition.SubscriptionDefinitionVersion": { + "AWS::ElasticBeanstalk::Environment.Tier": { "additionalProperties": false, "properties": { - "Subscriptions": { - "items": { - "$ref": "#/definitions/AWS::Greengrass::SubscriptionDefinition.Subscription" - }, - "markdownDescription": "The subscriptions in this version.", - "title": "Subscriptions", - "type": "array" + "Name": { + "markdownDescription": "The name of this environment tier.\n\nValid values:\n\n- For *Web server tier* \u2013 `WebServer`\n- For *Worker tier* \u2013 `Worker`", + "title": "Name", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of this environment tier.\n\nValid values:\n\n- For *Web server tier* \u2013 `Standard`\n- For *Worker tier* \u2013 `SQS/HTTP`", + "title": "Type", + "type": "string" + }, + "Version": { + "markdownDescription": "The version of this environment tier. When you don't set a value to it, Elastic Beanstalk uses the latest compatible worker tier version.\n\n> This member is deprecated. Any specific version that you set may become out of date. We recommend leaving it unspecified.", + "title": "Version", + "type": "string" } }, - "required": [ - "Subscriptions" - ], "type": "object" }, - "AWS::Greengrass::SubscriptionDefinitionVersion": { + "AWS::ElasticLoadBalancing::LoadBalancer": { "additionalProperties": false, "properties": { "Condition": { @@ -111252,29 +114910,122 @@ "Properties": { "additionalProperties": false, "properties": { - "SubscriptionDefinitionId": { - "markdownDescription": "The ID of the subscription definition associated with this version. This value is a GUID.", - "title": "SubscriptionDefinitionId", + "AccessLoggingPolicy": { + "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.AccessLoggingPolicy", + "markdownDescription": "Information about where and how access logs are stored for the load balancer.", + "title": "AccessLoggingPolicy" + }, + "AppCookieStickinessPolicy": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.AppCookieStickinessPolicy" + }, + "markdownDescription": "Information about a policy for application-controlled session stickiness.", + "title": "AppCookieStickinessPolicy", + "type": "array" + }, + "AvailabilityZones": { + "items": { + "type": "string" + }, + "markdownDescription": "The Availability Zones for a load balancer in a default VPC. For a load balancer in a nondefault VPC, specify `Subnets` instead.\n\nUpdate requires replacement if you did not previously specify an Availability Zone or if you are removing all Availability Zones. Otherwise, update requires no interruption.", + "title": "AvailabilityZones", + "type": "array" + }, + "ConnectionDrainingPolicy": { + "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.ConnectionDrainingPolicy", + "markdownDescription": "If enabled, the load balancer allows existing requests to complete before the load balancer shifts traffic away from a deregistered or unhealthy instance.\n\nFor more information, see [Configure connection draining](https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/config-conn-drain.html) in the *User Guide for Classic Load Balancers* .", + "title": "ConnectionDrainingPolicy" + }, + "ConnectionSettings": { + "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.ConnectionSettings", + "markdownDescription": "If enabled, the load balancer allows the connections to remain idle (no data is sent over the connection) for the specified duration.\n\nBy default, Elastic Load Balancing maintains a 60-second idle connection timeout for both front-end and back-end connections of your load balancer. For more information, see [Configure idle connection timeout](https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/config-idle-timeout.html) in the *User Guide for Classic Load Balancers* .", + "title": "ConnectionSettings" + }, + "CrossZone": { + "markdownDescription": "If enabled, the load balancer routes the request traffic evenly across all instances regardless of the Availability Zones.\n\nFor more information, see [Configure cross-zone load balancing](https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-disable-crosszone-lb.html) in the *User Guide for Classic Load Balancers* .", + "title": "CrossZone", + "type": "boolean" + }, + "HealthCheck": { + "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.HealthCheck", + "markdownDescription": "The health check settings to use when evaluating the health of your EC2 instances.\n\nUpdate requires replacement if you did not previously specify health check settings or if you are removing the health check settings. Otherwise, update requires no interruption.", + "title": "HealthCheck" + }, + "Instances": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the instances for the load balancer.", + "title": "Instances", + "type": "array" + }, + "LBCookieStickinessPolicy": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.LBCookieStickinessPolicy" + }, + "markdownDescription": "Information about a policy for duration-based session stickiness.", + "title": "LBCookieStickinessPolicy", + "type": "array" + }, + "Listeners": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.Listeners" + }, + "markdownDescription": "The listeners for the load balancer. You can specify at most one listener per port.\n\nIf you update the properties for a listener, AWS CloudFormation deletes the existing listener and creates a new one with the specified properties. While the new listener is being created, clients cannot connect to the load balancer.", + "title": "Listeners", + "type": "array" + }, + "LoadBalancerName": { + "markdownDescription": "The name of the load balancer. This name must be unique within your set of load balancers for the region.\n\nIf you don't specify a name, AWS CloudFormation generates a unique physical ID for the load balancer. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) . If you specify a name, you cannot perform updates that require replacement of this resource, but you can perform other updates. To replace the resource, specify a new name.", + "title": "LoadBalancerName", "type": "string" }, - "Subscriptions": { + "Policies": { "items": { - "$ref": "#/definitions/AWS::Greengrass::SubscriptionDefinitionVersion.Subscription" + "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.Policies" }, - "markdownDescription": "The subscriptions in this version.", - "title": "Subscriptions", + "markdownDescription": "The policies defined for your Classic Load Balancer. Specify only back-end server policies.", + "title": "Policies", + "type": "array" + }, + "Scheme": { + "markdownDescription": "The type of load balancer. Valid only for load balancers in a VPC.\n\nIf `Scheme` is `internet-facing` , the load balancer has a public DNS name that resolves to a public IP address.\n\nIf `Scheme` is `internal` , the load balancer has a public DNS name that resolves to a private IP address.", + "title": "Scheme", + "type": "string" + }, + "SecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The security groups for the load balancer. Valid only for load balancers in a VPC.", + "title": "SecurityGroups", + "type": "array" + }, + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the subnets for the load balancer. You can specify at most one subnet per Availability Zone.\n\nUpdate requires replacement if you did not previously specify a subnet or if you are removing all subnets. Otherwise, update requires no interruption. To update to a different subnet in the current Availability Zone, you must first update to a subnet in a different Availability Zone, then update to the new subnet in the original Availability Zone.", + "title": "Subnets", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags associated with a load balancer.", + "title": "Tags", "type": "array" } }, "required": [ - "SubscriptionDefinitionId", - "Subscriptions" + "Listeners" ], "type": "object" }, "Type": { "enum": [ - "AWS::Greengrass::SubscriptionDefinitionVersion" + "AWS::ElasticLoadBalancing::LoadBalancer" ], "type": "string" }, @@ -111293,385 +115044,233 @@ ], "type": "object" }, - "AWS::Greengrass::SubscriptionDefinitionVersion.Subscription": { + "AWS::ElasticLoadBalancing::LoadBalancer.AccessLoggingPolicy": { "additionalProperties": false, "properties": { - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the subscription. This value must be unique within the subscription definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", - "type": "string" + "EmitInterval": { + "markdownDescription": "The interval for publishing the access logs. You can specify an interval of either 5 minutes or 60 minutes.\n\nDefault: 60 minutes", + "title": "EmitInterval", + "type": "number" }, - "Source": { - "markdownDescription": "The originator of the message. The value can be a thing ARN, the ARN of a Lambda function alias (recommended) or version, a connector ARN, `cloud` (which represents the AWS IoT cloud), or `GGShadowService` .", - "title": "Source", - "type": "string" + "Enabled": { + "markdownDescription": "Specifies whether access logs are enabled for the load balancer.", + "title": "Enabled", + "type": "boolean" }, - "Subject": { - "markdownDescription": "The MQTT topic used to route the message.", - "title": "Subject", + "S3BucketName": { + "markdownDescription": "The name of the Amazon S3 bucket where the access logs are stored.", + "title": "S3BucketName", "type": "string" }, - "Target": { - "markdownDescription": "The destination of the message. The value can be a thing ARN, the ARN of a Lambda function alias (recommended) or version, a connector ARN, `cloud` (which represents the AWS IoT cloud), or `GGShadowService` .", - "title": "Target", + "S3BucketPrefix": { + "markdownDescription": "The logical hierarchy you created for your Amazon S3 bucket, for example `my-bucket-prefix/prod` . If the prefix is not provided, the log is placed at the root level of the bucket.", + "title": "S3BucketPrefix", "type": "string" } }, "required": [ - "Id", - "Source", - "Subject", - "Target" + "Enabled", + "S3BucketName" ], "type": "object" }, - "AWS::GreengrassV2::ComponentVersion": { + "AWS::ElasticLoadBalancing::LoadBalancer.AppCookieStickinessPolicy": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "InlineRecipe": { - "markdownDescription": "The recipe to use to create the component. The recipe defines the component's metadata, parameters, dependencies, lifecycle, artifacts, and platform compatibility.\n\nYou must specify either `InlineRecipe` or `LambdaFunction` .", - "title": "InlineRecipe", - "type": "string" - }, - "LambdaFunction": { - "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaFunctionRecipeSource", - "markdownDescription": "The parameters to create a component from a Lambda function.\n\nYou must specify either `InlineRecipe` or `LambdaFunction` .", - "title": "LambdaFunction" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Application-specific metadata to attach to the component version. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tag your AWS IoT Greengrass Version 2 resources](https://docs.aws.amazon.com/greengrass/v2/developerguide/tag-resources.html) in the *AWS IoT Greengrass V2 Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::GreengrassV2::ComponentVersion" - ], + "CookieName": { + "markdownDescription": "The name of the application cookie used for stickiness.", + "title": "CookieName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "PolicyName": { + "markdownDescription": "The mnemonic name for the policy being created. The name must be unique within a set of policies for this load balancer.", + "title": "PolicyName", "type": "string" } }, "required": [ - "Type" + "CookieName", + "PolicyName" ], "type": "object" }, - "AWS::GreengrassV2::ComponentVersion.ComponentDependencyRequirement": { + "AWS::ElasticLoadBalancing::LoadBalancer.ConnectionDrainingPolicy": { "additionalProperties": false, "properties": { - "DependencyType": { - "markdownDescription": "The type of this dependency. Choose from the following options:\n\n- `SOFT` \u2013 The component doesn't restart if the dependency changes state.\n- `HARD` \u2013 The component restarts if the dependency changes state.\n\nDefault: `HARD`", - "title": "DependencyType", - "type": "string" + "Enabled": { + "markdownDescription": "Specifies whether connection draining is enabled for the load balancer.", + "title": "Enabled", + "type": "boolean" }, - "VersionRequirement": { - "markdownDescription": "The component version requirement for the component dependency.\n\nAWS IoT Greengrass uses semantic version constraints. For more information, see [Semantic Versioning](https://docs.aws.amazon.com/https://semver.org/) .", - "title": "VersionRequirement", - "type": "string" + "Timeout": { + "markdownDescription": "The maximum time, in seconds, to keep the existing connections open before deregistering the instances.", + "title": "Timeout", + "type": "number" } }, + "required": [ + "Enabled" + ], "type": "object" }, - "AWS::GreengrassV2::ComponentVersion.ComponentPlatform": { + "AWS::ElasticLoadBalancing::LoadBalancer.ConnectionSettings": { "additionalProperties": false, "properties": { - "Attributes": { - "additionalProperties": true, - "markdownDescription": "A dictionary of attributes for the platform. The AWS IoT Greengrass Core software defines the `os` and `platform` by default. You can specify additional platform attributes for a core device when you deploy the AWS IoT Greengrass nucleus component. For more information, see the [AWS IoT Greengrass nucleus component](https://docs.aws.amazon.com/greengrass/v2/developerguide/greengrass-nucleus-component.html) in the *AWS IoT Greengrass V2 Developer Guide* .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Attributes", - "type": "object" - }, - "Name": { - "markdownDescription": "The friendly name of the platform. This name helps you identify the platform.\n\nIf you omit this parameter, AWS IoT Greengrass creates a friendly name from the `os` and `architecture` of the platform.", - "title": "Name", - "type": "string" + "IdleTimeout": { + "markdownDescription": "The time, in seconds, that the connection is allowed to be idle (no data has been sent over the connection) before it is closed by the load balancer.", + "title": "IdleTimeout", + "type": "number" } }, + "required": [ + "IdleTimeout" + ], "type": "object" }, - "AWS::GreengrassV2::ComponentVersion.LambdaContainerParams": { + "AWS::ElasticLoadBalancing::LoadBalancer.HealthCheck": { "additionalProperties": false, "properties": { - "Devices": { - "items": { - "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaDeviceMount" - }, - "markdownDescription": "The list of system devices that the container can access.", - "title": "Devices", - "type": "array" - }, - "MemorySizeInKB": { - "markdownDescription": "The memory size of the container, expressed in kilobytes.\n\nDefault: `16384` (16 MB)", - "title": "MemorySizeInKB", - "type": "number" + "HealthyThreshold": { + "markdownDescription": "The number of consecutive health checks successes required before moving the instance to the `Healthy` state.", + "title": "HealthyThreshold", + "type": "string" }, - "MountROSysfs": { - "markdownDescription": "Whether or not the container can read information from the device's `/sys` folder.\n\nDefault: `false`", - "title": "MountROSysfs", - "type": "boolean" + "Interval": { + "markdownDescription": "The approximate interval, in seconds, between health checks of an individual instance.", + "title": "Interval", + "type": "string" }, - "Volumes": { - "items": { - "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaVolumeMount" - }, - "markdownDescription": "The list of volumes that the container can access.", - "title": "Volumes", - "type": "array" - } - }, - "type": "object" - }, - "AWS::GreengrassV2::ComponentVersion.LambdaDeviceMount": { - "additionalProperties": false, - "properties": { - "AddGroupOwner": { - "markdownDescription": "Whether or not to add the component's system user as an owner of the device.\n\nDefault: `false`", - "title": "AddGroupOwner", - "type": "boolean" + "Target": { + "markdownDescription": "The instance being checked. The protocol is either TCP, HTTP, HTTPS, or SSL. The range of valid ports is one (1) through 65535.\n\nTCP is the default, specified as a TCP: port pair, for example \"TCP:5000\". In this case, a health check simply attempts to open a TCP connection to the instance on the specified port. Failure to connect within the configured timeout is considered unhealthy.\n\nSSL is also specified as SSL: port pair, for example, SSL:5000.\n\nFor HTTP/HTTPS, you must include a ping path in the string. HTTP is specified as a HTTP:port;/;PathToPing; grouping, for example \"HTTP:80/weather/us/wa/seattle\". In this case, a HTTP GET request is issued to the instance on the given port and path. Any answer other than \"200 OK\" within the timeout period is considered unhealthy.\n\nThe total length of the HTTP ping target must be 1024 16-bit Unicode characters or less.", + "title": "Target", + "type": "string" }, - "Path": { - "markdownDescription": "The mount path for the device in the file system.", - "title": "Path", + "Timeout": { + "markdownDescription": "The amount of time, in seconds, during which no response means a failed health check.\n\nThis value must be less than the `Interval` value.", + "title": "Timeout", "type": "string" }, - "Permission": { - "markdownDescription": "The permission to access the device: read/only ( `ro` ) or read/write ( `rw` ).\n\nDefault: `ro`", - "title": "Permission", + "UnhealthyThreshold": { + "markdownDescription": "The number of consecutive health check failures required before moving the instance to the `Unhealthy` state.", + "title": "UnhealthyThreshold", "type": "string" } }, + "required": [ + "HealthyThreshold", + "Interval", + "Target", + "Timeout", + "UnhealthyThreshold" + ], "type": "object" }, - "AWS::GreengrassV2::ComponentVersion.LambdaEventSource": { + "AWS::ElasticLoadBalancing::LoadBalancer.LBCookieStickinessPolicy": { "additionalProperties": false, "properties": { - "Topic": { - "markdownDescription": "The topic to which to subscribe to receive event messages.", - "title": "Topic", + "CookieExpirationPeriod": { + "markdownDescription": "The time period, in seconds, after which the cookie should be considered stale. If this parameter is not specified, the stickiness session lasts for the duration of the browser session.", + "title": "CookieExpirationPeriod", "type": "string" }, - "Type": { - "markdownDescription": "The type of event source. Choose from the following options:\n\n- `PUB_SUB` \u2013 Subscribe to local publish/subscribe messages. This event source type doesn't support MQTT wildcards ( `+` and `#` ) in the event source topic.\n- `IOT_CORE` \u2013 Subscribe to AWS IoT Core MQTT messages. This event source type supports MQTT wildcards ( `+` and `#` ) in the event source topic.", - "title": "Type", + "PolicyName": { + "markdownDescription": "The name of the policy. This name must be unique within the set of policies for this load balancer.", + "title": "PolicyName", "type": "string" } }, "type": "object" }, - "AWS::GreengrassV2::ComponentVersion.LambdaExecutionParameters": { + "AWS::ElasticLoadBalancing::LoadBalancer.Listeners": { "additionalProperties": false, "properties": { - "EnvironmentVariables": { - "additionalProperties": true, - "markdownDescription": "The map of environment variables that are available to the Lambda function when it runs.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "EnvironmentVariables", - "type": "object" + "InstancePort": { + "markdownDescription": "The port on which the instance is listening.", + "title": "InstancePort", + "type": "string" }, - "EventSources": { - "items": { - "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaEventSource" - }, - "markdownDescription": "The list of event sources to which to subscribe to receive work messages. The Lambda function runs when it receives a message from an event source. You can subscribe this function to local publish/subscribe messages and AWS IoT Core MQTT messages.", - "title": "EventSources", - "type": "array" + "InstanceProtocol": { + "markdownDescription": "The protocol to use for routing traffic to instances: HTTP, HTTPS, TCP, or SSL.\n\nIf the front-end protocol is TCP or SSL, the back-end protocol must be TCP or SSL. If the front-end protocol is HTTP or HTTPS, the back-end protocol must be HTTP or HTTPS.\n\nIf there is another listener with the same `InstancePort` whose `InstanceProtocol` is secure, (HTTPS or SSL), the listener's `InstanceProtocol` must also be secure.\n\nIf there is another listener with the same `InstancePort` whose `InstanceProtocol` is HTTP or TCP, the listener's `InstanceProtocol` must be HTTP or TCP.", + "title": "InstanceProtocol", + "type": "string" }, - "ExecArgs": { + "LoadBalancerPort": { + "markdownDescription": "The port on which the load balancer is listening. On EC2-VPC, you can specify any port from the range 1-65535. On EC2-Classic, you can specify any port from the following list: 25, 80, 443, 465, 587, 1024-65535.", + "title": "LoadBalancerPort", + "type": "string" + }, + "PolicyNames": { "items": { "type": "string" }, - "markdownDescription": "The list of arguments to pass to the Lambda function when it runs.", - "title": "ExecArgs", + "markdownDescription": "The names of the policies to associate with the listener.", + "title": "PolicyNames", "type": "array" }, - "InputPayloadEncodingType": { - "markdownDescription": "The encoding type that the Lambda function supports.\n\nDefault: `json`", - "title": "InputPayloadEncodingType", + "Protocol": { + "markdownDescription": "The load balancer transport protocol to use for routing: HTTP, HTTPS, TCP, or SSL.", + "title": "Protocol", "type": "string" }, - "LinuxProcessParams": { - "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaLinuxProcessParams", - "markdownDescription": "The parameters for the Linux process that contains the Lambda function.", - "title": "LinuxProcessParams" - }, - "MaxIdleTimeInSeconds": { - "markdownDescription": "The maximum amount of time in seconds that a non-pinned Lambda function can idle before the AWS IoT Greengrass Core software stops its process.", - "title": "MaxIdleTimeInSeconds", - "type": "number" - }, - "MaxInstancesCount": { - "markdownDescription": "The maximum number of instances that a non-pinned Lambda function can run at the same time.", - "title": "MaxInstancesCount", - "type": "number" - }, - "MaxQueueSize": { - "markdownDescription": "The maximum size of the message queue for the Lambda function component. The AWS IoT Greengrass core device stores messages in a FIFO (first-in-first-out) queue until it can run the Lambda function to consume each message.", - "title": "MaxQueueSize", - "type": "number" - }, - "Pinned": { - "markdownDescription": "Whether or not the Lambda function is pinned, or long-lived.\n\n- A pinned Lambda function starts when the AWS IoT Greengrass Core starts and keeps running in its own container.\n- A non-pinned Lambda function starts only when it receives a work item and exists after it idles for `maxIdleTimeInSeconds` . If the function has multiple work items, the AWS IoT Greengrass Core software creates multiple instances of the function.\n\nDefault: `true`", - "title": "Pinned", - "type": "boolean" - }, - "StatusTimeoutInSeconds": { - "markdownDescription": "The interval in seconds at which a pinned (also known as long-lived) Lambda function component sends status updates to the Lambda manager component.", - "title": "StatusTimeoutInSeconds", - "type": "number" - }, - "TimeoutInSeconds": { - "markdownDescription": "The maximum amount of time in seconds that the Lambda function can process a work item.", - "title": "TimeoutInSeconds", - "type": "number" + "SSLCertificateId": { + "markdownDescription": "The Amazon Resource Name (ARN) of the server certificate.", + "title": "SSLCertificateId", + "type": "string" } }, + "required": [ + "InstancePort", + "LoadBalancerPort", + "Protocol" + ], "type": "object" }, - "AWS::GreengrassV2::ComponentVersion.LambdaFunctionRecipeSource": { + "AWS::ElasticLoadBalancing::LoadBalancer.Policies": { "additionalProperties": false, "properties": { - "ComponentDependencies": { - "additionalProperties": false, - "markdownDescription": "The component versions on which this Lambda function component depends.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.ComponentDependencyRequirement" - } + "Attributes": { + "items": { + "type": "object" }, - "title": "ComponentDependencies", - "type": "object" - }, - "ComponentLambdaParameters": { - "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaExecutionParameters", - "markdownDescription": "The system and runtime parameters for the Lambda function as it runs on the AWS IoT Greengrass core device.", - "title": "ComponentLambdaParameters" - }, - "ComponentName": { - "markdownDescription": "The name of the component.\n\nDefaults to the name of the Lambda function.", - "title": "ComponentName", - "type": "string" + "markdownDescription": "The policy attributes.", + "title": "Attributes", + "type": "array" }, - "ComponentPlatforms": { + "InstancePorts": { "items": { - "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.ComponentPlatform" + "type": "string" }, - "markdownDescription": "The platforms that the component version supports.", - "title": "ComponentPlatforms", + "markdownDescription": "The instance ports for the policy. Required only for some policy types.", + "title": "InstancePorts", "type": "array" }, - "ComponentVersion": { - "markdownDescription": "The version of the component.\n\nDefaults to the version of the Lambda function as a semantic version. For example, if your function version is `3` , the component version becomes `3.0.0` .", - "title": "ComponentVersion", - "type": "string" - }, - "LambdaArn": { - "markdownDescription": "The ARN of the Lambda function. The ARN must include the version of the function to import. You can't use version aliases like `$LATEST` .", - "title": "LambdaArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::GreengrassV2::ComponentVersion.LambdaLinuxProcessParams": { - "additionalProperties": false, - "properties": { - "ContainerParams": { - "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaContainerParams", - "markdownDescription": "The parameters for the container in which the Lambda function runs.", - "title": "ContainerParams" - }, - "IsolationMode": { - "markdownDescription": "The isolation mode for the process that contains the Lambda function. The process can run in an isolated runtime environment inside the AWS IoT Greengrass container, or as a regular process outside any container.\n\nDefault: `GreengrassContainer`", - "title": "IsolationMode", - "type": "string" - } - }, - "type": "object" - }, - "AWS::GreengrassV2::ComponentVersion.LambdaVolumeMount": { - "additionalProperties": false, - "properties": { - "AddGroupOwner": { - "markdownDescription": "Whether or not to add the AWS IoT Greengrass user group as an owner of the volume.\n\nDefault: `false`", - "title": "AddGroupOwner", - "type": "boolean" - }, - "DestinationPath": { - "markdownDescription": "The path to the logical volume in the file system.", - "title": "DestinationPath", - "type": "string" + "LoadBalancerPorts": { + "items": { + "type": "string" + }, + "markdownDescription": "The load balancer ports for the policy. Required only for some policy types.", + "title": "LoadBalancerPorts", + "type": "array" }, - "Permission": { - "markdownDescription": "The permission to access the volume: read/only ( `ro` ) or read/write ( `rw` ).\n\nDefault: `ro`", - "title": "Permission", + "PolicyName": { + "markdownDescription": "The name of the policy.", + "title": "PolicyName", "type": "string" }, - "SourcePath": { - "markdownDescription": "The path to the physical volume in the file system.", - "title": "SourcePath", + "PolicyType": { + "markdownDescription": "The name of the policy type.", + "title": "PolicyType", "type": "string" } }, + "required": [ + "Attributes", + "PolicyName", + "PolicyType" + ], "type": "object" }, - "AWS::GreengrassV2::Deployment": { + "AWS::ElasticLoadBalancingV2::Listener": { "additionalProperties": false, "properties": { "Condition": { @@ -111706,62 +115305,73 @@ "Properties": { "additionalProperties": false, "properties": { - "Components": { - "additionalProperties": false, - "markdownDescription": "The components to deploy. This is a dictionary, where each key is the name of a component, and each key's value is the version and configuration to deploy for that component.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.ComponentDeploymentSpecification" - } + "AlpnPolicy": { + "items": { + "type": "string" }, - "title": "Components", - "type": "object" + "markdownDescription": "[TLS listener] The name of the Application-Layer Protocol Negotiation (ALPN) policy.", + "title": "AlpnPolicy", + "type": "array" }, - "DeploymentName": { - "markdownDescription": "The name of the deployment.", - "title": "DeploymentName", - "type": "string" + "Certificates": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.Certificate" + }, + "markdownDescription": "The default SSL server certificate for a secure listener. You must provide exactly one certificate if the listener protocol is HTTPS or TLS.\n\nFor an HTTPS listener, update requires some interruptions. For a TLS listener, update requires no interruption.\n\nTo create a certificate list for a secure listener, use [AWS::ElasticLoadBalancingV2::ListenerCertificate](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-listenercertificate.html) .", + "title": "Certificates", + "type": "array" }, - "DeploymentPolicies": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.DeploymentPolicies", - "markdownDescription": "The deployment policies for the deployment. These policies define how the deployment updates components and handles failure.", - "title": "DeploymentPolicies" + "DefaultActions": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.Action" + }, + "markdownDescription": "The actions for the default rule. You cannot define a condition for a default rule.\n\nTo create additional rules for an Application Load Balancer, use [AWS::ElasticLoadBalancingV2::ListenerRule](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-listenerrule.html) .", + "title": "DefaultActions", + "type": "array" }, - "IotJobConfiguration": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.DeploymentIoTJobConfiguration", - "markdownDescription": "The job configuration for the deployment configuration. The job configuration specifies the rollout, timeout, and stop configurations for the deployment configuration.", - "title": "IotJobConfiguration" + "ListenerAttributes": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.ListenerAttribute" + }, + "markdownDescription": "The listener attributes. Attributes that you do not modify retain their current values.", + "title": "ListenerAttributes", + "type": "array" }, - "ParentTargetArn": { - "markdownDescription": "The parent deployment's [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) for a subdeployment.", - "title": "ParentTargetArn", + "LoadBalancerArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the load balancer.", + "title": "LoadBalancerArn", "type": "string" }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Application-specific metadata to attach to the deployment. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tag your AWS IoT Greengrass Version 2 resources](https://docs.aws.amazon.com/greengrass/v2/developerguide/tag-resources.html) in the *AWS IoT Greengrass V2 Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" + "MutualAuthentication": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.MutualAuthentication", + "markdownDescription": "The mutual authentication configuration information.", + "title": "MutualAuthentication" }, - "TargetArn": { - "markdownDescription": "The ARN of the target AWS IoT thing or thing group.", - "title": "TargetArn", + "Port": { + "markdownDescription": "The port on which the load balancer is listening. You can't specify a port for a Gateway Load Balancer.", + "title": "Port", + "type": "number" + }, + "Protocol": { + "markdownDescription": "The protocol for connections from clients to the load balancer. For Application Load Balancers, the supported protocols are HTTP and HTTPS. For Network Load Balancers, the supported protocols are TCP, TLS, UDP, and TCP_UDP. You can\u2019t specify the UDP or TCP_UDP protocol if dual-stack mode is enabled. You can't specify a protocol for a Gateway Load Balancer.", + "title": "Protocol", + "type": "string" + }, + "SslPolicy": { + "markdownDescription": "[HTTPS and TLS listeners] The security policy that defines which protocols and ciphers are supported. For more information, see [Security policies](https://docs.aws.amazon.com/elasticloadbalancing/latest/application/describe-ssl-policies.html) in the *Application Load Balancers Guide* and [Security policies](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/describe-ssl-policies.html) in the *Network Load Balancers Guide* .\n\n[HTTPS listeners] Updating the security policy can result in interruptions if the load balancer is handling a high volume of traffic. To decrease the possibility of an interruption if your load balancer is handling a high volume of traffic, create an additional load balancer or request an LCU reservation.", + "title": "SslPolicy", "type": "string" } }, "required": [ - "TargetArn" + "DefaultActions", + "LoadBalancerArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::GreengrassV2::Deployment" + "AWS::ElasticLoadBalancingV2::Listener" ], "type": "string" }, @@ -111780,271 +115390,359 @@ ], "type": "object" }, - "AWS::GreengrassV2::Deployment.ComponentConfigurationUpdate": { + "AWS::ElasticLoadBalancingV2::Listener.Action": { "additionalProperties": false, "properties": { - "Merge": { - "markdownDescription": "A serialized JSON string that contains the configuration object to merge to target devices. The core device merges this configuration with the component's existing configuration. If this is the first time a component deploys on a device, the core device merges this configuration with the component's default configuration. This means that the core device keeps it's existing configuration for keys and values that you don't specify in this object. For more information, see [Merge configuration updates](https://docs.aws.amazon.com/greengrass/v2/developerguide/update-component-configurations.html#merge-configuration-update) in the *AWS IoT Greengrass V2 Developer Guide* .", - "title": "Merge", + "AuthenticateCognitoConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.AuthenticateCognitoConfig", + "markdownDescription": "[HTTPS listeners] Information for using Amazon Cognito to authenticate users. Specify only when `Type` is `authenticate-cognito` .", + "title": "AuthenticateCognitoConfig" + }, + "AuthenticateOidcConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.AuthenticateOidcConfig", + "markdownDescription": "[HTTPS listeners] Information about an identity provider that is compliant with OpenID Connect (OIDC). Specify only when `Type` is `authenticate-oidc` .", + "title": "AuthenticateOidcConfig" + }, + "FixedResponseConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.FixedResponseConfig", + "markdownDescription": "[Application Load Balancer] Information for creating an action that returns a custom HTTP response. Specify only when `Type` is `fixed-response` .", + "title": "FixedResponseConfig" + }, + "ForwardConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.ForwardConfig", + "markdownDescription": "Information for creating an action that distributes requests among one or more target groups. For Network Load Balancers, you can specify a single target group. Specify only when `Type` is `forward` . If you specify both `ForwardConfig` and `TargetGroupArn` , you can specify only one target group using `ForwardConfig` and it must be the same target group specified in `TargetGroupArn` .", + "title": "ForwardConfig" + }, + "Order": { + "markdownDescription": "The order for the action. This value is required for rules with multiple actions. The action with the lowest value for order is performed first.", + "title": "Order", + "type": "number" + }, + "RedirectConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.RedirectConfig", + "markdownDescription": "[Application Load Balancer] Information for creating a redirect action. Specify only when `Type` is `redirect` .", + "title": "RedirectConfig" + }, + "TargetGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the target group. Specify only when `Type` is `forward` and you want to route to a single target group. To route to one or more target groups, use `ForwardConfig` instead.", + "title": "TargetGroupArn", "type": "string" }, - "Reset": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of configuration nodes to reset to default values on target devices. Use JSON pointers to specify each node to reset. JSON pointers start with a forward slash ( `/` ) and use forward slashes to separate the key for each level in the object. For more information, see the [JSON pointer specification](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) and [Reset configuration updates](https://docs.aws.amazon.com/greengrass/v2/developerguide/update-component-configurations.html#reset-configuration-update) in the *AWS IoT Greengrass V2 Developer Guide* .", - "title": "Reset", - "type": "array" + "Type": { + "markdownDescription": "The type of action.", + "title": "Type", + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::GreengrassV2::Deployment.ComponentDeploymentSpecification": { + "AWS::ElasticLoadBalancingV2::Listener.AuthenticateCognitoConfig": { "additionalProperties": false, "properties": { - "ComponentVersion": { - "markdownDescription": "The version of the component.", - "title": "ComponentVersion", + "AuthenticationRequestExtraParams": { + "additionalProperties": true, + "markdownDescription": "The query parameters (up to 10) to include in the redirect request to the authorization endpoint.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AuthenticationRequestExtraParams", + "type": "object" + }, + "OnUnauthenticatedRequest": { + "markdownDescription": "The behavior if the user is not authenticated. The following are possible values:\n\n- deny `` - Return an HTTP 401 Unauthorized error.\n- allow `` - Allow the request to be forwarded to the target.\n- authenticate `` - Redirect the request to the IdP authorization endpoint. This is the default value.", + "title": "OnUnauthenticatedRequest", "type": "string" }, - "ConfigurationUpdate": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.ComponentConfigurationUpdate", - "markdownDescription": "The configuration updates to deploy for the component. You can define reset updates and merge updates. A reset updates the keys that you specify to the default configuration for the component. A merge updates the core device's component configuration with the keys and values that you specify. The AWS IoT Greengrass Core software applies reset updates before it applies merge updates. For more information, see [Update component configuration](https://docs.aws.amazon.com/greengrass/v2/developerguide/update-component-configurations.html) .", - "title": "ConfigurationUpdate" + "Scope": { + "markdownDescription": "The set of user claims to be requested from the IdP. The default is `openid` .\n\nTo verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.", + "title": "Scope", + "type": "string" }, - "RunWith": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.ComponentRunWith", - "markdownDescription": "The system user and group that the software uses to run component processes on the core device. If you omit this parameter, the software uses the system user and group that you configure for the core device. For more information, see [Configure the user and group that run components](https://docs.aws.amazon.com/greengrass/v2/developerguide/configure-greengrass-core-v2.html#configure-component-user) in the *AWS IoT Greengrass V2 Developer Guide* .", - "title": "RunWith" - } - }, - "type": "object" - }, - "AWS::GreengrassV2::Deployment.ComponentRunWith": { - "additionalProperties": false, - "properties": { - "PosixUser": { - "markdownDescription": "The POSIX system user and (optional) group to use to run this component. Specify the user and group separated by a colon ( `:` ) in the following format: `user:group` . The group is optional. If you don't specify a group, the AWS IoT Greengrass Core software uses the primary user for the group.", - "title": "PosixUser", + "SessionCookieName": { + "markdownDescription": "The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.", + "title": "SessionCookieName", "type": "string" }, - "SystemResourceLimits": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.SystemResourceLimits", - "markdownDescription": "The system resource limits to apply to this component's process on the core device. AWS IoT Greengrass supports this feature only on Linux core devices.\n\nIf you omit this parameter, the AWS IoT Greengrass Core software uses the default system resource limits that you configure on the AWS IoT Greengrass nucleus component. For more information, see [Configure system resource limits for components](https://docs.aws.amazon.com/greengrass/v2/developerguide/configure-greengrass-core-v2.html#configure-component-system-resource-limits) .", - "title": "SystemResourceLimits" + "SessionTimeout": { + "markdownDescription": "The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).", + "title": "SessionTimeout", + "type": "string" }, - "WindowsUser": { - "markdownDescription": "The Windows user to use to run this component on Windows core devices. The user must exist on each Windows core device, and its name and password must be in the LocalSystem account's Credentials Manager instance.\n\nIf you omit this parameter, the AWS IoT Greengrass Core software uses the default Windows user that you configure on the AWS IoT Greengrass nucleus component. For more information, see [Configure the user and group that run components](https://docs.aws.amazon.com/greengrass/v2/developerguide/configure-greengrass-core-v2.html#configure-component-user) .", - "title": "WindowsUser", + "UserPoolArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Cognito user pool.", + "title": "UserPoolArn", "type": "string" - } - }, - "type": "object" - }, - "AWS::GreengrassV2::Deployment.DeploymentComponentUpdatePolicy": { - "additionalProperties": false, - "properties": { - "Action": { - "markdownDescription": "Whether or not to notify components and wait for components to become safe to update. Choose from the following options:\n\n- `NOTIFY_COMPONENTS` \u2013 The deployment notifies each component before it stops and updates that component. Components can use the [SubscribeToComponentUpdates](https://docs.aws.amazon.com/greengrass/v2/developerguide/interprocess-communication.html#ipc-operation-subscribetocomponentupdates) IPC operation to receive these notifications. Then, components can respond with the [DeferComponentUpdate](https://docs.aws.amazon.com/greengrass/v2/developerguide/interprocess-communication.html#ipc-operation-defercomponentupdate) IPC operation. For more information, see the [Create deployments](https://docs.aws.amazon.com/greengrass/v2/developerguide/create-deployments.html) in the *AWS IoT Greengrass V2 Developer Guide* .\n- `SKIP_NOTIFY_COMPONENTS` \u2013 The deployment doesn't notify components or wait for them to be safe to update.\n\nDefault: `NOTIFY_COMPONENTS`", - "title": "Action", + }, + "UserPoolClientId": { + "markdownDescription": "The ID of the Amazon Cognito user pool client.", + "title": "UserPoolClientId", "type": "string" }, - "TimeoutInSeconds": { - "markdownDescription": "The amount of time in seconds that each component on a device has to report that it's safe to update. If the component waits for longer than this timeout, then the deployment proceeds on the device.\n\nDefault: `60`", - "title": "TimeoutInSeconds", - "type": "number" + "UserPoolDomain": { + "markdownDescription": "The domain prefix or fully-qualified domain name of the Amazon Cognito user pool.", + "title": "UserPoolDomain", + "type": "string" } }, + "required": [ + "UserPoolArn", + "UserPoolClientId", + "UserPoolDomain" + ], "type": "object" }, - "AWS::GreengrassV2::Deployment.DeploymentConfigurationValidationPolicy": { + "AWS::ElasticLoadBalancingV2::Listener.AuthenticateOidcConfig": { "additionalProperties": false, "properties": { - "TimeoutInSeconds": { - "markdownDescription": "The amount of time in seconds that a component can validate its configuration updates. If the validation time exceeds this timeout, then the deployment proceeds for the device.\n\nDefault: `30`", - "title": "TimeoutInSeconds", - "type": "number" + "AuthenticationRequestExtraParams": { + "additionalProperties": true, + "markdownDescription": "The query parameters (up to 10) to include in the redirect request to the authorization endpoint.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AuthenticationRequestExtraParams", + "type": "object" + }, + "AuthorizationEndpoint": { + "markdownDescription": "The authorization endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", + "title": "AuthorizationEndpoint", + "type": "string" + }, + "ClientId": { + "markdownDescription": "The OAuth 2.0 client identifier.", + "title": "ClientId", + "type": "string" + }, + "ClientSecret": { + "markdownDescription": "The OAuth 2.0 client secret. This parameter is required if you are creating a rule. If you are modifying a rule, you can omit this parameter if you set `UseExistingClientSecret` to true.", + "title": "ClientSecret", + "type": "string" + }, + "Issuer": { + "markdownDescription": "The OIDC issuer identifier of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", + "title": "Issuer", + "type": "string" + }, + "OnUnauthenticatedRequest": { + "markdownDescription": "The behavior if the user is not authenticated. The following are possible values:\n\n- deny `` - Return an HTTP 401 Unauthorized error.\n- allow `` - Allow the request to be forwarded to the target.\n- authenticate `` - Redirect the request to the IdP authorization endpoint. This is the default value.", + "title": "OnUnauthenticatedRequest", + "type": "string" + }, + "Scope": { + "markdownDescription": "The set of user claims to be requested from the IdP. The default is `openid` .\n\nTo verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.", + "title": "Scope", + "type": "string" + }, + "SessionCookieName": { + "markdownDescription": "The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.", + "title": "SessionCookieName", + "type": "string" + }, + "SessionTimeout": { + "markdownDescription": "The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).", + "title": "SessionTimeout", + "type": "string" + }, + "TokenEndpoint": { + "markdownDescription": "The token endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", + "title": "TokenEndpoint", + "type": "string" + }, + "UseExistingClientSecret": { + "markdownDescription": "Indicates whether to use the existing client secret when modifying a rule. If you are creating a rule, you can omit this parameter or set it to false.", + "title": "UseExistingClientSecret", + "type": "boolean" + }, + "UserInfoEndpoint": { + "markdownDescription": "The user info endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", + "title": "UserInfoEndpoint", + "type": "string" } }, + "required": [ + "AuthorizationEndpoint", + "ClientId", + "Issuer", + "TokenEndpoint", + "UserInfoEndpoint" + ], "type": "object" }, - "AWS::GreengrassV2::Deployment.DeploymentIoTJobConfiguration": { + "AWS::ElasticLoadBalancingV2::Listener.Certificate": { "additionalProperties": false, "properties": { - "AbortConfig": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.IoTJobAbortConfig", - "markdownDescription": "The stop configuration for the job. This configuration defines when and how to stop a job rollout.", - "title": "AbortConfig" - }, - "JobExecutionsRolloutConfig": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.IoTJobExecutionsRolloutConfig", - "markdownDescription": "The rollout configuration for the job. This configuration defines the rate at which the job rolls out to the fleet of target devices.", - "title": "JobExecutionsRolloutConfig" - }, - "TimeoutConfig": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.IoTJobTimeoutConfig", - "markdownDescription": "The timeout configuration for the job. This configuration defines the amount of time each device has to complete the job.", - "title": "TimeoutConfig" + "CertificateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the certificate.", + "title": "CertificateArn", + "type": "string" } }, "type": "object" }, - "AWS::GreengrassV2::Deployment.DeploymentPolicies": { + "AWS::ElasticLoadBalancingV2::Listener.FixedResponseConfig": { "additionalProperties": false, "properties": { - "ComponentUpdatePolicy": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.DeploymentComponentUpdatePolicy", - "markdownDescription": "The component update policy for the configuration deployment. This policy defines when it's safe to deploy the configuration to devices.", - "title": "ComponentUpdatePolicy" + "ContentType": { + "markdownDescription": "The content type.\n\nValid Values: text/plain | text/css | text/html | application/javascript | application/json", + "title": "ContentType", + "type": "string" }, - "ConfigurationValidationPolicy": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.DeploymentConfigurationValidationPolicy", - "markdownDescription": "The configuration validation policy for the configuration deployment. This policy defines how long each component has to validate its configure updates.", - "title": "ConfigurationValidationPolicy" + "MessageBody": { + "markdownDescription": "The message.", + "title": "MessageBody", + "type": "string" }, - "FailureHandlingPolicy": { - "markdownDescription": "The failure handling policy for the configuration deployment. This policy defines what to do if the deployment fails.\n\nDefault: `ROLLBACK`", - "title": "FailureHandlingPolicy", + "StatusCode": { + "markdownDescription": "The HTTP response code (2XX, 4XX, or 5XX).", + "title": "StatusCode", "type": "string" } }, + "required": [ + "StatusCode" + ], "type": "object" }, - "AWS::GreengrassV2::Deployment.IoTJobAbortConfig": { + "AWS::ElasticLoadBalancingV2::Listener.ForwardConfig": { "additionalProperties": false, "properties": { - "CriteriaList": { + "TargetGroupStickinessConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.TargetGroupStickinessConfig", + "markdownDescription": "Information about the target group stickiness for a rule.", + "title": "TargetGroupStickinessConfig" + }, + "TargetGroups": { "items": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.IoTJobAbortCriteria" + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.TargetGroupTuple" }, - "markdownDescription": "The list of criteria that define when and how to cancel the configuration deployment.", - "title": "CriteriaList", + "markdownDescription": "Information about how traffic will be distributed between multiple target groups in a forward rule.", + "title": "TargetGroups", "type": "array" } }, - "required": [ - "CriteriaList" - ], "type": "object" }, - "AWS::GreengrassV2::Deployment.IoTJobAbortCriteria": { + "AWS::ElasticLoadBalancingV2::Listener.ListenerAttribute": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The action to perform when the criteria are met.", - "title": "Action", + "Key": { + "markdownDescription": "The name of the attribute.\n\nThe following attribute is supported by Network Load Balancers, and Gateway Load Balancers.\n\n- `tcp.idle_timeout.seconds` - The tcp idle timeout value, in seconds. The valid range is 60-6000 seconds. The default is 350 seconds.\n\nThe following attributes are only supported by Application Load Balancers.\n\n- `routing.http.request.x_amzn_mtls_clientcert_serial_number.header_name` - Enables you to modify the header name of the *X-Amzn-Mtls-Clientcert-Serial-Number* HTTP request header.\n- `routing.http.request.x_amzn_mtls_clientcert_issuer.header_name` - Enables you to modify the header name of the *X-Amzn-Mtls-Clientcert-Issuer* HTTP request header.\n- `routing.http.request.x_amzn_mtls_clientcert_subject.header_name` - Enables you to modify the header name of the *X-Amzn-Mtls-Clientcert-Subject* HTTP request header.\n- `routing.http.request.x_amzn_mtls_clientcert_validity.header_name` - Enables you to modify the header name of the *X-Amzn-Mtls-Clientcert-Validity* HTTP request header.\n- `routing.http.request.x_amzn_mtls_clientcert_leaf.header_name` - Enables you to modify the header name of the *X-Amzn-Mtls-Clientcert-Leaf* HTTP request header.\n- `routing.http.request.x_amzn_mtls_clientcert.header_name` - Enables you to modify the header name of the *X-Amzn-Mtls-Clientcert* HTTP request header.\n- `routing.http.request.x_amzn_tls_version.header_name` - Enables you to modify the header name of the *X-Amzn-Tls-Version* HTTP request header.\n- `routing.http.request.x_amzn_tls_cipher_suite.header_name` - Enables you to modify the header name of the *X-Amzn-Tls-Cipher-Suite* HTTP request header.\n- `routing.http.response.server.enabled` - Enables you to allow or remove the HTTP response server header.\n- `routing.http.response.strict_transport_security.header_value` - Informs browsers that the site should only be accessed using HTTPS, and that any future attempts to access it using HTTP should automatically be converted to HTTPS.\n- `routing.http.response.access_control_allow_origin.header_value` - Specifies which origins are allowed to access the server.\n- `routing.http.response.access_control_allow_methods.header_value` - Returns which HTTP methods are allowed when accessing the server from a different origin.\n- `routing.http.response.access_control_allow_headers.header_value` - Specifies which headers can be used during the request.\n- `routing.http.response.access_control_allow_credentials.header_value` - Indicates whether the browser should include credentials such as cookies or authentication when making requests.\n- `routing.http.response.access_control_expose_headers.header_value` - Returns which headers the browser can expose to the requesting client.\n- `routing.http.response.access_control_max_age.header_value` - Specifies how long the results of a preflight request can be cached, in seconds.\n- `routing.http.response.content_security_policy.header_value` - Specifies restrictions enforced by the browser to help minimize the risk of certain types of security threats.\n- `routing.http.response.x_content_type_options.header_value` - Indicates whether the MIME types advertised in the *Content-Type* headers should be followed and not be changed.\n- `routing.http.response.x_frame_options.header_value` - Indicates whether the browser is allowed to render a page in a *frame* , *iframe* , *embed* or *object* .", + "title": "Key", "type": "string" }, - "FailureType": { - "markdownDescription": "The type of job deployment failure that can cancel a job.", - "title": "FailureType", + "Value": { + "markdownDescription": "The value of the attribute.", + "title": "Value", "type": "string" - }, - "MinNumberOfExecutedThings": { - "markdownDescription": "The minimum number of things that receive the configuration before the job can cancel.", - "title": "MinNumberOfExecutedThings", - "type": "number" - }, - "ThresholdPercentage": { - "markdownDescription": "The minimum percentage of `failureType` failures that occur before the job can cancel.\n\nThis parameter supports up to two digits after the decimal (for example, you can specify `10.9` or `10.99` , but not `10.999` ).", - "title": "ThresholdPercentage", - "type": "number" } }, - "required": [ - "Action", - "FailureType", - "MinNumberOfExecutedThings", - "ThresholdPercentage" - ], "type": "object" }, - "AWS::GreengrassV2::Deployment.IoTJobExecutionsRolloutConfig": { + "AWS::ElasticLoadBalancingV2::Listener.MutualAuthentication": { "additionalProperties": false, "properties": { - "ExponentialRate": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.IoTJobExponentialRolloutRate", - "markdownDescription": "The exponential rate to increase the job rollout rate.", - "title": "ExponentialRate" + "AdvertiseTrustStoreCaNames": { + "markdownDescription": "Indicates whether trust store CA certificate names are advertised.", + "title": "AdvertiseTrustStoreCaNames", + "type": "string" }, - "MaximumPerMinute": { - "markdownDescription": "The maximum number of devices that receive a pending job notification, per minute.", - "title": "MaximumPerMinute", - "type": "number" + "IgnoreClientCertificateExpiry": { + "markdownDescription": "Indicates whether expired client certificates are ignored.", + "title": "IgnoreClientCertificateExpiry", + "type": "boolean" + }, + "Mode": { + "markdownDescription": "The client certificate handling method. Options are `off` , `passthrough` or `verify` . The default value is `off` .", + "title": "Mode", + "type": "string" + }, + "TrustStoreArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the trust store.", + "title": "TrustStoreArn", + "type": "string" } }, "type": "object" }, - "AWS::GreengrassV2::Deployment.IoTJobExponentialRolloutRate": { + "AWS::ElasticLoadBalancingV2::Listener.RedirectConfig": { "additionalProperties": false, "properties": { - "BaseRatePerMinute": { - "markdownDescription": "The minimum number of devices that receive a pending job notification, per minute, when the job starts. This parameter defines the initial rollout rate of the job.", - "title": "BaseRatePerMinute", - "type": "number" + "Host": { + "markdownDescription": "The hostname. This component is not percent-encoded. The hostname can contain #{host}.", + "title": "Host", + "type": "string" }, - "IncrementFactor": { - "markdownDescription": "The exponential factor to increase the rollout rate for the job.\n\nThis parameter supports up to one digit after the decimal (for example, you can specify `1.5` , but not `1.55` ).", - "title": "IncrementFactor", - "type": "number" + "Path": { + "markdownDescription": "The absolute path, starting with the leading \"/\". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}.", + "title": "Path", + "type": "string" }, - "RateIncreaseCriteria": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.IoTJobRateIncreaseCriteria", - "markdownDescription": "The criteria to increase the rollout rate for the job.", - "title": "RateIncreaseCriteria" + "Port": { + "markdownDescription": "The port. You can specify a value from 1 to 65535 or #{port}.", + "title": "Port", + "type": "string" + }, + "Protocol": { + "markdownDescription": "The protocol. You can specify HTTP, HTTPS, or #{protocol}. You can redirect HTTP to HTTP, HTTP to HTTPS, and HTTPS to HTTPS. You can't redirect HTTPS to HTTP.", + "title": "Protocol", + "type": "string" + }, + "Query": { + "markdownDescription": "The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading \"?\", as it is automatically added. You can specify any of the reserved keywords.", + "title": "Query", + "type": "string" + }, + "StatusCode": { + "markdownDescription": "The HTTP redirect code. The redirect is either permanent (HTTP 301) or temporary (HTTP 302).", + "title": "StatusCode", + "type": "string" } }, "required": [ - "BaseRatePerMinute", - "IncrementFactor", - "RateIncreaseCriteria" + "StatusCode" ], "type": "object" }, - "AWS::GreengrassV2::Deployment.IoTJobRateIncreaseCriteria": { + "AWS::ElasticLoadBalancingV2::Listener.TargetGroupStickinessConfig": { "additionalProperties": false, "properties": { - "NumberOfNotifiedThings": { - "markdownDescription": "The number of devices to receive the job notification before the rollout rate increases.", - "title": "NumberOfNotifiedThings", + "DurationSeconds": { + "markdownDescription": "The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days). You must specify this value when enabling target group stickiness.", + "title": "DurationSeconds", "type": "number" }, - "NumberOfSucceededThings": { - "markdownDescription": "The number of devices to successfully run the configuration job before the rollout rate increases.", - "title": "NumberOfSucceededThings", - "type": "number" - } - }, - "type": "object" - }, - "AWS::GreengrassV2::Deployment.IoTJobTimeoutConfig": { - "additionalProperties": false, - "properties": { - "InProgressTimeoutInMinutes": { - "markdownDescription": "The amount of time, in minutes, that devices have to complete the job. The timer starts when the job status is set to `IN_PROGRESS` . If the job status doesn't change to a terminal state before the time expires, then the job status is set to `TIMED_OUT` .\n\nThe timeout interval must be between 1 minute and 7 days (10080 minutes).", - "title": "InProgressTimeoutInMinutes", - "type": "number" + "Enabled": { + "markdownDescription": "Indicates whether target group stickiness is enabled.", + "title": "Enabled", + "type": "boolean" } }, "type": "object" }, - "AWS::GreengrassV2::Deployment.SystemResourceLimits": { + "AWS::ElasticLoadBalancingV2::Listener.TargetGroupTuple": { "additionalProperties": false, "properties": { - "Cpus": { - "markdownDescription": "The maximum amount of CPU time that a component's processes can use on the core device. A core device's total CPU time is equivalent to the device's number of CPU cores. For example, on a core device with 4 CPU cores, you can set this value to 2 to limit the component's processes to 50 percent usage of each CPU core. On a device with 1 CPU core, you can set this value to 0.25 to limit the component's processes to 25 percent usage of the CPU. If you set this value to a number greater than the number of CPU cores, the AWS IoT Greengrass Core software doesn't limit the component's CPU usage.", - "title": "Cpus", - "type": "number" + "TargetGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the target group.", + "title": "TargetGroupArn", + "type": "string" }, - "Memory": { - "markdownDescription": "The maximum amount of RAM, expressed in kilobytes, that a component's processes can use on the core device. For more information, see [Configure system resource limits for components](https://docs.aws.amazon.com/greengrass/v2/developerguide/configure-greengrass-core-v2.html#configure-component-system-resource-limits) .", - "title": "Memory", + "Weight": { + "markdownDescription": "The weight. The range is 0 to 999.", + "title": "Weight", "type": "number" } }, "type": "object" }, - "AWS::GroundStation::Config": { + "AWS::ElasticLoadBalancingV2::ListenerCertificate": { "additionalProperties": false, "properties": { "Condition": { @@ -112079,34 +115777,29 @@ "Properties": { "additionalProperties": false, "properties": { - "ConfigData": { - "$ref": "#/definitions/AWS::GroundStation::Config.ConfigData", - "markdownDescription": "Object containing the parameters of a config. Only one subtype may be specified per config. See the subtype definitions for a description of each config subtype.", - "title": "ConfigData" - }, - "Name": { - "markdownDescription": "The name of the config object.", - "title": "Name", - "type": "string" - }, - "Tags": { + "Certificates": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerCertificate.Certificate" }, - "markdownDescription": "Tags assigned to a resource.", - "title": "Tags", + "markdownDescription": "The certificate. You can specify one certificate per resource.", + "title": "Certificates", "type": "array" + }, + "ListenerArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the listener.", + "title": "ListenerArn", + "type": "string" } }, "required": [ - "ConfigData", - "Name" + "Certificates", + "ListenerArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::GroundStation::Config" + "AWS::ElasticLoadBalancingV2::ListenerCertificate" ], "type": "string" }, @@ -112125,272 +115818,561 @@ ], "type": "object" }, - "AWS::GroundStation::Config.AntennaDownlinkConfig": { - "additionalProperties": false, - "properties": { - "SpectrumConfig": { - "$ref": "#/definitions/AWS::GroundStation::Config.SpectrumConfig", - "markdownDescription": "Defines the spectrum configuration.", - "title": "SpectrumConfig" - } - }, - "type": "object" - }, - "AWS::GroundStation::Config.AntennaDownlinkDemodDecodeConfig": { + "AWS::ElasticLoadBalancingV2::ListenerCertificate.Certificate": { "additionalProperties": false, "properties": { - "DecodeConfig": { - "$ref": "#/definitions/AWS::GroundStation::Config.DecodeConfig", - "markdownDescription": "Defines how the RF signal will be decoded.", - "title": "DecodeConfig" - }, - "DemodulationConfig": { - "$ref": "#/definitions/AWS::GroundStation::Config.DemodulationConfig", - "markdownDescription": "Defines how the RF signal will be demodulated.", - "title": "DemodulationConfig" - }, - "SpectrumConfig": { - "$ref": "#/definitions/AWS::GroundStation::Config.SpectrumConfig", - "markdownDescription": "Defines the spectrum configuration.", - "title": "SpectrumConfig" + "CertificateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the certificate.", + "title": "CertificateArn", + "type": "string" } }, "type": "object" }, - "AWS::GroundStation::Config.AntennaUplinkConfig": { + "AWS::ElasticLoadBalancingV2::ListenerRule": { "additionalProperties": false, "properties": { - "SpectrumConfig": { - "$ref": "#/definitions/AWS::GroundStation::Config.UplinkSpectrumConfig", - "markdownDescription": "Defines the spectrum configuration.", - "title": "SpectrumConfig" - }, - "TargetEirp": { - "$ref": "#/definitions/AWS::GroundStation::Config.Eirp", - "markdownDescription": "The equivalent isotropically radiated power (EIRP) to use for uplink transmissions. Valid values are between 20.0 to 50.0 dBW.", - "title": "TargetEirp" + "Condition": { + "type": "string" }, - "TransmitDisabled": { - "markdownDescription": "Whether or not uplink transmit is disabled.", - "title": "TransmitDisabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::GroundStation::Config.ConfigData": { - "additionalProperties": false, - "properties": { - "AntennaDownlinkConfig": { - "$ref": "#/definitions/AWS::GroundStation::Config.AntennaDownlinkConfig", - "markdownDescription": "Provides information for an antenna downlink config object. Antenna downlink config objects are used to provide parameters for downlinks where no demodulation or decoding is performed by Ground Station (RF over IP downlinks).", - "title": "AntennaDownlinkConfig" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "AntennaDownlinkDemodDecodeConfig": { - "$ref": "#/definitions/AWS::GroundStation::Config.AntennaDownlinkDemodDecodeConfig", - "markdownDescription": "Provides information for a downlink demod decode config object. Downlink demod decode config objects are used to provide parameters for downlinks where the Ground Station service will demodulate and decode the downlinked data.", - "title": "AntennaDownlinkDemodDecodeConfig" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "AntennaUplinkConfig": { - "$ref": "#/definitions/AWS::GroundStation::Config.AntennaUplinkConfig", - "markdownDescription": "Provides information for an uplink config object. Uplink config objects are used to provide parameters for uplink contacts.", - "title": "AntennaUplinkConfig" + "Metadata": { + "type": "object" }, - "DataflowEndpointConfig": { - "$ref": "#/definitions/AWS::GroundStation::Config.DataflowEndpointConfig", - "markdownDescription": "Provides information for a dataflow endpoint config object. Dataflow endpoint config objects are used to provide parameters about which IP endpoint(s) to use during a contact. Dataflow endpoints are where Ground Station sends data during a downlink contact and where Ground Station receives data to send to the satellite during an uplink contact.", - "title": "DataflowEndpointConfig" - }, - "S3RecordingConfig": { - "$ref": "#/definitions/AWS::GroundStation::Config.S3RecordingConfig", - "markdownDescription": "Provides information for an S3 recording config object. S3 recording config objects are used to provide parameters for S3 recording during downlink contacts.", - "title": "S3RecordingConfig" + "Properties": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.Action" + }, + "markdownDescription": "The actions.\n\nThe rule must include exactly one of the following types of actions: `forward` , `fixed-response` , or `redirect` , and it must be the last action to be performed. If the rule is for an HTTPS listener, it can also optionally include an authentication action.", + "title": "Actions", + "type": "array" + }, + "Conditions": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.RuleCondition" + }, + "markdownDescription": "The conditions.\n\nThe rule can optionally include up to one of each of the following conditions: `http-request-method` , `host-header` , `path-pattern` , and `source-ip` . A rule can also optionally include one or more of each of the following conditions: `http-header` and `query-string` .", + "title": "Conditions", + "type": "array" + }, + "ListenerArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the listener.", + "title": "ListenerArn", + "type": "string" + }, + "Priority": { + "markdownDescription": "The rule priority. A listener can't have multiple rules with the same priority.\n\nIf you try to reorder rules by updating their priorities, do not specify a new priority if an existing rule already uses this priority, as this can cause an error. If you need to reuse a priority with a different rule, you must remove it as a priority first, and then specify it in a subsequent update.", + "title": "Priority", + "type": "number" + } + }, + "required": [ + "Actions", + "Conditions", + "Priority" + ], + "type": "object" }, - "TrackingConfig": { - "$ref": "#/definitions/AWS::GroundStation::Config.TrackingConfig", - "markdownDescription": "Provides information for a tracking config object. Tracking config objects are used to provide parameters about how to track the satellite through the sky during a contact.", - "title": "TrackingConfig" + "Type": { + "enum": [ + "AWS::ElasticLoadBalancingV2::ListenerRule" + ], + "type": "string" }, - "UplinkEchoConfig": { - "$ref": "#/definitions/AWS::GroundStation::Config.UplinkEchoConfig", - "markdownDescription": "Provides information for an uplink echo config object. Uplink echo config objects are used to provide parameters for uplink echo during uplink contacts.", - "title": "UplinkEchoConfig" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::GroundStation::Config.DataflowEndpointConfig": { + "AWS::ElasticLoadBalancingV2::ListenerRule.Action": { "additionalProperties": false, "properties": { - "DataflowEndpointName": { - "markdownDescription": "The name of the dataflow endpoint to use during contacts.", - "title": "DataflowEndpointName", + "AuthenticateCognitoConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.AuthenticateCognitoConfig", + "markdownDescription": "[HTTPS listeners] Information for using Amazon Cognito to authenticate users. Specify only when `Type` is `authenticate-cognito` .", + "title": "AuthenticateCognitoConfig" + }, + "AuthenticateOidcConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.AuthenticateOidcConfig", + "markdownDescription": "[HTTPS listeners] Information about an identity provider that is compliant with OpenID Connect (OIDC). Specify only when `Type` is `authenticate-oidc` .", + "title": "AuthenticateOidcConfig" + }, + "FixedResponseConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.FixedResponseConfig", + "markdownDescription": "[Application Load Balancer] Information for creating an action that returns a custom HTTP response. Specify only when `Type` is `fixed-response` .", + "title": "FixedResponseConfig" + }, + "ForwardConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.ForwardConfig", + "markdownDescription": "Information for creating an action that distributes requests among one or more target groups. For Network Load Balancers, you can specify a single target group. Specify only when `Type` is `forward` . If you specify both `ForwardConfig` and `TargetGroupArn` , you can specify only one target group using `ForwardConfig` and it must be the same target group specified in `TargetGroupArn` .", + "title": "ForwardConfig" + }, + "Order": { + "markdownDescription": "The order for the action. This value is required for rules with multiple actions. The action with the lowest value for order is performed first.", + "title": "Order", + "type": "number" + }, + "RedirectConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.RedirectConfig", + "markdownDescription": "[Application Load Balancer] Information for creating a redirect action. Specify only when `Type` is `redirect` .", + "title": "RedirectConfig" + }, + "TargetGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the target group. Specify only when `Type` is `forward` and you want to route to a single target group. To route to one or more target groups, use `ForwardConfig` instead.", + "title": "TargetGroupArn", "type": "string" }, - "DataflowEndpointRegion": { - "markdownDescription": "The region of the dataflow endpoint to use during contacts. When omitted, Ground Station will use the region of the contact.", - "title": "DataflowEndpointRegion", + "Type": { + "markdownDescription": "The type of action.", + "title": "Type", "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::GroundStation::Config.DecodeConfig": { + "AWS::ElasticLoadBalancingV2::ListenerRule.AuthenticateCognitoConfig": { "additionalProperties": false, "properties": { - "UnvalidatedJSON": { - "markdownDescription": "The decoding settings are in JSON format and define a set of steps to perform to decode the data.", - "title": "UnvalidatedJSON", + "AuthenticationRequestExtraParams": { + "additionalProperties": true, + "markdownDescription": "The query parameters (up to 10) to include in the redirect request to the authorization endpoint.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AuthenticationRequestExtraParams", + "type": "object" + }, + "OnUnauthenticatedRequest": { + "markdownDescription": "The behavior if the user is not authenticated. The following are possible values:\n\n- deny `` - Return an HTTP 401 Unauthorized error.\n- allow `` - Allow the request to be forwarded to the target.\n- authenticate `` - Redirect the request to the IdP authorization endpoint. This is the default value.", + "title": "OnUnauthenticatedRequest", + "type": "string" + }, + "Scope": { + "markdownDescription": "The set of user claims to be requested from the IdP. The default is `openid` .\n\nTo verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.", + "title": "Scope", + "type": "string" + }, + "SessionCookieName": { + "markdownDescription": "The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.", + "title": "SessionCookieName", + "type": "string" + }, + "SessionTimeout": { + "markdownDescription": "The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).", + "title": "SessionTimeout", + "type": "number" + }, + "UserPoolArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Cognito user pool.", + "title": "UserPoolArn", + "type": "string" + }, + "UserPoolClientId": { + "markdownDescription": "The ID of the Amazon Cognito user pool client.", + "title": "UserPoolClientId", + "type": "string" + }, + "UserPoolDomain": { + "markdownDescription": "The domain prefix or fully-qualified domain name of the Amazon Cognito user pool.", + "title": "UserPoolDomain", "type": "string" } }, + "required": [ + "UserPoolArn", + "UserPoolClientId", + "UserPoolDomain" + ], "type": "object" }, - "AWS::GroundStation::Config.DemodulationConfig": { + "AWS::ElasticLoadBalancingV2::ListenerRule.AuthenticateOidcConfig": { "additionalProperties": false, "properties": { - "UnvalidatedJSON": { - "markdownDescription": "The demodulation settings are in JSON format and define parameters for demodulation, for example which modulation scheme (e.g. PSK, QPSK, etc.) and matched filter to use.", - "title": "UnvalidatedJSON", + "AuthenticationRequestExtraParams": { + "additionalProperties": true, + "markdownDescription": "The query parameters (up to 10) to include in the redirect request to the authorization endpoint.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AuthenticationRequestExtraParams", + "type": "object" + }, + "AuthorizationEndpoint": { + "markdownDescription": "The authorization endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", + "title": "AuthorizationEndpoint", + "type": "string" + }, + "ClientId": { + "markdownDescription": "The OAuth 2.0 client identifier.", + "title": "ClientId", + "type": "string" + }, + "ClientSecret": { + "markdownDescription": "The OAuth 2.0 client secret. This parameter is required if you are creating a rule. If you are modifying a rule, you can omit this parameter if you set `UseExistingClientSecret` to true.", + "title": "ClientSecret", + "type": "string" + }, + "Issuer": { + "markdownDescription": "The OIDC issuer identifier of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", + "title": "Issuer", + "type": "string" + }, + "OnUnauthenticatedRequest": { + "markdownDescription": "The behavior if the user is not authenticated. The following are possible values:\n\n- deny `` - Return an HTTP 401 Unauthorized error.\n- allow `` - Allow the request to be forwarded to the target.\n- authenticate `` - Redirect the request to the IdP authorization endpoint. This is the default value.", + "title": "OnUnauthenticatedRequest", + "type": "string" + }, + "Scope": { + "markdownDescription": "The set of user claims to be requested from the IdP. The default is `openid` .\n\nTo verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.", + "title": "Scope", + "type": "string" + }, + "SessionCookieName": { + "markdownDescription": "The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.", + "title": "SessionCookieName", + "type": "string" + }, + "SessionTimeout": { + "markdownDescription": "The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).", + "title": "SessionTimeout", + "type": "number" + }, + "TokenEndpoint": { + "markdownDescription": "The token endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", + "title": "TokenEndpoint", + "type": "string" + }, + "UseExistingClientSecret": { + "markdownDescription": "Indicates whether to use the existing client secret when modifying a rule. If you are creating a rule, you can omit this parameter or set it to false.", + "title": "UseExistingClientSecret", + "type": "boolean" + }, + "UserInfoEndpoint": { + "markdownDescription": "The user info endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", + "title": "UserInfoEndpoint", "type": "string" } }, + "required": [ + "AuthorizationEndpoint", + "ClientId", + "Issuer", + "TokenEndpoint", + "UserInfoEndpoint" + ], "type": "object" }, - "AWS::GroundStation::Config.Eirp": { + "AWS::ElasticLoadBalancingV2::ListenerRule.FixedResponseConfig": { "additionalProperties": false, "properties": { - "Units": { - "markdownDescription": "The units of the EIRP.", - "title": "Units", + "ContentType": { + "markdownDescription": "The content type.\n\nValid Values: text/plain | text/css | text/html | application/javascript | application/json", + "title": "ContentType", "type": "string" }, - "Value": { - "markdownDescription": "The value of the EIRP. Valid values are between 20.0 to 50.0 dBW.", - "title": "Value", - "type": "number" + "MessageBody": { + "markdownDescription": "The message.", + "title": "MessageBody", + "type": "string" + }, + "StatusCode": { + "markdownDescription": "The HTTP response code (2XX, 4XX, or 5XX).", + "title": "StatusCode", + "type": "string" } }, + "required": [ + "StatusCode" + ], "type": "object" }, - "AWS::GroundStation::Config.Frequency": { + "AWS::ElasticLoadBalancingV2::ListenerRule.ForwardConfig": { "additionalProperties": false, "properties": { - "Units": { - "markdownDescription": "The units of the frequency.", - "title": "Units", + "TargetGroupStickinessConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.TargetGroupStickinessConfig", + "markdownDescription": "Information about the target group stickiness for a rule.", + "title": "TargetGroupStickinessConfig" + }, + "TargetGroups": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.TargetGroupTuple" + }, + "markdownDescription": "Information about how traffic will be distributed between multiple target groups in a forward rule.", + "title": "TargetGroups", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ElasticLoadBalancingV2::ListenerRule.HostHeaderConfig": { + "additionalProperties": false, + "properties": { + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The host names. The maximum size of each name is 128 characters. The comparison is case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character). You must include at least one \".\" character. You can include only alphabetical characters after the final \".\" character.\n\nIf you specify multiple strings, the condition is satisfied if one of the strings matches the host name.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ElasticLoadBalancingV2::ListenerRule.HttpHeaderConfig": { + "additionalProperties": false, + "properties": { + "HttpHeaderName": { + "markdownDescription": "The name of the HTTP header field. The maximum size is 40 characters. The header name is case insensitive. The allowed characters are specified by RFC 7230. Wildcards are not supported.", + "title": "HttpHeaderName", "type": "string" }, - "Value": { - "markdownDescription": "The value of the frequency. Valid values are between 2200 to 2300 MHz and 7750 to 8400 MHz for downlink and 2025 to 2120 MHz for uplink.", - "title": "Value", - "type": "number" + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The strings to compare against the value of the HTTP header. The maximum size of each string is 128 characters. The comparison strings are case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character).\n\nIf the same header appears multiple times in the request, we search them in order until a match is found.\n\nIf you specify multiple strings, the condition is satisfied if one of the strings matches the value of the HTTP header. To require that all of the strings are a match, create one condition per string.", + "title": "Values", + "type": "array" } }, "type": "object" }, - "AWS::GroundStation::Config.FrequencyBandwidth": { + "AWS::ElasticLoadBalancingV2::ListenerRule.HttpRequestMethodConfig": { "additionalProperties": false, "properties": { - "Units": { - "markdownDescription": "The units of the bandwidth.", - "title": "Units", + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The name of the request method. The maximum size is 40 characters. The allowed characters are A-Z, hyphen (-), and underscore (_). The comparison is case sensitive. Wildcards are not supported; therefore, the method name must be an exact match.\n\nIf you specify multiple strings, the condition is satisfied if one of the strings matches the HTTP request method. We recommend that you route GET and HEAD requests in the same way, because the response to a HEAD request may be cached.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ElasticLoadBalancingV2::ListenerRule.PathPatternConfig": { + "additionalProperties": false, + "properties": { + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The path patterns to compare against the request URL. The maximum size of each string is 128 characters. The comparison is case sensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character).\n\nIf you specify multiple strings, the condition is satisfied if one of them matches the request URL. The path pattern is compared only to the path of the URL, not to its query string.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ElasticLoadBalancingV2::ListenerRule.QueryStringConfig": { + "additionalProperties": false, + "properties": { + "Values": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.QueryStringKeyValue" + }, + "markdownDescription": "The key/value pairs or values to find in the query string. The maximum size of each string is 128 characters. The comparison is case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character). To search for a literal '*' or '?' character in a query string, you must escape these characters in `Values` using a '\\' character.\n\nIf you specify multiple key/value pairs or values, the condition is satisfied if one of them is found in the query string.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ElasticLoadBalancingV2::ListenerRule.QueryStringKeyValue": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The key. You can omit the key.", + "title": "Key", "type": "string" }, "Value": { - "markdownDescription": "The value of the bandwidth. AWS Ground Station currently has the following bandwidth limitations: \n\n- For `AntennaDownlinkDemodDecodeconfig` , valid values are between 125 kHz to 650 MHz.\n- For `AntennaDownlinkconfig` , valid values are between 10 kHz to 54 MHz.\n- For `AntennaUplinkConfig` , valid values are between 10 kHz to 54 MHz.", + "markdownDescription": "The value.", "title": "Value", - "type": "number" + "type": "string" } }, "type": "object" }, - "AWS::GroundStation::Config.S3RecordingConfig": { + "AWS::ElasticLoadBalancingV2::ListenerRule.RedirectConfig": { "additionalProperties": false, "properties": { - "BucketArn": { - "markdownDescription": "S3 Bucket where the data is written. The name of the S3 Bucket provided must begin with `aws-groundstation` .", - "title": "BucketArn", + "Host": { + "markdownDescription": "The hostname. This component is not percent-encoded. The hostname can contain #{host}.", + "title": "Host", "type": "string" }, - "Prefix": { - "markdownDescription": "The prefix of the S3 data object. If you choose to use any optional keys for substitution, these values will be replaced with the corresponding information from your contact details. For example, a prefix of `{satellite_id}/{year}/{month}/{day}/` will replaced with `fake_satellite_id/2021/01/10/`\n\n*Optional keys for substitution* : `{satellite_id}` | `{config-name}` | `{config-id}` | `{year}` | `{month}` | `{day}`", - "title": "Prefix", + "Path": { + "markdownDescription": "The absolute path, starting with the leading \"/\". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}.", + "title": "Path", "type": "string" }, - "RoleArn": { - "markdownDescription": "Defines the ARN of the role assumed for putting archives to S3.", - "title": "RoleArn", + "Port": { + "markdownDescription": "The port. You can specify a value from 1 to 65535 or #{port}.", + "title": "Port", + "type": "string" + }, + "Protocol": { + "markdownDescription": "The protocol. You can specify HTTP, HTTPS, or #{protocol}. You can redirect HTTP to HTTP, HTTP to HTTPS, and HTTPS to HTTPS. You can't redirect HTTPS to HTTP.", + "title": "Protocol", + "type": "string" + }, + "Query": { + "markdownDescription": "The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading \"?\", as it is automatically added. You can specify any of the reserved keywords.", + "title": "Query", + "type": "string" + }, + "StatusCode": { + "markdownDescription": "The HTTP redirect code. The redirect is either permanent (HTTP 301) or temporary (HTTP 302).", + "title": "StatusCode", "type": "string" } }, + "required": [ + "StatusCode" + ], "type": "object" }, - "AWS::GroundStation::Config.SpectrumConfig": { + "AWS::ElasticLoadBalancingV2::ListenerRule.RuleCondition": { "additionalProperties": false, "properties": { - "Bandwidth": { - "$ref": "#/definitions/AWS::GroundStation::Config.FrequencyBandwidth", - "markdownDescription": "The bandwidth of the spectrum. AWS Ground Station currently has the following bandwidth limitations: \n\n- For `AntennaDownlinkDemodDecodeconfig` , valid values are between 125 kHz to 650 MHz.\n- For `AntennaDownlinkconfig` , valid values are between 10 kHz to 54 MHz.\n- For `AntennaUplinkConfig` , valid values are between 10 kHz to 54 MHz.", - "title": "Bandwidth" + "Field": { + "markdownDescription": "The field in the HTTP request. The following are the possible values:\n\n- `http-header`\n- `http-request-method`\n- `host-header`\n- `path-pattern`\n- `query-string`\n- `source-ip`", + "title": "Field", + "type": "string" }, - "CenterFrequency": { - "$ref": "#/definitions/AWS::GroundStation::Config.Frequency", - "markdownDescription": "The center frequency of the spectrum. Valid values are between 2200 to 2300 MHz and 7750 to 8400 MHz for downlink and 2025 to 2120 MHz for uplink.", - "title": "CenterFrequency" + "HostHeaderConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.HostHeaderConfig", + "markdownDescription": "Information for a host header condition. Specify only when `Field` is `host-header` .", + "title": "HostHeaderConfig" }, - "Polarization": { - "markdownDescription": "The polarization of the spectrum. Valid values are `\"RIGHT_HAND\"` and `\"LEFT_HAND\"` . Capturing both `\"RIGHT_HAND\"` and `\"LEFT_HAND\"` polarization requires two separate configs.", - "title": "Polarization", - "type": "string" + "HttpHeaderConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.HttpHeaderConfig", + "markdownDescription": "Information for an HTTP header condition. Specify only when `Field` is `http-header` .", + "title": "HttpHeaderConfig" + }, + "HttpRequestMethodConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.HttpRequestMethodConfig", + "markdownDescription": "Information for an HTTP method condition. Specify only when `Field` is `http-request-method` .", + "title": "HttpRequestMethodConfig" + }, + "PathPatternConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.PathPatternConfig", + "markdownDescription": "Information for a path pattern condition. Specify only when `Field` is `path-pattern` .", + "title": "PathPatternConfig" + }, + "QueryStringConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.QueryStringConfig", + "markdownDescription": "Information for a query string condition. Specify only when `Field` is `query-string` .", + "title": "QueryStringConfig" + }, + "SourceIpConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.SourceIpConfig", + "markdownDescription": "Information for a source IP condition. Specify only when `Field` is `source-ip` .", + "title": "SourceIpConfig" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The condition value. Specify only when `Field` is `host-header` or `path-pattern` . Alternatively, to specify multiple host names or multiple path patterns, use `HostHeaderConfig` or `PathPatternConfig` .\n\nIf `Field` is `host-header` and you're not using `HostHeaderConfig` , you can specify a single host name (for example, my.example.com). A host name is case insensitive, can be up to 128 characters in length, and can contain any of the following characters.\n\n- A-Z, a-z, 0-9\n- - .\n- * (matches 0 or more characters)\n- ? (matches exactly 1 character)\n\nIf `Field` is `path-pattern` and you're not using `PathPatternConfig` , you can specify a single path pattern (for example, /img/*). A path pattern is case-sensitive, can be up to 128 characters in length, and can contain any of the following characters.\n\n- A-Z, a-z, 0-9\n- _ - . $ / ~ \" ' @ : +\n- & (using &)\n- * (matches 0 or more characters)\n- ? (matches exactly 1 character)", + "title": "Values", + "type": "array" } }, "type": "object" }, - "AWS::GroundStation::Config.TrackingConfig": { + "AWS::ElasticLoadBalancingV2::ListenerRule.SourceIpConfig": { "additionalProperties": false, "properties": { - "Autotrack": { - "markdownDescription": "Specifies whether or not to use autotrack. `REMOVED` specifies that program track should only be used during the contact. `PREFERRED` specifies that autotracking is preferred during the contact but fallback to program track if the signal is lost. `REQUIRED` specifies that autotracking is required during the contact and not to use program track if the signal is lost.", - "title": "Autotrack", - "type": "string" + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The source IP addresses, in CIDR format. You can use both IPv4 and IPv6 addresses. Wildcards are not supported.\n\nIf you specify multiple addresses, the condition is satisfied if the source IP address of the request matches one of the CIDR blocks. This condition is not satisfied by the addresses in the X-Forwarded-For header.", + "title": "Values", + "type": "array" } }, "type": "object" }, - "AWS::GroundStation::Config.UplinkEchoConfig": { + "AWS::ElasticLoadBalancingV2::ListenerRule.TargetGroupStickinessConfig": { "additionalProperties": false, "properties": { - "AntennaUplinkConfigArn": { - "markdownDescription": "Defines the ARN of the uplink config to echo back to a dataflow endpoint.", - "title": "AntennaUplinkConfigArn", - "type": "string" + "DurationSeconds": { + "markdownDescription": "The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days). You must specify this value when enabling target group stickiness.", + "title": "DurationSeconds", + "type": "number" }, "Enabled": { - "markdownDescription": "Whether or not uplink echo is enabled.", + "markdownDescription": "Indicates whether target group stickiness is enabled.", "title": "Enabled", "type": "boolean" } }, "type": "object" }, - "AWS::GroundStation::Config.UplinkSpectrumConfig": { + "AWS::ElasticLoadBalancingV2::ListenerRule.TargetGroupTuple": { "additionalProperties": false, "properties": { - "CenterFrequency": { - "$ref": "#/definitions/AWS::GroundStation::Config.Frequency", - "markdownDescription": "The center frequency of the spectrum. Valid values are between 2200 to 2300 MHz and 7750 to 8400 MHz for downlink and 2025 to 2120 MHz for uplink.", - "title": "CenterFrequency" - }, - "Polarization": { - "markdownDescription": "The polarization of the spectrum. Valid values are `\"RIGHT_HAND\"` and `\"LEFT_HAND\"` .", - "title": "Polarization", + "TargetGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the target group.", + "title": "TargetGroupArn", "type": "string" + }, + "Weight": { + "markdownDescription": "The weight. The range is 0 to 999.", + "title": "Weight", + "type": "number" } }, "type": "object" }, - "AWS::GroundStation::DataflowEndpointGroup": { + "AWS::ElasticLoadBalancingV2::LoadBalancer": { "additionalProperties": false, "properties": { "Condition": { @@ -112425,41 +116407,92 @@ "Properties": { "additionalProperties": false, "properties": { - "ContactPostPassDurationSeconds": { - "markdownDescription": "Amount of time, in seconds, after a contact ends that the Ground Station Dataflow Endpoint Group will be in a `POSTPASS` state. A Ground Station Dataflow Endpoint Group State Change event will be emitted when the Dataflow Endpoint Group enters and exits the `POSTPASS` state.", - "title": "ContactPostPassDurationSeconds", - "type": "number" + "EnablePrefixForIpv6SourceNat": { + "markdownDescription": "[Network Load Balancers with UDP listeners] Indicates whether to use an IPv6 prefix from each subnet for source NAT. The IP address type must be `dualstack` . The default value is `off` .", + "title": "EnablePrefixForIpv6SourceNat", + "type": "string" }, - "ContactPrePassDurationSeconds": { - "markdownDescription": "Amount of time, in seconds, before a contact starts that the Ground Station Dataflow Endpoint Group will be in a `PREPASS` state. A Ground Station Dataflow Endpoint Group State Change event will be emitted when the Dataflow Endpoint Group enters and exits the `PREPASS` state.", - "title": "ContactPrePassDurationSeconds", - "type": "number" + "EnforceSecurityGroupInboundRulesOnPrivateLinkTraffic": { + "markdownDescription": "Indicates whether to evaluate inbound security group rules for traffic sent to a Network Load Balancer through AWS PrivateLink . The default is `on` .\n\nYou can't configure this property on a Network Load Balancer unless you associated a security group with the load balancer when you created it.", + "title": "EnforceSecurityGroupInboundRulesOnPrivateLinkTraffic", + "type": "string" }, - "EndpointDetails": { + "IpAddressType": { + "markdownDescription": "The IP address type. Internal load balancers must use `ipv4` .\n\n[Application Load Balancers] The possible values are `ipv4` (IPv4 addresses), `dualstack` (IPv4 and IPv6 addresses), and `dualstack-without-public-ipv4` (public IPv6 addresses and private IPv4 and IPv6 addresses).\n\nApplication Load Balancer authentication supports IPv4 addresses only when connecting to an Identity Provider (IdP) or Amazon Cognito endpoint. Without a public IPv4 address the load balancer can't complete the authentication process, resulting in HTTP 500 errors.\n\n[Network Load Balancers and Gateway Load Balancers] The possible values are `ipv4` (IPv4 addresses) and `dualstack` (IPv4 and IPv6 addresses).", + "title": "IpAddressType", + "type": "string" + }, + "Ipv4IpamPoolId": { + "markdownDescription": "The ID of the IPv4 IPAM pool.", + "title": "Ipv4IpamPoolId", + "type": "string" + }, + "LoadBalancerAttributes": { "items": { - "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.EndpointDetails" + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::LoadBalancer.LoadBalancerAttribute" }, - "markdownDescription": "List of Endpoint Details, containing address and port for each endpoint. All dataflow endpoints within a single dataflow endpoint group must be of the same type. You cannot mix AWS Ground Station Agent endpoints with Dataflow endpoints in the same group. If your use case requires both types of endpoints, you must create separate dataflow endpoint groups for each type.", - "title": "EndpointDetails", + "markdownDescription": "The load balancer attributes. Attributes that you do not modify retain their current values.", + "title": "LoadBalancerAttributes", + "type": "array" + }, + "MinimumLoadBalancerCapacity": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::LoadBalancer.MinimumLoadBalancerCapacity", + "markdownDescription": "The minimum capacity for a load balancer.", + "title": "MinimumLoadBalancerCapacity" + }, + "Name": { + "markdownDescription": "The name of the load balancer. This name must be unique per region per account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, must not begin or end with a hyphen, and must not begin with \"internal-\".\n\nIf you don't specify a name, AWS CloudFormation generates a unique physical ID for the load balancer. If you specify a name, you cannot perform updates that require replacement of this resource, but you can perform other updates. To replace the resource, specify a new name.", + "title": "Name", + "type": "string" + }, + "Scheme": { + "markdownDescription": "The nodes of an Internet-facing load balancer have public IP addresses. The DNS name of an Internet-facing load balancer is publicly resolvable to the public IP addresses of the nodes. Therefore, Internet-facing load balancers can route requests from clients over the internet.\n\nThe nodes of an internal load balancer have only private IP addresses. The DNS name of an internal load balancer is publicly resolvable to the private IP addresses of the nodes. Therefore, internal load balancers can route requests only from clients with access to the VPC for the load balancer.\n\nThe default is an Internet-facing load balancer.\n\nYou can't specify a scheme for a Gateway Load Balancer.", + "title": "Scheme", + "type": "string" + }, + "SecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "[Application Load Balancers and Network Load Balancers] The IDs of the security groups for the load balancer.", + "title": "SecurityGroups", + "type": "array" + }, + "SubnetMappings": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::LoadBalancer.SubnetMapping" + }, + "markdownDescription": "The IDs of the subnets. You can specify only one subnet per Availability Zone. You must specify either subnets or subnet mappings, but not both.\n\n[Application Load Balancers] You must specify subnets from at least two Availability Zones. You can't specify Elastic IP addresses for your subnets.\n\n[Application Load Balancers on Outposts] You must specify one Outpost subnet.\n\n[Application Load Balancers on Local Zones] You can specify subnets from one or more Local Zones.\n\n[Network Load Balancers] You can specify subnets from one or more Availability Zones. You can specify one Elastic IP address per subnet if you need static IP addresses for your internet-facing load balancer. For internal load balancers, you can specify one private IP address per subnet from the IPv4 range of the subnet. For internet-facing load balancer, you can specify one IPv6 address per subnet.\n\n[Gateway Load Balancers] You can specify subnets from one or more Availability Zones. You can't specify Elastic IP addresses for your subnets.", + "title": "SubnetMappings", + "type": "array" + }, + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the subnets. You can specify only one subnet per Availability Zone. You must specify either subnets or subnet mappings, but not both. To specify an Elastic IP address, specify subnet mappings instead of subnets.\n\n[Application Load Balancers] You must specify subnets from at least two Availability Zones.\n\n[Application Load Balancers on Outposts] You must specify one Outpost subnet.\n\n[Application Load Balancers on Local Zones] You can specify subnets from one or more Local Zones.\n\n[Network Load Balancers and Gateway Load Balancers] You can specify subnets from one or more Availability Zones.", + "title": "Subnets", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Tags assigned to a resource.", + "markdownDescription": "The tags to assign to the load balancer.", "title": "Tags", "type": "array" + }, + "Type": { + "markdownDescription": "The type of load balancer. The default is `application` .", + "title": "Type", + "type": "string" } }, - "required": [ - "EndpointDetails" - ], "type": "object" }, "Type": { "enum": [ - "AWS::GroundStation::DataflowEndpointGroup" + "AWS::ElasticLoadBalancingV2::LoadBalancer" ], "type": "string" }, @@ -112473,192 +116506,75 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::GroundStation::DataflowEndpointGroup.AwsGroundStationAgentEndpoint": { + "AWS::ElasticLoadBalancingV2::LoadBalancer.LoadBalancerAttribute": { "additionalProperties": false, "properties": { - "AgentStatus": { - "markdownDescription": "The status of AgentEndpoint.", - "title": "AgentStatus", - "type": "string" - }, - "AuditResults": { - "markdownDescription": "The results of the audit.", - "title": "AuditResults", + "Key": { + "markdownDescription": "The name of the attribute.\n\nThe following attributes are supported by all load balancers:\n\n- `deletion_protection.enabled` - Indicates whether deletion protection is enabled. The value is `true` or `false` . The default is `false` .\n- `load_balancing.cross_zone.enabled` - Indicates whether cross-zone load balancing is enabled. The possible values are `true` and `false` . The default for Network Load Balancers and Gateway Load Balancers is `false` . The default for Application Load Balancers is `true` , and can't be changed.\n\nThe following attributes are supported by both Application Load Balancers and Network Load Balancers:\n\n- `access_logs.s3.enabled` - Indicates whether access logs are enabled. The value is `true` or `false` . The default is `false` .\n- `access_logs.s3.bucket` - The name of the S3 bucket for the access logs. This attribute is required if access logs are enabled. The bucket must exist in the same region as the load balancer and have a bucket policy that grants Elastic Load Balancing permissions to write to the bucket.\n- `access_logs.s3.prefix` - The prefix for the location in the S3 bucket for the access logs.\n- `ipv6.deny_all_igw_traffic` - Blocks internet gateway (IGW) access to the load balancer. It is set to `false` for internet-facing load balancers and `true` for internal load balancers, preventing unintended access to your internal load balancer through an internet gateway.\n- `zonal_shift.config.enabled` - Indicates whether zonal shift is enabled. The possible values are `true` and `false` . The default is `false` .\n\nThe following attributes are supported by only Application Load Balancers:\n\n- `idle_timeout.timeout_seconds` - The idle timeout value, in seconds. The valid range is 1-4000 seconds. The default is 60 seconds.\n- `client_keep_alive.seconds` - The client keep alive value, in seconds. The valid range is 60-604800 seconds. The default is 3600 seconds.\n- `connection_logs.s3.enabled` - Indicates whether connection logs are enabled. The value is `true` or `false` . The default is `false` .\n- `connection_logs.s3.bucket` - The name of the S3 bucket for the connection logs. This attribute is required if connection logs are enabled. The bucket must exist in the same region as the load balancer and have a bucket policy that grants Elastic Load Balancing permissions to write to the bucket.\n- `connection_logs.s3.prefix` - The prefix for the location in the S3 bucket for the connection logs.\n- `routing.http.desync_mitigation_mode` - Determines how the load balancer handles requests that might pose a security risk to your application. The possible values are `monitor` , `defensive` , and `strictest` . The default is `defensive` .\n- `routing.http.drop_invalid_header_fields.enabled` - Indicates whether HTTP headers with invalid header fields are removed by the load balancer ( `true` ) or routed to targets ( `false` ). The default is `false` .\n- `routing.http.preserve_host_header.enabled` - Indicates whether the Application Load Balancer should preserve the `Host` header in the HTTP request and send it to the target without any change. The possible values are `true` and `false` . The default is `false` .\n- `routing.http.x_amzn_tls_version_and_cipher_suite.enabled` - Indicates whether the two headers ( `x-amzn-tls-version` and `x-amzn-tls-cipher-suite` ), which contain information about the negotiated TLS version and cipher suite, are added to the client request before sending it to the target. The `x-amzn-tls-version` header has information about the TLS protocol version negotiated with the client, and the `x-amzn-tls-cipher-suite` header has information about the cipher suite negotiated with the client. Both headers are in OpenSSL format. The possible values for the attribute are `true` and `false` . The default is `false` .\n- `routing.http.xff_client_port.enabled` - Indicates whether the `X-Forwarded-For` header should preserve the source port that the client used to connect to the load balancer. The possible values are `true` and `false` . The default is `false` .\n- `routing.http.xff_header_processing.mode` - Enables you to modify, preserve, or remove the `X-Forwarded-For` header in the HTTP request before the Application Load Balancer sends the request to the target. The possible values are `append` , `preserve` , and `remove` . The default is `append` .\n\n- If the value is `append` , the Application Load Balancer adds the client IP address (of the last hop) to the `X-Forwarded-For` header in the HTTP request before it sends it to targets.\n- If the value is `preserve` the Application Load Balancer preserves the `X-Forwarded-For` header in the HTTP request, and sends it to targets without any change.\n- If the value is `remove` , the Application Load Balancer removes the `X-Forwarded-For` header in the HTTP request before it sends it to targets.\n- `routing.http2.enabled` - Indicates whether HTTP/2 is enabled. The possible values are `true` and `false` . The default is `true` . Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens.\n- `waf.fail_open.enabled` - Indicates whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to AWS WAF. The possible values are `true` and `false` . The default is `false` .\n\nThe following attributes are supported by only Network Load Balancers:\n\n- `dns_record.client_routing_policy` - Indicates how traffic is distributed among the load balancer Availability Zones. The possible values are `availability_zone_affinity` with 100 percent zonal affinity, `partial_availability_zone_affinity` with 85 percent zonal affinity, and `any_availability_zone` with 0 percent zonal affinity.", + "title": "Key", "type": "string" }, - "EgressAddress": { - "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.ConnectionDetails", - "markdownDescription": "The egress address of AgentEndpoint.", - "title": "EgressAddress" - }, - "IngressAddress": { - "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.RangedConnectionDetails", - "markdownDescription": "The ingress address of AgentEndpoint.", - "title": "IngressAddress" - }, - "Name": { - "markdownDescription": "Name string associated with AgentEndpoint. Used as a human-readable identifier for AgentEndpoint.", - "title": "Name", + "Value": { + "markdownDescription": "The value of the attribute.", + "title": "Value", "type": "string" } }, "type": "object" }, - "AWS::GroundStation::DataflowEndpointGroup.ConnectionDetails": { + "AWS::ElasticLoadBalancingV2::LoadBalancer.MinimumLoadBalancerCapacity": { "additionalProperties": false, "properties": { - "Mtu": { - "markdownDescription": "Maximum transmission unit (MTU) size in bytes of a dataflow endpoint.", - "title": "Mtu", + "CapacityUnits": { + "markdownDescription": "The number of capacity units.", + "title": "CapacityUnits", "type": "number" - }, - "SocketAddress": { - "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.SocketAddress", - "markdownDescription": "A socket address.", - "title": "SocketAddress" } }, + "required": [ + "CapacityUnits" + ], "type": "object" }, - "AWS::GroundStation::DataflowEndpointGroup.DataflowEndpoint": { + "AWS::ElasticLoadBalancingV2::LoadBalancer.SubnetMapping": { "additionalProperties": false, "properties": { - "Address": { - "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.SocketAddress", - "markdownDescription": "The address and port of an endpoint.", - "title": "Address" - }, - "Mtu": { - "markdownDescription": "Maximum transmission unit (MTU) size in bytes of a dataflow endpoint. Valid values are between 1400 and 1500. A default value of 1500 is used if not set.", - "title": "Mtu", - "type": "number" - }, - "Name": { - "markdownDescription": "The endpoint name.\n\nWhen listing available contacts for a satellite, Ground Station searches for a dataflow endpoint whose name matches the value specified by the dataflow endpoint config of the selected mission profile. If no matching dataflow endpoints are found then Ground Station will not display any available contacts for the satellite.", - "title": "Name", + "AllocationId": { + "markdownDescription": "[Network Load Balancers] The allocation ID of the Elastic IP address for an internet-facing load balancer.", + "title": "AllocationId", "type": "string" - } - }, - "type": "object" - }, - "AWS::GroundStation::DataflowEndpointGroup.EndpointDetails": { - "additionalProperties": false, - "properties": { - "AwsGroundStationAgentEndpoint": { - "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.AwsGroundStationAgentEndpoint", - "markdownDescription": "An agent endpoint.", - "title": "AwsGroundStationAgentEndpoint" - }, - "Endpoint": { - "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.DataflowEndpoint", - "markdownDescription": "Information about the endpoint such as name and the endpoint address.", - "title": "Endpoint" - }, - "SecurityDetails": { - "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.SecurityDetails", - "markdownDescription": "The role ARN, and IDs for security groups and subnets.", - "title": "SecurityDetails" - } - }, - "type": "object" - }, - "AWS::GroundStation::DataflowEndpointGroup.IntegerRange": { - "additionalProperties": false, - "properties": { - "Maximum": { - "markdownDescription": "A maximum value.", - "title": "Maximum", - "type": "number" - }, - "Minimum": { - "markdownDescription": "A minimum value.", - "title": "Minimum", - "type": "number" - } - }, - "type": "object" - }, - "AWS::GroundStation::DataflowEndpointGroup.RangedConnectionDetails": { - "additionalProperties": false, - "properties": { - "Mtu": { - "markdownDescription": "Maximum transmission unit (MTU) size in bytes of a dataflow endpoint.", - "title": "Mtu", - "type": "number" }, - "SocketAddress": { - "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.RangedSocketAddress", - "markdownDescription": "A ranged socket address.", - "title": "SocketAddress" - } - }, - "type": "object" - }, - "AWS::GroundStation::DataflowEndpointGroup.RangedSocketAddress": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "IPv4 socket address.", - "title": "Name", + "IPv6Address": { + "markdownDescription": "[Network Load Balancers] The IPv6 address.", + "title": "IPv6Address", "type": "string" }, - "PortRange": { - "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.IntegerRange", - "markdownDescription": "Port range of a socket address.", - "title": "PortRange" - } - }, - "type": "object" - }, - "AWS::GroundStation::DataflowEndpointGroup.SecurityDetails": { - "additionalProperties": false, - "properties": { - "RoleArn": { - "markdownDescription": "The ARN of a role which Ground Station has permission to assume, such as `arn:aws:iam::1234567890:role/DataDeliveryServiceRole` .\n\nGround Station will assume this role and create an ENI in your VPC on the specified subnet upon creation of a dataflow endpoint group. This ENI is used as the ingress/egress point for data streamed during a satellite contact.", - "title": "RoleArn", + "PrivateIPv4Address": { + "markdownDescription": "[Network Load Balancers] The private IPv4 address for an internal load balancer.", + "title": "PrivateIPv4Address", "type": "string" }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The security group Ids of the security role, such as `sg-1234567890abcdef0` .", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The subnet Ids of the security details, such as `subnet-12345678` .", - "title": "SubnetIds", - "type": "array" - } - }, - "type": "object" - }, - "AWS::GroundStation::DataflowEndpointGroup.SocketAddress": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the endpoint, such as `Endpoint 1` .", - "title": "Name", + "SourceNatIpv6Prefix": { + "markdownDescription": "[Network Load Balancers with UDP listeners] The IPv6 prefix to use for source NAT. Specify an IPv6 prefix (/80 netmask) from the subnet CIDR block or `auto_assigned` to use an IPv6 prefix selected at random from the subnet CIDR block.", + "title": "SourceNatIpv6Prefix", "type": "string" }, - "Port": { - "markdownDescription": "The port of the endpoint, such as `55888` .", - "title": "Port", - "type": "number" + "SubnetId": { + "markdownDescription": "The ID of the subnet.", + "title": "SubnetId", + "type": "string" } }, + "required": [ + "SubnetId" + ], "type": "object" }, - "AWS::GroundStation::MissionProfile": { + "AWS::ElasticLoadBalancingV2::TargetGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -112693,69 +116609,116 @@ "Properties": { "additionalProperties": false, "properties": { - "ContactPostPassDurationSeconds": { - "markdownDescription": "Amount of time in seconds after a contact ends that you\u2019d like to receive a Ground Station Contact State Change indicating the pass has finished.", - "title": "ContactPostPassDurationSeconds", - "type": "number" + "HealthCheckEnabled": { + "markdownDescription": "Indicates whether health checks are enabled. If the target type is `lambda` , health checks are disabled by default but can be enabled. If the target type is `instance` , `ip` , or `alb` , health checks are always enabled and can't be disabled.", + "title": "HealthCheckEnabled", + "type": "boolean" }, - "ContactPrePassDurationSeconds": { - "markdownDescription": "Amount of time in seconds prior to contact start that you'd like to receive a Ground Station Contact State Change Event indicating an upcoming pass.", - "title": "ContactPrePassDurationSeconds", + "HealthCheckIntervalSeconds": { + "markdownDescription": "The approximate amount of time, in seconds, between health checks of an individual target. The range is 5-300. If the target group protocol is TCP, TLS, UDP, TCP_UDP, HTTP or HTTPS, the default is 30 seconds. If the target group protocol is GENEVE, the default is 10 seconds. If the target type is `lambda` , the default is 35 seconds.", + "title": "HealthCheckIntervalSeconds", "type": "number" }, - "DataflowEdges": { - "items": { - "$ref": "#/definitions/AWS::GroundStation::MissionProfile.DataflowEdge" - }, - "markdownDescription": "A list containing lists of config ARNs. Each list of config ARNs is an edge, with a \"from\" config and a \"to\" config.", - "title": "DataflowEdges", - "type": "array" + "HealthCheckPath": { + "markdownDescription": "[HTTP/HTTPS health checks] The destination for health checks on the targets.\n\n[HTTP1 or HTTP2 protocol version] The ping path. The default is /.\n\n[GRPC protocol version] The path of a custom health check method with the format /package.service/method. The default is / AWS .ALB/healthcheck.", + "title": "HealthCheckPath", + "type": "string" }, - "MinimumViableContactDurationSeconds": { - "markdownDescription": "Minimum length of a contact in seconds that Ground Station will return when listing contacts. Ground Station will not return contacts shorter than this duration.", - "title": "MinimumViableContactDurationSeconds", + "HealthCheckPort": { + "markdownDescription": "The port the load balancer uses when performing health checks on targets. If the protocol is HTTP, HTTPS, TCP, TLS, UDP, or TCP_UDP, the default is `traffic-port` , which is the port on which each target receives traffic from the load balancer. If the protocol is GENEVE, the default is port 80.", + "title": "HealthCheckPort", + "type": "string" + }, + "HealthCheckProtocol": { + "markdownDescription": "The protocol the load balancer uses when performing health checks on targets. For Application Load Balancers, the default is HTTP. For Network Load Balancers and Gateway Load Balancers, the default is TCP. The TCP protocol is not supported for health checks if the protocol of the target group is HTTP or HTTPS. The GENEVE, TLS, UDP, and TCP_UDP protocols are not supported for health checks.", + "title": "HealthCheckProtocol", + "type": "string" + }, + "HealthCheckTimeoutSeconds": { + "markdownDescription": "The amount of time, in seconds, during which no response from a target means a failed health check. The range is 2\u2013120 seconds. For target groups with a protocol of HTTP, the default is 6 seconds. For target groups with a protocol of TCP, TLS or HTTPS, the default is 10 seconds. For target groups with a protocol of GENEVE, the default is 5 seconds. If the target type is `lambda` , the default is 30 seconds.", + "title": "HealthCheckTimeoutSeconds", + "type": "number" + }, + "HealthyThresholdCount": { + "markdownDescription": "The number of consecutive health check successes required before considering a target healthy. The range is 2-10. If the target group protocol is TCP, TCP_UDP, UDP, TLS, HTTP or HTTPS, the default is 5. For target groups with a protocol of GENEVE, the default is 5. If the target type is `lambda` , the default is 5.", + "title": "HealthyThresholdCount", "type": "number" }, + "IpAddressType": { + "markdownDescription": "The IP address type. The default value is `ipv4` .", + "title": "IpAddressType", + "type": "string" + }, + "Matcher": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::TargetGroup.Matcher", + "markdownDescription": "[HTTP/HTTPS health checks] The HTTP or gRPC codes to use when checking for a successful response from a target. For target groups with a protocol of TCP, TCP_UDP, UDP or TLS the range is 200-599. For target groups with a protocol of HTTP or HTTPS, the range is 200-499. For target groups with a protocol of GENEVE, the range is 200-399.", + "title": "Matcher" + }, "Name": { - "markdownDescription": "The name of the mission profile.", + "markdownDescription": "The name of the target group.\n\nThis name must be unique per region per account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen.", "title": "Name", "type": "string" }, - "StreamsKmsKey": { - "$ref": "#/definitions/AWS::GroundStation::MissionProfile.StreamsKmsKey", - "markdownDescription": "KMS key to use for encrypting streams.", - "title": "StreamsKmsKey" + "Port": { + "markdownDescription": "The port on which the targets receive traffic. This port is used unless you specify a port override when registering the target. If the target is a Lambda function, this parameter does not apply. If the protocol is GENEVE, the supported port is 6081.", + "title": "Port", + "type": "number" }, - "StreamsKmsRole": { - "markdownDescription": "Role to use for encrypting streams with KMS key.", - "title": "StreamsKmsRole", + "Protocol": { + "markdownDescription": "The protocol to use for routing traffic to the targets. For Application Load Balancers, the supported protocols are HTTP and HTTPS. For Network Load Balancers, the supported protocols are TCP, TLS, UDP, or TCP_UDP. For Gateway Load Balancers, the supported protocol is GENEVE. A TCP_UDP listener must be associated with a TCP_UDP target group. If the target is a Lambda function, this parameter does not apply.", + "title": "Protocol", + "type": "string" + }, + "ProtocolVersion": { + "markdownDescription": "[HTTP/HTTPS protocol] The protocol version. The possible values are `GRPC` , `HTTP1` , and `HTTP2` .", + "title": "ProtocolVersion", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Tags assigned to the mission profile.", + "markdownDescription": "The tags.", "title": "Tags", "type": "array" }, - "TrackingConfigArn": { - "markdownDescription": "The ARN of a tracking config objects that defines how to track the satellite through the sky during a contact.", - "title": "TrackingConfigArn", + "TargetGroupAttributes": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::TargetGroup.TargetGroupAttribute" + }, + "markdownDescription": "The target group attributes. Attributes that you do not modify retain their current values.", + "title": "TargetGroupAttributes", + "type": "array" + }, + "TargetType": { + "markdownDescription": "The type of target that you must specify when registering targets with this target group. You can't specify targets for a target group using more than one target type.\n\n- `instance` - Register targets by instance ID. This is the default value.\n- `ip` - Register targets by IP address. You can specify IP addresses from the subnets of the virtual private cloud (VPC) for the target group, the RFC 1918 range (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16), and the RFC 6598 range (100.64.0.0/10). You can't specify publicly routable IP addresses.\n- `lambda` - Register a single Lambda function as a target.\n- `alb` - Register a single Application Load Balancer as a target.", + "title": "TargetType", + "type": "string" + }, + "Targets": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::TargetGroup.TargetDescription" + }, + "markdownDescription": "The targets.", + "title": "Targets", + "type": "array" + }, + "UnhealthyThresholdCount": { + "markdownDescription": "The number of consecutive health check failures required before considering a target unhealthy. The range is 2-10. If the target group protocol is TCP, TCP_UDP, UDP, TLS, HTTP or HTTPS, the default is 2. For target groups with a protocol of GENEVE, the default is 2. If the target type is `lambda` , the default is 5.", + "title": "UnhealthyThresholdCount", + "type": "number" + }, + "VpcId": { + "markdownDescription": "The identifier of the virtual private cloud (VPC). If the target is a Lambda function, this parameter does not apply. Otherwise, this parameter is required.", + "title": "VpcId", "type": "string" } }, - "required": [ - "DataflowEdges", - "MinimumViableContactDurationSeconds", - "Name", - "TrackingConfigArn" - ], "type": "object" }, "Type": { "enum": [ - "AWS::GroundStation::MissionProfile" + "AWS::ElasticLoadBalancingV2::TargetGroup" ], "type": "string" }, @@ -112769,44 +116732,67 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::GroundStation::MissionProfile.DataflowEdge": { + "AWS::ElasticLoadBalancingV2::TargetGroup.Matcher": { "additionalProperties": false, "properties": { - "Destination": { - "markdownDescription": "The ARN of the destination for this dataflow edge. For example, specify the ARN of a dataflow endpoint config for a downlink edge or an antenna uplink config for an uplink edge.", - "title": "Destination", + "GrpcCode": { + "markdownDescription": "You can specify values between 0 and 99. You can specify multiple values (for example, \"0,1\") or a range of values (for example, \"0-5\"). The default value is 12.", + "title": "GrpcCode", "type": "string" }, - "Source": { - "markdownDescription": "The ARN of the source for this dataflow edge. For example, specify the ARN of an antenna downlink config for a downlink edge or a dataflow endpoint config for an uplink edge.", - "title": "Source", + "HttpCode": { + "markdownDescription": "For Application Load Balancers, you can specify values between 200 and 499, with the default value being 200. You can specify multiple values (for example, \"200,202\") or a range of values (for example, \"200-299\").\n\nFor Network Load Balancers, you can specify values between 200 and 599, with the default value being 200-399. You can specify multiple values (for example, \"200,202\") or a range of values (for example, \"200-299\").\n\nFor Gateway Load Balancers, this must be \"200\u2013399\".\n\nNote that when using shorthand syntax, some values such as commas need to be escaped.", + "title": "HttpCode", "type": "string" } }, "type": "object" }, - "AWS::GroundStation::MissionProfile.StreamsKmsKey": { + "AWS::ElasticLoadBalancingV2::TargetGroup.TargetDescription": { "additionalProperties": false, "properties": { - "KmsAliasArn": { - "markdownDescription": "KMS Alias Arn.", - "title": "KmsAliasArn", + "AvailabilityZone": { + "markdownDescription": "An Availability Zone or `all` . This determines whether the target receives traffic from the load balancer nodes in the specified Availability Zone or from all enabled Availability Zones for the load balancer.\n\nFor Application Load Balancer target groups, the specified Availability Zone value is only applicable when cross-zone load balancing is off. Otherwise the parameter is ignored and treated as `all` .\n\nThis parameter is not supported if the target type of the target group is `instance` or `alb` .\n\nIf the target type is `ip` and the IP address is in a subnet of the VPC for the target group, the Availability Zone is automatically detected and this parameter is optional. If the IP address is outside the VPC, this parameter is required.\n\nFor Application Load Balancer target groups with cross-zone load balancing off, if the target type is `ip` and the IP address is outside of the VPC for the target group, this should be an Availability Zone inside the VPC for the target group.\n\nIf the target type is `lambda` , this parameter is optional and the only supported value is `all` .", + "title": "AvailabilityZone", "type": "string" }, - "KmsKeyArn": { - "markdownDescription": "KMS Key Arn.", - "title": "KmsKeyArn", + "Id": { + "markdownDescription": "The ID of the target. If the target type of the target group is `instance` , specify an instance ID. If the target type is `ip` , specify an IP address. If the target type is `lambda` , specify the ARN of the Lambda function. If the target type is `alb` , specify the ARN of the Application Load Balancer target.", + "title": "Id", "type": "string" + }, + "Port": { + "markdownDescription": "The port on which the target is listening. If the target group protocol is GENEVE, the supported port is 6081. If the target type is `alb` , the targeted Application Load Balancer must have at least one listener whose port matches the target group port. This parameter is not used if the target is a Lambda function.", + "title": "Port", + "type": "number" } }, + "required": [ + "Id" + ], "type": "object" }, - "AWS::GuardDuty::Detector": { + "AWS::ElasticLoadBalancingV2::TargetGroup.TargetGroupAttribute": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The name of the attribute.\n\nThe following attributes are supported by all load balancers:\n\n- `deregistration_delay.timeout_seconds` - The amount of time, in seconds, for Elastic Load Balancing to wait before changing the state of a deregistering target from `draining` to `unused` . The range is 0-3600 seconds. The default value is 300 seconds. If the target is a Lambda function, this attribute is not supported.\n- `stickiness.enabled` - Indicates whether target stickiness is enabled. The value is `true` or `false` . The default is `false` .\n- `stickiness.type` - Indicates the type of stickiness. The possible values are:\n\n- `lb_cookie` and `app_cookie` for Application Load Balancers.\n- `source_ip` for Network Load Balancers.\n- `source_ip_dest_ip` and `source_ip_dest_ip_proto` for Gateway Load Balancers.\n\nThe following attributes are supported by Application Load Balancers and Network Load Balancers:\n\n- `load_balancing.cross_zone.enabled` - Indicates whether cross zone load balancing is enabled. The value is `true` , `false` or `use_load_balancer_configuration` . The default is `use_load_balancer_configuration` .\n- `target_group_health.dns_failover.minimum_healthy_targets.count` - The minimum number of targets that must be healthy. If the number of healthy targets is below this value, mark the zone as unhealthy in DNS, so that traffic is routed only to healthy zones. The possible values are `off` or an integer from 1 to the maximum number of targets. The default is 1.\n- `target_group_health.dns_failover.minimum_healthy_targets.percentage` - The minimum percentage of targets that must be healthy. If the percentage of healthy targets is below this value, mark the zone as unhealthy in DNS, so that traffic is routed only to healthy zones. The possible values are `off` or an integer from 1 to 100. The default is `off` .\n- `target_group_health.unhealthy_state_routing.minimum_healthy_targets.count` - The minimum number of targets that must be healthy. If the number of healthy targets is below this value, send traffic to all targets, including unhealthy targets. The possible values are 1 to the maximum number of targets. The default is 1.\n- `target_group_health.unhealthy_state_routing.minimum_healthy_targets.percentage` - The minimum percentage of targets that must be healthy. If the percentage of healthy targets is below this value, send traffic to all targets, including unhealthy targets. The possible values are `off` or an integer from 1 to 100. The default is `off` .\n\nThe following attributes are supported only if the load balancer is an Application Load Balancer and the target is an instance or an IP address:\n\n- `load_balancing.algorithm.type` - The load balancing algorithm determines how the load balancer selects targets when routing requests. The value is `round_robin` , `least_outstanding_requests` , or `weighted_random` . The default is `round_robin` .\n- `load_balancing.algorithm.anomaly_mitigation` - Only available when `load_balancing.algorithm.type` is `weighted_random` . Indicates whether anomaly mitigation is enabled. The value is `on` or `off` . The default is `off` .\n- `slow_start.duration_seconds` - The time period, in seconds, during which a newly registered target receives an increasing share of the traffic to the target group. After this time period ends, the target receives its full share of traffic. The range is 30-900 seconds (15 minutes). The default is 0 seconds (disabled).\n- `stickiness.app_cookie.cookie_name` - Indicates the name of the application-based cookie. Names that start with the following prefixes are not allowed: `AWSALB` , `AWSALBAPP` , and `AWSALBTG` ; they're reserved for use by the load balancer.\n- `stickiness.app_cookie.duration_seconds` - The time period, in seconds, during which requests from a client should be routed to the same target. After this time period expires, the application-based cookie is considered stale. The range is 1 second to 1 week (604800 seconds). The default value is 1 day (86400 seconds).\n- `stickiness.lb_cookie.duration_seconds` - The time period, in seconds, during which requests from a client should be routed to the same target. After this time period expires, the load balancer-generated cookie is considered stale. The range is 1 second to 1 week (604800 seconds). The default value is 1 day (86400 seconds).\n\nThe following attribute is supported only if the load balancer is an Application Load Balancer and the target is a Lambda function:\n\n- `lambda.multi_value_headers.enabled` - Indicates whether the request and response headers that are exchanged between the load balancer and the Lambda function include arrays of values or strings. The value is `true` or `false` . The default is `false` . If the value is `false` and the request contains a duplicate header field name or query parameter key, the load balancer uses the last value sent by the client.\n\nThe following attributes are supported only by Network Load Balancers:\n\n- `deregistration_delay.connection_termination.enabled` - Indicates whether the load balancer terminates connections at the end of the deregistration timeout. The value is `true` or `false` . For new UDP/TCP_UDP target groups the default is `true` . Otherwise, the default is `false` .\n- `preserve_client_ip.enabled` - Indicates whether client IP preservation is enabled. The value is `true` or `false` . The default is disabled if the target group type is IP address and the target group protocol is TCP or TLS. Otherwise, the default is enabled. Client IP preservation can't be disabled for UDP and TCP_UDP target groups.\n- `proxy_protocol_v2.enabled` - Indicates whether Proxy Protocol version 2 is enabled. The value is `true` or `false` . The default is `false` .\n- `target_health_state.unhealthy.connection_termination.enabled` - Indicates whether the load balancer terminates connections to unhealthy targets. The value is `true` or `false` . The default is `true` . This attribute can't be enabled for UDP and TCP_UDP target groups.\n- `target_health_state.unhealthy.draining_interval_seconds` - The amount of time for Elastic Load Balancing to wait before changing the state of an unhealthy target from `unhealthy.draining` to `unhealthy` . The range is 0-360000 seconds. The default value is 0 seconds.\n\nNote: This attribute can only be configured when `target_health_state.unhealthy.connection_termination.enabled` is `false` .\n\nThe following attributes are supported only by Gateway Load Balancers:\n\n- `target_failover.on_deregistration` - Indicates how the Gateway Load Balancer handles existing flows when a target is deregistered. The possible values are `rebalance` and `no_rebalance` . The default is `no_rebalance` . The two attributes ( `target_failover.on_deregistration` and `target_failover.on_unhealthy` ) can't be set independently. The value you set for both attributes must be the same.\n- `target_failover.on_unhealthy` - Indicates how the Gateway Load Balancer handles existing flows when a target is unhealthy. The possible values are `rebalance` and `no_rebalance` . The default is `no_rebalance` . The two attributes ( `target_failover.on_deregistration` and `target_failover.on_unhealthy` ) can't be set independently. The value you set for both attributes must be the same.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the attribute.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ElasticLoadBalancingV2::TrustStore": { "additionalProperties": false, "properties": { "Condition": { @@ -112841,46 +116827,40 @@ "Properties": { "additionalProperties": false, "properties": { - "DataSources": { - "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNDataSourceConfigurations", - "markdownDescription": "Describes which data sources will be enabled for the detector.", - "title": "DataSources" + "CaCertificatesBundleS3Bucket": { + "markdownDescription": "The Amazon S3 bucket for the ca certificates bundle.", + "title": "CaCertificatesBundleS3Bucket", + "type": "string" }, - "Enable": { - "markdownDescription": "Specifies whether the detector is to be enabled on creation.", - "title": "Enable", - "type": "boolean" + "CaCertificatesBundleS3Key": { + "markdownDescription": "The Amazon S3 path for the ca certificates bundle.", + "title": "CaCertificatesBundleS3Key", + "type": "string" }, - "Features": { - "items": { - "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNFeatureConfiguration" - }, - "markdownDescription": "A list of features that will be configured for the detector.", - "title": "Features", - "type": "array" + "CaCertificatesBundleS3ObjectVersion": { + "markdownDescription": "The Amazon S3 object version for the ca certificates bundle. If undefined the current version is used.", + "title": "CaCertificatesBundleS3ObjectVersion", + "type": "string" }, - "FindingPublishingFrequency": { - "markdownDescription": "Specifies how frequently updated findings are exported.", - "title": "FindingPublishingFrequency", + "Name": { + "markdownDescription": "The name of the trust store.", + "title": "Name", "type": "string" }, "Tags": { "items": { - "$ref": "#/definitions/AWS::GuardDuty::Detector.TagItem" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "Specifies tags added to a new detector resource. Each tag consists of a key and an optional value, both of which you define.\n\nCurrently, support is available only for creating and deleting a tag. No support exists for updating the tags.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "The tags to assign to the trust store.", "title": "Tags", "type": "array" } }, - "required": [ - "Enable" - ], "type": "object" }, "Type": { "enum": [ - "AWS::GuardDuty::Detector" + "AWS::ElasticLoadBalancingV2::TrustStore" ], "type": "string" }, @@ -112894,161 +116874,134 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::GuardDuty::Detector.CFNDataSourceConfigurations": { + "AWS::ElasticLoadBalancingV2::TrustStoreRevocation": { "additionalProperties": false, "properties": { - "Kubernetes": { - "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNKubernetesConfiguration", - "markdownDescription": "Describes which Kubernetes data sources are enabled for a detector.", - "title": "Kubernetes" - }, - "MalwareProtection": { - "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNMalwareProtectionConfiguration", - "markdownDescription": "Describes whether Malware Protection will be enabled as a data source.", - "title": "MalwareProtection" + "Condition": { + "type": "string" }, - "S3Logs": { - "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNS3LogsConfiguration", - "markdownDescription": "Describes whether S3 data event logs are enabled as a data source.", - "title": "S3Logs" - } - }, - "type": "object" - }, - "AWS::GuardDuty::Detector.CFNFeatureAdditionalConfiguration": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "Name of the additional configuration.", - "title": "Name", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Status": { - "markdownDescription": "Status of the additional configuration.", - "title": "Status", - "type": "string" - } - }, - "type": "object" - }, - "AWS::GuardDuty::Detector.CFNFeatureConfiguration": { - "additionalProperties": false, - "properties": { - "AdditionalConfiguration": { - "items": { - "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNFeatureAdditionalConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "RevocationContents": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::TrustStoreRevocation.RevocationContent" + }, + "markdownDescription": "The revocation file to add.", + "title": "RevocationContents", + "type": "array" + }, + "TrustStoreArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the trust store.", + "title": "TrustStoreArn", + "type": "string" + } }, - "markdownDescription": "Information about the additional configuration of a feature in your account.", - "title": "AdditionalConfiguration", - "type": "array" + "type": "object" }, - "Name": { - "markdownDescription": "Name of the feature. For a list of allowed values, see [DetectorFeatureConfiguration](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DetectorFeatureConfiguration.html#guardduty-Type-DetectorFeatureConfiguration-name) in the *GuardDuty API Reference* .", - "title": "Name", + "Type": { + "enum": [ + "AWS::ElasticLoadBalancingV2::TrustStoreRevocation" + ], "type": "string" }, - "Status": { - "markdownDescription": "Status of the feature configuration.", - "title": "Status", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Name", - "Status" - ], - "type": "object" - }, - "AWS::GuardDuty::Detector.CFNKubernetesAuditLogsConfiguration": { - "additionalProperties": false, - "properties": { - "Enable": { - "markdownDescription": "Describes whether Kubernetes audit logs are enabled as a data source for the detector.", - "title": "Enable", - "type": "boolean" - } - }, - "required": [ - "Enable" - ], - "type": "object" - }, - "AWS::GuardDuty::Detector.CFNKubernetesConfiguration": { - "additionalProperties": false, - "properties": { - "AuditLogs": { - "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNKubernetesAuditLogsConfiguration", - "markdownDescription": "Describes whether Kubernetes audit logs are enabled as a data source for the detector.", - "title": "AuditLogs" - } - }, - "required": [ - "AuditLogs" - ], - "type": "object" - }, - "AWS::GuardDuty::Detector.CFNMalwareProtectionConfiguration": { - "additionalProperties": false, - "properties": { - "ScanEc2InstanceWithFindings": { - "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNScanEc2InstanceWithFindingsConfiguration", - "markdownDescription": "Describes the configuration of Malware Protection for EC2 instances with findings.", - "title": "ScanEc2InstanceWithFindings" - } - }, - "type": "object" - }, - "AWS::GuardDuty::Detector.CFNS3LogsConfiguration": { - "additionalProperties": false, - "properties": { - "Enable": { - "markdownDescription": "The status of S3 data event logs as a data source.", - "title": "Enable", - "type": "boolean" - } - }, - "required": [ - "Enable" + "Type" ], "type": "object" }, - "AWS::GuardDuty::Detector.CFNScanEc2InstanceWithFindingsConfiguration": { + "AWS::ElasticLoadBalancingV2::TrustStoreRevocation.RevocationContent": { "additionalProperties": false, "properties": { - "EbsVolumes": { - "markdownDescription": "Describes the configuration for scanning EBS volumes as data source.", - "title": "EbsVolumes", - "type": "boolean" + "RevocationType": { + "markdownDescription": "The type of revocation file.", + "title": "RevocationType", + "type": "string" + }, + "S3Bucket": { + "markdownDescription": "The Amazon S3 bucket for the revocation file.", + "title": "S3Bucket", + "type": "string" + }, + "S3Key": { + "markdownDescription": "The Amazon S3 path for the revocation file.", + "title": "S3Key", + "type": "string" + }, + "S3ObjectVersion": { + "markdownDescription": "The Amazon S3 object version of the revocation file.", + "title": "S3ObjectVersion", + "type": "string" } }, "type": "object" }, - "AWS::GuardDuty::Detector.TagItem": { + "AWS::ElasticLoadBalancingV2::TrustStoreRevocation.TrustStoreRevocation": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The tag key.", - "title": "Key", + "NumberOfRevokedEntries": { + "markdownDescription": "The number of revoked certificates.", + "title": "NumberOfRevokedEntries", + "type": "number" + }, + "RevocationId": { + "markdownDescription": "The revocation ID of the revocation file.", + "title": "RevocationId", "type": "string" }, - "Value": { - "markdownDescription": "The tag value.", - "title": "Value", + "RevocationType": { + "markdownDescription": "The type of revocation file.", + "title": "RevocationType", + "type": "string" + }, + "TrustStoreArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the trust store.", + "title": "TrustStoreArn", "type": "string" } }, - "required": [ - "Key", - "Value" - ], "type": "object" }, - "AWS::GuardDuty::Filter": { + "AWS::Elasticsearch::Domain": { "additionalProperties": false, "properties": { "Condition": { @@ -113083,53 +117036,102 @@ "Properties": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "Specifies the action that is to be applied to the findings that match the filter.", - "title": "Action", - "type": "string" + "AccessPolicies": { + "markdownDescription": "An AWS Identity and Access Management ( IAM ) policy document that specifies who can access the OpenSearch Service domain and their permissions. For more information, see [Configuring access policies](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ac.html#ac-creating) in the *Amazon OpenSearch Service Developer Guid* e.", + "title": "AccessPolicies", + "type": "object" }, - "Description": { - "markdownDescription": "The description of the filter. Valid characters include alphanumeric characters, and special characters such as hyphen, period, colon, underscore, parentheses ( `{ }` , `[ ]` , and `( )` ), forward slash, horizontal tab, vertical tab, newline, form feed, return, and whitespace.", - "title": "Description", - "type": "string" + "AdvancedOptions": { + "additionalProperties": true, + "markdownDescription": "Additional options to specify for the OpenSearch Service domain. For more information, see [Advanced cluster parameters](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/createupdatedomains.html#createdomain-configure-advanced-options) in the *Amazon OpenSearch Service Developer Guide* .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AdvancedOptions", + "type": "object" }, - "DetectorId": { - "markdownDescription": "The detector ID associated with the GuardDuty account for which you want to create a filter.\n\nTo find the `detectorId` in the current Region, see the\nSettings page in the GuardDuty console, or run the [ListDetectors](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListDetectors.html) API.", - "title": "DetectorId", + "AdvancedSecurityOptions": { + "$ref": "#/definitions/AWS::Elasticsearch::Domain.AdvancedSecurityOptionsInput", + "markdownDescription": "Specifies options for fine-grained access control.", + "title": "AdvancedSecurityOptions" + }, + "CognitoOptions": { + "$ref": "#/definitions/AWS::Elasticsearch::Domain.CognitoOptions", + "markdownDescription": "Configures OpenSearch Service to use Amazon Cognito authentication for OpenSearch Dashboards.", + "title": "CognitoOptions" + }, + "DomainEndpointOptions": { + "$ref": "#/definitions/AWS::Elasticsearch::Domain.DomainEndpointOptions", + "markdownDescription": "Specifies additional options for the domain endpoint, such as whether to require HTTPS for all traffic or whether to use a custom endpoint rather than the default endpoint.", + "title": "DomainEndpointOptions" + }, + "DomainName": { + "markdownDescription": "A name for the OpenSearch Service domain. For valid values, see the [DomainName](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-datatypes-domainname) data type in the *Amazon OpenSearch Service Developer Guide* . If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the domain name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "DomainName", "type": "string" }, - "FindingCriteria": { - "$ref": "#/definitions/AWS::GuardDuty::Filter.FindingCriteria", - "markdownDescription": "Represents the criteria to be used in the filter for querying findings.", - "title": "FindingCriteria" + "EBSOptions": { + "$ref": "#/definitions/AWS::Elasticsearch::Domain.EBSOptions", + "markdownDescription": "The configurations of Amazon Elastic Block Store (Amazon EBS) volumes that are attached to data nodes in the OpenSearch Service domain. For more information, see [EBS volume size limits](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/limits.html#ebsresource) in the *Amazon OpenSearch Service Developer Guide* .", + "title": "EBSOptions" }, - "Name": { - "markdownDescription": "The name of the filter. Valid characters include period (.), underscore (_), dash (-), and alphanumeric characters. A whitespace is considered to be an invalid character.", - "title": "Name", + "ElasticsearchClusterConfig": { + "$ref": "#/definitions/AWS::Elasticsearch::Domain.ElasticsearchClusterConfig", + "markdownDescription": "ElasticsearchClusterConfig is a property of the AWS::Elasticsearch::Domain resource that configures the cluster of an Amazon OpenSearch Service domain.", + "title": "ElasticsearchClusterConfig" + }, + "ElasticsearchVersion": { + "markdownDescription": "The version of Elasticsearch to use, such as 2.3. If not specified, 1.5 is used as the default. For information about the versions that OpenSearch Service supports, see [Supported versions of OpenSearch and Elasticsearch](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/what-is.html#choosing-version) in the *Amazon OpenSearch Service Developer Guide* .\n\nIf you set the [EnableVersionUpgrade](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-upgradeopensearchdomain) update policy to `true` , you can update `ElasticsearchVersion` without interruption. When `EnableVersionUpgrade` is set to `false` , or is not specified, updating `ElasticsearchVersion` results in [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", + "title": "ElasticsearchVersion", "type": "string" }, - "Rank": { - "markdownDescription": "Specifies the position of the filter in the list of current filters. Also specifies the order in which this filter is applied to the findings. The minimum value for this property is 1 and the maximum is 100.\n\nBy default, filters may not be created in the same order as they are ranked. To ensure that the filters are created in the expected order, you can use an optional attribute, [DependsOn](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) , with the following syntax: `\"DependsOn\":[ \"ObjectName\" ]` .", - "title": "Rank", - "type": "number" + "EncryptionAtRestOptions": { + "$ref": "#/definitions/AWS::Elasticsearch::Domain.EncryptionAtRestOptions", + "markdownDescription": "Whether the domain should encrypt data at rest, and if so, the AWS Key Management Service key to use. See [Encryption of data at rest for Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/encryption-at-rest.html) .", + "title": "EncryptionAtRestOptions" + }, + "LogPublishingOptions": { + "additionalProperties": false, + "markdownDescription": "An object with one or more of the following keys: `SEARCH_SLOW_LOGS` , `ES_APPLICATION_LOGS` , `INDEX_SLOW_LOGS` , `AUDIT_LOGS` , depending on the types of logs you want to publish. Each key needs a valid `LogPublishingOption` value.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::Elasticsearch::Domain.LogPublishingOption" + } + }, + "title": "LogPublishingOptions", + "type": "object" + }, + "NodeToNodeEncryptionOptions": { + "$ref": "#/definitions/AWS::Elasticsearch::Domain.NodeToNodeEncryptionOptions", + "markdownDescription": "Specifies whether node-to-node encryption is enabled. See [Node-to-node encryption for Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ntn.html) .", + "title": "NodeToNodeEncryptionOptions" + }, + "SnapshotOptions": { + "$ref": "#/definitions/AWS::Elasticsearch::Domain.SnapshotOptions", + "markdownDescription": "*DEPRECATED* . The automated snapshot configuration for the OpenSearch Service domain indices.", + "title": "SnapshotOptions" }, "Tags": { "items": { - "$ref": "#/definitions/AWS::GuardDuty::Filter.TagItem" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to be added to a new filter resource. Each tag consists of a key and an optional value, both of which you define.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "An arbitrary set of tags (key\u2013value pairs) to associate with the OpenSearch Service domain.", "title": "Tags", "type": "array" + }, + "VPCOptions": { + "$ref": "#/definitions/AWS::Elasticsearch::Domain.VPCOptions", + "markdownDescription": "The virtual private cloud (VPC) configuration for the OpenSearch Service domain. For more information, see [Launching your Amazon OpenSearch Service domains within a VPC](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/vpc.html) in the *Amazon OpenSearch Service Developer Guide* .", + "title": "VPCOptions" } }, - "required": [ - "FindingCriteria" - ], "type": "object" }, "Type": { "enum": [ - "AWS::GuardDuty::Filter" + "AWS::Elasticsearch::Domain" ], "type": "string" }, @@ -113143,127 +117145,300 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::GuardDuty::Filter.Condition": { + "AWS::Elasticsearch::Domain.AdvancedSecurityOptionsInput": { "additionalProperties": false, "properties": { - "Eq": { - "items": { - "type": "string" - }, - "markdownDescription": "Represents the equal condition to apply to a single field when querying for findings.", - "title": "Eq", - "type": "array" + "AnonymousAuthEnabled": { + "markdownDescription": "", + "title": "AnonymousAuthEnabled", + "type": "boolean" }, - "Equals": { - "items": { - "type": "string" - }, - "markdownDescription": "Represents an *equal* ** condition to be applied to a single field when querying for findings.", - "title": "Equals", - "type": "array" + "Enabled": { + "markdownDescription": "True to enable fine-grained access control. You must also enable encryption of data at rest and node-to-node encryption.", + "title": "Enabled", + "type": "boolean" }, - "GreaterThan": { - "markdownDescription": "Represents a *greater than* condition to be applied to a single field when querying for findings.", - "title": "GreaterThan", - "type": "number" + "InternalUserDatabaseEnabled": { + "markdownDescription": "True to enable the internal user database.", + "title": "InternalUserDatabaseEnabled", + "type": "boolean" }, - "GreaterThanOrEqual": { - "markdownDescription": "Represents a *greater than or equal* condition to be applied to a single field when querying for findings.", - "title": "GreaterThanOrEqual", - "type": "number" + "MasterUserOptions": { + "$ref": "#/definitions/AWS::Elasticsearch::Domain.MasterUserOptions", + "markdownDescription": "Specifies information about the master user.", + "title": "MasterUserOptions" + } + }, + "type": "object" + }, + "AWS::Elasticsearch::Domain.CognitoOptions": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Whether to enable or disable Amazon Cognito authentication for OpenSearch Dashboards. See [Amazon Cognito authentication for OpenSearch Dashboards](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/cognito-auth.html) .", + "title": "Enabled", + "type": "boolean" }, - "Gt": { - "markdownDescription": "Represents a *greater than* condition to be applied to a single field when querying for findings.", - "title": "Gt", - "type": "number" + "IdentityPoolId": { + "markdownDescription": "The Amazon Cognito identity pool ID that you want OpenSearch Service to use for OpenSearch Dashboards authentication. Required if you enable Cognito authentication.", + "title": "IdentityPoolId", + "type": "string" }, - "Gte": { - "markdownDescription": "Represents the greater than or equal condition to apply to a single field when querying for findings.", - "title": "Gte", + "RoleArn": { + "markdownDescription": "The `AmazonESCognitoAccess` role that allows OpenSearch Service to configure your user pool and identity pool. Required if you enable Cognito authentication.", + "title": "RoleArn", + "type": "string" + }, + "UserPoolId": { + "markdownDescription": "The Amazon Cognito user pool ID that you want OpenSearch Service to use for OpenSearch Dashboards authentication. Required if you enable Cognito authentication.", + "title": "UserPoolId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Elasticsearch::Domain.ColdStorageOptions": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Whether to enable or disable cold storage on the domain. You must enable UltraWarm storage in order to enable cold storage.", + "title": "Enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::Elasticsearch::Domain.DomainEndpointOptions": { + "additionalProperties": false, + "properties": { + "CustomEndpoint": { + "markdownDescription": "The fully qualified URL for your custom endpoint. Required if you enabled a custom endpoint for the domain.", + "title": "CustomEndpoint", + "type": "string" + }, + "CustomEndpointCertificateArn": { + "markdownDescription": "The AWS Certificate Manager ARN for your domain's SSL/TLS certificate. Required if you enabled a custom endpoint for the domain.", + "title": "CustomEndpointCertificateArn", + "type": "string" + }, + "CustomEndpointEnabled": { + "markdownDescription": "True to enable a custom endpoint for the domain. If enabled, you must also provide values for `CustomEndpoint` and `CustomEndpointCertificateArn` .", + "title": "CustomEndpointEnabled", + "type": "boolean" + }, + "EnforceHTTPS": { + "markdownDescription": "True to require that all traffic to the domain arrive over HTTPS.", + "title": "EnforceHTTPS", + "type": "boolean" + }, + "TLSSecurityPolicy": { + "markdownDescription": "The minimum TLS version required for traffic to the domain. Valid values are TLS 1.3 (recommended) or 1.2:\n\n- `Policy-Min-TLS-1-0-2019-07`\n- `Policy-Min-TLS-1-2-2019-07`", + "title": "TLSSecurityPolicy", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Elasticsearch::Domain.EBSOptions": { + "additionalProperties": false, + "properties": { + "EBSEnabled": { + "markdownDescription": "Specifies whether Amazon EBS volumes are attached to data nodes in the OpenSearch Service domain.", + "title": "EBSEnabled", + "type": "boolean" + }, + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS) that the volume supports. This property applies only to provisioned IOPS EBS volume types.", + "title": "Iops", "type": "number" }, - "LessThan": { - "markdownDescription": "Represents a *less than* condition to be applied to a single field when querying for findings.", - "title": "LessThan", + "VolumeSize": { + "markdownDescription": "The size (in GiB) of the EBS volume for each data node. The minimum and maximum size of an EBS volume depends on the EBS volume type and the instance type to which it is attached. For more information, see [EBS volume size limits](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/limits.html#ebsresource) in the *Amazon OpenSearch Service Developer Guide* .", + "title": "VolumeSize", "type": "number" }, - "LessThanOrEqual": { - "markdownDescription": "Represents a *less than or equal* condition to be applied to a single field when querying for findings.", - "title": "LessThanOrEqual", + "VolumeType": { + "markdownDescription": "The EBS volume type to use with the OpenSearch Service domain, such as standard, gp2, or io1. For more information about each type, see [Amazon EBS volume types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) in the *Amazon EC2 User Guide for Linux Instances* .", + "title": "VolumeType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Elasticsearch::Domain.ElasticsearchClusterConfig": { + "additionalProperties": false, + "properties": { + "ColdStorageOptions": { + "$ref": "#/definitions/AWS::Elasticsearch::Domain.ColdStorageOptions", + "markdownDescription": "Specifies cold storage options for the domain.", + "title": "ColdStorageOptions" + }, + "DedicatedMasterCount": { + "markdownDescription": "The number of instances to use for the master node. If you specify this property, you must specify true for the DedicatedMasterEnabled property.", + "title": "DedicatedMasterCount", "type": "number" }, - "Lt": { - "markdownDescription": "Represents the less than condition to apply to a single field when querying for findings.", - "title": "Lt", + "DedicatedMasterEnabled": { + "markdownDescription": "Indicates whether to use a dedicated master node for the OpenSearch Service domain. A dedicated master node is a cluster node that performs cluster management tasks, but doesn't hold data or respond to data upload requests. Dedicated master nodes offload cluster management tasks to increase the stability of your search clusters. See [Dedicated master nodes in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-dedicatedmasternodes.html) .", + "title": "DedicatedMasterEnabled", + "type": "boolean" + }, + "DedicatedMasterType": { + "markdownDescription": "The hardware configuration of the computer that hosts the dedicated master node, such as `m3.medium.elasticsearch` . If you specify this property, you must specify true for the `DedicatedMasterEnabled` property. For valid values, see [Supported instance types in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/supported-instance-types.html) .", + "title": "DedicatedMasterType", + "type": "string" + }, + "InstanceCount": { + "markdownDescription": "The number of data nodes (instances) to use in the OpenSearch Service domain.", + "title": "InstanceCount", "type": "number" }, - "Lte": { - "markdownDescription": "Represents the less than or equal condition to apply to a single field when querying for findings.", - "title": "Lte", + "InstanceType": { + "markdownDescription": "The instance type for your data nodes, such as `m3.medium.elasticsearch` . For valid values, see [Supported instance types in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/supported-instance-types.html) .", + "title": "InstanceType", + "type": "string" + }, + "WarmCount": { + "markdownDescription": "The number of warm nodes in the cluster. Required if you enable warm storage.", + "title": "WarmCount", "type": "number" }, - "Neq": { - "items": { - "type": "string" - }, - "markdownDescription": "Represents the not equal condition to apply to a single field when querying for findings.", - "title": "Neq", - "type": "array" + "WarmEnabled": { + "markdownDescription": "Whether to enable warm storage for the cluster.", + "title": "WarmEnabled", + "type": "boolean" }, - "NotEquals": { - "items": { - "type": "string" - }, - "markdownDescription": "Represents a *not equal* ** condition to be applied to a single field when querying for findings.", - "title": "NotEquals", - "type": "array" + "WarmType": { + "markdownDescription": "The instance type for the cluster's warm nodes. Required if you enable warm storage.", + "title": "WarmType", + "type": "string" + }, + "ZoneAwarenessConfig": { + "$ref": "#/definitions/AWS::Elasticsearch::Domain.ZoneAwarenessConfig", + "markdownDescription": "Specifies zone awareness configuration options. Only use if `ZoneAwarenessEnabled` is `true` .", + "title": "ZoneAwarenessConfig" + }, + "ZoneAwarenessEnabled": { + "markdownDescription": "Indicates whether to enable zone awareness for the OpenSearch Service domain. When you enable zone awareness, OpenSearch Service allocates the nodes and replica index shards that belong to a cluster across two Availability Zones (AZs) in the same region to prevent data loss and minimize downtime in the event of node or data center failure. Don't enable zone awareness if your cluster has no replica index shards or is a single-node cluster. For more information, see [Configuring a multi-AZ domain in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-multiaz.html) .", + "title": "ZoneAwarenessEnabled", + "type": "boolean" } }, "type": "object" }, - "AWS::GuardDuty::Filter.FindingCriteria": { + "AWS::Elasticsearch::Domain.EncryptionAtRestOptions": { "additionalProperties": false, "properties": { - "Criterion": { - "additionalProperties": false, - "markdownDescription": "Represents a map of finding properties that match specified conditions and values when querying findings.\n\nFor information about JSON criterion mapping to their console equivalent, see [Finding criteria](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_filter-findings.html#filter_criteria) . The following are the available criterion:\n\n- accountId\n- id\n- region\n- severity\n\nTo filter on the basis of severity, the API and AWS CLI use the following input list for the `FindingCriteria` condition:\n\n- *Low* : `[\"1\", \"2\", \"3\"]`\n- *Medium* : `[\"4\", \"5\", \"6\"]`\n- *High* : `[\"7\", \"8\", \"9\"]`\n\nFor more information, see [Severity levels for GuardDuty findings](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_findings.html#guardduty_findings-severity) in the *Amazon GuardDuty User Guide* .\n- type\n- updatedAt\n\nType: ISO 8601 string format: `YYYY-MM-DDTHH:MM:SS.SSSZ` or `YYYY-MM-DDTHH:MM:SSZ` depending on whether the value contains milliseconds.\n- resource.accessKeyDetails.accessKeyId\n- resource.accessKeyDetails.principalId\n- resource.accessKeyDetails.userName\n- resource.accessKeyDetails.userType\n- resource.instanceDetails.iamInstanceProfile.id\n- resource.instanceDetails.imageId\n- resource.instanceDetails.instanceId\n- resource.instanceDetails.tags.key\n- resource.instanceDetails.tags.value\n- resource.instanceDetails.networkInterfaces.ipv6Addresses\n- resource.instanceDetails.networkInterfaces.privateIpAddresses.privateIpAddress\n- resource.instanceDetails.networkInterfaces.publicDnsName\n- resource.instanceDetails.networkInterfaces.publicIp\n- resource.instanceDetails.networkInterfaces.securityGroups.groupId\n- resource.instanceDetails.networkInterfaces.securityGroups.groupName\n- resource.instanceDetails.networkInterfaces.subnetId\n- resource.instanceDetails.networkInterfaces.vpcId\n- resource.instanceDetails.outpostArn\n- resource.resourceType\n- resource.s3BucketDetails.publicAccess.effectivePermissions\n- resource.s3BucketDetails.name\n- resource.s3BucketDetails.tags.key\n- resource.s3BucketDetails.tags.value\n- resource.s3BucketDetails.type\n- service.action.actionType\n- service.action.awsApiCallAction.api\n- service.action.awsApiCallAction.callerType\n- service.action.awsApiCallAction.errorCode\n- service.action.awsApiCallAction.remoteIpDetails.city.cityName\n- service.action.awsApiCallAction.remoteIpDetails.country.countryName\n- service.action.awsApiCallAction.remoteIpDetails.ipAddressV4\n- service.action.awsApiCallAction.remoteIpDetails.ipAddressV6\n- service.action.awsApiCallAction.remoteIpDetails.organization.asn\n- service.action.awsApiCallAction.remoteIpDetails.organization.asnOrg\n- service.action.awsApiCallAction.serviceName\n- service.action.dnsRequestAction.domain\n- service.action.dnsRequestAction.domainWithSuffix\n- service.action.networkConnectionAction.blocked\n- service.action.networkConnectionAction.connectionDirection\n- service.action.networkConnectionAction.localPortDetails.port\n- service.action.networkConnectionAction.protocol\n- service.action.networkConnectionAction.remoteIpDetails.city.cityName\n- service.action.networkConnectionAction.remoteIpDetails.country.countryName\n- service.action.networkConnectionAction.remoteIpDetails.ipAddressV4\n- service.action.networkConnectionAction.remoteIpDetails.ipAddressV6\n- service.action.networkConnectionAction.remoteIpDetails.organization.asn\n- service.action.networkConnectionAction.remoteIpDetails.organization.asnOrg\n- service.action.networkConnectionAction.remotePortDetails.port\n- service.action.awsApiCallAction.remoteAccountDetails.affiliated\n- service.action.kubernetesApiCallAction.remoteIpDetails.ipAddressV4\n- service.action.kubernetesApiCallAction.remoteIpDetails.ipAddressV6\n- service.action.kubernetesApiCallAction.namespace\n- service.action.kubernetesApiCallAction.remoteIpDetails.organization.asn\n- service.action.kubernetesApiCallAction.requestUri\n- service.action.kubernetesApiCallAction.statusCode\n- service.action.networkConnectionAction.localIpDetails.ipAddressV4\n- service.action.networkConnectionAction.localIpDetails.ipAddressV6\n- service.action.networkConnectionAction.protocol\n- service.action.awsApiCallAction.serviceName\n- service.action.awsApiCallAction.remoteAccountDetails.accountId\n- service.additionalInfo.threatListName\n- service.resourceRole\n- resource.eksClusterDetails.name\n- resource.kubernetesDetails.kubernetesWorkloadDetails.name\n- resource.kubernetesDetails.kubernetesWorkloadDetails.namespace\n- resource.kubernetesDetails.kubernetesUserDetails.username\n- resource.kubernetesDetails.kubernetesWorkloadDetails.containers.image\n- resource.kubernetesDetails.kubernetesWorkloadDetails.containers.imagePrefix\n- service.ebsVolumeScanDetails.scanId\n- service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.name\n- service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.severity\n- service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.filePaths.hash\n- service.malwareScanDetails.threats.name\n- resource.ecsClusterDetails.name\n- resource.ecsClusterDetails.taskDetails.containers.image\n- resource.ecsClusterDetails.taskDetails.definitionArn\n- resource.containerDetails.image\n- resource.rdsDbInstanceDetails.dbInstanceIdentifier\n- resource.rdsDbInstanceDetails.dbClusterIdentifier\n- resource.rdsDbInstanceDetails.engine\n- resource.rdsDbUserDetails.user\n- resource.rdsDbInstanceDetails.tags.key\n- resource.rdsDbInstanceDetails.tags.value\n- service.runtimeDetails.process.executableSha256\n- service.runtimeDetails.process.name\n- service.runtimeDetails.process.name\n- resource.lambdaDetails.functionName\n- resource.lambdaDetails.functionArn\n- resource.lambdaDetails.tags.key\n- resource.lambdaDetails.tags.value", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::GuardDuty::Filter.Condition" - } - }, - "title": "Criterion", - "type": "object" + "Enabled": { + "markdownDescription": "Specify `true` to enable encryption at rest.", + "title": "Enabled", + "type": "boolean" + }, + "KmsKeyId": { + "markdownDescription": "The KMS key ID. Takes the form `1a2a3a4-1a2a-3a4a-5a6a-1a2a3a4a5a6a` . Required if you enable encryption at rest.", + "title": "KmsKeyId", + "type": "string" } }, "type": "object" }, - "AWS::GuardDuty::Filter.TagItem": { + "AWS::Elasticsearch::Domain.LogPublishingOption": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The tag key.", - "title": "Key", + "CloudWatchLogsLogGroupArn": { + "markdownDescription": "Specifies the CloudWatch log group to publish to. Required if you enable log publishing for the domain.", + "title": "CloudWatchLogsLogGroupArn", "type": "string" }, - "Value": { - "markdownDescription": "The tag value.", - "title": "Value", + "Enabled": { + "markdownDescription": "If `true` , enables the publishing of logs to CloudWatch.\n\nDefault: `false` .", + "title": "Enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::Elasticsearch::Domain.MasterUserOptions": { + "additionalProperties": false, + "properties": { + "MasterUserARN": { + "markdownDescription": "ARN for the master user. Only specify if `InternalUserDatabaseEnabled` is false in `AdvancedSecurityOptions` .", + "title": "MasterUserARN", + "type": "string" + }, + "MasterUserName": { + "markdownDescription": "Username for the master user. Only specify if `InternalUserDatabaseEnabled` is true in `AdvancedSecurityOptions` .", + "title": "MasterUserName", + "type": "string" + }, + "MasterUserPassword": { + "markdownDescription": "Password for the master user. Only specify if `InternalUserDatabaseEnabled` is true in `AdvancedSecurityOptions` .", + "title": "MasterUserPassword", "type": "string" } }, - "required": [ - "Key", - "Value" - ], "type": "object" }, - "AWS::GuardDuty::IPSet": { + "AWS::Elasticsearch::Domain.NodeToNodeEncryptionOptions": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Specifies whether node-to-node encryption is enabled, as a Boolean.", + "title": "Enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::Elasticsearch::Domain.SnapshotOptions": { + "additionalProperties": false, + "properties": { + "AutomatedSnapshotStartHour": { + "markdownDescription": "The hour in UTC during which the service takes an automated daily snapshot of the indices in the OpenSearch Service domain. For example, if you specify 0, OpenSearch Service takes an automated snapshot everyday between midnight and 1 am. You can specify a value between 0 and 23.", + "title": "AutomatedSnapshotStartHour", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Elasticsearch::Domain.VPCOptions": { + "additionalProperties": false, + "properties": { + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of security group IDs that are associated with the VPC endpoints for the domain. If you don't provide a security group ID, OpenSearch Service uses the default security group for the VPC. To learn more, see [Security groups for your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) in the *Amazon VPC User Guide* .", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "Provide one subnet ID for each Availability Zone that your domain uses. For example, you must specify three subnet IDs for a three Availability Zone domain. To learn more, see [VPCs and subnets](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) in the *Amazon VPC User Guide* .\n\nRequired if you're creating your domain inside a VPC.", + "title": "SubnetIds", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Elasticsearch::Domain.ZoneAwarenessConfig": { + "additionalProperties": false, + "properties": { + "AvailabilityZoneCount": { + "markdownDescription": "If you enabled multiple Availability Zones (AZs), the number of AZs that you want the domain to use.\n\nValid values are `2` and `3` . Default is 2.", + "title": "AvailabilityZoneCount", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EntityResolution::IdMappingWorkflow": { "additionalProperties": false, "properties": { "Condition": { @@ -113298,49 +117473,62 @@ "Properties": { "additionalProperties": false, "properties": { - "Activate": { - "markdownDescription": "Indicates whether or not GuardDuty uses the `IPSet` .", - "title": "Activate", - "type": "boolean" - }, - "DetectorId": { - "markdownDescription": "The unique ID of the detector of the GuardDuty account for which you want to create an IPSet.\n\nTo find the `detectorId` in the current Region, see the\nSettings page in the GuardDuty console, or run the [ListDetectors](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListDetectors.html) API.", - "title": "DetectorId", + "Description": { + "markdownDescription": "A description of the workflow.", + "title": "Description", "type": "string" }, - "Format": { - "markdownDescription": "The format of the file that contains the IPSet.", - "title": "Format", - "type": "string" + "IdMappingTechniques": { + "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow.IdMappingTechniques", + "markdownDescription": "An object which defines the ID mapping technique and any additional configurations.", + "title": "IdMappingTechniques" }, - "Location": { - "markdownDescription": "The URI of the file that contains the IPSet.", - "title": "Location", - "type": "string" + "InputSourceConfig": { + "items": { + "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow.IdMappingWorkflowInputSource" + }, + "markdownDescription": "A list of `InputSource` objects, which have the fields `InputSourceARN` and `SchemaName` .", + "title": "InputSourceConfig", + "type": "array" }, - "Name": { - "markdownDescription": "The user-friendly name to identify the IPSet.\n\nAllowed characters are alphanumeric, whitespace, dash (-), and underscores (_).", - "title": "Name", + "OutputSourceConfig": { + "items": { + "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow.IdMappingWorkflowOutputSource" + }, + "markdownDescription": "A list of `IdMappingWorkflowOutputSource` objects, each of which contains fields `OutputS3Path` and `Output` .", + "title": "OutputSourceConfig", + "type": "array" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role. AWS Entity Resolution assumes this role to create resources on your behalf as part of workflow execution.", + "title": "RoleArn", "type": "string" }, "Tags": { "items": { - "$ref": "#/definitions/AWS::GuardDuty::IPSet.TagItem" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to be added to a new IP set resource. Each tag consists of a key and an optional value, both of which you define.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "The tags used to organize, track, or control access for this resource.", "title": "Tags", "type": "array" + }, + "WorkflowName": { + "markdownDescription": "The name of the workflow. There can't be multiple `IdMappingWorkflows` with the same name.", + "title": "WorkflowName", + "type": "string" } }, "required": [ - "Format", - "Location" + "IdMappingTechniques", + "InputSourceConfig", + "RoleArn", + "WorkflowName" ], "type": "object" }, "Type": { "enum": [ - "AWS::GuardDuty::IPSet" + "AWS::EntityResolution::IdMappingWorkflow" ], "type": "string" }, @@ -113359,197 +117547,171 @@ ], "type": "object" }, - "AWS::GuardDuty::IPSet.TagItem": { + "AWS::EntityResolution::IdMappingWorkflow.IdMappingRuleBasedProperties": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The tag key.", - "title": "Key", + "AttributeMatchingModel": { + "markdownDescription": "The comparison type. You can either choose `ONE_TO_ONE` or `MANY_TO_MANY` as the `attributeMatchingModel` .\n\nIf you choose `MANY_TO_MANY` , the system can match attributes across the sub-types of an attribute type. For example, if the value of the `Email` field of Profile A matches the value of the `BusinessEmail` field of Profile B, the two profiles are matched on the `Email` attribute type.\n\nIf you choose `ONE_TO_ONE` , the system can only match attributes if the sub-types are an exact match. For example, for the `Email` attribute type, the system will only consider it a match if the value of the `Email` field of Profile A matches the value of the `Email` field of Profile B.", + "title": "AttributeMatchingModel", "type": "string" }, - "Value": { - "markdownDescription": "The tag value.", - "title": "Value", + "RecordMatchingModel": { + "markdownDescription": "The type of matching record that is allowed to be used in an ID mapping workflow.\n\nIf the value is set to `ONE_SOURCE_TO_ONE_TARGET` , only one record in the source can be matched to the same record in the target.\n\nIf the value is set to `MANY_SOURCE_TO_ONE_TARGET` , multiple records in the source can be matched to one record in the target.", + "title": "RecordMatchingModel", + "type": "string" + }, + "RuleDefinitionType": { + "markdownDescription": "The set of rules you can use in an ID mapping workflow. The limitations specified for the source or target to define the match rules must be compatible.", + "title": "RuleDefinitionType", "type": "string" + }, + "Rules": { + "items": { + "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow.Rule" + }, + "markdownDescription": "The rules that can be used for ID mapping.", + "title": "Rules", + "type": "array" } }, "required": [ - "Key", - "Value" + "AttributeMatchingModel", + "RecordMatchingModel" ], "type": "object" }, - "AWS::GuardDuty::Master": { + "AWS::EntityResolution::IdMappingWorkflow.IdMappingTechniques": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "IdMappingType": { + "markdownDescription": "The type of ID mapping.", + "title": "IdMappingType", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "ProviderProperties": { + "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow.ProviderProperties", + "markdownDescription": "An object which defines any additional configurations required by the provider service.", + "title": "ProviderProperties" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DetectorId": { - "markdownDescription": "The unique ID of the detector of the GuardDuty member account.\n\nTo find the `detectorId` in the current Region, see the\nSettings page in the GuardDuty console, or run the [ListDetectors](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListDetectors.html) API.", - "title": "DetectorId", - "type": "string" - }, - "InvitationId": { - "markdownDescription": "The ID of the invitation that is sent to the account designated as a member account. You can find the invitation ID by running the [ListInvitations](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListInvitations.html) in the *GuardDuty API Reference* .", - "title": "InvitationId", - "type": "string" - }, - "MasterId": { - "markdownDescription": "The AWS account ID of the account designated as the GuardDuty administrator account.", - "title": "MasterId", - "type": "string" - } - }, - "required": [ - "DetectorId", - "MasterId" - ], - "type": "object" + "RuleBasedProperties": { + "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow.IdMappingRuleBasedProperties", + "markdownDescription": "An object which defines any additional configurations required by rule-based matching.", + "title": "RuleBasedProperties" + } + }, + "type": "object" + }, + "AWS::EntityResolution::IdMappingWorkflow.IdMappingWorkflowInputSource": { + "additionalProperties": false, + "properties": { + "InputSourceARN": { + "markdownDescription": "An AWS Glue table Amazon Resource Name (ARN) or a matching workflow ARN for the input source table.", + "title": "InputSourceARN", + "type": "string" }, - "Type": { - "enum": [ - "AWS::GuardDuty::Master" - ], + "SchemaArn": { + "markdownDescription": "The ARN (Amazon Resource Name) that AWS Entity Resolution generated for the `SchemaMapping` .", + "title": "SchemaArn", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Type": { + "markdownDescription": "The type of ID namespace. There are two types: `SOURCE` and `TARGET` .\n\nThe `SOURCE` contains configurations for `sourceId` data that will be processed in an ID mapping workflow.\n\nThe `TARGET` contains a configuration of `targetId` which all `sourceIds` will resolve to.", + "title": "Type", "type": "string" } }, "required": [ - "Type", - "Properties" + "InputSourceARN" ], "type": "object" }, - "AWS::GuardDuty::Member": { + "AWS::EntityResolution::IdMappingWorkflow.IdMappingWorkflowOutputSource": { "additionalProperties": false, "properties": { - "Condition": { + "KMSArn": { + "markdownDescription": "Customer AWS KMS ARN for encryption at rest. If not provided, system will use an AWS Entity Resolution managed KMS key.", + "title": "KMSArn", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "OutputS3Path": { + "markdownDescription": "The S3 path to which AWS Entity Resolution will write the output table.", + "title": "OutputS3Path", "type": "string" + } + }, + "required": [ + "OutputS3Path" + ], + "type": "object" + }, + "AWS::EntityResolution::IdMappingWorkflow.IntermediateSourceConfiguration": { + "additionalProperties": false, + "properties": { + "IntermediateS3Path": { + "markdownDescription": "The Amazon S3 location (bucket and prefix). For example: `s3://provider_bucket/DOC-EXAMPLE-BUCKET`", + "title": "IntermediateS3Path", + "type": "string" + } + }, + "required": [ + "IntermediateS3Path" + ], + "type": "object" + }, + "AWS::EntityResolution::IdMappingWorkflow.ProviderProperties": { + "additionalProperties": false, + "properties": { + "IntermediateSourceConfiguration": { + "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow.IntermediateSourceConfiguration", + "markdownDescription": "The Amazon S3 location that temporarily stores your data while it processes. Your information won't be saved permanently.", + "title": "IntermediateSourceConfiguration" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DetectorId": { - "markdownDescription": "The ID of the detector associated with the GuardDuty service to add the member to.", - "title": "DetectorId", - "type": "string" - }, - "DisableEmailNotification": { - "markdownDescription": "Specifies whether or not to disable email notification for the member account that you invite.", - "title": "DisableEmailNotification", - "type": "boolean" - }, - "Email": { - "markdownDescription": "The email address associated with the member account.", - "title": "Email", - "type": "string" - }, - "MemberId": { - "markdownDescription": "The AWS account ID of the account to designate as a member.", - "title": "MemberId", - "type": "string" - }, - "Message": { - "markdownDescription": "The invitation message that you want to send to the accounts that you're inviting to GuardDuty as members.", - "title": "Message", - "type": "string" - }, - "Status": { - "markdownDescription": "You can use the `Status` property to update the status of the relationship between the member account and its administrator account. Valid values are `Created` and `Invited` when using an `AWS::GuardDuty::Member` resource. If the value for this property is not provided or set to `Created` , a member account is created but not invited. If the value of this property is set to `Invited` , a member account is created and invited.", - "title": "Status", + "ProviderConfiguration": { + "additionalProperties": true, + "markdownDescription": "The required configuration fields to use with the provider service.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { "type": "string" } }, - "required": [ - "Email" - ], + "title": "ProviderConfiguration", "type": "object" }, - "Type": { - "enum": [ - "AWS::GuardDuty::Member" - ], + "ProviderServiceArn": { + "markdownDescription": "The ARN of the provider service.", + "title": "ProviderServiceArn", "type": "string" + } + }, + "required": [ + "ProviderServiceArn" + ], + "type": "object" + }, + "AWS::EntityResolution::IdMappingWorkflow.Rule": { + "additionalProperties": false, + "properties": { + "MatchingKeys": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of `MatchingKeys` . The `MatchingKeys` must have been defined in the `SchemaMapping` . Two records are considered to match according to this rule if all of the `MatchingKeys` match.", + "title": "MatchingKeys", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "RuleName": { + "markdownDescription": "A name for the matching rule.", + "title": "RuleName", "type": "string" } }, "required": [ - "Type", - "Properties" + "MatchingKeys", + "RuleName" ], "type": "object" }, - "AWS::GuardDuty::ThreatIntelSet": { + "AWS::EntityResolution::IdNamespace": { "additionalProperties": false, "properties": { "Condition": { @@ -113584,49 +117746,60 @@ "Properties": { "additionalProperties": false, "properties": { - "Activate": { - "markdownDescription": "A Boolean value that indicates whether GuardDuty is to start using the uploaded ThreatIntelSet.", - "title": "Activate", - "type": "boolean" - }, - "DetectorId": { - "markdownDescription": "The unique ID of the detector of the GuardDuty account for which you want to create a `ThreatIntelSet` .\n\nTo find the `detectorId` in the current Region, see the\nSettings page in the GuardDuty console, or run the [ListDetectors](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListDetectors.html) API.", - "title": "DetectorId", + "Description": { + "markdownDescription": "The description of the ID namespace.", + "title": "Description", "type": "string" }, - "Format": { - "markdownDescription": "The format of the file that contains the ThreatIntelSet.", - "title": "Format", - "type": "string" + "IdMappingWorkflowProperties": { + "items": { + "$ref": "#/definitions/AWS::EntityResolution::IdNamespace.IdNamespaceIdMappingWorkflowProperties" + }, + "markdownDescription": "Determines the properties of `IdMappingWorflow` where this `IdNamespace` can be used as a `Source` or a `Target` .", + "title": "IdMappingWorkflowProperties", + "type": "array" }, - "Location": { - "markdownDescription": "The URI of the file that contains the ThreatIntelSet.", - "title": "Location", + "IdNamespaceName": { + "markdownDescription": "The name of the ID namespace.", + "title": "IdNamespaceName", "type": "string" }, - "Name": { - "markdownDescription": "A user-friendly ThreatIntelSet name displayed in all findings that are generated by activity that involves IP addresses included in this ThreatIntelSet.", - "title": "Name", + "InputSourceConfig": { + "items": { + "$ref": "#/definitions/AWS::EntityResolution::IdNamespace.IdNamespaceInputSource" + }, + "markdownDescription": "A list of `InputSource` objects, which have the fields `InputSourceARN` and `SchemaName` .", + "title": "InputSourceConfig", + "type": "array" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role. AWS Entity Resolution assumes this role to access the resources defined in this `IdNamespace` on your behalf as part of the workflow run.", + "title": "RoleArn", "type": "string" }, "Tags": { "items": { - "$ref": "#/definitions/AWS::GuardDuty::ThreatIntelSet.TagItem" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to be added to a new threat list resource. Each tag consists of a key and an optional value, both of which you define.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "The tags used to organize, track, or control access for this resource.", "title": "Tags", "type": "array" + }, + "Type": { + "markdownDescription": "The type of ID namespace. There are two types: `SOURCE` and `TARGET` .\n\nThe `SOURCE` contains configurations for `sourceId` data that will be processed in an ID mapping workflow.\n\nThe `TARGET` contains a configuration of `targetId` which all `sourceIds` will resolve to.", + "title": "Type", + "type": "string" } }, "required": [ - "Format", - "Location" + "IdNamespaceName", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::GuardDuty::ThreatIntelSet" + "AWS::EntityResolution::IdNamespace" ], "type": "string" }, @@ -113645,106 +117818,133 @@ ], "type": "object" }, - "AWS::GuardDuty::ThreatIntelSet.TagItem": { + "AWS::EntityResolution::IdNamespace.IdNamespaceIdMappingWorkflowProperties": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The tag key.", - "title": "Key", + "IdMappingType": { + "markdownDescription": "The type of ID mapping.", + "title": "IdMappingType", "type": "string" }, - "Value": { - "markdownDescription": "The tag value.", - "title": "Value", - "type": "string" + "ProviderProperties": { + "$ref": "#/definitions/AWS::EntityResolution::IdNamespace.NamespaceProviderProperties", + "markdownDescription": "An object which defines any additional configurations required by the provider service.", + "title": "ProviderProperties" + }, + "RuleBasedProperties": { + "$ref": "#/definitions/AWS::EntityResolution::IdNamespace.NamespaceRuleBasedProperties", + "markdownDescription": "An object which defines any additional configurations required by rule-based matching.", + "title": "RuleBasedProperties" } }, "required": [ - "Key", - "Value" + "IdMappingType" ], "type": "object" }, - "AWS::HealthImaging::Datastore": { + "AWS::EntityResolution::IdNamespace.IdNamespaceInputSource": { "additionalProperties": false, "properties": { - "Condition": { + "InputSourceARN": { + "markdownDescription": "An AWS Glue table Amazon Resource Name (ARN) or a matching workflow ARN for the input source table.", + "title": "InputSourceARN", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SchemaName": { + "markdownDescription": "The name of the schema.", + "title": "SchemaName", "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DatastoreName": { - "markdownDescription": "The data store name.", - "title": "DatastoreName", - "type": "string" - }, - "KmsKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) assigned to the Key Management Service (KMS) key for accessing encrypted data.", - "title": "KmsKeyArn", + } + }, + "required": [ + "InputSourceARN" + ], + "type": "object" + }, + "AWS::EntityResolution::IdNamespace.NamespaceProviderProperties": { + "additionalProperties": false, + "properties": { + "ProviderConfiguration": { + "additionalProperties": true, + "markdownDescription": "An object which defines any additional configurations required by the provider service.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { "type": "string" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "The tags provided when creating a data store.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" } }, + "title": "ProviderConfiguration", "type": "object" }, - "Type": { - "enum": [ - "AWS::HealthImaging::Datastore" - ], + "ProviderServiceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the provider service.", + "title": "ProviderServiceArn", + "type": "string" + } + }, + "required": [ + "ProviderServiceArn" + ], + "type": "object" + }, + "AWS::EntityResolution::IdNamespace.NamespaceRuleBasedProperties": { + "additionalProperties": false, + "properties": { + "AttributeMatchingModel": { + "markdownDescription": "The comparison type. You can either choose `ONE_TO_ONE` or `MANY_TO_MANY` as the `attributeMatchingModel` .\n\nIf you choose `MANY_TO_MANY` , the system can match attributes across the sub-types of an attribute type. For example, if the value of the `Email` field of Profile A matches the value of `BusinessEmail` field of Profile B, the two profiles are matched on the `Email` attribute type.\n\nIf you choose `ONE_TO_ONE` , the system can only match attributes if the sub-types are an exact match. For example, for the `Email` attribute type, the system will only consider it a match if the value of the `Email` field of Profile A matches the value of the `Email` field of Profile B.", + "title": "AttributeMatchingModel", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "RecordMatchingModels": { + "items": { + "type": "string" + }, + "markdownDescription": "The type of matching record that is allowed to be used in an ID mapping workflow.\n\nIf the value is set to `ONE_SOURCE_TO_ONE_TARGET` , only one record in the source is matched to one record in the target.\n\nIf the value is set to `MANY_SOURCE_TO_ONE_TARGET` , all matching records in the source are matched to one record in the target.", + "title": "RecordMatchingModels", + "type": "array" + }, + "RuleDefinitionTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The sets of rules you can use in an ID mapping workflow. The limitations specified for the source and target must be compatible.", + "title": "RuleDefinitionTypes", + "type": "array" + }, + "Rules": { + "items": { + "$ref": "#/definitions/AWS::EntityResolution::IdNamespace.Rule" + }, + "markdownDescription": "The rules for the ID namespace.", + "title": "Rules", + "type": "array" + } + }, + "type": "object" + }, + "AWS::EntityResolution::IdNamespace.Rule": { + "additionalProperties": false, + "properties": { + "MatchingKeys": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of `MatchingKeys` . The `MatchingKeys` must have been defined in the `SchemaMapping` . Two records are considered to match according to this rule if all of the `MatchingKeys` match.", + "title": "MatchingKeys", + "type": "array" + }, + "RuleName": { + "markdownDescription": "A name for the matching rule.", + "title": "RuleName", "type": "string" } }, "required": [ - "Type" + "MatchingKeys", + "RuleName" ], "type": "object" }, - "AWS::HealthLake::FHIRDatastore": { + "AWS::EntityResolution::MatchingWorkflow": { "additionalProperties": false, "properties": { "Condition": { @@ -113779,48 +117979,68 @@ "Properties": { "additionalProperties": false, "properties": { - "DatastoreName": { - "markdownDescription": "The data store name (user-generated).", - "title": "DatastoreName", + "Description": { + "markdownDescription": "A description of the workflow.", + "title": "Description", "type": "string" }, - "DatastoreTypeVersion": { - "markdownDescription": "The FHIR release version supported by the data store. Current support is for version `R4` .", - "title": "DatastoreTypeVersion", - "type": "string" + "IncrementalRunConfig": { + "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.IncrementalRunConfig", + "markdownDescription": "Optional. An object that defines the incremental run type. This object contains only the `incrementalRunType` field, which appears as \"Automatic\" in the console.\n\n> For workflows where `resolutionType` is `ML_MATCHING` , incremental processing is not supported.", + "title": "IncrementalRunConfig" }, - "IdentityProviderConfiguration": { - "$ref": "#/definitions/AWS::HealthLake::FHIRDatastore.IdentityProviderConfiguration", - "markdownDescription": "The identity provider configuration selected when the data store was created.", - "title": "IdentityProviderConfiguration" + "InputSourceConfig": { + "items": { + "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.InputSource" + }, + "markdownDescription": "A list of `InputSource` objects, which have the fields `InputSourceARN` and `SchemaName` .", + "title": "InputSourceConfig", + "type": "array" }, - "PreloadDataConfig": { - "$ref": "#/definitions/AWS::HealthLake::FHIRDatastore.PreloadDataConfig", - "markdownDescription": "The preloaded Synthea data configuration for the data store.", - "title": "PreloadDataConfig" + "OutputSourceConfig": { + "items": { + "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.OutputSource" + }, + "markdownDescription": "A list of `OutputSource` objects, each of which contains fields `OutputS3Path` , `ApplyNormalization` , and `Output` .", + "title": "OutputSourceConfig", + "type": "array" }, - "SseConfiguration": { - "$ref": "#/definitions/AWS::HealthLake::FHIRDatastore.SseConfiguration", - "markdownDescription": "The server-side encryption key configuration for a customer-provided encryption key specified for creating a data store.", - "title": "SseConfiguration" + "ResolutionTechniques": { + "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.ResolutionTechniques", + "markdownDescription": "An object which defines the `resolutionType` and the `ruleBasedProperties` .", + "title": "ResolutionTechniques" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role. AWS Entity Resolution assumes this role to create resources on your behalf as part of workflow execution.", + "title": "RoleArn", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "The tags used to organize, track, or control access for this resource.", "title": "Tags", "type": "array" + }, + "WorkflowName": { + "markdownDescription": "The name of the workflow. There can't be multiple `MatchingWorkflows` with the same name.", + "title": "WorkflowName", + "type": "string" } }, "required": [ - "DatastoreTypeVersion" + "InputSourceConfig", + "OutputSourceConfig", + "ResolutionTechniques", + "RoleArn", + "WorkflowName" ], "type": "object" }, "Type": { "enum": [ - "AWS::HealthLake::FHIRDatastore" + "AWS::EntityResolution::MatchingWorkflow" ], "type": "string" }, @@ -113839,284 +118059,214 @@ ], "type": "object" }, - "AWS::HealthLake::FHIRDatastore.CreatedAt": { + "AWS::EntityResolution::MatchingWorkflow.IncrementalRunConfig": { "additionalProperties": false, "properties": { - "Nanos": { - "markdownDescription": "", - "title": "Nanos", - "type": "number" - }, - "Seconds": { - "markdownDescription": "", - "title": "Seconds", + "IncrementalRunType": { + "markdownDescription": "The type of incremental run. The only valid value is `IMMEDIATE` . This appears as \"Automatic\" in the console.\n\n> For workflows where `resolutionType` is `ML_MATCHING` , incremental processing is not supported.", + "title": "IncrementalRunType", "type": "string" } }, "required": [ - "Nanos", - "Seconds" + "IncrementalRunType" ], "type": "object" }, - "AWS::HealthLake::FHIRDatastore.IdentityProviderConfiguration": { + "AWS::EntityResolution::MatchingWorkflow.InputSource": { "additionalProperties": false, "properties": { - "AuthorizationStrategy": { - "markdownDescription": "The authorization strategy selected when the HealthLake data store is created.\n\n> HealthLake provides support for both SMART on FHIR V1 and V2 as described below.\n> \n> - `SMART_ON_FHIR_V1` \u2013 Support for only SMART on FHIR V1, which includes `read` (read/search) and `write` (create/update/delete) permissions.\n> - `SMART_ON_FHIR` \u2013 Support for both SMART on FHIR V1 and V2, which includes `create` , `read` , `update` , `delete` , and `search` permissions.\n> - `AWS_AUTH` \u2013 The default HealthLake authorization strategy; not affiliated with SMART on FHIR.", - "title": "AuthorizationStrategy", - "type": "string" - }, - "FineGrainedAuthorizationEnabled": { - "markdownDescription": "The parameter to enable SMART on FHIR fine-grained authorization for the data store.", - "title": "FineGrainedAuthorizationEnabled", + "ApplyNormalization": { + "markdownDescription": "Normalizes the attributes defined in the schema in the input data. For example, if an attribute has an `AttributeType` of `PHONE_NUMBER` , and the data in the input table is in a format of 1234567890, AWS Entity Resolution will normalize this field in the output to (123)-456-7890.", + "title": "ApplyNormalization", "type": "boolean" }, - "IdpLambdaArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function to use to decode the access token created by the authorization server.", - "title": "IdpLambdaArn", + "InputSourceARN": { + "markdownDescription": "An object containing `InputSourceARN` , `SchemaName` , and `ApplyNormalization` .", + "title": "InputSourceARN", "type": "string" }, - "Metadata": { - "markdownDescription": "The JSON metadata elements to use in your identity provider configuration. Required elements are listed based on the launch specification of the SMART application. For more information on all possible elements, see [Metadata](https://docs.aws.amazon.com/https://build.fhir.org/ig/HL7/smart-app-launch/conformance.html#metadata) in SMART's App Launch specification.\n\n`authorization_endpoint` : The URL to the OAuth2 authorization endpoint.\n\n`grant_types_supported` : An array of grant types that are supported at the token endpoint. You must provide at least one grant type option. Valid options are `authorization_code` and `client_credentials` .\n\n`token_endpoint` : The URL to the OAuth2 token endpoint.\n\n`capabilities` : An array of strings of the SMART capabilities that the authorization server supports.\n\n`code_challenge_methods_supported` : An array of strings of supported PKCE code challenge methods. You must include the `S256` method in the array of PKCE code challenge methods.", - "title": "Metadata", + "SchemaArn": { + "markdownDescription": "The name of the schema.", + "title": "SchemaArn", "type": "string" } }, "required": [ - "AuthorizationStrategy" + "InputSourceARN", + "SchemaArn" ], "type": "object" }, - "AWS::HealthLake::FHIRDatastore.KmsEncryptionConfig": { + "AWS::EntityResolution::MatchingWorkflow.IntermediateSourceConfiguration": { "additionalProperties": false, "properties": { - "CmkType": { - "markdownDescription": "The type of customer-managed-key(CMK) used for encryption. The two types of supported CMKs are customer owned CMKs and Amazon owned CMKs. For more information on CMK types, see [KmsEncryptionConfig](https://docs.aws.amazon.com/healthlake/latest/APIReference/API_KmsEncryptionConfig.html#HealthLake-Type-KmsEncryptionConfig-CmkType) .", - "title": "CmkType", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "The Key Management Service (KMS) encryption key id/alias used to encrypt the data store contents at rest.", - "title": "KmsKeyId", + "IntermediateS3Path": { + "markdownDescription": "The Amazon S3 location (bucket and prefix). For example: `s3://provider_bucket/DOC-EXAMPLE-BUCKET`", + "title": "IntermediateS3Path", "type": "string" } }, "required": [ - "CmkType" + "IntermediateS3Path" ], "type": "object" }, - "AWS::HealthLake::FHIRDatastore.PreloadDataConfig": { + "AWS::EntityResolution::MatchingWorkflow.OutputAttribute": { "additionalProperties": false, "properties": { - "PreloadDataType": { - "markdownDescription": "The type of preloaded data. Only Synthea preloaded data is supported.", - "title": "PreloadDataType", + "Hashed": { + "markdownDescription": "Enables the ability to hash the column values in the output.", + "title": "Hashed", + "type": "boolean" + }, + "Name": { + "markdownDescription": "A name of a column to be written to the output. This must be an `InputField` name in the schema mapping.", + "title": "Name", "type": "string" } }, "required": [ - "PreloadDataType" + "Name" ], "type": "object" }, - "AWS::HealthLake::FHIRDatastore.SseConfiguration": { + "AWS::EntityResolution::MatchingWorkflow.OutputSource": { "additionalProperties": false, "properties": { - "KmsEncryptionConfig": { - "$ref": "#/definitions/AWS::HealthLake::FHIRDatastore.KmsEncryptionConfig", - "markdownDescription": "The server-side encryption key configuration for a customer provided encryption key.", - "title": "KmsEncryptionConfig" + "ApplyNormalization": { + "markdownDescription": "Normalizes the attributes defined in the schema in the input data. For example, if an attribute has an `AttributeType` of `PHONE_NUMBER` , and the data in the input table is in a format of 1234567890, AWS Entity Resolution will normalize this field in the output to (123)-456-7890.", + "title": "ApplyNormalization", + "type": "boolean" + }, + "KMSArn": { + "markdownDescription": "Customer KMS ARN for encryption at rest. If not provided, system will use an AWS Entity Resolution managed KMS key.", + "title": "KMSArn", + "type": "string" + }, + "Output": { + "items": { + "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.OutputAttribute" + }, + "markdownDescription": "A list of `OutputAttribute` objects, each of which have the fields `Name` and `Hashed` . Each of these objects selects a column to be included in the output table, and whether the values of the column should be hashed.", + "title": "Output", + "type": "array" + }, + "OutputS3Path": { + "markdownDescription": "The S3 path to which AWS Entity Resolution will write the output table.", + "title": "OutputS3Path", + "type": "string" } }, "required": [ - "KmsEncryptionConfig" + "Output", + "OutputS3Path" ], "type": "object" }, - "AWS::IAM::AccessKey": { + "AWS::EntityResolution::MatchingWorkflow.ProviderProperties": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "IntermediateSourceConfiguration": { + "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.IntermediateSourceConfiguration", + "markdownDescription": "The Amazon S3 location that temporarily stores your data while it processes. Your information won't be saved permanently.", + "title": "IntermediateSourceConfiguration" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Serial": { - "markdownDescription": "This value is specific to CloudFormation and can only be *incremented* . Incrementing this value notifies CloudFormation that you want to rotate your access key. When you update your stack, CloudFormation will replace the existing access key with a new key.", - "title": "Serial", - "type": "number" - }, - "Status": { - "markdownDescription": "The status of the access key. `Active` means that the key is valid for API calls, while `Inactive` means it is not.", - "title": "Status", - "type": "string" - }, - "UserName": { - "markdownDescription": "The name of the IAM user that the new key will belong to.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "UserName", + "ProviderConfiguration": { + "additionalProperties": true, + "markdownDescription": "The required configuration fields to use with the provider service.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { "type": "string" } }, - "required": [ - "UserName" - ], + "title": "ProviderConfiguration", "type": "object" }, - "Type": { - "enum": [ - "AWS::IAM::AccessKey" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ProviderServiceArn": { + "markdownDescription": "The ARN of the provider service.", + "title": "ProviderServiceArn", "type": "string" } }, "required": [ - "Type", - "Properties" + "ProviderServiceArn" ], "type": "object" }, - "AWS::IAM::Group": { + "AWS::EntityResolution::MatchingWorkflow.ResolutionTechniques": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "ProviderProperties": { + "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.ProviderProperties", + "markdownDescription": "The properties of the provider service.", + "title": "ProviderProperties" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ResolutionType": { + "markdownDescription": "The type of matching. There are three types of matching: `RULE_MATCHING` , `ML_MATCHING` , and `PROVIDER` .", + "title": "ResolutionType", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "GroupName": { - "markdownDescription": "The name of the group to create. Do not include the path in this value.\n\nThe group name must be unique within the account. Group names are not distinguished by case. For example, you cannot create groups named both \"ADMINS\" and \"admins\". If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the group name.\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name. \n\nIf you specify a name, you must specify the `CAPABILITY_NAMED_IAM` value to acknowledge your template's capabilities. For more information, see [Acknowledging IAM Resources in AWS CloudFormation Templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-template.html#using-iam-capabilities) .\n\n> Naming an IAM resource can cause an unrecoverable error if you reuse the same template in multiple Regions. To prevent this, we recommend using `Fn::Join` and `AWS::Region` to create a Region-specific name, as in the following example: `{\"Fn::Join\": [\"\", [{\"Ref\": \"AWS::Region\"}, {\"Ref\": \"MyResourceName\"}]]}` .", - "title": "GroupName", - "type": "string" - }, - "ManagedPolicyArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM policy you want to attach.\n\nFor more information about ARNs, see [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* .", - "title": "ManagedPolicyArns", - "type": "array" - }, - "Path": { - "markdownDescription": "The path to the group. For more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.", - "title": "Path", - "type": "string" - }, - "Policies": { - "items": { - "$ref": "#/definitions/AWS::IAM::Group.Policy" - }, - "markdownDescription": "Adds or updates an inline policy document that is embedded in the specified IAM group. To view AWS::IAM::Group snippets, see [Declaring an IAM Group Resource](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-iam.html#scenario-iam-group) .\n\n> The name of each inline policy for a role, user, or group must be unique. If you don't choose unique names, updates to the IAM identity will fail. \n\nFor information about limits on the number of inline policies that you can embed in a group, see [Limitations on IAM Entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the *IAM User Guide* .", - "title": "Policies", - "type": "array" - } + "RuleBasedProperties": { + "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.RuleBasedProperties", + "markdownDescription": "An object which defines the list of matching rules to run and has a field `Rules` , which is a list of rule objects.", + "title": "RuleBasedProperties" + } + }, + "type": "object" + }, + "AWS::EntityResolution::MatchingWorkflow.Rule": { + "additionalProperties": false, + "properties": { + "MatchingKeys": { + "items": { + "type": "string" }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::IAM::Group" - ], - "type": "string" + "markdownDescription": "A list of `MatchingKeys` . The `MatchingKeys` must have been defined in the `SchemaMapping` . Two records are considered to match according to this rule if all of the `MatchingKeys` match.", + "title": "MatchingKeys", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "RuleName": { + "markdownDescription": "A name for the matching rule.", + "title": "RuleName", "type": "string" } }, "required": [ - "Type" + "MatchingKeys", + "RuleName" ], "type": "object" }, - "AWS::IAM::Group.Policy": { + "AWS::EntityResolution::MatchingWorkflow.RuleBasedProperties": { "additionalProperties": false, "properties": { - "PolicyDocument": { - "markdownDescription": "The policy document.", - "title": "PolicyDocument", - "type": "object" + "AttributeMatchingModel": { + "markdownDescription": "The comparison type. You can either choose `ONE_TO_ONE` or `MANY_TO_MANY` as the `attributeMatchingModel` .\n\nIf you choose `MANY_TO_MANY` , the system can match attributes across the sub-types of an attribute type. For example, if the value of the `Email` field of Profile A and the value of `BusinessEmail` field of Profile B matches, the two profiles are matched on the `Email` attribute type.\n\nIf you choose `ONE_TO_ONE` , the system can only match attributes if the sub-types are an exact match. For example, for the `Email` attribute type, the system will only consider it a match if the value of the `Email` field of Profile A matches the value of the `Email` field of Profile B.", + "title": "AttributeMatchingModel", + "type": "string" }, - "PolicyName": { - "markdownDescription": "The friendly name (not ARN) identifying the policy.", - "title": "PolicyName", + "MatchPurpose": { + "markdownDescription": "An indicator of whether to generate IDs and index the data or not.\n\nIf you choose `IDENTIFIER_GENERATION` , the process generates IDs and indexes the data.\n\nIf you choose `INDEXING` , the process indexes the data without generating IDs.", + "title": "MatchPurpose", "type": "string" + }, + "Rules": { + "items": { + "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.Rule" + }, + "markdownDescription": "A list of `Rule` objects, each of which have fields `RuleName` and `MatchingKeys` .", + "title": "Rules", + "type": "array" } }, "required": [ - "PolicyDocument", - "PolicyName" + "AttributeMatchingModel", + "Rules" ], "type": "object" }, - "AWS::IAM::GroupPolicy": { + "AWS::EntityResolution::PolicyStatement": { "additionalProperties": false, "properties": { "Condition": { @@ -114151,31 +118301,52 @@ "Properties": { "additionalProperties": false, "properties": { - "GroupName": { - "markdownDescription": "The name of the group to associate the policy with.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-.", - "title": "GroupName", + "Action": { + "items": { + "type": "string" + }, + "markdownDescription": "The action that the principal can use on the resource.\n\nFor example, `entityresolution:GetIdMappingJob` , `entityresolution:GetMatchingJob` .", + "title": "Action", + "type": "array" + }, + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource that will be accessed by the principal.", + "title": "Arn", "type": "string" }, - "PolicyDocument": { - "markdownDescription": "The policy document.\n\nYou must provide policies in JSON format in IAM. However, for AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it to IAM.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", - "title": "PolicyDocument", - "type": "object" + "Condition": { + "markdownDescription": "A set of condition keys that you can use in key policies.", + "title": "Condition", + "type": "string" }, - "PolicyName": { - "markdownDescription": "The name of the policy document.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "PolicyName", + "Effect": { + "markdownDescription": "Determines whether the permissions specified in the policy are to be allowed ( `Allow` ) or denied ( `Deny` ).\n\n> If you set the value of the `effect` parameter to `Deny` for the `AddPolicyStatement` operation, you must also set the value of the `effect` parameter in the `policy` to `Deny` for the `PutPolicy` operation.", + "title": "Effect", + "type": "string" + }, + "Principal": { + "items": { + "type": "string" + }, + "markdownDescription": "The AWS service or AWS account that can access the resource defined as ARN.", + "title": "Principal", + "type": "array" + }, + "StatementId": { + "markdownDescription": "A statement identifier that differentiates the statement from others in the same policy.", + "title": "StatementId", "type": "string" } }, "required": [ - "GroupName", - "PolicyName" + "Arn", + "StatementId" ], "type": "object" }, "Type": { "enum": [ - "AWS::IAM::GroupPolicy" + "AWS::EntityResolution::PolicyStatement" ], "type": "string" }, @@ -114194,7 +118365,7 @@ ], "type": "object" }, - "AWS::IAM::InstanceProfile": { + "AWS::EntityResolution::SchemaMapping": { "additionalProperties": false, "properties": { "Condition": { @@ -114229,33 +118400,42 @@ "Properties": { "additionalProperties": false, "properties": { - "InstanceProfileName": { - "markdownDescription": "The name of the instance profile to create.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "InstanceProfileName", + "Description": { + "markdownDescription": "A description of the schema.", + "title": "Description", "type": "string" }, - "Path": { - "markdownDescription": "The path to the instance profile. For more information about paths, see [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.", - "title": "Path", + "MappedInputFields": { + "items": { + "$ref": "#/definitions/AWS::EntityResolution::SchemaMapping.SchemaInputAttribute" + }, + "markdownDescription": "A list of `MappedInputFields` . Each `MappedInputField` corresponds to a column the source data table, and contains column name plus additional information that AWS Entity Resolution uses for matching.", + "title": "MappedInputFields", + "type": "array" + }, + "SchemaName": { + "markdownDescription": "The name of the schema. There can't be multiple `SchemaMappings` with the same name.", + "title": "SchemaName", "type": "string" }, - "Roles": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The name of the role to associate with the instance profile. Only one role can be assigned to an EC2 instance at a time, and all applications on the instance share the same role and permissions.", - "title": "Roles", + "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "title": "Tags", "type": "array" } }, "required": [ - "Roles" + "MappedInputFields", + "SchemaName" ], "type": "object" }, "Type": { "enum": [ - "AWS::IAM::InstanceProfile" + "AWS::EntityResolution::SchemaMapping" ], "type": "string" }, @@ -114274,7 +118454,47 @@ ], "type": "object" }, - "AWS::IAM::ManagedPolicy": { + "AWS::EntityResolution::SchemaMapping.SchemaInputAttribute": { + "additionalProperties": false, + "properties": { + "FieldName": { + "markdownDescription": "A string containing the field name.", + "title": "FieldName", + "type": "string" + }, + "GroupName": { + "markdownDescription": "A string that instructs AWS Entity Resolution to combine several columns into a unified column with the identical attribute type.\n\nFor example, when working with columns such as `NAME_FIRST` , `NAME_MIDDLE` , and `NAME_LAST` , assigning them a common `groupName` will prompt AWS Entity Resolution to concatenate them into a single value.", + "title": "GroupName", + "type": "string" + }, + "Hashed": { + "markdownDescription": "Indicates if the column values are hashed in the schema input.\n\nIf the value is set to `TRUE` , the column values are hashed.\n\nIf the value is set to `FALSE` , the column values are cleartext.", + "title": "Hashed", + "type": "boolean" + }, + "MatchKey": { + "markdownDescription": "A key that allows grouping of multiple input attributes into a unified matching group.\n\nFor example, consider a scenario where the source table contains various addresses, such as `business_address` and `shipping_address` . By assigning a `matchKey` called `address` to both attributes, AWS Entity Resolution will match records across these fields to create a consolidated matching group.\n\nIf no `matchKey` is specified for a column, it won't be utilized for matching purposes but will still be included in the output table.", + "title": "MatchKey", + "type": "string" + }, + "SubType": { + "markdownDescription": "The subtype of the attribute, selected from a list of values.", + "title": "SubType", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the attribute, selected from a list of values.\n\nLiveRamp supports: `NAME` | `NAME_FIRST` | `NAME_MIDDLE` | `NAME_LAST` | `ADDRESS` | `ADDRESS_STREET1` | `ADDRESS_STREET2` | `ADDRESS_STREET3` | `ADDRESS_CITY` | `ADDRESS_STATE` | `ADDRESS_COUNTRY` | `ADDRESS_POSTALCODE` | `PHONE` | `PHONE_NUMBER` | `EMAIL_ADDRESS` | `UNIQUE_ID` | `PROVIDER_ID`\n\nTransUnion supports: `NAME` | `NAME_FIRST` | `NAME_LAST` | `ADDRESS` | `ADDRESS_CITY` | `ADDRESS_STATE` | `ADDRESS_COUNTRY` | `ADDRESS_POSTALCODE` | `PHONE_NUMBER` | `EMAIL_ADDRESS` | `UNIQUE_ID` | `IPV4` | `IPV6` | `MAID`\n\nUnified ID 2.0 supports: `PHONE_NUMBER` | `EMAIL_ADDRESS` | `UNIQUE_ID`\n\n> Normalization is only supported for `NAME` , `ADDRESS` , `PHONE` , and `EMAIL_ADDRESS` .\n> \n> If you want to normalize `NAME_FIRST` , `NAME_MIDDLE` , and `NAME_LAST` , you must group them by assigning them to the `NAME` `groupName` .\n> \n> If you want to normalize `ADDRESS_STREET1` , `ADDRESS_STREET2` , `ADDRESS_STREET3` , `ADDRESS_CITY` , `ADDRESS_STATE` , `ADDRESS_COUNTRY` , and `ADDRESS_POSTALCODE` , you must group them by assigning them to the `ADDRESS` `groupName` .\n> \n> If you want to normalize `PHONE_NUMBER` and `PHONE_COUNTRYCODE` , you must group them by assigning them to the `PHONE` `groupName` .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "FieldName", + "Type" + ], + "type": "object" + }, + "AWS::EventSchemas::Discoverer": { "additionalProperties": false, "properties": { "Condition": { @@ -114309,59 +118529,38 @@ "Properties": { "additionalProperties": false, "properties": { + "CrossAccount": { + "markdownDescription": "Allows for the discovery of the event schemas that are sent to the event bus from another account.", + "title": "CrossAccount", + "type": "boolean" + }, "Description": { - "markdownDescription": "A friendly description of the policy.\n\nTypically used to store information about the permissions defined in the policy. For example, \"Grants access to production DynamoDB tables.\"\n\nThe policy description is immutable. After a value is assigned, it cannot be changed.", + "markdownDescription": "A description for the discoverer.", "title": "Description", "type": "string" }, - "Groups": { - "items": { - "type": "string" - }, - "markdownDescription": "The name (friendly name, not ARN) of the group to attach the policy to.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "Groups", - "type": "array" - }, - "ManagedPolicyName": { - "markdownDescription": "The friendly name of the policy.\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name. \n\nIf you specify a name, you must specify the `CAPABILITY_NAMED_IAM` value to acknowledge your template's capabilities. For more information, see [Acknowledging IAM Resources in AWS CloudFormation Templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-template.html#using-iam-capabilities) .\n\n> Naming an IAM resource can cause an unrecoverable error if you reuse the same template in multiple Regions. To prevent this, we recommend using `Fn::Join` and `AWS::Region` to create a Region-specific name, as in the following example: `{\"Fn::Join\": [\"\", [{\"Ref\": \"AWS::Region\"}, {\"Ref\": \"MyResourceName\"}]]}` .", - "title": "ManagedPolicyName", - "type": "string" - }, - "Path": { - "markdownDescription": "The path for the policy.\n\nFor more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.\n\n> You cannot use an asterisk (*) in the path name.", - "title": "Path", + "SourceArn": { + "markdownDescription": "The ARN of the event bus.", + "title": "SourceArn", "type": "string" }, - "PolicyDocument": { - "markdownDescription": "The JSON policy document that you want to use as the content for the new policy.\n\nYou must provide policies in JSON format in IAM. However, for AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it to IAM.\n\nThe maximum length of the policy document that you can pass in this operation, including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see [IAM and AWS STS character quotas](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length) .\n\nTo learn more about JSON policy grammar, see [Grammar of the IAM JSON policy language](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_grammar.html) in the *IAM User Guide* .\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", - "title": "PolicyDocument", - "type": "object" - }, - "Roles": { - "items": { - "type": "string" - }, - "markdownDescription": "The name (friendly name, not ARN) of the role to attach the policy to.\n\nThis parameter allows (per its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-\n\n> If an external policy (such as `AWS::IAM::Policy` or `AWS::IAM::ManagedPolicy` ) has a `Ref` to a role and if a resource (such as `AWS::ECS::Service` ) also has a `Ref` to the same role, add a `DependsOn` attribute to the resource to make the resource depend on the external policy. This dependency ensures that the role's policy is available throughout the resource's lifecycle. For example, when you delete a stack with an `AWS::ECS::Service` resource, the `DependsOn` attribute ensures that AWS CloudFormation deletes the `AWS::ECS::Service` resource before deleting its role's policy.", - "title": "Roles", - "type": "array" - }, - "Users": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EventSchemas::Discoverer.TagsEntry" }, - "markdownDescription": "The name (friendly name, not ARN) of the IAM user to attach the policy to.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "Users", + "markdownDescription": "Tags associated with the resource.", + "title": "Tags", "type": "array" } }, "required": [ - "PolicyDocument" + "SourceArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::IAM::ManagedPolicy" + "AWS::EventSchemas::Discoverer" ], "type": "string" }, @@ -114380,7 +118579,27 @@ ], "type": "object" }, - "AWS::IAM::OIDCProvider": { + "AWS::EventSchemas::Discoverer.TagsEntry": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The key of a key-value pair.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of a key-value pair.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::EventSchemas::Registry": { "additionalProperties": false, "properties": { "Condition": { @@ -114415,44 +118634,30 @@ "Properties": { "additionalProperties": false, "properties": { - "ClientIdList": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of client IDs (also known as audiences) that are associated with the specified IAM OIDC provider resource object. For more information, see [CreateOpenIDConnectProvider](https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateOpenIDConnectProvider.html) .", - "title": "ClientIdList", - "type": "array" + "Description": { + "markdownDescription": "A description of the registry to be created.", + "title": "Description", + "type": "string" + }, + "RegistryName": { + "markdownDescription": "The name of the schema registry.", + "title": "RegistryName", + "type": "string" }, "Tags": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::EventSchemas::Registry.TagsEntry" }, - "markdownDescription": "A list of tags that are attached to the specified IAM OIDC provider. The returned list of tags is sorted by tag key. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .", + "markdownDescription": "Tags to associate with the registry.", "title": "Tags", "type": "array" - }, - "ThumbprintList": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of certificate thumbprints that are associated with the specified IAM OIDC provider resource object. For more information, see [CreateOpenIDConnectProvider](https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateOpenIDConnectProvider.html) .\n\nThis property is optional. If it is not included, IAM will retrieve and use the top intermediate certificate authority (CA) thumbprint of the OpenID Connect identity provider server certificate.", - "title": "ThumbprintList", - "type": "array" - }, - "Url": { - "markdownDescription": "The URL that the IAM OIDC provider resource object is associated with. For more information, see [CreateOpenIDConnectProvider](https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateOpenIDConnectProvider.html) .", - "title": "Url", - "type": "string" } }, - "required": [ - "ThumbprintList" - ], "type": "object" }, "Type": { "enum": [ - "AWS::IAM::OIDCProvider" + "AWS::EventSchemas::Registry" ], "type": "string" }, @@ -114466,12 +118671,31 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::IAM::Policy": { + "AWS::EventSchemas::Registry.TagsEntry": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The key of a key-value pair.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of a key-value pair.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::EventSchemas::RegistryPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -114506,50 +118730,31 @@ "Properties": { "additionalProperties": false, "properties": { - "Groups": { - "items": { - "type": "string" - }, - "markdownDescription": "The name of the group to associate the policy with.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-.", - "title": "Groups", - "type": "array" - }, - "PolicyDocument": { - "markdownDescription": "The policy document.\n\nYou must provide policies in JSON format in IAM. However, for AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it to IAM.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", - "title": "PolicyDocument", + "Policy": { + "markdownDescription": "A resource-based policy.", + "title": "Policy", "type": "object" }, - "PolicyName": { - "markdownDescription": "The name of the policy document.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "PolicyName", + "RegistryName": { + "markdownDescription": "The name of the registry.", + "title": "RegistryName", "type": "string" }, - "Roles": { - "items": { - "type": "string" - }, - "markdownDescription": "The name of the role to associate the policy with.\n\nThis parameter allows (per its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-\n\n> If an external policy (such as `AWS::IAM::Policy` or `AWS::IAM::ManagedPolicy` ) has a `Ref` to a role and if a resource (such as `AWS::ECS::Service` ) also has a `Ref` to the same role, add a `DependsOn` attribute to the resource to make the resource depend on the external policy. This dependency ensures that the role's policy is available throughout the resource's lifecycle. For example, when you delete a stack with an `AWS::ECS::Service` resource, the `DependsOn` attribute ensures that AWS CloudFormation deletes the `AWS::ECS::Service` resource before deleting its role's policy.", - "title": "Roles", - "type": "array" - }, - "Users": { - "items": { - "type": "string" - }, - "markdownDescription": "The name of the user to associate the policy with.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "Users", - "type": "array" + "RevisionId": { + "markdownDescription": "The revision ID of the policy.", + "title": "RevisionId", + "type": "string" } }, "required": [ - "PolicyDocument", - "PolicyName" + "Policy", + "RegistryName" ], "type": "object" }, "Type": { "enum": [ - "AWS::IAM::Policy" + "AWS::EventSchemas::RegistryPolicy" ], "type": "string" }, @@ -114568,7 +118773,7 @@ ], "type": "object" }, - "AWS::IAM::Role": { + "AWS::EventSchemas::Schema": { "additionalProperties": false, "properties": { "Condition": { @@ -114603,69 +118808,50 @@ "Properties": { "additionalProperties": false, "properties": { - "AssumeRolePolicyDocument": { - "markdownDescription": "The trust policy that is associated with this role. Trust policies define which entities can assume the role. You can associate only one trust policy with a role. For an example of a policy that can be used to assume a role, see [Template Examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html#aws-resource-iam-role--examples) . For more information about the elements that you can use in an IAM policy, see [IAM Policy Elements Reference](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements.html) in the *IAM User Guide* .", - "title": "AssumeRolePolicyDocument", - "type": "object" + "Content": { + "markdownDescription": "The source of the schema definition.", + "title": "Content", + "type": "string" }, "Description": { - "markdownDescription": "A description of the role that you provide.", + "markdownDescription": "A description of the schema.", "title": "Description", "type": "string" }, - "ManagedPolicyArns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of Amazon Resource Names (ARNs) of the IAM managed policies that you want to attach to the role.\n\nFor more information about ARNs, see [Amazon Resource Names (ARNs) and AWS Service Namespaces](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* .", - "title": "ManagedPolicyArns", - "type": "array" - }, - "MaxSessionDuration": { - "markdownDescription": "The maximum session duration (in seconds) that you want to set for the specified role. If you do not specify a value for this setting, the default value of one hour is applied. This setting can have a value from 1 hour to 12 hours.\n\nAnyone who assumes the role from the AWS CLI or API can use the `DurationSeconds` API parameter or the `duration-seconds` AWS CLI parameter to request a longer session. The `MaxSessionDuration` setting determines the maximum duration that can be requested using the `DurationSeconds` parameter. If users don't specify a value for the `DurationSeconds` parameter, their security credentials are valid for one hour by default. This applies when you use the `AssumeRole*` API operations or the `assume-role*` AWS CLI operations but does not apply when you use those operations to create a console URL. For more information, see [Using IAM roles](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html) in the *IAM User Guide* .", - "title": "MaxSessionDuration", - "type": "number" - }, - "Path": { - "markdownDescription": "The path to the role. For more information about paths, see [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.", - "title": "Path", - "type": "string" - }, - "PermissionsBoundary": { - "markdownDescription": "The ARN of the policy used to set the permissions boundary for the role.\n\nFor more information about permissions boundaries, see [Permissions boundaries for IAM identities](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) in the *IAM User Guide* .", - "title": "PermissionsBoundary", + "RegistryName": { + "markdownDescription": "The name of the schema registry.", + "title": "RegistryName", "type": "string" }, - "Policies": { - "items": { - "$ref": "#/definitions/AWS::IAM::Role.Policy" - }, - "markdownDescription": "Adds or updates an inline policy document that is embedded in the specified IAM role.\n\nWhen you embed an inline policy in a role, the inline policy is used as part of the role's access (permissions) policy. The role's trust policy is created at the same time as the role. You can update a role's trust policy later. For more information about IAM roles, go to [Using Roles to Delegate Permissions and Federate Identities](https://docs.aws.amazon.com/IAM/latest/UserGuide/roles-toplevel.html) .\n\nA role can also have an attached managed policy. For information about policies, see [Managed Policies and Inline Policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the *IAM User Guide* .\n\nFor information about limits on the number of inline policies that you can embed with a role, see [Limitations on IAM Entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the *IAM User Guide* .\n\n> If an external policy (such as `AWS::IAM::Policy` or `AWS::IAM::ManagedPolicy` ) has a `Ref` to a role and if a resource (such as `AWS::ECS::Service` ) also has a `Ref` to the same role, add a `DependsOn` attribute to the resource to make the resource depend on the external policy. This dependency ensures that the role's policy is available throughout the resource's lifecycle. For example, when you delete a stack with an `AWS::ECS::Service` resource, the `DependsOn` attribute ensures that AWS CloudFormation deletes the `AWS::ECS::Service` resource before deleting its role's policy.", - "title": "Policies", - "type": "array" - }, - "RoleName": { - "markdownDescription": "A name for the IAM role, up to 64 characters in length. For valid values, see the `RoleName` parameter for the [`CreateRole`](https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateRole.html) action in the *IAM User Guide* .\n\nThis parameter allows (per its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-. The role name must be unique within the account. Role names are not distinguished by case. For example, you cannot create roles named both \"Role1\" and \"role1\".\n\nIf you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the role name.\n\nIf you specify a name, you must specify the `CAPABILITY_NAMED_IAM` value to acknowledge your template's capabilities. For more information, see [Acknowledging IAM Resources in AWS CloudFormation Templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-template.html#using-iam-capabilities) .\n\n> Naming an IAM resource can cause an unrecoverable error if you reuse the same template in multiple Regions. To prevent this, we recommend using `Fn::Join` and `AWS::Region` to create a Region-specific name, as in the following example: `{\"Fn::Join\": [\"\", [{\"Ref\": \"AWS::Region\"}, {\"Ref\": \"MyResourceName\"}]]}` .", - "title": "RoleName", + "SchemaName": { + "markdownDescription": "The name of the schema.", + "title": "SchemaName", "type": "string" }, "Tags": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::EventSchemas::Schema.TagsEntry" }, - "markdownDescription": "A list of tags that are attached to the role. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .", + "markdownDescription": "Tags associated with the schema.", "title": "Tags", "type": "array" + }, + "Type": { + "markdownDescription": "The type of schema.\n\nValid types include `OpenApi3` and `JSONSchemaDraft4` .", + "title": "Type", + "type": "string" } }, "required": [ - "AssumeRolePolicyDocument" + "Content", + "RegistryName", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::IAM::Role" + "AWS::EventSchemas::Schema" ], "type": "string" }, @@ -114684,27 +118870,27 @@ ], "type": "object" }, - "AWS::IAM::Role.Policy": { + "AWS::EventSchemas::Schema.TagsEntry": { "additionalProperties": false, "properties": { - "PolicyDocument": { - "markdownDescription": "The entire contents of the policy that defines permissions. For more information, see [Overview of JSON policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policies-json) .", - "title": "PolicyDocument", - "type": "object" + "Key": { + "markdownDescription": "The key of a key-value pair.", + "title": "Key", + "type": "string" }, - "PolicyName": { - "markdownDescription": "The friendly name (not ARN) identifying the policy.", - "title": "PolicyName", + "Value": { + "markdownDescription": "The value of a key-value pair.", + "title": "Value", "type": "string" } }, "required": [ - "PolicyDocument", - "PolicyName" + "Key", + "Value" ], "type": "object" }, - "AWS::IAM::RolePolicy": { + "AWS::Events::ApiDestination": { "additionalProperties": false, "properties": { "Condition": { @@ -114739,31 +118925,47 @@ "Properties": { "additionalProperties": false, "properties": { - "PolicyDocument": { - "markdownDescription": "The policy document.\n\nYou must provide policies in JSON format in IAM. However, for AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it to IAM.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", - "title": "PolicyDocument", - "type": "object" + "ConnectionArn": { + "markdownDescription": "The ARN of the connection to use for the API destination. The destination endpoint must support the authorization type specified for the connection.", + "title": "ConnectionArn", + "type": "string" }, - "PolicyName": { - "markdownDescription": "The name of the policy document.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "PolicyName", + "Description": { + "markdownDescription": "A description for the API destination to create.", + "title": "Description", "type": "string" }, - "RoleName": { - "markdownDescription": "The name of the role to associate the policy with.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "RoleName", + "HttpMethod": { + "markdownDescription": "The method to use for the request to the HTTP invocation endpoint.", + "title": "HttpMethod", + "type": "string" + }, + "InvocationEndpoint": { + "markdownDescription": "The URL to the HTTP invocation endpoint for the API destination.", + "title": "InvocationEndpoint", + "type": "string" + }, + "InvocationRateLimitPerSecond": { + "markdownDescription": "The maximum number of requests per second to send to the HTTP invocation endpoint.", + "title": "InvocationRateLimitPerSecond", + "type": "number" + }, + "Name": { + "markdownDescription": "The name for the API destination to create.", + "title": "Name", "type": "string" } }, "required": [ - "PolicyName", - "RoleName" + "ConnectionArn", + "HttpMethod", + "InvocationEndpoint" ], "type": "object" }, "Type": { "enum": [ - "AWS::IAM::RolePolicy" + "AWS::Events::ApiDestination" ], "type": "string" }, @@ -114782,7 +118984,7 @@ ], "type": "object" }, - "AWS::IAM::SAMLProvider": { + "AWS::Events::Archive": { "additionalProperties": false, "properties": { "Condition": { @@ -114817,33 +119019,45 @@ "Properties": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the provider to create.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "Name", + "ArchiveName": { + "markdownDescription": "The name for the archive to create.", + "title": "ArchiveName", "type": "string" }, - "SamlMetadataDocument": { - "markdownDescription": "An XML document generated by an identity provider (IdP) that supports SAML 2.0. The document includes the issuer's name, expiration information, and keys that can be used to validate the SAML authentication response (assertions) that are received from the IdP. You must generate the metadata document using the identity management software that is used as your organization's IdP.\n\nFor more information, see [About SAML 2.0-based federation](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html) in the *IAM User Guide*", - "title": "SamlMetadataDocument", + "Description": { + "markdownDescription": "A description for the archive.", + "title": "Description", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of tags that you want to attach to the new IAM SAML provider. Each tag consists of a key name and an associated value. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .\n\n> If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request fails and the resource is not created.", - "title": "Tags", - "type": "array" + "EventPattern": { + "markdownDescription": "An event pattern to use to filter events sent to the archive.", + "title": "EventPattern", + "type": "object" + }, + "KmsKeyIdentifier": { + "markdownDescription": "The identifier of the AWS KMS customer managed key for EventBridge to use, if you choose to use a customer managed key to encrypt this archive. The identifier can be the key Amazon Resource Name (ARN), KeyId, key alias, or key alias ARN.\n\nIf you do not specify a customer managed key identifier, EventBridge uses an AWS owned key to encrypt the archive.\n\nFor more information, see [Identify and view keys](https://docs.aws.amazon.com/kms/latest/developerguide/viewing-keys.html) in the *AWS Key Management Service Developer Guide* .\n\n> If you have specified that EventBridge use a customer managed key for encrypting the source event bus, we strongly recommend you also specify a customer managed key for any archives for the event bus as well.\n> \n> For more information, see [Encrypting archives](https://docs.aws.amazon.com/eventbridge/latest/userguide/encryption-archives.html) in the *Amazon EventBridge User Guide* .", + "title": "KmsKeyIdentifier", + "type": "string" + }, + "RetentionDays": { + "markdownDescription": "The number of days to retain events for. Default value is 0. If set to 0, events are retained indefinitely", + "title": "RetentionDays", + "type": "number" + }, + "SourceArn": { + "markdownDescription": "The ARN of the event bus that sends events to the archive.", + "title": "SourceArn", + "type": "string" } }, "required": [ - "SamlMetadataDocument" + "SourceArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::IAM::SAMLProvider" + "AWS::Events::Archive" ], "type": "string" }, @@ -114862,7 +119076,7 @@ ], "type": "object" }, - "AWS::IAM::ServerCertificate": { + "AWS::Events::Connection": { "additionalProperties": false, "properties": { "Condition": { @@ -114897,45 +119111,42 @@ "Properties": { "additionalProperties": false, "properties": { - "CertificateBody": { - "markdownDescription": "The contents of the public key certificate.", - "title": "CertificateBody", - "type": "string" + "AuthParameters": { + "$ref": "#/definitions/AWS::Events::Connection.AuthParameters", + "markdownDescription": "The authorization parameters to use to authorize with the endpoint.\n\nYou must include only authorization parameters for the `AuthorizationType` you specify.", + "title": "AuthParameters" }, - "CertificateChain": { - "markdownDescription": "The contents of the public key certificate chain.", - "title": "CertificateChain", + "AuthorizationType": { + "markdownDescription": "The type of authorization to use for the connection.\n\n> OAUTH tokens are refreshed when a 401 or 407 response is returned.", + "title": "AuthorizationType", "type": "string" }, - "Path": { - "markdownDescription": "The path for the server certificate. For more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/). This parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.\n\n> If you are uploading a server certificate specifically for use with Amazon CloudFront distributions, you must specify a path using the `path` parameter. The path must begin with `/cloudfront` and must include a trailing slash (for example, `/cloudfront/test/` ).", - "title": "Path", + "Description": { + "markdownDescription": "A description for the connection to create.", + "title": "Description", "type": "string" }, - "PrivateKey": { - "markdownDescription": "The contents of the private key in PEM-encoded format.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", - "title": "PrivateKey", - "type": "string" + "InvocationConnectivityParameters": { + "$ref": "#/definitions/AWS::Events::Connection.InvocationConnectivityParameters", + "markdownDescription": "For connections to private APIs, the parameters to use for invoking the API.\n\nFor more information, see [Connecting to private APIs](https://docs.aws.amazon.com/eventbridge/latest/userguide/connection-private.html) in the **Amazon EventBridge User Guide** .", + "title": "InvocationConnectivityParameters" }, - "ServerCertificateName": { - "markdownDescription": "The name for the server certificate. Do not include the path in this value. The name of the certificate cannot contain any spaces.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "ServerCertificateName", + "KmsKeyIdentifier": { + "markdownDescription": "The identifier of the AWS KMS customer managed key for EventBridge to use, if you choose to use a customer managed key to encrypt this connection. The identifier can be the key Amazon Resource Name (ARN), KeyId, key alias, or key alias ARN.\n\nIf you do not specify a customer managed key identifier, EventBridge uses an AWS owned key to encrypt the connection.\n\nFor more information, see [Identify and view keys](https://docs.aws.amazon.com/kms/latest/developerguide/viewing-keys.html) in the *AWS Key Management Service Developer Guide* .", + "title": "KmsKeyIdentifier", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of tags that are attached to the server certificate. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .", - "title": "Tags", - "type": "array" + "Name": { + "markdownDescription": "The name for the connection to create.", + "title": "Name", + "type": "string" } }, "type": "object" }, "Type": { "enum": [ - "AWS::IAM::ServerCertificate" + "AWS::Events::Connection" ], "type": "string" }, @@ -114953,383 +119164,231 @@ ], "type": "object" }, - "AWS::IAM::ServiceLinkedRole": { + "AWS::Events::Connection.ApiKeyAuthParameters": { "additionalProperties": false, "properties": { - "Condition": { + "ApiKeyName": { + "markdownDescription": "The name of the API key to use for authorization.", + "title": "ApiKeyName", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AWSServiceName": { - "markdownDescription": "The service principal for the AWS service to which this role is attached. You use a string similar to a URL but without the http:// in front. For example: `elasticbeanstalk.amazonaws.com` .\n\nService principals are unique and case-sensitive. To find the exact service principal for your service-linked role, see [AWS services that work with IAM](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html) in the *IAM User Guide* . Look for the services that have *Yes* in the *Service-Linked Role* column. Choose the *Yes* link to view the service-linked role documentation for that service.", - "title": "AWSServiceName", - "type": "string" - }, - "CustomSuffix": { - "markdownDescription": "A string that you provide, which is combined with the service-provided prefix to form the complete role name. If you make multiple requests for the same service, then you must supply a different `CustomSuffix` for each request. Otherwise the request fails with a duplicate role name error. For example, you could add `-1` or `-debug` to the suffix.\n\nSome services do not support the `CustomSuffix` parameter. If you provide an optional suffix and the operation fails, try the operation again without the suffix.", - "title": "CustomSuffix", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the role.", - "title": "Description", - "type": "string" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::IAM::ServiceLinkedRole" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ApiKeyValue": { + "markdownDescription": "The value for the API key to use for authorization.", + "title": "ApiKeyValue", "type": "string" } }, "required": [ - "Type" + "ApiKeyName", + "ApiKeyValue" ], "type": "object" }, - "AWS::IAM::User": { + "AWS::Events::Connection.AuthParameters": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "ApiKeyAuthParameters": { + "$ref": "#/definitions/AWS::Events::Connection.ApiKeyAuthParameters", + "markdownDescription": "The API Key parameters to use for authorization.", + "title": "ApiKeyAuthParameters" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "BasicAuthParameters": { + "$ref": "#/definitions/AWS::Events::Connection.BasicAuthParameters", + "markdownDescription": "The authorization parameters for Basic authorization.", + "title": "BasicAuthParameters" }, - "Metadata": { - "type": "object" + "ConnectivityParameters": { + "$ref": "#/definitions/AWS::Events::Connection.ConnectivityParameters", + "markdownDescription": "For private OAuth authentication endpoints. The parameters EventBridge uses to authenticate against the endpoint.\n\nFor more information, see [Authorization methods for connections](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-target-connection-auth.html) in the **Amazon EventBridge User Guide** .", + "title": "ConnectivityParameters" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Groups": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of group names to which you want to add the user.", - "title": "Groups", - "type": "array" - }, - "LoginProfile": { - "$ref": "#/definitions/AWS::IAM::User.LoginProfile", - "markdownDescription": "Creates a password for the specified IAM user. A password allows an IAM user to access AWS services through the AWS Management Console .\n\nYou can use the AWS CLI , the AWS API, or the *Users* page in the IAM console to create a password for any IAM user. Use [ChangePassword](https://docs.aws.amazon.com/IAM/latest/APIReference/API_ChangePassword.html) to update your own existing password in the *My Security Credentials* page in the AWS Management Console .\n\nFor more information about managing passwords, see [Managing passwords](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingLogins.html) in the *IAM User Guide* .", - "title": "LoginProfile" - }, - "ManagedPolicyArns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of Amazon Resource Names (ARNs) of the IAM managed policies that you want to attach to the user.\n\nFor more information about ARNs, see [Amazon Resource Names (ARNs) and AWS Service Namespaces](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* .", - "title": "ManagedPolicyArns", - "type": "array" - }, - "Path": { - "markdownDescription": "The path for the user name. For more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.", - "title": "Path", - "type": "string" - }, - "PermissionsBoundary": { - "markdownDescription": "The ARN of the managed policy that is used to set the permissions boundary for the user.\n\nA permissions boundary policy defines the maximum permissions that identity-based policies can grant to an entity, but does not grant permissions. Permissions boundaries do not define the maximum permissions that a resource-based policy can grant to an entity. To learn more, see [Permissions boundaries for IAM entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) in the *IAM User Guide* .\n\nFor more information about policy types, see [Policy types](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policy-types) in the *IAM User Guide* .", - "title": "PermissionsBoundary", - "type": "string" - }, - "Policies": { - "items": { - "$ref": "#/definitions/AWS::IAM::User.Policy" - }, - "markdownDescription": "Adds or updates an inline policy document that is embedded in the specified IAM user. To view AWS::IAM::User snippets, see [Declaring an IAM User Resource](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-iam.html#scenario-iam-user) .\n\n> The name of each policy for a role, user, or group must be unique. If you don't choose unique names, updates to the IAM identity will fail. \n\nFor information about limits on the number of inline policies that you can embed in a user, see [Limitations on IAM Entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the *IAM User Guide* .", - "title": "Policies", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of tags that you want to attach to the new user. Each tag consists of a key name and an associated value. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .\n\n> If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request fails and the resource is not created.", - "title": "Tags", - "type": "array" - }, - "UserName": { - "markdownDescription": "The name of the user to create. Do not include the path in this value.\n\nThis parameter allows (per its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-. The user name must be unique within the account. User names are not distinguished by case. For example, you cannot create users named both \"John\" and \"john\".\n\nIf you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the user name.\n\nIf you specify a name, you must specify the `CAPABILITY_NAMED_IAM` value to acknowledge your template's capabilities. For more information, see [Acknowledging IAM Resources in AWS CloudFormation Templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-template.html#using-iam-capabilities) .\n\n> Naming an IAM resource can cause an unrecoverable error if you reuse the same template in multiple Regions. To prevent this, we recommend using `Fn::Join` and `AWS::Region` to create a Region-specific name, as in the following example: `{\"Fn::Join\": [\"\", [{\"Ref\": \"AWS::Region\"}, {\"Ref\": \"MyResourceName\"}]]}` .", - "title": "UserName", - "type": "string" - } - }, - "type": "object" + "InvocationHttpParameters": { + "$ref": "#/definitions/AWS::Events::Connection.ConnectionHttpParameters", + "markdownDescription": "Additional parameters for the connection that are passed through with every invocation to the HTTP endpoint.", + "title": "InvocationHttpParameters" }, - "Type": { - "enum": [ - "AWS::IAM::User" - ], + "OAuthParameters": { + "$ref": "#/definitions/AWS::Events::Connection.OAuthParameters", + "markdownDescription": "The OAuth parameters to use for authorization.", + "title": "OAuthParameters" + } + }, + "type": "object" + }, + "AWS::Events::Connection.BasicAuthParameters": { + "additionalProperties": false, + "properties": { + "Password": { + "markdownDescription": "The password associated with the user name to use for Basic authorization.", + "title": "Password", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Username": { + "markdownDescription": "The user name to use for Basic authorization.", + "title": "Username", "type": "string" } }, "required": [ - "Type" + "Password", + "Username" ], "type": "object" }, - "AWS::IAM::User.LoginProfile": { + "AWS::Events::Connection.ClientParameters": { "additionalProperties": false, "properties": { - "Password": { - "markdownDescription": "The user's password.", - "title": "Password", + "ClientID": { + "markdownDescription": "The client ID to use for OAuth authorization.", + "title": "ClientID", "type": "string" }, - "PasswordResetRequired": { - "markdownDescription": "Specifies whether the user is required to set a new password on next sign-in.", - "title": "PasswordResetRequired", - "type": "boolean" + "ClientSecret": { + "markdownDescription": "The client secret assciated with the client ID to use for OAuth authorization.", + "title": "ClientSecret", + "type": "string" } }, "required": [ - "Password" + "ClientID", + "ClientSecret" ], "type": "object" }, - "AWS::IAM::User.Policy": { + "AWS::Events::Connection.ConnectionHttpParameters": { "additionalProperties": false, "properties": { - "PolicyDocument": { - "markdownDescription": "The entire contents of the policy that defines permissions. For more information, see [Overview of JSON policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policies-json) .", - "title": "PolicyDocument", - "type": "object" + "BodyParameters": { + "items": { + "$ref": "#/definitions/AWS::Events::Connection.Parameter" + }, + "markdownDescription": "Any additional body string parameters for the connection.", + "title": "BodyParameters", + "type": "array" }, - "PolicyName": { - "markdownDescription": "The friendly name (not ARN) identifying the policy.", - "title": "PolicyName", - "type": "string" + "HeaderParameters": { + "items": { + "$ref": "#/definitions/AWS::Events::Connection.Parameter" + }, + "markdownDescription": "Any additional header parameters for the connection.", + "title": "HeaderParameters", + "type": "array" + }, + "QueryStringParameters": { + "items": { + "$ref": "#/definitions/AWS::Events::Connection.Parameter" + }, + "markdownDescription": "Any additional query string parameters for the connection.", + "title": "QueryStringParameters", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Events::Connection.ConnectivityParameters": { + "additionalProperties": false, + "properties": { + "ResourceParameters": { + "$ref": "#/definitions/AWS::Events::Connection.ResourceParameters", + "markdownDescription": "The parameters for EventBridge to use when invoking the resource endpoint.", + "title": "ResourceParameters" } }, "required": [ - "PolicyDocument", - "PolicyName" + "ResourceParameters" ], "type": "object" }, - "AWS::IAM::UserPolicy": { + "AWS::Events::Connection.InvocationConnectivityParameters": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ResourceParameters": { + "$ref": "#/definitions/AWS::Events::Connection.ResourceParameters", + "markdownDescription": "The parameters for EventBridge to use when invoking the resource endpoint.", + "title": "ResourceParameters" + } + }, + "required": [ + "ResourceParameters" + ], + "type": "object" + }, + "AWS::Events::Connection.OAuthParameters": { + "additionalProperties": false, + "properties": { + "AuthorizationEndpoint": { + "markdownDescription": "The URL to the authorization endpoint when OAuth is specified as the authorization type.", + "title": "AuthorizationEndpoint", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "PolicyDocument": { - "markdownDescription": "The policy document.\n\nYou must provide policies in JSON format in IAM. However, for AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it to IAM.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", - "title": "PolicyDocument", - "type": "object" - }, - "PolicyName": { - "markdownDescription": "The name of the policy document.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "PolicyName", - "type": "string" - }, - "UserName": { - "markdownDescription": "The name of the user to associate the policy with.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "UserName", - "type": "string" - } - }, - "required": [ - "PolicyName", - "UserName" - ], - "type": "object" + "ClientParameters": { + "$ref": "#/definitions/AWS::Events::Connection.ClientParameters", + "markdownDescription": "The client parameters for OAuth authorization.", + "title": "ClientParameters" }, - "Type": { - "enum": [ - "AWS::IAM::UserPolicy" - ], + "HttpMethod": { + "markdownDescription": "The method to use for the authorization request.", + "title": "HttpMethod", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "OAuthHttpParameters": { + "$ref": "#/definitions/AWS::Events::Connection.ConnectionHttpParameters", + "markdownDescription": "Details about the additional parameters to use for the connection.", + "title": "OAuthHttpParameters" } }, "required": [ - "Type", - "Properties" + "AuthorizationEndpoint", + "ClientParameters", + "HttpMethod" ], "type": "object" }, - "AWS::IAM::UserToGroupAddition": { + "AWS::Events::Connection.Parameter": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "IsValueSecret": { + "markdownDescription": "Specifies whether the value is secret.", + "title": "IsValueSecret", + "type": "boolean" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Key": { + "markdownDescription": "The key for a query string parameter.", + "title": "Key", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "GroupName": { - "markdownDescription": "The name of the group to update.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "GroupName", - "type": "string" - }, - "Users": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the names of the users that you want to add to the group.", - "title": "Users", - "type": "array" - } - }, - "required": [ - "GroupName", - "Users" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::IAM::UserToGroupAddition" - ], + "Value": { + "markdownDescription": "The value associated with the key for the query string parameter.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::Events::Connection.ResourceParameters": { + "additionalProperties": false, + "properties": { + "ResourceAssociationArn": { + "markdownDescription": "For connections to private APIs, the Amazon Resource Name (ARN) of the resource association EventBridge created between the connection and the private API's resource configuration.\n\n> The value of this property is set by EventBridge . Any value you specify in your template is ignored.", + "title": "ResourceAssociationArn", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ResourceConfigurationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon VPC Lattice resource configuration for the resource endpoint.", + "title": "ResourceConfigurationArn", "type": "string" } }, "required": [ - "Type", - "Properties" + "ResourceConfigurationArn" ], "type": "object" }, - "AWS::IAM::VirtualMFADevice": { + "AWS::Events::Endpoint": { "additionalProperties": false, "properties": { "Condition": { @@ -115364,41 +119423,49 @@ "Properties": { "additionalProperties": false, "properties": { - "Path": { - "markdownDescription": "The path for the virtual MFA device. For more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.", - "title": "Path", + "Description": { + "markdownDescription": "A description for the endpoint.", + "title": "Description", "type": "string" }, - "Tags": { + "EventBuses": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Events::Endpoint.EndpointEventBus" }, - "markdownDescription": "A list of tags that you want to attach to the new IAM virtual MFA device. Each tag consists of a key name and an associated value. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .\n\n> If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request fails and the resource is not created.", - "title": "Tags", + "markdownDescription": "The event buses being used by the endpoint.\n\n*Exactly* : `2`", + "title": "EventBuses", "type": "array" }, - "Users": { - "items": { - "type": "string" - }, - "markdownDescription": "The IAM user associated with this virtual MFA device.", - "title": "Users", - "type": "array" + "Name": { + "markdownDescription": "The name of the endpoint.", + "title": "Name", + "type": "string" }, - "VirtualMfaDeviceName": { - "markdownDescription": "The name of the virtual MFA device, which must be unique. Use with path to uniquely identify a virtual MFA device.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "VirtualMfaDeviceName", + "ReplicationConfig": { + "$ref": "#/definitions/AWS::Events::Endpoint.ReplicationConfig", + "markdownDescription": "Whether event replication was enabled or disabled for this endpoint. The default state is `ENABLED` which means you must supply a `RoleArn` . If you don't have a `RoleArn` or you don't want event replication enabled, set the state to `DISABLED` .", + "title": "ReplicationConfig" + }, + "RoleArn": { + "markdownDescription": "The ARN of the role used by event replication for the endpoint.", + "title": "RoleArn", "type": "string" + }, + "RoutingConfig": { + "$ref": "#/definitions/AWS::Events::Endpoint.RoutingConfig", + "markdownDescription": "The routing configuration of the endpoint.", + "title": "RoutingConfig" } }, "required": [ - "Users" + "EventBuses", + "RoutingConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::IAM::VirtualMFADevice" + "AWS::Events::Endpoint" ], "type": "string" }, @@ -115417,108 +119484,97 @@ ], "type": "object" }, - "AWS::IVS::Channel": { + "AWS::Events::Endpoint.EndpointEventBus": { "additionalProperties": false, "properties": { - "Condition": { + "EventBusArn": { + "markdownDescription": "The ARN of the event bus the endpoint is associated with.", + "title": "EventBusArn", "type": "string" + } + }, + "required": [ + "EventBusArn" + ], + "type": "object" + }, + "AWS::Events::Endpoint.FailoverConfig": { + "additionalProperties": false, + "properties": { + "Primary": { + "$ref": "#/definitions/AWS::Events::Endpoint.Primary", + "markdownDescription": "The main Region of the endpoint.", + "title": "Primary" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Secondary": { + "$ref": "#/definitions/AWS::Events::Endpoint.Secondary", + "markdownDescription": "The Region that events are routed to when failover is triggered or event replication is enabled.", + "title": "Secondary" + } + }, + "required": [ + "Primary", + "Secondary" + ], + "type": "object" + }, + "AWS::Events::Endpoint.Primary": { + "additionalProperties": false, + "properties": { + "HealthCheck": { + "markdownDescription": "The ARN of the health check used by the endpoint to determine whether failover is triggered.", + "title": "HealthCheck", "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Authorized": { - "markdownDescription": "Whether the channel is authorized.\n\n*Default* : `false`", - "title": "Authorized", - "type": "boolean" - }, - "InsecureIngest": { - "markdownDescription": "Whether the channel allows insecure RTMP ingest.\n\n*Default* : `false`", - "title": "InsecureIngest", - "type": "boolean" - }, - "LatencyMode": { - "markdownDescription": "Channel latency mode. Valid values:\n\n- `NORMAL` : Use NORMAL to broadcast and deliver live video up to Full HD.\n- `LOW` : Use LOW for near real-time interactions with viewers.\n\n> In the console, `LOW` and `NORMAL` correspond to `Ultra-low` and `Standard` , respectively. \n\n*Default* : `LOW`", - "title": "LatencyMode", - "type": "string" - }, - "Name": { - "markdownDescription": "Channel name.", - "title": "Name", - "type": "string" - }, - "Preset": { - "markdownDescription": "An optional transcode preset for the channel. This is selectable only for `ADVANCED_HD` and `ADVANCED_SD` channel types. For those channel types, the default preset is `HIGHER_BANDWIDTH_DELIVERY` . For other channel types ( `BASIC` and `STANDARD` ), `preset` is the empty string (\"\").", - "title": "Preset", - "type": "string" - }, - "RecordingConfigurationArn": { - "markdownDescription": "The ARN of a RecordingConfiguration resource. An empty string indicates that recording is disabled for the channel. A RecordingConfiguration ARN indicates that recording is enabled using the specified recording configuration. See the [RecordingConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ivs-recordingconfiguration.html) resource for more information and an example.\n\n*Default* : \"\" (empty string, recording is disabled)", - "title": "RecordingConfigurationArn", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-channel-tag.html) .", - "title": "Tags", - "type": "array" - }, - "Type": { - "markdownDescription": "The channel type, which determines the allowable resolution and bitrate. *If you exceed the allowable resolution or bitrate, the stream probably will disconnect immediately.* For details, see [Channel Types](https://docs.aws.amazon.com/ivs/latest/LowLatencyAPIReference/channel-types.html) .\n\n*Default* : `STANDARD`", - "title": "Type", - "type": "string" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::IVS::Channel" - ], + } + }, + "required": [ + "HealthCheck" + ], + "type": "object" + }, + "AWS::Events::Endpoint.ReplicationConfig": { + "additionalProperties": false, + "properties": { + "State": { + "markdownDescription": "The state of event replication.", + "title": "State", "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + } + }, + "required": [ + "State" + ], + "type": "object" + }, + "AWS::Events::Endpoint.RoutingConfig": { + "additionalProperties": false, + "properties": { + "FailoverConfig": { + "$ref": "#/definitions/AWS::Events::Endpoint.FailoverConfig", + "markdownDescription": "The failover configuration for an endpoint. This includes what triggers failover and what happens when it's triggered.", + "title": "FailoverConfig" + } + }, + "required": [ + "FailoverConfig" + ], + "type": "object" + }, + "AWS::Events::Endpoint.Secondary": { + "additionalProperties": false, + "properties": { + "Route": { + "markdownDescription": "Defines the secondary Region.", + "title": "Route", "type": "string" } }, "required": [ - "Type" + "Route" ], "type": "object" }, - "AWS::IVS::EncoderConfiguration": { + "AWS::Events::EventBus": { "additionalProperties": false, "properties": { "Condition": { @@ -115553,30 +119609,58 @@ "Properties": { "additionalProperties": false, "properties": { + "DeadLetterConfig": { + "$ref": "#/definitions/AWS::Events::EventBus.DeadLetterConfig", + "markdownDescription": "Configuration details of the Amazon SQS queue for EventBridge to use as a dead-letter queue (DLQ).\n\nFor more information, see [Using dead-letter queues to process undelivered events](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-rule-event-delivery.html#eb-rule-dlq) in the *EventBridge User Guide* .", + "title": "DeadLetterConfig" + }, + "Description": { + "markdownDescription": "The event bus description.", + "title": "Description", + "type": "string" + }, + "EventSourceName": { + "markdownDescription": "If you are creating a partner event bus, this specifies the partner event source that the new event bus will be matched with.", + "title": "EventSourceName", + "type": "string" + }, + "KmsKeyIdentifier": { + "markdownDescription": "The identifier of the AWS KMS customer managed key for EventBridge to use, if you choose to use a customer managed key to encrypt events on this event bus. The identifier can be the key Amazon Resource Name (ARN), KeyId, key alias, or key alias ARN.\n\nIf you do not specify a customer managed key identifier, EventBridge uses an AWS owned key to encrypt events on the event bus.\n\nFor more information, see [Identify and view keys](https://docs.aws.amazon.com/kms/latest/developerguide/viewing-keys.html) in the *AWS Key Management Service Developer Guide* .\n\n> Schema discovery is not supported for event buses encrypted using a customer managed key. EventBridge returns an error if:\n> \n> - You call `[CreateDiscoverer](https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-discoverers.html#CreateDiscoverer)` on an event bus set to use a customer managed key for encryption.\n> - You call `[UpdatedEventBus](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_UpdatedEventBus.html)` to set a customer managed key on an event bus with schema discovery enabled.\n> \n> To enable schema discovery on an event bus, choose to use an AWS owned key . For more information, see [Encrypting events](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-encryption-event-bus-cmkey.html) in the *Amazon EventBridge User Guide* . > If you have specified that EventBridge use a customer managed key for encrypting the source event bus, we strongly recommend you also specify a customer managed key for any archives for the event bus as well.\n> \n> For more information, see [Encrypting archives](https://docs.aws.amazon.com/eventbridge/latest/userguide/encryption-archives.html) in the *Amazon EventBridge User Guide* .", + "title": "KmsKeyIdentifier", + "type": "string" + }, + "LogConfig": { + "$ref": "#/definitions/AWS::Events::EventBus.LogConfig", + "markdownDescription": "The logging configuration settings for the event bus.\n\nFor more information, see [Configuring logs for event buses](https://docs.aws.amazon.com/eb-event-bus-logs.html) in the *EventBridge User Guide* .", + "title": "LogConfig" + }, "Name": { - "markdownDescription": "Encoder cnfiguration name.", + "markdownDescription": "The name of the new event bus.\n\nCustom event bus names can't contain the `/` character, but you can use the `/` character in partner event bus names. In addition, for partner event buses, the name must exactly match the name of the partner event source that this event bus is matched to.\n\nYou can't use the name `default` for a custom event bus, as this name is already used for your account's default event bus.", "title": "Name", "type": "string" }, + "Policy": { + "markdownDescription": "The permissions policy of the event bus, describing which other AWS accounts can write events to this event bus.", + "title": "Policy", + "type": "object" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-encoderconfiguration-tag.html) .", + "markdownDescription": "Tags to associate with the event bus.", "title": "Tags", "type": "array" - }, - "Video": { - "$ref": "#/definitions/AWS::IVS::EncoderConfiguration.Video", - "markdownDescription": "Video configuration. Default: video resolution 1280x720, bitrate 2500 kbps, 30 fps. See the [Video](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-encoderconfiguration-video.html) property type for more information.", - "title": "Video" } }, + "required": [ + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::IVS::EncoderConfiguration" + "AWS::Events::EventBus" ], "type": "string" }, @@ -115590,113 +119674,39 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::IVS::EncoderConfiguration.Video": { + "AWS::Events::EventBus.DeadLetterConfig": { "additionalProperties": false, "properties": { - "Bitrate": { - "markdownDescription": "Bitrate for generated output, in bps. Default: 2500000.", - "title": "Bitrate", - "type": "number" - }, - "Framerate": { - "markdownDescription": "Video frame rate, in fps. Default: 30.", - "title": "Framerate", - "type": "number" - }, - "Height": { - "markdownDescription": "Video-resolution height. Note that the maximum value is determined by width times height, such that the maximum total pixels is 2073600 (1920x1080 or 1080x1920). Default: 720.", - "title": "Height", - "type": "number" - }, - "Width": { - "markdownDescription": "Video-resolution width. Note that the maximum value is determined by width times height, such that the maximum total pixels is 2073600 (1920x1080 or 1080x1920). Default: 1280.", - "title": "Width", - "type": "number" + "Arn": { + "markdownDescription": "The ARN of the SQS queue specified as the target for the dead-letter queue.", + "title": "Arn", + "type": "string" } }, "type": "object" }, - "AWS::IVS::PlaybackKeyPair": { + "AWS::Events::EventBus.LogConfig": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "Playback-key-pair name. The value does not need to be unique.", - "title": "Name", - "type": "string" - }, - "PublicKeyMaterial": { - "markdownDescription": "The public portion of a customer-generated key pair. Note that this field is required to create the AWS::IVS::PlaybackKeyPair resource.", - "title": "PublicKeyMaterial", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-playbackkeypair-tag.html) .", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::IVS::PlaybackKeyPair" - ], + "IncludeDetail": { + "markdownDescription": "Whether EventBridge include detailed event information in the records it generates. Detailed data can be useful for troubleshooting and debugging. This information includes details of the event itself, as well as target details.\n\nFor more information, see [Including detail data in event bus logs](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-event-bus-logs.html#eb-event-logs-data) in the *EventBridge User Guide* .", + "title": "IncludeDetail", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Level": { + "markdownDescription": "The level of logging detail to include. This applies to all log destinations for the event bus.\n\nFor more information, see [Specifying event bus log level](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-event-bus-logs.html#eb-event-bus-logs-level) in the *EventBridge User Guide* .", + "title": "Level", "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::IVS::PlaybackRestrictionPolicy": { + "AWS::Events::EventBusPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -115731,50 +119741,45 @@ "Properties": { "additionalProperties": false, "properties": { - "AllowedCountries": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of country codes that control geoblocking restrictions. Allowed values are the officially assigned ISO 3166-1 alpha-2 codes. Default: All countries (an empty array).", - "title": "AllowedCountries", - "type": "array" + "Action": { + "markdownDescription": "The action that you are enabling the other account to perform.", + "title": "Action", + "type": "string" }, - "AllowedOrigins": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of origin sites that control CORS restriction. Allowed values are the same as valid values of the Origin header defined at [https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin\"](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin)", - "title": "AllowedOrigins", - "type": "array" + "Condition": { + "$ref": "#/definitions/AWS::Events::EventBusPolicy.Condition", + "markdownDescription": "This parameter enables you to limit the permission to accounts that fulfill a certain condition, such as being a member of a certain AWS organization. For more information about AWS Organizations, see [What Is AWS Organizations](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_introduction.html) in the *AWS Organizations User Guide* .\n\nIf you specify `Condition` with an AWS organization ID, and specify \"*\" as the value for `Principal` , you grant permission to all the accounts in the named organization.\n\nThe `Condition` is a JSON string which must contain `Type` , `Key` , and `Value` fields.", + "title": "Condition" }, - "EnableStrictOriginEnforcement": { - "markdownDescription": "Whether channel playback is constrained by the origin site.", - "title": "EnableStrictOriginEnforcement", - "type": "boolean" + "EventBusName": { + "markdownDescription": "The name of the event bus associated with the rule. If you omit this, the default event bus is used.", + "title": "EventBusName", + "type": "string" }, - "Name": { - "markdownDescription": "Playback-restriction-policy name.", - "title": "Name", + "Principal": { + "markdownDescription": "The 12-digit AWS account ID that you are permitting to put events to your default event bus. Specify \"*\" to permit any account to put events to your default event bus.\n\nIf you specify \"*\" without specifying `Condition` , avoid creating rules that may match undesirable events. To create more secure rules, make sure that the event pattern for each rule contains an `account` field with a specific account ID from which to receive events. Rules with an account field do not match any events sent from other accounts.", + "title": "Principal", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-playbackrestrictionpolicy-tag.html) .", - "title": "Tags", - "type": "array" + "Statement": { + "markdownDescription": "A JSON string that describes the permission policy statement. You can include a `Policy` parameter in the request instead of using the `StatementId` , `Action` , `Principal` , or `Condition` parameters.", + "title": "Statement", + "type": "object" + }, + "StatementId": { + "markdownDescription": "An identifier string for the external account that you are granting permissions to. If you later want to revoke the permission for this external account, specify this `StatementId` when you run [RemovePermission](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_RemovePermission.html) .\n\n> Each `StatementId` must be unique.", + "title": "StatementId", + "type": "string" } }, "required": [ - "AllowedCountries", - "AllowedOrigins" + "StatementId" ], "type": "object" }, "Type": { "enum": [ - "AWS::IVS::PlaybackRestrictionPolicy" + "AWS::Events::EventBusPolicy" ], "type": "string" }, @@ -115793,7 +119798,28 @@ ], "type": "object" }, - "AWS::IVS::RecordingConfiguration": { + "AWS::Events::EventBusPolicy.Condition": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "Specifies the key for the condition. Currently the only supported key is `aws:PrincipalOrgID` .", + "title": "Key", + "type": "string" + }, + "Type": { + "markdownDescription": "Specifies the type of condition. Currently the only supported value is `StringEquals` .", + "title": "Type", + "type": "string" + }, + "Value": { + "markdownDescription": "Specifies the value for the key. Currently, this must be the ID of the organization.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Events::Rule": { "additionalProperties": false, "properties": { "Condition": { @@ -115828,48 +119854,55 @@ "Properties": { "additionalProperties": false, "properties": { - "DestinationConfiguration": { - "$ref": "#/definitions/AWS::IVS::RecordingConfiguration.DestinationConfiguration", - "markdownDescription": "A destination configuration describes an S3 bucket where recorded video will be stored. See the DestinationConfiguration property type for more information.", - "title": "DestinationConfiguration" + "Description": { + "markdownDescription": "The description of the rule.", + "title": "Description", + "type": "string" + }, + "EventBusName": { + "markdownDescription": "The name or ARN of the event bus associated with the rule. If you omit this, the default event bus is used.", + "title": "EventBusName", + "type": "string" + }, + "EventPattern": { + "markdownDescription": "The event pattern of the rule. For more information, see [Events and Event Patterns](https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-and-event-patterns.html) in the **Amazon EventBridge User Guide** .", + "title": "EventPattern", + "type": "object" }, "Name": { - "markdownDescription": "Recording-configuration name. The value does not need to be unique.", + "markdownDescription": "The name of the rule.", "title": "Name", "type": "string" }, - "RecordingReconnectWindowSeconds": { - "markdownDescription": "If a broadcast disconnects and then reconnects within the specified interval, the multiple streams will be considered a single broadcast and merged together.\n\n*Default* : `0`", - "title": "RecordingReconnectWindowSeconds", - "type": "number" + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role that is used for target invocation.\n\nIf you're setting an event bus in another account as the target and that account granted permission to your account through an organization instead of directly by the account ID, you must specify a `RoleArn` with proper permissions in the `Target` structure, instead of here in this parameter.", + "title": "RoleArn", + "type": "string" }, - "RenditionConfiguration": { - "$ref": "#/definitions/AWS::IVS::RecordingConfiguration.RenditionConfiguration", - "markdownDescription": "A rendition configuration describes which renditions should be recorded for a stream. See the RenditionConfiguration property type for more information.", - "title": "RenditionConfiguration" + "ScheduleExpression": { + "markdownDescription": "The scheduling expression. For example, \"cron(0 20 * * ? *)\", \"rate(5 minutes)\". For more information, see [Creating an Amazon EventBridge rule that runs on a schedule](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-create-rule-schedule.html) .", + "title": "ScheduleExpression", + "type": "string" }, - "Tags": { + "State": { + "markdownDescription": "The state of the rule.\n\nValid values include:\n\n- `DISABLED` : The rule is disabled. EventBridge does not match any events against the rule.\n- `ENABLED` : The rule is enabled. EventBridge matches events against the rule, *except* for AWS management events delivered through CloudTrail.\n- `ENABLED_WITH_ALL_CLOUDTRAIL_MANAGEMENT_EVENTS` : The rule is enabled for all events, including AWS management events delivered through CloudTrail.\n\nManagement events provide visibility into management operations that are performed on resources in your AWS account. These are also known as control plane operations. For more information, see [Logging management events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-events-with-cloudtrail.html#logging-management-events) in the *CloudTrail User Guide* , and [Filtering management events from AWS services](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-service-event.html#eb-service-event-cloudtrail) in the **Amazon EventBridge User Guide** .\n\nThis value is only valid for rules on the [default](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-what-is-how-it-works-concepts.html#eb-bus-concepts-buses) event bus or [custom event buses](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-create-event-bus.html) . It does not apply to [partner event buses](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-saas.html) .", + "title": "State", + "type": "string" + }, + "Targets": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Events::Rule.Target" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-recordingconfiguration-tag.html) .", - "title": "Tags", + "markdownDescription": "Adds the specified targets to the specified rule, or updates the targets if they are already associated with the rule.\n\nTargets are the resources that are invoked when a rule is triggered.\n\nThe maximum number of entries per request is 10.\n\n> Each rule can have up to five (5) targets associated with it at one time. \n\nFor a list of services you can configure as targets for events, see [EventBridge targets](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-targets.html) in the **Amazon EventBridge User Guide** .\n\nCreating rules with built-in targets is supported only in the AWS Management Console . The built-in targets are:\n\n- `Amazon EBS CreateSnapshot API call`\n- `Amazon EC2 RebootInstances API call`\n- `Amazon EC2 StopInstances API call`\n- `Amazon EC2 TerminateInstances API call`\n\nFor some target types, `PutTargets` provides target-specific parameters. If the target is a Kinesis data stream, you can optionally specify which shard the event goes to by using the `KinesisParameters` argument. To invoke a command on multiple EC2 instances with one rule, you can use the `RunCommandParameters` field.\n\nTo be able to make API calls against the resources that you own, Amazon EventBridge needs the appropriate permissions:\n\n- For AWS Lambda and Amazon SNS resources, EventBridge relies on resource-based policies.\n- For EC2 instances, Kinesis Data Streams, AWS Step Functions state machines and API Gateway APIs, EventBridge relies on IAM roles that you specify in the `RoleARN` argument in `PutTargets` .\n\nFor more information, see [Authentication and Access Control](https://docs.aws.amazon.com/eventbridge/latest/userguide/auth-and-access-control-eventbridge.html) in the **Amazon EventBridge User Guide** .\n\nIf another AWS account is in the same region and has granted you permission (using `PutPermission` ), you can send events to that account. Set that account's event bus as a target of the rules in your account. To send the matched events to the other account, specify that account's event bus as the `Arn` value when you run `PutTargets` . If your account sends events to another account, your account is charged for each sent event. Each event sent to another account is charged as a custom event. The account receiving the event is not charged. For more information, see [Amazon EventBridge Pricing](https://docs.aws.amazon.com/eventbridge/pricing/) .\n\n> `Input` , `InputPath` , and `InputTransformer` are not available with `PutTarget` if the target is an event bus of a different AWS account. \n\nIf you are setting the event bus of another account as the target, and that account granted permission to your account through an organization instead of directly by the account ID, then you must specify a `RoleArn` with proper permissions in the `Target` structure. For more information, see [Sending and Receiving Events Between AWS Accounts](https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-cross-account-event-delivery.html) in the *Amazon EventBridge User Guide* .\n\n> If you have an IAM role on a cross-account event bus target, a `PutTargets` call without a role on the same target (same `Id` and `Arn` ) will not remove the role. \n\nFor more information about enabling cross-account events, see [PutPermission](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_PutPermission.html) .\n\n*Input* , *InputPath* , and *InputTransformer* are mutually exclusive and optional parameters of a target. When a rule is triggered due to a matched event:\n\n- If none of the following arguments are specified for a target, then the entire event is passed to the target in JSON format (unless the target is Amazon EC2 Run Command or Amazon ECS task, in which case nothing from the event is passed to the target).\n- If *Input* is specified in the form of valid JSON, then the matched event is overridden with this constant.\n- If *InputPath* is specified in the form of JSONPath (for example, `$.detail` ), then only the part of the event specified in the path is passed to the target (for example, only the detail part of the event is passed).\n- If *InputTransformer* is specified, then one or more specified JSONPaths are extracted from the event and used as values in a template that you specify as the input to the target.\n\nWhen you specify `InputPath` or `InputTransformer` , you must use JSON dot notation, not bracket notation.\n\nWhen you add targets to a rule and the associated rule triggers soon after, new or updated targets might not be immediately invoked. Allow a short period of time for changes to take effect.\n\nThis action can partially fail if too many requests are made at the same time. If that happens, `FailedEntryCount` is non-zero in the response and each entry in `FailedEntries` provides the ID of the failed target and the error code.", + "title": "Targets", "type": "array" - }, - "ThumbnailConfiguration": { - "$ref": "#/definitions/AWS::IVS::RecordingConfiguration.ThumbnailConfiguration", - "markdownDescription": "A thumbnail configuration enables/disables the recording of thumbnails for a live session and controls the interval at which thumbnails are generated for the live session. See the ThumbnailConfiguration property type for more information.", - "title": "ThumbnailConfiguration" } }, - "required": [ - "DestinationConfiguration" - ], "type": "object" }, "Type": { "enum": [ - "AWS::IVS::RecordingConfiguration" + "AWS::Events::Rule" ], "type": "string" }, @@ -115883,325 +119916,597 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::IVS::RecordingConfiguration.DestinationConfiguration": { + "AWS::Events::Rule.AppSyncParameters": { "additionalProperties": false, "properties": { - "S3": { - "$ref": "#/definitions/AWS::IVS::RecordingConfiguration.S3DestinationConfiguration", - "markdownDescription": "An S3 destination configuration where recorded videos will be stored. See the [S3DestinationConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-recordingconfiguration-s3destinationconfiguration.html) property type for more information.", - "title": "S3" + "GraphQLOperation": { + "markdownDescription": "The GraphQL operation; that is, the query, mutation, or subscription to be parsed and executed by the GraphQL service.\n\nFor more information, see [Operations](https://docs.aws.amazon.com/appsync/latest/devguide/graphql-architecture.html#graphql-operations) in the *AWS AppSync User Guide* .", + "title": "GraphQLOperation", + "type": "string" } }, + "required": [ + "GraphQLOperation" + ], "type": "object" }, - "AWS::IVS::RecordingConfiguration.RenditionConfiguration": { + "AWS::Events::Rule.AwsVpcConfiguration": { "additionalProperties": false, "properties": { - "RenditionSelection": { - "markdownDescription": "The set of renditions are recorded for a stream. For `BASIC` channels, the `CUSTOM` value has no effect. If `CUSTOM` is specified, a set of renditions can be specified in the `renditions` field. Default: `ALL` .", - "title": "RenditionSelection", + "AssignPublicIp": { + "markdownDescription": "Specifies whether the task's elastic network interface receives a public IP address. You can specify `ENABLED` only when `LaunchType` in `EcsParameters` is set to `FARGATE` .", + "title": "AssignPublicIp", "type": "string" }, - "Renditions": { + "SecurityGroups": { "items": { "type": "string" }, - "markdownDescription": "A list of which renditions are recorded for a stream, if `renditionSelection` is `CUSTOM` ; otherwise, this field is irrelevant. The selected renditions are recorded if they are available during the stream. If a selected rendition is unavailable, the best available rendition is recorded. For details on the resolution dimensions of each rendition, see [Auto-Record to Amazon S3](https://docs.aws.amazon.com//ivs/latest/LowLatencyUserGuide/record-to-s3.html) .", - "title": "Renditions", + "markdownDescription": "Specifies the security groups associated with the task. These security groups must all be in the same VPC. You can specify as many as five security groups. If you do not specify a security group, the default security group for the VPC is used.", + "title": "SecurityGroups", + "type": "array" + }, + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the subnets associated with the task. These subnets must all be in the same VPC. You can specify as many as 16 subnets.", + "title": "Subnets", "type": "array" } }, + "required": [ + "Subnets" + ], "type": "object" }, - "AWS::IVS::RecordingConfiguration.S3DestinationConfiguration": { + "AWS::Events::Rule.BatchArrayProperties": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "Location (S3 bucket name) where recorded videos will be stored.", - "title": "BucketName", - "type": "string" + "Size": { + "markdownDescription": "The size of the array, if this is an array batch job. Valid values are integers between 2 and 10,000.", + "title": "Size", + "type": "number" } }, - "required": [ - "BucketName" - ], "type": "object" }, - "AWS::IVS::RecordingConfiguration.ThumbnailConfiguration": { + "AWS::Events::Rule.BatchParameters": { "additionalProperties": false, "properties": { - "RecordingMode": { - "markdownDescription": "Thumbnail recording mode. Valid values:\n\n- `DISABLED` : Use DISABLED to disable the generation of thumbnails for recorded video.\n- `INTERVAL` : Use INTERVAL to enable the generation of thumbnails for recorded video at a time interval controlled by the [TargetIntervalSeconds](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-recordingconfiguration-thumbnailconfiguration.html#cfn-ivs-recordingconfiguration-thumbnailconfiguration-targetintervalseconds) property.\n\n*Default* : `INTERVAL`", - "title": "RecordingMode", - "type": "string" + "ArrayProperties": { + "$ref": "#/definitions/AWS::Events::Rule.BatchArrayProperties", + "markdownDescription": "The array properties for the submitted job, such as the size of the array. The array size can be between 2 and 10,000. If you specify array properties for a job, it becomes an array job. This parameter is used only if the target is an AWS Batch job.", + "title": "ArrayProperties" }, - "Resolution": { - "markdownDescription": "The desired resolution of recorded thumbnails for a stream. Thumbnails are recorded at the selected resolution if the corresponding rendition is available during the stream; otherwise, they are recorded at source resolution. For more information about resolution values and their corresponding height and width dimensions, see [Auto-Record to Amazon S3](https://docs.aws.amazon.com//ivs/latest/LowLatencyUserGuide/record-to-s3.html) .", - "title": "Resolution", + "JobDefinition": { + "markdownDescription": "The ARN or name of the job definition to use if the event target is an AWS Batch job. This job definition must already exist.", + "title": "JobDefinition", "type": "string" }, - "Storage": { - "items": { - "type": "string" - }, - "markdownDescription": "The format in which thumbnails are recorded for a stream. `SEQUENTIAL` records all generated thumbnails in a serial manner, to the media/thumbnails directory. `LATEST` saves the latest thumbnail in media/thumbnails/latest/thumb.jpg and overwrites it at the interval specified by `targetIntervalSeconds` . You can enable both `SEQUENTIAL` and `LATEST` . Default: `SEQUENTIAL` .", - "title": "Storage", - "type": "array" + "JobName": { + "markdownDescription": "The name to use for this execution of the job, if the target is an AWS Batch job.", + "title": "JobName", + "type": "string" }, - "TargetIntervalSeconds": { - "markdownDescription": "The targeted thumbnail-generation interval in seconds. This is configurable (and required) only if [RecordingMode](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-recordingconfiguration-thumbnailconfiguration.html#cfn-ivs-recordingconfiguration-thumbnailconfiguration-recordingmode) is `INTERVAL` .\n\n> Setting a value for `TargetIntervalSeconds` does not guarantee that thumbnails are generated at the specified interval. For thumbnails to be generated at the `TargetIntervalSeconds` interval, the `IDR/Keyframe` value for the input video must be less than the `TargetIntervalSeconds` value. See [Amazon IVS Streaming Configuration](https://docs.aws.amazon.com/ivs/latest/LowLatencyUserGuide/streaming-config.html) for information on setting `IDR/Keyframe` to the recommended value in video-encoder settings. \n\n*Default* : 60", - "title": "TargetIntervalSeconds", + "RetryStrategy": { + "$ref": "#/definitions/AWS::Events::Rule.BatchRetryStrategy", + "markdownDescription": "The retry strategy to use for failed jobs, if the target is an AWS Batch job. The retry strategy is the number of times to retry the failed job execution. Valid values are 1\u201310. When you specify a retry strategy here, it overrides the retry strategy defined in the job definition.", + "title": "RetryStrategy" + } + }, + "required": [ + "JobDefinition", + "JobName" + ], + "type": "object" + }, + "AWS::Events::Rule.BatchRetryStrategy": { + "additionalProperties": false, + "properties": { + "Attempts": { + "markdownDescription": "The number of times to attempt to retry, if the job fails. Valid values are 1\u201310.", + "title": "Attempts", "type": "number" } }, "type": "object" }, - "AWS::IVS::Stage": { + "AWS::Events::Rule.CapacityProviderStrategyItem": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Base": { + "markdownDescription": "The base value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined. If no value is specified, the default value of 0 is used.", + "title": "Base", + "type": "number" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "CapacityProvider": { + "markdownDescription": "The short name of the capacity provider.", + "title": "CapacityProvider", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Weight": { + "markdownDescription": "The weight value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The weight value is taken into consideration after the base value, if defined, is satisfied.", + "title": "Weight", + "type": "number" + } + }, + "required": [ + "CapacityProvider" + ], + "type": "object" + }, + "AWS::Events::Rule.DeadLetterConfig": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The ARN of the SQS queue specified as the target for the dead-letter queue.", + "title": "Arn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Events::Rule.EcsParameters": { + "additionalProperties": false, + "properties": { + "CapacityProviderStrategy": { + "items": { + "$ref": "#/definitions/AWS::Events::Rule.CapacityProviderStrategyItem" + }, + "markdownDescription": "The capacity provider strategy to use for the task.\n\nIf a `capacityProviderStrategy` is specified, the `launchType` parameter must be omitted. If no `capacityProviderStrategy` or launchType is specified, the `defaultCapacityProviderStrategy` for the cluster is used.", + "title": "CapacityProviderStrategy", + "type": "array" }, - "Metadata": { - "type": "object" + "EnableECSManagedTags": { + "markdownDescription": "Specifies whether to enable Amazon ECS managed tags for the task. For more information, see [Tagging Your Amazon ECS Resources](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-using-tags.html) in the Amazon Elastic Container Service Developer Guide.", + "title": "EnableECSManagedTags", + "type": "boolean" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "Stage name.", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-stage-tag.html) .", - "title": "Tags", - "type": "array" - } + "EnableExecuteCommand": { + "markdownDescription": "Whether or not to enable the execute command functionality for the containers in this task. If true, this enables execute command functionality on all containers in the task.", + "title": "EnableExecuteCommand", + "type": "boolean" + }, + "Group": { + "markdownDescription": "Specifies an ECS task group for the task. The maximum length is 255 characters.", + "title": "Group", + "type": "string" + }, + "LaunchType": { + "markdownDescription": "Specifies the launch type on which your task is running. The launch type that you specify here must match one of the launch type (compatibilities) of the target task. The `FARGATE` value is supported only in the Regions where AWS Fargate with Amazon ECS is supported. For more information, see [AWS Fargate on Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/AWS-Fargate.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "LaunchType", + "type": "string" + }, + "NetworkConfiguration": { + "$ref": "#/definitions/AWS::Events::Rule.NetworkConfiguration", + "markdownDescription": "Use this structure if the Amazon ECS task uses the `awsvpc` network mode. This structure specifies the VPC subnets and security groups associated with the task, and whether a public IP address is to be used. This structure is required if `LaunchType` is `FARGATE` because the `awsvpc` mode is required for Fargate tasks.\n\nIf you specify `NetworkConfiguration` when the target ECS task does not use the `awsvpc` network mode, the task fails.", + "title": "NetworkConfiguration" + }, + "PlacementConstraints": { + "items": { + "$ref": "#/definitions/AWS::Events::Rule.PlacementConstraint" }, - "type": "object" + "markdownDescription": "An array of placement constraint objects to use for the task. You can specify up to 10 constraints per task (including constraints in the task definition and those specified at runtime).", + "title": "PlacementConstraints", + "type": "array" }, - "Type": { - "enum": [ - "AWS::IVS::Stage" - ], + "PlacementStrategies": { + "items": { + "$ref": "#/definitions/AWS::Events::Rule.PlacementStrategy" + }, + "markdownDescription": "The placement strategy objects to use for the task. You can specify a maximum of five strategy rules per task.", + "title": "PlacementStrategies", + "type": "array" + }, + "PlatformVersion": { + "markdownDescription": "Specifies the platform version for the task. Specify only the numeric portion of the platform version, such as `1.1.0` .\n\nThis structure is used only if `LaunchType` is `FARGATE` . For more information about valid platform versions, see [AWS Fargate Platform Versions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "PlatformVersion", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "PropagateTags": { + "markdownDescription": "Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags are not propagated. Tags can only be propagated to the task during task creation. To add tags to a task after task creation, use the TagResource API action.", + "title": "PropagateTags", + "type": "string" + }, + "ReferenceId": { + "markdownDescription": "The reference ID to use for the task.", + "title": "ReferenceId", + "type": "string" + }, + "TagList": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The metadata that you apply to the task to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define. To learn more, see [RunTask](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RunTask.html#ECS-RunTask-request-tags) in the Amazon ECS API Reference.", + "title": "TagList", + "type": "array" + }, + "TaskCount": { + "markdownDescription": "The number of tasks to create based on `TaskDefinition` . The default is 1.", + "title": "TaskCount", + "type": "number" + }, + "TaskDefinitionArn": { + "markdownDescription": "The ARN of the task definition to use if the event target is an Amazon ECS task.", + "title": "TaskDefinitionArn", "type": "string" } }, "required": [ - "Type" + "TaskDefinitionArn" ], "type": "object" }, - "AWS::IVS::StorageConfiguration": { + "AWS::Events::Rule.HttpParameters": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "HeaderParameters": { + "additionalProperties": true, + "markdownDescription": "The headers that need to be sent as part of request invoking the API Gateway API or EventBridge ApiDestination.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "HeaderParameters", + "type": "object" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "PathParameterValues": { + "items": { + "type": "string" + }, + "markdownDescription": "The path parameter values to be used to populate API Gateway API or EventBridge ApiDestination path wildcards (\"*\").", + "title": "PathParameterValues", + "type": "array" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + "QueryStringParameters": { + "additionalProperties": true, + "markdownDescription": "The query string keys/values that need to be sent as part of request invoking the API Gateway API or EventBridge ApiDestination.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" } - ] - }, - "Metadata": { + }, + "title": "QueryStringParameters", "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "Storage cnfiguration name.", - "title": "Name", + } + }, + "type": "object" + }, + "AWS::Events::Rule.InputTransformer": { + "additionalProperties": false, + "properties": { + "InputPathsMap": { + "additionalProperties": true, + "markdownDescription": "Map of JSON paths to be extracted from the event. You can then insert these in the template in `InputTemplate` to produce the output you want to be sent to the target.\n\n`InputPathsMap` is an array key-value pairs, where each value is a valid JSON path. You can have as many as 100 key-value pairs. You must use JSON dot notation, not bracket notation.\n\nThe keys cannot start with \" AWS .\"", + "patternProperties": { + "^[a-zA-Z0-9]+$": { "type": "string" - }, - "S3": { - "$ref": "#/definitions/AWS::IVS::StorageConfiguration.S3StorageConfiguration", - "markdownDescription": "An S3 storage configuration contains information about where recorded video will be stored. See the [S3StorageConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-storageconfiguration-s3storageconfiguration.html) property type for more information.", - "title": "S3" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-storageconfiguration-tag.html) .", - "title": "Tags", - "type": "array" } }, - "required": [ - "S3" - ], + "title": "InputPathsMap", "type": "object" }, + "InputTemplate": { + "markdownDescription": "Input template where you specify placeholders that will be filled with the values of the keys from `InputPathsMap` to customize the data sent to the target. Enclose each `InputPathsMaps` value in brackets: < *value* >\n\nIf `InputTemplate` is a JSON object (surrounded by curly braces), the following restrictions apply:\n\n- The placeholder cannot be used as an object key.\n\nThe following example shows the syntax for using `InputPathsMap` and `InputTemplate` .\n\n`\"InputTransformer\":`\n\n`{`\n\n`\"InputPathsMap\": {\"instance\": \"$.detail.instance\",\"status\": \"$.detail.status\"},`\n\n`\"InputTemplate\": \" is in state \"`\n\n`}`\n\nTo have the `InputTemplate` include quote marks within a JSON string, escape each quote marks with a slash, as in the following example:\n\n`\"InputTransformer\":`\n\n`{`\n\n`\"InputPathsMap\": {\"instance\": \"$.detail.instance\",\"status\": \"$.detail.status\"},`\n\n`\"InputTemplate\": \" is in state \\\"\\\"\"`\n\n`}`\n\nThe `InputTemplate` can also be valid JSON with varibles in quotes or out, as in the following example:\n\n`\"InputTransformer\":`\n\n`{`\n\n`\"InputPathsMap\": {\"instance\": \"$.detail.instance\",\"status\": \"$.detail.status\"},`\n\n`\"InputTemplate\": '{\"myInstance\": ,\"myStatus\": \" is in state \\\"\\\"\"}'`\n\n`}`", + "title": "InputTemplate", + "type": "string" + } + }, + "required": [ + "InputTemplate" + ], + "type": "object" + }, + "AWS::Events::Rule.KinesisParameters": { + "additionalProperties": false, + "properties": { + "PartitionKeyPath": { + "markdownDescription": "The JSON path to be extracted from the event and used as the partition key. For more information, see [Amazon Kinesis Streams Key Concepts](https://docs.aws.amazon.com/streams/latest/dev/key-concepts.html#partition-key) in the *Amazon Kinesis Streams Developer Guide* .", + "title": "PartitionKeyPath", + "type": "string" + } + }, + "required": [ + "PartitionKeyPath" + ], + "type": "object" + }, + "AWS::Events::Rule.NetworkConfiguration": { + "additionalProperties": false, + "properties": { + "AwsVpcConfiguration": { + "$ref": "#/definitions/AWS::Events::Rule.AwsVpcConfiguration", + "markdownDescription": "Use this structure to specify the VPC subnets and security groups for the task, and whether a public IP address is to be used. This structure is relevant only for ECS tasks that use the `awsvpc` network mode.", + "title": "AwsVpcConfiguration" + } + }, + "type": "object" + }, + "AWS::Events::Rule.PlacementConstraint": { + "additionalProperties": false, + "properties": { + "Expression": { + "markdownDescription": "A cluster query language expression to apply to the constraint. You cannot specify an expression if the constraint type is `distinctInstance` . To learn more, see [Cluster Query Language](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html) in the Amazon Elastic Container Service Developer Guide.", + "title": "Expression", + "type": "string" + }, "Type": { - "enum": [ - "AWS::IVS::StorageConfiguration" - ], + "markdownDescription": "The type of constraint. Use distinctInstance to ensure that each task in a particular group is running on a different container instance. Use memberOf to restrict the selection to a group of valid candidates.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Events::Rule.PlacementStrategy": { + "additionalProperties": false, + "properties": { + "Field": { + "markdownDescription": "The field to apply the placement strategy against. For the spread placement strategy, valid values are instanceId (or host, which has the same effect), or any platform or custom attribute that is applied to a container instance, such as attribute:ecs.availability-zone. For the binpack placement strategy, valid values are cpu and memory. For the random placement strategy, this field is not used.", + "title": "Field", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Type": { + "markdownDescription": "The type of placement strategy. The random placement strategy randomly places tasks on available candidates. The spread placement strategy spreads placement across available candidates evenly based on the field parameter. The binpack strategy places tasks on available candidates that have the least available amount of the resource that is specified with the field parameter. For example, if you binpack on memory, a task is placed on the instance with the least amount of remaining memory (but still enough to run the task).", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Events::Rule.RedshiftDataParameters": { + "additionalProperties": false, + "properties": { + "Database": { + "markdownDescription": "The name of the database. Required when authenticating using temporary credentials.", + "title": "Database", + "type": "string" + }, + "DbUser": { + "markdownDescription": "The database user name. Required when authenticating using temporary credentials.", + "title": "DbUser", + "type": "string" + }, + "SecretManagerArn": { + "markdownDescription": "The name or ARN of the secret that enables access to the database. Required when authenticating using AWS Secrets Manager.", + "title": "SecretManagerArn", + "type": "string" + }, + "Sql": { + "markdownDescription": "The SQL statement text to run.", + "title": "Sql", + "type": "string" + }, + "Sqls": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more SQL statements to run. The SQL statements are run as a single transaction. They run serially in the order of the array. Subsequent SQL statements don't start until the previous statement in the array completes. If any SQL statement fails, then because they are run as one transaction, all work is rolled back.", + "title": "Sqls", + "type": "array" + }, + "StatementName": { + "markdownDescription": "The name of the SQL statement. You can name the SQL statement when you create it to identify the query.", + "title": "StatementName", "type": "string" + }, + "WithEvent": { + "markdownDescription": "Indicates whether to send an event back to EventBridge after the SQL statement runs.", + "title": "WithEvent", + "type": "boolean" } }, "required": [ - "Type", - "Properties" + "Database" ], "type": "object" }, - "AWS::IVS::StorageConfiguration.S3StorageConfiguration": { + "AWS::Events::Rule.RetryPolicy": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "Name of the S3 bucket where recorded video will be stored.", - "title": "BucketName", + "MaximumEventAgeInSeconds": { + "markdownDescription": "The maximum amount of time, in seconds, to continue to make retry attempts.", + "title": "MaximumEventAgeInSeconds", + "type": "number" + }, + "MaximumRetryAttempts": { + "markdownDescription": "The maximum number of retry attempts to make before the request fails. Retry attempts continue until either the maximum number of attempts is made or until the duration of the `MaximumEventAgeInSeconds` is met.", + "title": "MaximumRetryAttempts", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Events::Rule.RunCommandParameters": { + "additionalProperties": false, + "properties": { + "RunCommandTargets": { + "items": { + "$ref": "#/definitions/AWS::Events::Rule.RunCommandTarget" + }, + "markdownDescription": "Currently, we support including only one RunCommandTarget block, which specifies either an array of InstanceIds or a tag.", + "title": "RunCommandTargets", + "type": "array" + } + }, + "required": [ + "RunCommandTargets" + ], + "type": "object" + }, + "AWS::Events::Rule.RunCommandTarget": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "Can be either `tag:` *tag-key* or `InstanceIds` .", + "title": "Key", + "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "If `Key` is `tag:` *tag-key* , `Values` is a list of tag values. If `Key` is `InstanceIds` , `Values` is a list of Amazon EC2 instance IDs.", + "title": "Values", + "type": "array" + } + }, + "required": [ + "Key", + "Values" + ], + "type": "object" + }, + "AWS::Events::Rule.SageMakerPipelineParameter": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "Name of parameter to start execution of a SageMaker AI Model Building Pipeline.", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "Value of parameter to start execution of a SageMaker AI Model Building Pipeline.", + "title": "Value", "type": "string" } }, "required": [ - "BucketName" + "Name", + "Value" ], "type": "object" }, - "AWS::IVS::StreamKey": { + "AWS::Events::Rule.SageMakerPipelineParameters": { "additionalProperties": false, "properties": { - "Condition": { + "PipelineParameterList": { + "items": { + "$ref": "#/definitions/AWS::Events::Rule.SageMakerPipelineParameter" + }, + "markdownDescription": "List of Parameter names and values for SageMaker AI Model Building Pipeline execution.", + "title": "PipelineParameterList", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Events::Rule.SqsParameters": { + "additionalProperties": false, + "properties": { + "MessageGroupId": { + "markdownDescription": "The FIFO message group ID to use as the target.", + "title": "MessageGroupId", "type": "string" + } + }, + "required": [ + "MessageGroupId" + ], + "type": "object" + }, + "AWS::Events::Rule.Target": { + "additionalProperties": false, + "properties": { + "AppSyncParameters": { + "$ref": "#/definitions/AWS::Events::Rule.AppSyncParameters", + "markdownDescription": "Contains the GraphQL operation to be parsed and executed, if the event target is an AWS AppSync API.", + "title": "AppSyncParameters" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the target.", + "title": "Arn", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "BatchParameters": { + "$ref": "#/definitions/AWS::Events::Rule.BatchParameters", + "markdownDescription": "If the event target is an AWS Batch job, this contains the job definition, job name, and other parameters. For more information, see [Jobs](https://docs.aws.amazon.com/batch/latest/userguide/jobs.html) in the *AWS Batch User Guide* .", + "title": "BatchParameters" }, - "Metadata": { - "type": "object" + "DeadLetterConfig": { + "$ref": "#/definitions/AWS::Events::Rule.DeadLetterConfig", + "markdownDescription": "The `DeadLetterConfig` that defines the target queue to send dead-letter queue events to.", + "title": "DeadLetterConfig" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ChannelArn": { - "markdownDescription": "Channel ARN for the stream.", - "title": "ChannelArn", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-streamkey-tag.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "ChannelArn" - ], - "type": "object" + "EcsParameters": { + "$ref": "#/definitions/AWS::Events::Rule.EcsParameters", + "markdownDescription": "Contains the Amazon ECS task definition and task count to be used, if the event target is an Amazon ECS task. For more information about Amazon ECS tasks, see [Task Definitions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_defintions.html) in the *Amazon EC2 Container Service Developer Guide* .", + "title": "EcsParameters" }, - "Type": { - "enum": [ - "AWS::IVS::StreamKey" - ], + "HttpParameters": { + "$ref": "#/definitions/AWS::Events::Rule.HttpParameters", + "markdownDescription": "Contains the HTTP parameters to use when the target is a API Gateway endpoint or EventBridge ApiDestination.\n\nIf you specify an API Gateway API or EventBridge ApiDestination as a target, you can use this parameter to specify headers, path parameters, and query string keys/values as part of your target invoking request. If you're using ApiDestinations, the corresponding Connection can also have these values configured. In case of any conflicting keys, values from the Connection take precedence.", + "title": "HttpParameters" + }, + "Id": { + "markdownDescription": "The ID of the target within the specified rule. Use this ID to reference the target when updating the rule. We recommend using a memorable and unique string.", + "title": "Id", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Input": { + "markdownDescription": "Valid JSON text passed to the target. In this case, nothing from the event itself is passed to the target. For more information, see [The JavaScript Object Notation (JSON) Data Interchange Format](https://docs.aws.amazon.com/http://www.rfc-editor.org/rfc/rfc7159.txt) .", + "title": "Input", + "type": "string" + }, + "InputPath": { + "markdownDescription": "The value of the JSONPath that is used for extracting part of the matched event when passing it to the target. You may use JSON dot notation or bracket notation. For more information about JSON paths, see [JSONPath](https://docs.aws.amazon.com/http://goessner.net/articles/JsonPath/) .", + "title": "InputPath", + "type": "string" + }, + "InputTransformer": { + "$ref": "#/definitions/AWS::Events::Rule.InputTransformer", + "markdownDescription": "Settings to enable you to provide custom input to a target based on certain event data. You can extract one or more key-value pairs from the event and then use that data to send customized input to the target.", + "title": "InputTransformer" + }, + "KinesisParameters": { + "$ref": "#/definitions/AWS::Events::Rule.KinesisParameters", + "markdownDescription": "The custom parameter you can use to control the shard assignment, when the target is a Kinesis data stream. If you do not include this parameter, the default is to use the `eventId` as the partition key.", + "title": "KinesisParameters" + }, + "RedshiftDataParameters": { + "$ref": "#/definitions/AWS::Events::Rule.RedshiftDataParameters", + "markdownDescription": "Contains the Amazon Redshift Data API parameters to use when the target is a Amazon Redshift cluster.\n\nIf you specify a Amazon Redshift Cluster as a Target, you can use this to specify parameters to invoke the Amazon Redshift Data API ExecuteStatement based on EventBridge events.", + "title": "RedshiftDataParameters" + }, + "RetryPolicy": { + "$ref": "#/definitions/AWS::Events::Rule.RetryPolicy", + "markdownDescription": "The retry policy configuration to use for the dead-letter queue.", + "title": "RetryPolicy" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to be used for this target when the rule is triggered. If one rule triggers multiple targets, you can use a different IAM role for each target.", + "title": "RoleArn", "type": "string" + }, + "RunCommandParameters": { + "$ref": "#/definitions/AWS::Events::Rule.RunCommandParameters", + "markdownDescription": "Parameters used when you are using the rule to invoke Amazon EC2 Run Command.", + "title": "RunCommandParameters" + }, + "SageMakerPipelineParameters": { + "$ref": "#/definitions/AWS::Events::Rule.SageMakerPipelineParameters", + "markdownDescription": "Contains the SageMaker AI Model Building Pipeline parameters to start execution of a SageMaker AI Model Building Pipeline.\n\nIf you specify a SageMaker AI Model Building Pipeline as a target, you can use this to specify parameters to start a pipeline execution based on EventBridge events.", + "title": "SageMakerPipelineParameters" + }, + "SqsParameters": { + "$ref": "#/definitions/AWS::Events::Rule.SqsParameters", + "markdownDescription": "Contains the message group ID to use when the target is a FIFO queue.\n\nIf you specify an SQS FIFO queue as a target, the queue must have content-based deduplication enabled.", + "title": "SqsParameters" } }, "required": [ - "Type", - "Properties" + "Arn", + "Id" ], "type": "object" }, - "AWS::IVSChat::LoggingConfiguration": { + "AWS::Evidently::Experiment": { "additionalProperties": false, "properties": { "Condition": { @@ -116236,33 +120541,88 @@ "Properties": { "additionalProperties": false, "properties": { - "DestinationConfiguration": { - "$ref": "#/definitions/AWS::IVSChat::LoggingConfiguration.DestinationConfiguration", - "markdownDescription": "The DestinationConfiguration is a complex type that contains information about where chat content will be logged.", - "title": "DestinationConfiguration" + "Description": { + "markdownDescription": "An optional description of the experiment.", + "title": "Description", + "type": "string" + }, + "MetricGoals": { + "items": { + "$ref": "#/definitions/AWS::Evidently::Experiment.MetricGoalObject" + }, + "markdownDescription": "An array of structures that defines the metrics used for the experiment, and whether a higher or lower value for each metric is the goal. You can use up to three metrics in an experiment.", + "title": "MetricGoals", + "type": "array" }, "Name": { - "markdownDescription": "Logging-configuration name. The value does not need to be unique.", + "markdownDescription": "A name for the new experiment.", "title": "Name", "type": "string" }, + "OnlineAbConfig": { + "$ref": "#/definitions/AWS::Evidently::Experiment.OnlineAbConfigObject", + "markdownDescription": "A structure that contains the configuration of which variation to use as the \"control\" version. The \"control\" version is used for comparison with other variations. This structure also specifies how much experiment traffic is allocated to each variation.", + "title": "OnlineAbConfig" + }, + "Project": { + "markdownDescription": "The name or the ARN of the project where this experiment is to be created.", + "title": "Project", + "type": "string" + }, + "RandomizationSalt": { + "markdownDescription": "When Evidently assigns a particular user session to an experiment, it must use a randomization ID to determine which variation the user session is served. This randomization ID is a combination of the entity ID and `randomizationSalt` . If you omit `randomizationSalt` , Evidently uses the experiment name as the `randomizationSalt` .", + "title": "RandomizationSalt", + "type": "string" + }, + "RemoveSegment": { + "markdownDescription": "Set this to `true` to remove the segment that is associated with this experiment. You can't use this parameter if the experiment is currently running.", + "title": "RemoveSegment", + "type": "boolean" + }, + "RunningStatus": { + "$ref": "#/definitions/AWS::Evidently::Experiment.RunningStatusObject", + "markdownDescription": "A structure that you can use to start and stop the experiment.", + "title": "RunningStatus" + }, + "SamplingRate": { + "markdownDescription": "The portion of the available audience that you want to allocate to this experiment, in thousandths of a percent. The available audience is the total audience minus the audience that you have allocated to overrides or current launches of this feature.\n\nThis is represented in thousandths of a percent. For example, specify 10,000 to allocate 10% of the available audience.", + "title": "SamplingRate", + "type": "number" + }, + "Segment": { + "markdownDescription": "Specifies an audience *segment* to use in the experiment. When a segment is used in an experiment, only user sessions that match the segment pattern are used in the experiment.\n\nFor more information, see [Segment rule pattern syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Evidently-segments.html#CloudWatch-Evidently-segments-syntax) .", + "title": "Segment", + "type": "string" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivschat-loggingconfiguration-tag.html) .", + "markdownDescription": "Assigns one or more tags (key-value pairs) to the experiment.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with an experiment.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .", "title": "Tags", "type": "array" + }, + "Treatments": { + "items": { + "$ref": "#/definitions/AWS::Evidently::Experiment.TreatmentObject" + }, + "markdownDescription": "An array of structures that describe the configuration of each feature variation used in the experiment.", + "title": "Treatments", + "type": "array" } }, "required": [ - "DestinationConfiguration" + "MetricGoals", + "Name", + "OnlineAbConfig", + "Project", + "Treatments" ], "type": "object" }, "Type": { "enum": [ - "AWS::IVSChat::LoggingConfiguration" + "AWS::Evidently::Experiment" ], "type": "string" }, @@ -116281,70 +120641,148 @@ ], "type": "object" }, - "AWS::IVSChat::LoggingConfiguration.CloudWatchLogsDestinationConfiguration": { + "AWS::Evidently::Experiment.MetricGoalObject": { "additionalProperties": false, "properties": { - "LogGroupName": { - "markdownDescription": "Name of the Amazon Cloudwatch Logs destination where chat activity will be logged.", - "title": "LogGroupName", + "DesiredChange": { + "markdownDescription": "`INCREASE` means that a variation with a higher number for this metric is performing better.\n\n`DECREASE` means that a variation with a lower number for this metric is performing better.", + "title": "DesiredChange", + "type": "string" + }, + "EntityIdKey": { + "markdownDescription": "The entity, such as a user or session, that does an action that causes a metric value to be recorded. An example is `userDetails.userID` .", + "title": "EntityIdKey", + "type": "string" + }, + "EventPattern": { + "markdownDescription": "The EventBridge event pattern that defines how the metric is recorded.\n\nFor more information about EventBridge event patterns, see [Amazon EventBridge event patterns](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-event-patterns.html) .", + "title": "EventPattern", + "type": "string" + }, + "MetricName": { + "markdownDescription": "A name for the metric. It can include up to 255 characters.", + "title": "MetricName", + "type": "string" + }, + "UnitLabel": { + "markdownDescription": "A label for the units that the metric is measuring.", + "title": "UnitLabel", + "type": "string" + }, + "ValueKey": { + "markdownDescription": "The JSON path to reference the numerical metric value in the event.", + "title": "ValueKey", "type": "string" } }, "required": [ - "LogGroupName" + "DesiredChange", + "EntityIdKey", + "MetricName", + "ValueKey" ], "type": "object" }, - "AWS::IVSChat::LoggingConfiguration.DestinationConfiguration": { + "AWS::Evidently::Experiment.OnlineAbConfigObject": { "additionalProperties": false, "properties": { - "CloudWatchLogs": { - "$ref": "#/definitions/AWS::IVSChat::LoggingConfiguration.CloudWatchLogsDestinationConfiguration", - "markdownDescription": "An Amazon CloudWatch Logs destination configuration where chat activity will be logged.", - "title": "CloudWatchLogs" + "ControlTreatmentName": { + "markdownDescription": "The name of the variation that is to be the default variation that the other variations are compared to.", + "title": "ControlTreatmentName", + "type": "string" }, - "Firehose": { - "$ref": "#/definitions/AWS::IVSChat::LoggingConfiguration.FirehoseDestinationConfiguration", - "markdownDescription": "An Amazon Kinesis Data Firehose destination configuration where chat activity will be logged.", - "title": "Firehose" + "TreatmentWeights": { + "items": { + "$ref": "#/definitions/AWS::Evidently::Experiment.TreatmentToWeight" + }, + "markdownDescription": "A set of key-value pairs. The keys are treatment names, and the values are the portion of experiment traffic to be assigned to that treatment. Specify the traffic portion in thousandths of a percent, so 20,000 for a variation would allocate 20% of the experiment traffic to that variation.", + "title": "TreatmentWeights", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Evidently::Experiment.RunningStatusObject": { + "additionalProperties": false, + "properties": { + "AnalysisCompleteTime": { + "markdownDescription": "If you are using AWS CloudFormation to start the experiment, use this field to specify when the experiment is to end. The format is as a UNIX timestamp. For more information about this format, see [The Current Epoch Unix Timestamp](https://docs.aws.amazon.com/https://www.unixtimestamp.com/index.php) .", + "title": "AnalysisCompleteTime", + "type": "string" }, - "S3": { - "$ref": "#/definitions/AWS::IVSChat::LoggingConfiguration.S3DestinationConfiguration", - "markdownDescription": "An Amazon S3 destination configuration where chat activity will be logged.", - "title": "S3" + "DesiredState": { + "markdownDescription": "If you are using AWS CloudFormation to stop this experiment, specify either `COMPLETED` or `CANCELLED` here to indicate how to classify this experiment.", + "title": "DesiredState", + "type": "string" + }, + "Reason": { + "markdownDescription": "If you are using AWS CloudFormation to stop this experiment, this is an optional field that you can use to record why the experiment is being stopped or cancelled.", + "title": "Reason", + "type": "string" + }, + "Status": { + "markdownDescription": "To start the experiment now, specify `START` for this parameter. If this experiment is currently running and you want to stop it now, specify `STOP` .", + "title": "Status", + "type": "string" } }, + "required": [ + "Status" + ], "type": "object" }, - "AWS::IVSChat::LoggingConfiguration.FirehoseDestinationConfiguration": { + "AWS::Evidently::Experiment.TreatmentObject": { "additionalProperties": false, "properties": { - "DeliveryStreamName": { - "markdownDescription": "Name of the Amazon Kinesis Firehose delivery stream where chat activity will be logged.", - "title": "DeliveryStreamName", + "Description": { + "markdownDescription": "The description of the treatment.", + "title": "Description", + "type": "string" + }, + "Feature": { + "markdownDescription": "The name of the feature for this experiment.", + "title": "Feature", + "type": "string" + }, + "TreatmentName": { + "markdownDescription": "A name for this treatment. It can include up to 127 characters.", + "title": "TreatmentName", + "type": "string" + }, + "Variation": { + "markdownDescription": "The name of the variation to use for this treatment.", + "title": "Variation", "type": "string" } }, "required": [ - "DeliveryStreamName" + "Feature", + "TreatmentName", + "Variation" ], "type": "object" }, - "AWS::IVSChat::LoggingConfiguration.S3DestinationConfiguration": { + "AWS::Evidently::Experiment.TreatmentToWeight": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "Name of the Amazon S3 bucket where chat activity will be logged.", - "title": "BucketName", + "SplitWeight": { + "markdownDescription": "The portion of experiment traffic to allocate to this treatment. Specify the traffic portion in thousandths of a percent, so 20,000 allocated to a treatment would allocate 20% of the experiment traffic to that treatment.", + "title": "SplitWeight", + "type": "number" + }, + "Treatment": { + "markdownDescription": "The name of the treatment.", + "title": "Treatment", "type": "string" } }, "required": [ - "BucketName" + "SplitWeight", + "Treatment" ], "type": "object" }, - "AWS::IVSChat::Room": { + "AWS::Evidently::Feature": { "additionalProperties": false, "properties": { "Condition": { @@ -116379,48 +120817,66 @@ "Properties": { "additionalProperties": false, "properties": { - "LoggingConfigurationIdentifiers": { + "DefaultVariation": { + "markdownDescription": "The name of the variation to use as the default variation. The default variation is served to users who are not allocated to any ongoing launches or experiments of this feature.\n\nThis variation must also be listed in the `Variations` structure.\n\nIf you omit `DefaultVariation` , the first variation listed in the `Variations` structure is used as the default variation.", + "title": "DefaultVariation", + "type": "string" + }, + "Description": { + "markdownDescription": "An optional description of the feature.", + "title": "Description", + "type": "string" + }, + "EntityOverrides": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Evidently::Feature.EntityOverride" }, - "markdownDescription": "List of logging-configuration identifiers attached to the room.", - "title": "LoggingConfigurationIdentifiers", + "markdownDescription": "Specify users that should always be served a specific variation of a feature. Each user is specified by a key-value pair . For each key, specify a user by entering their user ID, account ID, or some other identifier. For the value, specify the name of the variation that they are to be served.", + "title": "EntityOverrides", "type": "array" }, - "MaximumMessageLength": { - "markdownDescription": "Maximum number of characters in a single message. Messages are expected to be UTF-8 encoded and this limit applies specifically to rune/code-point count, not number of bytes.", - "title": "MaximumMessageLength", - "type": "number" - }, - "MaximumMessageRatePerSecond": { - "markdownDescription": "Maximum number of messages per second that can be sent to the room (by all clients).", - "title": "MaximumMessageRatePerSecond", - "type": "number" - }, - "MessageReviewHandler": { - "$ref": "#/definitions/AWS::IVSChat::Room.MessageReviewHandler", - "markdownDescription": "Configuration information for optional review of messages.", - "title": "MessageReviewHandler" + "EvaluationStrategy": { + "markdownDescription": "Specify `ALL_RULES` to activate the traffic allocation specified by any ongoing launches or experiments. Specify `DEFAULT_VARIATION` to serve the default variation to all users instead.", + "title": "EvaluationStrategy", + "type": "string" }, "Name": { - "markdownDescription": "Room name. The value does not need to be unique.", + "markdownDescription": "The name for the feature. It can include up to 127 characters.", "title": "Name", "type": "string" }, + "Project": { + "markdownDescription": "The name or ARN of the project that is to contain the new feature.", + "title": "Project", + "type": "string" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivschat-room-tag.html) .", + "markdownDescription": "Assigns one or more tags (key-value pairs) to the feature.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with a feature.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .", "title": "Tags", "type": "array" + }, + "Variations": { + "items": { + "$ref": "#/definitions/AWS::Evidently::Feature.VariationObject" + }, + "markdownDescription": "An array of structures that contain the configuration of the feature's different variations.\n\nEach `VariationObject` in the `Variations` array for a feature must have the same type of value ( `BooleanValue` , `DoubleValue` , `LongValue` or `StringValue` ).", + "title": "Variations", + "type": "array" } }, + "required": [ + "Name", + "Project", + "Variations" + ], "type": "object" }, "Type": { "enum": [ - "AWS::IVSChat::Room" + "AWS::Evidently::Feature" ], "type": "string" }, @@ -116434,105 +120890,62 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::IVSChat::Room.MessageReviewHandler": { + "AWS::Evidently::Feature.EntityOverride": { "additionalProperties": false, "properties": { - "FallbackResult": { - "markdownDescription": "Specifies the fallback behavior (whether the message is allowed or denied) if the handler does not return a valid response, encounters an error, or times out. (For the timeout period, see [Service Quotas](https://docs.aws.amazon.com/ivs/latest/userguide/service-quotas.html) .) If allowed, the message is delivered with returned content to all users connected to the room. If denied, the message is not delivered to any user.\n\n*Default* : `ALLOW`", - "title": "FallbackResult", + "EntityId": { + "markdownDescription": "The entity ID to be served the variation specified in `Variation` .", + "title": "EntityId", "type": "string" }, - "Uri": { - "markdownDescription": "Identifier of the message review handler. Currently this must be an ARN of a lambda function.", - "title": "Uri", + "Variation": { + "markdownDescription": "The name of the variation to serve to the user session that matches the `EntityId` .", + "title": "Variation", "type": "string" } }, "type": "object" }, - "AWS::IdentityStore::Group": { + "AWS::Evidently::Feature.VariationObject": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "BooleanValue": { + "markdownDescription": "The value assigned to this variation, if the variation type is boolean.", + "title": "BooleanValue", + "type": "boolean" }, - "Metadata": { - "type": "object" + "DoubleValue": { + "markdownDescription": "The value assigned to this variation, if the variation type is a double.", + "title": "DoubleValue", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A string containing the description of the group.", - "title": "Description", - "type": "string" - }, - "DisplayName": { - "markdownDescription": "The display name value for the group. The length limit is 1,024 characters. This value can consist of letters, accented characters, symbols, numbers, punctuation, tab, new line, carriage return, space, and nonbreaking space in this attribute. This value is specified at the time the group is created and stored as an attribute of the group object in the identity store.\n\nPrefix search supports a maximum of 1,000 characters for the string.", - "title": "DisplayName", - "type": "string" - }, - "IdentityStoreId": { - "markdownDescription": "The globally unique identifier for the identity store.", - "title": "IdentityStoreId", - "type": "string" - } - }, - "required": [ - "DisplayName", - "IdentityStoreId" - ], - "type": "object" + "LongValue": { + "markdownDescription": "The value assigned to this variation, if the variation type is a long.", + "title": "LongValue", + "type": "number" }, - "Type": { - "enum": [ - "AWS::IdentityStore::Group" - ], + "StringValue": { + "markdownDescription": "The value assigned to this variation, if the variation type is a string.", + "title": "StringValue", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VariationName": { + "markdownDescription": "A name for the variation. It can include up to 127 characters.", + "title": "VariationName", "type": "string" } }, "required": [ - "Type", - "Properties" + "VariationName" ], "type": "object" }, - "AWS::IdentityStore::GroupMembership": { + "AWS::Evidently::Launch": { "additionalProperties": false, "properties": { "Condition": { @@ -116567,32 +120980,75 @@ "Properties": { "additionalProperties": false, "properties": { - "GroupId": { - "markdownDescription": "The identifier for a group in the identity store.", - "title": "GroupId", + "Description": { + "markdownDescription": "An optional description for the launch.", + "title": "Description", "type": "string" }, - "IdentityStoreId": { - "markdownDescription": "The globally unique identifier for the identity store.", - "title": "IdentityStoreId", + "ExecutionStatus": { + "$ref": "#/definitions/AWS::Evidently::Launch.ExecutionStatusObject", + "markdownDescription": "A structure that you can use to start and stop the launch.", + "title": "ExecutionStatus" + }, + "Groups": { + "items": { + "$ref": "#/definitions/AWS::Evidently::Launch.LaunchGroupObject" + }, + "markdownDescription": "An array of structures that contains the feature and variations that are to be used for the launch. You can up to five launch groups in a launch.", + "title": "Groups", + "type": "array" + }, + "MetricMonitors": { + "items": { + "$ref": "#/definitions/AWS::Evidently::Launch.MetricDefinitionObject" + }, + "markdownDescription": "An array of structures that define the metrics that will be used to monitor the launch performance. You can have up to three metric monitors in the array.", + "title": "MetricMonitors", + "type": "array" + }, + "Name": { + "markdownDescription": "The name for the launch. It can include up to 127 characters.", + "title": "Name", "type": "string" }, - "MemberId": { - "$ref": "#/definitions/AWS::IdentityStore::GroupMembership.MemberId", - "markdownDescription": "An object containing the identifier of a group member. Setting the `MemberId` 's `UserId` field to a specific User's ID indicates that user is a member of the group.", - "title": "MemberId" + "Project": { + "markdownDescription": "The name or ARN of the project that you want to create the launch in.", + "title": "Project", + "type": "string" + }, + "RandomizationSalt": { + "markdownDescription": "When Evidently assigns a particular user session to a launch, it must use a randomization ID to determine which variation the user session is served. This randomization ID is a combination of the entity ID and `randomizationSalt` . If you omit `randomizationSalt` , Evidently uses the launch name as the `randomizationsSalt` .", + "title": "RandomizationSalt", + "type": "string" + }, + "ScheduledSplitsConfig": { + "items": { + "$ref": "#/definitions/AWS::Evidently::Launch.StepConfig" + }, + "markdownDescription": "An array of structures that define the traffic allocation percentages among the feature variations during each step of the launch.", + "title": "ScheduledSplitsConfig", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Assigns one or more tags (key-value pairs) to the launch.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with a launch.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .", + "title": "Tags", + "type": "array" } }, "required": [ - "GroupId", - "IdentityStoreId", - "MemberId" + "Groups", + "Name", + "Project", + "ScheduledSplitsConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::IdentityStore::GroupMembership" + "AWS::Evidently::Launch" ], "type": "string" }, @@ -116611,21 +121067,178 @@ ], "type": "object" }, - "AWS::IdentityStore::GroupMembership.MemberId": { + "AWS::Evidently::Launch.ExecutionStatusObject": { "additionalProperties": false, "properties": { - "UserId": { - "markdownDescription": "An object containing the identifiers of resources that can be members.", - "title": "UserId", + "DesiredState": { + "markdownDescription": "If you are using AWS CloudFormation to stop this launch, specify either `COMPLETED` or `CANCELLED` here to indicate how to classify this experiment. If you omit this parameter, the default of `COMPLETED` is used.", + "title": "DesiredState", "type": "string" - } - }, + }, + "Reason": { + "markdownDescription": "If you are using AWS CloudFormation to stop this launch, this is an optional field that you can use to record why the launch is being stopped or cancelled.", + "title": "Reason", + "type": "string" + }, + "Status": { + "markdownDescription": "To start the launch now, specify `START` for this parameter. If this launch is currently running and you want to stop it now, specify `STOP` .", + "title": "Status", + "type": "string" + } + }, "required": [ - "UserId" + "Status" ], "type": "object" }, - "AWS::ImageBuilder::Component": { + "AWS::Evidently::Launch.GroupToWeight": { + "additionalProperties": false, + "properties": { + "GroupName": { + "markdownDescription": "The name of the launch group. It can include up to 127 characters.", + "title": "GroupName", + "type": "string" + }, + "SplitWeight": { + "markdownDescription": "The portion of launch traffic to allocate to this launch group.\n\nThis is represented in thousandths of a percent. For example, specify 20,000 to allocate 20% of the launch audience to this launch group.", + "title": "SplitWeight", + "type": "number" + } + }, + "required": [ + "GroupName", + "SplitWeight" + ], + "type": "object" + }, + "AWS::Evidently::Launch.LaunchGroupObject": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the launch group.", + "title": "Description", + "type": "string" + }, + "Feature": { + "markdownDescription": "The feature that this launch is using.", + "title": "Feature", + "type": "string" + }, + "GroupName": { + "markdownDescription": "A name for this launch group. It can include up to 127 characters.", + "title": "GroupName", + "type": "string" + }, + "Variation": { + "markdownDescription": "The feature variation to use for this launch group.", + "title": "Variation", + "type": "string" + } + }, + "required": [ + "Feature", + "GroupName", + "Variation" + ], + "type": "object" + }, + "AWS::Evidently::Launch.MetricDefinitionObject": { + "additionalProperties": false, + "properties": { + "EntityIdKey": { + "markdownDescription": "The entity, such as a user or session, that does an action that causes a metric value to be recorded. An example is `userDetails.userID` .", + "title": "EntityIdKey", + "type": "string" + }, + "EventPattern": { + "markdownDescription": "The EventBridge event pattern that defines how the metric is recorded.\n\nFor more information about EventBridge event patterns, see [Amazon EventBridge event patterns](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-event-patterns.html) .", + "title": "EventPattern", + "type": "string" + }, + "MetricName": { + "markdownDescription": "A name for the metric. It can include up to 255 characters.", + "title": "MetricName", + "type": "string" + }, + "UnitLabel": { + "markdownDescription": "A label for the units that the metric is measuring.", + "title": "UnitLabel", + "type": "string" + }, + "ValueKey": { + "markdownDescription": "The value that is tracked to produce the metric.", + "title": "ValueKey", + "type": "string" + } + }, + "required": [ + "EntityIdKey", + "MetricName", + "ValueKey" + ], + "type": "object" + }, + "AWS::Evidently::Launch.SegmentOverride": { + "additionalProperties": false, + "properties": { + "EvaluationOrder": { + "markdownDescription": "A number indicating the order to use to evaluate segment overrides, if there are more than one. Segment overrides with lower numbers are evaluated first.", + "title": "EvaluationOrder", + "type": "number" + }, + "Segment": { + "markdownDescription": "The ARN of the segment to use for this override.", + "title": "Segment", + "type": "string" + }, + "Weights": { + "items": { + "$ref": "#/definitions/AWS::Evidently::Launch.GroupToWeight" + }, + "markdownDescription": "The traffic allocation percentages among the feature variations to assign to this segment. This is a set of key-value pairs. The keys are variation names. The values represent the amount of traffic to allocate to that variation for this segment. This is expressed in thousandths of a percent, so a weight of 50000 represents 50% of traffic.", + "title": "Weights", + "type": "array" + } + }, + "required": [ + "EvaluationOrder", + "Segment", + "Weights" + ], + "type": "object" + }, + "AWS::Evidently::Launch.StepConfig": { + "additionalProperties": false, + "properties": { + "GroupWeights": { + "items": { + "$ref": "#/definitions/AWS::Evidently::Launch.GroupToWeight" + }, + "markdownDescription": "An array of structures that define how much launch traffic to allocate to each launch group during this step of the launch.", + "title": "GroupWeights", + "type": "array" + }, + "SegmentOverrides": { + "items": { + "$ref": "#/definitions/AWS::Evidently::Launch.SegmentOverride" + }, + "markdownDescription": "An array of structures that you can use to specify different traffic splits for one or more audience *segments* . A segment is a portion of your audience that share one or more characteristics. Examples could be Chrome browser users, users in Europe, or Firefox browser users in Europe who also fit other criteria that your application collects, such as age.\n\nFor more information, see [Use segments to focus your audience](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Evidently-segments.html) .", + "title": "SegmentOverrides", + "type": "array" + }, + "StartTime": { + "markdownDescription": "The date and time to start this step of the launch. Use UTC format, `yyyy-MM-ddTHH:mm:ssZ` . For example, `2025-11-25T23:59:59Z`", + "title": "StartTime", + "type": "string" + } + }, + "required": [ + "GroupWeights", + "StartTime" + ], + "type": "object" + }, + "AWS::Evidently::Project": { "additionalProperties": false, "properties": { "Condition": { @@ -116660,76 +121273,43 @@ "Properties": { "additionalProperties": false, "properties": { - "ChangeDescription": { - "markdownDescription": "The change description of the component. Describes what change has been made in this version, or what makes this version different from other versions of the component.", - "title": "ChangeDescription", - "type": "string" + "AppConfigResource": { + "$ref": "#/definitions/AWS::Evidently::Project.AppConfigResourceObject", + "markdownDescription": "Use this parameter if the project will use *client-side evaluation powered by AWS AppConfig* . Client-side evaluation allows your application to assign variations to user sessions locally instead of by calling the [EvaluateFeature](https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_EvaluateFeature.html) operation. This mitigates the latency and availability risks that come with an API call. For more information, see [Use client-side evaluation - powered by AWS AppConfig .](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Evidently-client-side-evaluation.html)\n\nThis parameter is a structure that contains information about the AWS AppConfig application that will be used as for client-side evaluation.\n\nTo create a project that uses client-side evaluation, you must have the `evidently:ExportProjectAsConfiguration` permission.", + "title": "AppConfigResource" }, - "Data": { - "markdownDescription": "Component `data` contains inline YAML document content for the component. Alternatively, you can specify the `uri` of a YAML document file stored in Amazon S3. However, you cannot specify both properties.", - "title": "Data", - "type": "string" + "DataDelivery": { + "$ref": "#/definitions/AWS::Evidently::Project.DataDeliveryObject", + "markdownDescription": "A structure that contains information about where Evidently is to store evaluation events for longer term storage, if you choose to do so. If you choose not to store these events, Evidently deletes them after using them to produce metrics and other experiment results that you can view.\n\nYou can't specify both `CloudWatchLogs` and `S3Destination` in the same operation.", + "title": "DataDelivery" }, "Description": { - "markdownDescription": "Describes the contents of the component.", + "markdownDescription": "An optional description of the project.", "title": "Description", "type": "string" }, - "KmsKeyId": { - "markdownDescription": "The ID of the KMS key that is used to encrypt this component.", - "title": "KmsKeyId", - "type": "string" - }, "Name": { - "markdownDescription": "The name of the component.", + "markdownDescription": "The name for the project. It can include up to 127 characters.", "title": "Name", "type": "string" }, - "Platform": { - "markdownDescription": "The operating system platform of the component.", - "title": "Platform", - "type": "string" - }, - "SupportedOsVersions": { - "items": { - "type": "string" - }, - "markdownDescription": "The operating system (OS) version supported by the component. If the OS information is available, a prefix match is performed against the base image OS version during image recipe creation.", - "title": "SupportedOsVersions", - "type": "array" - }, "Tags": { - "additionalProperties": true, - "markdownDescription": "The tags that apply to the component.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "Assigns one or more tags (key-value pairs) to the project.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with a project.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .", "title": "Tags", - "type": "object" - }, - "Uri": { - "markdownDescription": "The `uri` of a YAML component document file. This must be an S3 URL ( `s3://bucket/key` ), and the requester must have permission to access the S3 bucket it points to. If you use Amazon S3, you can specify component content up to your service quota.\n\nAlternatively, you can specify the YAML document inline, using the component `data` property. You cannot specify both properties.", - "title": "Uri", - "type": "string" - }, - "Version": { - "markdownDescription": "The component version. For example, `1.0.0` .", - "title": "Version", - "type": "string" + "type": "array" } }, "required": [ - "Name", - "Platform", - "Version" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::ImageBuilder::Component" + "AWS::Evidently::Project" ], "type": "string" }, @@ -116748,7 +121328,62 @@ ], "type": "object" }, - "AWS::ImageBuilder::ContainerRecipe": { + "AWS::Evidently::Project.AppConfigResourceObject": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The ID of the AWS AppConfig application to use for client-side evaluation.", + "title": "ApplicationId", + "type": "string" + }, + "EnvironmentId": { + "markdownDescription": "The ID of the AWS AppConfig environment to use for client-side evaluation.", + "title": "EnvironmentId", + "type": "string" + } + }, + "required": [ + "ApplicationId", + "EnvironmentId" + ], + "type": "object" + }, + "AWS::Evidently::Project.DataDeliveryObject": { + "additionalProperties": false, + "properties": { + "LogGroup": { + "markdownDescription": "If the project stores evaluation events in CloudWatch Logs , this structure stores the log group name.", + "title": "LogGroup", + "type": "string" + }, + "S3": { + "$ref": "#/definitions/AWS::Evidently::Project.S3Destination", + "markdownDescription": "If the project stores evaluation events in an Amazon S3 bucket, this structure stores the bucket name and bucket prefix.", + "title": "S3" + } + }, + "type": "object" + }, + "AWS::Evidently::Project.S3Destination": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "The name of the bucket in which Evidently stores evaluation events.", + "title": "BucketName", + "type": "string" + }, + "Prefix": { + "markdownDescription": "The bucket prefix in which Evidently stores evaluation events.", + "title": "Prefix", + "type": "string" + } + }, + "required": [ + "BucketName" + ], + "type": "object" + }, + "AWS::Evidently::Segment": { "additionalProperties": false, "properties": { "Condition": { @@ -116783,104 +121418,38 @@ "Properties": { "additionalProperties": false, "properties": { - "Components": { - "items": { - "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe.ComponentConfiguration" - }, - "markdownDescription": "Build and test components that are included in the container recipe. Recipes require a minimum of one build component, and can have a maximum of 20 build and test components in any combination.", - "title": "Components", - "type": "array" - }, - "ContainerType": { - "markdownDescription": "Specifies the type of container, such as Docker.", - "title": "ContainerType", - "type": "string" - }, "Description": { - "markdownDescription": "The description of the container recipe.", + "markdownDescription": "An optional description for this segment.", "title": "Description", "type": "string" }, - "DockerfileTemplateData": { - "markdownDescription": "Dockerfiles are text documents that are used to build Docker containers, and ensure that they contain all of the elements required by the application running inside. The template data consists of contextual variables where Image Builder places build information or scripts, based on your container image recipe.", - "title": "DockerfileTemplateData", - "type": "string" - }, - "DockerfileTemplateUri": { - "markdownDescription": "The S3 URI for the Dockerfile that will be used to build your container image.", - "title": "DockerfileTemplateUri", - "type": "string" - }, - "ImageOsVersionOverride": { - "markdownDescription": "Specifies the operating system version for the base image.", - "title": "ImageOsVersionOverride", - "type": "string" - }, - "InstanceConfiguration": { - "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe.InstanceConfiguration", - "markdownDescription": "A group of options that can be used to configure an instance for building and testing container images.", - "title": "InstanceConfiguration" - }, - "KmsKeyId": { - "markdownDescription": "Identifies which KMS key is used to encrypt the container image for distribution to the target Region.", - "title": "KmsKeyId", - "type": "string" - }, "Name": { - "markdownDescription": "The name of the container recipe.", + "markdownDescription": "A name for the segment.", "title": "Name", "type": "string" }, - "ParentImage": { - "markdownDescription": "The base image for customizations specified in the container recipe. This can contain an Image Builder image resource ARN or a container image URI, for example `amazonlinux:latest` .", - "title": "ParentImage", - "type": "string" - }, - "PlatformOverride": { - "markdownDescription": "Specifies the operating system platform when you use a custom base image.", - "title": "PlatformOverride", + "Pattern": { + "markdownDescription": "The pattern to use for the segment. For more information about pattern syntax, see [Segment rule pattern syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Evidently-segments.html#CloudWatch-Evidently-segments-syntax) .", + "title": "Pattern", "type": "string" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "Tags that are attached to the container recipe.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "Assigns one or more tags (key-value pairs) to the feature.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with a feature.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .", "title": "Tags", - "type": "object" - }, - "TargetRepository": { - "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe.TargetContainerRepository", - "markdownDescription": "The destination repository for the container image.", - "title": "TargetRepository" - }, - "Version": { - "markdownDescription": "The semantic version of the container recipe.\n\n> The semantic version has four nodes: ../. You can assign values for the first three, and can filter on all of them.\n> \n> *Assignment:* For the first three nodes you can assign any positive integer value, including zero, with an upper limit of 2^30-1, or 1073741823 for each node. Image Builder automatically assigns the build number to the fourth node.\n> \n> *Patterns:* You can use any numeric pattern that adheres to the assignment requirements for the nodes that you can assign. For example, you might choose a software version pattern, such as 1.0.0, or a date, such as 2021.01.01.\n> \n> *Filtering:* With semantic versioning, you have the flexibility to use wildcards (x) to specify the most recent versions or nodes when selecting the base image or components for your recipe. When you use a wildcard in any node, all nodes to the right of the first wildcard must also be wildcards.", - "title": "Version", - "type": "string" - }, - "WorkingDirectory": { - "markdownDescription": "The working directory for use during build and test workflows.", - "title": "WorkingDirectory", - "type": "string" + "type": "array" } }, "required": [ - "Components", - "ContainerType", - "Name", - "ParentImage", - "TargetRepository", - "Version" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::ImageBuilder::ContainerRecipe" + "AWS::Evidently::Segment" ], "type": "string" }, @@ -116899,156 +121468,7 @@ ], "type": "object" }, - "AWS::ImageBuilder::ContainerRecipe.ComponentConfiguration": { - "additionalProperties": false, - "properties": { - "ComponentArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the component.", - "title": "ComponentArn", - "type": "string" - }, - "Parameters": { - "items": { - "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe.ComponentParameter" - }, - "markdownDescription": "A group of parameter settings that Image Builder uses to configure the component for a specific recipe.", - "title": "Parameters", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::ContainerRecipe.ComponentParameter": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the component parameter to set.", - "title": "Name", - "type": "string" - }, - "Value": { - "items": { - "type": "string" - }, - "markdownDescription": "Sets the value for the named component parameter.", - "title": "Value", - "type": "array" - } - }, - "required": [ - "Name", - "Value" - ], - "type": "object" - }, - "AWS::ImageBuilder::ContainerRecipe.EbsInstanceBlockDeviceSpecification": { - "additionalProperties": false, - "properties": { - "DeleteOnTermination": { - "markdownDescription": "Use to configure delete on termination of the associated device.", - "title": "DeleteOnTermination", - "type": "boolean" - }, - "Encrypted": { - "markdownDescription": "Use to configure device encryption.", - "title": "Encrypted", - "type": "boolean" - }, - "Iops": { - "markdownDescription": "Use to configure device IOPS.", - "title": "Iops", - "type": "number" - }, - "KmsKeyId": { - "markdownDescription": "Use to configure the KMS key to use when encrypting the device.", - "title": "KmsKeyId", - "type": "string" - }, - "SnapshotId": { - "markdownDescription": "The snapshot that defines the device contents.", - "title": "SnapshotId", - "type": "string" - }, - "Throughput": { - "markdownDescription": "*For GP3 volumes only* \u2013 The throughput in MiB/s that the volume supports.", - "title": "Throughput", - "type": "number" - }, - "VolumeSize": { - "markdownDescription": "Use to override the device's volume size.", - "title": "VolumeSize", - "type": "number" - }, - "VolumeType": { - "markdownDescription": "Use to override the device's volume type.", - "title": "VolumeType", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::ContainerRecipe.InstanceBlockDeviceMapping": { - "additionalProperties": false, - "properties": { - "DeviceName": { - "markdownDescription": "The device to which these mappings apply.", - "title": "DeviceName", - "type": "string" - }, - "Ebs": { - "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe.EbsInstanceBlockDeviceSpecification", - "markdownDescription": "Use to manage Amazon EBS-specific configuration for this mapping.", - "title": "Ebs" - }, - "NoDevice": { - "markdownDescription": "Use to remove a mapping from the base image.", - "title": "NoDevice", - "type": "string" - }, - "VirtualName": { - "markdownDescription": "Use to manage instance ephemeral devices.", - "title": "VirtualName", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::ContainerRecipe.InstanceConfiguration": { - "additionalProperties": false, - "properties": { - "BlockDeviceMappings": { - "items": { - "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe.InstanceBlockDeviceMapping" - }, - "markdownDescription": "Defines the block devices to attach for building an instance from this Image Builder AMI.", - "title": "BlockDeviceMappings", - "type": "array" - }, - "Image": { - "markdownDescription": "The base image for a container build and test instance. This can contain an AMI ID or it can specify an AWS Systems Manager (SSM) Parameter Store Parameter, prefixed by `ssm:` , followed by the parameter name or ARN.\n\nIf not specified, Image Builder uses the appropriate ECS-optimized AMI as a base image.", - "title": "Image", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::ContainerRecipe.TargetContainerRepository": { - "additionalProperties": false, - "properties": { - "RepositoryName": { - "markdownDescription": "The name of the container repository where the output container image is stored. This name is prefixed by the repository location. For example, `/repository_name` .", - "title": "RepositoryName", - "type": "string" - }, - "Service": { - "markdownDescription": "Specifies the service in which this image was registered.", - "title": "Service", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::DistributionConfiguration": { + "AWS::FIS::ExperimentTemplate": { "additionalProperties": false, "properties": { "Condition": { @@ -117083,27 +121503,53 @@ "Properties": { "additionalProperties": false, "properties": { + "Actions": { + "additionalProperties": false, + "markdownDescription": "The actions for the experiment.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateAction" + } + }, + "title": "Actions", + "type": "object" + }, "Description": { - "markdownDescription": "The description of this distribution configuration.", + "markdownDescription": "The description for the experiment template.", "title": "Description", "type": "string" }, - "Distributions": { + "ExperimentOptions": { + "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateExperimentOptions", + "markdownDescription": "The experiment options for an experiment template.", + "title": "ExperimentOptions" + }, + "ExperimentReportConfiguration": { + "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateExperimentReportConfiguration", + "markdownDescription": "Describes the report configuration for the experiment template.", + "title": "ExperimentReportConfiguration" + }, + "LogConfiguration": { + "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateLogConfiguration", + "markdownDescription": "The configuration for experiment logging.", + "title": "LogConfiguration" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role.", + "title": "RoleArn", + "type": "string" + }, + "StopConditions": { "items": { - "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.Distribution" + "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateStopCondition" }, - "markdownDescription": "The distributions of this distribution configuration formatted as an array of Distribution objects.", - "title": "Distributions", + "markdownDescription": "The stop conditions for the experiment.", + "title": "StopConditions", "type": "array" }, - "Name": { - "markdownDescription": "The name of this distribution configuration.", - "title": "Name", - "type": "string" - }, "Tags": { "additionalProperties": true, - "markdownDescription": "The tags of this distribution configuration.", + "markdownDescription": "The tags for the experiment template.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" @@ -117111,17 +121557,30 @@ }, "title": "Tags", "type": "object" + }, + "Targets": { + "additionalProperties": false, + "markdownDescription": "The targets for the experiment.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateTarget" + } + }, + "title": "Targets", + "type": "object" } }, "required": [ - "Distributions", - "Name" + "Description", + "RoleArn", + "StopConditions", + "Targets" ], "type": "object" }, "Type": { "enum": [ - "AWS::ImageBuilder::DistributionConfiguration" + "AWS::FIS::ExperimentTemplate" ], "type": "string" }, @@ -117140,262 +121599,319 @@ ], "type": "object" }, - "AWS::ImageBuilder::DistributionConfiguration.AmiDistributionConfiguration": { + "AWS::FIS::ExperimentTemplate.CloudWatchDashboard": { "additionalProperties": false, "properties": { - "AmiTags": { - "additionalProperties": true, - "markdownDescription": "The tags to apply to AMIs distributed to this Region.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "AmiTags", - "type": "object" - }, - "Description": { - "markdownDescription": "The description of the AMI distribution configuration. Minimum and maximum length are in characters.", - "title": "Description", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "The KMS key identifier used to encrypt the distributed image.", - "title": "KmsKeyId", + "DashboardIdentifier": { + "markdownDescription": "The Amazon Resource Name (ARN) of the CloudWatch dashboard to include in the experiment report.", + "title": "DashboardIdentifier", "type": "string" - }, - "LaunchPermissionConfiguration": { - "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.LaunchPermissionConfiguration", - "markdownDescription": "Launch permissions can be used to configure which AWS account s can use the AMI to launch instances.", - "title": "LaunchPermissionConfiguration" - }, - "Name": { - "markdownDescription": "The name of the output AMI.", - "title": "Name", + } + }, + "required": [ + "DashboardIdentifier" + ], + "type": "object" + }, + "AWS::FIS::ExperimentTemplate.CloudWatchLogsConfiguration": { + "additionalProperties": false, + "properties": { + "LogGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the destination Amazon CloudWatch Logs log group.", + "title": "LogGroupArn", "type": "string" - }, - "TargetAccountIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The ID of an account to which you want to distribute an image.", - "title": "TargetAccountIds", - "type": "array" } }, + "required": [ + "LogGroupArn" + ], "type": "object" }, - "AWS::ImageBuilder::DistributionConfiguration.ContainerDistributionConfiguration": { + "AWS::FIS::ExperimentTemplate.DataSources": { "additionalProperties": false, "properties": { - "ContainerTags": { + "CloudWatchDashboards": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.CloudWatchDashboard" }, - "markdownDescription": "Tags that are attached to the container distribution configuration.", - "title": "ContainerTags", + "markdownDescription": "The CloudWatch dashboards to include as data sources in the experiment report.", + "title": "CloudWatchDashboards", "type": "array" - }, - "Description": { - "markdownDescription": "The description of the container distribution configuration.", - "title": "Description", + } + }, + "type": "object" + }, + "AWS::FIS::ExperimentTemplate.ExperimentReportS3Configuration": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "The name of the S3 bucket where the experiment report will be stored.", + "title": "BucketName", "type": "string" }, - "TargetRepository": { - "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.TargetContainerRepository", - "markdownDescription": "The destination repository for the container distribution configuration.", - "title": "TargetRepository" + "Prefix": { + "markdownDescription": "The prefix of the S3 bucket where the experiment report will be stored.", + "title": "Prefix", + "type": "string" } }, + "required": [ + "BucketName" + ], "type": "object" }, - "AWS::ImageBuilder::DistributionConfiguration.Distribution": { + "AWS::FIS::ExperimentTemplate.ExperimentTemplateAction": { "additionalProperties": false, "properties": { - "AmiDistributionConfiguration": { - "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.AmiDistributionConfiguration", - "markdownDescription": "The specific AMI settings, such as launch permissions and AMI tags. For details, see example schema below.", - "title": "AmiDistributionConfiguration" - }, - "ContainerDistributionConfiguration": { - "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.ContainerDistributionConfiguration", - "markdownDescription": "Container distribution settings for encryption, licensing, and sharing in a specific Region. For details, see example schema below.", - "title": "ContainerDistributionConfiguration" + "ActionId": { + "markdownDescription": "The ID of the action.", + "title": "ActionId", + "type": "string" }, - "FastLaunchConfigurations": { - "items": { - "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.FastLaunchConfiguration" - }, - "markdownDescription": "The Windows faster-launching configurations to use for AMI distribution.", - "title": "FastLaunchConfigurations", - "type": "array" + "Description": { + "markdownDescription": "A description for the action.", + "title": "Description", + "type": "string" }, - "LaunchTemplateConfigurations": { - "items": { - "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.LaunchTemplateConfiguration" + "Parameters": { + "additionalProperties": true, + "markdownDescription": "The parameters for the action.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "A group of launchTemplateConfiguration settings that apply to image distribution for specified accounts.", - "title": "LaunchTemplateConfigurations", - "type": "array" + "title": "Parameters", + "type": "object" }, - "LicenseConfigurationArns": { + "StartAfter": { "items": { "type": "string" }, - "markdownDescription": "The License Manager Configuration to associate with the AMI in the specified Region. For more information, see the [LicenseConfiguration API](https://docs.aws.amazon.com/license-manager/latest/APIReference/API_LicenseConfiguration.html) .", - "title": "LicenseConfigurationArns", + "markdownDescription": "The name of the action that must be completed before the current action starts.", + "title": "StartAfter", "type": "array" }, - "Region": { - "markdownDescription": "The target Region for the Distribution Configuration. For example, `eu-west-1` .", - "title": "Region", - "type": "string" + "Targets": { + "additionalProperties": true, + "markdownDescription": "The targets for the action.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Targets", + "type": "object" } }, "required": [ - "Region" + "ActionId" ], "type": "object" }, - "AWS::ImageBuilder::DistributionConfiguration.FastLaunchConfiguration": { + "AWS::FIS::ExperimentTemplate.ExperimentTemplateExperimentOptions": { "additionalProperties": false, "properties": { - "AccountId": { - "markdownDescription": "The owner account ID for the fast-launch enabled Windows AMI.", - "title": "AccountId", + "AccountTargeting": { + "markdownDescription": "The account targeting setting for an experiment template.", + "title": "AccountTargeting", "type": "string" }, - "Enabled": { - "markdownDescription": "A Boolean that represents the current state of faster launching for the Windows AMI. Set to `true` to start using Windows faster launching, or `false` to stop using it.", - "title": "Enabled", - "type": "boolean" - }, - "LaunchTemplate": { - "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.FastLaunchLaunchTemplateSpecification", - "markdownDescription": "The launch template that the fast-launch enabled Windows AMI uses when it launches Windows instances to create pre-provisioned snapshots.", - "title": "LaunchTemplate" - }, - "MaxParallelLaunches": { - "markdownDescription": "The maximum number of parallel instances that are launched for creating resources.", - "title": "MaxParallelLaunches", - "type": "number" - }, - "SnapshotConfiguration": { - "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.FastLaunchSnapshotConfiguration", - "markdownDescription": "Configuration settings for managing the number of snapshots that are created from pre-provisioned instances for the Windows AMI when faster launching is enabled.", - "title": "SnapshotConfiguration" + "EmptyTargetResolutionMode": { + "markdownDescription": "The empty target resolution mode for an experiment template.", + "title": "EmptyTargetResolutionMode", + "type": "string" } }, "type": "object" }, - "AWS::ImageBuilder::DistributionConfiguration.FastLaunchLaunchTemplateSpecification": { + "AWS::FIS::ExperimentTemplate.ExperimentTemplateExperimentReportConfiguration": { "additionalProperties": false, "properties": { - "LaunchTemplateId": { - "markdownDescription": "The ID of the launch template to use for faster launching for a Windows AMI.", - "title": "LaunchTemplateId", - "type": "string" + "DataSources": { + "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.DataSources", + "markdownDescription": "The data sources for the experiment report.", + "title": "DataSources" }, - "LaunchTemplateName": { - "markdownDescription": "The name of the launch template to use for faster launching for a Windows AMI.", - "title": "LaunchTemplateName", + "Outputs": { + "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.Outputs", + "markdownDescription": "The output destinations of the experiment report.", + "title": "Outputs" + }, + "PostExperimentDuration": { + "markdownDescription": "The duration after the experiment end time for the data sources to include in the report.", + "title": "PostExperimentDuration", "type": "string" }, - "LaunchTemplateVersion": { - "markdownDescription": "The version of the launch template to use for faster launching for a Windows AMI.", - "title": "LaunchTemplateVersion", + "PreExperimentDuration": { + "markdownDescription": "The duration before the experiment start time for the data sources to include in the report.", + "title": "PreExperimentDuration", "type": "string" } }, + "required": [ + "Outputs" + ], "type": "object" }, - "AWS::ImageBuilder::DistributionConfiguration.FastLaunchSnapshotConfiguration": { + "AWS::FIS::ExperimentTemplate.ExperimentTemplateLogConfiguration": { "additionalProperties": false, "properties": { - "TargetResourceCount": { - "markdownDescription": "The number of pre-provisioned snapshots to keep on hand for a fast-launch enabled Windows AMI.", - "title": "TargetResourceCount", + "CloudWatchLogsConfiguration": { + "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.CloudWatchLogsConfiguration", + "markdownDescription": "The configuration for experiment logging to CloudWatch Logs .", + "title": "CloudWatchLogsConfiguration" + }, + "LogSchemaVersion": { + "markdownDescription": "The schema version.", + "title": "LogSchemaVersion", "type": "number" + }, + "S3Configuration": { + "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.S3Configuration", + "markdownDescription": "The configuration for experiment logging to Amazon S3 .", + "title": "S3Configuration" } }, + "required": [ + "LogSchemaVersion" + ], "type": "object" }, - "AWS::ImageBuilder::DistributionConfiguration.LaunchPermissionConfiguration": { + "AWS::FIS::ExperimentTemplate.ExperimentTemplateStopCondition": { "additionalProperties": false, "properties": { - "OrganizationArns": { + "Source": { + "markdownDescription": "The source for the stop condition.", + "title": "Source", + "type": "string" + }, + "Value": { + "markdownDescription": "The Amazon Resource Name (ARN) of the CloudWatch alarm, if applicable.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Source" + ], + "type": "object" + }, + "AWS::FIS::ExperimentTemplate.ExperimentTemplateTarget": { + "additionalProperties": false, + "properties": { + "Filters": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateTargetFilter" }, - "markdownDescription": "The ARN for an AWS Organization that you want to share your AMI with. For more information, see [What is AWS Organizations ?](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_introduction.html) .", - "title": "OrganizationArns", + "markdownDescription": "The filters to apply to identify target resources using specific attributes.", + "title": "Filters", "type": "array" }, - "OrganizationalUnitArns": { - "items": { - "type": "string" + "Parameters": { + "additionalProperties": true, + "markdownDescription": "The parameters for the resource type.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "The ARN for an AWS Organizations organizational unit (OU) that you want to share your AMI with. For more information about key concepts for AWS Organizations , see [AWS Organizations terminology and concepts](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html) .", - "title": "OrganizationalUnitArns", - "type": "array" + "title": "Parameters", + "type": "object" }, - "UserGroups": { + "ResourceArns": { "items": { "type": "string" }, - "markdownDescription": "The name of the group.", - "title": "UserGroups", + "markdownDescription": "The Amazon Resource Names (ARNs) of the targets.", + "title": "ResourceArns", "type": "array" }, - "UserIds": { + "ResourceTags": { + "additionalProperties": true, + "markdownDescription": "The tags for the target resources.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "ResourceTags", + "type": "object" + }, + "ResourceType": { + "markdownDescription": "The resource type.", + "title": "ResourceType", + "type": "string" + }, + "SelectionMode": { + "markdownDescription": "Scopes the identified resources to a specific count or percentage.", + "title": "SelectionMode", + "type": "string" + } + }, + "required": [ + "ResourceType", + "SelectionMode" + ], + "type": "object" + }, + "AWS::FIS::ExperimentTemplate.ExperimentTemplateTargetFilter": { + "additionalProperties": false, + "properties": { + "Path": { + "markdownDescription": "The attribute path for the filter.", + "title": "Path", + "type": "string" + }, + "Values": { "items": { "type": "string" }, - "markdownDescription": "The AWS account ID.", - "title": "UserIds", + "markdownDescription": "The attribute values for the filter.", + "title": "Values", "type": "array" } }, + "required": [ + "Path", + "Values" + ], "type": "object" }, - "AWS::ImageBuilder::DistributionConfiguration.LaunchTemplateConfiguration": { + "AWS::FIS::ExperimentTemplate.Outputs": { "additionalProperties": false, "properties": { - "AccountId": { - "markdownDescription": "The account ID that this configuration applies to.", - "title": "AccountId", - "type": "string" - }, - "LaunchTemplateId": { - "markdownDescription": "Identifies the Amazon EC2 launch template to use.", - "title": "LaunchTemplateId", - "type": "string" - }, - "SetDefaultVersion": { - "markdownDescription": "Set the specified Amazon EC2 launch template as the default launch template for the specified account.", - "title": "SetDefaultVersion", - "type": "boolean" + "ExperimentReportS3Configuration": { + "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentReportS3Configuration", + "markdownDescription": "The S3 destination for the experiment report.", + "title": "ExperimentReportS3Configuration" } }, + "required": [ + "ExperimentReportS3Configuration" + ], "type": "object" }, - "AWS::ImageBuilder::DistributionConfiguration.TargetContainerRepository": { + "AWS::FIS::ExperimentTemplate.S3Configuration": { "additionalProperties": false, "properties": { - "RepositoryName": { - "markdownDescription": "The name of the container repository where the output container image is stored. This name is prefixed by the repository location. For example, `/repository_name` .", - "title": "RepositoryName", + "BucketName": { + "markdownDescription": "The name of the destination bucket.", + "title": "BucketName", "type": "string" }, - "Service": { - "markdownDescription": "Specifies the service in which this image was registered.", - "title": "Service", + "Prefix": { + "markdownDescription": "The bucket prefix.", + "title": "Prefix", "type": "string" } }, + "required": [ + "BucketName" + ], "type": "object" }, - "AWS::ImageBuilder::Image": { + "AWS::FIS::TargetAccountConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -117430,74 +121946,37 @@ "Properties": { "additionalProperties": false, "properties": { - "ContainerRecipeArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the container recipe that defines how images are configured and tested.", - "title": "ContainerRecipeArn", - "type": "string" - }, - "DistributionConfigurationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the distribution configuration that defines and configures the outputs of your pipeline.", - "title": "DistributionConfigurationArn", + "AccountId": { + "markdownDescription": "The AWS account ID of the target account.", + "title": "AccountId", "type": "string" }, - "EnhancedImageMetadataEnabled": { - "markdownDescription": "Collects additional information about the image being created, including the operating system (OS) version and package list. This information is used to enhance the overall experience of using EC2 Image Builder. Enabled by default.", - "title": "EnhancedImageMetadataEnabled", - "type": "boolean" - }, - "ExecutionRole": { - "markdownDescription": "The name or Amazon Resource Name (ARN) for the IAM role you create that grants Image Builder access to perform workflow actions.", - "title": "ExecutionRole", + "Description": { + "markdownDescription": "The description of the target account.", + "title": "Description", "type": "string" }, - "ImageRecipeArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the image recipe that defines how images are configured, tested, and assessed.", - "title": "ImageRecipeArn", + "ExperimentTemplateId": { + "markdownDescription": "The ID of the experiment template.", + "title": "ExperimentTemplateId", "type": "string" }, - "ImageScanningConfiguration": { - "$ref": "#/definitions/AWS::ImageBuilder::Image.ImageScanningConfiguration", - "markdownDescription": "Contains settings for vulnerability scans.", - "title": "ImageScanningConfiguration" - }, - "ImageTestsConfiguration": { - "$ref": "#/definitions/AWS::ImageBuilder::Image.ImageTestsConfiguration", - "markdownDescription": "The image tests configuration of the image.", - "title": "ImageTestsConfiguration" - }, - "InfrastructureConfigurationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the infrastructure configuration that defines the environment in which your image will be built and tested.", - "title": "InfrastructureConfigurationArn", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role for the target account.", + "title": "RoleArn", "type": "string" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "The tags of the image.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - }, - "Workflows": { - "items": { - "$ref": "#/definitions/AWS::ImageBuilder::Image.WorkflowConfiguration" - }, - "markdownDescription": "Contains an array of workflow configuration objects.", - "title": "Workflows", - "type": "array" } }, "required": [ - "InfrastructureConfigurationArn" + "AccountId", + "ExperimentTemplateId", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::ImageBuilder::Image" + "AWS::FIS::TargetAccountConfiguration" ], "type": "string" }, @@ -117516,106 +121995,80 @@ ], "type": "object" }, - "AWS::ImageBuilder::Image.EcrConfiguration": { + "AWS::FMS::NotificationChannel": { "additionalProperties": false, "properties": { - "ContainerTags": { - "items": { - "type": "string" - }, - "markdownDescription": "Tags for Image Builder to apply to the output container image that Amazon Inspector scans. Tags can help you identify and manage your scanned images.", - "title": "ContainerTags", - "type": "array" - }, - "RepositoryName": { - "markdownDescription": "The name of the container repository that Amazon Inspector scans to identify findings for your container images. The name includes the path for the repository location. If you don\u2019t provide this information, Image Builder creates a repository in your account named `image-builder-image-scanning-repository` for vulnerability scans of your output container images.", - "title": "RepositoryName", + "Condition": { "type": "string" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::Image.ImageScanningConfiguration": { - "additionalProperties": false, - "properties": { - "EcrConfiguration": { - "$ref": "#/definitions/AWS::ImageBuilder::Image.EcrConfiguration", - "markdownDescription": "Contains Amazon ECR settings for vulnerability scans.", - "title": "EcrConfiguration" }, - "ImageScanningEnabled": { - "markdownDescription": "A setting that indicates whether Image Builder keeps a snapshot of the vulnerability scans that Amazon Inspector runs against the build instance when you create a new image.", - "title": "ImageScanningEnabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::Image.ImageTestsConfiguration": { - "additionalProperties": false, - "properties": { - "ImageTestsEnabled": { - "markdownDescription": "Determines if tests should run after building the image. Image Builder defaults to enable tests to run following the image build, before image distribution.", - "title": "ImageTestsEnabled", - "type": "boolean" - }, - "TimeoutMinutes": { - "markdownDescription": "The maximum time in minutes that tests are permitted to run.\n\n> The timeout property is not currently active. This value is ignored.", - "title": "TimeoutMinutes", - "type": "number" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::Image.WorkflowConfiguration": { - "additionalProperties": false, - "properties": { - "OnFailure": { - "markdownDescription": "The action to take if the workflow fails.", - "title": "OnFailure", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ParallelGroup": { - "markdownDescription": "Test workflows are defined within named runtime groups called parallel groups. The parallel group is the named group that contains this test workflow. Test workflows within a parallel group can run at the same time. Image Builder starts up to five test workflows in the group at the same time, and starts additional workflows as others complete, until all workflows in the group have completed. This field only applies for test workflows.", - "title": "ParallelGroup", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Parameters": { - "items": { - "$ref": "#/definitions/AWS::ImageBuilder::Image.WorkflowParameter" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "SnsRoleName": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that allows Amazon SNS to record AWS Firewall Manager activity.", + "title": "SnsRoleName", + "type": "string" + }, + "SnsTopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the SNS topic that collects notifications from AWS Firewall Manager .", + "title": "SnsTopicArn", + "type": "string" + } }, - "markdownDescription": "Contains parameter values for each of the parameters that the workflow document defined for the workflow resource.", - "title": "Parameters", - "type": "array" + "required": [ + "SnsRoleName", + "SnsTopicArn" + ], + "type": "object" }, - "WorkflowArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the workflow resource.", - "title": "WorkflowArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::Image.WorkflowParameter": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the workflow parameter to set.", - "title": "Name", + "Type": { + "enum": [ + "AWS::FMS::NotificationChannel" + ], "type": "string" }, - "Value": { - "items": { - "type": "string" - }, - "markdownDescription": "Sets the value for the named workflow parameter.", - "title": "Value", - "type": "array" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::ImageBuilder::ImagePipeline": { + "AWS::FMS::Policy": { "additionalProperties": false, "properties": { "Condition": { @@ -117650,95 +122103,105 @@ "Properties": { "additionalProperties": false, "properties": { - "ContainerRecipeArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the container recipe that is used for this pipeline.", - "title": "ContainerRecipeArn", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of this image pipeline.", - "title": "Description", - "type": "string" + "DeleteAllPolicyResources": { + "markdownDescription": "Used when deleting a policy. If `true` , Firewall Manager performs cleanup according to the policy type.\n\nFor AWS WAF and Shield Advanced policies, Firewall Manager does the following:\n\n- Deletes rule groups created by Firewall Manager\n- Removes web ACLs from in-scope resources\n- Deletes web ACLs that contain no rules or rule groups\n\nFor security group policies, Firewall Manager does the following for each security group in the policy:\n\n- Disassociates the security group from in-scope resources\n- Deletes the security group if it was created through Firewall Manager and if it's no longer associated with any resources through another policy\n\nAfter the cleanup, in-scope resources are no longer protected by web ACLs in this policy. Protection of out-of-scope resources remains unchanged. Scope is determined by tags that you create and accounts that you associate with the policy. When creating the policy, if you specify that only resources in specific accounts or with specific tags are in scope of the policy, those accounts and resources are handled by the policy. All others are out of scope. If you don't specify tags or accounts, all resources are in scope.", + "title": "DeleteAllPolicyResources", + "type": "boolean" }, - "DistributionConfigurationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the distribution configuration associated with this image pipeline.", - "title": "DistributionConfigurationArn", - "type": "string" + "ExcludeMap": { + "$ref": "#/definitions/AWS::FMS::Policy.IEMap", + "markdownDescription": "Specifies the AWS account IDs and AWS Organizations organizational units (OUs) to exclude from the policy. Specifying an OU is the equivalent of specifying all accounts in the OU and in any of its child OUs, including any child OUs and accounts that are added at a later time.\n\nYou can specify inclusions or exclusions, but not both. If you specify an `IncludeMap` , AWS Firewall Manager applies the policy to all accounts specified by the `IncludeMap` , and does not evaluate any `ExcludeMap` specifications. If you do not specify an `IncludeMap` , then Firewall Manager applies the policy to all accounts except for those specified by the `ExcludeMap` .\n\nYou can specify account IDs, OUs, or a combination:\n\n- Specify account IDs by setting the key to `ACCOUNT` . For example, the following is a valid map: `{\u201cACCOUNT\u201d : [\u201caccountID1\u201d, \u201caccountID2\u201d]}` .\n- Specify OUs by setting the key to `ORGUNIT` . For example, the following is a valid map: `{\u201cORGUNIT\u201d : [\u201couid111\u201d, \u201couid112\u201d]}` .\n- Specify accounts and OUs together in a single map, separated with a comma. For example, the following is a valid map: `{\u201cACCOUNT\u201d : [\u201caccountID1\u201d, \u201caccountID2\u201d], \u201cORGUNIT\u201d : [\u201couid111\u201d, \u201couid112\u201d]}` .", + "title": "ExcludeMap" }, - "EnhancedImageMetadataEnabled": { - "markdownDescription": "Collects additional information about the image being created, including the operating system (OS) version and package list. This information is used to enhance the overall experience of using EC2 Image Builder. Enabled by default.", - "title": "EnhancedImageMetadataEnabled", + "ExcludeResourceTags": { + "markdownDescription": "Used only when tags are specified in the `ResourceTags` property. If this property is `True` , resources with the specified tags are not in scope of the policy. If it's `False` , only resources with the specified tags are in scope of the policy.", + "title": "ExcludeResourceTags", "type": "boolean" }, - "ExecutionRole": { - "markdownDescription": "The name or Amazon Resource Name (ARN) for the IAM role you create that grants Image Builder access to perform workflow actions.", - "title": "ExecutionRole", - "type": "string" + "IncludeMap": { + "$ref": "#/definitions/AWS::FMS::Policy.IEMap", + "markdownDescription": "Specifies the AWS account IDs and AWS Organizations organizational units (OUs) to include in the policy. Specifying an OU is the equivalent of specifying all accounts in the OU and in any of its child OUs, including any child OUs and accounts that are added at a later time.\n\nYou can specify inclusions or exclusions, but not both. If you specify an `IncludeMap` , AWS Firewall Manager applies the policy to all accounts specified by the `IncludeMap` , and does not evaluate any `ExcludeMap` specifications. If you do not specify an `IncludeMap` , then Firewall Manager applies the policy to all accounts except for those specified by the `ExcludeMap` .\n\nYou can specify account IDs, OUs, or a combination:\n\n- Specify account IDs by setting the key to `ACCOUNT` . For example, the following is a valid map: `{\u201cACCOUNT\u201d : [\u201caccountID1\u201d, \u201caccountID2\u201d]}` .\n- Specify OUs by setting the key to `ORGUNIT` . For example, the following is a valid map: `{\u201cORGUNIT\u201d : [\u201couid111\u201d, \u201couid112\u201d]}` .\n- Specify accounts and OUs together in a single map, separated with a comma. For example, the following is a valid map: `{\u201cACCOUNT\u201d : [\u201caccountID1\u201d, \u201caccountID2\u201d], \u201cORGUNIT\u201d : [\u201couid111\u201d, \u201couid112\u201d]}` .", + "title": "IncludeMap" }, - "ImageRecipeArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the image recipe associated with this image pipeline.", - "title": "ImageRecipeArn", + "PolicyDescription": { + "markdownDescription": "Your description of the AWS Firewall Manager policy.", + "title": "PolicyDescription", "type": "string" }, - "ImageScanningConfiguration": { - "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline.ImageScanningConfiguration", - "markdownDescription": "Contains settings for vulnerability scans.", - "title": "ImageScanningConfiguration" + "PolicyName": { + "markdownDescription": "The name of the AWS Firewall Manager policy.", + "title": "PolicyName", + "type": "string" }, - "ImageTestsConfiguration": { - "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline.ImageTestsConfiguration", - "markdownDescription": "The configuration of the image tests that run after image creation to ensure the quality of the image that was created.", - "title": "ImageTestsConfiguration" + "RemediationEnabled": { + "markdownDescription": "Indicates if the policy should be automatically applied to new resources.", + "title": "RemediationEnabled", + "type": "boolean" }, - "InfrastructureConfigurationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the infrastructure configuration associated with this image pipeline.", - "title": "InfrastructureConfigurationArn", - "type": "string" + "ResourceSetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The unique identifiers of the resource sets used by the policy.", + "title": "ResourceSetIds", + "type": "array" }, - "Name": { - "markdownDescription": "The name of the image pipeline.", - "title": "Name", + "ResourceTagLogicalOperator": { + "markdownDescription": "Specifies whether to combine multiple resource tags with AND, so that a resource must have all tags to be included or excluded, or OR, so that a resource must have at least one tag.\n\nDefault: `AND`", + "title": "ResourceTagLogicalOperator", "type": "string" }, - "Schedule": { - "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline.Schedule", - "markdownDescription": "The schedule of the image pipeline. A schedule configures how often and when a pipeline automatically creates a new image.", - "title": "Schedule" + "ResourceTags": { + "items": { + "$ref": "#/definitions/AWS::FMS::Policy.ResourceTag" + }, + "markdownDescription": "An array of `ResourceTag` objects, used to explicitly include resources in the policy scope or explicitly exclude them. If this isn't set, then tags aren't used to modify policy scope. See also `ExcludeResourceTags` .", + "title": "ResourceTags", + "type": "array" }, - "Status": { - "markdownDescription": "The status of the image pipeline.", - "title": "Status", + "ResourceType": { + "markdownDescription": "The type of resource protected by or in scope of the policy. This is in the format shown in the [AWS Resource Types Reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html) . To apply this policy to multiple resource types, specify a resource type of `ResourceTypeList` and then specify the resource types in a `ResourceTypeList` .\n\nThe following are valid resource types for each Firewall Manager policy type:\n\n- AWS WAF Classic - `AWS::ApiGateway::Stage` , `AWS::CloudFront::Distribution` , and `AWS::ElasticLoadBalancingV2::LoadBalancer` .\n- AWS WAF - `AWS::ApiGateway::Stage` , `AWS::ElasticLoadBalancingV2::LoadBalancer` , and `AWS::CloudFront::Distribution` .\n- Shield Advanced - `AWS::ElasticLoadBalancingV2::LoadBalancer` , `AWS::ElasticLoadBalancing::LoadBalancer` , `AWS::EC2::EIP` , and `AWS::CloudFront::Distribution` .\n- Network ACL - `AWS::EC2::Subnet` .\n- Security group usage audit - `AWS::EC2::SecurityGroup` .\n- Security group content audit - `AWS::EC2::SecurityGroup` , `AWS::EC2::NetworkInterface` , and `AWS::EC2::Instance` .\n- DNS Firewall, AWS Network Firewall , and third-party firewall - `AWS::EC2::VPC` .", + "title": "ResourceType", "type": "string" }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "The tags of this image pipeline.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "ResourceTypeList": { + "items": { + "type": "string" }, - "title": "Tags", - "type": "object" + "markdownDescription": "An array of `ResourceType` objects. Use this only to specify multiple resource types. To specify a single resource type, use `ResourceType` .", + "title": "ResourceTypeList", + "type": "array" }, - "Workflows": { + "ResourcesCleanUp": { + "markdownDescription": "Indicates whether AWS Firewall Manager should automatically remove protections from resources that leave the policy scope and clean up resources that Firewall Manager is managing for accounts when those accounts leave policy scope. For example, Firewall Manager will disassociate a Firewall Manager managed web ACL from a protected customer resource when the customer resource leaves policy scope.\n\nBy default, Firewall Manager doesn't remove protections or delete Firewall Manager managed resources.\n\nThis option is not available for Shield Advanced or AWS WAF Classic policies.", + "title": "ResourcesCleanUp", + "type": "boolean" + }, + "SecurityServicePolicyData": { + "$ref": "#/definitions/AWS::FMS::Policy.SecurityServicePolicyData", + "markdownDescription": "Details about the security service that is being used to protect the resources.\n\nThis contains the following settings:\n\n- Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting .\n\nValid values: `DNS_FIREWALL` | `NETWORK_FIREWALL` | `SECURITY_GROUPS_COMMON` | `SECURITY_GROUPS_CONTENT_AUDIT` | `SECURITY_GROUPS_USAGE_AUDIT` | `SHIELD_ADVANCED` | `THIRD_PARTY_FIREWALL` | `WAFV2` | `WAF`\n- ManagedServiceData - Details about the service that are specific to the service type, in JSON format.\n\n- Example: `DNS_FIREWALL`\n\n`\"{\\\"type\\\":\\\"DNS_FIREWALL\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-1\\\",\\\"priority\\\":10}],\\\"postProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-2\\\",\\\"priority\\\":9911}]}\"`\n\n> Valid values for `preProcessRuleGroups` are between 1 and 99. Valid values for `postProcessRuleGroups` are between 9901 and 10000.\n- Example: `NETWORK_FIREWALL` - Centralized deployment model\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"awsNetworkFirewallConfig\\\":{\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}},\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"OFF\\\"},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nWith automatic Availbility Zone configuration, Firewall Manager chooses which Availability Zones to create the endpoints in. To use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"]},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\": \\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\", \\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{ \\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[ \\\"10.0.0.0/28\\\"]}]} },\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"OFF\\\",\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nWith custom Availability Zone configuration, you define which specific Availability Zones to create endpoints in by configuring `firewallCreationConfig` . To configure the Availability Zones in `firewallCreationConfig` , specify either the `availabilityZoneName` or `availabilityZoneId` parameter, not both parameters.\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"],\\\"routeManagementConfig\\\":{\\\"allowCrossAZTrafficIfNoEndpoint\\\":true}},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall centralized deployment model\n\n`\"{ \\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\", \\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\", \\\"thirdPartyFirewallConfig\\\":{ \\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `CENTRALIZED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall distributed deployment model\n\n`\"{\\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\",\\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\",\\\"thirdPartyFirewallConfig\\\":{\\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{ \\\"distributedFirewallDeploymentModel\\\":{ \\\"distributedFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{ \\\"availabilityZoneConfigList\\\":[ {\\\"availabilityZoneName\\\":\\\"${AvailabilityZone}\\\" } ] } }, \\\"allowedIPV4CidrList\\\":[ ] } } } }\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `DISTRIBUTED` .\n- Specification for `SHIELD_ADVANCED` for Amazon CloudFront distributions\n\n`\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED|IGNORED|DISABLED\\\", \\\"automaticResponseAction\\\":\\\"BLOCK|COUNT\\\"}, \\\"overrideCustomerWebaclClassic\\\":true|false}\"`\n\nFor example: `\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED\\\", \\\"automaticResponseAction\\\":\\\"COUNT\\\"}}\"`\n\nThe default value for `automaticResponseStatus` is `IGNORED` . The value for `automaticResponseAction` is only required when `automaticResponseStatus` is set to `ENABLED` . The default value for `overrideCustomerWebaclClassic` is `false` .\n\nFor other resource types that you can protect with a Shield Advanced policy, this `ManagedServiceData` configuration is an empty string.\n- Example: `WAFV2`\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"version\\\":null,\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesAmazonIpReputationList\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nIn the `loggingConfiguration` , you can specify one `logDestinationConfigs` , you can optionally provide up to 20 `redactedFields` , and the `RedactedFieldType` must be one of `URI` , `QUERY_STRING` , `HEADER` , or `METHOD` .\n- Example: `AWS WAF Classic`\n\n`\"{\\\"type\\\": \\\"WAF\\\", \\\"ruleGroups\\\": [{\\\"id\\\":\\\"12345678-1bcd-9012-efga-0987654321ab\\\", \\\"overrideAction\\\" : {\\\"type\\\": \\\"COUNT\\\"}}], \\\"defaultAction\\\": {\\\"type\\\": \\\"BLOCK\\\"}}\"`\n- Example: `WAFV2` - AWS Firewall Manager support for AWS WAF managed rule group versioning\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"versionEnabled\\\":true,\\\"version\\\":\\\"Version_2.0\\\",\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesCommonRuleSet\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nTo use a specific version of a AWS WAF managed rule group in your Firewall Manager policy, you must set `versionEnabled` to `true` , and set `version` to the version you'd like to use. If you don't set `versionEnabled` to `true` , or if you omit `versionEnabled` , then Firewall Manager uses the default version of the AWS WAF managed rule group.\n- Example: `SECURITY_GROUPS_COMMON`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: Shared VPCs. Apply the preceding policy to resources in shared VPCs as well as to those in VPCs that the account owns\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"includeSharedVPC\\\":true,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: `SECURITY_GROUPS_CONTENT_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_CONTENT_AUDIT\\\",\\\"securityGroups\\\":[{\\\"id\\\":\\\"sg-000e55995d61a06bd\\\"}],\\\"securityGroupAction\\\":{\\\"type\\\":\\\"ALLOW\\\"}}\"`\n\nThe security group action for content audit can be `ALLOW` or `DENY` . For `ALLOW` , all in-scope security group rules must be within the allowed range of the policy's security group rules. For `DENY` , all in-scope security group rules must not contain a value or a range that matches a rule value or range in the policy security group.\n- Example: `SECURITY_GROUPS_USAGE_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_USAGE_AUDIT\\\",\\\"deleteUnusedSecurityGroups\\\":true,\\\"coalesceRedundantSecurityGroups\\\":true}\"`", + "title": "SecurityServicePolicyData" + }, + "Tags": { "items": { - "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline.WorkflowConfiguration" + "$ref": "#/definitions/AWS::FMS::Policy.PolicyTag" }, - "markdownDescription": "Contains the workflows that run for the image pipeline.", - "title": "Workflows", + "markdownDescription": "A collection of key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.", + "title": "Tags", "type": "array" } }, "required": [ - "InfrastructureConfigurationArn", - "Name" + "ExcludeResourceTags", + "PolicyName", + "RemediationEnabled", + "SecurityServicePolicyData" ], "type": "object" }, "Type": { "enum": [ - "AWS::ImageBuilder::ImagePipeline" + "AWS::FMS::Policy" ], "type": "string" }, @@ -117757,122 +122220,277 @@ ], "type": "object" }, - "AWS::ImageBuilder::ImagePipeline.EcrConfiguration": { + "AWS::FMS::Policy.IEMap": { "additionalProperties": false, "properties": { - "ContainerTags": { + "ACCOUNT": { "items": { "type": "string" }, - "markdownDescription": "Tags for Image Builder to apply to the output container image that Amazon Inspector scans. Tags can help you identify and manage your scanned images.", - "title": "ContainerTags", + "markdownDescription": "The account list for the map.", + "title": "ACCOUNT", "type": "array" }, - "RepositoryName": { - "markdownDescription": "The name of the container repository that Amazon Inspector scans to identify findings for your container images. The name includes the path for the repository location. If you don\u2019t provide this information, Image Builder creates a repository in your account named `image-builder-image-scanning-repository` for vulnerability scans of your output container images.", - "title": "RepositoryName", - "type": "string" + "ORGUNIT": { + "items": { + "type": "string" + }, + "markdownDescription": "The organizational unit list for the map.", + "title": "ORGUNIT", + "type": "array" } }, "type": "object" }, - "AWS::ImageBuilder::ImagePipeline.ImageScanningConfiguration": { + "AWS::FMS::Policy.IcmpTypeCode": { "additionalProperties": false, "properties": { - "EcrConfiguration": { - "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline.EcrConfiguration", - "markdownDescription": "Contains Amazon ECR settings for vulnerability scans.", - "title": "EcrConfiguration" + "Code": { + "markdownDescription": "ICMP code.", + "title": "Code", + "type": "number" }, - "ImageScanningEnabled": { - "markdownDescription": "A setting that indicates whether Image Builder keeps a snapshot of the vulnerability scans that Amazon Inspector runs against the build instance when you create a new image.", - "title": "ImageScanningEnabled", - "type": "boolean" + "Type": { + "markdownDescription": "ICMP type.", + "title": "Type", + "type": "number" } }, + "required": [ + "Code", + "Type" + ], "type": "object" }, - "AWS::ImageBuilder::ImagePipeline.ImageTestsConfiguration": { + "AWS::FMS::Policy.NetworkAclCommonPolicy": { "additionalProperties": false, "properties": { - "ImageTestsEnabled": { - "markdownDescription": "Defines if tests should be executed when building this image. For example, `true` or `false` .", - "title": "ImageTestsEnabled", - "type": "boolean" - }, - "TimeoutMinutes": { - "markdownDescription": "The maximum time in minutes that tests are permitted to run.\n\n> The timeout property is not currently active. This value is ignored.", - "title": "TimeoutMinutes", - "type": "number" + "NetworkAclEntrySet": { + "$ref": "#/definitions/AWS::FMS::Policy.NetworkAclEntrySet", + "markdownDescription": "The definition of the first and last rules for the network ACL policy.", + "title": "NetworkAclEntrySet" } }, + "required": [ + "NetworkAclEntrySet" + ], "type": "object" }, - "AWS::ImageBuilder::ImagePipeline.Schedule": { + "AWS::FMS::Policy.NetworkAclEntry": { "additionalProperties": false, "properties": { - "PipelineExecutionStartCondition": { - "markdownDescription": "The condition configures when the pipeline should trigger a new image build. When the `pipelineExecutionStartCondition` is set to `EXPRESSION_MATCH_AND_DEPENDENCY_UPDATES_AVAILABLE` , and you use semantic version filters on the base image or components in your image recipe, Image Builder will build a new image only when there are new versions of the image or components in your recipe that match the semantic version filter. When it is set to `EXPRESSION_MATCH_ONLY` , it will build a new image every time the CRON expression matches the current time. For semantic version syntax, see [CreateComponent](https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_CreateComponent.html) in the *Image Builder API Reference* .", - "title": "PipelineExecutionStartCondition", + "CidrBlock": { + "markdownDescription": "The IPv4 network range to allow or deny, in CIDR notation.", + "title": "CidrBlock", "type": "string" }, - "ScheduleExpression": { - "markdownDescription": "The cron expression determines how often EC2 Image Builder evaluates your `pipelineExecutionStartCondition` .\n\nFor information on how to format a cron expression in Image Builder, see [Use cron expressions in EC2 Image Builder](https://docs.aws.amazon.com/imagebuilder/latest/userguide/image-builder-cron.html) .", - "title": "ScheduleExpression", + "Egress": { + "markdownDescription": "Indicates whether the rule is an egress, or outbound, rule (applied to traffic leaving the subnet). If it's not an egress rule, then it's an ingress, or inbound, rule.", + "title": "Egress", + "type": "boolean" + }, + "IcmpTypeCode": { + "$ref": "#/definitions/AWS::FMS::Policy.IcmpTypeCode", + "markdownDescription": "ICMP protocol: The ICMP type and code.", + "title": "IcmpTypeCode" + }, + "Ipv6CidrBlock": { + "markdownDescription": "The IPv6 network range to allow or deny, in CIDR notation.", + "title": "Ipv6CidrBlock", + "type": "string" + }, + "PortRange": { + "$ref": "#/definitions/AWS::FMS::Policy.PortRange", + "markdownDescription": "TCP or UDP protocols: The range of ports the rule applies to.", + "title": "PortRange" + }, + "Protocol": { + "markdownDescription": "The protocol number. A value of \"-1\" means all protocols.", + "title": "Protocol", + "type": "string" + }, + "RuleAction": { + "markdownDescription": "Indicates whether to allow or deny the traffic that matches the rule.", + "title": "RuleAction", "type": "string" } }, + "required": [ + "Egress", + "Protocol", + "RuleAction" + ], "type": "object" }, - "AWS::ImageBuilder::ImagePipeline.WorkflowConfiguration": { + "AWS::FMS::Policy.NetworkAclEntrySet": { "additionalProperties": false, "properties": { - "OnFailure": { - "markdownDescription": "The action to take if the workflow fails.", - "title": "OnFailure", - "type": "string" + "FirstEntries": { + "items": { + "$ref": "#/definitions/AWS::FMS::Policy.NetworkAclEntry" + }, + "markdownDescription": "The rules that you want to run first in the Firewall Manager managed network ACLs.\n\n> Provide these in the order in which you want them to run. Firewall Manager will assign the specific rule numbers for you, in the network ACLs that it creates. \n\nYou must specify at least one first entry or one last entry in any network ACL policy.", + "title": "FirstEntries", + "type": "array" }, - "ParallelGroup": { - "markdownDescription": "Test workflows are defined within named runtime groups called parallel groups. The parallel group is the named group that contains this test workflow. Test workflows within a parallel group can run at the same time. Image Builder starts up to five test workflows in the group at the same time, and starts additional workflows as others complete, until all workflows in the group have completed. This field only applies for test workflows.", - "title": "ParallelGroup", - "type": "string" + "ForceRemediateForFirstEntries": { + "markdownDescription": "Applies only when remediation is enabled for the policy as a whole. Firewall Manager uses this setting when it finds policy violations that involve conflicts between the custom entries and the policy entries.\n\nIf forced remediation is disabled, Firewall Manager marks the network ACL as noncompliant and does not try to remediate. For more information about the remediation behavior, see [Remediation for managed network ACLs](https://docs.aws.amazon.com/waf/latest/developerguide/network-acl-policies.html#network-acls-remediation) in the *AWS Firewall Manager Developer Guide* .", + "title": "ForceRemediateForFirstEntries", + "type": "boolean" }, - "Parameters": { + "ForceRemediateForLastEntries": { + "markdownDescription": "Applies only when remediation is enabled for the policy as a whole. Firewall Manager uses this setting when it finds policy violations that involve conflicts between the custom entries and the policy entries.\n\nIf forced remediation is disabled, Firewall Manager marks the network ACL as noncompliant and does not try to remediate. For more information about the remediation behavior, see [Remediation for managed network ACLs](https://docs.aws.amazon.com/waf/latest/developerguide/network-acl-policies.html#network-acls-remediation) in the *AWS Firewall Manager Developer Guide* .", + "title": "ForceRemediateForLastEntries", + "type": "boolean" + }, + "LastEntries": { "items": { - "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline.WorkflowParameter" + "$ref": "#/definitions/AWS::FMS::Policy.NetworkAclEntry" }, - "markdownDescription": "Contains parameter values for each of the parameters that the workflow document defined for the workflow resource.", - "title": "Parameters", + "markdownDescription": "The rules that you want to run last in the Firewall Manager managed network ACLs.\n\n> Provide these in the order in which you want them to run. Firewall Manager will assign the specific rule numbers for you, in the network ACLs that it creates. \n\nYou must specify at least one first entry or one last entry in any network ACL policy.", + "title": "LastEntries", "type": "array" + } + }, + "required": [ + "ForceRemediateForFirstEntries", + "ForceRemediateForLastEntries" + ], + "type": "object" + }, + "AWS::FMS::Policy.NetworkFirewallPolicy": { + "additionalProperties": false, + "properties": { + "FirewallDeploymentModel": { + "markdownDescription": "Defines the deployment model to use for the firewall policy. To use a distributed model, set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `DISTRIBUTED` .", + "title": "FirewallDeploymentModel", + "type": "string" + } + }, + "required": [ + "FirewallDeploymentModel" + ], + "type": "object" + }, + "AWS::FMS::Policy.PolicyOption": { + "additionalProperties": false, + "properties": { + "NetworkAclCommonPolicy": { + "$ref": "#/definitions/AWS::FMS::Policy.NetworkAclCommonPolicy", + "markdownDescription": "Defines a Firewall Manager network ACL policy.", + "title": "NetworkAclCommonPolicy" }, - "WorkflowArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the workflow resource.", - "title": "WorkflowArn", + "NetworkFirewallPolicy": { + "$ref": "#/definitions/AWS::FMS::Policy.NetworkFirewallPolicy", + "markdownDescription": "Defines the deployment model to use for the firewall policy.", + "title": "NetworkFirewallPolicy" + }, + "ThirdPartyFirewallPolicy": { + "$ref": "#/definitions/AWS::FMS::Policy.ThirdPartyFirewallPolicy", + "markdownDescription": "Defines the policy options for a third-party firewall policy.", + "title": "ThirdPartyFirewallPolicy" + } + }, + "type": "object" + }, + "AWS::FMS::Policy.PolicyTag": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "Part of the key:value pair that defines a tag. You can use a tag key to describe a category of information, such as \"customer.\" Tag keys are case-sensitive.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "Part of the key:value pair that defines a tag. You can use a tag value to describe a specific value within a category, such as \"companyA\" or \"companyB.\" Tag values are case-sensitive.", + "title": "Value", "type": "string" } }, + "required": [ + "Key", + "Value" + ], "type": "object" }, - "AWS::ImageBuilder::ImagePipeline.WorkflowParameter": { + "AWS::FMS::Policy.PortRange": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the workflow parameter to set.", - "title": "Name", + "From": { + "markdownDescription": "The beginning port number of the range.", + "title": "From", + "type": "number" + }, + "To": { + "markdownDescription": "The ending port number of the range.", + "title": "To", + "type": "number" + } + }, + "required": [ + "From", + "To" + ], + "type": "object" + }, + "AWS::FMS::Policy.ResourceTag": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The resource tag key.", + "title": "Key", "type": "string" }, "Value": { - "items": { - "type": "string" - }, - "markdownDescription": "Sets the value for the named workflow parameter.", + "markdownDescription": "The resource tag value.", "title": "Value", - "type": "array" + "type": "string" } }, + "required": [ + "Key" + ], "type": "object" }, - "AWS::ImageBuilder::ImageRecipe": { + "AWS::FMS::Policy.SecurityServicePolicyData": { + "additionalProperties": false, + "properties": { + "ManagedServiceData": { + "markdownDescription": "Details about the service that are specific to the service type, in JSON format.\n\n- Example: `DNS_FIREWALL`\n\n`\"{\\\"type\\\":\\\"DNS_FIREWALL\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-1\\\",\\\"priority\\\":10}],\\\"postProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-2\\\",\\\"priority\\\":9911}]}\"`\n\n> Valid values for `preProcessRuleGroups` are between 1 and 99. Valid values for `postProcessRuleGroups` are between 9901 and 10000.\n- Example: `NETWORK_FIREWALL` - Centralized deployment model\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"awsNetworkFirewallConfig\\\":{\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}},\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"OFF\\\"},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nWith automatic Availbility Zone configuration, Firewall Manager chooses which Availability Zones to create the endpoints in. To use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"]},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\": \\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\", \\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{ \\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[ \\\"10.0.0.0/28\\\"]}]} },\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"OFF\\\",\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nWith custom Availability Zone configuration, you define which specific Availability Zones to create endpoints in by configuring `firewallCreationConfig` . To configure the Availability Zones in `firewallCreationConfig` , specify either the `availabilityZoneName` or `availabilityZoneId` parameter, not both parameters.\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"],\\\"routeManagementConfig\\\":{\\\"allowCrossAZTrafficIfNoEndpoint\\\":true}},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall centralized deployment model\n\n`\"{ \\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\", \\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\", \\\"thirdPartyFirewallConfig\\\":{ \\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `CENTRALIZED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall distributed deployment model\n\n`\"{\\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\",\\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\",\\\"thirdPartyFirewallConfig\\\":{\\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{ \\\"distributedFirewallDeploymentModel\\\":{ \\\"distributedFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{ \\\"availabilityZoneConfigList\\\":[ {\\\"availabilityZoneName\\\":\\\"${AvailabilityZone}\\\" } ] } }, \\\"allowedIPV4CidrList\\\":[ ] } } } }\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `DISTRIBUTED` .\n- Specification for `SHIELD_ADVANCED` for Amazon CloudFront distributions\n\n`\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED|IGNORED|DISABLED\\\", \\\"automaticResponseAction\\\":\\\"BLOCK|COUNT\\\"}, \\\"overrideCustomerWebaclClassic\\\":true|false}\"`\n\nFor example: `\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED\\\", \\\"automaticResponseAction\\\":\\\"COUNT\\\"}}\"`\n\nThe default value for `automaticResponseStatus` is `IGNORED` . The value for `automaticResponseAction` is only required when `automaticResponseStatus` is set to `ENABLED` . The default value for `overrideCustomerWebaclClassic` is `false` .\n\nFor other resource types that you can protect with a Shield Advanced policy, this `ManagedServiceData` configuration is an empty string.\n- Example: `WAFV2`\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"version\\\":null,\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesAmazonIpReputationList\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nIn the `loggingConfiguration` , you can specify one `logDestinationConfigs` , you can optionally provide up to 20 `redactedFields` , and the `RedactedFieldType` must be one of `URI` , `QUERY_STRING` , `HEADER` , or `METHOD` .\n- Example: `AWS WAF Classic`\n\n`\"{\\\"type\\\": \\\"WAF\\\", \\\"ruleGroups\\\": [{\\\"id\\\":\\\"12345678-1bcd-9012-efga-0987654321ab\\\", \\\"overrideAction\\\" : {\\\"type\\\": \\\"COUNT\\\"}}], \\\"defaultAction\\\": {\\\"type\\\": \\\"BLOCK\\\"}}\"`\n- Example: `WAFV2` - AWS Firewall Manager support for AWS WAF managed rule group versioning\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"versionEnabled\\\":true,\\\"version\\\":\\\"Version_2.0\\\",\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesCommonRuleSet\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nTo use a specific version of a AWS WAF managed rule group in your Firewall Manager policy, you must set `versionEnabled` to `true` , and set `version` to the version you'd like to use. If you don't set `versionEnabled` to `true` , or if you omit `versionEnabled` , then Firewall Manager uses the default version of the AWS WAF managed rule group.\n- Example: `SECURITY_GROUPS_COMMON`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: Shared VPCs. Apply the preceding policy to resources in shared VPCs as well as to those in VPCs that the account owns\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"includeSharedVPC\\\":true,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: `SECURITY_GROUPS_CONTENT_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_CONTENT_AUDIT\\\",\\\"securityGroups\\\":[{\\\"id\\\":\\\"sg-000e55995d61a06bd\\\"}],\\\"securityGroupAction\\\":{\\\"type\\\":\\\"ALLOW\\\"}}\"`\n\nThe security group action for content audit can be `ALLOW` or `DENY` . For `ALLOW` , all in-scope security group rules must be within the allowed range of the policy's security group rules. For `DENY` , all in-scope security group rules must not contain a value or a range that matches a rule value or range in the policy security group.\n- Example: `SECURITY_GROUPS_USAGE_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_USAGE_AUDIT\\\",\\\"deleteUnusedSecurityGroups\\\":true,\\\"coalesceRedundantSecurityGroups\\\":true}\"`", + "title": "ManagedServiceData", + "type": "string" + }, + "PolicyOption": { + "$ref": "#/definitions/AWS::FMS::Policy.PolicyOption", + "markdownDescription": "Contains the settings to configure a network ACL policy, a AWS Network Firewall firewall policy deployment model, or a third-party firewall policy.", + "title": "PolicyOption" + }, + "Type": { + "markdownDescription": "The service that the policy is using to protect the resources. This specifies the type of policy that is created, either an AWS WAF policy, a Shield Advanced policy, or a security group policy. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting SUPlong .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::FMS::Policy.ThirdPartyFirewallPolicy": { + "additionalProperties": false, + "properties": { + "FirewallDeploymentModel": { + "markdownDescription": "Defines the deployment model to use for the third-party firewall policy.", + "title": "FirewallDeploymentModel", + "type": "string" + } + }, + "required": [ + "FirewallDeploymentModel" + ], + "type": "object" + }, + "AWS::FMS::ResourceSet": { "additionalProperties": false, "properties": { "Condition": { @@ -117907,75 +122525,50 @@ "Properties": { "additionalProperties": false, "properties": { - "AdditionalInstanceConfiguration": { - "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe.AdditionalInstanceConfiguration", - "markdownDescription": "Before you create a new AMI, Image Builder launches temporary Amazon EC2 instances to build and test your image configuration. Instance configuration adds a layer of control over those instances. You can define settings and add scripts to run when an instance is launched from your AMI.", - "title": "AdditionalInstanceConfiguration" - }, - "BlockDeviceMappings": { - "items": { - "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe.InstanceBlockDeviceMapping" - }, - "markdownDescription": "The block device mappings to apply when creating images from this recipe.", - "title": "BlockDeviceMappings", - "type": "array" - }, - "Components": { - "items": { - "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe.ComponentConfiguration" - }, - "markdownDescription": "The components that are included in the image recipe. Recipes require a minimum of one build component, and can have a maximum of 20 build and test components in any combination.", - "title": "Components", - "type": "array" - }, "Description": { - "markdownDescription": "The description of the image recipe.", + "markdownDescription": "A description of the resource set.", "title": "Description", "type": "string" }, "Name": { - "markdownDescription": "The name of the image recipe.", + "markdownDescription": "The descriptive name of the resource set. You can't change the name of a resource set after you create it.", "title": "Name", "type": "string" }, - "ParentImage": { - "markdownDescription": "The base image for customizations specified in the image recipe. You can specify the parent image using one of the following options:\n\n- AMI ID\n- Image Builder image Amazon Resource Name (ARN)\n- AWS Systems Manager (SSM) Parameter Store Parameter, prefixed by `ssm:` , followed by the parameter name or ARN.\n- AWS Marketplace product ID", - "title": "ParentImage", - "type": "string" + "ResourceTypeList": { + "items": { + "type": "string" + }, + "markdownDescription": "Determines the resources that can be associated to the resource set. Depending on your setting for max results and the number of resource sets, a single call might not return the full list.", + "title": "ResourceTypeList", + "type": "array" + }, + "Resources": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "Resources", + "type": "array" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "The tags of the image recipe.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "", "title": "Tags", - "type": "object" - }, - "Version": { - "markdownDescription": "The version of the image recipe.", - "title": "Version", - "type": "string" - }, - "WorkingDirectory": { - "markdownDescription": "The working directory to be used during build and test workflows.", - "title": "WorkingDirectory", - "type": "string" + "type": "array" } }, "required": [ - "Components", "Name", - "ParentImage", - "Version" + "ResourceTypeList" ], "type": "object" }, "Type": { "enum": [ - "AWS::ImageBuilder::ImageRecipe" + "AWS::FMS::ResourceSet" ], "type": "string" }, @@ -117994,148 +122587,7 @@ ], "type": "object" }, - "AWS::ImageBuilder::ImageRecipe.AdditionalInstanceConfiguration": { - "additionalProperties": false, - "properties": { - "SystemsManagerAgent": { - "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe.SystemsManagerAgent", - "markdownDescription": "Contains settings for the Systems Manager agent on your build instance.", - "title": "SystemsManagerAgent" - }, - "UserDataOverride": { - "markdownDescription": "Use this property to provide commands or a command script to run when you launch your build instance.\n\nThe userDataOverride property replaces any commands that Image Builder might have added to ensure that Systems Manager is installed on your Linux build instance. If you override the user data, make sure that you add commands to install Systems Manager, if it is not pre-installed on your base image.\n\n> The user data is always base 64 encoded. For example, the following commands are encoded as `IyEvYmluL2Jhc2gKbWtkaXIgLXAgL3Zhci9iYi8KdG91Y2ggL3Zhci$` :\n> \n> *#!/bin/bash*\n> \n> mkdir -p /var/bb/\n> \n> touch /var", - "title": "UserDataOverride", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::ImageRecipe.ComponentConfiguration": { - "additionalProperties": false, - "properties": { - "ComponentArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the component.", - "title": "ComponentArn", - "type": "string" - }, - "Parameters": { - "items": { - "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe.ComponentParameter" - }, - "markdownDescription": "A group of parameter settings that Image Builder uses to configure the component for a specific recipe.", - "title": "Parameters", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::ImageRecipe.ComponentParameter": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the component parameter to set.", - "title": "Name", - "type": "string" - }, - "Value": { - "items": { - "type": "string" - }, - "markdownDescription": "Sets the value for the named component parameter.", - "title": "Value", - "type": "array" - } - }, - "required": [ - "Name", - "Value" - ], - "type": "object" - }, - "AWS::ImageBuilder::ImageRecipe.EbsInstanceBlockDeviceSpecification": { - "additionalProperties": false, - "properties": { - "DeleteOnTermination": { - "markdownDescription": "Configures delete on termination of the associated device.", - "title": "DeleteOnTermination", - "type": "boolean" - }, - "Encrypted": { - "markdownDescription": "Use to configure device encryption.", - "title": "Encrypted", - "type": "boolean" - }, - "Iops": { - "markdownDescription": "Use to configure device IOPS.", - "title": "Iops", - "type": "number" - }, - "KmsKeyId": { - "markdownDescription": "Use to configure the KMS key to use when encrypting the device.", - "title": "KmsKeyId", - "type": "string" - }, - "SnapshotId": { - "markdownDescription": "The snapshot that defines the device contents.", - "title": "SnapshotId", - "type": "string" - }, - "Throughput": { - "markdownDescription": "*For GP3 volumes only* \u2013 The throughput in MiB/s that the volume supports.", - "title": "Throughput", - "type": "number" - }, - "VolumeSize": { - "markdownDescription": "Overrides the volume size of the device.", - "title": "VolumeSize", - "type": "number" - }, - "VolumeType": { - "markdownDescription": "Overrides the volume type of the device.", - "title": "VolumeType", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::ImageRecipe.InstanceBlockDeviceMapping": { - "additionalProperties": false, - "properties": { - "DeviceName": { - "markdownDescription": "The device to which these mappings apply.", - "title": "DeviceName", - "type": "string" - }, - "Ebs": { - "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe.EbsInstanceBlockDeviceSpecification", - "markdownDescription": "Use to manage Amazon EBS-specific configuration for this mapping.", - "title": "Ebs" - }, - "NoDevice": { - "markdownDescription": "Enter an empty string to remove a mapping from the parent image.\n\nThe following is an example of an empty string value in the `NoDevice` field.\n\n`NoDevice:\"\"`", - "title": "NoDevice", - "type": "string" - }, - "VirtualName": { - "markdownDescription": "Manages the instance ephemeral devices.", - "title": "VirtualName", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::ImageRecipe.SystemsManagerAgent": { - "additionalProperties": false, - "properties": { - "UninstallAfterBuild": { - "markdownDescription": "Controls whether the Systems Manager agent is removed from your final build image, prior to creating the new AMI. If this is set to true, then the agent is removed from the final image. If it's set to false, then the agent is left in, so that it is included in the new AMI. The default value is false.", - "title": "UninstallAfterBuild", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::InfrastructureConfiguration": { + "AWS::FSx::DataRepositoryAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -118170,99 +122622,55 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the infrastructure configuration.", - "title": "Description", - "type": "string" - }, - "InstanceMetadataOptions": { - "$ref": "#/definitions/AWS::ImageBuilder::InfrastructureConfiguration.InstanceMetadataOptions", - "markdownDescription": "The instance metadata options that you can set for the HTTP requests that pipeline builds use to launch EC2 build and test instances.", - "title": "InstanceMetadataOptions" + "BatchImportMetaDataOnCreate": { + "markdownDescription": "A boolean flag indicating whether an import data repository task to import metadata should run after the data repository association is created. The task runs if this flag is set to `true` .", + "title": "BatchImportMetaDataOnCreate", + "type": "boolean" }, - "InstanceProfileName": { - "markdownDescription": "The instance profile to associate with the instance used to customize your Amazon EC2 AMI.", - "title": "InstanceProfileName", + "DataRepositoryPath": { + "markdownDescription": "The path to the Amazon S3 data repository that will be linked to the file system. The path can be an S3 bucket or prefix in the format `s3://myBucket/myPrefix/` . This path specifies where in the S3 data repository files will be imported from or exported to.", + "title": "DataRepositoryPath", "type": "string" }, - "InstanceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The instance types of the infrastructure configuration. You can specify one or more instance types to use for this build. The service will pick one of these instance types based on availability.", - "title": "InstanceTypes", - "type": "array" - }, - "KeyPair": { - "markdownDescription": "The key pair of the infrastructure configuration. You can use this to log on to and debug the instance used to create your image.", - "title": "KeyPair", + "FileSystemId": { + "markdownDescription": "The ID of the file system on which the data repository association is configured.", + "title": "FileSystemId", "type": "string" }, - "Logging": { - "$ref": "#/definitions/AWS::ImageBuilder::InfrastructureConfiguration.Logging", - "markdownDescription": "The logging configuration of the infrastructure configuration.", - "title": "Logging" - }, - "Name": { - "markdownDescription": "The name of the infrastructure configuration.", - "title": "Name", + "FileSystemPath": { + "markdownDescription": "A path on the Amazon FSx for Lustre file system that points to a high-level directory (such as `/ns1/` ) or subdirectory (such as `/ns1/subdir/` ) that will be mapped 1-1 with `DataRepositoryPath` . The leading forward slash in the name is required. Two data repository associations cannot have overlapping file system paths. For example, if a data repository is associated with file system path `/ns1/` , then you cannot link another data repository with file system path `/ns1/ns2` .\n\nThis path specifies where in your file system files will be exported from or imported to. This file system directory can be linked to only one Amazon S3 bucket, and no other S3 bucket can be linked to the directory.\n\n> If you specify only a forward slash ( `/` ) as the file system path, you can link only one data repository to the file system. You can only specify \"/\" as the file system path for the first data repository associated with a file system.", + "title": "FileSystemPath", "type": "string" }, - "ResourceTags": { - "additionalProperties": true, - "markdownDescription": "The metadata tags to assign to the Amazon EC2 instance that Image Builder launches during the build process. Tags are formatted as key value pairs.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "ResourceTags", - "type": "object" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The security group IDs to associate with the instance used to customize your Amazon EC2 AMI.", - "title": "SecurityGroupIds", - "type": "array" - }, - "SnsTopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the SNS topic to which we send image build event notifications.\n\n> EC2 Image Builder is unable to send notifications to SNS topics that are encrypted using keys from other accounts. The key that is used to encrypt the SNS topic must reside in the account that the Image Builder service runs under.", - "title": "SnsTopicArn", - "type": "string" + "ImportedFileChunkSize": { + "markdownDescription": "For files imported from a data repository, this value determines the stripe count and maximum amount of data per file (in MiB) stored on a single physical disk. The maximum number of disks that a single file can be striped across is limited by the total number of disks that make up the file system or cache.\n\nThe default chunk size is 1,024 MiB (1 GiB) and can go as high as 512,000 MiB (500 GiB). Amazon S3 objects have a maximum size of 5 TB.", + "title": "ImportedFileChunkSize", + "type": "number" }, - "SubnetId": { - "markdownDescription": "The subnet ID in which to place the instance used to customize your Amazon EC2 AMI.", - "title": "SubnetId", - "type": "string" + "S3": { + "$ref": "#/definitions/AWS::FSx::DataRepositoryAssociation.S3", + "markdownDescription": "The configuration for an Amazon S3 data repository linked to an Amazon FSx Lustre file system with a data repository association. The configuration defines which file events (new, changed, or deleted files or directories) are automatically imported from the linked data repository to the file system or automatically exported from the file system to the data repository.", + "title": "S3" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "The metadata tags to assign to the infrastructure configuration resource that Image Builder creates as output. Tags are formatted as key value pairs.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "A list of `Tag` values, with a maximum of 50 elements.", "title": "Tags", - "type": "object" - }, - "TerminateInstanceOnFailure": { - "markdownDescription": "The terminate instance on failure setting of the infrastructure configuration. Set to false if you want Image Builder to retain the instance used to configure your AMI if the build or test phase of your workflow fails.", - "title": "TerminateInstanceOnFailure", - "type": "boolean" + "type": "array" } }, "required": [ - "InstanceProfileName", - "Name" + "DataRepositoryPath", + "FileSystemId", + "FileSystemPath" ], "type": "object" }, "Type": { "enum": [ - "AWS::ImageBuilder::InfrastructureConfiguration" + "AWS::FSx::DataRepositoryAssociation" ], "type": "string" }, @@ -118281,50 +122689,57 @@ ], "type": "object" }, - "AWS::ImageBuilder::InfrastructureConfiguration.InstanceMetadataOptions": { + "AWS::FSx::DataRepositoryAssociation.AutoExportPolicy": { "additionalProperties": false, "properties": { - "HttpPutResponseHopLimit": { - "markdownDescription": "Limit the number of hops that an instance metadata request can traverse to reach its destination. The default is one hop. However, if HTTP tokens are required, container image builds need a minimum of two hops.", - "title": "HttpPutResponseHopLimit", - "type": "number" - }, - "HttpTokens": { - "markdownDescription": "Indicates whether a signed token header is required for instance metadata retrieval requests. The values affect the response as follows:\n\n- *required* \u2013 When you retrieve the IAM role credentials, version 2.0 credentials are returned in all cases.\n- *optional* \u2013 You can include a signed token header in your request to retrieve instance metadata, or you can leave it out. If you include it, version 2.0 credentials are returned for the IAM role. Otherwise, version 1.0 credentials are returned.\n\nThe default setting is *optional* .", - "title": "HttpTokens", - "type": "string" + "Events": { + "items": { + "type": "string" + }, + "markdownDescription": "The `AutoExportPolicy` can have the following event values:\n\n- `NEW` - New files and directories are automatically exported to the data repository as they are added to the file system.\n- `CHANGED` - Changes to files and directories on the file system are automatically exported to the data repository.\n- `DELETED` - Files and directories are automatically deleted on the data repository when they are deleted on the file system.\n\nYou can define any combination of event types for your `AutoExportPolicy` .", + "title": "Events", + "type": "array" } }, + "required": [ + "Events" + ], "type": "object" }, - "AWS::ImageBuilder::InfrastructureConfiguration.Logging": { + "AWS::FSx::DataRepositoryAssociation.AutoImportPolicy": { "additionalProperties": false, "properties": { - "S3Logs": { - "$ref": "#/definitions/AWS::ImageBuilder::InfrastructureConfiguration.S3Logs", - "markdownDescription": "The Amazon S3 logging configuration.", - "title": "S3Logs" + "Events": { + "items": { + "type": "string" + }, + "markdownDescription": "The `AutoImportPolicy` can have the following event values:\n\n- `NEW` - Amazon FSx automatically imports metadata of files added to the linked S3 bucket that do not currently exist in the FSx file system.\n- `CHANGED` - Amazon FSx automatically updates file metadata and invalidates existing file content on the file system as files change in the data repository.\n- `DELETED` - Amazon FSx automatically deletes files on the file system as corresponding files are deleted in the data repository.\n\nYou can define any combination of event types for your `AutoImportPolicy` .", + "title": "Events", + "type": "array" } }, + "required": [ + "Events" + ], "type": "object" }, - "AWS::ImageBuilder::InfrastructureConfiguration.S3Logs": { + "AWS::FSx::DataRepositoryAssociation.S3": { "additionalProperties": false, "properties": { - "S3BucketName": { - "markdownDescription": "The S3 bucket in which to store the logs.", - "title": "S3BucketName", - "type": "string" + "AutoExportPolicy": { + "$ref": "#/definitions/AWS::FSx::DataRepositoryAssociation.AutoExportPolicy", + "markdownDescription": "Describes a data repository association's automatic export policy. The `AutoExportPolicy` defines the types of updated objects on the file system that will be automatically exported to the data repository. As you create, modify, or delete files, Amazon FSx for Lustre automatically exports the defined changes asynchronously once your application finishes modifying the file.\n\nThe `AutoExportPolicy` is only supported on Amazon FSx for Lustre file systems with a data repository association.", + "title": "AutoExportPolicy" }, - "S3KeyPrefix": { - "markdownDescription": "The Amazon S3 path to the bucket where the logs are stored.", - "title": "S3KeyPrefix", - "type": "string" + "AutoImportPolicy": { + "$ref": "#/definitions/AWS::FSx::DataRepositoryAssociation.AutoImportPolicy", + "markdownDescription": "Describes the data repository association's automatic import policy. The AutoImportPolicy defines how Amazon FSx keeps your file metadata and directory listings up to date by importing changes to your Amazon FSx for Lustre file system as you modify objects in a linked S3 bucket.\n\nThe `AutoImportPolicy` is only supported on Amazon FSx for Lustre file systems with a data repository association.", + "title": "AutoImportPolicy" } }, "type": "object" }, - "AWS::ImageBuilder::LifecyclePolicy": { + "AWS::FSx::FileSystem": { "additionalProperties": false, "properties": { "Condition": { @@ -118359,68 +122774,90 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "Optional description for the lifecycle policy.", - "title": "Description", + "BackupId": { + "markdownDescription": "The ID of the file system backup that you are using to create a file system. For more information, see [CreateFileSystemFromBackup](https://docs.aws.amazon.com/fsx/latest/APIReference/API_CreateFileSystemFromBackup.html) .", + "title": "BackupId", "type": "string" }, - "ExecutionRole": { - "markdownDescription": "The name or Amazon Resource Name (ARN) for the IAM role you create that grants Image Builder access to run lifecycle actions.", - "title": "ExecutionRole", + "FileSystemType": { + "markdownDescription": "The type of Amazon FSx file system, which can be `LUSTRE` , `WINDOWS` , `ONTAP` , or `OPENZFS` .", + "title": "FileSystemType", "type": "string" }, - "Name": { - "markdownDescription": "The name of the lifecycle policy to create.", - "title": "Name", + "FileSystemTypeVersion": { + "markdownDescription": "For FSx for Lustre file systems, sets the Lustre version for the file system that you're creating. Valid values are `2.10` , `2.12` , and `2.15` :\n\n- `2.10` is supported by the Scratch and Persistent_1 Lustre deployment types.\n- `2.12` is supported by all Lustre deployment types, except for `PERSISTENT_2` with a metadata configuration mode.\n- `2.15` is supported by all Lustre deployment types and is recommended for all new file systems.\n\nDefault value is `2.10` , except for the following deployments:\n\n- Default value is `2.12` when `DeploymentType` is set to `PERSISTENT_2` without a metadata configuration mode.\n- Default value is `2.15` when `DeploymentType` is set to `PERSISTENT_2` with a metadata configuration mode.", + "title": "FileSystemTypeVersion", "type": "string" }, - "PolicyDetails": { + "KmsKeyId": { + "markdownDescription": "The ID of the AWS Key Management Service ( AWS KMS ) key used to encrypt Amazon FSx file system data. Used as follows with Amazon FSx file system types:\n\n- Amazon FSx for Lustre `PERSISTENT_1` and `PERSISTENT_2` deployment types only.\n\n`SCRATCH_1` and `SCRATCH_2` types are encrypted using the Amazon FSx service AWS KMS key for your account.\n- Amazon FSx for NetApp ONTAP\n- Amazon FSx for OpenZFS\n- Amazon FSx for Windows File Server\n\nIf this ID isn't specified, the Amazon FSx-managed key for your account is used. For more information, see [Encrypt](https://docs.aws.amazon.com//kms/latest/APIReference/API_Encrypt.html) in the *AWS Key Management Service API Reference* .", + "title": "KmsKeyId", + "type": "string" + }, + "LustreConfiguration": { + "$ref": "#/definitions/AWS::FSx::FileSystem.LustreConfiguration", + "markdownDescription": "The Lustre configuration for the file system being created. This configuration is required if the `FileSystemType` is set to `LUSTRE` .\n\n> The following parameters are not supported when creating Lustre file systems with a data repository association.\n> \n> - `AutoImportPolicy`\n> - `ExportPath`\n> - `ImportedChunkSize`\n> - `ImportPath`", + "title": "LustreConfiguration" + }, + "OntapConfiguration": { + "$ref": "#/definitions/AWS::FSx::FileSystem.OntapConfiguration", + "markdownDescription": "The ONTAP configuration properties of the FSx for ONTAP file system that you are creating. This configuration is required if the `FileSystemType` is set to `ONTAP` .", + "title": "OntapConfiguration" + }, + "OpenZFSConfiguration": { + "$ref": "#/definitions/AWS::FSx::FileSystem.OpenZFSConfiguration", + "markdownDescription": "The Amazon FSx for OpenZFS configuration properties for the file system that you are creating. This configuration is required if the `FileSystemType` is set to `OPENZFS` .", + "title": "OpenZFSConfiguration" + }, + "SecurityGroupIds": { "items": { - "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.PolicyDetail" + "type": "string" }, - "markdownDescription": "Configuration details for the lifecycle policy rules.", - "title": "PolicyDetails", + "markdownDescription": "A list of IDs specifying the security groups to apply to all network interfaces created for file system access. This list isn't returned in later requests to describe the file system.\n\n> You must specify a security group if you are creating a Multi-AZ FSx for ONTAP file system in a VPC subnet that has been shared with you.", + "title": "SecurityGroupIds", "type": "array" }, - "ResourceSelection": { - "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.ResourceSelection", - "markdownDescription": "Selection criteria for the resources that the lifecycle policy applies to.", - "title": "ResourceSelection" + "StorageCapacity": { + "markdownDescription": "Sets the storage capacity of the file system that you're creating.\n\n`StorageCapacity` is required if you are creating a new file system. It is not required if you are creating a file system by restoring a backup.\n\n*FSx for Lustre file systems* - The amount of storage capacity that you can configure depends on the value that you set for `StorageType` and the Lustre `DeploymentType` , as follows:\n\n- For `SCRATCH_2` , `PERSISTENT_2` and `PERSISTENT_1` deployment types using SSD storage type, the valid values are 1200 GiB, 2400 GiB, and increments of 2400 GiB.\n- For `PERSISTENT_1` HDD file systems, valid values are increments of 6000 GiB for 12 MB/s/TiB file systems and increments of 1800 GiB for 40 MB/s/TiB file systems.\n- For `SCRATCH_1` deployment type, valid values are 1200 GiB, 2400 GiB, and increments of 3600 GiB.\n\n*FSx for ONTAP file systems* - The amount of SSD storage capacity that you can configure depends on the value of the `HAPairs` property. The minimum value is calculated as 1,024 GiB * HAPairs and the maximum is calculated as 524,288 GiB * HAPairs, up to a maximum amount of SSD storage capacity of 1,048,576 GiB (1 pebibyte).\n\n*FSx for OpenZFS file systems* - The amount of storage capacity that you can configure is from 64 GiB up to 524,288 GiB (512 TiB). If you are creating a file system from a backup, you can specify a storage capacity equal to or greater than the original file system's storage capacity.\n\n*FSx for Windows File Server file systems* - The amount of storage capacity that you can configure depends on the value that you set for `StorageType` as follows:\n\n- For SSD storage, valid values are 32 GiB-65,536 GiB (64 TiB).\n- For HDD storage, valid values are 2000 GiB-65,536 GiB (64 TiB).", + "title": "StorageCapacity", + "type": "number" }, - "ResourceType": { - "markdownDescription": "The type of Image Builder resource that the lifecycle policy applies to.", - "title": "ResourceType", + "StorageType": { + "markdownDescription": "Sets the storage class for the file system that you're creating. Valid values are `SSD` , `HDD` , and `INTELLIGENT_TIERING` .\n\n- Set to `SSD` to use solid state drive storage. SSD is supported on all Windows, Lustre, ONTAP, and OpenZFS deployment types.\n- Set to `HDD` to use hard disk drive storage, which is supported on `SINGLE_AZ_2` and `MULTI_AZ_1` Windows file system deployment types, and on `PERSISTENT_1` Lustre file system deployment types.\n- Set to `INTELLIGENT_TIERING` to use fully elastic, intelligently-tiered storage. Intelligent-Tiering is only available for OpenZFS file systems with the Multi-AZ deployment type and for Lustre file systems with the Persistent_2 deployment type.\n\nDefault value is `SSD` . For more information, see [Storage type options](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/optimize-fsx-costs.html#storage-type-options) in the *FSx for Windows File Server User Guide* , [FSx for Lustre storage classes](https://docs.aws.amazon.com/fsx/latest/LustreGuide/using-fsx-lustre.html#lustre-storage-classes) in the *FSx for Lustre User Guide* , and [Working with Intelligent-Tiering](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/performance-intelligent-tiering) in the *Amazon FSx for OpenZFS User Guide* .", + "title": "StorageType", "type": "string" }, - "Status": { - "markdownDescription": "Indicates whether the lifecycle policy resource is enabled.", - "title": "Status", - "type": "string" + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the IDs of the subnets that the file system will be accessible from. For Windows and ONTAP `MULTI_AZ_1` deployment types,provide exactly two subnet IDs, one for the preferred file server and one for the standby file server. You specify one of these subnets as the preferred subnet using the `WindowsConfiguration > PreferredSubnetID` or `OntapConfiguration > PreferredSubnetID` properties. For more information about Multi-AZ file system configuration, see [Availability and durability: Single-AZ and Multi-AZ file systems](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/high-availability-multiAZ.html) in the *Amazon FSx for Windows User Guide* and [Availability and durability](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/high-availability-multiAZ.html) in the *Amazon FSx for ONTAP User Guide* .\n\nFor Windows `SINGLE_AZ_1` and `SINGLE_AZ_2` and all Lustre deployment types, provide exactly one subnet ID. The file server is launched in that subnet's Availability Zone.", + "title": "SubnetIds", + "type": "array" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "Tags to apply to the lifecycle policy resource.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "The tags to associate with the file system. For more information, see [Tagging your Amazon FSx resources](https://docs.aws.amazon.com/fsx/latest/LustreGuide/tag-resources.html) in the *Amazon FSx for Lustre User Guide* .", "title": "Tags", - "type": "object" + "type": "array" + }, + "WindowsConfiguration": { + "$ref": "#/definitions/AWS::FSx::FileSystem.WindowsConfiguration", + "markdownDescription": "The configuration object for the Microsoft Windows file system you are creating. This configuration is required if `FileSystemType` is set to `WINDOWS` .", + "title": "WindowsConfiguration" } }, "required": [ - "ExecutionRole", - "Name", - "PolicyDetails", - "ResourceSelection", - "ResourceType" + "FileSystemType", + "SubnetIds" ], "type": "object" }, "Type": { "enum": [ - "AWS::ImageBuilder::LifecyclePolicy" + "AWS::FSx::FileSystem" ], "type": "string" }, @@ -118439,232 +122876,546 @@ ], "type": "object" }, - "AWS::ImageBuilder::LifecyclePolicy.Action": { + "AWS::FSx::FileSystem.AuditLogConfiguration": { "additionalProperties": false, "properties": { - "IncludeResources": { - "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.IncludeResources", - "markdownDescription": "Specifies the resources that the lifecycle policy applies to.", - "title": "IncludeResources" + "AuditLogDestination": { + "markdownDescription": "The Amazon Resource Name (ARN) for the destination of the audit logs. The destination can be any Amazon CloudWatch Logs log group ARN or Amazon Kinesis Data Firehose delivery stream ARN.\n\nThe name of the Amazon CloudWatch Logs log group must begin with the `/aws/fsx` prefix. The name of the Amazon Kinesis Data Firehose delivery stream must begin with the `aws-fsx` prefix.\n\nThe destination ARN (either CloudWatch Logs log group or Kinesis Data Firehose delivery stream) must be in the same AWS partition, AWS Region , and AWS account as your Amazon FSx file system.", + "title": "AuditLogDestination", + "type": "string" }, - "Type": { - "markdownDescription": "Specifies the lifecycle action to take.", - "title": "Type", + "FileAccessAuditLogLevel": { + "markdownDescription": "Sets which attempt type is logged by Amazon FSx for file and folder accesses.\n\n- `SUCCESS_ONLY` - only successful attempts to access files or folders are logged.\n- `FAILURE_ONLY` - only failed attempts to access files or folders are logged.\n- `SUCCESS_AND_FAILURE` - both successful attempts and failed attempts to access files or folders are logged.\n- `DISABLED` - access auditing of files and folders is turned off.", + "title": "FileAccessAuditLogLevel", + "type": "string" + }, + "FileShareAccessAuditLogLevel": { + "markdownDescription": "Sets which attempt type is logged by Amazon FSx for file share accesses.\n\n- `SUCCESS_ONLY` - only successful attempts to access file shares are logged.\n- `FAILURE_ONLY` - only failed attempts to access file shares are logged.\n- `SUCCESS_AND_FAILURE` - both successful attempts and failed attempts to access file shares are logged.\n- `DISABLED` - access auditing of file shares is turned off.", + "title": "FileShareAccessAuditLogLevel", "type": "string" } }, "required": [ - "Type" + "FileAccessAuditLogLevel", + "FileShareAccessAuditLogLevel" ], "type": "object" }, - "AWS::ImageBuilder::LifecyclePolicy.AmiExclusionRules": { + "AWS::FSx::FileSystem.ClientConfigurations": { "additionalProperties": false, "properties": { - "IsPublic": { - "markdownDescription": "Configures whether public AMIs are excluded from the lifecycle action.", - "title": "IsPublic", - "type": "boolean" - }, - "LastLaunched": { - "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.LastLaunched", - "markdownDescription": "Specifies configuration details for Image Builder to exclude the most recent resources from lifecycle actions.", - "title": "LastLaunched" - }, - "Regions": { - "items": { - "type": "string" - }, - "markdownDescription": "Configures AWS Region s that are excluded from the lifecycle action.", - "title": "Regions", - "type": "array" + "Clients": { + "markdownDescription": "A value that specifies who can mount the file system. You can provide a wildcard character ( `*` ), an IP address ( `0.0.0.0` ), or a CIDR address ( `192.0.2.0/24` ). By default, Amazon FSx uses the wildcard character when specifying the client.", + "title": "Clients", + "type": "string" }, - "SharedAccounts": { + "Options": { "items": { "type": "string" }, - "markdownDescription": "Specifies AWS account s whose resources are excluded from the lifecycle action.", - "title": "SharedAccounts", + "markdownDescription": "The options to use when mounting the file system. For a list of options that you can use with Network File System (NFS), see the [exports(5) - Linux man page](https://docs.aws.amazon.com/https://linux.die.net/man/5/exports) . When choosing your options, consider the following:\n\n- `crossmnt` is used by default. If you don't specify `crossmnt` when changing the client configuration, you won't be able to see or access snapshots in your file system's snapshot directory.\n- `sync` is used by default. If you instead specify `async` , the system acknowledges writes before writing to disk. If the system crashes before the writes are finished, you lose the unwritten data.", + "title": "Options", "type": "array" - }, - "TagMap": { - "additionalProperties": true, - "markdownDescription": "Lists tags that should be excluded from lifecycle actions for the AMIs that have them.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "TagMap", - "type": "object" } }, "type": "object" }, - "AWS::ImageBuilder::LifecyclePolicy.ExclusionRules": { + "AWS::FSx::FileSystem.DataReadCacheConfiguration": { "additionalProperties": false, "properties": { - "Amis": { - "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.AmiExclusionRules", - "markdownDescription": "Lists configuration values that apply to AMIs that Image Builder should exclude from the lifecycle action.", - "title": "Amis" + "SizeGiB": { + "markdownDescription": "Required if `SizingMode` is set to `USER_PROVISIONED` . Specifies the size of the file system's SSD read cache, in gibibytes (GiB).", + "title": "SizeGiB", + "type": "number" }, - "TagMap": { - "additionalProperties": true, - "markdownDescription": "Contains a list of tags that Image Builder uses to skip lifecycle actions for Image Builder image resources that have them.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "TagMap", - "type": "object" + "SizingMode": { + "markdownDescription": "Specifies how the provisioned SSD read cache is sized, as follows:\n\n- Set to `NO_CACHE` if you do not want to use an SSD read cache with your Intelligent-Tiering file system.\n- Set to `USER_PROVISIONED` to specify the exact size of your SSD read cache.\n- Set to `PROPORTIONAL_TO_THROUGHPUT_CAPACITY` to have your SSD read cache automatically sized based on your throughput capacity.", + "title": "SizingMode", + "type": "string" } }, "type": "object" }, - "AWS::ImageBuilder::LifecyclePolicy.Filter": { + "AWS::FSx::FileSystem.DiskIopsConfiguration": { "additionalProperties": false, "properties": { - "RetainAtLeast": { - "markdownDescription": "For age-based filters, this is the number of resources to keep on hand after the lifecycle `DELETE` action is applied. Impacted resources are only deleted if you have more than this number of resources. If you have fewer resources than this number, the impacted resource is not deleted.", - "title": "RetainAtLeast", + "Iops": { + "markdownDescription": "The total number of SSD IOPS provisioned for the file system.\n\nThe minimum and maximum values for this property depend on the value of `HAPairs` and `StorageCapacity` . The minimum value is calculated as `StorageCapacity` * 3 * `HAPairs` (3 IOPS per GB of `StorageCapacity` ). The maximum value is calculated as 200,000 * `HAPairs` .\n\nAmazon FSx responds with an HTTP status code 400 (Bad Request) if the value of `Iops` is outside of the minimum or maximum values.", + "title": "Iops", "type": "number" }, - "Type": { - "markdownDescription": "Filter resources based on either `age` or `count` .", - "title": "Type", + "Mode": { + "markdownDescription": "Specifies whether the file system is using the `AUTOMATIC` setting of SSD IOPS of 3 IOPS per GB of storage capacity, or if it using a `USER_PROVISIONED` value.", + "title": "Mode", + "type": "string" + } + }, + "type": "object" + }, + "AWS::FSx::FileSystem.LustreConfiguration": { + "additionalProperties": false, + "properties": { + "AutoImportPolicy": { + "markdownDescription": "(Optional) When you create your file system, your existing S3 objects appear as file and directory listings. Use this property to choose how Amazon FSx keeps your file and directory listings up to date as you add or modify objects in your linked S3 bucket. `AutoImportPolicy` can have the following values:\n\n- `NONE` - (Default) AutoImport is off. Amazon FSx only updates file and directory listings from the linked S3 bucket when the file system is created. FSx does not update file and directory listings for any new or changed objects after choosing this option.\n- `NEW` - AutoImport is on. Amazon FSx automatically imports directory listings of any new objects added to the linked S3 bucket that do not currently exist in the FSx file system.\n- `NEW_CHANGED` - AutoImport is on. Amazon FSx automatically imports file and directory listings of any new objects added to the S3 bucket and any existing objects that are changed in the S3 bucket after you choose this option.\n- `NEW_CHANGED_DELETED` - AutoImport is on. Amazon FSx automatically imports file and directory listings of any new objects added to the S3 bucket, any existing objects that are changed in the S3 bucket, and any objects that were deleted in the S3 bucket.\n\nFor more information, see [Automatically import updates from your S3 bucket](https://docs.aws.amazon.com/fsx/latest/LustreGuide/autoimport-data-repo.html) .\n\n> This parameter is not supported for Lustre file systems with a data repository association.", + "title": "AutoImportPolicy", "type": "string" }, - "Unit": { - "markdownDescription": "Defines the unit of time that the lifecycle policy uses to determine impacted resources. This is required for age-based rules.", - "title": "Unit", + "AutomaticBackupRetentionDays": { + "markdownDescription": "The number of days to retain automatic backups. Setting this property to `0` disables automatic backups. You can retain automatic backups for a maximum of 90 days. The default is `0` .", + "title": "AutomaticBackupRetentionDays", + "type": "number" + }, + "CopyTagsToBackups": { + "markdownDescription": "(Optional) Not available for use with file systems that are linked to a data repository. A boolean flag indicating whether tags for the file system should be copied to backups. The default value is false. If `CopyTagsToBackups` is set to true, all file system tags are copied to all automatic and user-initiated backups when the user doesn't specify any backup-specific tags. If `CopyTagsToBackups` is set to true and you specify one or more backup tags, only the specified tags are copied to backups. If you specify one or more tags when creating a user-initiated backup, no tags are copied from the file system, regardless of this value.\n\n(Default = `false` )\n\nFor more information, see [Working with backups](https://docs.aws.amazon.com/fsx/latest/LustreGuide/using-backups-fsx.html) in the *Amazon FSx for Lustre User Guide* .", + "title": "CopyTagsToBackups", + "type": "boolean" + }, + "DailyAutomaticBackupStartTime": { + "markdownDescription": "A recurring daily time, in the format `HH:MM` . `HH` is the zero-padded hour of the day (0-23), and `MM` is the zero-padded minute of the hour. For example, `05:00` specifies 5 AM daily.", + "title": "DailyAutomaticBackupStartTime", "type": "string" }, - "Value": { - "markdownDescription": "The number of units for the time period or for the count. For example, a value of `6` might refer to six months or six AMIs.\n\n> For count-based filters, this value represents the minimum number of resources to keep on hand. If you have fewer resources than this number, the resource is excluded from lifecycle actions.", - "title": "Value", + "DataCompressionType": { + "markdownDescription": "Sets the data compression configuration for the file system. `DataCompressionType` can have the following values:\n\n- `NONE` - (Default) Data compression is turned off when the file system is created.\n- `LZ4` - Data compression is turned on with the LZ4 algorithm.\n\nFor more information, see [Lustre data compression](https://docs.aws.amazon.com/fsx/latest/LustreGuide/data-compression.html) in the *Amazon FSx for Lustre User Guide* .", + "title": "DataCompressionType", + "type": "string" + }, + "DataReadCacheConfiguration": { + "$ref": "#/definitions/AWS::FSx::FileSystem.DataReadCacheConfiguration", + "markdownDescription": "Specifies the optional provisioned SSD read cache on FSx for Lustre file systems that use the Intelligent-Tiering storage class. Required when `StorageType` is set to `INTELLIGENT_TIERING` .", + "title": "DataReadCacheConfiguration" + }, + "DeploymentType": { + "markdownDescription": "(Optional) Choose `SCRATCH_1` and `SCRATCH_2` deployment types when you need temporary storage and shorter-term processing of data. The `SCRATCH_2` deployment type provides in-transit encryption of data and higher burst throughput capacity than `SCRATCH_1` .\n\nChoose `PERSISTENT_1` for longer-term storage and for throughput-focused workloads that aren\u2019t latency-sensitive. `PERSISTENT_1` supports encryption of data in transit, and is available in all AWS Regions in which FSx for Lustre is available.\n\nChoose `PERSISTENT_2` for longer-term storage and for latency-sensitive workloads that require the highest levels of IOPS/throughput. `PERSISTENT_2` supports the SSD and Intelligent-Tiering storage classes. You can optionally specify a metadata configuration mode for `PERSISTENT_2` which supports increasing metadata performance. `PERSISTENT_2` is available in a limited number of AWS Regions . For more information, and an up-to-date list of AWS Regions in which `PERSISTENT_2` is available, see [Deployment and storage class options for FSx for Lustre file systems](https://docs.aws.amazon.com/fsx/latest/LustreGuide/using-fsx-lustre.html) in the *Amazon FSx for Lustre User Guide* .\n\n> If you choose `PERSISTENT_2` , and you set `FileSystemTypeVersion` to `2.10` , the `CreateFileSystem` operation fails. \n\nEncryption of data in transit is automatically turned on when you access `SCRATCH_2` , `PERSISTENT_1` , and `PERSISTENT_2` file systems from Amazon EC2 instances that support automatic encryption in the AWS Regions where they are available. For more information about encryption in transit for FSx for Lustre file systems, see [Encrypting data in transit](https://docs.aws.amazon.com/fsx/latest/LustreGuide/encryption-in-transit-fsxl.html) in the *Amazon FSx for Lustre User Guide* .\n\n(Default = `SCRATCH_1` )", + "title": "DeploymentType", + "type": "string" + }, + "DriveCacheType": { + "markdownDescription": "The type of drive cache used by `PERSISTENT_1` file systems that are provisioned with HDD storage devices. This parameter is required when storage type is HDD. Set this property to `READ` to improve the performance for frequently accessed files by caching up to 20% of the total storage capacity of the file system.\n\nThis parameter is required when `StorageType` is set to `HDD` and `DeploymentType` is `PERSISTENT_1` .", + "title": "DriveCacheType", + "type": "string" + }, + "EfaEnabled": { + "markdownDescription": "(Optional) Specifies whether Elastic Fabric Adapter (EFA) and GPUDirect Storage (GDS) support is enabled for the Amazon FSx for Lustre file system.\n\n(Default = `false` )", + "title": "EfaEnabled", + "type": "boolean" + }, + "ExportPath": { + "markdownDescription": "(Optional) Specifies the path in the Amazon S3 bucket where the root of your Amazon FSx file system is exported. The path must use the same Amazon S3 bucket as specified in ImportPath. You can provide an optional prefix to which new and changed data is to be exported from your Amazon FSx for Lustre file system. If an `ExportPath` value is not provided, Amazon FSx sets a default export path, `s3://import-bucket/FSxLustre[creation-timestamp]` . The timestamp is in UTC format, for example `s3://import-bucket/FSxLustre20181105T222312Z` .\n\nThe Amazon S3 export bucket must be the same as the import bucket specified by `ImportPath` . If you specify only a bucket name, such as `s3://import-bucket` , you get a 1:1 mapping of file system objects to S3 bucket objects. This mapping means that the input data in S3 is overwritten on export. If you provide a custom prefix in the export path, such as `s3://import-bucket/[custom-optional-prefix]` , Amazon FSx exports the contents of your file system to that export prefix in the Amazon S3 bucket.\n\n> This parameter is not supported for file systems with a data repository association.", + "title": "ExportPath", + "type": "string" + }, + "ImportPath": { + "markdownDescription": "(Optional) The path to the Amazon S3 bucket (including the optional prefix) that you're using as the data repository for your Amazon FSx for Lustre file system. The root of your FSx for Lustre file system will be mapped to the root of the Amazon S3 bucket you select. An example is `s3://import-bucket/optional-prefix` . If you specify a prefix after the Amazon S3 bucket name, only object keys with that prefix are loaded into the file system.\n\n> This parameter is not supported for Lustre file systems with a data repository association.", + "title": "ImportPath", + "type": "string" + }, + "ImportedFileChunkSize": { + "markdownDescription": "(Optional) For files imported from a data repository, this value determines the stripe count and maximum amount of data per file (in MiB) stored on a single physical disk. The maximum number of disks that a single file can be striped across is limited by the total number of disks that make up the file system.\n\nThe default chunk size is 1,024 MiB (1 GiB) and can go as high as 512,000 MiB (500 GiB). Amazon S3 objects have a maximum size of 5 TB.\n\n> This parameter is not supported for Lustre file systems with a data repository association.", + "title": "ImportedFileChunkSize", + "type": "number" + }, + "MetadataConfiguration": { + "$ref": "#/definitions/AWS::FSx::FileSystem.MetadataConfiguration", + "markdownDescription": "The Lustre metadata performance configuration for the creation of an FSx for Lustre file system using a `PERSISTENT_2` deployment type.", + "title": "MetadataConfiguration" + }, + "PerUnitStorageThroughput": { + "markdownDescription": "Required with `PERSISTENT_1` and `PERSISTENT_2` deployment types, provisions the amount of read and write throughput for each 1 tebibyte (TiB) of file system storage capacity, in MB/s/TiB. File system throughput capacity is calculated by multiplying \ufb01le system storage capacity (TiB) by the `PerUnitStorageThroughput` (MB/s/TiB). For a 2.4-TiB \ufb01le system, provisioning 50 MB/s/TiB of `PerUnitStorageThroughput` yields 120 MB/s of \ufb01le system throughput. You pay for the amount of throughput that you provision.\n\nValid values:\n\n- For `PERSISTENT_1` SSD storage: 50, 100, 200 MB/s/TiB.\n- For `PERSISTENT_1` HDD storage: 12, 40 MB/s/TiB.\n- For `PERSISTENT_2` SSD storage: 125, 250, 500, 1000 MB/s/TiB.", + "title": "PerUnitStorageThroughput", "type": "number" + }, + "ThroughputCapacity": { + "markdownDescription": "Specifies the throughput of an FSx for Lustre file system using the Intelligent-Tiering storage class, measured in megabytes per second (MBps). Valid values are 4000 MBps or multiples of 4000 MBps. You pay for the amount of throughput that you provision.", + "title": "ThroughputCapacity", + "type": "number" + }, + "WeeklyMaintenanceStartTime": { + "markdownDescription": "The preferred start time to perform weekly maintenance, formatted d:HH:MM in the UTC time zone, where d is the weekday number, from 1 through 7, beginning with Monday and ending with Sunday.\n\nFor example, `1:05:00` specifies maintenance at 5 AM Monday.", + "title": "WeeklyMaintenanceStartTime", + "type": "string" } }, - "required": [ - "Type", - "Value" - ], "type": "object" }, - "AWS::ImageBuilder::LifecyclePolicy.IncludeResources": { + "AWS::FSx::FileSystem.MetadataConfiguration": { "additionalProperties": false, "properties": { - "Amis": { - "markdownDescription": "Specifies whether the lifecycle action should apply to distributed AMIs.", - "title": "Amis", - "type": "boolean" - }, - "Containers": { - "markdownDescription": "Specifies whether the lifecycle action should apply to distributed containers.", - "title": "Containers", - "type": "boolean" + "Iops": { + "markdownDescription": "The number of Metadata IOPS provisioned for the file system.", + "title": "Iops", + "type": "number" }, - "Snapshots": { - "markdownDescription": "Specifies whether the lifecycle action should apply to snapshots associated with distributed AMIs.", - "title": "Snapshots", - "type": "boolean" + "Mode": { + "markdownDescription": "Specifies whether the file system is using the AUTOMATIC setting of metadata IOPS or if it is using a USER_PROVISIONED value.", + "title": "Mode", + "type": "string" } }, "type": "object" }, - "AWS::ImageBuilder::LifecyclePolicy.LastLaunched": { + "AWS::FSx::FileSystem.NfsExports": { "additionalProperties": false, "properties": { - "Unit": { - "markdownDescription": "Defines the unit of time that the lifecycle policy uses to calculate elapsed time since the last instance launched from the AMI. For example: days, weeks, months, or years.", - "title": "Unit", + "ClientConfigurations": { + "items": { + "$ref": "#/definitions/AWS::FSx::FileSystem.ClientConfigurations" + }, + "markdownDescription": "A list of configuration objects that contain the client and options for mounting the OpenZFS file system.", + "title": "ClientConfigurations", + "type": "array" + } + }, + "type": "object" + }, + "AWS::FSx::FileSystem.OntapConfiguration": { + "additionalProperties": false, + "properties": { + "AutomaticBackupRetentionDays": { + "markdownDescription": "The number of days to retain automatic backups. Setting this property to `0` disables automatic backups. You can retain automatic backups for a maximum of 90 days. The default is `30` .", + "title": "AutomaticBackupRetentionDays", + "type": "number" + }, + "DailyAutomaticBackupStartTime": { + "markdownDescription": "A recurring daily time, in the format `HH:MM` . `HH` is the zero-padded hour of the day (0-23), and `MM` is the zero-padded minute of the hour. For example, `05:00` specifies 5 AM daily.", + "title": "DailyAutomaticBackupStartTime", "type": "string" }, - "Value": { - "markdownDescription": "The integer number of units for the time period. For example `6` (months).", - "title": "Value", + "DeploymentType": { + "markdownDescription": "Specifies the FSx for ONTAP file system deployment type to use in creating the file system.\n\n- `MULTI_AZ_1` - A high availability file system configured for Multi-AZ redundancy to tolerate temporary Availability Zone (AZ) unavailability. This is a first-generation FSx for ONTAP file system.\n- `MULTI_AZ_2` - A high availability file system configured for Multi-AZ redundancy to tolerate temporary AZ unavailability. This is a second-generation FSx for ONTAP file system.\n- `SINGLE_AZ_1` - A file system configured for Single-AZ redundancy. This is a first-generation FSx for ONTAP file system.\n- `SINGLE_AZ_2` - A file system configured with multiple high-availability (HA) pairs for Single-AZ redundancy. This is a second-generation FSx for ONTAP file system.\n\nFor information about the use cases for Multi-AZ and Single-AZ deployments, refer to [Choosing a file system deployment type](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/high-availability-AZ.html) .", + "title": "DeploymentType", + "type": "string" + }, + "DiskIopsConfiguration": { + "$ref": "#/definitions/AWS::FSx::FileSystem.DiskIopsConfiguration", + "markdownDescription": "The SSD IOPS configuration for the FSx for ONTAP file system.", + "title": "DiskIopsConfiguration" + }, + "EndpointIpAddressRange": { + "markdownDescription": "(Multi-AZ only) Specifies the IP address range in which the endpoints to access your file system will be created. By default in the Amazon FSx API, Amazon FSx selects an unused IP address range for you from the 198.19.* range. By default in the Amazon FSx console, Amazon FSx chooses the last 64 IP addresses from the VPC\u2019s primary CIDR range to use as the endpoint IP address range for the file system. You can have overlapping endpoint IP addresses for file systems deployed in the same VPC/route tables, as long as they don't overlap with any subnet.", + "title": "EndpointIpAddressRange", + "type": "string" + }, + "FsxAdminPassword": { + "markdownDescription": "The ONTAP administrative password for the `fsxadmin` user with which you administer your file system using the NetApp ONTAP CLI and REST API.", + "title": "FsxAdminPassword", + "type": "string" + }, + "HAPairs": { + "markdownDescription": "Specifies how many high-availability (HA) pairs of file servers will power your file system. First-generation file systems are powered by 1 HA pair. Second-generation multi-AZ file systems are powered by 1 HA pair. Second generation single-AZ file systems are powered by up to 12 HA pairs. The default value is 1. The value of this property affects the values of `StorageCapacity` , `Iops` , and `ThroughputCapacity` . For more information, see [High-availability (HA) pairs](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/administering-file-systems.html#HA-pairs) in the FSx for ONTAP user guide. Block storage protocol support (iSCSI and NVMe over TCP) is disabled on file systems with more than 6 HA pairs. For more information, see [Using block storage protocols](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/supported-fsx-clients.html#using-block-storage) .\n\nAmazon FSx responds with an HTTP status code 400 (Bad Request) for the following conditions:\n\n- The value of `HAPairs` is less than 1 or greater than 12.\n- The value of `HAPairs` is greater than 1 and the value of `DeploymentType` is `SINGLE_AZ_1` , `MULTI_AZ_1` , or `MULTI_AZ_2` .", + "title": "HAPairs", + "type": "number" + }, + "PreferredSubnetId": { + "markdownDescription": "Required when `DeploymentType` is set to `MULTI_AZ_1` or `MULTI_AZ_2` . This specifies the subnet in which you want the preferred file server to be located.", + "title": "PreferredSubnetId", + "type": "string" + }, + "RouteTableIds": { + "items": { + "type": "string" + }, + "markdownDescription": "(Multi-AZ only) Specifies the route tables in which Amazon FSx creates the rules for routing traffic to the correct file server. You should specify all virtual private cloud (VPC) route tables associated with the subnets in which your clients are located. By default, Amazon FSx selects your VPC's default route table.\n\n> Amazon FSx manages these route tables for Multi-AZ file systems using tag-based authentication. These route tables are tagged with `Key: AmazonFSx; Value: ManagedByAmazonFSx` . When creating FSx for ONTAP Multi-AZ file systems using AWS CloudFormation we recommend that you add the `Key: AmazonFSx; Value: ManagedByAmazonFSx` tag manually.", + "title": "RouteTableIds", + "type": "array" + }, + "ThroughputCapacity": { + "markdownDescription": "Sets the throughput capacity for the file system that you're creating in megabytes per second (MBps). For more information, see [Managing throughput capacity](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-throughput-capacity.html) in the FSx for ONTAP User Guide.\n\nAmazon FSx responds with an HTTP status code 400 (Bad Request) for the following conditions:\n\n- The value of `ThroughputCapacity` and `ThroughputCapacityPerHAPair` are not the same value.\n- The value of `ThroughputCapacity` when divided by the value of `HAPairs` is outside of the valid range for `ThroughputCapacity` .", + "title": "ThroughputCapacity", "type": "number" + }, + "ThroughputCapacityPerHAPair": { + "markdownDescription": "Use to choose the throughput capacity per HA pair, rather than the total throughput for the file system.\n\nYou can define either the `ThroughputCapacityPerHAPair` or the `ThroughputCapacity` when creating a file system, but not both.\n\nThis field and `ThroughputCapacity` are the same for file systems powered by one HA pair.\n\n- For `SINGLE_AZ_1` and `MULTI_AZ_1` file systems, valid values are 128, 256, 512, 1024, 2048, or 4096 MBps.\n- For `SINGLE_AZ_2` , valid values are 1536, 3072, or 6144 MBps.\n- For `MULTI_AZ_2` , valid values are 384, 768, 1536, 3072, or 6144 MBps.\n\nAmazon FSx responds with an HTTP status code 400 (Bad Request) for the following conditions:\n\n- The value of `ThroughputCapacity` and `ThroughputCapacityPerHAPair` are not the same value for file systems with one HA pair.\n- The value of deployment type is `SINGLE_AZ_2` and `ThroughputCapacity` / `ThroughputCapacityPerHAPair` is not a valid HA pair (a value between 1 and 12).\n- The value of `ThroughputCapacityPerHAPair` is not a valid value.", + "title": "ThroughputCapacityPerHAPair", + "type": "number" + }, + "WeeklyMaintenanceStartTime": { + "markdownDescription": "The preferred start time to perform weekly maintenance, formatted d:HH:MM in the UTC time zone, where d is the weekday number, from 1 through 7, beginning with Monday and ending with Sunday.\n\nFor example, `1:05:00` specifies maintenance at 5 AM Monday.", + "title": "WeeklyMaintenanceStartTime", + "type": "string" } }, "required": [ - "Unit", - "Value" + "DeploymentType" ], "type": "object" }, - "AWS::ImageBuilder::LifecyclePolicy.PolicyDetail": { + "AWS::FSx::FileSystem.OpenZFSConfiguration": { "additionalProperties": false, "properties": { - "Action": { - "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.Action", - "markdownDescription": "Configuration details for the policy action.", - "title": "Action" + "AutomaticBackupRetentionDays": { + "markdownDescription": "The number of days to retain automatic backups. Setting this property to `0` disables automatic backups. You can retain automatic backups for a maximum of 90 days. The default is `30` .", + "title": "AutomaticBackupRetentionDays", + "type": "number" }, - "ExclusionRules": { - "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.ExclusionRules", - "markdownDescription": "Additional rules to specify resources that should be exempt from policy actions.", - "title": "ExclusionRules" + "CopyTagsToBackups": { + "markdownDescription": "A Boolean value indicating whether tags for the file system should be copied to backups. This value defaults to `false` . If it's set to `true` , all tags for the file system are copied to all automatic and user-initiated backups where the user doesn't specify tags. If this value is `true` , and you specify one or more tags, only the specified tags are copied to backups. If you specify one or more tags when creating a user-initiated backup, no tags are copied from the file system, regardless of this value.", + "title": "CopyTagsToBackups", + "type": "boolean" }, - "Filter": { - "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.Filter", - "markdownDescription": "Specifies the resources that the lifecycle policy applies to.", - "title": "Filter" + "CopyTagsToVolumes": { + "markdownDescription": "A Boolean value indicating whether tags for the file system should be copied to volumes. This value defaults to `false` . If it's set to `true` , all tags for the file system are copied to volumes where the user doesn't specify tags. If this value is `true` , and you specify one or more tags, only the specified tags are copied to volumes. If you specify one or more tags when creating the volume, no tags are copied from the file system, regardless of this value.", + "title": "CopyTagsToVolumes", + "type": "boolean" + }, + "DailyAutomaticBackupStartTime": { + "markdownDescription": "A recurring daily time, in the format `HH:MM` . `HH` is the zero-padded hour of the day (0-23), and `MM` is the zero-padded minute of the hour. For example, `05:00` specifies 5 AM daily.", + "title": "DailyAutomaticBackupStartTime", + "type": "string" + }, + "DeploymentType": { + "markdownDescription": "Specifies the file system deployment type. Valid values are the following:\n\n- `MULTI_AZ_1` - Creates file systems with high availability and durability by replicating your data and supporting failover across multiple Availability Zones in the same AWS Region .\n- `SINGLE_AZ_HA_2` - Creates file systems with high availability and throughput capacities of 160 - 10,240 MB/s using an NVMe L2ARC cache by deploying a primary and standby file system within the same Availability Zone.\n- `SINGLE_AZ_HA_1` - Creates file systems with high availability and throughput capacities of 64 - 4,096 MB/s by deploying a primary and standby file system within the same Availability Zone.\n- `SINGLE_AZ_2` - Creates file systems with throughput capacities of 160 - 10,240 MB/s using an NVMe L2ARC cache that automatically recover within a single Availability Zone.\n- `SINGLE_AZ_1` - Creates file systems with throughput capacities of 64 - 4,096 MBs that automatically recover within a single Availability Zone.\n\nFor a list of which AWS Regions each deployment type is available in, see [Deployment type availability](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/availability-durability.html#available-aws-regions) . For more information on the differences in performance between deployment types, see [File system performance](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/performance.html#zfs-fs-performance) in the *Amazon FSx for OpenZFS User Guide* .", + "title": "DeploymentType", + "type": "string" + }, + "DiskIopsConfiguration": { + "$ref": "#/definitions/AWS::FSx::FileSystem.DiskIopsConfiguration", + "markdownDescription": "The SSD IOPS (input/output operations per second) configuration for an Amazon FSx for NetApp ONTAP, Amazon FSx for Windows File Server, or FSx for OpenZFS file system. By default, Amazon FSx automatically provisions 3 IOPS per GB of storage capacity. You can provision additional IOPS per GB of storage. The configuration consists of the total number of provisioned SSD IOPS and how it is was provisioned, or the mode (by the customer or by Amazon FSx).", + "title": "DiskIopsConfiguration" + }, + "EndpointIpAddressRange": { + "markdownDescription": "(Multi-AZ only) Specifies the IP address range in which the endpoints to access your file system will be created. By default in the Amazon FSx API and Amazon FSx console, Amazon FSx selects an available /28 IP address range for you from one of the VPC's CIDR ranges. You can have overlapping endpoint IP addresses for file systems deployed in the same VPC/route tables, as long as they don't overlap with any subnet.", + "title": "EndpointIpAddressRange", + "type": "string" + }, + "Options": { + "items": { + "type": "string" + }, + "markdownDescription": "To delete a file system if there are child volumes present below the root volume, use the string `DELETE_CHILD_VOLUMES_AND_SNAPSHOTS` . If your file system has child volumes and you don't use this option, the delete request will fail.", + "title": "Options", + "type": "array" + }, + "PreferredSubnetId": { + "markdownDescription": "Required when `DeploymentType` is set to `MULTI_AZ_1` . This specifies the subnet in which you want the preferred file server to be located.", + "title": "PreferredSubnetId", + "type": "string" + }, + "ReadCacheConfiguration": { + "$ref": "#/definitions/AWS::FSx::FileSystem.ReadCacheConfiguration", + "markdownDescription": "Specifies the optional provisioned SSD read cache on file systems that use the Intelligent-Tiering storage class.", + "title": "ReadCacheConfiguration" + }, + "RootVolumeConfiguration": { + "$ref": "#/definitions/AWS::FSx::FileSystem.RootVolumeConfiguration", + "markdownDescription": "The configuration Amazon FSx uses when creating the root value of the Amazon FSx for OpenZFS file system. All volumes are children of the root volume.", + "title": "RootVolumeConfiguration" + }, + "RouteTableIds": { + "items": { + "type": "string" + }, + "markdownDescription": "(Multi-AZ only) Specifies the route tables in which Amazon FSx creates the rules for routing traffic to the correct file server. You should specify all virtual private cloud (VPC) route tables associated with the subnets in which your clients are located. By default, Amazon FSx selects your VPC's default route table.", + "title": "RouteTableIds", + "type": "array" + }, + "ThroughputCapacity": { + "markdownDescription": "Specifies the throughput of an Amazon FSx for OpenZFS file system, measured in megabytes per second (MBps). Required if you are creating a new file system.\n\nValid values depend on the `DeploymentType` that you choose, as follows:\n\n- For `MULTI_AZ_1` and `SINGLE_AZ_2` , valid values are 160, 320, 640, 1280, 2560, 3840, 5120, 7680, or 10240 MBps.\n- For `SINGLE_AZ_1` , valid values are 64, 128, 256, 512, 1024, 2048, 3072, or 4096 MBps.\n\nYou pay for additional throughput capacity that you provision.", + "title": "ThroughputCapacity", + "type": "number" + }, + "WeeklyMaintenanceStartTime": { + "markdownDescription": "The preferred start time to perform weekly maintenance, formatted d:HH:MM in the UTC time zone, where d is the weekday number, from 1 through 7, beginning with Monday and ending with Sunday.\n\nFor example, `1:05:00` specifies maintenance at 5 AM Monday.", + "title": "WeeklyMaintenanceStartTime", + "type": "string" } }, "required": [ - "Action", - "Filter" + "DeploymentType" ], "type": "object" }, - "AWS::ImageBuilder::LifecyclePolicy.RecipeSelection": { + "AWS::FSx::FileSystem.ReadCacheConfiguration": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of an Image Builder recipe that the lifecycle policy uses for resource selection.", - "title": "Name", + "SizeGiB": { + "markdownDescription": "Required if `SizingMode` is set to `USER_PROVISIONED` . Specifies the size of the file system's SSD read cache, in gibibytes (GiB).", + "title": "SizeGiB", + "type": "number" + }, + "SizingMode": { + "markdownDescription": "Specifies how the provisioned SSD read cache is sized, as follows:\n\n- Set to `NO_CACHE` if you do not want to use an SSD read cache with your Intelligent-Tiering file system.\n- Set to `USER_PROVISIONED` to specify the exact size of your SSD read cache.\n- Set to `PROPORTIONAL_TO_THROUGHPUT_CAPACITY` to have your SSD read cache automatically sized based on your throughput capacity.", + "title": "SizingMode", "type": "string" + } + }, + "type": "object" + }, + "AWS::FSx::FileSystem.RootVolumeConfiguration": { + "additionalProperties": false, + "properties": { + "CopyTagsToSnapshots": { + "markdownDescription": "A Boolean value indicating whether tags for the volume should be copied to snapshots of the volume. This value defaults to `false` . If it's set to `true` , all tags for the volume are copied to snapshots where the user doesn't specify tags. If this value is `true` and you specify one or more tags, only the specified tags are copied to snapshots. If you specify one or more tags when creating the snapshot, no tags are copied from the volume, regardless of this value.", + "title": "CopyTagsToSnapshots", + "type": "boolean" }, - "SemanticVersion": { - "markdownDescription": "The version of the Image Builder recipe specified by the `name` field.", - "title": "SemanticVersion", + "DataCompressionType": { + "markdownDescription": "Specifies the method used to compress the data on the volume. The compression type is `NONE` by default.\n\n- `NONE` - Doesn't compress the data on the volume. `NONE` is the default.\n- `ZSTD` - Compresses the data in the volume using the Zstandard (ZSTD) compression algorithm. Compared to LZ4, Z-Standard provides a better compression ratio to minimize on-disk storage utilization.\n- `LZ4` - Compresses the data in the volume using the LZ4 compression algorithm. Compared to Z-Standard, LZ4 is less compute-intensive and delivers higher write throughput speeds.", + "title": "DataCompressionType", "type": "string" + }, + "NfsExports": { + "items": { + "$ref": "#/definitions/AWS::FSx::FileSystem.NfsExports" + }, + "markdownDescription": "The configuration object for mounting a file system.", + "title": "NfsExports", + "type": "array" + }, + "ReadOnly": { + "markdownDescription": "A Boolean value indicating whether the volume is read-only. Setting this value to `true` can be useful after you have completed changes to a volume and no longer want changes to occur.", + "title": "ReadOnly", + "type": "boolean" + }, + "RecordSizeKiB": { + "markdownDescription": "Specifies the record size of an OpenZFS root volume, in kibibytes (KiB). Valid values are 4, 8, 16, 32, 64, 128, 256, 512, or 1024 KiB. The default is 128 KiB. Most workloads should use the default record size. Database workflows can benefit from a smaller record size, while streaming workflows can benefit from a larger record size. For additional guidance on setting a custom record size, see [Tips for maximizing performance](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/performance.html#performance-tips-zfs) in the *Amazon FSx for OpenZFS User Guide* .", + "title": "RecordSizeKiB", + "type": "number" + }, + "UserAndGroupQuotas": { + "items": { + "$ref": "#/definitions/AWS::FSx::FileSystem.UserAndGroupQuotas" + }, + "markdownDescription": "An object specifying how much storage users or groups can use on the volume.", + "title": "UserAndGroupQuotas", + "type": "array" } }, - "required": [ - "Name", - "SemanticVersion" - ], "type": "object" }, - "AWS::ImageBuilder::LifecyclePolicy.ResourceSelection": { + "AWS::FSx::FileSystem.SelfManagedActiveDirectoryConfiguration": { "additionalProperties": false, "properties": { - "Recipes": { + "DnsIps": { "items": { - "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.RecipeSelection" + "type": "string" }, - "markdownDescription": "A list of recipes that are used as selection criteria for the output images that the lifecycle policy applies to.", - "title": "Recipes", + "markdownDescription": "A list of up to three IP addresses of DNS servers or domain controllers in the self-managed AD directory.", + "title": "DnsIps", "type": "array" }, - "TagMap": { - "additionalProperties": true, - "markdownDescription": "A list of tags that are used as selection criteria for the Image Builder image resources that the lifecycle policy applies to.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "DomainName": { + "markdownDescription": "The fully qualified domain name of the self-managed AD directory, such as `corp.example.com` .", + "title": "DomainName", + "type": "string" + }, + "FileSystemAdministratorsGroup": { + "markdownDescription": "(Optional) The name of the domain group whose members are granted administrative privileges for the file system. Administrative privileges include taking ownership of files and folders, setting audit controls (audit ACLs) on files and folders, and administering the file system remotely by using the FSx Remote PowerShell. The group that you specify must already exist in your domain. If you don't provide one, your AD domain's Domain Admins group is used.", + "title": "FileSystemAdministratorsGroup", + "type": "string" + }, + "OrganizationalUnitDistinguishedName": { + "markdownDescription": "(Optional) The fully qualified distinguished name of the organizational unit within your self-managed AD directory. Amazon FSx only accepts OU as the direct parent of the file system. An example is `OU=FSx,DC=yourdomain,DC=corp,DC=com` . To learn more, see [RFC 2253](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc2253) . If none is provided, the FSx file system is created in the default location of your self-managed AD directory.\n\n> Only Organizational Unit (OU) objects can be the direct parent of the file system that you're creating.", + "title": "OrganizationalUnitDistinguishedName", + "type": "string" + }, + "Password": { + "markdownDescription": "The password for the service account on your self-managed AD domain that Amazon FSx will use to join to your AD domain.", + "title": "Password", + "type": "string" + }, + "UserName": { + "markdownDescription": "The user name for the service account on your self-managed AD domain that Amazon FSx will use to join to your AD domain. This account must have the permission to join computers to the domain in the organizational unit provided in `OrganizationalUnitDistinguishedName` , or in the default location of your AD domain.", + "title": "UserName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::FSx::FileSystem.UserAndGroupQuotas": { + "additionalProperties": false, + "properties": { + "Id": { + "markdownDescription": "The ID of the user or group that the quota applies to.", + "title": "Id", + "type": "number" + }, + "StorageCapacityQuotaGiB": { + "markdownDescription": "The user or group's storage quota, in gibibytes (GiB).", + "title": "StorageCapacityQuotaGiB", + "type": "number" + }, + "Type": { + "markdownDescription": "Specifies whether the quota applies to a user or group.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::FSx::FileSystem.WindowsConfiguration": { + "additionalProperties": false, + "properties": { + "ActiveDirectoryId": { + "markdownDescription": "The ID for an existing AWS Managed Microsoft Active Directory (AD) instance that the file system should join when it's created. Required if you are joining the file system to an existing AWS Managed Microsoft AD.", + "title": "ActiveDirectoryId", + "type": "string" + }, + "Aliases": { + "items": { + "type": "string" }, - "title": "TagMap", - "type": "object" + "markdownDescription": "An array of one or more DNS alias names that you want to associate with the Amazon FSx file system. Aliases allow you to use existing DNS names to access the data in your Amazon FSx file system. You can associate up to 50 aliases with a file system at any time.\n\nFor more information, see [Working with DNS Aliases](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/managing-dns-aliases.html) and [Walkthrough 5: Using DNS aliases to access your file system](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/walkthrough05-file-system-custom-CNAME.html) , including additional steps you must take to be able to access your file system using a DNS alias.\n\nAn alias name has to meet the following requirements:\n\n- Formatted as a fully-qualified domain name (FQDN), `hostname.domain` , for example, `accounting.example.com` .\n- Can contain alphanumeric characters, the underscore (_), and the hyphen (-).\n- Cannot start or end with a hyphen.\n- Can start with a numeric.\n\nFor DNS alias names, Amazon FSx stores alphabetical characters as lowercase letters (a-z), regardless of how you specify them: as uppercase letters, lowercase letters, or the corresponding letters in escape codes.", + "title": "Aliases", + "type": "array" + }, + "AuditLogConfiguration": { + "$ref": "#/definitions/AWS::FSx::FileSystem.AuditLogConfiguration", + "markdownDescription": "The configuration that Amazon FSx for Windows File Server uses to audit and log user accesses of files, folders, and file shares on the Amazon FSx for Windows File Server file system.", + "title": "AuditLogConfiguration" + }, + "AutomaticBackupRetentionDays": { + "markdownDescription": "The number of days to retain automatic backups. Setting this property to `0` disables automatic backups. You can retain automatic backups for a maximum of 90 days. The default is `30` .", + "title": "AutomaticBackupRetentionDays", + "type": "number" + }, + "CopyTagsToBackups": { + "markdownDescription": "A boolean flag indicating whether tags for the file system should be copied to backups. This value defaults to false. If it's set to true, all tags for the file system are copied to all automatic and user-initiated backups where the user doesn't specify tags. If this value is true, and you specify one or more tags, only the specified tags are copied to backups. If you specify one or more tags when creating a user-initiated backup, no tags are copied from the file system, regardless of this value.", + "title": "CopyTagsToBackups", + "type": "boolean" + }, + "DailyAutomaticBackupStartTime": { + "markdownDescription": "A recurring daily time, in the format `HH:MM` . `HH` is the zero-padded hour of the day (0-23), and `MM` is the zero-padded minute of the hour. For example, `05:00` specifies 5 AM daily.", + "title": "DailyAutomaticBackupStartTime", + "type": "string" + }, + "DeploymentType": { + "markdownDescription": "Specifies the file system deployment type, valid values are the following:\n\n- `MULTI_AZ_1` - Deploys a high availability file system that is configured for Multi-AZ redundancy to tolerate temporary Availability Zone (AZ) unavailability. You can only deploy a Multi-AZ file system in AWS Regions that have a minimum of three Availability Zones. Also supports HDD storage type\n- `SINGLE_AZ_1` - (Default) Choose to deploy a file system that is configured for single AZ redundancy.\n- `SINGLE_AZ_2` - The latest generation Single AZ file system. Specifies a file system that is configured for single AZ redundancy and supports HDD storage type.\n\nFor more information, see [Availability and Durability: Single-AZ and Multi-AZ File Systems](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/high-availability-multiAZ.html) .", + "title": "DeploymentType", + "type": "string" + }, + "DiskIopsConfiguration": { + "$ref": "#/definitions/AWS::FSx::FileSystem.DiskIopsConfiguration", + "markdownDescription": "The SSD IOPS (input/output operations per second) configuration for an Amazon FSx for Windows file system. By default, Amazon FSx automatically provisions 3 IOPS per GiB of storage capacity. You can provision additional IOPS per GiB of storage, up to the maximum limit associated with your chosen throughput capacity.", + "title": "DiskIopsConfiguration" + }, + "PreferredSubnetId": { + "markdownDescription": "Required when `DeploymentType` is set to `MULTI_AZ_1` . This specifies the subnet in which you want the preferred file server to be located. For in- AWS applications, we recommend that you launch your clients in the same availability zone as your preferred file server to reduce cross-availability zone data transfer costs and minimize latency.", + "title": "PreferredSubnetId", + "type": "string" + }, + "SelfManagedActiveDirectoryConfiguration": { + "$ref": "#/definitions/AWS::FSx::FileSystem.SelfManagedActiveDirectoryConfiguration", + "markdownDescription": "The configuration that Amazon FSx uses to join a FSx for Windows File Server file system or an FSx for ONTAP storage virtual machine (SVM) to a self-managed (including on-premises) Microsoft Active Directory (AD) directory. For more information, see [Using Amazon FSx for Windows with your self-managed Microsoft Active Directory](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/self-managed-AD.html) or [Managing FSx for ONTAP SVMs](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-svms.html) .", + "title": "SelfManagedActiveDirectoryConfiguration" + }, + "ThroughputCapacity": { + "markdownDescription": "Sets the throughput capacity of an Amazon FSx file system, measured in megabytes per second (MB/s), in 2 to the *n* th increments, between 2^3 (8) and 2^11 (2048).\n\n> To increase storage capacity, a file system must have a minimum throughput capacity of 16 MB/s.", + "title": "ThroughputCapacity", + "type": "number" + }, + "WeeklyMaintenanceStartTime": { + "markdownDescription": "The preferred start time to perform weekly maintenance, formatted d:HH:MM in the UTC time zone, where d is the weekday number, from 1 through 7, beginning with Monday and ending with Sunday.", + "title": "WeeklyMaintenanceStartTime", + "type": "string" } }, + "required": [ + "ThroughputCapacity" + ], "type": "object" }, - "AWS::ImageBuilder::Workflow": { + "AWS::FSx::S3AccessPointAttachment": { "additionalProperties": false, "properties": { "Condition": { @@ -118699,68 +123450,37 @@ "Properties": { "additionalProperties": false, "properties": { - "ChangeDescription": { - "markdownDescription": "Describes what change has been made in this version of the workflow, or what makes this version different from other versions of the workflow.", - "title": "ChangeDescription", - "type": "string" - }, - "Data": { - "markdownDescription": "Contains the UTF-8 encoded YAML document content for the workflow. Alternatively, you can specify the `uri` of a YAML document file stored in Amazon S3. However, you cannot specify both properties.", - "title": "Data", - "type": "string" - }, - "Description": { - "markdownDescription": "Describes the workflow.", - "title": "Description", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "The ID of the KMS key that is used to encrypt this workflow resource.", - "title": "KmsKeyId", - "type": "string" - }, "Name": { - "markdownDescription": "The name of the workflow to create.", + "markdownDescription": "The name of the S3 access point attachment; also used for the name of the S3 access point.", "title": "Name", "type": "string" }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Tags that apply to the workflow resource.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" + "OpenZFSConfiguration": { + "$ref": "#/definitions/AWS::FSx::S3AccessPointAttachment.S3AccessPointOpenZFSConfiguration", + "markdownDescription": "The OpenZFSConfiguration of the S3 access point attachment.", + "title": "OpenZFSConfiguration" + }, + "S3AccessPoint": { + "$ref": "#/definitions/AWS::FSx::S3AccessPointAttachment.S3AccessPoint", + "markdownDescription": "The S3 access point configuration of the S3 access point attachment.", + "title": "S3AccessPoint" }, "Type": { - "markdownDescription": "The phase in the image build process for which the workflow resource is responsible.", + "markdownDescription": "The type of Amazon FSx volume that the S3 access point is attached to.", "title": "Type", "type": "string" - }, - "Uri": { - "markdownDescription": "The `uri` of a YAML component document file. This must be an S3 URL ( `s3://bucket/key` ), and the requester must have permission to access the S3 bucket it points to. If you use Amazon S3, you can specify component content up to your service quota.\n\nAlternatively, you can specify the YAML document inline, using the component `data` property. You cannot specify both properties.", - "title": "Uri", - "type": "string" - }, - "Version": { - "markdownDescription": "The semantic version of this workflow resource. The semantic version syntax adheres to the following rules.\n\n> The semantic version has four nodes: ../. You can assign values for the first three, and can filter on all of them.\n> \n> *Assignment:* For the first three nodes you can assign any positive integer value, including zero, with an upper limit of 2^30-1, or 1073741823 for each node. Image Builder automatically assigns the build number to the fourth node.\n> \n> *Patterns:* You can use any numeric pattern that adheres to the assignment requirements for the nodes that you can assign. For example, you might choose a software version pattern, such as 1.0.0, or a date, such as 2021.01.01.", - "title": "Version", - "type": "string" } }, "required": [ "Name", - "Type", - "Version" + "OpenZFSConfiguration", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::ImageBuilder::Workflow" + "AWS::FSx::S3AccessPointAttachment" ], "type": "string" }, @@ -118779,75 +123499,129 @@ ], "type": "object" }, - "AWS::Inspector::AssessmentTarget": { + "AWS::FSx::S3AccessPointAttachment.FileSystemGID": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Gid": { + "markdownDescription": "The GID of the file system user.", + "title": "Gid", + "type": "number" + } + }, + "required": [ + "Gid" + ], + "type": "object" + }, + "AWS::FSx::S3AccessPointAttachment.OpenZFSFileSystemIdentity": { + "additionalProperties": false, + "properties": { + "PosixUser": { + "$ref": "#/definitions/AWS::FSx::S3AccessPointAttachment.OpenZFSPosixFileSystemUser", + "markdownDescription": "Specifies the UID and GIDs of the file system POSIX user.", + "title": "PosixUser" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Type": { + "markdownDescription": "Specifies the FSx for OpenZFS user identity type, accepts only `POSIX` .", + "title": "Type", "type": "string" + } + }, + "required": [ + "PosixUser", + "Type" + ], + "type": "object" + }, + "AWS::FSx::S3AccessPointAttachment.OpenZFSPosixFileSystemUser": { + "additionalProperties": false, + "properties": { + "Gid": { + "markdownDescription": "The GID of the file system user.", + "title": "Gid", + "type": "number" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "SecondaryGids": { + "items": { + "$ref": "#/definitions/AWS::FSx::S3AccessPointAttachment.FileSystemGID" + }, + "markdownDescription": "The list of secondary GIDs for the file system user.", + "title": "SecondaryGids", + "type": "array" }, - "Metadata": { - "type": "object" + "Uid": { + "markdownDescription": "The UID of the file system user.", + "title": "Uid", + "type": "number" + } + }, + "required": [ + "Gid", + "Uid" + ], + "type": "object" + }, + "AWS::FSx::S3AccessPointAttachment.S3AccessPoint": { + "additionalProperties": false, + "properties": { + "Alias": { + "markdownDescription": "The S3 access point's alias.", + "title": "Alias", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AssessmentTargetName": { - "markdownDescription": "The name of the Amazon Inspector assessment target. The name must be unique within the AWS account .", - "title": "AssessmentTargetName", - "type": "string" - }, - "ResourceGroupArn": { - "markdownDescription": "The ARN that specifies the resource group that is used to create the assessment target. If `resourceGroupArn` is not specified, all EC2 instances in the current AWS account and Region are included in the assessment target.", - "title": "ResourceGroupArn", - "type": "string" - } - }, + "Policy": { + "markdownDescription": "The S3 access point's policy.", + "title": "Policy", "type": "object" }, - "Type": { - "enum": [ - "AWS::Inspector::AssessmentTarget" - ], + "ResourceARN": { + "markdownDescription": "The S3 access point's ARN.", + "title": "ResourceARN", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VpcConfiguration": { + "$ref": "#/definitions/AWS::FSx::S3AccessPointAttachment.S3AccessPointVpcConfiguration", + "markdownDescription": "The S3 access point's virtual private cloud (VPC) configuration.", + "title": "VpcConfiguration" + } + }, + "type": "object" + }, + "AWS::FSx::S3AccessPointAttachment.S3AccessPointOpenZFSConfiguration": { + "additionalProperties": false, + "properties": { + "FileSystemIdentity": { + "$ref": "#/definitions/AWS::FSx::S3AccessPointAttachment.OpenZFSFileSystemIdentity", + "markdownDescription": "The file system identity used to authorize file access requests made using the S3 access point.", + "title": "FileSystemIdentity" + }, + "VolumeId": { + "markdownDescription": "The ID of the FSx for OpenZFS volume that the S3 access point is attached to.", + "title": "VolumeId", "type": "string" } }, "required": [ - "Type" + "FileSystemIdentity", + "VolumeId" ], "type": "object" }, - "AWS::Inspector::AssessmentTemplate": { + "AWS::FSx::S3AccessPointAttachment.S3AccessPointVpcConfiguration": { + "additionalProperties": false, + "properties": { + "VpcId": { + "markdownDescription": "Specifies the virtual private cloud (VPC) for the S3 access point VPC configuration, if one exists.", + "title": "VpcId", + "type": "string" + } + }, + "required": [ + "VpcId" + ], + "type": "object" + }, + "AWS::FSx::Snapshot": { "additionalProperties": false, "properties": { "Condition": { @@ -118882,48 +123656,34 @@ "Properties": { "additionalProperties": false, "properties": { - "AssessmentTargetArn": { - "markdownDescription": "The ARN of the assessment target to be included in the assessment template.", - "title": "AssessmentTargetArn", - "type": "string" - }, - "AssessmentTemplateName": { - "markdownDescription": "The user-defined name that identifies the assessment template that you want to create. You can create several assessment templates for the same assessment target. The names of the assessment templates that correspond to a particular assessment target must be unique.", - "title": "AssessmentTemplateName", + "Name": { + "markdownDescription": "The name of the snapshot.", + "title": "Name", "type": "string" }, - "DurationInSeconds": { - "markdownDescription": "The duration of the assessment run in seconds.", - "title": "DurationInSeconds", - "type": "number" - }, - "RulesPackageArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The ARNs of the rules packages that you want to use in the assessment template.", - "title": "RulesPackageArns", - "type": "array" - }, - "UserAttributesForFindings": { + "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The user-defined attributes that are assigned to every finding that is generated by the assessment run that uses this assessment template. Within an assessment template, each key must be unique.", - "title": "UserAttributesForFindings", + "markdownDescription": "A list of `Tag` values, with a maximum of 50 elements.", + "title": "Tags", "type": "array" + }, + "VolumeId": { + "markdownDescription": "The ID of the volume that the snapshot is of.", + "title": "VolumeId", + "type": "string" } }, "required": [ - "AssessmentTargetArn", - "DurationInSeconds", - "RulesPackageArns" + "Name", + "VolumeId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Inspector::AssessmentTemplate" + "AWS::FSx::Snapshot" ], "type": "string" }, @@ -118942,7 +123702,7 @@ ], "type": "object" }, - "AWS::Inspector::ResourceGroup": { + "AWS::FSx::StorageVirtualMachine": { "additionalProperties": false, "properties": { "Condition": { @@ -118977,23 +123737,49 @@ "Properties": { "additionalProperties": false, "properties": { - "ResourceGroupTags": { + "ActiveDirectoryConfiguration": { + "$ref": "#/definitions/AWS::FSx::StorageVirtualMachine.ActiveDirectoryConfiguration", + "markdownDescription": "Describes the Microsoft Active Directory configuration to which the SVM is joined, if applicable.", + "title": "ActiveDirectoryConfiguration" + }, + "FileSystemId": { + "markdownDescription": "Specifies the FSx for ONTAP file system on which to create the SVM.", + "title": "FileSystemId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the SVM.", + "title": "Name", + "type": "string" + }, + "RootVolumeSecurityStyle": { + "markdownDescription": "The security style of the root volume of the SVM. Specify one of the following values:\n\n- `UNIX` if the file system is managed by a UNIX administrator, the majority of users are NFS clients, and an application accessing the data uses a UNIX user as the service account.\n- `NTFS` if the file system is managed by a Microsoft Windows administrator, the majority of users are SMB clients, and an application accessing the data uses a Microsoft Windows user as the service account.\n- `MIXED` This is an advanced setting. For more information, see [Volume security style](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/volume-security-style.html) in the Amazon FSx for NetApp ONTAP User Guide.", + "title": "RootVolumeSecurityStyle", + "type": "string" + }, + "SvmAdminPassword": { + "markdownDescription": "Specifies the password to use when logging on to the SVM using a secure shell (SSH) connection to the SVM's management endpoint. Doing so enables you to manage the SVM using the NetApp ONTAP CLI or REST API. If you do not specify a password, you can still use the file system's `fsxadmin` user to manage the SVM. For more information, see [Managing SVMs using the NetApp ONTAP CLI](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-resources-ontap-apps.html#vsadmin-ontap-cli) in the *FSx for ONTAP User Guide* .", + "title": "SvmAdminPassword", + "type": "string" + }, + "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags (key and value pairs) that will be associated with the resource group.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "ResourceGroupTags", + "markdownDescription": "A list of `Tag` values, with a maximum of 50 elements.", + "title": "Tags", "type": "array" } }, "required": [ - "ResourceGroupTags" + "FileSystemId", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Inspector::ResourceGroup" + "AWS::FSx::StorageVirtualMachine" ], "type": "string" }, @@ -119012,7 +123798,62 @@ ], "type": "object" }, - "AWS::InspectorV2::CisScanConfiguration": { + "AWS::FSx::StorageVirtualMachine.ActiveDirectoryConfiguration": { + "additionalProperties": false, + "properties": { + "NetBiosName": { + "markdownDescription": "The NetBIOS name of the Active Directory computer object that will be created for your SVM.", + "title": "NetBiosName", + "type": "string" + }, + "SelfManagedActiveDirectoryConfiguration": { + "$ref": "#/definitions/AWS::FSx::StorageVirtualMachine.SelfManagedActiveDirectoryConfiguration", + "markdownDescription": "The configuration that Amazon FSx uses to join the ONTAP storage virtual machine (SVM) to your self-managed (including on-premises) Microsoft Active Directory directory.", + "title": "SelfManagedActiveDirectoryConfiguration" + } + }, + "type": "object" + }, + "AWS::FSx::StorageVirtualMachine.SelfManagedActiveDirectoryConfiguration": { + "additionalProperties": false, + "properties": { + "DnsIps": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of up to three IP addresses of DNS servers or domain controllers in the self-managed AD directory.", + "title": "DnsIps", + "type": "array" + }, + "DomainName": { + "markdownDescription": "The fully qualified domain name of the self-managed AD directory, such as `corp.example.com` .", + "title": "DomainName", + "type": "string" + }, + "FileSystemAdministratorsGroup": { + "markdownDescription": "(Optional) The name of the domain group whose members are granted administrative privileges for the file system. Administrative privileges include taking ownership of files and folders, setting audit controls (audit ACLs) on files and folders, and administering the file system remotely by using the FSx Remote PowerShell. The group that you specify must already exist in your domain. If you don't provide one, your AD domain's Domain Admins group is used.", + "title": "FileSystemAdministratorsGroup", + "type": "string" + }, + "OrganizationalUnitDistinguishedName": { + "markdownDescription": "(Optional) The fully qualified distinguished name of the organizational unit within your self-managed AD directory. Amazon FSx only accepts OU as the direct parent of the file system. An example is `OU=FSx,DC=yourdomain,DC=corp,DC=com` . To learn more, see [RFC 2253](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc2253) . If none is provided, the FSx file system is created in the default location of your self-managed AD directory.\n\n> Only Organizational Unit (OU) objects can be the direct parent of the file system that you're creating.", + "title": "OrganizationalUnitDistinguishedName", + "type": "string" + }, + "Password": { + "markdownDescription": "The password for the service account on your self-managed AD domain that Amazon FSx will use to join to your AD domain.", + "title": "Password", + "type": "string" + }, + "UserName": { + "markdownDescription": "The user name for the service account on your self-managed AD domain that Amazon FSx will use to join to your AD domain. This account must have the permission to join computers to the domain in the organizational unit provided in `OrganizationalUnitDistinguishedName` , or in the default location of your AD domain.", + "title": "UserName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::FSx::Volume": { "additionalProperties": false, "properties": { "Condition": { @@ -119047,43 +123888,48 @@ "Properties": { "additionalProperties": false, "properties": { - "ScanName": { - "markdownDescription": "The name of the CIS scan configuration.", - "title": "ScanName", + "BackupId": { + "markdownDescription": "Specifies the ID of the volume backup to use to create a new volume.", + "title": "BackupId", "type": "string" }, - "Schedule": { - "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.Schedule", - "markdownDescription": "The CIS scan configuration's schedule.", - "title": "Schedule" - }, - "SecurityLevel": { - "markdownDescription": "The CIS scan configuration's CIS Benchmark level.", - "title": "SecurityLevel", + "Name": { + "markdownDescription": "The name of the volume.", + "title": "Name", "type": "string" }, + "OntapConfiguration": { + "$ref": "#/definitions/AWS::FSx::Volume.OntapConfiguration", + "markdownDescription": "The configuration of an Amazon FSx for NetApp ONTAP volume.", + "title": "OntapConfiguration" + }, + "OpenZFSConfiguration": { + "$ref": "#/definitions/AWS::FSx::Volume.OpenZFSConfiguration", + "markdownDescription": "The configuration of an Amazon FSx for OpenZFS volume.", + "title": "OpenZFSConfiguration" + }, "Tags": { - "additionalProperties": true, - "markdownDescription": "The CIS scan configuration's tags.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", - "type": "object" + "type": "array" }, - "Targets": { - "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.CisTargets", - "markdownDescription": "The CIS scan configuration's targets.", - "title": "Targets" + "VolumeType": { + "markdownDescription": "The type of the volume.", + "title": "VolumeType", + "type": "string" } }, + "required": [ + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::InspectorV2::CisScanConfiguration" + "AWS::FSx::Volume" ], "type": "string" }, @@ -119097,602 +123943,383 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::InspectorV2::CisScanConfiguration.CisTargets": { + "AWS::FSx::Volume.AggregateConfiguration": { "additionalProperties": false, "properties": { - "AccountIds": { + "Aggregates": { "items": { "type": "string" }, - "markdownDescription": "The CIS target account ids.", - "title": "AccountIds", + "markdownDescription": "The list of aggregates that this volume resides on. Aggregates are storage pools which make up your primary storage tier. Each high-availability (HA) pair has one aggregate. The names of the aggregates map to the names of the aggregates in the ONTAP CLI and REST API. For FlexVols, there will always be a single entry.\n\nAmazon FSx responds with an HTTP status code 400 (Bad Request) for the following conditions:\n\n- The strings in the value of `Aggregates` are not are not formatted as `aggrX` , where X is a number between 1 and 12.\n- The value of `Aggregates` contains aggregates that are not present.\n- One or more of the aggregates supplied are too close to the volume limit to support adding more volumes.", + "title": "Aggregates", "type": "array" }, - "TargetResourceTags": { - "markdownDescription": "The CIS target resource tags.", - "title": "TargetResourceTags", - "type": "object" + "ConstituentsPerAggregate": { + "markdownDescription": "Used to explicitly set the number of constituents within the FlexGroup per storage aggregate. This field is optional when creating a FlexGroup volume. If unspecified, the default value will be 8. This field cannot be provided when creating a FlexVol volume.", + "title": "ConstituentsPerAggregate", + "type": "number" } }, - "required": [ - "AccountIds" - ], "type": "object" }, - "AWS::InspectorV2::CisScanConfiguration.DailySchedule": { + "AWS::FSx::Volume.AutocommitPeriod": { "additionalProperties": false, "properties": { - "StartTime": { - "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.Time", - "markdownDescription": "The schedule start time.", - "title": "StartTime" + "Type": { + "markdownDescription": "Defines the type of time for the autocommit period of a file in an FSx for ONTAP SnapLock volume. Setting this value to `NONE` disables autocommit. The default value is `NONE` .", + "title": "Type", + "type": "string" + }, + "Value": { + "markdownDescription": "Defines the amount of time for the autocommit period of a file in an FSx for ONTAP SnapLock volume. The following ranges are valid:\n\n- `Minutes` : 5 - 65,535\n- `Hours` : 1 - 65,535\n- `Days` : 1 - 3,650\n- `Months` : 1 - 120\n- `Years` : 1 - 10", + "title": "Value", + "type": "number" } }, "required": [ - "StartTime" + "Type" ], "type": "object" }, - "AWS::InspectorV2::CisScanConfiguration.MonthlySchedule": { + "AWS::FSx::Volume.ClientConfigurations": { "additionalProperties": false, "properties": { - "Day": { - "markdownDescription": "The monthly schedule's day.", - "title": "Day", + "Clients": { + "markdownDescription": "A value that specifies who can mount the file system. You can provide a wildcard character ( `*` ), an IP address ( `0.0.0.0` ), or a CIDR address ( `192.0.2.0/24` ). By default, Amazon FSx uses the wildcard character when specifying the client.", + "title": "Clients", "type": "string" }, - "StartTime": { - "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.Time", - "markdownDescription": "The monthly schedule's start time.", - "title": "StartTime" + "Options": { + "items": { + "type": "string" + }, + "markdownDescription": "The options to use when mounting the file system. For a list of options that you can use with Network File System (NFS), see the [exports(5) - Linux man page](https://docs.aws.amazon.com/https://linux.die.net/man/5/exports) . When choosing your options, consider the following:\n\n- `crossmnt` is used by default. If you don't specify `crossmnt` when changing the client configuration, you won't be able to see or access snapshots in your file system's snapshot directory.\n- `sync` is used by default. If you instead specify `async` , the system acknowledges writes before writing to disk. If the system crashes before the writes are finished, you lose the unwritten data.", + "title": "Options", + "type": "array" } }, "required": [ - "Day", - "StartTime" + "Clients", + "Options" ], "type": "object" }, - "AWS::InspectorV2::CisScanConfiguration.Schedule": { + "AWS::FSx::Volume.NfsExports": { "additionalProperties": false, "properties": { - "Daily": { - "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.DailySchedule", - "markdownDescription": "A daily schedule.", - "title": "Daily" - }, - "Monthly": { - "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.MonthlySchedule", - "markdownDescription": "A monthly schedule.", - "title": "Monthly" - }, - "OneTime": { - "markdownDescription": "A one time schedule.", - "title": "OneTime", - "type": "object" - }, - "Weekly": { - "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.WeeklySchedule", - "markdownDescription": "A weekly schedule.", - "title": "Weekly" + "ClientConfigurations": { + "items": { + "$ref": "#/definitions/AWS::FSx::Volume.ClientConfigurations" + }, + "markdownDescription": "A list of configuration objects that contain the client and options for mounting the OpenZFS file system.", + "title": "ClientConfigurations", + "type": "array" } }, + "required": [ + "ClientConfigurations" + ], "type": "object" }, - "AWS::InspectorV2::CisScanConfiguration.Time": { + "AWS::FSx::Volume.OntapConfiguration": { "additionalProperties": false, "properties": { - "TimeOfDay": { - "markdownDescription": "The time of day in 24-hour format (00:00).", - "title": "TimeOfDay", + "AggregateConfiguration": { + "$ref": "#/definitions/AWS::FSx::Volume.AggregateConfiguration", + "markdownDescription": "Used to specify the configuration options for an FSx for ONTAP volume's storage aggregate or aggregates.", + "title": "AggregateConfiguration" + }, + "CopyTagsToBackups": { + "markdownDescription": "A boolean flag indicating whether tags for the volume should be copied to backups. This value defaults to false. If it's set to true, all tags for the volume are copied to all automatic and user-initiated backups where the user doesn't specify tags. If this value is true, and you specify one or more tags, only the specified tags are copied to backups. If you specify one or more tags when creating a user-initiated backup, no tags are copied from the volume, regardless of this value.", + "title": "CopyTagsToBackups", "type": "string" }, - "TimeZone": { - "markdownDescription": "The timezone.", - "title": "TimeZone", + "JunctionPath": { + "markdownDescription": "Specifies the location in the SVM's namespace where the volume is mounted. This parameter is required. The `JunctionPath` must have a leading forward slash, such as `/vol3` .", + "title": "JunctionPath", + "type": "string" + }, + "OntapVolumeType": { + "markdownDescription": "Specifies the type of volume you are creating. Valid values are the following:\n\n- `RW` specifies a read/write volume. `RW` is the default.\n- `DP` specifies a data-protection volume. A `DP` volume is read-only and can be used as the destination of a NetApp SnapMirror relationship.\n\nFor more information, see [Volume types](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-volumes.html#volume-types) in the Amazon FSx for NetApp ONTAP User Guide.", + "title": "OntapVolumeType", + "type": "string" + }, + "SecurityStyle": { + "markdownDescription": "Specifies the security style for the volume. If a volume's security style is not specified, it is automatically set to the root volume's security style. The security style determines the type of permissions that FSx for ONTAP uses to control data access. Specify one of the following values:\n\n- `UNIX` if the file system is managed by a UNIX administrator, the majority of users are NFS clients, and an application accessing the data uses a UNIX user as the service account.\n- `NTFS` if the file system is managed by a Windows administrator, the majority of users are SMB clients, and an application accessing the data uses a Windows user as the service account.\n- `MIXED` This is an advanced setting. For more information, see the topic [What the security styles and their effects are](https://docs.aws.amazon.com/https://docs.netapp.com/us-en/ontap/nfs-admin/security-styles-their-effects-concept.html) in the NetApp Documentation Center.\n\nFor more information, see [Volume security style](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-volumes.html#volume-security-style) in the FSx for ONTAP User Guide.", + "title": "SecurityStyle", + "type": "string" + }, + "SizeInBytes": { + "markdownDescription": "Specifies the configured size of the volume, in bytes.", + "title": "SizeInBytes", + "type": "string" + }, + "SizeInMegabytes": { + "markdownDescription": "Use `SizeInBytes` instead. Specifies the size of the volume, in megabytes (MB), that you are creating.", + "title": "SizeInMegabytes", + "type": "string" + }, + "SnaplockConfiguration": { + "$ref": "#/definitions/AWS::FSx::Volume.SnaplockConfiguration", + "markdownDescription": "The SnapLock configuration object for an FSx for ONTAP SnapLock volume.", + "title": "SnaplockConfiguration" + }, + "SnapshotPolicy": { + "markdownDescription": "Specifies the snapshot policy for the volume. There are three built-in snapshot policies:\n\n- `default` : This is the default policy. A maximum of six hourly snapshots taken five minutes past the hour. A maximum of two daily snapshots taken Monday through Saturday at 10 minutes after midnight. A maximum of two weekly snapshots taken every Sunday at 15 minutes after midnight.\n- `default-1weekly` : This policy is the same as the `default` policy except that it only retains one snapshot from the weekly schedule.\n- `none` : This policy does not take any snapshots. This policy can be assigned to volumes to prevent automatic snapshots from being taken.\n\nYou can also provide the name of a custom policy that you created with the ONTAP CLI or REST API.\n\nFor more information, see [Snapshot policies](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/snapshots-ontap.html#snapshot-policies) in the Amazon FSx for NetApp ONTAP User Guide.", + "title": "SnapshotPolicy", + "type": "string" + }, + "StorageEfficiencyEnabled": { + "markdownDescription": "Set to true to enable deduplication, compression, and compaction storage efficiency features on the volume, or set to false to disable them.\n\n`StorageEfficiencyEnabled` is required when creating a `RW` volume ( `OntapVolumeType` set to `RW` ).", + "title": "StorageEfficiencyEnabled", + "type": "string" + }, + "StorageVirtualMachineId": { + "markdownDescription": "Specifies the ONTAP SVM in which to create the volume.", + "title": "StorageVirtualMachineId", + "type": "string" + }, + "TieringPolicy": { + "$ref": "#/definitions/AWS::FSx::Volume.TieringPolicy", + "markdownDescription": "Describes the data tiering policy for an ONTAP volume. When enabled, Amazon FSx for ONTAP's intelligent tiering automatically transitions a volume's data between the file system's primary storage and capacity pool storage based on your access patterns.\n\nValid tiering policies are the following:\n\n- `SNAPSHOT_ONLY` - (Default value) moves cold snapshots to the capacity pool storage tier.\n\n- `AUTO` - moves cold user data and snapshots to the capacity pool storage tier based on your access patterns.\n\n- `ALL` - moves all user data blocks in both the active file system and Snapshot copies to the storage pool tier.\n\n- `NONE` - keeps a volume's data in the primary storage tier, preventing it from being moved to the capacity pool tier.", + "title": "TieringPolicy" + }, + "VolumeStyle": { + "markdownDescription": "Use to specify the style of an ONTAP volume. FSx for ONTAP offers two styles of volumes that you can use for different purposes, FlexVol and FlexGroup volumes. For more information, see [Volume styles](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-volumes.html#volume-styles) in the Amazon FSx for NetApp ONTAP User Guide.", + "title": "VolumeStyle", "type": "string" } }, "required": [ - "TimeOfDay", - "TimeZone" + "StorageVirtualMachineId" ], "type": "object" }, - "AWS::InspectorV2::CisScanConfiguration.WeeklySchedule": { + "AWS::FSx::Volume.OpenZFSConfiguration": { "additionalProperties": false, "properties": { - "Days": { + "CopyTagsToSnapshots": { + "markdownDescription": "A Boolean value indicating whether tags for the volume should be copied to snapshots. This value defaults to `false` . If this value is set to `true` , and you do not specify any tags, all tags for the original volume are copied over to snapshots. If this value is\u00a0set to `true` , and you do specify one or more tags, only the specified tags for the original volume are copied over to snapshots. If you specify one or more tags when creating a new snapshot, no tags are copied over from the original volume, regardless of this value.", + "title": "CopyTagsToSnapshots", + "type": "boolean" + }, + "DataCompressionType": { + "markdownDescription": "Specifies the method used to compress the data on the volume. The compression type is `NONE` by default.\n\n- `NONE` - Doesn't compress the data on the volume. `NONE` is the default.\n- `ZSTD` - Compresses the data in the volume using the Zstandard (ZSTD) compression algorithm. Compared to LZ4, Z-Standard provides a better compression ratio to minimize on-disk storage utilization.\n- `LZ4` - Compresses the data in the volume using the LZ4 compression algorithm. Compared to Z-Standard, LZ4 is less compute-intensive and delivers higher write throughput speeds.", + "title": "DataCompressionType", + "type": "string" + }, + "NfsExports": { + "items": { + "$ref": "#/definitions/AWS::FSx::Volume.NfsExports" + }, + "markdownDescription": "The configuration object for mounting a Network File System (NFS) file system.", + "title": "NfsExports", + "type": "array" + }, + "Options": { "items": { "type": "string" }, - "markdownDescription": "The weekly schedule's days.", - "title": "Days", + "markdownDescription": "To delete the volume's child volumes, snapshots, and clones, use the string `DELETE_CHILD_VOLUMES_AND_SNAPSHOTS` .", + "title": "Options", "type": "array" }, - "StartTime": { - "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.Time", - "markdownDescription": "The weekly schedule's start time.", - "title": "StartTime" - } - }, - "required": [ - "Days", - "StartTime" - ], - "type": "object" - }, - "AWS::InspectorV2::Filter": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" + "OriginSnapshot": { + "$ref": "#/definitions/AWS::FSx::Volume.OriginSnapshot", + "markdownDescription": "The configuration object that specifies the snapshot to use as the origin of the data for the volume.", + "title": "OriginSnapshot" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ParentVolumeId": { + "markdownDescription": "The ID of the volume to use as the parent volume of the volume that you are creating.", + "title": "ParentVolumeId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ReadOnly": { + "markdownDescription": "A Boolean value indicating whether the volume is read-only.", + "title": "ReadOnly", + "type": "boolean" }, - "Metadata": { - "type": "object" + "RecordSizeKiB": { + "markdownDescription": "Specifies the suggested block size for a volume in a ZFS dataset, in kibibytes (KiB). For file systems using the Intelligent-Tiering storage class, valid values are 128, 256, 512, 1024, 2048, or 4096 KiB, with a default of 1024 KiB. For all other file systems, valid values are 4, 8, 16, 32, 64, 128, 256, 512, or 1024 KiB, with a default of 128 KiB. We recommend using the default setting for the majority of use cases. Generally, workloads that write in fixed small or large record sizes may benefit from setting a custom record size, like database workloads (small record size) or media streaming workloads (large record size). For additional guidance on when to set a custom record size, see [ZFS Record size](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/performance.html#record-size-performance) in the *Amazon FSx for OpenZFS User Guide* .", + "title": "RecordSizeKiB", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description of the filter.", - "title": "Description", - "type": "string" - }, - "FilterAction": { - "markdownDescription": "The action that is to be applied to the findings that match the filter.", - "title": "FilterAction", - "type": "string" - }, - "FilterCriteria": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.FilterCriteria", - "markdownDescription": "Details on the filter criteria associated with this filter.", - "title": "FilterCriteria" - }, - "Name": { - "markdownDescription": "The name of the filter.", - "title": "Name", - "type": "string" - } - }, - "required": [ - "FilterAction", - "FilterCriteria", - "Name" - ], - "type": "object" + "StorageCapacityQuotaGiB": { + "markdownDescription": "Sets the maximum storage size in gibibytes (GiB) for the volume. You can specify a quota that is larger than the storage on the parent volume. A volume quota limits the amount of storage that the volume can consume to the configured amount, but does not guarantee the space will be available on the parent volume. To guarantee quota space, you must also set `StorageCapacityReservationGiB` . To *not* specify a storage capacity quota, set this to `-1` .\n\nFor more information, see [Volume properties](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/managing-volumes.html#volume-properties) in the *Amazon FSx for OpenZFS User Guide* .", + "title": "StorageCapacityQuotaGiB", + "type": "number" }, - "Type": { - "enum": [ - "AWS::InspectorV2::Filter" - ], - "type": "string" + "StorageCapacityReservationGiB": { + "markdownDescription": "Specifies the amount of storage in gibibytes (GiB) to reserve from the parent volume. Setting `StorageCapacityReservationGiB` guarantees that the specified amount of storage space on the parent volume will always be available for the volume. You can't reserve more storage than the parent volume has. To *not* specify a storage capacity reservation, set this to `0` or `-1` . For more information, see [Volume properties](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/managing-volumes.html#volume-properties) in the *Amazon FSx for OpenZFS User Guide* .", + "title": "StorageCapacityReservationGiB", + "type": "number" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "UserAndGroupQuotas": { + "items": { + "$ref": "#/definitions/AWS::FSx::Volume.UserAndGroupQuotas" + }, + "markdownDescription": "Configures how much storage users and groups can use on the volume.", + "title": "UserAndGroupQuotas", + "type": "array" } }, "required": [ - "Type", - "Properties" + "ParentVolumeId" ], "type": "object" }, - "AWS::InspectorV2::Filter.DateFilter": { + "AWS::FSx::Volume.OriginSnapshot": { "additionalProperties": false, "properties": { - "EndInclusive": { - "markdownDescription": "A timestamp representing the end of the time period filtered on.", - "title": "EndInclusive", - "type": "number" + "CopyStrategy": { + "markdownDescription": "Specifies the strategy used when copying data from the snapshot to the new volume.\n\n- `CLONE` - The new volume references the data in the origin snapshot. Cloning a snapshot is faster than copying data from the snapshot to a new volume and doesn't consume disk throughput. However, the origin snapshot can't be deleted if there is a volume using its copied data.\n- `FULL_COPY` - Copies all data from the snapshot to the new volume.\n\nSpecify this option to create the volume from a snapshot on another FSx for OpenZFS file system.\n\n> The `INCREMENTAL_COPY` option is only for updating an existing volume by using a snapshot from another FSx for OpenZFS file system. For more information, see [CopySnapshotAndUpdateVolume](https://docs.aws.amazon.com/fsx/latest/APIReference/API_CopySnapshotAndUpdateVolume.html) .", + "title": "CopyStrategy", + "type": "string" }, - "StartInclusive": { - "markdownDescription": "A timestamp representing the start of the time period filtered on.", - "title": "StartInclusive", - "type": "number" + "SnapshotARN": { + "markdownDescription": "Specifies the snapshot to use when creating an OpenZFS volume from a snapshot.", + "title": "SnapshotARN", + "type": "string" } }, + "required": [ + "CopyStrategy", + "SnapshotARN" + ], "type": "object" }, - "AWS::InspectorV2::Filter.FilterCriteria": { + "AWS::FSx::Volume.RetentionPeriod": { "additionalProperties": false, "properties": { - "AwsAccountId": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details of the AWS account IDs used to filter findings.", - "title": "AwsAccountId", - "type": "array" - }, - "ComponentId": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details of the component IDs used to filter findings.", - "title": "ComponentId", - "type": "array" - }, - "ComponentType": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details of the component types used to filter findings.", - "title": "ComponentType", - "type": "array" - }, - "Ec2InstanceImageId": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details of the Amazon EC2 instance image IDs used to filter findings.", - "title": "Ec2InstanceImageId", - "type": "array" - }, - "Ec2InstanceSubnetId": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details of the Amazon EC2 instance subnet IDs used to filter findings.", - "title": "Ec2InstanceSubnetId", - "type": "array" - }, - "Ec2InstanceVpcId": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details of the Amazon EC2 instance VPC IDs used to filter findings.", - "title": "Ec2InstanceVpcId", - "type": "array" - }, - "EcrImageArchitecture": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details of the Amazon ECR image architecture types used to filter findings.", - "title": "EcrImageArchitecture", - "type": "array" - }, - "EcrImageHash": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details of the Amazon ECR image hashes used to filter findings.", - "title": "EcrImageHash", - "type": "array" - }, - "EcrImagePushedAt": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.DateFilter" - }, - "markdownDescription": "Details on the Amazon ECR image push date and time used to filter findings.", - "title": "EcrImagePushedAt", - "type": "array" - }, - "EcrImageRegistry": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on the Amazon ECR registry used to filter findings.", - "title": "EcrImageRegistry", - "type": "array" - }, - "EcrImageRepositoryName": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on the name of the Amazon ECR repository used to filter findings.", - "title": "EcrImageRepositoryName", - "type": "array" - }, - "EcrImageTags": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "The tags attached to the Amazon ECR container image.", - "title": "EcrImageTags", - "type": "array" - }, - "FindingArn": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on the finding ARNs used to filter findings.", - "title": "FindingArn", - "type": "array" - }, - "FindingStatus": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on the finding status types used to filter findings.", - "title": "FindingStatus", - "type": "array" - }, - "FindingType": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on the finding types used to filter findings.", - "title": "FindingType", - "type": "array" - }, - "FirstObservedAt": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.DateFilter" - }, - "markdownDescription": "Details on the date and time a finding was first seen used to filter findings.", - "title": "FirstObservedAt", - "type": "array" - }, - "InspectorScore": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.NumberFilter" - }, - "markdownDescription": "The Amazon Inspector score to filter on.", - "title": "InspectorScore", - "type": "array" - }, - "LastObservedAt": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.DateFilter" - }, - "markdownDescription": "Details on the date and time a finding was last seen used to filter findings.", - "title": "LastObservedAt", - "type": "array" - }, - "NetworkProtocol": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on network protocol used to filter findings.", - "title": "NetworkProtocol", - "type": "array" - }, - "PortRange": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.PortRangeFilter" - }, - "markdownDescription": "Details on the port ranges used to filter findings.", - "title": "PortRange", - "type": "array" - }, - "RelatedVulnerabilities": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on the related vulnerabilities used to filter findings.", - "title": "RelatedVulnerabilities", - "type": "array" - }, - "ResourceId": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on the resource IDs used to filter findings.", - "title": "ResourceId", - "type": "array" - }, - "ResourceTags": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.MapFilter" - }, - "markdownDescription": "Details on the resource tags used to filter findings.", - "title": "ResourceTags", - "type": "array" - }, - "ResourceType": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on the resource types used to filter findings.", - "title": "ResourceType", - "type": "array" - }, - "Severity": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on the severity used to filter findings.", - "title": "Severity", - "type": "array" - }, - "Title": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on the finding title used to filter findings.", - "title": "Title", - "type": "array" - }, - "UpdatedAt": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.DateFilter" - }, - "markdownDescription": "Details on the date and time a finding was last updated at used to filter findings.", - "title": "UpdatedAt", - "type": "array" - }, - "VendorSeverity": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on the vendor severity used to filter findings.", - "title": "VendorSeverity", - "type": "array" - }, - "VulnerabilityId": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on the vulnerability ID used to filter findings.", - "title": "VulnerabilityId", - "type": "array" - }, - "VulnerabilitySource": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on the vulnerability score to filter findings by.", - "title": "VulnerabilitySource", - "type": "array" + "Type": { + "markdownDescription": "Defines the type of time for the retention period of an FSx for ONTAP SnapLock volume. Set it to one of the valid types. If you set it to `INFINITE` , the files are retained forever. If you set it to `UNSPECIFIED` , the files are retained until you set an explicit retention period.", + "title": "Type", + "type": "string" }, - "VulnerablePackages": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.PackageFilter" - }, - "markdownDescription": "Details on the vulnerable packages used to filter findings.", - "title": "VulnerablePackages", - "type": "array" + "Value": { + "markdownDescription": "Defines the amount of time for the retention period of an FSx for ONTAP SnapLock volume. You can't set a value for `INFINITE` or `UNSPECIFIED` . For all other options, the following ranges are valid:\n\n- `Seconds` : 0 - 65,535\n- `Minutes` : 0 - 65,535\n- `Hours` : 0 - 24\n- `Days` : 0 - 365\n- `Months` : 0 - 12\n- `Years` : 0 - 100", + "title": "Value", + "type": "number" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::InspectorV2::Filter.MapFilter": { + "AWS::FSx::Volume.SnaplockConfiguration": { "additionalProperties": false, "properties": { - "Comparison": { - "markdownDescription": "The operator to use when comparing values in the filter.", - "title": "Comparison", + "AuditLogVolume": { + "markdownDescription": "Enables or disables the audit log volume for an FSx for ONTAP SnapLock volume. The default value is `false` . If you set `AuditLogVolume` to `true` , the SnapLock volume is created as an audit log volume. The minimum retention period for an audit log volume is six months.\n\nFor more information, see [SnapLock audit log volumes](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/how-snaplock-works.html#snaplock-audit-log-volume) .", + "title": "AuditLogVolume", "type": "string" }, - "Key": { - "markdownDescription": "The tag key used in the filter.", - "title": "Key", + "AutocommitPeriod": { + "$ref": "#/definitions/AWS::FSx::Volume.AutocommitPeriod", + "markdownDescription": "The configuration object for setting the autocommit period of files in an FSx for ONTAP SnapLock volume.", + "title": "AutocommitPeriod" + }, + "PrivilegedDelete": { + "markdownDescription": "Enables, disables, or permanently disables privileged delete on an FSx for ONTAP SnapLock Enterprise volume. Enabling privileged delete allows SnapLock administrators to delete write once, read many (WORM) files even if they have active retention periods. `PERMANENTLY_DISABLED` is a terminal state. If privileged delete is permanently disabled on a SnapLock volume, you can't re-enable it. The default value is `DISABLED` .\n\nFor more information, see [Privileged delete](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/snaplock-enterprise.html#privileged-delete) .", + "title": "PrivilegedDelete", "type": "string" }, - "Value": { - "markdownDescription": "The tag value used in the filter.", - "title": "Value", + "RetentionPeriod": { + "$ref": "#/definitions/AWS::FSx::Volume.SnaplockRetentionPeriod", + "markdownDescription": "Specifies the retention period of an FSx for ONTAP SnapLock volume.", + "title": "RetentionPeriod" + }, + "SnaplockType": { + "markdownDescription": "Specifies the retention mode of an FSx for ONTAP SnapLock volume. After it is set, it can't be changed. You can choose one of the following retention modes:\n\n- `COMPLIANCE` : Files transitioned to write once, read many (WORM) on a Compliance volume can't be deleted until their retention periods expire. This retention mode is used to address government or industry-specific mandates or to protect against ransomware attacks. For more information, see [SnapLock Compliance](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/snaplock-compliance.html) .\n- `ENTERPRISE` : Files transitioned to WORM on an Enterprise volume can be deleted by authorized users before their retention periods expire using privileged delete. This retention mode is used to advance an organization's data integrity and internal compliance or to test retention settings before using SnapLock Compliance. For more information, see [SnapLock Enterprise](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/snaplock-enterprise.html) .", + "title": "SnaplockType", + "type": "string" + }, + "VolumeAppendModeEnabled": { + "markdownDescription": "Enables or disables volume-append mode on an FSx for ONTAP SnapLock volume. Volume-append mode allows you to create WORM-appendable files and write data to them incrementally. The default value is `false` .\n\nFor more information, see [Volume-append mode](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/worm-state.html#worm-state-append) .", + "title": "VolumeAppendModeEnabled", "type": "string" } }, "required": [ - "Comparison" + "SnaplockType" ], "type": "object" }, - "AWS::InspectorV2::Filter.NumberFilter": { + "AWS::FSx::Volume.SnaplockRetentionPeriod": { "additionalProperties": false, "properties": { - "LowerInclusive": { - "markdownDescription": "The lowest number to be included in the filter.", - "title": "LowerInclusive", - "type": "number" + "DefaultRetention": { + "$ref": "#/definitions/AWS::FSx::Volume.RetentionPeriod", + "markdownDescription": "The retention period assigned to a write once, read many (WORM) file by default if an explicit retention period is not set for an FSx for ONTAP SnapLock volume. The default retention period must be greater than or equal to the minimum retention period and less than or equal to the maximum retention period.", + "title": "DefaultRetention" }, - "UpperInclusive": { - "markdownDescription": "The highest number to be included in the filter.", - "title": "UpperInclusive", - "type": "number" + "MaximumRetention": { + "$ref": "#/definitions/AWS::FSx::Volume.RetentionPeriod", + "markdownDescription": "The longest retention period that can be assigned to a WORM file on an FSx for ONTAP SnapLock volume.", + "title": "MaximumRetention" + }, + "MinimumRetention": { + "$ref": "#/definitions/AWS::FSx::Volume.RetentionPeriod", + "markdownDescription": "The shortest retention period that can be assigned to a WORM file on an FSx for ONTAP SnapLock volume.", + "title": "MinimumRetention" } }, + "required": [ + "DefaultRetention", + "MaximumRetention", + "MinimumRetention" + ], "type": "object" }, - "AWS::InspectorV2::Filter.PackageFilter": { + "AWS::FSx::Volume.TieringPolicy": { "additionalProperties": false, "properties": { - "Architecture": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter", - "markdownDescription": "An object that contains details on the package architecture type to filter on.", - "title": "Architecture" - }, - "Epoch": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.NumberFilter", - "markdownDescription": "An object that contains details on the package epoch to filter on.", - "title": "Epoch" + "CoolingPeriod": { + "markdownDescription": "Specifies the number of days that user data in a volume must remain inactive before it is considered \"cold\" and moved to the capacity pool. Used with the `AUTO` and `SNAPSHOT_ONLY` tiering policies. Enter a whole number between 2 and 183. Default values are 31 days for `AUTO` and 2 days for `SNAPSHOT_ONLY` .", + "title": "CoolingPeriod", + "type": "number" }, "Name": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter", - "markdownDescription": "An object that contains details on the name of the package to filter on.", - "title": "Name" - }, - "Release": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter", - "markdownDescription": "An object that contains details on the package release to filter on.", - "title": "Release" - }, - "SourceLayerHash": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter", - "markdownDescription": "An object that contains details on the source layer hash to filter on.", - "title": "SourceLayerHash" - }, - "Version": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter", - "markdownDescription": "The package version to filter on.", - "title": "Version" + "markdownDescription": "Specifies the tiering policy used to transition data. Default value is `SNAPSHOT_ONLY` .\n\n- `SNAPSHOT_ONLY` - moves cold snapshots to the capacity pool storage tier.\n- `AUTO` - moves cold user data and snapshots to the capacity pool storage tier based on your access patterns.\n- `ALL` - moves all user data blocks in both the active file system and Snapshot copies to the storage pool tier.\n- `NONE` - keeps a volume's data in the primary storage tier, preventing it from being moved to the capacity pool tier.", + "title": "Name", + "type": "string" } }, "type": "object" }, - "AWS::InspectorV2::Filter.PortRangeFilter": { + "AWS::FSx::Volume.UserAndGroupQuotas": { "additionalProperties": false, "properties": { - "BeginInclusive": { - "markdownDescription": "The port number the port range begins at.", - "title": "BeginInclusive", + "Id": { + "markdownDescription": "The ID of the user or group that the quota applies to.", + "title": "Id", "type": "number" }, - "EndInclusive": { - "markdownDescription": "The port number the port range ends at.", - "title": "EndInclusive", + "StorageCapacityQuotaGiB": { + "markdownDescription": "The user or group's storage quota, in gibibytes (GiB).", + "title": "StorageCapacityQuotaGiB", "type": "number" - } - }, - "type": "object" - }, - "AWS::InspectorV2::Filter.StringFilter": { - "additionalProperties": false, - "properties": { - "Comparison": { - "markdownDescription": "The operator to use when comparing values in the filter.", - "title": "Comparison", - "type": "string" }, - "Value": { - "markdownDescription": "The value to filter on.", - "title": "Value", + "Type": { + "markdownDescription": "Specifies whether the quota applies to a user or group.", + "title": "Type", "type": "string" } }, "required": [ - "Comparison", - "Value" + "Id", + "StorageCapacityQuotaGiB", + "Type" ], "type": "object" }, - "AWS::InternetMonitor::Monitor": { + "AWS::FinSpace::Environment": { "additionalProperties": false, "properties": { "Condition": { @@ -119727,87 +124354,53 @@ "Properties": { "additionalProperties": false, "properties": { - "HealthEventsConfig": { - "$ref": "#/definitions/AWS::InternetMonitor::Monitor.HealthEventsConfig", - "markdownDescription": "A complex type with the configuration information that determines the threshold and other conditions for when Internet Monitor creates a health event for an overall performance or availability issue, across an application's geographies.\n\nDefines the percentages, for overall performance scores and availability scores for an application, that are the thresholds for when Internet Monitor creates a health event. You can override the defaults to set a custom threshold for overall performance or availability scores, or both.\n\nYou can also set thresholds for local health scores,, where Internet Monitor creates a health event when scores cross a threshold for one or more city-networks, in addition to creating an event when an overall score crosses a threshold.\n\nIf you don't set a health event threshold, the default value is 95%.\n\nFor local thresholds, you also set a minimum percentage of overall traffic that is impacted by an issue before Internet Monitor creates an event. In addition, you can disable local thresholds, for performance scores, availability scores, or both.\n\nFor more information, see [Change health event thresholds](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-IM-overview.html#IMUpdateThresholdFromOverview) in the Internet Monitor section of the *CloudWatch User Guide* .", - "title": "HealthEventsConfig" - }, - "IncludeLinkedAccounts": { - "markdownDescription": "A boolean option that you can set to `TRUE` to include monitors for linked accounts in a list of monitors, when you've set up cross-account sharing in Internet Monitor. You configure cross-account sharing by using Amazon CloudWatch Observability Access Manager. For more information, see [Internet Monitor cross-account observability](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cwim-cross-account.html) in the Amazon CloudWatch User Guide.", - "title": "IncludeLinkedAccounts", - "type": "boolean" - }, - "InternetMeasurementsLogDelivery": { - "$ref": "#/definitions/AWS::InternetMonitor::Monitor.InternetMeasurementsLogDelivery", - "markdownDescription": "Publish internet measurements for a monitor for all city-networks (up to the 500,000 service limit) to another location, such as an Amazon S3 bucket. Measurements are also published to Amazon CloudWatch Logs for the first 500 (by traffic volume) city-networks (client locations and ASNs, typically internet service providers or ISPs).", - "title": "InternetMeasurementsLogDelivery" - }, - "LinkedAccountId": { - "markdownDescription": "The account ID for an account that you've set up cross-account sharing for in Internet Monitor. You configure cross-account sharing by using Amazon CloudWatch Observability Access Manager. For more information, see [Internet Monitor cross-account observability](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cwim-cross-account.html) in the Amazon CloudWatch User Guide.", - "title": "LinkedAccountId", + "Description": { + "markdownDescription": "The description of the FinSpace environment.", + "title": "Description", "type": "string" }, - "MaxCityNetworksToMonitor": { - "markdownDescription": "The maximum number of city-networks to monitor for your resources. A city-network is the location (city) where clients access your application resources from and the network, such as an internet service provider, that clients access the resources through.\n\nFor more information, see [Choosing a city-network maximum value](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/IMCityNetworksMaximum.html) in *Using Amazon CloudWatch Internet Monitor* .", - "title": "MaxCityNetworksToMonitor", - "type": "number" - }, - "MonitorName": { - "markdownDescription": "The name of the monitor. A monitor name can contain only alphanumeric characters, dashes (-), periods (.), and underscores (_).", - "title": "MonitorName", + "FederationMode": { + "markdownDescription": "The authentication mode for the environment.", + "title": "FederationMode", "type": "string" }, - "Resources": { - "items": { - "type": "string" - }, - "markdownDescription": "The resources that have been added for the monitor, listed by their Amazon Resource Names (ARNs). Use this option to add or remove resources when making an update.\n\n> Be aware that if you include content in the `Resources` field when you update a monitor, the `ResourcesToAdd` and `ResourcesToRemove` fields must be empty.", - "title": "Resources", - "type": "array" - }, - "ResourcesToAdd": { - "items": { - "type": "string" - }, - "markdownDescription": "The resources to include in a monitor, which you provide as a set of Amazon Resource Names (ARNs). Resources can be Amazon Virtual Private Cloud VPCs, Network Load Balancers (NLBs), Amazon CloudFront distributions, or Amazon WorkSpaces directories.\n\nYou can add a combination of VPCs and CloudFront distributions, or you can add WorkSpaces directories, or you can add NLBs. You can't add NLBs or WorkSpaces directories together with any other resources.\n\nIf you add only VPC resources, at least one VPC must have an Internet Gateway attached to it, to make sure that it has internet connectivity.\n\n> You can specify this field for a monitor update only if the `Resources` field is empty.", - "title": "ResourcesToAdd", - "type": "array" + "FederationParameters": { + "$ref": "#/definitions/AWS::FinSpace::Environment.FederationParameters", + "markdownDescription": "Configuration information when authentication mode is FEDERATED.", + "title": "FederationParameters" }, - "ResourcesToRemove": { - "items": { - "type": "string" - }, - "markdownDescription": "The resources to remove from a monitor, which you provide as a set of Amazon Resource Names (ARNs)\n\n> You can specify this field for a monitor update only if the `Resources` field is empty.", - "title": "ResourcesToRemove", - "type": "array" + "KmsKeyId": { + "markdownDescription": "The KMS key id used to encrypt in the FinSpace environment.", + "title": "KmsKeyId", + "type": "string" }, - "Status": { - "markdownDescription": "The status of a monitor. The accepted values that you can specify for `Status` are `ACTIVE` and `INACTIVE` .", - "title": "Status", + "Name": { + "markdownDescription": "The name of the FinSpace environment.", + "title": "Name", "type": "string" }, + "SuperuserParameters": { + "$ref": "#/definitions/AWS::FinSpace::Environment.SuperuserParameters", + "markdownDescription": "Configuration information for the superuser.", + "title": "SuperuserParameters" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags for a monitor, listed as a set of *key:value* pairs.", + "markdownDescription": "", "title": "Tags", "type": "array" - }, - "TrafficPercentageToMonitor": { - "markdownDescription": "The percentage of the internet-facing traffic for your application that you want to monitor. You can also, optionally, set a limit for the number of city-networks (client locations and ASNs, typically internet service providers) that Internet Monitor will monitor traffic for. The city-networks maximum limit caps the number of city-networks that Internet Monitor monitors for your application, regardless of the percentage of traffic that you choose to monitor.", - "title": "TrafficPercentageToMonitor", - "type": "number" } }, "required": [ - "MonitorName" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::InternetMonitor::Monitor" + "AWS::FinSpace::Environment" ], "type": "string" }, @@ -119826,86 +124419,83 @@ ], "type": "object" }, - "AWS::InternetMonitor::Monitor.HealthEventsConfig": { + "AWS::FinSpace::Environment.AttributeMapItems": { "additionalProperties": false, "properties": { - "AvailabilityLocalHealthEventsConfig": { - "$ref": "#/definitions/AWS::InternetMonitor::Monitor.LocalHealthEventsConfig", - "markdownDescription": "The configuration that determines the threshold and other conditions for when Internet Monitor creates a health event for a local availability issue.", - "title": "AvailabilityLocalHealthEventsConfig" - }, - "AvailabilityScoreThreshold": { - "markdownDescription": "The health event threshold percentage set for availability scores. When the overall availability score is at or below this percentage, Internet Monitor creates a health event.", - "title": "AvailabilityScoreThreshold", - "type": "number" - }, - "PerformanceLocalHealthEventsConfig": { - "$ref": "#/definitions/AWS::InternetMonitor::Monitor.LocalHealthEventsConfig", - "markdownDescription": "The configuration that determines the threshold and other conditions for when Internet Monitor creates a health event for a local performance issue.", - "title": "PerformanceLocalHealthEventsConfig" + "Key": { + "markdownDescription": "", + "title": "Key", + "type": "string" }, - "PerformanceScoreThreshold": { - "markdownDescription": "The health event threshold percentage set for performance scores. When the overall performance score is at or below this percentage, Internet Monitor creates a health event.", - "title": "PerformanceScoreThreshold", - "type": "number" - } - }, - "type": "object" - }, - "AWS::InternetMonitor::Monitor.InternetMeasurementsLogDelivery": { - "additionalProperties": false, - "properties": { - "S3Config": { - "$ref": "#/definitions/AWS::InternetMonitor::Monitor.S3Config", - "markdownDescription": "The configuration for publishing Amazon CloudWatch Internet Monitor internet measurements to Amazon S3.", - "title": "S3Config" + "Value": { + "markdownDescription": "", + "title": "Value", + "type": "string" } }, "type": "object" }, - "AWS::InternetMonitor::Monitor.LocalHealthEventsConfig": { + "AWS::FinSpace::Environment.FederationParameters": { "additionalProperties": false, "properties": { - "HealthScoreThreshold": { - "markdownDescription": "The health event threshold percentage set for a local health score.", - "title": "HealthScoreThreshold", - "type": "number" + "ApplicationCallBackURL": { + "markdownDescription": "The redirect or sign-in URL that should be entered into the SAML 2.0 compliant identity provider configuration (IdP).", + "title": "ApplicationCallBackURL", + "type": "string" }, - "MinTrafficImpact": { - "markdownDescription": "The minimum percentage of overall traffic for an application that must be impacted by an issue before Internet Monitor creates an event when a threshold is crossed for a local health score.\n\nIf you don't set a minimum traffic impact threshold, the default value is 0.01%.", - "title": "MinTrafficImpact", - "type": "number" + "AttributeMap": { + "items": { + "$ref": "#/definitions/AWS::FinSpace::Environment.AttributeMapItems" + }, + "markdownDescription": "SAML attribute name and value. The name must always be `Email` and the value should be set to the attribute definition in which user email is set. For example, name would be `Email` and value `http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress` . Please check your SAML 2.0 compliant identity provider (IdP) documentation for details.", + "title": "AttributeMap", + "type": "array" }, - "Status": { - "markdownDescription": "The status of whether Internet Monitor creates a health event based on a threshold percentage set for a local health score. The status can be `ENABLED` or `DISABLED` .", - "title": "Status", + "FederationProviderName": { + "markdownDescription": "Name of the identity provider (IdP).", + "title": "FederationProviderName", + "type": "string" + }, + "FederationURN": { + "markdownDescription": "The Uniform Resource Name (URN). Also referred as Service Provider URN or Audience URI or Service Provider Entity ID.", + "title": "FederationURN", + "type": "string" + }, + "SamlMetadataDocument": { + "markdownDescription": "SAML 2.0 Metadata document from identity provider (IdP).", + "title": "SamlMetadataDocument", + "type": "string" + }, + "SamlMetadataURL": { + "markdownDescription": "Provide the metadata URL from your SAML 2.0 compliant identity provider (IdP).", + "title": "SamlMetadataURL", "type": "string" } }, "type": "object" }, - "AWS::InternetMonitor::Monitor.S3Config": { + "AWS::FinSpace::Environment.SuperuserParameters": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "The Amazon S3 bucket name for internet measurements publishing.", - "title": "BucketName", + "EmailAddress": { + "markdownDescription": "The email address of the superuser.", + "title": "EmailAddress", "type": "string" }, - "BucketPrefix": { - "markdownDescription": "An optional Amazon S3 bucket prefix for internet measurements publishing.", - "title": "BucketPrefix", + "FirstName": { + "markdownDescription": "The first name of the superuser.", + "title": "FirstName", "type": "string" }, - "LogDeliveryStatus": { - "markdownDescription": "The status of publishing Internet Monitor internet measurements to an Amazon S3 bucket. The delivery status is `ENABLED` if you choose to deliver internet measurements to an S3 bucket, and `DISABLED` otherwise.", - "title": "LogDeliveryStatus", + "LastName": { + "markdownDescription": "The last name of the superuser.", + "title": "LastName", "type": "string" } }, "type": "object" }, - "AWS::IoT1Click::Device": { + "AWS::Forecast::Dataset": { "additionalProperties": false, "properties": { "Condition": { @@ -119940,22 +124530,56 @@ "Properties": { "additionalProperties": false, "properties": { - "DeviceId": { + "DataFrequency": { + "markdownDescription": "The frequency of data collection. This parameter is required for RELATED_TIME_SERIES datasets.\n\nValid intervals are an integer followed by Y (Year), M (Month), W (Week), D (Day), H (Hour), and min (Minute). For example, \"1D\" indicates every day and \"15min\" indicates every 15 minutes. You cannot specify a value that would overlap with the next larger frequency. That means, for example, you cannot specify a frequency of 60 minutes, because that is equivalent to 1 hour. The valid values for each frequency are the following:\n\n- Minute - 1-59\n- Hour - 1-23\n- Day - 1-6\n- Week - 1-4\n- Month - 1-11\n- Year - 1\n\nThus, if you want every other week forecasts, specify \"2W\". Or, if you want quarterly forecasts, you specify \"3M\".", + "title": "DataFrequency", "type": "string" }, - "Enabled": { - "type": "boolean" + "DatasetName": { + "markdownDescription": "The name of the dataset.", + "title": "DatasetName", + "type": "string" + }, + "DatasetType": { + "markdownDescription": "The dataset type.", + "title": "DatasetType", + "type": "string" + }, + "Domain": { + "markdownDescription": "The domain associated with the dataset.", + "title": "Domain", + "type": "string" + }, + "EncryptionConfig": { + "$ref": "#/definitions/AWS::Forecast::Dataset.EncryptionConfig", + "markdownDescription": "A Key Management Service (KMS) key and the Identity and Access Management (IAM) role that Amazon Forecast can assume to access the key.", + "title": "EncryptionConfig" + }, + "Schema": { + "$ref": "#/definitions/AWS::Forecast::Dataset.Schema", + "markdownDescription": "The schema for the dataset. The schema attributes and their order must match the fields in your data. The dataset `Domain` and `DatasetType` that you choose determine the minimum required fields in your training data. For information about the required fields for a specific dataset domain and type, see [Dataset Domains and Dataset Types](https://docs.aws.amazon.com/forecast/latest/dg/howitworks-domains-ds-types.html) .", + "title": "Schema" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::Forecast::Dataset.TagsItems" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, "required": [ - "DeviceId", - "Enabled" + "DatasetName", + "DatasetType", + "Domain", + "Schema" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT1Click::Device" + "AWS::Forecast::Dataset" ], "type": "string" }, @@ -119974,81 +124598,73 @@ ], "type": "object" }, - "AWS::IoT1Click::Placement": { + "AWS::Forecast::Dataset.AttributesItems": { "additionalProperties": false, "properties": { - "Condition": { + "AttributeName": { + "markdownDescription": "", + "title": "AttributeName", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "AttributeType": { + "markdownDescription": "", + "title": "AttributeType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Forecast::Dataset.EncryptionConfig": { + "additionalProperties": false, + "properties": { + "KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key.", + "title": "KmsKeyArn", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AssociatedDevices": { - "type": "object" - }, - "Attributes": { - "type": "object" - }, - "PlacementName": { - "type": "string" - }, - "ProjectName": { - "type": "string" - } + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that Amazon Forecast can assume to access the AWS KMS key.\n\nPassing a role across AWS accounts is not allowed. If you pass a role that isn't in your account, you get an `InvalidInputException` error.", + "title": "RoleArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Forecast::Dataset.Schema": { + "additionalProperties": false, + "properties": { + "Attributes": { + "items": { + "$ref": "#/definitions/AWS::Forecast::Dataset.AttributesItems" }, - "required": [ - "ProjectName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::IoT1Click::Placement" - ], + "markdownDescription": "An array of attributes specifying the name and type of each field in a dataset.", + "title": "Attributes", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Forecast::Dataset.TagsItems": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "", + "title": "Key", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Value": { + "markdownDescription": "", + "title": "Value", "type": "string" } }, "required": [ - "Type", - "Properties" + "Key", + "Value" ], "type": "object" }, - "AWS::IoT1Click::Project": { + "AWS::Forecast::DatasetGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -120083,24 +124699,42 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "type": "string" + "DatasetArns": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of Amazon Resource Names (ARNs) of the datasets that you want to include in the dataset group.", + "title": "DatasetArns", + "type": "array" }, - "PlacementTemplate": { - "$ref": "#/definitions/AWS::IoT1Click::Project.PlacementTemplate" + "DatasetGroupName": { + "markdownDescription": "The name of the dataset group.", + "title": "DatasetGroupName", + "type": "string" }, - "ProjectName": { + "Domain": { + "markdownDescription": "The domain associated with the dataset group. When you add a dataset to a dataset group, this value and the value specified for the `Domain` parameter of the [CreateDataset](https://docs.aws.amazon.com/forecast/latest/dg/API_CreateDataset.html) operation must match.\n\nThe `Domain` and `DatasetType` that you choose determine the fields that must be present in training data that you import to a dataset. For example, if you choose the `RETAIL` domain and `TARGET_TIME_SERIES` as the `DatasetType` , Amazon Forecast requires that `item_id` , `timestamp` , and `demand` fields are present in your data. For more information, see [Dataset groups](https://docs.aws.amazon.com/forecast/latest/dg/howitworks-datasets-groups.html) .", + "title": "Domain", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, "required": [ - "PlacementTemplate" + "DatasetGroupName", + "Domain" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT1Click::Project" + "AWS::Forecast::DatasetGroup" ], "type": "string" }, @@ -120119,31 +124753,7 @@ ], "type": "object" }, - "AWS::IoT1Click::Project.DeviceTemplate": { - "additionalProperties": false, - "properties": { - "CallbackOverrides": { - "type": "object" - }, - "DeviceType": { - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoT1Click::Project.PlacementTemplate": { - "additionalProperties": false, - "properties": { - "DefaultAttributes": { - "type": "object" - }, - "DeviceTemplates": { - "type": "object" - } - }, - "type": "object" - }, - "AWS::IoT::AccountAuditConfiguration": { + "AWS::FraudDetector::Detector": { "additionalProperties": false, "properties": { "Condition": { @@ -120178,37 +124788,66 @@ "Properties": { "additionalProperties": false, "properties": { - "AccountId": { - "markdownDescription": "The ID of the account. You can use the expression `!Sub \"${AWS::AccountId}\"` to use your account ID.", - "title": "AccountId", + "AssociatedModels": { + "items": { + "$ref": "#/definitions/AWS::FraudDetector::Detector.Model" + }, + "markdownDescription": "The models to associate with this detector. You must provide the ARNs of all the models you want to associate.", + "title": "AssociatedModels", + "type": "array" + }, + "Description": { + "markdownDescription": "The detector description.", + "title": "Description", "type": "string" }, - "AuditCheckConfigurations": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfigurations", - "markdownDescription": "Specifies which audit checks are enabled and disabled for this account.\n\nSome data collection might start immediately when certain checks are enabled. When a check is disabled, any data collected so far in relation to the check is deleted. To disable a check, set the value of the `Enabled:` key to `false` .\n\nIf an enabled check is removed from the template, it will also be disabled.\n\nYou can't disable a check if it's used by any scheduled audit. You must delete the check from the scheduled audit or delete the scheduled audit itself to disable the check.\n\nFor more information on available audit checks see [AWS::IoT::AccountAuditConfiguration AuditCheckConfigurations](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iot-accountauditconfiguration-auditcheckconfigurations.html)", - "title": "AuditCheckConfigurations" + "DetectorId": { + "markdownDescription": "The name of the detector.", + "title": "DetectorId", + "type": "string" }, - "AuditNotificationTargetConfigurations": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditNotificationTargetConfigurations", - "markdownDescription": "Information about the targets to which audit notifications are sent.", - "title": "AuditNotificationTargetConfigurations" + "DetectorVersionStatus": { + "markdownDescription": "The status of the detector version. If a value is not provided for this property, AWS CloudFormation assumes `DRAFT` status.\n\nValid values: `ACTIVE | DRAFT`", + "title": "DetectorVersionStatus", + "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role that grants permission to AWS IoT to access information about your devices, policies, certificates, and other items as required when performing an audit.", - "title": "RoleArn", + "EventType": { + "$ref": "#/definitions/AWS::FraudDetector::Detector.EventType", + "markdownDescription": "The event type associated with this detector.", + "title": "EventType" + }, + "RuleExecutionMode": { + "markdownDescription": "The rule execution mode for the rules included in the detector version.\n\nValid values: `FIRST_MATCHED | ALL_MATCHED` Default value: `FIRST_MATCHED`\n\nYou can define and edit the rule mode at the detector version level, when it is in draft status.\n\nIf you specify `FIRST_MATCHED` , Amazon Fraud Detector evaluates rules sequentially, first to last, stopping at the first matched rule. Amazon Fraud dectector then provides the outcomes for that single rule.\n\nIf you specifiy `ALL_MATCHED` , Amazon Fraud Detector evaluates all rules and returns the outcomes for all matched rules.", + "title": "RuleExecutionMode", "type": "string" + }, + "Rules": { + "items": { + "$ref": "#/definitions/AWS::FraudDetector::Detector.Rule" + }, + "markdownDescription": "The rules to include in the detector version.", + "title": "Rules", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, "required": [ - "AccountId", - "AuditCheckConfigurations", - "RoleArn" + "DetectorId", + "EventType", + "Rules" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::AccountAuditConfiguration" + "AWS::FraudDetector::Detector" ], "type": "string" }, @@ -120227,136 +124866,349 @@ ], "type": "object" }, - "AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration": { + "AWS::FraudDetector::Detector.EntityType": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "True if this audit check is enabled for this account.", - "title": "Enabled", + "Arn": { + "markdownDescription": "The entity type ARN.", + "title": "Arn", + "type": "string" + }, + "CreatedTime": { + "markdownDescription": "Timestamp of when the entity type was created.", + "title": "CreatedTime", + "type": "string" + }, + "Description": { + "markdownDescription": "The entity type description.", + "title": "Description", + "type": "string" + }, + "Inline": { + "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these Variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables.", + "title": "Inline", "type": "boolean" + }, + "LastUpdatedTime": { + "markdownDescription": "Timestamp of when the entity type was last updated.", + "title": "LastUpdatedTime", + "type": "string" + }, + "Name": { + "markdownDescription": "The entity type name.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, "type": "object" }, - "AWS::IoT::AccountAuditConfiguration.AuditCheckConfigurations": { + "AWS::FraudDetector::Detector.EventType": { "additionalProperties": false, "properties": { - "AuthenticatedCognitoRoleOverlyPermissiveCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks the permissiveness of an authenticated Amazon Cognito identity pool role. For this check, AWS IoT Device Defender audits all Amazon Cognito identity pools that have been used to connect to the AWS IoT message broker during the 31 days before the audit is performed.", - "title": "AuthenticatedCognitoRoleOverlyPermissiveCheck" + "Arn": { + "markdownDescription": "The entity type ARN.", + "title": "Arn", + "type": "string" }, - "CaCertificateExpiringCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks if a CA certificate is expiring. This check applies to CA certificates expiring within 30 days or that have expired.", - "title": "CaCertificateExpiringCheck" + "CreatedTime": { + "markdownDescription": "Timestamp of when the event type was created.", + "title": "CreatedTime", + "type": "string" }, - "CaCertificateKeyQualityCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks the quality of the CA certificate key. The quality checks if the key is in a valid format, not expired, and if the key meets a minimum required size. This check applies to CA certificates that are `ACTIVE` or `PENDING_TRANSFER` .", - "title": "CaCertificateKeyQualityCheck" + "Description": { + "markdownDescription": "The event type description.", + "title": "Description", + "type": "string" }, - "ConflictingClientIdsCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks if multiple devices connect using the same client ID.", - "title": "ConflictingClientIdsCheck" + "EntityTypes": { + "items": { + "$ref": "#/definitions/AWS::FraudDetector::Detector.EntityType" + }, + "markdownDescription": "The event type entity types.", + "title": "EntityTypes", + "type": "array" }, - "DeviceCertificateExpiringCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks if a device certificate is expiring. By default, this check applies to device certificates expiring within 30 days or that have expired. You can modify this threshold by configuring the DeviceCertExpirationAuditCheckConfiguration.", - "title": "DeviceCertificateExpiringCheck" + "EventVariables": { + "items": { + "$ref": "#/definitions/AWS::FraudDetector::Detector.EventVariable" + }, + "markdownDescription": "The event type event variables.", + "title": "EventVariables", + "type": "array" }, - "DeviceCertificateKeyQualityCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks the quality of the device certificate key. The quality checks if the key is in a valid format, not expired, signed by a registered certificate authority, and if the key meets a minimum required size.", - "title": "DeviceCertificateKeyQualityCheck" + "Inline": { + "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the Variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables.", + "title": "Inline", + "type": "boolean" }, - "DeviceCertificateSharedCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks if multiple concurrent connections use the same X.509 certificate to authenticate with AWS IoT .", - "title": "DeviceCertificateSharedCheck" + "Labels": { + "items": { + "$ref": "#/definitions/AWS::FraudDetector::Detector.Label" + }, + "markdownDescription": "The event type labels.", + "title": "Labels", + "type": "array" }, - "IntermediateCaRevokedForActiveDeviceCertificatesCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks if device certificates are still active despite being revoked by an intermediate CA.", - "title": "IntermediateCaRevokedForActiveDeviceCertificatesCheck" + "LastUpdatedTime": { + "markdownDescription": "Timestamp of when the event type was last updated.", + "title": "LastUpdatedTime", + "type": "string" }, - "IoTPolicyPotentialMisConfigurationCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks if an AWS IoT policy is potentially misconfigured. Misconfigured policies, including overly permissive policies, can cause security incidents like allowing devices access to unintended resources. This check is a warning for you to make sure that only intended actions are allowed before updating the policy.", - "title": "IoTPolicyPotentialMisConfigurationCheck" + "Name": { + "markdownDescription": "The event type name.", + "title": "Name", + "type": "string" }, - "IotPolicyOverlyPermissiveCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks the permissiveness of a policy attached to an authenticated Amazon Cognito identity pool role.", - "title": "IotPolicyOverlyPermissiveCheck" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "AWS::FraudDetector::Detector.EventVariable": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The event variable ARN.", + "title": "Arn", + "type": "string" }, - "IotRoleAliasAllowsAccessToUnusedServicesCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks if a role alias has access to services that haven't been used for the AWS IoT device in the last year.", - "title": "IotRoleAliasAllowsAccessToUnusedServicesCheck" + "CreatedTime": { + "markdownDescription": "Timestamp for when the event variable was created.", + "title": "CreatedTime", + "type": "string" }, - "IotRoleAliasOverlyPermissiveCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks if the temporary credentials provided by AWS IoT role aliases are overly permissive.", - "title": "IotRoleAliasOverlyPermissiveCheck" + "DataSource": { + "markdownDescription": "The data source of the event variable.\n\nValid values: `EVENT | EXTERNAL_MODEL_SCORE`\n\nWhen defining a variable within a detector, you can only use the `EVENT` value for DataSource when the *Inline* property is set to true. If the *Inline* property is set false, you can use either `EVENT` or `MODEL_SCORE` for DataSource.", + "title": "DataSource", + "type": "string" }, - "LoggingDisabledCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks if AWS IoT logs are disabled.", - "title": "LoggingDisabledCheck" + "DataType": { + "markdownDescription": "The data type of the event variable.\n\nValid values: `STRING | INTEGER | BOOLEAN | FLOAT`", + "title": "DataType", + "type": "string" }, - "RevokedCaCertificateStillActiveCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks if a revoked CA certificate is still active.", - "title": "RevokedCaCertificateStillActiveCheck" + "DefaultValue": { + "markdownDescription": "The default value of the event variable. This is required if you are providing the details of your variables instead of the ARN.", + "title": "DefaultValue", + "type": "string" }, - "RevokedDeviceCertificateStillActiveCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks if a revoked device certificate is still active.", - "title": "RevokedDeviceCertificateStillActiveCheck" + "Description": { + "markdownDescription": "The description of the event variable.", + "title": "Description", + "type": "string" }, - "UnauthenticatedCognitoRoleOverlyPermissiveCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks if policy attached to an unauthenticated Amazon Cognito identity pool role is too permissive.", - "title": "UnauthenticatedCognitoRoleOverlyPermissiveCheck" + "Inline": { + "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables.", + "title": "Inline", + "type": "boolean" + }, + "LastUpdatedTime": { + "markdownDescription": "Timestamp for when the event variable was last updated.", + "title": "LastUpdatedTime", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the event variable.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + }, + "VariableType": { + "markdownDescription": "The type of event variable. For more information, see [Variable types](https://docs.aws.amazon.com/frauddetector/latest/ug/create-a-variable.html#variable-types) .", + "title": "VariableType", + "type": "string" } }, "type": "object" }, - "AWS::IoT::AccountAuditConfiguration.AuditNotificationTarget": { + "AWS::FraudDetector::Detector.Label": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "True if notifications to the target are enabled.", - "title": "Enabled", + "Arn": { + "markdownDescription": "The label ARN.", + "title": "Arn", + "type": "string" + }, + "CreatedTime": { + "markdownDescription": "Timestamp of when the event type was created.", + "title": "CreatedTime", + "type": "string" + }, + "Description": { + "markdownDescription": "The label description.", + "title": "Description", + "type": "string" + }, + "Inline": { + "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables.", + "title": "Inline", "type": "boolean" }, - "RoleArn": { - "markdownDescription": "The ARN of the role that grants permission to send notifications to the target.", - "title": "RoleArn", + "LastUpdatedTime": { + "markdownDescription": "Timestamp of when the label was last updated.", + "title": "LastUpdatedTime", "type": "string" }, - "TargetArn": { - "markdownDescription": "The ARN of the target (SNS topic) to which audit notifications are sent.", - "title": "TargetArn", + "Name": { + "markdownDescription": "The label name.", + "title": "Name", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, "type": "object" }, - "AWS::IoT::AccountAuditConfiguration.AuditNotificationTargetConfigurations": { + "AWS::FraudDetector::Detector.Model": { "additionalProperties": false, "properties": { - "Sns": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditNotificationTarget", - "markdownDescription": "The `Sns` notification target.", - "title": "Sns" + "Arn": { + "markdownDescription": "The ARN of the model.", + "title": "Arn", + "type": "string" } }, "type": "object" }, - "AWS::IoT::Authorizer": { + "AWS::FraudDetector::Detector.Outcome": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The outcome ARN.", + "title": "Arn", + "type": "string" + }, + "CreatedTime": { + "markdownDescription": "The timestamp when the outcome was created.", + "title": "CreatedTime", + "type": "string" + }, + "Description": { + "markdownDescription": "The outcome description.", + "title": "Description", + "type": "string" + }, + "Inline": { + "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables.", + "title": "Inline", + "type": "boolean" + }, + "LastUpdatedTime": { + "markdownDescription": "The timestamp when the outcome was last updated.", + "title": "LastUpdatedTime", + "type": "string" + }, + "Name": { + "markdownDescription": "The outcome name.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "AWS::FraudDetector::Detector.Rule": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The rule ARN.", + "title": "Arn", + "type": "string" + }, + "CreatedTime": { + "markdownDescription": "Timestamp for when the rule was created.", + "title": "CreatedTime", + "type": "string" + }, + "Description": { + "markdownDescription": "The rule description.", + "title": "Description", + "type": "string" + }, + "DetectorId": { + "markdownDescription": "The detector for which the rule is associated.", + "title": "DetectorId", + "type": "string" + }, + "Expression": { + "markdownDescription": "The rule expression. A rule expression captures the business logic. For more information, see [Rule language reference](https://docs.aws.amazon.com/frauddetector/latest/ug/rule-language-reference.html) .", + "title": "Expression", + "type": "string" + }, + "Language": { + "markdownDescription": "The rule language.\n\nValid Value: DETECTORPL", + "title": "Language", + "type": "string" + }, + "LastUpdatedTime": { + "markdownDescription": "Timestamp for when the rule was last updated.", + "title": "LastUpdatedTime", + "type": "string" + }, + "Outcomes": { + "items": { + "$ref": "#/definitions/AWS::FraudDetector::Detector.Outcome" + }, + "markdownDescription": "The rule outcome.", + "title": "Outcomes", + "type": "array" + }, + "RuleId": { + "markdownDescription": "The rule ID.", + "title": "RuleId", + "type": "string" + }, + "RuleVersion": { + "markdownDescription": "The rule version.", + "title": "RuleVersion", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "AWS::FraudDetector::EntityType": { "additionalProperties": false, "properties": { "Condition": { @@ -120391,64 +125243,33 @@ "Properties": { "additionalProperties": false, "properties": { - "AuthorizerFunctionArn": { - "markdownDescription": "The authorizer's Lambda function ARN.", - "title": "AuthorizerFunctionArn", - "type": "string" - }, - "AuthorizerName": { - "markdownDescription": "The authorizer name.", - "title": "AuthorizerName", + "Description": { + "markdownDescription": "The entity type description.", + "title": "Description", "type": "string" }, - "EnableCachingForHttp": { - "markdownDescription": "When `true` , the result from the authorizer's Lambda function is cached for clients that use persistent HTTP connections. The results are cached for the time specified by the Lambda function in `refreshAfterInSeconds` . This value doesn't affect authorization of clients that use MQTT connections.", - "title": "EnableCachingForHttp", - "type": "boolean" - }, - "SigningDisabled": { - "markdownDescription": "Specifies whether AWS IoT validates the token signature in an authorization request.", - "title": "SigningDisabled", - "type": "boolean" - }, - "Status": { - "markdownDescription": "The status of the authorizer.\n\nValid values: `ACTIVE` | `INACTIVE`", - "title": "Status", + "Name": { + "markdownDescription": "The entity type name.\n\nPattern: `^[0-9a-z_-]+$`", + "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata which can be used to manage the custom authorizer.\n\n> For URI Request parameters use format: ...key1=value1&key2=value2...\n> \n> For the CLI command-line parameter use format: &&tags \"key1=value1&key2=value2...\"\n> \n> For the cli-input-json file use format: \"tags\": \"key1=value1&key2=value2...\"", + "markdownDescription": "A key and value pair.", "title": "Tags", "type": "array" - }, - "TokenKeyName": { - "markdownDescription": "The key used to extract the token from the HTTP headers.", - "title": "TokenKeyName", - "type": "string" - }, - "TokenSigningPublicKeys": { - "additionalProperties": true, - "markdownDescription": "The public keys used to validate the token signature returned by your custom authentication service.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "TokenSigningPublicKeys", - "type": "object" } }, "required": [ - "AuthorizerFunctionArn" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::Authorizer" + "AWS::FraudDetector::EntityType" ], "type": "string" }, @@ -120467,7 +125288,7 @@ ], "type": "object" }, - "AWS::IoT::BillingGroup": { + "AWS::FraudDetector::EventType": { "additionalProperties": false, "properties": { "Condition": { @@ -120502,30 +125323,60 @@ "Properties": { "additionalProperties": false, "properties": { - "BillingGroupName": { - "markdownDescription": "The name of the billing group.", - "title": "BillingGroupName", + "Description": { + "markdownDescription": "The event type description.", + "title": "Description", "type": "string" }, - "BillingGroupProperties": { - "$ref": "#/definitions/AWS::IoT::BillingGroup.BillingGroupProperties", - "markdownDescription": "The properties of the billing group.", - "title": "BillingGroupProperties" + "EntityTypes": { + "items": { + "$ref": "#/definitions/AWS::FraudDetector::EventType.EntityType" + }, + "markdownDescription": "The event type entity types.", + "title": "EntityTypes", + "type": "array" + }, + "EventVariables": { + "items": { + "$ref": "#/definitions/AWS::FraudDetector::EventType.EventVariable" + }, + "markdownDescription": "The event type event variables.", + "title": "EventVariables", + "type": "array" + }, + "Labels": { + "items": { + "$ref": "#/definitions/AWS::FraudDetector::EventType.Label" + }, + "markdownDescription": "The event type labels.", + "title": "Labels", + "type": "array" + }, + "Name": { + "markdownDescription": "The event type name.\n\nPattern : `^[0-9a-z_-]+$`", + "title": "Name", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata which can be used to manage the billing group.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, + "required": [ + "EntityTypes", + "EventVariables", + "Labels", + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::BillingGroup" + "AWS::FraudDetector::EventType" ], "type": "string" }, @@ -120539,22 +125390,164 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoT::BillingGroup.BillingGroupProperties": { + "AWS::FraudDetector::EventType.EntityType": { "additionalProperties": false, "properties": { - "BillingGroupDescription": { - "markdownDescription": "The description of the billing group.", - "title": "BillingGroupDescription", + "Arn": { + "markdownDescription": "The entity type ARN.", + "title": "Arn", "type": "string" + }, + "CreatedTime": { + "markdownDescription": "Timestamp of when the entity type was created.", + "title": "CreatedTime", + "type": "string" + }, + "Description": { + "markdownDescription": "The entity type description.", + "title": "Description", + "type": "string" + }, + "Inline": { + "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::EventType` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your event type but not execute any changes to the variables.", + "title": "Inline", + "type": "boolean" + }, + "LastUpdatedTime": { + "markdownDescription": "Timestamp of when the entity type was last updated.", + "title": "LastUpdatedTime", + "type": "string" + }, + "Name": { + "markdownDescription": "The entity type name.\n\n`^[0-9a-z_-]+$`", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, "type": "object" }, - "AWS::IoT::CACertificate": { + "AWS::FraudDetector::EventType.EventVariable": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The event variable ARN.", + "title": "Arn", + "type": "string" + }, + "CreatedTime": { + "markdownDescription": "Timestamp for when event variable was created.", + "title": "CreatedTime", + "type": "string" + }, + "DataSource": { + "markdownDescription": "The source of the event variable.\n\nValid values: `EVENT | EXTERNAL_MODEL_SCORE`\n\nWhen defining a variable within a event type, you can only use the `EVENT` value for DataSource when the *Inline* property is set to true. If the *Inline* property is set false, you can use either `EVENT` or `MODEL_SCORE` for DataSource.", + "title": "DataSource", + "type": "string" + }, + "DataType": { + "markdownDescription": "The data type of the event variable. For more information, see [Data types](https://docs.aws.amazon.com/frauddetector/latest/ug/variables.html#data-types) .", + "title": "DataType", + "type": "string" + }, + "DefaultValue": { + "markdownDescription": "The default value of the event variable", + "title": "DefaultValue", + "type": "string" + }, + "Description": { + "markdownDescription": "The event variable description.", + "title": "Description", + "type": "string" + }, + "Inline": { + "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::EventType` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the Variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your event type but not execute any changes to the variables.", + "title": "Inline", + "type": "boolean" + }, + "LastUpdatedTime": { + "markdownDescription": "Timestamp for when the event variable was last updated.", + "title": "LastUpdatedTime", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the event variable.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + }, + "VariableType": { + "markdownDescription": "The type of event variable. For more information, see [Variable types](https://docs.aws.amazon.com/frauddetector/latest/ug/variables.html#variable-types) .", + "title": "VariableType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::FraudDetector::EventType.Label": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The label ARN.", + "title": "Arn", + "type": "string" + }, + "CreatedTime": { + "markdownDescription": "Timestamp of when the event type was created.", + "title": "CreatedTime", + "type": "string" + }, + "Description": { + "markdownDescription": "The label description.", + "title": "Description", + "type": "string" + }, + "Inline": { + "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::EventType` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your EventType but not execute any changes to the variables.", + "title": "Inline", + "type": "boolean" + }, + "LastUpdatedTime": { + "markdownDescription": "Timestamp of when the label was last updated.", + "title": "LastUpdatedTime", + "type": "string" + }, + "Name": { + "markdownDescription": "The label name.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "AWS::FraudDetector::Label": { "additionalProperties": false, "properties": { "Condition": { @@ -120589,34 +125582,14 @@ "Properties": { "additionalProperties": false, "properties": { - "AutoRegistrationStatus": { - "markdownDescription": "Whether the CA certificate is configured for auto registration of device certificates. Valid values are \"ENABLE\" and \"DISABLE\".", - "title": "AutoRegistrationStatus", - "type": "string" - }, - "CACertificatePem": { - "markdownDescription": "The certificate data in PEM format.", - "title": "CACertificatePem", - "type": "string" - }, - "CertificateMode": { - "markdownDescription": "The mode of the CA.\n\nAll the device certificates that are registered using this CA will be registered in the same mode as the CA. For more information about certificate mode for device certificates, see [certificate mode](https://docs.aws.amazon.com//iot/latest/apireference/API_CertificateDescription.html#iot-Type-CertificateDescription-certificateMode) .\n\nValid values are \"DEFAULT\" and \"SNI_ONLY\".", - "title": "CertificateMode", + "Description": { + "markdownDescription": "The label description.", + "title": "Description", "type": "string" }, - "RegistrationConfig": { - "$ref": "#/definitions/AWS::IoT::CACertificate.RegistrationConfig", - "markdownDescription": "Information about the registration configuration.", - "title": "RegistrationConfig" - }, - "RemoveAutoRegistration": { - "markdownDescription": "If true, removes auto registration.", - "title": "RemoveAutoRegistration", - "type": "boolean" - }, - "Status": { - "markdownDescription": "The status of the CA certificate.\n\nValid values are \"ACTIVE\" and \"INACTIVE\".", - "title": "Status", + "Name": { + "markdownDescription": "The label name.\n\nPattern: `^[0-9a-z_-]+$`", + "title": "Name", "type": "string" }, "Tags": { @@ -120626,22 +125599,16 @@ "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" - }, - "VerificationCertificatePem": { - "markdownDescription": "The private key verification certificate.", - "title": "VerificationCertificatePem", - "type": "string" } }, "required": [ - "CACertificatePem", - "Status" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::CACertificate" + "AWS::FraudDetector::Label" ], "type": "string" }, @@ -120660,28 +125627,7 @@ ], "type": "object" }, - "AWS::IoT::CACertificate.RegistrationConfig": { - "additionalProperties": false, - "properties": { - "RoleArn": { - "markdownDescription": "The ARN of the role.", - "title": "RoleArn", - "type": "string" - }, - "TemplateBody": { - "markdownDescription": "The template body.", - "title": "TemplateBody", - "type": "string" - }, - "TemplateName": { - "markdownDescription": "The name of the provisioning template.", - "title": "TemplateName", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoT::Certificate": { + "AWS::FraudDetector::List": { "additionalProperties": false, "properties": { "Condition": { @@ -120716,40 +125662,46 @@ "Properties": { "additionalProperties": false, "properties": { - "CACertificatePem": { - "markdownDescription": "The CA certificate used to sign the device certificate being registered, not available when CertificateMode is SNI_ONLY.", - "title": "CACertificatePem", + "Description": { + "markdownDescription": "The description of the list.", + "title": "Description", "type": "string" }, - "CertificateMode": { - "markdownDescription": "Specifies which mode of certificate registration to use with this resource. Valid options are DEFAULT with CaCertificatePem and CertificatePem, SNI_ONLY with CertificatePem, and Default with CertificateSigningRequest.\n\n`DEFAULT` : A certificate in `DEFAULT` mode is either generated by AWS IoT Core or registered with an issuer certificate authority (CA). Devices with certificates in `DEFAULT` mode aren't required to send the Server Name Indication (SNI) extension when connecting to AWS IoT Core . However, to use features such as custom domains and VPC endpoints, we recommend that you use the SNI extension when connecting to AWS IoT Core .\n\n`SNI_ONLY` : A certificate in `SNI_ONLY` mode is registered without an issuer CA. Devices with certificates in `SNI_ONLY` mode must send the SNI extension when connecting to AWS IoT Core .", - "title": "CertificateMode", - "type": "string" + "Elements": { + "items": { + "type": "string" + }, + "markdownDescription": "The elements in the list.", + "title": "Elements", + "type": "array" }, - "CertificatePem": { - "markdownDescription": "The certificate data in PEM format. Requires SNI_ONLY for the certificate mode or the accompanying CACertificatePem for registration.", - "title": "CertificatePem", + "Name": { + "markdownDescription": "The name of the list.", + "title": "Name", "type": "string" }, - "CertificateSigningRequest": { - "markdownDescription": "The certificate signing request (CSR).", - "title": "CertificateSigningRequest", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" }, - "Status": { - "markdownDescription": "The status of the certificate.\n\nValid values are ACTIVE, INACTIVE, REVOKED, PENDING_TRANSFER, and PENDING_ACTIVATION.\n\nThe status value REGISTER_INACTIVE is deprecated and should not be used.", - "title": "Status", + "VariableType": { + "markdownDescription": "The variable type of the list. For more information, see [Variable types](https://docs.aws.amazon.com/frauddetector/latest/ug/variables.html#variable-types)", + "title": "VariableType", "type": "string" } }, "required": [ - "Status" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::Certificate" + "AWS::FraudDetector::List" ], "type": "string" }, @@ -120768,7 +125720,7 @@ ], "type": "object" }, - "AWS::IoT::CertificateProvider": { + "AWS::FraudDetector::Outcome": { "additionalProperties": false, "properties": { "Condition": { @@ -120803,42 +125755,33 @@ "Properties": { "additionalProperties": false, "properties": { - "AccountDefaultForOperations": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the operations that the certificate provider will use to generate certificates. Valid value: `CreateCertificateFromCsr` .", - "title": "AccountDefaultForOperations", - "type": "array" - }, - "CertificateProviderName": { - "markdownDescription": "The name of the certificate provider.", - "title": "CertificateProviderName", + "Description": { + "markdownDescription": "The outcome description.", + "title": "Description", "type": "string" }, - "LambdaFunctionArn": { - "markdownDescription": "The ARN of the Lambda function.", - "title": "LambdaFunctionArn", + "Name": { + "markdownDescription": "The outcome name.", + "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata that can be used to manage the certificate provider.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ - "AccountDefaultForOperations", - "LambdaFunctionArn" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::CertificateProvider" + "AWS::FraudDetector::Outcome" ], "type": "string" }, @@ -120857,7 +125800,7 @@ ], "type": "object" }, - "AWS::IoT::CustomMetric": { + "AWS::FraudDetector::Variable": { "additionalProperties": false, "properties": { "Condition": { @@ -120892,38 +125835,56 @@ "Properties": { "additionalProperties": false, "properties": { - "DisplayName": { - "markdownDescription": "The friendly name in the console for the custom metric. This name doesn't have to be unique. Don't use this name as the metric identifier in the device metric report. You can update the friendly name after you define it.", - "title": "DisplayName", + "DataSource": { + "markdownDescription": "The data source of the variable.\n\nValid values: `EVENT | EXTERNAL_MODEL_SCORE`\n\nWhen defining a variable within a detector, you can only use the `EVENT` value for DataSource when the *Inline* property is set to true. If the *Inline* property is set false, you can use either `EVENT` or `MODEL_SCORE` for DataSource.", + "title": "DataSource", "type": "string" }, - "MetricName": { - "markdownDescription": "The name of the custom metric. This will be used in the metric report submitted from the device/thing. The name can't begin with `aws:` . You can\u2019t change the name after you define it.", - "title": "MetricName", + "DataType": { + "markdownDescription": "The data type of the variable.\n\nValid data types: `STRING | INTEGER | BOOLEAN | FLOAT`", + "title": "DataType", "type": "string" }, - "MetricType": { - "markdownDescription": "The type of the custom metric. Types include `string-list` , `ip-address-list` , `number-list` , and `number` .\n\n> The type `number` only takes a single metric value as an input, but when you submit the metrics value in the DeviceMetrics report, you must pass it as an array with a single value.", - "title": "MetricType", + "DefaultValue": { + "markdownDescription": "The default value of the variable.", + "title": "DefaultValue", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the variable.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the variable.\n\nPattern: `^[0-9a-z_-]+$`", + "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata that can be used to manage the custom metric.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" + }, + "VariableType": { + "markdownDescription": "The type of the variable. For more information see [Variable types](https://docs.aws.amazon.com/frauddetector/latest/ug/create-a-variable.html#variable-types) .\n\nValid Values: `AUTH_CODE | AVS | BILLING_ADDRESS_L1 | BILLING_ADDRESS_L2 | BILLING_CITY | BILLING_COUNTRY | BILLING_NAME | BILLING_PHONE | BILLING_STATE | BILLING_ZIP | CARD_BIN | CATEGORICAL | CURRENCY_CODE | EMAIL_ADDRESS | FINGERPRINT | FRAUD_LABEL | FREE_FORM_TEXT | IP_ADDRESS | NUMERIC | ORDER_ID | PAYMENT_TYPE | PHONE_NUMBER | PRICE | PRODUCT_CATEGORY | SHIPPING_ADDRESS_L1 | SHIPPING_ADDRESS_L2 | SHIPPING_CITY | SHIPPING_COUNTRY | SHIPPING_NAME | SHIPPING_PHONE | SHIPPING_STATE | SHIPPING_ZIP | USERAGENT`", + "title": "VariableType", + "type": "string" } }, "required": [ - "MetricType" + "DataSource", + "DataType", + "DefaultValue", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::CustomMetric" + "AWS::FraudDetector::Variable" ], "type": "string" }, @@ -120942,7 +125903,7 @@ ], "type": "object" }, - "AWS::IoT::Dimension": { + "AWS::GameLift::Alias": { "additionalProperties": false, "properties": { "Condition": { @@ -120977,42 +125938,39 @@ "Properties": { "additionalProperties": false, "properties": { + "Description": { + "markdownDescription": "A human-readable description of the alias.", + "title": "Description", + "type": "string" + }, "Name": { - "markdownDescription": "A unique identifier for the dimension.", + "markdownDescription": "A descriptive label that is associated with an alias. Alias names do not need to be unique.", "title": "Name", "type": "string" }, - "StringValues": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the value or list of values for the dimension. For `TOPIC_FILTER` dimensions, this is a pattern used to match the MQTT topic (for example, \"admin/#\").", - "title": "StringValues", - "type": "array" + "RoutingStrategy": { + "$ref": "#/definitions/AWS::GameLift::Alias.RoutingStrategy", + "markdownDescription": "The routing configuration, including routing type and fleet target, for the alias.", + "title": "RoutingStrategy" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata that can be used to manage the dimension.", + "markdownDescription": "", "title": "Tags", "type": "array" - }, - "Type": { - "markdownDescription": "Specifies the type of dimension. Supported types: `TOPIC_FILTER.`", - "title": "Type", - "type": "string" } }, "required": [ - "StringValues", - "Type" + "Name", + "RoutingStrategy" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::Dimension" + "AWS::GameLift::Alias" ], "type": "string" }, @@ -121031,7 +125989,31 @@ ], "type": "object" }, - "AWS::IoT::DomainConfiguration": { + "AWS::GameLift::Alias.RoutingStrategy": { + "additionalProperties": false, + "properties": { + "FleetId": { + "markdownDescription": "A unique identifier for a fleet that the alias points to. If you specify `SIMPLE` for the `Type` property, you must specify this property.", + "title": "FleetId", + "type": "string" + }, + "Message": { + "markdownDescription": "The message text to be used with a terminal routing strategy. If you specify `TERMINAL` for the `Type` property, you must specify this property.", + "title": "Message", + "type": "string" + }, + "Type": { + "markdownDescription": "A type of routing strategy.\n\nPossible routing types include the following:\n\n- *SIMPLE* - The alias resolves to one specific fleet. Use this type when routing to active fleets.\n- *TERMINAL* - The alias does not resolve to a fleet but instead can be used to display a message to the user. A terminal alias throws a `TerminalRoutingStrategyException` with the message that you specified in the `Message` property.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::GameLift::Build": { "additionalProperties": false, "properties": { "Condition": { @@ -121066,60 +126048,37 @@ "Properties": { "additionalProperties": false, "properties": { - "AuthorizerConfig": { - "$ref": "#/definitions/AWS::IoT::DomainConfiguration.AuthorizerConfig", - "markdownDescription": "An object that specifies the authorization service for a domain.", - "title": "AuthorizerConfig" - }, - "DomainConfigurationName": { - "markdownDescription": "The name of the domain configuration. This value must be unique to a region.", - "title": "DomainConfigurationName", + "Name": { + "markdownDescription": "A descriptive label that is associated with a build. Build names do not need to be unique.", + "title": "Name", "type": "string" }, - "DomainConfigurationStatus": { - "markdownDescription": "The status to which the domain configuration should be updated.\n\nValid values: `ENABLED` | `DISABLED`", - "title": "DomainConfigurationStatus", + "OperatingSystem": { + "markdownDescription": "The operating system that your game server binaries run on. This value determines the type of fleet resources that you use for this build. If your game build contains multiple executables, they all must run on the same operating system. You must specify a valid operating system in this request. There is no default value. You can't change a build's operating system later.\n\n> Amazon Linux 2 (AL2) will reach end of support on 6/30/2025. See more details in the [Amazon Linux 2 FAQs](https://docs.aws.amazon.com/amazon-linux-2/faqs/) . For game servers that are hosted on AL2 and use server SDK version 4.x for Amazon GameLift Servers, first update the game server build to server SDK 5.x, and then deploy to AL2023 instances. See [Migrate to server SDK version 5.](https://docs.aws.amazon.com/gamelift/latest/developerguide/reference-serversdk5-migration.html)", + "title": "OperatingSystem", "type": "string" }, - "DomainName": { - "markdownDescription": "The name of the domain.", - "title": "DomainName", + "ServerSdkVersion": { + "markdownDescription": "A server SDK version you used when integrating your game server build with Amazon GameLift Servers. For more information see [Integrate games with custom game servers](https://docs.aws.amazon.com/gamelift/latest/developerguide/integration-custom-intro.html) . By default Amazon GameLift Servers sets this value to `4.0.2` .", + "title": "ServerSdkVersion", "type": "string" }, - "ServerCertificateArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The ARNs of the certificates that AWS IoT passes to the device during the TLS handshake. Currently you can specify only one certificate ARN. This value is not required for AWS -managed domains.", - "title": "ServerCertificateArns", - "type": "array" - }, - "ServerCertificateConfig": { - "$ref": "#/definitions/AWS::IoT::DomainConfiguration.ServerCertificateConfig", - "markdownDescription": "The server certificate configuration.\n\nFor more information, see [Configurable endpoints](https://docs.aws.amazon.com//iot/latest/developerguide/iot-custom-endpoints-configurable.html) from the AWS IoT Core Developer Guide.", - "title": "ServerCertificateConfig" - }, - "ServiceType": { - "markdownDescription": "The type of service delivered by the endpoint.\n\n> AWS IoT Core currently supports only the `DATA` service type.", - "title": "ServiceType", - "type": "string" + "StorageLocation": { + "$ref": "#/definitions/AWS::GameLift::Build.StorageLocation", + "markdownDescription": "Information indicating where your game build files are stored. Use this parameter only when creating a build with files stored in an Amazon S3 bucket that you own. The storage location must specify an Amazon S3 bucket name and key. The location must also specify a role ARN that you set up to allow Amazon GameLift Servers to access your Amazon S3 bucket. The S3 bucket and your new build must be in the same Region.\n\nIf a `StorageLocation` is specified, the size of your file can be found in your Amazon S3 bucket. Amazon GameLift Servers will report a `SizeOnDisk` of 0.", + "title": "StorageLocation" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata which can be used to manage the domain configuration.\n\n> For URI Request parameters use format: ...key1=value1&key2=value2...\n> \n> For the CLI command-line parameter use format: &&tags \"key1=value1&key2=value2...\"\n> \n> For the cli-input-json file use format: \"tags\": \"key1=value1&key2=value2...\"", + "markdownDescription": "", "title": "Tags", "type": "array" }, - "TlsConfig": { - "$ref": "#/definitions/AWS::IoT::DomainConfiguration.TlsConfig", - "markdownDescription": "An object that specifies the TLS configuration for a domain.", - "title": "TlsConfig" - }, - "ValidationCertificateArn": { - "markdownDescription": "The certificate used to validate the server certificate and prove domain name ownership. This certificate must be signed by a public certificate authority. This value is not required for AWS -managed domains.", - "title": "ValidationCertificateArn", + "Version": { + "markdownDescription": "Version information that is associated with this build. Version strings do not need to be unique.", + "title": "Version", "type": "string" } }, @@ -121127,7 +126086,7 @@ }, "Type": { "enum": [ - "AWS::IoT::DomainConfiguration" + "AWS::GameLift::Build" ], "type": "string" }, @@ -121145,66 +126104,38 @@ ], "type": "object" }, - "AWS::IoT::DomainConfiguration.AuthorizerConfig": { - "additionalProperties": false, - "properties": { - "AllowAuthorizerOverride": { - "markdownDescription": "A Boolean that specifies whether the domain configuration's authorization service can be overridden.", - "title": "AllowAuthorizerOverride", - "type": "boolean" - }, - "DefaultAuthorizerName": { - "markdownDescription": "The name of the authorization service for a domain configuration.", - "title": "DefaultAuthorizerName", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoT::DomainConfiguration.ServerCertificateConfig": { - "additionalProperties": false, - "properties": { - "EnableOCSPCheck": { - "markdownDescription": "A Boolean value that indicates whether Online Certificate Status Protocol (OCSP) server certificate check is enabled or not. For more information, see [Configurable endpoints](https://docs.aws.amazon.com//iot/latest/developerguide/iot-custom-endpoints-configurable.html) from the AWS IoT Core Developer Guide.", - "title": "EnableOCSPCheck", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::IoT::DomainConfiguration.ServerCertificateSummary": { + "AWS::GameLift::Build.StorageLocation": { "additionalProperties": false, "properties": { - "ServerCertificateArn": { - "markdownDescription": "The ARN of the server certificate.", - "title": "ServerCertificateArn", + "Bucket": { + "markdownDescription": "An Amazon S3 bucket identifier. The name of the S3 bucket.\n\n> Amazon GameLift doesn't support uploading from Amazon S3 buckets with names that contain a dot (.).", + "title": "Bucket", "type": "string" }, - "ServerCertificateStatus": { - "markdownDescription": "The status of the server certificate.", - "title": "ServerCertificateStatus", + "Key": { + "markdownDescription": "The name of the zip file that contains the build files or script files.", + "title": "Key", "type": "string" }, - "ServerCertificateStatusDetail": { - "markdownDescription": "Details that explain the status of the server certificate.", - "title": "ServerCertificateStatusDetail", + "ObjectVersion": { + "markdownDescription": "A version of a stored file to retrieve, if the object versioning feature is turned on for the S3 bucket. Use this parameter to specify a specific version. If this parameter isn't set, Amazon GameLift Servers retrieves the latest version of the file.", + "title": "ObjectVersion", "type": "string" - } - }, - "type": "object" - }, - "AWS::IoT::DomainConfiguration.TlsConfig": { - "additionalProperties": false, - "properties": { - "SecurityPolicy": { - "markdownDescription": "The security policy for a domain configuration. For more information, see [Security policies](https://docs.aws.amazon.com/iot/latest/developerguide/transport-security.html#tls-policy-table) in the *AWS IoT Core developer guide* .", - "title": "SecurityPolicy", + }, + "RoleArn": { + "markdownDescription": "The ARNfor an IAM role that allows Amazon GameLift to access the S3 bucket.", + "title": "RoleArn", "type": "string" } }, + "required": [ + "Bucket", + "Key", + "RoleArn" + ], "type": "object" }, - "AWS::IoT::FleetMetric": { + "AWS::GameLift::ContainerFleet": { "additionalProperties": false, "properties": { "Condition": { @@ -121239,68 +126170,115 @@ "Properties": { "additionalProperties": false, "properties": { - "AggregationField": { - "markdownDescription": "The field to aggregate.", - "title": "AggregationField", + "BillingType": { + "markdownDescription": "Indicates whether the fleet uses On-Demand or Spot instances for this fleet. Learn more about when to use [On-Demand versus Spot Instances](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-ec2-instances.html#gamelift-ec2-instances-spot) . You can't update this fleet property.\n\nBy default, this property is set to `ON_DEMAND` .", + "title": "BillingType", "type": "string" }, - "AggregationType": { - "$ref": "#/definitions/AWS::IoT::FleetMetric.AggregationType", - "markdownDescription": "The type of the aggregation query.", - "title": "AggregationType" + "DeploymentConfiguration": { + "$ref": "#/definitions/AWS::GameLift::ContainerFleet.DeploymentConfiguration", + "markdownDescription": "Set of rules for processing a deployment for a container fleet update.", + "title": "DeploymentConfiguration" }, "Description": { - "markdownDescription": "The fleet metric description.", + "markdownDescription": "A meaningful description of the container fleet.", "title": "Description", "type": "string" }, - "IndexName": { - "markdownDescription": "The name of the index to search.", - "title": "IndexName", + "FleetRoleArn": { + "markdownDescription": "The unique identifier for an AWS Identity and Access Management (IAM) role with permissions to run your containers on resources that are managed by Amazon GameLift Servers. See [Set up an IAM service role](https://docs.aws.amazon.com/gamelift/latest/developerguide/setting-up-role.html) . This fleet property can't be changed.", + "title": "FleetRoleArn", "type": "string" }, - "MetricName": { - "markdownDescription": "The name of the fleet metric to create.", - "title": "MetricName", + "GameServerContainerGroupDefinitionName": { + "markdownDescription": "The name of the fleet's game server container group definition, which describes how to deploy containers with your game server build and support software onto each fleet instance.", + "title": "GameServerContainerGroupDefinitionName", "type": "string" }, - "Period": { - "markdownDescription": "The time in seconds between fleet metric emissions. Range [60(1 min), 86400(1 day)] and must be multiple of 60.", - "title": "Period", + "GameServerContainerGroupsPerInstance": { + "markdownDescription": "The number of times to replicate the game server container group on each fleet instance.", + "title": "GameServerContainerGroupsPerInstance", "type": "number" }, - "QueryString": { - "markdownDescription": "The search query string.", - "title": "QueryString", + "GameSessionCreationLimitPolicy": { + "$ref": "#/definitions/AWS::GameLift::ContainerFleet.GameSessionCreationLimitPolicy", + "markdownDescription": "A policy that limits the number of game sessions that each individual player can create on instances in this fleet. The limit applies for a specified span of time.", + "title": "GameSessionCreationLimitPolicy" + }, + "InstanceConnectionPortRange": { + "$ref": "#/definitions/AWS::GameLift::ContainerFleet.ConnectionPortRange", + "markdownDescription": "The set of port numbers to open on each instance in a container fleet. Connection ports are used by inbound traffic to connect with processes that are running in containers on the fleet.", + "title": "InstanceConnectionPortRange" + }, + "InstanceInboundPermissions": { + "items": { + "$ref": "#/definitions/AWS::GameLift::ContainerFleet.IpPermission" + }, + "markdownDescription": "The IP address ranges and port settings that allow inbound traffic to access game server processes and other processes on this fleet.", + "title": "InstanceInboundPermissions", + "type": "array" + }, + "InstanceType": { + "markdownDescription": "The Amazon EC2 instance type to use for all instances in the fleet. Instance type determines the computing resources and processing power that's available to host your game servers. This includes including CPU, memory, storage, and networking capacity. You can't update this fleet property.", + "title": "InstanceType", "type": "string" }, - "QueryVersion": { - "markdownDescription": "The query version.", - "title": "QueryVersion", + "Locations": { + "items": { + "$ref": "#/definitions/AWS::GameLift::ContainerFleet.LocationConfiguration" + }, + "markdownDescription": "", + "title": "Locations", + "type": "array" + }, + "LogConfiguration": { + "$ref": "#/definitions/AWS::GameLift::ContainerFleet.LogConfiguration", + "markdownDescription": "The method that is used to collect container logs for the fleet. Amazon GameLift Servers saves all standard output for each container in logs, including game session logs.\n\n- `CLOUDWATCH` -- Send logs to an Amazon CloudWatch log group that you define. Each container emits a log stream, which is organized in the log group.\n- `S3` -- Store logs in an Amazon S3 bucket that you define.\n- `NONE` -- Don't collect container logs.", + "title": "LogConfiguration" + }, + "MetricGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The name of an AWS CloudWatch metric group to add this fleet to. Metric groups aggregate metrics for multiple fleets.", + "title": "MetricGroups", + "type": "array" + }, + "NewGameSessionProtectionPolicy": { + "markdownDescription": "Determines whether Amazon GameLift Servers can shut down game sessions on the fleet that are actively running and hosting players. Amazon GameLift Servers might prompt an instance shutdown when scaling down fleet capacity or when retiring unhealthy instances. You can also set game session protection for individual game sessions using [UpdateGameSession](https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateGameSession.html) .\n\n- *NoProtection* -- Game sessions can be shut down during active gameplay.\n- *FullProtection* -- Game sessions in `ACTIVE` status can't be shut down.", + "title": "NewGameSessionProtectionPolicy", + "type": "string" + }, + "PerInstanceContainerGroupDefinitionName": { + "markdownDescription": "The name of the fleet's per-instance container group definition.", + "title": "PerInstanceContainerGroupDefinitionName", "type": "string" }, + "ScalingPolicies": { + "items": { + "$ref": "#/definitions/AWS::GameLift::ContainerFleet.ScalingPolicy" + }, + "markdownDescription": "", + "title": "ScalingPolicies", + "type": "array" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata which can be used to manage the fleet metric.", + "markdownDescription": "", "title": "Tags", "type": "array" - }, - "Unit": { - "markdownDescription": "Used to support unit transformation such as milliseconds to seconds. Must be a unit supported by CW metric. Default to null.", - "title": "Unit", - "type": "string" } }, "required": [ - "MetricName" + "FleetRoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::FleetMetric" + "AWS::GameLift::ContainerFleet" ], "type": "string" }, @@ -121319,30 +126297,250 @@ ], "type": "object" }, - "AWS::IoT::FleetMetric.AggregationType": { + "AWS::GameLift::ContainerFleet.ConnectionPortRange": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the aggregation type.", - "title": "Name", + "FromPort": { + "markdownDescription": "Starting value for the port range.", + "title": "FromPort", + "type": "number" + }, + "ToPort": { + "markdownDescription": "Ending value for the port. Port numbers are end-inclusive. This value must be equal to or greater than `FromPort` .", + "title": "ToPort", + "type": "number" + } + }, + "required": [ + "FromPort", + "ToPort" + ], + "type": "object" + }, + "AWS::GameLift::ContainerFleet.DeploymentConfiguration": { + "additionalProperties": false, + "properties": { + "ImpairmentStrategy": { + "markdownDescription": "Determines what actions to take if a deployment fails. If the fleet is multi-location, this strategy applies across all fleet locations. With a rollback strategy, updated fleet instances are rolled back to the last successful deployment. Alternatively, you can maintain a few impaired containers for the purpose of debugging, while all other tasks return to the last successful deployment.", + "title": "ImpairmentStrategy", "type": "string" }, - "Values": { + "MinimumHealthyPercentage": { + "markdownDescription": "Sets a minimum level of healthy tasks to maintain during deployment activity.", + "title": "MinimumHealthyPercentage", + "type": "number" + }, + "ProtectionStrategy": { + "markdownDescription": "Determines how fleet deployment activity affects active game sessions on the fleet. With protection, a deployment honors game session protection, and delays actions that would interrupt a protected active game session until the game session ends. Without protection, deployment activity can shut down all running tasks, including active game sessions, regardless of game session protection.", + "title": "ProtectionStrategy", + "type": "string" + } + }, + "type": "object" + }, + "AWS::GameLift::ContainerFleet.DeploymentDetails": { + "additionalProperties": false, + "properties": { + "LatestDeploymentId": { + "markdownDescription": "A unique identifier for a fleet deployment.", + "title": "LatestDeploymentId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::GameLift::ContainerFleet.GameSessionCreationLimitPolicy": { + "additionalProperties": false, + "properties": { + "NewGameSessionsPerCreator": { + "markdownDescription": "A policy that puts limits on the number of game sessions that a player can create within a specified span of time. With this policy, you can control players' ability to consume available resources.\n\nThe policy evaluates when a player tries to create a new game session. On receiving a `CreateGameSession` request, Amazon GameLift Servers checks that the player (identified by `CreatorId` ) has created fewer than game session limit in the specified time period.", + "title": "NewGameSessionsPerCreator", + "type": "number" + }, + "PolicyPeriodInMinutes": { + "markdownDescription": "The time span used in evaluating the resource creation limit policy.", + "title": "PolicyPeriodInMinutes", + "type": "number" + } + }, + "type": "object" + }, + "AWS::GameLift::ContainerFleet.IpPermission": { + "additionalProperties": false, + "properties": { + "FromPort": { + "markdownDescription": "A starting value for a range of allowed port numbers.\n\nFor fleets using Linux builds, only ports `22` and `1026-60000` are valid.\n\nFor fleets using Windows builds, only ports `1026-60000` are valid.", + "title": "FromPort", + "type": "number" + }, + "IpRange": { + "markdownDescription": "A range of allowed IP addresses. This value must be expressed in CIDR notation. Example: \" `000.000.000.000/[subnet mask]` \" or optionally the shortened version \" `0.0.0.0/[subnet mask]` \".", + "title": "IpRange", + "type": "string" + }, + "Protocol": { + "markdownDescription": "The network communication protocol used by the fleet.", + "title": "Protocol", + "type": "string" + }, + "ToPort": { + "markdownDescription": "An ending value for a range of allowed port numbers. Port numbers are end-inclusive. This value must be equal to or greater than `FromPort` .\n\nFor fleets using Linux builds, only ports `22` and `1026-60000` are valid.\n\nFor fleets using Windows builds, only ports `1026-60000` are valid.", + "title": "ToPort", + "type": "number" + } + }, + "required": [ + "FromPort", + "IpRange", + "Protocol", + "ToPort" + ], + "type": "object" + }, + "AWS::GameLift::ContainerFleet.LocationCapacity": { + "additionalProperties": false, + "properties": { + "DesiredEC2Instances": { + "markdownDescription": "", + "title": "DesiredEC2Instances", + "type": "number" + }, + "MaxSize": { + "markdownDescription": "", + "title": "MaxSize", + "type": "number" + }, + "MinSize": { + "markdownDescription": "", + "title": "MinSize", + "type": "number" + } + }, + "required": [ + "DesiredEC2Instances", + "MaxSize", + "MinSize" + ], + "type": "object" + }, + "AWS::GameLift::ContainerFleet.LocationConfiguration": { + "additionalProperties": false, + "properties": { + "Location": { + "markdownDescription": "An AWS Region code, such as `us-west-2` . For a list of supported Regions and Local Zones, see [Amazon GameLift Servers service locations](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-regions.html) for managed hosting.", + "title": "Location", + "type": "string" + }, + "LocationCapacity": { + "$ref": "#/definitions/AWS::GameLift::ContainerFleet.LocationCapacity", + "markdownDescription": "", + "title": "LocationCapacity" + }, + "StoppedActions": { "items": { "type": "string" }, - "markdownDescription": "A list of the values of aggregation types.", - "title": "Values", + "markdownDescription": "", + "title": "StoppedActions", "type": "array" } }, "required": [ - "Name", - "Values" + "Location" ], "type": "object" }, - "AWS::IoT::JobTemplate": { + "AWS::GameLift::ContainerFleet.LogConfiguration": { + "additionalProperties": false, + "properties": { + "LogDestination": { + "markdownDescription": "The type of log collection to use for a fleet.\n\n- `CLOUDWATCH` -- (default value) Send logs to an Amazon CloudWatch log group that you define. Each container emits a log stream, which is organized in the log group.\n- `S3` -- Store logs in an Amazon S3 bucket that you define. This bucket must reside in the fleet's home AWS Region.\n- `NONE` -- Don't collect container logs.", + "title": "LogDestination", + "type": "string" + }, + "LogGroupArn": { + "markdownDescription": "If log destination is `CLOUDWATCH` , logs are sent to the specified log group in Amazon CloudWatch.", + "title": "LogGroupArn", + "type": "string" + }, + "S3BucketName": { + "markdownDescription": "If log destination is `S3` , logs are sent to the specified Amazon S3 bucket name.", + "title": "S3BucketName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::GameLift::ContainerFleet.ScalingPolicy": { + "additionalProperties": false, + "properties": { + "ComparisonOperator": { + "markdownDescription": "Comparison operator to use when measuring a metric against the threshold value.", + "title": "ComparisonOperator", + "type": "string" + }, + "EvaluationPeriods": { + "markdownDescription": "Length of time (in minutes) the metric must be at or beyond the threshold before a scaling event is triggered.", + "title": "EvaluationPeriods", + "type": "number" + }, + "MetricName": { + "markdownDescription": "Name of the Amazon GameLift Servers-defined metric that is used to trigger a scaling adjustment. For detailed descriptions of fleet metrics, see [Monitor Amazon GameLift Servers with Amazon CloudWatch](https://docs.aws.amazon.com/gamelift/latest/developerguide/monitoring-cloudwatch.html) .\n\n- *ActivatingGameSessions* -- Game sessions in the process of being created.\n- *ActiveGameSessions* -- Game sessions that are currently running.\n- *ActiveInstances* -- Fleet instances that are currently running at least one game session.\n- *AvailableGameSessions* -- Additional game sessions that fleet could host simultaneously, given current capacity.\n- *AvailablePlayerSessions* -- Empty player slots in currently active game sessions. This includes game sessions that are not currently accepting players. Reserved player slots are not included.\n- *CurrentPlayerSessions* -- Player slots in active game sessions that are being used by a player or are reserved for a player.\n- *IdleInstances* -- Active instances that are currently hosting zero game sessions.\n- *PercentAvailableGameSessions* -- Unused percentage of the total number of game sessions that a fleet could host simultaneously, given current capacity. Use this metric for a target-based scaling policy.\n- *PercentIdleInstances* -- Percentage of the total number of active instances that are hosting zero game sessions.\n- *QueueDepth* -- Pending game session placement requests, in any queue, where the current fleet is the top-priority destination.\n- *WaitTime* -- Current wait time for pending game session placement requests, in any queue, where the current fleet is the top-priority destination.", + "title": "MetricName", + "type": "string" + }, + "Name": { + "markdownDescription": "A descriptive label that is associated with a fleet's scaling policy. Policy names do not need to be unique.", + "title": "Name", + "type": "string" + }, + "PolicyType": { + "markdownDescription": "The type of scaling policy to create. For a target-based policy, set the parameter *MetricName* to 'PercentAvailableGameSessions' and specify a *TargetConfiguration* . For a rule-based policy set the following parameters: *MetricName* , *ComparisonOperator* , *Threshold* , *EvaluationPeriods* , *ScalingAdjustmentType* , and *ScalingAdjustment* .", + "title": "PolicyType", + "type": "string" + }, + "ScalingAdjustment": { + "markdownDescription": "Amount of adjustment to make, based on the scaling adjustment type.", + "title": "ScalingAdjustment", + "type": "number" + }, + "ScalingAdjustmentType": { + "markdownDescription": "The type of adjustment to make to a fleet's instance count.\n\n- *ChangeInCapacity* -- add (or subtract) the scaling adjustment value from the current instance count. Positive values scale up while negative values scale down.\n- *ExactCapacity* -- set the instance count to the scaling adjustment value.\n- *PercentChangeInCapacity* -- increase or reduce the current instance count by the scaling adjustment, read as a percentage. Positive values scale up while negative values scale down.", + "title": "ScalingAdjustmentType", + "type": "string" + }, + "TargetConfiguration": { + "$ref": "#/definitions/AWS::GameLift::ContainerFleet.TargetConfiguration", + "markdownDescription": "An object that contains settings for a target-based scaling policy.", + "title": "TargetConfiguration" + }, + "Threshold": { + "markdownDescription": "Metric value used to trigger a scaling event.", + "title": "Threshold", + "type": "number" + } + }, + "required": [ + "MetricName", + "Name" + ], + "type": "object" + }, + "AWS::GameLift::ContainerFleet.TargetConfiguration": { + "additionalProperties": false, + "properties": { + "TargetValue": { + "markdownDescription": "Desired value to use with a target-based scaling policy. The value must be relevant for whatever metric the scaling policy is using. For example, in a policy using the metric PercentAvailableGameSessions, the target value should be the preferred size of the fleet's buffer (the percent of capacity that should be idle and ready for new game sessions).", + "title": "TargetValue", + "type": "number" + } + }, + "required": [ + "TargetValue" + ], + "type": "object" + }, + "AWS::GameLift::ContainerGroupDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -121377,90 +126575,74 @@ "Properties": { "additionalProperties": false, "properties": { - "AbortConfig": { - "$ref": "#/definitions/AWS::IoT::JobTemplate.AbortConfig", - "markdownDescription": "The criteria that determine when and how a job abort takes place.", - "title": "AbortConfig" - }, - "Description": { - "markdownDescription": "A description of the job template.", - "title": "Description", + "ContainerGroupType": { + "markdownDescription": "The type of container group. Container group type determines how Amazon GameLift Servers deploys the container group on each fleet instance.", + "title": "ContainerGroupType", "type": "string" }, - "DestinationPackageVersions": { - "items": { - "type": "string" - }, - "markdownDescription": "The package version Amazon Resource Names (ARNs) that are installed on the device\u2019s reserved named shadow ( `$package` ) when the job successfully completes.\n\n*Note:* Up to 25 package version ARNS are allowed.", - "title": "DestinationPackageVersions", - "type": "array" - }, - "Document": { - "markdownDescription": "The job document.\n\nRequired if you don't specify a value for `documentSource` .", - "title": "Document", - "type": "string" + "GameServerContainerDefinition": { + "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.GameServerContainerDefinition", + "markdownDescription": "The definition for the game server container in this group. This property is used only when the container group type is `GAME_SERVER` . This container definition specifies a container image with the game server build.", + "title": "GameServerContainerDefinition" }, - "DocumentSource": { - "markdownDescription": "An S3 link, or S3 object URL, to the job document. The link is an Amazon S3 object URL and is required if you don't specify a value for `document` .\n\nFor example, `--document-source https://s3. *region-code* .amazonaws.com/example-firmware/device-firmware.1.0`\n\nFor more information, see [Methods for accessing a bucket](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-bucket-intro.html) .", - "title": "DocumentSource", + "Name": { + "markdownDescription": "A descriptive identifier for the container group definition. The name value is unique in an AWS Region.", + "title": "Name", "type": "string" }, - "JobArn": { - "markdownDescription": "The ARN of the job to use as the basis for the job template.", - "title": "JobArn", + "OperatingSystem": { + "markdownDescription": "The platform that all containers in the container group definition run on.\n\n> Amazon Linux 2 (AL2) will reach end of support on 6/30/2025. See more details in the [Amazon Linux 2 FAQs](https://docs.aws.amazon.com/amazon-linux-2/faqs/) . For game servers that are hosted on AL2 and use server SDK version 4.x for Amazon GameLift Servers, first update the game server build to server SDK 5.x, and then deploy to AL2023 instances. See [Migrate to server SDK version 5.](https://docs.aws.amazon.com/gamelift/latest/developerguide/reference-serversdk5-migration.html)", + "title": "OperatingSystem", "type": "string" }, - "JobExecutionsRetryConfig": { - "$ref": "#/definitions/AWS::IoT::JobTemplate.JobExecutionsRetryConfig", - "markdownDescription": "Allows you to create the criteria to retry a job.", - "title": "JobExecutionsRetryConfig" - }, - "JobExecutionsRolloutConfig": { - "$ref": "#/definitions/AWS::IoT::JobTemplate.JobExecutionsRolloutConfig", - "markdownDescription": "Allows you to create a staged rollout of a job.", - "title": "JobExecutionsRolloutConfig" - }, - "JobTemplateId": { - "markdownDescription": "A unique identifier for the job template. We recommend using a UUID. Alpha-numeric characters, \"-\", and \"_\" are valid for use here.", - "title": "JobTemplateId", - "type": "string" + "SourceVersionNumber": { + "markdownDescription": "", + "title": "SourceVersionNumber", + "type": "number" }, - "MaintenanceWindows": { + "SupportContainerDefinitions": { "items": { - "$ref": "#/definitions/AWS::IoT::JobTemplate.MaintenanceWindow" + "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.SupportContainerDefinition" }, - "markdownDescription": "An optional configuration within the SchedulingConfig to setup a recurring maintenance window with a predetermined start time and duration for the rollout of a job document to all devices in a target group for a job.", - "title": "MaintenanceWindows", + "markdownDescription": "The set of definitions for support containers in this group. A container group definition might have zero support container definitions. Support container can be used in any type of container group.", + "title": "SupportContainerDefinitions", "type": "array" }, - "PresignedUrlConfig": { - "$ref": "#/definitions/AWS::IoT::JobTemplate.PresignedUrlConfig", - "markdownDescription": "Configuration for pre-signed S3 URLs.", - "title": "PresignedUrlConfig" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata that can be used to manage the job template.", + "markdownDescription": "", "title": "Tags", "type": "array" }, - "TimeoutConfig": { - "$ref": "#/definitions/AWS::IoT::JobTemplate.TimeoutConfig", - "markdownDescription": "Specifies the amount of time each device has to finish its execution of the job. A timer is started when the job execution status is set to `IN_PROGRESS` . If the job execution status is not set to another terminal state before the timer expires, it will be automatically set to `TIMED_OUT` .", - "title": "TimeoutConfig" + "TotalMemoryLimitMebibytes": { + "markdownDescription": "The amount of memory (in MiB) on a fleet instance to allocate for the container group. All containers in the group share these resources.\n\nYou can set a limit for each container definition in the group. If individual containers have limits, this total value must be greater than any individual container's memory limit.", + "title": "TotalMemoryLimitMebibytes", + "type": "number" + }, + "TotalVcpuLimit": { + "markdownDescription": "The amount of vCPU units on a fleet instance to allocate for the container group (1 vCPU is equal to 1024 CPU units). All containers in the group share these resources. You can set a limit for each container definition in the group. If individual containers have limits, this total value must be equal to or greater than the sum of the limits for each container in the group.", + "title": "TotalVcpuLimit", + "type": "number" + }, + "VersionDescription": { + "markdownDescription": "An optional description that was provided for a container group definition update. Each version can have a unique description.", + "title": "VersionDescription", + "type": "string" } }, "required": [ - "Description", - "JobTemplateId" + "Name", + "OperatingSystem", + "TotalMemoryLimitMebibytes", + "TotalVcpuLimit" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::JobTemplate" + "AWS::GameLift::ContainerGroupDefinition" ], "type": "string" }, @@ -121479,193 +126661,285 @@ ], "type": "object" }, - "AWS::IoT::JobTemplate.AbortConfig": { + "AWS::GameLift::ContainerGroupDefinition.ContainerDependency": { "additionalProperties": false, "properties": { - "CriteriaList": { - "items": { - "$ref": "#/definitions/AWS::IoT::JobTemplate.AbortCriteria" - }, - "markdownDescription": "The list of criteria that determine when and how to abort the job.", - "title": "CriteriaList", - "type": "array" + "Condition": { + "markdownDescription": "The condition that the dependency container must reach before the dependent container can start. Valid conditions include:\n\n- START - The dependency container must have started.\n- COMPLETE - The dependency container has run to completion (exits). Use this condition with nonessential containers, such as those that run a script and then exit. The dependency container can't be an essential container.\n- SUCCESS - The dependency container has run to completion and exited with a zero status. The dependency container can't be an essential container.\n- HEALTHY - The dependency container has passed its Docker health check. Use this condition with dependency containers that have health checks configured. This condition is confirmed at container group startup only.", + "title": "Condition", + "type": "string" + }, + "ContainerName": { + "markdownDescription": "A descriptive label for the container definition that this container depends on.", + "title": "ContainerName", + "type": "string" } }, "required": [ - "CriteriaList" + "Condition", + "ContainerName" ], "type": "object" }, - "AWS::IoT::JobTemplate.AbortCriteria": { + "AWS::GameLift::ContainerGroupDefinition.ContainerEnvironment": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The type of job action to take to initiate the job abort.", - "title": "Action", + "Name": { + "markdownDescription": "The environment variable name.", + "title": "Name", "type": "string" }, - "FailureType": { - "markdownDescription": "The type of job execution failures that can initiate a job abort.", - "title": "FailureType", + "Value": { + "markdownDescription": "The environment variable value.", + "title": "Value", "type": "string" - }, - "MinNumberOfExecutedThings": { - "markdownDescription": "The minimum number of things which must receive job execution notifications before the job can be aborted.", - "title": "MinNumberOfExecutedThings", - "type": "number" - }, - "ThresholdPercentage": { - "markdownDescription": "The minimum percentage of job execution failures that must occur to initiate the job abort.\n\nAWS IoT Core supports up to two digits after the decimal (for example, 10.9 and 10.99, but not 10.999).", - "title": "ThresholdPercentage", - "type": "number" } }, "required": [ - "Action", - "FailureType", - "MinNumberOfExecutedThings", - "ThresholdPercentage" + "Name", + "Value" ], "type": "object" }, - "AWS::IoT::JobTemplate.ExponentialRolloutRate": { + "AWS::GameLift::ContainerGroupDefinition.ContainerHealthCheck": { "additionalProperties": false, "properties": { - "BaseRatePerMinute": { - "markdownDescription": "The minimum number of things that will be notified of a pending job, per minute at the start of job rollout. This parameter allows you to define the initial rate of rollout.", - "title": "BaseRatePerMinute", + "Command": { + "items": { + "type": "string" + }, + "markdownDescription": "A string array that specifies the command that the container runs to determine if it's healthy.", + "title": "Command", + "type": "array" + }, + "Interval": { + "markdownDescription": "The time period (in seconds) between each health check.", + "title": "Interval", "type": "number" }, - "IncrementFactor": { - "markdownDescription": "The exponential factor to increase the rate of rollout for a job.\n\nAWS IoT Core supports up to one digit after the decimal (for example, 1.5, but not 1.55).", - "title": "IncrementFactor", + "Retries": { + "markdownDescription": "The number of times to retry a failed health check before flagging the container unhealthy. The first run of the command does not count as a retry.", + "title": "Retries", "type": "number" }, - "RateIncreaseCriteria": { - "$ref": "#/definitions/AWS::IoT::JobTemplate.RateIncreaseCriteria", - "markdownDescription": "The criteria to initiate the increase in rate of rollout for a job.", - "title": "RateIncreaseCriteria" + "StartPeriod": { + "markdownDescription": "The optional grace period (in seconds) to give a container time to bootstrap before the first failed health check counts toward the number of retries.", + "title": "StartPeriod", + "type": "number" + }, + "Timeout": { + "markdownDescription": "The time period (in seconds) to wait for a health check to succeed before counting a failed health check.", + "title": "Timeout", + "type": "number" } }, "required": [ - "BaseRatePerMinute", - "IncrementFactor", - "RateIncreaseCriteria" + "Command" ], "type": "object" }, - "AWS::IoT::JobTemplate.JobExecutionsRetryConfig": { - "additionalProperties": false, - "properties": { - "RetryCriteriaList": { - "items": { - "$ref": "#/definitions/AWS::IoT::JobTemplate.RetryCriteria" - }, - "markdownDescription": "The list of criteria that determines how many retries are allowed for each failure type for a job.", - "title": "RetryCriteriaList", - "type": "array" - } - }, - "type": "object" - }, - "AWS::IoT::JobTemplate.JobExecutionsRolloutConfig": { + "AWS::GameLift::ContainerGroupDefinition.ContainerMountPoint": { "additionalProperties": false, "properties": { - "ExponentialRolloutRate": { - "$ref": "#/definitions/AWS::IoT::JobTemplate.ExponentialRolloutRate", - "markdownDescription": "The rate of increase for a job rollout. This parameter allows you to define an exponential rate for a job rollout.", - "title": "ExponentialRolloutRate" + "AccessLevel": { + "markdownDescription": "The type of access for the container.", + "title": "AccessLevel", + "type": "string" }, - "MaximumPerMinute": { - "markdownDescription": "The maximum number of things that will be notified of a pending job, per minute. This parameter allows you to create a staged rollout.", - "title": "MaximumPerMinute", - "type": "number" + "ContainerPath": { + "markdownDescription": "The mount path on the container. If this property isn't set, the instance path is used.", + "title": "ContainerPath", + "type": "string" + }, + "InstancePath": { + "markdownDescription": "The path to the source file or directory.", + "title": "InstancePath", + "type": "string" } }, + "required": [ + "InstancePath" + ], "type": "object" }, - "AWS::IoT::JobTemplate.MaintenanceWindow": { + "AWS::GameLift::ContainerGroupDefinition.ContainerPortRange": { "additionalProperties": false, "properties": { - "DurationInMinutes": { - "markdownDescription": "Displays the duration of the next maintenance window.", - "title": "DurationInMinutes", + "FromPort": { + "markdownDescription": "A starting value for the range of allowed port numbers.", + "title": "FromPort", "type": "number" }, - "StartTime": { - "markdownDescription": "Displays the start time of the next maintenance window.", - "title": "StartTime", + "Protocol": { + "markdownDescription": "The network protocol that these ports support.", + "title": "Protocol", "type": "string" + }, + "ToPort": { + "markdownDescription": "An ending value for the range of allowed port numbers. Port numbers are end-inclusive. This value must be equal to or greater than `FromPort` .", + "title": "ToPort", + "type": "number" } }, + "required": [ + "FromPort", + "Protocol", + "ToPort" + ], "type": "object" }, - "AWS::IoT::JobTemplate.PresignedUrlConfig": { + "AWS::GameLift::ContainerGroupDefinition.GameServerContainerDefinition": { "additionalProperties": false, "properties": { - "ExpiresInSec": { - "markdownDescription": "How long (in seconds) pre-signed URLs are valid. Valid values are 60 - 3600, the default value is 3600 seconds. Pre-signed URLs are generated when Jobs receives an MQTT request for the job document.", - "title": "ExpiresInSec", - "type": "number" + "ContainerName": { + "markdownDescription": "The container definition identifier. Container names are unique within a container group definition.", + "title": "ContainerName", + "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of an IAM role that grants grants permission to download files from the S3 bucket where the job data/updates are stored. The role must also grant permission for IoT to download the files.\n\n> For information about addressing the confused deputy problem, see [cross-service confused deputy prevention](https://docs.aws.amazon.com/iot/latest/developerguide/cross-service-confused-deputy-prevention.html) in the *AWS IoT Core developer guide* .", - "title": "RoleArn", + "DependsOn": { + "items": { + "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerDependency" + }, + "markdownDescription": "Indicates that the container relies on the status of other containers in the same container group during startup and shutdown sequences. A container might have dependencies on multiple containers.", + "title": "DependsOn", + "type": "array" + }, + "EnvironmentOverride": { + "items": { + "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerEnvironment" + }, + "markdownDescription": "A set of environment variables that's passed to the container on startup. See the [ContainerDefinition::environment](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ContainerDefinition.html#ECS-Type-ContainerDefinition-environment) parameter in the *Amazon Elastic Container Service API Reference* .", + "title": "EnvironmentOverride", + "type": "array" + }, + "ImageUri": { + "markdownDescription": "The URI to the image that Amazon GameLift Servers uses when deploying this container to a container fleet. For a more specific identifier, see `ResolvedImageDigest` .", + "title": "ImageUri", + "type": "string" + }, + "MountPoints": { + "items": { + "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerMountPoint" + }, + "markdownDescription": "A mount point that binds a path inside the container to a file or directory on the host system and lets it access the file or directory.", + "title": "MountPoints", + "type": "array" + }, + "PortConfiguration": { + "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.PortConfiguration", + "markdownDescription": "The set of ports that are available to bind to processes in the container. For example, a game server process requires a container port to allow game clients to connect to it. Container ports aren't directly accessed by inbound traffic. Amazon GameLift Servers maps these container ports to externally accessible connection ports, which are assigned as needed from the container fleet's `ConnectionPortRange` .", + "title": "PortConfiguration" + }, + "ResolvedImageDigest": { + "markdownDescription": "A unique and immutable identifier for the container image. The digest is a SHA 256 hash of the container image manifest.", + "title": "ResolvedImageDigest", + "type": "string" + }, + "ServerSdkVersion": { + "markdownDescription": "The Amazon GameLift Servers server SDK version that the game server is integrated with. Only game servers using 5.2.0 or higher are compatible with container fleets.", + "title": "ServerSdkVersion", "type": "string" } }, "required": [ - "RoleArn" + "ContainerName", + "ImageUri", + "ServerSdkVersion" ], "type": "object" }, - "AWS::IoT::JobTemplate.RateIncreaseCriteria": { + "AWS::GameLift::ContainerGroupDefinition.PortConfiguration": { "additionalProperties": false, "properties": { - "NumberOfNotifiedThings": { - "markdownDescription": "The threshold for number of notified things that will initiate the increase in rate of rollout.", - "title": "NumberOfNotifiedThings", - "type": "number" - }, - "NumberOfSucceededThings": { - "markdownDescription": "The threshold for number of succeeded things that will initiate the increase in rate of rollout.", - "title": "NumberOfSucceededThings", - "type": "number" + "ContainerPortRanges": { + "items": { + "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerPortRange" + }, + "markdownDescription": "", + "title": "ContainerPortRanges", + "type": "array" } }, + "required": [ + "ContainerPortRanges" + ], "type": "object" }, - "AWS::IoT::JobTemplate.RetryCriteria": { + "AWS::GameLift::ContainerGroupDefinition.SupportContainerDefinition": { "additionalProperties": false, "properties": { - "FailureType": { - "markdownDescription": "The type of job execution failures that can initiate a job retry.", - "title": "FailureType", + "ContainerName": { + "markdownDescription": "The container definition identifier. Container names are unique within a container group definition.", + "title": "ContainerName", "type": "string" }, - "NumberOfRetries": { - "markdownDescription": "The number of retries allowed for a failure type for the job.", - "title": "NumberOfRetries", + "DependsOn": { + "items": { + "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerDependency" + }, + "markdownDescription": "Indicates that the container relies on the status of other containers in the same container group during its startup and shutdown sequences. A container might have dependencies on multiple containers.", + "title": "DependsOn", + "type": "array" + }, + "EnvironmentOverride": { + "items": { + "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerEnvironment" + }, + "markdownDescription": "A set of environment variables that's passed to the container on startup. See the [ContainerDefinition::environment](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ContainerDefinition.html#ECS-Type-ContainerDefinition-environment) parameter in the *Amazon Elastic Container Service API Reference* .", + "title": "EnvironmentOverride", + "type": "array" + }, + "Essential": { + "markdownDescription": "Indicates whether the container is vital to the container group. If an essential container fails, the entire container group restarts.", + "title": "Essential", + "type": "boolean" + }, + "HealthCheck": { + "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerHealthCheck", + "markdownDescription": "A configuration for a non-terminal health check. A support container automatically restarts if it stops functioning or if it fails this health check.", + "title": "HealthCheck" + }, + "ImageUri": { + "markdownDescription": "The URI to the image that Amazon GameLift Servers deploys to a container fleet. For a more specific identifier, see `ResolvedImageDigest` .", + "title": "ImageUri", + "type": "string" + }, + "MemoryHardLimitMebibytes": { + "markdownDescription": "The amount of memory that Amazon GameLift Servers makes available to the container. If memory limits aren't set for an individual container, the container shares the container group's total memory allocation.\n\n*Related data type:* [ContainerGroupDefinition TotalMemoryLimitMebibytes](https://docs.aws.amazon.com/gamelift/latest/apireference/API_ContainerGroupDefinition.html)", + "title": "MemoryHardLimitMebibytes", "type": "number" - } - }, - "type": "object" - }, - "AWS::IoT::JobTemplate.TimeoutConfig": { - "additionalProperties": false, - "properties": { - "InProgressTimeoutInMinutes": { - "markdownDescription": "Specifies the amount of time, in minutes, this device has to finish execution of this job. The timeout interval can be anywhere between 1 minute and 7 days (1 to 10080 minutes). The in progress timer can't be updated and will apply to all job executions for the job. Whenever a job execution remains in the IN_PROGRESS status for longer than this interval, the job execution will fail and switch to the terminal `TIMED_OUT` status.", - "title": "InProgressTimeoutInMinutes", + }, + "MountPoints": { + "items": { + "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerMountPoint" + }, + "markdownDescription": "A mount point that binds a path inside the container to a file or directory on the host system and lets it access the file or directory.", + "title": "MountPoints", + "type": "array" + }, + "PortConfiguration": { + "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.PortConfiguration", + "markdownDescription": "A set of ports that allow access to the container from external users. Processes running in the container can bind to a one of these ports. Container ports aren't directly accessed by inbound traffic. Amazon GameLift Servers maps these container ports to externally accessible connection ports, which are assigned as needed from the container fleet's `ConnectionPortRange` .", + "title": "PortConfiguration" + }, + "ResolvedImageDigest": { + "markdownDescription": "A unique and immutable identifier for the container image. The digest is a SHA 256 hash of the container image manifest.", + "title": "ResolvedImageDigest", + "type": "string" + }, + "Vcpu": { + "markdownDescription": "The number of vCPU units that are reserved for the container. If no resources are reserved, the container shares the total vCPU limit for the container group.\n\n*Related data type:* [ContainerGroupDefinition TotalVcpuLimit](https://docs.aws.amazon.com/gamelift/latest/apireference/API_ContainerGroupDefinition.html)", + "title": "Vcpu", "type": "number" } }, "required": [ - "InProgressTimeoutInMinutes" + "ContainerName", + "ImageUri" ], "type": "object" }, - "AWS::IoT::Logging": { + "AWS::GameLift::Fleet": { "additionalProperties": false, "properties": { "Condition": { @@ -121700,118 +126974,140 @@ "Properties": { "additionalProperties": false, "properties": { - "AccountId": { - "markdownDescription": "The account ID.", - "title": "AccountId", + "AnywhereConfiguration": { + "$ref": "#/definitions/AWS::GameLift::Fleet.AnywhereConfiguration", + "markdownDescription": "Amazon GameLift Servers Anywhere configuration options.", + "title": "AnywhereConfiguration" + }, + "ApplyCapacity": { + "markdownDescription": "Current resource capacity settings for managed EC2 fleets and managed container fleets. For multi-location fleets, location values might refer to a fleet's remote location or its home Region.\n\n*Returned by:* [DescribeFleetCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetCapacity.html) , [DescribeFleetLocationCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetLocationCapacity.html) , [UpdateFleetCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateFleetCapacity.html)", + "title": "ApplyCapacity", "type": "string" }, - "DefaultLogLevel": { - "markdownDescription": "The default log level. Valid Values: `DEBUG | INFO | ERROR | WARN | DISABLED`", - "title": "DefaultLogLevel", + "BuildId": { + "markdownDescription": "A unique identifier for a build to be deployed on the new fleet. If you are deploying the fleet with a custom game build, you must specify this property. The build must have been successfully uploaded to Amazon GameLift and be in a `READY` status. This fleet setting cannot be changed once the fleet is created.", + "title": "BuildId", "type": "string" }, - "RoleArn": { - "markdownDescription": "The role ARN used for the log.", - "title": "RoleArn", + "CertificateConfiguration": { + "$ref": "#/definitions/AWS::GameLift::Fleet.CertificateConfiguration", + "markdownDescription": "Prompts Amazon GameLift Servers to generate a TLS/SSL certificate for the fleet. Amazon GameLift Servers uses the certificates to encrypt traffic between game clients and the game servers running on Amazon GameLift Servers. By default, the `CertificateConfiguration` is `DISABLED` . You can't change this property after you create the fleet.\n\nAWS Certificate Manager (ACM) certificates expire after 13 months. Certificate expiration can cause fleets to fail, preventing players from connecting to instances in the fleet. We recommend you replace fleets before 13 months, consider using fleet aliases for a smooth transition.\n\n> ACM isn't available in all AWS regions. A fleet creation request with certificate generation enabled in an unsupported Region, fails with a 4xx error. For more information about the supported Regions, see [Supported Regions](https://docs.aws.amazon.com/acm/latest/userguide/acm-regions.html) in the *AWS Certificate Manager User Guide* .", + "title": "CertificateConfiguration" + }, + "ComputeType": { + "markdownDescription": "The type of compute resource used to host your game servers.\n\n- `EC2` \u2013 The game server build is deployed to Amazon EC2 instances for cloud hosting. This is the default setting.\n- `ANYWHERE` \u2013 Game servers and supporting software are deployed to compute resources that you provide and manage. With this compute type, you can also set the `AnywhereConfiguration` parameter.", + "title": "ComputeType", "type": "string" - } - }, - "required": [ - "AccountId", - "DefaultLogLevel", - "RoleArn" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::IoT::Logging" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::IoT::MitigationAction": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + }, + "Description": { + "markdownDescription": "A description for the fleet.", + "title": "Description", "type": "string" }, - { + "EC2InboundPermissions": { + "items": { + "$ref": "#/definitions/AWS::GameLift::Fleet.IpPermission" + }, + "markdownDescription": "The IP address ranges and port settings that allow inbound traffic to access game server processes and other processes on this fleet. Set this parameter for managed EC2 fleets. You can leave this parameter empty when creating the fleet, but you must call [](https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateFleetPortSettings) to set it before players can connect to game sessions. As a best practice, we recommend opening ports for remote access only when you need them and closing them when you're finished. For Amazon GameLift Servers Realtime fleets, Amazon GameLift Servers automatically sets TCP and UDP ranges.", + "title": "EC2InboundPermissions", + "type": "array" + }, + "EC2InstanceType": { + "markdownDescription": "The Amazon GameLift Servers-supported Amazon EC2 instance type to use with managed EC2 fleets. Instance type determines the computing resources that will be used to host your game servers, including CPU, memory, storage, and networking capacity. See [Amazon Elastic Compute Cloud Instance Types](https://docs.aws.amazon.com/ec2/instance-types/) for detailed descriptions of Amazon EC2 instance types.", + "title": "EC2InstanceType", + "type": "string" + }, + "FleetType": { + "markdownDescription": "Indicates whether to use On-Demand or Spot instances for this fleet. By default, this property is set to `ON_DEMAND` . Learn more about when to use [On-Demand versus Spot Instances](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-ec2-instances.html#gamelift-ec2-instances-spot) . This fleet property can't be changed after the fleet is created.", + "title": "FleetType", + "type": "string" + }, + "InstanceRoleARN": { + "markdownDescription": "A unique identifier for an IAM role that manages access to your AWS services. With an instance role ARN set, any application that runs on an instance in this fleet can assume the role, including install scripts, server processes, and daemons (background processes). Create a role or look up a role's ARN by using the [IAM dashboard](https://docs.aws.amazon.com/iam/) in the AWS Management Console . Learn more about using on-box credentials for your game servers at [Access external resources from a game server](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-sdk-server-resources.html) . This attribute is used with fleets where `ComputeType` is `EC2` .", + "title": "InstanceRoleARN", + "type": "string" + }, + "InstanceRoleCredentialsProvider": { + "markdownDescription": "Indicates that fleet instances maintain a shared credentials file for the IAM role defined in `InstanceRoleArn` . Shared credentials allow applications that are deployed with the game server executable to communicate with other AWS resources. This property is used only when the game server is integrated with the server SDK version 5.x. For more information about using shared credentials, see [Communicate with other AWS resources from your fleets](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-sdk-server-resources.html) . This attribute is used with fleets where `ComputeType` is `EC2` .", + "title": "InstanceRoleCredentialsProvider", + "type": "string" + }, + "Locations": { + "items": { + "$ref": "#/definitions/AWS::GameLift::Fleet.LocationConfiguration" + }, + "markdownDescription": "A set of remote locations to deploy additional instances to and manage as a multi-location fleet. Use this parameter when creating a fleet in AWS Regions that support multiple locations. You can add any AWS Region or Local Zone that's supported by Amazon GameLift Servers. Provide a list of one or more AWS Region codes, such as `us-west-2` , or Local Zone names. When using this parameter, Amazon GameLift Servers requires you to include your home location in the request. For a list of supported Regions and Local Zones, see [Amazon GameLift Servers service locations](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-regions.html) for managed hosting.", + "title": "Locations", + "type": "array" + }, + "MetricGroups": { "items": { - "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, + "markdownDescription": "The name of an AWS CloudWatch metric group to add this fleet to. A metric group is used to aggregate the metrics for multiple fleets. You can specify an existing metric group name or set a new name to create a new metric group. A fleet can be included in only one metric group at a time.", + "title": "MetricGroups", "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ActionName": { - "markdownDescription": "The friendly name of the mitigation action.", - "title": "ActionName", + }, + "Name": { + "markdownDescription": "A descriptive label that is associated with a fleet. Fleet names do not need to be unique.", + "title": "Name", "type": "string" }, - "ActionParams": { - "$ref": "#/definitions/AWS::IoT::MitigationAction.ActionParams", - "markdownDescription": "The set of parameters for this mitigation action. The parameters vary, depending on the kind of action you apply.", - "title": "ActionParams" + "NewGameSessionProtectionPolicy": { + "markdownDescription": "The status of termination protection for active game sessions on the fleet. By default, this property is set to `NoProtection` .\n\n- *NoProtection* - Game sessions can be terminated during active gameplay as a result of a scale-down event.\n- *FullProtection* - Game sessions in `ACTIVE` status cannot be terminated during a scale-down event.", + "title": "NewGameSessionProtectionPolicy", + "type": "string" }, - "RoleArn": { - "markdownDescription": "The IAM role ARN used to apply this mitigation action.", - "title": "RoleArn", + "PeerVpcAwsAccountId": { + "markdownDescription": "Used when peering your Amazon GameLift Servers fleet with a VPC, the unique identifier for the AWS account that owns the VPC. You can find your account ID in the AWS Management Console under account settings.", + "title": "PeerVpcAwsAccountId", + "type": "string" + }, + "PeerVpcId": { + "markdownDescription": "A unique identifier for a VPC with resources to be accessed by your Amazon GameLift Servers fleet. The VPC must be in the same Region as your fleet. To look up a VPC ID, use the [VPC Dashboard](https://docs.aws.amazon.com/vpc/) in the AWS Management Console . Learn more about VPC peering in [VPC Peering with Amazon GameLift Servers Fleets](https://docs.aws.amazon.com/gamelift/latest/developerguide/vpc-peering.html) .", + "title": "PeerVpcId", + "type": "string" + }, + "ResourceCreationLimitPolicy": { + "$ref": "#/definitions/AWS::GameLift::Fleet.ResourceCreationLimitPolicy", + "markdownDescription": "A policy that limits the number of game sessions that an individual player can create on instances in this fleet within a specified span of time.", + "title": "ResourceCreationLimitPolicy" + }, + "RuntimeConfiguration": { + "$ref": "#/definitions/AWS::GameLift::Fleet.RuntimeConfiguration", + "markdownDescription": "Instructions for how to launch and maintain server processes on instances in the fleet. The runtime configuration defines one or more server process configurations, each identifying a build executable or Realtime script file and the number of processes of that type to run concurrently.\n\n> The `RuntimeConfiguration` parameter is required unless the fleet is being configured using the older parameters `ServerLaunchPath` and `ServerLaunchParameters` , which are still supported for backward compatibility.", + "title": "RuntimeConfiguration" + }, + "ScalingPolicies": { + "items": { + "$ref": "#/definitions/AWS::GameLift::Fleet.ScalingPolicy" + }, + "markdownDescription": "Rule that controls how a fleet is scaled. Scaling policies are uniquely identified by the combination of name and fleet ID.", + "title": "ScalingPolicies", + "type": "array" + }, + "ScriptId": { + "markdownDescription": "The unique identifier for a Realtime configuration script to be deployed on fleet instances. You can use either the script ID or ARN. Scripts must be uploaded to Amazon GameLift Servers prior to creating the fleet. This fleet property cannot be changed later.\n\n> You can't use the `!Ref` command to reference a script created with a CloudFormation template for the fleet property `ScriptId` . Instead, use `Fn::GetAtt Script.Arn` or `Fn::GetAtt Script.Id` to retrieve either of these properties as input for `ScriptId` . Alternatively, enter a `ScriptId` string manually.", + "title": "ScriptId", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata that can be used to manage the mitigation action.", + "markdownDescription": "", "title": "Tags", "type": "array" } }, "required": [ - "ActionParams", - "RoleArn" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::MitigationAction" + "AWS::GameLift::Fleet" ], "type": "string" }, @@ -121830,141 +127126,261 @@ ], "type": "object" }, - "AWS::IoT::MitigationAction.ActionParams": { + "AWS::GameLift::Fleet.AnywhereConfiguration": { "additionalProperties": false, "properties": { - "AddThingsToThingGroupParams": { - "$ref": "#/definitions/AWS::IoT::MitigationAction.AddThingsToThingGroupParams", - "markdownDescription": "Specifies the group to which you want to add the devices.", - "title": "AddThingsToThingGroupParams" - }, - "EnableIoTLoggingParams": { - "$ref": "#/definitions/AWS::IoT::MitigationAction.EnableIoTLoggingParams", - "markdownDescription": "Specifies the logging level and the role with permissions for logging. You cannot specify a logging level of `DISABLED` .", - "title": "EnableIoTLoggingParams" - }, - "PublishFindingToSnsParams": { - "$ref": "#/definitions/AWS::IoT::MitigationAction.PublishFindingToSnsParams", - "markdownDescription": "Specifies the topic to which the finding should be published.", - "title": "PublishFindingToSnsParams" - }, - "ReplaceDefaultPolicyVersionParams": { - "$ref": "#/definitions/AWS::IoT::MitigationAction.ReplaceDefaultPolicyVersionParams", - "markdownDescription": "Replaces the policy version with a default or blank policy. You specify the template name. Only a value of `BLANK_POLICY` is currently supported.", - "title": "ReplaceDefaultPolicyVersionParams" - }, - "UpdateCACertificateParams": { - "$ref": "#/definitions/AWS::IoT::MitigationAction.UpdateCACertificateParams", - "markdownDescription": "Specifies the new state for the CA certificate. Only a value of `DEACTIVATE` is currently supported.", - "title": "UpdateCACertificateParams" - }, - "UpdateDeviceCertificateParams": { - "$ref": "#/definitions/AWS::IoT::MitigationAction.UpdateDeviceCertificateParams", - "markdownDescription": "Specifies the new state for a device certificate. Only a value of `DEACTIVATE` is currently supported.", - "title": "UpdateDeviceCertificateParams" + "Cost": { + "markdownDescription": "The cost to run your fleet per hour. Amazon GameLift Servers uses the provided cost of your fleet to balance usage in queues. For more information about queues, see [Setting up queues](https://docs.aws.amazon.com/gamelift/latest/developerguide/queues-intro.html) in the *Amazon GameLift Servers Developer Guide* .", + "title": "Cost", + "type": "string" } }, + "required": [ + "Cost" + ], "type": "object" }, - "AWS::IoT::MitigationAction.AddThingsToThingGroupParams": { + "AWS::GameLift::Fleet.CertificateConfiguration": { "additionalProperties": false, "properties": { - "OverrideDynamicGroups": { - "markdownDescription": "Specifies if this mitigation action can move the things that triggered the mitigation action even if they are part of one or more dynamic thing groups.", - "title": "OverrideDynamicGroups", - "type": "boolean" - }, - "ThingGroupNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of groups to which you want to add the things that triggered the mitigation action. You can add a thing to a maximum of 10 groups, but you can't add a thing to more than one group in the same hierarchy.", - "title": "ThingGroupNames", - "type": "array" + "CertificateType": { + "markdownDescription": "Indicates whether a TLS/SSL certificate is generated for a fleet.\n\nValid values include:\n\n- *GENERATED* - Generate a TLS/SSL certificate for this fleet.\n- *DISABLED* - (default) Do not generate a TLS/SSL certificate for this fleet.", + "title": "CertificateType", + "type": "string" } }, "required": [ - "ThingGroupNames" + "CertificateType" ], "type": "object" }, - "AWS::IoT::MitigationAction.EnableIoTLoggingParams": { + "AWS::GameLift::Fleet.IpPermission": { "additionalProperties": false, "properties": { - "LogLevel": { - "markdownDescription": "Specifies the type of information to be logged.", - "title": "LogLevel", + "FromPort": { + "markdownDescription": "A starting value for a range of allowed port numbers.\n\nFor fleets using Linux builds, only ports `22` and `1026-60000` are valid.\n\nFor fleets using Windows builds, only ports `1026-60000` are valid.", + "title": "FromPort", + "type": "number" + }, + "IpRange": { + "markdownDescription": "A range of allowed IP addresses. This value must be expressed in CIDR notation. Example: \" `000.000.000.000/[subnet mask]` \" or optionally the shortened version \" `0.0.0.0/[subnet mask]` \".", + "title": "IpRange", "type": "string" }, - "RoleArnForLogging": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role used for logging.", - "title": "RoleArnForLogging", + "Protocol": { + "markdownDescription": "The network communication protocol used by the fleet.", + "title": "Protocol", "type": "string" + }, + "ToPort": { + "markdownDescription": "An ending value for a range of allowed port numbers. Port numbers are end-inclusive. This value must be equal to or greater than `FromPort` .\n\nFor fleets using Linux builds, only ports `22` and `1026-60000` are valid.\n\nFor fleets using Windows builds, only ports `1026-60000` are valid.", + "title": "ToPort", + "type": "number" } }, "required": [ - "LogLevel", - "RoleArnForLogging" + "FromPort", + "IpRange", + "Protocol", + "ToPort" ], "type": "object" }, - "AWS::IoT::MitigationAction.PublishFindingToSnsParams": { + "AWS::GameLift::Fleet.LocationCapacity": { "additionalProperties": false, "properties": { - "TopicArn": { - "markdownDescription": "The ARN of the topic to which you want to publish the findings.", - "title": "TopicArn", - "type": "string" + "DesiredEC2Instances": { + "markdownDescription": "The number of Amazon EC2 instances you want to maintain in the specified fleet location. This value must fall between the minimum and maximum size limits. Changes in desired instance value can take up to 1 minute to be reflected when viewing the fleet's capacity settings.", + "title": "DesiredEC2Instances", + "type": "number" + }, + "MaxSize": { + "markdownDescription": "The maximum number of instances that are allowed in the specified fleet location. If this parameter is not set, the default is 1.", + "title": "MaxSize", + "type": "number" + }, + "MinSize": { + "markdownDescription": "The minimum number of instances that are allowed in the specified fleet location. If this parameter is not set, the default is 0.", + "title": "MinSize", + "type": "number" } }, "required": [ - "TopicArn" + "DesiredEC2Instances", + "MaxSize", + "MinSize" ], "type": "object" }, - "AWS::IoT::MitigationAction.ReplaceDefaultPolicyVersionParams": { + "AWS::GameLift::Fleet.LocationConfiguration": { "additionalProperties": false, "properties": { - "TemplateName": { - "markdownDescription": "The name of the template to be applied. The only supported value is `BLANK_POLICY` .", - "title": "TemplateName", + "Location": { + "markdownDescription": "An AWS Region code, such as `us-west-2` . For a list of supported Regions and Local Zones, see [Amazon GameLift Servers service locations](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-regions.html) for managed hosting.", + "title": "Location", "type": "string" + }, + "LocationCapacity": { + "$ref": "#/definitions/AWS::GameLift::Fleet.LocationCapacity", + "markdownDescription": "Current resource capacity settings for managed EC2 fleets and managed container fleets. For multi-location fleets, location values might refer to a fleet's remote location or its home Region.\n\n*Returned by:* [DescribeFleetCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetCapacity.html) , [DescribeFleetLocationCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetLocationCapacity.html) , [UpdateFleetCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateFleetCapacity.html)", + "title": "LocationCapacity" } }, "required": [ - "TemplateName" + "Location" ], "type": "object" }, - "AWS::IoT::MitigationAction.UpdateCACertificateParams": { + "AWS::GameLift::Fleet.ResourceCreationLimitPolicy": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The action that you want to apply to the CA certificate. The only supported value is `DEACTIVATE` .", - "title": "Action", + "NewGameSessionsPerCreator": { + "markdownDescription": "A policy that puts limits on the number of game sessions that a player can create within a specified span of time. With this policy, you can control players' ability to consume available resources.\n\nThe policy is evaluated when a player tries to create a new game session. On receiving a `CreateGameSession` request, Amazon GameLift Servers checks that the player (identified by `CreatorId` ) has created fewer than game session limit in the specified time period.", + "title": "NewGameSessionsPerCreator", + "type": "number" + }, + "PolicyPeriodInMinutes": { + "markdownDescription": "The time span used in evaluating the resource creation limit policy.", + "title": "PolicyPeriodInMinutes", + "type": "number" + } + }, + "type": "object" + }, + "AWS::GameLift::Fleet.RuntimeConfiguration": { + "additionalProperties": false, + "properties": { + "GameSessionActivationTimeoutSeconds": { + "markdownDescription": "The maximum amount of time (in seconds) allowed to launch a new game session and have it report ready to host players. During this time, the game session is in status `ACTIVATING` . If the game session does not become active before the timeout, it is ended and the game session status is changed to `TERMINATED` .", + "title": "GameSessionActivationTimeoutSeconds", + "type": "number" + }, + "MaxConcurrentGameSessionActivations": { + "markdownDescription": "The number of game sessions in status `ACTIVATING` to allow on an instance or compute. This setting limits the instance resources that can be used for new game activations at any one time.", + "title": "MaxConcurrentGameSessionActivations", + "type": "number" + }, + "ServerProcesses": { + "items": { + "$ref": "#/definitions/AWS::GameLift::Fleet.ServerProcess" + }, + "markdownDescription": "A collection of server process configurations that identify what server processes to run on fleet computes.", + "title": "ServerProcesses", + "type": "array" + } + }, + "type": "object" + }, + "AWS::GameLift::Fleet.ScalingPolicy": { + "additionalProperties": false, + "properties": { + "ComparisonOperator": { + "markdownDescription": "Comparison operator to use when measuring a metric against the threshold value.", + "title": "ComparisonOperator", + "type": "string" + }, + "EvaluationPeriods": { + "markdownDescription": "Length of time (in minutes) the metric must be at or beyond the threshold before a scaling event is triggered.", + "title": "EvaluationPeriods", + "type": "number" + }, + "Location": { + "markdownDescription": "The fleet location.", + "title": "Location", + "type": "string" + }, + "MetricName": { + "markdownDescription": "Name of the Amazon GameLift Servers-defined metric that is used to trigger a scaling adjustment. For detailed descriptions of fleet metrics, see [Monitor Amazon GameLift Servers with Amazon CloudWatch](https://docs.aws.amazon.com/gamelift/latest/developerguide/monitoring-cloudwatch.html) .\n\n- *ActivatingGameSessions* -- Game sessions in the process of being created.\n- *ActiveGameSessions* -- Game sessions that are currently running.\n- *ActiveInstances* -- Fleet instances that are currently running at least one game session.\n- *AvailableGameSessions* -- Additional game sessions that fleet could host simultaneously, given current capacity.\n- *AvailablePlayerSessions* -- Empty player slots in currently active game sessions. This includes game sessions that are not currently accepting players. Reserved player slots are not included.\n- *CurrentPlayerSessions* -- Player slots in active game sessions that are being used by a player or are reserved for a player.\n- *IdleInstances* -- Active instances that are currently hosting zero game sessions.\n- *PercentAvailableGameSessions* -- Unused percentage of the total number of game sessions that a fleet could host simultaneously, given current capacity. Use this metric for a target-based scaling policy.\n- *PercentIdleInstances* -- Percentage of the total number of active instances that are hosting zero game sessions.\n- *QueueDepth* -- Pending game session placement requests, in any queue, where the current fleet is the top-priority destination.\n- *WaitTime* -- Current wait time for pending game session placement requests, in any queue, where the current fleet is the top-priority destination.", + "title": "MetricName", + "type": "string" + }, + "Name": { + "markdownDescription": "A descriptive label that is associated with a fleet's scaling policy. Policy names do not need to be unique.", + "title": "Name", + "type": "string" + }, + "PolicyType": { + "markdownDescription": "The type of scaling policy to create. For a target-based policy, set the parameter *MetricName* to 'PercentAvailableGameSessions' and specify a *TargetConfiguration* . For a rule-based policy set the following parameters: *MetricName* , *ComparisonOperator* , *Threshold* , *EvaluationPeriods* , *ScalingAdjustmentType* , and *ScalingAdjustment* .", + "title": "PolicyType", + "type": "string" + }, + "ScalingAdjustment": { + "markdownDescription": "Amount of adjustment to make, based on the scaling adjustment type.", + "title": "ScalingAdjustment", + "type": "number" + }, + "ScalingAdjustmentType": { + "markdownDescription": "The type of adjustment to make to a fleet's instance count.\n\n- *ChangeInCapacity* -- add (or subtract) the scaling adjustment value from the current instance count. Positive values scale up while negative values scale down.\n- *ExactCapacity* -- set the instance count to the scaling adjustment value.\n- *PercentChangeInCapacity* -- increase or reduce the current instance count by the scaling adjustment, read as a percentage. Positive values scale up while negative values scale down.", + "title": "ScalingAdjustmentType", + "type": "string" + }, + "Status": { + "markdownDescription": "Current status of the scaling policy. The scaling policy can be in force only when in an `ACTIVE` status. Scaling policies can be suspended for individual fleets. If the policy is suspended for a fleet, the policy status does not change.\n\n- *ACTIVE* -- The scaling policy can be used for auto-scaling a fleet.\n- *UPDATE_REQUESTED* -- A request to update the scaling policy has been received.\n- *UPDATING* -- A change is being made to the scaling policy.\n- *DELETE_REQUESTED* -- A request to delete the scaling policy has been received.\n- *DELETING* -- The scaling policy is being deleted.\n- *DELETED* -- The scaling policy has been deleted.\n- *ERROR* -- An error occurred in creating the policy. It should be removed and recreated.", + "title": "Status", + "type": "string" + }, + "TargetConfiguration": { + "$ref": "#/definitions/AWS::GameLift::Fleet.TargetConfiguration", + "markdownDescription": "An object that contains settings for a target-based scaling policy.", + "title": "TargetConfiguration" + }, + "Threshold": { + "markdownDescription": "Metric value used to trigger a scaling event.", + "title": "Threshold", + "type": "number" + }, + "UpdateStatus": { + "markdownDescription": "The current status of the fleet's scaling policies in a requested fleet location. The status `PENDING_UPDATE` indicates that an update was requested for the fleet but has not yet been completed for the location.", + "title": "UpdateStatus", "type": "string" } }, "required": [ - "Action" + "MetricName", + "Name" ], "type": "object" }, - "AWS::IoT::MitigationAction.UpdateDeviceCertificateParams": { + "AWS::GameLift::Fleet.ServerProcess": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The action that you want to apply to the device certificate. The only supported value is `DEACTIVATE` .", - "title": "Action", + "ConcurrentExecutions": { + "markdownDescription": "The number of server processes using this configuration that run concurrently on each instance or compute.", + "title": "ConcurrentExecutions", + "type": "number" + }, + "LaunchPath": { + "markdownDescription": "The location of a game build executable or Realtime script. Game builds and Realtime scripts are installed on instances at the root:\n\n- Windows (custom game builds only): `C:\\game` . Example: \" `C:\\game\\MyGame\\server.exe` \"\n- Linux: `/local/game` . Examples: \" `/local/game/MyGame/server.exe` \" or \" `/local/game/MyRealtimeScript.js` \"\n\n> Amazon GameLift Servers doesn't support the use of setup scripts that launch the game executable. For custom game builds, this parameter must indicate the executable that calls the server SDK operations `initSDK()` and `ProcessReady()` .", + "title": "LaunchPath", + "type": "string" + }, + "Parameters": { + "markdownDescription": "An optional list of parameters to pass to the server executable or Realtime script on launch.\n\nLength Constraints: Minimum length of 1. Maximum length of 1024.\n\nPattern: [A-Za-z0-9_:.+\\/\\\\\\- =@{},?'\\[\\]\"]+", + "title": "Parameters", "type": "string" } }, "required": [ - "Action" + "ConcurrentExecutions", + "LaunchPath" ], "type": "object" }, - "AWS::IoT::Policy": { + "AWS::GameLift::Fleet.TargetConfiguration": { + "additionalProperties": false, + "properties": { + "TargetValue": { + "markdownDescription": "Desired value to use with a target-based scaling policy. The value must be relevant for whatever metric the scaling policy is using. For example, in a policy using the metric PercentAvailableGameSessions, the target value should be the preferred size of the fleet's buffer (the percent of capacity that should be idle and ready for new game sessions).", + "title": "TargetValue", + "type": "number" + } + }, + "required": [ + "TargetValue" + ], + "type": "object" + }, + "AWS::GameLift::GameServerGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -121999,33 +127415,86 @@ "Properties": { "additionalProperties": false, "properties": { - "PolicyDocument": { - "markdownDescription": "The JSON document that describes the policy.", - "title": "PolicyDocument", - "type": "object" + "AutoScalingPolicy": { + "$ref": "#/definitions/AWS::GameLift::GameServerGroup.AutoScalingPolicy", + "markdownDescription": "Configuration settings to define a scaling policy for the Auto Scaling group that is optimized for game hosting. The scaling policy uses the metric `\"PercentUtilizedGameServers\"` to maintain a buffer of idle game servers that can immediately accommodate new games and players. After the Auto Scaling group is created, update this value directly in the Auto Scaling group using the AWS console or APIs.", + "title": "AutoScalingPolicy" }, - "PolicyName": { - "markdownDescription": "The policy name.", - "title": "PolicyName", - "type": "string" + "BalancingStrategy": { + "markdownDescription": "Indicates how Amazon GameLift Servers FleetIQ balances the use of Spot Instances and On-Demand Instances in the game server group. Method options include the following:\n\n- `SPOT_ONLY` - Only Spot Instances are used in the game server group. If Spot Instances are unavailable or not viable for game hosting, the game server group provides no hosting capacity until Spot Instances can again be used. Until then, no new instances are started, and the existing nonviable Spot Instances are terminated (after current gameplay ends) and are not replaced.\n- `SPOT_PREFERRED` - (default value) Spot Instances are used whenever available in the game server group. If Spot Instances are unavailable, the game server group continues to provide hosting capacity by falling back to On-Demand Instances. Existing nonviable Spot Instances are terminated (after current gameplay ends) and are replaced with new On-Demand Instances.\n- `ON_DEMAND_ONLY` - Only On-Demand Instances are used in the game server group. No Spot Instances are used, even when available, while this balancing strategy is in force.", + "title": "BalancingStrategy", + "type": "string" + }, + "DeleteOption": { + "markdownDescription": "The type of delete to perform. To delete a game server group, specify the `DeleteOption` . Options include the following:\n\n- `SAFE_DELETE` \u2013 (default) Terminates the game server group and Amazon EC2 Auto Scaling group only when it has no game servers that are in `UTILIZED` status.\n- `FORCE_DELETE` \u2013 Terminates the game server group, including all active game servers regardless of their utilization status, and the Amazon EC2 Auto Scaling group.\n- `RETAIN` \u2013 Does a safe delete of the game server group but retains the Amazon EC2 Auto Scaling group as is.", + "title": "DeleteOption", + "type": "string" + }, + "GameServerGroupName": { + "markdownDescription": "A developer-defined identifier for the game server group. The name is unique for each Region in each AWS account.", + "title": "GameServerGroupName", + "type": "string" + }, + "GameServerProtectionPolicy": { + "markdownDescription": "A flag that indicates whether instances in the game server group are protected from early termination. Unprotected instances that have active game servers running might be terminated during a scale-down event, causing players to be dropped from the game. Protected instances cannot be terminated while there are active game servers running except in the event of a forced game server group deletion (see ). An exception to this is with Spot Instances, which can be terminated by AWS regardless of protection status.", + "title": "GameServerProtectionPolicy", + "type": "string" + }, + "InstanceDefinitions": { + "items": { + "$ref": "#/definitions/AWS::GameLift::GameServerGroup.InstanceDefinition" + }, + "markdownDescription": "The set of Amazon EC2 instance types that Amazon GameLift Servers FleetIQ can use when balancing and automatically scaling instances in the corresponding Auto Scaling group.", + "title": "InstanceDefinitions", + "type": "array" + }, + "LaunchTemplate": { + "$ref": "#/definitions/AWS::GameLift::GameServerGroup.LaunchTemplate", + "markdownDescription": "The Amazon EC2 launch template that contains configuration settings and game server code to be deployed to all instances in the game server group. You can specify the template using either the template name or ID. For help with creating a launch template, see [Creating a Launch Template for an Auto Scaling Group](https://docs.aws.amazon.com/autoscaling/ec2/userguide/create-launch-template.html) in the *Amazon Elastic Compute Cloud Auto Scaling User Guide* . After the Auto Scaling group is created, update this value directly in the Auto Scaling group using the AWS console or APIs.\n\n> If you specify network interfaces in your launch template, you must explicitly set the property `AssociatePublicIpAddress` to \"true\". If no network interface is specified in the launch template, Amazon GameLift Servers FleetIQ uses your account's default VPC.", + "title": "LaunchTemplate" + }, + "MaxSize": { + "markdownDescription": "The maximum number of instances allowed in the Amazon EC2 Auto Scaling group. During automatic scaling events, Amazon GameLift Servers FleetIQ and EC2 do not scale up the group above this maximum. After the Auto Scaling group is created, update this value directly in the Auto Scaling group using the AWS console or APIs.", + "title": "MaxSize", + "type": "number" + }, + "MinSize": { + "markdownDescription": "The minimum number of instances allowed in the Amazon EC2 Auto Scaling group. During automatic scaling events, Amazon GameLift Servers FleetIQ and Amazon EC2 do not scale down the group below this minimum. In production, this value should be set to at least 1. After the Auto Scaling group is created, update this value directly in the Auto Scaling group using the AWS console or APIs.", + "title": "MinSize", + "type": "number" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name ( [ARN](https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-arn-format.html) ) for an IAM role that allows Amazon GameLift Servers to access your Amazon EC2 Auto Scaling groups.", + "title": "RoleArn", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "", + "markdownDescription": "A list of labels to assign to the new game server group resource. Tags are developer-defined key-value pairs. Tagging AWS resources is useful for resource management, access management, and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference* . Once the resource is created, you can use TagResource, UntagResource, and ListTagsForResource to add, remove, and view tags, respectively. The maximum tag limit may be lower than stated. See the AWS General Reference for actual tagging limits.", "title": "Tags", "type": "array" + }, + "VpcSubnets": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of virtual private cloud (VPC) subnets to use with instances in the game server group. By default, all Amazon GameLift Servers FleetIQ-supported Availability Zones are used. You can use this parameter to specify VPCs that you've set up. This property cannot be updated after the game server group is created, and the corresponding Auto Scaling group will always use the property value that is set with this request, even if the Auto Scaling group is updated directly.", + "title": "VpcSubnets", + "type": "array" } }, "required": [ - "PolicyDocument" + "GameServerGroupName", + "InstanceDefinitions", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::Policy" + "AWS::GameLift::GameServerGroup" ], "type": "string" }, @@ -122044,80 +127513,80 @@ ], "type": "object" }, - "AWS::IoT::PolicyPrincipalAttachment": { + "AWS::GameLift::GameServerGroup.AutoScalingPolicy": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "EstimatedInstanceWarmup": { + "markdownDescription": "Length of time, in seconds, it takes for a new instance to start new game server processes and register with Amazon GameLift Servers FleetIQ. Specifying a warm-up time can be useful, particularly with game servers that take a long time to start up, because it avoids prematurely starting new instances.", + "title": "EstimatedInstanceWarmup", + "type": "number" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TargetTrackingConfiguration": { + "$ref": "#/definitions/AWS::GameLift::GameServerGroup.TargetTrackingConfiguration", + "markdownDescription": "Settings for a target-based scaling policy applied to Auto Scaling group. These settings are used to create a target-based policy that tracks the GameLift FleetIQ metric `PercentUtilizedGameServers` and specifies a target value for the metric. As player usage changes, the policy triggers to adjust the game server group capacity so that the metric returns to the target value.", + "title": "TargetTrackingConfiguration" + } + }, + "required": [ + "TargetTrackingConfiguration" + ], + "type": "object" + }, + "AWS::GameLift::GameServerGroup.InstanceDefinition": { + "additionalProperties": false, + "properties": { + "InstanceType": { + "markdownDescription": "An Amazon EC2 instance type designation.", + "title": "InstanceType", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "PolicyName": { - "markdownDescription": "The name of the AWS IoT policy.", - "title": "PolicyName", - "type": "string" - }, - "Principal": { - "markdownDescription": "The principal, which can be a certificate ARN (as returned from the `CreateCertificate` operation) or an Amazon Cognito ID.", - "title": "Principal", - "type": "string" - } - }, - "required": [ - "PolicyName", - "Principal" - ], - "type": "object" + "WeightedCapacity": { + "markdownDescription": "Instance weighting that indicates how much this instance type contributes to the total capacity of a game server group. Instance weights are used by Amazon GameLift Servers FleetIQ to calculate the instance type's cost per unit hour and better identify the most cost-effective options. For detailed information on weighting instance capacity, see [Instance Weighting](https://docs.aws.amazon.com/autoscaling/ec2/userguide/asg-instance-weighting.html) in the *Amazon Elastic Compute Cloud Auto Scaling User Guide* . Default value is \"1\".", + "title": "WeightedCapacity", + "type": "string" + } + }, + "required": [ + "InstanceType" + ], + "type": "object" + }, + "AWS::GameLift::GameServerGroup.LaunchTemplate": { + "additionalProperties": false, + "properties": { + "LaunchTemplateId": { + "markdownDescription": "A unique identifier for an existing Amazon EC2 launch template.", + "title": "LaunchTemplateId", + "type": "string" }, - "Type": { - "enum": [ - "AWS::IoT::PolicyPrincipalAttachment" - ], + "LaunchTemplateName": { + "markdownDescription": "A readable identifier for an existing Amazon EC2 launch template.", + "title": "LaunchTemplateName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Version": { + "markdownDescription": "The version of the Amazon EC2 launch template to use. If no version is specified, the default version will be used. With Amazon EC2, you can specify a default version for a launch template. If none is set, the default is the first version created.", + "title": "Version", "type": "string" } }, + "type": "object" + }, + "AWS::GameLift::GameServerGroup.TargetTrackingConfiguration": { + "additionalProperties": false, + "properties": { + "TargetValue": { + "markdownDescription": "Desired value to use with a game server group target-based scaling policy.", + "title": "TargetValue", + "type": "number" + } + }, "required": [ - "Type", - "Properties" + "TargetValue" ], "type": "object" }, - "AWS::IoT::ProvisioningTemplate": { + "AWS::GameLift::GameSessionQueue": { "additionalProperties": false, "properties": { "Condition": { @@ -122152,59 +127621,69 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the fleet provisioning template.", - "title": "Description", + "CustomEventData": { + "markdownDescription": "Information to be added to all events that are related to this game session queue.", + "title": "CustomEventData", "type": "string" }, - "Enabled": { - "markdownDescription": "True to enable the fleet provisioning template, otherwise false.", - "title": "Enabled", - "type": "boolean" + "Destinations": { + "items": { + "$ref": "#/definitions/AWS::GameLift::GameSessionQueue.GameSessionQueueDestination" + }, + "markdownDescription": "A list of fleets and/or fleet aliases that can be used to fulfill game session placement requests in the queue. Destinations are identified by either a fleet ARN or a fleet alias ARN, and are listed in order of placement preference.", + "title": "Destinations", + "type": "array" }, - "PreProvisioningHook": { - "$ref": "#/definitions/AWS::IoT::ProvisioningTemplate.ProvisioningHook", - "markdownDescription": "Creates a pre-provisioning hook template.", - "title": "PreProvisioningHook" + "FilterConfiguration": { + "$ref": "#/definitions/AWS::GameLift::GameSessionQueue.FilterConfiguration", + "markdownDescription": "A list of locations where a queue is allowed to place new game sessions. Locations are specified in the form of AWS Region codes, such as `us-west-2` . If this parameter is not set, game sessions can be placed in any queue location.", + "title": "FilterConfiguration" }, - "ProvisioningRoleArn": { - "markdownDescription": "The role ARN for the role associated with the fleet provisioning template. This IoT role grants permission to provision a device.", - "title": "ProvisioningRoleArn", + "Name": { + "markdownDescription": "A descriptive label that is associated with game session queue. Queue names must be unique within each Region.", + "title": "Name", + "type": "string" + }, + "NotificationTarget": { + "markdownDescription": "An SNS topic ARN that is set up to receive game session placement notifications. See [Setting up notifications for game session placement](https://docs.aws.amazon.com/gamelift/latest/developerguide/queue-notification.html) .", + "title": "NotificationTarget", "type": "string" }, + "PlayerLatencyPolicies": { + "items": { + "$ref": "#/definitions/AWS::GameLift::GameSessionQueue.PlayerLatencyPolicy" + }, + "markdownDescription": "A set of policies that enforce a sliding cap on player latency when processing game sessions placement requests. Use multiple policies to gradually relax the cap over time if Amazon GameLift Servers can't make a placement. Policies are evaluated in order starting with the lowest maximum latency value.", + "title": "PlayerLatencyPolicies", + "type": "array" + }, + "PriorityConfiguration": { + "$ref": "#/definitions/AWS::GameLift::GameSessionQueue.PriorityConfiguration", + "markdownDescription": "Custom settings to use when prioritizing destinations and locations for game session placements. This configuration replaces the FleetIQ default prioritization process. Priority types that are not explicitly named will be automatically applied at the end of the prioritization process.", + "title": "PriorityConfiguration" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata that can be used to manage the fleet provisioning template.", + "markdownDescription": "A list of labels to assign to the new game session queue resource. Tags are developer-defined key-value pairs. Tagging AWS resources are useful for resource management, access management and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference* . Once the resource is created, you can use TagResource, UntagResource, and ListTagsForResource to add, remove, and view tags. The maximum tag limit may be lower than stated. See the AWS General Reference for actual tagging limits.", "title": "Tags", "type": "array" }, - "TemplateBody": { - "markdownDescription": "The JSON formatted contents of the fleet provisioning template version.", - "title": "TemplateBody", - "type": "string" - }, - "TemplateName": { - "markdownDescription": "The name of the fleet provisioning template.", - "title": "TemplateName", - "type": "string" - }, - "TemplateType": { - "markdownDescription": "The type of the provisioning template.", - "title": "TemplateType", - "type": "string" + "TimeoutInSeconds": { + "markdownDescription": "The maximum time, in seconds, that a new game session placement request remains in the queue. When a request exceeds this time, the game session placement changes to a `TIMED_OUT` status. If you don't specify a request timeout, the queue uses a default value.", + "title": "TimeoutInSeconds", + "type": "number" } }, "required": [ - "ProvisioningRoleArn", - "TemplateBody" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::ProvisioningTemplate" + "AWS::GameLift::GameSessionQueue" ], "type": "string" }, @@ -122223,23 +127702,70 @@ ], "type": "object" }, - "AWS::IoT::ProvisioningTemplate.ProvisioningHook": { + "AWS::GameLift::GameSessionQueue.FilterConfiguration": { "additionalProperties": false, "properties": { - "PayloadVersion": { - "markdownDescription": "The payload that was sent to the target function. The valid payload is `\"2020-04-01\"` .", - "title": "PayloadVersion", + "AllowedLocations": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of locations to allow game session placement in, in the form of AWS Region codes such as `us-west-2` .", + "title": "AllowedLocations", + "type": "array" + } + }, + "type": "object" + }, + "AWS::GameLift::GameSessionQueue.GameSessionQueueDestination": { + "additionalProperties": false, + "properties": { + "DestinationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that is assigned to fleet or fleet alias. ARNs, which include a fleet ID or alias ID and a Region name, provide a unique identifier across all Regions.", + "title": "DestinationArn", "type": "string" + } + }, + "type": "object" + }, + "AWS::GameLift::GameSessionQueue.PlayerLatencyPolicy": { + "additionalProperties": false, + "properties": { + "MaximumIndividualPlayerLatencyMilliseconds": { + "markdownDescription": "The maximum latency value that is allowed for any player, in milliseconds. All policies must have a value set for this property.", + "title": "MaximumIndividualPlayerLatencyMilliseconds", + "type": "number" }, - "TargetArn": { - "markdownDescription": "The ARN of the target function.", - "title": "TargetArn", - "type": "string" + "PolicyDurationSeconds": { + "markdownDescription": "The length of time, in seconds, that the policy is enforced while placing a new game session. A null value for this property means that the policy is enforced until the queue times out.", + "title": "PolicyDurationSeconds", + "type": "number" } }, "type": "object" }, - "AWS::IoT::ResourceSpecificLogging": { + "AWS::GameLift::GameSessionQueue.PriorityConfiguration": { + "additionalProperties": false, + "properties": { + "LocationOrder": { + "items": { + "type": "string" + }, + "markdownDescription": "The prioritization order to use for fleet locations, when the `PriorityOrder` property includes `LOCATION` . Locations can include AWS Region codes (such as `us-west-2` ), local zones, and custom locations (for Anywhere fleets). Each location must be listed only once. For details, see [Amazon GameLift Servers service locations.](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-regions.html)", + "title": "LocationOrder", + "type": "array" + }, + "PriorityOrder": { + "items": { + "type": "string" + }, + "markdownDescription": "A custom sequence to use when prioritizing where to place new game sessions. Each priority type is listed once.\n\n- `LATENCY` -- Amazon GameLift Servers prioritizes locations where the average player latency is lowest. Player latency data is provided in each game session placement request.\n- `COST` -- Amazon GameLift Servers prioritizes queue destinations with the lowest current hosting costs. Cost is evaluated based on the destination's location, instance type, and fleet type (Spot or On-Demand).\n- `DESTINATION` -- Amazon GameLift Servers prioritizes based on the list order of destinations in the queue configuration.\n- `LOCATION` -- Amazon GameLift Servers prioritizes based on the provided order of locations, as defined in `LocationOrder` .", + "title": "PriorityOrder", + "type": "array" + } + }, + "type": "object" + }, + "AWS::GameLift::Location": { "additionalProperties": false, "properties": { "Condition": { @@ -122274,32 +127800,28 @@ "Properties": { "additionalProperties": false, "properties": { - "LogLevel": { - "markdownDescription": "The default log level.Valid Values: `DEBUG | INFO | ERROR | WARN | DISABLED`", - "title": "LogLevel", - "type": "string" - }, - "TargetName": { - "markdownDescription": "The target name.", - "title": "TargetName", + "LocationName": { + "markdownDescription": "A descriptive name for the custom location.", + "title": "LocationName", "type": "string" }, - "TargetType": { - "markdownDescription": "The target type. Valid Values: `DEFAULT | THING_GROUP`", - "title": "TargetType", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of labels to assign to the new resource. Tags are developer-defined key-value pairs. Tagging AWS resources are useful for resource management, access management, and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Rareference* .", + "title": "Tags", + "type": "array" } }, "required": [ - "LogLevel", - "TargetName", - "TargetType" + "LocationName" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::ResourceSpecificLogging" + "AWS::GameLift::Location" ], "type": "string" }, @@ -122318,7 +127840,7 @@ ], "type": "object" }, - "AWS::IoT::RoleAlias": { + "AWS::GameLift::MatchmakingConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -122353,38 +127875,112 @@ "Properties": { "additionalProperties": false, "properties": { - "CredentialDurationSeconds": { - "markdownDescription": "The number of seconds for which the credential is valid.", - "title": "CredentialDurationSeconds", + "AcceptanceRequired": { + "markdownDescription": "A flag that determines whether a match that was created with this configuration must be accepted by the matched players. To require acceptance, set to `TRUE` . With this option enabled, matchmaking tickets use the status `REQUIRES_ACCEPTANCE` to indicate when a completed potential match is waiting for player acceptance.", + "title": "AcceptanceRequired", + "type": "boolean" + }, + "AcceptanceTimeoutSeconds": { + "markdownDescription": "The length of time (in seconds) to wait for players to accept a proposed match, if acceptance is required.", + "title": "AcceptanceTimeoutSeconds", "type": "number" }, - "RoleAlias": { - "markdownDescription": "The role alias.", - "title": "RoleAlias", + "AdditionalPlayerCount": { + "markdownDescription": "The number of player slots in a match to keep open for future players. For example, if the configuration's rule set specifies a match for a single 12-person team, and the additional player count is set to 2, only 10 players are selected for the match. This parameter is not used if `FlexMatchMode` is set to `STANDALONE` .", + "title": "AdditionalPlayerCount", + "type": "number" + }, + "BackfillMode": { + "markdownDescription": "The method used to backfill game sessions that are created with this matchmaking configuration. Specify `MANUAL` when your game manages backfill requests manually or does not use the match backfill feature. Specify `AUTOMATIC` to have GameLift create a `StartMatchBackfill` request whenever a game session has one or more open slots. Learn more about manual and automatic backfill in [Backfill Existing Games with FlexMatch](https://docs.aws.amazon.com/gamelift/latest/flexmatchguide/match-backfill.html) . Automatic backfill is not available when `FlexMatchMode` is set to `STANDALONE` .", + "title": "BackfillMode", "type": "string" }, - "RoleArn": { - "markdownDescription": "The role ARN.", - "title": "RoleArn", + "CreationTime": { + "markdownDescription": "A time stamp indicating when this data object was created. Format is a number expressed in Unix time as milliseconds (for example `\"1469498468.057\"` ).", + "title": "CreationTime", + "type": "string" + }, + "CustomEventData": { + "markdownDescription": "Information to add to all events related to the matchmaking configuration.", + "title": "CustomEventData", + "type": "string" + }, + "Description": { + "markdownDescription": "A description for the matchmaking configuration.", + "title": "Description", + "type": "string" + }, + "FlexMatchMode": { + "markdownDescription": "Indicates whether this matchmaking configuration is being used with Amazon GameLift Servers hosting or as a standalone matchmaking solution.\n\n- *STANDALONE* - FlexMatch forms matches and returns match information, including players and team assignments, in a [MatchmakingSucceeded](https://docs.aws.amazon.com/gamelift/latest/flexmatchguide/match-events.html#match-events-matchmakingsucceeded) event.\n- *WITH_QUEUE* - FlexMatch forms matches and uses the specified Amazon GameLift Servers queue to start a game session for the match.", + "title": "FlexMatchMode", + "type": "string" + }, + "GameProperties": { + "items": { + "$ref": "#/definitions/AWS::GameLift::MatchmakingConfiguration.GameProperty" + }, + "markdownDescription": "A set of custom properties for a game session, formatted as key-value pairs. These properties are passed to a game server process with a request to start a new game session. See [Start a Game Session](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-sdk-server-api.html#gamelift-sdk-server-startsession) . This parameter is not used if `FlexMatchMode` is set to `STANDALONE` .", + "title": "GameProperties", + "type": "array" + }, + "GameSessionData": { + "markdownDescription": "A set of custom game session properties, formatted as a single string value. This data is passed to a game server process with a request to start a new game session. See [Start a Game Session](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-sdk-server-api.html#gamelift-sdk-server-startsession) . This parameter is not used if `FlexMatchMode` is set to `STANDALONE` .", + "title": "GameSessionData", + "type": "string" + }, + "GameSessionQueueArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Name ( [ARN](https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-arn-format.html) ) that is assigned to a Amazon GameLift Servers game session queue resource and uniquely identifies it. ARNs are unique across all Regions. Format is `arn:aws:gamelift:::gamesessionqueue/` . Queues can be located in any Region. Queues are used to start new Amazon GameLift Servers-hosted game sessions for matches that are created with this matchmaking configuration. If `FlexMatchMode` is set to `STANDALONE` , do not set this parameter.", + "title": "GameSessionQueueArns", + "type": "array" + }, + "Name": { + "markdownDescription": "A unique identifier for the matchmaking configuration. This name is used to identify the configuration associated with a matchmaking request or ticket.", + "title": "Name", + "type": "string" + }, + "NotificationTarget": { + "markdownDescription": "An SNS topic ARN that is set up to receive matchmaking notifications. See [Setting up notifications for matchmaking](https://docs.aws.amazon.com/gamelift/latest/flexmatchguide/match-notification.html) for more information.", + "title": "NotificationTarget", + "type": "string" + }, + "RequestTimeoutSeconds": { + "markdownDescription": "The maximum duration, in seconds, that a matchmaking ticket can remain in process before timing out. Requests that fail due to timing out can be resubmitted as needed.", + "title": "RequestTimeoutSeconds", + "type": "number" + }, + "RuleSetArn": { + "markdownDescription": "The Amazon Resource Name ( [ARN](https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-arn-format.html) ) associated with the GameLift matchmaking rule set resource that this configuration uses.", + "title": "RuleSetArn", + "type": "string" + }, + "RuleSetName": { + "markdownDescription": "A unique identifier for the matchmaking rule set to use with this configuration. You can use either the rule set name or ARN value. A matchmaking configuration can only use rule sets that are defined in the same Region.", + "title": "RuleSetName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "A list of labels to assign to the new matchmaking configuration resource. Tags are developer-defined key-value pairs. Tagging AWS resources are useful for resource management, access management and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference* . Once the resource is created, you can use TagResource, UntagResource, and ListTagsForResource to add, remove, and view tags. The maximum tag limit may be lower than stated. See the AWS General Reference for actual tagging limits.", "title": "Tags", "type": "array" } }, "required": [ - "RoleArn" + "AcceptanceRequired", + "Name", + "RequestTimeoutSeconds", + "RuleSetName" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::RoleAlias" + "AWS::GameLift::MatchmakingConfiguration" ], "type": "string" }, @@ -122403,7 +127999,27 @@ ], "type": "object" }, - "AWS::IoT::ScheduledAudit": { + "AWS::GameLift::MatchmakingConfiguration.GameProperty": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The game property identifier.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The game property value.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::GameLift::MatchmakingRuleSet": { "additionalProperties": false, "properties": { "Condition": { @@ -122438,52 +128054,34 @@ "Properties": { "additionalProperties": false, "properties": { - "DayOfMonth": { - "markdownDescription": "The day of the month on which the scheduled audit is run (if the `frequency` is \"MONTHLY\"). If days 29-31 are specified, and the month does not have that many days, the audit takes place on the \"LAST\" day of the month.", - "title": "DayOfMonth", - "type": "string" - }, - "DayOfWeek": { - "markdownDescription": "The day of the week on which the scheduled audit is run (if the `frequency` is \"WEEKLY\" or \"BIWEEKLY\").", - "title": "DayOfWeek", - "type": "string" - }, - "Frequency": { - "markdownDescription": "How often the scheduled audit occurs.", - "title": "Frequency", + "Name": { + "markdownDescription": "A unique identifier for the matchmaking rule set. A matchmaking configuration identifies the rule set it uses by this name value. Note that the rule set name is different from the optional `name` field in the rule set body.", + "title": "Name", "type": "string" }, - "ScheduledAuditName": { - "markdownDescription": "The name of the scheduled audit.", - "title": "ScheduledAuditName", + "RuleSetBody": { + "markdownDescription": "A collection of matchmaking rules, formatted as a JSON string. Comments are not allowed in JSON, but most elements support a description field.", + "title": "RuleSetBody", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata that can be used to manage the scheduled audit.", + "markdownDescription": "A list of labels to assign to the new matchmaking rule set resource. Tags are developer-defined key-value pairs. Tagging AWS resources are useful for resource management, access management and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference* . Once the resource is created, you can use TagResource, UntagResource, and ListTagsForResource to add, remove, and view tags. The maximum tag limit may be lower than stated. See the AWS General Reference for actual tagging limits.", "title": "Tags", "type": "array" - }, - "TargetCheckNames": { - "items": { - "type": "string" - }, - "markdownDescription": "Which checks are performed during the scheduled audit. Checks must be enabled for your account. (Use `DescribeAccountAuditConfiguration` to see the list of all checks, including those that are enabled or use `UpdateAccountAuditConfiguration` to select which checks are enabled.)\n\nThe following checks are currently available:\n\n- `AUTHENTICATED_COGNITO_ROLE_OVERLY_PERMISSIVE_CHECK`\n- `CA_CERTIFICATE_EXPIRING_CHECK`\n- `CA_CERTIFICATE_KEY_QUALITY_CHECK`\n- `CONFLICTING_CLIENT_IDS_CHECK`\n- `DEVICE_CERTIFICATE_EXPIRING_CHECK`\n- `DEVICE_CERTIFICATE_KEY_QUALITY_CHECK`\n- `DEVICE_CERTIFICATE_SHARED_CHECK`\n- `IOT_POLICY_OVERLY_PERMISSIVE_CHECK`\n- `IOT_ROLE_ALIAS_ALLOWS_ACCESS_TO_UNUSED_SERVICES_CHECK`\n- `IOT_ROLE_ALIAS_OVERLY_PERMISSIVE_CHECK`\n- `LOGGING_DISABLED_CHECK`\n- `REVOKED_CA_CERTIFICATE_STILL_ACTIVE_CHECK`\n- `REVOKED_DEVICE_CERTIFICATE_STILL_ACTIVE_CHECK`\n- `UNAUTHENTICATED_COGNITO_ROLE_OVERLY_PERMISSIVE_CHECK`", - "title": "TargetCheckNames", - "type": "array" } }, "required": [ - "Frequency", - "TargetCheckNames" + "Name", + "RuleSetBody" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::ScheduledAudit" + "AWS::GameLift::MatchmakingRuleSet" ], "type": "string" }, @@ -122502,7 +128100,7 @@ ], "type": "object" }, - "AWS::IoT::SecurityProfile": { + "AWS::GameLift::Script": { "additionalProperties": false, "properties": { "Condition": { @@ -122537,70 +128135,38 @@ "Properties": { "additionalProperties": false, "properties": { - "AdditionalMetricsToRetainV2": { - "items": { - "$ref": "#/definitions/AWS::IoT::SecurityProfile.MetricToRetain" - }, - "markdownDescription": "A list of metrics whose data is retained (stored). By default, data is retained for any metric used in the profile's `behaviors` , but it's also retained for any metric specified here. Can be used with custom metrics; can't be used with dimensions.", - "title": "AdditionalMetricsToRetainV2", - "type": "array" - }, - "AlertTargets": { - "additionalProperties": false, - "markdownDescription": "Specifies the destinations to which alerts are sent. (Alerts are always sent to the console.) Alerts are generated when a device (thing) violates a behavior.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::IoT::SecurityProfile.AlertTarget" - } - }, - "title": "AlertTargets", - "type": "object" - }, - "Behaviors": { - "items": { - "$ref": "#/definitions/AWS::IoT::SecurityProfile.Behavior" - }, - "markdownDescription": "Specifies the behaviors that, when violated by a device (thing), cause an alert.", - "title": "Behaviors", - "type": "array" - }, - "MetricsExportConfig": { - "$ref": "#/definitions/AWS::IoT::SecurityProfile.MetricsExportConfig", - "markdownDescription": "Specifies the MQTT topic and role ARN required for metric export.", - "title": "MetricsExportConfig" - }, - "SecurityProfileDescription": { - "markdownDescription": "A description of the security profile.", - "title": "SecurityProfileDescription", + "Name": { + "markdownDescription": "A descriptive label that is associated with a script. Script names do not need to be unique.", + "title": "Name", "type": "string" }, - "SecurityProfileName": { - "markdownDescription": "The name you gave to the security profile.", - "title": "SecurityProfileName", - "type": "string" + "StorageLocation": { + "$ref": "#/definitions/AWS::GameLift::Script.S3Location", + "markdownDescription": "The location of the Amazon S3 bucket where a zipped file containing your Realtime scripts is stored. The storage location must specify the Amazon S3 bucket name, the zip file name (the \"key\"), and a role ARN that allows Amazon GameLift Servers to access the Amazon S3 storage location. The S3 bucket must be in the same Region where you want to create a new script. By default, Amazon GameLift Servers uploads the latest version of the zip file; if you have S3 object versioning turned on, you can use the `ObjectVersion` parameter to specify an earlier version.", + "title": "StorageLocation" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata that can be used to manage the security profile.", + "markdownDescription": "A list of labels to assign to the new script resource. Tags are developer-defined key-value pairs. Tagging AWS resources are useful for resource management, access management and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference* . Once the resource is created, you can use TagResource, UntagResource, and ListTagsForResource to add, remove, and view tags. The maximum tag limit may be lower than stated. See the AWS General Reference for actual tagging limits.", "title": "Tags", "type": "array" }, - "TargetArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The ARN of the target (thing group) to which the security profile is attached.", - "title": "TargetArns", - "type": "array" + "Version": { + "markdownDescription": "The version that is associated with a build or script. Version strings do not need to be unique.", + "title": "Version", + "type": "string" } }, + "required": [ + "StorageLocation" + ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::SecurityProfile" + "AWS::GameLift::Script" ], "type": "string" }, @@ -122614,244 +128180,43 @@ } }, "required": [ - "Type" - ], - "type": "object" - }, - "AWS::IoT::SecurityProfile.AlertTarget": { - "additionalProperties": false, - "properties": { - "AlertTargetArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the notification target to which alerts are sent.", - "title": "AlertTargetArn", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN of the role that grants permission to send alerts to the notification target.", - "title": "RoleArn", - "type": "string" - } - }, - "required": [ - "AlertTargetArn", - "RoleArn" - ], - "type": "object" - }, - "AWS::IoT::SecurityProfile.Behavior": { - "additionalProperties": false, - "properties": { - "Criteria": { - "$ref": "#/definitions/AWS::IoT::SecurityProfile.BehaviorCriteria", - "markdownDescription": "The criteria that determine if a device is behaving normally in regard to the `metric` .\n\n> In the AWS IoT console, you can choose to be sent an alert through Amazon SNS when AWS IoT Device Defender detects that a device is behaving anomalously.", - "title": "Criteria" - }, - "ExportMetric": { - "markdownDescription": "Value indicates exporting metrics related to the behavior when it is true.", - "title": "ExportMetric", - "type": "boolean" - }, - "Metric": { - "markdownDescription": "What is measured by the behavior.", - "title": "Metric", - "type": "string" - }, - "MetricDimension": { - "$ref": "#/definitions/AWS::IoT::SecurityProfile.MetricDimension", - "markdownDescription": "The dimension of the metric.", - "title": "MetricDimension" - }, - "Name": { - "markdownDescription": "The name you've given to the behavior.", - "title": "Name", - "type": "string" - }, - "SuppressAlerts": { - "markdownDescription": "The alert status. If you set the value to `true` , alerts will be suppressed.", - "title": "SuppressAlerts", - "type": "boolean" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "AWS::IoT::SecurityProfile.BehaviorCriteria": { - "additionalProperties": false, - "properties": { - "ComparisonOperator": { - "markdownDescription": "The operator that relates the thing measured ( `metric` ) to the criteria (containing a `value` or `statisticalThreshold` ). Valid operators include:\n\n- `string-list` : `in-set` and `not-in-set`\n- `number-list` : `in-set` and `not-in-set`\n- `ip-address-list` : `in-cidr-set` and `not-in-cidr-set`\n- `number` : `less-than` , `less-than-equals` , `greater-than` , and `greater-than-equals`", - "title": "ComparisonOperator", - "type": "string" - }, - "ConsecutiveDatapointsToAlarm": { - "markdownDescription": "If a device is in violation of the behavior for the specified number of consecutive datapoints, an alarm occurs. If not specified, the default is 1.", - "title": "ConsecutiveDatapointsToAlarm", - "type": "number" - }, - "ConsecutiveDatapointsToClear": { - "markdownDescription": "If an alarm has occurred and the offending device is no longer in violation of the behavior for the specified number of consecutive datapoints, the alarm is cleared. If not specified, the default is 1.", - "title": "ConsecutiveDatapointsToClear", - "type": "number" - }, - "DurationSeconds": { - "markdownDescription": "Use this to specify the time duration over which the behavior is evaluated, for those criteria that have a time dimension (for example, `NUM_MESSAGES_SENT` ). For a `statisticalThreshhold` metric comparison, measurements from all devices are accumulated over this time duration before being used to calculate percentiles, and later, measurements from an individual device are also accumulated over this time duration before being given a percentile rank. Cannot be used with list-based metric datatypes.", - "title": "DurationSeconds", - "type": "number" - }, - "MlDetectionConfig": { - "$ref": "#/definitions/AWS::IoT::SecurityProfile.MachineLearningDetectionConfig", - "markdownDescription": "The confidence level of the detection model.", - "title": "MlDetectionConfig" - }, - "StatisticalThreshold": { - "$ref": "#/definitions/AWS::IoT::SecurityProfile.StatisticalThreshold", - "markdownDescription": "A statistical ranking (percentile)that indicates a threshold value by which a behavior is determined to be in compliance or in violation of the behavior.", - "title": "StatisticalThreshold" - }, - "Value": { - "$ref": "#/definitions/AWS::IoT::SecurityProfile.MetricValue", - "markdownDescription": "The value to be compared with the `metric` .", - "title": "Value" - } - }, - "type": "object" - }, - "AWS::IoT::SecurityProfile.MachineLearningDetectionConfig": { - "additionalProperties": false, - "properties": { - "ConfidenceLevel": { - "markdownDescription": "The model confidence level.\n\nThere are three levels of confidence, `\"high\"` , `\"medium\"` , and `\"low\"` .\n\nThe higher the confidence level, the lower the sensitivity, and the lower the alarm frequency will be.", - "title": "ConfidenceLevel", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoT::SecurityProfile.MetricDimension": { - "additionalProperties": false, - "properties": { - "DimensionName": { - "markdownDescription": "The name of the dimension.", - "title": "DimensionName", - "type": "string" - }, - "Operator": { - "markdownDescription": "Operators are constructs that perform logical operations. Valid values are `IN` and `NOT_IN` .", - "title": "Operator", - "type": "string" - } - }, - "required": [ - "DimensionName" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoT::SecurityProfile.MetricToRetain": { + "AWS::GameLift::Script.S3Location": { "additionalProperties": false, "properties": { - "ExportMetric": { - "markdownDescription": "The value indicates exporting metrics related to the `MetricToRetain` when it's true.", - "title": "ExportMetric", - "type": "boolean" - }, - "Metric": { - "markdownDescription": "A standard of measurement.", - "title": "Metric", + "Bucket": { + "markdownDescription": "An Amazon S3 bucket identifier. Thename of the S3 bucket.\n\n> Amazon GameLift Servers doesn't support uploading from Amazon S3 buckets with names that contain a dot (.).", + "title": "Bucket", "type": "string" }, - "MetricDimension": { - "$ref": "#/definitions/AWS::IoT::SecurityProfile.MetricDimension", - "markdownDescription": "The dimension of the metric.", - "title": "MetricDimension" - } - }, - "required": [ - "Metric" - ], - "type": "object" - }, - "AWS::IoT::SecurityProfile.MetricValue": { - "additionalProperties": false, - "properties": { - "Cidrs": { - "items": { - "type": "string" - }, - "markdownDescription": "If the `comparisonOperator` calls for a set of CIDRs, use this to specify that set to be compared with the `metric` .", - "title": "Cidrs", - "type": "array" - }, - "Count": { - "markdownDescription": "If the `comparisonOperator` calls for a numeric value, use this to specify that numeric value to be compared with the `metric` .", - "title": "Count", + "Key": { + "markdownDescription": "The name of the zip file that contains the build files or script files.", + "title": "Key", "type": "string" }, - "Number": { - "markdownDescription": "The numeric values of a metric.", - "title": "Number", - "type": "number" - }, - "Numbers": { - "items": { - "type": "number" - }, - "markdownDescription": "The numeric value of a metric.", - "title": "Numbers", - "type": "array" - }, - "Ports": { - "items": { - "type": "number" - }, - "markdownDescription": "If the `comparisonOperator` calls for a set of ports, use this to specify that set to be compared with the `metric` .", - "title": "Ports", - "type": "array" - }, - "Strings": { - "items": { - "type": "string" - }, - "markdownDescription": "The string values of a metric.", - "title": "Strings", - "type": "array" - } - }, - "type": "object" - }, - "AWS::IoT::SecurityProfile.MetricsExportConfig": { - "additionalProperties": false, - "properties": { - "MqttTopic": { - "markdownDescription": "The MQTT topic that Device Defender Detect should publish messages to for metrics export.", - "title": "MqttTopic", + "ObjectVersion": { + "markdownDescription": "The version of the file, if object versioning is turned on for the bucket. Amazon GameLift Servers uses this information when retrieving files from an S3 bucket that you own. Use this parameter to specify a specific version of the file. If not set, the latest version of the file is retrieved.", + "title": "ObjectVersion", "type": "string" }, "RoleArn": { - "markdownDescription": "This role ARN has permission to publish MQTT messages, after which Device Defender Detect can assume the role and publish messages on your behalf.", + "markdownDescription": "The Amazon Resource Name ( [ARN](https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-arn-format.html) ) for an IAM role that allows Amazon GameLift Servers to access the S3 bucket.", "title": "RoleArn", "type": "string" } }, "required": [ - "MqttTopic", + "Bucket", + "Key", "RoleArn" ], "type": "object" }, - "AWS::IoT::SecurityProfile.StatisticalThreshold": { - "additionalProperties": false, - "properties": { - "Statistic": { - "markdownDescription": "The percentile that resolves to a threshold value by which compliance with a behavior is determined. Metrics are collected over the specified period ( `durationSeconds` ) from all reporting devices in your account and statistical ranks are calculated. Then, the measurements from a device are collected over the same period. If the accumulated measurements from the device fall above or below ( `comparisonOperator` ) the value associated with the percentile specified, then the device is considered to be in compliance with the behavior, otherwise a violation occurs.", - "title": "Statistic", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoT::SoftwarePackage": { + "AWS::GlobalAccelerator::Accelerator": { "additionalProperties": false, "properties": { "Condition": { @@ -122886,30 +128251,46 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A summary of the package being created. This can be used to outline the package's contents or purpose.", - "title": "Description", + "Enabled": { + "markdownDescription": "Indicates whether the accelerator is enabled. The value is true or false. The default value is true.\n\nIf the value is set to true, the accelerator cannot be deleted. If set to false, accelerator can be deleted.", + "title": "Enabled", + "type": "boolean" + }, + "IpAddressType": { + "markdownDescription": "The IP address type that an accelerator supports. For a standard accelerator, the value can be IPV4 or DUAL_STACK.", + "title": "IpAddressType", "type": "string" }, - "PackageName": { - "markdownDescription": "The name of the new software package.", - "title": "PackageName", + "IpAddresses": { + "items": { + "type": "string" + }, + "markdownDescription": "Optionally, if you've added your own IP address pool to Global Accelerator (BYOIP), you can choose IP addresses from your own pool to use for the accelerator's static IP addresses when you create an accelerator. You can specify one or two addresses, separated by a comma. Do not include the /32 suffix.\n\nOnly one IP address from each of your IP address ranges can be used for each accelerator. If you specify only one IP address from your IP address range, Global Accelerator assigns a second static IP address for the accelerator from the AWS IP address pool.\n\nNote that you can't update IP addresses for an existing accelerator. To change them, you must create a new accelerator with the new addresses.\n\nFor more information, see [Bring Your Own IP Addresses (BYOIP)](https://docs.aws.amazon.com/global-accelerator/latest/dg/using-byoip.html) in the *AWS Global Accelerator Developer Guide* .", + "title": "IpAddresses", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the accelerator. The name must contain only alphanumeric characters or hyphens (-), and must not begin or end with a hyphen.", + "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata that can be used to manage the package.", + "markdownDescription": "Create tags for an accelerator.\n\nFor more information, see [Tagging](https://docs.aws.amazon.com/global-accelerator/latest/dg/tagging-in-global-accelerator.html) in the *AWS Global Accelerator Developer Guide* .", "title": "Tags", "type": "array" } }, + "required": [ + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::SoftwarePackage" + "AWS::GlobalAccelerator::Accelerator" ], "type": "string" }, @@ -122923,11 +128304,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoT::SoftwarePackageVersion": { + "AWS::GlobalAccelerator::CrossAccountAttachment": { "additionalProperties": false, "properties": { "Condition": { @@ -122962,49 +128344,44 @@ "Properties": { "additionalProperties": false, "properties": { - "Attributes": { - "additionalProperties": true, - "markdownDescription": "Metadata that can be used to define a package version\u2019s configuration. For example, the S3 file location, configuration options that are being sent to the device or fleet.\n\nThe combined size of all the attributes on a package version is limited to 3KB.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Attributes", - "type": "object" - }, - "Description": { - "markdownDescription": "A summary of the package version being created. This can be used to outline the package's contents or purpose.", - "title": "Description", + "Name": { + "markdownDescription": "The name of the cross-account attachment.", + "title": "Name", "type": "string" }, - "PackageName": { - "markdownDescription": "The name of the associated software package.", - "title": "PackageName", - "type": "string" + "Principals": { + "items": { + "type": "string" + }, + "markdownDescription": "The principals included in the cross-account attachment.", + "title": "Principals", + "type": "array" + }, + "Resources": { + "items": { + "$ref": "#/definitions/AWS::GlobalAccelerator::CrossAccountAttachment.Resource" + }, + "markdownDescription": "The resources included in the cross-account attachment.", + "title": "Resources", + "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata that can be used to manage the package version.", + "markdownDescription": "Add tags for a cross-account attachment.\n\nFor more information, see [Tagging in AWS Global Accelerator](https://docs.aws.amazon.com/global-accelerator/latest/dg/tagging-in-global-accelerator.html) in the *AWS Global Accelerator Developer Guide* .", "title": "Tags", "type": "array" - }, - "VersionName": { - "markdownDescription": "The name of the new package version.", - "title": "VersionName", - "type": "string" } }, "required": [ - "PackageName" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::SoftwarePackageVersion" + "AWS::GlobalAccelerator::CrossAccountAttachment" ], "type": "string" }, @@ -123023,7 +128400,28 @@ ], "type": "object" }, - "AWS::IoT::Thing": { + "AWS::GlobalAccelerator::CrossAccountAttachment.Resource": { + "additionalProperties": false, + "properties": { + "Cidr": { + "markdownDescription": "An IP address range, in CIDR format, that is specified as resource. The address must be provisioned and advertised in AWS Global Accelerator by following the bring your own IP address (BYOIP) process for Global Accelerator\n\nFor more information, see [Bring your own IP addresses (BYOIP)](https://docs.aws.amazon.com/global-accelerator/latest/dg/using-byoip.html) in the AWS Global Accelerator Developer Guide.", + "title": "Cidr", + "type": "string" + }, + "EndpointId": { + "markdownDescription": "The endpoint ID for the endpoint that is specified as a AWS resource.\n\nAn endpoint ID for the cross-account feature is the ARN of an AWS resource, such as a Network Load Balancer, that Global Accelerator supports as an endpoint for an accelerator.", + "title": "EndpointId", + "type": "string" + }, + "Region": { + "markdownDescription": "The AWS Region where a shared endpoint resource is located.", + "title": "Region", + "type": "string" + } + }, + "type": "object" + }, + "AWS::GlobalAccelerator::EndpointGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -123058,22 +128456,72 @@ "Properties": { "additionalProperties": false, "properties": { - "AttributePayload": { - "$ref": "#/definitions/AWS::IoT::Thing.AttributePayload", - "markdownDescription": "A string that contains up to three key value pairs. Maximum length of 800. Duplicates not allowed.", - "title": "AttributePayload" + "EndpointConfigurations": { + "items": { + "$ref": "#/definitions/AWS::GlobalAccelerator::EndpointGroup.EndpointConfiguration" + }, + "markdownDescription": "The list of endpoint objects.", + "title": "EndpointConfigurations", + "type": "array" }, - "ThingName": { - "markdownDescription": "The name of the thing to update.\n\nYou can't change a thing's name. To change a thing's name, you must create a new thing, give it the new name, and then delete the old thing.", - "title": "ThingName", + "EndpointGroupRegion": { + "markdownDescription": "The AWS Regions where the endpoint group is located.", + "title": "EndpointGroupRegion", + "type": "string" + }, + "HealthCheckIntervalSeconds": { + "markdownDescription": "The time\u201410 seconds or 30 seconds\u2014between health checks for each endpoint. The default value is 30.", + "title": "HealthCheckIntervalSeconds", + "type": "number" + }, + "HealthCheckPath": { + "markdownDescription": "If the protocol is HTTP/S, then this value provides the ping path that Global Accelerator uses for the destination on the endpoints for health checks. The default is slash (/).", + "title": "HealthCheckPath", + "type": "string" + }, + "HealthCheckPort": { + "markdownDescription": "The port that Global Accelerator uses to perform health checks on endpoints that are part of this endpoint group.\n\nThe default port is the port for the listener that this endpoint group is associated with. If the listener port is a list, Global Accelerator uses the first specified port in the list of ports.", + "title": "HealthCheckPort", + "type": "number" + }, + "HealthCheckProtocol": { + "markdownDescription": "The protocol that Global Accelerator uses to perform health checks on endpoints that are part of this endpoint group. The default value is TCP.", + "title": "HealthCheckProtocol", + "type": "string" + }, + "ListenerArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the listener.", + "title": "ListenerArn", "type": "string" + }, + "PortOverrides": { + "items": { + "$ref": "#/definitions/AWS::GlobalAccelerator::EndpointGroup.PortOverride" + }, + "markdownDescription": "Allows you to override the destination ports used to route traffic to an endpoint. Using a port override lets you map a list of external destination ports (that your users send traffic to) to a list of internal destination ports that you want an application endpoint to receive traffic on.", + "title": "PortOverrides", + "type": "array" + }, + "ThresholdCount": { + "markdownDescription": "The number of consecutive health checks required to set the state of a healthy endpoint to unhealthy, or to set an unhealthy endpoint to healthy. The default value is 3.", + "title": "ThresholdCount", + "type": "number" + }, + "TrafficDialPercentage": { + "markdownDescription": "The percentage of traffic to send to an AWS Regions . Additional traffic is distributed to other endpoint groups for this listener.\n\nUse this action to increase (dial up) or decrease (dial down) traffic to a specific Region. The percentage is applied to the traffic that would otherwise have been routed to the Region based on optimal routing.\n\nThe default value is 100.", + "title": "TrafficDialPercentage", + "type": "number" } }, + "required": [ + "EndpointGroupRegion", + "ListenerArn" + ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::Thing" + "AWS::GlobalAccelerator::EndpointGroup" ], "type": "string" }, @@ -123087,32 +128535,65 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoT::Thing.AttributePayload": { + "AWS::GlobalAccelerator::EndpointGroup.EndpointConfiguration": { "additionalProperties": false, "properties": { - "Attributes": { - "additionalProperties": true, - "markdownDescription": "A JSON string containing up to three key-value pair in JSON format. For example:\n\n`{\\\"attributes\\\":{\\\"string1\\\":\\\"string2\\\"}}`", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Attributes", - "type": "object" + "AttachmentArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the cross-account attachment that specifies the endpoints (resources) that can be added to accelerators and principals that have permission to add the endpoints.", + "title": "AttachmentArn", + "type": "string" + }, + "ClientIPPreservationEnabled": { + "markdownDescription": "Indicates whether client IP address preservation is enabled for an Application Load Balancer endpoint. The value is true or false. The default value is true for new accelerators.\n\nIf the value is set to true, the client's IP address is preserved in the `X-Forwarded-For` request header as traffic travels to applications on the Application Load Balancer endpoint fronted by the accelerator.\n\nFor more information, see [Preserve Client IP Addresses](https://docs.aws.amazon.com/global-accelerator/latest/dg/preserve-client-ip-address.html) in the *AWS Global Accelerator Developer Guide* .", + "title": "ClientIPPreservationEnabled", + "type": "boolean" + }, + "EndpointId": { + "markdownDescription": "An ID for the endpoint. If the endpoint is a Network Load Balancer or Application Load Balancer, this is the Amazon Resource Name (ARN) of the resource. If the endpoint is an Elastic IP address, this is the Elastic IP address allocation ID. For Amazon EC2 instances, this is the EC2 instance ID. A resource must be valid and active when you add it as an endpoint.\n\nFor cross-account endpoints, this must be the ARN of the resource.", + "title": "EndpointId", + "type": "string" + }, + "Weight": { + "markdownDescription": "The weight associated with the endpoint. When you add weights to endpoints, you configure Global Accelerator to route traffic based on proportions that you specify. For example, you might specify endpoint weights of 4, 5, 5, and 6 (sum=20). The result is that 4/20 of your traffic, on average, is routed to the first endpoint, 5/20 is routed both to the second and third endpoints, and 6/20 is routed to the last endpoint. For more information, see [Endpoint Weights](https://docs.aws.amazon.com/global-accelerator/latest/dg/about-endpoints-endpoint-weights.html) in the *AWS Global Accelerator Developer Guide* .", + "title": "Weight", + "type": "number" } }, + "required": [ + "EndpointId" + ], "type": "object" }, - "AWS::IoT::ThingGroup": { + "AWS::GlobalAccelerator::EndpointGroup.PortOverride": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "EndpointPort": { + "markdownDescription": "The endpoint port that you want a listener port to be mapped to. This is the port on the endpoint, such as the Application Load Balancer or Amazon EC2 instance.", + "title": "EndpointPort", + "type": "number" + }, + "ListenerPort": { + "markdownDescription": "The listener port that you want to map to a specific endpoint port. This is the port that user traffic arrives to the Global Accelerator on.", + "title": "ListenerPort", + "type": "number" + } + }, + "required": [ + "EndpointPort", + "ListenerPort" + ], + "type": "object" + }, + "AWS::GlobalAccelerator::Listener": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" }, "DeletionPolicy": { "enum": [ @@ -123143,40 +128624,40 @@ "Properties": { "additionalProperties": false, "properties": { - "ParentGroupName": { - "markdownDescription": "The parent thing group name.\n\nA Dynamic Thing Group does not have `parentGroupName` defined.", - "title": "ParentGroupName", + "AcceleratorArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of your accelerator.", + "title": "AcceleratorArn", "type": "string" }, - "QueryString": { - "markdownDescription": "The dynamic thing group search query string.\n\nThe `queryString` attribute *is* required for `CreateDynamicThingGroup` . The `queryString` attribute *is not* required for `CreateThingGroup` .", - "title": "QueryString", + "ClientAffinity": { + "markdownDescription": "Client affinity lets you direct all requests from a user to the same endpoint, if you have stateful applications, regardless of the port and protocol of the client request. Client affinity gives you control over whether to always route each client to the same specific endpoint.\n\nAWS Global Accelerator uses a consistent-flow hashing algorithm to choose the optimal endpoint for a connection. If client affinity is `NONE` , Global Accelerator uses the \"five-tuple\" (5-tuple) properties\u2014source IP address, source port, destination IP address, destination port, and protocol\u2014to select the hash value, and then chooses the best endpoint. However, with this setting, if someone uses different ports to connect to Global Accelerator, their connections might not be always routed to the same endpoint because the hash value changes.\n\nIf you want a given client to always be routed to the same endpoint, set client affinity to `SOURCE_IP` instead. When you use the `SOURCE_IP` setting, Global Accelerator uses the \"two-tuple\" (2-tuple) properties\u2014 source (client) IP address and destination IP address\u2014to select the hash value.\n\nThe default value is `NONE` .", + "title": "ClientAffinity", "type": "string" }, - "Tags": { + "PortRanges": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::GlobalAccelerator::Listener.PortRange" }, - "markdownDescription": "Metadata which can be used to manage the thing group or dynamic thing group.", - "title": "Tags", + "markdownDescription": "The list of port ranges for the connections from clients to the accelerator.", + "title": "PortRanges", "type": "array" }, - "ThingGroupName": { - "markdownDescription": "The thing group name.", - "title": "ThingGroupName", + "Protocol": { + "markdownDescription": "The protocol for the connections from clients to the accelerator.", + "title": "Protocol", "type": "string" - }, - "ThingGroupProperties": { - "$ref": "#/definitions/AWS::IoT::ThingGroup.ThingGroupProperties", - "markdownDescription": "Thing group properties.", - "title": "ThingGroupProperties" } }, + "required": [ + "AcceleratorArn", + "PortRanges", + "Protocol" + ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::ThingGroup" + "AWS::GlobalAccelerator::Listener" ], "type": "string" }, @@ -123190,44 +128671,32 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoT::ThingGroup.AttributePayload": { - "additionalProperties": false, - "properties": { - "Attributes": { - "additionalProperties": true, - "markdownDescription": "A JSON string containing up to three key-value pair in JSON format. For example:\n\n`{\\\"attributes\\\":{\\\"string1\\\":\\\"string2\\\"}}`", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Attributes", - "type": "object" - } - }, - "type": "object" - }, - "AWS::IoT::ThingGroup.ThingGroupProperties": { + "AWS::GlobalAccelerator::Listener.PortRange": { "additionalProperties": false, "properties": { - "AttributePayload": { - "$ref": "#/definitions/AWS::IoT::ThingGroup.AttributePayload", - "markdownDescription": "The thing group attributes in JSON format.", - "title": "AttributePayload" + "FromPort": { + "markdownDescription": "The first port in the range of ports, inclusive.", + "title": "FromPort", + "type": "number" }, - "ThingGroupDescription": { - "markdownDescription": "The thing group description.", - "title": "ThingGroupDescription", - "type": "string" + "ToPort": { + "markdownDescription": "The last port in the range of ports, inclusive.", + "title": "ToPort", + "type": "number" } }, + "required": [ + "FromPort", + "ToPort" + ], "type": "object" }, - "AWS::IoT::ThingPrincipalAttachment": { + "AWS::Glue::Classifier": { "additionalProperties": false, "properties": { "Condition": { @@ -123262,26 +128731,32 @@ "Properties": { "additionalProperties": false, "properties": { - "Principal": { - "markdownDescription": "The principal, which can be a certificate ARN (as returned from the `CreateCertificate` operation) or an Amazon Cognito ID.", - "title": "Principal", - "type": "string" + "CsvClassifier": { + "$ref": "#/definitions/AWS::Glue::Classifier.CsvClassifier", + "markdownDescription": "A classifier for comma-separated values (CSV).", + "title": "CsvClassifier" }, - "ThingName": { - "markdownDescription": "The name of the AWS IoT thing.", - "title": "ThingName", - "type": "string" + "GrokClassifier": { + "$ref": "#/definitions/AWS::Glue::Classifier.GrokClassifier", + "markdownDescription": "A classifier that uses `grok` .", + "title": "GrokClassifier" + }, + "JsonClassifier": { + "$ref": "#/definitions/AWS::Glue::Classifier.JsonClassifier", + "markdownDescription": "A classifier for JSON content.", + "title": "JsonClassifier" + }, + "XMLClassifier": { + "$ref": "#/definitions/AWS::Glue::Classifier.XMLClassifier", + "markdownDescription": "A classifier for XML content.", + "title": "XMLClassifier" } }, - "required": [ - "Principal", - "ThingName" - ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::ThingPrincipalAttachment" + "AWS::Glue::Classifier" ], "type": "string" }, @@ -123295,112 +128770,142 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::IoT::ThingType": { + "AWS::Glue::Classifier.CsvClassifier": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "AllowSingleColumn": { + "markdownDescription": "Enables the processing of files that contain only one column.", + "title": "AllowSingleColumn", + "type": "boolean" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ContainsCustomDatatype": { + "items": { + "type": "string" + }, + "markdownDescription": "Indicates whether the CSV file contains custom data types.", + "title": "ContainsCustomDatatype", + "type": "array" + }, + "ContainsHeader": { + "markdownDescription": "Indicates whether the CSV file contains a header.\n\nA value of `UNKNOWN` specifies that the classifier will detect whether the CSV file contains headings.\n\nA value of `PRESENT` specifies that the CSV file contains headings.\n\nA value of `ABSENT` specifies that the CSV file does not contain headings.", + "title": "ContainsHeader", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "CustomDatatypeConfigured": { + "markdownDescription": "Enables the configuration of custom data types.", + "title": "CustomDatatypeConfigured", + "type": "boolean" }, - "Metadata": { - "type": "object" + "Delimiter": { + "markdownDescription": "A custom symbol to denote what separates each column entry in the row.", + "title": "Delimiter", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DeprecateThingType": { - "markdownDescription": "Deprecates a thing type. You can not associate new things with deprecated thing type.\n\nRequires permission to access the [DeprecateThingType](https://docs.aws.amazon.com//service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions) action.", - "title": "DeprecateThingType", - "type": "boolean" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata which can be used to manage the thing type.", - "title": "Tags", - "type": "array" - }, - "ThingTypeName": { - "markdownDescription": "The name of the thing type.", - "title": "ThingTypeName", - "type": "string" - }, - "ThingTypeProperties": { - "$ref": "#/definitions/AWS::IoT::ThingType.ThingTypeProperties", - "markdownDescription": "The thing type properties for the thing type to create. It contains information about the new thing type including a description, a list of searchable thing attribute names, and a list of propagating attributes. After a thing type is created, you can only update `Mqtt5Configuration` .", - "title": "ThingTypeProperties" - } + "DisableValueTrimming": { + "markdownDescription": "Specifies not to trim values before identifying the type of column values. The default value is `true` .", + "title": "DisableValueTrimming", + "type": "boolean" + }, + "Header": { + "items": { + "type": "string" }, - "type": "object" + "markdownDescription": "A list of strings representing column names.", + "title": "Header", + "type": "array" }, - "Type": { - "enum": [ - "AWS::IoT::ThingType" - ], + "Name": { + "markdownDescription": "The name of the classifier.", + "title": "Name", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "QuoteSymbol": { + "markdownDescription": "A custom symbol to denote what combines content into a single column value. It must be different from the column delimiter.", + "title": "QuoteSymbol", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Glue::Classifier.GrokClassifier": { + "additionalProperties": false, + "properties": { + "Classification": { + "markdownDescription": "An identifier of the data format that the classifier matches, such as Twitter, JSON, Omniture logs, and so on.", + "title": "Classification", + "type": "string" + }, + "CustomPatterns": { + "markdownDescription": "Optional custom grok patterns defined by this classifier. For more information, see custom patterns in [Writing Custom Classifiers](https://docs.aws.amazon.com/glue/latest/dg/custom-classifier.html) .", + "title": "CustomPatterns", + "type": "string" + }, + "GrokPattern": { + "markdownDescription": "The grok pattern applied to a data store by this classifier. For more information, see built-in patterns in [Writing Custom Classifiers](https://docs.aws.amazon.com/glue/latest/dg/custom-classifier.html) .", + "title": "GrokPattern", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the classifier.", + "title": "Name", "type": "string" } }, "required": [ - "Type" + "Classification", + "GrokPattern" ], "type": "object" }, - "AWS::IoT::ThingType.ThingTypeProperties": { + "AWS::Glue::Classifier.JsonClassifier": { "additionalProperties": false, "properties": { - "SearchableAttributes": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of searchable thing attribute names.", - "title": "SearchableAttributes", - "type": "array" + "JsonPath": { + "markdownDescription": "A `JsonPath` string defining the JSON data for the classifier to classify. AWS Glue supports a subset of `JsonPath` , as described in [Writing JsonPath Custom Classifiers](https://docs.aws.amazon.com/glue/latest/dg/custom-classifier.html#custom-classifier-json) .", + "title": "JsonPath", + "type": "string" }, - "ThingTypeDescription": { - "markdownDescription": "The description of the thing type.", - "title": "ThingTypeDescription", + "Name": { + "markdownDescription": "The name of the classifier.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "JsonPath" + ], + "type": "object" + }, + "AWS::Glue::Classifier.XMLClassifier": { + "additionalProperties": false, + "properties": { + "Classification": { + "markdownDescription": "An identifier of the data format that the classifier matches.", + "title": "Classification", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the classifier.", + "title": "Name", + "type": "string" + }, + "RowTag": { + "markdownDescription": "The XML tag designating the element that contains each record in an XML document being parsed. This can't identify a self-closing element (closed by `/>` ). An empty row element that contains only attributes can be parsed as long as it ends with a closing tag (for example, `` is okay, but `` is not).", + "title": "RowTag", "type": "string" } }, + "required": [ + "Classification", + "RowTag" + ], "type": "object" }, - "AWS::IoT::TopicRule": { + "AWS::Glue::Connection": { "additionalProperties": false, "properties": { "Condition": { @@ -123435,33 +128940,26 @@ "Properties": { "additionalProperties": false, "properties": { - "RuleName": { - "markdownDescription": "The name of the rule.", - "title": "RuleName", + "CatalogId": { + "markdownDescription": "The ID of the data catalog to create the catalog object in. Currently, this should be the AWS account ID.\n\n> To specify the account ID, you can use the `Ref` intrinsic function with the `AWS::AccountId` pseudo parameter. For example: `!Ref AWS::AccountId` .", + "title": "CatalogId", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata which can be used to manage the topic rule.\n\n> For URI Request parameters use format: ...key1=value1&key2=value2...\n> \n> For the CLI command-line parameter use format: --tags \"key1=value1&key2=value2...\"\n> \n> For the cli-input-json file use format: \"tags\": \"key1=value1&key2=value2...\"", - "title": "Tags", - "type": "array" - }, - "TopicRulePayload": { - "$ref": "#/definitions/AWS::IoT::TopicRule.TopicRulePayload", - "markdownDescription": "The rule payload.", - "title": "TopicRulePayload" + "ConnectionInput": { + "$ref": "#/definitions/AWS::Glue::Connection.ConnectionInput", + "markdownDescription": "The connection that you want to create.", + "title": "ConnectionInput" } }, "required": [ - "TopicRulePayload" + "CatalogId", + "ConnectionInput" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::TopicRule" + "AWS::Glue::Connection" ], "type": "string" }, @@ -123480,1176 +128978,947 @@ ], "type": "object" }, - "AWS::IoT::TopicRule.Action": { + "AWS::Glue::Connection.AuthenticationConfigurationInput": { "additionalProperties": false, "properties": { - "CloudwatchAlarm": { - "$ref": "#/definitions/AWS::IoT::TopicRule.CloudwatchAlarmAction", - "markdownDescription": "Change the state of a CloudWatch alarm.", - "title": "CloudwatchAlarm" - }, - "CloudwatchLogs": { - "$ref": "#/definitions/AWS::IoT::TopicRule.CloudwatchLogsAction", - "markdownDescription": "Sends data to CloudWatch.", - "title": "CloudwatchLogs" - }, - "CloudwatchMetric": { - "$ref": "#/definitions/AWS::IoT::TopicRule.CloudwatchMetricAction", - "markdownDescription": "Capture a CloudWatch metric.", - "title": "CloudwatchMetric" - }, - "DynamoDB": { - "$ref": "#/definitions/AWS::IoT::TopicRule.DynamoDBAction", - "markdownDescription": "Write to a DynamoDB table.", - "title": "DynamoDB" - }, - "DynamoDBv2": { - "$ref": "#/definitions/AWS::IoT::TopicRule.DynamoDBv2Action", - "markdownDescription": "Write to a DynamoDB table. This is a new version of the DynamoDB action. It allows you to write each attribute in an MQTT message payload into a separate DynamoDB column.", - "title": "DynamoDBv2" - }, - "Elasticsearch": { - "$ref": "#/definitions/AWS::IoT::TopicRule.ElasticsearchAction", - "markdownDescription": "Write data to an Amazon OpenSearch Service domain.\n\n> The `Elasticsearch` action can only be used by existing rule actions. To create a new rule action or to update an existing rule action, use the `OpenSearch` rule action instead. For more information, see [OpenSearchAction](https://docs.aws.amazon.com//iot/latest/apireference/API_OpenSearchAction.html) .", - "title": "Elasticsearch" - }, - "Firehose": { - "$ref": "#/definitions/AWS::IoT::TopicRule.FirehoseAction", - "markdownDescription": "Write to an Amazon Kinesis Firehose stream.", - "title": "Firehose" - }, - "Http": { - "$ref": "#/definitions/AWS::IoT::TopicRule.HttpAction", - "markdownDescription": "Send data to an HTTPS endpoint.", - "title": "Http" - }, - "IotAnalytics": { - "$ref": "#/definitions/AWS::IoT::TopicRule.IotAnalyticsAction", - "markdownDescription": "Sends message data to an AWS IoT Analytics channel.", - "title": "IotAnalytics" - }, - "IotEvents": { - "$ref": "#/definitions/AWS::IoT::TopicRule.IotEventsAction", - "markdownDescription": "Sends an input to an AWS IoT Events detector.", - "title": "IotEvents" - }, - "IotSiteWise": { - "$ref": "#/definitions/AWS::IoT::TopicRule.IotSiteWiseAction", - "markdownDescription": "Sends data from the MQTT message that triggered the rule to AWS IoT SiteWise asset properties.", - "title": "IotSiteWise" - }, - "Kafka": { - "$ref": "#/definitions/AWS::IoT::TopicRule.KafkaAction", - "markdownDescription": "Send messages to an Amazon Managed Streaming for Apache Kafka (Amazon MSK) or self-managed Apache Kafka cluster.", - "title": "Kafka" - }, - "Kinesis": { - "$ref": "#/definitions/AWS::IoT::TopicRule.KinesisAction", - "markdownDescription": "Write data to an Amazon Kinesis stream.", - "title": "Kinesis" - }, - "Lambda": { - "$ref": "#/definitions/AWS::IoT::TopicRule.LambdaAction", - "markdownDescription": "Invoke a Lambda function.", - "title": "Lambda" - }, - "Location": { - "$ref": "#/definitions/AWS::IoT::TopicRule.LocationAction", - "markdownDescription": "Sends device location data to [Amazon Location Service](https://docs.aws.amazon.com//location/latest/developerguide/welcome.html) .", - "title": "Location" - }, - "OpenSearch": { - "$ref": "#/definitions/AWS::IoT::TopicRule.OpenSearchAction", - "markdownDescription": "Write data to an Amazon OpenSearch Service domain.", - "title": "OpenSearch" - }, - "Republish": { - "$ref": "#/definitions/AWS::IoT::TopicRule.RepublishAction", - "markdownDescription": "Publish to another MQTT topic.", - "title": "Republish" - }, - "S3": { - "$ref": "#/definitions/AWS::IoT::TopicRule.S3Action", - "markdownDescription": "Write to an Amazon S3 bucket.", - "title": "S3" - }, - "Sns": { - "$ref": "#/definitions/AWS::IoT::TopicRule.SnsAction", - "markdownDescription": "Publish to an Amazon SNS topic.", - "title": "Sns" + "AuthenticationType": { + "markdownDescription": "A structure containing the authentication configuration in the CreateConnection request.", + "title": "AuthenticationType", + "type": "string" }, - "Sqs": { - "$ref": "#/definitions/AWS::IoT::TopicRule.SqsAction", - "markdownDescription": "Publish to an Amazon SQS queue.", - "title": "Sqs" + "BasicAuthenticationCredentials": { + "$ref": "#/definitions/AWS::Glue::Connection.BasicAuthenticationCredentials", + "markdownDescription": "The credentials used when the authentication type is basic authentication.", + "title": "BasicAuthenticationCredentials" }, - "StepFunctions": { - "$ref": "#/definitions/AWS::IoT::TopicRule.StepFunctionsAction", - "markdownDescription": "Starts execution of a Step Functions state machine.", - "title": "StepFunctions" + "CustomAuthenticationCredentials": { + "markdownDescription": "The credentials used when the authentication type is custom authentication.", + "title": "CustomAuthenticationCredentials", + "type": "object" }, - "Timestream": { - "$ref": "#/definitions/AWS::IoT::TopicRule.TimestreamAction", - "markdownDescription": "Writes attributes from an MQTT message.", - "title": "Timestream" - } - }, - "type": "object" - }, - "AWS::IoT::TopicRule.AssetPropertyTimestamp": { - "additionalProperties": false, - "properties": { - "OffsetInNanos": { - "markdownDescription": "Optional. A string that contains the nanosecond time offset. Accepts substitution templates.", - "title": "OffsetInNanos", + "KmsKeyArn": { + "markdownDescription": "The ARN of the KMS key used to encrypt the connection. Only taken an as input in the request and stored in the Secret Manager.", + "title": "KmsKeyArn", "type": "string" }, - "TimeInSeconds": { - "markdownDescription": "A string that contains the time in seconds since epoch. Accepts substitution templates.", - "title": "TimeInSeconds", + "OAuth2Properties": { + "$ref": "#/definitions/AWS::Glue::Connection.OAuth2PropertiesInput", + "markdownDescription": "The properties for OAuth2 authentication in the CreateConnection request.", + "title": "OAuth2Properties" + }, + "SecretArn": { + "markdownDescription": "The secret manager ARN to store credentials in the CreateConnection request.", + "title": "SecretArn", "type": "string" } }, "required": [ - "TimeInSeconds" + "AuthenticationType" ], "type": "object" }, - "AWS::IoT::TopicRule.AssetPropertyValue": { + "AWS::Glue::Connection.AuthorizationCodeProperties": { "additionalProperties": false, "properties": { - "Quality": { - "markdownDescription": "Optional. A string that describes the quality of the value. Accepts substitution templates. Must be `GOOD` , `BAD` , or `UNCERTAIN` .", - "title": "Quality", + "AuthorizationCode": { + "markdownDescription": "An authorization code to be used in the third leg of the `AUTHORIZATION_CODE` grant workflow. This is a single-use code which becomes invalid once exchanged for an access token, thus it is acceptable to have this value as a request parameter.", + "title": "AuthorizationCode", "type": "string" }, - "Timestamp": { - "$ref": "#/definitions/AWS::IoT::TopicRule.AssetPropertyTimestamp", - "markdownDescription": "The asset property value timestamp.", - "title": "Timestamp" - }, - "Value": { - "$ref": "#/definitions/AWS::IoT::TopicRule.AssetPropertyVariant", - "markdownDescription": "The value of the asset property.", - "title": "Value" + "RedirectUri": { + "markdownDescription": "The redirect URI where the user gets redirected to by authorization server when issuing an authorization code. The URI is subsequently used when the authorization code is exchanged for an access token.", + "title": "RedirectUri", + "type": "string" } }, - "required": [ - "Timestamp", - "Value" - ], "type": "object" }, - "AWS::IoT::TopicRule.AssetPropertyVariant": { + "AWS::Glue::Connection.BasicAuthenticationCredentials": { "additionalProperties": false, "properties": { - "BooleanValue": { - "markdownDescription": "Optional. A string that contains the boolean value ( `true` or `false` ) of the value entry. Accepts substitution templates.", - "title": "BooleanValue", - "type": "string" - }, - "DoubleValue": { - "markdownDescription": "Optional. A string that contains the double value of the value entry. Accepts substitution templates.", - "title": "DoubleValue", - "type": "string" - }, - "IntegerValue": { - "markdownDescription": "Optional. A string that contains the integer value of the value entry. Accepts substitution templates.", - "title": "IntegerValue", + "Password": { + "markdownDescription": "The password to connect to the data source.", + "title": "Password", "type": "string" }, - "StringValue": { - "markdownDescription": "Optional. The string value of the value entry. Accepts substitution templates.", - "title": "StringValue", + "Username": { + "markdownDescription": "The username to connect to the data source.", + "title": "Username", "type": "string" } }, "type": "object" }, - "AWS::IoT::TopicRule.CloudwatchAlarmAction": { + "AWS::Glue::Connection.ConnectionInput": { "additionalProperties": false, "properties": { - "AlarmName": { - "markdownDescription": "The CloudWatch alarm name.", - "title": "AlarmName", - "type": "string" + "AthenaProperties": { + "markdownDescription": "Connection properties specific to the Athena compute environment.", + "title": "AthenaProperties", + "type": "object" }, - "RoleArn": { - "markdownDescription": "The IAM role that allows access to the CloudWatch alarm.", - "title": "RoleArn", + "AuthenticationConfiguration": { + "$ref": "#/definitions/AWS::Glue::Connection.AuthenticationConfigurationInput", + "markdownDescription": "The authentication properties of the connection.", + "title": "AuthenticationConfiguration" + }, + "ConnectionProperties": { + "markdownDescription": "These key-value pairs define parameters for the connection.", + "title": "ConnectionProperties", + "type": "object" + }, + "ConnectionType": { + "markdownDescription": "The type of the connection. Currently, these types are supported:\n\n- `JDBC` - Designates a connection to a database through Java Database Connectivity (JDBC).\n\n`JDBC` Connections use the following ConnectionParameters.\n\n- Required: All of ( `HOST` , `PORT` , `JDBC_ENGINE` ) or `JDBC_CONNECTION_URL` .\n- Required: All of ( `USERNAME` , `PASSWORD` ) or `SECRET_ID` .\n- Optional: `JDBC_ENFORCE_SSL` , `CUSTOM_JDBC_CERT` , `CUSTOM_JDBC_CERT_STRING` , `SKIP_CUSTOM_JDBC_CERT_VALIDATION` . These parameters are used to configure SSL with JDBC.\n- `KAFKA` - Designates a connection to an Apache Kafka streaming platform.\n\n`KAFKA` Connections use the following ConnectionParameters.\n\n- Required: `KAFKA_BOOTSTRAP_SERVERS` .\n- Optional: `KAFKA_SSL_ENABLED` , `KAFKA_CUSTOM_CERT` , `KAFKA_SKIP_CUSTOM_CERT_VALIDATION` . These parameters are used to configure SSL with `KAFKA` .\n- Optional: `KAFKA_CLIENT_KEYSTORE` , `KAFKA_CLIENT_KEYSTORE_PASSWORD` , `KAFKA_CLIENT_KEY_PASSWORD` , `ENCRYPTED_KAFKA_CLIENT_KEYSTORE_PASSWORD` , `ENCRYPTED_KAFKA_CLIENT_KEY_PASSWORD` . These parameters are used to configure TLS client configuration with SSL in `KAFKA` .\n- Optional: `KAFKA_SASL_MECHANISM` . Can be specified as `SCRAM-SHA-512` , `GSSAPI` , or `AWS_MSK_IAM` .\n- Optional: `KAFKA_SASL_SCRAM_USERNAME` , `KAFKA_SASL_SCRAM_PASSWORD` , `ENCRYPTED_KAFKA_SASL_SCRAM_PASSWORD` . These parameters are used to configure SASL/SCRAM-SHA-512 authentication with `KAFKA` .\n- Optional: `KAFKA_SASL_GSSAPI_KEYTAB` , `KAFKA_SASL_GSSAPI_KRB5_CONF` , `KAFKA_SASL_GSSAPI_SERVICE` , `KAFKA_SASL_GSSAPI_PRINCIPAL` . These parameters are used to configure SASL/GSSAPI authentication with `KAFKA` .\n- `MONGODB` - Designates a connection to a MongoDB document database.\n\n`MONGODB` Connections use the following ConnectionParameters.\n\n- Required: `CONNECTION_URL` .\n- Required: All of ( `USERNAME` , `PASSWORD` ) or `SECRET_ID` .\n- `VIEW_VALIDATION_REDSHIFT` - Designates a connection used for view validation by Amazon Redshift.\n- `VIEW_VALIDATION_ATHENA` - Designates a connection used for view validation by Amazon Athena.\n- `NETWORK` - Designates a network connection to a data source within an Amazon Virtual Private Cloud environment (Amazon VPC).\n\n`NETWORK` Connections do not require ConnectionParameters. Instead, provide a PhysicalConnectionRequirements.\n- `MARKETPLACE` - Uses configuration settings contained in a connector purchased from AWS Marketplace to read from and write to data stores that are not natively supported by AWS Glue .\n\n`MARKETPLACE` Connections use the following ConnectionParameters.\n\n- Required: `CONNECTOR_TYPE` , `CONNECTOR_URL` , `CONNECTOR_CLASS_NAME` , `CONNECTION_URL` .\n- Required for `JDBC` `CONNECTOR_TYPE` connections: All of ( `USERNAME` , `PASSWORD` ) or `SECRET_ID` .\n- `CUSTOM` - Uses configuration settings contained in a custom connector to read from and write to data stores that are not natively supported by AWS Glue .\n\nAdditionally, a `ConnectionType` for the following SaaS connectors is supported:\n\n- `FACEBOOKADS` - Designates a connection to Facebook Ads.\n- `GOOGLEADS` - Designates a connection to Google Ads.\n- `GOOGLESHEETS` - Designates a connection to Google Sheets.\n- `GOOGLEANALYTICS4` - Designates a connection to Google Analytics 4.\n- `HUBSPOT` - Designates a connection to HubSpot.\n- `INSTAGRAMADS` - Designates a connection to Instagram Ads.\n- `INTERCOM` - Designates a connection to Intercom.\n- `JIRACLOUD` - Designates a connection to Jira Cloud.\n- `MARKETO` - Designates a connection to Adobe Marketo Engage.\n- `NETSUITEERP` - Designates a connection to Oracle NetSuite.\n- `SALESFORCE` - Designates a connection to Salesforce using OAuth authentication.\n- `SALESFORCEMARKETINGCLOUD` - Designates a connection to Salesforce Marketing Cloud.\n- `SALESFORCEPARDOT` - Designates a connection to Salesforce Marketing Cloud Account Engagement (MCAE).\n- `SAPODATA` - Designates a connection to SAP OData.\n- `SERVICENOW` - Designates a connection to ServiceNow.\n- `SLACK` - Designates a connection to Slack.\n- `SNAPCHATADS` - Designates a connection to Snapchat Ads.\n- `STRIPE` - Designates a connection to Stripe.\n- `ZENDESK` - Designates a connection to Zendesk.\n- `ZOHOCRM` - Designates a connection to Zoho CRM.\n\nFor more information on the connection parameters needed for a particular connector, see the documentation for the connector in [Adding an AWS Glue connection](https://docs.aws.amazon.com/glue/latest/dg/console-connections.html) in the AWS Glue User Guide.\n\n`SFTP` is not supported.\n\nFor more information about how optional ConnectionProperties are used to configure features in AWS Glue , consult [AWS Glue connection properties](https://docs.aws.amazon.com/glue/latest/dg/connection-defining.html) .\n\nFor more information about how optional ConnectionProperties are used to configure features in AWS Glue Studio, consult [Using connectors and connections](https://docs.aws.amazon.com/glue/latest/ug/connectors-chapter.html) .", + "title": "ConnectionType", "type": "string" }, - "StateReason": { - "markdownDescription": "The reason for the alarm change.", - "title": "StateReason", + "Description": { + "markdownDescription": "The description of the connection.", + "title": "Description", "type": "string" }, - "StateValue": { - "markdownDescription": "The value of the alarm state. Acceptable values are: OK, ALARM, INSUFFICIENT_DATA.", - "title": "StateValue", + "MatchCriteria": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of criteria that can be used in selecting this connection.", + "title": "MatchCriteria", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the connection.", + "title": "Name", "type": "string" + }, + "PhysicalConnectionRequirements": { + "$ref": "#/definitions/AWS::Glue::Connection.PhysicalConnectionRequirements", + "markdownDescription": "The physical connection requirements, such as virtual private cloud (VPC) and `SecurityGroup` , that are needed to successfully make this connection.", + "title": "PhysicalConnectionRequirements" + }, + "PythonProperties": { + "markdownDescription": "Connection properties specific to the Python compute environment.", + "title": "PythonProperties", + "type": "object" + }, + "SparkProperties": { + "markdownDescription": "Connection properties specific to the Spark compute environment.", + "title": "SparkProperties", + "type": "object" + }, + "ValidateCredentials": { + "markdownDescription": "A flag to validate the credentials during create connection. Default is true.", + "title": "ValidateCredentials", + "type": "boolean" + }, + "ValidateForComputeEnvironments": { + "items": { + "type": "string" + }, + "markdownDescription": "The compute environments that the specified connection properties are validated against.", + "title": "ValidateForComputeEnvironments", + "type": "array" } }, "required": [ - "AlarmName", - "RoleArn", - "StateReason", - "StateValue" + "ConnectionType" ], "type": "object" }, - "AWS::IoT::TopicRule.CloudwatchLogsAction": { + "AWS::Glue::Connection.OAuth2ClientApplication": { "additionalProperties": false, "properties": { - "BatchMode": { - "markdownDescription": "Indicates whether batches of log records will be extracted and uploaded into CloudWatch.", - "title": "BatchMode", - "type": "boolean" - }, - "LogGroupName": { - "markdownDescription": "The CloudWatch log name.", - "title": "LogGroupName", + "AWSManagedClientApplicationReference": { + "markdownDescription": "The reference to the SaaS-side client app that is AWS managed.", + "title": "AWSManagedClientApplicationReference", "type": "string" }, - "RoleArn": { - "markdownDescription": "The IAM role that allows access to the CloudWatch log.", - "title": "RoleArn", + "UserManagedClientApplicationClientId": { + "markdownDescription": "The client application clientID if the ClientAppType is `USER_MANAGED` .", + "title": "UserManagedClientApplicationClientId", "type": "string" } }, - "required": [ - "LogGroupName", - "RoleArn" - ], "type": "object" }, - "AWS::IoT::TopicRule.CloudwatchMetricAction": { + "AWS::Glue::Connection.OAuth2Credentials": { "additionalProperties": false, "properties": { - "MetricName": { - "markdownDescription": "The CloudWatch metric name.", - "title": "MetricName", - "type": "string" - }, - "MetricNamespace": { - "markdownDescription": "The CloudWatch metric namespace name.", - "title": "MetricNamespace", - "type": "string" - }, - "MetricTimestamp": { - "markdownDescription": "An optional [Unix timestamp](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/cloudwatch_concepts.html#about_timestamp) .", - "title": "MetricTimestamp", + "AccessToken": { + "markdownDescription": "The access token used when the authentication type is OAuth2.", + "title": "AccessToken", "type": "string" }, - "MetricUnit": { - "markdownDescription": "The [metric unit](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/cloudwatch_concepts.html#Unit) supported by CloudWatch.", - "title": "MetricUnit", + "JwtToken": { + "markdownDescription": "The JSON Web Token (JWT) used when the authentication type is OAuth2.", + "title": "JwtToken", "type": "string" }, - "MetricValue": { - "markdownDescription": "The CloudWatch metric value.", - "title": "MetricValue", + "RefreshToken": { + "markdownDescription": "The refresh token used when the authentication type is OAuth2.", + "title": "RefreshToken", "type": "string" }, - "RoleArn": { - "markdownDescription": "The IAM role that allows access to the CloudWatch metric.", - "title": "RoleArn", + "UserManagedClientApplicationClientSecret": { + "markdownDescription": "The client application client secret if the client application is user managed.", + "title": "UserManagedClientApplicationClientSecret", "type": "string" } }, - "required": [ - "MetricName", - "MetricNamespace", - "MetricUnit", - "MetricValue", - "RoleArn" - ], "type": "object" }, - "AWS::IoT::TopicRule.DynamoDBAction": { + "AWS::Glue::Connection.OAuth2PropertiesInput": { "additionalProperties": false, "properties": { - "HashKeyField": { - "markdownDescription": "The hash key name.", - "title": "HashKeyField", - "type": "string" - }, - "HashKeyType": { - "markdownDescription": "The hash key type. Valid values are \"STRING\" or \"NUMBER\"", - "title": "HashKeyType", - "type": "string" - }, - "HashKeyValue": { - "markdownDescription": "The hash key value.", - "title": "HashKeyValue", - "type": "string" - }, - "PayloadField": { - "markdownDescription": "The action payload. This name can be customized.", - "title": "PayloadField", - "type": "string" + "AuthorizationCodeProperties": { + "$ref": "#/definitions/AWS::Glue::Connection.AuthorizationCodeProperties", + "markdownDescription": "The set of properties required for the the OAuth2 `AUTHORIZATION_CODE` grant type.", + "title": "AuthorizationCodeProperties" }, - "RangeKeyField": { - "markdownDescription": "The range key name.", - "title": "RangeKeyField", - "type": "string" + "OAuth2ClientApplication": { + "$ref": "#/definitions/AWS::Glue::Connection.OAuth2ClientApplication", + "markdownDescription": "The client application type in the CreateConnection request. For example, `AWS_MANAGED` or `USER_MANAGED` .", + "title": "OAuth2ClientApplication" }, - "RangeKeyType": { - "markdownDescription": "The range key type. Valid values are \"STRING\" or \"NUMBER\"", - "title": "RangeKeyType", - "type": "string" + "OAuth2Credentials": { + "$ref": "#/definitions/AWS::Glue::Connection.OAuth2Credentials", + "markdownDescription": "The credentials used when the authentication type is OAuth2 authentication.", + "title": "OAuth2Credentials" }, - "RangeKeyValue": { - "markdownDescription": "The range key value.", - "title": "RangeKeyValue", + "OAuth2GrantType": { + "markdownDescription": "The OAuth2 grant type in the CreateConnection request. For example, `AUTHORIZATION_CODE` , `JWT_BEARER` , or `CLIENT_CREDENTIALS` .", + "title": "OAuth2GrantType", "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role that grants access to the DynamoDB table.", - "title": "RoleArn", + "TokenUrl": { + "markdownDescription": "The URL of the provider's authentication server, to exchange an authorization code for an access token.", + "title": "TokenUrl", "type": "string" }, - "TableName": { - "markdownDescription": "The name of the DynamoDB table.", - "title": "TableName", - "type": "string" + "TokenUrlParametersMap": { + "markdownDescription": "A map of parameters that are added to the token `GET` request.", + "title": "TokenUrlParametersMap", + "type": "object" } }, - "required": [ - "HashKeyField", - "HashKeyValue", - "RoleArn", - "TableName" - ], "type": "object" }, - "AWS::IoT::TopicRule.DynamoDBv2Action": { + "AWS::Glue::Connection.PhysicalConnectionRequirements": { "additionalProperties": false, "properties": { - "PutItem": { - "$ref": "#/definitions/AWS::IoT::TopicRule.PutItemInput", - "markdownDescription": "Specifies the DynamoDB table to which the message data will be written. For example:\n\n`{ \"dynamoDBv2\": { \"roleArn\": \"aws:iam:12341251:my-role\" \"putItem\": { \"tableName\": \"my-table\" } } }`\n\nEach attribute in the message payload will be written to a separate column in the DynamoDB database.", - "title": "PutItem" + "AvailabilityZone": { + "markdownDescription": "The connection's Availability Zone.", + "title": "AvailabilityZone", + "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role that grants access to the DynamoDB table.", - "title": "RoleArn", + "SecurityGroupIdList": { + "items": { + "type": "string" + }, + "markdownDescription": "The security group ID list used by the connection.", + "title": "SecurityGroupIdList", + "type": "array" + }, + "SubnetId": { + "markdownDescription": "The subnet ID used by the connection.", + "title": "SubnetId", "type": "string" } }, "type": "object" }, - "AWS::IoT::TopicRule.ElasticsearchAction": { + "AWS::Glue::Crawler": { "additionalProperties": false, "properties": { - "Endpoint": { - "markdownDescription": "The endpoint of your OpenSearch domain.", - "title": "Endpoint", + "Condition": { "type": "string" }, - "Id": { - "markdownDescription": "The unique identifier for the document you are storing.", - "title": "Id", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Index": { - "markdownDescription": "The index where you want to store your data.", - "title": "Index", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "RoleArn": { - "markdownDescription": "The IAM role ARN that has access to OpenSearch.", - "title": "RoleArn", - "type": "string" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Classifiers": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of UTF-8 strings that specify the names of custom classifiers that are associated with the crawler.", + "title": "Classifiers", + "type": "array" + }, + "Configuration": { + "markdownDescription": "Crawler configuration information. This versioned JSON string allows users to specify aspects of a crawler's behavior. For more information, see [Configuring a Crawler](https://docs.aws.amazon.com/glue/latest/dg/crawler-configuration.html) .", + "title": "Configuration", + "type": "string" + }, + "CrawlerSecurityConfiguration": { + "markdownDescription": "The name of the `SecurityConfiguration` structure to be used by this crawler.", + "title": "CrawlerSecurityConfiguration", + "type": "string" + }, + "DatabaseName": { + "markdownDescription": "The name of the database in which the crawler's output is stored.", + "title": "DatabaseName", + "type": "string" + }, + "Description": { + "markdownDescription": "A description of the crawler.", + "title": "Description", + "type": "string" + }, + "LakeFormationConfiguration": { + "$ref": "#/definitions/AWS::Glue::Crawler.LakeFormationConfiguration", + "markdownDescription": "Specifies whether the crawler should use AWS Lake Formation credentials for the crawler instead of the IAM role credentials.", + "title": "LakeFormationConfiguration" + }, + "Name": { + "markdownDescription": "The name of the crawler.", + "title": "Name", + "type": "string" + }, + "RecrawlPolicy": { + "$ref": "#/definitions/AWS::Glue::Crawler.RecrawlPolicy", + "markdownDescription": "A policy that specifies whether to crawl the entire dataset again, or to crawl only folders that were added since the last crawler run.", + "title": "RecrawlPolicy" + }, + "Role": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role that's used to access customer resources, such as Amazon Simple Storage Service (Amazon S3) data.", + "title": "Role", + "type": "string" + }, + "Schedule": { + "$ref": "#/definitions/AWS::Glue::Crawler.Schedule", + "markdownDescription": "For scheduled crawlers, the schedule when the crawler runs.", + "title": "Schedule" + }, + "SchemaChangePolicy": { + "$ref": "#/definitions/AWS::Glue::Crawler.SchemaChangePolicy", + "markdownDescription": "The policy that specifies update and delete behaviors for the crawler. The policy tells the crawler what to do in the event that it detects a change in a table that already exists in the customer's database at the time of the crawl. The `SchemaChangePolicy` does not affect whether or how new tables and partitions are added. New tables and partitions are always created regardless of the `SchemaChangePolicy` on a crawler.\n\nThe SchemaChangePolicy consists of two components, `UpdateBehavior` and `DeleteBehavior` .", + "title": "SchemaChangePolicy" + }, + "TablePrefix": { + "markdownDescription": "The prefix added to the names of tables that are created.", + "title": "TablePrefix", + "type": "string" + }, + "Tags": { + "markdownDescription": "The tags to use with this crawler.", + "title": "Tags", + "type": "object" + }, + "Targets": { + "$ref": "#/definitions/AWS::Glue::Crawler.Targets", + "markdownDescription": "A collection of targets to crawl.", + "title": "Targets" + } + }, + "required": [ + "Role", + "Targets" + ], + "type": "object" }, "Type": { - "markdownDescription": "The type of document you are storing.", - "title": "Type", + "enum": [ + "AWS::Glue::Crawler" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Endpoint", - "Id", - "Index", - "RoleArn", - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoT::TopicRule.FirehoseAction": { + "AWS::Glue::Crawler.CatalogTarget": { "additionalProperties": false, "properties": { - "BatchMode": { - "markdownDescription": "Whether to deliver the Kinesis Data Firehose stream as a batch by using [`PutRecordBatch`](https://docs.aws.amazon.com/firehose/latest/APIReference/API_PutRecordBatch.html) . The default value is `false` .\n\nWhen `batchMode` is `true` and the rule's SQL statement evaluates to an Array, each Array element forms one record in the [`PutRecordBatch`](https://docs.aws.amazon.com/firehose/latest/APIReference/API_PutRecordBatch.html) request. The resulting array can't have more than 500 records.", - "title": "BatchMode", - "type": "boolean" + "ConnectionName": { + "markdownDescription": "The name of the connection for an Amazon S3-backed Data Catalog table to be a target of the crawl when using a `Catalog` connection type paired with a `NETWORK` Connection type.", + "title": "ConnectionName", + "type": "string" }, - "DeliveryStreamName": { - "markdownDescription": "The delivery stream name.", - "title": "DeliveryStreamName", + "DatabaseName": { + "markdownDescription": "The name of the database to be synchronized.", + "title": "DatabaseName", "type": "string" }, - "RoleArn": { - "markdownDescription": "The IAM role that grants access to the Amazon Kinesis Firehose stream.", - "title": "RoleArn", + "DlqEventQueueArn": { + "markdownDescription": "A valid Amazon dead-letter SQS ARN. For example, `arn:aws:sqs:region:account:deadLetterQueue` .", + "title": "DlqEventQueueArn", "type": "string" }, - "Separator": { - "markdownDescription": "A character separator that will be used to separate records written to the Firehose stream. Valid values are: '\\n' (newline), '\\t' (tab), '\\r\\n' (Windows newline), ',' (comma).", - "title": "Separator", + "EventQueueArn": { + "markdownDescription": "A valid Amazon SQS ARN. For example, `arn:aws:sqs:region:account:sqs` .", + "title": "EventQueueArn", "type": "string" + }, + "Tables": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the tables to be synchronized.", + "title": "Tables", + "type": "array" } }, - "required": [ - "DeliveryStreamName", - "RoleArn" - ], "type": "object" }, - "AWS::IoT::TopicRule.HttpAction": { + "AWS::Glue::Crawler.DeltaTarget": { "additionalProperties": false, "properties": { - "Auth": { - "$ref": "#/definitions/AWS::IoT::TopicRule.HttpAuthorization", - "markdownDescription": "The authentication method to use when sending data to an HTTPS endpoint.", - "title": "Auth" - }, - "ConfirmationUrl": { - "markdownDescription": "The URL to which AWS IoT sends a confirmation message. The value of the confirmation URL must be a prefix of the endpoint URL. If you do not specify a confirmation URL AWS IoT uses the endpoint URL as the confirmation URL. If you use substitution templates in the confirmationUrl, you must create and enable topic rule destinations that match each possible value of the substitution template before traffic is allowed to your endpoint URL.", - "title": "ConfirmationUrl", + "ConnectionName": { + "markdownDescription": "The name of the connection to use to connect to the Delta table target.", + "title": "ConnectionName", "type": "string" }, - "Headers": { + "CreateNativeDeltaTable": { + "markdownDescription": "Specifies whether the crawler will create native tables, to allow integration with query engines that support querying of the Delta transaction log directly.", + "title": "CreateNativeDeltaTable", + "type": "boolean" + }, + "DeltaTables": { "items": { - "$ref": "#/definitions/AWS::IoT::TopicRule.HttpActionHeader" + "type": "string" }, - "markdownDescription": "The HTTP headers to send with the message data.", - "title": "Headers", + "markdownDescription": "A list of the Amazon S3 paths to the Delta tables.", + "title": "DeltaTables", "type": "array" }, - "Url": { - "markdownDescription": "The endpoint URL. If substitution templates are used in the URL, you must also specify a `confirmationUrl` . If this is a new destination, a new `TopicRuleDestination` is created if possible.", - "title": "Url", - "type": "string" + "WriteManifest": { + "markdownDescription": "Specifies whether to write the manifest files to the Delta table path.", + "title": "WriteManifest", + "type": "boolean" } }, - "required": [ - "Url" - ], "type": "object" }, - "AWS::IoT::TopicRule.HttpActionHeader": { + "AWS::Glue::Crawler.DynamoDBTarget": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The HTTP header key.", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "The HTTP header value. Substitution templates are supported.", - "title": "Value", + "Path": { + "markdownDescription": "The name of the DynamoDB table to crawl.", + "title": "Path", "type": "string" } }, - "required": [ - "Key", - "Value" - ], "type": "object" }, - "AWS::IoT::TopicRule.HttpAuthorization": { + "AWS::Glue::Crawler.HudiTarget": { "additionalProperties": false, "properties": { - "Sigv4": { - "$ref": "#/definitions/AWS::IoT::TopicRule.SigV4Authorization", - "markdownDescription": "Use Sig V4 authorization. For more information, see [Signature Version 4 Signing Process](https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) .", - "title": "Sigv4" + "ConnectionName": { + "markdownDescription": "The name of the connection to use to connect to the Hudi target. If your Hudi files are stored in buckets that require VPC authorization, you can set their connection properties here.", + "title": "ConnectionName", + "type": "string" + }, + "Exclusions": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of glob patterns used to exclude from the crawl. For more information, see [Catalog Tables with a Crawler](https://docs.aws.amazon.com/glue/latest/dg/add-crawler.html) .", + "title": "Exclusions", + "type": "array" + }, + "MaximumTraversalDepth": { + "markdownDescription": "The maximum depth of Amazon S3 paths that the crawler can traverse to discover the Hudi metadata folder in your Amazon S3 path. Used to limit the crawler run time.", + "title": "MaximumTraversalDepth", + "type": "number" + }, + "Paths": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of Amazon S3 location strings for Hudi, each indicating the root folder with which the metadata files for a Hudi table resides. The Hudi folder may be located in a child folder of the root folder.\n\nThe crawler will scan all folders underneath a path for a Hudi folder.", + "title": "Paths", + "type": "array" } }, "type": "object" }, - "AWS::IoT::TopicRule.IotAnalyticsAction": { + "AWS::Glue::Crawler.IcebergTarget": { "additionalProperties": false, "properties": { - "BatchMode": { - "markdownDescription": "Whether to process the action as a batch. The default value is `false` .\n\nWhen `batchMode` is `true` and the rule SQL statement evaluates to an Array, each Array element is delivered as a separate message when passed by [`BatchPutMessage`](https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_BatchPutMessage.html) The resulting array can't have more than 100 messages.", - "title": "BatchMode", - "type": "boolean" - }, - "ChannelName": { - "markdownDescription": "The name of the IoT Analytics channel to which message data will be sent.", - "title": "ChannelName", + "ConnectionName": { + "markdownDescription": "The name of the connection to use to connect to the Iceberg target.", + "title": "ConnectionName", "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the role which has a policy that grants IoT Analytics permission to send message data via IoT Analytics (iotanalytics:BatchPutMessage).", - "title": "RoleArn", - "type": "string" + "Exclusions": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of global patterns used to exclude from the crawl.", + "title": "Exclusions", + "type": "array" + }, + "MaximumTraversalDepth": { + "markdownDescription": "The maximum depth of Amazon S3 paths that the crawler can traverse to discover the Iceberg metadata folder in your Amazon S3 path. Used to limit the crawler run time.", + "title": "MaximumTraversalDepth", + "type": "number" + }, + "Paths": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more Amazon S3 paths that contains Iceberg metadata folders as s3://bucket/prefix .", + "title": "Paths", + "type": "array" } }, - "required": [ - "ChannelName", - "RoleArn" - ], "type": "object" }, - "AWS::IoT::TopicRule.IotEventsAction": { + "AWS::Glue::Crawler.JdbcTarget": { "additionalProperties": false, "properties": { - "BatchMode": { - "markdownDescription": "Whether to process the event actions as a batch. The default value is `false` .\n\nWhen `batchMode` is `true` , you can't specify a `messageId` .\n\nWhen `batchMode` is `true` and the rule SQL statement evaluates to an Array, each Array element is treated as a separate message when Events by calling [`BatchPutMessage`](https://docs.aws.amazon.com/iotevents/latest/apireference/API_iotevents-data_BatchPutMessage.html) . The resulting array can't have more than 10 messages.", - "title": "BatchMode", - "type": "boolean" - }, - "InputName": { - "markdownDescription": "The name of the AWS IoT Events input.", - "title": "InputName", + "ConnectionName": { + "markdownDescription": "The name of the connection to use to connect to the JDBC target.", + "title": "ConnectionName", "type": "string" }, - "MessageId": { - "markdownDescription": "The ID of the message. The default `messageId` is a new UUID value.\n\nWhen `batchMode` is `true` , you can't specify a `messageId` --a new UUID value will be assigned.\n\nAssign a value to this property to ensure that only one input (message) with a given `messageId` will be processed by an AWS IoT Events detector.", - "title": "MessageId", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN of the role that grants AWS IoT permission to send an input to an AWS IoT Events detector. (\"Action\":\"iotevents:BatchPutMessage\").", - "title": "RoleArn", - "type": "string" - } - }, - "required": [ - "InputName", - "RoleArn" - ], - "type": "object" - }, - "AWS::IoT::TopicRule.IotSiteWiseAction": { - "additionalProperties": false, - "properties": { - "PutAssetPropertyValueEntries": { + "EnableAdditionalMetadata": { "items": { - "$ref": "#/definitions/AWS::IoT::TopicRule.PutAssetPropertyValueEntry" + "type": "string" }, - "markdownDescription": "A list of asset property value entries.", - "title": "PutAssetPropertyValueEntries", + "markdownDescription": "Specify a value of `RAWTYPES` or `COMMENTS` to enable additional metadata in table responses. `RAWTYPES` provides the native-level datatype. `COMMENTS` provides comments associated with a column or table in the database.\n\nIf you do not need additional metadata, keep the field empty.", + "title": "EnableAdditionalMetadata", "type": "array" }, - "RoleArn": { - "markdownDescription": "The ARN of the role that grants AWS IoT permission to send an asset property value to AWS IoT SiteWise. ( `\"Action\": \"iotsitewise:BatchPutAssetPropertyValue\"` ). The trust policy can restrict access to specific asset hierarchy paths.", - "title": "RoleArn", - "type": "string" - } - }, - "required": [ - "PutAssetPropertyValueEntries", - "RoleArn" - ], - "type": "object" - }, - "AWS::IoT::TopicRule.KafkaAction": { - "additionalProperties": false, - "properties": { - "ClientProperties": { - "additionalProperties": true, - "markdownDescription": "Properties of the Apache Kafka producer client.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "ClientProperties", - "type": "object" - }, - "DestinationArn": { - "markdownDescription": "The ARN of Kafka action's VPC `TopicRuleDestination` .", - "title": "DestinationArn", - "type": "string" - }, - "Headers": { + "Exclusions": { "items": { - "$ref": "#/definitions/AWS::IoT::TopicRule.KafkaActionHeader" + "type": "string" }, - "markdownDescription": "The list of Kafka headers that you specify.", - "title": "Headers", + "markdownDescription": "A list of glob patterns used to exclude from the crawl. For more information, see [Catalog Tables with a Crawler](https://docs.aws.amazon.com/glue/latest/dg/add-crawler.html) .", + "title": "Exclusions", "type": "array" }, - "Key": { - "markdownDescription": "The Kafka message key.", - "title": "Key", - "type": "string" - }, - "Partition": { - "markdownDescription": "The Kafka message partition.", - "title": "Partition", - "type": "string" - }, - "Topic": { - "markdownDescription": "The Kafka topic for messages to be sent to the Kafka broker.", - "title": "Topic", - "type": "string" - } - }, - "required": [ - "ClientProperties", - "DestinationArn", - "Topic" - ], - "type": "object" - }, - "AWS::IoT::TopicRule.KafkaActionHeader": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "The key of the Kafka header.", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "The value of the Kafka header.", - "title": "Value", + "Path": { + "markdownDescription": "The path of the JDBC target.", + "title": "Path", "type": "string" } }, - "required": [ - "Key", - "Value" - ], "type": "object" }, - "AWS::IoT::TopicRule.KinesisAction": { + "AWS::Glue::Crawler.LakeFormationConfiguration": { "additionalProperties": false, "properties": { - "PartitionKey": { - "markdownDescription": "The partition key.", - "title": "PartitionKey", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role that grants access to the Amazon Kinesis stream.", - "title": "RoleArn", + "AccountId": { + "markdownDescription": "Required for cross account crawls. For same account crawls as the target data, this can be left as null.", + "title": "AccountId", "type": "string" }, - "StreamName": { - "markdownDescription": "The name of the Amazon Kinesis stream.", - "title": "StreamName", - "type": "string" - } - }, - "required": [ - "RoleArn", - "StreamName" - ], - "type": "object" - }, - "AWS::IoT::TopicRule.LambdaAction": { - "additionalProperties": false, - "properties": { - "FunctionArn": { - "markdownDescription": "The ARN of the Lambda function.", - "title": "FunctionArn", - "type": "string" + "UseLakeFormationCredentials": { + "markdownDescription": "Specifies whether to use AWS Lake Formation credentials for the crawler instead of the IAM role credentials.", + "title": "UseLakeFormationCredentials", + "type": "boolean" } }, "type": "object" }, - "AWS::IoT::TopicRule.LocationAction": { + "AWS::Glue::Crawler.MongoDBTarget": { "additionalProperties": false, "properties": { - "DeviceId": { - "markdownDescription": "The unique ID of the device providing the location data.", - "title": "DeviceId", - "type": "string" - }, - "Latitude": { - "markdownDescription": "A string that evaluates to a double value that represents the latitude of the device's location.", - "title": "Latitude", - "type": "string" - }, - "Longitude": { - "markdownDescription": "A string that evaluates to a double value that represents the longitude of the device's location.", - "title": "Longitude", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The IAM role that grants permission to write to the Amazon Location resource.", - "title": "RoleArn", + "ConnectionName": { + "markdownDescription": "The name of the connection to use to connect to the Amazon DocumentDB or MongoDB target.", + "title": "ConnectionName", "type": "string" }, - "Timestamp": { - "$ref": "#/definitions/AWS::IoT::TopicRule.Timestamp", - "markdownDescription": "The time that the location data was sampled. The default value is the time the MQTT message was processed.", - "title": "Timestamp" - }, - "TrackerName": { - "markdownDescription": "The name of the tracker resource in Amazon Location in which the location is updated.", - "title": "TrackerName", + "Path": { + "markdownDescription": "The path of the Amazon DocumentDB or MongoDB target (database/collection).", + "title": "Path", "type": "string" } }, - "required": [ - "DeviceId", - "Latitude", - "Longitude", - "RoleArn", - "TrackerName" - ], "type": "object" }, - "AWS::IoT::TopicRule.OpenSearchAction": { + "AWS::Glue::Crawler.RecrawlPolicy": { "additionalProperties": false, "properties": { - "Endpoint": { - "markdownDescription": "The endpoint of your OpenSearch domain.", - "title": "Endpoint", - "type": "string" - }, - "Id": { - "markdownDescription": "The unique identifier for the document you are storing.", - "title": "Id", - "type": "string" - }, - "Index": { - "markdownDescription": "The OpenSearch index where you want to store your data.", - "title": "Index", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The IAM role ARN that has access to OpenSearch.", - "title": "RoleArn", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of document you are storing.", - "title": "Type", + "RecrawlBehavior": { + "markdownDescription": "Specifies whether to crawl the entire dataset again or to crawl only folders that were added since the last crawler run.\n\nA value of `CRAWL_EVERYTHING` specifies crawling the entire dataset again.\n\nA value of `CRAWL_NEW_FOLDERS_ONLY` specifies crawling only folders that were added since the last crawler run.\n\nA value of `CRAWL_EVENT_MODE` specifies crawling only the changes identified by Amazon S3 events.", + "title": "RecrawlBehavior", "type": "string" } }, - "required": [ - "Endpoint", - "Id", - "Index", - "RoleArn", - "Type" - ], "type": "object" }, - "AWS::IoT::TopicRule.PutAssetPropertyValueEntry": { + "AWS::Glue::Crawler.S3Target": { "additionalProperties": false, "properties": { - "AssetId": { - "markdownDescription": "The ID of the AWS IoT SiteWise asset. You must specify either a `propertyAlias` or both an `aliasId` and a `propertyId` . Accepts substitution templates.", - "title": "AssetId", - "type": "string" - }, - "EntryId": { - "markdownDescription": "Optional. A unique identifier for this entry that you can define to better track which message caused an error in case of failure. Accepts substitution templates. Defaults to a new UUID.", - "title": "EntryId", + "ConnectionName": { + "markdownDescription": "The name of a connection which allows a job or crawler to access data in Amazon S3 within an Amazon Virtual Private Cloud environment (Amazon VPC).", + "title": "ConnectionName", "type": "string" }, - "PropertyAlias": { - "markdownDescription": "The name of the property alias associated with your asset property. You must specify either a `propertyAlias` or both an `aliasId` and a `propertyId` . Accepts substitution templates.", - "title": "PropertyAlias", + "DlqEventQueueArn": { + "markdownDescription": "A valid Amazon dead-letter SQS ARN. For example, `arn:aws:sqs:region:account:deadLetterQueue` .", + "title": "DlqEventQueueArn", "type": "string" }, - "PropertyId": { - "markdownDescription": "The ID of the asset's property. You must specify either a `propertyAlias` or both an `aliasId` and a `propertyId` . Accepts substitution templates.", - "title": "PropertyId", + "EventQueueArn": { + "markdownDescription": "A valid Amazon SQS ARN. For example, `arn:aws:sqs:region:account:sqs` .", + "title": "EventQueueArn", "type": "string" }, - "PropertyValues": { + "Exclusions": { "items": { - "$ref": "#/definitions/AWS::IoT::TopicRule.AssetPropertyValue" + "type": "string" }, - "markdownDescription": "A list of property values to insert that each contain timestamp, quality, and value (TQV) information.", - "title": "PropertyValues", + "markdownDescription": "A list of glob patterns used to exclude from the crawl. For more information, see [Catalog Tables with a Crawler](https://docs.aws.amazon.com/glue/latest/dg/add-crawler.html) .", + "title": "Exclusions", "type": "array" + }, + "Path": { + "markdownDescription": "The path to the Amazon S3 target.", + "title": "Path", + "type": "string" + }, + "SampleSize": { + "markdownDescription": "Sets the number of files in each leaf folder to be crawled when crawling sample files in a dataset. If not set, all the files are crawled. A valid value is an integer between 1 and 249.", + "title": "SampleSize", + "type": "number" } }, - "required": [ - "PropertyValues" - ], "type": "object" }, - "AWS::IoT::TopicRule.PutItemInput": { + "AWS::Glue::Crawler.Schedule": { "additionalProperties": false, "properties": { - "TableName": { - "markdownDescription": "The table where the message data will be written.", - "title": "TableName", + "ScheduleExpression": { + "markdownDescription": "A `cron` expression used to specify the schedule. For more information, see [Time-Based Schedules for Jobs and Crawlers](https://docs.aws.amazon.com/glue/latest/dg/monitor-data-warehouse-schedule.html) . For example, to run something every day at 12:15 UTC, specify `cron(15 12 * * ? *)` .", + "title": "ScheduleExpression", "type": "string" } }, - "required": [ - "TableName" - ], "type": "object" }, - "AWS::IoT::TopicRule.RepublishAction": { + "AWS::Glue::Crawler.SchemaChangePolicy": { "additionalProperties": false, "properties": { - "Headers": { - "$ref": "#/definitions/AWS::IoT::TopicRule.RepublishActionHeaders", - "markdownDescription": "MQTT Version 5.0 headers information. For more information, see [MQTT](https://docs.aws.amazon.com//iot/latest/developerguide/mqtt.html) in the IoT Core Developer Guide.", - "title": "Headers" - }, - "Qos": { - "markdownDescription": "The Quality of Service (QoS) level to use when republishing messages. The default value is 0.", - "title": "Qos", - "type": "number" - }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role that grants access.", - "title": "RoleArn", + "DeleteBehavior": { + "markdownDescription": "The deletion behavior when the crawler finds a deleted object.\n\nA value of `LOG` specifies that if a table or partition is found to no longer exist, do not delete it, only log that it was found to no longer exist.\n\nA value of `DELETE_FROM_DATABASE` specifies that if a table or partition is found to have been removed, delete it from the database.\n\nA value of `DEPRECATE_IN_DATABASE` specifies that if a table has been found to no longer exist, to add a property to the table that says \"DEPRECATED\" and includes a timestamp with the time of deprecation.", + "title": "DeleteBehavior", "type": "string" }, - "Topic": { - "markdownDescription": "The name of the MQTT topic.", - "title": "Topic", + "UpdateBehavior": { + "markdownDescription": "The update behavior when the crawler finds a changed schema.\n\nA value of `LOG` specifies that if a table or a partition already exists, and a change is detected, do not update it, only log that a change was detected. Add new tables and new partitions (including on existing tables).\n\nA value of `UPDATE_IN_DATABASE` specifies that if a table or partition already exists, and a change is detected, update it. Add new tables and partitions.", + "title": "UpdateBehavior", "type": "string" } }, - "required": [ - "RoleArn", - "Topic" - ], "type": "object" }, - "AWS::IoT::TopicRule.RepublishActionHeaders": { + "AWS::Glue::Crawler.Targets": { "additionalProperties": false, "properties": { - "ContentType": { - "markdownDescription": "A UTF-8 encoded string that describes the content of the publishing message.\n\nFor more information, see [Content Type](https://docs.aws.amazon.com/https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901118) in the MQTT Version 5.0 specification.\n\nSupports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) .", - "title": "ContentType", - "type": "string" - }, - "CorrelationData": { - "markdownDescription": "The base64-encoded binary data used by the sender of the request message to identify which request the response message is for.\n\nFor more information, see [Correlation Data](https://docs.aws.amazon.com/https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901115) in the MQTT Version 5.0 specification.\n\nSupports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) .\n\n> This binary data must be base64-encoded.", - "title": "CorrelationData", - "type": "string" + "CatalogTargets": { + "items": { + "$ref": "#/definitions/AWS::Glue::Crawler.CatalogTarget" + }, + "markdownDescription": "Specifies AWS Glue Data Catalog targets.", + "title": "CatalogTargets", + "type": "array" }, - "MessageExpiry": { - "markdownDescription": "A user-defined integer value that represents the message expiry interval at the broker. If the messages haven't been sent to the subscribers within that interval, the message expires and is removed. The value of `messageExpiry` represents the number of seconds before it expires. For more information about the limits of `messageExpiry` , see [Message broker and protocol limits and quotas](https://docs.aws.amazon.com//general/latest/gr/iot-core.html#limits_iot) in the IoT Core Reference Guide.\n\nSupports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) .", - "title": "MessageExpiry", - "type": "string" + "DeltaTargets": { + "items": { + "$ref": "#/definitions/AWS::Glue::Crawler.DeltaTarget" + }, + "markdownDescription": "Specifies an array of Delta data store targets.", + "title": "DeltaTargets", + "type": "array" }, - "PayloadFormatIndicator": { - "markdownDescription": "An `Enum` string value that indicates whether the payload is formatted as UTF-8.\n\nValid values are `UNSPECIFIED_BYTES` and `UTF8_DATA` .\n\nFor more information, see [Payload Format Indicator](https://docs.aws.amazon.com/https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901111) from the MQTT Version 5.0 specification.\n\nSupports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) .", - "title": "PayloadFormatIndicator", - "type": "string" + "DynamoDBTargets": { + "items": { + "$ref": "#/definitions/AWS::Glue::Crawler.DynamoDBTarget" + }, + "markdownDescription": "Specifies Amazon DynamoDB targets.", + "title": "DynamoDBTargets", + "type": "array" }, - "ResponseTopic": { - "markdownDescription": "A UTF-8 encoded string that's used as the topic name for a response message. The response topic is used to describe the topic to which the receiver should publish as part of the request-response flow. The topic must not contain wildcard characters.\n\nFor more information, see [Response Topic](https://docs.aws.amazon.com/https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901114) in the MQTT Version 5.0 specification.\n\nSupports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) .", - "title": "ResponseTopic", - "type": "string" + "HudiTargets": { + "items": { + "$ref": "#/definitions/AWS::Glue::Crawler.HudiTarget" + }, + "markdownDescription": "", + "title": "HudiTargets", + "type": "array" }, - "UserProperties": { + "IcebergTargets": { "items": { - "$ref": "#/definitions/AWS::IoT::TopicRule.UserProperty" + "$ref": "#/definitions/AWS::Glue::Crawler.IcebergTarget" }, - "markdownDescription": "An array of key-value pairs that you define in the MQTT5 header.", - "title": "UserProperties", + "markdownDescription": "Specifies Apache Iceberg data store targets.", + "title": "IcebergTargets", "type": "array" - } - }, - "type": "object" - }, - "AWS::IoT::TopicRule.S3Action": { - "additionalProperties": false, - "properties": { - "BucketName": { - "markdownDescription": "The Amazon S3 bucket.", - "title": "BucketName", - "type": "string" }, - "CannedAcl": { - "markdownDescription": "The Amazon S3 canned ACL that controls access to the object identified by the object key. For more information, see [S3 canned ACLs](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) .", - "title": "CannedAcl", - "type": "string" + "JdbcTargets": { + "items": { + "$ref": "#/definitions/AWS::Glue::Crawler.JdbcTarget" + }, + "markdownDescription": "Specifies JDBC targets.", + "title": "JdbcTargets", + "type": "array" }, - "Key": { - "markdownDescription": "The object key. For more information, see [Actions, resources, and condition keys for Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/dev/list_amazons3.html) .", - "title": "Key", - "type": "string" + "MongoDBTargets": { + "items": { + "$ref": "#/definitions/AWS::Glue::Crawler.MongoDBTarget" + }, + "markdownDescription": "A list of Mongo DB targets.", + "title": "MongoDBTargets", + "type": "array" }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role that grants access.", - "title": "RoleArn", - "type": "string" + "S3Targets": { + "items": { + "$ref": "#/definitions/AWS::Glue::Crawler.S3Target" + }, + "markdownDescription": "Specifies Amazon Simple Storage Service (Amazon S3) targets.", + "title": "S3Targets", + "type": "array" } }, - "required": [ - "BucketName", - "Key", - "RoleArn" - ], "type": "object" }, - "AWS::IoT::TopicRule.SigV4Authorization": { + "AWS::Glue::CustomEntityType": { "additionalProperties": false, "properties": { - "RoleArn": { - "markdownDescription": "The ARN of the signing role.", - "title": "RoleArn", + "Condition": { "type": "string" }, - "ServiceName": { - "markdownDescription": "The service name to use while signing with Sig V4.", - "title": "ServiceName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SigningRegion": { - "markdownDescription": "The signing region.", - "title": "SigningRegion", - "type": "string" - } - }, - "required": [ - "RoleArn", - "ServiceName", - "SigningRegion" - ], - "type": "object" - }, - "AWS::IoT::TopicRule.SnsAction": { - "additionalProperties": false, - "properties": { - "MessageFormat": { - "markdownDescription": "(Optional) The message format of the message to publish. Accepted values are \"JSON\" and \"RAW\". The default value of the attribute is \"RAW\". SNS uses this setting to determine if the payload should be parsed and relevant platform-specific bits of the payload should be extracted. For more information, see [Amazon SNS Message and JSON Formats](https://docs.aws.amazon.com/sns/latest/dg/json-formats.html) in the *Amazon Simple Notification Service Developer Guide* .", - "title": "MessageFormat", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role that grants access.", - "title": "RoleArn", - "type": "string" + "Metadata": { + "type": "object" }, - "TargetArn": { - "markdownDescription": "The ARN of the SNS topic.", - "title": "TargetArn", - "type": "string" - } - }, - "required": [ - "RoleArn", - "TargetArn" - ], - "type": "object" - }, - "AWS::IoT::TopicRule.SqsAction": { - "additionalProperties": false, - "properties": { - "QueueUrl": { - "markdownDescription": "The URL of the Amazon SQS queue.", - "title": "QueueUrl", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "ContextWords": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of context words. If none of these context words are found within the vicinity of the regular expression the data will not be detected as sensitive data.\n\nIf no context words are passed only a regular expression is checked.", + "title": "ContextWords", + "type": "array" + }, + "Name": { + "markdownDescription": "A name for the custom pattern that allows it to be retrieved or deleted later. This name must be unique per AWS account.", + "title": "Name", + "type": "string" + }, + "RegexString": { + "markdownDescription": "A regular expression string that is used for detecting sensitive data in a custom pattern.", + "title": "RegexString", + "type": "string" + }, + "Tags": { + "markdownDescription": "AWS tags that contain a key value pair and may be searched by console, command line, or API.", + "title": "Tags", + "type": "object" + } + }, + "type": "object" }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role that grants access.", - "title": "RoleArn", + "Type": { + "enum": [ + "AWS::Glue::CustomEntityType" + ], "type": "string" }, - "UseBase64": { - "markdownDescription": "Specifies whether to use Base64 encoding.", - "title": "UseBase64", - "type": "boolean" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "QueueUrl", - "RoleArn" + "Type" ], "type": "object" }, - "AWS::IoT::TopicRule.StepFunctionsAction": { + "AWS::Glue::DataCatalogEncryptionSettings": { "additionalProperties": false, "properties": { - "ExecutionNamePrefix": { - "markdownDescription": "(Optional) A name will be given to the state machine execution consisting of this prefix followed by a UUID. Step Functions automatically creates a unique name for each state machine execution if one is not provided.", - "title": "ExecutionNamePrefix", + "Condition": { "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the role that grants IoT permission to start execution of a state machine (\"Action\":\"states:StartExecution\").", - "title": "RoleArn", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "StateMachineName": { - "markdownDescription": "The name of the Step Functions state machine whose execution will be started.", - "title": "StateMachineName", - "type": "string" - } - }, - "required": [ - "RoleArn", - "StateMachineName" - ], - "type": "object" - }, - "AWS::IoT::TopicRule.Timestamp": { - "additionalProperties": false, - "properties": { - "Unit": { - "markdownDescription": "The precision of the timestamp value that results from the expression described in `value` .", - "title": "Unit", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Value": { - "markdownDescription": "An expression that returns a long epoch time value.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Value" - ], - "type": "object" - }, - "AWS::IoT::TopicRule.TimestreamAction": { - "additionalProperties": false, - "properties": { - "DatabaseName": { - "markdownDescription": "The name of an Amazon Timestream database that has the table to write records into.", - "title": "DatabaseName", - "type": "string" + "Metadata": { + "type": "object" }, - "Dimensions": { - "items": { - "$ref": "#/definitions/AWS::IoT::TopicRule.TimestreamDimension" + "Properties": { + "additionalProperties": false, + "properties": { + "CatalogId": { + "markdownDescription": "The ID of the Data Catalog in which the settings are created.", + "title": "CatalogId", + "type": "string" + }, + "DataCatalogEncryptionSettings": { + "$ref": "#/definitions/AWS::Glue::DataCatalogEncryptionSettings.DataCatalogEncryptionSettings", + "markdownDescription": "Contains configuration information for maintaining Data Catalog security.", + "title": "DataCatalogEncryptionSettings" + } }, - "markdownDescription": "Metadata attributes of the time series that are written in each measure record.", - "title": "Dimensions", - "type": "array" + "required": [ + "CatalogId", + "DataCatalogEncryptionSettings" + ], + "type": "object" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role that grants AWS IoT permission to write to the Timestream database table.", - "title": "RoleArn", + "Type": { + "enum": [ + "AWS::Glue::DataCatalogEncryptionSettings" + ], "type": "string" }, - "TableName": { - "markdownDescription": "The table where the message data will be written.", - "title": "TableName", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "Timestamp": { - "$ref": "#/definitions/AWS::IoT::TopicRule.TimestreamTimestamp", - "markdownDescription": "The value to use for the entry's timestamp. If blank, the time that the entry was processed is used.", - "title": "Timestamp" } }, "required": [ - "DatabaseName", - "Dimensions", - "RoleArn", - "TableName" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoT::TopicRule.TimestreamDimension": { + "AWS::Glue::DataCatalogEncryptionSettings.ConnectionPasswordEncryption": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The metadata dimension name. This is the name of the column in the Amazon Timestream database table record.", - "title": "Name", + "KmsKeyId": { + "markdownDescription": "An AWS KMS key that is used to encrypt the connection password.\n\nIf connection password protection is enabled, the caller of `CreateConnection` and `UpdateConnection` needs at least `kms:Encrypt` permission on the specified AWS KMS key, to encrypt passwords before storing them in the Data Catalog. You can set the decrypt permission to enable or restrict access on the password key according to your security requirements.", + "title": "KmsKeyId", "type": "string" }, - "Value": { - "markdownDescription": "The value to write in this column of the database record.", - "title": "Value", - "type": "string" + "ReturnConnectionPasswordEncrypted": { + "markdownDescription": "When the `ReturnConnectionPasswordEncrypted` flag is set to \"true\", passwords remain encrypted in the responses of `GetConnection` and `GetConnections` . This encryption takes effect independently from catalog encryption.", + "title": "ReturnConnectionPasswordEncrypted", + "type": "boolean" } }, - "required": [ - "Name", - "Value" - ], "type": "object" }, - "AWS::IoT::TopicRule.TimestreamTimestamp": { + "AWS::Glue::DataCatalogEncryptionSettings.DataCatalogEncryptionSettings": { "additionalProperties": false, "properties": { - "Unit": { - "markdownDescription": "The precision of the timestamp value that results from the expression described in `value` .", - "title": "Unit", - "type": "string" + "ConnectionPasswordEncryption": { + "$ref": "#/definitions/AWS::Glue::DataCatalogEncryptionSettings.ConnectionPasswordEncryption", + "markdownDescription": "When connection password protection is enabled, the Data Catalog uses a customer-provided key to encrypt the password as part of `CreateConnection` or `UpdateConnection` and store it in the `ENCRYPTED_PASSWORD` field in the connection properties. You can enable catalog encryption or only password encryption.", + "title": "ConnectionPasswordEncryption" }, - "Value": { - "markdownDescription": "An expression that returns a long epoch time value.", - "title": "Value", - "type": "string" + "EncryptionAtRest": { + "$ref": "#/definitions/AWS::Glue::DataCatalogEncryptionSettings.EncryptionAtRest", + "markdownDescription": "Specifies the encryption-at-rest configuration for the Data Catalog.", + "title": "EncryptionAtRest" } }, - "required": [ - "Unit", - "Value" - ], "type": "object" }, - "AWS::IoT::TopicRule.TopicRulePayload": { + "AWS::Glue::DataCatalogEncryptionSettings.EncryptionAtRest": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::IoT::TopicRule.Action" - }, - "markdownDescription": "The actions associated with the rule.", - "title": "Actions", - "type": "array" - }, - "AwsIotSqlVersion": { - "markdownDescription": "The version of the SQL rules engine to use when evaluating the rule.\n\nThe default value is 2015-10-08.", - "title": "AwsIotSqlVersion", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the rule.", - "title": "Description", + "CatalogEncryptionMode": { + "markdownDescription": "The encryption-at-rest mode for encrypting Data Catalog data.", + "title": "CatalogEncryptionMode", "type": "string" }, - "ErrorAction": { - "$ref": "#/definitions/AWS::IoT::TopicRule.Action", - "markdownDescription": "The action to take when an error occurs.", - "title": "ErrorAction" - }, - "RuleDisabled": { - "markdownDescription": "Specifies whether the rule is disabled.", - "title": "RuleDisabled", - "type": "boolean" - }, - "Sql": { - "markdownDescription": "The SQL statement used to query the topic. For more information, see [AWS IoT SQL Reference](https://docs.aws.amazon.com/iot/latest/developerguide/iot-sql-reference.html) in the *AWS IoT Developer Guide* .", - "title": "Sql", - "type": "string" - } - }, - "required": [ - "Actions", - "Sql" - ], - "type": "object" - }, - "AWS::IoT::TopicRule.UserProperty": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "A key to be specified in `UserProperty` .", - "title": "Key", + "CatalogEncryptionServiceRole": { + "markdownDescription": "The role that AWS Glue assumes to encrypt and decrypt the Data Catalog objects on the caller's behalf.", + "title": "CatalogEncryptionServiceRole", "type": "string" }, - "Value": { - "markdownDescription": "A value to be specified in `UserProperty` .", - "title": "Value", + "SseAwsKmsKeyId": { + "markdownDescription": "The ID of the AWS KMS key to use for encryption at rest.", + "title": "SseAwsKmsKeyId", "type": "string" } }, - "required": [ - "Key", - "Value" - ], "type": "object" }, - "AWS::IoT::TopicRuleDestination": { + "AWS::Glue::DataQualityRuleset": { "additionalProperties": false, "properties": { "Condition": { @@ -124684,27 +129953,42 @@ "Properties": { "additionalProperties": false, "properties": { - "HttpUrlProperties": { - "$ref": "#/definitions/AWS::IoT::TopicRuleDestination.HttpUrlDestinationSummary", - "markdownDescription": "Properties of the HTTP URL.", - "title": "HttpUrlProperties" + "ClientToken": { + "markdownDescription": "Used for idempotency and is recommended to be set to a random ID (such as a UUID) to avoid creating or starting multiple instances of the same resource.", + "title": "ClientToken", + "type": "string" }, - "Status": { - "markdownDescription": "- **IN_PROGRESS** - A topic rule destination was created but has not been confirmed. You can set status to `IN_PROGRESS` by calling `UpdateTopicRuleDestination` . Calling `UpdateTopicRuleDestination` causes a new confirmation challenge to be sent to your confirmation endpoint.\n- **ENABLED** - Confirmation was completed, and traffic to this destination is allowed. You can set status to `DISABLED` by calling `UpdateTopicRuleDestination` .\n- **DISABLED** - Confirmation was completed, and traffic to this destination is not allowed. You can set status to `ENABLED` by calling `UpdateTopicRuleDestination` .\n- **ERROR** - Confirmation could not be completed; for example, if the confirmation timed out. You can call `GetTopicRuleDestination` for details about the error. You can set status to `IN_PROGRESS` by calling `UpdateTopicRuleDestination` . Calling `UpdateTopicRuleDestination` causes a new confirmation challenge to be sent to your confirmation endpoint.", - "title": "Status", + "Description": { + "markdownDescription": "A description of the data quality ruleset.", + "title": "Description", "type": "string" }, - "VpcProperties": { - "$ref": "#/definitions/AWS::IoT::TopicRuleDestination.VpcDestinationProperties", - "markdownDescription": "Properties of the virtual private cloud (VPC) connection.", - "title": "VpcProperties" + "Name": { + "markdownDescription": "The name of the data quality ruleset.", + "title": "Name", + "type": "string" + }, + "Ruleset": { + "markdownDescription": "A Data Quality Definition Language (DQDL) ruleset. For more information see the AWS Glue Developer Guide.", + "title": "Ruleset", + "type": "string" + }, + "Tags": { + "markdownDescription": "A list of tags applied to the data quality ruleset.", + "title": "Tags", + "type": "object" + }, + "TargetTable": { + "$ref": "#/definitions/AWS::Glue::DataQualityRuleset.DataQualityTargetTable", + "markdownDescription": "An object representing an AWS Glue table.", + "title": "TargetTable" } }, "type": "object" }, "Type": { "enum": [ - "AWS::IoT::TopicRuleDestination" + "AWS::Glue::DataQualityRuleset" ], "type": "string" }, @@ -124722,50 +130006,23 @@ ], "type": "object" }, - "AWS::IoT::TopicRuleDestination.HttpUrlDestinationSummary": { - "additionalProperties": false, - "properties": { - "ConfirmationUrl": { - "markdownDescription": "The URL used to confirm the HTTP topic rule destination URL.", - "title": "ConfirmationUrl", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoT::TopicRuleDestination.VpcDestinationProperties": { + "AWS::Glue::DataQualityRuleset.DataQualityTargetTable": { "additionalProperties": false, "properties": { - "RoleArn": { - "markdownDescription": "The ARN of a role that has permission to create and attach to elastic network interfaces (ENIs).", - "title": "RoleArn", + "DatabaseName": { + "markdownDescription": "The name of the database where the AWS Glue table exists.", + "title": "DatabaseName", "type": "string" }, - "SecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "The security groups of the VPC destination.", - "title": "SecurityGroups", - "type": "array" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The subnet IDs of the VPC destination.", - "title": "SubnetIds", - "type": "array" - }, - "VpcId": { - "markdownDescription": "The ID of the VPC.", - "title": "VpcId", + "TableName": { + "markdownDescription": "The name of the AWS Glue table.", + "title": "TableName", "type": "string" } }, "type": "object" }, - "AWS::IoTAnalytics::Channel": { + "AWS::Glue::Database": { "additionalProperties": false, "properties": { "Condition": { @@ -124800,35 +130057,31 @@ "Properties": { "additionalProperties": false, "properties": { - "ChannelName": { - "markdownDescription": "The name of the channel.", - "title": "ChannelName", + "CatalogId": { + "markdownDescription": "The AWS account ID for the account in which to create the catalog object.\n\n> To specify the account ID, you can use the `Ref` intrinsic function with the `AWS::AccountId` pseudo parameter. For example: `!Ref AWS::AccountId`", + "title": "CatalogId", "type": "string" }, - "ChannelStorage": { - "$ref": "#/definitions/AWS::IoTAnalytics::Channel.ChannelStorage", - "markdownDescription": "Where channel data is stored.", - "title": "ChannelStorage" - }, - "RetentionPeriod": { - "$ref": "#/definitions/AWS::IoTAnalytics::Channel.RetentionPeriod", - "markdownDescription": "How long, in days, message data is kept for the channel.", - "title": "RetentionPeriod" + "DatabaseInput": { + "$ref": "#/definitions/AWS::Glue::Database.DatabaseInput", + "markdownDescription": "The metadata for the database.", + "title": "DatabaseInput" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata which can be used to manage the channel.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" + "DatabaseName": { + "markdownDescription": "The name of the catalog database.", + "title": "DatabaseName", + "type": "string" } }, + "required": [ + "CatalogId", + "DatabaseInput" + ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTAnalytics::Channel" + "AWS::Glue::Database" ], "type": "string" }, @@ -124842,68 +130095,123 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoTAnalytics::Channel.ChannelStorage": { + "AWS::Glue::Database.DataLakePrincipal": { "additionalProperties": false, "properties": { - "CustomerManagedS3": { - "$ref": "#/definitions/AWS::IoTAnalytics::Channel.CustomerManagedS3", - "markdownDescription": "Used to store channel data in an S3 bucket that you manage. If customer managed storage is selected, the `retentionPeriod` parameter is ignored. You can't change the choice of S3 storage after the data store is created.", - "title": "CustomerManagedS3" + "DataLakePrincipalIdentifier": { + "markdownDescription": "An identifier for the AWS Lake Formation principal.", + "title": "DataLakePrincipalIdentifier", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Glue::Database.DatabaseIdentifier": { + "additionalProperties": false, + "properties": { + "CatalogId": { + "markdownDescription": "The ID of the Data Catalog in which the database resides.", + "title": "CatalogId", + "type": "string" }, - "ServiceManagedS3": { - "markdownDescription": "Used to store channel data in an S3 bucket managed by AWS IoT Analytics . You can't change the choice of S3 storage after the data store is created.", - "title": "ServiceManagedS3", - "type": "object" + "DatabaseName": { + "markdownDescription": "The name of the catalog database.", + "title": "DatabaseName", + "type": "string" + }, + "Region": { + "markdownDescription": "The Region of the database.", + "title": "Region", + "type": "string" } }, "type": "object" }, - "AWS::IoTAnalytics::Channel.CustomerManagedS3": { + "AWS::Glue::Database.DatabaseInput": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The name of the S3 bucket in which channel data is stored.", - "title": "Bucket", + "CreateTableDefaultPermissions": { + "items": { + "$ref": "#/definitions/AWS::Glue::Database.PrincipalPrivileges" + }, + "markdownDescription": "Creates a set of default permissions on the table for principals. Used by AWS Lake Formation . Not used in the normal course of AWS Glue operations.", + "title": "CreateTableDefaultPermissions", + "type": "array" + }, + "Description": { + "markdownDescription": "A description of the database.", + "title": "Description", "type": "string" }, - "KeyPrefix": { - "markdownDescription": "(Optional) The prefix used to create the keys of the channel data objects. Each object in an S3 bucket has a key that is its unique identifier within the bucket (each object in a bucket has exactly one key). The prefix must end with a forward slash (/).", - "title": "KeyPrefix", + "FederatedDatabase": { + "$ref": "#/definitions/AWS::Glue::Database.FederatedDatabase", + "markdownDescription": "A `FederatedDatabase` structure that references an entity outside the AWS Glue Data Catalog .", + "title": "FederatedDatabase" + }, + "LocationUri": { + "markdownDescription": "The location of the database (for example, an HDFS path).", + "title": "LocationUri", "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the role that grants AWS IoT Analytics permission to interact with your Amazon S3 resources.", - "title": "RoleArn", + "Name": { + "markdownDescription": "The name of the database. For Hive compatibility, this is folded to lowercase when it is stored.", + "title": "Name", "type": "string" + }, + "Parameters": { + "markdownDescription": "These key-value pairs define parameters and properties of the database.", + "title": "Parameters", + "type": "object" + }, + "TargetDatabase": { + "$ref": "#/definitions/AWS::Glue::Database.DatabaseIdentifier", + "markdownDescription": "A `DatabaseIdentifier` structure that describes a target database for resource linking.", + "title": "TargetDatabase" } }, - "required": [ - "Bucket", - "RoleArn" - ], "type": "object" }, - "AWS::IoTAnalytics::Channel.RetentionPeriod": { + "AWS::Glue::Database.FederatedDatabase": { "additionalProperties": false, "properties": { - "NumberOfDays": { - "markdownDescription": "The number of days that message data is kept. The `unlimited` parameter must be false.", - "title": "NumberOfDays", - "type": "number" + "ConnectionName": { + "markdownDescription": "The name of the connection to the external metastore.", + "title": "ConnectionName", + "type": "string" }, - "Unlimited": { - "markdownDescription": "If true, message data is kept indefinitely.", - "title": "Unlimited", - "type": "boolean" + "Identifier": { + "markdownDescription": "A unique identifier for the federated database.", + "title": "Identifier", + "type": "string" } }, "type": "object" }, - "AWS::IoTAnalytics::Dataset": { + "AWS::Glue::Database.PrincipalPrivileges": { + "additionalProperties": false, + "properties": { + "Permissions": { + "items": { + "type": "string" + }, + "markdownDescription": "The permissions that are granted to the principal.", + "title": "Permissions", + "type": "array" + }, + "Principal": { + "$ref": "#/definitions/AWS::Glue::Database.DataLakePrincipal", + "markdownDescription": "The principal who is granted permissions.", + "title": "Principal" + } + }, + "type": "object" + }, + "AWS::Glue::DevEndpoint": { "additionalProperties": false, "properties": { "Condition": { @@ -124938,70 +130246,96 @@ "Properties": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.Action" - }, - "markdownDescription": "The `DatasetAction` objects that automatically create the dataset contents.", - "title": "Actions", - "type": "array" + "Arguments": { + "markdownDescription": "A map of arguments used to configure the `DevEndpoint` .\n\nValid arguments are:\n\n- `\"--enable-glue-datacatalog\": \"\"`\n- `\"GLUE_PYTHON_VERSION\": \"3\"`\n- `\"GLUE_PYTHON_VERSION\": \"2\"`\n\nYou can specify a version of Python support for development endpoints by using the `Arguments` parameter in the `CreateDevEndpoint` or `UpdateDevEndpoint` APIs. If no arguments are provided, the version defaults to Python 2.", + "title": "Arguments", + "type": "object" }, - "ContentDeliveryRules": { - "items": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.DatasetContentDeliveryRule" - }, - "markdownDescription": "When dataset contents are created they are delivered to destinations specified here.", - "title": "ContentDeliveryRules", - "type": "array" + "EndpointName": { + "markdownDescription": "The name of the `DevEndpoint` .", + "title": "EndpointName", + "type": "string" }, - "DatasetName": { - "markdownDescription": "The name of the dataset.", - "title": "DatasetName", + "ExtraJarsS3Path": { + "markdownDescription": "The path to one or more Java `.jar` files in an S3 bucket that should be loaded in your `DevEndpoint` .\n\n> You can only use pure Java/Scala libraries with a `DevEndpoint` .", + "title": "ExtraJarsS3Path", "type": "string" }, - "LateDataRules": { - "items": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.LateDataRule" - }, - "markdownDescription": "A list of data rules that send notifications to CloudWatch, when data arrives late. To specify `lateDataRules` , the dataset must use a [DeltaTimer](https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_DeltaTime.html) filter.", - "title": "LateDataRules", - "type": "array" + "ExtraPythonLibsS3Path": { + "markdownDescription": "The paths to one or more Python libraries in an Amazon S3 bucket that should be loaded in your `DevEndpoint` . Multiple values must be complete paths separated by a comma.\n\n> You can only use pure Python libraries with a `DevEndpoint` . Libraries that rely on C extensions, such as the [pandas](https://docs.aws.amazon.com/http://pandas.pydata.org/) Python data analysis library, are not currently supported.", + "title": "ExtraPythonLibsS3Path", + "type": "string" }, - "RetentionPeriod": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.RetentionPeriod", - "markdownDescription": "Optional. How long, in days, message data is kept for the dataset.", - "title": "RetentionPeriod" + "GlueVersion": { + "markdownDescription": "The AWS Glue version determines the versions of Apache Spark and Python that AWS Glue supports. The Python version indicates the version supported for running your ETL scripts on development endpoints.\n\nFor more information about the available AWS Glue versions and corresponding Spark and Python versions, see [Glue version](https://docs.aws.amazon.com/glue/latest/dg/add-job.html) in the developer guide.\n\nDevelopment endpoints that are created without specifying a Glue version default to Glue 0.9.\n\nYou can specify a version of Python support for development endpoints by using the `Arguments` parameter in the `CreateDevEndpoint` or `UpdateDevEndpoint` APIs. If no arguments are provided, the version defaults to Python 2.", + "title": "GlueVersion", + "type": "string" }, - "Tags": { + "NumberOfNodes": { + "markdownDescription": "The number of AWS Glue Data Processing Units (DPUs) allocated to this `DevEndpoint` .", + "title": "NumberOfNodes", + "type": "number" + }, + "NumberOfWorkers": { + "markdownDescription": "The number of workers of a defined `workerType` that are allocated to the development endpoint.\n\nThe maximum number of workers you can define are 299 for `G.1X` , and 149 for `G.2X` .", + "title": "NumberOfWorkers", + "type": "number" + }, + "PublicKey": { + "markdownDescription": "The public key to be used by this `DevEndpoint` for authentication. This attribute is provided for backward compatibility because the recommended attribute to use is public keys.", + "title": "PublicKey", + "type": "string" + }, + "PublicKeys": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "Metadata which can be used to manage the data set.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", + "markdownDescription": "A list of public keys to be used by the `DevEndpoints` for authentication. Using this attribute is preferred over a single public key because the public keys allow you to have a different private key per client.\n\n> If you previously created an endpoint with a public key, you must remove that key to be able to set a list of public keys. Call the `UpdateDevEndpoint` API operation with the public key content in the `deletePublicKeys` attribute, and the list of new keys in the `addPublicKeys` attribute.", + "title": "PublicKeys", "type": "array" }, - "Triggers": { + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role used in this `DevEndpoint` .", + "title": "RoleArn", + "type": "string" + }, + "SecurityConfiguration": { + "markdownDescription": "The name of the `SecurityConfiguration` structure to be used with this `DevEndpoint` .", + "title": "SecurityConfiguration", + "type": "string" + }, + "SecurityGroupIds": { "items": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.Trigger" + "type": "string" }, - "markdownDescription": "The `DatasetTrigger` objects that specify when the dataset is automatically updated.", - "title": "Triggers", + "markdownDescription": "A list of security group identifiers used in this `DevEndpoint` .", + "title": "SecurityGroupIds", "type": "array" }, - "VersioningConfiguration": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.VersioningConfiguration", - "markdownDescription": "Optional. How many versions of dataset contents are kept. If not specified or set to null, only the latest version plus the latest succeeded version (if they are different) are kept for the time period specified by the `retentionPeriod` parameter. For more information, see [Keeping Multiple Versions of AWS IoT Analytics datasets](https://docs.aws.amazon.com/iotanalytics/latest/userguide/getting-started.html#aws-iot-analytics-dataset-versions) in the *AWS IoT Analytics User Guide* .", - "title": "VersioningConfiguration" + "SubnetId": { + "markdownDescription": "The subnet ID for this `DevEndpoint` .", + "title": "SubnetId", + "type": "string" + }, + "Tags": { + "markdownDescription": "The tags to use with this DevEndpoint.", + "title": "Tags", + "type": "object" + }, + "WorkerType": { + "markdownDescription": "The type of predefined worker that is allocated to the development endpoint. Accepts a value of Standard, G.1X, or G.2X.\n\n- For the `Standard` worker type, each worker provides 4 vCPU, 16 GB of memory and a 50GB disk, and 2 executors per worker.\n- For the `G.1X` worker type, each worker maps to 1 DPU (4 vCPU, 16 GB of memory, 64 GB disk), and provides 1 executor per worker. We recommend this worker type for memory-intensive jobs.\n- For the `G.2X` worker type, each worker maps to 2 DPU (8 vCPU, 32 GB of memory, 128 GB disk), and provides 1 executor per worker. We recommend this worker type for memory-intensive jobs.\n\nKnown issue: when a development endpoint is created with the `G.2X` `WorkerType` configuration, the Spark drivers for the development endpoint will run on 4 vCPU, 16 GB of memory, and a 64 GB disk.", + "title": "WorkerType", + "type": "string" } }, "required": [ - "Actions" + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTAnalytics::Dataset" + "AWS::Glue::DevEndpoint" ], "type": "string" }, @@ -125020,168 +130354,424 @@ ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.Action": { + "AWS::Glue::Job": { "additionalProperties": false, "properties": { - "ActionName": { - "markdownDescription": "The name of the data set action by which data set contents are automatically created.", - "title": "ActionName", + "Condition": { "type": "string" }, - "ContainerAction": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.ContainerAction", - "markdownDescription": "Information which allows the system to run a containerized application in order to create the data set contents. The application must be in a Docker container along with any needed support libraries.", - "title": "ContainerAction" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "QueryAction": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.QueryAction", - "markdownDescription": "An \"SqlQueryDatasetAction\" object that uses an SQL query to automatically create data set contents.", - "title": "QueryAction" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AllocatedCapacity": { + "markdownDescription": "This parameter is no longer supported. Use `MaxCapacity` instead.\n\nThe number of capacity units that are allocated to this job.", + "title": "AllocatedCapacity", + "type": "number" + }, + "Command": { + "$ref": "#/definitions/AWS::Glue::Job.JobCommand", + "markdownDescription": "The code that executes a job.", + "title": "Command" + }, + "Connections": { + "$ref": "#/definitions/AWS::Glue::Job.ConnectionsList", + "markdownDescription": "The connections used for this job.", + "title": "Connections" + }, + "DefaultArguments": { + "markdownDescription": "The default arguments for this job, specified as name-value pairs.\n\nYou can specify arguments here that your own job-execution script consumes, in addition to arguments that AWS Glue itself consumes.\n\nFor information about how to specify and consume your own job arguments, see [Calling AWS Glue APIs in Python](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-python-calling.html) in the *AWS Glue Developer Guide* .\n\nFor information about the key-value pairs that AWS Glue consumes to set up your job, see [Special Parameters Used by AWS Glue](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-etl-glue-arguments.html) in the *AWS Glue Developer Guide* .", + "title": "DefaultArguments", + "type": "object" + }, + "Description": { + "markdownDescription": "A description of the job.", + "title": "Description", + "type": "string" + }, + "ExecutionClass": { + "markdownDescription": "Indicates whether the job is run with a standard or flexible execution class. The standard execution class is ideal for time-sensitive workloads that require fast job startup and dedicated resources.\n\nThe flexible execution class is appropriate for time-insensitive jobs whose start and completion times may vary.\n\nOnly jobs with AWS Glue version 3.0 and above and command type `glueetl` will be allowed to set `ExecutionClass` to `FLEX` . The flexible execution class is available for Spark jobs.", + "title": "ExecutionClass", + "type": "string" + }, + "ExecutionProperty": { + "$ref": "#/definitions/AWS::Glue::Job.ExecutionProperty", + "markdownDescription": "The maximum number of concurrent runs that are allowed for this job.", + "title": "ExecutionProperty" + }, + "GlueVersion": { + "markdownDescription": "Glue version determines the versions of Apache Spark and Python that AWS Glue supports. The Python version indicates the version supported for jobs of type Spark.\n\nFor more information about the available AWS Glue versions and corresponding Spark and Python versions, see [Glue version](https://docs.aws.amazon.com/glue/latest/dg/add-job.html) in the developer guide.\n\nJobs that are created without specifying a Glue version default to the latest Glue version available.", + "title": "GlueVersion", + "type": "string" + }, + "JobMode": { + "markdownDescription": "A mode that describes how a job was created. Valid values are:\n\n- `SCRIPT` - The job was created using the AWS Glue Studio script editor.\n- `VISUAL` - The job was created using the AWS Glue Studio visual editor.\n- `NOTEBOOK` - The job was created using an interactive sessions notebook.\n\nWhen the `JobMode` field is missing or null, `SCRIPT` is assigned as the default value.", + "title": "JobMode", + "type": "string" + }, + "JobRunQueuingEnabled": { + "markdownDescription": "Specifies whether job run queuing is enabled for the job runs for this job.\n\nA value of true means job run queuing is enabled for the job runs. If false or not populated, the job runs will not be considered for queueing.\n\nIf this field does not match the value set in the job run, then the value from the job run field will be used.", + "title": "JobRunQueuingEnabled", + "type": "boolean" + }, + "LogUri": { + "markdownDescription": "This field is reserved for future use.", + "title": "LogUri", + "type": "string" + }, + "MaintenanceWindow": { + "markdownDescription": "This field specifies a day of the week and hour for a maintenance window for streaming jobs. AWS Glue periodically performs maintenance activities. During these maintenance windows, AWS Glue will need to restart your streaming jobs.\n\nAWS Glue will restart the job within 3 hours of the specified maintenance window. For instance, if you set up the maintenance window for Monday at 10:00AM GMT, your jobs will be restarted between 10:00AM GMT to 1:00PM GMT.", + "title": "MaintenanceWindow", + "type": "string" + }, + "MaxCapacity": { + "markdownDescription": "The number of AWS Glue data processing units (DPUs) that can be allocated when this job runs. A DPU is a relative measure of processing power that consists of 4 vCPUs of compute capacity and 16 GB of memory.\n\nDo not set `Max Capacity` if using `WorkerType` and `NumberOfWorkers` .\n\nThe value that can be allocated for `MaxCapacity` depends on whether you are running a Python shell job or an Apache Spark ETL job:\n\n- When you specify a Python shell job ( `JobCommand.Name` =\"pythonshell\"), you can allocate either 0.0625 or 1 DPU. The default is 0.0625 DPU.\n- When you specify an Apache Spark ETL job ( `JobCommand.Name` =\"glueetl\"), you can allocate from 2 to 100 DPUs. The default is 10 DPUs. This job type cannot have a fractional DPU allocation.", + "title": "MaxCapacity", + "type": "number" + }, + "MaxRetries": { + "markdownDescription": "The maximum number of times to retry this job after a JobRun fails.", + "title": "MaxRetries", + "type": "number" + }, + "Name": { + "markdownDescription": "The name you assign to this job definition.", + "title": "Name", + "type": "string" + }, + "NonOverridableArguments": { + "markdownDescription": "Non-overridable arguments for this job, specified as name-value pairs.", + "title": "NonOverridableArguments", + "type": "object" + }, + "NotificationProperty": { + "$ref": "#/definitions/AWS::Glue::Job.NotificationProperty", + "markdownDescription": "Specifies configuration properties of a notification.", + "title": "NotificationProperty" + }, + "NumberOfWorkers": { + "markdownDescription": "The number of workers of a defined `workerType` that are allocated when a job runs.\n\nThe maximum number of workers you can define are 299 for `G.1X` , and 149 for `G.2X` .", + "title": "NumberOfWorkers", + "type": "number" + }, + "Role": { + "markdownDescription": "The name or Amazon Resource Name (ARN) of the IAM role associated with this job.", + "title": "Role", + "type": "string" + }, + "SecurityConfiguration": { + "markdownDescription": "The name of the `SecurityConfiguration` structure to be used with this job.", + "title": "SecurityConfiguration", + "type": "string" + }, + "Tags": { + "markdownDescription": "The tags to use with this job.", + "title": "Tags", + "type": "object" + }, + "Timeout": { + "markdownDescription": "The job timeout in minutes. This is the maximum time that a job run can consume resources before it is terminated and enters TIMEOUT status. The default is 2,880 minutes (48 hours).", + "title": "Timeout", + "type": "number" + }, + "WorkerType": { + "markdownDescription": "The type of predefined worker that is allocated when a job runs. Accepts a value of G.1X, G.2X, G.4X, G.8X or G.025X for Spark jobs. Accepts the value Z.2X for Ray jobs.\n\n- For the `G.1X` worker type, each worker maps to 1 DPU (4 vCPUs, 16 GB of memory) with 94GB disk, and provides 1 executor per worker. We recommend this worker type for workloads such as data transforms, joins, and queries, to offers a scalable and cost effective way to run most jobs.\n- For the `G.2X` worker type, each worker maps to 2 DPU (8 vCPUs, 32 GB of memory) with 138GB disk, and provides 1 executor per worker. We recommend this worker type for workloads such as data transforms, joins, and queries, to offers a scalable and cost effective way to run most jobs.\n- For the `G.4X` worker type, each worker maps to 4 DPU (16 vCPUs, 64 GB of memory) with 256GB disk, and provides 1 executor per worker. We recommend this worker type for jobs whose workloads contain your most demanding transforms, aggregations, joins, and queries. This worker type is available only for AWS Glue version 3.0 or later Spark ETL jobs in the following AWS Regions: US East (Ohio), US East (N. Virginia), US West (N. California), US West (Oregon), Asia Pacific (Mumbai), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Canada (Central), Europe (Frankfurt), Europe (Ireland), Europe (London), Europe (Spain), Europe (Stockholm), and South America (S\u00e3o Paulo).\n- For the `G.8X` worker type, each worker maps to 8 DPU (32 vCPUs, 128 GB of memory) with 512GB disk, and provides 1 executor per worker. We recommend this worker type for jobs whose workloads contain your most demanding transforms, aggregations, joins, and queries. This worker type is available only for AWS Glue version 3.0 or later Spark ETL jobs, in the same AWS Regions as supported for the `G.4X` worker type.\n- For the `G.025X` worker type, each worker maps to 0.25 DPU (2 vCPUs, 4 GB of memory) with 84GB disk, and provides 1 executor per worker. We recommend this worker type for low volume streaming jobs. This worker type is only available for AWS Glue version 3.0 or later streaming jobs.\n- For the `Z.2X` worker type, each worker maps to 2 M-DPU (8vCPUs, 64 GB of memory) with 128 GB disk, and provides up to 8 Ray workers based on the autoscaler.", + "title": "WorkerType", + "type": "string" + } + }, + "required": [ + "Command", + "Role" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Glue::Job" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "ActionName" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.ContainerAction": { + "AWS::Glue::Job.ConnectionsList": { "additionalProperties": false, "properties": { - "ExecutionRoleArn": { - "markdownDescription": "The ARN of the role which gives permission to the system to access needed resources in order to run the \"containerAction\". This includes, at minimum, permission to retrieve the data set contents which are the input to the containerized application.", - "title": "ExecutionRoleArn", - "type": "string" - }, - "Image": { - "markdownDescription": "The ARN of the Docker container stored in your account. The Docker container contains an application and needed support libraries and is used to generate data set contents.", - "title": "Image", - "type": "string" - }, - "ResourceConfiguration": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.ResourceConfiguration", - "markdownDescription": "Configuration of the resource which executes the \"containerAction\".", - "title": "ResourceConfiguration" - }, - "Variables": { + "Connections": { "items": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.Variable" + "type": "string" }, - "markdownDescription": "The values of variables used within the context of the execution of the containerized application (basically, parameters passed to the application). Each variable must have a name and a value given by one of \"stringValue\", \"datasetContentVersionValue\", or \"outputFileUriValue\".", - "title": "Variables", + "markdownDescription": "A list of connections used by the job.", + "title": "Connections", "type": "array" } }, - "required": [ - "ExecutionRoleArn", - "Image", - "ResourceConfiguration" - ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.DatasetContentDeliveryRule": { + "AWS::Glue::Job.ExecutionProperty": { "additionalProperties": false, "properties": { - "Destination": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.DatasetContentDeliveryRuleDestination", - "markdownDescription": "The destination to which dataset contents are delivered.", - "title": "Destination" - }, - "EntryName": { - "markdownDescription": "The name of the dataset content delivery rules entry.", - "title": "EntryName", - "type": "string" + "MaxConcurrentRuns": { + "markdownDescription": "The maximum number of concurrent runs allowed for the job. The default is 1. An error is returned when this threshold is reached. The maximum value you can specify is controlled by a service limit.", + "title": "MaxConcurrentRuns", + "type": "number" } }, - "required": [ - "Destination" - ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.DatasetContentDeliveryRuleDestination": { + "AWS::Glue::Job.JobCommand": { "additionalProperties": false, "properties": { - "IotEventsDestinationConfiguration": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.IotEventsDestinationConfiguration", - "markdownDescription": "Configuration information for delivery of dataset contents to AWS IoT Events .", - "title": "IotEventsDestinationConfiguration" + "Name": { + "markdownDescription": "The name of the job command. For an Apache Spark ETL job, this must be `glueetl` . For a Python shell job, it must be `pythonshell` . For an Apache Spark streaming ETL job, this must be `gluestreaming` . For a Ray job, this must be `glueray` .", + "title": "Name", + "type": "string" }, - "S3DestinationConfiguration": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.S3DestinationConfiguration", - "markdownDescription": "Configuration information for delivery of dataset contents to Amazon S3.", - "title": "S3DestinationConfiguration" + "PythonVersion": { + "markdownDescription": "The Python version being used to execute a Python shell job. Allowed values are 3 or 3.9. Version 2 is deprecated.", + "title": "PythonVersion", + "type": "string" + }, + "Runtime": { + "markdownDescription": "In Ray jobs, Runtime is used to specify the versions of Ray, Python and additional libraries available in your environment. This field is not used in other job types. For supported runtime environment values, see [Working with Ray jobs](https://docs.aws.amazon.com/glue/latest/dg/ray-jobs-section.html) in the AWS Glue Developer Guide.", + "title": "Runtime", + "type": "string" + }, + "ScriptLocation": { + "markdownDescription": "Specifies the Amazon Simple Storage Service (Amazon S3) path to a script that executes a job (required).", + "title": "ScriptLocation", + "type": "string" } }, "type": "object" }, - "AWS::IoTAnalytics::Dataset.DatasetContentVersionValue": { + "AWS::Glue::Job.NotificationProperty": { "additionalProperties": false, "properties": { - "DatasetName": { - "markdownDescription": "The name of the dataset whose latest contents are used as input to the notebook or application.", - "title": "DatasetName", - "type": "string" + "NotifyDelayAfter": { + "markdownDescription": "After a job run starts, the number of minutes to wait before sending a job run delay notification.", + "title": "NotifyDelayAfter", + "type": "number" } }, - "required": [ - "DatasetName" - ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.DeltaTime": { + "AWS::Glue::MLTransform": { "additionalProperties": false, "properties": { - "OffsetSeconds": { - "markdownDescription": "The number of seconds of estimated in-flight lag time of message data. When you create dataset contents using message data from a specified timeframe, some message data might still be in flight when processing begins, and so do not arrive in time to be processed. Use this field to make allowances for the in flight time of your message data, so that data not processed from a previous timeframe is included with the next timeframe. Otherwise, missed message data would be excluded from processing during the next timeframe too, because its timestamp places it within the previous timeframe.", - "title": "OffsetSeconds", - "type": "number" + "Condition": { + "type": "string" }, - "TimeExpression": { - "markdownDescription": "An expression by which the time of the message data might be determined. This can be the name of a timestamp field or a SQL expression that is used to derive the time the message data was generated.", - "title": "TimeExpression", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A user-defined, long-form description text for the machine learning transform.", + "title": "Description", + "type": "string" + }, + "GlueVersion": { + "markdownDescription": "This value determines which version of AWS Glue this machine learning transform is compatible with. Glue 1.0 is recommended for most customers. If the value is not set, the Glue compatibility defaults to Glue 0.9. For more information, see [AWS Glue Versions](https://docs.aws.amazon.com/glue/latest/dg/release-notes.html#release-notes-versions) in the developer guide.", + "title": "GlueVersion", + "type": "string" + }, + "InputRecordTables": { + "$ref": "#/definitions/AWS::Glue::MLTransform.InputRecordTables", + "markdownDescription": "A list of AWS Glue table definitions used by the transform.", + "title": "InputRecordTables" + }, + "MaxCapacity": { + "markdownDescription": "The number of AWS Glue data processing units (DPUs) that are allocated to task runs for this transform. You can allocate from 2 to 100 DPUs; the default is 10. A DPU is a relative measure of processing power that consists of 4 vCPUs of compute capacity and 16 GB of memory. For more information, see the [AWS Glue pricing page](https://docs.aws.amazon.com/glue/pricing/) .\n\n`MaxCapacity` is a mutually exclusive option with `NumberOfWorkers` and `WorkerType` .\n\n- If either `NumberOfWorkers` or `WorkerType` is set, then `MaxCapacity` cannot be set.\n- If `MaxCapacity` is set then neither `NumberOfWorkers` or `WorkerType` can be set.\n- If `WorkerType` is set, then `NumberOfWorkers` is required (and vice versa).\n- `MaxCapacity` and `NumberOfWorkers` must both be at least 1.\n\nWhen the `WorkerType` field is set to a value other than `Standard` , the `MaxCapacity` field is set automatically and becomes read-only.", + "title": "MaxCapacity", + "type": "number" + }, + "MaxRetries": { + "markdownDescription": "The maximum number of times to retry after an `MLTaskRun` of the machine learning transform fails.", + "title": "MaxRetries", + "type": "number" + }, + "Name": { + "markdownDescription": "A user-defined name for the machine learning transform. Names are required to be unique. `Name` is optional:\n\n- If you supply `Name` , the stack cannot be repeatedly created.\n- If `Name` is not provided, a randomly generated name will be used instead.", + "title": "Name", + "type": "string" + }, + "NumberOfWorkers": { + "markdownDescription": "The number of workers of a defined `workerType` that are allocated when a task of the transform runs.\n\nIf `WorkerType` is set, then `NumberOfWorkers` is required (and vice versa).", + "title": "NumberOfWorkers", + "type": "number" + }, + "Role": { + "markdownDescription": "The name or Amazon Resource Name (ARN) of the IAM role with the required permissions. The required permissions include both AWS Glue service role permissions to AWS Glue resources, and Amazon S3 permissions required by the transform.\n\n- This role needs AWS Glue service role permissions to allow access to resources in AWS Glue . See [Attach a Policy to IAM Users That Access AWS Glue](https://docs.aws.amazon.com/glue/latest/dg/attach-policy-iam-user.html) .\n- This role needs permission to your Amazon Simple Storage Service (Amazon S3) sources, targets, temporary directory, scripts, and any libraries used by the task run for this transform.", + "title": "Role", + "type": "string" + }, + "Tags": { + "markdownDescription": "The tags to use with this machine learning transform. You may use tags to limit access to the machine learning transform. For more information about tags in AWS Glue , see [AWS Tags in AWS Glue](https://docs.aws.amazon.com/glue/latest/dg/monitor-tags.html) in the developer guide.", + "title": "Tags", + "type": "object" + }, + "Timeout": { + "markdownDescription": "The timeout in minutes of the machine learning transform.", + "title": "Timeout", + "type": "number" + }, + "TransformEncryption": { + "$ref": "#/definitions/AWS::Glue::MLTransform.TransformEncryption", + "markdownDescription": "The encryption-at-rest settings of the transform that apply to accessing user data. Machine learning\ntransforms can access user data encrypted in Amazon S3 using KMS.\n\nAdditionally, imported labels and trained transforms can now be encrypted using a customer provided\nKMS key.", + "title": "TransformEncryption" + }, + "TransformParameters": { + "$ref": "#/definitions/AWS::Glue::MLTransform.TransformParameters", + "markdownDescription": "The algorithm-specific parameters that are associated with the machine learning transform.", + "title": "TransformParameters" + }, + "WorkerType": { + "markdownDescription": "The type of predefined worker that is allocated when a task of this transform runs. Accepts a value of Standard, G.1X, or G.2X.\n\n- For the `Standard` worker type, each worker provides 4 vCPU, 16 GB of memory and a 50GB disk, and 2 executors per worker.\n- For the `G.1X` worker type, each worker provides 4 vCPU, 16 GB of memory and a 64GB disk, and 1 executor per worker.\n- For the `G.2X` worker type, each worker provides 8 vCPU, 32 GB of memory and a 128GB disk, and 1 executor per worker.\n\n`MaxCapacity` is a mutually exclusive option with `NumberOfWorkers` and `WorkerType` .\n\n- If either `NumberOfWorkers` or `WorkerType` is set, then `MaxCapacity` cannot be set.\n- If `MaxCapacity` is set then neither `NumberOfWorkers` or `WorkerType` can be set.\n- If `WorkerType` is set, then `NumberOfWorkers` is required (and vice versa).\n- `MaxCapacity` and `NumberOfWorkers` must both be at least 1.", + "title": "WorkerType", + "type": "string" + } + }, + "required": [ + "InputRecordTables", + "Role", + "TransformParameters" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Glue::MLTransform" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "OffsetSeconds", - "TimeExpression" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.DeltaTimeSessionWindowConfiguration": { + "AWS::Glue::MLTransform.FindMatchesParameters": { "additionalProperties": false, "properties": { - "TimeoutInMinutes": { - "markdownDescription": "A time interval. You can use `timeoutInMinutes` so that AWS IoT Analytics can batch up late data notifications that have been generated since the last execution. AWS IoT Analytics sends one batch of notifications to Amazon CloudWatch Events at one time.\n\nFor more information about how to write a timestamp expression, see [Date and Time Functions and Operators](https://docs.aws.amazon.com/https://prestodb.io/docs/current/functions/datetime.html) , in the *Presto 0.172 Documentation* .", - "title": "TimeoutInMinutes", + "AccuracyCostTradeoff": { + "markdownDescription": "The value that is selected when tuning your transform for a balance between accuracy and cost. A value of 0.5 means that the system balances accuracy and cost concerns. A value of 1.0 means a bias purely for accuracy, which typically results in a higher cost, sometimes substantially higher. A value of 0.0 means a bias purely for cost, which results in a less accurate `FindMatches` transform, sometimes with unacceptable accuracy.\n\nAccuracy measures how well the transform finds true positives and true negatives. Increasing accuracy requires more machine resources and cost. But it also results in increased recall.\n\nCost measures how many compute resources, and thus money, are consumed to run the transform.", + "title": "AccuracyCostTradeoff", + "type": "number" + }, + "EnforceProvidedLabels": { + "markdownDescription": "The value to switch on or off to force the output to match the provided labels from users. If the value is `True` , the `find matches` transform forces the output to match the provided labels. The results override the normal conflation results. If the value is `False` , the `find matches` transform does not ensure all the labels provided are respected, and the results rely on the trained model.\n\nNote that setting this value to true may increase the conflation execution time.", + "title": "EnforceProvidedLabels", + "type": "boolean" + }, + "PrecisionRecallTradeoff": { + "markdownDescription": "The value selected when tuning your transform for a balance between precision and recall. A value of 0.5 means no preference; a value of 1.0 means a bias purely for precision, and a value of 0.0 means a bias for recall. Because this is a tradeoff, choosing values close to 1.0 means very low recall, and choosing values close to 0.0 results in very low precision.\n\nThe precision metric indicates how often your model is correct when it predicts a match.\n\nThe recall metric indicates that for an actual match, how often your model predicts the match.", + "title": "PrecisionRecallTradeoff", "type": "number" + }, + "PrimaryKeyColumnName": { + "markdownDescription": "The name of a column that uniquely identifies rows in the source table. Used to help identify matching records.", + "title": "PrimaryKeyColumnName", + "type": "string" } }, "required": [ - "TimeoutInMinutes" + "PrimaryKeyColumnName" ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.Filter": { - "additionalProperties": false, - "properties": { - "DeltaTime": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.DeltaTime", - "markdownDescription": "Used to limit data to that which has arrived since the last execution of the action.", - "title": "DeltaTime" - } - }, - "type": "object" - }, - "AWS::IoTAnalytics::Dataset.GlueConfiguration": { + "AWS::Glue::MLTransform.GlueTables": { "additionalProperties": false, "properties": { + "CatalogId": { + "markdownDescription": "A unique identifier for the AWS Glue Data Catalog .", + "title": "CatalogId", + "type": "string" + }, + "ConnectionName": { + "markdownDescription": "The name of the connection to the AWS Glue Data Catalog .", + "title": "ConnectionName", + "type": "string" + }, "DatabaseName": { - "markdownDescription": "The name of the database in your AWS Glue Data Catalog in which the table is located. An AWS Glue Data Catalog database contains metadata tables.", + "markdownDescription": "A database name in the AWS Glue Data Catalog .", "title": "DatabaseName", "type": "string" }, "TableName": { - "markdownDescription": "The name of the table in your AWS Glue Data Catalog that is used to perform the ETL operations. An AWS Glue Data Catalog table contains partitioned data and descriptions of data sources and targets.", + "markdownDescription": "A table name in the AWS Glue Data Catalog .", "title": "TableName", "type": "string" } @@ -125192,254 +130782,400 @@ ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.IotEventsDestinationConfiguration": { + "AWS::Glue::MLTransform.InputRecordTables": { "additionalProperties": false, "properties": { - "InputName": { - "markdownDescription": "The name of the AWS IoT Events input to which dataset contents are delivered.", - "title": "InputName", + "GlueTables": { + "items": { + "$ref": "#/definitions/AWS::Glue::MLTransform.GlueTables" + }, + "markdownDescription": "The database and table in the AWS Glue Data Catalog that is used for input or output data.", + "title": "GlueTables", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Glue::MLTransform.MLUserDataEncryption": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "markdownDescription": "The ID for the customer-provided KMS key.", + "title": "KmsKeyId", "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the role that grants AWS IoT Analytics permission to deliver dataset contents to an AWS IoT Events input.", - "title": "RoleArn", + "MLUserDataEncryptionMode": { + "markdownDescription": "The encryption mode applied to user data. Valid values are:\n\n- DISABLED: encryption is disabled.\n- SSEKMS: use of server-side encryption with AWS Key Management Service (SSE-KMS) for user data\nstored in Amazon S3.", + "title": "MLUserDataEncryptionMode", "type": "string" } }, "required": [ - "InputName", - "RoleArn" + "MLUserDataEncryptionMode" ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.LateDataRule": { + "AWS::Glue::MLTransform.TransformEncryption": { "additionalProperties": false, "properties": { - "RuleConfiguration": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.LateDataRuleConfiguration", - "markdownDescription": "The information needed to configure the late data rule.", - "title": "RuleConfiguration" + "MLUserDataEncryption": { + "$ref": "#/definitions/AWS::Glue::MLTransform.MLUserDataEncryption", + "markdownDescription": "The encryption-at-rest settings of the transform that apply to accessing user data.", + "title": "MLUserDataEncryption" }, - "RuleName": { - "markdownDescription": "The name of the late data rule.", - "title": "RuleName", + "TaskRunSecurityConfigurationName": { + "markdownDescription": "The name of the security configuration.", + "title": "TaskRunSecurityConfigurationName", "type": "string" } }, - "required": [ - "RuleConfiguration" - ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.LateDataRuleConfiguration": { + "AWS::Glue::MLTransform.TransformParameters": { "additionalProperties": false, "properties": { - "DeltaTimeSessionWindowConfiguration": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.DeltaTimeSessionWindowConfiguration", - "markdownDescription": "The information needed to configure a delta time session window.", - "title": "DeltaTimeSessionWindowConfiguration" + "FindMatchesParameters": { + "$ref": "#/definitions/AWS::Glue::MLTransform.FindMatchesParameters", + "markdownDescription": "The parameters for the find matches algorithm.", + "title": "FindMatchesParameters" + }, + "TransformType": { + "markdownDescription": "The type of machine learning transform. `FIND_MATCHES` is the only option.\n\nFor information about the types of machine learning transforms, see [Working with machine learning transforms](https://docs.aws.amazon.com/glue/latest/dg/console-machine-learning-transforms.html) .", + "title": "TransformType", + "type": "string" } }, + "required": [ + "TransformType" + ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.OutputFileUriValue": { + "AWS::Glue::Partition": { "additionalProperties": false, "properties": { - "FileName": { - "markdownDescription": "The URI of the location where dataset contents are stored, usually the URI of a file in an S3 bucket.", - "title": "FileName", + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CatalogId": { + "markdownDescription": "The AWS account ID of the catalog in which the partion is to be created.\n\n> To specify the account ID, you can use the `Ref` intrinsic function with the `AWS::AccountId` pseudo parameter. For example: `!Ref AWS::AccountId`", + "title": "CatalogId", + "type": "string" + }, + "DatabaseName": { + "markdownDescription": "The name of the catalog database in which to create the partition.", + "title": "DatabaseName", + "type": "string" + }, + "PartitionInput": { + "$ref": "#/definitions/AWS::Glue::Partition.PartitionInput", + "markdownDescription": "The structure used to create and update a partition.", + "title": "PartitionInput" + }, + "TableName": { + "markdownDescription": "The name of the metadata table in which the partition is to be created.", + "title": "TableName", + "type": "string" + } + }, + "required": [ + "CatalogId", + "DatabaseName", + "PartitionInput", + "TableName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Glue::Partition" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "FileName" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.QueryAction": { + "AWS::Glue::Partition.Column": { "additionalProperties": false, "properties": { - "Filters": { - "items": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.Filter" - }, - "markdownDescription": "Pre-filters applied to message data.", - "title": "Filters", - "type": "array" + "Comment": { + "markdownDescription": "A free-form text comment.", + "title": "Comment", + "type": "string" }, - "SqlQuery": { - "markdownDescription": "An \"SqlQueryDatasetAction\" object that uses an SQL query to automatically create data set contents.", - "title": "SqlQuery", + "Name": { + "markdownDescription": "The name of the `Column` .", + "title": "Name", + "type": "string" + }, + "Type": { + "markdownDescription": "The data type of the `Column` .", + "title": "Type", "type": "string" } }, "required": [ - "SqlQuery" + "Name" ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.ResourceConfiguration": { + "AWS::Glue::Partition.Order": { "additionalProperties": false, "properties": { - "ComputeType": { - "markdownDescription": "The type of the compute resource used to execute the `containerAction` . Possible values are: `ACU_1` (vCPU=4, memory=16 GiB) or `ACU_2` (vCPU=8, memory=32 GiB).", - "title": "ComputeType", + "Column": { + "markdownDescription": "The name of the column.", + "title": "Column", "type": "string" }, - "VolumeSizeInGB": { - "markdownDescription": "The size, in GB, of the persistent storage available to the resource instance used to execute the `containerAction` (min: 1, max: 50).", - "title": "VolumeSizeInGB", + "SortOrder": { + "markdownDescription": "Indicates that the column is sorted in ascending order ( `== 1` ), or in descending order ( `==0` ).", + "title": "SortOrder", "type": "number" } }, "required": [ - "ComputeType", - "VolumeSizeInGB" + "Column" ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.RetentionPeriod": { + "AWS::Glue::Partition.PartitionInput": { "additionalProperties": false, "properties": { - "NumberOfDays": { - "markdownDescription": "The number of days that message data is kept. The `unlimited` parameter must be false.", - "title": "NumberOfDays", - "type": "number" + "Parameters": { + "markdownDescription": "These key-value pairs define partition parameters.", + "title": "Parameters", + "type": "object" }, - "Unlimited": { - "markdownDescription": "If true, message data is kept indefinitely.", - "title": "Unlimited", - "type": "boolean" + "StorageDescriptor": { + "$ref": "#/definitions/AWS::Glue::Partition.StorageDescriptor", + "markdownDescription": "Provides information about the physical location where the partition is stored.", + "title": "StorageDescriptor" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The values of the partition. Although this parameter is not required by the SDK, you must specify this parameter for a valid input.\n\nThe values for the keys for the new partition must be passed as an array of String objects that must be ordered in the same order as the partition keys appearing in the Amazon S3 prefix. Otherwise AWS Glue will add the values to the wrong keys.", + "title": "Values", + "type": "array" } }, + "required": [ + "Values" + ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.S3DestinationConfiguration": { + "AWS::Glue::Partition.SchemaId": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The name of the S3 bucket to which dataset contents are delivered.", - "title": "Bucket", + "RegistryName": { + "markdownDescription": "The name of the schema registry that contains the schema.", + "title": "RegistryName", "type": "string" }, - "GlueConfiguration": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.GlueConfiguration", - "markdownDescription": "Configuration information for coordination with AWS Glue , a fully managed extract, transform and load (ETL) service.", - "title": "GlueConfiguration" - }, - "Key": { - "markdownDescription": "The key of the dataset contents object in an S3 bucket. Each object has a key that is a unique identifier. Each object has exactly one key.\n\nYou can create a unique key with the following options:\n\n- Use `!{iotanalytics:scheduleTime}` to insert the time of a scheduled SQL query run.\n- Use `!{iotanalytics:versionId}` to insert a unique hash that identifies a dataset content.\n- Use `!{iotanalytics:creationTime}` to insert the creation time of a dataset content.\n\nThe following example creates a unique key for a CSV file: `dataset/mydataset/!{iotanalytics:scheduleTime}/!{iotanalytics:versionId}.csv`\n\n> If you don't use `!{iotanalytics:versionId}` to specify the key, you might get duplicate keys. For example, you might have two dataset contents with the same `scheduleTime` but different `versionId` s. This means that one dataset content overwrites the other.", - "title": "Key", + "SchemaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the schema. One of `SchemaArn` or `SchemaName` has to be\nprovided.", + "title": "SchemaArn", "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the role that grants AWS IoT Analytics permission to interact with your Amazon S3 and AWS Glue resources.", - "title": "RoleArn", + "SchemaName": { + "markdownDescription": "The name of the schema. One of `SchemaArn` or `SchemaName` has to be provided.", + "title": "SchemaName", "type": "string" } }, - "required": [ - "Bucket", - "Key", - "RoleArn" - ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.Schedule": { + "AWS::Glue::Partition.SchemaReference": { "additionalProperties": false, "properties": { - "ScheduleExpression": { - "markdownDescription": "The expression that defines when to trigger an update. For more information, see [Schedule Expressions for Rules](https://docs.aws.amazon.com/AmazonCloudWatch/latest/events/ScheduledEvents.html) in the Amazon CloudWatch documentation.", - "title": "ScheduleExpression", + "SchemaId": { + "$ref": "#/definitions/AWS::Glue::Partition.SchemaId", + "markdownDescription": "A structure that contains schema identity fields. Either this or the `SchemaVersionId` has to be\nprovided.", + "title": "SchemaId" + }, + "SchemaVersionId": { + "markdownDescription": "The unique ID assigned to a version of the schema. Either this or the `SchemaId` has to be provided.", + "title": "SchemaVersionId", "type": "string" + }, + "SchemaVersionNumber": { + "markdownDescription": "The version number of the schema.", + "title": "SchemaVersionNumber", + "type": "number" } }, - "required": [ - "ScheduleExpression" - ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.Trigger": { + "AWS::Glue::Partition.SerdeInfo": { "additionalProperties": false, "properties": { - "Schedule": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.Schedule", - "markdownDescription": "The \"Schedule\" when the trigger is initiated.", - "title": "Schedule" + "Name": { + "markdownDescription": "Name of the SerDe.", + "title": "Name", + "type": "string" }, - "TriggeringDataset": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.TriggeringDataset", - "markdownDescription": "Information about the data set whose content generation triggers the new data set content generation.", - "title": "TriggeringDataset" + "Parameters": { + "markdownDescription": "These key-value pairs define initialization parameters for the SerDe.", + "title": "Parameters", + "type": "object" + }, + "SerializationLibrary": { + "markdownDescription": "Usually the class that implements the SerDe. An example is `org.apache.hadoop.hive.serde2.columnar.ColumnarSerDe` .", + "title": "SerializationLibrary", + "type": "string" } }, "type": "object" }, - "AWS::IoTAnalytics::Dataset.TriggeringDataset": { + "AWS::Glue::Partition.SkewedInfo": { "additionalProperties": false, "properties": { - "DatasetName": { - "markdownDescription": "The name of the data set whose content generation triggers the new data set content generation.", - "title": "DatasetName", - "type": "string" + "SkewedColumnNames": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of names of columns that contain skewed values.", + "title": "SkewedColumnNames", + "type": "array" + }, + "SkewedColumnValueLocationMaps": { + "markdownDescription": "A mapping of skewed values to the columns that contain them.", + "title": "SkewedColumnValueLocationMaps", + "type": "object" + }, + "SkewedColumnValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of values that appear so frequently as to be considered skewed.", + "title": "SkewedColumnValues", + "type": "array" } }, - "required": [ - "DatasetName" - ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.Variable": { + "AWS::Glue::Partition.StorageDescriptor": { "additionalProperties": false, "properties": { - "DatasetContentVersionValue": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.DatasetContentVersionValue", - "markdownDescription": "The value of the variable as a structure that specifies a dataset content version.", - "title": "DatasetContentVersionValue" + "BucketColumns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of reducer grouping columns, clustering columns, and bucketing columns in the table.", + "title": "BucketColumns", + "type": "array" }, - "DoubleValue": { - "markdownDescription": "The value of the variable as a double (numeric).", - "title": "DoubleValue", - "type": "number" + "Columns": { + "items": { + "$ref": "#/definitions/AWS::Glue::Partition.Column" + }, + "markdownDescription": "A list of the `Columns` in the table.", + "title": "Columns", + "type": "array" }, - "OutputFileUriValue": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.OutputFileUriValue", - "markdownDescription": "The value of the variable as a structure that specifies an output file URI.", - "title": "OutputFileUriValue" + "Compressed": { + "markdownDescription": "`True` if the data in the table is compressed, or `False` if not.", + "title": "Compressed", + "type": "boolean" }, - "StringValue": { - "markdownDescription": "The value of the variable as a string.", - "title": "StringValue", + "InputFormat": { + "markdownDescription": "The input format: `SequenceFileInputFormat` (binary), or `TextInputFormat` , or a custom format.", + "title": "InputFormat", "type": "string" }, - "VariableName": { - "markdownDescription": "The name of the variable.", - "title": "VariableName", + "Location": { + "markdownDescription": "The physical location of the table. By default, this takes the form of the warehouse location, followed by the database location in the warehouse, followed by the table name.", + "title": "Location", "type": "string" - } - }, - "required": [ - "VariableName" - ], - "type": "object" - }, - "AWS::IoTAnalytics::Dataset.VersioningConfiguration": { - "additionalProperties": false, - "properties": { - "MaxVersions": { - "markdownDescription": "How many versions of dataset contents are kept. The `unlimited` parameter must be `false` .", - "title": "MaxVersions", + }, + "NumberOfBuckets": { + "markdownDescription": "The number of buckets.\n\nYou must specify this property if the partition contains any dimension columns.", + "title": "NumberOfBuckets", "type": "number" }, - "Unlimited": { - "markdownDescription": "If true, unlimited versions of dataset contents are kept.", - "title": "Unlimited", + "OutputFormat": { + "markdownDescription": "The output format: `SequenceFileOutputFormat` (binary), or `IgnoreKeyTextOutputFormat` , or a custom format.", + "title": "OutputFormat", + "type": "string" + }, + "Parameters": { + "markdownDescription": "The user-supplied properties in key-value form.", + "title": "Parameters", + "type": "object" + }, + "SchemaReference": { + "$ref": "#/definitions/AWS::Glue::Partition.SchemaReference", + "markdownDescription": "An object that references a schema stored in the AWS Glue Schema Registry.", + "title": "SchemaReference" + }, + "SerdeInfo": { + "$ref": "#/definitions/AWS::Glue::Partition.SerdeInfo", + "markdownDescription": "The serialization/deserialization (SerDe) information.", + "title": "SerdeInfo" + }, + "SkewedInfo": { + "$ref": "#/definitions/AWS::Glue::Partition.SkewedInfo", + "markdownDescription": "The information about values that appear frequently in a column (skewed values).", + "title": "SkewedInfo" + }, + "SortColumns": { + "items": { + "$ref": "#/definitions/AWS::Glue::Partition.Order" + }, + "markdownDescription": "A list specifying the sort order of each bucket in the table.", + "title": "SortColumns", + "type": "array" + }, + "StoredAsSubDirectories": { + "markdownDescription": "`True` if the table data is stored in subdirectories, or `False` if not.", + "title": "StoredAsSubDirectories", "type": "boolean" } }, "type": "object" }, - "AWS::IoTAnalytics::Datastore": { + "AWS::Glue::Registry": { "additionalProperties": false, "properties": { "Condition": { @@ -125474,45 +131210,33 @@ "Properties": { "additionalProperties": false, "properties": { - "DatastoreName": { - "markdownDescription": "The name of the data store.", - "title": "DatastoreName", + "Description": { + "markdownDescription": "A description of the registry.", + "title": "Description", "type": "string" }, - "DatastorePartitions": { - "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.DatastorePartitions", - "markdownDescription": "Information about the partition dimensions in a data store.", - "title": "DatastorePartitions" - }, - "DatastoreStorage": { - "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.DatastoreStorage", - "markdownDescription": "Where data store data is stored.", - "title": "DatastoreStorage" - }, - "FileFormatConfiguration": { - "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.FileFormatConfiguration", - "markdownDescription": "Contains the configuration information of file formats. AWS IoT Analytics data stores support JSON and [Parquet](https://docs.aws.amazon.com/https://parquet.apache.org/) .\n\nThe default file format is JSON. You can specify only one format.\n\nYou can't change the file format after you create the data store.", - "title": "FileFormatConfiguration" - }, - "RetentionPeriod": { - "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.RetentionPeriod", - "markdownDescription": "How long, in days, message data is kept for the data store. When `customerManagedS3` storage is selected, this parameter is ignored.", - "title": "RetentionPeriod" + "Name": { + "markdownDescription": "The name of the registry.", + "title": "Name", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata which can be used to manage the data store.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "AWS tags that contain a key value pair and may be searched by console, command line, or API.", "title": "Tags", "type": "array" } }, + "required": [ + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTAnalytics::Datastore" + "AWS::Glue::Registry" ], "type": "string" }, @@ -125526,227 +131250,471 @@ } }, "required": [ - "Type" - ], - "type": "object" - }, - "AWS::IoTAnalytics::Datastore.Column": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the column.", - "title": "Name", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of data. For more information about the supported data types, see [Common data types](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-common.html) in the *AWS Glue Developer Guide* .", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Name", - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoTAnalytics::Datastore.CustomerManagedS3": { + "AWS::Glue::Schema": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The name of the Amazon S3 bucket where your data is stored.", - "title": "Bucket", + "Condition": { "type": "string" }, - "KeyPrefix": { - "markdownDescription": "(Optional) The prefix used to create the keys of the data store data objects. Each object in an Amazon S3 bucket has a key that is its unique identifier in the bucket. Each object in a bucket has exactly one key. The prefix must end with a forward slash (/).", - "title": "KeyPrefix", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the role that grants AWS IoT Analytics permission to interact with your Amazon S3 resources.", - "title": "RoleArn", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CheckpointVersion": { + "$ref": "#/definitions/AWS::Glue::Schema.SchemaVersion", + "markdownDescription": "Specify the `VersionNumber` or the `IsLatest` for setting the checkpoint for the schema. This is only required for updating a checkpoint.", + "title": "CheckpointVersion" + }, + "Compatibility": { + "markdownDescription": "The compatibility mode of the schema.", + "title": "Compatibility", + "type": "string" + }, + "DataFormat": { + "markdownDescription": "The data format of the schema definition. Currently only `AVRO` is supported.", + "title": "DataFormat", + "type": "string" + }, + "Description": { + "markdownDescription": "A description of the schema if specified when created.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "Name of the schema to be created of max length of 255, and may only contain letters, numbers, hyphen, underscore, dollar sign, or hash mark. No whitespace.", + "title": "Name", + "type": "string" + }, + "Registry": { + "$ref": "#/definitions/AWS::Glue::Schema.Registry", + "markdownDescription": "The registry where a schema is stored.", + "title": "Registry" + }, + "SchemaDefinition": { + "markdownDescription": "The schema definition using the `DataFormat` setting for `SchemaName` .", + "title": "SchemaDefinition", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "AWS tags that contain a key value pair and may be searched by console, command line, or API.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Compatibility", + "DataFormat", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Glue::Schema" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Bucket", - "RoleArn" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoTAnalytics::Datastore.CustomerManagedS3Storage": { + "AWS::Glue::Schema.Registry": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The name of the Amazon S3 bucket where your data is stored.", - "title": "Bucket", + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the registry.", + "title": "Arn", "type": "string" }, - "KeyPrefix": { - "markdownDescription": "(Optional) The prefix used to create the keys of the data store data objects. Each object in an Amazon S3 bucket has a key that is its unique identifier in the bucket. Each object in a bucket has exactly one key. The prefix must end with a forward slash (/).", - "title": "KeyPrefix", + "Name": { + "markdownDescription": "The name of the registry.", + "title": "Name", "type": "string" } }, - "required": [ - "Bucket" - ], "type": "object" }, - "AWS::IoTAnalytics::Datastore.DatastorePartition": { + "AWS::Glue::Schema.SchemaVersion": { "additionalProperties": false, "properties": { - "Partition": { - "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.Partition", - "markdownDescription": "A partition dimension defined by an attribute.", - "title": "Partition" + "IsLatest": { + "markdownDescription": "Indicates if this version is the latest version of the schema.", + "title": "IsLatest", + "type": "boolean" }, - "TimestampPartition": { - "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.TimestampPartition", - "markdownDescription": "A partition dimension defined by a timestamp attribute.", - "title": "TimestampPartition" + "VersionNumber": { + "markdownDescription": "The version number of the schema.", + "title": "VersionNumber", + "type": "number" } }, "type": "object" }, - "AWS::IoTAnalytics::Datastore.DatastorePartitions": { + "AWS::Glue::SchemaVersion": { "additionalProperties": false, "properties": { - "Partitions": { - "items": { - "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.DatastorePartition" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Schema": { + "$ref": "#/definitions/AWS::Glue::SchemaVersion.Schema", + "markdownDescription": "The schema that includes the schema version.", + "title": "Schema" + }, + "SchemaDefinition": { + "markdownDescription": "The schema definition for the schema version.", + "title": "SchemaDefinition", + "type": "string" + } }, - "markdownDescription": "A list of partition dimensions in a data store.", - "title": "Partitions", - "type": "array" + "required": [ + "Schema", + "SchemaDefinition" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Glue::SchemaVersion" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::IoTAnalytics::Datastore.DatastoreStorage": { + "AWS::Glue::SchemaVersion.Schema": { "additionalProperties": false, "properties": { - "CustomerManagedS3": { - "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.CustomerManagedS3", - "markdownDescription": "Use this to store data store data in an S3 bucket that you manage. The choice of service-managed or customer-managed S3 storage cannot be changed after creation of the data store.", - "title": "CustomerManagedS3" + "RegistryName": { + "markdownDescription": "The name of the registry where the schema is stored. Either `SchemaArn` , or `SchemaName` and `RegistryName` has to be provided.", + "title": "RegistryName", + "type": "string" }, - "IotSiteWiseMultiLayerStorage": { - "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.IotSiteWiseMultiLayerStorage", - "markdownDescription": "Use this to store data used by AWS IoT SiteWise in an Amazon S3 bucket that you manage. You can't change the choice of Amazon S3 storage after your data store is created.", - "title": "IotSiteWiseMultiLayerStorage" + "SchemaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the schema. Either `SchemaArn` , or `SchemaName` and `RegistryName` has to be provided.", + "title": "SchemaArn", + "type": "string" }, - "ServiceManagedS3": { - "markdownDescription": "Use this to store data store data in an S3 bucket managed by the AWS IoT Analytics service. The choice of service-managed or customer-managed S3 storage cannot be changed after creation of the data store.", - "title": "ServiceManagedS3", - "type": "object" + "SchemaName": { + "markdownDescription": "The name of the schema. Either `SchemaArn` , or `SchemaName` and `RegistryName` has to be provided.", + "title": "SchemaName", + "type": "string" } }, "type": "object" }, - "AWS::IoTAnalytics::Datastore.FileFormatConfiguration": { + "AWS::Glue::SchemaVersionMetadata": { "additionalProperties": false, "properties": { - "JsonConfiguration": { - "markdownDescription": "Contains the configuration information of the JSON format.", - "title": "JsonConfiguration", + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { "type": "object" }, - "ParquetConfiguration": { - "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.ParquetConfiguration", - "markdownDescription": "Contains the configuration information of the Parquet format.", - "title": "ParquetConfiguration" - } - }, - "type": "object" - }, - "AWS::IoTAnalytics::Datastore.IotSiteWiseMultiLayerStorage": { - "additionalProperties": false, - "properties": { - "CustomerManagedS3Storage": { - "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.CustomerManagedS3Storage", - "markdownDescription": "Stores data used by AWS IoT SiteWise in an Amazon S3 bucket that you manage.", - "title": "CustomerManagedS3Storage" + "Properties": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "A metadata key in a key-value pair for metadata.", + "title": "Key", + "type": "string" + }, + "SchemaVersionId": { + "markdownDescription": "The version number of the schema.", + "title": "SchemaVersionId", + "type": "string" + }, + "Value": { + "markdownDescription": "A metadata key's corresponding value.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "SchemaVersionId", + "Value" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Glue::SchemaVersionMetadata" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::IoTAnalytics::Datastore.ParquetConfiguration": { + "AWS::Glue::SecurityConfiguration": { "additionalProperties": false, "properties": { - "SchemaDefinition": { - "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.SchemaDefinition", - "markdownDescription": "Information needed to define a schema.", - "title": "SchemaDefinition" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::Glue::SecurityConfiguration.EncryptionConfiguration", + "markdownDescription": "The encryption configuration associated with this security configuration.", + "title": "EncryptionConfiguration" + }, + "Name": { + "markdownDescription": "The name of the security configuration.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "EncryptionConfiguration", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Glue::SecurityConfiguration" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::IoTAnalytics::Datastore.Partition": { + "AWS::Glue::SecurityConfiguration.CloudWatchEncryption": { "additionalProperties": false, "properties": { - "AttributeName": { - "markdownDescription": "The name of the attribute that defines a partition dimension.", - "title": "AttributeName", + "CloudWatchEncryptionMode": { + "markdownDescription": "The encryption mode to use for CloudWatch data.", + "title": "CloudWatchEncryptionMode", + "type": "string" + }, + "KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key to be used to encrypt the data.", + "title": "KmsKeyArn", "type": "string" } }, - "required": [ - "AttributeName" - ], "type": "object" }, - "AWS::IoTAnalytics::Datastore.RetentionPeriod": { + "AWS::Glue::SecurityConfiguration.EncryptionConfiguration": { "additionalProperties": false, "properties": { - "NumberOfDays": { - "markdownDescription": "The number of days that message data is kept. The `unlimited` parameter must be false.", - "title": "NumberOfDays", - "type": "number" + "CloudWatchEncryption": { + "$ref": "#/definitions/AWS::Glue::SecurityConfiguration.CloudWatchEncryption", + "markdownDescription": "The encryption configuration for Amazon CloudWatch.", + "title": "CloudWatchEncryption" }, - "Unlimited": { - "markdownDescription": "If true, message data is kept indefinitely.", - "title": "Unlimited", - "type": "boolean" + "JobBookmarksEncryption": { + "$ref": "#/definitions/AWS::Glue::SecurityConfiguration.JobBookmarksEncryption", + "markdownDescription": "The encryption configuration for job bookmarks.", + "title": "JobBookmarksEncryption" + }, + "S3Encryptions": { + "$ref": "#/definitions/AWS::Glue::SecurityConfiguration.S3Encryptions", + "markdownDescription": "The encyption configuration for Amazon Simple Storage Service (Amazon S3) data.", + "title": "S3Encryptions" } }, "type": "object" }, - "AWS::IoTAnalytics::Datastore.SchemaDefinition": { + "AWS::Glue::SecurityConfiguration.JobBookmarksEncryption": { "additionalProperties": false, "properties": { - "Columns": { - "items": { - "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.Column" - }, - "markdownDescription": "Specifies one or more columns that store your data.\n\nEach schema can have up to 100 columns. Each column can have up to 100 nested types.", - "title": "Columns", - "type": "array" + "JobBookmarksEncryptionMode": { + "markdownDescription": "The encryption mode to use for job bookmarks data.", + "title": "JobBookmarksEncryptionMode", + "type": "string" + }, + "KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key to be used to encrypt the data.", + "title": "KmsKeyArn", + "type": "string" } }, "type": "object" }, - "AWS::IoTAnalytics::Datastore.TimestampPartition": { + "AWS::Glue::SecurityConfiguration.S3Encryption": { "additionalProperties": false, "properties": { - "AttributeName": { - "markdownDescription": "The attribute name of the partition defined by a timestamp.", - "title": "AttributeName", + "KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key to be used to encrypt the data.", + "title": "KmsKeyArn", "type": "string" }, - "TimestampFormat": { - "markdownDescription": "The timestamp format of a partition defined by a timestamp. The default format is seconds since epoch (January 1, 1970 at midnight UTC time).", - "title": "TimestampFormat", + "S3EncryptionMode": { + "markdownDescription": "The encryption mode to use for Amazon S3 data.", + "title": "S3EncryptionMode", "type": "string" } }, - "required": [ - "AttributeName" - ], "type": "object" }, - "AWS::IoTAnalytics::Pipeline": { + "AWS::Glue::SecurityConfiguration.S3Encryptions": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::Glue::Table": { "additionalProperties": false, "properties": { "Condition": { @@ -125781,36 +131749,37 @@ "Properties": { "additionalProperties": false, "properties": { - "PipelineActivities": { - "items": { - "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.Activity" - }, - "markdownDescription": "A list of \"PipelineActivity\" objects. Activities perform transformations on your messages, such as removing, renaming or adding message attributes; filtering messages based on attribute values; invoking your Lambda functions on messages for advanced processing; or performing mathematical transformations to normalize device data.\n\nThe list can be 2-25 *PipelineActivity* objects and must contain both a `channel` and a `datastore` activity. Each entry in the list must contain only one activity, for example:\n\n`pipelineActivities = [ { \"channel\": { ... } }, { \"lambda\": { ... } }, ... ]`", - "title": "PipelineActivities", - "type": "array" + "CatalogId": { + "markdownDescription": "The ID of the Data Catalog in which to create the `Table` .", + "title": "CatalogId", + "type": "string" }, - "PipelineName": { - "markdownDescription": "The name of the pipeline.", - "title": "PipelineName", + "DatabaseName": { + "markdownDescription": "The name of the database where the table metadata resides. For Hive compatibility, this must be all lowercase.", + "title": "DatabaseName", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata which can be used to manage the pipeline.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" + "OpenTableFormatInput": { + "$ref": "#/definitions/AWS::Glue::Table.OpenTableFormatInput", + "markdownDescription": "Specifies an `OpenTableFormatInput` structure when creating an open format table.", + "title": "OpenTableFormatInput" + }, + "TableInput": { + "$ref": "#/definitions/AWS::Glue::Table.TableInput", + "markdownDescription": "A structure used to define a table.", + "title": "TableInput" } }, "required": [ - "PipelineActivities" + "CatalogId", + "DatabaseName", + "TableInput" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTAnalytics::Pipeline" + "AWS::Glue::Table" ], "type": "string" }, @@ -125829,356 +131798,343 @@ ], "type": "object" }, - "AWS::IoTAnalytics::Pipeline.Activity": { - "additionalProperties": false, - "properties": { - "AddAttributes": { - "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.AddAttributes", - "markdownDescription": "Adds other attributes based on existing attributes in the message.", - "title": "AddAttributes" - }, - "Channel": { - "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.Channel", - "markdownDescription": "Determines the source of the messages to be processed.", - "title": "Channel" - }, - "Datastore": { - "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.Datastore", - "markdownDescription": "Specifies where to store the processed message data.", - "title": "Datastore" - }, - "DeviceRegistryEnrich": { - "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.DeviceRegistryEnrich", - "markdownDescription": "Adds data from the AWS IoT device registry to your message.", - "title": "DeviceRegistryEnrich" - }, - "DeviceShadowEnrich": { - "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.DeviceShadowEnrich", - "markdownDescription": "Adds information from the AWS IoT Device Shadows service to a message.", - "title": "DeviceShadowEnrich" - }, - "Filter": { - "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.Filter", - "markdownDescription": "Filters a message based on its attributes.", - "title": "Filter" - }, - "Lambda": { - "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.Lambda", - "markdownDescription": "Runs a Lambda function to modify the message.", - "title": "Lambda" - }, - "Math": { - "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.Math", - "markdownDescription": "Computes an arithmetic expression using the message's attributes and adds it to the message.", - "title": "Math" - }, - "RemoveAttributes": { - "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.RemoveAttributes", - "markdownDescription": "Removes attributes from a message.", - "title": "RemoveAttributes" - }, - "SelectAttributes": { - "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.SelectAttributes", - "markdownDescription": "Creates a new message using only the specified attributes from the original message.", - "title": "SelectAttributes" - } - }, - "type": "object" - }, - "AWS::IoTAnalytics::Pipeline.AddAttributes": { + "AWS::Glue::Table.Column": { "additionalProperties": false, "properties": { - "Attributes": { - "additionalProperties": true, - "markdownDescription": "A list of 1-50 \"AttributeNameMapping\" objects that map an existing attribute to a new attribute.\n\n> The existing attributes remain in the message, so if you want to remove the originals, use \"RemoveAttributeActivity\".", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Attributes", - "type": "object" + "Comment": { + "markdownDescription": "A free-form text comment.", + "title": "Comment", + "type": "string" }, "Name": { - "markdownDescription": "The name of the 'addAttributes' activity.", + "markdownDescription": "The name of the `Column` .", "title": "Name", "type": "string" }, - "Next": { - "markdownDescription": "The next activity in the pipeline.", - "title": "Next", + "Type": { + "markdownDescription": "The data type of the `Column` .", + "title": "Type", "type": "string" } }, "required": [ - "Attributes", "Name" ], "type": "object" }, - "AWS::IoTAnalytics::Pipeline.Channel": { + "AWS::Glue::Table.IcebergInput": { "additionalProperties": false, "properties": { - "ChannelName": { - "markdownDescription": "The name of the channel from which the messages are processed.", - "title": "ChannelName", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the 'channel' activity.", - "title": "Name", - "type": "string" + "MetadataOperation": { + "$ref": "#/definitions/AWS::Glue::Table.MetadataOperation", + "markdownDescription": "A required metadata operation. Can only be set to CREATE.", + "title": "MetadataOperation" }, - "Next": { - "markdownDescription": "The next activity in the pipeline.", - "title": "Next", + "Version": { + "markdownDescription": "The table version for the Iceberg table. Defaults to 2.", + "title": "Version", "type": "string" } }, - "required": [ - "ChannelName", - "Name" - ], "type": "object" }, - "AWS::IoTAnalytics::Pipeline.Datastore": { + "AWS::Glue::Table.MetadataOperation": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::Glue::Table.OpenTableFormatInput": { "additionalProperties": false, "properties": { - "DatastoreName": { - "markdownDescription": "The name of the data store where processed messages are stored.", - "title": "DatastoreName", + "IcebergInput": { + "$ref": "#/definitions/AWS::Glue::Table.IcebergInput", + "markdownDescription": "Specifies an `IcebergInput` structure that defines an Apache Iceberg metadata table.", + "title": "IcebergInput" + } + }, + "type": "object" + }, + "AWS::Glue::Table.Order": { + "additionalProperties": false, + "properties": { + "Column": { + "markdownDescription": "The name of the column.", + "title": "Column", "type": "string" }, - "Name": { - "markdownDescription": "The name of the datastore activity.", - "title": "Name", - "type": "string" + "SortOrder": { + "markdownDescription": "Indicates that the column is sorted in ascending order ( `== 1` ), or in descending order ( `==0` ).", + "title": "SortOrder", + "type": "number" } }, "required": [ - "DatastoreName", - "Name" + "Column", + "SortOrder" ], "type": "object" }, - "AWS::IoTAnalytics::Pipeline.DeviceRegistryEnrich": { + "AWS::Glue::Table.SchemaId": { "additionalProperties": false, "properties": { - "Attribute": { - "markdownDescription": "The name of the attribute that is added to the message.", - "title": "Attribute", + "RegistryName": { + "markdownDescription": "The name of the schema registry that contains the schema.", + "title": "RegistryName", "type": "string" }, - "Name": { - "markdownDescription": "The name of the 'deviceRegistryEnrich' activity.", - "title": "Name", + "SchemaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the schema. One of `SchemaArn` or `SchemaName` has to be\nprovided.", + "title": "SchemaArn", "type": "string" }, - "Next": { - "markdownDescription": "The next activity in the pipeline.", - "title": "Next", + "SchemaName": { + "markdownDescription": "The name of the schema. One of `SchemaArn` or `SchemaName` has to be provided.", + "title": "SchemaName", "type": "string" + } + }, + "type": "object" + }, + "AWS::Glue::Table.SchemaReference": { + "additionalProperties": false, + "properties": { + "SchemaId": { + "$ref": "#/definitions/AWS::Glue::Table.SchemaId", + "markdownDescription": "A structure that contains schema identity fields. Either this or the `SchemaVersionId` has to be\nprovided.", + "title": "SchemaId" }, - "RoleArn": { - "markdownDescription": "The ARN of the role that allows access to the device's registry information.", - "title": "RoleArn", + "SchemaVersionId": { + "markdownDescription": "The unique ID assigned to a version of the schema. Either this or the `SchemaId` has to be provided.", + "title": "SchemaVersionId", "type": "string" }, - "ThingName": { - "markdownDescription": "The name of the IoT device whose registry information is added to the message.", - "title": "ThingName", - "type": "string" + "SchemaVersionNumber": { + "markdownDescription": "The version number of the schema.", + "title": "SchemaVersionNumber", + "type": "number" } }, - "required": [ - "Attribute", - "Name", - "RoleArn", - "ThingName" - ], "type": "object" }, - "AWS::IoTAnalytics::Pipeline.DeviceShadowEnrich": { + "AWS::Glue::Table.SerdeInfo": { "additionalProperties": false, "properties": { - "Attribute": { - "markdownDescription": "The name of the attribute that is added to the message.", - "title": "Attribute", - "type": "string" - }, "Name": { - "markdownDescription": "The name of the 'deviceShadowEnrich' activity.", + "markdownDescription": "Name of the SerDe.", "title": "Name", "type": "string" }, - "Next": { - "markdownDescription": "The next activity in the pipeline.", - "title": "Next", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN of the role that allows access to the device's shadow.", - "title": "RoleArn", - "type": "string" + "Parameters": { + "markdownDescription": "These key-value pairs define initialization parameters for the SerDe.", + "title": "Parameters", + "type": "object" }, - "ThingName": { - "markdownDescription": "The name of the IoT device whose shadow information is added to the message.", - "title": "ThingName", + "SerializationLibrary": { + "markdownDescription": "Usually the class that implements the SerDe. An example is `org.apache.hadoop.hive.serde2.columnar.ColumnarSerDe` .", + "title": "SerializationLibrary", "type": "string" } }, - "required": [ - "Attribute", - "Name", - "RoleArn", - "ThingName" - ], "type": "object" }, - "AWS::IoTAnalytics::Pipeline.Filter": { + "AWS::Glue::Table.SkewedInfo": { "additionalProperties": false, "properties": { - "Filter": { - "markdownDescription": "An expression that looks like an SQL WHERE clause that must return a Boolean value.", - "title": "Filter", - "type": "string" + "SkewedColumnNames": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of names of columns that contain skewed values.", + "title": "SkewedColumnNames", + "type": "array" }, - "Name": { - "markdownDescription": "The name of the 'filter' activity.", - "title": "Name", - "type": "string" + "SkewedColumnValueLocationMaps": { + "markdownDescription": "A mapping of skewed values to the columns that contain them.", + "title": "SkewedColumnValueLocationMaps", + "type": "object" }, - "Next": { - "markdownDescription": "The next activity in the pipeline.", - "title": "Next", - "type": "string" + "SkewedColumnValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of values that appear so frequently as to be considered skewed.", + "title": "SkewedColumnValues", + "type": "array" } }, - "required": [ - "Filter", - "Name" - ], "type": "object" }, - "AWS::IoTAnalytics::Pipeline.Lambda": { + "AWS::Glue::Table.StorageDescriptor": { "additionalProperties": false, "properties": { - "BatchSize": { - "markdownDescription": "The number of messages passed to the Lambda function for processing.\n\nThe AWS Lambda function must be able to process all of these messages within five minutes, which is the maximum timeout duration for Lambda functions.", - "title": "BatchSize", - "type": "number" + "BucketColumns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of reducer grouping columns, clustering columns, and bucketing columns in the table.", + "title": "BucketColumns", + "type": "array" }, - "LambdaName": { - "markdownDescription": "The name of the Lambda function that is run on the message.", - "title": "LambdaName", + "Columns": { + "items": { + "$ref": "#/definitions/AWS::Glue::Table.Column" + }, + "markdownDescription": "A list of the `Columns` in the table.", + "title": "Columns", + "type": "array" + }, + "Compressed": { + "markdownDescription": "`True` if the data in the table is compressed, or `False` if not.", + "title": "Compressed", + "type": "boolean" + }, + "InputFormat": { + "markdownDescription": "The input format: `SequenceFileInputFormat` (binary), or `TextInputFormat` , or a custom format.", + "title": "InputFormat", "type": "string" }, - "Name": { - "markdownDescription": "The name of the 'lambda' activity.", - "title": "Name", + "Location": { + "markdownDescription": "The physical location of the table. By default, this takes the form of the warehouse location, followed by the database location in the warehouse, followed by the table name.", + "title": "Location", "type": "string" }, - "Next": { - "markdownDescription": "The next activity in the pipeline.", - "title": "Next", + "NumberOfBuckets": { + "markdownDescription": "Must be specified if the table contains any dimension columns.", + "title": "NumberOfBuckets", + "type": "number" + }, + "OutputFormat": { + "markdownDescription": "The output format: `SequenceFileOutputFormat` (binary), or `IgnoreKeyTextOutputFormat` , or a custom format.", + "title": "OutputFormat", "type": "string" + }, + "Parameters": { + "markdownDescription": "The user-supplied properties in key-value form.", + "title": "Parameters", + "type": "object" + }, + "SchemaReference": { + "$ref": "#/definitions/AWS::Glue::Table.SchemaReference", + "markdownDescription": "An object that references a schema stored in the AWS Glue Schema Registry.", + "title": "SchemaReference" + }, + "SerdeInfo": { + "$ref": "#/definitions/AWS::Glue::Table.SerdeInfo", + "markdownDescription": "The serialization/deserialization (SerDe) information.", + "title": "SerdeInfo" + }, + "SkewedInfo": { + "$ref": "#/definitions/AWS::Glue::Table.SkewedInfo", + "markdownDescription": "The information about values that appear frequently in a column (skewed values).", + "title": "SkewedInfo" + }, + "SortColumns": { + "items": { + "$ref": "#/definitions/AWS::Glue::Table.Order" + }, + "markdownDescription": "A list specifying the sort order of each bucket in the table.", + "title": "SortColumns", + "type": "array" + }, + "StoredAsSubDirectories": { + "markdownDescription": "`True` if the table data is stored in subdirectories, or `False` if not.", + "title": "StoredAsSubDirectories", + "type": "boolean" } }, - "required": [ - "BatchSize", - "LambdaName", - "Name" - ], "type": "object" }, - "AWS::IoTAnalytics::Pipeline.Math": { + "AWS::Glue::Table.TableIdentifier": { "additionalProperties": false, "properties": { - "Attribute": { - "markdownDescription": "The name of the attribute that contains the result of the math operation.", - "title": "Attribute", + "CatalogId": { + "markdownDescription": "The ID of the Data Catalog in which the table resides.", + "title": "CatalogId", "type": "string" }, - "Math": { - "markdownDescription": "An expression that uses one or more existing attributes and must return an integer value.", - "title": "Math", + "DatabaseName": { + "markdownDescription": "The name of the catalog database that contains the target table.", + "title": "DatabaseName", "type": "string" }, "Name": { - "markdownDescription": "The name of the 'math' activity.", + "markdownDescription": "The name of the target table.", "title": "Name", "type": "string" }, - "Next": { - "markdownDescription": "The next activity in the pipeline.", - "title": "Next", + "Region": { + "markdownDescription": "The Region of the table.", + "title": "Region", "type": "string" } }, - "required": [ - "Attribute", - "Math", - "Name" - ], "type": "object" }, - "AWS::IoTAnalytics::Pipeline.RemoveAttributes": { + "AWS::Glue::Table.TableInput": { "additionalProperties": false, "properties": { - "Attributes": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of 1-50 attributes to remove from the message.", - "title": "Attributes", - "type": "array" + "Description": { + "markdownDescription": "A description of the table.", + "title": "Description", + "type": "string" }, "Name": { - "markdownDescription": "The name of the 'removeAttributes' activity.", + "markdownDescription": "The table name. For Hive compatibility, this is folded to lowercase when it is stored.", "title": "Name", "type": "string" }, - "Next": { - "markdownDescription": "The next activity in the pipeline.", - "title": "Next", + "Owner": { + "markdownDescription": "The table owner. Included for Apache Hive compatibility. Not used in the normal course of AWS Glue operations.", + "title": "Owner", "type": "string" - } - }, - "required": [ - "Attributes", - "Name" - ], - "type": "object" - }, - "AWS::IoTAnalytics::Pipeline.SelectAttributes": { - "additionalProperties": false, - "properties": { - "Attributes": { + }, + "Parameters": { + "markdownDescription": "These key-value pairs define properties associated with the table.", + "title": "Parameters", + "type": "object" + }, + "PartitionKeys": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Glue::Table.Column" }, - "markdownDescription": "A list of the attributes to select from the message.", - "title": "Attributes", + "markdownDescription": "A list of columns by which the table is partitioned. Only primitive types are supported as partition keys.\n\nWhen you create a table used by Amazon Athena, and you do not specify any `partitionKeys` , you must at least set the value of `partitionKeys` to an empty list. For example:\n\n`\"PartitionKeys\": []`", + "title": "PartitionKeys", "type": "array" }, - "Name": { - "markdownDescription": "The name of the 'selectAttributes' activity.", - "title": "Name", + "Retention": { + "markdownDescription": "The retention time for this table.", + "title": "Retention", + "type": "number" + }, + "StorageDescriptor": { + "$ref": "#/definitions/AWS::Glue::Table.StorageDescriptor", + "markdownDescription": "A storage descriptor containing information about the physical storage of this table.", + "title": "StorageDescriptor" + }, + "TableType": { + "markdownDescription": "The type of this table. AWS Glue will create tables with the `EXTERNAL_TABLE` type. Other services, such as Athena, may create tables with additional table types.\n\nAWS Glue related table types:\n\n- **EXTERNAL_TABLE** - Hive compatible attribute - indicates a non-Hive managed table.\n- **GOVERNED** - Used by AWS Lake Formation . The AWS Glue Data Catalog understands `GOVERNED` .", + "title": "TableType", "type": "string" }, - "Next": { - "markdownDescription": "The next activity in the pipeline.", - "title": "Next", + "TargetTable": { + "$ref": "#/definitions/AWS::Glue::Table.TableIdentifier", + "markdownDescription": "A `TableIdentifier` structure that describes a target table for resource linking.", + "title": "TargetTable" + }, + "ViewExpandedText": { + "markdownDescription": "Included for Apache Hive compatibility. Not used in the normal course of AWS Glue operations.", + "title": "ViewExpandedText", + "type": "string" + }, + "ViewOriginalText": { + "markdownDescription": "Included for Apache Hive compatibility. Not used in the normal course of AWS Glue operations. If the table is a `VIRTUAL_VIEW` , certain Athena configuration encoded in base64.", + "title": "ViewOriginalText", "type": "string" } }, - "required": [ - "Attributes", - "Name" - ], "type": "object" }, - "AWS::IoTCoreDeviceAdvisor::SuiteDefinition": { + "AWS::Glue::TableOptimizer": { "additionalProperties": false, "properties": { "Condition": { @@ -126213,28 +132169,44 @@ "Properties": { "additionalProperties": false, "properties": { - "SuiteDefinitionConfiguration": { - "$ref": "#/definitions/AWS::IoTCoreDeviceAdvisor::SuiteDefinition.SuiteDefinitionConfiguration", - "markdownDescription": "The configuration of the Suite Definition. Listed below are the required elements of the `SuiteDefinitionConfiguration` .\n\n- ***devicePermissionRoleArn*** - The device permission arn.\n\nThis is a required element.\n\n*Type:* String\n- ***devices*** - The list of configured devices under test. For more information on devices under test, see [DeviceUnderTest](https://docs.aws.amazon.com/iot/latest/apireference/API_iotdeviceadvisor_DeviceUnderTest.html)\n\nNot a required element.\n\n*Type:* List of devices under test\n- ***intendedForQualification*** - The tests intended for qualification in a suite.\n\nNot a required element.\n\n*Type:* Boolean\n- ***rootGroup*** - The test suite root group. For more information on creating and using root groups see the [Device Advisor workflow](https://docs.aws.amazon.com/iot/latest/developerguide/device-advisor-workflow.html) .\n\nThis is a required element.\n\n*Type:* String\n- ***suiteDefinitionName*** - The Suite Definition Configuration name.\n\nThis is a required element.\n\n*Type:* String", - "title": "SuiteDefinitionConfiguration" + "CatalogId": { + "markdownDescription": "The catalog ID of the table.", + "title": "CatalogId", + "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata that can be used to manage the the Suite Definition.", - "title": "Tags", - "type": "array" + "DatabaseName": { + "markdownDescription": "The name of the database. For Hive compatibility, this is folded to lowercase when it is stored.", + "title": "DatabaseName", + "type": "string" + }, + "TableName": { + "markdownDescription": "The table name. For Hive compatibility, this must be entirely lowercase.", + "title": "TableName", + "type": "string" + }, + "TableOptimizerConfiguration": { + "$ref": "#/definitions/AWS::Glue::TableOptimizer.TableOptimizerConfiguration", + "markdownDescription": "Specifies configuration details of a table optimizer.", + "title": "TableOptimizerConfiguration" + }, + "Type": { + "markdownDescription": "The type of table optimizer. The valid values are:\n\n- compaction - for managing compaction with a table optimizer.\n- retention - for managing the retention of snapshot with a table optimizer.\n- orphan_file_deletion - for managing the deletion of orphan files with a table optimizer.", + "title": "Type", + "type": "string" } }, "required": [ - "SuiteDefinitionConfiguration" + "CatalogId", + "DatabaseName", + "TableName", + "TableOptimizerConfiguration", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTCoreDeviceAdvisor::SuiteDefinition" + "AWS::Glue::TableOptimizer" ], "type": "string" }, @@ -126253,61 +132225,91 @@ ], "type": "object" }, - "AWS::IoTCoreDeviceAdvisor::SuiteDefinition.DeviceUnderTest": { + "AWS::Glue::TableOptimizer.IcebergConfiguration": { "additionalProperties": false, "properties": { - "CertificateArn": { - "markdownDescription": "Lists device's certificate ARN.", - "title": "CertificateArn", + "Location": { + "markdownDescription": "Specifies a directory in which to look for orphan files (defaults to the table's location). You may choose a sub-directory rather than the top-level table location.", + "title": "Location", "type": "string" }, - "ThingArn": { - "markdownDescription": "Lists device's thing ARN.", - "title": "ThingArn", - "type": "string" + "OrphanFileRetentionPeriodInDays": { + "markdownDescription": "The specific number of days you want to keep the orphan files.", + "title": "OrphanFileRetentionPeriodInDays", + "type": "number" } }, "type": "object" }, - "AWS::IoTCoreDeviceAdvisor::SuiteDefinition.SuiteDefinitionConfiguration": { + "AWS::Glue::TableOptimizer.OrphanFileDeletionConfiguration": { "additionalProperties": false, "properties": { - "DevicePermissionRoleArn": { - "markdownDescription": "Gets the device permission ARN. This is a required parameter.", - "title": "DevicePermissionRoleArn", - "type": "string" + "IcebergConfiguration": { + "$ref": "#/definitions/AWS::Glue::TableOptimizer.IcebergConfiguration", + "markdownDescription": "The `IcebergConfiguration` property helps optimize your Iceberg tables in AWS Glue by allowing you to specify format-specific settings that control how data is stored, compressed, and managed.", + "title": "IcebergConfiguration" + } + }, + "type": "object" + }, + "AWS::Glue::TableOptimizer.RetentionConfiguration": { + "additionalProperties": false, + "properties": { + "IcebergConfiguration": { + "$ref": "#/definitions/AWS::Glue::TableOptimizer.IcebergConfiguration", + "markdownDescription": "The configuration for an Iceberg snapshot retention optimizer.", + "title": "IcebergConfiguration" + } + }, + "type": "object" + }, + "AWS::Glue::TableOptimizer.TableOptimizerConfiguration": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Whether the table optimization is enabled.", + "title": "Enabled", + "type": "boolean" }, - "Devices": { - "items": { - "$ref": "#/definitions/AWS::IoTCoreDeviceAdvisor::SuiteDefinition.DeviceUnderTest" - }, - "markdownDescription": "Gets the devices configured.", - "title": "Devices", - "type": "array" + "OrphanFileDeletionConfiguration": { + "$ref": "#/definitions/AWS::Glue::TableOptimizer.OrphanFileDeletionConfiguration", + "markdownDescription": "`OrphanFileDeletionConfiguration` is a property that can be included within the TableOptimizer resource. It controls the automatic deletion of orphaned files - files that are not tracked by the table metadata, and older than the configured age limit.", + "title": "OrphanFileDeletionConfiguration" }, - "IntendedForQualification": { - "markdownDescription": "Gets the tests intended for qualification in a suite.", - "title": "IntendedForQualification", - "type": "boolean" + "RetentionConfiguration": { + "$ref": "#/definitions/AWS::Glue::TableOptimizer.RetentionConfiguration", + "markdownDescription": "The configuration for a snapshot retention optimizer for Apache Iceberg tables.", + "title": "RetentionConfiguration" }, - "RootGroup": { - "markdownDescription": "Gets the test suite root group. This is a required parameter. For updating or creating the latest qualification suite, if `intendedForQualification` is set to true, `rootGroup` can be an empty string. If `intendedForQualification` is false, `rootGroup` cannot be an empty string. If `rootGroup` is empty, and `intendedForQualification` is set to true, all the qualification tests are included, and the configuration is default.\n\nFor a qualification suite, the minimum length is 0, and the maximum is 2048. For a non-qualification suite, the minimum length is 1, and the maximum is 2048.", - "title": "RootGroup", + "RoleArn": { + "markdownDescription": "A role passed by the caller which gives the service permission to update the resources associated with the optimizer on the caller's behalf.", + "title": "RoleArn", "type": "string" }, - "SuiteDefinitionName": { - "markdownDescription": "Gets the suite definition name. This is a required parameter.", - "title": "SuiteDefinitionName", - "type": "string" + "VpcConfiguration": { + "$ref": "#/definitions/AWS::Glue::TableOptimizer.VpcConfiguration", + "markdownDescription": "An object that describes the VPC configuration for a table optimizer. This configuration is necessary to perform optimization on tables that are in a customer VPC.", + "title": "VpcConfiguration" } }, "required": [ - "DevicePermissionRoleArn", - "RootGroup" + "Enabled", + "RoleArn" ], "type": "object" }, - "AWS::IoTEvents::AlarmModel": { + "AWS::Glue::TableOptimizer.VpcConfiguration": { + "additionalProperties": false, + "properties": { + "GlueConnectionName": { + "markdownDescription": "The name of the AWS Glue connection used for the VPC for the table optimizer.", + "title": "GlueConnectionName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Glue::Trigger": { "additionalProperties": false, "properties": { "Condition": { @@ -126342,64 +132344,69 @@ "Properties": { "additionalProperties": false, "properties": { - "AlarmCapabilities": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AlarmCapabilities", - "markdownDescription": "Contains the configuration information of alarm state changes.", - "title": "AlarmCapabilities" - }, - "AlarmEventActions": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AlarmEventActions", - "markdownDescription": "Contains information about one or more alarm actions.", - "title": "AlarmEventActions" - }, - "AlarmModelDescription": { - "markdownDescription": "The description of the alarm model.", - "title": "AlarmModelDescription", - "type": "string" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::Glue::Trigger.Action" + }, + "markdownDescription": "The actions initiated by this trigger.", + "title": "Actions", + "type": "array" }, - "AlarmModelName": { - "markdownDescription": "The name of the alarm model.", - "title": "AlarmModelName", + "Description": { + "markdownDescription": "A description of this trigger.", + "title": "Description", "type": "string" }, - "AlarmRule": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AlarmRule", - "markdownDescription": "Defines when your alarm is invoked.", - "title": "AlarmRule" + "EventBatchingCondition": { + "$ref": "#/definitions/AWS::Glue::Trigger.EventBatchingCondition", + "markdownDescription": "Batch condition that must be met (specified number of events received or batch time window expired) before EventBridge event trigger fires.", + "title": "EventBatchingCondition" }, - "Key": { - "markdownDescription": "An input attribute used as a key to create an alarm. AWS IoT Events routes [inputs](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Input.html) associated with this key to the alarm.", - "title": "Key", + "Name": { + "markdownDescription": "The name of the trigger.", + "title": "Name", "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role that allows the alarm to perform actions and access AWS resources. For more information, see [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* .", - "title": "RoleArn", + "Predicate": { + "$ref": "#/definitions/AWS::Glue::Trigger.Predicate", + "markdownDescription": "The predicate of this trigger, which defines when it will fire.", + "title": "Predicate" + }, + "Schedule": { + "markdownDescription": "A `cron` expression used to specify the schedule. For more information, see [Time-Based Schedules for Jobs and Crawlers](https://docs.aws.amazon.com/glue/latest/dg/monitor-data-warehouse-schedule.html) in the *AWS Glue Developer Guide* . For example, to run something every day at 12:15 UTC, specify `cron(15 12 * * ? *)` .", + "title": "Schedule", "type": "string" }, - "Severity": { - "markdownDescription": "A non-negative integer that reflects the severity level of the alarm.", - "title": "Severity", - "type": "number" + "StartOnCreation": { + "markdownDescription": "Set to true to start `SCHEDULED` and `CONDITIONAL` triggers when created. True is not supported for `ON_DEMAND` triggers.", + "title": "StartOnCreation", + "type": "boolean" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of key-value pairs that contain metadata for the alarm model. The tags help you manage the alarm model. For more information, see [Tagging your AWS IoT Events resources](https://docs.aws.amazon.com/iotevents/latest/developerguide/tagging-iotevents.html) in the *AWS IoT Events Developer Guide* .\n\nYou can create up to 50 tags for one alarm model.", + "markdownDescription": "The tags to use with this trigger.", "title": "Tags", - "type": "array" + "type": "object" + }, + "Type": { + "markdownDescription": "The type of trigger that this is.", + "title": "Type", + "type": "string" + }, + "WorkflowName": { + "markdownDescription": "The name of the workflow associated with the trigger.", + "title": "WorkflowName", + "type": "string" } }, "required": [ - "AlarmRule", - "RoleArn" + "Actions", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTEvents::AlarmModel" + "AWS::Glue::Trigger" ], "type": "string" }, @@ -126418,474 +132425,668 @@ ], "type": "object" }, - "AWS::IoTEvents::AlarmModel.AcknowledgeFlow": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "The value must be `TRUE` or `FALSE` . If `TRUE` , you receive a notification when the alarm state changes. You must choose to acknowledge the notification before the alarm state can return to `NORMAL` . If `FALSE` , you won't receive notifications. The alarm automatically changes to the `NORMAL` state when the input property value returns to the specified range.", - "title": "Enabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::IoTEvents::AlarmModel.AlarmAction": { + "AWS::Glue::Trigger.Action": { "additionalProperties": false, "properties": { - "DynamoDB": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.DynamoDB", - "markdownDescription": "Defines an action to write to the Amazon DynamoDB table that you created. The standard action payload contains all the information about the detector model instance and the event that triggered the action. You can customize the [payload](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Payload.html) . One column of the DynamoDB table receives all attribute-value pairs in the payload that you specify.\n\nYou must use expressions for all parameters in `DynamoDBAction` . The expressions accept literals, operators, functions, references, and substitution templates.\n\n**Examples** - For literal values, the expressions must contain single quotes. For example, the value for the `hashKeyType` parameter can be `'STRING'` .\n- For references, you must specify either variables or input values. For example, the value for the `hashKeyField` parameter can be `$input.GreenhouseInput.name` .\n- For a substitution template, you must use `${}` , and the template must be in single quotes. A substitution template can also contain a combination of literals, operators, functions, references, and substitution templates.\n\nIn the following example, the value for the `hashKeyValue` parameter uses a substitution template.\n\n`'${$input.GreenhouseInput.temperature * 6 / 5 + 32} in Fahrenheit'`\n- For a string concatenation, you must use `+` . A string concatenation can also contain a combination of literals, operators, functions, references, and substitution templates.\n\nIn the following example, the value for the `tableName` parameter uses a string concatenation.\n\n`'GreenhouseTemperatureTable ' + $input.GreenhouseInput.date`\n\nFor more information, see [Expressions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-expressions.html) in the *AWS IoT Events Developer Guide* .\n\nIf the defined payload type is a string, `DynamoDBAction` writes non-JSON data to the DynamoDB table as binary data. The DynamoDB console displays the data as Base64-encoded text. The value for the `payloadField` parameter is `_raw` .", - "title": "DynamoDB" - }, - "DynamoDBv2": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.DynamoDBv2", - "markdownDescription": "Defines an action to write to the Amazon DynamoDB table that you created. The default action payload contains all the information about the detector model instance and the event that triggered the action. You can customize the [payload](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Payload.html) . A separate column of the DynamoDB table receives one attribute-value pair in the payload that you specify.\n\nYou must use expressions for all parameters in `DynamoDBv2Action` . The expressions accept literals, operators, functions, references, and substitution templates.\n\n**Examples** - For literal values, the expressions must contain single quotes. For example, the value for the `tableName` parameter can be `'GreenhouseTemperatureTable'` .\n- For references, you must specify either variables or input values. For example, the value for the `tableName` parameter can be `$variable.ddbtableName` .\n- For a substitution template, you must use `${}` , and the template must be in single quotes. A substitution template can also contain a combination of literals, operators, functions, references, and substitution templates.\n\nIn the following example, the value for the `contentExpression` parameter in `Payload` uses a substitution template.\n\n`'{\\\"sensorID\\\": \\\"${$input.GreenhouseInput.sensor_id}\\\", \\\"temperature\\\": \\\"${$input.GreenhouseInput.temperature * 9 / 5 + 32}\\\"}'`\n- For a string concatenation, you must use `+` . A string concatenation can also contain a combination of literals, operators, functions, references, and substitution templates.\n\nIn the following example, the value for the `tableName` parameter uses a string concatenation.\n\n`'GreenhouseTemperatureTable ' + $input.GreenhouseInput.date`\n\nFor more information, see [Expressions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-expressions.html) in the *AWS IoT Events Developer Guide* .\n\nThe value for the `type` parameter in `Payload` must be `JSON` .", - "title": "DynamoDBv2" - }, - "Firehose": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Firehose", - "markdownDescription": "Sends information about the detector model instance and the event that triggered the action to an Amazon Kinesis Data Firehose delivery stream.", - "title": "Firehose" - }, - "IotEvents": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.IotEvents", - "markdownDescription": "Sends an AWS IoT Events input, passing in information about the detector model instance and the event that triggered the action.", - "title": "IotEvents" + "Arguments": { + "markdownDescription": "The job arguments used when this trigger fires. For this job run, they replace the default arguments set in the job definition itself.\n\nYou can specify arguments here that your own job-execution script consumes, in addition to arguments that AWS Glue itself consumes.\n\nFor information about how to specify and consume your own job arguments, see [Calling AWS Glue APIs in Python](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-python-calling.html) in the *AWS Glue Developer Guide* .\n\nFor information about the key-value pairs that AWS Glue consumes to set up your job, see the [Special Parameters Used by AWS Glue](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-etl-glue-arguments.html) topic in the developer guide.", + "title": "Arguments", + "type": "object" }, - "IotSiteWise": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.IotSiteWise", - "markdownDescription": "Sends information about the detector model instance and the event that triggered the action to a specified asset property in AWS IoT SiteWise .\n\nYou must use expressions for all parameters in `IotSiteWiseAction` . The expressions accept literals, operators, functions, references, and substitutions templates.\n\n**Examples** - For literal values, the expressions must contain single quotes. For example, the value for the `propertyAlias` parameter can be `'/company/windfarm/3/turbine/7/temperature'` .\n- For references, you must specify either variables or input values. For example, the value for the `assetId` parameter can be `$input.TurbineInput.assetId1` .\n- For a substitution template, you must use `${}` , and the template must be in single quotes. A substitution template can also contain a combination of literals, operators, functions, references, and substitution templates.\n\nIn the following example, the value for the `propertyAlias` parameter uses a substitution template.\n\n`'company/windfarm/${$input.TemperatureInput.sensorData.windfarmID}/turbine/ ${$input.TemperatureInput.sensorData.turbineID}/temperature'`\n\nYou must specify either `propertyAlias` or both `assetId` and `propertyId` to identify the target asset property in AWS IoT SiteWise .\n\nFor more information, see [Expressions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-expressions.html) in the *AWS IoT Events Developer Guide* .", - "title": "IotSiteWise" + "CrawlerName": { + "markdownDescription": "The name of the crawler to be used with this action.", + "title": "CrawlerName", + "type": "string" }, - "IotTopicPublish": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.IotTopicPublish", - "markdownDescription": "Information required to publish the MQTT message through the AWS IoT message broker.", - "title": "IotTopicPublish" + "JobName": { + "markdownDescription": "The name of a job to be executed.", + "title": "JobName", + "type": "string" }, - "Lambda": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Lambda", - "markdownDescription": "Calls a Lambda function, passing in information about the detector model instance and the event that triggered the action.", - "title": "Lambda" + "NotificationProperty": { + "$ref": "#/definitions/AWS::Glue::Trigger.NotificationProperty", + "markdownDescription": "Specifies configuration properties of a job run notification.", + "title": "NotificationProperty" }, - "Sns": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Sns", - "markdownDescription": "Information required to publish the Amazon SNS message.", - "title": "Sns" + "SecurityConfiguration": { + "markdownDescription": "The name of the `SecurityConfiguration` structure to be used with this action.", + "title": "SecurityConfiguration", + "type": "string" }, - "Sqs": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Sqs", - "markdownDescription": "Sends information about the detector model instance and the event that triggered the action to an Amazon SQS queue.", - "title": "Sqs" + "Timeout": { + "markdownDescription": "The `JobRun` timeout in minutes. This is the maximum time that a job run can consume resources before it is terminated and enters TIMEOUT status. The default is 2,880 minutes (48 hours). This overrides the timeout value set in the parent job.", + "title": "Timeout", + "type": "number" } }, "type": "object" }, - "AWS::IoTEvents::AlarmModel.AlarmCapabilities": { + "AWS::Glue::Trigger.Condition": { "additionalProperties": false, "properties": { - "AcknowledgeFlow": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AcknowledgeFlow", - "markdownDescription": "Specifies whether to get notified for alarm state changes.", - "title": "AcknowledgeFlow" + "CrawlState": { + "markdownDescription": "The state of the crawler to which this condition applies.", + "title": "CrawlState", + "type": "string" }, - "InitializationConfiguration": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.InitializationConfiguration", - "markdownDescription": "Specifies the default alarm state. The configuration applies to all alarms that were created based on this alarm model.", - "title": "InitializationConfiguration" + "CrawlerName": { + "markdownDescription": "The name of the crawler to which this condition applies.", + "title": "CrawlerName", + "type": "string" + }, + "JobName": { + "markdownDescription": "The name of the job whose `JobRuns` this condition applies to, and on which this trigger waits.", + "title": "JobName", + "type": "string" + }, + "LogicalOperator": { + "markdownDescription": "A logical operator.", + "title": "LogicalOperator", + "type": "string" + }, + "State": { + "markdownDescription": "The condition state. Currently, the values supported are `SUCCEEDED` , `STOPPED` , `TIMEOUT` , and `FAILED` .", + "title": "State", + "type": "string" } }, "type": "object" }, - "AWS::IoTEvents::AlarmModel.AlarmEventActions": { + "AWS::Glue::Trigger.EventBatchingCondition": { "additionalProperties": false, "properties": { - "AlarmActions": { - "items": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AlarmAction" - }, - "markdownDescription": "Specifies one or more supported actions to receive notifications when the alarm state changes.", - "title": "AlarmActions", - "type": "array" + "BatchSize": { + "markdownDescription": "Number of events that must be received from Amazon EventBridge before EventBridge event trigger fires.", + "title": "BatchSize", + "type": "number" + }, + "BatchWindow": { + "markdownDescription": "Window of time in seconds after which EventBridge event trigger fires. Window starts when first event is received.", + "title": "BatchWindow", + "type": "number" } }, + "required": [ + "BatchSize" + ], "type": "object" }, - "AWS::IoTEvents::AlarmModel.AlarmRule": { + "AWS::Glue::Trigger.NotificationProperty": { "additionalProperties": false, "properties": { - "SimpleRule": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.SimpleRule", - "markdownDescription": "A rule that compares an input property value to a threshold value with a comparison operator.", - "title": "SimpleRule" + "NotifyDelayAfter": { + "markdownDescription": "After a job run starts, the number of minutes to wait before sending a job run delay notification", + "title": "NotifyDelayAfter", + "type": "number" } }, "type": "object" }, - "AWS::IoTEvents::AlarmModel.AssetPropertyTimestamp": { + "AWS::Glue::Trigger.Predicate": { "additionalProperties": false, "properties": { - "OffsetInNanos": { - "markdownDescription": "The nanosecond offset converted from `timeInSeconds` . The valid range is between 0-999999999.", - "title": "OffsetInNanos", - "type": "string" + "Conditions": { + "items": { + "$ref": "#/definitions/AWS::Glue::Trigger.Condition" + }, + "markdownDescription": "A list of the conditions that determine when the trigger will fire.", + "title": "Conditions", + "type": "array" }, - "TimeInSeconds": { - "markdownDescription": "The timestamp, in seconds, in the Unix epoch format. The valid range is between 1-31556889864403199.", - "title": "TimeInSeconds", + "Logical": { + "markdownDescription": "An optional field if only one condition is listed. If multiple conditions are listed, then this field is required.", + "title": "Logical", "type": "string" } }, - "required": [ - "TimeInSeconds" - ], "type": "object" }, - "AWS::IoTEvents::AlarmModel.AssetPropertyValue": { + "AWS::Glue::UsageProfile": { "additionalProperties": false, "properties": { - "Quality": { - "markdownDescription": "The quality of the asset property value. The value must be `'GOOD'` , `'BAD'` , or `'UNCERTAIN'` .", - "title": "Quality", + "Condition": { "type": "string" }, - "Timestamp": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AssetPropertyTimestamp", - "markdownDescription": "The timestamp associated with the asset property value. The default is the current event time.", - "title": "Timestamp" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Value": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AssetPropertyVariant", - "markdownDescription": "The value to send to an asset property.", - "title": "Value" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Configuration": { + "$ref": "#/definitions/AWS::Glue::UsageProfile.ProfileConfiguration", + "markdownDescription": "", + "title": "Configuration" + }, + "Description": { + "markdownDescription": "A description of the usage profile.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the usage profile.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Glue::UsageProfile" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Value" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoTEvents::AlarmModel.AssetPropertyVariant": { + "AWS::Glue::UsageProfile.ConfigurationObject": { "additionalProperties": false, "properties": { - "BooleanValue": { - "markdownDescription": "The asset property value is a Boolean value that must be `'TRUE'` or `'FALSE'` . You must use an expression, and the evaluated result should be a Boolean value.", - "title": "BooleanValue", - "type": "string" + "AllowedValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of allowed values for the parameter.", + "title": "AllowedValues", + "type": "array" }, - "DoubleValue": { - "markdownDescription": "The asset property value is a double. You must use an expression, and the evaluated result should be a double.", - "title": "DoubleValue", + "DefaultValue": { + "markdownDescription": "A default value for the parameter.", + "title": "DefaultValue", "type": "string" }, - "IntegerValue": { - "markdownDescription": "The asset property value is an integer. You must use an expression, and the evaluated result should be an integer.", - "title": "IntegerValue", + "MaxValue": { + "markdownDescription": "A maximum allowed value for the parameter.", + "title": "MaxValue", "type": "string" }, - "StringValue": { - "markdownDescription": "The asset property value is a string. You must use an expression, and the evaluated result should be a string.", - "title": "StringValue", + "MinValue": { + "markdownDescription": "A minimum allowed value for the parameter.", + "title": "MinValue", "type": "string" } }, "type": "object" }, - "AWS::IoTEvents::AlarmModel.DynamoDB": { + "AWS::Glue::UsageProfile.ProfileConfiguration": { "additionalProperties": false, "properties": { - "HashKeyField": { - "markdownDescription": "The name of the hash key (also called the partition key). The `hashKeyField` value must match the partition key of the target DynamoDB table.", - "title": "HashKeyField", - "type": "string" - }, - "HashKeyType": { - "markdownDescription": "The data type for the hash key (also called the partition key). You can specify the following values:\n\n- `'STRING'` - The hash key is a string.\n- `'NUMBER'` - The hash key is a number.\n\nIf you don't specify `hashKeyType` , the default value is `'STRING'` .", - "title": "HashKeyType", - "type": "string" + "JobConfiguration": { + "additionalProperties": false, + "markdownDescription": "A key-value map of configuration parameters for AWS Glue jobs.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::Glue::UsageProfile.ConfigurationObject" + } + }, + "title": "JobConfiguration", + "type": "object" }, - "HashKeyValue": { - "markdownDescription": "The value of the hash key (also called the partition key).", - "title": "HashKeyValue", + "SessionConfiguration": { + "additionalProperties": false, + "markdownDescription": "A key-value map of configuration parameters for AWS Glue sessions.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::Glue::UsageProfile.ConfigurationObject" + } + }, + "title": "SessionConfiguration", + "type": "object" + } + }, + "type": "object" + }, + "AWS::Glue::Workflow": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "Operation": { - "markdownDescription": "The type of operation to perform. You can specify the following values:\n\n- `'INSERT'` - Insert data as a new item into the DynamoDB table. This item uses the specified hash key as a partition key. If you specified a range key, the item uses the range key as a sort key.\n- `'UPDATE'` - Update an existing item of the DynamoDB table with new data. This item's partition key must match the specified hash key. If you specified a range key, the range key must match the item's sort key.\n- `'DELETE'` - Delete an existing item of the DynamoDB table. This item's partition key must match the specified hash key. If you specified a range key, the range key must match the item's sort key.\n\nIf you don't specify this parameter, AWS IoT Events triggers the `'INSERT'` operation.", - "title": "Operation", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", - "markdownDescription": "Information needed to configure the payload.\n\nBy default, AWS IoT Events generates a standard payload in JSON for any action. This action payload contains all attribute-value pairs that have the information about the detector model instance and the event triggered the action. To configure the action payload, you can use `contentExpression` .", - "title": "Payload" - }, - "PayloadField": { - "markdownDescription": "The name of the DynamoDB column that receives the action payload.\n\nIf you don't specify this parameter, the name of the DynamoDB column is `payload` .", - "title": "PayloadField", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "RangeKeyField": { - "markdownDescription": "The name of the range key (also called the sort key). The `rangeKeyField` value must match the sort key of the target DynamoDB table.", - "title": "RangeKeyField", - "type": "string" + "Metadata": { + "type": "object" }, - "RangeKeyType": { - "markdownDescription": "The data type for the range key (also called the sort key), You can specify the following values:\n\n- `'STRING'` - The range key is a string.\n- `'NUMBER'` - The range key is number.\n\nIf you don't specify `rangeKeyField` , the default value is `'STRING'` .", - "title": "RangeKeyType", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "DefaultRunProperties": { + "markdownDescription": "A collection of properties to be used as part of each execution of the workflow", + "title": "DefaultRunProperties", + "type": "object" + }, + "Description": { + "markdownDescription": "A description of the workflow", + "title": "Description", + "type": "string" + }, + "MaxConcurrentRuns": { + "markdownDescription": "You can use this parameter to prevent unwanted multiple updates to data, to control costs, or in some cases, to prevent exceeding the maximum number of concurrent runs of any of the component jobs. If you leave this parameter blank, there is no limit to the number of concurrent workflow runs.", + "title": "MaxConcurrentRuns", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of the workflow representing the flow", + "title": "Name", + "type": "string" + }, + "Tags": { + "markdownDescription": "The tags to use with this workflow.", + "title": "Tags", + "type": "object" + } + }, + "type": "object" }, - "RangeKeyValue": { - "markdownDescription": "The value of the range key (also called the sort key).", - "title": "RangeKeyValue", + "Type": { + "enum": [ + "AWS::Glue::Workflow" + ], "type": "string" }, - "TableName": { - "markdownDescription": "The name of the DynamoDB table. The `tableName` value must match the table name of the target DynamoDB table.", - "title": "TableName", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "HashKeyField", - "HashKeyValue", - "TableName" + "Type" ], "type": "object" }, - "AWS::IoTEvents::AlarmModel.DynamoDBv2": { + "AWS::Grafana::Workspace": { "additionalProperties": false, "properties": { - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", - "markdownDescription": "Information needed to configure the payload.\n\nBy default, AWS IoT Events generates a standard payload in JSON for any action. This action payload contains all attribute-value pairs that have the information about the detector model instance and the event triggered the action. To configure the action payload, you can use `contentExpression` .", - "title": "Payload" - }, - "TableName": { - "markdownDescription": "The name of the DynamoDB table.", - "title": "TableName", + "Condition": { "type": "string" - } - }, - "required": [ - "TableName" - ], - "type": "object" - }, - "AWS::IoTEvents::AlarmModel.Firehose": { - "additionalProperties": false, - "properties": { - "DeliveryStreamName": { - "markdownDescription": "The name of the Kinesis Data Firehose delivery stream where the data is written.", - "title": "DeliveryStreamName", + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", - "markdownDescription": "You can configure the action payload when you send a message to an Amazon Data Firehose delivery stream.", - "title": "Payload" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Separator": { - "markdownDescription": "A character separator that is used to separate records written to the Kinesis Data Firehose delivery stream. Valid values are: '\\n' (newline), '\\t' (tab), '\\r\\n' (Windows newline), ',' (comma).", - "title": "Separator", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AccountAccessType": { + "markdownDescription": "Specifies whether the workspace can access AWS resources in this AWS account only, or whether it can also access AWS resources in other accounts in the same organization. If this is `ORGANIZATION` , the `OrganizationalUnits` parameter specifies which organizational units the workspace can access.", + "title": "AccountAccessType", + "type": "string" + }, + "AuthenticationProviders": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies whether this workspace uses SAML 2.0, AWS IAM Identity Center , or both to authenticate users for using the Grafana console within a workspace. For more information, see [User authentication in Amazon Managed Grafana](https://docs.aws.amazon.com/grafana/latest/userguide/authentication-in-AMG.html) .\n\n*Allowed Values* : `AWS_SSO | SAML`", + "title": "AuthenticationProviders", + "type": "array" + }, + "ClientToken": { + "markdownDescription": "A unique, case-sensitive, user-provided identifier to ensure the idempotency of the request.", + "title": "ClientToken", + "type": "string" + }, + "DataSources": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the AWS data sources that have been configured to have IAM roles and permissions created to allow Amazon Managed Grafana to read data from these sources.\n\nThis list is only used when the workspace was created through the AWS console, and the `permissionType` is `SERVICE_MANAGED` .", + "title": "DataSources", + "type": "array" + }, + "Description": { + "markdownDescription": "The user-defined description of the workspace.", + "title": "Description", + "type": "string" + }, + "GrafanaVersion": { + "markdownDescription": "Specifies the version of Grafana to support in the workspace. Defaults to the latest version on create (for example, 9.4), or the current version of the workspace on update.\n\nCan only be used to upgrade (for example, from 8.4 to 9.4), not downgrade (for example, from 9.4 to 8.4).\n\nTo know what versions are available to upgrade to for a specific workspace, see the [ListVersions](https://docs.aws.amazon.com/grafana/latest/APIReference/API_ListVersions.html) operation.", + "title": "GrafanaVersion", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the workspace.", + "title": "Name", + "type": "string" + }, + "NetworkAccessControl": { + "$ref": "#/definitions/AWS::Grafana::Workspace.NetworkAccessControl", + "markdownDescription": "The configuration settings for network access to your workspace.", + "title": "NetworkAccessControl" + }, + "NotificationDestinations": { + "items": { + "type": "string" + }, + "markdownDescription": "The AWS notification channels that Amazon Managed Grafana can automatically create IAM roles and permissions for, to allow Amazon Managed Grafana to use these channels.\n\n*AllowedValues* : `SNS`", + "title": "NotificationDestinations", + "type": "array" + }, + "OrganizationRoleName": { + "markdownDescription": "The name of the IAM role that is used to access resources through Organizations.", + "title": "OrganizationRoleName", + "type": "string" + }, + "OrganizationalUnits": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the organizational units that this workspace is allowed to use data sources from, if this workspace is in an account that is part of an organization.", + "title": "OrganizationalUnits", + "type": "array" + }, + "PermissionType": { + "markdownDescription": "If this is `SERVICE_MANAGED` , and the workplace was created through the Amazon Managed Grafana console, then Amazon Managed Grafana automatically creates the IAM roles and provisions the permissions that the workspace needs to use AWS data sources and notification channels.\n\nIf this is `CUSTOMER_MANAGED` , you must manage those roles and permissions yourself.\n\nIf you are working with a workspace in a member account of an organization and that account is not a delegated administrator account, and you want the workspace to access data sources in other AWS accounts in the organization, this parameter must be set to `CUSTOMER_MANAGED` .\n\nFor more information about converting between customer and service managed, see [Managing permissions for data sources and notification channels](https://docs.aws.amazon.com/grafana/latest/userguide/AMG-datasource-and-notification.html) . For more information about the roles and permissions that must be managed for customer managed workspaces, see [Amazon Managed Grafana permissions and policies for AWS data sources and notification channels](https://docs.aws.amazon.com/grafana/latest/userguide/AMG-manage-permissions.html)", + "title": "PermissionType", + "type": "string" + }, + "PluginAdminEnabled": { + "markdownDescription": "Whether plugin administration is enabled in the workspace. Setting to `true` allows workspace admins to install, uninstall, and update plugins from within the Grafana workspace.\n\n> This option is only valid for workspaces that support Grafana version 9 or newer.", + "title": "PluginAdminEnabled", + "type": "boolean" + }, + "RoleArn": { + "markdownDescription": "The IAM role that grants permissions to the AWS resources that the workspace will view data from. This role must already exist.", + "title": "RoleArn", + "type": "string" + }, + "SamlConfiguration": { + "$ref": "#/definitions/AWS::Grafana::Workspace.SamlConfiguration", + "markdownDescription": "If the workspace uses SAML, use this structure to map SAML assertion attributes to workspace user information and define which groups in the assertion attribute are to have the `Admin` and `Editor` roles in the workspace.", + "title": "SamlConfiguration" + }, + "StackSetName": { + "markdownDescription": "The name of the AWS CloudFormation stack set that is used to generate IAM roles to be used for this workspace.", + "title": "StackSetName", + "type": "string" + }, + "VpcConfiguration": { + "$ref": "#/definitions/AWS::Grafana::Workspace.VpcConfiguration", + "markdownDescription": "The configuration settings for an Amazon VPC that contains data sources for your Grafana workspace to connect to.\n\n> Connecting to a private VPC is not yet available in the Asia Pacific (Seoul) Region (ap-northeast-2).", + "title": "VpcConfiguration" + } + }, + "required": [ + "AccountAccessType", + "AuthenticationProviders", + "PermissionType" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Grafana::Workspace" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "DeliveryStreamName" - ], - "type": "object" - }, - "AWS::IoTEvents::AlarmModel.InitializationConfiguration": { - "additionalProperties": false, - "properties": { - "DisabledOnInitialization": { - "markdownDescription": "The value must be `TRUE` or `FALSE` . If `FALSE` , all alarm instances created based on the alarm model are activated. The default value is `TRUE` .", - "title": "DisabledOnInitialization", - "type": "boolean" - } - }, - "required": [ - "DisabledOnInitialization" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoTEvents::AlarmModel.IotEvents": { + "AWS::Grafana::Workspace.AssertionAttributes": { "additionalProperties": false, "properties": { - "InputName": { - "markdownDescription": "The name of the AWS IoT Events input where the data is sent.", - "title": "InputName", + "Email": { + "markdownDescription": "The name of the attribute within the SAML assertion to use as the email names for SAML users.", + "title": "Email", "type": "string" }, - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", - "markdownDescription": "You can configure the action payload when you send a message to an AWS IoT Events input.", - "title": "Payload" - } - }, - "required": [ - "InputName" - ], - "type": "object" - }, - "AWS::IoTEvents::AlarmModel.IotSiteWise": { - "additionalProperties": false, - "properties": { - "AssetId": { - "markdownDescription": "The ID of the asset that has the specified property.", - "title": "AssetId", + "Groups": { + "markdownDescription": "The name of the attribute within the SAML assertion to use as the user full \"friendly\" names for user groups.", + "title": "Groups", "type": "string" }, - "EntryId": { - "markdownDescription": "A unique identifier for this entry. You can use the entry ID to track which data entry causes an error in case of failure. The default is a new unique identifier.", - "title": "EntryId", + "Login": { + "markdownDescription": "The name of the attribute within the SAML assertion to use as the login names for SAML users.", + "title": "Login", "type": "string" }, - "PropertyAlias": { - "markdownDescription": "The alias of the asset property.", - "title": "PropertyAlias", + "Name": { + "markdownDescription": "The name of the attribute within the SAML assertion to use as the user full \"friendly\" names for SAML users.", + "title": "Name", "type": "string" }, - "PropertyId": { - "markdownDescription": "The ID of the asset property.", - "title": "PropertyId", + "Org": { + "markdownDescription": "The name of the attribute within the SAML assertion to use as the user full \"friendly\" names for the users' organizations.", + "title": "Org", "type": "string" }, - "PropertyValue": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AssetPropertyValue", - "markdownDescription": "The value to send to the asset property. This value contains timestamp, quality, and value (TQV) information.", - "title": "PropertyValue" + "Role": { + "markdownDescription": "The name of the attribute within the SAML assertion to use as the user roles.", + "title": "Role", + "type": "string" } }, "type": "object" }, - "AWS::IoTEvents::AlarmModel.IotTopicPublish": { + "AWS::Grafana::Workspace.IdpMetadata": { "additionalProperties": false, "properties": { - "MqttTopic": { - "markdownDescription": "The MQTT topic of the message. You can use a string expression that includes variables ( `$variable.` ) and input values ( `$input..` ) as the topic string.", - "title": "MqttTopic", + "Url": { + "markdownDescription": "The URL of the location containing the IdP metadata.", + "title": "Url", "type": "string" }, - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", - "markdownDescription": "You can configure the action payload when you publish a message to an AWS IoT Core topic.", - "title": "Payload" + "Xml": { + "markdownDescription": "The full IdP metadata, in XML format.", + "title": "Xml", + "type": "string" } }, - "required": [ - "MqttTopic" - ], "type": "object" }, - "AWS::IoTEvents::AlarmModel.Lambda": { + "AWS::Grafana::Workspace.NetworkAccessControl": { "additionalProperties": false, "properties": { - "FunctionArn": { - "markdownDescription": "The ARN of the Lambda function that is executed.", - "title": "FunctionArn", - "type": "string" + "PrefixListIds": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of prefix list IDs. A prefix list is a list of CIDR ranges of IP addresses. The IP addresses specified are allowed to access your workspace. If the list is not included in the configuration (passed an empty array) then no IP addresses are allowed to access the workspace. You create a prefix list using the Amazon VPC console.\n\nPrefix list IDs have the format `pl- *1a2b3c4d*` .\n\nFor more information about prefix lists, see [Group CIDR blocks using managed prefix lists](https://docs.aws.amazon.com/vpc/latest/userguide/managed-prefix-lists.html) in the *Amazon Virtual Private Cloud User Guide* .", + "title": "PrefixListIds", + "type": "array" }, - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", - "markdownDescription": "You can configure the action payload when you send a message to a Lambda function.", - "title": "Payload" + "VpceIds": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of Amazon VPC endpoint IDs for the workspace. You can create VPC endpoints to your Amazon Managed Grafana workspace for access from within a VPC. If a `NetworkAccessConfiguration` is specified then only VPC endpoints specified here are allowed to access the workspace. If you pass in an empty array of strings, then no VPCs are allowed to access the workspace.\n\nVPC endpoint IDs have the format `vpce- *1a2b3c4d*` .\n\nFor more information about creating an interface VPC endpoint, see [Interface VPC endpoints](https://docs.aws.amazon.com/grafana/latest/userguide/VPC-endpoints) in the *Amazon Managed Grafana User Guide* .\n\n> The only VPC endpoints that can be specified here are interface VPC endpoints for Grafana workspaces (using the `com.amazonaws.[region].grafana-workspace` service endpoint). Other VPC endpoints are ignored.", + "title": "VpceIds", + "type": "array" } }, - "required": [ - "FunctionArn" - ], "type": "object" }, - "AWS::IoTEvents::AlarmModel.Payload": { + "AWS::Grafana::Workspace.RoleValues": { "additionalProperties": false, "properties": { - "ContentExpression": { - "markdownDescription": "The content of the payload. You can use a string expression that includes quoted strings ( `''` ), variables ( `$variable.` ), input values ( `$input..` ), string concatenations, and quoted strings that contain `${}` as the content. The recommended maximum size of a content expression is 1 KB.", - "title": "ContentExpression", - "type": "string" + "Admin": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of groups from the SAML assertion attribute to grant the Grafana `Admin` role to.", + "title": "Admin", + "type": "array" }, - "Type": { - "markdownDescription": "The value of the payload type can be either `STRING` or `JSON` .", - "title": "Type", - "type": "string" + "Editor": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of groups from the SAML assertion attribute to grant the Grafana `Editor` role to.", + "title": "Editor", + "type": "array" } }, - "required": [ - "ContentExpression", - "Type" - ], "type": "object" }, - "AWS::IoTEvents::AlarmModel.SimpleRule": { + "AWS::Grafana::Workspace.SamlConfiguration": { "additionalProperties": false, "properties": { - "ComparisonOperator": { - "markdownDescription": "The comparison operator.", - "title": "ComparisonOperator", - "type": "string" + "AllowedOrganizations": { + "items": { + "type": "string" + }, + "markdownDescription": "Lists which organizations defined in the SAML assertion are allowed to use the Amazon Managed Grafana workspace. If this is empty, all organizations in the assertion attribute have access.", + "title": "AllowedOrganizations", + "type": "array" }, - "InputProperty": { - "markdownDescription": "The value on the left side of the comparison operator. You can specify an AWS IoT Events input attribute as an input property.", - "title": "InputProperty", - "type": "string" + "AssertionAttributes": { + "$ref": "#/definitions/AWS::Grafana::Workspace.AssertionAttributes", + "markdownDescription": "A structure that defines which attributes in the SAML assertion are to be used to define information about the users authenticated by that IdP to use the workspace.", + "title": "AssertionAttributes" }, - "Threshold": { - "markdownDescription": "The value on the right side of the comparison operator. You can enter a number or specify an AWS IoT Events input attribute.", - "title": "Threshold", - "type": "string" - } - }, - "required": [ - "ComparisonOperator", - "InputProperty", - "Threshold" - ], - "type": "object" - }, - "AWS::IoTEvents::AlarmModel.Sns": { - "additionalProperties": false, - "properties": { - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", - "markdownDescription": "You can configure the action payload when you send a message as an Amazon SNS push notification.", - "title": "Payload" + "IdpMetadata": { + "$ref": "#/definitions/AWS::Grafana::Workspace.IdpMetadata", + "markdownDescription": "A structure containing the identity provider (IdP) metadata used to integrate the identity provider with this workspace.", + "title": "IdpMetadata" }, - "TargetArn": { - "markdownDescription": "The ARN of the Amazon SNS target where the message is sent.", - "title": "TargetArn", - "type": "string" + "LoginValidityDuration": { + "markdownDescription": "How long a sign-on session by a SAML user is valid, before the user has to sign on again.", + "title": "LoginValidityDuration", + "type": "number" + }, + "RoleValues": { + "$ref": "#/definitions/AWS::Grafana::Workspace.RoleValues", + "markdownDescription": "A structure containing arrays that map group names in the SAML assertion to the Grafana `Admin` and `Editor` roles in the workspace.", + "title": "RoleValues" } }, "required": [ - "TargetArn" + "IdpMetadata" ], "type": "object" }, - "AWS::IoTEvents::AlarmModel.Sqs": { + "AWS::Grafana::Workspace.VpcConfiguration": { "additionalProperties": false, "properties": { - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", - "markdownDescription": "You can configure the action payload when you send a message to an Amazon SQS queue.", - "title": "Payload" - }, - "QueueUrl": { - "markdownDescription": "The URL of the SQS queue where the data is written.", - "title": "QueueUrl", - "type": "string" + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of Amazon EC2 security group IDs attached to the Amazon VPC for your Grafana workspace to connect. Duplicates not allowed.\n\n*Array Members* : Minimum number of 1 items. Maximum number of 5 items.\n\n*Length* : Minimum length of 0. Maximum length of 255.", + "title": "SecurityGroupIds", + "type": "array" }, - "UseBase64": { - "markdownDescription": "Set this to TRUE if you want the data to be base-64 encoded before it is written to the queue. Otherwise, set this to FALSE.", - "title": "UseBase64", - "type": "boolean" + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of Amazon EC2 subnet IDs created in the Amazon VPC for your Grafana workspace to connect. Duplicates not allowed.\n\n*Array Members* : Minimum number of 2 items. Maximum number of 6 items.\n\n*Length* : Minimum length of 0. Maximum length of 255.", + "title": "SubnetIds", + "type": "array" } }, "required": [ - "QueueUrl" + "SecurityGroupIds", + "SubnetIds" ], "type": "object" }, - "AWS::IoTEvents::DetectorModel": { + "AWS::Greengrass::ConnectorDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -126920,54 +133121,30 @@ "Properties": { "additionalProperties": false, "properties": { - "DetectorModelDefinition": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.DetectorModelDefinition", - "markdownDescription": "Information that defines how a detector operates.", - "title": "DetectorModelDefinition" - }, - "DetectorModelDescription": { - "markdownDescription": "A brief description of the detector model.", - "title": "DetectorModelDescription", - "type": "string" - }, - "DetectorModelName": { - "markdownDescription": "The name of the detector model.", - "title": "DetectorModelName", - "type": "string" - }, - "EvaluationMethod": { - "markdownDescription": "Information about the order in which events are evaluated and how actions are executed.", - "title": "EvaluationMethod", - "type": "string" - }, - "Key": { - "markdownDescription": "The value used to identify a detector instance. When a device or system sends input, a new detector instance with a unique key value is created. AWS IoT Events can continue to route input to its corresponding detector instance based on this identifying information.\n\nThis parameter uses a JSON-path expression to select the attribute-value pair in the message payload that is used for identification. To route the message to the correct detector instance, the device must send a message payload that contains the same attribute-value.", - "title": "Key", - "type": "string" + "InitialVersion": { + "$ref": "#/definitions/AWS::Greengrass::ConnectorDefinition.ConnectorDefinitionVersion", + "markdownDescription": "The connector definition version to include when the connector definition is created. A connector definition version contains a list of [`connector`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-connectordefinition-connector.html) property types.\n\n> To associate a connector definition version after the connector definition is created, create an [`AWS::Greengrass::ConnectorDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-connectordefinitionversion.html) resource and specify the ID of this connector definition.", + "title": "InitialVersion" }, - "RoleArn": { - "markdownDescription": "The ARN of the role that grants permission to AWS IoT Events to perform its operations.", - "title": "RoleArn", + "Name": { + "markdownDescription": "The name of the connector definition.", + "title": "Name", "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "Application-specific metadata to attach to the connector definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", "title": "Tags", - "type": "array" + "type": "object" } }, "required": [ - "DetectorModelDefinition", - "RoleArn" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTEvents::DetectorModel" + "AWS::Greengrass::ConnectorDefinition" ], "type": "string" }, @@ -126986,640 +133163,382 @@ ], "type": "object" }, - "AWS::IoTEvents::DetectorModel.Action": { + "AWS::Greengrass::ConnectorDefinition.Connector": { "additionalProperties": false, "properties": { - "ClearTimer": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.ClearTimer", - "markdownDescription": "Information needed to clear the timer.", - "title": "ClearTimer" - }, - "DynamoDB": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.DynamoDB", - "markdownDescription": "Writes to the DynamoDB table that you created. The default action payload contains all attribute-value pairs that have the information about the detector model instance and the event that triggered the action. You can customize the [payload](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Payload.html) . One column of the DynamoDB table receives all attribute-value pairs in the payload that you specify. For more information, see [Actions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-event-actions.html) in *AWS IoT Events Developer Guide* .", - "title": "DynamoDB" - }, - "DynamoDBv2": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.DynamoDBv2", - "markdownDescription": "Writes to the DynamoDB table that you created. The default action payload contains all attribute-value pairs that have the information about the detector model instance and the event that triggered the action. You can customize the [payload](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Payload.html) . A separate column of the DynamoDB table receives one attribute-value pair in the payload that you specify. For more information, see [Actions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-event-actions.html) in *AWS IoT Events Developer Guide* .", - "title": "DynamoDBv2" + "ConnectorArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the connector.\n\nFor more information about connectors provided by AWS , see [Greengrass Connectors Provided by AWS](https://docs.aws.amazon.com/greengrass/v1/developerguide/connectors-list.html) .", + "title": "ConnectorArn", + "type": "string" }, - "Firehose": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Firehose", - "markdownDescription": "Sends information about the detector model instance and the event that triggered the action to an Amazon Kinesis Data Firehose delivery stream.", - "title": "Firehose" + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the connector. This value must be unique within the connector definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", + "type": "string" }, - "IotEvents": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.IotEvents", - "markdownDescription": "Sends AWS IoT Events input, which passes information about the detector model instance and the event that triggered the action.", - "title": "IotEvents" - }, - "IotSiteWise": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.IotSiteWise", - "markdownDescription": "Sends information about the detector model instance and the event that triggered the action to an asset property in AWS IoT SiteWise .", - "title": "IotSiteWise" - }, - "IotTopicPublish": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.IotTopicPublish", - "markdownDescription": "Publishes an MQTT message with the given topic to the AWS IoT message broker.", - "title": "IotTopicPublish" - }, - "Lambda": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Lambda", - "markdownDescription": "Calls a Lambda function, passing in information about the detector model instance and the event that triggered the action.", - "title": "Lambda" - }, - "ResetTimer": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.ResetTimer", - "markdownDescription": "Information needed to reset the timer.", - "title": "ResetTimer" - }, - "SetTimer": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.SetTimer", - "markdownDescription": "Information needed to set the timer.", - "title": "SetTimer" - }, - "SetVariable": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.SetVariable", - "markdownDescription": "Sets a variable to a specified value.", - "title": "SetVariable" - }, - "Sns": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Sns", - "markdownDescription": "Sends an Amazon SNS message.", - "title": "Sns" - }, - "Sqs": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Sqs", - "markdownDescription": "Sends an Amazon SNS message.", - "title": "Sqs" - } - }, - "type": "object" - }, - "AWS::IoTEvents::DetectorModel.AssetPropertyTimestamp": { - "additionalProperties": false, - "properties": { - "OffsetInNanos": { - "markdownDescription": "The nanosecond offset converted from `timeInSeconds` . The valid range is between 0-999999999.", - "title": "OffsetInNanos", - "type": "string" - }, - "TimeInSeconds": { - "markdownDescription": "The timestamp, in seconds, in the Unix epoch format. The valid range is between 1-31556889864403199.", - "title": "TimeInSeconds", - "type": "string" - } - }, - "required": [ - "TimeInSeconds" - ], - "type": "object" - }, - "AWS::IoTEvents::DetectorModel.AssetPropertyValue": { - "additionalProperties": false, - "properties": { - "Quality": { - "markdownDescription": "The quality of the asset property value. The value must be `'GOOD'` , `'BAD'` , or `'UNCERTAIN'` .", - "title": "Quality", - "type": "string" - }, - "Timestamp": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.AssetPropertyTimestamp", - "markdownDescription": "The timestamp associated with the asset property value. The default is the current event time.", - "title": "Timestamp" - }, - "Value": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.AssetPropertyVariant", - "markdownDescription": "The value to send to an asset property.", - "title": "Value" - } - }, - "required": [ - "Value" - ], - "type": "object" - }, - "AWS::IoTEvents::DetectorModel.AssetPropertyVariant": { - "additionalProperties": false, - "properties": { - "BooleanValue": { - "markdownDescription": "The asset property value is a Boolean value that must be `'TRUE'` or `'FALSE'` . You must use an expression, and the evaluated result should be a Boolean value.", - "title": "BooleanValue", - "type": "string" - }, - "DoubleValue": { - "markdownDescription": "The asset property value is a double. You must use an expression, and the evaluated result should be a double.", - "title": "DoubleValue", - "type": "string" - }, - "IntegerValue": { - "markdownDescription": "The asset property value is an integer. You must use an expression, and the evaluated result should be an integer.", - "title": "IntegerValue", - "type": "string" - }, - "StringValue": { - "markdownDescription": "The asset property value is a string. You must use an expression, and the evaluated result should be a string.", - "title": "StringValue", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoTEvents::DetectorModel.ClearTimer": { - "additionalProperties": false, - "properties": { - "TimerName": { - "markdownDescription": "The name of the timer to clear.", - "title": "TimerName", - "type": "string" + "Parameters": { + "markdownDescription": "The parameters or configuration used by the connector.\n\nFor more information about connectors provided by AWS , see [Greengrass Connectors Provided by AWS](https://docs.aws.amazon.com/greengrass/v1/developerguide/connectors-list.html) .", + "title": "Parameters", + "type": "object" } }, "required": [ - "TimerName" + "ConnectorArn", + "Id" ], "type": "object" }, - "AWS::IoTEvents::DetectorModel.DetectorModelDefinition": { + "AWS::Greengrass::ConnectorDefinition.ConnectorDefinitionVersion": { "additionalProperties": false, "properties": { - "InitialStateName": { - "markdownDescription": "The state that is entered at the creation of each detector (instance).", - "title": "InitialStateName", - "type": "string" - }, - "States": { + "Connectors": { "items": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.State" + "$ref": "#/definitions/AWS::Greengrass::ConnectorDefinition.Connector" }, - "markdownDescription": "Information about the states of the detector.", - "title": "States", + "markdownDescription": "The connectors in this version. Only one instance of a given connector can be added to a connector definition version at a time.", + "title": "Connectors", "type": "array" } }, "required": [ - "InitialStateName", - "States" + "Connectors" ], "type": "object" }, - "AWS::IoTEvents::DetectorModel.DynamoDB": { + "AWS::Greengrass::ConnectorDefinitionVersion": { "additionalProperties": false, "properties": { - "HashKeyField": { - "markdownDescription": "The name of the hash key (also called the partition key). The `hashKeyField` value must match the partition key of the target DynamoDB table.", - "title": "HashKeyField", - "type": "string" - }, - "HashKeyType": { - "markdownDescription": "The data type for the hash key (also called the partition key). You can specify the following values:\n\n- `'STRING'` - The hash key is a string.\n- `'NUMBER'` - The hash key is a number.\n\nIf you don't specify `hashKeyType` , the default value is `'STRING'` .", - "title": "HashKeyType", - "type": "string" - }, - "HashKeyValue": { - "markdownDescription": "The value of the hash key (also called the partition key).", - "title": "HashKeyValue", + "Condition": { "type": "string" }, - "Operation": { - "markdownDescription": "The type of operation to perform. You can specify the following values:\n\n- `'INSERT'` - Insert data as a new item into the DynamoDB table. This item uses the specified hash key as a partition key. If you specified a range key, the item uses the range key as a sort key.\n- `'UPDATE'` - Update an existing item of the DynamoDB table with new data. This item's partition key must match the specified hash key. If you specified a range key, the range key must match the item's sort key.\n- `'DELETE'` - Delete an existing item of the DynamoDB table. This item's partition key must match the specified hash key. If you specified a range key, the range key must match the item's sort key.\n\nIf you don't specify this parameter, AWS IoT Events triggers the `'INSERT'` operation.", - "title": "Operation", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", - "markdownDescription": "Information needed to configure the payload.\n\nBy default, AWS IoT Events generates a standard payload in JSON for any action. This action payload contains all attribute-value pairs that have the information about the detector model instance and the event triggered the action. To configure the action payload, you can use `contentExpression` .", - "title": "Payload" - }, - "PayloadField": { - "markdownDescription": "The name of the DynamoDB column that receives the action payload.\n\nIf you don't specify this parameter, the name of the DynamoDB column is `payload` .", - "title": "PayloadField", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "RangeKeyField": { - "markdownDescription": "The name of the range key (also called the sort key). The `rangeKeyField` value must match the sort key of the target DynamoDB table.", - "title": "RangeKeyField", - "type": "string" + "Metadata": { + "type": "object" }, - "RangeKeyType": { - "markdownDescription": "The data type for the range key (also called the sort key), You can specify the following values:\n\n- `'STRING'` - The range key is a string.\n- `'NUMBER'` - The range key is number.\n\nIf you don't specify `rangeKeyField` , the default value is `'STRING'` .", - "title": "RangeKeyType", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "ConnectorDefinitionId": { + "markdownDescription": "The ID of the connector definition associated with this version. This value is a GUID.", + "title": "ConnectorDefinitionId", + "type": "string" + }, + "Connectors": { + "items": { + "$ref": "#/definitions/AWS::Greengrass::ConnectorDefinitionVersion.Connector" + }, + "markdownDescription": "The connectors in this version. Only one instance of a given connector can be added to the connector definition version at a time.", + "title": "Connectors", + "type": "array" + } + }, + "required": [ + "ConnectorDefinitionId", + "Connectors" + ], + "type": "object" }, - "RangeKeyValue": { - "markdownDescription": "The value of the range key (also called the sort key).", - "title": "RangeKeyValue", + "Type": { + "enum": [ + "AWS::Greengrass::ConnectorDefinitionVersion" + ], "type": "string" }, - "TableName": { - "markdownDescription": "The name of the DynamoDB table. The `tableName` value must match the table name of the target DynamoDB table.", - "title": "TableName", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "HashKeyField", - "HashKeyValue", - "TableName" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoTEvents::DetectorModel.DynamoDBv2": { + "AWS::Greengrass::ConnectorDefinitionVersion.Connector": { "additionalProperties": false, "properties": { - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", - "markdownDescription": "Information needed to configure the payload.\n\nBy default, AWS IoT Events generates a standard payload in JSON for any action. This action payload contains all attribute-value pairs that have the information about the detector model instance and the event triggered the action. To configure the action payload, you can use `contentExpression` .", - "title": "Payload" - }, - "TableName": { - "markdownDescription": "The name of the DynamoDB table.", - "title": "TableName", + "ConnectorArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the connector.\n\nFor more information about connectors provided by AWS , see [Greengrass Connectors Provided by AWS](https://docs.aws.amazon.com/greengrass/v1/developerguide/connectors-list.html) .", + "title": "ConnectorArn", "type": "string" - } - }, - "required": [ - "TableName" - ], - "type": "object" - }, - "AWS::IoTEvents::DetectorModel.Event": { - "additionalProperties": false, - "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Action" - }, - "markdownDescription": "The actions to be performed.", - "title": "Actions", - "type": "array" }, - "Condition": { - "markdownDescription": "Optional. The Boolean expression that, when TRUE, causes the `actions` to be performed. If not present, the actions are performed (=TRUE). If the expression result is not a Boolean value, the actions are not performed (=FALSE).", - "title": "Condition", + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the connector. This value must be unique within the connector definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", "type": "string" }, - "EventName": { - "markdownDescription": "The name of the event.", - "title": "EventName", - "type": "string" + "Parameters": { + "markdownDescription": "The parameters or configuration that the connector uses.\n\nFor more information about connectors provided by AWS , see [Greengrass Connectors Provided by AWS](https://docs.aws.amazon.com/greengrass/v1/developerguide/connectors-list.html) .", + "title": "Parameters", + "type": "object" } }, "required": [ - "EventName" + "ConnectorArn", + "Id" ], "type": "object" }, - "AWS::IoTEvents::DetectorModel.Firehose": { + "AWS::Greengrass::CoreDefinition": { "additionalProperties": false, "properties": { - "DeliveryStreamName": { - "markdownDescription": "The name of the Kinesis Data Firehose delivery stream where the data is written.", - "title": "DeliveryStreamName", + "Condition": { "type": "string" }, - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", - "markdownDescription": "You can configure the action payload when you send a message to an Amazon Data Firehose delivery stream.", - "title": "Payload" - }, - "Separator": { - "markdownDescription": "A character separator that is used to separate records written to the Kinesis Data Firehose delivery stream. Valid values are: '\\n' (newline), '\\t' (tab), '\\r\\n' (Windows newline), ',' (comma).", - "title": "Separator", - "type": "string" - } - }, - "required": [ - "DeliveryStreamName" - ], - "type": "object" - }, - "AWS::IoTEvents::DetectorModel.IotEvents": { - "additionalProperties": false, - "properties": { - "InputName": { - "markdownDescription": "The name of the AWS IoT Events input where the data is sent.", - "title": "InputName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", - "markdownDescription": "You can configure the action payload when you send a message to an AWS IoT Events input.", - "title": "Payload" - } - }, - "required": [ - "InputName" - ], - "type": "object" - }, - "AWS::IoTEvents::DetectorModel.IotSiteWise": { - "additionalProperties": false, - "properties": { - "AssetId": { - "markdownDescription": "The ID of the asset that has the specified property.", - "title": "AssetId", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "EntryId": { - "markdownDescription": "A unique identifier for this entry. You can use the entry ID to track which data entry causes an error in case of failure. The default is a new unique identifier.", - "title": "EntryId", - "type": "string" + "Metadata": { + "type": "object" }, - "PropertyAlias": { - "markdownDescription": "The alias of the asset property.", - "title": "PropertyAlias", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "InitialVersion": { + "$ref": "#/definitions/AWS::Greengrass::CoreDefinition.CoreDefinitionVersion", + "markdownDescription": "The core definition version to include when the core definition is created. Currently, a core definition version can contain only one [`core`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-coredefinition-core.html) .\n\n> To associate a core definition version after the core definition is created, create an [`AWS::Greengrass::CoreDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-coredefinitionversion.html) resource and specify the ID of this core definition.", + "title": "InitialVersion" + }, + "Name": { + "markdownDescription": "The name of the core definition.", + "title": "Name", + "type": "string" + }, + "Tags": { + "markdownDescription": "Application-specific metadata to attach to the core definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", + "title": "Tags", + "type": "object" + } + }, + "required": [ + "Name" + ], + "type": "object" }, - "PropertyId": { - "markdownDescription": "The ID of the asset property.", - "title": "PropertyId", + "Type": { + "enum": [ + "AWS::Greengrass::CoreDefinition" + ], "type": "string" }, - "PropertyValue": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.AssetPropertyValue", - "markdownDescription": "The value to send to the asset property. This value contains timestamp, quality, and value (TQV) information.", - "title": "PropertyValue" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "PropertyValue" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoTEvents::DetectorModel.IotTopicPublish": { + "AWS::Greengrass::CoreDefinition.Core": { "additionalProperties": false, "properties": { - "MqttTopic": { - "markdownDescription": "The MQTT topic of the message. You can use a string expression that includes variables ( `$variable.` ) and input values ( `$input..` ) as the topic string.", - "title": "MqttTopic", + "CertificateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the device certificate for the core. This X.509 certificate is used to authenticate the core with AWS IoT and AWS IoT Greengrass services.", + "title": "CertificateArn", "type": "string" }, - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", - "markdownDescription": "You can configure the action payload when you publish a message to an AWS IoT Core topic.", - "title": "Payload" - } - }, - "required": [ - "MqttTopic" - ], - "type": "object" - }, - "AWS::IoTEvents::DetectorModel.Lambda": { - "additionalProperties": false, - "properties": { - "FunctionArn": { - "markdownDescription": "The ARN of the Lambda function that is executed.", - "title": "FunctionArn", + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the core. This value must be unique within the core definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", "type": "string" }, - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", - "markdownDescription": "You can configure the action payload when you send a message to a Lambda function.", - "title": "Payload" + "SyncShadow": { + "markdownDescription": "Indicates whether the core's local shadow is synced with the cloud automatically. The default is false.", + "title": "SyncShadow", + "type": "boolean" + }, + "ThingArn": { + "markdownDescription": "The ARN of the core, which is an AWS IoT device (thing).", + "title": "ThingArn", + "type": "string" } }, "required": [ - "FunctionArn" + "CertificateArn", + "Id", + "ThingArn" ], "type": "object" }, - "AWS::IoTEvents::DetectorModel.OnEnter": { - "additionalProperties": false, - "properties": { - "Events": { - "items": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Event" - }, - "markdownDescription": "Specifies the actions that are performed when the state is entered and the `condition` is `TRUE` .", - "title": "Events", - "type": "array" - } - }, - "type": "object" - }, - "AWS::IoTEvents::DetectorModel.OnExit": { - "additionalProperties": false, - "properties": { - "Events": { - "items": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Event" - }, - "markdownDescription": "Specifies the `actions` that are performed when the state is exited and the `condition` is `TRUE` .", - "title": "Events", - "type": "array" - } - }, - "type": "object" - }, - "AWS::IoTEvents::DetectorModel.OnInput": { + "AWS::Greengrass::CoreDefinition.CoreDefinitionVersion": { "additionalProperties": false, "properties": { - "Events": { - "items": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Event" - }, - "markdownDescription": "Specifies the actions performed when the `condition` evaluates to TRUE.", - "title": "Events", - "type": "array" - }, - "TransitionEvents": { + "Cores": { "items": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.TransitionEvent" + "$ref": "#/definitions/AWS::Greengrass::CoreDefinition.Core" }, - "markdownDescription": "Specifies the actions performed, and the next state entered, when a `condition` evaluates to TRUE.", - "title": "TransitionEvents", + "markdownDescription": "The Greengrass core in this version. Currently, the `Cores` property for a core definition version can contain only one core.", + "title": "Cores", "type": "array" } }, - "type": "object" - }, - "AWS::IoTEvents::DetectorModel.Payload": { - "additionalProperties": false, - "properties": { - "ContentExpression": { - "markdownDescription": "The content of the payload. You can use a string expression that includes quoted strings ( `''` ), variables ( `$variable.` ), input values ( `$input..` ), string concatenations, and quoted strings that contain `${}` as the content. The recommended maximum size of a content expression is 1 KB.", - "title": "ContentExpression", - "type": "string" - }, - "Type": { - "markdownDescription": "The value of the payload type can be either `STRING` or `JSON` .", - "title": "Type", - "type": "string" - } - }, "required": [ - "ContentExpression", - "Type" + "Cores" ], "type": "object" }, - "AWS::IoTEvents::DetectorModel.ResetTimer": { + "AWS::Greengrass::CoreDefinitionVersion": { "additionalProperties": false, "properties": { - "TimerName": { - "markdownDescription": "The name of the timer to reset.", - "title": "TimerName", + "Condition": { "type": "string" - } - }, - "required": [ - "TimerName" - ], - "type": "object" - }, - "AWS::IoTEvents::DetectorModel.SetTimer": { - "additionalProperties": false, - "properties": { - "DurationExpression": { - "markdownDescription": "The duration of the timer, in seconds. You can use a string expression that includes numbers, variables ( `$variable.` ), and input values ( `$input..` ) as the duration. The range of the duration is 1-31622400 seconds. To ensure accuracy, the minimum duration is 60 seconds. The evaluated result of the duration is rounded down to the nearest whole number.", - "title": "DurationExpression", + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Seconds": { - "markdownDescription": "The number of seconds until the timer expires. The minimum value is 60 seconds to ensure accuracy. The maximum value is 31622400 seconds.", - "title": "Seconds", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "TimerName": { - "markdownDescription": "The name of the timer.", - "title": "TimerName", - "type": "string" - } - }, - "required": [ - "TimerName" - ], - "type": "object" - }, - "AWS::IoTEvents::DetectorModel.SetVariable": { - "additionalProperties": false, - "properties": { - "Value": { - "markdownDescription": "The new value of the variable.", - "title": "Value", - "type": "string" + "Metadata": { + "type": "object" }, - "VariableName": { - "markdownDescription": "The name of the variable.", - "title": "VariableName", - "type": "string" - } - }, - "required": [ - "Value", - "VariableName" - ], - "type": "object" - }, - "AWS::IoTEvents::DetectorModel.Sns": { - "additionalProperties": false, - "properties": { - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", - "markdownDescription": "You can configure the action payload when you send a message as an Amazon SNS push notification.", - "title": "Payload" + "Properties": { + "additionalProperties": false, + "properties": { + "CoreDefinitionId": { + "markdownDescription": "The ID of the core definition associated with this version. This value is a GUID.", + "title": "CoreDefinitionId", + "type": "string" + }, + "Cores": { + "items": { + "$ref": "#/definitions/AWS::Greengrass::CoreDefinitionVersion.Core" + }, + "markdownDescription": "The Greengrass core in this version. Currently, the `Cores` property for a core definition version can contain only one core.", + "title": "Cores", + "type": "array" + } + }, + "required": [ + "CoreDefinitionId", + "Cores" + ], + "type": "object" }, - "TargetArn": { - "markdownDescription": "The ARN of the Amazon SNS target where the message is sent.", - "title": "TargetArn", + "Type": { + "enum": [ + "AWS::Greengrass::CoreDefinitionVersion" + ], "type": "string" - } - }, - "required": [ - "TargetArn" - ], - "type": "object" - }, - "AWS::IoTEvents::DetectorModel.Sqs": { - "additionalProperties": false, - "properties": { - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", - "markdownDescription": "You can configure the action payload when you send a message to an Amazon SQS queue.", - "title": "Payload" }, - "QueueUrl": { - "markdownDescription": "The URL of the SQS queue where the data is written.", - "title": "QueueUrl", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "UseBase64": { - "markdownDescription": "Set this to TRUE if you want the data to be base-64 encoded before it is written to the queue. Otherwise, set this to FALSE.", - "title": "UseBase64", - "type": "boolean" } }, "required": [ - "QueueUrl" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoTEvents::DetectorModel.State": { + "AWS::Greengrass::CoreDefinitionVersion.Core": { "additionalProperties": false, "properties": { - "OnEnter": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.OnEnter", - "markdownDescription": "When entering this state, perform these `actions` if the `condition` is TRUE.", - "title": "OnEnter" - }, - "OnExit": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.OnExit", - "markdownDescription": "When exiting this state, perform these `actions` if the specified `condition` is `TRUE` .", - "title": "OnExit" - }, - "OnInput": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.OnInput", - "markdownDescription": "When an input is received and the `condition` is TRUE, perform the specified `actions` .", - "title": "OnInput" - }, - "StateName": { - "markdownDescription": "The name of the state.", - "title": "StateName", + "CertificateArn": { + "markdownDescription": "The ARN of the device certificate for the core. This X.509 certificate is used to authenticate the core with AWS IoT and AWS IoT Greengrass services.", + "title": "CertificateArn", "type": "string" - } - }, - "required": [ - "StateName" - ], - "type": "object" - }, - "AWS::IoTEvents::DetectorModel.TransitionEvent": { - "additionalProperties": false, - "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Action" - }, - "markdownDescription": "The actions to be performed.", - "title": "Actions", - "type": "array" }, - "Condition": { - "markdownDescription": "Required. A Boolean expression that when TRUE causes the actions to be performed and the `nextState` to be entered.", - "title": "Condition", + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the core. This value must be unique within the core definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", "type": "string" }, - "EventName": { - "markdownDescription": "The name of the transition event.", - "title": "EventName", - "type": "string" + "SyncShadow": { + "markdownDescription": "Indicates whether the core's local shadow is synced with the cloud automatically. The default is false.", + "title": "SyncShadow", + "type": "boolean" }, - "NextState": { - "markdownDescription": "The next state to enter.", - "title": "NextState", + "ThingArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the core, which is an AWS IoT device (thing).", + "title": "ThingArn", "type": "string" } }, "required": [ - "Condition", - "EventName", - "NextState" + "CertificateArn", + "Id", + "ThingArn" ], "type": "object" }, - "AWS::IoTEvents::Input": { + "AWS::Greengrass::DeviceDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -127654,38 +133573,30 @@ "Properties": { "additionalProperties": false, "properties": { - "InputDefinition": { - "$ref": "#/definitions/AWS::IoTEvents::Input.InputDefinition", - "markdownDescription": "The definition of the input.", - "title": "InputDefinition" - }, - "InputDescription": { - "markdownDescription": "A brief description of the input.", - "title": "InputDescription", - "type": "string" + "InitialVersion": { + "$ref": "#/definitions/AWS::Greengrass::DeviceDefinition.DeviceDefinitionVersion", + "markdownDescription": "The device definition version to include when the device definition is created. A device definition version contains a list of [`device`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-devicedefinition-device.html) property types.\n\n> To associate a device definition version after the device definition is created, create an [`AWS::Greengrass::DeviceDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-devicedefinitionversion.html) resource and specify the ID of this device definition.", + "title": "InitialVersion" }, - "InputName": { - "markdownDescription": "The name of the input.", - "title": "InputName", + "Name": { + "markdownDescription": "The name of the device definition.", + "title": "Name", "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "Application-specific metadata to attach to the device definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", "title": "Tags", - "type": "array" + "type": "object" } }, "required": [ - "InputDefinition" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTEvents::Input" + "AWS::Greengrass::DeviceDefinition" ], "type": "string" }, @@ -127704,38 +133615,55 @@ ], "type": "object" }, - "AWS::IoTEvents::Input.Attribute": { + "AWS::Greengrass::DeviceDefinition.Device": { "additionalProperties": false, "properties": { - "JsonPath": { - "markdownDescription": "An expression that specifies an attribute-value pair in a JSON structure. Use this to specify an attribute from the JSON payload that is made available by the input. Inputs are derived from messages sent to AWS IoT Events ( `BatchPutMessage` ). Each such message contains a JSON payload. The attribute (and its paired value) specified here are available for use in the `condition` expressions used by detectors.\n\nSyntax: `....`", - "title": "JsonPath", + "CertificateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the device certificate for the device. This X.509 certificate is used to authenticate the device with AWS IoT and AWS IoT Greengrass services.", + "title": "CertificateArn", + "type": "string" + }, + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the device. This value must be unique within the device definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", + "type": "string" + }, + "SyncShadow": { + "markdownDescription": "Indicates whether the device's local shadow is synced with the cloud automatically.", + "title": "SyncShadow", + "type": "boolean" + }, + "ThingArn": { + "markdownDescription": "The ARN of the device, which is an AWS IoT device (thing).", + "title": "ThingArn", "type": "string" } }, "required": [ - "JsonPath" + "CertificateArn", + "Id", + "ThingArn" ], "type": "object" }, - "AWS::IoTEvents::Input.InputDefinition": { + "AWS::Greengrass::DeviceDefinition.DeviceDefinitionVersion": { "additionalProperties": false, "properties": { - "Attributes": { + "Devices": { "items": { - "$ref": "#/definitions/AWS::IoTEvents::Input.Attribute" + "$ref": "#/definitions/AWS::Greengrass::DeviceDefinition.Device" }, - "markdownDescription": "The attributes from the JSON payload that are made available by the input. Inputs are derived from messages sent to the AWS IoT Events system using `BatchPutMessage` . Each such message contains a JSON payload, and those attributes (and their paired values) specified here are available for use in the `condition` expressions used by detectors that monitor this input.", - "title": "Attributes", + "markdownDescription": "The devices in this version.", + "title": "Devices", "type": "array" } }, "required": [ - "Attributes" + "Devices" ], "type": "object" }, - "AWS::IoTFleetHub::Application": { + "AWS::Greengrass::DeviceDefinitionVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -127770,39 +133698,29 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationDescription": { - "markdownDescription": "An optional description of the web application.", - "title": "ApplicationDescription", - "type": "string" - }, - "ApplicationName": { - "markdownDescription": "The name of the web application.", - "title": "ApplicationName", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN of the role that the web application assumes when it interacts with AWS IoT Core .\n\n> The name of the role must be in the form `FleetHub_random_string` . \n\nPattern: `^arn:[!-~]+$`", - "title": "RoleArn", + "DeviceDefinitionId": { + "markdownDescription": "The ID of the device definition associated with this version. This value is a GUID.", + "title": "DeviceDefinitionId", "type": "string" }, - "Tags": { + "Devices": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Greengrass::DeviceDefinitionVersion.Device" }, - "markdownDescription": "A set of key/value pairs that you can use to manage the web application resource.", - "title": "Tags", + "markdownDescription": "The devices in this version.", + "title": "Devices", "type": "array" } }, "required": [ - "ApplicationName", - "RoleArn" + "DeviceDefinitionId", + "Devices" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTFleetHub::Application" + "AWS::Greengrass::DeviceDefinitionVersion" ], "type": "string" }, @@ -127821,7 +133739,38 @@ ], "type": "object" }, - "AWS::IoTFleetWise::Campaign": { + "AWS::Greengrass::DeviceDefinitionVersion.Device": { + "additionalProperties": false, + "properties": { + "CertificateArn": { + "markdownDescription": "The ARN of the device certificate for the device. This X.509 certificate is used to authenticate the device with AWS IoT and AWS IoT Greengrass services.", + "title": "CertificateArn", + "type": "string" + }, + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the device. This value must be unique within the device definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", + "type": "string" + }, + "SyncShadow": { + "markdownDescription": "Indicates whether the device's local shadow is synced with the cloud automatically.", + "title": "SyncShadow", + "type": "boolean" + }, + "ThingArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the device, which is an AWS IoT device (thing).", + "title": "ThingArn", + "type": "string" + } + }, + "required": [ + "CertificateArn", + "Id", + "ThingArn" + ], + "type": "object" + }, + "AWS::Greengrass::FunctionDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -127856,116 +133805,30 @@ "Properties": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "Specifies how to update a campaign. The action can be one of the following:\n\n- `APPROVE` - To approve delivering a data collection scheme to vehicles.\n- `SUSPEND` - To suspend collecting signal data. The campaign is deleted from vehicles and all vehicles in the suspended campaign will stop sending data.\n- `RESUME` - To reactivate the `SUSPEND` campaign. The campaign is redeployed to all vehicles and the vehicles will resume sending data.\n- `UPDATE` - To update a campaign.", - "title": "Action", - "type": "string" - }, - "CollectionScheme": { - "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.CollectionScheme", - "markdownDescription": "The data collection scheme associated with the campaign. You can specify a scheme that collects data based on time or an event.", - "title": "CollectionScheme" - }, - "Compression": { - "markdownDescription": "Whether to compress signals before transmitting data to AWS IoT FleetWise . If you don't want to compress the signals, use `OFF` . If it's not specified, `SNAPPY` is used.\n\nDefault: `SNAPPY`", - "title": "Compression", - "type": "string" - }, - "DataDestinationConfigs": { - "items": { - "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.DataDestinationConfig" - }, - "markdownDescription": "The destination where the campaign sends data. You can choose to send data to be stored in Amazon S3 or Amazon Timestream .\n\nAmazon S3 optimizes the cost of data storage and provides additional mechanisms to use vehicle data, such as data lakes, centralized data storage, data processing pipelines, and analytics. AWS IoT FleetWise supports at-least-once file delivery to S3. Your vehicle data is stored on multiple AWS IoT FleetWise servers for redundancy and high availability.\n\nYou can use Amazon Timestream to access and analyze time series data, and Timestream to query vehicle data so that you can identify trends and patterns.", - "title": "DataDestinationConfigs", - "type": "array" - }, - "DataExtraDimensions": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of vehicle attributes to associate with a campaign.\n\nEnrich the data with specified vehicle attributes. For example, add `make` and `model` to the campaign, and AWS IoT FleetWise will associate the data with those attributes as dimensions in Amazon Timestream . You can then query the data against `make` and `model` .\n\nDefault: An empty array", - "title": "DataExtraDimensions", - "type": "array" - }, - "Description": { - "markdownDescription": "The description of the campaign.", - "title": "Description", - "type": "string" - }, - "DiagnosticsMode": { - "markdownDescription": "Option for a vehicle to send diagnostic trouble codes to AWS IoT FleetWise . If you want to send diagnostic trouble codes, use `SEND_ACTIVE_DTCS` . If it's not specified, `OFF` is used.\n\nDefault: `OFF`", - "title": "DiagnosticsMode", - "type": "string" - }, - "ExpiryTime": { - "markdownDescription": "The time the campaign expires, in seconds since epoch (January 1, 1970 at midnight UTC time). Vehicle data isn't collected after the campaign expires.\n\nDefault: 253402214400 (December 31, 9999, 00:00:00 UTC)", - "title": "ExpiryTime", - "type": "string" + "InitialVersion": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.FunctionDefinitionVersion", + "markdownDescription": "The function definition version to include when the function definition is created. A function definition version contains a list of [`function`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinition-function.html) property types.\n\n> To associate a function definition version after the function definition is created, create an [`AWS::Greengrass::FunctionDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-functiondefinitionversion.html) resource and specify the ID of this function definition.", + "title": "InitialVersion" }, "Name": { - "markdownDescription": "The name of a campaign.", + "markdownDescription": "The name of the function definition.", "title": "Name", "type": "string" }, - "PostTriggerCollectionDuration": { - "markdownDescription": "How long (in milliseconds) to collect raw data after a triggering event initiates the collection. If it's not specified, `0` is used.\n\nDefault: `0`", - "title": "PostTriggerCollectionDuration", - "type": "number" - }, - "Priority": { - "markdownDescription": "A number indicating the priority of one campaign over another campaign for a certain vehicle or fleet. A campaign with the lowest value is deployed to vehicles before any other campaigns. If it's not specified, `0` is used.\n\nDefault: `0`", - "title": "Priority", - "type": "number" - }, - "SignalCatalogArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the signal catalog associated with the campaign.", - "title": "SignalCatalogArn", - "type": "string" - }, - "SignalsToCollect": { - "items": { - "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.SignalInformation" - }, - "markdownDescription": "A list of information about signals to collect.", - "title": "SignalsToCollect", - "type": "array" - }, - "SpoolingMode": { - "markdownDescription": "Whether to store collected data after a vehicle lost a connection with the cloud. After a connection is re-established, the data is automatically forwarded to AWS IoT FleetWise . If you want to store collected data when a vehicle loses connection with the cloud, use `TO_DISK` . If it's not specified, `OFF` is used.\n\nDefault: `OFF`", - "title": "SpoolingMode", - "type": "string" - }, - "StartTime": { - "markdownDescription": "The time, in milliseconds, to deliver a campaign after it was approved. If it's not specified, `0` is used.\n\nDefault: `0`", - "title": "StartTime", - "type": "string" - }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata that can be used to manage the campaign.", + "markdownDescription": "Application-specific metadata to attach to the function definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", "title": "Tags", - "type": "array" - }, - "TargetArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of a vehicle or fleet to which the campaign is deployed.", - "title": "TargetArn", - "type": "string" + "type": "object" } }, "required": [ - "Action", - "CollectionScheme", - "Name", - "SignalCatalogArn", - "TargetArn" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTFleetWise::Campaign" + "AWS::Greengrass::FunctionDefinition" ], "type": "string" }, @@ -127984,155 +133847,190 @@ ], "type": "object" }, - "AWS::IoTFleetWise::Campaign.CollectionScheme": { + "AWS::Greengrass::FunctionDefinition.DefaultConfig": { "additionalProperties": false, "properties": { - "ConditionBasedCollectionScheme": { - "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.ConditionBasedCollectionScheme", - "markdownDescription": "Information about a collection scheme that uses a simple logical expression to recognize what data to collect.", - "title": "ConditionBasedCollectionScheme" - }, - "TimeBasedCollectionScheme": { - "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.TimeBasedCollectionScheme", - "markdownDescription": "Information about a collection scheme that uses a time period to decide how often to collect data.", - "title": "TimeBasedCollectionScheme" + "Execution": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.Execution", + "markdownDescription": "Configuration settings for the Lambda execution environment on the AWS IoT Greengrass core.", + "title": "Execution" } }, + "required": [ + "Execution" + ], "type": "object" }, - "AWS::IoTFleetWise::Campaign.ConditionBasedCollectionScheme": { + "AWS::Greengrass::FunctionDefinition.Environment": { "additionalProperties": false, "properties": { - "ConditionLanguageVersion": { - "markdownDescription": "Specifies the version of the conditional expression language.", - "title": "ConditionLanguageVersion", - "type": "number" + "AccessSysfs": { + "markdownDescription": "Indicates whether the function is allowed to access the `/sys` directory on the core device, which allows the read device information from `/sys` .\n\n> This property applies only to Lambda functions that run in a Greengrass container.", + "title": "AccessSysfs", + "type": "boolean" }, - "Expression": { - "markdownDescription": "The logical expression used to recognize what data to collect. For example, `$variable.Vehicle.OutsideAirTemperature >= 105.0` .", - "title": "Expression", - "type": "string" + "Execution": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.Execution", + "markdownDescription": "Settings for the Lambda execution environment in AWS IoT Greengrass .", + "title": "Execution" }, - "MinimumTriggerIntervalMs": { - "markdownDescription": "The minimum duration of time between two triggering events to collect data, in milliseconds.\n\n> If a signal changes often, you might want to collect data at a slower rate.", - "title": "MinimumTriggerIntervalMs", - "type": "number" + "ResourceAccessPolicies": { + "items": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.ResourceAccessPolicy" + }, + "markdownDescription": "A list of the [resources](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-resourcedefinitionversion-resourceinstance.html) in the group that the function can access, with the corresponding read-only or read-write permissions. The maximum is 10 resources.\n\n> This property applies only for Lambda functions that run in a Greengrass container.", + "title": "ResourceAccessPolicies", + "type": "array" }, - "TriggerMode": { - "markdownDescription": "Whether to collect data for all triggering events ( `ALWAYS` ). Specify ( `RISING_EDGE` ), or specify only when the condition first evaluates to false. For example, triggering on \"AirbagDeployed\"; Users aren't interested on triggering when the airbag is already exploded; they only care about the change from not deployed => deployed.", - "title": "TriggerMode", - "type": "string" + "Variables": { + "markdownDescription": "Environment variables for the Lambda function.", + "title": "Variables", + "type": "object" } }, - "required": [ - "Expression" - ], "type": "object" }, - "AWS::IoTFleetWise::Campaign.DataDestinationConfig": { + "AWS::Greengrass::FunctionDefinition.Execution": { "additionalProperties": false, "properties": { - "S3Config": { - "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.S3Config", - "markdownDescription": "The Amazon S3 bucket where the AWS IoT FleetWise campaign sends data.", - "title": "S3Config" + "IsolationMode": { + "markdownDescription": "The containerization that the Lambda function runs in. Valid values are `GreengrassContainer` or `NoContainer` . Typically, this is `GreengrassContainer` . For more information, see [Containerization](https://docs.aws.amazon.com/greengrass/v1/developerguide/lambda-group-config.html#lambda-function-containerization) in the *Developer Guide* .\n\n- When set on the [`DefaultConfig`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-defaultconfig.html) property of a function definition version, this setting is used as the default containerization for all Lambda functions in the function definition version.\n- When set on the [`Environment`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-environment.html) property of a function, this setting applies to the individual function and overrides the default. Omit this value to run the function with the default containerization.\n\n> We recommend that you run in a Greengrass container unless your business case requires that you run without containerization.", + "title": "IsolationMode", + "type": "string" }, - "TimestreamConfig": { - "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.TimestreamConfig", - "markdownDescription": "The Amazon Timestream table where the campaign sends data.", - "title": "TimestreamConfig" + "RunAs": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.RunAs", + "markdownDescription": "The user and group permissions used to run the Lambda function. Typically, this is the ggc_user and ggc_group. For more information, see [Run as](https://docs.aws.amazon.com/greengrass/v1/developerguide/lambda-group-config.html#lambda-access-identity.html) in the *Developer Guide* .\n\n- When set on the [`DefaultConfig`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-defaultconfig.html) property of a function definition version, this setting is used as the default access identity for all Lambda functions in the function definition version.\n- When set on the [`Environment`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-environment.html) property of a function, this setting applies to the individual function and overrides the default. You can override the user, group, or both. Omit this value to run the function with the default permissions.\n\n> Running as the root user increases risks to your data and device. Do not run as root (UID/GID=0) unless your business case requires it. For more information and requirements, see [Running a Lambda Function as Root](https://docs.aws.amazon.com/greengrass/v1/developerguide/lambda-group-config.html#lambda-running-as-root) .", + "title": "RunAs" } }, "type": "object" }, - "AWS::IoTFleetWise::Campaign.S3Config": { + "AWS::Greengrass::FunctionDefinition.Function": { "additionalProperties": false, "properties": { - "BucketArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon S3 bucket.", - "title": "BucketArn", - "type": "string" - }, - "DataFormat": { - "markdownDescription": "Specify the format that files are saved in the Amazon S3 bucket. You can save files in an Apache Parquet or JSON format.\n\n- Parquet - Store data in a columnar storage file format. Parquet is optimal for fast data retrieval and can reduce costs. This option is selected by default.\n- JSON - Store data in a standard text-based JSON file format.", - "title": "DataFormat", + "FunctionArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the alias (recommended) or version of the referenced Lambda function.", + "title": "FunctionArn", "type": "string" }, - "Prefix": { - "markdownDescription": "Enter an S3 bucket prefix. The prefix is the string of characters after the bucket name and before the object name. You can use the prefix to organize data stored in Amazon S3 buckets. For more information, see [Organizing objects using prefixes](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-prefixes.html) in the *Amazon Simple Storage Service User Guide* .\n\nBy default, AWS IoT FleetWise sets the prefix `processed-data/year=YY/month=MM/date=DD/hour=HH/` (in UTC) to data it delivers to Amazon S3 . You can enter a prefix to append it to this default prefix. For example, if you enter the prefix `vehicles` , the prefix will be `vehicles/processed-data/year=YY/month=MM/date=DD/hour=HH/` .", - "title": "Prefix", - "type": "string" + "FunctionConfiguration": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.FunctionConfiguration", + "markdownDescription": "The group-specific settings of the Lambda function. These settings configure the function's behavior in the Greengrass group.", + "title": "FunctionConfiguration" }, - "StorageCompressionFormat": { - "markdownDescription": "By default, stored data is compressed as a .gzip file. Compressed files have a reduced file size, which can optimize the cost of data storage.", - "title": "StorageCompressionFormat", + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the function. This value must be unique within the function definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", "type": "string" } }, "required": [ - "BucketArn" + "FunctionArn", + "FunctionConfiguration", + "Id" ], "type": "object" }, - "AWS::IoTFleetWise::Campaign.SignalInformation": { + "AWS::Greengrass::FunctionDefinition.FunctionConfiguration": { "additionalProperties": false, "properties": { - "MaxSampleCount": { - "markdownDescription": "The maximum number of samples to collect.", - "title": "MaxSampleCount", - "type": "number" + "EncodingType": { + "markdownDescription": "The expected encoding type of the input payload for the function. Valid values are `json` (default) and `binary` .", + "title": "EncodingType", + "type": "string" }, - "MinimumSamplingIntervalMs": { - "markdownDescription": "The minimum duration of time (in milliseconds) between two triggering events to collect data.\n\n> If a signal changes often, you might want to collect data at a slower rate.", - "title": "MinimumSamplingIntervalMs", - "type": "number" + "Environment": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.Environment", + "markdownDescription": "The environment configuration of the function.", + "title": "Environment" }, - "Name": { - "markdownDescription": "The name of the signal.", - "title": "Name", + "ExecArgs": { + "markdownDescription": "The execution arguments.", + "title": "ExecArgs", "type": "string" + }, + "Executable": { + "markdownDescription": "The name of the function executable.", + "title": "Executable", + "type": "string" + }, + "MemorySize": { + "markdownDescription": "The memory size (in KB) required by the function.\n\n> This property applies only to Lambda functions that run in a Greengrass container.", + "title": "MemorySize", + "type": "number" + }, + "Pinned": { + "markdownDescription": "Indicates whether the function is pinned (or *long-lived* ). Pinned functions start when the core starts and process all requests in the same container. The default value is false.", + "title": "Pinned", + "type": "boolean" + }, + "Timeout": { + "markdownDescription": "The allowed execution time (in seconds) after which the function should terminate. For pinned functions, this timeout applies for each request.", + "title": "Timeout", + "type": "number" } }, - "required": [ - "Name" - ], "type": "object" }, - "AWS::IoTFleetWise::Campaign.TimeBasedCollectionScheme": { + "AWS::Greengrass::FunctionDefinition.FunctionDefinitionVersion": { "additionalProperties": false, "properties": { - "PeriodMs": { - "markdownDescription": "The time period (in milliseconds) to decide how often to collect data. For example, if the time period is `60000` , the Edge Agent software collects data once every minute.", - "title": "PeriodMs", - "type": "number" + "DefaultConfig": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.DefaultConfig", + "markdownDescription": "The default configuration that applies to all Lambda functions in the group. Individual Lambda functions can override these settings.", + "title": "DefaultConfig" + }, + "Functions": { + "items": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.Function" + }, + "markdownDescription": "The functions in this version.", + "title": "Functions", + "type": "array" } }, "required": [ - "PeriodMs" + "Functions" ], "type": "object" }, - "AWS::IoTFleetWise::Campaign.TimestreamConfig": { + "AWS::Greengrass::FunctionDefinition.ResourceAccessPolicy": { "additionalProperties": false, "properties": { - "ExecutionRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the task execution role that grants AWS IoT FleetWise permission to deliver data to the Amazon Timestream table.", - "title": "ExecutionRoleArn", + "Permission": { + "markdownDescription": "The read-only or read-write access that the Lambda function has to the resource. Valid values are `ro` or `rw` .", + "title": "Permission", "type": "string" }, - "TimestreamTableArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Timestream table.", - "title": "TimestreamTableArn", + "ResourceId": { + "markdownDescription": "The ID of the resource. This ID is assigned to the resource when you create the resource definition.", + "title": "ResourceId", "type": "string" } }, "required": [ - "ExecutionRoleArn", - "TimestreamTableArn" + "ResourceId" ], "type": "object" }, - "AWS::IoTFleetWise::DecoderManifest": { + "AWS::Greengrass::FunctionDefinition.RunAs": { + "additionalProperties": false, + "properties": { + "Gid": { + "markdownDescription": "The group ID whose permissions are used to run the Lambda function. You can use the `getent group` command on your core device to look up the group ID.", + "title": "Gid", + "type": "number" + }, + "Uid": { + "markdownDescription": "The user ID whose permissions are used to run the Lambda function. You can use the `getent passwd` command on your core device to look up the user ID.", + "title": "Uid", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Greengrass::FunctionDefinitionVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -128167,60 +134065,34 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A brief description of the decoder manifest.", - "title": "Description", - "type": "string" - }, - "ModelManifestArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of a vehicle model (model manifest) associated with the decoder manifest.", - "title": "ModelManifestArn", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the decoder manifest.", - "title": "Name", - "type": "string" - }, - "NetworkInterfaces": { - "items": { - "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.NetworkInterfacesItems" - }, - "markdownDescription": "A list of information about available network interfaces.", - "title": "NetworkInterfaces", - "type": "array" - }, - "SignalDecoders": { - "items": { - "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.SignalDecodersItems" - }, - "markdownDescription": "A list of information about signal decoders.", - "title": "SignalDecoders", - "type": "array" + "DefaultConfig": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.DefaultConfig", + "markdownDescription": "The default configuration that applies to all Lambda functions in the group. Individual Lambda functions can override these settings.", + "title": "DefaultConfig" }, - "Status": { - "markdownDescription": "The state of the decoder manifest. If the status is `ACTIVE` , the decoder manifest can't be edited. If the status is marked `DRAFT` , you can edit the decoder manifest.", - "title": "Status", + "FunctionDefinitionId": { + "markdownDescription": "The ID of the function definition associated with this version. This value is a GUID.", + "title": "FunctionDefinitionId", "type": "string" }, - "Tags": { + "Functions": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.Function" }, - "markdownDescription": "Metadata that can be used to manage the decoder manifest.", - "title": "Tags", + "markdownDescription": "The functions in this version.", + "title": "Functions", "type": "array" } }, "required": [ - "ModelManifestArn", - "Name" + "FunctionDefinitionId", + "Functions" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTFleetWise::DecoderManifest" + "AWS::Greengrass::FunctionDefinitionVersion" ], "type": "string" }, @@ -128239,239 +134111,168 @@ ], "type": "object" }, - "AWS::IoTFleetWise::DecoderManifest.CanInterface": { + "AWS::Greengrass::FunctionDefinitionVersion.DefaultConfig": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The unique name of the interface.", - "title": "Name", - "type": "string" - }, - "ProtocolName": { - "markdownDescription": "The name of the communication protocol for the interface.", - "title": "ProtocolName", - "type": "string" - }, - "ProtocolVersion": { - "markdownDescription": "The version of the communication protocol for the interface.", - "title": "ProtocolVersion", - "type": "string" + "Execution": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.Execution", + "markdownDescription": "Configuration settings for the Lambda execution environment on the AWS IoT Greengrass core.", + "title": "Execution" } }, "required": [ - "Name" + "Execution" ], "type": "object" }, - "AWS::IoTFleetWise::DecoderManifest.CanSignal": { + "AWS::Greengrass::FunctionDefinitionVersion.Environment": { "additionalProperties": false, "properties": { - "Factor": { - "markdownDescription": "A multiplier used to decode the CAN message.", - "title": "Factor", - "type": "string" - }, - "IsBigEndian": { - "markdownDescription": "Whether the byte ordering of a CAN message is big-endian.", - "title": "IsBigEndian", - "type": "string" - }, - "IsSigned": { - "markdownDescription": "Whether the message data is specified as a signed value.", - "title": "IsSigned", - "type": "string" - }, - "Length": { - "markdownDescription": "How many bytes of data are in the message.", - "title": "Length", - "type": "string" - }, - "MessageId": { - "markdownDescription": "The ID of the message.", - "title": "MessageId", - "type": "string" + "AccessSysfs": { + "markdownDescription": "Indicates whether the function is allowed to access the `/sys` directory on the core device, which allows the read device information from `/sys` .\n\n> This property applies only to Lambda functions that run in a Greengrass container.", + "title": "AccessSysfs", + "type": "boolean" }, - "Name": { - "markdownDescription": "The name of the signal.", - "title": "Name", - "type": "string" + "Execution": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.Execution", + "markdownDescription": "Settings for the Lambda execution environment in AWS IoT Greengrass .", + "title": "Execution" }, - "Offset": { - "markdownDescription": "The offset used to calculate the signal value. Combined with factor, the calculation is `value = raw_value * factor + offset` .", - "title": "Offset", - "type": "string" + "ResourceAccessPolicies": { + "items": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.ResourceAccessPolicy" + }, + "markdownDescription": "A list of the [resources](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-resourcedefinitionversion-resourceinstance.html) in the group that the function can access, with the corresponding read-only or read-write permissions. The maximum is 10 resources.\n\n> This property applies only to Lambda functions that run in a Greengrass container.", + "title": "ResourceAccessPolicies", + "type": "array" }, - "StartBit": { - "markdownDescription": "Indicates the beginning of the CAN message.", - "title": "StartBit", - "type": "string" + "Variables": { + "markdownDescription": "Environment variables for the Lambda function.", + "title": "Variables", + "type": "object" } }, - "required": [ - "Factor", - "IsBigEndian", - "IsSigned", - "Length", - "MessageId", - "Offset", - "StartBit" - ], "type": "object" }, - "AWS::IoTFleetWise::DecoderManifest.NetworkInterfacesItems": { + "AWS::Greengrass::FunctionDefinitionVersion.Execution": { "additionalProperties": false, "properties": { - "CanInterface": { - "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.CanInterface" - }, - "InterfaceId": { + "IsolationMode": { + "markdownDescription": "The containerization that the Lambda function runs in. Valid values are `GreengrassContainer` or `NoContainer` . Typically, this is `GreengrassContainer` . For more information, see [Containerization](https://docs.aws.amazon.com/greengrass/v1/developerguide/lambda-group-config.html#lambda-function-containerization) in the *Developer Guide* .\n\n- When set on the [`DefaultConfig`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-defaultconfig.html) property of a function definition version, this setting is used as the default containerization for all Lambda functions in the function definition version.\n- When set on the [`Environment`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-environment.html) property of a function, this setting applies to the individual function and overrides the default. Omit this value to run the function with the default containerization.\n\n> We recommend that you run in a Greengrass container unless your business case requires that you run without containerization.", + "title": "IsolationMode", "type": "string" }, - "ObdInterface": { - "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.ObdInterface" - }, - "Type": { - "type": "string" + "RunAs": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.RunAs", + "markdownDescription": "The user and group permissions used to run the Lambda function. Typically, this is the ggc_user and ggc_group. For more information, see [Run as](https://docs.aws.amazon.com/greengrass/v1/developerguide/lambda-group-config.html#lambda-access-identity.html) in the *Developer Guide* .\n\n- When set on the [`DefaultConfig`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-defaultconfig.html) property of a function definition version, this setting is used as the default access identity for all Lambda functions in the function definition version.\n- When set on the [`Environment`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-environment.html) property of a function, this setting applies to the individual function and overrides the default. You can override the user, group, or both. Omit this value to run the function with the default permissions.\n\n> Running as the root user increases risks to your data and device. Do not run as root (UID/GID=0) unless your business case requires it. For more information and requirements, see [Running a Lambda Function as Root](https://docs.aws.amazon.com/greengrass/v1/developerguide/lambda-group-config.html#lambda-running-as-root) .", + "title": "RunAs" } }, - "required": [ - "InterfaceId", - "Type" - ], "type": "object" }, - "AWS::IoTFleetWise::DecoderManifest.ObdInterface": { + "AWS::Greengrass::FunctionDefinitionVersion.Function": { "additionalProperties": false, "properties": { - "DtcRequestIntervalSeconds": { - "markdownDescription": "The maximum number message requests per diagnostic trouble code per second.", - "title": "DtcRequestIntervalSeconds", - "type": "string" - }, - "HasTransmissionEcu": { - "markdownDescription": "Whether the vehicle has a transmission control module (TCM).", - "title": "HasTransmissionEcu", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the interface.", - "title": "Name", - "type": "string" - }, - "ObdStandard": { - "markdownDescription": "The standard OBD II PID.", - "title": "ObdStandard", - "type": "string" - }, - "PidRequestIntervalSeconds": { - "markdownDescription": "The maximum number message requests per second.", - "title": "PidRequestIntervalSeconds", + "FunctionArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the alias (recommended) or version of the referenced Lambda function.", + "title": "FunctionArn", "type": "string" }, - "RequestMessageId": { - "markdownDescription": "The ID of the message requesting vehicle data.", - "title": "RequestMessageId", - "type": "string" + "FunctionConfiguration": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.FunctionConfiguration", + "markdownDescription": "The group-specific settings of the Lambda function. These settings configure the function's behavior in the Greengrass group.", + "title": "FunctionConfiguration" }, - "UseExtendedIds": { - "markdownDescription": "Whether to use extended IDs in the message.", - "title": "UseExtendedIds", + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the function. This value must be unique within the function definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", "type": "string" } }, "required": [ - "Name", - "RequestMessageId" + "FunctionArn", + "FunctionConfiguration", + "Id" ], "type": "object" }, - "AWS::IoTFleetWise::DecoderManifest.ObdSignal": { + "AWS::Greengrass::FunctionDefinitionVersion.FunctionConfiguration": { "additionalProperties": false, "properties": { - "BitMaskLength": { - "markdownDescription": "The number of bits to mask in a message.", - "title": "BitMaskLength", - "type": "string" - }, - "BitRightShift": { - "markdownDescription": "The number of positions to shift bits in the message.", - "title": "BitRightShift", + "EncodingType": { + "markdownDescription": "The expected encoding type of the input payload for the function. Valid values are `json` (default) and `binary` .", + "title": "EncodingType", "type": "string" }, - "ByteLength": { - "markdownDescription": "The length of a message.", - "title": "ByteLength", - "type": "string" + "Environment": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.Environment", + "markdownDescription": "The environment configuration of the function.", + "title": "Environment" }, - "Offset": { - "markdownDescription": "The offset used to calculate the signal value. Combined with scaling, the calculation is `value = raw_value * scaling + offset` .", - "title": "Offset", + "ExecArgs": { + "markdownDescription": "The execution arguments.", + "title": "ExecArgs", "type": "string" }, - "Pid": { - "markdownDescription": "The diagnostic code used to request data from a vehicle for this signal.", - "title": "Pid", + "Executable": { + "markdownDescription": "The name of the function executable.", + "title": "Executable", "type": "string" }, - "PidResponseLength": { - "markdownDescription": "The length of the requested data.", - "title": "PidResponseLength", - "type": "string" + "MemorySize": { + "markdownDescription": "The memory size (in KB) required by the function.\n\n> This property applies only to Lambda functions that run in a Greengrass container.", + "title": "MemorySize", + "type": "number" }, - "Scaling": { - "markdownDescription": "A multiplier used to decode the message.", - "title": "Scaling", - "type": "string" + "Pinned": { + "markdownDescription": "Indicates whether the function is pinned (or *long-lived* ). Pinned functions start when the core starts and process all requests in the same container. The default value is false.", + "title": "Pinned", + "type": "boolean" }, - "ServiceMode": { - "markdownDescription": "The mode of operation (diagnostic service) in a message.", - "title": "ServiceMode", + "Timeout": { + "markdownDescription": "The allowed execution time (in seconds) after which the function should terminate. For pinned functions, this timeout applies for each request.", + "title": "Timeout", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Greengrass::FunctionDefinitionVersion.ResourceAccessPolicy": { + "additionalProperties": false, + "properties": { + "Permission": { + "markdownDescription": "The read-only or read-write access that the Lambda function has to the resource. Valid values are `ro` or `rw` .", + "title": "Permission", "type": "string" }, - "StartByte": { - "markdownDescription": "Indicates the beginning of the message.", - "title": "StartByte", + "ResourceId": { + "markdownDescription": "The ID of the resource. This ID is assigned to the resource when you create the resource definition.", + "title": "ResourceId", "type": "string" } }, "required": [ - "ByteLength", - "Offset", - "Pid", - "PidResponseLength", - "Scaling", - "ServiceMode", - "StartByte" + "ResourceId" ], "type": "object" }, - "AWS::IoTFleetWise::DecoderManifest.SignalDecodersItems": { + "AWS::Greengrass::FunctionDefinitionVersion.RunAs": { "additionalProperties": false, "properties": { - "CanSignal": { - "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.CanSignal" - }, - "FullyQualifiedName": { - "type": "string" - }, - "InterfaceId": { - "type": "string" - }, - "ObdSignal": { - "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.ObdSignal" + "Gid": { + "markdownDescription": "The group ID whose permissions are used to run the Lambda function. You can use the `getent group` command on your core device to look up the group ID.", + "title": "Gid", + "type": "number" }, - "Type": { - "type": "string" + "Uid": { + "markdownDescription": "The user ID whose permissions are used to run the Lambda function. You can use the `getent passwd` command on your core device to look up the user ID.", + "title": "Uid", + "type": "number" } }, - "required": [ - "FullyQualifiedName", - "InterfaceId", - "Type" - ], "type": "object" }, - "AWS::IoTFleetWise::Fleet": { + "AWS::Greengrass::Group": { "additionalProperties": false, "properties": { "Condition": { @@ -128506,39 +134307,35 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A brief description of the fleet.", - "title": "Description", - "type": "string" + "InitialVersion": { + "$ref": "#/definitions/AWS::Greengrass::Group.GroupVersion", + "markdownDescription": "The group version to include when the group is created. A group version references the Amazon Resource Name (ARN) of a core definition version, device definition version, subscription definition version, and other version types. The group version must reference a core definition version that contains one core. Other version types are optionally included, depending on your business need.\n\n> To associate a group version after the group is created, create an [`AWS::Greengrass::GroupVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-groupversion.html) resource and specify the ID of this group.", + "title": "InitialVersion" }, - "Id": { - "markdownDescription": "The unique ID of the fleet.", - "title": "Id", + "Name": { + "markdownDescription": "The name of the group.", + "title": "Name", "type": "string" }, - "SignalCatalogArn": { - "markdownDescription": "The ARN of the signal catalog associated with the fleet.", - "title": "SignalCatalogArn", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role attached to the group. This role contains the permissions that Lambda functions and connectors use to interact with other AWS services.", + "title": "RoleArn", "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata that can be used to manage the fleet.", + "markdownDescription": "Application-specific metadata to attach to the group. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", "title": "Tags", - "type": "array" + "type": "object" } }, "required": [ - "Id", - "SignalCatalogArn" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTFleetWise::Fleet" + "AWS::Greengrass::Group" ], "type": "string" }, @@ -128557,7 +134354,48 @@ ], "type": "object" }, - "AWS::IoTFleetWise::ModelManifest": { + "AWS::Greengrass::Group.GroupVersion": { + "additionalProperties": false, + "properties": { + "ConnectorDefinitionVersionArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the connector definition version that contains the connectors you want to deploy with the group version.", + "title": "ConnectorDefinitionVersionArn", + "type": "string" + }, + "CoreDefinitionVersionArn": { + "markdownDescription": "The ARN of the core definition version that contains the core you want to deploy with the group version. Currently, the core definition version can contain only one core.", + "title": "CoreDefinitionVersionArn", + "type": "string" + }, + "DeviceDefinitionVersionArn": { + "markdownDescription": "The ARN of the device definition version that contains the devices you want to deploy with the group version.", + "title": "DeviceDefinitionVersionArn", + "type": "string" + }, + "FunctionDefinitionVersionArn": { + "markdownDescription": "The ARN of the function definition version that contains the functions you want to deploy with the group version.", + "title": "FunctionDefinitionVersionArn", + "type": "string" + }, + "LoggerDefinitionVersionArn": { + "markdownDescription": "The ARN of the logger definition version that contains the loggers you want to deploy with the group version.", + "title": "LoggerDefinitionVersionArn", + "type": "string" + }, + "ResourceDefinitionVersionArn": { + "markdownDescription": "The ARN of the resource definition version that contains the resources you want to deploy with the group version.", + "title": "ResourceDefinitionVersionArn", + "type": "string" + }, + "SubscriptionDefinitionVersionArn": { + "markdownDescription": "The ARN of the subscription definition version that contains the subscriptions you want to deploy with the group version.", + "title": "SubscriptionDefinitionVersionArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Greengrass::GroupVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -128592,52 +134430,55 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A brief description of the vehicle model.", - "title": "Description", + "ConnectorDefinitionVersionArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the connector definition version that contains the connectors you want to deploy with the group version.", + "title": "ConnectorDefinitionVersionArn", "type": "string" }, - "Name": { - "markdownDescription": "The name of the vehicle model.", - "title": "Name", + "CoreDefinitionVersionArn": { + "markdownDescription": "The ARN of the core definition version that contains the core you want to deploy with the group version. Currently, the core definition version can contain only one core.", + "title": "CoreDefinitionVersionArn", "type": "string" }, - "Nodes": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of nodes, which are a general abstraction of signals.", - "title": "Nodes", - "type": "array" + "DeviceDefinitionVersionArn": { + "markdownDescription": "The ARN of the device definition version that contains the devices you want to deploy with the group version.", + "title": "DeviceDefinitionVersionArn", + "type": "string" }, - "SignalCatalogArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the signal catalog associated with the vehicle model.", - "title": "SignalCatalogArn", + "FunctionDefinitionVersionArn": { + "markdownDescription": "The ARN of the function definition version that contains the functions you want to deploy with the group version.", + "title": "FunctionDefinitionVersionArn", "type": "string" }, - "Status": { - "markdownDescription": "The state of the vehicle model. If the status is `ACTIVE` , the vehicle model can't be edited. If the status is `DRAFT` , you can edit the vehicle model.", - "title": "Status", + "GroupId": { + "markdownDescription": "The ID of the group associated with this version. This value is a GUID.", + "title": "GroupId", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata that can be used to manage the vehicle model.", - "title": "Tags", - "type": "array" + "LoggerDefinitionVersionArn": { + "markdownDescription": "The ARN of the logger definition version that contains the loggers you want to deploy with the group version.", + "title": "LoggerDefinitionVersionArn", + "type": "string" + }, + "ResourceDefinitionVersionArn": { + "markdownDescription": "The ARN of the resource definition version that contains the resources you want to deploy with the group version.", + "title": "ResourceDefinitionVersionArn", + "type": "string" + }, + "SubscriptionDefinitionVersionArn": { + "markdownDescription": "The ARN of the subscription definition version that contains the subscriptions you want to deploy with the group version.", + "title": "SubscriptionDefinitionVersionArn", + "type": "string" } }, "required": [ - "Name", - "SignalCatalogArn" + "GroupId" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTFleetWise::ModelManifest" + "AWS::Greengrass::GroupVersion" ], "type": "string" }, @@ -128656,7 +134497,7 @@ ], "type": "object" }, - "AWS::IoTFleetWise::SignalCatalog": { + "AWS::Greengrass::LoggerDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -128691,43 +134532,30 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A brief description of the signal catalog.", - "title": "Description", - "type": "string" + "InitialVersion": { + "$ref": "#/definitions/AWS::Greengrass::LoggerDefinition.LoggerDefinitionVersion", + "markdownDescription": "The logger definition version to include when the logger definition is created. A logger definition version contains a list of [`logger`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-loggerdefinition-logger.html) property types.\n\n> To associate a logger definition version after the logger definition is created, create an [`AWS::Greengrass::LoggerDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-loggerdefinitionversion.html) resource and specify the ID of this logger definition.", + "title": "InitialVersion" }, "Name": { - "markdownDescription": "The name of the signal catalog.", + "markdownDescription": "The name of the logger definition.", "title": "Name", "type": "string" }, - "NodeCounts": { - "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog.NodeCounts", - "markdownDescription": "Information about the number of nodes and node types in a vehicle network.", - "title": "NodeCounts" - }, - "Nodes": { - "items": { - "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog.Node" - }, - "markdownDescription": "A list of information about nodes, which are a general abstraction of signals.", - "title": "Nodes", - "type": "array" - }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata that can be used to manage the signal catalog.", + "markdownDescription": "Application-specific metadata to attach to the logger definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", "title": "Tags", - "type": "array" + "type": "object" } }, + "required": [ + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTFleetWise::SignalCatalog" + "AWS::Greengrass::LoggerDefinition" ], "type": "string" }, @@ -128741,246 +134569,66 @@ } }, "required": [ - "Type" - ], - "type": "object" - }, - "AWS::IoTFleetWise::SignalCatalog.Actuator": { - "additionalProperties": false, - "properties": { - "AllowedValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of possible values an actuator can take.", - "title": "AllowedValues", - "type": "array" - }, - "AssignedValue": { - "markdownDescription": "A specified value for the actuator.", - "title": "AssignedValue", - "type": "string" - }, - "DataType": { - "markdownDescription": "The specified data type of the actuator.", - "title": "DataType", - "type": "string" - }, - "Description": { - "markdownDescription": "A brief description of the actuator.", - "title": "Description", - "type": "string" - }, - "FullyQualifiedName": { - "markdownDescription": "The fully qualified name of the actuator. For example, the fully qualified name of an actuator might be `Vehicle.Front.Left.Door.Lock` .", - "title": "FullyQualifiedName", - "type": "string" - }, - "Max": { - "markdownDescription": "The specified possible maximum value of an actuator.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The specified possible minimum value of an actuator.", - "title": "Min", - "type": "number" - }, - "Unit": { - "markdownDescription": "The scientific unit for the actuator.", - "title": "Unit", - "type": "string" - } - }, - "required": [ - "DataType", - "FullyQualifiedName" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoTFleetWise::SignalCatalog.Attribute": { + "AWS::Greengrass::LoggerDefinition.Logger": { "additionalProperties": false, "properties": { - "AllowedValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of possible values an attribute can be assigned.", - "title": "AllowedValues", - "type": "array" - }, - "AssignedValue": { - "markdownDescription": "A specified value for the attribute.", - "title": "AssignedValue", - "type": "string" - }, - "DataType": { - "markdownDescription": "The specified data type of the attribute.", - "title": "DataType", - "type": "string" - }, - "DefaultValue": { - "markdownDescription": "The default value of the attribute.", - "title": "DefaultValue", + "Component": { + "markdownDescription": "The source of the log event. Valid values are `GreengrassSystem` or `Lambda` . When `GreengrassSystem` is used, events from Greengrass system components are logged. When `Lambda` is used, events from user-defined Lambda functions are logged.", + "title": "Component", "type": "string" }, - "Description": { - "markdownDescription": "A brief description of the attribute.", - "title": "Description", + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the logger. This value must be unique within the logger definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", "type": "string" }, - "FullyQualifiedName": { - "markdownDescription": "The fully qualified name of the attribute. For example, the fully qualified name of an attribute might be `Vehicle.Body.Engine.Type` .", - "title": "FullyQualifiedName", + "Level": { + "markdownDescription": "The log-level threshold. Log events below this threshold are filtered out and aren't stored. Valid values are `DEBUG` , `INFO` (recommended), `WARN` , `ERROR` , or `FATAL` .", + "title": "Level", "type": "string" }, - "Max": { - "markdownDescription": "The specified possible maximum value of the attribute.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The specified possible minimum value of the attribute.", - "title": "Min", + "Space": { + "markdownDescription": "The amount of file space (in KB) to use when writing logs to the local file system. This property does not apply for CloudWatch Logs .", + "title": "Space", "type": "number" }, - "Unit": { - "markdownDescription": "The scientific unit for the attribute.", - "title": "Unit", - "type": "string" - } - }, - "required": [ - "DataType", - "FullyQualifiedName" - ], - "type": "object" - }, - "AWS::IoTFleetWise::SignalCatalog.Branch": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A brief description of the branch.", - "title": "Description", - "type": "string" - }, - "FullyQualifiedName": { - "markdownDescription": "The fully qualified name of the branch. For example, the fully qualified name of a branch might be `Vehicle.Body.Engine` .", - "title": "FullyQualifiedName", + "Type": { + "markdownDescription": "The storage mechanism for log events. Valid values are `FileSystem` or `AWSCloudWatch` . When `AWSCloudWatch` is used, log events are sent to CloudWatch Logs . When `FileSystem` is used, log events are stored on the local file system.", + "title": "Type", "type": "string" } }, "required": [ - "FullyQualifiedName" + "Component", + "Id", + "Level", + "Type" ], "type": "object" }, - "AWS::IoTFleetWise::SignalCatalog.Node": { - "additionalProperties": false, - "properties": { - "Actuator": { - "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog.Actuator", - "markdownDescription": "Information about a node specified as an actuator.\n\n> An actuator is a digital representation of a vehicle device.", - "title": "Actuator" - }, - "Attribute": { - "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog.Attribute", - "markdownDescription": "Information about a node specified as an attribute.\n\n> An attribute represents static information about a vehicle.", - "title": "Attribute" - }, - "Branch": { - "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog.Branch", - "markdownDescription": "Information about a node specified as a branch.\n\n> A group of signals that are defined in a hierarchical structure.", - "title": "Branch" - }, - "Sensor": { - "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog.Sensor", - "markdownDescription": "An input component that reports the environmental condition of a vehicle.\n\n> You can collect data about fluid levels, temperatures, vibrations, or battery voltage from sensors.", - "title": "Sensor" - } - }, - "type": "object" - }, - "AWS::IoTFleetWise::SignalCatalog.NodeCounts": { - "additionalProperties": false, - "properties": { - "TotalActuators": { - "markdownDescription": "The total number of nodes in a vehicle network that represent actuators.", - "title": "TotalActuators", - "type": "number" - }, - "TotalAttributes": { - "markdownDescription": "The total number of nodes in a vehicle network that represent attributes.", - "title": "TotalAttributes", - "type": "number" - }, - "TotalBranches": { - "markdownDescription": "The total number of nodes in a vehicle network that represent branches.", - "title": "TotalBranches", - "type": "number" - }, - "TotalNodes": { - "markdownDescription": "The total number of nodes in a vehicle network.", - "title": "TotalNodes", - "type": "number" - }, - "TotalSensors": { - "markdownDescription": "The total number of nodes in a vehicle network that represent sensors.", - "title": "TotalSensors", - "type": "number" - } - }, - "type": "object" - }, - "AWS::IoTFleetWise::SignalCatalog.Sensor": { + "AWS::Greengrass::LoggerDefinition.LoggerDefinitionVersion": { "additionalProperties": false, "properties": { - "AllowedValues": { + "Loggers": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Greengrass::LoggerDefinition.Logger" }, - "markdownDescription": "A list of possible values a sensor can take.", - "title": "AllowedValues", + "markdownDescription": "The loggers in this version.", + "title": "Loggers", "type": "array" - }, - "DataType": { - "markdownDescription": "The specified data type of the sensor.", - "title": "DataType", - "type": "string" - }, - "Description": { - "markdownDescription": "A brief description of a sensor.", - "title": "Description", - "type": "string" - }, - "FullyQualifiedName": { - "markdownDescription": "The fully qualified name of the sensor. For example, the fully qualified name of a sensor might be `Vehicle.Body.Engine.Battery` .", - "title": "FullyQualifiedName", - "type": "string" - }, - "Max": { - "markdownDescription": "The specified possible maximum value of the sensor.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The specified possible minimum value of the sensor.", - "title": "Min", - "type": "number" - }, - "Unit": { - "markdownDescription": "The scientific unit of measurement for data collected by the sensor.", - "title": "Unit", - "type": "string" } }, "required": [ - "DataType", - "FullyQualifiedName" + "Loggers" ], "type": "object" }, - "AWS::IoTFleetWise::Vehicle": { + "AWS::Greengrass::LoggerDefinitionVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -129015,56 +134663,29 @@ "Properties": { "additionalProperties": false, "properties": { - "AssociationBehavior": { - "markdownDescription": "An option to create a new AWS IoT thing when creating a vehicle, or to validate an existing thing as a vehicle.", - "title": "AssociationBehavior", - "type": "string" - }, - "Attributes": { - "additionalProperties": true, - "markdownDescription": "Static information about a vehicle in a key-value pair. For example: `\"engine Type\"` : `\"v6\"`", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Attributes", - "type": "object" - }, - "DecoderManifestArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of a decoder manifest associated with the vehicle to create.", - "title": "DecoderManifestArn", - "type": "string" - }, - "ModelManifestArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the vehicle model (model manifest) to create the vehicle from.", - "title": "ModelManifestArn", - "type": "string" - }, - "Name": { - "markdownDescription": "The unique ID of the vehicle.", - "title": "Name", + "LoggerDefinitionId": { + "markdownDescription": "The ID of the logger definition associated with this version. This value is a GUID.", + "title": "LoggerDefinitionId", "type": "string" }, - "Tags": { + "Loggers": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Greengrass::LoggerDefinitionVersion.Logger" }, - "markdownDescription": "Metadata which can be used to manage the vehicle.", - "title": "Tags", + "markdownDescription": "The loggers in this version.", + "title": "Loggers", "type": "array" } }, "required": [ - "DecoderManifestArn", - "ModelManifestArn", - "Name" + "LoggerDefinitionId", + "Loggers" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTFleetWise::Vehicle" + "AWS::Greengrass::LoggerDefinitionVersion" ], "type": "string" }, @@ -129083,7 +134704,44 @@ ], "type": "object" }, - "AWS::IoTSiteWise::AccessPolicy": { + "AWS::Greengrass::LoggerDefinitionVersion.Logger": { + "additionalProperties": false, + "properties": { + "Component": { + "markdownDescription": "The source of the log event. Valid values are `GreengrassSystem` or `Lambda` . When `GreengrassSystem` is used, events from Greengrass system components are logged. When `Lambda` is used, events from user-defined Lambda functions are logged.", + "title": "Component", + "type": "string" + }, + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the logger. This value must be unique within the logger definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", + "type": "string" + }, + "Level": { + "markdownDescription": "The log-level threshold. Log events below this threshold are filtered out and aren't stored. Valid values are `DEBUG` , `INFO` (recommended), `WARN` , `ERROR` , or `FATAL` .", + "title": "Level", + "type": "string" + }, + "Space": { + "markdownDescription": "The amount of file space (in KB) to use when writing logs to the local file system. This property does not apply for CloudWatch Logs .", + "title": "Space", + "type": "number" + }, + "Type": { + "markdownDescription": "The storage mechanism for log events. Valid values are `FileSystem` or `AWSCloudWatch` . When `AWSCloudWatch` is used, log events are sent to CloudWatch Logs . When `FileSystem` is used, log events are stored on the local file system.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Component", + "Id", + "Level", + "Type" + ], + "type": "object" + }, + "AWS::Greengrass::ResourceDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -129118,32 +134776,30 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessPolicyIdentity": { - "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.AccessPolicyIdentity", - "markdownDescription": "The identity for this access policy. Choose an IAM Identity Center user, an IAM Identity Center group, or an IAM user.", - "title": "AccessPolicyIdentity" + "InitialVersion": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.ResourceDefinitionVersion", + "markdownDescription": "The resource definition version to include when the resource definition is created. A resource definition version contains a list of [`resource instance`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-resourcedefinition-resourceinstance.html) property types.\n\n> To associate a resource definition version after the resource definition is created, create an [`AWS::Greengrass::ResourceDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-resourcedefinitionversion.html) resource and specify the ID of this resource definition.", + "title": "InitialVersion" }, - "AccessPolicyPermission": { - "markdownDescription": "The permission level for this access policy. Note that a project `ADMINISTRATOR` is also known as a project owner.", - "title": "AccessPolicyPermission", + "Name": { + "markdownDescription": "The name of the resource definition.", + "title": "Name", "type": "string" }, - "AccessPolicyResource": { - "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.AccessPolicyResource", - "markdownDescription": "The AWS IoT SiteWise Monitor resource for this access policy. Choose either a portal or a project.", - "title": "AccessPolicyResource" + "Tags": { + "markdownDescription": "Application-specific metadata to attach to the resource definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", + "title": "Tags", + "type": "object" } }, "required": [ - "AccessPolicyIdentity", - "AccessPolicyPermission", - "AccessPolicyResource" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTSiteWise::AccessPolicy" + "AWS::Greengrass::ResourceDefinition" ], "type": "string" }, @@ -129162,271 +134818,236 @@ ], "type": "object" }, - "AWS::IoTSiteWise::AccessPolicy.AccessPolicyIdentity": { + "AWS::Greengrass::ResourceDefinition.GroupOwnerSetting": { "additionalProperties": false, "properties": { - "IamRole": { - "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.IamRole", - "markdownDescription": "An IAM role identity.", - "title": "IamRole" - }, - "IamUser": { - "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.IamUser", - "markdownDescription": "An IAM user identity.", - "title": "IamUser" + "AutoAddGroupOwner": { + "markdownDescription": "Indicates whether to give the privileges of the Linux group that owns the resource to the Lambda process. This gives the Lambda process the file access permissions of the Linux group.", + "title": "AutoAddGroupOwner", + "type": "boolean" }, - "User": { - "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.User", - "markdownDescription": "An IAM Identity Center user identity.", - "title": "User" - } + "GroupOwner": { + "markdownDescription": "The name of the Linux group whose privileges you want to add to the Lambda process. This value is ignored if `AutoAddGroupOwner` is true.", + "title": "GroupOwner", + "type": "string" + } }, + "required": [ + "AutoAddGroupOwner" + ], "type": "object" }, - "AWS::IoTSiteWise::AccessPolicy.AccessPolicyResource": { + "AWS::Greengrass::ResourceDefinition.LocalDeviceResourceData": { "additionalProperties": false, "properties": { - "Portal": { - "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.Portal", - "markdownDescription": "Identifies an AWS IoT SiteWise Monitor portal.", - "title": "Portal" + "GroupOwnerSetting": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.GroupOwnerSetting", + "markdownDescription": "Settings that define additional Linux OS group permissions to give to the Lambda function process.", + "title": "GroupOwnerSetting" }, - "Project": { - "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.Project", - "markdownDescription": "Identifies a specific AWS IoT SiteWise Monitor project.", - "title": "Project" + "SourcePath": { + "markdownDescription": "The local absolute path of the device resource. The source path for a device resource can refer only to a character device or block device under `/dev` .", + "title": "SourcePath", + "type": "string" } }, + "required": [ + "SourcePath" + ], "type": "object" }, - "AWS::IoTSiteWise::AccessPolicy.IamRole": { + "AWS::Greengrass::ResourceDefinition.LocalVolumeResourceData": { "additionalProperties": false, "properties": { - "arn": { - "markdownDescription": "The ARN of the IAM role. For more information, see [IAM ARNs](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html) in the *IAM User Guide* .", - "title": "arn", + "DestinationPath": { + "markdownDescription": "The absolute local path of the resource in the Lambda environment.", + "title": "DestinationPath", + "type": "string" + }, + "GroupOwnerSetting": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.GroupOwnerSetting", + "markdownDescription": "Settings that define additional Linux OS group permissions to give to the Lambda function process.", + "title": "GroupOwnerSetting" + }, + "SourcePath": { + "markdownDescription": "The local absolute path of the volume resource on the host. The source path for a volume resource type cannot start with `/sys` .", + "title": "SourcePath", "type": "string" } }, + "required": [ + "DestinationPath", + "SourcePath" + ], "type": "object" }, - "AWS::IoTSiteWise::AccessPolicy.IamUser": { + "AWS::Greengrass::ResourceDefinition.ResourceDataContainer": { "additionalProperties": false, "properties": { - "arn": { - "markdownDescription": "The ARN of the IAM user. For more information, see [IAM ARNs](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html) in the *IAM User Guide* .\n\n> If you delete the IAM user, access policies that contain this identity include an empty `arn` . You can delete the access policy for the IAM user that no longer exists.", - "title": "arn", - "type": "string" + "LocalDeviceResourceData": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.LocalDeviceResourceData", + "markdownDescription": "Settings for a local device resource.", + "title": "LocalDeviceResourceData" + }, + "LocalVolumeResourceData": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.LocalVolumeResourceData", + "markdownDescription": "Settings for a local volume resource.", + "title": "LocalVolumeResourceData" + }, + "S3MachineLearningModelResourceData": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.S3MachineLearningModelResourceData", + "markdownDescription": "Settings for a machine learning resource stored in Amazon S3 .", + "title": "S3MachineLearningModelResourceData" + }, + "SageMakerMachineLearningModelResourceData": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.SageMakerMachineLearningModelResourceData", + "markdownDescription": "Settings for a machine learning resource saved as an SageMaker AI training job.", + "title": "SageMakerMachineLearningModelResourceData" + }, + "SecretsManagerSecretResourceData": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.SecretsManagerSecretResourceData", + "markdownDescription": "Settings for a secret resource.", + "title": "SecretsManagerSecretResourceData" } }, "type": "object" }, - "AWS::IoTSiteWise::AccessPolicy.Portal": { + "AWS::Greengrass::ResourceDefinition.ResourceDefinitionVersion": { "additionalProperties": false, "properties": { - "id": { - "markdownDescription": "The ID of the portal.", - "title": "id", - "type": "string" + "Resources": { + "items": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.ResourceInstance" + }, + "markdownDescription": "The resources in this version.", + "title": "Resources", + "type": "array" } }, + "required": [ + "Resources" + ], "type": "object" }, - "AWS::IoTSiteWise::AccessPolicy.Project": { + "AWS::Greengrass::ResourceDefinition.ResourceDownloadOwnerSetting": { "additionalProperties": false, "properties": { - "id": { - "markdownDescription": "The ID of the project.", - "title": "id", + "GroupOwner": { + "markdownDescription": "The group owner of the machine learning resource. This is the group ID (GID) of an existing Linux OS group on the system. The group's permissions are added to the Lambda process.", + "title": "GroupOwner", + "type": "string" + }, + "GroupPermission": { + "markdownDescription": "The permissions that the group owner has to the machine learning resource. Valid values are `rw` (read-write) or `ro` (read-only).", + "title": "GroupPermission", "type": "string" } }, + "required": [ + "GroupOwner", + "GroupPermission" + ], "type": "object" }, - "AWS::IoTSiteWise::AccessPolicy.User": { + "AWS::Greengrass::ResourceDefinition.ResourceInstance": { "additionalProperties": false, "properties": { - "id": { - "markdownDescription": "The IAM Identity Center ID of the user.", - "title": "id", + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the resource. This value must be unique within the resource definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", + "type": "string" + }, + "Name": { + "markdownDescription": "The descriptive resource name, which is displayed on the AWS IoT Greengrass console. Maximum length 128 characters with pattern [a-zA-Z0-9:_-]+. This must be unique within a Greengrass group.", + "title": "Name", "type": "string" + }, + "ResourceDataContainer": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.ResourceDataContainer", + "markdownDescription": "A container for resource data. The container takes only one of the following supported resource data types: `LocalDeviceResourceData` , `LocalVolumeResourceData` , `SageMakerMachineLearningModelResourceData` , `S3MachineLearningModelResourceData` , or `SecretsManagerSecretResourceData` .\n\n> Only one resource type can be defined for a `ResourceDataContainer` instance.", + "title": "ResourceDataContainer" } }, + "required": [ + "Id", + "Name", + "ResourceDataContainer" + ], "type": "object" }, - "AWS::IoTSiteWise::Asset": { + "AWS::Greengrass::ResourceDefinition.S3MachineLearningModelResourceData": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DestinationPath": { + "markdownDescription": "The absolute local path of the resource inside the Lambda environment.", + "title": "DestinationPath", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AssetDescription": { - "markdownDescription": "The ID of the asset, in UUID format.", - "title": "AssetDescription", - "type": "string" - }, - "AssetExternalId": { - "markdownDescription": "The external ID of the asset model composite model. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", - "title": "AssetExternalId", - "type": "string" - }, - "AssetHierarchies": { - "items": { - "$ref": "#/definitions/AWS::IoTSiteWise::Asset.AssetHierarchy" - }, - "markdownDescription": "A list of asset hierarchies that each contain a `hierarchyId` . A hierarchy specifies allowed parent/child asset relationships.", - "title": "AssetHierarchies", - "type": "array" - }, - "AssetModelId": { - "markdownDescription": "The ID of the asset model from which to create the asset. This can be either the actual ID in UUID format, or else `externalId:` followed by the external ID, if it has one. For more information, see [Referencing objects with external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-id-references) in the *AWS IoT SiteWise User Guide* .", - "title": "AssetModelId", - "type": "string" - }, - "AssetName": { - "markdownDescription": "A friendly name for the asset.", - "title": "AssetName", - "type": "string" - }, - "AssetProperties": { - "items": { - "$ref": "#/definitions/AWS::IoTSiteWise::Asset.AssetProperty" - }, - "markdownDescription": "The list of asset properties for the asset.\n\nThis object doesn't include properties that you define in composite models. You can find composite model properties in the `assetCompositeModels` object.", - "title": "AssetProperties", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of key-value pairs that contain metadata for the asset. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "AssetModelId", - "AssetName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::IoTSiteWise::Asset" - ], - "type": "string" + "OwnerSetting": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.ResourceDownloadOwnerSetting", + "markdownDescription": "The owner setting for the downloaded machine learning resource. For more information, see [Access Machine Learning Resources from Lambda Functions](https://docs.aws.amazon.com/greengrass/v1/developerguide/access-ml-resources.html) in the *Developer Guide* .", + "title": "OwnerSetting" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "S3Uri": { + "markdownDescription": "The URI of the source model in an Amazon S3 bucket. The model package must be in `tar.gz` or `.zip` format.", + "title": "S3Uri", "type": "string" } }, "required": [ - "Type", - "Properties" + "DestinationPath", + "S3Uri" ], "type": "object" }, - "AWS::IoTSiteWise::Asset.AssetHierarchy": { + "AWS::Greengrass::ResourceDefinition.SageMakerMachineLearningModelResourceData": { "additionalProperties": false, "properties": { - "ChildAssetId": { - "markdownDescription": "The Id of the child asset.", - "title": "ChildAssetId", - "type": "string" - }, - "ExternalId": { - "markdownDescription": "The external ID of the hierarchy, if it has one. When you update an asset hierarchy, you may assign an external ID if it doesn't already have one. You can't change the external ID of an asset hierarchy that already has one. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", - "title": "ExternalId", + "DestinationPath": { + "markdownDescription": "The absolute local path of the resource inside the Lambda environment.", + "title": "DestinationPath", "type": "string" }, - "Id": { - "markdownDescription": "The ID of the hierarchy. This ID is a `hierarchyId` .\n\n> This is a return value and can't be set.", - "title": "Id", - "type": "string" + "OwnerSetting": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.ResourceDownloadOwnerSetting", + "markdownDescription": "The owner setting for the downloaded machine learning resource. For more information, see [Access Machine Learning Resources from Lambda Functions](https://docs.aws.amazon.com/greengrass/v1/developerguide/access-ml-resources.html) in the *Developer Guide* .", + "title": "OwnerSetting" }, - "LogicalId": { - "markdownDescription": "The ID of the hierarchy. This ID is a `hierarchyId` .", - "title": "LogicalId", + "SageMakerJobArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SageMaker AI training job that represents the source model.", + "title": "SageMakerJobArn", "type": "string" } }, "required": [ - "ChildAssetId" + "DestinationPath", + "SageMakerJobArn" ], "type": "object" }, - "AWS::IoTSiteWise::Asset.AssetProperty": { + "AWS::Greengrass::ResourceDefinition.SecretsManagerSecretResourceData": { "additionalProperties": false, "properties": { - "Alias": { - "markdownDescription": "The alias that identifies the property, such as an OPC-UA server data stream path (for example, `/company/windfarm/3/turbine/7/temperature` ). For more information, see [Mapping industrial data streams to asset properties](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/connect-data-streams.html) in the *AWS IoT SiteWise User Guide* .", - "title": "Alias", - "type": "string" - }, - "ExternalId": { - "markdownDescription": "The external ID of the property. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", - "title": "ExternalId", - "type": "string" - }, - "Id": { - "markdownDescription": "The ID of the asset property.\n\n> This is a return value and can't be set.", - "title": "Id", - "type": "string" - }, - "LogicalId": { - "markdownDescription": "The `LogicalID` of the asset property.", - "title": "LogicalId", - "type": "string" - }, - "NotificationState": { - "markdownDescription": "The MQTT notification state (enabled or disabled) for this asset property. When the notification state is enabled, AWS IoT SiteWise publishes property value updates to a unique MQTT topic. For more information, see [Interacting with other services](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/interact-with-other-services.html) in the *AWS IoT SiteWise User Guide* .\n\nIf you omit this parameter, the notification state is set to `DISABLED` .", - "title": "NotificationState", + "ARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Secrets Manager secret to make available on the core. The value of the secret's latest version (represented by the `AWSCURRENT` staging label) is included by default.", + "title": "ARN", "type": "string" }, - "Unit": { - "markdownDescription": "The unit (such as `Newtons` or `RPM` ) of the asset property.", - "title": "Unit", - "type": "string" + "AdditionalStagingLabelsToDownload": { + "items": { + "type": "string" + }, + "markdownDescription": "The staging labels whose values you want to make available on the core, in addition to `AWSCURRENT` .", + "title": "AdditionalStagingLabelsToDownload", + "type": "array" } }, + "required": [ + "ARN" + ], "type": "object" }, - "AWS::IoTSiteWise::AssetModel": { + "AWS::Greengrass::ResourceDefinitionVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -129461,67 +135082,29 @@ "Properties": { "additionalProperties": false, "properties": { - "AssetModelCompositeModels": { - "items": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.AssetModelCompositeModel" - }, - "markdownDescription": "The composite models that are part of this asset model. It groups properties (such as attributes, measurements, transforms, and metrics) and child composite models that model parts of your industrial equipment. Each composite model has a type that defines the properties that the composite model supports. Use composite models to define alarms on this asset model.\n\n> When creating custom composite models, you need to use [CreateAssetModelCompositeModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_CreateAssetModelCompositeModel.html) . For more information, see [Creating custom composite models (Components)](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/create-custom-composite-models.html) in the *AWS IoT SiteWise User Guide* .", - "title": "AssetModelCompositeModels", - "type": "array" - }, - "AssetModelDescription": { - "markdownDescription": "A description for the asset model.", - "title": "AssetModelDescription", - "type": "string" - }, - "AssetModelExternalId": { - "markdownDescription": "The external ID of the asset model. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", - "title": "AssetModelExternalId", - "type": "string" - }, - "AssetModelHierarchies": { - "items": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.AssetModelHierarchy" - }, - "markdownDescription": "The hierarchy definitions of the asset model. Each hierarchy specifies an asset model whose assets can be children of any other assets created from this asset model. For more information, see [Asset hierarchies](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/asset-hierarchies.html) in the *AWS IoT SiteWise User Guide* .\n\nYou can specify up to 10 hierarchies per asset model. For more information, see [Quotas](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/quotas.html) in the *AWS IoT SiteWise User Guide* .", - "title": "AssetModelHierarchies", - "type": "array" - }, - "AssetModelName": { - "markdownDescription": "A unique name for the asset model.", - "title": "AssetModelName", - "type": "string" - }, - "AssetModelProperties": { - "items": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.AssetModelProperty" - }, - "markdownDescription": "The property definitions of the asset model. For more information, see [Asset properties](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/asset-properties.html) in the *AWS IoT SiteWise User Guide* .\n\nYou can specify up to 200 properties per asset model. For more information, see [Quotas](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/quotas.html) in the *AWS IoT SiteWise User Guide* .", - "title": "AssetModelProperties", - "type": "array" - }, - "AssetModelType": { - "markdownDescription": "The type of asset model.\n\n- *ASSET_MODEL* \u2013 (default) An asset model that you can use to create assets. Can't be included as a component in another asset model.\n- *COMPONENT_MODEL* \u2013 A reusable component that you can include in the composite models of other asset models. You can't create assets directly from this type of asset model.", - "title": "AssetModelType", + "ResourceDefinitionId": { + "markdownDescription": "The ID of the resource definition associated with this version. This value is a GUID.", + "title": "ResourceDefinitionId", "type": "string" }, - "Tags": { + "Resources": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.ResourceInstance" }, - "markdownDescription": "A list of key-value pairs that contain metadata for the asset. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* .", - "title": "Tags", + "markdownDescription": "The resources in this version.", + "title": "Resources", "type": "array" } }, "required": [ - "AssetModelName" + "ResourceDefinitionId", + "Resources" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTSiteWise::AssetModel" + "AWS::Greengrass::ResourceDefinitionVersion" ], "type": "string" }, @@ -129540,354 +135123,219 @@ ], "type": "object" }, - "AWS::IoTSiteWise::AssetModel.AssetModelCompositeModel": { + "AWS::Greengrass::ResourceDefinitionVersion.GroupOwnerSetting": { "additionalProperties": false, "properties": { - "ComposedAssetModelId": { - "markdownDescription": "The ID of a component model which is reused to create this composite model.", - "title": "ComposedAssetModelId", - "type": "string" - }, - "CompositeModelProperties": { - "items": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.AssetModelProperty" - }, - "markdownDescription": "The asset property definitions for this composite model.", - "title": "CompositeModelProperties", - "type": "array" - }, - "Description": { - "markdownDescription": "The description of the composite model.\n\n> If the composite model is a `component-model-based` composite model, the description is inherited from the `COMPONENT_MODEL` asset model and cannot be changed.", - "title": "Description", - "type": "string" - }, - "ExternalId": { - "markdownDescription": "The external ID of a composite model on this asset model. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .\n\n> One of `ExternalId` or `Path` must be specified.", - "title": "ExternalId", - "type": "string" - }, - "Id": { - "markdownDescription": "The ID of the asset model composite model.\n\n> This is a return value and can't be set.", - "title": "Id", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the composite model.", - "title": "Name", - "type": "string" - }, - "ParentAssetModelCompositeModelExternalId": { - "markdownDescription": "The external ID of the parent composite model. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", - "title": "ParentAssetModelCompositeModelExternalId", - "type": "string" - }, - "Path": { - "items": { - "type": "string" - }, - "markdownDescription": "The structured path to the property from the root of the asset using property names. Path is used as the ID if the asset model is a derived composite model.\n\n> One of `ExternalId` or `Path` must be specified.", - "title": "Path", - "type": "array" + "AutoAddGroupOwner": { + "markdownDescription": "Indicates whether to give the privileges of the Linux group that owns the resource to the Lambda process. This gives the Lambda process the file access permissions of the Linux group.", + "title": "AutoAddGroupOwner", + "type": "boolean" }, - "Type": { - "markdownDescription": "The type of the composite model. For alarm composite models, this type is `AWS/ALARM` .", - "title": "Type", + "GroupOwner": { + "markdownDescription": "The name of the Linux group whose privileges you want to add to the Lambda process. This value is ignored if `AutoAddGroupOwner` is true.", + "title": "GroupOwner", "type": "string" } }, "required": [ - "Name", - "Type" + "AutoAddGroupOwner" ], "type": "object" }, - "AWS::IoTSiteWise::AssetModel.AssetModelHierarchy": { + "AWS::Greengrass::ResourceDefinitionVersion.LocalDeviceResourceData": { "additionalProperties": false, "properties": { - "ChildAssetModelId": { - "markdownDescription": "The ID of the asset model, in UUID format. All assets in this hierarchy must be instances of the `childAssetModelId` asset model. AWS IoT SiteWise will always return the actual asset model ID for this value. However, when you are specifying this value as part of a call to [UpdateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateAssetModel.html) , you may provide either the asset model ID or else `externalId:` followed by the asset model's external ID. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", - "title": "ChildAssetModelId", - "type": "string" - }, - "ExternalId": { - "markdownDescription": "The external ID (if any) provided in the [CreateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_CreateAssetModel.html) or [UpdateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateAssetModel.html) operation. You can assign an external ID by specifying this value as part of a call to [UpdateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateAssetModel.html) . However, you can't change the external ID if one is already assigned. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .\n\n> One of `ExternalId` or `LogicalId` must be specified.", - "title": "ExternalId", - "type": "string" - }, - "Id": { - "markdownDescription": "The ID of the asset model hierarchy. This ID is a `hierarchyId` .\n\n> This is a return value and can't be set. \n\n- If you are callling [UpdateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateAssetModel.html) to create a *new* hierarchy: You can specify its ID here, if desired. AWS IoT SiteWise automatically generates a unique ID for you, so this parameter is never required. However, if you prefer to supply your own ID instead, you can specify it here in UUID format. If you specify your own ID, it must be globally unique.\n- If you are calling UpdateAssetModel to modify an *existing* hierarchy: This can be either the actual ID in UUID format, or else `externalId:` followed by the external ID, if it has one. For more information, see [Referencing objects with external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-id-references) in the *AWS IoT SiteWise User Guide* .", - "title": "Id", - "type": "string" - }, - "LogicalId": { - "markdownDescription": "The `LogicalID` of the asset model hierarchy. This ID is a `hierarchyLogicalId` .\n\n> One of `ExternalId` or `LogicalId` must be specified.", - "title": "LogicalId", - "type": "string" + "GroupOwnerSetting": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.GroupOwnerSetting", + "markdownDescription": "Settings that define additional Linux OS group permissions to give to the Lambda function process.", + "title": "GroupOwnerSetting" }, - "Name": { - "markdownDescription": "The name of the asset model hierarchy that you specify by using the [CreateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_CreateAssetModel.html) or [UpdateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateAssetModel.html) API operation.", - "title": "Name", + "SourcePath": { + "markdownDescription": "The local absolute path of the device resource. The source path for a device resource can refer only to a character device or block device under `/dev` .", + "title": "SourcePath", "type": "string" } }, "required": [ - "ChildAssetModelId", - "Name" + "SourcePath" ], "type": "object" }, - "AWS::IoTSiteWise::AssetModel.AssetModelProperty": { + "AWS::Greengrass::ResourceDefinitionVersion.LocalVolumeResourceData": { "additionalProperties": false, "properties": { - "DataType": { - "markdownDescription": "The data type of the asset model property.\n\nIf you specify `STRUCT` , you must also specify `dataTypeSpec` to identify the type of the structure for this property.", - "title": "DataType", - "type": "string" - }, - "DataTypeSpec": { - "markdownDescription": "The data type of the structure for this property. This parameter exists on properties that have the `STRUCT` data type.", - "title": "DataTypeSpec", - "type": "string" - }, - "ExternalId": { - "markdownDescription": "The external ID of the asset property. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .\n\n> One of `ExternalId` or `LogicalId` must be specified.", - "title": "ExternalId", - "type": "string" - }, - "Id": { - "markdownDescription": "The ID of the property.\n\n> This is a return value and can't be set.", - "title": "Id", - "type": "string" - }, - "LogicalId": { - "markdownDescription": "The `LogicalID` of the asset model property.\n\n> One of `ExternalId` or `LogicalId` must be specified.", - "title": "LogicalId", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the asset model property.", - "title": "Name", + "DestinationPath": { + "markdownDescription": "The absolute local path of the resource in the Lambda environment.", + "title": "DestinationPath", "type": "string" }, - "Type": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.PropertyType", - "markdownDescription": "Contains a property type, which can be one of `attribute` , `measurement` , `metric` , or `transform` .", - "title": "Type" + "GroupOwnerSetting": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.GroupOwnerSetting", + "markdownDescription": "Settings that define additional Linux OS group permissions to give to the Lambda function process.", + "title": "GroupOwnerSetting" }, - "Unit": { - "markdownDescription": "The unit of the asset model property, such as `Newtons` or `RPM` .", - "title": "Unit", + "SourcePath": { + "markdownDescription": "The local absolute path of the volume resource on the host. The source path for a volume resource type cannot start with `/sys` .", + "title": "SourcePath", "type": "string" } }, "required": [ - "DataType", - "Name", - "Type" + "DestinationPath", + "SourcePath" ], "type": "object" }, - "AWS::IoTSiteWise::AssetModel.Attribute": { + "AWS::Greengrass::ResourceDefinitionVersion.ResourceDataContainer": { "additionalProperties": false, "properties": { - "DefaultValue": { - "markdownDescription": "The default value of the asset model property attribute. All assets that you create from the asset model contain this attribute value. You can update an attribute's value after you create an asset. For more information, see [Updating attribute values](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/update-attribute-values.html) in the *AWS IoT SiteWise User Guide* .", - "title": "DefaultValue", - "type": "string" + "LocalDeviceResourceData": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.LocalDeviceResourceData", + "markdownDescription": "Settings for a local device resource.", + "title": "LocalDeviceResourceData" + }, + "LocalVolumeResourceData": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.LocalVolumeResourceData", + "markdownDescription": "Settings for a local volume resource.", + "title": "LocalVolumeResourceData" + }, + "S3MachineLearningModelResourceData": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.S3MachineLearningModelResourceData", + "markdownDescription": "Settings for a machine learning resource stored in Amazon S3 .", + "title": "S3MachineLearningModelResourceData" + }, + "SageMakerMachineLearningModelResourceData": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.SageMakerMachineLearningModelResourceData", + "markdownDescription": "Settings for a machine learning resource saved as an SageMaker AI training job.", + "title": "SageMakerMachineLearningModelResourceData" + }, + "SecretsManagerSecretResourceData": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.SecretsManagerSecretResourceData", + "markdownDescription": "Settings for a secret resource.", + "title": "SecretsManagerSecretResourceData" } }, "type": "object" }, - "AWS::IoTSiteWise::AssetModel.ExpressionVariable": { + "AWS::Greengrass::ResourceDefinitionVersion.ResourceDownloadOwnerSetting": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The friendly name of the variable to be used in the expression.", - "title": "Name", + "GroupOwner": { + "markdownDescription": "The group owner of the machine learning resource. This is the group ID (GID) of an existing Linux OS group on the system. The group's permissions are added to the Lambda process.", + "title": "GroupOwner", "type": "string" }, - "Value": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.VariableValue", - "markdownDescription": "The variable that identifies an asset property from which to use values.", - "title": "Value" + "GroupPermission": { + "markdownDescription": "The permissions that the group owner has to the machine learning resource. Valid values are `rw` (read-write) or `ro` (read-only).", + "title": "GroupPermission", + "type": "string" } }, "required": [ - "Name", - "Value" + "GroupOwner", + "GroupPermission" ], "type": "object" }, - "AWS::IoTSiteWise::AssetModel.Metric": { + "AWS::Greengrass::ResourceDefinitionVersion.ResourceInstance": { "additionalProperties": false, "properties": { - "Expression": { - "markdownDescription": "The mathematical expression that defines the metric aggregation function. You can specify up to 10 variables per expression. You can specify up to 10 functions per expression.\n\nFor more information, see [Quotas](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/quotas.html) in the *AWS IoT SiteWise User Guide* .", - "title": "Expression", + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the resource. This value must be unique within the resource definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", "type": "string" }, - "Variables": { - "items": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.ExpressionVariable" - }, - "markdownDescription": "The list of variables used in the expression.", - "title": "Variables", - "type": "array" - }, - "Window": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.MetricWindow", - "markdownDescription": "The window (time interval) over which AWS IoT SiteWise computes the metric's aggregation expression. AWS IoT SiteWise computes one data point per `window` .", - "title": "Window" - } - }, - "required": [ - "Expression", - "Variables", - "Window" - ], - "type": "object" - }, - "AWS::IoTSiteWise::AssetModel.MetricWindow": { - "additionalProperties": false, - "properties": { - "Tumbling": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.TumblingWindow", - "markdownDescription": "The tumbling time interval window.", - "title": "Tumbling" - } - }, - "type": "object" - }, - "AWS::IoTSiteWise::AssetModel.PropertyPathDefinition": { - "additionalProperties": false, - "properties": { "Name": { - "markdownDescription": "The name of the path segment.", + "markdownDescription": "The descriptive resource name, which is displayed on the AWS IoT Greengrass console. Maximum length 128 characters with pattern [a-zA-Z0-9:_-]+. This must be unique within a Greengrass group.", "title": "Name", "type": "string" + }, + "ResourceDataContainer": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.ResourceDataContainer", + "markdownDescription": "A container for resource data. The container takes only one of the following supported resource data types: `LocalDeviceResourceData` , `LocalVolumeResourceData` , `SageMakerMachineLearningModelResourceData` , `S3MachineLearningModelResourceData` , or `SecretsManagerSecretResourceData` .\n\n> Only one resource type can be defined for a `ResourceDataContainer` instance.", + "title": "ResourceDataContainer" } }, "required": [ - "Name" + "Id", + "Name", + "ResourceDataContainer" ], "type": "object" }, - "AWS::IoTSiteWise::AssetModel.PropertyType": { + "AWS::Greengrass::ResourceDefinitionVersion.S3MachineLearningModelResourceData": { "additionalProperties": false, "properties": { - "Attribute": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.Attribute", - "markdownDescription": "Specifies an asset attribute property. An attribute generally contains static information, such as the serial number of an [IIoT](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Internet_of_things#Industrial_applications) wind turbine.", - "title": "Attribute" - }, - "Metric": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.Metric", - "markdownDescription": "Specifies an asset metric property. A metric contains a mathematical expression that uses aggregate functions to process all input data points over a time interval and output a single data point, such as to calculate the average hourly temperature.", - "title": "Metric" + "DestinationPath": { + "markdownDescription": "The absolute local path of the resource inside the Lambda environment.", + "title": "DestinationPath", + "type": "string" }, - "Transform": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.Transform", - "markdownDescription": "Specifies an asset transform property. A transform contains a mathematical expression that maps a property's data points from one form to another, such as a unit conversion from Celsius to Fahrenheit.", - "title": "Transform" + "OwnerSetting": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.ResourceDownloadOwnerSetting", + "markdownDescription": "The owner setting for the downloaded machine learning resource. For more information, see [Access Machine Learning Resources from Lambda Functions](https://docs.aws.amazon.com/greengrass/v1/developerguide/access-ml-resources.html) in the *Developer Guide* .", + "title": "OwnerSetting" }, - "TypeName": { - "markdownDescription": "The type of property type, which can be one of `Attribute` , `Measurement` , `Metric` , or `Transform` .", - "title": "TypeName", + "S3Uri": { + "markdownDescription": "The URI of the source model in an Amazon S3 bucket. The model package must be in `tar.gz` or `.zip` format.", + "title": "S3Uri", "type": "string" } }, "required": [ - "TypeName" + "DestinationPath", + "S3Uri" ], "type": "object" }, - "AWS::IoTSiteWise::AssetModel.Transform": { + "AWS::Greengrass::ResourceDefinitionVersion.SageMakerMachineLearningModelResourceData": { "additionalProperties": false, "properties": { - "Expression": { - "markdownDescription": "The mathematical expression that defines the transformation function. You can specify up to 10 variables per expression. You can specify up to 10 functions per expression.\n\nFor more information, see [Quotas](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/quotas.html) in the *AWS IoT SiteWise User Guide* .", - "title": "Expression", + "DestinationPath": { + "markdownDescription": "The absolute local path of the resource inside the Lambda environment.", + "title": "DestinationPath", "type": "string" }, - "Variables": { - "items": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.ExpressionVariable" - }, - "markdownDescription": "The list of variables used in the expression.", - "title": "Variables", - "type": "array" - } - }, - "required": [ - "Expression", - "Variables" - ], - "type": "object" - }, - "AWS::IoTSiteWise::AssetModel.TumblingWindow": { - "additionalProperties": false, - "properties": { - "Interval": { - "markdownDescription": "The time interval for the tumbling window. The interval time must be between 1 minute and 1 week.\n\nAWS IoT SiteWise computes the `1w` interval the end of Sunday at midnight each week (UTC), the `1d` interval at the end of each day at midnight (UTC), the `1h` interval at the end of each hour, and so on.\n\nWhen AWS IoT SiteWise aggregates data points for metric computations, the start of each interval is exclusive and the end of each interval is inclusive. AWS IoT SiteWise places the computed data point at the end of the interval.", - "title": "Interval", - "type": "string" + "OwnerSetting": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.ResourceDownloadOwnerSetting", + "markdownDescription": "The owner setting for the downloaded machine learning resource. For more information, see [Access Machine Learning Resources from Lambda Functions](https://docs.aws.amazon.com/greengrass/v1/developerguide/access-ml-resources.html) in the *Developer Guide* .", + "title": "OwnerSetting" }, - "Offset": { - "markdownDescription": "The offset for the tumbling window. The `offset` parameter accepts the following:\n\n- The offset time.\n\nFor example, if you specify `18h` for `offset` and `1d` for `interval` , AWS IoT SiteWise aggregates data in one of the following ways:\n\n- If you create the metric before or at 6 PM (UTC), you get the first aggregation result at 6 PM (UTC) on the day when you create the metric.\n- If you create the metric after 6 PM (UTC), you get the first aggregation result at 6 PM (UTC) the next day.\n- The ISO 8601 format.\n\nFor example, if you specify `PT18H` for `offset` and `1d` for `interval` , AWS IoT SiteWise aggregates data in one of the following ways:\n\n- If you create the metric before or at 6 PM (UTC), you get the first aggregation result at 6 PM (UTC) on the day when you create the metric.\n- If you create the metric after 6 PM (UTC), you get the first aggregation result at 6 PM (UTC) the next day.\n- The 24-hour clock.\n\nFor example, if you specify `00:03:00` for `offset` , `5m` for `interval` , and you create the metric at 2 PM (UTC), you get the first aggregation result at 2:03 PM (UTC). You get the second aggregation result at 2:08 PM (UTC).\n- The offset time zone.\n\nFor example, if you specify `2021-07-23T18:00-08` for `offset` and `1d` for `interval` , AWS IoT SiteWise aggregates data in one of the following ways:\n\n- If you create the metric before or at 6 PM (PST), you get the first aggregation result at 6 PM (PST) on the day when you create the metric.\n- If you create the metric after 6 PM (PST), you get the first aggregation result at 6 PM (PST) the next day.", - "title": "Offset", + "SageMakerJobArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SageMaker AI training job that represents the source model.", + "title": "SageMakerJobArn", "type": "string" } }, "required": [ - "Interval" + "DestinationPath", + "SageMakerJobArn" ], "type": "object" }, - "AWS::IoTSiteWise::AssetModel.VariableValue": { + "AWS::Greengrass::ResourceDefinitionVersion.SecretsManagerSecretResourceData": { "additionalProperties": false, "properties": { - "HierarchyExternalId": { - "markdownDescription": "The external ID of the hierarchy being referenced. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", - "title": "HierarchyExternalId", - "type": "string" - }, - "HierarchyId": { - "markdownDescription": "The ID of the hierarchy to query for the property ID. You can use the hierarchy's name instead of the hierarchy's ID. If the hierarchy has an external ID, you can specify `externalId:` followed by the external ID. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .\n\nYou use a hierarchy ID instead of a model ID because you can have several hierarchies using the same model and therefore the same `propertyId` . For example, you might have separately grouped assets that come from the same asset model. For more information, see [Asset hierarchies](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/asset-hierarchies.html) in the *AWS IoT SiteWise User Guide* .", - "title": "HierarchyId", - "type": "string" - }, - "HierarchyLogicalId": { - "markdownDescription": "The `LogicalID` of the hierarchy to query for the `PropertyLogicalID` .\n\nYou use a `hierarchyLogicalID` instead of a model ID because you can have several hierarchies using the same model and therefore the same property. For example, you might have separately grouped assets that come from the same asset model. For more information, see [Defining relationships between asset models (hierarchies)](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/asset-hierarchies.html) in the *AWS IoT SiteWise User Guide* .", - "title": "HierarchyLogicalId", - "type": "string" - }, - "PropertyExternalId": { - "markdownDescription": "The external ID of the property being referenced. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", - "title": "PropertyExternalId", - "type": "string" - }, - "PropertyId": { - "markdownDescription": "The ID of the property to use as the variable. You can use the property `name` if it's from the same asset model. If the property has an external ID, you can specify `externalId:` followed by the external ID. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .\n\n> This is a return value and can't be set.", - "title": "PropertyId", - "type": "string" - }, - "PropertyLogicalId": { - "markdownDescription": "The `LogicalID` of the property that is being referenced.", - "title": "PropertyLogicalId", + "ARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Secrets Manager secret to make available on the core. The value of the secret's latest version (represented by the `AWSCURRENT` staging label) is included by default.", + "title": "ARN", "type": "string" }, - "PropertyPath": { + "AdditionalStagingLabelsToDownload": { "items": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.PropertyPathDefinition" + "type": "string" }, - "markdownDescription": "The path of the property. Each step of the path is the name of the step. See the following example:\n\n`PropertyPath: Name: AssetModelName Name: Composite1 Name: NestedComposite`", - "title": "PropertyPath", + "markdownDescription": "The staging labels whose values you want to make available on the core, in addition to `AWSCURRENT` .", + "title": "AdditionalStagingLabelsToDownload", "type": "array" } }, + "required": [ + "ARN" + ], "type": "object" }, - "AWS::IoTSiteWise::Dashboard": { + "AWS::Greengrass::SubscriptionDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -129922,45 +135370,30 @@ "Properties": { "additionalProperties": false, "properties": { - "DashboardDefinition": { - "markdownDescription": "The dashboard definition specified in a JSON literal.\n\n- AWS IoT SiteWise Monitor (Classic) see [Create dashboards ( AWS CLI )](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/create-dashboards-using-aws-cli.html)\n- AWS IoT SiteWise Monitor (AI-aware) see [Create dashboards ( AWS CLI )](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/create-dashboards-ai-dashboard-cli.html)\n\nin the *AWS IoT SiteWise User Guide*", - "title": "DashboardDefinition", - "type": "string" - }, - "DashboardDescription": { - "markdownDescription": "A description for the dashboard.", - "title": "DashboardDescription", - "type": "string" - }, - "DashboardName": { - "markdownDescription": "A friendly name for the dashboard.", - "title": "DashboardName", - "type": "string" + "InitialVersion": { + "$ref": "#/definitions/AWS::Greengrass::SubscriptionDefinition.SubscriptionDefinitionVersion", + "markdownDescription": "The subscription definition version to include when the subscription definition is created. A subscription definition version contains a list of [`subscription`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-subscriptiondefinition-subscription.html) property types.\n\n> To associate a subscription definition version after the subscription definition is created, create an [`AWS::Greengrass::SubscriptionDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-subscriptiondefinitionversion.html) resource and specify the ID of this subscription definition.", + "title": "InitialVersion" }, - "ProjectId": { - "markdownDescription": "The ID of the project in which to create the dashboard.", - "title": "ProjectId", + "Name": { + "markdownDescription": "The name of the subscription definition.", + "title": "Name", "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of key-value pairs that contain metadata for the dashboard. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* .", + "markdownDescription": "Application-specific metadata to attach to the subscription definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", "title": "Tags", - "type": "array" + "type": "object" } }, "required": [ - "DashboardDefinition", - "DashboardDescription", - "DashboardName" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTSiteWise::Dashboard" + "AWS::Greengrass::SubscriptionDefinition" ], "type": "string" }, @@ -129979,7 +135412,56 @@ ], "type": "object" }, - "AWS::IoTSiteWise::Gateway": { + "AWS::Greengrass::SubscriptionDefinition.Subscription": { + "additionalProperties": false, + "properties": { + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the subscription. This value must be unique within the subscription definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", + "type": "string" + }, + "Source": { + "markdownDescription": "The originator of the message. The value can be a thing ARN, the ARN of a Lambda function alias (recommended) or version, a connector ARN, `cloud` (which represents the AWS IoT cloud), or `GGShadowService` .", + "title": "Source", + "type": "string" + }, + "Subject": { + "markdownDescription": "The MQTT topic used to route the message.", + "title": "Subject", + "type": "string" + }, + "Target": { + "markdownDescription": "The destination of the message. The value can be a thing ARN, the ARN of a Lambda function alias (recommended) or version, a connector ARN, `cloud` (which represents the AWS IoT cloud), or `GGShadowService` .", + "title": "Target", + "type": "string" + } + }, + "required": [ + "Id", + "Source", + "Subject", + "Target" + ], + "type": "object" + }, + "AWS::Greengrass::SubscriptionDefinition.SubscriptionDefinitionVersion": { + "additionalProperties": false, + "properties": { + "Subscriptions": { + "items": { + "$ref": "#/definitions/AWS::Greengrass::SubscriptionDefinition.Subscription" + }, + "markdownDescription": "The subscriptions in this version.", + "title": "Subscriptions", + "type": "array" + } + }, + "required": [ + "Subscriptions" + ], + "type": "object" + }, + "AWS::Greengrass::SubscriptionDefinitionVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -130014,42 +135496,29 @@ "Properties": { "additionalProperties": false, "properties": { - "GatewayCapabilitySummaries": { - "items": { - "$ref": "#/definitions/AWS::IoTSiteWise::Gateway.GatewayCapabilitySummary" - }, - "markdownDescription": "A list of gateway capability summaries that each contain a namespace and status. Each gateway capability defines data sources for the gateway. To retrieve a capability configuration's definition, use [DescribeGatewayCapabilityConfiguration](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DescribeGatewayCapabilityConfiguration.html) .", - "title": "GatewayCapabilitySummaries", - "type": "array" - }, - "GatewayName": { - "markdownDescription": "A unique name for the gateway.", - "title": "GatewayName", + "SubscriptionDefinitionId": { + "markdownDescription": "The ID of the subscription definition associated with this version. This value is a GUID.", + "title": "SubscriptionDefinitionId", "type": "string" }, - "GatewayPlatform": { - "$ref": "#/definitions/AWS::IoTSiteWise::Gateway.GatewayPlatform", - "markdownDescription": "The gateway's platform. You can only specify one platform in a gateway.", - "title": "GatewayPlatform" - }, - "Tags": { + "Subscriptions": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Greengrass::SubscriptionDefinitionVersion.Subscription" }, - "markdownDescription": "A list of key-value pairs that contain metadata for the gateway. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* .", - "title": "Tags", + "markdownDescription": "The subscriptions in this version.", + "title": "Subscriptions", "type": "array" } }, "required": [ - "GatewayName", - "GatewayPlatform" + "SubscriptionDefinitionId", + "Subscriptions" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTSiteWise::Gateway" + "AWS::Greengrass::SubscriptionDefinitionVersion" ], "type": "string" }, @@ -130068,85 +135537,39 @@ ], "type": "object" }, - "AWS::IoTSiteWise::Gateway.GatewayCapabilitySummary": { + "AWS::Greengrass::SubscriptionDefinitionVersion.Subscription": { "additionalProperties": false, "properties": { - "CapabilityConfiguration": { - "markdownDescription": "The JSON document that defines the configuration for the gateway capability. For more information, see [Configuring data sources (CLI)](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/configure-sources.html#configure-source-cli) in the *AWS IoT SiteWise User Guide* .", - "title": "CapabilityConfiguration", + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the subscription. This value must be unique within the subscription definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", "type": "string" }, - "CapabilityNamespace": { - "markdownDescription": "The namespace of the capability configuration. For example, if you configure OPC-UA sources from the AWS IoT SiteWise console, your OPC-UA capability configuration has the namespace `iotsitewise:opcuacollector:version` , where `version` is a number such as `1` .", - "title": "CapabilityNamespace", + "Source": { + "markdownDescription": "The originator of the message. The value can be a thing ARN, the ARN of a Lambda function alias (recommended) or version, a connector ARN, `cloud` (which represents the AWS IoT cloud), or `GGShadowService` .", + "title": "Source", "type": "string" - } - }, - "required": [ - "CapabilityNamespace" - ], - "type": "object" - }, - "AWS::IoTSiteWise::Gateway.GatewayPlatform": { - "additionalProperties": false, - "properties": { - "Greengrass": { - "$ref": "#/definitions/AWS::IoTSiteWise::Gateway.Greengrass" - }, - "GreengrassV2": { - "$ref": "#/definitions/AWS::IoTSiteWise::Gateway.GreengrassV2", - "markdownDescription": "A gateway that runs on AWS IoT Greengrass V2 .", - "title": "GreengrassV2" }, - "SiemensIE": { - "$ref": "#/definitions/AWS::IoTSiteWise::Gateway.SiemensIE", - "markdownDescription": "An AWS IoT SiteWise Edge gateway that runs on a Siemens Industrial Edge Device.", - "title": "SiemensIE" - } - }, - "type": "object" - }, - "AWS::IoTSiteWise::Gateway.Greengrass": { - "additionalProperties": false, - "properties": { - "GroupArn": { - "type": "string" - } - }, - "required": [ - "GroupArn" - ], - "type": "object" - }, - "AWS::IoTSiteWise::Gateway.GreengrassV2": { - "additionalProperties": false, - "properties": { - "CoreDeviceThingName": { - "markdownDescription": "The name of the AWS IoT thing for your AWS IoT Greengrass V2 core device.", - "title": "CoreDeviceThingName", + "Subject": { + "markdownDescription": "The MQTT topic used to route the message.", + "title": "Subject", "type": "string" - } - }, - "required": [ - "CoreDeviceThingName" - ], - "type": "object" - }, - "AWS::IoTSiteWise::Gateway.SiemensIE": { - "additionalProperties": false, - "properties": { - "IotCoreThingName": { - "markdownDescription": "The name of the AWS IoT Thing for your AWS IoT SiteWise Edge gateway.", - "title": "IotCoreThingName", + }, + "Target": { + "markdownDescription": "The destination of the message. The value can be a thing ARN, the ARN of a Lambda function alias (recommended) or version, a connector ARN, `cloud` (which represents the AWS IoT cloud), or `GGShadowService` .", + "title": "Target", "type": "string" } }, "required": [ - "IotCoreThingName" + "Id", + "Source", + "Subject", + "Target" ], "type": "object" }, - "AWS::IoTSiteWise::Portal": { + "AWS::GreengrassV2::ComponentVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -130181,60 +135604,33 @@ "Properties": { "additionalProperties": false, "properties": { - "Alarms": { - "$ref": "#/definitions/AWS::IoTSiteWise::Portal.Alarms", - "markdownDescription": "Contains the configuration information of an alarm created in an AWS IoT SiteWise Monitor portal. You can use the alarm to monitor an asset property and get notified when the asset property value is outside a specified range. For more information, see [Monitoring with alarms](https://docs.aws.amazon.com/iot-sitewise/latest/appguide/monitor-alarms.html) in the *AWS IoT SiteWise Application Guide* .", - "title": "Alarms" - }, - "NotificationSenderEmail": { - "markdownDescription": "The email address that sends alarm notifications.\n\n> If you use the [AWS IoT Events managed Lambda function](https://docs.aws.amazon.com/iotevents/latest/developerguide/lambda-support.html) to manage your emails, you must [verify the sender email address in Amazon SES](https://docs.aws.amazon.com/ses/latest/DeveloperGuide/verify-email-addresses.html) .", - "title": "NotificationSenderEmail", - "type": "string" - }, - "PortalAuthMode": { - "markdownDescription": "The service to use to authenticate users to the portal. Choose from the following options:\n\n- `SSO` \u2013 The portal uses AWS IAM Identity Center to authenticate users and manage user permissions. Before you can create a portal that uses IAM Identity Center, you must enable IAM Identity Center. For more information, see [Enabling IAM Identity Center](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/monitor-get-started.html#mon-gs-sso) in the *AWS IoT SiteWise User Guide* . This option is only available in AWS Regions other than the China Regions.\n- `IAM` \u2013 The portal uses AWS Identity and Access Management to authenticate users and manage user permissions.\n\nYou can't change this value after you create a portal.\n\nDefault: `SSO`", - "title": "PortalAuthMode", - "type": "string" - }, - "PortalContactEmail": { - "markdownDescription": "The AWS administrator's contact email address.", - "title": "PortalContactEmail", - "type": "string" - }, - "PortalDescription": { - "markdownDescription": "A description for the portal.", - "title": "PortalDescription", - "type": "string" - }, - "PortalName": { - "markdownDescription": "A friendly name for the portal.", - "title": "PortalName", + "InlineRecipe": { + "markdownDescription": "The recipe to use to create the component. The recipe defines the component's metadata, parameters, dependencies, lifecycle, artifacts, and platform compatibility.\n\nYou must specify either `InlineRecipe` or `LambdaFunction` .", + "title": "InlineRecipe", "type": "string" }, - "RoleArn": { - "markdownDescription": "The [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) of a service role that allows the portal's users to access your AWS IoT SiteWise resources on your behalf. For more information, see [Using service roles for AWS IoT SiteWise Monitor](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/monitor-service-role.html) in the *AWS IoT SiteWise User Guide* .", - "title": "RoleArn", - "type": "string" + "LambdaFunction": { + "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaFunctionRecipeSource", + "markdownDescription": "The parameters to create a component from a Lambda function.\n\nYou must specify either `InlineRecipe` or `LambdaFunction` .", + "title": "LambdaFunction" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "Application-specific metadata to attach to the component version. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tag your AWS IoT Greengrass Version 2 resources](https://docs.aws.amazon.com/greengrass/v2/developerguide/tag-resources.html) in the *AWS IoT Greengrass V2 Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "A list of key-value pairs that contain metadata for the portal. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* .", "title": "Tags", - "type": "array" + "type": "object" } }, - "required": [ - "PortalContactEmail", - "PortalName", - "RoleArn" - ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTSiteWise::Portal" + "AWS::GreengrassV2::ComponentVersion" ], "type": "string" }, @@ -130248,206 +135644,278 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::IoTSiteWise::Portal.Alarms": { + "AWS::GreengrassV2::ComponentVersion.ComponentDependencyRequirement": { "additionalProperties": false, "properties": { - "AlarmRoleArn": { - "markdownDescription": "The [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) of the IAM role that allows the alarm to perform actions and access AWS resources and services, such as AWS IoT Events .", - "title": "AlarmRoleArn", + "DependencyType": { + "markdownDescription": "The type of this dependency. Choose from the following options:\n\n- `SOFT` \u2013 The component doesn't restart if the dependency changes state.\n- `HARD` \u2013 The component restarts if the dependency changes state.\n\nDefault: `HARD`", + "title": "DependencyType", "type": "string" }, - "NotificationLambdaArn": { - "markdownDescription": "The [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) of the Lambda function that manages alarm notifications. For more information, see [Managing alarm notifications](https://docs.aws.amazon.com/iotevents/latest/developerguide/lambda-support.html) in the *AWS IoT Events Developer Guide* .", - "title": "NotificationLambdaArn", + "VersionRequirement": { + "markdownDescription": "The component version requirement for the component dependency.\n\nAWS IoT Greengrass uses semantic version constraints. For more information, see [Semantic Versioning](https://docs.aws.amazon.com/https://semver.org/) .", + "title": "VersionRequirement", "type": "string" } }, "type": "object" }, - "AWS::IoTSiteWise::Project": { + "AWS::GreengrassV2::ComponentVersion.ComponentPlatform": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Attributes": { + "additionalProperties": true, + "markdownDescription": "A dictionary of attributes for the platform. The AWS IoT Greengrass Core software defines the `os` and `platform` by default. You can specify additional platform attributes for a core device when you deploy the AWS IoT Greengrass nucleus component. For more information, see the [AWS IoT Greengrass nucleus component](https://docs.aws.amazon.com/greengrass/v2/developerguide/greengrass-nucleus-component.html) in the *AWS IoT Greengrass V2 Developer Guide* .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Attributes", + "type": "object" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "The friendly name of the platform. This name helps you identify the platform.\n\nIf you omit this parameter, AWS IoT Greengrass creates a friendly name from the `os` and `architecture` of the platform.", + "title": "Name", "type": "string" + } + }, + "type": "object" + }, + "AWS::GreengrassV2::ComponentVersion.LambdaContainerParams": { + "additionalProperties": false, + "properties": { + "Devices": { + "items": { + "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaDeviceMount" + }, + "markdownDescription": "The list of system devices that the container can access.", + "title": "Devices", + "type": "array" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "MemorySizeInKB": { + "markdownDescription": "The memory size of the container, expressed in kilobytes.\n\nDefault: `16384` (16 MB)", + "title": "MemorySizeInKB", + "type": "number" }, - "Metadata": { - "type": "object" + "MountROSysfs": { + "markdownDescription": "Whether or not the container can read information from the device's `/sys` folder.\n\nDefault: `false`", + "title": "MountROSysfs", + "type": "boolean" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AssetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list that contains the IDs of each asset associated with the project.", - "title": "AssetIds", - "type": "array" - }, - "PortalId": { - "markdownDescription": "The ID of the portal in which to create the project.", - "title": "PortalId", - "type": "string" - }, - "ProjectDescription": { - "markdownDescription": "A description for the project.", - "title": "ProjectDescription", - "type": "string" - }, - "ProjectName": { - "markdownDescription": "A friendly name for the project.", - "title": "ProjectName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of key-value pairs that contain metadata for the project. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* .", - "title": "Tags", - "type": "array" - } + "Volumes": { + "items": { + "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaVolumeMount" }, - "required": [ - "PortalId", - "ProjectName" - ], - "type": "object" + "markdownDescription": "The list of volumes that the container can access.", + "title": "Volumes", + "type": "array" + } + }, + "type": "object" + }, + "AWS::GreengrassV2::ComponentVersion.LambdaDeviceMount": { + "additionalProperties": false, + "properties": { + "AddGroupOwner": { + "markdownDescription": "Whether or not to add the component's system user as an owner of the device.\n\nDefault: `false`", + "title": "AddGroupOwner", + "type": "boolean" }, - "Type": { - "enum": [ - "AWS::IoTSiteWise::Project" - ], + "Path": { + "markdownDescription": "The mount path for the device in the file system.", + "title": "Path", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Permission": { + "markdownDescription": "The permission to access the device: read/only ( `ro` ) or read/write ( `rw` ).\n\nDefault: `ro`", + "title": "Permission", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::IoTThingsGraph::FlowTemplate": { + "AWS::GreengrassV2::ComponentVersion.LambdaEventSource": { "additionalProperties": false, "properties": { - "Condition": { + "Topic": { + "markdownDescription": "The topic to which to subscribe to receive event messages.", + "title": "Topic", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Type": { + "markdownDescription": "The type of event source. Choose from the following options:\n\n- `PUB_SUB` \u2013 Subscribe to local publish/subscribe messages. This event source type doesn't support MQTT wildcards ( `+` and `#` ) in the event source topic.\n- `IOT_CORE` \u2013 Subscribe to AWS IoT Core MQTT messages. This event source type supports MQTT wildcards ( `+` and `#` ) in the event source topic.", + "title": "Type", "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + } + }, + "type": "object" + }, + "AWS::GreengrassV2::ComponentVersion.LambdaExecutionParameters": { + "additionalProperties": false, + "properties": { + "EnvironmentVariables": { + "additionalProperties": true, + "markdownDescription": "The map of environment variables that are available to the Lambda function when it runs.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" } - ] - }, - "Metadata": { + }, + "title": "EnvironmentVariables", "type": "object" }, - "Properties": { + "EventSources": { + "items": { + "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaEventSource" + }, + "markdownDescription": "The list of event sources to which to subscribe to receive work messages. The Lambda function runs when it receives a message from an event source. You can subscribe this function to local publish/subscribe messages and AWS IoT Core MQTT messages.", + "title": "EventSources", + "type": "array" + }, + "ExecArgs": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of arguments to pass to the Lambda function when it runs.", + "title": "ExecArgs", + "type": "array" + }, + "InputPayloadEncodingType": { + "markdownDescription": "The encoding type that the Lambda function supports.\n\nDefault: `json`", + "title": "InputPayloadEncodingType", + "type": "string" + }, + "LinuxProcessParams": { + "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaLinuxProcessParams", + "markdownDescription": "The parameters for the Linux process that contains the Lambda function.", + "title": "LinuxProcessParams" + }, + "MaxIdleTimeInSeconds": { + "markdownDescription": "The maximum amount of time in seconds that a non-pinned Lambda function can idle before the AWS IoT Greengrass Core software stops its process.", + "title": "MaxIdleTimeInSeconds", + "type": "number" + }, + "MaxInstancesCount": { + "markdownDescription": "The maximum number of instances that a non-pinned Lambda function can run at the same time.", + "title": "MaxInstancesCount", + "type": "number" + }, + "MaxQueueSize": { + "markdownDescription": "The maximum size of the message queue for the Lambda function component. The AWS IoT Greengrass core device stores messages in a FIFO (first-in-first-out) queue until it can run the Lambda function to consume each message.", + "title": "MaxQueueSize", + "type": "number" + }, + "Pinned": { + "markdownDescription": "Whether or not the Lambda function is pinned, or long-lived.\n\n- A pinned Lambda function starts when the AWS IoT Greengrass Core starts and keeps running in its own container.\n- A non-pinned Lambda function starts only when it receives a work item and exists after it idles for `maxIdleTimeInSeconds` . If the function has multiple work items, the AWS IoT Greengrass Core software creates multiple instances of the function.\n\nDefault: `true`", + "title": "Pinned", + "type": "boolean" + }, + "StatusTimeoutInSeconds": { + "markdownDescription": "The interval in seconds at which a pinned (also known as long-lived) Lambda function component sends status updates to the Lambda manager component.", + "title": "StatusTimeoutInSeconds", + "type": "number" + }, + "TimeoutInSeconds": { + "markdownDescription": "The maximum amount of time in seconds that the Lambda function can process a work item.", + "title": "TimeoutInSeconds", + "type": "number" + } + }, + "type": "object" + }, + "AWS::GreengrassV2::ComponentVersion.LambdaFunctionRecipeSource": { + "additionalProperties": false, + "properties": { + "ComponentDependencies": { "additionalProperties": false, - "properties": { - "CompatibleNamespaceVersion": { - "type": "number" - }, - "Definition": { - "$ref": "#/definitions/AWS::IoTThingsGraph::FlowTemplate.DefinitionDocument" + "markdownDescription": "The component versions on which this Lambda function component depends.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.ComponentDependencyRequirement" } }, - "required": [ - "Definition" - ], + "title": "ComponentDependencies", "type": "object" }, - "Type": { - "enum": [ - "AWS::IoTThingsGraph::FlowTemplate" - ], + "ComponentLambdaParameters": { + "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaExecutionParameters", + "markdownDescription": "The system and runtime parameters for the Lambda function as it runs on the AWS IoT Greengrass core device.", + "title": "ComponentLambdaParameters" + }, + "ComponentName": { + "markdownDescription": "The name of the component.\n\nDefaults to the name of the Lambda function.", + "title": "ComponentName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ComponentPlatforms": { + "items": { + "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.ComponentPlatform" + }, + "markdownDescription": "The platforms that the component version supports.", + "title": "ComponentPlatforms", + "type": "array" + }, + "ComponentVersion": { + "markdownDescription": "The version of the component.\n\nDefaults to the version of the Lambda function as a semantic version. For example, if your function version is `3` , the component version becomes `3.0.0` .", + "title": "ComponentVersion", + "type": "string" + }, + "LambdaArn": { + "markdownDescription": "The ARN of the Lambda function. The ARN must include the version of the function to import. You can't use version aliases like `$LATEST` .", + "title": "LambdaArn", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::IoTThingsGraph::FlowTemplate.DefinitionDocument": { + "AWS::GreengrassV2::ComponentVersion.LambdaLinuxProcessParams": { "additionalProperties": false, "properties": { - "Language": { + "ContainerParams": { + "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaContainerParams", + "markdownDescription": "The parameters for the container in which the Lambda function runs.", + "title": "ContainerParams" + }, + "IsolationMode": { + "markdownDescription": "The isolation mode for the process that contains the Lambda function. The process can run in an isolated runtime environment inside the AWS IoT Greengrass container, or as a regular process outside any container.\n\nDefault: `GreengrassContainer`", + "title": "IsolationMode", "type": "string" + } + }, + "type": "object" + }, + "AWS::GreengrassV2::ComponentVersion.LambdaVolumeMount": { + "additionalProperties": false, + "properties": { + "AddGroupOwner": { + "markdownDescription": "Whether or not to add the AWS IoT Greengrass user group as an owner of the volume.\n\nDefault: `false`", + "title": "AddGroupOwner", + "type": "boolean" }, - "Text": { + "DestinationPath": { + "markdownDescription": "The path to the logical volume in the file system.", + "title": "DestinationPath", + "type": "string" + }, + "Permission": { + "markdownDescription": "The permission to access the volume: read/only ( `ro` ) or read/write ( `rw` ).\n\nDefault: `ro`", + "title": "Permission", + "type": "string" + }, + "SourcePath": { + "markdownDescription": "The path to the physical volume in the file system.", + "title": "SourcePath", "type": "string" } }, - "required": [ - "Language", - "Text" - ], "type": "object" }, - "AWS::IoTTwinMaker::ComponentType": { + "AWS::GreengrassV2::Deployment": { "additionalProperties": false, "properties": { "Condition": { @@ -130482,76 +135950,40 @@ "Properties": { "additionalProperties": false, "properties": { - "ComponentTypeId": { - "markdownDescription": "The ID of the component type.", - "title": "ComponentTypeId", - "type": "string" - }, - "CompositeComponentTypes": { + "Components": { "additionalProperties": false, - "markdownDescription": "Maps strings to `compositeComponentTypes` of the `componentType` . `CompositeComponentType` is referenced by `componentTypeId` .", + "markdownDescription": "The components to deploy. This is a dictionary, where each key is the name of a component, and each key's value is the version and configuration to deploy for that component.", "patternProperties": { "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.CompositeComponentType" + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.ComponentDeploymentSpecification" } }, - "title": "CompositeComponentTypes", + "title": "Components", "type": "object" }, - "Description": { - "markdownDescription": "The description of the component type.", - "title": "Description", + "DeploymentName": { + "markdownDescription": "The name of the deployment.", + "title": "DeploymentName", "type": "string" }, - "ExtendsFrom": { - "items": { - "type": "string" - }, - "markdownDescription": "The name of the parent component type that this component type extends.", - "title": "ExtendsFrom", - "type": "array" - }, - "Functions": { - "additionalProperties": false, - "markdownDescription": "An object that maps strings to the functions in the component type. Each string in the mapping must be unique to this object.\n\nFor information on the FunctionResponse object see the [FunctionResponse](https://docs.aws.amazon.com//iot-twinmaker/latest/apireference/API_FunctionResponse.html) API reference.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.Function" - } - }, - "title": "Functions", - "type": "object" - }, - "IsSingleton": { - "markdownDescription": "A boolean value that specifies whether an entity can have more than one component of this type.", - "title": "IsSingleton", - "type": "boolean" + "DeploymentPolicies": { + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.DeploymentPolicies", + "markdownDescription": "The deployment policies for the deployment. These policies define how the deployment updates components and handles failure.", + "title": "DeploymentPolicies" }, - "PropertyDefinitions": { - "additionalProperties": false, - "markdownDescription": "An object that maps strings to the property definitions in the component type. Each string in the mapping must be unique to this object.\n\nFor information about the PropertyDefinitionResponse object, see the [PropertyDefinitionResponse](https://docs.aws.amazon.com//iot-twinmaker/latest/apireference/API_PropertyDefinitionResponse.html) API reference.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.PropertyDefinition" - } - }, - "title": "PropertyDefinitions", - "type": "object" + "IotJobConfiguration": { + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.DeploymentIoTJobConfiguration", + "markdownDescription": "The job configuration for the deployment configuration. The job configuration specifies the rollout, timeout, and stop configurations for the deployment configuration.", + "title": "IotJobConfiguration" }, - "PropertyGroups": { - "additionalProperties": false, - "markdownDescription": "An object that maps strings to the property groups in the component type. Each string in the mapping must be unique to this object.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.PropertyGroup" - } - }, - "title": "PropertyGroups", - "type": "object" + "ParentTargetArn": { + "markdownDescription": "The parent deployment's [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) for a subdeployment.", + "title": "ParentTargetArn", + "type": "string" }, "Tags": { "additionalProperties": true, - "markdownDescription": "The ComponentType tags.", + "markdownDescription": "Application-specific metadata to attach to the deployment. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tag your AWS IoT Greengrass Version 2 resources](https://docs.aws.amazon.com/greengrass/v2/developerguide/tag-resources.html) in the *AWS IoT Greengrass V2 Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" @@ -130560,21 +135992,20 @@ "title": "Tags", "type": "object" }, - "WorkspaceId": { - "markdownDescription": "The ID of the workspace that contains the component type.", - "title": "WorkspaceId", + "TargetArn": { + "markdownDescription": "The ARN of the target AWS IoT thing or thing group.", + "title": "TargetArn", "type": "string" } }, "required": [ - "ComponentTypeId", - "WorkspaceId" + "TargetArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTTwinMaker::ComponentType" + "AWS::GreengrassV2::Deployment" ], "type": "string" }, @@ -130593,299 +136024,271 @@ ], "type": "object" }, - "AWS::IoTTwinMaker::ComponentType.CompositeComponentType": { + "AWS::GreengrassV2::Deployment.ComponentConfigurationUpdate": { "additionalProperties": false, "properties": { - "ComponentTypeId": { - "markdownDescription": "The ID of the component type.", - "title": "ComponentTypeId", + "Merge": { + "markdownDescription": "A serialized JSON string that contains the configuration object to merge to target devices. The core device merges this configuration with the component's existing configuration. If this is the first time a component deploys on a device, the core device merges this configuration with the component's default configuration. This means that the core device keeps it's existing configuration for keys and values that you don't specify in this object. For more information, see [Merge configuration updates](https://docs.aws.amazon.com/greengrass/v2/developerguide/update-component-configurations.html#merge-configuration-update) in the *AWS IoT Greengrass V2 Developer Guide* .", + "title": "Merge", "type": "string" + }, + "Reset": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of configuration nodes to reset to default values on target devices. Use JSON pointers to specify each node to reset. JSON pointers start with a forward slash ( `/` ) and use forward slashes to separate the key for each level in the object. For more information, see the [JSON pointer specification](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) and [Reset configuration updates](https://docs.aws.amazon.com/greengrass/v2/developerguide/update-component-configurations.html#reset-configuration-update) in the *AWS IoT Greengrass V2 Developer Guide* .", + "title": "Reset", + "type": "array" } }, "type": "object" }, - "AWS::IoTTwinMaker::ComponentType.DataConnector": { + "AWS::GreengrassV2::Deployment.ComponentDeploymentSpecification": { "additionalProperties": false, "properties": { - "IsNative": { - "markdownDescription": "A boolean value that specifies whether the data connector is native to IoT TwinMaker.", - "title": "IsNative", - "type": "boolean" + "ComponentVersion": { + "markdownDescription": "The version of the component.", + "title": "ComponentVersion", + "type": "string" }, - "Lambda": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.LambdaFunction", - "markdownDescription": "The Lambda function associated with the data connector.", - "title": "Lambda" + "ConfigurationUpdate": { + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.ComponentConfigurationUpdate", + "markdownDescription": "The configuration updates to deploy for the component. You can define reset updates and merge updates. A reset updates the keys that you specify to the default configuration for the component. A merge updates the core device's component configuration with the keys and values that you specify. The AWS IoT Greengrass Core software applies reset updates before it applies merge updates. For more information, see [Update component configuration](https://docs.aws.amazon.com/greengrass/v2/developerguide/update-component-configurations.html) .", + "title": "ConfigurationUpdate" + }, + "RunWith": { + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.ComponentRunWith", + "markdownDescription": "The system user and group that the software uses to run component processes on the core device. If you omit this parameter, the software uses the system user and group that you configure for the core device. For more information, see [Configure the user and group that run components](https://docs.aws.amazon.com/greengrass/v2/developerguide/configure-greengrass-core-v2.html#configure-component-user) in the *AWS IoT Greengrass V2 Developer Guide* .", + "title": "RunWith" } }, "type": "object" }, - "AWS::IoTTwinMaker::ComponentType.DataType": { + "AWS::GreengrassV2::Deployment.ComponentRunWith": { "additionalProperties": false, "properties": { - "AllowedValues": { - "items": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataValue" - }, - "markdownDescription": "The allowed values for this data type.", - "title": "AllowedValues", - "type": "array" - }, - "NestedType": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataType", - "markdownDescription": "The nested type in the data type.", - "title": "NestedType" - }, - "Relationship": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.Relationship", - "markdownDescription": "A relationship that associates a component with another component.", - "title": "Relationship" - }, - "Type": { - "markdownDescription": "The underlying type of the data type.\n\nValid Values: `RELATIONSHIP | STRING | LONG | BOOLEAN | INTEGER | DOUBLE | LIST | MAP`", - "title": "Type", + "PosixUser": { + "markdownDescription": "The POSIX system user and (optional) group to use to run this component. Specify the user and group separated by a colon ( `:` ) in the following format: `user:group` . The group is optional. If you don't specify a group, the AWS IoT Greengrass Core software uses the primary user for the group.", + "title": "PosixUser", "type": "string" }, - "UnitOfMeasure": { - "markdownDescription": "The unit of measure used in this data type.", - "title": "UnitOfMeasure", + "SystemResourceLimits": { + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.SystemResourceLimits", + "markdownDescription": "The system resource limits to apply to this component's process on the core device. AWS IoT Greengrass supports this feature only on Linux core devices.\n\nIf you omit this parameter, the AWS IoT Greengrass Core software uses the default system resource limits that you configure on the AWS IoT Greengrass nucleus component. For more information, see [Configure system resource limits for components](https://docs.aws.amazon.com/greengrass/v2/developerguide/configure-greengrass-core-v2.html#configure-component-system-resource-limits) .", + "title": "SystemResourceLimits" + }, + "WindowsUser": { + "markdownDescription": "The Windows user to use to run this component on Windows core devices. The user must exist on each Windows core device, and its name and password must be in the LocalSystem account's Credentials Manager instance.\n\nIf you omit this parameter, the AWS IoT Greengrass Core software uses the default Windows user that you configure on the AWS IoT Greengrass nucleus component. For more information, see [Configure the user and group that run components](https://docs.aws.amazon.com/greengrass/v2/developerguide/configure-greengrass-core-v2.html#configure-component-user) .", + "title": "WindowsUser", "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::IoTTwinMaker::ComponentType.DataValue": { + "AWS::GreengrassV2::Deployment.DeploymentComponentUpdatePolicy": { "additionalProperties": false, "properties": { - "BooleanValue": { - "markdownDescription": "A boolean value.", - "title": "BooleanValue", - "type": "boolean" - }, - "DoubleValue": { - "markdownDescription": "A double value.", - "title": "DoubleValue", - "type": "number" - }, - "Expression": { - "markdownDescription": "An expression that produces the value.", - "title": "Expression", + "Action": { + "markdownDescription": "Whether or not to notify components and wait for components to become safe to update. Choose from the following options:\n\n- `NOTIFY_COMPONENTS` \u2013 The deployment notifies each component before it stops and updates that component. Components can use the [SubscribeToComponentUpdates](https://docs.aws.amazon.com/greengrass/v2/developerguide/interprocess-communication.html#ipc-operation-subscribetocomponentupdates) IPC operation to receive these notifications. Then, components can respond with the [DeferComponentUpdate](https://docs.aws.amazon.com/greengrass/v2/developerguide/interprocess-communication.html#ipc-operation-defercomponentupdate) IPC operation. For more information, see the [Create deployments](https://docs.aws.amazon.com/greengrass/v2/developerguide/create-deployments.html) in the *AWS IoT Greengrass V2 Developer Guide* .\n- `SKIP_NOTIFY_COMPONENTS` \u2013 The deployment doesn't notify components or wait for them to be safe to update.\n\nDefault: `NOTIFY_COMPONENTS`", + "title": "Action", "type": "string" }, - "IntegerValue": { - "markdownDescription": "An integer value.", - "title": "IntegerValue", + "TimeoutInSeconds": { + "markdownDescription": "The amount of time in seconds that each component on a device has to report that it's safe to update. If the component waits for longer than this timeout, then the deployment proceeds on the device.\n\nDefault: `60`", + "title": "TimeoutInSeconds", "type": "number" - }, - "ListValue": { - "items": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataValue" - }, - "markdownDescription": "A list of multiple values.", - "title": "ListValue", - "type": "array" - }, - "LongValue": { - "markdownDescription": "A long value.", - "title": "LongValue", + } + }, + "type": "object" + }, + "AWS::GreengrassV2::Deployment.DeploymentConfigurationValidationPolicy": { + "additionalProperties": false, + "properties": { + "TimeoutInSeconds": { + "markdownDescription": "The amount of time in seconds that a component can validate its configuration updates. If the validation time exceeds this timeout, then the deployment proceeds for the device.\n\nDefault: `30`", + "title": "TimeoutInSeconds", "type": "number" + } + }, + "type": "object" + }, + "AWS::GreengrassV2::Deployment.DeploymentIoTJobConfiguration": { + "additionalProperties": false, + "properties": { + "AbortConfig": { + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.IoTJobAbortConfig", + "markdownDescription": "The stop configuration for the job. This configuration defines when and how to stop a job rollout.", + "title": "AbortConfig" }, - "MapValue": { - "additionalProperties": false, - "markdownDescription": "An object that maps strings to multiple `DataValue` objects.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataValue" - } - }, - "title": "MapValue", - "type": "object" - }, - "RelationshipValue": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.RelationshipValue", - "markdownDescription": "A value that relates a component to another component.", - "title": "RelationshipValue" + "JobExecutionsRolloutConfig": { + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.IoTJobExecutionsRolloutConfig", + "markdownDescription": "The rollout configuration for the job. This configuration defines the rate at which the job rolls out to the fleet of target devices.", + "title": "JobExecutionsRolloutConfig" }, - "StringValue": { - "markdownDescription": "A string value.", - "title": "StringValue", - "type": "string" + "TimeoutConfig": { + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.IoTJobTimeoutConfig", + "markdownDescription": "The timeout configuration for the job. This configuration defines the amount of time each device has to complete the job.", + "title": "TimeoutConfig" } }, "type": "object" }, - "AWS::IoTTwinMaker::ComponentType.Error": { + "AWS::GreengrassV2::Deployment.DeploymentPolicies": { "additionalProperties": false, "properties": { - "Code": { - "markdownDescription": "The component type error code.", - "title": "Code", - "type": "string" + "ComponentUpdatePolicy": { + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.DeploymentComponentUpdatePolicy", + "markdownDescription": "The component update policy for the configuration deployment. This policy defines when it's safe to deploy the configuration to devices.", + "title": "ComponentUpdatePolicy" }, - "Message": { - "markdownDescription": "The component type error message.", - "title": "Message", + "ConfigurationValidationPolicy": { + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.DeploymentConfigurationValidationPolicy", + "markdownDescription": "The configuration validation policy for the configuration deployment. This policy defines how long each component has to validate its configure updates.", + "title": "ConfigurationValidationPolicy" + }, + "FailureHandlingPolicy": { + "markdownDescription": "The failure handling policy for the configuration deployment. This policy defines what to do if the deployment fails.\n\nDefault: `ROLLBACK`", + "title": "FailureHandlingPolicy", "type": "string" } }, "type": "object" }, - "AWS::IoTTwinMaker::ComponentType.Function": { + "AWS::GreengrassV2::Deployment.IoTJobAbortConfig": { "additionalProperties": false, "properties": { - "ImplementedBy": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataConnector", - "markdownDescription": "The data connector.", - "title": "ImplementedBy" - }, - "RequiredProperties": { + "CriteriaList": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.IoTJobAbortCriteria" }, - "markdownDescription": "The required properties of the function.", - "title": "RequiredProperties", + "markdownDescription": "The list of criteria that define when and how to cancel the configuration deployment.", + "title": "CriteriaList", "type": "array" - }, - "Scope": { - "markdownDescription": "The scope of the function.", - "title": "Scope", - "type": "string" } }, + "required": [ + "CriteriaList" + ], "type": "object" }, - "AWS::IoTTwinMaker::ComponentType.LambdaFunction": { + "AWS::GreengrassV2::Deployment.IoTJobAbortCriteria": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Lambda function ARN.", - "title": "Arn", + "Action": { + "markdownDescription": "The action to perform when the criteria are met.", + "title": "Action", + "type": "string" + }, + "FailureType": { + "markdownDescription": "The type of job deployment failure that can cancel a job.", + "title": "FailureType", "type": "string" + }, + "MinNumberOfExecutedThings": { + "markdownDescription": "The minimum number of things that receive the configuration before the job can cancel.", + "title": "MinNumberOfExecutedThings", + "type": "number" + }, + "ThresholdPercentage": { + "markdownDescription": "The minimum percentage of `failureType` failures that occur before the job can cancel.\n\nThis parameter supports up to two digits after the decimal (for example, you can specify `10.9` or `10.99` , but not `10.999` ).", + "title": "ThresholdPercentage", + "type": "number" } }, "required": [ - "Arn" + "Action", + "FailureType", + "MinNumberOfExecutedThings", + "ThresholdPercentage" ], "type": "object" }, - "AWS::IoTTwinMaker::ComponentType.PropertyDefinition": { + "AWS::GreengrassV2::Deployment.IoTJobExecutionsRolloutConfig": { "additionalProperties": false, "properties": { - "Configurations": { - "additionalProperties": true, - "markdownDescription": "A mapping that specifies configuration information about the property.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Configurations", - "type": "object" - }, - "DataType": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataType", - "markdownDescription": "", - "title": "DataType" - }, - "DefaultValue": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataValue", - "markdownDescription": "A boolean value that specifies whether the property ID comes from an external data store.", - "title": "DefaultValue" - }, - "IsExternalId": { - "markdownDescription": "A Boolean value that specifies whether the property ID comes from an external data source.", - "title": "IsExternalId", - "type": "boolean" - }, - "IsRequiredInEntity": { - "markdownDescription": "A boolean value that specifies whether the property is required in an entity.", - "title": "IsRequiredInEntity", - "type": "boolean" - }, - "IsStoredExternally": { - "markdownDescription": "A boolean value that specifies whether the property is stored externally.", - "title": "IsStoredExternally", - "type": "boolean" + "ExponentialRate": { + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.IoTJobExponentialRolloutRate", + "markdownDescription": "The exponential rate to increase the job rollout rate.", + "title": "ExponentialRate" }, - "IsTimeSeries": { - "markdownDescription": "A boolean value that specifies whether the property consists of time series data.", - "title": "IsTimeSeries", - "type": "boolean" + "MaximumPerMinute": { + "markdownDescription": "The maximum number of devices that receive a pending job notification, per minute.", + "title": "MaximumPerMinute", + "type": "number" } }, "type": "object" }, - "AWS::IoTTwinMaker::ComponentType.PropertyGroup": { + "AWS::GreengrassV2::Deployment.IoTJobExponentialRolloutRate": { "additionalProperties": false, "properties": { - "GroupType": { - "markdownDescription": "The group type.", - "title": "GroupType", - "type": "string" + "BaseRatePerMinute": { + "markdownDescription": "The minimum number of devices that receive a pending job notification, per minute, when the job starts. This parameter defines the initial rollout rate of the job.", + "title": "BaseRatePerMinute", + "type": "number" }, - "PropertyNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The property names.", - "title": "PropertyNames", - "type": "array" + "IncrementFactor": { + "markdownDescription": "The exponential factor to increase the rollout rate for the job.\n\nThis parameter supports up to one digit after the decimal (for example, you can specify `1.5` , but not `1.55` ).", + "title": "IncrementFactor", + "type": "number" + }, + "RateIncreaseCriteria": { + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.IoTJobRateIncreaseCriteria", + "markdownDescription": "The criteria to increase the rollout rate for the job.", + "title": "RateIncreaseCriteria" } }, + "required": [ + "BaseRatePerMinute", + "IncrementFactor", + "RateIncreaseCriteria" + ], "type": "object" }, - "AWS::IoTTwinMaker::ComponentType.Relationship": { + "AWS::GreengrassV2::Deployment.IoTJobRateIncreaseCriteria": { "additionalProperties": false, "properties": { - "RelationshipType": { - "markdownDescription": "The type of the relationship.", - "title": "RelationshipType", - "type": "string" + "NumberOfNotifiedThings": { + "markdownDescription": "The number of devices to receive the job notification before the rollout rate increases.", + "title": "NumberOfNotifiedThings", + "type": "number" }, - "TargetComponentTypeId": { - "markdownDescription": "The ID of the target component type associated with this relationship.", - "title": "TargetComponentTypeId", - "type": "string" + "NumberOfSucceededThings": { + "markdownDescription": "The number of devices to successfully run the configuration job before the rollout rate increases.", + "title": "NumberOfSucceededThings", + "type": "number" } }, "type": "object" }, - "AWS::IoTTwinMaker::ComponentType.RelationshipValue": { + "AWS::GreengrassV2::Deployment.IoTJobTimeoutConfig": { "additionalProperties": false, "properties": { - "TargetComponentName": { - "markdownDescription": "The target component name.", - "title": "TargetComponentName", - "type": "string" - }, - "TargetEntityId": { - "markdownDescription": "The target entity Id.", - "title": "TargetEntityId", - "type": "string" + "InProgressTimeoutInMinutes": { + "markdownDescription": "The amount of time, in minutes, that devices have to complete the job. The timer starts when the job status is set to `IN_PROGRESS` . If the job status doesn't change to a terminal state before the time expires, then the job status is set to `TIMED_OUT` .\n\nThe timeout interval must be between 1 minute and 7 days (10080 minutes).", + "title": "InProgressTimeoutInMinutes", + "type": "number" } }, "type": "object" }, - "AWS::IoTTwinMaker::ComponentType.Status": { + "AWS::GreengrassV2::Deployment.SystemResourceLimits": { "additionalProperties": false, "properties": { - "Error": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.Error", - "markdownDescription": "The component type error.", - "title": "Error" + "Cpus": { + "markdownDescription": "The maximum amount of CPU time that a component's processes can use on the core device. A core device's total CPU time is equivalent to the device's number of CPU cores. For example, on a core device with 4 CPU cores, you can set this value to 2 to limit the component's processes to 50 percent usage of each CPU core. On a device with 1 CPU core, you can set this value to 0.25 to limit the component's processes to 25 percent usage of the CPU. If you set this value to a number greater than the number of CPU cores, the AWS IoT Greengrass Core software doesn't limit the component's CPU usage.", + "title": "Cpus", + "type": "number" }, - "State": { - "markdownDescription": "The component type status state.", - "title": "State", - "type": "string" + "Memory": { + "markdownDescription": "The maximum amount of RAM, expressed in kilobytes, that a component's processes can use on the core device. For more information, see [Configure system resource limits for components](https://docs.aws.amazon.com/greengrass/v2/developerguide/configure-greengrass-core-v2.html#configure-component-system-resource-limits) .", + "title": "Memory", + "type": "number" } }, "type": "object" }, - "AWS::IoTTwinMaker::Entity": { + "AWS::GroundStation::Config": { "additionalProperties": false, "properties": { "Condition": { @@ -130920,74 +136323,34 @@ "Properties": { "additionalProperties": false, "properties": { - "Components": { - "additionalProperties": false, - "markdownDescription": "An object that maps strings to the components in the entity. Each string in the mapping must be unique to this object.\n\nFor information on the component object see the [component](https://docs.aws.amazon.com//iot-twinmaker/latest/apireference/API_ComponentResponse.html) API reference.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Component" - } - }, - "title": "Components", - "type": "object" - }, - "CompositeComponents": { - "additionalProperties": false, - "markdownDescription": "Maps string to `compositeComponent` updates in the request. Each key of the map represents the `componentPath` of the `compositeComponent` .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.CompositeComponent" - } - }, - "title": "CompositeComponents", - "type": "object" - }, - "Description": { - "markdownDescription": "The description of the entity.", - "title": "Description", - "type": "string" - }, - "EntityId": { - "markdownDescription": "The ID of the entity.", - "title": "EntityId", - "type": "string" - }, - "EntityName": { - "markdownDescription": "The entity name.", - "title": "EntityName", - "type": "string" + "ConfigData": { + "$ref": "#/definitions/AWS::GroundStation::Config.ConfigData", + "markdownDescription": "Object containing the parameters of a config. Only one subtype may be specified per config. See the subtype definitions for a description of each config subtype.", + "title": "ConfigData" }, - "ParentEntityId": { - "markdownDescription": "The ID of the parent entity.", - "title": "ParentEntityId", + "Name": { + "markdownDescription": "The name of the config object.", + "title": "Name", "type": "string" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "Metadata that you can use to manage the entity.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "Tags assigned to a resource.", "title": "Tags", - "type": "object" - }, - "WorkspaceId": { - "markdownDescription": "The ID of the workspace that contains the entity.", - "title": "WorkspaceId", - "type": "string" + "type": "array" } }, "required": [ - "EntityName", - "WorkspaceId" + "ConfigData", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTTwinMaker::Entity" + "AWS::GroundStation::Config" ], "type": "string" }, @@ -131006,368 +136369,272 @@ ], "type": "object" }, - "AWS::IoTTwinMaker::Entity.Component": { + "AWS::GroundStation::Config.AntennaDownlinkConfig": { "additionalProperties": false, "properties": { - "ComponentName": { - "markdownDescription": "The name of the component.", - "title": "ComponentName", - "type": "string" - }, - "ComponentTypeId": { - "markdownDescription": "The ID of the component type.", - "title": "ComponentTypeId", - "type": "string" - }, - "DefinedIn": { - "markdownDescription": "The name of the property definition set in the request.", - "title": "DefinedIn", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the component.", - "title": "Description", - "type": "string" - }, - "Properties": { - "additionalProperties": false, - "markdownDescription": "An object that maps strings to the properties to set in the component type. Each string in the mapping must be unique to this object.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Property" - } - }, - "title": "Properties", - "type": "object" - }, - "PropertyGroups": { - "additionalProperties": false, - "markdownDescription": "An object that maps strings to the property groups in the component type. Each string in the mapping must be unique to this object.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.PropertyGroup" - } - }, - "title": "PropertyGroups", - "type": "object" - }, - "Status": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Status", - "markdownDescription": "The status of the component.", - "title": "Status" + "SpectrumConfig": { + "$ref": "#/definitions/AWS::GroundStation::Config.SpectrumConfig", + "markdownDescription": "Defines the spectrum configuration.", + "title": "SpectrumConfig" } }, "type": "object" }, - "AWS::IoTTwinMaker::Entity.CompositeComponent": { + "AWS::GroundStation::Config.AntennaDownlinkDemodDecodeConfig": { "additionalProperties": false, "properties": { - "ComponentName": { - "markdownDescription": "The name of the component.", - "title": "ComponentName", - "type": "string" - }, - "ComponentPath": { - "markdownDescription": "The path to the composite component, starting from the top-level component.", - "title": "ComponentPath", - "type": "string" - }, - "ComponentTypeId": { - "markdownDescription": "The ID of the composite component type.", - "title": "ComponentTypeId", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the component type.", - "title": "Description", - "type": "string" - }, - "Properties": { - "additionalProperties": false, - "markdownDescription": "Map of strings to the properties in the component type. Each string in the mapping must be unique to this component.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Property" - } - }, - "title": "Properties", - "type": "object" + "DecodeConfig": { + "$ref": "#/definitions/AWS::GroundStation::Config.DecodeConfig", + "markdownDescription": "Defines how the RF signal will be decoded.", + "title": "DecodeConfig" }, - "PropertyGroups": { - "additionalProperties": false, - "markdownDescription": "The property groups.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.PropertyGroup" - } - }, - "title": "PropertyGroups", - "type": "object" + "DemodulationConfig": { + "$ref": "#/definitions/AWS::GroundStation::Config.DemodulationConfig", + "markdownDescription": "Defines how the RF signal will be demodulated.", + "title": "DemodulationConfig" }, - "Status": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Status", - "markdownDescription": "The current status of the composite component.", - "title": "Status" + "SpectrumConfig": { + "$ref": "#/definitions/AWS::GroundStation::Config.SpectrumConfig", + "markdownDescription": "Defines the spectrum configuration.", + "title": "SpectrumConfig" } }, "type": "object" }, - "AWS::IoTTwinMaker::Entity.DataType": { + "AWS::GroundStation::Config.AntennaUplinkConfig": { "additionalProperties": false, "properties": { - "AllowedValues": { - "items": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataValue" - }, - "markdownDescription": "The allowed values.", - "title": "AllowedValues", - "type": "array" - }, - "NestedType": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataType", - "markdownDescription": "The nested type.", - "title": "NestedType" - }, - "Relationship": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Relationship", - "markdownDescription": "The relationship.", - "title": "Relationship" + "SpectrumConfig": { + "$ref": "#/definitions/AWS::GroundStation::Config.UplinkSpectrumConfig", + "markdownDescription": "Defines the spectrum configuration.", + "title": "SpectrumConfig" }, - "Type": { - "markdownDescription": "The entity type.", - "title": "Type", - "type": "string" + "TargetEirp": { + "$ref": "#/definitions/AWS::GroundStation::Config.Eirp", + "markdownDescription": "The equivalent isotropically radiated power (EIRP) to use for uplink transmissions. Valid values are between 20.0 to 50.0 dBW.", + "title": "TargetEirp" }, - "UnitOfMeasure": { - "markdownDescription": "The unit of measure.", - "title": "UnitOfMeasure", - "type": "string" + "TransmitDisabled": { + "markdownDescription": "Whether or not uplink transmit is disabled.", + "title": "TransmitDisabled", + "type": "boolean" } }, "type": "object" }, - "AWS::IoTTwinMaker::Entity.DataValue": { + "AWS::GroundStation::Config.ConfigData": { "additionalProperties": false, "properties": { - "BooleanValue": { - "markdownDescription": "A boolean value.", - "title": "BooleanValue", - "type": "boolean" - }, - "DoubleValue": { - "markdownDescription": "A double value.", - "title": "DoubleValue", - "type": "number" + "AntennaDownlinkConfig": { + "$ref": "#/definitions/AWS::GroundStation::Config.AntennaDownlinkConfig", + "markdownDescription": "Provides information for an antenna downlink config object. Antenna downlink config objects are used to provide parameters for downlinks where no demodulation or decoding is performed by Ground Station (RF over IP downlinks).", + "title": "AntennaDownlinkConfig" }, - "Expression": { - "markdownDescription": "An expression that produces the value.", - "title": "Expression", - "type": "string" + "AntennaDownlinkDemodDecodeConfig": { + "$ref": "#/definitions/AWS::GroundStation::Config.AntennaDownlinkDemodDecodeConfig", + "markdownDescription": "Provides information for a downlink demod decode config object. Downlink demod decode config objects are used to provide parameters for downlinks where the Ground Station service will demodulate and decode the downlinked data.", + "title": "AntennaDownlinkDemodDecodeConfig" }, - "IntegerValue": { - "markdownDescription": "An integer value.", - "title": "IntegerValue", - "type": "number" + "AntennaUplinkConfig": { + "$ref": "#/definitions/AWS::GroundStation::Config.AntennaUplinkConfig", + "markdownDescription": "Provides information for an uplink config object. Uplink config objects are used to provide parameters for uplink contacts.", + "title": "AntennaUplinkConfig" }, - "ListValue": { - "items": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataValue" - }, - "markdownDescription": "A list of multiple values.", - "title": "ListValue", - "type": "array" + "DataflowEndpointConfig": { + "$ref": "#/definitions/AWS::GroundStation::Config.DataflowEndpointConfig", + "markdownDescription": "Provides information for a dataflow endpoint config object. Dataflow endpoint config objects are used to provide parameters about which IP endpoint(s) to use during a contact. Dataflow endpoints are where Ground Station sends data during a downlink contact and where Ground Station receives data to send to the satellite during an uplink contact.", + "title": "DataflowEndpointConfig" }, - "LongValue": { - "markdownDescription": "A long value.", - "title": "LongValue", - "type": "number" + "S3RecordingConfig": { + "$ref": "#/definitions/AWS::GroundStation::Config.S3RecordingConfig", + "markdownDescription": "Provides information for an S3 recording config object. S3 recording config objects are used to provide parameters for S3 recording during downlink contacts.", + "title": "S3RecordingConfig" }, - "MapValue": { - "additionalProperties": false, - "markdownDescription": "An object that maps strings to multiple DataValue objects.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataValue" - } - }, - "title": "MapValue", - "type": "object" + "TrackingConfig": { + "$ref": "#/definitions/AWS::GroundStation::Config.TrackingConfig", + "markdownDescription": "Provides information for a tracking config object. Tracking config objects are used to provide parameters about how to track the satellite through the sky during a contact.", + "title": "TrackingConfig" }, - "RelationshipValue": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.RelationshipValue", - "markdownDescription": "A value that relates a component to another component.", - "title": "RelationshipValue" + "UplinkEchoConfig": { + "$ref": "#/definitions/AWS::GroundStation::Config.UplinkEchoConfig", + "markdownDescription": "Provides information for an uplink echo config object. Uplink echo config objects are used to provide parameters for uplink echo during uplink contacts.", + "title": "UplinkEchoConfig" + } + }, + "type": "object" + }, + "AWS::GroundStation::Config.DataflowEndpointConfig": { + "additionalProperties": false, + "properties": { + "DataflowEndpointName": { + "markdownDescription": "The name of the dataflow endpoint to use during contacts.", + "title": "DataflowEndpointName", + "type": "string" }, - "StringValue": { - "markdownDescription": "A string value.", - "title": "StringValue", + "DataflowEndpointRegion": { + "markdownDescription": "The region of the dataflow endpoint to use during contacts. When omitted, Ground Station will use the region of the contact.", + "title": "DataflowEndpointRegion", "type": "string" } }, "type": "object" }, - "AWS::IoTTwinMaker::Entity.Definition": { + "AWS::GroundStation::Config.DecodeConfig": { "additionalProperties": false, "properties": { - "Configuration": { - "additionalProperties": true, - "markdownDescription": "The configuration.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Configuration", - "type": "object" - }, - "DataType": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataType", - "markdownDescription": "The data type", - "title": "DataType" - }, - "DefaultValue": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataValue", - "markdownDescription": "The default value.", - "title": "DefaultValue" - }, - "IsExternalId": { - "markdownDescription": "Displays if the entity has a external Id.", - "title": "IsExternalId", - "type": "boolean" - }, - "IsFinal": { - "markdownDescription": "Displays if the entity is final.", - "title": "IsFinal", - "type": "boolean" - }, - "IsImported": { - "markdownDescription": "Displays if the entity is imported.", - "title": "IsImported", - "type": "boolean" - }, - "IsInherited": { - "markdownDescription": "Displays if the entity is inherited.", - "title": "IsInherited", - "type": "boolean" - }, - "IsRequiredInEntity": { - "markdownDescription": "Displays if the entity is a required entity.", - "title": "IsRequiredInEntity", - "type": "boolean" - }, - "IsStoredExternally": { - "markdownDescription": "Displays if the entity is tored externally.", - "title": "IsStoredExternally", - "type": "boolean" - }, - "IsTimeSeries": { - "markdownDescription": "Displays if the entity", - "title": "IsTimeSeries", - "type": "boolean" + "UnvalidatedJSON": { + "markdownDescription": "The decoding settings are in JSON format and define a set of steps to perform to decode the data.", + "title": "UnvalidatedJSON", + "type": "string" } }, "type": "object" }, - "AWS::IoTTwinMaker::Entity.Error": { + "AWS::GroundStation::Config.DemodulationConfig": { "additionalProperties": false, "properties": { - "Code": { - "markdownDescription": "The entity error code.", - "title": "Code", + "UnvalidatedJSON": { + "markdownDescription": "The demodulation settings are in JSON format and define parameters for demodulation, for example which modulation scheme (e.g. PSK, QPSK, etc.) and matched filter to use.", + "title": "UnvalidatedJSON", "type": "string" - }, - "Message": { - "markdownDescription": "The entity error message.", - "title": "Message", + } + }, + "type": "object" + }, + "AWS::GroundStation::Config.Eirp": { + "additionalProperties": false, + "properties": { + "Units": { + "markdownDescription": "The units of the EIRP.", + "title": "Units", "type": "string" + }, + "Value": { + "markdownDescription": "The value of the EIRP. Valid values are between 20.0 to 50.0 dBW.", + "title": "Value", + "type": "number" } }, "type": "object" }, - "AWS::IoTTwinMaker::Entity.Property": { + "AWS::GroundStation::Config.Frequency": { "additionalProperties": false, "properties": { - "Definition": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Definition", - "markdownDescription": "An object that specifies information about a property.", - "title": "Definition" + "Units": { + "markdownDescription": "The units of the frequency.", + "title": "Units", + "type": "string" }, "Value": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataValue", - "markdownDescription": "An object that contains information about a value for a time series property.", - "title": "Value" + "markdownDescription": "The value of the frequency. Valid values are between 2200 to 2300 MHz and 7750 to 8400 MHz for downlink and 2025 to 2120 MHz for uplink.", + "title": "Value", + "type": "number" } }, "type": "object" }, - "AWS::IoTTwinMaker::Entity.PropertyGroup": { + "AWS::GroundStation::Config.FrequencyBandwidth": { "additionalProperties": false, "properties": { - "GroupType": { - "markdownDescription": "The group type.", - "title": "GroupType", + "Units": { + "markdownDescription": "The units of the bandwidth.", + "title": "Units", "type": "string" }, - "PropertyNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The property names.", - "title": "PropertyNames", - "type": "array" + "Value": { + "markdownDescription": "The value of the bandwidth. AWS Ground Station currently has the following bandwidth limitations: \n\n- For `AntennaDownlinkDemodDecodeconfig` , valid values are between 125 kHz to 650 MHz.\n- For `AntennaDownlinkconfig` , valid values are between 10 kHz to 54 MHz.\n- For `AntennaUplinkConfig` , valid values are between 10 kHz to 54 MHz.", + "title": "Value", + "type": "number" } }, "type": "object" }, - "AWS::IoTTwinMaker::Entity.Relationship": { + "AWS::GroundStation::Config.S3RecordingConfig": { "additionalProperties": false, "properties": { - "RelationshipType": { - "markdownDescription": "The relationship type.", - "title": "RelationshipType", + "BucketArn": { + "markdownDescription": "S3 Bucket where the data is written. The name of the S3 Bucket provided must begin with `aws-groundstation` .", + "title": "BucketArn", "type": "string" }, - "TargetComponentTypeId": { - "markdownDescription": "the component type Id target.", - "title": "TargetComponentTypeId", + "Prefix": { + "markdownDescription": "The prefix of the S3 data object. If you choose to use any optional keys for substitution, these values will be replaced with the corresponding information from your contact details. For example, a prefix of `{satellite_id}/{year}/{month}/{day}/` will replaced with `fake_satellite_id/2021/01/10/`\n\n*Optional keys for substitution* : `{satellite_id}` | `{config-name}` | `{config-id}` | `{year}` | `{month}` | `{day}`", + "title": "Prefix", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "Defines the ARN of the role assumed for putting archives to S3.", + "title": "RoleArn", "type": "string" } }, "type": "object" }, - "AWS::IoTTwinMaker::Entity.RelationshipValue": { + "AWS::GroundStation::Config.SpectrumConfig": { "additionalProperties": false, "properties": { - "TargetComponentName": { - "markdownDescription": "The target component name.", - "title": "TargetComponentName", - "type": "string" + "Bandwidth": { + "$ref": "#/definitions/AWS::GroundStation::Config.FrequencyBandwidth", + "markdownDescription": "The bandwidth of the spectrum. AWS Ground Station currently has the following bandwidth limitations: \n\n- For `AntennaDownlinkDemodDecodeconfig` , valid values are between 125 kHz to 650 MHz.\n- For `AntennaDownlinkconfig` , valid values are between 10 kHz to 54 MHz.\n- For `AntennaUplinkConfig` , valid values are between 10 kHz to 54 MHz.", + "title": "Bandwidth" }, - "TargetEntityId": { - "markdownDescription": "The target entity Id.", - "title": "TargetEntityId", + "CenterFrequency": { + "$ref": "#/definitions/AWS::GroundStation::Config.Frequency", + "markdownDescription": "The center frequency of the spectrum. Valid values are between 2200 to 2300 MHz and 7750 to 8400 MHz for downlink and 2025 to 2120 MHz for uplink.", + "title": "CenterFrequency" + }, + "Polarization": { + "markdownDescription": "The polarization of the spectrum. Valid values are `\"RIGHT_HAND\"` and `\"LEFT_HAND\"` . Capturing both `\"RIGHT_HAND\"` and `\"LEFT_HAND\"` polarization requires two separate configs.", + "title": "Polarization", "type": "string" } }, "type": "object" }, - "AWS::IoTTwinMaker::Entity.Status": { + "AWS::GroundStation::Config.TrackingConfig": { "additionalProperties": false, "properties": { - "Error": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Error", - "markdownDescription": "The error message.", - "title": "Error" + "Autotrack": { + "markdownDescription": "Specifies whether or not to use autotrack. `REMOVED` specifies that program track should only be used during the contact. `PREFERRED` specifies that autotracking is preferred during the contact but fallback to program track if the signal is lost. `REQUIRED` specifies that autotracking is required during the contact and not to use program track if the signal is lost.", + "title": "Autotrack", + "type": "string" + } + }, + "type": "object" + }, + "AWS::GroundStation::Config.UplinkEchoConfig": { + "additionalProperties": false, + "properties": { + "AntennaUplinkConfigArn": { + "markdownDescription": "Defines the ARN of the uplink config to echo back to a dataflow endpoint.", + "title": "AntennaUplinkConfigArn", + "type": "string" }, - "State": { - "markdownDescription": "The current state of the entity, component, component type, or workspace.\n\nValid Values: `CREATING | UPDATING | DELETING | ACTIVE | ERROR`", - "title": "State", + "Enabled": { + "markdownDescription": "Whether or not uplink echo is enabled.", + "title": "Enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::GroundStation::Config.UplinkSpectrumConfig": { + "additionalProperties": false, + "properties": { + "CenterFrequency": { + "$ref": "#/definitions/AWS::GroundStation::Config.Frequency", + "markdownDescription": "The center frequency of the spectrum. Valid values are between 2200 to 2300 MHz and 7750 to 8400 MHz for downlink and 2025 to 2120 MHz for uplink.", + "title": "CenterFrequency" + }, + "Polarization": { + "markdownDescription": "The polarization of the spectrum. Valid values are `\"RIGHT_HAND\"` and `\"LEFT_HAND\"` .", + "title": "Polarization", "type": "string" } }, "type": "object" }, - "AWS::IoTTwinMaker::Scene": { + "AWS::GroundStation::DataflowEndpointGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -131402,67 +136669,41 @@ "Properties": { "additionalProperties": false, "properties": { - "Capabilities": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of capabilities that the scene uses to render.", - "title": "Capabilities", - "type": "array" - }, - "ContentLocation": { - "markdownDescription": "The relative path that specifies the location of the content definition file.", - "title": "ContentLocation", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of this scene.", - "title": "Description", - "type": "string" + "ContactPostPassDurationSeconds": { + "markdownDescription": "Amount of time, in seconds, after a contact ends that the Ground Station Dataflow Endpoint Group will be in a `POSTPASS` state. A Ground Station Dataflow Endpoint Group State Change event will be emitted when the Dataflow Endpoint Group enters and exits the `POSTPASS` state.", + "title": "ContactPostPassDurationSeconds", + "type": "number" }, - "SceneId": { - "markdownDescription": "The ID of the scene.", - "title": "SceneId", - "type": "string" + "ContactPrePassDurationSeconds": { + "markdownDescription": "Amount of time, in seconds, before a contact starts that the Ground Station Dataflow Endpoint Group will be in a `PREPASS` state. A Ground Station Dataflow Endpoint Group State Change event will be emitted when the Dataflow Endpoint Group enters and exits the `PREPASS` state.", + "title": "ContactPrePassDurationSeconds", + "type": "number" }, - "SceneMetadata": { - "additionalProperties": true, - "markdownDescription": "The scene metadata.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "EndpointDetails": { + "items": { + "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.EndpointDetails" }, - "title": "SceneMetadata", - "type": "object" + "markdownDescription": "List of Endpoint Details, containing address and port for each endpoint. All dataflow endpoints within a single dataflow endpoint group must be of the same type. You cannot mix AWS Ground Station Agent endpoints with Dataflow endpoints in the same group. If your use case requires both types of endpoints, you must create separate dataflow endpoint groups for each type.", + "title": "EndpointDetails", + "type": "array" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "The ComponentType tags.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "Tags assigned to a resource.", "title": "Tags", - "type": "object" - }, - "WorkspaceId": { - "markdownDescription": "The ID of the workspace.", - "title": "WorkspaceId", - "type": "string" + "type": "array" } }, "required": [ - "ContentLocation", - "SceneId", - "WorkspaceId" + "EndpointDetails" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTTwinMaker::Scene" + "AWS::GroundStation::DataflowEndpointGroup" ], "type": "string" }, @@ -131481,7 +136722,187 @@ ], "type": "object" }, - "AWS::IoTTwinMaker::SyncJob": { + "AWS::GroundStation::DataflowEndpointGroup.AwsGroundStationAgentEndpoint": { + "additionalProperties": false, + "properties": { + "AgentStatus": { + "markdownDescription": "The status of AgentEndpoint.", + "title": "AgentStatus", + "type": "string" + }, + "AuditResults": { + "markdownDescription": "The results of the audit.", + "title": "AuditResults", + "type": "string" + }, + "EgressAddress": { + "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.ConnectionDetails", + "markdownDescription": "The egress address of AgentEndpoint.", + "title": "EgressAddress" + }, + "IngressAddress": { + "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.RangedConnectionDetails", + "markdownDescription": "The ingress address of AgentEndpoint.", + "title": "IngressAddress" + }, + "Name": { + "markdownDescription": "Name string associated with AgentEndpoint. Used as a human-readable identifier for AgentEndpoint.", + "title": "Name", + "type": "string" + } + }, + "type": "object" + }, + "AWS::GroundStation::DataflowEndpointGroup.ConnectionDetails": { + "additionalProperties": false, + "properties": { + "Mtu": { + "markdownDescription": "Maximum transmission unit (MTU) size in bytes of a dataflow endpoint.", + "title": "Mtu", + "type": "number" + }, + "SocketAddress": { + "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.SocketAddress", + "markdownDescription": "A socket address.", + "title": "SocketAddress" + } + }, + "type": "object" + }, + "AWS::GroundStation::DataflowEndpointGroup.DataflowEndpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.SocketAddress", + "markdownDescription": "The address and port of an endpoint.", + "title": "Address" + }, + "Mtu": { + "markdownDescription": "Maximum transmission unit (MTU) size in bytes of a dataflow endpoint. Valid values are between 1400 and 1500. A default value of 1500 is used if not set.", + "title": "Mtu", + "type": "number" + }, + "Name": { + "markdownDescription": "The endpoint name.\n\nWhen listing available contacts for a satellite, Ground Station searches for a dataflow endpoint whose name matches the value specified by the dataflow endpoint config of the selected mission profile. If no matching dataflow endpoints are found then Ground Station will not display any available contacts for the satellite.", + "title": "Name", + "type": "string" + } + }, + "type": "object" + }, + "AWS::GroundStation::DataflowEndpointGroup.EndpointDetails": { + "additionalProperties": false, + "properties": { + "AwsGroundStationAgentEndpoint": { + "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.AwsGroundStationAgentEndpoint", + "markdownDescription": "An agent endpoint.", + "title": "AwsGroundStationAgentEndpoint" + }, + "Endpoint": { + "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.DataflowEndpoint", + "markdownDescription": "Information about the endpoint such as name and the endpoint address.", + "title": "Endpoint" + }, + "SecurityDetails": { + "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.SecurityDetails", + "markdownDescription": "The role ARN, and IDs for security groups and subnets.", + "title": "SecurityDetails" + } + }, + "type": "object" + }, + "AWS::GroundStation::DataflowEndpointGroup.IntegerRange": { + "additionalProperties": false, + "properties": { + "Maximum": { + "markdownDescription": "A maximum value.", + "title": "Maximum", + "type": "number" + }, + "Minimum": { + "markdownDescription": "A minimum value.", + "title": "Minimum", + "type": "number" + } + }, + "type": "object" + }, + "AWS::GroundStation::DataflowEndpointGroup.RangedConnectionDetails": { + "additionalProperties": false, + "properties": { + "Mtu": { + "markdownDescription": "Maximum transmission unit (MTU) size in bytes of a dataflow endpoint.", + "title": "Mtu", + "type": "number" + }, + "SocketAddress": { + "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.RangedSocketAddress", + "markdownDescription": "A ranged socket address.", + "title": "SocketAddress" + } + }, + "type": "object" + }, + "AWS::GroundStation::DataflowEndpointGroup.RangedSocketAddress": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "IPv4 socket address.", + "title": "Name", + "type": "string" + }, + "PortRange": { + "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.IntegerRange", + "markdownDescription": "Port range of a socket address.", + "title": "PortRange" + } + }, + "type": "object" + }, + "AWS::GroundStation::DataflowEndpointGroup.SecurityDetails": { + "additionalProperties": false, + "properties": { + "RoleArn": { + "markdownDescription": "The ARN of a role which Ground Station has permission to assume, such as `arn:aws:iam::1234567890:role/DataDeliveryServiceRole` .\n\nGround Station will assume this role and create an ENI in your VPC on the specified subnet upon creation of a dataflow endpoint group. This ENI is used as the ingress/egress point for data streamed during a satellite contact.", + "title": "RoleArn", + "type": "string" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The security group Ids of the security role, such as `sg-1234567890abcdef0` .", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The subnet Ids of the security details, such as `subnet-12345678` .", + "title": "SubnetIds", + "type": "array" + } + }, + "type": "object" + }, + "AWS::GroundStation::DataflowEndpointGroup.SocketAddress": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the endpoint, such as `Endpoint 1` .", + "title": "Name", + "type": "string" + }, + "Port": { + "markdownDescription": "The port of the endpoint, such as `55888` .", + "title": "Port", + "type": "number" + } + }, + "type": "object" + }, + "AWS::GroundStation::MissionProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -131516,43 +136937,69 @@ "Properties": { "additionalProperties": false, "properties": { - "SyncRole": { - "markdownDescription": "The SyncJob IAM role. This IAM role is used by the sync job to read from the syncSource, and create, update or delete the corresponding resources.", - "title": "SyncRole", + "ContactPostPassDurationSeconds": { + "markdownDescription": "Amount of time in seconds after a contact ends that you\u2019d like to receive a Ground Station Contact State Change indicating the pass has finished.", + "title": "ContactPostPassDurationSeconds", + "type": "number" + }, + "ContactPrePassDurationSeconds": { + "markdownDescription": "Amount of time in seconds prior to contact start that you'd like to receive a Ground Station Contact State Change Event indicating an upcoming pass.", + "title": "ContactPrePassDurationSeconds", + "type": "number" + }, + "DataflowEdges": { + "items": { + "$ref": "#/definitions/AWS::GroundStation::MissionProfile.DataflowEdge" + }, + "markdownDescription": "A list containing lists of config ARNs. Each list of config ARNs is an edge, with a \"from\" config and a \"to\" config.", + "title": "DataflowEdges", + "type": "array" + }, + "MinimumViableContactDurationSeconds": { + "markdownDescription": "Minimum length of a contact in seconds that Ground Station will return when listing contacts. Ground Station will not return contacts shorter than this duration.", + "title": "MinimumViableContactDurationSeconds", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of the mission profile.", + "title": "Name", "type": "string" }, - "SyncSource": { - "markdownDescription": "The sync source.\n\n> Currently the only supported syncSoucre is `SITEWISE` .", - "title": "SyncSource", + "StreamsKmsKey": { + "$ref": "#/definitions/AWS::GroundStation::MissionProfile.StreamsKmsKey", + "markdownDescription": "KMS key to use for encrypting streams.", + "title": "StreamsKmsKey" + }, + "StreamsKmsRole": { + "markdownDescription": "Role to use for encrypting streams with KMS key.", + "title": "StreamsKmsRole", "type": "string" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "Metadata you can use to manage the SyncJob.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "Tags assigned to the mission profile.", "title": "Tags", - "type": "object" + "type": "array" }, - "WorkspaceId": { - "markdownDescription": "The ID of the workspace that contains the sync job.", - "title": "WorkspaceId", + "TrackingConfigArn": { + "markdownDescription": "The ARN of a tracking config objects that defines how to track the satellite through the sky during a contact.", + "title": "TrackingConfigArn", "type": "string" } }, "required": [ - "SyncRole", - "SyncSource", - "WorkspaceId" + "DataflowEdges", + "MinimumViableContactDurationSeconds", + "Name", + "TrackingConfigArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTTwinMaker::SyncJob" + "AWS::GroundStation::MissionProfile" ], "type": "string" }, @@ -131571,7 +137018,44 @@ ], "type": "object" }, - "AWS::IoTTwinMaker::Workspace": { + "AWS::GroundStation::MissionProfile.DataflowEdge": { + "additionalProperties": false, + "properties": { + "Destination": { + "markdownDescription": "The ARN of the destination for this dataflow edge. For example, specify the ARN of a dataflow endpoint config for a downlink edge or an antenna uplink config for an uplink edge.", + "title": "Destination", + "type": "string" + }, + "Source": { + "markdownDescription": "The ARN of the source for this dataflow edge. For example, specify the ARN of an antenna downlink config for a downlink edge or a dataflow endpoint config for an uplink edge.", + "title": "Source", + "type": "string" + } + }, + "type": "object" + }, + "AWS::GroundStation::MissionProfile.StreamsKmsKey": { + "additionalProperties": false, + "properties": { + "KmsAliasArn": { + "markdownDescription": "KMS Alias Arn.", + "title": "KmsAliasArn", + "type": "string" + }, + "KmsAliasName": { + "markdownDescription": "KMS Alias Name.", + "title": "KmsAliasName", + "type": "string" + }, + "KmsKeyArn": { + "markdownDescription": "KMS Key Arn.", + "title": "KmsKeyArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::GuardDuty::Detector": { "additionalProperties": false, "properties": { "Condition": { @@ -131606,48 +137090,46 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the workspace.", - "title": "Description", - "type": "string" + "DataSources": { + "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNDataSourceConfigurations", + "markdownDescription": "Describes which data sources will be enabled for the detector.", + "title": "DataSources" }, - "Role": { - "markdownDescription": "The ARN of the execution role associated with the workspace.", - "title": "Role", - "type": "string" + "Enable": { + "markdownDescription": "Specifies whether the detector is to be enabled on creation.", + "title": "Enable", + "type": "boolean" }, - "S3Location": { - "markdownDescription": "The ARN of the S3 bucket where resources associated with the workspace are stored.", - "title": "S3Location", + "Features": { + "items": { + "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNFeatureConfiguration" + }, + "markdownDescription": "A list of features that will be configured for the detector.", + "title": "Features", + "type": "array" + }, + "FindingPublishingFrequency": { + "markdownDescription": "Specifies how frequently updated findings are exported.", + "title": "FindingPublishingFrequency", "type": "string" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "Metadata that you can use to manage the workspace.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/AWS::GuardDuty::Detector.TagItem" }, + "markdownDescription": "Specifies tags added to a new detector resource. Each tag consists of a key and an optional value, both of which you define.\n\nCurrently, support is available only for creating and deleting a tag. No support exists for updating the tags.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", - "type": "object" - }, - "WorkspaceId": { - "markdownDescription": "The ID of the workspace.", - "title": "WorkspaceId", - "type": "string" + "type": "array" } }, "required": [ - "Role", - "S3Location", - "WorkspaceId" + "Enable" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTTwinMaker::Workspace" + "AWS::GuardDuty::Detector" ], "type": "string" }, @@ -131666,7 +137148,156 @@ ], "type": "object" }, - "AWS::IoTWireless::Destination": { + "AWS::GuardDuty::Detector.CFNDataSourceConfigurations": { + "additionalProperties": false, + "properties": { + "Kubernetes": { + "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNKubernetesConfiguration", + "markdownDescription": "Describes which Kubernetes data sources are enabled for a detector.", + "title": "Kubernetes" + }, + "MalwareProtection": { + "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNMalwareProtectionConfiguration", + "markdownDescription": "Describes whether Malware Protection will be enabled as a data source.", + "title": "MalwareProtection" + }, + "S3Logs": { + "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNS3LogsConfiguration", + "markdownDescription": "Describes whether S3 data event logs are enabled as a data source.", + "title": "S3Logs" + } + }, + "type": "object" + }, + "AWS::GuardDuty::Detector.CFNFeatureAdditionalConfiguration": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "Name of the additional configuration.", + "title": "Name", + "type": "string" + }, + "Status": { + "markdownDescription": "Status of the additional configuration.", + "title": "Status", + "type": "string" + } + }, + "type": "object" + }, + "AWS::GuardDuty::Detector.CFNFeatureConfiguration": { + "additionalProperties": false, + "properties": { + "AdditionalConfiguration": { + "items": { + "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNFeatureAdditionalConfiguration" + }, + "markdownDescription": "Information about the additional configuration of a feature in your account.", + "title": "AdditionalConfiguration", + "type": "array" + }, + "Name": { + "markdownDescription": "Name of the feature. For a list of allowed values, see [DetectorFeatureConfiguration](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DetectorFeatureConfiguration.html#guardduty-Type-DetectorFeatureConfiguration-name) in the *GuardDuty API Reference* .", + "title": "Name", + "type": "string" + }, + "Status": { + "markdownDescription": "Status of the feature configuration.", + "title": "Status", + "type": "string" + } + }, + "required": [ + "Name", + "Status" + ], + "type": "object" + }, + "AWS::GuardDuty::Detector.CFNKubernetesAuditLogsConfiguration": { + "additionalProperties": false, + "properties": { + "Enable": { + "markdownDescription": "Describes whether Kubernetes audit logs are enabled as a data source for the detector.", + "title": "Enable", + "type": "boolean" + } + }, + "required": [ + "Enable" + ], + "type": "object" + }, + "AWS::GuardDuty::Detector.CFNKubernetesConfiguration": { + "additionalProperties": false, + "properties": { + "AuditLogs": { + "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNKubernetesAuditLogsConfiguration", + "markdownDescription": "Describes whether Kubernetes audit logs are enabled as a data source for the detector.", + "title": "AuditLogs" + } + }, + "required": [ + "AuditLogs" + ], + "type": "object" + }, + "AWS::GuardDuty::Detector.CFNMalwareProtectionConfiguration": { + "additionalProperties": false, + "properties": { + "ScanEc2InstanceWithFindings": { + "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNScanEc2InstanceWithFindingsConfiguration", + "markdownDescription": "Describes the configuration of Malware Protection for EC2 instances with findings.", + "title": "ScanEc2InstanceWithFindings" + } + }, + "type": "object" + }, + "AWS::GuardDuty::Detector.CFNS3LogsConfiguration": { + "additionalProperties": false, + "properties": { + "Enable": { + "markdownDescription": "The status of S3 data event logs as a data source.", + "title": "Enable", + "type": "boolean" + } + }, + "required": [ + "Enable" + ], + "type": "object" + }, + "AWS::GuardDuty::Detector.CFNScanEc2InstanceWithFindingsConfiguration": { + "additionalProperties": false, + "properties": { + "EbsVolumes": { + "markdownDescription": "Describes the configuration for scanning EBS volumes as data source.", + "title": "EbsVolumes", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::GuardDuty::Detector.TagItem": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The tag key.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The tag value.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::GuardDuty::Filter": { "additionalProperties": false, "properties": { "Condition": { @@ -131701,50 +137332,55 @@ "Properties": { "additionalProperties": false, "properties": { + "Action": { + "markdownDescription": "Specifies the action that is to be applied to the findings that match the filter.", + "title": "Action", + "type": "string" + }, "Description": { - "markdownDescription": "The description of the new resource. Maximum length is 2048 characters.", + "markdownDescription": "The description of the filter. Valid characters include alphanumeric characters, and special characters such as hyphen, period, colon, underscore, parentheses ( `{ }` , `[ ]` , and `( )` ), forward slash, horizontal tab, vertical tab, newline, form feed, return, and whitespace.", "title": "Description", "type": "string" }, - "Expression": { - "markdownDescription": "The rule name to send messages to.", - "title": "Expression", + "DetectorId": { + "markdownDescription": "The detector ID associated with the GuardDuty account for which you want to create a filter.\n\nTo find the `detectorId` in the current Region, see the\nSettings page in the GuardDuty console, or run the [ListDetectors](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListDetectors.html) API.", + "title": "DetectorId", "type": "string" }, - "ExpressionType": { - "markdownDescription": "The type of value in `Expression` .", - "title": "ExpressionType", - "type": "string" + "FindingCriteria": { + "$ref": "#/definitions/AWS::GuardDuty::Filter.FindingCriteria", + "markdownDescription": "Represents the criteria to be used in the filter for querying findings.", + "title": "FindingCriteria" }, "Name": { - "markdownDescription": "The name of the new resource.", + "markdownDescription": "The name of the filter. Valid characters include period (.), underscore (_), dash (-), and alphanumeric characters. A whitespace is considered to be an invalid character.", "title": "Name", "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM Role that authorizes the destination.", - "title": "RoleArn", - "type": "string" + "Rank": { + "markdownDescription": "Specifies the position of the filter in the list of current filters. Also specifies the order in which this filter is applied to the findings. The minimum value for this property is 1 and the maximum is 100.\n\nBy default, filters may not be created in the same order as they are ranked. To ensure that the filters are created in the expected order, you can use an optional attribute, [DependsOn](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) , with the following syntax: `\"DependsOn\":[ \"ObjectName\" ]` .", + "title": "Rank", + "type": "number" }, "Tags": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::GuardDuty::Filter.TagItem" }, - "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", + "markdownDescription": "The tags to be added to a new filter resource. Each tag consists of a key and an optional value, both of which you define.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ - "Expression", - "ExpressionType", + "DetectorId", + "FindingCriteria", "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTWireless::Destination" + "AWS::GuardDuty::Filter" ], "type": "string" }, @@ -131763,7 +137399,122 @@ ], "type": "object" }, - "AWS::IoTWireless::DeviceProfile": { + "AWS::GuardDuty::Filter.Condition": { + "additionalProperties": false, + "properties": { + "Eq": { + "items": { + "type": "string" + }, + "markdownDescription": "Represents the equal condition to apply to a single field when querying for findings.", + "title": "Eq", + "type": "array" + }, + "Equals": { + "items": { + "type": "string" + }, + "markdownDescription": "Represents an *equal* ** condition to be applied to a single field when querying for findings.", + "title": "Equals", + "type": "array" + }, + "GreaterThan": { + "markdownDescription": "Represents a *greater than* condition to be applied to a single field when querying for findings.", + "title": "GreaterThan", + "type": "number" + }, + "GreaterThanOrEqual": { + "markdownDescription": "Represents a *greater than or equal* condition to be applied to a single field when querying for findings.", + "title": "GreaterThanOrEqual", + "type": "number" + }, + "Gt": { + "markdownDescription": "Represents a *greater than* condition to be applied to a single field when querying for findings.", + "title": "Gt", + "type": "number" + }, + "Gte": { + "markdownDescription": "Represents the greater than or equal condition to apply to a single field when querying for findings.", + "title": "Gte", + "type": "number" + }, + "LessThan": { + "markdownDescription": "Represents a *less than* condition to be applied to a single field when querying for findings.", + "title": "LessThan", + "type": "number" + }, + "LessThanOrEqual": { + "markdownDescription": "Represents a *less than or equal* condition to be applied to a single field when querying for findings.", + "title": "LessThanOrEqual", + "type": "number" + }, + "Lt": { + "markdownDescription": "Represents the less than condition to apply to a single field when querying for findings.", + "title": "Lt", + "type": "number" + }, + "Lte": { + "markdownDescription": "Represents the less than or equal condition to apply to a single field when querying for findings.", + "title": "Lte", + "type": "number" + }, + "Neq": { + "items": { + "type": "string" + }, + "markdownDescription": "Represents the not equal condition to apply to a single field when querying for findings.", + "title": "Neq", + "type": "array" + }, + "NotEquals": { + "items": { + "type": "string" + }, + "markdownDescription": "Represents a *not equal* ** condition to be applied to a single field when querying for findings.", + "title": "NotEquals", + "type": "array" + } + }, + "type": "object" + }, + "AWS::GuardDuty::Filter.FindingCriteria": { + "additionalProperties": false, + "properties": { + "Criterion": { + "additionalProperties": false, + "markdownDescription": "Represents a map of finding properties that match specified conditions and values when querying findings.\n\nFor information about JSON criterion mapping to their console equivalent, see [Finding criteria](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_filter-findings.html#filter_criteria) . The following are the available criterion:\n\n- accountId\n- id\n- region\n- severity\n\nTo filter on the basis of severity, the API and AWS CLI use the following input list for the `FindingCriteria` condition:\n\n- *Low* : `[\"1\", \"2\", \"3\"]`\n- *Medium* : `[\"4\", \"5\", \"6\"]`\n- *High* : `[\"7\", \"8\", \"9\"]`\n\nFor more information, see [Severity levels for GuardDuty findings](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_findings.html#guardduty_findings-severity) in the *Amazon GuardDuty User Guide* .\n- type\n- updatedAt\n\nType: ISO 8601 string format: `YYYY-MM-DDTHH:MM:SS.SSSZ` or `YYYY-MM-DDTHH:MM:SSZ` depending on whether the value contains milliseconds.\n- resource.accessKeyDetails.accessKeyId\n- resource.accessKeyDetails.principalId\n- resource.accessKeyDetails.userName\n- resource.accessKeyDetails.userType\n- resource.instanceDetails.iamInstanceProfile.id\n- resource.instanceDetails.imageId\n- resource.instanceDetails.instanceId\n- resource.instanceDetails.tags.key\n- resource.instanceDetails.tags.value\n- resource.instanceDetails.networkInterfaces.ipv6Addresses\n- resource.instanceDetails.networkInterfaces.privateIpAddresses.privateIpAddress\n- resource.instanceDetails.networkInterfaces.publicDnsName\n- resource.instanceDetails.networkInterfaces.publicIp\n- resource.instanceDetails.networkInterfaces.securityGroups.groupId\n- resource.instanceDetails.networkInterfaces.securityGroups.groupName\n- resource.instanceDetails.networkInterfaces.subnetId\n- resource.instanceDetails.networkInterfaces.vpcId\n- resource.instanceDetails.outpostArn\n- resource.resourceType\n- resource.s3BucketDetails.publicAccess.effectivePermissions\n- resource.s3BucketDetails.name\n- resource.s3BucketDetails.tags.key\n- resource.s3BucketDetails.tags.value\n- resource.s3BucketDetails.type\n- service.action.actionType\n- service.action.awsApiCallAction.api\n- service.action.awsApiCallAction.callerType\n- service.action.awsApiCallAction.errorCode\n- service.action.awsApiCallAction.remoteIpDetails.city.cityName\n- service.action.awsApiCallAction.remoteIpDetails.country.countryName\n- service.action.awsApiCallAction.remoteIpDetails.ipAddressV4\n- service.action.awsApiCallAction.remoteIpDetails.ipAddressV6\n- service.action.awsApiCallAction.remoteIpDetails.organization.asn\n- service.action.awsApiCallAction.remoteIpDetails.organization.asnOrg\n- service.action.awsApiCallAction.serviceName\n- service.action.dnsRequestAction.domain\n- service.action.dnsRequestAction.domainWithSuffix\n- service.action.networkConnectionAction.blocked\n- service.action.networkConnectionAction.connectionDirection\n- service.action.networkConnectionAction.localPortDetails.port\n- service.action.networkConnectionAction.protocol\n- service.action.networkConnectionAction.remoteIpDetails.city.cityName\n- service.action.networkConnectionAction.remoteIpDetails.country.countryName\n- service.action.networkConnectionAction.remoteIpDetails.ipAddressV4\n- service.action.networkConnectionAction.remoteIpDetails.ipAddressV6\n- service.action.networkConnectionAction.remoteIpDetails.organization.asn\n- service.action.networkConnectionAction.remoteIpDetails.organization.asnOrg\n- service.action.networkConnectionAction.remotePortDetails.port\n- service.action.awsApiCallAction.remoteAccountDetails.affiliated\n- service.action.kubernetesApiCallAction.remoteIpDetails.ipAddressV4\n- service.action.kubernetesApiCallAction.remoteIpDetails.ipAddressV6\n- service.action.kubernetesApiCallAction.namespace\n- service.action.kubernetesApiCallAction.remoteIpDetails.organization.asn\n- service.action.kubernetesApiCallAction.requestUri\n- service.action.kubernetesApiCallAction.statusCode\n- service.action.networkConnectionAction.localIpDetails.ipAddressV4\n- service.action.networkConnectionAction.localIpDetails.ipAddressV6\n- service.action.networkConnectionAction.protocol\n- service.action.awsApiCallAction.serviceName\n- service.action.awsApiCallAction.remoteAccountDetails.accountId\n- service.additionalInfo.threatListName\n- service.resourceRole\n- resource.eksClusterDetails.name\n- resource.kubernetesDetails.kubernetesWorkloadDetails.name\n- resource.kubernetesDetails.kubernetesWorkloadDetails.namespace\n- resource.kubernetesDetails.kubernetesUserDetails.username\n- resource.kubernetesDetails.kubernetesWorkloadDetails.containers.image\n- resource.kubernetesDetails.kubernetesWorkloadDetails.containers.imagePrefix\n- service.ebsVolumeScanDetails.scanId\n- service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.name\n- service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.severity\n- service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.filePaths.hash\n- service.malwareScanDetails.threats.name\n- resource.ecsClusterDetails.name\n- resource.ecsClusterDetails.taskDetails.containers.image\n- resource.ecsClusterDetails.taskDetails.definitionArn\n- resource.containerDetails.image\n- resource.rdsDbInstanceDetails.dbInstanceIdentifier\n- resource.rdsDbInstanceDetails.dbClusterIdentifier\n- resource.rdsDbInstanceDetails.engine\n- resource.rdsDbUserDetails.user\n- resource.rdsDbInstanceDetails.tags.key\n- resource.rdsDbInstanceDetails.tags.value\n- service.runtimeDetails.process.executableSha256\n- service.runtimeDetails.process.name\n- service.runtimeDetails.process.name\n- resource.lambdaDetails.functionName\n- resource.lambdaDetails.functionArn\n- resource.lambdaDetails.tags.key\n- resource.lambdaDetails.tags.value", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::GuardDuty::Filter.Condition" + } + }, + "title": "Criterion", + "type": "object" + } + }, + "type": "object" + }, + "AWS::GuardDuty::Filter.TagItem": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The tag key.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The tag value.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::GuardDuty::IPSet": { "additionalProperties": false, "properties": { "Condition": { @@ -131798,30 +137549,54 @@ "Properties": { "additionalProperties": false, "properties": { - "LoRaWAN": { - "$ref": "#/definitions/AWS::IoTWireless::DeviceProfile.LoRaWANDeviceProfile", - "markdownDescription": "LoRaWAN device profile object.", - "title": "LoRaWAN" + "Activate": { + "markdownDescription": "Indicates whether or not GuardDuty uses the `IPSet` .", + "title": "Activate", + "type": "boolean" + }, + "DetectorId": { + "markdownDescription": "The unique ID of the detector of the GuardDuty account for which you want to create an IPSet.\n\nTo find the `detectorId` in the current Region, see the\nSettings page in the GuardDuty console, or run the [ListDetectors](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListDetectors.html) API.", + "title": "DetectorId", + "type": "string" + }, + "ExpectedBucketOwner": { + "markdownDescription": "The AWS account ID that owns the Amazon S3 bucket specified in the *Location* field.\n\nWhen you provide this account ID, GuardDuty will validate that the S3 bucket belongs to this account. If you don't specify an account ID owner, GuardDuty doesn't perform any validation.", + "title": "ExpectedBucketOwner", + "type": "string" + }, + "Format": { + "markdownDescription": "The format of the file that contains the IPSet.", + "title": "Format", + "type": "string" + }, + "Location": { + "markdownDescription": "The URI of the file that contains the IPSet.", + "title": "Location", + "type": "string" }, "Name": { - "markdownDescription": "The name of the new resource.", + "markdownDescription": "The user-friendly name to identify the IPSet.\n\nAllowed characters are alphanumeric, whitespace, dash (-), and underscores (_).", "title": "Name", "type": "string" }, "Tags": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::GuardDuty::IPSet.TagItem" }, - "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", + "markdownDescription": "The tags to be added to a new IP set resource. Each tag consists of a key and an optional value, both of which you define.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, - "type": "object" + "required": [ + "Format", + "Location" + ], + "type": "object" }, "Type": { "enum": [ - "AWS::IoTWireless::DeviceProfile" + "AWS::GuardDuty::IPSet" ], "type": "string" }, @@ -131835,115 +137610,32 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoTWireless::DeviceProfile.LoRaWANDeviceProfile": { + "AWS::GuardDuty::IPSet.TagItem": { "additionalProperties": false, "properties": { - "ClassBTimeout": { - "markdownDescription": "The ClassBTimeout value.", - "title": "ClassBTimeout", - "type": "number" - }, - "ClassCTimeout": { - "markdownDescription": "The ClassCTimeout value.", - "title": "ClassCTimeout", - "type": "number" - }, - "FactoryPresetFreqsList": { - "items": { - "type": "number" - }, - "markdownDescription": "The list of values that make up the FactoryPresetFreqs value. Valid range of values include a minimum value of 1000000 and a maximum value of 16700000.", - "title": "FactoryPresetFreqsList", - "type": "array" - }, - "MacVersion": { - "markdownDescription": "The MAC version (such as OTAA 1.1 or OTAA 1.0.3) to use with this device profile.", - "title": "MacVersion", - "type": "string" - }, - "MaxDutyCycle": { - "markdownDescription": "The MaxDutyCycle value.", - "title": "MaxDutyCycle", - "type": "number" - }, - "MaxEirp": { - "markdownDescription": "The MaxEIRP value.", - "title": "MaxEirp", - "type": "number" - }, - "PingSlotDr": { - "markdownDescription": "The PingSlotDR value.", - "title": "PingSlotDr", - "type": "number" - }, - "PingSlotFreq": { - "markdownDescription": "The PingSlotFreq value.", - "title": "PingSlotFreq", - "type": "number" - }, - "PingSlotPeriod": { - "markdownDescription": "The PingSlotPeriod value.", - "title": "PingSlotPeriod", - "type": "number" - }, - "RegParamsRevision": { - "markdownDescription": "The version of regional parameters.", - "title": "RegParamsRevision", + "Key": { + "markdownDescription": "The tag key.", + "title": "Key", "type": "string" }, - "RfRegion": { - "markdownDescription": "The frequency band (RFRegion) value.", - "title": "RfRegion", + "Value": { + "markdownDescription": "The tag value.", + "title": "Value", "type": "string" - }, - "RxDataRate2": { - "markdownDescription": "The RXDataRate2 value.", - "title": "RxDataRate2", - "type": "number" - }, - "RxDelay1": { - "markdownDescription": "The RXDelay1 value.", - "title": "RxDelay1", - "type": "number" - }, - "RxDrOffset1": { - "markdownDescription": "The RXDROffset1 value.", - "title": "RxDrOffset1", - "type": "number" - }, - "RxFreq2": { - "markdownDescription": "The RXFreq2 value.", - "title": "RxFreq2", - "type": "number" - }, - "Supports32BitFCnt": { - "markdownDescription": "The Supports32BitFCnt value.", - "title": "Supports32BitFCnt", - "type": "boolean" - }, - "SupportsClassB": { - "markdownDescription": "The SupportsClassB value.", - "title": "SupportsClassB", - "type": "boolean" - }, - "SupportsClassC": { - "markdownDescription": "The SupportsClassC value.", - "title": "SupportsClassC", - "type": "boolean" - }, - "SupportsJoin": { - "markdownDescription": "The SupportsJoin value.", - "title": "SupportsJoin", - "type": "boolean" } }, + "required": [ + "Key", + "Value" + ], "type": "object" }, - "AWS::IoTWireless::FuotaTask": { + "AWS::GuardDuty::MalwareProtectionPlan": { "additionalProperties": false, "properties": { "Condition": { @@ -131978,70 +137670,39 @@ "Properties": { "additionalProperties": false, "properties": { - "AssociateMulticastGroup": { - "markdownDescription": "The ID of the multicast group to associate with a FUOTA task.", - "title": "AssociateMulticastGroup", - "type": "string" - }, - "AssociateWirelessDevice": { - "markdownDescription": "The ID of the wireless device to associate with a multicast group.", - "title": "AssociateWirelessDevice", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the new resource.", - "title": "Description", - "type": "string" - }, - "DisassociateMulticastGroup": { - "markdownDescription": "The ID of the multicast group to disassociate from a FUOTA task.", - "title": "DisassociateMulticastGroup", - "type": "string" - }, - "DisassociateWirelessDevice": { - "markdownDescription": "The ID of the wireless device to disassociate from a FUOTA task.", - "title": "DisassociateWirelessDevice", - "type": "string" - }, - "FirmwareUpdateImage": { - "markdownDescription": "The S3 URI points to a firmware update image that is to be used with a FUOTA task.", - "title": "FirmwareUpdateImage", - "type": "string" - }, - "FirmwareUpdateRole": { - "markdownDescription": "The firmware update role that is to be used with a FUOTA task.", - "title": "FirmwareUpdateRole", - "type": "string" + "Actions": { + "$ref": "#/definitions/AWS::GuardDuty::MalwareProtectionPlan.CFNActions", + "markdownDescription": "Specifies the action that is to be applied to the Malware Protection plan resource.", + "title": "Actions" }, - "LoRaWAN": { - "$ref": "#/definitions/AWS::IoTWireless::FuotaTask.LoRaWAN", - "markdownDescription": "The LoRaWAN information used with a FUOTA task.", - "title": "LoRaWAN" + "ProtectedResource": { + "$ref": "#/definitions/AWS::GuardDuty::MalwareProtectionPlan.CFNProtectedResource", + "markdownDescription": "Information about the protected resource. Presently, `S3Bucket` is the only supported protected resource.", + "title": "ProtectedResource" }, - "Name": { - "markdownDescription": "The name of a FUOTA task.", - "title": "Name", + "Role": { + "markdownDescription": "Amazon Resource Name (ARN) of the IAM role that includes the permissions required to scan and (optionally) add tags to the associated protected resource.\n\nTo find the ARN of your IAM role, go to the IAM console, and select the role name for details.", + "title": "Role", "type": "string" }, "Tags": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::GuardDuty::MalwareProtectionPlan.TagItem" }, - "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", + "markdownDescription": "The tags to be added to the created Malware Protection plan resource. Each tag consists of a key and an optional value, both of which you need to specify.", "title": "Tags", "type": "array" } }, "required": [ - "FirmwareUpdateImage", - "FirmwareUpdateRole", - "LoRaWAN" + "ProtectedResource", + "Role" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTWireless::FuotaTask" + "AWS::GuardDuty::MalwareProtectionPlan" ], "type": "string" }, @@ -132060,26 +137721,98 @@ ], "type": "object" }, - "AWS::IoTWireless::FuotaTask.LoRaWAN": { + "AWS::GuardDuty::MalwareProtectionPlan.CFNActions": { "additionalProperties": false, "properties": { - "RfRegion": { - "markdownDescription": "The frequency band (RFRegion) value.", - "title": "RfRegion", + "Tagging": { + "$ref": "#/definitions/AWS::GuardDuty::MalwareProtectionPlan.CFNTagging", + "markdownDescription": "Contains information about tagging status of the Malware Protection plan resource.", + "title": "Tagging" + } + }, + "type": "object" + }, + "AWS::GuardDuty::MalwareProtectionPlan.CFNProtectedResource": { + "additionalProperties": false, + "properties": { + "S3Bucket": { + "$ref": "#/definitions/AWS::GuardDuty::MalwareProtectionPlan.S3Bucket", + "markdownDescription": "Information about the protected S3 bucket resource.", + "title": "S3Bucket" + } + }, + "required": [ + "S3Bucket" + ], + "type": "object" + }, + "AWS::GuardDuty::MalwareProtectionPlan.CFNStatusReasons": { + "additionalProperties": false, + "properties": { + "Code": { + "markdownDescription": "The status code of the Malware Protection plan. For more information, see [Malware Protection plan resource status](https://docs.aws.amazon.com/guardduty/latest/ug/malware-protection-s3-bucket-status-gdu.html) in the *GuardDuty User Guide* .", + "title": "Code", "type": "string" }, - "StartTime": { - "markdownDescription": "Start time of a FUOTA task.", - "title": "StartTime", + "Message": { + "markdownDescription": "Issue message that specifies the reason. For information about potential troubleshooting steps, see [Troubleshooting Malware Protection for S3 status issues](https://docs.aws.amazon.com/guardduty/latest/ug/troubleshoot-s3-malware-protection-status-errors.html) in the *Amazon GuardDuty User Guide* .", + "title": "Message", + "type": "string" + } + }, + "type": "object" + }, + "AWS::GuardDuty::MalwareProtectionPlan.CFNTagging": { + "additionalProperties": false, + "properties": { + "Status": { + "markdownDescription": "Indicates whether or not you chose GuardDuty to add a predefined tag to the scanned S3 object.\n\nPotential values include `ENABLED` and `DISABLED` . These values are case-sensitive.", + "title": "Status", + "type": "string" + } + }, + "type": "object" + }, + "AWS::GuardDuty::MalwareProtectionPlan.S3Bucket": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "Name of the S3 bucket.", + "title": "BucketName", + "type": "string" + }, + "ObjectPrefixes": { + "items": { + "type": "string" + }, + "markdownDescription": "Information about the specified object prefixes. An S3 object will be scanned only if it belongs to any of the specified object prefixes.", + "title": "ObjectPrefixes", + "type": "array" + } + }, + "type": "object" + }, + "AWS::GuardDuty::MalwareProtectionPlan.TagItem": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The tag key.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The tag value.", + "title": "Value", "type": "string" } }, "required": [ - "RfRegion" + "Key", + "Value" ], "type": "object" }, - "AWS::IoTWireless::MulticastGroup": { + "AWS::GuardDuty::Master": { "additionalProperties": false, "properties": { "Condition": { @@ -132114,48 +137847,31 @@ "Properties": { "additionalProperties": false, "properties": { - "AssociateWirelessDevice": { - "markdownDescription": "The ID of the wireless device to associate with a multicast group.", - "title": "AssociateWirelessDevice", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the multicast group.", - "title": "Description", + "DetectorId": { + "markdownDescription": "The unique ID of the detector of the GuardDuty member account.\n\nTo find the `detectorId` in the current Region, see the\nSettings page in the GuardDuty console, or run the [ListDetectors](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListDetectors.html) API.", + "title": "DetectorId", "type": "string" }, - "DisassociateWirelessDevice": { - "markdownDescription": "The ID of the wireless device to disassociate from a multicast group.", - "title": "DisassociateWirelessDevice", + "InvitationId": { + "markdownDescription": "The ID of the invitation that is sent to the account designated as a member account. You can find the invitation ID by running the [ListInvitations](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListInvitations.html) in the *GuardDuty API Reference* .", + "title": "InvitationId", "type": "string" }, - "LoRaWAN": { - "$ref": "#/definitions/AWS::IoTWireless::MulticastGroup.LoRaWAN", - "markdownDescription": "The LoRaWAN information that is to be used with the multicast group.", - "title": "LoRaWAN" - }, - "Name": { - "markdownDescription": "The name of the multicast group.", - "title": "Name", + "MasterId": { + "markdownDescription": "The AWS account ID of the account designated as the GuardDuty administrator account.", + "title": "MasterId", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", - "title": "Tags", - "type": "array" } }, "required": [ - "LoRaWAN" + "DetectorId", + "MasterId" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTWireless::MulticastGroup" + "AWS::GuardDuty::Master" ], "type": "string" }, @@ -132174,37 +137890,7 @@ ], "type": "object" }, - "AWS::IoTWireless::MulticastGroup.LoRaWAN": { - "additionalProperties": false, - "properties": { - "DlClass": { - "markdownDescription": "DlClass for LoRaWAN. Valid values are ClassB and ClassC.", - "title": "DlClass", - "type": "string" - }, - "NumberOfDevicesInGroup": { - "markdownDescription": "Number of devices that are associated to the multicast group.", - "title": "NumberOfDevicesInGroup", - "type": "number" - }, - "NumberOfDevicesRequested": { - "markdownDescription": "Number of devices that are requested to be associated with the multicast group.", - "title": "NumberOfDevicesRequested", - "type": "number" - }, - "RfRegion": { - "markdownDescription": "The frequency band (RFRegion) value.", - "title": "RfRegion", - "type": "string" - } - }, - "required": [ - "DlClass", - "RfRegion" - ], - "type": "object" - }, - "AWS::IoTWireless::NetworkAnalyzerConfiguration": { + "AWS::GuardDuty::Member": { "additionalProperties": false, "properties": { "Condition": { @@ -132239,54 +137925,45 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the resource.", - "title": "Description", + "DetectorId": { + "markdownDescription": "The ID of the detector associated with the GuardDuty service to add the member to.", + "title": "DetectorId", "type": "string" }, - "Name": { - "markdownDescription": "Name of the network analyzer configuration.", - "title": "Name", - "type": "string" + "DisableEmailNotification": { + "markdownDescription": "Specifies whether or not to disable email notification for the member account that you invite.", + "title": "DisableEmailNotification", + "type": "boolean" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to attach to the specified resource. Tags are metadata that you can use to manage a resource.", - "title": "Tags", - "type": "array" + "Email": { + "markdownDescription": "The email address associated with the member account.", + "title": "Email", + "type": "string" }, - "TraceContent": { - "$ref": "#/definitions/AWS::IoTWireless::NetworkAnalyzerConfiguration.TraceContent", - "markdownDescription": "Trace content for your wireless gateway and wireless device resources.", - "title": "TraceContent" + "MemberId": { + "markdownDescription": "The AWS account ID of the account to designate as a member.", + "title": "MemberId", + "type": "string" }, - "WirelessDevices": { - "items": { - "type": "string" - }, - "markdownDescription": "Wireless device resources to add to the network analyzer configuration. Provide the `WirelessDeviceId` of the resource to add in the input array.", - "title": "WirelessDevices", - "type": "array" + "Message": { + "markdownDescription": "The invitation message that you want to send to the accounts that you're inviting to GuardDuty as members.", + "title": "Message", + "type": "string" }, - "WirelessGateways": { - "items": { - "type": "string" - }, - "markdownDescription": "Wireless gateway resources to add to the network analyzer configuration. Provide the `WirelessGatewayId` of the resource to add in the input array.", - "title": "WirelessGateways", - "type": "array" + "Status": { + "markdownDescription": "You can use the `Status` property to update the status of the relationship between the member account and its administrator account. Valid values are `Created` and `Invited` when using an `AWS::GuardDuty::Member` resource. If the value for this property is not provided or set to `Created` , a member account is created but not invited. If the value of this property is set to `Invited` , a member account is created and invited.", + "title": "Status", + "type": "string" } }, "required": [ - "Name" + "Email" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTWireless::NetworkAnalyzerConfiguration" + "AWS::GuardDuty::Member" ], "type": "string" }, @@ -132305,23 +137982,7 @@ ], "type": "object" }, - "AWS::IoTWireless::NetworkAnalyzerConfiguration.TraceContent": { - "additionalProperties": false, - "properties": { - "LogLevel": { - "markdownDescription": "The log level for a log message. The log levels can be disabled, or set to `ERROR` to display less verbose logs containing only error information, or to `INFO` for more detailed logs", - "title": "LogLevel", - "type": "string" - }, - "WirelessDeviceFrameInfo": { - "markdownDescription": "`FrameInfo` of your wireless device resources for the trace content. Use FrameInfo to debug the communication between your LoRaWAN end devices and the network server.", - "title": "WirelessDeviceFrameInfo", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoTWireless::PartnerAccount": { + "AWS::GuardDuty::PublishingDestination": { "additionalProperties": false, "properties": { "Condition": { @@ -132356,50 +138017,40 @@ "Properties": { "additionalProperties": false, "properties": { - "AccountLinked": { - "markdownDescription": "Whether the partner account is linked to the AWS account.", - "title": "AccountLinked", - "type": "boolean" + "DestinationProperties": { + "$ref": "#/definitions/AWS::GuardDuty::PublishingDestination.CFNDestinationProperties", + "markdownDescription": "Contains the Amazon Resource Name (ARN) of the resource to publish to, such as an S3 bucket, and the ARN of the KMS key to use to encrypt published findings.", + "title": "DestinationProperties" }, - "PartnerAccountId": { - "markdownDescription": "The ID of the partner account to update.", - "title": "PartnerAccountId", + "DestinationType": { + "markdownDescription": "The type of publishing destination. GuardDuty supports Amazon S3 buckets as a publishing destination.", + "title": "DestinationType", "type": "string" }, - "PartnerType": { - "markdownDescription": "The partner type.", - "title": "PartnerType", + "DetectorId": { + "markdownDescription": "The ID of the GuardDuty detector where the publishing destination exists.", + "title": "DetectorId", "type": "string" }, - "Sidewalk": { - "$ref": "#/definitions/AWS::IoTWireless::PartnerAccount.SidewalkAccountInfo", - "markdownDescription": "The Sidewalk account credentials.", - "title": "Sidewalk" - }, - "SidewalkResponse": { - "$ref": "#/definitions/AWS::IoTWireless::PartnerAccount.SidewalkAccountInfoWithFingerprint", - "markdownDescription": "Information about a Sidewalk account.", - "title": "SidewalkResponse" - }, - "SidewalkUpdate": { - "$ref": "#/definitions/AWS::IoTWireless::PartnerAccount.SidewalkUpdateAccount", - "markdownDescription": "Sidewalk update.", - "title": "SidewalkUpdate" - }, "Tags": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::GuardDuty::PublishingDestination.TagItem" }, - "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", + "markdownDescription": "Describes a tag.", "title": "Tags", "type": "array" } }, + "required": [ + "DestinationProperties", + "DestinationType", + "DetectorId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTWireless::PartnerAccount" + "AWS::GuardDuty::PublishingDestination" ], "type": "string" }, @@ -132413,57 +138064,48 @@ } }, "required": [ - "Type" - ], - "type": "object" - }, - "AWS::IoTWireless::PartnerAccount.SidewalkAccountInfo": { - "additionalProperties": false, - "properties": { - "AppServerPrivateKey": { - "markdownDescription": "The Sidewalk application server private key. The application server private key is a secret key, which you should handle in a similar way as you would an application password. You can protect the application server private key by storing the value in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", - "title": "AppServerPrivateKey", - "type": "string" - } - }, - "required": [ - "AppServerPrivateKey" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoTWireless::PartnerAccount.SidewalkAccountInfoWithFingerprint": { + "AWS::GuardDuty::PublishingDestination.CFNDestinationProperties": { "additionalProperties": false, "properties": { - "AmazonId": { - "markdownDescription": "The Sidewalk Amazon ID.", - "title": "AmazonId", - "type": "string" - }, - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", - "title": "Arn", + "DestinationArn": { + "markdownDescription": "The ARN of the resource where the findings are published.", + "title": "DestinationArn", "type": "string" }, - "Fingerprint": { - "markdownDescription": "The fingerprint of the Sidewalk application server private key.", - "title": "Fingerprint", + "KmsKeyArn": { + "markdownDescription": "The ARN of the KMS key to use for encryption.", + "title": "KmsKeyArn", "type": "string" } }, "type": "object" }, - "AWS::IoTWireless::PartnerAccount.SidewalkUpdateAccount": { + "AWS::GuardDuty::PublishingDestination.TagItem": { "additionalProperties": false, "properties": { - "AppServerPrivateKey": { - "markdownDescription": "The new Sidewalk application server private key.", - "title": "AppServerPrivateKey", + "Key": { + "markdownDescription": "The tag key.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The tag value.", + "title": "Value", "type": "string" } }, + "required": [ + "Key", + "Value" + ], "type": "object" }, - "AWS::IoTWireless::ServiceProfile": { + "AWS::GuardDuty::ThreatIntelSet": { "additionalProperties": false, "properties": { "Condition": { @@ -132498,30 +138140,54 @@ "Properties": { "additionalProperties": false, "properties": { - "LoRaWAN": { - "$ref": "#/definitions/AWS::IoTWireless::ServiceProfile.LoRaWANServiceProfile", - "markdownDescription": "LoRaWAN service profile object.", - "title": "LoRaWAN" + "Activate": { + "markdownDescription": "A Boolean value that indicates whether GuardDuty is to start using the uploaded ThreatIntelSet.", + "title": "Activate", + "type": "boolean" + }, + "DetectorId": { + "markdownDescription": "The unique ID of the detector of the GuardDuty account for which you want to create a `ThreatIntelSet` .\n\nTo find the `detectorId` in the current Region, see the\nSettings page in the GuardDuty console, or run the [ListDetectors](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListDetectors.html) API.", + "title": "DetectorId", + "type": "string" + }, + "ExpectedBucketOwner": { + "markdownDescription": "The AWS account ID that owns the Amazon S3 bucket specified in the *Location* field.\n\nWhen you provide this account ID, GuardDuty will validate that the S3 bucket belongs to this account. If you don't specify an account ID owner, GuardDuty doesn't perform any validation.", + "title": "ExpectedBucketOwner", + "type": "string" + }, + "Format": { + "markdownDescription": "The format of the file that contains the ThreatIntelSet.", + "title": "Format", + "type": "string" + }, + "Location": { + "markdownDescription": "The URI of the file that contains the ThreatIntelSet.", + "title": "Location", + "type": "string" }, "Name": { - "markdownDescription": "The name of the new resource.", + "markdownDescription": "A user-friendly ThreatIntelSet name displayed in all findings that are generated by activity that involves IP addresses included in this ThreatIntelSet.", "title": "Name", "type": "string" }, "Tags": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::GuardDuty::ThreatIntelSet.TagItem" }, - "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", + "markdownDescription": "The tags to be added to a new threat list resource. Each tag consists of a key and an optional value, both of which you define.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, + "required": [ + "Format", + "Location" + ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTWireless::ServiceProfile" + "AWS::GuardDuty::ThreatIntelSet" ], "type": "string" }, @@ -132535,112 +138201,32 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoTWireless::ServiceProfile.LoRaWANServiceProfile": { + "AWS::GuardDuty::ThreatIntelSet.TagItem": { "additionalProperties": false, "properties": { - "AddGwMetadata": { - "markdownDescription": "The AddGWMetaData value.", - "title": "AddGwMetadata", - "type": "boolean" - }, - "ChannelMask": { - "markdownDescription": "The ChannelMask value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "ChannelMask", - "type": "string" - }, - "DevStatusReqFreq": { - "markdownDescription": "The DevStatusReqFreq value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "DevStatusReqFreq", - "type": "number" - }, - "DlBucketSize": { - "markdownDescription": "The DLBucketSize value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "DlBucketSize", - "type": "number" - }, - "DlRate": { - "markdownDescription": "The DLRate value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "DlRate", - "type": "number" - }, - "DlRatePolicy": { - "markdownDescription": "The DLRatePolicy value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "DlRatePolicy", + "Key": { + "markdownDescription": "The tag key.", + "title": "Key", "type": "string" }, - "DrMax": { - "markdownDescription": "The DRMax value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "DrMax", - "type": "number" - }, - "DrMin": { - "markdownDescription": "The DRMin value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "DrMin", - "type": "number" - }, - "HrAllowed": { - "markdownDescription": "The HRAllowed value that describes whether handover roaming is allowed.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "HrAllowed", - "type": "boolean" - }, - "MinGwDiversity": { - "markdownDescription": "The MinGwDiversity value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "MinGwDiversity", - "type": "number" - }, - "NwkGeoLoc": { - "markdownDescription": "The NwkGeoLoc value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "NwkGeoLoc", - "type": "boolean" - }, - "PrAllowed": { - "markdownDescription": "The PRAllowed value that describes whether passive roaming is allowed.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "PrAllowed", - "type": "boolean" - }, - "RaAllowed": { - "markdownDescription": "The RAAllowed value that describes whether roaming activation is allowed.", - "title": "RaAllowed", - "type": "boolean" - }, - "ReportDevStatusBattery": { - "markdownDescription": "The ReportDevStatusBattery value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "ReportDevStatusBattery", - "type": "boolean" - }, - "ReportDevStatusMargin": { - "markdownDescription": "The ReportDevStatusMargin value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "ReportDevStatusMargin", - "type": "boolean" - }, - "TargetPer": { - "markdownDescription": "The TargetPer value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "TargetPer", - "type": "number" - }, - "UlBucketSize": { - "markdownDescription": "The UlBucketSize value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "UlBucketSize", - "type": "number" - }, - "UlRate": { - "markdownDescription": "The ULRate value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "UlRate", - "type": "number" - }, - "UlRatePolicy": { - "markdownDescription": "The ULRatePolicy value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "UlRatePolicy", + "Value": { + "markdownDescription": "The tag value.", + "title": "Value", "type": "string" } }, + "required": [ + "Key", + "Value" + ], "type": "object" }, - "AWS::IoTWireless::TaskDefinition": { + "AWS::HealthImaging::Datastore": { "additionalProperties": false, "properties": { "Condition": { @@ -132675,48 +138261,33 @@ "Properties": { "additionalProperties": false, "properties": { - "AutoCreateTasks": { - "markdownDescription": "Whether to automatically create tasks using this task definition for all gateways with the specified current version. If `false` , the task must be created by calling `CreateWirelessGatewayTask` .", - "title": "AutoCreateTasks", - "type": "boolean" - }, - "LoRaWANUpdateGatewayTaskEntry": { - "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.LoRaWANUpdateGatewayTaskEntry", - "markdownDescription": "LoRaWANUpdateGatewayTaskEntry object.", - "title": "LoRaWANUpdateGatewayTaskEntry" + "DatastoreName": { + "markdownDescription": "The data store name.", + "title": "DatastoreName", + "type": "string" }, - "Name": { - "markdownDescription": "The name of the new resource.", - "title": "Name", + "KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) assigned to the Key Management Service (KMS) key for accessing encrypted data.", + "title": "KmsKeyArn", "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "The tags provided when creating a data store.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", "title": "Tags", - "type": "array" - }, - "TaskDefinitionType": { - "markdownDescription": "A filter to list only the wireless gateway task definitions that use this task definition type.", - "title": "TaskDefinitionType", - "type": "string" - }, - "Update": { - "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.UpdateWirelessGatewayTaskCreate", - "markdownDescription": "Information about the gateways to update.", - "title": "Update" + "type": "object" } }, - "required": [ - "AutoCreateTasks" - ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTWireless::TaskDefinition" + "AWS::HealthImaging::Datastore" ], "type": "string" }, @@ -132730,96 +138301,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::IoTWireless::TaskDefinition.LoRaWANGatewayVersion": { - "additionalProperties": false, - "properties": { - "Model": { - "markdownDescription": "The model number of the wireless gateway.", - "title": "Model", - "type": "string" - }, - "PackageVersion": { - "markdownDescription": "The version of the wireless gateway firmware.", - "title": "PackageVersion", - "type": "string" - }, - "Station": { - "markdownDescription": "The basic station version of the wireless gateway.", - "title": "Station", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoTWireless::TaskDefinition.LoRaWANUpdateGatewayTaskCreate": { - "additionalProperties": false, - "properties": { - "CurrentVersion": { - "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.LoRaWANGatewayVersion", - "markdownDescription": "The version of the gateways that should receive the update.", - "title": "CurrentVersion" - }, - "SigKeyCrc": { - "markdownDescription": "The CRC of the signature private key to check.", - "title": "SigKeyCrc", - "type": "number" - }, - "UpdateSignature": { - "markdownDescription": "The signature used to verify the update firmware.", - "title": "UpdateSignature", - "type": "string" - }, - "UpdateVersion": { - "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.LoRaWANGatewayVersion", - "markdownDescription": "The firmware version to update the gateway to.", - "title": "UpdateVersion" - } - }, - "type": "object" - }, - "AWS::IoTWireless::TaskDefinition.LoRaWANUpdateGatewayTaskEntry": { - "additionalProperties": false, - "properties": { - "CurrentVersion": { - "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.LoRaWANGatewayVersion", - "markdownDescription": "The version of the gateways that should receive the update.", - "title": "CurrentVersion" - }, - "UpdateVersion": { - "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.LoRaWANGatewayVersion", - "markdownDescription": "The firmware version to update the gateway to.", - "title": "UpdateVersion" - } - }, - "type": "object" - }, - "AWS::IoTWireless::TaskDefinition.UpdateWirelessGatewayTaskCreate": { - "additionalProperties": false, - "properties": { - "LoRaWAN": { - "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.LoRaWANUpdateGatewayTaskCreate", - "markdownDescription": "The properties that relate to the LoRaWAN wireless gateway.", - "title": "LoRaWAN" - }, - "UpdateDataRole": { - "markdownDescription": "The IAM role used to read data from the S3 bucket.", - "title": "UpdateDataRole", - "type": "string" - }, - "UpdateDataSource": { - "markdownDescription": "The link to the S3 bucket.", - "title": "UpdateDataSource", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoTWireless::WirelessDevice": { + "AWS::HealthLake::FHIRDatastore": { "additionalProperties": false, "properties": { "Condition": { @@ -132854,64 +138340,48 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the new resource. Maximum length is 2048.", - "title": "Description", - "type": "string" - }, - "DestinationName": { - "markdownDescription": "The name of the destination to assign to the new wireless device. Can have only have alphanumeric, - (hyphen) and _ (underscore) characters and it can't have any spaces.", - "title": "DestinationName", + "DatastoreName": { + "markdownDescription": "The data store name (user-generated).", + "title": "DatastoreName", "type": "string" }, - "LastUplinkReceivedAt": { - "markdownDescription": "The date and time when the most recent uplink was received.", - "title": "LastUplinkReceivedAt", + "DatastoreTypeVersion": { + "markdownDescription": "The FHIR release version supported by the data store. Current support is for version `R4` .", + "title": "DatastoreTypeVersion", "type": "string" }, - "LoRaWAN": { - "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.LoRaWANDevice", - "markdownDescription": "The device configuration information to use to create the wireless device. Must be at least one of OtaaV10x, OtaaV11, AbpV11, or AbpV10x.", - "title": "LoRaWAN" + "IdentityProviderConfiguration": { + "$ref": "#/definitions/AWS::HealthLake::FHIRDatastore.IdentityProviderConfiguration", + "markdownDescription": "The identity provider configuration selected when the data store was created.", + "title": "IdentityProviderConfiguration" }, - "Name": { - "markdownDescription": "The name of the new resource.", - "title": "Name", - "type": "string" + "PreloadDataConfig": { + "$ref": "#/definitions/AWS::HealthLake::FHIRDatastore.PreloadDataConfig", + "markdownDescription": "The preloaded Synthea data configuration for the data store.", + "title": "PreloadDataConfig" }, - "Positioning": { - "markdownDescription": "FPort values for the GNSS, Stream, and ClockSync functions of the positioning information.", - "title": "Positioning", - "type": "string" + "SseConfiguration": { + "$ref": "#/definitions/AWS::HealthLake::FHIRDatastore.SseConfiguration", + "markdownDescription": "The server-side encryption key configuration for a customer-provided encryption key specified for creating a data store.", + "title": "SseConfiguration" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" - }, - "ThingArn": { - "markdownDescription": "The ARN of the thing to associate with the wireless device.", - "title": "ThingArn", - "type": "string" - }, - "Type": { - "markdownDescription": "The wireless device type.", - "title": "Type", - "type": "string" } }, "required": [ - "DestinationName", - "Type" + "DatastoreTypeVersion" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTWireless::WirelessDevice" + "AWS::HealthLake::FHIRDatastore" ], "type": "string" }, @@ -132930,226 +138400,103 @@ ], "type": "object" }, - "AWS::IoTWireless::WirelessDevice.AbpV10x": { + "AWS::HealthLake::FHIRDatastore.CreatedAt": { "additionalProperties": false, "properties": { - "DevAddr": { - "markdownDescription": "The DevAddr value.", - "title": "DevAddr", - "type": "string" + "Nanos": { + "markdownDescription": "", + "title": "Nanos", + "type": "number" }, - "SessionKeys": { - "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.SessionKeysAbpV10x", - "markdownDescription": "Session keys for ABP v1.0.x.", - "title": "SessionKeys" - } - }, - "required": [ - "DevAddr", - "SessionKeys" - ], - "type": "object" - }, - "AWS::IoTWireless::WirelessDevice.AbpV11": { - "additionalProperties": false, - "properties": { - "DevAddr": { - "markdownDescription": "The DevAddr value.", - "title": "DevAddr", + "Seconds": { + "markdownDescription": "", + "title": "Seconds", "type": "string" - }, - "SessionKeys": { - "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.SessionKeysAbpV11", - "markdownDescription": "Session keys for ABP v1.1.", - "title": "SessionKeys" } }, "required": [ - "DevAddr", - "SessionKeys" + "Nanos", + "Seconds" ], "type": "object" }, - "AWS::IoTWireless::WirelessDevice.Application": { - "additionalProperties": false, - "properties": { - "DestinationName": { - "markdownDescription": "The name of the position data destination that describes the IoT rule that processes the device's position data.", - "title": "DestinationName", - "type": "string" - }, - "FPort": { - "markdownDescription": "The name of the new destination for the device.", - "title": "FPort", - "type": "number" - }, - "Type": { - "markdownDescription": "Application type, which can be specified to obtain real-time position information of your LoRaWAN device.", - "title": "Type", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoTWireless::WirelessDevice.FPorts": { - "additionalProperties": false, - "properties": { - "Applications": { - "items": { - "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.Application" - }, - "markdownDescription": "LoRaWAN application configuration, which can be used to perform geolocation.", - "title": "Applications", - "type": "array" - } - }, - "type": "object" - }, - "AWS::IoTWireless::WirelessDevice.LoRaWANDevice": { + "AWS::HealthLake::FHIRDatastore.IdentityProviderConfiguration": { "additionalProperties": false, "properties": { - "AbpV10x": { - "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.AbpV10x", - "markdownDescription": "ABP device object for LoRaWAN specification v1.0.x.", - "title": "AbpV10x" - }, - "AbpV11": { - "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.AbpV11", - "markdownDescription": "ABP device object for create APIs for v1.1.", - "title": "AbpV11" - }, - "DevEui": { - "markdownDescription": "The DevEUI value.", - "title": "DevEui", - "type": "string" - }, - "DeviceProfileId": { - "markdownDescription": "The ID of the device profile for the new wireless device.", - "title": "DeviceProfileId", + "AuthorizationStrategy": { + "markdownDescription": "The authorization strategy selected when the HealthLake data store is created.\n\n> HealthLake provides support for both SMART on FHIR V1 and V2 as described below.\n> \n> - `SMART_ON_FHIR_V1` \u2013 Support for only SMART on FHIR V1, which includes `read` (read/search) and `write` (create/update/delete) permissions.\n> - `SMART_ON_FHIR` \u2013 Support for both SMART on FHIR V1 and V2, which includes `create` , `read` , `update` , `delete` , and `search` permissions.\n> - `AWS_AUTH` \u2013 The default HealthLake authorization strategy; not affiliated with SMART on FHIR.", + "title": "AuthorizationStrategy", "type": "string" }, - "FPorts": { - "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.FPorts", - "markdownDescription": "List of FPort assigned for different LoRaWAN application packages to use.", - "title": "FPorts" - }, - "OtaaV10x": { - "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.OtaaV10x", - "markdownDescription": "OTAA device object for create APIs for v1.0.x", - "title": "OtaaV10x" - }, - "OtaaV11": { - "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.OtaaV11", - "markdownDescription": "OTAA device object for v1.1 for create APIs.", - "title": "OtaaV11" + "FineGrainedAuthorizationEnabled": { + "markdownDescription": "The parameter to enable SMART on FHIR fine-grained authorization for the data store.", + "title": "FineGrainedAuthorizationEnabled", + "type": "boolean" }, - "ServiceProfileId": { - "markdownDescription": "The ID of the service profile.", - "title": "ServiceProfileId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoTWireless::WirelessDevice.OtaaV10x": { - "additionalProperties": false, - "properties": { - "AppEui": { - "markdownDescription": "The AppEUI value. You specify this value when using LoRaWAN versions v1.0.2 or v1.0.3.", - "title": "AppEui", + "IdpLambdaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function to use to decode the access token created by the authorization server.", + "title": "IdpLambdaArn", "type": "string" }, - "AppKey": { - "markdownDescription": "The AppKey value.", - "title": "AppKey", + "Metadata": { + "markdownDescription": "The JSON metadata elements to use in your identity provider configuration. Required elements are listed based on the launch specification of the SMART application. For more information on all possible elements, see [Metadata](https://docs.aws.amazon.com/https://build.fhir.org/ig/HL7/smart-app-launch/conformance.html#metadata) in SMART's App Launch specification.\n\n`authorization_endpoint` : The URL to the OAuth2 authorization endpoint.\n\n`grant_types_supported` : An array of grant types that are supported at the token endpoint. You must provide at least one grant type option. Valid options are `authorization_code` and `client_credentials` .\n\n`token_endpoint` : The URL to the OAuth2 token endpoint.\n\n`capabilities` : An array of strings of the SMART capabilities that the authorization server supports.\n\n`code_challenge_methods_supported` : An array of strings of supported PKCE code challenge methods. You must include the `S256` method in the array of PKCE code challenge methods.", + "title": "Metadata", "type": "string" } }, "required": [ - "AppEui", - "AppKey" + "AuthorizationStrategy" ], "type": "object" }, - "AWS::IoTWireless::WirelessDevice.OtaaV11": { + "AWS::HealthLake::FHIRDatastore.KmsEncryptionConfig": { "additionalProperties": false, "properties": { - "AppKey": { - "markdownDescription": "The AppKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the AppKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", - "title": "AppKey", - "type": "string" - }, - "JoinEui": { - "markdownDescription": "The JoinEUI value.", - "title": "JoinEui", + "CmkType": { + "markdownDescription": "The type of customer-managed-key(CMK) used for encryption. The two types of supported CMKs are customer owned CMKs and Amazon owned CMKs. For more information on CMK types, see [KmsEncryptionConfig](https://docs.aws.amazon.com/healthlake/latest/APIReference/API_KmsEncryptionConfig.html#HealthLake-Type-KmsEncryptionConfig-CmkType) .", + "title": "CmkType", "type": "string" }, - "NwkKey": { - "markdownDescription": "The NwkKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the NwkKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", - "title": "NwkKey", + "KmsKeyId": { + "markdownDescription": "The Key Management Service (KMS) encryption key id/alias used to encrypt the data store contents at rest.", + "title": "KmsKeyId", "type": "string" } }, "required": [ - "AppKey", - "JoinEui", - "NwkKey" + "CmkType" ], "type": "object" }, - "AWS::IoTWireless::WirelessDevice.SessionKeysAbpV10x": { + "AWS::HealthLake::FHIRDatastore.PreloadDataConfig": { "additionalProperties": false, "properties": { - "AppSKey": { - "markdownDescription": "The AppSKey value.", - "title": "AppSKey", - "type": "string" - }, - "NwkSKey": { - "markdownDescription": "The NwkKey value.", - "title": "NwkSKey", + "PreloadDataType": { + "markdownDescription": "The type of preloaded data. Only Synthea preloaded data is supported.", + "title": "PreloadDataType", "type": "string" } }, "required": [ - "AppSKey", - "NwkSKey" + "PreloadDataType" ], "type": "object" }, - "AWS::IoTWireless::WirelessDevice.SessionKeysAbpV11": { + "AWS::HealthLake::FHIRDatastore.SseConfiguration": { "additionalProperties": false, "properties": { - "AppSKey": { - "markdownDescription": "The AppSKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the AppSKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", - "title": "AppSKey", - "type": "string" - }, - "FNwkSIntKey": { - "markdownDescription": "The FNwkSIntKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the FNwkSIntKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", - "title": "FNwkSIntKey", - "type": "string" - }, - "NwkSEncKey": { - "markdownDescription": "The NwkSEncKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the NwkSEncKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", - "title": "NwkSEncKey", - "type": "string" - }, - "SNwkSIntKey": { - "markdownDescription": "The SNwkSIntKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the SNwkSIntKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", - "title": "SNwkSIntKey", - "type": "string" + "KmsEncryptionConfig": { + "$ref": "#/definitions/AWS::HealthLake::FHIRDatastore.KmsEncryptionConfig", + "markdownDescription": "The server-side encryption key configuration for a customer provided encryption key.", + "title": "KmsEncryptionConfig" } }, "required": [ - "AppSKey", - "FNwkSIntKey", - "NwkSEncKey", - "SNwkSIntKey" + "KmsEncryptionConfig" ], "type": "object" }, - "AWS::IoTWireless::WirelessDeviceImportTask": { + "AWS::IAM::AccessKey": { "additionalProperties": false, "properties": { "Condition": { @@ -133184,34 +138531,30 @@ "Properties": { "additionalProperties": false, "properties": { - "DestinationName": { - "markdownDescription": "The name of the destination that describes the IoT rule to route messages from the Sidewalk devices in the import task to other applications.", - "title": "DestinationName", - "type": "string" + "Serial": { + "markdownDescription": "This value is specific to CloudFormation and can only be *incremented* . Incrementing this value notifies CloudFormation that you want to rotate your access key. When you update your stack, CloudFormation will replace the existing access key with a new key.", + "title": "Serial", + "type": "number" }, - "Sidewalk": { - "$ref": "#/definitions/AWS::IoTWireless::WirelessDeviceImportTask.Sidewalk", - "markdownDescription": "The Sidewalk-related information of the wireless device import task.", - "title": "Sidewalk" + "Status": { + "markdownDescription": "The status of the access key. `Active` means that the key is valid for API calls, while `Inactive` means it is not.", + "title": "Status", + "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Adds to or modifies the tags of the given resource. Tags are metadata that you can use to manage a resource.", - "title": "Tags", - "type": "array" + "UserName": { + "markdownDescription": "The name of the IAM user that the new key will belong to.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "UserName", + "type": "string" } }, "required": [ - "DestinationName", - "Sidewalk" + "UserName" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTWireless::WirelessDeviceImportTask" + "AWS::IAM::AccessKey" ], "type": "string" }, @@ -133230,36 +138573,7 @@ ], "type": "object" }, - "AWS::IoTWireless::WirelessDeviceImportTask.Sidewalk": { - "additionalProperties": false, - "properties": { - "DeviceCreationFile": { - "markdownDescription": "The CSV file contained in an S3 bucket that's used for adding devices to an import task.", - "title": "DeviceCreationFile", - "type": "string" - }, - "DeviceCreationFileList": { - "items": { - "type": "string" - }, - "markdownDescription": "List of Sidewalk devices that are added to the import task.", - "title": "DeviceCreationFileList", - "type": "array" - }, - "Role": { - "markdownDescription": "The IAM role that allows to access the CSV file in the S3 bucket.", - "title": "Role", - "type": "string" - }, - "SidewalkManufacturingSn": { - "markdownDescription": "The Sidewalk manufacturing serial number (SMSN) of the Sidewalk device.", - "title": "SidewalkManufacturingSn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoTWireless::WirelessGateway": { + "AWS::IAM::Group": { "additionalProperties": false, "properties": { "Condition": { @@ -133294,53 +138608,38 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the new resource. The maximum length is 2048 characters.", - "title": "Description", - "type": "string" - }, - "LastUplinkReceivedAt": { - "markdownDescription": "The date and time when the most recent uplink was received.", - "title": "LastUplinkReceivedAt", - "type": "string" - }, - "LoRaWAN": { - "$ref": "#/definitions/AWS::IoTWireless::WirelessGateway.LoRaWANGateway", - "markdownDescription": "The gateway configuration information to use to create the wireless gateway.", - "title": "LoRaWAN" - }, - "Name": { - "markdownDescription": "The name of the new resource.", - "title": "Name", + "GroupName": { + "markdownDescription": "The name of the group to create. Do not include the path in this value.\n\nThe group name must be unique within the account. Group names are not distinguished by case. For example, you cannot create groups named both \"ADMINS\" and \"admins\". If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the group name.\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name. \n\nIf you specify a name, you must specify the `CAPABILITY_NAMED_IAM` value to acknowledge your template's capabilities. For more information, see [Acknowledging IAM Resources in AWS CloudFormation Templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-template.html#using-iam-capabilities) .\n\n> Naming an IAM resource can cause an unrecoverable error if you reuse the same template in multiple Regions. To prevent this, we recommend using `Fn::Join` and `AWS::Region` to create a Region-specific name, as in the following example: `{\"Fn::Join\": [\"\", [{\"Ref\": \"AWS::Region\"}, {\"Ref\": \"MyResourceName\"}]]}` .", + "title": "GroupName", "type": "string" }, - "Tags": { + "ManagedPolicyArns": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", - "title": "Tags", + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM policy you want to attach.\n\nFor more information about ARNs, see [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* .", + "title": "ManagedPolicyArns", "type": "array" }, - "ThingArn": { - "markdownDescription": "The ARN of the thing to associate with the wireless gateway.", - "title": "ThingArn", + "Path": { + "markdownDescription": "The path to the group. For more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.", + "title": "Path", "type": "string" }, - "ThingName": { - "markdownDescription": "The name of the thing associated with the wireless gateway. The value is empty if a thing isn't associated with the gateway.", - "title": "ThingName", - "type": "string" + "Policies": { + "items": { + "$ref": "#/definitions/AWS::IAM::Group.Policy" + }, + "markdownDescription": "Adds or updates an inline policy document that is embedded in the specified IAM group. To view AWS::IAM::Group snippets, see [Declaring an IAM Group Resource](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-iam.html#scenario-iam-group) .\n\n> The name of each inline policy for a role, user, or group must be unique. If you don't choose unique names, updates to the IAM identity will fail. \n\nFor information about limits on the number of inline policies that you can embed in a group, see [Limitations on IAM Entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the *IAM User Guide* .", + "title": "Policies", + "type": "array" } }, - "required": [ - "LoRaWAN" - ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTWireless::WirelessGateway" + "AWS::IAM::Group" ], "type": "string" }, @@ -133354,32 +138653,31 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::IoTWireless::WirelessGateway.LoRaWANGateway": { + "AWS::IAM::Group.Policy": { "additionalProperties": false, "properties": { - "GatewayEui": { - "markdownDescription": "The gateway's EUI value.", - "title": "GatewayEui", - "type": "string" + "PolicyDocument": { + "markdownDescription": "The policy document.", + "title": "PolicyDocument", + "type": "object" }, - "RfRegion": { - "markdownDescription": "The frequency band (RFRegion) value.", - "title": "RfRegion", + "PolicyName": { + "markdownDescription": "The friendly name (not ARN) identifying the policy.", + "title": "PolicyName", "type": "string" } }, "required": [ - "GatewayEui", - "RfRegion" + "PolicyDocument", + "PolicyName" ], "type": "object" }, - "AWS::KMS::Alias": { + "AWS::IAM::GroupPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -133414,26 +138712,31 @@ "Properties": { "additionalProperties": false, "properties": { - "AliasName": { - "markdownDescription": "Specifies the alias name. This value must begin with `alias/` followed by a name, such as `alias/ExampleAlias` .\n\n> If you change the value of the `AliasName` property, the existing alias is deleted and a new alias is created for the specified KMS key. This change can disrupt applications that use the alias. It can also allow or deny access to a KMS key affected by attribute-based access control (ABAC). \n\nThe alias must be string of 1-256 characters. It can contain only alphanumeric characters, forward slashes (/), underscores (_), and dashes (-). The alias name cannot begin with `alias/aws/` . The `alias/aws/` prefix is reserved for [AWS managed keys](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk) .", - "title": "AliasName", + "GroupName": { + "markdownDescription": "The name of the group to associate the policy with.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-.", + "title": "GroupName", "type": "string" }, - "TargetKeyId": { - "markdownDescription": "Associates the alias with the specified [customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk) . The KMS key must be in the same AWS account and Region.\n\nA valid key ID is required. If you supply a null or empty string value, this operation returns an error.\n\nFor help finding the key ID and ARN, see [Finding the key ID and ARN](https://docs.aws.amazon.com/kms/latest/developerguide/viewing-keys.html#find-cmk-id-arn) in the *AWS Key Management Service Developer Guide* .\n\nSpecify the key ID or the key ARN of the KMS key.\n\nFor example:\n\n- Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key ARN: `arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n\nTo get the key ID and key ARN for a KMS key, use [ListKeys](https://docs.aws.amazon.com/kms/latest/APIReference/API_ListKeys.html) or [DescribeKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_DescribeKey.html) .", - "title": "TargetKeyId", + "PolicyDocument": { + "markdownDescription": "The policy document.\n\nYou must provide policies in JSON format in IAM. However, for AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it to IAM.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", + "title": "PolicyDocument", + "type": "object" + }, + "PolicyName": { + "markdownDescription": "The name of the policy document.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "PolicyName", "type": "string" } }, "required": [ - "AliasName", - "TargetKeyId" + "GroupName", + "PolicyName" ], "type": "object" }, "Type": { "enum": [ - "AWS::KMS::Alias" + "AWS::IAM::GroupPolicy" ], "type": "string" }, @@ -133452,7 +138755,7 @@ ], "type": "object" }, - "AWS::KMS::Key": { + "AWS::IAM::InstanceProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -133487,75 +138790,33 @@ "Properties": { "additionalProperties": false, "properties": { - "BypassPolicyLockoutSafetyCheck": { - "markdownDescription": "Skips (\"bypasses\") the key policy lockout safety check. The default value is false.\n\n> Setting this value to true increases the risk that the KMS key becomes unmanageable. Do not set this value to true indiscriminately.\n> \n> For more information, see [Default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policy-default.html#prevent-unmanageable-key) in the *AWS Key Management Service Developer Guide* . \n\nUse this parameter only when you intend to prevent the principal that is making the request from making a subsequent [PutKeyPolicy](https://docs.aws.amazon.com/kms/latest/APIReference/API_PutKeyPolicy.html) request on the KMS key.", - "title": "BypassPolicyLockoutSafetyCheck", - "type": "boolean" - }, - "Description": { - "markdownDescription": "A description of the KMS key. Use a description that helps you to distinguish this KMS key from others in the account, such as its intended use.", - "title": "Description", - "type": "string" - }, - "EnableKeyRotation": { - "markdownDescription": "Enables automatic rotation of the key material for the specified KMS key. By default, automatic key rotation is not enabled.\n\nAWS KMS supports automatic rotation only for symmetric encryption KMS keys ( `KeySpec` = `SYMMETRIC_DEFAULT` ). For asymmetric KMS keys, HMAC KMS keys, and KMS keys with Origin `EXTERNAL` , omit the `EnableKeyRotation` property or set it to `false` .\n\nTo enable automatic key rotation of the key material for a multi-Region KMS key, set `EnableKeyRotation` to `true` on the primary key (created by using `AWS::KMS::Key` ). AWS KMS copies the rotation status to all replica keys. For details, see [Rotating multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-manage.html#multi-region-rotate) in the *AWS Key Management Service Developer Guide* .\n\nWhen you enable automatic rotation, AWS KMS automatically creates new key material for the KMS key one year after the enable date and every year thereafter. AWS KMS retains all key material until you delete the KMS key. For detailed information about automatic key rotation, see [Rotating KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html) in the *AWS Key Management Service Developer Guide* .", - "title": "EnableKeyRotation", - "type": "boolean" - }, - "Enabled": { - "markdownDescription": "Specifies whether the KMS key is enabled. Disabled KMS keys cannot be used in cryptographic operations.\n\nWhen `Enabled` is `true` , the *key state* of the KMS key is `Enabled` . When `Enabled` is `false` , the key state of the KMS key is `Disabled` . The default value is `true` .\n\nThe actual key state of the KMS key might be affected by actions taken outside of CloudFormation, such as running the [EnableKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_EnableKey.html) , [DisableKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_DisableKey.html) , or [ScheduleKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_ScheduleKeyDeletion.html) operations.\n\nFor information about the key states of a KMS key, see [Key state: Effect on your KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) in the *AWS Key Management Service Developer Guide* .", - "title": "Enabled", - "type": "boolean" - }, - "KeyPolicy": { - "markdownDescription": "The key policy to attach to the KMS key.\n\nIf you provide a key policy, it must meet the following criteria:\n\n- The key policy must allow the caller to make a subsequent [PutKeyPolicy](https://docs.aws.amazon.com/kms/latest/APIReference/API_PutKeyPolicy.html) request on the KMS key. This reduces the risk that the KMS key becomes unmanageable. For more information, see [Default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) in the *AWS Key Management Service Developer Guide* . (To omit this condition, set `BypassPolicyLockoutSafetyCheck` to true.)\n- Each statement in the key policy must contain one or more principals. The principals in the key policy must exist and be visible to AWS KMS . When you create a new AWS principal (for example, an IAM user or role), you might need to enforce a delay before including the new principal in a key policy because the new principal might not be immediately visible to AWS KMS . For more information, see [Changes that I make are not always immediately visible](https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency) in the *AWS Identity and Access Management User Guide* .\n\nIf you do not provide a key policy, AWS KMS attaches a default key policy to the KMS key. For more information, see [Default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default) in the *AWS Key Management Service Developer Guide* .\n\nA key policy document can include only the following characters:\n\n- Printable ASCII characters\n- Printable characters in the Basic Latin and Latin-1 Supplement character set\n- The tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` ) special characters\n\n*Minimum* : `1`\n\n*Maximum* : `32768`", - "title": "KeyPolicy", - "type": "object" - }, - "KeySpec": { - "markdownDescription": "Specifies the type of KMS key to create. The default value, `SYMMETRIC_DEFAULT` , creates a KMS key with a 256-bit symmetric key for encryption and decryption. In China Regions, `SYMMETRIC_DEFAULT` creates a 128-bit symmetric key that uses SM4 encryption. You can't change the `KeySpec` value after the KMS key is created. For help choosing a key spec for your KMS key, see [Choosing a KMS key type](https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-choose.html) in the *AWS Key Management Service Developer Guide* .\n\nThe `KeySpec` property determines the type of key material in the KMS key and the algorithms that the KMS key supports. To further restrict the algorithms that can be used with the KMS key, use a condition key in its key policy or IAM policy. For more information, see [AWS KMS condition keys](https://docs.aws.amazon.com/kms/latest/developerguide/policy-conditions.html#conditions-kms) in the *AWS Key Management Service Developer Guide* .\n\n> If you change the value of the `KeySpec` property on an existing KMS key, the update request fails, regardless of the value of the [`UpdateReplacePolicy` attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html) . This prevents you from accidentally deleting a KMS key by changing an immutable property value. > [AWS services that are integrated with AWS KMS](https://docs.aws.amazon.com/kms/features/#AWS_Service_Integration) use symmetric encryption KMS keys to protect your data. These services do not support encryption with asymmetric KMS keys. For help determining whether a KMS key is asymmetric, see [Identifying asymmetric KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/find-symm-asymm.html) in the *AWS Key Management Service Developer Guide* . \n\nAWS KMS supports the following key specs for KMS keys:\n\n- Symmetric encryption key (default)\n\n- `SYMMETRIC_DEFAULT` (AES-256-GCM)\n- HMAC keys (symmetric)\n\n- `HMAC_224`\n- `HMAC_256`\n- `HMAC_384`\n- `HMAC_512`\n- Asymmetric RSA key pairs (encryption and decryption *or* signing and verification)\n\n- `RSA_2048`\n- `RSA_3072`\n- `RSA_4096`\n- Asymmetric NIST-recommended elliptic curve key pairs (signing and verification *or* deriving shared secrets)\n\n- `ECC_NIST_P256` (secp256r1)\n- `ECC_NIST_P384` (secp384r1)\n- `ECC_NIST_P521` (secp521r1)\n- Other asymmetric elliptic curve key pairs (signing and verification)\n\n- `ECC_SECG_P256K1` (secp256k1), commonly used for cryptocurrencies.\n- SM2 key pairs (encryption and decryption *or* signing and verification *or* deriving shared secrets)\n\n- `SM2` (China Regions only)", - "title": "KeySpec", - "type": "string" - }, - "KeyUsage": { - "markdownDescription": "Determines the [cryptographic operations](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations) for which you can use the KMS key. The default value is `ENCRYPT_DECRYPT` . This property is required for asymmetric KMS keys and HMAC KMS keys. You can't change the `KeyUsage` value after the KMS key is created.\n\n> If you change the value of the `KeyUsage` property on an existing KMS key, the update request fails, regardless of the value of the [`UpdateReplacePolicy` attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html) . This prevents you from accidentally deleting a KMS key by changing an immutable property value. \n\nSelect only one valid value.\n\n- For symmetric encryption KMS keys, omit the parameter or specify `ENCRYPT_DECRYPT` .\n- For HMAC KMS keys (symmetric), specify `GENERATE_VERIFY_MAC` .\n- For asymmetric KMS keys with RSA key pairs, specify `ENCRYPT_DECRYPT` or `SIGN_VERIFY` .\n- For asymmetric KMS keys with NIST-recommended elliptic curve key pairs, specify `SIGN_VERIFY` or `KEY_AGREEMENT` .\n- For asymmetric KMS keys with `ECC_SECG_P256K1` key pairs specify `SIGN_VERIFY` .\n- For asymmetric KMS keys with SM2 key pairs (China Regions only), specify `ENCRYPT_DECRYPT` , `SIGN_VERIFY` , or `KEY_AGREEMENT` .", - "title": "KeyUsage", + "InstanceProfileName": { + "markdownDescription": "The name of the instance profile to create.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "InstanceProfileName", "type": "string" }, - "MultiRegion": { - "markdownDescription": "Creates a multi-Region primary key that you can replicate in other AWS Regions . You can't change the `MultiRegion` value after the KMS key is created.\n\nFor a list of AWS Regions in which multi-Region keys are supported, see [Multi-Region keys in AWS KMS](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the ** .\n\n> If you change the value of the `MultiRegion` property on an existing KMS key, the update request fails, regardless of the value of the [`UpdateReplacePolicy` attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html) . This prevents you from accidentally deleting a KMS key by changing an immutable property value. \n\nFor a multi-Region key, set to this property to `true` . For a single-Region key, omit this property or set it to `false` . The default value is `false` .\n\n*Multi-Region keys* are an AWS KMS feature that lets you create multiple interoperable KMS keys in different AWS Regions . Because these KMS keys have the same key ID, key material, and other metadata, you can use them to encrypt data in one AWS Region and decrypt it in a different AWS Region without making a cross-Region call or exposing the plaintext data. For more information, see [Multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the *AWS Key Management Service Developer Guide* .\n\nYou can create a symmetric encryption, HMAC, or asymmetric multi-Region KMS key, and you can create a multi-Region key with imported key material. However, you cannot create a multi-Region key in a custom key store.\n\nTo create a replica of this primary key in a different AWS Region , create an [AWS::KMS::ReplicaKey](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kms-replicakey.html) resource in a CloudFormation stack in the replica Region. Specify the key ARN of this primary key.", - "title": "MultiRegion", - "type": "boolean" - }, - "Origin": { - "markdownDescription": "The source of the key material for the KMS key. You cannot change the origin after you create the KMS key. The default is `AWS_KMS` , which means that AWS KMS creates the key material.\n\nTo [create a KMS key with no key material](https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys-create-cmk.html) (for imported key material), set this value to `EXTERNAL` . For more information about importing key material into AWS KMS , see [Importing Key Material](https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html) in the *AWS Key Management Service Developer Guide* .\n\nYou can ignore `ENABLED` when Origin is `EXTERNAL` . When a KMS key with Origin `EXTERNAL` is created, the key state is `PENDING_IMPORT` and `ENABLED` is `false` . After you import the key material, `ENABLED` updated to `true` . The KMS key can then be used for Cryptographic Operations.\n\n> AWS CloudFormation doesn't support creating an `Origin` parameter of the `AWS_CLOUDHSM` or `EXTERNAL_KEY_STORE` values.", - "title": "Origin", + "Path": { + "markdownDescription": "The path to the instance profile. For more information about paths, see [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.", + "title": "Path", "type": "string" }, - "PendingWindowInDays": { - "markdownDescription": "Specifies the number of days in the waiting period before AWS KMS deletes a KMS key that has been removed from a CloudFormation stack. Enter a value between 7 and 30 days. The default value is 30 days.\n\nWhen you remove a KMS key from a CloudFormation stack, AWS KMS schedules the KMS key for deletion and starts the mandatory waiting period. The `PendingWindowInDays` property determines the length of waiting period. During the waiting period, the key state of KMS key is `Pending Deletion` or `Pending Replica Deletion` , which prevents the KMS key from being used in cryptographic operations. When the waiting period expires, AWS KMS permanently deletes the KMS key.\n\nAWS KMS will not delete a [multi-Region primary key](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) that has replica keys. If you remove a multi-Region primary key from a CloudFormation stack, its key state changes to `PendingReplicaDeletion` so it cannot be replicated or used in cryptographic operations. This state can persist indefinitely. When the last of its replica keys is deleted, the key state of the primary key changes to `PendingDeletion` and the waiting period specified by `PendingWindowInDays` begins. When this waiting period expires, AWS KMS deletes the primary key. For details, see [Deleting multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-delete.html) in the *AWS Key Management Service Developer Guide* .\n\nYou cannot use a CloudFormation template to cancel deletion of the KMS key after you remove it from the stack, regardless of the waiting period. If you specify a KMS key in your template, even one with the same name, CloudFormation creates a new KMS key. To cancel deletion of a KMS key, use the AWS KMS console or the [CancelKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_CancelKeyDeletion.html) operation.\n\nFor information about the `Pending Deletion` and `Pending Replica Deletion` key states, see [Key state: Effect on your KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) in the *AWS Key Management Service Developer Guide* . For more information about deleting KMS keys, see the [ScheduleKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_ScheduleKeyDeletion.html) operation in the *AWS Key Management Service API Reference* and [Deleting KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/deleting-keys.html) in the *AWS Key Management Service Developer Guide* .", - "title": "PendingWindowInDays", - "type": "number" - }, - "RotationPeriodInDays": { - "markdownDescription": "Specifies a custom period of time between each rotation date. If no value is specified, the default value is 365 days.\n\nThe rotation period defines the number of days after you enable automatic key rotation that AWS KMS will rotate your key material, and the number of days between each automatic rotation thereafter.\n\nYou can use the [`kms:RotationPeriodInDays`](https://docs.aws.amazon.com/kms/latest/developerguide/conditions-kms.html#conditions-kms-rotation-period-in-days) condition key to further constrain the values that principals can specify in the `RotationPeriodInDays` parameter.\n\nFor more information about rotating KMS keys and automatic rotation, see [Rotating keys](https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html) in the *AWS Key Management Service Developer Guide* .", - "title": "RotationPeriodInDays", - "type": "number" - }, - "Tags": { + "Roles": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "Assigns one or more tags to the replica key.\n\n> Tagging or untagging a KMS key can allow or deny permission to the KMS key. For details, see [ABAC for AWS KMS](https://docs.aws.amazon.com/kms/latest/developerguide/abac.html) in the *AWS Key Management Service Developer Guide* . \n\nFor information about tags in AWS KMS , see [Tagging keys](https://docs.aws.amazon.com/kms/latest/developerguide/tagging-keys.html) in the *AWS Key Management Service Developer Guide* . For information about tags in CloudFormation, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", + "markdownDescription": "The name of the role to associate with the instance profile. Only one role can be assigned to an EC2 instance at a time, and all applications on the instance share the same role and permissions.", + "title": "Roles", "type": "array" } }, + "required": [ + "Roles" + ], "type": "object" }, "Type": { "enum": [ - "AWS::KMS::Key" + "AWS::IAM::InstanceProfile" ], "type": "string" }, @@ -133569,11 +138830,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::KMS::ReplicaKey": { + "AWS::IAM::ManagedPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -133609,48 +138871,58 @@ "additionalProperties": false, "properties": { "Description": { - "markdownDescription": "A description of the KMS key.\n\nThe default value is an empty string (no description).\n\nThe description is not a shared property of multi-Region keys. You can specify the same description or a different description for each key in a set of related multi-Region keys. AWS Key Management Service does not synchronize this property.", + "markdownDescription": "A friendly description of the policy.\n\nTypically used to store information about the permissions defined in the policy. For example, \"Grants access to production DynamoDB tables.\"\n\nThe policy description is immutable. After a value is assigned, it cannot be changed.", "title": "Description", "type": "string" }, - "Enabled": { - "markdownDescription": "Specifies whether the replica key is enabled. Disabled KMS keys cannot be used in cryptographic operations.\n\nWhen `Enabled` is `true` , the *key state* of the KMS key is `Enabled` . When `Enabled` is `false` , the key state of the KMS key is `Disabled` . The default value is `true` .\n\nThe actual key state of the replica might be affected by actions taken outside of CloudFormation, such as running the [EnableKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_EnableKey.html) , [DisableKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_DisableKey.html) , or [ScheduleKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_ScheduleKeyDeletion.html) operations. Also, while the replica key is being created, its key state is `Creating` . When the process is complete, the key state of the replica key changes to `Enabled` .\n\nFor information about the key states of a KMS key, see [Key state: Effect on your KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) in the *AWS Key Management Service Developer Guide* .", - "title": "Enabled", - "type": "boolean" - }, - "KeyPolicy": { - "markdownDescription": "The key policy that authorizes use of the replica key.\n\nThe key policy is not a shared property of multi-Region keys. You can specify the same key policy or a different key policy for each key in a set of related multi-Region keys. AWS KMS does not synchronize this property.\n\nThe key policy must conform to the following rules.\n\n- The key policy must give the caller [PutKeyPolicy](https://docs.aws.amazon.com/kms/latest/APIReference/API_PutKeyPolicy.html) permission on the KMS key. This reduces the risk that the KMS key becomes unmanageable. For more information, refer to the scenario in the [Default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) section of the **AWS Key Management Service Developer Guide** .\n- Each statement in the key policy must contain one or more principals. The principals in the key policy must exist and be visible to AWS KMS . When you create a new AWS principal (for example, an IAM user or role), you might need to enforce a delay before including the new principal in a key policy because the new principal might not be immediately visible to AWS KMS . For more information, see [Changes that I make are not always immediately visible](https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency) in the *AWS Identity and Access Management User Guide* .\n\nA key policy document can include only the following characters:\n\n- Printable ASCII characters from the space character ( `\\u0020` ) through the end of the ASCII character range.\n- Printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` ).\n- The tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` ) special characters\n\n*Minimum* : `1`\n\n*Maximum* : `32768`", - "title": "KeyPolicy", - "type": "object" + "Groups": { + "items": { + "type": "string" + }, + "markdownDescription": "The name (friendly name, not ARN) of the group to attach the policy to.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "Groups", + "type": "array" }, - "PendingWindowInDays": { - "markdownDescription": "Specifies the number of days in the waiting period before AWS KMS deletes a replica key that has been removed from a CloudFormation stack. Enter a value between 7 and 30 days. The default value is 30 days.\n\nWhen you remove a replica key from a CloudFormation stack, AWS KMS schedules the replica key for deletion and starts the mandatory waiting period. The `PendingWindowInDays` property determines the length of waiting period. During the waiting period, the key state of replica key is `Pending Deletion` , which prevents it from being used in cryptographic operations. When the waiting period expires, AWS KMS permanently deletes the replica key.\n\nIf the KMS key is a multi-Region primary key with replica keys, the waiting period begins when the last of its replica keys is deleted. Otherwise, the waiting period begins immediately.\n\nYou cannot use a CloudFormation template to cancel deletion of the replica after you remove it from the stack, regardless of the waiting period. However, if you specify a replica key in your template that is based on the same primary key as the original replica key, CloudFormation creates a new replica key with the same key ID, key material, and other shared properties of the original replica key. This new replica key can decrypt ciphertext that was encrypted under the original replica key, or any related multi-Region key.\n\nFor detailed information about deleting multi-Region keys, see [Deleting multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-delete.html) in the *AWS Key Management Service Developer Guide* .\n\nFor information about the `PendingDeletion` key state, see [Key state: Effect on your KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) in the *AWS Key Management Service Developer Guide* . For more information about deleting KMS keys, see the [ScheduleKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_ScheduleKeyDeletion.html) operation in the *AWS Key Management Service API Reference* and [Deleting KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/deleting-keys.html) in the *AWS Key Management Service Developer Guide* .", - "title": "PendingWindowInDays", - "type": "number" + "ManagedPolicyName": { + "markdownDescription": "The friendly name of the policy.\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name. \n\nIf you specify a name, you must specify the `CAPABILITY_NAMED_IAM` value to acknowledge your template's capabilities. For more information, see [Acknowledging IAM Resources in AWS CloudFormation Templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-template.html#using-iam-capabilities) .\n\n> Naming an IAM resource can cause an unrecoverable error if you reuse the same template in multiple Regions. To prevent this, we recommend using `Fn::Join` and `AWS::Region` to create a Region-specific name, as in the following example: `{\"Fn::Join\": [\"\", [{\"Ref\": \"AWS::Region\"}, {\"Ref\": \"MyResourceName\"}]]}` .", + "title": "ManagedPolicyName", + "type": "string" }, - "PrimaryKeyArn": { - "markdownDescription": "Specifies the multi-Region primary key to replicate. The primary key must be in a different AWS Region of the same AWS partition. You can create only one replica of a given primary key in each AWS Region .\n\n> If you change the `PrimaryKeyArn` value of a replica key, the existing replica key is scheduled for deletion and a new replica key is created based on the specified primary key. While it is scheduled for deletion, the existing replica key becomes unusable. You can cancel the scheduled deletion of the key outside of CloudFormation.\n> \n> However, if you inadvertently delete a replica key, you can decrypt ciphertext encrypted by that replica key by using any related multi-Region key. If necessary, you can recreate the replica in the same Region after the previous one is completely deleted. For details, see [Deleting multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-delete.html) in the *AWS Key Management Service Developer Guide* \n\nSpecify the key ARN of an existing multi-Region primary key. For example, `arn:aws:kms:us-east-2:111122223333:key/mrk-1234abcd12ab34cd56ef1234567890ab` .", - "title": "PrimaryKeyArn", + "Path": { + "markdownDescription": "The path for the policy.\n\nFor more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.\n\n> You cannot use an asterisk (*) in the path name.", + "title": "Path", "type": "string" }, - "Tags": { + "PolicyDocument": { + "markdownDescription": "The JSON policy document that you want to use as the content for the new policy.\n\nYou must provide policies in JSON format in IAM. However, for AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it to IAM.\n\nThe maximum length of the policy document that you can pass in this operation, including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see [IAM and AWS STS character quotas](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length) .\n\nTo learn more about JSON policy grammar, see [Grammar of the IAM JSON policy language](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_grammar.html) in the *IAM User Guide* .\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", + "title": "PolicyDocument", + "type": "object" + }, + "Roles": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "Assigns one or more tags to the replica key.\n\n> Tagging or untagging a KMS key can allow or deny permission to the KMS key. For details, see [ABAC for AWS KMS](https://docs.aws.amazon.com/kms/latest/developerguide/abac.html) in the *AWS Key Management Service Developer Guide* . \n\nTags are not a shared property of multi-Region keys. You can specify the same tags or different tags for each key in a set of related multi-Region keys. AWS KMS does not synchronize this property.\n\nEach tag consists of a tag key and a tag value. Both the tag key and the tag value are required, but the tag value can be an empty (null) string. You cannot have more than one tag on a KMS key with the same tag key. If you specify an existing tag key with a different tag value, AWS KMS replaces the current tag value with the specified one.\n\nWhen you assign tags to an AWS resource, AWS generates a cost allocation report with usage and costs aggregated by tags. Tags can also be used to control access to a KMS key. For details, see [Tagging keys](https://docs.aws.amazon.com/kms/latest/developerguide/tagging-keys.html) .", - "title": "Tags", + "markdownDescription": "The name (friendly name, not ARN) of the role to attach the policy to.\n\nThis parameter allows (per its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-\n\n> If an external policy (such as `AWS::IAM::Policy` or `AWS::IAM::ManagedPolicy` ) has a `Ref` to a role and if a resource (such as `AWS::ECS::Service` ) also has a `Ref` to the same role, add a `DependsOn` attribute to the resource to make the resource depend on the external policy. This dependency ensures that the role's policy is available throughout the resource's lifecycle. For example, when you delete a stack with an `AWS::ECS::Service` resource, the `DependsOn` attribute ensures that AWS CloudFormation deletes the `AWS::ECS::Service` resource before deleting its role's policy.", + "title": "Roles", + "type": "array" + }, + "Users": { + "items": { + "type": "string" + }, + "markdownDescription": "The name (friendly name, not ARN) of the IAM user to attach the policy to.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "Users", "type": "array" } }, "required": [ - "KeyPolicy", - "PrimaryKeyArn" + "PolicyDocument" ], "type": "object" }, "Type": { "enum": [ - "AWS::KMS::ReplicaKey" + "AWS::IAM::ManagedPolicy" ], "type": "string" }, @@ -133669,7 +138941,7 @@ ], "type": "object" }, - "AWS::KafkaConnect::Connector": { + "AWS::IAM::OIDCProvider": { "additionalProperties": false, "properties": { "Condition": { @@ -133704,100 +138976,41 @@ "Properties": { "additionalProperties": false, "properties": { - "Capacity": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.Capacity", - "markdownDescription": "The connector's compute capacity settings.", - "title": "Capacity" - }, - "ConnectorConfiguration": { - "additionalProperties": true, - "markdownDescription": "The configuration of the connector.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "ConnectorConfiguration", - "type": "object" - }, - "ConnectorDescription": { - "markdownDescription": "The description of the connector.", - "title": "ConnectorDescription", - "type": "string" - }, - "ConnectorName": { - "markdownDescription": "The name of the connector.\n\nThe connector name must be unique and can include up to 128 characters. Valid characters you can include in a connector name are: a-z, A-Z, 0-9, and -.", - "title": "ConnectorName", - "type": "string" - }, - "KafkaCluster": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.KafkaCluster", - "markdownDescription": "The details of the Apache Kafka cluster to which the connector is connected.", - "title": "KafkaCluster" - }, - "KafkaClusterClientAuthentication": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.KafkaClusterClientAuthentication", - "markdownDescription": "The type of client authentication used to connect to the Apache Kafka cluster. The value is NONE when no client authentication is used.", - "title": "KafkaClusterClientAuthentication" - }, - "KafkaClusterEncryptionInTransit": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.KafkaClusterEncryptionInTransit", - "markdownDescription": "Details of encryption in transit to the Apache Kafka cluster.", - "title": "KafkaClusterEncryptionInTransit" - }, - "KafkaConnectVersion": { - "markdownDescription": "The version of Kafka Connect. It has to be compatible with both the Apache Kafka cluster's version and the plugins.", - "title": "KafkaConnectVersion", - "type": "string" - }, - "LogDelivery": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.LogDelivery", - "markdownDescription": "The settings for delivering connector logs to Amazon CloudWatch Logs.", - "title": "LogDelivery" - }, - "Plugins": { + "ClientIdList": { "items": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.Plugin" + "type": "string" }, - "markdownDescription": "Specifies which plugin to use for the connector. You must specify a single-element list. Amazon MSK Connect does not currently support specifying multiple plugins.", - "title": "Plugins", + "markdownDescription": "A list of client IDs (also known as audiences) that are associated with the specified IAM OIDC provider resource object. For more information, see [CreateOpenIDConnectProvider](https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateOpenIDConnectProvider.html) .", + "title": "ClientIdList", "type": "array" }, - "ServiceExecutionRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role used by the connector to access Amazon Web Services resources.", - "title": "ServiceExecutionRoleArn", - "type": "string" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "", + "markdownDescription": "A list of tags that are attached to the specified IAM OIDC provider. The returned list of tags is sorted by tag key. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .", "title": "Tags", "type": "array" }, - "WorkerConfiguration": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.WorkerConfiguration", - "markdownDescription": "The worker configurations that are in use with the connector.", - "title": "WorkerConfiguration" + "ThumbprintList": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of certificate thumbprints that are associated with the specified IAM OIDC provider resource object. For more information, see [CreateOpenIDConnectProvider](https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateOpenIDConnectProvider.html) .\n\nThis property is optional. If it is not included, IAM will retrieve and use the top intermediate certificate authority (CA) thumbprint of the OpenID Connect identity provider server certificate.", + "title": "ThumbprintList", + "type": "array" + }, + "Url": { + "markdownDescription": "The URL that the IAM OIDC provider resource object is associated with. For more information, see [CreateOpenIDConnectProvider](https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateOpenIDConnectProvider.html) .", + "title": "Url", + "type": "string" } }, - "required": [ - "Capacity", - "ConnectorConfiguration", - "ConnectorName", - "KafkaCluster", - "KafkaClusterClientAuthentication", - "KafkaClusterEncryptionInTransit", - "KafkaConnectVersion", - "Plugins", - "ServiceExecutionRoleArn" - ], "type": "object" }, "Type": { "enum": [ - "AWS::KafkaConnect::Connector" + "AWS::IAM::OIDCProvider" ], "type": "string" }, @@ -133811,352 +139024,108 @@ } }, "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::KafkaConnect::Connector.ApacheKafkaCluster": { - "additionalProperties": false, - "properties": { - "BootstrapServers": { - "markdownDescription": "The bootstrap servers of the cluster.", - "title": "BootstrapServers", - "type": "string" - }, - "Vpc": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.Vpc", - "markdownDescription": "Details of an Amazon VPC which has network connectivity to the Apache Kafka cluster.", - "title": "Vpc" - } - }, - "required": [ - "BootstrapServers", - "Vpc" - ], - "type": "object" - }, - "AWS::KafkaConnect::Connector.AutoScaling": { - "additionalProperties": false, - "properties": { - "MaxWorkerCount": { - "markdownDescription": "The maximum number of workers allocated to the connector.", - "title": "MaxWorkerCount", - "type": "number" - }, - "McuCount": { - "markdownDescription": "The number of microcontroller units (MCUs) allocated to each connector worker. The valid values are 1,2,4,8.", - "title": "McuCount", - "type": "number" - }, - "MinWorkerCount": { - "markdownDescription": "The minimum number of workers allocated to the connector.", - "title": "MinWorkerCount", - "type": "number" - }, - "ScaleInPolicy": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.ScaleInPolicy", - "markdownDescription": "The sacle-in policy for the connector.", - "title": "ScaleInPolicy" - }, - "ScaleOutPolicy": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.ScaleOutPolicy", - "markdownDescription": "The sacle-out policy for the connector.", - "title": "ScaleOutPolicy" - } - }, - "required": [ - "MaxWorkerCount", - "McuCount", - "MinWorkerCount", - "ScaleInPolicy", - "ScaleOutPolicy" - ], - "type": "object" - }, - "AWS::KafkaConnect::Connector.Capacity": { - "additionalProperties": false, - "properties": { - "AutoScaling": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.AutoScaling", - "markdownDescription": "Information about the auto scaling parameters for the connector.", - "title": "AutoScaling" - }, - "ProvisionedCapacity": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.ProvisionedCapacity", - "markdownDescription": "Details about a fixed capacity allocated to a connector.", - "title": "ProvisionedCapacity" - } - }, - "type": "object" - }, - "AWS::KafkaConnect::Connector.CloudWatchLogsLogDelivery": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Whether log delivery to Amazon CloudWatch Logs is enabled.", - "title": "Enabled", - "type": "boolean" - }, - "LogGroup": { - "markdownDescription": "The name of the CloudWatch log group that is the destination for log delivery.", - "title": "LogGroup", - "type": "string" - } - }, - "required": [ - "Enabled" - ], - "type": "object" - }, - "AWS::KafkaConnect::Connector.CustomPlugin": { - "additionalProperties": false, - "properties": { - "CustomPluginArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the custom plugin.", - "title": "CustomPluginArn", - "type": "string" - }, - "Revision": { - "markdownDescription": "The revision of the custom plugin.", - "title": "Revision", - "type": "number" - } - }, - "required": [ - "CustomPluginArn", - "Revision" + "Type" ], "type": "object" }, - "AWS::KafkaConnect::Connector.FirehoseLogDelivery": { + "AWS::IAM::Policy": { "additionalProperties": false, "properties": { - "DeliveryStream": { - "markdownDescription": "The name of the Kinesis Data Firehose delivery stream that is the destination for log delivery.", - "title": "DeliveryStream", + "Condition": { "type": "string" }, - "Enabled": { - "markdownDescription": "Specifies whether connector logs get delivered to Amazon Kinesis Data Firehose.", - "title": "Enabled", - "type": "boolean" - } - }, - "required": [ - "Enabled" - ], - "type": "object" - }, - "AWS::KafkaConnect::Connector.KafkaCluster": { - "additionalProperties": false, - "properties": { - "ApacheKafkaCluster": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.ApacheKafkaCluster", - "markdownDescription": "The Apache Kafka cluster to which the connector is connected.", - "title": "ApacheKafkaCluster" - } - }, - "required": [ - "ApacheKafkaCluster" - ], - "type": "object" - }, - "AWS::KafkaConnect::Connector.KafkaClusterClientAuthentication": { - "additionalProperties": false, - "properties": { - "AuthenticationType": { - "markdownDescription": "The type of client authentication used to connect to the Apache Kafka cluster. Value NONE means that no client authentication is used.", - "title": "AuthenticationType", - "type": "string" - } - }, - "required": [ - "AuthenticationType" - ], - "type": "object" - }, - "AWS::KafkaConnect::Connector.KafkaClusterEncryptionInTransit": { - "additionalProperties": false, - "properties": { - "EncryptionType": { - "markdownDescription": "The type of encryption in transit to the Apache Kafka cluster.", - "title": "EncryptionType", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "required": [ - "EncryptionType" - ], - "type": "object" - }, - "AWS::KafkaConnect::Connector.LogDelivery": { - "additionalProperties": false, - "properties": { - "WorkerLogDelivery": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.WorkerLogDelivery", - "markdownDescription": "The workers can send worker logs to different destination types. This configuration specifies the details of these destinations.", - "title": "WorkerLogDelivery" - } - }, - "required": [ - "WorkerLogDelivery" - ], - "type": "object" - }, - "AWS::KafkaConnect::Connector.Plugin": { - "additionalProperties": false, - "properties": { - "CustomPlugin": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.CustomPlugin", - "markdownDescription": "Details about a custom plugin.", - "title": "CustomPlugin" - } - }, - "required": [ - "CustomPlugin" - ], - "type": "object" - }, - "AWS::KafkaConnect::Connector.ProvisionedCapacity": { - "additionalProperties": false, - "properties": { - "McuCount": { - "markdownDescription": "The number of microcontroller units (MCUs) allocated to each connector worker. The valid values are 1,2,4,8.", - "title": "McuCount", - "type": "number" }, - "WorkerCount": { - "markdownDescription": "The number of workers that are allocated to the connector.", - "title": "WorkerCount", - "type": "number" - } - }, - "required": [ - "WorkerCount" - ], - "type": "object" - }, - "AWS::KafkaConnect::Connector.S3LogDelivery": { - "additionalProperties": false, - "properties": { - "Bucket": { - "markdownDescription": "The name of the S3 bucket that is the destination for log delivery.", - "title": "Bucket", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Enabled": { - "markdownDescription": "Specifies whether connector logs get sent to the specified Amazon S3 destination.", - "title": "Enabled", - "type": "boolean" + "Metadata": { + "type": "object" }, - "Prefix": { - "markdownDescription": "The S3 prefix that is the destination for log delivery.", - "title": "Prefix", - "type": "string" - } - }, - "required": [ - "Enabled" - ], - "type": "object" - }, - "AWS::KafkaConnect::Connector.ScaleInPolicy": { - "additionalProperties": false, - "properties": { - "CpuUtilizationPercentage": { - "markdownDescription": "Specifies the CPU utilization percentage threshold at which you want connector scale in to be triggered.", - "title": "CpuUtilizationPercentage", - "type": "number" - } - }, - "required": [ - "CpuUtilizationPercentage" - ], - "type": "object" - }, - "AWS::KafkaConnect::Connector.ScaleOutPolicy": { - "additionalProperties": false, - "properties": { - "CpuUtilizationPercentage": { - "markdownDescription": "The CPU utilization percentage threshold at which you want connector scale out to be triggered.", - "title": "CpuUtilizationPercentage", - "type": "number" - } - }, - "required": [ - "CpuUtilizationPercentage" - ], - "type": "object" - }, - "AWS::KafkaConnect::Connector.Vpc": { - "additionalProperties": false, - "properties": { - "SecurityGroups": { - "items": { - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Groups": { + "items": { + "type": "string" + }, + "markdownDescription": "The name of the group to associate the policy with.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-.", + "title": "Groups", + "type": "array" + }, + "PolicyDocument": { + "markdownDescription": "The policy document.\n\nYou must provide policies in JSON format in IAM. However, for AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it to IAM.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", + "title": "PolicyDocument", + "type": "object" + }, + "PolicyName": { + "markdownDescription": "The name of the policy document.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "PolicyName", + "type": "string" + }, + "Roles": { + "items": { + "type": "string" + }, + "markdownDescription": "The name of the role to associate the policy with.\n\nThis parameter allows (per its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-\n\n> If an external policy (such as `AWS::IAM::Policy` or `AWS::IAM::ManagedPolicy` ) has a `Ref` to a role and if a resource (such as `AWS::ECS::Service` ) also has a `Ref` to the same role, add a `DependsOn` attribute to the resource to make the resource depend on the external policy. This dependency ensures that the role's policy is available throughout the resource's lifecycle. For example, when you delete a stack with an `AWS::ECS::Service` resource, the `DependsOn` attribute ensures that AWS CloudFormation deletes the `AWS::ECS::Service` resource before deleting its role's policy.", + "title": "Roles", + "type": "array" + }, + "Users": { + "items": { + "type": "string" + }, + "markdownDescription": "The name of the user to associate the policy with.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "Users", + "type": "array" + } }, - "markdownDescription": "The security group IDs for the connector.", - "title": "SecurityGroups", - "type": "array" + "required": [ + "PolicyDocument", + "PolicyName" + ], + "type": "object" }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "The subnets for the connector.", - "title": "Subnets", - "type": "array" - } - }, - "required": [ - "SecurityGroups", - "Subnets" - ], - "type": "object" - }, - "AWS::KafkaConnect::Connector.WorkerConfiguration": { - "additionalProperties": false, - "properties": { - "Revision": { - "markdownDescription": "The revision of the worker configuration.", - "title": "Revision", - "type": "number" + "Type": { + "enum": [ + "AWS::IAM::Policy" + ], + "type": "string" }, - "WorkerConfigurationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the worker configuration.", - "title": "WorkerConfigurationArn", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Revision", - "WorkerConfigurationArn" + "Type", + "Properties" ], "type": "object" }, - "AWS::KafkaConnect::Connector.WorkerLogDelivery": { - "additionalProperties": false, - "properties": { - "CloudWatchLogs": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.CloudWatchLogsLogDelivery", - "markdownDescription": "Details about delivering logs to Amazon CloudWatch Logs.", - "title": "CloudWatchLogs" - }, - "Firehose": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.FirehoseLogDelivery", - "markdownDescription": "Details about delivering logs to Amazon Kinesis Data Firehose.", - "title": "Firehose" - }, - "S3": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.S3LogDelivery", - "markdownDescription": "Details about delivering logs to Amazon S3.", - "title": "S3" - } - }, - "type": "object" - }, - "AWS::KafkaConnect::CustomPlugin": { + "AWS::IAM::Role": { "additionalProperties": false, "properties": { "Condition": { @@ -134191,45 +139160,69 @@ "Properties": { "additionalProperties": false, "properties": { - "ContentType": { - "markdownDescription": "The format of the plugin file.", - "title": "ContentType", - "type": "string" + "AssumeRolePolicyDocument": { + "markdownDescription": "The trust policy that is associated with this role. Trust policies define which entities can assume the role. You can associate only one trust policy with a role. For an example of a policy that can be used to assume a role, see [Template Examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html#aws-resource-iam-role--examples) . For more information about the elements that you can use in an IAM policy, see [IAM Policy Elements Reference](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements.html) in the *IAM User Guide* .", + "title": "AssumeRolePolicyDocument", + "type": "object" }, "Description": { - "markdownDescription": "The description of the custom plugin.", + "markdownDescription": "A description of the role that you provide.", "title": "Description", "type": "string" }, - "Location": { - "$ref": "#/definitions/AWS::KafkaConnect::CustomPlugin.CustomPluginLocation", - "markdownDescription": "Information about the location of the custom plugin.", - "title": "Location" + "ManagedPolicyArns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of Amazon Resource Names (ARNs) of the IAM managed policies that you want to attach to the role.\n\nFor more information about ARNs, see [Amazon Resource Names (ARNs) and AWS Service Namespaces](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* .", + "title": "ManagedPolicyArns", + "type": "array" }, - "Name": { - "markdownDescription": "The name of the custom plugin.", - "title": "Name", + "MaxSessionDuration": { + "markdownDescription": "The maximum session duration (in seconds) that you want to set for the specified role. If you do not specify a value for this setting, the default value of one hour is applied. This setting can have a value from 1 hour to 12 hours.\n\nAnyone who assumes the role from the AWS CLI or API can use the `DurationSeconds` API parameter or the `duration-seconds` AWS CLI parameter to request a longer session. The `MaxSessionDuration` setting determines the maximum duration that can be requested using the `DurationSeconds` parameter. If users don't specify a value for the `DurationSeconds` parameter, their security credentials are valid for one hour by default. This applies when you use the `AssumeRole*` API operations or the `assume-role*` AWS CLI operations but does not apply when you use those operations to create a console URL. For more information, see [Using IAM roles](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html) in the *IAM User Guide* .", + "title": "MaxSessionDuration", + "type": "number" + }, + "Path": { + "markdownDescription": "The path to the role. For more information about paths, see [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.", + "title": "Path", + "type": "string" + }, + "PermissionsBoundary": { + "markdownDescription": "The ARN of the policy used to set the permissions boundary for the role.\n\nFor more information about permissions boundaries, see [Permissions boundaries for IAM identities](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) in the *IAM User Guide* .", + "title": "PermissionsBoundary", + "type": "string" + }, + "Policies": { + "items": { + "$ref": "#/definitions/AWS::IAM::Role.Policy" + }, + "markdownDescription": "Adds or updates an inline policy document that is embedded in the specified IAM role.\n\nWhen you embed an inline policy in a role, the inline policy is used as part of the role's access (permissions) policy. The role's trust policy is created at the same time as the role. You can update a role's trust policy later. For more information about IAM roles, go to [Using Roles to Delegate Permissions and Federate Identities](https://docs.aws.amazon.com/IAM/latest/UserGuide/roles-toplevel.html) .\n\nA role can also have an attached managed policy. For information about policies, see [Managed Policies and Inline Policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the *IAM User Guide* .\n\nFor information about limits on the number of inline policies that you can embed with a role, see [Limitations on IAM Entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the *IAM User Guide* .\n\n> If an external policy (such as `AWS::IAM::Policy` or `AWS::IAM::ManagedPolicy` ) has a `Ref` to a role and if a resource (such as `AWS::ECS::Service` ) also has a `Ref` to the same role, add a `DependsOn` attribute to the resource to make the resource depend on the external policy. This dependency ensures that the role's policy is available throughout the resource's lifecycle. For example, when you delete a stack with an `AWS::ECS::Service` resource, the `DependsOn` attribute ensures that AWS CloudFormation deletes the `AWS::ECS::Service` resource before deleting its role's policy.", + "title": "Policies", + "type": "array" + }, + "RoleName": { + "markdownDescription": "A name for the IAM role, up to 64 characters in length. For valid values, see the `RoleName` parameter for the [`CreateRole`](https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateRole.html) action in the *IAM User Guide* .\n\nThis parameter allows (per its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-. The role name must be unique within the account. Role names are not distinguished by case. For example, you cannot create roles named both \"Role1\" and \"role1\".\n\nIf you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the role name.\n\nIf you specify a name, you must specify the `CAPABILITY_NAMED_IAM` value to acknowledge your template's capabilities. For more information, see [Acknowledging IAM Resources in AWS CloudFormation Templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-template.html#using-iam-capabilities) .\n\n> Naming an IAM resource can cause an unrecoverable error if you reuse the same template in multiple Regions. To prevent this, we recommend using `Fn::Join` and `AWS::Region` to create a Region-specific name, as in the following example: `{\"Fn::Join\": [\"\", [{\"Ref\": \"AWS::Region\"}, {\"Ref\": \"MyResourceName\"}]]}` .", + "title": "RoleName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "", + "markdownDescription": "A list of tags that are attached to the role. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .", "title": "Tags", "type": "array" } }, "required": [ - "ContentType", - "Location", - "Name" + "AssumeRolePolicyDocument" ], "type": "object" }, "Type": { "enum": [ - "AWS::KafkaConnect::CustomPlugin" + "AWS::IAM::Role" ], "type": "string" }, @@ -134248,62 +139241,27 @@ ], "type": "object" }, - "AWS::KafkaConnect::CustomPlugin.CustomPluginFileDescription": { - "additionalProperties": false, - "properties": { - "FileMd5": { - "markdownDescription": "The hex-encoded MD5 checksum of the custom plugin file. You can use it to validate the file.", - "title": "FileMd5", - "type": "string" - }, - "FileSize": { - "markdownDescription": "The size in bytes of the custom plugin file. You can use it to validate the file.", - "title": "FileSize", - "type": "number" - } - }, - "type": "object" - }, - "AWS::KafkaConnect::CustomPlugin.CustomPluginLocation": { - "additionalProperties": false, - "properties": { - "S3Location": { - "$ref": "#/definitions/AWS::KafkaConnect::CustomPlugin.S3Location", - "markdownDescription": "The S3 bucket Amazon Resource Name (ARN), file key, and object version of the plugin file stored in Amazon S3.", - "title": "S3Location" - } - }, - "required": [ - "S3Location" - ], - "type": "object" - }, - "AWS::KafkaConnect::CustomPlugin.S3Location": { + "AWS::IAM::Role.Policy": { "additionalProperties": false, "properties": { - "BucketArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an S3 bucket.", - "title": "BucketArn", - "type": "string" - }, - "FileKey": { - "markdownDescription": "The file key for an object in an S3 bucket.", - "title": "FileKey", - "type": "string" + "PolicyDocument": { + "markdownDescription": "The entire contents of the policy that defines permissions. For more information, see [Overview of JSON policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policies-json) .", + "title": "PolicyDocument", + "type": "object" }, - "ObjectVersion": { - "markdownDescription": "The version of an object in an S3 bucket.", - "title": "ObjectVersion", + "PolicyName": { + "markdownDescription": "The friendly name (not ARN) identifying the policy.", + "title": "PolicyName", "type": "string" } }, "required": [ - "BucketArn", - "FileKey" + "PolicyDocument", + "PolicyName" ], "type": "object" }, - "AWS::KafkaConnect::WorkerConfiguration": { + "AWS::IAM::RolePolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -134338,39 +139296,31 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of a worker configuration.", - "title": "Description", - "type": "string" + "PolicyDocument": { + "markdownDescription": "The policy document.\n\nYou must provide policies in JSON format in IAM. However, for AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it to IAM.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", + "title": "PolicyDocument", + "type": "object" }, - "Name": { - "markdownDescription": "The name of the worker configuration.", - "title": "Name", + "PolicyName": { + "markdownDescription": "The name of the policy document.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "PolicyName", "type": "string" }, - "PropertiesFileContent": { - "markdownDescription": "Base64 encoded contents of the connect-distributed.properties file.", - "title": "PropertiesFileContent", + "RoleName": { + "markdownDescription": "The name of the role to associate the policy with.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "RoleName", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "", - "title": "Tags", - "type": "array" } }, "required": [ - "Name", - "PropertiesFileContent" + "PolicyName", + "RoleName" ], "type": "object" }, "Type": { "enum": [ - "AWS::KafkaConnect::WorkerConfiguration" + "AWS::IAM::RolePolicy" ], "type": "string" }, @@ -134389,7 +139339,7 @@ ], "type": "object" }, - "AWS::Kendra::DataSource": { + "AWS::IAM::SAMLProvider": { "additionalProperties": false, "properties": { "Condition": { @@ -134424,70 +139374,53 @@ "Properties": { "additionalProperties": false, "properties": { - "CustomDocumentEnrichmentConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.CustomDocumentEnrichmentConfiguration", - "markdownDescription": "Configuration information for altering document metadata and content during the document ingestion process.", - "title": "CustomDocumentEnrichmentConfiguration" - }, - "DataSourceConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceConfiguration", - "markdownDescription": "Configuration information for an Amazon Kendra data source. The contents of the configuration depend on the type of data source. You can only specify one type of data source in the configuration.\n\nYou can't specify the `Configuration` parameter when the `Type` parameter is set to `CUSTOM` .\n\nThe `Configuration` parameter is required for all other data sources.", - "title": "DataSourceConfiguration" - }, - "Description": { - "markdownDescription": "A description for the data source connector.", - "title": "Description", - "type": "string" - }, - "IndexId": { - "markdownDescription": "The identifier of the index you want to use with the data source connector.", - "title": "IndexId", + "AddPrivateKey": { + "markdownDescription": "Specifies the new private key from your external identity provider. The private key must be a .pem file that uses AES-GCM or AES-CBC encryption algorithm to decrypt SAML assertions.", + "title": "AddPrivateKey", "type": "string" }, - "LanguageCode": { - "markdownDescription": "The code for a language. This shows a supported language for all documents in the data source. English is supported by default. For more information on supported languages, including their codes, see [Adding documents in languages other than English](https://docs.aws.amazon.com/kendra/latest/dg/in-adding-languages.html) .", - "title": "LanguageCode", + "AssertionEncryptionMode": { + "markdownDescription": "Specifies the encryption setting for the SAML provider.", + "title": "AssertionEncryptionMode", "type": "string" }, "Name": { - "markdownDescription": "The name of the data source.", + "markdownDescription": "The name of the provider to create.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", "title": "Name", "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of a role with permission to access the data source.\n\nYou can't specify the `RoleArn` parameter when the `Type` parameter is set to `CUSTOM` .\n\nThe `RoleArn` parameter is required for all other data sources.", - "title": "RoleArn", + "PrivateKeyList": { + "items": { + "$ref": "#/definitions/AWS::IAM::SAMLProvider.SAMLPrivateKey" + }, + "markdownDescription": "The private key metadata for the SAML provider.", + "title": "PrivateKeyList", + "type": "array" + }, + "RemovePrivateKey": { + "markdownDescription": "The Key ID of the private key to remove.", + "title": "RemovePrivateKey", "type": "string" }, - "Schedule": { - "markdownDescription": "Sets the frequency that Amazon Kendra checks the documents in your data source and updates the index. If you don't set a schedule, Amazon Kendra doesn't periodically update the index.", - "title": "Schedule", + "SamlMetadataDocument": { + "markdownDescription": "An XML document generated by an identity provider (IdP) that supports SAML 2.0. The document includes the issuer's name, expiration information, and keys that can be used to validate the SAML authentication response (assertions) that are received from the IdP. You must generate the metadata document using the identity management software that is used as your organization's IdP.\n\nFor more information, see [About SAML 2.0-based federation](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html) in the *IAM User Guide*", + "title": "SamlMetadataDocument", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "A list of tags that you want to attach to the new IAM SAML provider. Each tag consists of a key name and an associated value. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .\n\n> If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request fails and the resource is not created.", "title": "Tags", "type": "array" - }, - "Type": { - "markdownDescription": "The type of the data source.", - "title": "Type", - "type": "string" } }, - "required": [ - "IndexId", - "Name", - "Type" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Kendra::DataSource" + "AWS::IAM::SAMLProvider" ], "type": "string" }, @@ -134501,884 +139434,1291 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Kendra::DataSource.AccessControlListConfiguration": { + "AWS::IAM::SAMLProvider.SAMLPrivateKey": { "additionalProperties": false, "properties": { - "KeyPath": { - "markdownDescription": "Path to the AWS S3 bucket that contains the access control list files.", - "title": "KeyPath", + "KeyId": { + "markdownDescription": "The unique identifier for the SAML private key.", + "title": "KeyId", "type": "string" - } - }, - "type": "object" - }, - "AWS::Kendra::DataSource.AclConfiguration": { - "additionalProperties": false, - "properties": { - "AllowedGroupsColumnName": { - "markdownDescription": "A list of groups, separated by semi-colons, that filters a query response based on user context. The document is only returned to users that are in one of the groups specified in the `UserContext` field of the [Query](https://docs.aws.amazon.com/kendra/latest/dg/API_Query.html) operation.", - "title": "AllowedGroupsColumnName", + }, + "Timestamp": { + "markdownDescription": "The date and time, in [ISO 8601 date-time](https://docs.aws.amazon.com/http://www.iso.org/iso/iso8601) format, when the private key was uploaded.", + "title": "Timestamp", "type": "string" } }, "required": [ - "AllowedGroupsColumnName" + "KeyId", + "Timestamp" ], "type": "object" }, - "AWS::Kendra::DataSource.ColumnConfiguration": { + "AWS::IAM::ServerCertificate": { "additionalProperties": false, "properties": { - "ChangeDetectingColumns": { - "items": { - "type": "string" - }, - "markdownDescription": "One to five columns that indicate when a document in the database has changed.", - "title": "ChangeDetectingColumns", - "type": "array" - }, - "DocumentDataColumnName": { - "markdownDescription": "The column that contains the contents of the document.", - "title": "DocumentDataColumnName", + "Condition": { "type": "string" }, - "DocumentIdColumnName": { - "markdownDescription": "The column that provides the document's identifier.", - "title": "DocumentIdColumnName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "DocumentTitleColumnName": { - "markdownDescription": "The column that contains the title of the document.", - "title": "DocumentTitleColumnName", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "FieldMappings": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" - }, - "markdownDescription": "An array of objects that map database column names to the corresponding fields in an index. You must first create the fields in the index using the [UpdateIndex](https://docs.aws.amazon.com/kendra/latest/dg/API_UpdateIndex.html) operation.", - "title": "FieldMappings", - "type": "array" - } - }, - "required": [ - "ChangeDetectingColumns", - "DocumentDataColumnName", - "DocumentIdColumnName" - ], - "type": "object" - }, - "AWS::Kendra::DataSource.ConfluenceAttachmentConfiguration": { - "additionalProperties": false, - "properties": { - "AttachmentFieldMappings": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceAttachmentToIndexFieldMapping" - }, - "markdownDescription": "Maps attributes or field names of Confluence attachments to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Confluence fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Confluence data source field names must exist in your Confluence custom metadata.\n\nIf you specify the `AttachentFieldMappings` parameter, you must specify at least one field mapping.", - "title": "AttachmentFieldMappings", - "type": "array" + "Metadata": { + "type": "object" }, - "CrawlAttachments": { - "markdownDescription": "`TRUE` to index attachments of pages and blogs in Confluence.", - "title": "CrawlAttachments", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::Kendra::DataSource.ConfluenceAttachmentToIndexFieldMapping": { - "additionalProperties": false, - "properties": { - "DataSourceFieldName": { - "markdownDescription": "The name of the field in the data source.\n\nYou must first create the index field using the `UpdateIndex` API.", - "title": "DataSourceFieldName", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "CertificateBody": { + "markdownDescription": "The contents of the public key certificate.", + "title": "CertificateBody", + "type": "string" + }, + "CertificateChain": { + "markdownDescription": "The contents of the public key certificate chain.", + "title": "CertificateChain", + "type": "string" + }, + "Path": { + "markdownDescription": "The path for the server certificate. For more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/). This parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.\n\n> If you are uploading a server certificate specifically for use with Amazon CloudFront distributions, you must specify a path using the `path` parameter. The path must begin with `/cloudfront` and must include a trailing slash (for example, `/cloudfront/test/` ).", + "title": "Path", + "type": "string" + }, + "PrivateKey": { + "markdownDescription": "The contents of the private key in PEM-encoded format.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", + "title": "PrivateKey", + "type": "string" + }, + "ServerCertificateName": { + "markdownDescription": "The name for the server certificate. Do not include the path in this value. The name of the certificate cannot contain any spaces.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "ServerCertificateName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags that are attached to the server certificate. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .", + "title": "Tags", + "type": "array" + } + }, + "type": "object" }, - "DateFieldFormat": { - "markdownDescription": "The format for date fields in the data source. If the field specified in `DataSourceFieldName` is a date field you must specify the date format. If the field is not a date field, an exception is thrown.", - "title": "DateFieldFormat", + "Type": { + "enum": [ + "AWS::IAM::ServerCertificate" + ], "type": "string" }, - "IndexFieldName": { - "markdownDescription": "The name of the index field to map to the Confluence data source field. The index field type must match the Confluence field type.", - "title": "IndexFieldName", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "DataSourceFieldName", - "IndexFieldName" + "Type" ], "type": "object" }, - "AWS::Kendra::DataSource.ConfluenceBlogConfiguration": { - "additionalProperties": false, - "properties": { - "BlogFieldMappings": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceBlogToIndexFieldMapping" - }, - "markdownDescription": "Maps attributes or field names of Confluence blogs to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Confluence fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Confluence data source field names must exist in your Confluence custom metadata.\n\nIf you specify the `BlogFieldMappings` parameter, you must specify at least one field mapping.", - "title": "BlogFieldMappings", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Kendra::DataSource.ConfluenceBlogToIndexFieldMapping": { + "AWS::IAM::ServiceLinkedRole": { "additionalProperties": false, "properties": { - "DataSourceFieldName": { - "markdownDescription": "The name of the field in the data source.", - "title": "DataSourceFieldName", + "Condition": { "type": "string" }, - "DateFieldFormat": { - "markdownDescription": "The format for date fields in the data source. If the field specified in `DataSourceFieldName` is a date field you must specify the date format. If the field is not a date field, an exception is thrown.", - "title": "DateFieldFormat", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "IndexFieldName": { - "markdownDescription": "The name of the index field to map to the Confluence data source field. The index field type must match the Confluence field type.", - "title": "IndexFieldName", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AWSServiceName": { + "markdownDescription": "The service principal for the AWS service to which this role is attached. You use a string similar to a URL but without the http:// in front. For example: `elasticbeanstalk.amazonaws.com` .\n\nService principals are unique and case-sensitive. To find the exact service principal for your service-linked role, see [AWS services that work with IAM](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html) in the *IAM User Guide* . Look for the services that have *Yes* in the *Service-Linked Role* column. Choose the *Yes* link to view the service-linked role documentation for that service.", + "title": "AWSServiceName", + "type": "string" + }, + "CustomSuffix": { + "markdownDescription": "A string that you provide, which is combined with the service-provided prefix to form the complete role name. If you make multiple requests for the same service, then you must supply a different `CustomSuffix` for each request. Otherwise the request fails with a duplicate role name error. For example, you could add `-1` or `-debug` to the suffix.\n\nSome services do not support the `CustomSuffix` parameter. If you provide an optional suffix and the operation fails, try the operation again without the suffix.", + "title": "CustomSuffix", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the role.", + "title": "Description", + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IAM::ServiceLinkedRole" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "DataSourceFieldName", - "IndexFieldName" + "Type" ], "type": "object" }, - "AWS::Kendra::DataSource.ConfluenceConfiguration": { + "AWS::IAM::User": { "additionalProperties": false, "properties": { - "AttachmentConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceAttachmentConfiguration", - "markdownDescription": "Configuration information for indexing attachments to Confluence blogs and pages.", - "title": "AttachmentConfiguration" - }, - "BlogConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceBlogConfiguration", - "markdownDescription": "Configuration information for indexing Confluence blogs.", - "title": "BlogConfiguration" + "Condition": { + "type": "string" }, - "ExclusionPatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of regular expression patterns to exclude certain blog posts, pages, spaces, or attachments in your Confluence. Content that matches the patterns are excluded from the index. Content that doesn't match the patterns is included in the index. If content matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the content isn't included in the index.", - "title": "ExclusionPatterns", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "InclusionPatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of regular expression patterns to include certain blog posts, pages, spaces, or attachments in your Confluence. Content that matches the patterns are included in the index. Content that doesn't match the patterns is excluded from the index. If content matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the content isn't included in the index.", - "title": "InclusionPatterns", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "PageConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluencePageConfiguration", - "markdownDescription": "Configuration information for indexing Confluence pages.", - "title": "PageConfiguration" + "Metadata": { + "type": "object" }, - "SecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that contains the user name and password required to connect to the Confluence instance. If you use Confluence Cloud, you use a generated API token as the password.\n\nYou can also provide authentication credentials in the form of a personal access token. For more information, see [Using a Confluence data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-confluence.html) .", - "title": "SecretArn", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Groups": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of group names to which you want to add the user.", + "title": "Groups", + "type": "array" + }, + "LoginProfile": { + "$ref": "#/definitions/AWS::IAM::User.LoginProfile", + "markdownDescription": "Creates a password for the specified IAM user. A password allows an IAM user to access AWS services through the AWS Management Console .\n\nYou can use the AWS CLI , the AWS API, or the *Users* page in the IAM console to create a password for any IAM user. Use [ChangePassword](https://docs.aws.amazon.com/IAM/latest/APIReference/API_ChangePassword.html) to update your own existing password in the *My Security Credentials* page in the AWS Management Console .\n\nFor more information about managing passwords, see [Managing passwords](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingLogins.html) in the *IAM User Guide* .", + "title": "LoginProfile" + }, + "ManagedPolicyArns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of Amazon Resource Names (ARNs) of the IAM managed policies that you want to attach to the user.\n\nFor more information about ARNs, see [Amazon Resource Names (ARNs) and AWS Service Namespaces](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* .", + "title": "ManagedPolicyArns", + "type": "array" + }, + "Path": { + "markdownDescription": "The path for the user name. For more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.", + "title": "Path", + "type": "string" + }, + "PermissionsBoundary": { + "markdownDescription": "The ARN of the managed policy that is used to set the permissions boundary for the user.\n\nA permissions boundary policy defines the maximum permissions that identity-based policies can grant to an entity, but does not grant permissions. Permissions boundaries do not define the maximum permissions that a resource-based policy can grant to an entity. To learn more, see [Permissions boundaries for IAM entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) in the *IAM User Guide* .\n\nFor more information about policy types, see [Policy types](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policy-types) in the *IAM User Guide* .", + "title": "PermissionsBoundary", + "type": "string" + }, + "Policies": { + "items": { + "$ref": "#/definitions/AWS::IAM::User.Policy" + }, + "markdownDescription": "Adds or updates an inline policy document that is embedded in the specified IAM user. To view AWS::IAM::User snippets, see [Declaring an IAM User Resource](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-iam.html#scenario-iam-user) .\n\n> The name of each policy for a role, user, or group must be unique. If you don't choose unique names, updates to the IAM identity will fail. \n\nFor information about limits on the number of inline policies that you can embed in a user, see [Limitations on IAM Entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the *IAM User Guide* .", + "title": "Policies", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags that you want to attach to the new user. Each tag consists of a key name and an associated value. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .\n\n> If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request fails and the resource is not created.", + "title": "Tags", + "type": "array" + }, + "UserName": { + "markdownDescription": "The name of the user to create. Do not include the path in this value.\n\nThis parameter allows (per its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-. The user name must be unique within the account. User names are not distinguished by case. For example, you cannot create users named both \"John\" and \"john\".\n\nIf you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the user name.\n\nIf you specify a name, you must specify the `CAPABILITY_NAMED_IAM` value to acknowledge your template's capabilities. For more information, see [Acknowledging IAM Resources in AWS CloudFormation Templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-template.html#using-iam-capabilities) .\n\n> Naming an IAM resource can cause an unrecoverable error if you reuse the same template in multiple Regions. To prevent this, we recommend using `Fn::Join` and `AWS::Region` to create a Region-specific name, as in the following example: `{\"Fn::Join\": [\"\", [{\"Ref\": \"AWS::Region\"}, {\"Ref\": \"MyResourceName\"}]]}` .", + "title": "UserName", + "type": "string" + } + }, + "type": "object" }, - "ServerUrl": { - "markdownDescription": "The URL of your Confluence instance. Use the full URL of the server. For example, *https://server.example.com:port/* . You can also use an IP address, for example, *https://192.168.1.113/* .", - "title": "ServerUrl", + "Type": { + "enum": [ + "AWS::IAM::User" + ], "type": "string" }, - "SpaceConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceSpaceConfiguration", - "markdownDescription": "Configuration information for indexing Confluence spaces.", - "title": "SpaceConfiguration" - }, - "Version": { - "markdownDescription": "The version or the type of Confluence installation to connect to.", - "title": "Version", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "VpcConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceVpcConfiguration", - "markdownDescription": "Configuration information for an Amazon Virtual Private Cloud to connect to your Confluence. For more information, see [Configuring a VPC](https://docs.aws.amazon.com/kendra/latest/dg/vpc-configuration.html) .", - "title": "VpcConfiguration" } }, "required": [ - "SecretArn", - "ServerUrl", - "Version" + "Type" ], "type": "object" }, - "AWS::Kendra::DataSource.ConfluencePageConfiguration": { + "AWS::IAM::User.LoginProfile": { "additionalProperties": false, "properties": { - "PageFieldMappings": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluencePageToIndexFieldMapping" - }, - "markdownDescription": "Maps attributes or field names of Confluence pages to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Confluence fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Confluence data source field names must exist in your Confluence custom metadata.\n\nIf you specify the `PageFieldMappings` parameter, you must specify at least one field mapping.", - "title": "PageFieldMappings", - "type": "array" + "Password": { + "markdownDescription": "The user's password.", + "title": "Password", + "type": "string" + }, + "PasswordResetRequired": { + "markdownDescription": "Specifies whether the user is required to set a new password on next sign-in.", + "title": "PasswordResetRequired", + "type": "boolean" } }, + "required": [ + "Password" + ], "type": "object" }, - "AWS::Kendra::DataSource.ConfluencePageToIndexFieldMapping": { + "AWS::IAM::User.Policy": { "additionalProperties": false, "properties": { - "DataSourceFieldName": { - "markdownDescription": "The name of the field in the data source.", - "title": "DataSourceFieldName", - "type": "string" - }, - "DateFieldFormat": { - "markdownDescription": "The format for date fields in the data source. If the field specified in `DataSourceFieldName` is a date field you must specify the date format. If the field is not a date field, an exception is thrown.", - "title": "DateFieldFormat", - "type": "string" + "PolicyDocument": { + "markdownDescription": "The entire contents of the policy that defines permissions. For more information, see [Overview of JSON policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policies-json) .", + "title": "PolicyDocument", + "type": "object" }, - "IndexFieldName": { - "markdownDescription": "The name of the index field to map to the Confluence data source field. The index field type must match the Confluence field type.", - "title": "IndexFieldName", + "PolicyName": { + "markdownDescription": "The friendly name (not ARN) identifying the policy.", + "title": "PolicyName", "type": "string" } }, "required": [ - "DataSourceFieldName", - "IndexFieldName" + "PolicyDocument", + "PolicyName" ], "type": "object" }, - "AWS::Kendra::DataSource.ConfluenceSpaceConfiguration": { + "AWS::IAM::UserPolicy": { "additionalProperties": false, "properties": { - "CrawlArchivedSpaces": { - "markdownDescription": "`TRUE` to index archived spaces.", - "title": "CrawlArchivedSpaces", - "type": "boolean" + "Condition": { + "type": "string" }, - "CrawlPersonalSpaces": { - "markdownDescription": "`TRUE` to index personal spaces. You can add restrictions to items in personal spaces. If personal spaces are indexed, queries without user context information may return restricted items from a personal space in their results. For more information, see [Filtering on user context](https://docs.aws.amazon.com/kendra/latest/dg/user-context-filter.html) .", - "title": "CrawlPersonalSpaces", - "type": "boolean" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ExcludeSpaces": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of space keys of Confluence spaces. If you include a key, the blogs, documents, and attachments in the space are not indexed. If a space is in both the `ExcludeSpaces` and the `IncludeSpaces` list, the space is excluded.", - "title": "ExcludeSpaces", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "IncludeSpaces": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of space keys for Confluence spaces. If you include a key, the blogs, documents, and attachments in the space are indexed. Spaces that aren't in the list aren't indexed. A space in the list must exist. Otherwise, Amazon Kendra logs an error when the data source is synchronized. If a space is in both the `IncludeSpaces` and the `ExcludeSpaces` list, the space is excluded.", - "title": "IncludeSpaces", - "type": "array" + "Metadata": { + "type": "object" }, - "SpaceFieldMappings": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceSpaceToIndexFieldMapping" + "Properties": { + "additionalProperties": false, + "properties": { + "PolicyDocument": { + "markdownDescription": "The policy document.\n\nYou must provide policies in JSON format in IAM. However, for AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it to IAM.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", + "title": "PolicyDocument", + "type": "object" + }, + "PolicyName": { + "markdownDescription": "The name of the policy document.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "PolicyName", + "type": "string" + }, + "UserName": { + "markdownDescription": "The name of the user to associate the policy with.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "UserName", + "type": "string" + } }, - "markdownDescription": "Maps attributes or field names of Confluence spaces to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Confluence fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Confluence data source field names must exist in your Confluence custom metadata.\n\nIf you specify the `SpaceFieldMappings` parameter, you must specify at least one field mapping.", - "title": "SpaceFieldMappings", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Kendra::DataSource.ConfluenceSpaceToIndexFieldMapping": { - "additionalProperties": false, - "properties": { - "DataSourceFieldName": { - "markdownDescription": "The name of the field in the data source.", - "title": "DataSourceFieldName", - "type": "string" + "required": [ + "PolicyName", + "UserName" + ], + "type": "object" }, - "DateFieldFormat": { - "markdownDescription": "The format for date fields in the data source. If the field specified in `DataSourceFieldName` is a date field you must specify the date format. If the field is not a date field, an exception is thrown.", - "title": "DateFieldFormat", + "Type": { + "enum": [ + "AWS::IAM::UserPolicy" + ], "type": "string" }, - "IndexFieldName": { - "markdownDescription": "The name of the index field to map to the Confluence data source field. The index field type must match the Confluence field type.", - "title": "IndexFieldName", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "DataSourceFieldName", - "IndexFieldName" + "Type", + "Properties" ], "type": "object" }, - "AWS::Kendra::DataSource.ConnectionConfiguration": { + "AWS::IAM::UserToGroupAddition": { "additionalProperties": false, "properties": { - "DatabaseHost": { - "markdownDescription": "The name of the host for the database. Can be either a string (host.subdomain.domain.tld) or an IPv4 or IPv6 address.", - "title": "DatabaseHost", + "Condition": { "type": "string" }, - "DatabaseName": { - "markdownDescription": "The name of the database containing the document data.", - "title": "DatabaseName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "DatabasePort": { - "markdownDescription": "The port that the database uses for connections.", - "title": "DatabasePort", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that stores the credentials. The credentials should be a user-password pair. For more information, see [Using a Database Data Source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-database.html) . For more information about AWS Secrets Manager , see [What Is AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html) in the *AWS Secrets Manager* user guide.", - "title": "SecretArn", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "GroupName": { + "markdownDescription": "The name of the group to update.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "GroupName", + "type": "string" + }, + "Users": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the names of the users that you want to add to the group.", + "title": "Users", + "type": "array" + } + }, + "required": [ + "GroupName", + "Users" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IAM::UserToGroupAddition" + ], "type": "string" }, - "TableName": { - "markdownDescription": "The name of the table that contains the document data.", - "title": "TableName", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "DatabaseHost", - "DatabaseName", - "DatabasePort", - "SecretArn", - "TableName" + "Type", + "Properties" ], "type": "object" }, - "AWS::Kendra::DataSource.CustomDocumentEnrichmentConfiguration": { + "AWS::IAM::VirtualMFADevice": { "additionalProperties": false, "properties": { - "InlineConfigurations": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.InlineCustomDocumentEnrichmentConfiguration" - }, - "markdownDescription": "Configuration information to alter document attributes or metadata fields and content when ingesting documents into Amazon Kendra.", - "title": "InlineConfigurations", - "type": "array" - }, - "PostExtractionHookConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.HookConfiguration", - "markdownDescription": "Configuration information for invoking a Lambda function in AWS Lambda on the structured documents with their metadata and text extracted. You can use a Lambda function to apply advanced logic for creating, modifying, or deleting document metadata and content. For more information, see [Advanced data manipulation](https://docs.aws.amazon.com/kendra/latest/dg/custom-document-enrichment.html#advanced-data-manipulation) .", - "title": "PostExtractionHookConfiguration" - }, - "PreExtractionHookConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.HookConfiguration", - "markdownDescription": "Configuration information for invoking a Lambda function in AWS Lambda on the original or raw documents before extracting their metadata and text. You can use a Lambda function to apply advanced logic for creating, modifying, or deleting document metadata and content. For more information, see [Advanced data manipulation](https://docs.aws.amazon.com/kendra/latest/dg/custom-document-enrichment.html#advanced-data-manipulation) .", - "title": "PreExtractionHookConfiguration" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role with permission to run `PreExtractionHookConfiguration` and `PostExtractionHookConfiguration` for altering document metadata and content during the document ingestion process. For more information, see [an IAM roles for Amazon Kendra](https://docs.aws.amazon.com/kendra/latest/dg/iam-roles.html) .", - "title": "RoleArn", + "Condition": { "type": "string" - } - }, - "type": "object" - }, - "AWS::Kendra::DataSource.DataSourceConfiguration": { - "additionalProperties": false, - "properties": { - "ConfluenceConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceConfiguration", - "markdownDescription": "Provides the configuration information to connect to Confluence as your data source.", - "title": "ConfluenceConfiguration" - }, - "DatabaseConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DatabaseConfiguration", - "markdownDescription": "Provides the configuration information to connect to a database as your data source.", - "title": "DatabaseConfiguration" - }, - "GoogleDriveConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.GoogleDriveConfiguration", - "markdownDescription": "Provides the configuration information to connect to Google Drive as your data source.", - "title": "GoogleDriveConfiguration" - }, - "OneDriveConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.OneDriveConfiguration", - "markdownDescription": "Provides the configuration information to connect to Microsoft OneDrive as your data source.", - "title": "OneDriveConfiguration" }, - "S3Configuration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.S3DataSourceConfiguration", - "markdownDescription": "Provides the configuration information to connect to an Amazon S3 bucket as your data source.\n\n> Amazon Kendra now supports an upgraded Amazon S3 connector.\n> \n> You must now use the [TemplateConfiguration](https://docs.aws.amazon.com/kendra/latest/APIReference/API_TemplateConfiguration.html) object instead of the `S3DataSourceConfiguration` object to configure your connector.\n> \n> Connectors configured using the older console and API architecture will continue to function as configured. However, you won't be able to edit or update them. If you want to edit or update your connector configuration, you must create a new connector.\n> \n> We recommended migrating your connector workflow to the upgraded version. Support for connectors configured using the older architecture is scheduled to end by June 2024.", - "title": "S3Configuration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "SalesforceConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceConfiguration", - "markdownDescription": "Provides the configuration information to connect to Salesforce as your data source.", - "title": "SalesforceConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ServiceNowConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ServiceNowConfiguration", - "markdownDescription": "Provides the configuration information to connect to ServiceNow as your data source.", - "title": "ServiceNowConfiguration" + "Metadata": { + "type": "object" }, - "SharePointConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.SharePointConfiguration", - "markdownDescription": "Provides the configuration information to connect to Microsoft SharePoint as your data source.", - "title": "SharePointConfiguration" + "Properties": { + "additionalProperties": false, + "properties": { + "Path": { + "markdownDescription": "The path for the virtual MFA device. For more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.", + "title": "Path", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags that you want to attach to the new IAM virtual MFA device. Each tag consists of a key name and an associated value. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .\n\n> If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request fails and the resource is not created.", + "title": "Tags", + "type": "array" + }, + "Users": { + "items": { + "type": "string" + }, + "markdownDescription": "The IAM user associated with this virtual MFA device.", + "title": "Users", + "type": "array" + }, + "VirtualMfaDeviceName": { + "markdownDescription": "The name of the virtual MFA device, which must be unique. Use with path to uniquely identify a virtual MFA device.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "VirtualMfaDeviceName", + "type": "string" + } + }, + "required": [ + "Users" + ], + "type": "object" }, - "WebCrawlerConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.WebCrawlerConfiguration", - "markdownDescription": "Provides the configuration information required for Amazon Kendra Web Crawler.", - "title": "WebCrawlerConfiguration" + "Type": { + "enum": [ + "AWS::IAM::VirtualMFADevice" + ], + "type": "string" }, - "WorkDocsConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.WorkDocsConfiguration", - "markdownDescription": "Provides the configuration information to connect to Amazon WorkDocs as your data source.", - "title": "WorkDocsConfiguration" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::Kendra::DataSource.DataSourceToIndexFieldMapping": { + "AWS::IVS::Channel": { "additionalProperties": false, "properties": { - "DataSourceFieldName": { - "markdownDescription": "The name of the field in the data source. You must first create the index field using the `UpdateIndex` API.", - "title": "DataSourceFieldName", + "Condition": { "type": "string" }, - "DateFieldFormat": { - "markdownDescription": "The format for date fields in the data source. If the field specified in `DataSourceFieldName` is a date field, you must specify the date format. If the field is not a date field, an exception is thrown.", - "title": "DateFieldFormat", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "IndexFieldName": { - "markdownDescription": "The name of the index field to map to the data source field. The index field type must match the data source field type.", - "title": "IndexFieldName", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Authorized": { + "markdownDescription": "Whether the channel is authorized.\n\n*Default* : `false`", + "title": "Authorized", + "type": "boolean" + }, + "ContainerFormat": { + "markdownDescription": "Indicates which content-packaging format is used (MPEG-TS or fMP4). If `multitrackInputConfiguration` is specified and `enabled` is `true` , then `containerFormat` is required and must be set to `FRAGMENTED_MP4` . Otherwise, `containerFormat` may be set to `TS` or `FRAGMENTED_MP4` . Default: `TS` .", + "title": "ContainerFormat", + "type": "string" + }, + "InsecureIngest": { + "markdownDescription": "Whether the channel allows insecure RTMP ingest.\n\n*Default* : `false`", + "title": "InsecureIngest", + "type": "boolean" + }, + "LatencyMode": { + "markdownDescription": "Channel latency mode. Valid values:\n\n- `NORMAL` : Use NORMAL to broadcast and deliver live video up to Full HD.\n- `LOW` : Use LOW for near real-time interactions with viewers.\n\n> In the console, `LOW` and `NORMAL` correspond to `Ultra-low` and `Standard` , respectively. \n\n*Default* : `LOW`", + "title": "LatencyMode", + "type": "string" + }, + "MultitrackInputConfiguration": { + "$ref": "#/definitions/AWS::IVS::Channel.MultitrackInputConfiguration", + "markdownDescription": "Object specifying multitrack input configuration. Default: no multitrack input configuration is specified.", + "title": "MultitrackInputConfiguration" + }, + "Name": { + "markdownDescription": "Channel name.", + "title": "Name", + "type": "string" + }, + "Preset": { + "markdownDescription": "An optional transcode preset for the channel. This is selectable only for `ADVANCED_HD` and `ADVANCED_SD` channel types. For those channel types, the default preset is `HIGHER_BANDWIDTH_DELIVERY` . For other channel types ( `BASIC` and `STANDARD` ), `preset` is the empty string (\"\").", + "title": "Preset", + "type": "string" + }, + "RecordingConfigurationArn": { + "markdownDescription": "The ARN of a RecordingConfiguration resource. An empty string indicates that recording is disabled for the channel. A RecordingConfiguration ARN indicates that recording is enabled using the specified recording configuration. See the [RecordingConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ivs-recordingconfiguration.html) resource for more information and an example.\n\n*Default* : \"\" (empty string, recording is disabled)", + "title": "RecordingConfigurationArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-channel-tag.html) .", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "The channel type, which determines the allowable resolution and bitrate. *If you exceed the allowable resolution or bitrate, the stream probably will disconnect immediately.* For details, see [Channel Types](https://docs.aws.amazon.com/ivs/latest/LowLatencyAPIReference/channel-types.html) .\n\n*Default* : `STANDARD`", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IVS::Channel" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "DataSourceFieldName", - "IndexFieldName" + "Type" ], "type": "object" }, - "AWS::Kendra::DataSource.DataSourceVpcConfiguration": { + "AWS::IVS::Channel.MultitrackInputConfiguration": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of identifiers of security groups within your Amazon VPC. The security groups should enable Amazon Kendra to connect to the data source.", - "title": "SecurityGroupIds", - "type": "array" + "Enabled": { + "markdownDescription": "Indicates whether multitrack input is enabled. Can be set to `true` only if channel type is `STANDARD` . Setting `enabled` to `true` with any other channel type will cause an exception. If `true` , then `policy` , `maximumResolution` , and `containerFormat` are required, and `containerFormat` must be set to `FRAGMENTED_MP4` . Default: `false` .", + "title": "Enabled", + "type": "boolean" }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of identifiers for subnets within your Amazon VPC. The subnets should be able to connect to each other in the VPC, and they should have outgoing access to the Internet through a NAT device.", - "title": "SubnetIds", - "type": "array" + "MaximumResolution": { + "markdownDescription": "Maximum resolution for multitrack input. Required if `enabled` is `true` .", + "title": "MaximumResolution", + "type": "string" + }, + "Policy": { + "markdownDescription": "Indicates whether multitrack input is allowed or required. Required if `enabled` is `true` .", + "title": "Policy", + "type": "string" } }, - "required": [ - "SecurityGroupIds", - "SubnetIds" - ], "type": "object" }, - "AWS::Kendra::DataSource.DatabaseConfiguration": { + "AWS::IVS::EncoderConfiguration": { "additionalProperties": false, "properties": { - "AclConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.AclConfiguration", - "markdownDescription": "Information about the database column that provides information for user context filtering.", - "title": "AclConfiguration" + "Condition": { + "type": "string" }, - "ColumnConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ColumnConfiguration", - "markdownDescription": "Information about where the index should get the document information from the database.", - "title": "ColumnConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ConnectionConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ConnectionConfiguration", - "markdownDescription": "Configuration information that's required to connect to a database.", - "title": "ConnectionConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "DatabaseEngineType": { - "markdownDescription": "The type of database engine that runs the database.", - "title": "DatabaseEngineType", - "type": "string" + "Metadata": { + "type": "object" }, - "SqlConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.SqlConfiguration", - "markdownDescription": "Provides information about how Amazon Kendra uses quote marks around SQL identifiers when querying a database data source.", - "title": "SqlConfiguration" + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "Encoder cnfiguration name.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-encoderconfiguration-tag.html) .", + "title": "Tags", + "type": "array" + }, + "Video": { + "$ref": "#/definitions/AWS::IVS::EncoderConfiguration.Video", + "markdownDescription": "Video configuration. Default: video resolution 1280x720, bitrate 2500 kbps, 30 fps. See the [Video](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-encoderconfiguration-video.html) property type for more information.", + "title": "Video" + } + }, + "type": "object" }, - "VpcConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceVpcConfiguration", - "markdownDescription": "Provides information for connecting to an Amazon VPC.", - "title": "VpcConfiguration" + "Type": { + "enum": [ + "AWS::IVS::EncoderConfiguration" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "ColumnConfiguration", - "ConnectionConfiguration", - "DatabaseEngineType" + "Type" ], "type": "object" }, - "AWS::Kendra::DataSource.DocumentAttributeCondition": { + "AWS::IVS::EncoderConfiguration.Video": { "additionalProperties": false, "properties": { - "ConditionDocumentAttributeKey": { - "markdownDescription": "The identifier of the document attribute used for the condition.\n\nFor example, 'Source_URI' could be an identifier for the attribute or metadata field that contains source URIs associated with the documents.\n\nAmazon Kendra currently does not support `_document_body` as an attribute key used for the condition.", - "title": "ConditionDocumentAttributeKey", - "type": "string" + "Bitrate": { + "markdownDescription": "Bitrate for generated output, in bps. Default: 2500000.", + "title": "Bitrate", + "type": "number" }, - "ConditionOnValue": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DocumentAttributeValue", - "markdownDescription": "The value used by the operator.\n\nFor example, you can specify the value 'financial' for strings in the 'Source_URI' field that partially match or contain this value.", - "title": "ConditionOnValue" + "Framerate": { + "markdownDescription": "Video frame rate, in fps. Default: 30.", + "title": "Framerate", + "type": "number" }, - "Operator": { - "markdownDescription": "The condition operator.\n\nFor example, you can use 'Contains' to partially match a string.", - "title": "Operator", - "type": "string" + "Height": { + "markdownDescription": "Video-resolution height. Note that the maximum value is determined by width times height, such that the maximum total pixels is 2073600 (1920x1080 or 1080x1920). Default: 720.", + "title": "Height", + "type": "number" + }, + "Width": { + "markdownDescription": "Video-resolution width. Note that the maximum value is determined by width times height, such that the maximum total pixels is 2073600 (1920x1080 or 1080x1920). Default: 1280.", + "title": "Width", + "type": "number" } }, - "required": [ - "ConditionDocumentAttributeKey", - "Operator" - ], "type": "object" }, - "AWS::Kendra::DataSource.DocumentAttributeTarget": { + "AWS::IVS::IngestConfiguration": { "additionalProperties": false, "properties": { - "TargetDocumentAttributeKey": { - "markdownDescription": "The identifier of the target document attribute or metadata field.\n\nFor example, 'Department' could be an identifier for the target attribute or metadata field that includes the department names associated with the documents.", - "title": "TargetDocumentAttributeKey", + "Condition": { "type": "string" }, - "TargetDocumentAttributeValue": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DocumentAttributeValue", - "markdownDescription": "The target value you want to create for the target attribute.\n\nFor example, 'Finance' could be the target value for the target attribute key 'Department'.", - "title": "TargetDocumentAttributeValue" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "TargetDocumentAttributeValueDeletion": { - "markdownDescription": "`TRUE` to delete the existing target value for your specified target attribute key. You cannot create a target value and set this to `TRUE` . To create a target value ( `TargetDocumentAttributeValue` ), set this to `FALSE` .", - "title": "TargetDocumentAttributeValueDeletion", - "type": "boolean" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "IngestProtocol": { + "markdownDescription": "Type of ingest protocol that the user employs for broadcasting.", + "title": "IngestProtocol", + "type": "string" + }, + "InsecureIngest": { + "markdownDescription": "Whether the channel allows insecure RTMP ingest. Default: `false` .", + "title": "InsecureIngest", + "type": "boolean" + }, + "Name": { + "markdownDescription": "Ingest name.", + "title": "Name", + "type": "string" + }, + "StageArn": { + "markdownDescription": "ARN of the stage with which the IngestConfiguration is associated.", + "title": "StageArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.", + "title": "Tags", + "type": "array" + }, + "UserId": { + "markdownDescription": "Customer-assigned name to help identify the participant using the IngestConfiguration; this can be used to link a participant to a user in the customer\u2019s own systems. This can be any UTF-8 encoded text. *This field is exposed to all stage participants and should not be used for personally identifying, confidential, or sensitive information.*", + "title": "UserId", + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IVS::IngestConfiguration" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "TargetDocumentAttributeKey" + "Type" ], "type": "object" }, - "AWS::Kendra::DataSource.DocumentAttributeValue": { + "AWS::IVS::PlaybackKeyPair": { "additionalProperties": false, "properties": { - "DateValue": { - "markdownDescription": "A date expressed as an ISO 8601 string.\n\nIt is important for the time zone to be included in the ISO 8601 date-time format. For example, 2012-03-25T12:30:10+01:00 is the ISO 8601 date-time format for March 25th 2012 at 12:30PM (plus 10 seconds) in Central European Time.", - "title": "DateValue", + "Condition": { "type": "string" }, - "LongValue": { - "markdownDescription": "A long integer value.", - "title": "LongValue", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "StringListValue": { - "items": { - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "Playback-key-pair name. The value does not need to be unique.", + "title": "Name", + "type": "string" + }, + "PublicKeyMaterial": { + "markdownDescription": "The public portion of a customer-generated key pair. Note that this field is required to create the AWS::IVS::PlaybackKeyPair resource.", + "title": "PublicKeyMaterial", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-playbackkeypair-tag.html) .", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "A list of strings. The default maximum length or number of strings is 10.", - "title": "StringListValue", - "type": "array" + "type": "object" }, - "StringValue": { - "markdownDescription": "A string, such as \"department\".", - "title": "StringValue", + "Type": { + "enum": [ + "AWS::IVS::PlaybackKeyPair" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::Kendra::DataSource.DocumentsMetadataConfiguration": { - "additionalProperties": false, - "properties": { - "S3Prefix": { - "markdownDescription": "A prefix used to filter metadata configuration files in the AWS S3 bucket. The S3 bucket might contain multiple metadata files. Use `S3Prefix` to include only the desired metadata files.", - "title": "S3Prefix", + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::Kendra::DataSource.GoogleDriveConfiguration": { + "AWS::IVS::PlaybackRestrictionPolicy": { "additionalProperties": false, "properties": { - "ExcludeMimeTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of MIME types to exclude from the index. All documents matching the specified MIME type are excluded.\n\nFor a list of MIME types, see [Using a Google Workspace Drive data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-google-drive.html) .", - "title": "ExcludeMimeTypes", - "type": "array" + "Condition": { + "type": "string" }, - "ExcludeSharedDrives": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of identifiers or shared drives to exclude from the index. All files and folders stored on the shared drive are excluded.", - "title": "ExcludeSharedDrives", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ExcludeUserAccounts": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of email addresses of the users. Documents owned by these users are excluded from the index. Documents shared with excluded users are indexed unless they are excluded in another way.", - "title": "ExcludeUserAccounts", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ExclusionPatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of regular expression patterns to exclude certain items in your Google Drive, including shared drives and users' My Drives. Items that match the patterns are excluded from the index. Items that don't match the patterns are included in the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.", - "title": "ExclusionPatterns", - "type": "array" + "Metadata": { + "type": "object" }, - "FieldMappings": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + "Properties": { + "additionalProperties": false, + "properties": { + "AllowedCountries": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of country codes that control geoblocking restrictions. Allowed values are the officially assigned ISO 3166-1 alpha-2 codes. Default: All countries (an empty array).", + "title": "AllowedCountries", + "type": "array" + }, + "AllowedOrigins": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of origin sites that control CORS restriction. Allowed values are the same as valid values of the Origin header defined at [https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin\"](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin)", + "title": "AllowedOrigins", + "type": "array" + }, + "EnableStrictOriginEnforcement": { + "markdownDescription": "Whether channel playback is constrained by the origin site.", + "title": "EnableStrictOriginEnforcement", + "type": "boolean" + }, + "Name": { + "markdownDescription": "Playback-restriction-policy name.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-playbackrestrictionpolicy-tag.html) .", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "Maps Google Drive data source attributes or field names to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Google Drive fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Google Drive data source field names must exist in your Google Drive custom metadata.", - "title": "FieldMappings", - "type": "array" + "required": [ + "AllowedCountries", + "AllowedOrigins" + ], + "type": "object" }, - "InclusionPatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of regular expression patterns to include certain items in your Google Drive, including shared drives and users' My Drives. Items that match the patterns are included in the index. Items that don't match the patterns are excluded from the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.", - "title": "InclusionPatterns", - "type": "array" + "Type": { + "enum": [ + "AWS::IVS::PlaybackRestrictionPolicy" + ], + "type": "string" }, - "SecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of a AWS Secrets Manager secret that contains the credentials required to connect to Google Drive. For more information, see [Using a Google Workspace Drive data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-google-drive.html) .", - "title": "SecretArn", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "SecretArn" + "Type", + "Properties" ], "type": "object" }, - "AWS::Kendra::DataSource.HookConfiguration": { + "AWS::IVS::PublicKey": { "additionalProperties": false, "properties": { - "InvocationCondition": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DocumentAttributeCondition", - "markdownDescription": "The condition used for when a Lambda function should be invoked.\n\nFor example, you can specify a condition that if there are empty date-time values, then Amazon Kendra should invoke a function that inserts the current date-time.", - "title": "InvocationCondition" + "Condition": { + "type": "string" }, - "LambdaArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role with permission to run a Lambda function during ingestion. For more information, see [an IAM roles for Amazon Kendra](https://docs.aws.amazon.com/kendra/latest/dg/iam-roles.html) .", - "title": "LambdaArn", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "S3Bucket": { - "markdownDescription": "Stores the original, raw documents or the structured, parsed documents before and after altering them. For more information, see [Data contracts for Lambda functions](https://docs.aws.amazon.com/kendra/latest/dg/custom-document-enrichment.html#cde-data-contracts-lambda) .", - "title": "S3Bucket", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "Public key name. The value does not need to be unique.", + "title": "Name", + "type": "string" + }, + "PublicKeyMaterial": { + "markdownDescription": "The public portion of a customer-generated key pair. Note that this field is required to create the AWS::IVS::PublicKey resource.", + "title": "PublicKeyMaterial", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IVS::PublicKey" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "LambdaArn", - "S3Bucket" + "Type" ], "type": "object" }, - "AWS::Kendra::DataSource.InlineCustomDocumentEnrichmentConfiguration": { + "AWS::IVS::RecordingConfiguration": { "additionalProperties": false, "properties": { "Condition": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DocumentAttributeCondition", - "markdownDescription": "Configuration of the condition used for the target document attribute or metadata field when ingesting documents into Amazon Kendra.", - "title": "Condition" - }, - "DocumentContentDeletion": { - "markdownDescription": "`TRUE` to delete content if the condition used for the target attribute is met.", - "title": "DocumentContentDeletion", - "type": "boolean" + "type": "string" }, - "Target": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DocumentAttributeTarget", - "markdownDescription": "Configuration of the target document attribute or metadata field when ingesting documents into Amazon Kendra. You can also include a value.", - "title": "Target" - } - }, - "type": "object" - }, - "AWS::Kendra::DataSource.OneDriveConfiguration": { - "additionalProperties": false, - "properties": { - "DisableLocalGroups": { - "markdownDescription": "`TRUE` to disable local groups information.", - "title": "DisableLocalGroups", - "type": "boolean" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ExclusionPatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of regular expression patterns to exclude certain documents in your OneDrive. Documents that match the patterns are excluded from the index. Documents that don't match the patterns are included in the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index.\n\nThe pattern is applied to the file name.", - "title": "ExclusionPatterns", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "FieldMappings": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" - }, - "markdownDescription": "A list of `DataSourceToIndexFieldMapping` objects that map OneDrive data source attributes or field names to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to OneDrive fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The OneDrive data source field names must exist in your OneDrive custom metadata.", - "title": "FieldMappings", - "type": "array" + "Metadata": { + "type": "object" }, - "InclusionPatterns": { - "items": { - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "DestinationConfiguration": { + "$ref": "#/definitions/AWS::IVS::RecordingConfiguration.DestinationConfiguration", + "markdownDescription": "A destination configuration describes an S3 bucket where recorded video will be stored. See the DestinationConfiguration property type for more information.", + "title": "DestinationConfiguration" + }, + "Name": { + "markdownDescription": "Recording-configuration name. The value does not need to be unique.", + "title": "Name", + "type": "string" + }, + "RecordingReconnectWindowSeconds": { + "markdownDescription": "If a broadcast disconnects and then reconnects within the specified interval, the multiple streams will be considered a single broadcast and merged together.\n\n*Default* : `0`", + "title": "RecordingReconnectWindowSeconds", + "type": "number" + }, + "RenditionConfiguration": { + "$ref": "#/definitions/AWS::IVS::RecordingConfiguration.RenditionConfiguration", + "markdownDescription": "A rendition configuration describes which renditions should be recorded for a stream. See the RenditionConfiguration property type for more information.", + "title": "RenditionConfiguration" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-recordingconfiguration-tag.html) .", + "title": "Tags", + "type": "array" + }, + "ThumbnailConfiguration": { + "$ref": "#/definitions/AWS::IVS::RecordingConfiguration.ThumbnailConfiguration", + "markdownDescription": "A thumbnail configuration enables/disables the recording of thumbnails for a live session and controls the interval at which thumbnails are generated for the live session. See the ThumbnailConfiguration property type for more information.", + "title": "ThumbnailConfiguration" + } }, - "markdownDescription": "A list of regular expression patterns to include certain documents in your OneDrive. Documents that match the patterns are included in the index. Documents that don't match the patterns are excluded from the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index.\n\nThe pattern is applied to the file name.", - "title": "InclusionPatterns", - "type": "array" - }, - "OneDriveUsers": { - "$ref": "#/definitions/AWS::Kendra::DataSource.OneDriveUsers", - "markdownDescription": "A list of user accounts whose documents should be indexed.", - "title": "OneDriveUsers" + "required": [ + "DestinationConfiguration" + ], + "type": "object" }, - "SecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that contains the user name and password to connect to OneDrive. The user name should be the application ID for the OneDrive application, and the password is the application key for the OneDrive application.", - "title": "SecretArn", + "Type": { + "enum": [ + "AWS::IVS::RecordingConfiguration" + ], "type": "string" }, - "TenantDomain": { - "markdownDescription": "The Azure Active Directory domain of the organization.", - "title": "TenantDomain", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "OneDriveUsers", - "SecretArn", - "TenantDomain" + "Type", + "Properties" ], "type": "object" }, - "AWS::Kendra::DataSource.OneDriveUsers": { + "AWS::IVS::RecordingConfiguration.DestinationConfiguration": { "additionalProperties": false, "properties": { - "OneDriveUserList": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of users whose documents should be indexed. Specify the user names in email format, for example, `username@tenantdomain` . If you need to index the documents of more than 10 users, use the `OneDriveUserS3Path` field to specify the location of a file containing a list of users.", - "title": "OneDriveUserList", - "type": "array" - }, - "OneDriveUserS3Path": { - "$ref": "#/definitions/AWS::Kendra::DataSource.S3Path", - "markdownDescription": "The S3 bucket location of a file containing a list of users whose documents should be indexed.", - "title": "OneDriveUserS3Path" + "S3": { + "$ref": "#/definitions/AWS::IVS::RecordingConfiguration.S3DestinationConfiguration", + "markdownDescription": "An S3 destination configuration where recorded videos will be stored. See the [S3DestinationConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-recordingconfiguration-s3destinationconfiguration.html) property type for more information.", + "title": "S3" } }, "type": "object" }, - "AWS::Kendra::DataSource.ProxyConfiguration": { + "AWS::IVS::RecordingConfiguration.RenditionConfiguration": { "additionalProperties": false, "properties": { - "Credentials": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret. You create a secret to store your credentials in [AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html)\n\nThe credentials are optional. You use a secret if web proxy credentials are required to connect to a website host. Amazon Kendra currently support basic authentication to connect to a web proxy server. The secret stores your credentials.", - "title": "Credentials", - "type": "string" - }, - "Host": { - "markdownDescription": "The name of the website host you want to connect to via a web proxy server.\n\nFor example, the host name of https://a.example.com/page1.html is \"a.example.com\".", - "title": "Host", + "RenditionSelection": { + "markdownDescription": "The set of renditions are recorded for a stream. For `BASIC` channels, the `CUSTOM` value has no effect. If `CUSTOM` is specified, a set of renditions can be specified in the `renditions` field. Default: `ALL` .", + "title": "RenditionSelection", "type": "string" }, - "Port": { - "markdownDescription": "The port number of the website host you want to connect to via a web proxy server.\n\nFor example, the port for https://a.example.com/page1.html is 443, the standard port for HTTPS.", - "title": "Port", - "type": "number" + "Renditions": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of which renditions are recorded for a stream, if `renditionSelection` is `CUSTOM` ; otherwise, this field is irrelevant. The selected renditions are recorded if they are available during the stream. If a selected rendition is unavailable, the best available rendition is recorded. For details on the resolution dimensions of each rendition, see [Auto-Record to Amazon S3](https://docs.aws.amazon.com//ivs/latest/LowLatencyUserGuide/record-to-s3.html) .", + "title": "Renditions", + "type": "array" } }, - "required": [ - "Host", - "Port" - ], "type": "object" }, - "AWS::Kendra::DataSource.S3DataSourceConfiguration": { + "AWS::IVS::RecordingConfiguration.S3DestinationConfiguration": { "additionalProperties": false, "properties": { - "AccessControlListConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.AccessControlListConfiguration", - "markdownDescription": "Provides the path to the S3 bucket that contains the user context filtering files for the data source. For the format of the file, see [Access control for S3 data sources](https://docs.aws.amazon.com/kendra/latest/dg/s3-acl.html) .", - "title": "AccessControlListConfiguration" - }, "BucketName": { - "markdownDescription": "The name of the bucket that contains the documents.", + "markdownDescription": "Location (S3 bucket name) where recorded videos will be stored.", "title": "BucketName", "type": "string" - }, - "DocumentsMetadataConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DocumentsMetadataConfiguration", - "markdownDescription": "Specifies document metadata files that contain information such as the document access control information, source URI, document author, and custom attributes. Each metadata file contains metadata about a single document.", - "title": "DocumentsMetadataConfiguration" - }, - "ExclusionPatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of glob patterns (patterns that can expand a wildcard pattern into a list of path names that match the given pattern) for certain file names and file types to exclude from your index. If a document matches both an inclusion and exclusion prefix or pattern, the exclusion prefix takes precendence and the document is not indexed. Examples of glob patterns include:\n\n- */myapp/config/** \u2014All files inside config directory.\n- ***/*.png* \u2014All .png files in all directories.\n- ***/*.{png, ico, md}* \u2014All .png, .ico or .md files in all directories.\n- */myapp/src/**/*.ts* \u2014All .ts files inside src directory (and all its subdirectories).\n- ***/!(*.module).ts* \u2014All .ts files but not .module.ts\n- **.png , *.jpg* \u2014All PNG and JPEG image files in a directory (files with the extensions .png and .jpg).\n- **internal** \u2014All files in a directory that contain 'internal' in the file name, such as 'internal', 'internal_only', 'company_internal'.\n- ***/*internal** \u2014All internal-related files in a directory and its subdirectories.\n\nFor more examples, see [Use of Exclude and Include Filters](https://docs.aws.amazon.com/cli/latest/reference/s3/#use-of-exclude-and-include-filters) in the AWS CLI Command Reference.", - "title": "ExclusionPatterns", - "type": "array" - }, - "InclusionPatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of glob patterns (patterns that can expand a wildcard pattern into a list of path names that match the given pattern) for certain file names and file types to include in your index. If a document matches both an inclusion and exclusion prefix or pattern, the exclusion prefix takes precendence and the document is not indexed. Examples of glob patterns include:\n\n- */myapp/config/** \u2014All files inside config directory.\n- ***/*.png* \u2014All .png files in all directories.\n- ***/*.{png, ico, md}* \u2014All .png, .ico or .md files in all directories.\n- */myapp/src/**/*.ts* \u2014All .ts files inside src directory (and all its subdirectories).\n- ***/!(*.module).ts* \u2014All .ts files but not .module.ts\n- **.png , *.jpg* \u2014All PNG and JPEG image files in a directory (files with the extensions .png and .jpg).\n- **internal** \u2014All files in a directory that contain 'internal' in the file name, such as 'internal', 'internal_only', 'company_internal'.\n- ***/*internal** \u2014All internal-related files in a directory and its subdirectories.\n\nFor more examples, see [Use of Exclude and Include Filters](https://docs.aws.amazon.com/cli/latest/reference/s3/#use-of-exclude-and-include-filters) in the AWS CLI Command Reference.", - "title": "InclusionPatterns", - "type": "array" - }, - "InclusionPrefixes": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of S3 prefixes for the documents that should be included in the index.", - "title": "InclusionPrefixes", - "type": "array" } }, "required": [ @@ -135386,707 +140726,446 @@ ], "type": "object" }, - "AWS::Kendra::DataSource.S3Path": { + "AWS::IVS::RecordingConfiguration.ThumbnailConfiguration": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The name of the S3 bucket that contains the file.", - "title": "Bucket", + "RecordingMode": { + "markdownDescription": "Thumbnail recording mode. Valid values:\n\n- `DISABLED` : Use DISABLED to disable the generation of thumbnails for recorded video.\n- `INTERVAL` : Use INTERVAL to enable the generation of thumbnails for recorded video at a time interval controlled by the [TargetIntervalSeconds](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-recordingconfiguration-thumbnailconfiguration.html#cfn-ivs-recordingconfiguration-thumbnailconfiguration-targetintervalseconds) property.\n\n*Default* : `INTERVAL`", + "title": "RecordingMode", "type": "string" }, - "Key": { - "markdownDescription": "The name of the file.", - "title": "Key", + "Resolution": { + "markdownDescription": "The desired resolution of recorded thumbnails for a stream. Thumbnails are recorded at the selected resolution if the corresponding rendition is available during the stream; otherwise, they are recorded at source resolution. For more information about resolution values and their corresponding height and width dimensions, see [Auto-Record to Amazon S3](https://docs.aws.amazon.com//ivs/latest/LowLatencyUserGuide/record-to-s3.html) .", + "title": "Resolution", "type": "string" + }, + "Storage": { + "items": { + "type": "string" + }, + "markdownDescription": "The format in which thumbnails are recorded for a stream. `SEQUENTIAL` records all generated thumbnails in a serial manner, to the media/thumbnails directory. `LATEST` saves the latest thumbnail in media/thumbnails/latest/thumb.jpg and overwrites it at the interval specified by `targetIntervalSeconds` . You can enable both `SEQUENTIAL` and `LATEST` . Default: `SEQUENTIAL` .", + "title": "Storage", + "type": "array" + }, + "TargetIntervalSeconds": { + "markdownDescription": "The targeted thumbnail-generation interval in seconds. This is configurable (and required) only if [RecordingMode](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-recordingconfiguration-thumbnailconfiguration.html#cfn-ivs-recordingconfiguration-thumbnailconfiguration-recordingmode) is `INTERVAL` .\n\n> Setting a value for `TargetIntervalSeconds` does not guarantee that thumbnails are generated at the specified interval. For thumbnails to be generated at the `TargetIntervalSeconds` interval, the `IDR/Keyframe` value for the input video must be less than the `TargetIntervalSeconds` value. See [Amazon IVS Streaming Configuration](https://docs.aws.amazon.com/ivs/latest/LowLatencyUserGuide/streaming-config.html) for information on setting `IDR/Keyframe` to the recommended value in video-encoder settings. \n\n*Default* : 60", + "title": "TargetIntervalSeconds", + "type": "number" } }, - "required": [ - "Bucket", - "Key" - ], "type": "object" }, - "AWS::Kendra::DataSource.SalesforceChatterFeedConfiguration": { + "AWS::IVS::Stage": { "additionalProperties": false, "properties": { - "DocumentDataFieldName": { - "markdownDescription": "The name of the column in the Salesforce FeedItem table that contains the content to index. Typically this is the `Body` column.", - "title": "DocumentDataFieldName", + "Condition": { "type": "string" }, - "DocumentTitleFieldName": { - "markdownDescription": "The name of the column in the Salesforce FeedItem table that contains the title of the document. This is typically the `Title` column.", - "title": "DocumentTitleFieldName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "FieldMappings": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" - }, - "markdownDescription": "Maps fields from a Salesforce chatter feed into Amazon Kendra index fields.", - "title": "FieldMappings", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "IncludeFilterTypes": { - "items": { - "type": "string" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AutoParticipantRecordingConfiguration": { + "$ref": "#/definitions/AWS::IVS::Stage.AutoParticipantRecordingConfiguration", + "markdownDescription": "", + "title": "AutoParticipantRecordingConfiguration" + }, + "Name": { + "markdownDescription": "Stage name.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-stage-tag.html) .", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "Filters the documents in the feed based on status of the user. When you specify `ACTIVE_USERS` only documents from users who have an active account are indexed. When you specify `STANDARD_USER` only documents for Salesforce standard users are documented. You can specify both.", - "title": "IncludeFilterTypes", - "type": "array" + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IVS::Stage" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "DocumentDataFieldName" + "Type" ], "type": "object" }, - "AWS::Kendra::DataSource.SalesforceConfiguration": { + "AWS::IVS::Stage.AutoParticipantRecordingConfiguration": { "additionalProperties": false, "properties": { - "ChatterFeedConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceChatterFeedConfiguration", - "markdownDescription": "Configuration information for Salesforce chatter feeds.", - "title": "ChatterFeedConfiguration" - }, - "CrawlAttachments": { - "markdownDescription": "Indicates whether Amazon Kendra should index attachments to Salesforce objects.", - "title": "CrawlAttachments", - "type": "boolean" - }, - "ExcludeAttachmentFilePatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of regular expression patterns to exclude certain documents in your Salesforce. Documents that match the patterns are excluded from the index. Documents that don't match the patterns are included in the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index.\n\nThe pattern is applied to the name of the attached file.", - "title": "ExcludeAttachmentFilePatterns", - "type": "array" - }, - "IncludeAttachmentFilePatterns": { + "MediaTypes": { "items": { "type": "string" }, - "markdownDescription": "A list of regular expression patterns to include certain documents in your Salesforce. Documents that match the patterns are included in the index. Documents that don't match the patterns are excluded from the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index.\n\nThe pattern is applied to the name of the attached file.", - "title": "IncludeAttachmentFilePatterns", + "markdownDescription": "Types of media to be recorded. Default: `AUDIO_VIDEO` .", + "title": "MediaTypes", "type": "array" }, - "KnowledgeArticleConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceKnowledgeArticleConfiguration", - "markdownDescription": "Configuration information for the knowledge article types that Amazon Kendra indexes. Amazon Kendra indexes standard knowledge articles and the standard fields of knowledge articles, or the custom fields of custom knowledge articles, but not both.", - "title": "KnowledgeArticleConfiguration" - }, - "SecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that contains the key/value pairs required to connect to your Salesforce instance. The secret must contain a JSON structure with the following keys:\n\n- authenticationUrl - The OAUTH endpoint that Amazon Kendra connects to get an OAUTH token.\n- consumerKey - The application public key generated when you created your Salesforce application.\n- consumerSecret - The application private key generated when you created your Salesforce application.\n- password - The password associated with the user logging in to the Salesforce instance.\n- securityToken - The token associated with the user logging in to the Salesforce instance.\n- username - The user name of the user logging in to the Salesforce instance.", - "title": "SecretArn", - "type": "string" - }, - "ServerUrl": { - "markdownDescription": "The instance URL for the Salesforce site that you want to index.", - "title": "ServerUrl", + "StorageConfigurationArn": { + "markdownDescription": "ARN of the StorageConfiguration resource to use for individual participant recording. Default: \"\" (empty string, no storage configuration is specified). Individual participant recording cannot be started unless a storage configuration is specified, when a Stage is created or updated.", + "title": "StorageConfigurationArn", "type": "string" - }, - "StandardObjectAttachmentConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceStandardObjectAttachmentConfiguration", - "markdownDescription": "Configuration information for processing attachments to Salesforce standard objects.", - "title": "StandardObjectAttachmentConfiguration" - }, - "StandardObjectConfigurations": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceStandardObjectConfiguration" - }, - "markdownDescription": "Configuration of the Salesforce standard objects that Amazon Kendra indexes.", - "title": "StandardObjectConfigurations", - "type": "array" } }, "required": [ - "SecretArn", - "ServerUrl" + "StorageConfigurationArn" ], "type": "object" }, - "AWS::Kendra::DataSource.SalesforceCustomKnowledgeArticleTypeConfiguration": { + "AWS::IVS::StorageConfiguration": { "additionalProperties": false, "properties": { - "DocumentDataFieldName": { - "markdownDescription": "The name of the field in the custom knowledge article that contains the document data to index.", - "title": "DocumentDataFieldName", + "Condition": { "type": "string" }, - "DocumentTitleFieldName": { - "markdownDescription": "The name of the field in the custom knowledge article that contains the document title.", - "title": "DocumentTitleFieldName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "FieldMappings": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "Storage cnfiguration name.", + "title": "Name", + "type": "string" + }, + "S3": { + "$ref": "#/definitions/AWS::IVS::StorageConfiguration.S3StorageConfiguration", + "markdownDescription": "An S3 storage configuration contains information about where recorded video will be stored. See the [S3StorageConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-storageconfiguration-s3storageconfiguration.html) property type for more information.", + "title": "S3" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-storageconfiguration-tag.html) .", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "Maps attributes or field names of the custom knowledge article to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Salesforce fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Salesforce data source field names must exist in your Salesforce custom metadata.", - "title": "FieldMappings", - "type": "array" + "required": [ + "S3" + ], + "type": "object" }, - "Name": { - "markdownDescription": "The name of the configuration.", - "title": "Name", + "Type": { + "enum": [ + "AWS::IVS::StorageConfiguration" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "DocumentDataFieldName", - "Name" + "Type", + "Properties" ], "type": "object" }, - "AWS::Kendra::DataSource.SalesforceKnowledgeArticleConfiguration": { + "AWS::IVS::StorageConfiguration.S3StorageConfiguration": { "additionalProperties": false, "properties": { - "CustomKnowledgeArticleTypeConfigurations": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceCustomKnowledgeArticleTypeConfiguration" - }, - "markdownDescription": "Configuration information for custom Salesforce knowledge articles.", - "title": "CustomKnowledgeArticleTypeConfigurations", - "type": "array" - }, - "IncludedStates": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the document states that should be included when Amazon Kendra indexes knowledge articles. You must specify at least one state.", - "title": "IncludedStates", - "type": "array" - }, - "StandardKnowledgeArticleTypeConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceStandardKnowledgeArticleTypeConfiguration", - "markdownDescription": "Configuration information for standard Salesforce knowledge articles.", - "title": "StandardKnowledgeArticleTypeConfiguration" + "BucketName": { + "markdownDescription": "Name of the S3 bucket where recorded video will be stored.", + "title": "BucketName", + "type": "string" } }, "required": [ - "IncludedStates" + "BucketName" ], "type": "object" }, - "AWS::Kendra::DataSource.SalesforceStandardKnowledgeArticleTypeConfiguration": { + "AWS::IVS::StreamKey": { "additionalProperties": false, "properties": { - "DocumentDataFieldName": { - "markdownDescription": "The name of the field that contains the document data to index.", - "title": "DocumentDataFieldName", + "Condition": { "type": "string" }, - "DocumentTitleFieldName": { - "markdownDescription": "The name of the field that contains the document title.", - "title": "DocumentTitleFieldName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "FieldMappings": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ChannelArn": { + "markdownDescription": "Channel ARN for the stream.", + "title": "ChannelArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-streamkey-tag.html) .", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "Maps attributes or field names of the knowledge article to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Salesforce fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Salesforce data source field names must exist in your Salesforce custom metadata.", - "title": "FieldMappings", - "type": "array" + "required": [ + "ChannelArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IVS::StreamKey" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "DocumentDataFieldName" + "Type", + "Properties" ], "type": "object" }, - "AWS::Kendra::DataSource.SalesforceStandardObjectAttachmentConfiguration": { + "AWS::IVSChat::LoggingConfiguration": { "additionalProperties": false, "properties": { - "DocumentTitleFieldName": { - "markdownDescription": "The name of the field used for the document title.", - "title": "DocumentTitleFieldName", + "Condition": { "type": "string" }, - "FieldMappings": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" - }, - "markdownDescription": "One or more objects that map fields in attachments to Amazon Kendra index fields.", - "title": "FieldMappings", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Kendra::DataSource.SalesforceStandardObjectConfiguration": { - "additionalProperties": false, - "properties": { - "DocumentDataFieldName": { - "markdownDescription": "The name of the field in the standard object table that contains the document contents.", - "title": "DocumentDataFieldName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "DocumentTitleFieldName": { - "markdownDescription": "The name of the field in the standard object table that contains the document title.", - "title": "DocumentTitleFieldName", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "FieldMappings": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DestinationConfiguration": { + "$ref": "#/definitions/AWS::IVSChat::LoggingConfiguration.DestinationConfiguration", + "markdownDescription": "The DestinationConfiguration is a complex type that contains information about where chat content will be logged.", + "title": "DestinationConfiguration" + }, + "Name": { + "markdownDescription": "Logging-configuration name. The value does not need to be unique.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivschat-loggingconfiguration-tag.html) .", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "Maps attributes or field names of the standard object to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Salesforce fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Salesforce data source field names must exist in your Salesforce custom metadata.", - "title": "FieldMappings", - "type": "array" + "required": [ + "DestinationConfiguration" + ], + "type": "object" }, - "Name": { - "markdownDescription": "The name of the standard object.", - "title": "Name", + "Type": { + "enum": [ + "AWS::IVSChat::LoggingConfiguration" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "DocumentDataFieldName", - "Name" + "Type", + "Properties" ], "type": "object" }, - "AWS::Kendra::DataSource.ServiceNowConfiguration": { + "AWS::IVSChat::LoggingConfiguration.CloudWatchLogsDestinationConfiguration": { "additionalProperties": false, "properties": { - "AuthenticationType": { - "markdownDescription": "The type of authentication used to connect to the ServiceNow instance. If you choose `HTTP_BASIC` , Amazon Kendra is authenticated using the user name and password provided in the AWS Secrets Manager secret in the `SecretArn` field. If you choose `OAUTH2` , Amazon Kendra is authenticated using the credentials of client ID, client secret, user name and password.\n\nWhen you use `OAUTH2` authentication, you must generate a token and a client secret using the ServiceNow console. For more information, see [Using a ServiceNow data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-servicenow.html) .", - "title": "AuthenticationType", - "type": "string" - }, - "HostUrl": { - "markdownDescription": "The ServiceNow instance that the data source connects to. The host endpoint should look like the following: *{instance}.service-now.com.*", - "title": "HostUrl", - "type": "string" - }, - "KnowledgeArticleConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ServiceNowKnowledgeArticleConfiguration", - "markdownDescription": "Configuration information for crawling knowledge articles in the ServiceNow site.", - "title": "KnowledgeArticleConfiguration" - }, - "SecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Secrets Manager secret that contains the user name and password required to connect to the ServiceNow instance. You can also provide OAuth authentication credentials of user name, password, client ID, and client secret. For more information, see [Using a ServiceNow data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-servicenow.html) .", - "title": "SecretArn", - "type": "string" - }, - "ServiceCatalogConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ServiceNowServiceCatalogConfiguration", - "markdownDescription": "Configuration information for crawling service catalogs in the ServiceNow site.", - "title": "ServiceCatalogConfiguration" - }, - "ServiceNowBuildVersion": { - "markdownDescription": "The identifier of the release that the ServiceNow host is running. If the host is not running the `LONDON` release, use `OTHERS` .", - "title": "ServiceNowBuildVersion", - "type": "string" - } - }, - "required": [ - "HostUrl", - "SecretArn", - "ServiceNowBuildVersion" - ], - "type": "object" - }, - "AWS::Kendra::DataSource.ServiceNowKnowledgeArticleConfiguration": { - "additionalProperties": false, - "properties": { - "CrawlAttachments": { - "markdownDescription": "`TRUE` to index attachments to knowledge articles.", - "title": "CrawlAttachments", - "type": "boolean" - }, - "DocumentDataFieldName": { - "markdownDescription": "The name of the ServiceNow field that is mapped to the index document contents field in the Amazon Kendra index.", - "title": "DocumentDataFieldName", - "type": "string" - }, - "DocumentTitleFieldName": { - "markdownDescription": "The name of the ServiceNow field that is mapped to the index document title field.", - "title": "DocumentTitleFieldName", - "type": "string" - }, - "ExcludeAttachmentFilePatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of regular expression patterns applied to exclude certain knowledge article attachments. Attachments that match the patterns are excluded from the index. Items that don't match the patterns are included in the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.", - "title": "ExcludeAttachmentFilePatterns", - "type": "array" - }, - "FieldMappings": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" - }, - "markdownDescription": "Maps attributes or field names of knoweldge articles to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to ServiceNow fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The ServiceNow data source field names must exist in your ServiceNow custom metadata.", - "title": "FieldMappings", - "type": "array" - }, - "FilterQuery": { - "markdownDescription": "A query that selects the knowledge articles to index. The query can return articles from multiple knowledge bases, and the knowledge bases can be public or private.\n\nThe query string must be one generated by the ServiceNow console. For more information, see [Specifying documents to index with a query](https://docs.aws.amazon.com/kendra/latest/dg/servicenow-query.html) .", - "title": "FilterQuery", - "type": "string" - }, - "IncludeAttachmentFilePatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of regular expression patterns applied to include knowledge article attachments. Attachments that match the patterns are included in the index. Items that don't match the patterns are excluded from the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.", - "title": "IncludeAttachmentFilePatterns", - "type": "array" - } - }, - "required": [ - "DocumentDataFieldName" - ], - "type": "object" - }, - "AWS::Kendra::DataSource.ServiceNowServiceCatalogConfiguration": { - "additionalProperties": false, - "properties": { - "CrawlAttachments": { - "markdownDescription": "`TRUE` to index attachments to service catalog items.", - "title": "CrawlAttachments", - "type": "boolean" - }, - "DocumentDataFieldName": { - "markdownDescription": "The name of the ServiceNow field that is mapped to the index document contents field in the Amazon Kendra index.", - "title": "DocumentDataFieldName", - "type": "string" - }, - "DocumentTitleFieldName": { - "markdownDescription": "The name of the ServiceNow field that is mapped to the index document title field.", - "title": "DocumentTitleFieldName", - "type": "string" - }, - "ExcludeAttachmentFilePatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of regular expression patterns to exclude certain attachments of catalogs in your ServiceNow. Item that match the patterns are excluded from the index. Items that don't match the patterns are included in the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.\n\nThe regex is applied to the file name of the attachment.", - "title": "ExcludeAttachmentFilePatterns", - "type": "array" - }, - "FieldMappings": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" - }, - "markdownDescription": "Maps attributes or field names of catalogs to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to ServiceNow fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The ServiceNow data source field names must exist in your ServiceNow custom metadata.", - "title": "FieldMappings", - "type": "array" - }, - "IncludeAttachmentFilePatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of regular expression patterns to include certain attachments of catalogs in your ServiceNow. Item that match the patterns are included in the index. Items that don't match the patterns are excluded from the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.\n\nThe regex is applied to the file name of the attachment.", - "title": "IncludeAttachmentFilePatterns", - "type": "array" - } - }, - "required": [ - "DocumentDataFieldName" - ], - "type": "object" - }, - "AWS::Kendra::DataSource.SharePointConfiguration": { - "additionalProperties": false, - "properties": { - "CrawlAttachments": { - "markdownDescription": "`TRUE` to index document attachments.", - "title": "CrawlAttachments", - "type": "boolean" - }, - "DisableLocalGroups": { - "markdownDescription": "`TRUE` to disable local groups information.", - "title": "DisableLocalGroups", - "type": "boolean" - }, - "DocumentTitleFieldName": { - "markdownDescription": "The Microsoft SharePoint attribute field that contains the title of the document.", - "title": "DocumentTitleFieldName", - "type": "string" - }, - "ExclusionPatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of regular expression patterns. Documents that match the patterns are excluded from the index. Documents that don't match the patterns are included in the index. If a document matches both an exclusion pattern and an inclusion pattern, the document is not included in the index.\n\nThe regex is applied to the display URL of the SharePoint document.", - "title": "ExclusionPatterns", - "type": "array" - }, - "FieldMappings": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" - }, - "markdownDescription": "A list of `DataSourceToIndexFieldMapping` objects that map Microsoft SharePoint attributes or fields to Amazon Kendra index fields. You must first create the index fields using the [UpdateIndex](https://docs.aws.amazon.com/kendra/latest/dg/API_UpdateIndex.html) operation before you map SharePoint attributes. For more information, see [Mapping Data Source Fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) .", - "title": "FieldMappings", - "type": "array" - }, - "InclusionPatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of regular expression patterns to include certain documents in your SharePoint. Documents that match the patterns are included in the index. Documents that don't match the patterns are excluded from the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index.\n\nThe regex applies to the display URL of the SharePoint document.", - "title": "InclusionPatterns", - "type": "array" - }, - "SecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that contains the user name and password required to connect to the SharePoint instance. For more information, see [Microsoft SharePoint](https://docs.aws.amazon.com/kendra/latest/dg/data-source-sharepoint.html) .", - "title": "SecretArn", - "type": "string" - }, - "SharePointVersion": { - "markdownDescription": "The version of Microsoft SharePoint that you use.", - "title": "SharePointVersion", - "type": "string" - }, - "SslCertificateS3Path": { - "$ref": "#/definitions/AWS::Kendra::DataSource.S3Path", - "markdownDescription": "Information required to find a specific file in an Amazon S3 bucket.", - "title": "SslCertificateS3Path" - }, - "Urls": { - "items": { - "type": "string" - }, - "markdownDescription": "The Microsoft SharePoint site URLs for the documents you want to index.", - "title": "Urls", - "type": "array" - }, - "UseChangeLog": { - "markdownDescription": "`TRUE` to use the SharePoint change log to determine which documents require updating in the index. Depending on the change log's size, it may take longer for Amazon Kendra to use the change log than to scan all of your documents in SharePoint.", - "title": "UseChangeLog", - "type": "boolean" - }, - "VpcConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceVpcConfiguration", - "markdownDescription": "Provides information for connecting to an Amazon VPC.", - "title": "VpcConfiguration" - } - }, - "required": [ - "SecretArn", - "SharePointVersion", - "Urls" - ], - "type": "object" - }, - "AWS::Kendra::DataSource.SqlConfiguration": { - "additionalProperties": false, - "properties": { - "QueryIdentifiersEnclosingOption": { - "markdownDescription": "Determines whether Amazon Kendra encloses SQL identifiers for tables and column names in double quotes (\") when making a database query. You can set the value to `DOUBLE_QUOTES` or `NONE` .\n\nBy default, Amazon Kendra passes SQL identifiers the way that they are entered into the data source configuration. It does not change the case of identifiers or enclose them in quotes.\n\nPostgreSQL internally converts uppercase characters to lower case characters in identifiers unless they are quoted. Choosing this option encloses identifiers in quotes so that PostgreSQL does not convert the character's case.\n\nFor MySQL databases, you must enable the ansi_quotes option when you set this field to `DOUBLE_QUOTES` .", - "title": "QueryIdentifiersEnclosingOption", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Kendra::DataSource.WebCrawlerAuthenticationConfiguration": { - "additionalProperties": false, - "properties": { - "BasicAuthentication": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.WebCrawlerBasicAuthentication" - }, - "markdownDescription": "The list of configuration information that's required to connect to and crawl a website host using basic authentication credentials.\n\nThe list includes the name and port number of the website host.", - "title": "BasicAuthentication", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Kendra::DataSource.WebCrawlerBasicAuthentication": { - "additionalProperties": false, - "properties": { - "Credentials": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret. You create a secret to store your credentials in [AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html)\n\nYou use a secret if basic authentication credentials are required to connect to a website. The secret stores your credentials of user name and password.", - "title": "Credentials", - "type": "string" - }, - "Host": { - "markdownDescription": "The name of the website host you want to connect to using authentication credentials.\n\nFor example, the host name of https://a.example.com/page1.html is \"a.example.com\".", - "title": "Host", + "LogGroupName": { + "markdownDescription": "Name of the Amazon Cloudwatch Logs destination where chat activity will be logged.", + "title": "LogGroupName", "type": "string" - }, - "Port": { - "markdownDescription": "The port number of the website host you want to connect to using authentication credentials.\n\nFor example, the port for https://a.example.com/page1.html is 443, the standard port for HTTPS.", - "title": "Port", - "type": "number" } }, "required": [ - "Credentials", - "Host", - "Port" + "LogGroupName" ], "type": "object" }, - "AWS::Kendra::DataSource.WebCrawlerConfiguration": { + "AWS::IVSChat::LoggingConfiguration.DestinationConfiguration": { "additionalProperties": false, "properties": { - "AuthenticationConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.WebCrawlerAuthenticationConfiguration", - "markdownDescription": "Configuration information required to connect to websites using authentication.\n\nYou can connect to websites using basic authentication of user name and password. You use a secret in [AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html) to store your authentication credentials.\n\nYou must provide the website host name and port number. For example, the host name of https://a.example.com/page1.html is \"a.example.com\" and the port is 443, the standard port for HTTPS.", - "title": "AuthenticationConfiguration" - }, - "CrawlDepth": { - "markdownDescription": "The 'depth' or number of levels from the seed level to crawl. For example, the seed URL page is depth 1 and any hyperlinks on this page that are also crawled are depth 2.", - "title": "CrawlDepth", - "type": "number" - }, - "MaxContentSizePerPageInMegaBytes": { - "markdownDescription": "The maximum size (in MB) of a web page or attachment to crawl.\n\nFiles larger than this size (in MB) are skipped/not crawled.\n\nThe default maximum size of a web page or attachment is set to 50 MB.", - "title": "MaxContentSizePerPageInMegaBytes", - "type": "number" - }, - "MaxLinksPerPage": { - "markdownDescription": "The maximum number of URLs on a web page to include when crawling a website. This number is per web page.\n\nAs a website\u2019s web pages are crawled, any URLs the web pages link to are also crawled. URLs on a web page are crawled in order of appearance.\n\nThe default maximum links per page is 100.", - "title": "MaxLinksPerPage", - "type": "number" - }, - "MaxUrlsPerMinuteCrawlRate": { - "markdownDescription": "The maximum number of URLs crawled per website host per minute.\n\nA minimum of one URL is required.\n\nThe default maximum number of URLs crawled per website host per minute is 300.", - "title": "MaxUrlsPerMinuteCrawlRate", - "type": "number" - }, - "ProxyConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ProxyConfiguration", - "markdownDescription": "Configuration information required to connect to your internal websites via a web proxy.\n\nYou must provide the website host name and port number. For example, the host name of https://a.example.com/page1.html is \"a.example.com\" and the port is 443, the standard port for HTTPS.\n\nWeb proxy credentials are optional and you can use them to connect to a web proxy server that requires basic authentication. To store web proxy credentials, you use a secret in [AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html) .", - "title": "ProxyConfiguration" - }, - "UrlExclusionPatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of regular expression patterns to exclude certain URLs to crawl. URLs that match the patterns are excluded from the index. URLs that don't match the patterns are included in the index. If a URL matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the URL file isn't included in the index.", - "title": "UrlExclusionPatterns", - "type": "array" + "CloudWatchLogs": { + "$ref": "#/definitions/AWS::IVSChat::LoggingConfiguration.CloudWatchLogsDestinationConfiguration", + "markdownDescription": "An Amazon CloudWatch Logs destination configuration where chat activity will be logged.", + "title": "CloudWatchLogs" }, - "UrlInclusionPatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of regular expression patterns to include certain URLs to crawl. URLs that match the patterns are included in the index. URLs that don't match the patterns are excluded from the index. If a URL matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the URL file isn't included in the index.", - "title": "UrlInclusionPatterns", - "type": "array" + "Firehose": { + "$ref": "#/definitions/AWS::IVSChat::LoggingConfiguration.FirehoseDestinationConfiguration", + "markdownDescription": "An Amazon Kinesis Data Firehose destination configuration where chat activity will be logged.", + "title": "Firehose" }, - "Urls": { - "$ref": "#/definitions/AWS::Kendra::DataSource.WebCrawlerUrls", - "markdownDescription": "Specifies the seed or starting point URLs of the websites or the sitemap URLs of the websites you want to crawl.\n\nYou can include website subdomains. You can list up to 100 seed URLs and up to three sitemap URLs.\n\nYou can only crawl websites that use the secure communication protocol, Hypertext Transfer Protocol Secure (HTTPS). If you receive an error when crawling a website, it could be that the website is blocked from crawling.\n\n*When selecting websites to index, you must adhere to the [Amazon Acceptable Use Policy](https://docs.aws.amazon.com/aup/) and all other Amazon terms. Remember that you must only use Amazon Kendra Web Crawler to index your own webpages, or webpages that you have authorization to index.*", - "title": "Urls" + "S3": { + "$ref": "#/definitions/AWS::IVSChat::LoggingConfiguration.S3DestinationConfiguration", + "markdownDescription": "An Amazon S3 destination configuration where chat activity will be logged.", + "title": "S3" } }, - "required": [ - "Urls" - ], "type": "object" }, - "AWS::Kendra::DataSource.WebCrawlerSeedUrlConfiguration": { + "AWS::IVSChat::LoggingConfiguration.FirehoseDestinationConfiguration": { "additionalProperties": false, "properties": { - "SeedUrls": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of seed or starting point URLs of the websites you want to crawl.\n\nThe list can include a maximum of 100 seed URLs.", - "title": "SeedUrls", - "type": "array" - }, - "WebCrawlerMode": { - "markdownDescription": "You can choose one of the following modes:\n\n- `HOST_ONLY` \u2014crawl only the website host names. For example, if the seed URL is \"abc.example.com\", then only URLs with host name \"abc.example.com\" are crawled.\n- `SUBDOMAINS` \u2014crawl the website host names with subdomains. For example, if the seed URL is \"abc.example.com\", then \"a.abc.example.com\" and \"b.abc.example.com\" are also crawled.\n- `EVERYTHING` \u2014crawl the website host names with subdomains and other domains that the web pages link to.\n\nThe default mode is set to `HOST_ONLY` .", - "title": "WebCrawlerMode", + "DeliveryStreamName": { + "markdownDescription": "Name of the Amazon Kinesis Firehose delivery stream where chat activity will be logged.", + "title": "DeliveryStreamName", "type": "string" } }, "required": [ - "SeedUrls" - ], - "type": "object" - }, - "AWS::Kendra::DataSource.WebCrawlerSiteMapsConfiguration": { - "additionalProperties": false, - "properties": { - "SiteMaps": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of sitemap URLs of the websites you want to crawl.\n\nThe list can include a maximum of three sitemap URLs.", - "title": "SiteMaps", - "type": "array" - } - }, - "required": [ - "SiteMaps" + "DeliveryStreamName" ], "type": "object" }, - "AWS::Kendra::DataSource.WebCrawlerUrls": { - "additionalProperties": false, - "properties": { - "SeedUrlConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.WebCrawlerSeedUrlConfiguration", - "markdownDescription": "Configuration of the seed or starting point URLs of the websites you want to crawl.\n\nYou can choose to crawl only the website host names, or the website host names with subdomains, or the website host names with subdomains and other domains that the web pages link to.\n\nYou can list up to 100 seed URLs.", - "title": "SeedUrlConfiguration" - }, - "SiteMapsConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.WebCrawlerSiteMapsConfiguration", - "markdownDescription": "Configuration of the sitemap URLs of the websites you want to crawl.\n\nOnly URLs belonging to the same website host names are crawled. You can list up to three sitemap URLs.", - "title": "SiteMapsConfiguration" - } - }, - "type": "object" - }, - "AWS::Kendra::DataSource.WorkDocsConfiguration": { + "AWS::IVSChat::LoggingConfiguration.S3DestinationConfiguration": { "additionalProperties": false, "properties": { - "CrawlComments": { - "markdownDescription": "`TRUE` to include comments on documents in your index. Including comments in your index means each comment is a document that can be searched on.\n\nThe default is set to `FALSE` .", - "title": "CrawlComments", - "type": "boolean" - }, - "ExclusionPatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of regular expression patterns to exclude certain files in your Amazon WorkDocs site repository. Files that match the patterns are excluded from the index. Files that don\u2019t match the patterns are included in the index. If a file matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the file isn't included in the index.", - "title": "ExclusionPatterns", - "type": "array" - }, - "FieldMappings": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" - }, - "markdownDescription": "A list of `DataSourceToIndexFieldMapping` objects that map Amazon WorkDocs data source attributes or field names to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Amazon WorkDocs fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Amazon WorkDocs data source field names must exist in your Amazon WorkDocs custom metadata.", - "title": "FieldMappings", - "type": "array" - }, - "InclusionPatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of regular expression patterns to include certain files in your Amazon WorkDocs site repository. Files that match the patterns are included in the index. Files that don't match the patterns are excluded from the index. If a file matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the file isn't included in the index.", - "title": "InclusionPatterns", - "type": "array" - }, - "OrganizationId": { - "markdownDescription": "The identifier of the directory corresponding to your Amazon WorkDocs site repository.\n\nYou can find the organization ID in the [AWS Directory Service](https://docs.aws.amazon.com/directoryservicev2/) by going to *Active Directory* , then *Directories* . Your Amazon WorkDocs site directory has an ID, which is the organization ID. You can also set up a new Amazon WorkDocs directory in the AWS Directory Service console and enable a Amazon WorkDocs site for the directory in the Amazon WorkDocs console.", - "title": "OrganizationId", + "BucketName": { + "markdownDescription": "Name of the Amazon S3 bucket where chat activity will be logged.", + "title": "BucketName", "type": "string" - }, - "UseChangeLog": { - "markdownDescription": "`TRUE` to use the Amazon WorkDocs change log to determine which documents require updating in the index. Depending on the change log's size, it may take longer for Amazon Kendra to use the change log than to scan all of your documents in Amazon WorkDocs.", - "title": "UseChangeLog", - "type": "boolean" } }, "required": [ - "OrganizationId" + "BucketName" ], "type": "object" }, - "AWS::Kendra::Faq": { + "AWS::IVSChat::Room": { "additionalProperties": false, "properties": { "Condition": { @@ -136121,61 +141200,48 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description for the FAQ.", - "title": "Description", - "type": "string" + "LoggingConfigurationIdentifiers": { + "items": { + "type": "string" + }, + "markdownDescription": "List of logging-configuration identifiers attached to the room.", + "title": "LoggingConfigurationIdentifiers", + "type": "array" }, - "FileFormat": { - "markdownDescription": "The format of the input file. You can choose between a basic CSV format, a CSV format that includes customs attributes in a header, and a JSON format that includes custom attributes.\n\nThe format must match the format of the file stored in the S3 bucket identified in the S3Path parameter.\n\nValid values are:\n\n- `CSV`\n- `CSV_WITH_HEADER`\n- `JSON`", - "title": "FileFormat", - "type": "string" + "MaximumMessageLength": { + "markdownDescription": "Maximum number of characters in a single message. Messages are expected to be UTF-8 encoded and this limit applies specifically to rune/code-point count, not number of bytes.", + "title": "MaximumMessageLength", + "type": "number" }, - "IndexId": { - "markdownDescription": "The identifier of the index that contains the FAQ.", - "title": "IndexId", - "type": "string" + "MaximumMessageRatePerSecond": { + "markdownDescription": "Maximum number of messages per second that can be sent to the room (by all clients).", + "title": "MaximumMessageRatePerSecond", + "type": "number" }, - "LanguageCode": { - "markdownDescription": "The code for a language. This shows a supported language for the FAQ document as part of the summary information for FAQs. English is supported by default. For more information on supported languages, including their codes, see [Adding documents in languages other than English](https://docs.aws.amazon.com/kendra/latest/dg/in-adding-languages.html) .", - "title": "LanguageCode", - "type": "string" + "MessageReviewHandler": { + "$ref": "#/definitions/AWS::IVSChat::Room.MessageReviewHandler", + "markdownDescription": "Configuration information for optional review of messages.", + "title": "MessageReviewHandler" }, "Name": { - "markdownDescription": "The name that you assigned the FAQ when you created or updated the FAQ.", + "markdownDescription": "Room name. The value does not need to be unique.", "title": "Name", "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of a role with permission to access the S3 bucket that contains the FAQ.", - "title": "RoleArn", - "type": "string" - }, - "S3Path": { - "$ref": "#/definitions/AWS::Kendra::Faq.S3Path", - "markdownDescription": "The Amazon Simple Storage Service (Amazon S3) location of the FAQ input data.", - "title": "S3Path" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivschat-room-tag.html) .", "title": "Tags", "type": "array" } }, - "required": [ - "IndexId", - "Name", - "RoleArn", - "S3Path" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Kendra::Faq" + "AWS::IVSChat::Room" ], "type": "string" }, @@ -136189,32 +141255,27 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Kendra::Faq.S3Path": { + "AWS::IVSChat::Room.MessageReviewHandler": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The name of the S3 bucket that contains the file.", - "title": "Bucket", + "FallbackResult": { + "markdownDescription": "Specifies the fallback behavior (whether the message is allowed or denied) if the handler does not return a valid response, encounters an error, or times out. (For the timeout period, see [Service Quotas](https://docs.aws.amazon.com/ivs/latest/userguide/service-quotas.html) .) If allowed, the message is delivered with returned content to all users connected to the room. If denied, the message is not delivered to any user.\n\n*Default* : `ALLOW`", + "title": "FallbackResult", "type": "string" }, - "Key": { - "markdownDescription": "The name of the file.", - "title": "Key", + "Uri": { + "markdownDescription": "Identifier of the message review handler. Currently this must be an ARN of a lambda function.", + "title": "Uri", "type": "string" } }, - "required": [ - "Bucket", - "Key" - ], "type": "object" }, - "AWS::Kendra::Index": { + "AWS::IdentityStore::Group": { "additionalProperties": false, "properties": { "Condition": { @@ -136249,76 +141310,31 @@ "Properties": { "additionalProperties": false, "properties": { - "CapacityUnits": { - "$ref": "#/definitions/AWS::Kendra::Index.CapacityUnitsConfiguration", - "markdownDescription": "Specifies additional capacity units configured for your Enterprise Edition index. You can add and remove capacity units to fit your usage requirements.", - "title": "CapacityUnits" - }, "Description": { - "markdownDescription": "A description for the index.", + "markdownDescription": "A string containing the description of the group.", "title": "Description", "type": "string" }, - "DocumentMetadataConfigurations": { - "items": { - "$ref": "#/definitions/AWS::Kendra::Index.DocumentMetadataConfiguration" - }, - "markdownDescription": "Specifies the properties of an index field. You can add either a custom or a built-in field. You can add and remove built-in fields at any time. When a built-in field is removed it's configuration reverts to the default for the field. Custom fields can't be removed from an index after they are added.", - "title": "DocumentMetadataConfigurations", - "type": "array" - }, - "Edition": { - "markdownDescription": "Indicates whether the index is a Enterprise Edition index, a Developer Edition index, or a GenAI Enterprise Edition index.", - "title": "Edition", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the index.", - "title": "Name", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "An IAM role that gives Amazon Kendra permissions to access your Amazon CloudWatch logs and metrics. This is also the role used when you use the [BatchPutDocument](https://docs.aws.amazon.com/kendra/latest/dg/BatchPutDocument.html) operation to index documents from an Amazon S3 bucket.", - "title": "RoleArn", + "DisplayName": { + "markdownDescription": "The display name value for the group. The length limit is 1,024 characters. This value can consist of letters, accented characters, symbols, numbers, punctuation, tab, new line, carriage return, space, and nonbreaking space in this attribute. This value is specified at the time the group is created and stored as an attribute of the group object in the identity store.\n\nPrefix search supports a maximum of 1,000 characters for the string.", + "title": "DisplayName", "type": "string" }, - "ServerSideEncryptionConfiguration": { - "$ref": "#/definitions/AWS::Kendra::Index.ServerSideEncryptionConfiguration", - "markdownDescription": "The identifier of the AWS KMS customer managed key (CMK) to use to encrypt data indexed by Amazon Kendra. Amazon Kendra doesn't support asymmetric CMKs.", - "title": "ServerSideEncryptionConfiguration" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - }, - "UserContextPolicy": { - "markdownDescription": "The user context policy.\n\nATTRIBUTE_FILTER\n\n- All indexed content is searchable and displayable for all users. If you want to filter search results on user context, you can use the attribute filters of `_user_id` and `_group_ids` or you can provide user and group information in `UserContext` .\n\nUSER_TOKEN\n\n- Enables token-based user access control to filter search results on user context. All documents with no access control and all documents accessible to the user will be searchable and displayable.", - "title": "UserContextPolicy", + "IdentityStoreId": { + "markdownDescription": "The globally unique identifier for the identity store.", + "title": "IdentityStoreId", "type": "string" - }, - "UserTokenConfigurations": { - "items": { - "$ref": "#/definitions/AWS::Kendra::Index.UserTokenConfiguration" - }, - "markdownDescription": "Defines the type of user token used for the index.", - "title": "UserTokenConfigurations", - "type": "array" } }, "required": [ - "Edition", - "Name", - "RoleArn" + "DisplayName", + "IdentityStoreId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Kendra::Index" + "AWS::IdentityStore::Group" ], "type": "string" }, @@ -136337,224 +141353,7 @@ ], "type": "object" }, - "AWS::Kendra::Index.CapacityUnitsConfiguration": { - "additionalProperties": false, - "properties": { - "QueryCapacityUnits": { - "markdownDescription": "The amount of extra query capacity for an index and [GetQuerySuggestions](https://docs.aws.amazon.com/kendra/latest/dg/API_GetQuerySuggestions.html) capacity.\n\nA single extra capacity unit for an index provides 0.1 queries per second or approximately 8,000 queries per day. You can add up to 100 extra capacity units.\n\n`GetQuerySuggestions` capacity is five times the provisioned query capacity for an index, or the base capacity of 2.5 calls per second, whichever is higher. For example, the base capacity for an index is 0.1 queries per second, and `GetQuerySuggestions` capacity has a base of 2.5 calls per second. If you add another 0.1 queries per second to total 0.2 queries per second for an index, the `GetQuerySuggestions` capacity is 2.5 calls per second (higher than five times 0.2 queries per second).", - "title": "QueryCapacityUnits", - "type": "number" - }, - "StorageCapacityUnits": { - "markdownDescription": "The amount of extra storage capacity for an index. A single capacity unit provides 30 GB of storage space or 100,000 documents, whichever is reached first. You can add up to 100 extra capacity units.", - "title": "StorageCapacityUnits", - "type": "number" - } - }, - "required": [ - "QueryCapacityUnits", - "StorageCapacityUnits" - ], - "type": "object" - }, - "AWS::Kendra::Index.DocumentMetadataConfiguration": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the index field.", - "title": "Name", - "type": "string" - }, - "Relevance": { - "$ref": "#/definitions/AWS::Kendra::Index.Relevance", - "markdownDescription": "Provides tuning parameters to determine how the field affects the search results.", - "title": "Relevance" - }, - "Search": { - "$ref": "#/definitions/AWS::Kendra::Index.Search", - "markdownDescription": "Provides information about how the field is used during a search.", - "title": "Search" - }, - "Type": { - "markdownDescription": "The data type of the index field.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Name", - "Type" - ], - "type": "object" - }, - "AWS::Kendra::Index.JsonTokenTypeConfiguration": { - "additionalProperties": false, - "properties": { - "GroupAttributeField": { - "markdownDescription": "The group attribute field.", - "title": "GroupAttributeField", - "type": "string" - }, - "UserNameAttributeField": { - "markdownDescription": "The user name attribute field.", - "title": "UserNameAttributeField", - "type": "string" - } - }, - "required": [ - "GroupAttributeField", - "UserNameAttributeField" - ], - "type": "object" - }, - "AWS::Kendra::Index.JwtTokenTypeConfiguration": { - "additionalProperties": false, - "properties": { - "ClaimRegex": { - "markdownDescription": "The regular expression that identifies the claim.", - "title": "ClaimRegex", - "type": "string" - }, - "GroupAttributeField": { - "markdownDescription": "The group attribute field.", - "title": "GroupAttributeField", - "type": "string" - }, - "Issuer": { - "markdownDescription": "The issuer of the token.", - "title": "Issuer", - "type": "string" - }, - "KeyLocation": { - "markdownDescription": "The location of the key.", - "title": "KeyLocation", - "type": "string" - }, - "SecretManagerArn": { - "markdownDescription": "The Amazon Resource Name (arn) of the secret.", - "title": "SecretManagerArn", - "type": "string" - }, - "URL": { - "markdownDescription": "The signing key URL.", - "title": "URL", - "type": "string" - }, - "UserNameAttributeField": { - "markdownDescription": "The user name attribute field.", - "title": "UserNameAttributeField", - "type": "string" - } - }, - "required": [ - "KeyLocation" - ], - "type": "object" - }, - "AWS::Kendra::Index.Relevance": { - "additionalProperties": false, - "properties": { - "Duration": { - "markdownDescription": "Specifies the time period that the boost applies to. For example, to make the boost apply to documents with the field value within the last month, you would use \"2628000s\". Once the field value is beyond the specified range, the effect of the boost drops off. The higher the importance, the faster the effect drops off. If you don't specify a value, the default is 3 months. The value of the field is a numeric string followed by the character \"s\", for example \"86400s\" for one day, or \"604800s\" for one week.\n\nOnly applies to `DATE` fields.", - "title": "Duration", - "type": "string" - }, - "Freshness": { - "markdownDescription": "Indicates that this field determines how \"fresh\" a document is. For example, if document 1 was created on November 5, and document 2 was created on October 31, document 1 is \"fresher\" than document 2. Only applies to `DATE` fields.", - "title": "Freshness", - "type": "boolean" - }, - "Importance": { - "markdownDescription": "The relative importance of the field in the search. Larger numbers provide more of a boost than smaller numbers.", - "title": "Importance", - "type": "number" - }, - "RankOrder": { - "markdownDescription": "Determines how values should be interpreted.\n\nWhen the `RankOrder` field is `ASCENDING` , higher numbers are better. For example, a document with a rating score of 10 is higher ranking than a document with a rating score of 1.\n\nWhen the `RankOrder` field is `DESCENDING` , lower numbers are better. For example, in a task tracking application, a priority 1 task is more important than a priority 5 task.\n\nOnly applies to `LONG` fields.", - "title": "RankOrder", - "type": "string" - }, - "ValueImportanceItems": { - "items": { - "$ref": "#/definitions/AWS::Kendra::Index.ValueImportanceItem" - }, - "markdownDescription": "An array of key-value pairs for different boosts when they appear in the search result list. For example, if you want to boost query terms that match the \"department\" field in the result, query terms that match this field are boosted in the result. You can add entries from the department field to boost documents with those values higher.\n\nFor example, you can add entries to the map with names of departments. If you add \"HR\", 5 and \"Legal\",3 those departments are given special attention when they appear in the metadata of a document.", - "title": "ValueImportanceItems", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Kendra::Index.Search": { - "additionalProperties": false, - "properties": { - "Displayable": { - "markdownDescription": "Determines whether the field is returned in the query response. The default is `true` .", - "title": "Displayable", - "type": "boolean" - }, - "Facetable": { - "markdownDescription": "Indicates that the field can be used to create search facets, a count of results for each value in the field. The default is `false` .", - "title": "Facetable", - "type": "boolean" - }, - "Searchable": { - "markdownDescription": "Determines whether the field is used in the search. If the `Searchable` field is `true` , you can use relevance tuning to manually tune how Amazon Kendra weights the field in the search. The default is `true` for string fields and `false` for number and date fields.", - "title": "Searchable", - "type": "boolean" - }, - "Sortable": { - "markdownDescription": "Determines whether the field can be used to sort the results of a query. The default is `false` .", - "title": "Sortable", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::Kendra::Index.ServerSideEncryptionConfiguration": { - "additionalProperties": false, - "properties": { - "KmsKeyId": { - "markdownDescription": "The identifier of the AWS KMS key . Amazon Kendra doesn't support asymmetric keys.", - "title": "KmsKeyId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Kendra::Index.UserTokenConfiguration": { - "additionalProperties": false, - "properties": { - "JsonTokenTypeConfiguration": { - "$ref": "#/definitions/AWS::Kendra::Index.JsonTokenTypeConfiguration", - "markdownDescription": "Information about the JSON token type configuration.", - "title": "JsonTokenTypeConfiguration" - }, - "JwtTokenTypeConfiguration": { - "$ref": "#/definitions/AWS::Kendra::Index.JwtTokenTypeConfiguration", - "markdownDescription": "Information about the JWT token type configuration.", - "title": "JwtTokenTypeConfiguration" - } - }, - "type": "object" - }, - "AWS::Kendra::Index.ValueImportanceItem": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "The document metadata value used for the search boost.", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "The boost value for a document when the key is part of the metadata of a document.", - "title": "Value", - "type": "number" - } - }, - "type": "object" - }, - "AWS::KendraRanking::ExecutionPlan": { + "AWS::IdentityStore::GroupMembership": { "additionalProperties": false, "properties": { "Condition": { @@ -136589,38 +141388,32 @@ "Properties": { "additionalProperties": false, "properties": { - "CapacityUnits": { - "$ref": "#/definitions/AWS::KendraRanking::ExecutionPlan.CapacityUnitsConfiguration", - "markdownDescription": "You can set additional capacity units to meet the needs of your rescore execution plan. You are given a single capacity unit by default. If you want to use the default capacity, you don't set additional capacity units. For more information on the default capacity and additional capacity units, see [Adjusting capacity](https://docs.aws.amazon.com/kendra/latest/dg/adjusting-capacity.html) .", - "title": "CapacityUnits" - }, - "Description": { - "markdownDescription": "A description for the rescore execution plan.", - "title": "Description", + "GroupId": { + "markdownDescription": "The identifier for a group in the identity store.", + "title": "GroupId", "type": "string" }, - "Name": { - "markdownDescription": "A name for the rescore execution plan.", - "title": "Name", + "IdentityStoreId": { + "markdownDescription": "The globally unique identifier for the identity store.", + "title": "IdentityStoreId", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of key-value pairs that identify or categorize your rescore execution plan. You can also use tags to help control access to the rescore execution plan. Tag keys and values can consist of Unicode letters, digits, white space. They can also consist of underscore, period, colon, equal, plus, and asperand.", - "title": "Tags", - "type": "array" + "MemberId": { + "$ref": "#/definitions/AWS::IdentityStore::GroupMembership.MemberId", + "markdownDescription": "An object containing the identifier of a group member. Setting the `MemberId` 's `UserId` field to a specific User's ID indicates that user is a member of the group.", + "title": "MemberId" } }, "required": [ - "Name" + "GroupId", + "IdentityStoreId", + "MemberId" ], "type": "object" }, "Type": { "enum": [ - "AWS::KendraRanking::ExecutionPlan" + "AWS::IdentityStore::GroupMembership" ], "type": "string" }, @@ -136639,21 +141432,21 @@ ], "type": "object" }, - "AWS::KendraRanking::ExecutionPlan.CapacityUnitsConfiguration": { + "AWS::IdentityStore::GroupMembership.MemberId": { "additionalProperties": false, "properties": { - "RescoreCapacityUnits": { - "markdownDescription": "The amount of extra capacity for your rescore execution plan.\n\nA single extra capacity unit for a rescore execution plan provides 0.01 rescore requests per second. You can add up to 1000 extra capacity units.", - "title": "RescoreCapacityUnits", - "type": "number" + "UserId": { + "markdownDescription": "An object containing the identifiers of resources that can be members.", + "title": "UserId", + "type": "string" } }, "required": [ - "RescoreCapacityUnits" + "UserId" ], "type": "object" }, - "AWS::Kinesis::Stream": { + "AWS::ImageBuilder::Component": { "additionalProperties": false, "properties": { "Condition": { @@ -136688,151 +141481,76 @@ "Properties": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the Kinesis stream. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the stream name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nIf you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "Name", + "ChangeDescription": { + "markdownDescription": "The change description of the component. Describes what change has been made in this version, or what makes this version different from other versions of the component.", + "title": "ChangeDescription", "type": "string" }, - "RetentionPeriodHours": { - "markdownDescription": "The number of hours for the data records that are stored in shards to remain accessible. The default value is 24. For more information about the stream retention period, see [Changing the Data Retention Period](https://docs.aws.amazon.com/streams/latest/dev/kinesis-extended-retention.html) in the Amazon Kinesis Developer Guide.", - "title": "RetentionPeriodHours", - "type": "number" + "Data": { + "markdownDescription": "Component `data` contains inline YAML document content for the component. Alternatively, you can specify the `uri` of a YAML document file stored in Amazon S3. However, you cannot specify both properties.", + "title": "Data", + "type": "string" }, - "ShardCount": { - "markdownDescription": "The number of shards that the stream uses. For greater provisioned throughput, increase the number of shards.", - "title": "ShardCount", - "type": "number" + "Description": { + "markdownDescription": "Describes the contents of the component.", + "title": "Description", + "type": "string" }, - "StreamEncryption": { - "$ref": "#/definitions/AWS::Kinesis::Stream.StreamEncryption", - "markdownDescription": "When specified, enables or updates server-side encryption using an AWS KMS key for a specified stream. Removing this property from your stack template and updating your stack disables encryption.", - "title": "StreamEncryption" + "KmsKeyId": { + "markdownDescription": "The ID of the KMS key that is used to encrypt this component.", + "title": "KmsKeyId", + "type": "string" }, - "StreamModeDetails": { - "$ref": "#/definitions/AWS::Kinesis::Stream.StreamModeDetails", - "markdownDescription": "Specifies the capacity mode to which you want to set your data stream. Currently, in Kinesis Data Streams, you can choose between an *on-demand* capacity mode and a *provisioned* capacity mode for your data streams.", - "title": "StreamModeDetails" + "Name": { + "markdownDescription": "The name of the component.", + "title": "Name", + "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An arbitrary set of tags (key\u2013value pairs) to associate with the Kinesis stream. For information about constraints for this property, see [Tag Restrictions](https://docs.aws.amazon.com/streams/latest/dev/tagging.html#tagging-restrictions) in the *Amazon Kinesis Developer Guide* .", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Kinesis::Stream" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::Kinesis::Stream.StreamEncryption": { - "additionalProperties": false, - "properties": { - "EncryptionType": { - "markdownDescription": "The encryption type to use. The only valid value is `KMS` .", - "title": "EncryptionType", - "type": "string" - }, - "KeyId": { - "markdownDescription": "The GUID for the customer-managed AWS KMS key to use for encryption. This value can be a globally unique identifier, a fully specified Amazon Resource Name (ARN) to either an alias or a key, or an alias name prefixed by \"alias/\".You can also use a master key owned by Kinesis Data Streams by specifying the alias `aws/kinesis` .\n\n- Key ARN example: `arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012`\n- Alias ARN example: `arn:aws:kms:us-east-1:123456789012:alias/MyAliasName`\n- Globally unique key ID example: `12345678-1234-1234-1234-123456789012`\n- Alias name example: `alias/MyAliasName`\n- Master key owned by Kinesis Data Streams: `alias/aws/kinesis`", - "title": "KeyId", - "type": "string" - } - }, - "required": [ - "EncryptionType", - "KeyId" - ], - "type": "object" - }, - "AWS::Kinesis::Stream.StreamModeDetails": { - "additionalProperties": false, - "properties": { - "StreamMode": { - "markdownDescription": "Specifies the capacity mode to which you want to set your data stream. Currently, in Kinesis Data Streams, you can choose between an *on-demand* capacity mode and a *provisioned* capacity mode for your data streams.", - "title": "StreamMode", - "type": "string" - } - }, - "required": [ - "StreamMode" - ], - "type": "object" - }, - "AWS::Kinesis::StreamConsumer": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + "Platform": { + "markdownDescription": "The operating system platform of the component.", + "title": "Platform", "type": "string" }, - { + "SupportedOsVersions": { "items": { - "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, + "markdownDescription": "The operating system (OS) version supported by the component. If the OS information is available, a prefix match is performed against the base image OS version during image recipe creation.", + "title": "SupportedOsVersions", "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ConsumerName": { - "markdownDescription": "The name of the consumer is something you choose when you register the consumer.", - "title": "ConsumerName", + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The tags that apply to the component.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "Uri": { + "markdownDescription": "The `uri` of a YAML component document file. This must be an S3 URL ( `s3://bucket/key` ), and the requester must have permission to access the S3 bucket it points to. If you use Amazon S3, you can specify component content up to your service quota.\n\nAlternatively, you can specify the YAML document inline, using the component `data` property. You cannot specify both properties.", + "title": "Uri", "type": "string" }, - "StreamARN": { - "markdownDescription": "The ARN of the stream with which you registered the consumer.", - "title": "StreamARN", + "Version": { + "markdownDescription": "The component version. For example, `1.0.0` .", + "title": "Version", "type": "string" } }, "required": [ - "ConsumerName", - "StreamARN" + "Name", + "Platform", + "Version" ], "type": "object" }, "Type": { "enum": [ - "AWS::Kinesis::StreamConsumer" + "AWS::ImageBuilder::Component" ], "type": "string" }, @@ -136851,7 +141569,7 @@ ], "type": "object" }, - "AWS::KinesisAnalytics::Application": { + "AWS::ImageBuilder::ContainerRecipe": { "additionalProperties": false, "properties": { "Condition": { @@ -136886,38 +141604,104 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationCode": { - "markdownDescription": "One or more SQL statements that read input data, transform it, and generate output. For example, you can write a SQL statement that reads data from one in-application stream, generates a running average of the number of advertisement clicks by vendor, and insert resulting rows in another in-application stream using pumps. For more information about the typical pattern, see [Application Code](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/how-it-works-app-code.html) .\n\nYou can provide such series of SQL statements, where output of one statement can be used as the input for the next statement. You store intermediate results by creating in-application streams and pumps.\n\nNote that the application code must create the streams with names specified in the `Outputs` . For example, if your `Outputs` defines output streams named `ExampleOutputStream1` and `ExampleOutputStream2` , then your application code must create these streams.", - "title": "ApplicationCode", - "type": "string" - }, - "ApplicationDescription": { - "markdownDescription": "Summary description of the application.", - "title": "ApplicationDescription", - "type": "string" + "Components": { + "items": { + "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe.ComponentConfiguration" + }, + "markdownDescription": "Build and test components that are included in the container recipe. Recipes require a minimum of one build component, and can have a maximum of 20 build and test components in any combination.", + "title": "Components", + "type": "array" }, - "ApplicationName": { - "markdownDescription": "Name of your Amazon Kinesis Analytics application (for example, `sample-app` ).", - "title": "ApplicationName", + "ContainerType": { + "markdownDescription": "Specifies the type of container, such as Docker.", + "title": "ContainerType", "type": "string" }, - "Inputs": { - "items": { - "$ref": "#/definitions/AWS::KinesisAnalytics::Application.Input" + "Description": { + "markdownDescription": "The description of the container recipe.", + "title": "Description", + "type": "string" + }, + "DockerfileTemplateData": { + "markdownDescription": "Dockerfiles are text documents that are used to build Docker containers, and ensure that they contain all of the elements required by the application running inside. The template data consists of contextual variables where Image Builder places build information or scripts, based on your container image recipe.", + "title": "DockerfileTemplateData", + "type": "string" + }, + "DockerfileTemplateUri": { + "markdownDescription": "The S3 URI for the Dockerfile that will be used to build your container image.", + "title": "DockerfileTemplateUri", + "type": "string" + }, + "ImageOsVersionOverride": { + "markdownDescription": "Specifies the operating system version for the base image.", + "title": "ImageOsVersionOverride", + "type": "string" + }, + "InstanceConfiguration": { + "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe.InstanceConfiguration", + "markdownDescription": "A group of options that can be used to configure an instance for building and testing container images.", + "title": "InstanceConfiguration" + }, + "KmsKeyId": { + "markdownDescription": "Identifies which KMS key is used to encrypt the container image for distribution to the target Region.", + "title": "KmsKeyId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the container recipe.", + "title": "Name", + "type": "string" + }, + "ParentImage": { + "markdownDescription": "The base image for customizations specified in the container recipe. This can contain an Image Builder image resource ARN or a container image URI, for example `amazonlinux:latest` .", + "title": "ParentImage", + "type": "string" + }, + "PlatformOverride": { + "markdownDescription": "Specifies the operating system platform when you use a custom base image.", + "title": "PlatformOverride", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Tags that are attached to the container recipe.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "Use this parameter to configure the application input.\n\nYou can configure your application to receive input from a single streaming source. In this configuration, you map this streaming source to an in-application stream that is created. Your application code can then query the in-application stream like a table (you can think of it as a constantly updating table).\n\nFor the streaming source, you provide its Amazon Resource Name (ARN) and format of data on the stream (for example, JSON, CSV, etc.). You also must provide an IAM role that Amazon Kinesis Analytics can assume to read this stream on your behalf.\n\nTo create the in-application stream, you need to specify a schema to transform your data into a schematized version used in SQL. In the schema, you provide the necessary mapping of the data elements in the streaming source to record columns in the in-app stream.", - "title": "Inputs", - "type": "array" + "title": "Tags", + "type": "object" + }, + "TargetRepository": { + "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe.TargetContainerRepository", + "markdownDescription": "The destination repository for the container image.", + "title": "TargetRepository" + }, + "Version": { + "markdownDescription": "The semantic version of the container recipe.\n\n> The semantic version has four nodes: ../. You can assign values for the first three, and can filter on all of them.\n> \n> *Assignment:* For the first three nodes you can assign any positive integer value, including zero, with an upper limit of 2^30-1, or 1073741823 for each node. Image Builder automatically assigns the build number to the fourth node.\n> \n> *Patterns:* You can use any numeric pattern that adheres to the assignment requirements for the nodes that you can assign. For example, you might choose a software version pattern, such as 1.0.0, or a date, such as 2021.01.01.\n> \n> *Filtering:* With semantic versioning, you have the flexibility to use wildcards (x) to specify the most recent versions or nodes when selecting the base image or components for your recipe. When you use a wildcard in any node, all nodes to the right of the first wildcard must also be wildcards.", + "title": "Version", + "type": "string" + }, + "WorkingDirectory": { + "markdownDescription": "The working directory for use during build and test workflows.", + "title": "WorkingDirectory", + "type": "string" } }, "required": [ - "Inputs" + "Components", + "ContainerType", + "Name", + "ParentImage", + "TargetRepository", + "Version" ], "type": "object" }, "Type": { "enum": [ - "AWS::KinesisAnalytics::Application" + "AWS::ImageBuilder::ContainerRecipe" ], "type": "string" }, @@ -136936,251 +141720,156 @@ ], "type": "object" }, - "AWS::KinesisAnalytics::Application.CSVMappingParameters": { + "AWS::ImageBuilder::ContainerRecipe.ComponentConfiguration": { "additionalProperties": false, "properties": { - "RecordColumnDelimiter": { - "markdownDescription": "Column delimiter. For example, in a CSV format, a comma (\",\") is the typical column delimiter.", - "title": "RecordColumnDelimiter", - "type": "string" - }, - "RecordRowDelimiter": { - "markdownDescription": "Row delimiter. For example, in a CSV format, *'\\n'* is the typical row delimiter.", - "title": "RecordRowDelimiter", + "ComponentArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the component.", + "title": "ComponentArn", "type": "string" - } - }, - "required": [ - "RecordColumnDelimiter", - "RecordRowDelimiter" - ], - "type": "object" - }, - "AWS::KinesisAnalytics::Application.Input": { - "additionalProperties": false, - "properties": { - "InputParallelism": { - "$ref": "#/definitions/AWS::KinesisAnalytics::Application.InputParallelism", - "markdownDescription": "Describes the number of in-application streams to create.\n\nData from your source is routed to these in-application input streams.\n\nSee [Configuring Application Input](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/how-it-works-input.html) .", - "title": "InputParallelism" - }, - "InputProcessingConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalytics::Application.InputProcessingConfiguration", - "markdownDescription": "The [InputProcessingConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisanalytics-application-inputprocessingconfiguration.html) for the input. An input processor transforms records as they are received from the stream, before the application's SQL code executes. Currently, the only input processing configuration available is [InputLambdaProcessor](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisanalytics-application-inputlambdaprocessor.html) .", - "title": "InputProcessingConfiguration" - }, - "InputSchema": { - "$ref": "#/definitions/AWS::KinesisAnalytics::Application.InputSchema", - "markdownDescription": "Describes the format of the data in the streaming source, and how each data element maps to corresponding columns in the in-application stream that is being created.\n\nAlso used to describe the format of the reference data source.", - "title": "InputSchema" - }, - "KinesisFirehoseInput": { - "$ref": "#/definitions/AWS::KinesisAnalytics::Application.KinesisFirehoseInput", - "markdownDescription": "If the streaming source is an Amazon Kinesis Firehose delivery stream, identifies the delivery stream's ARN and an IAM role that enables Amazon Kinesis Analytics to access the stream on your behalf.\n\nNote: Either `KinesisStreamsInput` or `KinesisFirehoseInput` is required.", - "title": "KinesisFirehoseInput" - }, - "KinesisStreamsInput": { - "$ref": "#/definitions/AWS::KinesisAnalytics::Application.KinesisStreamsInput", - "markdownDescription": "If the streaming source is an Amazon Kinesis stream, identifies the stream's Amazon Resource Name (ARN) and an IAM role that enables Amazon Kinesis Analytics to access the stream on your behalf.\n\nNote: Either `KinesisStreamsInput` or `KinesisFirehoseInput` is required.", - "title": "KinesisStreamsInput" }, - "NamePrefix": { - "markdownDescription": "Name prefix to use when creating an in-application stream. Suppose that you specify a prefix \"MyInApplicationStream.\" Amazon Kinesis Analytics then creates one or more (as per the `InputParallelism` count you specified) in-application streams with names \"MyInApplicationStream_001,\" \"MyInApplicationStream_002,\" and so on.", - "title": "NamePrefix", - "type": "string" + "Parameters": { + "items": { + "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe.ComponentParameter" + }, + "markdownDescription": "A group of parameter settings that Image Builder uses to configure the component for a specific recipe.", + "title": "Parameters", + "type": "array" } }, - "required": [ - "InputSchema", - "NamePrefix" - ], "type": "object" }, - "AWS::KinesisAnalytics::Application.InputLambdaProcessor": { + "AWS::ImageBuilder::ContainerRecipe.ComponentParameter": { "additionalProperties": false, "properties": { - "ResourceARN": { - "markdownDescription": "The ARN of the [AWS Lambda](https://docs.aws.amazon.com/lambda/) function that operates on records in the stream.\n\n> To specify an earlier version of the Lambda function than the latest, include the Lambda function version in the Lambda function ARN. For more information about Lambda ARNs, see [Example ARNs: AWS Lambda](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-lambda)", - "title": "ResourceARN", + "Name": { + "markdownDescription": "The name of the component parameter to set.", + "title": "Name", "type": "string" }, - "RoleARN": { - "markdownDescription": "The ARN of the IAM role that is used to access the AWS Lambda function.", - "title": "RoleARN", - "type": "string" - } - }, - "required": [ - "ResourceARN", - "RoleARN" - ], - "type": "object" - }, - "AWS::KinesisAnalytics::Application.InputParallelism": { - "additionalProperties": false, - "properties": { - "Count": { - "markdownDescription": "Number of in-application streams to create. For more information, see [Limits](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/limits.html) .", - "title": "Count", - "type": "number" - } - }, - "type": "object" - }, - "AWS::KinesisAnalytics::Application.InputProcessingConfiguration": { - "additionalProperties": false, - "properties": { - "InputLambdaProcessor": { - "$ref": "#/definitions/AWS::KinesisAnalytics::Application.InputLambdaProcessor", - "markdownDescription": "The [InputLambdaProcessor](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisanalytics-application-inputlambdaprocessor.html) that is used to preprocess the records in the stream before being processed by your application code.", - "title": "InputLambdaProcessor" - } - }, - "type": "object" - }, - "AWS::KinesisAnalytics::Application.InputSchema": { - "additionalProperties": false, - "properties": { - "RecordColumns": { + "Value": { "items": { - "$ref": "#/definitions/AWS::KinesisAnalytics::Application.RecordColumn" + "type": "string" }, - "markdownDescription": "A list of `RecordColumn` objects.", - "title": "RecordColumns", + "markdownDescription": "Sets the value for the named component parameter.", + "title": "Value", "type": "array" - }, - "RecordEncoding": { - "markdownDescription": "Specifies the encoding of the records in the streaming source. For example, UTF-8.", - "title": "RecordEncoding", - "type": "string" - }, - "RecordFormat": { - "$ref": "#/definitions/AWS::KinesisAnalytics::Application.RecordFormat", - "markdownDescription": "Specifies the format of the records on the streaming source.", - "title": "RecordFormat" } }, "required": [ - "RecordColumns", - "RecordFormat" + "Name", + "Value" ], "type": "object" }, - "AWS::KinesisAnalytics::Application.JSONMappingParameters": { + "AWS::ImageBuilder::ContainerRecipe.EbsInstanceBlockDeviceSpecification": { "additionalProperties": false, "properties": { - "RecordRowPath": { - "markdownDescription": "Path to the top-level parent that contains the records.", - "title": "RecordRowPath", + "DeleteOnTermination": { + "markdownDescription": "Use to configure delete on termination of the associated device.", + "title": "DeleteOnTermination", + "type": "boolean" + }, + "Encrypted": { + "markdownDescription": "Use to configure device encryption.", + "title": "Encrypted", + "type": "boolean" + }, + "Iops": { + "markdownDescription": "Use to configure device IOPS.", + "title": "Iops", + "type": "number" + }, + "KmsKeyId": { + "markdownDescription": "Use to configure the KMS key to use when encrypting the device.", + "title": "KmsKeyId", "type": "string" - } - }, - "required": [ - "RecordRowPath" - ], - "type": "object" - }, - "AWS::KinesisAnalytics::Application.KinesisFirehoseInput": { - "additionalProperties": false, - "properties": { - "ResourceARN": { - "markdownDescription": "ARN of the input delivery stream.", - "title": "ResourceARN", + }, + "SnapshotId": { + "markdownDescription": "The snapshot that defines the device contents.", + "title": "SnapshotId", "type": "string" }, - "RoleARN": { - "markdownDescription": "ARN of the IAM role that Amazon Kinesis Analytics can assume to access the stream on your behalf. You need to make sure that the role has the necessary permissions to access the stream.", - "title": "RoleARN", + "Throughput": { + "markdownDescription": "*For GP3 volumes only* \u2013 The throughput in MiB/s that the volume supports.", + "title": "Throughput", + "type": "number" + }, + "VolumeSize": { + "markdownDescription": "Use to override the device's volume size.", + "title": "VolumeSize", + "type": "number" + }, + "VolumeType": { + "markdownDescription": "Use to override the device's volume type.", + "title": "VolumeType", "type": "string" } }, - "required": [ - "ResourceARN", - "RoleARN" - ], "type": "object" }, - "AWS::KinesisAnalytics::Application.KinesisStreamsInput": { + "AWS::ImageBuilder::ContainerRecipe.InstanceBlockDeviceMapping": { "additionalProperties": false, "properties": { - "ResourceARN": { - "markdownDescription": "ARN of the input Amazon Kinesis stream to read.", - "title": "ResourceARN", + "DeviceName": { + "markdownDescription": "The device to which these mappings apply.", + "title": "DeviceName", "type": "string" }, - "RoleARN": { - "markdownDescription": "ARN of the IAM role that Amazon Kinesis Analytics can assume to access the stream on your behalf. You need to grant the necessary permissions to this role.", - "title": "RoleARN", + "Ebs": { + "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe.EbsInstanceBlockDeviceSpecification", + "markdownDescription": "Use to manage Amazon EBS-specific configuration for this mapping.", + "title": "Ebs" + }, + "NoDevice": { + "markdownDescription": "Use to remove a mapping from the base image.", + "title": "NoDevice", "type": "string" - } - }, - "required": [ - "ResourceARN", - "RoleARN" - ], - "type": "object" - }, - "AWS::KinesisAnalytics::Application.MappingParameters": { - "additionalProperties": false, - "properties": { - "CSVMappingParameters": { - "$ref": "#/definitions/AWS::KinesisAnalytics::Application.CSVMappingParameters", - "markdownDescription": "Provides additional mapping information when the record format uses delimiters (for example, CSV).", - "title": "CSVMappingParameters" }, - "JSONMappingParameters": { - "$ref": "#/definitions/AWS::KinesisAnalytics::Application.JSONMappingParameters", - "markdownDescription": "Provides additional mapping information when JSON is the record format on the streaming source.", - "title": "JSONMappingParameters" + "VirtualName": { + "markdownDescription": "Use to manage instance ephemeral devices.", + "title": "VirtualName", + "type": "string" } }, "type": "object" }, - "AWS::KinesisAnalytics::Application.RecordColumn": { + "AWS::ImageBuilder::ContainerRecipe.InstanceConfiguration": { "additionalProperties": false, "properties": { - "Mapping": { - "markdownDescription": "Reference to the data element in the streaming input or the reference data source. This element is required if the [RecordFormatType](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/API_RecordFormat.html#analytics-Type-RecordFormat-RecordFormatTypel) is `JSON` .", - "title": "Mapping", - "type": "string" - }, - "Name": { - "markdownDescription": "Name of the column created in the in-application input stream or reference table.", - "title": "Name", - "type": "string" + "BlockDeviceMappings": { + "items": { + "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe.InstanceBlockDeviceMapping" + }, + "markdownDescription": "Defines the block devices to attach for building an instance from this Image Builder AMI.", + "title": "BlockDeviceMappings", + "type": "array" }, - "SqlType": { - "markdownDescription": "Type of column created in the in-application input stream or reference table.", - "title": "SqlType", + "Image": { + "markdownDescription": "The base image for a container build and test instance. This can contain an AMI ID or it can specify an AWS Systems Manager (SSM) Parameter Store Parameter, prefixed by `ssm:` , followed by the parameter name or ARN.\n\nIf not specified, Image Builder uses the appropriate ECS-optimized AMI as a base image.", + "title": "Image", "type": "string" } }, - "required": [ - "Name", - "SqlType" - ], "type": "object" }, - "AWS::KinesisAnalytics::Application.RecordFormat": { + "AWS::ImageBuilder::ContainerRecipe.TargetContainerRepository": { "additionalProperties": false, "properties": { - "MappingParameters": { - "$ref": "#/definitions/AWS::KinesisAnalytics::Application.MappingParameters", - "markdownDescription": "When configuring application input at the time of creating or updating an application, provides additional mapping information specific to the record format (such as JSON, CSV, or record fields delimited by some delimiter) on the streaming source.", - "title": "MappingParameters" + "RepositoryName": { + "markdownDescription": "The name of the container repository where the output container image is stored. This name is prefixed by the repository location. For example, `/repository_name` .", + "title": "RepositoryName", + "type": "string" }, - "RecordFormatType": { - "markdownDescription": "The type of record format.", - "title": "RecordFormatType", + "Service": { + "markdownDescription": "Specifies the service in which this image was registered.", + "title": "Service", "type": "string" } }, - "required": [ - "RecordFormatType" - ], "type": "object" }, - "AWS::KinesisAnalytics::ApplicationOutput": { + "AWS::ImageBuilder::DistributionConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -137215,26 +141904,45 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationName": { - "markdownDescription": "Name of the application to which you want to add the output configuration.", - "title": "ApplicationName", + "Description": { + "markdownDescription": "The description of this distribution configuration.", + "title": "Description", "type": "string" }, - "Output": { - "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationOutput.Output", - "markdownDescription": "An array of objects, each describing one output configuration. In the output configuration, you specify the name of an in-application stream, a destination (that is, an Amazon Kinesis stream, an Amazon Kinesis Firehose delivery stream, or an AWS Lambda function), and record the formation to use when writing to the destination.", - "title": "Output" + "Distributions": { + "items": { + "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.Distribution" + }, + "markdownDescription": "The distributions of this distribution configuration formatted as an array of Distribution objects.", + "title": "Distributions", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of this distribution configuration.", + "title": "Name", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The tags of this distribution configuration.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" } }, "required": [ - "ApplicationName", - "Output" + "Distributions", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::KinesisAnalytics::ApplicationOutput" + "AWS::ImageBuilder::DistributionConfiguration" ], "type": "string" }, @@ -137253,112 +141961,294 @@ ], "type": "object" }, - "AWS::KinesisAnalytics::ApplicationOutput.DestinationSchema": { + "AWS::ImageBuilder::DistributionConfiguration.AmiDistributionConfiguration": { "additionalProperties": false, "properties": { - "RecordFormatType": { - "markdownDescription": "Specifies the format of the records on the output stream.", - "title": "RecordFormatType", + "AmiTags": { + "additionalProperties": true, + "markdownDescription": "The tags to apply to AMIs distributed to this Region.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AmiTags", + "type": "object" + }, + "Description": { + "markdownDescription": "The description of the AMI distribution configuration. Minimum and maximum length are in characters.", + "title": "Description", + "type": "string" + }, + "KmsKeyId": { + "markdownDescription": "The KMS key identifier used to encrypt the distributed image.", + "title": "KmsKeyId", + "type": "string" + }, + "LaunchPermissionConfiguration": { + "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.LaunchPermissionConfiguration", + "markdownDescription": "Launch permissions can be used to configure which AWS account s can use the AMI to launch instances.", + "title": "LaunchPermissionConfiguration" + }, + "Name": { + "markdownDescription": "The name of the output AMI.", + "title": "Name", "type": "string" + }, + "TargetAccountIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The ID of an account to which you want to distribute an image.", + "title": "TargetAccountIds", + "type": "array" } }, "type": "object" }, - "AWS::KinesisAnalytics::ApplicationOutput.KinesisFirehoseOutput": { + "AWS::ImageBuilder::DistributionConfiguration.ContainerDistributionConfiguration": { "additionalProperties": false, "properties": { - "ResourceARN": { - "markdownDescription": "ARN of the destination Amazon Kinesis Firehose delivery stream to write to.", - "title": "ResourceARN", + "ContainerTags": { + "items": { + "type": "string" + }, + "markdownDescription": "Tags that are attached to the container distribution configuration.", + "title": "ContainerTags", + "type": "array" + }, + "Description": { + "markdownDescription": "The description of the container distribution configuration.", + "title": "Description", "type": "string" }, - "RoleARN": { - "markdownDescription": "ARN of the IAM role that Amazon Kinesis Analytics can assume to write to the destination stream on your behalf. You need to grant the necessary permissions to this role.", - "title": "RoleARN", + "TargetRepository": { + "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.TargetContainerRepository", + "markdownDescription": "The destination repository for the container distribution configuration.", + "title": "TargetRepository" + } + }, + "type": "object" + }, + "AWS::ImageBuilder::DistributionConfiguration.Distribution": { + "additionalProperties": false, + "properties": { + "AmiDistributionConfiguration": { + "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.AmiDistributionConfiguration", + "markdownDescription": "The specific AMI settings, such as launch permissions and AMI tags. For details, see example schema below.", + "title": "AmiDistributionConfiguration" + }, + "ContainerDistributionConfiguration": { + "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.ContainerDistributionConfiguration", + "markdownDescription": "Container distribution settings for encryption, licensing, and sharing in a specific Region. For details, see example schema below.", + "title": "ContainerDistributionConfiguration" + }, + "FastLaunchConfigurations": { + "items": { + "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.FastLaunchConfiguration" + }, + "markdownDescription": "The Windows faster-launching configurations to use for AMI distribution.", + "title": "FastLaunchConfigurations", + "type": "array" + }, + "LaunchTemplateConfigurations": { + "items": { + "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.LaunchTemplateConfiguration" + }, + "markdownDescription": "A group of launchTemplateConfiguration settings that apply to image distribution for specified accounts.", + "title": "LaunchTemplateConfigurations", + "type": "array" + }, + "LicenseConfigurationArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The License Manager Configuration to associate with the AMI in the specified Region. For more information, see the [LicenseConfiguration API](https://docs.aws.amazon.com/license-manager/latest/APIReference/API_LicenseConfiguration.html) .", + "title": "LicenseConfigurationArns", + "type": "array" + }, + "Region": { + "markdownDescription": "The target Region for the Distribution Configuration. For example, `eu-west-1` .", + "title": "Region", "type": "string" + }, + "SsmParameterConfigurations": { + "items": { + "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.SsmParameterConfiguration" + }, + "markdownDescription": "Contains settings to update AWS Systems Manager (SSM) Parameter Store Parameters with output AMI IDs from the build by target Region.", + "title": "SsmParameterConfigurations", + "type": "array" } }, "required": [ - "ResourceARN", - "RoleARN" + "Region" ], "type": "object" }, - "AWS::KinesisAnalytics::ApplicationOutput.KinesisStreamsOutput": { + "AWS::ImageBuilder::DistributionConfiguration.FastLaunchConfiguration": { "additionalProperties": false, "properties": { - "ResourceARN": { - "markdownDescription": "ARN of the destination Amazon Kinesis stream to write to.", - "title": "ResourceARN", + "AccountId": { + "markdownDescription": "The owner account ID for the fast-launch enabled Windows AMI.", + "title": "AccountId", "type": "string" }, - "RoleARN": { - "markdownDescription": "ARN of the IAM role that Amazon Kinesis Analytics can assume to write to the destination stream on your behalf. You need to grant the necessary permissions to this role.", - "title": "RoleARN", - "type": "string" + "Enabled": { + "markdownDescription": "A Boolean that represents the current state of faster launching for the Windows AMI. Set to `true` to start using Windows faster launching, or `false` to stop using it.", + "title": "Enabled", + "type": "boolean" + }, + "LaunchTemplate": { + "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.FastLaunchLaunchTemplateSpecification", + "markdownDescription": "The launch template that the fast-launch enabled Windows AMI uses when it launches Windows instances to create pre-provisioned snapshots.", + "title": "LaunchTemplate" + }, + "MaxParallelLaunches": { + "markdownDescription": "The maximum number of parallel instances that are launched for creating resources.", + "title": "MaxParallelLaunches", + "type": "number" + }, + "SnapshotConfiguration": { + "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.FastLaunchSnapshotConfiguration", + "markdownDescription": "Configuration settings for managing the number of snapshots that are created from pre-provisioned instances for the Windows AMI when faster launching is enabled.", + "title": "SnapshotConfiguration" } }, - "required": [ - "ResourceARN", - "RoleARN" - ], "type": "object" }, - "AWS::KinesisAnalytics::ApplicationOutput.LambdaOutput": { + "AWS::ImageBuilder::DistributionConfiguration.FastLaunchLaunchTemplateSpecification": { "additionalProperties": false, "properties": { - "ResourceARN": { - "markdownDescription": "Amazon Resource Name (ARN) of the destination Lambda function to write to.\n\n> To specify an earlier version of the Lambda function than the latest, include the Lambda function version in the Lambda function ARN. For more information about Lambda ARNs, see [Example ARNs: AWS Lambda](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-lambda)", - "title": "ResourceARN", + "LaunchTemplateId": { + "markdownDescription": "The ID of the launch template to use for faster launching for a Windows AMI.", + "title": "LaunchTemplateId", "type": "string" }, - "RoleARN": { - "markdownDescription": "ARN of the IAM role that Amazon Kinesis Analytics can assume to write to the destination function on your behalf. You need to grant the necessary permissions to this role.", - "title": "RoleARN", + "LaunchTemplateName": { + "markdownDescription": "The name of the launch template to use for faster launching for a Windows AMI.", + "title": "LaunchTemplateName", + "type": "string" + }, + "LaunchTemplateVersion": { + "markdownDescription": "The version of the launch template to use for faster launching for a Windows AMI.", + "title": "LaunchTemplateVersion", "type": "string" } }, - "required": [ - "ResourceARN", - "RoleARN" - ], "type": "object" }, - "AWS::KinesisAnalytics::ApplicationOutput.Output": { + "AWS::ImageBuilder::DistributionConfiguration.FastLaunchSnapshotConfiguration": { "additionalProperties": false, "properties": { - "DestinationSchema": { - "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationOutput.DestinationSchema", - "markdownDescription": "Describes the data format when records are written to the destination. For more information, see [Configuring Application Output](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/how-it-works-output.html) .", - "title": "DestinationSchema" + "TargetResourceCount": { + "markdownDescription": "The number of pre-provisioned snapshots to keep on hand for a fast-launch enabled Windows AMI.", + "title": "TargetResourceCount", + "type": "number" + } + }, + "type": "object" + }, + "AWS::ImageBuilder::DistributionConfiguration.LaunchPermissionConfiguration": { + "additionalProperties": false, + "properties": { + "OrganizationArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The ARN for an AWS Organization that you want to share your AMI with. For more information, see [What is AWS Organizations ?](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_introduction.html) .", + "title": "OrganizationArns", + "type": "array" }, - "KinesisFirehoseOutput": { - "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationOutput.KinesisFirehoseOutput", - "markdownDescription": "Identifies an Amazon Kinesis Firehose delivery stream as the destination.", - "title": "KinesisFirehoseOutput" + "OrganizationalUnitArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The ARN for an AWS Organizations organizational unit (OU) that you want to share your AMI with. For more information about key concepts for AWS Organizations , see [AWS Organizations terminology and concepts](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html) .", + "title": "OrganizationalUnitArns", + "type": "array" }, - "KinesisStreamsOutput": { - "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationOutput.KinesisStreamsOutput", - "markdownDescription": "Identifies an Amazon Kinesis stream as the destination.", - "title": "KinesisStreamsOutput" + "UserGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The name of the group.", + "title": "UserGroups", + "type": "array" }, - "LambdaOutput": { - "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationOutput.LambdaOutput", - "markdownDescription": "Identifies an AWS Lambda function as the destination.", - "title": "LambdaOutput" + "UserIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The AWS account ID.", + "title": "UserIds", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ImageBuilder::DistributionConfiguration.LaunchTemplateConfiguration": { + "additionalProperties": false, + "properties": { + "AccountId": { + "markdownDescription": "The account ID that this configuration applies to.", + "title": "AccountId", + "type": "string" }, - "Name": { - "markdownDescription": "Name of the in-application stream.", - "title": "Name", + "LaunchTemplateId": { + "markdownDescription": "Identifies the Amazon EC2 launch template to use.", + "title": "LaunchTemplateId", + "type": "string" + }, + "SetDefaultVersion": { + "markdownDescription": "Set the specified Amazon EC2 launch template as the default launch template for the specified account.", + "title": "SetDefaultVersion", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::ImageBuilder::DistributionConfiguration.SsmParameterConfiguration": { + "additionalProperties": false, + "properties": { + "AmiAccountId": { + "markdownDescription": "Specify the account that will own the Parameter in a given Region. During distribution, this account must be specified in distribution settings as a target account for the Region.", + "title": "AmiAccountId", + "type": "string" + }, + "DataType": { + "markdownDescription": "The data type specifies what type of value the Parameter contains. We recommend that you use data type `aws:ec2:image` .", + "title": "DataType", + "type": "string" + }, + "ParameterName": { + "markdownDescription": "This is the name of the Parameter in the target Region or account. The image distribution creates the Parameter if it doesn't already exist. Otherwise, it updates the parameter.", + "title": "ParameterName", "type": "string" } }, "required": [ - "DestinationSchema" + "ParameterName" ], "type": "object" }, - "AWS::KinesisAnalytics::ApplicationReferenceDataSource": { + "AWS::ImageBuilder::DistributionConfiguration.TargetContainerRepository": { + "additionalProperties": false, + "properties": { + "RepositoryName": { + "markdownDescription": "The name of the container repository where the output container image is stored. This name is prefixed by the repository location. For example, `/repository_name` .", + "title": "RepositoryName", + "type": "string" + }, + "Service": { + "markdownDescription": "Specifies the service in which this image was registered.", + "title": "Service", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ImageBuilder::Image": { "additionalProperties": false, "properties": { "Condition": { @@ -137393,26 +142283,71 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationName": { - "markdownDescription": "Name of an existing application.", - "title": "ApplicationName", + "ContainerRecipeArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the container recipe that defines how images are configured and tested.", + "title": "ContainerRecipeArn", "type": "string" }, - "ReferenceDataSource": { - "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.ReferenceDataSource", - "markdownDescription": "The reference data source can be an object in your Amazon S3 bucket. Amazon Kinesis Analytics reads the object and copies the data into the in-application table that is created. You provide an S3 bucket, object key name, and the resulting in-application table that is created. You must also provide an IAM role with the necessary permissions that Amazon Kinesis Analytics can assume to read the object from your S3 bucket on your behalf.", - "title": "ReferenceDataSource" + "DistributionConfigurationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the distribution configuration that defines and configures the outputs of your pipeline.", + "title": "DistributionConfigurationArn", + "type": "string" + }, + "EnhancedImageMetadataEnabled": { + "markdownDescription": "Collects additional information about the image being created, including the operating system (OS) version and package list. This information is used to enhance the overall experience of using EC2 Image Builder. Enabled by default.", + "title": "EnhancedImageMetadataEnabled", + "type": "boolean" + }, + "ExecutionRole": { + "markdownDescription": "The name or Amazon Resource Name (ARN) for the IAM role you create that grants Image Builder access to perform workflow actions.", + "title": "ExecutionRole", + "type": "string" + }, + "ImageRecipeArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the image recipe that defines how images are configured, tested, and assessed.", + "title": "ImageRecipeArn", + "type": "string" + }, + "ImageScanningConfiguration": { + "$ref": "#/definitions/AWS::ImageBuilder::Image.ImageScanningConfiguration", + "markdownDescription": "Contains settings for vulnerability scans.", + "title": "ImageScanningConfiguration" + }, + "ImageTestsConfiguration": { + "$ref": "#/definitions/AWS::ImageBuilder::Image.ImageTestsConfiguration", + "markdownDescription": "The image tests configuration of the image.", + "title": "ImageTestsConfiguration" + }, + "InfrastructureConfigurationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the infrastructure configuration that defines the environment in which your image will be built and tested.", + "title": "InfrastructureConfigurationArn", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The tags of the image.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "Workflows": { + "items": { + "$ref": "#/definitions/AWS::ImageBuilder::Image.WorkflowConfiguration" + }, + "markdownDescription": "Contains an array of workflow configuration objects.", + "title": "Workflows", + "type": "array" } }, - "required": [ - "ApplicationName", - "ReferenceDataSource" - ], "type": "object" }, "Type": { "enum": [ - "AWS::KinesisAnalytics::ApplicationReferenceDataSource" + "AWS::ImageBuilder::Image" ], "type": "string" }, @@ -137426,184 +142361,110 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::KinesisAnalytics::ApplicationReferenceDataSource.CSVMappingParameters": { + "AWS::ImageBuilder::Image.EcrConfiguration": { "additionalProperties": false, "properties": { - "RecordColumnDelimiter": { - "markdownDescription": "Column delimiter. For example, in a CSV format, a comma (\",\") is the typical column delimiter.", - "title": "RecordColumnDelimiter", - "type": "string" + "ContainerTags": { + "items": { + "type": "string" + }, + "markdownDescription": "Tags for Image Builder to apply to the output container image that Amazon Inspector scans. Tags can help you identify and manage your scanned images.", + "title": "ContainerTags", + "type": "array" }, - "RecordRowDelimiter": { - "markdownDescription": "Row delimiter. For example, in a CSV format, *'\\n'* is the typical row delimiter.", - "title": "RecordRowDelimiter", - "type": "string" - } - }, - "required": [ - "RecordColumnDelimiter", - "RecordRowDelimiter" - ], - "type": "object" - }, - "AWS::KinesisAnalytics::ApplicationReferenceDataSource.JSONMappingParameters": { - "additionalProperties": false, - "properties": { - "RecordRowPath": { - "markdownDescription": "Path to the top-level parent that contains the records.", - "title": "RecordRowPath", + "RepositoryName": { + "markdownDescription": "The name of the container repository that Amazon Inspector scans to identify findings for your container images. The name includes the path for the repository location. If you don\u2019t provide this information, Image Builder creates a repository in your account named `image-builder-image-scanning-repository` for vulnerability scans of your output container images.", + "title": "RepositoryName", "type": "string" } }, - "required": [ - "RecordRowPath" - ], "type": "object" }, - "AWS::KinesisAnalytics::ApplicationReferenceDataSource.MappingParameters": { + "AWS::ImageBuilder::Image.ImageScanningConfiguration": { "additionalProperties": false, "properties": { - "CSVMappingParameters": { - "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.CSVMappingParameters", - "markdownDescription": "Provides additional mapping information when the record format uses delimiters (for example, CSV).", - "title": "CSVMappingParameters" + "EcrConfiguration": { + "$ref": "#/definitions/AWS::ImageBuilder::Image.EcrConfiguration", + "markdownDescription": "Contains Amazon ECR settings for vulnerability scans.", + "title": "EcrConfiguration" }, - "JSONMappingParameters": { - "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.JSONMappingParameters", - "markdownDescription": "Provides additional mapping information when JSON is the record format on the streaming source.", - "title": "JSONMappingParameters" + "ImageScanningEnabled": { + "markdownDescription": "A setting that indicates whether Image Builder keeps a snapshot of the vulnerability scans that Amazon Inspector runs against the build instance when you create a new image.", + "title": "ImageScanningEnabled", + "type": "boolean" } }, "type": "object" }, - "AWS::KinesisAnalytics::ApplicationReferenceDataSource.RecordColumn": { + "AWS::ImageBuilder::Image.ImageTestsConfiguration": { "additionalProperties": false, "properties": { - "Mapping": { - "markdownDescription": "Reference to the data element in the streaming input or the reference data source. This element is required if the [RecordFormatType](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/API_RecordFormat.html#analytics-Type-RecordFormat-RecordFormatTypel) is `JSON` .", - "title": "Mapping", - "type": "string" - }, - "Name": { - "markdownDescription": "Name of the column created in the in-application input stream or reference table.", - "title": "Name", - "type": "string" + "ImageTestsEnabled": { + "markdownDescription": "Determines if tests should run after building the image. Image Builder defaults to enable tests to run following the image build, before image distribution.", + "title": "ImageTestsEnabled", + "type": "boolean" }, - "SqlType": { - "markdownDescription": "Type of column created in the in-application input stream or reference table.", - "title": "SqlType", - "type": "string" + "TimeoutMinutes": { + "markdownDescription": "The maximum time in minutes that tests are permitted to run.\n\n> The timeout property is not currently active. This value is ignored.", + "title": "TimeoutMinutes", + "type": "number" } }, - "required": [ - "Name", - "SqlType" - ], "type": "object" }, - "AWS::KinesisAnalytics::ApplicationReferenceDataSource.RecordFormat": { + "AWS::ImageBuilder::Image.WorkflowConfiguration": { "additionalProperties": false, "properties": { - "MappingParameters": { - "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.MappingParameters", - "markdownDescription": "When configuring application input at the time of creating or updating an application, provides additional mapping information specific to the record format (such as JSON, CSV, or record fields delimited by some delimiter) on the streaming source.", - "title": "MappingParameters" - }, - "RecordFormatType": { - "markdownDescription": "The type of record format.", - "title": "RecordFormatType", + "OnFailure": { + "markdownDescription": "The action to take if the workflow fails.", + "title": "OnFailure", "type": "string" - } - }, - "required": [ - "RecordFormatType" - ], - "type": "object" - }, - "AWS::KinesisAnalytics::ApplicationReferenceDataSource.ReferenceDataSource": { - "additionalProperties": false, - "properties": { - "ReferenceSchema": { - "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.ReferenceSchema", - "markdownDescription": "Describes the format of the data in the streaming source, and how each data element maps to corresponding columns created in the in-application stream.", - "title": "ReferenceSchema" - }, - "S3ReferenceDataSource": { - "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.S3ReferenceDataSource", - "markdownDescription": "Identifies the S3 bucket and object that contains the reference data. Also identifies the IAM role Amazon Kinesis Analytics can assume to read this object on your behalf. An Amazon Kinesis Analytics application loads reference data only once. If the data changes, you call the `UpdateApplication` operation to trigger reloading of data into your application.", - "title": "S3ReferenceDataSource" }, - "TableName": { - "markdownDescription": "Name of the in-application table to create.", - "title": "TableName", + "ParallelGroup": { + "markdownDescription": "Test workflows are defined within named runtime groups called parallel groups. The parallel group is the named group that contains this test workflow. Test workflows within a parallel group can run at the same time. Image Builder starts up to five test workflows in the group at the same time, and starts additional workflows as others complete, until all workflows in the group have completed. This field only applies for test workflows.", + "title": "ParallelGroup", "type": "string" - } - }, - "required": [ - "ReferenceSchema" - ], - "type": "object" - }, - "AWS::KinesisAnalytics::ApplicationReferenceDataSource.ReferenceSchema": { - "additionalProperties": false, - "properties": { - "RecordColumns": { + }, + "Parameters": { "items": { - "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.RecordColumn" + "$ref": "#/definitions/AWS::ImageBuilder::Image.WorkflowParameter" }, - "markdownDescription": "A list of RecordColumn objects.", - "title": "RecordColumns", + "markdownDescription": "Contains parameter values for each of the parameters that the workflow document defined for the workflow resource.", + "title": "Parameters", "type": "array" }, - "RecordEncoding": { - "markdownDescription": "Specifies the encoding of the records in the reference source. For example, UTF-8.", - "title": "RecordEncoding", + "WorkflowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the workflow resource.", + "title": "WorkflowArn", "type": "string" - }, - "RecordFormat": { - "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.RecordFormat", - "markdownDescription": "Specifies the format of the records on the reference source.", - "title": "RecordFormat" } }, - "required": [ - "RecordColumns", - "RecordFormat" - ], "type": "object" }, - "AWS::KinesisAnalytics::ApplicationReferenceDataSource.S3ReferenceDataSource": { + "AWS::ImageBuilder::Image.WorkflowParameter": { "additionalProperties": false, "properties": { - "BucketARN": { - "markdownDescription": "Amazon Resource Name (ARN) of the S3 bucket.", - "title": "BucketARN", - "type": "string" - }, - "FileKey": { - "markdownDescription": "Object key name containing reference data.", - "title": "FileKey", + "Name": { + "markdownDescription": "The name of the workflow parameter to set.", + "title": "Name", "type": "string" }, - "ReferenceRoleARN": { - "markdownDescription": "ARN of the IAM role that the service can assume to read data on your behalf. This role must have permission for the `s3:GetObject` action on the object and trust policy that allows Amazon Kinesis Analytics service principal to assume this role.", - "title": "ReferenceRoleARN", - "type": "string" + "Value": { + "items": { + "type": "string" + }, + "markdownDescription": "Sets the value for the named workflow parameter.", + "title": "Value", + "type": "array" } }, - "required": [ - "BucketARN", - "FileKey", - "ReferenceRoleARN" - ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application": { + "AWS::ImageBuilder::ImagePipeline": { "additionalProperties": false, "properties": { "Condition": { @@ -137638,64 +142499,95 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ApplicationConfiguration", - "markdownDescription": "Use this parameter to configure the application.", - "title": "ApplicationConfiguration" + "ContainerRecipeArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the container recipe that is used for this pipeline.", + "title": "ContainerRecipeArn", + "type": "string" }, - "ApplicationDescription": { - "markdownDescription": "The description of the application.", - "title": "ApplicationDescription", + "Description": { + "markdownDescription": "The description of this image pipeline.", + "title": "Description", "type": "string" }, - "ApplicationMaintenanceConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ApplicationMaintenanceConfiguration", - "markdownDescription": "Specifies the maintenance window parameters for a Kinesis Data Analytics application.", - "title": "ApplicationMaintenanceConfiguration" + "DistributionConfigurationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the distribution configuration associated with this image pipeline.", + "title": "DistributionConfigurationArn", + "type": "string" }, - "ApplicationMode": { - "markdownDescription": "To create a Kinesis Data Analytics Studio notebook, you must set the mode to `INTERACTIVE` . However, for a Kinesis Data Analytics for Apache Flink application, the mode is optional.", - "title": "ApplicationMode", + "EnhancedImageMetadataEnabled": { + "markdownDescription": "Collects additional information about the image being created, including the operating system (OS) version and package list. This information is used to enhance the overall experience of using EC2 Image Builder. Enabled by default.", + "title": "EnhancedImageMetadataEnabled", + "type": "boolean" + }, + "ExecutionRole": { + "markdownDescription": "The name or Amazon Resource Name (ARN) for the IAM role you create that grants Image Builder access to perform workflow actions.", + "title": "ExecutionRole", "type": "string" }, - "ApplicationName": { - "markdownDescription": "The name of the application.", - "title": "ApplicationName", + "ImageRecipeArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the image recipe associated with this image pipeline.", + "title": "ImageRecipeArn", "type": "string" }, - "RunConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.RunConfiguration", - "markdownDescription": "Describes the starting parameters for an Managed Service for Apache Flink application.", - "title": "RunConfiguration" + "ImageScanningConfiguration": { + "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline.ImageScanningConfiguration", + "markdownDescription": "Contains settings for vulnerability scans.", + "title": "ImageScanningConfiguration" }, - "RuntimeEnvironment": { - "markdownDescription": "The runtime environment for the application.", - "title": "RuntimeEnvironment", - "type": "string" + "ImageTestsConfiguration": { + "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline.ImageTestsConfiguration", + "markdownDescription": "The configuration of the image tests that run after image creation to ensure the quality of the image that was created.", + "title": "ImageTestsConfiguration" }, - "ServiceExecutionRole": { - "markdownDescription": "Specifies the IAM role that the application uses to access external resources.", - "title": "ServiceExecutionRole", + "InfrastructureConfigurationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the infrastructure configuration associated with this image pipeline.", + "title": "InfrastructureConfigurationArn", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "Name": { + "markdownDescription": "The name of the image pipeline.", + "title": "Name", + "type": "string" + }, + "Schedule": { + "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline.Schedule", + "markdownDescription": "The schedule of the image pipeline. A schedule configures how often and when a pipeline automatically creates a new image.", + "title": "Schedule" + }, + "Status": { + "markdownDescription": "The status of the image pipeline.", + "title": "Status", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The tags of this image pipeline.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "A list of one or more tags to assign to the application. A tag is a key-value pair that identifies an application. Note that the maximum number of application tags includes system tags. The maximum number of user-defined application tags is 50.", "title": "Tags", + "type": "object" + }, + "Workflows": { + "items": { + "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline.WorkflowConfiguration" + }, + "markdownDescription": "Contains the workflows that run for the image pipeline.", + "title": "Workflows", "type": "array" } }, "required": [ - "RuntimeEnvironment", - "ServiceExecutionRole" + "InfrastructureConfigurationArn", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::KinesisAnalyticsV2::Application" + "AWS::ImageBuilder::ImagePipeline" ], "type": "string" }, @@ -137714,741 +142606,605 @@ ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.ApplicationCodeConfiguration": { - "additionalProperties": false, - "properties": { - "CodeContent": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.CodeContent", - "markdownDescription": "The location and type of the application code.", - "title": "CodeContent" - }, - "CodeContentType": { - "markdownDescription": "Specifies whether the code content is in text or zip format.", - "title": "CodeContentType", - "type": "string" - } - }, - "required": [ - "CodeContent", - "CodeContentType" - ], - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.ApplicationConfiguration": { + "AWS::ImageBuilder::ImagePipeline.EcrConfiguration": { "additionalProperties": false, "properties": { - "ApplicationCodeConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ApplicationCodeConfiguration", - "markdownDescription": "The code location and type parameters for a Managed Service for Apache Flink application.", - "title": "ApplicationCodeConfiguration" - }, - "ApplicationSnapshotConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ApplicationSnapshotConfiguration", - "markdownDescription": "Describes whether snapshots are enabled for a Managed Service for Apache Flink application.", - "title": "ApplicationSnapshotConfiguration" - }, - "EnvironmentProperties": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.EnvironmentProperties", - "markdownDescription": "Describes execution properties for a Managed Service for Apache Flink application.", - "title": "EnvironmentProperties" - }, - "FlinkApplicationConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.FlinkApplicationConfiguration", - "markdownDescription": "The creation and update parameters for a Managed Service for Apache Flink application.", - "title": "FlinkApplicationConfiguration" - }, - "SqlApplicationConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.SqlApplicationConfiguration", - "markdownDescription": "The creation and update parameters for a SQL-based Kinesis Data Analytics application.", - "title": "SqlApplicationConfiguration" - }, - "VpcConfigurations": { + "ContainerTags": { "items": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.VpcConfiguration" + "type": "string" }, - "markdownDescription": "The array of descriptions of VPC configurations available to the application.", - "title": "VpcConfigurations", + "markdownDescription": "Tags for Image Builder to apply to the output container image that Amazon Inspector scans. Tags can help you identify and manage your scanned images.", + "title": "ContainerTags", "type": "array" }, - "ZeppelinApplicationConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ZeppelinApplicationConfiguration", - "markdownDescription": "The configuration parameters for a Kinesis Data Analytics Studio notebook.", - "title": "ZeppelinApplicationConfiguration" - } - }, - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.ApplicationMaintenanceConfiguration": { - "additionalProperties": false, - "properties": { - "ApplicationMaintenanceWindowStartTime": { - "markdownDescription": "", - "title": "ApplicationMaintenanceWindowStartTime", + "RepositoryName": { + "markdownDescription": "The name of the container repository that Amazon Inspector scans to identify findings for your container images. The name includes the path for the repository location. If you don\u2019t provide this information, Image Builder creates a repository in your account named `image-builder-image-scanning-repository` for vulnerability scans of your output container images.", + "title": "RepositoryName", "type": "string" } }, - "required": [ - "ApplicationMaintenanceWindowStartTime" - ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.ApplicationRestoreConfiguration": { + "AWS::ImageBuilder::ImagePipeline.ImageScanningConfiguration": { "additionalProperties": false, "properties": { - "ApplicationRestoreType": { - "markdownDescription": "Specifies how the application should be restored.", - "title": "ApplicationRestoreType", - "type": "string" + "EcrConfiguration": { + "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline.EcrConfiguration", + "markdownDescription": "Contains Amazon ECR settings for vulnerability scans.", + "title": "EcrConfiguration" }, - "SnapshotName": { - "markdownDescription": "The identifier of an existing snapshot of application state to use to restart an application. The application uses this value if `RESTORE_FROM_CUSTOM_SNAPSHOT` is specified for the `ApplicationRestoreType` .", - "title": "SnapshotName", - "type": "string" + "ImageScanningEnabled": { + "markdownDescription": "A setting that indicates whether Image Builder keeps a snapshot of the vulnerability scans that Amazon Inspector runs against the build instance when you create a new image.", + "title": "ImageScanningEnabled", + "type": "boolean" } }, - "required": [ - "ApplicationRestoreType" - ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.ApplicationSnapshotConfiguration": { + "AWS::ImageBuilder::ImagePipeline.ImageTestsConfiguration": { "additionalProperties": false, "properties": { - "SnapshotsEnabled": { - "markdownDescription": "Describes whether snapshots are enabled for a Managed Service for Apache Flink application.", - "title": "SnapshotsEnabled", + "ImageTestsEnabled": { + "markdownDescription": "Defines if tests should be executed when building this image. For example, `true` or `false` .", + "title": "ImageTestsEnabled", "type": "boolean" + }, + "TimeoutMinutes": { + "markdownDescription": "The maximum time in minutes that tests are permitted to run.\n\n> The timeout property is not currently active. This value is ignored.", + "title": "TimeoutMinutes", + "type": "number" } }, - "required": [ - "SnapshotsEnabled" - ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.CSVMappingParameters": { + "AWS::ImageBuilder::ImagePipeline.Schedule": { "additionalProperties": false, "properties": { - "RecordColumnDelimiter": { - "markdownDescription": "The column delimiter. For example, in a CSV format, a comma (\",\") is the typical column delimiter.", - "title": "RecordColumnDelimiter", + "PipelineExecutionStartCondition": { + "markdownDescription": "The condition configures when the pipeline should trigger a new image build. When the `pipelineExecutionStartCondition` is set to `EXPRESSION_MATCH_AND_DEPENDENCY_UPDATES_AVAILABLE` , and you use semantic version filters on the base image or components in your image recipe, Image Builder will build a new image only when there are new versions of the image or components in your recipe that match the semantic version filter. When it is set to `EXPRESSION_MATCH_ONLY` , it will build a new image every time the CRON expression matches the current time. For semantic version syntax, see [CreateComponent](https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_CreateComponent.html) in the *Image Builder API Reference* .", + "title": "PipelineExecutionStartCondition", "type": "string" }, - "RecordRowDelimiter": { - "markdownDescription": "The row delimiter. For example, in a CSV format, *'\\n'* is the typical row delimiter.", - "title": "RecordRowDelimiter", + "ScheduleExpression": { + "markdownDescription": "The cron expression determines how often EC2 Image Builder evaluates your `pipelineExecutionStartCondition` .\n\nFor information on how to format a cron expression in Image Builder, see [Use cron expressions in EC2 Image Builder](https://docs.aws.amazon.com/imagebuilder/latest/userguide/image-builder-cron.html) .", + "title": "ScheduleExpression", "type": "string" } }, - "required": [ - "RecordColumnDelimiter", - "RecordRowDelimiter" - ], - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.CatalogConfiguration": { - "additionalProperties": false, - "properties": { - "GlueDataCatalogConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.GlueDataCatalogConfiguration", - "markdownDescription": "The configuration parameters for the default Amazon Glue database. You use this database for Apache Flink SQL queries and table API transforms that you write in a Kinesis Data Analytics Studio notebook.", - "title": "GlueDataCatalogConfiguration" - } - }, "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.CheckpointConfiguration": { + "AWS::ImageBuilder::ImagePipeline.WorkflowConfiguration": { "additionalProperties": false, "properties": { - "CheckpointInterval": { - "markdownDescription": "Describes the interval in milliseconds between checkpoint operations.\n\n> If `CheckpointConfiguration.ConfigurationType` is `DEFAULT` , the application will use a `CheckpointInterval` value of 60000, even if this value is set to another value using this API or in application code.", - "title": "CheckpointInterval", - "type": "number" - }, - "CheckpointingEnabled": { - "markdownDescription": "Describes whether checkpointing is enabled for a Managed Service for Apache Flink application.\n\n> If `CheckpointConfiguration.ConfigurationType` is `DEFAULT` , the application will use a `CheckpointingEnabled` value of `true` , even if this value is set to another value using this API or in application code.", - "title": "CheckpointingEnabled", - "type": "boolean" - }, - "ConfigurationType": { - "markdownDescription": "Describes whether the application uses Managed Service for Apache Flink' default checkpointing behavior. You must set this property to `CUSTOM` in order to set the `CheckpointingEnabled` , `CheckpointInterval` , or `MinPauseBetweenCheckpoints` parameters.\n\n> If this value is set to `DEFAULT` , the application will use the following values, even if they are set to other values using APIs or application code:\n> \n> - *CheckpointingEnabled:* true\n> - *CheckpointInterval:* 60000\n> - *MinPauseBetweenCheckpoints:* 5000", - "title": "ConfigurationType", + "OnFailure": { + "markdownDescription": "The action to take if the workflow fails.", + "title": "OnFailure", "type": "string" }, - "MinPauseBetweenCheckpoints": { - "markdownDescription": "Describes the minimum time in milliseconds after a checkpoint operation completes that a new checkpoint operation can start. If a checkpoint operation takes longer than the `CheckpointInterval` , the application otherwise performs continual checkpoint operations. For more information, see [Tuning Checkpointing](https://docs.aws.amazon.com/https://nightlies.apache.org/flink/flink-docs-master/docs/ops/state/large_state_tuning/#tuning-checkpointing) in the [Apache Flink Documentation](https://docs.aws.amazon.com/https://nightlies.apache.org/flink/flink-docs-master) .\n\n> If `CheckpointConfiguration.ConfigurationType` is `DEFAULT` , the application will use a `MinPauseBetweenCheckpoints` value of 5000, even if this value is set using this API or in application code.", - "title": "MinPauseBetweenCheckpoints", - "type": "number" - } - }, - "required": [ - "ConfigurationType" - ], - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.CodeContent": { - "additionalProperties": false, - "properties": { - "S3ContentLocation": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.S3ContentLocation", - "markdownDescription": "Information about the Amazon S3 bucket that contains the application code.", - "title": "S3ContentLocation" - }, - "TextContent": { - "markdownDescription": "The text-format code for a Managed Service for Apache Flink application.", - "title": "TextContent", + "ParallelGroup": { + "markdownDescription": "Test workflows are defined within named runtime groups called parallel groups. The parallel group is the named group that contains this test workflow. Test workflows within a parallel group can run at the same time. Image Builder starts up to five test workflows in the group at the same time, and starts additional workflows as others complete, until all workflows in the group have completed. This field only applies for test workflows.", + "title": "ParallelGroup", "type": "string" }, - "ZipFileContent": { - "markdownDescription": "The zip-format code for a Managed Service for Apache Flink application.", - "title": "ZipFileContent", + "Parameters": { + "items": { + "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline.WorkflowParameter" + }, + "markdownDescription": "Contains parameter values for each of the parameters that the workflow document defined for the workflow resource.", + "title": "Parameters", + "type": "array" + }, + "WorkflowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the workflow resource.", + "title": "WorkflowArn", "type": "string" } }, "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.CustomArtifactConfiguration": { + "AWS::ImageBuilder::ImagePipeline.WorkflowParameter": { "additionalProperties": false, "properties": { - "ArtifactType": { - "markdownDescription": "Set this to either `UDF` or `DEPENDENCY_JAR` . `UDF` stands for user-defined functions. This type of artifact must be in an S3 bucket. A `DEPENDENCY_JAR` can be in either Maven or an S3 bucket.", - "title": "ArtifactType", + "Name": { + "markdownDescription": "The name of the workflow parameter to set.", + "title": "Name", "type": "string" }, - "MavenReference": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.MavenReference", - "markdownDescription": "The parameters required to fully specify a Maven reference.", - "title": "MavenReference" - }, - "S3ContentLocation": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.S3ContentLocation", - "markdownDescription": "The location of the custom artifacts.", - "title": "S3ContentLocation" - } - }, - "required": [ - "ArtifactType" - ], - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.DeployAsApplicationConfiguration": { - "additionalProperties": false, - "properties": { - "S3ContentLocation": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.S3ContentBaseLocation", - "markdownDescription": "The description of an Amazon S3 object that contains the Amazon Data Analytics application, including the Amazon Resource Name (ARN) of the S3 bucket, the name of the Amazon S3 object that contains the data, and the version number of the Amazon S3 object that contains the data.", - "title": "S3ContentLocation" - } - }, - "required": [ - "S3ContentLocation" - ], - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.EnvironmentProperties": { - "additionalProperties": false, - "properties": { - "PropertyGroups": { + "Value": { "items": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.PropertyGroup" + "type": "string" }, - "markdownDescription": "Describes the execution property groups.", - "title": "PropertyGroups", + "markdownDescription": "Sets the value for the named workflow parameter.", + "title": "Value", "type": "array" } }, "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.FlinkApplicationConfiguration": { + "AWS::ImageBuilder::ImageRecipe": { "additionalProperties": false, "properties": { - "CheckpointConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.CheckpointConfiguration", - "markdownDescription": "Describes an application's checkpointing configuration. Checkpointing is the process of persisting application state for fault tolerance. For more information, see [Checkpoints for Fault Tolerance](https://docs.aws.amazon.com/https://ci.apache.org/projects/flink/flink-docs-release-1.8/concepts/programming-model.html#checkpoints-for-fault-tolerance) in the [Apache Flink Documentation](https://docs.aws.amazon.com/https://ci.apache.org/projects/flink/flink-docs-release-1.8/) .", - "title": "CheckpointConfiguration" - }, - "MonitoringConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.MonitoringConfiguration", - "markdownDescription": "Describes configuration parameters for Amazon CloudWatch logging for an application.", - "title": "MonitoringConfiguration" + "Condition": { + "type": "string" }, - "ParallelismConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ParallelismConfiguration", - "markdownDescription": "Describes parameters for how an application executes multiple tasks simultaneously.", - "title": "ParallelismConfiguration" - } - }, - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.FlinkRunConfiguration": { - "additionalProperties": false, - "properties": { - "AllowNonRestoredState": { - "markdownDescription": "When restoring from a snapshot, specifies whether the runtime is allowed to skip a state that cannot be mapped to the new program. This will happen if the program is updated between snapshots to remove stateful parameters, and state data in the snapshot no longer corresponds to valid application data. For more information, see [Allowing Non-Restored State](https://docs.aws.amazon.com/https://nightlies.apache.org/flink/flink-docs-master/docs/ops/state/savepoints/#allowing-non-restored-state) in the [Apache Flink documentation](https://docs.aws.amazon.com/https://nightlies.apache.org/flink/flink-docs-master) .\n\n> This value defaults to `false` . If you update your application without specifying this parameter, `AllowNonRestoredState` will be set to `false` , even if it was previously set to `true` .", - "title": "AllowNonRestoredState", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.GlueDataCatalogConfiguration": { - "additionalProperties": false, - "properties": { - "DatabaseARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the database.", - "title": "DatabaseARN", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.Input": { - "additionalProperties": false, - "properties": { - "InputParallelism": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.InputParallelism", - "markdownDescription": "Describes the number of in-application streams to create.", - "title": "InputParallelism" }, - "InputProcessingConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.InputProcessingConfiguration", - "markdownDescription": "The [InputProcessingConfiguration](https://docs.aws.amazon.com/managed-flink/latest/apiv2/API_InputProcessingConfiguration.html) for the input. An input processor transforms records as they are received from the stream, before the application's SQL code executes. Currently, the only input processing configuration available is [InputLambdaProcessor](https://docs.aws.amazon.com/managed-flink/latest/apiv2/API_InputLambdaProcessor.html) .", - "title": "InputProcessingConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "InputSchema": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.InputSchema", - "markdownDescription": "Describes the format of the data in the streaming source, and how each data element maps to corresponding columns in the in-application stream that is being created.\n\nAlso used to describe the format of the reference data source.", - "title": "InputSchema" + "Metadata": { + "type": "object" }, - "KinesisFirehoseInput": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.KinesisFirehoseInput", - "markdownDescription": "If the streaming source is an Amazon Kinesis Data Firehose delivery stream, identifies the delivery stream's ARN.", - "title": "KinesisFirehoseInput" + "Properties": { + "additionalProperties": false, + "properties": { + "AdditionalInstanceConfiguration": { + "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe.AdditionalInstanceConfiguration", + "markdownDescription": "Before you create a new AMI, Image Builder launches temporary Amazon EC2 instances to build and test your image configuration. Instance configuration adds a layer of control over those instances. You can define settings and add scripts to run when an instance is launched from your AMI.", + "title": "AdditionalInstanceConfiguration" + }, + "BlockDeviceMappings": { + "items": { + "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe.InstanceBlockDeviceMapping" + }, + "markdownDescription": "The block device mappings to apply when creating images from this recipe.", + "title": "BlockDeviceMappings", + "type": "array" + }, + "Components": { + "items": { + "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe.ComponentConfiguration" + }, + "markdownDescription": "The components that are included in the image recipe. Recipes require a minimum of one build component, and can have a maximum of 20 build and test components in any combination.", + "title": "Components", + "type": "array" + }, + "Description": { + "markdownDescription": "The description of the image recipe.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the image recipe.", + "title": "Name", + "type": "string" + }, + "ParentImage": { + "markdownDescription": "The base image for customizations specified in the image recipe. You can specify the parent image using one of the following options:\n\n- AMI ID\n- Image Builder image Amazon Resource Name (ARN)\n- AWS Systems Manager (SSM) Parameter Store Parameter, prefixed by `ssm:` , followed by the parameter name or ARN.\n- AWS Marketplace product ID", + "title": "ParentImage", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The tags of the image recipe.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "Version": { + "markdownDescription": "The version of the image recipe.", + "title": "Version", + "type": "string" + }, + "WorkingDirectory": { + "markdownDescription": "The working directory to be used during build and test workflows.", + "title": "WorkingDirectory", + "type": "string" + } + }, + "required": [ + "Components", + "Name", + "ParentImage", + "Version" + ], + "type": "object" }, - "KinesisStreamsInput": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.KinesisStreamsInput", - "markdownDescription": "If the streaming source is an Amazon Kinesis data stream, identifies the stream's Amazon Resource Name (ARN).", - "title": "KinesisStreamsInput" + "Type": { + "enum": [ + "AWS::ImageBuilder::ImageRecipe" + ], + "type": "string" }, - "NamePrefix": { - "markdownDescription": "The name prefix to use when creating an in-application stream. Suppose that you specify a prefix \" `MyInApplicationStream` .\" Kinesis Data Analytics then creates one or more (as per the `InputParallelism` count you specified) in-application streams with the names \" `MyInApplicationStream_001` ,\" \" `MyInApplicationStream_002` ,\" and so on.", - "title": "NamePrefix", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "InputSchema", - "NamePrefix" + "Type", + "Properties" ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.InputLambdaProcessor": { + "AWS::ImageBuilder::ImageRecipe.AdditionalInstanceConfiguration": { "additionalProperties": false, "properties": { - "ResourceARN": { - "markdownDescription": "The ARN of the Amazon Lambda function that operates on records in the stream.\n\n> To specify an earlier version of the Lambda function than the latest, include the Lambda function version in the Lambda function ARN. For more information about Lambda ARNs, see [Example ARNs: Amazon Lambda](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-lambda)", - "title": "ResourceARN", + "SystemsManagerAgent": { + "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe.SystemsManagerAgent", + "markdownDescription": "Contains settings for the Systems Manager agent on your build instance.", + "title": "SystemsManagerAgent" + }, + "UserDataOverride": { + "markdownDescription": "Use this property to provide commands or a command script to run when you launch your build instance.\n\nThe userDataOverride property replaces any commands that Image Builder might have added to ensure that Systems Manager is installed on your Linux build instance. If you override the user data, make sure that you add commands to install Systems Manager, if it is not pre-installed on your base image.\n\n> The user data is always base 64 encoded. For example, the following commands are encoded as `IyEvYmluL2Jhc2gKbWtkaXIgLXAgL3Zhci9iYi8KdG91Y2ggL3Zhci$` :\n> \n> *#!/bin/bash*\n> \n> mkdir -p /var/bb/\n> \n> touch /var", + "title": "UserDataOverride", "type": "string" } }, - "required": [ - "ResourceARN" - ], - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.InputParallelism": { - "additionalProperties": false, - "properties": { - "Count": { - "markdownDescription": "The number of in-application streams to create.", - "title": "Count", - "type": "number" - } - }, - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.InputProcessingConfiguration": { - "additionalProperties": false, - "properties": { - "InputLambdaProcessor": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.InputLambdaProcessor", - "markdownDescription": "The [InputLambdaProcessor](https://docs.aws.amazon.com/managed-flink/latest/apiv2/API_InputLambdaProcessor.html) that is used to preprocess the records in the stream before being processed by your application code.", - "title": "InputLambdaProcessor" - } - }, "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.InputSchema": { + "AWS::ImageBuilder::ImageRecipe.ComponentConfiguration": { "additionalProperties": false, "properties": { - "RecordColumns": { + "ComponentArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the component.", + "title": "ComponentArn", + "type": "string" + }, + "Parameters": { "items": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.RecordColumn" + "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe.ComponentParameter" }, - "markdownDescription": "A list of `RecordColumn` objects.", - "title": "RecordColumns", + "markdownDescription": "A group of parameter settings that Image Builder uses to configure the component for a specific recipe.", + "title": "Parameters", "type": "array" - }, - "RecordEncoding": { - "markdownDescription": "Specifies the encoding of the records in the streaming source. For example, UTF-8.", - "title": "RecordEncoding", - "type": "string" - }, - "RecordFormat": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.RecordFormat", - "markdownDescription": "Specifies the format of the records on the streaming source.", - "title": "RecordFormat" - } - }, - "required": [ - "RecordColumns", - "RecordFormat" - ], - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.JSONMappingParameters": { - "additionalProperties": false, - "properties": { - "RecordRowPath": { - "markdownDescription": "The path to the top-level parent that contains the records.", - "title": "RecordRowPath", - "type": "string" - } - }, - "required": [ - "RecordRowPath" - ], - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.KinesisFirehoseInput": { - "additionalProperties": false, - "properties": { - "ResourceARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the delivery stream.", - "title": "ResourceARN", - "type": "string" } }, - "required": [ - "ResourceARN" - ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.KinesisStreamsInput": { + "AWS::ImageBuilder::ImageRecipe.ComponentParameter": { "additionalProperties": false, "properties": { - "ResourceARN": { - "markdownDescription": "The ARN of the input Kinesis data stream to read.", - "title": "ResourceARN", + "Name": { + "markdownDescription": "The name of the component parameter to set.", + "title": "Name", "type": "string" + }, + "Value": { + "items": { + "type": "string" + }, + "markdownDescription": "Sets the value for the named component parameter.", + "title": "Value", + "type": "array" } }, "required": [ - "ResourceARN" + "Name", + "Value" ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.MappingParameters": { + "AWS::ImageBuilder::ImageRecipe.EbsInstanceBlockDeviceSpecification": { "additionalProperties": false, "properties": { - "CSVMappingParameters": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.CSVMappingParameters", - "markdownDescription": "Provides additional mapping information when the record format uses delimiters (for example, CSV).", - "title": "CSVMappingParameters" + "DeleteOnTermination": { + "markdownDescription": "Configures delete on termination of the associated device.", + "title": "DeleteOnTermination", + "type": "boolean" }, - "JSONMappingParameters": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.JSONMappingParameters", - "markdownDescription": "Provides additional mapping information when JSON is the record format on the streaming source.", - "title": "JSONMappingParameters" - } - }, - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.MavenReference": { - "additionalProperties": false, - "properties": { - "ArtifactId": { - "markdownDescription": "The artifact ID of the Maven reference.", - "title": "ArtifactId", + "Encrypted": { + "markdownDescription": "Use to configure device encryption.", + "title": "Encrypted", + "type": "boolean" + }, + "Iops": { + "markdownDescription": "Use to configure device IOPS.", + "title": "Iops", + "type": "number" + }, + "KmsKeyId": { + "markdownDescription": "Use to configure the KMS key to use when encrypting the device.", + "title": "KmsKeyId", "type": "string" }, - "GroupId": { - "markdownDescription": "The group ID of the Maven reference.", - "title": "GroupId", + "SnapshotId": { + "markdownDescription": "The snapshot that defines the device contents.", + "title": "SnapshotId", "type": "string" }, - "Version": { - "markdownDescription": "The version of the Maven reference.", - "title": "Version", + "Throughput": { + "markdownDescription": "*For GP3 volumes only* \u2013 The throughput in MiB/s that the volume supports.", + "title": "Throughput", + "type": "number" + }, + "VolumeSize": { + "markdownDescription": "Overrides the volume size of the device.", + "title": "VolumeSize", + "type": "number" + }, + "VolumeType": { + "markdownDescription": "Overrides the volume type of the device.", + "title": "VolumeType", "type": "string" } }, - "required": [ - "ArtifactId", - "GroupId", - "Version" - ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.MonitoringConfiguration": { + "AWS::ImageBuilder::ImageRecipe.InstanceBlockDeviceMapping": { "additionalProperties": false, "properties": { - "ConfigurationType": { - "markdownDescription": "Describes whether to use the default CloudWatch logging configuration for an application. You must set this property to `CUSTOM` in order to set the `LogLevel` or `MetricsLevel` parameters.", - "title": "ConfigurationType", + "DeviceName": { + "markdownDescription": "The device to which these mappings apply.", + "title": "DeviceName", "type": "string" }, - "LogLevel": { - "markdownDescription": "Describes the verbosity of the CloudWatch Logs for an application.", - "title": "LogLevel", + "Ebs": { + "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe.EbsInstanceBlockDeviceSpecification", + "markdownDescription": "Use to manage Amazon EBS-specific configuration for this mapping.", + "title": "Ebs" + }, + "NoDevice": { + "markdownDescription": "Enter an empty string to remove a mapping from the parent image.\n\nThe following is an example of an empty string value in the `NoDevice` field.\n\n`NoDevice:\"\"`", + "title": "NoDevice", "type": "string" }, - "MetricsLevel": { - "markdownDescription": "Describes the granularity of the CloudWatch Logs for an application. The `Parallelism` level is not recommended for applications with a Parallelism over 64 due to excessive costs.", - "title": "MetricsLevel", + "VirtualName": { + "markdownDescription": "Manages the instance ephemeral devices.", + "title": "VirtualName", "type": "string" } }, - "required": [ - "ConfigurationType" - ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.ParallelismConfiguration": { + "AWS::ImageBuilder::ImageRecipe.SystemsManagerAgent": { "additionalProperties": false, "properties": { - "AutoScalingEnabled": { - "markdownDescription": "Describes whether the Managed Service for Apache Flink service can increase the parallelism of the application in response to increased throughput.", - "title": "AutoScalingEnabled", + "UninstallAfterBuild": { + "markdownDescription": "Controls whether the Systems Manager agent is removed from your final build image, prior to creating the new AMI. If this is set to true, then the agent is removed from the final image. If it's set to false, then the agent is left in, so that it is included in the new AMI. The default value is false.", + "title": "UninstallAfterBuild", "type": "boolean" - }, - "ConfigurationType": { - "markdownDescription": "Describes whether the application uses the default parallelism for the Managed Service for Apache Flink service. You must set this property to `CUSTOM` in order to change your application's `AutoScalingEnabled` , `Parallelism` , or `ParallelismPerKPU` properties.", - "title": "ConfigurationType", - "type": "string" - }, - "Parallelism": { - "markdownDescription": "Describes the initial number of parallel tasks that a Java-based Kinesis Data Analytics application can perform. The Kinesis Data Analytics service can increase this number automatically if [ParallelismConfiguration:AutoScalingEnabled](https://docs.aws.amazon.com/managed-flink/latest/apiv2/API_ParallelismConfiguration.html#kinesisanalytics-Type-ParallelismConfiguration-AutoScalingEnabled.html) is set to `true` .", - "title": "Parallelism", - "type": "number" - }, - "ParallelismPerKPU": { - "markdownDescription": "Describes the number of parallel tasks that a Java-based Kinesis Data Analytics application can perform per Kinesis Processing Unit (KPU) used by the application. For more information about KPUs, see [Amazon Kinesis Data Analytics Pricing](https://docs.aws.amazon.com/kinesis/data-analytics/pricing/) .", - "title": "ParallelismPerKPU", - "type": "number" } }, - "required": [ - "ConfigurationType" - ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.PropertyGroup": { + "AWS::ImageBuilder::InfrastructureConfiguration": { "additionalProperties": false, "properties": { - "PropertyGroupId": { - "markdownDescription": "Describes the key of an application execution property key-value pair.", - "title": "PropertyGroupId", + "Condition": { "type": "string" }, - "PropertyMap": { - "additionalProperties": true, - "markdownDescription": "Describes the value of an application execution property key-value pair.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the infrastructure configuration.", + "title": "Description", + "type": "string" + }, + "InstanceMetadataOptions": { + "$ref": "#/definitions/AWS::ImageBuilder::InfrastructureConfiguration.InstanceMetadataOptions", + "markdownDescription": "The instance metadata options that you can set for the HTTP requests that pipeline builds use to launch EC2 build and test instances.", + "title": "InstanceMetadataOptions" + }, + "InstanceProfileName": { + "markdownDescription": "The instance profile to associate with the instance used to customize your Amazon EC2 AMI.", + "title": "InstanceProfileName", + "type": "string" + }, + "InstanceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The instance types of the infrastructure configuration. You can specify one or more instance types to use for this build. The service will pick one of these instance types based on availability.", + "title": "InstanceTypes", + "type": "array" + }, + "KeyPair": { + "markdownDescription": "The key pair of the infrastructure configuration. You can use this to log on to and debug the instance used to create your image.", + "title": "KeyPair", + "type": "string" + }, + "Logging": { + "$ref": "#/definitions/AWS::ImageBuilder::InfrastructureConfiguration.Logging", + "markdownDescription": "The logging configuration of the infrastructure configuration.", + "title": "Logging" + }, + "Name": { + "markdownDescription": "The name of the infrastructure configuration.", + "title": "Name", + "type": "string" + }, + "Placement": { + "$ref": "#/definitions/AWS::ImageBuilder::InfrastructureConfiguration.Placement", + "markdownDescription": "The instance placement settings that define where the instances that are launched from your image will run.", + "title": "Placement" + }, + "ResourceTags": { + "additionalProperties": true, + "markdownDescription": "The metadata tags to assign to the Amazon EC2 instance that Image Builder launches during the build process. Tags are formatted as key value pairs.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "ResourceTags", + "type": "object" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The security group IDs to associate with the instance used to customize your Amazon EC2 AMI.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SnsTopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the SNS topic to which we send image build event notifications.\n\n> EC2 Image Builder is unable to send notifications to SNS topics that are encrypted using keys from other accounts. The key that is used to encrypt the SNS topic must reside in the account that the Image Builder service runs under.", + "title": "SnsTopicArn", "type": "string" + }, + "SubnetId": { + "markdownDescription": "The subnet ID in which to place the instance used to customize your Amazon EC2 AMI.", + "title": "SubnetId", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The metadata tags to assign to the infrastructure configuration resource that Image Builder creates as output. Tags are formatted as key value pairs.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "TerminateInstanceOnFailure": { + "markdownDescription": "The terminate instance on failure setting of the infrastructure configuration. Set to false if you want Image Builder to retain the instance used to configure your AMI if the build or test phase of your workflow fails.", + "title": "TerminateInstanceOnFailure", + "type": "boolean" } }, - "title": "PropertyMap", + "required": [ + "InstanceProfileName", + "Name" + ], "type": "object" - } - }, - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.RecordColumn": { - "additionalProperties": false, - "properties": { - "Mapping": { - "markdownDescription": "A reference to the data element in the streaming input or the reference data source.", - "title": "Mapping", - "type": "string" }, - "Name": { - "markdownDescription": "The name of the column that is created in the in-application input stream or reference table.", - "title": "Name", + "Type": { + "enum": [ + "AWS::ImageBuilder::InfrastructureConfiguration" + ], "type": "string" }, - "SqlType": { - "markdownDescription": "The type of column created in the in-application input stream or reference table.", - "title": "SqlType", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Name", - "SqlType" + "Type", + "Properties" ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.RecordFormat": { + "AWS::ImageBuilder::InfrastructureConfiguration.InstanceMetadataOptions": { "additionalProperties": false, "properties": { - "MappingParameters": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.MappingParameters", - "markdownDescription": "When you configure application input at the time of creating or updating an application, provides additional mapping information specific to the record format (such as JSON, CSV, or record fields delimited by some delimiter) on the streaming source.", - "title": "MappingParameters" + "HttpPutResponseHopLimit": { + "markdownDescription": "Limit the number of hops that an instance metadata request can traverse to reach its destination. The default is one hop. However, if HTTP tokens are required, container image builds need a minimum of two hops.", + "title": "HttpPutResponseHopLimit", + "type": "number" }, - "RecordFormatType": { - "markdownDescription": "The type of record format.", - "title": "RecordFormatType", + "HttpTokens": { + "markdownDescription": "Indicates whether a signed token header is required for instance metadata retrieval requests. The values affect the response as follows:\n\n- *required* \u2013 When you retrieve the IAM role credentials, version 2.0 credentials are returned in all cases.\n- *optional* \u2013 You can include a signed token header in your request to retrieve instance metadata, or you can leave it out. If you include it, version 2.0 credentials are returned for the IAM role. Otherwise, version 1.0 credentials are returned.\n\nThe default setting is *optional* .", + "title": "HttpTokens", "type": "string" } }, - "required": [ - "RecordFormatType" - ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.RunConfiguration": { + "AWS::ImageBuilder::InfrastructureConfiguration.Logging": { "additionalProperties": false, "properties": { - "ApplicationRestoreConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ApplicationRestoreConfiguration", - "markdownDescription": "Describes the restore behavior of a restarting application.", - "title": "ApplicationRestoreConfiguration" - }, - "FlinkRunConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.FlinkRunConfiguration", - "markdownDescription": "Describes the starting parameters for a Managed Service for Apache Flink application.", - "title": "FlinkRunConfiguration" + "S3Logs": { + "$ref": "#/definitions/AWS::ImageBuilder::InfrastructureConfiguration.S3Logs", + "markdownDescription": "The Amazon S3 logging configuration.", + "title": "S3Logs" } }, "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.S3ContentBaseLocation": { + "AWS::ImageBuilder::InfrastructureConfiguration.Placement": { "additionalProperties": false, "properties": { - "BasePath": { - "markdownDescription": "The base path for the S3 bucket.", - "title": "BasePath", + "AvailabilityZone": { + "markdownDescription": "The Availability Zone where your build and test instances will launch.", + "title": "AvailabilityZone", "type": "string" }, - "BucketARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the S3 bucket.", - "title": "BucketARN", - "type": "string" - } - }, - "required": [ - "BucketARN" - ], - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.S3ContentLocation": { - "additionalProperties": false, - "properties": { - "BucketARN": { - "markdownDescription": "The Amazon Resource Name (ARN) for the S3 bucket containing the application code.", - "title": "BucketARN", + "HostId": { + "markdownDescription": "The ID of the Dedicated Host on which build and test instances run. This only applies if `tenancy` is `host` . If you specify the host ID, you must not specify the resource group ARN. If you specify both, Image Builder returns an error.", + "title": "HostId", "type": "string" }, - "FileKey": { - "markdownDescription": "The file key for the object containing the application code.", - "title": "FileKey", + "HostResourceGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the host resource group in which to launch build and test instances. This only applies if `tenancy` is `host` . If you specify the resource group ARN, you must not specify the host ID. If you specify both, Image Builder returns an error.", + "title": "HostResourceGroupArn", "type": "string" }, - "ObjectVersion": { - "markdownDescription": "The version of the object containing the application code.", - "title": "ObjectVersion", + "Tenancy": { + "markdownDescription": "The tenancy of the instance. An instance with a tenancy of `dedicated` runs on single-tenant hardware. An instance with a tenancy of `host` runs on a Dedicated Host.\n\nIf tenancy is set to `host` , then you can optionally specify one target for placement \u2013 either host ID or host resource group ARN. If automatic placement is enabled for your host, and you don't specify any placement target, Amazon EC2 will try to find an available host for your build and test instances.", + "title": "Tenancy", "type": "string" } }, - "required": [ - "BucketARN", - "FileKey" - ], - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.SqlApplicationConfiguration": { - "additionalProperties": false, - "properties": { - "Inputs": { - "items": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.Input" - }, - "markdownDescription": "The array of [Input](https://docs.aws.amazon.com/managed-flink/latest/apiv2/API_Input.html) objects describing the input streams used by the application.", - "title": "Inputs", - "type": "array" - } - }, - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.VpcConfiguration": { - "additionalProperties": false, - "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The array of [SecurityGroup](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SecurityGroup.html) IDs used by the VPC configuration.", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The array of [Subnet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_Subnet.html) IDs used by the VPC configuration.", - "title": "SubnetIds", - "type": "array" - } - }, - "required": [ - "SecurityGroupIds", - "SubnetIds" - ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.ZeppelinApplicationConfiguration": { + "AWS::ImageBuilder::InfrastructureConfiguration.S3Logs": { "additionalProperties": false, "properties": { - "CatalogConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.CatalogConfiguration", - "markdownDescription": "The Amazon Glue Data Catalog that you use in queries in a Kinesis Data Analytics Studio notebook.", - "title": "CatalogConfiguration" - }, - "CustomArtifactsConfiguration": { - "items": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.CustomArtifactConfiguration" - }, - "markdownDescription": "A list of `CustomArtifactConfiguration` objects.", - "title": "CustomArtifactsConfiguration", - "type": "array" - }, - "DeployAsApplicationConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.DeployAsApplicationConfiguration", - "markdownDescription": "The information required to deploy a Kinesis Data Analytics Studio notebook as an application with durable state.", - "title": "DeployAsApplicationConfiguration" + "S3BucketName": { + "markdownDescription": "The S3 bucket in which to store the logs.", + "title": "S3BucketName", + "type": "string" }, - "MonitoringConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ZeppelinMonitoringConfiguration", - "markdownDescription": "The monitoring configuration of a Kinesis Data Analytics Studio notebook.", - "title": "MonitoringConfiguration" - } - }, - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.ZeppelinMonitoringConfiguration": { - "additionalProperties": false, - "properties": { - "LogLevel": { - "markdownDescription": "The verbosity of the CloudWatch Logs for an application. You can set it to `INFO` , `WARN` , `ERROR` , or `DEBUG` .", - "title": "LogLevel", + "S3KeyPrefix": { + "markdownDescription": "The Amazon S3 path to the bucket where the logs are stored.", + "title": "S3KeyPrefix", "type": "string" } }, "type": "object" }, - "AWS::KinesisAnalyticsV2::ApplicationCloudWatchLoggingOption": { + "AWS::ImageBuilder::LifecyclePolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -138483,26 +143239,68 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationName": { - "markdownDescription": "The name of the application.", - "title": "ApplicationName", + "Description": { + "markdownDescription": "Optional description for the lifecycle policy.", + "title": "Description", "type": "string" }, - "CloudWatchLoggingOption": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationCloudWatchLoggingOption.CloudWatchLoggingOption", - "markdownDescription": "Provides a description of Amazon CloudWatch logging options, including the log stream Amazon Resource Name (ARN).", - "title": "CloudWatchLoggingOption" - } - }, - "required": [ - "ApplicationName", - "CloudWatchLoggingOption" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::KinesisAnalyticsV2::ApplicationCloudWatchLoggingOption" + "ExecutionRole": { + "markdownDescription": "The name or Amazon Resource Name (ARN) for the IAM role you create that grants Image Builder access to run lifecycle actions.", + "title": "ExecutionRole", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the lifecycle policy to create.", + "title": "Name", + "type": "string" + }, + "PolicyDetails": { + "items": { + "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.PolicyDetail" + }, + "markdownDescription": "Configuration details for the lifecycle policy rules.", + "title": "PolicyDetails", + "type": "array" + }, + "ResourceSelection": { + "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.ResourceSelection", + "markdownDescription": "Selection criteria for the resources that the lifecycle policy applies to.", + "title": "ResourceSelection" + }, + "ResourceType": { + "markdownDescription": "The type of Image Builder resource that the lifecycle policy applies to.", + "title": "ResourceType", + "type": "string" + }, + "Status": { + "markdownDescription": "Indicates whether the lifecycle policy resource is enabled.", + "title": "Status", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Tags to apply to the lifecycle policy resource.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "ExecutionRole", + "Name", + "PolicyDetails", + "ResourceSelection", + "ResourceType" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ImageBuilder::LifecyclePolicy" ], "type": "string" }, @@ -138521,21 +143319,232 @@ ], "type": "object" }, - "AWS::KinesisAnalyticsV2::ApplicationCloudWatchLoggingOption.CloudWatchLoggingOption": { + "AWS::ImageBuilder::LifecyclePolicy.Action": { "additionalProperties": false, "properties": { - "LogStreamARN": { - "markdownDescription": "The ARN of the CloudWatch log to receive application messages.", - "title": "LogStreamARN", + "IncludeResources": { + "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.IncludeResources", + "markdownDescription": "Specifies the resources that the lifecycle policy applies to.", + "title": "IncludeResources" + }, + "Type": { + "markdownDescription": "Specifies the lifecycle action to take.", + "title": "Type", "type": "string" } }, "required": [ - "LogStreamARN" + "Type" ], "type": "object" }, - "AWS::KinesisAnalyticsV2::ApplicationOutput": { + "AWS::ImageBuilder::LifecyclePolicy.AmiExclusionRules": { + "additionalProperties": false, + "properties": { + "IsPublic": { + "markdownDescription": "Configures whether public AMIs are excluded from the lifecycle action.", + "title": "IsPublic", + "type": "boolean" + }, + "LastLaunched": { + "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.LastLaunched", + "markdownDescription": "Specifies configuration details for Image Builder to exclude the most recent resources from lifecycle actions.", + "title": "LastLaunched" + }, + "Regions": { + "items": { + "type": "string" + }, + "markdownDescription": "Configures AWS Region s that are excluded from the lifecycle action.", + "title": "Regions", + "type": "array" + }, + "SharedAccounts": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies AWS account s whose resources are excluded from the lifecycle action.", + "title": "SharedAccounts", + "type": "array" + }, + "TagMap": { + "additionalProperties": true, + "markdownDescription": "Lists tags that should be excluded from lifecycle actions for the AMIs that have them.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "TagMap", + "type": "object" + } + }, + "type": "object" + }, + "AWS::ImageBuilder::LifecyclePolicy.ExclusionRules": { + "additionalProperties": false, + "properties": { + "Amis": { + "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.AmiExclusionRules", + "markdownDescription": "Lists configuration values that apply to AMIs that Image Builder should exclude from the lifecycle action.", + "title": "Amis" + }, + "TagMap": { + "additionalProperties": true, + "markdownDescription": "Contains a list of tags that Image Builder uses to skip lifecycle actions for Image Builder image resources that have them.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "TagMap", + "type": "object" + } + }, + "type": "object" + }, + "AWS::ImageBuilder::LifecyclePolicy.Filter": { + "additionalProperties": false, + "properties": { + "RetainAtLeast": { + "markdownDescription": "For age-based filters, this is the number of resources to keep on hand after the lifecycle `DELETE` action is applied. Impacted resources are only deleted if you have more than this number of resources. If you have fewer resources than this number, the impacted resource is not deleted.", + "title": "RetainAtLeast", + "type": "number" + }, + "Type": { + "markdownDescription": "Filter resources based on either `age` or `count` .", + "title": "Type", + "type": "string" + }, + "Unit": { + "markdownDescription": "Defines the unit of time that the lifecycle policy uses to determine impacted resources. This is required for age-based rules.", + "title": "Unit", + "type": "string" + }, + "Value": { + "markdownDescription": "The number of units for the time period or for the count. For example, a value of `6` might refer to six months or six AMIs.\n\n> For count-based filters, this value represents the minimum number of resources to keep on hand. If you have fewer resources than this number, the resource is excluded from lifecycle actions.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "Type", + "Value" + ], + "type": "object" + }, + "AWS::ImageBuilder::LifecyclePolicy.IncludeResources": { + "additionalProperties": false, + "properties": { + "Amis": { + "markdownDescription": "Specifies whether the lifecycle action should apply to distributed AMIs.", + "title": "Amis", + "type": "boolean" + }, + "Containers": { + "markdownDescription": "Specifies whether the lifecycle action should apply to distributed containers.", + "title": "Containers", + "type": "boolean" + }, + "Snapshots": { + "markdownDescription": "Specifies whether the lifecycle action should apply to snapshots associated with distributed AMIs.", + "title": "Snapshots", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::ImageBuilder::LifecyclePolicy.LastLaunched": { + "additionalProperties": false, + "properties": { + "Unit": { + "markdownDescription": "Defines the unit of time that the lifecycle policy uses to calculate elapsed time since the last instance launched from the AMI. For example: days, weeks, months, or years.", + "title": "Unit", + "type": "string" + }, + "Value": { + "markdownDescription": "The integer number of units for the time period. For example `6` (months).", + "title": "Value", + "type": "number" + } + }, + "required": [ + "Unit", + "Value" + ], + "type": "object" + }, + "AWS::ImageBuilder::LifecyclePolicy.PolicyDetail": { + "additionalProperties": false, + "properties": { + "Action": { + "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.Action", + "markdownDescription": "Configuration details for the policy action.", + "title": "Action" + }, + "ExclusionRules": { + "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.ExclusionRules", + "markdownDescription": "Additional rules to specify resources that should be exempt from policy actions.", + "title": "ExclusionRules" + }, + "Filter": { + "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.Filter", + "markdownDescription": "Specifies the resources that the lifecycle policy applies to.", + "title": "Filter" + } + }, + "required": [ + "Action", + "Filter" + ], + "type": "object" + }, + "AWS::ImageBuilder::LifecyclePolicy.RecipeSelection": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of an Image Builder recipe that the lifecycle policy uses for resource selection.", + "title": "Name", + "type": "string" + }, + "SemanticVersion": { + "markdownDescription": "The version of the Image Builder recipe specified by the `name` field.", + "title": "SemanticVersion", + "type": "string" + } + }, + "required": [ + "Name", + "SemanticVersion" + ], + "type": "object" + }, + "AWS::ImageBuilder::LifecyclePolicy.ResourceSelection": { + "additionalProperties": false, + "properties": { + "Recipes": { + "items": { + "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.RecipeSelection" + }, + "markdownDescription": "A list of recipes that are used as selection criteria for the output images that the lifecycle policy applies to.", + "title": "Recipes", + "type": "array" + }, + "TagMap": { + "additionalProperties": true, + "markdownDescription": "A list of tags that are used as selection criteria for the Image Builder image resources that the lifecycle policy applies to.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "TagMap", + "type": "object" + } + }, + "type": "object" + }, + "AWS::ImageBuilder::Workflow": { "additionalProperties": false, "properties": { "Condition": { @@ -138570,26 +143579,68 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationName": { - "markdownDescription": "The name of the application.", - "title": "ApplicationName", + "ChangeDescription": { + "markdownDescription": "Describes what change has been made in this version of the workflow, or what makes this version different from other versions of the workflow.", + "title": "ChangeDescription", "type": "string" }, - "Output": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationOutput.Output", - "markdownDescription": "Describes a SQL-based Kinesis Data Analytics application's output configuration, in which you identify an in-application stream and a destination where you want the in-application stream data to be written. The destination can be a Kinesis data stream or a Kinesis Data Firehose delivery stream.", - "title": "Output" + "Data": { + "markdownDescription": "Contains the UTF-8 encoded YAML document content for the workflow. Alternatively, you can specify the `uri` of a YAML document file stored in Amazon S3. However, you cannot specify both properties.", + "title": "Data", + "type": "string" + }, + "Description": { + "markdownDescription": "Describes the workflow.", + "title": "Description", + "type": "string" + }, + "KmsKeyId": { + "markdownDescription": "The ID of the KMS key that is used to encrypt this workflow resource.", + "title": "KmsKeyId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the workflow to create.", + "title": "Name", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Tags that apply to the workflow resource.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "Type": { + "markdownDescription": "The phase in the image build process for which the workflow resource is responsible.", + "title": "Type", + "type": "string" + }, + "Uri": { + "markdownDescription": "The `uri` of a YAML component document file. This must be an S3 URL ( `s3://bucket/key` ), and the requester must have permission to access the S3 bucket it points to. If you use Amazon S3, you can specify component content up to your service quota.\n\nAlternatively, you can specify the YAML document inline, using the component `data` property. You cannot specify both properties.", + "title": "Uri", + "type": "string" + }, + "Version": { + "markdownDescription": "The semantic version of this workflow resource. The semantic version syntax adheres to the following rules.\n\n> The semantic version has four nodes: ../. You can assign values for the first three, and can filter on all of them.\n> \n> *Assignment:* For the first three nodes you can assign any positive integer value, including zero, with an upper limit of 2^30-1, or 1073741823 for each node. Image Builder automatically assigns the build number to the fourth node.\n> \n> *Patterns:* You can use any numeric pattern that adheres to the assignment requirements for the nodes that you can assign. For example, you might choose a software version pattern, such as 1.0.0, or a date, such as 2021.01.01.", + "title": "Version", + "type": "string" } }, "required": [ - "ApplicationName", - "Output" + "Name", + "Type", + "Version" ], "type": "object" }, "Type": { "enum": [ - "AWS::KinesisAnalyticsV2::ApplicationOutput" + "AWS::ImageBuilder::Workflow" ], "type": "string" }, @@ -138608,94 +143659,240 @@ ], "type": "object" }, - "AWS::KinesisAnalyticsV2::ApplicationOutput.DestinationSchema": { + "AWS::Inspector::AssessmentTarget": { "additionalProperties": false, "properties": { - "RecordFormatType": { - "markdownDescription": "Specifies the format of the records on the output stream.", - "title": "RecordFormatType", + "Condition": { "type": "string" - } - }, - "type": "object" - }, - "AWS::KinesisAnalyticsV2::ApplicationOutput.KinesisFirehoseOutput": { - "additionalProperties": false, - "properties": { - "ResourceARN": { - "markdownDescription": "The ARN of the destination delivery stream to write to.", - "title": "ResourceARN", + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "required": [ - "ResourceARN" - ], - "type": "object" - }, - "AWS::KinesisAnalyticsV2::ApplicationOutput.KinesisStreamsOutput": { - "additionalProperties": false, - "properties": { - "ResourceARN": { - "markdownDescription": "The ARN of the destination Kinesis data stream to write to.", - "title": "ResourceARN", + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AssessmentTargetName": { + "markdownDescription": "The name of the Amazon Inspector assessment target. The name must be unique within the AWS account .", + "title": "AssessmentTargetName", + "type": "string" + }, + "ResourceGroupArn": { + "markdownDescription": "The ARN that specifies the resource group that is used to create the assessment target. If `resourceGroupArn` is not specified, all EC2 instances in the current AWS account and Region are included in the assessment target.", + "title": "ResourceGroupArn", + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Inspector::AssessmentTarget" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ResourceARN" + "Type" ], "type": "object" }, - "AWS::KinesisAnalyticsV2::ApplicationOutput.LambdaOutput": { + "AWS::Inspector::AssessmentTemplate": { "additionalProperties": false, "properties": { - "ResourceARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the destination Lambda function to write to.\n\n> To specify an earlier version of the Lambda function than the latest, include the Lambda function version in the Lambda function ARN. For more information about Lambda ARNs, see [Example ARNs: Amazon Lambda](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-lambda)", - "title": "ResourceARN", + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AssessmentTargetArn": { + "markdownDescription": "The ARN of the assessment target to be included in the assessment template.", + "title": "AssessmentTargetArn", + "type": "string" + }, + "AssessmentTemplateName": { + "markdownDescription": "The user-defined name that identifies the assessment template that you want to create. You can create several assessment templates for the same assessment target. The names of the assessment templates that correspond to a particular assessment target must be unique.", + "title": "AssessmentTemplateName", + "type": "string" + }, + "DurationInSeconds": { + "markdownDescription": "The duration of the assessment run in seconds.", + "title": "DurationInSeconds", + "type": "number" + }, + "RulesPackageArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The ARNs of the rules packages that you want to use in the assessment template.", + "title": "RulesPackageArns", + "type": "array" + }, + "UserAttributesForFindings": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The user-defined attributes that are assigned to every finding that is generated by the assessment run that uses this assessment template. Within an assessment template, each key must be unique.", + "title": "UserAttributesForFindings", + "type": "array" + } + }, + "required": [ + "AssessmentTargetArn", + "DurationInSeconds", + "RulesPackageArns" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Inspector::AssessmentTemplate" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ResourceARN" + "Type", + "Properties" ], "type": "object" }, - "AWS::KinesisAnalyticsV2::ApplicationOutput.Output": { + "AWS::Inspector::ResourceGroup": { "additionalProperties": false, "properties": { - "DestinationSchema": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationOutput.DestinationSchema", - "markdownDescription": "Describes the data format when records are written to the destination.", - "title": "DestinationSchema" + "Condition": { + "type": "string" }, - "KinesisFirehoseOutput": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationOutput.KinesisFirehoseOutput", - "markdownDescription": "Identifies a Kinesis Data Firehose delivery stream as the destination.", - "title": "KinesisFirehoseOutput" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "KinesisStreamsOutput": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationOutput.KinesisStreamsOutput", - "markdownDescription": "Identifies a Kinesis data stream as the destination.", - "title": "KinesisStreamsOutput" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "LambdaOutput": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationOutput.LambdaOutput", - "markdownDescription": "Identifies an Amazon Lambda function as the destination.", - "title": "LambdaOutput" + "Metadata": { + "type": "object" }, - "Name": { - "markdownDescription": "The name of the in-application stream.", - "title": "Name", + "Properties": { + "additionalProperties": false, + "properties": { + "ResourceGroupTags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags (key and value pairs) that will be associated with the resource group.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "ResourceGroupTags", + "type": "array" + } + }, + "required": [ + "ResourceGroupTags" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Inspector::ResourceGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "DestinationSchema" + "Type", + "Properties" ], "type": "object" }, - "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource": { + "AWS::InspectorV2::CisScanConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -138730,26 +143927,49 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationName": { - "markdownDescription": "The name of the application.", - "title": "ApplicationName", + "ScanName": { + "markdownDescription": "The name of the CIS scan configuration.", + "title": "ScanName", "type": "string" }, - "ReferenceDataSource": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.ReferenceDataSource", - "markdownDescription": "For a SQL-based Kinesis Data Analytics application, describes the reference data source by providing the source information (Amazon S3 bucket name and object key name), the resulting in-application table name that is created, and the necessary schema to map the data elements in the Amazon S3 object to the in-application table.", - "title": "ReferenceDataSource" + "Schedule": { + "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.Schedule", + "markdownDescription": "The CIS scan configuration's schedule.", + "title": "Schedule" + }, + "SecurityLevel": { + "markdownDescription": "The CIS scan configuration's CIS Benchmark level.", + "title": "SecurityLevel", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The CIS scan configuration's tags.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "Targets": { + "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.CisTargets", + "markdownDescription": "The CIS scan configuration's targets.", + "title": "Targets" } }, "required": [ - "ApplicationName", - "ReferenceDataSource" + "ScanName", + "Schedule", + "SecurityLevel", + "Targets" ], "type": "object" }, "Type": { "enum": [ - "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource" + "AWS::InspectorV2::CisScanConfiguration" ], "type": "string" }, @@ -138768,173 +143988,133 @@ ], "type": "object" }, - "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.CSVMappingParameters": { + "AWS::InspectorV2::CisScanConfiguration.CisTargets": { "additionalProperties": false, "properties": { - "RecordColumnDelimiter": { - "markdownDescription": "The column delimiter. For example, in a CSV format, a comma (\",\") is the typical column delimiter.", - "title": "RecordColumnDelimiter", - "type": "string" + "AccountIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The CIS target account ids.", + "title": "AccountIds", + "type": "array" }, - "RecordRowDelimiter": { - "markdownDescription": "The row delimiter. For example, in a CSV format, *'\\n'* is the typical row delimiter.", - "title": "RecordRowDelimiter", - "type": "string" + "TargetResourceTags": { + "markdownDescription": "The CIS target resource tags.", + "title": "TargetResourceTags", + "type": "object" } }, "required": [ - "RecordColumnDelimiter", - "RecordRowDelimiter" + "AccountIds", + "TargetResourceTags" ], "type": "object" }, - "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.JSONMappingParameters": { + "AWS::InspectorV2::CisScanConfiguration.DailySchedule": { "additionalProperties": false, "properties": { - "RecordRowPath": { - "markdownDescription": "The path to the top-level parent that contains the records.", - "title": "RecordRowPath", - "type": "string" + "StartTime": { + "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.Time", + "markdownDescription": "The schedule start time.", + "title": "StartTime" } }, "required": [ - "RecordRowPath" + "StartTime" ], "type": "object" }, - "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.MappingParameters": { - "additionalProperties": false, - "properties": { - "CSVMappingParameters": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.CSVMappingParameters", - "markdownDescription": "Provides additional mapping information when the record format uses delimiters (for example, CSV).", - "title": "CSVMappingParameters" - }, - "JSONMappingParameters": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.JSONMappingParameters", - "markdownDescription": "Provides additional mapping information when JSON is the record format on the streaming source.", - "title": "JSONMappingParameters" - } - }, - "type": "object" - }, - "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.RecordColumn": { + "AWS::InspectorV2::CisScanConfiguration.MonthlySchedule": { "additionalProperties": false, "properties": { - "Mapping": { - "markdownDescription": "A reference to the data element in the streaming input or the reference data source.", - "title": "Mapping", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the column that is created in the in-application input stream or reference table.", - "title": "Name", + "Day": { + "markdownDescription": "The monthly schedule's day.", + "title": "Day", "type": "string" }, - "SqlType": { - "markdownDescription": "The type of column created in the in-application input stream or reference table.", - "title": "SqlType", - "type": "string" + "StartTime": { + "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.Time", + "markdownDescription": "The monthly schedule's start time.", + "title": "StartTime" } }, "required": [ - "Name", - "SqlType" + "Day", + "StartTime" ], "type": "object" }, - "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.RecordFormat": { + "AWS::InspectorV2::CisScanConfiguration.Schedule": { "additionalProperties": false, "properties": { - "MappingParameters": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.MappingParameters", - "markdownDescription": "When you configure application input at the time of creating or updating an application, provides additional mapping information specific to the record format (such as JSON, CSV, or record fields delimited by some delimiter) on the streaming source.", - "title": "MappingParameters" + "Daily": { + "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.DailySchedule", + "markdownDescription": "A daily schedule.", + "title": "Daily" }, - "RecordFormatType": { - "markdownDescription": "The type of record format.", - "title": "RecordFormatType", - "type": "string" + "Monthly": { + "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.MonthlySchedule", + "markdownDescription": "A monthly schedule.", + "title": "Monthly" + }, + "OneTime": { + "markdownDescription": "A one time schedule.", + "title": "OneTime", + "type": "object" + }, + "Weekly": { + "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.WeeklySchedule", + "markdownDescription": "A weekly schedule.", + "title": "Weekly" } }, - "required": [ - "RecordFormatType" - ], "type": "object" }, - "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.ReferenceDataSource": { + "AWS::InspectorV2::CisScanConfiguration.Time": { "additionalProperties": false, "properties": { - "ReferenceSchema": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.ReferenceSchema", - "markdownDescription": "Describes the format of the data in the streaming source, and how each data element maps to corresponding columns created in the in-application stream.", - "title": "ReferenceSchema" - }, - "S3ReferenceDataSource": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.S3ReferenceDataSource", - "markdownDescription": "Identifies the S3 bucket and object that contains the reference data. A Kinesis Data Analytics application loads reference data only once. If the data changes, you call the [UpdateApplication](https://docs.aws.amazon.com/managed-flink/latest/apiv2/API_UpdateApplication.html) operation to trigger reloading of data into your application.", - "title": "S3ReferenceDataSource" + "TimeOfDay": { + "markdownDescription": "The time of day in 24-hour format (00:00).", + "title": "TimeOfDay", + "type": "string" }, - "TableName": { - "markdownDescription": "The name of the in-application table to create.", - "title": "TableName", + "TimeZone": { + "markdownDescription": "The timezone.", + "title": "TimeZone", "type": "string" } }, "required": [ - "ReferenceSchema" + "TimeOfDay", + "TimeZone" ], "type": "object" }, - "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.ReferenceSchema": { + "AWS::InspectorV2::CisScanConfiguration.WeeklySchedule": { "additionalProperties": false, "properties": { - "RecordColumns": { + "Days": { "items": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.RecordColumn" + "type": "string" }, - "markdownDescription": "A list of `RecordColumn` objects.", - "title": "RecordColumns", + "markdownDescription": "The weekly schedule's days.", + "title": "Days", "type": "array" }, - "RecordEncoding": { - "markdownDescription": "Specifies the encoding of the records in the streaming source. For example, UTF-8.", - "title": "RecordEncoding", - "type": "string" - }, - "RecordFormat": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.RecordFormat", - "markdownDescription": "Specifies the format of the records on the streaming source.", - "title": "RecordFormat" - } - }, - "required": [ - "RecordColumns", - "RecordFormat" - ], - "type": "object" - }, - "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.S3ReferenceDataSource": { - "additionalProperties": false, - "properties": { - "BucketARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the S3 bucket.", - "title": "BucketARN", - "type": "string" - }, - "FileKey": { - "markdownDescription": "The object key name containing the reference data.", - "title": "FileKey", - "type": "string" + "StartTime": { + "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.Time", + "markdownDescription": "The weekly schedule's start time.", + "title": "StartTime" } }, "required": [ - "BucketARN", - "FileKey" + "Days", + "StartTime" ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream": { + "AWS::InspectorV2::Filter": { "additionalProperties": false, "properties": { "Condition": { @@ -138969,90 +144149,48 @@ "Properties": { "additionalProperties": false, "properties": { - "AmazonOpenSearchServerlessDestinationConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessDestinationConfiguration", - "markdownDescription": "Describes the configuration of a destination in the Serverless offering for Amazon OpenSearch Service.", - "title": "AmazonOpenSearchServerlessDestinationConfiguration" - }, - "AmazonopensearchserviceDestinationConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceDestinationConfiguration", - "markdownDescription": "The destination in Amazon OpenSearch Service. You can specify only one destination.", - "title": "AmazonopensearchserviceDestinationConfiguration" - }, - "DeliveryStreamEncryptionConfigurationInput": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DeliveryStreamEncryptionConfigurationInput", - "markdownDescription": "Specifies the type and Amazon Resource Name (ARN) of the CMK to use for Server-Side Encryption (SSE).", - "title": "DeliveryStreamEncryptionConfigurationInput" - }, - "DeliveryStreamName": { - "markdownDescription": "The name of the Firehose stream.", - "title": "DeliveryStreamName", + "Description": { + "markdownDescription": "A description of the filter.", + "title": "Description", "type": "string" }, - "DeliveryStreamType": { - "markdownDescription": "The Firehose stream type. This can be one of the following values:\n\n- `DirectPut` : Provider applications access the Firehose stream directly.\n- `KinesisStreamAsSource` : The Firehose stream uses a Kinesis data stream as a source.", - "title": "DeliveryStreamType", + "FilterAction": { + "markdownDescription": "The action that is to be applied to the findings that match the filter.", + "title": "FilterAction", "type": "string" }, - "ElasticsearchDestinationConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ElasticsearchDestinationConfiguration", - "markdownDescription": "An Amazon ES destination for the delivery stream.\n\nConditional. You must specify only one destination configuration.\n\nIf you change the delivery stream destination from an Amazon ES destination to an Amazon S3 or Amazon Redshift destination, update requires [some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt) .", - "title": "ElasticsearchDestinationConfiguration" - }, - "ExtendedS3DestinationConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ExtendedS3DestinationConfiguration", - "markdownDescription": "An Amazon S3 destination for the delivery stream.\n\nConditional. You must specify only one destination configuration.\n\nIf you change the delivery stream destination from an Amazon Extended S3 destination to an Amazon ES destination, update requires [some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt) .", - "title": "ExtendedS3DestinationConfiguration" - }, - "HttpEndpointDestinationConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.HttpEndpointDestinationConfiguration", - "markdownDescription": "Enables configuring Kinesis Firehose to deliver data to any HTTP endpoint destination. You can specify only one destination.", - "title": "HttpEndpointDestinationConfiguration" - }, - "KinesisStreamSourceConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.KinesisStreamSourceConfiguration", - "markdownDescription": "When a Kinesis stream is used as the source for the delivery stream, a [KinesisStreamSourceConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisfirehose-deliverystream-kinesisstreamsourceconfiguration.html) containing the Kinesis stream ARN and the role ARN for the source stream.", - "title": "KinesisStreamSourceConfiguration" - }, - "MSKSourceConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.MSKSourceConfiguration", - "markdownDescription": "The configuration for the Amazon MSK cluster to be used as the source for a delivery stream.", - "title": "MSKSourceConfiguration" - }, - "RedshiftDestinationConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.RedshiftDestinationConfiguration", - "markdownDescription": "An Amazon Redshift destination for the delivery stream.\n\nConditional. You must specify only one destination configuration.\n\nIf you change the delivery stream destination from an Amazon Redshift destination to an Amazon ES destination, update requires [some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt) .", - "title": "RedshiftDestinationConfiguration" - }, - "S3DestinationConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", - "markdownDescription": "The `S3DestinationConfiguration` property type specifies an Amazon Simple Storage Service (Amazon S3) destination to which Amazon Kinesis Data Firehose (Kinesis Data Firehose) delivers data.\n\nConditional. You must specify only one destination configuration.\n\nIf you change the delivery stream destination from an Amazon S3 destination to an Amazon ES destination, update requires [some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt) .", - "title": "S3DestinationConfiguration" - }, - "SnowflakeDestinationConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SnowflakeDestinationConfiguration", - "markdownDescription": "Configure Snowflake destination", - "title": "SnowflakeDestinationConfiguration" + "FilterCriteria": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.FilterCriteria", + "markdownDescription": "Details on the filter criteria associated with this filter.", + "title": "FilterCriteria" }, - "SplunkDestinationConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SplunkDestinationConfiguration", - "markdownDescription": "The configuration of a destination in Splunk for the delivery stream.", - "title": "SplunkDestinationConfiguration" + "Name": { + "markdownDescription": "The name of the filter.", + "title": "Name", + "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "The tags attached to the filter.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "A set of tags to assign to the Firehose stream. A tag is a key-value pair that you can define and assign to AWS resources. Tags are metadata. For example, you can add friendly names and descriptions or other types of information that can help you distinguish the Firehose stream. For more information about tags, see [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html) in the AWS Billing and Cost Management User Guide.\n\nYou can specify up to 50 tags when creating a Firehose stream.\n\nIf you specify tags in the `CreateDeliveryStream` action, Amazon Data Firehose performs an additional authorization on the `firehose:TagDeliveryStream` action to verify if users have permissions to create tags. If you do not provide this permission, requests to create new Firehose streams with IAM resource tags will fail with an `AccessDeniedException` such as following.\n\n*AccessDeniedException*\n\nUser: arn:aws:sts::x:assumed-role/x/x is not authorized to perform: firehose:TagDeliveryStream on resource: arn:aws:firehose:us-east-1:x:deliverystream/x with an explicit deny in an identity-based policy.\n\nFor an example IAM policy, see [Tag example.](https://docs.aws.amazon.com/firehose/latest/APIReference/API_CreateDeliveryStream.html#API_CreateDeliveryStream_Examples)", "title": "Tags", - "type": "array" + "type": "object" } }, + "required": [ + "FilterAction", + "FilterCriteria", + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::KinesisFirehose::DeliveryStream" + "AWS::InspectorV2::Filter" ], "type": "string" }, @@ -139066,1446 +144204,1111 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessBufferingHints": { + "AWS::InspectorV2::Filter.DateFilter": { "additionalProperties": false, "properties": { - "IntervalInSeconds": { - "markdownDescription": "Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 300 (5 minutes).", - "title": "IntervalInSeconds", + "EndInclusive": { + "markdownDescription": "A timestamp representing the end of the time period filtered on.", + "title": "EndInclusive", "type": "number" }, - "SizeInMBs": { - "markdownDescription": "Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 5.\n\nWe recommend setting this parameter to a value greater than the amount of data you typically ingest into the Firehose stream in 10 seconds. For example, if you typically ingest data at 1 MB/sec, the value should be 10 MB or higher.", - "title": "SizeInMBs", + "StartInclusive": { + "markdownDescription": "A timestamp representing the start of the time period filtered on.", + "title": "StartInclusive", "type": "number" } }, "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessDestinationConfiguration": { + "AWS::InspectorV2::Filter.FilterCriteria": { "additionalProperties": false, "properties": { - "BufferingHints": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessBufferingHints", - "markdownDescription": "The buffering options. If no value is specified, the default values for AmazonopensearchserviceBufferingHints are used.", - "title": "BufferingHints" + "AwsAccountId": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details of the AWS account IDs used to filter findings.", + "title": "AwsAccountId", + "type": "array" }, - "CloudWatchLoggingOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", + "CodeVulnerabilityDetectorName": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, "markdownDescription": "", - "title": "CloudWatchLoggingOptions" - }, - "CollectionEndpoint": { - "markdownDescription": "The endpoint to use when communicating with the collection in the Serverless offering for Amazon OpenSearch Service.", - "title": "CollectionEndpoint", - "type": "string" + "title": "CodeVulnerabilityDetectorName", + "type": "array" }, - "IndexName": { - "markdownDescription": "The Serverless offering for Amazon OpenSearch Service index name.", - "title": "IndexName", - "type": "string" + "CodeVulnerabilityDetectorTags": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "", + "title": "CodeVulnerabilityDetectorTags", + "type": "array" }, - "ProcessingConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", + "CodeVulnerabilityFilePath": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, "markdownDescription": "", - "title": "ProcessingConfiguration" + "title": "CodeVulnerabilityFilePath", + "type": "array" }, - "RetryOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessRetryOptions", - "markdownDescription": "The retry behavior in case Firehose is unable to deliver documents to the Serverless offering for Amazon OpenSearch Service. The default value is 300 (5 minutes).", - "title": "RetryOptions" + "ComponentId": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details of the component IDs used to filter findings.", + "title": "ComponentId", + "type": "array" }, - "RoleARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to be assumed by Firehose for calling the Serverless offering for Amazon OpenSearch Service Configuration API and for indexing documents.", - "title": "RoleARN", - "type": "string" + "ComponentType": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details of the component types used to filter findings.", + "title": "ComponentType", + "type": "array" }, - "S3BackupMode": { - "markdownDescription": "Defines how documents should be delivered to Amazon S3. When it is set to FailedDocumentsOnly, Firehose writes any documents that could not be indexed to the configured Amazon S3 destination, with AmazonOpenSearchService-failed/ appended to the key prefix. When set to AllDocuments, Firehose delivers all incoming records to Amazon S3, and also writes failed documents with AmazonOpenSearchService-failed/ appended to the prefix.", - "title": "S3BackupMode", - "type": "string" + "Ec2InstanceImageId": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details of the Amazon EC2 instance image IDs used to filter findings.", + "title": "Ec2InstanceImageId", + "type": "array" }, - "S3Configuration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", - "markdownDescription": "", - "title": "S3Configuration" + "Ec2InstanceSubnetId": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details of the Amazon EC2 instance subnet IDs used to filter findings.", + "title": "Ec2InstanceSubnetId", + "type": "array" }, - "VpcConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.VpcConfiguration", - "markdownDescription": "", - "title": "VpcConfiguration" - } - }, - "required": [ - "IndexName", - "RoleARN", - "S3Configuration" - ], - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessRetryOptions": { - "additionalProperties": false, - "properties": { - "DurationInSeconds": { - "markdownDescription": "After an initial failure to deliver to the Serverless offering for Amazon OpenSearch Service, the total amount of time during which Firehose retries delivery (including the first attempt). After this time has elapsed, the failed documents are written to Amazon S3. Default value is 300 seconds (5 minutes). A value of 0 (zero) results in no retries.", - "title": "DurationInSeconds", - "type": "number" - } - }, - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceBufferingHints": { - "additionalProperties": false, - "properties": { - "IntervalInSeconds": { - "markdownDescription": "Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 300 (5 minutes).", - "title": "IntervalInSeconds", - "type": "number" + "Ec2InstanceVpcId": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details of the Amazon EC2 instance VPC IDs used to filter findings.", + "title": "Ec2InstanceVpcId", + "type": "array" }, - "SizeInMBs": { - "markdownDescription": "Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 5. We recommend setting this parameter to a value greater than the amount of data you typically ingest into the delivery stream in 10 seconds. For example, if you typically ingest data at 1 MB/sec, the value should be 10 MB or higher.", - "title": "SizeInMBs", - "type": "number" - } - }, - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceDestinationConfiguration": { - "additionalProperties": false, - "properties": { - "BufferingHints": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceBufferingHints", - "markdownDescription": "The buffering options. If no value is specified, the default values for AmazonopensearchserviceBufferingHints are used.", - "title": "BufferingHints" + "EcrImageArchitecture": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details of the Amazon ECR image architecture types used to filter findings.", + "title": "EcrImageArchitecture", + "type": "array" }, - "CloudWatchLoggingOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", - "markdownDescription": "Describes the Amazon CloudWatch logging options for your delivery stream.", - "title": "CloudWatchLoggingOptions" + "EcrImageHash": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details of the Amazon ECR image hashes used to filter findings.", + "title": "EcrImageHash", + "type": "array" }, - "ClusterEndpoint": { - "markdownDescription": "The endpoint to use when communicating with the cluster. Specify either this ClusterEndpoint or the DomainARN field.", - "title": "ClusterEndpoint", - "type": "string" + "EcrImagePushedAt": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.DateFilter" + }, + "markdownDescription": "Details on the Amazon ECR image push date and time used to filter findings.", + "title": "EcrImagePushedAt", + "type": "array" }, - "DocumentIdOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DocumentIdOptions", - "markdownDescription": "Indicates the method for setting up document ID. The supported methods are Firehose generated document ID and OpenSearch Service generated document ID.", - "title": "DocumentIdOptions" + "EcrImageRegistry": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details on the Amazon ECR registry used to filter findings.", + "title": "EcrImageRegistry", + "type": "array" }, - "DomainARN": { - "markdownDescription": "The ARN of the Amazon OpenSearch Service domain.", - "title": "DomainARN", - "type": "string" + "EcrImageRepositoryName": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details on the name of the Amazon ECR repository used to filter findings.", + "title": "EcrImageRepositoryName", + "type": "array" }, - "IndexName": { - "markdownDescription": "The Amazon OpenSearch Service index name.", - "title": "IndexName", - "type": "string" + "EcrImageTags": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "The tags attached to the Amazon ECR container image.", + "title": "EcrImageTags", + "type": "array" }, - "IndexRotationPeriod": { - "markdownDescription": "The Amazon OpenSearch Service index rotation period. Index rotation appends a timestamp to the IndexName to facilitate the expiration of old data.", - "title": "IndexRotationPeriod", - "type": "string" + "EpssScore": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.NumberFilter" + }, + "markdownDescription": "", + "title": "EpssScore", + "type": "array" }, - "ProcessingConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", - "markdownDescription": "Describes a data processing configuration.", - "title": "ProcessingConfiguration" + "ExploitAvailable": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "", + "title": "ExploitAvailable", + "type": "array" }, - "RetryOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceRetryOptions", - "markdownDescription": "The retry behavior in case Kinesis Data Firehose is unable to deliver documents to Amazon OpenSearch Service. The default value is 300 (5 minutes).", - "title": "RetryOptions" + "FindingArn": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details on the finding ARNs used to filter findings.", + "title": "FindingArn", + "type": "array" }, - "RoleARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to be assumed by Kinesis Data Firehose for calling the Amazon OpenSearch Service Configuration API and for indexing documents.", - "title": "RoleARN", - "type": "string" + "FindingStatus": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details on the finding status types used to filter findings.", + "title": "FindingStatus", + "type": "array" }, - "S3BackupMode": { - "markdownDescription": "Defines how documents should be delivered to Amazon S3.", - "title": "S3BackupMode", - "type": "string" + "FindingType": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details on the finding types used to filter findings.", + "title": "FindingType", + "type": "array" }, - "S3Configuration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", - "markdownDescription": "Describes the configuration of a destination in Amazon S3.", - "title": "S3Configuration" + "FirstObservedAt": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.DateFilter" + }, + "markdownDescription": "Details on the date and time a finding was first seen used to filter findings.", + "title": "FirstObservedAt", + "type": "array" }, - "TypeName": { - "markdownDescription": "The Amazon OpenSearch Service type name.", - "title": "TypeName", - "type": "string" + "FixAvailable": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "", + "title": "FixAvailable", + "type": "array" }, - "VpcConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.VpcConfiguration", - "markdownDescription": "The details of the VPC of the Amazon OpenSearch Service destination.", - "title": "VpcConfiguration" - } - }, - "required": [ - "IndexName", - "RoleARN", - "S3Configuration" - ], - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceRetryOptions": { - "additionalProperties": false, - "properties": { - "DurationInSeconds": { - "markdownDescription": "After an initial failure to deliver to Amazon OpenSearch Service, the total amount of time during which Kinesis Data Firehose retries delivery (including the first attempt). After this time has elapsed, the failed documents are written to Amazon S3. Default value is 300 seconds (5 minutes). A value of 0 (zero) results in no retries.", - "title": "DurationInSeconds", - "type": "number" + "InspectorScore": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.NumberFilter" + }, + "markdownDescription": "The Amazon Inspector score to filter on.", + "title": "InspectorScore", + "type": "array" + }, + "LambdaFunctionExecutionRoleArn": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "", + "title": "LambdaFunctionExecutionRoleArn", + "type": "array" + }, + "LambdaFunctionLastModifiedAt": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.DateFilter" + }, + "markdownDescription": "", + "title": "LambdaFunctionLastModifiedAt", + "type": "array" + }, + "LambdaFunctionLayers": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "", + "title": "LambdaFunctionLayers", + "type": "array" + }, + "LambdaFunctionName": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "", + "title": "LambdaFunctionName", + "type": "array" + }, + "LambdaFunctionRuntime": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "", + "title": "LambdaFunctionRuntime", + "type": "array" + }, + "LastObservedAt": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.DateFilter" + }, + "markdownDescription": "Details on the date and time a finding was last seen used to filter findings.", + "title": "LastObservedAt", + "type": "array" + }, + "NetworkProtocol": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details on network protocol used to filter findings.", + "title": "NetworkProtocol", + "type": "array" + }, + "PortRange": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.PortRangeFilter" + }, + "markdownDescription": "Details on the port ranges used to filter findings.", + "title": "PortRange", + "type": "array" + }, + "RelatedVulnerabilities": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details on the related vulnerabilities used to filter findings.", + "title": "RelatedVulnerabilities", + "type": "array" + }, + "ResourceId": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details on the resource IDs used to filter findings.", + "title": "ResourceId", + "type": "array" + }, + "ResourceTags": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.MapFilter" + }, + "markdownDescription": "Details on the resource tags used to filter findings.", + "title": "ResourceTags", + "type": "array" + }, + "ResourceType": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details on the resource types used to filter findings.", + "title": "ResourceType", + "type": "array" + }, + "Severity": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details on the severity used to filter findings.", + "title": "Severity", + "type": "array" + }, + "Title": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details on the finding title used to filter findings.", + "title": "Title", + "type": "array" + }, + "UpdatedAt": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.DateFilter" + }, + "markdownDescription": "Details on the date and time a finding was last updated at used to filter findings.", + "title": "UpdatedAt", + "type": "array" + }, + "VendorSeverity": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details on the vendor severity used to filter findings.", + "title": "VendorSeverity", + "type": "array" + }, + "VulnerabilityId": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details on the vulnerability ID used to filter findings.", + "title": "VulnerabilityId", + "type": "array" + }, + "VulnerabilitySource": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details on the vulnerability score to filter findings by.", + "title": "VulnerabilitySource", + "type": "array" + }, + "VulnerablePackages": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.PackageFilter" + }, + "markdownDescription": "Details on the vulnerable packages used to filter findings.", + "title": "VulnerablePackages", + "type": "array" } }, "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.AuthenticationConfiguration": { + "AWS::InspectorV2::Filter.MapFilter": { "additionalProperties": false, "properties": { - "Connectivity": { - "markdownDescription": "The type of connectivity used to access the Amazon MSK cluster.", - "title": "Connectivity", + "Comparison": { + "markdownDescription": "The operator to use when comparing values in the filter.", + "title": "Comparison", "type": "string" }, - "RoleARN": { - "markdownDescription": "The ARN of the role used to access the Amazon MSK cluster.", - "title": "RoleARN", + "Key": { + "markdownDescription": "The tag key used in the filter.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The tag value used in the filter.", + "title": "Value", "type": "string" } }, "required": [ - "Connectivity", - "RoleARN" + "Comparison" ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.BufferingHints": { + "AWS::InspectorV2::Filter.NumberFilter": { "additionalProperties": false, "properties": { - "IntervalInSeconds": { - "markdownDescription": "The length of time, in seconds, that Kinesis Data Firehose buffers incoming data before delivering it to the destination. For valid values, see the `IntervalInSeconds` content for the [BufferingHints](https://docs.aws.amazon.com/firehose/latest/APIReference/API_BufferingHints.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", - "title": "IntervalInSeconds", + "LowerInclusive": { + "markdownDescription": "The lowest number to be included in the filter.", + "title": "LowerInclusive", "type": "number" }, - "SizeInMBs": { - "markdownDescription": "The size of the buffer, in MBs, that Kinesis Data Firehose uses for incoming data before delivering it to the destination. For valid values, see the `SizeInMBs` content for the [BufferingHints](https://docs.aws.amazon.com/firehose/latest/APIReference/API_BufferingHints.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", - "title": "SizeInMBs", + "UpperInclusive": { + "markdownDescription": "The highest number to be included in the filter.", + "title": "UpperInclusive", "type": "number" } }, "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions": { + "AWS::InspectorV2::Filter.PackageFilter": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Indicates whether CloudWatch Logs logging is enabled.", - "title": "Enabled", - "type": "boolean" + "Architecture": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter", + "markdownDescription": "An object that contains details on the package architecture type to filter on.", + "title": "Architecture" }, - "LogGroupName": { - "markdownDescription": "The name of the CloudWatch Logs log group that contains the log stream that Kinesis Data Firehose will use.\n\nConditional. If you enable logging, you must specify this property.", - "title": "LogGroupName", - "type": "string" + "Epoch": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.NumberFilter", + "markdownDescription": "An object that contains details on the package epoch to filter on.", + "title": "Epoch" }, - "LogStreamName": { - "markdownDescription": "The name of the CloudWatch Logs log stream that Kinesis Data Firehose uses to send logs about data delivery.\n\nConditional. If you enable logging, you must specify this property.", - "title": "LogStreamName", - "type": "string" + "FilePath": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter", + "markdownDescription": "", + "title": "FilePath" + }, + "Name": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter", + "markdownDescription": "An object that contains details on the name of the package to filter on.", + "title": "Name" + }, + "Release": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter", + "markdownDescription": "An object that contains details on the package release to filter on.", + "title": "Release" + }, + "SourceLambdaLayerArn": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter", + "markdownDescription": "", + "title": "SourceLambdaLayerArn" + }, + "SourceLayerHash": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter", + "markdownDescription": "An object that contains details on the source layer hash to filter on.", + "title": "SourceLayerHash" + }, + "Version": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter", + "markdownDescription": "The package version to filter on.", + "title": "Version" } }, "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.CopyCommand": { + "AWS::InspectorV2::Filter.PortRangeFilter": { "additionalProperties": false, "properties": { - "CopyOptions": { - "markdownDescription": "Parameters to use with the Amazon Redshift `COPY` command. For examples, see the `CopyOptions` content for the [CopyCommand](https://docs.aws.amazon.com/firehose/latest/APIReference/API_CopyCommand.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", - "title": "CopyOptions", - "type": "string" + "BeginInclusive": { + "markdownDescription": "The port number the port range begins at.", + "title": "BeginInclusive", + "type": "number" }, - "DataTableColumns": { - "markdownDescription": "A comma-separated list of column names.", - "title": "DataTableColumns", + "EndInclusive": { + "markdownDescription": "The port number the port range ends at.", + "title": "EndInclusive", + "type": "number" + } + }, + "type": "object" + }, + "AWS::InspectorV2::Filter.StringFilter": { + "additionalProperties": false, + "properties": { + "Comparison": { + "markdownDescription": "The operator to use when comparing values in the filter.", + "title": "Comparison", "type": "string" }, - "DataTableName": { - "markdownDescription": "The name of the target table. The table must already exist in the database.", - "title": "DataTableName", + "Value": { + "markdownDescription": "The value to filter on.", + "title": "Value", "type": "string" } }, "required": [ - "DataTableName" + "Comparison", + "Value" ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.DataFormatConversionConfiguration": { + "AWS::InternetMonitor::Monitor": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Defaults to `true` . Set it to `false` if you want to disable format conversion while preserving the configuration details.", - "title": "Enabled", - "type": "boolean" + "Condition": { + "type": "string" }, - "InputFormatConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.InputFormatConfiguration", - "markdownDescription": "Specifies the deserializer that you want Firehose to use to convert the format of your data from JSON. This parameter is required if `Enabled` is set to true.", - "title": "InputFormatConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "OutputFormatConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.OutputFormatConfiguration", - "markdownDescription": "Specifies the serializer that you want Firehose to use to convert the format of your data to the Parquet or ORC format. This parameter is required if `Enabled` is set to true.", - "title": "OutputFormatConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SchemaConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SchemaConfiguration", - "markdownDescription": "Specifies the AWS Glue Data Catalog table that contains the column information. This parameter is required if `Enabled` is set to true.", - "title": "SchemaConfiguration" - } - }, - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.DeliveryStreamEncryptionConfigurationInput": { - "additionalProperties": false, - "properties": { - "KeyARN": { - "markdownDescription": "If you set `KeyType` to `CUSTOMER_MANAGED_CMK` , you must specify the Amazon Resource Name (ARN) of the CMK. If you set `KeyType` to `AWS _OWNED_CMK` , Firehose uses a service-account CMK.", - "title": "KeyARN", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "HealthEventsConfig": { + "$ref": "#/definitions/AWS::InternetMonitor::Monitor.HealthEventsConfig", + "markdownDescription": "A complex type with the configuration information that determines the threshold and other conditions for when Internet Monitor creates a health event for an overall performance or availability issue, across an application's geographies.\n\nDefines the percentages, for overall performance scores and availability scores for an application, that are the thresholds for when Internet Monitor creates a health event. You can override the defaults to set a custom threshold for overall performance or availability scores, or both.\n\nYou can also set thresholds for local health scores,, where Internet Monitor creates a health event when scores cross a threshold for one or more city-networks, in addition to creating an event when an overall score crosses a threshold.\n\nIf you don't set a health event threshold, the default value is 95%.\n\nFor local thresholds, you also set a minimum percentage of overall traffic that is impacted by an issue before Internet Monitor creates an event. In addition, you can disable local thresholds, for performance scores, availability scores, or both.\n\nFor more information, see [Change health event thresholds](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-IM-overview.html#IMUpdateThresholdFromOverview) in the Internet Monitor section of the *CloudWatch User Guide* .", + "title": "HealthEventsConfig" + }, + "IncludeLinkedAccounts": { + "markdownDescription": "A boolean option that you can set to `TRUE` to include monitors for linked accounts in a list of monitors, when you've set up cross-account sharing in Internet Monitor. You configure cross-account sharing by using Amazon CloudWatch Observability Access Manager. For more information, see [Internet Monitor cross-account observability](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cwim-cross-account.html) in the Amazon CloudWatch User Guide.", + "title": "IncludeLinkedAccounts", + "type": "boolean" + }, + "InternetMeasurementsLogDelivery": { + "$ref": "#/definitions/AWS::InternetMonitor::Monitor.InternetMeasurementsLogDelivery", + "markdownDescription": "Publish internet measurements for a monitor for all city-networks (up to the 500,000 service limit) to another location, such as an Amazon S3 bucket. Measurements are also published to Amazon CloudWatch Logs for the first 500 (by traffic volume) city-networks (client locations and ASNs, typically internet service providers or ISPs).", + "title": "InternetMeasurementsLogDelivery" + }, + "LinkedAccountId": { + "markdownDescription": "The account ID for an account that you've set up cross-account sharing for in Internet Monitor. You configure cross-account sharing by using Amazon CloudWatch Observability Access Manager. For more information, see [Internet Monitor cross-account observability](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cwim-cross-account.html) in the Amazon CloudWatch User Guide.", + "title": "LinkedAccountId", + "type": "string" + }, + "MaxCityNetworksToMonitor": { + "markdownDescription": "The maximum number of city-networks to monitor for your resources. A city-network is the location (city) where clients access your application resources from and the network, such as an internet service provider, that clients access the resources through.\n\nFor more information, see [Choosing a city-network maximum value](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/IMCityNetworksMaximum.html) in *Using Amazon CloudWatch Internet Monitor* .", + "title": "MaxCityNetworksToMonitor", + "type": "number" + }, + "MonitorName": { + "markdownDescription": "The name of the monitor. A monitor name can contain only alphanumeric characters, dashes (-), periods (.), and underscores (_).", + "title": "MonitorName", + "type": "string" + }, + "Resources": { + "items": { + "type": "string" + }, + "markdownDescription": "The resources that have been added for the monitor, listed by their Amazon Resource Names (ARNs). Use this option to add or remove resources when making an update.\n\n> Be aware that if you include content in the `Resources` field when you update a monitor, the `ResourcesToAdd` and `ResourcesToRemove` fields must be empty.", + "title": "Resources", + "type": "array" + }, + "ResourcesToAdd": { + "items": { + "type": "string" + }, + "markdownDescription": "The resources to include in a monitor, which you provide as a set of Amazon Resource Names (ARNs). Resources can be Amazon Virtual Private Cloud VPCs, Network Load Balancers (NLBs), Amazon CloudFront distributions, or Amazon WorkSpaces directories.\n\nYou can add a combination of VPCs and CloudFront distributions, or you can add WorkSpaces directories, or you can add NLBs. You can't add NLBs or WorkSpaces directories together with any other resources.\n\nIf you add only VPC resources, at least one VPC must have an Internet Gateway attached to it, to make sure that it has internet connectivity.\n\n> You can specify this field for a monitor update only if the `Resources` field is empty.", + "title": "ResourcesToAdd", + "type": "array" + }, + "ResourcesToRemove": { + "items": { + "type": "string" + }, + "markdownDescription": "The resources to remove from a monitor, which you provide as a set of Amazon Resource Names (ARNs)\n\n> You can specify this field for a monitor update only if the `Resources` field is empty.", + "title": "ResourcesToRemove", + "type": "array" + }, + "Status": { + "markdownDescription": "The status of a monitor. The accepted values that you can specify for `Status` are `ACTIVE` and `INACTIVE` .", + "title": "Status", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for a monitor, listed as a set of *key:value* pairs.", + "title": "Tags", + "type": "array" + }, + "TrafficPercentageToMonitor": { + "markdownDescription": "The percentage of the internet-facing traffic for your application that you want to monitor. You can also, optionally, set a limit for the number of city-networks (client locations and ASNs, typically internet service providers) that Internet Monitor will monitor traffic for. The city-networks maximum limit caps the number of city-networks that Internet Monitor monitors for your application, regardless of the percentage of traffic that you choose to monitor.", + "title": "TrafficPercentageToMonitor", + "type": "number" + } + }, + "required": [ + "MonitorName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::InternetMonitor::Monitor" + ], "type": "string" }, - "KeyType": { - "markdownDescription": "Indicates the type of customer master key (CMK) to use for encryption. The default setting is `AWS_OWNED_CMK` . For more information about CMKs, see [Customer Master Keys (CMKs)](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#master_keys) .\n\nYou can use a CMK of type CUSTOMER_MANAGED_CMK to encrypt up to 500 delivery streams.\n\n> To encrypt your delivery stream, use symmetric CMKs. Kinesis Data Firehose doesn't support asymmetric CMKs. For information about symmetric and asymmetric CMKs, see [About Symmetric and Asymmetric CMKs](https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-concepts.html) in the AWS Key Management Service developer guide.", - "title": "KeyType", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "KeyType" + "Type", + "Properties" ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.Deserializer": { + "AWS::InternetMonitor::Monitor.HealthEventsConfig": { "additionalProperties": false, "properties": { - "HiveJsonSerDe": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.HiveJsonSerDe", - "markdownDescription": "The native Hive / HCatalog JsonSerDe. Used by Firehose for deserializing data, which means converting it from the JSON format in preparation for serializing it to the Parquet or ORC format. This is one of two deserializers you can choose, depending on which one offers the functionality you need. The other option is the OpenX SerDe.", - "title": "HiveJsonSerDe" + "AvailabilityLocalHealthEventsConfig": { + "$ref": "#/definitions/AWS::InternetMonitor::Monitor.LocalHealthEventsConfig", + "markdownDescription": "The configuration that determines the threshold and other conditions for when Internet Monitor creates a health event for a local availability issue.", + "title": "AvailabilityLocalHealthEventsConfig" }, - "OpenXJsonSerDe": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.OpenXJsonSerDe", - "markdownDescription": "The OpenX SerDe. Used by Firehose for deserializing data, which means converting it from the JSON format in preparation for serializing it to the Parquet or ORC format. This is one of two deserializers you can choose, depending on which one offers the functionality you need. The other option is the native Hive / HCatalog JsonSerDe.", - "title": "OpenXJsonSerDe" + "AvailabilityScoreThreshold": { + "markdownDescription": "The health event threshold percentage set for availability scores. When the overall availability score is at or below this percentage, Internet Monitor creates a health event.", + "title": "AvailabilityScoreThreshold", + "type": "number" + }, + "PerformanceLocalHealthEventsConfig": { + "$ref": "#/definitions/AWS::InternetMonitor::Monitor.LocalHealthEventsConfig", + "markdownDescription": "The configuration that determines the threshold and other conditions for when Internet Monitor creates a health event for a local performance issue.", + "title": "PerformanceLocalHealthEventsConfig" + }, + "PerformanceScoreThreshold": { + "markdownDescription": "The health event threshold percentage set for performance scores. When the overall performance score is at or below this percentage, Internet Monitor creates a health event.", + "title": "PerformanceScoreThreshold", + "type": "number" } }, "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.DocumentIdOptions": { + "AWS::InternetMonitor::Monitor.InternetMeasurementsLogDelivery": { "additionalProperties": false, "properties": { - "DefaultDocumentIdFormat": { - "markdownDescription": "When the `FIREHOSE_DEFAULT` option is chosen, Firehose generates a unique document ID for each record based on a unique internal identifier. The generated document ID is stable across multiple delivery attempts, which helps prevent the same record from being indexed multiple times with different document IDs.\n\nWhen the `NO_DOCUMENT_ID` option is chosen, Firehose does not include any document IDs in the requests it sends to the Amazon OpenSearch Service. This causes the Amazon OpenSearch Service domain to generate document IDs. In case of multiple delivery attempts, this may cause the same record to be indexed more than once with different document IDs. This option enables write-heavy operations, such as the ingestion of logs and observability data, to consume less resources in the Amazon OpenSearch Service domain, resulting in improved performance.", - "title": "DefaultDocumentIdFormat", - "type": "string" + "S3Config": { + "$ref": "#/definitions/AWS::InternetMonitor::Monitor.S3Config", + "markdownDescription": "The configuration for publishing Amazon CloudWatch Internet Monitor internet measurements to Amazon S3.", + "title": "S3Config" } }, - "required": [ - "DefaultDocumentIdFormat" - ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.DynamicPartitioningConfiguration": { + "AWS::InternetMonitor::Monitor.LocalHealthEventsConfig": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Specifies whether dynamic partitioning is enabled for this Kinesis Data Firehose delivery stream.", - "title": "Enabled", - "type": "boolean" + "HealthScoreThreshold": { + "markdownDescription": "The health event threshold percentage set for a local health score.", + "title": "HealthScoreThreshold", + "type": "number" }, - "RetryOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.RetryOptions", - "markdownDescription": "Specifies the retry behavior in case Kinesis Data Firehose is unable to deliver data to an Amazon S3 prefix.", - "title": "RetryOptions" + "MinTrafficImpact": { + "markdownDescription": "The minimum percentage of overall traffic for an application that must be impacted by an issue before Internet Monitor creates an event when a threshold is crossed for a local health score.\n\nIf you don't set a minimum traffic impact threshold, the default value is 0.01%.", + "title": "MinTrafficImpact", + "type": "number" + }, + "Status": { + "markdownDescription": "The status of whether Internet Monitor creates a health event based on a threshold percentage set for a local health score. The status can be `ENABLED` or `DISABLED` .", + "title": "Status", + "type": "string" } }, "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.ElasticsearchBufferingHints": { + "AWS::InternetMonitor::Monitor.S3Config": { "additionalProperties": false, "properties": { - "IntervalInSeconds": { - "markdownDescription": "The length of time, in seconds, that Kinesis Data Firehose buffers incoming data before delivering it to the destination. For valid values, see the `IntervalInSeconds` content for the [BufferingHints](https://docs.aws.amazon.com/firehose/latest/APIReference/API_BufferingHints.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", - "title": "IntervalInSeconds", - "type": "number" + "BucketName": { + "markdownDescription": "The Amazon S3 bucket name for internet measurements publishing.", + "title": "BucketName", + "type": "string" }, - "SizeInMBs": { - "markdownDescription": "The size of the buffer, in MBs, that Kinesis Data Firehose uses for incoming data before delivering it to the destination. For valid values, see the `SizeInMBs` content for the [BufferingHints](https://docs.aws.amazon.com/firehose/latest/APIReference/API_BufferingHints.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", - "title": "SizeInMBs", - "type": "number" + "BucketPrefix": { + "markdownDescription": "An optional Amazon S3 bucket prefix for internet measurements publishing.", + "title": "BucketPrefix", + "type": "string" + }, + "LogDeliveryStatus": { + "markdownDescription": "The status of publishing Internet Monitor internet measurements to an Amazon S3 bucket. The delivery status is `ENABLED` if you choose to deliver internet measurements to an S3 bucket, and `DISABLED` otherwise.", + "title": "LogDeliveryStatus", + "type": "string" } }, "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.ElasticsearchDestinationConfiguration": { + "AWS::Invoicing::InvoiceUnit": { "additionalProperties": false, "properties": { - "BufferingHints": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ElasticsearchBufferingHints", - "markdownDescription": "Configures how Kinesis Data Firehose buffers incoming data while delivering it to the Amazon ES domain.", - "title": "BufferingHints" - }, - "CloudWatchLoggingOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", - "markdownDescription": "The Amazon CloudWatch Logs logging options for the delivery stream.", - "title": "CloudWatchLoggingOptions" - }, - "ClusterEndpoint": { - "markdownDescription": "The endpoint to use when communicating with the cluster. Specify either this `ClusterEndpoint` or the `DomainARN` field.", - "title": "ClusterEndpoint", - "type": "string" - }, - "DocumentIdOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DocumentIdOptions", - "markdownDescription": "Indicates the method for setting up document ID. The supported methods are Firehose generated document ID and OpenSearch Service generated document ID.", - "title": "DocumentIdOptions" - }, - "DomainARN": { - "markdownDescription": "The ARN of the Amazon ES domain. The IAM role must have permissions for `DescribeElasticsearchDomain` , `DescribeElasticsearchDomains` , and `DescribeElasticsearchDomainConfig` after assuming the role specified in *RoleARN* .\n\nSpecify either `ClusterEndpoint` or `DomainARN` .", - "title": "DomainARN", - "type": "string" - }, - "IndexName": { - "markdownDescription": "The name of the Elasticsearch index to which Kinesis Data Firehose adds data for indexing.", - "title": "IndexName", + "Condition": { "type": "string" }, - "IndexRotationPeriod": { - "markdownDescription": "The frequency of Elasticsearch index rotation. If you enable index rotation, Kinesis Data Firehose appends a portion of the UTC arrival timestamp to the specified index name, and rotates the appended timestamp accordingly. For more information, see [Index Rotation for the Amazon ES Destination](https://docs.aws.amazon.com/firehose/latest/dev/basic-deliver.html#es-index-rotation) in the *Amazon Kinesis Data Firehose Developer Guide* .", - "title": "IndexRotationPeriod", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ProcessingConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", - "markdownDescription": "The data processing configuration for the Kinesis Data Firehose delivery stream.", - "title": "ProcessingConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "RetryOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ElasticsearchRetryOptions", - "markdownDescription": "The retry behavior when Kinesis Data Firehose is unable to deliver data to Amazon ES.", - "title": "RetryOptions" + "Metadata": { + "type": "object" }, - "RoleARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to be assumed by Kinesis Data Firehose for calling the Amazon ES Configuration API and for indexing documents. For more information, see [Controlling Access with Amazon Kinesis Data Firehose](https://docs.aws.amazon.com/firehose/latest/dev/controlling-access.html) .", - "title": "RoleARN", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The assigned description for an invoice unit. This information can't be modified or deleted.", + "title": "Description", + "type": "string" + }, + "InvoiceReceiver": { + "markdownDescription": "The account that receives invoices related to the invoice unit.", + "title": "InvoiceReceiver", + "type": "string" + }, + "Name": { + "markdownDescription": "A unique name that is distinctive within your AWS .", + "title": "Name", + "type": "string" + }, + "ResourceTags": { + "items": { + "$ref": "#/definitions/AWS::Invoicing::InvoiceUnit.ResourceTag" + }, + "markdownDescription": "The tag structure that contains a tag key and value.", + "title": "ResourceTags", + "type": "array" + }, + "Rule": { + "$ref": "#/definitions/AWS::Invoicing::InvoiceUnit.Rule", + "markdownDescription": "An `InvoiceUnitRule` object used the categorize invoice units.", + "title": "Rule" + }, + "TaxInheritanceDisabled": { + "markdownDescription": "Whether the invoice unit based tax inheritance is/ should be enabled or disabled.", + "title": "TaxInheritanceDisabled", + "type": "boolean" + } + }, + "required": [ + "InvoiceReceiver", + "Name", + "Rule" + ], + "type": "object" }, - "S3BackupMode": { - "markdownDescription": "The condition under which Kinesis Data Firehose delivers data to Amazon Simple Storage Service (Amazon S3). You can send Amazon S3 all documents (all data) or only the documents that Kinesis Data Firehose could not deliver to the Amazon ES destination. For more information and valid values, see the `S3BackupMode` content for the [ElasticsearchDestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ElasticsearchDestinationConfiguration.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", - "title": "S3BackupMode", + "Type": { + "enum": [ + "AWS::Invoicing::InvoiceUnit" + ], "type": "string" }, - "S3Configuration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", - "markdownDescription": "The S3 bucket where Kinesis Data Firehose backs up incoming data.", - "title": "S3Configuration" - }, - "TypeName": { - "markdownDescription": "The Elasticsearch type name that Amazon ES adds to documents when indexing data.", - "title": "TypeName", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "VpcConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.VpcConfiguration", - "markdownDescription": "The details of the VPC of the Amazon ES destination.", - "title": "VpcConfiguration" } }, "required": [ - "IndexName", - "RoleARN", - "S3Configuration" + "Type", + "Properties" ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.ElasticsearchRetryOptions": { + "AWS::Invoicing::InvoiceUnit.ResourceTag": { "additionalProperties": false, "properties": { - "DurationInSeconds": { - "markdownDescription": "After an initial failure to deliver to Amazon ES, the total amount of time during which Kinesis Data Firehose re-attempts delivery (including the first attempt). If Kinesis Data Firehose can't deliver the data within the specified time, it writes the data to the backup S3 bucket. For valid values, see the `DurationInSeconds` content for the [ElasticsearchRetryOptions](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ElasticsearchRetryOptions.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", - "title": "DurationInSeconds", - "type": "number" + "Key": { + "markdownDescription": "The object key of your of your resource tag.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The specific value of the resource tag.", + "title": "Value", + "type": "string" } }, + "required": [ + "Key", + "Value" + ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.EncryptionConfiguration": { + "AWS::Invoicing::InvoiceUnit.Rule": { "additionalProperties": false, "properties": { - "KMSEncryptionConfig": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.KMSEncryptionConfig", - "markdownDescription": "The AWS Key Management Service ( AWS KMS) encryption key that Amazon S3 uses to encrypt your data.", - "title": "KMSEncryptionConfig" - }, - "NoEncryptionConfig": { - "markdownDescription": "Disables encryption. For valid values, see the `NoEncryptionConfig` content for the [EncryptionConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_EncryptionConfiguration.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", - "title": "NoEncryptionConfig", - "type": "string" + "LinkedAccounts": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of `LINKED_ACCOUNT` IDs where charges are included within the invoice unit.", + "title": "LinkedAccounts", + "type": "array" } }, + "required": [ + "LinkedAccounts" + ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.ExtendedS3DestinationConfiguration": { + "AWS::IoT::AccountAuditConfiguration": { "additionalProperties": false, "properties": { - "BucketARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon S3 bucket. For constraints, see [ExtendedS3DestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ExtendedS3DestinationConfiguration.html) in the *Amazon Kinesis Data Firehose API Reference* .", - "title": "BucketARN", - "type": "string" - }, - "BufferingHints": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.BufferingHints", - "markdownDescription": "The buffering option.", - "title": "BufferingHints" - }, - "CloudWatchLoggingOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", - "markdownDescription": "The Amazon CloudWatch logging options for your Firehose stream.", - "title": "CloudWatchLoggingOptions" - }, - "CompressionFormat": { - "markdownDescription": "The compression format. If no value is specified, the default is `UNCOMPRESSED` .", - "title": "CompressionFormat", - "type": "string" - }, - "CustomTimeZone": { - "markdownDescription": "The time zone you prefer. UTC is the default.", - "title": "CustomTimeZone", + "Condition": { "type": "string" }, - "DataFormatConversionConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DataFormatConversionConfiguration", - "markdownDescription": "The serializer, deserializer, and schema for converting data from the JSON format to the Parquet or ORC format before writing it to Amazon S3.", - "title": "DataFormatConversionConfiguration" - }, - "DynamicPartitioningConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DynamicPartitioningConfiguration", - "markdownDescription": "The configuration of the dynamic partitioning mechanism that creates targeted data sets from the streaming data by partitioning it based on partition keys.", - "title": "DynamicPartitioningConfiguration" - }, - "EncryptionConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.EncryptionConfiguration", - "markdownDescription": "The encryption configuration for the Kinesis Data Firehose delivery stream. The default value is `NoEncryption` .", - "title": "EncryptionConfiguration" - }, - "ErrorOutputPrefix": { - "markdownDescription": "A prefix that Kinesis Data Firehose evaluates and adds to failed records before writing them to S3. This prefix appears immediately following the bucket name. For information about how to specify this prefix, see [Custom Prefixes for Amazon S3 Objects](https://docs.aws.amazon.com/firehose/latest/dev/s3-prefixes.html) .", - "title": "ErrorOutputPrefix", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "FileExtension": { - "markdownDescription": "Specify a file extension. It will override the default file extension", - "title": "FileExtension", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Prefix": { - "markdownDescription": "The `YYYY/MM/DD/HH` time format prefix is automatically used for delivered Amazon S3 files. For more information, see [ExtendedS3DestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ExtendedS3DestinationConfiguration.html) in the *Amazon Kinesis Data Firehose API Reference* .", - "title": "Prefix", - "type": "string" + "Metadata": { + "type": "object" }, - "ProcessingConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", - "markdownDescription": "The data processing configuration for the Kinesis Data Firehose delivery stream.", - "title": "ProcessingConfiguration" + "Properties": { + "additionalProperties": false, + "properties": { + "AccountId": { + "markdownDescription": "The ID of the account. You can use the expression `!Sub \"${AWS::AccountId}\"` to use your account ID.", + "title": "AccountId", + "type": "string" + }, + "AuditCheckConfigurations": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfigurations", + "markdownDescription": "Specifies which audit checks are enabled and disabled for this account.\n\nSome data collection might start immediately when certain checks are enabled. When a check is disabled, any data collected so far in relation to the check is deleted. To disable a check, set the value of the `Enabled:` key to `false` .\n\nIf an enabled check is removed from the template, it will also be disabled.\n\nYou can't disable a check if it's used by any scheduled audit. You must delete the check from the scheduled audit or delete the scheduled audit itself to disable the check.\n\nFor more information on available audit checks see [AWS::IoT::AccountAuditConfiguration AuditCheckConfigurations](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iot-accountauditconfiguration-auditcheckconfigurations.html)", + "title": "AuditCheckConfigurations" + }, + "AuditNotificationTargetConfigurations": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditNotificationTargetConfigurations", + "markdownDescription": "Information about the targets to which audit notifications are sent.", + "title": "AuditNotificationTargetConfigurations" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role that grants permission to AWS IoT to access information about your devices, policies, certificates, and other items as required when performing an audit.", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "AccountId", + "AuditCheckConfigurations", + "RoleArn" + ], + "type": "object" }, - "RoleARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS credentials. For constraints, see [ExtendedS3DestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ExtendedS3DestinationConfiguration.html) in the *Amazon Kinesis Data Firehose API Reference* .", - "title": "RoleARN", + "Type": { + "enum": [ + "AWS::IoT::AccountAuditConfiguration" + ], "type": "string" }, - "S3BackupConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", - "markdownDescription": "The configuration for backup in Amazon S3.", - "title": "S3BackupConfiguration" - }, - "S3BackupMode": { - "markdownDescription": "The Amazon S3 backup mode. After you create a Firehose stream, you can update it to enable Amazon S3 backup if it is disabled. If backup is enabled, you can't update the Firehose stream to disable it.", - "title": "S3BackupMode", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "BucketARN", - "RoleARN" + "Type", + "Properties" ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.HiveJsonSerDe": { + "AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration": { "additionalProperties": false, "properties": { - "TimestampFormats": { - "items": { - "type": "string" - }, - "markdownDescription": "Indicates how you want Firehose to parse the date and timestamps that may be present in your input data JSON. To specify these format strings, follow the pattern syntax of JodaTime's DateTimeFormat format strings. For more information, see [Class DateTimeFormat](https://docs.aws.amazon.com/https://www.joda.org/joda-time/apidocs/org/joda/time/format/DateTimeFormat.html) . You can also use the special value `millis` to parse timestamps in epoch milliseconds. If you don't specify a format, Firehose uses `java.sql.Timestamp::valueOf` by default.", - "title": "TimestampFormats", - "type": "array" + "Enabled": { + "markdownDescription": "True if this audit check is enabled for this account.", + "title": "Enabled", + "type": "boolean" } }, "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.HttpEndpointCommonAttribute": { + "AWS::IoT::AccountAuditConfiguration.AuditCheckConfigurations": { "additionalProperties": false, "properties": { - "AttributeName": { - "markdownDescription": "The name of the HTTP endpoint common attribute.", - "title": "AttributeName", - "type": "string" + "AuthenticatedCognitoRoleOverlyPermissiveCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks the permissiveness of an authenticated Amazon Cognito identity pool role. For this check, AWS IoT Device Defender audits all Amazon Cognito identity pools that have been used to connect to the AWS IoT message broker during the 31 days before the audit is performed.", + "title": "AuthenticatedCognitoRoleOverlyPermissiveCheck" }, - "AttributeValue": { - "markdownDescription": "The value of the HTTP endpoint common attribute.", - "title": "AttributeValue", - "type": "string" - } - }, - "required": [ - "AttributeName", - "AttributeValue" - ], - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.HttpEndpointConfiguration": { - "additionalProperties": false, - "properties": { - "AccessKey": { - "markdownDescription": "The access key required for Kinesis Firehose to authenticate with the HTTP endpoint selected as the destination.", - "title": "AccessKey", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the HTTP endpoint selected as the destination.", - "title": "Name", - "type": "string" - }, - "Url": { - "markdownDescription": "The URL of the HTTP endpoint selected as the destination.", - "title": "Url", - "type": "string" - } - }, - "required": [ - "Url" - ], - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.HttpEndpointDestinationConfiguration": { - "additionalProperties": false, - "properties": { - "BufferingHints": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.BufferingHints", - "markdownDescription": "The buffering options that can be used before data is delivered to the specified destination. Kinesis Data Firehose treats these options as hints, and it might choose to use more optimal values. The SizeInMBs and IntervalInSeconds parameters are optional. However, if you specify a value for one of them, you must also provide a value for the other.", - "title": "BufferingHints" - }, - "CloudWatchLoggingOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", - "markdownDescription": "Describes the Amazon CloudWatch logging options for your delivery stream.", - "title": "CloudWatchLoggingOptions" - }, - "EndpointConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.HttpEndpointConfiguration", - "markdownDescription": "The configuration of the HTTP endpoint selected as the destination.", - "title": "EndpointConfiguration" - }, - "ProcessingConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", - "markdownDescription": "Describes the data processing configuration.", - "title": "ProcessingConfiguration" - }, - "RequestConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.HttpEndpointRequestConfiguration", - "markdownDescription": "The configuration of the request sent to the HTTP endpoint specified as the destination.", - "title": "RequestConfiguration" - }, - "RetryOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.RetryOptions", - "markdownDescription": "Describes the retry behavior in case Kinesis Data Firehose is unable to deliver data to the specified HTTP endpoint destination, or if it doesn't receive a valid acknowledgment of receipt from the specified HTTP endpoint destination.", - "title": "RetryOptions" - }, - "RoleARN": { - "markdownDescription": "Kinesis Data Firehose uses this IAM role for all the permissions that the delivery stream needs.", - "title": "RoleARN", - "type": "string" - }, - "S3BackupMode": { - "markdownDescription": "Describes the S3 bucket backup options for the data that Kinesis Data Firehose delivers to the HTTP endpoint destination. You can back up all documents (AllData) or only the documents that Kinesis Data Firehose could not deliver to the specified HTTP endpoint destination (FailedDataOnly).", - "title": "S3BackupMode", - "type": "string" - }, - "S3Configuration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", - "markdownDescription": "Describes the configuration of a destination in Amazon S3.", - "title": "S3Configuration" - } - }, - "required": [ - "EndpointConfiguration", - "S3Configuration" - ], - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.HttpEndpointRequestConfiguration": { - "additionalProperties": false, - "properties": { - "CommonAttributes": { - "items": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.HttpEndpointCommonAttribute" - }, - "markdownDescription": "Describes the metadata sent to the HTTP endpoint destination.", - "title": "CommonAttributes", - "type": "array" - }, - "ContentEncoding": { - "markdownDescription": "Kinesis Data Firehose uses the content encoding to compress the body of a request before sending the request to the destination. For more information, see Content-Encoding in MDN Web Docs, the official Mozilla documentation.", - "title": "ContentEncoding", - "type": "string" - } - }, - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.InputFormatConfiguration": { - "additionalProperties": false, - "properties": { - "Deserializer": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.Deserializer", - "markdownDescription": "Specifies which deserializer to use. You can choose either the Apache Hive JSON SerDe or the OpenX JSON SerDe. If both are non-null, the server rejects the request.", - "title": "Deserializer" - } - }, - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.KMSEncryptionConfig": { - "additionalProperties": false, - "properties": { - "AWSKMSKeyARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS encryption key that Amazon S3 uses to encrypt data delivered by the Kinesis Data Firehose stream. The key must belong to the same region as the destination S3 bucket.", - "title": "AWSKMSKeyARN", - "type": "string" - } - }, - "required": [ - "AWSKMSKeyARN" - ], - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.KinesisStreamSourceConfiguration": { - "additionalProperties": false, - "properties": { - "KinesisStreamARN": { - "markdownDescription": "The ARN of the source Kinesis data stream.", - "title": "KinesisStreamARN", - "type": "string" - }, - "RoleARN": { - "markdownDescription": "The ARN of the role that provides access to the source Kinesis data stream.", - "title": "RoleARN", - "type": "string" - } - }, - "required": [ - "KinesisStreamARN", - "RoleARN" - ], - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.MSKSourceConfiguration": { - "additionalProperties": false, - "properties": { - "AuthenticationConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AuthenticationConfiguration", - "markdownDescription": "The authentication configuration of the Amazon MSK cluster.", - "title": "AuthenticationConfiguration" - }, - "MSKClusterARN": { - "markdownDescription": "The ARN of the Amazon MSK cluster.", - "title": "MSKClusterARN", - "type": "string" - }, - "TopicName": { - "markdownDescription": "The topic name within the Amazon MSK cluster.", - "title": "TopicName", - "type": "string" - } - }, - "required": [ - "AuthenticationConfiguration", - "MSKClusterARN", - "TopicName" - ], - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.OpenXJsonSerDe": { - "additionalProperties": false, - "properties": { - "CaseInsensitive": { - "markdownDescription": "When set to `true` , which is the default, Firehose converts JSON keys to lowercase before deserializing them.", - "title": "CaseInsensitive", - "type": "boolean" - }, - "ColumnToJsonKeyMappings": { - "additionalProperties": true, - "markdownDescription": "Maps column names to JSON keys that aren't identical to the column names. This is useful when the JSON contains keys that are Hive keywords. For example, `timestamp` is a Hive keyword. If you have a JSON key named `timestamp` , set this parameter to `{\"ts\": \"timestamp\"}` to map this key to a column named `ts` .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "ColumnToJsonKeyMappings", - "type": "object" + "CaCertificateExpiringCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks if a CA certificate is expiring. This check applies to CA certificates expiring within 30 days or that have expired.", + "title": "CaCertificateExpiringCheck" }, - "ConvertDotsInJsonKeysToUnderscores": { - "markdownDescription": "When set to `true` , specifies that the names of the keys include dots and that you want Firehose to replace them with underscores. This is useful because Apache Hive does not allow dots in column names. For example, if the JSON contains a key whose name is \"a.b\", you can define the column name to be \"a_b\" when using this option.\n\nThe default is `false` .", - "title": "ConvertDotsInJsonKeysToUnderscores", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.OrcSerDe": { - "additionalProperties": false, - "properties": { - "BlockSizeBytes": { - "markdownDescription": "The Hadoop Distributed File System (HDFS) block size. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is 256 MiB and the minimum is 64 MiB. Firehose uses this value for padding calculations.", - "title": "BlockSizeBytes", - "type": "number" + "CaCertificateKeyQualityCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks the quality of the CA certificate key. The quality checks if the key is in a valid format, not expired, and if the key meets a minimum required size. This check applies to CA certificates that are `ACTIVE` or `PENDING_TRANSFER` .", + "title": "CaCertificateKeyQualityCheck" }, - "BloomFilterColumns": { - "items": { - "type": "string" - }, - "markdownDescription": "The column names for which you want Firehose to create bloom filters. The default is `null` .", - "title": "BloomFilterColumns", - "type": "array" + "ConflictingClientIdsCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks if multiple devices connect using the same client ID.", + "title": "ConflictingClientIdsCheck" }, - "BloomFilterFalsePositiveProbability": { - "markdownDescription": "The Bloom filter false positive probability (FPP). The lower the FPP, the bigger the Bloom filter. The default value is 0.05, the minimum is 0, and the maximum is 1.", - "title": "BloomFilterFalsePositiveProbability", - "type": "number" + "DeviceCertificateAgeCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.DeviceCertAgeAuditCheckConfiguration", + "markdownDescription": "Checks when a device certificate has been active for a number of days greater than or equal to the number you specify.", + "title": "DeviceCertificateAgeCheck" }, - "Compression": { - "markdownDescription": "The compression code to use over data blocks. The default is `SNAPPY` .", - "title": "Compression", - "type": "string" + "DeviceCertificateExpiringCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.DeviceCertExpirationAuditCheckConfiguration", + "markdownDescription": "Checks if a device certificate is expiring. By default, this check applies to device certificates expiring within 30 days or that have expired. You can modify this threshold by configuring the DeviceCertExpirationAuditCheckConfiguration.", + "title": "DeviceCertificateExpiringCheck" }, - "DictionaryKeyThreshold": { - "markdownDescription": "Represents the fraction of the total number of non-null rows. To turn off dictionary encoding, set this fraction to a number that is less than the number of distinct keys in a dictionary. To always use dictionary encoding, set this threshold to 1.", - "title": "DictionaryKeyThreshold", - "type": "number" + "DeviceCertificateKeyQualityCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks the quality of the device certificate key. The quality checks if the key is in a valid format, not expired, signed by a registered certificate authority, and if the key meets a minimum required size.", + "title": "DeviceCertificateKeyQualityCheck" }, - "EnablePadding": { - "markdownDescription": "Set this to `true` to indicate that you want stripes to be padded to the HDFS block boundaries. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is `false` .", - "title": "EnablePadding", - "type": "boolean" + "DeviceCertificateSharedCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks if multiple concurrent connections use the same X.509 certificate to authenticate with AWS IoT .", + "title": "DeviceCertificateSharedCheck" }, - "FormatVersion": { - "markdownDescription": "The version of the file to write. The possible values are `V0_11` and `V0_12` . The default is `V0_12` .", - "title": "FormatVersion", - "type": "string" + "IntermediateCaRevokedForActiveDeviceCertificatesCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks if device certificates are still active despite being revoked by an intermediate CA.", + "title": "IntermediateCaRevokedForActiveDeviceCertificatesCheck" }, - "PaddingTolerance": { - "markdownDescription": "A number between 0 and 1 that defines the tolerance for block padding as a decimal fraction of stripe size. The default value is 0.05, which means 5 percent of stripe size.\n\nFor the default values of 64 MiB ORC stripes and 256 MiB HDFS blocks, the default block padding tolerance of 5 percent reserves a maximum of 3.2 MiB for padding within the 256 MiB block. In such a case, if the available size within the block is more than 3.2 MiB, a new, smaller stripe is inserted to fit within that space. This ensures that no stripe crosses block boundaries and causes remote reads within a node-local task.\n\nKinesis Data Firehose ignores this parameter when `EnablePadding` is `false` .", - "title": "PaddingTolerance", - "type": "number" + "IoTPolicyPotentialMisConfigurationCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks if an AWS IoT policy is potentially misconfigured. Misconfigured policies, including overly permissive policies, can cause security incidents like allowing devices access to unintended resources. This check is a warning for you to make sure that only intended actions are allowed before updating the policy.", + "title": "IoTPolicyPotentialMisConfigurationCheck" }, - "RowIndexStride": { - "markdownDescription": "The number of rows between index entries. The default is 10,000 and the minimum is 1,000.", - "title": "RowIndexStride", - "type": "number" + "IotPolicyOverlyPermissiveCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks the permissiveness of a policy attached to an authenticated Amazon Cognito identity pool role.", + "title": "IotPolicyOverlyPermissiveCheck" }, - "StripeSizeBytes": { - "markdownDescription": "The number of bytes in each stripe. The default is 64 MiB and the minimum is 8 MiB.", - "title": "StripeSizeBytes", - "type": "number" - } - }, - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.OutputFormatConfiguration": { - "additionalProperties": false, - "properties": { - "Serializer": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.Serializer", - "markdownDescription": "Specifies which serializer to use. You can choose either the ORC SerDe or the Parquet SerDe. If both are non-null, the server rejects the request.", - "title": "Serializer" - } - }, - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.ParquetSerDe": { - "additionalProperties": false, - "properties": { - "BlockSizeBytes": { - "markdownDescription": "The Hadoop Distributed File System (HDFS) block size. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is 256 MiB and the minimum is 64 MiB. Firehose uses this value for padding calculations.", - "title": "BlockSizeBytes", - "type": "number" + "IotRoleAliasAllowsAccessToUnusedServicesCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks if a role alias has access to services that haven't been used for the AWS IoT device in the last year.", + "title": "IotRoleAliasAllowsAccessToUnusedServicesCheck" }, - "Compression": { - "markdownDescription": "The compression code to use over data blocks. The possible values are `UNCOMPRESSED` , `SNAPPY` , and `GZIP` , with the default being `SNAPPY` . Use `SNAPPY` for higher decompression speed. Use `GZIP` if the compression ratio is more important than speed.", - "title": "Compression", - "type": "string" + "IotRoleAliasOverlyPermissiveCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks if the temporary credentials provided by AWS IoT role aliases are overly permissive.", + "title": "IotRoleAliasOverlyPermissiveCheck" }, - "EnableDictionaryCompression": { - "markdownDescription": "Indicates whether to enable dictionary compression.", - "title": "EnableDictionaryCompression", - "type": "boolean" + "LoggingDisabledCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks if AWS IoT logs are disabled.", + "title": "LoggingDisabledCheck" }, - "MaxPaddingBytes": { - "markdownDescription": "The maximum amount of padding to apply. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is 0.", - "title": "MaxPaddingBytes", - "type": "number" + "RevokedCaCertificateStillActiveCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks if a revoked CA certificate is still active.", + "title": "RevokedCaCertificateStillActiveCheck" }, - "PageSizeBytes": { - "markdownDescription": "The Parquet page size. Column chunks are divided into pages. A page is conceptually an indivisible unit (in terms of compression and encoding). The minimum value is 64 KiB and the default is 1 MiB.", - "title": "PageSizeBytes", - "type": "number" + "RevokedDeviceCertificateStillActiveCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks if a revoked device certificate is still active.", + "title": "RevokedDeviceCertificateStillActiveCheck" }, - "WriterVersion": { - "markdownDescription": "Indicates the version of row format to output. The possible values are `V1` and `V2` . The default is `V1` .", - "title": "WriterVersion", - "type": "string" + "UnauthenticatedCognitoRoleOverlyPermissiveCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks if policy attached to an unauthenticated Amazon Cognito identity pool role is too permissive.", + "title": "UnauthenticatedCognitoRoleOverlyPermissiveCheck" } }, "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration": { + "AWS::IoT::AccountAuditConfiguration.AuditNotificationTarget": { "additionalProperties": false, "properties": { "Enabled": { - "markdownDescription": "Indicates whether data processing is enabled (true) or disabled (false).", + "markdownDescription": "True if notifications to the target are enabled.", "title": "Enabled", "type": "boolean" }, - "Processors": { - "items": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.Processor" - }, - "markdownDescription": "The data processors.", - "title": "Processors", - "type": "array" - } - }, - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.Processor": { - "additionalProperties": false, - "properties": { - "Parameters": { - "items": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessorParameter" - }, - "markdownDescription": "The processor parameters.", - "title": "Parameters", - "type": "array" - }, - "Type": { - "markdownDescription": "The type of processor. Valid values: `Lambda` .", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.ProcessorParameter": { - "additionalProperties": false, - "properties": { - "ParameterName": { - "markdownDescription": "The name of the parameter. Currently the following default values are supported: 3 for `NumberOfRetries` and 60 for the `BufferIntervalInSeconds` . The `BufferSizeInMBs` ranges between 0.2 MB and up to 3MB. The default buffering hint is 1MB for all destinations, except Splunk. For Splunk, the default buffering hint is 256 KB.", - "title": "ParameterName", - "type": "string" - }, - "ParameterValue": { - "markdownDescription": "The parameter value.", - "title": "ParameterValue", - "type": "string" - } - }, - "required": [ - "ParameterName", - "ParameterValue" - ], - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.RedshiftDestinationConfiguration": { - "additionalProperties": false, - "properties": { - "CloudWatchLoggingOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", - "markdownDescription": "The CloudWatch logging options for your Firehose stream.", - "title": "CloudWatchLoggingOptions" - }, - "ClusterJDBCURL": { - "markdownDescription": "The connection string that Kinesis Data Firehose uses to connect to the Amazon Redshift cluster.", - "title": "ClusterJDBCURL", - "type": "string" - }, - "CopyCommand": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CopyCommand", - "markdownDescription": "Configures the Amazon Redshift `COPY` command that Kinesis Data Firehose uses to load data into the cluster from the Amazon S3 bucket.", - "title": "CopyCommand" - }, - "Password": { - "markdownDescription": "The password for the Amazon Redshift user that you specified in the `Username` property.", - "title": "Password", - "type": "string" - }, - "ProcessingConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", - "markdownDescription": "The data processing configuration for the Kinesis Data Firehose delivery stream.", - "title": "ProcessingConfiguration" - }, - "RetryOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.RedshiftRetryOptions", - "markdownDescription": "The retry behavior in case Firehose is unable to deliver documents to Amazon Redshift. Default value is 3600 (60 minutes).", - "title": "RetryOptions" - }, - "RoleARN": { - "markdownDescription": "The ARN of the AWS Identity and Access Management (IAM) role that grants Kinesis Data Firehose access to your Amazon S3 bucket and AWS KMS (if you enable data encryption). For more information, see [Grant Kinesis Data Firehose Access to an Amazon Redshift Destination](https://docs.aws.amazon.com/firehose/latest/dev/controlling-access.html#using-iam-rs) in the *Amazon Kinesis Data Firehose Developer Guide* .", - "title": "RoleARN", - "type": "string" - }, - "S3BackupConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", - "markdownDescription": "The configuration for backup in Amazon S3.", - "title": "S3BackupConfiguration" - }, - "S3BackupMode": { - "markdownDescription": "The Amazon S3 backup mode. After you create a Firehose stream, you can update it to enable Amazon S3 backup if it is disabled. If backup is enabled, you can't update the Firehose stream to disable it.", - "title": "S3BackupMode", + "RoleArn": { + "markdownDescription": "The ARN of the role that grants permission to send notifications to the target.", + "title": "RoleArn", "type": "string" }, - "S3Configuration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", - "markdownDescription": "The S3 bucket where Kinesis Data Firehose first delivers data. After the data is in the bucket, Kinesis Data Firehose uses the `COPY` command to load the data into the Amazon Redshift cluster. For the Amazon S3 bucket's compression format, don't specify `SNAPPY` or `ZIP` because the Amazon Redshift `COPY` command doesn't support them.", - "title": "S3Configuration" - }, - "Username": { - "markdownDescription": "The Amazon Redshift user that has permission to access the Amazon Redshift cluster. This user must have `INSERT` privileges for copying data from the Amazon S3 bucket to the cluster.", - "title": "Username", + "TargetArn": { + "markdownDescription": "The ARN of the target (SNS topic) to which audit notifications are sent.", + "title": "TargetArn", "type": "string" } }, - "required": [ - "ClusterJDBCURL", - "CopyCommand", - "Password", - "RoleARN", - "S3Configuration", - "Username" - ], - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.RedshiftRetryOptions": { - "additionalProperties": false, - "properties": { - "DurationInSeconds": { - "markdownDescription": "The length of time during which Firehose retries delivery after a failure, starting from the initial request and including the first attempt. The default value is 3600 seconds (60 minutes). Firehose does not retry if the value of `DurationInSeconds` is 0 (zero) or if the first delivery attempt takes longer than the current value.", - "title": "DurationInSeconds", - "type": "number" - } - }, "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.RetryOptions": { + "AWS::IoT::AccountAuditConfiguration.AuditNotificationTargetConfigurations": { "additionalProperties": false, "properties": { - "DurationInSeconds": { - "markdownDescription": "The total amount of time that Kinesis Data Firehose spends on retries. This duration starts after the initial attempt to send data to the custom destination via HTTPS endpoint fails. It doesn't include the periods during which Kinesis Data Firehose waits for acknowledgment from the specified destination after each attempt.", - "title": "DurationInSeconds", - "type": "number" + "Sns": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditNotificationTarget", + "markdownDescription": "The `Sns` notification target.", + "title": "Sns" } }, "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration": { + "AWS::IoT::AccountAuditConfiguration.CertAgeCheckCustomConfiguration": { "additionalProperties": false, "properties": { - "BucketARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon S3 bucket to send data to.", - "title": "BucketARN", - "type": "string" - }, - "BufferingHints": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.BufferingHints", - "markdownDescription": "Configures how Kinesis Data Firehose buffers incoming data while delivering it to the Amazon S3 bucket.", - "title": "BufferingHints" - }, - "CloudWatchLoggingOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", - "markdownDescription": "The CloudWatch logging options for your Firehose stream.", - "title": "CloudWatchLoggingOptions" - }, - "CompressionFormat": { - "markdownDescription": "The type of compression that Kinesis Data Firehose uses to compress the data that it delivers to the Amazon S3 bucket. For valid values, see the `CompressionFormat` content for the [S3DestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_S3DestinationConfiguration.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", - "title": "CompressionFormat", - "type": "string" - }, - "EncryptionConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.EncryptionConfiguration", - "markdownDescription": "Configures Amazon Simple Storage Service (Amazon S3) server-side encryption. Kinesis Data Firehose uses AWS Key Management Service ( AWS KMS) to encrypt the data that it delivers to your Amazon S3 bucket.", - "title": "EncryptionConfiguration" - }, - "ErrorOutputPrefix": { - "markdownDescription": "A prefix that Kinesis Data Firehose evaluates and adds to failed records before writing them to S3. This prefix appears immediately following the bucket name. For information about how to specify this prefix, see [Custom Prefixes for Amazon S3 Objects](https://docs.aws.amazon.com/firehose/latest/dev/s3-prefixes.html) .", - "title": "ErrorOutputPrefix", - "type": "string" - }, - "Prefix": { - "markdownDescription": "A prefix that Kinesis Data Firehose adds to the files that it delivers to the Amazon S3 bucket. The prefix helps you identify the files that Kinesis Data Firehose delivered.", - "title": "Prefix", - "type": "string" - }, - "RoleARN": { - "markdownDescription": "The ARN of an AWS Identity and Access Management (IAM) role that grants Kinesis Data Firehose access to your Amazon S3 bucket and AWS KMS (if you enable data encryption). For more information, see [Grant Kinesis Data Firehose Access to an Amazon S3 Destination](https://docs.aws.amazon.com/firehose/latest/dev/controlling-access.html#using-iam-s3) in the *Amazon Kinesis Data Firehose Developer Guide* .", - "title": "RoleARN", + "CertAgeThresholdInDays": { + "markdownDescription": "The number of days that defines when a device certificate is considered to have aged. The check will report a finding if a certificate has been active for a number of days greater than or equal to this threshold value.", + "title": "CertAgeThresholdInDays", "type": "string" } }, - "required": [ - "BucketARN", - "RoleARN" - ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.SchemaConfiguration": { + "AWS::IoT::AccountAuditConfiguration.CertExpirationCheckCustomConfiguration": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The ID of the AWS Glue Data Catalog. If you don't supply this, the AWS account ID is used by default.", - "title": "CatalogId", + "CertExpirationThresholdInDays": { + "markdownDescription": "The number of days before expiration that defines when a device certificate is considered to be approaching expiration. The check will report a finding if a certificate will expire within this number of days.", + "title": "CertExpirationThresholdInDays", "type": "string" - }, - "DatabaseName": { - "markdownDescription": "Specifies the name of the AWS Glue database that contains the schema for the output data.\n\n> If the `SchemaConfiguration` request parameter is used as part of invoking the `CreateDeliveryStream` API, then the `DatabaseName` property is required and its value must be specified.", - "title": "DatabaseName", - "type": "string" - }, - "Region": { - "markdownDescription": "If you don't specify an AWS Region, the default is the current Region.", - "title": "Region", - "type": "string" - }, - "RoleARN": { - "markdownDescription": "The role that Firehose can use to access AWS Glue. This role must be in the same account you use for Firehose. Cross-account roles aren't allowed.\n\n> If the `SchemaConfiguration` request parameter is used as part of invoking the `CreateDeliveryStream` API, then the `RoleARN` property is required and its value must be specified.", - "title": "RoleARN", - "type": "string" - }, - "TableName": { - "markdownDescription": "Specifies the AWS Glue table that contains the column information that constitutes your data schema.\n\n> If the `SchemaConfiguration` request parameter is used as part of invoking the `CreateDeliveryStream` API, then the `TableName` property is required and its value must be specified.", - "title": "TableName", - "type": "string" - }, - "VersionId": { - "markdownDescription": "Specifies the table version for the output data schema. If you don't specify this version ID, or if you set it to `LATEST` , Firehose uses the most recent version. This means that any updates to the table are automatically picked up.", - "title": "VersionId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.Serializer": { - "additionalProperties": false, - "properties": { - "OrcSerDe": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.OrcSerDe", - "markdownDescription": "A serializer to use for converting data to the ORC format before storing it in Amazon S3. For more information, see [Apache ORC](https://docs.aws.amazon.com/https://orc.apache.org/docs/) .", - "title": "OrcSerDe" - }, - "ParquetSerDe": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ParquetSerDe", - "markdownDescription": "A serializer to use for converting data to the Parquet format before storing it in Amazon S3. For more information, see [Apache Parquet](https://docs.aws.amazon.com/https://parquet.apache.org/docs/contribution-guidelines/) .", - "title": "ParquetSerDe" } }, "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.SnowflakeDestinationConfiguration": { + "AWS::IoT::AccountAuditConfiguration.DeviceCertAgeAuditCheckConfiguration": { "additionalProperties": false, "properties": { - "AccountUrl": { - "markdownDescription": "URL for accessing your Snowflake account. This URL must include your [account identifier](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/admin-account-identifier) . Note that the protocol (https://) and port number are optional.", - "title": "AccountUrl", - "type": "string" - }, - "CloudWatchLoggingOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", - "markdownDescription": "", - "title": "CloudWatchLoggingOptions" - }, - "ContentColumnName": { - "markdownDescription": "The name of the record content column.", - "title": "ContentColumnName", - "type": "string" - }, - "DataLoadingOption": { - "markdownDescription": "Choose to load JSON keys mapped to table column names or choose to split the JSON payload where content is mapped to a record content column and source metadata is mapped to a record metadata column.", - "title": "DataLoadingOption", - "type": "string" - }, - "Database": { - "markdownDescription": "All data in Snowflake is maintained in databases.", - "title": "Database", - "type": "string" - }, - "KeyPassphrase": { - "markdownDescription": "Passphrase to decrypt the private key when the key is encrypted. For information, see [Using Key Pair Authentication & Key Rotation](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/data-load-snowpipe-streaming-configuration#using-key-pair-authentication-key-rotation) .", - "title": "KeyPassphrase", - "type": "string" - }, - "MetaDataColumnName": { - "markdownDescription": "Specify a column name in the table, where the metadata information has to be loaded. When you enable this field, you will see the following column in the snowflake table, which differs based on the source type.\n\nFor Direct PUT as source\n\n`{ \"firehoseDeliveryStreamName\" : \"streamname\", \"IngestionTime\" : \"timestamp\" }`\n\nFor Kinesis Data Stream as source\n\n`\"kinesisStreamName\" : \"streamname\", \"kinesisShardId\" : \"Id\", \"kinesisPartitionKey\" : \"key\", \"kinesisSequenceNumber\" : \"1234\", \"subsequenceNumber\" : \"2334\", \"IngestionTime\" : \"timestamp\" }`", - "title": "MetaDataColumnName", - "type": "string" - }, - "PrivateKey": { - "markdownDescription": "The private key used to encrypt your Snowflake client. For information, see [Using Key Pair Authentication & Key Rotation](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/data-load-snowpipe-streaming-configuration#using-key-pair-authentication-key-rotation) .", - "title": "PrivateKey", - "type": "string" - }, - "ProcessingConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", - "markdownDescription": "", - "title": "ProcessingConfiguration" - }, - "RetryOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SnowflakeRetryOptions", - "markdownDescription": "The time period where Firehose will retry sending data to the chosen HTTP endpoint.", - "title": "RetryOptions" - }, - "RoleARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Snowflake role", - "title": "RoleARN", - "type": "string" - }, - "S3BackupMode": { - "markdownDescription": "Choose an S3 backup mode", - "title": "S3BackupMode", - "type": "string" - }, - "S3Configuration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", - "markdownDescription": "", - "title": "S3Configuration" - }, - "Schema": { - "markdownDescription": "Each database consists of one or more schemas, which are logical groupings of database objects, such as tables and views", - "title": "Schema", - "type": "string" - }, - "SnowflakeRoleConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SnowflakeRoleConfiguration", - "markdownDescription": "Optionally configure a Snowflake role. Otherwise the default user role will be used.", - "title": "SnowflakeRoleConfiguration" - }, - "SnowflakeVpcConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SnowflakeVpcConfiguration", - "markdownDescription": "The VPCE ID for Firehose to privately connect with Snowflake. The ID format is com.amazonaws.vpce.[region].vpce-svc-<[id]>. For more information, see [Amazon PrivateLink & Snowflake](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/admin-security-privatelink)", - "title": "SnowflakeVpcConfiguration" - }, - "Table": { - "markdownDescription": "All data in Snowflake is stored in database tables, logically structured as collections of columns and rows.", - "title": "Table", - "type": "string" + "Configuration": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.CertAgeCheckCustomConfiguration", + "markdownDescription": "Configuration settings for the device certificate age check, including the threshold in days for certificate age. This configuration is of type `CertAgeCheckCustomConfiguration` .", + "title": "Configuration" }, - "User": { - "markdownDescription": "User login name for the Snowflake account.", - "title": "User", - "type": "string" - } - }, - "required": [ - "AccountUrl", - "Database", - "PrivateKey", - "RoleARN", - "S3Configuration", - "Schema", - "Table", - "User" - ], - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.SnowflakeRetryOptions": { - "additionalProperties": false, - "properties": { - "DurationInSeconds": { - "markdownDescription": "the time period where Firehose will retry sending data to the chosen HTTP endpoint.", - "title": "DurationInSeconds", - "type": "number" - } - }, - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.SnowflakeRoleConfiguration": { - "additionalProperties": false, - "properties": { "Enabled": { - "markdownDescription": "Enable Snowflake role", + "markdownDescription": "True if this audit check is enabled for this account.", "title": "Enabled", "type": "boolean" - }, - "SnowflakeRole": { - "markdownDescription": "The Snowflake role you wish to configure", - "title": "SnowflakeRole", - "type": "string" - } - }, - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.SnowflakeVpcConfiguration": { - "additionalProperties": false, - "properties": { - "PrivateLinkVpceId": { - "markdownDescription": "The VPCE ID for Firehose to privately connect with Snowflake. The ID format is com.amazonaws.vpce.[region].vpce-svc-<[id]>. For more information, see [Amazon PrivateLink & Snowflake](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/admin-security-privatelink)", - "title": "PrivateLinkVpceId", - "type": "string" - } - }, - "required": [ - "PrivateLinkVpceId" - ], - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.SplunkBufferingHints": { - "additionalProperties": false, - "properties": { - "IntervalInSeconds": { - "markdownDescription": "Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 60 (1 minute).", - "title": "IntervalInSeconds", - "type": "number" - }, - "SizeInMBs": { - "markdownDescription": "Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 5.", - "title": "SizeInMBs", - "type": "number" - } - }, - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.SplunkDestinationConfiguration": { - "additionalProperties": false, - "properties": { - "BufferingHints": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SplunkBufferingHints", - "markdownDescription": "The buffering options. If no value is specified, the default values for Splunk are used.", - "title": "BufferingHints" - }, - "CloudWatchLoggingOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", - "markdownDescription": "The Amazon CloudWatch logging options for your Firehose stream.", - "title": "CloudWatchLoggingOptions" - }, - "HECAcknowledgmentTimeoutInSeconds": { - "markdownDescription": "The amount of time that Firehose waits to receive an acknowledgment from Splunk after it sends it data. At the end of the timeout period, Firehose either tries to send the data again or considers it an error, based on your retry settings.", - "title": "HECAcknowledgmentTimeoutInSeconds", - "type": "number" - }, - "HECEndpoint": { - "markdownDescription": "The HTTP Event Collector (HEC) endpoint to which Firehose sends your data.", - "title": "HECEndpoint", - "type": "string" - }, - "HECEndpointType": { - "markdownDescription": "This type can be either `Raw` or `Event` .", - "title": "HECEndpointType", - "type": "string" - }, - "HECToken": { - "markdownDescription": "This is a GUID that you obtain from your Splunk cluster when you create a new HEC endpoint.", - "title": "HECToken", - "type": "string" - }, - "ProcessingConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", - "markdownDescription": "The data processing configuration.", - "title": "ProcessingConfiguration" - }, - "RetryOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SplunkRetryOptions", - "markdownDescription": "The retry behavior in case Firehose is unable to deliver data to Splunk, or if it doesn't receive an acknowledgment of receipt from Splunk.", - "title": "RetryOptions" - }, - "S3BackupMode": { - "markdownDescription": "Defines how documents should be delivered to Amazon S3. When set to `FailedEventsOnly` , Firehose writes any data that could not be indexed to the configured Amazon S3 destination. When set to `AllEvents` , Firehose delivers all incoming records to Amazon S3, and also writes failed documents to Amazon S3. The default value is `FailedEventsOnly` .\n\nYou can update this backup mode from `FailedEventsOnly` to `AllEvents` . You can't update it from `AllEvents` to `FailedEventsOnly` .", - "title": "S3BackupMode", - "type": "string" - }, - "S3Configuration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", - "markdownDescription": "The configuration for the backup Amazon S3 location.", - "title": "S3Configuration" - } - }, - "required": [ - "HECEndpoint", - "HECEndpointType", - "HECToken", - "S3Configuration" - ], - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.SplunkRetryOptions": { - "additionalProperties": false, - "properties": { - "DurationInSeconds": { - "markdownDescription": "The total amount of time that Firehose spends on retries. This duration starts after the initial attempt to send data to Splunk fails. It doesn't include the periods during which Firehose waits for acknowledgment from Splunk after each attempt.", - "title": "DurationInSeconds", - "type": "number" } }, "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.VpcConfiguration": { + "AWS::IoT::AccountAuditConfiguration.DeviceCertExpirationAuditCheckConfiguration": { "additionalProperties": false, "properties": { - "RoleARN": { - "markdownDescription": "The ARN of the IAM role that you want the delivery stream to use to create endpoints in the destination VPC. You can use your existing Kinesis Data Firehose delivery role or you can specify a new role. In either case, make sure that the role trusts the Kinesis Data Firehose service principal and that it grants the following permissions:\n\n- `ec2:DescribeVpcs`\n- `ec2:DescribeVpcAttribute`\n- `ec2:DescribeSubnets`\n- `ec2:DescribeSecurityGroups`\n- `ec2:DescribeNetworkInterfaces`\n- `ec2:CreateNetworkInterface`\n- `ec2:CreateNetworkInterfacePermission`\n- `ec2:DeleteNetworkInterface`\n\nIf you revoke these permissions after you create the delivery stream, Kinesis Data Firehose can't scale out by creating more ENIs when necessary. You might therefore see a degradation in performance.", - "title": "RoleARN", - "type": "string" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the security groups that you want Kinesis Data Firehose to use when it creates ENIs in the VPC of the Amazon ES destination. You can use the same security group that the Amazon ES domain uses or different ones. If you specify different security groups here, ensure that they allow outbound HTTPS traffic to the Amazon ES domain's security group. Also ensure that the Amazon ES domain's security group allows HTTPS traffic from the security groups specified here. If you use the same security group for both your delivery stream and the Amazon ES domain, make sure the security group inbound rule allows HTTPS traffic.", - "title": "SecurityGroupIds", - "type": "array" + "Configuration": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.CertExpirationCheckCustomConfiguration", + "markdownDescription": "Configuration settings for the device certificate expiration check, including the threshold in days before expiration. This configuration is of type `CertExpirationCheckCustomConfiguration`", + "title": "Configuration" }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the subnets that Kinesis Data Firehose uses to create ENIs in the VPC of the Amazon ES destination. Make sure that the routing tables and inbound and outbound rules allow traffic to flow from the subnets whose IDs are specified here to the subnets that have the destination Amazon ES endpoints. Kinesis Data Firehose creates at least one ENI in each of the subnets that are specified here. Do not delete or modify these ENIs.\n\nThe number of ENIs that Kinesis Data Firehose creates in the subnets specified here scales up and down automatically based on throughput. To enable Kinesis Data Firehose to scale up the number of ENIs to match throughput, ensure that you have sufficient quota. To help you calculate the quota you need, assume that Kinesis Data Firehose can create up to three ENIs for this delivery stream for each of the subnets specified here.", - "title": "SubnetIds", - "type": "array" + "Enabled": { + "markdownDescription": "True if this audit check is enabled for this account.", + "title": "Enabled", + "type": "boolean" } }, - "required": [ - "RoleARN", - "SecurityGroupIds", - "SubnetIds" - ], "type": "object" }, - "AWS::KinesisVideo::SignalingChannel": { + "AWS::IoT::Authorizer": { "additionalProperties": false, "properties": { "Condition": { @@ -140540,35 +145343,64 @@ "Properties": { "additionalProperties": false, "properties": { - "MessageTtlSeconds": { - "markdownDescription": "The period of time (in seconds) a signaling channel retains undelivered messages before they are discarded. Use `API_UpdateSignalingChannel` to update this value.", - "title": "MessageTtlSeconds", - "type": "number" + "AuthorizerFunctionArn": { + "markdownDescription": "The authorizer's Lambda function ARN.", + "title": "AuthorizerFunctionArn", + "type": "string" }, - "Name": { - "markdownDescription": "A name for the signaling channel that you are creating. It must be unique for each AWS account and AWS Region .", - "title": "Name", + "AuthorizerName": { + "markdownDescription": "The authorizer name.", + "title": "AuthorizerName", + "type": "string" + }, + "EnableCachingForHttp": { + "markdownDescription": "When `true` , the result from the authorizer's Lambda function is cached for clients that use persistent HTTP connections. The results are cached for the time specified by the Lambda function in `refreshAfterInSeconds` . This value doesn't affect authorization of clients that use MQTT connections.", + "title": "EnableCachingForHttp", + "type": "boolean" + }, + "SigningDisabled": { + "markdownDescription": "Specifies whether AWS IoT validates the token signature in an authorization request.", + "title": "SigningDisabled", + "type": "boolean" + }, + "Status": { + "markdownDescription": "The status of the authorizer.\n\nValid values: `ACTIVE` | `INACTIVE`", + "title": "Status", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "Metadata which can be used to manage the custom authorizer.\n\n> For URI Request parameters use format: ...key1=value1&key2=value2...\n> \n> For the CLI command-line parameter use format: &&tags \"key1=value1&key2=value2...\"\n> \n> For the cli-input-json file use format: \"tags\": \"key1=value1&key2=value2...\"", "title": "Tags", "type": "array" }, - "Type": { - "markdownDescription": "A type of the signaling channel that you are creating. Currently, `SINGLE_MASTER` is the only supported channel type.", - "title": "Type", + "TokenKeyName": { + "markdownDescription": "The key used to extract the token from the HTTP headers.", + "title": "TokenKeyName", "type": "string" + }, + "TokenSigningPublicKeys": { + "additionalProperties": true, + "markdownDescription": "The public keys used to validate the token signature returned by your custom authentication service.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "TokenSigningPublicKeys", + "type": "object" } }, + "required": [ + "AuthorizerFunctionArn" + ], "type": "object" }, "Type": { "enum": [ - "AWS::KinesisVideo::SignalingChannel" + "AWS::IoT::Authorizer" ], "type": "string" }, @@ -140582,11 +145414,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::KinesisVideo::Stream": { + "AWS::IoT::BillingGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -140621,36 +145454,21 @@ "Properties": { "additionalProperties": false, "properties": { - "DataRetentionInHours": { - "markdownDescription": "How long the stream retains data, in hours.", - "title": "DataRetentionInHours", - "type": "number" - }, - "DeviceName": { - "markdownDescription": "The name of the device that is associated with the stream.", - "title": "DeviceName", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "The ID of the AWS Key Management Service ( AWS KMS ) key that Kinesis Video Streams uses to encrypt data on the stream.", - "title": "KmsKeyId", - "type": "string" - }, - "MediaType": { - "markdownDescription": "The `MediaType` of the stream.", - "title": "MediaType", + "BillingGroupName": { + "markdownDescription": "The name of the billing group.", + "title": "BillingGroupName", "type": "string" }, - "Name": { - "markdownDescription": "The name of the stream.", - "title": "Name", - "type": "string" + "BillingGroupProperties": { + "$ref": "#/definitions/AWS::IoT::BillingGroup.BillingGroupProperties", + "markdownDescription": "The properties of the billing group.", + "title": "BillingGroupProperties" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "Metadata which can be used to manage the billing group.", "title": "Tags", "type": "array" } @@ -140659,7 +145477,7 @@ }, "Type": { "enum": [ - "AWS::KinesisVideo::Stream" + "AWS::IoT::BillingGroup" ], "type": "string" }, @@ -140677,7 +145495,18 @@ ], "type": "object" }, - "AWS::LakeFormation::DataCellsFilter": { + "AWS::IoT::BillingGroup.BillingGroupProperties": { + "additionalProperties": false, + "properties": { + "BillingGroupDescription": { + "markdownDescription": "The description of the billing group.", + "title": "BillingGroupDescription", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoT::CACertificate": { "additionalProperties": false, "properties": { "Condition": { @@ -140712,56 +145541,59 @@ "Properties": { "additionalProperties": false, "properties": { - "ColumnNames": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of UTF-8 strings. A list of column names.", - "title": "ColumnNames", - "type": "array" - }, - "ColumnWildcard": { - "$ref": "#/definitions/AWS::LakeFormation::DataCellsFilter.ColumnWildcard", - "markdownDescription": "A wildcard with exclusions. You must specify either a `ColumnNames` list or the `ColumnWildCard` .", - "title": "ColumnWildcard" + "AutoRegistrationStatus": { + "markdownDescription": "Whether the CA certificate is configured for auto registration of device certificates. Valid values are \"ENABLE\" and \"DISABLE\".", + "title": "AutoRegistrationStatus", + "type": "string" }, - "DatabaseName": { - "markdownDescription": "UTF-8 string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html) .\n\nA database in the Data Catalog .", - "title": "DatabaseName", + "CACertificatePem": { + "markdownDescription": "The certificate data in PEM format.", + "title": "CACertificatePem", "type": "string" }, - "Name": { - "markdownDescription": "UTF-8 string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html) .\n\nThe name given by the user to the data filter cell.", - "title": "Name", + "CertificateMode": { + "markdownDescription": "The mode of the CA.\n\nAll the device certificates that are registered using this CA will be registered in the same mode as the CA. For more information about certificate mode for device certificates, see [certificate mode](https://docs.aws.amazon.com//iot/latest/apireference/API_CertificateDescription.html#iot-Type-CertificateDescription-certificateMode) .\n\nValid values are \"DEFAULT\" and \"SNI_ONLY\".", + "title": "CertificateMode", "type": "string" }, - "RowFilter": { - "$ref": "#/definitions/AWS::LakeFormation::DataCellsFilter.RowFilter", - "markdownDescription": "A PartiQL predicate.", - "title": "RowFilter" + "RegistrationConfig": { + "$ref": "#/definitions/AWS::IoT::CACertificate.RegistrationConfig", + "markdownDescription": "Information about the registration configuration.", + "title": "RegistrationConfig" }, - "TableCatalogId": { - "markdownDescription": "Catalog id string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html) .\n\nThe ID of the catalog to which the table belongs.", - "title": "TableCatalogId", + "RemoveAutoRegistration": { + "markdownDescription": "If true, removes auto registration.", + "title": "RemoveAutoRegistration", + "type": "boolean" + }, + "Status": { + "markdownDescription": "The status of the CA certificate.\n\nValid values are \"ACTIVE\" and \"INACTIVE\".", + "title": "Status", "type": "string" }, - "TableName": { - "markdownDescription": "UTF-8 string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html) .\n\nA table in the database.", - "title": "TableName", + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + }, + "VerificationCertificatePem": { + "markdownDescription": "The private key verification certificate.", + "title": "VerificationCertificatePem", "type": "string" } }, "required": [ - "DatabaseName", - "Name", - "TableCatalogId", - "TableName" + "CACertificatePem", + "Status" ], "type": "object" }, "Type": { "enum": [ - "AWS::LakeFormation::DataCellsFilter" + "AWS::IoT::CACertificate" ], "type": "string" }, @@ -140780,37 +145612,28 @@ ], "type": "object" }, - "AWS::LakeFormation::DataCellsFilter.ColumnWildcard": { + "AWS::IoT::CACertificate.RegistrationConfig": { "additionalProperties": false, "properties": { - "ExcludedColumnNames": { - "items": { - "type": "string" - }, - "markdownDescription": "Excludes column names. Any column with this name will be excluded.", - "title": "ExcludedColumnNames", - "type": "array" - } - }, - "type": "object" - }, - "AWS::LakeFormation::DataCellsFilter.RowFilter": { - "additionalProperties": false, - "properties": { - "AllRowsWildcard": { - "markdownDescription": "A wildcard for all rows.", - "title": "AllRowsWildcard", - "type": "object" + "RoleArn": { + "markdownDescription": "The ARN of the role.", + "title": "RoleArn", + "type": "string" }, - "FilterExpression": { - "markdownDescription": "A filter expression.", - "title": "FilterExpression", + "TemplateBody": { + "markdownDescription": "The template body.", + "title": "TemplateBody", + "type": "string" + }, + "TemplateName": { + "markdownDescription": "The name of the provisioning template.", + "title": "TemplateName", "type": "string" } }, "type": "object" }, - "AWS::LakeFormation::DataLakeSettings": { + "AWS::IoT::Certificate": { "additionalProperties": false, "properties": { "Condition": { @@ -140845,68 +145668,40 @@ "Properties": { "additionalProperties": false, "properties": { - "Admins": { - "$ref": "#/definitions/AWS::LakeFormation::DataLakeSettings.Admins", - "markdownDescription": "A list of AWS Lake Formation principals.", - "title": "Admins" - }, - "AllowExternalDataFiltering": { - "markdownDescription": "Whether to allow Amazon EMR clusters or other third-party query engines to access data managed by Lake Formation .\n\nIf set to true, you allow Amazon EMR clusters or other third-party engines to access data in Amazon S3 locations that are registered with Lake Formation .\n\nIf false or null, no third-party query engines will be able to access data in Amazon S3 locations that are registered with Lake Formation.\n\nFor more information, see [External data filtering setting](https://docs.aws.amazon.com/lake-formation/latest/dg/initial-LF-setup.html#external-data-filter) .", - "title": "AllowExternalDataFiltering", - "type": "boolean" - }, - "AllowFullTableExternalDataAccess": { - "markdownDescription": "Specifies whether query engines and applications can get credentials without IAM session tags if the user has full table access. It provides query engines and applications performance benefits as well as simplifies data access. Amazon EMR on Amazon EC2 is able to leverage this setting.\n\nFor more information, see [](https://docs.aws.amazon.com/lake-formation/latest/dg/using-cred-vending.html)", - "title": "AllowFullTableExternalDataAccess", - "type": "boolean" - }, - "AuthorizedSessionTagValueList": { - "items": { - "type": "string" - }, - "markdownDescription": "Lake Formation relies on a privileged process secured by Amazon EMR or the third party integrator to tag the user's role while assuming it. Lake Formation will publish the acceptable key-value pair, for example key = \"LakeFormationTrustedCaller\" and value = \"TRUE\" and the third party integrator must properly tag the temporary security credentials that will be used to call Lake Formation 's administrative API operations.", - "title": "AuthorizedSessionTagValueList", - "type": "array" - }, - "CreateDatabaseDefaultPermissions": { - "$ref": "#/definitions/AWS::LakeFormation::DataLakeSettings.CreateDatabaseDefaultPermissions", - "markdownDescription": "Specifies whether access control on a newly created database is managed by Lake Formation permissions or exclusively by IAM permissions.\n\nA null value indicates that the access is controlled by Lake Formation permissions. `ALL` permissions assigned to `IAM_ALLOWED_PRINCIPALS` group indicates that the user's IAM permissions determine the access to the database. This is referred to as the setting \"Use only IAM access control,\" and is to support backward compatibility with the AWS Glue permission model implemented by IAM permissions.\n\nThe only permitted values are an empty array or an array that contains a single JSON object that grants `ALL` to `IAM_ALLOWED_PRINCIPALS` .\n\nFor more information, see [Changing the default security settings for your data lake](https://docs.aws.amazon.com/lake-formation/latest/dg/change-settings.html) .", - "title": "CreateDatabaseDefaultPermissions" - }, - "CreateTableDefaultPermissions": { - "$ref": "#/definitions/AWS::LakeFormation::DataLakeSettings.CreateTableDefaultPermissions", - "markdownDescription": "Specifies whether access control on a newly created table is managed by Lake Formation permissions or exclusively by IAM permissions.\n\nA null value indicates that the access is controlled by Lake Formation permissions. `ALL` permissions assigned to `IAM_ALLOWED_PRINCIPALS` group indicate that the user's IAM permissions determine the access to the table. This is referred to as the setting \"Use only IAM access control,\" and is to support the backward compatibility with the AWS Glue permission model implemented by IAM permissions.\n\nThe only permitted values are an empty array or an array that contains a single JSON object that grants `ALL` permissions to `IAM_ALLOWED_PRINCIPALS` .\n\nFor more information, see [Changing the default security settings for your data lake](https://docs.aws.amazon.com/lake-formation/latest/dg/change-settings.html) .", - "title": "CreateTableDefaultPermissions" + "CACertificatePem": { + "markdownDescription": "The CA certificate used to sign the device certificate being registered, not available when CertificateMode is SNI_ONLY.", + "title": "CACertificatePem", + "type": "string" }, - "ExternalDataFilteringAllowList": { - "$ref": "#/definitions/AWS::LakeFormation::DataLakeSettings.ExternalDataFilteringAllowList", - "markdownDescription": "A list of the account IDs of AWS accounts with Amazon EMR clusters or third-party engines that are allwed to perform data filtering.", - "title": "ExternalDataFilteringAllowList" + "CertificateMode": { + "markdownDescription": "Specifies which mode of certificate registration to use with this resource. Valid options are DEFAULT with CaCertificatePem and CertificatePem, SNI_ONLY with CertificatePem, and Default with CertificateSigningRequest.\n\n`DEFAULT` : A certificate in `DEFAULT` mode is either generated by AWS IoT Core or registered with an issuer certificate authority (CA). Devices with certificates in `DEFAULT` mode aren't required to send the Server Name Indication (SNI) extension when connecting to AWS IoT Core . However, to use features such as custom domains and VPC endpoints, we recommend that you use the SNI extension when connecting to AWS IoT Core .\n\n`SNI_ONLY` : A certificate in `SNI_ONLY` mode is registered without an issuer CA. Devices with certificates in `SNI_ONLY` mode must send the SNI extension when connecting to AWS IoT Core .", + "title": "CertificateMode", + "type": "string" }, - "MutationType": { - "markdownDescription": "Specifies whether the data lake settings are updated by adding new values to the current settings ( `APPEND` ) or by replacing the current settings with new settings ( `REPLACE` ).\n\n> If you choose `REPLACE` , your current data lake settings will be replaced with the new values in your template.", - "title": "MutationType", + "CertificatePem": { + "markdownDescription": "The certificate data in PEM format. Requires SNI_ONLY for the certificate mode or the accompanying CACertificatePem for registration.", + "title": "CertificatePem", "type": "string" }, - "Parameters": { - "markdownDescription": "A key-value map that provides an additional configuration on your data lake. `CrossAccountVersion` is the key you can configure in the `Parameters` field. Accepted values for the `CrossAccountVersion` key are 1, 2, 3, and 4.", - "title": "Parameters", - "type": "object" + "CertificateSigningRequest": { + "markdownDescription": "The certificate signing request (CSR).", + "title": "CertificateSigningRequest", + "type": "string" }, - "TrustedResourceOwners": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of UTF-8 strings.\n\nA list of the resource-owning account IDs that the caller's account can use to share their user access details (user ARNs). The user ARNs can be logged in the resource owner's CloudTrail log. You may want to specify this property when you are in a high-trust boundary, such as the same team or company.", - "title": "TrustedResourceOwners", - "type": "array" + "Status": { + "markdownDescription": "The status of the certificate.\n\nValid values are ACTIVE, INACTIVE, REVOKED, PENDING_TRANSFER, and PENDING_ACTIVATION.\n\nThe status value REGISTER_INACTIVE is deprecated and should not be used.", + "title": "Status", + "type": "string" } }, + "required": [ + "Status" + ], "type": "object" }, "Type": { "enum": [ - "AWS::LakeFormation::DataLakeSettings" + "AWS::IoT::Certificate" ], "type": "string" }, @@ -140920,68 +145715,12 @@ } }, "required": [ - "Type" - ], - "type": "object" - }, - "AWS::LakeFormation::DataLakeSettings.Admins": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::LakeFormation::DataLakeSettings.CreateDatabaseDefaultPermissions": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::LakeFormation::DataLakeSettings.CreateTableDefaultPermissions": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::LakeFormation::DataLakeSettings.DataLakePrincipal": { - "additionalProperties": false, - "properties": { - "DataLakePrincipalIdentifier": { - "markdownDescription": "An identifier for the Lake Formation principal.", - "title": "DataLakePrincipalIdentifier", - "type": "string" - } - }, - "required": [ - "DataLakePrincipalIdentifier" - ], - "type": "object" - }, - "AWS::LakeFormation::DataLakeSettings.ExternalDataFilteringAllowList": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::LakeFormation::DataLakeSettings.PrincipalPermissions": { - "additionalProperties": false, - "properties": { - "Permissions": { - "items": { - "type": "string" - }, - "markdownDescription": "The permissions that are granted to the principal.", - "title": "Permissions", - "type": "array" - }, - "Principal": { - "$ref": "#/definitions/AWS::LakeFormation::DataLakeSettings.DataLakePrincipal", - "markdownDescription": "The principal who is granted permissions.", - "title": "Principal" - } - }, - "required": [ - "Permissions", - "Principal" + "Type", + "Properties" ], "type": "object" }, - "AWS::LakeFormation::Permissions": { + "AWS::IoT::CertificateProvider": { "additionalProperties": false, "properties": { "Condition": { @@ -141016,42 +145755,42 @@ "Properties": { "additionalProperties": false, "properties": { - "DataLakePrincipal": { - "$ref": "#/definitions/AWS::LakeFormation::Permissions.DataLakePrincipal", - "markdownDescription": "The AWS Lake Formation principal.", - "title": "DataLakePrincipal" - }, - "Permissions": { + "AccountDefaultForOperations": { "items": { "type": "string" }, - "markdownDescription": "The permissions granted or revoked.", - "title": "Permissions", + "markdownDescription": "A list of the operations that the certificate provider will use to generate certificates. Valid value: `CreateCertificateFromCsr` .", + "title": "AccountDefaultForOperations", "type": "array" }, - "PermissionsWithGrantOption": { + "CertificateProviderName": { + "markdownDescription": "The name of the certificate provider.", + "title": "CertificateProviderName", + "type": "string" + }, + "LambdaFunctionArn": { + "markdownDescription": "The ARN of the Lambda function.", + "title": "LambdaFunctionArn", + "type": "string" + }, + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "Indicates the ability to grant permissions (as a subset of permissions granted).", - "title": "PermissionsWithGrantOption", + "markdownDescription": "Metadata that can be used to manage the certificate provider.", + "title": "Tags", "type": "array" - }, - "Resource": { - "$ref": "#/definitions/AWS::LakeFormation::Permissions.Resource", - "markdownDescription": "A structure for the resource.", - "title": "Resource" } }, "required": [ - "DataLakePrincipal", - "Resource" + "AccountDefaultForOperations", + "LambdaFunctionArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::LakeFormation::Permissions" + "AWS::IoT::CertificateProvider" ], "type": "string" }, @@ -141070,155 +145809,7 @@ ], "type": "object" }, - "AWS::LakeFormation::Permissions.ColumnWildcard": { - "additionalProperties": false, - "properties": { - "ExcludedColumnNames": { - "items": { - "type": "string" - }, - "markdownDescription": "Excludes column names. Any column with this name will be excluded.", - "title": "ExcludedColumnNames", - "type": "array" - } - }, - "type": "object" - }, - "AWS::LakeFormation::Permissions.DataLakePrincipal": { - "additionalProperties": false, - "properties": { - "DataLakePrincipalIdentifier": { - "markdownDescription": "An identifier for the Lake Formation principal.", - "title": "DataLakePrincipalIdentifier", - "type": "string" - } - }, - "type": "object" - }, - "AWS::LakeFormation::Permissions.DataLocationResource": { - "additionalProperties": false, - "properties": { - "CatalogId": { - "markdownDescription": "The identifier for the Data Catalog . By default, it is the account ID of the caller.", - "title": "CatalogId", - "type": "string" - }, - "S3Resource": { - "markdownDescription": "The Amazon Resource Name (ARN) that uniquely identifies the data location resource.", - "title": "S3Resource", - "type": "string" - } - }, - "type": "object" - }, - "AWS::LakeFormation::Permissions.DatabaseResource": { - "additionalProperties": false, - "properties": { - "CatalogId": { - "markdownDescription": "The identifier for the Data Catalog . By default, it is the account ID of the caller.", - "title": "CatalogId", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the database resource. Unique to the Data Catalog.", - "title": "Name", - "type": "string" - } - }, - "type": "object" - }, - "AWS::LakeFormation::Permissions.Resource": { - "additionalProperties": false, - "properties": { - "DataLocationResource": { - "$ref": "#/definitions/AWS::LakeFormation::Permissions.DataLocationResource", - "markdownDescription": "A structure for a data location object where permissions are granted or revoked.", - "title": "DataLocationResource" - }, - "DatabaseResource": { - "$ref": "#/definitions/AWS::LakeFormation::Permissions.DatabaseResource", - "markdownDescription": "A structure for the database object.", - "title": "DatabaseResource" - }, - "TableResource": { - "$ref": "#/definitions/AWS::LakeFormation::Permissions.TableResource", - "markdownDescription": "A structure for the table object. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.", - "title": "TableResource" - }, - "TableWithColumnsResource": { - "$ref": "#/definitions/AWS::LakeFormation::Permissions.TableWithColumnsResource", - "markdownDescription": "A structure for a table with columns object. This object is only used when granting a SELECT permission.", - "title": "TableWithColumnsResource" - } - }, - "type": "object" - }, - "AWS::LakeFormation::Permissions.TableResource": { - "additionalProperties": false, - "properties": { - "CatalogId": { - "markdownDescription": "The identifier for the Data Catalog . By default, it is the account ID of the caller.", - "title": "CatalogId", - "type": "string" - }, - "DatabaseName": { - "markdownDescription": "The name of the database for the table. Unique to a Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.", - "title": "DatabaseName", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the table.", - "title": "Name", - "type": "string" - }, - "TableWildcard": { - "$ref": "#/definitions/AWS::LakeFormation::Permissions.TableWildcard", - "markdownDescription": "An empty object representing all tables under a database. If this field is specified instead of the `Name` field, all tables under `DatabaseName` will have permission changes applied.", - "title": "TableWildcard" - } - }, - "type": "object" - }, - "AWS::LakeFormation::Permissions.TableWildcard": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::LakeFormation::Permissions.TableWithColumnsResource": { - "additionalProperties": false, - "properties": { - "CatalogId": { - "markdownDescription": "The identifier for the Data Catalog . By default, it is the account ID of the caller.", - "title": "CatalogId", - "type": "string" - }, - "ColumnNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of column names for the table. At least one of `ColumnNames` or `ColumnWildcard` is required.", - "title": "ColumnNames", - "type": "array" - }, - "ColumnWildcard": { - "$ref": "#/definitions/AWS::LakeFormation::Permissions.ColumnWildcard", - "markdownDescription": "A wildcard specified by a `ColumnWildcard` object. At least one of `ColumnNames` or `ColumnWildcard` is required.", - "title": "ColumnWildcard" - }, - "DatabaseName": { - "markdownDescription": "The name of the database for the table with columns resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.", - "title": "DatabaseName", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the table resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.", - "title": "Name", - "type": "string" - } - }, - "type": "object" - }, - "AWS::LakeFormation::PrincipalPermissions": { + "AWS::IoT::Command": { "additionalProperties": false, "properties": { "Condition": { @@ -141253,49 +145844,81 @@ "Properties": { "additionalProperties": false, "properties": { - "Catalog": { - "markdownDescription": "The identifier for the Data Catalog . By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your Lake Formation environment.", - "title": "Catalog", + "CommandId": { + "markdownDescription": "The unique identifier of the command.", + "title": "CommandId", "type": "string" }, - "Permissions": { + "CreatedAt": { + "markdownDescription": "The timestamp, when the command was created.", + "title": "CreatedAt", + "type": "string" + }, + "Deprecated": { + "markdownDescription": "Indicates whether the command has been deprecated.", + "title": "Deprecated", + "type": "boolean" + }, + "Description": { + "markdownDescription": "The description of the command parameter.", + "title": "Description", + "type": "string" + }, + "DisplayName": { + "markdownDescription": "The display name of the command.", + "title": "DisplayName", + "type": "string" + }, + "LastUpdatedAt": { + "markdownDescription": "The timestamp, when the command was last updated.", + "title": "LastUpdatedAt", + "type": "string" + }, + "MandatoryParameters": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::IoT::Command.CommandParameter" }, - "markdownDescription": "The permissions granted or revoked.", - "title": "Permissions", + "markdownDescription": "", + "title": "MandatoryParameters", "type": "array" }, - "PermissionsWithGrantOption": { + "Namespace": { + "markdownDescription": "", + "title": "Namespace", + "type": "string" + }, + "Payload": { + "$ref": "#/definitions/AWS::IoT::Command.CommandPayload", + "markdownDescription": "", + "title": "Payload" + }, + "PendingDeletion": { + "markdownDescription": "Indicates whether the command is pending deletion.", + "title": "PendingDeletion", + "type": "boolean" + }, + "RoleArn": { + "markdownDescription": "", + "title": "RoleArn", + "type": "string" + }, + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "Indicates the ability to grant permissions (as a subset of permissions granted).", - "title": "PermissionsWithGrantOption", + "markdownDescription": "", + "title": "Tags", "type": "array" - }, - "Principal": { - "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.DataLakePrincipal", - "markdownDescription": "The principal to be granted a permission.", - "title": "Principal" - }, - "Resource": { - "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.Resource", - "markdownDescription": "The resource to be granted or revoked permissions.", - "title": "Resource" } }, "required": [ - "Permissions", - "PermissionsWithGrantOption", - "Principal", - "Resource" + "CommandId" ], "type": "object" }, "Type": { "enum": [ - "AWS::LakeFormation::PrincipalPermissions" + "AWS::IoT::Command" ], "type": "string" }, @@ -141314,296 +145937,93 @@ ], "type": "object" }, - "AWS::LakeFormation::PrincipalPermissions.ColumnWildcard": { - "additionalProperties": false, - "properties": { - "ExcludedColumnNames": { - "items": { - "type": "string" - }, - "markdownDescription": "Excludes column names. Any column with this name will be excluded.", - "title": "ExcludedColumnNames", - "type": "array" - } - }, - "type": "object" - }, - "AWS::LakeFormation::PrincipalPermissions.DataCellsFilterResource": { - "additionalProperties": false, - "properties": { - "DatabaseName": { - "markdownDescription": "A database in the Data Catalog .", - "title": "DatabaseName", - "type": "string" - }, - "Name": { - "markdownDescription": "The name given by the user to the data filter cell.", - "title": "Name", - "type": "string" - }, - "TableCatalogId": { - "markdownDescription": "The ID of the catalog to which the table belongs.", - "title": "TableCatalogId", - "type": "string" - }, - "TableName": { - "markdownDescription": "The name of the table.", - "title": "TableName", - "type": "string" - } - }, - "required": [ - "DatabaseName", - "Name", - "TableCatalogId", - "TableName" - ], - "type": "object" - }, - "AWS::LakeFormation::PrincipalPermissions.DataLakePrincipal": { - "additionalProperties": false, - "properties": { - "DataLakePrincipalIdentifier": { - "markdownDescription": "An identifier for the AWS Lake Formation principal.", - "title": "DataLakePrincipalIdentifier", - "type": "string" - } - }, - "type": "object" - }, - "AWS::LakeFormation::PrincipalPermissions.DataLocationResource": { + "AWS::IoT::Command.CommandParameter": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The identifier for the Data Catalog where the location is registered with AWS Lake Formation .", - "title": "CatalogId", - "type": "string" + "DefaultValue": { + "$ref": "#/definitions/AWS::IoT::Command.CommandParameterValue", + "markdownDescription": "", + "title": "DefaultValue" }, - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) that uniquely identifies the data location resource.", - "title": "ResourceArn", - "type": "string" - } - }, - "required": [ - "CatalogId", - "ResourceArn" - ], - "type": "object" - }, - "AWS::LakeFormation::PrincipalPermissions.DatabaseResource": { - "additionalProperties": false, - "properties": { - "CatalogId": { - "markdownDescription": "The identifier for the Data Catalog. By default, it is the account ID of the caller.", - "title": "CatalogId", + "Description": { + "markdownDescription": "", + "title": "Description", "type": "string" }, "Name": { - "markdownDescription": "The name of the database resource. Unique to the Data Catalog.", + "markdownDescription": "", "title": "Name", "type": "string" - } - }, - "required": [ - "CatalogId", - "Name" - ], - "type": "object" - }, - "AWS::LakeFormation::PrincipalPermissions.LFTag": { - "additionalProperties": false, - "properties": { - "TagKey": { - "markdownDescription": "The key-name for the LF-tag.", - "title": "TagKey", - "type": "string" - }, - "TagValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of possible values of the corresponding `TagKey` of an LF-tag key-value pair.", - "title": "TagValues", - "type": "array" - } - }, - "type": "object" - }, - "AWS::LakeFormation::PrincipalPermissions.LFTagKeyResource": { - "additionalProperties": false, - "properties": { - "CatalogId": { - "markdownDescription": "The identifier for the Data Catalog where the location is registered with Data Catalog .", - "title": "CatalogId", - "type": "string" - }, - "TagKey": { - "markdownDescription": "The key-name for the LF-tag.", - "title": "TagKey", - "type": "string" }, - "TagValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of possible values for the corresponding `TagKey` of an LF-tag key-value pair.", - "title": "TagValues", - "type": "array" + "Value": { + "$ref": "#/definitions/AWS::IoT::Command.CommandParameterValue", + "markdownDescription": "", + "title": "Value" } }, "required": [ - "CatalogId", - "TagKey", - "TagValues" + "Name" ], "type": "object" }, - "AWS::LakeFormation::PrincipalPermissions.LFTagPolicyResource": { + "AWS::IoT::Command.CommandParameterValue": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The identifier for the Data Catalog . The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your AWS Lake Formation environment.", - "title": "CatalogId", - "type": "string" - }, - "Expression": { - "items": { - "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.LFTag" - }, - "markdownDescription": "A list of LF-tag conditions that apply to the resource's LF-tag policy.", - "title": "Expression", - "type": "array" + "B": { + "markdownDescription": "", + "title": "B", + "type": "boolean" }, - "ResourceType": { - "markdownDescription": "The resource type for which the LF-tag policy applies.", - "title": "ResourceType", + "BIN": { + "markdownDescription": "", + "title": "BIN", "type": "string" - } - }, - "required": [ - "CatalogId", - "Expression", - "ResourceType" - ], - "type": "object" - }, - "AWS::LakeFormation::PrincipalPermissions.Resource": { - "additionalProperties": false, - "properties": { - "Catalog": { - "markdownDescription": "The identifier for the Data Catalog. By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your AWS Lake Formation environment.", - "title": "Catalog", - "type": "object" - }, - "DataCellsFilter": { - "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.DataCellsFilterResource", - "markdownDescription": "A data cell filter.", - "title": "DataCellsFilter" - }, - "DataLocation": { - "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.DataLocationResource", - "markdownDescription": "The location of an Amazon S3 path where permissions are granted or revoked.", - "title": "DataLocation" - }, - "Database": { - "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.DatabaseResource", - "markdownDescription": "The database for the resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database permissions to a principal.", - "title": "Database" - }, - "LFTag": { - "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.LFTagKeyResource", - "markdownDescription": "The LF-tag key and values attached to a resource.", - "title": "LFTag" }, - "LFTagPolicy": { - "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.LFTagPolicyResource", - "markdownDescription": "A list of LF-tag conditions that define a resource's LF-tag policy.", - "title": "LFTagPolicy" + "D": { + "markdownDescription": "", + "title": "D", + "type": "number" }, - "Table": { - "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.TableResource", - "markdownDescription": "The table for the resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.", - "title": "Table" + "I": { + "markdownDescription": "", + "title": "I", + "type": "number" }, - "TableWithColumns": { - "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.TableWithColumnsResource", - "markdownDescription": "The table with columns for the resource. A principal with permissions to this resource can select metadata from the columns of a table in the Data Catalog and the underlying data in Amazon S3.", - "title": "TableWithColumns" - } - }, - "type": "object" - }, - "AWS::LakeFormation::PrincipalPermissions.TableResource": { - "additionalProperties": false, - "properties": { - "CatalogId": { - "markdownDescription": "The identifier for the Data Catalog. By default, it is the account ID of the caller.", - "title": "CatalogId", + "L": { + "markdownDescription": "", + "title": "L", "type": "string" }, - "DatabaseName": { - "markdownDescription": "The name of the database for the table. Unique to a Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.", - "title": "DatabaseName", + "S": { + "markdownDescription": "", + "title": "S", "type": "string" }, - "Name": { - "markdownDescription": "The name of the table.", - "title": "Name", + "UL": { + "markdownDescription": "", + "title": "UL", "type": "string" - }, - "TableWildcard": { - "markdownDescription": "A wildcard object representing every table under a database.\n\nAt least one of `TableResource$Name` or `TableResource$TableWildcard` is required.", - "title": "TableWildcard", - "type": "object" } }, - "required": [ - "CatalogId", - "DatabaseName" - ], "type": "object" }, - "AWS::LakeFormation::PrincipalPermissions.TableWithColumnsResource": { + "AWS::IoT::Command.CommandPayload": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The identifier for the Data Catalog where the location is registered with AWS Lake Formation .", - "title": "CatalogId", - "type": "string" - }, - "ColumnNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of column names for the table. At least one of `ColumnNames` or `ColumnWildcard` is required.", - "title": "ColumnNames", - "type": "array" - }, - "ColumnWildcard": { - "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.ColumnWildcard", - "markdownDescription": "A wildcard specified by a `ColumnWildcard` object. At least one of `ColumnNames` or `ColumnWildcard` is required.", - "title": "ColumnWildcard" - }, - "DatabaseName": { - "markdownDescription": "The name of the database for the table with columns resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.", - "title": "DatabaseName", + "Content": { + "markdownDescription": "", + "title": "Content", "type": "string" }, - "Name": { - "markdownDescription": "The name of the table resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.", - "title": "Name", + "ContentType": { + "markdownDescription": "", + "title": "ContentType", "type": "string" } }, - "required": [ - "CatalogId", - "DatabaseName", - "Name" - ], "type": "object" }, - "AWS::LakeFormation::Resource": { + "AWS::IoT::CustomMetric": { "additionalProperties": false, "properties": { "Condition": { @@ -141638,41 +146058,38 @@ "Properties": { "additionalProperties": false, "properties": { - "HybridAccessEnabled": { - "markdownDescription": "Indicates whether the data access of tables pointing to the location can be managed by both Lake Formation permissions as well as Amazon S3 bucket policies.", - "title": "HybridAccessEnabled", - "type": "boolean" - }, - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", - "title": "ResourceArn", + "DisplayName": { + "markdownDescription": "The friendly name in the console for the custom metric. This name doesn't have to be unique. Don't use this name as the metric identifier in the device metric report. You can update the friendly name after you define it.", + "title": "DisplayName", "type": "string" }, - "RoleArn": { - "markdownDescription": "The IAM role that registered a resource.", - "title": "RoleArn", + "MetricName": { + "markdownDescription": "The name of the custom metric. This will be used in the metric report submitted from the device/thing. The name can't begin with `aws:` . You can\u2019t change the name after you define it.", + "title": "MetricName", "type": "string" }, - "UseServiceLinkedRole": { - "markdownDescription": "Designates a trusted caller, an IAM principal, by registering this caller with the Data Catalog .", - "title": "UseServiceLinkedRole", - "type": "boolean" + "MetricType": { + "markdownDescription": "The type of the custom metric. Types include `string-list` , `ip-address-list` , `number-list` , and `number` .\n\n> The type `number` only takes a single metric value as an input, but when you submit the metrics value in the DeviceMetrics report, you must pass it as an array with a single value.", + "title": "MetricType", + "type": "string" }, - "WithFederation": { - "markdownDescription": "Allows Lake Formation to assume a role to access tables in a federated database.", - "title": "WithFederation", - "type": "boolean" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata that can be used to manage the custom metric.", + "title": "Tags", + "type": "array" } }, "required": [ - "ResourceArn", - "UseServiceLinkedRole" + "MetricType" ], "type": "object" }, "Type": { "enum": [ - "AWS::LakeFormation::Resource" + "AWS::IoT::CustomMetric" ], "type": "string" }, @@ -141691,7 +146108,7 @@ ], "type": "object" }, - "AWS::LakeFormation::Tag": { + "AWS::IoT::Dimension": { "additionalProperties": false, "properties": { "Condition": { @@ -141726,34 +146143,42 @@ "Properties": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "Catalog id string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html) .\n\nThe identifier for the Data Catalog . By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your AWS Lake Formation environment.", - "title": "CatalogId", - "type": "string" - }, - "TagKey": { - "markdownDescription": "UTF-8 string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html) .\n\nThe key-name for the LF-tag.", - "title": "TagKey", + "Name": { + "markdownDescription": "A unique identifier for the dimension.", + "title": "Name", "type": "string" }, - "TagValues": { + "StringValues": { "items": { "type": "string" }, - "markdownDescription": "An array of UTF-8 strings, not less than 1 or more than 50 strings.\n\nA list of possible values of the corresponding `TagKey` of an LF-tag key-value pair.", - "title": "TagValues", + "markdownDescription": "Specifies the value or list of values for the dimension. For `TOPIC_FILTER` dimensions, this is a pattern used to match the MQTT topic (for example, \"admin/#\").", + "title": "StringValues", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata that can be used to manage the dimension.", + "title": "Tags", "type": "array" + }, + "Type": { + "markdownDescription": "Specifies the type of dimension. Supported types: `TOPIC_FILTER.`", + "title": "Type", + "type": "string" } }, "required": [ - "TagKey", - "TagValues" + "StringValues", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::LakeFormation::Tag" + "AWS::IoT::Dimension" ], "type": "string" }, @@ -141772,7 +146197,7 @@ ], "type": "object" }, - "AWS::LakeFormation::TagAssociation": { + "AWS::IoT::DomainConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -141807,29 +146232,83 @@ "Properties": { "additionalProperties": false, "properties": { - "LFTags": { + "ApplicationProtocol": { + "markdownDescription": "An enumerated string that speci\ufb01es the application-layer protocol.", + "title": "ApplicationProtocol", + "type": "string" + }, + "AuthenticationType": { + "markdownDescription": "An enumerated string that speci\ufb01es the authentication type.", + "title": "AuthenticationType", + "type": "string" + }, + "AuthorizerConfig": { + "$ref": "#/definitions/AWS::IoT::DomainConfiguration.AuthorizerConfig", + "markdownDescription": "An object that specifies the authorization service for a domain.", + "title": "AuthorizerConfig" + }, + "ClientCertificateConfig": { + "$ref": "#/definitions/AWS::IoT::DomainConfiguration.ClientCertificateConfig", + "markdownDescription": "An object that speci\ufb01es the client certificate con\ufb01guration for a domain.", + "title": "ClientCertificateConfig" + }, + "DomainConfigurationName": { + "markdownDescription": "The name of the domain configuration. This value must be unique to a region.", + "title": "DomainConfigurationName", + "type": "string" + }, + "DomainConfigurationStatus": { + "markdownDescription": "The status to which the domain configuration should be updated.\n\nValid values: `ENABLED` | `DISABLED`", + "title": "DomainConfigurationStatus", + "type": "string" + }, + "DomainName": { + "markdownDescription": "The name of the domain.", + "title": "DomainName", + "type": "string" + }, + "ServerCertificateArns": { "items": { - "$ref": "#/definitions/AWS::LakeFormation::TagAssociation.LFTagPair" + "type": "string" }, - "markdownDescription": "A structure containing an LF-tag key-value pair.", - "title": "LFTags", + "markdownDescription": "The ARNs of the certificates that AWS IoT passes to the device during the TLS handshake. Currently you can specify only one certificate ARN. This value is not required for AWS -managed domains.", + "title": "ServerCertificateArns", "type": "array" }, - "Resource": { - "$ref": "#/definitions/AWS::LakeFormation::TagAssociation.Resource", - "markdownDescription": "UTF-8 string (valid values: `DATABASE | TABLE` ).\n\nThe resource for which the LF-tag policy applies.", - "title": "Resource" + "ServerCertificateConfig": { + "$ref": "#/definitions/AWS::IoT::DomainConfiguration.ServerCertificateConfig", + "markdownDescription": "The server certificate configuration.\n\nFor more information, see [Configurable endpoints](https://docs.aws.amazon.com//iot/latest/developerguide/iot-custom-endpoints-configurable.html) from the AWS IoT Core Developer Guide.", + "title": "ServerCertificateConfig" + }, + "ServiceType": { + "markdownDescription": "The type of service delivered by the endpoint.\n\n> AWS IoT Core currently supports only the `DATA` service type.", + "title": "ServiceType", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata which can be used to manage the domain configuration.\n\n> For URI Request parameters use format: ...key1=value1&key2=value2...\n> \n> For the CLI command-line parameter use format: &&tags \"key1=value1&key2=value2...\"\n> \n> For the cli-input-json file use format: \"tags\": \"key1=value1&key2=value2...\"", + "title": "Tags", + "type": "array" + }, + "TlsConfig": { + "$ref": "#/definitions/AWS::IoT::DomainConfiguration.TlsConfig", + "markdownDescription": "An object that specifies the TLS configuration for a domain.", + "title": "TlsConfig" + }, + "ValidationCertificateArn": { + "markdownDescription": "The certificate used to validate the server certificate and prove domain name ownership. This certificate must be signed by a public certificate authority. This value is not required for AWS -managed domains.", + "title": "ValidationCertificateArn", + "type": "string" } }, - "required": [ - "LFTags", - "Resource" - ], "type": "object" }, "Type": { "enum": [ - "AWS::LakeFormation::TagAssociation" + "AWS::IoT::DomainConfiguration" ], "type": "string" }, @@ -141843,152 +146322,91 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::LakeFormation::TagAssociation.DatabaseResource": { + "AWS::IoT::DomainConfiguration.AuthorizerConfig": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The identifier for the Data Catalog . By default, it should be the account ID of the caller.", - "title": "CatalogId", - "type": "string" + "AllowAuthorizerOverride": { + "markdownDescription": "A Boolean that specifies whether the domain configuration's authorization service can be overridden.", + "title": "AllowAuthorizerOverride", + "type": "boolean" }, - "Name": { - "markdownDescription": "The name of the database resource. Unique to the Data Catalog.", - "title": "Name", + "DefaultAuthorizerName": { + "markdownDescription": "The name of the authorization service for a domain configuration.", + "title": "DefaultAuthorizerName", "type": "string" } }, - "required": [ - "CatalogId", - "Name" - ], "type": "object" }, - "AWS::LakeFormation::TagAssociation.LFTagPair": { + "AWS::IoT::DomainConfiguration.ClientCertificateConfig": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The identifier for the Data Catalog . By default, it is the account ID of the caller.", - "title": "CatalogId", - "type": "string" - }, - "TagKey": { - "markdownDescription": "The key-name for the LF-tag.", - "title": "TagKey", + "ClientCertificateCallbackArn": { + "markdownDescription": "The ARN of the Lambda function that IoT invokes after mutual TLS authentication during the connection.", + "title": "ClientCertificateCallbackArn", "type": "string" - }, - "TagValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of possible values of the corresponding `TagKey` of an LF-tag key-value pair.", - "title": "TagValues", - "type": "array" } }, - "required": [ - "CatalogId", - "TagKey", - "TagValues" - ], "type": "object" }, - "AWS::LakeFormation::TagAssociation.Resource": { + "AWS::IoT::DomainConfiguration.ServerCertificateConfig": { "additionalProperties": false, "properties": { - "Catalog": { - "markdownDescription": "The identifier for the Data Catalog. By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your AWS Lake Formation environment.", - "title": "Catalog", - "type": "object" - }, - "Database": { - "$ref": "#/definitions/AWS::LakeFormation::TagAssociation.DatabaseResource", - "markdownDescription": "The database for the resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database permissions to a principal.", - "title": "Database" + "EnableOCSPCheck": { + "markdownDescription": "A Boolean value that indicates whether Online Certificate Status Protocol (OCSP) server certificate check is enabled or not. For more information, see [Configurable endpoints](https://docs.aws.amazon.com//iot/latest/developerguide/iot-custom-endpoints-configurable.html) from the AWS IoT Core Developer Guide.", + "title": "EnableOCSPCheck", + "type": "boolean" }, - "Table": { - "$ref": "#/definitions/AWS::LakeFormation::TagAssociation.TableResource", - "markdownDescription": "The table for the resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.", - "title": "Table" + "OcspAuthorizedResponderArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for an X.509 certificate stored in ACM. If provided, AWS IoT Core will use this certificate to validate the signature of the received OCSP response. The OCSP responder must sign responses using either this authorized responder certificate or the issuing certificate, depending on whether the ARN is provided or not. The certificate must be in the same account and region as the domain configuration.", + "title": "OcspAuthorizedResponderArn", + "type": "string" }, - "TableWithColumns": { - "$ref": "#/definitions/AWS::LakeFormation::TagAssociation.TableWithColumnsResource", - "markdownDescription": "The table with columns for the resource. A principal with permissions to this resource can select metadata from the columns of a table in the Data Catalog and the underlying data in Amazon S3.", - "title": "TableWithColumns" + "OcspLambdaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for a Lambda function that acts as a Request for Comments (RFC) 6960-compliant Online Certificate Status Protocol (OCSP) responder, supporting basic OCSP responses. The Lambda function accepts a base64-encoding of the OCSP request in the Distinguished Encoding Rules (DER) format. The Lambda function's response is also a base64-encoded OCSP response in the DER format. The response size must not exceed 4 kilobytes (KiB). The Lambda function must be in the same account and region as the domain configuration.", + "title": "OcspLambdaArn", + "type": "string" } }, "type": "object" }, - "AWS::LakeFormation::TagAssociation.TableResource": { + "AWS::IoT::DomainConfiguration.ServerCertificateSummary": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The identifier for the Data Catalog . By default, it is the account ID of the caller.", - "title": "CatalogId", + "ServerCertificateArn": { + "markdownDescription": "The ARN of the server certificate.", + "title": "ServerCertificateArn", "type": "string" }, - "DatabaseName": { - "markdownDescription": "The name of the database for the table. Unique to a Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.", - "title": "DatabaseName", + "ServerCertificateStatus": { + "markdownDescription": "The status of the server certificate.", + "title": "ServerCertificateStatus", "type": "string" }, - "Name": { - "markdownDescription": "The name of the table.", - "title": "Name", + "ServerCertificateStatusDetail": { + "markdownDescription": "Details that explain the status of the server certificate.", + "title": "ServerCertificateStatusDetail", "type": "string" - }, - "TableWildcard": { - "markdownDescription": "A wildcard object representing every table under a database.This is an object with no properties that effectively behaves as a true or false depending on whether not it is passed as a parameter. The valid inputs for a property with this type in either yaml or json is null or {}.\n\nAt least one of `TableResource$Name` or `TableResource$TableWildcard` is required.", - "title": "TableWildcard", - "type": "object" } }, - "required": [ - "CatalogId", - "DatabaseName" - ], "type": "object" }, - "AWS::LakeFormation::TagAssociation.TableWithColumnsResource": { + "AWS::IoT::DomainConfiguration.TlsConfig": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "A wildcard object representing every table under a database.\n\nAt least one of TableResource$Name or TableResource$TableWildcard is required.", - "title": "CatalogId", - "type": "string" - }, - "ColumnNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of column names for the table. At least one of `ColumnNames` or `ColumnWildcard` is required.", - "title": "ColumnNames", - "type": "array" - }, - "DatabaseName": { - "markdownDescription": "The name of the database for the table with columns resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.", - "title": "DatabaseName", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the table resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.", - "title": "Name", + "SecurityPolicy": { + "markdownDescription": "The security policy for a domain configuration. For more information, see [Security policies](https://docs.aws.amazon.com/iot/latest/developerguide/transport-security.html#tls-policy-table) in the *AWS IoT Core developer guide* .", + "title": "SecurityPolicy", "type": "string" } }, - "required": [ - "CatalogId", - "ColumnNames", - "DatabaseName", - "Name" - ], "type": "object" }, - "AWS::Lambda::Alias": { + "AWS::IoT::FleetMetric": { "additionalProperties": false, "properties": { "Condition": { @@ -142023,47 +146441,68 @@ "Properties": { "additionalProperties": false, "properties": { + "AggregationField": { + "markdownDescription": "The field to aggregate.", + "title": "AggregationField", + "type": "string" + }, + "AggregationType": { + "$ref": "#/definitions/AWS::IoT::FleetMetric.AggregationType", + "markdownDescription": "The type of the aggregation query.", + "title": "AggregationType" + }, "Description": { - "markdownDescription": "A description of the alias.", + "markdownDescription": "The fleet metric description.", "title": "Description", "type": "string" }, - "FunctionName": { - "markdownDescription": "The name or ARN of the Lambda function.\n\n**Name formats** - *Function name* - `MyFunction` .\n- *Function ARN* - `arn:aws:lambda:us-west-2:123456789012:function:MyFunction` .\n- *Partial ARN* - `123456789012:function:MyFunction` .\n\nThe length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length.", - "title": "FunctionName", + "IndexName": { + "markdownDescription": "The name of the index to search.", + "title": "IndexName", "type": "string" }, - "FunctionVersion": { - "markdownDescription": "The function version that the alias invokes.", - "title": "FunctionVersion", + "MetricName": { + "markdownDescription": "The name of the fleet metric to create.", + "title": "MetricName", "type": "string" }, - "Name": { - "markdownDescription": "The name of the alias.", - "title": "Name", + "Period": { + "markdownDescription": "The time in seconds between fleet metric emissions. Range [60(1 min), 86400(1 day)] and must be multiple of 60.", + "title": "Period", + "type": "number" + }, + "QueryString": { + "markdownDescription": "The search query string.", + "title": "QueryString", "type": "string" }, - "ProvisionedConcurrencyConfig": { - "$ref": "#/definitions/AWS::Lambda::Alias.ProvisionedConcurrencyConfiguration", - "markdownDescription": "Specifies a [provisioned concurrency](https://docs.aws.amazon.com/lambda/latest/dg/configuration-concurrency.html) configuration for a function's alias.", - "title": "ProvisionedConcurrencyConfig" + "QueryVersion": { + "markdownDescription": "The query version.", + "title": "QueryVersion", + "type": "string" }, - "RoutingConfig": { - "$ref": "#/definitions/AWS::Lambda::Alias.AliasRoutingConfiguration", - "markdownDescription": "The [routing configuration](https://docs.aws.amazon.com/lambda/latest/dg/lambda-traffic-shifting-using-aliases.html) of the alias.", - "title": "RoutingConfig" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata which can be used to manage the fleet metric.", + "title": "Tags", + "type": "array" + }, + "Unit": { + "markdownDescription": "Used to support unit transformation such as milliseconds to seconds. Must be a unit supported by CW metric. Default to null.", + "title": "Unit", + "type": "string" } }, "required": [ - "FunctionName", - "FunctionVersion", - "Name" + "MetricName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lambda::Alias" + "AWS::IoT::FleetMetric" ], "type": "string" }, @@ -142082,58 +146521,30 @@ ], "type": "object" }, - "AWS::Lambda::Alias.AliasRoutingConfiguration": { + "AWS::IoT::FleetMetric.AggregationType": { "additionalProperties": false, "properties": { - "AdditionalVersionWeights": { + "Name": { + "markdownDescription": "The name of the aggregation type.", + "title": "Name", + "type": "string" + }, + "Values": { "items": { - "$ref": "#/definitions/AWS::Lambda::Alias.VersionWeight" + "type": "string" }, - "markdownDescription": "The second version, and the percentage of traffic that's routed to it.", - "title": "AdditionalVersionWeights", + "markdownDescription": "A list of the values of aggregation types.", + "title": "Values", "type": "array" } }, "required": [ - "AdditionalVersionWeights" - ], - "type": "object" - }, - "AWS::Lambda::Alias.ProvisionedConcurrencyConfiguration": { - "additionalProperties": false, - "properties": { - "ProvisionedConcurrentExecutions": { - "markdownDescription": "The amount of provisioned concurrency to allocate for the alias.", - "title": "ProvisionedConcurrentExecutions", - "type": "number" - } - }, - "required": [ - "ProvisionedConcurrentExecutions" - ], - "type": "object" - }, - "AWS::Lambda::Alias.VersionWeight": { - "additionalProperties": false, - "properties": { - "FunctionVersion": { - "markdownDescription": "The qualifier of the second version.", - "title": "FunctionVersion", - "type": "string" - }, - "FunctionWeight": { - "markdownDescription": "The percentage of traffic that the alias routes to the second version.", - "title": "FunctionWeight", - "type": "number" - } - }, - "required": [ - "FunctionVersion", - "FunctionWeight" + "Name", + "Values" ], "type": "object" }, - "AWS::Lambda::CodeSigningConfig": { + "AWS::IoT::JobTemplate": { "additionalProperties": false, "properties": { "Condition": { @@ -142168,30 +146579,90 @@ "Properties": { "additionalProperties": false, "properties": { - "AllowedPublishers": { - "$ref": "#/definitions/AWS::Lambda::CodeSigningConfig.AllowedPublishers", - "markdownDescription": "List of allowed publishers.", - "title": "AllowedPublishers" - }, - "CodeSigningPolicies": { - "$ref": "#/definitions/AWS::Lambda::CodeSigningConfig.CodeSigningPolicies", - "markdownDescription": "The code signing policy controls the validation failure action for signature mismatch or expiry.", - "title": "CodeSigningPolicies" + "AbortConfig": { + "$ref": "#/definitions/AWS::IoT::JobTemplate.AbortConfig", + "markdownDescription": "The criteria that determine when and how a job abort takes place.", + "title": "AbortConfig" }, "Description": { - "markdownDescription": "Code signing configuration description.", + "markdownDescription": "A description of the job template.", "title": "Description", "type": "string" + }, + "DestinationPackageVersions": { + "items": { + "type": "string" + }, + "markdownDescription": "The package version Amazon Resource Names (ARNs) that are installed on the device\u2019s reserved named shadow ( `$package` ) when the job successfully completes.\n\n*Note:* Up to 25 package version ARNS are allowed.", + "title": "DestinationPackageVersions", + "type": "array" + }, + "Document": { + "markdownDescription": "The job document.\n\nRequired if you don't specify a value for `documentSource` .", + "title": "Document", + "type": "string" + }, + "DocumentSource": { + "markdownDescription": "An S3 link, or S3 object URL, to the job document. The link is an Amazon S3 object URL and is required if you don't specify a value for `document` .\n\nFor example, `--document-source https://s3. *region-code* .amazonaws.com/example-firmware/device-firmware.1.0`\n\nFor more information, see [Methods for accessing a bucket](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-bucket-intro.html) .", + "title": "DocumentSource", + "type": "string" + }, + "JobArn": { + "markdownDescription": "The ARN of the job to use as the basis for the job template.", + "title": "JobArn", + "type": "string" + }, + "JobExecutionsRetryConfig": { + "$ref": "#/definitions/AWS::IoT::JobTemplate.JobExecutionsRetryConfig", + "markdownDescription": "Allows you to create the criteria to retry a job.", + "title": "JobExecutionsRetryConfig" + }, + "JobExecutionsRolloutConfig": { + "$ref": "#/definitions/AWS::IoT::JobTemplate.JobExecutionsRolloutConfig", + "markdownDescription": "Allows you to create a staged rollout of a job.", + "title": "JobExecutionsRolloutConfig" + }, + "JobTemplateId": { + "markdownDescription": "A unique identifier for the job template. We recommend using a UUID. Alpha-numeric characters, \"-\", and \"_\" are valid for use here.", + "title": "JobTemplateId", + "type": "string" + }, + "MaintenanceWindows": { + "items": { + "$ref": "#/definitions/AWS::IoT::JobTemplate.MaintenanceWindow" + }, + "markdownDescription": "An optional configuration within the SchedulingConfig to setup a recurring maintenance window with a predetermined start time and duration for the rollout of a job document to all devices in a target group for a job.", + "title": "MaintenanceWindows", + "type": "array" + }, + "PresignedUrlConfig": { + "$ref": "#/definitions/AWS::IoT::JobTemplate.PresignedUrlConfig", + "markdownDescription": "Configuration for pre-signed S3 URLs.", + "title": "PresignedUrlConfig" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata that can be used to manage the job template.", + "title": "Tags", + "type": "array" + }, + "TimeoutConfig": { + "$ref": "#/definitions/AWS::IoT::JobTemplate.TimeoutConfig", + "markdownDescription": "Specifies the amount of time each device has to finish its execution of the job. A timer is started when the job execution status is set to `IN_PROGRESS` . If the job execution status is not set to another terminal state before the timer expires, it will be automatically set to `TIMED_OUT` .", + "title": "TimeoutConfig" } }, "required": [ - "AllowedPublishers" + "Description", + "JobTemplateId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lambda::CodeSigningConfig" + "AWS::IoT::JobTemplate" ], "type": "string" }, @@ -142210,38 +146681,193 @@ ], "type": "object" }, - "AWS::Lambda::CodeSigningConfig.AllowedPublishers": { + "AWS::IoT::JobTemplate.AbortConfig": { "additionalProperties": false, "properties": { - "SigningProfileVersionArns": { + "CriteriaList": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::IoT::JobTemplate.AbortCriteria" }, - "markdownDescription": "The Amazon Resource Name (ARN) for each of the signing profiles. A signing profile defines a trusted user who can sign a code package.", - "title": "SigningProfileVersionArns", + "markdownDescription": "The list of criteria that determine when and how to abort the job.", + "title": "CriteriaList", "type": "array" } }, "required": [ - "SigningProfileVersionArns" + "CriteriaList" ], "type": "object" }, - "AWS::Lambda::CodeSigningConfig.CodeSigningPolicies": { + "AWS::IoT::JobTemplate.AbortCriteria": { "additionalProperties": false, "properties": { - "UntrustedArtifactOnDeployment": { - "markdownDescription": "Code signing configuration policy for deployment validation failure. If you set the policy to `Enforce` , Lambda blocks the deployment request if signature validation checks fail. If you set the policy to `Warn` , Lambda allows the deployment and creates a CloudWatch log.\n\nDefault value: `Warn`", - "title": "UntrustedArtifactOnDeployment", + "Action": { + "markdownDescription": "The type of job action to take to initiate the job abort.", + "title": "Action", + "type": "string" + }, + "FailureType": { + "markdownDescription": "The type of job execution failures that can initiate a job abort.", + "title": "FailureType", "type": "string" + }, + "MinNumberOfExecutedThings": { + "markdownDescription": "The minimum number of things which must receive job execution notifications before the job can be aborted.", + "title": "MinNumberOfExecutedThings", + "type": "number" + }, + "ThresholdPercentage": { + "markdownDescription": "The minimum percentage of job execution failures that must occur to initiate the job abort.\n\nAWS IoT Core supports up to two digits after the decimal (for example, 10.9 and 10.99, but not 10.999).", + "title": "ThresholdPercentage", + "type": "number" } }, "required": [ - "UntrustedArtifactOnDeployment" + "Action", + "FailureType", + "MinNumberOfExecutedThings", + "ThresholdPercentage" ], "type": "object" }, - "AWS::Lambda::EventInvokeConfig": { + "AWS::IoT::JobTemplate.ExponentialRolloutRate": { + "additionalProperties": false, + "properties": { + "BaseRatePerMinute": { + "markdownDescription": "The minimum number of things that will be notified of a pending job, per minute at the start of job rollout. This parameter allows you to define the initial rate of rollout.", + "title": "BaseRatePerMinute", + "type": "number" + }, + "IncrementFactor": { + "markdownDescription": "The exponential factor to increase the rate of rollout for a job.\n\nAWS IoT Core supports up to one digit after the decimal (for example, 1.5, but not 1.55).", + "title": "IncrementFactor", + "type": "number" + }, + "RateIncreaseCriteria": { + "$ref": "#/definitions/AWS::IoT::JobTemplate.RateIncreaseCriteria", + "markdownDescription": "The criteria to initiate the increase in rate of rollout for a job.", + "title": "RateIncreaseCriteria" + } + }, + "required": [ + "BaseRatePerMinute", + "IncrementFactor", + "RateIncreaseCriteria" + ], + "type": "object" + }, + "AWS::IoT::JobTemplate.JobExecutionsRetryConfig": { + "additionalProperties": false, + "properties": { + "RetryCriteriaList": { + "items": { + "$ref": "#/definitions/AWS::IoT::JobTemplate.RetryCriteria" + }, + "markdownDescription": "The list of criteria that determines how many retries are allowed for each failure type for a job.", + "title": "RetryCriteriaList", + "type": "array" + } + }, + "type": "object" + }, + "AWS::IoT::JobTemplate.JobExecutionsRolloutConfig": { + "additionalProperties": false, + "properties": { + "ExponentialRolloutRate": { + "$ref": "#/definitions/AWS::IoT::JobTemplate.ExponentialRolloutRate", + "markdownDescription": "The rate of increase for a job rollout. This parameter allows you to define an exponential rate for a job rollout.", + "title": "ExponentialRolloutRate" + }, + "MaximumPerMinute": { + "markdownDescription": "The maximum number of things that will be notified of a pending job, per minute. This parameter allows you to create a staged rollout.", + "title": "MaximumPerMinute", + "type": "number" + } + }, + "type": "object" + }, + "AWS::IoT::JobTemplate.MaintenanceWindow": { + "additionalProperties": false, + "properties": { + "DurationInMinutes": { + "markdownDescription": "Displays the duration of the next maintenance window.", + "title": "DurationInMinutes", + "type": "number" + }, + "StartTime": { + "markdownDescription": "Displays the start time of the next maintenance window.", + "title": "StartTime", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoT::JobTemplate.PresignedUrlConfig": { + "additionalProperties": false, + "properties": { + "ExpiresInSec": { + "markdownDescription": "How long (in seconds) pre-signed URLs are valid. Valid values are 60 - 3600, the default value is 3600 seconds. Pre-signed URLs are generated when Jobs receives an MQTT request for the job document.", + "title": "ExpiresInSec", + "type": "number" + }, + "RoleArn": { + "markdownDescription": "The ARN of an IAM role that grants grants permission to download files from the S3 bucket where the job data/updates are stored. The role must also grant permission for IoT to download the files.\n\n> For information about addressing the confused deputy problem, see [cross-service confused deputy prevention](https://docs.aws.amazon.com/iot/latest/developerguide/cross-service-confused-deputy-prevention.html) in the *AWS IoT Core developer guide* .", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "RoleArn" + ], + "type": "object" + }, + "AWS::IoT::JobTemplate.RateIncreaseCriteria": { + "additionalProperties": false, + "properties": { + "NumberOfNotifiedThings": { + "markdownDescription": "The threshold for number of notified things that will initiate the increase in rate of rollout.", + "title": "NumberOfNotifiedThings", + "type": "number" + }, + "NumberOfSucceededThings": { + "markdownDescription": "The threshold for number of succeeded things that will initiate the increase in rate of rollout.", + "title": "NumberOfSucceededThings", + "type": "number" + } + }, + "type": "object" + }, + "AWS::IoT::JobTemplate.RetryCriteria": { + "additionalProperties": false, + "properties": { + "FailureType": { + "markdownDescription": "The type of job execution failures that can initiate a job retry.", + "title": "FailureType", + "type": "string" + }, + "NumberOfRetries": { + "markdownDescription": "The number of retries allowed for a failure type for the job.", + "title": "NumberOfRetries", + "type": "number" + } + }, + "type": "object" + }, + "AWS::IoT::JobTemplate.TimeoutConfig": { + "additionalProperties": false, + "properties": { + "InProgressTimeoutInMinutes": { + "markdownDescription": "Specifies the amount of time, in minutes, this device has to finish execution of this job. The timeout interval can be anywhere between 1 minute and 7 days (1 to 10080 minutes). The in progress timer can't be updated and will apply to all job executions for the job. Whenever a job execution remains in the IN_PROGRESS status for longer than this interval, the job execution will fail and switch to the terminal `TIMED_OUT` status.", + "title": "InProgressTimeoutInMinutes", + "type": "number" + } + }, + "required": [ + "InProgressTimeoutInMinutes" + ], + "type": "object" + }, + "AWS::IoT::Logging": { "additionalProperties": false, "properties": { "Condition": { @@ -142276,41 +146902,32 @@ "Properties": { "additionalProperties": false, "properties": { - "DestinationConfig": { - "$ref": "#/definitions/AWS::Lambda::EventInvokeConfig.DestinationConfig", - "markdownDescription": "A destination for events after they have been sent to a function for processing.\n\n**Destinations** - *Function* - The Amazon Resource Name (ARN) of a Lambda function.\n- *Queue* - The ARN of a standard SQS queue.\n- *Bucket* - The ARN of an Amazon S3 bucket.\n- *Topic* - The ARN of a standard SNS topic.\n- *Event Bus* - The ARN of an Amazon EventBridge event bus.\n\n> S3 buckets are supported only for on-failure destinations. To retain records of successful invocations, use another destination type.", - "title": "DestinationConfig" - }, - "FunctionName": { - "markdownDescription": "The name of the Lambda function.\n\n*Minimum* : `1`\n\n*Maximum* : `64`\n\n*Pattern* : `([a-zA-Z0-9-_]+)`", - "title": "FunctionName", + "AccountId": { + "markdownDescription": "The account ID.", + "title": "AccountId", "type": "string" }, - "MaximumEventAgeInSeconds": { - "markdownDescription": "The maximum age of a request that Lambda sends to a function for processing.", - "title": "MaximumEventAgeInSeconds", - "type": "number" - }, - "MaximumRetryAttempts": { - "markdownDescription": "The maximum number of times to retry when the function returns an error.", - "title": "MaximumRetryAttempts", - "type": "number" + "DefaultLogLevel": { + "markdownDescription": "The default log level. Valid Values: `DEBUG | INFO | ERROR | WARN | DISABLED`", + "title": "DefaultLogLevel", + "type": "string" }, - "Qualifier": { - "markdownDescription": "The identifier of a version or alias.\n\n- *Version* - A version number.\n- *Alias* - An alias name.\n- *Latest* - To specify the unpublished version, use `$LATEST` .", - "title": "Qualifier", + "RoleArn": { + "markdownDescription": "The role ARN used for the log.", + "title": "RoleArn", "type": "string" } }, "required": [ - "FunctionName", - "Qualifier" + "AccountId", + "DefaultLogLevel", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lambda::EventInvokeConfig" + "AWS::IoT::Logging" ], "type": "string" }, @@ -142329,51 +146946,7 @@ ], "type": "object" }, - "AWS::Lambda::EventInvokeConfig.DestinationConfig": { - "additionalProperties": false, - "properties": { - "OnFailure": { - "$ref": "#/definitions/AWS::Lambda::EventInvokeConfig.OnFailure", - "markdownDescription": "The destination configuration for failed invocations.\n\n> When using an Amazon SQS queue as a destination, FIFO queues cannot be used.", - "title": "OnFailure" - }, - "OnSuccess": { - "$ref": "#/definitions/AWS::Lambda::EventInvokeConfig.OnSuccess", - "markdownDescription": "The destination configuration for successful invocations.\n\n> When using an Amazon SQS queue as a destination, FIFO queues cannot be used.", - "title": "OnSuccess" - } - }, - "type": "object" - }, - "AWS::Lambda::EventInvokeConfig.OnFailure": { - "additionalProperties": false, - "properties": { - "Destination": { - "markdownDescription": "The Amazon Resource Name (ARN) of the destination resource.\n\nTo retain records of unsuccessful [asynchronous invocations](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-async-destinations) , you can configure an Amazon SNS topic, Amazon SQS queue, Amazon S3 bucket, Lambda function, or Amazon EventBridge event bus as the destination.\n\nTo retain records of failed invocations from [Kinesis](https://docs.aws.amazon.com/lambda/latest/dg/with-kinesis.html) , [DynamoDB](https://docs.aws.amazon.com/lambda/latest/dg/with-ddb.html) , [self-managed Kafka](https://docs.aws.amazon.com/lambda/latest/dg/with-kafka.html#services-smaa-onfailure-destination) or [Amazon MSK](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#services-msk-onfailure-destination) , you can configure an Amazon SNS topic, Amazon SQS queue, or Amazon S3 bucket as the destination.", - "title": "Destination", - "type": "string" - } - }, - "required": [ - "Destination" - ], - "type": "object" - }, - "AWS::Lambda::EventInvokeConfig.OnSuccess": { - "additionalProperties": false, - "properties": { - "Destination": { - "markdownDescription": "The Amazon Resource Name (ARN) of the destination resource.", - "title": "Destination", - "type": "string" - } - }, - "required": [ - "Destination" - ], - "type": "object" - }, - "AWS::Lambda::EventSourceMapping": { + "AWS::IoT::MitigationAction": { "additionalProperties": false, "properties": { "Condition": { @@ -142408,142 +146981,39 @@ "Properties": { "additionalProperties": false, "properties": { - "AmazonManagedKafkaEventSourceConfig": { - "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.AmazonManagedKafkaEventSourceConfig", - "markdownDescription": "Specific configuration settings for an Amazon Managed Streaming for Apache Kafka (Amazon MSK) event source.", - "title": "AmazonManagedKafkaEventSourceConfig" - }, - "BatchSize": { - "markdownDescription": "The maximum number of records in each batch that Lambda pulls from your stream or queue and sends to your function. Lambda passes all of the records in the batch to the function in a single call, up to the payload limit for synchronous invocation (6 MB).\n\n- *Amazon Kinesis* \u2013 Default 100. Max 10,000.\n- *Amazon DynamoDB Streams* \u2013 Default 100. Max 10,000.\n- *Amazon Simple Queue Service* \u2013 Default 10. For standard queues the max is 10,000. For FIFO queues the max is 10.\n- *Amazon Managed Streaming for Apache Kafka* \u2013 Default 100. Max 10,000.\n- *Self-managed Apache Kafka* \u2013 Default 100. Max 10,000.\n- *Amazon MQ (ActiveMQ and RabbitMQ)* \u2013 Default 100. Max 10,000.\n- *DocumentDB* \u2013 Default 100. Max 10,000.", - "title": "BatchSize", - "type": "number" - }, - "BisectBatchOnFunctionError": { - "markdownDescription": "(Kinesis and DynamoDB Streams only) If the function returns an error, split the batch in two and retry. The default value is false.\n\n> When using `BisectBatchOnFunctionError` , check the `BatchSize` parameter in the `OnFailure` destination message's metadata. The `BatchSize` could be greater than 1 since Lambda consolidates failed messages metadata when writing to the `OnFailure` destination.", - "title": "BisectBatchOnFunctionError", - "type": "boolean" - }, - "DestinationConfig": { - "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.DestinationConfig", - "markdownDescription": "(Kinesis, DynamoDB Streams, Amazon MSK, and self-managed Apache Kafka event sources only) A configuration object that specifies the destination of an event after Lambda processes it.", - "title": "DestinationConfig" - }, - "DocumentDBEventSourceConfig": { - "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.DocumentDBEventSourceConfig", - "markdownDescription": "Specific configuration settings for a DocumentDB event source.", - "title": "DocumentDBEventSourceConfig" - }, - "Enabled": { - "markdownDescription": "When true, the event source mapping is active. When false, Lambda pauses polling and invocation.\n\nDefault: True", - "title": "Enabled", - "type": "boolean" - }, - "EventSourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the event source.\n\n- *Amazon Kinesis* \u2013 The ARN of the data stream or a stream consumer.\n- *Amazon DynamoDB Streams* \u2013 The ARN of the stream.\n- *Amazon Simple Queue Service* \u2013 The ARN of the queue.\n- *Amazon Managed Streaming for Apache Kafka* \u2013 The ARN of the cluster or the ARN of the VPC connection (for [cross-account event source mappings](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#msk-multi-vpc) ).\n- *Amazon MQ* \u2013 The ARN of the broker.\n- *Amazon DocumentDB* \u2013 The ARN of the DocumentDB change stream.", - "title": "EventSourceArn", - "type": "string" - }, - "FilterCriteria": { - "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.FilterCriteria", - "markdownDescription": "An object that defines the filter criteria that determine whether Lambda should process an event. For more information, see [Lambda event filtering](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html) .", - "title": "FilterCriteria" - }, - "FunctionName": { - "markdownDescription": "The name or ARN of the Lambda function.\n\n**Name formats** - *Function name* \u2013 `MyFunction` .\n- *Function ARN* \u2013 `arn:aws:lambda:us-west-2:123456789012:function:MyFunction` .\n- *Version or Alias ARN* \u2013 `arn:aws:lambda:us-west-2:123456789012:function:MyFunction:PROD` .\n- *Partial ARN* \u2013 `123456789012:function:MyFunction` .\n\nThe length constraint applies only to the full ARN. If you specify only the function name, it's limited to 64 characters in length.", - "title": "FunctionName", + "ActionName": { + "markdownDescription": "The friendly name of the mitigation action.", + "title": "ActionName", "type": "string" }, - "FunctionResponseTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "(Kinesis, DynamoDB Streams, and SQS) A list of current response type enums applied to the event source mapping.\n\nValid Values: `ReportBatchItemFailures`", - "title": "FunctionResponseTypes", - "type": "array" - }, - "MaximumBatchingWindowInSeconds": { - "markdownDescription": "The maximum amount of time, in seconds, that Lambda spends gathering records before invoking the function.\n\n*Default ( Kinesis , DynamoDB , Amazon SQS event sources)* : 0\n\n*Default ( Amazon MSK , Kafka, Amazon MQ , Amazon DocumentDB event sources)* : 500 ms\n\n*Related setting:* For Amazon SQS event sources, when you set `BatchSize` to a value greater than 10, you must set `MaximumBatchingWindowInSeconds` to at least 1.", - "title": "MaximumBatchingWindowInSeconds", - "type": "number" - }, - "MaximumRecordAgeInSeconds": { - "markdownDescription": "(Kinesis and DynamoDB Streams only) Discard records older than the specified age. The default value is -1,\nwhich sets the maximum age to infinite. When the value is set to infinite, Lambda never discards old records.\n\n> The minimum valid value for maximum record age is 60s. Although values less than 60 and greater than -1 fall within the parameter's absolute range, they are not allowed", - "title": "MaximumRecordAgeInSeconds", - "type": "number" - }, - "MaximumRetryAttempts": { - "markdownDescription": "(Kinesis and DynamoDB Streams only) Discard records after the specified number of retries. The default value is -1,\nwhich sets the maximum number of retries to infinite. When MaximumRetryAttempts is infinite, Lambda retries failed records until the record expires in the event source.", - "title": "MaximumRetryAttempts", - "type": "number" - }, - "ParallelizationFactor": { - "markdownDescription": "(Kinesis and DynamoDB Streams only) The number of batches to process concurrently from each shard. The default value is 1.", - "title": "ParallelizationFactor", - "type": "number" - }, - "Queues": { - "items": { - "type": "string" - }, - "markdownDescription": "(Amazon MQ) The name of the Amazon MQ broker destination queue to consume.", - "title": "Queues", - "type": "array" - }, - "ScalingConfig": { - "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.ScalingConfig", - "markdownDescription": "(Amazon SQS only) The scaling configuration for the event source. For more information, see [Configuring maximum concurrency for Amazon SQS event sources](https://docs.aws.amazon.com/lambda/latest/dg/with-sqs.html#events-sqs-max-concurrency) .", - "title": "ScalingConfig" - }, - "SelfManagedEventSource": { - "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.SelfManagedEventSource", - "markdownDescription": "The self-managed Apache Kafka cluster for your event source.", - "title": "SelfManagedEventSource" - }, - "SelfManagedKafkaEventSourceConfig": { - "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.SelfManagedKafkaEventSourceConfig", - "markdownDescription": "Specific configuration settings for a self-managed Apache Kafka event source.", - "title": "SelfManagedKafkaEventSourceConfig" - }, - "SourceAccessConfigurations": { - "items": { - "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.SourceAccessConfiguration" - }, - "markdownDescription": "An array of the authentication protocol, VPC components, or virtual host to secure and define your event source.", - "title": "SourceAccessConfigurations", - "type": "array" + "ActionParams": { + "$ref": "#/definitions/AWS::IoT::MitigationAction.ActionParams", + "markdownDescription": "The set of parameters for this mitigation action. The parameters vary, depending on the kind of action you apply.", + "title": "ActionParams" }, - "StartingPosition": { - "markdownDescription": "The position in a stream from which to start reading. Required for Amazon Kinesis and Amazon DynamoDB.\n\n- *LATEST* - Read only new records.\n- *TRIM_HORIZON* - Process all available records.\n- *AT_TIMESTAMP* - Specify a time from which to start reading records.", - "title": "StartingPosition", + "RoleArn": { + "markdownDescription": "The IAM role ARN used to apply this mitigation action.", + "title": "RoleArn", "type": "string" }, - "StartingPositionTimestamp": { - "markdownDescription": "With `StartingPosition` set to `AT_TIMESTAMP` , the time from which to start reading, in Unix time seconds. `StartingPositionTimestamp` cannot be in the future.", - "title": "StartingPositionTimestamp", - "type": "number" - }, - "Topics": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The name of the Kafka topic.", - "title": "Topics", + "markdownDescription": "Metadata that can be used to manage the mitigation action.", + "title": "Tags", "type": "array" - }, - "TumblingWindowInSeconds": { - "markdownDescription": "(Kinesis and DynamoDB Streams only) The duration in seconds of a processing window for DynamoDB and Kinesis Streams event sources. A value of 0 seconds indicates no tumbling window.", - "title": "TumblingWindowInSeconds", - "type": "number" } }, "required": [ - "FunctionName" + "ActionParams", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lambda::EventSourceMapping" + "AWS::IoT::MitigationAction" ], "type": "string" }, @@ -142562,218 +147032,141 @@ ], "type": "object" }, - "AWS::Lambda::EventSourceMapping.AmazonManagedKafkaEventSourceConfig": { + "AWS::IoT::MitigationAction.ActionParams": { "additionalProperties": false, "properties": { - "ConsumerGroupId": { - "markdownDescription": "The identifier for the Kafka consumer group to join. The consumer group ID must be unique among all your Kafka event sources. After creating a Kafka event source mapping with the consumer group ID specified, you cannot update this value. For more information, see [Customizable consumer group ID](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#services-msk-consumer-group-id) .", - "title": "ConsumerGroupId", - "type": "string" + "AddThingsToThingGroupParams": { + "$ref": "#/definitions/AWS::IoT::MitigationAction.AddThingsToThingGroupParams", + "markdownDescription": "Specifies the group to which you want to add the devices.", + "title": "AddThingsToThingGroupParams" }, - "SchemaRegistryConfig": { - "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.SchemaRegistryConfig", - "markdownDescription": "Specific configuration settings for a Kafka schema registry.", - "title": "SchemaRegistryConfig" - } - }, - "type": "object" - }, - "AWS::Lambda::EventSourceMapping.SchemaRegistryConfig": { - "additionalProperties": false, - "type": "object", - "properties": { - "SchemaRegistryURI" : { - "markdownDescription": "The URI for your schema registry. The correct URI format depends on the type of schema registry you're using.", - "title": "SchemaRegistryURI", - "type": "string" + "EnableIoTLoggingParams": { + "$ref": "#/definitions/AWS::IoT::MitigationAction.EnableIoTLoggingParams", + "markdownDescription": "Specifies the logging level and the role with permissions for logging. You cannot specify a logging level of `DISABLED` .", + "title": "EnableIoTLoggingParams" }, - "EventRecordFormat": { - "markdownDescription": "The record format that Lambda delivers to your function after schema validation.", - "title": "EventRecordFormat", - "type": "string" + "PublishFindingToSnsParams": { + "$ref": "#/definitions/AWS::IoT::MitigationAction.PublishFindingToSnsParams", + "markdownDescription": "Specifies the topic to which the finding should be published.", + "title": "PublishFindingToSnsParams" }, - "AccessConfigs": { - "items": { - "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.SchemaRegistryAccessConfig" - }, - "markdownDescription": "An array of access configuration objects that tell Lambda how to authenticate with your schema registry.", - "title": "AccessConfigs", - "type": "array" + "ReplaceDefaultPolicyVersionParams": { + "$ref": "#/definitions/AWS::IoT::MitigationAction.ReplaceDefaultPolicyVersionParams", + "markdownDescription": "Replaces the policy version with a default or blank policy. You specify the template name. Only a value of `BLANK_POLICY` is currently supported.", + "title": "ReplaceDefaultPolicyVersionParams" }, - "SchemaValidationConfigs": { - "items": { - "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.SchemaValidationConfig" - }, - "markdownDescription": "An array of schema validation configuration objects, which tell Lambda the message attributes you want to validate and filter using your schema registry.", - "title": "SchemaValidationConfigs", - "type": "array" - } - } - }, - "AWS::Lambda::EventSourceMapping.SchemaRegistryAccessConfig": { - "additionalProperties": false, - "type": "object", - "properties": { - "Type": { - "markdownDescription": "The type of authentication Lambda uses to access your schema registry.", - "title": "Type", - "type": "string" + "UpdateCACertificateParams": { + "$ref": "#/definitions/AWS::IoT::MitigationAction.UpdateCACertificateParams", + "markdownDescription": "Specifies the new state for the CA certificate. Only a value of `DEACTIVATE` is currently supported.", + "title": "UpdateCACertificateParams" }, - "URI": { - "markdownDescription": "The URI of the secret (Secrets Manager secret ARN) to authenticate with your schema registry.", - "title": "URI", - "type": "string" - } - } - }, - "AWS::Lambda::EventSourceMapping.SchemaValidationConfig": { - "additionalProperties": false, - "type": "object", - "properties": { - "Attribute": { - "markdownDescription": "The attribute you want your schema registry to validate and filter for.", - "type": "string", - "title": "Attribute" - } - } - }, - "AWS::Lambda::EventSourceMapping.DestinationConfig": { - "additionalProperties": false, - "properties": { - "OnFailure": { - "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.OnFailure", - "markdownDescription": "The destination configuration for failed invocations.", - "title": "OnFailure" + "UpdateDeviceCertificateParams": { + "$ref": "#/definitions/AWS::IoT::MitigationAction.UpdateDeviceCertificateParams", + "markdownDescription": "Specifies the new state for a device certificate. Only a value of `DEACTIVATE` is currently supported.", + "title": "UpdateDeviceCertificateParams" } }, "type": "object" }, - "AWS::Lambda::EventSourceMapping.DocumentDBEventSourceConfig": { + "AWS::IoT::MitigationAction.AddThingsToThingGroupParams": { "additionalProperties": false, "properties": { - "CollectionName": { - "markdownDescription": "The name of the collection to consume within the database. If you do not specify a collection, Lambda consumes all collections.", - "title": "CollectionName", - "type": "string" - }, - "DatabaseName": { - "markdownDescription": "The name of the database to consume within the DocumentDB cluster.", - "title": "DatabaseName", - "type": "string" + "OverrideDynamicGroups": { + "markdownDescription": "Specifies if this mitigation action can move the things that triggered the mitigation action even if they are part of one or more dynamic thing groups.", + "title": "OverrideDynamicGroups", + "type": "boolean" }, - "FullDocument": { - "markdownDescription": "Determines what DocumentDB sends to your event stream during document update operations. If set to UpdateLookup, DocumentDB sends a delta describing the changes, along with a copy of the entire document. Otherwise, DocumentDB sends only a partial document that contains the changes.", - "title": "FullDocument", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Lambda::EventSourceMapping.Endpoints": { - "additionalProperties": false, - "properties": { - "KafkaBootstrapServers": { + "ThingGroupNames": { "items": { "type": "string" }, - "markdownDescription": "The list of bootstrap servers for your Kafka brokers in the following format: `\"KafkaBootstrapServers\": [\"abc.xyz.com:xxxx\",\"abc2.xyz.com:xxxx\"]` .", - "title": "KafkaBootstrapServers", + "markdownDescription": "The list of groups to which you want to add the things that triggered the mitigation action. You can add a thing to a maximum of 10 groups, but you can't add a thing to more than one group in the same hierarchy.", + "title": "ThingGroupNames", "type": "array" } }, + "required": [ + "ThingGroupNames" + ], "type": "object" }, - "AWS::Lambda::EventSourceMapping.Filter": { + "AWS::IoT::MitigationAction.EnableIoTLoggingParams": { "additionalProperties": false, "properties": { - "Pattern": { - "markdownDescription": "A filter pattern. For more information on the syntax of a filter pattern, see [Filter rule syntax](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html#filtering-syntax) .", - "title": "Pattern", + "LogLevel": { + "markdownDescription": "Specifies the type of information to be logged.", + "title": "LogLevel", "type": "string" - } - }, - "type": "object" - }, - "AWS::Lambda::EventSourceMapping.FilterCriteria": { - "additionalProperties": false, - "properties": { - "Filters": { - "items": { - "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.Filter" - }, - "markdownDescription": "A list of filters.", - "title": "Filters", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Lambda::EventSourceMapping.OnFailure": { - "additionalProperties": false, - "properties": { - "Destination": { - "markdownDescription": "The Amazon Resource Name (ARN) of the destination resource.\n\nTo retain records of unsuccessful [asynchronous invocations](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-async-destinations) , you can configure an Amazon SNS topic, Amazon SQS queue, Amazon S3 bucket, Lambda function, or Amazon EventBridge event bus as the destination.\n\nTo retain records of failed invocations from [Kinesis](https://docs.aws.amazon.com/lambda/latest/dg/with-kinesis.html) , [DynamoDB](https://docs.aws.amazon.com/lambda/latest/dg/with-ddb.html) , [self-managed Kafka](https://docs.aws.amazon.com/lambda/latest/dg/with-kafka.html#services-smaa-onfailure-destination) or [Amazon MSK](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#services-msk-onfailure-destination) , you can configure an Amazon SNS topic, Amazon SQS queue, or Amazon S3 bucket as the destination.", - "title": "Destination", + }, + "RoleArnForLogging": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role used for logging.", + "title": "RoleArnForLogging", "type": "string" } }, + "required": [ + "LogLevel", + "RoleArnForLogging" + ], "type": "object" }, - "AWS::Lambda::EventSourceMapping.ScalingConfig": { + "AWS::IoT::MitigationAction.PublishFindingToSnsParams": { "additionalProperties": false, "properties": { - "MaximumConcurrency": { - "markdownDescription": "Limits the number of concurrent instances that the Amazon SQS event source can invoke.", - "title": "MaximumConcurrency", - "type": "number" + "TopicArn": { + "markdownDescription": "The ARN of the topic to which you want to publish the findings.", + "title": "TopicArn", + "type": "string" } }, + "required": [ + "TopicArn" + ], "type": "object" }, - "AWS::Lambda::EventSourceMapping.SelfManagedEventSource": { + "AWS::IoT::MitigationAction.ReplaceDefaultPolicyVersionParams": { "additionalProperties": false, "properties": { - "Endpoints": { - "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.Endpoints", - "markdownDescription": "The list of bootstrap servers for your Kafka brokers in the following format: `\"KafkaBootstrapServers\": [\"abc.xyz.com:xxxx\",\"abc2.xyz.com:xxxx\"]` .", - "title": "Endpoints" + "TemplateName": { + "markdownDescription": "The name of the template to be applied. The only supported value is `BLANK_POLICY` .", + "title": "TemplateName", + "type": "string" } }, + "required": [ + "TemplateName" + ], "type": "object" }, - "AWS::Lambda::EventSourceMapping.SelfManagedKafkaEventSourceConfig": { + "AWS::IoT::MitigationAction.UpdateCACertificateParams": { "additionalProperties": false, "properties": { - "ConsumerGroupId": { - "markdownDescription": "The identifier for the Kafka consumer group to join. The consumer group ID must be unique among all your Kafka event sources. After creating a Kafka event source mapping with the consumer group ID specified, you cannot update this value. For more information, see [Customizable consumer group ID](https://docs.aws.amazon.com/lambda/latest/dg/with-kafka-process.html#services-smaa-topic-add) .", - "title": "ConsumerGroupId", + "Action": { + "markdownDescription": "The action that you want to apply to the CA certificate. The only supported value is `DEACTIVATE` .", + "title": "Action", "type": "string" - }, - "SchemaRegistryConfig": { - "markdownDescription": "Specific configuration settings for a Kafka schema registry.", - "title": "SchemaRegistryConfig", - "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.SchemaRegistryConfig" } }, + "required": [ + "Action" + ], "type": "object" }, - "AWS::Lambda::EventSourceMapping.SourceAccessConfiguration": { + "AWS::IoT::MitigationAction.UpdateDeviceCertificateParams": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The type of authentication protocol, VPC components, or virtual host for your event source. For example: `\"Type\":\"SASL_SCRAM_512_AUTH\"` .\n\n- `BASIC_AUTH` \u2013 (Amazon MQ) The AWS Secrets Manager secret that stores your broker credentials.\n- `BASIC_AUTH` \u2013 (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL/PLAIN authentication of your Apache Kafka brokers.\n- `VPC_SUBNET` \u2013 (Self-managed Apache Kafka) The subnets associated with your VPC. Lambda connects to these subnets to fetch data from your self-managed Apache Kafka cluster.\n- `VPC_SECURITY_GROUP` \u2013 (Self-managed Apache Kafka) The VPC security group used to manage access to your self-managed Apache Kafka brokers.\n- `SASL_SCRAM_256_AUTH` \u2013 (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-256 authentication of your self-managed Apache Kafka brokers.\n- `SASL_SCRAM_512_AUTH` \u2013 (Amazon MSK, Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-512 authentication of your self-managed Apache Kafka brokers.\n- `VIRTUAL_HOST` \u2013- (RabbitMQ) The name of the virtual host in your RabbitMQ broker. Lambda uses this RabbitMQ host as the event source. This property cannot be specified in an UpdateEventSourceMapping API call.\n- `CLIENT_CERTIFICATE_TLS_AUTH` \u2013 (Amazon MSK, self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the certificate chain (X.509 PEM), private key (PKCS#8 PEM), and private key password (optional) used for mutual TLS authentication of your MSK/Apache Kafka brokers.\n- `SERVER_ROOT_CA_CERTIFICATE` \u2013 (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the root CA certificate (X.509 PEM) used for TLS encryption of your Apache Kafka brokers.", - "title": "Type", - "type": "string" - }, - "URI": { - "markdownDescription": "The value for your chosen configuration in `Type` . For example: `\"URI\": \"arn:aws:secretsmanager:us-east-1:01234567890:secret:MyBrokerSecretName\"` .", - "title": "URI", + "Action": { + "markdownDescription": "The action that you want to apply to the device certificate. The only supported value is `DEACTIVATE` .", + "title": "Action", "type": "string" } }, + "required": [ + "Action" + ], "type": "object" }, - "AWS::Lambda::Function": { + "AWS::IoT::Policy": { "additionalProperties": false, "properties": { "Condition": { @@ -142808,153 +147201,33 @@ "Properties": { "additionalProperties": false, "properties": { - "Architectures": { - "items": { - "type": "string" - }, - "markdownDescription": "The instruction set architecture that the function supports. Enter a string array with one of the valid values (arm64 or x86_64). The default value is `x86_64` .", - "title": "Architectures", - "type": "array" - }, - "Code": { - "$ref": "#/definitions/AWS::Lambda::Function.Code", - "markdownDescription": "The code for the function. You can define your function code in multiple ways:\n\n- For .zip deployment packages, you can specify the Amazon S3 location of the .zip file in the `S3Bucket` , `S3Key` , and `S3ObjectVersion` properties.\n- For .zip deployment packages, you can alternatively define the function code inline in the `ZipFile` property. This method works only for Node.js and Python functions.\n- For container images, specify the URI of your container image in the Amazon ECR registry in the `ImageUri` property.", - "title": "Code" - }, - "CodeSigningConfigArn": { - "markdownDescription": "To enable code signing for this function, specify the ARN of a code-signing configuration. A code-signing configuration\nincludes a set of signing profiles, which define the trusted publishers for this function.", - "title": "CodeSigningConfigArn", - "type": "string" - }, - "DeadLetterConfig": { - "$ref": "#/definitions/AWS::Lambda::Function.DeadLetterConfig", - "markdownDescription": "A dead-letter queue configuration that specifies the queue or topic where Lambda sends asynchronous events when they fail processing. For more information, see [Dead-letter queues](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-dlq) .", - "title": "DeadLetterConfig" - }, - "Description": { - "markdownDescription": "A description of the function.", - "title": "Description", - "type": "string" - }, - "Environment": { - "$ref": "#/definitions/AWS::Lambda::Function.Environment", - "markdownDescription": "Environment variables that are accessible from function code during execution.", - "title": "Environment" - }, - "EphemeralStorage": { - "$ref": "#/definitions/AWS::Lambda::Function.EphemeralStorage", - "markdownDescription": "The size of the function's `/tmp` directory in MB. The default value is 512, but it can be any whole number between 512 and 10,240 MB.", - "title": "EphemeralStorage" - }, - "FileSystemConfigs": { - "items": { - "$ref": "#/definitions/AWS::Lambda::Function.FileSystemConfig" - }, - "markdownDescription": "Connection settings for an Amazon EFS file system. To connect a function to a file system, a mount target must be available in every Availability Zone that your function connects to. If your template contains an [AWS::EFS::MountTarget](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-efs-mounttarget.html) resource, you must also specify a `DependsOn` attribute to ensure that the mount target is created or updated before the function.\n\nFor more information about using the `DependsOn` attribute, see [DependsOn Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) .", - "title": "FileSystemConfigs", - "type": "array" - }, - "FunctionName": { - "markdownDescription": "The name of the Lambda function, up to 64 characters in length. If you don't specify a name, AWS CloudFormation generates one.\n\nIf you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "FunctionName", - "type": "string" - }, - "Handler": { - "markdownDescription": "The name of the method within your code that Lambda calls to run your function. Handler is required if the deployment package is a .zip file archive. The format includes the file name. It can also include namespaces and other qualifiers, depending on the runtime. For more information, see [Lambda programming model](https://docs.aws.amazon.com/lambda/latest/dg/foundation-progmodel.html) .", - "title": "Handler", - "type": "string" - }, - "ImageConfig": { - "$ref": "#/definitions/AWS::Lambda::Function.ImageConfig", - "markdownDescription": "Configuration values that override the container image Dockerfile settings. For more information, see [Container image settings](https://docs.aws.amazon.com/lambda/latest/dg/images-create.html#images-parms) .", - "title": "ImageConfig" - }, - "KmsKeyArn": { - "markdownDescription": "The ARN of the AWS Key Management Service ( AWS KMS ) customer managed key that's used to encrypt the following resources:\n\n- The function's [environment variables](https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html#configuration-envvars-encryption) .\n- The function's [Lambda SnapStart](https://docs.aws.amazon.com/lambda/latest/dg/snapstart-security.html) snapshots.\n- When used with `SourceKMSKeyArn` , the unzipped version of the .zip deployment package that's used for function invocations. For more information, see [Specifying a customer managed key for Lambda](https://docs.aws.amazon.com/lambda/latest/dg/encrypt-zip-package.html#enable-zip-custom-encryption) .\n- The optimized version of the container image that's used for function invocations. Note that this is not the same key that's used to protect your container image in the Amazon Elastic Container Registry (Amazon ECR). For more information, see [Function lifecycle](https://docs.aws.amazon.com/lambda/latest/dg/images-create.html#images-lifecycle) .\n\nIf you don't provide a customer managed key, Lambda uses an [AWS owned key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-owned-cmk) or an [AWS managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk) .", - "title": "KmsKeyArn", - "type": "string" - }, - "Layers": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of [function layers](https://docs.aws.amazon.com/lambda/latest/dg/configuration-layers.html) to add to the function's execution environment. Specify each layer by its ARN, including the version.", - "title": "Layers", - "type": "array" - }, - "LoggingConfig": { - "$ref": "#/definitions/AWS::Lambda::Function.LoggingConfig", - "markdownDescription": "The function's Amazon CloudWatch Logs configuration settings.", - "title": "LoggingConfig" - }, - "MemorySize": { - "markdownDescription": "The amount of [memory available to the function](https://docs.aws.amazon.com/lambda/latest/dg/configuration-function-common.html#configuration-memory-console) at runtime. Increasing the function memory also increases its CPU allocation. The default value is 128 MB. The value can be any multiple of 1 MB. Note that new AWS accounts have reduced concurrency and memory quotas. AWS raises these quotas automatically based on your usage. You can also request a quota increase.", - "title": "MemorySize", - "type": "number" - }, - "PackageType": { - "markdownDescription": "The type of deployment package. Set to `Image` for container image and set `Zip` for .zip file archive.", - "title": "PackageType", - "type": "string" - }, - "ReservedConcurrentExecutions": { - "markdownDescription": "The number of simultaneous executions to reserve for the function.", - "title": "ReservedConcurrentExecutions", - "type": "number" - }, - "Role": { - "markdownDescription": "The Amazon Resource Name (ARN) of the function's execution role.", - "title": "Role", - "type": "string" + "PolicyDocument": { + "markdownDescription": "The JSON document that describes the policy.", + "title": "PolicyDocument", + "type": "object" }, - "Runtime": { - "markdownDescription": "The identifier of the function's [runtime](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html) . Runtime is required if the deployment package is a .zip file archive. Specifying a runtime results in an error if you're deploying a function using a container image.\n\nThe following list includes deprecated runtimes. Lambda blocks creating new functions and updating existing functions shortly after each runtime is deprecated. For more information, see [Runtime use after deprecation](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html#runtime-deprecation-levels) .\n\nFor a list of all currently supported runtimes, see [Supported runtimes](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html#runtimes-supported) .", - "title": "Runtime", + "PolicyName": { + "markdownDescription": "The policy name.", + "title": "PolicyName", "type": "string" }, - "RuntimeManagementConfig": { - "$ref": "#/definitions/AWS::Lambda::Function.RuntimeManagementConfig", - "markdownDescription": "Sets the runtime management configuration for a function's version. For more information, see [Runtime updates](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html) .", - "title": "RuntimeManagementConfig" - }, - "SnapStart": { - "$ref": "#/definitions/AWS::Lambda::Function.SnapStart", - "markdownDescription": "The function's [AWS Lambda SnapStart](https://docs.aws.amazon.com/lambda/latest/dg/snapstart.html) setting.", - "title": "SnapStart" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of [tags](https://docs.aws.amazon.com/lambda/latest/dg/tagging.html) to apply to the function.\n\n> You must have the `lambda:TagResource` , `lambda:UntagResource` , and `lambda:ListTags` permissions for your [IAM principal](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html) to manage the AWS CloudFormation stack. If you don't have these permissions, there might be unexpected behavior with stack-level tags propagating to the resource during resource creation and update.", + "markdownDescription": "", "title": "Tags", "type": "array" - }, - "Timeout": { - "markdownDescription": "The amount of time (in seconds) that Lambda allows a function to run before stopping it. The default is 3 seconds. The maximum allowed value is 900 seconds. For more information, see [Lambda execution environment](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-context.html) .", - "title": "Timeout", - "type": "number" - }, - "TracingConfig": { - "$ref": "#/definitions/AWS::Lambda::Function.TracingConfig", - "markdownDescription": "Set `Mode` to `Active` to sample and trace a subset of incoming requests with [X-Ray](https://docs.aws.amazon.com/lambda/latest/dg/services-xray.html) .", - "title": "TracingConfig" - }, - "VpcConfig": { - "$ref": "#/definitions/AWS::Lambda::Function.VpcConfig", - "markdownDescription": "For network connectivity to AWS resources in a VPC, specify a list of security groups and subnets in the VPC. When you connect a function to a VPC, it can access resources and the internet only through that VPC. For more information, see [Configuring a Lambda function to access resources in a VPC](https://docs.aws.amazon.com/lambda/latest/dg/configuration-vpc.html) .", - "title": "VpcConfig" } }, "required": [ - "Code", - "Role" + "PolicyDocument" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lambda::Function" + "AWS::IoT::Policy" ], "type": "string" }, @@ -142973,240 +147246,202 @@ ], "type": "object" }, - "AWS::Lambda::Function.Code": { + "AWS::IoT::PolicyPrincipalAttachment": { "additionalProperties": false, "properties": { - "ImageUri": { - "markdownDescription": "URI of a [container image](https://docs.aws.amazon.com/lambda/latest/dg/lambda-images.html) in the Amazon ECR registry.", - "title": "ImageUri", + "Condition": { "type": "string" }, - "S3Bucket": { - "markdownDescription": "An Amazon S3 bucket in the same AWS Region as your function. The bucket can be in a different AWS account .", - "title": "S3Bucket", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "S3Key": { - "markdownDescription": "The Amazon S3 key of the deployment package.", - "title": "S3Key", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "S3ObjectVersion": { - "markdownDescription": "For versioned objects, the version of the deployment package object to use.", - "title": "S3ObjectVersion", - "type": "string" + "Metadata": { + "type": "object" }, - "ZipFile": { - "markdownDescription": "(Node.js and Python) The source code of your Lambda function. If you include your function source inline with this parameter, AWS CloudFormation places it in a file named `index` and zips it to create a [deployment package](https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-package.html) . This zip file cannot exceed 4MB. For the `Handler` property, the first part of the handler identifier must be `index` . For example, `index.handler` .\n\n> When you specify source code inline for a Node.js function, the `index` file that AWS CloudFormation creates uses the extension `.js` . This means that Lambda treats the file as a CommonJS module. ES modules aren't supported for inline functions. \n\nFor JSON, you must escape quotes and special characters such as newline ( `\\n` ) with a backslash.\n\nIf you specify a function that interacts with an AWS CloudFormation custom resource, you don't have to write your own functions to send responses to the custom resource that invoked the function. AWS CloudFormation provides a response module ( [cfn-response](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cfn-lambda-function-code-cfnresponsemodule.html) ) that simplifies sending responses. See [Using AWS Lambda with AWS CloudFormation](https://docs.aws.amazon.com/lambda/latest/dg/services-cloudformation.html) for details.", - "title": "ZipFile", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Lambda::Function.DeadLetterConfig": { - "additionalProperties": false, - "properties": { - "TargetArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an Amazon SQS queue or Amazon SNS topic.", - "title": "TargetArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Lambda::Function.Environment": { - "additionalProperties": false, - "properties": { - "Variables": { - "additionalProperties": true, - "markdownDescription": "Environment variable key-value pairs. For more information, see [Using Lambda environment variables](https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html) .\n\nIf the value of the environment variable is a time or a duration, enclose the value in quotes.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { + "Properties": { + "additionalProperties": false, + "properties": { + "PolicyName": { + "markdownDescription": "The name of the AWS IoT policy.", + "title": "PolicyName", + "type": "string" + }, + "Principal": { + "markdownDescription": "The principal, which can be a certificate ARN (as returned from the `CreateCertificate` operation) or an Amazon Cognito ID.", + "title": "Principal", "type": "string" } }, - "title": "Variables", + "required": [ + "PolicyName", + "Principal" + ], "type": "object" + }, + "Type": { + "enum": [ + "AWS::IoT::PolicyPrincipalAttachment" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::Lambda::Function.EphemeralStorage": { + "AWS::IoT::ProvisioningTemplate": { "additionalProperties": false, "properties": { - "Size": { - "markdownDescription": "The size of the function's `/tmp` directory.", - "title": "Size", - "type": "number" - } - }, - "required": [ - "Size" - ], - "type": "object" - }, - "AWS::Lambda::Function.FileSystemConfig": { - "additionalProperties": false, - "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon EFS access point that provides access to the file system.", - "title": "Arn", + "Condition": { "type": "string" }, - "LocalMountPath": { - "markdownDescription": "The path where the function can access the file system, starting with `/mnt/` .", - "title": "LocalMountPath", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "required": [ - "Arn", - "LocalMountPath" - ], - "type": "object" - }, - "AWS::Lambda::Function.ImageConfig": { - "additionalProperties": false, - "properties": { - "Command": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies parameters that you want to pass in with ENTRYPOINT. You can specify a maximum of 1,500 parameters in the list.", - "title": "Command", - "type": "array" - }, - "EntryPoint": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the entry point to their application, which is typically the location of the runtime executable. You can specify a maximum of 1,500 string entries in the list.", - "title": "EntryPoint", - "type": "array" }, - "WorkingDirectory": { - "markdownDescription": "Specifies the working directory. The length of the directory string cannot exceed 1,000 characters.", - "title": "WorkingDirectory", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Lambda::Function.LoggingConfig": { - "additionalProperties": false, - "properties": { - "ApplicationLogLevel": { - "markdownDescription": "Set this property to filter the application logs for your function that Lambda sends to CloudWatch. Lambda only sends application logs at the selected level of detail and lower, where `TRACE` is the highest level and `FATAL` is the lowest.", - "title": "ApplicationLogLevel", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "LogFormat": { - "markdownDescription": "The format in which Lambda sends your function's application and system logs to CloudWatch. Select between plain text and structured JSON.", - "title": "LogFormat", - "type": "string" + "Metadata": { + "type": "object" }, - "LogGroup": { - "markdownDescription": "The name of the Amazon CloudWatch log group the function sends logs to. By default, Lambda functions send logs to a default log group named `/aws/lambda/` . To use a different log group, enter an existing log group or enter a new log group name.", - "title": "LogGroup", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the fleet provisioning template.", + "title": "Description", + "type": "string" + }, + "Enabled": { + "markdownDescription": "True to enable the fleet provisioning template, otherwise false.", + "title": "Enabled", + "type": "boolean" + }, + "PreProvisioningHook": { + "$ref": "#/definitions/AWS::IoT::ProvisioningTemplate.ProvisioningHook", + "markdownDescription": "Creates a pre-provisioning hook template.", + "title": "PreProvisioningHook" + }, + "ProvisioningRoleArn": { + "markdownDescription": "The role ARN for the role associated with the fleet provisioning template. This IoT role grants permission to provision a device.", + "title": "ProvisioningRoleArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata that can be used to manage the fleet provisioning template.", + "title": "Tags", + "type": "array" + }, + "TemplateBody": { + "markdownDescription": "The JSON formatted contents of the fleet provisioning template version.", + "title": "TemplateBody", + "type": "string" + }, + "TemplateName": { + "markdownDescription": "The name of the fleet provisioning template.", + "title": "TemplateName", + "type": "string" + }, + "TemplateType": { + "markdownDescription": "The type of the provisioning template.", + "title": "TemplateType", + "type": "string" + } + }, + "required": [ + "ProvisioningRoleArn", + "TemplateBody" + ], + "type": "object" }, - "SystemLogLevel": { - "markdownDescription": "Set this property to filter the system logs for your function that Lambda sends to CloudWatch. Lambda only sends system logs at the selected level of detail and lower, where `DEBUG` is the highest level and `WARN` is the lowest.", - "title": "SystemLogLevel", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Lambda::Function.RuntimeManagementConfig": { - "additionalProperties": false, - "properties": { - "RuntimeVersionArn": { - "markdownDescription": "The ARN of the runtime version you want the function to use.\n\n> This is only required if you're using the *Manual* runtime update mode.", - "title": "RuntimeVersionArn", + "Type": { + "enum": [ + "AWS::IoT::ProvisioningTemplate" + ], "type": "string" }, - "UpdateRuntimeOn": { - "markdownDescription": "Specify the runtime update mode.\n\n- *Auto (default)* - Automatically update to the most recent and secure runtime version using a [Two-phase runtime version rollout](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html#runtime-management-two-phase) . This is the best choice for most customers to ensure they always benefit from runtime updates.\n- *FunctionUpdate* - Lambda updates the runtime of you function to the most recent and secure runtime version when you update your function. This approach synchronizes runtime updates with function deployments, giving you control over when runtime updates are applied and allowing you to detect and mitigate rare runtime update incompatibilities early. When using this setting, you need to regularly update your functions to keep their runtime up-to-date.\n- *Manual* - You specify a runtime version in your function configuration. The function will use this runtime version indefinitely. In the rare case where a new runtime version is incompatible with an existing function, this allows you to roll back your function to an earlier runtime version. For more information, see [Roll back a runtime version](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html#runtime-management-rollback) .\n\n*Valid Values* : `Auto` | `FunctionUpdate` | `Manual`", - "title": "UpdateRuntimeOn", - "type": "string" - } - }, - "required": [ - "UpdateRuntimeOn" - ], - "type": "object" - }, - "AWS::Lambda::Function.SnapStart": { - "additionalProperties": false, - "properties": { - "ApplyOn": { - "markdownDescription": "Set `ApplyOn` to `PublishedVersions` to create a snapshot of the initialized execution environment when you publish a function version.", - "title": "ApplyOn", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ApplyOn" + "Type", + "Properties" ], "type": "object" }, - "AWS::Lambda::Function.SnapStartResponse": { + "AWS::IoT::ProvisioningTemplate.ProvisioningHook": { "additionalProperties": false, "properties": { - "ApplyOn": { - "markdownDescription": "When set to `PublishedVersions` , Lambda creates a snapshot of the execution environment when you publish a function version.", - "title": "ApplyOn", + "PayloadVersion": { + "markdownDescription": "The payload that was sent to the target function. The valid payload is `\"2020-04-01\"` .", + "title": "PayloadVersion", "type": "string" }, - "OptimizationStatus": { - "markdownDescription": "When you provide a [qualified Amazon Resource Name (ARN)](https://docs.aws.amazon.com/lambda/latest/dg/configuration-versions.html#versioning-versions-using) , this response element indicates whether SnapStart is activated for the specified function version.", - "title": "OptimizationStatus", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Lambda::Function.TracingConfig": { - "additionalProperties": false, - "properties": { - "Mode": { - "markdownDescription": "The tracing mode.", - "title": "Mode", + "TargetArn": { + "markdownDescription": "The ARN of the target function.", + "title": "TargetArn", "type": "string" } }, "type": "object" }, - "AWS::Lambda::Function.VpcConfig": { - "additionalProperties": false, - "properties": { - "Ipv6AllowedForDualStack": { - "markdownDescription": "Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.", - "title": "Ipv6AllowedForDualStack", - "type": "boolean" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of VPC security group IDs.", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of VPC subnet IDs.", - "title": "SubnetIds", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Lambda::LayerVersion": { + "AWS::IoT::ResourceSpecificLogging": { "additionalProperties": false, "properties": { "Condition": { @@ -143241,51 +147476,32 @@ "Properties": { "additionalProperties": false, "properties": { - "CompatibleArchitectures": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of compatible [instruction set architectures](https://docs.aws.amazon.com/lambda/latest/dg/foundation-arch.html) .", - "title": "CompatibleArchitectures", - "type": "array" - }, - "CompatibleRuntimes": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of compatible [function runtimes](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html) . Used for filtering with [ListLayers](https://docs.aws.amazon.com/lambda/latest/dg/API_ListLayers.html) and [ListLayerVersions](https://docs.aws.amazon.com/lambda/latest/dg/API_ListLayerVersions.html) .", - "title": "CompatibleRuntimes", - "type": "array" - }, - "Content": { - "$ref": "#/definitions/AWS::Lambda::LayerVersion.Content", - "markdownDescription": "The function layer archive.", - "title": "Content" - }, - "Description": { - "markdownDescription": "The description of the version.", - "title": "Description", + "LogLevel": { + "markdownDescription": "The default log level.Valid Values: `DEBUG | INFO | ERROR | WARN | DISABLED`", + "title": "LogLevel", "type": "string" }, - "LayerName": { - "markdownDescription": "The name or Amazon Resource Name (ARN) of the layer.", - "title": "LayerName", + "TargetName": { + "markdownDescription": "The target name.", + "title": "TargetName", "type": "string" }, - "LicenseInfo": { - "markdownDescription": "The layer's software license. It can be any of the following:\n\n- An [SPDX license identifier](https://docs.aws.amazon.com/https://spdx.org/licenses/) . For example, `MIT` .\n- The URL of a license hosted on the internet. For example, `https://opensource.org/licenses/MIT` .\n- The full text of the license.", - "title": "LicenseInfo", + "TargetType": { + "markdownDescription": "The target type. Valid Values: `DEFAULT | THING_GROUP`", + "title": "TargetType", "type": "string" } }, "required": [ - "Content" + "LogLevel", + "TargetName", + "TargetType" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lambda::LayerVersion" + "AWS::IoT::ResourceSpecificLogging" ], "type": "string" }, @@ -143304,32 +147520,7 @@ ], "type": "object" }, - "AWS::Lambda::LayerVersion.Content": { - "additionalProperties": false, - "properties": { - "S3Bucket": { - "markdownDescription": "The Amazon S3 bucket of the layer archive.", - "title": "S3Bucket", - "type": "string" - }, - "S3Key": { - "markdownDescription": "The Amazon S3 key of the layer archive.", - "title": "S3Key", - "type": "string" - }, - "S3ObjectVersion": { - "markdownDescription": "For versioned objects, the version of the layer archive object to use.", - "title": "S3ObjectVersion", - "type": "string" - } - }, - "required": [ - "S3Bucket", - "S3Key" - ], - "type": "object" - }, - "AWS::Lambda::LayerVersionPermission": { + "AWS::IoT::RoleAlias": { "additionalProperties": false, "properties": { "Condition": { @@ -143364,37 +147555,38 @@ "Properties": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The API action that grants access to the layer. For example, `lambda:GetLayerVersion` .", - "title": "Action", - "type": "string" + "CredentialDurationSeconds": { + "markdownDescription": "The number of seconds for which the credential is valid.", + "title": "CredentialDurationSeconds", + "type": "number" }, - "LayerVersionArn": { - "markdownDescription": "The name or Amazon Resource Name (ARN) of the layer.", - "title": "LayerVersionArn", + "RoleAlias": { + "markdownDescription": "The role alias.", + "title": "RoleAlias", "type": "string" }, - "OrganizationId": { - "markdownDescription": "With the principal set to `*` , grant permission to all accounts in the specified organization.", - "title": "OrganizationId", + "RoleArn": { + "markdownDescription": "The role ARN.", + "title": "RoleArn", "type": "string" }, - "Principal": { - "markdownDescription": "An account ID, or `*` to grant layer usage permission to all accounts in an organization, or all AWS accounts (if `organizationId` is not specified). For the last case, make sure that you really do want all AWS accounts to have usage permission to this layer.", - "title": "Principal", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, "required": [ - "Action", - "LayerVersionArn", - "Principal" + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lambda::LayerVersionPermission" + "AWS::IoT::RoleAlias" ], "type": "string" }, @@ -143413,7 +147605,7 @@ ], "type": "object" }, - "AWS::Lambda::Permission": { + "AWS::IoT::ScheduledAudit": { "additionalProperties": false, "properties": { "Condition": { @@ -143448,57 +147640,52 @@ "Properties": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The action that the principal can use on the function. For example, `lambda:InvokeFunction` or `lambda:GetFunction` .", - "title": "Action", - "type": "string" - }, - "EventSourceToken": { - "markdownDescription": "For Alexa Smart Home functions, a token that the invoker must supply.", - "title": "EventSourceToken", - "type": "string" - }, - "FunctionName": { - "markdownDescription": "The name or ARN of the Lambda function, version, or alias.\n\n**Name formats** - *Function name* \u2013 `my-function` (name-only), `my-function:v1` (with alias).\n- *Function ARN* \u2013 `arn:aws:lambda:us-west-2:123456789012:function:my-function` .\n- *Partial ARN* \u2013 `123456789012:function:my-function` .\n\nYou can append a version number or alias to any of the formats. The length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length.", - "title": "FunctionName", + "DayOfMonth": { + "markdownDescription": "The day of the month on which the scheduled audit is run (if the `frequency` is \"MONTHLY\"). If days 29-31 are specified, and the month does not have that many days, the audit takes place on the \"LAST\" day of the month.", + "title": "DayOfMonth", "type": "string" }, - "FunctionUrlAuthType": { - "markdownDescription": "The type of authentication that your function URL uses. Set to `AWS_IAM` if you want to restrict access to authenticated users only. Set to `NONE` if you want to bypass IAM authentication to create a public endpoint. For more information, see [Security and auth model for Lambda function URLs](https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html) .", - "title": "FunctionUrlAuthType", + "DayOfWeek": { + "markdownDescription": "The day of the week on which the scheduled audit is run (if the `frequency` is \"WEEKLY\" or \"BIWEEKLY\").", + "title": "DayOfWeek", "type": "string" }, - "Principal": { - "markdownDescription": "The AWS service , AWS account , IAM user, or IAM role that invokes the function. If you specify a service, use `SourceArn` or `SourceAccount` to limit who can invoke the function through that service.", - "title": "Principal", + "Frequency": { + "markdownDescription": "How often the scheduled audit occurs.", + "title": "Frequency", "type": "string" }, - "PrincipalOrgID": { - "markdownDescription": "The identifier for your organization in AWS Organizations . Use this to grant permissions to all the AWS accounts under this organization.", - "title": "PrincipalOrgID", + "ScheduledAuditName": { + "markdownDescription": "The name of the scheduled audit.", + "title": "ScheduledAuditName", "type": "string" }, - "SourceAccount": { - "markdownDescription": "For AWS service , the ID of the AWS account that owns the resource. Use this together with `SourceArn` to ensure that the specified account owns the resource. It is possible for an Amazon S3 bucket to be deleted by its owner and recreated by another account.", - "title": "SourceAccount", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata that can be used to manage the scheduled audit.", + "title": "Tags", + "type": "array" }, - "SourceArn": { - "markdownDescription": "For AWS services , the ARN of the AWS resource that invokes the function. For example, an Amazon S3 bucket or Amazon SNS topic.\n\nNote that Lambda configures the comparison using the `StringLike` operator.", - "title": "SourceArn", - "type": "string" + "TargetCheckNames": { + "items": { + "type": "string" + }, + "markdownDescription": "Which checks are performed during the scheduled audit. Checks must be enabled for your account. (Use `DescribeAccountAuditConfiguration` to see the list of all checks, including those that are enabled or use `UpdateAccountAuditConfiguration` to select which checks are enabled.)\n\nThe following checks are currently available:\n\n- `AUTHENTICATED_COGNITO_ROLE_OVERLY_PERMISSIVE_CHECK`\n- `CA_CERTIFICATE_EXPIRING_CHECK`\n- `CA_CERTIFICATE_KEY_QUALITY_CHECK`\n- `CONFLICTING_CLIENT_IDS_CHECK`\n- `DEVICE_CERTIFICATE_EXPIRING_CHECK`\n- `DEVICE_CERTIFICATE_KEY_QUALITY_CHECK`\n- `DEVICE_CERTIFICATE_SHARED_CHECK`\n- `IOT_POLICY_OVERLY_PERMISSIVE_CHECK`\n- `IOT_ROLE_ALIAS_ALLOWS_ACCESS_TO_UNUSED_SERVICES_CHECK`\n- `IOT_ROLE_ALIAS_OVERLY_PERMISSIVE_CHECK`\n- `LOGGING_DISABLED_CHECK`\n- `REVOKED_CA_CERTIFICATE_STILL_ACTIVE_CHECK`\n- `REVOKED_DEVICE_CERTIFICATE_STILL_ACTIVE_CHECK`\n- `UNAUTHENTICATED_COGNITO_ROLE_OVERLY_PERMISSIVE_CHECK`", + "title": "TargetCheckNames", + "type": "array" } }, "required": [ - "Action", - "FunctionName", - "Principal" + "Frequency", + "TargetCheckNames" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lambda::Permission" + "AWS::IoT::ScheduledAudit" ], "type": "string" }, @@ -143517,7 +147704,7 @@ ], "type": "object" }, - "AWS::Lambda::Url": { + "AWS::IoT::SecurityProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -143552,41 +147739,70 @@ "Properties": { "additionalProperties": false, "properties": { - "AuthType": { - "markdownDescription": "The type of authentication that your function URL uses. Set to `AWS_IAM` if you want to restrict access to authenticated users only. Set to `NONE` if you want to bypass IAM authentication to create a public endpoint. For more information, see [Security and auth model for Lambda function URLs](https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html) .", - "title": "AuthType", - "type": "string" + "AdditionalMetricsToRetainV2": { + "items": { + "$ref": "#/definitions/AWS::IoT::SecurityProfile.MetricToRetain" + }, + "markdownDescription": "A list of metrics whose data is retained (stored). By default, data is retained for any metric used in the profile's `behaviors` , but it's also retained for any metric specified here. Can be used with custom metrics; can't be used with dimensions.", + "title": "AdditionalMetricsToRetainV2", + "type": "array" }, - "Cors": { - "$ref": "#/definitions/AWS::Lambda::Url.Cors", - "markdownDescription": "The [Cross-Origin Resource Sharing (CORS)](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) settings for your function URL.", - "title": "Cors" + "AlertTargets": { + "additionalProperties": false, + "markdownDescription": "Specifies the destinations to which alerts are sent. (Alerts are always sent to the console.) Alerts are generated when a device (thing) violates a behavior.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoT::SecurityProfile.AlertTarget" + } + }, + "title": "AlertTargets", + "type": "object" }, - "InvokeMode": { - "markdownDescription": "Use one of the following options:\n\n- `BUFFERED` \u2013 This is the default option. Lambda invokes your function using the `Invoke` API operation. Invocation results are available when the payload is complete. The maximum payload size is 6 MB.\n- `RESPONSE_STREAM` \u2013 Your function streams payload results as they become available. Lambda invokes your function using the `InvokeWithResponseStream` API operation. The maximum response payload size is 20 MB, however, you can [request a quota increase](https://docs.aws.amazon.com/servicequotas/latest/userguide/request-quota-increase.html) .", - "title": "InvokeMode", - "type": "string" + "Behaviors": { + "items": { + "$ref": "#/definitions/AWS::IoT::SecurityProfile.Behavior" + }, + "markdownDescription": "Specifies the behaviors that, when violated by a device (thing), cause an alert.", + "title": "Behaviors", + "type": "array" }, - "Qualifier": { - "markdownDescription": "The alias name.", - "title": "Qualifier", + "MetricsExportConfig": { + "$ref": "#/definitions/AWS::IoT::SecurityProfile.MetricsExportConfig", + "markdownDescription": "Specifies the MQTT topic and role ARN required for metric export.", + "title": "MetricsExportConfig" + }, + "SecurityProfileDescription": { + "markdownDescription": "A description of the security profile.", + "title": "SecurityProfileDescription", "type": "string" }, - "TargetFunctionArn": { - "markdownDescription": "The name of the Lambda function.\n\n**Name formats** - *Function name* - `my-function` .\n- *Function ARN* - `lambda: : :function:my-function` .\n- *Partial ARN* - `:function:my-function` .\n\nThe length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length.", - "title": "TargetFunctionArn", + "SecurityProfileName": { + "markdownDescription": "The name you gave to the security profile.", + "title": "SecurityProfileName", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata that can be used to manage the security profile.", + "title": "Tags", + "type": "array" + }, + "TargetArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The ARN of the target (thing group) to which the security profile is attached.", + "title": "TargetArns", + "type": "array" } }, - "required": [ - "AuthType", - "TargetFunctionArn" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Lambda::Url" + "AWS::IoT::SecurityProfile" ], "type": "string" }, @@ -143600,60 +147816,244 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Lambda::Url.Cors": { + "AWS::IoT::SecurityProfile.AlertTarget": { "additionalProperties": false, "properties": { - "AllowCredentials": { - "markdownDescription": "Whether you want to allow cookies or other credentials in requests to your function URL. The default is `false` .", - "title": "AllowCredentials", + "AlertTargetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the notification target to which alerts are sent.", + "title": "AlertTargetArn", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the role that grants permission to send alerts to the notification target.", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "AlertTargetArn", + "RoleArn" + ], + "type": "object" + }, + "AWS::IoT::SecurityProfile.Behavior": { + "additionalProperties": false, + "properties": { + "Criteria": { + "$ref": "#/definitions/AWS::IoT::SecurityProfile.BehaviorCriteria", + "markdownDescription": "The criteria that determine if a device is behaving normally in regard to the `metric` .\n\n> In the AWS IoT console, you can choose to be sent an alert through Amazon SNS when AWS IoT Device Defender detects that a device is behaving anomalously.", + "title": "Criteria" + }, + "ExportMetric": { + "markdownDescription": "Value indicates exporting metrics related to the behavior when it is true.", + "title": "ExportMetric", "type": "boolean" }, - "AllowHeaders": { + "Metric": { + "markdownDescription": "What is measured by the behavior.", + "title": "Metric", + "type": "string" + }, + "MetricDimension": { + "$ref": "#/definitions/AWS::IoT::SecurityProfile.MetricDimension", + "markdownDescription": "The dimension of the metric.", + "title": "MetricDimension" + }, + "Name": { + "markdownDescription": "The name you've given to the behavior.", + "title": "Name", + "type": "string" + }, + "SuppressAlerts": { + "markdownDescription": "The alert status. If you set the value to `true` , alerts will be suppressed.", + "title": "SuppressAlerts", + "type": "boolean" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::IoT::SecurityProfile.BehaviorCriteria": { + "additionalProperties": false, + "properties": { + "ComparisonOperator": { + "markdownDescription": "The operator that relates the thing measured ( `metric` ) to the criteria (containing a `value` or `statisticalThreshold` ). Valid operators include:\n\n- `string-list` : `in-set` and `not-in-set`\n- `number-list` : `in-set` and `not-in-set`\n- `ip-address-list` : `in-cidr-set` and `not-in-cidr-set`\n- `number` : `less-than` , `less-than-equals` , `greater-than` , and `greater-than-equals`", + "title": "ComparisonOperator", + "type": "string" + }, + "ConsecutiveDatapointsToAlarm": { + "markdownDescription": "If a device is in violation of the behavior for the specified number of consecutive datapoints, an alarm occurs. If not specified, the default is 1.", + "title": "ConsecutiveDatapointsToAlarm", + "type": "number" + }, + "ConsecutiveDatapointsToClear": { + "markdownDescription": "If an alarm has occurred and the offending device is no longer in violation of the behavior for the specified number of consecutive datapoints, the alarm is cleared. If not specified, the default is 1.", + "title": "ConsecutiveDatapointsToClear", + "type": "number" + }, + "DurationSeconds": { + "markdownDescription": "Use this to specify the time duration over which the behavior is evaluated, for those criteria that have a time dimension (for example, `NUM_MESSAGES_SENT` ). For a `statisticalThreshhold` metric comparison, measurements from all devices are accumulated over this time duration before being used to calculate percentiles, and later, measurements from an individual device are also accumulated over this time duration before being given a percentile rank. Cannot be used with list-based metric datatypes.", + "title": "DurationSeconds", + "type": "number" + }, + "MlDetectionConfig": { + "$ref": "#/definitions/AWS::IoT::SecurityProfile.MachineLearningDetectionConfig", + "markdownDescription": "The confidence level of the detection model.", + "title": "MlDetectionConfig" + }, + "StatisticalThreshold": { + "$ref": "#/definitions/AWS::IoT::SecurityProfile.StatisticalThreshold", + "markdownDescription": "A statistical ranking (percentile)that indicates a threshold value by which a behavior is determined to be in compliance or in violation of the behavior.", + "title": "StatisticalThreshold" + }, + "Value": { + "$ref": "#/definitions/AWS::IoT::SecurityProfile.MetricValue", + "markdownDescription": "The value to be compared with the `metric` .", + "title": "Value" + } + }, + "type": "object" + }, + "AWS::IoT::SecurityProfile.MachineLearningDetectionConfig": { + "additionalProperties": false, + "properties": { + "ConfidenceLevel": { + "markdownDescription": "The model confidence level.\n\nThere are three levels of confidence, `\"high\"` , `\"medium\"` , and `\"low\"` .\n\nThe higher the confidence level, the lower the sensitivity, and the lower the alarm frequency will be.", + "title": "ConfidenceLevel", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoT::SecurityProfile.MetricDimension": { + "additionalProperties": false, + "properties": { + "DimensionName": { + "markdownDescription": "The name of the dimension.", + "title": "DimensionName", + "type": "string" + }, + "Operator": { + "markdownDescription": "Operators are constructs that perform logical operations. Valid values are `IN` and `NOT_IN` .", + "title": "Operator", + "type": "string" + } + }, + "required": [ + "DimensionName" + ], + "type": "object" + }, + "AWS::IoT::SecurityProfile.MetricToRetain": { + "additionalProperties": false, + "properties": { + "ExportMetric": { + "markdownDescription": "The value indicates exporting metrics related to the `MetricToRetain` when it's true.", + "title": "ExportMetric", + "type": "boolean" + }, + "Metric": { + "markdownDescription": "A standard of measurement.", + "title": "Metric", + "type": "string" + }, + "MetricDimension": { + "$ref": "#/definitions/AWS::IoT::SecurityProfile.MetricDimension", + "markdownDescription": "The dimension of the metric.", + "title": "MetricDimension" + } + }, + "required": [ + "Metric" + ], + "type": "object" + }, + "AWS::IoT::SecurityProfile.MetricValue": { + "additionalProperties": false, + "properties": { + "Cidrs": { "items": { "type": "string" }, - "markdownDescription": "The HTTP headers that origins can include in requests to your function URL. For example: `Date` , `Keep-Alive` , `X-Custom-Header` .", - "title": "AllowHeaders", + "markdownDescription": "If the `comparisonOperator` calls for a set of CIDRs, use this to specify that set to be compared with the `metric` .", + "title": "Cidrs", "type": "array" }, - "AllowMethods": { + "Count": { + "markdownDescription": "If the `comparisonOperator` calls for a numeric value, use this to specify that numeric value to be compared with the `metric` .", + "title": "Count", + "type": "string" + }, + "Number": { + "markdownDescription": "The numeric values of a metric.", + "title": "Number", + "type": "number" + }, + "Numbers": { "items": { - "type": "string" + "type": "number" }, - "markdownDescription": "The HTTP methods that are allowed when calling your function URL. For example: `GET` , `POST` , `DELETE` , or the wildcard character ( `*` ).", - "title": "AllowMethods", + "markdownDescription": "The numeric value of a metric.", + "title": "Numbers", "type": "array" }, - "AllowOrigins": { + "Ports": { "items": { - "type": "string" + "type": "number" }, - "markdownDescription": "The origins that can access your function URL. You can list any number of specific origins, separated by a comma. For example: `https://www.example.com` , `http://localhost:60905` .\n\nAlternatively, you can grant access to all origins with the wildcard character ( `*` ).", - "title": "AllowOrigins", + "markdownDescription": "If the `comparisonOperator` calls for a set of ports, use this to specify that set to be compared with the `metric` .", + "title": "Ports", "type": "array" }, - "ExposeHeaders": { + "Strings": { "items": { "type": "string" }, - "markdownDescription": "The HTTP headers in your function response that you want to expose to origins that call your function URL. For example: `Date` , `Keep-Alive` , `X-Custom-Header` .", - "title": "ExposeHeaders", + "markdownDescription": "The string values of a metric.", + "title": "Strings", "type": "array" + } + }, + "type": "object" + }, + "AWS::IoT::SecurityProfile.MetricsExportConfig": { + "additionalProperties": false, + "properties": { + "MqttTopic": { + "markdownDescription": "The MQTT topic that Device Defender Detect should publish messages to for metrics export.", + "title": "MqttTopic", + "type": "string" }, - "MaxAge": { - "markdownDescription": "The maximum amount of time, in seconds, that browsers can cache results of a preflight request. By default, this is set to `0` , which means the browser will not cache results.", - "title": "MaxAge", - "type": "number" + "RoleArn": { + "markdownDescription": "This role ARN has permission to publish MQTT messages, after which Device Defender Detect can assume the role and publish messages on your behalf.", + "title": "RoleArn", + "type": "string" } }, + "required": [ + "MqttTopic", + "RoleArn" + ], "type": "object" }, - "AWS::Lambda::Version": { + "AWS::IoT::SecurityProfile.StatisticalThreshold": { + "additionalProperties": false, + "properties": { + "Statistic": { + "markdownDescription": "The percentile that resolves to a threshold value by which compliance with a behavior is determined. Metrics are collected over the specified period ( `durationSeconds` ) from all reporting devices in your account and statistical ranks are calculated. Then, the measurements from a device are collected over the same period. If the accumulated measurements from the device fall above or below ( `comparisonOperator` ) the value associated with the percentile specified, then the device is considered to be in compliance with the behavior, otherwise a violation occurs.", + "title": "Statistic", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoT::SoftwarePackage": { "additionalProperties": false, "properties": { "Condition": { @@ -143688,40 +148088,30 @@ "Properties": { "additionalProperties": false, "properties": { - "CodeSha256": { - "markdownDescription": "Only publish a version if the hash value matches the value that's specified. Use this option to avoid publishing a version if the function code has changed since you last updated it. Updates are not supported for this property.", - "title": "CodeSha256", - "type": "string" - }, "Description": { - "markdownDescription": "A description for the version to override the description in the function configuration. Updates are not supported for this property.", + "markdownDescription": "A summary of the package being created. This can be used to outline the package's contents or purpose.", "title": "Description", "type": "string" }, - "FunctionName": { - "markdownDescription": "The name or ARN of the Lambda function.\n\n**Name formats** - *Function name* - `MyFunction` .\n- *Function ARN* - `arn:aws:lambda:us-west-2:123456789012:function:MyFunction` .\n- *Partial ARN* - `123456789012:function:MyFunction` .\n\nThe length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length.", - "title": "FunctionName", + "PackageName": { + "markdownDescription": "The name of the new software package.", + "title": "PackageName", "type": "string" }, - "ProvisionedConcurrencyConfig": { - "$ref": "#/definitions/AWS::Lambda::Version.ProvisionedConcurrencyConfiguration", - "markdownDescription": "Specifies a provisioned concurrency configuration for a function's version. Updates are not supported for this property.", - "title": "ProvisionedConcurrencyConfig" - }, - "RuntimePolicy": { - "$ref": "#/definitions/AWS::Lambda::Version.RuntimePolicy", - "markdownDescription": "", - "title": "RuntimePolicy" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata that can be used to manage the package.", + "title": "Tags", + "type": "array" } }, - "required": [ - "FunctionName" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Lambda::Version" + "AWS::IoT::SoftwarePackage" ], "type": "string" }, @@ -143735,45 +148125,11 @@ } }, "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::Lambda::Version.ProvisionedConcurrencyConfiguration": { - "additionalProperties": false, - "properties": { - "ProvisionedConcurrentExecutions": { - "markdownDescription": "The amount of provisioned concurrency to allocate for the version.", - "title": "ProvisionedConcurrentExecutions", - "type": "number" - } - }, - "required": [ - "ProvisionedConcurrentExecutions" - ], - "type": "object" - }, - "AWS::Lambda::Version.RuntimePolicy": { - "additionalProperties": false, - "properties": { - "RuntimeVersionArn": { - "markdownDescription": "The ARN of the runtime version you want the function to use.\n\n> This is only required if you're using the *Manual* runtime update mode.", - "title": "RuntimeVersionArn", - "type": "string" - }, - "UpdateRuntimeOn": { - "markdownDescription": "Specify the runtime update mode.\n\n- *Auto (default)* - Automatically update to the most recent and secure runtime version using a [Two-phase runtime version rollout](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html#runtime-management-two-phase) . This is the best choice for most customers to ensure they always benefit from runtime updates.\n- *FunctionUpdate* - Lambda updates the runtime of you function to the most recent and secure runtime version when you update your function. This approach synchronizes runtime updates with function deployments, giving you control over when runtime updates are applied and allowing you to detect and mitigate rare runtime update incompatibilities early. When using this setting, you need to regularly update your functions to keep their runtime up-to-date.\n- *Manual* - You specify a runtime version in your function configuration. The function will use this runtime version indefinitely. In the rare case where a new runtime version is incompatible with an existing function, this allows you to roll back your function to an earlier runtime version. For more information, see [Roll back a runtime version](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html#runtime-management-rollback) .\n\n*Valid Values* : `Auto` | `FunctionUpdate` | `Manual`", - "title": "UpdateRuntimeOn", - "type": "string" - } - }, - "required": [ - "UpdateRuntimeOn" + "Type" ], "type": "object" }, - "AWS::Lex::Bot": { + "AWS::IoT::SoftwarePackageVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -143808,82 +148164,64 @@ "Properties": { "additionalProperties": false, "properties": { - "AutoBuildBotLocales": { - "markdownDescription": "Indicates whether Amazon Lex V2 should automatically build the locales for the bot after a change.", - "title": "AutoBuildBotLocales", - "type": "boolean" - }, - "BotFileS3Location": { - "$ref": "#/definitions/AWS::Lex::Bot.S3Location", - "markdownDescription": "The Amazon S3 location of files used to import a bot. The files must be in the import format specified in [JSON format for importing and exporting](https://docs.aws.amazon.com/lexv2/latest/dg/import-export-format.html) in the *Amazon Lex developer guide.*", - "title": "BotFileS3Location" - }, - "BotLocales": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.BotLocale" - }, - "markdownDescription": "A list of locales for the bot.", - "title": "BotLocales", - "type": "array" + "Artifact": { + "$ref": "#/definitions/AWS::IoT::SoftwarePackageVersion.PackageVersionArtifact", + "markdownDescription": "", + "title": "Artifact" }, - "BotTags": { - "items": { - "$ref": "#/definitions/Tag" + "Attributes": { + "additionalProperties": true, + "markdownDescription": "Metadata that can be used to define a package version\u2019s configuration. For example, the S3 file location, configuration options that are being sent to the device or fleet.\n\nThe combined size of all the attributes on a package version is limited to 3KB.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "A list of tags to add to the bot. You can only add tags when you import a bot. You can't use the `UpdateBot` operation to update tags. To update tags, use the `TagResource` operation.", - "title": "BotTags", - "type": "array" - }, - "DataPrivacy": { - "$ref": "#/definitions/AWS::Lex::Bot.DataPrivacy", - "markdownDescription": "By default, data stored by Amazon Lex is encrypted. The `DataPrivacy` structure provides settings that determine how Amazon Lex handles special cases of securing the data for your bot.", - "title": "DataPrivacy" + "title": "Attributes", + "type": "object" }, "Description": { - "markdownDescription": "The description of the version.", + "markdownDescription": "A summary of the package version being created. This can be used to outline the package's contents or purpose.", "title": "Description", "type": "string" }, - "IdleSessionTTLInSeconds": { - "markdownDescription": "The time, in seconds, that Amazon Lex should keep information about a user's conversation with the bot.\n\nA user interaction remains active for the amount of time specified. If no conversation occurs during this time, the session expires and Amazon Lex deletes any data provided before the timeout.\n\nYou can specify between 60 (1 minute) and 86,400 (24 hours) seconds.", - "title": "IdleSessionTTLInSeconds", - "type": "number" - }, - "Name": { - "markdownDescription": "The name of the bot locale.", - "title": "Name", + "PackageName": { + "markdownDescription": "The name of the associated software package.", + "title": "PackageName", "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role used to build and run the bot.", - "title": "RoleArn", + "Recipe": { + "markdownDescription": "", + "title": "Recipe", "type": "string" }, - "TestBotAliasSettings": { - "$ref": "#/definitions/AWS::Lex::Bot.TestBotAliasSettings", - "markdownDescription": "Specifies configuration settings for the alias used to test the bot. If the `TestBotAliasSettings` property is not specified, the settings are configured with default values.", - "title": "TestBotAliasSettings" + "Sbom": { + "$ref": "#/definitions/AWS::IoT::SoftwarePackageVersion.Sbom", + "markdownDescription": "", + "title": "Sbom" }, - "TestBotAliasTags": { + "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tags to add to the test alias for a bot. You can only add tags when you import a bot. You can't use the `UpdateAlias` operation to update tags. To update tags on the test alias, use the `TagResource` operation.", - "title": "TestBotAliasTags", + "markdownDescription": "Metadata that can be used to manage the package version.", + "title": "Tags", "type": "array" + }, + "VersionName": { + "markdownDescription": "The name of the new package version.", + "title": "VersionName", + "type": "string" } }, "required": [ - "DataPrivacy", - "IdleSessionTTLInSeconds", - "Name", - "RoleArn" + "PackageName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lex::Bot" + "AWS::IoT::SoftwarePackageVersion" ], "type": "string" }, @@ -143902,2003 +148240,1989 @@ ], "type": "object" }, - "AWS::Lex::Bot.AdvancedRecognitionSetting": { - "additionalProperties": false, - "properties": { - "AudioRecognitionStrategy": { - "markdownDescription": "Enables using the slot values as a custom vocabulary for recognizing user utterances.", - "title": "AudioRecognitionStrategy", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Lex::Bot.AllowedInputTypes": { + "AWS::IoT::SoftwarePackageVersion.PackageVersionArtifact": { "additionalProperties": false, "properties": { - "AllowAudioInput": { - "markdownDescription": "Indicates whether audio input is allowed.", - "title": "AllowAudioInput", - "type": "boolean" - }, - "AllowDTMFInput": { - "markdownDescription": "Indicates whether DTMF input is allowed.", - "title": "AllowDTMFInput", - "type": "boolean" + "S3Location": { + "$ref": "#/definitions/AWS::IoT::SoftwarePackageVersion.S3Location", + "markdownDescription": "", + "title": "S3Location" } }, "required": [ - "AllowAudioInput", - "AllowDTMFInput" + "S3Location" ], "type": "object" }, - "AWS::Lex::Bot.AudioAndDTMFInputSpecification": { + "AWS::IoT::SoftwarePackageVersion.S3Location": { "additionalProperties": false, "properties": { - "AudioSpecification": { - "$ref": "#/definitions/AWS::Lex::Bot.AudioSpecification", - "markdownDescription": "Specifies the settings on audio input.", - "title": "AudioSpecification" + "Bucket": { + "markdownDescription": "", + "title": "Bucket", + "type": "string" }, - "DTMFSpecification": { - "$ref": "#/definitions/AWS::Lex::Bot.DTMFSpecification", - "markdownDescription": "Specifies the settings on DTMF input.", - "title": "DTMFSpecification" + "Key": { + "markdownDescription": "", + "title": "Key", + "type": "string" }, - "StartTimeoutMs": { - "markdownDescription": "Time for which a bot waits before assuming that the customer isn't going to speak or press a key. This timeout is shared between Audio and DTMF inputs.", - "title": "StartTimeoutMs", - "type": "number" + "Version": { + "markdownDescription": "", + "title": "Version", + "type": "string" } }, "required": [ - "StartTimeoutMs" + "Bucket", + "Key", + "Version" ], "type": "object" }, - "AWS::Lex::Bot.AudioLogDestination": { + "AWS::IoT::SoftwarePackageVersion.Sbom": { "additionalProperties": false, "properties": { - "S3Bucket": { - "$ref": "#/definitions/AWS::Lex::Bot.S3BucketLogDestination", - "markdownDescription": "Specifies the Amazon S3 bucket where the audio files are stored.", - "title": "S3Bucket" + "S3Location": { + "$ref": "#/definitions/AWS::IoT::SoftwarePackageVersion.S3Location", + "markdownDescription": "", + "title": "S3Location" } }, "required": [ - "S3Bucket" + "S3Location" ], "type": "object" }, - "AWS::Lex::Bot.AudioLogSetting": { + "AWS::IoT::Thing": { "additionalProperties": false, "properties": { - "Destination": { - "$ref": "#/definitions/AWS::Lex::Bot.AudioLogDestination", - "markdownDescription": "Specifies the location of the audio log files collected when conversation logging is enabled for a bot.", - "title": "Destination" + "Condition": { + "type": "string" }, - "Enabled": { - "markdownDescription": "Determines whether audio logging in enabled for the bot.", - "title": "Enabled", - "type": "boolean" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AttributePayload": { + "$ref": "#/definitions/AWS::IoT::Thing.AttributePayload", + "markdownDescription": "A string that contains up to three key value pairs. Maximum length of 800. Duplicates not allowed.", + "title": "AttributePayload" + }, + "ThingName": { + "markdownDescription": "The name of the thing to update.\n\nYou can't change a thing's name. To change a thing's name, you must create a new thing, give it the new name, and then delete the old thing.", + "title": "ThingName", + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IoT::Thing" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Destination", - "Enabled" + "Type" ], "type": "object" }, - "AWS::Lex::Bot.AudioSpecification": { + "AWS::IoT::Thing.AttributePayload": { "additionalProperties": false, "properties": { - "EndTimeoutMs": { - "markdownDescription": "Time for which a bot waits after the customer stops speaking to assume the utterance is finished.", - "title": "EndTimeoutMs", - "type": "number" - }, - "MaxLengthMs": { - "markdownDescription": "Time for how long Amazon Lex waits before speech input is truncated and the speech is returned to application.", - "title": "MaxLengthMs", - "type": "number" - } - }, - "required": [ - "EndTimeoutMs", - "MaxLengthMs" - ], + "Attributes": { + "additionalProperties": true, + "markdownDescription": "A JSON string containing up to three key-value pair in JSON format. For example:\n\n`{\\\"attributes\\\":{\\\"string1\\\":\\\"string2\\\"}}`", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Attributes", + "type": "object" + } + }, "type": "object" }, - "AWS::Lex::Bot.BotAliasLocaleSettings": { + "AWS::IoT::ThingGroup": { "additionalProperties": false, "properties": { - "CodeHookSpecification": { - "$ref": "#/definitions/AWS::Lex::Bot.CodeHookSpecification", - "markdownDescription": "Specifies the Lambda function that should be used in the locale.", - "title": "CodeHookSpecification" + "Condition": { + "type": "string" }, - "Enabled": { - "markdownDescription": "Determines whether the locale is enabled for the bot. If the value is `false` , the locale isn't available for use.", - "title": "Enabled", - "type": "boolean" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ParentGroupName": { + "markdownDescription": "The parent thing group name.\n\nA Dynamic Thing Group does not have `parentGroupName` defined.", + "title": "ParentGroupName", + "type": "string" + }, + "QueryString": { + "markdownDescription": "The dynamic thing group search query string.\n\nThe `queryString` attribute *is* required for `CreateDynamicThingGroup` . The `queryString` attribute *is not* required for `CreateThingGroup` .", + "title": "QueryString", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata which can be used to manage the thing group or dynamic thing group.", + "title": "Tags", + "type": "array" + }, + "ThingGroupName": { + "markdownDescription": "The thing group name.", + "title": "ThingGroupName", + "type": "string" + }, + "ThingGroupProperties": { + "$ref": "#/definitions/AWS::IoT::ThingGroup.ThingGroupProperties", + "markdownDescription": "Thing group properties.", + "title": "ThingGroupProperties" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IoT::ThingGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Enabled" + "Type" ], "type": "object" }, - "AWS::Lex::Bot.BotAliasLocaleSettingsItem": { + "AWS::IoT::ThingGroup.AttributePayload": { "additionalProperties": false, "properties": { - "BotAliasLocaleSetting": { - "$ref": "#/definitions/AWS::Lex::Bot.BotAliasLocaleSettings", - "markdownDescription": "Specifies locale settings for a locale.", - "title": "BotAliasLocaleSetting" + "Attributes": { + "additionalProperties": true, + "markdownDescription": "A JSON string containing up to three key-value pair in JSON format. For example:\n\n`{\\\"attributes\\\":{\\\"string1\\\":\\\"string2\\\"}}`", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Attributes", + "type": "object" + } + }, + "type": "object" + }, + "AWS::IoT::ThingGroup.ThingGroupProperties": { + "additionalProperties": false, + "properties": { + "AttributePayload": { + "$ref": "#/definitions/AWS::IoT::ThingGroup.AttributePayload", + "markdownDescription": "The thing group attributes in JSON format.", + "title": "AttributePayload" }, - "LocaleId": { - "markdownDescription": "Specifies the locale that the settings apply to.", - "title": "LocaleId", + "ThingGroupDescription": { + "markdownDescription": "The thing group description.", + "title": "ThingGroupDescription", "type": "string" } }, - "required": [ - "BotAliasLocaleSetting", - "LocaleId" - ], "type": "object" }, - "AWS::Lex::Bot.BotLocale": { + "AWS::IoT::ThingPrincipalAttachment": { "additionalProperties": false, "properties": { - "CustomVocabulary": { - "$ref": "#/definitions/AWS::Lex::Bot.CustomVocabulary", - "markdownDescription": "Specifies a custom vocabulary to use with a specific locale.", - "title": "CustomVocabulary" - }, - "Description": { - "markdownDescription": "A description of the bot locale. Use this to help identify the bot locale in lists.", - "title": "Description", + "Condition": { "type": "string" }, - "Intents": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.Intent" - }, - "markdownDescription": "One or more intents defined for the locale.", - "title": "Intents", - "type": "array" - }, - "LocaleId": { - "markdownDescription": "The identifier of the language and locale that the bot will be used in. The string must match one of the supported locales.", - "title": "LocaleId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "NluConfidenceThreshold": { - "markdownDescription": "Determines the threshold where Amazon Lex will insert the `AMAZON.FallbackIntent` , `AMAZON.KendraSearchIntent` , or both when returning alternative intents. You must configure an `AMAZON.FallbackIntent` . `AMAZON.KendraSearchIntent` is only inserted if it is configured for the bot.", - "title": "NluConfidenceThreshold", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SlotTypes": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.SlotType" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Principal": { + "markdownDescription": "The principal, which can be a certificate ARN (as returned from the `CreateCertificate` operation) or an Amazon Cognito ID.", + "title": "Principal", + "type": "string" + }, + "ThingName": { + "markdownDescription": "The name of the AWS IoT thing.", + "title": "ThingName", + "type": "string" + }, + "ThingPrincipalType": { + "markdownDescription": "", + "title": "ThingPrincipalType", + "type": "string" + } }, - "markdownDescription": "One or more slot types defined for the locale.", - "title": "SlotTypes", - "type": "array" + "required": [ + "Principal", + "ThingName" + ], + "type": "object" }, - "VoiceSettings": { - "$ref": "#/definitions/AWS::Lex::Bot.VoiceSettings", - "markdownDescription": "Defines settings for using an Amazon Polly voice to communicate with a user.\n\nValid values include:\n\n- `standard`\n- `neural`\n- `long-form`\n- `generative`", - "title": "VoiceSettings" + "Type": { + "enum": [ + "AWS::IoT::ThingPrincipalAttachment" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "LocaleId", - "NluConfidenceThreshold" + "Type", + "Properties" ], "type": "object" }, - "AWS::Lex::Bot.Button": { + "AWS::IoT::ThingType": { "additionalProperties": false, "properties": { - "Text": { - "markdownDescription": "The text that appears on the button. Use this to tell the user what value is returned when they choose this button.", - "title": "Text", + "Condition": { "type": "string" }, - "Value": { - "markdownDescription": "The value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.", - "title": "Value", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DeprecateThingType": { + "markdownDescription": "Deprecates a thing type. You can not associate new things with deprecated thing type.\n\nRequires permission to access the [DeprecateThingType](https://docs.aws.amazon.com//service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions) action.", + "title": "DeprecateThingType", + "type": "boolean" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata which can be used to manage the thing type.", + "title": "Tags", + "type": "array" + }, + "ThingTypeName": { + "markdownDescription": "The name of the thing type.", + "title": "ThingTypeName", + "type": "string" + }, + "ThingTypeProperties": { + "$ref": "#/definitions/AWS::IoT::ThingType.ThingTypeProperties", + "markdownDescription": "The thing type properties for the thing type to create. It contains information about the new thing type including a description, a list of searchable thing attribute names, and a list of propagating attributes. After a thing type is created, you can only update `Mqtt5Configuration` .", + "title": "ThingTypeProperties" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IoT::ThingType" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Text", - "Value" + "Type" ], "type": "object" }, - "AWS::Lex::Bot.CloudWatchLogGroupLogDestination": { + "AWS::IoT::ThingType.Mqtt5Configuration": { "additionalProperties": false, "properties": { - "CloudWatchLogGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the log group where text and metadata logs are delivered.", - "title": "CloudWatchLogGroupArn", - "type": "string" - }, - "LogPrefix": { - "markdownDescription": "The prefix of the log stream name within the log group that you specified", - "title": "LogPrefix", - "type": "string" + "PropagatingAttributes": { + "items": { + "$ref": "#/definitions/AWS::IoT::ThingType.PropagatingAttribute" + }, + "markdownDescription": "An object that represents the connection attribute, the thing attribute, and the MQTT 5 user property key.", + "title": "PropagatingAttributes", + "type": "array" } }, - "required": [ - "CloudWatchLogGroupArn", - "LogPrefix" - ], "type": "object" }, - "AWS::Lex::Bot.CodeHookSpecification": { + "AWS::IoT::ThingType.PropagatingAttribute": { "additionalProperties": false, "properties": { - "LambdaCodeHook": { - "$ref": "#/definitions/AWS::Lex::Bot.LambdaCodeHook", - "markdownDescription": "Specifies a Lambda function that verifies requests to a bot or fulfills the user's request to a bot.", - "title": "LambdaCodeHook" + "ConnectionAttribute": { + "markdownDescription": "The attribute associated with the connection details.", + "title": "ConnectionAttribute", + "type": "string" + }, + "ThingAttribute": { + "markdownDescription": "The thing attribute that is propagating for MQTT 5 message enrichment.", + "title": "ThingAttribute", + "type": "string" + }, + "UserPropertyKey": { + "markdownDescription": "The key of the MQTT 5 user property, which is a key-value pair.", + "title": "UserPropertyKey", + "type": "string" } }, "required": [ - "LambdaCodeHook" + "UserPropertyKey" ], "type": "object" }, - "AWS::Lex::Bot.Condition": { + "AWS::IoT::ThingType.ThingTypeProperties": { "additionalProperties": false, "properties": { - "ExpressionString": { - "markdownDescription": "The expression string that is evaluated.", - "title": "ExpressionString", + "Mqtt5Configuration": { + "$ref": "#/definitions/AWS::IoT::ThingType.Mqtt5Configuration", + "markdownDescription": "The configuration to add user-defined properties to enrich MQTT 5 messages.", + "title": "Mqtt5Configuration" + }, + "SearchableAttributes": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of searchable thing attribute names.", + "title": "SearchableAttributes", + "type": "array" + }, + "ThingTypeDescription": { + "markdownDescription": "The description of the thing type.", + "title": "ThingTypeDescription", "type": "string" } }, - "required": [ - "ExpressionString" - ], "type": "object" }, - "AWS::Lex::Bot.ConditionalBranch": { + "AWS::IoT::TopicRule": { "additionalProperties": false, "properties": { "Condition": { - "$ref": "#/definitions/AWS::Lex::Bot.Condition", - "markdownDescription": "Contains the expression to evaluate. If the condition is true, the branch's actions are taken.", - "title": "Condition" + "type": "string" }, - "Name": { - "markdownDescription": "The name of the branch.", - "title": "Name", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "NextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "The next step in the conversation.", - "title": "NextStep" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Response": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input.", - "title": "Response" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "RuleName": { + "markdownDescription": "The name of the rule.", + "title": "RuleName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata which can be used to manage the topic rule.\n\n> For URI Request parameters use format: ...key1=value1&key2=value2...\n> \n> For the CLI command-line parameter use format: --tags \"key1=value1&key2=value2...\"\n> \n> For the cli-input-json file use format: \"tags\": \"key1=value1&key2=value2...\"", + "title": "Tags", + "type": "array" + }, + "TopicRulePayload": { + "$ref": "#/definitions/AWS::IoT::TopicRule.TopicRulePayload", + "markdownDescription": "The rule payload.", + "title": "TopicRulePayload" + } + }, + "required": [ + "TopicRulePayload" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IoT::TopicRule" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Condition", - "Name", - "NextStep" + "Type", + "Properties" ], "type": "object" }, - "AWS::Lex::Bot.ConditionalSpecification": { + "AWS::IoT::TopicRule.Action": { "additionalProperties": false, "properties": { - "ConditionalBranches": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalBranch" - }, - "markdownDescription": "A list of conditional branches. A conditional branch is made up of a condition, a response and a next step. The response and next step are executed when the condition is true.", - "title": "ConditionalBranches", - "type": "array" + "CloudwatchAlarm": { + "$ref": "#/definitions/AWS::IoT::TopicRule.CloudwatchAlarmAction", + "markdownDescription": "Change the state of a CloudWatch alarm.", + "title": "CloudwatchAlarm" }, - "DefaultBranch": { - "$ref": "#/definitions/AWS::Lex::Bot.DefaultConditionalBranch", - "markdownDescription": "The conditional branch that should be followed when the conditions for other branches are not satisfied. A conditional branch is made up of a condition, a response and a next step.", - "title": "DefaultBranch" + "CloudwatchLogs": { + "$ref": "#/definitions/AWS::IoT::TopicRule.CloudwatchLogsAction", + "markdownDescription": "Sends data to CloudWatch.", + "title": "CloudwatchLogs" }, - "IsActive": { - "markdownDescription": "Determines whether a conditional branch is active. When `IsActive` is false, the conditions are not evaluated.", - "title": "IsActive", - "type": "boolean" + "CloudwatchMetric": { + "$ref": "#/definitions/AWS::IoT::TopicRule.CloudwatchMetricAction", + "markdownDescription": "Capture a CloudWatch metric.", + "title": "CloudwatchMetric" + }, + "DynamoDB": { + "$ref": "#/definitions/AWS::IoT::TopicRule.DynamoDBAction", + "markdownDescription": "Write to a DynamoDB table.", + "title": "DynamoDB" + }, + "DynamoDBv2": { + "$ref": "#/definitions/AWS::IoT::TopicRule.DynamoDBv2Action", + "markdownDescription": "Write to a DynamoDB table. This is a new version of the DynamoDB action. It allows you to write each attribute in an MQTT message payload into a separate DynamoDB column.", + "title": "DynamoDBv2" + }, + "Elasticsearch": { + "$ref": "#/definitions/AWS::IoT::TopicRule.ElasticsearchAction", + "markdownDescription": "Write data to an Amazon OpenSearch Service domain.\n\n> The `Elasticsearch` action can only be used by existing rule actions. To create a new rule action or to update an existing rule action, use the `OpenSearch` rule action instead. For more information, see [OpenSearchAction](https://docs.aws.amazon.com//iot/latest/apireference/API_OpenSearchAction.html) .", + "title": "Elasticsearch" + }, + "Firehose": { + "$ref": "#/definitions/AWS::IoT::TopicRule.FirehoseAction", + "markdownDescription": "Write to an Amazon Kinesis Firehose stream.", + "title": "Firehose" + }, + "Http": { + "$ref": "#/definitions/AWS::IoT::TopicRule.HttpAction", + "markdownDescription": "Send data to an HTTPS endpoint.", + "title": "Http" + }, + "IotAnalytics": { + "$ref": "#/definitions/AWS::IoT::TopicRule.IotAnalyticsAction", + "markdownDescription": "Sends message data to an AWS IoT Analytics channel.", + "title": "IotAnalytics" + }, + "IotEvents": { + "$ref": "#/definitions/AWS::IoT::TopicRule.IotEventsAction", + "markdownDescription": "Sends an input to an AWS IoT Events detector.", + "title": "IotEvents" + }, + "IotSiteWise": { + "$ref": "#/definitions/AWS::IoT::TopicRule.IotSiteWiseAction", + "markdownDescription": "Sends data from the MQTT message that triggered the rule to AWS IoT SiteWise asset properties.", + "title": "IotSiteWise" + }, + "Kafka": { + "$ref": "#/definitions/AWS::IoT::TopicRule.KafkaAction", + "markdownDescription": "Send messages to an Amazon Managed Streaming for Apache Kafka (Amazon MSK) or self-managed Apache Kafka cluster.", + "title": "Kafka" + }, + "Kinesis": { + "$ref": "#/definitions/AWS::IoT::TopicRule.KinesisAction", + "markdownDescription": "Write data to an Amazon Kinesis stream.", + "title": "Kinesis" + }, + "Lambda": { + "$ref": "#/definitions/AWS::IoT::TopicRule.LambdaAction", + "markdownDescription": "Invoke a Lambda function.", + "title": "Lambda" + }, + "Location": { + "$ref": "#/definitions/AWS::IoT::TopicRule.LocationAction", + "markdownDescription": "Sends device location data to [Amazon Location Service](https://docs.aws.amazon.com//location/latest/developerguide/welcome.html) .", + "title": "Location" + }, + "OpenSearch": { + "$ref": "#/definitions/AWS::IoT::TopicRule.OpenSearchAction", + "markdownDescription": "Write data to an Amazon OpenSearch Service domain.", + "title": "OpenSearch" + }, + "Republish": { + "$ref": "#/definitions/AWS::IoT::TopicRule.RepublishAction", + "markdownDescription": "Publish to another MQTT topic.", + "title": "Republish" + }, + "S3": { + "$ref": "#/definitions/AWS::IoT::TopicRule.S3Action", + "markdownDescription": "Write to an Amazon S3 bucket.", + "title": "S3" + }, + "Sns": { + "$ref": "#/definitions/AWS::IoT::TopicRule.SnsAction", + "markdownDescription": "Publish to an Amazon SNS topic.", + "title": "Sns" + }, + "Sqs": { + "$ref": "#/definitions/AWS::IoT::TopicRule.SqsAction", + "markdownDescription": "Publish to an Amazon SQS queue.", + "title": "Sqs" + }, + "StepFunctions": { + "$ref": "#/definitions/AWS::IoT::TopicRule.StepFunctionsAction", + "markdownDescription": "Starts execution of a Step Functions state machine.", + "title": "StepFunctions" + }, + "Timestream": { + "$ref": "#/definitions/AWS::IoT::TopicRule.TimestreamAction", + "markdownDescription": "Writes attributes from an MQTT message.", + "title": "Timestream" } }, - "required": [ - "ConditionalBranches", - "DefaultBranch", - "IsActive" - ], "type": "object" }, - "AWS::Lex::Bot.ConversationLogSettings": { + "AWS::IoT::TopicRule.AssetPropertyTimestamp": { "additionalProperties": false, "properties": { - "AudioLogSettings": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.AudioLogSetting" - }, - "markdownDescription": "The Amazon S3 settings for logging audio to an S3 bucket.", - "title": "AudioLogSettings", - "type": "array" + "OffsetInNanos": { + "markdownDescription": "Optional. A string that contains the nanosecond time offset. Accepts substitution templates.", + "title": "OffsetInNanos", + "type": "string" }, - "TextLogSettings": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.TextLogSetting" - }, - "markdownDescription": "The Amazon CloudWatch Logs settings for logging text and metadata.", - "title": "TextLogSettings", - "type": "array" + "TimeInSeconds": { + "markdownDescription": "A string that contains the time in seconds since epoch. Accepts substitution templates.", + "title": "TimeInSeconds", + "type": "string" } }, + "required": [ + "TimeInSeconds" + ], "type": "object" }, - "AWS::Lex::Bot.CustomPayload": { + "AWS::IoT::TopicRule.AssetPropertyValue": { "additionalProperties": false, "properties": { - "Value": { - "markdownDescription": "The string that is sent to your application.", - "title": "Value", + "Quality": { + "markdownDescription": "Optional. A string that describes the quality of the value. Accepts substitution templates. Must be `GOOD` , `BAD` , or `UNCERTAIN` .", + "title": "Quality", "type": "string" + }, + "Timestamp": { + "$ref": "#/definitions/AWS::IoT::TopicRule.AssetPropertyTimestamp", + "markdownDescription": "The asset property value timestamp.", + "title": "Timestamp" + }, + "Value": { + "$ref": "#/definitions/AWS::IoT::TopicRule.AssetPropertyVariant", + "markdownDescription": "The value of the asset property.", + "title": "Value" } }, "required": [ + "Timestamp", "Value" ], "type": "object" }, - "AWS::Lex::Bot.CustomVocabulary": { + "AWS::IoT::TopicRule.AssetPropertyVariant": { "additionalProperties": false, "properties": { - "CustomVocabularyItems": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.CustomVocabularyItem" - }, - "markdownDescription": "Specifies a list of words that you expect to be used during a conversation with your bot.", - "title": "CustomVocabularyItems", - "type": "array" + "BooleanValue": { + "markdownDescription": "Optional. A string that contains the boolean value ( `true` or `false` ) of the value entry. Accepts substitution templates.", + "title": "BooleanValue", + "type": "string" + }, + "DoubleValue": { + "markdownDescription": "Optional. A string that contains the double value of the value entry. Accepts substitution templates.", + "title": "DoubleValue", + "type": "string" + }, + "IntegerValue": { + "markdownDescription": "Optional. A string that contains the integer value of the value entry. Accepts substitution templates.", + "title": "IntegerValue", + "type": "string" + }, + "StringValue": { + "markdownDescription": "Optional. The string value of the value entry. Accepts substitution templates.", + "title": "StringValue", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoT::TopicRule.CloudwatchAlarmAction": { + "additionalProperties": false, + "properties": { + "AlarmName": { + "markdownDescription": "The CloudWatch alarm name.", + "title": "AlarmName", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The IAM role that allows access to the CloudWatch alarm.", + "title": "RoleArn", + "type": "string" + }, + "StateReason": { + "markdownDescription": "The reason for the alarm change.", + "title": "StateReason", + "type": "string" + }, + "StateValue": { + "markdownDescription": "The value of the alarm state. Acceptable values are: OK, ALARM, INSUFFICIENT_DATA.", + "title": "StateValue", + "type": "string" } }, "required": [ - "CustomVocabularyItems" + "AlarmName", + "RoleArn", + "StateReason", + "StateValue" ], "type": "object" }, - "AWS::Lex::Bot.CustomVocabularyItem": { + "AWS::IoT::TopicRule.CloudwatchLogsAction": { "additionalProperties": false, "properties": { - "DisplayAs": { - "markdownDescription": "The DisplayAs value for the custom vocabulary item from the custom vocabulary list.", - "title": "DisplayAs", - "type": "string" + "BatchMode": { + "markdownDescription": "Indicates whether batches of log records will be extracted and uploaded into CloudWatch.", + "title": "BatchMode", + "type": "boolean" }, - "Phrase": { - "markdownDescription": "Specifies 1 - 4 words that should be recognized.", - "title": "Phrase", + "LogGroupName": { + "markdownDescription": "The CloudWatch log name.", + "title": "LogGroupName", "type": "string" }, - "Weight": { - "markdownDescription": "Specifies the degree to which the phrase recognition is boosted. The default value is 1.", - "title": "Weight", - "type": "number" + "RoleArn": { + "markdownDescription": "The IAM role that allows access to the CloudWatch log.", + "title": "RoleArn", + "type": "string" } }, "required": [ - "Phrase" + "LogGroupName", + "RoleArn" ], "type": "object" }, - "AWS::Lex::Bot.DTMFSpecification": { + "AWS::IoT::TopicRule.CloudwatchMetricAction": { "additionalProperties": false, "properties": { - "DeletionCharacter": { - "markdownDescription": "The DTMF character that clears the accumulated DTMF digits and immediately ends the input.", - "title": "DeletionCharacter", + "MetricName": { + "markdownDescription": "The CloudWatch metric name.", + "title": "MetricName", "type": "string" }, - "EndCharacter": { - "markdownDescription": "The DTMF character that immediately ends input. If the user does not press this character, the input ends after the end timeout.", - "title": "EndCharacter", + "MetricNamespace": { + "markdownDescription": "The CloudWatch metric namespace name.", + "title": "MetricNamespace", "type": "string" }, - "EndTimeoutMs": { - "markdownDescription": "How long the bot should wait after the last DTMF character input before assuming that the input has concluded.", - "title": "EndTimeoutMs", - "type": "number" + "MetricTimestamp": { + "markdownDescription": "An optional [Unix timestamp](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/cloudwatch_concepts.html#about_timestamp) .", + "title": "MetricTimestamp", + "type": "string" }, - "MaxLength": { - "markdownDescription": "The maximum number of DTMF digits allowed in an utterance.", - "title": "MaxLength", - "type": "number" + "MetricUnit": { + "markdownDescription": "The [metric unit](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/cloudwatch_concepts.html#Unit) supported by CloudWatch.", + "title": "MetricUnit", + "type": "string" + }, + "MetricValue": { + "markdownDescription": "The CloudWatch metric value.", + "title": "MetricValue", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The IAM role that allows access to the CloudWatch metric.", + "title": "RoleArn", + "type": "string" } }, "required": [ - "DeletionCharacter", - "EndCharacter", - "EndTimeoutMs", - "MaxLength" + "MetricName", + "MetricNamespace", + "MetricUnit", + "MetricValue", + "RoleArn" ], "type": "object" }, - "AWS::Lex::Bot.DataPrivacy": { + "AWS::IoT::TopicRule.DynamoDBAction": { "additionalProperties": false, "properties": { - "ChildDirected": { - "markdownDescription": "For each Amazon Lex bot created with the Amazon Lex Model Building Service, you must specify whether your use of Amazon Lex is related to a website, program, or other application that is directed or targeted, in whole or in part, to children under age 13 and subject to the Children's Online Privacy Protection Act (COPPA) by specifying `true` or `false` in the `childDirected` field. By specifying `true` in the `childDirected` field, you confirm that your use of Amazon Lex *is* related to a website, program, or other application that is directed or targeted, in whole or in part, to children under age 13 and subject to COPPA. By specifying `false` in the `childDirected` field, you confirm that your use of Amazon Lex *is not* related to a website, program, or other application that is directed or targeted, in whole or in part, to children under age 13 and subject to COPPA. You may not specify a default value for the `childDirected` field that does not accurately reflect whether your use of Amazon Lex is related to a website, program, or other application that is directed or targeted, in whole or in part, to children under age 13 and subject to COPPA. If your use of Amazon Lex relates to a website, program, or other application that is directed in whole or in part, to children under age 13, you must obtain any required verifiable parental consent under COPPA. For information regarding the use of Amazon Lex in connection with websites, programs, or other applications that are directed or targeted, in whole or in part, to children under age 13, see the [Amazon Lex FAQ](https://docs.aws.amazon.com/lex/faqs#data-security) .", - "title": "ChildDirected", - "type": "boolean" + "HashKeyField": { + "markdownDescription": "The hash key name.", + "title": "HashKeyField", + "type": "string" + }, + "HashKeyType": { + "markdownDescription": "The hash key type. Valid values are \"STRING\" or \"NUMBER\"", + "title": "HashKeyType", + "type": "string" + }, + "HashKeyValue": { + "markdownDescription": "The hash key value.", + "title": "HashKeyValue", + "type": "string" + }, + "PayloadField": { + "markdownDescription": "The action payload. This name can be customized.", + "title": "PayloadField", + "type": "string" + }, + "RangeKeyField": { + "markdownDescription": "The range key name.", + "title": "RangeKeyField", + "type": "string" + }, + "RangeKeyType": { + "markdownDescription": "The range key type. Valid values are \"STRING\" or \"NUMBER\"", + "title": "RangeKeyType", + "type": "string" + }, + "RangeKeyValue": { + "markdownDescription": "The range key value.", + "title": "RangeKeyValue", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that grants access to the DynamoDB table.", + "title": "RoleArn", + "type": "string" + }, + "TableName": { + "markdownDescription": "The name of the DynamoDB table.", + "title": "TableName", + "type": "string" } }, "required": [ - "ChildDirected" + "HashKeyField", + "HashKeyValue", + "RoleArn", + "TableName" ], "type": "object" }, - "AWS::Lex::Bot.DefaultConditionalBranch": { + "AWS::IoT::TopicRule.DynamoDBv2Action": { "additionalProperties": false, "properties": { - "NextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "The next step in the conversation.", - "title": "NextStep" + "PutItem": { + "$ref": "#/definitions/AWS::IoT::TopicRule.PutItemInput", + "markdownDescription": "Specifies the DynamoDB table to which the message data will be written. For example:\n\n`{ \"dynamoDBv2\": { \"roleArn\": \"aws:iam:12341251:my-role\" \"putItem\": { \"tableName\": \"my-table\" } } }`\n\nEach attribute in the message payload will be written to a separate column in the DynamoDB database.", + "title": "PutItem" }, - "Response": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input.", - "title": "Response" + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that grants access to the DynamoDB table.", + "title": "RoleArn", + "type": "string" } }, "type": "object" }, - "AWS::Lex::Bot.DialogAction": { + "AWS::IoT::TopicRule.ElasticsearchAction": { "additionalProperties": false, "properties": { - "SlotToElicit": { - "markdownDescription": "If the dialog action is `ElicitSlot` , defines the slot to elicit from the user.", - "title": "SlotToElicit", + "Endpoint": { + "markdownDescription": "The endpoint of your OpenSearch domain.", + "title": "Endpoint", "type": "string" }, - "SuppressNextMessage": { - "markdownDescription": "When true the next message for the intent is not used.", - "title": "SuppressNextMessage", - "type": "boolean" + "Id": { + "markdownDescription": "The unique identifier for the document you are storing.", + "title": "Id", + "type": "string" + }, + "Index": { + "markdownDescription": "The index where you want to store your data.", + "title": "Index", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The IAM role ARN that has access to OpenSearch.", + "title": "RoleArn", + "type": "string" }, "Type": { - "markdownDescription": "The action that the bot should execute.", + "markdownDescription": "The type of document you are storing.", "title": "Type", "type": "string" } }, "required": [ + "Endpoint", + "Id", + "Index", + "RoleArn", "Type" ], "type": "object" }, - "AWS::Lex::Bot.DialogCodeHookInvocationSetting": { + "AWS::IoT::TopicRule.FirehoseAction": { "additionalProperties": false, "properties": { - "EnableCodeHookInvocation": { - "markdownDescription": "Indicates whether a Lambda function should be invoked for the dialog.", - "title": "EnableCodeHookInvocation", + "BatchMode": { + "markdownDescription": "Whether to deliver the Kinesis Data Firehose stream as a batch by using [`PutRecordBatch`](https://docs.aws.amazon.com/firehose/latest/APIReference/API_PutRecordBatch.html) . The default value is `false` .\n\nWhen `batchMode` is `true` and the rule's SQL statement evaluates to an Array, each Array element forms one record in the [`PutRecordBatch`](https://docs.aws.amazon.com/firehose/latest/APIReference/API_PutRecordBatch.html) request. The resulting array can't have more than 500 records.", + "title": "BatchMode", "type": "boolean" }, - "InvocationLabel": { - "markdownDescription": "A label that indicates the dialog step from which the dialog code hook is happening.", - "title": "InvocationLabel", + "DeliveryStreamName": { + "markdownDescription": "The delivery stream name.", + "title": "DeliveryStreamName", "type": "string" }, - "IsActive": { - "markdownDescription": "Determines whether a dialog code hook is used when the intent is activated.", - "title": "IsActive", - "type": "boolean" + "RoleArn": { + "markdownDescription": "The IAM role that grants access to the Amazon Kinesis Firehose stream.", + "title": "RoleArn", + "type": "string" }, - "PostCodeHookSpecification": { - "$ref": "#/definitions/AWS::Lex::Bot.PostDialogCodeHookInvocationSpecification", - "markdownDescription": "Contains the responses and actions that Amazon Lex takes after the Lambda function is complete.", - "title": "PostCodeHookSpecification" - } - }, - "required": [ - "EnableCodeHookInvocation", - "IsActive", - "PostCodeHookSpecification" - ], - "type": "object" - }, - "AWS::Lex::Bot.DialogCodeHookSetting": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Enables the dialog code hook so that it processes user requests.", - "title": "Enabled", - "type": "boolean" + "Separator": { + "markdownDescription": "A character separator that will be used to separate records written to the Firehose stream. Valid values are: '\\n' (newline), '\\t' (tab), '\\r\\n' (Windows newline), ',' (comma).", + "title": "Separator", + "type": "string" } }, "required": [ - "Enabled" + "DeliveryStreamName", + "RoleArn" ], "type": "object" }, - "AWS::Lex::Bot.DialogState": { + "AWS::IoT::TopicRule.HttpAction": { "additionalProperties": false, "properties": { - "DialogAction": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogAction", - "markdownDescription": "Defines the action that the bot executes at runtime when the conversation reaches this step.", - "title": "DialogAction" + "Auth": { + "$ref": "#/definitions/AWS::IoT::TopicRule.HttpAuthorization", + "markdownDescription": "The authentication method to use when sending data to an HTTPS endpoint.", + "title": "Auth" }, - "Intent": { - "$ref": "#/definitions/AWS::Lex::Bot.IntentOverride", - "markdownDescription": "Override settings to configure the intent state.", - "title": "Intent" + "ConfirmationUrl": { + "markdownDescription": "The URL to which AWS IoT sends a confirmation message. The value of the confirmation URL must be a prefix of the endpoint URL. If you do not specify a confirmation URL AWS IoT uses the endpoint URL as the confirmation URL. If you use substitution templates in the confirmationUrl, you must create and enable topic rule destinations that match each possible value of the substitution template before traffic is allowed to your endpoint URL.", + "title": "ConfirmationUrl", + "type": "string" }, - "SessionAttributes": { + "Headers": { "items": { - "$ref": "#/definitions/AWS::Lex::Bot.SessionAttribute" + "$ref": "#/definitions/AWS::IoT::TopicRule.HttpActionHeader" }, - "markdownDescription": "Map of key/value pairs representing session-specific context information. It contains application information passed between Amazon Lex and a client application.", - "title": "SessionAttributes", + "markdownDescription": "The HTTP headers to send with the message data.", + "title": "Headers", "type": "array" + }, + "Url": { + "markdownDescription": "The endpoint URL. If substitution templates are used in the URL, you must also specify a `confirmationUrl` . If this is a new destination, a new `TopicRuleDestination` is created if possible.", + "title": "Url", + "type": "string" } }, + "required": [ + "Url" + ], "type": "object" }, - "AWS::Lex::Bot.ElicitationCodeHookInvocationSetting": { + "AWS::IoT::TopicRule.HttpActionHeader": { "additionalProperties": false, "properties": { - "EnableCodeHookInvocation": { - "markdownDescription": "Indicates whether a Lambda function should be invoked for the dialog.", - "title": "EnableCodeHookInvocation", - "type": "boolean" + "Key": { + "markdownDescription": "The HTTP header key.", + "title": "Key", + "type": "string" }, - "InvocationLabel": { - "markdownDescription": "A label that indicates the dialog step from which the dialog code hook is happening.", - "title": "InvocationLabel", + "Value": { + "markdownDescription": "The HTTP header value. Substitution templates are supported.", + "title": "Value", "type": "string" } }, "required": [ - "EnableCodeHookInvocation" + "Key", + "Value" ], "type": "object" }, - "AWS::Lex::Bot.ExternalSourceSetting": { + "AWS::IoT::TopicRule.HttpAuthorization": { "additionalProperties": false, "properties": { - "GrammarSlotTypeSetting": { - "$ref": "#/definitions/AWS::Lex::Bot.GrammarSlotTypeSetting", - "markdownDescription": "Settings required for a slot type based on a grammar that you provide.", - "title": "GrammarSlotTypeSetting" + "Sigv4": { + "$ref": "#/definitions/AWS::IoT::TopicRule.SigV4Authorization", + "markdownDescription": "Use Sig V4 authorization. For more information, see [Signature Version 4 Signing Process](https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) .", + "title": "Sigv4" } }, "type": "object" }, - "AWS::Lex::Bot.FulfillmentCodeHookSetting": { + "AWS::IoT::TopicRule.IotAnalyticsAction": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Indicates whether a Lambda function should be invoked to fulfill a specific intent.", - "title": "Enabled", + "BatchMode": { + "markdownDescription": "Whether to process the action as a batch. The default value is `false` .\n\nWhen `batchMode` is `true` and the rule SQL statement evaluates to an Array, each Array element is delivered as a separate message when passed by [`BatchPutMessage`](https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_BatchPutMessage.html) The resulting array can't have more than 100 messages.", + "title": "BatchMode", "type": "boolean" }, - "FulfillmentUpdatesSpecification": { - "$ref": "#/definitions/AWS::Lex::Bot.FulfillmentUpdatesSpecification", - "markdownDescription": "Provides settings for update messages sent to the user for long-running Lambda fulfillment functions. Fulfillment updates can be used only with streaming conversations.", - "title": "FulfillmentUpdatesSpecification" - }, - "IsActive": { - "markdownDescription": "Determines whether the fulfillment code hook is used. When `active` is false, the code hook doesn't run.", - "title": "IsActive", - "type": "boolean" + "ChannelName": { + "markdownDescription": "The name of the IoT Analytics channel to which message data will be sent.", + "title": "ChannelName", + "type": "string" }, - "PostFulfillmentStatusSpecification": { - "$ref": "#/definitions/AWS::Lex::Bot.PostFulfillmentStatusSpecification", - "markdownDescription": "Provides settings for messages sent to the user for after the Lambda fulfillment function completes. Post-fulfillment messages can be sent for both streaming and non-streaming conversations.", - "title": "PostFulfillmentStatusSpecification" + "RoleArn": { + "markdownDescription": "The ARN of the role which has a policy that grants IoT Analytics permission to send message data via IoT Analytics (iotanalytics:BatchPutMessage).", + "title": "RoleArn", + "type": "string" } }, "required": [ - "Enabled" + "ChannelName", + "RoleArn" ], "type": "object" }, - "AWS::Lex::Bot.FulfillmentStartResponseSpecification": { + "AWS::IoT::TopicRule.IotEventsAction": { "additionalProperties": false, "properties": { - "AllowInterrupt": { - "markdownDescription": "Determines whether the user can interrupt the start message while it is playing.", - "title": "AllowInterrupt", + "BatchMode": { + "markdownDescription": "Whether to process the event actions as a batch. The default value is `false` .\n\nWhen `batchMode` is `true` , you can't specify a `messageId` .\n\nWhen `batchMode` is `true` and the rule SQL statement evaluates to an Array, each Array element is treated as a separate message when Events by calling [`BatchPutMessage`](https://docs.aws.amazon.com/iotevents/latest/apireference/API_iotevents-data_BatchPutMessage.html) . The resulting array can't have more than 10 messages.", + "title": "BatchMode", "type": "boolean" }, - "DelayInSeconds": { - "markdownDescription": "The delay between when the Lambda fulfillment function starts running and the start message is played. If the Lambda function returns before the delay is over, the start message isn't played.", - "title": "DelayInSeconds", - "type": "number" + "InputName": { + "markdownDescription": "The name of the AWS IoT Events input.", + "title": "InputName", + "type": "string" }, - "MessageGroups": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.MessageGroup" - }, - "markdownDescription": "1 - 5 message groups that contain start messages. Amazon Lex chooses one of the messages to play to the user.", - "title": "MessageGroups", - "type": "array" + "MessageId": { + "markdownDescription": "The ID of the message. The default `messageId` is a new UUID value.\n\nWhen `batchMode` is `true` , you can't specify a `messageId` --a new UUID value will be assigned.\n\nAssign a value to this property to ensure that only one input (message) with a given `messageId` will be processed by an AWS IoT Events detector.", + "title": "MessageId", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the role that grants AWS IoT permission to send an input to an AWS IoT Events detector. (\"Action\":\"iotevents:BatchPutMessage\").", + "title": "RoleArn", + "type": "string" } }, "required": [ - "DelayInSeconds", - "MessageGroups" + "InputName", + "RoleArn" ], "type": "object" }, - "AWS::Lex::Bot.FulfillmentUpdateResponseSpecification": { + "AWS::IoT::TopicRule.IotSiteWiseAction": { "additionalProperties": false, "properties": { - "AllowInterrupt": { - "markdownDescription": "Determines whether the user can interrupt an update message while it is playing.", - "title": "AllowInterrupt", - "type": "boolean" - }, - "FrequencyInSeconds": { - "markdownDescription": "The frequency that a message is sent to the user. When the period ends, Amazon Lex chooses a message from the message groups and plays it to the user. If the fulfillment Lambda returns before the first period ends, an update message is not played to the user.", - "title": "FrequencyInSeconds", - "type": "number" - }, - "MessageGroups": { + "PutAssetPropertyValueEntries": { "items": { - "$ref": "#/definitions/AWS::Lex::Bot.MessageGroup" + "$ref": "#/definitions/AWS::IoT::TopicRule.PutAssetPropertyValueEntry" }, - "markdownDescription": "1 - 5 message groups that contain update messages. Amazon Lex chooses one of the messages to play to the user.", - "title": "MessageGroups", + "markdownDescription": "A list of asset property value entries.", + "title": "PutAssetPropertyValueEntries", "type": "array" - } - }, - "required": [ - "FrequencyInSeconds", - "MessageGroups" - ], - "type": "object" - }, - "AWS::Lex::Bot.FulfillmentUpdatesSpecification": { - "additionalProperties": false, - "properties": { - "Active": { - "markdownDescription": "Determines whether fulfillment updates are sent to the user. When this field is true, updates are sent.\n\nIf the `active` field is set to true, the `startResponse` , `updateResponse` , and `timeoutInSeconds` fields are required.", - "title": "Active", - "type": "boolean" - }, - "StartResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.FulfillmentStartResponseSpecification", - "markdownDescription": "Provides configuration information for the message sent to users when the fulfillment Lambda functions starts running.", - "title": "StartResponse" - }, - "TimeoutInSeconds": { - "markdownDescription": "The length of time that the fulfillment Lambda function should run before it times out.", - "title": "TimeoutInSeconds", - "type": "number" }, - "UpdateResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.FulfillmentUpdateResponseSpecification", - "markdownDescription": "Provides configuration information for messages sent periodically to the user while the fulfillment Lambda function is running.", - "title": "UpdateResponse" + "RoleArn": { + "markdownDescription": "The ARN of the role that grants AWS IoT permission to send an asset property value to AWS IoT SiteWise. ( `\"Action\": \"iotsitewise:BatchPutAssetPropertyValue\"` ). The trust policy can restrict access to specific asset hierarchy paths.", + "title": "RoleArn", + "type": "string" } }, "required": [ - "Active" + "PutAssetPropertyValueEntries", + "RoleArn" ], "type": "object" }, - "AWS::Lex::Bot.GrammarSlotTypeSetting": { - "additionalProperties": false, - "properties": { - "Source": { - "$ref": "#/definitions/AWS::Lex::Bot.GrammarSlotTypeSource", - "markdownDescription": "The source of the grammar used to create the slot type.", - "title": "Source" - } - }, - "type": "object" - }, - "AWS::Lex::Bot.GrammarSlotTypeSource": { + "AWS::IoT::TopicRule.KafkaAction": { "additionalProperties": false, "properties": { - "KmsKeyArn": { - "markdownDescription": "The AWS KMS key required to decrypt the contents of the grammar, if any.", - "title": "KmsKeyArn", - "type": "string" + "ClientProperties": { + "additionalProperties": true, + "markdownDescription": "Properties of the Apache Kafka producer client.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "ClientProperties", + "type": "object" }, - "S3BucketName": { - "markdownDescription": "The name of the Amazon S3 bucket that contains the grammar source.", - "title": "S3BucketName", + "DestinationArn": { + "markdownDescription": "The ARN of Kafka action's VPC `TopicRuleDestination` .", + "title": "DestinationArn", "type": "string" }, - "S3ObjectKey": { - "markdownDescription": "The path to the grammar in the Amazon S3 bucket.", - "title": "S3ObjectKey", - "type": "string" - } - }, - "required": [ - "S3BucketName", - "S3ObjectKey" - ], - "type": "object" - }, - "AWS::Lex::Bot.ImageResponseCard": { - "additionalProperties": false, - "properties": { - "Buttons": { + "Headers": { "items": { - "$ref": "#/definitions/AWS::Lex::Bot.Button" + "$ref": "#/definitions/AWS::IoT::TopicRule.KafkaActionHeader" }, - "markdownDescription": "A list of buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button.", - "title": "Buttons", + "markdownDescription": "The list of Kafka headers that you specify.", + "title": "Headers", "type": "array" }, - "ImageUrl": { - "markdownDescription": "The URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.", - "title": "ImageUrl", + "Key": { + "markdownDescription": "The Kafka message key.", + "title": "Key", "type": "string" }, - "Subtitle": { - "markdownDescription": "The subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.", - "title": "Subtitle", + "Partition": { + "markdownDescription": "The Kafka message partition.", + "title": "Partition", "type": "string" }, - "Title": { - "markdownDescription": "The title to display on the response card. The format of the title is determined by the platform displaying the response card.", - "title": "Title", + "Topic": { + "markdownDescription": "The Kafka topic for messages to be sent to the Kafka broker.", + "title": "Topic", "type": "string" } }, "required": [ - "Title" + "ClientProperties", + "DestinationArn", + "Topic" ], "type": "object" }, - "AWS::Lex::Bot.InitialResponseSetting": { + "AWS::IoT::TopicRule.KafkaActionHeader": { "additionalProperties": false, "properties": { - "CodeHook": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogCodeHookInvocationSetting", - "markdownDescription": "Settings that specify the dialog code hook that is called by Amazon Lex at a step of the conversation.", - "title": "CodeHook" - }, - "Conditional": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", - "markdownDescription": "Provides a list of conditional branches. Branches are evaluated in the order that they are entered in the list. The first branch with a condition that evaluates to true is executed. The last branch in the list is the default branch. The default branch should not have any condition expression. The default branch is executed if no other branch has a matching condition.", - "title": "Conditional" - }, - "InitialResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input.", - "title": "InitialResponse" + "Key": { + "markdownDescription": "The key of the Kafka header.", + "title": "Key", + "type": "string" }, - "NextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "The next step in the conversation.", - "title": "NextStep" - } - }, - "type": "object" - }, - "AWS::Lex::Bot.InputContext": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the context.", - "title": "Name", + "Value": { + "markdownDescription": "The value of the Kafka header.", + "title": "Value", "type": "string" } }, "required": [ - "Name" + "Key", + "Value" ], "type": "object" }, - "AWS::Lex::Bot.Intent": { + "AWS::IoT::TopicRule.KinesisAction": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the intent. Use the description to help identify the intent in lists.", - "title": "Description", + "PartitionKey": { + "markdownDescription": "The partition key.", + "title": "PartitionKey", "type": "string" }, - "DialogCodeHook": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogCodeHookSetting", - "markdownDescription": "Specifies that Amazon Lex invokes the alias Lambda function for each user input. You can invoke this Lambda function to personalize user interaction.", - "title": "DialogCodeHook" - }, - "FulfillmentCodeHook": { - "$ref": "#/definitions/AWS::Lex::Bot.FulfillmentCodeHookSetting", - "markdownDescription": "Specifies that Amazon Lex invokes the alias Lambda function when the intent is ready for fulfillment. You can invoke this function to complete the bot's transaction with the user.", - "title": "FulfillmentCodeHook" - }, - "InitialResponseSetting": { - "$ref": "#/definitions/AWS::Lex::Bot.InitialResponseSetting", - "markdownDescription": "Configuration setting for a response sent to the user before Amazon Lex starts eliciting slots.", - "title": "InitialResponseSetting" - }, - "InputContexts": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.InputContext" - }, - "markdownDescription": "A list of contexts that must be active for this intent to be considered by Amazon Lex .", - "title": "InputContexts", - "type": "array" - }, - "IntentClosingSetting": { - "$ref": "#/definitions/AWS::Lex::Bot.IntentClosingSetting", - "markdownDescription": "Sets the response that Amazon Lex sends to the user when the intent is closed.", - "title": "IntentClosingSetting" - }, - "IntentConfirmationSetting": { - "$ref": "#/definitions/AWS::Lex::Bot.IntentConfirmationSetting", - "markdownDescription": "Provides prompts that Amazon Lex sends to the user to confirm the completion of an intent. If the user answers \"no,\" the settings contain a statement that is sent to the user to end the intent.", - "title": "IntentConfirmationSetting" - }, - "KendraConfiguration": { - "$ref": "#/definitions/AWS::Lex::Bot.KendraConfiguration", - "markdownDescription": "Provides configuration information for the `AMAZON.KendraSearchIntent` intent. When you use this intent, Amazon Lex searches the specified Amazon Kendra index and returns documents from the index that match the user's utterance.", - "title": "KendraConfiguration" - }, - "Name": { - "markdownDescription": "The name of the intent. Intent names must be unique within the locale that contains the intent and can't match the name of any built-in intent.", - "title": "Name", + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that grants access to the Amazon Kinesis stream.", + "title": "RoleArn", "type": "string" }, - "OutputContexts": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.OutputContext" - }, - "markdownDescription": "A list of contexts that the intent activates when it is fulfilled.", - "title": "OutputContexts", - "type": "array" - }, - "ParentIntentSignature": { - "markdownDescription": "A unique identifier for the built-in intent to base this intent on.", - "title": "ParentIntentSignature", + "StreamName": { + "markdownDescription": "The name of the Amazon Kinesis stream.", + "title": "StreamName", "type": "string" - }, - "SampleUtterances": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.SampleUtterance" - }, - "markdownDescription": "A list of utterances that a user might say to signal the intent.", - "title": "SampleUtterances", - "type": "array" - }, - "SlotPriorities": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.SlotPriority" - }, - "markdownDescription": "Indicates the priority for slots. Amazon Lex prompts the user for slot values in priority order.", - "title": "SlotPriorities", - "type": "array" - }, - "Slots": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.Slot" - }, - "markdownDescription": "A list of slots that the intent requires for fulfillment.", - "title": "Slots", - "type": "array" } }, "required": [ - "Name" + "RoleArn", + "StreamName" ], "type": "object" }, - "AWS::Lex::Bot.IntentClosingSetting": { + "AWS::IoT::TopicRule.LambdaAction": { "additionalProperties": false, "properties": { - "ClosingResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "The response that Amazon Lex sends to the user when the intent is complete.", - "title": "ClosingResponse" - }, - "Conditional": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", - "markdownDescription": "A list of conditional branches associated with the intent's closing response. These branches are executed when the `nextStep` attribute is set to `EvalutateConditional` .", - "title": "Conditional" - }, - "IsActive": { - "markdownDescription": "Specifies whether an intent's closing response is used. When this field is false, the closing response isn't sent to the user. If the `IsActive` field isn't specified, the default is true.", - "title": "IsActive", - "type": "boolean" - }, - "NextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "Specifies the next step that the bot executes after playing the intent's closing response.", - "title": "NextStep" + "FunctionArn": { + "markdownDescription": "The ARN of the Lambda function.", + "title": "FunctionArn", + "type": "string" } }, "type": "object" }, - "AWS::Lex::Bot.IntentConfirmationSetting": { + "AWS::IoT::TopicRule.LocationAction": { "additionalProperties": false, "properties": { - "CodeHook": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogCodeHookInvocationSetting", - "markdownDescription": "The `DialogCodeHookInvocationSetting` object associated with intent's confirmation step. The dialog code hook is triggered based on these invocation settings when the confirmation next step or declination next step or failure next step is `InvokeDialogCodeHook` .", - "title": "CodeHook" - }, - "ConfirmationConditional": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", - "markdownDescription": "A list of conditional branches to evaluate after the intent is closed.", - "title": "ConfirmationConditional" - }, - "ConfirmationNextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "Specifies the next step that the bot executes when the customer confirms the intent.", - "title": "ConfirmationNextStep" - }, - "ConfirmationResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input.", - "title": "ConfirmationResponse" - }, - "DeclinationConditional": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", - "markdownDescription": "A list of conditional branches to evaluate after the intent is declined.", - "title": "DeclinationConditional" - }, - "DeclinationNextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "Specifies the next step that the bot executes when the customer declines the intent.", - "title": "DeclinationNextStep" - }, - "DeclinationResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "When the user answers \"no\" to the question defined in `promptSpecification` , Amazon Lex responds with this response to acknowledge that the intent was canceled.", - "title": "DeclinationResponse" - }, - "ElicitationCodeHook": { - "$ref": "#/definitions/AWS::Lex::Bot.ElicitationCodeHookInvocationSetting", - "markdownDescription": "The `DialogCodeHookInvocationSetting` used when the code hook is invoked during confirmation prompt retries.", - "title": "ElicitationCodeHook" + "DeviceId": { + "markdownDescription": "The unique ID of the device providing the location data.", + "title": "DeviceId", + "type": "string" }, - "FailureConditional": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", - "markdownDescription": "Provides a list of conditional branches. Branches are evaluated in the order that they are entered in the list. The first branch with a condition that evaluates to true is executed. The last branch in the list is the default branch. The default branch should not have any condition expression. The default branch is executed if no other branch has a matching condition.", - "title": "FailureConditional" + "Latitude": { + "markdownDescription": "A string that evaluates to a double value that represents the latitude of the device's location.", + "title": "Latitude", + "type": "string" }, - "FailureNextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "The next step to take in the conversation if the confirmation step fails.", - "title": "FailureNextStep" + "Longitude": { + "markdownDescription": "A string that evaluates to a double value that represents the longitude of the device's location.", + "title": "Longitude", + "type": "string" }, - "FailureResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input when the intent confirmation fails.", - "title": "FailureResponse" + "RoleArn": { + "markdownDescription": "The IAM role that grants permission to write to the Amazon Location resource.", + "title": "RoleArn", + "type": "string" }, - "IsActive": { - "markdownDescription": "Specifies whether the intent's confirmation is sent to the user. When this field is false, confirmation and declination responses aren't sent. If the `IsActive` field isn't specified, the default is true.", - "title": "IsActive", - "type": "boolean" + "Timestamp": { + "$ref": "#/definitions/AWS::IoT::TopicRule.Timestamp", + "markdownDescription": "The time that the location data was sampled. The default value is the time the MQTT message was processed.", + "title": "Timestamp" }, - "PromptSpecification": { - "$ref": "#/definitions/AWS::Lex::Bot.PromptSpecification", - "markdownDescription": "Prompts the user to confirm the intent. This question should have a yes or no answer.\n\nAmazon Lex uses this prompt to ensure that the user acknowledges that the intent is ready for fulfillment. For example, with the `OrderPizza` intent, you might want to confirm that the order is correct before placing it. For other intents, such as intents that simply respond to user questions, you might not need to ask the user for confirmation before providing the information.", - "title": "PromptSpecification" + "TrackerName": { + "markdownDescription": "The name of the tracker resource in Amazon Location in which the location is updated.", + "title": "TrackerName", + "type": "string" } }, "required": [ - "PromptSpecification" + "DeviceId", + "Latitude", + "Longitude", + "RoleArn", + "TrackerName" ], "type": "object" }, - "AWS::Lex::Bot.IntentOverride": { + "AWS::IoT::TopicRule.OpenSearchAction": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the intent. Only required when you're switching intents.", - "title": "Name", + "Endpoint": { + "markdownDescription": "The endpoint of your OpenSearch domain.", + "title": "Endpoint", "type": "string" }, - "Slots": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.SlotValueOverrideMap" - }, - "markdownDescription": "A map of all of the slot value overrides for the intent. The name of the slot maps to the value of the slot. Slots that are not included in the map aren't overridden.", - "title": "Slots", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Lex::Bot.KendraConfiguration": { - "additionalProperties": false, - "properties": { - "KendraIndex": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Kendra index that you want the `AMAZON.KendraSearchIntent` intent to search. The index must be in the same account and Region as the Amazon Lex bot.", - "title": "KendraIndex", + "Id": { + "markdownDescription": "The unique identifier for the document you are storing.", + "title": "Id", "type": "string" }, - "QueryFilterString": { - "markdownDescription": "A query filter that Amazon Lex sends to Amazon Kendra to filter the response from a query. The filter is in the format defined by Amazon Kendra. For more information, see [Filtering queries](https://docs.aws.amazon.com/kendra/latest/dg/filtering.html) .", - "title": "QueryFilterString", + "Index": { + "markdownDescription": "The OpenSearch index where you want to store your data.", + "title": "Index", "type": "string" }, - "QueryFilterStringEnabled": { - "markdownDescription": "Determines whether the `AMAZON.KendraSearchIntent` intent uses a custom query string to query the Amazon Kendra index.", - "title": "QueryFilterStringEnabled", - "type": "boolean" - } - }, - "required": [ - "KendraIndex" - ], - "type": "object" - }, - "AWS::Lex::Bot.LambdaCodeHook": { - "additionalProperties": false, - "properties": { - "CodeHookInterfaceVersion": { - "markdownDescription": "The version of the request-response that you want Amazon Lex to use to invoke your Lambda function.", - "title": "CodeHookInterfaceVersion", + "RoleArn": { + "markdownDescription": "The IAM role ARN that has access to OpenSearch.", + "title": "RoleArn", "type": "string" }, - "LambdaArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function.", - "title": "LambdaArn", + "Type": { + "markdownDescription": "The type of document you are storing.", + "title": "Type", "type": "string" } }, "required": [ - "CodeHookInterfaceVersion", - "LambdaArn" + "Endpoint", + "Id", + "Index", + "RoleArn", + "Type" ], "type": "object" }, - "AWS::Lex::Bot.Message": { + "AWS::IoT::TopicRule.PutAssetPropertyValueEntry": { "additionalProperties": false, "properties": { - "CustomPayload": { - "$ref": "#/definitions/AWS::Lex::Bot.CustomPayload", - "markdownDescription": "A message in a custom format defined by the client application.", - "title": "CustomPayload" + "AssetId": { + "markdownDescription": "The ID of the AWS IoT SiteWise asset. You must specify either a `propertyAlias` or both an `aliasId` and a `propertyId` . Accepts substitution templates.", + "title": "AssetId", + "type": "string" }, - "ImageResponseCard": { - "$ref": "#/definitions/AWS::Lex::Bot.ImageResponseCard", - "markdownDescription": "A message that defines a response card that the client application can show to the user.", - "title": "ImageResponseCard" + "EntryId": { + "markdownDescription": "Optional. A unique identifier for this entry that you can define to better track which message caused an error in case of failure. Accepts substitution templates. Defaults to a new UUID.", + "title": "EntryId", + "type": "string" }, - "PlainTextMessage": { - "$ref": "#/definitions/AWS::Lex::Bot.PlainTextMessage", - "markdownDescription": "A message in plain text format.", - "title": "PlainTextMessage" + "PropertyAlias": { + "markdownDescription": "The name of the property alias associated with your asset property. You must specify either a `propertyAlias` or both an `aliasId` and a `propertyId` . Accepts substitution templates.", + "title": "PropertyAlias", + "type": "string" }, - "SSMLMessage": { - "$ref": "#/definitions/AWS::Lex::Bot.SSMLMessage", - "markdownDescription": "A message in Speech Synthesis Markup Language (SSML).", - "title": "SSMLMessage" - } - }, - "type": "object" - }, - "AWS::Lex::Bot.MessageGroup": { - "additionalProperties": false, - "properties": { - "Message": { - "$ref": "#/definitions/AWS::Lex::Bot.Message", - "markdownDescription": "The primary message that Amazon Lex should send to the user.", - "title": "Message" + "PropertyId": { + "markdownDescription": "The ID of the asset's property. You must specify either a `propertyAlias` or both an `aliasId` and a `propertyId` . Accepts substitution templates.", + "title": "PropertyId", + "type": "string" }, - "Variations": { + "PropertyValues": { "items": { - "$ref": "#/definitions/AWS::Lex::Bot.Message" + "$ref": "#/definitions/AWS::IoT::TopicRule.AssetPropertyValue" }, - "markdownDescription": "Message variations to send to the user. When variations are defined, Amazon Lex chooses the primary message or one of the variations to send to the user.", - "title": "Variations", + "markdownDescription": "A list of property values to insert that each contain timestamp, quality, and value (TQV) information.", + "title": "PropertyValues", "type": "array" } }, "required": [ - "Message" + "PropertyValues" ], "type": "object" }, - "AWS::Lex::Bot.MultipleValuesSetting": { - "additionalProperties": false, - "properties": { - "AllowMultipleValues": { - "markdownDescription": "Indicates whether a slot can return multiple values. When `true` , the slot may return more than one value in a response. When `false` , the slot returns only a single value.\n\nMulti-value slots are only available in the en-US locale. If you set this value to `true` in any other locale, Amazon Lex throws a `ValidationException` .\n\nIf the `allowMutlipleValues` is not set, the default value is `false` .", - "title": "AllowMultipleValues", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::Lex::Bot.ObfuscationSetting": { + "AWS::IoT::TopicRule.PutItemInput": { "additionalProperties": false, "properties": { - "ObfuscationSettingType": { - "markdownDescription": "Value that determines whether Amazon Lex obscures slot values in conversation logs. The default is to obscure the values.", - "title": "ObfuscationSettingType", + "TableName": { + "markdownDescription": "The table where the message data will be written.", + "title": "TableName", "type": "string" } }, "required": [ - "ObfuscationSettingType" + "TableName" ], "type": "object" }, - "AWS::Lex::Bot.OutputContext": { + "AWS::IoT::TopicRule.RepublishAction": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the output context.", - "title": "Name", - "type": "string" + "Headers": { + "$ref": "#/definitions/AWS::IoT::TopicRule.RepublishActionHeaders", + "markdownDescription": "MQTT Version 5.0 headers information. For more information, see [MQTT](https://docs.aws.amazon.com//iot/latest/developerguide/mqtt.html) in the IoT Core Developer Guide.", + "title": "Headers" }, - "TimeToLiveInSeconds": { - "markdownDescription": "The amount of time, in seconds, that the output context should remain active. The time is figured from the first time the context is sent to the user.", - "title": "TimeToLiveInSeconds", + "Qos": { + "markdownDescription": "The Quality of Service (QoS) level to use when republishing messages. The default value is 0.", + "title": "Qos", "type": "number" }, - "TurnsToLive": { - "markdownDescription": "The number of conversation turns that the output context should remain active. The number of turns is counted from the first time that the context is sent to the user.", - "title": "TurnsToLive", - "type": "number" - } - }, - "required": [ - "Name", - "TimeToLiveInSeconds", - "TurnsToLive" - ], - "type": "object" - }, - "AWS::Lex::Bot.PlainTextMessage": { - "additionalProperties": false, - "properties": { - "Value": { - "markdownDescription": "The message to send to the user.", - "title": "Value", + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that grants access.", + "title": "RoleArn", + "type": "string" + }, + "Topic": { + "markdownDescription": "The name of the MQTT topic.", + "title": "Topic", "type": "string" } }, "required": [ - "Value" + "RoleArn", + "Topic" ], "type": "object" }, - "AWS::Lex::Bot.PostDialogCodeHookInvocationSpecification": { + "AWS::IoT::TopicRule.RepublishActionHeaders": { "additionalProperties": false, "properties": { - "FailureConditional": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", - "markdownDescription": "A list of conditional branches to evaluate after the dialog code hook throws an exception or returns with the `State` field of the `Intent` object set to `Failed` .", - "title": "FailureConditional" - }, - "FailureNextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "Specifies the next step the bot runs after the dialog code hook throws an exception or returns with the `State` field of the `Intent` object set to `Failed` .", - "title": "FailureNextStep" - }, - "FailureResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input when the code hook fails.", - "title": "FailureResponse" - }, - "SuccessConditional": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", - "markdownDescription": "A list of conditional branches to evaluate after the dialog code hook finishes successfully.", - "title": "SuccessConditional" + "ContentType": { + "markdownDescription": "A UTF-8 encoded string that describes the content of the publishing message.\n\nFor more information, see [Content Type](https://docs.aws.amazon.com/https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901118) in the MQTT Version 5.0 specification.\n\nSupports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) .", + "title": "ContentType", + "type": "string" }, - "SuccessNextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "Specifics the next step the bot runs after the dialog code hook finishes successfully.", - "title": "SuccessNextStep" + "CorrelationData": { + "markdownDescription": "The base64-encoded binary data used by the sender of the request message to identify which request the response message is for.\n\nFor more information, see [Correlation Data](https://docs.aws.amazon.com/https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901115) in the MQTT Version 5.0 specification.\n\nSupports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) .\n\n> This binary data must be base64-encoded.", + "title": "CorrelationData", + "type": "string" }, - "SuccessResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond when the code hook succeeds.", - "title": "SuccessResponse" + "MessageExpiry": { + "markdownDescription": "A user-defined integer value that represents the message expiry interval at the broker. If the messages haven't been sent to the subscribers within that interval, the message expires and is removed. The value of `messageExpiry` represents the number of seconds before it expires. For more information about the limits of `messageExpiry` , see [Message broker and protocol limits and quotas](https://docs.aws.amazon.com//general/latest/gr/iot-core.html#limits_iot) in the IoT Core Reference Guide.\n\nSupports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) .", + "title": "MessageExpiry", + "type": "string" }, - "TimeoutConditional": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", - "markdownDescription": "A list of conditional branches to evaluate if the code hook times out.", - "title": "TimeoutConditional" + "PayloadFormatIndicator": { + "markdownDescription": "An `Enum` string value that indicates whether the payload is formatted as UTF-8.\n\nValid values are `UNSPECIFIED_BYTES` and `UTF8_DATA` .\n\nFor more information, see [Payload Format Indicator](https://docs.aws.amazon.com/https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901111) from the MQTT Version 5.0 specification.\n\nSupports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) .", + "title": "PayloadFormatIndicator", + "type": "string" }, - "TimeoutNextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "Specifies the next step that the bot runs when the code hook times out.", - "title": "TimeoutNextStep" + "ResponseTopic": { + "markdownDescription": "A UTF-8 encoded string that's used as the topic name for a response message. The response topic is used to describe the topic to which the receiver should publish as part of the request-response flow. The topic must not contain wildcard characters.\n\nFor more information, see [Response Topic](https://docs.aws.amazon.com/https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901114) in the MQTT Version 5.0 specification.\n\nSupports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) .", + "title": "ResponseTopic", + "type": "string" }, - "TimeoutResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond to the user input when the code hook times out.", - "title": "TimeoutResponse" + "UserProperties": { + "items": { + "$ref": "#/definitions/AWS::IoT::TopicRule.UserProperty" + }, + "markdownDescription": "An array of key-value pairs that you define in the MQTT5 header.", + "title": "UserProperties", + "type": "array" } }, "type": "object" }, - "AWS::Lex::Bot.PostFulfillmentStatusSpecification": { + "AWS::IoT::TopicRule.S3Action": { "additionalProperties": false, "properties": { - "FailureConditional": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", - "markdownDescription": "A list of conditional branches to evaluate after the fulfillment code hook throws an exception or returns with the `State` field of the `Intent` object set to `Failed` .", - "title": "FailureConditional" - }, - "FailureNextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "Specifies the next step the bot runs after the fulfillment code hook throws an exception or returns with the `State` field of the `Intent` object set to `Failed` .", - "title": "FailureNextStep" - }, - "FailureResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond when fulfillment isn't successful.", - "title": "FailureResponse" - }, - "SuccessConditional": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", - "markdownDescription": "A list of conditional branches to evaluate after the fulfillment code hook finishes successfully.", - "title": "SuccessConditional" - }, - "SuccessNextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "Specifies the next step in the conversation that Amazon Lex invokes when the fulfillment code hook completes successfully.", - "title": "SuccessNextStep" - }, - "SuccessResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond when the fulfillment is successful.", - "title": "SuccessResponse" + "BucketName": { + "markdownDescription": "The Amazon S3 bucket.", + "title": "BucketName", + "type": "string" }, - "TimeoutConditional": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", - "markdownDescription": "A list of conditional branches to evaluate if the fulfillment code hook times out.", - "title": "TimeoutConditional" + "CannedAcl": { + "markdownDescription": "The Amazon S3 canned ACL that controls access to the object identified by the object key. For more information, see [S3 canned ACLs](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) .", + "title": "CannedAcl", + "type": "string" }, - "TimeoutNextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "Specifies the next step that the bot runs when the fulfillment code hook times out.", - "title": "TimeoutNextStep" + "Key": { + "markdownDescription": "The object key. For more information, see [Actions, resources, and condition keys for Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/dev/list_amazons3.html) .", + "title": "Key", + "type": "string" }, - "TimeoutResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond when fulfillment isn't completed within the timeout period.", - "title": "TimeoutResponse" + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that grants access.", + "title": "RoleArn", + "type": "string" } }, + "required": [ + "BucketName", + "Key", + "RoleArn" + ], "type": "object" }, - "AWS::Lex::Bot.PromptAttemptSpecification": { + "AWS::IoT::TopicRule.SigV4Authorization": { "additionalProperties": false, "properties": { - "AllowInterrupt": { - "markdownDescription": "Indicates whether the user can interrupt a speech prompt attempt from the bot.", - "title": "AllowInterrupt", - "type": "boolean" - }, - "AllowedInputTypes": { - "$ref": "#/definitions/AWS::Lex::Bot.AllowedInputTypes", - "markdownDescription": "Indicates the allowed input types of the prompt attempt.", - "title": "AllowedInputTypes" + "RoleArn": { + "markdownDescription": "The ARN of the signing role.", + "title": "RoleArn", + "type": "string" }, - "AudioAndDTMFInputSpecification": { - "$ref": "#/definitions/AWS::Lex::Bot.AudioAndDTMFInputSpecification", - "markdownDescription": "Specifies the settings on audio and DTMF input.", - "title": "AudioAndDTMFInputSpecification" + "ServiceName": { + "markdownDescription": "The service name to use while signing with Sig V4.", + "title": "ServiceName", + "type": "string" }, - "TextInputSpecification": { - "$ref": "#/definitions/AWS::Lex::Bot.TextInputSpecification", - "markdownDescription": "Specifies the settings on text input.", - "title": "TextInputSpecification" + "SigningRegion": { + "markdownDescription": "The signing region.", + "title": "SigningRegion", + "type": "string" } }, "required": [ - "AllowedInputTypes" + "RoleArn", + "ServiceName", + "SigningRegion" ], "type": "object" }, - "AWS::Lex::Bot.PromptSpecification": { + "AWS::IoT::TopicRule.SnsAction": { "additionalProperties": false, "properties": { - "AllowInterrupt": { - "markdownDescription": "Indicates whether the user can interrupt a speech prompt from the bot.", - "title": "AllowInterrupt", - "type": "boolean" - }, - "MaxRetries": { - "markdownDescription": "The maximum number of times the bot tries to elicit a response from the user using this prompt.", - "title": "MaxRetries", - "type": "number" - }, - "MessageGroupsList": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.MessageGroup" - }, - "markdownDescription": "A collection of messages that Amazon Lex can send to the user. Amazon Lex chooses the actual message to send at runtime.", - "title": "MessageGroupsList", - "type": "array" + "MessageFormat": { + "markdownDescription": "(Optional) The message format of the message to publish. Accepted values are \"JSON\" and \"RAW\". The default value of the attribute is \"RAW\". SNS uses this setting to determine if the payload should be parsed and relevant platform-specific bits of the payload should be extracted. For more information, see [Amazon SNS Message and JSON Formats](https://docs.aws.amazon.com/sns/latest/dg/json-formats.html) in the *Amazon Simple Notification Service Developer Guide* .", + "title": "MessageFormat", + "type": "string" }, - "MessageSelectionStrategy": { - "markdownDescription": "Indicates how a message is selected from a message group among retries.", - "title": "MessageSelectionStrategy", + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that grants access.", + "title": "RoleArn", "type": "string" }, - "PromptAttemptsSpecification": { - "additionalProperties": false, - "markdownDescription": "Specifies the advanced settings on each attempt of the prompt.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::Lex::Bot.PromptAttemptSpecification" - } - }, - "title": "PromptAttemptsSpecification", - "type": "object" + "TargetArn": { + "markdownDescription": "The ARN of the SNS topic.", + "title": "TargetArn", + "type": "string" } }, "required": [ - "MaxRetries", - "MessageGroupsList" + "RoleArn", + "TargetArn" ], "type": "object" }, - "AWS::Lex::Bot.ResponseSpecification": { + "AWS::IoT::TopicRule.SqsAction": { "additionalProperties": false, "properties": { - "AllowInterrupt": { - "markdownDescription": "Indicates whether the user can interrupt a speech response from Amazon Lex.", - "title": "AllowInterrupt", - "type": "boolean" + "QueueUrl": { + "markdownDescription": "The URL of the Amazon SQS queue.", + "title": "QueueUrl", + "type": "string" }, - "MessageGroupsList": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.MessageGroup" - }, - "markdownDescription": "A collection of responses that Amazon Lex can send to the user. Amazon Lex chooses the actual response to send at runtime.", - "title": "MessageGroupsList", - "type": "array" + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that grants access.", + "title": "RoleArn", + "type": "string" + }, + "UseBase64": { + "markdownDescription": "Specifies whether to use Base64 encoding.", + "title": "UseBase64", + "type": "boolean" } }, "required": [ - "MessageGroupsList" + "QueueUrl", + "RoleArn" ], "type": "object" }, - "AWS::Lex::Bot.S3BucketLogDestination": { + "AWS::IoT::TopicRule.StepFunctionsAction": { "additionalProperties": false, "properties": { - "KmsKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Key Management Service (KMS) key for encrypting audio log files stored in an Amazon S3 bucket.", - "title": "KmsKeyArn", + "ExecutionNamePrefix": { + "markdownDescription": "(Optional) A name will be given to the state machine execution consisting of this prefix followed by a UUID. Step Functions automatically creates a unique name for each state machine execution if one is not provided.", + "title": "ExecutionNamePrefix", "type": "string" }, - "LogPrefix": { - "markdownDescription": "The S3 prefix to assign to audio log files.", - "title": "LogPrefix", + "RoleArn": { + "markdownDescription": "The ARN of the role that grants IoT permission to start execution of a state machine (\"Action\":\"states:StartExecution\").", + "title": "RoleArn", "type": "string" }, - "S3BucketArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an Amazon S3 bucket where audio log files are stored.", - "title": "S3BucketArn", + "StateMachineName": { + "markdownDescription": "The name of the Step Functions state machine whose execution will be started.", + "title": "StateMachineName", "type": "string" } }, "required": [ - "LogPrefix", - "S3BucketArn" + "RoleArn", + "StateMachineName" ], "type": "object" }, - "AWS::Lex::Bot.S3Location": { + "AWS::IoT::TopicRule.Timestamp": { "additionalProperties": false, "properties": { - "S3Bucket": { - "markdownDescription": "The S3 bucket name.", - "title": "S3Bucket", - "type": "string" - }, - "S3ObjectKey": { - "markdownDescription": "The path and file name to the object in the S3 bucket.", - "title": "S3ObjectKey", + "Unit": { + "markdownDescription": "The precision of the timestamp value that results from the expression described in `value` .", + "title": "Unit", "type": "string" }, - "S3ObjectVersion": { - "markdownDescription": "The version of the object in the S3 bucket.", - "title": "S3ObjectVersion", + "Value": { + "markdownDescription": "An expression that returns a long epoch time value.", + "title": "Value", "type": "string" } }, "required": [ - "S3Bucket", - "S3ObjectKey" + "Value" ], "type": "object" }, - "AWS::Lex::Bot.SSMLMessage": { + "AWS::IoT::TopicRule.TimestreamAction": { "additionalProperties": false, "properties": { - "Value": { - "markdownDescription": "The SSML text that defines the prompt.", - "title": "Value", + "DatabaseName": { + "markdownDescription": "The name of an Amazon Timestream database that has the table to write records into.", + "title": "DatabaseName", + "type": "string" + }, + "Dimensions": { + "items": { + "$ref": "#/definitions/AWS::IoT::TopicRule.TimestreamDimension" + }, + "markdownDescription": "Metadata attributes of the time series that are written in each measure record.", + "title": "Dimensions", + "type": "array" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role that grants AWS IoT permission to write to the Timestream database table.", + "title": "RoleArn", + "type": "string" + }, + "TableName": { + "markdownDescription": "The table where the message data will be written.", + "title": "TableName", "type": "string" + }, + "Timestamp": { + "$ref": "#/definitions/AWS::IoT::TopicRule.TimestreamTimestamp", + "markdownDescription": "The value to use for the entry's timestamp. If blank, the time that the entry was processed is used.", + "title": "Timestamp" } }, "required": [ - "Value" + "DatabaseName", + "Dimensions", + "RoleArn", + "TableName" ], "type": "object" }, - "AWS::Lex::Bot.SampleUtterance": { + "AWS::IoT::TopicRule.TimestreamDimension": { "additionalProperties": false, "properties": { - "Utterance": { - "markdownDescription": "A sample utterance that invokes an intent or respond to a slot elicitation prompt.", - "title": "Utterance", + "Name": { + "markdownDescription": "The metadata dimension name. This is the name of the column in the Amazon Timestream database table record.", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The value to write in this column of the database record.", + "title": "Value", "type": "string" } }, "required": [ - "Utterance" + "Name", + "Value" ], "type": "object" }, - "AWS::Lex::Bot.SampleValue": { + "AWS::IoT::TopicRule.TimestreamTimestamp": { "additionalProperties": false, "properties": { + "Unit": { + "markdownDescription": "The precision of the timestamp value that results from the expression described in `value` .", + "title": "Unit", + "type": "string" + }, "Value": { - "markdownDescription": "The value that can be used for a slot type.", + "markdownDescription": "An expression that returns a long epoch time value.", "title": "Value", "type": "string" } }, "required": [ + "Unit", "Value" ], "type": "object" }, - "AWS::Lex::Bot.SentimentAnalysisSettings": { + "AWS::IoT::TopicRule.TopicRulePayload": { "additionalProperties": false, "properties": { - "DetectSentiment": { - "markdownDescription": "Sets whether Amazon Lex uses Amazon Comprehend to detect the sentiment of user utterances.", - "title": "DetectSentiment", + "Actions": { + "items": { + "$ref": "#/definitions/AWS::IoT::TopicRule.Action" + }, + "markdownDescription": "The actions associated with the rule.", + "title": "Actions", + "type": "array" + }, + "AwsIotSqlVersion": { + "markdownDescription": "The version of the SQL rules engine to use when evaluating the rule.\n\nThe default value is 2015-10-08.", + "title": "AwsIotSqlVersion", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the rule.", + "title": "Description", + "type": "string" + }, + "ErrorAction": { + "$ref": "#/definitions/AWS::IoT::TopicRule.Action", + "markdownDescription": "The action to take when an error occurs.", + "title": "ErrorAction" + }, + "RuleDisabled": { + "markdownDescription": "Specifies whether the rule is disabled.", + "title": "RuleDisabled", "type": "boolean" + }, + "Sql": { + "markdownDescription": "The SQL statement used to query the topic. For more information, see [AWS IoT SQL Reference](https://docs.aws.amazon.com/iot/latest/developerguide/iot-sql-reference.html) in the *AWS IoT Developer Guide* .", + "title": "Sql", + "type": "string" } }, "required": [ - "DetectSentiment" + "Actions", + "Sql" ], "type": "object" }, - "AWS::Lex::Bot.SessionAttribute": { + "AWS::IoT::TopicRule.UserProperty": { "additionalProperties": false, "properties": { "Key": { - "markdownDescription": "The name of the session attribute.", + "markdownDescription": "A key to be specified in `UserProperty` .", "title": "Key", "type": "string" }, "Value": { - "markdownDescription": "The session-specific context information for the session attribute.", + "markdownDescription": "A value to be specified in `UserProperty` .", "title": "Value", "type": "string" } }, "required": [ - "Key" + "Key", + "Value" ], "type": "object" }, - "AWS::Lex::Bot.Slot": { + "AWS::IoT::TopicRuleDestination": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the slot.", - "title": "Description", - "type": "string" - }, - "MultipleValuesSetting": { - "$ref": "#/definitions/AWS::Lex::Bot.MultipleValuesSetting", - "markdownDescription": "Indicates whether a slot can return multiple values.", - "title": "MultipleValuesSetting" - }, - "Name": { - "markdownDescription": "The name given to the slot.", - "title": "Name", + "Condition": { "type": "string" }, - "ObfuscationSetting": { - "$ref": "#/definitions/AWS::Lex::Bot.ObfuscationSetting", - "markdownDescription": "Determines whether the contents of the slot are obfuscated in Amazon CloudWatch Logs logs. Use obfuscated slots to protect information such as personally identifiable information (PII) in logs.", - "title": "ObfuscationSetting" - }, - "SlotTypeName": { - "markdownDescription": "The name of the slot type that this slot is based on. The slot type defines the acceptable values for the slot.", - "title": "SlotTypeName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ValueElicitationSetting": { - "$ref": "#/definitions/AWS::Lex::Bot.SlotValueElicitationSetting", - "markdownDescription": "Determines the slot resolution strategy that Amazon Lex uses to return slot type values. The field can be set to one of the following values:\n\n- ORIGINAL_VALUE - Returns the value entered by the user, if the user value is similar to a slot value.\n- TOP_RESOLUTION - If there is a resolution list for the slot, return the first value in the resolution list as the slot type value. If there is no resolution list, null is returned.\n\nIf you don't specify the `valueSelectionStrategy` , the default is `ORIGINAL_VALUE` .", - "title": "ValueElicitationSetting" - } - }, - "required": [ - "Name", - "SlotTypeName", - "ValueElicitationSetting" - ], - "type": "object" - }, - "AWS::Lex::Bot.SlotCaptureSetting": { - "additionalProperties": false, - "properties": { - "CaptureConditional": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", - "markdownDescription": "A list of conditional branches to evaluate after the slot value is captured.", - "title": "CaptureConditional" - }, - "CaptureNextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "Specifies the next step that the bot runs when the slot value is captured before the code hook times out.", - "title": "CaptureNextStep" - }, - "CaptureResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input.", - "title": "CaptureResponse" - }, - "CodeHook": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogCodeHookInvocationSetting", - "markdownDescription": "Code hook called after Amazon Lex successfully captures a slot value.", - "title": "CodeHook" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ElicitationCodeHook": { - "$ref": "#/definitions/AWS::Lex::Bot.ElicitationCodeHookInvocationSetting", - "markdownDescription": "Code hook called when Amazon Lex doesn't capture a slot value.", - "title": "ElicitationCodeHook" + "Metadata": { + "type": "object" }, - "FailureConditional": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", - "markdownDescription": "A list of conditional branches to evaluate when the slot value isn't captured.", - "title": "FailureConditional" + "Properties": { + "additionalProperties": false, + "properties": { + "HttpUrlProperties": { + "$ref": "#/definitions/AWS::IoT::TopicRuleDestination.HttpUrlDestinationSummary", + "markdownDescription": "Properties of the HTTP URL.", + "title": "HttpUrlProperties" + }, + "Status": { + "markdownDescription": "- **IN_PROGRESS** - A topic rule destination was created but has not been confirmed. You can set status to `IN_PROGRESS` by calling `UpdateTopicRuleDestination` . Calling `UpdateTopicRuleDestination` causes a new confirmation challenge to be sent to your confirmation endpoint.\n- **ENABLED** - Confirmation was completed, and traffic to this destination is allowed. You can set status to `DISABLED` by calling `UpdateTopicRuleDestination` .\n- **DISABLED** - Confirmation was completed, and traffic to this destination is not allowed. You can set status to `ENABLED` by calling `UpdateTopicRuleDestination` .\n- **ERROR** - Confirmation could not be completed; for example, if the confirmation timed out. You can call `GetTopicRuleDestination` for details about the error. You can set status to `IN_PROGRESS` by calling `UpdateTopicRuleDestination` . Calling `UpdateTopicRuleDestination` causes a new confirmation challenge to be sent to your confirmation endpoint.", + "title": "Status", + "type": "string" + }, + "VpcProperties": { + "$ref": "#/definitions/AWS::IoT::TopicRuleDestination.VpcDestinationProperties", + "markdownDescription": "Properties of the virtual private cloud (VPC) connection.", + "title": "VpcProperties" + } + }, + "type": "object" }, - "FailureNextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "Specifies the next step that the bot runs when the slot value code is not recognized.", - "title": "FailureNextStep" + "Type": { + "enum": [ + "AWS::IoT::TopicRuleDestination" + ], + "type": "string" }, - "FailureResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input when the slot fails to be captured.", - "title": "FailureResponse" - } - }, - "type": "object" - }, - "AWS::Lex::Bot.SlotDefaultValue": { - "additionalProperties": false, - "properties": { - "DefaultValue": { - "markdownDescription": "The default value to use when a user doesn't provide a value for a slot.", - "title": "DefaultValue", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "DefaultValue" - ], - "type": "object" - }, - "AWS::Lex::Bot.SlotDefaultValueSpecification": { - "additionalProperties": false, - "properties": { - "DefaultValueList": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.SlotDefaultValue" - }, - "markdownDescription": "A list of default values. Amazon Lex chooses the default value to use in the order that they are presented in the list.", - "title": "DefaultValueList", - "type": "array" - } - }, - "required": [ - "DefaultValueList" + "Type" ], "type": "object" }, - "AWS::Lex::Bot.SlotPriority": { + "AWS::IoT::TopicRuleDestination.HttpUrlDestinationSummary": { "additionalProperties": false, "properties": { - "Priority": { - "markdownDescription": "The priority that Amazon Lex should apply to the slot.", - "title": "Priority", - "type": "number" - }, - "SlotName": { - "markdownDescription": "The name of the slot.", - "title": "SlotName", + "ConfirmationUrl": { + "markdownDescription": "The URL used to confirm the HTTP topic rule destination URL.", + "title": "ConfirmationUrl", "type": "string" } }, - "required": [ - "Priority", - "SlotName" - ], "type": "object" }, - "AWS::Lex::Bot.SlotType": { + "AWS::IoT::TopicRuleDestination.VpcDestinationProperties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the slot type. Use the description to help identify the slot type in lists.", - "title": "Description", - "type": "string" - }, - "ExternalSourceSetting": { - "$ref": "#/definitions/AWS::Lex::Bot.ExternalSourceSetting", - "markdownDescription": "Sets the type of external information used to create the slot type.", - "title": "ExternalSourceSetting" - }, - "Name": { - "markdownDescription": "The name of the slot type. A slot type name must be unique withing the account.", - "title": "Name", - "type": "string" - }, - "ParentSlotTypeSignature": { - "markdownDescription": "The built-in slot type used as a parent of this slot type. When you define a parent slot type, the new slot type has the configuration of the parent lot type.\n\nOnly `AMAZON.AlphaNumeric` is supported.", - "title": "ParentSlotTypeSignature", + "RoleArn": { + "markdownDescription": "The ARN of a role that has permission to create and attach to elastic network interfaces (ENIs).", + "title": "RoleArn", "type": "string" }, - "SlotTypeValues": { + "SecurityGroups": { "items": { - "$ref": "#/definitions/AWS::Lex::Bot.SlotTypeValue" + "type": "string" }, - "markdownDescription": "A list of SlotTypeValue objects that defines the values that the slot type can take. Each value can have a list of synonyms, additional values that help train the machine learning model about the values that it resolves for the slot.", - "title": "SlotTypeValues", + "markdownDescription": "The security groups of the VPC destination.", + "title": "SecurityGroups", "type": "array" }, - "ValueSelectionSetting": { - "$ref": "#/definitions/AWS::Lex::Bot.SlotValueSelectionSetting", - "markdownDescription": "Determines the slot resolution strategy that Amazon Lex uses to return slot type values. The field can be set to one of the following values:\n\n- `ORIGINAL_VALUE` - Returns the value entered by the user, if the user value is similar to the slot value.\n- `TOP_RESOLUTION` - If there is a resolution list for the slot, return the first value in the resolution list as the slot type value. If there is no resolution list, null is returned.\n\nIf you don't specify the `valueSelectionStrategy` , the default is `ORIGINAL_VALUE` .", - "title": "ValueSelectionSetting" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "AWS::Lex::Bot.SlotTypeValue": { - "additionalProperties": false, - "properties": { - "SampleValue": { - "$ref": "#/definitions/AWS::Lex::Bot.SampleValue", - "markdownDescription": "The value of the slot type entry.", - "title": "SampleValue" - }, - "Synonyms": { + "SubnetIds": { "items": { - "$ref": "#/definitions/AWS::Lex::Bot.SampleValue" + "type": "string" }, - "markdownDescription": "Additional values related to the slot type entry.", - "title": "Synonyms", + "markdownDescription": "The subnet IDs of the VPC destination.", + "title": "SubnetIds", "type": "array" - } - }, - "required": [ - "SampleValue" - ], - "type": "object" - }, - "AWS::Lex::Bot.SlotValue": { - "additionalProperties": false, - "properties": { - "InterpretedValue": { - "markdownDescription": "The value that Amazon Lex determines for the slot. The actual value depends on the setting of the value selection strategy for the bot. You can choose to use the value entered by the user, or you can have Amazon Lex choose the first value in the `resolvedValues` list.", - "title": "InterpretedValue", + }, + "VpcId": { + "markdownDescription": "The ID of the VPC.", + "title": "VpcId", "type": "string" } }, "type": "object" }, - "AWS::Lex::Bot.SlotValueElicitationSetting": { + "AWS::IoTAnalytics::Channel": { "additionalProperties": false, "properties": { - "DefaultValueSpecification": { - "$ref": "#/definitions/AWS::Lex::Bot.SlotDefaultValueSpecification", - "markdownDescription": "A list of default values for a slot. Default values are used when Amazon Lex hasn't determined a value for a slot. You can specify default values from context variables, session attributes, and defined values.", - "title": "DefaultValueSpecification" - }, - "PromptSpecification": { - "$ref": "#/definitions/AWS::Lex::Bot.PromptSpecification", - "markdownDescription": "The prompt that Amazon Lex uses to elicit the slot value from the user.", - "title": "PromptSpecification" - }, - "SampleUtterances": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.SampleUtterance" - }, - "markdownDescription": "If you know a specific pattern that users might respond to an Amazon Lex request for a slot value, you can provide those utterances to improve accuracy. This is optional. In most cases, Amazon Lex is capable of understanding user utterances.", - "title": "SampleUtterances", - "type": "array" - }, - "SlotCaptureSetting": { - "$ref": "#/definitions/AWS::Lex::Bot.SlotCaptureSetting", - "markdownDescription": "Specifies the settings that Amazon Lex uses when a slot value is successfully entered by a user.", - "title": "SlotCaptureSetting" - }, - "SlotConstraint": { - "markdownDescription": "Specifies whether the slot is required or optional.", - "title": "SlotConstraint", + "Condition": { "type": "string" }, - "WaitAndContinueSpecification": { - "$ref": "#/definitions/AWS::Lex::Bot.WaitAndContinueSpecification", - "markdownDescription": "Specifies the prompts that Amazon Lex uses while a bot is waiting for customer input.", - "title": "WaitAndContinueSpecification" - } - }, - "required": [ - "SlotConstraint" - ], - "type": "object" - }, - "AWS::Lex::Bot.SlotValueOverride": { - "additionalProperties": false, - "properties": { - "Shape": { - "markdownDescription": "When the shape value is `List` , it indicates that the `values` field contains a list of slot values. When the value is `Scalar` , it indicates that the `value` field contains a single value.", - "title": "Shape", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Value": { - "$ref": "#/definitions/AWS::Lex::Bot.SlotValue", - "markdownDescription": "The current value of the slot.", - "title": "Value" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.SlotValueOverride" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ChannelName": { + "markdownDescription": "The name of the channel.", + "title": "ChannelName", + "type": "string" + }, + "ChannelStorage": { + "$ref": "#/definitions/AWS::IoTAnalytics::Channel.ChannelStorage", + "markdownDescription": "Where channel data is stored.", + "title": "ChannelStorage" + }, + "RetentionPeriod": { + "$ref": "#/definitions/AWS::IoTAnalytics::Channel.RetentionPeriod", + "markdownDescription": "How long, in days, message data is kept for the channel.", + "title": "RetentionPeriod" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata which can be used to manage the channel.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "A list of one or more values that the user provided for the slot. For example, for a slot that elicits pizza toppings, the values might be \"pepperoni\" and \"pineapple.\"", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Lex::Bot.SlotValueOverrideMap": { - "additionalProperties": false, - "properties": { - "SlotName": { - "markdownDescription": "The name of the slot.", - "title": "SlotName", - "type": "string" + "type": "object" }, - "SlotValueOverride": { - "$ref": "#/definitions/AWS::Lex::Bot.SlotValueOverride", - "markdownDescription": "The SlotValueOverride object to which the slot name will be mapped.", - "title": "SlotValueOverride" - } - }, - "type": "object" - }, - "AWS::Lex::Bot.SlotValueRegexFilter": { - "additionalProperties": false, - "properties": { - "Pattern": { - "markdownDescription": "A regular expression used to validate the value of a slot.\n\nUse a standard regular expression. Amazon Lex supports the following characters in the regular expression:\n\n- A-Z, a-z\n- 0-9\n- Unicode characters (\"\\\u2060u\")\n\nRepresent Unicode characters with four digits, for example \"\\\u2060u0041\" or \"\\\u2060u005A\".\n\nThe following regular expression operators are not supported:\n\n- Infinite repeaters: *, +, or {x,} with no upper bound.\n- Wild card (.)", - "title": "Pattern", + "Type": { + "enum": [ + "AWS::IoTAnalytics::Channel" + ], "type": "string" - } - }, - "required": [ - "Pattern" - ], - "type": "object" - }, - "AWS::Lex::Bot.SlotValueSelectionSetting": { - "additionalProperties": false, - "properties": { - "AdvancedRecognitionSetting": { - "$ref": "#/definitions/AWS::Lex::Bot.AdvancedRecognitionSetting", - "markdownDescription": "Provides settings that enable advanced recognition settings for slot values. You can use this to enable using slot values as a custom vocabulary for recognizing user utterances.", - "title": "AdvancedRecognitionSetting" - }, - "RegexFilter": { - "$ref": "#/definitions/AWS::Lex::Bot.SlotValueRegexFilter", - "markdownDescription": "A regular expression used to validate the value of a slot.", - "title": "RegexFilter" }, - "ResolutionStrategy": { - "markdownDescription": "Determines the slot resolution strategy that Amazon Lex uses to return slot type values. The field can be set to one of the following values:\n\n- `ORIGINAL_VALUE` - Returns the value entered by the user, if the user value is similar to the slot value.\n- `TOP_RESOLUTION` - If there is a resolution list for the slot, return the first value in the resolution list as the slot type value. If there is no resolution list, null is returned.\n\nIf you don't specify the `valueSelectionStrategy` , the default is `ORIGINAL_VALUE` .", - "title": "ResolutionStrategy", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ResolutionStrategy" + "Type" ], "type": "object" }, - "AWS::Lex::Bot.StillWaitingResponseSpecification": { + "AWS::IoTAnalytics::Channel.ChannelStorage": { "additionalProperties": false, "properties": { - "AllowInterrupt": { - "markdownDescription": "Indicates that the user can interrupt the response by speaking while the message is being played.", - "title": "AllowInterrupt", - "type": "boolean" - }, - "FrequencyInSeconds": { - "markdownDescription": "How often a message should be sent to the user. Minimum of 1 second, maximum of 5 minutes.", - "title": "FrequencyInSeconds", - "type": "number" - }, - "MessageGroupsList": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.MessageGroup" - }, - "markdownDescription": "One or more message groups, each containing one or more messages, that define the prompts that Amazon Lex sends to the user.", - "title": "MessageGroupsList", - "type": "array" + "CustomerManagedS3": { + "$ref": "#/definitions/AWS::IoTAnalytics::Channel.CustomerManagedS3", + "markdownDescription": "Used to store channel data in an S3 bucket that you manage. If customer managed storage is selected, the `retentionPeriod` parameter is ignored. You can't change the choice of S3 storage after the data store is created.", + "title": "CustomerManagedS3" }, - "TimeoutInSeconds": { - "markdownDescription": "If Amazon Lex waits longer than this length of time for a response, it will stop sending messages.", - "title": "TimeoutInSeconds", - "type": "number" + "ServiceManagedS3": { + "markdownDescription": "Used to store channel data in an S3 bucket managed by AWS IoT Analytics . You can't change the choice of S3 storage after the data store is created.", + "title": "ServiceManagedS3", + "type": "object" } }, - "required": [ - "FrequencyInSeconds", - "MessageGroupsList", - "TimeoutInSeconds" - ], "type": "object" }, - "AWS::Lex::Bot.TestBotAliasSettings": { + "AWS::IoTAnalytics::Channel.CustomerManagedS3": { "additionalProperties": false, "properties": { - "BotAliasLocaleSettings": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.BotAliasLocaleSettingsItem" - }, - "markdownDescription": "Specifies settings that are unique to a locale. For example, you can use a different Lambda function depending on the bot's locale.", - "title": "BotAliasLocaleSettings", - "type": "array" - }, - "ConversationLogSettings": { - "$ref": "#/definitions/AWS::Lex::Bot.ConversationLogSettings", - "markdownDescription": "Specifies settings for conversation logs that save audio, text, and metadata information for conversations with your users.", - "title": "ConversationLogSettings" - }, - "Description": { - "markdownDescription": "Specifies a description for the test bot alias.", - "title": "Description", + "Bucket": { + "markdownDescription": "The name of the S3 bucket in which channel data is stored.", + "title": "Bucket", "type": "string" }, - "SentimentAnalysisSettings": { - "$ref": "#/definitions/AWS::Lex::Bot.SentimentAnalysisSettings", - "markdownDescription": "Specifies whether Amazon Lex will use Amazon Comprehend to detect the sentiment of user utterances.", - "title": "SentimentAnalysisSettings" - } - }, - "type": "object" - }, - "AWS::Lex::Bot.TextInputSpecification": { - "additionalProperties": false, - "properties": { - "StartTimeoutMs": { - "markdownDescription": "Time for which a bot waits before re-prompting a customer for text input.", - "title": "StartTimeoutMs", - "type": "number" - } - }, - "required": [ - "StartTimeoutMs" - ], - "type": "object" - }, - "AWS::Lex::Bot.TextLogDestination": { - "additionalProperties": false, - "properties": { - "CloudWatch": { - "$ref": "#/definitions/AWS::Lex::Bot.CloudWatchLogGroupLogDestination", - "markdownDescription": "Defines the Amazon CloudWatch Logs log group where text and metadata logs are delivered.", - "title": "CloudWatch" - } - }, - "required": [ - "CloudWatch" - ], - "type": "object" - }, - "AWS::Lex::Bot.TextLogSetting": { - "additionalProperties": false, - "properties": { - "Destination": { - "$ref": "#/definitions/AWS::Lex::Bot.TextLogDestination", - "markdownDescription": "Specifies the Amazon CloudWatch Logs destination log group for conversation text logs.", - "title": "Destination" - }, - "Enabled": { - "markdownDescription": "Determines whether conversation logs should be stored for an alias.", - "title": "Enabled", - "type": "boolean" - } - }, - "required": [ - "Destination", - "Enabled" - ], - "type": "object" - }, - "AWS::Lex::Bot.VoiceSettings": { - "additionalProperties": false, - "properties": { - "Engine": { - "markdownDescription": "Indicates the type of Amazon Polly voice that Amazon Lex should use for voice interaction with the user. For more information, see the [`engine` parameter of the `SynthesizeSpeech` operation](https://docs.aws.amazon.com/polly/latest/dg/API_SynthesizeSpeech.html#polly-SynthesizeSpeech-request-Engine) in the *Amazon Polly developer guide* .\n\nIf you do not specify a value, the default is `standard` .", - "title": "Engine", + "KeyPrefix": { + "markdownDescription": "(Optional) The prefix used to create the keys of the channel data objects. Each object in an S3 bucket has a key that is its unique identifier within the bucket (each object in a bucket has exactly one key). The prefix must end with a forward slash (/).", + "title": "KeyPrefix", "type": "string" }, - "VoiceId": { - "markdownDescription": "The identifier of the Amazon Polly voice to use.", - "title": "VoiceId", + "RoleArn": { + "markdownDescription": "The ARN of the role that grants AWS IoT Analytics permission to interact with your Amazon S3 resources.", + "title": "RoleArn", "type": "string" } }, "required": [ - "VoiceId" + "Bucket", + "RoleArn" ], "type": "object" }, - "AWS::Lex::Bot.WaitAndContinueSpecification": { + "AWS::IoTAnalytics::Channel.RetentionPeriod": { "additionalProperties": false, "properties": { - "ContinueResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "The response that Amazon Lex sends to indicate that the bot is ready to continue the conversation.", - "title": "ContinueResponse" + "NumberOfDays": { + "markdownDescription": "The number of days that message data is kept. The `unlimited` parameter must be false.", + "title": "NumberOfDays", + "type": "number" }, - "IsActive": { - "markdownDescription": "Specifies whether the bot will wait for a user to respond. When this field is false, wait and continue responses for a slot aren't used. If the `IsActive` field isn't specified, the default is true.", - "title": "IsActive", + "Unlimited": { + "markdownDescription": "If true, message data is kept indefinitely.", + "title": "Unlimited", "type": "boolean" - }, - "StillWaitingResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.StillWaitingResponseSpecification", - "markdownDescription": "A response that Amazon Lex sends periodically to the user to indicate that the bot is still waiting for input from the user.", - "title": "StillWaitingResponse" - }, - "WaitingResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "The response that Amazon Lex sends to indicate that the bot is waiting for the conversation to continue.", - "title": "WaitingResponse" } }, - "required": [ - "ContinueResponse", - "WaitingResponse" - ], "type": "object" }, - "AWS::Lex::BotAlias": { + "AWS::IoTAnalytics::Dataset": { "additionalProperties": false, "properties": { "Condition": { @@ -145933,62 +150257,70 @@ "Properties": { "additionalProperties": false, "properties": { - "BotAliasLocaleSettings": { + "Actions": { "items": { - "$ref": "#/definitions/AWS::Lex::BotAlias.BotAliasLocaleSettingsItem" + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.Action" }, - "markdownDescription": "Specifies settings that are unique to a locale. For example, you can use different Lambda function depending on the bot's locale.", - "title": "BotAliasLocaleSettings", + "markdownDescription": "The `DatasetAction` objects that automatically create the dataset contents.", + "title": "Actions", "type": "array" }, - "BotAliasName": { - "markdownDescription": "The name of the bot alias.", - "title": "BotAliasName", - "type": "string" - }, - "BotAliasTags": { + "ContentDeliveryRules": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.DatasetContentDeliveryRule" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nYou can only add tags when you specify an alias.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "BotAliasTags", + "markdownDescription": "When dataset contents are created they are delivered to destinations specified here.", + "title": "ContentDeliveryRules", "type": "array" }, - "BotId": { - "markdownDescription": "The unique identifier of the bot.", - "title": "BotId", + "DatasetName": { + "markdownDescription": "The name of the dataset.", + "title": "DatasetName", "type": "string" }, - "BotVersion": { - "markdownDescription": "The version of the bot that the bot alias references.", - "title": "BotVersion", - "type": "string" + "LateDataRules": { + "items": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.LateDataRule" + }, + "markdownDescription": "A list of data rules that send notifications to CloudWatch, when data arrives late. To specify `lateDataRules` , the dataset must use a [DeltaTimer](https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_DeltaTime.html) filter.", + "title": "LateDataRules", + "type": "array" }, - "ConversationLogSettings": { - "$ref": "#/definitions/AWS::Lex::BotAlias.ConversationLogSettings", - "markdownDescription": "Specifies whether Amazon Lex logs text and audio for conversations with the bot. When you enable conversation logs, text logs store text input, transcripts of audio input, and associated metadata in Amazon CloudWatch logs. Audio logs store input in Amazon S3 .", - "title": "ConversationLogSettings" + "RetentionPeriod": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.RetentionPeriod", + "markdownDescription": "Optional. How long, in days, message data is kept for the dataset.", + "title": "RetentionPeriod" }, - "Description": { - "markdownDescription": "The description of the bot alias.", - "title": "Description", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata which can be used to manage the data set.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" }, - "SentimentAnalysisSettings": { - "$ref": "#/definitions/AWS::Lex::BotAlias.SentimentAnalysisSettings", - "markdownDescription": "Determines whether Amazon Lex will use Amazon Comprehend to detect the sentiment of user utterances.", - "title": "SentimentAnalysisSettings" + "Triggers": { + "items": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.Trigger" + }, + "markdownDescription": "The `DatasetTrigger` objects that specify when the dataset is automatically updated.", + "title": "Triggers", + "type": "array" + }, + "VersioningConfiguration": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.VersioningConfiguration", + "markdownDescription": "Optional. How many versions of dataset contents are kept. If not specified or set to null, only the latest version plus the latest succeeded version (if they are different) are kept for the time period specified by the `retentionPeriod` parameter. For more information, see [Keeping Multiple Versions of AWS IoT Analytics datasets](https://docs.aws.amazon.com/iotanalytics/latest/userguide/getting-started.html#aws-iot-analytics-dataset-versions) in the *AWS IoT Analytics User Guide* .", + "title": "VersioningConfiguration" } }, "required": [ - "BotAliasName", - "BotId" + "Actions" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lex::BotAlias" + "AWS::IoTAnalytics::Dataset" ], "type": "string" }, @@ -146007,417 +150339,426 @@ ], "type": "object" }, - "AWS::Lex::BotAlias.AudioLogDestination": { + "AWS::IoTAnalytics::Dataset.Action": { "additionalProperties": false, "properties": { - "S3Bucket": { - "$ref": "#/definitions/AWS::Lex::BotAlias.S3BucketLogDestination", - "markdownDescription": "The S3 bucket location where audio logs are stored.", - "title": "S3Bucket" + "ActionName": { + "markdownDescription": "The name of the data set action by which data set contents are automatically created.", + "title": "ActionName", + "type": "string" + }, + "ContainerAction": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.ContainerAction", + "markdownDescription": "Information which allows the system to run a containerized application in order to create the data set contents. The application must be in a Docker container along with any needed support libraries.", + "title": "ContainerAction" + }, + "QueryAction": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.QueryAction", + "markdownDescription": "An \"SqlQueryDatasetAction\" object that uses an SQL query to automatically create data set contents.", + "title": "QueryAction" } }, "required": [ - "S3Bucket" + "ActionName" ], "type": "object" }, - "AWS::Lex::BotAlias.AudioLogSetting": { + "AWS::IoTAnalytics::Dataset.ContainerAction": { "additionalProperties": false, "properties": { - "Destination": { - "$ref": "#/definitions/AWS::Lex::BotAlias.AudioLogDestination", - "markdownDescription": "The location of audio log files collected when conversation logging is enabled for a bot.", - "title": "Destination" + "ExecutionRoleArn": { + "markdownDescription": "The ARN of the role which gives permission to the system to access needed resources in order to run the \"containerAction\". This includes, at minimum, permission to retrieve the data set contents which are the input to the containerized application.", + "title": "ExecutionRoleArn", + "type": "string" }, - "Enabled": { - "markdownDescription": "Determines whether audio logging in enabled for the bot.", - "title": "Enabled", - "type": "boolean" + "Image": { + "markdownDescription": "The ARN of the Docker container stored in your account. The Docker container contains an application and needed support libraries and is used to generate data set contents.", + "title": "Image", + "type": "string" + }, + "ResourceConfiguration": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.ResourceConfiguration", + "markdownDescription": "Configuration of the resource which executes the \"containerAction\".", + "title": "ResourceConfiguration" + }, + "Variables": { + "items": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.Variable" + }, + "markdownDescription": "The values of variables used within the context of the execution of the containerized application (basically, parameters passed to the application). Each variable must have a name and a value given by one of \"stringValue\", \"datasetContentVersionValue\", or \"outputFileUriValue\".", + "title": "Variables", + "type": "array" } }, "required": [ - "Destination", - "Enabled" + "ExecutionRoleArn", + "Image", + "ResourceConfiguration" ], "type": "object" }, - "AWS::Lex::BotAlias.BotAliasLocaleSettings": { + "AWS::IoTAnalytics::Dataset.DatasetContentDeliveryRule": { "additionalProperties": false, "properties": { - "CodeHookSpecification": { - "$ref": "#/definitions/AWS::Lex::BotAlias.CodeHookSpecification", - "markdownDescription": "Specifies the Lambda function that should be used in the locale.", - "title": "CodeHookSpecification" + "Destination": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.DatasetContentDeliveryRuleDestination", + "markdownDescription": "The destination to which dataset contents are delivered.", + "title": "Destination" }, - "Enabled": { - "markdownDescription": "Determines whether the locale is enabled for the bot. If the value is `false` , the locale isn't available for use.", - "title": "Enabled", - "type": "boolean" + "EntryName": { + "markdownDescription": "The name of the dataset content delivery rules entry.", + "title": "EntryName", + "type": "string" } }, "required": [ - "Enabled" + "Destination" ], "type": "object" }, - "AWS::Lex::BotAlias.BotAliasLocaleSettingsItem": { + "AWS::IoTAnalytics::Dataset.DatasetContentDeliveryRuleDestination": { "additionalProperties": false, "properties": { - "BotAliasLocaleSetting": { - "$ref": "#/definitions/AWS::Lex::BotAlias.BotAliasLocaleSettings", - "markdownDescription": "Specifies settings that are unique to a locale.", - "title": "BotAliasLocaleSetting" + "IotEventsDestinationConfiguration": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.IotEventsDestinationConfiguration", + "markdownDescription": "Configuration information for delivery of dataset contents to AWS IoT Events .", + "title": "IotEventsDestinationConfiguration" }, - "LocaleId": { - "markdownDescription": "The unique identifier of the locale.", - "title": "LocaleId", + "S3DestinationConfiguration": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.S3DestinationConfiguration", + "markdownDescription": "Configuration information for delivery of dataset contents to Amazon S3.", + "title": "S3DestinationConfiguration" + } + }, + "type": "object" + }, + "AWS::IoTAnalytics::Dataset.DatasetContentVersionValue": { + "additionalProperties": false, + "properties": { + "DatasetName": { + "markdownDescription": "The name of the dataset whose latest contents are used as input to the notebook or application.", + "title": "DatasetName", "type": "string" } }, "required": [ - "BotAliasLocaleSetting", - "LocaleId" + "DatasetName" ], "type": "object" }, - "AWS::Lex::BotAlias.CloudWatchLogGroupLogDestination": { + "AWS::IoTAnalytics::Dataset.DeltaTime": { "additionalProperties": false, "properties": { - "CloudWatchLogGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the log group where text and metadata logs are delivered.", - "title": "CloudWatchLogGroupArn", - "type": "string" + "OffsetSeconds": { + "markdownDescription": "The number of seconds of estimated in-flight lag time of message data. When you create dataset contents using message data from a specified timeframe, some message data might still be in flight when processing begins, and so do not arrive in time to be processed. Use this field to make allowances for the in flight time of your message data, so that data not processed from a previous timeframe is included with the next timeframe. Otherwise, missed message data would be excluded from processing during the next timeframe too, because its timestamp places it within the previous timeframe.", + "title": "OffsetSeconds", + "type": "number" }, - "LogPrefix": { - "markdownDescription": "The prefix of the log stream name within the log group that you specified", - "title": "LogPrefix", + "TimeExpression": { + "markdownDescription": "An expression by which the time of the message data might be determined. This can be the name of a timestamp field or a SQL expression that is used to derive the time the message data was generated.", + "title": "TimeExpression", "type": "string" } }, "required": [ - "CloudWatchLogGroupArn", - "LogPrefix" + "OffsetSeconds", + "TimeExpression" ], "type": "object" }, - "AWS::Lex::BotAlias.CodeHookSpecification": { + "AWS::IoTAnalytics::Dataset.DeltaTimeSessionWindowConfiguration": { "additionalProperties": false, "properties": { - "LambdaCodeHook": { - "$ref": "#/definitions/AWS::Lex::BotAlias.LambdaCodeHook", - "markdownDescription": "Specifies a Lambda function that verifies requests to a bot or fulfills the user's request to a bot.", - "title": "LambdaCodeHook" + "TimeoutInMinutes": { + "markdownDescription": "A time interval. You can use `timeoutInMinutes` so that AWS IoT Analytics can batch up late data notifications that have been generated since the last execution. AWS IoT Analytics sends one batch of notifications to Amazon CloudWatch Events at one time.\n\nFor more information about how to write a timestamp expression, see [Date and Time Functions and Operators](https://docs.aws.amazon.com/https://prestodb.io/docs/current/functions/datetime.html) , in the *Presto 0.172 Documentation* .", + "title": "TimeoutInMinutes", + "type": "number" } }, "required": [ - "LambdaCodeHook" + "TimeoutInMinutes" ], "type": "object" }, - "AWS::Lex::BotAlias.ConversationLogSettings": { + "AWS::IoTAnalytics::Dataset.Filter": { "additionalProperties": false, "properties": { - "AudioLogSettings": { - "items": { - "$ref": "#/definitions/AWS::Lex::BotAlias.AudioLogSetting" - }, - "markdownDescription": "The Amazon S3 settings for logging audio to an S3 bucket.", - "title": "AudioLogSettings", - "type": "array" - }, - "TextLogSettings": { - "items": { - "$ref": "#/definitions/AWS::Lex::BotAlias.TextLogSetting" - }, - "markdownDescription": "The Amazon CloudWatch Logs settings for logging text and metadata.", - "title": "TextLogSettings", - "type": "array" + "DeltaTime": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.DeltaTime", + "markdownDescription": "Used to limit data to that which has arrived since the last execution of the action.", + "title": "DeltaTime" } }, "type": "object" }, - "AWS::Lex::BotAlias.LambdaCodeHook": { + "AWS::IoTAnalytics::Dataset.GlueConfiguration": { "additionalProperties": false, "properties": { - "CodeHookInterfaceVersion": { - "markdownDescription": "The version of the request-response that you want Amazon Lex to use to invoke your Lambda function.", - "title": "CodeHookInterfaceVersion", + "DatabaseName": { + "markdownDescription": "The name of the database in your AWS Glue Data Catalog in which the table is located. An AWS Glue Data Catalog database contains metadata tables.", + "title": "DatabaseName", "type": "string" }, - "LambdaArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function.", - "title": "LambdaArn", + "TableName": { + "markdownDescription": "The name of the table in your AWS Glue Data Catalog that is used to perform the ETL operations. An AWS Glue Data Catalog table contains partitioned data and descriptions of data sources and targets.", + "title": "TableName", "type": "string" } }, "required": [ - "CodeHookInterfaceVersion", - "LambdaArn" + "DatabaseName", + "TableName" ], "type": "object" }, - "AWS::Lex::BotAlias.S3BucketLogDestination": { + "AWS::IoTAnalytics::Dataset.IotEventsDestinationConfiguration": { "additionalProperties": false, "properties": { - "KmsKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Key Management Service (KMS) key for encrypting audio log files stored in an Amazon S3 bucket.", - "title": "KmsKeyArn", - "type": "string" - }, - "LogPrefix": { - "markdownDescription": "The S3 prefix to assign to audio log files.", - "title": "LogPrefix", + "InputName": { + "markdownDescription": "The name of the AWS IoT Events input to which dataset contents are delivered.", + "title": "InputName", "type": "string" }, - "S3BucketArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an Amazon S3 bucket where audio log files are stored.", - "title": "S3BucketArn", + "RoleArn": { + "markdownDescription": "The ARN of the role that grants AWS IoT Analytics permission to deliver dataset contents to an AWS IoT Events input.", + "title": "RoleArn", "type": "string" } }, "required": [ - "LogPrefix", - "S3BucketArn" + "InputName", + "RoleArn" ], "type": "object" }, - "AWS::Lex::BotAlias.SentimentAnalysisSettings": { + "AWS::IoTAnalytics::Dataset.LateDataRule": { "additionalProperties": false, "properties": { - "DetectSentiment": { - "markdownDescription": "Sets whether Amazon Lex uses Amazon Comprehend to detect the sentiment of user utterances.", - "title": "DetectSentiment", - "type": "boolean" + "RuleConfiguration": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.LateDataRuleConfiguration", + "markdownDescription": "The information needed to configure the late data rule.", + "title": "RuleConfiguration" + }, + "RuleName": { + "markdownDescription": "The name of the late data rule.", + "title": "RuleName", + "type": "string" } }, "required": [ - "DetectSentiment" + "RuleConfiguration" ], "type": "object" }, - "AWS::Lex::BotAlias.TextLogDestination": { + "AWS::IoTAnalytics::Dataset.LateDataRuleConfiguration": { "additionalProperties": false, "properties": { - "CloudWatch": { - "$ref": "#/definitions/AWS::Lex::BotAlias.CloudWatchLogGroupLogDestination", - "markdownDescription": "Defines the Amazon CloudWatch Logs log group where text and metadata logs are delivered.", - "title": "CloudWatch" + "DeltaTimeSessionWindowConfiguration": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.DeltaTimeSessionWindowConfiguration", + "markdownDescription": "The information needed to configure a delta time session window.", + "title": "DeltaTimeSessionWindowConfiguration" } }, - "required": [ - "CloudWatch" - ], "type": "object" }, - "AWS::Lex::BotAlias.TextLogSetting": { + "AWS::IoTAnalytics::Dataset.OutputFileUriValue": { "additionalProperties": false, "properties": { - "Destination": { - "$ref": "#/definitions/AWS::Lex::BotAlias.TextLogDestination", - "markdownDescription": "Defines the Amazon CloudWatch Logs destination log group for conversation text logs.", - "title": "Destination" - }, - "Enabled": { - "markdownDescription": "Determines whether conversation logs should be stored for an alias.", - "title": "Enabled", - "type": "boolean" + "FileName": { + "markdownDescription": "The URI of the location where dataset contents are stored, usually the URI of a file in an S3 bucket.", + "title": "FileName", + "type": "string" } }, "required": [ - "Destination", - "Enabled" + "FileName" ], "type": "object" }, - "AWS::Lex::BotVersion": { + "AWS::IoTAnalytics::Dataset.QueryAction": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "BotId": { - "markdownDescription": "The unique identifier of the bot.", - "title": "BotId", - "type": "string" - }, - "BotVersionLocaleSpecification": { - "items": { - "$ref": "#/definitions/AWS::Lex::BotVersion.BotVersionLocaleSpecification" - }, - "markdownDescription": "Specifies the locales that Amazon Lex adds to this version. You can choose the Draft version or any other previously published version for each locale. When you specify a source version, the locale data is copied from the source version to the new version.", - "title": "BotVersionLocaleSpecification", - "type": "array" - }, - "Description": { - "markdownDescription": "The description of the version.", - "title": "Description", - "type": "string" - } + "Filters": { + "items": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.Filter" }, - "required": [ - "BotId", - "BotVersionLocaleSpecification" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Lex::BotVersion" - ], - "type": "string" + "markdownDescription": "Pre-filters applied to message data.", + "title": "Filters", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SqlQuery": { + "markdownDescription": "An \"SqlQueryDatasetAction\" object that uses an SQL query to automatically create data set contents.", + "title": "SqlQuery", "type": "string" } }, "required": [ - "Type", - "Properties" + "SqlQuery" ], "type": "object" }, - "AWS::Lex::BotVersion.BotVersionLocaleDetails": { + "AWS::IoTAnalytics::Dataset.ResourceConfiguration": { "additionalProperties": false, "properties": { - "SourceBotVersion": { - "markdownDescription": "The version of a bot used for a bot locale.", - "title": "SourceBotVersion", + "ComputeType": { + "markdownDescription": "The type of the compute resource used to execute the `containerAction` . Possible values are: `ACU_1` (vCPU=4, memory=16 GiB) or `ACU_2` (vCPU=8, memory=32 GiB).", + "title": "ComputeType", "type": "string" + }, + "VolumeSizeInGB": { + "markdownDescription": "The size, in GB, of the persistent storage available to the resource instance used to execute the `containerAction` (min: 1, max: 50).", + "title": "VolumeSizeInGB", + "type": "number" } }, "required": [ - "SourceBotVersion" + "ComputeType", + "VolumeSizeInGB" ], "type": "object" }, - "AWS::Lex::BotVersion.BotVersionLocaleSpecification": { + "AWS::IoTAnalytics::Dataset.RetentionPeriod": { "additionalProperties": false, "properties": { - "BotVersionLocaleDetails": { - "$ref": "#/definitions/AWS::Lex::BotVersion.BotVersionLocaleDetails", - "markdownDescription": "The version of a bot used for a bot locale.", - "title": "BotVersionLocaleDetails" + "NumberOfDays": { + "markdownDescription": "The number of days that message data is kept. The `unlimited` parameter must be false.", + "title": "NumberOfDays", + "type": "number" }, - "LocaleId": { - "markdownDescription": "The identifier of the locale to add to the version.", - "title": "LocaleId", - "type": "string" + "Unlimited": { + "markdownDescription": "If true, message data is kept indefinitely.", + "title": "Unlimited", + "type": "boolean" } }, - "required": [ - "BotVersionLocaleDetails", - "LocaleId" - ], "type": "object" }, - "AWS::Lex::ResourcePolicy": { + "AWS::IoTAnalytics::Dataset.S3DestinationConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "Bucket": { + "markdownDescription": "The name of the S3 bucket to which dataset contents are delivered.", + "title": "Bucket", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "GlueConfiguration": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.GlueConfiguration", + "markdownDescription": "Configuration information for coordination with AWS Glue , a fully managed extract, transform and load (ETL) service.", + "title": "GlueConfiguration" + }, + "Key": { + "markdownDescription": "The key of the dataset contents object in an S3 bucket. Each object has a key that is a unique identifier. Each object has exactly one key.\n\nYou can create a unique key with the following options:\n\n- Use `!{iotanalytics:scheduleTime}` to insert the time of a scheduled SQL query run.\n- Use `!{iotanalytics:versionId}` to insert a unique hash that identifies a dataset content.\n- Use `!{iotanalytics:creationTime}` to insert the creation time of a dataset content.\n\nThe following example creates a unique key for a CSV file: `dataset/mydataset/!{iotanalytics:scheduleTime}/!{iotanalytics:versionId}.csv`\n\n> If you don't use `!{iotanalytics:versionId}` to specify the key, you might get duplicate keys. For example, you might have two dataset contents with the same `scheduleTime` but different `versionId` s. This means that one dataset content overwrites the other.", + "title": "Key", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "RoleArn": { + "markdownDescription": "The ARN of the role that grants AWS IoT Analytics permission to interact with your Amazon S3 and AWS Glue resources.", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "Bucket", + "Key", + "RoleArn" + ], + "type": "object" + }, + "AWS::IoTAnalytics::Dataset.Schedule": { + "additionalProperties": false, + "properties": { + "ScheduleExpression": { + "markdownDescription": "The expression that defines when to trigger an update. For more information, see [Schedule Expressions for Rules](https://docs.aws.amazon.com/AmazonCloudWatch/latest/events/ScheduledEvents.html) in the Amazon CloudWatch documentation.", + "title": "ScheduleExpression", + "type": "string" + } + }, + "required": [ + "ScheduleExpression" + ], + "type": "object" + }, + "AWS::IoTAnalytics::Dataset.Trigger": { + "additionalProperties": false, + "properties": { + "Schedule": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.Schedule", + "markdownDescription": "The \"Schedule\" when the trigger is initiated.", + "title": "Schedule" }, - "Metadata": { - "type": "object" + "TriggeringDataset": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.TriggeringDataset", + "markdownDescription": "Information about the data set whose content generation triggers the new data set content generation.", + "title": "TriggeringDataset" + } + }, + "type": "object" + }, + "AWS::IoTAnalytics::Dataset.TriggeringDataset": { + "additionalProperties": false, + "properties": { + "DatasetName": { + "markdownDescription": "The name of the data set whose content generation triggers the new data set content generation.", + "title": "DatasetName", + "type": "string" + } + }, + "required": [ + "DatasetName" + ], + "type": "object" + }, + "AWS::IoTAnalytics::Dataset.Variable": { + "additionalProperties": false, + "properties": { + "DatasetContentVersionValue": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.DatasetContentVersionValue", + "markdownDescription": "The value of the variable as a structure that specifies a dataset content version.", + "title": "DatasetContentVersionValue" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Policy": { - "markdownDescription": "A resource policy to add to the resource. The policy is a JSON structure that contains one or more statements that define the policy. The policy must follow IAM syntax. If the policy isn't valid, Amazon Lex returns a validation exception.", - "title": "Policy", - "type": "object" - }, - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the bot or bot alias that the resource policy is attached to.", - "title": "ResourceArn", - "type": "string" - } - }, - "required": [ - "Policy", - "ResourceArn" - ], - "type": "object" + "DoubleValue": { + "markdownDescription": "The value of the variable as a double (numeric).", + "title": "DoubleValue", + "type": "number" }, - "Type": { - "enum": [ - "AWS::Lex::ResourcePolicy" - ], + "OutputFileUriValue": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.OutputFileUriValue", + "markdownDescription": "The value of the variable as a structure that specifies an output file URI.", + "title": "OutputFileUriValue" + }, + "StringValue": { + "markdownDescription": "The value of the variable as a string.", + "title": "StringValue", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VariableName": { + "markdownDescription": "The name of the variable.", + "title": "VariableName", "type": "string" } }, "required": [ - "Type", - "Properties" + "VariableName" ], "type": "object" }, - "AWS::LicenseManager::Grant": { + "AWS::IoTAnalytics::Dataset.VersioningConfiguration": { + "additionalProperties": false, + "properties": { + "MaxVersions": { + "markdownDescription": "How many versions of dataset contents are kept. The `unlimited` parameter must be `false` .", + "title": "MaxVersions", + "type": "number" + }, + "Unlimited": { + "markdownDescription": "If true, unlimited versions of dataset contents are kept.", + "title": "Unlimited", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::IoTAnalytics::Datastore": { "additionalProperties": false, "properties": { "Condition": { @@ -146452,48 +150793,45 @@ "Properties": { "additionalProperties": false, "properties": { - "AllowedOperations": { - "items": { - "type": "string" - }, - "markdownDescription": "Allowed operations for the grant.", - "title": "AllowedOperations", - "type": "array" - }, - "GrantName": { - "markdownDescription": "Grant name.", - "title": "GrantName", + "DatastoreName": { + "markdownDescription": "The name of the data store.", + "title": "DatastoreName", "type": "string" }, - "HomeRegion": { - "markdownDescription": "Home Region of the grant.", - "title": "HomeRegion", - "type": "string" + "DatastorePartitions": { + "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.DatastorePartitions", + "markdownDescription": "Information about the partition dimensions in a data store.", + "title": "DatastorePartitions" }, - "LicenseArn": { - "markdownDescription": "License ARN.", - "title": "LicenseArn", - "type": "string" + "DatastoreStorage": { + "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.DatastoreStorage", + "markdownDescription": "Where data store data is stored.", + "title": "DatastoreStorage" }, - "Principals": { + "FileFormatConfiguration": { + "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.FileFormatConfiguration", + "markdownDescription": "Contains the configuration information of file formats. AWS IoT Analytics data stores support JSON and [Parquet](https://docs.aws.amazon.com/https://parquet.apache.org/) .\n\nThe default file format is JSON. You can specify only one format.\n\nYou can't change the file format after you create the data store.", + "title": "FileFormatConfiguration" + }, + "RetentionPeriod": { + "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.RetentionPeriod", + "markdownDescription": "How long, in days, message data is kept for the data store. When `customerManagedS3` storage is selected, this parameter is ignored.", + "title": "RetentionPeriod" + }, + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The grant principals. You can specify one of the following as an Amazon Resource Name (ARN):\n\n- An AWS account, which includes only the account specified.\n\n- An organizational unit (OU), which includes all accounts in the OU.\n\n- An organization, which will include all accounts across your organization.", - "title": "Principals", + "markdownDescription": "Metadata which can be used to manage the data store.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", "type": "array" - }, - "Status": { - "markdownDescription": "Granted license status.", - "title": "Status", - "type": "string" } }, "type": "object" }, "Type": { "enum": [ - "AWS::LicenseManager::Grant" + "AWS::IoTAnalytics::Datastore" ], "type": "string" }, @@ -146511,7 +150849,223 @@ ], "type": "object" }, - "AWS::LicenseManager::License": { + "AWS::IoTAnalytics::Datastore.Column": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the column.", + "title": "Name", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of data. For more information about the supported data types, see [Common data types](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-common.html) in the *AWS Glue Developer Guide* .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Name", + "Type" + ], + "type": "object" + }, + "AWS::IoTAnalytics::Datastore.CustomerManagedS3": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The name of the Amazon S3 bucket where your data is stored.", + "title": "Bucket", + "type": "string" + }, + "KeyPrefix": { + "markdownDescription": "(Optional) The prefix used to create the keys of the data store data objects. Each object in an Amazon S3 bucket has a key that is its unique identifier in the bucket. Each object in a bucket has exactly one key. The prefix must end with a forward slash (/).", + "title": "KeyPrefix", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the role that grants AWS IoT Analytics permission to interact with your Amazon S3 resources.", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "Bucket", + "RoleArn" + ], + "type": "object" + }, + "AWS::IoTAnalytics::Datastore.CustomerManagedS3Storage": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The name of the Amazon S3 bucket where your data is stored.", + "title": "Bucket", + "type": "string" + }, + "KeyPrefix": { + "markdownDescription": "(Optional) The prefix used to create the keys of the data store data objects. Each object in an Amazon S3 bucket has a key that is its unique identifier in the bucket. Each object in a bucket has exactly one key. The prefix must end with a forward slash (/).", + "title": "KeyPrefix", + "type": "string" + } + }, + "required": [ + "Bucket" + ], + "type": "object" + }, + "AWS::IoTAnalytics::Datastore.DatastorePartition": { + "additionalProperties": false, + "properties": { + "Partition": { + "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.Partition", + "markdownDescription": "A partition dimension defined by an attribute.", + "title": "Partition" + }, + "TimestampPartition": { + "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.TimestampPartition", + "markdownDescription": "A partition dimension defined by a timestamp attribute.", + "title": "TimestampPartition" + } + }, + "type": "object" + }, + "AWS::IoTAnalytics::Datastore.DatastorePartitions": { + "additionalProperties": false, + "properties": { + "Partitions": { + "items": { + "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.DatastorePartition" + }, + "markdownDescription": "A list of partition dimensions in a data store.", + "title": "Partitions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::IoTAnalytics::Datastore.DatastoreStorage": { + "additionalProperties": false, + "properties": { + "CustomerManagedS3": { + "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.CustomerManagedS3", + "markdownDescription": "Use this to store data store data in an S3 bucket that you manage. The choice of service-managed or customer-managed S3 storage cannot be changed after creation of the data store.", + "title": "CustomerManagedS3" + }, + "IotSiteWiseMultiLayerStorage": { + "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.IotSiteWiseMultiLayerStorage", + "markdownDescription": "Use this to store data used by AWS IoT SiteWise in an Amazon S3 bucket that you manage. You can't change the choice of Amazon S3 storage after your data store is created.", + "title": "IotSiteWiseMultiLayerStorage" + }, + "ServiceManagedS3": { + "markdownDescription": "Use this to store data store data in an S3 bucket managed by the AWS IoT Analytics service. The choice of service-managed or customer-managed S3 storage cannot be changed after creation of the data store.", + "title": "ServiceManagedS3", + "type": "object" + } + }, + "type": "object" + }, + "AWS::IoTAnalytics::Datastore.FileFormatConfiguration": { + "additionalProperties": false, + "properties": { + "JsonConfiguration": { + "markdownDescription": "Contains the configuration information of the JSON format.", + "title": "JsonConfiguration", + "type": "object" + }, + "ParquetConfiguration": { + "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.ParquetConfiguration", + "markdownDescription": "Contains the configuration information of the Parquet format.", + "title": "ParquetConfiguration" + } + }, + "type": "object" + }, + "AWS::IoTAnalytics::Datastore.IotSiteWiseMultiLayerStorage": { + "additionalProperties": false, + "properties": { + "CustomerManagedS3Storage": { + "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.CustomerManagedS3Storage", + "markdownDescription": "Stores data used by AWS IoT SiteWise in an Amazon S3 bucket that you manage.", + "title": "CustomerManagedS3Storage" + } + }, + "type": "object" + }, + "AWS::IoTAnalytics::Datastore.ParquetConfiguration": { + "additionalProperties": false, + "properties": { + "SchemaDefinition": { + "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.SchemaDefinition", + "markdownDescription": "Information needed to define a schema.", + "title": "SchemaDefinition" + } + }, + "type": "object" + }, + "AWS::IoTAnalytics::Datastore.Partition": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "markdownDescription": "The name of the attribute that defines a partition dimension.", + "title": "AttributeName", + "type": "string" + } + }, + "required": [ + "AttributeName" + ], + "type": "object" + }, + "AWS::IoTAnalytics::Datastore.RetentionPeriod": { + "additionalProperties": false, + "properties": { + "NumberOfDays": { + "markdownDescription": "The number of days that message data is kept. The `unlimited` parameter must be false.", + "title": "NumberOfDays", + "type": "number" + }, + "Unlimited": { + "markdownDescription": "If true, message data is kept indefinitely.", + "title": "Unlimited", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::IoTAnalytics::Datastore.SchemaDefinition": { + "additionalProperties": false, + "properties": { + "Columns": { + "items": { + "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.Column" + }, + "markdownDescription": "Specifies one or more columns that store your data.\n\nEach schema can have up to 100 columns. Each column can have up to 100 nested types.", + "title": "Columns", + "type": "array" + } + }, + "type": "object" + }, + "AWS::IoTAnalytics::Datastore.TimestampPartition": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "markdownDescription": "The attribute name of the partition defined by a timestamp.", + "title": "AttributeName", + "type": "string" + }, + "TimestampFormat": { + "markdownDescription": "The timestamp format of a partition defined by a timestamp. The default format is seconds since epoch (January 1, 1970 at midnight UTC time).", + "title": "TimestampFormat", + "type": "string" + } + }, + "required": [ + "AttributeName" + ], + "type": "object" + }, + "AWS::IoTAnalytics::Pipeline": { "additionalProperties": false, "properties": { "Condition": { @@ -146546,82 +151100,36 @@ "Properties": { "additionalProperties": false, "properties": { - "Beneficiary": { - "markdownDescription": "License beneficiary.", - "title": "Beneficiary", - "type": "string" - }, - "ConsumptionConfiguration": { - "$ref": "#/definitions/AWS::LicenseManager::License.ConsumptionConfiguration", - "markdownDescription": "Configuration for consumption of the license.", - "title": "ConsumptionConfiguration" - }, - "Entitlements": { + "PipelineActivities": { "items": { - "$ref": "#/definitions/AWS::LicenseManager::License.Entitlement" + "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.Activity" }, - "markdownDescription": "License entitlements.", - "title": "Entitlements", + "markdownDescription": "A list of \"PipelineActivity\" objects. Activities perform transformations on your messages, such as removing, renaming or adding message attributes; filtering messages based on attribute values; invoking your Lambda functions on messages for advanced processing; or performing mathematical transformations to normalize device data.\n\nThe list can be 2-25 *PipelineActivity* objects and must contain both a `channel` and a `datastore` activity. Each entry in the list must contain only one activity, for example:\n\n`pipelineActivities = [ { \"channel\": { ... } }, { \"lambda\": { ... } }, ... ]`", + "title": "PipelineActivities", "type": "array" }, - "HomeRegion": { - "markdownDescription": "Home Region of the license.", - "title": "HomeRegion", + "PipelineName": { + "markdownDescription": "The name of the pipeline.", + "title": "PipelineName", "type": "string" }, - "Issuer": { - "$ref": "#/definitions/AWS::LicenseManager::License.IssuerData", - "markdownDescription": "License issuer.", - "title": "Issuer" - }, - "LicenseMetadata": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::LicenseManager::License.Metadata" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "License metadata.", - "title": "LicenseMetadata", + "markdownDescription": "Metadata which can be used to manage the pipeline.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", "type": "array" - }, - "LicenseName": { - "markdownDescription": "License name.", - "title": "LicenseName", - "type": "string" - }, - "ProductName": { - "markdownDescription": "Product name.", - "title": "ProductName", - "type": "string" - }, - "ProductSKU": { - "markdownDescription": "Product SKU.", - "title": "ProductSKU", - "type": "string" - }, - "Status": { - "markdownDescription": "License status.", - "title": "Status", - "type": "string" - }, - "Validity": { - "$ref": "#/definitions/AWS::LicenseManager::License.ValidityDateFormat", - "markdownDescription": "Date and time range during which the license is valid, in ISO8601-UTC format.", - "title": "Validity" } }, "required": [ - "ConsumptionConfiguration", - "Entitlements", - "HomeRegion", - "Issuer", - "LicenseName", - "ProductName", - "Validity" + "PipelineActivities" ], "type": "object" }, "Type": { "enum": [ - "AWS::LicenseManager::License" + "AWS::IoTAnalytics::Pipeline" ], "type": "string" }, @@ -146640,161 +151148,356 @@ ], "type": "object" }, - "AWS::LicenseManager::License.BorrowConfiguration": { + "AWS::IoTAnalytics::Pipeline.Activity": { "additionalProperties": false, "properties": { - "AllowEarlyCheckIn": { - "markdownDescription": "Indicates whether early check-ins are allowed.", - "title": "AllowEarlyCheckIn", - "type": "boolean" + "AddAttributes": { + "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.AddAttributes", + "markdownDescription": "Adds other attributes based on existing attributes in the message.", + "title": "AddAttributes" }, - "MaxTimeToLiveInMinutes": { - "markdownDescription": "Maximum time for the borrow configuration, in minutes.", - "title": "MaxTimeToLiveInMinutes", - "type": "number" + "Channel": { + "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.Channel", + "markdownDescription": "Determines the source of the messages to be processed.", + "title": "Channel" + }, + "Datastore": { + "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.Datastore", + "markdownDescription": "Specifies where to store the processed message data.", + "title": "Datastore" + }, + "DeviceRegistryEnrich": { + "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.DeviceRegistryEnrich", + "markdownDescription": "Adds data from the AWS IoT device registry to your message.", + "title": "DeviceRegistryEnrich" + }, + "DeviceShadowEnrich": { + "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.DeviceShadowEnrich", + "markdownDescription": "Adds information from the AWS IoT Device Shadows service to a message.", + "title": "DeviceShadowEnrich" + }, + "Filter": { + "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.Filter", + "markdownDescription": "Filters a message based on its attributes.", + "title": "Filter" + }, + "Lambda": { + "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.Lambda", + "markdownDescription": "Runs a Lambda function to modify the message.", + "title": "Lambda" + }, + "Math": { + "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.Math", + "markdownDescription": "Computes an arithmetic expression using the message's attributes and adds it to the message.", + "title": "Math" + }, + "RemoveAttributes": { + "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.RemoveAttributes", + "markdownDescription": "Removes attributes from a message.", + "title": "RemoveAttributes" + }, + "SelectAttributes": { + "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.SelectAttributes", + "markdownDescription": "Creates a new message using only the specified attributes from the original message.", + "title": "SelectAttributes" + } + }, + "type": "object" + }, + "AWS::IoTAnalytics::Pipeline.AddAttributes": { + "additionalProperties": false, + "properties": { + "Attributes": { + "additionalProperties": true, + "markdownDescription": "A list of 1-50 \"AttributeNameMapping\" objects that map an existing attribute to a new attribute.\n\n> The existing attributes remain in the message, so if you want to remove the originals, use \"RemoveAttributeActivity\".", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Attributes", + "type": "object" + }, + "Name": { + "markdownDescription": "The name of the 'addAttributes' activity.", + "title": "Name", + "type": "string" + }, + "Next": { + "markdownDescription": "The next activity in the pipeline.", + "title": "Next", + "type": "string" } }, "required": [ - "AllowEarlyCheckIn", - "MaxTimeToLiveInMinutes" + "Attributes", + "Name" ], "type": "object" }, - "AWS::LicenseManager::License.ConsumptionConfiguration": { + "AWS::IoTAnalytics::Pipeline.Channel": { "additionalProperties": false, "properties": { - "BorrowConfiguration": { - "$ref": "#/definitions/AWS::LicenseManager::License.BorrowConfiguration", - "markdownDescription": "Details about a borrow configuration.", - "title": "BorrowConfiguration" + "ChannelName": { + "markdownDescription": "The name of the channel from which the messages are processed.", + "title": "ChannelName", + "type": "string" }, - "ProvisionalConfiguration": { - "$ref": "#/definitions/AWS::LicenseManager::License.ProvisionalConfiguration", - "markdownDescription": "Details about a provisional configuration.", - "title": "ProvisionalConfiguration" + "Name": { + "markdownDescription": "The name of the 'channel' activity.", + "title": "Name", + "type": "string" }, - "RenewType": { - "markdownDescription": "Renewal frequency.", - "title": "RenewType", + "Next": { + "markdownDescription": "The next activity in the pipeline.", + "title": "Next", "type": "string" } }, + "required": [ + "ChannelName", + "Name" + ], "type": "object" }, - "AWS::LicenseManager::License.Entitlement": { + "AWS::IoTAnalytics::Pipeline.Datastore": { "additionalProperties": false, "properties": { - "AllowCheckIn": { - "markdownDescription": "Indicates whether check-ins are allowed.", - "title": "AllowCheckIn", - "type": "boolean" + "DatastoreName": { + "markdownDescription": "The name of the data store where processed messages are stored.", + "title": "DatastoreName", + "type": "string" }, - "MaxCount": { - "markdownDescription": "Maximum entitlement count. Use if the unit is not None.", - "title": "MaxCount", - "type": "number" + "Name": { + "markdownDescription": "The name of the datastore activity.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "DatastoreName", + "Name" + ], + "type": "object" + }, + "AWS::IoTAnalytics::Pipeline.DeviceRegistryEnrich": { + "additionalProperties": false, + "properties": { + "Attribute": { + "markdownDescription": "The name of the attribute that is added to the message.", + "title": "Attribute", + "type": "string" }, "Name": { - "markdownDescription": "Entitlement name.", + "markdownDescription": "The name of the 'deviceRegistryEnrich' activity.", "title": "Name", "type": "string" }, - "Overage": { - "markdownDescription": "Indicates whether overages are allowed.", - "title": "Overage", - "type": "boolean" + "Next": { + "markdownDescription": "The next activity in the pipeline.", + "title": "Next", + "type": "string" }, - "Unit": { - "markdownDescription": "Entitlement unit.", - "title": "Unit", + "RoleArn": { + "markdownDescription": "The ARN of the role that allows access to the device's registry information.", + "title": "RoleArn", "type": "string" }, - "Value": { - "markdownDescription": "Entitlement resource. Use only if the unit is None.", - "title": "Value", + "ThingName": { + "markdownDescription": "The name of the IoT device whose registry information is added to the message.", + "title": "ThingName", "type": "string" } }, "required": [ + "Attribute", "Name", - "Unit" + "RoleArn", + "ThingName" ], "type": "object" }, - "AWS::LicenseManager::License.IssuerData": { + "AWS::IoTAnalytics::Pipeline.DeviceShadowEnrich": { "additionalProperties": false, "properties": { + "Attribute": { + "markdownDescription": "The name of the attribute that is added to the message.", + "title": "Attribute", + "type": "string" + }, "Name": { - "markdownDescription": "Issuer name.", + "markdownDescription": "The name of the 'deviceShadowEnrich' activity.", "title": "Name", "type": "string" }, - "SignKey": { - "markdownDescription": "Asymmetric KMS key from AWS Key Management Service . The KMS key must have a key usage of sign and verify, and support the RSASSA-PSS SHA-256 signing algorithm.", - "title": "SignKey", + "Next": { + "markdownDescription": "The next activity in the pipeline.", + "title": "Next", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the role that allows access to the device's shadow.", + "title": "RoleArn", + "type": "string" + }, + "ThingName": { + "markdownDescription": "The name of the IoT device whose shadow information is added to the message.", + "title": "ThingName", "type": "string" } }, "required": [ - "Name" + "Attribute", + "Name", + "RoleArn", + "ThingName" ], "type": "object" }, - "AWS::LicenseManager::License.Metadata": { + "AWS::IoTAnalytics::Pipeline.Filter": { "additionalProperties": false, "properties": { + "Filter": { + "markdownDescription": "An expression that looks like an SQL WHERE clause that must return a Boolean value.", + "title": "Filter", + "type": "string" + }, "Name": { - "markdownDescription": "The key name.", + "markdownDescription": "The name of the 'filter' activity.", "title": "Name", "type": "string" }, - "Value": { - "markdownDescription": "The value.", - "title": "Value", + "Next": { + "markdownDescription": "The next activity in the pipeline.", + "title": "Next", "type": "string" } }, "required": [ - "Name", - "Value" + "Filter", + "Name" ], "type": "object" }, - "AWS::LicenseManager::License.ProvisionalConfiguration": { + "AWS::IoTAnalytics::Pipeline.Lambda": { "additionalProperties": false, "properties": { - "MaxTimeToLiveInMinutes": { - "markdownDescription": "Maximum time for the provisional configuration, in minutes.", - "title": "MaxTimeToLiveInMinutes", + "BatchSize": { + "markdownDescription": "The number of messages passed to the Lambda function for processing.\n\nThe AWS Lambda function must be able to process all of these messages within five minutes, which is the maximum timeout duration for Lambda functions.", + "title": "BatchSize", "type": "number" + }, + "LambdaName": { + "markdownDescription": "The name of the Lambda function that is run on the message.", + "title": "LambdaName", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the 'lambda' activity.", + "title": "Name", + "type": "string" + }, + "Next": { + "markdownDescription": "The next activity in the pipeline.", + "title": "Next", + "type": "string" } }, "required": [ - "MaxTimeToLiveInMinutes" + "BatchSize", + "LambdaName", + "Name" ], "type": "object" }, - "AWS::LicenseManager::License.ValidityDateFormat": { + "AWS::IoTAnalytics::Pipeline.Math": { "additionalProperties": false, "properties": { - "Begin": { - "markdownDescription": "Start of the time range.", - "title": "Begin", + "Attribute": { + "markdownDescription": "The name of the attribute that contains the result of the math operation.", + "title": "Attribute", "type": "string" }, - "End": { - "markdownDescription": "End of the time range.", - "title": "End", + "Math": { + "markdownDescription": "An expression that uses one or more existing attributes and must return an integer value.", + "title": "Math", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the 'math' activity.", + "title": "Name", + "type": "string" + }, + "Next": { + "markdownDescription": "The next activity in the pipeline.", + "title": "Next", "type": "string" } }, "required": [ - "Begin", - "End" + "Attribute", + "Math", + "Name" ], "type": "object" }, - "AWS::Lightsail::Alarm": { + "AWS::IoTAnalytics::Pipeline.RemoveAttributes": { + "additionalProperties": false, + "properties": { + "Attributes": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of 1-50 attributes to remove from the message.", + "title": "Attributes", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the 'removeAttributes' activity.", + "title": "Name", + "type": "string" + }, + "Next": { + "markdownDescription": "The next activity in the pipeline.", + "title": "Next", + "type": "string" + } + }, + "required": [ + "Attributes", + "Name" + ], + "type": "object" + }, + "AWS::IoTAnalytics::Pipeline.SelectAttributes": { + "additionalProperties": false, + "properties": { + "Attributes": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the attributes to select from the message.", + "title": "Attributes", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the 'selectAttributes' activity.", + "title": "Name", + "type": "string" + }, + "Next": { + "markdownDescription": "The next activity in the pipeline.", + "title": "Next", + "type": "string" + } + }, + "required": [ + "Attributes", + "Name" + ], + "type": "object" + }, + "AWS::IoTCoreDeviceAdvisor::SuiteDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -146829,81 +151532,28 @@ "Properties": { "additionalProperties": false, "properties": { - "AlarmName": { - "markdownDescription": "The name of the alarm.", - "title": "AlarmName", - "type": "string" - }, - "ComparisonOperator": { - "markdownDescription": "The arithmetic operation to use when comparing the specified statistic and threshold.", - "title": "ComparisonOperator", - "type": "string" - }, - "ContactProtocols": { - "items": { - "type": "string" - }, - "markdownDescription": "The contact protocols for the alarm, such as `Email` , `SMS` (text messaging), or both.\n\n*Allowed Values* : `Email` | `SMS`", - "title": "ContactProtocols", - "type": "array" - }, - "DatapointsToAlarm": { - "markdownDescription": "The number of data points within the evaluation periods that must be breaching to cause the alarm to go to the `ALARM` state.", - "title": "DatapointsToAlarm", - "type": "number" - }, - "EvaluationPeriods": { - "markdownDescription": "The number of periods over which data is compared to the specified threshold.", - "title": "EvaluationPeriods", - "type": "number" - }, - "MetricName": { - "markdownDescription": "The name of the metric associated with the alarm.", - "title": "MetricName", - "type": "string" - }, - "MonitoredResourceName": { - "markdownDescription": "The name of the Lightsail resource that the alarm monitors.", - "title": "MonitoredResourceName", - "type": "string" - }, - "NotificationEnabled": { - "markdownDescription": "A Boolean value indicating whether the alarm is enabled.", - "title": "NotificationEnabled", - "type": "boolean" + "SuiteDefinitionConfiguration": { + "$ref": "#/definitions/AWS::IoTCoreDeviceAdvisor::SuiteDefinition.SuiteDefinitionConfiguration", + "markdownDescription": "The configuration of the Suite Definition. Listed below are the required elements of the `SuiteDefinitionConfiguration` .\n\n- ***devicePermissionRoleArn*** - The device permission arn.\n\nThis is a required element.\n\n*Type:* String\n- ***devices*** - The list of configured devices under test. For more information on devices under test, see [DeviceUnderTest](https://docs.aws.amazon.com/iot/latest/apireference/API_iotdeviceadvisor_DeviceUnderTest.html)\n\nNot a required element.\n\n*Type:* List of devices under test\n- ***intendedForQualification*** - The tests intended for qualification in a suite.\n\nNot a required element.\n\n*Type:* Boolean\n- ***rootGroup*** - The test suite root group. For more information on creating and using root groups see the [Device Advisor workflow](https://docs.aws.amazon.com/iot/latest/developerguide/device-advisor-workflow.html) .\n\nThis is a required element.\n\n*Type:* String\n- ***suiteDefinitionName*** - The Suite Definition Configuration name.\n\nThis is a required element.\n\n*Type:* String", + "title": "SuiteDefinitionConfiguration" }, - "NotificationTriggers": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The alarm states that trigger a notification.\n\n> To specify the `OK` and `INSUFFICIENT_DATA` values, you must also specify `ContactProtocols` values. Otherwise, the `OK` and `INSUFFICIENT_DATA` values will not take effect and the stack will drift. \n\n*Allowed Values* : `OK` | `ALARM` | `INSUFFICIENT_DATA`", - "title": "NotificationTriggers", + "markdownDescription": "Metadata that can be used to manage the the Suite Definition.", + "title": "Tags", "type": "array" - }, - "Threshold": { - "markdownDescription": "The value against which the specified statistic is compared.", - "title": "Threshold", - "type": "number" - }, - "TreatMissingData": { - "markdownDescription": "Specifies how the alarm handles missing data points.\n\nAn alarm can treat missing data in the following ways:\n\n- `breaching` - Assumes the missing data is not within the threshold. Missing data counts towards the number of times that the metric is not within the threshold.\n- `notBreaching` - Assumes the missing data is within the threshold. Missing data does not count towards the number of times that the metric is not within the threshold.\n- `ignore` - Ignores the missing data. Maintains the current alarm state.\n- `missing` - Missing data is treated as missing.", - "title": "TreatMissingData", - "type": "string" } }, "required": [ - "AlarmName", - "ComparisonOperator", - "EvaluationPeriods", - "MetricName", - "MonitoredResourceName", - "Threshold" + "SuiteDefinitionConfiguration" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lightsail::Alarm" + "AWS::IoTCoreDeviceAdvisor::SuiteDefinition" ], "type": "string" }, @@ -146922,7 +151572,61 @@ ], "type": "object" }, - "AWS::Lightsail::Bucket": { + "AWS::IoTCoreDeviceAdvisor::SuiteDefinition.DeviceUnderTest": { + "additionalProperties": false, + "properties": { + "CertificateArn": { + "markdownDescription": "Lists device's certificate ARN.", + "title": "CertificateArn", + "type": "string" + }, + "ThingArn": { + "markdownDescription": "Lists device's thing ARN.", + "title": "ThingArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoTCoreDeviceAdvisor::SuiteDefinition.SuiteDefinitionConfiguration": { + "additionalProperties": false, + "properties": { + "DevicePermissionRoleArn": { + "markdownDescription": "Gets the device permission ARN. This is a required parameter.", + "title": "DevicePermissionRoleArn", + "type": "string" + }, + "Devices": { + "items": { + "$ref": "#/definitions/AWS::IoTCoreDeviceAdvisor::SuiteDefinition.DeviceUnderTest" + }, + "markdownDescription": "Gets the devices configured.", + "title": "Devices", + "type": "array" + }, + "IntendedForQualification": { + "markdownDescription": "Gets the tests intended for qualification in a suite.", + "title": "IntendedForQualification", + "type": "boolean" + }, + "RootGroup": { + "markdownDescription": "Gets the test suite root group. This is a required parameter. For updating or creating the latest qualification suite, if `intendedForQualification` is set to true, `rootGroup` can be an empty string. If `intendedForQualification` is false, `rootGroup` cannot be an empty string. If `rootGroup` is empty, and `intendedForQualification` is set to true, all the qualification tests are included, and the configuration is default.\n\nFor a qualification suite, the minimum length is 0, and the maximum is 2048. For a non-qualification suite, the minimum length is 1, and the maximum is 2048.", + "title": "RootGroup", + "type": "string" + }, + "SuiteDefinitionName": { + "markdownDescription": "Gets the suite definition name. This is a required parameter.", + "title": "SuiteDefinitionName", + "type": "string" + } + }, + "required": [ + "DevicePermissionRoleArn", + "RootGroup" + ], + "type": "object" + }, + "AWS::IoTEvents::AlarmModel": { "additionalProperties": false, "properties": { "Condition": { @@ -146957,60 +151661,64 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessRules": { - "$ref": "#/definitions/AWS::Lightsail::Bucket.AccessRules", - "markdownDescription": "An object that describes the access rules for the bucket.", - "title": "AccessRules" + "AlarmCapabilities": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AlarmCapabilities", + "markdownDescription": "Contains the configuration information of alarm state changes.", + "title": "AlarmCapabilities" }, - "BucketName": { - "markdownDescription": "The name of the bucket.", - "title": "BucketName", + "AlarmEventActions": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AlarmEventActions", + "markdownDescription": "Contains information about one or more alarm actions.", + "title": "AlarmEventActions" + }, + "AlarmModelDescription": { + "markdownDescription": "The description of the alarm model.", + "title": "AlarmModelDescription", "type": "string" }, - "BundleId": { - "markdownDescription": "The bundle ID for the bucket (for example, `small_1_0` ).\n\nA bucket bundle specifies the monthly cost, storage space, and data transfer quota for a bucket.", - "title": "BundleId", + "AlarmModelName": { + "markdownDescription": "The name of the alarm model.", + "title": "AlarmModelName", "type": "string" }, - "ObjectVersioning": { - "markdownDescription": "Indicates whether object versioning is enabled for the bucket.\n\nThe following options can be configured:\n\n- `Enabled` - Object versioning is enabled.\n- `Suspended` - Object versioning was previously enabled but is currently suspended. Existing object versions are retained.\n- `NeverEnabled` - Object versioning has never been enabled.", - "title": "ObjectVersioning", - "type": "boolean" + "AlarmRule": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AlarmRule", + "markdownDescription": "Defines when your alarm is invoked.", + "title": "AlarmRule" }, - "ReadOnlyAccessAccounts": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of AWS account IDs that have read-only access to the bucket.", - "title": "ReadOnlyAccessAccounts", - "type": "array" + "Key": { + "markdownDescription": "An input attribute used as a key to create an alarm. AWS IoT Events routes [inputs](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Input.html) associated with this key to the alarm.", + "title": "Key", + "type": "string" }, - "ResourcesReceivingAccess": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of Lightsail instances that have access to the bucket.", - "title": "ResourcesReceivingAccess", - "type": "array" + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that allows the alarm to perform actions and access AWS resources. For more information, see [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* .", + "title": "RoleArn", + "type": "string" + }, + "Severity": { + "markdownDescription": "A non-negative integer that reflects the severity level of the alarm.", + "title": "Severity", + "type": "number" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", + "markdownDescription": "A list of key-value pairs that contain metadata for the alarm model. The tags help you manage the alarm model. For more information, see [Tagging your AWS IoT Events resources](https://docs.aws.amazon.com/iotevents/latest/developerguide/tagging-iotevents.html) in the *AWS IoT Events Developer Guide* .\n\nYou can create up to 50 tags for one alarm model.", "title": "Tags", "type": "array" } }, "required": [ - "BucketName", - "BundleId" + "AlarmRule", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lightsail::Bucket" + "AWS::IoTEvents::AlarmModel" ], "type": "string" }, @@ -147029,416 +151737,474 @@ ], "type": "object" }, - "AWS::Lightsail::Bucket.AccessRules": { + "AWS::IoTEvents::AlarmModel.AcknowledgeFlow": { "additionalProperties": false, "properties": { - "AllowPublicOverrides": { - "markdownDescription": "A Boolean value indicating whether the access control list (ACL) permissions that are applied to individual objects override the `GetObject` option that is currently specified.\n\nWhen this is true, you can use the [PutObjectAcl](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectAcl.html) Amazon S3 API operation to set individual objects to public (read-only) or private, using either the `public-read` ACL or the `private` ACL.", - "title": "AllowPublicOverrides", + "Enabled": { + "markdownDescription": "The value must be `TRUE` or `FALSE` . If `TRUE` , you receive a notification when the alarm state changes. You must choose to acknowledge the notification before the alarm state can return to `NORMAL` . If `FALSE` , you won't receive notifications. The alarm automatically changes to the `NORMAL` state when the input property value returns to the specified range.", + "title": "Enabled", "type": "boolean" - }, - "GetObject": { - "markdownDescription": "Specifies the anonymous access to all objects in a bucket.\n\nThe following options can be specified:\n\n- `public` - Sets all objects in the bucket to public (read-only), making them readable by everyone on the internet.\n\nIf the `GetObject` value is set to `public` , then all objects in the bucket default to public regardless of the `allowPublicOverrides` value.\n- `private` - Sets all objects in the bucket to private, making them readable only by you and anyone that you grant access to.\n\nIf the `GetObject` value is set to `private` , and the `allowPublicOverrides` value is set to `true` , then all objects in the bucket default to private unless they are configured with a `public-read` ACL. Individual objects with a `public-read` ACL are readable by everyone on the internet.", - "title": "GetObject", - "type": "string" } }, "type": "object" }, - "AWS::Lightsail::Certificate": { + "AWS::IoTEvents::AlarmModel.AlarmAction": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "DynamoDB": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.DynamoDB", + "markdownDescription": "Defines an action to write to the Amazon DynamoDB table that you created. The standard action payload contains all the information about the detector model instance and the event that triggered the action. You can customize the [payload](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Payload.html) . One column of the DynamoDB table receives all attribute-value pairs in the payload that you specify.\n\nYou must use expressions for all parameters in `DynamoDBAction` . The expressions accept literals, operators, functions, references, and substitution templates.\n\n**Examples** - For literal values, the expressions must contain single quotes. For example, the value for the `hashKeyType` parameter can be `'STRING'` .\n- For references, you must specify either variables or input values. For example, the value for the `hashKeyField` parameter can be `$input.GreenhouseInput.name` .\n- For a substitution template, you must use `${}` , and the template must be in single quotes. A substitution template can also contain a combination of literals, operators, functions, references, and substitution templates.\n\nIn the following example, the value for the `hashKeyValue` parameter uses a substitution template.\n\n`'${$input.GreenhouseInput.temperature * 6 / 5 + 32} in Fahrenheit'`\n- For a string concatenation, you must use `+` . A string concatenation can also contain a combination of literals, operators, functions, references, and substitution templates.\n\nIn the following example, the value for the `tableName` parameter uses a string concatenation.\n\n`'GreenhouseTemperatureTable ' + $input.GreenhouseInput.date`\n\nFor more information, see [Expressions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-expressions.html) in the *AWS IoT Events Developer Guide* .\n\nIf the defined payload type is a string, `DynamoDBAction` writes non-JSON data to the DynamoDB table as binary data. The DynamoDB console displays the data as Base64-encoded text. The value for the `payloadField` parameter is `_raw` .", + "title": "DynamoDB" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "DynamoDBv2": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.DynamoDBv2", + "markdownDescription": "Defines an action to write to the Amazon DynamoDB table that you created. The default action payload contains all the information about the detector model instance and the event that triggered the action. You can customize the [payload](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Payload.html) . A separate column of the DynamoDB table receives one attribute-value pair in the payload that you specify.\n\nYou must use expressions for all parameters in `DynamoDBv2Action` . The expressions accept literals, operators, functions, references, and substitution templates.\n\n**Examples** - For literal values, the expressions must contain single quotes. For example, the value for the `tableName` parameter can be `'GreenhouseTemperatureTable'` .\n- For references, you must specify either variables or input values. For example, the value for the `tableName` parameter can be `$variable.ddbtableName` .\n- For a substitution template, you must use `${}` , and the template must be in single quotes. A substitution template can also contain a combination of literals, operators, functions, references, and substitution templates.\n\nIn the following example, the value for the `contentExpression` parameter in `Payload` uses a substitution template.\n\n`'{\\\"sensorID\\\": \\\"${$input.GreenhouseInput.sensor_id}\\\", \\\"temperature\\\": \\\"${$input.GreenhouseInput.temperature * 9 / 5 + 32}\\\"}'`\n- For a string concatenation, you must use `+` . A string concatenation can also contain a combination of literals, operators, functions, references, and substitution templates.\n\nIn the following example, the value for the `tableName` parameter uses a string concatenation.\n\n`'GreenhouseTemperatureTable ' + $input.GreenhouseInput.date`\n\nFor more information, see [Expressions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-expressions.html) in the *AWS IoT Events Developer Guide* .\n\nThe value for the `type` parameter in `Payload` must be `JSON` .", + "title": "DynamoDBv2" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Firehose": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Firehose", + "markdownDescription": "Sends information about the detector model instance and the event that triggered the action to an Amazon Kinesis Data Firehose delivery stream.", + "title": "Firehose" }, - "Metadata": { - "type": "object" + "IotEvents": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.IotEvents", + "markdownDescription": "Sends an AWS IoT Events input, passing in information about the detector model instance and the event that triggered the action.", + "title": "IotEvents" }, - "Properties": { - "additionalProperties": false, - "properties": { - "CertificateName": { - "markdownDescription": "The name of the certificate.", - "title": "CertificateName", - "type": "string" - }, - "DomainName": { - "markdownDescription": "The domain name of the certificate.", - "title": "DomainName", - "type": "string" - }, - "SubjectAlternativeNames": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of strings that specify the alternate domains (such as `example.org` ) and subdomains (such as `blog.example.com` ) of the certificate.", - "title": "SubjectAlternativeNames", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "CertificateName", - "DomainName" - ], - "type": "object" + "IotSiteWise": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.IotSiteWise", + "markdownDescription": "Sends information about the detector model instance and the event that triggered the action to a specified asset property in AWS IoT SiteWise .\n\nYou must use expressions for all parameters in `IotSiteWiseAction` . The expressions accept literals, operators, functions, references, and substitutions templates.\n\n**Examples** - For literal values, the expressions must contain single quotes. For example, the value for the `propertyAlias` parameter can be `'/company/windfarm/3/turbine/7/temperature'` .\n- For references, you must specify either variables or input values. For example, the value for the `assetId` parameter can be `$input.TurbineInput.assetId1` .\n- For a substitution template, you must use `${}` , and the template must be in single quotes. A substitution template can also contain a combination of literals, operators, functions, references, and substitution templates.\n\nIn the following example, the value for the `propertyAlias` parameter uses a substitution template.\n\n`'company/windfarm/${$input.TemperatureInput.sensorData.windfarmID}/turbine/ ${$input.TemperatureInput.sensorData.turbineID}/temperature'`\n\nYou must specify either `propertyAlias` or both `assetId` and `propertyId` to identify the target asset property in AWS IoT SiteWise .\n\nFor more information, see [Expressions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-expressions.html) in the *AWS IoT Events Developer Guide* .", + "title": "IotSiteWise" }, - "Type": { - "enum": [ - "AWS::Lightsail::Certificate" - ], + "IotTopicPublish": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.IotTopicPublish", + "markdownDescription": "Information required to publish the MQTT message through the AWS IoT message broker.", + "title": "IotTopicPublish" + }, + "Lambda": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Lambda", + "markdownDescription": "Calls a Lambda function, passing in information about the detector model instance and the event that triggered the action.", + "title": "Lambda" + }, + "Sns": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Sns", + "markdownDescription": "Information required to publish the Amazon SNS message.", + "title": "Sns" + }, + "Sqs": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Sqs", + "markdownDescription": "Sends information about the detector model instance and the event that triggered the action to an Amazon SQS queue.", + "title": "Sqs" + } + }, + "type": "object" + }, + "AWS::IoTEvents::AlarmModel.AlarmCapabilities": { + "additionalProperties": false, + "properties": { + "AcknowledgeFlow": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AcknowledgeFlow", + "markdownDescription": "Specifies whether to get notified for alarm state changes.", + "title": "AcknowledgeFlow" + }, + "InitializationConfiguration": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.InitializationConfiguration", + "markdownDescription": "Specifies the default alarm state. The configuration applies to all alarms that were created based on this alarm model.", + "title": "InitializationConfiguration" + } + }, + "type": "object" + }, + "AWS::IoTEvents::AlarmModel.AlarmEventActions": { + "additionalProperties": false, + "properties": { + "AlarmActions": { + "items": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AlarmAction" + }, + "markdownDescription": "Specifies one or more supported actions to receive notifications when the alarm state changes.", + "title": "AlarmActions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::IoTEvents::AlarmModel.AlarmRule": { + "additionalProperties": false, + "properties": { + "SimpleRule": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.SimpleRule", + "markdownDescription": "A rule that compares an input property value to a threshold value with a comparison operator.", + "title": "SimpleRule" + } + }, + "type": "object" + }, + "AWS::IoTEvents::AlarmModel.AssetPropertyTimestamp": { + "additionalProperties": false, + "properties": { + "OffsetInNanos": { + "markdownDescription": "The nanosecond offset converted from `timeInSeconds` . The valid range is between 0-999999999.", + "title": "OffsetInNanos", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TimeInSeconds": { + "markdownDescription": "The timestamp, in seconds, in the Unix epoch format. The valid range is between 1-31556889864403199.", + "title": "TimeInSeconds", "type": "string" } }, "required": [ - "Type", - "Properties" + "TimeInSeconds" ], "type": "object" }, - "AWS::Lightsail::Container": { + "AWS::IoTEvents::AlarmModel.AssetPropertyValue": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Quality": { + "markdownDescription": "The quality of the asset property value. The value must be `'GOOD'` , `'BAD'` , or `'UNCERTAIN'` .", + "title": "Quality", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Timestamp": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AssetPropertyTimestamp", + "markdownDescription": "The timestamp associated with the asset property value. The default is the current event time.", + "title": "Timestamp" }, - "Metadata": { - "type": "object" + "Value": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AssetPropertyVariant", + "markdownDescription": "The value to send to an asset property.", + "title": "Value" + } + }, + "required": [ + "Value" + ], + "type": "object" + }, + "AWS::IoTEvents::AlarmModel.AssetPropertyVariant": { + "additionalProperties": false, + "properties": { + "BooleanValue": { + "markdownDescription": "The asset property value is a Boolean value that must be `'TRUE'` or `'FALSE'` . You must use an expression, and the evaluated result should be a Boolean value.", + "title": "BooleanValue", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ContainerServiceDeployment": { - "$ref": "#/definitions/AWS::Lightsail::Container.ContainerServiceDeployment", - "markdownDescription": "An object that describes the current container deployment of the container service.", - "title": "ContainerServiceDeployment" - }, - "IsDisabled": { - "markdownDescription": "A Boolean value indicating whether the container service is disabled.", - "title": "IsDisabled", - "type": "boolean" - }, - "Power": { - "markdownDescription": "The power specification of the container service.\n\nThe power specifies the amount of RAM, the number of vCPUs, and the base price of the container service.", - "title": "Power", - "type": "string" - }, - "PrivateRegistryAccess": { - "$ref": "#/definitions/AWS::Lightsail::Container.PrivateRegistryAccess", - "markdownDescription": "An object that describes the configuration for the container service to access private container image repositories, such as Amazon Elastic Container Registry ( Amazon ECR ) private repositories.\n\nFor more information, see [Configuring access to an Amazon ECR private repository for an Amazon Lightsail container service](https://docs.aws.amazon.com/lightsail/latest/userguide/amazon-lightsail-container-service-ecr-private-repo-access) in the *Amazon Lightsail Developer Guide* .", - "title": "PrivateRegistryAccess" - }, - "PublicDomainNames": { - "items": { - "$ref": "#/definitions/AWS::Lightsail::Container.PublicDomainName" - }, - "markdownDescription": "The public domain name of the container service, such as `example.com` and `www.example.com` .\n\nYou can specify up to four public domain names for a container service. The domain names that you specify are used when you create a deployment with a container that is configured as the public endpoint of your container service.\n\nIf you don't specify public domain names, then you can use the default domain of the container service.\n\n> You must create and validate an SSL/TLS certificate before you can use public domain names with your container service. Use the [AWS::Lightsail::Certificate](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lightsail-certificate.html) resource to create a certificate for the public domain names that you want to use with your container service.", - "title": "PublicDomainNames", - "type": "array" - }, - "Scale": { - "markdownDescription": "The scale specification of the container service.\n\nThe scale specifies the allocated compute nodes of the container service.", - "title": "Scale", - "type": "number" - }, - "ServiceName": { - "markdownDescription": "The name of the container service.", - "title": "ServiceName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Power", - "Scale", - "ServiceName" - ], - "type": "object" + "DoubleValue": { + "markdownDescription": "The asset property value is a double. You must use an expression, and the evaluated result should be a double.", + "title": "DoubleValue", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Lightsail::Container" - ], + "IntegerValue": { + "markdownDescription": "The asset property value is an integer. You must use an expression, and the evaluated result should be an integer.", + "title": "IntegerValue", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "StringValue": { + "markdownDescription": "The asset property value is a string. You must use an expression, and the evaluated result should be a string.", + "title": "StringValue", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Lightsail::Container.Container": { + "AWS::IoTEvents::AlarmModel.DynamoDB": { "additionalProperties": false, "properties": { - "Command": { - "items": { - "type": "string" - }, - "markdownDescription": "The launch command for the container.", - "title": "Command", - "type": "array" + "HashKeyField": { + "markdownDescription": "The name of the hash key (also called the partition key). The `hashKeyField` value must match the partition key of the target DynamoDB table.", + "title": "HashKeyField", + "type": "string" }, - "ContainerName": { - "markdownDescription": "The name of the container.", - "title": "ContainerName", + "HashKeyType": { + "markdownDescription": "The data type for the hash key (also called the partition key). You can specify the following values:\n\n- `'STRING'` - The hash key is a string.\n- `'NUMBER'` - The hash key is a number.\n\nIf you don't specify `hashKeyType` , the default value is `'STRING'` .", + "title": "HashKeyType", "type": "string" }, - "Environment": { - "items": { - "$ref": "#/definitions/AWS::Lightsail::Container.EnvironmentVariable" - }, - "markdownDescription": "The environment variables of the container.", - "title": "Environment", - "type": "array" + "HashKeyValue": { + "markdownDescription": "The value of the hash key (also called the partition key).", + "title": "HashKeyValue", + "type": "string" }, - "Image": { - "markdownDescription": "The name of the image used for the container.\n\nContainer images that are sourced from (registered and stored on) your container service start with a colon ( `:` ). For example, if your container service name is `container-service-1` , the container image label is `mystaticsite` , and you want to use the third version ( `3` ) of the registered container image, then you should specify `:container-service-1.mystaticsite.3` . To use the latest version of a container image, specify `latest` instead of a version number (for example, `:container-service-1.mystaticsite.latest` ). Your container service will automatically use the highest numbered version of the registered container image.\n\nContainer images that are sourced from a public registry like Docker Hub don\u2019t start with a colon. For example, `nginx:latest` or `nginx` .", - "title": "Image", + "Operation": { + "markdownDescription": "The type of operation to perform. You can specify the following values:\n\n- `'INSERT'` - Insert data as a new item into the DynamoDB table. This item uses the specified hash key as a partition key. If you specified a range key, the item uses the range key as a sort key.\n- `'UPDATE'` - Update an existing item of the DynamoDB table with new data. This item's partition key must match the specified hash key. If you specified a range key, the range key must match the item's sort key.\n- `'DELETE'` - Delete an existing item of the DynamoDB table. This item's partition key must match the specified hash key. If you specified a range key, the range key must match the item's sort key.\n\nIf you don't specify this parameter, AWS IoT Events triggers the `'INSERT'` operation.", + "title": "Operation", "type": "string" }, - "Ports": { - "items": { - "$ref": "#/definitions/AWS::Lightsail::Container.PortInfo" - }, - "markdownDescription": "An object that describes the open firewall ports and protocols of the container.", - "title": "Ports", - "type": "array" + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", + "markdownDescription": "Information needed to configure the payload.\n\nBy default, AWS IoT Events generates a standard payload in JSON for any action. This action payload contains all attribute-value pairs that have the information about the detector model instance and the event triggered the action. To configure the action payload, you can use `contentExpression` .", + "title": "Payload" + }, + "PayloadField": { + "markdownDescription": "The name of the DynamoDB column that receives the action payload.\n\nIf you don't specify this parameter, the name of the DynamoDB column is `payload` .", + "title": "PayloadField", + "type": "string" + }, + "RangeKeyField": { + "markdownDescription": "The name of the range key (also called the sort key). The `rangeKeyField` value must match the sort key of the target DynamoDB table.", + "title": "RangeKeyField", + "type": "string" + }, + "RangeKeyType": { + "markdownDescription": "The data type for the range key (also called the sort key), You can specify the following values:\n\n- `'STRING'` - The range key is a string.\n- `'NUMBER'` - The range key is number.\n\nIf you don't specify `rangeKeyField` , the default value is `'STRING'` .", + "title": "RangeKeyType", + "type": "string" + }, + "RangeKeyValue": { + "markdownDescription": "The value of the range key (also called the sort key).", + "title": "RangeKeyValue", + "type": "string" + }, + "TableName": { + "markdownDescription": "The name of the DynamoDB table. The `tableName` value must match the table name of the target DynamoDB table.", + "title": "TableName", + "type": "string" } }, + "required": [ + "HashKeyField", + "HashKeyValue", + "TableName" + ], "type": "object" }, - "AWS::Lightsail::Container.ContainerServiceDeployment": { + "AWS::IoTEvents::AlarmModel.DynamoDBv2": { "additionalProperties": false, "properties": { - "Containers": { - "items": { - "$ref": "#/definitions/AWS::Lightsail::Container.Container" - }, - "markdownDescription": "An object that describes the configuration for the containers of the deployment.", - "title": "Containers", - "type": "array" + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", + "markdownDescription": "Information needed to configure the payload.\n\nBy default, AWS IoT Events generates a standard payload in JSON for any action. This action payload contains all attribute-value pairs that have the information about the detector model instance and the event triggered the action. To configure the action payload, you can use `contentExpression` .", + "title": "Payload" }, - "PublicEndpoint": { - "$ref": "#/definitions/AWS::Lightsail::Container.PublicEndpoint", - "markdownDescription": "An object that describes the endpoint of the deployment.", - "title": "PublicEndpoint" + "TableName": { + "markdownDescription": "The name of the DynamoDB table.", + "title": "TableName", + "type": "string" } }, + "required": [ + "TableName" + ], "type": "object" }, - "AWS::Lightsail::Container.EcrImagePullerRole": { + "AWS::IoTEvents::AlarmModel.Firehose": { "additionalProperties": false, "properties": { - "IsActive": { - "markdownDescription": "A boolean value that indicates whether the `ECRImagePullerRole` is active.", - "title": "IsActive", - "type": "boolean" + "DeliveryStreamName": { + "markdownDescription": "The name of the Kinesis Data Firehose delivery stream where the data is written.", + "title": "DeliveryStreamName", + "type": "string" }, - "PrincipalArn": { - "markdownDescription": "The principle Amazon Resource Name (ARN) of the role. This property is read-only.", - "title": "PrincipalArn", + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", + "markdownDescription": "You can configure the action payload when you send a message to an Amazon Data Firehose delivery stream.", + "title": "Payload" + }, + "Separator": { + "markdownDescription": "A character separator that is used to separate records written to the Kinesis Data Firehose delivery stream. Valid values are: '\\n' (newline), '\\t' (tab), '\\r\\n' (Windows newline), ',' (comma).", + "title": "Separator", "type": "string" } }, + "required": [ + "DeliveryStreamName" + ], "type": "object" }, - "AWS::Lightsail::Container.EnvironmentVariable": { + "AWS::IoTEvents::AlarmModel.InitializationConfiguration": { "additionalProperties": false, "properties": { - "Value": { - "markdownDescription": "The environment variable value.", - "title": "Value", + "DisabledOnInitialization": { + "markdownDescription": "The value must be `TRUE` or `FALSE` . If `FALSE` , all alarm instances created based on the alarm model are activated. The default value is `TRUE` .", + "title": "DisabledOnInitialization", + "type": "boolean" + } + }, + "required": [ + "DisabledOnInitialization" + ], + "type": "object" + }, + "AWS::IoTEvents::AlarmModel.IotEvents": { + "additionalProperties": false, + "properties": { + "InputName": { + "markdownDescription": "The name of the AWS IoT Events input where the data is sent.", + "title": "InputName", "type": "string" }, - "Variable": { - "markdownDescription": "The environment variable key.", - "title": "Variable", - "type": "string" + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", + "markdownDescription": "You can configure the action payload when you send a message to an AWS IoT Events input.", + "title": "Payload" } }, + "required": [ + "InputName" + ], "type": "object" }, - "AWS::Lightsail::Container.HealthCheckConfig": { + "AWS::IoTEvents::AlarmModel.IotSiteWise": { "additionalProperties": false, "properties": { - "HealthyThreshold": { - "markdownDescription": "The number of consecutive health check successes required before moving the container to the `Healthy` state. The default value is `2` .", - "title": "HealthyThreshold", - "type": "number" - }, - "IntervalSeconds": { - "markdownDescription": "The approximate interval, in seconds, between health checks of an individual container. You can specify between `5` and `300` seconds. The default value is `5` .", - "title": "IntervalSeconds", - "type": "number" + "AssetId": { + "markdownDescription": "The ID of the asset that has the specified property.", + "title": "AssetId", + "type": "string" }, - "Path": { - "markdownDescription": "The path on the container on which to perform the health check. The default value is `/` .", - "title": "Path", + "EntryId": { + "markdownDescription": "A unique identifier for this entry. You can use the entry ID to track which data entry causes an error in case of failure. The default is a new unique identifier.", + "title": "EntryId", "type": "string" }, - "SuccessCodes": { - "markdownDescription": "The HTTP codes to use when checking for a successful response from a container. You can specify values between `200` and `499` . You can specify multiple values (for example, `200,202` ) or a range of values (for example, `200-299` ).", - "title": "SuccessCodes", + "PropertyAlias": { + "markdownDescription": "The alias of the asset property.", + "title": "PropertyAlias", "type": "string" }, - "TimeoutSeconds": { - "markdownDescription": "The amount of time, in seconds, during which no response means a failed health check. You can specify between `2` and `60` seconds. The default value is `2` .", - "title": "TimeoutSeconds", - "type": "number" + "PropertyId": { + "markdownDescription": "The ID of the asset property.", + "title": "PropertyId", + "type": "string" }, - "UnhealthyThreshold": { - "markdownDescription": "The number of consecutive health check failures required before moving the container to the `Unhealthy` state. The default value is `2` .", - "title": "UnhealthyThreshold", - "type": "number" + "PropertyValue": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AssetPropertyValue", + "markdownDescription": "The value to send to the asset property. This value contains timestamp, quality, and value (TQV) information.", + "title": "PropertyValue" } }, "type": "object" }, - "AWS::Lightsail::Container.PortInfo": { + "AWS::IoTEvents::AlarmModel.IotTopicPublish": { "additionalProperties": false, "properties": { - "Port": { - "markdownDescription": "The open firewall ports of the container.", - "title": "Port", + "MqttTopic": { + "markdownDescription": "The MQTT topic of the message. You can use a string expression that includes variables ( `$variable.` ) and input values ( `$input..` ) as the topic string.", + "title": "MqttTopic", "type": "string" }, - "Protocol": { - "markdownDescription": "The protocol name for the open ports.\n\n*Allowed values* : `HTTP` | `HTTPS` | `TCP` | `UDP`", - "title": "Protocol", + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", + "markdownDescription": "You can configure the action payload when you publish a message to an AWS IoT Core topic.", + "title": "Payload" + } + }, + "required": [ + "MqttTopic" + ], + "type": "object" + }, + "AWS::IoTEvents::AlarmModel.Lambda": { + "additionalProperties": false, + "properties": { + "FunctionArn": { + "markdownDescription": "The ARN of the Lambda function that is executed.", + "title": "FunctionArn", "type": "string" + }, + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", + "markdownDescription": "You can configure the action payload when you send a message to a Lambda function.", + "title": "Payload" } }, + "required": [ + "FunctionArn" + ], "type": "object" }, - "AWS::Lightsail::Container.PrivateRegistryAccess": { + "AWS::IoTEvents::AlarmModel.Payload": { "additionalProperties": false, "properties": { - "EcrImagePullerRole": { - "$ref": "#/definitions/AWS::Lightsail::Container.EcrImagePullerRole", - "markdownDescription": "An object that describes the activation status of the role that you can use to grant a Lightsail container service access to Amazon ECR private repositories. If the role is activated, the Amazon Resource Name (ARN) of the role is also listed.", - "title": "EcrImagePullerRole" + "ContentExpression": { + "markdownDescription": "The content of the payload. You can use a string expression that includes quoted strings ( `''` ), variables ( `$variable.` ), input values ( `$input..` ), string concatenations, and quoted strings that contain `${}` as the content. The recommended maximum size of a content expression is 1 KB.", + "title": "ContentExpression", + "type": "string" + }, + "Type": { + "markdownDescription": "The value of the payload type can be either `STRING` or `JSON` .", + "title": "Type", + "type": "string" } }, + "required": [ + "ContentExpression", + "Type" + ], "type": "object" }, - "AWS::Lightsail::Container.PublicDomainName": { + "AWS::IoTEvents::AlarmModel.SimpleRule": { "additionalProperties": false, "properties": { - "CertificateName": { - "markdownDescription": "The name of the certificate for the public domains.", - "title": "CertificateName", + "ComparisonOperator": { + "markdownDescription": "The comparison operator.", + "title": "ComparisonOperator", "type": "string" }, - "DomainNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The public domain names to use with the container service.", - "title": "DomainNames", - "type": "array" + "InputProperty": { + "markdownDescription": "The value on the left side of the comparison operator. You can specify an AWS IoT Events input attribute as an input property.", + "title": "InputProperty", + "type": "string" + }, + "Threshold": { + "markdownDescription": "The value on the right side of the comparison operator. You can enter a number or specify an AWS IoT Events input attribute.", + "title": "Threshold", + "type": "string" } }, + "required": [ + "ComparisonOperator", + "InputProperty", + "Threshold" + ], "type": "object" }, - "AWS::Lightsail::Container.PublicEndpoint": { + "AWS::IoTEvents::AlarmModel.Sns": { "additionalProperties": false, "properties": { - "ContainerName": { - "markdownDescription": "The name of the container entry of the deployment that the endpoint configuration applies to.", - "title": "ContainerName", + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", + "markdownDescription": "You can configure the action payload when you send a message as an Amazon SNS push notification.", + "title": "Payload" + }, + "TargetArn": { + "markdownDescription": "The ARN of the Amazon SNS target where the message is sent.", + "title": "TargetArn", "type": "string" + } + }, + "required": [ + "TargetArn" + ], + "type": "object" + }, + "AWS::IoTEvents::AlarmModel.Sqs": { + "additionalProperties": false, + "properties": { + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", + "markdownDescription": "You can configure the action payload when you send a message to an Amazon SQS queue.", + "title": "Payload" }, - "ContainerPort": { - "markdownDescription": "The port of the specified container to which traffic is forwarded to.", - "title": "ContainerPort", - "type": "number" + "QueueUrl": { + "markdownDescription": "The URL of the SQS queue where the data is written.", + "title": "QueueUrl", + "type": "string" }, - "HealthCheckConfig": { - "$ref": "#/definitions/AWS::Lightsail::Container.HealthCheckConfig", - "markdownDescription": "An object that describes the health check configuration of the container.", - "title": "HealthCheckConfig" + "UseBase64": { + "markdownDescription": "Set this to TRUE if you want the data to be base-64 encoded before it is written to the queue. Otherwise, set this to FALSE.", + "title": "UseBase64", + "type": "boolean" } }, + "required": [ + "QueueUrl" + ], "type": "object" }, - "AWS::Lightsail::Database": { + "AWS::IoTEvents::DetectorModel": { "additionalProperties": false, "properties": { "Condition": { @@ -147473,100 +152239,54 @@ "Properties": { "additionalProperties": false, "properties": { - "AvailabilityZone": { - "markdownDescription": "The Availability Zone for the database.", - "title": "AvailabilityZone", - "type": "string" - }, - "BackupRetention": { - "markdownDescription": "A Boolean value indicating whether automated backup retention is enabled for the database. Data Import Mode is enabled when `BackupRetention` is set to `false` , and is disabled when `BackupRetention` is set to `true` .", - "title": "BackupRetention", - "type": "boolean" - }, - "CaCertificateIdentifier": { - "markdownDescription": "The certificate associated with the database.", - "title": "CaCertificateIdentifier", - "type": "string" - }, - "MasterDatabaseName": { - "markdownDescription": "The meaning of this parameter differs according to the database engine you use.\n\n*MySQL*\n\nThe name of the database to create when the Lightsail database resource is created. If this parameter isn't specified, no database is created in the database resource.\n\nConstraints:\n\n- Must contain 1-64 letters or numbers.\n- Must begin with a letter. Subsequent characters can be letters, underscores, or numbers (0-9).\n- Can't be a word reserved by the specified database engine.\n\nFor more information about reserved words in MySQL, see the Keywords and Reserved Words articles for [MySQL 5.6](https://docs.aws.amazon.com/https://dev.mysql.com/doc/refman/5.6/en/keywords.html) , [MySQL 5.7](https://docs.aws.amazon.com/https://dev.mysql.com/doc/refman/5.7/en/keywords.html) , and [MySQL 8.0](https://docs.aws.amazon.com/https://dev.mysql.com/doc/refman/8.0/en/keywords.html) .\n\n*PostgreSQL*\n\nThe name of the database to create when the Lightsail database resource is created. If this parameter isn't specified, a database named `postgres` is created in the database resource.\n\nConstraints:\n\n- Must contain 1-63 letters or numbers.\n- Must begin with a letter. Subsequent characters can be letters, underscores, or numbers (0-9).\n- Can't be a word reserved by the specified database engine.\n\nFor more information about reserved words in PostgreSQL, see the SQL Key Words articles for [PostgreSQL 9.6](https://docs.aws.amazon.com/https://www.postgresql.org/docs/9.6/sql-keywords-appendix.html) , [PostgreSQL 10](https://docs.aws.amazon.com/https://www.postgresql.org/docs/10/sql-keywords-appendix.html) , [PostgreSQL 11](https://docs.aws.amazon.com/https://www.postgresql.org/docs/11/sql-keywords-appendix.html) , and [PostgreSQL 12](https://docs.aws.amazon.com/https://www.postgresql.org/docs/12/sql-keywords-appendix.html) .", - "title": "MasterDatabaseName", - "type": "string" - }, - "MasterUserPassword": { - "markdownDescription": "The password for the primary user of the database. The password can include any printable ASCII character except the following: /, \", or @. It cannot contain spaces.\n\n> The `MasterUserPassword` and `RotateMasterUserPassword` parameters cannot be used together in the same template. \n\n*MySQL*\n\nConstraints: Must contain 8-41 characters.\n\n*PostgreSQL*\n\nConstraints: Must contain 8-128 characters.", - "title": "MasterUserPassword", - "type": "string" - }, - "MasterUsername": { - "markdownDescription": "The name for the primary user.\n\n*MySQL*\n\nConstraints:\n\n- Required for MySQL.\n- Must be 1-16 letters or numbers. Can contain underscores.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.\n\nFor more information about reserved words in MySQL 5.6 or 5.7, see the Keywords and Reserved Words articles for [MySQL 5.6](https://docs.aws.amazon.com/https://dev.mysql.com/doc/refman/5.6/en/keywords.html) , [MySQL 5.7](https://docs.aws.amazon.com/https://dev.mysql.com/doc/refman/5.7/en/keywords.html) , or [MySQL 8.0](https://docs.aws.amazon.com/https://dev.mysql.com/doc/refman/8.0/en/keywords.html) .\n\n*PostgreSQL*\n\nConstraints:\n\n- Required for PostgreSQL.\n- Must be 1-63 letters or numbers. Can contain underscores.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.\n\nFor more information about reserved words in MySQL 5.6 or 5.7, see the Keywords and Reserved Words articles for [PostgreSQL 9.6](https://docs.aws.amazon.com/https://www.postgresql.org/docs/9.6/sql-keywords-appendix.html) , [PostgreSQL 10](https://docs.aws.amazon.com/https://www.postgresql.org/docs/10/sql-keywords-appendix.html) , [PostgreSQL 11](https://docs.aws.amazon.com/https://www.postgresql.org/docs/11/sql-keywords-appendix.html) , and [PostgreSQL 12](https://docs.aws.amazon.com/https://www.postgresql.org/docs/12/sql-keywords-appendix.html) .", - "title": "MasterUsername", - "type": "string" + "DetectorModelDefinition": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.DetectorModelDefinition", + "markdownDescription": "Information that defines how a detector operates.", + "title": "DetectorModelDefinition" }, - "PreferredBackupWindow": { - "markdownDescription": "The daily time range during which automated backups are created for the database (for example, `16:00-16:30` ).", - "title": "PreferredBackupWindow", + "DetectorModelDescription": { + "markdownDescription": "A brief description of the detector model.", + "title": "DetectorModelDescription", "type": "string" }, - "PreferredMaintenanceWindow": { - "markdownDescription": "The weekly time range during which system maintenance can occur for the database, formatted as follows: `ddd:hh24:mi-ddd:hh24:mi` . For example, `Tue:17:00-Tue:17:30` .", - "title": "PreferredMaintenanceWindow", + "DetectorModelName": { + "markdownDescription": "The name of the detector model.", + "title": "DetectorModelName", "type": "string" }, - "PubliclyAccessible": { - "markdownDescription": "A Boolean value indicating whether the database is accessible to anyone on the internet.", - "title": "PubliclyAccessible", - "type": "boolean" - }, - "RelationalDatabaseBlueprintId": { - "markdownDescription": "The blueprint ID for the database (for example, `mysql_8_0` ).", - "title": "RelationalDatabaseBlueprintId", + "EvaluationMethod": { + "markdownDescription": "Information about the order in which events are evaluated and how actions are executed.", + "title": "EvaluationMethod", "type": "string" }, - "RelationalDatabaseBundleId": { - "markdownDescription": "The bundle ID for the database (for example, `medium_1_0` ).", - "title": "RelationalDatabaseBundleId", + "Key": { + "markdownDescription": "The value used to identify a detector instance. When a device or system sends input, a new detector instance with a unique key value is created. AWS IoT Events can continue to route input to its corresponding detector instance based on this identifying information.\n\nThis parameter uses a JSON-path expression to select the attribute-value pair in the message payload that is used for identification. To route the message to the correct detector instance, the device must send a message payload that contains the same attribute-value.", + "title": "Key", "type": "string" }, - "RelationalDatabaseName": { - "markdownDescription": "The name of the instance.", - "title": "RelationalDatabaseName", + "RoleArn": { + "markdownDescription": "The ARN of the role that grants permission to AWS IoT Events to perform its operations.", + "title": "RoleArn", "type": "string" }, - "RelationalDatabaseParameters": { - "items": { - "$ref": "#/definitions/AWS::Lightsail::Database.RelationalDatabaseParameter" - }, - "markdownDescription": "An array of parameters for the database.", - "title": "RelationalDatabaseParameters", - "type": "array" - }, - "RotateMasterUserPassword": { - "markdownDescription": "A Boolean value indicating whether to change the primary user password to a new, strong password generated by Lightsail .\n\n> The `RotateMasterUserPassword` and `MasterUserPassword` parameters cannot be used together in the same template.", - "title": "RotateMasterUserPassword", - "type": "boolean" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ - "MasterDatabaseName", - "MasterUsername", - "RelationalDatabaseBlueprintId", - "RelationalDatabaseBundleId", - "RelationalDatabaseName" + "DetectorModelDefinition", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lightsail::Database" + "AWS::IoTEvents::DetectorModel" ], "type": "string" }, @@ -147585,839 +152305,640 @@ ], "type": "object" }, - "AWS::Lightsail::Database.RelationalDatabaseParameter": { + "AWS::IoTEvents::DetectorModel.Action": { "additionalProperties": false, "properties": { - "AllowedValues": { - "markdownDescription": "The valid range of values for the parameter.", - "title": "AllowedValues", - "type": "string" + "ClearTimer": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.ClearTimer", + "markdownDescription": "Information needed to clear the timer.", + "title": "ClearTimer" }, - "ApplyMethod": { - "markdownDescription": "Indicates when parameter updates are applied.\n\nCan be `immediate` or `pending-reboot` .", - "title": "ApplyMethod", - "type": "string" + "DynamoDB": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.DynamoDB", + "markdownDescription": "Writes to the DynamoDB table that you created. The default action payload contains all attribute-value pairs that have the information about the detector model instance and the event that triggered the action. You can customize the [payload](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Payload.html) . One column of the DynamoDB table receives all attribute-value pairs in the payload that you specify. For more information, see [Actions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-event-actions.html) in *AWS IoT Events Developer Guide* .", + "title": "DynamoDB" }, - "ApplyType": { - "markdownDescription": "Specifies the engine-specific parameter type.", - "title": "ApplyType", - "type": "string" + "DynamoDBv2": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.DynamoDBv2", + "markdownDescription": "Writes to the DynamoDB table that you created. The default action payload contains all attribute-value pairs that have the information about the detector model instance and the event that triggered the action. You can customize the [payload](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Payload.html) . A separate column of the DynamoDB table receives one attribute-value pair in the payload that you specify. For more information, see [Actions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-event-actions.html) in *AWS IoT Events Developer Guide* .", + "title": "DynamoDBv2" }, - "DataType": { - "markdownDescription": "The valid data type of the parameter.", - "title": "DataType", - "type": "string" + "Firehose": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Firehose", + "markdownDescription": "Sends information about the detector model instance and the event that triggered the action to an Amazon Kinesis Data Firehose delivery stream.", + "title": "Firehose" }, - "Description": { - "markdownDescription": "A description of the parameter.", - "title": "Description", - "type": "string" + "IotEvents": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.IotEvents", + "markdownDescription": "Sends AWS IoT Events input, which passes information about the detector model instance and the event that triggered the action.", + "title": "IotEvents" }, - "IsModifiable": { - "markdownDescription": "A Boolean value indicating whether the parameter can be modified.", - "title": "IsModifiable", - "type": "boolean" + "IotSiteWise": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.IotSiteWise", + "markdownDescription": "Sends information about the detector model instance and the event that triggered the action to an asset property in AWS IoT SiteWise .", + "title": "IotSiteWise" }, - "ParameterName": { - "markdownDescription": "The name of the parameter.", - "title": "ParameterName", - "type": "string" + "IotTopicPublish": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.IotTopicPublish", + "markdownDescription": "Publishes an MQTT message with the given topic to the AWS IoT message broker.", + "title": "IotTopicPublish" }, - "ParameterValue": { - "markdownDescription": "The value for the parameter.", - "title": "ParameterValue", - "type": "string" + "Lambda": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Lambda", + "markdownDescription": "Calls a Lambda function, passing in information about the detector model instance and the event that triggered the action.", + "title": "Lambda" + }, + "ResetTimer": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.ResetTimer", + "markdownDescription": "Information needed to reset the timer.", + "title": "ResetTimer" + }, + "SetTimer": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.SetTimer", + "markdownDescription": "Information needed to set the timer.", + "title": "SetTimer" + }, + "SetVariable": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.SetVariable", + "markdownDescription": "Sets a variable to a specified value.", + "title": "SetVariable" + }, + "Sns": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Sns", + "markdownDescription": "Sends an Amazon SNS message.", + "title": "Sns" + }, + "Sqs": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Sqs", + "markdownDescription": "Sends an Amazon SNS message.", + "title": "Sqs" } }, "type": "object" }, - "AWS::Lightsail::Disk": { + "AWS::IoTEvents::DetectorModel.AssetPropertyTimestamp": { "additionalProperties": false, "properties": { - "Condition": { + "OffsetInNanos": { + "markdownDescription": "The nanosecond offset converted from `timeInSeconds` . The valid range is between 0-999999999.", + "title": "OffsetInNanos", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TimeInSeconds": { + "markdownDescription": "The timestamp, in seconds, in the Unix epoch format. The valid range is between 1-31556889864403199.", + "title": "TimeInSeconds", "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AddOns": { - "items": { - "$ref": "#/definitions/AWS::Lightsail::Disk.AddOn" - }, - "markdownDescription": "An array of add-ons for the disk.\n\n> If the disk has an add-on enabled when performing a delete disk request, the add-on is automatically disabled before the disk is deleted.", - "title": "AddOns", - "type": "array" - }, - "AvailabilityZone": { - "markdownDescription": "The AWS Region and Availability Zone location for the disk (for example, `us-east-1a` ).", - "title": "AvailabilityZone", - "type": "string" - }, - "DiskName": { - "markdownDescription": "The name of the disk.", - "title": "DiskName", - "type": "string" - }, - "Location": { - "$ref": "#/definitions/AWS::Lightsail::Disk.Location", - "markdownDescription": "The AWS Region and Availability Zone where the disk is located.", - "title": "Location" - }, - "SizeInGb": { - "markdownDescription": "The size of the disk in GB.", - "title": "SizeInGb", - "type": "number" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "DiskName", - "SizeInGb" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Lightsail::Disk" - ], + } + }, + "required": [ + "TimeInSeconds" + ], + "type": "object" + }, + "AWS::IoTEvents::DetectorModel.AssetPropertyValue": { + "additionalProperties": false, + "properties": { + "Quality": { + "markdownDescription": "The quality of the asset property value. The value must be `'GOOD'` , `'BAD'` , or `'UNCERTAIN'` .", + "title": "Quality", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Timestamp": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.AssetPropertyTimestamp", + "markdownDescription": "The timestamp associated with the asset property value. The default is the current event time.", + "title": "Timestamp" + }, + "Value": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.AssetPropertyVariant", + "markdownDescription": "The value to send to an asset property.", + "title": "Value" } }, "required": [ - "Type", - "Properties" + "Value" ], "type": "object" }, - "AWS::Lightsail::Disk.AddOn": { + "AWS::IoTEvents::DetectorModel.AssetPropertyVariant": { "additionalProperties": false, "properties": { - "AddOnType": { - "markdownDescription": "The add-on type (for example, `AutoSnapshot` ).\n\n> `AutoSnapshot` is the only add-on that can be enabled for a disk.", - "title": "AddOnType", + "BooleanValue": { + "markdownDescription": "The asset property value is a Boolean value that must be `'TRUE'` or `'FALSE'` . You must use an expression, and the evaluated result should be a Boolean value.", + "title": "BooleanValue", "type": "string" }, - "AutoSnapshotAddOnRequest": { - "$ref": "#/definitions/AWS::Lightsail::Disk.AutoSnapshotAddOn", - "markdownDescription": "The parameters for the automatic snapshot add-on, such as the daily time when an automatic snapshot will be created.", - "title": "AutoSnapshotAddOnRequest" + "DoubleValue": { + "markdownDescription": "The asset property value is a double. You must use an expression, and the evaluated result should be a double.", + "title": "DoubleValue", + "type": "string" }, - "Status": { - "markdownDescription": "The status of the add-on.\n\nValid Values: `Enabled` | `Disabled`", - "title": "Status", + "IntegerValue": { + "markdownDescription": "The asset property value is an integer. You must use an expression, and the evaluated result should be an integer.", + "title": "IntegerValue", + "type": "string" + }, + "StringValue": { + "markdownDescription": "The asset property value is a string. You must use an expression, and the evaluated result should be a string.", + "title": "StringValue", "type": "string" } }, - "required": [ - "AddOnType" - ], "type": "object" }, - "AWS::Lightsail::Disk.AutoSnapshotAddOn": { + "AWS::IoTEvents::DetectorModel.ClearTimer": { "additionalProperties": false, "properties": { - "SnapshotTimeOfDay": { - "markdownDescription": "The daily time when an automatic snapshot will be created.\n\nConstraints:\n\n- Must be in `HH:00` format, and in an hourly increment.\n- Specified in Coordinated Universal Time (UTC).\n- The snapshot will be automatically created between the time specified and up to 45 minutes after.", - "title": "SnapshotTimeOfDay", + "TimerName": { + "markdownDescription": "The name of the timer to clear.", + "title": "TimerName", "type": "string" } }, + "required": [ + "TimerName" + ], "type": "object" }, - "AWS::Lightsail::Disk.Location": { + "AWS::IoTEvents::DetectorModel.DetectorModelDefinition": { "additionalProperties": false, "properties": { - "AvailabilityZone": { - "markdownDescription": "The Availability Zone where the disk is located.", - "title": "AvailabilityZone", + "InitialStateName": { + "markdownDescription": "The state that is entered at the creation of each detector (instance).", + "title": "InitialStateName", "type": "string" }, - "RegionName": { - "markdownDescription": "The AWS Region where the disk is located.", - "title": "RegionName", - "type": "string" + "States": { + "items": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.State" + }, + "markdownDescription": "Information about the states of the detector.", + "title": "States", + "type": "array" } }, + "required": [ + "InitialStateName", + "States" + ], "type": "object" }, - "AWS::Lightsail::Distribution": { + "AWS::IoTEvents::DetectorModel.DynamoDB": { "additionalProperties": false, "properties": { - "Condition": { + "HashKeyField": { + "markdownDescription": "The name of the hash key (also called the partition key). The `hashKeyField` value must match the partition key of the target DynamoDB table.", + "title": "HashKeyField", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "HashKeyType": { + "markdownDescription": "The data type for the hash key (also called the partition key). You can specify the following values:\n\n- `'STRING'` - The hash key is a string.\n- `'NUMBER'` - The hash key is a number.\n\nIf you don't specify `hashKeyType` , the default value is `'STRING'` .", + "title": "HashKeyType", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "HashKeyValue": { + "markdownDescription": "The value of the hash key (also called the partition key).", + "title": "HashKeyValue", + "type": "string" }, - "Metadata": { - "type": "object" + "Operation": { + "markdownDescription": "The type of operation to perform. You can specify the following values:\n\n- `'INSERT'` - Insert data as a new item into the DynamoDB table. This item uses the specified hash key as a partition key. If you specified a range key, the item uses the range key as a sort key.\n- `'UPDATE'` - Update an existing item of the DynamoDB table with new data. This item's partition key must match the specified hash key. If you specified a range key, the range key must match the item's sort key.\n- `'DELETE'` - Delete an existing item of the DynamoDB table. This item's partition key must match the specified hash key. If you specified a range key, the range key must match the item's sort key.\n\nIf you don't specify this parameter, AWS IoT Events triggers the `'INSERT'` operation.", + "title": "Operation", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "BundleId": { - "markdownDescription": "The ID of the bundle applied to the distribution.", - "title": "BundleId", - "type": "string" - }, - "CacheBehaviorSettings": { - "$ref": "#/definitions/AWS::Lightsail::Distribution.CacheSettings", - "markdownDescription": "An object that describes the cache behavior settings of the distribution.", - "title": "CacheBehaviorSettings" - }, - "CacheBehaviors": { - "items": { - "$ref": "#/definitions/AWS::Lightsail::Distribution.CacheBehaviorPerPath" - }, - "markdownDescription": "An array of objects that describe the per-path cache behavior of the distribution.", - "title": "CacheBehaviors", - "type": "array" - }, - "CertificateName": { - "markdownDescription": "The name of the SSL/TLS certificate attached to the distribution.", - "title": "CertificateName", - "type": "string" - }, - "DefaultCacheBehavior": { - "$ref": "#/definitions/AWS::Lightsail::Distribution.CacheBehavior", - "markdownDescription": "An object that describes the default cache behavior of the distribution.", - "title": "DefaultCacheBehavior" - }, - "DistributionName": { - "markdownDescription": "The name of the distribution", - "title": "DistributionName", - "type": "string" - }, - "IpAddressType": { - "markdownDescription": "The IP address type of the distribution.\n\nThe possible values are `ipv4` for IPv4 only, and `dualstack` for IPv4 and IPv6.", - "title": "IpAddressType", - "type": "string" - }, - "IsEnabled": { - "markdownDescription": "A Boolean value indicating whether the distribution is enabled.", - "title": "IsEnabled", - "type": "boolean" - }, - "Origin": { - "$ref": "#/definitions/AWS::Lightsail::Distribution.InputOrigin", - "markdownDescription": "An object that describes the origin resource of the distribution, such as a Lightsail instance, bucket, or load balancer.\n\nThe distribution pulls, caches, and serves content from the origin.", - "title": "Origin" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "BundleId", - "DefaultCacheBehavior", - "DistributionName", - "Origin" - ], - "type": "object" + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", + "markdownDescription": "Information needed to configure the payload.\n\nBy default, AWS IoT Events generates a standard payload in JSON for any action. This action payload contains all attribute-value pairs that have the information about the detector model instance and the event triggered the action. To configure the action payload, you can use `contentExpression` .", + "title": "Payload" }, - "Type": { - "enum": [ - "AWS::Lightsail::Distribution" - ], + "PayloadField": { + "markdownDescription": "The name of the DynamoDB column that receives the action payload.\n\nIf you don't specify this parameter, the name of the DynamoDB column is `payload` .", + "title": "PayloadField", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "RangeKeyField": { + "markdownDescription": "The name of the range key (also called the sort key). The `rangeKeyField` value must match the sort key of the target DynamoDB table.", + "title": "RangeKeyField", + "type": "string" + }, + "RangeKeyType": { + "markdownDescription": "The data type for the range key (also called the sort key), You can specify the following values:\n\n- `'STRING'` - The range key is a string.\n- `'NUMBER'` - The range key is number.\n\nIf you don't specify `rangeKeyField` , the default value is `'STRING'` .", + "title": "RangeKeyType", + "type": "string" + }, + "RangeKeyValue": { + "markdownDescription": "The value of the range key (also called the sort key).", + "title": "RangeKeyValue", + "type": "string" + }, + "TableName": { + "markdownDescription": "The name of the DynamoDB table. The `tableName` value must match the table name of the target DynamoDB table.", + "title": "TableName", "type": "string" } }, "required": [ - "Type", - "Properties" + "HashKeyField", + "HashKeyValue", + "TableName" ], "type": "object" }, - "AWS::Lightsail::Distribution.CacheBehavior": { + "AWS::IoTEvents::DetectorModel.DynamoDBv2": { "additionalProperties": false, "properties": { - "Behavior": { - "markdownDescription": "The cache behavior of the distribution.\n\nThe following cache behaviors can be specified:\n\n- *`cache`* - This option is best for static sites. When specified, your distribution caches and serves your entire website as static content. This behavior is ideal for websites with static content that doesn't change depending on who views it, or for websites that don't use cookies, headers, or query strings to personalize content.\n- *`dont-cache`* - This option is best for sites that serve a mix of static and dynamic content. When specified, your distribution caches and serves only the content that is specified in the distribution\u2019s `CacheBehaviorPerPath` parameter. This behavior is ideal for websites or web applications that use cookies, headers, and query strings to personalize content for individual users.", - "title": "Behavior", + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", + "markdownDescription": "Information needed to configure the payload.\n\nBy default, AWS IoT Events generates a standard payload in JSON for any action. This action payload contains all attribute-value pairs that have the information about the detector model instance and the event triggered the action. To configure the action payload, you can use `contentExpression` .", + "title": "Payload" + }, + "TableName": { + "markdownDescription": "The name of the DynamoDB table.", + "title": "TableName", "type": "string" } }, + "required": [ + "TableName" + ], "type": "object" }, - "AWS::Lightsail::Distribution.CacheBehaviorPerPath": { + "AWS::IoTEvents::DetectorModel.Event": { "additionalProperties": false, "properties": { - "Behavior": { - "markdownDescription": "The cache behavior for the specified path.\n\nYou can specify one of the following per-path cache behaviors:\n\n- *`cache`* - This behavior caches the specified path.\n- *`dont-cache`* - This behavior doesn't cache the specified path.", - "title": "Behavior", + "Actions": { + "items": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Action" + }, + "markdownDescription": "The actions to be performed.", + "title": "Actions", + "type": "array" + }, + "Condition": { + "markdownDescription": "Optional. The Boolean expression that, when TRUE, causes the `actions` to be performed. If not present, the actions are performed (=TRUE). If the expression result is not a Boolean value, the actions are not performed (=FALSE).", + "title": "Condition", "type": "string" }, - "Path": { - "markdownDescription": "The path to a directory or file to cache, or not cache. Use an asterisk symbol to specify wildcard directories ( `path/to/assets/*` ), and file types ( `*.html` , `*jpg` , `*js` ). Directories and file paths are case-sensitive.\n\nExamples:\n\n- Specify the following to cache all files in the document root of an Apache web server running on a instance.\n\n`var/www/html/`\n- Specify the following file to cache only the index page in the document root of an Apache web server.\n\n`var/www/html/index.html`\n- Specify the following to cache only the .html files in the document root of an Apache web server.\n\n`var/www/html/*.html`\n- Specify the following to cache only the .jpg, .png, and .gif files in the images sub-directory of the document root of an Apache web server.\n\n`var/www/html/images/*.jpg`\n\n`var/www/html/images/*.png`\n\n`var/www/html/images/*.gif`\n\nSpecify the following to cache all files in the images subdirectory of the document root of an Apache web server.\n\n`var/www/html/images/`", - "title": "Path", + "EventName": { + "markdownDescription": "The name of the event.", + "title": "EventName", "type": "string" } }, + "required": [ + "EventName" + ], "type": "object" }, - "AWS::Lightsail::Distribution.CacheSettings": { + "AWS::IoTEvents::DetectorModel.Firehose": { "additionalProperties": false, "properties": { - "AllowedHTTPMethods": { - "markdownDescription": "The HTTP methods that are processed and forwarded to the distribution's origin.\n\nYou can specify the following options:\n\n- `GET,HEAD` - The distribution forwards the `GET` and `HEAD` methods.\n- `GET,HEAD,OPTIONS` - The distribution forwards the `GET` , `HEAD` , and `OPTIONS` methods.\n- `GET,HEAD,OPTIONS,PUT,PATCH,POST,DELETE` - The distribution forwards the `GET` , `HEAD` , `OPTIONS` , `PUT` , `PATCH` , `POST` , and `DELETE` methods.\n\nIf you specify `GET,HEAD,OPTIONS,PUT,PATCH,POST,DELETE` , you might need to restrict access to your distribution's origin so users can't perform operations that you don't want them to. For example, you might not want users to have permission to delete objects from your origin.", - "title": "AllowedHTTPMethods", - "type": "string" - }, - "CachedHTTPMethods": { - "markdownDescription": "The HTTP method responses that are cached by your distribution.\n\nYou can specify the following options:\n\n- `GET,HEAD` - The distribution caches responses to the `GET` and `HEAD` methods.\n- `GET,HEAD,OPTIONS` - The distribution caches responses to the `GET` , `HEAD` , and `OPTIONS` methods.", - "title": "CachedHTTPMethods", + "DeliveryStreamName": { + "markdownDescription": "The name of the Kinesis Data Firehose delivery stream where the data is written.", + "title": "DeliveryStreamName", "type": "string" }, - "DefaultTTL": { - "markdownDescription": "The default amount of time that objects stay in the distribution's cache before the distribution forwards another request to the origin to determine whether the content has been updated.\n\n> The value specified applies only when the origin does not add HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects.", - "title": "DefaultTTL", - "type": "number" - }, - "ForwardedCookies": { - "$ref": "#/definitions/AWS::Lightsail::Distribution.CookieObject", - "markdownDescription": "An object that describes the cookies that are forwarded to the origin. Your content is cached based on the cookies that are forwarded.", - "title": "ForwardedCookies" - }, - "ForwardedHeaders": { - "$ref": "#/definitions/AWS::Lightsail::Distribution.HeaderObject", - "markdownDescription": "An object that describes the headers that are forwarded to the origin. Your content is cached based on the headers that are forwarded.", - "title": "ForwardedHeaders" - }, - "ForwardedQueryStrings": { - "$ref": "#/definitions/AWS::Lightsail::Distribution.QueryStringObject", - "markdownDescription": "An object that describes the query strings that are forwarded to the origin. Your content is cached based on the query strings that are forwarded.", - "title": "ForwardedQueryStrings" - }, - "MaximumTTL": { - "markdownDescription": "The maximum amount of time that objects stay in the distribution's cache before the distribution forwards another request to the origin to determine whether the object has been updated.\n\nThe value specified applies only when the origin adds HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects.", - "title": "MaximumTTL", - "type": "number" + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", + "markdownDescription": "You can configure the action payload when you send a message to an Amazon Data Firehose delivery stream.", + "title": "Payload" }, - "MinimumTTL": { - "markdownDescription": "The minimum amount of time that objects stay in the distribution's cache before the distribution forwards another request to the origin to determine whether the object has been updated.\n\nA value of `0` must be specified for `minimumTTL` if the distribution is configured to forward all headers to the origin.", - "title": "MinimumTTL", - "type": "number" + "Separator": { + "markdownDescription": "A character separator that is used to separate records written to the Kinesis Data Firehose delivery stream. Valid values are: '\\n' (newline), '\\t' (tab), '\\r\\n' (Windows newline), ',' (comma).", + "title": "Separator", + "type": "string" } }, + "required": [ + "DeliveryStreamName" + ], "type": "object" }, - "AWS::Lightsail::Distribution.CookieObject": { + "AWS::IoTEvents::DetectorModel.IotEvents": { "additionalProperties": false, "properties": { - "CookiesAllowList": { - "items": { - "type": "string" - }, - "markdownDescription": "The specific cookies to forward to your distribution's origin.", - "title": "CookiesAllowList", - "type": "array" - }, - "Option": { - "markdownDescription": "Specifies which cookies to forward to the distribution's origin for a cache behavior.\n\nUse one of the following configurations for your distribution:\n\n- *`all`* - Forwards all cookies to your origin.\n- *`none`* - Doesn\u2019t forward cookies to your origin.\n- *`allow-list`* - Forwards only the cookies that you specify using the `CookiesAllowList` parameter.", - "title": "Option", + "InputName": { + "markdownDescription": "The name of the AWS IoT Events input where the data is sent.", + "title": "InputName", "type": "string" + }, + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", + "markdownDescription": "You can configure the action payload when you send a message to an AWS IoT Events input.", + "title": "Payload" } }, + "required": [ + "InputName" + ], "type": "object" }, - "AWS::Lightsail::Distribution.HeaderObject": { + "AWS::IoTEvents::DetectorModel.IotSiteWise": { "additionalProperties": false, "properties": { - "HeadersAllowList": { - "items": { - "type": "string" - }, - "markdownDescription": "The specific headers to forward to your distribution's origin.", - "title": "HeadersAllowList", - "type": "array" + "AssetId": { + "markdownDescription": "The ID of the asset that has the specified property.", + "title": "AssetId", + "type": "string" }, - "Option": { - "markdownDescription": "The headers that you want your distribution to forward to your origin. Your distribution caches your content based on these headers.\n\nUse one of the following configurations for your distribution:\n\n- *`all`* - Forwards all headers to your origin..\n- *`none`* - Forwards only the default headers.\n- *`allow-list`* - Forwards only the headers that you specify using the `HeadersAllowList` parameter.", - "title": "Option", + "EntryId": { + "markdownDescription": "A unique identifier for this entry. You can use the entry ID to track which data entry causes an error in case of failure. The default is a new unique identifier.", + "title": "EntryId", + "type": "string" + }, + "PropertyAlias": { + "markdownDescription": "The alias of the asset property.", + "title": "PropertyAlias", + "type": "string" + }, + "PropertyId": { + "markdownDescription": "The ID of the asset property.", + "title": "PropertyId", "type": "string" + }, + "PropertyValue": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.AssetPropertyValue", + "markdownDescription": "The value to send to the asset property. This value contains timestamp, quality, and value (TQV) information.", + "title": "PropertyValue" } }, + "required": [ + "PropertyValue" + ], "type": "object" }, - "AWS::Lightsail::Distribution.InputOrigin": { + "AWS::IoTEvents::DetectorModel.IotTopicPublish": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the origin resource.", - "title": "Name", + "MqttTopic": { + "markdownDescription": "The MQTT topic of the message. You can use a string expression that includes variables ( `$variable.` ) and input values ( `$input..` ) as the topic string.", + "title": "MqttTopic", "type": "string" }, - "ProtocolPolicy": { - "markdownDescription": "The protocol that your Amazon Lightsail distribution uses when establishing a connection with your origin to pull content.", - "title": "ProtocolPolicy", + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", + "markdownDescription": "You can configure the action payload when you publish a message to an AWS IoT Core topic.", + "title": "Payload" + } + }, + "required": [ + "MqttTopic" + ], + "type": "object" + }, + "AWS::IoTEvents::DetectorModel.Lambda": { + "additionalProperties": false, + "properties": { + "FunctionArn": { + "markdownDescription": "The ARN of the Lambda function that is executed.", + "title": "FunctionArn", "type": "string" }, - "RegionName": { - "markdownDescription": "The AWS Region name of the origin resource.", - "title": "RegionName", - "type": "string" + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", + "markdownDescription": "You can configure the action payload when you send a message to a Lambda function.", + "title": "Payload" } }, + "required": [ + "FunctionArn" + ], "type": "object" }, - "AWS::Lightsail::Distribution.QueryStringObject": { + "AWS::IoTEvents::DetectorModel.OnEnter": { "additionalProperties": false, "properties": { - "Option": { - "markdownDescription": "Indicates whether the distribution forwards and caches based on query strings.", - "title": "Option", - "type": "boolean" - }, - "QueryStringsAllowList": { + "Events": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Event" }, - "markdownDescription": "The specific query strings that the distribution forwards to the origin.\n\nYour distribution caches content based on the specified query strings.\n\nIf the `option` parameter is true, then your distribution forwards all query strings, regardless of what you specify using the `QueryStringsAllowList` parameter.", - "title": "QueryStringsAllowList", + "markdownDescription": "Specifies the actions that are performed when the state is entered and the `condition` is `TRUE` .", + "title": "Events", "type": "array" } }, "type": "object" }, - "AWS::Lightsail::Instance": { + "AWS::IoTEvents::DetectorModel.OnExit": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AddOns": { - "items": { - "$ref": "#/definitions/AWS::Lightsail::Instance.AddOn" - }, - "markdownDescription": "An array of add-ons for the instance.\n\n> If the instance has an add-on enabled when performing a delete instance request, the add-on is automatically disabled before the instance is deleted.", - "title": "AddOns", - "type": "array" - }, - "AvailabilityZone": { - "markdownDescription": "The Availability Zone for the instance.", - "title": "AvailabilityZone", - "type": "string" - }, - "BlueprintId": { - "markdownDescription": "The blueprint ID for the instance (for example, `os_amlinux_2016_03` ).", - "title": "BlueprintId", - "type": "string" - }, - "BundleId": { - "markdownDescription": "The bundle ID for the instance (for example, `micro_1_0` ).", - "title": "BundleId", - "type": "string" - }, - "Hardware": { - "$ref": "#/definitions/AWS::Lightsail::Instance.Hardware", - "markdownDescription": "The hardware properties for the instance, such as the vCPU count, attached disks, and amount of RAM.\n\n> The instance restarts when performing an attach disk or detach disk request. This resets the public IP address of your instance if a static IP isn't attached to it.", - "title": "Hardware" - }, - "InstanceName": { - "markdownDescription": "The name of the instance.", - "title": "InstanceName", - "type": "string" - }, - "KeyPairName": { - "markdownDescription": "The name of the key pair to use for the instance.\n\nIf no key pair name is specified, the Regional Lightsail default key pair is used.", - "title": "KeyPairName", - "type": "string" - }, - "Location": { - "$ref": "#/definitions/AWS::Lightsail::Instance.Location", - "markdownDescription": "The location for the instance, such as the AWS Region and Availability Zone.\n\n> The `Location` property is read-only and should not be specified in a create instance or update instance request.", - "title": "Location" - }, - "Networking": { - "$ref": "#/definitions/AWS::Lightsail::Instance.Networking", - "markdownDescription": "The public ports and the monthly amount of data transfer allocated for the instance.", - "title": "Networking" - }, - "State": { - "$ref": "#/definitions/AWS::Lightsail::Instance.State", - "markdownDescription": "The status code and the state (for example, `running` ) of the instance.\n\n> The `State` property is read-only and should not be specified in a create instance or update instance request.", - "title": "State" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", - "title": "Tags", - "type": "array" - }, - "UserData": { - "markdownDescription": "The optional launch script for the instance.\n\nSpecify a launch script to configure an instance with additional user data. For example, you might want to specify `apt-get -y update` as a launch script.\n\n> Depending on the blueprint of your instance, the command to get software on your instance varies. Amazon Linux and CentOS use `yum` , Debian and Ubuntu use `apt-get` , and FreeBSD uses `pkg` .", - "title": "UserData", - "type": "string" - } + "Events": { + "items": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Event" }, - "required": [ - "BlueprintId", - "BundleId", - "InstanceName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Lightsail::Instance" - ], - "type": "string" + "markdownDescription": "Specifies the `actions` that are performed when the state is exited and the `condition` is `TRUE` .", + "title": "Events", + "type": "array" + } + }, + "type": "object" + }, + "AWS::IoTEvents::DetectorModel.OnInput": { + "additionalProperties": false, + "properties": { + "Events": { + "items": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Event" + }, + "markdownDescription": "Specifies the actions performed when the `condition` evaluates to TRUE.", + "title": "Events", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "TransitionEvents": { + "items": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.TransitionEvent" + }, + "markdownDescription": "Specifies the actions performed, and the next state entered, when a `condition` evaluates to TRUE.", + "title": "TransitionEvents", + "type": "array" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Lightsail::Instance.AddOn": { + "AWS::IoTEvents::DetectorModel.Payload": { "additionalProperties": false, "properties": { - "AddOnType": { - "markdownDescription": "The add-on type (for example, `AutoSnapshot` ).\n\n> `AutoSnapshot` is the only add-on that can be enabled for an instance.", - "title": "AddOnType", + "ContentExpression": { + "markdownDescription": "The content of the payload. You can use a string expression that includes quoted strings ( `''` ), variables ( `$variable.` ), input values ( `$input..` ), string concatenations, and quoted strings that contain `${}` as the content. The recommended maximum size of a content expression is 1 KB.", + "title": "ContentExpression", "type": "string" }, - "AutoSnapshotAddOnRequest": { - "$ref": "#/definitions/AWS::Lightsail::Instance.AutoSnapshotAddOn", - "markdownDescription": "The parameters for the automatic snapshot add-on, such as the daily time when an automatic snapshot will be created.", - "title": "AutoSnapshotAddOnRequest" - }, - "Status": { - "markdownDescription": "The status of the add-on.\n\nValid Values: `Enabled` | `Disabled`", - "title": "Status", + "Type": { + "markdownDescription": "The value of the payload type can be either `STRING` or `JSON` .", + "title": "Type", "type": "string" } }, "required": [ - "AddOnType" + "ContentExpression", + "Type" ], "type": "object" }, - "AWS::Lightsail::Instance.AutoSnapshotAddOn": { + "AWS::IoTEvents::DetectorModel.ResetTimer": { "additionalProperties": false, "properties": { - "SnapshotTimeOfDay": { - "markdownDescription": "The daily time when an automatic snapshot will be created.\n\nConstraints:\n\n- Must be in `HH:00` format, and in an hourly increment.\n- Specified in Coordinated Universal Time (UTC).\n- The snapshot will be automatically created between the time specified and up to 45 minutes after.", - "title": "SnapshotTimeOfDay", + "TimerName": { + "markdownDescription": "The name of the timer to reset.", + "title": "TimerName", "type": "string" } }, + "required": [ + "TimerName" + ], "type": "object" }, - "AWS::Lightsail::Instance.Disk": { + "AWS::IoTEvents::DetectorModel.SetTimer": { "additionalProperties": false, "properties": { - "AttachedTo": { - "markdownDescription": "The resources to which the disk is attached.", - "title": "AttachedTo", - "type": "string" - }, - "AttachmentState": { - "markdownDescription": "(Deprecated) The attachment state of the disk.\n\n> In releases prior to November 14, 2017, this parameter returned `attached` for system disks in the API response. It is now deprecated, but still included in the response. Use `isAttached` instead.", - "title": "AttachmentState", - "type": "string" - }, - "DiskName": { - "markdownDescription": "The unique name of the disk.", - "title": "DiskName", + "DurationExpression": { + "markdownDescription": "The duration of the timer, in seconds. You can use a string expression that includes numbers, variables ( `$variable.` ), and input values ( `$input..` ) as the duration. The range of the duration is 1-31622400 seconds. To ensure accuracy, the minimum duration is 60 seconds. The evaluated result of the duration is rounded down to the nearest whole number.", + "title": "DurationExpression", "type": "string" }, - "IOPS": { - "markdownDescription": "The input/output operations per second (IOPS) of the disk.", - "title": "IOPS", + "Seconds": { + "markdownDescription": "The number of seconds until the timer expires. The minimum value is 60 seconds to ensure accuracy. The maximum value is 31622400 seconds.", + "title": "Seconds", "type": "number" }, - "IsSystemDisk": { - "markdownDescription": "A Boolean value indicating whether this disk is a system disk (has an operating system loaded on it).", - "title": "IsSystemDisk", - "type": "boolean" - }, - "Path": { - "markdownDescription": "The disk path.", - "title": "Path", - "type": "string" - }, - "SizeInGb": { - "markdownDescription": "The size of the disk in GB.", - "title": "SizeInGb", + "TimerName": { + "markdownDescription": "The name of the timer.", + "title": "TimerName", "type": "string" } }, "required": [ - "DiskName", - "Path" + "TimerName" ], "type": "object" }, - "AWS::Lightsail::Instance.Hardware": { + "AWS::IoTEvents::DetectorModel.SetVariable": { "additionalProperties": false, "properties": { - "CpuCount": { - "markdownDescription": "The number of vCPUs the instance has.\n\n> The `CpuCount` property is read-only and should not be specified in a create instance or update instance request.", - "title": "CpuCount", - "type": "number" - }, - "Disks": { - "items": { - "$ref": "#/definitions/AWS::Lightsail::Instance.Disk" - }, - "markdownDescription": "The disks attached to the instance.\n\nThe instance restarts when performing an attach disk or detach disk request. This resets the public IP address of your instance if a static IP isn't attached to it.", - "title": "Disks", - "type": "array" + "Value": { + "markdownDescription": "The new value of the variable.", + "title": "Value", + "type": "string" }, - "RamSizeInGb": { - "markdownDescription": "The amount of RAM in GB on the instance (for example, `1.0` ).\n\n> The `RamSizeInGb` property is read-only and should not be specified in a create instance or update instance request.", - "title": "RamSizeInGb", - "type": "number" + "VariableName": { + "markdownDescription": "The name of the variable.", + "title": "VariableName", + "type": "string" } }, + "required": [ + "Value", + "VariableName" + ], "type": "object" }, - "AWS::Lightsail::Instance.Location": { + "AWS::IoTEvents::DetectorModel.Sns": { "additionalProperties": false, "properties": { - "AvailabilityZone": { - "markdownDescription": "The Availability Zone for the instance.", - "title": "AvailabilityZone", - "type": "string" + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", + "markdownDescription": "You can configure the action payload when you send a message as an Amazon SNS push notification.", + "title": "Payload" }, - "RegionName": { - "markdownDescription": "The name of the AWS Region for the instance.", - "title": "RegionName", + "TargetArn": { + "markdownDescription": "The ARN of the Amazon SNS target where the message is sent.", + "title": "TargetArn", "type": "string" } }, + "required": [ + "TargetArn" + ], "type": "object" }, - "AWS::Lightsail::Instance.MonthlyTransfer": { + "AWS::IoTEvents::DetectorModel.Sqs": { "additionalProperties": false, "properties": { - "GbPerMonthAllocated": { - "markdownDescription": "The amount of allocated monthly data transfer (in GB) for an instance.", - "title": "GbPerMonthAllocated", + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", + "markdownDescription": "You can configure the action payload when you send a message to an Amazon SQS queue.", + "title": "Payload" + }, + "QueueUrl": { + "markdownDescription": "The URL of the SQS queue where the data is written.", + "title": "QueueUrl", "type": "string" + }, + "UseBase64": { + "markdownDescription": "Set this to TRUE if you want the data to be base-64 encoded before it is written to the queue. Otherwise, set this to FALSE.", + "title": "UseBase64", + "type": "boolean" } }, + "required": [ + "QueueUrl" + ], "type": "object" }, - "AWS::Lightsail::Instance.Networking": { + "AWS::IoTEvents::DetectorModel.State": { "additionalProperties": false, "properties": { - "MonthlyTransfer": { - "$ref": "#/definitions/AWS::Lightsail::Instance.MonthlyTransfer", - "markdownDescription": "The monthly amount of data transfer, in GB, allocated for the instance", - "title": "MonthlyTransfer" + "OnEnter": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.OnEnter", + "markdownDescription": "When entering this state, perform these `actions` if the `condition` is TRUE.", + "title": "OnEnter" }, - "Ports": { - "items": { - "$ref": "#/definitions/AWS::Lightsail::Instance.Port" - }, - "markdownDescription": "An array of ports to open on the instance.", - "title": "Ports", - "type": "array" + "OnExit": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.OnExit", + "markdownDescription": "When exiting this state, perform these `actions` if the specified `condition` is `TRUE` .", + "title": "OnExit" + }, + "OnInput": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.OnInput", + "markdownDescription": "When an input is received and the `condition` is TRUE, perform the specified `actions` .", + "title": "OnInput" + }, + "StateName": { + "markdownDescription": "The name of the state.", + "title": "StateName", + "type": "string" } }, "required": [ - "Ports" + "StateName" ], "type": "object" }, - "AWS::Lightsail::Instance.Port": { + "AWS::IoTEvents::DetectorModel.TransitionEvent": { "additionalProperties": false, "properties": { - "AccessDirection": { - "markdownDescription": "The access direction ( `inbound` or `outbound` ).\n\n> Lightsail currently supports only `inbound` access direction.", - "title": "AccessDirection", - "type": "string" - }, - "AccessFrom": { - "markdownDescription": "The location from which access is allowed. For example, `Anywhere (0.0.0.0/0)` , or `Custom` if a specific IP address or range of IP addresses is allowed.", - "title": "AccessFrom", - "type": "string" - }, - "AccessType": { - "markdownDescription": "The type of access ( `Public` or `Private` ).", - "title": "AccessType", - "type": "string" - }, - "CidrListAliases": { - "items": { - "type": "string" - }, - "markdownDescription": "An alias that defines access for a preconfigured range of IP addresses.\n\nThe only alias currently supported is `lightsail-connect` , which allows IP addresses of the browser-based RDP/SSH client in the Lightsail console to connect to your instance.", - "title": "CidrListAliases", - "type": "array" - }, - "Cidrs": { + "Actions": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Action" }, - "markdownDescription": "The IPv4 address, or range of IPv4 addresses (in CIDR notation) that are allowed to connect to an instance through the ports, and the protocol.\n\n> The `ipv6Cidrs` parameter lists the IPv6 addresses that are allowed to connect to an instance. \n\nExamples:\n\n- To allow the IP address `192.0.2.44` , specify `192.0.2.44` or `192.0.2.44/32` .\n- To allow the IP addresses `192.0.2.0` to `192.0.2.255` , specify `192.0.2.0/24` .", - "title": "Cidrs", + "markdownDescription": "The actions to be performed.", + "title": "Actions", "type": "array" }, - "CommonName": { - "markdownDescription": "The common name of the port information.", - "title": "CommonName", + "Condition": { + "markdownDescription": "Required. A Boolean expression that when TRUE causes the actions to be performed and the `nextState` to be entered.", + "title": "Condition", "type": "string" }, - "FromPort": { - "markdownDescription": "The first port in a range of open ports on an instance.\n\nAllowed ports:\n\n- TCP and UDP - `0` to `65535`\n- ICMP - The ICMP type for IPv4 addresses. For example, specify `8` as the `fromPort` (ICMP type), and `-1` as the `toPort` (ICMP code), to enable ICMP Ping.\n- ICMPv6 - The ICMP type for IPv6 addresses. For example, specify `128` as the `fromPort` (ICMPv6 type), and `0` as `toPort` (ICMPv6 code).", - "title": "FromPort", - "type": "number" - }, - "Ipv6Cidrs": { - "items": { - "type": "string" - }, - "markdownDescription": "The IPv6 address, or range of IPv6 addresses (in CIDR notation) that are allowed to connect to an instance through the ports, and the protocol. Only devices with an IPv6 address can connect to an instance through IPv6; otherwise, IPv4 should be used.\n\n> The `cidrs` parameter lists the IPv4 addresses that are allowed to connect to an instance.", - "title": "Ipv6Cidrs", - "type": "array" - }, - "Protocol": { - "markdownDescription": "The IP protocol name.\n\nThe name can be one of the following:\n\n- `tcp` - Transmission Control Protocol (TCP) provides reliable, ordered, and error-checked delivery of streamed data between applications running on hosts communicating by an IP network. If you have an application that doesn't require reliable data stream service, use UDP instead.\n- `all` - All transport layer protocol types.\n- `udp` - With User Datagram Protocol (UDP), computer applications can send messages (or datagrams) to other hosts on an Internet Protocol (IP) network. Prior communications are not required to set up transmission channels or data paths. Applications that don't require reliable data stream service can use UDP, which provides a connectionless datagram service that emphasizes reduced latency over reliability. If you do require reliable data stream service, use TCP instead.\n- `icmp` - Internet Control Message Protocol (ICMP) is used to send error messages and operational information indicating success or failure when communicating with an instance. For example, an error is indicated when an instance could not be reached. When you specify `icmp` as the `protocol` , you must specify the ICMP type using the `fromPort` parameter, and ICMP code using the `toPort` parameter.", - "title": "Protocol", + "EventName": { + "markdownDescription": "The name of the transition event.", + "title": "EventName", "type": "string" }, - "ToPort": { - "markdownDescription": "The last port in a range of open ports on an instance.\n\nAllowed ports:\n\n- TCP and UDP - `0` to `65535`\n- ICMP - The ICMP code for IPv4 addresses. For example, specify `8` as the `fromPort` (ICMP type), and `-1` as the `toPort` (ICMP code), to enable ICMP Ping.\n- ICMPv6 - The ICMP code for IPv6 addresses. For example, specify `128` as the `fromPort` (ICMPv6 type), and `0` as `toPort` (ICMPv6 code).", - "title": "ToPort", - "type": "number" - } - }, - "type": "object" - }, - "AWS::Lightsail::Instance.State": { - "additionalProperties": false, - "properties": { - "Code": { - "markdownDescription": "The status code of the instance.", - "title": "Code", - "type": "number" - }, - "Name": { - "markdownDescription": "The state of the instance (for example, `running` or `pending` ).", - "title": "Name", + "NextState": { + "markdownDescription": "The next state to enter.", + "title": "NextState", "type": "string" } }, + "required": [ + "Condition", + "EventName", + "NextState" + ], "type": "object" }, - "AWS::Lightsail::LoadBalancer": { + "AWS::IoTEvents::Input": { "additionalProperties": false, "properties": { "Condition": { @@ -148452,67 +152973,38 @@ "Properties": { "additionalProperties": false, "properties": { - "AttachedInstances": { - "items": { - "type": "string" - }, - "markdownDescription": "The Lightsail instances to attach to the load balancer.", - "title": "AttachedInstances", - "type": "array" - }, - "HealthCheckPath": { - "markdownDescription": "The path on the attached instance where the health check will be performed. If no path is specified, the load balancer tries to make a request to the default (root) page ( `/index.html` ).", - "title": "HealthCheckPath", - "type": "string" - }, - "InstancePort": { - "markdownDescription": "The port that the load balancer uses to direct traffic to your Lightsail instances. For HTTP traffic, specify port `80` . For HTTPS traffic, specify port `443` .", - "title": "InstancePort", - "type": "number" - }, - "IpAddressType": { - "markdownDescription": "The IP address type of the load balancer.\n\nThe possible values are `ipv4` for IPv4 only, and `dualstack` for both IPv4 and IPv6.", - "title": "IpAddressType", - "type": "string" + "InputDefinition": { + "$ref": "#/definitions/AWS::IoTEvents::Input.InputDefinition", + "markdownDescription": "The definition of the input.", + "title": "InputDefinition" }, - "LoadBalancerName": { - "markdownDescription": "The name of the load balancer.", - "title": "LoadBalancerName", + "InputDescription": { + "markdownDescription": "A brief description of the input.", + "title": "InputDescription", "type": "string" }, - "SessionStickinessEnabled": { - "markdownDescription": "A Boolean value indicating whether session stickiness is enabled.\n\nEnable session stickiness (also known as *session affinity* ) to bind a user's session to a specific instance. This ensures that all requests from the user during the session are sent to the same instance.", - "title": "SessionStickinessEnabled", - "type": "boolean" - }, - "SessionStickinessLBCookieDurationSeconds": { - "markdownDescription": "The time period, in seconds, after which the load balancer session stickiness cookie should be considered stale. If you do not specify this parameter, the default value is 0, which indicates that the sticky session should last for the duration of the browser session.", - "title": "SessionStickinessLBCookieDurationSeconds", + "InputName": { + "markdownDescription": "The name of the input.", + "title": "InputName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" - }, - "TlsPolicyName": { - "markdownDescription": "The name of the TLS security policy for the load balancer.", - "title": "TlsPolicyName", - "type": "string" } }, "required": [ - "InstancePort", - "LoadBalancerName" + "InputDefinition" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lightsail::LoadBalancer" + "AWS::IoTEvents::Input" ], "type": "string" }, @@ -148531,7 +153023,38 @@ ], "type": "object" }, - "AWS::Lightsail::LoadBalancerTlsCertificate": { + "AWS::IoTEvents::Input.Attribute": { + "additionalProperties": false, + "properties": { + "JsonPath": { + "markdownDescription": "An expression that specifies an attribute-value pair in a JSON structure. Use this to specify an attribute from the JSON payload that is made available by the input. Inputs are derived from messages sent to AWS IoT Events ( `BatchPutMessage` ). Each such message contains a JSON payload. The attribute (and its paired value) specified here are available for use in the `condition` expressions used by detectors.\n\nSyntax: `....`", + "title": "JsonPath", + "type": "string" + } + }, + "required": [ + "JsonPath" + ], + "type": "object" + }, + "AWS::IoTEvents::Input.InputDefinition": { + "additionalProperties": false, + "properties": { + "Attributes": { + "items": { + "$ref": "#/definitions/AWS::IoTEvents::Input.Attribute" + }, + "markdownDescription": "The attributes from the JSON payload that are made available by the input. Inputs are derived from messages sent to the AWS IoT Events system using `BatchPutMessage` . Each such message contains a JSON payload, and those attributes (and their paired values) specified here are available for use in the `condition` expressions used by detectors that monitor this input.", + "title": "Attributes", + "type": "array" + } + }, + "required": [ + "Attributes" + ], + "type": "object" + }, + "AWS::IoTFleetHub::Application": { "additionalProperties": false, "properties": { "Condition": { @@ -148566,50 +153089,39 @@ "Properties": { "additionalProperties": false, "properties": { - "CertificateAlternativeNames": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of alternative domain names and subdomain names for your SSL/TLS certificate.\n\nIn addition to the primary domain name, you can have up to nine alternative domain names. Wildcards (such as `*.example.com` ) are not supported.", - "title": "CertificateAlternativeNames", - "type": "array" - }, - "CertificateDomainName": { - "markdownDescription": "The domain name for the SSL/TLS certificate. For example, `example.com` or `www.example.com` .", - "title": "CertificateDomainName", + "ApplicationDescription": { + "markdownDescription": "An optional description of the web application.", + "title": "ApplicationDescription", "type": "string" }, - "CertificateName": { - "markdownDescription": "The name of the SSL/TLS certificate.", - "title": "CertificateName", + "ApplicationName": { + "markdownDescription": "The name of the web application.", + "title": "ApplicationName", "type": "string" }, - "HttpsRedirectionEnabled": { - "markdownDescription": "A Boolean value indicating whether HTTPS redirection is enabled for the load balancer that the TLS certificate is attached to.", - "title": "HttpsRedirectionEnabled", - "type": "boolean" - }, - "IsAttached": { - "markdownDescription": "A Boolean value indicating whether the SSL/TLS certificate is attached to a Lightsail load balancer.", - "title": "IsAttached", - "type": "boolean" - }, - "LoadBalancerName": { - "markdownDescription": "The name of the load balancer that the SSL/TLS certificate is attached to.", - "title": "LoadBalancerName", + "RoleArn": { + "markdownDescription": "The ARN of the role that the web application assumes when it interacts with AWS IoT Core .\n\n> The name of the role must be in the form `FleetHub_random_string` . \n\nPattern: `^arn:[!-~]+$`", + "title": "RoleArn", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A set of key/value pairs that you can use to manage the web application resource.", + "title": "Tags", + "type": "array" } }, "required": [ - "CertificateDomainName", - "CertificateName", - "LoadBalancerName" + "ApplicationName", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lightsail::LoadBalancerTlsCertificate" + "AWS::IoTFleetHub::Application" ], "type": "string" }, @@ -148628,7 +153140,7 @@ ], "type": "object" }, - "AWS::Lightsail::StaticIp": { + "AWS::IoTFleetWise::Campaign": { "additionalProperties": false, "properties": { "Condition": { @@ -148663,25 +153175,131 @@ "Properties": { "additionalProperties": false, "properties": { - "AttachedTo": { - "markdownDescription": "The instance that the static IP is attached to.", - "title": "AttachedTo", + "Action": { + "markdownDescription": "Specifies how to update a campaign. The action can be one of the following:\n\n- `APPROVE` - To approve delivering a data collection scheme to vehicles.\n- `SUSPEND` - To suspend collecting signal data. The campaign is deleted from vehicles and all vehicles in the suspended campaign will stop sending data.\n- `RESUME` - To reactivate the `SUSPEND` campaign. The campaign is redeployed to all vehicles and the vehicles will resume sending data.\n- `UPDATE` - To update a campaign.", + "title": "Action", "type": "string" }, - "StaticIpName": { - "markdownDescription": "The name of the static IP.", - "title": "StaticIpName", + "CollectionScheme": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.CollectionScheme", + "markdownDescription": "The data collection scheme associated with the campaign. You can specify a scheme that collects data based on time or an event.", + "title": "CollectionScheme" + }, + "Compression": { + "markdownDescription": "Whether to compress signals before transmitting data to AWS IoT FleetWise . If you don't want to compress the signals, use `OFF` . If it's not specified, `SNAPPY` is used.\n\nDefault: `SNAPPY`", + "title": "Compression", + "type": "string" + }, + "DataDestinationConfigs": { + "items": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.DataDestinationConfig" + }, + "markdownDescription": "The destination where the campaign sends data. You can choose to send data to be stored in Amazon S3 or Amazon Timestream .\n\nAmazon S3 optimizes the cost of data storage and provides additional mechanisms to use vehicle data, such as data lakes, centralized data storage, data processing pipelines, and analytics. AWS IoT FleetWise supports at-least-once file delivery to S3. Your vehicle data is stored on multiple AWS IoT FleetWise servers for redundancy and high availability.\n\nYou can use Amazon Timestream to access and analyze time series data, and Timestream to query vehicle data so that you can identify trends and patterns.", + "title": "DataDestinationConfigs", + "type": "array" + }, + "DataExtraDimensions": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of vehicle attributes to associate with a campaign.\n\nEnrich the data with specified vehicle attributes. For example, add `make` and `model` to the campaign, and AWS IoT FleetWise will associate the data with those attributes as dimensions in Amazon Timestream . You can then query the data against `make` and `model` .\n\nDefault: An empty array", + "title": "DataExtraDimensions", + "type": "array" + }, + "DataPartitions": { + "items": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.DataPartition" + }, + "markdownDescription": "The data partitions associated with the signals collected from the vehicle.", + "title": "DataPartitions", + "type": "array" + }, + "Description": { + "markdownDescription": "The description of the campaign.", + "title": "Description", + "type": "string" + }, + "DiagnosticsMode": { + "markdownDescription": "Option for a vehicle to send diagnostic trouble codes to AWS IoT FleetWise . If you want to send diagnostic trouble codes, use `SEND_ACTIVE_DTCS` . If it's not specified, `OFF` is used.\n\nDefault: `OFF`", + "title": "DiagnosticsMode", + "type": "string" + }, + "ExpiryTime": { + "markdownDescription": "The time the campaign expires, in seconds since epoch (January 1, 1970 at midnight UTC time). Vehicle data isn't collected after the campaign expires.\n\nDefault: 253402214400 (December 31, 9999, 00:00:00 UTC)", + "title": "ExpiryTime", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a campaign.", + "title": "Name", + "type": "string" + }, + "PostTriggerCollectionDuration": { + "markdownDescription": "How long (in milliseconds) to collect raw data after a triggering event initiates the collection. If it's not specified, `0` is used.\n\nDefault: `0`", + "title": "PostTriggerCollectionDuration", + "type": "number" + }, + "Priority": { + "markdownDescription": "A number indicating the priority of one campaign over another campaign for a certain vehicle or fleet. A campaign with the lowest value is deployed to vehicles before any other campaigns. If it's not specified, `0` is used.\n\nDefault: `0`", + "title": "Priority", + "type": "number" + }, + "SignalCatalogArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the signal catalog associated with the campaign.", + "title": "SignalCatalogArn", + "type": "string" + }, + "SignalsToCollect": { + "items": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.SignalInformation" + }, + "markdownDescription": "A list of information about signals to collect.", + "title": "SignalsToCollect", + "type": "array" + }, + "SignalsToFetch": { + "items": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.SignalFetchInformation" + }, + "markdownDescription": "A list of information about signals to fetch.", + "title": "SignalsToFetch", + "type": "array" + }, + "SpoolingMode": { + "markdownDescription": "Whether to store collected data after a vehicle lost a connection with the cloud. After a connection is re-established, the data is automatically forwarded to AWS IoT FleetWise . If you want to store collected data when a vehicle loses connection with the cloud, use `TO_DISK` . If it's not specified, `OFF` is used.\n\nDefault: `OFF`", + "title": "SpoolingMode", + "type": "string" + }, + "StartTime": { + "markdownDescription": "The time, in milliseconds, to deliver a campaign after it was approved. If it's not specified, `0` is used.\n\nDefault: `0`", + "title": "StartTime", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata that can be used to manage the campaign.", + "title": "Tags", + "type": "array" + }, + "TargetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of a vehicle or fleet to which the campaign is deployed.", + "title": "TargetArn", "type": "string" } }, "required": [ - "StaticIpName" + "CollectionScheme", + "Name", + "SignalCatalogArn", + "TargetArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lightsail::StaticIp" + "AWS::IoTFleetWise::Campaign" ], "type": "string" }, @@ -148700,232 +153318,379 @@ ], "type": "object" }, - "AWS::Location::APIKey": { + "AWS::IoTFleetWise::Campaign.CollectionScheme": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "ConditionBasedCollectionScheme": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.ConditionBasedCollectionScheme", + "markdownDescription": "Information about a collection scheme that uses a simple logical expression to recognize what data to collect.", + "title": "ConditionBasedCollectionScheme" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "TimeBasedCollectionScheme": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.TimeBasedCollectionScheme", + "markdownDescription": "Information about a collection scheme that uses a time period to decide how often to collect data.", + "title": "TimeBasedCollectionScheme" + } + }, + "type": "object" + }, + "AWS::IoTFleetWise::Campaign.ConditionBasedCollectionScheme": { + "additionalProperties": false, + "properties": { + "ConditionLanguageVersion": { + "markdownDescription": "Specifies the version of the conditional expression language.", + "title": "ConditionLanguageVersion", + "type": "number" }, - "Metadata": { - "type": "object" + "Expression": { + "markdownDescription": "The logical expression used to recognize what data to collect. For example, `$variable.Vehicle.OutsideAirTemperature >= 105.0` .", + "title": "Expression", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "Updates the description for the API key resource.", - "title": "Description", - "type": "string" - }, - "ExpireTime": { - "markdownDescription": "The optional timestamp for when the API key resource will expire in [ISO 8601 format](https://docs.aws.amazon.com/https://www.iso.org/iso-8601-date-and-time-format.html) .", - "title": "ExpireTime", - "type": "string" - }, - "ForceDelete": { - "markdownDescription": "ForceDelete bypasses an API key's expiry conditions and deletes the key. Set the parameter `true` to delete the key or to `false` to not preemptively delete the API key.\n\nValid values: `true` , or `false` .\n\n> This action is irreversible. Only use ForceDelete if you are certain the key is no longer in use.", - "title": "ForceDelete", - "type": "boolean" - }, - "ForceUpdate": { - "markdownDescription": "The boolean flag to be included for updating `ExpireTime` or Restrictions details.\nMust be set to `true` to update an API key resource that has been used in the past 7 days. `False` if force update is not preferred.", - "title": "ForceUpdate", - "type": "boolean" - }, - "KeyName": { - "markdownDescription": "A custom name for the API key resource.\n\nRequirements:\n\n- Contain only alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139), hyphens (-), periods (.), and underscores (_).\n- Must be a unique API key name.\n- No spaces allowed. For example, `ExampleAPIKey` .", - "title": "KeyName", - "type": "string" - }, - "NoExpiry": { - "markdownDescription": "Whether the API key should expire. Set to `true` to set the API key to have no expiration time.", - "title": "NoExpiry", - "type": "boolean" - }, - "Restrictions": { - "$ref": "#/definitions/AWS::Location::APIKey.ApiKeyRestrictions", - "markdownDescription": "The API key restrictions for the API key resource.", - "title": "Restrictions" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Applies one or more tags to the map resource. A tag is a key-value pair that helps manage, identify, search, and filter your resources by labelling them.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "KeyName", - "Restrictions" - ], - "type": "object" + "MinimumTriggerIntervalMs": { + "markdownDescription": "The minimum duration of time between two triggering events to collect data, in milliseconds.\n\n> If a signal changes often, you might want to collect data at a slower rate.", + "title": "MinimumTriggerIntervalMs", + "type": "number" }, - "Type": { - "enum": [ - "AWS::Location::APIKey" - ], + "TriggerMode": { + "markdownDescription": "Whether to collect data for all triggering events ( `ALWAYS` ). Specify ( `RISING_EDGE` ), or specify only when the condition first evaluates to false. For example, triggering on \"AirbagDeployed\"; Users aren't interested on triggering when the airbag is already exploded; they only care about the change from not deployed => deployed.", + "title": "TriggerMode", + "type": "string" + } + }, + "required": [ + "Expression" + ], + "type": "object" + }, + "AWS::IoTFleetWise::Campaign.ConditionBasedSignalFetchConfig": { + "additionalProperties": false, + "properties": { + "ConditionExpression": { + "markdownDescription": "The condition that must be satisfied to trigger a signal fetch.", + "title": "ConditionExpression", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TriggerMode": { + "markdownDescription": "Indicates the mode in which the signal fetch is triggered.", + "title": "TriggerMode", "type": "string" } }, "required": [ - "Type", - "Properties" + "ConditionExpression", + "TriggerMode" ], "type": "object" }, - "AWS::Location::APIKey.ApiKeyRestrictions": { + "AWS::IoTFleetWise::Campaign.DataDestinationConfig": { "additionalProperties": false, "properties": { - "AllowActions": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of allowed actions that an API key resource grants permissions to perform. You must have at least one action for each type of resource. For example, if you have a place resource, you must include at least one place action.\n\nThe following are valid values for the actions.\n\n- *Map actions*\n\n- `geo:GetMap*` - Allows all actions needed for map rendering.\n- *Enhanced Maps actions*\n\n- `geo-maps:GetTile` - Allows getting map tiles for rendering.\n- `geo-maps:GetStaticMap` - Allows getting static map images.\n- *Place actions*\n\n- `geo:SearchPlaceIndexForText` - Allows finding geo coordinates of a known place.\n- `geo:SearchPlaceIndexForPosition` - Allows getting nearest address to geo coordinates.\n- `geo:SearchPlaceIndexForSuggestions` - Allows suggestions based on an incomplete or misspelled query.\n- `geo:GetPlace` - Allows getting details of a place.\n- *Enhanced Places actions*\n\n- `geo-places:Autcomplete` - Allows auto-completion of search text.\n- `geo-places:Geocode` - Allows finding geo coordinates of a known place.\n- `geo-places:GetPlace` - Allows getting details of a place.\n- `geo-places:ReverseGeocode` - Allows getting nearest address to geo coordinates.\n- `geo-places:SearchNearby` - Allows category based places search around geo coordinates.\n- `geo-places:SearchText` - Allows place or address search based on free-form text.\n- `geo-places:Suggest` - Allows suggestions based on an incomplete or misspelled query.\n- *Route actions*\n\n- `geo:CalculateRoute` - Allows point to point routing.\n- `geo:CalculateRouteMatrix` - Allows matrix routing.\n- *Enhanced Routes actions*\n\n- `geo-routes:CalculateIsolines` - Allows isoline calculation.\n- `geo-routes:CalculateRoutes` - Allows point to point routing.\n- `geo-routes:CalculateRouteMatrix` - Allows matrix routing.\n- `geo-routes:OptimizeWaypoints` - Allows computing the best sequence of waypoints.\n- `geo-routes:SnapToRoads` - Allows snapping GPS points to a likely route.\n\n> You must use these strings exactly. For example, to provide access to map rendering, the only valid action is `geo:GetMap*` as an input to the list. `[\"geo:GetMap*\"]` is valid but `[\"geo:GetTile\"]` is not. Similarly, you cannot use `[\"geo:SearchPlaceIndexFor*\"]` - you must list each of the Place actions separately.", - "title": "AllowActions", - "type": "array" + "MqttTopicConfig": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.MqttTopicConfig", + "markdownDescription": "The MQTT topic to which the AWS IoT FleetWise campaign routes data.\n\n> Access to certain AWS IoT FleetWise features is currently gated. For more information, see [AWS Region and feature availability](https://docs.aws.amazon.com/iot-fleetwise/latest/developerguide/fleetwise-regions.html) in the *AWS IoT FleetWise Developer Guide* .", + "title": "MqttTopicConfig" }, - "AllowReferers": { - "items": { - "type": "string" - }, - "markdownDescription": "An optional list of allowed HTTP referers for which requests must originate from. Requests using this API key from other domains will not be allowed.\n\nRequirements:\n\n- Contain only alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139) or any symbols in this list `$\\-._+!*`(),;/?:@=&`\n- May contain a percent (%) if followed by 2 hexadecimal digits (A-F, a-f, 0-9); this is used for URL encoding purposes.\n- May contain wildcard characters question mark (?) and asterisk (*).\n\nQuestion mark (?) will replace any single character (including hexadecimal digits).\n\nAsterisk (*) will replace any multiple characters (including multiple hexadecimal digits).\n- No spaces allowed. For example, `https://example.com` .", - "title": "AllowReferers", - "type": "array" + "S3Config": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.S3Config", + "markdownDescription": "The Amazon S3 bucket where the AWS IoT FleetWise campaign sends data.", + "title": "S3Config" }, - "AllowResources": { + "TimestreamConfig": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.TimestreamConfig", + "markdownDescription": "The Amazon Timestream table where the campaign sends data.", + "title": "TimestreamConfig" + } + }, + "type": "object" + }, + "AWS::IoTFleetWise::Campaign.DataPartition": { + "additionalProperties": false, + "properties": { + "Id": { + "markdownDescription": "The ID of the data partition. The data partition ID must be unique within a campaign. You can establish a data partition as the default partition for a campaign by using `default` as the ID.", + "title": "Id", + "type": "string" + }, + "StorageOptions": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.DataPartitionStorageOptions", + "markdownDescription": "The storage options for a data partition.", + "title": "StorageOptions" + }, + "UploadOptions": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.DataPartitionUploadOptions", + "markdownDescription": "The upload options for the data partition.", + "title": "UploadOptions" + } + }, + "required": [ + "Id", + "StorageOptions" + ], + "type": "object" + }, + "AWS::IoTFleetWise::Campaign.DataPartitionStorageOptions": { + "additionalProperties": false, + "properties": { + "MaximumSize": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.StorageMaximumSize", + "markdownDescription": "The maximum storage size of the data stored in the data partition.\n\n> Newer data overwrites older data when the partition reaches the maximum size.", + "title": "MaximumSize" + }, + "MinimumTimeToLive": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.StorageMinimumTimeToLive", + "markdownDescription": "The amount of time that data in this partition will be kept on disk.\n\n- After the designated amount of time passes, the data can be removed, but it's not guaranteed to be removed.\n- Before the time expires, data in this partition can still be deleted if the partition reaches its configured maximum size.\n- Newer data will overwrite older data when the partition reaches the maximum size.", + "title": "MinimumTimeToLive" + }, + "StorageLocation": { + "markdownDescription": "The folder name for the data partition under the campaign storage folder.", + "title": "StorageLocation", + "type": "string" + } + }, + "required": [ + "MaximumSize", + "MinimumTimeToLive", + "StorageLocation" + ], + "type": "object" + }, + "AWS::IoTFleetWise::Campaign.DataPartitionUploadOptions": { + "additionalProperties": false, + "properties": { + "ConditionLanguageVersion": { + "markdownDescription": "The version of the condition language. Defaults to the most recent condition language version.", + "title": "ConditionLanguageVersion", + "type": "number" + }, + "Expression": { + "markdownDescription": "The logical expression used to recognize what data to collect. For example, `$variable.`Vehicle.OutsideAirTemperature` >= 105.0` .", + "title": "Expression", + "type": "string" + } + }, + "required": [ + "Expression" + ], + "type": "object" + }, + "AWS::IoTFleetWise::Campaign.MqttTopicConfig": { + "additionalProperties": false, + "properties": { + "ExecutionRoleArn": { + "markdownDescription": "The ARN of the role that grants AWS IoT FleetWise permission to access and act on messages sent to the MQTT topic.", + "title": "ExecutionRoleArn", + "type": "string" + }, + "MqttTopicArn": { + "markdownDescription": "The ARN of the MQTT topic.", + "title": "MqttTopicArn", + "type": "string" + } + }, + "required": [ + "ExecutionRoleArn", + "MqttTopicArn" + ], + "type": "object" + }, + "AWS::IoTFleetWise::Campaign.S3Config": { + "additionalProperties": false, + "properties": { + "BucketArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon S3 bucket.", + "title": "BucketArn", + "type": "string" + }, + "DataFormat": { + "markdownDescription": "Specify the format that files are saved in the Amazon S3 bucket. You can save files in an Apache Parquet or JSON format.\n\n- Parquet - Store data in a columnar storage file format. Parquet is optimal for fast data retrieval and can reduce costs. This option is selected by default.\n- JSON - Store data in a standard text-based JSON file format.", + "title": "DataFormat", + "type": "string" + }, + "Prefix": { + "markdownDescription": "Enter an S3 bucket prefix. The prefix is the string of characters after the bucket name and before the object name. You can use the prefix to organize data stored in Amazon S3 buckets. For more information, see [Organizing objects using prefixes](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-prefixes.html) in the *Amazon Simple Storage Service User Guide* .\n\nBy default, AWS IoT FleetWise sets the prefix `processed-data/year=YY/month=MM/date=DD/hour=HH/` (in UTC) to data it delivers to Amazon S3 . You can enter a prefix to append it to this default prefix. For example, if you enter the prefix `vehicles` , the prefix will be `vehicles/processed-data/year=YY/month=MM/date=DD/hour=HH/` .", + "title": "Prefix", + "type": "string" + }, + "StorageCompressionFormat": { + "markdownDescription": "By default, stored data is compressed as a .gzip file. Compressed files have a reduced file size, which can optimize the cost of data storage.", + "title": "StorageCompressionFormat", + "type": "string" + } + }, + "required": [ + "BucketArn" + ], + "type": "object" + }, + "AWS::IoTFleetWise::Campaign.SignalFetchConfig": { + "additionalProperties": false, + "properties": { + "ConditionBased": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.ConditionBasedSignalFetchConfig", + "markdownDescription": "The configuration of a condition-based signal fetch operation.", + "title": "ConditionBased" + }, + "TimeBased": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.TimeBasedSignalFetchConfig", + "markdownDescription": "The configuration of a time-based signal fetch operation.", + "title": "TimeBased" + } + }, + "type": "object" + }, + "AWS::IoTFleetWise::Campaign.SignalFetchInformation": { + "additionalProperties": false, + "properties": { + "Actions": { "items": { "type": "string" }, - "markdownDescription": "A list of allowed resource ARNs that a API key bearer can perform actions on.\n\n- The ARN must be the correct ARN for a map, place, or route ARN. You may include wildcards in the resource-id to match multiple resources of the same type.\n- The resources must be in the same `partition` , `region` , and `account-id` as the key that is being created.\n- Other than wildcards, you must include the full ARN, including the `arn` , `partition` , `service` , `region` , `account-id` and `resource-id` delimited by colons (:).\n- No spaces allowed, even with wildcards. For example, `arn:aws:geo:region: *account-id* :map/ExampleMap*` .\n\nFor more information about ARN format, see [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) .", - "title": "AllowResources", + "markdownDescription": "The actions to be performed by the signal fetch.", + "title": "Actions", "type": "array" + }, + "ConditionLanguageVersion": { + "markdownDescription": "The version of the condition language used.", + "title": "ConditionLanguageVersion", + "type": "number" + }, + "FullyQualifiedName": { + "markdownDescription": "The fully qualified name of the signal to be fetched.", + "title": "FullyQualifiedName", + "type": "string" + }, + "SignalFetchConfig": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.SignalFetchConfig", + "markdownDescription": "The configuration of the signal fetch operation.", + "title": "SignalFetchConfig" } }, "required": [ - "AllowActions", - "AllowResources" + "Actions", + "FullyQualifiedName", + "SignalFetchConfig" ], "type": "object" }, - "AWS::Location::GeofenceCollection": { + "AWS::IoTFleetWise::Campaign.SignalInformation": { "additionalProperties": false, "properties": { - "Condition": { + "DataPartitionId": { + "markdownDescription": "The ID of the data partition this signal is associated with.\n\nThe ID must match one of the IDs provided in `dataPartitions` . This is accomplished either by specifying a particular data partition ID or by using `default` for an established default partition. You can establish a default partition in the `DataPartition` data type.\n\n> If you upload a signal as a condition for a campaign's data partition, the same signal must be included in `signalsToCollect` . > Access to certain AWS IoT FleetWise features is currently gated. For more information, see [AWS Region and feature availability](https://docs.aws.amazon.com/iot-fleetwise/latest/developerguide/fleetwise-regions.html) in the *AWS IoT FleetWise Developer Guide* .", + "title": "DataPartitionId", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "MaxSampleCount": { + "markdownDescription": "The maximum number of samples to collect.", + "title": "MaxSampleCount", + "type": "number" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "MinimumSamplingIntervalMs": { + "markdownDescription": "The minimum duration of time (in milliseconds) between two triggering events to collect data.\n\n> If a signal changes often, you might want to collect data at a slower rate.", + "title": "MinimumSamplingIntervalMs", + "type": "number" }, - "Metadata": { - "type": "object" + "Name": { + "markdownDescription": "The name of the signal.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::IoTFleetWise::Campaign.StorageMaximumSize": { + "additionalProperties": false, + "properties": { + "Unit": { + "markdownDescription": "The data type of the data to store.", + "title": "Unit", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "CollectionName": { - "markdownDescription": "A custom name for the geofence collection.\n\nRequirements:\n\n- Contain only alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139), hyphens (-), periods (.), and underscores (_).\n- Must be a unique geofence collection name.\n- No spaces allowed. For example, `ExampleGeofenceCollection` .", - "title": "CollectionName", - "type": "string" - }, - "Description": { - "markdownDescription": "An optional description for the geofence collection.", - "title": "Description", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "A key identifier for an [AWS KMS customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/create-keys.html) . Enter a key ID, key ARN, alias name, or alias ARN.", - "title": "KmsKeyId", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Applies one or more tags to the geofence collection. A tag is a key-value pair helps manage, identify, search, and filter your resources by labelling them.\n\nFormat: `\"key\" : \"value\"`\n\nRestrictions:\n\n- Maximum 50 tags per resource\n- Each resource tag must be unique with a maximum of one value.\n- Maximum key length: 128 Unicode characters in UTF-8\n- Maximum value length: 256 Unicode characters in UTF-8\n- Can use alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139), and the following characters: + - = . _ : / @.\n- Cannot use \"aws:\" as a prefix for a key.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "CollectionName" - ], - "type": "object" + "Value": { + "markdownDescription": "The maximum amount of time to store data.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "Unit", + "Value" + ], + "type": "object" + }, + "AWS::IoTFleetWise::Campaign.StorageMinimumTimeToLive": { + "additionalProperties": false, + "properties": { + "Unit": { + "markdownDescription": "The time increment type.", + "title": "Unit", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Location::GeofenceCollection" - ], + "Value": { + "markdownDescription": "The minimum amount of time to store the data.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "Unit", + "Value" + ], + "type": "object" + }, + "AWS::IoTFleetWise::Campaign.TimeBasedCollectionScheme": { + "additionalProperties": false, + "properties": { + "PeriodMs": { + "markdownDescription": "The time period (in milliseconds) to decide how often to collect data. For example, if the time period is `60000` , the Edge Agent software collects data once every minute.", + "title": "PeriodMs", + "type": "number" + } + }, + "required": [ + "PeriodMs" + ], + "type": "object" + }, + "AWS::IoTFleetWise::Campaign.TimeBasedSignalFetchConfig": { + "additionalProperties": false, + "properties": { + "ExecutionFrequencyMs": { + "markdownDescription": "The frequency with which the signal fetch will be executed.", + "title": "ExecutionFrequencyMs", + "type": "number" + } + }, + "required": [ + "ExecutionFrequencyMs" + ], + "type": "object" + }, + "AWS::IoTFleetWise::Campaign.TimestreamConfig": { + "additionalProperties": false, + "properties": { + "ExecutionRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the task execution role that grants AWS IoT FleetWise permission to deliver data to the Amazon Timestream table.", + "title": "ExecutionRoleArn", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TimestreamTableArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Timestream table.", + "title": "TimestreamTableArn", "type": "string" } }, "required": [ - "Type", - "Properties" + "ExecutionRoleArn", + "TimestreamTableArn" ], "type": "object" }, - "AWS::Location::Map": { + "AWS::IoTFleetWise::DecoderManifest": { "additionalProperties": false, "properties": { "Condition": { @@ -148960,44 +153725,65 @@ "Properties": { "additionalProperties": false, "properties": { - "Configuration": { - "$ref": "#/definitions/AWS::Location::Map.MapConfiguration", - "markdownDescription": "Specifies the `MapConfiguration` , including the map style, for the map resource that you create. The map style defines the look of maps and the data provider for your map resource.", - "title": "Configuration" + "DefaultForUnmappedSignals": { + "markdownDescription": "Use default decoders for all unmapped signals in the model. You don't need to provide any detailed decoding information.", + "title": "DefaultForUnmappedSignals", + "type": "string" }, "Description": { - "markdownDescription": "An optional description for the map resource.", + "markdownDescription": "A brief description of the decoder manifest.", "title": "Description", "type": "string" }, - "MapName": { - "markdownDescription": "The name for the map resource.\n\nRequirements:\n\n- Must contain only alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139), hyphens (-), periods (.), and underscores (_).\n- Must be a unique map resource name.\n- No spaces allowed. For example, `ExampleMap` .", - "title": "MapName", + "ModelManifestArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of a vehicle model (model manifest) associated with the decoder manifest.", + "title": "ModelManifestArn", "type": "string" }, - "PricingPlan": { - "markdownDescription": "No longer used. If included, the only allowed value is `RequestBasedUsage` .\n\n*Allowed Values* : `RequestBasedUsage`", - "title": "PricingPlan", + "Name": { + "markdownDescription": "The name of the decoder manifest.", + "title": "Name", + "type": "string" + }, + "NetworkInterfaces": { + "items": { + "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.NetworkInterfacesItems" + }, + "markdownDescription": "A list of information about available network interfaces.", + "title": "NetworkInterfaces", + "type": "array" + }, + "SignalDecoders": { + "items": { + "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.SignalDecodersItems" + }, + "markdownDescription": "A list of information about signal decoders.", + "title": "SignalDecoders", + "type": "array" + }, + "Status": { + "markdownDescription": "The state of the decoder manifest. If the status is `ACTIVE` , the decoder manifest can't be edited. If the status is marked `DRAFT` , you can edit the decoder manifest.", + "title": "Status", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Applies one or more tags to the map resource. A tag is a key-value pair helps manage, identify, search, and filter your resources by labelling them.\n\nFormat: `\"key\" : \"value\"`\n\nRestrictions:\n\n- Maximum 50 tags per resource\n- Each resource tag must be unique with a maximum of one value.\n- Maximum key length: 128 Unicode characters in UTF-8\n- Maximum value length: 256 Unicode characters in UTF-8\n- Can use alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139), and the following characters: + - = . _ : / @.\n- Cannot use \"aws:\" as a prefix for a key.", + "markdownDescription": "Metadata that can be used to manage the decoder manifest.", "title": "Tags", "type": "array" } }, "required": [ - "Configuration", - "MapName" + "ModelManifestArn", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Location::Map" + "AWS::IoTFleetWise::DecoderManifest" ], "type": "string" }, @@ -149016,332 +153802,288 @@ ], "type": "object" }, - "AWS::Location::Map.MapConfiguration": { + "AWS::IoTFleetWise::DecoderManifest.CanInterface": { "additionalProperties": false, "properties": { - "CustomLayers": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the custom layers for the style. Leave unset to not enable any custom layer, or, for styles that support custom layers, you can enable layer(s), such as the `POI` layer for the VectorEsriNavigation style.\n\n> Currenlty only `VectorEsriNavigation` supports CustomLayers. For more information, see [Custom Layers](https://docs.aws.amazon.com//location/latest/developerguide/map-concepts.html#map-custom-layers) .", - "title": "CustomLayers", - "type": "array" + "Name": { + "markdownDescription": "The unique name of the interface.", + "title": "Name", + "type": "string" }, - "PoliticalView": { - "markdownDescription": "Specifies the map political view selected from an available data provider.", - "title": "PoliticalView", + "ProtocolName": { + "markdownDescription": "The name of the communication protocol for the interface.", + "title": "ProtocolName", "type": "string" }, - "Style": { - "markdownDescription": "Specifies the map style selected from an available data provider.\n\nValid [Esri map styles](https://docs.aws.amazon.com/location/previous/developerguide/esri.html) :\n\n- `VectorEsriDarkGrayCanvas` \u2013 The Esri Dark Gray Canvas map style. A vector basemap with a dark gray, neutral background with minimal colors, labels, and features that's designed to draw attention to your thematic content.\n- `RasterEsriImagery` \u2013 The Esri Imagery map style. A raster basemap that provides one meter or better satellite and aerial imagery in many parts of the world and lower resolution satellite imagery worldwide.\n- `VectorEsriLightGrayCanvas` \u2013 The Esri Light Gray Canvas map style, which provides a detailed vector basemap with a light gray, neutral background style with minimal colors, labels, and features that's designed to draw attention to your thematic content.\n- `VectorEsriTopographic` \u2013 The Esri Light map style, which provides a detailed vector basemap with a classic Esri map style.\n- `VectorEsriStreets` \u2013 The Esri Street Map style, which provides a detailed vector basemap for the world symbolized with a classic Esri street map style. The vector tile layer is similar in content and style to the World Street Map raster map.\n- `VectorEsriNavigation` \u2013 The Esri Navigation map style, which provides a detailed basemap for the world symbolized with a custom navigation map style that's designed for use during the day in mobile devices.\n\nValid [HERE Technologies map styles](https://docs.aws.amazon.com/location/previous/developerguide/HERE.html) :\n\n- `VectorHereContrast` \u2013 The HERE Contrast (Berlin) map style is a high contrast detailed base map of the world that blends 3D and 2D rendering.\n\n> The `VectorHereContrast` style has been renamed from `VectorHereBerlin` . `VectorHereBerlin` has been deprecated, but will continue to work in applications that use it.\n- `VectorHereExplore` \u2013 A default HERE map style containing a neutral, global map and its features including roads, buildings, landmarks, and water features. It also now includes a fully designed map of Japan.\n- `VectorHereExploreTruck` \u2013 A global map containing truck restrictions and attributes (e.g. width / height / HAZMAT) symbolized with highlighted segments and icons on top of HERE Explore to support use cases within transport and logistics.\n- `RasterHereExploreSatellite` \u2013 A global map containing high resolution satellite imagery.\n- `HybridHereExploreSatellite` \u2013 A global map displaying the road network, street names, and city labels over satellite imagery. This style will automatically retrieve both raster and vector tiles, and your charges will be based on total tiles retrieved.\n\n> Hybrid styles use both vector and raster tiles when rendering the map that you see. This means that more tiles are retrieved than when using either vector or raster tiles alone. Your charges will include all tiles retrieved.\n\nValid [GrabMaps map styles](https://docs.aws.amazon.com/location/previous/developerguide/grab.html) :\n\n- `VectorGrabStandardLight` \u2013 The Grab Standard Light map style provides a basemap with detailed land use coloring, area names, roads, landmarks, and points of interest covering Southeast Asia.\n- `VectorGrabStandardDark` \u2013 The Grab Standard Dark map style provides a dark variation of the standard basemap covering Southeast Asia.\n\n> Grab provides maps only for countries in Southeast Asia, and is only available in the Asia Pacific (Singapore) Region ( `ap-southeast-1` ). For more information, see [GrabMaps countries and area covered](https://docs.aws.amazon.com/location/previous/developerguide/grab.html#grab-coverage-area) . \n\nValid [Open Data map styles](https://docs.aws.amazon.com/location/previous/developerguide/open-data.html) :\n\n- `VectorOpenDataStandardLight` \u2013 The Open Data Standard Light map style provides a detailed basemap for the world suitable for website and mobile application use. The map includes highways major roads, minor roads, railways, water features, cities, parks, landmarks, building footprints, and administrative boundaries.\n- `VectorOpenDataStandardDark` \u2013 Open Data Standard Dark is a dark-themed map style that provides a detailed basemap for the world suitable for website and mobile application use. The map includes highways major roads, minor roads, railways, water features, cities, parks, landmarks, building footprints, and administrative boundaries.\n- `VectorOpenDataVisualizationLight` \u2013 The Open Data Visualization Light map style is a light-themed style with muted colors and fewer features that aids in understanding overlaid data.\n- `VectorOpenDataVisualizationDark` \u2013 The Open Data Visualization Dark map style is a dark-themed style with muted colors and fewer features that aids in understanding overlaid data.", - "title": "Style", + "ProtocolVersion": { + "markdownDescription": "The version of the communication protocol for the interface.", + "title": "ProtocolVersion", "type": "string" } }, "required": [ - "Style" + "Name" ], "type": "object" }, - "AWS::Location::PlaceIndex": { + "AWS::IoTFleetWise::DecoderManifest.CanSignal": { "additionalProperties": false, "properties": { - "Condition": { + "Factor": { + "markdownDescription": "A multiplier used to decode the CAN message.", + "title": "Factor", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "IsBigEndian": { + "markdownDescription": "Whether the byte ordering of a CAN message is big-endian.", + "title": "IsBigEndian", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "IsSigned": { + "markdownDescription": "Whether the message data is specified as a signed value.", + "title": "IsSigned", + "type": "string" }, - "Metadata": { - "type": "object" + "Length": { + "markdownDescription": "How many bytes of data are in the message.", + "title": "Length", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DataSource": { - "markdownDescription": "Specifies the geospatial data provider for the new place index.\n\n> This field is case-sensitive. Enter the valid values as shown. For example, entering `HERE` returns an error. \n\nValid values include:\n\n- `Esri` \u2013 For additional information about [Esri](https://docs.aws.amazon.com/location/previous/developerguide/esri.html) 's coverage in your region of interest, see [Esri details on geocoding coverage](https://docs.aws.amazon.com/https://developers.arcgis.com/rest/geocode/api-reference/geocode-coverage.htm) .\n- `Grab` \u2013 Grab provides place index functionality for Southeast Asia. For additional information about [GrabMaps](https://docs.aws.amazon.com/location/previous/developerguide/grab.html) ' coverage, see [GrabMaps countries and areas covered](https://docs.aws.amazon.com/location/previous/developerguide/grab.html#grab-coverage-area) .\n- `Here` \u2013 For additional information about [HERE Technologies](https://docs.aws.amazon.com/location/previous/developerguide/HERE.html) ' coverage in your region of interest, see [HERE details on goecoding coverage](https://docs.aws.amazon.com/https://developer.here.com/documentation/geocoder/dev_guide/topics/coverage-geocoder.html) .\n\n> If you specify HERE Technologies ( `Here` ) as the data provider, you may not [store results](https://docs.aws.amazon.com//location-places/latest/APIReference/API_DataSourceConfiguration.html) for locations in Japan. For more information, see the [AWS service terms](https://docs.aws.amazon.com/service-terms/) for Amazon Location Service.\n\nFor additional information , see [Data providers](https://docs.aws.amazon.com/location/previous/developerguide/what-is-data-provider.html) on the *Amazon Location Service developer guide* .", - "title": "DataSource", - "type": "string" - }, - "DataSourceConfiguration": { - "$ref": "#/definitions/AWS::Location::PlaceIndex.DataSourceConfiguration", - "markdownDescription": "Specifies the data storage option requesting Places.", - "title": "DataSourceConfiguration" - }, - "Description": { - "markdownDescription": "The optional description for the place index resource.", - "title": "Description", - "type": "string" - }, - "IndexName": { - "markdownDescription": "The name of the place index resource.\n\nRequirements:\n\n- Contain only alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139), hyphens (-), periods (.), and underscores (_).\n- Must be a unique place index resource name.\n- No spaces allowed. For example, `ExamplePlaceIndex` .", - "title": "IndexName", - "type": "string" - }, - "PricingPlan": { - "markdownDescription": "No longer used. If included, the only allowed value is `RequestBasedUsage` .\n\n*Allowed Values* : `RequestBasedUsage`", - "title": "PricingPlan", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "DataSource", - "IndexName" - ], - "type": "object" + "MessageId": { + "markdownDescription": "The ID of the message.", + "title": "MessageId", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Location::PlaceIndex" - ], + "Name": { + "markdownDescription": "The name of the signal.", + "title": "Name", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Offset": { + "markdownDescription": "The offset used to calculate the signal value. Combined with factor, the calculation is `value = raw_value * factor + offset` .", + "title": "Offset", + "type": "string" + }, + "SignalValueType": { + "markdownDescription": "The value type of the signal. The default value is `INTEGER` .", + "title": "SignalValueType", + "type": "string" + }, + "StartBit": { + "markdownDescription": "Indicates the beginning of the CAN message.", + "title": "StartBit", "type": "string" } }, "required": [ - "Type", - "Properties" + "Factor", + "IsBigEndian", + "IsSigned", + "Length", + "MessageId", + "Offset", + "StartBit" ], "type": "object" }, - "AWS::Location::PlaceIndex.DataSourceConfiguration": { + "AWS::IoTFleetWise::DecoderManifest.CustomDecodingInterface": { "additionalProperties": false, "properties": { - "IntendedUse": { - "markdownDescription": "Specifies how the results of an operation will be stored by the caller.\n\nValid values include:\n\n- `SingleUse` specifies that the results won't be stored.\n- `Storage` specifies that the result can be cached or stored in a database.\n\nDefault value: `SingleUse`", - "title": "IntendedUse", + "Name": { + "markdownDescription": "The name of the interface.", + "title": "Name", "type": "string" } }, + "required": [ + "Name" + ], "type": "object" }, - "AWS::Location::RouteCalculator": { + "AWS::IoTFleetWise::DecoderManifest.CustomDecodingSignal": { "additionalProperties": false, "properties": { - "Condition": { + "Id": { + "markdownDescription": "The ID of the signal.", + "title": "Id", "type": "string" + } + }, + "required": [ + "Id" + ], + "type": "object" + }, + "AWS::IoTFleetWise::DecoderManifest.NetworkInterfacesItems": { + "additionalProperties": false, + "properties": { + "CanInterface": { + "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.CanInterface" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "CustomDecodingInterface": { + "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.CustomDecodingInterface" + }, + "InterfaceId": { "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ObdInterface": { + "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.ObdInterface" }, - "Metadata": { - "type": "object" + "Type": { + "type": "string" + } + }, + "required": [ + "InterfaceId", + "Type" + ], + "type": "object" + }, + "AWS::IoTFleetWise::DecoderManifest.ObdInterface": { + "additionalProperties": false, + "properties": { + "DtcRequestIntervalSeconds": { + "markdownDescription": "The maximum number message requests per diagnostic trouble code per second.", + "title": "DtcRequestIntervalSeconds", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "CalculatorName": { - "markdownDescription": "The name of the route calculator resource.\n\nRequirements:\n\n- Can use alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139) , hyphens (-), periods (.), and underscores (_).\n- Must be a unique Route calculator resource name.\n- No spaces allowed. For example, `ExampleRouteCalculator` .", - "title": "CalculatorName", - "type": "string" - }, - "DataSource": { - "markdownDescription": "Specifies the data provider of traffic and road network data.\n\n> This field is case-sensitive. Enter the valid values as shown. For example, entering `HERE` returns an error. \n\nValid values include:\n\n- `Esri` \u2013 For additional information about [Esri](https://docs.aws.amazon.com/location/previous/developerguide/esri.html) 's coverage in your region of interest, see [Esri details on street networks and traffic coverage](https://docs.aws.amazon.com/https://doc.arcgis.com/en/arcgis-online/reference/network-coverage.htm) .\n\nRoute calculators that use Esri as a data source only calculate routes that are shorter than 400 km.\n- `Grab` \u2013 Grab provides routing functionality for Southeast Asia. For additional information about [GrabMaps](https://docs.aws.amazon.com/location/previous/developerguide/grab.html) ' coverage, see [GrabMaps countries and areas covered](https://docs.aws.amazon.com/location/previous/developerguide/grab.html#grab-coverage-area) .\n- `Here` \u2013 For additional information about [HERE Technologies](https://docs.aws.amazon.com/location/previous/developerguide/HERE.html) ' coverage in your region of interest, see [HERE car routing coverage](https://docs.aws.amazon.com/https://developer.here.com/documentation/routing-api/dev_guide/topics/coverage/car-routing.html) and [HERE truck routing coverage](https://docs.aws.amazon.com/https://developer.here.com/documentation/routing-api/dev_guide/topics/coverage/truck-routing.html) .\n\nFor additional information , see [Data providers](https://docs.aws.amazon.com/location/previous/developerguide/what-is-data-provider.html) on the *Amazon Location Service Developer Guide* .", - "title": "DataSource", - "type": "string" - }, - "Description": { - "markdownDescription": "The optional description for the route calculator resource.", - "title": "Description", - "type": "string" - }, - "PricingPlan": { - "markdownDescription": "No longer used. If included, the only allowed value is `RequestBasedUsage` .\n\n*Allowed Values* : `RequestBasedUsage`", - "title": "PricingPlan", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "CalculatorName", - "DataSource" - ], - "type": "object" + "HasTransmissionEcu": { + "markdownDescription": "Whether the vehicle has a transmission control module (TCM).", + "title": "HasTransmissionEcu", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Location::RouteCalculator" - ], + "Name": { + "markdownDescription": "The name of the interface.", + "title": "Name", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ObdStandard": { + "markdownDescription": "The standard OBD II PID.", + "title": "ObdStandard", + "type": "string" + }, + "PidRequestIntervalSeconds": { + "markdownDescription": "The maximum number message requests per second.", + "title": "PidRequestIntervalSeconds", + "type": "string" + }, + "RequestMessageId": { + "markdownDescription": "The ID of the message requesting vehicle data.", + "title": "RequestMessageId", + "type": "string" + }, + "UseExtendedIds": { + "markdownDescription": "Whether to use extended IDs in the message.", + "title": "UseExtendedIds", "type": "string" } }, "required": [ - "Type", - "Properties" + "Name", + "RequestMessageId" ], "type": "object" }, - "AWS::Location::Tracker": { + "AWS::IoTFleetWise::DecoderManifest.ObdSignal": { "additionalProperties": false, "properties": { - "Condition": { + "BitMaskLength": { + "markdownDescription": "The number of bits to mask in a message.", + "title": "BitMaskLength", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "BitRightShift": { + "markdownDescription": "The number of positions to shift bits in the message.", + "title": "BitRightShift", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ByteLength": { + "markdownDescription": "The length of a message.", + "title": "ByteLength", + "type": "string" }, - "Metadata": { - "type": "object" + "IsSigned": { + "markdownDescription": "Determines whether the message is signed ( `true` ) or not ( `false` ). If it's signed, the message can represent both positive and negative numbers. The `isSigned` parameter only applies to the `INTEGER` raw signal type, and it doesn't affect the `FLOATING_POINT` raw signal type. The default value is `false` .", + "title": "IsSigned", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "An optional description for the tracker resource.", - "title": "Description", - "type": "string" - }, - "EventBridgeEnabled": { - "markdownDescription": "", - "title": "EventBridgeEnabled", - "type": "boolean" - }, - "KmsKeyEnableGeospatialQueries": { - "markdownDescription": "", - "title": "KmsKeyEnableGeospatialQueries", - "type": "boolean" - }, - "KmsKeyId": { - "markdownDescription": "A key identifier for an [AWS KMS customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/create-keys.html) . Enter a key ID, key ARN, alias name, or alias ARN.", - "title": "KmsKeyId", - "type": "string" - }, - "PositionFiltering": { - "markdownDescription": "Specifies the position filtering for the tracker resource.\n\nValid values:\n\n- `TimeBased` - Location updates are evaluated against linked geofence collections, but not every location update is stored. If your update frequency is more often than 30 seconds, only one update per 30 seconds is stored for each unique device ID.\n- `DistanceBased` - If the device has moved less than 30 m (98.4 ft), location updates are ignored. Location updates within this area are neither evaluated against linked geofence collections, nor stored. This helps control costs by reducing the number of geofence evaluations and historical device positions to paginate through. Distance-based filtering can also reduce the effects of GPS noise when displaying device trajectories on a map.\n- `AccuracyBased` - If the device has moved less than the measured accuracy, location updates are ignored. For example, if two consecutive updates from a device have a horizontal accuracy of 5 m and 10 m, the second update is ignored if the device has moved less than 15 m. Ignored location updates are neither evaluated against linked geofence collections, nor stored. This can reduce the effects of GPS noise when displaying device trajectories on a map, and can help control your costs by reducing the number of geofence evaluations.\n\nThis field is optional. If not specified, the default value is `TimeBased` .", - "title": "PositionFiltering", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "", - "title": "Tags", - "type": "array" - }, - "TrackerName": { - "markdownDescription": "The name for the tracker resource.\n\nRequirements:\n\n- Contain only alphanumeric characters (A-Z, a-z, 0-9) , hyphens (-), periods (.), and underscores (_).\n- Must be a unique tracker resource name.\n- No spaces allowed. For example, `ExampleTracker` .", - "title": "TrackerName", - "type": "string" - } - }, - "required": [ - "TrackerName" - ], - "type": "object" + "Offset": { + "markdownDescription": "The offset used to calculate the signal value. Combined with scaling, the calculation is `value = raw_value * scaling + offset` .", + "title": "Offset", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Location::Tracker" - ], + "Pid": { + "markdownDescription": "The diagnostic code used to request data from a vehicle for this signal.", + "title": "Pid", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "PidResponseLength": { + "markdownDescription": "The length of the requested data.", + "title": "PidResponseLength", + "type": "string" + }, + "Scaling": { + "markdownDescription": "A multiplier used to decode the message.", + "title": "Scaling", + "type": "string" + }, + "ServiceMode": { + "markdownDescription": "The mode of operation (diagnostic service) in a message.", + "title": "ServiceMode", + "type": "string" + }, + "SignalValueType": { + "markdownDescription": "The value type of the signal. The default value is `INTEGER` .", + "title": "SignalValueType", + "type": "string" + }, + "StartByte": { + "markdownDescription": "Indicates the beginning of the message.", + "title": "StartByte", "type": "string" } }, "required": [ - "Type", - "Properties" + "ByteLength", + "Offset", + "Pid", + "PidResponseLength", + "Scaling", + "ServiceMode", + "StartByte" ], "type": "object" }, - "AWS::Location::TrackerConsumer": { + "AWS::IoTFleetWise::DecoderManifest.SignalDecodersItems": { + "additionalProperties": false, + "properties": { + "CanSignal": { + "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.CanSignal" + }, + "CustomDecodingSignal": { + "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.CustomDecodingSignal" + }, + "FullyQualifiedName": { + "type": "string" + }, + "InterfaceId": { + "type": "string" + }, + "ObdSignal": { + "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.ObdSignal" + }, + "Type": { + "type": "string" + } + }, + "required": [ + "FullyQualifiedName", + "InterfaceId", + "Type" + ], + "type": "object" + }, + "AWS::IoTFleetWise::Fleet": { "additionalProperties": false, "properties": { "Condition": { @@ -149376,26 +154118,39 @@ "Properties": { "additionalProperties": false, "properties": { - "ConsumerArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the geofence collection to be associated to tracker resource. Used when you need to specify a resource across all AWS .\n\n- Format example: `arn:aws:geo:region:account-id:geofence-collection/ExampleGeofenceCollectionConsumer`", - "title": "ConsumerArn", + "Description": { + "markdownDescription": "A brief description of the fleet.", + "title": "Description", "type": "string" }, - "TrackerName": { - "markdownDescription": "The name for the tracker resource.\n\nRequirements:\n\n- Contain only alphanumeric characters (A-Z, a-z, 0-9) , hyphens (-), periods (.), and underscores (_).\n- Must be a unique tracker resource name.\n- No spaces allowed. For example, `ExampleTracker` .", - "title": "TrackerName", + "Id": { + "markdownDescription": "The unique ID of the fleet.", + "title": "Id", + "type": "string" + }, + "SignalCatalogArn": { + "markdownDescription": "The ARN of the signal catalog associated with the fleet.", + "title": "SignalCatalogArn", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata that can be used to manage the fleet.", + "title": "Tags", + "type": "array" } }, "required": [ - "ConsumerArn", - "TrackerName" + "Id", + "SignalCatalogArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Location::TrackerConsumer" + "AWS::IoTFleetWise::Fleet" ], "type": "string" }, @@ -149414,7 +154169,7 @@ ], "type": "object" }, - "AWS::Logs::AccountPolicy": { + "AWS::IoTFleetWise::ModelManifest": { "additionalProperties": false, "properties": { "Condition": { @@ -149449,42 +154204,52 @@ "Properties": { "additionalProperties": false, "properties": { - "PolicyDocument": { - "markdownDescription": "Specify the policy, in JSON.\n\n*Data protection policy*\n\nA data protection policy must include two JSON blocks:\n\n- The first block must include both a `DataIdentifer` array and an `Operation` property with an `Audit` action. The `DataIdentifer` array lists the types of sensitive data that you want to mask. For more information about the available options, see [Types of data that you can mask](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/mask-sensitive-log-data-types.html) .\n\nThe `Operation` property with an `Audit` action is required to find the sensitive data terms. This `Audit` action must contain a `FindingsDestination` object. You can optionally use that `FindingsDestination` object to list one or more destinations to send audit findings to. If you specify destinations such as log groups, Firehose streams, and S3 buckets, they must already exist.\n- The second block must include both a `DataIdentifer` array and an `Operation` property with an `Deidentify` action. The `DataIdentifer` array must exactly match the `DataIdentifer` array in the first block of the policy.\n\nThe `Operation` property with the `Deidentify` action is what actually masks the data, and it must contain the `\"MaskConfig\": {}` object. The `\"MaskConfig\": {}` object must be empty.\n\n> The contents of the two `DataIdentifer` arrays must match exactly. \n\nIn addition to the two JSON blocks, the `policyDocument` can also include `Name` , `Description` , and `Version` fields. The `Name` is different than the operation's `policyName` parameter, and is used as a dimension when CloudWatch Logs reports audit findings metrics to CloudWatch .\n\nThe JSON specified in `policyDocument` can be up to 30,720 characters long.\n\n*Subscription filter policy*\n\nA subscription filter policy can include the following attributes in a JSON block:\n\n- *DestinationArn* The ARN of the destination to deliver log events to. Supported destinations are:\n\n- An Kinesis Data Streams data stream in the same account as the subscription policy, for same-account delivery.\n- An Firehose data stream in the same account as the subscription policy, for same-account delivery.\n- A Lambda function in the same account as the subscription policy, for same-account delivery.\n- A logical destination in a different account created with [PutDestination](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDestination.html) , for cross-account delivery. Kinesis Data Streams and Firehose are supported as logical destinations.\n- *RoleArn* The ARN of an IAM role that grants CloudWatch Logs permissions to deliver ingested log events to the destination stream. You don't need to provide the ARN when you are working with a logical destination for cross-account delivery.\n- *FilterPattern* A filter pattern for subscribing to a filtered stream of log events.\n- *Distribution* The method used to distribute log data to the destination. By default, log data is grouped by log stream, but the grouping can be set to `Random` for a more even distribution. This property is only applicable when the destination is an Kinesis Data Streams data stream.\n\n*Field index policy*\n\nA field index filter policy can include the following attribute in a JSON block:\n\n- *Fields* The array of field indexes to create.\n\nThe following is an example of an index policy document that creates two indexes, `RequestId` and `TransactionId` .\n\n`\"policyDocument\": \"{ \\\"Fields\\\": [ \\\"RequestId\\\", \\\"TransactionId\\\" ] }\"`\n\n*Transformer policy*\n\nA transformer policy must include one JSON block with the array of processors and their configurations. For more information about available processors, see [Processors that you can use](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-Processors) .", - "title": "PolicyDocument", + "Description": { + "markdownDescription": "A brief description of the vehicle model.", + "title": "Description", "type": "string" }, - "PolicyName": { - "markdownDescription": "A name for the policy. This must be unique within the account.", - "title": "PolicyName", + "Name": { + "markdownDescription": "The name of the vehicle model.", + "title": "Name", "type": "string" }, - "PolicyType": { - "markdownDescription": "The type of policy that you're creating or updating.", - "title": "PolicyType", - "type": "string" + "Nodes": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of nodes, which are a general abstraction of signals.", + "title": "Nodes", + "type": "array" }, - "Scope": { - "markdownDescription": "Currently the only valid value for this parameter is `ALL` , which specifies that the policy applies to all log groups in the account. If you omit this parameter, the default of `ALL` is used. To scope down a subscription filter policy to a subset of log groups, use the `SelectionCriteria` parameter.", - "title": "Scope", + "SignalCatalogArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the signal catalog associated with the vehicle model.", + "title": "SignalCatalogArn", "type": "string" }, - "SelectionCriteria": { - "markdownDescription": "Use this parameter to apply the new policy to a subset of log groups in the account.\n\nYou need to specify `SelectionCriteria` only when you specify `SUBSCRIPTION_FILTER_POLICY` , `FIELD_INDEX_POLICY` or `TRANSFORMER_POLICY` for `PolicyType` .\n\nIf `PolicyType` is `SUBSCRIPTION_FILTER_POLICY` , the only supported `SelectionCriteria` filter is `LogGroupName NOT IN []`\n\nIf `PolicyType` is `FIELD_INDEX_POLICY` or `TRANSFORMER_POLICY` , the only supported `SelectionCriteria` filter is `LogGroupNamePrefix`\n\nThe `SelectionCriteria` string can be up to 25KB in length. The length is determined by using its UTF-8 bytes.\n\nUsing the `SelectionCriteria` parameter with `SUBSCRIPTION_FILTER_POLICY` is useful to help prevent infinite loops. For more information, see [Log recursion prevention](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/Subscriptions-recursion-prevention.html) .", - "title": "SelectionCriteria", + "Status": { + "markdownDescription": "The state of the vehicle model. If the status is `ACTIVE` , the vehicle model can't be edited. If the status is `DRAFT` , you can edit the vehicle model.", + "title": "Status", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata that can be used to manage the vehicle model.", + "title": "Tags", + "type": "array" } }, "required": [ - "PolicyDocument", - "PolicyName", - "PolicyType" + "Name", + "SignalCatalogArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Logs::AccountPolicy" + "AWS::IoTFleetWise::ModelManifest" ], "type": "string" }, @@ -149503,7 +154268,7 @@ ], "type": "object" }, - "AWS::Logs::Delivery": { + "AWS::IoTFleetWise::SignalCatalog": { "additionalProperties": false, "properties": { "Condition": { @@ -149538,34 +154303,43 @@ "Properties": { "additionalProperties": false, "properties": { - "DeliveryDestinationArn": { - "markdownDescription": "The ARN of the delivery destination that is associated with this delivery.", - "title": "DeliveryDestinationArn", + "Description": { + "markdownDescription": "A brief description of the signal catalog.", + "title": "Description", "type": "string" }, - "DeliverySourceName": { - "markdownDescription": "The name of the delivery source that is associated with this delivery.", - "title": "DeliverySourceName", + "Name": { + "markdownDescription": "The name of the signal catalog.", + "title": "Name", "type": "string" }, + "NodeCounts": { + "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog.NodeCounts", + "markdownDescription": "Information about the number of nodes and node types in a vehicle network.", + "title": "NodeCounts" + }, + "Nodes": { + "items": { + "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog.Node" + }, + "markdownDescription": "A list of information about nodes, which are a general abstraction of signals.", + "title": "Nodes", + "type": "array" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to the delivery.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "Metadata that can be used to manage the signal catalog.", "title": "Tags", "type": "array" } }, - "required": [ - "DeliveryDestinationArn", - "DeliverySourceName" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Logs::Delivery" + "AWS::IoTFleetWise::SignalCatalog" ], "type": "string" }, @@ -149579,266 +154353,246 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Logs::DeliveryDestination": { + "AWS::IoTFleetWise::SignalCatalog.Actuator": { "additionalProperties": false, "properties": { - "Condition": { + "AllowedValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of possible values an actuator can take.", + "title": "AllowedValues", + "type": "array" + }, + "AssignedValue": { + "markdownDescription": "A specified value for the actuator.", + "title": "AssignedValue", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DataType": { + "markdownDescription": "The specified data type of the actuator.", + "title": "DataType", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Description": { + "markdownDescription": "A brief description of the actuator.", + "title": "Description", + "type": "string" }, - "Metadata": { - "type": "object" + "FullyQualifiedName": { + "markdownDescription": "The fully qualified name of the actuator. For example, the fully qualified name of an actuator might be `Vehicle.Front.Left.Door.Lock` .", + "title": "FullyQualifiedName", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DeliveryDestinationPolicy": { - "markdownDescription": "An IAM policy that grants permissions to CloudWatch Logs to deliver logs cross-account to a specified destination in this account. For examples of this policy, see [Examples](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDeliveryDestinationPolicy.html#API_PutDeliveryDestinationPolicy_Examples) in the CloudWatch Logs API Reference.", - "title": "DeliveryDestinationPolicy", - "type": "object" - }, - "DestinationResourceArn": { - "markdownDescription": "The ARN of the AWS destination that this delivery destination represents. That AWS destination can be a log group in CloudWatch Logs , an Amazon S3 bucket, or a Firehose stream.", - "title": "DestinationResourceArn", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of this delivery destination.", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to the delivery destination.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Name" - ], - "type": "object" + "Max": { + "markdownDescription": "The specified possible maximum value of an actuator.", + "title": "Max", + "type": "number" }, - "Type": { - "enum": [ - "AWS::Logs::DeliveryDestination" - ], - "type": "string" + "Min": { + "markdownDescription": "The specified possible minimum value of an actuator.", + "title": "Min", + "type": "number" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Unit": { + "markdownDescription": "The scientific unit for the actuator.", + "title": "Unit", "type": "string" } }, "required": [ - "Type", - "Properties" + "DataType", + "FullyQualifiedName" ], "type": "object" }, - "AWS::Logs::DeliverySource": { + "AWS::IoTFleetWise::SignalCatalog.Attribute": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "AllowedValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of possible values an attribute can be assigned.", + "title": "AllowedValues", + "type": "array" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "AssignedValue": { + "markdownDescription": "A specified value for the attribute.", + "title": "AssignedValue", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "DataType": { + "markdownDescription": "The specified data type of the attribute.", + "title": "DataType", + "type": "string" }, - "Metadata": { - "type": "object" + "DefaultValue": { + "markdownDescription": "The default value of the attribute.", + "title": "DefaultValue", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "LogType": { - "markdownDescription": "The type of log that the source is sending. For valid values for this parameter, see the documentation for the source service.", - "title": "LogType", - "type": "string" - }, - "Name": { - "markdownDescription": "The unique name of the delivery source.", - "title": "Name", - "type": "string" - }, - "ResourceArn": { - "markdownDescription": "The ARN of the AWS resource that is generating and sending logs. For example, `arn:aws:workmail:us-east-1:123456789012:organization/m-1234EXAMPLEabcd1234abcd1234abcd1234`", - "title": "ResourceArn", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to the delivery source.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Name" - ], - "type": "object" + "Description": { + "markdownDescription": "A brief description of the attribute.", + "title": "Description", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Logs::DeliverySource" - ], + "FullyQualifiedName": { + "markdownDescription": "The fully qualified name of the attribute. For example, the fully qualified name of an attribute might be `Vehicle.Body.Engine.Type` .", + "title": "FullyQualifiedName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Max": { + "markdownDescription": "The specified possible maximum value of the attribute.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The specified possible minimum value of the attribute.", + "title": "Min", + "type": "number" + }, + "Unit": { + "markdownDescription": "The scientific unit for the attribute.", + "title": "Unit", "type": "string" } }, "required": [ - "Type", - "Properties" + "DataType", + "FullyQualifiedName" ], "type": "object" }, - "AWS::Logs::Destination": { + "AWS::IoTFleetWise::SignalCatalog.Branch": { "additionalProperties": false, "properties": { - "Condition": { + "Description": { + "markdownDescription": "A brief description of the branch.", + "title": "Description", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FullyQualifiedName": { + "markdownDescription": "The fully qualified name of the branch. For example, the fully qualified name of a branch might be `Vehicle.Body.Engine` .", + "title": "FullyQualifiedName", "type": "string" + } + }, + "required": [ + "FullyQualifiedName" + ], + "type": "object" + }, + "AWS::IoTFleetWise::SignalCatalog.Node": { + "additionalProperties": false, + "properties": { + "Actuator": { + "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog.Actuator", + "markdownDescription": "Information about a node specified as an actuator.\n\n> An actuator is a digital representation of a vehicle device.", + "title": "Actuator" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Attribute": { + "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog.Attribute", + "markdownDescription": "Information about a node specified as an attribute.\n\n> An attribute represents static information about a vehicle.", + "title": "Attribute" }, - "Metadata": { - "type": "object" + "Branch": { + "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog.Branch", + "markdownDescription": "Information about a node specified as a branch.\n\n> A group of signals that are defined in a hierarchical structure.", + "title": "Branch" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DestinationName": { - "markdownDescription": "The name of the destination.", - "title": "DestinationName", - "type": "string" - }, - "DestinationPolicy": { - "markdownDescription": "An IAM policy document that governs which AWS accounts can create subscription filters against this destination.", - "title": "DestinationPolicy", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN of an IAM role that permits CloudWatch Logs to send data to the specified AWS resource.", - "title": "RoleArn", - "type": "string" - }, - "TargetArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the physical target where the log events are delivered (for example, a Kinesis stream).", - "title": "TargetArn", - "type": "string" - } + "Sensor": { + "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog.Sensor", + "markdownDescription": "An input component that reports the environmental condition of a vehicle.\n\n> You can collect data about fluid levels, temperatures, vibrations, or battery voltage from sensors.", + "title": "Sensor" + } + }, + "type": "object" + }, + "AWS::IoTFleetWise::SignalCatalog.NodeCounts": { + "additionalProperties": false, + "properties": { + "TotalActuators": { + "markdownDescription": "The total number of nodes in a vehicle network that represent actuators.", + "title": "TotalActuators", + "type": "number" + }, + "TotalAttributes": { + "markdownDescription": "The total number of nodes in a vehicle network that represent attributes.", + "title": "TotalAttributes", + "type": "number" + }, + "TotalBranches": { + "markdownDescription": "The total number of nodes in a vehicle network that represent branches.", + "title": "TotalBranches", + "type": "number" + }, + "TotalNodes": { + "markdownDescription": "The total number of nodes in a vehicle network.", + "title": "TotalNodes", + "type": "number" + }, + "TotalSensors": { + "markdownDescription": "The total number of nodes in a vehicle network that represent sensors.", + "title": "TotalSensors", + "type": "number" + } + }, + "type": "object" + }, + "AWS::IoTFleetWise::SignalCatalog.Sensor": { + "additionalProperties": false, + "properties": { + "AllowedValues": { + "items": { + "type": "string" }, - "required": [ - "DestinationName", - "RoleArn", - "TargetArn" - ], - "type": "object" + "markdownDescription": "A list of possible values a sensor can take.", + "title": "AllowedValues", + "type": "array" }, - "Type": { - "enum": [ - "AWS::Logs::Destination" - ], + "DataType": { + "markdownDescription": "The specified data type of the sensor.", + "title": "DataType", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Description": { + "markdownDescription": "A brief description of a sensor.", + "title": "Description", + "type": "string" + }, + "FullyQualifiedName": { + "markdownDescription": "The fully qualified name of the sensor. For example, the fully qualified name of a sensor might be `Vehicle.Body.Engine.Battery` .", + "title": "FullyQualifiedName", + "type": "string" + }, + "Max": { + "markdownDescription": "The specified possible maximum value of the sensor.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The specified possible minimum value of the sensor.", + "title": "Min", + "type": "number" + }, + "Unit": { + "markdownDescription": "The scientific unit of measurement for data collected by the sensor.", + "title": "Unit", "type": "string" } }, "required": [ - "Type", - "Properties" + "DataType", + "FullyQualifiedName" ], "type": "object" }, - "AWS::Logs::LogAnomalyDetector": { + "AWS::IoTFleetWise::StateTemplate": { "additionalProperties": false, "properties": { "Condition": { @@ -149873,50 +154627,64 @@ "Properties": { "additionalProperties": false, "properties": { - "AccountId": { - "markdownDescription": "The ID of the account to create the anomaly detector in.", - "title": "AccountId", - "type": "string" - }, - "AnomalyVisibilityTime": { - "markdownDescription": "The number of days to have visibility on an anomaly. After this time period has elapsed for an anomaly, it will be automatically baselined and the anomaly detector will treat new occurrences of a similar anomaly as normal. Therefore, if you do not correct the cause of an anomaly during the time period specified in `AnomalyVisibilityTime` , it will be considered normal going forward and will not be detected as an anomaly.", - "title": "AnomalyVisibilityTime", - "type": "number" + "DataExtraDimensions": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of vehicle attributes associated with the payload published on the state template's MQTT topic.", + "title": "DataExtraDimensions", + "type": "array" }, - "DetectorName": { - "markdownDescription": "A name for this anomaly detector.", - "title": "DetectorName", + "Description": { + "markdownDescription": "A brief description of the state template.", + "title": "Description", "type": "string" }, - "EvaluationFrequency": { - "markdownDescription": "Specifies how often the anomaly detector is to run and look for anomalies. Set this value according to the frequency that the log group receives new logs. For example, if the log group receives new log events every 10 minutes, then 15 minutes might be a good setting for `EvaluationFrequency` .", - "title": "EvaluationFrequency", - "type": "string" + "MetadataExtraDimensions": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of vehicle attributes to associate with the user properties of the messages published on the state template's MQTT topic. For example, if you add `Vehicle.Attributes.Make` and `Vehicle.Attributes.Model` attributes, these attributes are included as user properties with the MQTT message.", + "title": "MetadataExtraDimensions", + "type": "array" }, - "FilterPattern": { - "markdownDescription": "You can use this parameter to limit the anomaly detection model to examine only log events that match the pattern you specify here. For more information, see [Filter and Pattern Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html) .", - "title": "FilterPattern", + "Name": { + "markdownDescription": "The unique alias of the state template.", + "title": "Name", "type": "string" }, - "KmsKeyId": { - "markdownDescription": "Optionally assigns a AWS KMS key to secure this anomaly detector and its findings. If a key is assigned, the anomalies found and the model used by this detector are encrypted at rest with the key. If a key is assigned to an anomaly detector, a user must have permissions for both this key and for the anomaly detector to retrieve information about the anomalies that it finds.\n\nFor more information about using a AWS KMS key and to see the required IAM policy, see [Use a AWS KMS key with an anomaly detector](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/LogsAnomalyDetection-KMS.html) .", - "title": "KmsKeyId", + "SignalCatalogArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the signal catalog associated with the state template.", + "title": "SignalCatalogArn", "type": "string" }, - "LogGroupArnList": { + "StateTemplateProperties": { "items": { "type": "string" }, - "markdownDescription": "The ARN of the log group that is associated with this anomaly detector. You can specify only one log group ARN.", - "title": "LogGroupArnList", + "markdownDescription": "A list of signals from which data is collected. The state template properties contain the fully qualified names of the signals.", + "title": "StateTemplateProperties", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata that can be used to manage the state template.", + "title": "Tags", "type": "array" } }, + "required": [ + "Name", + "SignalCatalogArn", + "StateTemplateProperties" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Logs::LogAnomalyDetector" + "AWS::IoTFleetWise::StateTemplate" ], "type": "string" }, @@ -149930,11 +154698,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Logs::LogGroup": { + "AWS::IoTFleetWise::Vehicle": { "additionalProperties": false, "properties": { "Condition": { @@ -149969,45 +154738,64 @@ "Properties": { "additionalProperties": false, "properties": { - "DataProtectionPolicy": { - "markdownDescription": "Creates a data protection policy and assigns it to the log group. A data protection policy can help safeguard sensitive data that's ingested by the log group by auditing and masking the sensitive log data. When a user who does not have permission to view masked data views a log event that includes masked data, the sensitive data is replaced by asterisks.\n\nFor more information, including a list of types of data that can be audited and masked, see [Protect sensitive log data with masking](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/mask-sensitive-log-data.html) .", - "title": "DataProtectionPolicy", + "AssociationBehavior": { + "markdownDescription": "An option to create a new AWS IoT thing when creating a vehicle, or to validate an existing thing as a vehicle.", + "title": "AssociationBehavior", + "type": "string" + }, + "Attributes": { + "additionalProperties": true, + "markdownDescription": "Static information about a vehicle in a key-value pair. For example: `\"engine Type\"` : `\"v6\"`", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Attributes", "type": "object" }, - "KmsKeyId": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key to use when encrypting log data.\n\nTo associate an AWS KMS key with the log group, specify the ARN of that KMS key here. If you do so, ingested data is encrypted using this key. This association is stored as long as the data encrypted with the KMS key is still within CloudWatch Logs . This enables CloudWatch Logs to decrypt this data whenever it is requested.\n\nIf you attempt to associate a KMS key with the log group but the KMS key doesn't exist or is deactivated, you will receive an `InvalidParameterException` error.\n\nLog group data is always encrypted in CloudWatch Logs . If you omit this key, the encryption does not use AWS KMS . For more information, see [Encrypt log data in CloudWatch Logs using AWS Key Management Service](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/encrypt-log-data-kms.html)", - "title": "KmsKeyId", + "DecoderManifestArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of a decoder manifest associated with the vehicle to create.", + "title": "DecoderManifestArn", "type": "string" }, - "LogGroupClass": { - "markdownDescription": "Specifies the log group class for this log group. There are two classes:\n\n- The `Standard` log class supports all CloudWatch Logs features.\n- The `Infrequent Access` log class supports a subset of CloudWatch Logs features and incurs lower costs.\n\nFor details about the features supported by each class, see [Log classes](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch_Logs_Log_Classes.html)", - "title": "LogGroupClass", + "ModelManifestArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the vehicle model (model manifest) to create the vehicle from.", + "title": "ModelManifestArn", "type": "string" }, - "LogGroupName": { - "markdownDescription": "The name of the log group. If you don't specify a name, AWS CloudFormation generates a unique ID for the log group.", - "title": "LogGroupName", + "Name": { + "markdownDescription": "The unique ID of the vehicle.", + "title": "Name", "type": "string" }, - "RetentionInDays": { - "markdownDescription": "The number of days to retain the log events in the specified log group. Possible values are: 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1096, 1827, 2192, 2557, 2922, 3288, and 3653.\n\nTo set a log group so that its log events do not expire, use [DeleteRetentionPolicy](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DeleteRetentionPolicy.html) .", - "title": "RetentionInDays", - "type": "number" + "StateTemplates": { + "items": { + "$ref": "#/definitions/AWS::IoTFleetWise::Vehicle.StateTemplateAssociation" + }, + "markdownDescription": "Associate state templates to track the state of the vehicle. State templates determine which signal updates the vehicle sends to the cloud.", + "title": "StateTemplates", + "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to the log group.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "Metadata which can be used to manage the vehicle.", "title": "Tags", "type": "array" } }, + "required": [ + "DecoderManifestArn", + "ModelManifestArn", + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Logs::LogGroup" + "AWS::IoTFleetWise::Vehicle" ], "type": "string" }, @@ -150021,83 +154809,82 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Logs::LogStream": { + "AWS::IoTFleetWise::Vehicle.PeriodicStateTemplateUpdateStrategy": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "StateTemplateUpdateRate": { + "$ref": "#/definitions/AWS::IoTFleetWise::Vehicle.TimePeriod", + "markdownDescription": "", + "title": "StateTemplateUpdateRate" + } + }, + "required": [ + "StateTemplateUpdateRate" + ], + "type": "object" + }, + "AWS::IoTFleetWise::Vehicle.StateTemplateAssociation": { + "additionalProperties": false, + "properties": { + "Identifier": { + "markdownDescription": "The unique ID of the state template.", + "title": "Identifier", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "LogGroupName": { - "markdownDescription": "The name of the log group where the log stream is created.", - "title": "LogGroupName", - "type": "string" - }, - "LogStreamName": { - "markdownDescription": "The name of the log stream. The name must be unique within the log group.", - "title": "LogStreamName", - "type": "string" - } - }, - "required": [ - "LogGroupName" - ], + "StateTemplateUpdateStrategy": { + "$ref": "#/definitions/AWS::IoTFleetWise::Vehicle.StateTemplateUpdateStrategy", + "markdownDescription": "", + "title": "StateTemplateUpdateStrategy" + } + }, + "required": [ + "Identifier", + "StateTemplateUpdateStrategy" + ], + "type": "object" + }, + "AWS::IoTFleetWise::Vehicle.StateTemplateUpdateStrategy": { + "additionalProperties": false, + "properties": { + "OnChange": { + "markdownDescription": "", + "title": "OnChange", "type": "object" }, - "Type": { - "enum": [ - "AWS::Logs::LogStream" - ], + "Periodic": { + "$ref": "#/definitions/AWS::IoTFleetWise::Vehicle.PeriodicStateTemplateUpdateStrategy", + "markdownDescription": "", + "title": "Periodic" + } + }, + "type": "object" + }, + "AWS::IoTFleetWise::Vehicle.TimePeriod": { + "additionalProperties": false, + "properties": { + "Unit": { + "markdownDescription": "A unit of time.", + "title": "Unit", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Value": { + "markdownDescription": "A number of time units.", + "title": "Value", + "type": "number" } }, "required": [ - "Type", - "Properties" + "Unit", + "Value" ], "type": "object" }, - "AWS::Logs::MetricFilter": { + "AWS::IoTSiteWise::AccessPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -150132,40 +154919,32 @@ "Properties": { "additionalProperties": false, "properties": { - "FilterName": { - "markdownDescription": "The name of the metric filter.", - "title": "FilterName", - "type": "string" - }, - "FilterPattern": { - "markdownDescription": "A filter pattern for extracting metric data out of ingested log events. For more information, see [Filter and Pattern Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html) .", - "title": "FilterPattern", - "type": "string" + "AccessPolicyIdentity": { + "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.AccessPolicyIdentity", + "markdownDescription": "The identity for this access policy. Choose an IAM Identity Center user, an IAM Identity Center group, or an IAM user.", + "title": "AccessPolicyIdentity" }, - "LogGroupName": { - "markdownDescription": "The name of an existing log group that you want to associate with this metric filter.", - "title": "LogGroupName", + "AccessPolicyPermission": { + "markdownDescription": "The permission level for this access policy. Note that a project `ADMINISTRATOR` is also known as a project owner.", + "title": "AccessPolicyPermission", "type": "string" }, - "MetricTransformations": { - "items": { - "$ref": "#/definitions/AWS::Logs::MetricFilter.MetricTransformation" - }, - "markdownDescription": "The metric transformations.", - "title": "MetricTransformations", - "type": "array" + "AccessPolicyResource": { + "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.AccessPolicyResource", + "markdownDescription": "The AWS IoT SiteWise Monitor resource for this access policy. Choose either a portal or a project.", + "title": "AccessPolicyResource" } }, "required": [ - "FilterPattern", - "LogGroupName", - "MetricTransformations" + "AccessPolicyIdentity", + "AccessPolicyPermission", + "AccessPolicyResource" ], "type": "object" }, "Type": { "enum": [ - "AWS::Logs::MetricFilter" + "AWS::IoTSiteWise::AccessPolicy" ], "type": "string" }, @@ -150184,71 +154963,99 @@ ], "type": "object" }, - "AWS::Logs::MetricFilter.Dimension": { + "AWS::IoTSiteWise::AccessPolicy.AccessPolicyIdentity": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The name for the CloudWatch metric dimension that the metric filter creates.\n\nDimension names must contain only ASCII characters, must include at least one non-whitespace character, and cannot start with a colon (:).", - "title": "Key", - "type": "string" + "IamRole": { + "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.IamRole", + "markdownDescription": "An IAM role identity.", + "title": "IamRole" }, - "Value": { - "markdownDescription": "The log event field that will contain the value for this dimension. This dimension will only be published for a metric if the value is found in the log event. For example, `$.eventType` for JSON log events, or `$server` for space-delimited log events.", - "title": "Value", - "type": "string" + "IamUser": { + "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.IamUser", + "markdownDescription": "An IAM user identity.", + "title": "IamUser" + }, + "User": { + "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.User", + "markdownDescription": "An IAM Identity Center user identity.", + "title": "User" } }, - "required": [ - "Key", - "Value" - ], "type": "object" }, - "AWS::Logs::MetricFilter.MetricTransformation": { + "AWS::IoTSiteWise::AccessPolicy.AccessPolicyResource": { "additionalProperties": false, "properties": { - "DefaultValue": { - "markdownDescription": "(Optional) The value to emit when a filter pattern does not match a log event. This value can be null.", - "title": "DefaultValue", - "type": "number" - }, - "Dimensions": { - "items": { - "$ref": "#/definitions/AWS::Logs::MetricFilter.Dimension" - }, - "markdownDescription": "The fields to use as dimensions for the metric. One metric filter can include as many as three dimensions.\n\n> Metrics extracted from log events are charged as custom metrics. To prevent unexpected high charges, do not specify high-cardinality fields such as `IPAddress` or `requestID` as dimensions. Each different value found for a dimension is treated as a separate metric and accrues charges as a separate custom metric.\n> \n> CloudWatch Logs disables a metric filter if it generates 1000 different name/value pairs for your specified dimensions within a certain amount of time. This helps to prevent accidental high charges.\n> \n> You can also set up a billing alarm to alert you if your charges are higher than expected. For more information, see [Creating a Billing Alarm to Monitor Your Estimated AWS Charges](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/monitor_estimated_charges_with_cloudwatch.html) .", - "title": "Dimensions", - "type": "array" + "Portal": { + "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.Portal", + "markdownDescription": "Identifies an AWS IoT SiteWise Monitor portal.", + "title": "Portal" }, - "MetricName": { - "markdownDescription": "The name of the CloudWatch metric.", - "title": "MetricName", + "Project": { + "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.Project", + "markdownDescription": "Identifies a specific AWS IoT SiteWise Monitor project.", + "title": "Project" + } + }, + "type": "object" + }, + "AWS::IoTSiteWise::AccessPolicy.IamRole": { + "additionalProperties": false, + "properties": { + "arn": { + "markdownDescription": "The ARN of the IAM role. For more information, see [IAM ARNs](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html) in the *IAM User Guide* .", + "title": "arn", "type": "string" - }, - "MetricNamespace": { - "markdownDescription": "A custom namespace to contain your metric in CloudWatch. Use namespaces to group together metrics that are similar. For more information, see [Namespaces](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html#Namespace) .", - "title": "MetricNamespace", + } + }, + "type": "object" + }, + "AWS::IoTSiteWise::AccessPolicy.IamUser": { + "additionalProperties": false, + "properties": { + "arn": { + "markdownDescription": "The ARN of the IAM user. For more information, see [IAM ARNs](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html) in the *IAM User Guide* .\n\n> If you delete the IAM user, access policies that contain this identity include an empty `arn` . You can delete the access policy for the IAM user that no longer exists.", + "title": "arn", "type": "string" - }, - "MetricValue": { - "markdownDescription": "The value that is published to the CloudWatch metric. For example, if you're counting the occurrences of a particular term like `Error` , specify 1 for the metric value. If you're counting the number of bytes transferred, reference the value that is in the log event by using $. followed by the name of the field that you specified in the filter pattern, such as `$.size` .", - "title": "MetricValue", + } + }, + "type": "object" + }, + "AWS::IoTSiteWise::AccessPolicy.Portal": { + "additionalProperties": false, + "properties": { + "id": { + "markdownDescription": "The ID of the portal.", + "title": "id", "type": "string" - }, - "Unit": { - "markdownDescription": "The unit to assign to the metric. If you omit this, the unit is set as `None` .", - "title": "Unit", + } + }, + "type": "object" + }, + "AWS::IoTSiteWise::AccessPolicy.Project": { + "additionalProperties": false, + "properties": { + "id": { + "markdownDescription": "The ID of the project.", + "title": "id", "type": "string" } }, - "required": [ - "MetricName", - "MetricNamespace", - "MetricValue" - ], "type": "object" }, - "AWS::Logs::QueryDefinition": { + "AWS::IoTSiteWise::AccessPolicy.User": { + "additionalProperties": false, + "properties": { + "id": { + "markdownDescription": "The IAM Identity Center ID of the user.", + "title": "id", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoTSiteWise::Asset": { "additionalProperties": false, "properties": { "Condition": { @@ -150283,34 +155090,60 @@ "Properties": { "additionalProperties": false, "properties": { - "LogGroupNames": { + "AssetDescription": { + "markdownDescription": "The ID of the asset, in UUID format.", + "title": "AssetDescription", + "type": "string" + }, + "AssetExternalId": { + "markdownDescription": "The external ID of the asset model composite model. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", + "title": "AssetExternalId", + "type": "string" + }, + "AssetHierarchies": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::IoTSiteWise::Asset.AssetHierarchy" }, - "markdownDescription": "Use this parameter if you want the query to query only certain log groups.", - "title": "LogGroupNames", + "markdownDescription": "A list of asset hierarchies that each contain a `hierarchyId` . A hierarchy specifies allowed parent/child asset relationships.", + "title": "AssetHierarchies", "type": "array" }, - "Name": { - "markdownDescription": "A name for the query definition.\n\n> You can use the name to create a folder structure for your queries. To create a folder, use a forward slash (/) to prefix your desired query name with your desired folder name. For example, `*folder-name* / *query-name*` .", - "title": "Name", + "AssetModelId": { + "markdownDescription": "The ID of the asset model from which to create the asset. This can be either the actual ID in UUID format, or else `externalId:` followed by the external ID, if it has one. For more information, see [Referencing objects with external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-id-references) in the *AWS IoT SiteWise User Guide* .", + "title": "AssetModelId", "type": "string" }, - "QueryString": { - "markdownDescription": "The query string to use for this query definition. For more information, see [CloudWatch Logs Insights Query Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_QuerySyntax.html) .", - "title": "QueryString", + "AssetName": { + "markdownDescription": "A friendly name for the asset.", + "title": "AssetName", "type": "string" + }, + "AssetProperties": { + "items": { + "$ref": "#/definitions/AWS::IoTSiteWise::Asset.AssetProperty" + }, + "markdownDescription": "The list of asset properties for the asset.\n\nThis object doesn't include properties that you define in composite models. You can find composite model properties in the `assetCompositeModels` object.", + "title": "AssetProperties", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs that contain metadata for the asset. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* .", + "title": "Tags", + "type": "array" } }, "required": [ - "Name", - "QueryString" + "AssetModelId", + "AssetName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Logs::QueryDefinition" + "AWS::IoTSiteWise::Asset" ], "type": "string" }, @@ -150329,80 +155162,72 @@ ], "type": "object" }, - "AWS::Logs::ResourcePolicy": { + "AWS::IoTSiteWise::Asset.AssetHierarchy": { "additionalProperties": false, "properties": { - "Condition": { + "ChildAssetId": { + "markdownDescription": "The Id of the child asset.", + "title": "ChildAssetId", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ExternalId": { + "markdownDescription": "The external ID of the hierarchy, if it has one. When you update an asset hierarchy, you may assign an external ID if it doesn't already have one. You can't change the external ID of an asset hierarchy that already has one. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", + "title": "ExternalId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Id": { + "markdownDescription": "The ID of the hierarchy. This ID is a `hierarchyId` .\n\n> This is a return value and can't be set.", + "title": "Id", + "type": "string" }, - "Metadata": { - "type": "object" + "LogicalId": { + "markdownDescription": "The ID of the hierarchy. This ID is a `hierarchyId` .", + "title": "LogicalId", + "type": "string" + } + }, + "required": [ + "ChildAssetId" + ], + "type": "object" + }, + "AWS::IoTSiteWise::Asset.AssetProperty": { + "additionalProperties": false, + "properties": { + "Alias": { + "markdownDescription": "The alias that identifies the property, such as an OPC-UA server data stream path (for example, `/company/windfarm/3/turbine/7/temperature` ). For more information, see [Mapping industrial data streams to asset properties](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/connect-data-streams.html) in the *AWS IoT SiteWise User Guide* .", + "title": "Alias", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "PolicyDocument": { - "markdownDescription": "The details of the policy. It must be formatted in JSON, and you must use backslashes to escape characters that need to be escaped in JSON strings, such as double quote marks.", - "title": "PolicyDocument", - "type": "string" - }, - "PolicyName": { - "markdownDescription": "The name of the resource policy.", - "title": "PolicyName", - "type": "string" - } - }, - "required": [ - "PolicyDocument", - "PolicyName" - ], - "type": "object" + "ExternalId": { + "markdownDescription": "The external ID of the property. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", + "title": "ExternalId", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Logs::ResourcePolicy" - ], + "Id": { + "markdownDescription": "The ID of the asset property.\n\n> This is a return value and can't be set.", + "title": "Id", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "LogicalId": { + "markdownDescription": "The `LogicalID` of the asset property.", + "title": "LogicalId", + "type": "string" + }, + "NotificationState": { + "markdownDescription": "The MQTT notification state (enabled or disabled) for this asset property. When the notification state is enabled, AWS IoT SiteWise publishes property value updates to a unique MQTT topic. For more information, see [Interacting with other services](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/interact-with-other-services.html) in the *AWS IoT SiteWise User Guide* .\n\nIf you omit this parameter, the notification state is set to `DISABLED` .", + "title": "NotificationState", + "type": "string" + }, + "Unit": { + "markdownDescription": "The unit (such as `Newtons` or `RPM` ) of the asset property.", + "title": "Unit", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Logs::SubscriptionFilter": { + "AWS::IoTSiteWise::AssetModel": { "additionalProperties": false, "properties": { "Condition": { @@ -150437,47 +155262,67 @@ "Properties": { "additionalProperties": false, "properties": { - "DestinationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the destination.", - "title": "DestinationArn", - "type": "string" + "AssetModelCompositeModels": { + "items": { + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.AssetModelCompositeModel" + }, + "markdownDescription": "The composite models that are part of this asset model. It groups properties (such as attributes, measurements, transforms, and metrics) and child composite models that model parts of your industrial equipment. Each composite model has a type that defines the properties that the composite model supports. Use composite models to define alarms on this asset model.\n\n> When creating custom composite models, you need to use [CreateAssetModelCompositeModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_CreateAssetModelCompositeModel.html) . For more information, see [Creating custom composite models (Components)](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/create-custom-composite-models.html) in the *AWS IoT SiteWise User Guide* .", + "title": "AssetModelCompositeModels", + "type": "array" }, - "Distribution": { - "markdownDescription": "The method used to distribute log data to the destination, which can be either random or grouped by log stream.", - "title": "Distribution", + "AssetModelDescription": { + "markdownDescription": "A description for the asset model.", + "title": "AssetModelDescription", "type": "string" }, - "FilterName": { - "markdownDescription": "The name of the subscription filter.", - "title": "FilterName", + "AssetModelExternalId": { + "markdownDescription": "The external ID of the asset model. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", + "title": "AssetModelExternalId", "type": "string" }, - "FilterPattern": { - "markdownDescription": "The filtering expressions that restrict what gets delivered to the destination AWS resource. For more information about the filter pattern syntax, see [Filter and Pattern Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html) .", - "title": "FilterPattern", - "type": "string" + "AssetModelHierarchies": { + "items": { + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.AssetModelHierarchy" + }, + "markdownDescription": "The hierarchy definitions of the asset model. Each hierarchy specifies an asset model whose assets can be children of any other assets created from this asset model. For more information, see [Asset hierarchies](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/asset-hierarchies.html) in the *AWS IoT SiteWise User Guide* .\n\nYou can specify up to 10 hierarchies per asset model. For more information, see [Quotas](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/quotas.html) in the *AWS IoT SiteWise User Guide* .", + "title": "AssetModelHierarchies", + "type": "array" }, - "LogGroupName": { - "markdownDescription": "The log group to associate with the subscription filter. All log events that are uploaded to this log group are filtered and delivered to the specified AWS resource if the filter pattern matches the log events.", - "title": "LogGroupName", + "AssetModelName": { + "markdownDescription": "A unique name for the asset model.", + "title": "AssetModelName", "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of an IAM role that grants CloudWatch Logs permissions to deliver ingested log events to the destination stream. You don't need to provide the ARN when you are working with a logical destination for cross-account delivery.", - "title": "RoleArn", + "AssetModelProperties": { + "items": { + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.AssetModelProperty" + }, + "markdownDescription": "The property definitions of the asset model. For more information, see [Asset properties](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/asset-properties.html) in the *AWS IoT SiteWise User Guide* .\n\nYou can specify up to 200 properties per asset model. For more information, see [Quotas](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/quotas.html) in the *AWS IoT SiteWise User Guide* .", + "title": "AssetModelProperties", + "type": "array" + }, + "AssetModelType": { + "markdownDescription": "The type of asset model.\n\n- *ASSET_MODEL* \u2013 (default) An asset model that you can use to create assets. Can't be included as a component in another asset model.\n- *COMPONENT_MODEL* \u2013 A reusable component that you can include in the composite models of other asset models. You can't create assets directly from this type of asset model.", + "title": "AssetModelType", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs that contain metadata for the asset. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* .", + "title": "Tags", + "type": "array" } }, "required": [ - "DestinationArn", - "FilterPattern", - "LogGroupName" + "AssetModelName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Logs::SubscriptionFilter" + "AWS::IoTSiteWise::AssetModel" ], "type": "string" }, @@ -150496,881 +155341,354 @@ ], "type": "object" }, - "AWS::LookoutEquipment::InferenceScheduler": { + "AWS::IoTSiteWise::AssetModel.AssetModelCompositeModel": { "additionalProperties": false, "properties": { - "Condition": { + "ComposedAssetModelId": { + "markdownDescription": "The ID of a component model which is reused to create this composite model.", + "title": "ComposedAssetModelId", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "CompositeModelProperties": { + "items": { + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.AssetModelProperty" + }, + "markdownDescription": "The asset property definitions for this composite model.", + "title": "CompositeModelProperties", + "type": "array" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Description": { + "markdownDescription": "The description of the composite model.\n\n> If the composite model is a `component-model-based` composite model, the description is inherited from the `COMPONENT_MODEL` asset model and cannot be changed.", + "title": "Description", + "type": "string" }, - "Metadata": { - "type": "object" + "ExternalId": { + "markdownDescription": "The external ID of a composite model on this asset model. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .\n\n> One of `ExternalId` or `Path` must be specified.", + "title": "ExternalId", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DataDelayOffsetInMinutes": { - "markdownDescription": "A period of time (in minutes) by which inference on the data is delayed after the data starts. For instance, if an offset delay time of five minutes was selected, inference will not begin on the data until the first data measurement after the five minute mark. For example, if five minutes is selected, the inference scheduler will wake up at the configured frequency with the additional five minute delay time to check the customer S3 bucket. The customer can upload data at the same frequency and they don't need to stop and restart the scheduler when uploading new data.", - "title": "DataDelayOffsetInMinutes", - "type": "number" - }, - "DataInputConfiguration": { - "$ref": "#/definitions/AWS::LookoutEquipment::InferenceScheduler.DataInputConfiguration", - "markdownDescription": "Specifies configuration information for the input data for the inference scheduler, including delimiter, format, and dataset location.", - "title": "DataInputConfiguration" - }, - "DataOutputConfiguration": { - "$ref": "#/definitions/AWS::LookoutEquipment::InferenceScheduler.DataOutputConfiguration", - "markdownDescription": "Specifies configuration information for the output results for the inference scheduler, including the Amazon S3 location for the output.", - "title": "DataOutputConfiguration" - }, - "DataUploadFrequency": { - "markdownDescription": "How often data is uploaded to the source S3 bucket for the input data. This value is the length of time between data uploads. For instance, if you select 5 minutes, Amazon Lookout for Equipment will upload the real-time data to the source bucket once every 5 minutes. This frequency also determines how often Amazon Lookout for Equipment starts a scheduled inference on your data. In this example, it starts once every 5 minutes.", - "title": "DataUploadFrequency", - "type": "string" - }, - "InferenceSchedulerName": { - "markdownDescription": "The name of the inference scheduler.", - "title": "InferenceSchedulerName", - "type": "string" - }, - "ModelName": { - "markdownDescription": "The name of the machine learning model used for the inference scheduler.", - "title": "ModelName", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of a role with permission to access the data source being used for the inference.", - "title": "RoleArn", - "type": "string" - }, - "ServerSideKmsKeyId": { - "markdownDescription": "Provides the identifier of the AWS KMS key used to encrypt inference scheduler data by Amazon Lookout for Equipment .", - "title": "ServerSideKmsKeyId", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Any tags associated with the inference scheduler.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "DataInputConfiguration", - "DataOutputConfiguration", - "DataUploadFrequency", - "ModelName", - "RoleArn" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::LookoutEquipment::InferenceScheduler" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::LookoutEquipment::InferenceScheduler.DataInputConfiguration": { - "additionalProperties": false, - "properties": { - "InferenceInputNameConfiguration": { - "$ref": "#/definitions/AWS::LookoutEquipment::InferenceScheduler.InputNameConfiguration", - "markdownDescription": "", - "title": "InferenceInputNameConfiguration" - }, - "InputTimeZoneOffset": { - "markdownDescription": "", - "title": "InputTimeZoneOffset", + "Id": { + "markdownDescription": "The ID of the asset model composite model.\n\n> This is a return value and can't be set.", + "title": "Id", "type": "string" }, - "S3InputConfiguration": { - "$ref": "#/definitions/AWS::LookoutEquipment::InferenceScheduler.S3InputConfiguration", - "markdownDescription": "", - "title": "S3InputConfiguration" - } - }, - "required": [ - "S3InputConfiguration" - ], - "type": "object" - }, - "AWS::LookoutEquipment::InferenceScheduler.DataOutputConfiguration": { - "additionalProperties": false, - "properties": { - "KmsKeyId": { - "markdownDescription": "", - "title": "KmsKeyId", + "Name": { + "markdownDescription": "The name of the composite model.", + "title": "Name", "type": "string" }, - "S3OutputConfiguration": { - "$ref": "#/definitions/AWS::LookoutEquipment::InferenceScheduler.S3OutputConfiguration", - "markdownDescription": "", - "title": "S3OutputConfiguration" - } - }, - "required": [ - "S3OutputConfiguration" - ], - "type": "object" - }, - "AWS::LookoutEquipment::InferenceScheduler.InputNameConfiguration": { - "additionalProperties": false, - "properties": { - "ComponentTimestampDelimiter": { - "markdownDescription": "", - "title": "ComponentTimestampDelimiter", + "ParentAssetModelCompositeModelExternalId": { + "markdownDescription": "The external ID of the parent composite model. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", + "title": "ParentAssetModelCompositeModelExternalId", "type": "string" }, - "TimestampFormat": { - "markdownDescription": "", - "title": "TimestampFormat", - "type": "string" - } - }, - "type": "object" - }, - "AWS::LookoutEquipment::InferenceScheduler.S3InputConfiguration": { - "additionalProperties": false, - "properties": { - "Bucket": { - "markdownDescription": "", - "title": "Bucket", - "type": "string" + "Path": { + "items": { + "type": "string" + }, + "markdownDescription": "The structured path to the property from the root of the asset using property names. Path is used as the ID if the asset model is a derived composite model.\n\n> One of `ExternalId` or `Path` must be specified.", + "title": "Path", + "type": "array" }, - "Prefix": { - "markdownDescription": "", - "title": "Prefix", + "Type": { + "markdownDescription": "The type of the composite model. For alarm composite models, this type is `AWS/ALARM` .", + "title": "Type", "type": "string" } }, "required": [ - "Bucket" + "Name", + "Type" ], "type": "object" }, - "AWS::LookoutEquipment::InferenceScheduler.S3OutputConfiguration": { + "AWS::IoTSiteWise::AssetModel.AssetModelHierarchy": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "", - "title": "Bucket", + "ChildAssetModelId": { + "markdownDescription": "The ID of the asset model, in UUID format. All assets in this hierarchy must be instances of the `childAssetModelId` asset model. AWS IoT SiteWise will always return the actual asset model ID for this value. However, when you are specifying this value as part of a call to [UpdateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateAssetModel.html) , you may provide either the asset model ID or else `externalId:` followed by the asset model's external ID. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", + "title": "ChildAssetModelId", "type": "string" }, - "Prefix": { - "markdownDescription": "", - "title": "Prefix", - "type": "string" - } - }, - "required": [ - "Bucket" - ], - "type": "object" - }, - "AWS::LookoutMetrics::Alert": { - "additionalProperties": false, - "properties": { - "Condition": { + "ExternalId": { + "markdownDescription": "The external ID (if any) provided in the [CreateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_CreateAssetModel.html) or [UpdateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateAssetModel.html) operation. You can assign an external ID by specifying this value as part of a call to [UpdateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateAssetModel.html) . However, you can't change the external ID if one is already assigned. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .\n\n> One of `ExternalId` or `LogicalId` must be specified.", + "title": "ExternalId", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Id": { + "markdownDescription": "The ID of the asset model hierarchy. This ID is a `hierarchyId` .\n\n> This is a return value and can't be set. \n\n- If you are callling [UpdateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateAssetModel.html) to create a *new* hierarchy: You can specify its ID here, if desired. AWS IoT SiteWise automatically generates a unique ID for you, so this parameter is never required. However, if you prefer to supply your own ID instead, you can specify it here in UUID format. If you specify your own ID, it must be globally unique.\n- If you are calling UpdateAssetModel to modify an *existing* hierarchy: This can be either the actual ID in UUID format, or else `externalId:` followed by the external ID, if it has one. For more information, see [Referencing objects with external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-id-references) in the *AWS IoT SiteWise User Guide* .", + "title": "Id", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Action": { - "$ref": "#/definitions/AWS::LookoutMetrics::Alert.Action", - "markdownDescription": "Action that will be triggered when there is an alert.", - "title": "Action" - }, - "AlertDescription": { - "markdownDescription": "A description of the alert.", - "title": "AlertDescription", - "type": "string" - }, - "AlertName": { - "markdownDescription": "The name of the alert.", - "title": "AlertName", - "type": "string" - }, - "AlertSensitivityThreshold": { - "markdownDescription": "An integer from 0 to 100 specifying the alert sensitivity threshold.", - "title": "AlertSensitivityThreshold", - "type": "number" - }, - "AnomalyDetectorArn": { - "markdownDescription": "The ARN of the detector to which the alert is attached.", - "title": "AnomalyDetectorArn", - "type": "string" - } - }, - "required": [ - "Action", - "AlertSensitivityThreshold", - "AnomalyDetectorArn" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::LookoutMetrics::Alert" - ], + "LogicalId": { + "markdownDescription": "The `LogicalID` of the asset model hierarchy. This ID is a `hierarchyLogicalId` .\n\n> One of `ExternalId` or `LogicalId` must be specified.", + "title": "LogicalId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "The name of the asset model hierarchy that you specify by using the [CreateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_CreateAssetModel.html) or [UpdateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateAssetModel.html) API operation.", + "title": "Name", "type": "string" } }, "required": [ - "Type", - "Properties" + "ChildAssetModelId", + "Name" ], "type": "object" }, - "AWS::LookoutMetrics::Alert.Action": { - "additionalProperties": false, - "properties": { - "LambdaConfiguration": { - "$ref": "#/definitions/AWS::LookoutMetrics::Alert.LambdaConfiguration", - "markdownDescription": "A configuration for an AWS Lambda channel.", - "title": "LambdaConfiguration" - }, - "SNSConfiguration": { - "$ref": "#/definitions/AWS::LookoutMetrics::Alert.SNSConfiguration", - "markdownDescription": "A configuration for an Amazon SNS channel.", - "title": "SNSConfiguration" - } - }, - "type": "object" - }, - "AWS::LookoutMetrics::Alert.LambdaConfiguration": { + "AWS::IoTSiteWise::AssetModel.AssetModelProperty": { "additionalProperties": false, "properties": { - "LambdaArn": { - "markdownDescription": "The ARN of the Lambda function.", - "title": "LambdaArn", + "DataType": { + "markdownDescription": "The data type of the asset model property.\n\nIf you specify `STRUCT` , you must also specify `dataTypeSpec` to identify the type of the structure for this property.", + "title": "DataType", "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of an IAM role that has permission to invoke the Lambda function.", - "title": "RoleArn", - "type": "string" - } - }, - "required": [ - "LambdaArn", - "RoleArn" - ], - "type": "object" - }, - "AWS::LookoutMetrics::Alert.SNSConfiguration": { - "additionalProperties": false, - "properties": { - "RoleArn": { - "markdownDescription": "The ARN of the IAM role that has access to the target SNS topic.", - "title": "RoleArn", + "DataTypeSpec": { + "markdownDescription": "The data type of the structure for this property. This parameter exists on properties that have the `STRUCT` data type.", + "title": "DataTypeSpec", "type": "string" }, - "SnsTopicArn": { - "markdownDescription": "The ARN of the target SNS topic.", - "title": "SnsTopicArn", - "type": "string" - } - }, - "required": [ - "RoleArn", - "SnsTopicArn" - ], - "type": "object" - }, - "AWS::LookoutMetrics::AnomalyDetector": { - "additionalProperties": false, - "properties": { - "Condition": { + "ExternalId": { + "markdownDescription": "The external ID of the asset property. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .\n\n> One of `ExternalId` or `LogicalId` must be specified.", + "title": "ExternalId", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Id": { + "markdownDescription": "The ID of the property.\n\n> This is a return value and can't be set.", + "title": "Id", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "LogicalId": { + "markdownDescription": "The `LogicalID` of the asset model property.\n\n> One of `ExternalId` or `LogicalId` must be specified.", + "title": "LogicalId", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AnomalyDetectorConfig": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.AnomalyDetectorConfig", - "markdownDescription": "Contains information about the configuration of the anomaly detector.", - "title": "AnomalyDetectorConfig" - }, - "AnomalyDetectorDescription": { - "markdownDescription": "A description of the detector.", - "title": "AnomalyDetectorDescription", - "type": "string" - }, - "AnomalyDetectorName": { - "markdownDescription": "The name of the detector.", - "title": "AnomalyDetectorName", - "type": "string" - }, - "KmsKeyArn": { - "markdownDescription": "The ARN of the KMS key to use to encrypt your data.", - "title": "KmsKeyArn", - "type": "string" - }, - "MetricSetList": { - "items": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.MetricSet" - }, - "markdownDescription": "The detector's dataset.", - "title": "MetricSetList", - "type": "array" - } - }, - "required": [ - "AnomalyDetectorConfig", - "MetricSetList" - ], - "type": "object" + "Name": { + "markdownDescription": "The name of the asset model property.", + "title": "Name", + "type": "string" }, "Type": { - "enum": [ - "AWS::LookoutMetrics::AnomalyDetector" - ], - "type": "string" + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.PropertyType", + "markdownDescription": "Contains a property type, which can be one of `attribute` , `measurement` , `metric` , or `transform` .", + "title": "Type" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Unit": { + "markdownDescription": "The unit of the asset model property, such as `Newtons` or `RPM` .", + "title": "Unit", "type": "string" } }, "required": [ - "Type", - "Properties" + "DataType", + "Name", + "Type" ], "type": "object" }, - "AWS::LookoutMetrics::AnomalyDetector.AnomalyDetectorConfig": { + "AWS::IoTSiteWise::AssetModel.Attribute": { "additionalProperties": false, "properties": { - "AnomalyDetectorFrequency": { - "markdownDescription": "The frequency at which the detector analyzes its source data.", - "title": "AnomalyDetectorFrequency", + "DefaultValue": { + "markdownDescription": "The default value of the asset model property attribute. All assets that you create from the asset model contain this attribute value. You can update an attribute's value after you create an asset. For more information, see [Updating attribute values](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/update-attribute-values.html) in the *AWS IoT SiteWise User Guide* .", + "title": "DefaultValue", "type": "string" } }, - "required": [ - "AnomalyDetectorFrequency" - ], "type": "object" }, - "AWS::LookoutMetrics::AnomalyDetector.AppFlowConfig": { + "AWS::IoTSiteWise::AssetModel.ExpressionVariable": { "additionalProperties": false, "properties": { - "FlowName": { - "markdownDescription": "name of the flow.", - "title": "FlowName", + "Name": { + "markdownDescription": "The friendly name of the variable to be used in the expression.", + "title": "Name", "type": "string" }, - "RoleArn": { - "markdownDescription": "An IAM role that gives Amazon Lookout for Metrics permission to access the flow.", - "title": "RoleArn", - "type": "string" - } - }, - "required": [ - "FlowName", - "RoleArn" - ], - "type": "object" - }, - "AWS::LookoutMetrics::AnomalyDetector.CloudwatchConfig": { - "additionalProperties": false, - "properties": { - "RoleArn": { - "markdownDescription": "An IAM role that gives Amazon Lookout for Metrics permission to access data in Amazon CloudWatch.", - "title": "RoleArn", - "type": "string" + "Value": { + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.VariableValue", + "markdownDescription": "The variable that identifies an asset property from which to use values.", + "title": "Value" } }, "required": [ - "RoleArn" + "Name", + "Value" ], "type": "object" }, - "AWS::LookoutMetrics::AnomalyDetector.CsvFormatDescriptor": { + "AWS::IoTSiteWise::AssetModel.Metric": { "additionalProperties": false, "properties": { - "Charset": { - "markdownDescription": "The character set in which the source CSV file is written.", - "title": "Charset", - "type": "string" - }, - "ContainsHeader": { - "markdownDescription": "Whether or not the source CSV file contains a header.", - "title": "ContainsHeader", - "type": "boolean" - }, - "Delimiter": { - "markdownDescription": "The character used to delimit the source CSV file.", - "title": "Delimiter", - "type": "string" - }, - "FileCompression": { - "markdownDescription": "The level of compression of the source CSV file.", - "title": "FileCompression", + "Expression": { + "markdownDescription": "The mathematical expression that defines the metric aggregation function. You can specify up to 10 variables per expression. You can specify up to 10 functions per expression.\n\nFor more information, see [Quotas](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/quotas.html) in the *AWS IoT SiteWise User Guide* .", + "title": "Expression", "type": "string" }, - "HeaderList": { + "Variables": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.ExpressionVariable" }, - "markdownDescription": "A list of the source CSV file's headers, if any.", - "title": "HeaderList", + "markdownDescription": "The list of variables used in the expression.", + "title": "Variables", "type": "array" }, - "QuoteSymbol": { - "markdownDescription": "The character used as a quote character.", - "title": "QuoteSymbol", - "type": "string" + "Window": { + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.MetricWindow", + "markdownDescription": "The window (time interval) over which AWS IoT SiteWise computes the metric's aggregation expression. AWS IoT SiteWise computes one data point per `window` .", + "title": "Window" } }, + "required": [ + "Expression", + "Variables", + "Window" + ], "type": "object" }, - "AWS::LookoutMetrics::AnomalyDetector.FileFormatDescriptor": { + "AWS::IoTSiteWise::AssetModel.MetricWindow": { "additionalProperties": false, "properties": { - "CsvFormatDescriptor": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.CsvFormatDescriptor", - "markdownDescription": "Contains information about how a source CSV data file should be analyzed.", - "title": "CsvFormatDescriptor" - }, - "JsonFormatDescriptor": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.JsonFormatDescriptor", - "markdownDescription": "Contains information about how a source JSON data file should be analyzed.", - "title": "JsonFormatDescriptor" + "Tumbling": { + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.TumblingWindow", + "markdownDescription": "The tumbling time interval window.", + "title": "Tumbling" } }, "type": "object" }, - "AWS::LookoutMetrics::AnomalyDetector.JsonFormatDescriptor": { + "AWS::IoTSiteWise::AssetModel.PropertyPathDefinition": { "additionalProperties": false, "properties": { - "Charset": { - "markdownDescription": "The character set in which the source JSON file is written.", - "title": "Charset", - "type": "string" - }, - "FileCompression": { - "markdownDescription": "The level of compression of the source CSV file.", - "title": "FileCompression", + "Name": { + "markdownDescription": "The name of the path segment.", + "title": "Name", "type": "string" } }, + "required": [ + "Name" + ], "type": "object" }, - "AWS::LookoutMetrics::AnomalyDetector.Metric": { + "AWS::IoTSiteWise::AssetModel.PropertyType": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "markdownDescription": "The function with which the metric is calculated.", - "title": "AggregationFunction", - "type": "string" + "Attribute": { + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.Attribute", + "markdownDescription": "Specifies an asset attribute property. An attribute generally contains static information, such as the serial number of an [IIoT](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Internet_of_things#Industrial_applications) wind turbine.", + "title": "Attribute" }, - "MetricName": { - "markdownDescription": "The name of the metric.", - "title": "MetricName", - "type": "string" + "Metric": { + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.Metric", + "markdownDescription": "Specifies an asset metric property. A metric contains a mathematical expression that uses aggregate functions to process all input data points over a time interval and output a single data point, such as to calculate the average hourly temperature.", + "title": "Metric" }, - "Namespace": { - "markdownDescription": "The namespace for the metric.", - "title": "Namespace", + "Transform": { + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.Transform", + "markdownDescription": "Specifies an asset transform property. A transform contains a mathematical expression that maps a property's data points from one form to another, such as a unit conversion from Celsius to Fahrenheit.", + "title": "Transform" + }, + "TypeName": { + "markdownDescription": "The type of property type, which can be one of `Attribute` , `Measurement` , `Metric` , or `Transform` .", + "title": "TypeName", "type": "string" } }, "required": [ - "AggregationFunction", - "MetricName" + "TypeName" ], "type": "object" }, - "AWS::LookoutMetrics::AnomalyDetector.MetricSet": { + "AWS::IoTSiteWise::AssetModel.Transform": { "additionalProperties": false, "properties": { - "DimensionList": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the fields you want to treat as dimensions.", - "title": "DimensionList", - "type": "array" + "Expression": { + "markdownDescription": "The mathematical expression that defines the transformation function. You can specify up to 10 variables per expression. You can specify up to 10 functions per expression.\n\nFor more information, see [Quotas](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/quotas.html) in the *AWS IoT SiteWise User Guide* .", + "title": "Expression", + "type": "string" }, - "MetricList": { + "Variables": { "items": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.Metric" + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.ExpressionVariable" }, - "markdownDescription": "A list of metrics that the dataset will contain.", - "title": "MetricList", + "markdownDescription": "The list of variables used in the expression.", + "title": "Variables", "type": "array" - }, - "MetricSetDescription": { - "markdownDescription": "A description of the dataset you are creating.", - "title": "MetricSetDescription", - "type": "string" - }, - "MetricSetFrequency": { - "markdownDescription": "The frequency with which the source data will be analyzed for anomalies.", - "title": "MetricSetFrequency", - "type": "string" - }, - "MetricSetName": { - "markdownDescription": "The name of the dataset.", - "title": "MetricSetName", - "type": "string" - }, - "MetricSource": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.MetricSource", - "markdownDescription": "Contains information about how the source data should be interpreted.", - "title": "MetricSource" - }, - "Offset": { - "markdownDescription": "After an interval ends, the amount of seconds that the detector waits before importing data. Offset is only supported for S3, Redshift, Athena and datasources.", - "title": "Offset", - "type": "number" - }, - "TimestampColumn": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.TimestampColumn", - "markdownDescription": "Contains information about the column used for tracking time in your source data.", - "title": "TimestampColumn" - }, - "Timezone": { - "markdownDescription": "The time zone in which your source data was recorded.", - "title": "Timezone", - "type": "string" } }, "required": [ - "MetricList", - "MetricSetName", - "MetricSource" + "Expression", + "Variables" ], "type": "object" }, - "AWS::LookoutMetrics::AnomalyDetector.MetricSource": { - "additionalProperties": false, - "properties": { - "AppFlowConfig": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.AppFlowConfig", - "markdownDescription": "Details about an AppFlow datasource.", - "title": "AppFlowConfig" - }, - "CloudwatchConfig": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.CloudwatchConfig", - "markdownDescription": "Details about an Amazon CloudWatch monitoring datasource.", - "title": "CloudwatchConfig" - }, - "RDSSourceConfig": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.RDSSourceConfig", - "markdownDescription": "Details about an Amazon Relational Database Service (RDS) datasource.", - "title": "RDSSourceConfig" - }, - "RedshiftSourceConfig": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.RedshiftSourceConfig", - "markdownDescription": "Details about an Amazon Redshift database datasource.", - "title": "RedshiftSourceConfig" - }, - "S3SourceConfig": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.S3SourceConfig", - "markdownDescription": "Contains information about the configuration of the S3 bucket that contains source files.", - "title": "S3SourceConfig" - } - }, - "type": "object" - }, - "AWS::LookoutMetrics::AnomalyDetector.RDSSourceConfig": { + "AWS::IoTSiteWise::AssetModel.TumblingWindow": { "additionalProperties": false, "properties": { - "DBInstanceIdentifier": { - "markdownDescription": "A string identifying the database instance.", - "title": "DBInstanceIdentifier", - "type": "string" - }, - "DatabaseHost": { - "markdownDescription": "The host name of the database.", - "title": "DatabaseHost", - "type": "string" - }, - "DatabaseName": { - "markdownDescription": "The name of the RDS database.", - "title": "DatabaseName", - "type": "string" - }, - "DatabasePort": { - "markdownDescription": "The port number where the database can be accessed.", - "title": "DatabasePort", - "type": "number" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role.", - "title": "RoleArn", - "type": "string" - }, - "SecretManagerArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Secrets Manager role.", - "title": "SecretManagerArn", + "Interval": { + "markdownDescription": "The time interval for the tumbling window. The interval time must be between 1 minute and 1 week.\n\nAWS IoT SiteWise computes the `1w` interval the end of Sunday at midnight each week (UTC), the `1d` interval at the end of each day at midnight (UTC), the `1h` interval at the end of each hour, and so on.\n\nWhen AWS IoT SiteWise aggregates data points for metric computations, the start of each interval is exclusive and the end of each interval is inclusive. AWS IoT SiteWise places the computed data point at the end of the interval.", + "title": "Interval", "type": "string" }, - "TableName": { - "markdownDescription": "The name of the table in the database.", - "title": "TableName", + "Offset": { + "markdownDescription": "The offset for the tumbling window. The `offset` parameter accepts the following:\n\n- The offset time.\n\nFor example, if you specify `18h` for `offset` and `1d` for `interval` , AWS IoT SiteWise aggregates data in one of the following ways:\n\n- If you create the metric before or at 6 PM (UTC), you get the first aggregation result at 6 PM (UTC) on the day when you create the metric.\n- If you create the metric after 6 PM (UTC), you get the first aggregation result at 6 PM (UTC) the next day.\n- The ISO 8601 format.\n\nFor example, if you specify `PT18H` for `offset` and `1d` for `interval` , AWS IoT SiteWise aggregates data in one of the following ways:\n\n- If you create the metric before or at 6 PM (UTC), you get the first aggregation result at 6 PM (UTC) on the day when you create the metric.\n- If you create the metric after 6 PM (UTC), you get the first aggregation result at 6 PM (UTC) the next day.\n- The 24-hour clock.\n\nFor example, if you specify `00:03:00` for `offset` , `5m` for `interval` , and you create the metric at 2 PM (UTC), you get the first aggregation result at 2:03 PM (UTC). You get the second aggregation result at 2:08 PM (UTC).\n- The offset time zone.\n\nFor example, if you specify `2021-07-23T18:00-08` for `offset` and `1d` for `interval` , AWS IoT SiteWise aggregates data in one of the following ways:\n\n- If you create the metric before or at 6 PM (PST), you get the first aggregation result at 6 PM (PST) on the day when you create the metric.\n- If you create the metric after 6 PM (PST), you get the first aggregation result at 6 PM (PST) the next day.", + "title": "Offset", "type": "string" - }, - "VpcConfiguration": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.VpcConfiguration", - "markdownDescription": "An object containing information about the Amazon Virtual Private Cloud (VPC) configuration.", - "title": "VpcConfiguration" } }, "required": [ - "DBInstanceIdentifier", - "DatabaseHost", - "DatabaseName", - "DatabasePort", - "RoleArn", - "SecretManagerArn", - "TableName", - "VpcConfiguration" + "Interval" ], "type": "object" }, - "AWS::LookoutMetrics::AnomalyDetector.RedshiftSourceConfig": { + "AWS::IoTSiteWise::AssetModel.VariableValue": { "additionalProperties": false, "properties": { - "ClusterIdentifier": { - "markdownDescription": "A string identifying the Redshift cluster.", - "title": "ClusterIdentifier", - "type": "string" - }, - "DatabaseHost": { - "markdownDescription": "The name of the database host.", - "title": "DatabaseHost", - "type": "string" - }, - "DatabaseName": { - "markdownDescription": "The Redshift database name.", - "title": "DatabaseName", - "type": "string" - }, - "DatabasePort": { - "markdownDescription": "The port number where the database can be accessed.", - "title": "DatabasePort", - "type": "number" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role providing access to the database.", - "title": "RoleArn", + "HierarchyExternalId": { + "markdownDescription": "The external ID of the hierarchy being referenced. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", + "title": "HierarchyExternalId", "type": "string" }, - "SecretManagerArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Secrets Manager role.", - "title": "SecretManagerArn", + "HierarchyId": { + "markdownDescription": "The ID of the hierarchy to query for the property ID. You can use the hierarchy's name instead of the hierarchy's ID. If the hierarchy has an external ID, you can specify `externalId:` followed by the external ID. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .\n\nYou use a hierarchy ID instead of a model ID because you can have several hierarchies using the same model and therefore the same `propertyId` . For example, you might have separately grouped assets that come from the same asset model. For more information, see [Asset hierarchies](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/asset-hierarchies.html) in the *AWS IoT SiteWise User Guide* .", + "title": "HierarchyId", "type": "string" }, - "TableName": { - "markdownDescription": "The table name of the Redshift database.", - "title": "TableName", + "HierarchyLogicalId": { + "markdownDescription": "The `LogicalID` of the hierarchy to query for the `PropertyLogicalID` .\n\nYou use a `hierarchyLogicalID` instead of a model ID because you can have several hierarchies using the same model and therefore the same property. For example, you might have separately grouped assets that come from the same asset model. For more information, see [Defining relationships between asset models (hierarchies)](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/asset-hierarchies.html) in the *AWS IoT SiteWise User Guide* .", + "title": "HierarchyLogicalId", "type": "string" }, - "VpcConfiguration": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.VpcConfiguration", - "markdownDescription": "Contains information about the Amazon Virtual Private Cloud (VPC) configuration.", - "title": "VpcConfiguration" - } - }, - "required": [ - "ClusterIdentifier", - "DatabaseHost", - "DatabaseName", - "DatabasePort", - "RoleArn", - "SecretManagerArn", - "TableName", - "VpcConfiguration" - ], - "type": "object" - }, - "AWS::LookoutMetrics::AnomalyDetector.S3SourceConfig": { - "additionalProperties": false, - "properties": { - "FileFormatDescriptor": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.FileFormatDescriptor", - "markdownDescription": "Contains information about a source file's formatting.", - "title": "FileFormatDescriptor" - }, - "HistoricalDataPathList": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of paths to the historical data files.", - "title": "HistoricalDataPathList", - "type": "array" - }, - "RoleArn": { - "markdownDescription": "The ARN of an IAM role that has read and write access permissions to the source S3 bucket.", - "title": "RoleArn", + "PropertyExternalId": { + "markdownDescription": "The external ID of the property being referenced. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", + "title": "PropertyExternalId", "type": "string" }, - "TemplatedPathList": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of templated paths to the source files.", - "title": "TemplatedPathList", - "type": "array" - } - }, - "required": [ - "FileFormatDescriptor", - "RoleArn" - ], - "type": "object" - }, - "AWS::LookoutMetrics::AnomalyDetector.TimestampColumn": { - "additionalProperties": false, - "properties": { - "ColumnFormat": { - "markdownDescription": "The format of the timestamp column.", - "title": "ColumnFormat", + "PropertyId": { + "markdownDescription": "The ID of the property to use as the variable. You can use the property `name` if it's from the same asset model. If the property has an external ID, you can specify `externalId:` followed by the external ID. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .\n\n> This is a return value and can't be set.", + "title": "PropertyId", "type": "string" }, - "ColumnName": { - "markdownDescription": "The name of the timestamp column.", - "title": "ColumnName", + "PropertyLogicalId": { + "markdownDescription": "The `LogicalID` of the property that is being referenced.", + "title": "PropertyLogicalId", "type": "string" - } - }, - "type": "object" - }, - "AWS::LookoutMetrics::AnomalyDetector.VpcConfiguration": { - "additionalProperties": false, - "properties": { - "SecurityGroupIdList": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of strings containing the list of security groups.", - "title": "SecurityGroupIdList", - "type": "array" }, - "SubnetIdList": { + "PropertyPath": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.PropertyPathDefinition" }, - "markdownDescription": "An array of strings containing the Amazon VPC subnet IDs (e.g., `subnet-0bb1c79de3EXAMPLE` .", - "title": "SubnetIdList", + "markdownDescription": "The path of the property. Each step of the path is the name of the step. See the following example:\n\n`PropertyPath: Name: AssetModelName Name: Composite1 Name: NestedComposite`", + "title": "PropertyPath", "type": "array" } }, - "required": [ - "SecurityGroupIdList", - "SubnetIdList" - ], "type": "object" }, - "AWS::LookoutVision::Project": { + "AWS::IoTSiteWise::Dashboard": { "additionalProperties": false, "properties": { "Condition": { @@ -151405,20 +155723,45 @@ "Properties": { "additionalProperties": false, "properties": { - "ProjectName": { - "markdownDescription": "The name of the project.", - "title": "ProjectName", + "DashboardDefinition": { + "markdownDescription": "The dashboard definition specified in a JSON literal.\n\n- AWS IoT SiteWise Monitor (Classic) see [Create dashboards ( AWS CLI )](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/create-dashboards-using-aws-cli.html)\n- AWS IoT SiteWise Monitor (AI-aware) see [Create dashboards ( AWS CLI )](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/create-dashboards-ai-dashboard-cli.html)\n\nin the *AWS IoT SiteWise User Guide*", + "title": "DashboardDefinition", + "type": "string" + }, + "DashboardDescription": { + "markdownDescription": "A description for the dashboard.", + "title": "DashboardDescription", + "type": "string" + }, + "DashboardName": { + "markdownDescription": "A friendly name for the dashboard.", + "title": "DashboardName", + "type": "string" + }, + "ProjectId": { + "markdownDescription": "The ID of the project in which to create the dashboard.", + "title": "ProjectId", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs that contain metadata for the dashboard. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* .", + "title": "Tags", + "type": "array" } }, "required": [ - "ProjectName" + "DashboardDefinition", + "DashboardDescription", + "DashboardName" ], "type": "object" }, "Type": { "enum": [ - "AWS::LookoutVision::Project" + "AWS::IoTSiteWise::Dashboard" ], "type": "string" }, @@ -151437,7 +155780,7 @@ ], "type": "object" }, - "AWS::M2::Application": { + "AWS::IoTSiteWise::Dataset": { "additionalProperties": false, "properties": { "Condition": { @@ -151472,58 +155815,39 @@ "Properties": { "additionalProperties": false, "properties": { - "Definition": { - "$ref": "#/definitions/AWS::M2::Application.Definition", - "markdownDescription": "The application definition for a particular application. You can specify either inline JSON or an Amazon S3 bucket location.\n\nFor information about application definitions, see the [AWS Mainframe Modernization User Guide](https://docs.aws.amazon.com/m2/latest/userguide/applications-m2-definition.html) .", - "title": "Definition" - }, - "Description": { - "markdownDescription": "The description of the application.", - "title": "Description", - "type": "string" - }, - "EngineType": { - "markdownDescription": "The type of the target platform for this application.", - "title": "EngineType", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "The identifier of a customer managed key.", - "title": "KmsKeyId", + "DatasetDescription": { + "markdownDescription": "", + "title": "DatasetDescription", "type": "string" }, - "Name": { - "markdownDescription": "The name of the application.", - "title": "Name", + "DatasetName": { + "markdownDescription": "", + "title": "DatasetName", "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role associated with the application.", - "title": "RoleArn", - "type": "string" + "DatasetSource": { + "$ref": "#/definitions/AWS::IoTSiteWise::Dataset.DatasetSource", + "markdownDescription": "", + "title": "DatasetSource" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "", "title": "Tags", - "type": "object" + "type": "array" } }, "required": [ - "Definition", - "EngineType", - "Name" + "DatasetName", + "DatasetSource" ], "type": "object" }, "Type": { "enum": [ - "AWS::M2::Application" + "AWS::IoTSiteWise::Dataset" ], "type": "string" }, @@ -151542,23 +155866,63 @@ ], "type": "object" }, - "AWS::M2::Application.Definition": { + "AWS::IoTSiteWise::Dataset.DatasetSource": { "additionalProperties": false, "properties": { - "Content": { - "markdownDescription": "The content of the application definition. This is a JSON object that contains the resource configuration/definitions that identify an application.", - "title": "Content", + "SourceDetail": { + "$ref": "#/definitions/AWS::IoTSiteWise::Dataset.SourceDetail", + "markdownDescription": "", + "title": "SourceDetail" + }, + "SourceFormat": { + "markdownDescription": "", + "title": "SourceFormat", "type": "string" }, - "S3Location": { - "markdownDescription": "The S3 bucket that contains the application definition.", - "title": "S3Location", + "SourceType": { + "markdownDescription": "", + "title": "SourceType", "type": "string" } }, + "required": [ + "SourceFormat", + "SourceType" + ], "type": "object" }, - "AWS::M2::Environment": { + "AWS::IoTSiteWise::Dataset.KendraSourceDetail": { + "additionalProperties": false, + "properties": { + "KnowledgeBaseArn": { + "markdownDescription": "", + "title": "KnowledgeBaseArn", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "KnowledgeBaseArn", + "RoleArn" + ], + "type": "object" + }, + "AWS::IoTSiteWise::Dataset.SourceDetail": { + "additionalProperties": false, + "properties": { + "Kendra": { + "$ref": "#/definitions/AWS::IoTSiteWise::Dataset.KendraSourceDetail", + "markdownDescription": "", + "title": "Kendra" + } + }, + "type": "object" + }, + "AWS::IoTSiteWise::Gateway": { "additionalProperties": false, "properties": { "Condition": { @@ -151593,97 +155957,47 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the runtime environment.", - "title": "Description", - "type": "string" - }, - "EngineType": { - "markdownDescription": "The target platform for the runtime environment.", - "title": "EngineType", - "type": "string" + "GatewayCapabilitySummaries": { + "items": { + "$ref": "#/definitions/AWS::IoTSiteWise::Gateway.GatewayCapabilitySummary" + }, + "markdownDescription": "A list of gateway capability summaries that each contain a namespace and status. Each gateway capability defines data sources for the gateway. To retrieve a capability configuration's definition, use [DescribeGatewayCapabilityConfiguration](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DescribeGatewayCapabilityConfiguration.html) .", + "title": "GatewayCapabilitySummaries", + "type": "array" }, - "EngineVersion": { - "markdownDescription": "The version of the runtime engine.", - "title": "EngineVersion", + "GatewayName": { + "markdownDescription": "A unique name for the gateway.", + "title": "GatewayName", "type": "string" }, - "HighAvailabilityConfig": { - "$ref": "#/definitions/AWS::M2::Environment.HighAvailabilityConfig", - "markdownDescription": "Defines the details of a high availability configuration.", - "title": "HighAvailabilityConfig" + "GatewayPlatform": { + "$ref": "#/definitions/AWS::IoTSiteWise::Gateway.GatewayPlatform", + "markdownDescription": "The gateway's platform. You can only specify one platform in a gateway.", + "title": "GatewayPlatform" }, - "InstanceType": { - "markdownDescription": "The instance type of the runtime environment.", - "title": "InstanceType", + "GatewayVersion": { + "markdownDescription": "", + "title": "GatewayVersion", "type": "string" }, - "KmsKeyId": { - "markdownDescription": "The identifier of a customer managed key.", - "title": "KmsKeyId", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the runtime environment.", - "title": "Name", - "type": "string" - }, - "PreferredMaintenanceWindow": { - "markdownDescription": "Configures the maintenance window that you want for the runtime environment. The maintenance window must have the format `ddd:hh24:mi-ddd:hh24:mi` and must be less than 24 hours. The following two examples are valid maintenance windows: `sun:23:45-mon:00:15` or `sat:01:00-sat:03:00` .\n\nIf you do not provide a value, a random system-generated value will be assigned.", - "title": "PreferredMaintenanceWindow", - "type": "string" - }, - "PubliclyAccessible": { - "markdownDescription": "Specifies whether the runtime environment is publicly accessible.", - "title": "PubliclyAccessible", - "type": "boolean" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of security groups for the VPC associated with this runtime environment.", - "title": "SecurityGroupIds", - "type": "array" - }, - "StorageConfigurations": { - "items": { - "$ref": "#/definitions/AWS::M2::Environment.StorageConfiguration" - }, - "markdownDescription": "Defines the storage configuration for a runtime environment.", - "title": "StorageConfigurations", - "type": "array" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of subnets associated with the VPC for this runtime environment.", - "title": "SubnetIds", - "type": "array" - }, "Tags": { - "additionalProperties": true, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "A list of key-value pairs that contain metadata for the gateway. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* .", "title": "Tags", - "type": "object" + "type": "array" } }, "required": [ - "EngineType", - "InstanceType", - "Name" + "GatewayName", + "GatewayPlatform" ], "type": "object" }, "Type": { "enum": [ - "AWS::M2::Environment" + "AWS::IoTSiteWise::Gateway" ], "type": "string" }, @@ -151702,152 +156016,75 @@ ], "type": "object" }, - "AWS::M2::Environment.EfsStorageConfiguration": { + "AWS::IoTSiteWise::Gateway.GatewayCapabilitySummary": { "additionalProperties": false, "properties": { - "FileSystemId": { - "markdownDescription": "The file system identifier.", - "title": "FileSystemId", + "CapabilityConfiguration": { + "markdownDescription": "The JSON document that defines the configuration for the gateway capability. For more information, see [Configuring data sources (CLI)](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/configure-sources.html#configure-source-cli) in the *AWS IoT SiteWise User Guide* .", + "title": "CapabilityConfiguration", "type": "string" }, - "MountPoint": { - "markdownDescription": "The mount point for the file system.", - "title": "MountPoint", + "CapabilityNamespace": { + "markdownDescription": "The namespace of the capability configuration. For example, if you configure OPC UA sources for an MQTT-enabled gateway, your OPC-UA capability configuration has the namespace `iotsitewise:opcuacollector:3` .", + "title": "CapabilityNamespace", "type": "string" } }, "required": [ - "FileSystemId", - "MountPoint" + "CapabilityNamespace" ], "type": "object" }, - "AWS::M2::Environment.FsxStorageConfiguration": { + "AWS::IoTSiteWise::Gateway.GatewayPlatform": { "additionalProperties": false, "properties": { - "FileSystemId": { - "markdownDescription": "The file system identifier.", - "title": "FileSystemId", - "type": "string" + "GreengrassV2": { + "$ref": "#/definitions/AWS::IoTSiteWise::Gateway.GreengrassV2", + "markdownDescription": "A gateway that runs on AWS IoT Greengrass V2 .", + "title": "GreengrassV2" }, - "MountPoint": { - "markdownDescription": "The mount point for the file system.", - "title": "MountPoint", - "type": "string" + "SiemensIE": { + "$ref": "#/definitions/AWS::IoTSiteWise::Gateway.SiemensIE", + "markdownDescription": "An AWS IoT SiteWise Edge gateway that runs on a Siemens Industrial Edge Device.", + "title": "SiemensIE" } }, - "required": [ - "FileSystemId", - "MountPoint" - ], "type": "object" }, - "AWS::M2::Environment.HighAvailabilityConfig": { + "AWS::IoTSiteWise::Gateway.GreengrassV2": { "additionalProperties": false, "properties": { - "DesiredCapacity": { - "markdownDescription": "The number of instances in a high availability configuration. The minimum possible value is 1 and the maximum is 100.", - "title": "DesiredCapacity", - "type": "number" + "CoreDeviceOperatingSystem": { + "markdownDescription": "", + "title": "CoreDeviceOperatingSystem", + "type": "string" + }, + "CoreDeviceThingName": { + "markdownDescription": "The name of the AWS IoT thing for your AWS IoT Greengrass V2 core device.", + "title": "CoreDeviceThingName", + "type": "string" } }, "required": [ - "DesiredCapacity" + "CoreDeviceThingName" ], "type": "object" }, - "AWS::M2::Environment.StorageConfiguration": { - "additionalProperties": false, - "properties": { - "Efs": { - "$ref": "#/definitions/AWS::M2::Environment.EfsStorageConfiguration", - "markdownDescription": "Defines the storage configuration for an Amazon EFS file system.", - "title": "Efs" - }, - "Fsx": { - "$ref": "#/definitions/AWS::M2::Environment.FsxStorageConfiguration", - "markdownDescription": "Defines the storage configuration for an Amazon FSx file system.", - "title": "Fsx" - } - }, - "type": "object" - }, - "AWS::MSK::BatchScramSecret": { + "AWS::IoTSiteWise::Gateway.SiemensIE": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ClusterArn": { - "markdownDescription": "The Amazon Resource Name (ARN) that uniquely identifies the cluster.", - "title": "ClusterArn", - "type": "string" - }, - "SecretArnList": { - "items": { - "type": "string" - }, - "markdownDescription": "List of Amazon Resource Name (ARN)s of Secrets Manager secrets.", - "title": "SecretArnList", - "type": "array" - } - }, - "required": [ - "ClusterArn" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::MSK::BatchScramSecret" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "IotCoreThingName": { + "markdownDescription": "The name of the AWS IoT Thing for your AWS IoT SiteWise Edge gateway.", + "title": "IotCoreThingName", "type": "string" } }, "required": [ - "Type", - "Properties" + "IotCoreThingName" ], "type": "object" }, - "AWS::MSK::Cluster": { + "AWS::IoTSiteWise::Portal": { "additionalProperties": false, "properties": { "Condition": { @@ -151882,89 +156119,76 @@ "Properties": { "additionalProperties": false, "properties": { - "BrokerNodeGroupInfo": { - "$ref": "#/definitions/AWS::MSK::Cluster.BrokerNodeGroupInfo", - "markdownDescription": "Information about the broker nodes in the cluster.", - "title": "BrokerNodeGroupInfo" - }, - "ClientAuthentication": { - "$ref": "#/definitions/AWS::MSK::Cluster.ClientAuthentication", - "markdownDescription": "Includes all client authentication related information.", - "title": "ClientAuthentication" + "Alarms": { + "$ref": "#/definitions/AWS::IoTSiteWise::Portal.Alarms", + "markdownDescription": "Contains the configuration information of an alarm created in an AWS IoT SiteWise Monitor portal. You can use the alarm to monitor an asset property and get notified when the asset property value is outside a specified range. For more information, see [Monitoring with alarms](https://docs.aws.amazon.com/iot-sitewise/latest/appguide/monitor-alarms.html) in the *AWS IoT SiteWise Application Guide* .", + "title": "Alarms" }, - "ClusterName": { - "markdownDescription": "The name of the cluster.", - "title": "ClusterName", + "NotificationSenderEmail": { + "markdownDescription": "The email address that sends alarm notifications.\n\n> If you use the [AWS IoT Events managed Lambda function](https://docs.aws.amazon.com/iotevents/latest/developerguide/lambda-support.html) to manage your emails, you must [verify the sender email address in Amazon SES](https://docs.aws.amazon.com/ses/latest/DeveloperGuide/verify-email-addresses.html) .", + "title": "NotificationSenderEmail", "type": "string" }, - "ConfigurationInfo": { - "$ref": "#/definitions/AWS::MSK::Cluster.ConfigurationInfo", - "markdownDescription": "Represents the configuration that you want MSK to use for the cluster.", - "title": "ConfigurationInfo" - }, - "CurrentVersion": { - "markdownDescription": "The version of the cluster that you want to update.", - "title": "CurrentVersion", + "PortalAuthMode": { + "markdownDescription": "The service to use to authenticate users to the portal. Choose from the following options:\n\n- `SSO` \u2013 The portal uses AWS IAM Identity Center to authenticate users and manage user permissions. Before you can create a portal that uses IAM Identity Center, you must enable IAM Identity Center. For more information, see [Enabling IAM Identity Center](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/monitor-get-started.html#mon-gs-sso) in the *AWS IoT SiteWise User Guide* . This option is only available in AWS Regions other than the China Regions.\n- `IAM` \u2013 The portal uses AWS Identity and Access Management to authenticate users and manage user permissions.\n\nYou can't change this value after you create a portal.\n\nDefault: `SSO`", + "title": "PortalAuthMode", "type": "string" }, - "EncryptionInfo": { - "$ref": "#/definitions/AWS::MSK::Cluster.EncryptionInfo", - "markdownDescription": "Includes all encryption-related information.", - "title": "EncryptionInfo" - }, - "EnhancedMonitoring": { - "markdownDescription": "Specifies the level of monitoring for the MSK cluster.", - "title": "EnhancedMonitoring", + "PortalContactEmail": { + "markdownDescription": "The AWS administrator's contact email address.", + "title": "PortalContactEmail", "type": "string" }, - "KafkaVersion": { - "markdownDescription": "The version of Apache Kafka. You can use Amazon MSK to create clusters that use [supported Apache Kafka versions](https://docs.aws.amazon.com/msk/latest/developerguide/supported-kafka-versions.html) .", - "title": "KafkaVersion", + "PortalDescription": { + "markdownDescription": "A description for the portal.", + "title": "PortalDescription", "type": "string" }, - "LoggingInfo": { - "$ref": "#/definitions/AWS::MSK::Cluster.LoggingInfo", - "markdownDescription": "Logging info details for the cluster.", - "title": "LoggingInfo" - }, - "NumberOfBrokerNodes": { - "markdownDescription": "The number of broker nodes in the cluster.", - "title": "NumberOfBrokerNodes", - "type": "number" - }, - "OpenMonitoring": { - "$ref": "#/definitions/AWS::MSK::Cluster.OpenMonitoring", - "markdownDescription": "The settings for open monitoring.", - "title": "OpenMonitoring" + "PortalName": { + "markdownDescription": "A friendly name for the portal.", + "title": "PortalName", + "type": "string" }, - "StorageMode": { - "markdownDescription": "This controls storage mode for supported storage tiers.", - "title": "StorageMode", + "PortalType": { + "markdownDescription": "Define the type of portal. The value for AWS IoT SiteWise Monitor (Classic) is `SITEWISE_PORTAL_V1` . The value for AWS IoT SiteWise Monitor (AI-aware) is `SITEWISE_PORTAL_V2` .", + "title": "PortalType", "type": "string" }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "An arbitrary set of tags (key-value pairs) for the cluster.", + "PortalTypeConfiguration": { + "additionalProperties": false, + "markdownDescription": "", "patternProperties": { "^[a-zA-Z0-9]+$": { - "type": "string" + "$ref": "#/definitions/AWS::IoTSiteWise::Portal.PortalTypeEntry" } }, - "title": "Tags", + "title": "PortalTypeConfiguration", "type": "object" + }, + "RoleArn": { + "markdownDescription": "The [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) of a service role that allows the portal's users to access your AWS IoT SiteWise resources on your behalf. For more information, see [Using service roles for AWS IoT SiteWise Monitor](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/monitor-service-role.html) in the *AWS IoT SiteWise User Guide* .", + "title": "RoleArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs that contain metadata for the portal. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* .", + "title": "Tags", + "type": "array" } }, "required": [ - "BrokerNodeGroupInfo", - "ClusterName", - "KafkaVersion", - "NumberOfBrokerNodes" + "PortalContactEmail", + "PortalName", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::MSK::Cluster" + "AWS::IoTSiteWise::Portal" ], "type": "string" }, @@ -151983,527 +156207,40 @@ ], "type": "object" }, - "AWS::MSK::Cluster.BrokerLogs": { - "additionalProperties": false, - "properties": { - "CloudWatchLogs": { - "$ref": "#/definitions/AWS::MSK::Cluster.CloudWatchLogs", - "markdownDescription": "", - "title": "CloudWatchLogs" - }, - "Firehose": { - "$ref": "#/definitions/AWS::MSK::Cluster.Firehose", - "markdownDescription": "Details of the Kinesis Data Firehose delivery stream that is the destination for broker logs.", - "title": "Firehose" - }, - "S3": { - "$ref": "#/definitions/AWS::MSK::Cluster.S3", - "markdownDescription": "Details of the Amazon S3 destination for broker logs.", - "title": "S3" - } - }, - "type": "object" - }, - "AWS::MSK::Cluster.BrokerNodeGroupInfo": { - "additionalProperties": false, - "properties": { - "BrokerAZDistribution": { - "markdownDescription": "This parameter is currently not in use.", - "title": "BrokerAZDistribution", - "type": "string" - }, - "ClientSubnets": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of subnets to connect to in the client virtual private cloud (VPC). Amazon creates elastic network interfaces (ENIs) inside these subnets. Client applications use ENIs to produce and consume data.\n\nIf you use the US West (N. California) Region, specify exactly two subnets. For other Regions where Amazon MSK is available, you can specify either two or three subnets. The subnets that you specify must be in distinct Availability Zones. When you create a cluster, Amazon MSK distributes the broker nodes evenly across the subnets that you specify.\n\nClient subnets can't occupy the Availability Zone with ID `use1-az3` .", - "title": "ClientSubnets", - "type": "array" - }, - "ConnectivityInfo": { - "$ref": "#/definitions/AWS::MSK::Cluster.ConnectivityInfo", - "markdownDescription": "Information about the cluster's connectivity setting.", - "title": "ConnectivityInfo" - }, - "InstanceType": { - "markdownDescription": "The type of Amazon EC2 instances to use for brokers. The following instance types are allowed: kafka.m5.large, kafka.m5.xlarge, kafka.m5.2xlarge, kafka.m5.4xlarge, kafka.m5.8xlarge, kafka.m5.12xlarge, kafka.m5.16xlarge, kafka.m5.24xlarge, and kafka.t3.small.", - "title": "InstanceType", - "type": "string" - }, - "SecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "The security groups to associate with the ENIs in order to specify who can connect to and communicate with the Amazon MSK cluster. If you don't specify a security group, Amazon MSK uses the default security group associated with the VPC. If you specify security groups that were shared with you, you must ensure that you have permissions to them. Specifically, you need the `ec2:DescribeSecurityGroups` permission.", - "title": "SecurityGroups", - "type": "array" - }, - "StorageInfo": { - "$ref": "#/definitions/AWS::MSK::Cluster.StorageInfo", - "markdownDescription": "Contains information about storage volumes attached to Amazon MSK broker nodes.", - "title": "StorageInfo" - } - }, - "required": [ - "ClientSubnets", - "InstanceType" - ], - "type": "object" - }, - "AWS::MSK::Cluster.ClientAuthentication": { - "additionalProperties": false, - "properties": { - "Sasl": { - "$ref": "#/definitions/AWS::MSK::Cluster.Sasl", - "markdownDescription": "Details for client authentication using SASL. To turn on SASL, you must also turn on `EncryptionInTransit` by setting `inCluster` to true. You must set `clientBroker` to either `TLS` or `TLS_PLAINTEXT` . If you choose `TLS_PLAINTEXT` , then you must also set `unauthenticated` to true.", - "title": "Sasl" - }, - "Tls": { - "$ref": "#/definitions/AWS::MSK::Cluster.Tls", - "markdownDescription": "Details for ClientAuthentication using TLS. To turn on TLS access control, you must also turn on `EncryptionInTransit` by setting `inCluster` to true and `clientBroker` to `TLS` .", - "title": "Tls" - }, - "Unauthenticated": { - "$ref": "#/definitions/AWS::MSK::Cluster.Unauthenticated", - "markdownDescription": "Details for ClientAuthentication using no authentication.", - "title": "Unauthenticated" - } - }, - "type": "object" - }, - "AWS::MSK::Cluster.CloudWatchLogs": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Specifies whether broker logs get sent to the specified CloudWatch Logs destination.", - "title": "Enabled", - "type": "boolean" - }, - "LogGroup": { - "markdownDescription": "The CloudWatch log group that is the destination for broker logs.", - "title": "LogGroup", - "type": "string" - } - }, - "required": [ - "Enabled" - ], - "type": "object" - }, - "AWS::MSK::Cluster.ConfigurationInfo": { - "additionalProperties": false, - "properties": { - "Arn": { - "markdownDescription": "ARN of the configuration to use.", - "title": "Arn", - "type": "string" - }, - "Revision": { - "markdownDescription": "The revision of the configuration to use.", - "title": "Revision", - "type": "number" - } - }, - "required": [ - "Arn", - "Revision" - ], - "type": "object" - }, - "AWS::MSK::Cluster.ConnectivityInfo": { - "additionalProperties": false, - "properties": { - "PublicAccess": { - "$ref": "#/definitions/AWS::MSK::Cluster.PublicAccess", - "markdownDescription": "Access control settings for the cluster's brokers.", - "title": "PublicAccess" - }, - "VpcConnectivity": { - "$ref": "#/definitions/AWS::MSK::Cluster.VpcConnectivity", - "markdownDescription": "VPC connection control settings for brokers.", - "title": "VpcConnectivity" - } - }, - "type": "object" - }, - "AWS::MSK::Cluster.EBSStorageInfo": { - "additionalProperties": false, - "properties": { - "ProvisionedThroughput": { - "$ref": "#/definitions/AWS::MSK::Cluster.ProvisionedThroughput", - "markdownDescription": "EBS volume provisioned throughput information.", - "title": "ProvisionedThroughput" - }, - "VolumeSize": { - "markdownDescription": "The size in GiB of the EBS volume for the data drive on each broker node.", - "title": "VolumeSize", - "type": "number" - } - }, - "type": "object" - }, - "AWS::MSK::Cluster.EncryptionAtRest": { - "additionalProperties": false, - "properties": { - "DataVolumeKMSKeyId": { - "markdownDescription": "The ARN of the Amazon KMS key for encrypting data at rest. If you don't specify a KMS key, MSK creates one for you and uses it.", - "title": "DataVolumeKMSKeyId", - "type": "string" - } - }, - "required": [ - "DataVolumeKMSKeyId" - ], - "type": "object" - }, - "AWS::MSK::Cluster.EncryptionInTransit": { - "additionalProperties": false, - "properties": { - "ClientBroker": { - "markdownDescription": "Indicates the encryption setting for data in transit between clients and brokers. You must set it to one of the following values.\n\n- `TLS` : Indicates that client-broker communication is enabled with TLS only.\n- `TLS_PLAINTEXT` : Indicates that client-broker communication is enabled for both TLS-encrypted, as well as plaintext data.\n- `PLAINTEXT` : Indicates that client-broker communication is enabled in plaintext only.\n\nThe default value is `TLS` .", - "title": "ClientBroker", - "type": "string" - }, - "InCluster": { - "markdownDescription": "When set to true, it indicates that data communication among the broker nodes of the cluster is encrypted. When set to false, the communication happens in plaintext.\n\nThe default value is true.", - "title": "InCluster", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::MSK::Cluster.EncryptionInfo": { - "additionalProperties": false, - "properties": { - "EncryptionAtRest": { - "$ref": "#/definitions/AWS::MSK::Cluster.EncryptionAtRest", - "markdownDescription": "The data-volume encryption details.", - "title": "EncryptionAtRest" - }, - "EncryptionInTransit": { - "$ref": "#/definitions/AWS::MSK::Cluster.EncryptionInTransit", - "markdownDescription": "The details for encryption in transit.", - "title": "EncryptionInTransit" - } - }, - "type": "object" - }, - "AWS::MSK::Cluster.Firehose": { - "additionalProperties": false, - "properties": { - "DeliveryStream": { - "markdownDescription": "The Kinesis Data Firehose delivery stream that is the destination for broker logs.", - "title": "DeliveryStream", - "type": "string" - }, - "Enabled": { - "markdownDescription": "Specifies whether broker logs get send to the specified Kinesis Data Firehose delivery stream.", - "title": "Enabled", - "type": "boolean" - } - }, - "required": [ - "Enabled" - ], - "type": "object" - }, - "AWS::MSK::Cluster.Iam": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "SASL/IAM authentication is enabled or not.", - "title": "Enabled", - "type": "boolean" - } - }, - "required": [ - "Enabled" - ], - "type": "object" - }, - "AWS::MSK::Cluster.JmxExporter": { - "additionalProperties": false, - "properties": { - "EnabledInBroker": { - "markdownDescription": "Indicates whether you want to enable or disable the JMX Exporter.", - "title": "EnabledInBroker", - "type": "boolean" - } - }, - "required": [ - "EnabledInBroker" - ], - "type": "object" - }, - "AWS::MSK::Cluster.LoggingInfo": { - "additionalProperties": false, - "properties": { - "BrokerLogs": { - "$ref": "#/definitions/AWS::MSK::Cluster.BrokerLogs", - "markdownDescription": "You can configure your MSK cluster to send broker logs to different destination types. This configuration specifies the details of these destinations.", - "title": "BrokerLogs" - } - }, - "required": [ - "BrokerLogs" - ], - "type": "object" - }, - "AWS::MSK::Cluster.NodeExporter": { - "additionalProperties": false, - "properties": { - "EnabledInBroker": { - "markdownDescription": "Indicates whether you want to enable or disable the Node Exporter.", - "title": "EnabledInBroker", - "type": "boolean" - } - }, - "required": [ - "EnabledInBroker" - ], - "type": "object" - }, - "AWS::MSK::Cluster.OpenMonitoring": { - "additionalProperties": false, - "properties": { - "Prometheus": { - "$ref": "#/definitions/AWS::MSK::Cluster.Prometheus", - "markdownDescription": "Prometheus exporter settings.", - "title": "Prometheus" - } - }, - "required": [ - "Prometheus" - ], - "type": "object" - }, - "AWS::MSK::Cluster.Prometheus": { - "additionalProperties": false, - "properties": { - "JmxExporter": { - "$ref": "#/definitions/AWS::MSK::Cluster.JmxExporter", - "markdownDescription": "Indicates whether you want to enable or disable the JMX Exporter.", - "title": "JmxExporter" - }, - "NodeExporter": { - "$ref": "#/definitions/AWS::MSK::Cluster.NodeExporter", - "markdownDescription": "Indicates whether you want to enable or disable the Node Exporter.", - "title": "NodeExporter" - } - }, - "type": "object" - }, - "AWS::MSK::Cluster.ProvisionedThroughput": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Provisioned throughput is on or off.", - "title": "Enabled", - "type": "boolean" - }, - "VolumeThroughput": { - "markdownDescription": "Throughput value of the EBS volumes for the data drive on each kafka broker node in MiB per second.", - "title": "VolumeThroughput", - "type": "number" - } - }, - "type": "object" - }, - "AWS::MSK::Cluster.PublicAccess": { - "additionalProperties": false, - "properties": { - "Type": { - "markdownDescription": "DISABLED means that public access is turned off. SERVICE_PROVIDED_EIPS means that public access is turned on.", - "title": "Type", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MSK::Cluster.S3": { + "AWS::IoTSiteWise::Portal.Alarms": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The name of the S3 bucket that is the destination for broker logs.", - "title": "Bucket", + "AlarmRoleArn": { + "markdownDescription": "The [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) of the IAM role that allows the alarm to perform actions and access AWS resources and services, such as AWS IoT Events .", + "title": "AlarmRoleArn", "type": "string" }, - "Enabled": { - "markdownDescription": "Specifies whether broker logs get sent to the specified Amazon S3 destination.", - "title": "Enabled", - "type": "boolean" - }, - "Prefix": { - "markdownDescription": "The S3 prefix that is the destination for broker logs.", - "title": "Prefix", + "NotificationLambdaArn": { + "markdownDescription": "The [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) of the Lambda function that manages alarm notifications. For more information, see [Managing alarm notifications](https://docs.aws.amazon.com/iotevents/latest/developerguide/lambda-support.html) in the *AWS IoT Events Developer Guide* .", + "title": "NotificationLambdaArn", "type": "string" } }, - "required": [ - "Enabled" - ], - "type": "object" - }, - "AWS::MSK::Cluster.Sasl": { - "additionalProperties": false, - "properties": { - "Iam": { - "$ref": "#/definitions/AWS::MSK::Cluster.Iam", - "markdownDescription": "Details for ClientAuthentication using IAM.", - "title": "Iam" - }, - "Scram": { - "$ref": "#/definitions/AWS::MSK::Cluster.Scram", - "markdownDescription": "Details for SASL/SCRAM client authentication.", - "title": "Scram" - } - }, - "type": "object" - }, - "AWS::MSK::Cluster.Scram": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "SASL/SCRAM authentication is enabled or not.", - "title": "Enabled", - "type": "boolean" - } - }, - "required": [ - "Enabled" - ], - "type": "object" - }, - "AWS::MSK::Cluster.StorageInfo": { - "additionalProperties": false, - "properties": { - "EBSStorageInfo": { - "$ref": "#/definitions/AWS::MSK::Cluster.EBSStorageInfo", - "markdownDescription": "EBS volume information.", - "title": "EBSStorageInfo" - } - }, "type": "object" }, - "AWS::MSK::Cluster.Tls": { + "AWS::IoTSiteWise::Portal.PortalTypeEntry": { "additionalProperties": false, "properties": { - "CertificateAuthorityArnList": { + "PortalTools": { "items": { "type": "string" }, - "markdownDescription": "List of AWS Private CA ARNs.", - "title": "CertificateAuthorityArnList", + "markdownDescription": "The array of tools associated with the specified portal type. The possible values are `ASSISTANT` and `DASHBOARD` .", + "title": "PortalTools", "type": "array" - }, - "Enabled": { - "markdownDescription": "TLS authentication is enabled or not.", - "title": "Enabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::MSK::Cluster.Unauthenticated": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Unauthenticated is enabled or not.", - "title": "Enabled", - "type": "boolean" - } - }, - "required": [ - "Enabled" - ], - "type": "object" - }, - "AWS::MSK::Cluster.VpcConnectivity": { - "additionalProperties": false, - "properties": { - "ClientAuthentication": { - "$ref": "#/definitions/AWS::MSK::Cluster.VpcConnectivityClientAuthentication", - "markdownDescription": "VPC connection control settings for brokers.", - "title": "ClientAuthentication" - } - }, - "type": "object" - }, - "AWS::MSK::Cluster.VpcConnectivityClientAuthentication": { - "additionalProperties": false, - "properties": { - "Sasl": { - "$ref": "#/definitions/AWS::MSK::Cluster.VpcConnectivitySasl", - "markdownDescription": "Details for VpcConnectivity ClientAuthentication using SASL.", - "title": "Sasl" - }, - "Tls": { - "$ref": "#/definitions/AWS::MSK::Cluster.VpcConnectivityTls", - "markdownDescription": "Details for VpcConnectivity ClientAuthentication using TLS.", - "title": "Tls" - } - }, - "type": "object" - }, - "AWS::MSK::Cluster.VpcConnectivityIam": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "SASL/IAM authentication is enabled or not.", - "title": "Enabled", - "type": "boolean" - } - }, - "required": [ - "Enabled" - ], - "type": "object" - }, - "AWS::MSK::Cluster.VpcConnectivitySasl": { - "additionalProperties": false, - "properties": { - "Iam": { - "$ref": "#/definitions/AWS::MSK::Cluster.VpcConnectivityIam", - "markdownDescription": "Details for ClientAuthentication using IAM for VpcConnectivity.", - "title": "Iam" - }, - "Scram": { - "$ref": "#/definitions/AWS::MSK::Cluster.VpcConnectivityScram", - "markdownDescription": "Details for SASL/SCRAM client authentication for VpcConnectivity.", - "title": "Scram" - } - }, - "type": "object" - }, - "AWS::MSK::Cluster.VpcConnectivityScram": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "SASL/SCRAM authentication is enabled or not.", - "title": "Enabled", - "type": "boolean" - } - }, - "required": [ - "Enabled" - ], - "type": "object" - }, - "AWS::MSK::Cluster.VpcConnectivityTls": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "TLS authentication is enabled or not.", - "title": "Enabled", - "type": "boolean" } }, "required": [ - "Enabled" + "PortalTools" ], "type": "object" }, - "AWS::MSK::ClusterPolicy": { + "AWS::IoTSiteWise::Project": { "additionalProperties": false, "properties": { "Condition": { @@ -152538,26 +156275,47 @@ "Properties": { "additionalProperties": false, "properties": { - "ClusterArn": { - "markdownDescription": "The Amazon Resource Name (ARN) that uniquely identifies the cluster.", - "title": "ClusterArn", + "AssetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list that contains the IDs of each asset associated with the project.", + "title": "AssetIds", + "type": "array" + }, + "PortalId": { + "markdownDescription": "The ID of the portal in which to create the project.", + "title": "PortalId", "type": "string" }, - "Policy": { - "markdownDescription": "Resource policy for the cluster.", - "title": "Policy", - "type": "object" + "ProjectDescription": { + "markdownDescription": "A description for the project.", + "title": "ProjectDescription", + "type": "string" + }, + "ProjectName": { + "markdownDescription": "A friendly name for the project.", + "title": "ProjectName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs that contain metadata for the project. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* .", + "title": "Tags", + "type": "array" } }, "required": [ - "ClusterArn", - "Policy" + "PortalId", + "ProjectName" ], "type": "object" }, "Type": { "enum": [ - "AWS::MSK::ClusterPolicy" + "AWS::IoTSiteWise::Project" ], "type": "string" }, @@ -152576,7 +156334,7 @@ ], "type": "object" }, - "AWS::MSK::Configuration": { + "AWS::IoTThingsGraph::FlowTemplate": { "additionalProperties": false, "properties": { "Condition": { @@ -152611,44 +156369,21 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the configuration.", - "title": "Description", - "type": "string" - }, - "KafkaVersionsList": { - "items": { - "type": "string" - }, - "markdownDescription": "The [versions of Apache Kafka](https://docs.aws.amazon.com/msk/latest/developerguide/supported-kafka-versions.html) with which you can use this MSK configuration.\n\nWhen you update the `KafkaVersionsList` property, AWS CloudFormation recreates a new configuration with the updated property before deleting the old configuration. Such an update requires a [resource replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) . To successfully update `KafkaVersionsList` , you must also update the `Name` property in the same operation.\n\nIf your configuration is attached with any clusters created using the AWS Management Console or AWS CLI , you'll need to manually delete the old configuration from the console after the update completes.\n\nFor more information, see [Can\u2019t update KafkaVersionsList in MSK configuration](https://docs.aws.amazon.com/msk/latest/developerguide/troubleshooting.html#troubleshoot-kafkaversionslist-cfn-update-failure) in the *Amazon MSK Developer Guide* .", - "title": "KafkaVersionsList", - "type": "array" - }, - "LatestRevision": { - "$ref": "#/definitions/AWS::MSK::Configuration.LatestRevision", - "markdownDescription": "Latest revision of the MSK configuration.", - "title": "LatestRevision" - }, - "Name": { - "markdownDescription": "The name of the configuration. Configuration names are strings that match the regex \"^[0-9A-Za-z][0-9A-Za-z-]{0,}$\".", - "title": "Name", - "type": "string" + "CompatibleNamespaceVersion": { + "type": "number" }, - "ServerProperties": { - "markdownDescription": "Contents of the `server.properties` file. When using the console, the SDK, or the AWS CLI , the contents of `server.properties` can be in plaintext.", - "title": "ServerProperties", - "type": "string" + "Definition": { + "$ref": "#/definitions/AWS::IoTThingsGraph::FlowTemplate.DefinitionDocument" } }, "required": [ - "Name", - "ServerProperties" + "Definition" ], "type": "object" }, "Type": { "enum": [ - "AWS::MSK::Configuration" + "AWS::IoTThingsGraph::FlowTemplate" ], "type": "string" }, @@ -152667,28 +156402,23 @@ ], "type": "object" }, - "AWS::MSK::Configuration.LatestRevision": { + "AWS::IoTThingsGraph::FlowTemplate.DefinitionDocument": { "additionalProperties": false, "properties": { - "CreationTime": { - "markdownDescription": "The time when the configuration revision was created.", - "title": "CreationTime", + "Language": { "type": "string" }, - "Description": { - "markdownDescription": "The description of the configuration revision.", - "title": "Description", + "Text": { "type": "string" - }, - "Revision": { - "markdownDescription": "The revision number.", - "title": "Revision", - "type": "number" } }, + "required": [ + "Language", + "Text" + ], "type": "object" }, - "AWS::MSK::Replicator": { + "AWS::IoTTwinMaker::ComponentType": { "additionalProperties": false, "properties": { "Condition": { @@ -152723,60 +156453,99 @@ "Properties": { "additionalProperties": false, "properties": { - "CurrentVersion": { + "ComponentTypeId": { + "markdownDescription": "The ID of the component type.", + "title": "ComponentTypeId", "type": "string" }, + "CompositeComponentTypes": { + "additionalProperties": false, + "markdownDescription": "Maps strings to `compositeComponentTypes` of the `componentType` . `CompositeComponentType` is referenced by `componentTypeId` .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.CompositeComponentType" + } + }, + "title": "CompositeComponentTypes", + "type": "object" + }, "Description": { - "markdownDescription": "A summary description of the replicator.", + "markdownDescription": "The description of the component type.", "title": "Description", "type": "string" }, - "KafkaClusters": { + "ExtendsFrom": { "items": { - "$ref": "#/definitions/AWS::MSK::Replicator.KafkaCluster" + "type": "string" }, - "markdownDescription": "Kafka Clusters to use in setting up sources / targets for replication.", - "title": "KafkaClusters", + "markdownDescription": "The name of the parent component type that this component type extends.", + "title": "ExtendsFrom", "type": "array" }, - "ReplicationInfoList": { - "items": { - "$ref": "#/definitions/AWS::MSK::Replicator.ReplicationInfo" + "Functions": { + "additionalProperties": false, + "markdownDescription": "An object that maps strings to the functions in the component type. Each string in the mapping must be unique to this object.\n\nFor information on the FunctionResponse object see the [FunctionResponse](https://docs.aws.amazon.com//iot-twinmaker/latest/apireference/API_FunctionResponse.html) API reference.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.Function" + } }, - "markdownDescription": "A list of replication configurations, where each configuration targets a given source cluster to target cluster replication flow.", - "title": "ReplicationInfoList", - "type": "array" + "title": "Functions", + "type": "object" }, - "ReplicatorName": { - "markdownDescription": "The name of the replicator. Alpha-numeric characters with '-' are allowed.", - "title": "ReplicatorName", - "type": "string" + "IsSingleton": { + "markdownDescription": "A boolean value that specifies whether an entity can have more than one component of this type.", + "title": "IsSingleton", + "type": "boolean" }, - "ServiceExecutionRoleArn": { - "markdownDescription": "The ARN of the IAM role used by the replicator to access resources in the customer's account (e.g source and target clusters)", - "title": "ServiceExecutionRoleArn", - "type": "string" + "PropertyDefinitions": { + "additionalProperties": false, + "markdownDescription": "An object that maps strings to the property definitions in the component type. Each string in the mapping must be unique to this object.\n\nFor information about the PropertyDefinitionResponse object, see the [PropertyDefinitionResponse](https://docs.aws.amazon.com//iot-twinmaker/latest/apireference/API_PropertyDefinitionResponse.html) API reference.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.PropertyDefinition" + } + }, + "title": "PropertyDefinitions", + "type": "object" + }, + "PropertyGroups": { + "additionalProperties": false, + "markdownDescription": "An object that maps strings to the property groups in the component type. Each string in the mapping must be unique to this object.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.PropertyGroup" + } + }, + "title": "PropertyGroups", + "type": "object" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "The ComponentType tags.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "List of tags to attach to created Replicator.", "title": "Tags", - "type": "array" + "type": "object" + }, + "WorkspaceId": { + "markdownDescription": "The ID of the workspace that contains the component type.", + "title": "WorkspaceId", + "type": "string" } }, "required": [ - "KafkaClusters", - "ReplicationInfoList", - "ReplicatorName", - "ServiceExecutionRoleArn" + "ComponentTypeId", + "WorkspaceId" ], "type": "object" }, "Type": { "enum": [ - "AWS::MSK::Replicator" + "AWS::IoTTwinMaker::ComponentType" ], "type": "string" }, @@ -152795,195 +156564,299 @@ ], "type": "object" }, - "AWS::MSK::Replicator.AmazonMskCluster": { + "AWS::IoTTwinMaker::ComponentType.CompositeComponentType": { "additionalProperties": false, "properties": { - "MskClusterArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an Amazon MSK cluster.", - "title": "MskClusterArn", + "ComponentTypeId": { + "markdownDescription": "The ID of the component type.", + "title": "ComponentTypeId", "type": "string" } }, - "required": [ - "MskClusterArn" - ], "type": "object" }, - "AWS::MSK::Replicator.ConsumerGroupReplication": { + "AWS::IoTTwinMaker::ComponentType.DataConnector": { "additionalProperties": false, "properties": { - "ConsumerGroupsToExclude": { - "items": { - "type": "string" - }, - "markdownDescription": "List of regular expression patterns indicating the consumer groups that should not be replicated.", - "title": "ConsumerGroupsToExclude", - "type": "array" - }, - "ConsumerGroupsToReplicate": { - "items": { - "type": "string" - }, - "markdownDescription": "List of regular expression patterns indicating the consumer groups to copy.", - "title": "ConsumerGroupsToReplicate", - "type": "array" - }, - "DetectAndCopyNewConsumerGroups": { - "markdownDescription": "Enables synchronization of consumer groups to target cluster.", - "title": "DetectAndCopyNewConsumerGroups", + "IsNative": { + "markdownDescription": "A boolean value that specifies whether the data connector is native to IoT TwinMaker.", + "title": "IsNative", "type": "boolean" }, - "SynchroniseConsumerGroupOffsets": { - "markdownDescription": "Enables synchronization of consumer group offsets to target cluster. The translated offsets will be written to topic __consumer_offsets.", - "title": "SynchroniseConsumerGroupOffsets", - "type": "boolean" + "Lambda": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.LambdaFunction", + "markdownDescription": "The Lambda function associated with the data connector.", + "title": "Lambda" } }, - "required": [ - "ConsumerGroupsToReplicate" - ], "type": "object" }, - "AWS::MSK::Replicator.KafkaCluster": { + "AWS::IoTTwinMaker::ComponentType.DataType": { "additionalProperties": false, "properties": { - "AmazonMskCluster": { - "$ref": "#/definitions/AWS::MSK::Replicator.AmazonMskCluster", - "markdownDescription": "Details of an Amazon MSK Cluster.", - "title": "AmazonMskCluster" + "AllowedValues": { + "items": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataValue" + }, + "markdownDescription": "The allowed values for this data type.", + "title": "AllowedValues", + "type": "array" }, - "VpcConfig": { - "$ref": "#/definitions/AWS::MSK::Replicator.KafkaClusterClientVpcConfig", - "markdownDescription": "Details of an Amazon VPC which has network connectivity to the Apache Kafka cluster.", - "title": "VpcConfig" + "NestedType": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataType", + "markdownDescription": "The nested type in the data type.", + "title": "NestedType" + }, + "Relationship": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.Relationship", + "markdownDescription": "A relationship that associates a component with another component.", + "title": "Relationship" + }, + "Type": { + "markdownDescription": "The underlying type of the data type.\n\nValid Values: `RELATIONSHIP | STRING | LONG | BOOLEAN | INTEGER | DOUBLE | LIST | MAP`", + "title": "Type", + "type": "string" + }, + "UnitOfMeasure": { + "markdownDescription": "The unit of measure used in this data type.", + "title": "UnitOfMeasure", + "type": "string" } }, "required": [ - "AmazonMskCluster", - "VpcConfig" + "Type" ], "type": "object" }, - "AWS::MSK::Replicator.KafkaClusterClientVpcConfig": { + "AWS::IoTTwinMaker::ComponentType.DataValue": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { + "BooleanValue": { + "markdownDescription": "A boolean value.", + "title": "BooleanValue", + "type": "boolean" + }, + "DoubleValue": { + "markdownDescription": "A double value.", + "title": "DoubleValue", + "type": "number" + }, + "Expression": { + "markdownDescription": "An expression that produces the value.", + "title": "Expression", + "type": "string" + }, + "IntegerValue": { + "markdownDescription": "An integer value.", + "title": "IntegerValue", + "type": "number" + }, + "ListValue": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataValue" }, - "markdownDescription": "The security groups to attach to the ENIs for the broker nodes.", - "title": "SecurityGroupIds", + "markdownDescription": "A list of multiple values.", + "title": "ListValue", "type": "array" }, - "SubnetIds": { - "items": { - "type": "string" + "LongValue": { + "markdownDescription": "A long value.", + "title": "LongValue", + "type": "number" + }, + "MapValue": { + "additionalProperties": false, + "markdownDescription": "An object that maps strings to multiple `DataValue` objects.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataValue" + } }, - "markdownDescription": "The list of subnets in the client VPC to connect to.", - "title": "SubnetIds", - "type": "array" + "title": "MapValue", + "type": "object" + }, + "RelationshipValue": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.RelationshipValue", + "markdownDescription": "A value that relates a component to another component.", + "title": "RelationshipValue" + }, + "StringValue": { + "markdownDescription": "A string value.", + "title": "StringValue", + "type": "string" } }, - "required": [ - "SubnetIds" - ], "type": "object" }, - "AWS::MSK::Replicator.ReplicationInfo": { + "AWS::IoTTwinMaker::ComponentType.Error": { "additionalProperties": false, "properties": { - "ConsumerGroupReplication": { - "$ref": "#/definitions/AWS::MSK::Replicator.ConsumerGroupReplication", - "markdownDescription": "Configuration relating to consumer group replication.", - "title": "ConsumerGroupReplication" - }, - "SourceKafkaClusterArn": { - "markdownDescription": "The ARN of the source Kafka cluster.", - "title": "SourceKafkaClusterArn", + "Code": { + "markdownDescription": "The component type error code.", + "title": "Code", "type": "string" }, - "TargetCompressionType": { - "markdownDescription": "The compression type to use when producing records to target cluster.", - "title": "TargetCompressionType", + "Message": { + "markdownDescription": "The component type error message.", + "title": "Message", "type": "string" + } + }, + "type": "object" + }, + "AWS::IoTTwinMaker::ComponentType.Function": { + "additionalProperties": false, + "properties": { + "ImplementedBy": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataConnector", + "markdownDescription": "The data connector.", + "title": "ImplementedBy" }, - "TargetKafkaClusterArn": { - "markdownDescription": "The ARN of the target Kafka cluster.", - "title": "TargetKafkaClusterArn", - "type": "string" + "RequiredProperties": { + "items": { + "type": "string" + }, + "markdownDescription": "The required properties of the function.", + "title": "RequiredProperties", + "type": "array" }, - "TopicReplication": { - "$ref": "#/definitions/AWS::MSK::Replicator.TopicReplication", - "markdownDescription": "Configuration relating to topic replication.", - "title": "TopicReplication" + "Scope": { + "markdownDescription": "The scope of the function.", + "title": "Scope", + "type": "string" } }, - "required": [ - "ConsumerGroupReplication", - "SourceKafkaClusterArn", - "TargetCompressionType", - "TargetKafkaClusterArn", - "TopicReplication" - ], "type": "object" }, - "AWS::MSK::Replicator.ReplicationStartingPosition": { + "AWS::IoTTwinMaker::ComponentType.LambdaFunction": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The type of replication starting position.", - "title": "Type", + "Arn": { + "markdownDescription": "The Lambda function ARN.", + "title": "Arn", "type": "string" } }, + "required": [ + "Arn" + ], "type": "object" }, - "AWS::MSK::Replicator.TopicReplication": { + "AWS::IoTTwinMaker::ComponentType.PropertyDefinition": { "additionalProperties": false, "properties": { - "CopyAccessControlListsForTopics": { - "markdownDescription": "Whether to periodically configure remote topic ACLs to match their corresponding upstream topics.", - "title": "CopyAccessControlListsForTopics", + "Configurations": { + "additionalProperties": true, + "markdownDescription": "A mapping that specifies configuration information about the property.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Configurations", + "type": "object" + }, + "DataType": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataType", + "markdownDescription": "", + "title": "DataType" + }, + "DefaultValue": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataValue", + "markdownDescription": "A boolean value that specifies whether the property ID comes from an external data store.", + "title": "DefaultValue" + }, + "IsExternalId": { + "markdownDescription": "A Boolean value that specifies whether the property ID comes from an external data source.", + "title": "IsExternalId", "type": "boolean" }, - "CopyTopicConfigurations": { - "markdownDescription": "Whether to periodically configure remote topics to match their corresponding upstream topics.", - "title": "CopyTopicConfigurations", + "IsRequiredInEntity": { + "markdownDescription": "A boolean value that specifies whether the property is required in an entity.", + "title": "IsRequiredInEntity", "type": "boolean" }, - "DetectAndCopyNewTopics": { - "markdownDescription": "Whether to periodically check for new topics and partitions.", - "title": "DetectAndCopyNewTopics", + "IsStoredExternally": { + "markdownDescription": "A boolean value that specifies whether the property is stored externally.", + "title": "IsStoredExternally", "type": "boolean" }, - "StartingPosition": { - "$ref": "#/definitions/AWS::MSK::Replicator.ReplicationStartingPosition", - "markdownDescription": "Specifies the position in the topics to start replicating from.", - "title": "StartingPosition" + "IsTimeSeries": { + "markdownDescription": "A boolean value that specifies whether the property consists of time series data.", + "title": "IsTimeSeries", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::IoTTwinMaker::ComponentType.PropertyGroup": { + "additionalProperties": false, + "properties": { + "GroupType": { + "markdownDescription": "The group type.", + "title": "GroupType", + "type": "string" }, - "TopicsToExclude": { + "PropertyNames": { "items": { "type": "string" }, - "markdownDescription": "List of regular expression patterns indicating the topics that should not be replicated.", - "title": "TopicsToExclude", + "markdownDescription": "The property names.", + "title": "PropertyNames", "type": "array" + } + }, + "type": "object" + }, + "AWS::IoTTwinMaker::ComponentType.Relationship": { + "additionalProperties": false, + "properties": { + "RelationshipType": { + "markdownDescription": "The type of the relationship.", + "title": "RelationshipType", + "type": "string" }, - "TopicsToReplicate": { - "items": { - "type": "string" - }, - "markdownDescription": "List of regular expression patterns indicating the topics to copy.", - "title": "TopicsToReplicate", - "type": "array" + "TargetComponentTypeId": { + "markdownDescription": "The ID of the target component type associated with this relationship.", + "title": "TargetComponentTypeId", + "type": "string" } }, - "required": [ - "TopicsToReplicate" - ], "type": "object" }, - "AWS::MSK::ServerlessCluster": { + "AWS::IoTTwinMaker::ComponentType.RelationshipValue": { + "additionalProperties": false, + "properties": { + "TargetComponentName": { + "markdownDescription": "The target component name.", + "title": "TargetComponentName", + "type": "string" + }, + "TargetEntityId": { + "markdownDescription": "The target entity Id.", + "title": "TargetEntityId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoTTwinMaker::ComponentType.Status": { + "additionalProperties": false, + "properties": { + "Error": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.Error", + "markdownDescription": "The component type error.", + "title": "Error" + }, + "State": { + "markdownDescription": "The component type status state.", + "title": "State", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoTTwinMaker::Entity": { "additionalProperties": false, "properties": { "Condition": { @@ -153018,19 +156891,51 @@ "Properties": { "additionalProperties": false, "properties": { - "ClientAuthentication": { - "$ref": "#/definitions/AWS::MSK::ServerlessCluster.ClientAuthentication", - "markdownDescription": "Includes all client authentication related information.", - "title": "ClientAuthentication" + "Components": { + "additionalProperties": false, + "markdownDescription": "An object that maps strings to the components in the entity. Each string in the mapping must be unique to this object.\n\nFor information on the component object see the [component](https://docs.aws.amazon.com//iot-twinmaker/latest/apireference/API_ComponentResponse.html) API reference.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Component" + } + }, + "title": "Components", + "type": "object" }, - "ClusterName": { - "markdownDescription": "The name of the cluster.", - "title": "ClusterName", + "CompositeComponents": { + "additionalProperties": false, + "markdownDescription": "Maps string to `compositeComponent` updates in the request. Each key of the map represents the `componentPath` of the `compositeComponent` .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.CompositeComponent" + } + }, + "title": "CompositeComponents", + "type": "object" + }, + "Description": { + "markdownDescription": "The description of the entity.", + "title": "Description", + "type": "string" + }, + "EntityId": { + "markdownDescription": "The ID of the entity.", + "title": "EntityId", + "type": "string" + }, + "EntityName": { + "markdownDescription": "The entity name.", + "title": "EntityName", + "type": "string" + }, + "ParentEntityId": { + "markdownDescription": "The ID of the parent entity.", + "title": "ParentEntityId", "type": "string" }, "Tags": { "additionalProperties": true, - "markdownDescription": "An arbitrary set of tags (key-value pairs) for the cluster.", + "markdownDescription": "Metadata that you can use to manage the entity.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" @@ -153039,25 +156944,21 @@ "title": "Tags", "type": "object" }, - "VpcConfigs": { - "items": { - "$ref": "#/definitions/AWS::MSK::ServerlessCluster.VpcConfig" - }, - "markdownDescription": "VPC configuration information for the serverless cluster.", - "title": "VpcConfigs", - "type": "array" + "WorkspaceId": { + "markdownDescription": "The ID of the workspace that contains the entity.", + "title": "WorkspaceId", + "type": "string" } }, "required": [ - "ClientAuthentication", - "ClusterName", - "VpcConfigs" + "EntityName", + "WorkspaceId" ], "type": "object" }, "Type": { "enum": [ - "AWS::MSK::ServerlessCluster" + "AWS::IoTTwinMaker::Entity" ], "type": "string" }, @@ -153076,74 +156977,368 @@ ], "type": "object" }, - "AWS::MSK::ServerlessCluster.ClientAuthentication": { + "AWS::IoTTwinMaker::Entity.Component": { "additionalProperties": false, "properties": { - "Sasl": { - "$ref": "#/definitions/AWS::MSK::ServerlessCluster.Sasl", - "markdownDescription": "Details for client authentication using SASL. To turn on SASL, you must also turn on `EncryptionInTransit` by setting `inCluster` to true. You must set `clientBroker` to either `TLS` or `TLS_PLAINTEXT` . If you choose `TLS_PLAINTEXT` , then you must also set `unauthenticated` to true.", - "title": "Sasl" + "ComponentName": { + "markdownDescription": "The name of the component.", + "title": "ComponentName", + "type": "string" + }, + "ComponentTypeId": { + "markdownDescription": "The ID of the component type.", + "title": "ComponentTypeId", + "type": "string" + }, + "DefinedIn": { + "markdownDescription": "The name of the property definition set in the request.", + "title": "DefinedIn", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the component.", + "title": "Description", + "type": "string" + }, + "Properties": { + "additionalProperties": false, + "markdownDescription": "An object that maps strings to the properties to set in the component type. Each string in the mapping must be unique to this object.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Property" + } + }, + "title": "Properties", + "type": "object" + }, + "PropertyGroups": { + "additionalProperties": false, + "markdownDescription": "An object that maps strings to the property groups in the component type. Each string in the mapping must be unique to this object.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.PropertyGroup" + } + }, + "title": "PropertyGroups", + "type": "object" + }, + "Status": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Status", + "markdownDescription": "The status of the component.", + "title": "Status" } }, - "required": [ - "Sasl" - ], "type": "object" }, - "AWS::MSK::ServerlessCluster.Iam": { + "AWS::IoTTwinMaker::Entity.CompositeComponent": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "SASL/IAM authentication is enabled or not.", - "title": "Enabled", - "type": "boolean" + "ComponentName": { + "markdownDescription": "The name of the component.", + "title": "ComponentName", + "type": "string" + }, + "ComponentPath": { + "markdownDescription": "The path to the composite component, starting from the top-level component.", + "title": "ComponentPath", + "type": "string" + }, + "ComponentTypeId": { + "markdownDescription": "The ID of the composite component type.", + "title": "ComponentTypeId", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the component type.", + "title": "Description", + "type": "string" + }, + "Properties": { + "additionalProperties": false, + "markdownDescription": "Map of strings to the properties in the component type. Each string in the mapping must be unique to this component.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Property" + } + }, + "title": "Properties", + "type": "object" + }, + "PropertyGroups": { + "additionalProperties": false, + "markdownDescription": "The property groups.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.PropertyGroup" + } + }, + "title": "PropertyGroups", + "type": "object" + }, + "Status": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Status", + "markdownDescription": "The current status of the composite component.", + "title": "Status" } }, - "required": [ - "Enabled" - ], "type": "object" }, - "AWS::MSK::ServerlessCluster.Sasl": { + "AWS::IoTTwinMaker::Entity.DataType": { "additionalProperties": false, "properties": { - "Iam": { - "$ref": "#/definitions/AWS::MSK::ServerlessCluster.Iam", - "markdownDescription": "Details for ClientAuthentication using IAM.", - "title": "Iam" + "AllowedValues": { + "items": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataValue" + }, + "markdownDescription": "The allowed values.", + "title": "AllowedValues", + "type": "array" + }, + "NestedType": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataType", + "markdownDescription": "The nested type.", + "title": "NestedType" + }, + "Relationship": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Relationship", + "markdownDescription": "The relationship.", + "title": "Relationship" + }, + "Type": { + "markdownDescription": "The entity type.", + "title": "Type", + "type": "string" + }, + "UnitOfMeasure": { + "markdownDescription": "The unit of measure.", + "title": "UnitOfMeasure", + "type": "string" } }, - "required": [ - "Iam" - ], "type": "object" }, - "AWS::MSK::ServerlessCluster.VpcConfig": { + "AWS::IoTTwinMaker::Entity.DataValue": { "additionalProperties": false, "properties": { - "SecurityGroups": { + "BooleanValue": { + "markdownDescription": "A boolean value.", + "title": "BooleanValue", + "type": "boolean" + }, + "DoubleValue": { + "markdownDescription": "A double value.", + "title": "DoubleValue", + "type": "number" + }, + "Expression": { + "markdownDescription": "An expression that produces the value.", + "title": "Expression", + "type": "string" + }, + "IntegerValue": { + "markdownDescription": "An integer value.", + "title": "IntegerValue", + "type": "number" + }, + "ListValue": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataValue" }, - "markdownDescription": "", - "title": "SecurityGroups", + "markdownDescription": "A list of multiple values.", + "title": "ListValue", "type": "array" }, - "SubnetIds": { + "LongValue": { + "markdownDescription": "A long value.", + "title": "LongValue", + "type": "number" + }, + "MapValue": { + "additionalProperties": false, + "markdownDescription": "An object that maps strings to multiple DataValue objects.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataValue" + } + }, + "title": "MapValue", + "type": "object" + }, + "RelationshipValue": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.RelationshipValue", + "markdownDescription": "A value that relates a component to another component.", + "title": "RelationshipValue" + }, + "StringValue": { + "markdownDescription": "A string value.", + "title": "StringValue", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoTTwinMaker::Entity.Definition": { + "additionalProperties": false, + "properties": { + "Configuration": { + "additionalProperties": true, + "markdownDescription": "The configuration.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Configuration", + "type": "object" + }, + "DataType": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataType", + "markdownDescription": "The data type", + "title": "DataType" + }, + "DefaultValue": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataValue", + "markdownDescription": "The default value.", + "title": "DefaultValue" + }, + "IsExternalId": { + "markdownDescription": "Displays if the entity has a external Id.", + "title": "IsExternalId", + "type": "boolean" + }, + "IsFinal": { + "markdownDescription": "Displays if the entity is final.", + "title": "IsFinal", + "type": "boolean" + }, + "IsImported": { + "markdownDescription": "Displays if the entity is imported.", + "title": "IsImported", + "type": "boolean" + }, + "IsInherited": { + "markdownDescription": "Displays if the entity is inherited.", + "title": "IsInherited", + "type": "boolean" + }, + "IsRequiredInEntity": { + "markdownDescription": "Displays if the entity is a required entity.", + "title": "IsRequiredInEntity", + "type": "boolean" + }, + "IsStoredExternally": { + "markdownDescription": "Displays if the entity is tored externally.", + "title": "IsStoredExternally", + "type": "boolean" + }, + "IsTimeSeries": { + "markdownDescription": "Displays if the entity", + "title": "IsTimeSeries", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::IoTTwinMaker::Entity.Error": { + "additionalProperties": false, + "properties": { + "Code": { + "markdownDescription": "The entity error code.", + "title": "Code", + "type": "string" + }, + "Message": { + "markdownDescription": "The entity error message.", + "title": "Message", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoTTwinMaker::Entity.Property": { + "additionalProperties": false, + "properties": { + "Definition": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Definition", + "markdownDescription": "An object that specifies information about a property.", + "title": "Definition" + }, + "Value": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataValue", + "markdownDescription": "An object that contains information about a value for a time series property.", + "title": "Value" + } + }, + "type": "object" + }, + "AWS::IoTTwinMaker::Entity.PropertyGroup": { + "additionalProperties": false, + "properties": { + "GroupType": { + "markdownDescription": "The group type.", + "title": "GroupType", + "type": "string" + }, + "PropertyNames": { "items": { "type": "string" }, - "markdownDescription": "", - "title": "SubnetIds", + "markdownDescription": "The property names.", + "title": "PropertyNames", "type": "array" } }, - "required": [ - "SubnetIds" - ], "type": "object" }, - "AWS::MSK::VpcConnection": { + "AWS::IoTTwinMaker::Entity.Relationship": { + "additionalProperties": false, + "properties": { + "RelationshipType": { + "markdownDescription": "The relationship type.", + "title": "RelationshipType", + "type": "string" + }, + "TargetComponentTypeId": { + "markdownDescription": "the component type Id target.", + "title": "TargetComponentTypeId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoTTwinMaker::Entity.RelationshipValue": { + "additionalProperties": false, + "properties": { + "TargetComponentName": { + "markdownDescription": "The target component name.", + "title": "TargetComponentName", + "type": "string" + }, + "TargetEntityId": { + "markdownDescription": "The target entity Id.", + "title": "TargetEntityId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoTTwinMaker::Entity.Status": { + "additionalProperties": false, + "properties": { + "Error": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Error", + "markdownDescription": "The error message.", + "title": "Error" + }, + "State": { + "markdownDescription": "The current state of the entity, component, component type, or workspace.\n\nValid Values: `CREATING | UPDATING | DELETING | ACTIVE | ERROR`", + "title": "State", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoTTwinMaker::Scene": { "additionalProperties": false, "properties": { "Condition": { @@ -153178,30 +157373,43 @@ "Properties": { "additionalProperties": false, "properties": { - "Authentication": { - "markdownDescription": "The type of private link authentication.", - "title": "Authentication", - "type": "string" - }, - "ClientSubnets": { + "Capabilities": { "items": { "type": "string" }, - "markdownDescription": "The list of subnets in the client VPC to connect to.", - "title": "ClientSubnets", + "markdownDescription": "A list of capabilities that the scene uses to render.", + "title": "Capabilities", "type": "array" }, - "SecurityGroups": { - "items": { - "type": "string" + "ContentLocation": { + "markdownDescription": "The relative path that specifies the location of the content definition file.", + "title": "ContentLocation", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of this scene.", + "title": "Description", + "type": "string" + }, + "SceneId": { + "markdownDescription": "The ID of the scene.", + "title": "SceneId", + "type": "string" + }, + "SceneMetadata": { + "additionalProperties": true, + "markdownDescription": "The scene metadata.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "The security groups to attach to the ENIs for the broker nodes.", - "title": "SecurityGroups", - "type": "array" + "title": "SceneMetadata", + "type": "object" }, "Tags": { "additionalProperties": true, - "markdownDescription": "An arbitrary set of tags (key-value pairs) you specify while creating the VPC connection.", + "markdownDescription": "The ComponentType tags.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" @@ -153210,29 +157418,22 @@ "title": "Tags", "type": "object" }, - "TargetClusterArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the cluster.", - "title": "TargetClusterArn", - "type": "string" - }, - "VpcId": { - "markdownDescription": "The VPC ID of the remote client.", - "title": "VpcId", + "WorkspaceId": { + "markdownDescription": "The ID of the workspace.", + "title": "WorkspaceId", "type": "string" } }, "required": [ - "Authentication", - "ClientSubnets", - "SecurityGroups", - "TargetClusterArn", - "VpcId" + "ContentLocation", + "SceneId", + "WorkspaceId" ], "type": "object" }, "Type": { "enum": [ - "AWS::MSK::VpcConnection" + "AWS::IoTTwinMaker::Scene" ], "type": "string" }, @@ -153251,7 +157452,7 @@ ], "type": "object" }, - "AWS::MWAA::Environment": { + "AWS::IoTTwinMaker::SyncJob": { "additionalProperties": false, "properties": { "Condition": { @@ -153286,130 +157487,43 @@ "Properties": { "additionalProperties": false, "properties": { - "AirflowConfigurationOptions": { - "markdownDescription": "A list of key-value pairs containing the Airflow configuration options for your environment. For example, `core.default_timezone: utc` . To learn more, see [Apache Airflow configuration options](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-env-variables.html) .", - "title": "AirflowConfigurationOptions", - "type": "object" - }, - "AirflowVersion": { - "markdownDescription": "The version of Apache Airflow to use for the environment. If no value is specified, defaults to the latest version.\n\nIf you specify a newer version number for an existing environment, the version update requires some service interruption before taking effect.\n\n*Allowed Values* : `1.10.12` | `2.0.2` | `2.2.2` | `2.4.3` | `2.5.1` | `2.6.3` | `2.7.2` | `2.8.1` | `2.9.2` | `2.10.1` (latest)", - "title": "AirflowVersion", - "type": "string" - }, - "DagS3Path": { - "markdownDescription": "The relative path to the DAGs folder on your Amazon S3 bucket. For example, `dags` . To learn more, see [Adding or updating DAGs](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-dag-folder.html) .", - "title": "DagS3Path", - "type": "string" - }, - "EndpointManagement": { - "markdownDescription": "Defines whether the VPC endpoints configured for the environment are created, and managed, by the customer or by Amazon MWAA. If set to `SERVICE` , Amazon MWAA will create and manage the required VPC endpoints in your VPC. If set to `CUSTOMER` , you must create, and manage, the VPC endpoints in your VPC.", - "title": "EndpointManagement", - "type": "string" - }, - "EnvironmentClass": { - "markdownDescription": "The environment class type. Valid values: `mw1.micro` , `mw1.small` , `mw1.medium` , `mw1.large` , `mw1.1large` , and `mw1.2large` . To learn more, see [Amazon MWAA environment class](https://docs.aws.amazon.com/mwaa/latest/userguide/environment-class.html) .", - "title": "EnvironmentClass", - "type": "string" - }, - "ExecutionRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the execution role in IAM that allows MWAA to access AWS resources in your environment. For example, `arn:aws:iam::123456789:role/my-execution-role` . To learn more, see [Amazon MWAA Execution role](https://docs.aws.amazon.com/mwaa/latest/userguide/mwaa-create-role.html) .", - "title": "ExecutionRoleArn", - "type": "string" - }, - "KmsKey": { - "markdownDescription": "The AWS Key Management Service (KMS) key to encrypt and decrypt the data in your environment. You can use an AWS KMS key managed by MWAA, or a customer-managed KMS key (advanced).", - "title": "KmsKey", - "type": "string" - }, - "LoggingConfiguration": { - "$ref": "#/definitions/AWS::MWAA::Environment.LoggingConfiguration", - "markdownDescription": "The Apache Airflow logs being sent to CloudWatch Logs: `DagProcessingLogs` , `SchedulerLogs` , `TaskLogs` , `WebserverLogs` , `WorkerLogs` .", - "title": "LoggingConfiguration" - }, - "MaxWorkers": { - "markdownDescription": "The maximum number of workers that you want to run in your environment. MWAA scales the number of Apache Airflow workers up to the number you specify in the `MaxWorkers` field. For example, `20` . When there are no more tasks running, and no more in the queue, MWAA disposes of the extra workers leaving the one worker that is included with your environment, or the number you specify in `MinWorkers` .", - "title": "MaxWorkers", - "type": "number" - }, - "MinWorkers": { - "markdownDescription": "The minimum number of workers that you want to run in your environment. MWAA scales the number of Apache Airflow workers up to the number you specify in the `MaxWorkers` field. When there are no more tasks running, and no more in the queue, MWAA disposes of the extra workers leaving the worker count you specify in the `MinWorkers` field. For example, `2` .", - "title": "MinWorkers", - "type": "number" - }, - "Name": { - "markdownDescription": "The name of your Amazon MWAA environment.", - "title": "Name", - "type": "string" - }, - "NetworkConfiguration": { - "$ref": "#/definitions/AWS::MWAA::Environment.NetworkConfiguration", - "markdownDescription": "The VPC networking components used to secure and enable network traffic between the AWS resources for your environment. To learn more, see [About networking on Amazon MWAA](https://docs.aws.amazon.com/mwaa/latest/userguide/networking-about.html) .", - "title": "NetworkConfiguration" - }, - "PluginsS3ObjectVersion": { - "markdownDescription": "The version of the plugins.zip file on your Amazon S3 bucket. To learn more, see [Installing custom plugins](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-dag-import-plugins.html) .", - "title": "PluginsS3ObjectVersion", - "type": "string" - }, - "PluginsS3Path": { - "markdownDescription": "The relative path to the `plugins.zip` file on your Amazon S3 bucket. For example, `plugins.zip` . To learn more, see [Installing custom plugins](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-dag-import-plugins.html) .", - "title": "PluginsS3Path", - "type": "string" - }, - "RequirementsS3ObjectVersion": { - "markdownDescription": "The version of the requirements.txt file on your Amazon S3 bucket. To learn more, see [Installing Python dependencies](https://docs.aws.amazon.com/mwaa/latest/userguide/working-dags-dependencies.html) .", - "title": "RequirementsS3ObjectVersion", - "type": "string" - }, - "RequirementsS3Path": { - "markdownDescription": "The relative path to the `requirements.txt` file on your Amazon S3 bucket. For example, `requirements.txt` . To learn more, see [Installing Python dependencies](https://docs.aws.amazon.com/mwaa/latest/userguide/working-dags-dependencies.html) .", - "title": "RequirementsS3Path", - "type": "string" - }, - "Schedulers": { - "markdownDescription": "The number of schedulers that you want to run in your environment. Valid values:\n\n- *v2* - For environments larger than mw1.micro, accepts values from 2 to 5. Defaults to 2 for all environment sizes except mw1.micro, which defaults to 1.\n- *v1* - Accepts 1.", - "title": "Schedulers", - "type": "number" - }, - "SourceBucketArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon S3 bucket where your DAG code and supporting files are stored. For example, `arn:aws:s3:::my-airflow-bucket-unique-name` . To learn more, see [Create an Amazon S3 bucket for Amazon MWAA](https://docs.aws.amazon.com/mwaa/latest/userguide/mwaa-s3-bucket.html) .", - "title": "SourceBucketArn", - "type": "string" - }, - "StartupScriptS3ObjectVersion": { - "markdownDescription": "The version of the startup shell script in your Amazon S3 bucket. You must specify the [version ID](https://docs.aws.amazon.com/AmazonS3/latest/userguide/versioning-workflows.html) that Amazon S3 assigns to the file every time you update the script.\n\nVersion IDs are Unicode, UTF-8 encoded, URL-ready, opaque strings that are no more than 1,024 bytes long. The following is an example:\n\n`3sL4kqtJlcpXroDTDmJ+rmSpXd3dIbrHY+MTRCxf3vjVBH40Nr8X8gdRQBpUMLUo`\n\nFor more information, see [Using a startup script](https://docs.aws.amazon.com/mwaa/latest/userguide/using-startup-script.html) .", - "title": "StartupScriptS3ObjectVersion", + "SyncRole": { + "markdownDescription": "The SyncJob IAM role. This IAM role is used by the sync job to read from the syncSource, and create, update or delete the corresponding resources.", + "title": "SyncRole", "type": "string" }, - "StartupScriptS3Path": { - "markdownDescription": "The relative path to the startup shell script in your Amazon S3 bucket. For example, `s3://mwaa-environment/startup.sh` .\n\nAmazon MWAA runs the script as your environment starts, and before running the Apache Airflow process. You can use this script to install dependencies, modify Apache Airflow configuration options, and set environment variables. For more information, see [Using a startup script](https://docs.aws.amazon.com/mwaa/latest/userguide/using-startup-script.html) .", - "title": "StartupScriptS3Path", + "SyncSource": { + "markdownDescription": "The sync source.\n\n> Currently the only supported syncSoucre is `SITEWISE` .", + "title": "SyncSource", "type": "string" }, "Tags": { - "markdownDescription": "The key-value tag pairs associated to your environment. For example, `\"Environment\": \"Staging\"` . To learn more, see [Tagging](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .\n\nIf you specify new tags for an existing environment, the update requires service interruption before taking effect.", + "additionalProperties": true, + "markdownDescription": "Metadata you can use to manage the SyncJob.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, "title": "Tags", "type": "object" }, - "WebserverAccessMode": { - "markdownDescription": "The Apache Airflow *Web server* access mode. To learn more, see [Apache Airflow access modes](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-networking.html) . Valid values: `PRIVATE_ONLY` or `PUBLIC_ONLY` .", - "title": "WebserverAccessMode", - "type": "string" - }, - "WeeklyMaintenanceWindowStart": { - "markdownDescription": "The day and time of the week to start weekly maintenance updates of your environment in the following format: `DAY:HH:MM` . For example: `TUE:03:30` . You can specify a start time in 30 minute increments only. Supported input includes the following:\n\n- MON|TUE|WED|THU|FRI|SAT|SUN:([01]\\\\d|2[0-3]):(00|30)", - "title": "WeeklyMaintenanceWindowStart", + "WorkspaceId": { + "markdownDescription": "The ID of the workspace that contains the sync job.", + "title": "WorkspaceId", "type": "string" } }, "required": [ - "Name" + "SyncRole", + "SyncSource", + "WorkspaceId" ], "type": "object" }, "Type": { "enum": [ - "AWS::MWAA::Environment" + "AWS::IoTTwinMaker::SyncJob" ], "type": "string" }, @@ -153428,81 +157542,7 @@ ], "type": "object" }, - "AWS::MWAA::Environment.LoggingConfiguration": { - "additionalProperties": false, - "properties": { - "DagProcessingLogs": { - "$ref": "#/definitions/AWS::MWAA::Environment.ModuleLoggingConfiguration", - "markdownDescription": "Defines the processing logs sent to CloudWatch Logs and the logging level to send.", - "title": "DagProcessingLogs" - }, - "SchedulerLogs": { - "$ref": "#/definitions/AWS::MWAA::Environment.ModuleLoggingConfiguration", - "markdownDescription": "Defines the scheduler logs sent to CloudWatch Logs and the logging level to send.", - "title": "SchedulerLogs" - }, - "TaskLogs": { - "$ref": "#/definitions/AWS::MWAA::Environment.ModuleLoggingConfiguration", - "markdownDescription": "Defines the task logs sent to CloudWatch Logs and the logging level to send.", - "title": "TaskLogs" - }, - "WebserverLogs": { - "$ref": "#/definitions/AWS::MWAA::Environment.ModuleLoggingConfiguration", - "markdownDescription": "Defines the web server logs sent to CloudWatch Logs and the logging level to send.", - "title": "WebserverLogs" - }, - "WorkerLogs": { - "$ref": "#/definitions/AWS::MWAA::Environment.ModuleLoggingConfiguration", - "markdownDescription": "Defines the worker logs sent to CloudWatch Logs and the logging level to send.", - "title": "WorkerLogs" - } - }, - "type": "object" - }, - "AWS::MWAA::Environment.ModuleLoggingConfiguration": { - "additionalProperties": false, - "properties": { - "CloudWatchLogGroupArn": { - "markdownDescription": "The ARN of the CloudWatch Logs log group for each type of Apache Airflow log type that you have enabled.\n\n> `CloudWatchLogGroupArn` is available only as a return value, accessible when specified as an attribute in the [`Fn:GetAtt`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mwaa-environment.html#aws-resource-mwaa-environment-return-values) intrinsic function. Any value you provide for `CloudWatchLogGroupArn` is discarded by Amazon MWAA.", - "title": "CloudWatchLogGroupArn", - "type": "string" - }, - "Enabled": { - "markdownDescription": "Indicates whether to enable the Apache Airflow log type (e.g. `DagProcessingLogs` ) in CloudWatch Logs.", - "title": "Enabled", - "type": "boolean" - }, - "LogLevel": { - "markdownDescription": "Defines the Apache Airflow logs to send for the log type (e.g. `DagProcessingLogs` ) to CloudWatch Logs. Valid values: `CRITICAL` , `ERROR` , `WARNING` , `INFO` .", - "title": "LogLevel", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MWAA::Environment.NetworkConfiguration": { - "additionalProperties": false, - "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of one or more security group IDs. Accepts up to 5 security group IDs. A security group must be attached to the same VPC as the subnets. To learn more, see [Security in your VPC on Amazon MWAA](https://docs.aws.amazon.com/mwaa/latest/userguide/vpc-security.html) .", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of subnet IDs. *Required* to create an environment. Must be private subnets in two different availability zones. A subnet must be attached to the same VPC as the security group. To learn more, see [About networking on Amazon MWAA](https://docs.aws.amazon.com/mwaa/latest/userguide/networking-about.html) .", - "title": "SubnetIds", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Macie::AllowList": { + "AWS::IoTTwinMaker::Workspace": { "additionalProperties": false, "properties": { "Condition": { @@ -153537,39 +157577,48 @@ "Properties": { "additionalProperties": false, "properties": { - "Criteria": { - "$ref": "#/definitions/AWS::Macie::AllowList.Criteria", - "markdownDescription": "The criteria that specify the text or text pattern to ignore. The criteria can be the location and name of an Amazon S3 object that lists specific text to ignore ( `S3WordsList` ), or a regular expression ( `Regex` ) that defines a text pattern to ignore.", - "title": "Criteria" - }, "Description": { - "markdownDescription": "A custom description of the allow list. The description can contain 1-512 characters.", + "markdownDescription": "The description of the workspace.", "title": "Description", "type": "string" }, - "Name": { - "markdownDescription": "A custom name for the allow list. The name can contain 1-128 characters.", - "title": "Name", + "Role": { + "markdownDescription": "The ARN of the execution role associated with the workspace.", + "title": "Role", + "type": "string" + }, + "S3Location": { + "markdownDescription": "The ARN of the S3 bucket where resources associated with the workspace are stored.", + "title": "S3Location", "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "Metadata that you can use to manage the workspace.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "An array of key-value pairs to apply to the allow list.\n\nFor more information, see [Resource tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", - "type": "array" + "type": "object" + }, + "WorkspaceId": { + "markdownDescription": "The ID of the workspace.", + "title": "WorkspaceId", + "type": "string" } }, "required": [ - "Criteria", - "Name" + "Role", + "S3Location", + "WorkspaceId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Macie::AllowList" + "AWS::IoTTwinMaker::Workspace" ], "type": "string" }, @@ -153588,43 +157637,7 @@ ], "type": "object" }, - "AWS::Macie::AllowList.Criteria": { - "additionalProperties": false, - "properties": { - "Regex": { - "markdownDescription": "The regular expression ( *regex* ) that defines the text pattern to ignore. The expression can contain 1-512 characters.", - "title": "Regex", - "type": "string" - }, - "S3WordsList": { - "$ref": "#/definitions/AWS::Macie::AllowList.S3WordsList", - "markdownDescription": "The location and name of an Amazon S3 object that lists specific text to ignore.", - "title": "S3WordsList" - } - }, - "type": "object" - }, - "AWS::Macie::AllowList.S3WordsList": { - "additionalProperties": false, - "properties": { - "BucketName": { - "markdownDescription": "The full name of the S3 bucket that contains the object. This value correlates to the `Name` field of a bucket's properties in Amazon S3 .\n\nThis value is case sensitive. In addition, don't use wildcard characters or specify partial values for the name.", - "title": "BucketName", - "type": "string" - }, - "ObjectKey": { - "markdownDescription": "The full name of the S3 object. This value correlates to the `Key` field of an object's properties in Amazon S3 . If the name includes a path, include the complete path. For example, `AllowLists/Macie/MyList.txt` .\n\nThis value is case sensitive. In addition, don't use wildcard characters or specify partial values for the name.", - "title": "ObjectKey", - "type": "string" - } - }, - "required": [ - "BucketName", - "ObjectKey" - ], - "type": "object" - }, - "AWS::Macie::CustomDataIdentifier": { + "AWS::IoTWireless::Destination": { "additionalProperties": false, "properties": { "Condition": { @@ -153660,59 +157673,49 @@ "additionalProperties": false, "properties": { "Description": { - "markdownDescription": "A custom description of the custom data identifier. The description can contain 1-512 characters.\n\nAvoid including sensitive data in the description. Users of the account might be able to see the description, depending on the actions that they're allowed to perform in Amazon Macie .", + "markdownDescription": "The description of the new resource. Maximum length is 2048 characters.", "title": "Description", "type": "string" }, - "IgnoreWords": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of character sequences ( *ignore words* ) to exclude from the results. If text matches the regular expression ( `Regex` ) but it contains a string in this array, Amazon Macie ignores the text and doesn't include it in the results.\n\nThe array can contain 1-10 ignore words. Each ignore word can contain 4-90 UTF-8 characters. Ignore words are case sensitive.", - "title": "IgnoreWords", - "type": "array" - }, - "Keywords": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of character sequences ( *keywords* ), one of which must precede and be in proximity ( `MaximumMatchDistance` ) of the regular expression ( `Regex` ) to match.\n\nThe array can contain 1-50 keywords. Each keyword can contain 3-90 UTF-8 characters. Keywords aren't case sensitive.", - "title": "Keywords", - "type": "array" + "Expression": { + "markdownDescription": "The rule name to send messages to.", + "title": "Expression", + "type": "string" }, - "MaximumMatchDistance": { - "markdownDescription": "The maximum number of characters that can exist between the end of at least one complete character sequence specified by the `Keywords` array and the end of text that matches the regular expression ( `Regex` ). If a complete keyword precedes all the text that matches the regular expression and the keyword is within the specified distance, Amazon Macie includes the result.\n\nThe distance can be 1-300 characters. The default value is 50.", - "title": "MaximumMatchDistance", - "type": "number" + "ExpressionType": { + "markdownDescription": "The type of value in `Expression` .", + "title": "ExpressionType", + "type": "string" }, "Name": { - "markdownDescription": "A custom name for the custom data identifier. The name can contain 1-128 characters.\n\nAvoid including sensitive data in the name of a custom data identifier. Users of the account might be able to see the name, depending on the actions that they're allowed to perform in Amazon Macie .", + "markdownDescription": "The name of the new resource.", "title": "Name", "type": "string" }, - "Regex": { - "markdownDescription": "The regular expression ( *regex* ) that defines the text pattern to match. The expression can contain 1-512 characters.", - "title": "Regex", + "RoleArn": { + "markdownDescription": "The ARN of the IAM Role that authorizes the destination.", + "title": "RoleArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to the custom data identifier.\n\nFor more information, see [Resource tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", "title": "Tags", "type": "array" } }, "required": [ - "Name", - "Regex" + "Expression", + "ExpressionType", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Macie::CustomDataIdentifier" + "AWS::IoTWireless::Destination" ], "type": "string" }, @@ -153731,7 +157734,7 @@ ], "type": "object" }, - "AWS::Macie::FindingsFilter": { + "AWS::IoTWireless::DeviceProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -153766,49 +157769,30 @@ "Properties": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The action to perform on findings that match the filter criteria ( `FindingCriteria` ). Valid values are:\n\n- `ARCHIVE` - Suppress (automatically archive) the findings.\n- `NOOP` - Don't perform any action on the findings.", - "title": "Action", - "type": "string" - }, - "Description": { - "markdownDescription": "A custom description of the findings filter. The description can contain 1-512 characters.\n\nAvoid including sensitive data in the description. Users of the account might be able to see the description, depending on the actions that they're allowed to perform in Amazon Macie .", - "title": "Description", - "type": "string" - }, - "FindingCriteria": { - "$ref": "#/definitions/AWS::Macie::FindingsFilter.FindingCriteria", - "markdownDescription": "The criteria to use to filter findings.", - "title": "FindingCriteria" + "LoRaWAN": { + "$ref": "#/definitions/AWS::IoTWireless::DeviceProfile.LoRaWANDeviceProfile", + "markdownDescription": "LoRaWAN device profile object.", + "title": "LoRaWAN" }, "Name": { - "markdownDescription": "A custom name for the findings filter. The name can contain 3-64 characters.\n\nAvoid including sensitive data in the name. Users of the account might be able to see the name, depending on the actions that they're allowed to perform in Amazon Macie .", + "markdownDescription": "The name of the new resource.", "title": "Name", "type": "string" }, - "Position": { - "markdownDescription": "The position of the findings filter in the list of saved filter rules on the Amazon Macie console. This value also determines the order in which the filter is applied to findings, relative to other filters that are also applied to findings.", - "title": "Position", - "type": "number" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to the findings filter.\n\nFor more information, see [Resource tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", "title": "Tags", "type": "array" } }, - "required": [ - "FindingCriteria", - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Macie::FindingsFilter" + "AWS::IoTWireless::DeviceProfile" ], "type": "string" }, @@ -153822,71 +157806,115 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Macie::FindingsFilter.CriterionAdditionalProperties": { + "AWS::IoTWireless::DeviceProfile.LoRaWANDeviceProfile": { "additionalProperties": false, "properties": { - "eq": { + "ClassBTimeout": { + "markdownDescription": "The ClassBTimeout value.", + "title": "ClassBTimeout", + "type": "number" + }, + "ClassCTimeout": { + "markdownDescription": "The ClassCTimeout value.", + "title": "ClassCTimeout", + "type": "number" + }, + "FactoryPresetFreqsList": { "items": { - "type": "string" + "type": "number" }, - "markdownDescription": "The value for the specified property matches (equals) the specified value. If you specify multiple values, Amazon Macie uses OR logic to join the values.", - "title": "eq", + "markdownDescription": "The list of values that make up the FactoryPresetFreqs value. Valid range of values include a minimum value of 1000000 and a maximum value of 16700000.", + "title": "FactoryPresetFreqsList", "type": "array" }, - "gt": { - "markdownDescription": "The value for the specified property is greater than the specified value.", - "title": "gt", + "MacVersion": { + "markdownDescription": "The MAC version (such as OTAA 1.1 or OTAA 1.0.3) to use with this device profile.", + "title": "MacVersion", + "type": "string" + }, + "MaxDutyCycle": { + "markdownDescription": "The MaxDutyCycle value.", + "title": "MaxDutyCycle", "type": "number" }, - "gte": { - "markdownDescription": "The value for the specified property is greater than or equal to the specified value.", - "title": "gte", + "MaxEirp": { + "markdownDescription": "The MaxEIRP value.", + "title": "MaxEirp", "type": "number" }, - "lt": { - "markdownDescription": "The value for the specified property is less than the specified value.", - "title": "lt", + "PingSlotDr": { + "markdownDescription": "The PingSlotDR value.", + "title": "PingSlotDr", "type": "number" }, - "lte": { - "markdownDescription": "The value for the specified property is less than or equal to the specified value.", - "title": "lte", + "PingSlotFreq": { + "markdownDescription": "The PingSlotFreq value.", + "title": "PingSlotFreq", "type": "number" }, - "neq": { - "items": { - "type": "string" - }, - "markdownDescription": "The value for the specified property doesn't match (doesn't equal) the specified value. If you specify multiple values, Amazon Macie uses OR logic to join the values.", - "title": "neq", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Macie::FindingsFilter.FindingCriteria": { - "additionalProperties": false, - "properties": { - "Criterion": { - "additionalProperties": false, - "markdownDescription": "Specifies a condition that defines the property, operator, and one or more values to use to filter the results.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::Macie::FindingsFilter.CriterionAdditionalProperties" - } - }, - "title": "Criterion", - "type": "object" + "PingSlotPeriod": { + "markdownDescription": "The PingSlotPeriod value.", + "title": "PingSlotPeriod", + "type": "number" + }, + "RegParamsRevision": { + "markdownDescription": "The version of regional parameters.", + "title": "RegParamsRevision", + "type": "string" + }, + "RfRegion": { + "markdownDescription": "The frequency band (RFRegion) value.", + "title": "RfRegion", + "type": "string" + }, + "RxDataRate2": { + "markdownDescription": "The RXDataRate2 value.", + "title": "RxDataRate2", + "type": "number" + }, + "RxDelay1": { + "markdownDescription": "The RXDelay1 value.", + "title": "RxDelay1", + "type": "number" + }, + "RxDrOffset1": { + "markdownDescription": "The RXDROffset1 value.", + "title": "RxDrOffset1", + "type": "number" + }, + "RxFreq2": { + "markdownDescription": "The RXFreq2 value.", + "title": "RxFreq2", + "type": "number" + }, + "Supports32BitFCnt": { + "markdownDescription": "The Supports32BitFCnt value.", + "title": "Supports32BitFCnt", + "type": "boolean" + }, + "SupportsClassB": { + "markdownDescription": "The SupportsClassB value.", + "title": "SupportsClassB", + "type": "boolean" + }, + "SupportsClassC": { + "markdownDescription": "The SupportsClassC value.", + "title": "SupportsClassC", + "type": "boolean" + }, + "SupportsJoin": { + "markdownDescription": "The SupportsJoin value.", + "title": "SupportsJoin", + "type": "boolean" } }, "type": "object" }, - "AWS::Macie::Session": { + "AWS::IoTWireless::FuotaTask": { "additionalProperties": false, "properties": { "Condition": { @@ -153921,22 +157949,70 @@ "Properties": { "additionalProperties": false, "properties": { - "FindingPublishingFrequency": { - "markdownDescription": "Specifies how often Amazon Macie publishes updates to policy findings for the account. This includes publishing updates to AWS Security Hub and Amazon EventBridge (formerly Amazon CloudWatch Events ). Valid values are:\n\n- FIFTEEN_MINUTES\n- ONE_HOUR\n- SIX_HOURS", - "title": "FindingPublishingFrequency", + "AssociateMulticastGroup": { + "markdownDescription": "The ID of the multicast group to associate with a FUOTA task.", + "title": "AssociateMulticastGroup", "type": "string" }, - "Status": { - "markdownDescription": "The status of Amazon Macie for the account. Valid values are: `ENABLED` , start or resume Macie activities for the account; and, `PAUSED` , suspend Macie activities for the account.", - "title": "Status", + "AssociateWirelessDevice": { + "markdownDescription": "The ID of the wireless device to associate with a multicast group.", + "title": "AssociateWirelessDevice", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the new resource.", + "title": "Description", + "type": "string" + }, + "DisassociateMulticastGroup": { + "markdownDescription": "The ID of the multicast group to disassociate from a FUOTA task.", + "title": "DisassociateMulticastGroup", + "type": "string" + }, + "DisassociateWirelessDevice": { + "markdownDescription": "The ID of the wireless device to disassociate from a FUOTA task.", + "title": "DisassociateWirelessDevice", + "type": "string" + }, + "FirmwareUpdateImage": { + "markdownDescription": "The S3 URI points to a firmware update image that is to be used with a FUOTA task.", + "title": "FirmwareUpdateImage", "type": "string" + }, + "FirmwareUpdateRole": { + "markdownDescription": "The firmware update role that is to be used with a FUOTA task.", + "title": "FirmwareUpdateRole", + "type": "string" + }, + "LoRaWAN": { + "$ref": "#/definitions/AWS::IoTWireless::FuotaTask.LoRaWAN", + "markdownDescription": "The LoRaWAN information used with a FUOTA task.", + "title": "LoRaWAN" + }, + "Name": { + "markdownDescription": "The name of a FUOTA task.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", + "title": "Tags", + "type": "array" } }, + "required": [ + "FirmwareUpdateImage", + "FirmwareUpdateRole", + "LoRaWAN" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Macie::Session" + "AWS::IoTWireless::FuotaTask" ], "type": "string" }, @@ -153950,11 +158026,31 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::ManagedBlockchain::Accessor": { + "AWS::IoTWireless::FuotaTask.LoRaWAN": { + "additionalProperties": false, + "properties": { + "RfRegion": { + "markdownDescription": "The frequency band (RFRegion) value.", + "title": "RfRegion", + "type": "string" + }, + "StartTime": { + "markdownDescription": "Start time of a FUOTA task.", + "title": "StartTime", + "type": "string" + } + }, + "required": [ + "RfRegion" + ], + "type": "object" + }, + "AWS::IoTWireless::MulticastGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -153989,33 +158085,48 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessorType": { - "markdownDescription": "The type of the accessor.\n\n> Currently, accessor type is restricted to `BILLING_TOKEN` .", - "title": "AccessorType", + "AssociateWirelessDevice": { + "markdownDescription": "The ID of the wireless device to associate with a multicast group.", + "title": "AssociateWirelessDevice", "type": "string" }, - "NetworkType": { - "markdownDescription": "The blockchain network that the `Accessor` token is created for.\n\n> We recommend using the appropriate `networkType` value for the blockchain network that you are creating the `Accessor` token for. You cannot use the value `ETHEREUM_MAINNET_AND_GOERLI` to specify a `networkType` for your Accessor token.\n> \n> The default value of `ETHEREUM_MAINNET_AND_GOERLI` is only applied:\n> \n> - when the `CreateAccessor` action does not set a `networkType` .\n> - to all existing `Accessor` tokens that were created before the `networkType` property was introduced.", - "title": "NetworkType", + "Description": { + "markdownDescription": "The description of the multicast group.", + "title": "Description", + "type": "string" + }, + "DisassociateWirelessDevice": { + "markdownDescription": "The ID of the wireless device to disassociate from a multicast group.", + "title": "DisassociateWirelessDevice", + "type": "string" + }, + "LoRaWAN": { + "$ref": "#/definitions/AWS::IoTWireless::MulticastGroup.LoRaWAN", + "markdownDescription": "The LoRaWAN information that is to be used with the multicast group.", + "title": "LoRaWAN" + }, + "Name": { + "markdownDescription": "The name of the multicast group.", + "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags assigned to the Accessor.\n\nFor more information about tags, see [Tagging Resources](https://docs.aws.amazon.com/managed-blockchain/latest/ethereum-dev/tagging-resources.html) in the *Amazon Managed Blockchain Ethereum Developer Guide* , or [Tagging Resources](https://docs.aws.amazon.com/managed-blockchain/latest/hyperledger-fabric-dev/tagging-resources.html) in the *Amazon Managed Blockchain Hyperledger Fabric Developer Guide* .", + "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", "title": "Tags", "type": "array" } }, "required": [ - "AccessorType" + "LoRaWAN" ], "type": "object" }, "Type": { "enum": [ - "AWS::ManagedBlockchain::Accessor" + "AWS::IoTWireless::MulticastGroup" ], "type": "string" }, @@ -154034,7 +158145,37 @@ ], "type": "object" }, - "AWS::ManagedBlockchain::Member": { + "AWS::IoTWireless::MulticastGroup.LoRaWAN": { + "additionalProperties": false, + "properties": { + "DlClass": { + "markdownDescription": "DlClass for LoRaWAN. Valid values are ClassB and ClassC.", + "title": "DlClass", + "type": "string" + }, + "NumberOfDevicesInGroup": { + "markdownDescription": "Number of devices that are associated to the multicast group.", + "title": "NumberOfDevicesInGroup", + "type": "number" + }, + "NumberOfDevicesRequested": { + "markdownDescription": "Number of devices that are requested to be associated with the multicast group.", + "title": "NumberOfDevicesRequested", + "type": "number" + }, + "RfRegion": { + "markdownDescription": "The frequency band (RFRegion) value.", + "title": "RfRegion", + "type": "string" + } + }, + "required": [ + "DlClass", + "RfRegion" + ], + "type": "object" + }, + "AWS::IoTWireless::NetworkAnalyzerConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -154069,35 +158210,54 @@ "Properties": { "additionalProperties": false, "properties": { - "InvitationId": { - "markdownDescription": "The unique identifier of the invitation to join the network sent to the account that creates the member.", - "title": "InvitationId", + "Description": { + "markdownDescription": "The description of the resource.", + "title": "Description", "type": "string" }, - "MemberConfiguration": { - "$ref": "#/definitions/AWS::ManagedBlockchain::Member.MemberConfiguration", - "markdownDescription": "Configuration properties of the member.", - "title": "MemberConfiguration" + "Name": { + "markdownDescription": "Name of the network analyzer configuration.", + "title": "Name", + "type": "string" }, - "NetworkConfiguration": { - "$ref": "#/definitions/AWS::ManagedBlockchain::Member.NetworkConfiguration", - "markdownDescription": "Configuration properties of the network to which the member belongs.", - "title": "NetworkConfiguration" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to attach to the specified resource. Tags are metadata that you can use to manage a resource.", + "title": "Tags", + "type": "array" }, - "NetworkId": { - "markdownDescription": "The unique identifier of the network to which the member belongs.", - "title": "NetworkId", - "type": "string" + "TraceContent": { + "$ref": "#/definitions/AWS::IoTWireless::NetworkAnalyzerConfiguration.TraceContent", + "markdownDescription": "Trace content for your wireless gateway and wireless device resources.", + "title": "TraceContent" + }, + "WirelessDevices": { + "items": { + "type": "string" + }, + "markdownDescription": "Wireless device resources to add to the network analyzer configuration. Provide the `WirelessDeviceId` of the resource to add in the input array.", + "title": "WirelessDevices", + "type": "array" + }, + "WirelessGateways": { + "items": { + "type": "string" + }, + "markdownDescription": "Wireless gateway resources to add to the network analyzer configuration. Provide the `WirelessGatewayId` of the resource to add in the input array.", + "title": "WirelessGateways", + "type": "array" } }, "required": [ - "MemberConfiguration" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::ManagedBlockchain::Member" + "AWS::IoTWireless::NetworkAnalyzerConfiguration" ], "type": "string" }, @@ -154116,161 +158276,165 @@ ], "type": "object" }, - "AWS::ManagedBlockchain::Member.ApprovalThresholdPolicy": { + "AWS::IoTWireless::NetworkAnalyzerConfiguration.TraceContent": { "additionalProperties": false, "properties": { - "ProposalDurationInHours": { - "markdownDescription": "The duration from the time that a proposal is created until it expires. If members cast neither the required number of `YES` votes to approve the proposal nor the number of `NO` votes required to reject it before the duration expires, the proposal is `EXPIRED` and `ProposalActions` aren't carried out.", - "title": "ProposalDurationInHours", - "type": "number" - }, - "ThresholdComparator": { - "markdownDescription": "Determines whether the vote percentage must be greater than the `ThresholdPercentage` or must be greater than or equal to the `ThresholdPercentage` to be approved.", - "title": "ThresholdComparator", + "LogLevel": { + "markdownDescription": "The log level for a log message. The log levels can be disabled, or set to `ERROR` to display less verbose logs containing only error information, or to `INFO` for more detailed logs", + "title": "LogLevel", "type": "string" }, - "ThresholdPercentage": { - "markdownDescription": "The percentage of votes among all members that must be `YES` for a proposal to be approved. For example, a `ThresholdPercentage` value of `50` indicates 50%. The `ThresholdComparator` determines the precise comparison. If a `ThresholdPercentage` value of `50` is specified on a network with 10 members, along with a `ThresholdComparator` value of `GREATER_THAN` , this indicates that 6 `YES` votes are required for the proposal to be approved.", - "title": "ThresholdPercentage", - "type": "number" + "WirelessDeviceFrameInfo": { + "markdownDescription": "`FrameInfo` of your wireless device resources for the trace content. Use FrameInfo to debug the communication between your LoRaWAN end devices and the network server.", + "title": "WirelessDeviceFrameInfo", + "type": "string" } }, "type": "object" }, - "AWS::ManagedBlockchain::Member.MemberConfiguration": { + "AWS::IoTWireless::PartnerAccount": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "An optional description of the member.", - "title": "Description", + "Condition": { "type": "string" }, - "MemberFrameworkConfiguration": { - "$ref": "#/definitions/AWS::ManagedBlockchain::Member.MemberFrameworkConfiguration", - "markdownDescription": "Configuration properties of the blockchain framework relevant to the member.", - "title": "MemberFrameworkConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Name": { - "markdownDescription": "The name of the member.", - "title": "Name", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AccountLinked": { + "markdownDescription": "Whether the partner account is linked to the AWS account.", + "title": "AccountLinked", + "type": "boolean" + }, + "PartnerAccountId": { + "markdownDescription": "The ID of the partner account to update.", + "title": "PartnerAccountId", + "type": "string" + }, + "PartnerType": { + "markdownDescription": "The partner type.", + "title": "PartnerType", + "type": "string" + }, + "Sidewalk": { + "$ref": "#/definitions/AWS::IoTWireless::PartnerAccount.SidewalkAccountInfo", + "markdownDescription": "The Sidewalk account credentials.", + "title": "Sidewalk" + }, + "SidewalkResponse": { + "$ref": "#/definitions/AWS::IoTWireless::PartnerAccount.SidewalkAccountInfoWithFingerprint", + "markdownDescription": "Information about a Sidewalk account.", + "title": "SidewalkResponse" + }, + "SidewalkUpdate": { + "$ref": "#/definitions/AWS::IoTWireless::PartnerAccount.SidewalkUpdateAccount", + "markdownDescription": "Sidewalk update.", + "title": "SidewalkUpdate" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IoTWireless::PartnerAccount" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Name" + "Type" ], "type": "object" }, - "AWS::ManagedBlockchain::Member.MemberFabricConfiguration": { + "AWS::IoTWireless::PartnerAccount.SidewalkAccountInfo": { "additionalProperties": false, "properties": { - "AdminPassword": { - "markdownDescription": "The password for the member's initial administrative user. The `AdminPassword` must be at least 8 characters long and no more than 32 characters. It must contain at least one uppercase letter, one lowercase letter, and one digit. It cannot have a single quotation mark (\u2018), a double quotation marks (\u201c), a forward slash(/), a backward slash(\\), @, or a space.", - "title": "AdminPassword", - "type": "string" - }, - "AdminUsername": { - "markdownDescription": "The user name for the member's initial administrative user.", - "title": "AdminUsername", + "AppServerPrivateKey": { + "markdownDescription": "The Sidewalk application server private key. The application server private key is a secret key, which you should handle in a similar way as you would an application password. You can protect the application server private key by storing the value in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", + "title": "AppServerPrivateKey", "type": "string" } }, "required": [ - "AdminPassword", - "AdminUsername" + "AppServerPrivateKey" ], "type": "object" }, - "AWS::ManagedBlockchain::Member.MemberFrameworkConfiguration": { - "additionalProperties": false, - "properties": { - "MemberFabricConfiguration": { - "$ref": "#/definitions/AWS::ManagedBlockchain::Member.MemberFabricConfiguration", - "markdownDescription": "Configuration properties for Hyperledger Fabric.", - "title": "MemberFabricConfiguration" - } - }, - "type": "object" - }, - "AWS::ManagedBlockchain::Member.NetworkConfiguration": { + "AWS::IoTWireless::PartnerAccount.SidewalkAccountInfoWithFingerprint": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "Attributes of the blockchain framework for the network.", - "title": "Description", - "type": "string" - }, - "Framework": { - "markdownDescription": "The blockchain framework that the network uses.", - "title": "Framework", + "AmazonId": { + "markdownDescription": "The Sidewalk Amazon ID.", + "title": "AmazonId", "type": "string" }, - "FrameworkVersion": { - "markdownDescription": "The version of the blockchain framework that the network uses.", - "title": "FrameworkVersion", + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", + "title": "Arn", "type": "string" }, - "Name": { - "markdownDescription": "The name of the network.", - "title": "Name", + "Fingerprint": { + "markdownDescription": "The fingerprint of the Sidewalk application server private key.", + "title": "Fingerprint", "type": "string" - }, - "NetworkFrameworkConfiguration": { - "$ref": "#/definitions/AWS::ManagedBlockchain::Member.NetworkFrameworkConfiguration", - "markdownDescription": "Configuration properties relevant to the network for the blockchain framework that the network uses.", - "title": "NetworkFrameworkConfiguration" - }, - "VotingPolicy": { - "$ref": "#/definitions/AWS::ManagedBlockchain::Member.VotingPolicy", - "markdownDescription": "The voting rules that the network uses to decide if a proposal is accepted.", - "title": "VotingPolicy" } }, - "required": [ - "Framework", - "FrameworkVersion", - "Name", - "VotingPolicy" - ], "type": "object" }, - "AWS::ManagedBlockchain::Member.NetworkFabricConfiguration": { + "AWS::IoTWireless::PartnerAccount.SidewalkUpdateAccount": { "additionalProperties": false, "properties": { - "Edition": { - "markdownDescription": "The edition of Amazon Managed Blockchain that the network uses. Valid values are `standard` and `starter` . For more information, see [Amazon Managed Blockchain Pricing](https://docs.aws.amazon.com/managed-blockchain/pricing/)", - "title": "Edition", + "AppServerPrivateKey": { + "markdownDescription": "The new Sidewalk application server private key.", + "title": "AppServerPrivateKey", "type": "string" } }, - "required": [ - "Edition" - ], - "type": "object" - }, - "AWS::ManagedBlockchain::Member.NetworkFrameworkConfiguration": { - "additionalProperties": false, - "properties": { - "NetworkFabricConfiguration": { - "$ref": "#/definitions/AWS::ManagedBlockchain::Member.NetworkFabricConfiguration", - "markdownDescription": "Configuration properties for Hyperledger Fabric for a member in a Managed Blockchain network that is using the Hyperledger Fabric framework.", - "title": "NetworkFabricConfiguration" - } - }, - "type": "object" - }, - "AWS::ManagedBlockchain::Member.VotingPolicy": { - "additionalProperties": false, - "properties": { - "ApprovalThresholdPolicy": { - "$ref": "#/definitions/AWS::ManagedBlockchain::Member.ApprovalThresholdPolicy", - "markdownDescription": "Defines the rules for the network for voting on proposals, such as the percentage of `YES` votes required for the proposal to be approved and the duration of the proposal. The policy applies to all proposals and is specified when the network is created.", - "title": "ApprovalThresholdPolicy" - } - }, "type": "object" }, - "AWS::ManagedBlockchain::Node": { + "AWS::IoTWireless::ServiceProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -154305,31 +158469,30 @@ "Properties": { "additionalProperties": false, "properties": { - "MemberId": { - "markdownDescription": "The unique identifier of the member to which the node belongs. Applies only to Hyperledger Fabric.", - "title": "MemberId", - "type": "string" + "LoRaWAN": { + "$ref": "#/definitions/AWS::IoTWireless::ServiceProfile.LoRaWANServiceProfile", + "markdownDescription": "LoRaWAN service profile object.", + "title": "LoRaWAN" }, - "NetworkId": { - "markdownDescription": "The unique identifier of the network for the node.\n\nEthereum public networks have the following `NetworkId` s:\n\n- `n-ethereum-mainnet`", - "title": "NetworkId", + "Name": { + "markdownDescription": "The name of the new resource.", + "title": "Name", "type": "string" }, - "NodeConfiguration": { - "$ref": "#/definitions/AWS::ManagedBlockchain::Node.NodeConfiguration", - "markdownDescription": "Configuration properties of a peer node.", - "title": "NodeConfiguration" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", + "title": "Tags", + "type": "array" } }, - "required": [ - "NetworkId", - "NodeConfiguration" - ], "type": "object" }, "Type": { "enum": [ - "AWS::ManagedBlockchain::Node" + "AWS::IoTWireless::ServiceProfile" ], "type": "string" }, @@ -154343,32 +158506,112 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::ManagedBlockchain::Node.NodeConfiguration": { + "AWS::IoTWireless::ServiceProfile.LoRaWANServiceProfile": { "additionalProperties": false, "properties": { - "AvailabilityZone": { - "markdownDescription": "The Availability Zone in which the node exists. Required for Ethereum nodes.", - "title": "AvailabilityZone", + "AddGwMetadata": { + "markdownDescription": "The AddGWMetaData value.", + "title": "AddGwMetadata", + "type": "boolean" + }, + "ChannelMask": { + "markdownDescription": "The ChannelMask value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "ChannelMask", "type": "string" }, - "InstanceType": { - "markdownDescription": "The Amazon Managed Blockchain instance type for the node.", - "title": "InstanceType", + "DevStatusReqFreq": { + "markdownDescription": "The DevStatusReqFreq value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "DevStatusReqFreq", + "type": "number" + }, + "DlBucketSize": { + "markdownDescription": "The DLBucketSize value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "DlBucketSize", + "type": "number" + }, + "DlRate": { + "markdownDescription": "The DLRate value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "DlRate", + "type": "number" + }, + "DlRatePolicy": { + "markdownDescription": "The DLRatePolicy value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "DlRatePolicy", + "type": "string" + }, + "DrMax": { + "markdownDescription": "The DRMax value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "DrMax", + "type": "number" + }, + "DrMin": { + "markdownDescription": "The DRMin value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "DrMin", + "type": "number" + }, + "HrAllowed": { + "markdownDescription": "The HRAllowed value that describes whether handover roaming is allowed.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "HrAllowed", + "type": "boolean" + }, + "MinGwDiversity": { + "markdownDescription": "The MinGwDiversity value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "MinGwDiversity", + "type": "number" + }, + "NwkGeoLoc": { + "markdownDescription": "The NwkGeoLoc value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "NwkGeoLoc", + "type": "boolean" + }, + "PrAllowed": { + "markdownDescription": "The PRAllowed value that describes whether passive roaming is allowed.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "PrAllowed", + "type": "boolean" + }, + "RaAllowed": { + "markdownDescription": "The RAAllowed value that describes whether roaming activation is allowed.", + "title": "RaAllowed", + "type": "boolean" + }, + "ReportDevStatusBattery": { + "markdownDescription": "The ReportDevStatusBattery value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "ReportDevStatusBattery", + "type": "boolean" + }, + "ReportDevStatusMargin": { + "markdownDescription": "The ReportDevStatusMargin value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "ReportDevStatusMargin", + "type": "boolean" + }, + "TargetPer": { + "markdownDescription": "The TargetPer value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "TargetPer", + "type": "number" + }, + "UlBucketSize": { + "markdownDescription": "The UlBucketSize value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "UlBucketSize", + "type": "number" + }, + "UlRate": { + "markdownDescription": "The ULRate value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "UlRate", + "type": "number" + }, + "UlRatePolicy": { + "markdownDescription": "The ULRatePolicy value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "UlRatePolicy", "type": "string" } }, - "required": [ - "AvailabilityZone", - "InstanceType" - ], "type": "object" }, - "AWS::MediaConnect::Bridge": { + "AWS::IoTWireless::TaskDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -154403,58 +158646,48 @@ "Properties": { "additionalProperties": false, "properties": { - "EgressGatewayBridge": { - "$ref": "#/definitions/AWS::MediaConnect::Bridge.EgressGatewayBridge", - "markdownDescription": "An egress bridge is a cloud-to-ground bridge. The content comes from an existing MediaConnect flow and is delivered to your premises.", - "title": "EgressGatewayBridge" + "AutoCreateTasks": { + "markdownDescription": "Whether to automatically create tasks using this task definition for all gateways with the specified current version. If `false` , the task must be created by calling `CreateWirelessGatewayTask` .", + "title": "AutoCreateTasks", + "type": "boolean" }, - "IngressGatewayBridge": { - "$ref": "#/definitions/AWS::MediaConnect::Bridge.IngressGatewayBridge", - "markdownDescription": "An ingress bridge is a ground-to-cloud bridge. The content originates at your premises and is delivered to the cloud.", - "title": "IngressGatewayBridge" + "LoRaWANUpdateGatewayTaskEntry": { + "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.LoRaWANUpdateGatewayTaskEntry", + "markdownDescription": "LoRaWANUpdateGatewayTaskEntry object.", + "title": "LoRaWANUpdateGatewayTaskEntry" }, "Name": { - "markdownDescription": "The name of the bridge. This name can not be modified after the bridge is created.", + "markdownDescription": "The name of the new resource.", "title": "Name", "type": "string" }, - "Outputs": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::MediaConnect::Bridge.BridgeOutput" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The outputs that you want to add to this bridge.", - "title": "Outputs", + "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", + "title": "Tags", "type": "array" }, - "PlacementArn": { - "markdownDescription": "The bridge placement Amazon Resource Number (ARN).", - "title": "PlacementArn", + "TaskDefinitionType": { + "markdownDescription": "A filter to list only the wireless gateway task definitions that use this task definition type.", + "title": "TaskDefinitionType", "type": "string" }, - "SourceFailoverConfig": { - "$ref": "#/definitions/AWS::MediaConnect::Bridge.FailoverConfig", - "markdownDescription": "The settings for source failover.", - "title": "SourceFailoverConfig" - }, - "Sources": { - "items": { - "$ref": "#/definitions/AWS::MediaConnect::Bridge.BridgeSource" - }, - "markdownDescription": "The sources that you want to add to this bridge.", - "title": "Sources", - "type": "array" + "Update": { + "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.UpdateWirelessGatewayTaskCreate", + "markdownDescription": "Information about the gateways to update.", + "title": "Update" } }, "required": [ - "Name", - "PlacementArn", - "Sources" + "AutoCreateTasks" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaConnect::Bridge" + "AWS::IoTWireless::TaskDefinition" ], "type": "string" }, @@ -154473,221 +158706,421 @@ ], "type": "object" }, - "AWS::MediaConnect::Bridge.BridgeFlowSource": { + "AWS::IoTWireless::TaskDefinition.LoRaWANGatewayVersion": { "additionalProperties": false, "properties": { - "FlowArn": { - "markdownDescription": "The ARN of the cloud flow used as a source of this bridge.", - "title": "FlowArn", + "Model": { + "markdownDescription": "The model number of the wireless gateway.", + "title": "Model", "type": "string" }, - "FlowVpcInterfaceAttachment": { - "$ref": "#/definitions/AWS::MediaConnect::Bridge.VpcInterfaceAttachment", - "markdownDescription": "The name of the VPC interface attachment to use for this source.", - "title": "FlowVpcInterfaceAttachment" + "PackageVersion": { + "markdownDescription": "The version of the wireless gateway firmware.", + "title": "PackageVersion", + "type": "string" }, - "Name": { - "markdownDescription": "The name of the flow source.", - "title": "Name", + "Station": { + "markdownDescription": "The basic station version of the wireless gateway.", + "title": "Station", "type": "string" } }, - "required": [ - "FlowArn", - "Name" - ], "type": "object" }, - "AWS::MediaConnect::Bridge.BridgeNetworkOutput": { + "AWS::IoTWireless::TaskDefinition.LoRaWANUpdateGatewayTaskCreate": { "additionalProperties": false, "properties": { - "IpAddress": { - "markdownDescription": "The network output IP address.", - "title": "IpAddress", - "type": "string" - }, - "Name": { - "markdownDescription": "The network output name.", - "title": "Name", - "type": "string" - }, - "NetworkName": { - "markdownDescription": "The network output's gateway network name.", - "title": "NetworkName", - "type": "string" + "CurrentVersion": { + "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.LoRaWANGatewayVersion", + "markdownDescription": "The version of the gateways that should receive the update.", + "title": "CurrentVersion" }, - "Port": { - "markdownDescription": "The network output's port.", - "title": "Port", + "SigKeyCrc": { + "markdownDescription": "The CRC of the signature private key to check.", + "title": "SigKeyCrc", "type": "number" }, - "Protocol": { - "markdownDescription": "The network output protocol.\n\n> AWS Elemental MediaConnect no longer supports the Fujitsu QoS protocol. This reference is maintained for legacy purposes only.", - "title": "Protocol", + "UpdateSignature": { + "markdownDescription": "The signature used to verify the update firmware.", + "title": "UpdateSignature", "type": "string" }, - "Ttl": { - "markdownDescription": "The network output TTL.", - "title": "Ttl", - "type": "number" + "UpdateVersion": { + "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.LoRaWANGatewayVersion", + "markdownDescription": "The firmware version to update the gateway to.", + "title": "UpdateVersion" } }, - "required": [ - "IpAddress", - "Name", - "NetworkName", - "Port", - "Protocol", - "Ttl" - ], "type": "object" }, - "AWS::MediaConnect::Bridge.BridgeNetworkSource": { + "AWS::IoTWireless::TaskDefinition.LoRaWANUpdateGatewayTaskEntry": { "additionalProperties": false, "properties": { - "MulticastIp": { - "markdownDescription": "The network source multicast IP.", - "title": "MulticastIp", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the network source.", - "title": "Name", - "type": "string" - }, - "NetworkName": { - "markdownDescription": "The network source's gateway network name.", - "title": "NetworkName", - "type": "string" - }, - "Port": { - "markdownDescription": "The network source port.", - "title": "Port", - "type": "number" + "CurrentVersion": { + "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.LoRaWANGatewayVersion", + "markdownDescription": "The version of the gateways that should receive the update.", + "title": "CurrentVersion" }, - "Protocol": { - "markdownDescription": "The network source protocol.\n\n> AWS Elemental MediaConnect no longer supports the Fujitsu QoS protocol. This reference is maintained for legacy purposes only.", - "title": "Protocol", - "type": "string" + "UpdateVersion": { + "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.LoRaWANGatewayVersion", + "markdownDescription": "The firmware version to update the gateway to.", + "title": "UpdateVersion" } }, - "required": [ - "MulticastIp", - "Name", - "NetworkName", - "Port", - "Protocol" - ], "type": "object" }, - "AWS::MediaConnect::Bridge.BridgeOutput": { + "AWS::IoTWireless::TaskDefinition.UpdateWirelessGatewayTaskCreate": { "additionalProperties": false, "properties": { - "NetworkOutput": { - "$ref": "#/definitions/AWS::MediaConnect::Bridge.BridgeNetworkOutput", - "markdownDescription": "The output of the bridge. A network output is delivered to your premises.", - "title": "NetworkOutput" + "LoRaWAN": { + "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.LoRaWANUpdateGatewayTaskCreate", + "markdownDescription": "The properties that relate to the LoRaWAN wireless gateway.", + "title": "LoRaWAN" + }, + "UpdateDataRole": { + "markdownDescription": "The IAM role used to read data from the S3 bucket.", + "title": "UpdateDataRole", + "type": "string" + }, + "UpdateDataSource": { + "markdownDescription": "The link to the S3 bucket.", + "title": "UpdateDataSource", + "type": "string" } }, "type": "object" }, - "AWS::MediaConnect::Bridge.BridgeSource": { + "AWS::IoTWireless::WirelessDevice": { "additionalProperties": false, "properties": { - "FlowSource": { - "$ref": "#/definitions/AWS::MediaConnect::Bridge.BridgeFlowSource", - "markdownDescription": "The source of the bridge. A flow source originates in MediaConnect as an existing cloud flow.", - "title": "FlowSource" + "Condition": { + "type": "string" }, - "NetworkSource": { - "$ref": "#/definitions/AWS::MediaConnect::Bridge.BridgeNetworkSource", - "markdownDescription": "The source of the bridge. A network source originates at your premises.", - "title": "NetworkSource" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the new resource. Maximum length is 2048.", + "title": "Description", + "type": "string" + }, + "DestinationName": { + "markdownDescription": "The name of the destination to assign to the new wireless device. Can have only have alphanumeric, - (hyphen) and _ (underscore) characters and it can't have any spaces.", + "title": "DestinationName", + "type": "string" + }, + "LastUplinkReceivedAt": { + "markdownDescription": "The date and time when the most recent uplink was received.", + "title": "LastUplinkReceivedAt", + "type": "string" + }, + "LoRaWAN": { + "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.LoRaWANDevice", + "markdownDescription": "The device configuration information to use to create the wireless device. Must be at least one of OtaaV10x, OtaaV11, AbpV11, or AbpV10x.", + "title": "LoRaWAN" + }, + "Name": { + "markdownDescription": "The name of the new resource.", + "title": "Name", + "type": "string" + }, + "Positioning": { + "markdownDescription": "FPort values for the GNSS, Stream, and ClockSync functions of the positioning information.", + "title": "Positioning", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", + "title": "Tags", + "type": "array" + }, + "ThingArn": { + "markdownDescription": "The ARN of the thing to associate with the wireless device.", + "title": "ThingArn", + "type": "string" + }, + "Type": { + "markdownDescription": "The wireless device type.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "DestinationName", + "Type" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IoTWireless::WirelessDevice" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::IoTWireless::WirelessDevice.AbpV10x": { + "additionalProperties": false, + "properties": { + "DevAddr": { + "markdownDescription": "The DevAddr value.", + "title": "DevAddr", + "type": "string" + }, + "SessionKeys": { + "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.SessionKeysAbpV10x", + "markdownDescription": "Session keys for ABP v1.0.x.", + "title": "SessionKeys" } }, + "required": [ + "DevAddr", + "SessionKeys" + ], "type": "object" }, - "AWS::MediaConnect::Bridge.EgressGatewayBridge": { + "AWS::IoTWireless::WirelessDevice.AbpV11": { "additionalProperties": false, "properties": { - "MaxBitrate": { - "markdownDescription": "The maximum expected bitrate (in bps) of the egress bridge.", - "title": "MaxBitrate", - "type": "number" + "DevAddr": { + "markdownDescription": "The DevAddr value.", + "title": "DevAddr", + "type": "string" + }, + "SessionKeys": { + "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.SessionKeysAbpV11", + "markdownDescription": "Session keys for ABP v1.1.", + "title": "SessionKeys" } }, "required": [ - "MaxBitrate" + "DevAddr", + "SessionKeys" ], "type": "object" }, - "AWS::MediaConnect::Bridge.FailoverConfig": { + "AWS::IoTWireless::WirelessDevice.Application": { "additionalProperties": false, "properties": { - "FailoverMode": { - "markdownDescription": "The type of failover you choose for this flow. MERGE combines the source streams into a single stream, allowing graceful recovery from any single-source loss. FAILOVER allows switching between different streams.", - "title": "FailoverMode", + "DestinationName": { + "markdownDescription": "The name of the position data destination that describes the IoT rule that processes the device's position data.", + "title": "DestinationName", "type": "string" }, - "SourcePriority": { - "$ref": "#/definitions/AWS::MediaConnect::Bridge.SourcePriority", - "markdownDescription": "The priority you want to assign to a source. You can have a primary stream and a backup stream or two equally prioritized streams.", - "title": "SourcePriority" + "FPort": { + "markdownDescription": "The name of the new destination for the device.", + "title": "FPort", + "type": "number" }, - "State": { - "markdownDescription": "The state of source failover on the flow. If the state is inactive, the flow can have only one source. If the state is active, the flow can have one or two sources.", - "title": "State", + "Type": { + "markdownDescription": "Application type, which can be specified to obtain real-time position information of your LoRaWAN device.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoTWireless::WirelessDevice.FPorts": { + "additionalProperties": false, + "properties": { + "Applications": { + "items": { + "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.Application" + }, + "markdownDescription": "LoRaWAN application configuration, which can be used to perform geolocation.", + "title": "Applications", + "type": "array" + } + }, + "type": "object" + }, + "AWS::IoTWireless::WirelessDevice.LoRaWANDevice": { + "additionalProperties": false, + "properties": { + "AbpV10x": { + "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.AbpV10x", + "markdownDescription": "ABP device object for LoRaWAN specification v1.0.x.", + "title": "AbpV10x" + }, + "AbpV11": { + "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.AbpV11", + "markdownDescription": "ABP device object for create APIs for v1.1.", + "title": "AbpV11" + }, + "DevEui": { + "markdownDescription": "The DevEUI value.", + "title": "DevEui", + "type": "string" + }, + "DeviceProfileId": { + "markdownDescription": "The ID of the device profile for the new wireless device.", + "title": "DeviceProfileId", + "type": "string" + }, + "FPorts": { + "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.FPorts", + "markdownDescription": "List of FPort assigned for different LoRaWAN application packages to use.", + "title": "FPorts" + }, + "OtaaV10x": { + "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.OtaaV10x", + "markdownDescription": "OTAA device object for create APIs for v1.0.x", + "title": "OtaaV10x" + }, + "OtaaV11": { + "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.OtaaV11", + "markdownDescription": "OTAA device object for v1.1 for create APIs.", + "title": "OtaaV11" + }, + "ServiceProfileId": { + "markdownDescription": "The ID of the service profile.", + "title": "ServiceProfileId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoTWireless::WirelessDevice.OtaaV10x": { + "additionalProperties": false, + "properties": { + "AppEui": { + "markdownDescription": "The AppEUI value. You specify this value when using LoRaWAN versions v1.0.2 or v1.0.3.", + "title": "AppEui", + "type": "string" + }, + "AppKey": { + "markdownDescription": "The AppKey value.", + "title": "AppKey", "type": "string" } }, "required": [ - "FailoverMode" + "AppEui", + "AppKey" ], "type": "object" }, - "AWS::MediaConnect::Bridge.IngressGatewayBridge": { + "AWS::IoTWireless::WirelessDevice.OtaaV11": { "additionalProperties": false, "properties": { - "MaxBitrate": { - "markdownDescription": "The maximum expected bitrate (in bps) of the ingress bridge.", - "title": "MaxBitrate", - "type": "number" + "AppKey": { + "markdownDescription": "The AppKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the AppKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", + "title": "AppKey", + "type": "string" }, - "MaxOutputs": { - "markdownDescription": "The maximum number of outputs on the ingress bridge.", - "title": "MaxOutputs", - "type": "number" + "JoinEui": { + "markdownDescription": "The JoinEUI value.", + "title": "JoinEui", + "type": "string" + }, + "NwkKey": { + "markdownDescription": "The NwkKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the NwkKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", + "title": "NwkKey", + "type": "string" } }, "required": [ - "MaxBitrate", - "MaxOutputs" + "AppKey", + "JoinEui", + "NwkKey" ], "type": "object" }, - "AWS::MediaConnect::Bridge.SourcePriority": { + "AWS::IoTWireless::WirelessDevice.SessionKeysAbpV10x": { "additionalProperties": false, "properties": { - "PrimarySource": { - "markdownDescription": "The name of the source you choose as the primary source for this flow.", - "title": "PrimarySource", + "AppSKey": { + "markdownDescription": "The AppSKey value.", + "title": "AppSKey", + "type": "string" + }, + "NwkSKey": { + "markdownDescription": "The NwkKey value.", + "title": "NwkSKey", "type": "string" } }, + "required": [ + "AppSKey", + "NwkSKey" + ], "type": "object" }, - "AWS::MediaConnect::Bridge.VpcInterfaceAttachment": { + "AWS::IoTWireless::WirelessDevice.SessionKeysAbpV11": { "additionalProperties": false, "properties": { - "VpcInterfaceName": { - "markdownDescription": "The name of the VPC interface to use for this resource.", - "title": "VpcInterfaceName", + "AppSKey": { + "markdownDescription": "The AppSKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the AppSKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", + "title": "AppSKey", + "type": "string" + }, + "FNwkSIntKey": { + "markdownDescription": "The FNwkSIntKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the FNwkSIntKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", + "title": "FNwkSIntKey", + "type": "string" + }, + "NwkSEncKey": { + "markdownDescription": "The NwkSEncKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the NwkSEncKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", + "title": "NwkSEncKey", + "type": "string" + }, + "SNwkSIntKey": { + "markdownDescription": "The SNwkSIntKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the SNwkSIntKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", + "title": "SNwkSIntKey", "type": "string" } }, + "required": [ + "AppSKey", + "FNwkSIntKey", + "NwkSEncKey", + "SNwkSIntKey" + ], "type": "object" }, - "AWS::MediaConnect::BridgeOutput": { + "AWS::IoTWireless::WirelessDeviceImportTask": { "additionalProperties": false, "properties": { "Condition": { @@ -154722,32 +159155,34 @@ "Properties": { "additionalProperties": false, "properties": { - "BridgeArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the bridge that you want to update.", - "title": "BridgeArn", + "DestinationName": { + "markdownDescription": "The name of the destination that describes the IoT rule to route messages from the Sidewalk devices in the import task to other applications.", + "title": "DestinationName", "type": "string" }, - "Name": { - "markdownDescription": "The network output name. This name is used to reference the output and must be unique among outputs in this bridge.", - "title": "Name", - "type": "string" + "Sidewalk": { + "$ref": "#/definitions/AWS::IoTWireless::WirelessDeviceImportTask.Sidewalk", + "markdownDescription": "The Sidewalk-related information of the wireless device import task.", + "title": "Sidewalk" }, - "NetworkOutput": { - "$ref": "#/definitions/AWS::MediaConnect::BridgeOutput.BridgeNetworkOutput", - "markdownDescription": "The network output of the bridge. A network output is delivered to your premises.", - "title": "NetworkOutput" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Adds to or modifies the tags of the given resource. Tags are metadata that you can use to manage a resource.", + "title": "Tags", + "type": "array" } }, "required": [ - "BridgeArn", - "Name", - "NetworkOutput" + "DestinationName", + "Sidewalk" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaConnect::BridgeOutput" + "AWS::IoTWireless::WirelessDeviceImportTask" ], "type": "string" }, @@ -154766,45 +159201,36 @@ ], "type": "object" }, - "AWS::MediaConnect::BridgeOutput.BridgeNetworkOutput": { + "AWS::IoTWireless::WirelessDeviceImportTask.Sidewalk": { "additionalProperties": false, "properties": { - "IpAddress": { - "markdownDescription": "The network output IP address.", - "title": "IpAddress", - "type": "string" - }, - "NetworkName": { - "markdownDescription": "The network output's gateway network name.", - "title": "NetworkName", + "DeviceCreationFile": { + "markdownDescription": "The CSV file contained in an S3 bucket that's used for adding devices to an import task.", + "title": "DeviceCreationFile", "type": "string" }, - "Port": { - "markdownDescription": "The network output's port.", - "title": "Port", - "type": "number" + "DeviceCreationFileList": { + "items": { + "type": "string" + }, + "markdownDescription": "List of Sidewalk devices that are added to the import task.", + "title": "DeviceCreationFileList", + "type": "array" }, - "Protocol": { - "markdownDescription": "The network output protocol.\n\n> AWS Elemental MediaConnect no longer supports the Fujitsu QoS protocol. This reference is maintained for legacy purposes only.", - "title": "Protocol", + "Role": { + "markdownDescription": "The IAM role that allows to access the CSV file in the S3 bucket.", + "title": "Role", "type": "string" }, - "Ttl": { - "markdownDescription": "The network output TTL.", - "title": "Ttl", - "type": "number" + "SidewalkManufacturingSn": { + "markdownDescription": "The Sidewalk manufacturing serial number (SMSN) of the Sidewalk device.", + "title": "SidewalkManufacturingSn", + "type": "string" } }, - "required": [ - "IpAddress", - "NetworkName", - "Port", - "Protocol", - "Ttl" - ], "type": "object" }, - "AWS::MediaConnect::BridgeSource": { + "AWS::IoTWireless::WirelessGateway": { "additionalProperties": false, "properties": { "Condition": { @@ -154839,36 +159265,53 @@ "Properties": { "additionalProperties": false, "properties": { - "BridgeArn": { - "markdownDescription": "The ARN of the bridge feeding this flow.", - "title": "BridgeArn", + "Description": { + "markdownDescription": "The description of the new resource. The maximum length is 2048 characters.", + "title": "Description", "type": "string" }, - "FlowSource": { - "$ref": "#/definitions/AWS::MediaConnect::BridgeSource.BridgeFlowSource", - "markdownDescription": "The source of the flow.", - "title": "FlowSource" + "LastUplinkReceivedAt": { + "markdownDescription": "The date and time when the most recent uplink was received.", + "title": "LastUplinkReceivedAt", + "type": "string" + }, + "LoRaWAN": { + "$ref": "#/definitions/AWS::IoTWireless::WirelessGateway.LoRaWANGateway", + "markdownDescription": "The gateway configuration information to use to create the wireless gateway.", + "title": "LoRaWAN" }, "Name": { - "markdownDescription": "The name of the flow source. This name is used to reference the source and must be unique among sources in this bridge.", + "markdownDescription": "The name of the new resource.", "title": "Name", "type": "string" }, - "NetworkSource": { - "$ref": "#/definitions/AWS::MediaConnect::BridgeSource.BridgeNetworkSource", - "markdownDescription": "The source of the network.", - "title": "NetworkSource" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", + "title": "Tags", + "type": "array" + }, + "ThingArn": { + "markdownDescription": "The ARN of the thing to associate with the wireless gateway.", + "title": "ThingArn", + "type": "string" + }, + "ThingName": { + "markdownDescription": "The name of the thing associated with the wireless gateway. The value is empty if a thing isn't associated with the gateway.", + "title": "ThingName", + "type": "string" } }, "required": [ - "BridgeArn", - "Name" + "LoRaWAN" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaConnect::BridgeSource" + "AWS::IoTWireless::WirelessGateway" ], "type": "string" }, @@ -154887,69 +159330,27 @@ ], "type": "object" }, - "AWS::MediaConnect::BridgeSource.BridgeFlowSource": { - "additionalProperties": false, - "properties": { - "FlowArn": { - "markdownDescription": "The ARN of the cloud flow used as a source of this bridge.", - "title": "FlowArn", - "type": "string" - }, - "FlowVpcInterfaceAttachment": { - "$ref": "#/definitions/AWS::MediaConnect::BridgeSource.VpcInterfaceAttachment", - "markdownDescription": "The name of the VPC interface attachment to use for this source.", - "title": "FlowVpcInterfaceAttachment" - } - }, - "required": [ - "FlowArn" - ], - "type": "object" - }, - "AWS::MediaConnect::BridgeSource.BridgeNetworkSource": { + "AWS::IoTWireless::WirelessGateway.LoRaWANGateway": { "additionalProperties": false, "properties": { - "MulticastIp": { - "markdownDescription": "The network source multicast IP.", - "title": "MulticastIp", - "type": "string" - }, - "NetworkName": { - "markdownDescription": "The network source's gateway network name.", - "title": "NetworkName", + "GatewayEui": { + "markdownDescription": "The gateway's EUI value.", + "title": "GatewayEui", "type": "string" }, - "Port": { - "markdownDescription": "The network source port.", - "title": "Port", - "type": "number" - }, - "Protocol": { - "markdownDescription": "The network source protocol.\n\n> AWS Elemental MediaConnect no longer supports the Fujitsu QoS protocol. This reference is maintained for legacy purposes only.", - "title": "Protocol", + "RfRegion": { + "markdownDescription": "The frequency band (RFRegion) value.", + "title": "RfRegion", "type": "string" } }, "required": [ - "MulticastIp", - "NetworkName", - "Port", - "Protocol" + "GatewayEui", + "RfRegion" ], "type": "object" }, - "AWS::MediaConnect::BridgeSource.VpcInterfaceAttachment": { - "additionalProperties": false, - "properties": { - "VpcInterfaceName": { - "markdownDescription": "The name of the VPC interface to use for this resource.", - "title": "VpcInterfaceName", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaConnect::Flow": { + "AWS::KMS::Alias": { "additionalProperties": false, "properties": { "Condition": { @@ -154984,36 +159385,26 @@ "Properties": { "additionalProperties": false, "properties": { - "AvailabilityZone": { - "markdownDescription": "The Availability Zone that you want to create the flow in. These options are limited to the Availability Zones within the current AWS Region.", - "title": "AvailabilityZone", + "AliasName": { + "markdownDescription": "Specifies the alias name. This value must begin with `alias/` followed by a name, such as `alias/ExampleAlias` .\n\n> If you change the value of the `AliasName` property, the existing alias is deleted and a new alias is created for the specified KMS key. This change can disrupt applications that use the alias. It can also allow or deny access to a KMS key affected by attribute-based access control (ABAC). \n\nThe alias must be string of 1-256 characters. It can contain only alphanumeric characters, forward slashes (/), underscores (_), and dashes (-). The alias name cannot begin with `alias/aws/` . The `alias/aws/` prefix is reserved for [AWS managed keys](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk) .", + "title": "AliasName", "type": "string" }, - "Name": { - "markdownDescription": "The name of the flow.", - "title": "Name", + "TargetKeyId": { + "markdownDescription": "Associates the alias with the specified [customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk) . The KMS key must be in the same AWS account and Region.\n\nA valid key ID is required. If you supply a null or empty string value, this operation returns an error.\n\nFor help finding the key ID and ARN, see [Finding the key ID and ARN](https://docs.aws.amazon.com/kms/latest/developerguide/viewing-keys.html#find-cmk-id-arn) in the *AWS Key Management Service Developer Guide* .\n\nSpecify the key ID or the key ARN of the KMS key.\n\nFor example:\n\n- Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key ARN: `arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n\nTo get the key ID and key ARN for a KMS key, use [ListKeys](https://docs.aws.amazon.com/kms/latest/APIReference/API_ListKeys.html) or [DescribeKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_DescribeKey.html) .", + "title": "TargetKeyId", "type": "string" - }, - "Source": { - "$ref": "#/definitions/AWS::MediaConnect::Flow.Source", - "markdownDescription": "The settings for the source that you want to use for the new flow.", - "title": "Source" - }, - "SourceFailoverConfig": { - "$ref": "#/definitions/AWS::MediaConnect::Flow.FailoverConfig", - "markdownDescription": "The settings for source failover.", - "title": "SourceFailoverConfig" } }, "required": [ - "Name", - "Source" + "AliasName", + "TargetKeyId" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaConnect::Flow" + "AWS::KMS::Alias" ], "type": "string" }, @@ -155032,237 +159423,7 @@ ], "type": "object" }, - "AWS::MediaConnect::Flow.Encryption": { - "additionalProperties": false, - "properties": { - "Algorithm": { - "markdownDescription": "The type of algorithm that is used for static key encryption (such as aes128, aes192, or aes256). If you are using SPEKE or SRT-password encryption, this property must be left blank.", - "title": "Algorithm", - "type": "string" - }, - "ConstantInitializationVector": { - "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, to be used with the key for encrypting content. This parameter is not valid for static key encryption.", - "title": "ConstantInitializationVector", - "type": "string" - }, - "DeviceId": { - "markdownDescription": "The value of one of the devices that you configured with your digital rights management (DRM) platform key provider. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "DeviceId", - "type": "string" - }, - "KeyType": { - "markdownDescription": "The type of key that is used for the encryption. If you don't specify a `keyType` value, the service uses the default setting ( `static-key` ). Valid key types are: `static-key` , `speke` , and `srt-password` .", - "title": "KeyType", - "type": "string" - }, - "Region": { - "markdownDescription": "The AWS Region that the API Gateway proxy endpoint was created in. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "Region", - "type": "string" - }, - "ResourceId": { - "markdownDescription": "An identifier for the content. The service sends this value to the key server to identify the current endpoint. The resource ID is also known as the content ID. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "ResourceId", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN of the role that you created during setup (when you set up MediaConnect as a trusted entity).", - "title": "RoleArn", - "type": "string" - }, - "SecretArn": { - "markdownDescription": "The ARN of the secret that you created in AWS Secrets Manager to store the encryption key. This parameter is required for static key encryption and is not valid for SPEKE encryption.", - "title": "SecretArn", - "type": "string" - }, - "Url": { - "markdownDescription": "The URL from the API Gateway proxy that you set up to talk to your key server. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "Url", - "type": "string" - } - }, - "required": [ - "RoleArn" - ], - "type": "object" - }, - "AWS::MediaConnect::Flow.FailoverConfig": { - "additionalProperties": false, - "properties": { - "FailoverMode": { - "markdownDescription": "The type of failover you choose for this flow. MERGE combines the source streams into a single stream, allowing graceful recovery from any single-source loss. FAILOVER allows switching between different streams. The string for this property must be entered as MERGE or FAILOVER. No other string entry is valid.", - "title": "FailoverMode", - "type": "string" - }, - "RecoveryWindow": { - "markdownDescription": "Search window time to look for dash-7 packets.", - "title": "RecoveryWindow", - "type": "number" - }, - "SourcePriority": { - "$ref": "#/definitions/AWS::MediaConnect::Flow.SourcePriority", - "markdownDescription": "The priority you want to assign to a source. You can have a primary stream and a backup stream or two equally prioritized streams.", - "title": "SourcePriority" - }, - "State": { - "markdownDescription": "The state of source failover on the flow. If the state is inactive, the flow can have only one source. If the state is active, the flow can have one or two sources.", - "title": "State", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaConnect::Flow.GatewayBridgeSource": { - "additionalProperties": false, - "properties": { - "BridgeArn": { - "markdownDescription": "The ARN of the bridge feeding this flow.", - "title": "BridgeArn", - "type": "string" - }, - "VpcInterfaceAttachment": { - "$ref": "#/definitions/AWS::MediaConnect::Flow.VpcInterfaceAttachment", - "markdownDescription": "The name of the VPC interface attachment to use for this bridge source.", - "title": "VpcInterfaceAttachment" - } - }, - "required": [ - "BridgeArn" - ], - "type": "object" - }, - "AWS::MediaConnect::Flow.Source": { - "additionalProperties": false, - "properties": { - "Decryption": { - "$ref": "#/definitions/AWS::MediaConnect::Flow.Encryption", - "markdownDescription": "The type of encryption that is used on the content ingested from this source.", - "title": "Decryption" - }, - "Description": { - "markdownDescription": "A description for the source. This value is not used or seen outside of the current MediaConnect account.", - "title": "Description", - "type": "string" - }, - "EntitlementArn": { - "markdownDescription": "The ARN of the entitlement that allows you to subscribe to content that comes from another AWS account. The entitlement is set by the content originator and the ARN is generated as part of the originator's flow.", - "title": "EntitlementArn", - "type": "string" - }, - "GatewayBridgeSource": { - "$ref": "#/definitions/AWS::MediaConnect::Flow.GatewayBridgeSource", - "markdownDescription": "The source configuration for cloud flows receiving a stream from a bridge.", - "title": "GatewayBridgeSource" - }, - "IngestIp": { - "markdownDescription": "The IP address that the flow will be listening on for incoming content.", - "title": "IngestIp", - "type": "string" - }, - "IngestPort": { - "markdownDescription": "The port that the flow will be listening on for incoming content.", - "title": "IngestPort", - "type": "number" - }, - "MaxBitrate": { - "markdownDescription": "The maximum bitrate for RIST, RTP, and RTP-FEC streams.", - "title": "MaxBitrate", - "type": "number" - }, - "MaxLatency": { - "markdownDescription": "The maximum latency in milliseconds for a RIST or Zixi-based source.", - "title": "MaxLatency", - "type": "number" - }, - "MinLatency": { - "markdownDescription": "The minimum latency in milliseconds for SRT-based streams. In streams that use the SRT protocol, this value that you set on your MediaConnect source or output represents the minimal potential latency of that connection. The latency of the stream is set to the highest number between the sender\u2019s minimum latency and the receiver\u2019s minimum latency.", - "title": "MinLatency", - "type": "number" - }, - "Name": { - "markdownDescription": "The name of the source.", - "title": "Name", - "type": "string" - }, - "Protocol": { - "markdownDescription": "The protocol that is used by the source. AWS CloudFormation does not currently support CDI or ST 2110 JPEG XS source protocols.\n\n> AWS Elemental MediaConnect no longer supports the Fujitsu QoS protocol. This reference is maintained for legacy purposes only.", - "title": "Protocol", - "type": "string" - }, - "SenderControlPort": { - "markdownDescription": "The port that the flow uses to send outbound requests to initiate connection with the sender.", - "title": "SenderControlPort", - "type": "number" - }, - "SenderIpAddress": { - "markdownDescription": "The IP address that the flow communicates with to initiate connection with the sender.", - "title": "SenderIpAddress", - "type": "string" - }, - "SourceArn": { - "markdownDescription": "The ARN of the source.", - "title": "SourceArn", - "type": "string" - }, - "SourceIngestPort": { - "markdownDescription": "The port that the flow listens on for incoming content. If the protocol of the source is Zixi, the port must be set to 2088.", - "title": "SourceIngestPort", - "type": "string" - }, - "SourceListenerAddress": { - "markdownDescription": "Source IP or domain name for SRT-caller protocol.", - "title": "SourceListenerAddress", - "type": "string" - }, - "SourceListenerPort": { - "markdownDescription": "Source port for SRT-caller protocol.", - "title": "SourceListenerPort", - "type": "number" - }, - "StreamId": { - "markdownDescription": "The stream ID that you want to use for the transport. This parameter applies only to Zixi-based streams.", - "title": "StreamId", - "type": "string" - }, - "VpcInterfaceName": { - "markdownDescription": "The name of the VPC interface that is used for this source.", - "title": "VpcInterfaceName", - "type": "string" - }, - "WhitelistCidr": { - "markdownDescription": "The range of IP addresses that should be allowed to contribute content to your source. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16.", - "title": "WhitelistCidr", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaConnect::Flow.SourcePriority": { - "additionalProperties": false, - "properties": { - "PrimarySource": { - "markdownDescription": "The name of the source you choose as the primary source for this flow.", - "title": "PrimarySource", - "type": "string" - } - }, - "required": [ - "PrimarySource" - ], - "type": "object" - }, - "AWS::MediaConnect::Flow.VpcInterfaceAttachment": { - "additionalProperties": false, - "properties": { - "VpcInterfaceName": { - "markdownDescription": "The name of the VPC interface to use for this resource.", - "title": "VpcInterfaceName", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaConnect::FlowEntitlement": { + "AWS::KMS::Key": { "additionalProperties": false, "properties": { "Condition": { @@ -155297,56 +159458,75 @@ "Properties": { "additionalProperties": false, "properties": { - "DataTransferSubscriberFeePercent": { - "markdownDescription": "The percentage of the entitlement data transfer fee that you want the subscriber to be responsible for.", - "title": "DataTransferSubscriberFeePercent", - "type": "number" + "BypassPolicyLockoutSafetyCheck": { + "markdownDescription": "Skips (\"bypasses\") the key policy lockout safety check. The default value is false.\n\n> Setting this value to true increases the risk that the KMS key becomes unmanageable. Do not set this value to true indiscriminately.\n> \n> For more information, see [Default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policy-default.html#prevent-unmanageable-key) in the *AWS Key Management Service Developer Guide* . \n\nUse this parameter only when you intend to prevent the principal that is making the request from making a subsequent [PutKeyPolicy](https://docs.aws.amazon.com/kms/latest/APIReference/API_PutKeyPolicy.html) request on the KMS key.", + "title": "BypassPolicyLockoutSafetyCheck", + "type": "boolean" }, "Description": { - "markdownDescription": "A description of the entitlement. This description appears only on the MediaConnect console and is not visible outside of the current AWS account.", + "markdownDescription": "A description of the KMS key. Use a description that helps you to distinguish this KMS key from others in the account, such as its intended use.", "title": "Description", "type": "string" }, - "Encryption": { - "$ref": "#/definitions/AWS::MediaConnect::FlowEntitlement.Encryption", - "markdownDescription": "Information about the encryption of the flow.", - "title": "Encryption" + "EnableKeyRotation": { + "markdownDescription": "Enables automatic rotation of the key material for the specified KMS key. By default, automatic key rotation is not enabled.\n\nAWS KMS supports automatic rotation only for symmetric encryption KMS keys ( `KeySpec` = `SYMMETRIC_DEFAULT` ). For asymmetric KMS keys, HMAC KMS keys, and KMS keys with Origin `EXTERNAL` , omit the `EnableKeyRotation` property or set it to `false` .\n\nTo enable automatic key rotation of the key material for a multi-Region KMS key, set `EnableKeyRotation` to `true` on the primary key (created by using `AWS::KMS::Key` ). AWS KMS copies the rotation status to all replica keys. For details, see [Rotating multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-manage.html#multi-region-rotate) in the *AWS Key Management Service Developer Guide* .\n\nWhen you enable automatic rotation, AWS KMS automatically creates new key material for the KMS key one year after the enable date and every year thereafter. AWS KMS retains all key material until you delete the KMS key. For detailed information about automatic key rotation, see [Rotating KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html) in the *AWS Key Management Service Developer Guide* .", + "title": "EnableKeyRotation", + "type": "boolean" }, - "EntitlementStatus": { - "markdownDescription": "An indication of whether the new entitlement should be enabled or disabled as soon as it is created. If you don\u2019t specify the entitlementStatus field in your request, MediaConnect sets it to ENABLED.", - "title": "EntitlementStatus", + "Enabled": { + "markdownDescription": "Specifies whether the KMS key is enabled. Disabled KMS keys cannot be used in cryptographic operations.\n\nWhen `Enabled` is `true` , the *key state* of the KMS key is `Enabled` . When `Enabled` is `false` , the key state of the KMS key is `Disabled` . The default value is `true` .\n\nThe actual key state of the KMS key might be affected by actions taken outside of CloudFormation, such as running the [EnableKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_EnableKey.html) , [DisableKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_DisableKey.html) , or [ScheduleKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_ScheduleKeyDeletion.html) operations.\n\nFor information about the key states of a KMS key, see [Key state: Effect on your KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) in the *AWS Key Management Service Developer Guide* .", + "title": "Enabled", + "type": "boolean" + }, + "KeyPolicy": { + "markdownDescription": "The key policy to attach to the KMS key.\n\nIf you provide a key policy, it must meet the following criteria:\n\n- The key policy must allow the caller to make a subsequent [PutKeyPolicy](https://docs.aws.amazon.com/kms/latest/APIReference/API_PutKeyPolicy.html) request on the KMS key. This reduces the risk that the KMS key becomes unmanageable. For more information, see [Default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) in the *AWS Key Management Service Developer Guide* . (To omit this condition, set `BypassPolicyLockoutSafetyCheck` to true.)\n- Each statement in the key policy must contain one or more principals. The principals in the key policy must exist and be visible to AWS KMS . When you create a new AWS principal (for example, an IAM user or role), you might need to enforce a delay before including the new principal in a key policy because the new principal might not be immediately visible to AWS KMS . For more information, see [Changes that I make are not always immediately visible](https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency) in the *AWS Identity and Access Management User Guide* .\n\nIf you do not provide a key policy, AWS KMS attaches a default key policy to the KMS key. For more information, see [Default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default) in the *AWS Key Management Service Developer Guide* .\n\nA key policy document can include only the following characters:\n\n- Printable ASCII characters\n- Printable characters in the Basic Latin and Latin-1 Supplement character set\n- The tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` ) special characters\n\n*Minimum* : `1`\n\n*Maximum* : `32768`", + "title": "KeyPolicy", + "type": "object" + }, + "KeySpec": { + "markdownDescription": "Specifies the type of KMS key to create. The default value, `SYMMETRIC_DEFAULT` , creates a KMS key with a 256-bit symmetric key for encryption and decryption. In China Regions, `SYMMETRIC_DEFAULT` creates a 128-bit symmetric key that uses SM4 encryption. You can't change the `KeySpec` value after the KMS key is created. For help choosing a key spec for your KMS key, see [Choosing a KMS key type](https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-choose.html) in the *AWS Key Management Service Developer Guide* .\n\nThe `KeySpec` property determines the type of key material in the KMS key and the algorithms that the KMS key supports. To further restrict the algorithms that can be used with the KMS key, use a condition key in its key policy or IAM policy. For more information, see [AWS KMS condition keys](https://docs.aws.amazon.com/kms/latest/developerguide/policy-conditions.html#conditions-kms) in the *AWS Key Management Service Developer Guide* .\n\n> If you change the value of the `KeySpec` property on an existing KMS key, the update request fails, regardless of the value of the [`UpdateReplacePolicy` attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html) . This prevents you from accidentally deleting a KMS key by changing an immutable property value. > [AWS services that are integrated with AWS KMS](https://docs.aws.amazon.com/kms/features/#AWS_Service_Integration) use symmetric encryption KMS keys to protect your data. These services do not support encryption with asymmetric KMS keys. For help determining whether a KMS key is asymmetric, see [Identifying asymmetric KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/find-symm-asymm.html) in the *AWS Key Management Service Developer Guide* . \n\nAWS KMS supports the following key specs for KMS keys:\n\n- Symmetric encryption key (default)\n\n- `SYMMETRIC_DEFAULT` (AES-256-GCM)\n- HMAC keys (symmetric)\n\n- `HMAC_224`\n- `HMAC_256`\n- `HMAC_384`\n- `HMAC_512`\n- Asymmetric RSA key pairs (encryption and decryption *or* signing and verification)\n\n- `RSA_2048`\n- `RSA_3072`\n- `RSA_4096`\n- Asymmetric NIST-recommended elliptic curve key pairs (signing and verification *or* deriving shared secrets)\n\n- `ECC_NIST_P256` (secp256r1)\n- `ECC_NIST_P384` (secp384r1)\n- `ECC_NIST_P521` (secp521r1)\n- Other asymmetric elliptic curve key pairs (signing and verification)\n\n- `ECC_SECG_P256K1` (secp256k1), commonly used for cryptocurrencies.\n- Asymmetric ML-DSA key pairs (signing and verification)\n\n- `ML_DSA_44`\n- `ML_DSA_65`\n- `ML_DSA_87`\n- SM2 key pairs (encryption and decryption *or* signing and verification *or* deriving shared secrets)\n\n- `SM2` (China Regions only)", + "title": "KeySpec", "type": "string" }, - "FlowArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", - "title": "FlowArn", + "KeyUsage": { + "markdownDescription": "Determines the [cryptographic operations](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations) for which you can use the KMS key. The default value is `ENCRYPT_DECRYPT` . This property is required for asymmetric KMS keys and HMAC KMS keys. You can't change the `KeyUsage` value after the KMS key is created.\n\n> If you change the value of the `KeyUsage` property on an existing KMS key, the update request fails, regardless of the value of the [`UpdateReplacePolicy` attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html) . This prevents you from accidentally deleting a KMS key by changing an immutable property value. \n\nSelect only one valid value.\n\n- For symmetric encryption KMS keys, omit the parameter or specify `ENCRYPT_DECRYPT` .\n- For HMAC KMS keys (symmetric), specify `GENERATE_VERIFY_MAC` .\n- For asymmetric KMS keys with RSA key pairs, specify `ENCRYPT_DECRYPT` or `SIGN_VERIFY` .\n- For asymmetric KMS keys with NIST-recommended elliptic curve key pairs, specify `SIGN_VERIFY` or `KEY_AGREEMENT` .\n- For asymmetric KMS keys with `ECC_SECG_P256K1` key pairs, specify `SIGN_VERIFY` .\n- For asymmetric KMS keys with ML-DSA key pairs, specify `SIGN_VERIFY` .\n- For asymmetric KMS keys with SM2 key pairs (China Regions only), specify `ENCRYPT_DECRYPT` , `SIGN_VERIFY` , or `KEY_AGREEMENT` .", + "title": "KeyUsage", "type": "string" }, - "Name": { - "markdownDescription": "The name of the entitlement. This value must be unique within the current flow.", - "title": "Name", + "MultiRegion": { + "markdownDescription": "Creates a multi-Region primary key that you can replicate in other AWS Regions . You can't change the `MultiRegion` value after the KMS key is created.\n\nFor a list of AWS Regions in which multi-Region keys are supported, see [Multi-Region keys in AWS KMS](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the ** .\n\n> If you change the value of the `MultiRegion` property on an existing KMS key, the update request fails, regardless of the value of the [`UpdateReplacePolicy` attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html) . This prevents you from accidentally deleting a KMS key by changing an immutable property value. \n\nFor a multi-Region key, set to this property to `true` . For a single-Region key, omit this property or set it to `false` . The default value is `false` .\n\n*Multi-Region keys* are an AWS KMS feature that lets you create multiple interoperable KMS keys in different AWS Regions . Because these KMS keys have the same key ID, key material, and other metadata, you can use them to encrypt data in one AWS Region and decrypt it in a different AWS Region without making a cross-Region call or exposing the plaintext data. For more information, see [Multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the *AWS Key Management Service Developer Guide* .\n\nYou can create a symmetric encryption, HMAC, or asymmetric multi-Region KMS key, and you can create a multi-Region key with imported key material. However, you cannot create a multi-Region key in a custom key store.\n\nTo create a replica of this primary key in a different AWS Region , create an [AWS::KMS::ReplicaKey](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kms-replicakey.html) resource in a CloudFormation stack in the replica Region. Specify the key ARN of this primary key.", + "title": "MultiRegion", + "type": "boolean" + }, + "Origin": { + "markdownDescription": "The source of the key material for the KMS key. You cannot change the origin after you create the KMS key. The default is `AWS_KMS` , which means that AWS KMS creates the key material.\n\nTo [create a KMS key with no key material](https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys-create-cmk.html) (for imported key material), set this value to `EXTERNAL` . For more information about importing key material into AWS KMS , see [Importing Key Material](https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html) in the *AWS Key Management Service Developer Guide* .\n\nYou can ignore `ENABLED` when Origin is `EXTERNAL` . When a KMS key with Origin `EXTERNAL` is created, the key state is `PENDING_IMPORT` and `ENABLED` is `false` . After you import the key material, `ENABLED` updated to `true` . The KMS key can then be used for Cryptographic Operations.\n\n> - AWS CloudFormation doesn't support creating an `Origin` parameter of the `AWS_CLOUDHSM` or `EXTERNAL_KEY_STORE` values.\n> - `EXTERNAL` is not supported for ML-DSA keys.", + "title": "Origin", "type": "string" }, - "Subscribers": { + "PendingWindowInDays": { + "markdownDescription": "Specifies the number of days in the waiting period before AWS KMS deletes a KMS key that has been removed from a CloudFormation stack. Enter a value between 7 and 30 days. The default value is 30 days.\n\nWhen you remove a KMS key from a CloudFormation stack, AWS KMS schedules the KMS key for deletion and starts the mandatory waiting period. The `PendingWindowInDays` property determines the length of waiting period. During the waiting period, the key state of KMS key is `Pending Deletion` or `Pending Replica Deletion` , which prevents the KMS key from being used in cryptographic operations. When the waiting period expires, AWS KMS permanently deletes the KMS key.\n\nAWS KMS will not delete a [multi-Region primary key](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) that has replica keys. If you remove a multi-Region primary key from a CloudFormation stack, its key state changes to `PendingReplicaDeletion` so it cannot be replicated or used in cryptographic operations. This state can persist indefinitely. When the last of its replica keys is deleted, the key state of the primary key changes to `PendingDeletion` and the waiting period specified by `PendingWindowInDays` begins. When this waiting period expires, AWS KMS deletes the primary key. For details, see [Deleting multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-delete.html) in the *AWS Key Management Service Developer Guide* .\n\nYou cannot use a CloudFormation template to cancel deletion of the KMS key after you remove it from the stack, regardless of the waiting period. If you specify a KMS key in your template, even one with the same name, CloudFormation creates a new KMS key. To cancel deletion of a KMS key, use the AWS KMS console or the [CancelKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_CancelKeyDeletion.html) operation.\n\nFor information about the `Pending Deletion` and `Pending Replica Deletion` key states, see [Key state: Effect on your KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) in the *AWS Key Management Service Developer Guide* . For more information about deleting KMS keys, see the [ScheduleKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_ScheduleKeyDeletion.html) operation in the *AWS Key Management Service API Reference* and [Deleting KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/deleting-keys.html) in the *AWS Key Management Service Developer Guide* .", + "title": "PendingWindowInDays", + "type": "number" + }, + "RotationPeriodInDays": { + "markdownDescription": "Specifies a custom period of time between each rotation date. If no value is specified, the default value is 365 days.\n\nThe rotation period defines the number of days after you enable automatic key rotation that AWS KMS will rotate your key material, and the number of days between each automatic rotation thereafter.\n\nYou can use the [`kms:RotationPeriodInDays`](https://docs.aws.amazon.com/kms/latest/developerguide/conditions-kms.html#conditions-kms-rotation-period-in-days) condition key to further constrain the values that principals can specify in the `RotationPeriodInDays` parameter.\n\nFor more information about rotating KMS keys and automatic rotation, see [Rotating keys](https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html) in the *AWS Key Management Service Developer Guide* .", + "title": "RotationPeriodInDays", + "type": "number" + }, + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The AWS account IDs that you want to share your content with. The receiving accounts (subscribers) will be allowed to create their own flows using your content as the source.", - "title": "Subscribers", + "markdownDescription": "Assigns one or more tags to the replica key.\n\n> Tagging or untagging a KMS key can allow or deny permission to the KMS key. For details, see [ABAC for AWS KMS](https://docs.aws.amazon.com/kms/latest/developerguide/abac.html) in the *AWS Key Management Service Developer Guide* . \n\nFor information about tags in AWS KMS , see [Tagging keys](https://docs.aws.amazon.com/kms/latest/developerguide/tagging-keys.html) in the *AWS Key Management Service Developer Guide* . For information about tags in CloudFormation, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", "type": "array" } }, - "required": [ - "Description", - "FlowArn", - "Name", - "Subscribers" - ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaConnect::FlowEntitlement" + "AWS::KMS::Key" ], "type": "string" }, @@ -155360,67 +159540,11 @@ } }, "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::MediaConnect::FlowEntitlement.Encryption": { - "additionalProperties": false, - "properties": { - "Algorithm": { - "markdownDescription": "The type of algorithm that is used for static key encryption (such as aes128, aes192, or aes256). If you are using SPEKE or SRT-password encryption, this property must be left blank.", - "title": "Algorithm", - "type": "string" - }, - "ConstantInitializationVector": { - "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, to be used with the key for encrypting content. This parameter is not valid for static key encryption.", - "title": "ConstantInitializationVector", - "type": "string" - }, - "DeviceId": { - "markdownDescription": "The value of one of the devices that you configured with your digital rights management (DRM) platform key provider. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "DeviceId", - "type": "string" - }, - "KeyType": { - "markdownDescription": "The type of key that is used for the encryption. If you don't specify a `keyType` value, the service uses the default setting ( `static-key` ). Valid key types are: `static-key` , `speke` , and `srt-password` .", - "title": "KeyType", - "type": "string" - }, - "Region": { - "markdownDescription": "The AWS Region that the API Gateway proxy endpoint was created in. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "Region", - "type": "string" - }, - "ResourceId": { - "markdownDescription": "An identifier for the content. The service sends this value to the key server to identify the current endpoint. The resource ID is also known as the content ID. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "ResourceId", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN of the role that you created during setup (when you set up MediaConnect as a trusted entity).", - "title": "RoleArn", - "type": "string" - }, - "SecretArn": { - "markdownDescription": "The ARN of the secret that you created in AWS Secrets Manager to store the encryption key. This parameter is required for static key encryption and is not valid for SPEKE encryption.", - "title": "SecretArn", - "type": "string" - }, - "Url": { - "markdownDescription": "The URL from the API Gateway proxy that you set up to talk to your key server. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "Url", - "type": "string" - } - }, - "required": [ - "Algorithm", - "RoleArn" + "Type" ], "type": "object" }, - "AWS::MediaConnect::FlowOutput": { + "AWS::KMS::ReplicaKey": { "additionalProperties": false, "properties": { "Condition": { @@ -155455,89 +159579,49 @@ "Properties": { "additionalProperties": false, "properties": { - "CidrAllowList": { - "items": { - "type": "string" - }, - "markdownDescription": "The range of IP addresses that should be allowed to initiate output requests to this flow. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16.", - "title": "CidrAllowList", - "type": "array" - }, "Description": { - "markdownDescription": "A description of the output. This description appears only on the MediaConnect console and will not be seen by the end user.", + "markdownDescription": "A description of the KMS key.\n\nThe default value is an empty string (no description).\n\nThe description is not a shared property of multi-Region keys. You can specify the same description or a different description for each key in a set of related multi-Region keys. AWS Key Management Service does not synchronize this property.", "title": "Description", "type": "string" }, - "Destination": { - "markdownDescription": "The IP address where you want to send the output.", - "title": "Destination", - "type": "string" - }, - "Encryption": { - "$ref": "#/definitions/AWS::MediaConnect::FlowOutput.Encryption", - "markdownDescription": "The type of key used for the encryption. If no `keyType` is provided, the service will use the default setting (static-key). Allowable encryption types: static-key.", - "title": "Encryption" - }, - "FlowArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the flow this output is attached to.", - "title": "FlowArn", - "type": "string" - }, - "MaxLatency": { - "markdownDescription": "The maximum latency in milliseconds. This parameter applies only to RIST-based and Zixi-based streams.", - "title": "MaxLatency", - "type": "number" - }, - "MinLatency": { - "markdownDescription": "The minimum latency in milliseconds for SRT-based streams. In streams that use the SRT protocol, this value that you set on your MediaConnect source or output represents the minimal potential latency of that connection. The latency of the stream is set to the highest number between the sender\u2019s minimum latency and the receiver\u2019s minimum latency.", - "title": "MinLatency", - "type": "number" - }, - "Name": { - "markdownDescription": "The name of the bridge's output.", - "title": "Name", - "type": "string" - }, - "Port": { - "markdownDescription": "The port to use when content is distributed to this output.", - "title": "Port", - "type": "number" - }, - "Protocol": { - "markdownDescription": "The protocol to use for the output.\n\n> AWS Elemental MediaConnect no longer supports the Fujitsu QoS protocol. This reference is maintained for legacy purposes only.", - "title": "Protocol", - "type": "string" + "Enabled": { + "markdownDescription": "Specifies whether the replica key is enabled. Disabled KMS keys cannot be used in cryptographic operations.\n\nWhen `Enabled` is `true` , the *key state* of the KMS key is `Enabled` . When `Enabled` is `false` , the key state of the KMS key is `Disabled` . The default value is `true` .\n\nThe actual key state of the replica might be affected by actions taken outside of CloudFormation, such as running the [EnableKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_EnableKey.html) , [DisableKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_DisableKey.html) , or [ScheduleKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_ScheduleKeyDeletion.html) operations. Also, while the replica key is being created, its key state is `Creating` . When the process is complete, the key state of the replica key changes to `Enabled` .\n\nFor information about the key states of a KMS key, see [Key state: Effect on your KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) in the *AWS Key Management Service Developer Guide* .", + "title": "Enabled", + "type": "boolean" }, - "RemoteId": { - "markdownDescription": "The remote ID for the Zixi-pull stream.", - "title": "RemoteId", - "type": "string" + "KeyPolicy": { + "markdownDescription": "The key policy that authorizes use of the replica key.\n\nThe key policy is not a shared property of multi-Region keys. You can specify the same key policy or a different key policy for each key in a set of related multi-Region keys. AWS KMS does not synchronize this property.\n\nThe key policy must conform to the following rules.\n\n- The key policy must give the caller [PutKeyPolicy](https://docs.aws.amazon.com/kms/latest/APIReference/API_PutKeyPolicy.html) permission on the KMS key. This reduces the risk that the KMS key becomes unmanageable. For more information, refer to the scenario in the [Default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) section of the **AWS Key Management Service Developer Guide** .\n- Each statement in the key policy must contain one or more principals. The principals in the key policy must exist and be visible to AWS KMS . When you create a new AWS principal (for example, an IAM user or role), you might need to enforce a delay before including the new principal in a key policy because the new principal might not be immediately visible to AWS KMS . For more information, see [Changes that I make are not always immediately visible](https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency) in the *AWS Identity and Access Management User Guide* .\n\nA key policy document can include only the following characters:\n\n- Printable ASCII characters from the space character ( `\\u0020` ) through the end of the ASCII character range.\n- Printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` ).\n- The tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` ) special characters\n\n*Minimum* : `1`\n\n*Maximum* : `32768`", + "title": "KeyPolicy", + "type": "object" }, - "SmoothingLatency": { - "markdownDescription": "The smoothing latency in milliseconds for RIST, RTP, and RTP-FEC streams.", - "title": "SmoothingLatency", + "PendingWindowInDays": { + "markdownDescription": "Specifies the number of days in the waiting period before AWS KMS deletes a replica key that has been removed from a CloudFormation stack. Enter a value between 7 and 30 days. The default value is 30 days.\n\nWhen you remove a replica key from a CloudFormation stack, AWS KMS schedules the replica key for deletion and starts the mandatory waiting period. The `PendingWindowInDays` property determines the length of waiting period. During the waiting period, the key state of replica key is `Pending Deletion` , which prevents it from being used in cryptographic operations. When the waiting period expires, AWS KMS permanently deletes the replica key.\n\nIf the KMS key is a multi-Region primary key with replica keys, the waiting period begins when the last of its replica keys is deleted. Otherwise, the waiting period begins immediately.\n\nYou cannot use a CloudFormation template to cancel deletion of the replica after you remove it from the stack, regardless of the waiting period. However, if you specify a replica key in your template that is based on the same primary key as the original replica key, CloudFormation creates a new replica key with the same key ID, key material, and other shared properties of the original replica key. This new replica key can decrypt ciphertext that was encrypted under the original replica key, or any related multi-Region key.\n\nFor detailed information about deleting multi-Region keys, see [Deleting multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-delete.html) in the *AWS Key Management Service Developer Guide* .\n\nFor information about the `PendingDeletion` key state, see [Key state: Effect on your KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) in the *AWS Key Management Service Developer Guide* . For more information about deleting KMS keys, see the [ScheduleKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_ScheduleKeyDeletion.html) operation in the *AWS Key Management Service API Reference* and [Deleting KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/deleting-keys.html) in the *AWS Key Management Service Developer Guide* .", + "title": "PendingWindowInDays", "type": "number" }, - "StreamId": { - "markdownDescription": "The stream ID that you want to use for this transport. This parameter applies only to Zixi and SRT caller-based streams.", - "title": "StreamId", + "PrimaryKeyArn": { + "markdownDescription": "Specifies the multi-Region primary key to replicate. The primary key must be in a different AWS Region of the same AWS partition. You can create only one replica of a given primary key in each AWS Region .\n\n> If you change the `PrimaryKeyArn` value of a replica key, the existing replica key is scheduled for deletion and a new replica key is created based on the specified primary key. While it is scheduled for deletion, the existing replica key becomes unusable. You can cancel the scheduled deletion of the key outside of CloudFormation.\n> \n> However, if you inadvertently delete a replica key, you can decrypt ciphertext encrypted by that replica key by using any related multi-Region key. If necessary, you can recreate the replica in the same Region after the previous one is completely deleted. For details, see [Deleting multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-delete.html) in the *AWS Key Management Service Developer Guide* \n\nSpecify the key ARN of an existing multi-Region primary key. For example, `arn:aws:kms:us-east-2:111122223333:key/mrk-1234abcd12ab34cd56ef1234567890ab` .", + "title": "PrimaryKeyArn", "type": "string" }, - "VpcInterfaceAttachment": { - "$ref": "#/definitions/AWS::MediaConnect::FlowOutput.VpcInterfaceAttachment", - "markdownDescription": "The name of the VPC interface attachment to use for this output.", - "title": "VpcInterfaceAttachment" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Assigns one or more tags to the replica key.\n\n> Tagging or untagging a KMS key can allow or deny permission to the KMS key. For details, see [ABAC for AWS KMS](https://docs.aws.amazon.com/kms/latest/developerguide/abac.html) in the *AWS Key Management Service Developer Guide* . \n\nTags are not a shared property of multi-Region keys. You can specify the same tags or different tags for each key in a set of related multi-Region keys. AWS KMS does not synchronize this property.\n\nEach tag consists of a tag key and a tag value. Both the tag key and the tag value are required, but the tag value can be an empty (null) string. You cannot have more than one tag on a KMS key with the same tag key. If you specify an existing tag key with a different tag value, AWS KMS replaces the current tag value with the specified one.\n\nWhen you assign tags to an AWS resource, AWS generates a cost allocation report with usage and costs aggregated by tags. Tags can also be used to control access to a KMS key. For details, see [Tagging keys](https://docs.aws.amazon.com/kms/latest/developerguide/tagging-keys.html) .", + "title": "Tags", + "type": "array" } }, "required": [ - "FlowArn", - "Protocol" + "KeyPolicy", + "PrimaryKeyArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaConnect::FlowOutput" + "AWS::KMS::ReplicaKey" ], "type": "string" }, @@ -155556,51 +159640,10 @@ ], "type": "object" }, - "AWS::MediaConnect::FlowOutput.Encryption": { + "AWS::KafkaConnect::Connector": { "additionalProperties": false, "properties": { - "Algorithm": { - "markdownDescription": "The type of algorithm that is used for static key encryption (such as aes128, aes192, or aes256). If you are using SPEKE or SRT-password encryption, this property must be left blank.", - "title": "Algorithm", - "type": "string" - }, - "KeyType": { - "markdownDescription": "The type of key that is used for the encryption. If you don't specify a `keyType` value, the service uses the default setting ( `static-key` ). Valid key types are: `static-key` , `speke` , and `srt-password` .", - "title": "KeyType", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN of the role that you created during setup (when you set up MediaConnect as a trusted entity).", - "title": "RoleArn", - "type": "string" - }, - "SecretArn": { - "markdownDescription": "The ARN of the secret that you created in AWS Secrets Manager to store the encryption key. This parameter is required for static key encryption and is not valid for SPEKE encryption.", - "title": "SecretArn", - "type": "string" - } - }, - "required": [ - "RoleArn", - "SecretArn" - ], - "type": "object" - }, - "AWS::MediaConnect::FlowOutput.VpcInterfaceAttachment": { - "additionalProperties": false, - "properties": { - "VpcInterfaceName": { - "markdownDescription": "The name of the VPC interface to use for this resource.", - "title": "VpcInterfaceName", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaConnect::FlowSource": { - "additionalProperties": false, - "properties": { - "Condition": { + "Condition": { "type": "string" }, "DeletionPolicy": { @@ -155632,106 +159675,100 @@ "Properties": { "additionalProperties": false, "properties": { - "Decryption": { - "$ref": "#/definitions/AWS::MediaConnect::FlowSource.Encryption", - "markdownDescription": "The type of encryption that is used on the content ingested from this source. Allowable encryption types: static-key.", - "title": "Decryption" + "Capacity": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.Capacity", + "markdownDescription": "The connector's compute capacity settings.", + "title": "Capacity" }, - "Description": { - "markdownDescription": "A description for the source. This value is not used or seen outside of the current MediaConnect account.", - "title": "Description", - "type": "string" + "ConnectorConfiguration": { + "additionalProperties": true, + "markdownDescription": "The configuration of the connector.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "ConnectorConfiguration", + "type": "object" }, - "EntitlementArn": { - "markdownDescription": "The ARN of the entitlement that allows you to subscribe to this flow. The entitlement is set by the flow originator, and the ARN is generated as part of the originator's flow.", - "title": "EntitlementArn", + "ConnectorDescription": { + "markdownDescription": "The description of the connector.", + "title": "ConnectorDescription", "type": "string" }, - "FlowArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the flow this source is connected to. The flow must have Failover enabled to add an additional source.", - "title": "FlowArn", + "ConnectorName": { + "markdownDescription": "The name of the connector.\n\nThe connector name must be unique and can include up to 128 characters. Valid characters you can include in a connector name are: a-z, A-Z, 0-9, and -.", + "title": "ConnectorName", "type": "string" }, - "GatewayBridgeSource": { - "$ref": "#/definitions/AWS::MediaConnect::FlowSource.GatewayBridgeSource", - "markdownDescription": "The bridge's source.", - "title": "GatewayBridgeSource" - }, - "IngestPort": { - "markdownDescription": "The port that the flow listens on for incoming content. If the protocol of the source is Zixi, the port must be set to 2088.", - "title": "IngestPort", - "type": "number" - }, - "MaxBitrate": { - "markdownDescription": "The smoothing max bitrate (in bps) for RIST, RTP, and RTP-FEC streams.", - "title": "MaxBitrate", - "type": "number" - }, - "MaxLatency": { - "markdownDescription": "The maximum latency in milliseconds. This parameter applies only to RIST-based and Zixi-based streams.", - "title": "MaxLatency", - "type": "number" - }, - "MinLatency": { - "markdownDescription": "The minimum latency in milliseconds for SRT-based streams. In streams that use the SRT protocol, this value that you set on your MediaConnect source or output represents the minimal potential latency of that connection. The latency of the stream is set to the highest number between the sender\u2019s minimum latency and the receiver\u2019s minimum latency.", - "title": "MinLatency", - "type": "number" - }, - "Name": { - "markdownDescription": "The name of the source.", - "title": "Name", - "type": "string" + "KafkaCluster": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.KafkaCluster", + "markdownDescription": "The details of the Apache Kafka cluster to which the connector is connected.", + "title": "KafkaCluster" }, - "Protocol": { - "markdownDescription": "The protocol that the source uses to deliver the content to MediaConnect. Adding additional sources to an existing flow requires Failover to be enabled. When you enable Failover, the additional source must use the same protocol as the existing source. Only the following protocols support failover: Zixi-push, RTP-FEC, RTP, RIST and SRT protocols.\n\nIf you use failover with SRT caller or listener, the `FailoverMode` property must be set to `FAILOVER` . The `FailoverMode` property\u00a0is found in\u00a0the `FailoverConfig` resource\u00a0of the same flow ARN you used for the source's `FlowArn` property. SRT caller/listener does not support\u00a0merge\u00a0mode failover.", - "title": "Protocol", - "type": "string" + "KafkaClusterClientAuthentication": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.KafkaClusterClientAuthentication", + "markdownDescription": "The type of client authentication used to connect to the Apache Kafka cluster. The value is NONE when no client authentication is used.", + "title": "KafkaClusterClientAuthentication" }, - "SenderControlPort": { - "markdownDescription": "The port that the flow uses to send outbound requests to initiate connection with the sender.", - "title": "SenderControlPort", - "type": "number" + "KafkaClusterEncryptionInTransit": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.KafkaClusterEncryptionInTransit", + "markdownDescription": "Details of encryption in transit to the Apache Kafka cluster.", + "title": "KafkaClusterEncryptionInTransit" }, - "SenderIpAddress": { - "markdownDescription": "The IP address that the flow communicates with to initiate connection with the sender.", - "title": "SenderIpAddress", + "KafkaConnectVersion": { + "markdownDescription": "The version of Kafka Connect. It has to be compatible with both the Apache Kafka cluster's version and the plugins.", + "title": "KafkaConnectVersion", "type": "string" }, - "SourceListenerAddress": { - "markdownDescription": "Source IP or domain name for SRT-caller protocol.", - "title": "SourceListenerAddress", - "type": "string" + "LogDelivery": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.LogDelivery", + "markdownDescription": "The settings for delivering connector logs to Amazon CloudWatch Logs.", + "title": "LogDelivery" }, - "SourceListenerPort": { - "markdownDescription": "Source port for SRT-caller protocol.", - "title": "SourceListenerPort", - "type": "number" + "Plugins": { + "items": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.Plugin" + }, + "markdownDescription": "Specifies which plugin to use for the connector. You must specify a single-element list. Amazon MSK Connect does not currently support specifying multiple plugins.", + "title": "Plugins", + "type": "array" }, - "StreamId": { - "markdownDescription": "The stream ID that you want to use for this transport. This parameter applies only to Zixi and SRT caller-based streams.", - "title": "StreamId", + "ServiceExecutionRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role used by the connector to access Amazon Web Services resources.", + "title": "ServiceExecutionRoleArn", "type": "string" }, - "VpcInterfaceName": { - "markdownDescription": "The name of the VPC interface to use for this source.", - "title": "VpcInterfaceName", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" }, - "WhitelistCidr": { - "markdownDescription": "The range of IP addresses that should be allowed to contribute content to your source. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16.", - "title": "WhitelistCidr", - "type": "string" + "WorkerConfiguration": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.WorkerConfiguration", + "markdownDescription": "The worker configurations that are in use with the connector.", + "title": "WorkerConfiguration" } }, "required": [ - "Description", - "Name" + "Capacity", + "ConnectorConfiguration", + "ConnectorName", + "KafkaCluster", + "KafkaClusterClientAuthentication", + "KafkaClusterEncryptionInTransit", + "KafkaConnectVersion", + "Plugins", + "ServiceExecutionRoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaConnect::FlowSource" + "AWS::KafkaConnect::Connector" ], "type": "string" }, @@ -155750,290 +159787,347 @@ ], "type": "object" }, - "AWS::MediaConnect::FlowSource.Encryption": { + "AWS::KafkaConnect::Connector.ApacheKafkaCluster": { "additionalProperties": false, "properties": { - "Algorithm": { - "markdownDescription": "The type of algorithm that is used for static key encryption (such as aes128, aes192, or aes256). If you are using SPEKE or SRT-password encryption, this property must be left blank.", - "title": "Algorithm", + "BootstrapServers": { + "markdownDescription": "The bootstrap servers of the cluster.", + "title": "BootstrapServers", "type": "string" }, - "ConstantInitializationVector": { - "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, to be used with the key for encrypting content. This parameter is not valid for static key encryption.", - "title": "ConstantInitializationVector", - "type": "string" + "Vpc": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.Vpc", + "markdownDescription": "Details of an Amazon VPC which has network connectivity to the Apache Kafka cluster.", + "title": "Vpc" + } + }, + "required": [ + "BootstrapServers", + "Vpc" + ], + "type": "object" + }, + "AWS::KafkaConnect::Connector.AutoScaling": { + "additionalProperties": false, + "properties": { + "MaxWorkerCount": { + "markdownDescription": "The maximum number of workers allocated to the connector.", + "title": "MaxWorkerCount", + "type": "number" }, - "DeviceId": { - "markdownDescription": "The value of one of the devices that you configured with your digital rights management (DRM) platform key provider. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "DeviceId", - "type": "string" + "McuCount": { + "markdownDescription": "The number of microcontroller units (MCUs) allocated to each connector worker. The valid values are 1,2,4,8.", + "title": "McuCount", + "type": "number" }, - "KeyType": { - "markdownDescription": "The type of key that is used for the encryption. If you don't specify a `keyType` value, the service uses the default setting ( `static-key` ). Valid key types are: `static-key` , `speke` , and `srt-password` .", - "title": "KeyType", - "type": "string" + "MinWorkerCount": { + "markdownDescription": "The minimum number of workers allocated to the connector.", + "title": "MinWorkerCount", + "type": "number" }, - "Region": { - "markdownDescription": "The AWS Region that the API Gateway proxy endpoint was created in. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "Region", - "type": "string" + "ScaleInPolicy": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.ScaleInPolicy", + "markdownDescription": "The sacle-in policy for the connector.", + "title": "ScaleInPolicy" }, - "ResourceId": { - "markdownDescription": "An identifier for the content. The service sends this value to the key server to identify the current endpoint. The resource ID is also known as the content ID. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "ResourceId", - "type": "string" + "ScaleOutPolicy": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.ScaleOutPolicy", + "markdownDescription": "The sacle-out policy for the connector.", + "title": "ScaleOutPolicy" + } + }, + "required": [ + "MaxWorkerCount", + "McuCount", + "MinWorkerCount", + "ScaleInPolicy", + "ScaleOutPolicy" + ], + "type": "object" + }, + "AWS::KafkaConnect::Connector.Capacity": { + "additionalProperties": false, + "properties": { + "AutoScaling": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.AutoScaling", + "markdownDescription": "Information about the auto scaling parameters for the connector.", + "title": "AutoScaling" }, - "RoleArn": { - "markdownDescription": "The ARN of the role that you created during setup (when you set up MediaConnect as a trusted entity).", - "title": "RoleArn", - "type": "string" + "ProvisionedCapacity": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.ProvisionedCapacity", + "markdownDescription": "Details about a fixed capacity allocated to a connector.", + "title": "ProvisionedCapacity" + } + }, + "type": "object" + }, + "AWS::KafkaConnect::Connector.CloudWatchLogsLogDelivery": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Whether log delivery to Amazon CloudWatch Logs is enabled.", + "title": "Enabled", + "type": "boolean" }, - "SecretArn": { - "markdownDescription": "The ARN of the secret that you created in AWS Secrets Manager to store the encryption key. This parameter is required for static key encryption and is not valid for SPEKE encryption.", - "title": "SecretArn", + "LogGroup": { + "markdownDescription": "The name of the CloudWatch log group that is the destination for log delivery.", + "title": "LogGroup", "type": "string" - }, - "Url": { - "markdownDescription": "The URL from the API Gateway proxy that you set up to talk to your key server. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "Url", + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::KafkaConnect::Connector.CustomPlugin": { + "additionalProperties": false, + "properties": { + "CustomPluginArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the custom plugin.", + "title": "CustomPluginArn", "type": "string" + }, + "Revision": { + "markdownDescription": "The revision of the custom plugin.", + "title": "Revision", + "type": "number" } }, "required": [ - "RoleArn" + "CustomPluginArn", + "Revision" ], "type": "object" }, - "AWS::MediaConnect::FlowSource.GatewayBridgeSource": { + "AWS::KafkaConnect::Connector.FirehoseLogDelivery": { "additionalProperties": false, "properties": { - "BridgeArn": { - "markdownDescription": "The ARN of the bridge feeding this flow.", - "title": "BridgeArn", + "DeliveryStream": { + "markdownDescription": "The name of the Kinesis Data Firehose delivery stream that is the destination for log delivery.", + "title": "DeliveryStream", "type": "string" }, - "VpcInterfaceAttachment": { - "$ref": "#/definitions/AWS::MediaConnect::FlowSource.VpcInterfaceAttachment", - "markdownDescription": "The name of the VPC interface attachment to use for this bridge source.", - "title": "VpcInterfaceAttachment" + "Enabled": { + "markdownDescription": "Specifies whether connector logs get delivered to Amazon Kinesis Data Firehose.", + "title": "Enabled", + "type": "boolean" } }, "required": [ - "BridgeArn" + "Enabled" ], "type": "object" }, - "AWS::MediaConnect::FlowSource.VpcInterfaceAttachment": { + "AWS::KafkaConnect::Connector.KafkaCluster": { "additionalProperties": false, "properties": { - "VpcInterfaceName": { - "markdownDescription": "The name of the VPC interface to use for this resource.", - "title": "VpcInterfaceName", + "ApacheKafkaCluster": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.ApacheKafkaCluster", + "markdownDescription": "The Apache Kafka cluster to which the connector is connected.", + "title": "ApacheKafkaCluster" + } + }, + "required": [ + "ApacheKafkaCluster" + ], + "type": "object" + }, + "AWS::KafkaConnect::Connector.KafkaClusterClientAuthentication": { + "additionalProperties": false, + "properties": { + "AuthenticationType": { + "markdownDescription": "The type of client authentication used to connect to the Apache Kafka cluster. Value NONE means that no client authentication is used.", + "title": "AuthenticationType", "type": "string" } }, + "required": [ + "AuthenticationType" + ], "type": "object" }, - "AWS::MediaConnect::FlowVpcInterface": { + "AWS::KafkaConnect::Connector.KafkaClusterEncryptionInTransit": { "additionalProperties": false, "properties": { - "Condition": { + "EncryptionType": { + "markdownDescription": "The type of encryption in transit to the Apache Kafka cluster.", + "title": "EncryptionType", "type": "string" + } + }, + "required": [ + "EncryptionType" + ], + "type": "object" + }, + "AWS::KafkaConnect::Connector.LogDelivery": { + "additionalProperties": false, + "properties": { + "WorkerLogDelivery": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.WorkerLogDelivery", + "markdownDescription": "The workers can send worker logs to different destination types. This configuration specifies the details of these destinations.", + "title": "WorkerLogDelivery" + } + }, + "required": [ + "WorkerLogDelivery" + ], + "type": "object" + }, + "AWS::KafkaConnect::Connector.Plugin": { + "additionalProperties": false, + "properties": { + "CustomPlugin": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.CustomPlugin", + "markdownDescription": "Details about a custom plugin.", + "title": "CustomPlugin" + } + }, + "required": [ + "CustomPlugin" + ], + "type": "object" + }, + "AWS::KafkaConnect::Connector.ProvisionedCapacity": { + "additionalProperties": false, + "properties": { + "McuCount": { + "markdownDescription": "The number of microcontroller units (MCUs) allocated to each connector worker. The valid values are 1,2,4,8.", + "title": "McuCount", + "type": "number" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "WorkerCount": { + "markdownDescription": "The number of workers that are allocated to the connector.", + "title": "WorkerCount", + "type": "number" + } + }, + "required": [ + "WorkerCount" + ], + "type": "object" + }, + "AWS::KafkaConnect::Connector.S3LogDelivery": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The name of the S3 bucket that is the destination for log delivery.", + "title": "Bucket", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "FlowArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", - "title": "FlowArn", - "type": "string" - }, - "Name": { - "markdownDescription": "The name for the VPC interface. This name must be unique within the flow.", - "title": "Name", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role that you created when you set up MediaConnect as a trusted service.", - "title": "RoleArn", - "type": "string" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A virtual firewall to control inbound and outbound traffic.", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetId": { - "markdownDescription": "The subnet IDs that you want to use for your VPC interface. A range of IP addresses in your VPC. When you create your VPC, you specify a range of IPv4 addresses for the VPC in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16. This is the primary CIDR block for your VPC. When you create a subnet for your VPC, you specify the CIDR block for the subnet, which is a subset of the VPC CIDR block. The subnets that you use across all VPC interfaces on the flow must be in the same Availability Zone as the flow.", - "title": "SubnetId", - "type": "string" - } - }, - "required": [ - "FlowArn", - "Name", - "RoleArn", - "SecurityGroupIds", - "SubnetId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::MediaConnect::FlowVpcInterface" - ], - "type": "string" + "Enabled": { + "markdownDescription": "Specifies whether connector logs get sent to the specified Amazon S3 destination.", + "title": "Enabled", + "type": "boolean" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Prefix": { + "markdownDescription": "The S3 prefix that is the destination for log delivery.", + "title": "Prefix", "type": "string" } }, "required": [ - "Type", - "Properties" + "Enabled" ], "type": "object" }, - "AWS::MediaConnect::Gateway": { + "AWS::KafkaConnect::Connector.ScaleInPolicy": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "EgressCidrBlocks": { - "items": { - "type": "string" - }, - "markdownDescription": "The range of IP addresses that are allowed to contribute content or initiate output requests for flows communicating with this gateway. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16.", - "title": "EgressCidrBlocks", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the gateway. This name can not be modified after the gateway is created.", - "title": "Name", - "type": "string" - }, - "Networks": { - "items": { - "$ref": "#/definitions/AWS::MediaConnect::Gateway.GatewayNetwork" - }, - "markdownDescription": "The list of networks in the gateway.", - "title": "Networks", - "type": "array" - } + "CpuUtilizationPercentage": { + "markdownDescription": "Specifies the CPU utilization percentage threshold at which you want connector scale in to be triggered.", + "title": "CpuUtilizationPercentage", + "type": "number" + } + }, + "required": [ + "CpuUtilizationPercentage" + ], + "type": "object" + }, + "AWS::KafkaConnect::Connector.ScaleOutPolicy": { + "additionalProperties": false, + "properties": { + "CpuUtilizationPercentage": { + "markdownDescription": "The CPU utilization percentage threshold at which you want connector scale out to be triggered.", + "title": "CpuUtilizationPercentage", + "type": "number" + } + }, + "required": [ + "CpuUtilizationPercentage" + ], + "type": "object" + }, + "AWS::KafkaConnect::Connector.Vpc": { + "additionalProperties": false, + "properties": { + "SecurityGroups": { + "items": { + "type": "string" }, - "required": [ - "EgressCidrBlocks", - "Name", - "Networks" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::MediaConnect::Gateway" - ], - "type": "string" + "markdownDescription": "The security group IDs for the connector.", + "title": "SecurityGroups", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The subnets for the connector.", + "title": "Subnets", + "type": "array" } }, "required": [ - "Type", - "Properties" + "SecurityGroups", + "Subnets" ], "type": "object" }, - "AWS::MediaConnect::Gateway.GatewayNetwork": { + "AWS::KafkaConnect::Connector.WorkerConfiguration": { "additionalProperties": false, "properties": { - "CidrBlock": { - "markdownDescription": "A unique IP address range to use for this network. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16.", - "title": "CidrBlock", - "type": "string" + "Revision": { + "markdownDescription": "The revision of the worker configuration.", + "title": "Revision", + "type": "number" }, - "Name": { - "markdownDescription": "The name of the network. This name is used to reference the network and must be unique among networks in this gateway.", - "title": "Name", + "WorkerConfigurationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the worker configuration.", + "title": "WorkerConfigurationArn", "type": "string" } }, "required": [ - "CidrBlock", - "Name" + "Revision", + "WorkerConfigurationArn" ], "type": "object" }, - "AWS::MediaConvert::JobTemplate": { + "AWS::KafkaConnect::Connector.WorkerLogDelivery": { + "additionalProperties": false, + "properties": { + "CloudWatchLogs": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.CloudWatchLogsLogDelivery", + "markdownDescription": "Details about delivering logs to Amazon CloudWatch Logs.", + "title": "CloudWatchLogs" + }, + "Firehose": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.FirehoseLogDelivery", + "markdownDescription": "Details about delivering logs to Amazon Kinesis Data Firehose.", + "title": "Firehose" + }, + "S3": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.S3LogDelivery", + "markdownDescription": "Details about delivering logs to Amazon S3.", + "title": "S3" + } + }, + "type": "object" + }, + "AWS::KafkaConnect::CustomPlugin": { "additionalProperties": false, "properties": { "Condition": { @@ -156068,68 +160162,45 @@ "Properties": { "additionalProperties": false, "properties": { - "AccelerationSettings": { - "$ref": "#/definitions/AWS::MediaConvert::JobTemplate.AccelerationSettings", - "markdownDescription": "Accelerated transcoding can significantly speed up jobs with long, visually complex content. Outputs that use this feature incur pro-tier pricing. For information about feature limitations, For more information, see [Job Limitations for Accelerated Transcoding in AWS Elemental MediaConvert](https://docs.aws.amazon.com/mediaconvert/latest/ug/job-requirements.html) in the *AWS Elemental MediaConvert User Guide* .", - "title": "AccelerationSettings" - }, - "Category": { - "markdownDescription": "Optional. A category for the job template you are creating", - "title": "Category", + "ContentType": { + "markdownDescription": "The format of the plugin file.", + "title": "ContentType", "type": "string" }, "Description": { - "markdownDescription": "Optional. A description of the job template you are creating.", + "markdownDescription": "The description of the custom plugin.", "title": "Description", "type": "string" }, - "HopDestinations": { - "items": { - "$ref": "#/definitions/AWS::MediaConvert::JobTemplate.HopDestination" - }, - "markdownDescription": "Optional. Configuration for a destination queue to which the job can hop once a customer-defined minimum wait time has passed. For more information, see [Setting Up Queue Hopping to Avoid Long Waits](https://docs.aws.amazon.com/mediaconvert/latest/ug/setting-up-queue-hopping-to-avoid-long-waits.html) in the *AWS Elemental MediaConvert User Guide* .", - "title": "HopDestinations", - "type": "array" + "Location": { + "$ref": "#/definitions/AWS::KafkaConnect::CustomPlugin.CustomPluginLocation", + "markdownDescription": "Information about the location of the custom plugin.", + "title": "Location" }, "Name": { - "markdownDescription": "Name of the output group", + "markdownDescription": "The name of the custom plugin.", "title": "Name", "type": "string" }, - "Priority": { - "markdownDescription": "Specify the relative priority for this job. In any given queue, the service begins processing the job with the highest value first. When more than one job has the same priority, the service begins processing the job that you submitted first. If you don't specify a priority, the service uses the default value 0. Minimum: -50 Maximum: 50", - "title": "Priority", - "type": "number" - }, - "Queue": { - "markdownDescription": "Optional. The queue that jobs created from this template are assigned to. Specify the Amazon Resource Name (ARN) of the queue. For example, arn:aws:mediaconvert:us-west-2:505474453218:queues/Default. If you don't specify this, jobs will go to the default queue.", - "title": "Queue", - "type": "string" - }, - "SettingsJson": { - "markdownDescription": "Specify, in JSON format, the transcoding job settings for this job template. This specification must conform to the AWS Elemental MediaConvert job validation. For information about forming this specification, see the Remarks section later in this topic.\n\nFor more information about MediaConvert job templates, see [Working with AWS Elemental MediaConvert Job Templates](https://docs.aws.amazon.com/mediaconvert/latest/ug/working-with-job-templates.html) in the ** .", - "title": "SettingsJson", - "type": "object" - }, - "StatusUpdateInterval": { - "markdownDescription": "Specify how often MediaConvert sends STATUS_UPDATE events to Amazon CloudWatch Events. Set the interval, in seconds, between status updates. MediaConvert sends an update at this interval from the time the service begins processing your job to the time it completes the transcode or encounters an error.\n\nSpecify one of the following enums:\n\nSECONDS_10\n\nSECONDS_12\n\nSECONDS_15\n\nSECONDS_20\n\nSECONDS_30\n\nSECONDS_60\n\nSECONDS_120\n\nSECONDS_180\n\nSECONDS_240\n\nSECONDS_300\n\nSECONDS_360\n\nSECONDS_420\n\nSECONDS_480\n\nSECONDS_540\n\nSECONDS_600", - "title": "StatusUpdateInterval", - "type": "string" - }, "Tags": { - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", "title": "Tags", - "type": "object" + "type": "array" } }, "required": [ - "SettingsJson" + "ContentType", + "Location", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaConvert::JobTemplate" + "AWS::KafkaConnect::CustomPlugin" ], "type": "string" }, @@ -156148,42 +160219,62 @@ ], "type": "object" }, - "AWS::MediaConvert::JobTemplate.AccelerationSettings": { + "AWS::KafkaConnect::CustomPlugin.CustomPluginFileDescription": { "additionalProperties": false, "properties": { - "Mode": { - "markdownDescription": "Specify the conditions when the service will run your job with accelerated transcoding.", - "title": "Mode", + "FileMd5": { + "markdownDescription": "The hex-encoded MD5 checksum of the custom plugin file. You can use it to validate the file.", + "title": "FileMd5", "type": "string" + }, + "FileSize": { + "markdownDescription": "The size in bytes of the custom plugin file. You can use it to validate the file.", + "title": "FileSize", + "type": "number" + } + }, + "type": "object" + }, + "AWS::KafkaConnect::CustomPlugin.CustomPluginLocation": { + "additionalProperties": false, + "properties": { + "S3Location": { + "$ref": "#/definitions/AWS::KafkaConnect::CustomPlugin.S3Location", + "markdownDescription": "The S3 bucket Amazon Resource Name (ARN), file key, and object version of the plugin file stored in Amazon S3.", + "title": "S3Location" } }, "required": [ - "Mode" + "S3Location" ], "type": "object" }, - "AWS::MediaConvert::JobTemplate.HopDestination": { + "AWS::KafkaConnect::CustomPlugin.S3Location": { "additionalProperties": false, "properties": { - "Priority": { - "markdownDescription": "Optional. When you set up a job to use queue hopping, you can specify a different relative priority for the job in the destination queue. If you don't specify, the relative priority will remain the same as in the previous queue.", - "title": "Priority", - "type": "number" + "BucketArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an S3 bucket.", + "title": "BucketArn", + "type": "string" }, - "Queue": { - "markdownDescription": "Optional unless the job is submitted on the default queue. When you set up a job to use queue hopping, you can specify a destination queue. This queue cannot be the original queue to which the job is submitted. If the original queue isn't the default queue and you don't specify the destination queue, the job will move to the default queue.", - "title": "Queue", + "FileKey": { + "markdownDescription": "The file key for an object in an S3 bucket.", + "title": "FileKey", "type": "string" }, - "WaitMinutes": { - "markdownDescription": "Required for setting up a job to use queue hopping. Minimum wait time in minutes until the job can hop to the destination queue. Valid range is 1 to 4320 minutes, inclusive.", - "title": "WaitMinutes", - "type": "number" + "ObjectVersion": { + "markdownDescription": "The version of an object in an S3 bucket.", + "title": "ObjectVersion", + "type": "string" } }, + "required": [ + "BucketArn", + "FileKey" + ], "type": "object" }, - "AWS::MediaConvert::Preset": { + "AWS::KafkaConnect::WorkerConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -156218,40 +160309,39 @@ "Properties": { "additionalProperties": false, "properties": { - "Category": { - "markdownDescription": "The new category for the preset, if you are changing it.", - "title": "Category", - "type": "string" - }, "Description": { - "markdownDescription": "The new description for the preset, if you are changing it.", + "markdownDescription": "The description of a worker configuration.", "title": "Description", "type": "string" }, "Name": { - "markdownDescription": "The name of the preset that you are modifying.", + "markdownDescription": "The name of the worker configuration.", "title": "Name", "type": "string" }, - "SettingsJson": { - "markdownDescription": "Specify, in JSON format, the transcoding job settings for this output preset. This specification must conform to the AWS Elemental MediaConvert job validation. For information about forming this specification, see the Remarks section later in this topic.\n\nFor more information about MediaConvert output presets, see [Working with AWS Elemental MediaConvert Output Presets](https://docs.aws.amazon.com/mediaconvert/latest/ug/working-with-presets.html) in the ** .", - "title": "SettingsJson", - "type": "object" + "PropertiesFileContent": { + "markdownDescription": "Base64 encoded contents of the connect-distributed.properties file.", + "title": "PropertiesFileContent", + "type": "string" }, "Tags": { - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", "title": "Tags", - "type": "object" + "type": "array" } }, "required": [ - "SettingsJson" + "Name", + "PropertiesFileContent" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaConvert::Preset" + "AWS::KafkaConnect::WorkerConfiguration" ], "type": "string" }, @@ -156270,7 +160360,7 @@ ], "type": "object" }, - "AWS::MediaConvert::Queue": { + "AWS::Kendra::DataSource": { "additionalProperties": false, "properties": { "Condition": { @@ -156305,37 +160395,70 @@ "Properties": { "additionalProperties": false, "properties": { + "CustomDocumentEnrichmentConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.CustomDocumentEnrichmentConfiguration", + "markdownDescription": "Configuration information for altering document metadata and content during the document ingestion process.", + "title": "CustomDocumentEnrichmentConfiguration" + }, + "DataSourceConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceConfiguration", + "markdownDescription": "Configuration information for an Amazon Kendra data source. The contents of the configuration depend on the type of data source. You can only specify one type of data source in the configuration.\n\nYou can't specify the `Configuration` parameter when the `Type` parameter is set to `CUSTOM` .\n\nThe `Configuration` parameter is required for all other data sources.", + "title": "DataSourceConfiguration" + }, "Description": { - "markdownDescription": "Optional. A description of the queue that you are creating.", + "markdownDescription": "A description for the data source connector.", "title": "Description", "type": "string" }, + "IndexId": { + "markdownDescription": "The identifier of the index you want to use with the data source connector.", + "title": "IndexId", + "type": "string" + }, + "LanguageCode": { + "markdownDescription": "The code for a language. This shows a supported language for all documents in the data source. English is supported by default. For more information on supported languages, including their codes, see [Adding documents in languages other than English](https://docs.aws.amazon.com/kendra/latest/dg/in-adding-languages.html) .", + "title": "LanguageCode", + "type": "string" + }, "Name": { - "markdownDescription": "The name of the queue that you are creating.", + "markdownDescription": "The name of the data source.", "title": "Name", "type": "string" }, - "PricingPlan": { - "markdownDescription": "When you use AWS CloudFormation , you can create only on-demand queues. Therefore, always set `PricingPlan` to the value \"ON_DEMAND\" when declaring an AWS::MediaConvert::Queue in your AWS CloudFormation template.\n\nTo create a reserved queue, use the AWS Elemental MediaConvert console at https://console.aws.amazon.com/mediaconvert to set up a contract. For more information, see [Working with AWS Elemental MediaConvert Queues](https://docs.aws.amazon.com/mediaconvert/latest/ug/working-with-queues.html) in the ** .", - "title": "PricingPlan", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of a role with permission to access the data source.\n\nYou can't specify the `RoleArn` parameter when the `Type` parameter is set to `CUSTOM` .\n\nThe `RoleArn` parameter is required for all other data sources.", + "title": "RoleArn", "type": "string" }, - "Status": { - "markdownDescription": "Initial state of the queue. Queues can be either ACTIVE or PAUSED. If you create a paused queue, then jobs that you send to that queue won't begin.", - "title": "Status", + "Schedule": { + "markdownDescription": "Sets the frequency that Amazon Kendra checks the documents in your data source and updates the index. If you don't set a schedule, Amazon Kendra doesn't periodically update the index.", + "title": "Schedule", "type": "string" }, "Tags": { - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", - "type": "object" + "type": "array" + }, + "Type": { + "markdownDescription": "The type of the data source.", + "title": "Type", + "type": "string" } }, + "required": [ + "IndexId", + "Name", + "Type" + ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaConvert::Queue" + "AWS::Kendra::DataSource" ], "type": "string" }, @@ -156349,5523 +160472,6602 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::MediaLive::Channel": { + "AWS::Kendra::DataSource.AccessControlListConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "CdiInputSpecification": { - "$ref": "#/definitions/AWS::MediaLive::Channel.CdiInputSpecification", - "markdownDescription": "Specification of CDI inputs for this channel.", - "title": "CdiInputSpecification" - }, - "ChannelClass": { - "markdownDescription": "The class for this channel. For a channel with two pipelines, the class is STANDARD. For a channel with one pipeline, the class is SINGLE_PIPELINE.", - "title": "ChannelClass", - "type": "string" - }, - "Destinations": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputDestination" - }, - "markdownDescription": "The settings that identify the destination for the outputs in this MediaLive output package.", - "title": "Destinations", - "type": "array" - }, - "EncoderSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.EncoderSettings", - "markdownDescription": "The encoding configuration for the output content.", - "title": "EncoderSettings" - }, - "InputAttachments": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputAttachment" - }, - "markdownDescription": "The list of input attachments for the channel.", - "title": "InputAttachments", - "type": "array" - }, - "InputSpecification": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputSpecification", - "markdownDescription": "The input specification for this channel. It specifies the key characteristics of the inputs for this channel: the maximum bitrate, the resolution, and the codec.", - "title": "InputSpecification" - }, - "LogLevel": { - "markdownDescription": "The verbosity for logging activity for this channel. Charges for logging (which are generated through Amazon CloudWatch Logging) are higher for higher verbosities.", - "title": "LogLevel", - "type": "string" - }, - "Maintenance": { - "$ref": "#/definitions/AWS::MediaLive::Channel.MaintenanceCreateSettings", - "markdownDescription": "Maintenance settings for this channel.", - "title": "Maintenance" - }, - "Name": { - "markdownDescription": "Name of channel.", - "title": "Name", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The IAM role for MediaLive to assume when running this channel. The role is identified by its ARN.", - "title": "RoleArn", - "type": "string" - }, - "Tags": { - "markdownDescription": "A collection of tags for this channel. Each tag is a key-value pair.", - "title": "Tags", - "type": "object" - }, - "Vpc": { - "$ref": "#/definitions/AWS::MediaLive::Channel.VpcOutputSettings", - "markdownDescription": "Settings to enable VPC mode in the channel, so that the endpoints for all outputs are in your VPC.", - "title": "Vpc" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::MediaLive::Channel" - ], + "KeyPath": { + "markdownDescription": "Path to the AWS S3 bucket that contains the access control list files.", + "title": "KeyPath", "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + } + }, + "type": "object" + }, + "AWS::Kendra::DataSource.AclConfiguration": { + "additionalProperties": false, + "properties": { + "AllowedGroupsColumnName": { + "markdownDescription": "A list of groups, separated by semi-colons, that filters a query response based on user context. The document is only returned to users that are in one of the groups specified in the `UserContext` field of the [Query](https://docs.aws.amazon.com/kendra/latest/dg/API_Query.html) operation.", + "title": "AllowedGroupsColumnName", "type": "string" } }, "required": [ - "Type" + "AllowedGroupsColumnName" ], "type": "object" }, - "AWS::MediaLive::Channel.AacSettings": { + "AWS::Kendra::DataSource.ColumnConfiguration": { "additionalProperties": false, "properties": { - "Bitrate": { - "markdownDescription": "The average bitrate in bits/second. Valid values depend on the rate control mode and profile.", - "title": "Bitrate", - "type": "number" + "ChangeDetectingColumns": { + "items": { + "type": "string" + }, + "markdownDescription": "One to five columns that indicate when a document in the database has changed.", + "title": "ChangeDetectingColumns", + "type": "array" }, - "CodingMode": { - "markdownDescription": "Mono, stereo, or 5.1 channel layout. Valid values depend on the rate control mode and profile. The adReceiverMix setting receives a stereo description plus control track, and emits a mono AAC encode of the description track, with control data emitted in the PES header as per ETSI TS 101 154 Annex E.", - "title": "CodingMode", + "DocumentDataColumnName": { + "markdownDescription": "The column that contains the contents of the document.", + "title": "DocumentDataColumnName", "type": "string" }, - "InputType": { - "markdownDescription": "Set to broadcasterMixedAd when the input contains pre-mixed main audio + AD (narration) as a stereo pair. The Audio Type field (audioType) will be set to 3, which signals to downstream systems that this stream contains broadcaster mixed AD. Note that the input received by the encoder must contain pre-mixed audio; MediaLive does not perform the mixing. The values in audioTypeControl and audioType (in AudioDescription) are ignored when set to broadcasterMixedAd. Leave this set to normal when the input does not contain pre-mixed audio + AD.", - "title": "InputType", - "type": "string" - }, - "Profile": { - "markdownDescription": "The AAC profile.", - "title": "Profile", - "type": "string" - }, - "RateControlMode": { - "markdownDescription": "The rate control mode.", - "title": "RateControlMode", - "type": "string" - }, - "RawFormat": { - "markdownDescription": "Sets the LATM/LOAS AAC output for raw containers.", - "title": "RawFormat", + "DocumentIdColumnName": { + "markdownDescription": "The column that provides the document's identifier.", + "title": "DocumentIdColumnName", "type": "string" }, - "SampleRate": { - "markdownDescription": "The sample rate in Hz. Valid values depend on the rate control mode and profile.", - "title": "SampleRate", - "type": "number" - }, - "Spec": { - "markdownDescription": "Uses MPEG-2 AAC audio instead of MPEG-4 AAC audio for raw or MPEG-2 Transport Stream containers.", - "title": "Spec", + "DocumentTitleColumnName": { + "markdownDescription": "The column that contains the title of the document.", + "title": "DocumentTitleColumnName", "type": "string" }, - "VbrQuality": { - "markdownDescription": "The VBR quality level. This is used only if rateControlMode is VBR.", - "title": "VbrQuality", - "type": "string" + "FieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + }, + "markdownDescription": "An array of objects that map database column names to the corresponding fields in an index. You must first create the fields in the index using the [UpdateIndex](https://docs.aws.amazon.com/kendra/latest/dg/API_UpdateIndex.html) operation.", + "title": "FieldMappings", + "type": "array" } }, + "required": [ + "ChangeDetectingColumns", + "DocumentDataColumnName", + "DocumentIdColumnName" + ], "type": "object" }, - "AWS::MediaLive::Channel.Ac3Settings": { + "AWS::Kendra::DataSource.ConfluenceAttachmentConfiguration": { "additionalProperties": false, "properties": { - "AttenuationControl": { - "markdownDescription": "", - "title": "AttenuationControl", - "type": "string" - }, - "Bitrate": { - "markdownDescription": "The average bitrate in bits/second. Valid bitrates depend on the coding mode.", - "title": "Bitrate", - "type": "number" - }, - "BitstreamMode": { - "markdownDescription": "Specifies the bitstream mode (bsmod) for the emitted AC-3 stream. For more information about these values, see ATSC A/52-2012.", - "title": "BitstreamMode", - "type": "string" - }, - "CodingMode": { - "markdownDescription": "The Dolby Digital coding mode. This determines the number of channels.", - "title": "CodingMode", - "type": "string" - }, - "Dialnorm": { - "markdownDescription": "Sets the dialnorm for the output. If excluded and the input audio is Dolby Digital, dialnorm is passed through.", - "title": "Dialnorm", - "type": "number" + "AttachmentFieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceAttachmentToIndexFieldMapping" + }, + "markdownDescription": "Maps attributes or field names of Confluence attachments to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Confluence fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Confluence data source field names must exist in your Confluence custom metadata.\n\nIf you specify the `AttachentFieldMappings` parameter, you must specify at least one field mapping.", + "title": "AttachmentFieldMappings", + "type": "array" }, - "DrcProfile": { - "markdownDescription": "If set to filmStandard, adds dynamic range compression signaling to the output bitstream as defined in the Dolby Digital specification.", - "title": "DrcProfile", + "CrawlAttachments": { + "markdownDescription": "`TRUE` to index attachments of pages and blogs in Confluence.", + "title": "CrawlAttachments", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::Kendra::DataSource.ConfluenceAttachmentToIndexFieldMapping": { + "additionalProperties": false, + "properties": { + "DataSourceFieldName": { + "markdownDescription": "The name of the field in the data source.\n\nYou must first create the index field using the `UpdateIndex` API.", + "title": "DataSourceFieldName", "type": "string" }, - "LfeFilter": { - "markdownDescription": "When set to enabled, applies a 120Hz lowpass filter to the LFE channel prior to encoding. This is valid only in codingMode32Lfe mode.", - "title": "LfeFilter", + "DateFieldFormat": { + "markdownDescription": "The format for date fields in the data source. If the field specified in `DataSourceFieldName` is a date field you must specify the date format. If the field is not a date field, an exception is thrown.", + "title": "DateFieldFormat", "type": "string" }, - "MetadataControl": { - "markdownDescription": "When set to followInput, encoder metadata is sourced from the DD, DD+, or DolbyE decoder that supplies this audio data. If the audio is supplied from one of these streams, the static metadata settings are used.", - "title": "MetadataControl", + "IndexFieldName": { + "markdownDescription": "The name of the index field to map to the Confluence data source field. The index field type must match the Confluence field type.", + "title": "IndexFieldName", "type": "string" } }, + "required": [ + "DataSourceFieldName", + "IndexFieldName" + ], "type": "object" }, - "AWS::MediaLive::Channel.AncillarySourceSettings": { + "AWS::Kendra::DataSource.ConfluenceBlogConfiguration": { "additionalProperties": false, "properties": { - "SourceAncillaryChannelNumber": { - "markdownDescription": "Specifies the number (1 to 4) of the captions channel you want to extract from the ancillary captions. If you plan to convert the ancillary captions to another format, complete this field. If you plan to choose Embedded as the captions destination in the output (to pass through all the channels in the ancillary captions), leave this field blank because MediaLive ignores the field.", - "title": "SourceAncillaryChannelNumber", - "type": "number" + "BlogFieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceBlogToIndexFieldMapping" + }, + "markdownDescription": "Maps attributes or field names of Confluence blogs to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Confluence fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Confluence data source field names must exist in your Confluence custom metadata.\n\nIf you specify the `BlogFieldMappings` parameter, you must specify at least one field mapping.", + "title": "BlogFieldMappings", + "type": "array" } }, "type": "object" }, - "AWS::MediaLive::Channel.ArchiveCdnSettings": { + "AWS::Kendra::DataSource.ConfluenceBlogToIndexFieldMapping": { "additionalProperties": false, "properties": { - "ArchiveS3Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.ArchiveS3Settings", - "markdownDescription": "Sets up Amazon S3 as the destination for this Archive output.", - "title": "ArchiveS3Settings" + "DataSourceFieldName": { + "markdownDescription": "The name of the field in the data source.", + "title": "DataSourceFieldName", + "type": "string" + }, + "DateFieldFormat": { + "markdownDescription": "The format for date fields in the data source. If the field specified in `DataSourceFieldName` is a date field you must specify the date format. If the field is not a date field, an exception is thrown.", + "title": "DateFieldFormat", + "type": "string" + }, + "IndexFieldName": { + "markdownDescription": "The name of the index field to map to the Confluence data source field. The index field type must match the Confluence field type.", + "title": "IndexFieldName", + "type": "string" } }, + "required": [ + "DataSourceFieldName", + "IndexFieldName" + ], "type": "object" }, - "AWS::MediaLive::Channel.ArchiveContainerSettings": { + "AWS::Kendra::DataSource.ConfluenceConfiguration": { "additionalProperties": false, "properties": { - "M2tsSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.M2tsSettings", - "markdownDescription": "The settings for the M2TS in the archive output.", - "title": "M2tsSettings" + "AttachmentConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceAttachmentConfiguration", + "markdownDescription": "Configuration information for indexing attachments to Confluence blogs and pages.", + "title": "AttachmentConfiguration" }, - "RawSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.RawSettings", - "markdownDescription": "The settings for Raw archive output type.", - "title": "RawSettings" + "BlogConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceBlogConfiguration", + "markdownDescription": "Configuration information for indexing Confluence blogs.", + "title": "BlogConfiguration" + }, + "ExclusionPatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns to exclude certain blog posts, pages, spaces, or attachments in your Confluence. Content that matches the patterns are excluded from the index. Content that doesn't match the patterns is included in the index. If content matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the content isn't included in the index.", + "title": "ExclusionPatterns", + "type": "array" + }, + "InclusionPatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns to include certain blog posts, pages, spaces, or attachments in your Confluence. Content that matches the patterns are included in the index. Content that doesn't match the patterns is excluded from the index. If content matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the content isn't included in the index.", + "title": "InclusionPatterns", + "type": "array" + }, + "PageConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluencePageConfiguration", + "markdownDescription": "Configuration information for indexing Confluence pages.", + "title": "PageConfiguration" + }, + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that contains the user name and password required to connect to the Confluence instance. If you use Confluence Cloud, you use a generated API token as the password.\n\nYou can also provide authentication credentials in the form of a personal access token. For more information, see [Using a Confluence data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-confluence.html) .", + "title": "SecretArn", + "type": "string" + }, + "ServerUrl": { + "markdownDescription": "The URL of your Confluence instance. Use the full URL of the server. For example, *https://server.example.com:port/* . You can also use an IP address, for example, *https://192.168.1.113/* .", + "title": "ServerUrl", + "type": "string" + }, + "SpaceConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceSpaceConfiguration", + "markdownDescription": "Configuration information for indexing Confluence spaces.", + "title": "SpaceConfiguration" + }, + "Version": { + "markdownDescription": "The version or the type of Confluence installation to connect to.", + "title": "Version", + "type": "string" + }, + "VpcConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceVpcConfiguration", + "markdownDescription": "Configuration information for an Amazon Virtual Private Cloud to connect to your Confluence. For more information, see [Configuring a VPC](https://docs.aws.amazon.com/kendra/latest/dg/vpc-configuration.html) .", + "title": "VpcConfiguration" } }, + "required": [ + "SecretArn", + "ServerUrl", + "Version" + ], "type": "object" }, - "AWS::MediaLive::Channel.ArchiveGroupSettings": { + "AWS::Kendra::DataSource.ConfluencePageConfiguration": { "additionalProperties": false, "properties": { - "ArchiveCdnSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.ArchiveCdnSettings", - "markdownDescription": "Settings to configure the destination of an Archive output.", - "title": "ArchiveCdnSettings" - }, - "Destination": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", - "markdownDescription": "A directory and base file name where archive files should be written.", - "title": "Destination" - }, - "RolloverInterval": { - "markdownDescription": "The number of seconds to write to an archive file before closing and starting a new one.", - "title": "RolloverInterval", - "type": "number" + "PageFieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluencePageToIndexFieldMapping" + }, + "markdownDescription": "Maps attributes or field names of Confluence pages to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Confluence fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Confluence data source field names must exist in your Confluence custom metadata.\n\nIf you specify the `PageFieldMappings` parameter, you must specify at least one field mapping.", + "title": "PageFieldMappings", + "type": "array" } }, "type": "object" }, - "AWS::MediaLive::Channel.ArchiveOutputSettings": { + "AWS::Kendra::DataSource.ConfluencePageToIndexFieldMapping": { "additionalProperties": false, "properties": { - "ContainerSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.ArchiveContainerSettings", - "markdownDescription": "The settings that are specific to the container type of the file.", - "title": "ContainerSettings" + "DataSourceFieldName": { + "markdownDescription": "The name of the field in the data source.", + "title": "DataSourceFieldName", + "type": "string" }, - "Extension": { - "markdownDescription": "The output file extension. If excluded, this is auto-selected from the container type.", - "title": "Extension", + "DateFieldFormat": { + "markdownDescription": "The format for date fields in the data source. If the field specified in `DataSourceFieldName` is a date field you must specify the date format. If the field is not a date field, an exception is thrown.", + "title": "DateFieldFormat", "type": "string" }, - "NameModifier": { - "markdownDescription": "A string that is concatenated to the end of the destination file name. The string is required for multiple outputs of the same type.", - "title": "NameModifier", + "IndexFieldName": { + "markdownDescription": "The name of the index field to map to the Confluence data source field. The index field type must match the Confluence field type.", + "title": "IndexFieldName", "type": "string" } }, + "required": [ + "DataSourceFieldName", + "IndexFieldName" + ], "type": "object" }, - "AWS::MediaLive::Channel.ArchiveS3Settings": { + "AWS::Kendra::DataSource.ConfluenceSpaceConfiguration": { "additionalProperties": false, "properties": { - "CannedAcl": { - "markdownDescription": "Specify the canned ACL to apply to each S3 request. Defaults to none.", - "title": "CannedAcl", - "type": "string" + "CrawlArchivedSpaces": { + "markdownDescription": "`TRUE` to index archived spaces.", + "title": "CrawlArchivedSpaces", + "type": "boolean" + }, + "CrawlPersonalSpaces": { + "markdownDescription": "`TRUE` to index personal spaces. You can add restrictions to items in personal spaces. If personal spaces are indexed, queries without user context information may return restricted items from a personal space in their results. For more information, see [Filtering on user context](https://docs.aws.amazon.com/kendra/latest/dg/user-context-filter.html) .", + "title": "CrawlPersonalSpaces", + "type": "boolean" + }, + "ExcludeSpaces": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of space keys of Confluence spaces. If you include a key, the blogs, documents, and attachments in the space are not indexed. If a space is in both the `ExcludeSpaces` and the `IncludeSpaces` list, the space is excluded.", + "title": "ExcludeSpaces", + "type": "array" + }, + "IncludeSpaces": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of space keys for Confluence spaces. If you include a key, the blogs, documents, and attachments in the space are indexed. Spaces that aren't in the list aren't indexed. A space in the list must exist. Otherwise, Amazon Kendra logs an error when the data source is synchronized. If a space is in both the `IncludeSpaces` and the `ExcludeSpaces` list, the space is excluded.", + "title": "IncludeSpaces", + "type": "array" + }, + "SpaceFieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceSpaceToIndexFieldMapping" + }, + "markdownDescription": "Maps attributes or field names of Confluence spaces to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Confluence fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Confluence data source field names must exist in your Confluence custom metadata.\n\nIf you specify the `SpaceFieldMappings` parameter, you must specify at least one field mapping.", + "title": "SpaceFieldMappings", + "type": "array" } }, "type": "object" }, - "AWS::MediaLive::Channel.AribDestinationSettings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.AribSourceSettings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.AudioChannelMapping": { + "AWS::Kendra::DataSource.ConfluenceSpaceToIndexFieldMapping": { "additionalProperties": false, "properties": { - "InputChannelLevels": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputChannelLevel" - }, - "markdownDescription": "The indices and gain values for each input channel that should be remixed into this output channel.", - "title": "InputChannelLevels", - "type": "array" + "DataSourceFieldName": { + "markdownDescription": "The name of the field in the data source.", + "title": "DataSourceFieldName", + "type": "string" }, - "OutputChannel": { - "markdownDescription": "The index of the output channel that is being produced.", - "title": "OutputChannel", - "type": "number" + "DateFieldFormat": { + "markdownDescription": "The format for date fields in the data source. If the field specified in `DataSourceFieldName` is a date field you must specify the date format. If the field is not a date field, an exception is thrown.", + "title": "DateFieldFormat", + "type": "string" + }, + "IndexFieldName": { + "markdownDescription": "The name of the index field to map to the Confluence data source field. The index field type must match the Confluence field type.", + "title": "IndexFieldName", + "type": "string" } }, + "required": [ + "DataSourceFieldName", + "IndexFieldName" + ], "type": "object" }, - "AWS::MediaLive::Channel.AudioCodecSettings": { + "AWS::Kendra::DataSource.ConnectionConfiguration": { "additionalProperties": false, "properties": { - "AacSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AacSettings", - "markdownDescription": "The setup of the AAC audio codec in the output.", - "title": "AacSettings" - }, - "Ac3Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Ac3Settings", - "markdownDescription": "The setup of an AC3 audio codec in the output.", - "title": "Ac3Settings" - }, - "Eac3AtmosSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Eac3AtmosSettings", - "markdownDescription": "", - "title": "Eac3AtmosSettings" + "DatabaseHost": { + "markdownDescription": "The name of the host for the database. Can be either a string (host.subdomain.domain.tld) or an IPv4 or IPv6 address.", + "title": "DatabaseHost", + "type": "string" }, - "Eac3Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Eac3Settings", - "markdownDescription": "The setup of an EAC3 audio codec in the output.", - "title": "Eac3Settings" + "DatabaseName": { + "markdownDescription": "The name of the database containing the document data.", + "title": "DatabaseName", + "type": "string" }, - "Mp2Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Mp2Settings", - "markdownDescription": "The setup of an MP2 audio codec in the output.", - "title": "Mp2Settings" + "DatabasePort": { + "markdownDescription": "The port that the database uses for connections.", + "title": "DatabasePort", + "type": "number" }, - "PassThroughSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.PassThroughSettings", - "markdownDescription": "The setup to pass through the Dolby audio codec to the output.", - "title": "PassThroughSettings" + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that stores the credentials. The credentials should be a user-password pair. For more information, see [Using a Database Data Source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-database.html) . For more information about AWS Secrets Manager , see [What Is AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html) in the *AWS Secrets Manager* user guide.", + "title": "SecretArn", + "type": "string" }, - "WavSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.WavSettings", - "markdownDescription": "Settings for audio encoded with the WAV codec.", - "title": "WavSettings" + "TableName": { + "markdownDescription": "The name of the table that contains the document data.", + "title": "TableName", + "type": "string" } }, + "required": [ + "DatabaseHost", + "DatabaseName", + "DatabasePort", + "SecretArn", + "TableName" + ], "type": "object" }, - "AWS::MediaLive::Channel.AudioDescription": { + "AWS::Kendra::DataSource.CustomDocumentEnrichmentConfiguration": { "additionalProperties": false, "properties": { - "AudioDashRoles": { + "InlineConfigurations": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Kendra::DataSource.InlineCustomDocumentEnrichmentConfiguration" }, - "markdownDescription": "", - "title": "AudioDashRoles", + "markdownDescription": "Configuration information to alter document attributes or metadata fields and content when ingesting documents into Amazon Kendra.", + "title": "InlineConfigurations", "type": "array" }, - "AudioNormalizationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioNormalizationSettings", - "markdownDescription": "The advanced audio normalization settings.", - "title": "AudioNormalizationSettings" + "PostExtractionHookConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.HookConfiguration", + "markdownDescription": "Configuration information for invoking a Lambda function in AWS Lambda on the structured documents with their metadata and text extracted. You can use a Lambda function to apply advanced logic for creating, modifying, or deleting document metadata and content. For more information, see [Advanced data manipulation](https://docs.aws.amazon.com/kendra/latest/dg/custom-document-enrichment.html#advanced-data-manipulation) .", + "title": "PostExtractionHookConfiguration" }, - "AudioSelectorName": { - "markdownDescription": "The name of the AudioSelector that is used as the source for this AudioDescription.", - "title": "AudioSelectorName", - "type": "string" + "PreExtractionHookConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.HookConfiguration", + "markdownDescription": "Configuration information for invoking a Lambda function in AWS Lambda on the original or raw documents before extracting their metadata and text. You can use a Lambda function to apply advanced logic for creating, modifying, or deleting document metadata and content. For more information, see [Advanced data manipulation](https://docs.aws.amazon.com/kendra/latest/dg/custom-document-enrichment.html#advanced-data-manipulation) .", + "title": "PreExtractionHookConfiguration" }, - "AudioType": { - "markdownDescription": "Applies only if audioTypeControl is useConfigured. The values for audioType are defined in ISO-IEC 13818-1.", - "title": "AudioType", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role with permission to run `PreExtractionHookConfiguration` and `PostExtractionHookConfiguration` for altering document metadata and content during the document ingestion process. For more information, see [an IAM roles for Amazon Kendra](https://docs.aws.amazon.com/kendra/latest/dg/iam-roles.html) .", + "title": "RoleArn", "type": "string" + } + }, + "type": "object" + }, + "AWS::Kendra::DataSource.DataSourceConfiguration": { + "additionalProperties": false, + "properties": { + "ConfluenceConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceConfiguration", + "markdownDescription": "Provides the configuration information to connect to Confluence as your data source.", + "title": "ConfluenceConfiguration" }, - "AudioTypeControl": { - "markdownDescription": "Determines how audio type is determined. followInput: If the input contains an ISO 639 audioType, then that value is passed through to the output. If the input contains no ISO 639 audioType, the value in Audio Type is included in the output. useConfigured: The value in Audio Type is included in the output. Note that this field and audioType are both ignored if inputType is broadcasterMixedAd.", - "title": "AudioTypeControl", - "type": "string" + "DatabaseConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DatabaseConfiguration", + "markdownDescription": "Provides the configuration information to connect to a database as your data source.", + "title": "DatabaseConfiguration" }, - "AudioWatermarkingSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioWatermarkSettings", - "markdownDescription": "Settings to configure one or more solutions that insert audio watermarks in the audio encode", - "title": "AudioWatermarkingSettings" + "GoogleDriveConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.GoogleDriveConfiguration", + "markdownDescription": "Provides the configuration information to connect to Google Drive as your data source.", + "title": "GoogleDriveConfiguration" }, - "CodecSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioCodecSettings", - "markdownDescription": "The audio codec settings.", - "title": "CodecSettings" + "OneDriveConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.OneDriveConfiguration", + "markdownDescription": "Provides the configuration information to connect to Microsoft OneDrive as your data source.", + "title": "OneDriveConfiguration" }, - "DvbDashAccessibility": { - "markdownDescription": "", - "title": "DvbDashAccessibility", - "type": "string" + "S3Configuration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.S3DataSourceConfiguration", + "markdownDescription": "Provides the configuration information to connect to an Amazon S3 bucket as your data source.\n\n> Amazon Kendra now supports an upgraded Amazon S3 connector.\n> \n> You must now use the [TemplateConfiguration](https://docs.aws.amazon.com/kendra/latest/APIReference/API_TemplateConfiguration.html) object instead of the `S3DataSourceConfiguration` object to configure your connector.\n> \n> Connectors configured using the older console and API architecture will continue to function as configured. However, you won't be able to edit or update them. If you want to edit or update your connector configuration, you must create a new connector.\n> \n> We recommended migrating your connector workflow to the upgraded version. Support for connectors configured using the older architecture is scheduled to end by June 2024.", + "title": "S3Configuration" }, - "LanguageCode": { - "markdownDescription": "Indicates the language of the audio output track. Used only if languageControlMode is useConfigured, or there is no ISO 639 language code specified in the input.", - "title": "LanguageCode", - "type": "string" + "SalesforceConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceConfiguration", + "markdownDescription": "Provides the configuration information to connect to Salesforce as your data source.", + "title": "SalesforceConfiguration" }, - "LanguageCodeControl": { - "markdownDescription": "Choosing followInput causes the ISO 639 language code of the output to follow the ISO 639 language code of the input. The languageCode setting is used when useConfigured is set, or when followInput is selected but there is no ISO 639 language code specified by the input.", - "title": "LanguageCodeControl", - "type": "string" + "ServiceNowConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ServiceNowConfiguration", + "markdownDescription": "Provides the configuration information to connect to ServiceNow as your data source.", + "title": "ServiceNowConfiguration" }, - "Name": { - "markdownDescription": "The name of this AudioDescription. Outputs use this name to uniquely identify this AudioDescription. Description names should be unique within this channel.", - "title": "Name", - "type": "string" + "SharePointConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.SharePointConfiguration", + "markdownDescription": "Provides the configuration information to connect to Microsoft SharePoint as your data source.", + "title": "SharePointConfiguration" }, - "RemixSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.RemixSettings", - "markdownDescription": "The settings that control how input audio channels are remixed into the output audio channels.", - "title": "RemixSettings" + "TemplateConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.TemplateConfiguration", + "markdownDescription": "Provides a template for the configuration information to connect to your data source.", + "title": "TemplateConfiguration" }, - "StreamName": { - "markdownDescription": "Used for Microsoft Smooth and Apple HLS outputs. Indicates the name displayed by the player (for example, English or Director Commentary).", - "title": "StreamName", - "type": "string" + "WebCrawlerConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.WebCrawlerConfiguration", + "markdownDescription": "Provides the configuration information required for Amazon Kendra Web Crawler.", + "title": "WebCrawlerConfiguration" + }, + "WorkDocsConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.WorkDocsConfiguration", + "markdownDescription": "Provides the configuration information to connect to Amazon WorkDocs as your data source.", + "title": "WorkDocsConfiguration" } }, "type": "object" }, - "AWS::MediaLive::Channel.AudioDolbyEDecode": { + "AWS::Kendra::DataSource.DataSourceToIndexFieldMapping": { "additionalProperties": false, "properties": { - "ProgramSelection": { - "markdownDescription": "", - "title": "ProgramSelection", + "DataSourceFieldName": { + "markdownDescription": "The name of the field in the data source. You must first create the index field using the `UpdateIndex` API.", + "title": "DataSourceFieldName", + "type": "string" + }, + "DateFieldFormat": { + "markdownDescription": "The format for date fields in the data source. If the field specified in `DataSourceFieldName` is a date field, you must specify the date format. If the field is not a date field, an exception is thrown.", + "title": "DateFieldFormat", + "type": "string" + }, + "IndexFieldName": { + "markdownDescription": "The name of the index field to map to the data source field. The index field type must match the data source field type.", + "title": "IndexFieldName", "type": "string" } }, + "required": [ + "DataSourceFieldName", + "IndexFieldName" + ], "type": "object" }, - "AWS::MediaLive::Channel.AudioHlsRenditionSelection": { + "AWS::Kendra::DataSource.DataSourceVpcConfiguration": { "additionalProperties": false, "properties": { - "GroupId": { - "markdownDescription": "Specifies the GROUP-ID in the #EXT-X-MEDIA tag of the target HLS audio rendition.", - "title": "GroupId", - "type": "string" + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of identifiers of security groups within your Amazon VPC. The security groups should enable Amazon Kendra to connect to the data source.", + "title": "SecurityGroupIds", + "type": "array" }, - "Name": { - "markdownDescription": "Specifies the NAME in the #EXT-X-MEDIA tag of the target HLS audio rendition.", - "title": "Name", - "type": "string" + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of identifiers for subnets within your Amazon VPC. The subnets should be able to connect to each other in the VPC, and they should have outgoing access to the Internet through a NAT device.", + "title": "SubnetIds", + "type": "array" } }, + "required": [ + "SecurityGroupIds", + "SubnetIds" + ], "type": "object" }, - "AWS::MediaLive::Channel.AudioLanguageSelection": { + "AWS::Kendra::DataSource.DatabaseConfiguration": { "additionalProperties": false, "properties": { - "LanguageCode": { - "markdownDescription": "Selects a specific three-letter language code from within an audio source.", - "title": "LanguageCode", - "type": "string" + "AclConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.AclConfiguration", + "markdownDescription": "Information about the database column that provides information for user context filtering.", + "title": "AclConfiguration" }, - "LanguageSelectionPolicy": { - "markdownDescription": "When set to \"strict,\" the transport stream demux strictly identifies audio streams by their language descriptor. If a PMT update occurs such that an audio stream matching the initially selected language is no longer present, then mute is encoded until the language returns. If set to \"loose,\" then on a PMT update the demux chooses another audio stream in the program with the same stream type if it can't find one with the same language.", - "title": "LanguageSelectionPolicy", + "ColumnConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ColumnConfiguration", + "markdownDescription": "Information about where the index should get the document information from the database.", + "title": "ColumnConfiguration" + }, + "ConnectionConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ConnectionConfiguration", + "markdownDescription": "Configuration information that's required to connect to a database.", + "title": "ConnectionConfiguration" + }, + "DatabaseEngineType": { + "markdownDescription": "The type of database engine that runs the database.", + "title": "DatabaseEngineType", "type": "string" + }, + "SqlConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.SqlConfiguration", + "markdownDescription": "Provides information about how Amazon Kendra uses quote marks around SQL identifiers when querying a database data source.", + "title": "SqlConfiguration" + }, + "VpcConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceVpcConfiguration", + "markdownDescription": "Provides information for connecting to an Amazon VPC.", + "title": "VpcConfiguration" } }, + "required": [ + "ColumnConfiguration", + "ConnectionConfiguration", + "DatabaseEngineType" + ], "type": "object" }, - "AWS::MediaLive::Channel.AudioNormalizationSettings": { + "AWS::Kendra::DataSource.DocumentAttributeCondition": { "additionalProperties": false, "properties": { - "Algorithm": { - "markdownDescription": "The audio normalization algorithm to use. itu17701 conforms to the CALM Act specification. itu17702 conforms to the EBU R-128 specification.", - "title": "Algorithm", + "ConditionDocumentAttributeKey": { + "markdownDescription": "The identifier of the document attribute used for the condition.\n\nFor example, 'Source_URI' could be an identifier for the attribute or metadata field that contains source URIs associated with the documents.\n\nAmazon Kendra currently does not support `_document_body` as an attribute key used for the condition.", + "title": "ConditionDocumentAttributeKey", "type": "string" }, - "AlgorithmControl": { - "markdownDescription": "When set to correctAudio, the output audio is corrected using the chosen algorithm. If set to measureOnly, the audio is measured but not adjusted.", - "title": "AlgorithmControl", - "type": "string" + "ConditionOnValue": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DocumentAttributeValue", + "markdownDescription": "The value used by the operator.\n\nFor example, you can specify the value 'financial' for strings in the 'Source_URI' field that partially match or contain this value.", + "title": "ConditionOnValue" }, - "TargetLkfs": { - "markdownDescription": "The Target LKFS(loudness) to adjust volume to. If no value is entered, a default value is used according to the chosen algorithm. The CALM Act (1770-1) recommends a target of -24 LKFS. The EBU R-128 specification (1770-2) recommends a target of -23 LKFS.", - "title": "TargetLkfs", - "type": "number" + "Operator": { + "markdownDescription": "The condition operator.\n\nFor example, you can use 'Contains' to partially match a string.", + "title": "Operator", + "type": "string" } }, + "required": [ + "ConditionDocumentAttributeKey", + "Operator" + ], "type": "object" }, - "AWS::MediaLive::Channel.AudioOnlyHlsSettings": { + "AWS::Kendra::DataSource.DocumentAttributeTarget": { "additionalProperties": false, "properties": { - "AudioGroupId": { - "markdownDescription": "Specifies the group that the audio rendition belongs to.", - "title": "AudioGroupId", + "TargetDocumentAttributeKey": { + "markdownDescription": "The identifier of the target document attribute or metadata field.\n\nFor example, 'Department' could be an identifier for the target attribute or metadata field that includes the department names associated with the documents.", + "title": "TargetDocumentAttributeKey", "type": "string" }, - "AudioOnlyImage": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", - "markdownDescription": "Used with an audio-only stream. It must be a .jpg or .png file. If given, this image is used as the cover art for the audio-only output. Ideally, it should be formatted for an iPhone screen for two reasons. The iPhone does not resize the image; instead, it crops a centered image on the top/bottom and left/right. Additionally, this image file gets saved bit-for-bit into every 10-second segment file, so it increases bandwidth by {image file size} * {segment count} * {user count.}.", - "title": "AudioOnlyImage" - }, - "AudioTrackType": { - "markdownDescription": "Four types of audio-only tracks are supported: Audio-Only Variant Stream The client can play back this audio-only stream instead of video in low-bandwidth scenarios. Represented as an EXT-X-STREAM-INF in the HLS manifest. Alternate Audio, Auto Select, Default Alternate rendition that the client should try to play back by default. Represented as an EXT-X-MEDIA in the HLS manifest with DEFAULT=YES, AUTOSELECT=YES Alternate Audio, Auto Select, Not Default Alternate rendition that the client might try to play back by default. Represented as an EXT-X-MEDIA in the HLS manifest with DEFAULT=NO, AUTOSELECT=YES Alternate Audio, not Auto Select Alternate rendition that the client will not try to play back by default. Represented as an EXT-X-MEDIA in the HLS manifest with DEFAULT=NO, AUTOSELECT=NO.", - "title": "AudioTrackType", - "type": "string" + "TargetDocumentAttributeValue": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DocumentAttributeValue", + "markdownDescription": "The target value you want to create for the target attribute.\n\nFor example, 'Finance' could be the target value for the target attribute key 'Department'.", + "title": "TargetDocumentAttributeValue" }, - "SegmentType": { - "markdownDescription": "Specifies the segment type.", - "title": "SegmentType", - "type": "string" + "TargetDocumentAttributeValueDeletion": { + "markdownDescription": "`TRUE` to delete the existing target value for your specified target attribute key. You cannot create a target value and set this to `TRUE` . To create a target value ( `TargetDocumentAttributeValue` ), set this to `FALSE` .", + "title": "TargetDocumentAttributeValueDeletion", + "type": "boolean" } }, + "required": [ + "TargetDocumentAttributeKey" + ], "type": "object" }, - "AWS::MediaLive::Channel.AudioPidSelection": { + "AWS::Kendra::DataSource.DocumentAttributeValue": { "additionalProperties": false, "properties": { - "Pid": { - "markdownDescription": "Select the audio by this PID.", - "title": "Pid", + "DateValue": { + "markdownDescription": "A date expressed as an ISO 8601 string.\n\nIt is important for the time zone to be included in the ISO 8601 date-time format. For example, 2012-03-25T12:30:10+01:00 is the ISO 8601 date-time format for March 25th 2012 at 12:30PM (plus 10 seconds) in Central European Time.", + "title": "DateValue", + "type": "string" + }, + "LongValue": { + "markdownDescription": "A long integer value.", + "title": "LongValue", "type": "number" + }, + "StringListValue": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of strings. The default maximum length or number of strings is 10.", + "title": "StringListValue", + "type": "array" + }, + "StringValue": { + "markdownDescription": "A string, such as \"department\".", + "title": "StringValue", + "type": "string" } }, "type": "object" }, - "AWS::MediaLive::Channel.AudioSelector": { + "AWS::Kendra::DataSource.DocumentsMetadataConfiguration": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "A name for this AudioSelector.", - "title": "Name", + "S3Prefix": { + "markdownDescription": "A prefix used to filter metadata configuration files in the AWS S3 bucket. The S3 bucket might contain multiple metadata files. Use `S3Prefix` to include only the desired metadata files.", + "title": "S3Prefix", "type": "string" - }, - "SelectorSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioSelectorSettings", - "markdownDescription": "Information about the specific audio to extract from the input.", - "title": "SelectorSettings" } }, "type": "object" }, - "AWS::MediaLive::Channel.AudioSelectorSettings": { + "AWS::Kendra::DataSource.GoogleDriveConfiguration": { "additionalProperties": false, "properties": { - "AudioHlsRenditionSelection": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioHlsRenditionSelection", - "markdownDescription": "Selector for HLS audio rendition.", - "title": "AudioHlsRenditionSelection" + "ExcludeMimeTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of MIME types to exclude from the index. All documents matching the specified MIME type are excluded.\n\nFor a list of MIME types, see [Using a Google Workspace Drive data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-google-drive.html) .", + "title": "ExcludeMimeTypes", + "type": "array" }, - "AudioLanguageSelection": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioLanguageSelection", - "markdownDescription": "The language code of the audio to select.", - "title": "AudioLanguageSelection" + "ExcludeSharedDrives": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of identifiers or shared drives to exclude from the index. All files and folders stored on the shared drive are excluded.", + "title": "ExcludeSharedDrives", + "type": "array" }, - "AudioPidSelection": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioPidSelection", - "markdownDescription": "The PID of the audio to select.", - "title": "AudioPidSelection" + "ExcludeUserAccounts": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of email addresses of the users. Documents owned by these users are excluded from the index. Documents shared with excluded users are indexed unless they are excluded in another way.", + "title": "ExcludeUserAccounts", + "type": "array" }, - "AudioTrackSelection": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioTrackSelection", - "markdownDescription": "Information about the audio track to extract.", - "title": "AudioTrackSelection" + "ExclusionPatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns to exclude certain items in your Google Drive, including shared drives and users' My Drives. Items that match the patterns are excluded from the index. Items that don't match the patterns are included in the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.", + "title": "ExclusionPatterns", + "type": "array" + }, + "FieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + }, + "markdownDescription": "Maps Google Drive data source attributes or field names to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Google Drive fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Google Drive data source field names must exist in your Google Drive custom metadata.", + "title": "FieldMappings", + "type": "array" + }, + "InclusionPatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns to include certain items in your Google Drive, including shared drives and users' My Drives. Items that match the patterns are included in the index. Items that don't match the patterns are excluded from the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.", + "title": "InclusionPatterns", + "type": "array" + }, + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of a AWS Secrets Manager secret that contains the credentials required to connect to Google Drive. For more information, see [Using a Google Workspace Drive data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-google-drive.html) .", + "title": "SecretArn", + "type": "string" } }, + "required": [ + "SecretArn" + ], "type": "object" }, - "AWS::MediaLive::Channel.AudioSilenceFailoverSettings": { + "AWS::Kendra::DataSource.HookConfiguration": { "additionalProperties": false, "properties": { - "AudioSelectorName": { - "markdownDescription": "The name of the audio selector in the input that MediaLive should monitor to detect silence. Select your most important rendition. If you didn't create an audio selector in this input, leave blank.", - "title": "AudioSelectorName", + "InvocationCondition": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DocumentAttributeCondition", + "markdownDescription": "The condition used for when a Lambda function should be invoked.\n\nFor example, you can specify a condition that if there are empty date-time values, then Amazon Kendra should invoke a function that inserts the current date-time.", + "title": "InvocationCondition" + }, + "LambdaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role with permission to run a Lambda function during ingestion. For more information, see [an IAM roles for Amazon Kendra](https://docs.aws.amazon.com/kendra/latest/dg/iam-roles.html) .", + "title": "LambdaArn", "type": "string" }, - "AudioSilenceThresholdMsec": { - "markdownDescription": "The amount of time (in milliseconds) that the active input must be silent before automatic input failover occurs. Silence is defined as audio loss or audio quieter than -50 dBFS.", - "title": "AudioSilenceThresholdMsec", - "type": "number" + "S3Bucket": { + "markdownDescription": "Stores the original, raw documents or the structured, parsed documents before and after altering them. For more information, see [Data contracts for Lambda functions](https://docs.aws.amazon.com/kendra/latest/dg/custom-document-enrichment.html#cde-data-contracts-lambda) .", + "title": "S3Bucket", + "type": "string" } }, + "required": [ + "LambdaArn", + "S3Bucket" + ], "type": "object" }, - "AWS::MediaLive::Channel.AudioTrack": { + "AWS::Kendra::DataSource.InlineCustomDocumentEnrichmentConfiguration": { "additionalProperties": false, "properties": { - "Track": { - "markdownDescription": "1-based integer value that maps to a specific audio track", - "title": "Track", - "type": "number" + "Condition": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DocumentAttributeCondition", + "markdownDescription": "Configuration of the condition used for the target document attribute or metadata field when ingesting documents into Amazon Kendra.", + "title": "Condition" + }, + "DocumentContentDeletion": { + "markdownDescription": "`TRUE` to delete content if the condition used for the target attribute is met.", + "title": "DocumentContentDeletion", + "type": "boolean" + }, + "Target": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DocumentAttributeTarget", + "markdownDescription": "Configuration of the target document attribute or metadata field when ingesting documents into Amazon Kendra. You can also include a value.", + "title": "Target" } }, "type": "object" }, - "AWS::MediaLive::Channel.AudioTrackSelection": { + "AWS::Kendra::DataSource.OneDriveConfiguration": { "additionalProperties": false, "properties": { - "DolbyEDecode": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioDolbyEDecode", - "markdownDescription": "", - "title": "DolbyEDecode" + "DisableLocalGroups": { + "markdownDescription": "`TRUE` to disable local groups information.", + "title": "DisableLocalGroups", + "type": "boolean" }, - "Tracks": { + "ExclusionPatterns": { "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioTrack" + "type": "string" }, - "markdownDescription": "Selects one or more unique audio tracks from within a source.", - "title": "Tracks", + "markdownDescription": "A list of regular expression patterns to exclude certain documents in your OneDrive. Documents that match the patterns are excluded from the index. Documents that don't match the patterns are included in the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index.\n\nThe pattern is applied to the file name.", + "title": "ExclusionPatterns", "type": "array" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.AudioWatermarkSettings": { - "additionalProperties": false, - "properties": { - "NielsenWatermarksSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.NielsenWatermarksSettings", - "markdownDescription": "Settings to configure Nielsen Watermarks in the audio encode", - "title": "NielsenWatermarksSettings" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.AutomaticInputFailoverSettings": { - "additionalProperties": false, - "properties": { - "ErrorClearTimeMsec": { - "markdownDescription": "This clear time defines the requirement a recovered input must meet to be considered healthy. The input must have no failover conditions for this length of time. Enter a time in milliseconds. This value is particularly important if the input_preference for the failover pair is set to PRIMARY_INPUT_PREFERRED, because after this time, MediaLive will switch back to the primary input.", - "title": "ErrorClearTimeMsec", - "type": "number" }, - "FailoverConditions": { + "FieldMappings": { "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.FailoverCondition" + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" }, - "markdownDescription": "A list of failover conditions. If any of these conditions occur, MediaLive will perform a failover to the other input.", - "title": "FailoverConditions", + "markdownDescription": "A list of `DataSourceToIndexFieldMapping` objects that map OneDrive data source attributes or field names to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to OneDrive fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The OneDrive data source field names must exist in your OneDrive custom metadata.", + "title": "FieldMappings", "type": "array" }, - "InputPreference": { - "markdownDescription": "Input preference when deciding which input to make active when a previously failed input has recovered.", - "title": "InputPreference", - "type": "string" + "InclusionPatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns to include certain documents in your OneDrive. Documents that match the patterns are included in the index. Documents that don't match the patterns are excluded from the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index.\n\nThe pattern is applied to the file name.", + "title": "InclusionPatterns", + "type": "array" }, - "SecondaryInputId": { - "markdownDescription": "The input ID of the secondary input in the automatic input failover pair.", - "title": "SecondaryInputId", + "OneDriveUsers": { + "$ref": "#/definitions/AWS::Kendra::DataSource.OneDriveUsers", + "markdownDescription": "A list of user accounts whose documents should be indexed.", + "title": "OneDriveUsers" + }, + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that contains the user name and password to connect to OneDrive. The user name should be the application ID for the OneDrive application, and the password is the application key for the OneDrive application.", + "title": "SecretArn", "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.AvailBlanking": { - "additionalProperties": false, - "properties": { - "AvailBlankingImage": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", - "markdownDescription": "The blanking image to be used. Keep empty for solid black. Only .bmp and .png images are supported.", - "title": "AvailBlankingImage" }, - "State": { - "markdownDescription": "When set to enabled, the video, audio, and captions are blanked when insertion metadata is added.", - "title": "State", + "TenantDomain": { + "markdownDescription": "The Azure Active Directory domain of the organization.", + "title": "TenantDomain", "type": "string" } }, + "required": [ + "OneDriveUsers", + "SecretArn", + "TenantDomain" + ], "type": "object" }, - "AWS::MediaLive::Channel.AvailConfiguration": { + "AWS::Kendra::DataSource.OneDriveUsers": { "additionalProperties": false, "properties": { - "AvailSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AvailSettings", - "markdownDescription": "The setup of ad avail handling in the output.", - "title": "AvailSettings" + "OneDriveUserList": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of users whose documents should be indexed. Specify the user names in email format, for example, `username@tenantdomain` . If you need to index the documents of more than 10 users, use the `OneDriveUserS3Path` field to specify the location of a file containing a list of users.", + "title": "OneDriveUserList", + "type": "array" + }, + "OneDriveUserS3Path": { + "$ref": "#/definitions/AWS::Kendra::DataSource.S3Path", + "markdownDescription": "The S3 bucket location of a file containing a list of users whose documents should be indexed.", + "title": "OneDriveUserS3Path" } }, "type": "object" }, - "AWS::MediaLive::Channel.AvailSettings": { + "AWS::Kendra::DataSource.ProxyConfiguration": { "additionalProperties": false, "properties": { - "Esam": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Esam", - "markdownDescription": "", - "title": "Esam" + "Credentials": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret. You create a secret to store your credentials in [AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html)\n\nThe credentials are optional. You use a secret if web proxy credentials are required to connect to a website host. Amazon Kendra currently support basic authentication to connect to a web proxy server. The secret stores your credentials.", + "title": "Credentials", + "type": "string" }, - "Scte35SpliceInsert": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Scte35SpliceInsert", - "markdownDescription": "The setup for SCTE-35 splice insert handling.", - "title": "Scte35SpliceInsert" + "Host": { + "markdownDescription": "The name of the website host you want to connect to via a web proxy server.\n\nFor example, the host name of https://a.example.com/page1.html is \"a.example.com\".", + "title": "Host", + "type": "string" }, - "Scte35TimeSignalApos": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Scte35TimeSignalApos", - "markdownDescription": "The setup for SCTE-35 time signal APOS handling.", - "title": "Scte35TimeSignalApos" + "Port": { + "markdownDescription": "The port number of the website host you want to connect to via a web proxy server.\n\nFor example, the port for https://a.example.com/page1.html is 443, the standard port for HTTPS.", + "title": "Port", + "type": "number" } }, + "required": [ + "Host", + "Port" + ], "type": "object" }, - "AWS::MediaLive::Channel.BlackoutSlate": { + "AWS::Kendra::DataSource.S3DataSourceConfiguration": { "additionalProperties": false, "properties": { - "BlackoutSlateImage": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", - "markdownDescription": "The blackout slate image to be used. Keep empty for solid black. Only .bmp and .png images are supported.", - "title": "BlackoutSlateImage" + "AccessControlListConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.AccessControlListConfiguration", + "markdownDescription": "Provides the path to the S3 bucket that contains the user context filtering files for the data source. For the format of the file, see [Access control for S3 data sources](https://docs.aws.amazon.com/kendra/latest/dg/s3-acl.html) .", + "title": "AccessControlListConfiguration" }, - "NetworkEndBlackout": { - "markdownDescription": "Setting to enabled causes MediaLive to blackout the video, audio, and captions, and raise the \"Network Blackout Image\" slate when an SCTE104/35 Network End Segmentation Descriptor is encountered. The blackout is lifted when the Network Start Segmentation Descriptor is encountered. The Network End and Network Start descriptors must contain a network ID that matches the value entered in Network ID.", - "title": "NetworkEndBlackout", + "BucketName": { + "markdownDescription": "The name of the bucket that contains the documents.", + "title": "BucketName", "type": "string" }, - "NetworkEndBlackoutImage": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", - "markdownDescription": "The path to the local file to use as the Network End Blackout image. The image is scaled to fill the entire output raster.", - "title": "NetworkEndBlackoutImage" + "DocumentsMetadataConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DocumentsMetadataConfiguration", + "markdownDescription": "Specifies document metadata files that contain information such as the document access control information, source URI, document author, and custom attributes. Each metadata file contains metadata about a single document.", + "title": "DocumentsMetadataConfiguration" }, - "NetworkId": { - "markdownDescription": "Provides a Network ID that matches EIDR ID format (for example, \"10.XXXX/XXXX-XXXX-XXXX-XXXX-XXXX-C\").", - "title": "NetworkId", - "type": "string" + "ExclusionPatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of glob patterns (patterns that can expand a wildcard pattern into a list of path names that match the given pattern) for certain file names and file types to exclude from your index. If a document matches both an inclusion and exclusion prefix or pattern, the exclusion prefix takes precendence and the document is not indexed. Examples of glob patterns include:\n\n- */myapp/config/** \u2014All files inside config directory.\n- ***/*.png* \u2014All .png files in all directories.\n- ***/*.{png, ico, md}* \u2014All .png, .ico or .md files in all directories.\n- */myapp/src/**/*.ts* \u2014All .ts files inside src directory (and all its subdirectories).\n- ***/!(*.module).ts* \u2014All .ts files but not .module.ts\n- **.png , *.jpg* \u2014All PNG and JPEG image files in a directory (files with the extensions .png and .jpg).\n- **internal** \u2014All files in a directory that contain 'internal' in the file name, such as 'internal', 'internal_only', 'company_internal'.\n- ***/*internal** \u2014All internal-related files in a directory and its subdirectories.\n\nFor more examples, see [Use of Exclude and Include Filters](https://docs.aws.amazon.com/cli/latest/reference/s3/#use-of-exclude-and-include-filters) in the AWS CLI Command Reference.", + "title": "ExclusionPatterns", + "type": "array" }, - "State": { - "markdownDescription": "When set to enabled, this causes video, audio, and captions to be blanked when indicated by program metadata.", - "title": "State", - "type": "string" + "InclusionPatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of glob patterns (patterns that can expand a wildcard pattern into a list of path names that match the given pattern) for certain file names and file types to include in your index. If a document matches both an inclusion and exclusion prefix or pattern, the exclusion prefix takes precendence and the document is not indexed. Examples of glob patterns include:\n\n- */myapp/config/** \u2014All files inside config directory.\n- ***/*.png* \u2014All .png files in all directories.\n- ***/*.{png, ico, md}* \u2014All .png, .ico or .md files in all directories.\n- */myapp/src/**/*.ts* \u2014All .ts files inside src directory (and all its subdirectories).\n- ***/!(*.module).ts* \u2014All .ts files but not .module.ts\n- **.png , *.jpg* \u2014All PNG and JPEG image files in a directory (files with the extensions .png and .jpg).\n- **internal** \u2014All files in a directory that contain 'internal' in the file name, such as 'internal', 'internal_only', 'company_internal'.\n- ***/*internal** \u2014All internal-related files in a directory and its subdirectories.\n\nFor more examples, see [Use of Exclude and Include Filters](https://docs.aws.amazon.com/cli/latest/reference/s3/#use-of-exclude-and-include-filters) in the AWS CLI Command Reference.", + "title": "InclusionPatterns", + "type": "array" + }, + "InclusionPrefixes": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of S3 prefixes for the documents that should be included in the index.", + "title": "InclusionPrefixes", + "type": "array" } }, + "required": [ + "BucketName" + ], "type": "object" }, - "AWS::MediaLive::Channel.BurnInDestinationSettings": { + "AWS::Kendra::DataSource.S3Path": { "additionalProperties": false, "properties": { - "Alignment": { - "markdownDescription": "If no explicit xPosition or yPosition is provided, setting alignment to centered places the captions at the bottom center of the output. Similarly, setting a left alignment aligns captions to the bottom left of the output. If x and y positions are specified in conjunction with the alignment parameter, the font is justified (either left or centered) relative to those coordinates. Selecting \"smart\" justification left-justifies live subtitles and center-justifies pre-recorded subtitles. All burn-in and DVB-Sub font settings must match.", - "title": "Alignment", - "type": "string" - }, - "BackgroundColor": { - "markdownDescription": "Specifies the color of the rectangle behind the captions. All burn-in and DVB-Sub font settings must match.", - "title": "BackgroundColor", - "type": "string" - }, - "BackgroundOpacity": { - "markdownDescription": "Specifies the opacity of the background rectangle. 255 is opaque; 0 is transparent. Keeping this parameter blank is equivalent to setting it to 0 (transparent). All burn-in and DVB-Sub font settings must match.", - "title": "BackgroundOpacity", - "type": "number" - }, - "Font": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", - "markdownDescription": "The external font file that is used for captions burn-in. The file extension must be .ttf or .tte. Although you can select output fonts for many different types of input captions, embedded, STL, and Teletext sources use a strict grid system. Using external fonts with these captions sources could cause an unexpected display of proportional fonts. All burn-in and DVB-Sub font settings must match.", - "title": "Font" - }, - "FontColor": { - "markdownDescription": "Specifies the color of the burned-in captions. This option is not valid for source captions that are STL, 608/embedded, or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", - "title": "FontColor", - "type": "string" - }, - "FontOpacity": { - "markdownDescription": "Specifies the opacity of the burned-in captions. 255 is opaque; 0 is transparent. All burn-in and DVB-Sub font settings must match.", - "title": "FontOpacity", - "type": "number" - }, - "FontResolution": { - "markdownDescription": "The font resolution in DPI (dots per inch). The default is 96 dpi. All burn-in and DVB-Sub font settings must match.", - "title": "FontResolution", - "type": "number" - }, - "FontSize": { - "markdownDescription": "When set to auto, fontSize scales depending on the size of the output. Providing a positive integer specifies the exact font size in points. All burn-in and DVB-Sub font settings must match.", - "title": "FontSize", + "Bucket": { + "markdownDescription": "The name of the S3 bucket that contains the file.", + "title": "Bucket", "type": "string" }, - "OutlineColor": { - "markdownDescription": "Specifies the font outline color. This option is not valid for source captions that are either 608/embedded or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", - "title": "OutlineColor", + "Key": { + "markdownDescription": "The name of the file.", + "title": "Key", "type": "string" - }, - "OutlineSize": { - "markdownDescription": "Specifies font outline size in pixels. This option is not valid for source captions that are either 608/embedded or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", - "title": "OutlineSize", - "type": "number" - }, - "ShadowColor": { - "markdownDescription": "Specifies the color of the shadow cast by the captions. All burn-in and DVB-Sub font settings must match.", - "title": "ShadowColor", + } + }, + "required": [ + "Bucket", + "Key" + ], + "type": "object" + }, + "AWS::Kendra::DataSource.SalesforceChatterFeedConfiguration": { + "additionalProperties": false, + "properties": { + "DocumentDataFieldName": { + "markdownDescription": "The name of the column in the Salesforce FeedItem table that contains the content to index. Typically this is the `Body` column.", + "title": "DocumentDataFieldName", "type": "string" }, - "ShadowOpacity": { - "markdownDescription": "Specifies the opacity of the shadow. 255 is opaque; 0 is transparent. Keeping this parameter blank is equivalent to setting it to 0 (transparent). All burn-in and DVB-Sub font settings must match.", - "title": "ShadowOpacity", - "type": "number" - }, - "ShadowXOffset": { - "markdownDescription": "Specifies the horizontal offset of the shadow that is relative to the captions in pixels. A value of -2 would result in a shadow offset 2 pixels to the left. All burn-in and DVB-Sub font settings must match.", - "title": "ShadowXOffset", - "type": "number" - }, - "ShadowYOffset": { - "markdownDescription": "Specifies the vertical offset of the shadow that is relative to the captions in pixels. A value of -2 would result in a shadow offset 2 pixels above the text. All burn-in and DVB-Sub font settings must match.", - "title": "ShadowYOffset", - "type": "number" - }, - "TeletextGridControl": { - "markdownDescription": "Controls whether a fixed grid size is used to generate the output subtitles bitmap. This applies only to Teletext inputs and DVB-Sub/Burn-in outputs.", - "title": "TeletextGridControl", + "DocumentTitleFieldName": { + "markdownDescription": "The name of the column in the Salesforce FeedItem table that contains the title of the document. This is typically the `Title` column.", + "title": "DocumentTitleFieldName", "type": "string" }, - "XPosition": { - "markdownDescription": "Specifies the horizontal position of the captions relative to the left side of the output in pixels. A value of 10 would result in the captions starting 10 pixels from the left of the output. If no explicit xPosition is provided, the horizontal captions position is determined by the alignment parameter. All burn-in and DVB-Sub font settings must match.", - "title": "XPosition", - "type": "number" + "FieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + }, + "markdownDescription": "Maps fields from a Salesforce chatter feed into Amazon Kendra index fields.", + "title": "FieldMappings", + "type": "array" }, - "YPosition": { - "markdownDescription": "Specifies the vertical position of the captions relative to the top of the output in pixels. A value of 10 would result in the captions starting 10 pixels from the top of the output. If no explicit yPosition is provided, the captions are positioned towards the bottom of the output. All burn-in and DVB-Sub font settings must match.", - "title": "YPosition", - "type": "number" + "IncludeFilterTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "Filters the documents in the feed based on status of the user. When you specify `ACTIVE_USERS` only documents from users who have an active account are indexed. When you specify `STANDARD_USER` only documents for Salesforce standard users are documented. You can specify both.", + "title": "IncludeFilterTypes", + "type": "array" } }, + "required": [ + "DocumentDataFieldName" + ], "type": "object" }, - "AWS::MediaLive::Channel.CaptionDescription": { + "AWS::Kendra::DataSource.SalesforceConfiguration": { "additionalProperties": false, "properties": { - "Accessibility": { - "markdownDescription": "", - "title": "Accessibility", - "type": "string" + "ChatterFeedConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceChatterFeedConfiguration", + "markdownDescription": "Configuration information for Salesforce chatter feeds.", + "title": "ChatterFeedConfiguration" }, - "CaptionDashRoles": { + "CrawlAttachments": { + "markdownDescription": "Indicates whether Amazon Kendra should index attachments to Salesforce objects.", + "title": "CrawlAttachments", + "type": "boolean" + }, + "ExcludeAttachmentFilePatterns": { "items": { "type": "string" }, - "markdownDescription": "", - "title": "CaptionDashRoles", + "markdownDescription": "A list of regular expression patterns to exclude certain documents in your Salesforce. Documents that match the patterns are excluded from the index. Documents that don't match the patterns are included in the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index.\n\nThe pattern is applied to the name of the attached file.", + "title": "ExcludeAttachmentFilePatterns", "type": "array" }, - "CaptionSelectorName": { - "markdownDescription": "Specifies which input captions selector to use as a captions source when generating output captions. This field should match a captionSelector name.", - "title": "CaptionSelectorName", - "type": "string" + "IncludeAttachmentFilePatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns to include certain documents in your Salesforce. Documents that match the patterns are included in the index. Documents that don't match the patterns are excluded from the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index.\n\nThe pattern is applied to the name of the attached file.", + "title": "IncludeAttachmentFilePatterns", + "type": "array" }, - "DestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionDestinationSettings", - "markdownDescription": "Additional settings for a captions destination that depend on the destination type.", - "title": "DestinationSettings" + "KnowledgeArticleConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceKnowledgeArticleConfiguration", + "markdownDescription": "Configuration information for the knowledge article types that Amazon Kendra indexes. Amazon Kendra indexes standard knowledge articles and the standard fields of knowledge articles, or the custom fields of custom knowledge articles, but not both.", + "title": "KnowledgeArticleConfiguration" }, - "DvbDashAccessibility": { - "markdownDescription": "", - "title": "DvbDashAccessibility", + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that contains the key/value pairs required to connect to your Salesforce instance. The secret must contain a JSON structure with the following keys:\n\n- authenticationUrl - The OAUTH endpoint that Amazon Kendra connects to get an OAUTH token.\n- consumerKey - The application public key generated when you created your Salesforce application.\n- consumerSecret - The application private key generated when you created your Salesforce application.\n- password - The password associated with the user logging in to the Salesforce instance.\n- securityToken - The token associated with the user logging in to the Salesforce instance.\n- username - The user name of the user logging in to the Salesforce instance.", + "title": "SecretArn", "type": "string" }, - "LanguageCode": { - "markdownDescription": "An ISO 639-2 three-digit code. For more information, see http://www.loc.gov/standards/iso639-2/.", - "title": "LanguageCode", + "ServerUrl": { + "markdownDescription": "The instance URL for the Salesforce site that you want to index.", + "title": "ServerUrl", "type": "string" }, - "LanguageDescription": { - "markdownDescription": "Human-readable information to indicate the captions that are available for players (for example, English or Spanish).", - "title": "LanguageDescription", + "StandardObjectAttachmentConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceStandardObjectAttachmentConfiguration", + "markdownDescription": "Configuration information for processing attachments to Salesforce standard objects.", + "title": "StandardObjectAttachmentConfiguration" + }, + "StandardObjectConfigurations": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceStandardObjectConfiguration" + }, + "markdownDescription": "Configuration of the Salesforce standard objects that Amazon Kendra indexes.", + "title": "StandardObjectConfigurations", + "type": "array" + } + }, + "required": [ + "SecretArn", + "ServerUrl" + ], + "type": "object" + }, + "AWS::Kendra::DataSource.SalesforceCustomKnowledgeArticleTypeConfiguration": { + "additionalProperties": false, + "properties": { + "DocumentDataFieldName": { + "markdownDescription": "The name of the field in the custom knowledge article that contains the document data to index.", + "title": "DocumentDataFieldName", + "type": "string" + }, + "DocumentTitleFieldName": { + "markdownDescription": "The name of the field in the custom knowledge article that contains the document title.", + "title": "DocumentTitleFieldName", "type": "string" }, + "FieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + }, + "markdownDescription": "Maps attributes or field names of the custom knowledge article to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Salesforce fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Salesforce data source field names must exist in your Salesforce custom metadata.", + "title": "FieldMappings", + "type": "array" + }, "Name": { - "markdownDescription": "The name of the captions description. The name is used to associate a captions description with an output. Names must be unique within a channel.", + "markdownDescription": "The name of the configuration.", "title": "Name", "type": "string" } }, + "required": [ + "DocumentDataFieldName", + "Name" + ], "type": "object" }, - "AWS::MediaLive::Channel.CaptionDestinationSettings": { + "AWS::Kendra::DataSource.SalesforceKnowledgeArticleConfiguration": { "additionalProperties": false, "properties": { - "AribDestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AribDestinationSettings", - "markdownDescription": "The configuration of one ARIB captions encode in the output.", - "title": "AribDestinationSettings" - }, - "BurnInDestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.BurnInDestinationSettings", - "markdownDescription": "The configuration of one burn-in captions encode in the output.", - "title": "BurnInDestinationSettings" - }, - "DvbSubDestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.DvbSubDestinationSettings", - "markdownDescription": "The configuration of one DVB Sub captions encode in the output.", - "title": "DvbSubDestinationSettings" - }, - "EbuTtDDestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.EbuTtDDestinationSettings", - "markdownDescription": "Settings for EBU-TT captions in the output.", - "title": "EbuTtDDestinationSettings" - }, - "EmbeddedDestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.EmbeddedDestinationSettings", - "markdownDescription": "The configuration of one embedded captions encode in the output.", - "title": "EmbeddedDestinationSettings" - }, - "EmbeddedPlusScte20DestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.EmbeddedPlusScte20DestinationSettings", - "markdownDescription": "The configuration of one embedded plus SCTE-20 captions encode in the output.", - "title": "EmbeddedPlusScte20DestinationSettings" - }, - "RtmpCaptionInfoDestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.RtmpCaptionInfoDestinationSettings", - "markdownDescription": "The configuration of one RTMPCaptionInfo captions encode in the output.", - "title": "RtmpCaptionInfoDestinationSettings" - }, - "Scte20PlusEmbeddedDestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Scte20PlusEmbeddedDestinationSettings", - "markdownDescription": "The configuration of one SCTE20 plus embedded captions encode in the output.", - "title": "Scte20PlusEmbeddedDestinationSettings" - }, - "Scte27DestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Scte27DestinationSettings", - "markdownDescription": "The configuration of one SCTE-27 captions encode in the output.", - "title": "Scte27DestinationSettings" - }, - "SmpteTtDestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.SmpteTtDestinationSettings", - "markdownDescription": "The configuration of one SMPTE-TT captions encode in the output.", - "title": "SmpteTtDestinationSettings" - }, - "TeletextDestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.TeletextDestinationSettings", - "markdownDescription": "The configuration of one Teletext captions encode in the output.", - "title": "TeletextDestinationSettings" + "CustomKnowledgeArticleTypeConfigurations": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceCustomKnowledgeArticleTypeConfiguration" + }, + "markdownDescription": "Configuration information for custom Salesforce knowledge articles.", + "title": "CustomKnowledgeArticleTypeConfigurations", + "type": "array" }, - "TtmlDestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.TtmlDestinationSettings", - "markdownDescription": "The configuration of one TTML captions encode in the output.", - "title": "TtmlDestinationSettings" + "IncludedStates": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the document states that should be included when Amazon Kendra indexes knowledge articles. You must specify at least one state.", + "title": "IncludedStates", + "type": "array" }, - "WebvttDestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.WebvttDestinationSettings", - "markdownDescription": "The configuration of one WebVTT captions encode in the output.", - "title": "WebvttDestinationSettings" + "StandardKnowledgeArticleTypeConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceStandardKnowledgeArticleTypeConfiguration", + "markdownDescription": "Configuration information for standard Salesforce knowledge articles.", + "title": "StandardKnowledgeArticleTypeConfiguration" } }, + "required": [ + "IncludedStates" + ], "type": "object" }, - "AWS::MediaLive::Channel.CaptionLanguageMapping": { + "AWS::Kendra::DataSource.SalesforceStandardKnowledgeArticleTypeConfiguration": { "additionalProperties": false, "properties": { - "CaptionChannel": { - "markdownDescription": "The closed caption channel being described by this CaptionLanguageMapping. Each channel mapping must have a unique channel number (maximum of 4).", - "title": "CaptionChannel", - "type": "number" - }, - "LanguageCode": { - "markdownDescription": "A three-character ISO 639-2 language code (see http://www.loc.gov/standards/iso639-2).", - "title": "LanguageCode", + "DocumentDataFieldName": { + "markdownDescription": "The name of the field that contains the document data to index.", + "title": "DocumentDataFieldName", "type": "string" }, - "LanguageDescription": { - "markdownDescription": "The textual description of language.", - "title": "LanguageDescription", + "DocumentTitleFieldName": { + "markdownDescription": "The name of the field that contains the document title.", + "title": "DocumentTitleFieldName", "type": "string" + }, + "FieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + }, + "markdownDescription": "Maps attributes or field names of the knowledge article to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Salesforce fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Salesforce data source field names must exist in your Salesforce custom metadata.", + "title": "FieldMappings", + "type": "array" } }, + "required": [ + "DocumentDataFieldName" + ], "type": "object" }, - "AWS::MediaLive::Channel.CaptionRectangle": { + "AWS::Kendra::DataSource.SalesforceStandardObjectAttachmentConfiguration": { "additionalProperties": false, "properties": { - "Height": { - "markdownDescription": "See the description in leftOffset.\n\nFor height, specify the entire height of the rectangle as a percentage of the underlying frame height. For example, \\\"80\\\" means the rectangle height is 80% of the underlying frame height. The topOffset and rectangleHeight must add up to 100% or less. This field corresponds to tts:extent - Y in the TTML standard.", - "title": "Height", - "type": "number" - }, - "LeftOffset": { - "markdownDescription": "Applies only if you plan to convert these source captions to EBU-TT-D or TTML in an output. (Make sure to leave the default if you don't have either of these formats in the output.) You can define a display rectangle for the captions that is smaller than the underlying video frame. You define the rectangle by specifying the position of the left edge, top edge, bottom edge, and right edge of the rectangle, all within the underlying video frame. The units for the measurements are percentages. If you specify a value for one of these fields, you must specify a value for all of them.\n\nFor leftOffset, specify the position of the left edge of the rectangle, as a percentage of the underlying frame width, and relative to the left edge of the frame. For example, \\\"10\\\" means the measurement is 10% of the underlying frame width. The rectangle left edge starts at that position from the left edge of the frame. This field corresponds to tts:origin - X in the TTML standard.", - "title": "LeftOffset", - "type": "number" - }, - "TopOffset": { - "markdownDescription": "See the description in leftOffset.\n\nFor topOffset, specify the position of the top edge of the rectangle, as a percentage of the underlying frame height, and relative to the top edge of the frame. For example, \\\"10\\\" means the measurement is 10% of the underlying frame height. The rectangle top edge starts at that position from the top edge of the frame. This field corresponds to tts:origin - Y in the TTML standard.", - "title": "TopOffset", - "type": "number" + "DocumentTitleFieldName": { + "markdownDescription": "The name of the field used for the document title.", + "title": "DocumentTitleFieldName", + "type": "string" }, - "Width": { - "markdownDescription": "See the description in leftOffset.\n\nFor width, specify the entire width of the rectangle as a percentage of the underlying frame width. For example, \\\"80\\\" means the rectangle width is 80% of the underlying frame width. The leftOffset and rectangleWidth must add up to 100% or less. This field corresponds to tts:extent - X in the TTML standard.", - "title": "Width", - "type": "number" + "FieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + }, + "markdownDescription": "One or more objects that map fields in attachments to Amazon Kendra index fields.", + "title": "FieldMappings", + "type": "array" } }, "type": "object" }, - "AWS::MediaLive::Channel.CaptionSelector": { + "AWS::Kendra::DataSource.SalesforceStandardObjectConfiguration": { "additionalProperties": false, "properties": { - "LanguageCode": { - "markdownDescription": "When specified, this field indicates the three-letter language code of the captions track to extract from the source.", - "title": "LanguageCode", + "DocumentDataFieldName": { + "markdownDescription": "The name of the field in the standard object table that contains the document contents.", + "title": "DocumentDataFieldName", + "type": "string" + }, + "DocumentTitleFieldName": { + "markdownDescription": "The name of the field in the standard object table that contains the document title.", + "title": "DocumentTitleFieldName", "type": "string" }, + "FieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + }, + "markdownDescription": "Maps attributes or field names of the standard object to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Salesforce fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Salesforce data source field names must exist in your Salesforce custom metadata.", + "title": "FieldMappings", + "type": "array" + }, "Name": { - "markdownDescription": "The name identifier for a captions selector. This name is used to associate this captions selector with one or more captions descriptions. Names must be unique within a channel.", + "markdownDescription": "The name of the standard object.", "title": "Name", "type": "string" - }, - "SelectorSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionSelectorSettings", - "markdownDescription": "Information about the specific audio to extract from the input.", - "title": "SelectorSettings" } }, + "required": [ + "DocumentDataFieldName", + "Name" + ], "type": "object" }, - "AWS::MediaLive::Channel.CaptionSelectorSettings": { + "AWS::Kendra::DataSource.ServiceNowConfiguration": { "additionalProperties": false, "properties": { - "AncillarySourceSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AncillarySourceSettings", - "markdownDescription": "Information about the ancillary captions to extract from the input.", - "title": "AncillarySourceSettings" - }, - "AribSourceSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AribSourceSettings", - "markdownDescription": "Information about the ARIB captions to extract from the input.", - "title": "AribSourceSettings" + "AuthenticationType": { + "markdownDescription": "The type of authentication used to connect to the ServiceNow instance. If you choose `HTTP_BASIC` , Amazon Kendra is authenticated using the user name and password provided in the AWS Secrets Manager secret in the `SecretArn` field. If you choose `OAUTH2` , Amazon Kendra is authenticated using the credentials of client ID, client secret, user name and password.\n\nWhen you use `OAUTH2` authentication, you must generate a token and a client secret using the ServiceNow console. For more information, see [Using a ServiceNow data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-servicenow.html) .", + "title": "AuthenticationType", + "type": "string" }, - "DvbSubSourceSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.DvbSubSourceSettings", - "markdownDescription": "Information about the DVB Sub captions to extract from the input.", - "title": "DvbSubSourceSettings" + "HostUrl": { + "markdownDescription": "The ServiceNow instance that the data source connects to. The host endpoint should look like the following: *{instance}.service-now.com.*", + "title": "HostUrl", + "type": "string" }, - "EmbeddedSourceSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.EmbeddedSourceSettings", - "markdownDescription": "Information about the embedded captions to extract from the input.", - "title": "EmbeddedSourceSettings" + "KnowledgeArticleConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ServiceNowKnowledgeArticleConfiguration", + "markdownDescription": "Configuration information for crawling knowledge articles in the ServiceNow site.", + "title": "KnowledgeArticleConfiguration" }, - "Scte20SourceSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Scte20SourceSettings", - "markdownDescription": "Information about the SCTE-20 captions to extract from the input.", - "title": "Scte20SourceSettings" + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Secrets Manager secret that contains the user name and password required to connect to the ServiceNow instance. You can also provide OAuth authentication credentials of user name, password, client ID, and client secret. For more information, see [Using a ServiceNow data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-servicenow.html) .", + "title": "SecretArn", + "type": "string" }, - "Scte27SourceSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Scte27SourceSettings", - "markdownDescription": "Information about the SCTE-27 captions to extract from the input.", - "title": "Scte27SourceSettings" + "ServiceCatalogConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ServiceNowServiceCatalogConfiguration", + "markdownDescription": "Configuration information for crawling service catalogs in the ServiceNow site.", + "title": "ServiceCatalogConfiguration" }, - "TeletextSourceSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.TeletextSourceSettings", - "markdownDescription": "Information about the Teletext captions to extract from the input.", - "title": "TeletextSourceSettings" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.CdiInputSpecification": { - "additionalProperties": false, - "properties": { - "Resolution": { - "markdownDescription": "Maximum CDI input resolution", - "title": "Resolution", + "ServiceNowBuildVersion": { + "markdownDescription": "The identifier of the release that the ServiceNow host is running. If the host is not running the `LONDON` release, use `OTHERS` .", + "title": "ServiceNowBuildVersion", "type": "string" } }, + "required": [ + "HostUrl", + "SecretArn", + "ServiceNowBuildVersion" + ], "type": "object" }, - "AWS::MediaLive::Channel.CmafIngestGroupSettings": { + "AWS::Kendra::DataSource.ServiceNowKnowledgeArticleConfiguration": { "additionalProperties": false, "properties": { - "Destination": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", - "markdownDescription": "", - "title": "Destination" + "CrawlAttachments": { + "markdownDescription": "`TRUE` to index attachments to knowledge articles.", + "title": "CrawlAttachments", + "type": "boolean" }, - "NielsenId3Behavior": { - "markdownDescription": "", - "title": "NielsenId3Behavior", + "DocumentDataFieldName": { + "markdownDescription": "The name of the ServiceNow field that is mapped to the index document contents field in the Amazon Kendra index.", + "title": "DocumentDataFieldName", "type": "string" }, - "Scte35Type": { - "markdownDescription": "", - "title": "Scte35Type", + "DocumentTitleFieldName": { + "markdownDescription": "The name of the ServiceNow field that is mapped to the index document title field.", + "title": "DocumentTitleFieldName", "type": "string" }, - "SegmentLength": { - "markdownDescription": "", - "title": "SegmentLength", - "type": "number" + "ExcludeAttachmentFilePatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns applied to exclude certain knowledge article attachments. Attachments that match the patterns are excluded from the index. Items that don't match the patterns are included in the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.", + "title": "ExcludeAttachmentFilePatterns", + "type": "array" }, - "SegmentLengthUnits": { - "markdownDescription": "", - "title": "SegmentLengthUnits", + "FieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + }, + "markdownDescription": "Maps attributes or field names of knoweldge articles to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to ServiceNow fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The ServiceNow data source field names must exist in your ServiceNow custom metadata.", + "title": "FieldMappings", + "type": "array" + }, + "FilterQuery": { + "markdownDescription": "A query that selects the knowledge articles to index. The query can return articles from multiple knowledge bases, and the knowledge bases can be public or private.\n\nThe query string must be one generated by the ServiceNow console. For more information, see [Specifying documents to index with a query](https://docs.aws.amazon.com/kendra/latest/dg/servicenow-query.html) .", + "title": "FilterQuery", "type": "string" }, - "SendDelayMs": { - "markdownDescription": "", - "title": "SendDelayMs", - "type": "number" + "IncludeAttachmentFilePatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns applied to include knowledge article attachments. Attachments that match the patterns are included in the index. Items that don't match the patterns are excluded from the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.", + "title": "IncludeAttachmentFilePatterns", + "type": "array" } }, + "required": [ + "DocumentDataFieldName" + ], "type": "object" }, - "AWS::MediaLive::Channel.CmafIngestOutputSettings": { + "AWS::Kendra::DataSource.ServiceNowServiceCatalogConfiguration": { "additionalProperties": false, "properties": { - "NameModifier": { - "markdownDescription": "", - "title": "NameModifier", + "CrawlAttachments": { + "markdownDescription": "`TRUE` to index attachments to service catalog items.", + "title": "CrawlAttachments", + "type": "boolean" + }, + "DocumentDataFieldName": { + "markdownDescription": "The name of the ServiceNow field that is mapped to the index document contents field in the Amazon Kendra index.", + "title": "DocumentDataFieldName", + "type": "string" + }, + "DocumentTitleFieldName": { + "markdownDescription": "The name of the ServiceNow field that is mapped to the index document title field.", + "title": "DocumentTitleFieldName", "type": "string" + }, + "ExcludeAttachmentFilePatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns to exclude certain attachments of catalogs in your ServiceNow. Item that match the patterns are excluded from the index. Items that don't match the patterns are included in the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.\n\nThe regex is applied to the file name of the attachment.", + "title": "ExcludeAttachmentFilePatterns", + "type": "array" + }, + "FieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + }, + "markdownDescription": "Maps attributes or field names of catalogs to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to ServiceNow fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The ServiceNow data source field names must exist in your ServiceNow custom metadata.", + "title": "FieldMappings", + "type": "array" + }, + "IncludeAttachmentFilePatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns to include certain attachments of catalogs in your ServiceNow. Item that match the patterns are included in the index. Items that don't match the patterns are excluded from the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.\n\nThe regex is applied to the file name of the attachment.", + "title": "IncludeAttachmentFilePatterns", + "type": "array" } }, + "required": [ + "DocumentDataFieldName" + ], "type": "object" }, - "AWS::MediaLive::Channel.ColorCorrection": { + "AWS::Kendra::DataSource.SharePointConfiguration": { "additionalProperties": false, "properties": { - "InputColorSpace": { - "markdownDescription": "", - "title": "InputColorSpace", + "CrawlAttachments": { + "markdownDescription": "`TRUE` to index document attachments.", + "title": "CrawlAttachments", + "type": "boolean" + }, + "DisableLocalGroups": { + "markdownDescription": "`TRUE` to disable local groups information.", + "title": "DisableLocalGroups", + "type": "boolean" + }, + "DocumentTitleFieldName": { + "markdownDescription": "The Microsoft SharePoint attribute field that contains the title of the document.", + "title": "DocumentTitleFieldName", "type": "string" }, - "OutputColorSpace": { - "markdownDescription": "", - "title": "OutputColorSpace", + "ExclusionPatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns. Documents that match the patterns are excluded from the index. Documents that don't match the patterns are included in the index. If a document matches both an exclusion pattern and an inclusion pattern, the document is not included in the index.\n\nThe regex is applied to the display URL of the SharePoint document.", + "title": "ExclusionPatterns", + "type": "array" + }, + "FieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + }, + "markdownDescription": "A list of `DataSourceToIndexFieldMapping` objects that map Microsoft SharePoint attributes or fields to Amazon Kendra index fields. You must first create the index fields using the [UpdateIndex](https://docs.aws.amazon.com/kendra/latest/dg/API_UpdateIndex.html) operation before you map SharePoint attributes. For more information, see [Mapping Data Source Fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) .", + "title": "FieldMappings", + "type": "array" + }, + "InclusionPatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns to include certain documents in your SharePoint. Documents that match the patterns are included in the index. Documents that don't match the patterns are excluded from the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index.\n\nThe regex applies to the display URL of the SharePoint document.", + "title": "InclusionPatterns", + "type": "array" + }, + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that contains the user name and password required to connect to the SharePoint instance. For more information, see [Microsoft SharePoint](https://docs.aws.amazon.com/kendra/latest/dg/data-source-sharepoint.html) .", + "title": "SecretArn", "type": "string" }, - "Uri": { - "markdownDescription": "", - "title": "Uri", + "SharePointVersion": { + "markdownDescription": "The version of Microsoft SharePoint that you use.", + "title": "SharePointVersion", "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.ColorCorrectionSettings": { - "additionalProperties": false, - "properties": { - "GlobalColorCorrections": { + }, + "SslCertificateS3Path": { + "$ref": "#/definitions/AWS::Kendra::DataSource.S3Path", + "markdownDescription": "Information required to find a specific file in an Amazon S3 bucket.", + "title": "SslCertificateS3Path" + }, + "Urls": { "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.ColorCorrection" + "type": "string" }, - "markdownDescription": "", - "title": "GlobalColorCorrections", + "markdownDescription": "The Microsoft SharePoint site URLs for the documents you want to index.", + "title": "Urls", "type": "array" + }, + "UseChangeLog": { + "markdownDescription": "`TRUE` to use the SharePoint change log to determine which documents require updating in the index. Depending on the change log's size, it may take longer for Amazon Kendra to use the change log than to scan all of your documents in SharePoint.", + "title": "UseChangeLog", + "type": "boolean" + }, + "VpcConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceVpcConfiguration", + "markdownDescription": "Provides information for connecting to an Amazon VPC.", + "title": "VpcConfiguration" } }, + "required": [ + "SecretArn", + "SharePointVersion", + "Urls" + ], "type": "object" }, - "AWS::MediaLive::Channel.ColorSpacePassthroughSettings": { + "AWS::Kendra::DataSource.SqlConfiguration": { "additionalProperties": false, - "properties": {}, + "properties": { + "QueryIdentifiersEnclosingOption": { + "markdownDescription": "Determines whether Amazon Kendra encloses SQL identifiers for tables and column names in double quotes (\") when making a database query. You can set the value to `DOUBLE_QUOTES` or `NONE` .\n\nBy default, Amazon Kendra passes SQL identifiers the way that they are entered into the data source configuration. It does not change the case of identifiers or enclose them in quotes.\n\nPostgreSQL internally converts uppercase characters to lower case characters in identifiers unless they are quoted. Choosing this option encloses identifiers in quotes so that PostgreSQL does not convert the character's case.\n\nFor MySQL databases, you must enable the ansi_quotes option when you set this field to `DOUBLE_QUOTES` .", + "title": "QueryIdentifiersEnclosingOption", + "type": "string" + } + }, "type": "object" }, - "AWS::MediaLive::Channel.DolbyVision81Settings": { + "AWS::Kendra::DataSource.TemplateConfiguration": { "additionalProperties": false, - "properties": {}, + "properties": { + "Template": { + "markdownDescription": "The template schema used for the data source, where templates schemas are supported.\n\nSee [Data source template schemas](https://docs.aws.amazon.com/kendra/latest/dg/ds-schemas.html) .", + "title": "Template", + "type": "object" + } + }, + "required": [ + "Template" + ], "type": "object" }, - "AWS::MediaLive::Channel.DvbNitSettings": { + "AWS::Kendra::DataSource.WebCrawlerAuthenticationConfiguration": { "additionalProperties": false, "properties": { - "NetworkId": { - "markdownDescription": "The numeric value placed in the Network Information Table (NIT).", - "title": "NetworkId", - "type": "number" - }, - "NetworkName": { - "markdownDescription": "The network name text placed in the networkNameDescriptor inside the Network Information Table (NIT). The maximum length is 256 characters.", - "title": "NetworkName", - "type": "string" - }, - "RepInterval": { - "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream.", - "title": "RepInterval", - "type": "number" + "BasicAuthentication": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.WebCrawlerBasicAuthentication" + }, + "markdownDescription": "The list of configuration information that's required to connect to and crawl a website host using basic authentication credentials.\n\nThe list includes the name and port number of the website host.", + "title": "BasicAuthentication", + "type": "array" } }, "type": "object" }, - "AWS::MediaLive::Channel.DvbSdtSettings": { + "AWS::Kendra::DataSource.WebCrawlerBasicAuthentication": { "additionalProperties": false, "properties": { - "OutputSdt": { - "markdownDescription": "Selects a method of inserting SDT information into an output stream. The sdtFollow setting copies SDT information from input stream to output stream. The sdtFollowIfPresent setting copies SDT information from input stream to output stream if SDT information is present in the input. Otherwise, it falls back on the user-defined values. The sdtManual setting means that the user will enter the SDT information. The sdtNone setting means that the output stream will not contain SDT information.", - "title": "OutputSdt", + "Credentials": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret. You create a secret to store your credentials in [AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html)\n\nYou use a secret if basic authentication credentials are required to connect to a website. The secret stores your credentials of user name and password.", + "title": "Credentials", "type": "string" }, - "RepInterval": { - "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream.", - "title": "RepInterval", - "type": "number" - }, - "ServiceName": { - "markdownDescription": "The service name placed in the serviceDescriptor in the Service Description Table (SDT). The maximum length is 256 characters.", - "title": "ServiceName", + "Host": { + "markdownDescription": "The name of the website host you want to connect to using authentication credentials.\n\nFor example, the host name of https://a.example.com/page1.html is \"a.example.com\".", + "title": "Host", "type": "string" }, - "ServiceProviderName": { - "markdownDescription": "The service provider name placed in the serviceDescriptor in the Service Description Table (SDT). The maximum length is 256 characters.", - "title": "ServiceProviderName", - "type": "string" + "Port": { + "markdownDescription": "The port number of the website host you want to connect to using authentication credentials.\n\nFor example, the port for https://a.example.com/page1.html is 443, the standard port for HTTPS.", + "title": "Port", + "type": "number" } }, + "required": [ + "Credentials", + "Host", + "Port" + ], "type": "object" }, - "AWS::MediaLive::Channel.DvbSubDestinationSettings": { + "AWS::Kendra::DataSource.WebCrawlerConfiguration": { "additionalProperties": false, "properties": { - "Alignment": { - "markdownDescription": "If no explicit xPosition or yPosition is provided, setting the alignment to centered places the captions at the bottom center of the output. Similarly, setting a left alignment aligns captions to the bottom left of the output. If x and y positions are specified in conjunction with the alignment parameter, the font is justified (either left or centered) relative to those coordinates. Selecting \"smart\" justification left-justifies live subtitles and center-justifies pre-recorded subtitles. This option is not valid for source captions that are STL or 608/embedded. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", - "title": "Alignment", - "type": "string" - }, - "BackgroundColor": { - "markdownDescription": "Specifies the color of the rectangle behind the captions. All burn-in and DVB-Sub font settings must match.", - "title": "BackgroundColor", - "type": "string" + "AuthenticationConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.WebCrawlerAuthenticationConfiguration", + "markdownDescription": "Configuration information required to connect to websites using authentication.\n\nYou can connect to websites using basic authentication of user name and password. You use a secret in [AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html) to store your authentication credentials.\n\nYou must provide the website host name and port number. For example, the host name of https://a.example.com/page1.html is \"a.example.com\" and the port is 443, the standard port for HTTPS.", + "title": "AuthenticationConfiguration" }, - "BackgroundOpacity": { - "markdownDescription": "Specifies the opacity of the background rectangle. 255 is opaque; 0 is transparent. Keeping this parameter blank is equivalent to setting it to 0 (transparent). All burn-in and DVB-Sub font settings must match.", - "title": "BackgroundOpacity", + "CrawlDepth": { + "markdownDescription": "The 'depth' or number of levels from the seed level to crawl. For example, the seed URL page is depth 1 and any hyperlinks on this page that are also crawled are depth 2.", + "title": "CrawlDepth", "type": "number" }, - "Font": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", - "markdownDescription": "The external font file that is used for captions burn-in. The file extension must be .ttf or .tte. Although you can select output fonts for many different types of input captions, embedded, STL, and Teletext sources use a strict grid system. Using external fonts with these captions sources could cause an unexpected display of proportional fonts. All burn-in and DVB-Sub font settings must match.", - "title": "Font" - }, - "FontColor": { - "markdownDescription": "Specifies the color of the burned-in captions. This option is not valid for source captions that are STL, 608/embedded, or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", - "title": "FontColor", - "type": "string" - }, - "FontOpacity": { - "markdownDescription": "Specifies the opacity of the burned-in captions. 255 is opaque; 0 is transparent. All burn-in and DVB-Sub font settings must match.", - "title": "FontOpacity", + "MaxContentSizePerPageInMegaBytes": { + "markdownDescription": "The maximum size (in MB) of a web page or attachment to crawl.\n\nFiles larger than this size (in MB) are skipped/not crawled.\n\nThe default maximum size of a web page or attachment is set to 50 MB.", + "title": "MaxContentSizePerPageInMegaBytes", "type": "number" }, - "FontResolution": { - "markdownDescription": "The font resolution in DPI (dots per inch). The default is 96 dpi. All burn-in and DVB-Sub font settings must match.", - "title": "FontResolution", + "MaxLinksPerPage": { + "markdownDescription": "The maximum number of URLs on a web page to include when crawling a website. This number is per web page.\n\nAs a website\u2019s web pages are crawled, any URLs the web pages link to are also crawled. URLs on a web page are crawled in order of appearance.\n\nThe default maximum links per page is 100.", + "title": "MaxLinksPerPage", "type": "number" }, - "FontSize": { - "markdownDescription": "When set to auto, fontSize scales depending on the size of the output. Providing a positive integer specifies the exact font size in points. All burn-in and DVB-Sub font settings must match.", - "title": "FontSize", - "type": "string" - }, - "OutlineColor": { - "markdownDescription": "Specifies the font outline color. This option is not valid for source captions that are either 608/embedded or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", - "title": "OutlineColor", - "type": "string" - }, - "OutlineSize": { - "markdownDescription": "Specifies the font outline size in pixels. This option is not valid for source captions that are either 608/embedded or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", - "title": "OutlineSize", + "MaxUrlsPerMinuteCrawlRate": { + "markdownDescription": "The maximum number of URLs crawled per website host per minute.\n\nA minimum of one URL is required.\n\nThe default maximum number of URLs crawled per website host per minute is 300.", + "title": "MaxUrlsPerMinuteCrawlRate", "type": "number" }, - "ShadowColor": { - "markdownDescription": "Specifies the color of the shadow that is cast by the captions. All burn-in and DVB-Sub font settings must match.", - "title": "ShadowColor", - "type": "string" + "ProxyConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ProxyConfiguration", + "markdownDescription": "Configuration information required to connect to your internal websites via a web proxy.\n\nYou must provide the website host name and port number. For example, the host name of https://a.example.com/page1.html is \"a.example.com\" and the port is 443, the standard port for HTTPS.\n\nWeb proxy credentials are optional and you can use them to connect to a web proxy server that requires basic authentication. To store web proxy credentials, you use a secret in [AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html) .", + "title": "ProxyConfiguration" }, - "ShadowOpacity": { - "markdownDescription": "Specifies the opacity of the shadow. 255 is opaque; 0 is transparent. Keeping this parameter blank is equivalent to setting it to 0 (transparent). All burn-in and DVB-Sub font settings must match.", - "title": "ShadowOpacity", - "type": "number" + "UrlExclusionPatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns to exclude certain URLs to crawl. URLs that match the patterns are excluded from the index. URLs that don't match the patterns are included in the index. If a URL matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the URL file isn't included in the index.", + "title": "UrlExclusionPatterns", + "type": "array" }, - "ShadowXOffset": { - "markdownDescription": "Specifies the horizontal offset of the shadow relative to the captions in pixels. A value of -2 would result in a shadow offset 2 pixels to the left. All burn-in and DVB-Sub font settings must match.", - "title": "ShadowXOffset", - "type": "number" + "UrlInclusionPatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns to include certain URLs to crawl. URLs that match the patterns are included in the index. URLs that don't match the patterns are excluded from the index. If a URL matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the URL file isn't included in the index.", + "title": "UrlInclusionPatterns", + "type": "array" }, - "ShadowYOffset": { - "markdownDescription": "Specifies the vertical offset of the shadow relative to the captions in pixels. A value of -2 would result in a shadow offset 2 pixels above the text. All burn-in and DVB-Sub font settings must match.", - "title": "ShadowYOffset", - "type": "number" + "Urls": { + "$ref": "#/definitions/AWS::Kendra::DataSource.WebCrawlerUrls", + "markdownDescription": "Specifies the seed or starting point URLs of the websites or the sitemap URLs of the websites you want to crawl.\n\nYou can include website subdomains. You can list up to 100 seed URLs and up to three sitemap URLs.\n\nYou can only crawl websites that use the secure communication protocol, Hypertext Transfer Protocol Secure (HTTPS). If you receive an error when crawling a website, it could be that the website is blocked from crawling.\n\n*When selecting websites to index, you must adhere to the [Amazon Acceptable Use Policy](https://docs.aws.amazon.com/aup/) and all other Amazon terms. Remember that you must only use Amazon Kendra Web Crawler to index your own webpages, or webpages that you have authorization to index.*", + "title": "Urls" + } + }, + "required": [ + "Urls" + ], + "type": "object" + }, + "AWS::Kendra::DataSource.WebCrawlerSeedUrlConfiguration": { + "additionalProperties": false, + "properties": { + "SeedUrls": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of seed or starting point URLs of the websites you want to crawl.\n\nThe list can include a maximum of 100 seed URLs.", + "title": "SeedUrls", + "type": "array" }, - "TeletextGridControl": { - "markdownDescription": "Controls whether a fixed grid size is used to generate the output subtitles bitmap. This applies to only Teletext inputs and DVB-Sub/Burn-in outputs.", - "title": "TeletextGridControl", + "WebCrawlerMode": { + "markdownDescription": "You can choose one of the following modes:\n\n- `HOST_ONLY` \u2014crawl only the website host names. For example, if the seed URL is \"abc.example.com\", then only URLs with host name \"abc.example.com\" are crawled.\n- `SUBDOMAINS` \u2014crawl the website host names with subdomains. For example, if the seed URL is \"abc.example.com\", then \"a.abc.example.com\" and \"b.abc.example.com\" are also crawled.\n- `EVERYTHING` \u2014crawl the website host names with subdomains and other domains that the web pages link to.\n\nThe default mode is set to `HOST_ONLY` .", + "title": "WebCrawlerMode", "type": "string" - }, - "XPosition": { - "markdownDescription": "Specifies the horizontal position of the captions relative to the left side of the output in pixels. A value of 10 would result in the captions starting 10 pixels from the left of the output. If no explicit xPosition is provided, the horizontal captions position is determined by the alignment parameter. This option is not valid for source captions that are STL, 608/embedded, or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", - "title": "XPosition", - "type": "number" - }, - "YPosition": { - "markdownDescription": "Specifies the vertical position of the captions relative to the top of the output in pixels. A value of 10 would result in the captions starting 10 pixels from the top of the output. If no explicit yPosition is provided, the captions are positioned towards the bottom of the output. This option is not valid for source captions that are STL, 608/embedded, or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", - "title": "YPosition", - "type": "number" } }, + "required": [ + "SeedUrls" + ], "type": "object" }, - "AWS::MediaLive::Channel.DvbSubSourceSettings": { + "AWS::Kendra::DataSource.WebCrawlerSiteMapsConfiguration": { "additionalProperties": false, "properties": { - "OcrLanguage": { - "markdownDescription": "If you will configure a WebVTT caption description that references this caption selector, use this field to\nprovide the language to consider when translating the image-based source to text.", - "title": "OcrLanguage", - "type": "string" - }, - "Pid": { - "markdownDescription": "When using DVB-Sub with burn-in or SMPTE-TT, use this PID for the source content. It is unused for DVB-Sub passthrough. All DVB-Sub content is passed through, regardless of selectors.", - "title": "Pid", - "type": "number" + "SiteMaps": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of sitemap URLs of the websites you want to crawl.\n\nThe list can include a maximum of three sitemap URLs.", + "title": "SiteMaps", + "type": "array" } }, + "required": [ + "SiteMaps" + ], "type": "object" }, - "AWS::MediaLive::Channel.DvbTdtSettings": { + "AWS::Kendra::DataSource.WebCrawlerUrls": { "additionalProperties": false, "properties": { - "RepInterval": { - "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream.", - "title": "RepInterval", - "type": "number" + "SeedUrlConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.WebCrawlerSeedUrlConfiguration", + "markdownDescription": "Configuration of the seed or starting point URLs of the websites you want to crawl.\n\nYou can choose to crawl only the website host names, or the website host names with subdomains, or the website host names with subdomains and other domains that the web pages link to.\n\nYou can list up to 100 seed URLs.", + "title": "SeedUrlConfiguration" + }, + "SiteMapsConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.WebCrawlerSiteMapsConfiguration", + "markdownDescription": "Configuration of the sitemap URLs of the websites you want to crawl.\n\nOnly URLs belonging to the same website host names are crawled. You can list up to three sitemap URLs.", + "title": "SiteMapsConfiguration" } }, "type": "object" }, - "AWS::MediaLive::Channel.Eac3AtmosSettings": { + "AWS::Kendra::DataSource.WorkDocsConfiguration": { "additionalProperties": false, "properties": { - "Bitrate": { - "markdownDescription": "", - "title": "Bitrate", - "type": "number" + "CrawlComments": { + "markdownDescription": "`TRUE` to include comments on documents in your index. Including comments in your index means each comment is a document that can be searched on.\n\nThe default is set to `FALSE` .", + "title": "CrawlComments", + "type": "boolean" }, - "CodingMode": { - "markdownDescription": "", - "title": "CodingMode", - "type": "string" + "ExclusionPatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns to exclude certain files in your Amazon WorkDocs site repository. Files that match the patterns are excluded from the index. Files that don\u2019t match the patterns are included in the index. If a file matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the file isn't included in the index.", + "title": "ExclusionPatterns", + "type": "array" }, - "Dialnorm": { - "markdownDescription": "", - "title": "Dialnorm", - "type": "number" + "FieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + }, + "markdownDescription": "A list of `DataSourceToIndexFieldMapping` objects that map Amazon WorkDocs data source attributes or field names to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Amazon WorkDocs fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Amazon WorkDocs data source field names must exist in your Amazon WorkDocs custom metadata.", + "title": "FieldMappings", + "type": "array" }, - "DrcLine": { - "markdownDescription": "", - "title": "DrcLine", - "type": "string" + "InclusionPatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns to include certain files in your Amazon WorkDocs site repository. Files that match the patterns are included in the index. Files that don't match the patterns are excluded from the index. If a file matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the file isn't included in the index.", + "title": "InclusionPatterns", + "type": "array" }, - "DrcRf": { - "markdownDescription": "", - "title": "DrcRf", + "OrganizationId": { + "markdownDescription": "The identifier of the directory corresponding to your Amazon WorkDocs site repository.\n\nYou can find the organization ID in the [AWS Directory Service](https://docs.aws.amazon.com/directoryservicev2/) by going to *Active Directory* , then *Directories* . Your Amazon WorkDocs site directory has an ID, which is the organization ID. You can also set up a new Amazon WorkDocs directory in the AWS Directory Service console and enable a Amazon WorkDocs site for the directory in the Amazon WorkDocs console.", + "title": "OrganizationId", "type": "string" }, - "HeightTrim": { - "markdownDescription": "", - "title": "HeightTrim", - "type": "number" - }, - "SurroundTrim": { - "markdownDescription": "", - "title": "SurroundTrim", - "type": "number" + "UseChangeLog": { + "markdownDescription": "`TRUE` to use the Amazon WorkDocs change log to determine which documents require updating in the index. Depending on the change log's size, it may take longer for Amazon Kendra to use the change log than to scan all of your documents in Amazon WorkDocs.", + "title": "UseChangeLog", + "type": "boolean" } }, + "required": [ + "OrganizationId" + ], "type": "object" }, - "AWS::MediaLive::Channel.Eac3Settings": { + "AWS::Kendra::Faq": { "additionalProperties": false, "properties": { - "AttenuationControl": { - "markdownDescription": "When set to attenuate3Db, applies a 3 dB attenuation to the surround channels. Used only for the 3/2 coding mode.", - "title": "AttenuationControl", - "type": "string" - }, - "Bitrate": { - "markdownDescription": "The average bitrate in bits/second. Valid bitrates depend on the coding mode.", - "title": "Bitrate", - "type": "number" - }, - "BitstreamMode": { - "markdownDescription": "Specifies the bitstream mode (bsmod) for the emitted E-AC-3 stream. For more information, see ATSC A/52-2012 (Annex E).", - "title": "BitstreamMode", - "type": "string" - }, - "CodingMode": { - "markdownDescription": "The Dolby Digital Plus coding mode. This mode determines the number of channels.", - "title": "CodingMode", + "Condition": { "type": "string" }, - "DcFilter": { - "markdownDescription": "When set to enabled, activates a DC highpass filter for all input channels.", - "title": "DcFilter", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Dialnorm": { - "markdownDescription": "Sets the dialnorm for the output. If blank and the input audio is Dolby Digital Plus, dialnorm will be passed through.", - "title": "Dialnorm", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "DrcLine": { - "markdownDescription": "Sets the Dolby dynamic range compression profile.", - "title": "DrcLine", - "type": "string" + "Metadata": { + "type": "object" }, - "DrcRf": { - "markdownDescription": "Sets the profile for heavy Dolby dynamic range compression, ensuring that the instantaneous signal peaks do not exceed specified levels.", - "title": "DrcRf", - "type": "string" - }, - "LfeControl": { - "markdownDescription": "When encoding 3/2 audio, setting to lfe enables the LFE channel.", - "title": "LfeControl", - "type": "string" - }, - "LfeFilter": { - "markdownDescription": "When set to enabled, applies a 120Hz lowpass filter to the LFE channel prior to encoding. Valid only with a codingMode32 coding mode.", - "title": "LfeFilter", - "type": "string" - }, - "LoRoCenterMixLevel": { - "markdownDescription": "The Left only/Right only center mix level. Used only for the 3/2 coding mode.", - "title": "LoRoCenterMixLevel", - "type": "number" - }, - "LoRoSurroundMixLevel": { - "markdownDescription": "The Left only/Right only surround mix level. Used only for a 3/2 coding mode.", - "title": "LoRoSurroundMixLevel", - "type": "number" - }, - "LtRtCenterMixLevel": { - "markdownDescription": "The Left total/Right total center mix level. Used only for a 3/2 coding mode.", - "title": "LtRtCenterMixLevel", - "type": "number" - }, - "LtRtSurroundMixLevel": { - "markdownDescription": "The Left total/Right total surround mix level. Used only for the 3/2 coding mode.", - "title": "LtRtSurroundMixLevel", - "type": "number" - }, - "MetadataControl": { - "markdownDescription": "When set to followInput, encoder metadata is sourced from the DD, DD+, or DolbyE decoder that supplies this audio data. If the audio is not supplied from one of these streams, then the static metadata settings are used.", - "title": "MetadataControl", - "type": "string" - }, - "PassthroughControl": { - "markdownDescription": "When set to whenPossible, input DD+ audio will be passed through if it is present on the input. This detection is dynamic over the life of the transcode. Inputs that alternate between DD+ and non-DD+ content will have a consistent DD+ output as the system alternates between passthrough and encoding.", - "title": "PassthroughControl", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description for the FAQ.", + "title": "Description", + "type": "string" + }, + "FileFormat": { + "markdownDescription": "The format of the input file. You can choose between a basic CSV format, a CSV format that includes customs attributes in a header, and a JSON format that includes custom attributes.\n\nThe format must match the format of the file stored in the S3 bucket identified in the S3Path parameter.\n\nValid values are:\n\n- `CSV`\n- `CSV_WITH_HEADER`\n- `JSON`", + "title": "FileFormat", + "type": "string" + }, + "IndexId": { + "markdownDescription": "The identifier of the index that contains the FAQ.", + "title": "IndexId", + "type": "string" + }, + "LanguageCode": { + "markdownDescription": "The code for a language. This shows a supported language for the FAQ document as part of the summary information for FAQs. English is supported by default. For more information on supported languages, including their codes, see [Adding documents in languages other than English](https://docs.aws.amazon.com/kendra/latest/dg/in-adding-languages.html) .", + "title": "LanguageCode", + "type": "string" + }, + "Name": { + "markdownDescription": "The name that you assigned the FAQ when you created or updated the FAQ.", + "title": "Name", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of a role with permission to access the S3 bucket that contains the FAQ.", + "title": "RoleArn", + "type": "string" + }, + "S3Path": { + "$ref": "#/definitions/AWS::Kendra::Faq.S3Path", + "markdownDescription": "The Amazon Simple Storage Service (Amazon S3) location of the FAQ input data.", + "title": "S3Path" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "IndexId", + "Name", + "RoleArn", + "S3Path" + ], + "type": "object" }, - "PhaseControl": { - "markdownDescription": "When set to shift90Degrees, applies a 90-degree phase shift to the surround channels. Used only for a 3/2 coding mode.", - "title": "PhaseControl", + "Type": { + "enum": [ + "AWS::Kendra::Faq" + ], "type": "string" }, - "StereoDownmix": { - "markdownDescription": "A stereo downmix preference. Used only for the 3/2 coding mode.", - "title": "StereoDownmix", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "SurroundExMode": { - "markdownDescription": "When encoding 3/2 audio, sets whether an extra center back surround channel is matrix encoded into the left and right surround channels.", - "title": "SurroundExMode", + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Kendra::Faq.S3Path": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The name of the S3 bucket that contains the file.", + "title": "Bucket", "type": "string" }, - "SurroundMode": { - "markdownDescription": "When encoding 2/0 audio, sets whether Dolby Surround is matrix-encoded into the two channels.", - "title": "SurroundMode", + "Key": { + "markdownDescription": "The name of the file.", + "title": "Key", "type": "string" } }, + "required": [ + "Bucket", + "Key" + ], "type": "object" }, - "AWS::MediaLive::Channel.EbuTtDDestinationSettings": { + "AWS::Kendra::Index": { "additionalProperties": false, "properties": { - "CopyrightHolder": { - "markdownDescription": "Applies only if you plan to convert these source captions to EBU-TT-D or TTML in an output. Complete this field if you want to include the name of the copyright holder in the copyright metadata tag in the TTML", - "title": "CopyrightHolder", + "Condition": { "type": "string" }, - "FillLineGap": { - "markdownDescription": "Specifies how to handle the gap between the lines (in multi-line captions). - enabled: Fill with the captions background color (as specified in the input captions).\n- disabled: Leave the gap unfilled.", - "title": "FillLineGap", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "FontFamily": { - "markdownDescription": "Specifies the font family to include in the font data attached to the EBU-TT captions. Valid only if styleControl is set to include. If you leave this field empty, the font family is set to \"monospaced\". (If styleControl is set to exclude, the font family is always set to \"monospaced\".) You specify only the font family. All other style information (color, bold, position and so on) is copied from the input captions. The size is always set to 100% to allow the downstream player to choose the size. - Enter a list of font families, as a comma-separated list of font names, in order of preference. The name can be a font family (such as \u201cArial\u201d), or a generic font family (such as \u201cserif\u201d), or \u201cdefault\u201d (to let the downstream player choose the font).\n- Leave blank to set the family to \u201cmonospace\u201d.", - "title": "FontFamily", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CapacityUnits": { + "$ref": "#/definitions/AWS::Kendra::Index.CapacityUnitsConfiguration", + "markdownDescription": "Specifies additional capacity units configured for your Enterprise Edition index. You can add and remove capacity units to fit your usage requirements.", + "title": "CapacityUnits" + }, + "Description": { + "markdownDescription": "A description for the index.", + "title": "Description", + "type": "string" + }, + "DocumentMetadataConfigurations": { + "items": { + "$ref": "#/definitions/AWS::Kendra::Index.DocumentMetadataConfiguration" + }, + "markdownDescription": "Specifies the properties of an index field. You can add either a custom or a built-in field. You can add and remove built-in fields at any time. When a built-in field is removed it's configuration reverts to the default for the field. Custom fields can't be removed from an index after they are added.", + "title": "DocumentMetadataConfigurations", + "type": "array" + }, + "Edition": { + "markdownDescription": "Indicates whether the index is a Enterprise Edition index, a Developer Edition index, or a GenAI Enterprise Edition index.", + "title": "Edition", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the index.", + "title": "Name", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "An IAM role that gives Amazon Kendra permissions to access your Amazon CloudWatch logs and metrics. This is also the role used when you use the [BatchPutDocument](https://docs.aws.amazon.com/kendra/latest/dg/BatchPutDocument.html) operation to index documents from an Amazon S3 bucket.", + "title": "RoleArn", + "type": "string" + }, + "ServerSideEncryptionConfiguration": { + "$ref": "#/definitions/AWS::Kendra::Index.ServerSideEncryptionConfiguration", + "markdownDescription": "The identifier of the AWS KMS customer managed key (CMK) to use to encrypt data indexed by Amazon Kendra. Amazon Kendra doesn't support asymmetric CMKs.", + "title": "ServerSideEncryptionConfiguration" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + }, + "UserContextPolicy": { + "markdownDescription": "The user context policy.\n\nATTRIBUTE_FILTER\n\n- All indexed content is searchable and displayable for all users. If you want to filter search results on user context, you can use the attribute filters of `_user_id` and `_group_ids` or you can provide user and group information in `UserContext` .\n\nUSER_TOKEN\n\n- Enables token-based user access control to filter search results on user context. All documents with no access control and all documents accessible to the user will be searchable and displayable.", + "title": "UserContextPolicy", + "type": "string" + }, + "UserTokenConfigurations": { + "items": { + "$ref": "#/definitions/AWS::Kendra::Index.UserTokenConfiguration" + }, + "markdownDescription": "Defines the type of user token used for the index.", + "title": "UserTokenConfigurations", + "type": "array" + } + }, + "required": [ + "Edition", + "Name", + "RoleArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Kendra::Index" + ], "type": "string" }, - "StyleControl": { - "markdownDescription": "Specifies the style information (font color, font position, and so on) to include in the font data that is attached to the EBU-TT captions. - include: Take the style information (font color, font position, and so on) from the source captions and include that information in the font data attached to the EBU-TT captions. This option is valid only if the source captions are Embedded or Teletext.\n- exclude: In the font data attached to the EBU-TT captions, set the font family to \"monospaced\". Do not include any other style information.", - "title": "StyleControl", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::MediaLive::Channel.EmbeddedDestinationSettings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.EmbeddedPlusScte20DestinationSettings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.EmbeddedSourceSettings": { + "AWS::Kendra::Index.CapacityUnitsConfiguration": { "additionalProperties": false, "properties": { - "Convert608To708": { - "markdownDescription": "If this is upconvert, 608 data is both passed through the \"608 compatibility bytes\" fields of the 708 wrapper as well as translated into 708. If 708 data is present in the source content, it is discarded.", - "title": "Convert608To708", - "type": "string" - }, - "Scte20Detection": { - "markdownDescription": "Set to \"auto\" to handle streams with intermittent or non-aligned SCTE-20 and embedded captions.", - "title": "Scte20Detection", - "type": "string" - }, - "Source608ChannelNumber": { - "markdownDescription": "Specifies the 608/708 channel number within the video track from which to extract captions. This is unused for passthrough.", - "title": "Source608ChannelNumber", + "QueryCapacityUnits": { + "markdownDescription": "The amount of extra query capacity for an index and [GetQuerySuggestions](https://docs.aws.amazon.com/kendra/latest/dg/API_GetQuerySuggestions.html) capacity.\n\nA single extra capacity unit for an index provides 0.1 queries per second or approximately 8,000 queries per day. You can add up to 100 extra capacity units.\n\n`GetQuerySuggestions` capacity is five times the provisioned query capacity for an index, or the base capacity of 2.5 calls per second, whichever is higher. For example, the base capacity for an index is 0.1 queries per second, and `GetQuerySuggestions` capacity has a base of 2.5 calls per second. If you add another 0.1 queries per second to total 0.2 queries per second for an index, the `GetQuerySuggestions` capacity is 2.5 calls per second (higher than five times 0.2 queries per second).", + "title": "QueryCapacityUnits", "type": "number" }, - "Source608TrackNumber": { - "markdownDescription": "This field is unused and deprecated.", - "title": "Source608TrackNumber", + "StorageCapacityUnits": { + "markdownDescription": "The amount of extra storage capacity for an index. A single capacity unit provides 30 GB of storage space or 100,000 documents, whichever is reached first. You can add up to 100 extra capacity units.", + "title": "StorageCapacityUnits", "type": "number" } }, + "required": [ + "QueryCapacityUnits", + "StorageCapacityUnits" + ], "type": "object" }, - "AWS::MediaLive::Channel.EncoderSettings": { + "AWS::Kendra::Index.DocumentMetadataConfiguration": { "additionalProperties": false, "properties": { - "AudioDescriptions": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioDescription" - }, - "markdownDescription": "The encoding information for output audio.", - "title": "AudioDescriptions", - "type": "array" - }, - "AvailBlanking": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AvailBlanking", - "markdownDescription": "The settings for ad avail blanking.", - "title": "AvailBlanking" - }, - "AvailConfiguration": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AvailConfiguration", - "markdownDescription": "The configuration settings for the ad avail handling.", - "title": "AvailConfiguration" - }, - "BlackoutSlate": { - "$ref": "#/definitions/AWS::MediaLive::Channel.BlackoutSlate", - "markdownDescription": "The settings for the blackout slate.", - "title": "BlackoutSlate" - }, - "CaptionDescriptions": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionDescription" - }, - "markdownDescription": "The encoding information for output captions.", - "title": "CaptionDescriptions", - "type": "array" - }, - "ColorCorrectionSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.ColorCorrectionSettings", - "markdownDescription": "", - "title": "ColorCorrectionSettings" - }, - "FeatureActivations": { - "$ref": "#/definitions/AWS::MediaLive::Channel.FeatureActivations", - "markdownDescription": "Settings to enable specific features.", - "title": "FeatureActivations" - }, - "GlobalConfiguration": { - "$ref": "#/definitions/AWS::MediaLive::Channel.GlobalConfiguration", - "markdownDescription": "The configuration settings that apply to the entire channel.", - "title": "GlobalConfiguration" - }, - "MotionGraphicsConfiguration": { - "$ref": "#/definitions/AWS::MediaLive::Channel.MotionGraphicsConfiguration", - "markdownDescription": "Settings to enable and configure the motion graphics overlay feature in the channel.", - "title": "MotionGraphicsConfiguration" - }, - "NielsenConfiguration": { - "$ref": "#/definitions/AWS::MediaLive::Channel.NielsenConfiguration", - "markdownDescription": "The settings to configure Nielsen watermarks.", - "title": "NielsenConfiguration" - }, - "OutputGroups": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputGroup" - }, - "markdownDescription": "The settings for the output groups in the channel.", - "title": "OutputGroups", - "type": "array" + "Name": { + "markdownDescription": "The name of the index field.", + "title": "Name", + "type": "string" }, - "ThumbnailConfiguration": { - "$ref": "#/definitions/AWS::MediaLive::Channel.ThumbnailConfiguration", - "markdownDescription": "", - "title": "ThumbnailConfiguration" + "Relevance": { + "$ref": "#/definitions/AWS::Kendra::Index.Relevance", + "markdownDescription": "Provides tuning parameters to determine how the field affects the search results.", + "title": "Relevance" }, - "TimecodeConfig": { - "$ref": "#/definitions/AWS::MediaLive::Channel.TimecodeConfig", - "markdownDescription": "Contains settings used to acquire and adjust timecode information from the inputs.", - "title": "TimecodeConfig" + "Search": { + "$ref": "#/definitions/AWS::Kendra::Index.Search", + "markdownDescription": "Provides information about how the field is used during a search.", + "title": "Search" }, - "VideoDescriptions": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.VideoDescription" - }, - "markdownDescription": "The encoding information for output videos.", - "title": "VideoDescriptions", - "type": "array" + "Type": { + "markdownDescription": "The data type of the index field.", + "title": "Type", + "type": "string" } }, + "required": [ + "Name", + "Type" + ], "type": "object" }, - "AWS::MediaLive::Channel.EpochLockingSettings": { + "AWS::Kendra::Index.JsonTokenTypeConfiguration": { "additionalProperties": false, "properties": { - "CustomEpoch": { - "markdownDescription": "", - "title": "CustomEpoch", + "GroupAttributeField": { + "markdownDescription": "The group attribute field.", + "title": "GroupAttributeField", "type": "string" }, - "JamSyncTime": { - "markdownDescription": "", - "title": "JamSyncTime", + "UserNameAttributeField": { + "markdownDescription": "The user name attribute field.", + "title": "UserNameAttributeField", "type": "string" } }, + "required": [ + "GroupAttributeField", + "UserNameAttributeField" + ], "type": "object" }, - "AWS::MediaLive::Channel.Esam": { + "AWS::Kendra::Index.JwtTokenTypeConfiguration": { "additionalProperties": false, "properties": { - "AcquisitionPointId": { - "markdownDescription": "", - "title": "AcquisitionPointId", + "ClaimRegex": { + "markdownDescription": "The regular expression that identifies the claim.", + "title": "ClaimRegex", "type": "string" }, - "AdAvailOffset": { - "markdownDescription": "", - "title": "AdAvailOffset", - "type": "number" - }, - "PasswordParam": { - "markdownDescription": "", - "title": "PasswordParam", + "GroupAttributeField": { + "markdownDescription": "The group attribute field.", + "title": "GroupAttributeField", "type": "string" }, - "PoisEndpoint": { - "markdownDescription": "", - "title": "PoisEndpoint", + "Issuer": { + "markdownDescription": "The issuer of the token.", + "title": "Issuer", "type": "string" }, - "Username": { - "markdownDescription": "", - "title": "Username", + "KeyLocation": { + "markdownDescription": "The location of the key.", + "title": "KeyLocation", "type": "string" }, - "ZoneIdentity": { - "markdownDescription": "", - "title": "ZoneIdentity", + "SecretManagerArn": { + "markdownDescription": "The Amazon Resource Name (arn) of the secret.", + "title": "SecretManagerArn", "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.FailoverCondition": { - "additionalProperties": false, - "properties": { - "FailoverConditionSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.FailoverConditionSettings", - "markdownDescription": "Settings for a specific failover condition.", - "title": "FailoverConditionSettings" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.FailoverConditionSettings": { - "additionalProperties": false, - "properties": { - "AudioSilenceSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioSilenceFailoverSettings", - "markdownDescription": "MediaLive will perform a failover if the specified audio selector is silent for the specified period.", - "title": "AudioSilenceSettings" }, - "InputLossSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputLossFailoverSettings", - "markdownDescription": "MediaLive will perform a failover if content is not detected in this input for the specified period.", - "title": "InputLossSettings" + "URL": { + "markdownDescription": "The signing key URL.", + "title": "URL", + "type": "string" }, - "VideoBlackSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.VideoBlackFailoverSettings", - "markdownDescription": "MediaLive will perform a failover if content is considered black for the specified period.", - "title": "VideoBlackSettings" + "UserNameAttributeField": { + "markdownDescription": "The user name attribute field.", + "title": "UserNameAttributeField", + "type": "string" } }, + "required": [ + "KeyLocation" + ], "type": "object" }, - "AWS::MediaLive::Channel.FeatureActivations": { + "AWS::Kendra::Index.Relevance": { "additionalProperties": false, "properties": { - "InputPrepareScheduleActions": { - "markdownDescription": "Enables the Input Prepare feature. You can create Input Prepare actions in the schedule only if this feature is enabled.\nIf you disable the feature on an existing schedule, make sure that you first delete all input prepare actions from the schedule.", - "title": "InputPrepareScheduleActions", + "Duration": { + "markdownDescription": "Specifies the time period that the boost applies to. For example, to make the boost apply to documents with the field value within the last month, you would use \"2628000s\". Once the field value is beyond the specified range, the effect of the boost drops off. The higher the importance, the faster the effect drops off. If you don't specify a value, the default is 3 months. The value of the field is a numeric string followed by the character \"s\", for example \"86400s\" for one day, or \"604800s\" for one week.\n\nOnly applies to `DATE` fields.", + "title": "Duration", "type": "string" }, - "OutputStaticImageOverlayScheduleActions": { - "markdownDescription": "", - "title": "OutputStaticImageOverlayScheduleActions", + "Freshness": { + "markdownDescription": "Indicates that this field determines how \"fresh\" a document is. For example, if document 1 was created on November 5, and document 2 was created on October 31, document 1 is \"fresher\" than document 2. Only applies to `DATE` fields.", + "title": "Freshness", + "type": "boolean" + }, + "Importance": { + "markdownDescription": "The relative importance of the field in the search. Larger numbers provide more of a boost than smaller numbers.", + "title": "Importance", + "type": "number" + }, + "RankOrder": { + "markdownDescription": "Determines how values should be interpreted.\n\nWhen the `RankOrder` field is `ASCENDING` , higher numbers are better. For example, a document with a rating score of 10 is higher ranking than a document with a rating score of 1.\n\nWhen the `RankOrder` field is `DESCENDING` , lower numbers are better. For example, in a task tracking application, a priority 1 task is more important than a priority 5 task.\n\nOnly applies to `LONG` fields.", + "title": "RankOrder", "type": "string" + }, + "ValueImportanceItems": { + "items": { + "$ref": "#/definitions/AWS::Kendra::Index.ValueImportanceItem" + }, + "markdownDescription": "An array of key-value pairs for different boosts when they appear in the search result list. For example, if you want to boost query terms that match the \"department\" field in the result, query terms that match this field are boosted in the result. You can add entries from the department field to boost documents with those values higher.\n\nFor example, you can add entries to the map with names of departments. If you add \"HR\", 5 and \"Legal\",3 those departments are given special attention when they appear in the metadata of a document.", + "title": "ValueImportanceItems", + "type": "array" } }, "type": "object" }, - "AWS::MediaLive::Channel.FecOutputSettings": { + "AWS::Kendra::Index.Search": { "additionalProperties": false, "properties": { - "ColumnDepth": { - "markdownDescription": "The parameter D from SMPTE 2022-1. The height of the FEC protection matrix. The number of transport stream packets per column error correction packet. The number must be between 4 and 20, inclusive.", - "title": "ColumnDepth", - "type": "number" + "Displayable": { + "markdownDescription": "Determines whether the field is returned in the query response. The default is `true` .", + "title": "Displayable", + "type": "boolean" }, - "IncludeFec": { - "markdownDescription": "Enables column only or column and row-based FEC.", - "title": "IncludeFec", - "type": "string" + "Facetable": { + "markdownDescription": "Indicates that the field can be used to create search facets, a count of results for each value in the field. The default is `false` .", + "title": "Facetable", + "type": "boolean" }, - "RowLength": { - "markdownDescription": "The parameter L from SMPTE 2022-1. The width of the FEC protection matrix. Must be between 1 and 20, inclusive. If only Column FEC is used, then larger values increase robustness. If Row FEC is used, then this is the number of transport stream packets per row error correction packet, and the value must be between 4 and 20, inclusive, if includeFec is columnAndRow. If includeFec is column, this value must be 1 to 20, inclusive.", - "title": "RowLength", - "type": "number" + "Searchable": { + "markdownDescription": "Determines whether the field is used in the search. If the `Searchable` field is `true` , you can use relevance tuning to manually tune how Amazon Kendra weights the field in the search. The default is `true` for string fields and `false` for number and date fields.", + "title": "Searchable", + "type": "boolean" + }, + "Sortable": { + "markdownDescription": "Determines whether the field can be used to sort the results of a query. The default is `false` .", + "title": "Sortable", + "type": "boolean" } }, "type": "object" }, - "AWS::MediaLive::Channel.Fmp4HlsSettings": { + "AWS::Kendra::Index.ServerSideEncryptionConfiguration": { "additionalProperties": false, "properties": { - "AudioRenditionSets": { - "markdownDescription": "List all the audio groups that are used with the video output stream. Input all the audio GROUP-IDs that are associated to the video, separate by ','.", - "title": "AudioRenditionSets", - "type": "string" - }, - "NielsenId3Behavior": { - "markdownDescription": "If set to passthrough, Nielsen inaudible tones for media tracking will be detected in the input audio and an equivalent ID3 tag will be inserted in the output.", - "title": "NielsenId3Behavior", - "type": "string" - }, - "TimedMetadataBehavior": { - "markdownDescription": "When set to passthrough, timed metadata is passed through from input to output.", - "title": "TimedMetadataBehavior", + "KmsKeyId": { + "markdownDescription": "The identifier of the AWS KMS key . Amazon Kendra doesn't support asymmetric keys.", + "title": "KmsKeyId", "type": "string" } }, "type": "object" }, - "AWS::MediaLive::Channel.FrameCaptureCdnSettings": { + "AWS::Kendra::Index.UserTokenConfiguration": { "additionalProperties": false, "properties": { - "FrameCaptureS3Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.FrameCaptureS3Settings", - "markdownDescription": "Sets up Amazon S3 as the destination for this Frame Capture output.", - "title": "FrameCaptureS3Settings" + "JsonTokenTypeConfiguration": { + "$ref": "#/definitions/AWS::Kendra::Index.JsonTokenTypeConfiguration", + "markdownDescription": "Information about the JSON token type configuration.", + "title": "JsonTokenTypeConfiguration" + }, + "JwtTokenTypeConfiguration": { + "$ref": "#/definitions/AWS::Kendra::Index.JwtTokenTypeConfiguration", + "markdownDescription": "Information about the JWT token type configuration.", + "title": "JwtTokenTypeConfiguration" } }, "type": "object" }, - "AWS::MediaLive::Channel.FrameCaptureGroupSettings": { + "AWS::Kendra::Index.ValueImportanceItem": { "additionalProperties": false, "properties": { - "Destination": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", - "markdownDescription": "The destination for the frame capture files. The destination is either the URI for an Amazon S3 bucket and object, plus a file name prefix (for example, s3ssl://sportsDelivery/highlights/20180820/curling_) or the URI for a MediaStore container, plus a file name prefix (for example, mediastoressl://sportsDelivery/20180820/curling_). The final file names consist of the prefix from the destination field (for example, \"curling_\") + name modifier + the counter (5 digits, starting from 00001) + extension (which is always .jpg). For example, curlingLow.00001.jpg.", - "title": "Destination" + "Key": { + "markdownDescription": "The document metadata value used for the search boost.", + "title": "Key", + "type": "string" }, - "FrameCaptureCdnSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.FrameCaptureCdnSettings", - "markdownDescription": "Settings to configure the destination of a Frame Capture output.", - "title": "FrameCaptureCdnSettings" + "Value": { + "markdownDescription": "The boost value for a document when the key is part of the metadata of a document.", + "title": "Value", + "type": "number" } }, "type": "object" }, - "AWS::MediaLive::Channel.FrameCaptureHlsSettings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.FrameCaptureOutputSettings": { + "AWS::KendraRanking::ExecutionPlan": { "additionalProperties": false, "properties": { - "NameModifier": { - "markdownDescription": "Required if the output group contains more than one output. This modifier forms part of the output file name.", - "title": "NameModifier", + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CapacityUnits": { + "$ref": "#/definitions/AWS::KendraRanking::ExecutionPlan.CapacityUnitsConfiguration", + "markdownDescription": "You can set additional capacity units to meet the needs of your rescore execution plan. You are given a single capacity unit by default. If you want to use the default capacity, you don't set additional capacity units. For more information on the default capacity and additional capacity units, see [Adjusting capacity](https://docs.aws.amazon.com/kendra/latest/dg/adjusting-capacity.html) .", + "title": "CapacityUnits" + }, + "Description": { + "markdownDescription": "A description for the rescore execution plan.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "A name for the rescore execution plan.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs that identify or categorize your rescore execution plan. You can also use tags to help control access to the rescore execution plan. Tag keys and values can consist of Unicode letters, digits, white space. They can also consist of underscore, period, colon, equal, plus, and asperand.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::KendraRanking::ExecutionPlan" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::MediaLive::Channel.FrameCaptureS3Settings": { + "AWS::KendraRanking::ExecutionPlan.CapacityUnitsConfiguration": { "additionalProperties": false, "properties": { - "CannedAcl": { - "markdownDescription": "Specify the canned ACL to apply to each S3 request. Defaults to none.", - "title": "CannedAcl", - "type": "string" + "RescoreCapacityUnits": { + "markdownDescription": "The amount of extra capacity for your rescore execution plan.\n\nA single extra capacity unit for a rescore execution plan provides 0.01 rescore requests per second. You can add up to 1000 extra capacity units.", + "title": "RescoreCapacityUnits", + "type": "number" } }, + "required": [ + "RescoreCapacityUnits" + ], "type": "object" }, - "AWS::MediaLive::Channel.FrameCaptureSettings": { + "AWS::Kinesis::ResourcePolicy": { "additionalProperties": false, "properties": { - "CaptureInterval": { - "markdownDescription": "The frequency, in seconds, for capturing frames for inclusion in the output. For example, \"10\" means capture a frame every 10 seconds.", - "title": "CaptureInterval", - "type": "number" + "Condition": { + "type": "string" }, - "CaptureIntervalUnits": { - "markdownDescription": "Unit for the frame capture interval.", - "title": "CaptureIntervalUnits", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "TimecodeBurninSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.TimecodeBurninSettings", - "markdownDescription": "", - "title": "TimecodeBurninSettings" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ResourceArn": { + "markdownDescription": "This is the name for the resource policy.", + "title": "ResourceArn", + "type": "string" + }, + "ResourcePolicy": { + "markdownDescription": "This is the description for the resource policy.", + "title": "ResourcePolicy", + "type": "object" + } + }, + "required": [ + "ResourceArn", + "ResourcePolicy" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Kinesis::ResourcePolicy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::MediaLive::Channel.GlobalConfiguration": { + "AWS::Kinesis::Stream": { "additionalProperties": false, "properties": { - "InitialAudioGain": { - "markdownDescription": "The value to set the initial audio gain for the channel.", - "title": "InitialAudioGain", - "type": "number" + "Condition": { + "type": "string" }, - "InputEndAction": { - "markdownDescription": "Indicates the action to take when the current input completes (for example, end-of-file). When switchAndLoopInputs is configured, MediaLive restarts at the beginning of the first input. When \"none\" is configured, MediaLive transcodes either black, a solid color, or a user-specified slate images per the \"Input Loss Behavior\" configuration until the next input switch occurs (which is controlled through the Channel Schedule API).", - "title": "InputEndAction", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "InputLossBehavior": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputLossBehavior", - "markdownDescription": "The settings for system actions when the input is lost.", - "title": "InputLossBehavior" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "OutputLockingMode": { - "markdownDescription": "Indicates how MediaLive pipelines are synchronized. PIPELINELOCKING - MediaLive attempts to synchronize the output of each pipeline to the other. EPOCHLOCKING - MediaLive attempts to synchronize the output of each pipeline to the Unix epoch.", - "title": "OutputLockingMode", - "type": "string" + "Metadata": { + "type": "object" }, - "OutputLockingSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLockingSettings", - "markdownDescription": "", - "title": "OutputLockingSettings" + "Properties": { + "additionalProperties": false, + "properties": { + "DesiredShardLevelMetrics": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of shard-level metrics in properties to enable enhanced monitoring mode.", + "title": "DesiredShardLevelMetrics", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the Kinesis stream. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the stream name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nIf you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "Name", + "type": "string" + }, + "RetentionPeriodHours": { + "markdownDescription": "The number of hours for the data records that are stored in shards to remain accessible. The default value is 24. For more information about the stream retention period, see [Changing the Data Retention Period](https://docs.aws.amazon.com/streams/latest/dev/kinesis-extended-retention.html) in the Amazon Kinesis Developer Guide.", + "title": "RetentionPeriodHours", + "type": "number" + }, + "ShardCount": { + "markdownDescription": "The number of shards that the stream uses. For greater provisioned throughput, increase the number of shards.", + "title": "ShardCount", + "type": "number" + }, + "StreamEncryption": { + "$ref": "#/definitions/AWS::Kinesis::Stream.StreamEncryption", + "markdownDescription": "When specified, enables or updates server-side encryption using an AWS KMS key for a specified stream. Removing this property from your stack template and updating your stack disables encryption.", + "title": "StreamEncryption" + }, + "StreamModeDetails": { + "$ref": "#/definitions/AWS::Kinesis::Stream.StreamModeDetails", + "markdownDescription": "Specifies the capacity mode to which you want to set your data stream. Currently, in Kinesis Data Streams, you can choose between an *on-demand* capacity mode and a *provisioned* capacity mode for your data streams.", + "title": "StreamModeDetails" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An arbitrary set of tags (key\u2013value pairs) to associate with the Kinesis stream. For information about constraints for this property, see [Tag Restrictions](https://docs.aws.amazon.com/streams/latest/dev/tagging.html#tagging-restrictions) in the *Amazon Kinesis Developer Guide* .", + "title": "Tags", + "type": "array" + } + }, + "type": "object" }, - "OutputTimingSource": { - "markdownDescription": "Indicates whether the rate of frames emitted by the Live encoder should be paced by its system clock (which optionally might be locked to another source through NTP) or should be locked to the clock of the source that is providing the input stream.", - "title": "OutputTimingSource", + "Type": { + "enum": [ + "AWS::Kinesis::Stream" + ], "type": "string" }, - "SupportLowFramerateInputs": { - "markdownDescription": "Adjusts the video input buffer for streams with very low video frame rates. This is commonly set to enabled for music channels with less than one video frame per second.", - "title": "SupportLowFramerateInputs", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::MediaLive::Channel.H264ColorSpaceSettings": { + "AWS::Kinesis::Stream.StreamEncryption": { "additionalProperties": false, "properties": { - "ColorSpacePassthroughSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.ColorSpacePassthroughSettings", - "markdownDescription": "Passthrough applies no color space conversion to the output.", - "title": "ColorSpacePassthroughSettings" - }, - "Rec601Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Rec601Settings", - "markdownDescription": "Settings to configure the handling of Rec601 color space.", - "title": "Rec601Settings" + "EncryptionType": { + "markdownDescription": "The encryption type to use. The only valid value is `KMS` .", + "title": "EncryptionType", + "type": "string" }, - "Rec709Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Rec709Settings", - "markdownDescription": "Settings to configure the handling of Rec709 color space.", - "title": "Rec709Settings" + "KeyId": { + "markdownDescription": "The GUID for the customer-managed AWS KMS key to use for encryption. This value can be a globally unique identifier, a fully specified Amazon Resource Name (ARN) to either an alias or a key, or an alias name prefixed by \"alias/\".You can also use a master key owned by Kinesis Data Streams by specifying the alias `aws/kinesis` .\n\n- Key ARN example: `arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012`\n- Alias ARN example: `arn:aws:kms:us-east-1:123456789012:alias/MyAliasName`\n- Globally unique key ID example: `12345678-1234-1234-1234-123456789012`\n- Alias name example: `alias/MyAliasName`\n- Master key owned by Kinesis Data Streams: `alias/aws/kinesis`", + "title": "KeyId", + "type": "string" } }, + "required": [ + "EncryptionType", + "KeyId" + ], "type": "object" }, - "AWS::MediaLive::Channel.H264FilterSettings": { + "AWS::Kinesis::Stream.StreamModeDetails": { "additionalProperties": false, "properties": { - "TemporalFilterSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.TemporalFilterSettings", - "markdownDescription": "Settings for applying the temporal filter to the video.", - "title": "TemporalFilterSettings" + "StreamMode": { + "markdownDescription": "Specifies the capacity mode to which you want to set your data stream. Currently, in Kinesis Data Streams, you can choose between an *on-demand* capacity mode and a *provisioned* capacity mode for your data streams.", + "title": "StreamMode", + "type": "string" } }, + "required": [ + "StreamMode" + ], "type": "object" }, - "AWS::MediaLive::Channel.H264Settings": { + "AWS::Kinesis::StreamConsumer": { "additionalProperties": false, "properties": { - "AdaptiveQuantization": { - "markdownDescription": "The adaptive quantization. This allows intra-frame quantizers to vary to improve visual quality.", - "title": "AdaptiveQuantization", + "Condition": { "type": "string" }, - "AfdSignaling": { - "markdownDescription": "Indicates that AFD values will be written into the output stream. If afdSignaling is auto, the system tries to preserve the input AFD value (in cases where multiple AFD values are valid). If set to fixed, the AFD value is the value configured in the fixedAfd parameter.", - "title": "AfdSignaling", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Bitrate": { - "markdownDescription": "The average bitrate in bits/second. This is required when the rate control mode is VBR or CBR. It isn't used for QVBR. In a Microsoft Smooth output group, each output must have a unique value when its bitrate is rounded down to the nearest multiple of 1000.", - "title": "Bitrate", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "BufFillPct": { - "markdownDescription": "The percentage of the buffer that should initially be filled (HRD buffer model).", - "title": "BufFillPct", - "type": "number" + "Metadata": { + "type": "object" }, - "BufSize": { - "markdownDescription": "The size of the buffer (HRD buffer model) in bits/second.", - "title": "BufSize", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "ConsumerName": { + "markdownDescription": "The name of the consumer is something you choose when you register the consumer.", + "title": "ConsumerName", + "type": "string" + }, + "StreamARN": { + "markdownDescription": "The ARN of the stream with which you registered the consumer.", + "title": "StreamARN", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of tags to be added to a specified Kinesis resource. A tag consists of a required key and an optional value. You can specify up to 50 tag key-value pairs.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "ConsumerName", + "StreamARN" + ], + "type": "object" }, - "ColorMetadata": { - "markdownDescription": "Includes color space metadata in the output.", - "title": "ColorMetadata", + "Type": { + "enum": [ + "AWS::Kinesis::StreamConsumer" + ], "type": "string" }, - "ColorSpaceSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.H264ColorSpaceSettings", - "markdownDescription": "Settings to configure the color space handling for the video.", - "title": "ColorSpaceSettings" - }, - "EntropyEncoding": { - "markdownDescription": "The entropy encoding mode. Use cabac (must be in Main or High profile) or cavlc.", - "title": "EntropyEncoding", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "FilterSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.H264FilterSettings", - "markdownDescription": "Optional filters that you can apply to an encode.", - "title": "FilterSettings" - }, - "FixedAfd": { - "markdownDescription": "A four-bit AFD value to write on all frames of video in the output stream. Valid only when afdSignaling is set to Fixed.", - "title": "FixedAfd", - "type": "string" - }, - "FlickerAq": { - "markdownDescription": "If set to enabled, adjusts the quantization within each frame to reduce flicker or pop on I-frames.", - "title": "FlickerAq", - "type": "string" - }, - "ForceFieldPictures": { - "markdownDescription": "This setting applies only when scan type is \"interlaced.\" It controls whether coding is performed on a field basis or on a frame basis. (When the video is progressive, the coding is always performed on a frame basis.)\nenabled: Force MediaLive to code on a field basis, so that odd and even sets of fields are coded separately.\ndisabled: Code the two sets of fields separately (on a field basis) or together (on a frame basis using PAFF), depending on what is most appropriate for the content.", - "title": "ForceFieldPictures", - "type": "string" - }, - "FramerateControl": { - "markdownDescription": "Indicates how the output video frame rate is specified. If you select \"specified,\" the output video frame rate is determined by framerateNumerator and framerateDenominator. If you select \"initializeFromSource,\" the output video frame rate is set equal to the input video frame rate of the first input.", - "title": "FramerateControl", + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::KinesisAnalytics::Application": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "FramerateDenominator": { - "markdownDescription": "The frame rate denominator.", - "title": "FramerateDenominator", - "type": "number" - }, - "FramerateNumerator": { - "markdownDescription": "The frame rate numerator. The frame rate is a fraction, for example, 24000/1001 = 23.976 fps.", - "title": "FramerateNumerator", - "type": "number" - }, - "GopBReference": { - "markdownDescription": "If enabled, uses reference B frames for GOP structures that have B frames > 1.", - "title": "GopBReference", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "GopClosedCadence": { - "markdownDescription": "The frequency of closed GOPs. In streaming applications, we recommend that you set this to 1 so that a decoder joining mid-stream will receive an IDR frame as quickly as possible. Setting this value to 0 will break output segmenting.", - "title": "GopClosedCadence", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "GopNumBFrames": { - "markdownDescription": "The number of B-frames between reference frames.", - "title": "GopNumBFrames", - "type": "number" + "Metadata": { + "type": "object" }, - "GopSize": { - "markdownDescription": "The GOP size (keyframe interval) in units of either frames or seconds per gopSizeUnits. The value must be greater than zero.", - "title": "GopSize", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationCode": { + "markdownDescription": "One or more SQL statements that read input data, transform it, and generate output. For example, you can write a SQL statement that reads data from one in-application stream, generates a running average of the number of advertisement clicks by vendor, and insert resulting rows in another in-application stream using pumps. For more information about the typical pattern, see [Application Code](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/how-it-works-app-code.html) .\n\nYou can provide such series of SQL statements, where output of one statement can be used as the input for the next statement. You store intermediate results by creating in-application streams and pumps.\n\nNote that the application code must create the streams with names specified in the `Outputs` . For example, if your `Outputs` defines output streams named `ExampleOutputStream1` and `ExampleOutputStream2` , then your application code must create these streams.", + "title": "ApplicationCode", + "type": "string" + }, + "ApplicationDescription": { + "markdownDescription": "Summary description of the application.", + "title": "ApplicationDescription", + "type": "string" + }, + "ApplicationName": { + "markdownDescription": "Name of your Amazon Kinesis Analytics application (for example, `sample-app` ).", + "title": "ApplicationName", + "type": "string" + }, + "Inputs": { + "items": { + "$ref": "#/definitions/AWS::KinesisAnalytics::Application.Input" + }, + "markdownDescription": "Use this parameter to configure the application input.\n\nYou can configure your application to receive input from a single streaming source. In this configuration, you map this streaming source to an in-application stream that is created. Your application code can then query the in-application stream like a table (you can think of it as a constantly updating table).\n\nFor the streaming source, you provide its Amazon Resource Name (ARN) and format of data on the stream (for example, JSON, CSV, etc.). You also must provide an IAM role that Amazon Kinesis Analytics can assume to read this stream on your behalf.\n\nTo create the in-application stream, you need to specify a schema to transform your data into a schematized version used in SQL. In the schema, you provide the necessary mapping of the data elements in the streaming source to record columns in the in-app stream.", + "title": "Inputs", + "type": "array" + } + }, + "required": [ + "Inputs" + ], + "type": "object" }, - "GopSizeUnits": { - "markdownDescription": "Indicates if the gopSize is specified in frames or seconds. If seconds, the system converts the gopSize into a frame count at runtime.", - "title": "GopSizeUnits", + "Type": { + "enum": [ + "AWS::KinesisAnalytics::Application" + ], "type": "string" }, - "Level": { - "markdownDescription": "The H.264 level.", - "title": "Level", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "LookAheadRateControl": { - "markdownDescription": "The amount of lookahead. A value of low can decrease latency and memory usage, while high can produce better quality for certain content.", - "title": "LookAheadRateControl", + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::KinesisAnalytics::Application.CSVMappingParameters": { + "additionalProperties": false, + "properties": { + "RecordColumnDelimiter": { + "markdownDescription": "Column delimiter. For example, in a CSV format, a comma (\",\") is the typical column delimiter.", + "title": "RecordColumnDelimiter", "type": "string" }, - "MaxBitrate": { - "markdownDescription": "For QVBR: See the tooltip for Quality level. For VBR: Set the maximum bitrate in order to accommodate expected spikes in the complexity of the video.", - "title": "MaxBitrate", - "type": "number" - }, - "MinIInterval": { - "markdownDescription": "Meaningful only if sceneChangeDetect is set to enabled. This setting enforces separation between repeated (cadence) I-frames and I-frames inserted by Scene Change Detection. If a scene change I-frame is within I-interval frames of a cadence I-frame, the GOP is shrunk or stretched to the scene change I-frame. GOP stretch requires enabling lookahead as well as setting the I-interval. The normal cadence resumes for the next GOP. Note that the maximum GOP stretch = GOP size + Min-I-interval - 1.", - "title": "MinIInterval", - "type": "number" - }, - "NumRefFrames": { - "markdownDescription": "The number of reference frames to use. The encoder might use more than requested if you use B-frames or interlaced encoding.", - "title": "NumRefFrames", - "type": "number" - }, - "ParControl": { - "markdownDescription": "Indicates how the output pixel aspect ratio is specified. If \"specified\" is selected, the output video pixel aspect ratio is determined by parNumerator and parDenominator. If \"initializeFromSource\" is selected, the output pixels aspect ratio will be set equal to the input video pixel aspect ratio of the first input.", - "title": "ParControl", + "RecordRowDelimiter": { + "markdownDescription": "Row delimiter. For example, in a CSV format, *'\\n'* is the typical row delimiter.", + "title": "RecordRowDelimiter", "type": "string" + } + }, + "required": [ + "RecordColumnDelimiter", + "RecordRowDelimiter" + ], + "type": "object" + }, + "AWS::KinesisAnalytics::Application.Input": { + "additionalProperties": false, + "properties": { + "InputParallelism": { + "$ref": "#/definitions/AWS::KinesisAnalytics::Application.InputParallelism", + "markdownDescription": "Describes the number of in-application streams to create.\n\nData from your source is routed to these in-application input streams.\n\nSee [Configuring Application Input](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/how-it-works-input.html) .", + "title": "InputParallelism" }, - "ParDenominator": { - "markdownDescription": "The Pixel Aspect Ratio denominator.", - "title": "ParDenominator", - "type": "number" - }, - "ParNumerator": { - "markdownDescription": "The Pixel Aspect Ratio numerator.", - "title": "ParNumerator", - "type": "number" + "InputProcessingConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalytics::Application.InputProcessingConfiguration", + "markdownDescription": "The [InputProcessingConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisanalytics-application-inputprocessingconfiguration.html) for the input. An input processor transforms records as they are received from the stream, before the application's SQL code executes. Currently, the only input processing configuration available is [InputLambdaProcessor](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisanalytics-application-inputlambdaprocessor.html) .", + "title": "InputProcessingConfiguration" }, - "Profile": { - "markdownDescription": "An H.264 profile.", - "title": "Profile", - "type": "string" + "InputSchema": { + "$ref": "#/definitions/AWS::KinesisAnalytics::Application.InputSchema", + "markdownDescription": "Describes the format of the data in the streaming source, and how each data element maps to corresponding columns in the in-application stream that is being created.\n\nAlso used to describe the format of the reference data source.", + "title": "InputSchema" }, - "QualityLevel": { - "markdownDescription": "Leave as STANDARD_QUALITY or choose a different value (which might result in additional costs to run the channel).\n- ENHANCED_QUALITY: Produces a slightly better video quality without an increase in the bitrate. Has an effect only when the Rate control mode is QVBR or CBR. If this channel is in a MediaLive multiplex, the value must be ENHANCED_QUALITY.\n- STANDARD_QUALITY: Valid for any Rate control mode.", - "title": "QualityLevel", - "type": "string" + "KinesisFirehoseInput": { + "$ref": "#/definitions/AWS::KinesisAnalytics::Application.KinesisFirehoseInput", + "markdownDescription": "If the streaming source is an Amazon Kinesis Firehose delivery stream, identifies the delivery stream's ARN and an IAM role that enables Amazon Kinesis Analytics to access the stream on your behalf.\n\nNote: Either `KinesisStreamsInput` or `KinesisFirehoseInput` is required.", + "title": "KinesisFirehoseInput" }, - "QvbrQualityLevel": { - "markdownDescription": "Controls the target quality for the video encode. This applies only when the rate control mode is QVBR. Set values for the QVBR quality level field and Max bitrate field that suit your most important viewing devices. Recommended values are: - Primary screen: Quality level: 8 to 10. Max bitrate: 4M - PC or tablet: Quality level: 7. Max bitrate: 1.5M to 3M - Smartphone: Quality level: 6. Max bitrate: 1M to 1.5M.", - "title": "QvbrQualityLevel", - "type": "number" + "KinesisStreamsInput": { + "$ref": "#/definitions/AWS::KinesisAnalytics::Application.KinesisStreamsInput", + "markdownDescription": "If the streaming source is an Amazon Kinesis stream, identifies the stream's Amazon Resource Name (ARN) and an IAM role that enables Amazon Kinesis Analytics to access the stream on your behalf.\n\nNote: Either `KinesisStreamsInput` or `KinesisFirehoseInput` is required.", + "title": "KinesisStreamsInput" }, - "RateControlMode": { - "markdownDescription": "The rate control mode. QVBR: The quality will match the specified quality level except when it is constrained by the maximum bitrate. We recommend this if you or your viewers pay for bandwidth. VBR: The quality and bitrate vary, depending on the video complexity. We recommend this instead of QVBR if you want to maintain a specific average bitrate over the duration of the channel. CBR: The quality varies, depending on the video complexity. We recommend this only if you distribute your assets to devices that can't handle variable bitrates.", - "title": "RateControlMode", + "NamePrefix": { + "markdownDescription": "Name prefix to use when creating an in-application stream. Suppose that you specify a prefix \"MyInApplicationStream.\" Amazon Kinesis Analytics then creates one or more (as per the `InputParallelism` count you specified) in-application streams with names \"MyInApplicationStream_001,\" \"MyInApplicationStream_002,\" and so on.", + "title": "NamePrefix", "type": "string" - }, - "ScanType": { - "markdownDescription": "Sets the scan type of the output to progressive or top-field-first interlaced.", - "title": "ScanType", + } + }, + "required": [ + "InputSchema", + "NamePrefix" + ], + "type": "object" + }, + "AWS::KinesisAnalytics::Application.InputLambdaProcessor": { + "additionalProperties": false, + "properties": { + "ResourceARN": { + "markdownDescription": "The ARN of the [AWS Lambda](https://docs.aws.amazon.com/lambda/) function that operates on records in the stream.\n\n> To specify an earlier version of the Lambda function than the latest, include the Lambda function version in the Lambda function ARN. For more information about Lambda ARNs, see [Example ARNs: AWS Lambda](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-lambda)", + "title": "ResourceARN", "type": "string" }, - "SceneChangeDetect": { - "markdownDescription": "The scene change detection. On: inserts I-frames when the scene change is detected. Off: does not force an I-frame when the scene change is detected.", - "title": "SceneChangeDetect", + "RoleARN": { + "markdownDescription": "The ARN of the IAM role that is used to access the AWS Lambda function.", + "title": "RoleARN", "type": "string" - }, - "Slices": { - "markdownDescription": "The number of slices per picture. The number must be less than or equal to the number of macroblock rows for progressive pictures, and less than or equal to half the number of macroblock rows for interlaced pictures. This field is optional. If you don't specify a value, MediaLive chooses the number of slices based on the encode resolution.", - "title": "Slices", - "type": "number" - }, - "Softness": { - "markdownDescription": "Softness. Selects a quantizer matrix. Larger values reduce high-frequency content in the encoded image.", - "title": "Softness", + } + }, + "required": [ + "ResourceARN", + "RoleARN" + ], + "type": "object" + }, + "AWS::KinesisAnalytics::Application.InputParallelism": { + "additionalProperties": false, + "properties": { + "Count": { + "markdownDescription": "Number of in-application streams to create. For more information, see [Limits](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/limits.html) .", + "title": "Count", "type": "number" + } + }, + "type": "object" + }, + "AWS::KinesisAnalytics::Application.InputProcessingConfiguration": { + "additionalProperties": false, + "properties": { + "InputLambdaProcessor": { + "$ref": "#/definitions/AWS::KinesisAnalytics::Application.InputLambdaProcessor", + "markdownDescription": "The [InputLambdaProcessor](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisanalytics-application-inputlambdaprocessor.html) that is used to preprocess the records in the stream before being processed by your application code.", + "title": "InputLambdaProcessor" + } + }, + "type": "object" + }, + "AWS::KinesisAnalytics::Application.InputSchema": { + "additionalProperties": false, + "properties": { + "RecordColumns": { + "items": { + "$ref": "#/definitions/AWS::KinesisAnalytics::Application.RecordColumn" + }, + "markdownDescription": "A list of `RecordColumn` objects.", + "title": "RecordColumns", + "type": "array" }, - "SpatialAq": { - "markdownDescription": "If set to enabled, adjusts quantization within each frame based on the spatial variation of content complexity.", - "title": "SpatialAq", - "type": "string" - }, - "SubgopLength": { - "markdownDescription": "If set to fixed, uses gopNumBFrames B-frames per sub-GOP. If set to dynamic, optimizes the number of B-frames used for each sub-GOP to improve visual quality.", - "title": "SubgopLength", + "RecordEncoding": { + "markdownDescription": "Specifies the encoding of the records in the streaming source. For example, UTF-8.", + "title": "RecordEncoding", "type": "string" }, - "Syntax": { - "markdownDescription": "Produces a bitstream that is compliant with SMPTE RP-2027.", - "title": "Syntax", + "RecordFormat": { + "$ref": "#/definitions/AWS::KinesisAnalytics::Application.RecordFormat", + "markdownDescription": "Specifies the format of the records on the streaming source.", + "title": "RecordFormat" + } + }, + "required": [ + "RecordColumns", + "RecordFormat" + ], + "type": "object" + }, + "AWS::KinesisAnalytics::Application.JSONMappingParameters": { + "additionalProperties": false, + "properties": { + "RecordRowPath": { + "markdownDescription": "Path to the top-level parent that contains the records.", + "title": "RecordRowPath", "type": "string" - }, - "TemporalAq": { - "markdownDescription": "If set to enabled, adjusts quantization within each frame based on the temporal variation of content complexity.", - "title": "TemporalAq", + } + }, + "required": [ + "RecordRowPath" + ], + "type": "object" + }, + "AWS::KinesisAnalytics::Application.KinesisFirehoseInput": { + "additionalProperties": false, + "properties": { + "ResourceARN": { + "markdownDescription": "ARN of the input delivery stream.", + "title": "ResourceARN", "type": "string" }, - "TimecodeBurninSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.TimecodeBurninSettings", - "markdownDescription": "", - "title": "TimecodeBurninSettings" - }, - "TimecodeInsertion": { - "markdownDescription": "Determines how timecodes should be inserted into the video elementary stream. disabled: don't include timecodes. picTimingSei: pass through picture timing SEI messages from the source specified in Timecode Config.", - "title": "TimecodeInsertion", + "RoleARN": { + "markdownDescription": "ARN of the IAM role that Amazon Kinesis Analytics can assume to access the stream on your behalf. You need to make sure that the role has the necessary permissions to access the stream.", + "title": "RoleARN", "type": "string" } }, + "required": [ + "ResourceARN", + "RoleARN" + ], "type": "object" }, - "AWS::MediaLive::Channel.H265ColorSpaceSettings": { + "AWS::KinesisAnalytics::Application.KinesisStreamsInput": { "additionalProperties": false, "properties": { - "ColorSpacePassthroughSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.ColorSpacePassthroughSettings", - "markdownDescription": "Passthrough applies no color space conversion to the output.", - "title": "ColorSpacePassthroughSettings" - }, - "DolbyVision81Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.DolbyVision81Settings", - "markdownDescription": "", - "title": "DolbyVision81Settings" - }, - "Hdr10Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Hdr10Settings", - "markdownDescription": "Settings to configure the handling of HDR10 color space.", - "title": "Hdr10Settings" - }, - "Rec601Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Rec601Settings", - "markdownDescription": "Settings to configure the handling of Rec601 color space.", - "title": "Rec601Settings" + "ResourceARN": { + "markdownDescription": "ARN of the input Amazon Kinesis stream to read.", + "title": "ResourceARN", + "type": "string" }, - "Rec709Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Rec709Settings", - "markdownDescription": "Settings to configure the handling of Rec709 color space.", - "title": "Rec709Settings" + "RoleARN": { + "markdownDescription": "ARN of the IAM role that Amazon Kinesis Analytics can assume to access the stream on your behalf. You need to grant the necessary permissions to this role.", + "title": "RoleARN", + "type": "string" } }, + "required": [ + "ResourceARN", + "RoleARN" + ], "type": "object" }, - "AWS::MediaLive::Channel.H265FilterSettings": { + "AWS::KinesisAnalytics::Application.MappingParameters": { "additionalProperties": false, "properties": { - "TemporalFilterSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.TemporalFilterSettings", - "markdownDescription": "Settings for applying the temporal filter to the video.", - "title": "TemporalFilterSettings" + "CSVMappingParameters": { + "$ref": "#/definitions/AWS::KinesisAnalytics::Application.CSVMappingParameters", + "markdownDescription": "Provides additional mapping information when the record format uses delimiters (for example, CSV).", + "title": "CSVMappingParameters" + }, + "JSONMappingParameters": { + "$ref": "#/definitions/AWS::KinesisAnalytics::Application.JSONMappingParameters", + "markdownDescription": "Provides additional mapping information when JSON is the record format on the streaming source.", + "title": "JSONMappingParameters" } }, "type": "object" }, - "AWS::MediaLive::Channel.H265Settings": { + "AWS::KinesisAnalytics::Application.RecordColumn": { "additionalProperties": false, "properties": { - "AdaptiveQuantization": { - "markdownDescription": "Adaptive quantization. Allows intra-frame quantizers to vary to improve visual quality.", - "title": "AdaptiveQuantization", + "Mapping": { + "markdownDescription": "Reference to the data element in the streaming input or the reference data source. This element is required if the [RecordFormatType](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/API_RecordFormat.html#analytics-Type-RecordFormat-RecordFormatTypel) is `JSON` .", + "title": "Mapping", "type": "string" }, - "AfdSignaling": { - "markdownDescription": "Indicates that AFD values will be written into the output stream. If afdSignaling is \"auto\", the system will try to preserve the input AFD value (in cases where multiple AFD values are valid). If set to \"fixed\", the AFD value will be the value configured in the fixedAfd parameter.", - "title": "AfdSignaling", + "Name": { + "markdownDescription": "Name of the column created in the in-application input stream or reference table.", + "title": "Name", "type": "string" }, - "AlternativeTransferFunction": { - "markdownDescription": "Whether or not EML should insert an Alternative Transfer Function SEI message to support backwards compatibility with non-HDR decoders and displays.", - "title": "AlternativeTransferFunction", + "SqlType": { + "markdownDescription": "Type of column created in the in-application input stream or reference table.", + "title": "SqlType", "type": "string" + } + }, + "required": [ + "Name", + "SqlType" + ], + "type": "object" + }, + "AWS::KinesisAnalytics::Application.RecordFormat": { + "additionalProperties": false, + "properties": { + "MappingParameters": { + "$ref": "#/definitions/AWS::KinesisAnalytics::Application.MappingParameters", + "markdownDescription": "When configuring application input at the time of creating or updating an application, provides additional mapping information specific to the record format (such as JSON, CSV, or record fields delimited by some delimiter) on the streaming source.", + "title": "MappingParameters" }, - "Bitrate": { - "markdownDescription": "Average bitrate in bits/second. Required when the rate control mode is VBR or CBR. Not used for QVBR. In an MS Smooth output group, each output must have a unique value when its bitrate is rounded down to the nearest multiple of 1000.", - "title": "Bitrate", - "type": "number" - }, - "BufSize": { - "markdownDescription": "Size of buffer (HRD buffer model) in bits.", - "title": "BufSize", - "type": "number" - }, - "ColorMetadata": { - "markdownDescription": "Includes colorspace metadata in the output.", - "title": "ColorMetadata", + "RecordFormatType": { + "markdownDescription": "The type of record format.", + "title": "RecordFormatType", "type": "string" - }, - "ColorSpaceSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.H265ColorSpaceSettings", - "markdownDescription": "Color Space settings", - "title": "ColorSpaceSettings" - }, - "FilterSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.H265FilterSettings", - "markdownDescription": "Optional filters that you can apply to an encode.", - "title": "FilterSettings" - }, - "FixedAfd": { - "markdownDescription": "Four bit AFD value to write on all frames of video in the output stream. Only valid when afdSignaling is set to 'Fixed'.", - "title": "FixedAfd", + } + }, + "required": [ + "RecordFormatType" + ], + "type": "object" + }, + "AWS::KinesisAnalytics::ApplicationOutput": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "FlickerAq": { - "markdownDescription": "If set to enabled, adjust quantization within each frame to reduce flicker or 'pop' on I-frames.", - "title": "FlickerAq", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "FramerateDenominator": { - "markdownDescription": "Framerate denominator.", - "title": "FramerateDenominator", - "type": "number" - }, - "FramerateNumerator": { - "markdownDescription": "Framerate numerator - framerate is a fraction, e.g. 24000 / 1001 = 23.976 fps.", - "title": "FramerateNumerator", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "GopClosedCadence": { - "markdownDescription": "Frequency of closed GOPs. In streaming applications, it is recommended that this be set to 1 so a decoder joining mid-stream will receive an IDR frame as quickly as possible. Setting this value to 0 will break output segmenting.", - "title": "GopClosedCadence", - "type": "number" + "Metadata": { + "type": "object" }, - "GopSize": { - "markdownDescription": "GOP size (keyframe interval) in units of either frames or seconds per gopSizeUnits.\nIf gopSizeUnits is frames, gopSize must be an integer and must be greater than or equal to 1.\nIf gopSizeUnits is seconds, gopSize must be greater than 0, but need not be an integer.", - "title": "GopSize", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationName": { + "markdownDescription": "Name of the application to which you want to add the output configuration.", + "title": "ApplicationName", + "type": "string" + }, + "Output": { + "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationOutput.Output", + "markdownDescription": "An array of objects, each describing one output configuration. In the output configuration, you specify the name of an in-application stream, a destination (that is, an Amazon Kinesis stream, an Amazon Kinesis Firehose delivery stream, or an AWS Lambda function), and record the formation to use when writing to the destination.", + "title": "Output" + } + }, + "required": [ + "ApplicationName", + "Output" + ], + "type": "object" }, - "GopSizeUnits": { - "markdownDescription": "Indicates if the gopSize is specified in frames or seconds. If seconds the system will convert the gopSize into a frame count at run time.", - "title": "GopSizeUnits", + "Type": { + "enum": [ + "AWS::KinesisAnalytics::ApplicationOutput" + ], "type": "string" }, - "Level": { - "markdownDescription": "H.265 Level.", - "title": "Level", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "LookAheadRateControl": { - "markdownDescription": "Amount of lookahead. A value of low can decrease latency and memory usage, while high can produce better quality for certain content.", - "title": "LookAheadRateControl", + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::KinesisAnalytics::ApplicationOutput.DestinationSchema": { + "additionalProperties": false, + "properties": { + "RecordFormatType": { + "markdownDescription": "Specifies the format of the records on the output stream.", + "title": "RecordFormatType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::KinesisAnalytics::ApplicationOutput.KinesisFirehoseOutput": { + "additionalProperties": false, + "properties": { + "ResourceARN": { + "markdownDescription": "ARN of the destination Amazon Kinesis Firehose delivery stream to write to.", + "title": "ResourceARN", "type": "string" }, - "MaxBitrate": { - "markdownDescription": "For QVBR: See the tooltip for Quality level", - "title": "MaxBitrate", - "type": "number" - }, - "MinIInterval": { - "markdownDescription": "Only meaningful if sceneChangeDetect is set to enabled. Defaults to 5 if multiplex rate control is used. Enforces separation between repeated (cadence) I-frames and I-frames inserted by Scene Change Detection. If a scene change I-frame is within I-interval frames of a cadence I-frame, the GOP is shrunk and/or stretched to the scene change I-frame. GOP stretch requires enabling lookahead as well as setting I-interval. The normal cadence resumes for the next GOP. Note: Maximum GOP stretch = GOP size + Min-I-interval - 1", - "title": "MinIInterval", - "type": "number" - }, - "MvOverPictureBoundaries": { - "markdownDescription": "", - "title": "MvOverPictureBoundaries", + "RoleARN": { + "markdownDescription": "ARN of the IAM role that Amazon Kinesis Analytics can assume to write to the destination stream on your behalf. You need to grant the necessary permissions to this role.", + "title": "RoleARN", + "type": "string" + } + }, + "required": [ + "ResourceARN", + "RoleARN" + ], + "type": "object" + }, + "AWS::KinesisAnalytics::ApplicationOutput.KinesisStreamsOutput": { + "additionalProperties": false, + "properties": { + "ResourceARN": { + "markdownDescription": "ARN of the destination Amazon Kinesis stream to write to.", + "title": "ResourceARN", "type": "string" }, - "MvTemporalPredictor": { - "markdownDescription": "", - "title": "MvTemporalPredictor", + "RoleARN": { + "markdownDescription": "ARN of the IAM role that Amazon Kinesis Analytics can assume to write to the destination stream on your behalf. You need to grant the necessary permissions to this role.", + "title": "RoleARN", + "type": "string" + } + }, + "required": [ + "ResourceARN", + "RoleARN" + ], + "type": "object" + }, + "AWS::KinesisAnalytics::ApplicationOutput.LambdaOutput": { + "additionalProperties": false, + "properties": { + "ResourceARN": { + "markdownDescription": "Amazon Resource Name (ARN) of the destination Lambda function to write to.\n\n> To specify an earlier version of the Lambda function than the latest, include the Lambda function version in the Lambda function ARN. For more information about Lambda ARNs, see [Example ARNs: AWS Lambda](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-lambda)", + "title": "ResourceARN", "type": "string" }, - "ParDenominator": { - "markdownDescription": "Pixel Aspect Ratio denominator.", - "title": "ParDenominator", - "type": "number" + "RoleARN": { + "markdownDescription": "ARN of the IAM role that Amazon Kinesis Analytics can assume to write to the destination function on your behalf. You need to grant the necessary permissions to this role.", + "title": "RoleARN", + "type": "string" + } + }, + "required": [ + "ResourceARN", + "RoleARN" + ], + "type": "object" + }, + "AWS::KinesisAnalytics::ApplicationOutput.Output": { + "additionalProperties": false, + "properties": { + "DestinationSchema": { + "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationOutput.DestinationSchema", + "markdownDescription": "Describes the data format when records are written to the destination. For more information, see [Configuring Application Output](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/how-it-works-output.html) .", + "title": "DestinationSchema" }, - "ParNumerator": { - "markdownDescription": "Pixel Aspect Ratio numerator.", - "title": "ParNumerator", - "type": "number" + "KinesisFirehoseOutput": { + "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationOutput.KinesisFirehoseOutput", + "markdownDescription": "Identifies an Amazon Kinesis Firehose delivery stream as the destination.", + "title": "KinesisFirehoseOutput" }, - "Profile": { - "markdownDescription": "H.265 Profile.", - "title": "Profile", - "type": "string" + "KinesisStreamsOutput": { + "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationOutput.KinesisStreamsOutput", + "markdownDescription": "Identifies an Amazon Kinesis stream as the destination.", + "title": "KinesisStreamsOutput" }, - "QvbrQualityLevel": { - "markdownDescription": "Controls the target quality for the video encode. Applies only when the rate control mode is QVBR. Set values for the QVBR quality level field and Max bitrate field that suit your most important viewing devices. Recommended values are:\n- Primary screen: Quality level: 8 to 10. Max bitrate: 4M\n- PC or tablet: Quality level: 7. Max bitrate: 1.5M to 3M\n- Smartphone: Quality level: 6. Max bitrate: 1M to 1.5M", - "title": "QvbrQualityLevel", - "type": "number" + "LambdaOutput": { + "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationOutput.LambdaOutput", + "markdownDescription": "Identifies an AWS Lambda function as the destination.", + "title": "LambdaOutput" }, - "RateControlMode": { - "markdownDescription": "Rate control mode. QVBR: Quality will match the specified quality level except when it is constrained by the\nmaximum bitrate. Recommended if you or your viewers pay for bandwidth. CBR: Quality varies, depending on the video complexity. Recommended only if you distribute\nyour assets to devices that cannot handle variable bitrates. Multiplex: This rate control mode is only supported (and is required) when the video is being\ndelivered to a MediaLive Multiplex in which case the rate control configuration is controlled\nby the properties within the Multiplex Program.", - "title": "RateControlMode", + "Name": { + "markdownDescription": "Name of the in-application stream.", + "title": "Name", "type": "string" - }, - "ScanType": { - "markdownDescription": "Sets the scan type of the output to progressive or top-field-first interlaced.", - "title": "ScanType", + } + }, + "required": [ + "DestinationSchema" + ], + "type": "object" + }, + "AWS::KinesisAnalytics::ApplicationReferenceDataSource": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "SceneChangeDetect": { - "markdownDescription": "Scene change detection.", - "title": "SceneChangeDetect", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Slices": { - "markdownDescription": "Number of slices per picture. Must be less than or equal to the number of macroblock rows for progressive pictures, and less than or equal to half the number of macroblock rows for interlaced pictures.\nThis field is optional; when no value is specified the encoder will choose the number of slices based on encode resolution.", - "title": "Slices", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Tier": { - "markdownDescription": "H.265 Tier.", - "title": "Tier", - "type": "string" + "Metadata": { + "type": "object" }, - "TileHeight": { - "markdownDescription": "", - "title": "TileHeight", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationName": { + "markdownDescription": "Name of an existing application.", + "title": "ApplicationName", + "type": "string" + }, + "ReferenceDataSource": { + "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.ReferenceDataSource", + "markdownDescription": "The reference data source can be an object in your Amazon S3 bucket. Amazon Kinesis Analytics reads the object and copies the data into the in-application table that is created. You provide an S3 bucket, object key name, and the resulting in-application table that is created. You must also provide an IAM role with the necessary permissions that Amazon Kinesis Analytics can assume to read the object from your S3 bucket on your behalf.", + "title": "ReferenceDataSource" + } + }, + "required": [ + "ApplicationName", + "ReferenceDataSource" + ], + "type": "object" }, - "TilePadding": { - "markdownDescription": "", - "title": "TilePadding", + "Type": { + "enum": [ + "AWS::KinesisAnalytics::ApplicationReferenceDataSource" + ], "type": "string" }, - "TileWidth": { - "markdownDescription": "", - "title": "TileWidth", - "type": "number" - }, - "TimecodeBurninSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.TimecodeBurninSettings", - "markdownDescription": "", - "title": "TimecodeBurninSettings" - }, - "TimecodeInsertion": { - "markdownDescription": "Determines how timecodes should be inserted into the video elementary stream.\n- 'disabled': Do not include timecodes\n- 'picTimingSei': Pass through picture timing SEI messages from the source specified in Timecode Config", - "title": "TimecodeInsertion", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::KinesisAnalytics::ApplicationReferenceDataSource.CSVMappingParameters": { + "additionalProperties": false, + "properties": { + "RecordColumnDelimiter": { + "markdownDescription": "Column delimiter. For example, in a CSV format, a comma (\",\") is the typical column delimiter.", + "title": "RecordColumnDelimiter", "type": "string" }, - "TreeblockSize": { - "markdownDescription": "", - "title": "TreeblockSize", + "RecordRowDelimiter": { + "markdownDescription": "Row delimiter. For example, in a CSV format, *'\\n'* is the typical row delimiter.", + "title": "RecordRowDelimiter", "type": "string" } }, + "required": [ + "RecordColumnDelimiter", + "RecordRowDelimiter" + ], "type": "object" }, - "AWS::MediaLive::Channel.Hdr10Settings": { + "AWS::KinesisAnalytics::ApplicationReferenceDataSource.JSONMappingParameters": { "additionalProperties": false, "properties": { - "MaxCll": { - "markdownDescription": "Maximum Content Light Level\nAn integer metadata value defining the maximum light level, in nits,\nof any single pixel within an encoded HDR video stream or file.", - "title": "MaxCll", - "type": "number" - }, - "MaxFall": { - "markdownDescription": "Maximum Frame Average Light Level\nAn integer metadata value defining the maximum average light level, in nits,\nfor any single frame within an encoded HDR video stream or file.", - "title": "MaxFall", - "type": "number" + "RecordRowPath": { + "markdownDescription": "Path to the top-level parent that contains the records.", + "title": "RecordRowPath", + "type": "string" } }, + "required": [ + "RecordRowPath" + ], "type": "object" }, - "AWS::MediaLive::Channel.HlsAkamaiSettings": { + "AWS::KinesisAnalytics::ApplicationReferenceDataSource.MappingParameters": { "additionalProperties": false, "properties": { - "ConnectionRetryInterval": { - "markdownDescription": "The number of seconds to wait before retrying a connection to the CDN if the connection is lost.", - "title": "ConnectionRetryInterval", - "type": "number" - }, - "FilecacheDuration": { - "markdownDescription": "The size, in seconds, of the file cache for streaming outputs.", - "title": "FilecacheDuration", - "type": "number" + "CSVMappingParameters": { + "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.CSVMappingParameters", + "markdownDescription": "Provides additional mapping information when the record format uses delimiters (for example, CSV).", + "title": "CSVMappingParameters" }, - "HttpTransferMode": { - "markdownDescription": "Specifies whether to use chunked transfer encoding to Akamai. To enable this feature, contact Akamai.", - "title": "HttpTransferMode", + "JSONMappingParameters": { + "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.JSONMappingParameters", + "markdownDescription": "Provides additional mapping information when JSON is the record format on the streaming source.", + "title": "JSONMappingParameters" + } + }, + "type": "object" + }, + "AWS::KinesisAnalytics::ApplicationReferenceDataSource.RecordColumn": { + "additionalProperties": false, + "properties": { + "Mapping": { + "markdownDescription": "Reference to the data element in the streaming input or the reference data source. This element is required if the [RecordFormatType](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/API_RecordFormat.html#analytics-Type-RecordFormat-RecordFormatTypel) is `JSON` .", + "title": "Mapping", "type": "string" }, - "NumRetries": { - "markdownDescription": "The number of retry attempts that will be made before the channel is put into an error state.", - "title": "NumRetries", - "type": "number" - }, - "RestartDelay": { - "markdownDescription": "If a streaming output fails, the number of seconds to wait until a restart is initiated. A value of 0 means never restart.", - "title": "RestartDelay", - "type": "number" - }, - "Salt": { - "markdownDescription": "The salt for authenticated Akamai.", - "title": "Salt", + "Name": { + "markdownDescription": "Name of the column created in the in-application input stream or reference table.", + "title": "Name", "type": "string" }, - "Token": { - "markdownDescription": "The token parameter for authenticated Akamai. If this is not specified, _gda_ is used.", - "title": "Token", + "SqlType": { + "markdownDescription": "Type of column created in the in-application input stream or reference table.", + "title": "SqlType", "type": "string" } }, + "required": [ + "Name", + "SqlType" + ], "type": "object" }, - "AWS::MediaLive::Channel.HlsBasicPutSettings": { + "AWS::KinesisAnalytics::ApplicationReferenceDataSource.RecordFormat": { "additionalProperties": false, "properties": { - "ConnectionRetryInterval": { - "markdownDescription": "The number of seconds to wait before retrying a connection to the CDN if the connection is lost.", - "title": "ConnectionRetryInterval", - "type": "number" - }, - "FilecacheDuration": { - "markdownDescription": "The size, in seconds, of the file cache for streaming outputs.", - "title": "FilecacheDuration", - "type": "number" - }, - "NumRetries": { - "markdownDescription": "The number of retry attempts that MediaLive makes before the channel is put into an error state.", - "title": "NumRetries", - "type": "number" + "MappingParameters": { + "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.MappingParameters", + "markdownDescription": "When configuring application input at the time of creating or updating an application, provides additional mapping information specific to the record format (such as JSON, CSV, or record fields delimited by some delimiter) on the streaming source.", + "title": "MappingParameters" }, - "RestartDelay": { - "markdownDescription": "If a streaming output fails, the number of seconds to wait until a restart is initiated. A value of 0 means never restart.", - "title": "RestartDelay", - "type": "number" + "RecordFormatType": { + "markdownDescription": "The type of record format.", + "title": "RecordFormatType", + "type": "string" } }, + "required": [ + "RecordFormatType" + ], "type": "object" }, - "AWS::MediaLive::Channel.HlsCdnSettings": { + "AWS::KinesisAnalytics::ApplicationReferenceDataSource.ReferenceDataSource": { "additionalProperties": false, "properties": { - "HlsAkamaiSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.HlsAkamaiSettings", - "markdownDescription": "Sets up Akamai as the downstream system for the HLS output group.", - "title": "HlsAkamaiSettings" - }, - "HlsBasicPutSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.HlsBasicPutSettings", - "markdownDescription": "The settings for Basic Put for the HLS output.", - "title": "HlsBasicPutSettings" - }, - "HlsMediaStoreSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.HlsMediaStoreSettings", - "markdownDescription": "Sets up MediaStore as the destination for the HLS output.", - "title": "HlsMediaStoreSettings" + "ReferenceSchema": { + "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.ReferenceSchema", + "markdownDescription": "Describes the format of the data in the streaming source, and how each data element maps to corresponding columns created in the in-application stream.", + "title": "ReferenceSchema" }, - "HlsS3Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.HlsS3Settings", - "markdownDescription": "Sets up Amazon S3 as the destination for this HLS output.", - "title": "HlsS3Settings" + "S3ReferenceDataSource": { + "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.S3ReferenceDataSource", + "markdownDescription": "Identifies the S3 bucket and object that contains the reference data. Also identifies the IAM role Amazon Kinesis Analytics can assume to read this object on your behalf. An Amazon Kinesis Analytics application loads reference data only once. If the data changes, you call the `UpdateApplication` operation to trigger reloading of data into your application.", + "title": "S3ReferenceDataSource" }, - "HlsWebdavSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.HlsWebdavSettings", - "markdownDescription": "The settings for Web VTT captions in the HLS output group.\n\nThe parent of this entity is HlsGroupSettings.", - "title": "HlsWebdavSettings" + "TableName": { + "markdownDescription": "Name of the in-application table to create.", + "title": "TableName", + "type": "string" } }, + "required": [ + "ReferenceSchema" + ], "type": "object" }, - "AWS::MediaLive::Channel.HlsGroupSettings": { + "AWS::KinesisAnalytics::ApplicationReferenceDataSource.ReferenceSchema": { "additionalProperties": false, "properties": { - "AdMarkers": { + "RecordColumns": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.RecordColumn" }, - "markdownDescription": "Chooses one or more ad marker types to pass SCTE35 signals through to this group of Apple HLS outputs.", - "title": "AdMarkers", + "markdownDescription": "A list of RecordColumn objects.", + "title": "RecordColumns", "type": "array" }, - "BaseUrlContent": { - "markdownDescription": "A partial URI prefix that will be prepended to each output in the media .m3u8 file. The partial URI prefix can be used if the base manifest is delivered from a different URL than the main .m3u8 file.", - "title": "BaseUrlContent", + "RecordEncoding": { + "markdownDescription": "Specifies the encoding of the records in the reference source. For example, UTF-8.", + "title": "RecordEncoding", "type": "string" }, - "BaseUrlContent1": { - "markdownDescription": "Optional. One value per output group. This field is required only if you are completing Base URL content A, and the downstream system has notified you that the media files for pipeline 1 of all outputs are in a location different from the media files for pipeline 0.", - "title": "BaseUrlContent1", + "RecordFormat": { + "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.RecordFormat", + "markdownDescription": "Specifies the format of the records on the reference source.", + "title": "RecordFormat" + } + }, + "required": [ + "RecordColumns", + "RecordFormat" + ], + "type": "object" + }, + "AWS::KinesisAnalytics::ApplicationReferenceDataSource.S3ReferenceDataSource": { + "additionalProperties": false, + "properties": { + "BucketARN": { + "markdownDescription": "Amazon Resource Name (ARN) of the S3 bucket.", + "title": "BucketARN", "type": "string" }, - "BaseUrlManifest": { - "markdownDescription": "A partial URI prefix that will be prepended to each output in the media .m3u8 file. The partial URI prefix can be used if the base manifest is delivered from a different URL than the main .m3u8 file.", - "title": "BaseUrlManifest", + "FileKey": { + "markdownDescription": "Object key name containing reference data.", + "title": "FileKey", "type": "string" }, - "BaseUrlManifest1": { - "markdownDescription": "Optional. One value per output group. Complete this field only if you are completing Base URL manifest A, and the downstream system has notified you that the child manifest files for pipeline 1 of all outputs are in a location different from the child manifest files for pipeline 0.", - "title": "BaseUrlManifest1", + "ReferenceRoleARN": { + "markdownDescription": "ARN of the IAM role that the service can assume to read data on your behalf. This role must have permission for the `s3:GetObject` action on the object and trust policy that allows Amazon Kinesis Analytics service principal to assume this role.", + "title": "ReferenceRoleARN", "type": "string" - }, - "CaptionLanguageMappings": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionLanguageMapping" - }, - "markdownDescription": "A mapping of up to 4 captions channels to captions languages. This is meaningful only if captionLanguageSetting is set to \"insert.\"", - "title": "CaptionLanguageMappings", - "type": "array" - }, - "CaptionLanguageSetting": { - "markdownDescription": "Applies only to 608 embedded output captions. Insert: Include CLOSED-CAPTIONS lines in the manifest. Specify at least one language in the CC1 Language Code field. One CLOSED-CAPTION line is added for each Language Code that you specify. Make sure to specify the languages in the order in which they appear in the original source (if the source is embedded format) or the order of the captions selectors (if the source is other than embedded). Otherwise, languages in the manifest will not match properly with the output captions. None: Include the CLOSED-CAPTIONS=NONE line in the manifest. Omit: Omit any CLOSED-CAPTIONS line from the manifest.", - "title": "CaptionLanguageSetting", + } + }, + "required": [ + "BucketARN", + "FileKey", + "ReferenceRoleARN" + ], + "type": "object" + }, + "AWS::KinesisAnalyticsV2::Application": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "ClientCache": { - "markdownDescription": "When set to \"disabled,\" sets the #EXT-X-ALLOW-CACHE:no tag in the manifest, which prevents clients from saving media segments for later replay.", - "title": "ClientCache", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "CodecSpecification": { - "markdownDescription": "The specification to use (RFC-6381 or the default RFC-4281) during m3u8 playlist generation.", - "title": "CodecSpecification", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ConstantIv": { - "markdownDescription": "Used with encryptionType. This is a 128-bit, 16-byte hex value that is represented by a 32-character text string. If ivSource is set to \"explicit,\" this parameter is required and is used as the IV for encryption.", - "title": "ConstantIv", - "type": "string" + "Metadata": { + "type": "object" }, - "Destination": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", - "markdownDescription": "A directory or HTTP destination for the HLS segments, manifest files, and encryption keys (if enabled).", - "title": "Destination" + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ApplicationConfiguration", + "markdownDescription": "Use this parameter to configure the application.", + "title": "ApplicationConfiguration" + }, + "ApplicationDescription": { + "markdownDescription": "The description of the application.", + "title": "ApplicationDescription", + "type": "string" + }, + "ApplicationMaintenanceConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ApplicationMaintenanceConfiguration", + "markdownDescription": "Specifies the maintenance window parameters for a Kinesis Data Analytics application.", + "title": "ApplicationMaintenanceConfiguration" + }, + "ApplicationMode": { + "markdownDescription": "To create a Kinesis Data Analytics Studio notebook, you must set the mode to `INTERACTIVE` . However, for a Kinesis Data Analytics for Apache Flink application, the mode is optional.", + "title": "ApplicationMode", + "type": "string" + }, + "ApplicationName": { + "markdownDescription": "The name of the application.", + "title": "ApplicationName", + "type": "string" + }, + "RunConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.RunConfiguration", + "markdownDescription": "Describes the starting parameters for an Managed Service for Apache Flink application.", + "title": "RunConfiguration" + }, + "RuntimeEnvironment": { + "markdownDescription": "The runtime environment for the application.", + "title": "RuntimeEnvironment", + "type": "string" + }, + "ServiceExecutionRole": { + "markdownDescription": "Specifies the IAM role that the application uses to access external resources.", + "title": "ServiceExecutionRole", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of one or more tags to assign to the application. A tag is a key-value pair that identifies an application. Note that the maximum number of application tags includes system tags. The maximum number of user-defined application tags is 50.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "RuntimeEnvironment", + "ServiceExecutionRole" + ], + "type": "object" }, - "DirectoryStructure": { - "markdownDescription": "Places segments in subdirectories.", - "title": "DirectoryStructure", + "Type": { + "enum": [ + "AWS::KinesisAnalyticsV2::Application" + ], "type": "string" }, - "DiscontinuityTags": { - "markdownDescription": "Specifies whether to insert EXT-X-DISCONTINUITY tags in the HLS child manifests for this output group.\nTypically, choose Insert because these tags are required in the manifest (according to the HLS specification) and serve an important purpose.\nChoose Never Insert only if the downstream system is doing real-time failover (without using the MediaLive automatic failover feature) and only if that downstream system has advised you to exclude the tags.", - "title": "DiscontinuityTags", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::KinesisAnalyticsV2::Application.ApplicationCodeConfiguration": { + "additionalProperties": false, + "properties": { + "CodeContent": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.CodeContent", + "markdownDescription": "The location and type of the application code.", + "title": "CodeContent" }, - "EncryptionType": { - "markdownDescription": "Encrypts the segments with the specified encryption scheme. Exclude this parameter if you don't want encryption.", - "title": "EncryptionType", + "CodeContentType": { + "markdownDescription": "Specifies whether the code content is in text or zip format.", + "title": "CodeContentType", "type": "string" + } + }, + "required": [ + "CodeContent", + "CodeContentType" + ], + "type": "object" + }, + "AWS::KinesisAnalyticsV2::Application.ApplicationConfiguration": { + "additionalProperties": false, + "properties": { + "ApplicationCodeConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ApplicationCodeConfiguration", + "markdownDescription": "The code location and type parameters for a Managed Service for Apache Flink application.", + "title": "ApplicationCodeConfiguration" }, - "HlsCdnSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.HlsCdnSettings", - "markdownDescription": "The parameters that control interactions with the CDN.", - "title": "HlsCdnSettings" - }, - "HlsId3SegmentTagging": { - "markdownDescription": "State of HLS ID3 Segment Tagging", - "title": "HlsId3SegmentTagging", - "type": "string" + "ApplicationSnapshotConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ApplicationSnapshotConfiguration", + "markdownDescription": "Describes whether snapshots are enabled for a Managed Service for Apache Flink application.", + "title": "ApplicationSnapshotConfiguration" }, - "IFrameOnlyPlaylists": { - "markdownDescription": "DISABLED: Don't create an I-frame-only manifest, but do create the master and media manifests (according to the Output Selection field). STANDARD: Create an I-frame-only manifest for each output that contains video, as well as the other manifests (according to the Output Selection field). The I-frame manifest contains a #EXT-X-I-FRAMES-ONLY tag to indicate it is I-frame only, and one or more #EXT-X-BYTERANGE entries identifying the I-frame position. For example, #EXT-X-BYTERANGE:160364@1461888\".", - "title": "IFrameOnlyPlaylists", - "type": "string" + "ApplicationSystemRollbackConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ApplicationSystemRollbackConfiguration", + "markdownDescription": "Describes whether system rollbacks are enabled for a Managed Service for Apache Flink application.", + "title": "ApplicationSystemRollbackConfiguration" }, - "IncompleteSegmentBehavior": { - "markdownDescription": "Specifies whether to include the final (incomplete) segment in the media output when the pipeline stops producing output because of a channel stop, a channel pause or a loss of input to the pipeline.\nAuto means that MediaLive decides whether to include the final segment, depending on the channel class and the types of output groups.\nSuppress means to never include the incomplete segment. We recommend you choose Auto and let MediaLive control the behavior.", - "title": "IncompleteSegmentBehavior", - "type": "string" + "EnvironmentProperties": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.EnvironmentProperties", + "markdownDescription": "Describes execution properties for a Managed Service for Apache Flink application.", + "title": "EnvironmentProperties" }, - "IndexNSegments": { - "markdownDescription": "Applies only if the Mode field is LIVE. Specifies the maximum number of segments in the media manifest file. After this maximum, older segments are removed from the media manifest. This number must be less than or equal to the Keep Segments field.", - "title": "IndexNSegments", - "type": "number" + "FlinkApplicationConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.FlinkApplicationConfiguration", + "markdownDescription": "The creation and update parameters for a Managed Service for Apache Flink application.", + "title": "FlinkApplicationConfiguration" }, - "InputLossAction": { - "markdownDescription": "A parameter that controls output group behavior on an input loss.", - "title": "InputLossAction", - "type": "string" + "SqlApplicationConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.SqlApplicationConfiguration", + "markdownDescription": "The creation and update parameters for a SQL-based Kinesis Data Analytics application.", + "title": "SqlApplicationConfiguration" }, - "IvInManifest": { - "markdownDescription": "Used with encryptionType. The IV (initialization vector) is a 128-bit number used in conjunction with the key for encrypting blocks. If set to \"include,\" the IV is listed in the manifest. Otherwise, the IV is not in the manifest.", - "title": "IvInManifest", - "type": "string" + "VpcConfigurations": { + "items": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.VpcConfiguration" + }, + "markdownDescription": "The array of descriptions of VPC configurations available to the application.", + "title": "VpcConfigurations", + "type": "array" }, - "IvSource": { - "markdownDescription": "Used with encryptionType. The IV (initialization vector) is a 128-bit number used in conjunction with the key for encrypting blocks. If this setting is \"followsSegmentNumber,\" it causes the IV to change every segment (to match the segment number). If this is set to \"explicit,\" you must enter a constantIv value.", - "title": "IvSource", + "ZeppelinApplicationConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ZeppelinApplicationConfiguration", + "markdownDescription": "The configuration parameters for a Kinesis Data Analytics Studio notebook.", + "title": "ZeppelinApplicationConfiguration" + } + }, + "type": "object" + }, + "AWS::KinesisAnalyticsV2::Application.ApplicationMaintenanceConfiguration": { + "additionalProperties": false, + "properties": { + "ApplicationMaintenanceWindowStartTime": { + "markdownDescription": "", + "title": "ApplicationMaintenanceWindowStartTime", "type": "string" - }, - "KeepSegments": { - "markdownDescription": "Applies only if the Mode field is LIVE. Specifies the number of media segments (.ts files) to retain in the destination directory.", - "title": "KeepSegments", - "type": "number" - }, - "KeyFormat": { - "markdownDescription": "Specifies how the key is represented in the resource identified by the URI. If the parameter is absent, an implicit value of \"identity\" is used. A reverse DNS string can also be specified.", - "title": "KeyFormat", + } + }, + "required": [ + "ApplicationMaintenanceWindowStartTime" + ], + "type": "object" + }, + "AWS::KinesisAnalyticsV2::Application.ApplicationRestoreConfiguration": { + "additionalProperties": false, + "properties": { + "ApplicationRestoreType": { + "markdownDescription": "Specifies how the application should be restored.", + "title": "ApplicationRestoreType", "type": "string" }, - "KeyFormatVersions": { - "markdownDescription": "Either a single positive integer version value or a slash-delimited list of version values (1/2/3).", - "title": "KeyFormatVersions", + "SnapshotName": { + "markdownDescription": "The identifier of an existing snapshot of application state to use to restart an application. The application uses this value if `RESTORE_FROM_CUSTOM_SNAPSHOT` is specified for the `ApplicationRestoreType` .", + "title": "SnapshotName", "type": "string" - }, - "KeyProviderSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.KeyProviderSettings", - "markdownDescription": "The key provider settings.", - "title": "KeyProviderSettings" - }, - "ManifestCompression": { - "markdownDescription": "When set to gzip, compresses HLS playlist.", - "title": "ManifestCompression", + } + }, + "required": [ + "ApplicationRestoreType" + ], + "type": "object" + }, + "AWS::KinesisAnalyticsV2::Application.ApplicationSnapshotConfiguration": { + "additionalProperties": false, + "properties": { + "SnapshotsEnabled": { + "markdownDescription": "Describes whether snapshots are enabled for a Managed Service for Apache Flink application.", + "title": "SnapshotsEnabled", + "type": "boolean" + } + }, + "required": [ + "SnapshotsEnabled" + ], + "type": "object" + }, + "AWS::KinesisAnalyticsV2::Application.ApplicationSystemRollbackConfiguration": { + "additionalProperties": false, + "properties": { + "RollbackEnabled": { + "markdownDescription": "Describes whether system rollbacks are enabled for a Managed Service for Apache Flink application.", + "title": "RollbackEnabled", + "type": "boolean" + } + }, + "required": [ + "RollbackEnabled" + ], + "type": "object" + }, + "AWS::KinesisAnalyticsV2::Application.CSVMappingParameters": { + "additionalProperties": false, + "properties": { + "RecordColumnDelimiter": { + "markdownDescription": "The column delimiter. For example, in a CSV format, a comma (\",\") is the typical column delimiter.", + "title": "RecordColumnDelimiter", "type": "string" }, - "ManifestDurationFormat": { - "markdownDescription": "Indicates whether the output manifest should use a floating point or integer values for segment duration.", - "title": "ManifestDurationFormat", + "RecordRowDelimiter": { + "markdownDescription": "The row delimiter. For example, in a CSV format, *'\\n'* is the typical row delimiter.", + "title": "RecordRowDelimiter", "type": "string" - }, - "MinSegmentLength": { - "markdownDescription": "When set, minimumSegmentLength is enforced by looking ahead and back within the specified range for a nearby avail and extending the segment size if needed.", - "title": "MinSegmentLength", + } + }, + "required": [ + "RecordColumnDelimiter", + "RecordRowDelimiter" + ], + "type": "object" + }, + "AWS::KinesisAnalyticsV2::Application.CatalogConfiguration": { + "additionalProperties": false, + "properties": { + "GlueDataCatalogConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.GlueDataCatalogConfiguration", + "markdownDescription": "The configuration parameters for the default Amazon Glue database. You use this database for Apache Flink SQL queries and table API transforms that you write in a Kinesis Data Analytics Studio notebook.", + "title": "GlueDataCatalogConfiguration" + } + }, + "type": "object" + }, + "AWS::KinesisAnalyticsV2::Application.CheckpointConfiguration": { + "additionalProperties": false, + "properties": { + "CheckpointInterval": { + "markdownDescription": "Describes the interval in milliseconds between checkpoint operations.\n\n> If `CheckpointConfiguration.ConfigurationType` is `DEFAULT` , the application will use a `CheckpointInterval` value of 60000, even if this value is set to another value using this API or in application code.", + "title": "CheckpointInterval", "type": "number" }, - "Mode": { - "markdownDescription": "If \"vod,\" all segments are indexed and kept permanently in the destination and manifest. If \"live,\" only the number segments specified in keepSegments and indexNSegments are kept. Newer segments replace older segments, which might prevent players from rewinding all the way to the beginning of the channel. VOD mode uses HLS EXT-X-PLAYLIST-TYPE of EVENT while the channel is running, converting it to a \"VOD\" type manifest on completion of the stream.", - "title": "Mode", - "type": "string" - }, - "OutputSelection": { - "markdownDescription": "MANIFESTSANDSEGMENTS: Generates manifests (the master manifest, if applicable, and media manifests) for this output group. SEGMENTSONLY: Doesn't generate any manifests for this output group.", - "title": "OutputSelection", - "type": "string" - }, - "ProgramDateTime": { - "markdownDescription": "Includes or excludes the EXT-X-PROGRAM-DATE-TIME tag in .m3u8 manifest files. The value is calculated as follows: Either the program date and time are initialized using the input timecode source, or the time is initialized using the input timecode source and the date is initialized using the timestampOffset.", - "title": "ProgramDateTime", - "type": "string" - }, - "ProgramDateTimeClock": { - "markdownDescription": "Specifies the algorithm used to drive the HLS EXT-X-PROGRAM-DATE-TIME clock. Options include: INITIALIZE_FROM_OUTPUT_TIMECODE: The PDT clock is initialized as a function of the first output timecode, then incremented by the EXTINF duration of each encoded segment. SYSTEM_CLOCK: The PDT clock is initialized as a function of the UTC wall clock, then incremented by the EXTINF duration of each encoded segment. If the PDT clock diverges from the wall clock by more than 500ms, it is resynchronized to the wall clock.", - "title": "ProgramDateTimeClock", - "type": "string" - }, - "ProgramDateTimePeriod": { - "markdownDescription": "The period of insertion of the EXT-X-PROGRAM-DATE-TIME entry, in seconds.", - "title": "ProgramDateTimePeriod", - "type": "number" + "CheckpointingEnabled": { + "markdownDescription": "Describes whether checkpointing is enabled for a Managed Service for Apache Flink application.\n\n> If `CheckpointConfiguration.ConfigurationType` is `DEFAULT` , the application will use a `CheckpointingEnabled` value of `true` , even if this value is set to another value using this API or in application code.", + "title": "CheckpointingEnabled", + "type": "boolean" }, - "RedundantManifest": { - "markdownDescription": "ENABLED: The master manifest (.m3u8 file) for each pipeline includes information about both pipelines: first its own media files, then the media files of the other pipeline. This feature allows a playout device that supports stale manifest detection to switch from one manifest to the other, when the current manifest seems to be stale. There are still two destinations and two master manifests, but both master manifests reference the media files from both pipelines. DISABLED: The master manifest (.m3u8 file) for each pipeline includes information about its own pipeline only. For an HLS output group with MediaPackage as the destination, the DISABLED behavior is always followed. MediaPackage regenerates the manifests it serves to players, so a redundant manifest from MediaLive is irrelevant.", - "title": "RedundantManifest", + "ConfigurationType": { + "markdownDescription": "Describes whether the application uses Managed Service for Apache Flink' default checkpointing behavior. You must set this property to `CUSTOM` in order to set the `CheckpointingEnabled` , `CheckpointInterval` , or `MinPauseBetweenCheckpoints` parameters.\n\n> If this value is set to `DEFAULT` , the application will use the following values, even if they are set to other values using APIs or application code:\n> \n> - *CheckpointingEnabled:* true\n> - *CheckpointInterval:* 60000\n> - *MinPauseBetweenCheckpoints:* 5000", + "title": "ConfigurationType", "type": "string" }, - "SegmentLength": { - "markdownDescription": "The length of the MPEG-2 Transport Stream segments to create, in seconds. Note that segments will end on the next keyframe after this number of seconds, so the actual segment length might be longer.", - "title": "SegmentLength", + "MinPauseBetweenCheckpoints": { + "markdownDescription": "Describes the minimum time in milliseconds after a checkpoint operation completes that a new checkpoint operation can start. If a checkpoint operation takes longer than the `CheckpointInterval` , the application otherwise performs continual checkpoint operations. For more information, see [Tuning Checkpointing](https://docs.aws.amazon.com/https://nightlies.apache.org/flink/flink-docs-master/docs/ops/state/large_state_tuning/#tuning-checkpointing) in the [Apache Flink Documentation](https://docs.aws.amazon.com/https://nightlies.apache.org/flink/flink-docs-master) .\n\n> If `CheckpointConfiguration.ConfigurationType` is `DEFAULT` , the application will use a `MinPauseBetweenCheckpoints` value of 5000, even if this value is set using this API or in application code.", + "title": "MinPauseBetweenCheckpoints", "type": "number" + } + }, + "required": [ + "ConfigurationType" + ], + "type": "object" + }, + "AWS::KinesisAnalyticsV2::Application.CodeContent": { + "additionalProperties": false, + "properties": { + "S3ContentLocation": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.S3ContentLocation", + "markdownDescription": "Information about the Amazon S3 bucket that contains the application code.", + "title": "S3ContentLocation" }, - "SegmentationMode": { - "markdownDescription": "useInputSegmentation has been deprecated. The configured segment size is always used.", - "title": "SegmentationMode", + "TextContent": { + "markdownDescription": "The text-format code for a Managed Service for Apache Flink application.", + "title": "TextContent", "type": "string" }, - "SegmentsPerSubdirectory": { - "markdownDescription": "The number of segments to write to a subdirectory before starting a new one. For this setting to have an effect, directoryStructure must be subdirectoryPerStream.", - "title": "SegmentsPerSubdirectory", - "type": "number" - }, - "StreamInfResolution": { - "markdownDescription": "The include or exclude RESOLUTION attribute for a video in the EXT-X-STREAM-INF tag of a variant manifest.", - "title": "StreamInfResolution", + "ZipFileContent": { + "markdownDescription": "The zip-format code for a Managed Service for Apache Flink application.", + "title": "ZipFileContent", "type": "string" - }, - "TimedMetadataId3Frame": { - "markdownDescription": "Indicates the ID3 frame that has the timecode.", - "title": "TimedMetadataId3Frame", + } + }, + "type": "object" + }, + "AWS::KinesisAnalyticsV2::Application.CustomArtifactConfiguration": { + "additionalProperties": false, + "properties": { + "ArtifactType": { + "markdownDescription": "Set this to either `UDF` or `DEPENDENCY_JAR` . `UDF` stands for user-defined functions. This type of artifact must be in an S3 bucket. A `DEPENDENCY_JAR` can be in either Maven or an S3 bucket.", + "title": "ArtifactType", "type": "string" }, - "TimedMetadataId3Period": { - "markdownDescription": "The timed metadata interval, in seconds.", - "title": "TimedMetadataId3Period", - "type": "number" - }, - "TimestampDeltaMilliseconds": { - "markdownDescription": "Provides an extra millisecond delta offset to fine tune the timestamps.", - "title": "TimestampDeltaMilliseconds", - "type": "number" + "MavenReference": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.MavenReference", + "markdownDescription": "The parameters required to fully specify a Maven reference.", + "title": "MavenReference" }, - "TsFileMode": { - "markdownDescription": "SEGMENTEDFILES: Emits the program as segments -multiple .ts media files. SINGLEFILE: Applies only if the Mode field is VOD. Emits the program as a single .ts media file. The media manifest includes #EXT-X-BYTERANGE tags to index segments for playback. A typical use for this value is when sending the output to AWS Elemental MediaConvert, which can accept only a single media file. Playback while the channel is running is not guaranteed due to HTTP server caching.", - "title": "TsFileMode", - "type": "string" + "S3ContentLocation": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.S3ContentLocation", + "markdownDescription": "The location of the custom artifacts.", + "title": "S3ContentLocation" + } + }, + "required": [ + "ArtifactType" + ], + "type": "object" + }, + "AWS::KinesisAnalyticsV2::Application.DeployAsApplicationConfiguration": { + "additionalProperties": false, + "properties": { + "S3ContentLocation": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.S3ContentBaseLocation", + "markdownDescription": "The description of an Amazon S3 object that contains the Amazon Data Analytics application, including the Amazon Resource Name (ARN) of the S3 bucket, the name of the Amazon S3 object that contains the data, and the version number of the Amazon S3 object that contains the data.", + "title": "S3ContentLocation" } }, + "required": [ + "S3ContentLocation" + ], "type": "object" }, - "AWS::MediaLive::Channel.HlsInputSettings": { + "AWS::KinesisAnalyticsV2::Application.EnvironmentProperties": { "additionalProperties": false, "properties": { - "Bandwidth": { - "markdownDescription": "When specified, the HLS stream with the m3u8 bandwidth that most closely matches this value is chosen. Otherwise, the highest bandwidth stream in the m3u8 is chosen. The bitrate is specified in bits per second, as in an HLS manifest.", - "title": "Bandwidth", - "type": "number" - }, - "BufferSegments": { - "markdownDescription": "When specified, reading of the HLS input begins this many buffer segments from the end (most recently written segment). When not specified, the HLS input begins with the first segment specified in the m3u8.", - "title": "BufferSegments", - "type": "number" - }, - "Retries": { - "markdownDescription": "The number of consecutive times that attempts to read a manifest or segment must fail before the input is considered unavailable.", - "title": "Retries", - "type": "number" - }, - "RetryInterval": { - "markdownDescription": "The number of seconds between retries when an attempt to read a manifest or segment fails.", - "title": "RetryInterval", - "type": "number" - }, - "Scte35Source": { - "markdownDescription": "Identifies the source for the SCTE-35 messages that MediaLive will ingest. Messages can be ingested from the content segments (in the stream) or from tags in the playlist (the HLS manifest). MediaLive ignores SCTE-35 information in the source that is not selected.", - "title": "Scte35Source", - "type": "string" + "PropertyGroups": { + "items": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.PropertyGroup" + }, + "markdownDescription": "Describes the execution property groups.", + "title": "PropertyGroups", + "type": "array" } }, "type": "object" }, - "AWS::MediaLive::Channel.HlsMediaStoreSettings": { + "AWS::KinesisAnalyticsV2::Application.FlinkApplicationConfiguration": { "additionalProperties": false, "properties": { - "ConnectionRetryInterval": { - "markdownDescription": "The number of seconds to wait before retrying a connection to the CDN if the connection is lost.", - "title": "ConnectionRetryInterval", - "type": "number" - }, - "FilecacheDuration": { - "markdownDescription": "The size, in seconds, of the file cache for streaming outputs.", - "title": "FilecacheDuration", - "type": "number" - }, - "MediaStoreStorageClass": { - "markdownDescription": "When set to temporal, output files are stored in non-persistent memory for faster reading and writing.", - "title": "MediaStoreStorageClass", - "type": "string" + "CheckpointConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.CheckpointConfiguration", + "markdownDescription": "Describes an application's checkpointing configuration. Checkpointing is the process of persisting application state for fault tolerance. For more information, see [Checkpoints for Fault Tolerance](https://docs.aws.amazon.com/https://ci.apache.org/projects/flink/flink-docs-release-1.8/concepts/programming-model.html#checkpoints-for-fault-tolerance) in the [Apache Flink Documentation](https://docs.aws.amazon.com/https://ci.apache.org/projects/flink/flink-docs-release-1.8/) .", + "title": "CheckpointConfiguration" }, - "NumRetries": { - "markdownDescription": "The number of retry attempts that are made before the channel is put into an error state.", - "title": "NumRetries", - "type": "number" + "MonitoringConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.MonitoringConfiguration", + "markdownDescription": "Describes configuration parameters for Amazon CloudWatch logging for an application.", + "title": "MonitoringConfiguration" }, - "RestartDelay": { - "markdownDescription": "If a streaming output fails, the number of seconds to wait until a restart is initiated. A value of 0 means never restart.", - "title": "RestartDelay", - "type": "number" + "ParallelismConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ParallelismConfiguration", + "markdownDescription": "Describes parameters for how an application executes multiple tasks simultaneously.", + "title": "ParallelismConfiguration" } }, "type": "object" }, - "AWS::MediaLive::Channel.HlsOutputSettings": { + "AWS::KinesisAnalyticsV2::Application.FlinkRunConfiguration": { "additionalProperties": false, "properties": { - "H265PackagingType": { - "markdownDescription": "Only applicable when this output is referencing an H.265 video description.\nSpecifies whether MP4 segments should be packaged as HEV1 or HVC1.", - "title": "H265PackagingType", + "AllowNonRestoredState": { + "markdownDescription": "When restoring from a snapshot, specifies whether the runtime is allowed to skip a state that cannot be mapped to the new program. This will happen if the program is updated between snapshots to remove stateful parameters, and state data in the snapshot no longer corresponds to valid application data. For more information, see [Allowing Non-Restored State](https://docs.aws.amazon.com/https://nightlies.apache.org/flink/flink-docs-master/docs/ops/state/savepoints/#allowing-non-restored-state) in the [Apache Flink documentation](https://docs.aws.amazon.com/https://nightlies.apache.org/flink/flink-docs-master) .\n\n> This value defaults to `false` . If you update your application without specifying this parameter, `AllowNonRestoredState` will be set to `false` , even if it was previously set to `true` .", + "title": "AllowNonRestoredState", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::KinesisAnalyticsV2::Application.GlueDataCatalogConfiguration": { + "additionalProperties": false, + "properties": { + "DatabaseARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the database.", + "title": "DatabaseARN", "type": "string" + } + }, + "type": "object" + }, + "AWS::KinesisAnalyticsV2::Application.Input": { + "additionalProperties": false, + "properties": { + "InputParallelism": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.InputParallelism", + "markdownDescription": "Describes the number of in-application streams to create.", + "title": "InputParallelism" }, - "HlsSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.HlsSettings", - "markdownDescription": "The settings regarding the underlying stream. These settings are different for audio-only outputs.", - "title": "HlsSettings" + "InputProcessingConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.InputProcessingConfiguration", + "markdownDescription": "The [InputProcessingConfiguration](https://docs.aws.amazon.com/managed-flink/latest/apiv2/API_InputProcessingConfiguration.html) for the input. An input processor transforms records as they are received from the stream, before the application's SQL code executes. Currently, the only input processing configuration available is [InputLambdaProcessor](https://docs.aws.amazon.com/managed-flink/latest/apiv2/API_InputLambdaProcessor.html) .", + "title": "InputProcessingConfiguration" }, - "NameModifier": { - "markdownDescription": "A string that is concatenated to the end of the destination file name. Accepts \\\"Format Identifiers\\\":#formatIdentifierParameters.", - "title": "NameModifier", - "type": "string" + "InputSchema": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.InputSchema", + "markdownDescription": "Describes the format of the data in the streaming source, and how each data element maps to corresponding columns in the in-application stream that is being created.\n\nAlso used to describe the format of the reference data source.", + "title": "InputSchema" }, - "SegmentModifier": { - "markdownDescription": "A string that is concatenated to the end of segment file names.", - "title": "SegmentModifier", + "KinesisFirehoseInput": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.KinesisFirehoseInput", + "markdownDescription": "If the streaming source is an Amazon Kinesis Data Firehose delivery stream, identifies the delivery stream's ARN.", + "title": "KinesisFirehoseInput" + }, + "KinesisStreamsInput": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.KinesisStreamsInput", + "markdownDescription": "If the streaming source is an Amazon Kinesis data stream, identifies the stream's Amazon Resource Name (ARN).", + "title": "KinesisStreamsInput" + }, + "NamePrefix": { + "markdownDescription": "The name prefix to use when creating an in-application stream. Suppose that you specify a prefix \" `MyInApplicationStream` .\" Kinesis Data Analytics then creates one or more (as per the `InputParallelism` count you specified) in-application streams with the names \" `MyInApplicationStream_001` ,\" \" `MyInApplicationStream_002` ,\" and so on.", + "title": "NamePrefix", "type": "string" } }, + "required": [ + "InputSchema", + "NamePrefix" + ], "type": "object" }, - "AWS::MediaLive::Channel.HlsS3Settings": { + "AWS::KinesisAnalyticsV2::Application.InputLambdaProcessor": { "additionalProperties": false, "properties": { - "CannedAcl": { - "markdownDescription": "Specify the canned ACL to apply to each S3 request. Defaults to none.", - "title": "CannedAcl", + "ResourceARN": { + "markdownDescription": "The ARN of the Amazon Lambda function that operates on records in the stream.\n\n> To specify an earlier version of the Lambda function than the latest, include the Lambda function version in the Lambda function ARN. For more information about Lambda ARNs, see [Example ARNs: Amazon Lambda](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-lambda)", + "title": "ResourceARN", "type": "string" } }, + "required": [ + "ResourceARN" + ], "type": "object" }, - "AWS::MediaLive::Channel.HlsSettings": { + "AWS::KinesisAnalyticsV2::Application.InputParallelism": { "additionalProperties": false, "properties": { - "AudioOnlyHlsSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioOnlyHlsSettings", - "markdownDescription": "The settings for an audio-only output.", - "title": "AudioOnlyHlsSettings" - }, - "Fmp4HlsSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Fmp4HlsSettings", - "markdownDescription": "The settings for an fMP4 container.", - "title": "Fmp4HlsSettings" - }, - "FrameCaptureHlsSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.FrameCaptureHlsSettings", - "markdownDescription": "Settings for a frame capture output in an HLS output group.", - "title": "FrameCaptureHlsSettings" - }, - "StandardHlsSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.StandardHlsSettings", - "markdownDescription": "The settings for a standard output (an output that is not audio-only).", - "title": "StandardHlsSettings" + "Count": { + "markdownDescription": "The number of in-application streams to create.", + "title": "Count", + "type": "number" } }, "type": "object" }, - "AWS::MediaLive::Channel.HlsWebdavSettings": { + "AWS::KinesisAnalyticsV2::Application.InputProcessingConfiguration": { "additionalProperties": false, "properties": { - "ConnectionRetryInterval": { - "markdownDescription": "The number of seconds to wait before retrying a connection to the CDN if the connection is lost.", - "title": "ConnectionRetryInterval", - "type": "number" - }, - "FilecacheDuration": { - "markdownDescription": "The size, in seconds, of the file cache for streaming outputs.", - "title": "FilecacheDuration", - "type": "number" + "InputLambdaProcessor": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.InputLambdaProcessor", + "markdownDescription": "The [InputLambdaProcessor](https://docs.aws.amazon.com/managed-flink/latest/apiv2/API_InputLambdaProcessor.html) that is used to preprocess the records in the stream before being processed by your application code.", + "title": "InputLambdaProcessor" + } + }, + "type": "object" + }, + "AWS::KinesisAnalyticsV2::Application.InputSchema": { + "additionalProperties": false, + "properties": { + "RecordColumns": { + "items": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.RecordColumn" + }, + "markdownDescription": "A list of `RecordColumn` objects.", + "title": "RecordColumns", + "type": "array" }, - "HttpTransferMode": { - "markdownDescription": "Specifies whether to use chunked transfer encoding to WebDAV.", - "title": "HttpTransferMode", + "RecordEncoding": { + "markdownDescription": "Specifies the encoding of the records in the streaming source. For example, UTF-8.", + "title": "RecordEncoding", "type": "string" }, - "NumRetries": { - "markdownDescription": "The number of retry attempts that are made before the channel is put into an error state.", - "title": "NumRetries", - "type": "number" - }, - "RestartDelay": { - "markdownDescription": "If a streaming output fails, the number of seconds to wait until a restart is initiated. A value of 0 means never restart.", - "title": "RestartDelay", - "type": "number" + "RecordFormat": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.RecordFormat", + "markdownDescription": "Specifies the format of the records on the streaming source.", + "title": "RecordFormat" } }, + "required": [ + "RecordColumns", + "RecordFormat" + ], "type": "object" }, - "AWS::MediaLive::Channel.HtmlMotionGraphicsSettings": { + "AWS::KinesisAnalyticsV2::Application.JSONMappingParameters": { "additionalProperties": false, - "properties": {}, + "properties": { + "RecordRowPath": { + "markdownDescription": "The path to the top-level parent that contains the records.", + "title": "RecordRowPath", + "type": "string" + } + }, + "required": [ + "RecordRowPath" + ], "type": "object" }, - "AWS::MediaLive::Channel.InputAttachment": { + "AWS::KinesisAnalyticsV2::Application.KinesisFirehoseInput": { "additionalProperties": false, "properties": { - "AutomaticInputFailoverSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AutomaticInputFailoverSettings", - "markdownDescription": "Settings to implement automatic input failover in this input.", - "title": "AutomaticInputFailoverSettings" - }, - "InputAttachmentName": { - "markdownDescription": "A name for the attachment. This is required if you want to use this input in an input switch action.", - "title": "InputAttachmentName", + "ResourceARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the delivery stream.", + "title": "ResourceARN", "type": "string" - }, - "InputId": { - "markdownDescription": "The ID of the input to attach.", - "title": "InputId", + } + }, + "required": [ + "ResourceARN" + ], + "type": "object" + }, + "AWS::KinesisAnalyticsV2::Application.KinesisStreamsInput": { + "additionalProperties": false, + "properties": { + "ResourceARN": { + "markdownDescription": "The ARN of the input Kinesis data stream to read.", + "title": "ResourceARN", "type": "string" - }, - "InputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputSettings", - "markdownDescription": "Information about the content to extract from the input and about the general handling of the content.", - "title": "InputSettings" } }, + "required": [ + "ResourceARN" + ], "type": "object" }, - "AWS::MediaLive::Channel.InputChannelLevel": { + "AWS::KinesisAnalyticsV2::Application.MappingParameters": { "additionalProperties": false, "properties": { - "Gain": { - "markdownDescription": "The remixing value. Units are in dB, and acceptable values are within the range from -60 (mute) to 6 dB.", - "title": "Gain", - "type": "number" + "CSVMappingParameters": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.CSVMappingParameters", + "markdownDescription": "Provides additional mapping information when the record format uses delimiters (for example, CSV).", + "title": "CSVMappingParameters" }, - "InputChannel": { - "markdownDescription": "The index of the input channel that is used as a source.", - "title": "InputChannel", - "type": "number" + "JSONMappingParameters": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.JSONMappingParameters", + "markdownDescription": "Provides additional mapping information when JSON is the record format on the streaming source.", + "title": "JSONMappingParameters" } }, "type": "object" }, - "AWS::MediaLive::Channel.InputLocation": { + "AWS::KinesisAnalyticsV2::Application.MavenReference": { "additionalProperties": false, "properties": { - "PasswordParam": { - "markdownDescription": "The password parameter that holds the password for accessing the downstream system. This applies only if the downstream system requires credentials.", - "title": "PasswordParam", + "ArtifactId": { + "markdownDescription": "The artifact ID of the Maven reference.", + "title": "ArtifactId", "type": "string" }, - "Uri": { - "markdownDescription": "The URI should be a path to a file that is accessible to the Live system (for example, an http:// URI) depending on the output type. For example, an RTMP destination should have a URI similar to rtmp://fmsserver/live.", - "title": "Uri", + "GroupId": { + "markdownDescription": "The group ID of the Maven reference.", + "title": "GroupId", "type": "string" }, - "Username": { - "markdownDescription": "The user name to connect to the downstream system. This applies only if the downstream system requires credentials.", - "title": "Username", + "Version": { + "markdownDescription": "The version of the Maven reference.", + "title": "Version", "type": "string" } }, + "required": [ + "ArtifactId", + "GroupId", + "Version" + ], "type": "object" }, - "AWS::MediaLive::Channel.InputLossBehavior": { + "AWS::KinesisAnalyticsV2::Application.MonitoringConfiguration": { "additionalProperties": false, "properties": { - "BlackFrameMsec": { - "markdownDescription": "On input loss, the number of milliseconds to substitute black into the output before switching to the frame specified by inputLossImageType. A value x, where 0 <= x <= 1,000,000 and a value of 1,000,000, is interpreted as infinite.", - "title": "BlackFrameMsec", - "type": "number" - }, - "InputLossImageColor": { - "markdownDescription": "When the input loss image type is \"color,\" this field specifies the color to use. Value: 6 hex characters that represent the values of RGB.", - "title": "InputLossImageColor", + "ConfigurationType": { + "markdownDescription": "Describes whether to use the default CloudWatch logging configuration for an application. You must set this property to `CUSTOM` in order to set the `LogLevel` or `MetricsLevel` parameters.", + "title": "ConfigurationType", "type": "string" }, - "InputLossImageSlate": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", - "markdownDescription": "When the input loss image type is \"slate,\" these fields specify the parameters for accessing the slate.", - "title": "InputLossImageSlate" - }, - "InputLossImageType": { - "markdownDescription": "Indicates whether to substitute a solid color or a slate into the output after the input loss exceeds blackFrameMsec.", - "title": "InputLossImageType", + "LogLevel": { + "markdownDescription": "Describes the verbosity of the CloudWatch Logs for an application.", + "title": "LogLevel", "type": "string" }, - "RepeatFrameMsec": { - "markdownDescription": "On input loss, the number of milliseconds to repeat the previous picture before substituting black into the output. A value x, where 0 <= x <= 1,000,000 and a value of 1,000,000, is interpreted as infinite.", - "title": "RepeatFrameMsec", - "type": "number" + "MetricsLevel": { + "markdownDescription": "Describes the granularity of the CloudWatch Logs for an application. The `Parallelism` level is not recommended for applications with a Parallelism over 64 due to excessive costs.", + "title": "MetricsLevel", + "type": "string" } }, + "required": [ + "ConfigurationType" + ], "type": "object" }, - "AWS::MediaLive::Channel.InputLossFailoverSettings": { + "AWS::KinesisAnalyticsV2::Application.ParallelismConfiguration": { "additionalProperties": false, "properties": { - "InputLossThresholdMsec": { - "markdownDescription": "The amount of time (in milliseconds) that no input is detected. After that time, an input failover will occur.", - "title": "InputLossThresholdMsec", + "AutoScalingEnabled": { + "markdownDescription": "Describes whether the Managed Service for Apache Flink service can increase the parallelism of the application in response to increased throughput.", + "title": "AutoScalingEnabled", + "type": "boolean" + }, + "ConfigurationType": { + "markdownDescription": "Describes whether the application uses the default parallelism for the Managed Service for Apache Flink service. You must set this property to `CUSTOM` in order to change your application's `AutoScalingEnabled` , `Parallelism` , or `ParallelismPerKPU` properties.", + "title": "ConfigurationType", + "type": "string" + }, + "Parallelism": { + "markdownDescription": "Describes the initial number of parallel tasks that a Java-based Kinesis Data Analytics application can perform. The Kinesis Data Analytics service can increase this number automatically if [ParallelismConfiguration:AutoScalingEnabled](https://docs.aws.amazon.com/managed-flink/latest/apiv2/API_ParallelismConfiguration.html#kinesisanalytics-Type-ParallelismConfiguration-AutoScalingEnabled.html) is set to `true` .", + "title": "Parallelism", + "type": "number" + }, + "ParallelismPerKPU": { + "markdownDescription": "Describes the number of parallel tasks that a Java-based Kinesis Data Analytics application can perform per Kinesis Processing Unit (KPU) used by the application. For more information about KPUs, see [Amazon Kinesis Data Analytics Pricing](https://docs.aws.amazon.com/kinesis/data-analytics/pricing/) .", + "title": "ParallelismPerKPU", "type": "number" } }, + "required": [ + "ConfigurationType" + ], "type": "object" }, - "AWS::MediaLive::Channel.InputSettings": { + "AWS::KinesisAnalyticsV2::Application.PropertyGroup": { "additionalProperties": false, "properties": { - "AudioSelectors": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioSelector" - }, - "markdownDescription": "Information about the specific audio to extract from the input.\n\nThe parent of this entity is InputSettings.", - "title": "AudioSelectors", - "type": "array" + "PropertyGroupId": { + "markdownDescription": "Describes the key of an application execution property key-value pair.", + "title": "PropertyGroupId", + "type": "string" }, - "CaptionSelectors": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionSelector" + "PropertyMap": { + "additionalProperties": true, + "markdownDescription": "Describes the value of an application execution property key-value pair.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "Information about the specific captions to extract from the input.", - "title": "CaptionSelectors", - "type": "array" - }, - "DeblockFilter": { - "markdownDescription": "Enables or disables the deblock filter when filtering.", - "title": "DeblockFilter", + "title": "PropertyMap", + "type": "object" + } + }, + "type": "object" + }, + "AWS::KinesisAnalyticsV2::Application.RecordColumn": { + "additionalProperties": false, + "properties": { + "Mapping": { + "markdownDescription": "A reference to the data element in the streaming input or the reference data source.", + "title": "Mapping", "type": "string" }, - "DenoiseFilter": { - "markdownDescription": "Enables or disables the denoise filter when filtering.", - "title": "DenoiseFilter", + "Name": { + "markdownDescription": "The name of the column that is created in the in-application input stream or reference table.", + "title": "Name", "type": "string" }, - "FilterStrength": { - "markdownDescription": "Adjusts the magnitude of filtering from 1 (minimal) to 5 (strongest).", - "title": "FilterStrength", - "type": "number" - }, - "InputFilter": { - "markdownDescription": "Turns on the filter for this input. MPEG-2 inputs have the deblocking filter enabled by default. 1) auto - filtering is applied depending on input type/quality 2) disabled - no filtering is applied to the input 3) forced - filtering is applied regardless of the input type.", - "title": "InputFilter", + "SqlType": { + "markdownDescription": "The type of column created in the in-application input stream or reference table.", + "title": "SqlType", "type": "string" + } + }, + "required": [ + "Name", + "SqlType" + ], + "type": "object" + }, + "AWS::KinesisAnalyticsV2::Application.RecordFormat": { + "additionalProperties": false, + "properties": { + "MappingParameters": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.MappingParameters", + "markdownDescription": "When you configure application input at the time of creating or updating an application, provides additional mapping information specific to the record format (such as JSON, CSV, or record fields delimited by some delimiter) on the streaming source.", + "title": "MappingParameters" }, - "NetworkInputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.NetworkInputSettings", - "markdownDescription": "Information about how to connect to the upstream system.", - "title": "NetworkInputSettings" - }, - "Scte35Pid": { - "markdownDescription": "", - "title": "Scte35Pid", - "type": "number" - }, - "Smpte2038DataPreference": { - "markdownDescription": "Specifies whether to extract applicable ancillary data from a SMPTE-2038 source in this input. Applicable data types are captions, timecode, AFD, and SCTE-104 messages.\n- PREFER: Extract from SMPTE-2038 if present in this input, otherwise extract from another source (if any).\n- IGNORE: Never extract any ancillary data from SMPTE-2038.", - "title": "Smpte2038DataPreference", + "RecordFormatType": { + "markdownDescription": "The type of record format.", + "title": "RecordFormatType", "type": "string" + } + }, + "required": [ + "RecordFormatType" + ], + "type": "object" + }, + "AWS::KinesisAnalyticsV2::Application.RunConfiguration": { + "additionalProperties": false, + "properties": { + "ApplicationRestoreConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ApplicationRestoreConfiguration", + "markdownDescription": "Describes the restore behavior of a restarting application.", + "title": "ApplicationRestoreConfiguration" }, - "SourceEndBehavior": { - "markdownDescription": "The loop input if it is a file.", - "title": "SourceEndBehavior", + "FlinkRunConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.FlinkRunConfiguration", + "markdownDescription": "Describes the starting parameters for a Managed Service for Apache Flink application.", + "title": "FlinkRunConfiguration" + } + }, + "type": "object" + }, + "AWS::KinesisAnalyticsV2::Application.S3ContentBaseLocation": { + "additionalProperties": false, + "properties": { + "BasePath": { + "markdownDescription": "The base path for the S3 bucket.", + "title": "BasePath", "type": "string" }, - "VideoSelector": { - "$ref": "#/definitions/AWS::MediaLive::Channel.VideoSelector", - "markdownDescription": "Information about one video to extract from the input.", - "title": "VideoSelector" + "BucketARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the S3 bucket.", + "title": "BucketARN", + "type": "string" } }, + "required": [ + "BucketARN" + ], "type": "object" }, - "AWS::MediaLive::Channel.InputSpecification": { + "AWS::KinesisAnalyticsV2::Application.S3ContentLocation": { "additionalProperties": false, "properties": { - "Codec": { - "markdownDescription": "The codec to include in the input specification for this channel.", - "title": "Codec", + "BucketARN": { + "markdownDescription": "The Amazon Resource Name (ARN) for the S3 bucket containing the application code.", + "title": "BucketARN", "type": "string" }, - "MaximumBitrate": { - "markdownDescription": "The maximum input bitrate for any input attached to this channel.", - "title": "MaximumBitrate", + "FileKey": { + "markdownDescription": "The file key for the object containing the application code.", + "title": "FileKey", "type": "string" }, - "Resolution": { - "markdownDescription": "The resolution for any input attached to this channel.", - "title": "Resolution", + "ObjectVersion": { + "markdownDescription": "The version of the object containing the application code.", + "title": "ObjectVersion", "type": "string" } }, + "required": [ + "BucketARN", + "FileKey" + ], "type": "object" }, - "AWS::MediaLive::Channel.KeyProviderSettings": { + "AWS::KinesisAnalyticsV2::Application.SqlApplicationConfiguration": { "additionalProperties": false, "properties": { - "StaticKeySettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.StaticKeySettings", - "markdownDescription": "The configuration of static key settings.", - "title": "StaticKeySettings" + "Inputs": { + "items": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.Input" + }, + "markdownDescription": "The array of [Input](https://docs.aws.amazon.com/managed-flink/latest/apiv2/API_Input.html) objects describing the input streams used by the application.", + "title": "Inputs", + "type": "array" } }, "type": "object" }, - "AWS::MediaLive::Channel.M2tsSettings": { + "AWS::KinesisAnalyticsV2::Application.VpcConfiguration": { "additionalProperties": false, "properties": { - "AbsentInputAudioBehavior": { - "markdownDescription": "When set to drop, the output audio streams are removed from the program if the selected input audio stream is removed from the input. This allows the output audio configuration to dynamically change based on the input configuration. If this is set to encodeSilence, all output audio streams will output encoded silence when not connected to an active input stream.", - "title": "AbsentInputAudioBehavior", - "type": "string" + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The array of [SecurityGroup](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SecurityGroup.html) IDs used by the VPC configuration.", + "title": "SecurityGroupIds", + "type": "array" }, - "Arib": { - "markdownDescription": "When set to enabled, uses ARIB-compliant field muxing and removes video descriptor.", - "title": "Arib", - "type": "string" - }, - "AribCaptionsPid": { - "markdownDescription": "The PID for ARIB Captions in the transport stream. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", - "title": "AribCaptionsPid", - "type": "string" - }, - "AribCaptionsPidControl": { - "markdownDescription": "If set to auto, The PID number used for ARIB Captions will be auto-selected from unused PIDs. If set to useConfigured, ARIB captions will be on the configured PID number.", - "title": "AribCaptionsPidControl", - "type": "string" - }, - "AudioBufferModel": { - "markdownDescription": "When set to dvb, uses the DVB buffer model for Dolby Digital audio. When set to atsc, the ATSC model is used.", - "title": "AudioBufferModel", - "type": "string" - }, - "AudioFramesPerPes": { - "markdownDescription": "The number of audio frames to insert for each PES packet.", - "title": "AudioFramesPerPes", - "type": "number" - }, - "AudioPids": { - "markdownDescription": "The PID of the elementary audio streams in the transport stream. Multiple values are accepted, and can be entered in ranges or by comma separation. You can enter the value as a decimal or hexadecimal value. Each PID specified must be in the range of 32 (or 0x20)..8182 (or 0x1ff6).", - "title": "AudioPids", - "type": "string" - }, - "AudioStreamType": { - "markdownDescription": "When set to atsc, uses stream type = 0x81 for AC3 and stream type = 0x87 for EAC3. When set to dvb, uses stream type = 0x06.", - "title": "AudioStreamType", - "type": "string" - }, - "Bitrate": { - "markdownDescription": "The output bitrate of the transport stream in bits per second. Setting to 0 lets the muxer automatically determine the appropriate bitrate.", - "title": "Bitrate", - "type": "number" - }, - "BufferModel": { - "markdownDescription": "If set to multiplex, uses the multiplex buffer model for accurate interleaving. Setting to bufferModel to none can lead to lower latency, but low-memory devices might not be able to play back the stream without interruptions.", - "title": "BufferModel", - "type": "string" - }, - "CcDescriptor": { - "markdownDescription": "When set to enabled, generates captionServiceDescriptor in PMT.", - "title": "CcDescriptor", - "type": "string" - }, - "DvbNitSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.DvbNitSettings", - "markdownDescription": "Inserts a DVB Network Information Table (NIT) at the specified table repetition interval.", - "title": "DvbNitSettings" - }, - "DvbSdtSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.DvbSdtSettings", - "markdownDescription": "Inserts a DVB Service Description Table (SDT) at the specified table repetition interval.", - "title": "DvbSdtSettings" - }, - "DvbSubPids": { - "markdownDescription": "The PID for the input source DVB Subtitle data to this output. Multiple values are accepted, and can be entered in ranges and/or by comma separation. You can enter the value as a decimal or hexadecimal value. Each PID specified must be in the range of 32 (or 0x20)..8182 (or 0x1ff6).", - "title": "DvbSubPids", - "type": "string" - }, - "DvbTdtSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.DvbTdtSettings", - "markdownDescription": "Inserts DVB Time and Date Table (TDT) at the specified table repetition interval.", - "title": "DvbTdtSettings" - }, - "DvbTeletextPid": { - "markdownDescription": "The PID for the input source DVB Teletext data to this output. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", - "title": "DvbTeletextPid", - "type": "string" - }, - "Ebif": { - "markdownDescription": "If set to passthrough, passes any EBIF data from the input source to this output.", - "title": "Ebif", - "type": "string" - }, - "EbpAudioInterval": { - "markdownDescription": "When videoAndFixedIntervals is selected, audio EBP markers are added to partitions 3 and 4. The interval between these additional markers is fixed, and is slightly shorter than the video EBP marker interval. This is only available when EBP Cablelabs segmentation markers are selected. Partitions 1 and 2 always follow the video interval.", - "title": "EbpAudioInterval", - "type": "string" - }, - "EbpLookaheadMs": { - "markdownDescription": "When set, enforces that Encoder Boundary Points do not come within the specified time interval of each other by looking ahead at input video. If another EBP is going to come in within the specified time interval, the current EBP is not emitted, and the segment is \"stretched\" to the next marker. The lookahead value does not add latency to the system. The channel must be configured elsewhere to create sufficient latency to make the lookahead accurate.", - "title": "EbpLookaheadMs", - "type": "number" - }, - "EbpPlacement": { - "markdownDescription": "Controls placement of EBP on audio PIDs. If set to videoAndAudioPids, EBP markers are placed on the video PID and all audio PIDs. If set to videoPid, EBP markers are placed on only the video PID.", - "title": "EbpPlacement", - "type": "string" - }, - "EcmPid": { - "markdownDescription": "This field is unused and deprecated.", - "title": "EcmPid", - "type": "string" - }, - "EsRateInPes": { - "markdownDescription": "Includes or excludes the ES Rate field in the PES header.", - "title": "EsRateInPes", - "type": "string" - }, - "EtvPlatformPid": { - "markdownDescription": "The PID for the input source ETV Platform data to this output. You can enter it as a decimal or hexadecimal value. Valid values are 32 (or 0x20) to 8182 (or 0x1ff6).", - "title": "EtvPlatformPid", - "type": "string" - }, - "EtvSignalPid": { - "markdownDescription": "The PID for input source ETV Signal data to this output. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", - "title": "EtvSignalPid", - "type": "string" - }, - "FragmentTime": { - "markdownDescription": "The length in seconds of each fragment. This is used only with EBP markers.", - "title": "FragmentTime", - "type": "number" - }, - "Klv": { - "markdownDescription": "If set to passthrough, passes any KLV data from the input source to this output.", - "title": "Klv", - "type": "string" - }, - "KlvDataPids": { - "markdownDescription": "The PID for the input source KLV data to this output. Multiple values are accepted, and can be entered in ranges or by comma separation. You can enter the value as a decimal or hexadecimal value. Each PID specified must be in the range of 32 (or 0x20)..8182 (or 0x1ff6).", - "title": "KlvDataPids", - "type": "string" - }, - "NielsenId3Behavior": { - "markdownDescription": "If set to passthrough, Nielsen inaudible tones for media tracking will be detected in the input audio and an equivalent ID3 tag will be inserted in the output.", - "title": "NielsenId3Behavior", - "type": "string" - }, - "NullPacketBitrate": { - "markdownDescription": "The value, in bits per second, of extra null packets to insert into the transport stream. This can be used if a downstream encryption system requires periodic null packets.", - "title": "NullPacketBitrate", - "type": "number" - }, - "PatInterval": { - "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream. Valid values are 0, 10..1000.", - "title": "PatInterval", - "type": "number" - }, - "PcrControl": { - "markdownDescription": "When set to pcrEveryPesPacket, a Program Clock Reference value is inserted for every Packetized Elementary Stream (PES) header. This parameter is effective only when the PCR PID is the same as the video or audio elementary stream.", - "title": "PcrControl", - "type": "string" - }, - "PcrPeriod": { - "markdownDescription": "The maximum time, in milliseconds, between Program Clock References (PCRs) inserted into the transport stream.", - "title": "PcrPeriod", - "type": "number" - }, - "PcrPid": { - "markdownDescription": "The PID of the Program Clock Reference (PCR) in the transport stream. When no value is given, MediaLive assigns the same value as the video PID. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", - "title": "PcrPid", - "type": "string" - }, - "PmtInterval": { - "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream. Valid values are 0, 10..1000.", - "title": "PmtInterval", - "type": "number" - }, - "PmtPid": { - "markdownDescription": "The PID for the Program Map Table (PMT) in the transport stream. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", - "title": "PmtPid", - "type": "string" - }, - "ProgramNum": { - "markdownDescription": "The value of the program number field in the Program Map Table (PMT).", - "title": "ProgramNum", - "type": "number" - }, - "RateMode": { - "markdownDescription": "When VBR, does not insert null packets into the transport stream to fill the specified bitrate. The bitrate setting acts as the maximum bitrate when VBR is set.", - "title": "RateMode", - "type": "string" - }, - "Scte27Pids": { - "markdownDescription": "The PID for the input source SCTE-27 data to this output. Multiple values are accepted, and can be entered in ranges or by comma separation. You can enter the value as a decimal or hexadecimal value. Each PID specified must be in the range of 32 (or 0x20)..8182 (or 0x1ff6).", - "title": "Scte27Pids", - "type": "string" - }, - "Scte35Control": { - "markdownDescription": "Optionally passes SCTE-35 signals from the input source to this output.", - "title": "Scte35Control", - "type": "string" - }, - "Scte35Pid": { - "markdownDescription": "The PID of the SCTE-35 stream in the transport stream. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", - "title": "Scte35Pid", - "type": "string" - }, - "Scte35PrerollPullupMilliseconds": { - "markdownDescription": "", - "title": "Scte35PrerollPullupMilliseconds", - "type": "number" - }, - "SegmentationMarkers": { - "markdownDescription": "Inserts segmentation markers at each segmentationTime period. raiSegstart sets the Random Access Indicator bit in the adaptation field. raiAdapt sets the RAI bit and adds the current timecode in the private data bytes. psiSegstart inserts PAT and PMT tables at the start of segments. ebp adds Encoder Boundary Point information to the adaptation field as per OpenCable specification OC-SP-EBP-I01-130118. ebpLegacy adds Encoder Boundary Point information to the adaptation field using a legacy proprietary format.", - "title": "SegmentationMarkers", - "type": "string" - }, - "SegmentationStyle": { - "markdownDescription": "The segmentation style parameter controls how segmentation markers are inserted into the transport stream. With avails, it is possible that segments might be truncated, which can influence where future segmentation markers are inserted. When a segmentation style of resetCadence is selected and a segment is truncated due to an avail, we will reset the segmentation cadence. This means the subsequent segment will have a duration of $segmentationTime seconds. When a segmentation style of maintainCadence is selected and a segment is truncated due to an avail, we will not reset the segmentation cadence. This means the subsequent segment will likely be truncated as well. However, all segments after that will have a duration of $segmentationTime seconds. Note that EBP lookahead is a slight exception to this rule.", - "title": "SegmentationStyle", - "type": "string" - }, - "SegmentationTime": { - "markdownDescription": "The length, in seconds, of each segment. This is required unless markers is set to None_.", - "title": "SegmentationTime", - "type": "number" - }, - "TimedMetadataBehavior": { - "markdownDescription": "When set to passthrough, timed metadata is passed through from input to output.", - "title": "TimedMetadataBehavior", - "type": "string" - }, - "TimedMetadataPid": { - "markdownDescription": "The PID of the timed metadata stream in the transport stream. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", - "title": "TimedMetadataPid", - "type": "string" - }, - "TransportStreamId": { - "markdownDescription": "The value of the transport stream ID field in the Program Map Table (PMT).", - "title": "TransportStreamId", - "type": "number" - }, - "VideoPid": { - "markdownDescription": "The PID of the elementary video stream in the transport stream. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", - "title": "VideoPid", - "type": "string" + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The array of [Subnet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_Subnet.html) IDs used by the VPC configuration.", + "title": "SubnetIds", + "type": "array" } }, + "required": [ + "SecurityGroupIds", + "SubnetIds" + ], "type": "object" }, - "AWS::MediaLive::Channel.M3u8Settings": { + "AWS::KinesisAnalyticsV2::Application.ZeppelinApplicationConfiguration": { "additionalProperties": false, "properties": { - "AudioFramesPerPes": { - "markdownDescription": "The number of audio frames to insert for each PES packet.", - "title": "AudioFramesPerPes", - "type": "number" - }, - "AudioPids": { - "markdownDescription": "The PID of the elementary audio streams in the transport stream. Multiple values are accepted, and can be entered in ranges or by comma separation. You can enter the value as a decimal or hexadecimal value.", - "title": "AudioPids", - "type": "string" - }, - "EcmPid": { - "markdownDescription": "This parameter is unused and deprecated.", - "title": "EcmPid", - "type": "string" - }, - "KlvBehavior": { - "markdownDescription": "", - "title": "KlvBehavior", - "type": "string" - }, - "KlvDataPids": { - "markdownDescription": "", - "title": "KlvDataPids", - "type": "string" - }, - "NielsenId3Behavior": { - "markdownDescription": "If set to passthrough, Nielsen inaudible tones for media tracking will be detected in the input audio and an equivalent ID3 tag will be inserted in the output.", - "title": "NielsenId3Behavior", - "type": "string" - }, - "PatInterval": { - "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream. A value of \\\"0\\\" writes out the PMT once per segment file.", - "title": "PatInterval", - "type": "number" - }, - "PcrControl": { - "markdownDescription": "When set to pcrEveryPesPacket, a Program Clock Reference value is inserted for every Packetized Elementary Stream (PES) header. This parameter is effective only when the PCR PID is the same as the video or audio elementary stream.", - "title": "PcrControl", - "type": "string" - }, - "PcrPeriod": { - "markdownDescription": "The maximum time, in milliseconds, between Program Clock References (PCRs) inserted into the transport stream.", - "title": "PcrPeriod", - "type": "number" - }, - "PcrPid": { - "markdownDescription": "The PID of the Program Clock Reference (PCR) in the transport stream. When no value is given, MediaLive assigns the same value as the video PID. You can enter the value as a decimal or hexadecimal value.", - "title": "PcrPid", - "type": "string" - }, - "PmtInterval": { - "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream. A value of \\\"0\\\" writes out the PMT once per segment file.", - "title": "PmtInterval", - "type": "number" - }, - "PmtPid": { - "markdownDescription": "The PID for the Program Map Table (PMT) in the transport stream. You can enter the value as a decimal or hexadecimal value.", - "title": "PmtPid", - "type": "string" - }, - "ProgramNum": { - "markdownDescription": "The value of the program number field in the Program Map Table (PMT).", - "title": "ProgramNum", - "type": "number" - }, - "Scte35Behavior": { - "markdownDescription": "If set to passthrough, passes any SCTE-35 signals from the input source to this output.", - "title": "Scte35Behavior", - "type": "string" - }, - "Scte35Pid": { - "markdownDescription": "The PID of the SCTE-35 stream in the transport stream. You can enter the value as a decimal or hexadecimal value.", - "title": "Scte35Pid", - "type": "string" - }, - "TimedMetadataBehavior": { - "markdownDescription": "When set to passthrough, timed metadata is passed through from input to output.", - "title": "TimedMetadataBehavior", - "type": "string" + "CatalogConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.CatalogConfiguration", + "markdownDescription": "The Amazon Glue Data Catalog that you use in queries in a Kinesis Data Analytics Studio notebook.", + "title": "CatalogConfiguration" }, - "TimedMetadataPid": { - "markdownDescription": "The PID of the timed metadata stream in the transport stream. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", - "title": "TimedMetadataPid", - "type": "string" + "CustomArtifactsConfiguration": { + "items": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.CustomArtifactConfiguration" + }, + "markdownDescription": "A list of `CustomArtifactConfiguration` objects.", + "title": "CustomArtifactsConfiguration", + "type": "array" }, - "TransportStreamId": { - "markdownDescription": "The value of the transport stream ID field in the Program Map Table (PMT).", - "title": "TransportStreamId", - "type": "number" + "DeployAsApplicationConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.DeployAsApplicationConfiguration", + "markdownDescription": "The information required to deploy a Kinesis Data Analytics Studio notebook as an application with durable state.", + "title": "DeployAsApplicationConfiguration" }, - "VideoPid": { - "markdownDescription": "The PID of the elementary video stream in the transport stream. You can enter the value as a decimal or hexadecimal value.", - "title": "VideoPid", - "type": "string" + "MonitoringConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ZeppelinMonitoringConfiguration", + "markdownDescription": "The monitoring configuration of a Kinesis Data Analytics Studio notebook.", + "title": "MonitoringConfiguration" } }, "type": "object" }, - "AWS::MediaLive::Channel.MaintenanceCreateSettings": { + "AWS::KinesisAnalyticsV2::Application.ZeppelinMonitoringConfiguration": { "additionalProperties": false, "properties": { - "MaintenanceDay": { - "markdownDescription": "Choose one day of the week for maintenance. The chosen day is used for all future maintenance windows.", - "title": "MaintenanceDay", - "type": "string" - }, - "MaintenanceStartTime": { - "markdownDescription": "Choose the hour that maintenance will start. The chosen time is used for all future maintenance windows.", - "title": "MaintenanceStartTime", + "LogLevel": { + "markdownDescription": "The verbosity of the CloudWatch Logs for an application. You can set it to `INFO` , `WARN` , `ERROR` , or `DEBUG` .", + "title": "LogLevel", "type": "string" } }, "type": "object" }, - "AWS::MediaLive::Channel.MaintenanceUpdateSettings": { + "AWS::KinesisAnalyticsV2::ApplicationCloudWatchLoggingOption": { "additionalProperties": false, "properties": { - "MaintenanceDay": { + "Condition": { "type": "string" }, - "MaintenanceScheduledDate": { + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "MaintenanceStartTime": { + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationName": { + "markdownDescription": "The name of the application.", + "title": "ApplicationName", + "type": "string" + }, + "CloudWatchLoggingOption": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationCloudWatchLoggingOption.CloudWatchLoggingOption", + "markdownDescription": "Provides a description of Amazon CloudWatch logging options, including the log stream Amazon Resource Name (ARN).", + "title": "CloudWatchLoggingOption" + } + }, + "required": [ + "ApplicationName", + "CloudWatchLoggingOption" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::KinesisAnalyticsV2::ApplicationCloudWatchLoggingOption" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::MediaLive::Channel.MediaPackageGroupSettings": { + "AWS::KinesisAnalyticsV2::ApplicationCloudWatchLoggingOption.CloudWatchLoggingOption": { "additionalProperties": false, "properties": { - "Destination": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", - "markdownDescription": "The MediaPackage channel destination.", - "title": "Destination" + "LogStreamARN": { + "markdownDescription": "The ARN of the CloudWatch log to receive application messages.", + "title": "LogStreamARN", + "type": "string" } }, + "required": [ + "LogStreamARN" + ], "type": "object" }, - "AWS::MediaLive::Channel.MediaPackageOutputDestinationSettings": { + "AWS::KinesisAnalyticsV2::ApplicationOutput": { "additionalProperties": false, "properties": { - "ChannelId": { - "markdownDescription": "The ID of the channel in MediaPackage that is the destination for this output group. You don't need to specify the individual inputs in MediaPackage; MediaLive handles the connection of the two MediaLive pipelines to the two MediaPackage inputs. The MediaPackage channel and MediaLive channel must be in the same Region.", - "title": "ChannelId", + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationName": { + "markdownDescription": "The name of the application.", + "title": "ApplicationName", + "type": "string" + }, + "Output": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationOutput.Output", + "markdownDescription": "Describes a SQL-based Kinesis Data Analytics application's output configuration, in which you identify an in-application stream and a destination where you want the in-application stream data to be written. The destination can be a Kinesis data stream or a Kinesis Data Firehose delivery stream.", + "title": "Output" + } + }, + "required": [ + "ApplicationName", + "Output" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::KinesisAnalyticsV2::ApplicationOutput" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::MediaLive::Channel.MediaPackageOutputSettings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.MotionGraphicsConfiguration": { + "AWS::KinesisAnalyticsV2::ApplicationOutput.DestinationSchema": { "additionalProperties": false, "properties": { - "MotionGraphicsInsertion": { - "markdownDescription": "Enables or disables the motion graphics overlay feature in the channel.", - "title": "MotionGraphicsInsertion", + "RecordFormatType": { + "markdownDescription": "Specifies the format of the records on the output stream.", + "title": "RecordFormatType", "type": "string" - }, - "MotionGraphicsSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.MotionGraphicsSettings", - "markdownDescription": "Settings to enable and configure the motion graphics overlay feature in the channel.", - "title": "MotionGraphicsSettings" } }, "type": "object" }, - "AWS::MediaLive::Channel.MotionGraphicsSettings": { + "AWS::KinesisAnalyticsV2::ApplicationOutput.KinesisFirehoseOutput": { "additionalProperties": false, "properties": { - "HtmlMotionGraphicsSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.HtmlMotionGraphicsSettings", - "markdownDescription": "Settings to configure the motion graphics overlay to use an HTML asset.", - "title": "HtmlMotionGraphicsSettings" + "ResourceARN": { + "markdownDescription": "The ARN of the destination delivery stream to write to.", + "title": "ResourceARN", + "type": "string" } }, + "required": [ + "ResourceARN" + ], "type": "object" }, - "AWS::MediaLive::Channel.Mp2Settings": { + "AWS::KinesisAnalyticsV2::ApplicationOutput.KinesisStreamsOutput": { "additionalProperties": false, "properties": { - "Bitrate": { - "markdownDescription": "The average bitrate in bits/second.", - "title": "Bitrate", - "type": "number" - }, - "CodingMode": { - "markdownDescription": "The MPEG2 Audio coding mode. Valid values are codingMode10 (for mono) or codingMode20 (for stereo).", - "title": "CodingMode", + "ResourceARN": { + "markdownDescription": "The ARN of the destination Kinesis data stream to write to.", + "title": "ResourceARN", "type": "string" - }, - "SampleRate": { - "markdownDescription": "The sample rate in Hz.", - "title": "SampleRate", - "type": "number" } }, + "required": [ + "ResourceARN" + ], "type": "object" }, - "AWS::MediaLive::Channel.Mpeg2FilterSettings": { + "AWS::KinesisAnalyticsV2::ApplicationOutput.LambdaOutput": { "additionalProperties": false, "properties": { - "TemporalFilterSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.TemporalFilterSettings", - "markdownDescription": "Settings for applying the temporal filter to the video.", - "title": "TemporalFilterSettings" + "ResourceARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the destination Lambda function to write to.\n\n> To specify an earlier version of the Lambda function than the latest, include the Lambda function version in the Lambda function ARN. For more information about Lambda ARNs, see [Example ARNs: Amazon Lambda](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-lambda)", + "title": "ResourceARN", + "type": "string" } }, + "required": [ + "ResourceARN" + ], "type": "object" }, - "AWS::MediaLive::Channel.Mpeg2Settings": { + "AWS::KinesisAnalyticsV2::ApplicationOutput.Output": { "additionalProperties": false, "properties": { - "AdaptiveQuantization": { - "markdownDescription": "Choose Off to disable adaptive quantization. Or choose another value to enable the quantizer and set its strength. The strengths are: Auto, Off, Low, Medium, High. When you enable this field, MediaLive allows intra-frame quantizers to vary, which might improve visual quality.", - "title": "AdaptiveQuantization", - "type": "string" - }, - "AfdSignaling": { - "markdownDescription": "Indicates the AFD values that MediaLive will write into the video encode. If you do not know what AFD signaling is, or if your downstream system has not given you guidance, choose AUTO.\nAUTO: MediaLive will try to preserve the input AFD value (in cases where multiple AFD values are valid).\nFIXED: MediaLive will use the value you specify in fixedAFD.", - "title": "AfdSignaling", - "type": "string" - }, - "ColorMetadata": { - "markdownDescription": "Specifies whether to include the color space metadata. The metadata describes the color space that applies to the video (the colorSpace field). We recommend that you insert the metadata.", - "title": "ColorMetadata", - "type": "string" - }, - "ColorSpace": { - "markdownDescription": "Choose the type of color space conversion to apply to the output. For detailed information on setting up both the input and the output to obtain the desired color space in the output, see the section on \\\"MediaLive Features - Video - color space\\\" in the MediaLive User Guide.\nPASSTHROUGH: Keep the color space of the input content - do not convert it.\nAUTO:Convert all content that is SD to rec 601, and convert all content that is HD to rec 709.", - "title": "ColorSpace", - "type": "string" - }, - "DisplayAspectRatio": { - "markdownDescription": "Sets the pixel aspect ratio for the encode.", - "title": "DisplayAspectRatio", - "type": "string" - }, - "FilterSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Mpeg2FilterSettings", - "markdownDescription": "Optionally specify a noise reduction filter, which can improve quality of compressed content. If you do not choose a filter, no filter will be applied.\nTEMPORAL: This filter is useful for both source content that is noisy (when it has excessive digital artifacts) and source content that is clean.\nWhen the content is noisy, the filter cleans up the source content before the encoding phase, with these two effects: First, it improves the output video quality because the content has been cleaned up. Secondly, it decreases the bandwidth because MediaLive does not waste bits on encoding noise.\nWhen the content is reasonably clean, the filter tends to decrease the bitrate.", - "title": "FilterSettings" - }, - "FixedAfd": { - "markdownDescription": "Complete this field only when afdSignaling is set to FIXED. Enter the AFD value (4 bits) to write on all frames of the video encode.", - "title": "FixedAfd", - "type": "string" - }, - "FramerateDenominator": { - "markdownDescription": "description\": \"The framerate denominator. For example, 1001. The framerate is the numerator divided by the denominator. For example, 24000 / 1001 = 23.976 FPS.", - "title": "FramerateDenominator", - "type": "number" - }, - "FramerateNumerator": { - "markdownDescription": "The framerate numerator. For example, 24000. The framerate is the numerator divided by the denominator. For example, 24000 / 1001 = 23.976 FPS.", - "title": "FramerateNumerator", - "type": "number" - }, - "GopClosedCadence": { - "markdownDescription": "MPEG2: default is open GOP.", - "title": "GopClosedCadence", - "type": "number" - }, - "GopNumBFrames": { - "markdownDescription": "Relates to the GOP structure. The number of B-frames between reference frames. If you do not know what a B-frame is, use the default.", - "title": "GopNumBFrames", - "type": "number" - }, - "GopSize": { - "markdownDescription": "Relates to the GOP structure. The GOP size (keyframe interval) in the units specified in gopSizeUnits. If you do not know what GOP is, use the default.\nIf gopSizeUnits is frames, then the gopSize must be an integer and must be greater than or equal to 1.\nIf gopSizeUnits is seconds, the gopSize must be greater than 0, but does not need to be an integer.", - "title": "GopSize", - "type": "number" - }, - "GopSizeUnits": { - "markdownDescription": "Relates to the GOP structure. Specifies whether the gopSize is specified in frames or seconds. If you do not plan to change the default gopSize, leave the default. If you specify SECONDS, MediaLive will internally convert the gop size to a frame count.", - "title": "GopSizeUnits", - "type": "string" + "DestinationSchema": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationOutput.DestinationSchema", + "markdownDescription": "Describes the data format when records are written to the destination.", + "title": "DestinationSchema" }, - "ScanType": { - "markdownDescription": "Set the scan type of the output to PROGRESSIVE or INTERLACED (top field first).", - "title": "ScanType", - "type": "string" + "KinesisFirehoseOutput": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationOutput.KinesisFirehoseOutput", + "markdownDescription": "Identifies a Kinesis Data Firehose delivery stream as the destination.", + "title": "KinesisFirehoseOutput" }, - "SubgopLength": { - "markdownDescription": "Relates to the GOP structure. If you do not know what GOP is, use the default.\nFIXED: Set the number of B-frames in each sub-GOP to the value in gopNumBFrames.\nDYNAMIC: Let MediaLive optimize the number of B-frames in each sub-GOP, to improve visual quality.", - "title": "SubgopLength", - "type": "string" + "KinesisStreamsOutput": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationOutput.KinesisStreamsOutput", + "markdownDescription": "Identifies a Kinesis data stream as the destination.", + "title": "KinesisStreamsOutput" }, - "TimecodeBurninSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.TimecodeBurninSettings", - "markdownDescription": "", - "title": "TimecodeBurninSettings" + "LambdaOutput": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationOutput.LambdaOutput", + "markdownDescription": "Identifies an Amazon Lambda function as the destination.", + "title": "LambdaOutput" }, - "TimecodeInsertion": { - "markdownDescription": "Determines how MediaLive inserts timecodes in the output video. For detailed information about setting up the input and the output for a timecode, see the section on \\\"MediaLive Features - Timecode configuration\\\" in the MediaLive User Guide.\nDISABLED: do not include timecodes.\nGOP_TIMECODE: Include timecode metadata in the GOP header.", - "title": "TimecodeInsertion", + "Name": { + "markdownDescription": "The name of the in-application stream.", + "title": "Name", "type": "string" } }, + "required": [ + "DestinationSchema" + ], "type": "object" }, - "AWS::MediaLive::Channel.MsSmoothGroupSettings": { + "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource": { "additionalProperties": false, "properties": { - "AcquisitionPointId": { - "markdownDescription": "The value of the Acquisition Point Identity element that is used in each message placed in the sparse track. Enabled only if sparseTrackType is not \"none.\"", - "title": "AcquisitionPointId", - "type": "string" - }, - "AudioOnlyTimecodeControl": { - "markdownDescription": "If set to passthrough for an audio-only Microsoft Smooth output, the fragment absolute time is set to the current timecode. This option does not write timecodes to the audio elementary stream.", - "title": "AudioOnlyTimecodeControl", - "type": "string" - }, - "CertificateMode": { - "markdownDescription": "If set to verifyAuthenticity, verifies the HTTPS certificate chain to a trusted certificate authority (CA). This causes HTTPS outputs to self-signed certificates to fail.", - "title": "CertificateMode", - "type": "string" - }, - "ConnectionRetryInterval": { - "markdownDescription": "The number of seconds to wait before retrying the connection to the IIS server if the connection is lost. Content is cached during this time, and the cache is delivered to the IIS server after the connection is re-established.", - "title": "ConnectionRetryInterval", - "type": "number" - }, - "Destination": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", - "markdownDescription": "The Smooth Streaming publish point on an IIS server. MediaLive acts as a \"Push\" encoder to IIS.", - "title": "Destination" - }, - "EventId": { - "markdownDescription": "The Microsoft Smooth channel ID that is sent to the IIS server. Specify the ID only if eventIdMode is set to useConfigured.", - "title": "EventId", - "type": "string" - }, - "EventIdMode": { - "markdownDescription": "Specifies whether to send a channel ID to the IIS server. If no channel ID is sent and the same channel is used without changing the publishing point, clients might see cached video from the previous run. Options: - \"useConfigured\" - use the value provided in eventId - \"useTimestamp\" - generate and send a channel ID based on the current timestamp - \"noEventId\" - do not send a channel ID to the IIS server.", - "title": "EventIdMode", - "type": "string" - }, - "EventStopBehavior": { - "markdownDescription": "When set to sendEos, sends an EOS signal to an IIS server when stopping the channel.", - "title": "EventStopBehavior", - "type": "string" - }, - "FilecacheDuration": { - "markdownDescription": "The size, in seconds, of the file cache for streaming outputs.", - "title": "FilecacheDuration", - "type": "number" - }, - "FragmentLength": { - "markdownDescription": "The length, in seconds, of mp4 fragments to generate. The fragment length must be compatible with GOP size and frame rate.", - "title": "FragmentLength", - "type": "number" - }, - "InputLossAction": { - "markdownDescription": "A parameter that controls output group behavior on an input loss.", - "title": "InputLossAction", + "Condition": { "type": "string" }, - "NumRetries": { - "markdownDescription": "The number of retry attempts.", - "title": "NumRetries", - "type": "number" - }, - "RestartDelay": { - "markdownDescription": "The number of seconds before initiating a restart due to output failure, due to exhausting the numRetries on one segment, or exceeding filecacheDuration.", - "title": "RestartDelay", - "type": "number" - }, - "SegmentationMode": { - "markdownDescription": "useInputSegmentation has been deprecated. The configured segment size is always used.", - "title": "SegmentationMode", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SendDelayMs": { - "markdownDescription": "The number of milliseconds to delay the output from the second pipeline.", - "title": "SendDelayMs", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SparseTrackType": { - "markdownDescription": "If set to scte35, uses incoming SCTE-35 messages to generate a sparse track in this group of Microsoft Smooth outputs.", - "title": "SparseTrackType", - "type": "string" + "Metadata": { + "type": "object" }, - "StreamManifestBehavior": { - "markdownDescription": "When set to send, sends a stream manifest so that the publishing point doesn't start until all streams start.", - "title": "StreamManifestBehavior", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationName": { + "markdownDescription": "The name of the application.", + "title": "ApplicationName", + "type": "string" + }, + "ReferenceDataSource": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.ReferenceDataSource", + "markdownDescription": "For a SQL-based Kinesis Data Analytics application, describes the reference data source by providing the source information (Amazon S3 bucket name and object key name), the resulting in-application table name that is created, and the necessary schema to map the data elements in the Amazon S3 object to the in-application table.", + "title": "ReferenceDataSource" + } + }, + "required": [ + "ApplicationName", + "ReferenceDataSource" + ], + "type": "object" }, - "TimestampOffset": { - "markdownDescription": "The timestamp offset for the channel. Used only if timestampOffsetMode is set to useConfiguredOffset.", - "title": "TimestampOffset", + "Type": { + "enum": [ + "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource" + ], "type": "string" }, - "TimestampOffsetMode": { - "markdownDescription": "The type of timestamp date offset to use. - useEventStartDate: Use the date the channel was started as the offset - useConfiguredOffset: Use an explicitly configured date as the offset.", - "title": "TimestampOffsetMode", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::MediaLive::Channel.MsSmoothOutputSettings": { + "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.CSVMappingParameters": { "additionalProperties": false, "properties": { - "H265PackagingType": { - "markdownDescription": "Only applicable when this output is referencing an H.265 video description.\nSpecifies whether MP4 segments should be packaged as HEV1 or HVC1.", - "title": "H265PackagingType", + "RecordColumnDelimiter": { + "markdownDescription": "The column delimiter. For example, in a CSV format, a comma (\",\") is the typical column delimiter.", + "title": "RecordColumnDelimiter", "type": "string" }, - "NameModifier": { - "markdownDescription": "A string that is concatenated to the end of the destination file name. This is required for multiple outputs of the same type.", - "title": "NameModifier", + "RecordRowDelimiter": { + "markdownDescription": "The row delimiter. For example, in a CSV format, *'\\n'* is the typical row delimiter.", + "title": "RecordRowDelimiter", "type": "string" } }, + "required": [ + "RecordColumnDelimiter", + "RecordRowDelimiter" + ], "type": "object" }, - "AWS::MediaLive::Channel.MultiplexGroupSettings": { + "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.JSONMappingParameters": { "additionalProperties": false, - "properties": {}, + "properties": { + "RecordRowPath": { + "markdownDescription": "The path to the top-level parent that contains the records.", + "title": "RecordRowPath", + "type": "string" + } + }, + "required": [ + "RecordRowPath" + ], "type": "object" }, - "AWS::MediaLive::Channel.MultiplexOutputSettings": { + "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.MappingParameters": { "additionalProperties": false, "properties": { - "Destination": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", - "markdownDescription": "Destination is a Multiplex.", - "title": "Destination" + "CSVMappingParameters": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.CSVMappingParameters", + "markdownDescription": "Provides additional mapping information when the record format uses delimiters (for example, CSV).", + "title": "CSVMappingParameters" + }, + "JSONMappingParameters": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.JSONMappingParameters", + "markdownDescription": "Provides additional mapping information when JSON is the record format on the streaming source.", + "title": "JSONMappingParameters" } }, "type": "object" }, - "AWS::MediaLive::Channel.MultiplexProgramChannelDestinationSettings": { + "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.RecordColumn": { "additionalProperties": false, "properties": { - "MultiplexId": { - "markdownDescription": "The ID of the Multiplex that the encoder is providing output to. You do not need to specify the individual inputs to the Multiplex; MediaLive will handle the connection of the two MediaLive pipelines to the two Multiplex instances.\nThe Multiplex must be in the same region as the Channel.", - "title": "MultiplexId", + "Mapping": { + "markdownDescription": "A reference to the data element in the streaming input or the reference data source.", + "title": "Mapping", "type": "string" }, - "ProgramName": { - "markdownDescription": "The program name of the Multiplex program that the encoder is providing output to.", - "title": "ProgramName", + "Name": { + "markdownDescription": "The name of the column that is created in the in-application input stream or reference table.", + "title": "Name", + "type": "string" + }, + "SqlType": { + "markdownDescription": "The type of column created in the in-application input stream or reference table.", + "title": "SqlType", "type": "string" } }, + "required": [ + "Name", + "SqlType" + ], "type": "object" }, - "AWS::MediaLive::Channel.NetworkInputSettings": { + "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.RecordFormat": { "additionalProperties": false, "properties": { - "HlsInputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.HlsInputSettings", - "markdownDescription": "Information about how to connect to the upstream system.", - "title": "HlsInputSettings" + "MappingParameters": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.MappingParameters", + "markdownDescription": "When you configure application input at the time of creating or updating an application, provides additional mapping information specific to the record format (such as JSON, CSV, or record fields delimited by some delimiter) on the streaming source.", + "title": "MappingParameters" }, - "ServerValidation": { - "markdownDescription": "Checks HTTPS server certificates. When set to checkCryptographyOnly, cryptography in the certificate is checked, but not the server's name. Certain subdomains (notably S3 buckets that use dots in the bucket name) don't strictly match the corresponding certificate's wildcard pattern and would otherwise cause the channel to error. This setting is ignored for protocols that do not use HTTPS.", - "title": "ServerValidation", + "RecordFormatType": { + "markdownDescription": "The type of record format.", + "title": "RecordFormatType", "type": "string" } }, + "required": [ + "RecordFormatType" + ], "type": "object" }, - "AWS::MediaLive::Channel.NielsenCBET": { + "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.ReferenceDataSource": { "additionalProperties": false, "properties": { - "CbetCheckDigitString": { - "markdownDescription": "Enter the CBET check digits to use in the watermark.", - "title": "CbetCheckDigitString", - "type": "string" + "ReferenceSchema": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.ReferenceSchema", + "markdownDescription": "Describes the format of the data in the streaming source, and how each data element maps to corresponding columns created in the in-application stream.", + "title": "ReferenceSchema" }, - "CbetStepaside": { - "markdownDescription": "Determines the method of CBET insertion mode when prior encoding is detected on the same layer.", - "title": "CbetStepaside", - "type": "string" + "S3ReferenceDataSource": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.S3ReferenceDataSource", + "markdownDescription": "Identifies the S3 bucket and object that contains the reference data. A Kinesis Data Analytics application loads reference data only once. If the data changes, you call the [UpdateApplication](https://docs.aws.amazon.com/managed-flink/latest/apiv2/API_UpdateApplication.html) operation to trigger reloading of data into your application.", + "title": "S3ReferenceDataSource" }, - "Csid": { - "markdownDescription": "Enter the CBET Source ID (CSID) to use in the watermark", - "title": "Csid", + "TableName": { + "markdownDescription": "The name of the in-application table to create.", + "title": "TableName", "type": "string" } }, + "required": [ + "ReferenceSchema" + ], "type": "object" }, - "AWS::MediaLive::Channel.NielsenConfiguration": { + "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.ReferenceSchema": { "additionalProperties": false, "properties": { - "DistributorId": { - "markdownDescription": "Enter the Distributor ID assigned to your organization by Nielsen.", - "title": "DistributorId", - "type": "string" + "RecordColumns": { + "items": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.RecordColumn" + }, + "markdownDescription": "A list of `RecordColumn` objects.", + "title": "RecordColumns", + "type": "array" }, - "NielsenPcmToId3Tagging": { - "markdownDescription": "Enables Nielsen PCM to ID3 tagging", - "title": "NielsenPcmToId3Tagging", + "RecordEncoding": { + "markdownDescription": "Specifies the encoding of the records in the streaming source. For example, UTF-8.", + "title": "RecordEncoding", "type": "string" + }, + "RecordFormat": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.RecordFormat", + "markdownDescription": "Specifies the format of the records on the streaming source.", + "title": "RecordFormat" } }, + "required": [ + "RecordColumns", + "RecordFormat" + ], "type": "object" }, - "AWS::MediaLive::Channel.NielsenNaesIiNw": { + "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.S3ReferenceDataSource": { "additionalProperties": false, "properties": { - "CheckDigitString": { - "markdownDescription": "Enter the check digit string for the watermark", - "title": "CheckDigitString", + "BucketARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the S3 bucket.", + "title": "BucketARN", "type": "string" }, - "Sid": { - "markdownDescription": "Enter the Nielsen Source ID (SID) to include in the watermark", - "title": "Sid", - "type": "number" - }, - "Timezone": { - "markdownDescription": "", - "title": "Timezone", + "FileKey": { + "markdownDescription": "The object key name containing the reference data.", + "title": "FileKey", "type": "string" } }, + "required": [ + "BucketARN", + "FileKey" + ], "type": "object" }, - "AWS::MediaLive::Channel.NielsenWatermarksSettings": { + "AWS::KinesisFirehose::DeliveryStream": { "additionalProperties": false, "properties": { - "NielsenCbetSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.NielsenCBET", - "markdownDescription": "Complete these fields only if you want to insert watermarks of type Nielsen CBET", - "title": "NielsenCbetSettings" + "Condition": { + "type": "string" }, - "NielsenDistributionType": { - "markdownDescription": "Choose the distribution types that you want to assign to the watermarks:\n- PROGRAM_CONTENT\n- FINAL_DISTRIBUTOR", - "title": "NielsenDistributionType", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "NielsenNaesIiNwSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.NielsenNaesIiNw", - "markdownDescription": "Complete these fields only if you want to insert watermarks of type Nielsen NAES II (N2) and Nielsen NAES VI (NW).", - "title": "NielsenNaesIiNwSettings" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.Output": { - "additionalProperties": false, - "properties": { - "AudioDescriptionNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The names of the audio descriptions that are used as audio sources for this output.", - "title": "AudioDescriptionNames", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "CaptionDescriptionNames": { - "items": { - "type": "string" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AmazonOpenSearchServerlessDestinationConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessDestinationConfiguration", + "markdownDescription": "Describes the configuration of a destination in the Serverless offering for Amazon OpenSearch Service.", + "title": "AmazonOpenSearchServerlessDestinationConfiguration" + }, + "AmazonopensearchserviceDestinationConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceDestinationConfiguration", + "markdownDescription": "The destination in Amazon OpenSearch Service. You can specify only one destination.", + "title": "AmazonopensearchserviceDestinationConfiguration" + }, + "DatabaseSourceConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DatabaseSourceConfiguration", + "markdownDescription": "The top level object for configuring streams with database as a source.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "DatabaseSourceConfiguration" + }, + "DeliveryStreamEncryptionConfigurationInput": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DeliveryStreamEncryptionConfigurationInput", + "markdownDescription": "Specifies the type and Amazon Resource Name (ARN) of the CMK to use for Server-Side Encryption (SSE).", + "title": "DeliveryStreamEncryptionConfigurationInput" + }, + "DeliveryStreamName": { + "markdownDescription": "The name of the Firehose stream.", + "title": "DeliveryStreamName", + "type": "string" + }, + "DeliveryStreamType": { + "markdownDescription": "The Firehose stream type. This can be one of the following values:\n\n- `DirectPut` : Provider applications access the Firehose stream directly.\n- `KinesisStreamAsSource` : The Firehose stream uses a Kinesis data stream as a source.", + "title": "DeliveryStreamType", + "type": "string" + }, + "DirectPutSourceConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DirectPutSourceConfiguration", + "markdownDescription": "The structure that configures parameters such as `ThroughputHintInMBs` for a stream configured with Direct PUT as a source.", + "title": "DirectPutSourceConfiguration" + }, + "ElasticsearchDestinationConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ElasticsearchDestinationConfiguration", + "markdownDescription": "An Amazon ES destination for the delivery stream.\n\nConditional. You must specify only one destination configuration.\n\nIf you change the delivery stream destination from an Amazon ES destination to an Amazon S3 or Amazon Redshift destination, update requires [some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt) .", + "title": "ElasticsearchDestinationConfiguration" + }, + "ExtendedS3DestinationConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ExtendedS3DestinationConfiguration", + "markdownDescription": "An Amazon S3 destination for the delivery stream.\n\nConditional. You must specify only one destination configuration.\n\nIf you change the delivery stream destination from an Amazon Extended S3 destination to an Amazon ES destination, update requires [some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt) .", + "title": "ExtendedS3DestinationConfiguration" + }, + "HttpEndpointDestinationConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.HttpEndpointDestinationConfiguration", + "markdownDescription": "Enables configuring Kinesis Firehose to deliver data to any HTTP endpoint destination. You can specify only one destination.", + "title": "HttpEndpointDestinationConfiguration" + }, + "IcebergDestinationConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.IcebergDestinationConfiguration", + "markdownDescription": "Specifies the destination configure settings for Apache Iceberg Table.", + "title": "IcebergDestinationConfiguration" + }, + "KinesisStreamSourceConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.KinesisStreamSourceConfiguration", + "markdownDescription": "When a Kinesis stream is used as the source for the delivery stream, a [KinesisStreamSourceConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisfirehose-deliverystream-kinesisstreamsourceconfiguration.html) containing the Kinesis stream ARN and the role ARN for the source stream.", + "title": "KinesisStreamSourceConfiguration" + }, + "MSKSourceConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.MSKSourceConfiguration", + "markdownDescription": "The configuration for the Amazon MSK cluster to be used as the source for a delivery stream.", + "title": "MSKSourceConfiguration" + }, + "RedshiftDestinationConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.RedshiftDestinationConfiguration", + "markdownDescription": "An Amazon Redshift destination for the delivery stream.\n\nConditional. You must specify only one destination configuration.\n\nIf you change the delivery stream destination from an Amazon Redshift destination to an Amazon ES destination, update requires [some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt) .", + "title": "RedshiftDestinationConfiguration" + }, + "S3DestinationConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", + "markdownDescription": "The `S3DestinationConfiguration` property type specifies an Amazon Simple Storage Service (Amazon S3) destination to which Amazon Kinesis Data Firehose (Kinesis Data Firehose) delivers data.\n\nConditional. You must specify only one destination configuration.\n\nIf you change the delivery stream destination from an Amazon S3 destination to an Amazon ES destination, update requires [some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt) .", + "title": "S3DestinationConfiguration" + }, + "SnowflakeDestinationConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SnowflakeDestinationConfiguration", + "markdownDescription": "Configure Snowflake destination", + "title": "SnowflakeDestinationConfiguration" + }, + "SplunkDestinationConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SplunkDestinationConfiguration", + "markdownDescription": "The configuration of a destination in Splunk for the delivery stream.", + "title": "SplunkDestinationConfiguration" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A set of tags to assign to the Firehose stream. A tag is a key-value pair that you can define and assign to AWS resources. Tags are metadata. For example, you can add friendly names and descriptions or other types of information that can help you distinguish the Firehose stream. For more information about tags, see [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html) in the AWS Billing and Cost Management User Guide.\n\nYou can specify up to 50 tags when creating a Firehose stream.\n\nIf you specify tags in the `CreateDeliveryStream` action, Amazon Data Firehose performs an additional authorization on the `firehose:TagDeliveryStream` action to verify if users have permissions to create tags. If you do not provide this permission, requests to create new Firehose streams with IAM resource tags will fail with an `AccessDeniedException` such as following.\n\n*AccessDeniedException*\n\nUser: arn:aws:sts::x:assumed-role/x/x is not authorized to perform: firehose:TagDeliveryStream on resource: arn:aws:firehose:us-east-1:x:deliverystream/x with an explicit deny in an identity-based policy.\n\nFor an example IAM policy, see [Tag example.](https://docs.aws.amazon.com/firehose/latest/APIReference/API_CreateDeliveryStream.html#API_CreateDeliveryStream_Examples)", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The names of the caption descriptions that are used as captions sources for this output.", - "title": "CaptionDescriptionNames", - "type": "array" + "type": "object" }, - "OutputName": { - "markdownDescription": "The name that is used to identify an output.", - "title": "OutputName", + "Type": { + "enum": [ + "AWS::KinesisFirehose::DeliveryStream" + ], "type": "string" }, - "OutputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputSettings", - "markdownDescription": "The output type-specific settings.", - "title": "OutputSettings" - }, - "VideoDescriptionName": { - "markdownDescription": "The name of the VideoDescription that is used as the source for this output.", - "title": "VideoDescriptionName", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::MediaLive::Channel.OutputDestination": { + "AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessBufferingHints": { "additionalProperties": false, "properties": { - "Id": { - "markdownDescription": "The ID for this destination.", - "title": "Id", - "type": "string" - }, - "MediaPackageSettings": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.MediaPackageOutputDestinationSettings" - }, - "markdownDescription": "The destination settings for a MediaPackage output.", - "title": "MediaPackageSettings", - "type": "array" - }, - "MultiplexSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.MultiplexProgramChannelDestinationSettings", - "markdownDescription": "Destination settings for a Multiplex output; one destination for both encoders.", - "title": "MultiplexSettings" + "IntervalInSeconds": { + "markdownDescription": "Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 300 (5 minutes).", + "title": "IntervalInSeconds", + "type": "number" }, - "Settings": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputDestinationSettings" - }, - "markdownDescription": "The destination settings for an output.", - "title": "Settings", - "type": "array" + "SizeInMBs": { + "markdownDescription": "Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 5.\n\nWe recommend setting this parameter to a value greater than the amount of data you typically ingest into the Firehose stream in 10 seconds. For example, if you typically ingest data at 1 MB/sec, the value should be 10 MB or higher.", + "title": "SizeInMBs", + "type": "number" } }, "type": "object" }, - "AWS::MediaLive::Channel.OutputDestinationSettings": { + "AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessDestinationConfiguration": { "additionalProperties": false, "properties": { - "PasswordParam": { - "markdownDescription": "The password parameter that holds the password for accessing the downstream system. This password parameter applies only if the downstream system requires credentials.", - "title": "PasswordParam", - "type": "string" + "BufferingHints": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessBufferingHints", + "markdownDescription": "The buffering options. If no value is specified, the default values for AmazonopensearchserviceBufferingHints are used.", + "title": "BufferingHints" }, - "StreamName": { - "markdownDescription": "The stream name for the content. This applies only to RTMP outputs.", - "title": "StreamName", - "type": "string" + "CloudWatchLoggingOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", + "markdownDescription": "", + "title": "CloudWatchLoggingOptions" }, - "Url": { - "markdownDescription": "The URL for the destination.", - "title": "Url", + "CollectionEndpoint": { + "markdownDescription": "The endpoint to use when communicating with the collection in the Serverless offering for Amazon OpenSearch Service.", + "title": "CollectionEndpoint", "type": "string" }, - "Username": { - "markdownDescription": "The user name to connect to the downstream system. This applies only if the downstream system requires credentials.", - "title": "Username", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.OutputGroup": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "A custom output group name that you can optionally define. Only letters, numbers, and the underscore character are allowed. The maximum length is 32 characters.", - "title": "Name", + "IndexName": { + "markdownDescription": "The Serverless offering for Amazon OpenSearch Service index name.", + "title": "IndexName", "type": "string" }, - "OutputGroupSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputGroupSettings", - "markdownDescription": "The settings associated with the output group.", - "title": "OutputGroupSettings" - }, - "Outputs": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Output" - }, - "markdownDescription": "The settings for the outputs in the output group.", - "title": "Outputs", - "type": "array" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.OutputGroupSettings": { - "additionalProperties": false, - "properties": { - "ArchiveGroupSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.ArchiveGroupSettings", - "markdownDescription": "The configuration of an archive output group.\n\nThe parent of this entity is OutputGroupSettings.", - "title": "ArchiveGroupSettings" - }, - "CmafIngestGroupSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.CmafIngestGroupSettings", + "ProcessingConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", "markdownDescription": "", - "title": "CmafIngestGroupSettings" - }, - "FrameCaptureGroupSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.FrameCaptureGroupSettings", - "markdownDescription": "The configuration of a frame capture output group.", - "title": "FrameCaptureGroupSettings" - }, - "HlsGroupSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.HlsGroupSettings", - "markdownDescription": "The configuration of an HLS output group.", - "title": "HlsGroupSettings" - }, - "MediaPackageGroupSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.MediaPackageGroupSettings", - "markdownDescription": "The configuration of a MediaPackage output group.", - "title": "MediaPackageGroupSettings" - }, - "MsSmoothGroupSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.MsSmoothGroupSettings", - "markdownDescription": "The configuration of a Microsoft Smooth output group.", - "title": "MsSmoothGroupSettings" + "title": "ProcessingConfiguration" }, - "MultiplexGroupSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.MultiplexGroupSettings", - "markdownDescription": "The settings for a Multiplex output group.", - "title": "MultiplexGroupSettings" + "RetryOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessRetryOptions", + "markdownDescription": "The retry behavior in case Firehose is unable to deliver documents to the Serverless offering for Amazon OpenSearch Service. The default value is 300 (5 minutes).", + "title": "RetryOptions" }, - "RtmpGroupSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.RtmpGroupSettings", - "markdownDescription": "The configuration of an RTMP output group.", - "title": "RtmpGroupSettings" + "RoleARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to be assumed by Firehose for calling the Serverless offering for Amazon OpenSearch Service Configuration API and for indexing documents.", + "title": "RoleARN", + "type": "string" }, - "UdpGroupSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.UdpGroupSettings", - "markdownDescription": "The configuration of a UDP output group.", - "title": "UdpGroupSettings" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.OutputLocationRef": { - "additionalProperties": false, - "properties": { - "DestinationRefId": { - "markdownDescription": "A reference ID for this destination.", - "title": "DestinationRefId", + "S3BackupMode": { + "markdownDescription": "Defines how documents should be delivered to Amazon S3. When it is set to FailedDocumentsOnly, Firehose writes any documents that could not be indexed to the configured Amazon S3 destination, with AmazonOpenSearchService-failed/ appended to the key prefix. When set to AllDocuments, Firehose delivers all incoming records to Amazon S3, and also writes failed documents with AmazonOpenSearchService-failed/ appended to the prefix.", + "title": "S3BackupMode", "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.OutputLockingSettings": { - "additionalProperties": false, - "properties": { - "EpochLockingSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.EpochLockingSettings", + }, + "S3Configuration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", "markdownDescription": "", - "title": "EpochLockingSettings" + "title": "S3Configuration" }, - "PipelineLockingSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.PipelineLockingSettings", + "VpcConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.VpcConfiguration", "markdownDescription": "", - "title": "PipelineLockingSettings" + "title": "VpcConfiguration" } }, + "required": [ + "IndexName", + "RoleARN", + "S3Configuration" + ], "type": "object" }, - "AWS::MediaLive::Channel.OutputSettings": { + "AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessRetryOptions": { "additionalProperties": false, "properties": { - "ArchiveOutputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.ArchiveOutputSettings", - "markdownDescription": "The settings for an archive output.", - "title": "ArchiveOutputSettings" - }, - "CmafIngestOutputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.CmafIngestOutputSettings", - "markdownDescription": "", - "title": "CmafIngestOutputSettings" - }, - "FrameCaptureOutputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.FrameCaptureOutputSettings", - "markdownDescription": "The settings for a frame capture output.\n\nThe parent of this entity is OutputGroupSettings.", - "title": "FrameCaptureOutputSettings" - }, - "HlsOutputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.HlsOutputSettings", - "markdownDescription": "The settings for an HLS output.\n\nThe parent of this entity is OutputGroupSettings.", - "title": "HlsOutputSettings" - }, - "MediaPackageOutputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.MediaPackageOutputSettings", - "markdownDescription": "The settings for a MediaPackage output.\n\nThe parent of this entity is OutputGroupSettings.", - "title": "MediaPackageOutputSettings" - }, - "MsSmoothOutputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.MsSmoothOutputSettings", - "markdownDescription": "The settings for a Microsoft Smooth output.", - "title": "MsSmoothOutputSettings" - }, - "MultiplexOutputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.MultiplexOutputSettings", - "markdownDescription": "Configuration of a Multiplex output.", - "title": "MultiplexOutputSettings" - }, - "RtmpOutputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.RtmpOutputSettings", - "markdownDescription": "The settings for an RTMP output.\n\nThe parent of this entity is OutputGroupSettings.", - "title": "RtmpOutputSettings" - }, - "UdpOutputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.UdpOutputSettings", - "markdownDescription": "The settings for a UDP output.\n\nThe parent of this entity is OutputGroupSettings.", - "title": "UdpOutputSettings" + "DurationInSeconds": { + "markdownDescription": "After an initial failure to deliver to the Serverless offering for Amazon OpenSearch Service, the total amount of time during which Firehose retries delivery (including the first attempt). After this time has elapsed, the failed documents are written to Amazon S3. Default value is 300 seconds (5 minutes). A value of 0 (zero) results in no retries.", + "title": "DurationInSeconds", + "type": "number" } }, "type": "object" }, - "AWS::MediaLive::Channel.PassThroughSettings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.PipelineLockingSettings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.RawSettings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.Rec601Settings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.Rec709Settings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.RemixSettings": { + "AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceBufferingHints": { "additionalProperties": false, "properties": { - "ChannelMappings": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioChannelMapping" - }, - "markdownDescription": "A mapping of input channels to output channels, with appropriate gain adjustments.", - "title": "ChannelMappings", - "type": "array" - }, - "ChannelsIn": { - "markdownDescription": "The number of input channels to be used.", - "title": "ChannelsIn", + "IntervalInSeconds": { + "markdownDescription": "Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 300 (5 minutes).", + "title": "IntervalInSeconds", "type": "number" }, - "ChannelsOut": { - "markdownDescription": "The number of output channels to be produced. Valid values: 1, 2, 4, 6, 8.", - "title": "ChannelsOut", + "SizeInMBs": { + "markdownDescription": "Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 5. We recommend setting this parameter to a value greater than the amount of data you typically ingest into the delivery stream in 10 seconds. For example, if you typically ingest data at 1 MB/sec, the value should be 10 MB or higher.", + "title": "SizeInMBs", "type": "number" } }, "type": "object" }, - "AWS::MediaLive::Channel.RtmpCaptionInfoDestinationSettings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.RtmpGroupSettings": { + "AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceDestinationConfiguration": { "additionalProperties": false, "properties": { - "AdMarkers": { - "items": { - "type": "string" - }, - "markdownDescription": "Choose the ad marker type for this output group. MediaLive will create a message based on the content of each SCTE-35 message, format it for that marker type, and insert it in the datastream.", - "title": "AdMarkers", - "type": "array" + "BufferingHints": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceBufferingHints", + "markdownDescription": "The buffering options. If no value is specified, the default values for AmazonopensearchserviceBufferingHints are used.", + "title": "BufferingHints" }, - "AuthenticationScheme": { - "markdownDescription": "An authentication scheme to use when connecting with a CDN.", - "title": "AuthenticationScheme", + "CloudWatchLoggingOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", + "markdownDescription": "Describes the Amazon CloudWatch logging options for your delivery stream.", + "title": "CloudWatchLoggingOptions" + }, + "ClusterEndpoint": { + "markdownDescription": "The endpoint to use when communicating with the cluster. Specify either this ClusterEndpoint or the DomainARN field.", + "title": "ClusterEndpoint", "type": "string" }, - "CacheFullBehavior": { - "markdownDescription": "Controls behavior when the content cache fills up. If a remote origin server stalls the RTMP connection and doesn't accept content fast enough, the media cache fills up. When the cache reaches the duration specified by cacheLength, the cache stops accepting new content. If set to disconnectImmediately, the RTMP output forces a disconnect. Clear the media cache, and reconnect after restartDelay seconds. If set to waitForServer, the RTMP output waits up to 5 minutes to allow the origin server to begin accepting data again.", - "title": "CacheFullBehavior", + "DocumentIdOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DocumentIdOptions", + "markdownDescription": "Indicates the method for setting up document ID. The supported methods are Firehose generated document ID and OpenSearch Service generated document ID.", + "title": "DocumentIdOptions" + }, + "DomainARN": { + "markdownDescription": "The ARN of the Amazon OpenSearch Service domain.", + "title": "DomainARN", "type": "string" }, - "CacheLength": { - "markdownDescription": "The cache length, in seconds, that is used to calculate buffer size.", - "title": "CacheLength", - "type": "number" + "IndexName": { + "markdownDescription": "The Amazon OpenSearch Service index name.", + "title": "IndexName", + "type": "string" }, - "CaptionData": { - "markdownDescription": "Controls the types of data that pass to onCaptionInfo outputs. If set to all, 608 and 708 carried DTVCC data is passed. If set to field1AndField2608, DTVCC data is stripped out, but 608 data from both fields is passed. If set to field1608, only the data carried in 608 from field 1 video is passed.", - "title": "CaptionData", + "IndexRotationPeriod": { + "markdownDescription": "The Amazon OpenSearch Service index rotation period. Index rotation appends a timestamp to the IndexName to facilitate the expiration of old data.", + "title": "IndexRotationPeriod", "type": "string" }, - "IncludeFillerNalUnits": { - "markdownDescription": "", - "title": "IncludeFillerNalUnits", + "ProcessingConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", + "markdownDescription": "Describes a data processing configuration.", + "title": "ProcessingConfiguration" + }, + "RetryOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceRetryOptions", + "markdownDescription": "The retry behavior in case Kinesis Data Firehose is unable to deliver documents to Amazon OpenSearch Service. The default value is 300 (5 minutes).", + "title": "RetryOptions" + }, + "RoleARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to be assumed by Kinesis Data Firehose for calling the Amazon OpenSearch Service Configuration API and for indexing documents.", + "title": "RoleARN", "type": "string" }, - "InputLossAction": { - "markdownDescription": "Controls the behavior of this RTMP group if the input becomes unavailable. emitOutput: Emit a slate until the input returns. pauseOutput: Stop transmitting data until the input returns. This does not close the underlying RTMP connection.", - "title": "InputLossAction", + "S3BackupMode": { + "markdownDescription": "Defines how documents should be delivered to Amazon S3.", + "title": "S3BackupMode", "type": "string" }, - "RestartDelay": { - "markdownDescription": "If a streaming output fails, the number of seconds to wait until a restart is initiated. A value of 0 means never restart.", - "title": "RestartDelay", - "type": "number" + "S3Configuration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", + "markdownDescription": "Describes the configuration of a destination in Amazon S3.", + "title": "S3Configuration" + }, + "TypeName": { + "markdownDescription": "The Amazon OpenSearch Service type name.", + "title": "TypeName", + "type": "string" + }, + "VpcConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.VpcConfiguration", + "markdownDescription": "The details of the VPC of the Amazon OpenSearch Service destination.", + "title": "VpcConfiguration" } }, + "required": [ + "IndexName", + "RoleARN", + "S3Configuration" + ], "type": "object" }, - "AWS::MediaLive::Channel.RtmpOutputSettings": { + "AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceRetryOptions": { "additionalProperties": false, "properties": { - "CertificateMode": { - "markdownDescription": "If set to verifyAuthenticity, verifies the TLS certificate chain to a trusted certificate authority (CA). This causes RTMPS outputs with self-signed certificates to fail.", - "title": "CertificateMode", - "type": "string" - }, - "ConnectionRetryInterval": { - "markdownDescription": "The number of seconds to wait before retrying a connection to the Flash Media server if the connection is lost.", - "title": "ConnectionRetryInterval", - "type": "number" - }, - "Destination": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", - "markdownDescription": "The RTMP endpoint excluding the stream name (for example, rtmp://host/appname).", - "title": "Destination" - }, - "NumRetries": { - "markdownDescription": "The number of retry attempts.", - "title": "NumRetries", + "DurationInSeconds": { + "markdownDescription": "After an initial failure to deliver to Amazon OpenSearch Service, the total amount of time during which Kinesis Data Firehose retries delivery (including the first attempt). After this time has elapsed, the failed documents are written to Amazon S3. Default value is 300 seconds (5 minutes). A value of 0 (zero) results in no retries.", + "title": "DurationInSeconds", "type": "number" } }, "type": "object" }, - "AWS::MediaLive::Channel.Scte20PlusEmbeddedDestinationSettings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.Scte20SourceSettings": { + "AWS::KinesisFirehose::DeliveryStream.AuthenticationConfiguration": { "additionalProperties": false, "properties": { - "Convert608To708": { - "markdownDescription": "If upconvert, 608 data is both passed through the \"608 compatibility bytes\" fields of the 708 wrapper as well as translated into 708. Any 708 data present in the source content is discarded.", - "title": "Convert608To708", + "Connectivity": { + "markdownDescription": "The type of connectivity used to access the Amazon MSK cluster.", + "title": "Connectivity", "type": "string" }, - "Source608ChannelNumber": { - "markdownDescription": "Specifies the 608/708 channel number within the video track from which to extract captions.", - "title": "Source608ChannelNumber", - "type": "number" + "RoleARN": { + "markdownDescription": "The ARN of the role used to access the Amazon MSK cluster.", + "title": "RoleARN", + "type": "string" } }, + "required": [ + "Connectivity", + "RoleARN" + ], "type": "object" }, - "AWS::MediaLive::Channel.Scte27DestinationSettings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.Scte27SourceSettings": { + "AWS::KinesisFirehose::DeliveryStream.BufferingHints": { "additionalProperties": false, "properties": { - "OcrLanguage": { - "markdownDescription": "If you will configure a WebVTT caption description that references this caption selector, use this field to\nprovide the language to consider when translating the image-based source to text.", - "title": "OcrLanguage", - "type": "string" + "IntervalInSeconds": { + "markdownDescription": "The length of time, in seconds, that Kinesis Data Firehose buffers incoming data before delivering it to the destination. For valid values, see the `IntervalInSeconds` content for the [BufferingHints](https://docs.aws.amazon.com/firehose/latest/APIReference/API_BufferingHints.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", + "title": "IntervalInSeconds", + "type": "number" }, - "Pid": { - "markdownDescription": "The PID field is used in conjunction with the captions selector languageCode field as follows: Specify PID and Language: Extracts captions from that PID; the language is \"informational.\" Specify PID and omit Language: Extracts the specified PID. Omit PID and specify Language: Extracts the specified language, whichever PID that happens to be. Omit PID and omit Language: Valid only if source is DVB-Sub that is being passed through; all languages are passed through.", - "title": "Pid", + "SizeInMBs": { + "markdownDescription": "The size of the buffer, in MBs, that Kinesis Data Firehose uses for incoming data before delivering it to the destination. For valid values, see the `SizeInMBs` content for the [BufferingHints](https://docs.aws.amazon.com/firehose/latest/APIReference/API_BufferingHints.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", + "title": "SizeInMBs", "type": "number" } }, "type": "object" }, - "AWS::MediaLive::Channel.Scte35SpliceInsert": { + "AWS::KinesisFirehose::DeliveryStream.CatalogConfiguration": { "additionalProperties": false, "properties": { - "AdAvailOffset": { - "markdownDescription": "When specified, this offset (in milliseconds) is added to the input ad avail PTS time. This applies only to embedded SCTE 104/35 messages. It doesn't apply to OOB messages.", - "title": "AdAvailOffset", - "type": "number" - }, - "NoRegionalBlackoutFlag": { - "markdownDescription": "When set to ignore, segment descriptors with noRegionalBlackoutFlag set to 0 no longer trigger blackouts or ad avail slates.", - "title": "NoRegionalBlackoutFlag", + "CatalogArn": { + "markdownDescription": "Specifies the Glue catalog ARN identifier of the destination Apache Iceberg Tables. You must specify the ARN in the format `arn:aws:glue:region:account-id:catalog` .", + "title": "CatalogArn", "type": "string" }, - "WebDeliveryAllowedFlag": { - "markdownDescription": "When set to ignore, segment descriptors with webDeliveryAllowedFlag set to 0 no longer trigger blackouts or ad avail slates.", - "title": "WebDeliveryAllowedFlag", + "WarehouseLocation": { + "markdownDescription": "The warehouse location for Apache Iceberg tables. You must configure this when schema evolution and table creation is enabled.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "WarehouseLocation", "type": "string" } }, "type": "object" }, - "AWS::MediaLive::Channel.Scte35TimeSignalApos": { + "AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions": { "additionalProperties": false, "properties": { - "AdAvailOffset": { - "markdownDescription": "When specified, this offset (in milliseconds) is added to the input ad avail PTS time. This applies only to embedded SCTE 104/35 messages. It doesn't apply to OOB messages.", - "title": "AdAvailOffset", - "type": "number" + "Enabled": { + "markdownDescription": "Indicates whether CloudWatch Logs logging is enabled.", + "title": "Enabled", + "type": "boolean" }, - "NoRegionalBlackoutFlag": { - "markdownDescription": "When set to ignore, segment descriptors with noRegionalBlackoutFlag set to 0 no longer trigger blackouts or ad avail slates.", - "title": "NoRegionalBlackoutFlag", + "LogGroupName": { + "markdownDescription": "The name of the CloudWatch Logs log group that contains the log stream that Kinesis Data Firehose will use.\n\nConditional. If you enable logging, you must specify this property.", + "title": "LogGroupName", "type": "string" }, - "WebDeliveryAllowedFlag": { - "markdownDescription": "When set to ignore, segment descriptors with webDeliveryAllowedFlag set to 0 no longer trigger blackouts or ad avail slates.", - "title": "WebDeliveryAllowedFlag", + "LogStreamName": { + "markdownDescription": "The name of the CloudWatch Logs log stream that Kinesis Data Firehose uses to send logs about data delivery.\n\nConditional. If you enable logging, you must specify this property.", + "title": "LogStreamName", "type": "string" } }, "type": "object" }, - "AWS::MediaLive::Channel.SmpteTtDestinationSettings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.StandardHlsSettings": { + "AWS::KinesisFirehose::DeliveryStream.CopyCommand": { "additionalProperties": false, "properties": { - "AudioRenditionSets": { - "markdownDescription": "Lists all the audio groups that are used with the video output stream. This inputs all the audio GROUP-IDs that are associated with the video, separated by a comma (,).", - "title": "AudioRenditionSets", + "CopyOptions": { + "markdownDescription": "Parameters to use with the Amazon Redshift `COPY` command. For examples, see the `CopyOptions` content for the [CopyCommand](https://docs.aws.amazon.com/firehose/latest/APIReference/API_CopyCommand.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", + "title": "CopyOptions", "type": "string" }, - "M3u8Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.M3u8Settings", - "markdownDescription": "Settings for the M3U8 container.", - "title": "M3u8Settings" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.StaticKeySettings": { - "additionalProperties": false, - "properties": { - "KeyProviderServer": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", - "markdownDescription": "The URL of the license server that is used for protecting content.", - "title": "KeyProviderServer" + "DataTableColumns": { + "markdownDescription": "A comma-separated list of column names.", + "title": "DataTableColumns", + "type": "string" }, - "StaticKeyValue": { - "markdownDescription": "The static key value as a 32 character hexadecimal string.", - "title": "StaticKeyValue", + "DataTableName": { + "markdownDescription": "The name of the target table. The table must already exist in the database.", + "title": "DataTableName", "type": "string" } }, + "required": [ + "DataTableName" + ], "type": "object" }, - "AWS::MediaLive::Channel.TeletextDestinationSettings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.TeletextSourceSettings": { + "AWS::KinesisFirehose::DeliveryStream.DataFormatConversionConfiguration": { "additionalProperties": false, "properties": { - "OutputRectangle": { - "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionRectangle", - "markdownDescription": "Settings to configure the caption rectangle for an output captions that will be created using this Teletext source captions.", - "title": "OutputRectangle" + "Enabled": { + "markdownDescription": "Defaults to `true` . Set it to `false` if you want to disable format conversion while preserving the configuration details.", + "title": "Enabled", + "type": "boolean" }, - "PageNumber": { - "markdownDescription": "Specifies the Teletext page number within the data stream from which to extract captions. The range is 0x100 (256) to 0x8FF (2303). This is unused for passthrough. It should be specified as a hexadecimal string with no \"0x\" prefix.", - "title": "PageNumber", - "type": "string" + "InputFormatConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.InputFormatConfiguration", + "markdownDescription": "Specifies the deserializer that you want Firehose to use to convert the format of your data from JSON. This parameter is required if `Enabled` is set to true.", + "title": "InputFormatConfiguration" + }, + "OutputFormatConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.OutputFormatConfiguration", + "markdownDescription": "Specifies the serializer that you want Firehose to use to convert the format of your data to the Parquet or ORC format. This parameter is required if `Enabled` is set to true.", + "title": "OutputFormatConfiguration" + }, + "SchemaConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SchemaConfiguration", + "markdownDescription": "Specifies the AWS Glue Data Catalog table that contains the column information. This parameter is required if `Enabled` is set to true.", + "title": "SchemaConfiguration" } }, "type": "object" }, - "AWS::MediaLive::Channel.TemporalFilterSettings": { + "AWS::KinesisFirehose::DeliveryStream.DatabaseColumns": { "additionalProperties": false, "properties": { - "PostFilterSharpening": { - "markdownDescription": "If you enable this filter, the results are the following:\n- If the source content is noisy (it contains excessive digital artifacts), the filter cleans up the source.\n- If the source content is already clean, the filter tends to decrease the bitrate, especially when the rate control mode is QVBR.", - "title": "PostFilterSharpening", - "type": "string" + "Exclude": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "Exclude", + "type": "array" }, - "Strength": { - "markdownDescription": "Choose a filter strength. We recommend a strength of 1 or 2. A higher strength might take out good information, resulting in an image that is overly soft.", - "title": "Strength", - "type": "string" + "Include": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "Include", + "type": "array" } }, "type": "object" }, - "AWS::MediaLive::Channel.ThumbnailConfiguration": { + "AWS::KinesisFirehose::DeliveryStream.DatabaseSourceAuthenticationConfiguration": { "additionalProperties": false, "properties": { - "State": { + "SecretsManagerConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SecretsManagerConfiguration", "markdownDescription": "", - "title": "State", - "type": "string" + "title": "SecretsManagerConfiguration" } }, + "required": [ + "SecretsManagerConfiguration" + ], "type": "object" }, - "AWS::MediaLive::Channel.TimecodeBurninSettings": { + "AWS::KinesisFirehose::DeliveryStream.DatabaseSourceConfiguration": { "additionalProperties": false, "properties": { - "FontSize": { + "Columns": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DatabaseColumns", + "markdownDescription": "The list of column patterns in source database endpoint for Firehose to read from.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "Columns" + }, + "DatabaseSourceAuthenticationConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DatabaseSourceAuthenticationConfiguration", + "markdownDescription": "The structure to configure the authentication methods for Firehose to connect to source database endpoint.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "DatabaseSourceAuthenticationConfiguration" + }, + "DatabaseSourceVPCConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DatabaseSourceVPCConfiguration", + "markdownDescription": "The details of the VPC Endpoint Service which Firehose uses to create a PrivateLink to the database.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "DatabaseSourceVPCConfiguration" + }, + "Databases": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.Databases", + "markdownDescription": "The list of database patterns in source database endpoint for Firehose to read from.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "Databases" + }, + "Digest": { "markdownDescription": "", - "title": "FontSize", + "title": "Digest", "type": "string" }, - "Position": { - "markdownDescription": "", - "title": "Position", + "Endpoint": { + "markdownDescription": "The endpoint of the database server.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "Endpoint", "type": "string" }, - "Prefix": { + "Port": { + "markdownDescription": "The port of the database. This can be one of the following values.\n\n- 3306 for MySQL database type\n- 5432 for PostgreSQL database type\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "Port", + "type": "number" + }, + "PublicCertificate": { "markdownDescription": "", - "title": "Prefix", + "title": "PublicCertificate", "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.TimecodeConfig": { - "additionalProperties": false, - "properties": { - "Source": { - "markdownDescription": "Identifies the source for the timecode that will be associated with the channel outputs. Embedded (embedded): Initialize the output timecode with timecode from the source. If no embedded timecode is detected in the source, the system falls back to using \"Start at 0\" (zerobased). System Clock (systemclock): Use the UTC time. Start at 0 (zerobased): The time of the first frame of the channel will be 00:00:00:00.", - "title": "Source", + }, + "SSLMode": { + "markdownDescription": "The mode to enable or disable SSL when Firehose connects to the database endpoint.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "SSLMode", "type": "string" }, - "SyncThreshold": { - "markdownDescription": "The threshold in frames beyond which output timecode is resynchronized to the input timecode. Discrepancies below this threshold are permitted to avoid unnecessary discontinuities in the output timecode. There is no timecode sync when this is not specified.", - "title": "SyncThreshold", - "type": "number" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.TtmlDestinationSettings": { - "additionalProperties": false, - "properties": { - "StyleControl": { - "markdownDescription": "When set to passthrough, passes through style and position information from a TTML-like input source (TTML, SMPTE-TT, CFF-TT) to the CFF-TT output or TTML output.", - "title": "StyleControl", + "SnapshotWatermarkTable": { + "markdownDescription": "The fully qualified name of the table in source database endpoint that Firehose uses to track snapshot progress.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "SnapshotWatermarkTable", + "type": "string" + }, + "SurrogateKeys": { + "items": { + "type": "string" + }, + "markdownDescription": "The optional list of table and column names used as unique key columns when taking snapshot if the tables don\u2019t have primary keys configured.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "SurrogateKeys", + "type": "array" + }, + "Tables": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DatabaseTables", + "markdownDescription": "The list of table patterns in source database endpoint for Firehose to read from.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "Tables" + }, + "Type": { + "markdownDescription": "The type of database engine. This can be one of the following values.\n\n- MySQL\n- PostgreSQL\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "Type", "type": "string" } }, + "required": [ + "DatabaseSourceAuthenticationConfiguration", + "DatabaseSourceVPCConfiguration", + "Databases", + "Endpoint", + "Port", + "SnapshotWatermarkTable", + "Tables", + "Type" + ], "type": "object" }, - "AWS::MediaLive::Channel.UdpContainerSettings": { + "AWS::KinesisFirehose::DeliveryStream.DatabaseSourceVPCConfiguration": { "additionalProperties": false, "properties": { - "M2tsSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.M2tsSettings", - "markdownDescription": "The M2TS configuration for this UDP output.", - "title": "M2tsSettings" + "VpcEndpointServiceName": { + "markdownDescription": "The VPC endpoint service name which Firehose uses to create a PrivateLink to the database. The endpoint service must have the Firehose service principle `firehose.amazonaws.com` as an allowed principal on the VPC endpoint service. The VPC endpoint service name is a string that looks like `com.amazonaws.vpce..` .\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "VpcEndpointServiceName", + "type": "string" } }, + "required": [ + "VpcEndpointServiceName" + ], "type": "object" }, - "AWS::MediaLive::Channel.UdpGroupSettings": { + "AWS::KinesisFirehose::DeliveryStream.DatabaseTables": { "additionalProperties": false, "properties": { - "InputLossAction": { - "markdownDescription": "Specifies the behavior of the last resort when the input video is lost, and no more backup inputs are available. When dropTs is selected, the entire transport stream stops emitting. When dropProgram is selected, the program can be dropped from the transport stream (and replaced with null packets to meet the TS bitrate requirement). Or when emitProgram is selected, the transport stream continues to be produced normally with repeat frames, black frames, or slate frames substituted for the absent input video.", - "title": "InputLossAction", - "type": "string" - }, - "TimedMetadataId3Frame": { - "markdownDescription": "Indicates the ID3 frame that has the timecode.", - "title": "TimedMetadataId3Frame", - "type": "string" + "Exclude": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "Exclude", + "type": "array" }, - "TimedMetadataId3Period": { - "markdownDescription": "The timed metadata interval in seconds.", - "title": "TimedMetadataId3Period", - "type": "number" + "Include": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "Include", + "type": "array" } }, "type": "object" }, - "AWS::MediaLive::Channel.UdpOutputSettings": { + "AWS::KinesisFirehose::DeliveryStream.Databases": { "additionalProperties": false, "properties": { - "BufferMsec": { - "markdownDescription": "The UDP output buffering in milliseconds. Larger values increase latency through the transcoder but simultaneously assist the transcoder in maintaining a constant, low-jitter UDP/RTP output while accommodating clock recovery, input switching, input disruptions, picture reordering, and so on.", - "title": "BufferMsec", - "type": "number" - }, - "ContainerSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.UdpContainerSettings", - "markdownDescription": "The settings for the UDP output.", - "title": "ContainerSettings" - }, - "Destination": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", - "markdownDescription": "The destination address and port number for RTP or UDP packets. These can be unicast or multicast RTP or UDP (for example, rtp://239.10.10.10:5001 or udp://10.100.100.100:5002).", - "title": "Destination" + "Exclude": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "Exclude", + "type": "array" }, - "FecOutputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.FecOutputSettings", - "markdownDescription": "The settings for enabling and adjusting Forward Error Correction on UDP outputs.", - "title": "FecOutputSettings" + "Include": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "Include", + "type": "array" } }, "type": "object" }, - "AWS::MediaLive::Channel.VideoBlackFailoverSettings": { + "AWS::KinesisFirehose::DeliveryStream.DeliveryStreamEncryptionConfigurationInput": { "additionalProperties": false, "properties": { - "BlackDetectThreshold": { - "markdownDescription": "A value used in calculating the threshold below which MediaLive considers a pixel to be 'black'. For the input to be considered black, every pixel in a frame must be below this threshold. The threshold is calculated as a percentage (expressed as a decimal) of white. Therefore .1 means 10% white (or 90% black). Note how the formula works for any color depth. For example, if you set this field to 0.1 in 10-bit color depth: (1023*0.1=102.3), which means a pixel value of 102 or less is 'black'. If you set this field to .1 in an 8-bit color depth: (255*0.1=25.5), which means a pixel value of 25 or less is 'black'. The range is 0.0 to 1.0, with any number of decimal places.", - "title": "BlackDetectThreshold", - "type": "number" + "KeyARN": { + "markdownDescription": "If you set `KeyType` to `CUSTOMER_MANAGED_CMK` , you must specify the Amazon Resource Name (ARN) of the CMK. If you set `KeyType` to `AWS _OWNED_CMK` , Firehose uses a service-account CMK.", + "title": "KeyARN", + "type": "string" }, - "VideoBlackThresholdMsec": { - "markdownDescription": "The amount of time (in milliseconds) that the active input must be black before automatic input failover occurs.", - "title": "VideoBlackThresholdMsec", - "type": "number" + "KeyType": { + "markdownDescription": "Indicates the type of customer master key (CMK) to use for encryption. The default setting is `AWS_OWNED_CMK` . For more information about CMKs, see [Customer Master Keys (CMKs)](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#master_keys) .\n\nYou can use a CMK of type CUSTOMER_MANAGED_CMK to encrypt up to 500 delivery streams.\n\n> To encrypt your delivery stream, use symmetric CMKs. Kinesis Data Firehose doesn't support asymmetric CMKs. For information about symmetric and asymmetric CMKs, see [About Symmetric and Asymmetric CMKs](https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-concepts.html) in the AWS Key Management Service developer guide.", + "title": "KeyType", + "type": "string" } }, + "required": [ + "KeyType" + ], "type": "object" }, - "AWS::MediaLive::Channel.VideoCodecSettings": { + "AWS::KinesisFirehose::DeliveryStream.Deserializer": { "additionalProperties": false, "properties": { - "FrameCaptureSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.FrameCaptureSettings", - "markdownDescription": "The settings for the video codec in a frame capture output.", - "title": "FrameCaptureSettings" - }, - "H264Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.H264Settings", - "markdownDescription": "The settings for the H.264 codec in the output.", - "title": "H264Settings" - }, - "H265Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.H265Settings", - "markdownDescription": "Settings for video encoded with the H265 codec.", - "title": "H265Settings" + "HiveJsonSerDe": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.HiveJsonSerDe", + "markdownDescription": "The native Hive / HCatalog JsonSerDe. Used by Firehose for deserializing data, which means converting it from the JSON format in preparation for serializing it to the Parquet or ORC format. This is one of two deserializers you can choose, depending on which one offers the functionality you need. The other option is the OpenX SerDe.", + "title": "HiveJsonSerDe" }, - "Mpeg2Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Mpeg2Settings", - "markdownDescription": "Settings for video encoded with the MPEG-2 codec.", - "title": "Mpeg2Settings" + "OpenXJsonSerDe": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.OpenXJsonSerDe", + "markdownDescription": "The OpenX SerDe. Used by Firehose for deserializing data, which means converting it from the JSON format in preparation for serializing it to the Parquet or ORC format. This is one of two deserializers you can choose, depending on which one offers the functionality you need. The other option is the native Hive / HCatalog JsonSerDe.", + "title": "OpenXJsonSerDe" } }, "type": "object" }, - "AWS::MediaLive::Channel.VideoDescription": { + "AWS::KinesisFirehose::DeliveryStream.DestinationTableConfiguration": { "additionalProperties": false, "properties": { - "CodecSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.VideoCodecSettings", - "markdownDescription": "The video codec settings.", - "title": "CodecSettings" - }, - "Height": { - "markdownDescription": "The output video height, in pixels. This must be an even number. For most codecs, you can keep this field and width blank in order to use the height and width (resolution) from the source. Note that we don't recommend keeping the field blank. For the Frame Capture codec, height and width are required.", - "title": "Height", - "type": "number" - }, - "Name": { - "markdownDescription": "The name of this VideoDescription. Outputs use this name to uniquely identify this description. Description names should be unique within this channel.", - "title": "Name", - "type": "string" - }, - "RespondToAfd": { - "markdownDescription": "Indicates how to respond to the AFD values in the input stream. RESPOND causes input video to be clipped, depending on the AFD value, input display aspect ratio, and output display aspect ratio, and (except for the FRAMECAPTURE codec) includes the values in the output. PASSTHROUGH (does not apply to FRAMECAPTURE codec) ignores the AFD values and includes the values in the output, so input video is not clipped. NONE ignores the AFD values and does not include the values through to the output, so input video is not clipped.", - "title": "RespondToAfd", - "type": "string" - }, - "ScalingBehavior": { - "markdownDescription": "STRETCHTOOUTPUT configures the output position to stretch the video to the specified output resolution (height and width). This option overrides any position value. DEFAULT might insert black boxes (pillar boxes or letter boxes) around the video to provide the specified output resolution.", - "title": "ScalingBehavior", + "DestinationDatabaseName": { + "markdownDescription": "The name of the Apache Iceberg database.", + "title": "DestinationDatabaseName", "type": "string" }, - "Sharpness": { - "markdownDescription": "Changes the strength of the anti-alias filter used for scaling. 0 is the softest setting, and 100 is the sharpest. We recommend a setting of 50 for most content.", - "title": "Sharpness", - "type": "number" - }, - "Width": { - "markdownDescription": "The output video width, in pixels. It must be an even number. For most codecs, you can keep this field and height blank in order to use the height and width (resolution) from the source. Note that we don't recommend keeping the field blank. For the Frame Capture codec, height and width are required.", - "title": "Width", - "type": "number" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.VideoSelector": { - "additionalProperties": false, - "properties": { - "ColorSpace": { - "markdownDescription": "Specifies the color space of an input. This setting works in tandem with colorSpaceConversion to determine if MediaLive will perform any conversion.", - "title": "ColorSpace", + "DestinationTableName": { + "markdownDescription": "Specifies the name of the Apache Iceberg Table.", + "title": "DestinationTableName", "type": "string" }, - "ColorSpaceSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.VideoSelectorColorSpaceSettings", - "markdownDescription": "Settings to configure color space settings in the incoming video.", - "title": "ColorSpaceSettings" + "PartitionSpec": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.PartitionSpec", + "markdownDescription": "The partition spec configuration for a table that is used by automatic table creation.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "PartitionSpec" }, - "ColorSpaceUsage": { - "markdownDescription": "Applies only if colorSpace is a value other than Follow. This field controls how the value in the colorSpace field is used. Fallback means that when the input does include color space data, that data is used, but when the input has no color space data, the value in colorSpace is used. Choose fallback if your input is sometimes missing color space data, but when it does have color space data, that data is correct. Force means to always use the value in colorSpace. Choose force if your input usually has no color space data or might have unreliable color space data.", - "title": "ColorSpaceUsage", + "S3ErrorOutputPrefix": { + "markdownDescription": "The table specific S3 error output prefix. All the errors that occurred while delivering to this table will be prefixed with this value in S3 destination.", + "title": "S3ErrorOutputPrefix", "type": "string" }, - "SelectorSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.VideoSelectorSettings", - "markdownDescription": "Information about the video to select from the content.", - "title": "SelectorSettings" + "UniqueKeys": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of unique keys for a given Apache Iceberg table. Firehose will use these for running Create, Update, or Delete operations on the given Iceberg table.", + "title": "UniqueKeys", + "type": "array" } }, + "required": [ + "DestinationDatabaseName", + "DestinationTableName" + ], "type": "object" }, - "AWS::MediaLive::Channel.VideoSelectorColorSpaceSettings": { + "AWS::KinesisFirehose::DeliveryStream.DirectPutSourceConfiguration": { "additionalProperties": false, "properties": { - "Hdr10Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Hdr10Settings", - "markdownDescription": "Settings to configure color space settings in the incoming video.", - "title": "Hdr10Settings" + "ThroughputHintInMBs": { + "markdownDescription": "The value that you configure for this parameter is for information purpose only and does not affect Firehose delivery throughput limit. You can use the [Firehose Limits form](https://docs.aws.amazon.com/https://support.console.aws.amazon.com/support/home#/case/create%3FissueType=service-limit-increase%26limitType=kinesis-firehose-limits) to request a throughput limit increase.", + "title": "ThroughputHintInMBs", + "type": "number" } }, "type": "object" }, - "AWS::MediaLive::Channel.VideoSelectorPid": { + "AWS::KinesisFirehose::DeliveryStream.DocumentIdOptions": { "additionalProperties": false, "properties": { - "Pid": { - "markdownDescription": "Selects a specific PID from within a video source.", - "title": "Pid", - "type": "number" + "DefaultDocumentIdFormat": { + "markdownDescription": "When the `FIREHOSE_DEFAULT` option is chosen, Firehose generates a unique document ID for each record based on a unique internal identifier. The generated document ID is stable across multiple delivery attempts, which helps prevent the same record from being indexed multiple times with different document IDs.\n\nWhen the `NO_DOCUMENT_ID` option is chosen, Firehose does not include any document IDs in the requests it sends to the Amazon OpenSearch Service. This causes the Amazon OpenSearch Service domain to generate document IDs. In case of multiple delivery attempts, this may cause the same record to be indexed more than once with different document IDs. This option enables write-heavy operations, such as the ingestion of logs and observability data, to consume less resources in the Amazon OpenSearch Service domain, resulting in improved performance.", + "title": "DefaultDocumentIdFormat", + "type": "string" } }, + "required": [ + "DefaultDocumentIdFormat" + ], "type": "object" }, - "AWS::MediaLive::Channel.VideoSelectorProgramId": { + "AWS::KinesisFirehose::DeliveryStream.DynamicPartitioningConfiguration": { "additionalProperties": false, "properties": { - "ProgramId": { - "markdownDescription": "Selects a specific program from within a multi-program transport stream. If the program doesn't exist, MediaLive selects the first program within the transport stream by default.", - "title": "ProgramId", - "type": "number" + "Enabled": { + "markdownDescription": "Specifies whether dynamic partitioning is enabled for this Kinesis Data Firehose delivery stream.", + "title": "Enabled", + "type": "boolean" + }, + "RetryOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.RetryOptions", + "markdownDescription": "Specifies the retry behavior in case Kinesis Data Firehose is unable to deliver data to an Amazon S3 prefix.", + "title": "RetryOptions" } }, "type": "object" }, - "AWS::MediaLive::Channel.VideoSelectorSettings": { + "AWS::KinesisFirehose::DeliveryStream.ElasticsearchBufferingHints": { "additionalProperties": false, "properties": { - "VideoSelectorPid": { - "$ref": "#/definitions/AWS::MediaLive::Channel.VideoSelectorPid", - "markdownDescription": "Used to extract video by PID.", - "title": "VideoSelectorPid" + "IntervalInSeconds": { + "markdownDescription": "The length of time, in seconds, that Kinesis Data Firehose buffers incoming data before delivering it to the destination. For valid values, see the `IntervalInSeconds` content for the [BufferingHints](https://docs.aws.amazon.com/firehose/latest/APIReference/API_BufferingHints.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", + "title": "IntervalInSeconds", + "type": "number" }, - "VideoSelectorProgramId": { - "$ref": "#/definitions/AWS::MediaLive::Channel.VideoSelectorProgramId", - "markdownDescription": "Used to extract video by program ID.", - "title": "VideoSelectorProgramId" + "SizeInMBs": { + "markdownDescription": "The size of the buffer, in MBs, that Kinesis Data Firehose uses for incoming data before delivering it to the destination. For valid values, see the `SizeInMBs` content for the [BufferingHints](https://docs.aws.amazon.com/firehose/latest/APIReference/API_BufferingHints.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", + "title": "SizeInMBs", + "type": "number" } }, "type": "object" }, - "AWS::MediaLive::Channel.VpcOutputSettings": { + "AWS::KinesisFirehose::DeliveryStream.ElasticsearchDestinationConfiguration": { "additionalProperties": false, "properties": { - "PublicAddressAllocationIds": { - "items": { - "type": "string" - }, - "markdownDescription": "List of public address allocation IDs to associate with ENIs that will be created in Output VPC. Must specify one for SINGLE_PIPELINE, two for STANDARD channels", - "title": "PublicAddressAllocationIds", - "type": "array" + "BufferingHints": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ElasticsearchBufferingHints", + "markdownDescription": "Configures how Kinesis Data Firehose buffers incoming data while delivering it to the Amazon ES domain.", + "title": "BufferingHints" }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of up to 5 EC2 VPC security group IDs to attach to the Output VPC network interfaces.\nIf none are specified then the VPC default security group will be used", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of VPC subnet IDs from the same VPC.\nIf STANDARD channel, subnet IDs must be mapped to two unique availability zones (AZ).", - "title": "SubnetIds", - "type": "array" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.WavSettings": { - "additionalProperties": false, - "properties": { - "BitDepth": { - "markdownDescription": "Bits per sample.", - "title": "BitDepth", - "type": "number" + "CloudWatchLoggingOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", + "markdownDescription": "The Amazon CloudWatch Logs logging options for the delivery stream.", + "title": "CloudWatchLoggingOptions" }, - "CodingMode": { - "markdownDescription": "The audio coding mode for the WAV audio. The mode determines the number of channels in the audio.", - "title": "CodingMode", + "ClusterEndpoint": { + "markdownDescription": "The endpoint to use when communicating with the cluster. Specify either this `ClusterEndpoint` or the `DomainARN` field.", + "title": "ClusterEndpoint", "type": "string" }, - "SampleRate": { - "markdownDescription": "Sample rate in Hz.", - "title": "SampleRate", - "type": "number" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.WebvttDestinationSettings": { - "additionalProperties": false, - "properties": { - "StyleControl": { - "markdownDescription": "Controls whether the color and position of the source captions is passed through to the WebVTT output captions. PASSTHROUGH - Valid only if the source captions are EMBEDDED or TELETEXT. NO_STYLE_DATA - Don't pass through the style. The output captions will not contain any font styling information.", - "title": "StyleControl", + "DocumentIdOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DocumentIdOptions", + "markdownDescription": "Indicates the method for setting up document ID. The supported methods are Firehose generated document ID and OpenSearch Service generated document ID.", + "title": "DocumentIdOptions" + }, + "DomainARN": { + "markdownDescription": "The ARN of the Amazon ES domain. The IAM role must have permissions for `DescribeElasticsearchDomain` , `DescribeElasticsearchDomains` , and `DescribeElasticsearchDomainConfig` after assuming the role specified in *RoleARN* .\n\nSpecify either `ClusterEndpoint` or `DomainARN` .", + "title": "DomainARN", "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaLive::Input": { - "additionalProperties": false, - "properties": { - "Condition": { + }, + "IndexName": { + "markdownDescription": "The name of the Elasticsearch index to which Kinesis Data Firehose adds data for indexing.", + "title": "IndexName", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "IndexRotationPeriod": { + "markdownDescription": "The frequency of Elasticsearch index rotation. If you enable index rotation, Kinesis Data Firehose appends a portion of the UTC arrival timestamp to the specified index name, and rotates the appended timestamp accordingly. For more information, see [Index Rotation for the Amazon ES Destination](https://docs.aws.amazon.com/firehose/latest/dev/basic-deliver.html#es-index-rotation) in the *Amazon Kinesis Data Firehose Developer Guide* .", + "title": "IndexRotationPeriod", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ProcessingConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", + "markdownDescription": "The data processing configuration for the Kinesis Data Firehose delivery stream.", + "title": "ProcessingConfiguration" }, - "Metadata": { - "type": "object" + "RetryOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ElasticsearchRetryOptions", + "markdownDescription": "The retry behavior when Kinesis Data Firehose is unable to deliver data to Amazon ES.", + "title": "RetryOptions" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Destinations": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Input.InputDestinationRequest" - }, - "markdownDescription": "Settings that apply only if the input is a push type of input.", - "title": "Destinations", - "type": "array" - }, - "InputDevices": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Input.InputDeviceSettings" - }, - "markdownDescription": "Settings that apply only if the input is an Elemental Link input.", - "title": "InputDevices", - "type": "array" - }, - "InputSecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of input security groups (referenced by IDs) to attach to the input if the input is a push type.", - "title": "InputSecurityGroups", - "type": "array" - }, - "MediaConnectFlows": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Input.MediaConnectFlowRequest" - }, - "markdownDescription": "Settings that apply only if the input is a MediaConnect input.", - "title": "MediaConnectFlows", - "type": "array" - }, - "Name": { - "markdownDescription": "A name for the input.", - "title": "Name", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The IAM role for MediaLive to assume when creating a MediaConnect input or Amazon VPC input. This doesn't apply to other types of inputs. The role is identified by its ARN.", - "title": "RoleArn", - "type": "string" - }, - "Sources": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Input.InputSourceRequest" - }, - "markdownDescription": "Settings that apply only if the input is a pull type of input.", - "title": "Sources", - "type": "array" - }, - "Tags": { - "markdownDescription": "A collection of tags for this input. Each tag is a key-value pair.", - "title": "Tags", - "type": "object" - }, - "Type": { - "markdownDescription": "The type for this input.", - "title": "Type", - "type": "string" - }, - "Vpc": { - "$ref": "#/definitions/AWS::MediaLive::Input.InputVpcRequest", - "markdownDescription": "Settings that apply only if the input is an push input where the source is on Amazon VPC.", - "title": "Vpc" - } - }, - "type": "object" + "RoleARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to be assumed by Kinesis Data Firehose for calling the Amazon ES Configuration API and for indexing documents. For more information, see [Controlling Access with Amazon Kinesis Data Firehose](https://docs.aws.amazon.com/firehose/latest/dev/controlling-access.html) .", + "title": "RoleARN", + "type": "string" }, - "Type": { - "enum": [ - "AWS::MediaLive::Input" - ], + "S3BackupMode": { + "markdownDescription": "The condition under which Kinesis Data Firehose delivers data to Amazon Simple Storage Service (Amazon S3). You can send Amazon S3 all documents (all data) or only the documents that Kinesis Data Firehose could not deliver to the Amazon ES destination. For more information and valid values, see the `S3BackupMode` content for the [ElasticsearchDestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ElasticsearchDestinationConfiguration.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", + "title": "S3BackupMode", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "S3Configuration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", + "markdownDescription": "The S3 bucket where Kinesis Data Firehose backs up incoming data.", + "title": "S3Configuration" + }, + "TypeName": { + "markdownDescription": "The Elasticsearch type name that Amazon ES adds to documents when indexing data.", + "title": "TypeName", "type": "string" + }, + "VpcConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.VpcConfiguration", + "markdownDescription": "The details of the VPC of the Amazon ES destination.", + "title": "VpcConfiguration" } }, "required": [ - "Type" + "IndexName", + "RoleARN", + "S3Configuration" ], "type": "object" }, - "AWS::MediaLive::Input.InputDestinationRequest": { + "AWS::KinesisFirehose::DeliveryStream.ElasticsearchRetryOptions": { "additionalProperties": false, "properties": { - "StreamName": { - "markdownDescription": "The stream name (application name/application instance) for the location the RTMP source content will be pushed to in MediaLive.", - "title": "StreamName", - "type": "string" + "DurationInSeconds": { + "markdownDescription": "After an initial failure to deliver to Amazon ES, the total amount of time during which Kinesis Data Firehose re-attempts delivery (including the first attempt). If Kinesis Data Firehose can't deliver the data within the specified time, it writes the data to the backup S3 bucket. For valid values, see the `DurationInSeconds` content for the [ElasticsearchRetryOptions](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ElasticsearchRetryOptions.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", + "title": "DurationInSeconds", + "type": "number" } }, "type": "object" }, - "AWS::MediaLive::Input.InputDeviceRequest": { + "AWS::KinesisFirehose::DeliveryStream.EncryptionConfiguration": { "additionalProperties": false, "properties": { - "Id": { + "KMSEncryptionConfig": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.KMSEncryptionConfig", + "markdownDescription": "The AWS Key Management Service ( AWS KMS) encryption key that Amazon S3 uses to encrypt your data.", + "title": "KMSEncryptionConfig" + }, + "NoEncryptionConfig": { + "markdownDescription": "Disables encryption. For valid values, see the `NoEncryptionConfig` content for the [EncryptionConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_EncryptionConfiguration.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", + "title": "NoEncryptionConfig", "type": "string" } }, "type": "object" }, - "AWS::MediaLive::Input.InputDeviceSettings": { + "AWS::KinesisFirehose::DeliveryStream.ExtendedS3DestinationConfiguration": { "additionalProperties": false, "properties": { - "Id": { - "markdownDescription": "The unique ID for the device.", - "title": "Id", + "BucketARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon S3 bucket. For constraints, see [ExtendedS3DestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ExtendedS3DestinationConfiguration.html) in the *Amazon Kinesis Data Firehose API Reference* .", + "title": "BucketARN", "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaLive::Input.InputSourceRequest": { - "additionalProperties": false, - "properties": { - "PasswordParam": { - "markdownDescription": "The password parameter that holds the password for accessing the upstream system. The password parameter applies only if the upstream system requires credentials.", - "title": "PasswordParam", + }, + "BufferingHints": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.BufferingHints", + "markdownDescription": "The buffering option.", + "title": "BufferingHints" + }, + "CloudWatchLoggingOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", + "markdownDescription": "The Amazon CloudWatch logging options for your Firehose stream.", + "title": "CloudWatchLoggingOptions" + }, + "CompressionFormat": { + "markdownDescription": "The compression format. If no value is specified, the default is `UNCOMPRESSED` .", + "title": "CompressionFormat", "type": "string" }, - "Url": { - "markdownDescription": "For a pull input, the URL where MediaLive pulls the source content from.", - "title": "Url", + "CustomTimeZone": { + "markdownDescription": "The time zone you prefer. UTC is the default.", + "title": "CustomTimeZone", "type": "string" }, - "Username": { - "markdownDescription": "The user name to connect to the upstream system. The user name applies only if the upstream system requires credentials.", - "title": "Username", + "DataFormatConversionConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DataFormatConversionConfiguration", + "markdownDescription": "The serializer, deserializer, and schema for converting data from the JSON format to the Parquet or ORC format before writing it to Amazon S3.", + "title": "DataFormatConversionConfiguration" + }, + "DynamicPartitioningConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DynamicPartitioningConfiguration", + "markdownDescription": "The configuration of the dynamic partitioning mechanism that creates targeted data sets from the streaming data by partitioning it based on partition keys.", + "title": "DynamicPartitioningConfiguration" + }, + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.EncryptionConfiguration", + "markdownDescription": "The encryption configuration for the Kinesis Data Firehose delivery stream. The default value is `NoEncryption` .", + "title": "EncryptionConfiguration" + }, + "ErrorOutputPrefix": { + "markdownDescription": "A prefix that Kinesis Data Firehose evaluates and adds to failed records before writing them to S3. This prefix appears immediately following the bucket name. For information about how to specify this prefix, see [Custom Prefixes for Amazon S3 Objects](https://docs.aws.amazon.com/firehose/latest/dev/s3-prefixes.html) .", + "title": "ErrorOutputPrefix", + "type": "string" + }, + "FileExtension": { + "markdownDescription": "Specify a file extension. It will override the default file extension", + "title": "FileExtension", + "type": "string" + }, + "Prefix": { + "markdownDescription": "The `YYYY/MM/DD/HH` time format prefix is automatically used for delivered Amazon S3 files. For more information, see [ExtendedS3DestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ExtendedS3DestinationConfiguration.html) in the *Amazon Kinesis Data Firehose API Reference* .", + "title": "Prefix", + "type": "string" + }, + "ProcessingConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", + "markdownDescription": "The data processing configuration for the Kinesis Data Firehose delivery stream.", + "title": "ProcessingConfiguration" + }, + "RoleARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS credentials. For constraints, see [ExtendedS3DestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ExtendedS3DestinationConfiguration.html) in the *Amazon Kinesis Data Firehose API Reference* .", + "title": "RoleARN", + "type": "string" + }, + "S3BackupConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", + "markdownDescription": "The configuration for backup in Amazon S3.", + "title": "S3BackupConfiguration" + }, + "S3BackupMode": { + "markdownDescription": "The Amazon S3 backup mode. After you create a Firehose stream, you can update it to enable Amazon S3 backup if it is disabled. If backup is enabled, you can't update the Firehose stream to disable it.", + "title": "S3BackupMode", "type": "string" } }, + "required": [ + "BucketARN", + "RoleARN" + ], "type": "object" }, - "AWS::MediaLive::Input.InputVpcRequest": { + "AWS::KinesisFirehose::DeliveryStream.HiveJsonSerDe": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of up to five VPC security group IDs to attach to the input VPC network interfaces. The security groups require subnet IDs. If none are specified, MediaLive uses the VPC default security group.", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetIds": { + "TimestampFormats": { "items": { "type": "string" }, - "markdownDescription": "The list of two VPC subnet IDs from the same VPC. You must associate subnet IDs to two unique Availability Zones.", - "title": "SubnetIds", + "markdownDescription": "Indicates how you want Firehose to parse the date and timestamps that may be present in your input data JSON. To specify these format strings, follow the pattern syntax of JodaTime's DateTimeFormat format strings. For more information, see [Class DateTimeFormat](https://docs.aws.amazon.com/https://www.joda.org/joda-time/apidocs/org/joda/time/format/DateTimeFormat.html) . You can also use the special value `millis` to parse timestamps in epoch milliseconds. If you don't specify a format, Firehose uses `java.sql.Timestamp::valueOf` by default.", + "title": "TimestampFormats", "type": "array" } }, "type": "object" }, - "AWS::MediaLive::Input.MediaConnectFlowRequest": { + "AWS::KinesisFirehose::DeliveryStream.HttpEndpointCommonAttribute": { "additionalProperties": false, "properties": { - "FlowArn": { - "markdownDescription": "The ARN of one or two MediaConnect flows that are the sources for this MediaConnect input.", - "title": "FlowArn", + "AttributeName": { + "markdownDescription": "The name of the HTTP endpoint common attribute.", + "title": "AttributeName", + "type": "string" + }, + "AttributeValue": { + "markdownDescription": "The value of the HTTP endpoint common attribute.", + "title": "AttributeValue", "type": "string" } }, + "required": [ + "AttributeName", + "AttributeValue" + ], "type": "object" }, - "AWS::MediaLive::InputSecurityGroup": { + "AWS::KinesisFirehose::DeliveryStream.HttpEndpointConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "AccessKey": { + "markdownDescription": "The access key required for Kinesis Firehose to authenticate with the HTTP endpoint selected as the destination.", + "title": "AccessKey", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "The name of the HTTP endpoint selected as the destination.", + "title": "Name", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Url": { + "markdownDescription": "The URL of the HTTP endpoint selected as the destination.", + "title": "Url", + "type": "string" + } + }, + "required": [ + "Url" + ], + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.HttpEndpointDestinationConfiguration": { + "additionalProperties": false, + "properties": { + "BufferingHints": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.BufferingHints", + "markdownDescription": "The buffering options that can be used before data is delivered to the specified destination. Kinesis Data Firehose treats these options as hints, and it might choose to use more optimal values. The SizeInMBs and IntervalInSeconds parameters are optional. However, if you specify a value for one of them, you must also provide a value for the other.", + "title": "BufferingHints" }, - "Metadata": { - "type": "object" + "CloudWatchLoggingOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", + "markdownDescription": "Describes the Amazon CloudWatch logging options for your delivery stream.", + "title": "CloudWatchLoggingOptions" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Tags": { - "markdownDescription": "A collection of tags for this input security group. Each tag is a key-value pair.", - "title": "Tags", - "type": "object" - }, - "WhitelistRules": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::InputSecurityGroup.InputWhitelistRuleCidr" - }, - "markdownDescription": "The list of IPv4 CIDR addresses to include in the input security group as \"allowed\" addresses.", - "title": "WhitelistRules", - "type": "array" - } - }, - "type": "object" + "EndpointConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.HttpEndpointConfiguration", + "markdownDescription": "The configuration of the HTTP endpoint selected as the destination.", + "title": "EndpointConfiguration" }, - "Type": { - "enum": [ - "AWS::MediaLive::InputSecurityGroup" - ], + "ProcessingConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", + "markdownDescription": "Describes the data processing configuration.", + "title": "ProcessingConfiguration" + }, + "RequestConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.HttpEndpointRequestConfiguration", + "markdownDescription": "The configuration of the request sent to the HTTP endpoint specified as the destination.", + "title": "RequestConfiguration" + }, + "RetryOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.RetryOptions", + "markdownDescription": "Describes the retry behavior in case Kinesis Data Firehose is unable to deliver data to the specified HTTP endpoint destination, or if it doesn't receive a valid acknowledgment of receipt from the specified HTTP endpoint destination.", + "title": "RetryOptions" + }, + "RoleARN": { + "markdownDescription": "Kinesis Data Firehose uses this IAM role for all the permissions that the delivery stream needs.", + "title": "RoleARN", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "S3BackupMode": { + "markdownDescription": "Describes the S3 bucket backup options for the data that Kinesis Data Firehose delivers to the HTTP endpoint destination. You can back up all documents (AllData) or only the documents that Kinesis Data Firehose could not deliver to the specified HTTP endpoint destination (FailedDataOnly).", + "title": "S3BackupMode", "type": "string" + }, + "S3Configuration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", + "markdownDescription": "Describes the configuration of a destination in Amazon S3.", + "title": "S3Configuration" + }, + "SecretsManagerConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SecretsManagerConfiguration", + "markdownDescription": "The configuration that defines how you access secrets for HTTP Endpoint destination.", + "title": "SecretsManagerConfiguration" } }, "required": [ - "Type" + "EndpointConfiguration", + "S3Configuration" ], "type": "object" }, - "AWS::MediaLive::InputSecurityGroup.InputWhitelistRuleCidr": { + "AWS::KinesisFirehose::DeliveryStream.HttpEndpointRequestConfiguration": { "additionalProperties": false, "properties": { - "Cidr": { - "markdownDescription": "An IPv4 CIDR range to include in this input security group.", - "title": "Cidr", + "CommonAttributes": { + "items": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.HttpEndpointCommonAttribute" + }, + "markdownDescription": "Describes the metadata sent to the HTTP endpoint destination.", + "title": "CommonAttributes", + "type": "array" + }, + "ContentEncoding": { + "markdownDescription": "Kinesis Data Firehose uses the content encoding to compress the body of a request before sending the request to the destination. For more information, see Content-Encoding in MDN Web Docs, the official Mozilla documentation.", + "title": "ContentEncoding", "type": "string" } }, "type": "object" }, - "AWS::MediaLive::Multiplex": { + "AWS::KinesisFirehose::DeliveryStream.IcebergDestinationConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "AppendOnly": { + "markdownDescription": "Describes whether all incoming data for this delivery stream will be append only (inserts only and not for updates and deletes) for Iceberg delivery. This feature is only applicable for Apache Iceberg Tables.\n\nThe default value is false. If you set this value to true, Firehose automatically increases the throughput limit of a stream based on the throttling levels of the stream. If you set this parameter to true for a stream with updates and deletes, you will see out of order delivery.", + "title": "AppendOnly", + "type": "boolean" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "BufferingHints": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.BufferingHints", + "markdownDescription": "", + "title": "BufferingHints" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "CatalogConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CatalogConfiguration", + "markdownDescription": "Configuration describing where the destination Apache Iceberg Tables are persisted.", + "title": "CatalogConfiguration" }, - "Metadata": { - "type": "object" + "CloudWatchLoggingOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", + "markdownDescription": "", + "title": "CloudWatchLoggingOptions" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AvailabilityZones": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of availability zones for the multiplex.", - "title": "AvailabilityZones", - "type": "array" - }, - "Destinations": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Multiplex.MultiplexOutputDestination" - }, - "markdownDescription": "A list of the multiplex output destinations.", - "title": "Destinations", - "type": "array" - }, - "MultiplexSettings": { - "$ref": "#/definitions/AWS::MediaLive::Multiplex.MultiplexSettings", - "markdownDescription": "Configuration for a multiplex event.", - "title": "MultiplexSettings" - }, - "Name": { - "markdownDescription": "The name of the multiplex.", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Multiplex.Tags" - }, - "markdownDescription": "A collection of key-value pairs.", - "title": "Tags", - "type": "array" - } + "DestinationTableConfigurationList": { + "items": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DestinationTableConfiguration" }, - "required": [ - "AvailabilityZones", - "MultiplexSettings", - "Name" - ], - "type": "object" + "markdownDescription": "Provides a list of `DestinationTableConfigurations` which Firehose uses to deliver data to Apache Iceberg Tables. Firehose will write data with insert if table specific configuration is not provided here.", + "title": "DestinationTableConfigurationList", + "type": "array" }, - "Type": { - "enum": [ - "AWS::MediaLive::Multiplex" - ], + "ProcessingConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", + "markdownDescription": "", + "title": "ProcessingConfiguration" + }, + "RetryOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.RetryOptions", + "markdownDescription": "", + "title": "RetryOptions" + }, + "RoleARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to be assumed by Firehose for calling Apache Iceberg Tables.", + "title": "RoleARN", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "S3Configuration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", + "markdownDescription": "", + "title": "S3Configuration" + }, + "SchemaEvolutionConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SchemaEvolutionConfiguration", + "markdownDescription": "The configuration to enable automatic schema evolution.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "SchemaEvolutionConfiguration" + }, + "TableCreationConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.TableCreationConfiguration", + "markdownDescription": "The configuration to enable automatic table creation.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "TableCreationConfiguration" + }, + "s3BackupMode": { + "markdownDescription": "Describes how Firehose will backup records. Currently,S3 backup only supports `FailedDataOnly` .", + "title": "s3BackupMode", "type": "string" } }, "required": [ - "Type", - "Properties" + "CatalogConfiguration", + "RoleARN", + "S3Configuration" ], "type": "object" }, - "AWS::MediaLive::Multiplex.MultiplexMediaConnectOutputDestinationSettings": { + "AWS::KinesisFirehose::DeliveryStream.InputFormatConfiguration": { "additionalProperties": false, "properties": { - "EntitlementArn": { - "markdownDescription": "The MediaConnect entitlement ARN available as a Flow source.", - "title": "EntitlementArn", - "type": "string" + "Deserializer": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.Deserializer", + "markdownDescription": "Specifies which deserializer to use. You can choose either the Apache Hive JSON SerDe or the OpenX JSON SerDe. If both are non-null, the server rejects the request.", + "title": "Deserializer" } }, "type": "object" }, - "AWS::MediaLive::Multiplex.MultiplexOutputDestination": { + "AWS::KinesisFirehose::DeliveryStream.KMSEncryptionConfig": { "additionalProperties": false, "properties": { - "MultiplexMediaConnectOutputDestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Multiplex.MultiplexMediaConnectOutputDestinationSettings", - "markdownDescription": "", - "title": "MultiplexMediaConnectOutputDestinationSettings" + "AWSKMSKeyARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS encryption key that Amazon S3 uses to encrypt data delivered by the Kinesis Data Firehose stream. The key must belong to the same region as the destination S3 bucket.", + "title": "AWSKMSKeyARN", + "type": "string" } }, + "required": [ + "AWSKMSKeyARN" + ], "type": "object" }, - "AWS::MediaLive::Multiplex.MultiplexSettings": { + "AWS::KinesisFirehose::DeliveryStream.KinesisStreamSourceConfiguration": { "additionalProperties": false, "properties": { - "MaximumVideoBufferDelayMilliseconds": { - "markdownDescription": "Maximum video buffer delay in milliseconds.", - "title": "MaximumVideoBufferDelayMilliseconds", - "type": "number" - }, - "TransportStreamBitrate": { - "markdownDescription": "Transport stream bit rate.", - "title": "TransportStreamBitrate", - "type": "number" - }, - "TransportStreamId": { - "markdownDescription": "Transport stream ID.", - "title": "TransportStreamId", - "type": "number" + "KinesisStreamARN": { + "markdownDescription": "The ARN of the source Kinesis data stream.", + "title": "KinesisStreamARN", + "type": "string" }, - "TransportStreamReservedBitrate": { - "markdownDescription": "Transport stream reserved bit rate.", - "title": "TransportStreamReservedBitrate", - "type": "number" + "RoleARN": { + "markdownDescription": "The ARN of the role that provides access to the source Kinesis data stream.", + "title": "RoleARN", + "type": "string" } }, "required": [ - "TransportStreamBitrate", - "TransportStreamId" + "KinesisStreamARN", + "RoleARN" ], "type": "object" }, - "AWS::MediaLive::Multiplex.Tags": { + "AWS::KinesisFirehose::DeliveryStream.MSKSourceConfiguration": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "", - "title": "Key", + "AuthenticationConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AuthenticationConfiguration", + "markdownDescription": "The authentication configuration of the Amazon MSK cluster.", + "title": "AuthenticationConfiguration" + }, + "MSKClusterARN": { + "markdownDescription": "The ARN of the Amazon MSK cluster.", + "title": "MSKClusterARN", "type": "string" }, - "Value": { - "markdownDescription": "", - "title": "Value", + "ReadFromTimestamp": { + "markdownDescription": "The start date and time in UTC for the offset position within your MSK topic from where Firehose begins to read. By default, this is set to timestamp when Firehose becomes Active.\n\nIf you want to create a Firehose stream with Earliest start position from SDK or CLI, you need to set the `ReadFromTimestamp` parameter to Epoch (1970-01-01T00:00:00Z).", + "title": "ReadFromTimestamp", + "type": "string" + }, + "TopicName": { + "markdownDescription": "The topic name within the Amazon MSK cluster.", + "title": "TopicName", "type": "string" } }, + "required": [ + "AuthenticationConfiguration", + "MSKClusterARN", + "TopicName" + ], "type": "object" }, - "AWS::MediaLive::Multiplexprogram": { + "AWS::KinesisFirehose::DeliveryStream.OpenXJsonSerDe": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "CaseInsensitive": { + "markdownDescription": "When set to `true` , which is the default, Firehose converts JSON keys to lowercase before deserializing them.", + "title": "CaseInsensitive", + "type": "boolean" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ChannelId": { - "type": "string" - }, - "MultiplexId": { - "markdownDescription": "The unique id of the multiplex.", - "title": "MultiplexId", - "type": "string" - }, - "MultiplexProgramSettings": { - "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram.MultiplexProgramSettings", - "markdownDescription": "Multiplex Program settings configuration.", - "title": "MultiplexProgramSettings" - }, - "PacketIdentifiersMap": { - "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram.MultiplexProgramPacketIdentifiersMap", - "markdownDescription": "", - "title": "PacketIdentifiersMap" - }, - "PipelineDetails": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram.MultiplexProgramPipelineDetail" - }, - "markdownDescription": "", - "title": "PipelineDetails", - "type": "array" - }, - "PreferredChannelPipeline": { - "markdownDescription": "Indicates which pipeline is preferred by the multiplex for program ingest.\nIf set to \\\"PIPELINE_0\\\" or \\\"PIPELINE_1\\\" and an unhealthy ingest causes the multiplex to switch to the non-preferred pipeline,\nit will switch back once that ingest is healthy again. If set to \\\"CURRENTLY_ACTIVE\\\",\nit will not switch back to the other pipeline based on it recovering to a healthy state,\nit will only switch if the active pipeline becomes unhealthy.", - "title": "PreferredChannelPipeline", - "type": "string" - }, - "ProgramName": { - "markdownDescription": "", - "title": "ProgramName", + "ColumnToJsonKeyMappings": { + "additionalProperties": true, + "markdownDescription": "Maps column names to JSON keys that aren't identical to the column names. This is useful when the JSON contains keys that are Hive keywords. For example, `timestamp` is a Hive keyword. If you have a JSON key named `timestamp` , set this parameter to `{\"ts\": \"timestamp\"}` to map this key to a column named `ts` .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { "type": "string" } }, + "title": "ColumnToJsonKeyMappings", "type": "object" }, - "Type": { - "enum": [ - "AWS::MediaLive::Multiplexprogram" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "ConvertDotsInJsonKeysToUnderscores": { + "markdownDescription": "When set to `true` , specifies that the names of the keys include dots and that you want Firehose to replace them with underscores. This is useful because Apache Hive does not allow dots in column names. For example, if the JSON contains a key whose name is \"a.b\", you can define the column name to be \"a_b\" when using this option.\n\nThe default is `false` .", + "title": "ConvertDotsInJsonKeysToUnderscores", + "type": "boolean" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::MediaLive::Multiplexprogram.MultiplexProgramPacketIdentifiersMap": { + "AWS::KinesisFirehose::DeliveryStream.OrcSerDe": { "additionalProperties": false, "properties": { - "AudioPids": { - "items": { - "type": "number" - }, - "markdownDescription": "", - "title": "AudioPids", - "type": "array" - }, - "DvbSubPids": { - "items": { - "type": "number" - }, - "markdownDescription": "", - "title": "DvbSubPids", - "type": "array" - }, - "DvbTeletextPid": { - "markdownDescription": "", - "title": "DvbTeletextPid", - "type": "number" - }, - "EtvPlatformPid": { - "markdownDescription": "", - "title": "EtvPlatformPid", - "type": "number" - }, - "EtvSignalPid": { - "markdownDescription": "", - "title": "EtvSignalPid", + "BlockSizeBytes": { + "markdownDescription": "The Hadoop Distributed File System (HDFS) block size. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is 256 MiB and the minimum is 64 MiB. Firehose uses this value for padding calculations.", + "title": "BlockSizeBytes", "type": "number" }, - "KlvDataPids": { + "BloomFilterColumns": { "items": { - "type": "number" + "type": "string" }, - "markdownDescription": "", - "title": "KlvDataPids", + "markdownDescription": "The column names for which you want Firehose to create bloom filters. The default is `null` .", + "title": "BloomFilterColumns", "type": "array" }, - "PcrPid": { - "markdownDescription": "", - "title": "PcrPid", + "BloomFilterFalsePositiveProbability": { + "markdownDescription": "The Bloom filter false positive probability (FPP). The lower the FPP, the bigger the Bloom filter. The default value is 0.05, the minimum is 0, and the maximum is 1.", + "title": "BloomFilterFalsePositiveProbability", "type": "number" }, - "PmtPid": { - "markdownDescription": "", - "title": "PmtPid", - "type": "number" + "Compression": { + "markdownDescription": "The compression code to use over data blocks. The default is `SNAPPY` .", + "title": "Compression", + "type": "string" }, - "PrivateMetadataPid": { - "markdownDescription": "", - "title": "PrivateMetadataPid", + "DictionaryKeyThreshold": { + "markdownDescription": "Represents the fraction of the total number of non-null rows. To turn off dictionary encoding, set this fraction to a number that is less than the number of distinct keys in a dictionary. To always use dictionary encoding, set this threshold to 1.", + "title": "DictionaryKeyThreshold", "type": "number" }, - "Scte27Pids": { - "items": { - "type": "number" - }, - "markdownDescription": "", - "title": "Scte27Pids", - "type": "array" + "EnablePadding": { + "markdownDescription": "Set this to `true` to indicate that you want stripes to be padded to the HDFS block boundaries. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is `false` .", + "title": "EnablePadding", + "type": "boolean" }, - "Scte35Pid": { - "markdownDescription": "", - "title": "Scte35Pid", + "FormatVersion": { + "markdownDescription": "The version of the file to write. The possible values are `V0_11` and `V0_12` . The default is `V0_12` .", + "title": "FormatVersion", + "type": "string" + }, + "PaddingTolerance": { + "markdownDescription": "A number between 0 and 1 that defines the tolerance for block padding as a decimal fraction of stripe size. The default value is 0.05, which means 5 percent of stripe size.\n\nFor the default values of 64 MiB ORC stripes and 256 MiB HDFS blocks, the default block padding tolerance of 5 percent reserves a maximum of 3.2 MiB for padding within the 256 MiB block. In such a case, if the available size within the block is more than 3.2 MiB, a new, smaller stripe is inserted to fit within that space. This ensures that no stripe crosses block boundaries and causes remote reads within a node-local task.\n\nKinesis Data Firehose ignores this parameter when `EnablePadding` is `false` .", + "title": "PaddingTolerance", "type": "number" }, - "TimedMetadataPid": { - "markdownDescription": "", - "title": "TimedMetadataPid", + "RowIndexStride": { + "markdownDescription": "The number of rows between index entries. The default is 10,000 and the minimum is 1,000.", + "title": "RowIndexStride", "type": "number" }, - "VideoPid": { - "markdownDescription": "", - "title": "VideoPid", + "StripeSizeBytes": { + "markdownDescription": "The number of bytes in each stripe. The default is 64 MiB and the minimum is 8 MiB.", + "title": "StripeSizeBytes", "type": "number" } }, "type": "object" }, - "AWS::MediaLive::Multiplexprogram.MultiplexProgramPipelineDetail": { + "AWS::KinesisFirehose::DeliveryStream.OutputFormatConfiguration": { "additionalProperties": false, "properties": { - "ActiveChannelPipeline": { - "markdownDescription": "Identifies the channel pipeline that is currently active for the pipeline (identified by PipelineId) in the multiplex.", - "title": "ActiveChannelPipeline", - "type": "string" - }, - "PipelineId": { - "markdownDescription": "Identifies a specific pipeline in the multiplex.", - "title": "PipelineId", - "type": "string" + "Serializer": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.Serializer", + "markdownDescription": "Specifies which serializer to use. You can choose either the ORC SerDe or the Parquet SerDe. If both are non-null, the server rejects the request.", + "title": "Serializer" } }, "type": "object" }, - "AWS::MediaLive::Multiplexprogram.MultiplexProgramServiceDescriptor": { + "AWS::KinesisFirehose::DeliveryStream.ParquetSerDe": { "additionalProperties": false, "properties": { - "ProviderName": { - "markdownDescription": "Name of the provider.", - "title": "ProviderName", + "BlockSizeBytes": { + "markdownDescription": "The Hadoop Distributed File System (HDFS) block size. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is 256 MiB and the minimum is 64 MiB. Firehose uses this value for padding calculations.", + "title": "BlockSizeBytes", + "type": "number" + }, + "Compression": { + "markdownDescription": "The compression code to use over data blocks. The possible values are `UNCOMPRESSED` , `SNAPPY` , and `GZIP` , with the default being `SNAPPY` . Use `SNAPPY` for higher decompression speed. Use `GZIP` if the compression ratio is more important than speed.", + "title": "Compression", "type": "string" }, - "ServiceName": { - "markdownDescription": "Name of the service.", - "title": "ServiceName", + "EnableDictionaryCompression": { + "markdownDescription": "Indicates whether to enable dictionary compression.", + "title": "EnableDictionaryCompression", + "type": "boolean" + }, + "MaxPaddingBytes": { + "markdownDescription": "The maximum amount of padding to apply. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is 0.", + "title": "MaxPaddingBytes", + "type": "number" + }, + "PageSizeBytes": { + "markdownDescription": "The Parquet page size. Column chunks are divided into pages. A page is conceptually an indivisible unit (in terms of compression and encoding). The minimum value is 64 KiB and the default is 1 MiB.", + "title": "PageSizeBytes", + "type": "number" + }, + "WriterVersion": { + "markdownDescription": "Indicates the version of row format to output. The possible values are `V1` and `V2` . The default is `V1` .", + "title": "WriterVersion", "type": "string" } }, - "required": [ - "ProviderName", - "ServiceName" - ], "type": "object" }, - "AWS::MediaLive::Multiplexprogram.MultiplexProgramSettings": { + "AWS::KinesisFirehose::DeliveryStream.PartitionField": { "additionalProperties": false, "properties": { - "PreferredChannelPipeline": { - "markdownDescription": "Indicates which pipeline is preferred by the multiplex for program ingest.", - "title": "PreferredChannelPipeline", + "SourceName": { + "markdownDescription": "The column name to be configured in partition spec.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "SourceName", "type": "string" - }, - "ProgramNumber": { - "markdownDescription": "Unique program number.", - "title": "ProgramNumber", - "type": "number" - }, - "ServiceDescriptor": { - "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram.MultiplexProgramServiceDescriptor", - "markdownDescription": "Transport stream service descriptor configuration for the Multiplex program.", - "title": "ServiceDescriptor" - }, - "VideoSettings": { - "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram.MultiplexVideoSettings", - "markdownDescription": "Program video settings configuration.", - "title": "VideoSettings" } }, "required": [ - "ProgramNumber" + "SourceName" ], "type": "object" }, - "AWS::MediaLive::Multiplexprogram.MultiplexStatmuxVideoSettings": { + "AWS::KinesisFirehose::DeliveryStream.PartitionSpec": { "additionalProperties": false, "properties": { - "MaximumBitrate": { - "markdownDescription": "Maximum statmux bitrate.", - "title": "MaximumBitrate", - "type": "number" - }, - "MinimumBitrate": { - "markdownDescription": "Minimum statmux bitrate.", - "title": "MinimumBitrate", - "type": "number" + "Identity": { + "items": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.PartitionField" + }, + "markdownDescription": "List of identity [transforms](https://docs.aws.amazon.com/https://iceberg.apache.org/spec/#partition-transforms) that performs an identity transformation. The transform takes the source value, and does not modify it. Result type is the source type.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "Identity", + "type": "array" + } + }, + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Indicates whether data processing is enabled (true) or disabled (false).", + "title": "Enabled", + "type": "boolean" }, - "Priority": { - "markdownDescription": "The purpose of the priority is to use a combination of the\\nmultiplex rate control algorithm and the QVBR capability of the\\nencoder to prioritize the video quality of some channels in a\\nmultiplex over others. Channels that have a higher priority will\\nget higher video quality at the expense of the video quality of\\nother channels in the multiplex with lower priority.", - "title": "Priority", - "type": "number" + "Processors": { + "items": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.Processor" + }, + "markdownDescription": "The data processors.", + "title": "Processors", + "type": "array" } }, "type": "object" }, - "AWS::MediaLive::Multiplexprogram.MultiplexVideoSettings": { + "AWS::KinesisFirehose::DeliveryStream.Processor": { "additionalProperties": false, "properties": { - "ConstantBitrate": { - "markdownDescription": "The constant bitrate configuration for the video encode.\nWhen this field is defined, StatmuxSettings must be undefined.", - "title": "ConstantBitrate", - "type": "number" + "Parameters": { + "items": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessorParameter" + }, + "markdownDescription": "The processor parameters.", + "title": "Parameters", + "type": "array" }, - "StatmuxSettings": { - "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram.MultiplexStatmuxVideoSettings", - "markdownDescription": "Statmux rate control settings.\nWhen this field is defined, ConstantBitrate must be undefined.", - "title": "StatmuxSettings" + "Type": { + "markdownDescription": "The type of processor. Valid values: `Lambda` .", + "title": "Type", + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::MediaPackage::Asset": { + "AWS::KinesisFirehose::DeliveryStream.ProcessorParameter": { "additionalProperties": false, "properties": { - "Condition": { + "ParameterName": { + "markdownDescription": "The name of the parameter. Currently the following default values are supported: 3 for `NumberOfRetries` and 60 for the `BufferIntervalInSeconds` . The `BufferSizeInMBs` ranges between 0.2 MB and up to 3MB. The default buffering hint is 1MB for all destinations, except Splunk. For Splunk, the default buffering hint is 256 KB.", + "title": "ParameterName", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ParameterValue": { + "markdownDescription": "The parameter value.", + "title": "ParameterValue", "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + } + }, + "required": [ + "ParameterName", + "ParameterValue" + ], + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.RedshiftDestinationConfiguration": { + "additionalProperties": false, + "properties": { + "CloudWatchLoggingOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", + "markdownDescription": "The CloudWatch logging options for your Firehose stream.", + "title": "CloudWatchLoggingOptions" + }, + "ClusterJDBCURL": { + "markdownDescription": "The connection string that Kinesis Data Firehose uses to connect to the Amazon Redshift cluster.", + "title": "ClusterJDBCURL", + "type": "string" + }, + "CopyCommand": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CopyCommand", + "markdownDescription": "Configures the Amazon Redshift `COPY` command that Kinesis Data Firehose uses to load data into the cluster from the Amazon S3 bucket.", + "title": "CopyCommand" + }, + "Password": { + "markdownDescription": "The password for the Amazon Redshift user that you specified in the `Username` property.", + "title": "Password", + "type": "string" + }, + "ProcessingConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", + "markdownDescription": "The data processing configuration for the Kinesis Data Firehose delivery stream.", + "title": "ProcessingConfiguration" + }, + "RetryOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.RedshiftRetryOptions", + "markdownDescription": "The retry behavior in case Firehose is unable to deliver documents to Amazon Redshift. Default value is 3600 (60 minutes).", + "title": "RetryOptions" + }, + "RoleARN": { + "markdownDescription": "The ARN of the AWS Identity and Access Management (IAM) role that grants Kinesis Data Firehose access to your Amazon S3 bucket and AWS KMS (if you enable data encryption). For more information, see [Grant Kinesis Data Firehose Access to an Amazon Redshift Destination](https://docs.aws.amazon.com/firehose/latest/dev/controlling-access.html#using-iam-rs) in the *Amazon Kinesis Data Firehose Developer Guide* .", + "title": "RoleARN", + "type": "string" + }, + "S3BackupConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", + "markdownDescription": "The configuration for backup in Amazon S3.", + "title": "S3BackupConfiguration" + }, + "S3BackupMode": { + "markdownDescription": "The Amazon S3 backup mode. After you create a Firehose stream, you can update it to enable Amazon S3 backup if it is disabled. If backup is enabled, you can't update the Firehose stream to disable it.", + "title": "S3BackupMode", + "type": "string" + }, + "S3Configuration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", + "markdownDescription": "The S3 bucket where Kinesis Data Firehose first delivers data. After the data is in the bucket, Kinesis Data Firehose uses the `COPY` command to load the data into the Amazon Redshift cluster. For the Amazon S3 bucket's compression format, don't specify `SNAPPY` or `ZIP` because the Amazon Redshift `COPY` command doesn't support them.", + "title": "S3Configuration" + }, + "SecretsManagerConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SecretsManagerConfiguration", + "markdownDescription": "The configuration that defines how you access secrets for Amazon Redshift.", + "title": "SecretsManagerConfiguration" + }, + "Username": { + "markdownDescription": "The Amazon Redshift user that has permission to access the Amazon Redshift cluster. This user must have `INSERT` privileges for copying data from the Amazon S3 bucket to the cluster.", + "title": "Username", + "type": "string" + } + }, + "required": [ + "ClusterJDBCURL", + "CopyCommand", + "RoleARN", + "S3Configuration" + ], + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.RedshiftRetryOptions": { + "additionalProperties": false, + "properties": { + "DurationInSeconds": { + "markdownDescription": "The length of time during which Firehose retries delivery after a failure, starting from the initial request and including the first attempt. The default value is 3600 seconds (60 minutes). Firehose does not retry if the value of `DurationInSeconds` is 0 (zero) or if the first delivery attempt takes longer than the current value.", + "title": "DurationInSeconds", + "type": "number" + } + }, + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.RetryOptions": { + "additionalProperties": false, + "properties": { + "DurationInSeconds": { + "markdownDescription": "The total amount of time that Kinesis Data Firehose spends on retries. This duration starts after the initial attempt to send data to the custom destination via HTTPS endpoint fails. It doesn't include the periods during which Kinesis Data Firehose waits for acknowledgment from the specified destination after each attempt.", + "title": "DurationInSeconds", + "type": "number" + } + }, + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration": { + "additionalProperties": false, + "properties": { + "BucketARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon S3 bucket to send data to.", + "title": "BucketARN", + "type": "string" + }, + "BufferingHints": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.BufferingHints", + "markdownDescription": "Configures how Kinesis Data Firehose buffers incoming data while delivering it to the Amazon S3 bucket.", + "title": "BufferingHints" + }, + "CloudWatchLoggingOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", + "markdownDescription": "The CloudWatch logging options for your Firehose stream.", + "title": "CloudWatchLoggingOptions" + }, + "CompressionFormat": { + "markdownDescription": "The type of compression that Kinesis Data Firehose uses to compress the data that it delivers to the Amazon S3 bucket. For valid values, see the `CompressionFormat` content for the [S3DestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_S3DestinationConfiguration.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", + "title": "CompressionFormat", + "type": "string" + }, + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.EncryptionConfiguration", + "markdownDescription": "Configures Amazon Simple Storage Service (Amazon S3) server-side encryption. Kinesis Data Firehose uses AWS Key Management Service ( AWS KMS) to encrypt the data that it delivers to your Amazon S3 bucket.", + "title": "EncryptionConfiguration" + }, + "ErrorOutputPrefix": { + "markdownDescription": "A prefix that Kinesis Data Firehose evaluates and adds to failed records before writing them to S3. This prefix appears immediately following the bucket name. For information about how to specify this prefix, see [Custom Prefixes for Amazon S3 Objects](https://docs.aws.amazon.com/firehose/latest/dev/s3-prefixes.html) .", + "title": "ErrorOutputPrefix", + "type": "string" + }, + "Prefix": { + "markdownDescription": "A prefix that Kinesis Data Firehose adds to the files that it delivers to the Amazon S3 bucket. The prefix helps you identify the files that Kinesis Data Firehose delivered.", + "title": "Prefix", + "type": "string" + }, + "RoleARN": { + "markdownDescription": "The ARN of an AWS Identity and Access Management (IAM) role that grants Kinesis Data Firehose access to your Amazon S3 bucket and AWS KMS (if you enable data encryption). For more information, see [Grant Kinesis Data Firehose Access to an Amazon S3 Destination](https://docs.aws.amazon.com/firehose/latest/dev/controlling-access.html#using-iam-s3) in the *Amazon Kinesis Data Firehose Developer Guide* .", + "title": "RoleARN", + "type": "string" + } + }, + "required": [ + "BucketARN", + "RoleARN" + ], + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.SchemaConfiguration": { + "additionalProperties": false, + "properties": { + "CatalogId": { + "markdownDescription": "The ID of the AWS Glue Data Catalog. If you don't supply this, the AWS account ID is used by default.", + "title": "CatalogId", + "type": "string" + }, + "DatabaseName": { + "markdownDescription": "Specifies the name of the AWS Glue database that contains the schema for the output data.\n\n> If the `SchemaConfiguration` request parameter is used as part of invoking the `CreateDeliveryStream` API, then the `DatabaseName` property is required and its value must be specified.", + "title": "DatabaseName", + "type": "string" + }, + "Region": { + "markdownDescription": "If you don't specify an AWS Region, the default is the current Region.", + "title": "Region", + "type": "string" + }, + "RoleARN": { + "markdownDescription": "The role that Firehose can use to access AWS Glue. This role must be in the same account you use for Firehose. Cross-account roles aren't allowed.\n\n> If the `SchemaConfiguration` request parameter is used as part of invoking the `CreateDeliveryStream` API, then the `RoleARN` property is required and its value must be specified.", + "title": "RoleARN", + "type": "string" + }, + "TableName": { + "markdownDescription": "Specifies the AWS Glue table that contains the column information that constitutes your data schema.\n\n> If the `SchemaConfiguration` request parameter is used as part of invoking the `CreateDeliveryStream` API, then the `TableName` property is required and its value must be specified.", + "title": "TableName", + "type": "string" + }, + "VersionId": { + "markdownDescription": "Specifies the table version for the output data schema. If you don't specify this version ID, or if you set it to `LATEST` , Firehose uses the most recent version. This means that any updates to the table are automatically picked up.", + "title": "VersionId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.SchemaEvolutionConfiguration": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Specify whether you want to enable schema evolution.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "Enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.SecretsManagerConfiguration": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Specifies whether you want to use the secrets manager feature. When set as `True` the secrets manager configuration overwrites the existing secrets in the destination configuration. When it's set to `False` Firehose falls back to the credentials in the destination configuration.", + "title": "Enabled", + "type": "boolean" + }, + "RoleARN": { + "markdownDescription": "Specifies the role that Firehose assumes when calling the Secrets Manager API operation. When you provide the role, it overrides any destination specific role defined in the destination configuration. If you do not provide the then we use the destination specific role. This parameter is required for Splunk.", + "title": "RoleARN", + "type": "string" + }, + "SecretARN": { + "markdownDescription": "The ARN of the secret that stores your credentials. It must be in the same region as the Firehose stream and the role. The secret ARN can reside in a different account than the Firehose stream and role as Firehose supports cross-account secret access. This parameter is required when *Enabled* is set to `True` .", + "title": "SecretARN", + "type": "string" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.Serializer": { + "additionalProperties": false, + "properties": { + "OrcSerDe": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.OrcSerDe", + "markdownDescription": "A serializer to use for converting data to the ORC format before storing it in Amazon S3. For more information, see [Apache ORC](https://docs.aws.amazon.com/https://orc.apache.org/docs/) .", + "title": "OrcSerDe" + }, + "ParquetSerDe": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ParquetSerDe", + "markdownDescription": "A serializer to use for converting data to the Parquet format before storing it in Amazon S3. For more information, see [Apache Parquet](https://docs.aws.amazon.com/https://parquet.apache.org/docs/contribution-guidelines/) .", + "title": "ParquetSerDe" + } + }, + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.SnowflakeBufferingHints": { + "additionalProperties": false, + "properties": { + "IntervalInSeconds": { + "markdownDescription": "Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 0.", + "title": "IntervalInSeconds", + "type": "number" + }, + "SizeInMBs": { + "markdownDescription": "Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 128.", + "title": "SizeInMBs", + "type": "number" + } + }, + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.SnowflakeDestinationConfiguration": { + "additionalProperties": false, + "properties": { + "AccountUrl": { + "markdownDescription": "URL for accessing your Snowflake account. This URL must include your [account identifier](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/admin-account-identifier) . Note that the protocol (https://) and port number are optional.", + "title": "AccountUrl", + "type": "string" + }, + "BufferingHints": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SnowflakeBufferingHints", + "markdownDescription": "Describes the buffering to perform before delivering data to the Snowflake destination. If you do not specify any value, Firehose uses the default values.", + "title": "BufferingHints" + }, + "CloudWatchLoggingOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", + "markdownDescription": "", + "title": "CloudWatchLoggingOptions" + }, + "ContentColumnName": { + "markdownDescription": "The name of the record content column.", + "title": "ContentColumnName", + "type": "string" + }, + "DataLoadingOption": { + "markdownDescription": "Choose to load JSON keys mapped to table column names or choose to split the JSON payload where content is mapped to a record content column and source metadata is mapped to a record metadata column.", + "title": "DataLoadingOption", + "type": "string" + }, + "Database": { + "markdownDescription": "All data in Snowflake is maintained in databases.", + "title": "Database", + "type": "string" + }, + "KeyPassphrase": { + "markdownDescription": "Passphrase to decrypt the private key when the key is encrypted. For information, see [Using Key Pair Authentication & Key Rotation](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/data-load-snowpipe-streaming-configuration#using-key-pair-authentication-key-rotation) .", + "title": "KeyPassphrase", + "type": "string" + }, + "MetaDataColumnName": { + "markdownDescription": "Specify a column name in the table, where the metadata information has to be loaded. When you enable this field, you will see the following column in the snowflake table, which differs based on the source type.\n\nFor Direct PUT as source\n\n`{ \"firehoseDeliveryStreamName\" : \"streamname\", \"IngestionTime\" : \"timestamp\" }`\n\nFor Kinesis Data Stream as source\n\n`\"kinesisStreamName\" : \"streamname\", \"kinesisShardId\" : \"Id\", \"kinesisPartitionKey\" : \"key\", \"kinesisSequenceNumber\" : \"1234\", \"subsequenceNumber\" : \"2334\", \"IngestionTime\" : \"timestamp\" }`", + "title": "MetaDataColumnName", + "type": "string" + }, + "PrivateKey": { + "markdownDescription": "The private key used to encrypt your Snowflake client. For information, see [Using Key Pair Authentication & Key Rotation](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/data-load-snowpipe-streaming-configuration#using-key-pair-authentication-key-rotation) .", + "title": "PrivateKey", + "type": "string" + }, + "ProcessingConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", + "markdownDescription": "", + "title": "ProcessingConfiguration" + }, + "RetryOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SnowflakeRetryOptions", + "markdownDescription": "The time period where Firehose will retry sending data to the chosen HTTP endpoint.", + "title": "RetryOptions" + }, + "RoleARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Snowflake role", + "title": "RoleARN", + "type": "string" + }, + "S3BackupMode": { + "markdownDescription": "Choose an S3 backup mode", + "title": "S3BackupMode", + "type": "string" + }, + "S3Configuration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", + "markdownDescription": "", + "title": "S3Configuration" + }, + "Schema": { + "markdownDescription": "Each database consists of one or more schemas, which are logical groupings of database objects, such as tables and views", + "title": "Schema", + "type": "string" + }, + "SecretsManagerConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SecretsManagerConfiguration", + "markdownDescription": "The configuration that defines how you access secrets for Snowflake.", + "title": "SecretsManagerConfiguration" + }, + "SnowflakeRoleConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SnowflakeRoleConfiguration", + "markdownDescription": "Optionally configure a Snowflake role. Otherwise the default user role will be used.", + "title": "SnowflakeRoleConfiguration" + }, + "SnowflakeVpcConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SnowflakeVpcConfiguration", + "markdownDescription": "The VPCE ID for Firehose to privately connect with Snowflake. The ID format is com.amazonaws.vpce.[region].vpce-svc-<[id]>. For more information, see [Amazon PrivateLink & Snowflake](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/admin-security-privatelink)", + "title": "SnowflakeVpcConfiguration" + }, + "Table": { + "markdownDescription": "All data in Snowflake is stored in database tables, logically structured as collections of columns and rows.", + "title": "Table", + "type": "string" + }, + "User": { + "markdownDescription": "User login name for the Snowflake account.", + "title": "User", + "type": "string" + } + }, + "required": [ + "AccountUrl", + "Database", + "RoleARN", + "S3Configuration", + "Schema", + "Table" + ], + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.SnowflakeRetryOptions": { + "additionalProperties": false, + "properties": { + "DurationInSeconds": { + "markdownDescription": "the time period where Firehose will retry sending data to the chosen HTTP endpoint.", + "title": "DurationInSeconds", + "type": "number" + } + }, + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.SnowflakeRoleConfiguration": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Enable Snowflake role", + "title": "Enabled", + "type": "boolean" + }, + "SnowflakeRole": { + "markdownDescription": "The Snowflake role you wish to configure", + "title": "SnowflakeRole", + "type": "string" + } + }, + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.SnowflakeVpcConfiguration": { + "additionalProperties": false, + "properties": { + "PrivateLinkVpceId": { + "markdownDescription": "The VPCE ID for Firehose to privately connect with Snowflake. The ID format is com.amazonaws.vpce.[region].vpce-svc-<[id]>. For more information, see [Amazon PrivateLink & Snowflake](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/admin-security-privatelink)", + "title": "PrivateLinkVpceId", + "type": "string" + } + }, + "required": [ + "PrivateLinkVpceId" + ], + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.SplunkBufferingHints": { + "additionalProperties": false, + "properties": { + "IntervalInSeconds": { + "markdownDescription": "Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 60 (1 minute).", + "title": "IntervalInSeconds", + "type": "number" + }, + "SizeInMBs": { + "markdownDescription": "Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 5.", + "title": "SizeInMBs", + "type": "number" + } + }, + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.SplunkDestinationConfiguration": { + "additionalProperties": false, + "properties": { + "BufferingHints": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SplunkBufferingHints", + "markdownDescription": "The buffering options. If no value is specified, the default values for Splunk are used.", + "title": "BufferingHints" + }, + "CloudWatchLoggingOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", + "markdownDescription": "The Amazon CloudWatch logging options for your Firehose stream.", + "title": "CloudWatchLoggingOptions" + }, + "HECAcknowledgmentTimeoutInSeconds": { + "markdownDescription": "The amount of time that Firehose waits to receive an acknowledgment from Splunk after it sends it data. At the end of the timeout period, Firehose either tries to send the data again or considers it an error, based on your retry settings.", + "title": "HECAcknowledgmentTimeoutInSeconds", + "type": "number" + }, + "HECEndpoint": { + "markdownDescription": "The HTTP Event Collector (HEC) endpoint to which Firehose sends your data.", + "title": "HECEndpoint", + "type": "string" + }, + "HECEndpointType": { + "markdownDescription": "This type can be either `Raw` or `Event` .", + "title": "HECEndpointType", + "type": "string" + }, + "HECToken": { + "markdownDescription": "This is a GUID that you obtain from your Splunk cluster when you create a new HEC endpoint.", + "title": "HECToken", + "type": "string" + }, + "ProcessingConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", + "markdownDescription": "The data processing configuration.", + "title": "ProcessingConfiguration" + }, + "RetryOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SplunkRetryOptions", + "markdownDescription": "The retry behavior in case Firehose is unable to deliver data to Splunk, or if it doesn't receive an acknowledgment of receipt from Splunk.", + "title": "RetryOptions" + }, + "S3BackupMode": { + "markdownDescription": "Defines how documents should be delivered to Amazon S3. When set to `FailedEventsOnly` , Firehose writes any data that could not be indexed to the configured Amazon S3 destination. When set to `AllEvents` , Firehose delivers all incoming records to Amazon S3, and also writes failed documents to Amazon S3. The default value is `FailedEventsOnly` .\n\nYou can update this backup mode from `FailedEventsOnly` to `AllEvents` . You can't update it from `AllEvents` to `FailedEventsOnly` .", + "title": "S3BackupMode", + "type": "string" + }, + "S3Configuration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", + "markdownDescription": "The configuration for the backup Amazon S3 location.", + "title": "S3Configuration" + }, + "SecretsManagerConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SecretsManagerConfiguration", + "markdownDescription": "The configuration that defines how you access secrets for Splunk.", + "title": "SecretsManagerConfiguration" + } + }, + "required": [ + "HECEndpoint", + "HECEndpointType", + "S3Configuration" + ], + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.SplunkRetryOptions": { + "additionalProperties": false, + "properties": { + "DurationInSeconds": { + "markdownDescription": "The total amount of time that Firehose spends on retries. This duration starts after the initial attempt to send data to Splunk fails. It doesn't include the periods during which Firehose waits for acknowledgment from Splunk after each attempt.", + "title": "DurationInSeconds", + "type": "number" + } + }, + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.TableCreationConfiguration": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Specify whether you want to enable automatic table creation.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "Enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.VpcConfiguration": { + "additionalProperties": false, + "properties": { + "RoleARN": { + "markdownDescription": "The ARN of the IAM role that you want the delivery stream to use to create endpoints in the destination VPC. You can use your existing Kinesis Data Firehose delivery role or you can specify a new role. In either case, make sure that the role trusts the Kinesis Data Firehose service principal and that it grants the following permissions:\n\n- `ec2:DescribeVpcs`\n- `ec2:DescribeVpcAttribute`\n- `ec2:DescribeSubnets`\n- `ec2:DescribeSecurityGroups`\n- `ec2:DescribeNetworkInterfaces`\n- `ec2:CreateNetworkInterface`\n- `ec2:CreateNetworkInterfacePermission`\n- `ec2:DeleteNetworkInterface`\n\nIf you revoke these permissions after you create the delivery stream, Kinesis Data Firehose can't scale out by creating more ENIs when necessary. You might therefore see a degradation in performance.", + "title": "RoleARN", + "type": "string" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the security groups that you want Kinesis Data Firehose to use when it creates ENIs in the VPC of the Amazon ES destination. You can use the same security group that the Amazon ES domain uses or different ones. If you specify different security groups here, ensure that they allow outbound HTTPS traffic to the Amazon ES domain's security group. Also ensure that the Amazon ES domain's security group allows HTTPS traffic from the security groups specified here. If you use the same security group for both your delivery stream and the Amazon ES domain, make sure the security group inbound rule allows HTTPS traffic.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the subnets that Kinesis Data Firehose uses to create ENIs in the VPC of the Amazon ES destination. Make sure that the routing tables and inbound and outbound rules allow traffic to flow from the subnets whose IDs are specified here to the subnets that have the destination Amazon ES endpoints. Kinesis Data Firehose creates at least one ENI in each of the subnets that are specified here. Do not delete or modify these ENIs.\n\nThe number of ENIs that Kinesis Data Firehose creates in the subnets specified here scales up and down automatically based on throughput. To enable Kinesis Data Firehose to scale up the number of ENIs to match throughput, ensure that you have sufficient quota. To help you calculate the quota you need, assume that Kinesis Data Firehose can create up to three ENIs for this delivery stream for each of the subnets specified here.", + "title": "SubnetIds", + "type": "array" + } + }, + "required": [ + "RoleARN", + "SecurityGroupIds", + "SubnetIds" + ], + "type": "object" + }, + "AWS::KinesisVideo::SignalingChannel": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { @@ -161883,59 +167085,35 @@ "Properties": { "additionalProperties": false, "properties": { - "EgressEndpoints": { - "items": { - "$ref": "#/definitions/AWS::MediaPackage::Asset.EgressEndpoint" - }, - "markdownDescription": "List of playback endpoints that are available for this asset.", - "title": "EgressEndpoints", - "type": "array" - }, - "Id": { - "markdownDescription": "Unique identifier that you assign to the asset.", - "title": "Id", - "type": "string" - }, - "PackagingGroupId": { - "markdownDescription": "The ID of the packaging group associated with this asset.", - "title": "PackagingGroupId", - "type": "string" - }, - "ResourceId": { - "markdownDescription": "Unique identifier for this asset, as it's configured in the key provider service.", - "title": "ResourceId", - "type": "string" - }, - "SourceArn": { - "markdownDescription": "The ARN for the source content in Amazon S3.", - "title": "SourceArn", - "type": "string" + "MessageTtlSeconds": { + "markdownDescription": "The period of time (in seconds) a signaling channel retains undelivered messages before they are discarded. Use `API_UpdateSignalingChannel` to update this value.", + "title": "MessageTtlSeconds", + "type": "number" }, - "SourceRoleArn": { - "markdownDescription": "The ARN for the IAM role that provides AWS Elemental MediaPackage access to the Amazon S3 bucket where the source content is stored. Valid format: arn:aws:iam::{accountID}:role/{name}", - "title": "SourceRoleArn", + "Name": { + "markdownDescription": "A name for the signaling channel that you are creating. It must be unique for each AWS account and AWS Region .", + "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to assign to the asset.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" + }, + "Type": { + "markdownDescription": "A type of the signaling channel that you are creating. Currently, `SINGLE_MASTER` is the only supported channel type.", + "title": "Type", + "type": "string" } }, - "required": [ - "Id", - "PackagingGroupId", - "SourceArn", - "SourceRoleArn" - ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaPackage::Asset" + "AWS::KinesisVideo::SignalingChannel" ], "type": "string" }, @@ -161949,32 +167127,102 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::MediaPackage::Asset.EgressEndpoint": { + "AWS::KinesisVideo::Stream": { "additionalProperties": false, "properties": { - "PackagingConfigurationId": { - "markdownDescription": "The ID of a packaging configuration that's applied to this asset.", - "title": "PackagingConfigurationId", + "Condition": { "type": "string" }, - "Url": { - "markdownDescription": "The URL that's used to request content from this endpoint.", - "title": "Url", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DataRetentionInHours": { + "markdownDescription": "How long the stream retains data, in hours.", + "title": "DataRetentionInHours", + "type": "number" + }, + "DeviceName": { + "markdownDescription": "The name of the device that is associated with the stream.", + "title": "DeviceName", + "type": "string" + }, + "KmsKeyId": { + "markdownDescription": "The ID of the AWS Key Management Service ( AWS KMS ) key that Kinesis Video Streams uses to encrypt data on the stream.", + "title": "KmsKeyId", + "type": "string" + }, + "MediaType": { + "markdownDescription": "The `MediaType` of the stream.", + "title": "MediaType", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the stream.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::KinesisVideo::Stream" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "PackagingConfigurationId", - "Url" + "Type" ], "type": "object" }, - "AWS::MediaPackage::Channel": { + "AWS::LakeFormation::DataCellsFilter": { "additionalProperties": false, "properties": { "Condition": { @@ -162009,48 +167257,56 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "Any descriptive information that you want to add to the channel for future identification purposes.", - "title": "Description", - "type": "string" + "ColumnNames": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of UTF-8 strings. A list of column names.", + "title": "ColumnNames", + "type": "array" }, - "EgressAccessLogs": { - "$ref": "#/definitions/AWS::MediaPackage::Channel.LogConfiguration", - "markdownDescription": "Configures egress access logs.", - "title": "EgressAccessLogs" + "ColumnWildcard": { + "$ref": "#/definitions/AWS::LakeFormation::DataCellsFilter.ColumnWildcard", + "markdownDescription": "A wildcard with exclusions. You must specify either a `ColumnNames` list or the `ColumnWildCard` .", + "title": "ColumnWildcard" }, - "HlsIngest": { - "$ref": "#/definitions/AWS::MediaPackage::Channel.HlsIngest", - "markdownDescription": "The input URL where the source stream should be sent.", - "title": "HlsIngest" + "DatabaseName": { + "markdownDescription": "UTF-8 string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html) .\n\nA database in the Data Catalog .", + "title": "DatabaseName", + "type": "string" }, - "Id": { - "markdownDescription": "Unique identifier that you assign to the channel.", - "title": "Id", + "Name": { + "markdownDescription": "UTF-8 string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html) .\n\nThe name given by the user to the data filter cell.", + "title": "Name", "type": "string" }, - "IngressAccessLogs": { - "$ref": "#/definitions/AWS::MediaPackage::Channel.LogConfiguration", - "markdownDescription": "Configures ingress access logs.", - "title": "IngressAccessLogs" + "RowFilter": { + "$ref": "#/definitions/AWS::LakeFormation::DataCellsFilter.RowFilter", + "markdownDescription": "A PartiQL predicate.", + "title": "RowFilter" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to assign to the channel.", - "title": "Tags", - "type": "array" + "TableCatalogId": { + "markdownDescription": "Catalog id string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html) .\n\nThe ID of the catalog to which the table belongs.", + "title": "TableCatalogId", + "type": "string" + }, + "TableName": { + "markdownDescription": "UTF-8 string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html) .\n\nA table in the database.", + "title": "TableName", + "type": "string" } }, "required": [ - "Id" + "DatabaseName", + "Name", + "TableCatalogId", + "TableName" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaPackage::Channel" + "AWS::LakeFormation::DataCellsFilter" ], "type": "string" }, @@ -162069,64 +167325,37 @@ ], "type": "object" }, - "AWS::MediaPackage::Channel.HlsIngest": { + "AWS::LakeFormation::DataCellsFilter.ColumnWildcard": { "additionalProperties": false, "properties": { - "ingestEndpoints": { + "ExcludedColumnNames": { "items": { - "$ref": "#/definitions/AWS::MediaPackage::Channel.IngestEndpoint" + "type": "string" }, - "markdownDescription": "The input URL where the source stream should be sent.", - "title": "ingestEndpoints", + "markdownDescription": "Excludes column names. Any column with this name will be excluded.", + "title": "ExcludedColumnNames", "type": "array" } }, "type": "object" }, - "AWS::MediaPackage::Channel.IngestEndpoint": { + "AWS::LakeFormation::DataCellsFilter.RowFilter": { "additionalProperties": false, "properties": { - "Id": { - "markdownDescription": "The endpoint identifier.", - "title": "Id", - "type": "string" - }, - "Password": { - "markdownDescription": "The system-generated password for WebDAV input authentication.", - "title": "Password", - "type": "string" - }, - "Url": { - "markdownDescription": "The input URL where the source stream should be sent.", - "title": "Url", - "type": "string" + "AllRowsWildcard": { + "markdownDescription": "A wildcard for all rows.", + "title": "AllRowsWildcard", + "type": "object" }, - "Username": { - "markdownDescription": "The system-generated username for WebDAV input authentication.", - "title": "Username", - "type": "string" - } - }, - "required": [ - "Id", - "Password", - "Url", - "Username" - ], - "type": "object" - }, - "AWS::MediaPackage::Channel.LogConfiguration": { - "additionalProperties": false, - "properties": { - "LogGroupName": { - "markdownDescription": "Sets a custom Amazon CloudWatch log group name.", - "title": "LogGroupName", + "FilterExpression": { + "markdownDescription": "A filter expression.", + "title": "FilterExpression", "type": "string" } }, "type": "object" }, - "AWS::MediaPackage::OriginEndpoint": { + "AWS::LakeFormation::DataLakeSettings": { "additionalProperties": false, "properties": { "Condition": { @@ -162161,92 +167390,68 @@ "Properties": { "additionalProperties": false, "properties": { - "Authorization": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.Authorization", - "markdownDescription": "Parameters for CDN authorization.", - "title": "Authorization" - }, - "ChannelId": { - "markdownDescription": "The ID of the channel associated with this endpoint.", - "title": "ChannelId", - "type": "string" - }, - "CmafPackage": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.CmafPackage", - "markdownDescription": "Parameters for Common Media Application Format (CMAF) packaging.", - "title": "CmafPackage" + "Admins": { + "$ref": "#/definitions/AWS::LakeFormation::DataLakeSettings.Admins", + "markdownDescription": "A list of AWS Lake Formation principals.", + "title": "Admins" }, - "DashPackage": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.DashPackage", - "markdownDescription": "Parameters for DASH packaging.", - "title": "DashPackage" + "AllowExternalDataFiltering": { + "markdownDescription": "Whether to allow Amazon EMR clusters or other third-party query engines to access data managed by Lake Formation .\n\nIf set to true, you allow Amazon EMR clusters or other third-party engines to access data in Amazon S3 locations that are registered with Lake Formation .\n\nIf false or null, no third-party query engines will be able to access data in Amazon S3 locations that are registered with Lake Formation.\n\nFor more information, see [External data filtering setting](https://docs.aws.amazon.com/lake-formation/latest/dg/initial-LF-setup.html#external-data-filter) .", + "title": "AllowExternalDataFiltering", + "type": "boolean" }, - "Description": { - "markdownDescription": "Any descriptive information that you want to add to the endpoint for future identification purposes.", - "title": "Description", - "type": "string" + "AllowFullTableExternalDataAccess": { + "markdownDescription": "Specifies whether query engines and applications can get credentials without IAM session tags if the user has full table access. It provides query engines and applications performance benefits as well as simplifies data access. Amazon EMR on Amazon EC2 is able to leverage this setting.\n\nFor more information, see [](https://docs.aws.amazon.com/lake-formation/latest/dg/using-cred-vending.html)", + "title": "AllowFullTableExternalDataAccess", + "type": "boolean" }, - "HlsPackage": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.HlsPackage", - "markdownDescription": "Parameters for Apple HLS packaging.", - "title": "HlsPackage" + "AuthorizedSessionTagValueList": { + "items": { + "type": "string" + }, + "markdownDescription": "Lake Formation relies on a privileged process secured by Amazon EMR or the third party integrator to tag the user's role while assuming it. Lake Formation will publish the acceptable key-value pair, for example key = \"LakeFormationTrustedCaller\" and value = \"TRUE\" and the third party integrator must properly tag the temporary security credentials that will be used to call Lake Formation 's administrative API operations.", + "title": "AuthorizedSessionTagValueList", + "type": "array" }, - "Id": { - "markdownDescription": "The manifest ID is required and must be unique within the OriginEndpoint. The ID can't be changed after the endpoint is created.", - "title": "Id", - "type": "string" + "CreateDatabaseDefaultPermissions": { + "$ref": "#/definitions/AWS::LakeFormation::DataLakeSettings.CreateDatabaseDefaultPermissions", + "markdownDescription": "Specifies whether access control on a newly created database is managed by Lake Formation permissions or exclusively by IAM permissions.\n\nA null value indicates that the access is controlled by Lake Formation permissions. `ALL` permissions assigned to `IAM_ALLOWED_PRINCIPALS` group indicates that the user's IAM permissions determine the access to the database. This is referred to as the setting \"Use only IAM access control,\" and is to support backward compatibility with the AWS Glue permission model implemented by IAM permissions.\n\nThe only permitted values are an empty array or an array that contains a single JSON object that grants `ALL` to `IAM_ALLOWED_PRINCIPALS` .\n\nFor more information, see [Changing the default security settings for your data lake](https://docs.aws.amazon.com/lake-formation/latest/dg/change-settings.html) .", + "title": "CreateDatabaseDefaultPermissions" }, - "ManifestName": { - "markdownDescription": "A short string that's appended to the end of the endpoint URL to create a unique path to this endpoint.", - "title": "ManifestName", - "type": "string" + "CreateTableDefaultPermissions": { + "$ref": "#/definitions/AWS::LakeFormation::DataLakeSettings.CreateTableDefaultPermissions", + "markdownDescription": "Specifies whether access control on a newly created table is managed by Lake Formation permissions or exclusively by IAM permissions.\n\nA null value indicates that the access is controlled by Lake Formation permissions. `ALL` permissions assigned to `IAM_ALLOWED_PRINCIPALS` group indicate that the user's IAM permissions determine the access to the table. This is referred to as the setting \"Use only IAM access control,\" and is to support the backward compatibility with the AWS Glue permission model implemented by IAM permissions.\n\nThe only permitted values are an empty array or an array that contains a single JSON object that grants `ALL` permissions to `IAM_ALLOWED_PRINCIPALS` .\n\nFor more information, see [Changing the default security settings for your data lake](https://docs.aws.amazon.com/lake-formation/latest/dg/change-settings.html) .", + "title": "CreateTableDefaultPermissions" }, - "MssPackage": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.MssPackage", - "markdownDescription": "Parameters for Microsoft Smooth Streaming packaging.", - "title": "MssPackage" + "ExternalDataFilteringAllowList": { + "$ref": "#/definitions/AWS::LakeFormation::DataLakeSettings.ExternalDataFilteringAllowList", + "markdownDescription": "A list of the account IDs of AWS accounts with Amazon EMR clusters or third-party engines that are allwed to perform data filtering.", + "title": "ExternalDataFilteringAllowList" }, - "Origination": { - "markdownDescription": "Controls video origination from this endpoint.\n\nValid values:\n\n- `ALLOW` - enables this endpoint to serve content to requesting devices.\n- `DENY` - prevents this endpoint from serving content. Denying origination is helpful for harvesting live-to-VOD assets. For more information about harvesting and origination, see [Live-to-VOD Requirements](https://docs.aws.amazon.com/mediapackage/latest/ug/ltov-reqmts.html) .", - "title": "Origination", + "MutationType": { + "markdownDescription": "Specifies whether the data lake settings are updated by adding new values to the current settings ( `APPEND` ) or by replacing the current settings with new settings ( `REPLACE` ).\n\n> If you choose `REPLACE` , your current data lake settings will be replaced with the new values in your template.", + "title": "MutationType", "type": "string" }, - "StartoverWindowSeconds": { - "markdownDescription": "Maximum duration (seconds) of content to retain for startover playback. Omit this attribute or enter `0` to indicate that startover playback is disabled for this endpoint.", - "title": "StartoverWindowSeconds", - "type": "number" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to assign to the endpoint.", - "title": "Tags", - "type": "array" - }, - "TimeDelaySeconds": { - "markdownDescription": "Minimum duration (seconds) of delay to enforce on the playback of live content. Omit this attribute or enter `0` to indicate that there is no time delay in effect for this endpoint.", - "title": "TimeDelaySeconds", - "type": "number" + "Parameters": { + "markdownDescription": "A key-value map that provides an additional configuration on your data lake. `CrossAccountVersion` is the key you can configure in the `Parameters` field. Accepted values for the `CrossAccountVersion` key are 1, 2, 3, and 4.", + "title": "Parameters", + "type": "object" }, - "Whitelist": { + "TrustedResourceOwners": { "items": { "type": "string" }, - "markdownDescription": "The IP addresses that can access this endpoint.", - "title": "Whitelist", + "markdownDescription": "An array of UTF-8 strings.\n\nA list of the resource-owning account IDs that the caller's account can use to share their user access details (user ARNs). The user ARNs can be logged in the resource owner's CloudTrail log. You may want to specify this property when you are in a high-trust boundary, such as the same team or company.", + "title": "TrustedResourceOwners", "type": "array" } }, - "required": [ - "ChannelId", - "Id" - ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaPackage::OriginEndpoint" + "AWS::LakeFormation::DataLakeSettings" ], "type": "string" }, @@ -162260,482 +167465,305 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::MediaPackage::OriginEndpoint.Authorization": { + "AWS::LakeFormation::DataLakeSettings.Admins": { "additionalProperties": false, - "properties": { - "CdnIdentifierSecret": { - "markdownDescription": "The Amazon Resource Name (ARN) for the secret in AWS Secrets Manager that your Content Delivery Network (CDN) uses for authorization to access your endpoint.", - "title": "CdnIdentifierSecret", - "type": "string" - }, - "SecretsRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the IAM role that allows AWS Elemental MediaPackage to communicate with AWS Secrets Manager .", - "title": "SecretsRoleArn", - "type": "string" - } - }, - "required": [ - "CdnIdentifierSecret", - "SecretsRoleArn" - ], + "properties": {}, "type": "object" }, - "AWS::MediaPackage::OriginEndpoint.CmafEncryption": { + "AWS::LakeFormation::DataLakeSettings.CreateDatabaseDefaultPermissions": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::LakeFormation::DataLakeSettings.CreateTableDefaultPermissions": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::LakeFormation::DataLakeSettings.DataLakePrincipal": { "additionalProperties": false, "properties": { - "ConstantInitializationVector": { - "markdownDescription": "An optional 128-bit, 16-byte hex value represented by a 32-character string, used in conjunction with the key for encrypting blocks. If you don't specify a value, then AWS Elemental MediaPackage creates the constant initialization vector (IV).", - "title": "ConstantInitializationVector", - "type": "string" - }, - "EncryptionMethod": { - "markdownDescription": "The encryption method to use.", - "title": "EncryptionMethod", + "DataLakePrincipalIdentifier": { + "markdownDescription": "An identifier for the Lake Formation principal.", + "title": "DataLakePrincipalIdentifier", "type": "string" - }, - "KeyRotationIntervalSeconds": { - "markdownDescription": "Number of seconds before AWS Elemental MediaPackage rotates to a new key. By default, rotation is set to 60 seconds. Set to `0` to disable key rotation.", - "title": "KeyRotationIntervalSeconds", - "type": "number" - }, - "SpekeKeyProvider": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.SpekeKeyProvider", - "markdownDescription": "Parameters for the SPEKE key provider.", - "title": "SpekeKeyProvider" } }, "required": [ - "SpekeKeyProvider" + "DataLakePrincipalIdentifier" ], "type": "object" }, - "AWS::MediaPackage::OriginEndpoint.CmafPackage": { + "AWS::LakeFormation::DataLakeSettings.ExternalDataFilteringAllowList": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::LakeFormation::DataLakeSettings.PrincipalPermissions": { "additionalProperties": false, "properties": { - "Encryption": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.CmafEncryption", - "markdownDescription": "Parameters for encrypting content.", - "title": "Encryption" - }, - "HlsManifests": { + "Permissions": { "items": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.HlsManifest" + "type": "string" }, - "markdownDescription": "A list of HLS manifest configurations that are available from this endpoint.", - "title": "HlsManifests", + "markdownDescription": "The permissions that are granted to the principal.", + "title": "Permissions", "type": "array" }, - "SegmentDurationSeconds": { - "markdownDescription": "Duration (in seconds) of each segment. Actual segments are rounded to the nearest multiple of the source segment duration.", - "title": "SegmentDurationSeconds", - "type": "number" - }, - "SegmentPrefix": { - "markdownDescription": "An optional custom string that is prepended to the name of each segment. If not specified, the segment prefix defaults to the ChannelId.", - "title": "SegmentPrefix", - "type": "string" - }, - "StreamSelection": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.StreamSelection", - "markdownDescription": "Limitations for outputs from the endpoint, based on the video bitrate.", - "title": "StreamSelection" + "Principal": { + "$ref": "#/definitions/AWS::LakeFormation::DataLakeSettings.DataLakePrincipal", + "markdownDescription": "The principal who is granted permissions.", + "title": "Principal" } }, + "required": [ + "Permissions", + "Principal" + ], "type": "object" }, - "AWS::MediaPackage::OriginEndpoint.DashEncryption": { + "AWS::LakeFormation::Permissions": { "additionalProperties": false, "properties": { - "KeyRotationIntervalSeconds": { - "markdownDescription": "Number of seconds before AWS Elemental MediaPackage rotates to a new key. By default, rotation is set to 60 seconds. Set to `0` to disable key rotation.", - "title": "KeyRotationIntervalSeconds", - "type": "number" + "Condition": { + "type": "string" }, - "SpekeKeyProvider": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.SpekeKeyProvider", - "markdownDescription": "Parameters for the SPEKE key provider.", - "title": "SpekeKeyProvider" - } - }, - "required": [ - "SpekeKeyProvider" - ], - "type": "object" - }, - "AWS::MediaPackage::OriginEndpoint.DashPackage": { - "additionalProperties": false, - "properties": { - "AdTriggers": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the SCTE-35 message types that AWS Elemental MediaPackage treats as ad markers in the output manifest.\n\nValid values:\n\n- `BREAK`\n- `DISTRIBUTOR_ADVERTISEMENT`\n- `DISTRIBUTOR_OVERLAY_PLACEMENT_OPPORTUNITY` .\n- `DISTRIBUTOR_PLACEMENT_OPPORTUNITY` .\n- `PROVIDER_ADVERTISEMENT` .\n- `PROVIDER_OVERLAY_PLACEMENT_OPPORTUNITY` .\n- `PROVIDER_PLACEMENT_OPPORTUNITY` .\n- `SPLICE_INSERT` .", - "title": "AdTriggers", - "type": "array" - }, - "AdsOnDeliveryRestrictions": { - "markdownDescription": "The flags on SCTE-35 segmentation descriptors that have to be present for AWS Elemental MediaPackage to insert ad markers in the output manifest. For information about SCTE-35 in AWS Elemental MediaPackage , see [SCTE-35 Message Options in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/ug/scte.html) .", - "title": "AdsOnDeliveryRestrictions", - "type": "string" - }, - "Encryption": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.DashEncryption", - "markdownDescription": "Parameters for encrypting content.", - "title": "Encryption" - }, - "IncludeIframeOnlyStream": { - "markdownDescription": "This applies only to stream sets with a single video track. When true, the stream set includes an additional I-frame trick-play only stream, along with the other tracks. If false, this extra stream is not included.", - "title": "IncludeIframeOnlyStream", - "type": "boolean" - }, - "ManifestLayout": { - "markdownDescription": "Determines the position of some tags in the manifest.\n\nValid values:\n\n- `FULL` - Elements like `SegmentTemplate` and `ContentProtection` are included in each `Representation` .\n- `COMPACT` - Duplicate elements are combined and presented at the `AdaptationSet` level.", - "title": "ManifestLayout", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ManifestWindowSeconds": { - "markdownDescription": "Time window (in seconds) contained in each manifest.", - "title": "ManifestWindowSeconds", - "type": "number" - }, - "MinBufferTimeSeconds": { - "markdownDescription": "Minimum amount of content (measured in seconds) that a player must keep available in the buffer.", - "title": "MinBufferTimeSeconds", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "MinUpdatePeriodSeconds": { - "markdownDescription": "Minimum amount of time (in seconds) that the player should wait before requesting updates to the manifest.", - "title": "MinUpdatePeriodSeconds", - "type": "number" + "Metadata": { + "type": "object" }, - "PeriodTriggers": { - "items": { - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "DataLakePrincipal": { + "$ref": "#/definitions/AWS::LakeFormation::Permissions.DataLakePrincipal", + "markdownDescription": "The AWS Lake Formation principal.", + "title": "DataLakePrincipal" + }, + "Permissions": { + "items": { + "type": "string" + }, + "markdownDescription": "The permissions granted or revoked.", + "title": "Permissions", + "type": "array" + }, + "PermissionsWithGrantOption": { + "items": { + "type": "string" + }, + "markdownDescription": "Indicates the ability to grant permissions (as a subset of permissions granted).", + "title": "PermissionsWithGrantOption", + "type": "array" + }, + "Resource": { + "$ref": "#/definitions/AWS::LakeFormation::Permissions.Resource", + "markdownDescription": "A structure for the resource.", + "title": "Resource" + } }, - "markdownDescription": "Controls whether AWS Elemental MediaPackage produces single-period or multi-period DASH manifests. For more information about periods, see [Multi-period DASH in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/ug/multi-period.html) .\n\nValid values:\n\n- `ADS` - AWS Elemental MediaPackage will produce multi-period DASH manifests. Periods are created based on the SCTE-35 ad markers present in the input manifest.\n- *No value* - AWS Elemental MediaPackage will produce single-period DASH manifests. This is the default setting.", - "title": "PeriodTriggers", - "type": "array" - }, - "Profile": { - "markdownDescription": "The DASH profile for the output.\n\nValid values:\n\n- `NONE` - The output doesn't use a DASH profile.\n- `HBBTV_1_5` - The output is compliant with HbbTV v1.5.\n- `DVB_DASH_2014` - The output is compliant with DVB-DASH 2014.", - "title": "Profile", - "type": "string" - }, - "SegmentDurationSeconds": { - "markdownDescription": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source fragment duration.", - "title": "SegmentDurationSeconds", - "type": "number" - }, - "SegmentTemplateFormat": { - "markdownDescription": "Determines the type of variable used in the `media` URL of the `SegmentTemplate` tag in the manifest. Also specifies if segment timeline information is included in `SegmentTimeline` or `SegmentTemplate` .\n\nValid values:\n\n- `NUMBER_WITH_TIMELINE` - The `$Number$` variable is used in the `media` URL. The value of this variable is the sequential number of the segment. A full `SegmentTimeline` object is presented in each `SegmentTemplate` .\n- `NUMBER_WITH_DURATION` - The `$Number$` variable is used in the `media` URL and a `duration` attribute is added to the segment template. The `SegmentTimeline` object is removed from the representation.\n- `TIME_WITH_TIMELINE` - The `$Time$` variable is used in the `media` URL. The value of this variable is the timestamp of when the segment starts. A full `SegmentTimeline` object is presented in each `SegmentTemplate` .", - "title": "SegmentTemplateFormat", - "type": "string" - }, - "StreamSelection": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.StreamSelection", - "markdownDescription": "Limitations for outputs from the endpoint, based on the video bitrate.", - "title": "StreamSelection" - }, - "SuggestedPresentationDelaySeconds": { - "markdownDescription": "Amount of time (in seconds) that the player should be from the live point at the end of the manifest.", - "title": "SuggestedPresentationDelaySeconds", - "type": "number" + "required": [ + "DataLakePrincipal", + "Resource" + ], + "type": "object" }, - "UtcTiming": { - "markdownDescription": "Determines the type of UTC timing included in the DASH Media Presentation Description (MPD).", - "title": "UtcTiming", + "Type": { + "enum": [ + "AWS::LakeFormation::Permissions" + ], "type": "string" }, - "UtcTimingUri": { - "markdownDescription": "Specifies the value attribute of the UTC timing field when utcTiming is set to HTTP-ISO or HTTP-HEAD.", - "title": "UtcTimingUri", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::MediaPackage::OriginEndpoint.EncryptionContractConfiguration": { + "AWS::LakeFormation::Permissions.ColumnWildcard": { "additionalProperties": false, - "properties": {}, + "properties": { + "ExcludedColumnNames": { + "items": { + "type": "string" + }, + "markdownDescription": "Excludes column names. Any column with this name will be excluded.", + "title": "ExcludedColumnNames", + "type": "array" + } + }, "type": "object" }, - "AWS::MediaPackage::OriginEndpoint.HlsEncryption": { + "AWS::LakeFormation::Permissions.DataLakePrincipal": { "additionalProperties": false, "properties": { - "ConstantInitializationVector": { - "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, used with the key for encrypting blocks.", - "title": "ConstantInitializationVector", - "type": "string" - }, - "EncryptionMethod": { - "markdownDescription": "HLS encryption type.", - "title": "EncryptionMethod", + "DataLakePrincipalIdentifier": { + "markdownDescription": "An identifier for the Lake Formation principal.", + "title": "DataLakePrincipalIdentifier", "type": "string" - }, - "KeyRotationIntervalSeconds": { - "markdownDescription": "Number of seconds before AWS Elemental MediaPackage rotates to a new key. By default, rotation is set to 60 seconds. Set to `0` to disable key rotation.", - "title": "KeyRotationIntervalSeconds", - "type": "number" - }, - "RepeatExtXKey": { - "markdownDescription": "Repeat the `EXT-X-KEY` directive for every media segment. This might result in an increase in client requests to the DRM server.", - "title": "RepeatExtXKey", - "type": "boolean" - }, - "SpekeKeyProvider": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.SpekeKeyProvider", - "markdownDescription": "Parameters for the SPEKE key provider.", - "title": "SpekeKeyProvider" } }, - "required": [ - "SpekeKeyProvider" - ], "type": "object" }, - "AWS::MediaPackage::OriginEndpoint.HlsManifest": { + "AWS::LakeFormation::Permissions.DataLocationResource": { "additionalProperties": false, "properties": { - "AdMarkers": { - "markdownDescription": "Controls how ad markers are included in the packaged endpoint.\n\nValid values:\n\n- `NONE` - Omits all SCTE-35 ad markers from the output.\n- `PASSTHROUGH` - Creates a copy in the output of the SCTE-35 ad markers (comments) taken directly from the input manifest.\n- `SCTE35_ENHANCED` - Generates ad markers and blackout tags in the output based on the SCTE-35 messages from the input manifest.", - "title": "AdMarkers", - "type": "string" - }, - "AdTriggers": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the SCTE-35 message types that AWS Elemental MediaPackage treats as ad markers in the output manifest.\n\nValid values:\n\n- `BREAK`\n- `DISTRIBUTOR_ADVERTISEMENT`\n- `DISTRIBUTOR_OVERLAY_PLACEMENT_OPPORTUNITY`\n- `DISTRIBUTOR_PLACEMENT_OPPORTUNITY`\n- `PROVIDER_ADVERTISEMENT`\n- `PROVIDER_OVERLAY_PLACEMENT_OPPORTUNITY`\n- `PROVIDER_PLACEMENT_OPPORTUNITY`\n- `SPLICE_INSERT`", - "title": "AdTriggers", - "type": "array" - }, - "AdsOnDeliveryRestrictions": { - "markdownDescription": "The flags on SCTE-35 segmentation descriptors that have to be present for AWS Elemental MediaPackage to insert ad markers in the output manifest. For information about SCTE-35 in AWS Elemental MediaPackage , see [SCTE-35 Message Options in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/ug/scte.html) .", - "title": "AdsOnDeliveryRestrictions", - "type": "string" - }, - "Id": { - "markdownDescription": "The manifest ID is required and must be unique within the OriginEndpoint. The ID can't be changed after the endpoint is created.", - "title": "Id", - "type": "string" - }, - "IncludeIframeOnlyStream": { - "markdownDescription": "Applies to stream sets with a single video track only. When true, the stream set includes an additional I-frame only stream, along with the other tracks. If false, this extra stream is not included.", - "title": "IncludeIframeOnlyStream", - "type": "boolean" - }, - "ManifestName": { - "markdownDescription": "A short string that's appended to the end of the endpoint URL to create a unique path to this endpoint. The manifestName on the HLSManifest object overrides the manifestName that you provided on the originEndpoint object.", - "title": "ManifestName", - "type": "string" - }, - "PlaylistType": { - "markdownDescription": "When specified as either `event` or `vod` , a corresponding `EXT-X-PLAYLIST-TYPE` entry is included in the media playlist. Indicates if the playlist is live-to-VOD content.", - "title": "PlaylistType", + "CatalogId": { + "markdownDescription": "The identifier for the Data Catalog . By default, it is the account ID of the caller.", + "title": "CatalogId", "type": "string" }, - "PlaylistWindowSeconds": { - "markdownDescription": "Time window (in seconds) contained in each parent manifest.", - "title": "PlaylistWindowSeconds", - "type": "number" - }, - "ProgramDateTimeIntervalSeconds": { - "markdownDescription": "Inserts `EXT-X-PROGRAM-DATE-TIME` tags in the output manifest at the interval that you specify.\n\nIrrespective of this parameter, if any ID3Timed metadata is in the HLS input, it is passed through to the HLS output.\n\nOmit this attribute or enter `0` to indicate that the `EXT-X-PROGRAM-DATE-TIME` tags are not included in the manifest.", - "title": "ProgramDateTimeIntervalSeconds", - "type": "number" - }, - "Url": { - "markdownDescription": "The URL that's used to request this manifest from this endpoint.", - "title": "Url", + "S3Resource": { + "markdownDescription": "The Amazon Resource Name (ARN) that uniquely identifies the data location resource.", + "title": "S3Resource", "type": "string" } }, - "required": [ - "Id" - ], "type": "object" }, - "AWS::MediaPackage::OriginEndpoint.HlsPackage": { + "AWS::LakeFormation::Permissions.DatabaseResource": { "additionalProperties": false, "properties": { - "AdMarkers": { - "markdownDescription": "Controls how ad markers are included in the packaged endpoint.\n\nValid values:\n\n- `NONE` - Omits all SCTE-35 ad markers from the output.\n- `PASSTHROUGH` - Creates a copy in the output of the SCTE-35 ad markers (comments) taken directly from the input manifest.\n- `SCTE35_ENHANCED` - Generates ad markers and blackout tags in the output based on the SCTE-35 messages from the input manifest.", - "title": "AdMarkers", - "type": "string" - }, - "AdTriggers": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the SCTE-35 message types that AWS Elemental MediaPackage treats as ad markers in the output manifest.\n\nValid values:\n\n- `BREAK`\n- `DISTRIBUTOR_ADVERTISEMENT`\n- `DISTRIBUTOR_OVERLAY_PLACEMENT_OPPORTUNITY`\n- `DISTRIBUTOR_PLACEMENT_OPPORTUNITY`\n- `PROVIDER_ADVERTISEMENT`\n- `PROVIDER_OVERLAY_PLACEMENT_OPPORTUNITY`\n- `PROVIDER_PLACEMENT_OPPORTUNITY`\n- `SPLICE_INSERT`", - "title": "AdTriggers", - "type": "array" - }, - "AdsOnDeliveryRestrictions": { - "markdownDescription": "The flags on SCTE-35 segmentation descriptors that have to be present for AWS Elemental MediaPackage to insert ad markers in the output manifest. For information about SCTE-35 in AWS Elemental MediaPackage , see [SCTE-35 Message Options in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/ug/scte.html) .", - "title": "AdsOnDeliveryRestrictions", + "CatalogId": { + "markdownDescription": "The identifier for the Data Catalog . By default, it is the account ID of the caller.", + "title": "CatalogId", "type": "string" }, - "Encryption": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.HlsEncryption", - "markdownDescription": "Parameters for encrypting content.", - "title": "Encryption" - }, - "IncludeDvbSubtitles": { - "markdownDescription": "When enabled, MediaPackage passes through digital video broadcasting (DVB) subtitles into the output.", - "title": "IncludeDvbSubtitles", - "type": "boolean" - }, - "IncludeIframeOnlyStream": { - "markdownDescription": "Only applies to stream sets with a single video track. When true, the stream set includes an additional I-frame only stream, along with the other tracks. If false, this extra stream is not included.", - "title": "IncludeIframeOnlyStream", - "type": "boolean" - }, - "PlaylistType": { - "markdownDescription": "When specified as either `event` or `vod` , a corresponding `EXT-X-PLAYLIST-TYPE` entry is included in the media playlist. Indicates if the playlist is live-to-VOD content.", - "title": "PlaylistType", + "Name": { + "markdownDescription": "The name of the database resource. Unique to the Data Catalog.", + "title": "Name", "type": "string" - }, - "PlaylistWindowSeconds": { - "markdownDescription": "Time window (in seconds) contained in each parent manifest.", - "title": "PlaylistWindowSeconds", - "type": "number" - }, - "ProgramDateTimeIntervalSeconds": { - "markdownDescription": "Inserts `EXT-X-PROGRAM-DATE-TIME` tags in the output manifest at the interval that you specify.\n\nIrrespective of this parameter, if any ID3Timed metadata is in the HLS input, it is passed through to the HLS output.\n\nOmit this attribute or enter `0` to indicate that the `EXT-X-PROGRAM-DATE-TIME` tags are not included in the manifest.", - "title": "ProgramDateTimeIntervalSeconds", - "type": "number" - }, - "SegmentDurationSeconds": { - "markdownDescription": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source fragment duration.", - "title": "SegmentDurationSeconds", - "type": "number" - }, - "StreamSelection": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.StreamSelection", - "markdownDescription": "Limitations for outputs from the endpoint, based on the video bitrate.", - "title": "StreamSelection" - }, - "UseAudioRenditionGroup": { - "markdownDescription": "When true, AWS Elemental MediaPackage bundles all audio tracks in a rendition group. All other tracks in the stream can be used with any audio rendition from the group.", - "title": "UseAudioRenditionGroup", - "type": "boolean" } }, "type": "object" }, - "AWS::MediaPackage::OriginEndpoint.MssEncryption": { + "AWS::LakeFormation::Permissions.Resource": { "additionalProperties": false, "properties": { - "SpekeKeyProvider": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.SpekeKeyProvider", - "markdownDescription": "Parameters for the SPEKE key provider.", - "title": "SpekeKeyProvider" + "DataLocationResource": { + "$ref": "#/definitions/AWS::LakeFormation::Permissions.DataLocationResource", + "markdownDescription": "A structure for a data location object where permissions are granted or revoked.", + "title": "DataLocationResource" + }, + "DatabaseResource": { + "$ref": "#/definitions/AWS::LakeFormation::Permissions.DatabaseResource", + "markdownDescription": "A structure for the database object.", + "title": "DatabaseResource" + }, + "TableResource": { + "$ref": "#/definitions/AWS::LakeFormation::Permissions.TableResource", + "markdownDescription": "A structure for the table object. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.", + "title": "TableResource" + }, + "TableWithColumnsResource": { + "$ref": "#/definitions/AWS::LakeFormation::Permissions.TableWithColumnsResource", + "markdownDescription": "A structure for a table with columns object. This object is only used when granting a SELECT permission.", + "title": "TableWithColumnsResource" } }, - "required": [ - "SpekeKeyProvider" - ], "type": "object" }, - "AWS::MediaPackage::OriginEndpoint.MssPackage": { + "AWS::LakeFormation::Permissions.TableResource": { "additionalProperties": false, "properties": { - "Encryption": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.MssEncryption", - "markdownDescription": "Parameters for encrypting content.", - "title": "Encryption" + "CatalogId": { + "markdownDescription": "The identifier for the Data Catalog . By default, it is the account ID of the caller.", + "title": "CatalogId", + "type": "string" }, - "ManifestWindowSeconds": { - "markdownDescription": "Time window (in seconds) contained in each manifest.", - "title": "ManifestWindowSeconds", - "type": "number" + "DatabaseName": { + "markdownDescription": "The name of the database for the table. Unique to a Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.", + "title": "DatabaseName", + "type": "string" }, - "SegmentDurationSeconds": { - "markdownDescription": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source fragment duration.", - "title": "SegmentDurationSeconds", - "type": "number" + "Name": { + "markdownDescription": "The name of the table.", + "title": "Name", + "type": "string" }, - "StreamSelection": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.StreamSelection", - "markdownDescription": "Limitations for outputs from the endpoint, based on the video bitrate.", - "title": "StreamSelection" + "TableWildcard": { + "$ref": "#/definitions/AWS::LakeFormation::Permissions.TableWildcard", + "markdownDescription": "An empty object representing all tables under a database. If this field is specified instead of the `Name` field, all tables under `DatabaseName` will have permission changes applied.", + "title": "TableWildcard" } }, "type": "object" }, - "AWS::MediaPackage::OriginEndpoint.SpekeKeyProvider": { + "AWS::LakeFormation::Permissions.TableWildcard": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::LakeFormation::Permissions.TableWithColumnsResource": { "additionalProperties": false, "properties": { - "CertificateArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the certificate that you imported to AWS Certificate Manager to add content key encryption to this endpoint. For this feature to work, your DRM key provider must support content key encryption.", - "title": "CertificateArn", - "type": "string" - }, - "EncryptionContractConfiguration": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.EncryptionContractConfiguration", - "markdownDescription": "Use `encryptionContractConfiguration` to configure one or more content encryption keys for your endpoints that use SPEKE Version 2.0. The encryption contract defines which content keys are used to encrypt the audio and video tracks in your stream. To configure the encryption contract, specify which audio and video encryption presets to use.", - "title": "EncryptionContractConfiguration" - }, - "ResourceId": { - "markdownDescription": "Unique identifier for this endpoint, as it is configured in the key provider service.", - "title": "ResourceId", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN for the IAM role that's granted by the key provider to provide access to the key provider API. This role must have a trust policy that allows AWS Elemental MediaPackage to assume the role, and it must have a sufficient permissions policy to allow access to the specific key retrieval URL. Valid format: arn:aws:iam::{accountID}:role/{name}", - "title": "RoleArn", + "CatalogId": { + "markdownDescription": "The identifier for the Data Catalog . By default, it is the account ID of the caller.", + "title": "CatalogId", "type": "string" }, - "SystemIds": { + "ColumnNames": { "items": { "type": "string" }, - "markdownDescription": "List of unique identifiers for the DRM systems to use, as defined in the CPIX specification.", - "title": "SystemIds", + "markdownDescription": "The list of column names for the table. At least one of `ColumnNames` or `ColumnWildcard` is required.", + "title": "ColumnNames", "type": "array" }, - "Url": { - "markdownDescription": "URL for the key provider\u2019s key retrieval API endpoint. Must start with https://.", - "title": "Url", - "type": "string" - } - }, - "required": [ - "ResourceId", - "RoleArn", - "SystemIds", - "Url" - ], - "type": "object" - }, - "AWS::MediaPackage::OriginEndpoint.StreamSelection": { - "additionalProperties": false, - "properties": { - "MaxVideoBitsPerSecond": { - "markdownDescription": "The upper limit of the bitrates that this endpoint serves. If the video track exceeds this threshold, then AWS Elemental MediaPackage excludes it from output. If you don't specify a value, it defaults to 2147483647 bits per second.", - "title": "MaxVideoBitsPerSecond", - "type": "number" + "ColumnWildcard": { + "$ref": "#/definitions/AWS::LakeFormation::Permissions.ColumnWildcard", + "markdownDescription": "A wildcard specified by a `ColumnWildcard` object. At least one of `ColumnNames` or `ColumnWildcard` is required.", + "title": "ColumnWildcard" }, - "MinVideoBitsPerSecond": { - "markdownDescription": "The lower limit of the bitrates that this endpoint serves. If the video track is below this threshold, then AWS Elemental MediaPackage excludes it from output. If you don't specify a value, it defaults to 0 bits per second.", - "title": "MinVideoBitsPerSecond", - "type": "number" + "DatabaseName": { + "markdownDescription": "The name of the database for the table with columns resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.", + "title": "DatabaseName", + "type": "string" }, - "StreamOrder": { - "markdownDescription": "Order in which the different video bitrates are presented to the player.\n\nValid values: `ORIGINAL` , `VIDEO_BITRATE_ASCENDING` , `VIDEO_BITRATE_DESCENDING` .", - "title": "StreamOrder", + "Name": { + "markdownDescription": "The name of the table resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.", + "title": "Name", "type": "string" } }, "type": "object" }, - "AWS::MediaPackage::PackagingConfiguration": { + "AWS::LakeFormation::PrincipalPermissions": { "additionalProperties": false, "properties": { "Condition": { @@ -162770,54 +167798,49 @@ "Properties": { "additionalProperties": false, "properties": { - "CmafPackage": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.CmafPackage", - "markdownDescription": "Parameters for CMAF packaging.", - "title": "CmafPackage" - }, - "DashPackage": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.DashPackage", - "markdownDescription": "Parameters for DASH-ISO packaging.", - "title": "DashPackage" - }, - "HlsPackage": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.HlsPackage", - "markdownDescription": "Parameters for Apple HLS packaging.", - "title": "HlsPackage" - }, - "Id": { - "markdownDescription": "Unique identifier that you assign to the packaging configuration.", - "title": "Id", + "Catalog": { + "markdownDescription": "The identifier for the Data Catalog . By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your Lake Formation environment.", + "title": "Catalog", "type": "string" }, - "MssPackage": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.MssPackage", - "markdownDescription": "Parameters for Microsoft Smooth Streaming packaging.", - "title": "MssPackage" - }, - "PackagingGroupId": { - "markdownDescription": "The ID of the packaging group associated with this packaging configuration.", - "title": "PackagingGroupId", - "type": "string" + "Permissions": { + "items": { + "type": "string" + }, + "markdownDescription": "The permissions granted or revoked.", + "title": "Permissions", + "type": "array" }, - "Tags": { + "PermissionsWithGrantOption": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "The tags to assign to the packaging configuration.", - "title": "Tags", + "markdownDescription": "Indicates the ability to grant permissions (as a subset of permissions granted).", + "title": "PermissionsWithGrantOption", "type": "array" + }, + "Principal": { + "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.DataLakePrincipal", + "markdownDescription": "The principal to be granted a permission.", + "title": "Principal" + }, + "Resource": { + "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.Resource", + "markdownDescription": "The resource to be granted or revoked permissions.", + "title": "Resource" } }, "required": [ - "Id", - "PackagingGroupId" + "Permissions", + "PermissionsWithGrantOption", + "Principal", + "Resource" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaPackage::PackagingConfiguration" + "AWS::LakeFormation::PrincipalPermissions" ], "type": "string" }, @@ -162836,382 +167859,296 @@ ], "type": "object" }, - "AWS::MediaPackage::PackagingConfiguration.CmafEncryption": { - "additionalProperties": false, - "properties": { - "SpekeKeyProvider": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.SpekeKeyProvider", - "markdownDescription": "Parameters for the SPEKE key provider.", - "title": "SpekeKeyProvider" - } - }, - "required": [ - "SpekeKeyProvider" - ], - "type": "object" - }, - "AWS::MediaPackage::PackagingConfiguration.CmafPackage": { + "AWS::LakeFormation::PrincipalPermissions.ColumnWildcard": { "additionalProperties": false, "properties": { - "Encryption": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.CmafEncryption", - "markdownDescription": "Parameters for encrypting content.", - "title": "Encryption" - }, - "HlsManifests": { + "ExcludedColumnNames": { "items": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.HlsManifest" + "type": "string" }, - "markdownDescription": "A list of HLS manifest configurations that are available from this endpoint.", - "title": "HlsManifests", + "markdownDescription": "Excludes column names. Any column with this name will be excluded.", + "title": "ExcludedColumnNames", "type": "array" - }, - "IncludeEncoderConfigurationInSegments": { - "markdownDescription": "When includeEncoderConfigurationInSegments is set to true, AWS Elemental MediaPackage places your encoder's Sequence Parameter Set (SPS), Picture Parameter Set (PPS), and Video Parameter Set (VPS) metadata in every video segment instead of in the init fragment. This lets you use different SPS/PPS/VPS settings for your assets during content playback.", - "title": "IncludeEncoderConfigurationInSegments", - "type": "boolean" - }, - "SegmentDurationSeconds": { - "markdownDescription": "Duration (in seconds) of each segment. Actual segments are rounded to the nearest multiple of the source fragment duration.", - "title": "SegmentDurationSeconds", - "type": "number" - } - }, - "required": [ - "HlsManifests" - ], - "type": "object" - }, - "AWS::MediaPackage::PackagingConfiguration.DashEncryption": { - "additionalProperties": false, - "properties": { - "SpekeKeyProvider": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.SpekeKeyProvider", - "markdownDescription": "Parameters for the SPEKE key provider.", - "title": "SpekeKeyProvider" } }, - "required": [ - "SpekeKeyProvider" - ], "type": "object" }, - "AWS::MediaPackage::PackagingConfiguration.DashManifest": { + "AWS::LakeFormation::PrincipalPermissions.DataCellsFilterResource": { "additionalProperties": false, "properties": { - "ManifestLayout": { - "markdownDescription": "Determines the position of some tags in the Media Presentation Description (MPD). When set to `FULL` , elements like `SegmentTemplate` and `ContentProtection` are included in each `Representation` . When set to `COMPACT` , duplicate elements are combined and presented at the AdaptationSet level.", - "title": "ManifestLayout", + "DatabaseName": { + "markdownDescription": "A database in the Data Catalog .", + "title": "DatabaseName", "type": "string" }, - "ManifestName": { - "markdownDescription": "A short string that's appended to the end of the endpoint URL to create a unique path to this packaging configuration.", - "title": "ManifestName", + "Name": { + "markdownDescription": "The name given by the user to the data filter cell.", + "title": "Name", "type": "string" }, - "MinBufferTimeSeconds": { - "markdownDescription": "Minimum amount of content (measured in seconds) that a player must keep available in the buffer.", - "title": "MinBufferTimeSeconds", - "type": "number" - }, - "Profile": { - "markdownDescription": "The DASH profile type. When set to `HBBTV_1_5` , the content is compliant with HbbTV 1.5.", - "title": "Profile", + "TableCatalogId": { + "markdownDescription": "The ID of the catalog to which the table belongs.", + "title": "TableCatalogId", "type": "string" }, - "ScteMarkersSource": { - "markdownDescription": "The source of scte markers used.\n\nValue description:\n\n- `SEGMENTS` - The scte markers are sourced from the segments of the ingested content.\n- `MANIFEST` - the scte markers are sourced from the manifest of the ingested content. The MANIFEST value is compatible with source HLS playlists using the SCTE-35 Enhanced syntax ( `EXT-OATCLS-SCTE35` tags). SCTE-35 Elemental and SCTE-35 Daterange syntaxes are not supported with this option.", - "title": "ScteMarkersSource", + "TableName": { + "markdownDescription": "The name of the table.", + "title": "TableName", "type": "string" - }, - "StreamSelection": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.StreamSelection", - "markdownDescription": "Limitations for outputs from the endpoint, based on the video bitrate.", - "title": "StreamSelection" } }, + "required": [ + "DatabaseName", + "Name", + "TableCatalogId", + "TableName" + ], "type": "object" }, - "AWS::MediaPackage::PackagingConfiguration.DashPackage": { + "AWS::LakeFormation::PrincipalPermissions.DataLakePrincipal": { "additionalProperties": false, "properties": { - "DashManifests": { - "items": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.DashManifest" - }, - "markdownDescription": "A list of DASH manifest configurations that are available from this endpoint.", - "title": "DashManifests", - "type": "array" - }, - "Encryption": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.DashEncryption", - "markdownDescription": "Parameters for encrypting content.", - "title": "Encryption" - }, - "IncludeEncoderConfigurationInSegments": { - "markdownDescription": "When includeEncoderConfigurationInSegments is set to true, AWS Elemental MediaPackage places your encoder's Sequence Parameter Set (SPS), Picture Parameter Set (PPS), and Video Parameter Set (VPS) metadata in every video segment instead of in the init fragment. This lets you use different SPS/PPS/VPS settings for your assets during content playback.", - "title": "IncludeEncoderConfigurationInSegments", - "type": "boolean" - }, - "IncludeIframeOnlyStream": { - "markdownDescription": "This applies only to stream sets with a single video track. When true, the stream set includes an additional I-frame trick-play only stream, along with the other tracks. If false, this extra stream is not included.", - "title": "IncludeIframeOnlyStream", - "type": "boolean" - }, - "PeriodTriggers": { - "items": { - "type": "string" - }, - "markdownDescription": "Controls whether AWS Elemental MediaPackage produces single-period or multi-period DASH manifests. For more information about periods, see [Multi-period DASH in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/ug/multi-period.html) .\n\nValid values:\n\n- `ADS` - AWS Elemental MediaPackage will produce multi-period DASH manifests. Periods are created based on the SCTE-35 ad markers present in the input manifest.\n- *No value* - AWS Elemental MediaPackage will produce single-period DASH manifests. This is the default setting.", - "title": "PeriodTriggers", - "type": "array" - }, - "SegmentDurationSeconds": { - "markdownDescription": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source segment duration.", - "title": "SegmentDurationSeconds", - "type": "number" - }, - "SegmentTemplateFormat": { - "markdownDescription": "Determines the type of SegmentTemplate included in the Media Presentation Description (MPD). When set to `NUMBER_WITH_TIMELINE` , a full timeline is presented in each SegmentTemplate, with $Number$ media URLs. When set to `TIME_WITH_TIMELINE` , a full timeline is presented in each SegmentTemplate, with $Time$ media URLs. When set to `NUMBER_WITH_DURATION` , only a duration is included in each SegmentTemplate, with $Number$ media URLs.", - "title": "SegmentTemplateFormat", + "DataLakePrincipalIdentifier": { + "markdownDescription": "An identifier for the AWS Lake Formation principal.", + "title": "DataLakePrincipalIdentifier", "type": "string" } }, - "required": [ - "DashManifests" - ], "type": "object" }, - "AWS::MediaPackage::PackagingConfiguration.EncryptionContractConfiguration": { + "AWS::LakeFormation::PrincipalPermissions.DataLocationResource": { "additionalProperties": false, "properties": { - "PresetSpeke20Audio": { - "markdownDescription": "A collection of audio encryption presets.\n\nValue description:\n\n- `PRESET-AUDIO-1` - Use one content key to encrypt all of the audio tracks in your stream.\n- `PRESET-AUDIO-2` - Use one content key to encrypt all of the stereo audio tracks and one content key to encrypt all of the multichannel audio tracks.\n- `PRESET-AUDIO-3` - Use one content key to encrypt all of the stereo audio tracks, one content key to encrypt all of the multichannel audio tracks with 3 to 6 channels, and one content key to encrypt all of the multichannel audio tracks with more than 6 channels.\n- `SHARED` - Use the same content key for all of the audio and video tracks in your stream.\n- `UNENCRYPTED` - Don't encrypt any of the audio tracks in your stream.", - "title": "PresetSpeke20Audio", + "CatalogId": { + "markdownDescription": "The identifier for the Data Catalog where the location is registered with AWS Lake Formation .", + "title": "CatalogId", "type": "string" }, - "PresetSpeke20Video": { - "markdownDescription": "A collection of video encryption presets.\n\nValue description:\n\n- `PRESET-VIDEO-1` - Use one content key to encrypt all of the video tracks in your stream.\n- `PRESET-VIDEO-2` - Use one content key to encrypt all of the SD video tracks and one content key for all HD and higher resolutions video tracks.\n- `PRESET-VIDEO-3` - Use one content key to encrypt all of the SD video tracks, one content key for HD video tracks and one content key for all UHD video tracks.\n- `PRESET-VIDEO-4` - Use one content key to encrypt all of the SD video tracks, one content key for HD video tracks, one content key for all UHD1 video tracks and one content key for all UHD2 video tracks.\n- `PRESET-VIDEO-5` - Use one content key to encrypt all of the SD video tracks, one content key for HD1 video tracks, one content key for HD2 video tracks, one content key for all UHD1 video tracks and one content key for all UHD2 video tracks.\n- `PRESET-VIDEO-6` - Use one content key to encrypt all of the SD video tracks, one content key for HD1 video tracks, one content key for HD2 video tracks and one content key for all UHD video tracks.\n- `PRESET-VIDEO-7` - Use one content key to encrypt all of the SD+HD1 video tracks, one content key for HD2 video tracks and one content key for all UHD video tracks.\n- `PRESET-VIDEO-8` - Use one content key to encrypt all of the SD+HD1 video tracks, one content key for HD2 video tracks, one content key for all UHD1 video tracks and one content key for all UHD2 video tracks.\n- `SHARED` - Use the same content key for all of the video and audio tracks in your stream.\n- `UNENCRYPTED` - Don't encrypt any of the video tracks in your stream.", - "title": "PresetSpeke20Video", + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that uniquely identifies the data location resource.", + "title": "ResourceArn", "type": "string" } }, "required": [ - "PresetSpeke20Audio", - "PresetSpeke20Video" + "CatalogId", + "ResourceArn" ], "type": "object" }, - "AWS::MediaPackage::PackagingConfiguration.HlsEncryption": { + "AWS::LakeFormation::PrincipalPermissions.DatabaseResource": { "additionalProperties": false, "properties": { - "ConstantInitializationVector": { - "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, used with the key for encrypting blocks. If you don't specify a constant initialization vector (IV), AWS Elemental MediaPackage periodically rotates the IV.", - "title": "ConstantInitializationVector", + "CatalogId": { + "markdownDescription": "The identifier for the Data Catalog. By default, it is the account ID of the caller.", + "title": "CatalogId", "type": "string" }, - "EncryptionMethod": { - "markdownDescription": "HLS encryption type.", - "title": "EncryptionMethod", + "Name": { + "markdownDescription": "The name of the database resource. Unique to the Data Catalog.", + "title": "Name", "type": "string" - }, - "SpekeKeyProvider": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.SpekeKeyProvider", - "markdownDescription": "Parameters for the SPEKE key provider.", - "title": "SpekeKeyProvider" } }, "required": [ - "SpekeKeyProvider" + "CatalogId", + "Name" ], "type": "object" }, - "AWS::MediaPackage::PackagingConfiguration.HlsManifest": { + "AWS::LakeFormation::PrincipalPermissions.LFTag": { "additionalProperties": false, "properties": { - "AdMarkers": { - "markdownDescription": "This setting controls ad markers in the packaged content.\n\nValid values:\n\n- `NONE` - Omits all SCTE-35 ad markers from the output.\n- `PASSTHROUGH` - Creates a copy in the output of the SCTE-35 ad markers (comments) taken directly from the input manifest.\n- `SCTE35_ENHANCED` - Generates ad markers and blackout tags in the output based on the SCTE-35 messages from the input manifest.", - "title": "AdMarkers", - "type": "string" - }, - "IncludeIframeOnlyStream": { - "markdownDescription": "Applies to stream sets with a single video track only. When enabled, the output includes an additional I-frame only stream, along with the other tracks.", - "title": "IncludeIframeOnlyStream", - "type": "boolean" - }, - "ManifestName": { - "markdownDescription": "A short string that's appended to the end of the endpoint URL to create a unique path to this packaging configuration.", - "title": "ManifestName", + "TagKey": { + "markdownDescription": "The key-name for the LF-tag.", + "title": "TagKey", "type": "string" }, - "ProgramDateTimeIntervalSeconds": { - "markdownDescription": "Inserts `EXT-X-PROGRAM-DATE-TIME` tags in the output manifest at the interval that you specify.\n\nIrrespective of this parameter, if any ID3Timed metadata is in the HLS input, it is passed through to the HLS output.\n\nOmit this attribute or enter `0` to indicate that the `EXT-X-PROGRAM-DATE-TIME` tags are not included in the manifest.", - "title": "ProgramDateTimeIntervalSeconds", - "type": "number" - }, - "RepeatExtXKey": { - "markdownDescription": "Repeat the `EXT-X-KEY` directive for every media segment. This might result in an increase in client requests to the DRM server.", - "title": "RepeatExtXKey", - "type": "boolean" - }, - "StreamSelection": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.StreamSelection", - "markdownDescription": "Video bitrate limitations for outputs from this packaging configuration.", - "title": "StreamSelection" + "TagValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of possible values of the corresponding `TagKey` of an LF-tag key-value pair.", + "title": "TagValues", + "type": "array" } }, "type": "object" }, - "AWS::MediaPackage::PackagingConfiguration.HlsPackage": { + "AWS::LakeFormation::PrincipalPermissions.LFTagKeyResource": { "additionalProperties": false, "properties": { - "Encryption": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.HlsEncryption", - "markdownDescription": "Parameters for encrypting content.", - "title": "Encryption" + "CatalogId": { + "markdownDescription": "The identifier for the Data Catalog where the location is registered with Data Catalog .", + "title": "CatalogId", + "type": "string" }, - "HlsManifests": { + "TagKey": { + "markdownDescription": "The key-name for the LF-tag.", + "title": "TagKey", + "type": "string" + }, + "TagValues": { "items": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.HlsManifest" + "type": "string" }, - "markdownDescription": "A list of HLS manifest configurations that are available from this endpoint.", - "title": "HlsManifests", + "markdownDescription": "A list of possible values for the corresponding `TagKey` of an LF-tag key-value pair.", + "title": "TagValues", "type": "array" - }, - "IncludeDvbSubtitles": { - "markdownDescription": "When enabled, MediaPackage passes through digital video broadcasting (DVB) subtitles into the output.", - "title": "IncludeDvbSubtitles", - "type": "boolean" - }, - "SegmentDurationSeconds": { - "markdownDescription": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source fragment duration.", - "title": "SegmentDurationSeconds", - "type": "number" - }, - "UseAudioRenditionGroup": { - "markdownDescription": "When true, AWS Elemental MediaPackage bundles all audio tracks in a rendition group. All other tracks in the stream can be used with any audio rendition from the group.", - "title": "UseAudioRenditionGroup", - "type": "boolean" } }, "required": [ - "HlsManifests" + "CatalogId", + "TagKey", + "TagValues" ], "type": "object" }, - "AWS::MediaPackage::PackagingConfiguration.MssEncryption": { + "AWS::LakeFormation::PrincipalPermissions.LFTagPolicyResource": { "additionalProperties": false, "properties": { - "SpekeKeyProvider": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.SpekeKeyProvider", - "markdownDescription": "Parameters for the SPEKE key provider.", - "title": "SpekeKeyProvider" + "CatalogId": { + "markdownDescription": "The identifier for the Data Catalog . The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your AWS Lake Formation environment.", + "title": "CatalogId", + "type": "string" + }, + "Expression": { + "items": { + "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.LFTag" + }, + "markdownDescription": "A list of LF-tag conditions that apply to the resource's LF-tag policy.", + "title": "Expression", + "type": "array" + }, + "ResourceType": { + "markdownDescription": "The resource type for which the LF-tag policy applies.", + "title": "ResourceType", + "type": "string" } }, "required": [ - "SpekeKeyProvider" + "CatalogId", + "Expression", + "ResourceType" ], "type": "object" }, - "AWS::MediaPackage::PackagingConfiguration.MssManifest": { + "AWS::LakeFormation::PrincipalPermissions.Resource": { "additionalProperties": false, "properties": { - "ManifestName": { - "markdownDescription": "A short string that's appended to the end of the endpoint URL to create a unique path to this packaging configuration.", - "title": "ManifestName", - "type": "string" + "Catalog": { + "markdownDescription": "The identifier for the Data Catalog. By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your AWS Lake Formation environment.", + "title": "Catalog", + "type": "object" }, - "StreamSelection": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.StreamSelection", - "markdownDescription": "Video bitrate limitations for outputs from this packaging configuration.", - "title": "StreamSelection" + "DataCellsFilter": { + "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.DataCellsFilterResource", + "markdownDescription": "A data cell filter.", + "title": "DataCellsFilter" + }, + "DataLocation": { + "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.DataLocationResource", + "markdownDescription": "The location of an Amazon S3 path where permissions are granted or revoked.", + "title": "DataLocation" + }, + "Database": { + "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.DatabaseResource", + "markdownDescription": "The database for the resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database permissions to a principal.", + "title": "Database" + }, + "LFTag": { + "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.LFTagKeyResource", + "markdownDescription": "The LF-tag key and values attached to a resource.", + "title": "LFTag" + }, + "LFTagPolicy": { + "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.LFTagPolicyResource", + "markdownDescription": "A list of LF-tag conditions that define a resource's LF-tag policy.", + "title": "LFTagPolicy" + }, + "Table": { + "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.TableResource", + "markdownDescription": "The table for the resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.", + "title": "Table" + }, + "TableWithColumns": { + "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.TableWithColumnsResource", + "markdownDescription": "The table with columns for the resource. A principal with permissions to this resource can select metadata from the columns of a table in the Data Catalog and the underlying data in Amazon S3.", + "title": "TableWithColumns" } }, "type": "object" }, - "AWS::MediaPackage::PackagingConfiguration.MssPackage": { + "AWS::LakeFormation::PrincipalPermissions.TableResource": { "additionalProperties": false, "properties": { - "Encryption": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.MssEncryption", - "markdownDescription": "Parameters for encrypting content.", - "title": "Encryption" + "CatalogId": { + "markdownDescription": "The identifier for the Data Catalog. By default, it is the account ID of the caller.", + "title": "CatalogId", + "type": "string" }, - "MssManifests": { - "items": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.MssManifest" - }, - "markdownDescription": "A list of Microsoft Smooth manifest configurations that are available from this endpoint.", - "title": "MssManifests", - "type": "array" + "DatabaseName": { + "markdownDescription": "The name of the database for the table. Unique to a Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.", + "title": "DatabaseName", + "type": "string" }, - "SegmentDurationSeconds": { - "markdownDescription": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source fragment duration.", - "title": "SegmentDurationSeconds", - "type": "number" + "Name": { + "markdownDescription": "The name of the table.", + "title": "Name", + "type": "string" + }, + "TableWildcard": { + "markdownDescription": "A wildcard object representing every table under a database.\n\nAt least one of `TableResource$Name` or `TableResource$TableWildcard` is required.", + "title": "TableWildcard", + "type": "object" } }, "required": [ - "MssManifests" + "CatalogId", + "DatabaseName" ], "type": "object" }, - "AWS::MediaPackage::PackagingConfiguration.SpekeKeyProvider": { + "AWS::LakeFormation::PrincipalPermissions.TableWithColumnsResource": { "additionalProperties": false, "properties": { - "EncryptionContractConfiguration": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.EncryptionContractConfiguration", - "markdownDescription": "Use `encryptionContractConfiguration` to configure one or more content encryption keys for your endpoints that use SPEKE Version 2.0. The encryption contract defines which content keys are used to encrypt the audio and video tracks in your stream. To configure the encryption contract, specify which audio and video encryption presets to use.", - "title": "EncryptionContractConfiguration" - }, - "RoleArn": { - "markdownDescription": "The ARN for the IAM role that's granted by the key provider to provide access to the key provider API. Valid format: arn:aws:iam::{accountID}:role/{name}", - "title": "RoleArn", + "CatalogId": { + "markdownDescription": "The identifier for the Data Catalog where the location is registered with AWS Lake Formation .", + "title": "CatalogId", "type": "string" }, - "SystemIds": { + "ColumnNames": { "items": { "type": "string" }, - "markdownDescription": "List of unique identifiers for the DRM systems to use, as defined in the CPIX specification.", - "title": "SystemIds", + "markdownDescription": "The list of column names for the table. At least one of `ColumnNames` or `ColumnWildcard` is required.", + "title": "ColumnNames", "type": "array" }, - "Url": { - "markdownDescription": "URL for the key provider's key retrieval API endpoint. Must start with https://.", - "title": "Url", - "type": "string" - } - }, - "required": [ - "RoleArn", - "SystemIds", - "Url" - ], - "type": "object" - }, - "AWS::MediaPackage::PackagingConfiguration.StreamSelection": { - "additionalProperties": false, - "properties": { - "MaxVideoBitsPerSecond": { - "markdownDescription": "The upper limit of the bitrates that this endpoint serves. If the video track exceeds this threshold, then AWS Elemental MediaPackage excludes it from output. If you don't specify a value, it defaults to 2147483647 bits per second.", - "title": "MaxVideoBitsPerSecond", - "type": "number" + "ColumnWildcard": { + "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.ColumnWildcard", + "markdownDescription": "A wildcard specified by a `ColumnWildcard` object. At least one of `ColumnNames` or `ColumnWildcard` is required.", + "title": "ColumnWildcard" }, - "MinVideoBitsPerSecond": { - "markdownDescription": "The lower limit of the bitrates that this endpoint serves. If the video track is below this threshold, then AWS Elemental MediaPackage excludes it from output. If you don't specify a value, it defaults to 0 bits per second.", - "title": "MinVideoBitsPerSecond", - "type": "number" + "DatabaseName": { + "markdownDescription": "The name of the database for the table with columns resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.", + "title": "DatabaseName", + "type": "string" }, - "StreamOrder": { - "markdownDescription": "Order in which the different video bitrates are presented to the player.\n\nValid values: `ORIGINAL` , `VIDEO_BITRATE_ASCENDING` , `VIDEO_BITRATE_DESCENDING` .", - "title": "StreamOrder", + "Name": { + "markdownDescription": "The name of the table resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.", + "title": "Name", "type": "string" } }, + "required": [ + "CatalogId", + "DatabaseName", + "Name" + ], "type": "object" }, - "AWS::MediaPackage::PackagingGroup": { + "AWS::LakeFormation::Resource": { "additionalProperties": false, "properties": { "Condition": { @@ -163246,38 +168183,41 @@ "Properties": { "additionalProperties": false, "properties": { - "Authorization": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingGroup.Authorization", - "markdownDescription": "Parameters for CDN authorization.", - "title": "Authorization" + "HybridAccessEnabled": { + "markdownDescription": "Indicates whether the data access of tables pointing to the location can be managed by both Lake Formation permissions as well as Amazon S3 bucket policies.", + "title": "HybridAccessEnabled", + "type": "boolean" }, - "EgressAccessLogs": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingGroup.LogConfiguration", - "markdownDescription": "The configuration parameters for egress access logging.", - "title": "EgressAccessLogs" + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", + "title": "ResourceArn", + "type": "string" }, - "Id": { - "markdownDescription": "Unique identifier that you assign to the packaging group.", - "title": "Id", + "RoleArn": { + "markdownDescription": "The IAM role that registered a resource.", + "title": "RoleArn", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to assign to the packaging group.", - "title": "Tags", - "type": "array" + "UseServiceLinkedRole": { + "markdownDescription": "Designates a trusted caller, an IAM principal, by registering this caller with the Data Catalog .", + "title": "UseServiceLinkedRole", + "type": "boolean" + }, + "WithFederation": { + "markdownDescription": "Allows Lake Formation to assume a role to access tables in a federated database.", + "title": "WithFederation", + "type": "boolean" } }, "required": [ - "Id" + "ResourceArn", + "UseServiceLinkedRole" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaPackage::PackagingGroup" + "AWS::LakeFormation::Resource" ], "type": "string" }, @@ -163296,49 +168236,18 @@ ], "type": "object" }, - "AWS::MediaPackage::PackagingGroup.Authorization": { + "AWS::LakeFormation::Tag": { "additionalProperties": false, "properties": { - "CdnIdentifierSecret": { - "markdownDescription": "The Amazon Resource Name (ARN) for the secret in AWS Secrets Manager that is used for CDN authorization.", - "title": "CdnIdentifierSecret", + "Condition": { "type": "string" }, - "SecretsRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the IAM role that allows AWS Elemental MediaPackage to communicate with AWS Secrets Manager .", - "title": "SecretsRoleArn", - "type": "string" - } - }, - "required": [ - "CdnIdentifierSecret", - "SecretsRoleArn" - ], - "type": "object" - }, - "AWS::MediaPackage::PackagingGroup.LogConfiguration": { - "additionalProperties": false, - "properties": { - "LogGroupName": { - "markdownDescription": "Sets a custom Amazon CloudWatch log group name for egress logs. If a log group name isn't specified, the default name is used: /aws/MediaPackage/EgressAccessLogs.", - "title": "LogGroupName", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaPackageV2::Channel": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, "DependsOn": { @@ -163362,39 +168271,34 @@ "Properties": { "additionalProperties": false, "properties": { - "ChannelGroupName": { - "markdownDescription": "The name of the channel group associated with the channel configuration.", - "title": "ChannelGroupName", - "type": "string" - }, - "ChannelName": { - "markdownDescription": "The name of the channel.", - "title": "ChannelName", + "CatalogId": { + "markdownDescription": "Catalog id string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html) .\n\nThe identifier for the Data Catalog . By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your AWS Lake Formation environment.", + "title": "CatalogId", "type": "string" }, - "Description": { - "markdownDescription": "The description of the channel.", - "title": "Description", + "TagKey": { + "markdownDescription": "UTF-8 string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html) .\n\nThe key-name for the LF-tag.", + "title": "TagKey", "type": "string" }, - "Tags": { + "TagValues": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "The tags associated with the channel.", - "title": "Tags", + "markdownDescription": "An array of UTF-8 strings, not less than 1 or more than 50 strings.\n\nA list of possible values of the corresponding `TagKey` of an LF-tag key-value pair.", + "title": "TagValues", "type": "array" } }, "required": [ - "ChannelGroupName", - "ChannelName" + "TagKey", + "TagValues" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaPackageV2::Channel" + "AWS::LakeFormation::Tag" ], "type": "string" }, @@ -163413,23 +168317,7 @@ ], "type": "object" }, - "AWS::MediaPackageV2::Channel.IngestEndpoint": { - "additionalProperties": false, - "properties": { - "Id": { - "markdownDescription": "The identifier associated with the ingest endpoint of the channel.", - "title": "Id", - "type": "string" - }, - "Url": { - "markdownDescription": "The URL associated with the ingest endpoint of the channel.", - "title": "Url", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaPackageV2::ChannelGroup": { + "AWS::LakeFormation::TagAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -163464,33 +168352,29 @@ "Properties": { "additionalProperties": false, "properties": { - "ChannelGroupName": { - "markdownDescription": "The name of the channel group.", - "title": "ChannelGroupName", - "type": "string" - }, - "Description": { - "markdownDescription": "The configuration for a MediaPackage V2 channel group.", - "title": "Description", - "type": "string" - }, - "Tags": { + "LFTags": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::LakeFormation::TagAssociation.LFTagPair" }, - "markdownDescription": "The tags associated with the channel group.", - "title": "Tags", + "markdownDescription": "A structure containing an LF-tag key-value pair.", + "title": "LFTags", "type": "array" + }, + "Resource": { + "$ref": "#/definitions/AWS::LakeFormation::TagAssociation.Resource", + "markdownDescription": "UTF-8 string (valid values: `DATABASE | TABLE` ).\n\nThe resource for which the LF-tag policy applies.", + "title": "Resource" } }, "required": [ - "ChannelGroupName" + "LFTags", + "Resource" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaPackageV2::ChannelGroup" + "AWS::LakeFormation::TagAssociation" ], "type": "string" }, @@ -163509,86 +168393,147 @@ ], "type": "object" }, - "AWS::MediaPackageV2::ChannelPolicy": { + "AWS::LakeFormation::TagAssociation.DatabaseResource": { "additionalProperties": false, "properties": { - "Condition": { + "CatalogId": { + "markdownDescription": "The identifier for the Data Catalog . By default, it should be the account ID of the caller.", + "title": "CatalogId", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "The name of the database resource. Unique to the Data Catalog.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "CatalogId", + "Name" + ], + "type": "object" + }, + "AWS::LakeFormation::TagAssociation.LFTagPair": { + "additionalProperties": false, + "properties": { + "CatalogId": { + "markdownDescription": "The identifier for the Data Catalog . By default, it is the account ID of the caller.", + "title": "CatalogId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "TagKey": { + "markdownDescription": "The key-name for the LF-tag.", + "title": "TagKey", + "type": "string" }, - "Metadata": { + "TagValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of possible values of the corresponding `TagKey` of an LF-tag key-value pair.", + "title": "TagValues", + "type": "array" + } + }, + "required": [ + "CatalogId", + "TagKey", + "TagValues" + ], + "type": "object" + }, + "AWS::LakeFormation::TagAssociation.Resource": { + "additionalProperties": false, + "properties": { + "Catalog": { + "markdownDescription": "The identifier for the Data Catalog. By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your AWS Lake Formation environment.", + "title": "Catalog", "type": "object" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ChannelGroupName": { - "markdownDescription": "The name of the channel group associated with the channel policy.", - "title": "ChannelGroupName", - "type": "string" - }, - "ChannelName": { - "markdownDescription": "The name of the channel associated with the channel policy.", - "title": "ChannelName", - "type": "string" - }, - "Policy": { - "markdownDescription": "The policy associated with the channel.", - "title": "Policy", - "type": "object" - } - }, - "required": [ - "ChannelGroupName", - "ChannelName", - "Policy" - ], + "Database": { + "$ref": "#/definitions/AWS::LakeFormation::TagAssociation.DatabaseResource", + "markdownDescription": "The database for the resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database permissions to a principal.", + "title": "Database" + }, + "Table": { + "$ref": "#/definitions/AWS::LakeFormation::TagAssociation.TableResource", + "markdownDescription": "The table for the resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.", + "title": "Table" + }, + "TableWithColumns": { + "$ref": "#/definitions/AWS::LakeFormation::TagAssociation.TableWithColumnsResource", + "markdownDescription": "The table with columns for the resource. A principal with permissions to this resource can select metadata from the columns of a table in the Data Catalog and the underlying data in Amazon S3.", + "title": "TableWithColumns" + } + }, + "type": "object" + }, + "AWS::LakeFormation::TagAssociation.TableResource": { + "additionalProperties": false, + "properties": { + "CatalogId": { + "markdownDescription": "The identifier for the Data Catalog . By default, it is the account ID of the caller.", + "title": "CatalogId", + "type": "string" + }, + "DatabaseName": { + "markdownDescription": "The name of the database for the table. Unique to a Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.", + "title": "DatabaseName", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the table.", + "title": "Name", + "type": "string" + }, + "TableWildcard": { + "markdownDescription": "A wildcard object representing every table under a database.This is an object with no properties that effectively behaves as a true or false depending on whether not it is passed as a parameter. The valid inputs for a property with this type in either yaml or json is null or {}.\n\nAt least one of `TableResource$Name` or `TableResource$TableWildcard` is required.", + "title": "TableWildcard", "type": "object" + } + }, + "required": [ + "CatalogId", + "DatabaseName" + ], + "type": "object" + }, + "AWS::LakeFormation::TagAssociation.TableWithColumnsResource": { + "additionalProperties": false, + "properties": { + "CatalogId": { + "markdownDescription": "A wildcard object representing every table under a database.\n\nAt least one of TableResource$Name or TableResource$TableWildcard is required.", + "title": "CatalogId", + "type": "string" }, - "Type": { - "enum": [ - "AWS::MediaPackageV2::ChannelPolicy" - ], + "ColumnNames": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of column names for the table. At least one of `ColumnNames` or `ColumnWildcard` is required.", + "title": "ColumnNames", + "type": "array" + }, + "DatabaseName": { + "markdownDescription": "The name of the database for the table with columns resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.", + "title": "DatabaseName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "The name of the table resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.", + "title": "Name", "type": "string" } }, "required": [ - "Type", - "Properties" + "CatalogId", + "ColumnNames", + "DatabaseName", + "Name" ], "type": "object" }, - "AWS::MediaPackageV2::OriginEndpoint": { + "AWS::Lambda::Alias": { "additionalProperties": false, "properties": { "Condition": { @@ -163623,76 +168568,47 @@ "Properties": { "additionalProperties": false, "properties": { - "ChannelGroupName": { - "markdownDescription": "The name of the channel group associated with the origin endpoint configuration.", - "title": "ChannelGroupName", - "type": "string" - }, - "ChannelName": { - "markdownDescription": "The channel name associated with the origin endpoint.", - "title": "ChannelName", - "type": "string" - }, - "ContainerType": { - "markdownDescription": "The container type associated with the origin endpoint configuration.", - "title": "ContainerType", - "type": "string" - }, "Description": { - "markdownDescription": "The description associated with the origin endpoint.", + "markdownDescription": "A description of the alias.", "title": "Description", "type": "string" }, - "HlsManifests": { - "items": { - "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.HlsManifestConfiguration" - }, - "markdownDescription": "The HLS manifests associated with the origin endpoint configuration.", - "title": "HlsManifests", - "type": "array" - }, - "LowLatencyHlsManifests": { - "items": { - "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.LowLatencyHlsManifestConfiguration" - }, - "markdownDescription": "The low-latency HLS (LL-HLS) manifests associated with the origin endpoint.", - "title": "LowLatencyHlsManifests", - "type": "array" + "FunctionName": { + "markdownDescription": "The name or ARN of the Lambda function.\n\n**Name formats** - *Function name* - `MyFunction` .\n- *Function ARN* - `arn:aws:lambda:us-west-2:123456789012:function:MyFunction` .\n- *Partial ARN* - `123456789012:function:MyFunction` .\n\nThe length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length.", + "title": "FunctionName", + "type": "string" }, - "OriginEndpointName": { - "markdownDescription": "The name of the origin endpoint associated with the origin endpoint configuration.", - "title": "OriginEndpointName", + "FunctionVersion": { + "markdownDescription": "The function version that the alias invokes.", + "title": "FunctionVersion", "type": "string" }, - "Segment": { - "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.Segment", - "markdownDescription": "The segment associated with the origin endpoint.", - "title": "Segment" + "Name": { + "markdownDescription": "The name of the alias.", + "title": "Name", + "type": "string" }, - "StartoverWindowSeconds": { - "markdownDescription": "The size of the window (in seconds) to specify a window of the live stream that's available for on-demand viewing. Viewers can start-over or catch-up on content that falls within the window.", - "title": "StartoverWindowSeconds", - "type": "number" + "ProvisionedConcurrencyConfig": { + "$ref": "#/definitions/AWS::Lambda::Alias.ProvisionedConcurrencyConfiguration", + "markdownDescription": "Specifies a [provisioned concurrency](https://docs.aws.amazon.com/lambda/latest/dg/configuration-concurrency.html) configuration for a function's alias.", + "title": "ProvisionedConcurrencyConfig" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags associated with the origin endpoint.", - "title": "Tags", - "type": "array" + "RoutingConfig": { + "$ref": "#/definitions/AWS::Lambda::Alias.AliasRoutingConfiguration", + "markdownDescription": "The [routing configuration](https://docs.aws.amazon.com/lambda/latest/dg/lambda-traffic-shifting-using-aliases.html) of the alias.", + "title": "RoutingConfig" } }, "required": [ - "ChannelGroupName", - "ChannelName", - "OriginEndpointName" + "FunctionName", + "FunctionVersion", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaPackageV2::OriginEndpoint" + "AWS::Lambda::Alias" ], "type": "string" }, @@ -163711,294 +168627,55 @@ ], "type": "object" }, - "AWS::MediaPackageV2::OriginEndpoint.Encryption": { - "additionalProperties": false, - "properties": { - "ConstantInitializationVector": { - "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, used in conjunction with the key for encrypting content. If you don't specify a value, then MediaPackage creates the constant initialization vector (IV).", - "title": "ConstantInitializationVector", - "type": "string" - }, - "EncryptionMethod": { - "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.EncryptionMethod", - "markdownDescription": "The encryption method to use.", - "title": "EncryptionMethod" - }, - "KeyRotationIntervalSeconds": { - "markdownDescription": "The interval, in seconds, to rotate encryption keys for the origin endpoint.", - "title": "KeyRotationIntervalSeconds", - "type": "number" - }, - "SpekeKeyProvider": { - "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.SpekeKeyProvider", - "markdownDescription": "The SPEKE key provider to use for encryption.", - "title": "SpekeKeyProvider" - } - }, - "required": [ - "EncryptionMethod", - "SpekeKeyProvider" - ], - "type": "object" - }, - "AWS::MediaPackageV2::OriginEndpoint.EncryptionContractConfiguration": { - "additionalProperties": false, - "properties": { - "PresetSpeke20Audio": { - "markdownDescription": "A collection of audio encryption presets.\n\nValue description:\n\n- `PRESET-AUDIO-1` - Use one content key to encrypt all of the audio tracks in your stream.\n- `PRESET-AUDIO-2` - Use one content key to encrypt all of the stereo audio tracks and one content key to encrypt all of the multichannel audio tracks.\n- `PRESET-AUDIO-3` - Use one content key to encrypt all of the stereo audio tracks, one content key to encrypt all of the multichannel audio tracks with 3 to 6 channels, and one content key to encrypt all of the multichannel audio tracks with more than 6 channels.\n- `SHARED` - Use the same content key for all of the audio and video tracks in your stream.\n- `UNENCRYPTED` - Don't encrypt any of the audio tracks in your stream.", - "title": "PresetSpeke20Audio", - "type": "string" - }, - "PresetSpeke20Video": { - "markdownDescription": "The SPEKE Version 2.0 preset video associated with the encryption contract configuration of the origin endpoint.\n\nA collection of video encryption presets.\n\nValue description:\n\n- `PRESET-VIDEO-1` - Use one content key to encrypt all of the video tracks in your stream.\n- `PRESET-VIDEO-2` - Use one content key to encrypt all of the SD video tracks and one content key for all HD and higher resolutions video tracks.\n- `PRESET-VIDEO-3` - Use one content key to encrypt all of the SD video tracks, one content key for HD video tracks and one content key for all UHD video tracks.\n- `PRESET-VIDEO-4` - Use one content key to encrypt all of the SD video tracks, one content key for HD video tracks, one content key for all UHD1 video tracks and one content key for all UHD2 video tracks.\n- `PRESET-VIDEO-5` - Use one content key to encrypt all of the SD video tracks, one content key for HD1 video tracks, one content key for HD2 video tracks, one content key for all UHD1 video tracks and one content key for all UHD2 video tracks.\n- `PRESET-VIDEO-6` - Use one content key to encrypt all of the SD video tracks, one content key for HD1 video tracks, one content key for HD2 video tracks and one content key for all UHD video tracks.\n- `PRESET-VIDEO-7` - Use one content key to encrypt all of the SD+HD1 video tracks, one content key for HD2 video tracks and one content key for all UHD video tracks.\n- `PRESET-VIDEO-8` - Use one content key to encrypt all of the SD+HD1 video tracks, one content key for HD2 video tracks, one content key for all UHD1 video tracks and one content key for all UHD2 video tracks.\n- `SHARED` - Use the same content key for all of the video and audio tracks in your stream.\n- `UNENCRYPTED` - Don't encrypt any of the video tracks in your stream.", - "title": "PresetSpeke20Video", - "type": "string" - } - }, - "required": [ - "PresetSpeke20Audio", - "PresetSpeke20Video" - ], - "type": "object" - }, - "AWS::MediaPackageV2::OriginEndpoint.EncryptionMethod": { - "additionalProperties": false, - "properties": { - "CmafEncryptionMethod": { - "markdownDescription": "The encryption method to use.", - "title": "CmafEncryptionMethod", - "type": "string" - }, - "TsEncryptionMethod": { - "markdownDescription": "The encryption method to use.", - "title": "TsEncryptionMethod", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaPackageV2::OriginEndpoint.FilterConfiguration": { - "additionalProperties": false, - "properties": { - "End": { - "markdownDescription": "Optionally specify the end time for all of your manifest egress requests. When you include end time, note that you cannot use end time query parameters for this manifest's endpoint URL.", - "title": "End", - "type": "string" - }, - "ManifestFilter": { - "markdownDescription": "Optionally specify one or more manifest filters for all of your manifest egress requests. When you include a manifest filter, note that you cannot use an identical manifest filter query parameter for this manifest's endpoint URL.", - "title": "ManifestFilter", - "type": "string" - }, - "Start": { - "markdownDescription": "Optionally specify the start time for all of your manifest egress requests. When you include start time, note that you cannot use start time query parameters for this manifest's endpoint URL.", - "title": "Start", - "type": "string" - }, - "TimeDelaySeconds": { - "markdownDescription": "Optionally specify the time delay for all of your manifest egress requests. Enter a value that is smaller than your endpoint's startover window. When you include time delay, note that you cannot use time delay query parameters for this manifest's endpoint URL.", - "title": "TimeDelaySeconds", - "type": "number" - } - }, - "type": "object" - }, - "AWS::MediaPackageV2::OriginEndpoint.HlsManifestConfiguration": { - "additionalProperties": false, - "properties": { - "ChildManifestName": { - "markdownDescription": "The name of the child manifest associated with the HLS manifest configuration.", - "title": "ChildManifestName", - "type": "string" - }, - "FilterConfiguration": { - "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.FilterConfiguration", - "markdownDescription": "", - "title": "FilterConfiguration" - }, - "ManifestName": { - "markdownDescription": "The name of the manifest associated with the HLS manifest configuration.", - "title": "ManifestName", - "type": "string" - }, - "ManifestWindowSeconds": { - "markdownDescription": "The duration of the manifest window, in seconds, for the HLS manifest configuration.", - "title": "ManifestWindowSeconds", - "type": "number" - }, - "ProgramDateTimeIntervalSeconds": { - "markdownDescription": "The `EXT-X-PROGRAM-DATE-TIME` interval, in seconds, associated with the HLS manifest configuration.", - "title": "ProgramDateTimeIntervalSeconds", - "type": "number" - }, - "ScteHls": { - "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.ScteHls", - "markdownDescription": "THE SCTE-35 HLS configuration associated with the HLS manifest configuration.", - "title": "ScteHls" - }, - "Url": { - "markdownDescription": "The URL of the HLS manifest configuration.", - "title": "Url", - "type": "string" - } - }, - "required": [ - "ManifestName" - ], - "type": "object" - }, - "AWS::MediaPackageV2::OriginEndpoint.LowLatencyHlsManifestConfiguration": { - "additionalProperties": false, - "properties": { - "ChildManifestName": { - "markdownDescription": "The name of the child manifest associated with the low-latency HLS (LL-HLS) manifest configuration of the origin endpoint.", - "title": "ChildManifestName", - "type": "string" - }, - "FilterConfiguration": { - "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.FilterConfiguration", - "markdownDescription": "", - "title": "FilterConfiguration" - }, - "ManifestName": { - "markdownDescription": "A short string that's appended to the endpoint URL. The manifest name creates a unique path to this endpoint. If you don't enter a value, MediaPackage uses the default manifest name, `index` . MediaPackage automatically inserts the format extension, such as `.m3u8` . You can't use the same manifest name if you use HLS manifest and low-latency HLS manifest. The `manifestName` on the `HLSManifest` object overrides the `manifestName` you provided on the `originEndpoint` object.", - "title": "ManifestName", - "type": "string" - }, - "ManifestWindowSeconds": { - "markdownDescription": "The total duration (in seconds) of the manifest's content.", - "title": "ManifestWindowSeconds", - "type": "number" - }, - "ProgramDateTimeIntervalSeconds": { - "markdownDescription": "Inserts `EXT-X-PROGRAM-DATE-TIME` tags in the output manifest at the interval that you specify. If you don't enter an interval, `EXT-X-PROGRAM-DATE-TIME` tags aren't included in the manifest. The tags sync the stream to the wall clock so that viewers can seek to a specific time in the playback timeline on the player.\n\nIrrespective of this parameter, if any `ID3Timed` metadata is in the HLS input, MediaPackage passes through that metadata to the HLS output.", - "title": "ProgramDateTimeIntervalSeconds", - "type": "number" - }, - "ScteHls": { - "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.ScteHls", - "markdownDescription": "The SCTE-35 HLS configuration associated with the low-latency HLS (LL-HLS) manifest configuration of the origin endpoint.", - "title": "ScteHls" - }, - "Url": { - "markdownDescription": "The URL of the low-latency HLS (LL-HLS) manifest configuration of the origin endpoint.", - "title": "Url", - "type": "string" - } - }, - "required": [ - "ManifestName" - ], - "type": "object" - }, - "AWS::MediaPackageV2::OriginEndpoint.Scte": { + "AWS::Lambda::Alias.AliasRoutingConfiguration": { "additionalProperties": false, "properties": { - "ScteFilter": { + "AdditionalVersionWeights": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Lambda::Alias.VersionWeight" }, - "markdownDescription": "The filter associated with the SCTE-35 configuration.", - "title": "ScteFilter", + "markdownDescription": "The second version, and the percentage of traffic that's routed to it.", + "title": "AdditionalVersionWeights", "type": "array" } }, "type": "object" }, - "AWS::MediaPackageV2::OriginEndpoint.ScteHls": { - "additionalProperties": false, - "properties": { - "AdMarkerHls": { - "markdownDescription": "The SCTE-35 HLS ad-marker configuration.", - "title": "AdMarkerHls", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaPackageV2::OriginEndpoint.Segment": { + "AWS::Lambda::Alias.ProvisionedConcurrencyConfiguration": { "additionalProperties": false, "properties": { - "Encryption": { - "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.Encryption", - "markdownDescription": "Whether to use encryption for the segment.", - "title": "Encryption" - }, - "IncludeIframeOnlyStreams": { - "markdownDescription": "Whether the segment includes I-frame-only streams.", - "title": "IncludeIframeOnlyStreams", - "type": "boolean" - }, - "Scte": { - "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.Scte", - "markdownDescription": "The SCTE-35 configuration associated with the segment.", - "title": "Scte" - }, - "SegmentDurationSeconds": { - "markdownDescription": "The duration of the segment, in seconds.", - "title": "SegmentDurationSeconds", + "ProvisionedConcurrentExecutions": { + "markdownDescription": "The amount of provisioned concurrency to allocate for the alias.", + "title": "ProvisionedConcurrentExecutions", "type": "number" - }, - "SegmentName": { - "markdownDescription": "The name of the segment associated with the origin endpoint.", - "title": "SegmentName", - "type": "string" - }, - "TsIncludeDvbSubtitles": { - "markdownDescription": "Whether the segment includes DVB subtitles.", - "title": "TsIncludeDvbSubtitles", - "type": "boolean" - }, - "TsUseAudioRenditionGroup": { - "markdownDescription": "Whether the segment is an audio rendition group.", - "title": "TsUseAudioRenditionGroup", - "type": "boolean" } }, + "required": [ + "ProvisionedConcurrentExecutions" + ], "type": "object" }, - "AWS::MediaPackageV2::OriginEndpoint.SpekeKeyProvider": { + "AWS::Lambda::Alias.VersionWeight": { "additionalProperties": false, "properties": { - "DrmSystems": { - "items": { - "type": "string" - }, - "markdownDescription": "The DRM solution provider you're using to protect your content during distribution.", - "title": "DrmSystems", - "type": "array" - }, - "EncryptionContractConfiguration": { - "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.EncryptionContractConfiguration", - "markdownDescription": "The encryption contract configuration associated with the SPEKE key provider.", - "title": "EncryptionContractConfiguration" - }, - "ResourceId": { - "markdownDescription": "The unique identifier for the content. The service sends this identifier to the key server to identify the current endpoint. How unique you make this identifier depends on how fine-grained you want access controls to be. The service does not permit you to use the same ID for two simultaneous encryption processes. The resource ID is also known as the content ID.\n\nThe following example shows a resource ID: `MovieNight20171126093045`", - "title": "ResourceId", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN for the IAM role granted by the key provider that provides access to the key provider API. This role must have a trust policy that allows MediaPackage to assume the role, and it must have a sufficient permissions policy to allow access to the specific key retrieval URL. Get this from your DRM solution provider.\n\nValid format: `arn:aws:iam::{accountID}:role/{name}` . The following example shows a role ARN: `arn:aws:iam::444455556666:role/SpekeAccess`", - "title": "RoleArn", + "FunctionVersion": { + "markdownDescription": "The qualifier of the second version.", + "title": "FunctionVersion", "type": "string" }, - "Url": { - "markdownDescription": "The URL of the SPEKE key provider.", - "title": "Url", - "type": "string" + "FunctionWeight": { + "markdownDescription": "The percentage of traffic that the alias routes to the second version.", + "title": "FunctionWeight", + "type": "number" } }, "required": [ - "DrmSystems", - "EncryptionContractConfiguration", - "ResourceId", - "RoleArn", - "Url" + "FunctionVersion", + "FunctionWeight" ], "type": "object" }, - "AWS::MediaPackageV2::OriginEndpointPolicy": { + "AWS::Lambda::CodeSigningConfig": { "additionalProperties": false, "properties": { "Condition": { @@ -164033,38 +168710,38 @@ "Properties": { "additionalProperties": false, "properties": { - "ChannelGroupName": { - "markdownDescription": "The name of the channel group associated with the origin endpoint policy.", - "title": "ChannelGroupName", - "type": "string" + "AllowedPublishers": { + "$ref": "#/definitions/AWS::Lambda::CodeSigningConfig.AllowedPublishers", + "markdownDescription": "List of allowed publishers.", + "title": "AllowedPublishers" }, - "ChannelName": { - "markdownDescription": "The channel name associated with the origin endpoint policy.", - "title": "ChannelName", - "type": "string" + "CodeSigningPolicies": { + "$ref": "#/definitions/AWS::Lambda::CodeSigningConfig.CodeSigningPolicies", + "markdownDescription": "The code signing policy controls the validation failure action for signature mismatch or expiry.", + "title": "CodeSigningPolicies" }, - "OriginEndpointName": { - "markdownDescription": "The name of the origin endpoint associated with the origin endpoint policy.", - "title": "OriginEndpointName", + "Description": { + "markdownDescription": "Code signing configuration description.", + "title": "Description", "type": "string" }, - "Policy": { - "markdownDescription": "The policy associated with the origin endpoint.", - "title": "Policy", - "type": "object" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags to add to the code signing configuration.\n\n> You must have the `lambda:TagResource` , `lambda:UntagResource` , and `lambda:ListTags` permissions for your [IAM principal](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html) to manage the AWS CloudFormation stack. If you don't have these permissions, there might be unexpected behavior with stack-level tags propagating to the resource during resource creation and update.", + "title": "Tags", + "type": "array" } }, "required": [ - "ChannelGroupName", - "ChannelName", - "OriginEndpointName", - "Policy" + "AllowedPublishers" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaPackageV2::OriginEndpointPolicy" + "AWS::Lambda::CodeSigningConfig" ], "type": "string" }, @@ -164083,7 +168760,38 @@ ], "type": "object" }, - "AWS::MediaStore::Container": { + "AWS::Lambda::CodeSigningConfig.AllowedPublishers": { + "additionalProperties": false, + "properties": { + "SigningProfileVersionArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Name (ARN) for each of the signing profiles. A signing profile defines a trusted user who can sign a code package.", + "title": "SigningProfileVersionArns", + "type": "array" + } + }, + "required": [ + "SigningProfileVersionArns" + ], + "type": "object" + }, + "AWS::Lambda::CodeSigningConfig.CodeSigningPolicies": { + "additionalProperties": false, + "properties": { + "UntrustedArtifactOnDeployment": { + "markdownDescription": "Code signing configuration policy for deployment validation failure. If you set the policy to `Enforce` , Lambda blocks the deployment request if signature validation checks fail. If you set the policy to `Warn` , Lambda allows the deployment and creates a CloudWatch log.\n\nDefault value: `Warn`", + "title": "UntrustedArtifactOnDeployment", + "type": "string" + } + }, + "required": [ + "UntrustedArtifactOnDeployment" + ], + "type": "object" + }, + "AWS::Lambda::EventInvokeConfig": { "additionalProperties": false, "properties": { "Condition": { @@ -164118,56 +168826,41 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessLoggingEnabled": { - "markdownDescription": "The state of access logging on the container. This value is `false` by default, indicating that AWS Elemental MediaStore does not send access logs to Amazon CloudWatch Logs. When you enable access logging on the container, MediaStore changes this value to `true` , indicating that the service delivers access logs for objects stored in that container to CloudWatch Logs.", - "title": "AccessLoggingEnabled", - "type": "boolean" + "DestinationConfig": { + "$ref": "#/definitions/AWS::Lambda::EventInvokeConfig.DestinationConfig", + "markdownDescription": "A destination for events after they have been sent to a function for processing.\n\n**Destinations** - *Function* - The Amazon Resource Name (ARN) of a Lambda function.\n- *Queue* - The ARN of a standard SQS queue.\n- *Bucket* - The ARN of an Amazon S3 bucket.\n- *Topic* - The ARN of a standard SNS topic.\n- *Event Bus* - The ARN of an Amazon EventBridge event bus.\n\n> S3 buckets are supported only for on-failure destinations. To retain records of successful invocations, use another destination type.", + "title": "DestinationConfig" }, - "ContainerName": { - "markdownDescription": "The name for the container. The name must be from 1 to 255 characters. Container names must be unique to your AWS account within a specific region. As an example, you could create a container named `movies` in every region, as long as you don\u2019t have an existing container with that name.", - "title": "ContainerName", + "FunctionName": { + "markdownDescription": "The name of the Lambda function.\n\n*Minimum* : `1`\n\n*Maximum* : `64`\n\n*Pattern* : `([a-zA-Z0-9-_]+)`", + "title": "FunctionName", "type": "string" }, - "CorsPolicy": { - "items": { - "$ref": "#/definitions/AWS::MediaStore::Container.CorsRule" - }, - "markdownDescription": "> End of support notice: On November 13, 2025, AWS will discontinue support for AWS Elemental MediaStore. After November 13, 2025, you will no longer be able to access the AWS Elemental MediaStore console or AWS Elemental MediaStore resources. For more information, visit this [blog post](https://docs.aws.amazon.com/media/support-for-aws-elemental-mediastore-ending-soon/) . \n\nSets the cross-origin resource sharing (CORS) configuration on a container so that the container can service cross-origin requests. For example, you might want to enable a request whose origin is http://www.example.com to access your AWS Elemental MediaStore container at my.example.container.com by using the browser's XMLHttpRequest capability.\n\nTo enable CORS on a container, you attach a CORS policy to the container. In the CORS policy, you configure rules that identify origins and the HTTP methods that can be executed on your container. The policy can contain up to 398,000 characters. You can add up to 100 rules to a CORS policy. If more than one rule applies, the service uses the first applicable rule listed.\n\nTo learn more about CORS, see [Cross-Origin Resource Sharing (CORS) in AWS Elemental MediaStore](https://docs.aws.amazon.com/mediastore/latest/ug/cors-policy.html) .", - "title": "CorsPolicy", - "type": "array" - }, - "LifecyclePolicy": { - "markdownDescription": "> End of support notice: On November 13, 2025, AWS will discontinue support for AWS Elemental MediaStore. After November 13, 2025, you will no longer be able to access the AWS Elemental MediaStore console or AWS Elemental MediaStore resources. For more information, visit this [blog post](https://docs.aws.amazon.com/media/support-for-aws-elemental-mediastore-ending-soon/) . \n\nWrites an object lifecycle policy to a container. If the container already has an object lifecycle policy, the service replaces the existing policy with the new policy. It takes up to 20 minutes for the change to take effect.\n\nFor information about how to construct an object lifecycle policy, see [Components of an Object Lifecycle Policy](https://docs.aws.amazon.com/mediastore/latest/ug/policies-object-lifecycle-components.html) .", - "title": "LifecyclePolicy", - "type": "string" + "MaximumEventAgeInSeconds": { + "markdownDescription": "The maximum age of a request that Lambda sends to a function for processing.", + "title": "MaximumEventAgeInSeconds", + "type": "number" }, - "MetricPolicy": { - "$ref": "#/definitions/AWS::MediaStore::Container.MetricPolicy", - "markdownDescription": "The metric policy that is associated with the container. A metric policy allows AWS Elemental MediaStore to send metrics to Amazon CloudWatch. In the policy, you must indicate whether you want MediaStore to send container-level metrics. You can also include rules to define groups of objects that you want MediaStore to send object-level metrics for.\n\nTo view examples of how to construct a metric policy for your use case, see [Example Metric Policies](https://docs.aws.amazon.com/mediastore/latest/ug/policies-metric-examples.html) .", - "title": "MetricPolicy" + "MaximumRetryAttempts": { + "markdownDescription": "The maximum number of times to retry when the function returns an error.", + "title": "MaximumRetryAttempts", + "type": "number" }, - "Policy": { - "markdownDescription": "Creates an access policy for the specified container to restrict the users and clients that can access it. For information about the data that is included in an access policy, see the [AWS Identity and Access Management User Guide](https://docs.aws.amazon.com/iam/) .\n\nFor this release of the REST API, you can create only one policy for a container. If you enter `PutContainerPolicy` twice, the second command modifies the existing policy.", - "title": "Policy", + "Qualifier": { + "markdownDescription": "The identifier of a version or alias.\n\n- *Version* - A version number.\n- *Alias* - An alias name.\n- *Latest* - To specify the unpublished version, use `$LATEST` .", + "title": "Qualifier", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "", - "title": "Tags", - "type": "array" } }, "required": [ - "ContainerName" + "FunctionName", + "Qualifier" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaStore::Container" + "AWS::Lambda::EventInvokeConfig" ], "type": "string" }, @@ -164186,92 +168879,51 @@ ], "type": "object" }, - "AWS::MediaStore::Container.CorsRule": { + "AWS::Lambda::EventInvokeConfig.DestinationConfig": { "additionalProperties": false, "properties": { - "AllowedHeaders": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies which headers are allowed in a preflight `OPTIONS` request through the `Access-Control-Request-Headers` header. Each header name that is specified in `Access-Control-Request-Headers` must have a corresponding entry in the rule. Only the headers that were requested are sent back.\n\nThis element can contain only one wildcard character (*).", - "title": "AllowedHeaders", - "type": "array" - }, - "AllowedMethods": { - "items": { - "type": "string" - }, - "markdownDescription": "Identifies an HTTP method that the origin that is specified in the rule is allowed to execute.\n\nEach CORS rule must contain at least one `AllowedMethods` and one `AllowedOrigins` element.", - "title": "AllowedMethods", - "type": "array" - }, - "AllowedOrigins": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more response headers that you want users to be able to access from their applications (for example, from a JavaScript `XMLHttpRequest` object).\n\nEach CORS rule must have at least one `AllowedOrigins` element. The string value can include only one wildcard character (*), for example, http://*.example.com. Additionally, you can specify only one wildcard character to allow cross-origin access for all origins.", - "title": "AllowedOrigins", - "type": "array" - }, - "ExposeHeaders": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more headers in the response that you want users to be able to access from their applications (for example, from a JavaScript `XMLHttpRequest` object).\n\nThis element is optional for each rule.", - "title": "ExposeHeaders", - "type": "array" + "OnFailure": { + "$ref": "#/definitions/AWS::Lambda::EventInvokeConfig.OnFailure", + "markdownDescription": "The destination configuration for failed invocations.\n\n> When using an Amazon SQS queue as a destination, FIFO queues cannot be used.", + "title": "OnFailure" }, - "MaxAgeSeconds": { - "markdownDescription": "The time in seconds that your browser caches the preflight response for the specified resource.\n\nA CORS rule can have only one `MaxAgeSeconds` element.", - "title": "MaxAgeSeconds", - "type": "number" + "OnSuccess": { + "$ref": "#/definitions/AWS::Lambda::EventInvokeConfig.OnSuccess", + "markdownDescription": "The destination configuration for successful invocations.\n\n> When using an Amazon SQS queue as a destination, FIFO queues cannot be used.", + "title": "OnSuccess" } }, "type": "object" }, - "AWS::MediaStore::Container.MetricPolicy": { + "AWS::Lambda::EventInvokeConfig.OnFailure": { "additionalProperties": false, "properties": { - "ContainerLevelMetrics": { - "markdownDescription": "A setting to enable or disable metrics at the container level.", - "title": "ContainerLevelMetrics", + "Destination": { + "markdownDescription": "The Amazon Resource Name (ARN) of the destination resource.\n\nTo retain records of unsuccessful [asynchronous invocations](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-async-destinations) , you can configure an Amazon SNS topic, Amazon SQS queue, Amazon S3 bucket, Lambda function, or Amazon EventBridge event bus as the destination.\n\nTo retain records of failed invocations from [Kinesis](https://docs.aws.amazon.com/lambda/latest/dg/with-kinesis.html) , [DynamoDB](https://docs.aws.amazon.com/lambda/latest/dg/with-ddb.html) , [self-managed Kafka](https://docs.aws.amazon.com/lambda/latest/dg/with-kafka.html#services-smaa-onfailure-destination) or [Amazon MSK](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#services-msk-onfailure-destination) , you can configure an Amazon SNS topic, Amazon SQS queue, or Amazon S3 bucket as the destination.", + "title": "Destination", "type": "string" - }, - "MetricPolicyRules": { - "items": { - "$ref": "#/definitions/AWS::MediaStore::Container.MetricPolicyRule" - }, - "markdownDescription": "A parameter that holds an array of rules that enable metrics at the object level. This parameter is optional, but if you choose to include it, you must also include at least one rule. By default, you can include up to five rules. You can also [request a quota increase](https://docs.aws.amazon.com/servicequotas/home?region=us-east-1#!/services/mediastore/quotas) to allow up to 300 rules per policy.", - "title": "MetricPolicyRules", - "type": "array" } }, "required": [ - "ContainerLevelMetrics" + "Destination" ], "type": "object" }, - "AWS::MediaStore::Container.MetricPolicyRule": { + "AWS::Lambda::EventInvokeConfig.OnSuccess": { "additionalProperties": false, "properties": { - "ObjectGroup": { - "markdownDescription": "A path or file name that defines which objects to include in the group. Wildcards (*) are acceptable.", - "title": "ObjectGroup", - "type": "string" - }, - "ObjectGroupName": { - "markdownDescription": "A name that allows you to refer to the object group.", - "title": "ObjectGroupName", + "Destination": { + "markdownDescription": "The Amazon Resource Name (ARN) of the destination resource.", + "title": "Destination", "type": "string" } }, "required": [ - "ObjectGroup", - "ObjectGroupName" + "Destination" ], "type": "object" }, - "AWS::MediaTailor::Channel": { + "AWS::Lambda::EventSourceMapping": { "additionalProperties": false, "properties": { "Condition": { @@ -164306,71 +168958,165 @@ "Properties": { "additionalProperties": false, "properties": { - "Audiences": { + "AmazonManagedKafkaEventSourceConfig": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.AmazonManagedKafkaEventSourceConfig", + "markdownDescription": "Specific configuration settings for an Amazon Managed Streaming for Apache Kafka (Amazon MSK) event source.", + "title": "AmazonManagedKafkaEventSourceConfig" + }, + "BatchSize": { + "markdownDescription": "The maximum number of records in each batch that Lambda pulls from your stream or queue and sends to your function. Lambda passes all of the records in the batch to the function in a single call, up to the payload limit for synchronous invocation (6 MB).\n\n- *Amazon Kinesis* \u2013 Default 100. Max 10,000.\n- *Amazon DynamoDB Streams* \u2013 Default 100. Max 10,000.\n- *Amazon Simple Queue Service* \u2013 Default 10. For standard queues the max is 10,000. For FIFO queues the max is 10.\n- *Amazon Managed Streaming for Apache Kafka* \u2013 Default 100. Max 10,000.\n- *Self-managed Apache Kafka* \u2013 Default 100. Max 10,000.\n- *Amazon MQ (ActiveMQ and RabbitMQ)* \u2013 Default 100. Max 10,000.\n- *DocumentDB* \u2013 Default 100. Max 10,000.", + "title": "BatchSize", + "type": "number" + }, + "BisectBatchOnFunctionError": { + "markdownDescription": "(Kinesis and DynamoDB Streams only) If the function returns an error, split the batch in two and retry. The default value is false.\n\n> When using `BisectBatchOnFunctionError` , check the `BatchSize` parameter in the `OnFailure` destination message's metadata. The `BatchSize` could be greater than 1 since Lambda consolidates failed messages metadata when writing to the `OnFailure` destination.", + "title": "BisectBatchOnFunctionError", + "type": "boolean" + }, + "DestinationConfig": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.DestinationConfig", + "markdownDescription": "(Kinesis, DynamoDB Streams, Amazon MSK, and self-managed Apache Kafka event sources only) A configuration object that specifies the destination of an event after Lambda processes it.", + "title": "DestinationConfig" + }, + "DocumentDBEventSourceConfig": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.DocumentDBEventSourceConfig", + "markdownDescription": "Specific configuration settings for a DocumentDB event source.", + "title": "DocumentDBEventSourceConfig" + }, + "Enabled": { + "markdownDescription": "When true, the event source mapping is active. When false, Lambda pauses polling and invocation.\n\nDefault: True", + "title": "Enabled", + "type": "boolean" + }, + "EventSourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the event source.\n\n- *Amazon Kinesis* \u2013 The ARN of the data stream or a stream consumer.\n- *Amazon DynamoDB Streams* \u2013 The ARN of the stream.\n- *Amazon Simple Queue Service* \u2013 The ARN of the queue.\n- *Amazon Managed Streaming for Apache Kafka* \u2013 The ARN of the cluster or the ARN of the VPC connection (for [cross-account event source mappings](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#msk-multi-vpc) ).\n- *Amazon MQ* \u2013 The ARN of the broker.\n- *Amazon DocumentDB* \u2013 The ARN of the DocumentDB change stream.", + "title": "EventSourceArn", + "type": "string" + }, + "FilterCriteria": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.FilterCriteria", + "markdownDescription": "An object that defines the filter criteria that determine whether Lambda should process an event. For more information, see [Lambda event filtering](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html) .", + "title": "FilterCriteria" + }, + "FunctionName": { + "markdownDescription": "The name or ARN of the Lambda function.\n\n**Name formats** - *Function name* \u2013 `MyFunction` .\n- *Function ARN* \u2013 `arn:aws:lambda:us-west-2:123456789012:function:MyFunction` .\n- *Version or Alias ARN* \u2013 `arn:aws:lambda:us-west-2:123456789012:function:MyFunction:PROD` .\n- *Partial ARN* \u2013 `123456789012:function:MyFunction` .\n\nThe length constraint applies only to the full ARN. If you specify only the function name, it's limited to 64 characters in length.", + "title": "FunctionName", + "type": "string" + }, + "FunctionResponseTypes": { "items": { "type": "string" }, - "markdownDescription": "The list of audiences defined in channel.", - "title": "Audiences", + "markdownDescription": "(Kinesis, DynamoDB Streams, and SQS) A list of current response type enums applied to the event source mapping.\n\nValid Values: `ReportBatchItemFailures`", + "title": "FunctionResponseTypes", "type": "array" }, - "ChannelName": { - "markdownDescription": "The name of the channel.", - "title": "ChannelName", + "KmsKeyArn": { + "markdownDescription": "The ARN of the AWS Key Management Service ( AWS KMS ) customer managed key that Lambda uses to encrypt your function's [filter criteria](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html#filtering-basics) .", + "title": "KmsKeyArn", "type": "string" }, - "FillerSlate": { - "$ref": "#/definitions/AWS::MediaTailor::Channel.SlateSource", - "markdownDescription": "The slate used to fill gaps between programs in the schedule. You must configure filler slate if your channel uses the `LINEAR` `PlaybackMode` . MediaTailor doesn't support filler slate for channels using the `LOOP` `PlaybackMode` .", - "title": "FillerSlate" + "MaximumBatchingWindowInSeconds": { + "markdownDescription": "The maximum amount of time, in seconds, that Lambda spends gathering records before invoking the function.\n\n*Default ( Kinesis , DynamoDB , Amazon SQS event sources)* : 0\n\n*Default ( Amazon MSK , Kafka, Amazon MQ , Amazon DocumentDB event sources)* : 500 ms\n\n*Related setting:* For Amazon SQS event sources, when you set `BatchSize` to a value greater than 10, you must set `MaximumBatchingWindowInSeconds` to at least 1.", + "title": "MaximumBatchingWindowInSeconds", + "type": "number" }, - "LogConfiguration": { - "$ref": "#/definitions/AWS::MediaTailor::Channel.LogConfigurationForChannel", - "markdownDescription": "The log configuration.", - "title": "LogConfiguration" + "MaximumRecordAgeInSeconds": { + "markdownDescription": "(Kinesis and DynamoDB Streams only) Discard records older than the specified age. The default value is -1,\nwhich sets the maximum age to infinite. When the value is set to infinite, Lambda never discards old records.\n\n> The minimum valid value for maximum record age is 60s. Although values less than 60 and greater than -1 fall within the parameter's absolute range, they are not allowed", + "title": "MaximumRecordAgeInSeconds", + "type": "number" }, - "Outputs": { + "MaximumRetryAttempts": { + "markdownDescription": "(Kinesis and DynamoDB Streams only) Discard records after the specified number of retries. The default value is -1,\nwhich sets the maximum number of retries to infinite. When MaximumRetryAttempts is infinite, Lambda retries failed records until the record expires in the event source.", + "title": "MaximumRetryAttempts", + "type": "number" + }, + "MetricsConfig": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.MetricsConfig", + "markdownDescription": "The metrics configuration for your event source. For more information, see [Event source mapping metrics](https://docs.aws.amazon.com/lambda/latest/dg/monitoring-metrics-types.html#event-source-mapping-metrics) .", + "title": "MetricsConfig" + }, + "ParallelizationFactor": { + "markdownDescription": "(Kinesis and DynamoDB Streams only) The number of batches to process concurrently from each shard. The default value is 1.", + "title": "ParallelizationFactor", + "type": "number" + }, + "ProvisionedPollerConfig": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.ProvisionedPollerConfig", + "markdownDescription": "(Amazon MSK and self-managed Apache Kafka only) The provisioned mode configuration for the event source. For more information, see [provisioned mode](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventsourcemapping.html#invocation-eventsourcemapping-provisioned-mode) .", + "title": "ProvisionedPollerConfig" + }, + "Queues": { "items": { - "$ref": "#/definitions/AWS::MediaTailor::Channel.RequestOutputItem" + "type": "string" }, - "markdownDescription": "The channel's output properties.", - "title": "Outputs", + "markdownDescription": "(Amazon MQ) The name of the Amazon MQ broker destination queue to consume.", + "title": "Queues", "type": "array" }, - "PlaybackMode": { - "markdownDescription": "The type of playback mode for this channel.\n\n`LINEAR` - Programs play back-to-back only once.\n\n`LOOP` - Programs play back-to-back in an endless loop. When the last program in the schedule plays, playback loops back to the first program in the schedule.", - "title": "PlaybackMode", + "ScalingConfig": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.ScalingConfig", + "markdownDescription": "(Amazon SQS only) The scaling configuration for the event source. For more information, see [Configuring maximum concurrency for Amazon SQS event sources](https://docs.aws.amazon.com/lambda/latest/dg/with-sqs.html#events-sqs-max-concurrency) .", + "title": "ScalingConfig" + }, + "SelfManagedEventSource": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.SelfManagedEventSource", + "markdownDescription": "The self-managed Apache Kafka cluster for your event source.", + "title": "SelfManagedEventSource" + }, + "SelfManagedKafkaEventSourceConfig": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.SelfManagedKafkaEventSourceConfig", + "markdownDescription": "Specific configuration settings for a self-managed Apache Kafka event source.", + "title": "SelfManagedKafkaEventSourceConfig" + }, + "SourceAccessConfigurations": { + "items": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.SourceAccessConfiguration" + }, + "markdownDescription": "An array of the authentication protocol, VPC components, or virtual host to secure and define your event source.", + "title": "SourceAccessConfigurations", + "type": "array" + }, + "StartingPosition": { + "markdownDescription": "The position in a stream from which to start reading. Required for Amazon Kinesis and Amazon DynamoDB.\n\n- *LATEST* - Read only new records.\n- *TRIM_HORIZON* - Process all available records.\n- *AT_TIMESTAMP* - Specify a time from which to start reading records.", + "title": "StartingPosition", "type": "string" }, + "StartingPositionTimestamp": { + "markdownDescription": "With `StartingPosition` set to `AT_TIMESTAMP` , the time from which to start reading, in Unix time seconds. `StartingPositionTimestamp` cannot be in the future.", + "title": "StartingPositionTimestamp", + "type": "number" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to assign to the channel. Tags are key-value pairs that you can associate with Amazon resources to help with organization, access control, and cost tracking. For more information, see [Tagging AWS Elemental MediaTailor Resources](https://docs.aws.amazon.com/mediatailor/latest/ug/tagging.html) .", + "markdownDescription": "A list of tags to add to the event source mapping.\n\n> You must have the `lambda:TagResource` , `lambda:UntagResource` , and `lambda:ListTags` permissions for your [IAM principal](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html) to manage the AWS CloudFormation stack. If you don't have these permissions, there might be unexpected behavior with stack-level tags propagating to the resource during resource creation and update.", "title": "Tags", "type": "array" }, - "Tier": { - "markdownDescription": "The tier for this channel. STANDARD tier channels can contain live programs.", - "title": "Tier", - "type": "string" + "Topics": { + "items": { + "type": "string" + }, + "markdownDescription": "The name of the Kafka topic.", + "title": "Topics", + "type": "array" }, - "TimeShiftConfiguration": { - "$ref": "#/definitions/AWS::MediaTailor::Channel.TimeShiftConfiguration", - "markdownDescription": "The configuration for time-shifted viewing.", - "title": "TimeShiftConfiguration" + "TumblingWindowInSeconds": { + "markdownDescription": "(Kinesis and DynamoDB Streams only) The duration in seconds of a processing window for DynamoDB and Kinesis Streams event sources. A value of 0 seconds indicates no tumbling window.", + "title": "TumblingWindowInSeconds", + "type": "number" } }, "required": [ - "ChannelName", - "Outputs", - "PlaybackMode" + "FunctionName" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaTailor::Channel" + "AWS::Lambda::EventSourceMapping" ], "type": "string" }, @@ -164389,315 +169135,248 @@ ], "type": "object" }, - "AWS::MediaTailor::Channel.DashPlaylistSettings": { + "AWS::Lambda::EventSourceMapping.AmazonManagedKafkaEventSourceConfig": { "additionalProperties": false, "properties": { - "ManifestWindowSeconds": { - "markdownDescription": "The total duration (in seconds) of each manifest. Minimum value: `30` seconds. Maximum value: `3600` seconds.", - "title": "ManifestWindowSeconds", - "type": "number" + "ConsumerGroupId": { + "markdownDescription": "The identifier for the Kafka consumer group to join. The consumer group ID must be unique among all your Kafka event sources. After creating a Kafka event source mapping with the consumer group ID specified, you cannot update this value. For more information, see [Customizable consumer group ID](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#services-msk-consumer-group-id) .", + "title": "ConsumerGroupId", + "type": "string" }, - "MinBufferTimeSeconds": { - "markdownDescription": "Minimum amount of content (measured in seconds) that a player must keep available in the buffer. Minimum value: `2` seconds. Maximum value: `60` seconds.", - "title": "MinBufferTimeSeconds", - "type": "number" + "SchemaRegistryConfig": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.SchemaRegistryConfig", + "markdownDescription": "Specific configuration settings for a Kafka schema registry.", + "title": "SchemaRegistryConfig" + } + }, + "type": "object" + }, + "AWS::Lambda::EventSourceMapping.DestinationConfig": { + "additionalProperties": false, + "properties": { + "OnFailure": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.OnFailure", + "markdownDescription": "The destination configuration for failed invocations.", + "title": "OnFailure" + } + }, + "type": "object" + }, + "AWS::Lambda::EventSourceMapping.DocumentDBEventSourceConfig": { + "additionalProperties": false, + "properties": { + "CollectionName": { + "markdownDescription": "The name of the collection to consume within the database. If you do not specify a collection, Lambda consumes all collections.", + "title": "CollectionName", + "type": "string" }, - "MinUpdatePeriodSeconds": { - "markdownDescription": "Minimum amount of time (in seconds) that the player should wait before requesting updates to the manifest. Minimum value: `2` seconds. Maximum value: `60` seconds.", - "title": "MinUpdatePeriodSeconds", - "type": "number" + "DatabaseName": { + "markdownDescription": "The name of the database to consume within the DocumentDB cluster.", + "title": "DatabaseName", + "type": "string" }, - "SuggestedPresentationDelaySeconds": { - "markdownDescription": "Amount of time (in seconds) that the player should be from the live point at the end of the manifest. Minimum value: `2` seconds. Maximum value: `60` seconds.", - "title": "SuggestedPresentationDelaySeconds", - "type": "number" + "FullDocument": { + "markdownDescription": "Determines what DocumentDB sends to your event stream during document update operations. If set to UpdateLookup, DocumentDB sends a delta describing the changes, along with a copy of the entire document. Otherwise, DocumentDB sends only a partial document that contains the changes.", + "title": "FullDocument", + "type": "string" } }, "type": "object" }, - "AWS::MediaTailor::Channel.HlsPlaylistSettings": { + "AWS::Lambda::EventSourceMapping.Endpoints": { "additionalProperties": false, "properties": { - "AdMarkupType": { + "KafkaBootstrapServers": { "items": { "type": "string" }, - "markdownDescription": "Determines the type of SCTE 35 tags to use in ad markup. Specify `DATERANGE` to use `DATERANGE` tags (for live or VOD content). Specify `SCTE35_ENHANCED` to use `EXT-X-CUE-OUT` and `EXT-X-CUE-IN` tags (for VOD content only).", - "title": "AdMarkupType", + "markdownDescription": "The list of bootstrap servers for your Kafka brokers in the following format: `\"KafkaBootstrapServers\": [\"abc.xyz.com:xxxx\",\"abc2.xyz.com:xxxx\"]` .", + "title": "KafkaBootstrapServers", "type": "array" - }, - "ManifestWindowSeconds": { - "markdownDescription": "The total duration (in seconds) of each manifest. Minimum value: `30` seconds. Maximum value: `3600` seconds.", - "title": "ManifestWindowSeconds", - "type": "number" } }, "type": "object" }, - "AWS::MediaTailor::Channel.LogConfigurationForChannel": { + "AWS::Lambda::EventSourceMapping.Filter": { "additionalProperties": false, "properties": { - "LogTypes": { + "Pattern": { + "markdownDescription": "A filter pattern. For more information on the syntax of a filter pattern, see [Filter rule syntax](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html#filtering-syntax) .", + "title": "Pattern", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Lambda::EventSourceMapping.FilterCriteria": { + "additionalProperties": false, + "properties": { + "Filters": { + "items": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.Filter" + }, + "markdownDescription": "A list of filters.", + "title": "Filters", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Lambda::EventSourceMapping.MetricsConfig": { + "additionalProperties": false, + "properties": { + "Metrics": { "items": { "type": "string" }, - "markdownDescription": "The log types.", - "title": "LogTypes", + "markdownDescription": "The metrics you want your event source mapping to produce. Include `EventCount` to receive event source mapping metrics related to the number of events processed by your event source mapping. For more information about these metrics, see [Event source mapping metrics](https://docs.aws.amazon.com/lambda/latest/dg/monitoring-metrics-types.html#event-source-mapping-metrics) .", + "title": "Metrics", "type": "array" } }, "type": "object" }, - "AWS::MediaTailor::Channel.RequestOutputItem": { + "AWS::Lambda::EventSourceMapping.OnFailure": { "additionalProperties": false, "properties": { - "DashPlaylistSettings": { - "$ref": "#/definitions/AWS::MediaTailor::Channel.DashPlaylistSettings", - "markdownDescription": "DASH manifest configuration parameters.", - "title": "DashPlaylistSettings" - }, - "HlsPlaylistSettings": { - "$ref": "#/definitions/AWS::MediaTailor::Channel.HlsPlaylistSettings", - "markdownDescription": "HLS playlist configuration parameters.", - "title": "HlsPlaylistSettings" - }, - "ManifestName": { - "markdownDescription": "The name of the manifest for the channel. The name appears in the `PlaybackUrl` .", - "title": "ManifestName", - "type": "string" - }, - "SourceGroup": { - "markdownDescription": "A string used to match which `HttpPackageConfiguration` is used for each `VodSource` .", - "title": "SourceGroup", + "Destination": { + "markdownDescription": "The Amazon Resource Name (ARN) of the destination resource.\n\nTo retain records of unsuccessful [asynchronous invocations](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-async-destinations) , you can configure an Amazon SNS topic, Amazon SQS queue, Amazon S3 bucket, Lambda function, or Amazon EventBridge event bus as the destination.\n\nTo retain records of failed invocations from [Kinesis](https://docs.aws.amazon.com/lambda/latest/dg/with-kinesis.html) , [DynamoDB](https://docs.aws.amazon.com/lambda/latest/dg/with-ddb.html) , [self-managed Kafka](https://docs.aws.amazon.com/lambda/latest/dg/with-kafka.html#services-smaa-onfailure-destination) or [Amazon MSK](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#services-msk-onfailure-destination) , you can configure an Amazon SNS topic, Amazon SQS queue, or Amazon S3 bucket as the destination.", + "title": "Destination", "type": "string" } }, - "required": [ - "ManifestName", - "SourceGroup" - ], "type": "object" }, - "AWS::MediaTailor::Channel.SlateSource": { + "AWS::Lambda::EventSourceMapping.ProvisionedPollerConfig": { "additionalProperties": false, "properties": { - "SourceLocationName": { - "markdownDescription": "The name of the source location where the slate VOD source is stored.", - "title": "SourceLocationName", - "type": "string" + "MaximumPollers": { + "markdownDescription": "The maximum number of event pollers this event source can scale up to.", + "title": "MaximumPollers", + "type": "number" }, - "VodSourceName": { - "markdownDescription": "The slate VOD source name. The VOD source must already exist in a source location before it can be used for slate.", - "title": "VodSourceName", - "type": "string" + "MinimumPollers": { + "markdownDescription": "The minimum number of event pollers this event source can scale down to.", + "title": "MinimumPollers", + "type": "number" } }, "type": "object" }, - "AWS::MediaTailor::Channel.TimeShiftConfiguration": { + "AWS::Lambda::EventSourceMapping.ScalingConfig": { "additionalProperties": false, "properties": { - "MaxTimeDelaySeconds": { - "markdownDescription": "The maximum time delay for time-shifted viewing. The minimum allowed maximum time delay is 0 seconds, and the maximum allowed maximum time delay is 21600 seconds (6 hours).", - "title": "MaxTimeDelaySeconds", + "MaximumConcurrency": { + "markdownDescription": "Limits the number of concurrent instances that the Amazon SQS event source can invoke.", + "title": "MaximumConcurrency", "type": "number" } }, - "required": [ - "MaxTimeDelaySeconds" - ], "type": "object" }, - "AWS::MediaTailor::ChannelPolicy": { + "AWS::Lambda::EventSourceMapping.SchemaRegistryAccessConfig": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ChannelName": { - "markdownDescription": "The name of the channel associated with this Channel Policy.", - "title": "ChannelName", - "type": "string" - }, - "Policy": { - "markdownDescription": "The IAM policy for the channel. IAM policies are used to control access to your channel.", - "title": "Policy", - "type": "object" - } - }, - "required": [ - "ChannelName", - "Policy" - ], - "type": "object" - }, "Type": { - "enum": [ - "AWS::MediaTailor::ChannelPolicy" - ], + "markdownDescription": "The type of authentication Lambda uses to access your schema registry.", + "title": "Type", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "URI": { + "markdownDescription": "The URI of the secret (Secrets Manager secret ARN) to authenticate with your schema registry.", + "title": "URI", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::MediaTailor::LiveSource": { + "AWS::Lambda::EventSourceMapping.SchemaRegistryConfig": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "HttpPackageConfigurations": { - "items": { - "$ref": "#/definitions/AWS::MediaTailor::LiveSource.HttpPackageConfiguration" - }, - "markdownDescription": "The HTTP package configurations for the live source.", - "title": "HttpPackageConfigurations", - "type": "array" - }, - "LiveSourceName": { - "markdownDescription": "The name that's used to refer to a live source.", - "title": "LiveSourceName", - "type": "string" - }, - "SourceLocationName": { - "markdownDescription": "The name of the source location.", - "title": "SourceLocationName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags assigned to the live source. Tags are key-value pairs that you can associate with Amazon resources to help with organization, access control, and cost tracking. For more information, see [Tagging AWS Elemental MediaTailor Resources](https://docs.aws.amazon.com/mediatailor/latest/ug/tagging.html) .", - "title": "Tags", - "type": "array" - } + "AccessConfigs": { + "items": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.SchemaRegistryAccessConfig" }, - "required": [ - "HttpPackageConfigurations", - "LiveSourceName", - "SourceLocationName" - ], - "type": "object" + "markdownDescription": "An array of access configuration objects that tell Lambda how to authenticate with your schema registry.", + "title": "AccessConfigs", + "type": "array" }, - "Type": { - "enum": [ - "AWS::MediaTailor::LiveSource" - ], + "EventRecordFormat": { + "markdownDescription": "The record format that Lambda delivers to your function after schema validation.\n\n- Choose `JSON` to have Lambda deliver the record to your function as a standard JSON object.\n- Choose `SOURCE` to have Lambda deliver the record to your function in its original source format. Lambda removes all schema metadata, such as the schema ID, before sending the record to your function.", + "title": "EventRecordFormat", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SchemaRegistryURI": { + "markdownDescription": "The URI for your schema registry. The correct URI format depends on the type of schema registry you're using.\n\n- For AWS Glue schema registries, use the ARN of the registry.\n- For Confluent schema registries, use the URL of the registry.", + "title": "SchemaRegistryURI", "type": "string" + }, + "SchemaValidationConfigs": { + "items": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.SchemaValidationConfig" + }, + "markdownDescription": "An array of schema validation configuration objects, which tell Lambda the message attributes you want to validate and filter using your schema registry.", + "title": "SchemaValidationConfigs", + "type": "array" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::MediaTailor::LiveSource.HttpPackageConfiguration": { + "AWS::Lambda::EventSourceMapping.SchemaValidationConfig": { "additionalProperties": false, "properties": { - "Path": { - "markdownDescription": "The relative path to the URL for this VOD source. This is combined with `SourceLocation::HttpConfiguration::BaseUrl` to form a valid URL.", - "title": "Path", + "Attribute": { + "markdownDescription": "The attributes you want your schema registry to validate and filter for. If you selected `JSON` as the `EventRecordFormat` , Lambda also deserializes the selected message attributes.", + "title": "Attribute", "type": "string" - }, - "SourceGroup": { - "markdownDescription": "The name of the source group. This has to match one of the `Channel::Outputs::SourceGroup` .", - "title": "SourceGroup", + } + }, + "type": "object" + }, + "AWS::Lambda::EventSourceMapping.SelfManagedEventSource": { + "additionalProperties": false, + "properties": { + "Endpoints": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.Endpoints", + "markdownDescription": "The list of bootstrap servers for your Kafka brokers in the following format: `\"KafkaBootstrapServers\": [\"abc.xyz.com:xxxx\",\"abc2.xyz.com:xxxx\"]` .", + "title": "Endpoints" + } + }, + "type": "object" + }, + "AWS::Lambda::EventSourceMapping.SelfManagedKafkaEventSourceConfig": { + "additionalProperties": false, + "properties": { + "ConsumerGroupId": { + "markdownDescription": "The identifier for the Kafka consumer group to join. The consumer group ID must be unique among all your Kafka event sources. After creating a Kafka event source mapping with the consumer group ID specified, you cannot update this value. For more information, see [Customizable consumer group ID](https://docs.aws.amazon.com/lambda/latest/dg/with-kafka-process.html#services-smaa-topic-add) .", + "title": "ConsumerGroupId", "type": "string" }, + "SchemaRegistryConfig": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.SchemaRegistryConfig", + "markdownDescription": "Specific configuration settings for a Kafka schema registry.", + "title": "SchemaRegistryConfig" + } + }, + "type": "object" + }, + "AWS::Lambda::EventSourceMapping.SourceAccessConfiguration": { + "additionalProperties": false, + "properties": { "Type": { - "markdownDescription": "The streaming protocol for this package configuration. Supported values are `HLS` and `DASH` .", + "markdownDescription": "The type of authentication protocol, VPC components, or virtual host for your event source. For example: `\"Type\":\"SASL_SCRAM_512_AUTH\"` .\n\n- `BASIC_AUTH` \u2013 (Amazon MQ) The AWS Secrets Manager secret that stores your broker credentials.\n- `BASIC_AUTH` \u2013 (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL/PLAIN authentication of your Apache Kafka brokers.\n- `VPC_SUBNET` \u2013 (Self-managed Apache Kafka) The subnets associated with your VPC. Lambda connects to these subnets to fetch data from your self-managed Apache Kafka cluster.\n- `VPC_SECURITY_GROUP` \u2013 (Self-managed Apache Kafka) The VPC security group used to manage access to your self-managed Apache Kafka brokers.\n- `SASL_SCRAM_256_AUTH` \u2013 (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-256 authentication of your self-managed Apache Kafka brokers.\n- `SASL_SCRAM_512_AUTH` \u2013 (Amazon MSK, Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-512 authentication of your self-managed Apache Kafka brokers.\n- `VIRTUAL_HOST` \u2013- (RabbitMQ) The name of the virtual host in your RabbitMQ broker. Lambda uses this RabbitMQ host as the event source. This property cannot be specified in an UpdateEventSourceMapping API call.\n- `CLIENT_CERTIFICATE_TLS_AUTH` \u2013 (Amazon MSK, self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the certificate chain (X.509 PEM), private key (PKCS#8 PEM), and private key password (optional) used for mutual TLS authentication of your MSK/Apache Kafka brokers.\n- `SERVER_ROOT_CA_CERTIFICATE` \u2013 (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the root CA certificate (X.509 PEM) used for TLS encryption of your Apache Kafka brokers.", "title": "Type", "type": "string" + }, + "URI": { + "markdownDescription": "The value for your chosen configuration in `Type` . For example: `\"URI\": \"arn:aws:secretsmanager:us-east-1:01234567890:secret:MyBrokerSecretName\"` .", + "title": "URI", + "type": "string" } }, - "required": [ - "Path", - "SourceGroup", - "Type" - ], "type": "object" }, - "AWS::MediaTailor::PlaybackConfiguration": { + "AWS::Lambda::Function": { "additionalProperties": false, "properties": { "Condition": { @@ -164732,101 +169411,158 @@ "Properties": { "additionalProperties": false, "properties": { - "AdDecisionServerUrl": { - "markdownDescription": "The URL for the ad decision server (ADS). This includes the specification of static parameters and placeholders for dynamic parameters. AWS Elemental MediaTailor substitutes player-specific and session-specific parameters as needed when calling the ADS. Alternately, for testing you can provide a static VAST URL. The maximum length is 25,000 characters.", - "title": "AdDecisionServerUrl", + "Architectures": { + "items": { + "type": "string" + }, + "markdownDescription": "The instruction set architecture that the function supports. Enter a string array with one of the valid values (arm64 or x86_64). The default value is `x86_64` .", + "title": "Architectures", + "type": "array" + }, + "Code": { + "$ref": "#/definitions/AWS::Lambda::Function.Code", + "markdownDescription": "The code for the function. You can define your function code in multiple ways:\n\n- For .zip deployment packages, you can specify the Amazon S3 location of the .zip file in the `S3Bucket` , `S3Key` , and `S3ObjectVersion` properties.\n- For .zip deployment packages, you can alternatively define the function code inline in the `ZipFile` property. This method works only for Node.js and Python functions.\n- For container images, specify the URI of your container image in the Amazon ECR registry in the `ImageUri` property.", + "title": "Code" + }, + "CodeSigningConfigArn": { + "markdownDescription": "To enable code signing for this function, specify the ARN of a code-signing configuration. A code-signing configuration\nincludes a set of signing profiles, which define the trusted publishers for this function.", + "title": "CodeSigningConfigArn", "type": "string" }, - "AvailSuppression": { - "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.AvailSuppression", - "markdownDescription": "The configuration for avail suppression, also known as ad suppression. For more information about ad suppression, see [Ad Suppression](https://docs.aws.amazon.com/mediatailor/latest/ug/ad-behavior.html) .", - "title": "AvailSuppression" + "DeadLetterConfig": { + "$ref": "#/definitions/AWS::Lambda::Function.DeadLetterConfig", + "markdownDescription": "A dead-letter queue configuration that specifies the queue or topic where Lambda sends asynchronous events when they fail processing. For more information, see [Dead-letter queues](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-dlq) .", + "title": "DeadLetterConfig" }, - "Bumper": { - "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.Bumper", - "markdownDescription": "The configuration for bumpers. Bumpers are short audio or video clips that play at the start or before the end of an ad break. To learn more about bumpers, see [Bumpers](https://docs.aws.amazon.com/mediatailor/latest/ug/bumpers.html) .", - "title": "Bumper" + "Description": { + "markdownDescription": "A description of the function.", + "title": "Description", + "type": "string" }, - "CdnConfiguration": { - "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.CdnConfiguration", - "markdownDescription": "The configuration for using a content delivery network (CDN), like Amazon CloudFront, for content and ad segment management.", - "title": "CdnConfiguration" + "Environment": { + "$ref": "#/definitions/AWS::Lambda::Function.Environment", + "markdownDescription": "Environment variables that are accessible from function code during execution.", + "title": "Environment" }, - "ConfigurationAliases": { - "additionalProperties": true, - "markdownDescription": "The player parameters and aliases used as dynamic variables during session initialization. For more information, see [Domain Variables](https://docs.aws.amazon.com/mediatailor/latest/ug/variables-domain.html) .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "object" - } + "EphemeralStorage": { + "$ref": "#/definitions/AWS::Lambda::Function.EphemeralStorage", + "markdownDescription": "The size of the function's `/tmp` directory in MB. The default value is 512, but it can be any whole number between 512 and 10,240 MB.", + "title": "EphemeralStorage" + }, + "FileSystemConfigs": { + "items": { + "$ref": "#/definitions/AWS::Lambda::Function.FileSystemConfig" }, - "title": "ConfigurationAliases", - "type": "object" + "markdownDescription": "Connection settings for an Amazon EFS file system. To connect a function to a file system, a mount target must be available in every Availability Zone that your function connects to. If your template contains an [AWS::EFS::MountTarget](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-efs-mounttarget.html) resource, you must also specify a `DependsOn` attribute to ensure that the mount target is created or updated before the function.\n\nFor more information about using the `DependsOn` attribute, see [DependsOn Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) .", + "title": "FileSystemConfigs", + "type": "array" }, - "DashConfiguration": { - "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.DashConfiguration", - "markdownDescription": "The configuration for a DASH source.", - "title": "DashConfiguration" + "FunctionName": { + "markdownDescription": "The name of the Lambda function, up to 64 characters in length. If you don't specify a name, AWS CloudFormation generates one.\n\nIf you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "FunctionName", + "type": "string" }, - "HlsConfiguration": { - "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.HlsConfiguration", - "markdownDescription": "The configuration for HLS content.", - "title": "HlsConfiguration" + "Handler": { + "markdownDescription": "The name of the method within your code that Lambda calls to run your function. Handler is required if the deployment package is a .zip file archive. The format includes the file name. It can also include namespaces and other qualifiers, depending on the runtime. For more information, see [Lambda programming model](https://docs.aws.amazon.com/lambda/latest/dg/foundation-progmodel.html) .", + "title": "Handler", + "type": "string" }, - "LivePreRollConfiguration": { - "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.LivePreRollConfiguration", - "markdownDescription": "The configuration for pre-roll ad insertion.", - "title": "LivePreRollConfiguration" + "ImageConfig": { + "$ref": "#/definitions/AWS::Lambda::Function.ImageConfig", + "markdownDescription": "Configuration values that override the container image Dockerfile settings. For more information, see [Container image settings](https://docs.aws.amazon.com/lambda/latest/dg/images-create.html#images-parms) .", + "title": "ImageConfig" }, - "ManifestProcessingRules": { - "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.ManifestProcessingRules", - "markdownDescription": "The configuration for manifest processing rules. Manifest processing rules enable customization of the personalized manifests created by MediaTailor.", - "title": "ManifestProcessingRules" + "KmsKeyArn": { + "markdownDescription": "The ARN of the AWS Key Management Service ( AWS KMS ) customer managed key that's used to encrypt the following resources:\n\n- The function's [environment variables](https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html#configuration-envvars-encryption) .\n- The function's [Lambda SnapStart](https://docs.aws.amazon.com/lambda/latest/dg/snapstart-security.html) snapshots.\n- When used with `SourceKMSKeyArn` , the unzipped version of the .zip deployment package that's used for function invocations. For more information, see [Specifying a customer managed key for Lambda](https://docs.aws.amazon.com/lambda/latest/dg/encrypt-zip-package.html#enable-zip-custom-encryption) .\n- The optimized version of the container image that's used for function invocations. Note that this is not the same key that's used to protect your container image in the Amazon Elastic Container Registry (Amazon ECR). For more information, see [Function lifecycle](https://docs.aws.amazon.com/lambda/latest/dg/images-create.html#images-lifecycle) .\n\nIf you don't provide a customer managed key, Lambda uses an [AWS owned key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-owned-cmk) or an [AWS managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk) .", + "title": "KmsKeyArn", + "type": "string" }, - "Name": { - "markdownDescription": "The identifier for the playback configuration.", - "title": "Name", + "Layers": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of [function layers](https://docs.aws.amazon.com/lambda/latest/dg/configuration-layers.html) to add to the function's execution environment. Specify each layer by its ARN, including the version.", + "title": "Layers", + "type": "array" + }, + "LoggingConfig": { + "$ref": "#/definitions/AWS::Lambda::Function.LoggingConfig", + "markdownDescription": "The function's Amazon CloudWatch Logs configuration settings.", + "title": "LoggingConfig" + }, + "MemorySize": { + "markdownDescription": "The amount of [memory available to the function](https://docs.aws.amazon.com/lambda/latest/dg/configuration-function-common.html#configuration-memory-console) at runtime. Increasing the function memory also increases its CPU allocation. The default value is 128 MB. The value can be any multiple of 1 MB. Note that new AWS accounts have reduced concurrency and memory quotas. AWS raises these quotas automatically based on your usage. You can also request a quota increase.", + "title": "MemorySize", + "type": "number" + }, + "PackageType": { + "markdownDescription": "The type of deployment package. Set to `Image` for container image and set `Zip` for .zip file archive.", + "title": "PackageType", "type": "string" }, - "PersonalizationThresholdSeconds": { - "markdownDescription": "Defines the maximum duration of underfilled ad time (in seconds) allowed in an ad break. If the duration of underfilled ad time exceeds the personalization threshold, then the personalization of the ad break is abandoned and the underlying content is shown. This feature applies to *ad replacement* in live and VOD streams, rather than ad insertion, because it relies on an underlying content stream. For more information about ad break behavior, including ad replacement and insertion, see [Ad Behavior in AWS Elemental MediaTailor](https://docs.aws.amazon.com/mediatailor/latest/ug/ad-behavior.html) .", - "title": "PersonalizationThresholdSeconds", + "RecursiveLoop": { + "markdownDescription": "The status of your function's recursive loop detection configuration.\n\nWhen this value is set to `Allow` and Lambda detects your function being invoked as part of a recursive loop, it doesn't take any action.\n\nWhen this value is set to `Terminate` and Lambda detects your function being invoked as part of a recursive loop, it stops your function being invoked and notifies you.", + "title": "RecursiveLoop", + "type": "string" + }, + "ReservedConcurrentExecutions": { + "markdownDescription": "The number of simultaneous executions to reserve for the function.", + "title": "ReservedConcurrentExecutions", "type": "number" }, - "SlateAdUrl": { - "markdownDescription": "The URL for a video asset to transcode and use to fill in time that's not used by ads. AWS Elemental MediaTailor shows the slate to fill in gaps in media content. Configuring the slate is optional for non-VPAID playback configurations. For VPAID, the slate is required because MediaTailor provides it in the slots designated for dynamic ad content. The slate must be a high-quality asset that contains both audio and video.", - "title": "SlateAdUrl", + "Role": { + "markdownDescription": "The Amazon Resource Name (ARN) of the function's execution role.", + "title": "Role", + "type": "string" + }, + "Runtime": { + "markdownDescription": "The identifier of the function's [runtime](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html) . Runtime is required if the deployment package is a .zip file archive. Specifying a runtime results in an error if you're deploying a function using a container image.\n\nThe following list includes deprecated runtimes. Lambda blocks creating new functions and updating existing functions shortly after each runtime is deprecated. For more information, see [Runtime use after deprecation](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html#runtime-deprecation-levels) .\n\nFor a list of all currently supported runtimes, see [Supported runtimes](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html#runtimes-supported) .", + "title": "Runtime", "type": "string" }, + "RuntimeManagementConfig": { + "$ref": "#/definitions/AWS::Lambda::Function.RuntimeManagementConfig", + "markdownDescription": "Sets the runtime management configuration for a function's version. For more information, see [Runtime updates](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html) .", + "title": "RuntimeManagementConfig" + }, + "SnapStart": { + "$ref": "#/definitions/AWS::Lambda::Function.SnapStart", + "markdownDescription": "The function's [AWS Lambda SnapStart](https://docs.aws.amazon.com/lambda/latest/dg/snapstart.html) setting.", + "title": "SnapStart" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to assign to the playback configuration. Tags are key-value pairs that you can associate with Amazon resources to help with organization, access control, and cost tracking. For more information, see [Tagging AWS Elemental MediaTailor Resources](https://docs.aws.amazon.com/mediatailor/latest/ug/tagging.html) .", + "markdownDescription": "A list of [tags](https://docs.aws.amazon.com/lambda/latest/dg/tagging.html) to apply to the function.\n\n> You must have the `lambda:TagResource` , `lambda:UntagResource` , and `lambda:ListTags` permissions for your [IAM principal](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html) to manage the AWS CloudFormation stack. If you don't have these permissions, there might be unexpected behavior with stack-level tags propagating to the resource during resource creation and update.", "title": "Tags", "type": "array" }, - "TranscodeProfileName": { - "markdownDescription": "The name that is used to associate this playback configuration with a custom transcode profile. This overrides the dynamic transcoding defaults of MediaTailor. Use this only if you have already set up custom profiles with the help of AWS Support.", - "title": "TranscodeProfileName", - "type": "string" + "Timeout": { + "markdownDescription": "The amount of time (in seconds) that Lambda allows a function to run before stopping it. The default is 3 seconds. The maximum allowed value is 900 seconds. For more information, see [Lambda execution environment](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-context.html) .", + "title": "Timeout", + "type": "number" }, - "VideoContentSourceUrl": { - "markdownDescription": "The URL prefix for the parent manifest for the stream, minus the asset ID. The maximum length is 512 characters.", - "title": "VideoContentSourceUrl", - "type": "string" + "TracingConfig": { + "$ref": "#/definitions/AWS::Lambda::Function.TracingConfig", + "markdownDescription": "Set `Mode` to `Active` to sample and trace a subset of incoming requests with [X-Ray](https://docs.aws.amazon.com/lambda/latest/dg/services-xray.html) .", + "title": "TracingConfig" + }, + "VpcConfig": { + "$ref": "#/definitions/AWS::Lambda::Function.VpcConfig", + "markdownDescription": "For network connectivity to AWS resources in a VPC, specify a list of security groups and subnets in the VPC. When you connect a function to a VPC, it can access resources and the internet only through that VPC. For more information, see [Configuring a Lambda function to access resources in a VPC](https://docs.aws.amazon.com/lambda/latest/dg/configuration-vpc.html) .", + "title": "VpcConfig" } }, "required": [ - "AdDecisionServerUrl", - "Name", - "VideoContentSourceUrl" + "Code", + "Role" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaTailor::PlaybackConfiguration" + "AWS::Lambda::Function" ], "type": "string" }, @@ -164845,302 +169581,245 @@ ], "type": "object" }, - "AWS::MediaTailor::PlaybackConfiguration.AdMarkerPassthrough": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Enables ad marker passthrough for your configuration.", - "title": "Enabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::MediaTailor::PlaybackConfiguration.AvailSuppression": { + "AWS::Lambda::Function.Code": { "additionalProperties": false, "properties": { - "Mode": { - "markdownDescription": "Sets the ad suppression mode. By default, ad suppression is off and all ad breaks are filled with ads or slate. When Mode is set to `BEHIND_LIVE_EDGE` , ad suppression is active and MediaTailor won't fill ad breaks on or behind the ad suppression Value time in the manifest lookback window. When Mode is set to `AFTER_LIVE_EDGE` , ad suppression is active and MediaTailor won't fill ad breaks that are within the live edge plus the avail suppression value.", - "title": "Mode", + "ImageUri": { + "markdownDescription": "URI of a [container image](https://docs.aws.amazon.com/lambda/latest/dg/lambda-images.html) in the Amazon ECR registry.", + "title": "ImageUri", "type": "string" }, - "Value": { - "markdownDescription": "A live edge offset time in HH:MM:SS. MediaTailor won't fill ad breaks on or behind this time in the manifest lookback window. If Value is set to 00:00:00, it is in sync with the live edge, and MediaTailor won't fill any ad breaks on or behind the live edge. If you set a Value time, MediaTailor won't fill any ad breaks on or behind this time in the manifest lookback window. For example, if you set 00:45:00, then MediaTailor will fill ad breaks that occur within 45 minutes behind the live edge, but won't fill ad breaks on or behind 45 minutes behind the live edge.", - "title": "Value", + "S3Bucket": { + "markdownDescription": "An Amazon S3 bucket in the same AWS Region as your function. The bucket can be in a different AWS account .", + "title": "S3Bucket", "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaTailor::PlaybackConfiguration.Bumper": { - "additionalProperties": false, - "properties": { - "EndUrl": { - "markdownDescription": "The URL for the end bumper asset.", - "title": "EndUrl", + }, + "S3Key": { + "markdownDescription": "The Amazon S3 key of the deployment package.", + "title": "S3Key", "type": "string" }, - "StartUrl": { - "markdownDescription": "The URL for the start bumper asset.", - "title": "StartUrl", + "S3ObjectVersion": { + "markdownDescription": "For versioned objects, the version of the deployment package object to use.", + "title": "S3ObjectVersion", + "type": "string" + }, + "SourceKMSKeyArn": { + "markdownDescription": "The ARN of the AWS Key Management Service ( AWS KMS ) customer managed key that's used to encrypt your function's .zip deployment package. If you don't provide a customer managed key, Lambda uses an [AWS owned key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-owned-cmk) .", + "title": "SourceKMSKeyArn", + "type": "string" + }, + "ZipFile": { + "markdownDescription": "(Node.js and Python) The source code of your Lambda function. If you include your function source inline with this parameter, AWS CloudFormation places it in a file named `index` and zips it to create a [deployment package](https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-package.html) . This zip file cannot exceed 4MB. For the `Handler` property, the first part of the handler identifier must be `index` . For example, `index.handler` .\n\n> When you specify source code inline for a Node.js function, the `index` file that AWS CloudFormation creates uses the extension `.js` . This means that Lambda treats the file as a CommonJS module. ES modules aren't supported for inline functions. \n\nFor JSON, you must escape quotes and special characters such as newline ( `\\n` ) with a backslash.\n\nIf you specify a function that interacts with an AWS CloudFormation custom resource, you don't have to write your own functions to send responses to the custom resource that invoked the function. AWS CloudFormation provides a response module ( [cfn-response](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cfn-lambda-function-code-cfnresponsemodule.html) ) that simplifies sending responses. See [Using AWS Lambda with AWS CloudFormation](https://docs.aws.amazon.com/lambda/latest/dg/services-cloudformation.html) for details.", + "title": "ZipFile", "type": "string" } }, "type": "object" }, - "AWS::MediaTailor::PlaybackConfiguration.CdnConfiguration": { + "AWS::Lambda::Function.DeadLetterConfig": { "additionalProperties": false, "properties": { - "AdSegmentUrlPrefix": { - "markdownDescription": "A non-default content delivery network (CDN) to serve ad segments. By default, AWS Elemental MediaTailor uses Amazon CloudFront with default cache settings as its CDN for ad segments. To set up an alternate CDN, create a rule in your CDN for the origin ads.mediatailor. ** .amazonaws.com. Then specify the rule's name in this `AdSegmentUrlPrefix` . When AWS Elemental MediaTailor serves a manifest, it reports your CDN as the source for ad segments.", - "title": "AdSegmentUrlPrefix", - "type": "string" - }, - "ContentSegmentUrlPrefix": { - "markdownDescription": "A content delivery network (CDN) to cache content segments, so that content requests don\u2019t always have to go to the origin server. First, create a rule in your CDN for the content segment origin server. Then specify the rule's name in this `ContentSegmentUrlPrefix` . When AWS Elemental MediaTailor serves a manifest, it reports your CDN as the source for content segments.", - "title": "ContentSegmentUrlPrefix", + "TargetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an Amazon SQS queue or Amazon SNS topic.", + "title": "TargetArn", "type": "string" } }, "type": "object" }, - "AWS::MediaTailor::PlaybackConfiguration.DashConfiguration": { + "AWS::Lambda::Function.Environment": { "additionalProperties": false, "properties": { - "ManifestEndpointPrefix": { - "markdownDescription": "The URL generated by MediaTailor to initiate a playback session. The session uses server-side reporting. This setting is ignored in PUT operations.", - "title": "ManifestEndpointPrefix", - "type": "string" - }, - "MpdLocation": { - "markdownDescription": "The setting that controls whether MediaTailor includes the Location tag in DASH manifests. MediaTailor populates the Location tag with the URL for manifest update requests, to be used by players that don't support sticky redirects. Disable this if you have CDN routing rules set up for accessing MediaTailor manifests, and you are either using client-side reporting or your players support sticky HTTP redirects. Valid values are `DISABLED` and `EMT_DEFAULT` . The `EMT_DEFAULT` setting enables the inclusion of the tag and is the default value.", - "title": "MpdLocation", - "type": "string" - }, - "OriginManifestType": { - "markdownDescription": "The setting that controls whether MediaTailor handles manifests from the origin server as multi-period manifests or single-period manifests. If your origin server produces single-period manifests, set this to `SINGLE_PERIOD` . The default setting is `MULTI_PERIOD` . For multi-period manifests, omit this setting or set it to `MULTI_PERIOD` .", - "title": "OriginManifestType", - "type": "string" + "Variables": { + "additionalProperties": true, + "markdownDescription": "Environment variable key-value pairs. For more information, see [Using Lambda environment variables](https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html) .\n\nIf the value of the environment variable is a time or a duration, enclose the value in quotes.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Variables", + "type": "object" } }, "type": "object" }, - "AWS::MediaTailor::PlaybackConfiguration.HlsConfiguration": { + "AWS::Lambda::Function.EphemeralStorage": { "additionalProperties": false, "properties": { - "ManifestEndpointPrefix": { - "markdownDescription": "The URL that is used to initiate a playback session for devices that support Apple HLS. The session uses server-side reporting.", - "title": "ManifestEndpointPrefix", - "type": "string" + "Size": { + "markdownDescription": "The size of the function's `/tmp` directory.", + "title": "Size", + "type": "number" } }, + "required": [ + "Size" + ], "type": "object" }, - "AWS::MediaTailor::PlaybackConfiguration.LivePreRollConfiguration": { + "AWS::Lambda::Function.FileSystemConfig": { "additionalProperties": false, "properties": { - "AdDecisionServerUrl": { - "markdownDescription": "The URL for the ad decision server (ADS) for pre-roll ads. This includes the specification of static parameters and placeholders for dynamic parameters. AWS Elemental MediaTailor substitutes player-specific and session-specific parameters as needed when calling the ADS. Alternately, for testing, you can provide a static VAST URL. The maximum length is 25,000 characters.", - "title": "AdDecisionServerUrl", + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon EFS access point that provides access to the file system.", + "title": "Arn", "type": "string" }, - "MaxDurationSeconds": { - "markdownDescription": "The maximum allowed duration for the pre-roll ad avail. AWS Elemental MediaTailor won't play pre-roll ads to exceed this duration, regardless of the total duration of ads that the ADS returns.", - "title": "MaxDurationSeconds", - "type": "number" + "LocalMountPath": { + "markdownDescription": "The path where the function can access the file system, starting with `/mnt/` .", + "title": "LocalMountPath", + "type": "string" } }, + "required": [ + "Arn", + "LocalMountPath" + ], "type": "object" }, - "AWS::MediaTailor::PlaybackConfiguration.ManifestProcessingRules": { + "AWS::Lambda::Function.ImageConfig": { "additionalProperties": false, "properties": { - "AdMarkerPassthrough": { - "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.AdMarkerPassthrough", - "markdownDescription": "For HLS, when set to `true` , MediaTailor passes through `EXT-X-CUE-IN` , `EXT-X-CUE-OUT` , and `EXT-X-SPLICEPOINT-SCTE35` ad markers from the origin manifest to the MediaTailor personalized manifest.\n\nNo logic is applied to these ad markers. For example, if `EXT-X-CUE-OUT` has a value of `60` , but no ads are filled for that ad break, MediaTailor will not set the value to `0` .", - "title": "AdMarkerPassthrough" + "Command": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies parameters that you want to pass in with ENTRYPOINT. You can specify a maximum of 1,500 parameters in the list.", + "title": "Command", + "type": "array" + }, + "EntryPoint": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the entry point to their application, which is typically the location of the runtime executable. You can specify a maximum of 1,500 string entries in the list.", + "title": "EntryPoint", + "type": "array" + }, + "WorkingDirectory": { + "markdownDescription": "Specifies the working directory. The length of the directory string cannot exceed 1,000 characters.", + "title": "WorkingDirectory", + "type": "string" } }, "type": "object" }, - "AWS::MediaTailor::SourceLocation": { + "AWS::Lambda::Function.LoggingConfig": { "additionalProperties": false, "properties": { - "Condition": { + "ApplicationLogLevel": { + "markdownDescription": "Set this property to filter the application logs for your function that Lambda sends to CloudWatch. Lambda only sends application logs at the selected level of detail and lower, where `TRACE` is the highest level and `FATAL` is the lowest.", + "title": "ApplicationLogLevel", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "LogFormat": { + "markdownDescription": "The format in which Lambda sends your function's application and system logs to CloudWatch. Select between plain text and structured JSON.", + "title": "LogFormat", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AccessConfiguration": { - "$ref": "#/definitions/AWS::MediaTailor::SourceLocation.AccessConfiguration", - "markdownDescription": "The access configuration for the source location.", - "title": "AccessConfiguration" - }, - "DefaultSegmentDeliveryConfiguration": { - "$ref": "#/definitions/AWS::MediaTailor::SourceLocation.DefaultSegmentDeliveryConfiguration", - "markdownDescription": "The default segment delivery configuration.", - "title": "DefaultSegmentDeliveryConfiguration" - }, - "HttpConfiguration": { - "$ref": "#/definitions/AWS::MediaTailor::SourceLocation.HttpConfiguration", - "markdownDescription": "The HTTP configuration for the source location.", - "title": "HttpConfiguration" - }, - "SegmentDeliveryConfigurations": { - "items": { - "$ref": "#/definitions/AWS::MediaTailor::SourceLocation.SegmentDeliveryConfiguration" - }, - "markdownDescription": "The segment delivery configurations for the source location.", - "title": "SegmentDeliveryConfigurations", - "type": "array" - }, - "SourceLocationName": { - "markdownDescription": "The name of the source location.", - "title": "SourceLocationName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags assigned to the source location. Tags are key-value pairs that you can associate with Amazon resources to help with organization, access control, and cost tracking. For more information, see [Tagging AWS Elemental MediaTailor Resources](https://docs.aws.amazon.com/mediatailor/latest/ug/tagging.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "HttpConfiguration", - "SourceLocationName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::MediaTailor::SourceLocation" - ], + "LogGroup": { + "markdownDescription": "The name of the Amazon CloudWatch log group the function sends logs to. By default, Lambda functions send logs to a default log group named `/aws/lambda/` . To use a different log group, enter an existing log group or enter a new log group name.", + "title": "LogGroup", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SystemLogLevel": { + "markdownDescription": "Set this property to filter the system logs for your function that Lambda sends to CloudWatch. Lambda only sends system logs at the selected level of detail and lower, where `DEBUG` is the highest level and `WARN` is the lowest.", + "title": "SystemLogLevel", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::MediaTailor::SourceLocation.AccessConfiguration": { + "AWS::Lambda::Function.RuntimeManagementConfig": { "additionalProperties": false, "properties": { - "AccessType": { - "markdownDescription": "The type of authentication used to access content from `HttpConfiguration::BaseUrl` on your source location. Accepted value: `S3_SIGV4` .\n\n`S3_SIGV4` - AWS Signature Version 4 authentication for Amazon S3 hosted virtual-style access. If your source location base URL is an Amazon S3 bucket, MediaTailor can use AWS Signature Version 4 (SigV4) authentication to access the bucket where your source content is stored. Your MediaTailor source location baseURL must follow the S3 virtual hosted-style request URL format. For example, https://bucket-name.s3.Region.amazonaws.com/key-name.\n\nBefore you can use `S3_SIGV4` , you must meet these requirements:\n\n\u2022 You must allow MediaTailor to access your S3 bucket by granting mediatailor.amazonaws.com principal access in IAM. For information about configuring access in IAM, see Access management in the IAM User Guide.\n\n\u2022 The mediatailor.amazonaws.com service principal must have permissions to read all top level manifests referenced by the VodSource packaging configurations.\n\n\u2022 The caller of the API must have s3:GetObject IAM permissions to read all top level manifests referenced by your MediaTailor VodSource packaging configurations.", - "title": "AccessType", + "RuntimeVersionArn": { + "markdownDescription": "The ARN of the runtime version you want the function to use.\n\n> This is only required if you're using the *Manual* runtime update mode.", + "title": "RuntimeVersionArn", "type": "string" }, - "SecretsManagerAccessTokenConfiguration": { - "$ref": "#/definitions/AWS::MediaTailor::SourceLocation.SecretsManagerAccessTokenConfiguration", - "markdownDescription": "AWS Secrets Manager access token configuration parameters.", - "title": "SecretsManagerAccessTokenConfiguration" + "UpdateRuntimeOn": { + "markdownDescription": "Specify the runtime update mode.\n\n- *Auto (default)* - Automatically update to the most recent and secure runtime version using a [Two-phase runtime version rollout](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html#runtime-management-two-phase) . This is the best choice for most customers to ensure they always benefit from runtime updates.\n- *FunctionUpdate* - Lambda updates the runtime of you function to the most recent and secure runtime version when you update your function. This approach synchronizes runtime updates with function deployments, giving you control over when runtime updates are applied and allowing you to detect and mitigate rare runtime update incompatibilities early. When using this setting, you need to regularly update your functions to keep their runtime up-to-date.\n- *Manual* - You specify a runtime version in your function configuration. The function will use this runtime version indefinitely. In the rare case where a new runtime version is incompatible with an existing function, this allows you to roll back your function to an earlier runtime version. For more information, see [Roll back a runtime version](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html#runtime-management-rollback) .\n\n*Valid Values* : `Auto` | `FunctionUpdate` | `Manual`", + "title": "UpdateRuntimeOn", + "type": "string" } }, + "required": [ + "UpdateRuntimeOn" + ], "type": "object" }, - "AWS::MediaTailor::SourceLocation.DefaultSegmentDeliveryConfiguration": { + "AWS::Lambda::Function.SnapStart": { "additionalProperties": false, "properties": { - "BaseUrl": { - "markdownDescription": "The hostname of the server that will be used to serve segments. This string must include the protocol, such as *https://* .", - "title": "BaseUrl", + "ApplyOn": { + "markdownDescription": "Set `ApplyOn` to `PublishedVersions` to create a snapshot of the initialized execution environment when you publish a function version.", + "title": "ApplyOn", "type": "string" } }, + "required": [ + "ApplyOn" + ], "type": "object" }, - "AWS::MediaTailor::SourceLocation.HttpConfiguration": { + "AWS::Lambda::Function.SnapStartResponse": { "additionalProperties": false, "properties": { - "BaseUrl": { - "markdownDescription": "The base URL for the source location host server. This string must include the protocol, such as *https://* .", - "title": "BaseUrl", + "ApplyOn": { + "markdownDescription": "When set to `PublishedVersions` , Lambda creates a snapshot of the execution environment when you publish a function version.", + "title": "ApplyOn", + "type": "string" + }, + "OptimizationStatus": { + "markdownDescription": "When you provide a [qualified Amazon Resource Name (ARN)](https://docs.aws.amazon.com/lambda/latest/dg/configuration-versions.html#versioning-versions-using) , this response element indicates whether SnapStart is activated for the specified function version.", + "title": "OptimizationStatus", "type": "string" } }, - "required": [ - "BaseUrl" - ], "type": "object" }, - "AWS::MediaTailor::SourceLocation.SecretsManagerAccessTokenConfiguration": { + "AWS::Lambda::Function.TracingConfig": { "additionalProperties": false, "properties": { - "HeaderName": { - "markdownDescription": "The name of the HTTP header used to supply the access token in requests to the source location.", - "title": "HeaderName", - "type": "string" - }, - "SecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Secrets Manager secret that contains the access token.", - "title": "SecretArn", - "type": "string" - }, - "SecretStringKey": { - "markdownDescription": "The AWS Secrets Manager [SecretString](https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_CreateSecret.html#SecretsManager-CreateSecret-request-SecretString.html) key associated with the access token. MediaTailor uses the key to look up SecretString key and value pair containing the access token.", - "title": "SecretStringKey", + "Mode": { + "markdownDescription": "The tracing mode.", + "title": "Mode", "type": "string" } }, "type": "object" }, - "AWS::MediaTailor::SourceLocation.SegmentDeliveryConfiguration": { + "AWS::Lambda::Function.VpcConfig": { "additionalProperties": false, "properties": { - "BaseUrl": { - "markdownDescription": "The base URL of the host or path of the segment delivery server that you're using to serve segments. This is typically a content delivery network (CDN). The URL can be absolute or relative. To use an absolute URL include the protocol, such as `https://example.com/some/path` . To use a relative URL specify the relative path, such as `/some/path*` .", - "title": "BaseUrl", - "type": "string" + "Ipv6AllowedForDualStack": { + "markdownDescription": "Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.", + "title": "Ipv6AllowedForDualStack", + "type": "boolean" }, - "Name": { - "markdownDescription": "A unique identifier used to distinguish between multiple segment delivery configurations in a source location.", - "title": "Name", - "type": "string" + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of VPC security group IDs.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of VPC subnet IDs.", + "title": "SubnetIds", + "type": "array" } }, "type": "object" }, - "AWS::MediaTailor::VodSource": { + "AWS::Lambda::LayerVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -165175,43 +169854,51 @@ "Properties": { "additionalProperties": false, "properties": { - "HttpPackageConfigurations": { + "CompatibleArchitectures": { "items": { - "$ref": "#/definitions/AWS::MediaTailor::VodSource.HttpPackageConfiguration" + "type": "string" }, - "markdownDescription": "The HTTP package configurations for the VOD source.", - "title": "HttpPackageConfigurations", + "markdownDescription": "A list of compatible [instruction set architectures](https://docs.aws.amazon.com/lambda/latest/dg/foundation-arch.html) .", + "title": "CompatibleArchitectures", "type": "array" }, - "SourceLocationName": { - "markdownDescription": "The name of the source location that the VOD source is associated with.", - "title": "SourceLocationName", - "type": "string" - }, - "Tags": { + "CompatibleRuntimes": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "The tags assigned to the VOD source. Tags are key-value pairs that you can associate with Amazon resources to help with organization, access control, and cost tracking. For more information, see [Tagging AWS Elemental MediaTailor Resources](https://docs.aws.amazon.com/mediatailor/latest/ug/tagging.html) .", - "title": "Tags", + "markdownDescription": "A list of compatible [function runtimes](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html) . Used for filtering with [ListLayers](https://docs.aws.amazon.com/lambda/latest/dg/API_ListLayers.html) and [ListLayerVersions](https://docs.aws.amazon.com/lambda/latest/dg/API_ListLayerVersions.html) .", + "title": "CompatibleRuntimes", "type": "array" }, - "VodSourceName": { - "markdownDescription": "The name of the VOD source.", - "title": "VodSourceName", + "Content": { + "$ref": "#/definitions/AWS::Lambda::LayerVersion.Content", + "markdownDescription": "The function layer archive.", + "title": "Content" + }, + "Description": { + "markdownDescription": "The description of the version.", + "title": "Description", + "type": "string" + }, + "LayerName": { + "markdownDescription": "The name or Amazon Resource Name (ARN) of the layer.", + "title": "LayerName", + "type": "string" + }, + "LicenseInfo": { + "markdownDescription": "The layer's software license. It can be any of the following:\n\n- An [SPDX license identifier](https://docs.aws.amazon.com/https://spdx.org/licenses/) . For example, `MIT` .\n- The URL of a license hosted on the internet. For example, `https://opensource.org/licenses/MIT` .\n- The full text of the license.", + "title": "LicenseInfo", "type": "string" } }, "required": [ - "HttpPackageConfigurations", - "SourceLocationName", - "VodSourceName" + "Content" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaTailor::VodSource" + "AWS::Lambda::LayerVersion" ], "type": "string" }, @@ -165230,33 +169917,32 @@ ], "type": "object" }, - "AWS::MediaTailor::VodSource.HttpPackageConfiguration": { + "AWS::Lambda::LayerVersion.Content": { "additionalProperties": false, "properties": { - "Path": { - "markdownDescription": "The relative path to the URL for this VOD source. This is combined with `SourceLocation::HttpConfiguration::BaseUrl` to form a valid URL.", - "title": "Path", + "S3Bucket": { + "markdownDescription": "The Amazon S3 bucket of the layer archive.", + "title": "S3Bucket", "type": "string" }, - "SourceGroup": { - "markdownDescription": "The name of the source group. This has to match one of the `Channel::Outputs::SourceGroup` .", - "title": "SourceGroup", + "S3Key": { + "markdownDescription": "The Amazon S3 key of the layer archive.", + "title": "S3Key", "type": "string" }, - "Type": { - "markdownDescription": "The streaming protocol for this package configuration. Supported values are `HLS` and `DASH` .", - "title": "Type", + "S3ObjectVersion": { + "markdownDescription": "For versioned objects, the version of the layer archive object to use.", + "title": "S3ObjectVersion", "type": "string" } }, "required": [ - "Path", - "SourceGroup", - "Type" + "S3Bucket", + "S3Key" ], "type": "object" }, - "AWS::MemoryDB::ACL": { + "AWS::Lambda::LayerVersionPermission": { "additionalProperties": false, "properties": { "Condition": { @@ -165291,36 +169977,37 @@ "Properties": { "additionalProperties": false, "properties": { - "ACLName": { - "markdownDescription": "The name of the Access Control List.", - "title": "ACLName", + "Action": { + "markdownDescription": "The API action that grants access to the layer. For example, `lambda:GetLayerVersion` .", + "title": "Action", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" + "LayerVersionArn": { + "markdownDescription": "The name or Amazon Resource Name (ARN) of the layer.", + "title": "LayerVersionArn", + "type": "string" }, - "UserNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of users that belong to the Access Control List.", - "title": "UserNames", - "type": "array" + "OrganizationId": { + "markdownDescription": "With the principal set to `*` , grant permission to all accounts in the specified organization.", + "title": "OrganizationId", + "type": "string" + }, + "Principal": { + "markdownDescription": "An account ID, or `*` to grant layer usage permission to all accounts in an organization, or all AWS accounts (if `organizationId` is not specified). For the last case, make sure that you really do want all AWS accounts to have usage permission to this layer.", + "title": "Principal", + "type": "string" } }, "required": [ - "ACLName" + "Action", + "LayerVersionArn", + "Principal" ], "type": "object" }, "Type": { "enum": [ - "AWS::MemoryDB::ACL" + "AWS::Lambda::LayerVersionPermission" ], "type": "string" }, @@ -165339,7 +170026,7 @@ ], "type": "object" }, - "AWS::MemoryDB::Cluster": { + "AWS::Lambda::Permission": { "additionalProperties": false, "properties": { "Condition": { @@ -165374,151 +170061,57 @@ "Properties": { "additionalProperties": false, "properties": { - "ACLName": { - "markdownDescription": "The name of the Access Control List to associate with the cluster .", - "title": "ACLName", + "Action": { + "markdownDescription": "The action that the principal can use on the function. For example, `lambda:InvokeFunction` or `lambda:GetFunction` .", + "title": "Action", "type": "string" }, - "AutoMinorVersionUpgrade": { - "markdownDescription": "When set to true, the cluster will automatically receive minor engine version upgrades after launch.", - "title": "AutoMinorVersionUpgrade", - "type": "boolean" - }, - "ClusterEndpoint": { - "$ref": "#/definitions/AWS::MemoryDB::Cluster.Endpoint", - "markdownDescription": "The cluster 's configuration endpoint.", - "title": "ClusterEndpoint" + "EventSourceToken": { + "markdownDescription": "For Alexa Smart Home functions, a token that the invoker must supply.", + "title": "EventSourceToken", + "type": "string" }, - "ClusterName": { - "markdownDescription": "The name of the cluster .", - "title": "ClusterName", + "FunctionName": { + "markdownDescription": "The name or ARN of the Lambda function, version, or alias.\n\n**Name formats** - *Function name* \u2013 `my-function` (name-only), `my-function:v1` (with alias).\n- *Function ARN* \u2013 `arn:aws:lambda:us-west-2:123456789012:function:my-function` .\n- *Partial ARN* \u2013 `123456789012:function:my-function` .\n\nYou can append a version number or alias to any of the formats. The length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length.", + "title": "FunctionName", "type": "string" }, - "DataTiering": { - "markdownDescription": "Enables data tiering. Data tiering is only supported for clusters using the r6gd node type. This parameter must be set when using r6gd nodes. For more information, see [Data tiering](https://docs.aws.amazon.com/memorydb/latest/devguide/data-tiering.html) .", - "title": "DataTiering", - "type": "string" - }, - "Description": { - "markdownDescription": "A description of the cluster .", - "title": "Description", - "type": "string" - }, - "EngineVersion": { - "markdownDescription": "The Redis engine version used by the cluster .", - "title": "EngineVersion", - "type": "string" - }, - "FinalSnapshotName": { - "markdownDescription": "The user-supplied name of a final cluster snapshot. This is the unique name that identifies the snapshot. MemoryDB creates the snapshot, and then deletes the cluster immediately afterward.", - "title": "FinalSnapshotName", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "The ID of the KMS key used to encrypt the cluster .", - "title": "KmsKeyId", - "type": "string" - }, - "MaintenanceWindow": { - "markdownDescription": "Specifies the weekly time range during which maintenance on the cluster is performed. It is specified as a range in the format `ddd:hh24:mi-ddd:hh24:mi` (24H Clock UTC). The minimum maintenance window is a 60 minute period.\n\n*Pattern* : `ddd:hh24:mi-ddd:hh24:mi`", - "title": "MaintenanceWindow", - "type": "string" - }, - "NodeType": { - "markdownDescription": "The cluster 's node type.", - "title": "NodeType", - "type": "string" - }, - "NumReplicasPerShard": { - "markdownDescription": "The number of replicas to apply to each shard.\n\n*Default value* : `1`\n\n*Maximum value* : `5`", - "title": "NumReplicasPerShard", - "type": "number" - }, - "NumShards": { - "markdownDescription": "The number of shards in the cluster .", - "title": "NumShards", - "type": "number" - }, - "ParameterGroupName": { - "markdownDescription": "The name of the parameter group used by the cluster .", - "title": "ParameterGroupName", - "type": "string" - }, - "Port": { - "markdownDescription": "The port used by the cluster .", - "title": "Port", - "type": "number" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of security group names to associate with this cluster .", - "title": "SecurityGroupIds", - "type": "array" - }, - "SnapshotArns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of Amazon Resource Names (ARN) that uniquely identify the RDB snapshot files stored in Amazon S3. The snapshot files are used to populate the new cluster . The Amazon S3 object name in the ARN cannot contain any commas.", - "title": "SnapshotArns", - "type": "array" - }, - "SnapshotName": { - "markdownDescription": "The name of a snapshot from which to restore data into the new cluster . The snapshot status changes to restoring while the new cluster is being created.", - "title": "SnapshotName", + "FunctionUrlAuthType": { + "markdownDescription": "The type of authentication that your function URL uses. Set to `AWS_IAM` if you want to restrict access to authenticated users only. Set to `NONE` if you want to bypass IAM authentication to create a public endpoint. For more information, see [Security and auth model for Lambda function URLs](https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html) .", + "title": "FunctionUrlAuthType", "type": "string" }, - "SnapshotRetentionLimit": { - "markdownDescription": "The number of days for which MemoryDB retains automatic snapshots before deleting them. For example, if you set SnapshotRetentionLimit to 5, a snapshot that was taken today is retained for 5 days before being deleted.", - "title": "SnapshotRetentionLimit", - "type": "number" - }, - "SnapshotWindow": { - "markdownDescription": "The daily time range (in UTC) during which MemoryDB begins taking a daily snapshot of your shard. Example: 05:00-09:00 If you do not specify this parameter, MemoryDB automatically chooses an appropriate time range.", - "title": "SnapshotWindow", + "Principal": { + "markdownDescription": "The AWS service , AWS account , IAM user, or IAM role that invokes the function. If you specify a service, use `SourceArn` or `SourceAccount` to limit who can invoke the function through that service.", + "title": "Principal", "type": "string" }, - "SnsTopicArn": { - "markdownDescription": "When you pass the logical ID of this resource to the intrinsic `Ref` function, Ref returns the ARN of the SNS topic, such as `arn:aws:memorydb:us-east-1:123456789012:mySNSTopic`", - "title": "SnsTopicArn", + "PrincipalOrgID": { + "markdownDescription": "The identifier for your organization in AWS Organizations . Use this to grant permissions to all the AWS accounts under this organization.", + "title": "PrincipalOrgID", "type": "string" }, - "SnsTopicStatus": { - "markdownDescription": "The SNS topic must be in Active status to receive notifications.", - "title": "SnsTopicStatus", + "SourceAccount": { + "markdownDescription": "For AWS service , the ID of the AWS account that owns the resource. Use this together with `SourceArn` to ensure that the specified account owns the resource. It is possible for an Amazon S3 bucket to be deleted by its owner and recreated by another account.", + "title": "SourceAccount", "type": "string" }, - "SubnetGroupName": { - "markdownDescription": "The name of the subnet group used by the cluster .", - "title": "SubnetGroupName", + "SourceArn": { + "markdownDescription": "For AWS services , the ARN of the AWS resource that invokes the function. For example, an Amazon S3 bucket or Amazon SNS topic.\n\nNote that Lambda configures the comparison using the `StringLike` operator.", + "title": "SourceArn", "type": "string" - }, - "TLSEnabled": { - "markdownDescription": "A flag to indicate if In-transit encryption is enabled.", - "title": "TLSEnabled", - "type": "boolean" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" } }, "required": [ - "ACLName", - "ClusterName", - "NodeType" + "Action", + "FunctionName", + "Principal" ], "type": "object" }, "Type": { "enum": [ - "AWS::MemoryDB::Cluster" + "AWS::Lambda::Permission" ], "type": "string" }, @@ -165537,23 +170130,7 @@ ], "type": "object" }, - "AWS::MemoryDB::Cluster.Endpoint": { - "additionalProperties": false, - "properties": { - "Address": { - "markdownDescription": "The DNS hostname of the node.", - "title": "Address", - "type": "string" - }, - "Port": { - "markdownDescription": "The port number that the engine is listening on.", - "title": "Port", - "type": "number" - } - }, - "type": "object" - }, - "AWS::MemoryDB::ParameterGroup": { + "AWS::Lambda::Url": { "additionalProperties": false, "properties": { "Condition": { @@ -165588,44 +170165,41 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the parameter group.", - "title": "Description", + "AuthType": { + "markdownDescription": "The type of authentication that your function URL uses. Set to `AWS_IAM` if you want to restrict access to authenticated users only. Set to `NONE` if you want to bypass IAM authentication to create a public endpoint. For more information, see [Security and auth model for Lambda function URLs](https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html) .", + "title": "AuthType", "type": "string" }, - "Family": { - "markdownDescription": "The name of the parameter group family that this parameter group is compatible with.", - "title": "Family", - "type": "string" + "Cors": { + "$ref": "#/definitions/AWS::Lambda::Url.Cors", + "markdownDescription": "The [Cross-Origin Resource Sharing (CORS)](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) settings for your function URL.", + "title": "Cors" }, - "ParameterGroupName": { - "markdownDescription": "The name of the parameter group.", - "title": "ParameterGroupName", + "InvokeMode": { + "markdownDescription": "Use one of the following options:\n\n- `BUFFERED` \u2013 This is the default option. Lambda invokes your function using the `Invoke` API operation. Invocation results are available when the payload is complete. The maximum payload size is 6 MB.\n- `RESPONSE_STREAM` \u2013 Your function streams payload results as they become available. Lambda invokes your function using the `InvokeWithResponseStream` API operation. The maximum response payload size is 20 MB, however, you can [request a quota increase](https://docs.aws.amazon.com/servicequotas/latest/userguide/request-quota-increase.html) .", + "title": "InvokeMode", "type": "string" }, - "Parameters": { - "markdownDescription": "Returns the detailed parameter list for the parameter group.", - "title": "Parameters", - "type": "object" + "Qualifier": { + "markdownDescription": "The alias name.", + "title": "Qualifier", + "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" + "TargetFunctionArn": { + "markdownDescription": "The name of the Lambda function.\n\n**Name formats** - *Function name* - `my-function` .\n- *Function ARN* - `lambda: : :function:my-function` .\n- *Partial ARN* - `:function:my-function` .\n\nThe length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length.", + "title": "TargetFunctionArn", + "type": "string" } }, "required": [ - "Family", - "ParameterGroupName" + "AuthType", + "TargetFunctionArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::MemoryDB::ParameterGroup" + "AWS::Lambda::Url" ], "type": "string" }, @@ -165644,7 +170218,55 @@ ], "type": "object" }, - "AWS::MemoryDB::SubnetGroup": { + "AWS::Lambda::Url.Cors": { + "additionalProperties": false, + "properties": { + "AllowCredentials": { + "markdownDescription": "Whether you want to allow cookies or other credentials in requests to your function URL. The default is `false` .", + "title": "AllowCredentials", + "type": "boolean" + }, + "AllowHeaders": { + "items": { + "type": "string" + }, + "markdownDescription": "The HTTP headers that origins can include in requests to your function URL. For example: `Date` , `Keep-Alive` , `X-Custom-Header` .", + "title": "AllowHeaders", + "type": "array" + }, + "AllowMethods": { + "items": { + "type": "string" + }, + "markdownDescription": "The HTTP methods that are allowed when calling your function URL. For example: `GET` , `POST` , `DELETE` , or the wildcard character ( `*` ).", + "title": "AllowMethods", + "type": "array" + }, + "AllowOrigins": { + "items": { + "type": "string" + }, + "markdownDescription": "The origins that can access your function URL. You can list any number of specific origins, separated by a comma. For example: `https://www.example.com` , `http://localhost:60905` .\n\nAlternatively, you can grant access to all origins with the wildcard character ( `*` ).", + "title": "AllowOrigins", + "type": "array" + }, + "ExposeHeaders": { + "items": { + "type": "string" + }, + "markdownDescription": "The HTTP headers in your function response that you want to expose to origins that call your function URL. For example: `Date` , `Keep-Alive` , `X-Custom-Header` .", + "title": "ExposeHeaders", + "type": "array" + }, + "MaxAge": { + "markdownDescription": "The maximum amount of time, in seconds, that browsers can cache results of a preflight request. By default, this is set to `0` , which means the browser will not cache results.", + "title": "MaxAge", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Lambda::Version": { "additionalProperties": false, "properties": { "Condition": { @@ -165679,42 +170301,40 @@ "Properties": { "additionalProperties": false, "properties": { + "CodeSha256": { + "markdownDescription": "Only publish a version if the hash value matches the value that's specified. Use this option to avoid publishing a version if the function code has changed since you last updated it. Updates are not supported for this property.", + "title": "CodeSha256", + "type": "string" + }, "Description": { - "markdownDescription": "A description of the subnet group.", + "markdownDescription": "A description for the version to override the description in the function configuration. Updates are not supported for this property.", "title": "Description", "type": "string" }, - "SubnetGroupName": { - "markdownDescription": "The name of the subnet group to be used for the cluster .", - "title": "SubnetGroupName", + "FunctionName": { + "markdownDescription": "The name or ARN of the Lambda function.\n\n**Name formats** - *Function name* - `MyFunction` .\n- *Function ARN* - `arn:aws:lambda:us-west-2:123456789012:function:MyFunction` .\n- *Partial ARN* - `123456789012:function:MyFunction` .\n\nThe length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length.", + "title": "FunctionName", "type": "string" }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of Amazon VPC subnet IDs for the subnet group.", - "title": "SubnetIds", - "type": "array" + "ProvisionedConcurrencyConfig": { + "$ref": "#/definitions/AWS::Lambda::Version.ProvisionedConcurrencyConfiguration", + "markdownDescription": "Specifies a provisioned concurrency configuration for a function's version. Updates are not supported for this property.", + "title": "ProvisionedConcurrencyConfig" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" + "RuntimePolicy": { + "$ref": "#/definitions/AWS::Lambda::Version.RuntimePolicy", + "markdownDescription": "", + "title": "RuntimePolicy" } }, "required": [ - "SubnetGroupName", - "SubnetIds" + "FunctionName" ], "type": "object" }, "Type": { "enum": [ - "AWS::MemoryDB::SubnetGroup" + "AWS::Lambda::Version" ], "type": "string" }, @@ -165733,7 +170353,40 @@ ], "type": "object" }, - "AWS::MemoryDB::User": { + "AWS::Lambda::Version.ProvisionedConcurrencyConfiguration": { + "additionalProperties": false, + "properties": { + "ProvisionedConcurrentExecutions": { + "markdownDescription": "The amount of provisioned concurrency to allocate for the version.", + "title": "ProvisionedConcurrentExecutions", + "type": "number" + } + }, + "required": [ + "ProvisionedConcurrentExecutions" + ], + "type": "object" + }, + "AWS::Lambda::Version.RuntimePolicy": { + "additionalProperties": false, + "properties": { + "RuntimeVersionArn": { + "markdownDescription": "The ARN of the runtime version you want the function to use.\n\n> This is only required if you're using the *Manual* runtime update mode.", + "title": "RuntimeVersionArn", + "type": "string" + }, + "UpdateRuntimeOn": { + "markdownDescription": "Specify the runtime update mode.\n\n- *Auto (default)* - Automatically update to the most recent and secure runtime version using a [Two-phase runtime version rollout](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html#runtime-management-two-phase) . This is the best choice for most customers to ensure they always benefit from runtime updates.\n- *FunctionUpdate* - Lambda updates the runtime of you function to the most recent and secure runtime version when you update your function. This approach synchronizes runtime updates with function deployments, giving you control over when runtime updates are applied and allowing you to detect and mitigate rare runtime update incompatibilities early. When using this setting, you need to regularly update your functions to keep their runtime up-to-date.\n- *Manual* - You specify a runtime version in your function configuration. The function will use this runtime version indefinitely. In the rare case where a new runtime version is incompatible with an existing function, this allows you to roll back your function to an earlier runtime version. For more information, see [Roll back a runtime version](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html#runtime-management-rollback) .\n\n*Valid Values* : `Auto` | `FunctionUpdate` | `Manual`", + "title": "UpdateRuntimeOn", + "type": "string" + } + }, + "required": [ + "UpdateRuntimeOn" + ], + "type": "object" + }, + "AWS::LaunchWizard::Deployment": { "additionalProperties": false, "properties": { "Condition": { @@ -165768,38 +170421,51 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessString": { - "markdownDescription": "Access permissions string used for this user.", - "title": "AccessString", + "DeploymentPatternName": { + "markdownDescription": "The name of the deployment pattern.", + "title": "DeploymentPatternName", "type": "string" }, - "AuthenticationMode": { - "$ref": "#/definitions/AWS::MemoryDB::User.AuthenticationMode", - "markdownDescription": "Denotes whether the user requires a password to authenticate.\n\n*Example:*\n\n`mynewdbuser: Type: AWS::MemoryDB::User Properties: AccessString: on ~* &* +@all AuthenticationMode: Passwords: '1234567890123456' Type: password UserName: mynewdbuser AuthenticationMode: { \"Passwords\": [\"1234567890123456\"], \"Type\": \"Password\" }`", - "title": "AuthenticationMode" + "Name": { + "markdownDescription": "The name of the deployment.", + "title": "Name", + "type": "string" + }, + "Specifications": { + "additionalProperties": true, + "markdownDescription": "The settings specified for the deployment. These settings define how to deploy and configure your resources created by the deployment. For more information about the specifications required for creating a deployment for a SAP workload, see [SAP deployment specifications](https://docs.aws.amazon.com/launchwizard/latest/APIReference/launch-wizard-specifications-sap.html) . To retrieve the specifications required to create a deployment for other workloads, use the [`GetWorkloadDeploymentPattern`](https://docs.aws.amazon.com/launchwizard/latest/APIReference/API_GetWorkloadDeploymentPattern.html) operation.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Specifications", + "type": "object" }, "Tags": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::LaunchWizard::Deployment.Tags" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "Information about the tags attached to a deployment.", "title": "Tags", "type": "array" }, - "UserName": { - "markdownDescription": "The name of the user.", - "title": "UserName", + "WorkloadName": { + "markdownDescription": "The name of the workload.", + "title": "WorkloadName", "type": "string" } }, "required": [ - "UserName" + "DeploymentPatternName", + "Name", + "WorkloadName" ], "type": "object" }, "Type": { "enum": [ - "AWS::MemoryDB::User" + "AWS::LaunchWizard::Deployment" ], "type": "string" }, @@ -165818,26 +170484,26 @@ ], "type": "object" }, - "AWS::MemoryDB::User.AuthenticationMode": { + "AWS::LaunchWizard::Deployment.Tags": { "additionalProperties": false, "properties": { - "Passwords": { - "items": { - "type": "string" - }, - "markdownDescription": "The password(s) used for authentication", - "title": "Passwords", - "type": "array" + "Key": { + "markdownDescription": "The key name of the tag.", + "title": "Key", + "type": "string" }, - "Type": { - "markdownDescription": "Indicates whether the user requires a password to authenticate. All newly-created users require a password.", - "title": "Type", + "Value": { + "markdownDescription": "The value for the tag.", + "title": "Value", "type": "string" } }, + "required": [ + "Key" + ], "type": "object" }, - "AWS::Neptune::DBCluster": { + "AWS::Lex::Bot": { "additionalProperties": false, "properties": { "Condition": { @@ -165872,152 +170538,87 @@ "Properties": { "additionalProperties": false, "properties": { - "AssociatedRoles": { - "items": { - "$ref": "#/definitions/AWS::Neptune::DBCluster.DBClusterRole" - }, - "markdownDescription": "Provides a list of the Amazon Identity and Access Management (IAM) roles that are associated with the DB cluster. IAM roles that are associated with a DB cluster grant permission for the DB cluster to access other Amazon services on your behalf.", - "title": "AssociatedRoles", - "type": "array" + "AutoBuildBotLocales": { + "markdownDescription": "Indicates whether Amazon Lex V2 should automatically build the locales for the bot after a change.", + "title": "AutoBuildBotLocales", + "type": "boolean" }, - "AvailabilityZones": { + "BotFileS3Location": { + "$ref": "#/definitions/AWS::Lex::Bot.S3Location", + "markdownDescription": "The Amazon S3 location of files used to import a bot. The files must be in the import format specified in [JSON format for importing and exporting](https://docs.aws.amazon.com/lexv2/latest/dg/import-export-format.html) in the *Amazon Lex developer guide.*", + "title": "BotFileS3Location" + }, + "BotLocales": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Lex::Bot.BotLocale" }, - "markdownDescription": "Provides the list of EC2 Availability Zones that instances in the DB cluster can be created in.", - "title": "AvailabilityZones", + "markdownDescription": "A list of locales for the bot.", + "title": "BotLocales", "type": "array" }, - "BackupRetentionPeriod": { - "markdownDescription": "Specifies the number of days for which automatic DB snapshots are retained.\n\nAn update may require some interruption. See [ModifyDBInstance](https://docs.aws.amazon.com/neptune/latest/userguide/api-instances.html#ModifyDBInstance) in the Amazon Neptune User Guide for more information.", - "title": "BackupRetentionPeriod", - "type": "number" - }, - "CopyTagsToSnapshot": { - "markdownDescription": "*If set to `true` , tags are copied to any snapshot of the DB cluster that is created.*", - "title": "CopyTagsToSnapshot", - "type": "boolean" - }, - "DBClusterIdentifier": { - "markdownDescription": "Contains a user-supplied DB cluster identifier. This identifier is the unique key that identifies a DB cluster.", - "title": "DBClusterIdentifier", - "type": "string" - }, - "DBClusterParameterGroupName": { - "markdownDescription": "Provides the name of the DB cluster parameter group.\n\nAn update may require some interruption. See [ModifyDBInstance](https://docs.aws.amazon.com/neptune/latest/userguide/api-instances.html#ModifyDBInstance) in the Amazon Neptune User Guide for more information.", - "title": "DBClusterParameterGroupName", - "type": "string" - }, - "DBInstanceParameterGroupName": { - "markdownDescription": "The name of the DB parameter group to apply to all instances of the DB cluster. Used only in case of a major engine version upgrade request\n\nNote that when you apply a parameter group using `DBInstanceParameterGroupName` , parameter changes are applied immediately, not during the next maintenance window.\n\n**Constraints** - The DB parameter group must be in the same DB parameter group family as the target DB cluster version.\n- The `DBInstanceParameterGroupName` parameter is only valid for major engine version upgrades.", - "title": "DBInstanceParameterGroupName", - "type": "string" - }, - "DBPort": { - "markdownDescription": "The port number on which the DB instances in the DB cluster accept connections.\n\nIf not specified, the default port used is `8182` .\n\n> The `Port` property will soon be deprecated. Please update existing templates to use the new `DBPort` property that has the same functionality.", - "title": "DBPort", - "type": "number" - }, - "DBSubnetGroupName": { - "markdownDescription": "Specifies information on the subnet group associated with the DB cluster, including the name, description, and subnets in the subnet group.", - "title": "DBSubnetGroupName", - "type": "string" - }, - "DeletionProtection": { - "markdownDescription": "Indicates whether or not the DB cluster has deletion protection enabled. The database can't be deleted when deletion protection is enabled.", - "title": "DeletionProtection", - "type": "boolean" - }, - "EnableCloudwatchLogsExports": { + "BotTags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "Specifies a list of log types that are enabled for export to CloudWatch Logs.", - "title": "EnableCloudwatchLogsExports", + "markdownDescription": "A list of tags to add to the bot. You can only add tags when you import a bot. You can't use the `UpdateBot` operation to update tags. To update tags, use the `TagResource` operation.", + "title": "BotTags", "type": "array" }, - "EngineVersion": { - "markdownDescription": "Indicates the database engine version.", - "title": "EngineVersion", - "type": "string" - }, - "IamAuthEnabled": { - "markdownDescription": "True if mapping of Amazon Identity and Access Management (IAM) accounts to database accounts is enabled, and otherwise false.", - "title": "IamAuthEnabled", - "type": "boolean" - }, - "KmsKeyId": { - "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key that is used to encrypt the database instances in the DB cluster, such as `arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef` . If you enable the `StorageEncrypted` property but don't specify this property, the default KMS key is used. If you specify this property, you must set the `StorageEncrypted` property to `true` .", - "title": "KmsKeyId", - "type": "string" - }, - "PreferredBackupWindow": { - "markdownDescription": "Specifies the daily time range during which automated backups are created if automated backups are enabled, as determined by the `BackupRetentionPeriod` .\n\nAn update may require some interruption.", - "title": "PreferredBackupWindow", - "type": "string" + "DataPrivacy": { + "$ref": "#/definitions/AWS::Lex::Bot.DataPrivacy", + "markdownDescription": "By default, data stored by Amazon Lex is encrypted. The `DataPrivacy` structure provides settings that determine how Amazon Lex handles special cases of securing the data for your bot.", + "title": "DataPrivacy" }, - "PreferredMaintenanceWindow": { - "markdownDescription": "Specifies the weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).", - "title": "PreferredMaintenanceWindow", + "Description": { + "markdownDescription": "The description of the version.", + "title": "Description", "type": "string" }, - "RestoreToTime": { - "markdownDescription": "Creates a new DB cluster from a DB snapshot or DB cluster snapshot.\n\nIf a DB snapshot is specified, the target DB cluster is created from the source DB snapshot with a default configuration and default security group.\n\nIf a DB cluster snapshot is specified, the target DB cluster is created from the source DB cluster restore point with the same configuration as the original source DB cluster, except that the new DB cluster is created with the default security group.", - "title": "RestoreToTime", - "type": "string" + "IdleSessionTTLInSeconds": { + "markdownDescription": "The time, in seconds, that Amazon Lex should keep information about a user's conversation with the bot.\n\nA user interaction remains active for the amount of time specified. If no conversation occurs during this time, the session expires and Amazon Lex deletes any data provided before the timeout.\n\nYou can specify between 60 (1 minute) and 86,400 (24 hours) seconds.", + "title": "IdleSessionTTLInSeconds", + "type": "number" }, - "RestoreType": { - "markdownDescription": "Creates a new DB cluster from a DB snapshot or DB cluster snapshot.\n\nIf a DB snapshot is specified, the target DB cluster is created from the source DB snapshot with a default configuration and default security group.\n\nIf a DB cluster snapshot is specified, the target DB cluster is created from the source DB cluster restore point with the same configuration as the original source DB cluster, except that the new DB cluster is created with the default security group.", - "title": "RestoreType", + "Name": { + "markdownDescription": "The name of the bot locale.", + "title": "Name", "type": "string" }, - "ServerlessScalingConfiguration": { - "$ref": "#/definitions/AWS::Neptune::DBCluster.ServerlessScalingConfiguration", + "Replication": { + "$ref": "#/definitions/AWS::Lex::Bot.Replication", "markdownDescription": "", - "title": "ServerlessScalingConfiguration" + "title": "Replication" }, - "SnapshotIdentifier": { - "markdownDescription": "Specifies the identifier for a DB cluster snapshot. Must match the identifier of an existing snapshot.\n\nAfter you restore a DB cluster using a `SnapshotIdentifier` , you must specify the same `SnapshotIdentifier` for any future updates to the DB cluster. When you specify this property for an update, the DB cluster is not restored from the snapshot again, and the data in the database is not changed.\n\nHowever, if you don't specify the `SnapshotIdentifier` , an empty DB cluster is created, and the original DB cluster is deleted. If you specify a property that is different from the previous snapshot restore property, the DB cluster is restored from the snapshot specified by the `SnapshotIdentifier` , and the original DB cluster is deleted.", - "title": "SnapshotIdentifier", - "type": "string" - }, - "SourceDBClusterIdentifier": { - "markdownDescription": "Creates a new DB cluster from a DB snapshot or DB cluster snapshot.\n\nIf a DB snapshot is specified, the target DB cluster is created from the source DB snapshot with a default configuration and default security group.\n\nIf a DB cluster snapshot is specified, the target DB cluster is created from the source DB cluster restore point with the same configuration as the original source DB cluster, except that the new DB cluster is created with the default security group.", - "title": "SourceDBClusterIdentifier", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role used to build and run the bot.", + "title": "RoleArn", "type": "string" }, - "StorageEncrypted": { - "markdownDescription": "Indicates whether the DB cluster is encrypted.\n\nIf you specify the `KmsKeyId` property, then you must enable encryption and set this property to `true` .\n\nIf you enable the `StorageEncrypted` property but don't specify the `KmsKeyId` property, then the default KMS key is used. If you specify the `KmsKeyId` property, then that KMS key is used to encrypt the database instances in the DB cluster.\n\nIf you specify the `SourceDBClusterIdentifier` property, and don't specify this property or disable it, the value is inherited from the source DB cluster. If the source DB cluster is encrypted, the `KmsKeyId` property from the source cluster is used.\n\nIf you specify the `DBSnapshotIdentifier` and don't specify this property or disable it, the value is inherited from the snapshot and the specified `KmsKeyId` property from the snapshot is used.", - "title": "StorageEncrypted", - "type": "boolean" + "TestBotAliasSettings": { + "$ref": "#/definitions/AWS::Lex::Bot.TestBotAliasSettings", + "markdownDescription": "Specifies configuration settings for the alias used to test the bot. If the `TestBotAliasSettings` property is not specified, the settings are configured with default values.", + "title": "TestBotAliasSettings" }, - "Tags": { + "TestBotAliasTags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags assigned to this cluster.", - "title": "Tags", - "type": "array" - }, - "UseLatestRestorableTime": { - "markdownDescription": "Creates a new DB cluster from a DB snapshot or DB cluster snapshot.\n\nIf a DB snapshot is specified, the target DB cluster is created from the source DB snapshot with a default configuration and default security group.\n\nIf a DB cluster snapshot is specified, the target DB cluster is created from the source DB cluster restore point with the same configuration as the original source DB cluster, except that the new DB cluster is created with the default security group.", - "title": "UseLatestRestorableTime", - "type": "boolean" - }, - "VpcSecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "Provides a list of VPC security groups that the DB cluster belongs to.", - "title": "VpcSecurityGroupIds", + "markdownDescription": "A list of tags to add to the test alias for a bot. You can only add tags when you import a bot. You can't use the `UpdateAlias` operation to update tags. To update tags on the test alias, use the `TagResource` operation.", + "title": "TestBotAliasTags", "type": "array" } }, + "required": [ + "DataPrivacy", + "IdleSessionTTLInSeconds", + "Name", + "RoleArn" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Neptune::DBCluster" + "AWS::Lex::Bot" ], "type": "string" }, @@ -166031,3157 +170632,2555 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Neptune::DBCluster.DBClusterRole": { + "AWS::Lex::Bot.AdvancedRecognitionSetting": { "additionalProperties": false, "properties": { - "FeatureName": { - "markdownDescription": "The name of the feature associated with the Amazon Identity and Access Management (IAM) role. For the list of supported feature names, see [DescribeDBEngineVersions](https://docs.aws.amazon.com/neptune/latest/userguide/api-other-apis.html#DescribeDBEngineVersions) .", - "title": "FeatureName", + "AudioRecognitionStrategy": { + "markdownDescription": "Enables using the slot values as a custom vocabulary for recognizing user utterances.", + "title": "AudioRecognitionStrategy", "type": "string" + } + }, + "type": "object" + }, + "AWS::Lex::Bot.AllowedInputTypes": { + "additionalProperties": false, + "properties": { + "AllowAudioInput": { + "markdownDescription": "Indicates whether audio input is allowed.", + "title": "AllowAudioInput", + "type": "boolean" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that is associated with the DB cluster.", - "title": "RoleArn", - "type": "string" + "AllowDTMFInput": { + "markdownDescription": "Indicates whether DTMF input is allowed.", + "title": "AllowDTMFInput", + "type": "boolean" } }, "required": [ - "RoleArn" + "AllowAudioInput", + "AllowDTMFInput" ], "type": "object" }, - "AWS::Neptune::DBCluster.ServerlessScalingConfiguration": { + "AWS::Lex::Bot.AudioAndDTMFInputSpecification": { "additionalProperties": false, "properties": { - "MaxCapacity": { - "markdownDescription": "The maximum number of Neptune capacity units (NCUs) for a DB instance in a Neptune Serverless cluster. You can specify NCU values in half-step increments, such as 40, 40.5, 41, and so on.", - "title": "MaxCapacity", - "type": "number" + "AudioSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.AudioSpecification", + "markdownDescription": "Specifies the settings on audio input.", + "title": "AudioSpecification" }, - "MinCapacity": { - "markdownDescription": "The minimum number of Neptune capacity units (NCUs) for a DB instance in a Neptune Serverless cluster. You can specify NCU values in half-step increments, such as 8, 8.5, 9, and so on.", - "title": "MinCapacity", + "DTMFSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.DTMFSpecification", + "markdownDescription": "Specifies the settings on DTMF input.", + "title": "DTMFSpecification" + }, + "StartTimeoutMs": { + "markdownDescription": "Time for which a bot waits before assuming that the customer isn't going to speak or press a key. This timeout is shared between Audio and DTMF inputs.", + "title": "StartTimeoutMs", "type": "number" } }, "required": [ - "MaxCapacity", - "MinCapacity" + "StartTimeoutMs" ], "type": "object" }, - "AWS::Neptune::DBClusterParameterGroup": { + "AWS::Lex::Bot.AudioLogDestination": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "Provides the customer-specified description for this DB cluster parameter group.", - "title": "Description", - "type": "string" - }, - "Family": { - "markdownDescription": "Must be `neptune1` for engine versions prior to [1.2.0.0](https://docs.aws.amazon.com/neptune/latest/userguide/engine-releases-1.2.0.0.html) , or `neptune1.2` for engine version `1.2.0.0` and higher.", - "title": "Family", - "type": "string" - }, - "Name": { - "markdownDescription": "Provides the name of the DB cluster parameter group.", - "title": "Name", - "type": "string" - }, - "Parameters": { - "markdownDescription": "The parameters to set for this DB cluster parameter group.\n\nThe parameters are expressed as a JSON object consisting of key-value pairs.\n\nIf you update the parameters, some interruption may occur depending on which parameters you update.", - "title": "Parameters", - "type": "object" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags that you want to attach to this parameter group.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Description", - "Family", - "Parameters" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Neptune::DBClusterParameterGroup" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "S3Bucket": { + "$ref": "#/definitions/AWS::Lex::Bot.S3BucketLogDestination", + "markdownDescription": "Specifies the Amazon S3 bucket where the audio files are stored.", + "title": "S3Bucket" } }, "required": [ - "Type", - "Properties" + "S3Bucket" ], "type": "object" }, - "AWS::Neptune::DBInstance": { + "AWS::Lex::Bot.AudioLogSetting": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AllowMajorVersionUpgrade": { - "markdownDescription": "Indicates that major version upgrades are allowed. Changing this parameter doesn't result in an outage and the change is asynchronously applied as soon as possible. This parameter must be set to true when specifying a value for the EngineVersion parameter that is a different major version than the DB instance's current version.\n\nWhen you change this parameter for an existing DB cluster, CloudFormation will replace your existing DB cluster with a new, empty one that uses the engine version you specified.", - "title": "AllowMajorVersionUpgrade", - "type": "boolean" - }, - "AutoMinorVersionUpgrade": { - "markdownDescription": "Indicates that minor version patches are applied automatically.\n\nWhen updating this property, some interruptions may occur.", - "title": "AutoMinorVersionUpgrade", - "type": "boolean" - }, - "AvailabilityZone": { - "markdownDescription": "Specifies the name of the Availability Zone the DB instance is located in.", - "title": "AvailabilityZone", - "type": "string" - }, - "DBClusterIdentifier": { - "markdownDescription": "If the DB instance is a member of a DB cluster, contains the name of the DB cluster that the DB instance is a member of.", - "title": "DBClusterIdentifier", - "type": "string" - }, - "DBInstanceClass": { - "markdownDescription": "Contains the name of the compute and memory capacity class of the DB instance.\n\nIf you update this property, some interruptions may occur.", - "title": "DBInstanceClass", - "type": "string" - }, - "DBInstanceIdentifier": { - "markdownDescription": "Contains a user-supplied database identifier. This identifier is the unique key that identifies a DB instance.", - "title": "DBInstanceIdentifier", - "type": "string" - }, - "DBParameterGroupName": { - "markdownDescription": "The name of an existing DB parameter group or a reference to an AWS::Neptune::DBParameterGroup resource created in the template. If any of the data members of the referenced parameter group are changed during an update, the DB instance might need to be restarted, which causes some interruption. If the parameter group contains static parameters, whether they were changed or not, an update triggers a reboot.", - "title": "DBParameterGroupName", - "type": "string" - }, - "DBSnapshotIdentifier": { - "markdownDescription": "This parameter is not supported.\n\n`AWS::Neptune::DBInstance` does not support restoring from snapshots.\n\n`AWS::Neptune::DBCluster` does support restoring from snapshots.", - "title": "DBSnapshotIdentifier", - "type": "string" - }, - "DBSubnetGroupName": { - "markdownDescription": "A DB subnet group to associate with the DB instance. If you update this value, the new subnet group must be a subnet group in a new virtual private cloud (VPC).", - "title": "DBSubnetGroupName", - "type": "string" - }, - "PreferredMaintenanceWindow": { - "markdownDescription": "Specifies the weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).", - "title": "PreferredMaintenanceWindow", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An arbitrary set of tags (key-value pairs) for this DB instance.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "DBInstanceClass" - ], - "type": "object" + "Destination": { + "$ref": "#/definitions/AWS::Lex::Bot.AudioLogDestination", + "markdownDescription": "Specifies the location of the audio log files collected when conversation logging is enabled for a bot.", + "title": "Destination" }, - "Type": { - "enum": [ - "AWS::Neptune::DBInstance" - ], - "type": "string" + "Enabled": { + "markdownDescription": "Determines whether audio logging in enabled for the bot.", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "Destination", + "Enabled" + ], + "type": "object" + }, + "AWS::Lex::Bot.AudioSpecification": { + "additionalProperties": false, + "properties": { + "EndTimeoutMs": { + "markdownDescription": "Time for which a bot waits after the customer stops speaking to assume the utterance is finished.", + "title": "EndTimeoutMs", + "type": "number" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "MaxLengthMs": { + "markdownDescription": "Time for how long Amazon Lex waits before speech input is truncated and the speech is returned to application.", + "title": "MaxLengthMs", + "type": "number" } }, "required": [ - "Type", - "Properties" + "EndTimeoutMs", + "MaxLengthMs" ], "type": "object" }, - "AWS::Neptune::DBParameterGroup": { + "AWS::Lex::Bot.BKBExactResponseFields": { "additionalProperties": false, "properties": { - "Condition": { + "AnswerField": { + "markdownDescription": "", + "title": "AnswerField", "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + } + }, + "type": "object" + }, + "AWS::Lex::Bot.BedrockAgentConfiguration": { + "additionalProperties": false, + "properties": { + "BedrockAgentAliasId": { + "markdownDescription": "", + "title": "BedrockAgentAliasId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "Provides the customer-specified description for this DB parameter group.", - "title": "Description", - "type": "string" - }, - "Family": { - "markdownDescription": "Must be `neptune1` for engine versions prior to [1.2.0.0](https://docs.aws.amazon.com/neptune/latest/userguide/engine-releases-1.2.0.0.html) , or `neptune1.2` for engine version `1.2.0.0` and higher.", - "title": "Family", - "type": "string" - }, - "Name": { - "markdownDescription": "Provides the name of the DB parameter group.", - "title": "Name", - "type": "string" - }, - "Parameters": { - "markdownDescription": "The parameters to set for this DB parameter group.\n\nThe parameters are expressed as a JSON object consisting of key-value pairs.\n\nChanges to dynamic parameters are applied immediately. During an update, if you have static parameters (whether they were changed or not), it triggers AWS CloudFormation to reboot the associated DB instance without failover.", - "title": "Parameters", - "type": "object" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags that you want to attach to this parameter group.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Description", - "Family", - "Parameters" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Neptune::DBParameterGroup" - ], + "BedrockAgentId": { + "markdownDescription": "", + "title": "BedrockAgentId", "type": "string" + } + }, + "type": "object" + }, + "AWS::Lex::Bot.BedrockAgentIntentConfiguration": { + "additionalProperties": false, + "properties": { + "BedrockAgentConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.BedrockAgentConfiguration", + "markdownDescription": "", + "title": "BedrockAgentConfiguration" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "BedrockAgentIntentKnowledgeBaseConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.BedrockAgentIntentKnowledgeBaseConfiguration", + "markdownDescription": "", + "title": "BedrockAgentIntentKnowledgeBaseConfiguration" + } + }, + "type": "object" + }, + "AWS::Lex::Bot.BedrockAgentIntentKnowledgeBaseConfiguration": { + "additionalProperties": false, + "properties": { + "BedrockKnowledgeBaseArn": { + "markdownDescription": "", + "title": "BedrockKnowledgeBaseArn", "type": "string" + }, + "BedrockModelConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.BedrockModelSpecification", + "markdownDescription": "", + "title": "BedrockModelConfiguration" } }, "required": [ - "Type", - "Properties" + "BedrockKnowledgeBaseArn", + "BedrockModelConfiguration" ], "type": "object" }, - "AWS::Neptune::DBSubnetGroup": { + "AWS::Lex::Bot.BedrockGuardrailConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "BedrockGuardrailIdentifier": { + "markdownDescription": "", + "title": "BedrockGuardrailIdentifier", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "BedrockGuardrailVersion": { + "markdownDescription": "", + "title": "BedrockGuardrailVersion", "type": "string" + } + }, + "type": "object" + }, + "AWS::Lex::Bot.BedrockKnowledgeStoreConfiguration": { + "additionalProperties": false, + "properties": { + "BKBExactResponseFields": { + "$ref": "#/definitions/AWS::Lex::Bot.BKBExactResponseFields", + "markdownDescription": "", + "title": "BKBExactResponseFields" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "BedrockKnowledgeBaseArn": { + "markdownDescription": "The base ARN of the knowledge base used.", + "title": "BedrockKnowledgeBaseArn", + "type": "string" }, - "Metadata": { - "type": "object" + "ExactResponse": { + "markdownDescription": "Specifies whether to return an exact response, or to return an answer generated by the model, using the fields you specify from the database.", + "title": "ExactResponse", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::Lex::Bot.BedrockModelSpecification": { + "additionalProperties": false, + "properties": { + "BedrockGuardrailConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.BedrockGuardrailConfiguration", + "markdownDescription": "", + "title": "BedrockGuardrailConfiguration" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DBSubnetGroupDescription": { - "markdownDescription": "Provides the description of the DB subnet group.", - "title": "DBSubnetGroupDescription", - "type": "string" - }, - "DBSubnetGroupName": { - "markdownDescription": "The name of the DB subnet group.", - "title": "DBSubnetGroupName", - "type": "string" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon EC2 subnet IDs for the DB subnet group.", - "title": "SubnetIds", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags that you want to attach to the DB subnet group.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "DBSubnetGroupDescription", - "SubnetIds" - ], - "type": "object" + "BedrockModelCustomPrompt": { + "markdownDescription": "", + "title": "BedrockModelCustomPrompt", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Neptune::DBSubnetGroup" - ], + "BedrockTraceStatus": { + "markdownDescription": "", + "title": "BedrockTraceStatus", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ModelArn": { + "markdownDescription": "The ARN of the foundation model used in descriptive bot building.", + "title": "ModelArn", "type": "string" } }, "required": [ - "Type", - "Properties" + "ModelArn" ], "type": "object" }, - "AWS::NeptuneGraph::Graph": { + "AWS::Lex::Bot.BotAliasLocaleSettings": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "CodeHookSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.CodeHookSpecification", + "markdownDescription": "Specifies the Lambda function that should be used in the locale.", + "title": "CodeHookSpecification" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DeletionProtection": { - "markdownDescription": "A value that indicates whether the graph has deletion protection enabled. The graph can't be deleted when deletion protection is enabled.", - "title": "DeletionProtection", - "type": "boolean" - }, - "GraphName": { - "markdownDescription": "The graph name. For example: `my-graph-1` .\n\nThe name must contain from 1 to 63 letters, numbers, or hyphens, and its first character must be a letter. It cannot end with a hyphen or contain two consecutive hyphens.\n\nIf you don't specify a graph name, a unique graph name is generated for you using the prefix `graph-for` , followed by a combination of `Stack Name` and a `UUID` .", - "title": "GraphName", - "type": "string" - }, - "ProvisionedMemory": { - "markdownDescription": "The provisioned memory-optimized Neptune Capacity Units (m-NCUs) to use for the graph.\n\nMin = 16", - "title": "ProvisionedMemory", - "type": "number" - }, - "PublicConnectivity": { - "markdownDescription": "Specifies whether or not the graph can be reachable over the internet. All access to graphs is IAM authenticated.\n\nWhen the graph is publicly available, its domain name system (DNS) endpoint resolves to the public IP address from the internet. When the graph isn't publicly available, you need to create a `PrivateGraphEndpoint` in a given VPC to ensure the DNS name resolves to a private IP address that is reachable from the VPC.\n\nDefault: If not specified, the default value is false.\n\n> If enabling public connectivity for the first time, there will be a delay while it is enabled.", - "title": "PublicConnectivity", - "type": "boolean" - }, - "ReplicaCount": { - "markdownDescription": "The number of replicas in other AZs.\n\nDefault: If not specified, the default value is 1.", - "title": "ReplicaCount", - "type": "number" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Adds metadata tags to the new graph. These tags can also be used with cost allocation reporting, or used in a Condition statement in an IAM policy.", - "title": "Tags", - "type": "array" - }, - "VectorSearchConfiguration": { - "$ref": "#/definitions/AWS::NeptuneGraph::Graph.VectorSearchConfiguration", - "markdownDescription": "Specifies the number of dimensions for vector embeddings that will be loaded into the graph. The value is specified as `dimension=` value. Max = 65,535", - "title": "VectorSearchConfiguration" - } - }, - "required": [ - "ProvisionedMemory" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::NeptuneGraph::Graph" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Enabled": { + "markdownDescription": "Determines whether the locale is enabled for the bot. If the value is `false` , the locale isn't available for use.", + "title": "Enabled", + "type": "boolean" } }, "required": [ - "Type", - "Properties" + "Enabled" ], "type": "object" }, - "AWS::NeptuneGraph::Graph.VectorSearchConfiguration": { + "AWS::Lex::Bot.BotAliasLocaleSettingsItem": { "additionalProperties": false, "properties": { - "VectorSearchDimension": { - "markdownDescription": "The number of dimensions.", - "title": "VectorSearchDimension", - "type": "number" + "BotAliasLocaleSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.BotAliasLocaleSettings", + "markdownDescription": "Specifies locale settings for a locale.", + "title": "BotAliasLocaleSetting" + }, + "LocaleId": { + "markdownDescription": "Specifies the locale that the settings apply to.", + "title": "LocaleId", + "type": "string" } }, "required": [ - "VectorSearchDimension" + "BotAliasLocaleSetting", + "LocaleId" ], "type": "object" }, - "AWS::NeptuneGraph::PrivateGraphEndpoint": { + "AWS::Lex::Bot.BotLocale": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "CustomVocabulary": { + "$ref": "#/definitions/AWS::Lex::Bot.CustomVocabulary", + "markdownDescription": "Specifies a custom vocabulary to use with a specific locale.", + "title": "CustomVocabulary" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Description": { + "markdownDescription": "A description of the bot locale. Use this to help identify the bot locale in lists.", + "title": "Description", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "GenerativeAISettings": { + "$ref": "#/definitions/AWS::Lex::Bot.GenerativeAISettings", + "markdownDescription": "", + "title": "GenerativeAISettings" }, - "Properties": { - "additionalProperties": false, - "properties": { - "GraphIdentifier": { - "markdownDescription": "The unique identifier of the Neptune Analytics graph.", - "title": "GraphIdentifier", - "type": "string" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "Security groups to be attached to the private graph endpoint..", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "Subnets in which private graph endpoint ENIs are created.", - "title": "SubnetIds", - "type": "array" - }, - "VpcId": { - "markdownDescription": "The VPC in which the private graph endpoint needs to be created.", - "title": "VpcId", - "type": "string" - } + "Intents": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.Intent" }, - "required": [ - "GraphIdentifier", - "VpcId" - ], - "type": "object" + "markdownDescription": "One or more intents defined for the locale.", + "title": "Intents", + "type": "array" }, - "Type": { - "enum": [ - "AWS::NeptuneGraph::PrivateGraphEndpoint" - ], + "LocaleId": { + "markdownDescription": "The identifier of the language and locale that the bot will be used in. The string must match one of the supported locales.", + "title": "LocaleId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "NluConfidenceThreshold": { + "markdownDescription": "Determines the threshold where Amazon Lex will insert the `AMAZON.FallbackIntent` , `AMAZON.KendraSearchIntent` , or both when returning alternative intents. You must configure an `AMAZON.FallbackIntent` . `AMAZON.KendraSearchIntent` is only inserted if it is configured for the bot.", + "title": "NluConfidenceThreshold", + "type": "number" + }, + "SlotTypes": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotType" + }, + "markdownDescription": "One or more slot types defined for the locale.", + "title": "SlotTypes", + "type": "array" + }, + "VoiceSettings": { + "$ref": "#/definitions/AWS::Lex::Bot.VoiceSettings", + "markdownDescription": "Defines settings for using an Amazon Polly voice to communicate with a user.\n\nValid values include:\n\n- `standard`\n- `neural`\n- `long-form`\n- `generative`", + "title": "VoiceSettings" } }, "required": [ - "Type", - "Properties" + "LocaleId", + "NluConfidenceThreshold" ], "type": "object" }, - "AWS::NetworkFirewall::Firewall": { + "AWS::Lex::Bot.BuildtimeSettings": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DeleteProtection": { - "markdownDescription": "A flag indicating whether it is possible to delete the firewall. A setting of `TRUE` indicates that the firewall is protected against deletion. Use this setting to protect against accidentally deleting a firewall that is in use. When you create a firewall, the operation initializes this flag to `TRUE` .", - "title": "DeleteProtection", - "type": "boolean" - }, - "Description": { - "markdownDescription": "A description of the firewall.", - "title": "Description", - "type": "string" - }, - "FirewallName": { - "markdownDescription": "The descriptive name of the firewall. You can't change the name of a firewall after you create it.", - "title": "FirewallName", - "type": "string" - }, - "FirewallPolicyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the firewall policy.\n\nThe relationship of firewall to firewall policy is many to one. Each firewall requires one firewall policy association, and you can use the same firewall policy for multiple firewalls.", - "title": "FirewallPolicyArn", - "type": "string" - }, - "FirewallPolicyChangeProtection": { - "markdownDescription": "A setting indicating whether the firewall is protected against a change to the firewall policy association. Use this setting to protect against accidentally modifying the firewall policy for a firewall that is in use. When you create a firewall, the operation initializes this setting to `TRUE` .", - "title": "FirewallPolicyChangeProtection", - "type": "boolean" - }, - "SubnetChangeProtection": { - "markdownDescription": "A setting indicating whether the firewall is protected against changes to the subnet associations. Use this setting to protect against accidentally modifying the subnet associations for a firewall that is in use. When you create a firewall, the operation initializes this setting to `TRUE` .", - "title": "SubnetChangeProtection", - "type": "boolean" - }, - "SubnetMappings": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::Firewall.SubnetMapping" - }, - "markdownDescription": "The primary public subnets that Network Firewall is using for the firewall. Network Firewall creates a firewall endpoint in each subnet. Create a subnet mapping for each Availability Zone where you want to use the firewall.\n\nThese subnets are all defined for a single, primary VPC, and each must belong to a different Availability Zone. Each of these subnets establishes the availability of the firewall in its Availability Zone.\n\nIn addition to these subnets, you can define other endpoints for the firewall in `VpcEndpointAssociation` resources. You can define these additional endpoints for any VPC, and for any of the Availability Zones where the firewall resource already has a subnet mapping. VPC endpoint associations give you the ability to protect multiple VPCs using a single firewall, and to define multiple firewall endpoints for a VPC in a single Availability Zone.", - "title": "SubnetMappings", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - }, - "VpcId": { - "markdownDescription": "The unique identifier of the VPC where the firewall is in use. You can't change the VPC of a firewall after you create the firewall.", - "title": "VpcId", - "type": "string" - } - }, - "required": [ - "FirewallName", - "FirewallPolicyArn", - "SubnetMappings", - "VpcId" - ], - "type": "object" + "DescriptiveBotBuilderSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.DescriptiveBotBuilderSpecification", + "markdownDescription": "", + "title": "DescriptiveBotBuilderSpecification" }, - "Type": { - "enum": [ - "AWS::NetworkFirewall::Firewall" - ], + "SampleUtteranceGenerationSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.SampleUtteranceGenerationSpecification", + "markdownDescription": "", + "title": "SampleUtteranceGenerationSpecification" + } + }, + "type": "object" + }, + "AWS::Lex::Bot.Button": { + "additionalProperties": false, + "properties": { + "Text": { + "markdownDescription": "The text that appears on the button. Use this to tell the user what value is returned when they choose this button.", + "title": "Text", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Value": { + "markdownDescription": "The value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.", + "title": "Value", "type": "string" } }, "required": [ - "Type", - "Properties" + "Text", + "Value" ], "type": "object" }, - "AWS::NetworkFirewall::Firewall.SubnetMapping": { + "AWS::Lex::Bot.CloudWatchLogGroupLogDestination": { "additionalProperties": false, "properties": { - "IPAddressType": { - "markdownDescription": "The subnet's IP address type. You can't change the IP address type after you create the subnet.", - "title": "IPAddressType", + "CloudWatchLogGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the log group where text and metadata logs are delivered.", + "title": "CloudWatchLogGroupArn", "type": "string" }, - "SubnetId": { - "markdownDescription": "The unique identifier for the subnet.", - "title": "SubnetId", + "LogPrefix": { + "markdownDescription": "The prefix of the log stream name within the log group that you specified", + "title": "LogPrefix", "type": "string" } }, "required": [ - "SubnetId" + "CloudWatchLogGroupArn", + "LogPrefix" ], "type": "object" }, - "AWS::NetworkFirewall::FirewallPolicy": { + "AWS::Lex::Bot.CodeHookSpecification": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description of the firewall policy.", - "title": "Description", - "type": "string" - }, - "FirewallPolicy": { - "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.FirewallPolicy", - "markdownDescription": "The traffic filtering behavior of a firewall policy, defined in a collection of stateless and stateful rule groups and other settings.", - "title": "FirewallPolicy" - }, - "FirewallPolicyName": { - "markdownDescription": "The descriptive name of the firewall policy. You can't change the name of a firewall policy after you create it.", - "title": "FirewallPolicyName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "FirewallPolicy", - "FirewallPolicyName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::NetworkFirewall::FirewallPolicy" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "LambdaCodeHook": { + "$ref": "#/definitions/AWS::Lex::Bot.LambdaCodeHook", + "markdownDescription": "Specifies a Lambda function that verifies requests to a bot or fulfills the user's request to a bot.", + "title": "LambdaCodeHook" } }, "required": [ - "Type", - "Properties" + "LambdaCodeHook" ], "type": "object" }, - "AWS::NetworkFirewall::FirewallPolicy.ActionDefinition": { + "AWS::Lex::Bot.CompositeSlotTypeSetting": { "additionalProperties": false, "properties": { - "PublishMetricAction": { - "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.PublishMetricAction", - "markdownDescription": "Stateless inspection criteria that publishes the specified metrics to Amazon CloudWatch for the matching packet. This setting defines a CloudWatch dimension value to be published.\n\nYou can pair this custom action with any of the standard stateless rule actions. For example, you could pair this in a rule action with the standard action that forwards the packet for stateful inspection. Then, when a packet matches the rule, Network Firewall publishes metrics for the packet and forwards it.", - "title": "PublishMetricAction" + "SubSlots": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.SubSlotTypeComposition" + }, + "markdownDescription": "Subslots in the composite slot.", + "title": "SubSlots", + "type": "array" } }, "type": "object" }, - "AWS::NetworkFirewall::FirewallPolicy.CustomAction": { + "AWS::Lex::Bot.Condition": { "additionalProperties": false, "properties": { - "ActionDefinition": { - "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.ActionDefinition", - "markdownDescription": "The custom action associated with the action name.", - "title": "ActionDefinition" - }, - "ActionName": { - "markdownDescription": "The descriptive name of the custom action. You can't change the name of a custom action after you create it.", - "title": "ActionName", + "ExpressionString": { + "markdownDescription": "The expression string that is evaluated.", + "title": "ExpressionString", "type": "string" } }, "required": [ - "ActionDefinition", - "ActionName" + "ExpressionString" ], "type": "object" }, - "AWS::NetworkFirewall::FirewallPolicy.Dimension": { + "AWS::Lex::Bot.ConditionalBranch": { "additionalProperties": false, "properties": { - "Value": { - "markdownDescription": "The value to use in the custom metric dimension.", - "title": "Value", + "Condition": { + "$ref": "#/definitions/AWS::Lex::Bot.Condition", + "markdownDescription": "Contains the expression to evaluate. If the condition is true, the branch's actions are taken.", + "title": "Condition" + }, + "Name": { + "markdownDescription": "The name of the branch.", + "title": "Name", "type": "string" + }, + "NextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "The next step in the conversation.", + "title": "NextStep" + }, + "Response": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input.", + "title": "Response" } }, "required": [ - "Value" + "Condition", + "Name", + "NextStep" ], "type": "object" }, - "AWS::NetworkFirewall::FirewallPolicy.FirewallPolicy": { + "AWS::Lex::Bot.ConditionalSpecification": { "additionalProperties": false, "properties": { - "PolicyVariables": { - "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.PolicyVariables", - "markdownDescription": "Contains variables that you can use to override default Suricata settings in your firewall policy.", - "title": "PolicyVariables" - }, - "StatefulDefaultActions": { - "items": { - "type": "string" - }, - "markdownDescription": "The default actions to take on a packet that doesn't match any stateful rules. The stateful default action is optional, and is only valid when using the strict rule order.\n\nValid values of the stateful default action:\n\n- aws:drop_strict\n- aws:drop_established\n- aws:alert_strict\n- aws:alert_established\n\nFor more information, see [Strict evaluation order](https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html#suricata-strict-rule-evaluation-order.html) in the *AWS Network Firewall Developer Guide* .", - "title": "StatefulDefaultActions", - "type": "array" - }, - "StatefulEngineOptions": { - "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.StatefulEngineOptions", - "markdownDescription": "Additional options governing how Network Firewall handles stateful rules. The stateful rule groups that you use in your policy must have stateful rule options settings that are compatible with these settings.", - "title": "StatefulEngineOptions" - }, - "StatefulRuleGroupReferences": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.StatefulRuleGroupReference" - }, - "markdownDescription": "References to the stateful rule groups that are used in the policy. These define the inspection criteria in stateful rules.", - "title": "StatefulRuleGroupReferences", - "type": "array" - }, - "StatelessCustomActions": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.CustomAction" - }, - "markdownDescription": "The custom action definitions that are available for use in the firewall policy's `StatelessDefaultActions` setting. You name each custom action that you define, and then you can use it by name in your default actions specifications.", - "title": "StatelessCustomActions", - "type": "array" - }, - "StatelessDefaultActions": { - "items": { - "type": "string" - }, - "markdownDescription": "The actions to take on a packet if it doesn't match any of the stateless rules in the policy. If you want non-matching packets to be forwarded for stateful inspection, specify `aws:forward_to_sfe` .\n\nYou must specify one of the standard actions: `aws:pass` , `aws:drop` , or `aws:forward_to_sfe` . In addition, you can specify custom actions that are compatible with your standard section choice.\n\nFor example, you could specify `[\"aws:pass\"]` or you could specify `[\"aws:pass\", \u201ccustomActionName\u201d]` . For information about compatibility, see the custom action descriptions.", - "title": "StatelessDefaultActions", - "type": "array" - }, - "StatelessFragmentDefaultActions": { + "ConditionalBranches": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalBranch" }, - "markdownDescription": "The actions to take on a fragmented packet if it doesn't match any of the stateless rules in the policy. If you want non-matching fragmented packets to be forwarded for stateful inspection, specify `aws:forward_to_sfe` .\n\nYou must specify one of the standard actions: `aws:pass` , `aws:drop` , or `aws:forward_to_sfe` . In addition, you can specify custom actions that are compatible with your standard section choice.\n\nFor example, you could specify `[\"aws:pass\"]` or you could specify `[\"aws:pass\", \u201ccustomActionName\u201d]` . For information about compatibility, see the custom action descriptions.", - "title": "StatelessFragmentDefaultActions", + "markdownDescription": "A list of conditional branches. A conditional branch is made up of a condition, a response and a next step. The response and next step are executed when the condition is true.", + "title": "ConditionalBranches", "type": "array" }, - "StatelessRuleGroupReferences": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.StatelessRuleGroupReference" - }, - "markdownDescription": "References to the stateless rule groups that are used in the policy. These define the matching criteria in stateless rules.", - "title": "StatelessRuleGroupReferences", - "type": "array" + "DefaultBranch": { + "$ref": "#/definitions/AWS::Lex::Bot.DefaultConditionalBranch", + "markdownDescription": "The conditional branch that should be followed when the conditions for other branches are not satisfied. A conditional branch is made up of a condition, a response and a next step.", + "title": "DefaultBranch" }, - "TLSInspectionConfigurationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the TLS inspection configuration.", - "title": "TLSInspectionConfigurationArn", - "type": "string" + "IsActive": { + "markdownDescription": "Determines whether a conditional branch is active. When `IsActive` is false, the conditions are not evaluated.", + "title": "IsActive", + "type": "boolean" } }, "required": [ - "StatelessDefaultActions", - "StatelessFragmentDefaultActions" + "ConditionalBranches", + "DefaultBranch", + "IsActive" ], "type": "object" }, - "AWS::NetworkFirewall::FirewallPolicy.IPSet": { + "AWS::Lex::Bot.ConversationLogSettings": { "additionalProperties": false, "properties": { - "Definition": { + "AudioLogSettings": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Lex::Bot.AudioLogSetting" }, - "markdownDescription": "The list of IP addresses and address ranges, in CIDR notation.", - "title": "Definition", + "markdownDescription": "The Amazon S3 settings for logging audio to an S3 bucket.", + "title": "AudioLogSettings", + "type": "array" + }, + "TextLogSettings": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.TextLogSetting" + }, + "markdownDescription": "The Amazon CloudWatch Logs settings for logging text and metadata.", + "title": "TextLogSettings", "type": "array" } }, "type": "object" }, - "AWS::NetworkFirewall::FirewallPolicy.PolicyVariables": { + "AWS::Lex::Bot.CustomPayload": { "additionalProperties": false, "properties": { - "RuleVariables": { - "additionalProperties": false, - "markdownDescription": "The IPv4 or IPv6 addresses in CIDR notation to use for the Suricata `HOME_NET` variable. If your firewall uses an inspection VPC, you might want to override the `HOME_NET` variable with the CIDRs of your home networks. If you don't override `HOME_NET` with your own CIDRs, Network Firewall by default uses the CIDR of your inspection VPC.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.IPSet" - } - }, - "title": "RuleVariables", - "type": "object" + "Value": { + "markdownDescription": "The string that is sent to your application.", + "title": "Value", + "type": "string" } }, + "required": [ + "Value" + ], "type": "object" }, - "AWS::NetworkFirewall::FirewallPolicy.PublishMetricAction": { + "AWS::Lex::Bot.CustomVocabulary": { "additionalProperties": false, "properties": { - "Dimensions": { + "CustomVocabularyItems": { "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.Dimension" + "$ref": "#/definitions/AWS::Lex::Bot.CustomVocabularyItem" }, - "markdownDescription": "", - "title": "Dimensions", + "markdownDescription": "Specifies a list of words that you expect to be used during a conversation with your bot.", + "title": "CustomVocabularyItems", "type": "array" } }, "required": [ - "Dimensions" + "CustomVocabularyItems" ], "type": "object" }, - "AWS::NetworkFirewall::FirewallPolicy.StatefulEngineOptions": { + "AWS::Lex::Bot.CustomVocabularyItem": { "additionalProperties": false, "properties": { - "RuleOrder": { - "markdownDescription": "Indicates how to manage the order of stateful rule evaluation for the policy. `DEFAULT_ACTION_ORDER` is the default behavior. Stateful rules are provided to the rule engine as Suricata compatible strings, and Suricata evaluates them based on certain settings. For more information, see [Evaluation order for stateful rules](https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html) in the *AWS Network Firewall Developer Guide* .", - "title": "RuleOrder", + "DisplayAs": { + "markdownDescription": "The DisplayAs value for the custom vocabulary item from the custom vocabulary list.", + "title": "DisplayAs", "type": "string" }, - "StreamExceptionPolicy": { - "markdownDescription": "Configures how Network Firewall processes traffic when a network connection breaks midstream. Network connections can break due to disruptions in external networks or within the firewall itself.\n\n- `DROP` - Network Firewall fails closed and drops all subsequent traffic going to the firewall. This is the default behavior.\n- `CONTINUE` - Network Firewall continues to apply rules to the subsequent traffic without context from traffic before the break. This impacts the behavior of rules that depend on this context. For example, if you have a stateful rule to `drop http` traffic, Network Firewall won't match the traffic for this rule because the service won't have the context from session initialization defining the application layer protocol as HTTP. However, this behavior is rule dependent\u2014a TCP-layer rule using a `flow:stateless` rule would still match, as would the `aws:drop_strict` default action.\n- `REJECT` - Network Firewall fails closed and drops all subsequent traffic going to the firewall. Network Firewall also sends a TCP reject packet back to your client so that the client can immediately establish a new session. Network Firewall will have context about the new session and will apply rules to the subsequent traffic.", - "title": "StreamExceptionPolicy", + "Phrase": { + "markdownDescription": "Specifies 1 - 4 words that should be recognized.", + "title": "Phrase", "type": "string" + }, + "Weight": { + "markdownDescription": "Specifies the degree to which the phrase recognition is boosted. The default value is 1.", + "title": "Weight", + "type": "number" } }, + "required": [ + "Phrase" + ], "type": "object" }, - "AWS::NetworkFirewall::FirewallPolicy.StatefulRuleGroupOverride": { + "AWS::Lex::Bot.DTMFSpecification": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The action that changes the rule group from `DROP` to `ALERT` . This only applies to managed rule groups.", - "title": "Action", + "DeletionCharacter": { + "markdownDescription": "The DTMF character that clears the accumulated DTMF digits and immediately ends the input.", + "title": "DeletionCharacter", "type": "string" - } - }, - "type": "object" - }, - "AWS::NetworkFirewall::FirewallPolicy.StatefulRuleGroupReference": { - "additionalProperties": false, - "properties": { - "Override": { - "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.StatefulRuleGroupOverride", - "markdownDescription": "The action that allows the policy owner to override the behavior of the rule group within a policy.", - "title": "Override" }, - "Priority": { - "markdownDescription": "An integer setting that indicates the order in which to run the stateful rule groups in a single `FirewallPolicy` . This setting only applies to firewall policies that specify the `STRICT_ORDER` rule order in the stateful engine options settings.\n\nNetwork Firewall evalutes each stateful rule group against a packet starting with the group that has the lowest priority setting. You must ensure that the priority settings are unique within each policy.\n\nYou can change the priority settings of your rule groups at any time. To make it easier to insert rule groups later, number them so there's a wide range in between, for example use 100, 200, and so on.", - "title": "Priority", + "EndCharacter": { + "markdownDescription": "The DTMF character that immediately ends input. If the user does not press this character, the input ends after the end timeout.", + "title": "EndCharacter", + "type": "string" + }, + "EndTimeoutMs": { + "markdownDescription": "How long the bot should wait after the last DTMF character input before assuming that the input has concluded.", + "title": "EndTimeoutMs", "type": "number" }, - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the stateful rule group.", - "title": "ResourceArn", - "type": "string" + "MaxLength": { + "markdownDescription": "The maximum number of DTMF digits allowed in an utterance.", + "title": "MaxLength", + "type": "number" } }, "required": [ - "ResourceArn" + "DeletionCharacter", + "EndCharacter", + "EndTimeoutMs", + "MaxLength" ], "type": "object" }, - "AWS::NetworkFirewall::FirewallPolicy.StatelessRuleGroupReference": { + "AWS::Lex::Bot.DataPrivacy": { "additionalProperties": false, "properties": { - "Priority": { - "markdownDescription": "An integer setting that indicates the order in which to run the stateless rule groups in a single `FirewallPolicy` . Network Firewall applies each stateless rule group to a packet starting with the group that has the lowest priority setting. You must ensure that the priority settings are unique within each policy.", - "title": "Priority", - "type": "number" - }, - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the stateless rule group.", - "title": "ResourceArn", - "type": "string" + "ChildDirected": { + "markdownDescription": "For each Amazon Lex bot created with the Amazon Lex Model Building Service, you must specify whether your use of Amazon Lex is related to a website, program, or other application that is directed or targeted, in whole or in part, to children under age 13 and subject to the Children's Online Privacy Protection Act (COPPA) by specifying `true` or `false` in the `childDirected` field. By specifying `true` in the `childDirected` field, you confirm that your use of Amazon Lex *is* related to a website, program, or other application that is directed or targeted, in whole or in part, to children under age 13 and subject to COPPA. By specifying `false` in the `childDirected` field, you confirm that your use of Amazon Lex *is not* related to a website, program, or other application that is directed or targeted, in whole or in part, to children under age 13 and subject to COPPA. You may not specify a default value for the `childDirected` field that does not accurately reflect whether your use of Amazon Lex is related to a website, program, or other application that is directed or targeted, in whole or in part, to children under age 13 and subject to COPPA. If your use of Amazon Lex relates to a website, program, or other application that is directed in whole or in part, to children under age 13, you must obtain any required verifiable parental consent under COPPA. For information regarding the use of Amazon Lex in connection with websites, programs, or other applications that are directed or targeted, in whole or in part, to children under age 13, see the [Amazon Lex FAQ](https://docs.aws.amazon.com/lex/faqs#data-security) .", + "title": "ChildDirected", + "type": "boolean" } }, "required": [ - "Priority", - "ResourceArn" + "ChildDirected" ], "type": "object" }, - "AWS::NetworkFirewall::LoggingConfiguration": { + "AWS::Lex::Bot.DataSourceConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "FirewallArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the `Firewall` that the logging configuration is associated with. You can't change the firewall specification after you create the logging configuration.", - "title": "FirewallArn", - "type": "string" - }, - "FirewallName": { - "markdownDescription": "The name of the firewall that the logging configuration is associated with. You can't change the firewall specification after you create the logging configuration.", - "title": "FirewallName", - "type": "string" - }, - "LoggingConfiguration": { - "$ref": "#/definitions/AWS::NetworkFirewall::LoggingConfiguration.LoggingConfiguration", - "markdownDescription": "Defines how AWS Network Firewall performs logging for a `Firewall` .", - "title": "LoggingConfiguration" - } - }, - "required": [ - "FirewallArn", - "LoggingConfiguration" - ], - "type": "object" + "BedrockKnowledgeStoreConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.BedrockKnowledgeStoreConfiguration", + "markdownDescription": "Contains details about the configuration of the Amazon Bedrock knowledge base used for the `AMAZON.QnAIntent` . To set up a knowledge base, follow the steps at [Building a knowledge base](https://docs.aws.amazon.com/bedrock/latest/userguide/knowledge-base.html) .", + "title": "BedrockKnowledgeStoreConfiguration" }, - "Type": { - "enum": [ - "AWS::NetworkFirewall::LoggingConfiguration" - ], - "type": "string" + "KendraConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.QnAKendraConfiguration", + "markdownDescription": "Contains details about the configuration of the Amazon Kendra index used for the `AMAZON.QnAIntent` . To create a Amazon Kendra index, follow the steps at [Creating an index](https://docs.aws.amazon.com/kendra/latest/dg/create-index.html) .", + "title": "KendraConfiguration" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "OpensearchConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.OpensearchConfiguration", + "markdownDescription": "Contains details about the configuration of the Amazon OpenSearch Service database used for the `AMAZON.QnAIntent` . To create a domain, follow the steps at [Creating and managing Amazon OpenSearch Service domains](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/createupdatedomains.html) .", + "title": "OpensearchConfiguration" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::NetworkFirewall::LoggingConfiguration.LogDestinationConfig": { + "AWS::Lex::Bot.DefaultConditionalBranch": { "additionalProperties": false, "properties": { - "LogDestination": { - "additionalProperties": true, - "markdownDescription": "The named location for the logs, provided in a key:value mapping that is specific to the chosen destination type.\n\n- For an Amazon S3 bucket, provide the name of the bucket, with key `bucketName` , and optionally provide a prefix, with key `prefix` .\n\nThe following example specifies an Amazon S3 bucket named `DOC-EXAMPLE-BUCKET` and the prefix `alerts` :\n\n`\"LogDestination\": { \"bucketName\": \"DOC-EXAMPLE-BUCKET\", \"prefix\": \"alerts\" }`\n- For a CloudWatch log group, provide the name of the CloudWatch log group, with key `logGroup` . The following example specifies a log group named `alert-log-group` :\n\n`\"LogDestination\": { \"logGroup\": \"alert-log-group\" }`\n- For a Firehose delivery stream, provide the name of the delivery stream, with key `deliveryStream` . The following example specifies a delivery stream named `alert-delivery-stream` :\n\n`\"LogDestination\": { \"deliveryStream\": \"alert-delivery-stream\" }`", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "LogDestination", - "type": "object" - }, - "LogDestinationType": { - "markdownDescription": "The type of storage destination to send these logs to. You can send logs to an Amazon S3 bucket, a CloudWatch log group, or a Firehose delivery stream.", - "title": "LogDestinationType", - "type": "string" + "NextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "The next step in the conversation.", + "title": "NextStep" }, - "LogType": { - "markdownDescription": "The type of log to record. You can record the following types of logs from your Network Firewall stateful engine.\n\n- `ALERT` - Logs for traffic that matches your stateful rules and that have an action that sends an alert. A stateful rule sends alerts for the rule actions DROP, ALERT, and REJECT. For more information, see the `StatefulRule` property.\n- `FLOW` - Standard network traffic flow logs. The stateful rules engine records flow logs for all network traffic that it receives. Each flow log record captures the network flow for a specific standard stateless rule group.\n- `TLS` - Logs for events that are related to TLS inspection. For more information, see [Inspecting SSL/TLS traffic with TLS inspection configurations](https://docs.aws.amazon.com/network-firewall/latest/developerguide/tls-inspection-configurations.html) in the *Network Firewall Developer Guide* .", - "title": "LogType", - "type": "string" + "Response": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input.", + "title": "Response" } }, - "required": [ - "LogDestination", - "LogDestinationType", - "LogType" - ], "type": "object" }, - "AWS::NetworkFirewall::LoggingConfiguration.LoggingConfiguration": { + "AWS::Lex::Bot.DescriptiveBotBuilderSpecification": { "additionalProperties": false, "properties": { - "LogDestinationConfigs": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::LoggingConfiguration.LogDestinationConfig" - }, - "markdownDescription": "Defines the logging destinations for the logs for a firewall. Network Firewall generates logs for stateful rule groups.", - "title": "LogDestinationConfigs", - "type": "array" + "BedrockModelSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.BedrockModelSpecification", + "markdownDescription": "An object containing information about the Amazon Bedrock model used to interpret the prompt used in descriptive bot building.", + "title": "BedrockModelSpecification" + }, + "Enabled": { + "markdownDescription": "Specifies whether the descriptive bot building feature is activated or not.", + "title": "Enabled", + "type": "boolean" } }, "required": [ - "LogDestinationConfigs" + "Enabled" ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup": { + "AWS::Lex::Bot.DialogAction": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SlotToElicit": { + "markdownDescription": "If the dialog action is `ElicitSlot` , defines the slot to elicit from the user.", + "title": "SlotToElicit", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Capacity": { - "markdownDescription": "The maximum operating resources that this rule group can use. You can't change a rule group's capacity setting after you create the rule group. When you update a rule group, you are limited to this capacity. When you reference a rule group from a firewall policy, Network Firewall reserves this capacity for the rule group.", - "title": "Capacity", - "type": "number" - }, - "Description": { - "markdownDescription": "A description of the rule group.", - "title": "Description", - "type": "string" - }, - "RuleGroup": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.RuleGroup", - "markdownDescription": "An object that defines the rule group rules.", - "title": "RuleGroup" - }, - "RuleGroupName": { - "markdownDescription": "The descriptive name of the rule group. You can't change the name of a rule group after you create it.", - "title": "RuleGroupName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - }, - "Type": { - "markdownDescription": "Indicates whether the rule group is stateless or stateful. If the rule group is stateless, it contains\nstateless rules. If it is stateful, it contains stateful rules.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Capacity", - "RuleGroupName", - "Type" - ], - "type": "object" + "SuppressNextMessage": { + "markdownDescription": "When true the next message for the intent is not used.", + "title": "SuppressNextMessage", + "type": "boolean" }, "Type": { - "enum": [ - "AWS::NetworkFirewall::RuleGroup" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "markdownDescription": "The action that the bot should execute.", + "title": "Type", "type": "string" } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.ActionDefinition": { + "AWS::Lex::Bot.DialogCodeHookInvocationSetting": { "additionalProperties": false, "properties": { - "PublishMetricAction": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.PublishMetricAction", - "markdownDescription": "Stateless inspection criteria that publishes the specified metrics to Amazon CloudWatch for the matching packet. This setting defines a CloudWatch dimension value to be published.\n\nYou can pair this custom action with any of the standard stateless rule actions. For example, you could pair this in a rule action with the standard action that forwards the packet for stateful inspection. Then, when a packet matches the rule, Network Firewall publishes metrics for the packet and forwards it.", - "title": "PublishMetricAction" + "EnableCodeHookInvocation": { + "markdownDescription": "Indicates whether a Lambda function should be invoked for the dialog.", + "title": "EnableCodeHookInvocation", + "type": "boolean" + }, + "InvocationLabel": { + "markdownDescription": "A label that indicates the dialog step from which the dialog code hook is happening.", + "title": "InvocationLabel", + "type": "string" + }, + "IsActive": { + "markdownDescription": "Determines whether a dialog code hook is used when the intent is activated.", + "title": "IsActive", + "type": "boolean" + }, + "PostCodeHookSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.PostDialogCodeHookInvocationSpecification", + "markdownDescription": "Contains the responses and actions that Amazon Lex takes after the Lambda function is complete.", + "title": "PostCodeHookSpecification" } }, + "required": [ + "EnableCodeHookInvocation", + "IsActive", + "PostCodeHookSpecification" + ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.Address": { + "AWS::Lex::Bot.DialogCodeHookSetting": { "additionalProperties": false, "properties": { - "AddressDefinition": { - "markdownDescription": "Specify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4 and IPv6.\n\nExamples:\n\n- To configure Network Firewall to inspect for the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n- To configure Network Firewall to inspect for the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure Network Firewall to inspect for IP addresses from 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .", - "title": "AddressDefinition", - "type": "string" + "Enabled": { + "markdownDescription": "Enables the dialog code hook so that it processes user requests.", + "title": "Enabled", + "type": "boolean" } }, "required": [ - "AddressDefinition" + "Enabled" ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.CustomAction": { + "AWS::Lex::Bot.DialogState": { "additionalProperties": false, "properties": { - "ActionDefinition": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.ActionDefinition", - "markdownDescription": "The custom action associated with the action name.", - "title": "ActionDefinition" + "DialogAction": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogAction", + "markdownDescription": "Defines the action that the bot executes at runtime when the conversation reaches this step.", + "title": "DialogAction" }, - "ActionName": { - "markdownDescription": "The descriptive name of the custom action. You can't change the name of a custom action after you create it.", - "title": "ActionName", - "type": "string" + "Intent": { + "$ref": "#/definitions/AWS::Lex::Bot.IntentOverride", + "markdownDescription": "Override settings to configure the intent state.", + "title": "Intent" + }, + "SessionAttributes": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.SessionAttribute" + }, + "markdownDescription": "Map of key/value pairs representing session-specific context information. It contains application information passed between Amazon Lex and a client application.", + "title": "SessionAttributes", + "type": "array" } }, - "required": [ - "ActionDefinition", - "ActionName" - ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.Dimension": { + "AWS::Lex::Bot.ElicitationCodeHookInvocationSetting": { "additionalProperties": false, "properties": { - "Value": { - "markdownDescription": "The value to use in the custom metric dimension.", - "title": "Value", + "EnableCodeHookInvocation": { + "markdownDescription": "Indicates whether a Lambda function should be invoked for the dialog.", + "title": "EnableCodeHookInvocation", + "type": "boolean" + }, + "InvocationLabel": { + "markdownDescription": "A label that indicates the dialog step from which the dialog code hook is happening.", + "title": "InvocationLabel", "type": "string" } }, "required": [ - "Value" + "EnableCodeHookInvocation" ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.Header": { + "AWS::Lex::Bot.ExactResponseFields": { "additionalProperties": false, "properties": { - "Destination": { - "markdownDescription": "The destination IP address or address range to inspect for, in CIDR notation. To match with any address, specify `ANY` .\n\nSpecify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4 and IPv6.\n\nExamples:\n\n- To configure Network Firewall to inspect for the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n- To configure Network Firewall to inspect for the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure Network Firewall to inspect for IP addresses from 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .", - "title": "Destination", - "type": "string" - }, - "DestinationPort": { - "markdownDescription": "The destination port to inspect for. You can specify an individual port, for example `1994` and you can specify a port range, for example `1990:1994` . To match with any port, specify `ANY` .", - "title": "DestinationPort", - "type": "string" - }, - "Direction": { - "markdownDescription": "The direction of traffic flow to inspect. If set to `ANY` , the inspection matches bidirectional traffic, both from the source to the destination and from the destination to the source. If set to `FORWARD` , the inspection only matches traffic going from the source to the destination.", - "title": "Direction", - "type": "string" - }, - "Protocol": { - "markdownDescription": "The protocol to inspect for. To specify all, you can use `IP` , because all traffic on AWS and on the internet is IP.", - "title": "Protocol", - "type": "string" - }, - "Source": { - "markdownDescription": "The source IP address or address range to inspect for, in CIDR notation. To match with any address, specify `ANY` .\n\nSpecify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4 and IPv6.\n\nExamples:\n\n- To configure Network Firewall to inspect for the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n- To configure Network Firewall to inspect for the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure Network Firewall to inspect for IP addresses from 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .", - "title": "Source", + "AnswerField": { + "markdownDescription": "The name of the field that contains the answer to the query made to the OpenSearch Service database.", + "title": "AnswerField", "type": "string" }, - "SourcePort": { - "markdownDescription": "The source port to inspect for. You can specify an individual port, for example `1994` and you can specify a port range, for example `1990:1994` . To match with any port, specify `ANY` .", - "title": "SourcePort", + "QuestionField": { + "markdownDescription": "The name of the field that contains the query made to the OpenSearch Service database.", + "title": "QuestionField", "type": "string" } }, - "required": [ - "Destination", - "DestinationPort", - "Direction", - "Protocol", - "Source", - "SourcePort" - ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.IPSet": { + "AWS::Lex::Bot.ExternalSourceSetting": { "additionalProperties": false, "properties": { - "Definition": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of IP addresses and address ranges, in CIDR notation.", - "title": "Definition", - "type": "array" + "GrammarSlotTypeSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.GrammarSlotTypeSetting", + "markdownDescription": "Settings required for a slot type based on a grammar that you provide.", + "title": "GrammarSlotTypeSetting" } }, "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.IPSetReference": { + "AWS::Lex::Bot.FulfillmentCodeHookSetting": { "additionalProperties": false, "properties": { - "ReferenceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource to include in the `RuleGroup.IPSetReference` .", - "title": "ReferenceArn", - "type": "string" + "Enabled": { + "markdownDescription": "Indicates whether a Lambda function should be invoked to fulfill a specific intent.", + "title": "Enabled", + "type": "boolean" + }, + "FulfillmentUpdatesSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.FulfillmentUpdatesSpecification", + "markdownDescription": "Provides settings for update messages sent to the user for long-running Lambda fulfillment functions. Fulfillment updates can be used only with streaming conversations.", + "title": "FulfillmentUpdatesSpecification" + }, + "IsActive": { + "markdownDescription": "Determines whether the fulfillment code hook is used. When `active` is false, the code hook doesn't run.", + "title": "IsActive", + "type": "boolean" + }, + "PostFulfillmentStatusSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.PostFulfillmentStatusSpecification", + "markdownDescription": "Provides settings for messages sent to the user for after the Lambda fulfillment function completes. Post-fulfillment messages can be sent for both streaming and non-streaming conversations.", + "title": "PostFulfillmentStatusSpecification" } }, + "required": [ + "Enabled" + ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.MatchAttributes": { + "AWS::Lex::Bot.FulfillmentStartResponseSpecification": { "additionalProperties": false, "properties": { - "DestinationPorts": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.PortRange" - }, - "markdownDescription": "The destination port to inspect for. You can specify an individual port, for example `1994` and you can specify a port range, for example `1990:1994` . To match with any port, specify `ANY` .\n\nThis setting is only used for protocols 6 (TCP) and 17 (UDP).", - "title": "DestinationPorts", - "type": "array" - }, - "Destinations": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.Address" - }, - "markdownDescription": "The destination IP addresses and address ranges to inspect for, in CIDR notation. If not specified, this matches with any destination address.", - "title": "Destinations", - "type": "array" + "AllowInterrupt": { + "markdownDescription": "Determines whether the user can interrupt the start message while it is playing.", + "title": "AllowInterrupt", + "type": "boolean" }, - "Protocols": { - "items": { - "type": "number" - }, - "markdownDescription": "The protocols to inspect for, specified using the assigned internet protocol number (IANA) for each protocol. If not specified, this matches with any protocol.", - "title": "Protocols", - "type": "array" + "DelayInSeconds": { + "markdownDescription": "The delay between when the Lambda fulfillment function starts running and the start message is played. If the Lambda function returns before the delay is over, the start message isn't played.", + "title": "DelayInSeconds", + "type": "number" }, - "SourcePorts": { + "MessageGroups": { "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.PortRange" + "$ref": "#/definitions/AWS::Lex::Bot.MessageGroup" }, - "markdownDescription": "The source port to inspect for. You can specify an individual port, for example `1994` and you can specify a port range, for example `1990:1994` . To match with any port, specify `ANY` .\n\nIf not specified, this matches with any source port.\n\nThis setting is only used for protocols 6 (TCP) and 17 (UDP).", - "title": "SourcePorts", + "markdownDescription": "1 - 5 message groups that contain start messages. Amazon Lex chooses one of the messages to play to the user.", + "title": "MessageGroups", "type": "array" + } + }, + "required": [ + "DelayInSeconds", + "MessageGroups" + ], + "type": "object" + }, + "AWS::Lex::Bot.FulfillmentUpdateResponseSpecification": { + "additionalProperties": false, + "properties": { + "AllowInterrupt": { + "markdownDescription": "Determines whether the user can interrupt an update message while it is playing.", + "title": "AllowInterrupt", + "type": "boolean" }, - "Sources": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.Address" - }, - "markdownDescription": "The source IP addresses and address ranges to inspect for, in CIDR notation. If not specified, this matches with any source address.", - "title": "Sources", - "type": "array" + "FrequencyInSeconds": { + "markdownDescription": "The frequency that a message is sent to the user. When the period ends, Amazon Lex chooses a message from the message groups and plays it to the user. If the fulfillment Lambda returns before the first period ends, an update message is not played to the user.", + "title": "FrequencyInSeconds", + "type": "number" }, - "TCPFlags": { + "MessageGroups": { "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.TCPFlagField" + "$ref": "#/definitions/AWS::Lex::Bot.MessageGroup" }, - "markdownDescription": "The TCP flags and masks to inspect for. If not specified, this matches with any settings. This setting is only used for protocol 6 (TCP).", - "title": "TCPFlags", + "markdownDescription": "1 - 5 message groups that contain update messages. Amazon Lex chooses one of the messages to play to the user.", + "title": "MessageGroups", "type": "array" } }, + "required": [ + "FrequencyInSeconds", + "MessageGroups" + ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.PortRange": { + "AWS::Lex::Bot.FulfillmentUpdatesSpecification": { "additionalProperties": false, "properties": { - "FromPort": { - "markdownDescription": "The lower limit of the port range. This must be less than or equal to the `ToPort` specification.", - "title": "FromPort", - "type": "number" + "Active": { + "markdownDescription": "Determines whether fulfillment updates are sent to the user. When this field is true, updates are sent.\n\nIf the `active` field is set to true, the `startResponse` , `updateResponse` , and `timeoutInSeconds` fields are required.", + "title": "Active", + "type": "boolean" }, - "ToPort": { - "markdownDescription": "The upper limit of the port range. This must be greater than or equal to the `FromPort` specification.", - "title": "ToPort", + "StartResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.FulfillmentStartResponseSpecification", + "markdownDescription": "Provides configuration information for the message sent to users when the fulfillment Lambda functions starts running.", + "title": "StartResponse" + }, + "TimeoutInSeconds": { + "markdownDescription": "The length of time that the fulfillment Lambda function should run before it times out.", + "title": "TimeoutInSeconds", "type": "number" + }, + "UpdateResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.FulfillmentUpdateResponseSpecification", + "markdownDescription": "Provides configuration information for messages sent periodically to the user while the fulfillment Lambda function is running.", + "title": "UpdateResponse" } }, "required": [ - "FromPort", - "ToPort" + "Active" ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.PortSet": { + "AWS::Lex::Bot.GenerativeAISettings": { "additionalProperties": false, "properties": { - "Definition": { - "items": { - "type": "string" - }, - "markdownDescription": "The set of port ranges.", - "title": "Definition", - "type": "array" + "BuildtimeSettings": { + "$ref": "#/definitions/AWS::Lex::Bot.BuildtimeSettings", + "markdownDescription": "", + "title": "BuildtimeSettings" + }, + "RuntimeSettings": { + "$ref": "#/definitions/AWS::Lex::Bot.RuntimeSettings", + "markdownDescription": "", + "title": "RuntimeSettings" } }, "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.PublishMetricAction": { + "AWS::Lex::Bot.GrammarSlotTypeSetting": { "additionalProperties": false, "properties": { - "Dimensions": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.Dimension" - }, - "markdownDescription": "", - "title": "Dimensions", - "type": "array" + "Source": { + "$ref": "#/definitions/AWS::Lex::Bot.GrammarSlotTypeSource", + "markdownDescription": "The source of the grammar used to create the slot type.", + "title": "Source" } }, - "required": [ - "Dimensions" - ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.ReferenceSets": { + "AWS::Lex::Bot.GrammarSlotTypeSource": { "additionalProperties": false, "properties": { - "IPSetReferences": { - "additionalProperties": false, - "markdownDescription": "The IP set references to use in the stateful rule group.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.IPSetReference" - } - }, - "title": "IPSetReferences", - "type": "object" + "KmsKeyArn": { + "markdownDescription": "The AWS KMS key required to decrypt the contents of the grammar, if any.", + "title": "KmsKeyArn", + "type": "string" + }, + "S3BucketName": { + "markdownDescription": "The name of the Amazon S3 bucket that contains the grammar source.", + "title": "S3BucketName", + "type": "string" + }, + "S3ObjectKey": { + "markdownDescription": "The path to the grammar in the Amazon S3 bucket.", + "title": "S3ObjectKey", + "type": "string" } }, + "required": [ + "S3BucketName", + "S3ObjectKey" + ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.RuleDefinition": { + "AWS::Lex::Bot.ImageResponseCard": { "additionalProperties": false, "properties": { - "Actions": { + "Buttons": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Lex::Bot.Button" }, - "markdownDescription": "The actions to take on a packet that matches one of the stateless rule definition's match attributes. You must specify a standard action and you can add custom actions.\n\n> Network Firewall only forwards a packet for stateful rule inspection if you specify `aws:forward_to_sfe` for a rule that the packet matches, or if the packet doesn't match any stateless rule and you specify `aws:forward_to_sfe` for the `StatelessDefaultActions` setting for the `FirewallPolicy` . \n\nFor every rule, you must specify exactly one of the following standard actions.\n\n- *aws:pass* - Discontinues all inspection of the packet and permits it to go to its intended destination.\n- *aws:drop* - Discontinues all inspection of the packet and blocks it from going to its intended destination.\n- *aws:forward_to_sfe* - Discontinues stateless inspection of the packet and forwards it to the stateful rule engine for inspection.\n\nAdditionally, you can specify a custom action. To do this, you define a custom action by name and type, then provide the name you've assigned to the action in this `Actions` setting.\n\nTo provide more than one action in this setting, separate the settings with a comma. For example, if you have a publish metrics custom action that you've named `MyMetricsAction` , then you could specify the standard action `aws:pass` combined with the custom action using `[\u201caws:pass\u201d, \u201cMyMetricsAction\u201d]` .", - "title": "Actions", + "markdownDescription": "A list of buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button.", + "title": "Buttons", "type": "array" }, - "MatchAttributes": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.MatchAttributes", - "markdownDescription": "Criteria for Network Firewall to use to inspect an individual packet in stateless rule inspection. Each match attributes set can include one or more items such as IP address, CIDR range, port number, protocol, and TCP flags.", - "title": "MatchAttributes" + "ImageUrl": { + "markdownDescription": "The URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.", + "title": "ImageUrl", + "type": "string" + }, + "Subtitle": { + "markdownDescription": "The subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.", + "title": "Subtitle", + "type": "string" + }, + "Title": { + "markdownDescription": "The title to display on the response card. The format of the title is determined by the platform displaying the response card.", + "title": "Title", + "type": "string" } }, "required": [ - "Actions", - "MatchAttributes" + "Title" ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.RuleGroup": { + "AWS::Lex::Bot.InitialResponseSetting": { "additionalProperties": false, "properties": { - "ReferenceSets": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.ReferenceSets", - "markdownDescription": "The reference sets for the stateful rule group.", - "title": "ReferenceSets" + "CodeHook": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogCodeHookInvocationSetting", + "markdownDescription": "Settings that specify the dialog code hook that is called by Amazon Lex at a step of the conversation.", + "title": "CodeHook" }, - "RuleVariables": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.RuleVariables", - "markdownDescription": "Settings that are available for use in the rules in the rule group. You can only use these for stateful rule groups.", - "title": "RuleVariables" + "Conditional": { + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", + "markdownDescription": "Provides a list of conditional branches. Branches are evaluated in the order that they are entered in the list. The first branch with a condition that evaluates to true is executed. The last branch in the list is the default branch. The default branch should not have any condition expression. The default branch is executed if no other branch has a matching condition.", + "title": "Conditional" }, - "RulesSource": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.RulesSource", - "markdownDescription": "The stateful rules or stateless rules for the rule group.", - "title": "RulesSource" + "InitialResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input.", + "title": "InitialResponse" }, - "StatefulRuleOptions": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.StatefulRuleOptions", - "markdownDescription": "Additional options governing how Network Firewall handles stateful rules. The policies where you use your stateful rule group must have stateful rule options settings that are compatible with these settings. Some limitations apply; for more information, see [Strict evaluation order](https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-limitations-caveats.html) in the *AWS Network Firewall Developer Guide* .", - "title": "StatefulRuleOptions" + "NextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "The next step in the conversation.", + "title": "NextStep" + } + }, + "type": "object" + }, + "AWS::Lex::Bot.InputContext": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the context.", + "title": "Name", + "type": "string" } }, "required": [ - "RulesSource" + "Name" ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.RuleOption": { + "AWS::Lex::Bot.Intent": { "additionalProperties": false, "properties": { - "Keyword": { - "markdownDescription": "The Suricata rule option keywords. For Network Firewall , the keyword signature ID (sid) is required in the format `sid:112233` . The sid must be unique within the rule group. For information about Suricata rule option keywords, see [Rule options](https://docs.aws.amazon.com/https://suricata.readthedocs.io/en/suricata-6.0.9/rules/intro.html#rule-options) .", - "title": "Keyword", + "BedrockAgentIntentConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.BedrockAgentIntentConfiguration", + "markdownDescription": "", + "title": "BedrockAgentIntentConfiguration" + }, + "Description": { + "markdownDescription": "A description of the intent. Use the description to help identify the intent in lists.", + "title": "Description", "type": "string" }, - "Settings": { + "DialogCodeHook": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogCodeHookSetting", + "markdownDescription": "Specifies that Amazon Lex invokes the alias Lambda function for each user input. You can invoke this Lambda function to personalize user interaction.", + "title": "DialogCodeHook" + }, + "FulfillmentCodeHook": { + "$ref": "#/definitions/AWS::Lex::Bot.FulfillmentCodeHookSetting", + "markdownDescription": "Specifies that Amazon Lex invokes the alias Lambda function when the intent is ready for fulfillment. You can invoke this function to complete the bot's transaction with the user.", + "title": "FulfillmentCodeHook" + }, + "InitialResponseSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.InitialResponseSetting", + "markdownDescription": "Configuration setting for a response sent to the user before Amazon Lex starts eliciting slots.", + "title": "InitialResponseSetting" + }, + "InputContexts": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Lex::Bot.InputContext" }, - "markdownDescription": "The Suricata rule option settings. Settings have zero or more values, and the number of possible settings and required settings depends on the keyword. The format for Settings is `number` . For information about Suricata rule option settings, see [Rule options](https://docs.aws.amazon.com/https://suricata.readthedocs.io/en/suricata-6.0.9/rules/intro.html#rule-options) .", - "title": "Settings", + "markdownDescription": "A list of contexts that must be active for this intent to be considered by Amazon Lex .", + "title": "InputContexts", + "type": "array" + }, + "IntentClosingSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.IntentClosingSetting", + "markdownDescription": "Sets the response that Amazon Lex sends to the user when the intent is closed.", + "title": "IntentClosingSetting" + }, + "IntentConfirmationSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.IntentConfirmationSetting", + "markdownDescription": "Provides prompts that Amazon Lex sends to the user to confirm the completion of an intent. If the user answers \"no,\" the settings contain a statement that is sent to the user to end the intent.", + "title": "IntentConfirmationSetting" + }, + "KendraConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.KendraConfiguration", + "markdownDescription": "Provides configuration information for the `AMAZON.KendraSearchIntent` intent. When you use this intent, Amazon Lex searches the specified Amazon Kendra index and returns documents from the index that match the user's utterance.", + "title": "KendraConfiguration" + }, + "Name": { + "markdownDescription": "The name of the intent. Intent names must be unique within the locale that contains the intent and can't match the name of any built-in intent.", + "title": "Name", + "type": "string" + }, + "OutputContexts": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.OutputContext" + }, + "markdownDescription": "A list of contexts that the intent activates when it is fulfilled.", + "title": "OutputContexts", + "type": "array" + }, + "ParentIntentSignature": { + "markdownDescription": "A unique identifier for the built-in intent to base this intent on.", + "title": "ParentIntentSignature", + "type": "string" + }, + "QInConnectIntentConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.QInConnectIntentConfiguration", + "markdownDescription": "", + "title": "QInConnectIntentConfiguration" + }, + "QnAIntentConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.QnAIntentConfiguration", + "markdownDescription": "", + "title": "QnAIntentConfiguration" + }, + "SampleUtterances": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.SampleUtterance" + }, + "markdownDescription": "A list of utterances that a user might say to signal the intent.", + "title": "SampleUtterances", + "type": "array" + }, + "SlotPriorities": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotPriority" + }, + "markdownDescription": "Indicates the priority for slots. Amazon Lex prompts the user for slot values in priority order.", + "title": "SlotPriorities", + "type": "array" + }, + "Slots": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.Slot" + }, + "markdownDescription": "A list of slots that the intent requires for fulfillment.", + "title": "Slots", "type": "array" } }, "required": [ - "Keyword" + "Name" ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.RuleVariables": { + "AWS::Lex::Bot.IntentClosingSetting": { "additionalProperties": false, "properties": { - "IPSets": { - "additionalProperties": false, - "markdownDescription": "A list of IP addresses and address ranges, in CIDR notation.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.IPSet" - } - }, - "title": "IPSets", - "type": "object" + "ClosingResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "The response that Amazon Lex sends to the user when the intent is complete.", + "title": "ClosingResponse" }, - "PortSets": { - "additionalProperties": false, - "markdownDescription": "A list of port ranges.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.PortSet" - } - }, - "title": "PortSets", - "type": "object" + "Conditional": { + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", + "markdownDescription": "A list of conditional branches associated with the intent's closing response. These branches are executed when the `nextStep` attribute is set to `EvalutateConditional` .", + "title": "Conditional" + }, + "IsActive": { + "markdownDescription": "Specifies whether an intent's closing response is used. When this field is false, the closing response isn't sent to the user. If the `IsActive` field isn't specified, the default is true.", + "title": "IsActive", + "type": "boolean" + }, + "NextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "Specifies the next step that the bot executes after playing the intent's closing response.", + "title": "NextStep" } }, "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.RulesSource": { + "AWS::Lex::Bot.IntentConfirmationSetting": { "additionalProperties": false, "properties": { - "RulesSourceList": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.RulesSourceList", - "markdownDescription": "Stateful inspection criteria for a domain list rule group.", - "title": "RulesSourceList" + "CodeHook": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogCodeHookInvocationSetting", + "markdownDescription": "The `DialogCodeHookInvocationSetting` object associated with intent's confirmation step. The dialog code hook is triggered based on these invocation settings when the confirmation next step or declination next step or failure next step is `InvokeDialogCodeHook` .", + "title": "CodeHook" }, - "RulesString": { - "markdownDescription": "Stateful inspection criteria, provided in Suricata compatible rules. Suricata is an open-source threat detection framework that includes a standard rule-based language for network traffic inspection.\n\nThese rules contain the inspection criteria and the action to take for traffic that matches the criteria, so this type of rule group doesn't have a separate action setting.\n\n> You can't use the `priority` keyword if the `RuleOrder` option in `StatefulRuleOptions` is set to `STRICT_ORDER` .", - "title": "RulesString", - "type": "string" + "ConfirmationConditional": { + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", + "markdownDescription": "A list of conditional branches to evaluate after the intent is closed.", + "title": "ConfirmationConditional" }, - "StatefulRules": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.StatefulRule" - }, - "markdownDescription": "An array of individual stateful rules inspection criteria to be used together in a stateful rule group. Use this option to specify simple Suricata rules with protocol, source and destination, ports, direction, and rule options. For information about the Suricata `Rules` format, see [Rules Format](https://docs.aws.amazon.com/https://suricata.readthedocs.io/en/suricata-7.0.3/rules/intro.html) .", - "title": "StatefulRules", - "type": "array" + "ConfirmationNextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "Specifies the next step that the bot executes when the customer confirms the intent.", + "title": "ConfirmationNextStep" }, - "StatelessRulesAndCustomActions": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.StatelessRulesAndCustomActions", - "markdownDescription": "Stateless inspection criteria to be used in a stateless rule group.", - "title": "StatelessRulesAndCustomActions" + "ConfirmationResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input.", + "title": "ConfirmationResponse" + }, + "DeclinationConditional": { + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", + "markdownDescription": "A list of conditional branches to evaluate after the intent is declined.", + "title": "DeclinationConditional" + }, + "DeclinationNextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "Specifies the next step that the bot executes when the customer declines the intent.", + "title": "DeclinationNextStep" + }, + "DeclinationResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "When the user answers \"no\" to the question defined in `promptSpecification` , Amazon Lex responds with this response to acknowledge that the intent was canceled.", + "title": "DeclinationResponse" + }, + "ElicitationCodeHook": { + "$ref": "#/definitions/AWS::Lex::Bot.ElicitationCodeHookInvocationSetting", + "markdownDescription": "The `DialogCodeHookInvocationSetting` used when the code hook is invoked during confirmation prompt retries.", + "title": "ElicitationCodeHook" + }, + "FailureConditional": { + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", + "markdownDescription": "Provides a list of conditional branches. Branches are evaluated in the order that they are entered in the list. The first branch with a condition that evaluates to true is executed. The last branch in the list is the default branch. The default branch should not have any condition expression. The default branch is executed if no other branch has a matching condition.", + "title": "FailureConditional" + }, + "FailureNextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "The next step to take in the conversation if the confirmation step fails.", + "title": "FailureNextStep" + }, + "FailureResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input when the intent confirmation fails.", + "title": "FailureResponse" + }, + "IsActive": { + "markdownDescription": "Specifies whether the intent's confirmation is sent to the user. When this field is false, confirmation and declination responses aren't sent. If the `IsActive` field isn't specified, the default is true.", + "title": "IsActive", + "type": "boolean" + }, + "PromptSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.PromptSpecification", + "markdownDescription": "Prompts the user to confirm the intent. This question should have a yes or no answer.\n\nAmazon Lex uses this prompt to ensure that the user acknowledges that the intent is ready for fulfillment. For example, with the `OrderPizza` intent, you might want to confirm that the order is correct before placing it. For other intents, such as intents that simply respond to user questions, you might not need to ask the user for confirmation before providing the information.", + "title": "PromptSpecification" } }, + "required": [ + "PromptSpecification" + ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.RulesSourceList": { + "AWS::Lex::Bot.IntentOverride": { "additionalProperties": false, "properties": { - "GeneratedRulesType": { - "markdownDescription": "Whether you want to allow or deny access to the domains in your target list.", - "title": "GeneratedRulesType", + "Name": { + "markdownDescription": "The name of the intent. Only required when you're switching intents.", + "title": "Name", "type": "string" }, - "TargetTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The types of targets to inspect for. Valid values are `TLS_SNI` and `HTTP_HOST` .", - "title": "TargetTypes", - "type": "array" - }, - "Targets": { + "Slots": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Lex::Bot.SlotValueOverrideMap" }, - "markdownDescription": "The domains that you want to inspect for in your traffic flows. Valid domain specifications are the following:\n\n- Explicit names. For example, `abc.example.com` matches only the domain `abc.example.com` .\n- Names that use a domain wildcard, which you indicate with an initial ' `.` '. For example, `.example.com` matches `example.com` and matches all subdomains of `example.com` , such as `abc.example.com` and `www.example.com` .", - "title": "Targets", + "markdownDescription": "A map of all of the slot value overrides for the intent. The name of the slot maps to the value of the slot. Slots that are not included in the map aren't overridden.", + "title": "Slots", "type": "array" } }, - "required": [ - "GeneratedRulesType", - "TargetTypes", - "Targets" - ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.StatefulRule": { + "AWS::Lex::Bot.KendraConfiguration": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "Defines what Network Firewall should do with the packets in a traffic flow when the flow matches the stateful rule criteria. For all actions, Network Firewall performs the specified action and discontinues stateful inspection of the traffic flow.\n\nThe actions for a stateful rule are defined as follows:\n\n- *PASS* - Permits the packets to go to the intended destination.\n- *DROP* - Blocks the packets from going to the intended destination and sends an alert log message, if alert logging is configured in the `Firewall` `LoggingConfiguration` .\n- *REJECT* - Drops traffic that matches the conditions of the stateful rule and sends a TCP reset packet back to sender of the packet. A TCP reset packet is a packet with no payload and a `RST` bit contained in the TCP header flags. `REJECT` is available only for TCP traffic.\n- *ALERT* - Permits the packets to go to the intended destination and sends an alert log message, if alert logging is configured in the `Firewall` `LoggingConfiguration` .\n\nYou can use this action to test a rule that you intend to use to drop traffic. You can enable the rule with `ALERT` action, verify in the logs that the rule is filtering as you want, then change the action to `DROP` .\n- *REJECT* - Drops TCP traffic that matches the conditions of the stateful rule, and sends a TCP reset packet back to sender of the packet. A TCP reset packet is a packet with no payload and a `RST` bit contained in the TCP header flags. Also sends an alert log mesage if alert logging is configured in the `Firewall` `LoggingConfiguration` .\n\n`REJECT` isn't currently available for use with IMAP and FTP protocols.", - "title": "Action", + "KendraIndex": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Kendra index that you want the `AMAZON.KendraSearchIntent` intent to search. The index must be in the same account and Region as the Amazon Lex bot.", + "title": "KendraIndex", "type": "string" }, - "Header": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.Header", - "markdownDescription": "The stateful inspection criteria for this rule, used to inspect traffic flows.", - "title": "Header" + "QueryFilterString": { + "markdownDescription": "A query filter that Amazon Lex sends to Amazon Kendra to filter the response from a query. The filter is in the format defined by Amazon Kendra. For more information, see [Filtering queries](https://docs.aws.amazon.com/kendra/latest/dg/filtering.html) .", + "title": "QueryFilterString", + "type": "string" }, - "RuleOptions": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.RuleOption" - }, - "markdownDescription": "Additional settings for a stateful rule, provided as keywords and settings.", - "title": "RuleOptions", - "type": "array" + "QueryFilterStringEnabled": { + "markdownDescription": "Determines whether the `AMAZON.KendraSearchIntent` intent uses a custom query string to query the Amazon Kendra index.", + "title": "QueryFilterStringEnabled", + "type": "boolean" } }, "required": [ - "Action", - "Header", - "RuleOptions" + "KendraIndex" ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.StatefulRuleOptions": { + "AWS::Lex::Bot.LambdaCodeHook": { "additionalProperties": false, "properties": { - "RuleOrder": { - "markdownDescription": "Indicates how to manage the order of the rule evaluation for the rule group. `DEFAULT_ACTION_ORDER` is the default behavior. Stateful rules are provided to the rule engine as Suricata compatible strings, and Suricata evaluates them based on certain settings. For more information, see [Evaluation order for stateful rules](https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html) in the *AWS Network Firewall Developer Guide* .", - "title": "RuleOrder", + "CodeHookInterfaceVersion": { + "markdownDescription": "The version of the request-response that you want Amazon Lex to use to invoke your Lambda function.", + "title": "CodeHookInterfaceVersion", + "type": "string" + }, + "LambdaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function.", + "title": "LambdaArn", "type": "string" } }, + "required": [ + "CodeHookInterfaceVersion", + "LambdaArn" + ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.StatelessRule": { + "AWS::Lex::Bot.Message": { "additionalProperties": false, "properties": { - "Priority": { - "markdownDescription": "Indicates the order in which to run this rule relative to all of the rules that are defined for a stateless rule group. Network Firewall evaluates the rules in a rule group starting with the lowest priority setting. You must ensure that the priority settings are unique for the rule group.\n\nEach stateless rule group uses exactly one `StatelessRulesAndCustomActions` object, and each `StatelessRulesAndCustomActions` contains exactly one `StatelessRules` object. To ensure unique priority settings for your rule groups, set unique priorities for the stateless rules that you define inside any single `StatelessRules` object.\n\nYou can change the priority settings of your rules at any time. To make it easier to insert rules later, number them so there's a wide range in between, for example use 100, 200, and so on.", - "title": "Priority", - "type": "number" + "CustomPayload": { + "$ref": "#/definitions/AWS::Lex::Bot.CustomPayload", + "markdownDescription": "A message in a custom format defined by the client application.", + "title": "CustomPayload" }, - "RuleDefinition": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.RuleDefinition", - "markdownDescription": "Defines the stateless 5-tuple packet inspection criteria and the action to take on a packet that matches the criteria.", - "title": "RuleDefinition" + "ImageResponseCard": { + "$ref": "#/definitions/AWS::Lex::Bot.ImageResponseCard", + "markdownDescription": "A message that defines a response card that the client application can show to the user.", + "title": "ImageResponseCard" + }, + "PlainTextMessage": { + "$ref": "#/definitions/AWS::Lex::Bot.PlainTextMessage", + "markdownDescription": "A message in plain text format.", + "title": "PlainTextMessage" + }, + "SSMLMessage": { + "$ref": "#/definitions/AWS::Lex::Bot.SSMLMessage", + "markdownDescription": "A message in Speech Synthesis Markup Language (SSML).", + "title": "SSMLMessage" } }, - "required": [ - "Priority", - "RuleDefinition" - ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.StatelessRulesAndCustomActions": { + "AWS::Lex::Bot.MessageGroup": { "additionalProperties": false, "properties": { - "CustomActions": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.CustomAction" - }, - "markdownDescription": "Defines an array of individual custom action definitions that are available for use by the stateless rules in this `StatelessRulesAndCustomActions` specification. You name each custom action that you define, and then you can use it by name in your stateless rule `RuleGroup.RuleDefinition` `Actions` specification.", - "title": "CustomActions", - "type": "array" + "Message": { + "$ref": "#/definitions/AWS::Lex::Bot.Message", + "markdownDescription": "The primary message that Amazon Lex should send to the user.", + "title": "Message" }, - "StatelessRules": { + "Variations": { "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.StatelessRule" + "$ref": "#/definitions/AWS::Lex::Bot.Message" }, - "markdownDescription": "Defines the set of stateless rules for use in a stateless rule group.", - "title": "StatelessRules", + "markdownDescription": "Message variations to send to the user. When variations are defined, Amazon Lex chooses the primary message or one of the variations to send to the user.", + "title": "Variations", "type": "array" } }, "required": [ - "StatelessRules" + "Message" ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.TCPFlagField": { + "AWS::Lex::Bot.MultipleValuesSetting": { "additionalProperties": false, "properties": { - "Flags": { - "items": { - "type": "string" - }, - "markdownDescription": "Used in conjunction with the `Masks` setting to define the flags that must be set and flags that must not be set in order for the packet to match. This setting can only specify values that are also specified in the `Masks` setting.\n\nFor the flags that are specified in the masks setting, the following must be true for the packet to match:\n\n- The ones that are set in this flags setting must be set in the packet.\n- The ones that are not set in this flags setting must also not be set in the packet.", - "title": "Flags", - "type": "array" - }, - "Masks": { - "items": { - "type": "string" - }, - "markdownDescription": "The set of flags to consider in the inspection. To inspect all flags in the valid values list, leave this with no setting.", - "title": "Masks", - "type": "array" + "AllowMultipleValues": { + "markdownDescription": "Indicates whether a slot can return multiple values. When `true` , the slot may return more than one value in a response. When `false` , the slot returns only a single value.\n\nMulti-value slots are only available in the en-US locale. If you set this value to `true` in any other locale, Amazon Lex throws a `ValidationException` .\n\nIf the `allowMutlipleValues` is not set, the default value is `false` .", + "title": "AllowMultipleValues", + "type": "boolean" } }, - "required": [ - "Flags" - ], "type": "object" }, - "AWS::NetworkFirewall::TLSInspectionConfiguration": { + "AWS::Lex::Bot.NluImprovementSpecification": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description of the TLS inspection configuration.", - "title": "Description", - "type": "string" - }, - "TLSInspectionConfiguration": { - "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.TLSInspectionConfiguration", - "markdownDescription": "The object that defines a TLS inspection configuration. AWS Network Firewall uses TLS inspection configurations to decrypt your firewall's inbound and outbound SSL/TLS traffic. After decryption, AWS Network Firewall inspects the traffic according to your firewall policy's stateful rules, and then re-encrypts it before sending it to its destination. You can enable inspection of your firewall's inbound traffic, outbound traffic, or both. To use TLS inspection with your firewall, you must first import or provision certificates using AWS Certificate Manager , create a TLS inspection configuration, add that configuration to a new firewall policy, and then associate that policy with your firewall. For more information about using TLS inspection configurations, see [Inspecting SSL/TLS traffic with TLS inspection configurations](https://docs.aws.amazon.com/network-firewall/latest/developerguide/tls-inspection.html) in the *AWS Network Firewall Developer Guide* .", - "title": "TLSInspectionConfiguration" - }, - "TLSInspectionConfigurationName": { - "markdownDescription": "The descriptive name of the TLS inspection configuration. You can't change the name of a TLS inspection configuration after you create it.", - "title": "TLSInspectionConfigurationName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The key:value pairs to associate with the resource.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "TLSInspectionConfiguration", - "TLSInspectionConfigurationName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::NetworkFirewall::TLSInspectionConfiguration" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Enabled": { + "markdownDescription": "Determines whether the Assisted NLU feature is enabled for the bot. When set to `true` , Amazon Lex uses advanced models to improve intent recognition and slot resolution, with the default being `false` .", + "title": "Enabled", + "type": "boolean" } }, "required": [ - "Type", - "Properties" + "Enabled" ], "type": "object" }, - "AWS::NetworkFirewall::TLSInspectionConfiguration.Address": { + "AWS::Lex::Bot.ObfuscationSetting": { "additionalProperties": false, "properties": { - "AddressDefinition": { - "markdownDescription": "Specify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4 and IPv6.\n\nExamples:\n\n- To configure Network Firewall to inspect for the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n- To configure Network Firewall to inspect for the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure Network Firewall to inspect for IP addresses from 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .", - "title": "AddressDefinition", + "ObfuscationSettingType": { + "markdownDescription": "Value that determines whether Amazon Lex obscures slot values in conversation logs. The default is to obscure the values.", + "title": "ObfuscationSettingType", "type": "string" } }, "required": [ - "AddressDefinition" + "ObfuscationSettingType" ], "type": "object" }, - "AWS::NetworkFirewall::TLSInspectionConfiguration.CheckCertificateRevocationStatus": { + "AWS::Lex::Bot.OpensearchConfiguration": { "additionalProperties": false, "properties": { - "RevokedStatusAction": { - "markdownDescription": "Configures how Network Firewall processes traffic when it determines that the certificate presented by the server in the SSL/TLS connection has a revoked status.\n\n- *PASS* - Allow the connection to continue, and pass subsequent packets to the stateful engine for inspection.\n- *DROP* - Network Firewall closes the connection and drops subsequent packets for that connection.\n- *REJECT* - Network Firewall sends a TCP reject packet back to your client. The service closes the connection and drops subsequent packets for that connection. `REJECT` is available only for TCP traffic.", - "title": "RevokedStatusAction", + "DomainEndpoint": { + "markdownDescription": "The endpoint of the Amazon OpenSearch Service domain.", + "title": "DomainEndpoint", "type": "string" }, - "UnknownStatusAction": { - "markdownDescription": "Configures how Network Firewall processes traffic when it determines that the certificate presented by the server in the SSL/TLS connection has an unknown status, or a status that cannot be determined for any other reason, including when the service is unable to connect to the OCSP and CRL endpoints for the certificate.\n\n- *PASS* - Allow the connection to continue, and pass subsequent packets to the stateful engine for inspection.\n- *DROP* - Network Firewall closes the connection and drops subsequent packets for that connection.\n- *REJECT* - Network Firewall sends a TCP reject packet back to your client. The service closes the connection and drops subsequent packets for that connection. `REJECT` is available only for TCP traffic.", - "title": "UnknownStatusAction", + "ExactResponse": { + "markdownDescription": "Specifies whether to return an exact response or to return an answer generated by the model using the fields you specify from the database.", + "title": "ExactResponse", + "type": "boolean" + }, + "ExactResponseFields": { + "$ref": "#/definitions/AWS::Lex::Bot.ExactResponseFields", + "markdownDescription": "Contains the names of the fields used for an exact response to the user.", + "title": "ExactResponseFields" + }, + "IncludeFields": { + "items": { + "type": "string" + }, + "markdownDescription": "Contains a list of fields from the Amazon OpenSearch Service that the model can use to generate the answer to the query.", + "title": "IncludeFields", + "type": "array" + }, + "IndexName": { + "markdownDescription": "The name of the Amazon OpenSearch Service index.", + "title": "IndexName", "type": "string" } }, "type": "object" }, - "AWS::NetworkFirewall::TLSInspectionConfiguration.PortRange": { + "AWS::Lex::Bot.OutputContext": { "additionalProperties": false, "properties": { - "FromPort": { - "markdownDescription": "The lower limit of the port range. This must be less than or equal to the `ToPort` specification.", - "title": "FromPort", + "Name": { + "markdownDescription": "The name of the output context.", + "title": "Name", + "type": "string" + }, + "TimeToLiveInSeconds": { + "markdownDescription": "The amount of time, in seconds, that the output context should remain active. The time is figured from the first time the context is sent to the user.", + "title": "TimeToLiveInSeconds", "type": "number" }, - "ToPort": { - "markdownDescription": "The upper limit of the port range. This must be greater than or equal to the `FromPort` specification.", - "title": "ToPort", + "TurnsToLive": { + "markdownDescription": "The number of conversation turns that the output context should remain active. The number of turns is counted from the first time that the context is sent to the user.", + "title": "TurnsToLive", "type": "number" } }, "required": [ - "FromPort", - "ToPort" + "Name", + "TimeToLiveInSeconds", + "TurnsToLive" ], "type": "object" }, - "AWS::NetworkFirewall::TLSInspectionConfiguration.ServerCertificate": { + "AWS::Lex::Bot.PlainTextMessage": { "additionalProperties": false, "properties": { - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Certificate Manager SSL/TLS server certificate that's used for inbound SSL/TLS inspection.", - "title": "ResourceArn", + "Value": { + "markdownDescription": "The message to send to the user.", + "title": "Value", "type": "string" } }, + "required": [ + "Value" + ], "type": "object" }, - "AWS::NetworkFirewall::TLSInspectionConfiguration.ServerCertificateConfiguration": { + "AWS::Lex::Bot.PostDialogCodeHookInvocationSpecification": { "additionalProperties": false, "properties": { - "CertificateAuthorityArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the imported certificate authority (CA) certificate within AWS Certificate Manager (ACM) to use for outbound SSL/TLS inspection.\n\nThe following limitations apply:\n\n- You can use CA certificates that you imported into ACM, but you can't generate CA certificates with ACM.\n- You can't use certificates issued by AWS Private Certificate Authority .\n\nFor more information about configuring certificates for outbound inspection, see [Using SSL/TLS certificates with certificates with TLS inspection configurations](https://docs.aws.amazon.com/network-firewall/latest/developerguide/tls-inspection-certificate-requirements.html) in the *AWS Network Firewall Developer Guide* .\n\nFor information about working with certificates in ACM, see [Importing certificates](https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html) in the *AWS Certificate Manager User Guide* .", - "title": "CertificateAuthorityArn", - "type": "string" + "FailureConditional": { + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", + "markdownDescription": "A list of conditional branches to evaluate after the dialog code hook throws an exception or returns with the `State` field of the `Intent` object set to `Failed` .", + "title": "FailureConditional" }, - "CheckCertificateRevocationStatus": { - "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.CheckCertificateRevocationStatus", - "markdownDescription": "When enabled, Network Firewall checks if the server certificate presented by the server in the SSL/TLS connection has a revoked or unkown status. If the certificate has an unknown or revoked status, you must specify the actions that Network Firewall takes on outbound traffic. To check the certificate revocation status, you must also specify a `CertificateAuthorityArn` in [ServerCertificateConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-servercertificateconfiguration.html) .", - "title": "CheckCertificateRevocationStatus" + "FailureNextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "Specifies the next step the bot runs after the dialog code hook throws an exception or returns with the `State` field of the `Intent` object set to `Failed` .", + "title": "FailureNextStep" }, - "Scopes": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.ServerCertificateScope" - }, - "markdownDescription": "A list of scopes.", - "title": "Scopes", - "type": "array" + "FailureResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input when the code hook fails.", + "title": "FailureResponse" }, - "ServerCertificates": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.ServerCertificate" - }, - "markdownDescription": "The list of server certificates to use for inbound SSL/TLS inspection.", - "title": "ServerCertificates", - "type": "array" + "SuccessConditional": { + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", + "markdownDescription": "A list of conditional branches to evaluate after the dialog code hook finishes successfully.", + "title": "SuccessConditional" + }, + "SuccessNextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "Specifics the next step the bot runs after the dialog code hook finishes successfully.", + "title": "SuccessNextStep" + }, + "SuccessResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond when the code hook succeeds.", + "title": "SuccessResponse" + }, + "TimeoutConditional": { + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", + "markdownDescription": "A list of conditional branches to evaluate if the code hook times out.", + "title": "TimeoutConditional" + }, + "TimeoutNextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "Specifies the next step that the bot runs when the code hook times out.", + "title": "TimeoutNextStep" + }, + "TimeoutResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond to the user input when the code hook times out.", + "title": "TimeoutResponse" } }, "type": "object" }, - "AWS::NetworkFirewall::TLSInspectionConfiguration.ServerCertificateScope": { + "AWS::Lex::Bot.PostFulfillmentStatusSpecification": { "additionalProperties": false, "properties": { - "DestinationPorts": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.PortRange" - }, - "markdownDescription": "The destination ports to decrypt for inspection, in Transmission Control Protocol (TCP) format. If not specified, this matches with any destination port.\n\nYou can specify individual ports, for example `1994` , and you can specify port ranges, such as `1990:1994` .", - "title": "DestinationPorts", - "type": "array" + "FailureConditional": { + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", + "markdownDescription": "A list of conditional branches to evaluate after the fulfillment code hook throws an exception or returns with the `State` field of the `Intent` object set to `Failed` .", + "title": "FailureConditional" }, - "Destinations": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.Address" - }, - "markdownDescription": "The destination IP addresses and address ranges to decrypt for inspection, in CIDR notation. If not specified, this\nmatches with any destination address.", - "title": "Destinations", - "type": "array" + "FailureNextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "Specifies the next step the bot runs after the fulfillment code hook throws an exception or returns with the `State` field of the `Intent` object set to `Failed` .", + "title": "FailureNextStep" }, - "Protocols": { - "items": { - "type": "number" - }, - "markdownDescription": "The protocols to inspect for, specified using the assigned internet protocol number (IANA) for each protocol. If not specified, this matches with any protocol.\n\nNetwork Firewall currently supports only TCP.", - "title": "Protocols", - "type": "array" + "FailureResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond when fulfillment isn't successful.", + "title": "FailureResponse" }, - "SourcePorts": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.PortRange" - }, - "markdownDescription": "The source ports to decrypt for inspection, in Transmission Control Protocol (TCP) format. If not specified, this matches with any source port.\n\nYou can specify individual ports, for example `1994` , and you can specify port ranges, such as `1990:1994` .", - "title": "SourcePorts", - "type": "array" + "SuccessConditional": { + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", + "markdownDescription": "A list of conditional branches to evaluate after the fulfillment code hook finishes successfully.", + "title": "SuccessConditional" }, - "Sources": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.Address" - }, - "markdownDescription": "The source IP addresses and address ranges to decrypt for inspection, in CIDR notation. If not specified, this\nmatches with any source address.", - "title": "Sources", - "type": "array" + "SuccessNextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "Specifies the next step in the conversation that Amazon Lex invokes when the fulfillment code hook completes successfully.", + "title": "SuccessNextStep" + }, + "SuccessResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond when the fulfillment is successful.", + "title": "SuccessResponse" + }, + "TimeoutConditional": { + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", + "markdownDescription": "A list of conditional branches to evaluate if the fulfillment code hook times out.", + "title": "TimeoutConditional" + }, + "TimeoutNextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "Specifies the next step that the bot runs when the fulfillment code hook times out.", + "title": "TimeoutNextStep" + }, + "TimeoutResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond when fulfillment isn't completed within the timeout period.", + "title": "TimeoutResponse" } }, "type": "object" }, - "AWS::NetworkFirewall::TLSInspectionConfiguration.TLSInspectionConfiguration": { + "AWS::Lex::Bot.PromptAttemptSpecification": { "additionalProperties": false, "properties": { - "ServerCertificateConfigurations": { + "AllowInterrupt": { + "markdownDescription": "Indicates whether the user can interrupt a speech prompt attempt from the bot.", + "title": "AllowInterrupt", + "type": "boolean" + }, + "AllowedInputTypes": { + "$ref": "#/definitions/AWS::Lex::Bot.AllowedInputTypes", + "markdownDescription": "Indicates the allowed input types of the prompt attempt.", + "title": "AllowedInputTypes" + }, + "AudioAndDTMFInputSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.AudioAndDTMFInputSpecification", + "markdownDescription": "Specifies the settings on audio and DTMF input.", + "title": "AudioAndDTMFInputSpecification" + }, + "TextInputSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.TextInputSpecification", + "markdownDescription": "Specifies the settings on text input.", + "title": "TextInputSpecification" + } + }, + "required": [ + "AllowedInputTypes" + ], + "type": "object" + }, + "AWS::Lex::Bot.PromptSpecification": { + "additionalProperties": false, + "properties": { + "AllowInterrupt": { + "markdownDescription": "Indicates whether the user can interrupt a speech prompt from the bot.", + "title": "AllowInterrupt", + "type": "boolean" + }, + "MaxRetries": { + "markdownDescription": "The maximum number of times the bot tries to elicit a response from the user using this prompt.", + "title": "MaxRetries", + "type": "number" + }, + "MessageGroupsList": { "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.ServerCertificateConfiguration" + "$ref": "#/definitions/AWS::Lex::Bot.MessageGroup" }, - "markdownDescription": "Lists the server certificate configurations that are associated with the TLS configuration.", - "title": "ServerCertificateConfigurations", + "markdownDescription": "A collection of messages that Amazon Lex can send to the user. Amazon Lex chooses the actual message to send at runtime.", + "title": "MessageGroupsList", "type": "array" + }, + "MessageSelectionStrategy": { + "markdownDescription": "Indicates how a message is selected from a message group among retries.", + "title": "MessageSelectionStrategy", + "type": "string" + }, + "PromptAttemptsSpecification": { + "additionalProperties": false, + "markdownDescription": "Specifies the advanced settings on each attempt of the prompt.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::Lex::Bot.PromptAttemptSpecification" + } + }, + "title": "PromptAttemptsSpecification", + "type": "object" } }, + "required": [ + "MaxRetries", + "MessageGroupsList" + ], "type": "object" }, - "AWS::NetworkManager::ConnectAttachment": { + "AWS::Lex::Bot.QInConnectAssistantConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "CoreNetworkId": { - "markdownDescription": "The ID of the core network where the Connect attachment is located.", - "title": "CoreNetworkId", - "type": "string" - }, - "EdgeLocation": { - "markdownDescription": "The Region where the edge is located.", - "title": "EdgeLocation", - "type": "string" - }, - "Options": { - "$ref": "#/definitions/AWS::NetworkManager::ConnectAttachment.ConnectAttachmentOptions", - "markdownDescription": "Options for connecting an attachment.", - "title": "Options" - }, - "ProposedSegmentChange": { - "$ref": "#/definitions/AWS::NetworkManager::ConnectAttachment.ProposedSegmentChange", - "markdownDescription": "Describes a proposed segment change. In some cases, the segment change must first be evaluated and accepted.", - "title": "ProposedSegmentChange" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags associated with the Connect attachment.", - "title": "Tags", - "type": "array" - }, - "TransportAttachmentId": { - "markdownDescription": "The ID of the transport attachment.", - "title": "TransportAttachmentId", - "type": "string" - } - }, - "required": [ - "CoreNetworkId", - "EdgeLocation", - "Options", - "TransportAttachmentId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::NetworkManager::ConnectAttachment" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "AssistantArn": { + "markdownDescription": "", + "title": "AssistantArn", "type": "string" } }, "required": [ - "Type", - "Properties" + "AssistantArn" ], "type": "object" }, - "AWS::NetworkManager::ConnectAttachment.ConnectAttachmentOptions": { + "AWS::Lex::Bot.QInConnectIntentConfiguration": { "additionalProperties": false, "properties": { - "Protocol": { - "markdownDescription": "The protocol used for the attachment connection.", - "title": "Protocol", - "type": "string" + "QInConnectAssistantConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.QInConnectAssistantConfiguration", + "markdownDescription": "", + "title": "QInConnectAssistantConfiguration" } }, "type": "object" }, - "AWS::NetworkManager::ConnectAttachment.ProposedSegmentChange": { + "AWS::Lex::Bot.QnAIntentConfiguration": { "additionalProperties": false, "properties": { - "AttachmentPolicyRuleNumber": { - "markdownDescription": "The rule number in the policy document that applies to this change.", - "title": "AttachmentPolicyRuleNumber", - "type": "number" - }, - "SegmentName": { - "markdownDescription": "The name of the segment to change.", - "title": "SegmentName", - "type": "string" + "BedrockModelConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.BedrockModelSpecification", + "markdownDescription": "", + "title": "BedrockModelConfiguration" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The list of key-value tags that changed for the segment.", - "title": "Tags", - "type": "array" + "DataSourceConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.DataSourceConfiguration", + "markdownDescription": "Contains details about the configuration of the data source used for the `AMAZON.QnAIntent` .", + "title": "DataSourceConfiguration" } }, + "required": [ + "BedrockModelConfiguration", + "DataSourceConfiguration" + ], "type": "object" }, - "AWS::NetworkManager::ConnectPeer": { + "AWS::Lex::Bot.QnAKendraConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "ExactResponse": { + "markdownDescription": "Specifies whether to return an exact response from the Amazon Kendra index or to let the Amazon Bedrock model you select generate a response based on the results. To use this feature, you must first add FAQ questions to your index by following the steps at [Adding frequently asked questions (FAQs) to an index](https://docs.aws.amazon.com/kendra/latest/dg/in-creating-faq.html) .", + "title": "ExactResponse", + "type": "boolean" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "KendraIndex": { + "markdownDescription": "The ARN of the Amazon Kendra index to use.", + "title": "KendraIndex", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "BgpOptions": { - "$ref": "#/definitions/AWS::NetworkManager::ConnectPeer.BgpOptions", - "markdownDescription": "Describes the BGP options.", - "title": "BgpOptions" - }, - "ConnectAttachmentId": { - "markdownDescription": "The ID of the attachment to connect.", - "title": "ConnectAttachmentId", - "type": "string" - }, - "CoreNetworkAddress": { - "markdownDescription": "The IP address of a core network.", - "title": "CoreNetworkAddress", - "type": "string" - }, - "InsideCidrBlocks": { - "items": { - "type": "string" - }, - "markdownDescription": "The inside IP addresses used for a Connect peer configuration.", - "title": "InsideCidrBlocks", - "type": "array" - }, - "PeerAddress": { - "markdownDescription": "The IP address of the Connect peer.", - "title": "PeerAddress", - "type": "string" - }, - "SubnetArn": { - "markdownDescription": "The subnet ARN of the Connect peer.", - "title": "SubnetArn", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The list of key-value tags associated with the Connect peer.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "ConnectAttachmentId", - "PeerAddress" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::NetworkManager::ConnectPeer" - ], + "QueryFilterString": { + "markdownDescription": "Contains the Amazon Kendra filter string to use if enabled. For more information on the Amazon Kendra search filter JSON format, see [Using document attributes to filter search results](https://docs.aws.amazon.com/kendra/latest/dg/filtering.html#search-filtering) .", + "title": "QueryFilterString", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "QueryFilterStringEnabled": { + "markdownDescription": "Specifies whether to enable an Amazon Kendra filter string or not.", + "title": "QueryFilterStringEnabled", + "type": "boolean" } }, "required": [ - "Type", - "Properties" + "ExactResponse", + "KendraIndex", + "QueryFilterStringEnabled" ], "type": "object" }, - "AWS::NetworkManager::ConnectPeer.BgpOptions": { + "AWS::Lex::Bot.Replication": { "additionalProperties": false, "properties": { - "PeerAsn": { - "markdownDescription": "The Peer ASN of the BGP.", - "title": "PeerAsn", - "type": "number" + "ReplicaRegions": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "ReplicaRegions", + "type": "array" } }, + "required": [ + "ReplicaRegions" + ], "type": "object" }, - "AWS::NetworkManager::ConnectPeer.ConnectPeerBgpConfiguration": { + "AWS::Lex::Bot.ResponseSpecification": { "additionalProperties": false, "properties": { - "CoreNetworkAddress": { - "markdownDescription": "The address of a core network.", - "title": "CoreNetworkAddress", - "type": "string" - }, - "CoreNetworkAsn": { - "markdownDescription": "The ASN of the Coret Network.", - "title": "CoreNetworkAsn", - "type": "number" - }, - "PeerAddress": { - "markdownDescription": "The address of a core network Connect peer.", - "title": "PeerAddress", - "type": "string" + "AllowInterrupt": { + "markdownDescription": "Indicates whether the user can interrupt a speech response from Amazon Lex.", + "title": "AllowInterrupt", + "type": "boolean" }, - "PeerAsn": { - "markdownDescription": "The ASN of the Connect peer.", - "title": "PeerAsn", - "type": "number" + "MessageGroupsList": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.MessageGroup" + }, + "markdownDescription": "A collection of responses that Amazon Lex can send to the user. Amazon Lex chooses the actual response to send at runtime.", + "title": "MessageGroupsList", + "type": "array" } }, + "required": [ + "MessageGroupsList" + ], "type": "object" }, - "AWS::NetworkManager::ConnectPeer.ConnectPeerConfiguration": { + "AWS::Lex::Bot.RuntimeSettings": { "additionalProperties": false, "properties": { - "BgpConfigurations": { - "items": { - "$ref": "#/definitions/AWS::NetworkManager::ConnectPeer.ConnectPeerBgpConfiguration" - }, - "markdownDescription": "The Connect peer BGP configurations.", - "title": "BgpConfigurations", - "type": "array" + "NluImprovementSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.NluImprovementSpecification", + "markdownDescription": "", + "title": "NluImprovementSpecification" }, - "CoreNetworkAddress": { - "markdownDescription": "The IP address of a core network.", - "title": "CoreNetworkAddress", + "SlotResolutionImprovementSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotResolutionImprovementSpecification", + "markdownDescription": "", + "title": "SlotResolutionImprovementSpecification" + } + }, + "type": "object" + }, + "AWS::Lex::Bot.S3BucketLogDestination": { + "additionalProperties": false, + "properties": { + "KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Key Management Service (KMS) key for encrypting audio log files stored in an Amazon S3 bucket.", + "title": "KmsKeyArn", "type": "string" }, - "InsideCidrBlocks": { - "items": { - "type": "string" - }, - "markdownDescription": "The inside IP addresses used for a Connect peer configuration.", - "title": "InsideCidrBlocks", - "type": "array" - }, - "PeerAddress": { - "markdownDescription": "The IP address of the Connect peer.", - "title": "PeerAddress", + "LogPrefix": { + "markdownDescription": "The S3 prefix to assign to audio log files.", + "title": "LogPrefix", "type": "string" }, - "Protocol": { - "markdownDescription": "The protocol used for a Connect peer configuration.", - "title": "Protocol", + "S3BucketArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an Amazon S3 bucket where audio log files are stored.", + "title": "S3BucketArn", "type": "string" } }, + "required": [ + "LogPrefix", + "S3BucketArn" + ], "type": "object" }, - "AWS::NetworkManager::CoreNetwork": { + "AWS::Lex::Bot.S3Location": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "S3Bucket": { + "markdownDescription": "The S3 bucket name.", + "title": "S3Bucket", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The description of a core network.", - "title": "Description", - "type": "string" - }, - "GlobalNetworkId": { - "markdownDescription": "The ID of the global network that your core network is a part of.", - "title": "GlobalNetworkId", - "type": "string" - }, - "PolicyDocument": { - "markdownDescription": "Describes a core network policy. For more information, see [Core network policies](https://docs.aws.amazon.com/network-manager/latest/cloudwan/cloudwan-policy-change-sets.html) .\n\nIf you update the policy document, CloudFormation will apply the core network change set generated from the updated policy document, and then set it as the LIVE policy.", - "title": "PolicyDocument", - "type": "object" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The list of key-value tags associated with a core network.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "GlobalNetworkId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::NetworkManager::CoreNetwork" - ], + "S3ObjectKey": { + "markdownDescription": "The path and file name to the object in the S3 bucket.", + "title": "S3ObjectKey", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "S3ObjectVersion": { + "markdownDescription": "The version of the object in the S3 bucket.", + "title": "S3ObjectVersion", "type": "string" } }, "required": [ - "Type", - "Properties" + "S3Bucket", + "S3ObjectKey" ], "type": "object" }, - "AWS::NetworkManager::CoreNetwork.CoreNetworkEdge": { + "AWS::Lex::Bot.SSMLMessage": { "additionalProperties": false, "properties": { - "Asn": { - "markdownDescription": "The ASN of a core network edge.", - "title": "Asn", - "type": "number" - }, - "EdgeLocation": { - "markdownDescription": "The Region where a core network edge is located.", - "title": "EdgeLocation", + "Value": { + "markdownDescription": "The SSML text that defines the prompt.", + "title": "Value", "type": "string" - }, - "InsideCidrBlocks": { - "items": { - "type": "string" - }, - "markdownDescription": "The inside IP addresses used for core network edges.", - "title": "InsideCidrBlocks", - "type": "array" } }, + "required": [ + "Value" + ], "type": "object" }, - "AWS::NetworkManager::CoreNetwork.CoreNetworkSegment": { + "AWS::Lex::Bot.SampleUtterance": { "additionalProperties": false, "properties": { - "EdgeLocations": { - "items": { - "type": "string" - }, - "markdownDescription": "The Regions where the edges are located.", - "title": "EdgeLocations", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of a core network segment.", - "title": "Name", + "Utterance": { + "markdownDescription": "A sample utterance that invokes an intent or respond to a slot elicitation prompt.", + "title": "Utterance", "type": "string" - }, - "SharedSegments": { - "items": { - "type": "string" - }, - "markdownDescription": "The shared segments of a core network.", - "title": "SharedSegments", - "type": "array" } }, + "required": [ + "Utterance" + ], "type": "object" }, - "AWS::NetworkManager::CustomerGatewayAssociation": { + "AWS::Lex::Bot.SampleUtteranceGenerationSpecification": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "CustomerGatewayArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the customer gateway.", - "title": "CustomerGatewayArn", - "type": "string" - }, - "DeviceId": { - "markdownDescription": "The ID of the device.", - "title": "DeviceId", - "type": "string" - }, - "GlobalNetworkId": { - "markdownDescription": "The ID of the global network.", - "title": "GlobalNetworkId", - "type": "string" - }, - "LinkId": { - "markdownDescription": "The ID of the link.", - "title": "LinkId", - "type": "string" - } - }, - "required": [ - "CustomerGatewayArn", - "DeviceId", - "GlobalNetworkId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::NetworkManager::CustomerGatewayAssociation" - ], - "type": "string" + "BedrockModelSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.BedrockModelSpecification", + "markdownDescription": "", + "title": "BedrockModelSpecification" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Enabled": { + "markdownDescription": "Specifies whether to enable sample utterance generation or not.", + "title": "Enabled", + "type": "boolean" } }, "required": [ - "Type", - "Properties" + "Enabled" ], "type": "object" }, - "AWS::NetworkManager::Device": { + "AWS::Lex::Bot.SampleValue": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AWSLocation": { - "$ref": "#/definitions/AWS::NetworkManager::Device.AWSLocation", - "markdownDescription": "The AWS location of the device.", - "title": "AWSLocation" - }, - "Description": { - "markdownDescription": "A description of the device.\n\nConstraints: Maximum length of 256 characters.", - "title": "Description", - "type": "string" - }, - "GlobalNetworkId": { - "markdownDescription": "The ID of the global network.", - "title": "GlobalNetworkId", - "type": "string" - }, - "Location": { - "$ref": "#/definitions/AWS::NetworkManager::Device.Location", - "markdownDescription": "The site location.", - "title": "Location" - }, - "Model": { - "markdownDescription": "The model of the device.\n\nConstraints: Maximum length of 128 characters.", - "title": "Model", - "type": "string" - }, - "SerialNumber": { - "markdownDescription": "The serial number of the device.\n\nConstraints: Maximum length of 128 characters.", - "title": "SerialNumber", - "type": "string" - }, - "SiteId": { - "markdownDescription": "The site ID.", - "title": "SiteId", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags for the device.", - "title": "Tags", - "type": "array" - }, - "Type": { - "markdownDescription": "The device type.", - "title": "Type", - "type": "string" - }, - "Vendor": { - "markdownDescription": "The vendor of the device.\n\nConstraints: Maximum length of 128 characters.", - "title": "Vendor", - "type": "string" - } - }, - "required": [ - "GlobalNetworkId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::NetworkManager::Device" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Value": { + "markdownDescription": "The value that can be used for a slot type.", + "title": "Value", "type": "string" } }, "required": [ - "Type", - "Properties" + "Value" ], "type": "object" }, - "AWS::NetworkManager::Device.AWSLocation": { + "AWS::Lex::Bot.SentimentAnalysisSettings": { "additionalProperties": false, "properties": { - "SubnetArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the subnet that the device is located in.", - "title": "SubnetArn", - "type": "string" - }, - "Zone": { - "markdownDescription": "The Zone that the device is located in. Specify the ID of an Availability Zone, Local Zone, Wavelength Zone, or an Outpost.", - "title": "Zone", - "type": "string" + "DetectSentiment": { + "markdownDescription": "Sets whether Amazon Lex uses Amazon Comprehend to detect the sentiment of user utterances.", + "title": "DetectSentiment", + "type": "boolean" } }, + "required": [ + "DetectSentiment" + ], "type": "object" }, - "AWS::NetworkManager::Device.Location": { + "AWS::Lex::Bot.SessionAttribute": { "additionalProperties": false, "properties": { - "Address": { - "markdownDescription": "The physical address.", - "title": "Address", - "type": "string" - }, - "Latitude": { - "markdownDescription": "The latitude.", - "title": "Latitude", + "Key": { + "markdownDescription": "The name of the session attribute.", + "title": "Key", "type": "string" }, - "Longitude": { - "markdownDescription": "The longitude.", - "title": "Longitude", + "Value": { + "markdownDescription": "The session-specific context information for the session attribute.", + "title": "Value", "type": "string" } }, + "required": [ + "Key" + ], "type": "object" }, - "AWS::NetworkManager::GlobalNetwork": { + "AWS::Lex::Bot.Slot": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Description": { + "markdownDescription": "The description of the slot.", + "title": "Description", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "MultipleValuesSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.MultipleValuesSetting", + "markdownDescription": "Indicates whether a slot can return multiple values.", + "title": "MultipleValuesSetting" }, - "Metadata": { - "type": "object" + "Name": { + "markdownDescription": "The name given to the slot.", + "title": "Name", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "CreatedAt": { - "markdownDescription": "The date and time that the global network was created.", - "title": "CreatedAt", - "type": "string" - }, - "Description": { - "markdownDescription": "A description of the global network.\n\nConstraints: Maximum length of 256 characters.", - "title": "Description", - "type": "string" - }, - "State": { - "markdownDescription": "The state of the global network.", - "title": "State", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags for the global network.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" + "ObfuscationSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.ObfuscationSetting", + "markdownDescription": "Determines whether the contents of the slot are obfuscated in Amazon CloudWatch Logs logs. Use obfuscated slots to protect information such as personally identifiable information (PII) in logs.", + "title": "ObfuscationSetting" }, - "Type": { - "enum": [ - "AWS::NetworkManager::GlobalNetwork" - ], + "SlotTypeName": { + "markdownDescription": "The name of the slot type that this slot is based on. The slot type defines the acceptable values for the slot.", + "title": "SlotTypeName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "SubSlotSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.SubSlotSetting", + "markdownDescription": "", + "title": "SubSlotSetting" + }, + "ValueElicitationSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotValueElicitationSetting", + "markdownDescription": "Determines the slot resolution strategy that Amazon Lex uses to return slot type values. The field can be set to one of the following values:\n\n- ORIGINAL_VALUE - Returns the value entered by the user, if the user value is similar to a slot value.\n- TOP_RESOLUTION - If there is a resolution list for the slot, return the first value in the resolution list as the slot type value. If there is no resolution list, null is returned.\n\nIf you don't specify the `valueSelectionStrategy` , the default is `ORIGINAL_VALUE` .", + "title": "ValueElicitationSetting" } }, "required": [ - "Type" + "Name", + "SlotTypeName", + "ValueElicitationSetting" ], "type": "object" }, - "AWS::NetworkManager::Link": { + "AWS::Lex::Bot.SlotCaptureSetting": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "CaptureConditional": { + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", + "markdownDescription": "A list of conditional branches to evaluate after the slot value is captured.", + "title": "CaptureConditional" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "CaptureNextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "Specifies the next step that the bot runs when the slot value is captured before the code hook times out.", + "title": "CaptureNextStep" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "CaptureResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input.", + "title": "CaptureResponse" }, - "Metadata": { - "type": "object" + "CodeHook": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogCodeHookInvocationSetting", + "markdownDescription": "Code hook called after Amazon Lex successfully captures a slot value.", + "title": "CodeHook" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Bandwidth": { - "$ref": "#/definitions/AWS::NetworkManager::Link.Bandwidth", - "markdownDescription": "The bandwidth for the link.", - "title": "Bandwidth" - }, - "Description": { - "markdownDescription": "A description of the link.\n\nConstraints: Maximum length of 256 characters.", - "title": "Description", - "type": "string" - }, - "GlobalNetworkId": { - "markdownDescription": "The ID of the global network.", - "title": "GlobalNetworkId", - "type": "string" - }, - "Provider": { - "markdownDescription": "The provider of the link.\n\nConstraints: Maximum length of 128 characters. Cannot include the following characters: | \\ ^", - "title": "Provider", - "type": "string" - }, - "SiteId": { - "markdownDescription": "The ID of the site.", - "title": "SiteId", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags for the link.", - "title": "Tags", - "type": "array" - }, - "Type": { - "markdownDescription": "The type of the link.\n\nConstraints: Maximum length of 128 characters. Cannot include the following characters: | \\ ^", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Bandwidth", - "GlobalNetworkId", - "SiteId" - ], - "type": "object" + "ElicitationCodeHook": { + "$ref": "#/definitions/AWS::Lex::Bot.ElicitationCodeHookInvocationSetting", + "markdownDescription": "Code hook called when Amazon Lex doesn't capture a slot value.", + "title": "ElicitationCodeHook" }, - "Type": { - "enum": [ - "AWS::NetworkManager::Link" - ], - "type": "string" + "FailureConditional": { + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", + "markdownDescription": "A list of conditional branches to evaluate when the slot value isn't captured.", + "title": "FailureConditional" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FailureNextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "Specifies the next step that the bot runs when the slot value code is not recognized.", + "title": "FailureNextStep" + }, + "FailureResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input when the slot fails to be captured.", + "title": "FailureResponse" + } + }, + "type": "object" + }, + "AWS::Lex::Bot.SlotDefaultValue": { + "additionalProperties": false, + "properties": { + "DefaultValue": { + "markdownDescription": "The default value to use when a user doesn't provide a value for a slot.", + "title": "DefaultValue", "type": "string" } }, "required": [ - "Type", - "Properties" + "DefaultValue" ], "type": "object" }, - "AWS::NetworkManager::Link.Bandwidth": { + "AWS::Lex::Bot.SlotDefaultValueSpecification": { "additionalProperties": false, "properties": { - "DownloadSpeed": { - "markdownDescription": "Download speed in Mbps.", - "title": "DownloadSpeed", - "type": "number" - }, - "UploadSpeed": { - "markdownDescription": "Upload speed in Mbps.", - "title": "UploadSpeed", - "type": "number" + "DefaultValueList": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotDefaultValue" + }, + "markdownDescription": "A list of default values. Amazon Lex chooses the default value to use in the order that they are presented in the list.", + "title": "DefaultValueList", + "type": "array" } }, + "required": [ + "DefaultValueList" + ], "type": "object" }, - "AWS::NetworkManager::LinkAssociation": { + "AWS::Lex::Bot.SlotPriority": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DeviceId": { - "markdownDescription": "The device ID for the link association.", - "title": "DeviceId", - "type": "string" - }, - "GlobalNetworkId": { - "markdownDescription": "The ID of the global network.", - "title": "GlobalNetworkId", - "type": "string" - }, - "LinkId": { - "markdownDescription": "The ID of the link.", - "title": "LinkId", - "type": "string" - } - }, - "required": [ - "DeviceId", - "GlobalNetworkId", - "LinkId" - ], - "type": "object" + "Priority": { + "markdownDescription": "The priority that Amazon Lex should apply to the slot.", + "title": "Priority", + "type": "number" }, - "Type": { - "enum": [ - "AWS::NetworkManager::LinkAssociation" - ], + "SlotName": { + "markdownDescription": "The name of the slot.", + "title": "SlotName", "type": "string" + } + }, + "required": [ + "Priority", + "SlotName" + ], + "type": "object" + }, + "AWS::Lex::Bot.SlotResolutionImprovementSpecification": { + "additionalProperties": false, + "properties": { + "BedrockModelSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.BedrockModelSpecification", + "markdownDescription": "An object containing information about the Amazon Bedrock model used to assist slot resolution.", + "title": "BedrockModelSpecification" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Enabled": { + "markdownDescription": "Specifies whether assisted slot resolution is turned on or off.", + "title": "Enabled", + "type": "boolean" } }, "required": [ - "Type", - "Properties" + "Enabled" ], "type": "object" }, - "AWS::NetworkManager::Site": { + "AWS::Lex::Bot.SlotType": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "CompositeSlotTypeSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.CompositeSlotTypeSetting", + "markdownDescription": "", + "title": "CompositeSlotTypeSetting" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Description": { + "markdownDescription": "A description of the slot type. Use the description to help identify the slot type in lists.", + "title": "Description", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ExternalSourceSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.ExternalSourceSetting", + "markdownDescription": "Sets the type of external information used to create the slot type.", + "title": "ExternalSourceSetting" }, - "Metadata": { - "type": "object" + "Name": { + "markdownDescription": "The name of the slot type. A slot type name must be unique withing the account.", + "title": "Name", + "type": "string" }, - "Properties": { + "ParentSlotTypeSignature": { + "markdownDescription": "The built-in slot type used as a parent of this slot type. When you define a parent slot type, the new slot type has the configuration of the parent lot type.\n\nOnly `AMAZON.AlphaNumeric` is supported.", + "title": "ParentSlotTypeSignature", + "type": "string" + }, + "SlotTypeValues": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotTypeValue" + }, + "markdownDescription": "A list of SlotTypeValue objects that defines the values that the slot type can take. Each value can have a list of synonyms, additional values that help train the machine learning model about the values that it resolves for the slot.", + "title": "SlotTypeValues", + "type": "array" + }, + "ValueSelectionSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotValueSelectionSetting", + "markdownDescription": "Determines the slot resolution strategy that Amazon Lex uses to return slot type values. The field can be set to one of the following values:\n\n- `ORIGINAL_VALUE` - Returns the value entered by the user, if the user value is similar to the slot value.\n- `TOP_RESOLUTION` - If there is a resolution list for the slot, return the first value in the resolution list as the slot type value. If there is no resolution list, null is returned.\n\nIf you don't specify the `valueSelectionStrategy` , the default is `ORIGINAL_VALUE` .", + "title": "ValueSelectionSetting" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::Lex::Bot.SlotTypeValue": { + "additionalProperties": false, + "properties": { + "SampleValue": { + "$ref": "#/definitions/AWS::Lex::Bot.SampleValue", + "markdownDescription": "The value of the slot type entry.", + "title": "SampleValue" + }, + "Synonyms": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.SampleValue" + }, + "markdownDescription": "Additional values related to the slot type entry.", + "title": "Synonyms", + "type": "array" + } + }, + "required": [ + "SampleValue" + ], + "type": "object" + }, + "AWS::Lex::Bot.SlotValue": { + "additionalProperties": false, + "properties": { + "InterpretedValue": { + "markdownDescription": "The value that Amazon Lex determines for the slot. The actual value depends on the setting of the value selection strategy for the bot. You can choose to use the value entered by the user, or you can have Amazon Lex choose the first value in the `resolvedValues` list.", + "title": "InterpretedValue", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Lex::Bot.SlotValueElicitationSetting": { + "additionalProperties": false, + "properties": { + "DefaultValueSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotDefaultValueSpecification", + "markdownDescription": "A list of default values for a slot. Default values are used when Amazon Lex hasn't determined a value for a slot. You can specify default values from context variables, session attributes, and defined values.", + "title": "DefaultValueSpecification" + }, + "PromptSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.PromptSpecification", + "markdownDescription": "The prompt that Amazon Lex uses to elicit the slot value from the user.", + "title": "PromptSpecification" + }, + "SampleUtterances": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.SampleUtterance" + }, + "markdownDescription": "If you know a specific pattern that users might respond to an Amazon Lex request for a slot value, you can provide those utterances to improve accuracy. This is optional. In most cases, Amazon Lex is capable of understanding user utterances.", + "title": "SampleUtterances", + "type": "array" + }, + "SlotCaptureSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotCaptureSetting", + "markdownDescription": "Specifies the settings that Amazon Lex uses when a slot value is successfully entered by a user.", + "title": "SlotCaptureSetting" + }, + "SlotConstraint": { + "markdownDescription": "Specifies whether the slot is required or optional.", + "title": "SlotConstraint", + "type": "string" + }, + "WaitAndContinueSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.WaitAndContinueSpecification", + "markdownDescription": "Specifies the prompts that Amazon Lex uses while a bot is waiting for customer input.", + "title": "WaitAndContinueSpecification" + } + }, + "required": [ + "SlotConstraint" + ], + "type": "object" + }, + "AWS::Lex::Bot.SlotValueOverride": { + "additionalProperties": false, + "properties": { + "Shape": { + "markdownDescription": "When the shape value is `List` , it indicates that the `values` field contains a list of slot values. When the value is `Scalar` , it indicates that the `value` field contains a single value.", + "title": "Shape", + "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotValue", + "markdownDescription": "The current value of the slot.", + "title": "Value" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotValueOverride" + }, + "markdownDescription": "A list of one or more values that the user provided for the slot. For example, for a slot that elicits pizza toppings, the values might be \"pepperoni\" and \"pineapple.\"", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Lex::Bot.SlotValueOverrideMap": { + "additionalProperties": false, + "properties": { + "SlotName": { + "markdownDescription": "The name of the slot.", + "title": "SlotName", + "type": "string" + }, + "SlotValueOverride": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotValueOverride", + "markdownDescription": "The SlotValueOverride object to which the slot name will be mapped.", + "title": "SlotValueOverride" + } + }, + "type": "object" + }, + "AWS::Lex::Bot.SlotValueRegexFilter": { + "additionalProperties": false, + "properties": { + "Pattern": { + "markdownDescription": "A regular expression used to validate the value of a slot.\n\nUse a standard regular expression. Amazon Lex supports the following characters in the regular expression:\n\n- A-Z, a-z\n- 0-9\n- Unicode characters (\"\\\u2060u\")\n\nRepresent Unicode characters with four digits, for example \"\\\u2060u0041\" or \"\\\u2060u005A\".\n\nThe following regular expression operators are not supported:\n\n- Infinite repeaters: *, +, or {x,} with no upper bound.\n- Wild card (.)", + "title": "Pattern", + "type": "string" + } + }, + "required": [ + "Pattern" + ], + "type": "object" + }, + "AWS::Lex::Bot.SlotValueSelectionSetting": { + "additionalProperties": false, + "properties": { + "AdvancedRecognitionSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.AdvancedRecognitionSetting", + "markdownDescription": "Provides settings that enable advanced recognition settings for slot values. You can use this to enable using slot values as a custom vocabulary for recognizing user utterances.", + "title": "AdvancedRecognitionSetting" + }, + "RegexFilter": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotValueRegexFilter", + "markdownDescription": "A regular expression used to validate the value of a slot.", + "title": "RegexFilter" + }, + "ResolutionStrategy": { + "markdownDescription": "Determines the slot resolution strategy that Amazon Lex uses to return slot type values. The field can be set to one of the following values:\n\n- `ORIGINAL_VALUE` - Returns the value entered by the user, if the user value is similar to the slot value.\n- `TOP_RESOLUTION` - If there is a resolution list for the slot, return the first value in the resolution list as the slot type value. If there is no resolution list, null is returned.\n\nIf you don't specify the `valueSelectionStrategy` , the default is `ORIGINAL_VALUE` .", + "title": "ResolutionStrategy", + "type": "string" + } + }, + "required": [ + "ResolutionStrategy" + ], + "type": "object" + }, + "AWS::Lex::Bot.Specifications": { + "additionalProperties": false, + "properties": { + "SlotTypeId": { + "markdownDescription": "The unique identifier assigned to the slot type.", + "title": "SlotTypeId", + "type": "string" + }, + "ValueElicitationSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.SubSlotValueElicitationSetting", + "markdownDescription": "Specifies the elicitation setting details for constituent sub slots of a composite slot.", + "title": "ValueElicitationSetting" + } + }, + "required": [ + "SlotTypeId", + "ValueElicitationSetting" + ], + "type": "object" + }, + "AWS::Lex::Bot.StillWaitingResponseSpecification": { + "additionalProperties": false, + "properties": { + "AllowInterrupt": { + "markdownDescription": "Indicates that the user can interrupt the response by speaking while the message is being played.", + "title": "AllowInterrupt", + "type": "boolean" + }, + "FrequencyInSeconds": { + "markdownDescription": "How often a message should be sent to the user. Minimum of 1 second, maximum of 5 minutes.", + "title": "FrequencyInSeconds", + "type": "number" + }, + "MessageGroupsList": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.MessageGroup" + }, + "markdownDescription": "One or more message groups, each containing one or more messages, that define the prompts that Amazon Lex sends to the user.", + "title": "MessageGroupsList", + "type": "array" + }, + "TimeoutInSeconds": { + "markdownDescription": "If Amazon Lex waits longer than this length of time for a response, it will stop sending messages.", + "title": "TimeoutInSeconds", + "type": "number" + } + }, + "required": [ + "FrequencyInSeconds", + "MessageGroupsList", + "TimeoutInSeconds" + ], + "type": "object" + }, + "AWS::Lex::Bot.SubSlotSetting": { + "additionalProperties": false, + "properties": { + "Expression": { + "markdownDescription": "The expression text for defining the constituent sub slots in the composite slot using logical AND and OR operators.", + "title": "Expression", + "type": "string" + }, + "SlotSpecifications": { "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description of your site.\n\nConstraints: Maximum length of 256 characters.", - "title": "Description", - "type": "string" - }, - "GlobalNetworkId": { - "markdownDescription": "The ID of the global network.", - "title": "GlobalNetworkId", - "type": "string" - }, - "Location": { - "$ref": "#/definitions/AWS::NetworkManager::Site.Location", - "markdownDescription": "The site location. This information is used for visualization in the Network Manager console. If you specify the address, the latitude and longitude are automatically calculated.\n\n- `Address` : The physical address of the site.\n- `Latitude` : The latitude of the site.\n- `Longitude` : The longitude of the site.", - "title": "Location" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags for the site.", - "title": "Tags", - "type": "array" + "markdownDescription": "Specifications for the constituent sub slots of a composite slot.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::Lex::Bot.Specifications" } }, - "required": [ - "GlobalNetworkId" - ], + "title": "SlotSpecifications", "type": "object" - }, - "Type": { - "enum": [ - "AWS::NetworkManager::Site" - ], + } + }, + "type": "object" + }, + "AWS::Lex::Bot.SubSlotTypeComposition": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "Name of a constituent sub slot inside a composite slot.", + "title": "Name", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SlotTypeId": { + "markdownDescription": "The unique identifier assigned to a slot type. This refers to either a built-in slot type or the unique slotTypeId of a custom slot type.", + "title": "SlotTypeId", "type": "string" } }, "required": [ - "Type", - "Properties" + "Name", + "SlotTypeId" ], "type": "object" }, - "AWS::NetworkManager::Site.Location": { + "AWS::Lex::Bot.SubSlotValueElicitationSetting": { "additionalProperties": false, "properties": { - "Address": { - "markdownDescription": "The physical address.", - "title": "Address", + "DefaultValueSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotDefaultValueSpecification", + "markdownDescription": "", + "title": "DefaultValueSpecification" + }, + "PromptSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.PromptSpecification", + "markdownDescription": "", + "title": "PromptSpecification" + }, + "SampleUtterances": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.SampleUtterance" + }, + "markdownDescription": "If you know a specific pattern that users might respond to an Amazon Lex request for a sub slot value, you can provide those utterances to improve accuracy. This is optional. In most cases Amazon Lex is capable of understanding user utterances. This is similar to `SampleUtterances` for slots.", + "title": "SampleUtterances", + "type": "array" + }, + "WaitAndContinueSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.WaitAndContinueSpecification", + "markdownDescription": "", + "title": "WaitAndContinueSpecification" + } + }, + "type": "object" + }, + "AWS::Lex::Bot.TestBotAliasSettings": { + "additionalProperties": false, + "properties": { + "BotAliasLocaleSettings": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.BotAliasLocaleSettingsItem" + }, + "markdownDescription": "Specifies settings that are unique to a locale. For example, you can use a different Lambda function depending on the bot's locale.", + "title": "BotAliasLocaleSettings", + "type": "array" + }, + "ConversationLogSettings": { + "$ref": "#/definitions/AWS::Lex::Bot.ConversationLogSettings", + "markdownDescription": "Specifies settings for conversation logs that save audio, text, and metadata information for conversations with your users.", + "title": "ConversationLogSettings" + }, + "Description": { + "markdownDescription": "Specifies a description for the test bot alias.", + "title": "Description", "type": "string" }, - "Latitude": { - "markdownDescription": "The latitude.", - "title": "Latitude", + "SentimentAnalysisSettings": { + "$ref": "#/definitions/AWS::Lex::Bot.SentimentAnalysisSettings", + "markdownDescription": "Specifies whether Amazon Lex will use Amazon Comprehend to detect the sentiment of user utterances.", + "title": "SentimentAnalysisSettings" + } + }, + "type": "object" + }, + "AWS::Lex::Bot.TextInputSpecification": { + "additionalProperties": false, + "properties": { + "StartTimeoutMs": { + "markdownDescription": "Time for which a bot waits before re-prompting a customer for text input.", + "title": "StartTimeoutMs", + "type": "number" + } + }, + "required": [ + "StartTimeoutMs" + ], + "type": "object" + }, + "AWS::Lex::Bot.TextLogDestination": { + "additionalProperties": false, + "properties": { + "CloudWatch": { + "$ref": "#/definitions/AWS::Lex::Bot.CloudWatchLogGroupLogDestination", + "markdownDescription": "Defines the Amazon CloudWatch Logs log group where text and metadata logs are delivered.", + "title": "CloudWatch" + } + }, + "required": [ + "CloudWatch" + ], + "type": "object" + }, + "AWS::Lex::Bot.TextLogSetting": { + "additionalProperties": false, + "properties": { + "Destination": { + "$ref": "#/definitions/AWS::Lex::Bot.TextLogDestination", + "markdownDescription": "Specifies the Amazon CloudWatch Logs destination log group for conversation text logs.", + "title": "Destination" + }, + "Enabled": { + "markdownDescription": "Determines whether conversation logs should be stored for an alias.", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "Destination", + "Enabled" + ], + "type": "object" + }, + "AWS::Lex::Bot.VoiceSettings": { + "additionalProperties": false, + "properties": { + "Engine": { + "markdownDescription": "Indicates the type of Amazon Polly voice that Amazon Lex should use for voice interaction with the user. For more information, see the [`engine` parameter of the `SynthesizeSpeech` operation](https://docs.aws.amazon.com/polly/latest/dg/API_SynthesizeSpeech.html#polly-SynthesizeSpeech-request-Engine) in the *Amazon Polly developer guide* .\n\nIf you do not specify a value, the default is `standard` .", + "title": "Engine", "type": "string" }, - "Longitude": { - "markdownDescription": "The longitude.", - "title": "Longitude", + "VoiceId": { + "markdownDescription": "The identifier of the Amazon Polly voice to use.", + "title": "VoiceId", "type": "string" } }, + "required": [ + "VoiceId" + ], "type": "object" }, - "AWS::NetworkManager::SiteToSiteVpnAttachment": { + "AWS::Lex::Bot.WaitAndContinueSpecification": { + "additionalProperties": false, + "properties": { + "ContinueResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "The response that Amazon Lex sends to indicate that the bot is ready to continue the conversation.", + "title": "ContinueResponse" + }, + "IsActive": { + "markdownDescription": "Specifies whether the bot will wait for a user to respond. When this field is false, wait and continue responses for a slot aren't used. If the `IsActive` field isn't specified, the default is true.", + "title": "IsActive", + "type": "boolean" + }, + "StillWaitingResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.StillWaitingResponseSpecification", + "markdownDescription": "A response that Amazon Lex sends periodically to the user to indicate that the bot is still waiting for input from the user.", + "title": "StillWaitingResponse" + }, + "WaitingResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "The response that Amazon Lex sends to indicate that the bot is waiting for the conversation to continue.", + "title": "WaitingResponse" + } + }, + "required": [ + "ContinueResponse", + "WaitingResponse" + ], + "type": "object" + }, + "AWS::Lex::BotAlias": { "additionalProperties": false, "properties": { "Condition": { @@ -169216,39 +173215,62 @@ "Properties": { "additionalProperties": false, "properties": { - "CoreNetworkId": { - "markdownDescription": "", - "title": "CoreNetworkId", - "type": "string" + "BotAliasLocaleSettings": { + "items": { + "$ref": "#/definitions/AWS::Lex::BotAlias.BotAliasLocaleSettingsItem" + }, + "markdownDescription": "Specifies settings that are unique to a locale. For example, you can use different Lambda function depending on the bot's locale.", + "title": "BotAliasLocaleSettings", + "type": "array" }, - "ProposedSegmentChange": { - "$ref": "#/definitions/AWS::NetworkManager::SiteToSiteVpnAttachment.ProposedSegmentChange", - "markdownDescription": "Describes a proposed segment change. In some cases, the segment change must first be evaluated and accepted.", - "title": "ProposedSegmentChange" + "BotAliasName": { + "markdownDescription": "The name of the bot alias.", + "title": "BotAliasName", + "type": "string" }, - "Tags": { + "BotAliasTags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags associated with the Site-to-Site VPN attachment.", - "title": "Tags", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nYou can only add tags when you specify an alias.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "BotAliasTags", "type": "array" }, - "VpnConnectionArn": { - "markdownDescription": "The ARN of the site-to-site VPN attachment.", - "title": "VpnConnectionArn", + "BotId": { + "markdownDescription": "The unique identifier of the bot.", + "title": "BotId", + "type": "string" + }, + "BotVersion": { + "markdownDescription": "The version of the bot that the bot alias references.", + "title": "BotVersion", + "type": "string" + }, + "ConversationLogSettings": { + "$ref": "#/definitions/AWS::Lex::BotAlias.ConversationLogSettings", + "markdownDescription": "Specifies whether Amazon Lex logs text and audio for conversations with the bot. When you enable conversation logs, text logs store text input, transcripts of audio input, and associated metadata in Amazon CloudWatch logs. Audio logs store input in Amazon S3 .", + "title": "ConversationLogSettings" + }, + "Description": { + "markdownDescription": "The description of the bot alias.", + "title": "Description", "type": "string" + }, + "SentimentAnalysisSettings": { + "$ref": "#/definitions/AWS::Lex::BotAlias.SentimentAnalysisSettings", + "markdownDescription": "Determines whether Amazon Lex will use Amazon Comprehend to detect the sentiment of user utterances.", + "title": "SentimentAnalysisSettings" } }, "required": [ - "CoreNetworkId", - "VpnConnectionArn" + "BotAliasName", + "BotId" ], "type": "object" }, "Type": { "enum": [ - "AWS::NetworkManager::SiteToSiteVpnAttachment" + "AWS::Lex::BotAlias" ], "type": "string" }, @@ -169267,31 +173289,229 @@ ], "type": "object" }, - "AWS::NetworkManager::SiteToSiteVpnAttachment.ProposedSegmentChange": { + "AWS::Lex::BotAlias.AudioLogDestination": { "additionalProperties": false, "properties": { - "AttachmentPolicyRuleNumber": { - "markdownDescription": "The rule number in the policy document that applies to this change.", - "title": "AttachmentPolicyRuleNumber", - "type": "number" + "S3Bucket": { + "$ref": "#/definitions/AWS::Lex::BotAlias.S3BucketLogDestination", + "markdownDescription": "The S3 bucket location where audio logs are stored.", + "title": "S3Bucket" + } + }, + "required": [ + "S3Bucket" + ], + "type": "object" + }, + "AWS::Lex::BotAlias.AudioLogSetting": { + "additionalProperties": false, + "properties": { + "Destination": { + "$ref": "#/definitions/AWS::Lex::BotAlias.AudioLogDestination", + "markdownDescription": "The location of audio log files collected when conversation logging is enabled for a bot.", + "title": "Destination" }, - "SegmentName": { - "markdownDescription": "The name of the segment to change.", - "title": "SegmentName", + "Enabled": { + "markdownDescription": "Determines whether audio logging in enabled for the bot.", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "Destination", + "Enabled" + ], + "type": "object" + }, + "AWS::Lex::BotAlias.BotAliasLocaleSettings": { + "additionalProperties": false, + "properties": { + "CodeHookSpecification": { + "$ref": "#/definitions/AWS::Lex::BotAlias.CodeHookSpecification", + "markdownDescription": "Specifies the Lambda function that should be used in the locale.", + "title": "CodeHookSpecification" + }, + "Enabled": { + "markdownDescription": "Determines whether the locale is enabled for the bot. If the value is `false` , the locale isn't available for use.", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::Lex::BotAlias.BotAliasLocaleSettingsItem": { + "additionalProperties": false, + "properties": { + "BotAliasLocaleSetting": { + "$ref": "#/definitions/AWS::Lex::BotAlias.BotAliasLocaleSettings", + "markdownDescription": "Specifies settings that are unique to a locale.", + "title": "BotAliasLocaleSetting" + }, + "LocaleId": { + "markdownDescription": "The unique identifier of the locale.", + "title": "LocaleId", + "type": "string" + } + }, + "required": [ + "BotAliasLocaleSetting", + "LocaleId" + ], + "type": "object" + }, + "AWS::Lex::BotAlias.CloudWatchLogGroupLogDestination": { + "additionalProperties": false, + "properties": { + "CloudWatchLogGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the log group where text and metadata logs are delivered.", + "title": "CloudWatchLogGroupArn", "type": "string" }, - "Tags": { + "LogPrefix": { + "markdownDescription": "The prefix of the log stream name within the log group that you specified", + "title": "LogPrefix", + "type": "string" + } + }, + "required": [ + "CloudWatchLogGroupArn", + "LogPrefix" + ], + "type": "object" + }, + "AWS::Lex::BotAlias.CodeHookSpecification": { + "additionalProperties": false, + "properties": { + "LambdaCodeHook": { + "$ref": "#/definitions/AWS::Lex::BotAlias.LambdaCodeHook", + "markdownDescription": "Specifies a Lambda function that verifies requests to a bot or fulfills the user's request to a bot.", + "title": "LambdaCodeHook" + } + }, + "required": [ + "LambdaCodeHook" + ], + "type": "object" + }, + "AWS::Lex::BotAlias.ConversationLogSettings": { + "additionalProperties": false, + "properties": { + "AudioLogSettings": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Lex::BotAlias.AudioLogSetting" }, - "markdownDescription": "The list of key-value tags that changed for the segment.", - "title": "Tags", + "markdownDescription": "The Amazon S3 settings for logging audio to an S3 bucket.", + "title": "AudioLogSettings", + "type": "array" + }, + "TextLogSettings": { + "items": { + "$ref": "#/definitions/AWS::Lex::BotAlias.TextLogSetting" + }, + "markdownDescription": "The Amazon CloudWatch Logs settings for logging text and metadata.", + "title": "TextLogSettings", "type": "array" } }, "type": "object" }, - "AWS::NetworkManager::TransitGatewayPeering": { + "AWS::Lex::BotAlias.LambdaCodeHook": { + "additionalProperties": false, + "properties": { + "CodeHookInterfaceVersion": { + "markdownDescription": "The version of the request-response that you want Amazon Lex to use to invoke your Lambda function.", + "title": "CodeHookInterfaceVersion", + "type": "string" + }, + "LambdaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function.", + "title": "LambdaArn", + "type": "string" + } + }, + "required": [ + "CodeHookInterfaceVersion", + "LambdaArn" + ], + "type": "object" + }, + "AWS::Lex::BotAlias.S3BucketLogDestination": { + "additionalProperties": false, + "properties": { + "KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Key Management Service (KMS) key for encrypting audio log files stored in an Amazon S3 bucket.", + "title": "KmsKeyArn", + "type": "string" + }, + "LogPrefix": { + "markdownDescription": "The S3 prefix to assign to audio log files.", + "title": "LogPrefix", + "type": "string" + }, + "S3BucketArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an Amazon S3 bucket where audio log files are stored.", + "title": "S3BucketArn", + "type": "string" + } + }, + "required": [ + "LogPrefix", + "S3BucketArn" + ], + "type": "object" + }, + "AWS::Lex::BotAlias.SentimentAnalysisSettings": { + "additionalProperties": false, + "properties": { + "DetectSentiment": { + "markdownDescription": "Sets whether Amazon Lex uses Amazon Comprehend to detect the sentiment of user utterances.", + "title": "DetectSentiment", + "type": "boolean" + } + }, + "required": [ + "DetectSentiment" + ], + "type": "object" + }, + "AWS::Lex::BotAlias.TextLogDestination": { + "additionalProperties": false, + "properties": { + "CloudWatch": { + "$ref": "#/definitions/AWS::Lex::BotAlias.CloudWatchLogGroupLogDestination", + "markdownDescription": "Defines the Amazon CloudWatch Logs log group where text and metadata logs are delivered.", + "title": "CloudWatch" + } + }, + "required": [ + "CloudWatch" + ], + "type": "object" + }, + "AWS::Lex::BotAlias.TextLogSetting": { + "additionalProperties": false, + "properties": { + "Destination": { + "$ref": "#/definitions/AWS::Lex::BotAlias.TextLogDestination", + "markdownDescription": "Defines the Amazon CloudWatch Logs destination log group for conversation text logs.", + "title": "Destination" + }, + "Enabled": { + "markdownDescription": "Determines whether conversation logs should be stored for an alias.", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "Destination", + "Enabled" + ], + "type": "object" + }, + "AWS::Lex::BotVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -169326,34 +173546,34 @@ "Properties": { "additionalProperties": false, "properties": { - "CoreNetworkId": { - "markdownDescription": "The ID of the core network.", - "title": "CoreNetworkId", + "BotId": { + "markdownDescription": "The unique identifier of the bot.", + "title": "BotId", "type": "string" }, - "Tags": { + "BotVersionLocaleSpecification": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Lex::BotVersion.BotVersionLocaleSpecification" }, - "markdownDescription": "The list of key-value tags associated with the peering.", - "title": "Tags", + "markdownDescription": "Specifies the locales that Amazon Lex adds to this version. You can choose the Draft version or any other previously published version for each locale. When you specify a source version, the locale data is copied from the source version to the new version.", + "title": "BotVersionLocaleSpecification", "type": "array" }, - "TransitGatewayArn": { - "markdownDescription": "The ARN of the transit gateway.", - "title": "TransitGatewayArn", + "Description": { + "markdownDescription": "The description of the version.", + "title": "Description", "type": "string" } }, "required": [ - "CoreNetworkId", - "TransitGatewayArn" + "BotId", + "BotVersionLocaleSpecification" ], "type": "object" }, "Type": { "enum": [ - "AWS::NetworkManager::TransitGatewayPeering" + "AWS::Lex::BotVersion" ], "type": "string" }, @@ -169372,7 +173592,41 @@ ], "type": "object" }, - "AWS::NetworkManager::TransitGatewayRegistration": { + "AWS::Lex::BotVersion.BotVersionLocaleDetails": { + "additionalProperties": false, + "properties": { + "SourceBotVersion": { + "markdownDescription": "The version of a bot used for a bot locale.", + "title": "SourceBotVersion", + "type": "string" + } + }, + "required": [ + "SourceBotVersion" + ], + "type": "object" + }, + "AWS::Lex::BotVersion.BotVersionLocaleSpecification": { + "additionalProperties": false, + "properties": { + "BotVersionLocaleDetails": { + "$ref": "#/definitions/AWS::Lex::BotVersion.BotVersionLocaleDetails", + "markdownDescription": "The version of a bot used for a bot locale.", + "title": "BotVersionLocaleDetails" + }, + "LocaleId": { + "markdownDescription": "The identifier of the locale to add to the version.", + "title": "LocaleId", + "type": "string" + } + }, + "required": [ + "BotVersionLocaleDetails", + "LocaleId" + ], + "type": "object" + }, + "AWS::Lex::ResourcePolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -169407,26 +173661,26 @@ "Properties": { "additionalProperties": false, "properties": { - "GlobalNetworkId": { - "markdownDescription": "The ID of the global network.", - "title": "GlobalNetworkId", - "type": "string" + "Policy": { + "markdownDescription": "A resource policy to add to the resource. The policy is a JSON structure that contains one or more statements that define the policy. The policy must follow IAM syntax. If the policy isn't valid, Amazon Lex returns a validation exception.", + "title": "Policy", + "type": "object" }, - "TransitGatewayArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the transit gateway.", - "title": "TransitGatewayArn", + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the bot or bot alias that the resource policy is attached to.", + "title": "ResourceArn", "type": "string" } }, "required": [ - "GlobalNetworkId", - "TransitGatewayArn" + "Policy", + "ResourceArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::NetworkManager::TransitGatewayRegistration" + "AWS::Lex::ResourcePolicy" ], "type": "string" }, @@ -169445,7 +173699,7 @@ ], "type": "object" }, - "AWS::NetworkManager::TransitGatewayRouteTableAttachment": { + "AWS::LicenseManager::Grant": { "additionalProperties": false, "properties": { "Condition": { @@ -169480,39 +173734,48 @@ "Properties": { "additionalProperties": false, "properties": { - "PeeringId": { - "markdownDescription": "The ID of the transit gateway peering.", - "title": "PeeringId", + "AllowedOperations": { + "items": { + "type": "string" + }, + "markdownDescription": "Allowed operations for the grant.", + "title": "AllowedOperations", + "type": "array" + }, + "GrantName": { + "markdownDescription": "Grant name.", + "title": "GrantName", "type": "string" }, - "ProposedSegmentChange": { - "$ref": "#/definitions/AWS::NetworkManager::TransitGatewayRouteTableAttachment.ProposedSegmentChange", - "markdownDescription": "This property is read-only. Values can't be assigned to it.", - "title": "ProposedSegmentChange" + "HomeRegion": { + "markdownDescription": "Home Region of the grant.", + "title": "HomeRegion", + "type": "string" }, - "Tags": { + "LicenseArn": { + "markdownDescription": "License ARN.", + "title": "LicenseArn", + "type": "string" + }, + "Principals": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "The list of key-value pairs associated with the transit gateway route table attachment.", - "title": "Tags", + "markdownDescription": "The grant principals. You can specify one of the following as an Amazon Resource Name (ARN):\n\n- An AWS account, which includes only the account specified.\n\n- An organizational unit (OU), which includes all accounts in the OU.\n\n- An organization, which will include all accounts across your organization.", + "title": "Principals", "type": "array" }, - "TransitGatewayRouteTableArn": { - "markdownDescription": "The ARN of the transit gateway attachment route table. For example, `\"TransitGatewayRouteTableArn\": \"arn:aws:ec2:us-west-2:123456789012:transit-gateway-route-table/tgw-rtb-9876543210123456\"` .", - "title": "TransitGatewayRouteTableArn", + "Status": { + "markdownDescription": "Granted license status.", + "title": "Status", "type": "string" } }, - "required": [ - "PeeringId", - "TransitGatewayRouteTableArn" - ], "type": "object" }, "Type": { "enum": [ - "AWS::NetworkManager::TransitGatewayRouteTableAttachment" + "AWS::LicenseManager::Grant" ], "type": "string" }, @@ -169526,36 +173789,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::NetworkManager::TransitGatewayRouteTableAttachment.ProposedSegmentChange": { - "additionalProperties": false, - "properties": { - "AttachmentPolicyRuleNumber": { - "markdownDescription": "The rule number in the policy document that applies to this change.", - "title": "AttachmentPolicyRuleNumber", - "type": "number" - }, - "SegmentName": { - "markdownDescription": "The name of the segment to change.", - "title": "SegmentName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The list of key-value tags that changed for the segment.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, - "AWS::NetworkManager::VpcAttachment": { + "AWS::LicenseManager::License": { "additionalProperties": false, "properties": { "Condition": { @@ -169590,53 +173828,82 @@ "Properties": { "additionalProperties": false, "properties": { - "CoreNetworkId": { - "markdownDescription": "The core network ID.", - "title": "CoreNetworkId", + "Beneficiary": { + "markdownDescription": "License beneficiary.", + "title": "Beneficiary", "type": "string" }, - "Options": { - "$ref": "#/definitions/AWS::NetworkManager::VpcAttachment.VpcOptions", - "markdownDescription": "Options for creating the VPC attachment.", - "title": "Options" - }, - "ProposedSegmentChange": { - "$ref": "#/definitions/AWS::NetworkManager::VpcAttachment.ProposedSegmentChange", - "markdownDescription": "Describes a proposed segment change. In some cases, the segment change must first be evaluated and accepted.", - "title": "ProposedSegmentChange" + "ConsumptionConfiguration": { + "$ref": "#/definitions/AWS::LicenseManager::License.ConsumptionConfiguration", + "markdownDescription": "Configuration for consumption of the license.", + "title": "ConsumptionConfiguration" }, - "SubnetArns": { + "Entitlements": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::LicenseManager::License.Entitlement" }, - "markdownDescription": "The subnet ARNs.", - "title": "SubnetArns", + "markdownDescription": "License entitlements.", + "title": "Entitlements", "type": "array" }, - "Tags": { + "HomeRegion": { + "markdownDescription": "Home Region of the license.", + "title": "HomeRegion", + "type": "string" + }, + "Issuer": { + "$ref": "#/definitions/AWS::LicenseManager::License.IssuerData", + "markdownDescription": "License issuer.", + "title": "Issuer" + }, + "LicenseMetadata": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::LicenseManager::License.Metadata" }, - "markdownDescription": "The tags associated with the VPC attachment.", - "title": "Tags", + "markdownDescription": "License metadata.", + "title": "LicenseMetadata", "type": "array" }, - "VpcArn": { - "markdownDescription": "The ARN of the VPC attachment.", - "title": "VpcArn", + "LicenseName": { + "markdownDescription": "License name.", + "title": "LicenseName", + "type": "string" + }, + "ProductName": { + "markdownDescription": "Product name.", + "title": "ProductName", + "type": "string" + }, + "ProductSKU": { + "markdownDescription": "Product SKU.", + "title": "ProductSKU", + "type": "string" + }, + "Status": { + "markdownDescription": "License status.", + "title": "Status", "type": "string" + }, + "Validity": { + "$ref": "#/definitions/AWS::LicenseManager::License.ValidityDateFormat", + "markdownDescription": "Date and time range during which the license is valid, in ISO8601-UTC format.", + "title": "Validity" } }, "required": [ - "CoreNetworkId", - "SubnetArns", - "VpcArn" + "ConsumptionConfiguration", + "Entitlements", + "HomeRegion", + "Issuer", + "LicenseName", + "ProductName", + "Validity" ], "type": "object" }, "Type": { "enum": [ - "AWS::NetworkManager::VpcAttachment" + "AWS::LicenseManager::License" ], "type": "string" }, @@ -169655,47 +173922,161 @@ ], "type": "object" }, - "AWS::NetworkManager::VpcAttachment.ProposedSegmentChange": { + "AWS::LicenseManager::License.BorrowConfiguration": { "additionalProperties": false, "properties": { - "AttachmentPolicyRuleNumber": { - "markdownDescription": "The rule number in the policy document that applies to this change.", - "title": "AttachmentPolicyRuleNumber", - "type": "number" - }, - "SegmentName": { - "markdownDescription": "The name of the segment to change.", - "title": "SegmentName", - "type": "string" + "AllowEarlyCheckIn": { + "markdownDescription": "Indicates whether early check-ins are allowed.", + "title": "AllowEarlyCheckIn", + "type": "boolean" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The list of key-value tags that changed for the segment.", - "title": "Tags", - "type": "array" + "MaxTimeToLiveInMinutes": { + "markdownDescription": "Maximum time for the borrow configuration, in minutes.", + "title": "MaxTimeToLiveInMinutes", + "type": "number" } }, + "required": [ + "AllowEarlyCheckIn", + "MaxTimeToLiveInMinutes" + ], "type": "object" }, - "AWS::NetworkManager::VpcAttachment.VpcOptions": { + "AWS::LicenseManager::License.ConsumptionConfiguration": { "additionalProperties": false, "properties": { - "ApplianceModeSupport": { - "markdownDescription": "Indicates whether appliance mode is supported. If enabled, traffic flow between a source and destination use the same Availability Zone for the VPC attachment for the lifetime of that flow. The default value is `false` .", - "title": "ApplianceModeSupport", - "type": "boolean" + "BorrowConfiguration": { + "$ref": "#/definitions/AWS::LicenseManager::License.BorrowConfiguration", + "markdownDescription": "Details about a borrow configuration.", + "title": "BorrowConfiguration" }, - "Ipv6Support": { - "markdownDescription": "Indicates whether IPv6 is supported.", - "title": "Ipv6Support", + "ProvisionalConfiguration": { + "$ref": "#/definitions/AWS::LicenseManager::License.ProvisionalConfiguration", + "markdownDescription": "Details about a provisional configuration.", + "title": "ProvisionalConfiguration" + }, + "RenewType": { + "markdownDescription": "Renewal frequency.", + "title": "RenewType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::LicenseManager::License.Entitlement": { + "additionalProperties": false, + "properties": { + "AllowCheckIn": { + "markdownDescription": "Indicates whether check-ins are allowed.", + "title": "AllowCheckIn", + "type": "boolean" + }, + "MaxCount": { + "markdownDescription": "Maximum entitlement count. Use if the unit is not None.", + "title": "MaxCount", + "type": "number" + }, + "Name": { + "markdownDescription": "Entitlement name.", + "title": "Name", + "type": "string" + }, + "Overage": { + "markdownDescription": "Indicates whether overages are allowed.", + "title": "Overage", "type": "boolean" + }, + "Unit": { + "markdownDescription": "Entitlement unit.", + "title": "Unit", + "type": "string" + }, + "Value": { + "markdownDescription": "Entitlement resource. Use only if the unit is None.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Name", + "Unit" + ], + "type": "object" + }, + "AWS::LicenseManager::License.IssuerData": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "Issuer name.", + "title": "Name", + "type": "string" + }, + "SignKey": { + "markdownDescription": "Asymmetric KMS key from AWS Key Management Service . The KMS key must have a key usage of sign and verify, and support the RSASSA-PSS SHA-256 signing algorithm.", + "title": "SignKey", + "type": "string" } }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::LicenseManager::License.Metadata": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The key name.", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The value.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Name", + "Value" + ], + "type": "object" + }, + "AWS::LicenseManager::License.ProvisionalConfiguration": { + "additionalProperties": false, + "properties": { + "MaxTimeToLiveInMinutes": { + "markdownDescription": "Maximum time for the provisional configuration, in minutes.", + "title": "MaxTimeToLiveInMinutes", + "type": "number" + } + }, + "required": [ + "MaxTimeToLiveInMinutes" + ], + "type": "object" + }, + "AWS::LicenseManager::License.ValidityDateFormat": { + "additionalProperties": false, + "properties": { + "Begin": { + "markdownDescription": "Start of the time range.", + "title": "Begin", + "type": "string" + }, + "End": { + "markdownDescription": "End of the time range.", + "title": "End", + "type": "string" + } + }, + "required": [ + "Begin", + "End" + ], "type": "object" }, - "AWS::NimbleStudio::LaunchProfile": { + "AWS::Lightsail::Alarm": { "additionalProperties": false, "properties": { "Condition": { @@ -169730,59 +174111,81 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { + "AlarmName": { + "markdownDescription": "The name of the alarm.", + "title": "AlarmName", "type": "string" }, - "Ec2SubnetIds": { - "items": { - "type": "string" - }, - "type": "array" + "ComparisonOperator": { + "markdownDescription": "The arithmetic operation to use when comparing the specified statistic and threshold.", + "title": "ComparisonOperator", + "type": "string" }, - "LaunchProfileProtocolVersions": { + "ContactProtocols": { "items": { "type": "string" }, + "markdownDescription": "The contact protocols for the alarm, such as `Email` , `SMS` (text messaging), or both.\n\n*Allowed Values* : `Email` | `SMS`", + "title": "ContactProtocols", "type": "array" }, - "Name": { + "DatapointsToAlarm": { + "markdownDescription": "The number of data points within the evaluation periods that must be breaching to cause the alarm to go to the `ALARM` state.", + "title": "DatapointsToAlarm", + "type": "number" + }, + "EvaluationPeriods": { + "markdownDescription": "The number of periods over which data is compared to the specified threshold.", + "title": "EvaluationPeriods", + "type": "number" + }, + "MetricName": { + "markdownDescription": "The name of the metric associated with the alarm.", + "title": "MetricName", + "type": "string" + }, + "MonitoredResourceName": { + "markdownDescription": "The name of the Lightsail resource that the alarm monitors.", + "title": "MonitoredResourceName", "type": "string" }, - "StreamConfiguration": { - "$ref": "#/definitions/AWS::NimbleStudio::LaunchProfile.StreamConfiguration" + "NotificationEnabled": { + "markdownDescription": "A Boolean value indicating whether the alarm is enabled.", + "title": "NotificationEnabled", + "type": "boolean" }, - "StudioComponentIds": { + "NotificationTriggers": { "items": { "type": "string" }, + "markdownDescription": "The alarm states that trigger a notification.\n\n> To specify the `OK` and `INSUFFICIENT_DATA` values, you must also specify `ContactProtocols` values. Otherwise, the `OK` and `INSUFFICIENT_DATA` values will not take effect and the stack will drift. \n\n*Allowed Values* : `OK` | `ALARM` | `INSUFFICIENT_DATA`", + "title": "NotificationTriggers", "type": "array" }, - "StudioId": { - "type": "string" + "Threshold": { + "markdownDescription": "The value against which the specified statistic is compared.", + "title": "Threshold", + "type": "number" }, - "Tags": { - "additionalProperties": true, - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "type": "object" + "TreatMissingData": { + "markdownDescription": "Specifies how the alarm handles missing data points.\n\nAn alarm can treat missing data in the following ways:\n\n- `breaching` - Assumes the missing data is not within the threshold. Missing data counts towards the number of times that the metric is not within the threshold.\n- `notBreaching` - Assumes the missing data is within the threshold. Missing data does not count towards the number of times that the metric is not within the threshold.\n- `ignore` - Ignores the missing data. Maintains the current alarm state.\n- `missing` - Missing data is treated as missing.", + "title": "TreatMissingData", + "type": "string" } }, "required": [ - "Ec2SubnetIds", - "LaunchProfileProtocolVersions", - "Name", - "StreamConfiguration", - "StudioComponentIds", - "StudioId" + "AlarmName", + "ComparisonOperator", + "EvaluationPeriods", + "MetricName", + "MonitoredResourceName", + "Threshold" ], "type": "object" }, "Type": { "enum": [ - "AWS::NimbleStudio::LaunchProfile" + "AWS::Lightsail::Alarm" ], "type": "string" }, @@ -169801,111 +174204,7 @@ ], "type": "object" }, - "AWS::NimbleStudio::LaunchProfile.StreamConfiguration": { - "additionalProperties": false, - "properties": { - "AutomaticTerminationMode": { - "type": "string" - }, - "ClipboardMode": { - "type": "string" - }, - "Ec2InstanceTypes": { - "items": { - "type": "string" - }, - "type": "array" - }, - "MaxSessionLengthInMinutes": { - "type": "number" - }, - "MaxStoppedSessionLengthInMinutes": { - "type": "number" - }, - "SessionBackup": { - "$ref": "#/definitions/AWS::NimbleStudio::LaunchProfile.StreamConfigurationSessionBackup" - }, - "SessionPersistenceMode": { - "type": "string" - }, - "SessionStorage": { - "$ref": "#/definitions/AWS::NimbleStudio::LaunchProfile.StreamConfigurationSessionStorage" - }, - "StreamingImageIds": { - "items": { - "type": "string" - }, - "type": "array" - }, - "VolumeConfiguration": { - "$ref": "#/definitions/AWS::NimbleStudio::LaunchProfile.VolumeConfiguration" - } - }, - "required": [ - "ClipboardMode", - "Ec2InstanceTypes", - "StreamingImageIds" - ], - "type": "object" - }, - "AWS::NimbleStudio::LaunchProfile.StreamConfigurationSessionBackup": { - "additionalProperties": false, - "properties": { - "MaxBackupsToRetain": { - "type": "number" - }, - "Mode": { - "type": "string" - } - }, - "type": "object" - }, - "AWS::NimbleStudio::LaunchProfile.StreamConfigurationSessionStorage": { - "additionalProperties": false, - "properties": { - "Mode": { - "items": { - "type": "string" - }, - "type": "array" - }, - "Root": { - "$ref": "#/definitions/AWS::NimbleStudio::LaunchProfile.StreamingSessionStorageRoot" - } - }, - "required": [ - "Mode" - ], - "type": "object" - }, - "AWS::NimbleStudio::LaunchProfile.StreamingSessionStorageRoot": { - "additionalProperties": false, - "properties": { - "Linux": { - "type": "string" - }, - "Windows": { - "type": "string" - } - }, - "type": "object" - }, - "AWS::NimbleStudio::LaunchProfile.VolumeConfiguration": { - "additionalProperties": false, - "properties": { - "Iops": { - "type": "number" - }, - "Size": { - "type": "number" - }, - "Throughput": { - "type": "number" - } - }, - "type": "object" - }, - "AWS::NimbleStudio::StreamingImage": { + "AWS::Lightsail::Bucket": { "additionalProperties": false, "properties": { "Condition": { @@ -169940,38 +174239,60 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "type": "string" + "AccessRules": { + "$ref": "#/definitions/AWS::Lightsail::Bucket.AccessRules", + "markdownDescription": "An object that describes the access rules for the bucket.", + "title": "AccessRules" }, - "Ec2ImageId": { + "BucketName": { + "markdownDescription": "The name of the bucket.", + "title": "BucketName", "type": "string" }, - "Name": { + "BundleId": { + "markdownDescription": "The bundle ID for the bucket (for example, `small_1_0` ).\n\nA bucket bundle specifies the monthly cost, storage space, and data transfer quota for a bucket.", + "title": "BundleId", "type": "string" }, - "StudioId": { - "type": "string" + "ObjectVersioning": { + "markdownDescription": "Indicates whether object versioning is enabled for the bucket.\n\nThe following options can be configured:\n\n- `Enabled` - Object versioning is enabled.\n- `Suspended` - Object versioning was previously enabled but is currently suspended. Existing object versions are retained.\n- `NeverEnabled` - Object versioning has never been enabled.", + "title": "ObjectVersioning", + "type": "boolean" + }, + "ReadOnlyAccessAccounts": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of AWS account IDs that have read-only access to the bucket.", + "title": "ReadOnlyAccessAccounts", + "type": "array" + }, + "ResourcesReceivingAccess": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of Lightsail instances that have access to the bucket.", + "title": "ResourcesReceivingAccess", + "type": "array" }, "Tags": { - "additionalProperties": true, - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, - "type": "object" + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", + "title": "Tags", + "type": "array" } }, "required": [ - "Ec2ImageId", - "Name", - "StudioId" + "BucketName", + "BundleId" ], "type": "object" }, "Type": { "enum": [ - "AWS::NimbleStudio::StreamingImage" + "AWS::Lightsail::Bucket" ], "type": "string" }, @@ -169990,22 +174311,23 @@ ], "type": "object" }, - "AWS::NimbleStudio::StreamingImage.StreamingImageEncryptionConfiguration": { + "AWS::Lightsail::Bucket.AccessRules": { "additionalProperties": false, "properties": { - "KeyArn": { - "type": "string" + "AllowPublicOverrides": { + "markdownDescription": "A Boolean value indicating whether the access control list (ACL) permissions that are applied to individual objects override the `GetObject` option that is currently specified.\n\nWhen this is true, you can use the [PutObjectAcl](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectAcl.html) Amazon S3 API operation to set individual objects to public (read-only) or private, using either the `public-read` ACL or the `private` ACL.", + "title": "AllowPublicOverrides", + "type": "boolean" }, - "KeyType": { + "GetObject": { + "markdownDescription": "Specifies the anonymous access to all objects in a bucket.\n\nThe following options can be specified:\n\n- `public` - Sets all objects in the bucket to public (read-only), making them readable by everyone on the internet.\n\nIf the `GetObject` value is set to `public` , then all objects in the bucket default to public regardless of the `allowPublicOverrides` value.\n- `private` - Sets all objects in the bucket to private, making them readable only by you and anyone that you grant access to.\n\nIf the `GetObject` value is set to `private` , and the `allowPublicOverrides` value is set to `true` , then all objects in the bucket default to private unless they are configured with a `public-read` ACL. Individual objects with a `public-read` ACL are readable by everyone on the internet.", + "title": "GetObject", "type": "string" } }, - "required": [ - "KeyType" - ], "type": "object" }, - "AWS::NimbleStudio::Studio": { + "AWS::Lightsail::Certificate": { "additionalProperties": false, "properties": { "Condition": { @@ -170040,42 +174362,42 @@ "Properties": { "additionalProperties": false, "properties": { - "AdminRoleArn": { + "CertificateName": { + "markdownDescription": "The name of the certificate.", + "title": "CertificateName", "type": "string" }, - "DisplayName": { + "DomainName": { + "markdownDescription": "The domain name of the certificate.", + "title": "DomainName", "type": "string" }, - "StudioEncryptionConfiguration": { - "$ref": "#/definitions/AWS::NimbleStudio::Studio.StudioEncryptionConfiguration" - }, - "StudioName": { - "type": "string" + "SubjectAlternativeNames": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of strings that specify the alternate domains (such as `example.org` ) and subdomains (such as `blog.example.com` ) of the certificate.", + "title": "SubjectAlternativeNames", + "type": "array" }, "Tags": { - "additionalProperties": true, - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, - "type": "object" - }, - "UserRoleArn": { - "type": "string" + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", + "title": "Tags", + "type": "array" } }, "required": [ - "AdminRoleArn", - "DisplayName", - "StudioName", - "UserRoleArn" + "CertificateName", + "DomainName" ], "type": "object" }, "Type": { "enum": [ - "AWS::NimbleStudio::Studio" + "AWS::Lightsail::Certificate" ], "type": "string" }, @@ -170094,22 +174416,7 @@ ], "type": "object" }, - "AWS::NimbleStudio::Studio.StudioEncryptionConfiguration": { - "additionalProperties": false, - "properties": { - "KeyArn": { - "type": "string" - }, - "KeyType": { - "type": "string" - } - }, - "required": [ - "KeyType" - ], - "type": "object" - }, - "AWS::NimbleStudio::StudioComponent": { + "AWS::Lightsail::Container": { "additionalProperties": false, "properties": { "Condition": { @@ -170144,62 +174451,63 @@ "Properties": { "additionalProperties": false, "properties": { - "Configuration": { - "$ref": "#/definitions/AWS::NimbleStudio::StudioComponent.StudioComponentConfiguration" - }, - "Description": { - "type": "string" - }, - "Ec2SecurityGroupIds": { - "items": { - "type": "string" - }, - "type": "array" + "ContainerServiceDeployment": { + "$ref": "#/definitions/AWS::Lightsail::Container.ContainerServiceDeployment", + "markdownDescription": "An object that describes the current container deployment of the container service.", + "title": "ContainerServiceDeployment" }, - "InitializationScripts": { - "items": { - "$ref": "#/definitions/AWS::NimbleStudio::StudioComponent.StudioComponentInitializationScript" - }, - "type": "array" + "IsDisabled": { + "markdownDescription": "A Boolean value indicating whether the container service is disabled.", + "title": "IsDisabled", + "type": "boolean" }, - "Name": { + "Power": { + "markdownDescription": "The power specification of the container service.\n\nThe power specifies the amount of RAM, the number of vCPUs, and the base price of the container service.", + "title": "Power", "type": "string" }, - "ScriptParameters": { + "PrivateRegistryAccess": { + "$ref": "#/definitions/AWS::Lightsail::Container.PrivateRegistryAccess", + "markdownDescription": "An object that describes the configuration for the container service to access private container image repositories, such as Amazon Elastic Container Registry ( Amazon ECR ) private repositories.\n\nFor more information, see [Configuring access to an Amazon ECR private repository for an Amazon Lightsail container service](https://docs.aws.amazon.com/lightsail/latest/userguide/amazon-lightsail-container-service-ecr-private-repo-access) in the *Amazon Lightsail Developer Guide* .", + "title": "PrivateRegistryAccess" + }, + "PublicDomainNames": { "items": { - "$ref": "#/definitions/AWS::NimbleStudio::StudioComponent.ScriptParameterKeyValue" + "$ref": "#/definitions/AWS::Lightsail::Container.PublicDomainName" }, + "markdownDescription": "The public domain name of the container service, such as `example.com` and `www.example.com` .\n\nYou can specify up to four public domain names for a container service. The domain names that you specify are used when you create a deployment with a container that is configured as the public endpoint of your container service.\n\nIf you don't specify public domain names, then you can use the default domain of the container service.\n\n> You must create and validate an SSL/TLS certificate before you can use public domain names with your container service. Use the [AWS::Lightsail::Certificate](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lightsail-certificate.html) resource to create a certificate for the public domain names that you want to use with your container service.", + "title": "PublicDomainNames", "type": "array" }, - "StudioId": { - "type": "string" + "Scale": { + "markdownDescription": "The scale specification of the container service.\n\nThe scale specifies the allocated compute nodes of the container service.", + "title": "Scale", + "type": "number" }, - "Subtype": { + "ServiceName": { + "markdownDescription": "The name of the container service.", + "title": "ServiceName", "type": "string" }, "Tags": { - "additionalProperties": true, - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, - "type": "object" - }, - "Type": { - "type": "string" + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", + "title": "Tags", + "type": "array" } }, "required": [ - "Name", - "StudioId", - "Type" + "Power", + "Scale", + "ServiceName" ], "type": "object" }, "Type": { "enum": [ - "AWS::NimbleStudio::StudioComponent" + "AWS::Lightsail::Container" ], "type": "string" }, @@ -170218,127 +174526,201 @@ ], "type": "object" }, - "AWS::NimbleStudio::StudioComponent.ActiveDirectoryComputerAttribute": { + "AWS::Lightsail::Container.Container": { "additionalProperties": false, "properties": { - "Name": { + "Command": { + "items": { + "type": "string" + }, + "markdownDescription": "The launch command for the container.", + "title": "Command", + "type": "array" + }, + "ContainerName": { + "markdownDescription": "The name of the container.", + "title": "ContainerName", "type": "string" }, - "Value": { + "Environment": { + "items": { + "$ref": "#/definitions/AWS::Lightsail::Container.EnvironmentVariable" + }, + "markdownDescription": "The environment variables of the container.", + "title": "Environment", + "type": "array" + }, + "Image": { + "markdownDescription": "The name of the image used for the container.\n\nContainer images that are sourced from (registered and stored on) your container service start with a colon ( `:` ). For example, if your container service name is `container-service-1` , the container image label is `mystaticsite` , and you want to use the third version ( `3` ) of the registered container image, then you should specify `:container-service-1.mystaticsite.3` . To use the latest version of a container image, specify `latest` instead of a version number (for example, `:container-service-1.mystaticsite.latest` ). Your container service will automatically use the highest numbered version of the registered container image.\n\nContainer images that are sourced from a public registry like Docker Hub don\u2019t start with a colon. For example, `nginx:latest` or `nginx` .", + "title": "Image", "type": "string" + }, + "Ports": { + "items": { + "$ref": "#/definitions/AWS::Lightsail::Container.PortInfo" + }, + "markdownDescription": "An object that describes the open firewall ports and protocols of the container.", + "title": "Ports", + "type": "array" } }, "type": "object" }, - "AWS::NimbleStudio::StudioComponent.ActiveDirectoryConfiguration": { + "AWS::Lightsail::Container.ContainerServiceDeployment": { "additionalProperties": false, "properties": { - "ComputerAttributes": { + "Containers": { "items": { - "$ref": "#/definitions/AWS::NimbleStudio::StudioComponent.ActiveDirectoryComputerAttribute" + "$ref": "#/definitions/AWS::Lightsail::Container.Container" }, + "markdownDescription": "An object that describes the configuration for the containers of the deployment.", + "title": "Containers", "type": "array" }, - "DirectoryId": { - "type": "string" - }, - "OrganizationalUnitDistinguishedName": { - "type": "string" + "PublicEndpoint": { + "$ref": "#/definitions/AWS::Lightsail::Container.PublicEndpoint", + "markdownDescription": "An object that describes the endpoint of the deployment.", + "title": "PublicEndpoint" } }, "type": "object" }, - "AWS::NimbleStudio::StudioComponent.ComputeFarmConfiguration": { + "AWS::Lightsail::Container.EcrImagePullerRole": { "additionalProperties": false, "properties": { - "ActiveDirectoryUser": { - "type": "string" + "IsActive": { + "markdownDescription": "A boolean value that indicates whether the `ECRImagePullerRole` is active.", + "title": "IsActive", + "type": "boolean" }, - "Endpoint": { + "PrincipalArn": { + "markdownDescription": "The principle Amazon Resource Name (ARN) of the role. This property is read-only.", + "title": "PrincipalArn", "type": "string" } }, "type": "object" }, - "AWS::NimbleStudio::StudioComponent.LicenseServiceConfiguration": { + "AWS::Lightsail::Container.EnvironmentVariable": { "additionalProperties": false, "properties": { - "Endpoint": { + "Value": { + "markdownDescription": "The environment variable value.", + "title": "Value", + "type": "string" + }, + "Variable": { + "markdownDescription": "The environment variable key.", + "title": "Variable", "type": "string" } }, "type": "object" }, - "AWS::NimbleStudio::StudioComponent.ScriptParameterKeyValue": { + "AWS::Lightsail::Container.HealthCheckConfig": { "additionalProperties": false, "properties": { - "Key": { + "HealthyThreshold": { + "markdownDescription": "The number of consecutive health check successes required before moving the container to the `Healthy` state. The default value is `2` .", + "title": "HealthyThreshold", + "type": "number" + }, + "IntervalSeconds": { + "markdownDescription": "The approximate interval, in seconds, between health checks of an individual container. You can specify between `5` and `300` seconds. The default value is `5` .", + "title": "IntervalSeconds", + "type": "number" + }, + "Path": { + "markdownDescription": "The path on the container on which to perform the health check. The default value is `/` .", + "title": "Path", "type": "string" }, - "Value": { + "SuccessCodes": { + "markdownDescription": "The HTTP codes to use when checking for a successful response from a container. You can specify values between `200` and `499` . You can specify multiple values (for example, `200,202` ) or a range of values (for example, `200-299` ).", + "title": "SuccessCodes", "type": "string" + }, + "TimeoutSeconds": { + "markdownDescription": "The amount of time, in seconds, during which no response means a failed health check. You can specify between `2` and `60` seconds. The default value is `2` .", + "title": "TimeoutSeconds", + "type": "number" + }, + "UnhealthyThreshold": { + "markdownDescription": "The number of consecutive health check failures required before moving the container to the `Unhealthy` state. The default value is `2` .", + "title": "UnhealthyThreshold", + "type": "number" } }, "type": "object" }, - "AWS::NimbleStudio::StudioComponent.SharedFileSystemConfiguration": { + "AWS::Lightsail::Container.PortInfo": { "additionalProperties": false, "properties": { - "Endpoint": { - "type": "string" - }, - "FileSystemId": { - "type": "string" - }, - "LinuxMountPoint": { - "type": "string" - }, - "ShareName": { + "Port": { + "markdownDescription": "The open firewall ports of the container.", + "title": "Port", "type": "string" }, - "WindowsMountDrive": { + "Protocol": { + "markdownDescription": "The protocol name for the open ports.\n\n*Allowed values* : `HTTP` | `HTTPS` | `TCP` | `UDP`", + "title": "Protocol", "type": "string" } }, "type": "object" }, - "AWS::NimbleStudio::StudioComponent.StudioComponentConfiguration": { + "AWS::Lightsail::Container.PrivateRegistryAccess": { "additionalProperties": false, "properties": { - "ActiveDirectoryConfiguration": { - "$ref": "#/definitions/AWS::NimbleStudio::StudioComponent.ActiveDirectoryConfiguration" - }, - "ComputeFarmConfiguration": { - "$ref": "#/definitions/AWS::NimbleStudio::StudioComponent.ComputeFarmConfiguration" - }, - "LicenseServiceConfiguration": { - "$ref": "#/definitions/AWS::NimbleStudio::StudioComponent.LicenseServiceConfiguration" - }, - "SharedFileSystemConfiguration": { - "$ref": "#/definitions/AWS::NimbleStudio::StudioComponent.SharedFileSystemConfiguration" + "EcrImagePullerRole": { + "$ref": "#/definitions/AWS::Lightsail::Container.EcrImagePullerRole", + "markdownDescription": "An object that describes the activation status of the role that you can use to grant a Lightsail container service access to Amazon ECR private repositories. If the role is activated, the Amazon Resource Name (ARN) of the role is also listed.", + "title": "EcrImagePullerRole" } }, "type": "object" }, - "AWS::NimbleStudio::StudioComponent.StudioComponentInitializationScript": { + "AWS::Lightsail::Container.PublicDomainName": { "additionalProperties": false, "properties": { - "LaunchProfileProtocolVersion": { + "CertificateName": { + "markdownDescription": "The name of the certificate for the public domains.", + "title": "CertificateName", "type": "string" }, - "Platform": { + "DomainNames": { + "items": { + "type": "string" + }, + "markdownDescription": "The public domain names to use with the container service.", + "title": "DomainNames", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Lightsail::Container.PublicEndpoint": { + "additionalProperties": false, + "properties": { + "ContainerName": { + "markdownDescription": "The name of the container entry of the deployment that the endpoint configuration applies to.", + "title": "ContainerName", "type": "string" }, - "RunContext": { - "type": "string" + "ContainerPort": { + "markdownDescription": "The port of the specified container to which traffic is forwarded to.", + "title": "ContainerPort", + "type": "number" }, - "Script": { - "type": "string" + "HealthCheckConfig": { + "$ref": "#/definitions/AWS::Lightsail::Container.HealthCheckConfig", + "markdownDescription": "An object that describes the health check configuration of the container.", + "title": "HealthCheckConfig" } }, "type": "object" }, - "AWS::OSIS::Pipeline": { + "AWS::Lightsail::Database": { "additionalProperties": false, "properties": { "Condition": { @@ -170373,66 +174755,100 @@ "Properties": { "additionalProperties": false, "properties": { - "BufferOptions": { - "$ref": "#/definitions/AWS::OSIS::Pipeline.BufferOptions", - "markdownDescription": "Options that specify the configuration of a persistent buffer. To configure how OpenSearch Ingestion encrypts this data, set the `EncryptionAtRestOptions` . For more information, see [Persistent buffering](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/osis-features-overview.html#persistent-buffering) .", - "title": "BufferOptions" + "AvailabilityZone": { + "markdownDescription": "The Availability Zone for the database.", + "title": "AvailabilityZone", + "type": "string" }, - "EncryptionAtRestOptions": { - "$ref": "#/definitions/AWS::OSIS::Pipeline.EncryptionAtRestOptions", - "markdownDescription": "Options to control how OpenSearch encrypts buffer data.", - "title": "EncryptionAtRestOptions" + "BackupRetention": { + "markdownDescription": "A Boolean value indicating whether automated backup retention is enabled for the database. Data Import Mode is enabled when `BackupRetention` is set to `false` , and is disabled when `BackupRetention` is set to `true` .", + "title": "BackupRetention", + "type": "boolean" }, - "LogPublishingOptions": { - "$ref": "#/definitions/AWS::OSIS::Pipeline.LogPublishingOptions", - "markdownDescription": "Key-value pairs that represent log publishing settings.", - "title": "LogPublishingOptions" + "CaCertificateIdentifier": { + "markdownDescription": "The certificate associated with the database.", + "title": "CaCertificateIdentifier", + "type": "string" }, - "MaxUnits": { - "markdownDescription": "The maximum pipeline capacity, in Ingestion Compute Units (ICUs).", - "title": "MaxUnits", - "type": "number" + "MasterDatabaseName": { + "markdownDescription": "The meaning of this parameter differs according to the database engine you use.\n\n*MySQL*\n\nThe name of the database to create when the Lightsail database resource is created. If this parameter isn't specified, no database is created in the database resource.\n\nConstraints:\n\n- Must contain 1-64 letters or numbers.\n- Must begin with a letter. Subsequent characters can be letters, underscores, or numbers (0-9).\n- Can't be a word reserved by the specified database engine.\n\nFor more information about reserved words in MySQL, see the Keywords and Reserved Words articles for [MySQL 5.6](https://docs.aws.amazon.com/https://dev.mysql.com/doc/refman/5.6/en/keywords.html) , [MySQL 5.7](https://docs.aws.amazon.com/https://dev.mysql.com/doc/refman/5.7/en/keywords.html) , and [MySQL 8.0](https://docs.aws.amazon.com/https://dev.mysql.com/doc/refman/8.0/en/keywords.html) .\n\n*PostgreSQL*\n\nThe name of the database to create when the Lightsail database resource is created. If this parameter isn't specified, a database named `postgres` is created in the database resource.\n\nConstraints:\n\n- Must contain 1-63 letters or numbers.\n- Must begin with a letter. Subsequent characters can be letters, underscores, or numbers (0-9).\n- Can't be a word reserved by the specified database engine.\n\nFor more information about reserved words in PostgreSQL, see the SQL Key Words articles for [PostgreSQL 9.6](https://docs.aws.amazon.com/https://www.postgresql.org/docs/9.6/sql-keywords-appendix.html) , [PostgreSQL 10](https://docs.aws.amazon.com/https://www.postgresql.org/docs/10/sql-keywords-appendix.html) , [PostgreSQL 11](https://docs.aws.amazon.com/https://www.postgresql.org/docs/11/sql-keywords-appendix.html) , and [PostgreSQL 12](https://docs.aws.amazon.com/https://www.postgresql.org/docs/12/sql-keywords-appendix.html) .", + "title": "MasterDatabaseName", + "type": "string" }, - "MinUnits": { - "markdownDescription": "The minimum pipeline capacity, in Ingestion Compute Units (ICUs).", - "title": "MinUnits", - "type": "number" + "MasterUserPassword": { + "markdownDescription": "The password for the primary user of the database. The password can include any printable ASCII character except the following: /, \", or @. It cannot contain spaces.\n\n> The `MasterUserPassword` and `RotateMasterUserPassword` parameters cannot be used together in the same template. \n\n*MySQL*\n\nConstraints: Must contain 8-41 characters.\n\n*PostgreSQL*\n\nConstraints: Must contain 8-128 characters.", + "title": "MasterUserPassword", + "type": "string" }, - "PipelineConfigurationBody": { - "markdownDescription": "The Data Prepper pipeline configuration in YAML format.", - "title": "PipelineConfigurationBody", + "MasterUsername": { + "markdownDescription": "The name for the primary user.\n\n*MySQL*\n\nConstraints:\n\n- Required for MySQL.\n- Must be 1-16 letters or numbers. Can contain underscores.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.\n\nFor more information about reserved words in MySQL 5.6 or 5.7, see the Keywords and Reserved Words articles for [MySQL 5.6](https://docs.aws.amazon.com/https://dev.mysql.com/doc/refman/5.6/en/keywords.html) , [MySQL 5.7](https://docs.aws.amazon.com/https://dev.mysql.com/doc/refman/5.7/en/keywords.html) , or [MySQL 8.0](https://docs.aws.amazon.com/https://dev.mysql.com/doc/refman/8.0/en/keywords.html) .\n\n*PostgreSQL*\n\nConstraints:\n\n- Required for PostgreSQL.\n- Must be 1-63 letters or numbers. Can contain underscores.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.\n\nFor more information about reserved words in MySQL 5.6 or 5.7, see the Keywords and Reserved Words articles for [PostgreSQL 9.6](https://docs.aws.amazon.com/https://www.postgresql.org/docs/9.6/sql-keywords-appendix.html) , [PostgreSQL 10](https://docs.aws.amazon.com/https://www.postgresql.org/docs/10/sql-keywords-appendix.html) , [PostgreSQL 11](https://docs.aws.amazon.com/https://www.postgresql.org/docs/11/sql-keywords-appendix.html) , and [PostgreSQL 12](https://docs.aws.amazon.com/https://www.postgresql.org/docs/12/sql-keywords-appendix.html) .", + "title": "MasterUsername", "type": "string" }, - "PipelineName": { - "markdownDescription": "The name of the pipeline.", - "title": "PipelineName", + "PreferredBackupWindow": { + "markdownDescription": "The daily time range during which automated backups are created for the database (for example, `16:00-16:30` ).", + "title": "PreferredBackupWindow", + "type": "string" + }, + "PreferredMaintenanceWindow": { + "markdownDescription": "The weekly time range during which system maintenance can occur for the database, formatted as follows: `ddd:hh24:mi-ddd:hh24:mi` . For example, `Tue:17:00-Tue:17:30` .", + "title": "PreferredMaintenanceWindow", + "type": "string" + }, + "PubliclyAccessible": { + "markdownDescription": "A Boolean value indicating whether the database is accessible to anyone on the internet.", + "title": "PubliclyAccessible", + "type": "boolean" + }, + "RelationalDatabaseBlueprintId": { + "markdownDescription": "The blueprint ID for the database (for example, `mysql_8_0` ).", + "title": "RelationalDatabaseBlueprintId", + "type": "string" + }, + "RelationalDatabaseBundleId": { + "markdownDescription": "The bundle ID for the database (for example, `medium_1_0` ).", + "title": "RelationalDatabaseBundleId", "type": "string" }, + "RelationalDatabaseName": { + "markdownDescription": "The name of the instance.", + "title": "RelationalDatabaseName", + "type": "string" + }, + "RelationalDatabaseParameters": { + "items": { + "$ref": "#/definitions/AWS::Lightsail::Database.RelationalDatabaseParameter" + }, + "markdownDescription": "An array of parameters for the database.", + "title": "RelationalDatabaseParameters", + "type": "array" + }, + "RotateMasterUserPassword": { + "markdownDescription": "A Boolean value indicating whether to change the primary user password to a new, strong password generated by Lightsail .\n\n> The `RotateMasterUserPassword` and `MasterUserPassword` parameters cannot be used together in the same template.", + "title": "RotateMasterUserPassword", + "type": "boolean" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "List of tags to add to the pipeline upon creation.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", "title": "Tags", "type": "array" - }, - "VpcOptions": { - "$ref": "#/definitions/AWS::OSIS::Pipeline.VpcOptions", - "markdownDescription": "Options that specify the subnets and security groups for an OpenSearch Ingestion VPC endpoint.", - "title": "VpcOptions" } }, "required": [ - "MaxUnits", - "MinUnits", - "PipelineConfigurationBody", - "PipelineName" + "MasterDatabaseName", + "MasterUsername", + "RelationalDatabaseBlueprintId", + "RelationalDatabaseBundleId", + "RelationalDatabaseName" ], "type": "object" }, "Type": { "enum": [ - "AWS::OSIS::Pipeline" + "AWS::Lightsail::Database" ], "type": "string" }, @@ -170451,111 +174867,53 @@ ], "type": "object" }, - "AWS::OSIS::Pipeline.BufferOptions": { - "additionalProperties": false, - "properties": { - "PersistentBufferEnabled": { - "markdownDescription": "Whether persistent buffering should be enabled.", - "title": "PersistentBufferEnabled", - "type": "boolean" - } - }, - "required": [ - "PersistentBufferEnabled" - ], - "type": "object" - }, - "AWS::OSIS::Pipeline.CloudWatchLogDestination": { + "AWS::Lightsail::Database.RelationalDatabaseParameter": { "additionalProperties": false, "properties": { - "LogGroup": { - "markdownDescription": "The name of the CloudWatch Logs group to send pipeline logs to. You can specify an existing log group or create a new one. For example, `/aws/vendedlogs/OpenSearchService/pipelines` .", - "title": "LogGroup", + "AllowedValues": { + "markdownDescription": "The valid range of values for the parameter.", + "title": "AllowedValues", "type": "string" - } - }, - "required": [ - "LogGroup" - ], - "type": "object" - }, - "AWS::OSIS::Pipeline.EncryptionAtRestOptions": { - "additionalProperties": false, - "properties": { - "KmsKeyArn": { - "markdownDescription": "The ARN of the KMS key used to encrypt buffer data. By default, data is encrypted using an AWS owned key.", - "title": "KmsKeyArn", + }, + "ApplyMethod": { + "markdownDescription": "Indicates when parameter updates are applied.\n\nCan be `immediate` or `pending-reboot` .", + "title": "ApplyMethod", "type": "string" - } - }, - "required": [ - "KmsKeyArn" - ], - "type": "object" - }, - "AWS::OSIS::Pipeline.LogPublishingOptions": { - "additionalProperties": false, - "properties": { - "CloudWatchLogDestination": { - "$ref": "#/definitions/AWS::OSIS::Pipeline.CloudWatchLogDestination", - "markdownDescription": "The destination for OpenSearch Ingestion logs sent to Amazon CloudWatch Logs. This parameter is required if `IsLoggingEnabled` is set to `true` .", - "title": "CloudWatchLogDestination" }, - "IsLoggingEnabled": { - "markdownDescription": "Whether logs should be published.", - "title": "IsLoggingEnabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::OSIS::Pipeline.VpcEndpoint": { - "additionalProperties": false, - "properties": { - "VpcEndpointId": { - "markdownDescription": "The unique identifier of the endpoint.", - "title": "VpcEndpointId", + "ApplyType": { + "markdownDescription": "Specifies the engine-specific parameter type.", + "title": "ApplyType", "type": "string" }, - "VpcId": { - "markdownDescription": "The ID for your VPC. AWS PrivateLink generates this value when you create a VPC.", - "title": "VpcId", + "DataType": { + "markdownDescription": "The valid data type of the parameter.", + "title": "DataType", "type": "string" }, - "VpcOptions": { - "$ref": "#/definitions/AWS::OSIS::Pipeline.VpcOptions", - "markdownDescription": "Information about the VPC, including associated subnets and security groups.", - "title": "VpcOptions" - } - }, - "type": "object" - }, - "AWS::OSIS::Pipeline.VpcOptions": { - "additionalProperties": false, - "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of security groups associated with the VPC endpoint.", - "title": "SecurityGroupIds", - "type": "array" + "Description": { + "markdownDescription": "A description of the parameter.", + "title": "Description", + "type": "string" }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of subnet IDs associated with the VPC endpoint.", - "title": "SubnetIds", - "type": "array" + "IsModifiable": { + "markdownDescription": "A Boolean value indicating whether the parameter can be modified.", + "title": "IsModifiable", + "type": "boolean" + }, + "ParameterName": { + "markdownDescription": "The name of the parameter.", + "title": "ParameterName", + "type": "string" + }, + "ParameterValue": { + "markdownDescription": "The value for the parameter.", + "title": "ParameterValue", + "type": "string" } }, - "required": [ - "SubnetIds" - ], "type": "object" }, - "AWS::Oam::Link": { + "AWS::Lightsail::Disk": { "additionalProperties": false, "properties": { "Condition": { @@ -170590,50 +174948,52 @@ "Properties": { "additionalProperties": false, "properties": { - "LabelTemplate": { - "markdownDescription": "Specify a friendly human-readable name to use to identify this source account when you are viewing data from it in the monitoring account.\n\nYou can include the following variables in your template:\n\n- `$AccountName` is the name of the account\n- `$AccountEmail` is a globally-unique email address, which includes the email domain, such as `mariagarcia@example.com`\n- `$AccountEmailNoDomain` is an email address without the domain name, such as `mariagarcia`\n\n> In the and Regions, the only supported option is to use custom labels, and the `$AccountName` , `$AccountEmail` , and `$AccountEmailNoDomain` variables all resolve as *account-id* instead of the specified variable.", - "title": "LabelTemplate", - "type": "string" - }, - "LinkConfiguration": { - "$ref": "#/definitions/AWS::Oam::Link.LinkConfiguration", - "markdownDescription": "Use this structure to optionally create filters that specify that only some metric namespaces or log groups are to be shared from the source account to the monitoring account.", - "title": "LinkConfiguration" - }, - "ResourceTypes": { + "AddOns": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Lightsail::Disk.AddOn" }, - "markdownDescription": "An array of strings that define which types of data that the source account shares with the monitoring account. Valid values are `AWS::CloudWatch::Metric | AWS::Logs::LogGroup | AWS::XRay::Trace | AWS::ApplicationInsights::Application | AWS::InternetMonitor::Monitor` .", - "title": "ResourceTypes", + "markdownDescription": "An array of add-ons for the disk.\n\n> If the disk has an add-on enabled when performing a delete disk request, the add-on is automatically disabled before the disk is deleted.", + "title": "AddOns", "type": "array" }, - "SinkIdentifier": { - "markdownDescription": "The ARN of the sink in the monitoring account that you want to link to. You can use [ListSinks](https://docs.aws.amazon.com/OAM/latest/APIReference/API_ListSinks.html) to find the ARNs of sinks.", - "title": "SinkIdentifier", + "AvailabilityZone": { + "markdownDescription": "The AWS Region and Availability Zone location for the disk (for example, `us-east-1a` ).", + "title": "AvailabilityZone", "type": "string" }, + "DiskName": { + "markdownDescription": "The name of the disk.", + "title": "DiskName", + "type": "string" + }, + "Location": { + "$ref": "#/definitions/AWS::Lightsail::Disk.Location", + "markdownDescription": "The AWS Region and Availability Zone where the disk is located.", + "title": "Location" + }, + "SizeInGb": { + "markdownDescription": "The size of the disk in GB.", + "title": "SizeInGb", + "type": "number" + }, "Tags": { - "additionalProperties": true, - "markdownDescription": "An array of key-value pairs to apply to the link.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", "title": "Tags", - "type": "object" + "type": "array" } }, "required": [ - "ResourceTypes", - "SinkIdentifier" + "DiskName", + "SizeInGb" ], "type": "object" }, "Type": { "enum": [ - "AWS::Oam::Link" + "AWS::Lightsail::Disk" ], "type": "string" }, @@ -170652,37 +175012,58 @@ ], "type": "object" }, - "AWS::Oam::Link.LinkConfiguration": { + "AWS::Lightsail::Disk.AddOn": { "additionalProperties": false, "properties": { - "LogGroupConfiguration": { - "$ref": "#/definitions/AWS::Oam::Link.LinkFilter", - "markdownDescription": "Use this structure to filter which log groups are to share log events from this source account to the monitoring account.", - "title": "LogGroupConfiguration" + "AddOnType": { + "markdownDescription": "The add-on type (for example, `AutoSnapshot` ).\n\n> `AutoSnapshot` is the only add-on that can be enabled for a disk.", + "title": "AddOnType", + "type": "string" }, - "MetricConfiguration": { - "$ref": "#/definitions/AWS::Oam::Link.LinkFilter", - "markdownDescription": "Use this structure to filter which metric namespaces are to be shared from the source account to the monitoring account.", - "title": "MetricConfiguration" + "AutoSnapshotAddOnRequest": { + "$ref": "#/definitions/AWS::Lightsail::Disk.AutoSnapshotAddOn", + "markdownDescription": "The parameters for the automatic snapshot add-on, such as the daily time when an automatic snapshot will be created.", + "title": "AutoSnapshotAddOnRequest" + }, + "Status": { + "markdownDescription": "The status of the add-on.\n\nValid Values: `Enabled` | `Disabled`", + "title": "Status", + "type": "string" } }, + "required": [ + "AddOnType" + ], "type": "object" }, - "AWS::Oam::Link.LinkFilter": { + "AWS::Lightsail::Disk.AutoSnapshotAddOn": { "additionalProperties": false, "properties": { - "Filter": { - "markdownDescription": "When used in `MetricConfiguration` this field specifies which metric namespaces are to be shared with the monitoring account\n\nWhen used in `LogGroupConfiguration` this field specifies which log groups are to share their log events with the monitoring account. Use the term `LogGroupName` and one or more of the following operands.\n\nUse single quotation marks (') around log group names and metric namespaces.\n\nThe matching of log group names and metric namespaces is case sensitive. Each filter has a limit of five conditional operands. Conditional operands are `AND` and `OR` .\n\n- `=` and `!=`\n- `AND`\n- `OR`\n- `LIKE` and `NOT LIKE` . These can be used only as prefix searches. Include a `%` at the end of the string that you want to search for and include.\n- `IN` and `NOT IN` , using parentheses `( )`\n\nExamples:\n\n- `Namespace NOT LIKE 'AWS/%'` includes only namespaces that don't start with `AWS/` , such as custom namespaces.\n- `Namespace IN ('AWS/EC2', 'AWS/ELB', 'AWS/S3')` includes only the metrics in the EC2, Elastic Load Balancing , and Amazon S3 namespaces.\n- `Namespace = 'AWS/EC2' OR Namespace NOT LIKE 'AWS/%'` includes only the EC2 namespace and your custom namespaces.\n- `LogGroupName IN ('This-Log-Group', 'Other-Log-Group')` includes only the log groups with names `This-Log-Group` and `Other-Log-Group` .\n- `LogGroupName NOT IN ('Private-Log-Group', 'Private-Log-Group-2')` includes all log groups except the log groups with names `Private-Log-Group` and `Private-Log-Group-2` .\n- `LogGroupName LIKE 'aws/lambda/%' OR LogGroupName LIKE 'AWSLogs%'` includes all log groups that have names that start with `aws/lambda/` or `AWSLogs` .\n\n> If you are updating a link that uses filters, you can specify `*` as the only value for the `filter` parameter to delete the filter and share all log groups with the monitoring account.", - "title": "Filter", + "SnapshotTimeOfDay": { + "markdownDescription": "The daily time when an automatic snapshot will be created.\n\nConstraints:\n\n- Must be in `HH:00` format, and in an hourly increment.\n- Specified in Coordinated Universal Time (UTC).\n- The snapshot will be automatically created between the time specified and up to 45 minutes after.", + "title": "SnapshotTimeOfDay", "type": "string" } }, - "required": [ - "Filter" - ], "type": "object" }, - "AWS::Oam::Sink": { + "AWS::Lightsail::Disk.Location": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "markdownDescription": "The Availability Zone where the disk is located.", + "title": "AvailabilityZone", + "type": "string" + }, + "RegionName": { + "markdownDescription": "The AWS Region where the disk is located.", + "title": "RegionName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Lightsail::Distribution": { "additionalProperties": false, "properties": { "Condition": { @@ -170717,36 +175098,74 @@ "Properties": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "A name for the sink.", - "title": "Name", + "BundleId": { + "markdownDescription": "The ID of the bundle applied to the distribution.", + "title": "BundleId", "type": "string" }, - "Policy": { - "markdownDescription": "The IAM policy that grants permissions to source accounts to link to this sink. The policy can grant permission in the following ways:\n\n- Include organization IDs or organization paths to permit all accounts in an organization\n- Include account IDs to permit the specified accounts", - "title": "Policy", - "type": "object" + "CacheBehaviorSettings": { + "$ref": "#/definitions/AWS::Lightsail::Distribution.CacheSettings", + "markdownDescription": "An object that describes the cache behavior settings of the distribution.", + "title": "CacheBehaviorSettings" + }, + "CacheBehaviors": { + "items": { + "$ref": "#/definitions/AWS::Lightsail::Distribution.CacheBehaviorPerPath" + }, + "markdownDescription": "An array of objects that describe the per-path cache behavior of the distribution.", + "title": "CacheBehaviors", + "type": "array" + }, + "CertificateName": { + "markdownDescription": "The name of the SSL/TLS certificate attached to the distribution.", + "title": "CertificateName", + "type": "string" + }, + "DefaultCacheBehavior": { + "$ref": "#/definitions/AWS::Lightsail::Distribution.CacheBehavior", + "markdownDescription": "An object that describes the default cache behavior of the distribution.", + "title": "DefaultCacheBehavior" + }, + "DistributionName": { + "markdownDescription": "The name of the distribution", + "title": "DistributionName", + "type": "string" + }, + "IpAddressType": { + "markdownDescription": "The IP address type of the distribution.\n\nThe possible values are `ipv4` for IPv4 only, and `dualstack` for IPv4 and IPv6.", + "title": "IpAddressType", + "type": "string" + }, + "IsEnabled": { + "markdownDescription": "A Boolean value indicating whether the distribution is enabled.", + "title": "IsEnabled", + "type": "boolean" + }, + "Origin": { + "$ref": "#/definitions/AWS::Lightsail::Distribution.InputOrigin", + "markdownDescription": "An object that describes the origin resource of the distribution, such as a Lightsail instance, bucket, or load balancer.\n\nThe distribution pulls, caches, and serves content from the origin.", + "title": "Origin" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "An array of key-value pairs to apply to the sink.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", "title": "Tags", - "type": "object" + "type": "array" } }, "required": [ - "Name" + "BundleId", + "DefaultCacheBehavior", + "DistributionName", + "Origin" ], "type": "object" }, "Type": { "enum": [ - "AWS::Oam::Sink" + "AWS::Lightsail::Distribution" ], "type": "string" }, @@ -170765,16 +175184,167 @@ ], "type": "object" }, - "AWS::Omics::AnnotationStore": { + "AWS::Lightsail::Distribution.CacheBehavior": { "additionalProperties": false, "properties": { - "Condition": { + "Behavior": { + "markdownDescription": "The cache behavior of the distribution.\n\nThe following cache behaviors can be specified:\n\n- *`cache`* - This option is best for static sites. When specified, your distribution caches and serves your entire website as static content. This behavior is ideal for websites with static content that doesn't change depending on who views it, or for websites that don't use cookies, headers, or query strings to personalize content.\n- *`dont-cache`* - This option is best for sites that serve a mix of static and dynamic content. When specified, your distribution caches and serves only the content that is specified in the distribution\u2019s `CacheBehaviorPerPath` parameter. This behavior is ideal for websites or web applications that use cookies, headers, and query strings to personalize content for individual users.", + "title": "Behavior", "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", + } + }, + "type": "object" + }, + "AWS::Lightsail::Distribution.CacheBehaviorPerPath": { + "additionalProperties": false, + "properties": { + "Behavior": { + "markdownDescription": "The cache behavior for the specified path.\n\nYou can specify one of the following per-path cache behaviors:\n\n- *`cache`* - This behavior caches the specified path.\n- *`dont-cache`* - This behavior doesn't cache the specified path.", + "title": "Behavior", + "type": "string" + }, + "Path": { + "markdownDescription": "The path to a directory or file to cache, or not cache. Use an asterisk symbol to specify wildcard directories ( `path/to/assets/*` ), and file types ( `*.html` , `*jpg` , `*js` ). Directories and file paths are case-sensitive.\n\nExamples:\n\n- Specify the following to cache all files in the document root of an Apache web server running on a instance.\n\n`var/www/html/`\n- Specify the following file to cache only the index page in the document root of an Apache web server.\n\n`var/www/html/index.html`\n- Specify the following to cache only the .html files in the document root of an Apache web server.\n\n`var/www/html/*.html`\n- Specify the following to cache only the .jpg, .png, and .gif files in the images sub-directory of the document root of an Apache web server.\n\n`var/www/html/images/*.jpg`\n\n`var/www/html/images/*.png`\n\n`var/www/html/images/*.gif`\n\nSpecify the following to cache all files in the images subdirectory of the document root of an Apache web server.\n\n`var/www/html/images/`", + "title": "Path", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Lightsail::Distribution.CacheSettings": { + "additionalProperties": false, + "properties": { + "AllowedHTTPMethods": { + "markdownDescription": "The HTTP methods that are processed and forwarded to the distribution's origin.\n\nYou can specify the following options:\n\n- `GET,HEAD` - The distribution forwards the `GET` and `HEAD` methods.\n- `GET,HEAD,OPTIONS` - The distribution forwards the `GET` , `HEAD` , and `OPTIONS` methods.\n- `GET,HEAD,OPTIONS,PUT,PATCH,POST,DELETE` - The distribution forwards the `GET` , `HEAD` , `OPTIONS` , `PUT` , `PATCH` , `POST` , and `DELETE` methods.\n\nIf you specify `GET,HEAD,OPTIONS,PUT,PATCH,POST,DELETE` , you might need to restrict access to your distribution's origin so users can't perform operations that you don't want them to. For example, you might not want users to have permission to delete objects from your origin.", + "title": "AllowedHTTPMethods", + "type": "string" + }, + "CachedHTTPMethods": { + "markdownDescription": "The HTTP method responses that are cached by your distribution.\n\nYou can specify the following options:\n\n- `GET,HEAD` - The distribution caches responses to the `GET` and `HEAD` methods.\n- `GET,HEAD,OPTIONS` - The distribution caches responses to the `GET` , `HEAD` , and `OPTIONS` methods.", + "title": "CachedHTTPMethods", + "type": "string" + }, + "DefaultTTL": { + "markdownDescription": "The default amount of time that objects stay in the distribution's cache before the distribution forwards another request to the origin to determine whether the content has been updated.\n\n> The value specified applies only when the origin does not add HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects.", + "title": "DefaultTTL", + "type": "number" + }, + "ForwardedCookies": { + "$ref": "#/definitions/AWS::Lightsail::Distribution.CookieObject", + "markdownDescription": "An object that describes the cookies that are forwarded to the origin. Your content is cached based on the cookies that are forwarded.", + "title": "ForwardedCookies" + }, + "ForwardedHeaders": { + "$ref": "#/definitions/AWS::Lightsail::Distribution.HeaderObject", + "markdownDescription": "An object that describes the headers that are forwarded to the origin. Your content is cached based on the headers that are forwarded.", + "title": "ForwardedHeaders" + }, + "ForwardedQueryStrings": { + "$ref": "#/definitions/AWS::Lightsail::Distribution.QueryStringObject", + "markdownDescription": "An object that describes the query strings that are forwarded to the origin. Your content is cached based on the query strings that are forwarded.", + "title": "ForwardedQueryStrings" + }, + "MaximumTTL": { + "markdownDescription": "The maximum amount of time that objects stay in the distribution's cache before the distribution forwards another request to the origin to determine whether the object has been updated.\n\nThe value specified applies only when the origin adds HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects.", + "title": "MaximumTTL", + "type": "number" + }, + "MinimumTTL": { + "markdownDescription": "The minimum amount of time that objects stay in the distribution's cache before the distribution forwards another request to the origin to determine whether the object has been updated.\n\nA value of `0` must be specified for `minimumTTL` if the distribution is configured to forward all headers to the origin.", + "title": "MinimumTTL", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Lightsail::Distribution.CookieObject": { + "additionalProperties": false, + "properties": { + "CookiesAllowList": { + "items": { + "type": "string" + }, + "markdownDescription": "The specific cookies to forward to your distribution's origin.", + "title": "CookiesAllowList", + "type": "array" + }, + "Option": { + "markdownDescription": "Specifies which cookies to forward to the distribution's origin for a cache behavior.\n\nUse one of the following configurations for your distribution:\n\n- *`all`* - Forwards all cookies to your origin.\n- *`none`* - Doesn\u2019t forward cookies to your origin.\n- *`allow-list`* - Forwards only the cookies that you specify using the `CookiesAllowList` parameter.", + "title": "Option", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Lightsail::Distribution.HeaderObject": { + "additionalProperties": false, + "properties": { + "HeadersAllowList": { + "items": { + "type": "string" + }, + "markdownDescription": "The specific headers to forward to your distribution's origin.", + "title": "HeadersAllowList", + "type": "array" + }, + "Option": { + "markdownDescription": "The headers that you want your distribution to forward to your origin. Your distribution caches your content based on these headers.\n\nUse one of the following configurations for your distribution:\n\n- *`all`* - Forwards all headers to your origin..\n- *`none`* - Forwards only the default headers.\n- *`allow-list`* - Forwards only the headers that you specify using the `HeadersAllowList` parameter.", + "title": "Option", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Lightsail::Distribution.InputOrigin": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the origin resource.", + "title": "Name", + "type": "string" + }, + "ProtocolPolicy": { + "markdownDescription": "The protocol that your Amazon Lightsail distribution uses when establishing a connection with your origin to pull content.", + "title": "ProtocolPolicy", + "type": "string" + }, + "RegionName": { + "markdownDescription": "The AWS Region name of the origin resource.", + "title": "RegionName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Lightsail::Distribution.QueryStringObject": { + "additionalProperties": false, + "properties": { + "Option": { + "markdownDescription": "Indicates whether the distribution forwards and caches based on query strings.", + "title": "Option", + "type": "boolean" + }, + "QueryStringsAllowList": { + "items": { + "type": "string" + }, + "markdownDescription": "The specific query strings that the distribution forwards to the origin.\n\nYour distribution caches content based on the specified query strings.\n\nIf the `option` parameter is true, then your distribution forwards all query strings, regardless of what you specify using the `QueryStringsAllowList` parameter.", + "title": "QueryStringsAllowList", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Lightsail::Instance": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", "Snapshot" ], "type": "string" @@ -170800,57 +175370,83 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description for the store.", - "title": "Description", + "AddOns": { + "items": { + "$ref": "#/definitions/AWS::Lightsail::Instance.AddOn" + }, + "markdownDescription": "An array of add-ons for the instance.\n\n> If the instance has an add-on enabled when performing a delete instance request, the add-on is automatically disabled before the instance is deleted.", + "title": "AddOns", + "type": "array" + }, + "AvailabilityZone": { + "markdownDescription": "The Availability Zone for the instance.", + "title": "AvailabilityZone", "type": "string" }, - "Name": { - "markdownDescription": "The name of the Annotation Store.", - "title": "Name", + "BlueprintId": { + "markdownDescription": "The blueprint ID for the instance (for example, `os_amlinux_2016_03` ).", + "title": "BlueprintId", "type": "string" }, - "Reference": { - "$ref": "#/definitions/AWS::Omics::AnnotationStore.ReferenceItem", - "markdownDescription": "The genome reference for the store's annotations.", - "title": "Reference" + "BundleId": { + "markdownDescription": "The bundle ID for the instance (for example, `micro_1_0` ).", + "title": "BundleId", + "type": "string" }, - "SseConfig": { - "$ref": "#/definitions/AWS::Omics::AnnotationStore.SseConfig", - "markdownDescription": "The store's server-side encryption (SSE) settings.", - "title": "SseConfig" + "Hardware": { + "$ref": "#/definitions/AWS::Lightsail::Instance.Hardware", + "markdownDescription": "The hardware properties for the instance, such as the vCPU count, attached disks, and amount of RAM.\n\n> The instance restarts when performing an attach disk or detach disk request. This resets the public IP address of your instance if a static IP isn't attached to it.", + "title": "Hardware" }, - "StoreFormat": { - "markdownDescription": "The annotation file format of the store.", - "title": "StoreFormat", + "InstanceName": { + "markdownDescription": "The name of the instance.", + "title": "InstanceName", "type": "string" }, - "StoreOptions": { - "$ref": "#/definitions/AWS::Omics::AnnotationStore.StoreOptions", - "markdownDescription": "File parsing options for the annotation store.", - "title": "StoreOptions" + "KeyPairName": { + "markdownDescription": "The name of the key pair to use for the instance.\n\nIf no key pair name is specified, the Regional Lightsail default key pair is used.", + "title": "KeyPairName", + "type": "string" + }, + "Location": { + "$ref": "#/definitions/AWS::Lightsail::Instance.Location", + "markdownDescription": "The location for the instance, such as the AWS Region and Availability Zone.\n\n> The `Location` property is read-only and should not be specified in a create instance or update instance request.", + "title": "Location" + }, + "Networking": { + "$ref": "#/definitions/AWS::Lightsail::Instance.Networking", + "markdownDescription": "The public ports and the monthly amount of data transfer allocated for the instance.", + "title": "Networking" + }, + "State": { + "$ref": "#/definitions/AWS::Lightsail::Instance.State", + "markdownDescription": "The status code and the state (for example, `running` ) of the instance.\n\n> The `State` property is read-only and should not be specified in a create instance or update instance request.", + "title": "State" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "Tags for the store.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", "title": "Tags", - "type": "object" + "type": "array" + }, + "UserData": { + "markdownDescription": "The optional launch script for the instance.\n\nSpecify a launch script to configure an instance with additional user data. For example, you might want to specify `apt-get -y update` as a launch script.\n\n> Depending on the blueprint of your instance, the command to get software on your instance varies. Amazon Linux and CentOS use `yum` , Debian and Ubuntu use `apt-get` , and FreeBSD uses `pkg` .", + "title": "UserData", + "type": "string" } }, "required": [ - "Name", - "StoreFormat" + "BlueprintId", + "BundleId", + "InstanceName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Omics::AnnotationStore" + "AWS::Lightsail::Instance" ], "type": "string" }, @@ -170869,81 +175465,241 @@ ], "type": "object" }, - "AWS::Omics::AnnotationStore.ReferenceItem": { + "AWS::Lightsail::Instance.AddOn": { "additionalProperties": false, "properties": { - "ReferenceArn": { - "markdownDescription": "The reference's ARN.", - "title": "ReferenceArn", + "AddOnType": { + "markdownDescription": "The add-on type (for example, `AutoSnapshot` ).\n\n> `AutoSnapshot` is the only add-on that can be enabled for an instance.", + "title": "AddOnType", + "type": "string" + }, + "AutoSnapshotAddOnRequest": { + "$ref": "#/definitions/AWS::Lightsail::Instance.AutoSnapshotAddOn", + "markdownDescription": "The parameters for the automatic snapshot add-on, such as the daily time when an automatic snapshot will be created.", + "title": "AutoSnapshotAddOnRequest" + }, + "Status": { + "markdownDescription": "The status of the add-on.\n\nValid Values: `Enabled` | `Disabled`", + "title": "Status", "type": "string" } }, "required": [ - "ReferenceArn" + "AddOnType" ], "type": "object" }, - "AWS::Omics::AnnotationStore.SseConfig": { + "AWS::Lightsail::Instance.AutoSnapshotAddOn": { "additionalProperties": false, "properties": { - "KeyArn": { - "markdownDescription": "An encryption key ARN.", - "title": "KeyArn", + "SnapshotTimeOfDay": { + "markdownDescription": "The daily time when an automatic snapshot will be created.\n\nConstraints:\n\n- Must be in `HH:00` format, and in an hourly increment.\n- Specified in Coordinated Universal Time (UTC).\n- The snapshot will be automatically created between the time specified and up to 45 minutes after.", + "title": "SnapshotTimeOfDay", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Lightsail::Instance.Disk": { + "additionalProperties": false, + "properties": { + "AttachedTo": { + "markdownDescription": "The resources to which the disk is attached.", + "title": "AttachedTo", "type": "string" }, - "Type": { - "markdownDescription": "The encryption type.", - "title": "Type", + "AttachmentState": { + "markdownDescription": "(Deprecated) The attachment state of the disk.\n\n> In releases prior to November 14, 2017, this parameter returned `attached` for system disks in the API response. It is now deprecated, but still included in the response. Use `isAttached` instead.", + "title": "AttachmentState", + "type": "string" + }, + "DiskName": { + "markdownDescription": "The unique name of the disk.", + "title": "DiskName", + "type": "string" + }, + "IOPS": { + "markdownDescription": "The input/output operations per second (IOPS) of the disk.", + "title": "IOPS", + "type": "number" + }, + "IsSystemDisk": { + "markdownDescription": "A Boolean value indicating whether this disk is a system disk (has an operating system loaded on it).", + "title": "IsSystemDisk", + "type": "boolean" + }, + "Path": { + "markdownDescription": "The disk path.", + "title": "Path", + "type": "string" + }, + "SizeInGb": { + "markdownDescription": "The size of the disk in GB.", + "title": "SizeInGb", "type": "string" } }, "required": [ - "Type" + "DiskName", + "Path" ], "type": "object" }, - "AWS::Omics::AnnotationStore.StoreOptions": { + "AWS::Lightsail::Instance.Hardware": { "additionalProperties": false, "properties": { - "TsvStoreOptions": { - "$ref": "#/definitions/AWS::Omics::AnnotationStore.TsvStoreOptions", - "markdownDescription": "Formatting options for a TSV file.", - "title": "TsvStoreOptions" + "CpuCount": { + "markdownDescription": "The number of vCPUs the instance has.\n\n> The `CpuCount` property is read-only and should not be specified in a create instance or update instance request.", + "title": "CpuCount", + "type": "number" + }, + "Disks": { + "items": { + "$ref": "#/definitions/AWS::Lightsail::Instance.Disk" + }, + "markdownDescription": "The disks attached to the instance.\n\nThe instance restarts when performing an attach disk or detach disk request. This resets the public IP address of your instance if a static IP isn't attached to it.", + "title": "Disks", + "type": "array" + }, + "RamSizeInGb": { + "markdownDescription": "The amount of RAM in GB on the instance (for example, `1.0` ).\n\n> The `RamSizeInGb` property is read-only and should not be specified in a create instance or update instance request.", + "title": "RamSizeInGb", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Lightsail::Instance.Location": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "markdownDescription": "The Availability Zone for the instance.", + "title": "AvailabilityZone", + "type": "string" + }, + "RegionName": { + "markdownDescription": "The name of the AWS Region for the instance.", + "title": "RegionName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Lightsail::Instance.MonthlyTransfer": { + "additionalProperties": false, + "properties": { + "GbPerMonthAllocated": { + "markdownDescription": "The amount of allocated monthly data transfer (in GB) for an instance.", + "title": "GbPerMonthAllocated", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Lightsail::Instance.Networking": { + "additionalProperties": false, + "properties": { + "MonthlyTransfer": { + "$ref": "#/definitions/AWS::Lightsail::Instance.MonthlyTransfer", + "markdownDescription": "The monthly amount of data transfer, in GB, allocated for the instance", + "title": "MonthlyTransfer" + }, + "Ports": { + "items": { + "$ref": "#/definitions/AWS::Lightsail::Instance.Port" + }, + "markdownDescription": "An array of ports to open on the instance.", + "title": "Ports", + "type": "array" } }, "required": [ - "TsvStoreOptions" + "Ports" ], "type": "object" }, - "AWS::Omics::AnnotationStore.TsvStoreOptions": { + "AWS::Lightsail::Instance.Port": { "additionalProperties": false, "properties": { - "AnnotationType": { - "markdownDescription": "The store's annotation type.", - "title": "AnnotationType", + "AccessDirection": { + "markdownDescription": "The access direction ( `inbound` or `outbound` ).\n\n> Lightsail currently supports only `inbound` access direction.", + "title": "AccessDirection", "type": "string" }, - "FormatToHeader": { - "additionalProperties": true, - "markdownDescription": "The store's header key to column name mapping.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "AccessFrom": { + "markdownDescription": "The location from which access is allowed. For example, `Anywhere (0.0.0.0/0)` , or `Custom` if a specific IP address or range of IP addresses is allowed.", + "title": "AccessFrom", + "type": "string" + }, + "AccessType": { + "markdownDescription": "The type of access ( `Public` or `Private` ).", + "title": "AccessType", + "type": "string" + }, + "CidrListAliases": { + "items": { + "type": "string" }, - "title": "FormatToHeader", - "type": "object" + "markdownDescription": "An alias that defines access for a preconfigured range of IP addresses.\n\nThe only alias currently supported is `lightsail-connect` , which allows IP addresses of the browser-based RDP/SSH client in the Lightsail console to connect to your instance.", + "title": "CidrListAliases", + "type": "array" }, - "Schema": { - "markdownDescription": "The schema of an annotation store.", - "title": "Schema", - "type": "object" + "Cidrs": { + "items": { + "type": "string" + }, + "markdownDescription": "The IPv4 address, or range of IPv4 addresses (in CIDR notation) that are allowed to connect to an instance through the ports, and the protocol.\n\n> The `ipv6Cidrs` parameter lists the IPv6 addresses that are allowed to connect to an instance. \n\nExamples:\n\n- To allow the IP address `192.0.2.44` , specify `192.0.2.44` or `192.0.2.44/32` .\n- To allow the IP addresses `192.0.2.0` to `192.0.2.255` , specify `192.0.2.0/24` .", + "title": "Cidrs", + "type": "array" + }, + "CommonName": { + "markdownDescription": "The common name of the port information.", + "title": "CommonName", + "type": "string" + }, + "FromPort": { + "markdownDescription": "The first port in a range of open ports on an instance.\n\nAllowed ports:\n\n- TCP and UDP - `0` to `65535`\n- ICMP - The ICMP type for IPv4 addresses. For example, specify `8` as the `fromPort` (ICMP type), and `-1` as the `toPort` (ICMP code), to enable ICMP Ping.\n- ICMPv6 - The ICMP type for IPv6 addresses. For example, specify `128` as the `fromPort` (ICMPv6 type), and `0` as `toPort` (ICMPv6 code).", + "title": "FromPort", + "type": "number" + }, + "Ipv6Cidrs": { + "items": { + "type": "string" + }, + "markdownDescription": "The IPv6 address, or range of IPv6 addresses (in CIDR notation) that are allowed to connect to an instance through the ports, and the protocol. Only devices with an IPv6 address can connect to an instance through IPv6; otherwise, IPv4 should be used.\n\n> The `cidrs` parameter lists the IPv4 addresses that are allowed to connect to an instance.", + "title": "Ipv6Cidrs", + "type": "array" + }, + "Protocol": { + "markdownDescription": "The IP protocol name.\n\nThe name can be one of the following:\n\n- `tcp` - Transmission Control Protocol (TCP) provides reliable, ordered, and error-checked delivery of streamed data between applications running on hosts communicating by an IP network. If you have an application that doesn't require reliable data stream service, use UDP instead.\n- `all` - All transport layer protocol types.\n- `udp` - With User Datagram Protocol (UDP), computer applications can send messages (or datagrams) to other hosts on an Internet Protocol (IP) network. Prior communications are not required to set up transmission channels or data paths. Applications that don't require reliable data stream service can use UDP, which provides a connectionless datagram service that emphasizes reduced latency over reliability. If you do require reliable data stream service, use TCP instead.\n- `icmp` - Internet Control Message Protocol (ICMP) is used to send error messages and operational information indicating success or failure when communicating with an instance. For example, an error is indicated when an instance could not be reached. When you specify `icmp` as the `protocol` , you must specify the ICMP type using the `fromPort` parameter, and ICMP code using the `toPort` parameter.", + "title": "Protocol", + "type": "string" + }, + "ToPort": { + "markdownDescription": "The last port in a range of open ports on an instance.\n\nAllowed ports:\n\n- TCP and UDP - `0` to `65535`\n- ICMP - The ICMP code for IPv4 addresses. For example, specify `8` as the `fromPort` (ICMP type), and `-1` as the `toPort` (ICMP code), to enable ICMP Ping.\n- ICMPv6 - The ICMP code for IPv6 addresses. For example, specify `128` as the `fromPort` (ICMPv6 type), and `0` as `toPort` (ICMPv6 code).", + "title": "ToPort", + "type": "number" } }, "type": "object" }, - "AWS::Omics::ReferenceStore": { + "AWS::Lightsail::Instance.State": { + "additionalProperties": false, + "properties": { + "Code": { + "markdownDescription": "The status code of the instance.", + "title": "Code", + "type": "number" + }, + "Name": { + "markdownDescription": "The state of the instance (for example, `running` or `pending` ).", + "title": "Name", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Lightsail::InstanceSnapshot": { "additionalProperties": false, "properties": { "Condition": { @@ -170978,41 +175734,34 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description for the store.", - "title": "Description", + "InstanceName": { + "markdownDescription": "The name the user gave the instance ( `Amazon_Linux_2023-1` ).", + "title": "InstanceName", "type": "string" }, - "Name": { - "markdownDescription": "A name for the store.", - "title": "Name", + "InstanceSnapshotName": { + "markdownDescription": "The name of the snapshot.", + "title": "InstanceSnapshotName", "type": "string" }, - "SseConfig": { - "$ref": "#/definitions/AWS::Omics::ReferenceStore.SseConfig", - "markdownDescription": "Server-side encryption (SSE) settings for the store.", - "title": "SseConfig" - }, "Tags": { - "additionalProperties": true, - "markdownDescription": "Tags for the store.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "The tag keys and optional values for the resource. For more information about tags in Lightsail, see the [Amazon Lightsail Developer Guide](https://docs.aws.amazon.com/lightsail/latest/userguide/amazon-lightsail-tags) .", "title": "Tags", - "type": "object" + "type": "array" } }, "required": [ - "Name" + "InstanceName", + "InstanceSnapshotName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Omics::ReferenceStore" + "AWS::Lightsail::InstanceSnapshot" ], "type": "string" }, @@ -171031,26 +175780,23 @@ ], "type": "object" }, - "AWS::Omics::ReferenceStore.SseConfig": { + "AWS::Lightsail::InstanceSnapshot.Location": { "additionalProperties": false, "properties": { - "KeyArn": { - "markdownDescription": "An encryption key ARN.", - "title": "KeyArn", + "AvailabilityZone": { + "markdownDescription": "", + "title": "AvailabilityZone", "type": "string" }, - "Type": { - "markdownDescription": "The encryption type.", - "title": "Type", + "RegionName": { + "markdownDescription": "", + "title": "RegionName", "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::Omics::RunGroup": { + "AWS::Lightsail::LoadBalancer": { "additionalProperties": false, "properties": { "Condition": { @@ -171085,48 +175831,67 @@ "Properties": { "additionalProperties": false, "properties": { - "MaxCpus": { - "markdownDescription": "The group's maximum CPU count setting.", - "title": "MaxCpus", - "type": "number" + "AttachedInstances": { + "items": { + "type": "string" + }, + "markdownDescription": "The Lightsail instances to attach to the load balancer.", + "title": "AttachedInstances", + "type": "array" }, - "MaxDuration": { - "markdownDescription": "The group's maximum duration setting in minutes.", - "title": "MaxDuration", - "type": "number" + "HealthCheckPath": { + "markdownDescription": "The path on the attached instance where the health check will be performed. If no path is specified, the load balancer tries to make a request to the default (root) page ( `/index.html` ).", + "title": "HealthCheckPath", + "type": "string" }, - "MaxGpus": { - "markdownDescription": "The maximum GPUs that can be used by a run group.", - "title": "MaxGpus", + "InstancePort": { + "markdownDescription": "The port that the load balancer uses to direct traffic to your Lightsail instances. For HTTP traffic, specify port `80` . For HTTPS traffic, specify port `443` .", + "title": "InstancePort", "type": "number" }, - "MaxRuns": { - "markdownDescription": "The group's maximum concurrent run setting.", - "title": "MaxRuns", - "type": "number" + "IpAddressType": { + "markdownDescription": "The IP address type of the load balancer.\n\nThe possible values are `ipv4` for IPv4 only, and `dualstack` for both IPv4 and IPv6.", + "title": "IpAddressType", + "type": "string" }, - "Name": { - "markdownDescription": "The group's name.", - "title": "Name", + "LoadBalancerName": { + "markdownDescription": "The name of the load balancer.", + "title": "LoadBalancerName", + "type": "string" + }, + "SessionStickinessEnabled": { + "markdownDescription": "A Boolean value indicating whether session stickiness is enabled.\n\nEnable session stickiness (also known as *session affinity* ) to bind a user's session to a specific instance. This ensures that all requests from the user during the session are sent to the same instance.", + "title": "SessionStickinessEnabled", + "type": "boolean" + }, + "SessionStickinessLBCookieDurationSeconds": { + "markdownDescription": "The time period, in seconds, after which the load balancer session stickiness cookie should be considered stale. If you do not specify this parameter, the default value is 0, which indicates that the sticky session should last for the duration of the browser session.", + "title": "SessionStickinessLBCookieDurationSeconds", "type": "string" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "Tags for the group.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", "title": "Tags", - "type": "object" + "type": "array" + }, + "TlsPolicyName": { + "markdownDescription": "The name of the TLS security policy for the load balancer.", + "title": "TlsPolicyName", + "type": "string" } }, + "required": [ + "InstancePort", + "LoadBalancerName" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Omics::RunGroup" + "AWS::Lightsail::LoadBalancer" ], "type": "string" }, @@ -171140,11 +175905,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Omics::SequenceStore": { + "AWS::Lightsail::LoadBalancerTlsCertificate": { "additionalProperties": false, "properties": { "Condition": { @@ -171179,46 +175945,50 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description for the store.", - "title": "Description", - "type": "string" + "CertificateAlternativeNames": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of alternative domain names and subdomain names for your SSL/TLS certificate.\n\nIn addition to the primary domain name, you can have up to nine alternative domain names. Wildcards (such as `*.example.com` ) are not supported.", + "title": "CertificateAlternativeNames", + "type": "array" }, - "FallbackLocation": { - "markdownDescription": "An S3 location that is used to store files that have failed a direct upload.", - "title": "FallbackLocation", + "CertificateDomainName": { + "markdownDescription": "The domain name for the SSL/TLS certificate. For example, `example.com` or `www.example.com` .", + "title": "CertificateDomainName", "type": "string" }, - "Name": { - "markdownDescription": "A name for the store.", - "title": "Name", + "CertificateName": { + "markdownDescription": "The name of the SSL/TLS certificate.", + "title": "CertificateName", "type": "string" }, - "SseConfig": { - "$ref": "#/definitions/AWS::Omics::SequenceStore.SseConfig", - "markdownDescription": "Server-side encryption (SSE) settings for the store.", - "title": "SseConfig" + "HttpsRedirectionEnabled": { + "markdownDescription": "A Boolean value indicating whether HTTPS redirection is enabled for the load balancer that the TLS certificate is attached to.", + "title": "HttpsRedirectionEnabled", + "type": "boolean" }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Tags for the store.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" + "IsAttached": { + "markdownDescription": "A Boolean value indicating whether the SSL/TLS certificate is attached to a Lightsail load balancer.", + "title": "IsAttached", + "type": "boolean" + }, + "LoadBalancerName": { + "markdownDescription": "The name of the load balancer that the SSL/TLS certificate is attached to.", + "title": "LoadBalancerName", + "type": "string" } }, "required": [ - "Name" + "CertificateDomainName", + "CertificateName", + "LoadBalancerName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Omics::SequenceStore" + "AWS::Lightsail::LoadBalancerTlsCertificate" ], "type": "string" }, @@ -171237,26 +176007,7 @@ ], "type": "object" }, - "AWS::Omics::SequenceStore.SseConfig": { - "additionalProperties": false, - "properties": { - "KeyArn": { - "markdownDescription": "An encryption key ARN.", - "title": "KeyArn", - "type": "string" - }, - "Type": { - "markdownDescription": "The encryption type.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::Omics::VariantStore": { + "AWS::Lightsail::StaticIp": { "additionalProperties": false, "properties": { "Condition": { @@ -171291,47 +176042,25 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description for the store.", - "title": "Description", + "AttachedTo": { + "markdownDescription": "The instance that the static IP is attached to.", + "title": "AttachedTo", "type": "string" }, - "Name": { - "markdownDescription": "A name for the store.", - "title": "Name", + "StaticIpName": { + "markdownDescription": "The name of the static IP.", + "title": "StaticIpName", "type": "string" - }, - "Reference": { - "$ref": "#/definitions/AWS::Omics::VariantStore.ReferenceItem", - "markdownDescription": "The genome reference for the store's variants.", - "title": "Reference" - }, - "SseConfig": { - "$ref": "#/definitions/AWS::Omics::VariantStore.SseConfig", - "markdownDescription": "Server-side encryption (SSE) settings for the store.", - "title": "SseConfig" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Tags for the store.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" } }, "required": [ - "Name", - "Reference" + "StaticIpName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Omics::VariantStore" + "AWS::Lightsail::StaticIp" ], "type": "string" }, @@ -171350,40 +176079,7 @@ ], "type": "object" }, - "AWS::Omics::VariantStore.ReferenceItem": { - "additionalProperties": false, - "properties": { - "ReferenceArn": { - "markdownDescription": "The reference's ARN.", - "title": "ReferenceArn", - "type": "string" - } - }, - "required": [ - "ReferenceArn" - ], - "type": "object" - }, - "AWS::Omics::VariantStore.SseConfig": { - "additionalProperties": false, - "properties": { - "KeyArn": { - "markdownDescription": "An encryption key ARN.", - "title": "KeyArn", - "type": "string" - }, - "Type": { - "markdownDescription": "The encryption type.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::Omics::Workflow": { + "AWS::Location::APIKey": { "additionalProperties": false, "properties": { "Condition": { @@ -171418,69 +176114,59 @@ "Properties": { "additionalProperties": false, "properties": { - "Accelerators": { - "markdownDescription": "", - "title": "Accelerators", - "type": "string" - }, - "DefinitionUri": { - "markdownDescription": "The URI of a definition for the workflow.", - "title": "DefinitionUri", - "type": "string" - }, "Description": { - "markdownDescription": "The parameter's description.", + "markdownDescription": "Updates the description for the API key resource.", "title": "Description", "type": "string" }, - "Engine": { - "markdownDescription": "An engine for the workflow.", - "title": "Engine", + "ExpireTime": { + "markdownDescription": "The optional timestamp for when the API key resource will expire in [ISO 8601 format](https://docs.aws.amazon.com/https://www.iso.org/iso-8601-date-and-time-format.html) .", + "title": "ExpireTime", "type": "string" }, - "Main": { - "markdownDescription": "The path of the main definition file for the workflow.", - "title": "Main", - "type": "string" + "ForceDelete": { + "markdownDescription": "ForceDelete bypasses an API key's expiry conditions and deletes the key. Set the parameter `true` to delete the key or to `false` to not preemptively delete the API key.\n\nValid values: `true` , or `false` .\n\n> This action is irreversible. Only use ForceDelete if you are certain the key is no longer in use.", + "title": "ForceDelete", + "type": "boolean" }, - "Name": { - "markdownDescription": "The workflow's name.", - "title": "Name", + "ForceUpdate": { + "markdownDescription": "The boolean flag to be included for updating `ExpireTime` or Restrictions details.\nMust be set to `true` to update an API key resource that has been used in the past 7 days. `False` if force update is not preferred.", + "title": "ForceUpdate", + "type": "boolean" + }, + "KeyName": { + "markdownDescription": "A custom name for the API key resource.\n\nRequirements:\n\n- Contain only alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139), hyphens (-), periods (.), and underscores (_).\n- Must be a unique API key name.\n- No spaces allowed. For example, `ExampleAPIKey` .", + "title": "KeyName", "type": "string" }, - "ParameterTemplate": { - "additionalProperties": false, - "markdownDescription": "The workflow's parameter template.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::Omics::Workflow.WorkflowParameter" - } - }, - "title": "ParameterTemplate", - "type": "object" + "NoExpiry": { + "markdownDescription": "Whether the API key should expire. Set to `true` to set the API key to have no expiration time.", + "title": "NoExpiry", + "type": "boolean" }, - "StorageCapacity": { - "markdownDescription": "The default static storage capacity (in gibibytes) for runs that use this workflow or workflow version.", - "title": "StorageCapacity", - "type": "number" + "Restrictions": { + "$ref": "#/definitions/AWS::Location::APIKey.ApiKeyRestrictions", + "markdownDescription": "The API key restrictions for the API key resource.", + "title": "Restrictions" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "Tags for the workflow.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "Applies one or more tags to the map resource. A tag is a key-value pair that helps manage, identify, search, and filter your resources by labelling them.", "title": "Tags", - "type": "object" + "type": "array" } }, + "required": [ + "KeyName", + "Restrictions" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Omics::Workflow" + "AWS::Location::APIKey" ], "type": "string" }, @@ -171494,27 +176180,46 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Omics::Workflow.WorkflowParameter": { + "AWS::Location::APIKey.ApiKeyRestrictions": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The parameter's description.", - "title": "Description", - "type": "string" + "AllowActions": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of allowed actions that an API key resource grants permissions to perform. You must have at least one action for each type of resource. For example, if you have a place resource, you must include at least one place action.\n\nThe following are valid values for the actions.\n\n- *Map actions*\n\n- `geo:GetMap*` - Allows all actions needed for map rendering.\n- *Enhanced Maps actions*\n\n- `geo-maps:GetTile` - Allows getting map tiles for rendering.\n- `geo-maps:GetStaticMap` - Allows getting static map images.\n- *Place actions*\n\n- `geo:SearchPlaceIndexForText` - Allows finding geo coordinates of a known place.\n- `geo:SearchPlaceIndexForPosition` - Allows getting nearest address to geo coordinates.\n- `geo:SearchPlaceIndexForSuggestions` - Allows suggestions based on an incomplete or misspelled query.\n- `geo:GetPlace` - Allows getting details of a place.\n- *Enhanced Places actions*\n\n- `geo-places:Autcomplete` - Allows auto-completion of search text.\n- `geo-places:Geocode` - Allows finding geo coordinates of a known place.\n- `geo-places:GetPlace` - Allows getting details of a place.\n- `geo-places:ReverseGeocode` - Allows getting nearest address to geo coordinates.\n- `geo-places:SearchNearby` - Allows category based places search around geo coordinates.\n- `geo-places:SearchText` - Allows place or address search based on free-form text.\n- `geo-places:Suggest` - Allows suggestions based on an incomplete or misspelled query.\n- *Route actions*\n\n- `geo:CalculateRoute` - Allows point to point routing.\n- `geo:CalculateRouteMatrix` - Allows matrix routing.\n- *Enhanced Routes actions*\n\n- `geo-routes:CalculateIsolines` - Allows isoline calculation.\n- `geo-routes:CalculateRoutes` - Allows point to point routing.\n- `geo-routes:CalculateRouteMatrix` - Allows matrix routing.\n- `geo-routes:OptimizeWaypoints` - Allows computing the best sequence of waypoints.\n- `geo-routes:SnapToRoads` - Allows snapping GPS points to a likely route.\n\n> You must use these strings exactly. For example, to provide access to map rendering, the only valid action is `geo:GetMap*` as an input to the list. `[\"geo:GetMap*\"]` is valid but `[\"geo:GetTile\"]` is not. Similarly, you cannot use `[\"geo:SearchPlaceIndexFor*\"]` - you must list each of the Place actions separately.", + "title": "AllowActions", + "type": "array" }, - "Optional": { - "markdownDescription": "Whether the parameter is optional.", - "title": "Optional", - "type": "boolean" + "AllowReferers": { + "items": { + "type": "string" + }, + "markdownDescription": "An optional list of allowed HTTP referers for which requests must originate from. Requests using this API key from other domains will not be allowed.\n\nRequirements:\n\n- Contain only alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139) or any symbols in this list `$\\-._+!*`(),;/?:@=&`\n- May contain a percent (%) if followed by 2 hexadecimal digits (A-F, a-f, 0-9); this is used for URL encoding purposes.\n- May contain wildcard characters question mark (?) and asterisk (*).\n\nQuestion mark (?) will replace any single character (including hexadecimal digits).\n\nAsterisk (*) will replace any multiple characters (including multiple hexadecimal digits).\n- No spaces allowed. For example, `https://example.com` .", + "title": "AllowReferers", + "type": "array" + }, + "AllowResources": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of allowed resource ARNs that a API key bearer can perform actions on.\n\n- The ARN must be the correct ARN for a map, place, or route ARN. You may include wildcards in the resource-id to match multiple resources of the same type.\n- The resources must be in the same `partition` , `region` , and `account-id` as the key that is being created.\n- Other than wildcards, you must include the full ARN, including the `arn` , `partition` , `service` , `region` , `account-id` and `resource-id` delimited by colons (:).\n- No spaces allowed, even with wildcards. For example, `arn:aws:geo:region: *account-id* :map/ExampleMap*` .\n\nFor more information about ARN format, see [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) .", + "title": "AllowResources", + "type": "array" } }, + "required": [ + "AllowActions", + "AllowResources" + ], "type": "object" }, - "AWS::OpenSearchServerless::AccessPolicy": { + "AWS::Location::GeofenceCollection": { "additionalProperties": false, "properties": { "Condition": { @@ -171549,37 +176254,38 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the policy.", - "title": "Description", + "CollectionName": { + "markdownDescription": "A custom name for the geofence collection.\n\nRequirements:\n\n- Contain only alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139), hyphens (-), periods (.), and underscores (_).\n- Must be a unique geofence collection name.\n- No spaces allowed. For example, `ExampleGeofenceCollection` .", + "title": "CollectionName", "type": "string" }, - "Name": { - "markdownDescription": "The name of the policy.", - "title": "Name", + "Description": { + "markdownDescription": "An optional description for the geofence collection.", + "title": "Description", "type": "string" }, - "Policy": { - "markdownDescription": "The JSON policy document without any whitespaces.", - "title": "Policy", + "KmsKeyId": { + "markdownDescription": "A key identifier for an [AWS KMS customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/create-keys.html) . Enter a key ID, key ARN, alias name, or alias ARN.", + "title": "KmsKeyId", "type": "string" }, - "Type": { - "markdownDescription": "The type of access policy. Currently the only option is `data` .", - "title": "Type", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Applies one or more tags to the geofence collection. A tag is a key-value pair helps manage, identify, search, and filter your resources by labelling them.\n\nFormat: `\"key\" : \"value\"`\n\nRestrictions:\n\n- Maximum 50 tags per resource\n- Each resource tag must be unique with a maximum of one value.\n- Maximum key length: 128 Unicode characters in UTF-8\n- Maximum value length: 256 Unicode characters in UTF-8\n- Can use alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139), and the following characters: + - = . _ : / @.\n- Cannot use \"aws:\" as a prefix for a key.", + "title": "Tags", + "type": "array" } }, "required": [ - "Name", - "Policy", - "Type" + "CollectionName" ], "type": "object" }, "Type": { "enum": [ - "AWS::OpenSearchServerless::AccessPolicy" + "AWS::Location::GeofenceCollection" ], "type": "string" }, @@ -171598,7 +176304,7 @@ ], "type": "object" }, - "AWS::OpenSearchServerless::Collection": { + "AWS::Location::Map": { "additionalProperties": false, "properties": { "Condition": { @@ -171633,43 +176339,44 @@ "Properties": { "additionalProperties": false, "properties": { + "Configuration": { + "$ref": "#/definitions/AWS::Location::Map.MapConfiguration", + "markdownDescription": "Specifies the `MapConfiguration` , including the map style, for the map resource that you create. The map style defines the look of maps and the data provider for your map resource.", + "title": "Configuration" + }, "Description": { - "markdownDescription": "A description of the collection.", + "markdownDescription": "An optional description for the map resource.", "title": "Description", "type": "string" }, - "Name": { - "markdownDescription": "The name of the collection.\n\nCollection names must meet the following criteria:\n\n- Starts with a lowercase letter\n- Unique to your account and AWS Region\n- Contains between 3 and 28 characters\n- Contains only lowercase letters a-z, the numbers 0-9, and the hyphen (-)", - "title": "Name", + "MapName": { + "markdownDescription": "The name for the map resource.\n\nRequirements:\n\n- Must contain only alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139), hyphens (-), periods (.), and underscores (_).\n- Must be a unique map resource name.\n- No spaces allowed. For example, `ExampleMap` .", + "title": "MapName", "type": "string" }, - "StandbyReplicas": { - "markdownDescription": "Indicates whether to use standby replicas for the collection. You can't update this property after the collection is already created. If you attempt to modify this property, the collection continues to use the original value.", - "title": "StandbyReplicas", + "PricingPlan": { + "markdownDescription": "No longer used. If included, the only allowed value is `RequestBasedUsage` .\n\n*Allowed Values* : `RequestBasedUsage`", + "title": "PricingPlan", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An arbitrary set of tags (key\u2013value pairs) to associate with the collection.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "Applies one or more tags to the map resource. A tag is a key-value pair helps manage, identify, search, and filter your resources by labelling them.\n\nFormat: `\"key\" : \"value\"`\n\nRestrictions:\n\n- Maximum 50 tags per resource\n- Each resource tag must be unique with a maximum of one value.\n- Maximum key length: 128 Unicode characters in UTF-8\n- Maximum value length: 256 Unicode characters in UTF-8\n- Can use alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139), and the following characters: + - = . _ : / @.\n- Cannot use \"aws:\" as a prefix for a key.", "title": "Tags", "type": "array" - }, - "Type": { - "markdownDescription": "The type of collection. Possible values are `SEARCH` , `TIMESERIES` , and `VECTORSEARCH` . For more information, see [Choosing a collection type](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/serverless-overview.html#serverless-usecase) .", - "title": "Type", - "type": "string" } }, "required": [ - "Name" + "Configuration", + "MapName" ], "type": "object" }, "Type": { "enum": [ - "AWS::OpenSearchServerless::Collection" + "AWS::Location::Map" ], "type": "string" }, @@ -171688,7 +176395,34 @@ ], "type": "object" }, - "AWS::OpenSearchServerless::LifecyclePolicy": { + "AWS::Location::Map.MapConfiguration": { + "additionalProperties": false, + "properties": { + "CustomLayers": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the custom layers for the style. Leave unset to not enable any custom layer, or, for styles that support custom layers, you can enable layer(s), such as the `POI` layer for the VectorEsriNavigation style.\n\n> Currenlty only `VectorEsriNavigation` supports CustomLayers. For more information, see [Custom Layers](https://docs.aws.amazon.com//location/latest/developerguide/map-concepts.html#map-custom-layers) .", + "title": "CustomLayers", + "type": "array" + }, + "PoliticalView": { + "markdownDescription": "Specifies the map political view selected from an available data provider.", + "title": "PoliticalView", + "type": "string" + }, + "Style": { + "markdownDescription": "Specifies the map style selected from an available data provider.\n\nValid [Esri map styles](https://docs.aws.amazon.com/location/previous/developerguide/esri.html) :\n\n- `VectorEsriDarkGrayCanvas` \u2013 The Esri Dark Gray Canvas map style. A vector basemap with a dark gray, neutral background with minimal colors, labels, and features that's designed to draw attention to your thematic content.\n- `RasterEsriImagery` \u2013 The Esri Imagery map style. A raster basemap that provides one meter or better satellite and aerial imagery in many parts of the world and lower resolution satellite imagery worldwide.\n- `VectorEsriLightGrayCanvas` \u2013 The Esri Light Gray Canvas map style, which provides a detailed vector basemap with a light gray, neutral background style with minimal colors, labels, and features that's designed to draw attention to your thematic content.\n- `VectorEsriTopographic` \u2013 The Esri Light map style, which provides a detailed vector basemap with a classic Esri map style.\n- `VectorEsriStreets` \u2013 The Esri Street Map style, which provides a detailed vector basemap for the world symbolized with a classic Esri street map style. The vector tile layer is similar in content and style to the World Street Map raster map.\n- `VectorEsriNavigation` \u2013 The Esri Navigation map style, which provides a detailed basemap for the world symbolized with a custom navigation map style that's designed for use during the day in mobile devices.\n\nValid [HERE Technologies map styles](https://docs.aws.amazon.com/location/previous/developerguide/HERE.html) :\n\n- `VectorHereContrast` \u2013 The HERE Contrast (Berlin) map style is a high contrast detailed base map of the world that blends 3D and 2D rendering.\n\n> The `VectorHereContrast` style has been renamed from `VectorHereBerlin` . `VectorHereBerlin` has been deprecated, but will continue to work in applications that use it.\n- `VectorHereExplore` \u2013 A default HERE map style containing a neutral, global map and its features including roads, buildings, landmarks, and water features. It also now includes a fully designed map of Japan.\n- `VectorHereExploreTruck` \u2013 A global map containing truck restrictions and attributes (e.g. width / height / HAZMAT) symbolized with highlighted segments and icons on top of HERE Explore to support use cases within transport and logistics.\n- `RasterHereExploreSatellite` \u2013 A global map containing high resolution satellite imagery.\n- `HybridHereExploreSatellite` \u2013 A global map displaying the road network, street names, and city labels over satellite imagery. This style will automatically retrieve both raster and vector tiles, and your charges will be based on total tiles retrieved.\n\n> Hybrid styles use both vector and raster tiles when rendering the map that you see. This means that more tiles are retrieved than when using either vector or raster tiles alone. Your charges will include all tiles retrieved.\n\nValid [GrabMaps map styles](https://docs.aws.amazon.com/location/previous/developerguide/grab.html) :\n\n- `VectorGrabStandardLight` \u2013 The Grab Standard Light map style provides a basemap with detailed land use coloring, area names, roads, landmarks, and points of interest covering Southeast Asia.\n- `VectorGrabStandardDark` \u2013 The Grab Standard Dark map style provides a dark variation of the standard basemap covering Southeast Asia.\n\n> Grab provides maps only for countries in Southeast Asia, and is only available in the Asia Pacific (Singapore) Region ( `ap-southeast-1` ). For more information, see [GrabMaps countries and area covered](https://docs.aws.amazon.com/location/previous/developerguide/grab.html#grab-coverage-area) . \n\nValid [Open Data map styles](https://docs.aws.amazon.com/location/previous/developerguide/open-data.html) :\n\n- `VectorOpenDataStandardLight` \u2013 The Open Data Standard Light map style provides a detailed basemap for the world suitable for website and mobile application use. The map includes highways major roads, minor roads, railways, water features, cities, parks, landmarks, building footprints, and administrative boundaries.\n- `VectorOpenDataStandardDark` \u2013 Open Data Standard Dark is a dark-themed map style that provides a detailed basemap for the world suitable for website and mobile application use. The map includes highways major roads, minor roads, railways, water features, cities, parks, landmarks, building footprints, and administrative boundaries.\n- `VectorOpenDataVisualizationLight` \u2013 The Open Data Visualization Light map style is a light-themed style with muted colors and fewer features that aids in understanding overlaid data.\n- `VectorOpenDataVisualizationDark` \u2013 The Open Data Visualization Dark map style is a dark-themed style with muted colors and fewer features that aids in understanding overlaid data.", + "title": "Style", + "type": "string" + } + }, + "required": [ + "Style" + ], + "type": "object" + }, + "AWS::Location::PlaceIndex": { "additionalProperties": false, "properties": { "Condition": { @@ -171723,37 +176457,49 @@ "Properties": { "additionalProperties": false, "properties": { + "DataSource": { + "markdownDescription": "Specifies the geospatial data provider for the new place index.\n\n> This field is case-sensitive. Enter the valid values as shown. For example, entering `HERE` returns an error. \n\nValid values include:\n\n- `Esri` \u2013 For additional information about [Esri](https://docs.aws.amazon.com/location/previous/developerguide/esri.html) 's coverage in your region of interest, see [Esri details on geocoding coverage](https://docs.aws.amazon.com/https://developers.arcgis.com/rest/geocode/api-reference/geocode-coverage.htm) .\n- `Grab` \u2013 Grab provides place index functionality for Southeast Asia. For additional information about [GrabMaps](https://docs.aws.amazon.com/location/previous/developerguide/grab.html) ' coverage, see [GrabMaps countries and areas covered](https://docs.aws.amazon.com/location/previous/developerguide/grab.html#grab-coverage-area) .\n- `Here` \u2013 For additional information about [HERE Technologies](https://docs.aws.amazon.com/location/previous/developerguide/HERE.html) ' coverage in your region of interest, see [HERE details on goecoding coverage](https://docs.aws.amazon.com/https://developer.here.com/documentation/geocoder/dev_guide/topics/coverage-geocoder.html) .\n\n> If you specify HERE Technologies ( `Here` ) as the data provider, you may not [store results](https://docs.aws.amazon.com//location-places/latest/APIReference/API_DataSourceConfiguration.html) for locations in Japan. For more information, see the [AWS service terms](https://docs.aws.amazon.com/service-terms/) for Amazon Location Service.\n\nFor additional information , see [Data providers](https://docs.aws.amazon.com/location/previous/developerguide/what-is-data-provider.html) on the *Amazon Location Service developer guide* .", + "title": "DataSource", + "type": "string" + }, + "DataSourceConfiguration": { + "$ref": "#/definitions/AWS::Location::PlaceIndex.DataSourceConfiguration", + "markdownDescription": "Specifies the data storage option requesting Places.", + "title": "DataSourceConfiguration" + }, "Description": { - "markdownDescription": "The description of the lifecycle policy.", + "markdownDescription": "The optional description for the place index resource.", "title": "Description", "type": "string" }, - "Name": { - "markdownDescription": "The name of the lifecycle policy.", - "title": "Name", + "IndexName": { + "markdownDescription": "The name of the place index resource.\n\nRequirements:\n\n- Contain only alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139), hyphens (-), periods (.), and underscores (_).\n- Must be a unique place index resource name.\n- No spaces allowed. For example, `ExamplePlaceIndex` .", + "title": "IndexName", "type": "string" }, - "Policy": { - "markdownDescription": "The JSON policy document without any whitespaces.", - "title": "Policy", + "PricingPlan": { + "markdownDescription": "No longer used. If included, the only allowed value is `RequestBasedUsage` .\n\n*Allowed Values* : `RequestBasedUsage`", + "title": "PricingPlan", "type": "string" }, - "Type": { - "markdownDescription": "The type of lifecycle policy.", - "title": "Type", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" } }, "required": [ - "Name", - "Policy", - "Type" + "DataSource", + "IndexName" ], "type": "object" }, "Type": { "enum": [ - "AWS::OpenSearchServerless::LifecyclePolicy" + "AWS::Location::PlaceIndex" ], "type": "string" }, @@ -171772,7 +176518,18 @@ ], "type": "object" }, - "AWS::OpenSearchServerless::SecurityConfig": { + "AWS::Location::PlaceIndex.DataSourceConfiguration": { + "additionalProperties": false, + "properties": { + "IntendedUse": { + "markdownDescription": "Specifies how the results of an operation will be stored by the caller.\n\nValid values include:\n\n- `SingleUse` specifies that the results won't be stored.\n- `Storage` specifies that the result can be cached or stored in a database.\n\nDefault value: `SingleUse`", + "title": "IntendedUse", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Location::RouteCalculator": { "additionalProperties": false, "properties": { "Condition": { @@ -171807,32 +176564,44 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the security configuration.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the security configuration.", - "title": "Name", + "CalculatorName": { + "markdownDescription": "The name of the route calculator resource.\n\nRequirements:\n\n- Can use alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139) , hyphens (-), periods (.), and underscores (_).\n- Must be a unique Route calculator resource name.\n- No spaces allowed. For example, `ExampleRouteCalculator` .", + "title": "CalculatorName", "type": "string" }, - "SamlOptions": { - "$ref": "#/definitions/AWS::OpenSearchServerless::SecurityConfig.SamlConfigOptions", - "markdownDescription": "SAML options for the security configuration in the form of a key-value map.", - "title": "SamlOptions" + "DataSource": { + "markdownDescription": "Specifies the data provider of traffic and road network data.\n\n> This field is case-sensitive. Enter the valid values as shown. For example, entering `HERE` returns an error. \n\nValid values include:\n\n- `Esri` \u2013 For additional information about [Esri](https://docs.aws.amazon.com/location/previous/developerguide/esri.html) 's coverage in your region of interest, see [Esri details on street networks and traffic coverage](https://docs.aws.amazon.com/https://doc.arcgis.com/en/arcgis-online/reference/network-coverage.htm) .\n\nRoute calculators that use Esri as a data source only calculate routes that are shorter than 400 km.\n- `Grab` \u2013 Grab provides routing functionality for Southeast Asia. For additional information about [GrabMaps](https://docs.aws.amazon.com/location/previous/developerguide/grab.html) ' coverage, see [GrabMaps countries and areas covered](https://docs.aws.amazon.com/location/previous/developerguide/grab.html#grab-coverage-area) .\n- `Here` \u2013 For additional information about [HERE Technologies](https://docs.aws.amazon.com/location/previous/developerguide/HERE.html) ' coverage in your region of interest, see [HERE car routing coverage](https://docs.aws.amazon.com/https://developer.here.com/documentation/routing-api/dev_guide/topics/coverage/car-routing.html) and [HERE truck routing coverage](https://docs.aws.amazon.com/https://developer.here.com/documentation/routing-api/dev_guide/topics/coverage/truck-routing.html) .\n\nFor additional information , see [Data providers](https://docs.aws.amazon.com/location/previous/developerguide/what-is-data-provider.html) on the *Amazon Location Service Developer Guide* .", + "title": "DataSource", + "type": "string" }, - "Type": { - "markdownDescription": "The type of security configuration. Currently the only option is `saml` .", - "title": "Type", + "Description": { + "markdownDescription": "The optional description for the route calculator resource.", + "title": "Description", + "type": "string" + }, + "PricingPlan": { + "markdownDescription": "No longer used. If included, the only allowed value is `RequestBasedUsage` .\n\n*Allowed Values* : `RequestBasedUsage`", + "title": "PricingPlan", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" } }, + "required": [ + "CalculatorName", + "DataSource" + ], "type": "object" }, "Type": { "enum": [ - "AWS::OpenSearchServerless::SecurityConfig" + "AWS::Location::RouteCalculator" ], "type": "string" }, @@ -171846,40 +176615,12 @@ } }, "required": [ - "Type" - ], - "type": "object" - }, - "AWS::OpenSearchServerless::SecurityConfig.SamlConfigOptions": { - "additionalProperties": false, - "properties": { - "GroupAttribute": { - "markdownDescription": "The group attribute for this SAML integration.", - "title": "GroupAttribute", - "type": "string" - }, - "Metadata": { - "markdownDescription": "The XML IdP metadata file generated from your identity provider.", - "title": "Metadata", - "type": "string" - }, - "SessionTimeout": { - "markdownDescription": "The session timeout, in minutes. Default is 60 minutes (12 hours).", - "title": "SessionTimeout", - "type": "number" - }, - "UserAttribute": { - "markdownDescription": "A user attribute for this SAML integration.", - "title": "UserAttribute", - "type": "string" - } - }, - "required": [ - "Metadata" + "Type", + "Properties" ], "type": "object" }, - "AWS::OpenSearchServerless::SecurityPolicy": { + "AWS::Location::Tracker": { "additionalProperties": false, "properties": { "Condition": { @@ -171915,36 +176656,52 @@ "additionalProperties": false, "properties": { "Description": { - "markdownDescription": "The description of the security policy.", + "markdownDescription": "An optional description for the tracker resource.", "title": "Description", "type": "string" }, - "Name": { - "markdownDescription": "The name of the policy.", - "title": "Name", + "EventBridgeEnabled": { + "markdownDescription": "", + "title": "EventBridgeEnabled", + "type": "boolean" + }, + "KmsKeyEnableGeospatialQueries": { + "markdownDescription": "", + "title": "KmsKeyEnableGeospatialQueries", + "type": "boolean" + }, + "KmsKeyId": { + "markdownDescription": "A key identifier for an [AWS KMS customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/create-keys.html) . Enter a key ID, key ARN, alias name, or alias ARN.", + "title": "KmsKeyId", "type": "string" }, - "Policy": { - "markdownDescription": "The JSON policy document without any whitespaces.", - "title": "Policy", + "PositionFiltering": { + "markdownDescription": "Specifies the position filtering for the tracker resource.\n\nValid values:\n\n- `TimeBased` - Location updates are evaluated against linked geofence collections, but not every location update is stored. If your update frequency is more often than 30 seconds, only one update per 30 seconds is stored for each unique device ID.\n- `DistanceBased` - If the device has moved less than 30 m (98.4 ft), location updates are ignored. Location updates within this area are neither evaluated against linked geofence collections, nor stored. This helps control costs by reducing the number of geofence evaluations and historical device positions to paginate through. Distance-based filtering can also reduce the effects of GPS noise when displaying device trajectories on a map.\n- `AccuracyBased` - If the device has moved less than the measured accuracy, location updates are ignored. For example, if two consecutive updates from a device have a horizontal accuracy of 5 m and 10 m, the second update is ignored if the device has moved less than 15 m. Ignored location updates are neither evaluated against linked geofence collections, nor stored. This can reduce the effects of GPS noise when displaying device trajectories on a map, and can help control your costs by reducing the number of geofence evaluations.\n\nThis field is optional. If not specified, the default value is `TimeBased` .", + "title": "PositionFiltering", "type": "string" }, - "Type": { - "markdownDescription": "The type of security policy. Can be either `encryption` or `network` .", - "title": "Type", + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + }, + "TrackerName": { + "markdownDescription": "The name for the tracker resource.\n\nRequirements:\n\n- Contain only alphanumeric characters (A-Z, a-z, 0-9) , hyphens (-), periods (.), and underscores (_).\n- Must be a unique tracker resource name.\n- No spaces allowed. For example, `ExampleTracker` .", + "title": "TrackerName", "type": "string" } }, "required": [ - "Name", - "Policy", - "Type" + "TrackerName" ], "type": "object" }, "Type": { "enum": [ - "AWS::OpenSearchServerless::SecurityPolicy" + "AWS::Location::Tracker" ], "type": "string" }, @@ -171963,7 +176720,7 @@ ], "type": "object" }, - "AWS::OpenSearchServerless::VpcEndpoint": { + "AWS::Location::TrackerConsumer": { "additionalProperties": false, "properties": { "Condition": { @@ -171998,43 +176755,26 @@ "Properties": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the endpoint.", - "title": "Name", + "ConsumerArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the geofence collection to be associated to tracker resource. Used when you need to specify a resource across all AWS .\n\n- Format example: `arn:aws:geo:region:account-id:geofence-collection/ExampleGeofenceCollectionConsumer`", + "title": "ConsumerArn", "type": "string" }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The unique identifiers of the security groups that define the ports, protocols, and sources for inbound traffic that you are authorizing into your endpoint.", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The ID of the subnets from which you access OpenSearch Serverless.", - "title": "SubnetIds", - "type": "array" - }, - "VpcId": { - "markdownDescription": "The ID of the VPC from which you access OpenSearch Serverless.", - "title": "VpcId", + "TrackerName": { + "markdownDescription": "The name for the tracker resource.\n\nRequirements:\n\n- Contain only alphanumeric characters (A-Z, a-z, 0-9) , hyphens (-), periods (.), and underscores (_).\n- Must be a unique tracker resource name.\n- No spaces allowed. For example, `ExampleTracker` .", + "title": "TrackerName", "type": "string" } }, "required": [ - "Name", - "SubnetIds", - "VpcId" + "ConsumerArn", + "TrackerName" ], "type": "object" }, "Type": { "enum": [ - "AWS::OpenSearchServerless::VpcEndpoint" + "AWS::Location::TrackerConsumer" ], "type": "string" }, @@ -172053,7 +176793,7 @@ ], "type": "object" }, - "AWS::OpenSearchService::Domain": { + "AWS::Logs::AccountPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -172088,117 +176828,42 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessPolicies": { - "markdownDescription": "An AWS Identity and Access Management ( IAM ) policy document that specifies who can access the OpenSearch Service domain and their permissions. For more information, see [Configuring access policies](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ac.html#ac-creating) in the *Amazon OpenSearch Service Developer Guide* .", - "title": "AccessPolicies", - "type": "object" - }, - "AdvancedOptions": { - "additionalProperties": true, - "markdownDescription": "Additional options to specify for the OpenSearch Service domain. For more information, see [AdvancedOptions](https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_CreateDomain.html#API_CreateDomain_RequestBody) in the OpenSearch Service API reference.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "AdvancedOptions", - "type": "object" - }, - "AdvancedSecurityOptions": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.AdvancedSecurityOptionsInput", - "markdownDescription": "Specifies options for fine-grained access control and SAML authentication.\n\nIf you specify advanced security options, you must also enable node-to-node encryption ( [NodeToNodeEncryptionOptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-nodetonodeencryptionoptions.html) ) and encryption at rest ( [EncryptionAtRestOptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-encryptionatrestoptions.html) ). You must also enable `EnforceHTTPS` within [DomainEndpointOptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-domainendpointoptions.html) , which requires HTTPS for all traffic to the domain.", - "title": "AdvancedSecurityOptions" - }, - "ClusterConfig": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.ClusterConfig", - "markdownDescription": "Container for the cluster configuration of a domain.", - "title": "ClusterConfig" - }, - "CognitoOptions": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.CognitoOptions", - "markdownDescription": "Configures OpenSearch Service to use Amazon Cognito authentication for OpenSearch Dashboards.", - "title": "CognitoOptions" - }, - "DomainEndpointOptions": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.DomainEndpointOptions", - "markdownDescription": "Specifies additional options for the domain endpoint, such as whether to require HTTPS for all traffic or whether to use a custom endpoint rather than the default endpoint.", - "title": "DomainEndpointOptions" - }, - "DomainName": { - "markdownDescription": "A name for the OpenSearch Service domain. The name must have a minimum length of 3 and a maximum length of 28. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the domain name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nRequired when creating a new domain.\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "DomainName", + "PolicyDocument": { + "markdownDescription": "Specify the policy, in JSON.\n\n*Data protection policy*\n\nA data protection policy must include two JSON blocks:\n\n- The first block must include both a `DataIdentifer` array and an `Operation` property with an `Audit` action. The `DataIdentifer` array lists the types of sensitive data that you want to mask. For more information about the available options, see [Types of data that you can mask](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/mask-sensitive-log-data-types.html) .\n\nThe `Operation` property with an `Audit` action is required to find the sensitive data terms. This `Audit` action must contain a `FindingsDestination` object. You can optionally use that `FindingsDestination` object to list one or more destinations to send audit findings to. If you specify destinations such as log groups, Firehose streams, and S3 buckets, they must already exist.\n- The second block must include both a `DataIdentifer` array and an `Operation` property with an `Deidentify` action. The `DataIdentifer` array must exactly match the `DataIdentifer` array in the first block of the policy.\n\nThe `Operation` property with the `Deidentify` action is what actually masks the data, and it must contain the `\"MaskConfig\": {}` object. The `\"MaskConfig\": {}` object must be empty.\n\n> The contents of the two `DataIdentifer` arrays must match exactly. \n\nIn addition to the two JSON blocks, the `policyDocument` can also include `Name` , `Description` , and `Version` fields. The `Name` is different than the operation's `policyName` parameter, and is used as a dimension when CloudWatch Logs reports audit findings metrics to CloudWatch .\n\nThe JSON specified in `policyDocument` can be up to 30,720 characters long.\n\n*Subscription filter policy*\n\nA subscription filter policy can include the following attributes in a JSON block:\n\n- *DestinationArn* The ARN of the destination to deliver log events to. Supported destinations are:\n\n- An Kinesis Data Streams data stream in the same account as the subscription policy, for same-account delivery.\n- An Firehose data stream in the same account as the subscription policy, for same-account delivery.\n- A Lambda function in the same account as the subscription policy, for same-account delivery.\n- A logical destination in a different account created with [PutDestination](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDestination.html) , for cross-account delivery. Kinesis Data Streams and Firehose are supported as logical destinations.\n- *RoleArn* The ARN of an IAM role that grants CloudWatch Logs permissions to deliver ingested log events to the destination stream. You don't need to provide the ARN when you are working with a logical destination for cross-account delivery.\n- *FilterPattern* A filter pattern for subscribing to a filtered stream of log events.\n- *Distribution* The method used to distribute log data to the destination. By default, log data is grouped by log stream, but the grouping can be set to `Random` for a more even distribution. This property is only applicable when the destination is an Kinesis Data Streams data stream.\n\n*Field index policy*\n\nA field index filter policy can include the following attribute in a JSON block:\n\n- *Fields* The array of field indexes to create.\n\nThe following is an example of an index policy document that creates two indexes, `RequestId` and `TransactionId` .\n\n`\"policyDocument\": \"{ \\\"Fields\\\": [ \\\"RequestId\\\", \\\"TransactionId\\\" ] }\"`\n\n*Transformer policy*\n\nA transformer policy must include one JSON block with the array of processors and their configurations. For more information about available processors, see [Processors that you can use](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-Processors) .", + "title": "PolicyDocument", "type": "string" }, - "EBSOptions": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.EBSOptions", - "markdownDescription": "The configurations of Amazon Elastic Block Store (Amazon EBS) volumes that are attached to data nodes in the OpenSearch Service domain. For more information, see [EBS volume size limits](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/limits.html#ebsresource) in the *Amazon OpenSearch Service Developer Guide* .", - "title": "EBSOptions" - }, - "EncryptionAtRestOptions": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.EncryptionAtRestOptions", - "markdownDescription": "Whether the domain should encrypt data at rest, and if so, the AWS KMS key to use. See [Encryption of data at rest for Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/encryption-at-rest.html) .\n\nIf no encryption at rest options were initially specified in the template, updating this property by adding it causes no interruption. However, if you change this property after it's already been set within a template, the domain is deleted and recreated in order to modify the property.", - "title": "EncryptionAtRestOptions" - }, - "EngineVersion": { - "markdownDescription": "The version of OpenSearch to use. The value must be in the format `OpenSearch_X.Y` or `Elasticsearch_X.Y` . If not specified, the latest version of OpenSearch is used. For information about the versions that OpenSearch Service supports, see [Supported versions of OpenSearch and Elasticsearch](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/what-is.html#choosing-version) in the *Amazon OpenSearch Service Developer Guide* .\n\nIf you set the [EnableVersionUpgrade](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-upgradeopensearchdomain) update policy to `true` , you can update `EngineVersion` without interruption. When `EnableVersionUpgrade` is set to `false` , or is not specified, updating `EngineVersion` results in [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "EngineVersion", + "PolicyName": { + "markdownDescription": "A name for the policy. This must be unique within the account.", + "title": "PolicyName", "type": "string" }, - "IPAddressType": { - "markdownDescription": "Choose either dual stack or IPv4 as your IP address type. Dual stack allows you to share domain resources across IPv4 and IPv6 address types, and is the recommended option. If you set your IP address type to dual stack, you can't change your address type later.", - "title": "IPAddressType", + "PolicyType": { + "markdownDescription": "The type of policy that you're creating or updating.", + "title": "PolicyType", "type": "string" }, - "LogPublishingOptions": { - "additionalProperties": false, - "markdownDescription": "An object with one or more of the following keys: `SEARCH_SLOW_LOGS` , `ES_APPLICATION_LOGS` , `INDEX_SLOW_LOGS` , `AUDIT_LOGS` , depending on the types of logs you want to publish. Each key needs a valid `LogPublishingOption` value. For the full syntax, see the [examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-opensearchservice-domain.html#aws-resource-opensearchservice-domain--examples) .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.LogPublishingOption" - } - }, - "title": "LogPublishingOptions", - "type": "object" - }, - "NodeToNodeEncryptionOptions": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.NodeToNodeEncryptionOptions", - "markdownDescription": "Specifies whether node-to-node encryption is enabled. See [Node-to-node encryption for Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ntn.html) .", - "title": "NodeToNodeEncryptionOptions" - }, - "OffPeakWindowOptions": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.OffPeakWindowOptions", - "markdownDescription": "Options for a domain's off-peak window, during which OpenSearch Service can perform mandatory configuration changes on the domain.", - "title": "OffPeakWindowOptions" - }, - "SnapshotOptions": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.SnapshotOptions", - "markdownDescription": "*DEPRECATED* . The automated snapshot configuration for the OpenSearch Service domain indexes.", - "title": "SnapshotOptions" - }, - "SoftwareUpdateOptions": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.SoftwareUpdateOptions", - "markdownDescription": "Service software update options for the domain.", - "title": "SoftwareUpdateOptions" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An arbitrary set of tags (key\u2013value pairs) to associate with the OpenSearch Service domain.", - "title": "Tags", - "type": "array" + "Scope": { + "markdownDescription": "Currently the only valid value for this parameter is `ALL` , which specifies that the policy applies to all log groups in the account. If you omit this parameter, the default of `ALL` is used. To scope down a subscription filter policy to a subset of log groups, use the `SelectionCriteria` parameter.", + "title": "Scope", + "type": "string" }, - "VPCOptions": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.VPCOptions", - "markdownDescription": "The virtual private cloud (VPC) configuration for the OpenSearch Service domain. For more information, see [Launching your Amazon OpenSearch Service domains within a VPC](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/vpc.html) in the *Amazon OpenSearch Service Developer Guide* .\n\nIf you remove this entity altogether, along with its associated properties, it causes a replacement. You might encounter this scenario if you're updating your security configuration from a VPC to a public endpoint.", - "title": "VPCOptions" + "SelectionCriteria": { + "markdownDescription": "Use this parameter to apply the new policy to a subset of log groups in the account.\n\nYou need to specify `SelectionCriteria` only when you specify `SUBSCRIPTION_FILTER_POLICY` , `FIELD_INDEX_POLICY` or `TRANSFORMER_POLICY` for `PolicyType` .\n\nIf `PolicyType` is `SUBSCRIPTION_FILTER_POLICY` , the only supported `SelectionCriteria` filter is `LogGroupName NOT IN []`\n\nIf `PolicyType` is `FIELD_INDEX_POLICY` or `TRANSFORMER_POLICY` , the only supported `SelectionCriteria` filter is `LogGroupNamePrefix`\n\nThe `SelectionCriteria` string can be up to 25KB in length. The length is determined by using its UTF-8 bytes.\n\nUsing the `SelectionCriteria` parameter with `SUBSCRIPTION_FILTER_POLICY` is useful to help prevent infinite loops. For more information, see [Log recursion prevention](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/Subscriptions-recursion-prevention.html) .", + "title": "SelectionCriteria", + "type": "string" } }, + "required": [ + "PolicyDocument", + "PolicyName", + "PolicyType" + ], "type": "object" }, "Type": { "enum": [ - "AWS::OpenSearchService::Domain" + "AWS::Logs::AccountPolicy" ], "type": "string" }, @@ -172212,485 +176877,12 @@ } }, "required": [ - "Type" - ], - "type": "object" - }, - "AWS::OpenSearchService::Domain.AdvancedSecurityOptionsInput": { - "additionalProperties": false, - "properties": { - "AnonymousAuthDisableDate": { - "markdownDescription": "Date and time when the migration period will be disabled. Only necessary when [enabling fine-grained access control on an existing domain](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/fgac.html#fgac-enabling-existing) .", - "title": "AnonymousAuthDisableDate", - "type": "string" - }, - "AnonymousAuthEnabled": { - "markdownDescription": "True to enable a 30-day migration period during which administrators can create role mappings. Only necessary when [enabling fine-grained access control on an existing domain](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/fgac.html#fgac-enabling-existing) .", - "title": "AnonymousAuthEnabled", - "type": "boolean" - }, - "Enabled": { - "markdownDescription": "True to enable fine-grained access control. You must also enable encryption of data at rest and node-to-node encryption. See [Fine-grained access control in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/fgac.html) .", - "title": "Enabled", - "type": "boolean" - }, - "InternalUserDatabaseEnabled": { - "markdownDescription": "True to enable the internal user database.", - "title": "InternalUserDatabaseEnabled", - "type": "boolean" - }, - "MasterUserOptions": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.MasterUserOptions", - "markdownDescription": "Specifies information about the master user.", - "title": "MasterUserOptions" - }, - "SAMLOptions": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.SAMLOptions", - "markdownDescription": "Container for information about the SAML configuration for OpenSearch Dashboards.", - "title": "SAMLOptions" - } - }, - "type": "object" - }, - "AWS::OpenSearchService::Domain.ClusterConfig": { - "additionalProperties": false, - "properties": { - "ColdStorageOptions": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.ColdStorageOptions", - "markdownDescription": "Container for cold storage configuration options.", - "title": "ColdStorageOptions" - }, - "DedicatedMasterCount": { - "markdownDescription": "The number of instances to use for the master node. If you specify this property, you must specify `true` for the `DedicatedMasterEnabled` property.", - "title": "DedicatedMasterCount", - "type": "number" - }, - "DedicatedMasterEnabled": { - "markdownDescription": "Indicates whether to use a dedicated master node for the OpenSearch Service domain. A dedicated master node is a cluster node that performs cluster management tasks, but doesn't hold data or respond to data upload requests. Dedicated master nodes offload cluster management tasks to increase the stability of your search clusters. See [Dedicated master nodes in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-dedicatedmasternodes.html) .", - "title": "DedicatedMasterEnabled", - "type": "boolean" - }, - "DedicatedMasterType": { - "markdownDescription": "The hardware configuration of the computer that hosts the dedicated master node, such as `m3.medium.search` . If you specify this property, you must specify `true` for the `DedicatedMasterEnabled` property. For valid values, see [Supported instance types in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/supported-instance-types.html) .", - "title": "DedicatedMasterType", - "type": "string" - }, - "InstanceCount": { - "markdownDescription": "The number of data nodes (instances) to use in the OpenSearch Service domain.", - "title": "InstanceCount", - "type": "number" - }, - "InstanceType": { - "markdownDescription": "The instance type for your data nodes, such as `m3.medium.search` . For valid values, see [Supported instance types in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/supported-instance-types.html) .", - "title": "InstanceType", - "type": "string" - }, - "MultiAZWithStandbyEnabled": { - "markdownDescription": "Indicates whether Multi-AZ with Standby deployment option is enabled. For more information, see [Multi-AZ with Standby](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-multiaz.html#managedomains-za-standby) .", - "title": "MultiAZWithStandbyEnabled", - "type": "boolean" - }, - "WarmCount": { - "markdownDescription": "The number of warm nodes in the cluster.", - "title": "WarmCount", - "type": "number" - }, - "WarmEnabled": { - "markdownDescription": "Whether to enable UltraWarm storage for the cluster. See [UltraWarm storage for Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ultrawarm.html) .", - "title": "WarmEnabled", - "type": "boolean" - }, - "WarmType": { - "markdownDescription": "The instance type for the cluster's warm nodes.", - "title": "WarmType", - "type": "string" - }, - "ZoneAwarenessConfig": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.ZoneAwarenessConfig", - "markdownDescription": "Specifies zone awareness configuration options. Only use if `ZoneAwarenessEnabled` is `true` .", - "title": "ZoneAwarenessConfig" - }, - "ZoneAwarenessEnabled": { - "markdownDescription": "Indicates whether to enable zone awareness for the OpenSearch Service domain. When you enable zone awareness, OpenSearch Service allocates the nodes and replica index shards that belong to a cluster across two Availability Zones (AZs) in the same region to prevent data loss and minimize downtime in the event of node or data center failure. Don't enable zone awareness if your cluster has no replica index shards or is a single-node cluster. For more information, see [Configuring a multi-AZ domain in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-multiaz.html) .", - "title": "ZoneAwarenessEnabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::OpenSearchService::Domain.CognitoOptions": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Whether to enable or disable Amazon Cognito authentication for OpenSearch Dashboards. See [Amazon Cognito authentication for OpenSearch Dashboards](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/cognito-auth.html) .", - "title": "Enabled", - "type": "boolean" - }, - "IdentityPoolId": { - "markdownDescription": "The Amazon Cognito identity pool ID that you want OpenSearch Service to use for OpenSearch Dashboards authentication.\n\nRequired if you enabled Cognito Authentication for OpenSearch Dashboards.", - "title": "IdentityPoolId", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The `AmazonOpenSearchServiceCognitoAccess` role that allows OpenSearch Service to configure your user pool and identity pool.\n\nRequired if you enabled Cognito Authentication for OpenSearch Dashboards.", - "title": "RoleArn", - "type": "string" - }, - "UserPoolId": { - "markdownDescription": "The Amazon Cognito user pool ID that you want OpenSearch Service to use for OpenSearch Dashboards authentication.\n\nRequired if you enabled Cognito Authentication for OpenSearch Dashboards.", - "title": "UserPoolId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::OpenSearchService::Domain.ColdStorageOptions": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Whether to enable or disable cold storage on the domain. You must enable UltraWarm storage to enable cold storage.", - "title": "Enabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::OpenSearchService::Domain.DomainEndpointOptions": { - "additionalProperties": false, - "properties": { - "CustomEndpoint": { - "markdownDescription": "The fully qualified URL for your custom endpoint. Required if you enabled a custom endpoint for the domain.", - "title": "CustomEndpoint", - "type": "string" - }, - "CustomEndpointCertificateArn": { - "markdownDescription": "The AWS Certificate Manager ARN for your domain's SSL/TLS certificate. Required if you enabled a custom endpoint for the domain.", - "title": "CustomEndpointCertificateArn", - "type": "string" - }, - "CustomEndpointEnabled": { - "markdownDescription": "True to enable a custom endpoint for the domain. If enabled, you must also provide values for `CustomEndpoint` and `CustomEndpointCertificateArn` .", - "title": "CustomEndpointEnabled", - "type": "boolean" - }, - "EnforceHTTPS": { - "markdownDescription": "True to require that all traffic to the domain arrive over HTTPS. Required if you enable fine-grained access control in [AdvancedSecurityOptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .", - "title": "EnforceHTTPS", - "type": "boolean" - }, - "TLSSecurityPolicy": { - "markdownDescription": "The minimum TLS version required for traffic to the domain. The policy can be one of the following values:\n\n- *Policy-Min-TLS-1-0-2019-07:* TLS security policy that supports TLS version 1.0 to TLS version 1.2\n- *Policy-Min-TLS-1-2-2019-07:* TLS security policy that supports only TLS version 1.2\n- *Policy-Min-TLS-1-2-PFS-2023-10:* TLS security policy that supports TLS version 1.2 to TLS version 1.3 with perfect forward secrecy cipher suites", - "title": "TLSSecurityPolicy", - "type": "string" - } - }, - "type": "object" - }, - "AWS::OpenSearchService::Domain.EBSOptions": { - "additionalProperties": false, - "properties": { - "EBSEnabled": { - "markdownDescription": "Specifies whether Amazon EBS volumes are attached to data nodes in the OpenSearch Service domain.", - "title": "EBSEnabled", - "type": "boolean" - }, - "Iops": { - "markdownDescription": "The number of I/O operations per second (IOPS) that the volume supports. This property applies only to the `gp3` and provisioned IOPS EBS volume types.", - "title": "Iops", - "type": "number" - }, - "Throughput": { - "markdownDescription": "The throughput (in MiB/s) of the EBS volumes attached to data nodes. Applies only to the `gp3` volume type.", - "title": "Throughput", - "type": "number" - }, - "VolumeSize": { - "markdownDescription": "The size (in GiB) of the EBS volume for each data node. The minimum and maximum size of an EBS volume depends on the EBS volume type and the instance type to which it is attached. For more information, see [EBS volume size limits](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/limits.html#ebsresource) in the *Amazon OpenSearch Service Developer Guide* .", - "title": "VolumeSize", - "type": "number" - }, - "VolumeType": { - "markdownDescription": "The EBS volume type to use with the OpenSearch Service domain. If you choose `gp3` , you must also specify values for `Iops` and `Throughput` . For more information about each type, see [Amazon EBS volume types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) in the *Amazon EC2 User Guide for Linux Instances* .", - "title": "VolumeType", - "type": "string" - } - }, - "type": "object" - }, - "AWS::OpenSearchService::Domain.EncryptionAtRestOptions": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Specify `true` to enable encryption at rest. Required if you enable fine-grained access control in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .\n\nIf no encryption at rest options were initially specified in the template, updating this property by adding it causes no interruption. However, if you change this property after it's already been set within a template, the domain is deleted and recreated in order to modify the property.", - "title": "Enabled", - "type": "boolean" - }, - "KmsKeyId": { - "markdownDescription": "The KMS key ID. Takes the form `1a2a3a4-1a2a-3a4a-5a6a-1a2a3a4a5a6a` . Required if you enable encryption at rest.\n\nYou can also use `keyAlias` as a value.\n\nIf no encryption at rest options were initially specified in the template, updating this property by adding it causes no interruption. However, if you change this property after it's already been set within a template, the domain is deleted and recreated in order to modify the property.", - "title": "KmsKeyId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::OpenSearchService::Domain.Idp": { - "additionalProperties": false, - "properties": { - "EntityId": { - "markdownDescription": "The unique entity ID of the application in the SAML identity provider.", - "title": "EntityId", - "type": "string" - }, - "MetadataContent": { - "markdownDescription": "The metadata of the SAML application, in XML format.", - "title": "MetadataContent", - "type": "string" - } - }, - "required": [ - "EntityId", - "MetadataContent" - ], - "type": "object" - }, - "AWS::OpenSearchService::Domain.LogPublishingOption": { - "additionalProperties": false, - "properties": { - "CloudWatchLogsLogGroupArn": { - "markdownDescription": "Specifies the CloudWatch log group to publish to. Required if you enable log publishing.", - "title": "CloudWatchLogsLogGroupArn", - "type": "string" - }, - "Enabled": { - "markdownDescription": "If `true` , enables the publishing of logs to CloudWatch.\n\nDefault: `false` .", - "title": "Enabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::OpenSearchService::Domain.MasterUserOptions": { - "additionalProperties": false, - "properties": { - "MasterUserARN": { - "markdownDescription": "Amazon Resource Name (ARN) for the master user. The ARN can point to an IAM user or role. This property is required for Amazon Cognito to work, and it must match the role configured for Cognito. Only specify if `InternalUserDatabaseEnabled` is false in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .", - "title": "MasterUserARN", - "type": "string" - }, - "MasterUserName": { - "markdownDescription": "Username for the master user. Only specify if `InternalUserDatabaseEnabled` is true in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .\n\nIf you don't want to specify this value directly within the template, you can use a [dynamic reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html) instead.", - "title": "MasterUserName", - "type": "string" - }, - "MasterUserPassword": { - "markdownDescription": "Password for the master user. Only specify if `InternalUserDatabaseEnabled` is true in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .\n\nIf you don't want to specify this value directly within the template, you can use a [dynamic reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html) instead.", - "title": "MasterUserPassword", - "type": "string" - } - }, - "type": "object" - }, - "AWS::OpenSearchService::Domain.NodeToNodeEncryptionOptions": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Specifies to enable or disable node-to-node encryption on the domain. Required if you enable fine-grained access control in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .", - "title": "Enabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::OpenSearchService::Domain.OffPeakWindow": { - "additionalProperties": false, - "properties": { - "WindowStartTime": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.WindowStartTime", - "markdownDescription": "The desired start time for an off-peak maintenance window.", - "title": "WindowStartTime" - } - }, - "type": "object" - }, - "AWS::OpenSearchService::Domain.OffPeakWindowOptions": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Specifies whether off-peak window settings are enabled for the domain.", - "title": "Enabled", - "type": "boolean" - }, - "OffPeakWindow": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.OffPeakWindow", - "markdownDescription": "Off-peak window settings for the domain.", - "title": "OffPeakWindow" - } - }, - "type": "object" - }, - "AWS::OpenSearchService::Domain.SAMLOptions": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "True to enable SAML authentication for a domain.", - "title": "Enabled", - "type": "boolean" - }, - "Idp": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.Idp", - "markdownDescription": "The SAML Identity Provider's information.", - "title": "Idp" - }, - "MasterBackendRole": { - "markdownDescription": "The backend role that the SAML master user is mapped to.", - "title": "MasterBackendRole", - "type": "string" - }, - "MasterUserName": { - "markdownDescription": "The SAML master user name, which is stored in the domain's internal user database.", - "title": "MasterUserName", - "type": "string" - }, - "RolesKey": { - "markdownDescription": "Element of the SAML assertion to use for backend roles. Default is `roles` .", - "title": "RolesKey", - "type": "string" - }, - "SessionTimeoutMinutes": { - "markdownDescription": "The duration, in minutes, after which a user session becomes inactive. Acceptable values are between 1 and 1440, and the default value is 60.", - "title": "SessionTimeoutMinutes", - "type": "number" - }, - "SubjectKey": { - "markdownDescription": "Element of the SAML assertion to use for the user name. Default is `NameID` .", - "title": "SubjectKey", - "type": "string" - } - }, - "type": "object" - }, - "AWS::OpenSearchService::Domain.ServiceSoftwareOptions": { - "additionalProperties": false, - "properties": { - "AutomatedUpdateDate": { - "markdownDescription": "The timestamp, in Epoch time, until which you can manually request a service software update. After this date, we automatically update your service software.", - "title": "AutomatedUpdateDate", - "type": "string" - }, - "Cancellable": { - "markdownDescription": "True if you're able to cancel your service software version update. False if you can't cancel your service software update.", - "title": "Cancellable", - "type": "boolean" - }, - "CurrentVersion": { - "markdownDescription": "The current service software version present on the domain.", - "title": "CurrentVersion", - "type": "string" - }, - "Description": { - "markdownDescription": "A description of the service software update status.", - "title": "Description", - "type": "string" - }, - "NewVersion": { - "markdownDescription": "The new service software version, if one is available.", - "title": "NewVersion", - "type": "string" - }, - "OptionalDeployment": { - "markdownDescription": "True if a service software is never automatically updated. False if a service software is automatically updated after the automated update date.", - "title": "OptionalDeployment", - "type": "boolean" - }, - "UpdateAvailable": { - "markdownDescription": "True if you're able to update your service software version. False if you can't update your service software version.", - "title": "UpdateAvailable", - "type": "boolean" - }, - "UpdateStatus": { - "markdownDescription": "The status of your service software update.", - "title": "UpdateStatus", - "type": "string" - } - }, - "type": "object" - }, - "AWS::OpenSearchService::Domain.SnapshotOptions": { - "additionalProperties": false, - "properties": { - "AutomatedSnapshotStartHour": { - "markdownDescription": "The hour in UTC during which the service takes an automated daily snapshot of the indexes in the OpenSearch Service domain. For example, if you specify 0, OpenSearch Service takes an automated snapshot everyday between midnight and 1 am. You can specify a value between 0 and 23.", - "title": "AutomatedSnapshotStartHour", - "type": "number" - } - }, - "type": "object" - }, - "AWS::OpenSearchService::Domain.SoftwareUpdateOptions": { - "additionalProperties": false, - "properties": { - "AutoSoftwareUpdateEnabled": { - "markdownDescription": "Specifies whether automatic service software updates are enabled for the domain.", - "title": "AutoSoftwareUpdateEnabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::OpenSearchService::Domain.VPCOptions": { - "additionalProperties": false, - "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of security group IDs that are associated with the VPC endpoints for the domain. If you don't provide a security group ID, OpenSearch Service uses the default security group for the VPC. To learn more, see [Security groups for your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) in the *Amazon VPC User Guide* .", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "Provide one subnet ID for each Availability Zone that your domain uses. For example, you must specify three subnet IDs for a three-AZ domain. To learn more, see [VPCs and subnets](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) in the *Amazon VPC User Guide* .\n\nIf you specify more than one subnet, you must also configure `ZoneAwarenessEnabled` and `ZoneAwarenessConfig` within [ClusterConfig](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-clusterconfig.html) , otherwise you'll see the error \"You must specify exactly one subnet\" during template creation.", - "title": "SubnetIds", - "type": "array" - } - }, - "type": "object" - }, - "AWS::OpenSearchService::Domain.WindowStartTime": { - "additionalProperties": false, - "properties": { - "Hours": { - "markdownDescription": "The start hour of the window in Coordinated Universal Time (UTC), using 24-hour time. For example, 17 refers to 5:00 P.M. UTC. The minimum value is 0 and the maximum value is 23.", - "title": "Hours", - "type": "number" - }, - "Minutes": { - "markdownDescription": "The start minute of the window, in UTC. The minimum value is 0 and the maximum value is 59.", - "title": "Minutes", - "type": "number" - } - }, - "required": [ - "Hours", - "Minutes" + "Type", + "Properties" ], "type": "object" }, - "AWS::OpenSearchService::Domain.ZoneAwarenessConfig": { - "additionalProperties": false, - "properties": { - "AvailabilityZoneCount": { - "markdownDescription": "If you enabled multiple Availability Zones (AZs), the number of AZs that you want the domain to use.\n\nValid values are `2` and `3` . Default is 2.", - "title": "AvailabilityZoneCount", - "type": "number" - } - }, - "type": "object" - }, - "AWS::OpsWorks::App": { + "AWS::Logs::Delivery": { "additionalProperties": false, "properties": { "Condition": { @@ -172725,92 +176917,57 @@ "Properties": { "additionalProperties": false, "properties": { - "AppSource": { - "$ref": "#/definitions/AWS::OpsWorks::App.Source", - "markdownDescription": "A `Source` object that specifies the app repository.", - "title": "AppSource" - }, - "Attributes": { - "additionalProperties": true, - "markdownDescription": "One or more user-defined key/value pairs to be added to the stack attributes.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Attributes", - "type": "object" + "DeliveryDestinationArn": { + "markdownDescription": "The ARN of the delivery destination that is associated with this delivery.", + "title": "DeliveryDestinationArn", + "type": "string" }, - "DataSources": { - "items": { - "$ref": "#/definitions/AWS::OpsWorks::App.DataSource" - }, - "markdownDescription": "The app's data source.", - "title": "DataSources", - "type": "array" + "DeliverySourceName": { + "markdownDescription": "The name of the delivery source that is associated with this delivery.", + "title": "DeliverySourceName", + "type": "string" }, - "Description": { - "markdownDescription": "A description of the app.", - "title": "Description", + "FieldDelimiter": { + "markdownDescription": "The field delimiter that is used between record fields when the final output format of a delivery is in `Plain` , `W3C` , or `Raw` format.", + "title": "FieldDelimiter", "type": "string" }, - "Domains": { + "RecordFields": { "items": { "type": "string" }, - "markdownDescription": "The app virtual host settings, with multiple domains separated by commas. For example: `'www.example.com, example.com'`", - "title": "Domains", + "markdownDescription": "The list of record fields to be delivered to the destination, in order. If the delivery's log source has mandatory fields, they must be included in this list.", + "title": "RecordFields", "type": "array" }, - "EnableSsl": { - "markdownDescription": "Whether to enable SSL for the app.", - "title": "EnableSsl", + "S3EnableHiveCompatiblePath": { + "markdownDescription": "Use this parameter to cause the S3 objects that contain delivered logs to use a prefix structure that allows for integration with Apache Hive.", + "title": "S3EnableHiveCompatiblePath", "type": "boolean" }, - "Environment": { + "S3SuffixPath": { + "markdownDescription": "Use this to reconfigure the S3 object prefix to contain either static or variable sections. The valid variables to use in the suffix path will vary by each log source. To find the values supported for the suffix path for each log source, use the [DescribeConfigurationTemplates](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DescribeConfigurationTemplates.html) operation and check the `allowedSuffixPathFields` field in the response.", + "title": "S3SuffixPath", + "type": "string" + }, + "Tags": { "items": { - "$ref": "#/definitions/AWS::OpsWorks::App.EnvironmentVariable" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of `EnvironmentVariable` objects that specify environment variables to be associated with the app. After you deploy the app, these variables are defined on the associated app server instance. For more information, see [Environment Variables](https://docs.aws.amazon.com/opsworks/latest/userguide/workingapps-creating.html#workingapps-creating-environment) .\n\nThere is no specific limit on the number of environment variables. However, the size of the associated data structure - which includes the variables' names, values, and protected flag values - cannot exceed 20 KB. This limit should accommodate most if not all use cases. Exceeding it will cause an exception with the message, \"Environment: is too large (maximum is 20KB).\"\n\n> If you have specified one or more environment variables, you cannot modify the stack's Chef version.", - "title": "Environment", + "markdownDescription": "An array of key-value pairs to apply to the delivery.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", "type": "array" - }, - "Name": { - "markdownDescription": "The app name.", - "title": "Name", - "type": "string" - }, - "Shortname": { - "markdownDescription": "The app's short name.", - "title": "Shortname", - "type": "string" - }, - "SslConfiguration": { - "$ref": "#/definitions/AWS::OpsWorks::App.SslConfiguration", - "markdownDescription": "An `SslConfiguration` object with the SSL configuration.", - "title": "SslConfiguration" - }, - "StackId": { - "markdownDescription": "The stack ID.", - "title": "StackId", - "type": "string" - }, - "Type": { - "markdownDescription": "The app type. Each supported type is associated with a particular layer. For example, PHP applications are associated with a PHP layer. AWS OpsWorks Stacks deploys an application to those instances that are members of the corresponding layer. If your app isn't one of the standard types, or you prefer to implement your own Deploy recipes, specify `other` .", - "title": "Type", - "type": "string" } }, "required": [ - "Name", - "StackId", - "Type" + "DeliveryDestinationArn", + "DeliverySourceName" ], "type": "object" }, "Type": { "enum": [ - "AWS::OpsWorks::App" + "AWS::Logs::Delivery" ], "type": "string" }, @@ -172829,110 +176986,113 @@ ], "type": "object" }, - "AWS::OpsWorks::App.DataSource": { + "AWS::Logs::DeliveryDestination": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The data source's ARN.", - "title": "Arn", - "type": "string" - }, - "DatabaseName": { - "markdownDescription": "The database name.", - "title": "DatabaseName", + "Condition": { "type": "string" }, - "Type": { - "markdownDescription": "The data source's type, `AutoSelectOpsworksMysqlInstance` , `OpsworksMysqlInstance` , `RdsDbInstance` , or `None` .", - "title": "Type", - "type": "string" - } - }, - "type": "object" - }, - "AWS::OpsWorks::App.EnvironmentVariable": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "(Required) The environment variable's name, which can consist of up to 64 characters and must be specified. The name can contain upper- and lowercase letters, numbers, and underscores (_), but it must start with a letter or underscore.", - "title": "Key", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Secure": { - "markdownDescription": "(Optional) Whether the variable's value is returned by the `DescribeApps` action. To hide an environment variable's value, set `Secure` to `true` . `DescribeApps` returns `*****FILTERED*****` instead of the actual value. The default value for `Secure` is `false` .", - "title": "Secure", - "type": "boolean" - }, - "Value": { - "markdownDescription": "(Optional) The environment variable's value, which can be left empty. If you specify a value, it can contain up to 256 characters, which must all be printable.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - }, - "AWS::OpsWorks::App.Source": { - "additionalProperties": false, - "properties": { - "Password": { - "markdownDescription": "When included in a request, the parameter depends on the repository type.\n\n- For Amazon S3 bundles, set `Password` to the appropriate IAM secret access key.\n- For HTTP bundles and Subversion repositories, set `Password` to the password.\n\nFor more information on how to safely handle IAM credentials, see [](https://docs.aws.amazon.com/general/latest/gr/aws-access-keys-best-practices.html) .\n\nIn responses, AWS OpsWorks Stacks returns `*****FILTERED*****` instead of the actual value.", - "title": "Password", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Revision": { - "markdownDescription": "The application's version. AWS OpsWorks Stacks enables you to easily deploy new versions of an application. One of the simplest approaches is to have branches or revisions in your repository that represent different versions that can potentially be deployed.", - "title": "Revision", - "type": "string" + "Metadata": { + "type": "object" }, - "SshKey": { - "markdownDescription": "In requests, the repository's SSH key.\n\nIn responses, AWS OpsWorks Stacks returns `*****FILTERED*****` instead of the actual value.", - "title": "SshKey", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "DeliveryDestinationPolicy": { + "$ref": "#/definitions/AWS::Logs::DeliveryDestination.DestinationPolicy", + "markdownDescription": "An IAM policy that grants permissions to CloudWatch Logs to deliver logs cross-account to a specified destination in this account. For examples of this policy, see [Examples](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDeliveryDestinationPolicy.html#API_PutDeliveryDestinationPolicy_Examples) in the CloudWatch Logs API Reference.", + "title": "DeliveryDestinationPolicy" + }, + "DestinationResourceArn": { + "markdownDescription": "The ARN of the AWS destination that this delivery destination represents. That AWS destination can be a log group in CloudWatch Logs , an Amazon S3 bucket, or a Firehose stream.", + "title": "DestinationResourceArn", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of this delivery destination.", + "title": "Name", + "type": "string" + }, + "OutputFormat": { + "markdownDescription": "The format of the logs that are sent to this delivery destination.", + "title": "OutputFormat", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to the delivery destination.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Name" + ], + "type": "object" }, "Type": { - "markdownDescription": "The repository type.", - "title": "Type", - "type": "string" - }, - "Url": { - "markdownDescription": "The source URL. The following is an example of an Amazon S3 source URL: `https://s3.amazonaws.com/opsworks-demo-bucket/opsworks_cookbook_demo.tar.gz` .", - "title": "Url", + "enum": [ + "AWS::Logs::DeliveryDestination" + ], "type": "string" }, - "Username": { - "markdownDescription": "This parameter depends on the repository type.\n\n- For Amazon S3 bundles, set `Username` to the appropriate IAM access key ID.\n- For HTTP bundles, Git repositories, and Subversion repositories, set `Username` to the user name.", - "title": "Username", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::OpsWorks::App.SslConfiguration": { + "AWS::Logs::DeliveryDestination.DestinationPolicy": { "additionalProperties": false, "properties": { - "Certificate": { - "markdownDescription": "The contents of the certificate's domain.crt file.", - "title": "Certificate", - "type": "string" - }, - "Chain": { - "markdownDescription": "Optional. Can be used to specify an intermediate certificate authority key or client authentication.", - "title": "Chain", + "DeliveryDestinationName": { + "markdownDescription": "", + "title": "DeliveryDestinationName", "type": "string" }, - "PrivateKey": { - "markdownDescription": "The private key; the contents of the certificate's domain.kex file.", - "title": "PrivateKey", - "type": "string" + "DeliveryDestinationPolicy": { + "markdownDescription": "", + "title": "DeliveryDestinationPolicy", + "type": "object" } }, "type": "object" }, - "AWS::OpsWorks::ElasticLoadBalancerAttachment": { + "AWS::Logs::DeliverySource": { "additionalProperties": false, "properties": { "Condition": { @@ -172967,26 +177127,38 @@ "Properties": { "additionalProperties": false, "properties": { - "ElasticLoadBalancerName": { - "markdownDescription": "The Elastic Load Balancing instance name.", - "title": "ElasticLoadBalancerName", + "LogType": { + "markdownDescription": "The type of log that the source is sending. For valid values for this parameter, see the documentation for the source service.", + "title": "LogType", "type": "string" }, - "LayerId": { - "markdownDescription": "The AWS OpsWorks layer ID to which the Elastic Load Balancing load balancer is attached.", - "title": "LayerId", + "Name": { + "markdownDescription": "The unique name of the delivery source.", + "title": "Name", + "type": "string" + }, + "ResourceArn": { + "markdownDescription": "The ARN of the AWS resource that is generating and sending logs. For example, `arn:aws:workmail:us-east-1:123456789012:organization/m-1234EXAMPLEabcd1234abcd1234abcd1234`", + "title": "ResourceArn", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to the delivery source.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, "required": [ - "ElasticLoadBalancerName", - "LayerId" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::OpsWorks::ElasticLoadBalancerAttachment" + "AWS::Logs::DeliverySource" ], "type": "string" }, @@ -173005,7 +177177,7 @@ ], "type": "object" }, - "AWS::OpsWorks::Instance": { + "AWS::Logs::Destination": { "additionalProperties": false, "properties": { "Condition": { @@ -173040,134 +177212,37 @@ "Properties": { "additionalProperties": false, "properties": { - "AgentVersion": { - "markdownDescription": "The default AWS OpsWorks Stacks agent version. You have the following options:\n\n- `INHERIT` - Use the stack's default agent version setting.\n- *version_number* - Use the specified agent version. This value overrides the stack's default setting. To update the agent version, edit the instance configuration and specify a new version. AWS OpsWorks Stacks installs that version on the instance.\n\nThe default setting is `INHERIT` . To specify an agent version, you must use the complete version number, not the abbreviated number shown on the console. For a list of available agent version numbers, call `DescribeAgentVersions` . AgentVersion cannot be set to Chef 12.2.", - "title": "AgentVersion", + "DestinationName": { + "markdownDescription": "The name of the destination.", + "title": "DestinationName", "type": "string" }, - "AmiId": { - "markdownDescription": "A custom AMI ID to be used to create the instance. The AMI should be based on one of the supported operating systems. For more information, see [Using Custom AMIs](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-custom-ami.html) .\n\n> If you specify a custom AMI, you must set `Os` to `Custom` .", - "title": "AmiId", - "type": "string" - }, - "Architecture": { - "markdownDescription": "The instance architecture. The default option is `x86_64` . Instance types do not necessarily support both architectures. For a list of the architectures that are supported by the different instance types, see [Instance Families and Types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) .", - "title": "Architecture", - "type": "string" - }, - "AutoScalingType": { - "markdownDescription": "For load-based or time-based instances, the type. Windows stacks can use only time-based instances.", - "title": "AutoScalingType", - "type": "string" - }, - "AvailabilityZone": { - "markdownDescription": "The Availability Zone of the AWS OpsWorks instance, such as `us-east-2a` .", - "title": "AvailabilityZone", - "type": "string" - }, - "BlockDeviceMappings": { - "items": { - "$ref": "#/definitions/AWS::OpsWorks::Instance.BlockDeviceMapping" - }, - "markdownDescription": "An array of `BlockDeviceMapping` objects that specify the instance's block devices. For more information, see [Block Device Mapping](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/block-device-mapping-concepts.html) . Note that block device mappings are not supported for custom AMIs.", - "title": "BlockDeviceMappings", - "type": "array" - }, - "EbsOptimized": { - "markdownDescription": "Whether to create an Amazon EBS-optimized instance.", - "title": "EbsOptimized", - "type": "boolean" - }, - "ElasticIps": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of Elastic IP addresses to associate with the instance.", - "title": "ElasticIps", - "type": "array" - }, - "Hostname": { - "markdownDescription": "The instance host name. The following are character limits for instance host names.\n\n- Linux-based instances: 63 characters\n- Windows-based instances: 15 characters", - "title": "Hostname", - "type": "string" - }, - "InstallUpdatesOnBoot": { - "markdownDescription": "Whether to install operating system and package updates when the instance boots. The default value is `true` . To control when updates are installed, set this value to `false` . You must then update your instances manually by using `CreateDeployment` to run the `update_dependencies` stack command or by manually running `yum` (Amazon Linux) or `apt-get` (Ubuntu) on the instances.\n\n> We strongly recommend using the default value of `true` to ensure that your instances have the latest security updates.", - "title": "InstallUpdatesOnBoot", - "type": "boolean" - }, - "InstanceType": { - "markdownDescription": "The instance type, such as `t2.micro` . For a list of supported instance types, open the stack in the console, choose *Instances* , and choose *+ Instance* . The *Size* list contains the currently supported types. For more information, see [Instance Families and Types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) . The parameter values that you use to specify the various types are in the *API Name* column of the *Available Instance Types* table.", - "title": "InstanceType", - "type": "string" - }, - "LayerIds": { - "items": { - "type": "string" - }, - "markdownDescription": "An array that contains the instance's layer IDs.", - "title": "LayerIds", - "type": "array" - }, - "Os": { - "markdownDescription": "The instance's operating system, which must be set to one of the following.\n\n- A supported Linux operating system: An Amazon Linux version, such as `Amazon Linux 2` , `Amazon Linux 2018.03` , `Amazon Linux 2017.09` , `Amazon Linux 2017.03` , `Amazon Linux 2016.09` , `Amazon Linux 2016.03` , `Amazon Linux 2015.09` , or `Amazon Linux 2015.03` .\n- A supported Ubuntu operating system, such as `Ubuntu 18.04 LTS` , `Ubuntu 16.04 LTS` , `Ubuntu 14.04 LTS` , or `Ubuntu 12.04 LTS` .\n- `CentOS Linux 7`\n- `Red Hat Enterprise Linux 7`\n- A supported Windows operating system, such as `Microsoft Windows Server 2012 R2 Base` , `Microsoft Windows Server 2012 R2 with SQL Server Express` , `Microsoft Windows Server 2012 R2 with SQL Server Standard` , or `Microsoft Windows Server 2012 R2 with SQL Server Web` .\n- A custom AMI: `Custom` .\n\nNot all operating systems are supported with all versions of Chef. For more information about the supported operating systems, see [AWS OpsWorks Stacks Operating Systems](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-os.html) .\n\nThe default option is the current Amazon Linux version. If you set this parameter to `Custom` , you must use the `CreateInstance` action's AmiId parameter to specify the custom AMI that you want to use. Block device mappings are not supported if the value is `Custom` . For more information about how to use custom AMIs with AWS OpsWorks Stacks, see [Using Custom AMIs](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-custom-ami.html) .", - "title": "Os", - "type": "string" - }, - "RootDeviceType": { - "markdownDescription": "The instance root device type. For more information, see [Storage for the Root Device](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ComponentsAMIs.html#storage-for-the-root-device) .", - "title": "RootDeviceType", - "type": "string" - }, - "SshKeyName": { - "markdownDescription": "The instance's Amazon EC2 key-pair name.", - "title": "SshKeyName", - "type": "string" - }, - "StackId": { - "markdownDescription": "The stack ID.", - "title": "StackId", - "type": "string" - }, - "SubnetId": { - "markdownDescription": "The ID of the instance's subnet. If the stack is running in a VPC, you can use this parameter to override the stack's default subnet ID value and direct AWS OpsWorks Stacks to launch the instance in a different subnet.", - "title": "SubnetId", + "DestinationPolicy": { + "markdownDescription": "An IAM policy document that governs which AWS accounts can create subscription filters against this destination.", + "title": "DestinationPolicy", "type": "string" }, - "Tenancy": { - "markdownDescription": "The instance's tenancy option. The default option is no tenancy, or if the instance is running in a VPC, inherit tenancy settings from the VPC. The following are valid values for this parameter: `dedicated` , `default` , or `host` . Because there are costs associated with changes in tenancy options, we recommend that you research tenancy options before choosing them for your instances. For more information about dedicated hosts, see [Dedicated Hosts Overview](https://docs.aws.amazon.com/ec2/dedicated-hosts/) and [Amazon EC2 Dedicated Hosts](https://docs.aws.amazon.com/ec2/dedicated-hosts/) . For more information about dedicated instances, see [Dedicated Instances](https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/dedicated-instance.html) and [Amazon EC2 Dedicated Instances](https://docs.aws.amazon.com/ec2/purchasing-options/dedicated-instances/) .", - "title": "Tenancy", + "RoleArn": { + "markdownDescription": "The ARN of an IAM role that permits CloudWatch Logs to send data to the specified AWS resource.", + "title": "RoleArn", "type": "string" }, - "TimeBasedAutoScaling": { - "$ref": "#/definitions/AWS::OpsWorks::Instance.TimeBasedAutoScaling", - "markdownDescription": "The time-based scaling configuration for the instance.", - "title": "TimeBasedAutoScaling" - }, - "VirtualizationType": { - "markdownDescription": "The instance's virtualization type, `paravirtual` or `hvm` .", - "title": "VirtualizationType", + "TargetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the physical target where the log events are delivered (for example, a Kinesis stream).", + "title": "TargetArn", "type": "string" - }, - "Volumes": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of AWS OpsWorks volume IDs to associate with the instance. For more information, see [`AWS::OpsWorks::Volume`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-opsworks-volume.html) .", - "title": "Volumes", - "type": "array" } }, "required": [ - "InstanceType", - "LayerIds", - "StackId" + "DestinationName", + "RoleArn", + "TargetArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::OpsWorks::Instance" + "AWS::Logs::Destination" ], "type": "string" }, @@ -173186,147 +177261,7 @@ ], "type": "object" }, - "AWS::OpsWorks::Instance.BlockDeviceMapping": { - "additionalProperties": false, - "properties": { - "DeviceName": { - "markdownDescription": "The device name that is exposed to the instance, such as `/dev/sdh` . For the root device, you can use the explicit device name or you can set this parameter to `ROOT_DEVICE` and AWS OpsWorks Stacks will provide the correct device name.", - "title": "DeviceName", - "type": "string" - }, - "Ebs": { - "$ref": "#/definitions/AWS::OpsWorks::Instance.EbsBlockDevice", - "markdownDescription": "An `EBSBlockDevice` that defines how to configure an Amazon EBS volume when the instance is launched. You can specify either the `VirtualName` or `Ebs` , but not both.", - "title": "Ebs" - }, - "NoDevice": { - "markdownDescription": "Suppresses the specified device included in the AMI's block device mapping.", - "title": "NoDevice", - "type": "string" - }, - "VirtualName": { - "markdownDescription": "The virtual device name. For more information, see [BlockDeviceMapping](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_BlockDeviceMapping.html) . You can specify either the `VirtualName` or `Ebs` , but not both.", - "title": "VirtualName", - "type": "string" - } - }, - "type": "object" - }, - "AWS::OpsWorks::Instance.EbsBlockDevice": { - "additionalProperties": false, - "properties": { - "DeleteOnTermination": { - "markdownDescription": "Whether the volume is deleted on instance termination.", - "title": "DeleteOnTermination", - "type": "boolean" - }, - "Iops": { - "markdownDescription": "The number of I/O operations per second (IOPS) that the volume supports. For more information, see [EbsBlockDevice](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_EbsBlockDevice.html) .", - "title": "Iops", - "type": "number" - }, - "SnapshotId": { - "markdownDescription": "The snapshot ID.", - "title": "SnapshotId", - "type": "string" - }, - "VolumeSize": { - "markdownDescription": "The volume size, in GiB. For more information, see [EbsBlockDevice](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_EbsBlockDevice.html) .", - "title": "VolumeSize", - "type": "number" - }, - "VolumeType": { - "markdownDescription": "The volume type. `gp2` for General Purpose (SSD) volumes, `io1` for Provisioned IOPS (SSD) volumes, `st1` for Throughput Optimized hard disk drives (HDD), `sc1` for Cold HDD,and `standard` for Magnetic volumes.\n\nIf you specify the `io1` volume type, you must also specify a value for the `Iops` attribute. The maximum ratio of provisioned IOPS to requested volume size (in GiB) is 50:1. AWS uses the default volume size (in GiB) specified in the AMI attributes to set IOPS to 50 x (volume size).", - "title": "VolumeType", - "type": "string" - } - }, - "type": "object" - }, - "AWS::OpsWorks::Instance.TimeBasedAutoScaling": { - "additionalProperties": false, - "properties": { - "Friday": { - "additionalProperties": true, - "markdownDescription": "The schedule for Friday.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Friday", - "type": "object" - }, - "Monday": { - "additionalProperties": true, - "markdownDescription": "The schedule for Monday.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Monday", - "type": "object" - }, - "Saturday": { - "additionalProperties": true, - "markdownDescription": "The schedule for Saturday.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Saturday", - "type": "object" - }, - "Sunday": { - "additionalProperties": true, - "markdownDescription": "The schedule for Sunday.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Sunday", - "type": "object" - }, - "Thursday": { - "additionalProperties": true, - "markdownDescription": "The schedule for Thursday.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Thursday", - "type": "object" - }, - "Tuesday": { - "additionalProperties": true, - "markdownDescription": "The schedule for Tuesday.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tuesday", - "type": "object" - }, - "Wednesday": { - "additionalProperties": true, - "markdownDescription": "The schedule for Wednesday.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Wednesday", - "type": "object" - } - }, - "type": "object" - }, - "AWS::OpsWorks::Layer": { + "AWS::Logs::Integration": { "additionalProperties": false, "properties": { "Condition": { @@ -173361,134 +177296,32 @@ "Properties": { "additionalProperties": false, "properties": { - "Attributes": { - "additionalProperties": true, - "markdownDescription": "One or more user-defined key-value pairs to be added to the stack attributes.\n\nTo create a cluster layer, set the `EcsClusterArn` attribute to the cluster's ARN.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Attributes", - "type": "object" - }, - "AutoAssignElasticIps": { - "markdownDescription": "Whether to automatically assign an [Elastic IP address](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html) to the layer's instances. For more information, see [How to Edit a Layer](https://docs.aws.amazon.com/opsworks/latest/userguide/workinglayers-basics-edit.html) .", - "title": "AutoAssignElasticIps", - "type": "boolean" - }, - "AutoAssignPublicIps": { - "markdownDescription": "For stacks that are running in a VPC, whether to automatically assign a public IP address to the layer's instances. For more information, see [How to Edit a Layer](https://docs.aws.amazon.com/opsworks/latest/userguide/workinglayers-basics-edit.html) .", - "title": "AutoAssignPublicIps", - "type": "boolean" - }, - "CustomInstanceProfileArn": { - "markdownDescription": "The ARN of an IAM profile to be used for the layer's EC2 instances. For more information about IAM ARNs, see [Using Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) .", - "title": "CustomInstanceProfileArn", - "type": "string" - }, - "CustomJson": { - "markdownDescription": "A JSON-formatted string containing custom stack configuration and deployment attributes to be installed on the layer's instances. For more information, see [Using Custom JSON](https://docs.aws.amazon.com/opsworks/latest/userguide/workingcookbook-json-override.html) . This feature is supported as of version 1.7.42 of the AWS CLI .", - "title": "CustomJson", - "type": "object" - }, - "CustomRecipes": { - "$ref": "#/definitions/AWS::OpsWorks::Layer.Recipes", - "markdownDescription": "A `LayerCustomRecipes` object that specifies the layer custom recipes.", - "title": "CustomRecipes" - }, - "CustomSecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "An array containing the layer custom security group IDs.", - "title": "CustomSecurityGroupIds", - "type": "array" - }, - "EnableAutoHealing": { - "markdownDescription": "Whether to disable auto healing for the layer.", - "title": "EnableAutoHealing", - "type": "boolean" - }, - "InstallUpdatesOnBoot": { - "markdownDescription": "Whether to install operating system and package updates when the instance boots. The default value is `true` . To control when updates are installed, set this value to `false` . You must then update your instances manually by using `CreateDeployment` to run the `update_dependencies` stack command or by manually running `yum` (Amazon Linux) or `apt-get` (Ubuntu) on the instances.\n\n> To ensure that your instances have the latest security updates, we strongly recommend using the default value of `true` .", - "title": "InstallUpdatesOnBoot", - "type": "boolean" - }, - "LifecycleEventConfiguration": { - "$ref": "#/definitions/AWS::OpsWorks::Layer.LifecycleEventConfiguration", - "markdownDescription": "A `LifeCycleEventConfiguration` object that you can use to configure the Shutdown event to specify an execution timeout and enable or disable Elastic Load Balancer connection draining.", - "title": "LifecycleEventConfiguration" - }, - "LoadBasedAutoScaling": { - "$ref": "#/definitions/AWS::OpsWorks::Layer.LoadBasedAutoScaling", - "markdownDescription": "The load-based scaling configuration for the AWS OpsWorks layer.", - "title": "LoadBasedAutoScaling" - }, - "Name": { - "markdownDescription": "The layer name, which is used by the console. Layer names can be a maximum of 32 characters.", - "title": "Name", - "type": "string" - }, - "Packages": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of `Package` objects that describes the layer packages.", - "title": "Packages", - "type": "array" - }, - "Shortname": { - "markdownDescription": "For custom layers only, use this parameter to specify the layer's short name, which is used internally by AWS OpsWorks Stacks and by Chef recipes. The short name is also used as the name for the directory where your app files are installed. It can have a maximum of 32 characters, which are limited to the alphanumeric characters, '-', '_', and '.'.\n\nBuilt-in layer short names are defined by AWS OpsWorks Stacks. For more information, see the [Layer Reference](https://docs.aws.amazon.com/opsworks/latest/userguide/layers.html) .", - "title": "Shortname", - "type": "string" - }, - "StackId": { - "markdownDescription": "The layer stack ID.", - "title": "StackId", + "IntegrationName": { + "markdownDescription": "The name of this integration.", + "title": "IntegrationName", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Specifies one or more sets of tags (key\u2013value pairs) to associate with this AWS OpsWorks layer. Use tags to manage your resources.", - "title": "Tags", - "type": "array" - }, - "Type": { - "markdownDescription": "The layer type. A stack cannot have more than one built-in layer of the same type. It can have any number of custom layers. Built-in layers are not available in Chef 12 stacks.", - "title": "Type", + "IntegrationType": { + "markdownDescription": "The type of integration. Integrations with OpenSearch Service have the type `OPENSEARCH` .", + "title": "IntegrationType", "type": "string" }, - "UseEbsOptimizedInstances": { - "markdownDescription": "Whether to use Amazon EBS-optimized instances.", - "title": "UseEbsOptimizedInstances", - "type": "boolean" - }, - "VolumeConfigurations": { - "items": { - "$ref": "#/definitions/AWS::OpsWorks::Layer.VolumeConfiguration" - }, - "markdownDescription": "A `VolumeConfigurations` object that describes the layer's Amazon EBS volumes.", - "title": "VolumeConfigurations", - "type": "array" + "ResourceConfig": { + "$ref": "#/definitions/AWS::Logs::Integration.ResourceConfig", + "markdownDescription": "This structure contains configuration details about an integration between CloudWatch Logs and another entity.", + "title": "ResourceConfig" } }, "required": [ - "AutoAssignElasticIps", - "AutoAssignPublicIps", - "EnableAutoHealing", - "Name", - "Shortname", - "StackId", - "Type" + "IntegrationName", + "IntegrationType", + "ResourceConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::OpsWorks::Layer" + "AWS::Logs::Integration" ], "type": "string" }, @@ -173507,178 +177340,56 @@ ], "type": "object" }, - "AWS::OpsWorks::Layer.AutoScalingThresholds": { - "additionalProperties": false, - "properties": { - "CpuThreshold": { - "markdownDescription": "The CPU utilization threshold, as a percent of the available CPU. A value of -1 disables the threshold.", - "title": "CpuThreshold", - "type": "number" - }, - "IgnoreMetricsTime": { - "markdownDescription": "The amount of time (in minutes) after a scaling event occurs that AWS OpsWorks Stacks should ignore metrics and suppress additional scaling events. For example, AWS OpsWorks Stacks adds new instances following an upscaling event but the instances won't start reducing the load until they have been booted and configured. There is no point in raising additional scaling events during that operation, which typically takes several minutes. `IgnoreMetricsTime` allows you to direct AWS OpsWorks Stacks to suppress scaling events long enough to get the new instances online.", - "title": "IgnoreMetricsTime", - "type": "number" - }, - "InstanceCount": { - "markdownDescription": "The number of instances to add or remove when the load exceeds a threshold.", - "title": "InstanceCount", - "type": "number" - }, - "LoadThreshold": { - "markdownDescription": "The load threshold. A value of -1 disables the threshold. For more information about how load is computed, see [Load (computing)](https://docs.aws.amazon.com/http://en.wikipedia.org/wiki/Load_%28computing%29) .", - "title": "LoadThreshold", - "type": "number" - }, - "MemoryThreshold": { - "markdownDescription": "The memory utilization threshold, as a percent of the available memory. A value of -1 disables the threshold.", - "title": "MemoryThreshold", - "type": "number" - }, - "ThresholdsWaitTime": { - "markdownDescription": "The amount of time, in minutes, that the load must exceed a threshold before more instances are added or removed.", - "title": "ThresholdsWaitTime", - "type": "number" - } - }, - "type": "object" - }, - "AWS::OpsWorks::Layer.LifecycleEventConfiguration": { - "additionalProperties": false, - "properties": { - "ShutdownEventConfiguration": { - "$ref": "#/definitions/AWS::OpsWorks::Layer.ShutdownEventConfiguration", - "markdownDescription": "The Shutdown event configuration.", - "title": "ShutdownEventConfiguration" - } - }, - "type": "object" - }, - "AWS::OpsWorks::Layer.LoadBasedAutoScaling": { - "additionalProperties": false, - "properties": { - "DownScaling": { - "$ref": "#/definitions/AWS::OpsWorks::Layer.AutoScalingThresholds", - "markdownDescription": "An `AutoScalingThresholds` object that describes the downscaling configuration, which defines how and when AWS OpsWorks Stacks reduces the number of instances.", - "title": "DownScaling" - }, - "Enable": { - "markdownDescription": "Whether load-based auto scaling is enabled for the layer.", - "title": "Enable", - "type": "boolean" - }, - "UpScaling": { - "$ref": "#/definitions/AWS::OpsWorks::Layer.AutoScalingThresholds", - "markdownDescription": "An `AutoScalingThresholds` object that describes the upscaling configuration, which defines how and when AWS OpsWorks Stacks increases the number of instances.", - "title": "UpScaling" - } - }, - "type": "object" - }, - "AWS::OpsWorks::Layer.Recipes": { + "AWS::Logs::Integration.OpenSearchResourceConfig": { "additionalProperties": false, "properties": { - "Configure": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of custom recipe names to be run following a `configure` event.", - "title": "Configure", - "type": "array" - }, - "Deploy": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of custom recipe names to be run following a `deploy` event.", - "title": "Deploy", - "type": "array" + "ApplicationARN": { + "markdownDescription": "If you want to use an existing OpenSearch Service application for your integration with OpenSearch Service, specify it here. If you omit this, a new application will be created.", + "title": "ApplicationARN", + "type": "string" }, - "Setup": { + "DashboardViewerPrincipals": { "items": { "type": "string" }, - "markdownDescription": "An array of custom recipe names to be run following a `setup` event.", - "title": "Setup", + "markdownDescription": "Specify the ARNs of IAM roles and IAM users who you want to grant permission to for viewing the dashboards.\n\n> In addition to specifying these users here, you must also grant them the *CloudWatchOpenSearchDashboardAccess* IAM policy. For more information, see [IAM policies for users](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/OpenSearch-Dashboards-UserRoles.html) .", + "title": "DashboardViewerPrincipals", "type": "array" }, - "Shutdown": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of custom recipe names to be run following a `shutdown` event.", - "title": "Shutdown", - "type": "array" + "DataSourceRoleArn": { + "markdownDescription": "Specify the ARN of an IAM role that CloudWatch Logs will use to create the integration. This role must have the permissions necessary to access the OpenSearch Service collection to be able to create the dashboards. For more information about the permissions needed, see [Permissions that the integration needs](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/OpenSearch-Dashboards-CreateRole.html) in the CloudWatch Logs User Guide.", + "title": "DataSourceRoleArn", + "type": "string" }, - "Undeploy": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of custom recipe names to be run following a `undeploy` event.", - "title": "Undeploy", - "type": "array" - } - }, - "type": "object" - }, - "AWS::OpsWorks::Layer.ShutdownEventConfiguration": { - "additionalProperties": false, - "properties": { - "DelayUntilElbConnectionsDrained": { - "markdownDescription": "Whether to enable Elastic Load Balancing connection draining. For more information, see [Connection Draining](https://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/TerminologyandKeyConcepts.html#conn-drain)", - "title": "DelayUntilElbConnectionsDrained", - "type": "boolean" + "KmsKeyArn": { + "markdownDescription": "To have the vended dashboard data encrypted with AWS KMS instead of the CloudWatch Logs default encryption method, specify the ARN of the AWS KMS key that you want to use.", + "title": "KmsKeyArn", + "type": "string" }, - "ExecutionTimeout": { - "markdownDescription": "The time, in seconds, that AWS OpsWorks Stacks waits after triggering a Shutdown event before shutting down an instance.", - "title": "ExecutionTimeout", + "RetentionDays": { + "markdownDescription": "Specify how many days that you want the data derived by OpenSearch Service to be retained in the index that the dashboard refers to. This also sets the maximum time period that you can choose when viewing data in the dashboard. Choosing a longer time frame will incur additional costs.", + "title": "RetentionDays", "type": "number" } }, + "required": [ + "DashboardViewerPrincipals", + "DataSourceRoleArn" + ], "type": "object" }, - "AWS::OpsWorks::Layer.VolumeConfiguration": { + "AWS::Logs::Integration.ResourceConfig": { "additionalProperties": false, "properties": { - "Encrypted": { - "markdownDescription": "Specifies whether an Amazon EBS volume is encrypted. For more information, see [Amazon EBS Encryption](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) .", - "title": "Encrypted", - "type": "boolean" - }, - "Iops": { - "markdownDescription": "The number of I/O operations per second (IOPS) to provision for the volume. For PIOPS volumes, the IOPS per disk.\n\nIf you specify `io1` for the volume type, you must specify this property.", - "title": "Iops", - "type": "number" - }, - "MountPoint": { - "markdownDescription": "The volume mount point. For example \"/dev/sdh\".", - "title": "MountPoint", - "type": "string" - }, - "NumberOfDisks": { - "markdownDescription": "The number of disks in the volume.", - "title": "NumberOfDisks", - "type": "number" - }, - "RaidLevel": { - "markdownDescription": "The volume [RAID level](https://docs.aws.amazon.com/http://en.wikipedia.org/wiki/Standard_RAID_levels) .", - "title": "RaidLevel", - "type": "number" - }, - "Size": { - "markdownDescription": "The volume size.", - "title": "Size", - "type": "number" - }, - "VolumeType": { - "markdownDescription": "The volume type. For more information, see [Amazon EBS Volume Types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) .\n\n- `standard` - Magnetic. Magnetic volumes must have a minimum size of 1 GiB and a maximum size of 1024 GiB.\n- `io1` - Provisioned IOPS (SSD). PIOPS volumes must have a minimum size of 4 GiB and a maximum size of 16384 GiB.\n- `gp2` - General Purpose (SSD). General purpose volumes must have a minimum size of 1 GiB and a maximum size of 16384 GiB.\n- `st1` - Throughput Optimized hard disk drive (HDD). Throughput optimized HDD volumes must have a minimum size of 125 GiB and a maximum size of 16384 GiB.\n- `sc1` - Cold HDD. Cold HDD volumes must have a minimum size of 125 GiB and a maximum size of 16384 GiB.", - "title": "VolumeType", - "type": "string" + "OpenSearchResourceConfig": { + "$ref": "#/definitions/AWS::Logs::Integration.OpenSearchResourceConfig", + "markdownDescription": "This structure contains configuration details about an integration between CloudWatch Logs and OpenSearch Service.", + "title": "OpenSearchResourceConfig" } }, "type": "object" }, - "AWS::OpsWorks::Stack": { + "AWS::Logs::LogAnomalyDetector": { "additionalProperties": false, "properties": { "Condition": { @@ -173713,160 +177424,50 @@ "Properties": { "additionalProperties": false, "properties": { - "AgentVersion": { - "markdownDescription": "The default AWS OpsWorks Stacks agent version. You have the following options:\n\n- Auto-update - Set this parameter to `LATEST` . AWS OpsWorks Stacks automatically installs new agent versions on the stack's instances as soon as they are available.\n- Fixed version - Set this parameter to your preferred agent version. To update the agent version, you must edit the stack configuration and specify a new version. AWS OpsWorks Stacks installs that version on the stack's instances.\n\nThe default setting is the most recent release of the agent. To specify an agent version, you must use the complete version number, not the abbreviated number shown on the console. For a list of available agent version numbers, call `DescribeAgentVersions` . AgentVersion cannot be set to Chef 12.2.\n\n> You can also specify an agent version when you create or update an instance, which overrides the stack's default setting.", - "title": "AgentVersion", - "type": "string" - }, - "Attributes": { - "additionalProperties": true, - "markdownDescription": "One or more user-defined key-value pairs to be added to the stack attributes.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Attributes", - "type": "object" - }, - "ChefConfiguration": { - "$ref": "#/definitions/AWS::OpsWorks::Stack.ChefConfiguration", - "markdownDescription": "A `ChefConfiguration` object that specifies whether to enable Berkshelf and the Berkshelf version on Chef 11.10 stacks. For more information, see [Create a New Stack](https://docs.aws.amazon.com/opsworks/latest/userguide/workingstacks-creating.html) .", - "title": "ChefConfiguration" - }, - "CloneAppIds": { - "items": { - "type": "string" - }, - "markdownDescription": "If you're cloning an AWS OpsWorks stack, a list of AWS OpsWorks application stack IDs from the source stack to include in the cloned stack.", - "title": "CloneAppIds", - "type": "array" - }, - "ClonePermissions": { - "markdownDescription": "If you're cloning an AWS OpsWorks stack, indicates whether to clone the source stack's permissions.", - "title": "ClonePermissions", - "type": "boolean" - }, - "ConfigurationManager": { - "$ref": "#/definitions/AWS::OpsWorks::Stack.StackConfigurationManager", - "markdownDescription": "The configuration manager. When you create a stack we recommend that you use the configuration manager to specify the Chef version: 12, 11.10, or 11.4 for Linux stacks, or 12.2 for Windows stacks. The default value for Linux stacks is currently 12.", - "title": "ConfigurationManager" - }, - "CustomCookbooksSource": { - "$ref": "#/definitions/AWS::OpsWorks::Stack.Source", - "markdownDescription": "Contains the information required to retrieve an app or cookbook from a repository. For more information, see [Adding Apps](https://docs.aws.amazon.com/opsworks/latest/userguide/workingapps-creating.html) or [Cookbooks and Recipes](https://docs.aws.amazon.com/opsworks/latest/userguide/workingcookbook.html) .", - "title": "CustomCookbooksSource" - }, - "CustomJson": { - "markdownDescription": "A string that contains user-defined, custom JSON. It can be used to override the corresponding default stack configuration attribute values or to pass data to recipes. The string should be in the following format:\n\n`\"{\\\"key1\\\": \\\"value1\\\", \\\"key2\\\": \\\"value2\\\",...}\"`\n\nFor more information about custom JSON, see [Use Custom JSON to Modify the Stack Configuration Attributes](https://docs.aws.amazon.com/opsworks/latest/userguide/workingstacks-json.html) .", - "title": "CustomJson", - "type": "object" - }, - "DefaultAvailabilityZone": { - "markdownDescription": "The stack's default Availability Zone, which must be in the specified region. For more information, see [Regions and Endpoints](https://docs.aws.amazon.com/general/latest/gr/rande.html) . If you also specify a value for `DefaultSubnetId` , the subnet must be in the same zone. For more information, see the `VpcId` parameter description.", - "title": "DefaultAvailabilityZone", - "type": "string" - }, - "DefaultInstanceProfileArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an IAM profile that is the default profile for all of the stack's EC2 instances. For more information about IAM ARNs, see [Using Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) .", - "title": "DefaultInstanceProfileArn", - "type": "string" - }, - "DefaultOs": { - "markdownDescription": "The stack's default operating system, which is installed on every instance unless you specify a different operating system when you create the instance. You can specify one of the following.\n\n- A supported Linux operating system: An Amazon Linux version, such as `Amazon Linux 2` , `Amazon Linux 2018.03` , `Amazon Linux 2017.09` , `Amazon Linux 2017.03` , `Amazon Linux 2016.09` , `Amazon Linux 2016.03` , `Amazon Linux 2015.09` , or `Amazon Linux 2015.03` .\n- A supported Ubuntu operating system, such as `Ubuntu 18.04 LTS` , `Ubuntu 16.04 LTS` , `Ubuntu 14.04 LTS` , or `Ubuntu 12.04 LTS` .\n- `CentOS Linux 7`\n- `Red Hat Enterprise Linux 7`\n- A supported Windows operating system, such as `Microsoft Windows Server 2012 R2 Base` , `Microsoft Windows Server 2012 R2 with SQL Server Express` , `Microsoft Windows Server 2012 R2 with SQL Server Standard` , or `Microsoft Windows Server 2012 R2 with SQL Server Web` .\n- A custom AMI: `Custom` . You specify the custom AMI you want to use when you create instances. For more information, see [Using Custom AMIs](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-custom-ami.html) .\n\nThe default option is the current Amazon Linux version. Not all operating systems are supported with all versions of Chef. For more information about supported operating systems, see [AWS OpsWorks Stacks Operating Systems](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-os.html) .", - "title": "DefaultOs", - "type": "string" - }, - "DefaultRootDeviceType": { - "markdownDescription": "The default root device type. This value is the default for all instances in the stack, but you can override it when you create an instance. The default option is `instance-store` . For more information, see [Storage for the Root Device](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ComponentsAMIs.html#storage-for-the-root-device) .", - "title": "DefaultRootDeviceType", - "type": "string" - }, - "DefaultSshKeyName": { - "markdownDescription": "A default Amazon EC2 key pair name. The default value is none. If you specify a key pair name, AWS OpsWorks installs the public key on the instance and you can use the private key with an SSH client to log in to the instance. For more information, see [Using SSH to Communicate with an Instance](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-ssh.html) and [Managing SSH Access](https://docs.aws.amazon.com/opsworks/latest/userguide/security-ssh-access.html) . You can override this setting by specifying a different key pair, or no key pair, when you [create an instance](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-add.html) .", - "title": "DefaultSshKeyName", - "type": "string" - }, - "DefaultSubnetId": { - "markdownDescription": "The stack's default subnet ID. All instances are launched into this subnet unless you specify another subnet ID when you create the instance. This parameter is required if you specify a value for the `VpcId` parameter. If you also specify a value for `DefaultAvailabilityZone` , the subnet must be in that zone.", - "title": "DefaultSubnetId", - "type": "string" - }, - "EcsClusterArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Elastic Container Service ( Amazon ECS ) cluster to register with the AWS OpsWorks stack.\n\n> If you specify a cluster that's registered with another AWS OpsWorks stack, AWS CloudFormation deregisters the existing association before registering the cluster.", - "title": "EcsClusterArn", + "AccountId": { + "markdownDescription": "The ID of the account to create the anomaly detector in.", + "title": "AccountId", "type": "string" }, - "ElasticIps": { - "items": { - "$ref": "#/definitions/AWS::OpsWorks::Stack.ElasticIp" - }, - "markdownDescription": "A list of Elastic IP addresses to register with the AWS OpsWorks stack.\n\n> If you specify an IP address that's registered with another AWS OpsWorks stack, AWS CloudFormation deregisters the existing association before registering the IP address.", - "title": "ElasticIps", - "type": "array" + "AnomalyVisibilityTime": { + "markdownDescription": "The number of days to have visibility on an anomaly. After this time period has elapsed for an anomaly, it will be automatically baselined and the anomaly detector will treat new occurrences of a similar anomaly as normal. Therefore, if you do not correct the cause of an anomaly during the time period specified in `AnomalyVisibilityTime` , it will be considered normal going forward and will not be detected as an anomaly.", + "title": "AnomalyVisibilityTime", + "type": "number" }, - "HostnameTheme": { - "markdownDescription": "The stack's host name theme, with spaces replaced by underscores. The theme is used to generate host names for the stack's instances. By default, `HostnameTheme` is set to `Layer_Dependent` , which creates host names by appending integers to the layer's short name. The other themes are:\n\n- `Baked_Goods`\n- `Clouds`\n- `Europe_Cities`\n- `Fruits`\n- `Greek_Deities_and_Titans`\n- `Legendary_creatures_from_Japan`\n- `Planets_and_Moons`\n- `Roman_Deities`\n- `Scottish_Islands`\n- `US_Cities`\n- `Wild_Cats`\n\nTo obtain a generated host name, call `GetHostNameSuggestion` , which returns a host name based on the current theme.", - "title": "HostnameTheme", + "DetectorName": { + "markdownDescription": "A name for this anomaly detector.", + "title": "DetectorName", "type": "string" }, - "Name": { - "markdownDescription": "The stack name. Stack names can be a maximum of 64 characters.", - "title": "Name", + "EvaluationFrequency": { + "markdownDescription": "Specifies how often the anomaly detector is to run and look for anomalies. Set this value according to the frequency that the log group receives new logs. For example, if the log group receives new log events every 10 minutes, then 15 minutes might be a good setting for `EvaluationFrequency` .", + "title": "EvaluationFrequency", "type": "string" }, - "RdsDbInstances": { - "items": { - "$ref": "#/definitions/AWS::OpsWorks::Stack.RdsDbInstance" - }, - "markdownDescription": "The Amazon Relational Database Service ( Amazon RDS ) database instance to register with the AWS OpsWorks stack.\n\n> If you specify a database instance that's registered with another AWS OpsWorks stack, AWS CloudFormation deregisters the existing association before registering the database instance.", - "title": "RdsDbInstances", - "type": "array" - }, - "ServiceRoleArn": { - "markdownDescription": "The stack's IAM role, which allows AWS OpsWorks Stacks to work with AWS resources on your behalf. You must set this parameter to the Amazon Resource Name (ARN) for an existing IAM role. For more information about IAM ARNs, see [Using Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) .", - "title": "ServiceRoleArn", + "FilterPattern": { + "markdownDescription": "You can use this parameter to limit the anomaly detection model to examine only log events that match the pattern you specify here. For more information, see [Filter and Pattern Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html) .", + "title": "FilterPattern", "type": "string" }, - "SourceStackId": { - "markdownDescription": "If you're cloning an AWS OpsWorks stack, the stack ID of the source AWS OpsWorks stack to clone.", - "title": "SourceStackId", + "KmsKeyId": { + "markdownDescription": "Optionally assigns a AWS KMS key to secure this anomaly detector and its findings. If a key is assigned, the anomalies found and the model used by this detector are encrypted at rest with the key. If a key is assigned to an anomaly detector, a user must have permissions for both this key and for the anomaly detector to retrieve information about the anomalies that it finds.\n\nFor more information about using a AWS KMS key and to see the required IAM policy, see [Use a AWS KMS key with an anomaly detector](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/LogsAnomalyDetection-KMS.html) .", + "title": "KmsKeyId", "type": "string" }, - "Tags": { + "LogGroupArnList": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "A map that contains tag keys and tag values that are attached to a stack or layer.\n\n- The key cannot be empty.\n- The key can be a maximum of 127 characters, and can contain only Unicode letters, numbers, or separators, or the following special characters: `+ - = . _ : /`\n- The value can be a maximum 255 characters, and contain only Unicode letters, numbers, or separators, or the following special characters: `+ - = . _ : /`\n- Leading and trailing white spaces are trimmed from both the key and value.\n- A maximum of 40 tags is allowed for any resource.", - "title": "Tags", + "markdownDescription": "The ARN of the log group that is associated with this anomaly detector. You can specify only one log group ARN.", + "title": "LogGroupArnList", "type": "array" - }, - "UseCustomCookbooks": { - "markdownDescription": "Whether the stack uses custom cookbooks.", - "title": "UseCustomCookbooks", - "type": "boolean" - }, - "UseOpsworksSecurityGroups": { - "markdownDescription": "Whether to associate the AWS OpsWorks Stacks built-in security groups with the stack's layers.\n\nAWS OpsWorks Stacks provides a standard set of built-in security groups, one for each layer, which are associated with layers by default. With `UseOpsworksSecurityGroups` you can instead provide your own custom security groups. `UseOpsworksSecurityGroups` has the following settings:\n\n- True - AWS OpsWorks Stacks automatically associates the appropriate built-in security group with each layer (default setting). You can associate additional security groups with a layer after you create it, but you cannot delete the built-in security group.\n- False - AWS OpsWorks Stacks does not associate built-in security groups with layers. You must create appropriate EC2 security groups and associate a security group with each layer that you create. However, you can still manually associate a built-in security group with a layer on creation; custom security groups are required only for those layers that need custom settings.\n\nFor more information, see [Create a New Stack](https://docs.aws.amazon.com/opsworks/latest/userguide/workingstacks-creating.html) .", - "title": "UseOpsworksSecurityGroups", - "type": "boolean" - }, - "VpcId": { - "markdownDescription": "The ID of the VPC that the stack is to be launched into. The VPC must be in the stack's region. All instances are launched into this VPC. You cannot change the ID later.\n\n- If your account supports EC2-Classic, the default value is `no VPC` .\n- If your account does not support EC2-Classic, the default value is the default VPC for the specified region.\n\nIf the VPC ID corresponds to a default VPC and you have specified either the `DefaultAvailabilityZone` or the `DefaultSubnetId` parameter only, AWS OpsWorks Stacks infers the value of the other parameter. If you specify neither parameter, AWS OpsWorks Stacks sets these parameters to the first valid Availability Zone for the specified region and the corresponding default VPC subnet ID, respectively.\n\nIf you specify a nondefault VPC ID, note the following:\n\n- It must belong to a VPC in your account that is in the specified region.\n- You must specify a value for `DefaultSubnetId` .\n\nFor more information about how to use AWS OpsWorks Stacks with a VPC, see [Running a Stack in a VPC](https://docs.aws.amazon.com/opsworks/latest/userguide/workingstacks-vpc.html) . For more information about default VPC and EC2-Classic, see [Supported Platforms](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-supported-platforms.html) .", - "title": "VpcId", - "type": "string" } }, - "required": [ - "DefaultInstanceProfileArn", - "Name", - "ServiceRoleArn" - ], "type": "object" }, "Type": { "enum": [ - "AWS::OpsWorks::Stack" + "AWS::Logs::LogAnomalyDetector" ], "type": "string" }, @@ -173880,125 +177481,11 @@ } }, "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::OpsWorks::Stack.ChefConfiguration": { - "additionalProperties": false, - "properties": { - "BerkshelfVersion": { - "markdownDescription": "The Berkshelf version.", - "title": "BerkshelfVersion", - "type": "string" - }, - "ManageBerkshelf": { - "markdownDescription": "Whether to enable Berkshelf.", - "title": "ManageBerkshelf", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::OpsWorks::Stack.ElasticIp": { - "additionalProperties": false, - "properties": { - "Ip": { - "markdownDescription": "The IP address.", - "title": "Ip", - "type": "string" - }, - "Name": { - "markdownDescription": "The name, which can be a maximum of 32 characters.", - "title": "Name", - "type": "string" - } - }, - "required": [ - "Ip" - ], - "type": "object" - }, - "AWS::OpsWorks::Stack.RdsDbInstance": { - "additionalProperties": false, - "properties": { - "DbPassword": { - "markdownDescription": "AWS OpsWorks Stacks returns `*****FILTERED*****` instead of the actual value.", - "title": "DbPassword", - "type": "string" - }, - "DbUser": { - "markdownDescription": "The master user name.", - "title": "DbUser", - "type": "string" - }, - "RdsDbInstanceArn": { - "markdownDescription": "The instance's ARN.", - "title": "RdsDbInstanceArn", - "type": "string" - } - }, - "required": [ - "DbPassword", - "DbUser", - "RdsDbInstanceArn" + "Type" ], "type": "object" }, - "AWS::OpsWorks::Stack.Source": { - "additionalProperties": false, - "properties": { - "Password": { - "markdownDescription": "When included in a request, the parameter depends on the repository type.\n\n- For Amazon S3 bundles, set `Password` to the appropriate IAM secret access key.\n- For HTTP bundles and Subversion repositories, set `Password` to the password.\n\nFor more information on how to safely handle IAM credentials, see [](https://docs.aws.amazon.com/general/latest/gr/aws-access-keys-best-practices.html) .\n\nIn responses, AWS OpsWorks Stacks returns `*****FILTERED*****` instead of the actual value.", - "title": "Password", - "type": "string" - }, - "Revision": { - "markdownDescription": "The application's version. AWS OpsWorks Stacks enables you to easily deploy new versions of an application. One of the simplest approaches is to have branches or revisions in your repository that represent different versions that can potentially be deployed.", - "title": "Revision", - "type": "string" - }, - "SshKey": { - "markdownDescription": "The repository's SSH key. For more information, see [Using Git Repository SSH Keys](https://docs.aws.amazon.com/opsworks/latest/userguide/workingapps-deploykeys.html) in the *AWS OpsWorks User Guide* . To pass in an SSH key as a parameter, see the following example:\n\n`\"Parameters\" : { \"GitSSHKey\" : { \"Description\" : \"Change SSH key newlines to commas.\", \"Type\" : \"CommaDelimitedList\", \"NoEcho\" : \"true\" }, ... \"CustomCookbooksSource\": { \"Revision\" : { \"Ref\": \"GitRevision\"}, \"SshKey\" : { \"Fn::Join\" : [ \"\\n\", { \"Ref\": \"GitSSHKey\"} ] }, \"Type\": \"git\", \"Url\": { \"Ref\": \"GitURL\"} } ...`", - "title": "SshKey", - "type": "string" - }, - "Type": { - "markdownDescription": "The repository type.", - "title": "Type", - "type": "string" - }, - "Url": { - "markdownDescription": "The source URL. The following is an example of an Amazon S3 source URL: `https://s3.amazonaws.com/opsworks-demo-bucket/opsworks_cookbook_demo.tar.gz` .", - "title": "Url", - "type": "string" - }, - "Username": { - "markdownDescription": "This parameter depends on the repository type.\n\n- For Amazon S3 bundles, set `Username` to the appropriate IAM access key ID.\n- For HTTP bundles, Git repositories, and Subversion repositories, set `Username` to the user name.", - "title": "Username", - "type": "string" - } - }, - "type": "object" - }, - "AWS::OpsWorks::Stack.StackConfigurationManager": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name. This parameter must be set to `Chef` .", - "title": "Name", - "type": "string" - }, - "Version": { - "markdownDescription": "The Chef version. This parameter must be set to 12, 11.10, or 11.4 for Linux stacks, and to 12.2 for Windows stacks. The default value for Linux stacks is 12.", - "title": "Version", - "type": "string" - } - }, - "type": "object" - }, - "AWS::OpsWorks::UserProfile": { + "AWS::Logs::LogGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -174033,35 +177520,53 @@ "Properties": { "additionalProperties": false, "properties": { - "AllowSelfManagement": { - "markdownDescription": "Whether users can specify their own SSH public key through the My Settings page. For more information, see [Managing User Permissions](https://docs.aws.amazon.com/opsworks/latest/userguide/security-settingsshkey.html) .", - "title": "AllowSelfManagement", - "type": "boolean" + "DataProtectionPolicy": { + "markdownDescription": "Creates a data protection policy and assigns it to the log group. A data protection policy can help safeguard sensitive data that's ingested by the log group by auditing and masking the sensitive log data. When a user who does not have permission to view masked data views a log event that includes masked data, the sensitive data is replaced by asterisks.\n\nFor more information, including a list of types of data that can be audited and masked, see [Protect sensitive log data with masking](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/mask-sensitive-log-data.html) .", + "title": "DataProtectionPolicy", + "type": "object" }, - "IamUserArn": { - "markdownDescription": "The user's IAM ARN.", - "title": "IamUserArn", + "FieldIndexPolicies": { + "items": { + "type": "object" + }, + "markdownDescription": "Creates or updates a *field index policy* for the specified log group. Only log groups in the Standard log class support field index policies. For more information about log classes, see [Log classes](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch_Logs_Log_Classes.html) .\n\nYou can use field index policies to create *field indexes* on fields found in log events in the log group. Creating field indexes lowers the costs for CloudWatch Logs Insights queries that reference those field indexes, because these queries attempt to skip the processing of log events that are known to not match the indexed field. Good fields to index are fields that you often need to query for and fields that have high cardinality of values Common examples of indexes include request ID, session ID, userID, and instance IDs. For more information, see [Create field indexes to improve query performance and reduce costs](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatchLogs-Field-Indexing.html) .\n\nCurrently, this array supports only one field index policy object.", + "title": "FieldIndexPolicies", + "type": "array" + }, + "KmsKeyId": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key to use when encrypting log data.\n\nTo associate an AWS KMS key with the log group, specify the ARN of that KMS key here. If you do so, ingested data is encrypted using this key. This association is stored as long as the data encrypted with the KMS key is still within CloudWatch Logs . This enables CloudWatch Logs to decrypt this data whenever it is requested.\n\nIf you attempt to associate a KMS key with the log group but the KMS key doesn't exist or is deactivated, you will receive an `InvalidParameterException` error.\n\nLog group data is always encrypted in CloudWatch Logs . If you omit this key, the encryption does not use AWS KMS . For more information, see [Encrypt log data in CloudWatch Logs using AWS Key Management Service](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/encrypt-log-data-kms.html)", + "title": "KmsKeyId", "type": "string" }, - "SshPublicKey": { - "markdownDescription": "The user's SSH public key.", - "title": "SshPublicKey", + "LogGroupClass": { + "markdownDescription": "Specifies the log group class for this log group. There are two classes:\n\n- The `Standard` log class supports all CloudWatch Logs features.\n- The `Infrequent Access` log class supports a subset of CloudWatch Logs features and incurs lower costs.\n\nFor details about the features supported by each class, see [Log classes](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch_Logs_Log_Classes.html)", + "title": "LogGroupClass", "type": "string" }, - "SshUsername": { - "markdownDescription": "The user's SSH user name.", - "title": "SshUsername", + "LogGroupName": { + "markdownDescription": "The name of the log group. If you don't specify a name, AWS CloudFormation generates a unique ID for the log group.", + "title": "LogGroupName", "type": "string" + }, + "RetentionInDays": { + "markdownDescription": "The number of days to retain the log events in the specified log group. Possible values are: 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1096, 1827, 2192, 2557, 2922, 3288, and 3653.\n\nTo set a log group so that its log events do not expire, use [DeleteRetentionPolicy](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DeleteRetentionPolicy.html) .", + "title": "RetentionInDays", + "type": "number" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to the log group.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, - "required": [ - "IamUserArn" - ], "type": "object" }, "Type": { "enum": [ - "AWS::OpsWorks::UserProfile" + "AWS::Logs::LogGroup" ], "type": "string" }, @@ -174075,12 +177580,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::OpsWorks::Volume": { + "AWS::Logs::LogStream": { "additionalProperties": false, "properties": { "Condition": { @@ -174115,36 +177619,25 @@ "Properties": { "additionalProperties": false, "properties": { - "Ec2VolumeId": { - "markdownDescription": "The Amazon EC2 volume ID.", - "title": "Ec2VolumeId", - "type": "string" - }, - "MountPoint": { - "markdownDescription": "The volume mount point. For example, \"/mnt/disk1\".", - "title": "MountPoint", - "type": "string" - }, - "Name": { - "markdownDescription": "The volume name. Volume names are a maximum of 128 characters.", - "title": "Name", + "LogGroupName": { + "markdownDescription": "The name of the log group where the log stream is created.", + "title": "LogGroupName", "type": "string" }, - "StackId": { - "markdownDescription": "The stack ID.", - "title": "StackId", + "LogStreamName": { + "markdownDescription": "The name of the log stream. The name must be unique within the log group.", + "title": "LogStreamName", "type": "string" } }, "required": [ - "Ec2VolumeId", - "StackId" + "LogGroupName" ], "type": "object" }, "Type": { "enum": [ - "AWS::OpsWorks::Volume" + "AWS::Logs::LogStream" ], "type": "string" }, @@ -174163,7 +177656,7 @@ ], "type": "object" }, - "AWS::OpsWorksCM::Server": { + "AWS::Logs::MetricFilter": { "additionalProperties": false, "properties": { "Condition": { @@ -174198,129 +177691,45 @@ "Properties": { "additionalProperties": false, "properties": { - "AssociatePublicIpAddress": { - "markdownDescription": "Associate a public IP address with a server that you are launching. Valid values are `true` or `false` . The default value is `true` .", - "title": "AssociatePublicIpAddress", - "type": "boolean" - }, - "BackupId": { - "markdownDescription": "If you specify this field, AWS OpsWorks CM creates the server by using the backup represented by BackupId.", - "title": "BackupId", - "type": "string" - }, - "BackupRetentionCount": { - "markdownDescription": "The number of automated backups that you want to keep. Whenever a new backup is created, AWS OpsWorks CM deletes the oldest backups if this number is exceeded. The default value is `1` .", - "title": "BackupRetentionCount", - "type": "number" - }, - "CustomCertificate": { - "markdownDescription": "Supported on servers running Chef Automate 2.0 only. A PEM-formatted HTTPS certificate. The value can be be a single, self-signed certificate, or a certificate chain. If you specify a custom certificate, you must also specify values for `CustomDomain` and `CustomPrivateKey` . The following are requirements for the `CustomCertificate` value:\n\n- You can provide either a self-signed, custom certificate, or the full certificate chain.\n- The certificate must be a valid X509 certificate, or a certificate chain in PEM format.\n- The certificate must be valid at the time of upload. A certificate can't be used before its validity period begins (the certificate's `NotBefore` date), or after it expires (the certificate's `NotAfter` date).\n- The certificate\u2019s common name or subject alternative names (SANs), if present, must match the value of `CustomDomain` .\n- The certificate must match the value of `CustomPrivateKey` .", - "title": "CustomCertificate", - "type": "string" - }, - "CustomDomain": { - "markdownDescription": "Supported on servers running Chef Automate 2.0 only. An optional public endpoint of a server, such as `https://aws.my-company.com` . To access the server, create a CNAME DNS record in your preferred DNS service that points the custom domain to the endpoint that is generated when the server is created (the value of the CreateServer Endpoint attribute). You cannot access the server by using the generated `Endpoint` value if the server is using a custom domain. If you specify a custom domain, you must also specify values for `CustomCertificate` and `CustomPrivateKey` .", - "title": "CustomDomain", - "type": "string" - }, - "CustomPrivateKey": { - "markdownDescription": "Supported on servers running Chef Automate 2.0 only. A private key in PEM format for connecting to the server by using HTTPS. The private key must not be encrypted; it cannot be protected by a password or passphrase. If you specify a custom private key, you must also specify values for `CustomDomain` and `CustomCertificate` .", - "title": "CustomPrivateKey", - "type": "string" - }, - "DisableAutomatedBackup": { - "markdownDescription": "Enable or disable scheduled backups. Valid values are `true` or `false` . The default value is `true` .", - "title": "DisableAutomatedBackup", + "ApplyOnTransformedLogs": { + "markdownDescription": "This parameter is valid only for log groups that have an active log transformer. For more information about log transformers, see [PutTransformer](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutTransformer.html) .\n\nIf this value is `true` , the metric filter is applied on the transformed version of the log events instead of the original ingested log events.", + "title": "ApplyOnTransformedLogs", "type": "boolean" }, - "Engine": { - "markdownDescription": "The configuration management engine to use. Valid values include `ChefAutomate` and `Puppet` .", - "title": "Engine", - "type": "string" - }, - "EngineAttributes": { - "items": { - "$ref": "#/definitions/AWS::OpsWorksCM::Server.EngineAttribute" - }, - "markdownDescription": "Optional engine attributes on a specified server.\n\n**Attributes accepted in a Chef createServer request:** - `CHEF_AUTOMATE_PIVOTAL_KEY` : A base64-encoded RSA public key. The corresponding private key is required to access the Chef API. When no CHEF_AUTOMATE_PIVOTAL_KEY is set, a private key is generated and returned in the response. When you are specifying the value of CHEF_AUTOMATE_PIVOTAL_KEY as a parameter in the AWS CloudFormation console, you must add newline ( `\\n` ) characters at the end of each line of the pivotal key value.\n- `CHEF_AUTOMATE_ADMIN_PASSWORD` : The password for the administrative user in the Chef Automate web-based dashboard. The password length is a minimum of eight characters, and a maximum of 32. The password can contain letters, numbers, and special characters (!/@#$%^&+=_). The password must contain at least one lower case letter, one upper case letter, one number, and one special character. When no CHEF_AUTOMATE_ADMIN_PASSWORD is set, one is generated and returned in the response.\n\n**Attributes accepted in a Puppet createServer request:** - `PUPPET_ADMIN_PASSWORD` : To work with the Puppet Enterprise console, a password must use ASCII characters.\n- `PUPPET_R10K_REMOTE` : The r10k remote is the URL of your control repository (for example, ssh://git@your.git-repo.com:user/control-repo.git). Specifying an r10k remote opens TCP port 8170.\n- `PUPPET_R10K_PRIVATE_KEY` : If you are using a private Git repository, add PUPPET_R10K_PRIVATE_KEY to specify a PEM-encoded private SSH key.", - "title": "EngineAttributes", - "type": "array" - }, - "EngineModel": { - "markdownDescription": "The engine model of the server. Valid values in this release include `Monolithic` for Puppet and `Single` for Chef.", - "title": "EngineModel", - "type": "string" - }, - "EngineVersion": { - "markdownDescription": "The major release version of the engine that you want to use. For a Chef server, the valid value for EngineVersion is currently `2` . For a Puppet server, valid values are `2019` or `2017` .", - "title": "EngineVersion", - "type": "string" - }, - "InstanceProfileArn": { - "markdownDescription": "The ARN of the instance profile that your Amazon EC2 instances use.", - "title": "InstanceProfileArn", - "type": "string" - }, - "InstanceType": { - "markdownDescription": "The Amazon EC2 instance type to use. For example, `m5.large` .", - "title": "InstanceType", - "type": "string" - }, - "KeyPair": { - "markdownDescription": "The Amazon EC2 key pair to set for the instance. This parameter is optional; if desired, you may specify this parameter to connect to your instances by using SSH.", - "title": "KeyPair", - "type": "string" - }, - "PreferredBackupWindow": { - "markdownDescription": "The start time for a one-hour period during which AWS OpsWorks CM backs up application-level data on your server if automated backups are enabled. Valid values must be specified in one of the following formats:\n\n- `HH:MM` for daily backups\n- `DDD:HH:MM` for weekly backups\n\n`MM` must be specified as `00` . The specified time is in coordinated universal time (UTC). The default value is a random, daily start time.\n\n*Example:* `08:00` , which represents a daily start time of 08:00 UTC.\n\n*Example:* `Mon:08:00` , which represents a start time of every Monday at 08:00 UTC. (8:00 a.m.)", - "title": "PreferredBackupWindow", + "FilterName": { + "markdownDescription": "The name of the metric filter.", + "title": "FilterName", "type": "string" }, - "PreferredMaintenanceWindow": { - "markdownDescription": "The start time for a one-hour period each week during which AWS OpsWorks CM performs maintenance on the instance. Valid values must be specified in the following format: `DDD:HH:MM` . `MM` must be specified as `00` . The specified time is in coordinated universal time (UTC). The default value is a random one-hour period on Tuesday, Wednesday, or Friday. See `TimeWindowDefinition` for more information.\n\n*Example:* `Mon:08:00` , which represents a start time of every Monday at 08:00 UTC. (8:00 a.m.)", - "title": "PreferredMaintenanceWindow", + "FilterPattern": { + "markdownDescription": "A filter pattern for extracting metric data out of ingested log events. For more information, see [Filter and Pattern Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html) .", + "title": "FilterPattern", "type": "string" }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of security group IDs to attach to the Amazon EC2 instance. If you add this parameter, the specified security groups must be within the VPC that is specified by `SubnetIds` .\n\nIf you do not specify this parameter, AWS OpsWorks CM creates one new security group that uses TCP ports 22 and 443, open to 0.0.0.0/0 (everyone).", - "title": "SecurityGroupIds", - "type": "array" - }, - "ServiceRoleArn": { - "markdownDescription": "The service role that the AWS OpsWorks CM service backend uses to work with your account. Although the AWS OpsWorks management console typically creates the service role for you, if you are using the AWS CLI or API commands, run the service-role-creation.yaml AWS CloudFormation template, located at https://s3.amazonaws.com/opsworks-cm-us-east-1-prod-default-assets/misc/opsworks-cm-roles.yaml. This template creates a CloudFormation stack that includes the service role and instance profile that you need.", - "title": "ServiceRoleArn", + "LogGroupName": { + "markdownDescription": "The name of an existing log group that you want to associate with this metric filter.", + "title": "LogGroupName", "type": "string" }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of subnets in which to launch the server EC2 instance.\n\nAmazon EC2-Classic customers: This field is required. All servers must run within a VPC. The VPC must have \"Auto Assign Public IP\" enabled.\n\nEC2-VPC customers: This field is optional. If you do not specify subnet IDs, your EC2 instances are created in a default subnet that is selected by Amazon EC2. If you specify subnet IDs, the VPC must have \"Auto Assign Public IP\" enabled.\n\nFor more information about supported Amazon EC2 platforms, see [Supported Platforms](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-supported-platforms.html) .", - "title": "SubnetIds", - "type": "array" - }, - "Tags": { + "MetricTransformations": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Logs::MetricFilter.MetricTransformation" }, - "markdownDescription": "A map that contains tag keys and tag values to attach to an AWS OpsWorks for Chef Automate or OpsWorks for Puppet Enterprise server.\n\n- The key cannot be empty.\n- The key can be a maximum of 127 characters, and can contain only Unicode letters, numbers, or separators, or the following special characters: `+ - = . _ : / @`\n- The value can be a maximum 255 characters, and contain only Unicode letters, numbers, or separators, or the following special characters: `+ - = . _ : / @`\n- Leading and trailing spaces are trimmed from both the key and value.\n- A maximum of 50 user-applied tags is allowed for any AWS OpsWorks CM server.", - "title": "Tags", + "markdownDescription": "The metric transformations.", + "title": "MetricTransformations", "type": "array" } }, "required": [ - "InstanceProfileArn", - "InstanceType", - "ServiceRoleArn" + "FilterPattern", + "LogGroupName", + "MetricTransformations" ], "type": "object" }, "Type": { "enum": [ - "AWS::OpsWorksCM::Server" + "AWS::Logs::MetricFilter" ], "type": "string" }, @@ -174339,117 +177748,71 @@ ], "type": "object" }, - "AWS::OpsWorksCM::Server.EngineAttribute": { + "AWS::Logs::MetricFilter.Dimension": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the engine attribute.\n\n*Attribute name for Chef Automate servers:*\n\n- `CHEF_AUTOMATE_ADMIN_PASSWORD`\n\n*Attribute names for Puppet Enterprise servers:*\n\n- `PUPPET_ADMIN_PASSWORD`\n- `PUPPET_R10K_REMOTE`\n- `PUPPET_R10K_PRIVATE_KEY`", - "title": "Name", + "Key": { + "markdownDescription": "The name for the CloudWatch metric dimension that the metric filter creates.\n\nDimension names must contain only ASCII characters, must include at least one non-whitespace character, and cannot start with a colon (:).", + "title": "Key", "type": "string" }, "Value": { - "markdownDescription": "The value of the engine attribute.\n\n*Attribute value for Chef Automate servers:*\n\n- `CHEF_AUTOMATE_PIVOTAL_KEY` : A base64-encoded RSA public key. The corresponding private key is required to access the Chef API. You can generate this key by running the following [OpenSSL](https://docs.aws.amazon.com/https://www.openssl.org/) command on Linux-based computers.\n\n`openssl genrsa -out *pivotal_key_file_name* .pem 2048`\n\nOn Windows-based computers, you can use the PuTTYgen utility to generate a base64-encoded RSA private key. For more information, see [PuTTYgen - Key Generator for PuTTY on Windows](https://docs.aws.amazon.com/https://www.ssh.com/ssh/putty/windows/puttygen) on SSH.com.\n\n*Attribute values for Puppet Enterprise servers:*\n\n- `PUPPET_ADMIN_PASSWORD` : An administrator password that you can use to sign in to the Puppet Enterprise console webpage after the server is online. The password must use between 8 and 32 ASCII characters.\n- `PUPPET_R10K_REMOTE` : The r10k remote is the URL of your control repository (for example, ssh://git@your.git-repo.com:user/control-repo.git). Specifying an r10k remote opens TCP port 8170.\n- `PUPPET_R10K_PRIVATE_KEY` : If you are using a private Git repository, add `PUPPET_R10K_PRIVATE_KEY` to specify a PEM-encoded private SSH key.", + "markdownDescription": "The log event field that will contain the value for this dimension. This dimension will only be published for a metric if the value is found in the log event. For example, `$.eventType` for JSON log events, or `$server` for space-delimited log events.", "title": "Value", "type": "string" } }, + "required": [ + "Key", + "Value" + ], "type": "object" }, - "AWS::Organizations::Account": { + "AWS::Logs::MetricFilter.MetricTransformation": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "DefaultValue": { + "markdownDescription": "(Optional) The value to emit when a filter pattern does not match a log event. This value can be null.", + "title": "DefaultValue", + "type": "number" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Dimensions": { + "items": { + "$ref": "#/definitions/AWS::Logs::MetricFilter.Dimension" + }, + "markdownDescription": "The fields to use as dimensions for the metric. One metric filter can include as many as three dimensions.\n\n> Metrics extracted from log events are charged as custom metrics. To prevent unexpected high charges, do not specify high-cardinality fields such as `IPAddress` or `requestID` as dimensions. Each different value found for a dimension is treated as a separate metric and accrues charges as a separate custom metric.\n> \n> CloudWatch Logs disables a metric filter if it generates 1000 different name/value pairs for your specified dimensions within a certain amount of time. This helps to prevent accidental high charges.\n> \n> You can also set up a billing alarm to alert you if your charges are higher than expected. For more information, see [Creating a Billing Alarm to Monitor Your Estimated AWS Charges](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/monitor_estimated_charges_with_cloudwatch.html) .", + "title": "Dimensions", + "type": "array" }, - "Metadata": { - "type": "object" + "MetricName": { + "markdownDescription": "The name of the CloudWatch metric.", + "title": "MetricName", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AccountName": { - "markdownDescription": "The account name given to the account when it was created.", - "title": "AccountName", - "type": "string" - }, - "Email": { - "markdownDescription": "The email address associated with the AWS account.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) for this parameter is a string of characters that represents a standard internet email address.", - "title": "Email", - "type": "string" - }, - "ParentIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The unique identifier (ID) of the root or organizational unit (OU) that you want to create the new account in. If you don't specify this parameter, the `ParentId` defaults to the root ID.\n\nThis parameter only accepts a string array with one string value.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) for a parent ID string requires one of the following:\n\n- *Root* - A string that begins with \"r-\" followed by from 4 to 32 lowercase letters or digits.\n- *Organizational unit (OU)* - A string that begins with \"ou-\" followed by from 4 to 32 lowercase letters or digits (the ID of the root that the OU is in). This string is followed by a second \"-\" dash and from 8 to 32 additional lowercase letters or digits.", - "title": "ParentIds", - "type": "array" - }, - "RoleName": { - "markdownDescription": "The name of an IAM role that AWS Organizations automatically preconfigures in the new member account. This role trusts the management account, allowing users in the management account to assume the role, as permitted by the management account administrator. The role has administrator permissions in the new member account.\n\nIf you don't specify this parameter, the role name defaults to `OrganizationAccountAccessRole` .\n\nFor more information about how to use this role to access the member account, see the following links:\n\n- [Creating the OrganizationAccountAccessRole in an invited member account](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_access.html#orgs_manage_accounts_create-cross-account-role) in the *AWS Organizations User Guide*\n- Steps 2 and 3 in [IAM Tutorial: Delegate access across AWS accounts using IAM roles](https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_cross-account-with-roles.html) in the *IAM User Guide*\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) that is used to validate this parameter. The pattern can include uppercase letters, lowercase letters, digits with no spaces, and any of the following characters: =,.@-", - "title": "RoleName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of tags that you want to attach to the newly created account. For each tag in the list, you must specify both a tag key and a value. You can set the value to an empty string, but you can't set it to `null` . For more information about tagging, see [Tagging AWS Organizations resources](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_tagging.html) in the AWS Organizations User Guide.\n\n> If any one of the tags is not valid or if you exceed the maximum allowed number of tags for an account, then the entire request fails and the account is not created.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "AccountName", - "Email" - ], - "type": "object" + "MetricNamespace": { + "markdownDescription": "A custom namespace to contain your metric in CloudWatch. Use namespaces to group together metrics that are similar. For more information, see [Namespaces](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html#Namespace) .", + "title": "MetricNamespace", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Organizations::Account" - ], + "MetricValue": { + "markdownDescription": "The value that is published to the CloudWatch metric. For example, if you're counting the occurrences of a particular term like `Error` , specify 1 for the metric value. If you're counting the number of bytes transferred, reference the value that is in the log event by using $. followed by the name of the field that you specified in the filter pattern, such as `$.size` .", + "title": "MetricValue", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Unit": { + "markdownDescription": "The unit to assign to the metric. If you omit this, the unit is set as `None` .", + "title": "Unit", "type": "string" } }, "required": [ - "Type", - "Properties" + "MetricName", + "MetricNamespace", + "MetricValue" ], "type": "object" }, - "AWS::Organizations::Organization": { + "AWS::Logs::QueryDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -174484,17 +177847,39 @@ "Properties": { "additionalProperties": false, "properties": { - "FeatureSet": { - "markdownDescription": "Specifies the feature set supported by the new organization. Each feature set supports different levels of functionality.\n\n- `ALL` In addition to all the features supported by the consolidated billing feature set, the management account gains access to advanced features that give you more control over accounts in your organization. For more information, see [All features](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html#feature-set-all) in the *AWS Organizations User Guide* .\n- `CONSOLIDATED_BILLING` All member accounts have their bills consolidated to and paid by the management account. For more information, see [Consolidated billing](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html#feature-set-cb-only) in the *AWS Organizations User Guide* .\n\n> The consolidated billing feature feature set isn't available for organizations in the AWS GovCloud (US) Region.\n\nIf you don't specify this property, the default value is `ALL` .", - "title": "FeatureSet", + "LogGroupNames": { + "items": { + "type": "string" + }, + "markdownDescription": "Use this parameter if you want the query to query only certain log groups.", + "title": "LogGroupNames", + "type": "array" + }, + "Name": { + "markdownDescription": "A name for the query definition.\n\n> You can use the name to create a folder structure for your queries. To create a folder, use a forward slash (/) to prefix your desired query name with your desired folder name. For example, `*folder-name* / *query-name*` .", + "title": "Name", + "type": "string" + }, + "QueryLanguage": { + "markdownDescription": "The query language used for this query. For more information about the query languages that CloudWatch Logs supports, see [Supported query languages](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_AnalyzeLogData_Languages.html) .", + "title": "QueryLanguage", + "type": "string" + }, + "QueryString": { + "markdownDescription": "The query string to use for this query definition. For more information, see [CloudWatch Logs Insights Query Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_QuerySyntax.html) .", + "title": "QueryString", "type": "string" } }, + "required": [ + "Name", + "QueryString" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Organizations::Organization" + "AWS::Logs::QueryDefinition" ], "type": "string" }, @@ -174508,11 +177893,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Organizations::OrganizationalUnit": { + "AWS::Logs::ResourcePolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -174547,34 +177933,26 @@ "Properties": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The friendly name of this OU.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) that is used to validate this parameter is a string of any of the characters in the ASCII character range.", - "title": "Name", + "PolicyDocument": { + "markdownDescription": "The details of the policy. It must be formatted in JSON, and you must use backslashes to escape characters that need to be escaped in JSON strings, such as double quote marks.", + "title": "PolicyDocument", "type": "string" }, - "ParentId": { - "markdownDescription": "The unique identifier (ID) of the parent root or OU that you want to create the new OU in.\n\n> To update the `ParentId` parameter value, you must first remove all accounts attached to the organizational unit (OU). OUs can't be moved within the organization with accounts still attached. \n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) for a parent ID string requires one of the following:\n\n- *Root* - A string that begins with \"r-\" followed by from 4 to 32 lowercase letters or digits.\n- *Organizational unit (OU)* - A string that begins with \"ou-\" followed by from 4 to 32 lowercase letters or digits (the ID of the root that the OU is in). This string is followed by a second \"-\" dash and from 8 to 32 additional lowercase letters or digits.", - "title": "ParentId", + "PolicyName": { + "markdownDescription": "The name of the resource policy.", + "title": "PolicyName", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of tags that you want to attach to the newly created OU. For each tag in the list, you must specify both a tag key and a value. You can set the value to an empty string, but you can't set it to `null` . For more information about tagging, see [Tagging AWS Organizations resources](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_tagging.html) in the AWS Organizations User Guide.\n\n> If any one of the tags is not valid or if you exceed the allowed number of tags for an OU, then the entire request fails and the OU is not created.", - "title": "Tags", - "type": "array" } }, "required": [ - "Name", - "ParentId" + "PolicyDocument", + "PolicyName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Organizations::OrganizationalUnit" + "AWS::Logs::ResourcePolicy" ], "type": "string" }, @@ -174593,7 +177971,7 @@ ], "type": "object" }, - "AWS::Organizations::Policy": { + "AWS::Logs::SubscriptionFilter": { "additionalProperties": false, "properties": { "Condition": { @@ -174628,53 +178006,52 @@ "Properties": { "additionalProperties": false, "properties": { - "Content": { - "markdownDescription": "The policy text content. You can specify the policy content as a JSON object or a JSON string.\n\n> When you specify the policy content as a JSON string, you can't perform drift detection on the CloudFormation stack. For this reason, we recommend specifying the policy content as a JSON object instead. \n\nThe text that you supply must adhere to the rules of the policy type you specify in the `Type` parameter. The following AWS Organizations quotas are enforced for the maximum size of a policy document:\n\n- Service control policies: 5,120 characters\n- Resource control policies: 5,120 characters\n- Declarative policies: 10,000 characters\n- Backup policies: 10,000 characters\n- Tag policies: 10,000 characters\n- Chat applications policies: 10,000 characters\n- AI services opt-out policies: 2,500 characters\n\nFor more information about Organizations service quotas, see [Quotas for AWS Organizations](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) in the *AWS Organizations User Guide* .", - "title": "Content", - "type": "object" + "ApplyOnTransformedLogs": { + "markdownDescription": "This parameter is valid only for log groups that have an active log transformer. For more information about log transformers, see [PutTransformer](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutTransformer.html) .\n\nIf this value is `true` , the subscription filter is applied on the transformed version of the log events instead of the original ingested log events.", + "title": "ApplyOnTransformedLogs", + "type": "boolean" }, - "Description": { - "markdownDescription": "Human readable description of the policy.", - "title": "Description", + "DestinationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the destination.", + "title": "DestinationArn", "type": "string" }, - "Name": { - "markdownDescription": "Name of the policy.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) that is used to validate this parameter is a string of any of the characters in the ASCII character range.", - "title": "Name", + "Distribution": { + "markdownDescription": "The method used to distribute log data to the destination, which can be either random or grouped by log stream.", + "title": "Distribution", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of tags that you want to attach to the newly created policy. For each tag in the list, you must specify both a tag key and a value. You can set the value to an empty string, but you can't set it to `null` . For more information about tagging, see [Tagging AWS Organizations resources](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_tagging.html) in the AWS Organizations User Guide.\n\n> If any one of the tags is not valid or if you exceed the allowed number of tags for a policy, then the entire request fails and the policy is not created.", - "title": "Tags", - "type": "array" + "FilterName": { + "markdownDescription": "The name of the subscription filter.", + "title": "FilterName", + "type": "string" }, - "TargetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "List of unique identifiers (IDs) of the root, OU, or account that you want to attach the policy to. You can get the ID by calling the [ListRoots](https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListRoots.html) , [ListOrganizationalUnitsForParent](https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListOrganizationalUnitsForParent.html) , or [ListAccounts](https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListAccounts.html) operations. If you don't specify this parameter, the policy is created but not attached to any organization resource.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) for a target ID string requires one of the following:\n\n- *Root* - A string that begins with \"r-\" followed by from 4 to 32 lowercase letters or digits.\n- *Account* - A string that consists of exactly 12 digits.\n- *Organizational unit (OU)* - A string that begins with \"ou-\" followed by from 4 to 32 lowercase letters or digits (the ID of the root that the OU is in). This string is followed by a second \"-\" dash and from 8 to 32 additional lowercase letters or digits.", - "title": "TargetIds", - "type": "array" + "FilterPattern": { + "markdownDescription": "The filtering expressions that restrict what gets delivered to the destination AWS resource. For more information about the filter pattern syntax, see [Filter and Pattern Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html) .", + "title": "FilterPattern", + "type": "string" }, - "Type": { - "markdownDescription": "The type of policy to create.", - "title": "Type", + "LogGroupName": { + "markdownDescription": "The log group to associate with the subscription filter. All log events that are uploaded to this log group are filtered and delivered to the specified AWS resource if the filter pattern matches the log events.", + "title": "LogGroupName", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of an IAM role that grants CloudWatch Logs permissions to deliver ingested log events to the destination stream. You don't need to provide the ARN when you are working with a logical destination for cross-account delivery.", + "title": "RoleArn", "type": "string" } }, "required": [ - "Content", - "Name", - "Type" + "DestinationArn", + "FilterPattern", + "LogGroupName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Organizations::Policy" + "AWS::Logs::SubscriptionFilter" ], "type": "string" }, @@ -174693,7 +178070,7 @@ ], "type": "object" }, - "AWS::Organizations::ResourcePolicy": { + "AWS::Logs::Transformer": { "additionalProperties": false, "properties": { "Condition": { @@ -174728,28 +178105,29 @@ "Properties": { "additionalProperties": false, "properties": { - "Content": { - "markdownDescription": "The policy text of the organization resource policy. You can specify the resource policy content as a JSON object or a JSON string.\n\n> When you specify the resource policy content as a JSON string, you can't perform drift detection on the CloudFormation stack. For this reason, we recommend specifying the resource policy content as a JSON object instead.", - "title": "Content", - "type": "object" + "LogGroupIdentifier": { + "markdownDescription": "Specify either the name or ARN of the log group to create the transformer for.", + "title": "LogGroupIdentifier", + "type": "string" }, - "Tags": { + "TransformerConfig": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Logs::Transformer.Processor" }, - "markdownDescription": "A list of tags that you want to attach to the newly created resource policy. For each tag in the list, you must specify both a tag key and a value. You can set the value to an empty string, but you can't set it to `null` . For more information about tagging, see [Tagging AWS Organizations resources](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_tagging.html) in the *AWS Organizations User Guide* .\n\n> If any one of the tags is not valid or if you exceed the allowed number of tags for the resource policy, then the entire request fails and the resource policy is not created.", - "title": "Tags", + "markdownDescription": "This structure is an array that contains the configuration of this log transformer. A log transformer is an array of processors, where each processor applies one type of transformation to the log events that are ingested.", + "title": "TransformerConfig", "type": "array" } }, "required": [ - "Content" + "LogGroupIdentifier", + "TransformerConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::Organizations::ResourcePolicy" + "AWS::Logs::Transformer" ], "type": "string" }, @@ -174768,1290 +178146,755 @@ ], "type": "object" }, - "AWS::PCAConnectorAD::Connector": { + "AWS::Logs::Transformer.AddKeyEntry": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Key": { + "markdownDescription": "The key of the new entry to be added to the log event", + "title": "Key", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "CertificateAuthorityArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the certificate authority being used.", - "title": "CertificateAuthorityArn", - "type": "string" - }, - "DirectoryId": { - "markdownDescription": "The identifier of the Active Directory.", - "title": "DirectoryId", - "type": "string" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Metadata assigned to a connector consisting of a key-value pair.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - }, - "VpcInformation": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Connector.VpcInformation", - "markdownDescription": "Information of the VPC and security group(s) used with the connector.", - "title": "VpcInformation" - } - }, - "required": [ - "CertificateAuthorityArn", - "DirectoryId", - "VpcInformation" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::PCAConnectorAD::Connector" - ], - "type": "string" + "OverwriteIfExists": { + "markdownDescription": "Specifies whether to overwrite the value if the key already exists in the log event. If you omit this, the default is `false` .", + "title": "OverwriteIfExists", + "type": "boolean" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Value": { + "markdownDescription": "The value of the new entry to be added to the log event", + "title": "Value", "type": "string" } }, "required": [ - "Type", - "Properties" + "Key", + "Value" ], "type": "object" }, - "AWS::PCAConnectorAD::Connector.VpcInformation": { + "AWS::Logs::Transformer.AddKeys": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { + "Entries": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Logs::Transformer.AddKeyEntry" }, - "markdownDescription": "The security groups used with the connector. You can use a maximum of 4 security groups with a connector.", - "title": "SecurityGroupIds", + "markdownDescription": "An array of objects, where each object contains the information about one key to add to the log event.", + "title": "Entries", "type": "array" } }, "required": [ - "SecurityGroupIds" + "Entries" ], "type": "object" }, - "AWS::PCAConnectorAD::DirectoryRegistration": { + "AWS::Logs::Transformer.CopyValue": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DirectoryId": { - "markdownDescription": "The identifier of the Active Directory.", - "title": "DirectoryId", - "type": "string" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Metadata assigned to a directory registration consisting of a key-value pair.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - } + "Entries": { + "items": { + "$ref": "#/definitions/AWS::Logs::Transformer.CopyValueEntry" }, - "required": [ - "DirectoryId" - ], - "type": "object" + "markdownDescription": "An array of `CopyValueEntry` objects, where each object contains the information about one field value to copy.", + "title": "Entries", + "type": "array" + } + }, + "required": [ + "Entries" + ], + "type": "object" + }, + "AWS::Logs::Transformer.CopyValueEntry": { + "additionalProperties": false, + "properties": { + "OverwriteIfExists": { + "markdownDescription": "Specifies whether to overwrite the value if the destination key already exists. If you omit this, the default is `false` .", + "title": "OverwriteIfExists", + "type": "boolean" }, - "Type": { - "enum": [ - "AWS::PCAConnectorAD::DirectoryRegistration" - ], + "Source": { + "markdownDescription": "The key to copy.", + "title": "Source", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Target": { + "markdownDescription": "The key of the field to copy the value to.", + "title": "Target", "type": "string" } }, "required": [ - "Type", - "Properties" + "Source", + "Target" ], "type": "object" }, - "AWS::PCAConnectorAD::ServicePrincipalName": { + "AWS::Logs::Transformer.Csv": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Columns": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of names to use for the columns in the transformed log event.\n\nIf you omit this, default column names ( `[column_1, column_2 ...]` ) are used.", + "title": "Columns", + "type": "array" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Delimiter": { + "markdownDescription": "The character used to separate each column in the original comma-separated value log event. If you omit this, the processor looks for the comma `,` character as the delimiter.", + "title": "Delimiter", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ConnectorArn": { - "markdownDescription": "The Amazon Resource Name (ARN) that was returned when you called [CreateConnector.html](https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateConnector.html) .", - "title": "ConnectorArn", - "type": "string" - }, - "DirectoryRegistrationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) that was returned when you called [CreateDirectoryRegistration](https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateDirectoryRegistration.html) .", - "title": "DirectoryRegistrationArn", - "type": "string" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::PCAConnectorAD::ServicePrincipalName" - ], + "QuoteCharacter": { + "markdownDescription": "The character used used as a text qualifier for a single column of data. If you omit this, the double quotation mark `\"` character is used.", + "title": "QuoteCharacter", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Source": { + "markdownDescription": "The path to the field in the log event that has the comma separated values to be parsed. If you omit this value, the whole log message is processed.", + "title": "Source", "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::PCAConnectorAD::Template": { + "AWS::Logs::Transformer.DateTimeConverter": { "additionalProperties": false, "properties": { - "Condition": { + "Locale": { + "markdownDescription": "The locale of the source field. If you omit this, the default of `locale.ROOT` is used.", + "title": "Locale", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "MatchPatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of patterns to match against the `source` field.", + "title": "MatchPatterns", + "type": "array" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Source": { + "markdownDescription": "The key to apply the date conversion to.", + "title": "Source", + "type": "string" }, - "Metadata": { - "type": "object" + "SourceTimezone": { + "markdownDescription": "The time zone of the source field. If you omit this, the default used is the UTC zone.", + "title": "SourceTimezone", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ConnectorArn": { - "markdownDescription": "The Amazon Resource Name (ARN) that was returned when you called [CreateConnector](https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateConnector.html) .", - "title": "ConnectorArn", - "type": "string" - }, - "Definition": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.TemplateDefinition", - "markdownDescription": "Template configuration to define the information included in certificates. Define certificate validity and renewal periods, certificate request handling and enrollment options, key usage extensions, application policies, and cryptography settings.", - "title": "Definition" - }, - "Name": { - "markdownDescription": "Name of the templates. Template names must be unique.", - "title": "Name", - "type": "string" - }, - "ReenrollAllCertificateHolders": { - "markdownDescription": "This setting allows the major version of a template to be increased automatically. All members of Active Directory groups that are allowed to enroll with a template will receive a new certificate issued using that template.", - "title": "ReenrollAllCertificateHolders", - "type": "boolean" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Metadata assigned to a template consisting of a key-value pair.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - } - }, - "required": [ - "ConnectorArn", - "Definition", - "Name" - ], - "type": "object" + "Target": { + "markdownDescription": "The JSON field to store the result in.", + "title": "Target", + "type": "string" }, - "Type": { - "enum": [ - "AWS::PCAConnectorAD::Template" - ], + "TargetFormat": { + "markdownDescription": "The datetime format to use for the converted data in the target field.\n\nIf you omit this, the default of `yyyy-MM-dd'T'HH:mm:ss.SSS'Z` is used.", + "title": "TargetFormat", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TargetTimezone": { + "markdownDescription": "The time zone of the target field. If you omit this, the default used is the UTC zone.", + "title": "TargetTimezone", "type": "string" } }, "required": [ - "Type", - "Properties" + "MatchPatterns", + "Source", + "Target" ], "type": "object" }, - "AWS::PCAConnectorAD::Template.ApplicationPolicies": { + "AWS::Logs::Transformer.DeleteKeys": { "additionalProperties": false, "properties": { - "Critical": { - "markdownDescription": "Marks the application policy extension as critical.", - "title": "Critical", - "type": "boolean" - }, - "Policies": { + "WithKeys": { "items": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ApplicationPolicy" + "type": "string" }, - "markdownDescription": "Application policies describe what the certificate can be used for.", - "title": "Policies", + "markdownDescription": "The list of keys to delete.", + "title": "WithKeys", "type": "array" } }, "required": [ - "Policies" + "WithKeys" ], "type": "object" }, - "AWS::PCAConnectorAD::Template.ApplicationPolicy": { + "AWS::Logs::Transformer.Grok": { "additionalProperties": false, "properties": { - "PolicyObjectIdentifier": { - "markdownDescription": "The object identifier (OID) of an application policy.", - "title": "PolicyObjectIdentifier", + "Match": { + "markdownDescription": "The grok pattern to match against the log event. For a list of supported grok patterns, see [Supported grok patterns](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#Grok-Patterns) .", + "title": "Match", "type": "string" }, - "PolicyType": { - "markdownDescription": "The type of application policy", - "title": "PolicyType", + "Source": { + "markdownDescription": "The path to the field in the log event that you want to parse. If you omit this value, the whole log message is parsed.", + "title": "Source", "type": "string" } }, - "type": "object" - }, - "AWS::PCAConnectorAD::Template.CertificateValidity": { - "additionalProperties": false, - "properties": { - "RenewalPeriod": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ValidityPeriod", - "markdownDescription": "Renewal period is the period of time before certificate expiration when a new certificate will be requested.", - "title": "RenewalPeriod" - }, - "ValidityPeriod": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ValidityPeriod", - "markdownDescription": "Information describing the end of the validity period of the certificate. This parameter sets the \u201cNot After\u201d date for the certificate. Certificate validity is the period of time during which a certificate is valid. Validity can be expressed as an explicit date and time when the certificate expires, or as a span of time after issuance, stated in days, months, or years. For more information, see Validity in RFC 5280. This value is unaffected when ValidityNotBefore is also specified. For example, if Validity is set to 20 days in the future, the certificate will expire 20 days from issuance time regardless of the ValidityNotBefore value.", - "title": "ValidityPeriod" - } - }, "required": [ - "RenewalPeriod", - "ValidityPeriod" + "Match" ], "type": "object" }, - "AWS::PCAConnectorAD::Template.EnrollmentFlagsV2": { + "AWS::Logs::Transformer.ListToMap": { "additionalProperties": false, "properties": { - "EnableKeyReuseOnNtTokenKeysetStorageFull": { - "markdownDescription": "Allow renewal using the same key.", - "title": "EnableKeyReuseOnNtTokenKeysetStorageFull", + "Flatten": { + "markdownDescription": "A Boolean value to indicate whether the list will be flattened into single items. Specify `true` to flatten the list. The default is `false`", + "title": "Flatten", "type": "boolean" }, - "IncludeSymmetricAlgorithms": { - "markdownDescription": "Include symmetric algorithms allowed by the subject.", - "title": "IncludeSymmetricAlgorithms", - "type": "boolean" + "FlattenedElement": { + "markdownDescription": "If you set `flatten` to `true` , use `flattenedElement` to specify which element, `first` or `last` , to keep.\n\nYou must specify this parameter if `flatten` is `true`", + "title": "FlattenedElement", + "type": "string" }, - "NoSecurityExtension": { - "markdownDescription": "This flag instructs the CA to not include the security extension szOID_NTDS_CA_SECURITY_EXT (OID:1.3.6.1.4.1.311.25.2), as specified in [MS-WCCE] sections 2.2.2.7.7.4 and 3.2.2.6.2.1.4.5.9, in the issued certificate. This addresses a Windows Kerberos elevation-of-privilege vulnerability.", - "title": "NoSecurityExtension", - "type": "boolean" + "Key": { + "markdownDescription": "The key of the field to be extracted as keys in the generated map", + "title": "Key", + "type": "string" }, - "RemoveInvalidCertificateFromPersonalStore": { - "markdownDescription": "Delete expired or revoked certificates instead of archiving them.", - "title": "RemoveInvalidCertificateFromPersonalStore", - "type": "boolean" + "Source": { + "markdownDescription": "The key in the log event that has a list of objects that will be converted to a map.", + "title": "Source", + "type": "string" }, - "UserInteractionRequired": { - "markdownDescription": "Require user interaction when the subject is enrolled and the private key associated with the certificate is used.", - "title": "UserInteractionRequired", - "type": "boolean" + "Target": { + "markdownDescription": "The key of the field that will hold the generated map", + "title": "Target", + "type": "string" + }, + "ValueKey": { + "markdownDescription": "If this is specified, the values that you specify in this parameter will be extracted from the `source` objects and put into the values of the generated map. Otherwise, original objects in the source list will be put into the values of the generated map.", + "title": "ValueKey", + "type": "string" } }, + "required": [ + "Key", + "Source" + ], "type": "object" }, - "AWS::PCAConnectorAD::Template.EnrollmentFlagsV3": { + "AWS::Logs::Transformer.LowerCaseString": { "additionalProperties": false, "properties": { - "EnableKeyReuseOnNtTokenKeysetStorageFull": { - "markdownDescription": "Allow renewal using the same key.", - "title": "EnableKeyReuseOnNtTokenKeysetStorageFull", - "type": "boolean" - }, - "IncludeSymmetricAlgorithms": { - "markdownDescription": "Include symmetric algorithms allowed by the subject.", - "title": "IncludeSymmetricAlgorithms", - "type": "boolean" - }, - "NoSecurityExtension": { - "markdownDescription": "This flag instructs the CA to not include the security extension szOID_NTDS_CA_SECURITY_EXT (OID:1.3.6.1.4.1.311.25.2), as specified in [MS-WCCE] sections 2.2.2.7.7.4 and 3.2.2.6.2.1.4.5.9, in the issued certificate. This addresses a Windows Kerberos elevation-of-privilege vulnerability.", - "title": "NoSecurityExtension", - "type": "boolean" - }, - "RemoveInvalidCertificateFromPersonalStore": { - "markdownDescription": "Delete expired or revoked certificates instead of archiving them.", - "title": "RemoveInvalidCertificateFromPersonalStore", - "type": "boolean" - }, - "UserInteractionRequired": { - "markdownDescription": "Require user interaction when the subject is enrolled and the private key associated with the certificate is used.", - "title": "UserInteractionRequired", - "type": "boolean" + "WithKeys": { + "items": { + "type": "string" + }, + "markdownDescription": "The array caontaining the keys of the fields to convert to lowercase.", + "title": "WithKeys", + "type": "array" } }, + "required": [ + "WithKeys" + ], "type": "object" }, - "AWS::PCAConnectorAD::Template.EnrollmentFlagsV4": { + "AWS::Logs::Transformer.MoveKeyEntry": { "additionalProperties": false, "properties": { - "EnableKeyReuseOnNtTokenKeysetStorageFull": { - "markdownDescription": "Allow renewal using the same key.", - "title": "EnableKeyReuseOnNtTokenKeysetStorageFull", - "type": "boolean" - }, - "IncludeSymmetricAlgorithms": { - "markdownDescription": "Include symmetric algorithms allowed by the subject.", - "title": "IncludeSymmetricAlgorithms", - "type": "boolean" - }, - "NoSecurityExtension": { - "markdownDescription": "This flag instructs the CA to not include the security extension szOID_NTDS_CA_SECURITY_EXT (OID:1.3.6.1.4.1.311.25.2), as specified in [MS-WCCE] sections 2.2.2.7.7.4 and 3.2.2.6.2.1.4.5.9, in the issued certificate. This addresses a Windows Kerberos elevation-of-privilege vulnerability.", - "title": "NoSecurityExtension", + "OverwriteIfExists": { + "markdownDescription": "Specifies whether to overwrite the value if the destination key already exists. If you omit this, the default is `false` .", + "title": "OverwriteIfExists", "type": "boolean" }, - "RemoveInvalidCertificateFromPersonalStore": { - "markdownDescription": "Delete expired or revoked certificates instead of archiving them.", - "title": "RemoveInvalidCertificateFromPersonalStore", - "type": "boolean" + "Source": { + "markdownDescription": "The key to move.", + "title": "Source", + "type": "string" }, - "UserInteractionRequired": { - "markdownDescription": "Require user interaction when the subject is enrolled and the private key associated with the certificate is used.", - "title": "UserInteractionRequired", - "type": "boolean" + "Target": { + "markdownDescription": "The key to move to.", + "title": "Target", + "type": "string" } }, + "required": [ + "Source", + "Target" + ], "type": "object" }, - "AWS::PCAConnectorAD::Template.ExtensionsV2": { + "AWS::Logs::Transformer.MoveKeys": { "additionalProperties": false, "properties": { - "ApplicationPolicies": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ApplicationPolicies", - "markdownDescription": "Application policies specify what the certificate is used for and its purpose.", - "title": "ApplicationPolicies" - }, - "KeyUsage": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsage", - "markdownDescription": "The key usage extension defines the purpose (e.g., encipherment, signature, certificate signing) of the key contained in the certificate.", - "title": "KeyUsage" + "Entries": { + "items": { + "$ref": "#/definitions/AWS::Logs::Transformer.MoveKeyEntry" + }, + "markdownDescription": "An array of objects, where each object contains the information about one key to move.", + "title": "Entries", + "type": "array" } }, "required": [ - "KeyUsage" + "Entries" ], "type": "object" }, - "AWS::PCAConnectorAD::Template.ExtensionsV3": { + "AWS::Logs::Transformer.ParseCloudfront": { "additionalProperties": false, "properties": { - "ApplicationPolicies": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ApplicationPolicies", - "markdownDescription": "Application policies specify what the certificate is used for and its purpose.", - "title": "ApplicationPolicies" - }, - "KeyUsage": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsage", - "markdownDescription": "The key usage extension defines the purpose (e.g., encipherment, signature, certificate signing) of the key contained in the certificate.", - "title": "KeyUsage" + "Source": { + "markdownDescription": "Omit this parameter and the whole log message will be processed by this processor. No other value than `@message` is allowed for `source` .", + "title": "Source", + "type": "string" } }, - "required": [ - "KeyUsage" - ], "type": "object" }, - "AWS::PCAConnectorAD::Template.ExtensionsV4": { + "AWS::Logs::Transformer.ParseJSON": { "additionalProperties": false, "properties": { - "ApplicationPolicies": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ApplicationPolicies", - "markdownDescription": "Application policies specify what the certificate is used for and its purpose.", - "title": "ApplicationPolicies" + "Destination": { + "markdownDescription": "The location to put the parsed key value pair into. If you omit this parameter, it is placed under the root node.", + "title": "Destination", + "type": "string" }, - "KeyUsage": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsage", - "markdownDescription": "The key usage extension defines the purpose (e.g., encipherment, signature) of the key contained in the certificate.", - "title": "KeyUsage" + "Source": { + "markdownDescription": "Path to the field in the log event that will be parsed. Use dot notation to access child fields. For example, `store.book`", + "title": "Source", + "type": "string" } }, - "required": [ - "KeyUsage" - ], "type": "object" }, - "AWS::PCAConnectorAD::Template.GeneralFlagsV2": { + "AWS::Logs::Transformer.ParseKeyValue": { "additionalProperties": false, "properties": { - "AutoEnrollment": { - "markdownDescription": "Allows certificate issuance using autoenrollment. Set to TRUE to allow autoenrollment.", - "title": "AutoEnrollment", - "type": "boolean" + "Destination": { + "markdownDescription": "The destination field to put the extracted key-value pairs into", + "title": "Destination", + "type": "string" }, - "MachineType": { - "markdownDescription": "Defines if the template is for machines or users. Set to TRUE if the template is for machines. Set to FALSE if the template is for users.", - "title": "MachineType", + "FieldDelimiter": { + "markdownDescription": "The field delimiter string that is used between key-value pairs in the original log events. If you omit this, the ampersand `&` character is used.", + "title": "FieldDelimiter", + "type": "string" + }, + "KeyPrefix": { + "markdownDescription": "If you want to add a prefix to all transformed keys, specify it here.", + "title": "KeyPrefix", + "type": "string" + }, + "KeyValueDelimiter": { + "markdownDescription": "The delimiter string to use between the key and value in each pair in the transformed log event.\n\nIf you omit this, the equal `=` character is used.", + "title": "KeyValueDelimiter", + "type": "string" + }, + "NonMatchValue": { + "markdownDescription": "A value to insert into the value field in the result, when a key-value pair is not successfully split.", + "title": "NonMatchValue", + "type": "string" + }, + "OverwriteIfExists": { + "markdownDescription": "Specifies whether to overwrite the value if the destination key already exists. If you omit this, the default is `false` .", + "title": "OverwriteIfExists", "type": "boolean" + }, + "Source": { + "markdownDescription": "Path to the field in the log event that will be parsed. Use dot notation to access child fields. For example, `store.book`", + "title": "Source", + "type": "string" } }, "type": "object" }, - "AWS::PCAConnectorAD::Template.GeneralFlagsV3": { + "AWS::Logs::Transformer.ParsePostgres": { "additionalProperties": false, "properties": { - "AutoEnrollment": { - "markdownDescription": "Allows certificate issuance using autoenrollment. Set to TRUE to allow autoenrollment.", - "title": "AutoEnrollment", - "type": "boolean" - }, - "MachineType": { - "markdownDescription": "Defines if the template is for machines or users. Set to TRUE if the template is for machines. Set to FALSE if the template is for users", - "title": "MachineType", - "type": "boolean" + "Source": { + "markdownDescription": "Omit this parameter and the whole log message will be processed by this processor. No other value than `@message` is allowed for `source` .", + "title": "Source", + "type": "string" } }, "type": "object" }, - "AWS::PCAConnectorAD::Template.GeneralFlagsV4": { + "AWS::Logs::Transformer.ParseRoute53": { "additionalProperties": false, "properties": { - "AutoEnrollment": { - "markdownDescription": "Allows certificate issuance using autoenrollment. Set to TRUE to allow autoenrollment.", - "title": "AutoEnrollment", - "type": "boolean" - }, - "MachineType": { - "markdownDescription": "Defines if the template is for machines or users. Set to TRUE if the template is for machines. Set to FALSE if the template is for users", - "title": "MachineType", - "type": "boolean" + "Source": { + "markdownDescription": "Omit this parameter and the whole log message will be processed by this processor. No other value than `@message` is allowed for `source` .", + "title": "Source", + "type": "string" } }, "type": "object" }, - "AWS::PCAConnectorAD::Template.KeyUsage": { + "AWS::Logs::Transformer.ParseToOCSF": { "additionalProperties": false, "properties": { - "Critical": { - "markdownDescription": "Sets the key usage extension to critical.", - "title": "Critical", - "type": "boolean" + "EventSource": { + "markdownDescription": "Specify the service or process that produces the log events that will be converted with this processor.", + "title": "EventSource", + "type": "string" }, - "UsageFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsageFlags", - "markdownDescription": "The key usage flags represent the purpose (e.g., encipherment, signature) of the key contained in the certificate.", - "title": "UsageFlags" + "OcsfVersion": { + "markdownDescription": "Specify which version of the OCSF schema to use for the transformed log events.", + "title": "OcsfVersion", + "type": "string" + }, + "Source": { + "markdownDescription": "The path to the field in the log event that you want to parse. If you omit this value, the whole log message is parsed.", + "title": "Source", + "type": "string" } }, "required": [ - "UsageFlags" + "EventSource", + "OcsfVersion" ], "type": "object" }, - "AWS::PCAConnectorAD::Template.KeyUsageFlags": { + "AWS::Logs::Transformer.ParseVPC": { "additionalProperties": false, "properties": { - "DataEncipherment": { - "markdownDescription": "DataEncipherment is asserted when the subject public key is used for directly enciphering raw user data without the use of an intermediate symmetric cipher.", - "title": "DataEncipherment", - "type": "boolean" - }, - "DigitalSignature": { - "markdownDescription": "The digitalSignature is asserted when the subject public key is used for verifying digital signatures.", - "title": "DigitalSignature", - "type": "boolean" - }, - "KeyAgreement": { - "markdownDescription": "KeyAgreement is asserted when the subject public key is used for key agreement.", - "title": "KeyAgreement", - "type": "boolean" - }, - "KeyEncipherment": { - "markdownDescription": "KeyEncipherment is asserted when the subject public key is used for enciphering private or secret keys, i.e., for key transport.", - "title": "KeyEncipherment", - "type": "boolean" - }, - "NonRepudiation": { - "markdownDescription": "NonRepudiation is asserted when the subject public key is used to verify digital signatures.", - "title": "NonRepudiation", - "type": "boolean" + "Source": { + "markdownDescription": "Omit this parameter and the whole log message will be processed by this processor. No other value than `@message` is allowed for `source` .", + "title": "Source", + "type": "string" } }, "type": "object" }, - "AWS::PCAConnectorAD::Template.KeyUsageProperty": { + "AWS::Logs::Transformer.ParseWAF": { "additionalProperties": false, "properties": { - "PropertyFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsagePropertyFlags", - "markdownDescription": "You can specify key usage for encryption, key agreement, and signature. You can use property flags or property type but not both.", - "title": "PropertyFlags" - }, - "PropertyType": { - "markdownDescription": "You can specify all key usages using property type ALL. You can use property type or property flags but not both.", - "title": "PropertyType", + "Source": { + "markdownDescription": "Omit this parameter and the whole log message will be processed by this processor. No other value than `@message` is allowed for `source` .", + "title": "Source", "type": "string" } }, "type": "object" }, - "AWS::PCAConnectorAD::Template.KeyUsagePropertyFlags": { + "AWS::Logs::Transformer.Processor": { "additionalProperties": false, "properties": { - "Decrypt": { - "markdownDescription": "Allows key for encryption and decryption.", - "title": "Decrypt", - "type": "boolean" + "AddKeys": { + "$ref": "#/definitions/AWS::Logs::Transformer.AddKeys", + "markdownDescription": "Use this parameter to include the [addKeys](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-addKeys) processor in your transformer.", + "title": "AddKeys" }, - "KeyAgreement": { - "markdownDescription": "Allows key exchange without encryption.", - "title": "KeyAgreement", - "type": "boolean" + "CopyValue": { + "$ref": "#/definitions/AWS::Logs::Transformer.CopyValue", + "markdownDescription": "Use this parameter to include the [copyValue](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-copyValue) processor in your transformer.", + "title": "CopyValue" }, - "Sign": { - "markdownDescription": "Allow key use for digital signature.", - "title": "Sign", + "Csv": { + "$ref": "#/definitions/AWS::Logs::Transformer.Csv", + "markdownDescription": "Use this parameter to include the [CSV](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-CSV) processor in your transformer.", + "title": "Csv" + }, + "DateTimeConverter": { + "$ref": "#/definitions/AWS::Logs::Transformer.DateTimeConverter", + "markdownDescription": "Use this parameter to include the [datetimeConverter](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-datetimeConverter) processor in your transformer.", + "title": "DateTimeConverter" + }, + "DeleteKeys": { + "$ref": "#/definitions/AWS::Logs::Transformer.DeleteKeys", + "markdownDescription": "Use this parameter to include the [deleteKeys](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-deleteKeys) processor in your transformer.", + "title": "DeleteKeys" + }, + "Grok": { + "$ref": "#/definitions/AWS::Logs::Transformer.Grok", + "markdownDescription": "Use this parameter to include the [grok](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-grok) processor in your transformer.", + "title": "Grok" + }, + "ListToMap": { + "$ref": "#/definitions/AWS::Logs::Transformer.ListToMap", + "markdownDescription": "Use this parameter to include the [listToMap](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-listToMap) processor in your transformer.", + "title": "ListToMap" + }, + "LowerCaseString": { + "$ref": "#/definitions/AWS::Logs::Transformer.LowerCaseString", + "markdownDescription": "Use this parameter to include the [lowerCaseString](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-lowerCaseString) processor in your transformer.", + "title": "LowerCaseString" + }, + "MoveKeys": { + "$ref": "#/definitions/AWS::Logs::Transformer.MoveKeys", + "markdownDescription": "Use this parameter to include the [moveKeys](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-moveKeys) processor in your transformer.", + "title": "MoveKeys" + }, + "ParseCloudfront": { + "$ref": "#/definitions/AWS::Logs::Transformer.ParseCloudfront", + "markdownDescription": "Use this parameter to include the [parseCloudfront](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-parseCloudfront) processor in your transformer.\n\nIf you use this processor, it must be the first processor in your transformer.", + "title": "ParseCloudfront" + }, + "ParseJSON": { + "$ref": "#/definitions/AWS::Logs::Transformer.ParseJSON", + "markdownDescription": "Use this parameter to include the [parseJSON](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-parseJSON) processor in your transformer.", + "title": "ParseJSON" + }, + "ParseKeyValue": { + "$ref": "#/definitions/AWS::Logs::Transformer.ParseKeyValue", + "markdownDescription": "Use this parameter to include the [parseKeyValue](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-parseKeyValue) processor in your transformer.", + "title": "ParseKeyValue" + }, + "ParsePostgres": { + "$ref": "#/definitions/AWS::Logs::Transformer.ParsePostgres", + "markdownDescription": "Use this parameter to include the [parsePostGres](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-parsePostGres) processor in your transformer.\n\nIf you use this processor, it must be the first processor in your transformer.", + "title": "ParsePostgres" + }, + "ParseRoute53": { + "$ref": "#/definitions/AWS::Logs::Transformer.ParseRoute53", + "markdownDescription": "Use this parameter to include the [parseRoute53](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-parseRoute53) processor in your transformer.\n\nIf you use this processor, it must be the first processor in your transformer.", + "title": "ParseRoute53" + }, + "ParseToOCSF": { + "$ref": "#/definitions/AWS::Logs::Transformer.ParseToOCSF", + "markdownDescription": "Use this parameter to convert logs into Open Cybersecurity Schema (OCSF) format.", + "title": "ParseToOCSF" + }, + "ParseVPC": { + "$ref": "#/definitions/AWS::Logs::Transformer.ParseVPC", + "markdownDescription": "Use this parameter to include the [parseVPC](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-parseVPC) processor in your transformer.\n\nIf you use this processor, it must be the first processor in your transformer.", + "title": "ParseVPC" + }, + "ParseWAF": { + "$ref": "#/definitions/AWS::Logs::Transformer.ParseWAF", + "markdownDescription": "Use this parameter to include the [parseWAF](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-parseWAF) processor in your transformer.\n\nIf you use this processor, it must be the first processor in your transformer.", + "title": "ParseWAF" + }, + "RenameKeys": { + "$ref": "#/definitions/AWS::Logs::Transformer.RenameKeys", + "markdownDescription": "Use this parameter to include the [renameKeys](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-renameKeys) processor in your transformer.", + "title": "RenameKeys" + }, + "SplitString": { + "$ref": "#/definitions/AWS::Logs::Transformer.SplitString", + "markdownDescription": "Use this parameter to include the [splitString](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-splitString) processor in your transformer.", + "title": "SplitString" + }, + "SubstituteString": { + "$ref": "#/definitions/AWS::Logs::Transformer.SubstituteString", + "markdownDescription": "Use this parameter to include the [substituteString](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-substituteString) processor in your transformer.", + "title": "SubstituteString" + }, + "TrimString": { + "$ref": "#/definitions/AWS::Logs::Transformer.TrimString", + "markdownDescription": "Use this parameter to include the [trimString](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-trimString) processor in your transformer.", + "title": "TrimString" + }, + "TypeConverter": { + "$ref": "#/definitions/AWS::Logs::Transformer.TypeConverter", + "markdownDescription": "Use this parameter to include the [typeConverter](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-typeConverter) processor in your transformer.", + "title": "TypeConverter" + }, + "UpperCaseString": { + "$ref": "#/definitions/AWS::Logs::Transformer.UpperCaseString", + "markdownDescription": "Use this parameter to include the [upperCaseString](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-upperCaseString) processor in your transformer.", + "title": "UpperCaseString" + } + }, + "type": "object" + }, + "AWS::Logs::Transformer.RenameKeyEntry": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The key to rename", + "title": "Key", + "type": "string" + }, + "OverwriteIfExists": { + "markdownDescription": "Specifies whether to overwrite the existing value if the destination key already exists. The default is `false`", + "title": "OverwriteIfExists", "type": "boolean" + }, + "RenameTo": { + "markdownDescription": "The string to use for the new key name", + "title": "RenameTo", + "type": "string" } }, + "required": [ + "Key", + "RenameTo" + ], "type": "object" }, - "AWS::PCAConnectorAD::Template.PrivateKeyAttributesV2": { + "AWS::Logs::Transformer.RenameKeys": { "additionalProperties": false, "properties": { - "CryptoProviders": { + "Entries": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Logs::Transformer.RenameKeyEntry" }, - "markdownDescription": "Defines the cryptographic providers used to generate the private key.", - "title": "CryptoProviders", + "markdownDescription": "An array of `RenameKeyEntry` objects, where each object contains the information about a single key to rename.", + "title": "Entries", "type": "array" - }, - "KeySpec": { - "markdownDescription": "Defines the purpose of the private key. Set it to \"KEY_EXCHANGE\" or \"SIGNATURE\" value.", - "title": "KeySpec", - "type": "string" - }, - "MinimalKeyLength": { - "markdownDescription": "Set the minimum key length of the private key.", - "title": "MinimalKeyLength", - "type": "number" } }, "required": [ - "KeySpec", - "MinimalKeyLength" + "Entries" ], "type": "object" }, - "AWS::PCAConnectorAD::Template.PrivateKeyAttributesV3": { + "AWS::Logs::Transformer.SplitString": { "additionalProperties": false, "properties": { - "Algorithm": { - "markdownDescription": "Defines the algorithm used to generate the private key.", - "title": "Algorithm", - "type": "string" - }, - "CryptoProviders": { + "Entries": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Logs::Transformer.SplitStringEntry" }, - "markdownDescription": "Defines the cryptographic providers used to generate the private key.", - "title": "CryptoProviders", + "markdownDescription": "An array of `SplitStringEntry` objects, where each object contains the information about one field to split.", + "title": "Entries", "type": "array" - }, - "KeySpec": { - "markdownDescription": "Defines the purpose of the private key. Set it to \"KEY_EXCHANGE\" or \"SIGNATURE\" value.", - "title": "KeySpec", - "type": "string" - }, - "KeyUsageProperty": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsageProperty", - "markdownDescription": "The key usage property defines the purpose of the private key contained in the certificate. You can specify specific purposes using property flags or all by using property type ALL.", - "title": "KeyUsageProperty" - }, - "MinimalKeyLength": { - "markdownDescription": "Set the minimum key length of the private key.", - "title": "MinimalKeyLength", - "type": "number" } }, "required": [ - "Algorithm", - "KeySpec", - "KeyUsageProperty", - "MinimalKeyLength" + "Entries" ], "type": "object" }, - "AWS::PCAConnectorAD::Template.PrivateKeyAttributesV4": { + "AWS::Logs::Transformer.SplitStringEntry": { "additionalProperties": false, "properties": { - "Algorithm": { - "markdownDescription": "Defines the algorithm used to generate the private key.", - "title": "Algorithm", + "Delimiter": { + "markdownDescription": "The separator characters to split the string entry on.", + "title": "Delimiter", "type": "string" }, - "CryptoProviders": { - "items": { - "type": "string" - }, - "markdownDescription": "Defines the cryptographic providers used to generate the private key.", - "title": "CryptoProviders", - "type": "array" - }, - "KeySpec": { - "markdownDescription": "Defines the purpose of the private key. Set it to \"KEY_EXCHANGE\" or \"SIGNATURE\" value.", - "title": "KeySpec", + "Source": { + "markdownDescription": "The key of the field to split.", + "title": "Source", "type": "string" - }, - "KeyUsageProperty": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsageProperty", - "markdownDescription": "The key usage property defines the purpose of the private key contained in the certificate. You can specify specific purposes using property flags or all by using property type ALL.", - "title": "KeyUsageProperty" - }, - "MinimalKeyLength": { - "markdownDescription": "Set the minimum key length of the private key.", - "title": "MinimalKeyLength", - "type": "number" } }, "required": [ - "KeySpec", - "MinimalKeyLength" + "Delimiter", + "Source" ], "type": "object" }, - "AWS::PCAConnectorAD::Template.PrivateKeyFlagsV2": { + "AWS::Logs::Transformer.SubstituteString": { "additionalProperties": false, "properties": { - "ClientVersion": { - "markdownDescription": "Defines the minimum client compatibility.", - "title": "ClientVersion", - "type": "string" - }, - "ExportableKey": { - "markdownDescription": "Allows the private key to be exported.", - "title": "ExportableKey", - "type": "boolean" - }, - "StrongKeyProtectionRequired": { - "markdownDescription": "Require user input when using the private key for enrollment.", - "title": "StrongKeyProtectionRequired", - "type": "boolean" + "Entries": { + "items": { + "$ref": "#/definitions/AWS::Logs::Transformer.SubstituteStringEntry" + }, + "markdownDescription": "An array of objects, where each object contains the information about one key to match and replace.", + "title": "Entries", + "type": "array" } }, "required": [ - "ClientVersion" + "Entries" ], "type": "object" }, - "AWS::PCAConnectorAD::Template.PrivateKeyFlagsV3": { + "AWS::Logs::Transformer.SubstituteStringEntry": { "additionalProperties": false, "properties": { - "ClientVersion": { - "markdownDescription": "Defines the minimum client compatibility.", - "title": "ClientVersion", + "From": { + "markdownDescription": "The regular expression string to be replaced. Special regex characters such as [ and ] must be escaped using \\\\ when using double quotes and with \\ when using single quotes. For more information, see [Class Pattern](https://docs.aws.amazon.com/https://docs.oracle.com/en/java/javase/17/docs/api/java.base/java/util/regex/Pattern.html) on the Oracle web site.", + "title": "From", "type": "string" }, - "ExportableKey": { - "markdownDescription": "Allows the private key to be exported.", - "title": "ExportableKey", - "type": "boolean" - }, - "RequireAlternateSignatureAlgorithm": { - "markdownDescription": "Reguires the PKCS #1 v2.1 signature format for certificates. You should verify that your CA, objects, and applications can accept this signature format.", - "title": "RequireAlternateSignatureAlgorithm", - "type": "boolean" - }, - "StrongKeyProtectionRequired": { - "markdownDescription": "Requirer user input when using the private key for enrollment.", - "title": "StrongKeyProtectionRequired", - "type": "boolean" - } - }, - "required": [ - "ClientVersion" - ], - "type": "object" - }, - "AWS::PCAConnectorAD::Template.PrivateKeyFlagsV4": { - "additionalProperties": false, - "properties": { - "ClientVersion": { - "markdownDescription": "Defines the minimum client compatibility.", - "title": "ClientVersion", + "Source": { + "markdownDescription": "The key to modify", + "title": "Source", "type": "string" }, - "ExportableKey": { - "markdownDescription": "Allows the private key to be exported.", - "title": "ExportableKey", - "type": "boolean" - }, - "RequireAlternateSignatureAlgorithm": { - "markdownDescription": "Requires the PKCS #1 v2.1 signature format for certificates. You should verify that your CA, objects, and applications can accept this signature format.", - "title": "RequireAlternateSignatureAlgorithm", - "type": "boolean" - }, - "RequireSameKeyRenewal": { - "markdownDescription": "Renew certificate using the same private key.", - "title": "RequireSameKeyRenewal", - "type": "boolean" - }, - "StrongKeyProtectionRequired": { - "markdownDescription": "Require user input when using the private key for enrollment.", - "title": "StrongKeyProtectionRequired", - "type": "boolean" - }, - "UseLegacyProvider": { - "markdownDescription": "Specifies the cryptographic service provider category used to generate private keys. Set to TRUE to use Legacy Cryptographic Service Providers and FALSE to use Key Storage Providers.", - "title": "UseLegacyProvider", - "type": "boolean" + "To": { + "markdownDescription": "The string to be substituted for each match of `from`", + "title": "To", + "type": "string" } }, "required": [ - "ClientVersion" + "From", + "Source", + "To" ], "type": "object" }, - "AWS::PCAConnectorAD::Template.SubjectNameFlagsV2": { - "additionalProperties": false, - "properties": { - "RequireCommonName": { - "markdownDescription": "Include the common name in the subject name.", - "title": "RequireCommonName", - "type": "boolean" - }, - "RequireDirectoryPath": { - "markdownDescription": "Include the directory path in the subject name.", - "title": "RequireDirectoryPath", - "type": "boolean" - }, - "RequireDnsAsCn": { - "markdownDescription": "Include the DNS as common name in the subject name.", - "title": "RequireDnsAsCn", - "type": "boolean" - }, - "RequireEmail": { - "markdownDescription": "Include the subject's email in the subject name.", - "title": "RequireEmail", - "type": "boolean" - }, - "SanRequireDirectoryGuid": { - "markdownDescription": "Include the globally unique identifier (GUID) in the subject alternate name.", - "title": "SanRequireDirectoryGuid", - "type": "boolean" - }, - "SanRequireDns": { - "markdownDescription": "Include the DNS in the subject alternate name.", - "title": "SanRequireDns", - "type": "boolean" - }, - "SanRequireDomainDns": { - "markdownDescription": "Include the domain DNS in the subject alternate name.", - "title": "SanRequireDomainDns", - "type": "boolean" - }, - "SanRequireEmail": { - "markdownDescription": "Include the subject's email in the subject alternate name.", - "title": "SanRequireEmail", - "type": "boolean" - }, - "SanRequireSpn": { - "markdownDescription": "Include the service principal name (SPN) in the subject alternate name.", - "title": "SanRequireSpn", - "type": "boolean" - }, - "SanRequireUpn": { - "markdownDescription": "Include the user principal name (UPN) in the subject alternate name.", - "title": "SanRequireUpn", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::PCAConnectorAD::Template.SubjectNameFlagsV3": { - "additionalProperties": false, - "properties": { - "RequireCommonName": { - "markdownDescription": "Include the common name in the subject name.", - "title": "RequireCommonName", - "type": "boolean" - }, - "RequireDirectoryPath": { - "markdownDescription": "Include the directory path in the subject name.", - "title": "RequireDirectoryPath", - "type": "boolean" - }, - "RequireDnsAsCn": { - "markdownDescription": "Include the DNS as common name in the subject name.", - "title": "RequireDnsAsCn", - "type": "boolean" - }, - "RequireEmail": { - "markdownDescription": "Include the subject's email in the subject name.", - "title": "RequireEmail", - "type": "boolean" - }, - "SanRequireDirectoryGuid": { - "markdownDescription": "Include the globally unique identifier (GUID) in the subject alternate name.", - "title": "SanRequireDirectoryGuid", - "type": "boolean" - }, - "SanRequireDns": { - "markdownDescription": "Include the DNS in the subject alternate name.", - "title": "SanRequireDns", - "type": "boolean" - }, - "SanRequireDomainDns": { - "markdownDescription": "Include the domain DNS in the subject alternate name.", - "title": "SanRequireDomainDns", - "type": "boolean" - }, - "SanRequireEmail": { - "markdownDescription": "Include the subject's email in the subject alternate name.", - "title": "SanRequireEmail", - "type": "boolean" - }, - "SanRequireSpn": { - "markdownDescription": "Include the service principal name (SPN) in the subject alternate name.", - "title": "SanRequireSpn", - "type": "boolean" - }, - "SanRequireUpn": { - "markdownDescription": "Include the user principal name (UPN) in the subject alternate name.", - "title": "SanRequireUpn", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::PCAConnectorAD::Template.SubjectNameFlagsV4": { - "additionalProperties": false, - "properties": { - "RequireCommonName": { - "markdownDescription": "Include the common name in the subject name.", - "title": "RequireCommonName", - "type": "boolean" - }, - "RequireDirectoryPath": { - "markdownDescription": "Include the directory path in the subject name.", - "title": "RequireDirectoryPath", - "type": "boolean" - }, - "RequireDnsAsCn": { - "markdownDescription": "Include the DNS as common name in the subject name.", - "title": "RequireDnsAsCn", - "type": "boolean" - }, - "RequireEmail": { - "markdownDescription": "Include the subject's email in the subject name.", - "title": "RequireEmail", - "type": "boolean" - }, - "SanRequireDirectoryGuid": { - "markdownDescription": "Include the globally unique identifier (GUID) in the subject alternate name.", - "title": "SanRequireDirectoryGuid", - "type": "boolean" - }, - "SanRequireDns": { - "markdownDescription": "Include the DNS in the subject alternate name.", - "title": "SanRequireDns", - "type": "boolean" - }, - "SanRequireDomainDns": { - "markdownDescription": "Include the domain DNS in the subject alternate name.", - "title": "SanRequireDomainDns", - "type": "boolean" - }, - "SanRequireEmail": { - "markdownDescription": "Include the subject's email in the subject alternate name.", - "title": "SanRequireEmail", - "type": "boolean" - }, - "SanRequireSpn": { - "markdownDescription": "Include the service principal name (SPN) in the subject alternate name.", - "title": "SanRequireSpn", - "type": "boolean" - }, - "SanRequireUpn": { - "markdownDescription": "Include the user principal name (UPN) in the subject alternate name.", - "title": "SanRequireUpn", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::PCAConnectorAD::Template.TemplateDefinition": { - "additionalProperties": false, - "properties": { - "TemplateV2": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.TemplateV2", - "markdownDescription": "Template configuration to define the information included in certificates. Define certificate validity and renewal periods, certificate request handling and enrollment options, key usage extensions, application policies, and cryptography settings.", - "title": "TemplateV2" - }, - "TemplateV3": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.TemplateV3", - "markdownDescription": "Template configuration to define the information included in certificates. Define certificate validity and renewal periods, certificate request handling and enrollment options, key usage extensions, application policies, and cryptography settings.", - "title": "TemplateV3" - }, - "TemplateV4": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.TemplateV4", - "markdownDescription": "Template configuration to define the information included in certificates. Define certificate validity and renewal periods, certificate request handling and enrollment options, key usage extensions, application policies, and cryptography settings.", - "title": "TemplateV4" - } - }, - "type": "object" - }, - "AWS::PCAConnectorAD::Template.TemplateV2": { + "AWS::Logs::Transformer.TrimString": { "additionalProperties": false, "properties": { - "CertificateValidity": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.CertificateValidity", - "markdownDescription": "Certificate validity describes the validity and renewal periods of a certificate.", - "title": "CertificateValidity" - }, - "EnrollmentFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.EnrollmentFlagsV2", - "markdownDescription": "Enrollment flags describe the enrollment settings for certificates such as using the existing private key and deleting expired or revoked certificates.", - "title": "EnrollmentFlags" - }, - "Extensions": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ExtensionsV2", - "markdownDescription": "Extensions describe the key usage extensions and application policies for a template.", - "title": "Extensions" - }, - "GeneralFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.GeneralFlagsV2", - "markdownDescription": "General flags describe whether the template is used for computers or users and if the template can be used with autoenrollment.", - "title": "GeneralFlags" - }, - "PrivateKeyAttributes": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.PrivateKeyAttributesV2", - "markdownDescription": "Private key attributes allow you to specify the minimal key length, key spec, and cryptographic providers for the private key of a certificate for v2 templates. V2 templates allow you to use Legacy Cryptographic Service Providers.", - "title": "PrivateKeyAttributes" - }, - "PrivateKeyFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.PrivateKeyFlagsV2", - "markdownDescription": "Private key flags for v2 templates specify the client compatibility, if the private key can be exported, and if user input is required when using a private key.", - "title": "PrivateKeyFlags" - }, - "SubjectNameFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.SubjectNameFlagsV2", - "markdownDescription": "Subject name flags describe the subject name and subject alternate name that is included in a certificate.", - "title": "SubjectNameFlags" - }, - "SupersededTemplates": { + "WithKeys": { "items": { "type": "string" }, - "markdownDescription": "List of templates in Active Directory that are superseded by this template.", - "title": "SupersededTemplates", + "markdownDescription": "The array containing the keys of the fields to trim.", + "title": "WithKeys", "type": "array" } }, "required": [ - "CertificateValidity", - "EnrollmentFlags", - "Extensions", - "GeneralFlags", - "PrivateKeyAttributes", - "PrivateKeyFlags", - "SubjectNameFlags" + "WithKeys" ], "type": "object" }, - "AWS::PCAConnectorAD::Template.TemplateV3": { + "AWS::Logs::Transformer.TypeConverter": { "additionalProperties": false, "properties": { - "CertificateValidity": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.CertificateValidity", - "markdownDescription": "Certificate validity describes the validity and renewal periods of a certificate.", - "title": "CertificateValidity" - }, - "EnrollmentFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.EnrollmentFlagsV3", - "markdownDescription": "Enrollment flags describe the enrollment settings for certificates such as using the existing private key and deleting expired or revoked certificates.", - "title": "EnrollmentFlags" - }, - "Extensions": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ExtensionsV3", - "markdownDescription": "Extensions describe the key usage extensions and application policies for a template.", - "title": "Extensions" - }, - "GeneralFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.GeneralFlagsV3", - "markdownDescription": "General flags describe whether the template is used for computers or users and if the template can be used with autoenrollment.", - "title": "GeneralFlags" - }, - "HashAlgorithm": { - "markdownDescription": "Specifies the hash algorithm used to hash the private key.", - "title": "HashAlgorithm", - "type": "string" - }, - "PrivateKeyAttributes": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.PrivateKeyAttributesV3", - "markdownDescription": "Private key attributes allow you to specify the algorithm, minimal key length, key spec, key usage, and cryptographic providers for the private key of a certificate for v3 templates. V3 templates allow you to use Key Storage Providers.", - "title": "PrivateKeyAttributes" - }, - "PrivateKeyFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.PrivateKeyFlagsV3", - "markdownDescription": "Private key flags for v3 templates specify the client compatibility, if the private key can be exported, if user input is required when using a private key, and if an alternate signature algorithm should be used.", - "title": "PrivateKeyFlags" - }, - "SubjectNameFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.SubjectNameFlagsV3", - "markdownDescription": "Subject name flags describe the subject name and subject alternate name that is included in a certificate.", - "title": "SubjectNameFlags" - }, - "SupersededTemplates": { + "Entries": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Logs::Transformer.TypeConverterEntry" }, - "markdownDescription": "List of templates in Active Directory that are superseded by this template.", - "title": "SupersededTemplates", + "markdownDescription": "An array of `TypeConverterEntry` objects, where each object contains the information about one field to change the type of.", + "title": "Entries", "type": "array" } }, "required": [ - "CertificateValidity", - "EnrollmentFlags", - "Extensions", - "GeneralFlags", - "HashAlgorithm", - "PrivateKeyAttributes", - "PrivateKeyFlags", - "SubjectNameFlags" + "Entries" ], "type": "object" }, - "AWS::PCAConnectorAD::Template.TemplateV4": { + "AWS::Logs::Transformer.TypeConverterEntry": { "additionalProperties": false, "properties": { - "CertificateValidity": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.CertificateValidity", - "markdownDescription": "Certificate validity describes the validity and renewal periods of a certificate.", - "title": "CertificateValidity" - }, - "EnrollmentFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.EnrollmentFlagsV4", - "markdownDescription": "Enrollment flags describe the enrollment settings for certificates using the existing private key and deleting expired or revoked certificates.", - "title": "EnrollmentFlags" - }, - "Extensions": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ExtensionsV4", - "markdownDescription": "Extensions describe the key usage extensions and application policies for a template.", - "title": "Extensions" - }, - "GeneralFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.GeneralFlagsV4", - "markdownDescription": "General flags describe whether the template is used for computers or users and if the template can be used with autoenrollment.", - "title": "GeneralFlags" - }, - "HashAlgorithm": { - "markdownDescription": "Specifies the hash algorithm used to hash the private key. Hash algorithm can only be specified when using Key Storage Providers.", - "title": "HashAlgorithm", + "Key": { + "markdownDescription": "The key with the value that is to be converted to a different type.", + "title": "Key", "type": "string" }, - "PrivateKeyAttributes": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.PrivateKeyAttributesV4", - "markdownDescription": "Private key attributes allow you to specify the minimal key length, key spec, key usage, and cryptographic providers for the private key of a certificate for v4 templates. V4 templates allow you to use either Key Storage Providers or Legacy Cryptographic Service Providers. You specify the cryptography provider category in private key flags.", - "title": "PrivateKeyAttributes" - }, - "PrivateKeyFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.PrivateKeyFlagsV4", - "markdownDescription": "Private key flags for v4 templates specify the client compatibility, if the private key can be exported, if user input is required when using a private key, if an alternate signature algorithm should be used, and if certificates are renewed using the same private key.", - "title": "PrivateKeyFlags" - }, - "SubjectNameFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.SubjectNameFlagsV4", - "markdownDescription": "Subject name flags describe the subject name and subject alternate name that is included in a certificate.", - "title": "SubjectNameFlags" - }, - "SupersededTemplates": { - "items": { - "type": "string" - }, - "markdownDescription": "List of templates in Active Directory that are superseded by this template.", - "title": "SupersededTemplates", - "type": "array" + "Type": { + "markdownDescription": "The type to convert the field value to. Valid values are `integer` , `double` , `string` and `boolean` .", + "title": "Type", + "type": "string" } }, "required": [ - "CertificateValidity", - "EnrollmentFlags", - "Extensions", - "GeneralFlags", - "PrivateKeyAttributes", - "PrivateKeyFlags", - "SubjectNameFlags" + "Key", + "Type" ], "type": "object" }, - "AWS::PCAConnectorAD::Template.ValidityPeriod": { + "AWS::Logs::Transformer.UpperCaseString": { "additionalProperties": false, "properties": { - "Period": { - "markdownDescription": "The numeric value for the validity period.", - "title": "Period", - "type": "number" - }, - "PeriodType": { - "markdownDescription": "The unit of time. You can select hours, days, weeks, months, and years.", - "title": "PeriodType", - "type": "string" + "WithKeys": { + "items": { + "type": "string" + }, + "markdownDescription": "The array of containing the keys of the field to convert to uppercase.", + "title": "WithKeys", + "type": "array" } }, "required": [ - "Period", - "PeriodType" + "WithKeys" ], "type": "object" }, - "AWS::PCAConnectorAD::TemplateGroupAccessControlEntry": { + "AWS::LookoutEquipment::InferenceScheduler": { "additionalProperties": false, "properties": { "Condition": { @@ -176086,158 +178929,67 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessRights": { - "$ref": "#/definitions/AWS::PCAConnectorAD::TemplateGroupAccessControlEntry.AccessRights", - "markdownDescription": "Permissions to allow or deny an Active Directory group to enroll or autoenroll certificates issued against a template.", - "title": "AccessRights" - }, - "GroupDisplayName": { - "markdownDescription": "Name of the Active Directory group. This name does not need to match the group name in Active Directory.", - "title": "GroupDisplayName", - "type": "string" + "DataDelayOffsetInMinutes": { + "markdownDescription": "A period of time (in minutes) by which inference on the data is delayed after the data starts. For instance, if an offset delay time of five minutes was selected, inference will not begin on the data until the first data measurement after the five minute mark. For example, if five minutes is selected, the inference scheduler will wake up at the configured frequency with the additional five minute delay time to check the customer S3 bucket. The customer can upload data at the same frequency and they don't need to stop and restart the scheduler when uploading new data.", + "title": "DataDelayOffsetInMinutes", + "type": "number" }, - "GroupSecurityIdentifier": { - "markdownDescription": "Security identifier (SID) of the group object from Active Directory. The SID starts with \"S-\".", - "title": "GroupSecurityIdentifier", - "type": "string" + "DataInputConfiguration": { + "$ref": "#/definitions/AWS::LookoutEquipment::InferenceScheduler.DataInputConfiguration", + "markdownDescription": "Specifies configuration information for the input data for the inference scheduler, including delimiter, format, and dataset location.", + "title": "DataInputConfiguration" }, - "TemplateArn": { - "markdownDescription": "The Amazon Resource Name (ARN) that was returned when you called [CreateTemplate](https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateTemplate.html) .", - "title": "TemplateArn", - "type": "string" - } - }, - "required": [ - "AccessRights", - "GroupDisplayName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::PCAConnectorAD::TemplateGroupAccessControlEntry" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::PCAConnectorAD::TemplateGroupAccessControlEntry.AccessRights": { - "additionalProperties": false, - "properties": { - "AutoEnroll": { - "markdownDescription": "Allow or deny an Active Directory group from autoenrolling certificates issued against a template. The Active Directory group must be allowed to enroll to allow autoenrollment", - "title": "AutoEnroll", - "type": "string" - }, - "Enroll": { - "markdownDescription": "Allow or deny an Active Directory group from enrolling certificates issued against a template.", - "title": "Enroll", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Panorama::ApplicationInstance": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" + "DataOutputConfiguration": { + "$ref": "#/definitions/AWS::LookoutEquipment::InferenceScheduler.DataOutputConfiguration", + "markdownDescription": "Specifies configuration information for the output results for the inference scheduler, including the Amazon S3 location for the output.", + "title": "DataOutputConfiguration" }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ApplicationInstanceIdToReplace": { - "markdownDescription": "The ID of an application instance to replace with the new instance.", - "title": "ApplicationInstanceIdToReplace", + "DataUploadFrequency": { + "markdownDescription": "How often data is uploaded to the source S3 bucket for the input data. This value is the length of time between data uploads. For instance, if you select 5 minutes, Amazon Lookout for Equipment will upload the real-time data to the source bucket once every 5 minutes. This frequency also determines how often Amazon Lookout for Equipment starts a scheduled inference on your data. In this example, it starts once every 5 minutes.", + "title": "DataUploadFrequency", "type": "string" }, - "DefaultRuntimeContextDevice": { - "markdownDescription": "The device's ID.", - "title": "DefaultRuntimeContextDevice", + "InferenceSchedulerName": { + "markdownDescription": "The name of the inference scheduler.", + "title": "InferenceSchedulerName", "type": "string" }, - "Description": { - "markdownDescription": "A description for the application instance.", - "title": "Description", + "ModelName": { + "markdownDescription": "The name of the machine learning model used for the inference scheduler.", + "title": "ModelName", "type": "string" }, - "ManifestOverridesPayload": { - "$ref": "#/definitions/AWS::Panorama::ApplicationInstance.ManifestOverridesPayload", - "markdownDescription": "Setting overrides for the application manifest.", - "title": "ManifestOverridesPayload" - }, - "ManifestPayload": { - "$ref": "#/definitions/AWS::Panorama::ApplicationInstance.ManifestPayload", - "markdownDescription": "The application's manifest document.", - "title": "ManifestPayload" - }, - "Name": { - "markdownDescription": "A name for the application instance.", - "title": "Name", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of a role with permission to access the data source being used for the inference.", + "title": "RoleArn", "type": "string" }, - "RuntimeRoleArn": { - "markdownDescription": "The ARN of a runtime role for the application instance.", - "title": "RuntimeRoleArn", + "ServerSideKmsKeyId": { + "markdownDescription": "Provides the identifier of the AWS KMS key used to encrypt inference scheduler data by Amazon Lookout for Equipment .", + "title": "ServerSideKmsKeyId", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Tags for the application instance.", + "markdownDescription": "Any tags associated with the inference scheduler.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ - "DefaultRuntimeContextDevice", - "ManifestPayload" + "DataInputConfiguration", + "DataOutputConfiguration", + "DataUploadFrequency", + "ModelName", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Panorama::ApplicationInstance" + "AWS::LookoutEquipment::InferenceScheduler" ], "type": "string" }, @@ -176256,140 +179008,104 @@ ], "type": "object" }, - "AWS::Panorama::ApplicationInstance.ManifestOverridesPayload": { + "AWS::LookoutEquipment::InferenceScheduler.DataInputConfiguration": { "additionalProperties": false, "properties": { - "PayloadData": { - "markdownDescription": "The overrides document.", - "title": "PayloadData", + "InferenceInputNameConfiguration": { + "$ref": "#/definitions/AWS::LookoutEquipment::InferenceScheduler.InputNameConfiguration", + "markdownDescription": "", + "title": "InferenceInputNameConfiguration" + }, + "InputTimeZoneOffset": { + "markdownDescription": "", + "title": "InputTimeZoneOffset", "type": "string" + }, + "S3InputConfiguration": { + "$ref": "#/definitions/AWS::LookoutEquipment::InferenceScheduler.S3InputConfiguration", + "markdownDescription": "", + "title": "S3InputConfiguration" } }, + "required": [ + "S3InputConfiguration" + ], "type": "object" }, - "AWS::Panorama::ApplicationInstance.ManifestPayload": { + "AWS::LookoutEquipment::InferenceScheduler.DataOutputConfiguration": { "additionalProperties": false, "properties": { - "PayloadData": { - "markdownDescription": "The application manifest.", - "title": "PayloadData", + "KmsKeyId": { + "markdownDescription": "", + "title": "KmsKeyId", "type": "string" + }, + "S3OutputConfiguration": { + "$ref": "#/definitions/AWS::LookoutEquipment::InferenceScheduler.S3OutputConfiguration", + "markdownDescription": "", + "title": "S3OutputConfiguration" } }, + "required": [ + "S3OutputConfiguration" + ], "type": "object" }, - "AWS::Panorama::Package": { + "AWS::LookoutEquipment::InferenceScheduler.InputNameConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "ComponentTimestampDelimiter": { + "markdownDescription": "", + "title": "ComponentTimestampDelimiter", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TimestampFormat": { + "markdownDescription": "", + "title": "TimestampFormat", "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "PackageName": { - "markdownDescription": "A name for the package.", - "title": "PackageName", - "type": "string" - }, - "StorageLocation": { - "$ref": "#/definitions/AWS::Panorama::Package.StorageLocation", - "markdownDescription": "A storage location.", - "title": "StorageLocation" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Tags for the package.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "PackageName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Panorama::Package" - ], + } + }, + "type": "object" + }, + "AWS::LookoutEquipment::InferenceScheduler.S3InputConfiguration": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "", + "title": "Bucket", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Prefix": { + "markdownDescription": "", + "title": "Prefix", "type": "string" } }, "required": [ - "Type", - "Properties" + "Bucket" ], "type": "object" }, - "AWS::Panorama::Package.StorageLocation": { + "AWS::LookoutEquipment::InferenceScheduler.S3OutputConfiguration": { "additionalProperties": false, "properties": { - "BinaryPrefixLocation": { - "markdownDescription": "The location's binary prefix.", - "title": "BinaryPrefixLocation", - "type": "string" - }, "Bucket": { - "markdownDescription": "The location's bucket.", + "markdownDescription": "", "title": "Bucket", "type": "string" }, - "GeneratedPrefixLocation": { - "markdownDescription": "The location's generated prefix.", - "title": "GeneratedPrefixLocation", - "type": "string" - }, - "ManifestPrefixLocation": { - "markdownDescription": "The location's manifest prefix.", - "title": "ManifestPrefixLocation", - "type": "string" - }, - "RepoPrefixLocation": { - "markdownDescription": "The location's repo prefix.", - "title": "RepoPrefixLocation", + "Prefix": { + "markdownDescription": "", + "title": "Prefix", "type": "string" } }, + "required": [ + "Bucket" + ], "type": "object" }, - "AWS::Panorama::PackageVersion": { + "AWS::LookoutMetrics::Alert": { "additionalProperties": false, "properties": { "Condition": { @@ -176424,47 +179140,42 @@ "Properties": { "additionalProperties": false, "properties": { - "MarkLatest": { - "markdownDescription": "Whether to mark the new version as the latest version.", - "title": "MarkLatest", - "type": "boolean" - }, - "OwnerAccount": { - "markdownDescription": "An owner account.", - "title": "OwnerAccount", - "type": "string" + "Action": { + "$ref": "#/definitions/AWS::LookoutMetrics::Alert.Action", + "markdownDescription": "Action that will be triggered when there is an alert.", + "title": "Action" }, - "PackageId": { - "markdownDescription": "A package ID.", - "title": "PackageId", + "AlertDescription": { + "markdownDescription": "A description of the alert.", + "title": "AlertDescription", "type": "string" }, - "PackageVersion": { - "markdownDescription": "A package version.", - "title": "PackageVersion", + "AlertName": { + "markdownDescription": "The name of the alert.", + "title": "AlertName", "type": "string" }, - "PatchVersion": { - "markdownDescription": "A patch version.", - "title": "PatchVersion", - "type": "string" + "AlertSensitivityThreshold": { + "markdownDescription": "An integer from 0 to 100 specifying the alert sensitivity threshold.", + "title": "AlertSensitivityThreshold", + "type": "number" }, - "UpdatedLatestPatchVersion": { - "markdownDescription": "If the version was marked latest, the new version to maker as latest.", - "title": "UpdatedLatestPatchVersion", + "AnomalyDetectorArn": { + "markdownDescription": "The ARN of the detector to which the alert is attached.", + "title": "AnomalyDetectorArn", "type": "string" } }, "required": [ - "PackageId", - "PackageVersion", - "PatchVersion" + "Action", + "AlertSensitivityThreshold", + "AnomalyDetectorArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Panorama::PackageVersion" + "AWS::LookoutMetrics::Alert" ], "type": "string" }, @@ -176483,79 +179194,63 @@ ], "type": "object" }, - "AWS::PaymentCryptography::Alias": { + "AWS::LookoutMetrics::Alert.Action": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "LambdaConfiguration": { + "$ref": "#/definitions/AWS::LookoutMetrics::Alert.LambdaConfiguration", + "markdownDescription": "A configuration for an AWS Lambda channel.", + "title": "LambdaConfiguration" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SNSConfiguration": { + "$ref": "#/definitions/AWS::LookoutMetrics::Alert.SNSConfiguration", + "markdownDescription": "A configuration for an Amazon SNS channel.", + "title": "SNSConfiguration" + } + }, + "type": "object" + }, + "AWS::LookoutMetrics::Alert.LambdaConfiguration": { + "additionalProperties": false, + "properties": { + "LambdaArn": { + "markdownDescription": "The ARN of the Lambda function.", + "title": "LambdaArn", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AliasName": { - "markdownDescription": "A friendly name that you can use to refer to a key. The value must begin with `alias/` .\n\n> Do not include confidential or sensitive information in this field. This field may be displayed in plaintext in AWS CloudTrail logs and other output.", - "title": "AliasName", - "type": "string" - }, - "KeyArn": { - "markdownDescription": "The `KeyARN` of the key associated with the alias.", - "title": "KeyArn", - "type": "string" - } - }, - "required": [ - "AliasName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::PaymentCryptography::Alias" - ], + "RoleArn": { + "markdownDescription": "The ARN of an IAM role that has permission to invoke the Lambda function.", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "LambdaArn", + "RoleArn" + ], + "type": "object" + }, + "AWS::LookoutMetrics::Alert.SNSConfiguration": { + "additionalProperties": false, + "properties": { + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that has access to the target SNS topic.", + "title": "RoleArn", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SnsTopicArn": { + "markdownDescription": "The ARN of the target SNS topic.", + "title": "SnsTopicArn", "type": "string" } }, "required": [ - "Type", - "Properties" + "RoleArn", + "SnsTopicArn" ], "type": "object" }, - "AWS::PaymentCryptography::Key": { + "AWS::LookoutMetrics::AnomalyDetector": { "additionalProperties": false, "properties": { "Condition": { @@ -176590,44 +179285,44 @@ "Properties": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Specifies whether the key is enabled.", - "title": "Enabled", - "type": "boolean" + "AnomalyDetectorConfig": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.AnomalyDetectorConfig", + "markdownDescription": "Contains information about the configuration of the anomaly detector.", + "title": "AnomalyDetectorConfig" }, - "Exportable": { - "markdownDescription": "Specifies whether the key is exportable. This data is immutable after the key is created.", - "title": "Exportable", - "type": "boolean" + "AnomalyDetectorDescription": { + "markdownDescription": "A description of the detector.", + "title": "AnomalyDetectorDescription", + "type": "string" }, - "KeyAttributes": { - "$ref": "#/definitions/AWS::PaymentCryptography::Key.KeyAttributes", - "markdownDescription": "The role of the key, the algorithm it supports, and the cryptographic operations allowed with the key. This data is immutable after the key is created.", - "title": "KeyAttributes" + "AnomalyDetectorName": { + "markdownDescription": "The name of the detector.", + "title": "AnomalyDetectorName", + "type": "string" }, - "KeyCheckValueAlgorithm": { - "markdownDescription": "The algorithm that AWS Payment Cryptography uses to calculate the key check value (KCV). It is used to validate the key integrity.\n\nFor TDES keys, the KCV is computed by encrypting 8 bytes, each with value of zero, with the key to be checked and retaining the 3 highest order bytes of the encrypted result. For AES keys, the KCV is computed using a CMAC algorithm where the input data is 16 bytes of zero and retaining the 3 highest order bytes of the encrypted result.", - "title": "KeyCheckValueAlgorithm", + "KmsKeyArn": { + "markdownDescription": "The ARN of the KMS key to use to encrypt your data.", + "title": "KmsKeyArn", "type": "string" }, - "Tags": { + "MetricSetList": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.MetricSet" }, - "markdownDescription": "", - "title": "Tags", + "markdownDescription": "The detector's dataset.", + "title": "MetricSetList", "type": "array" } }, "required": [ - "Exportable", - "KeyAttributes" + "AnomalyDetectorConfig", + "MetricSetList" ], "type": "object" }, "Type": { "enum": [ - "AWS::PaymentCryptography::Key" + "AWS::LookoutMetrics::AnomalyDetector" ], "type": "string" }, @@ -176646,95 +179341,439 @@ ], "type": "object" }, - "AWS::PaymentCryptography::Key.KeyAttributes": { + "AWS::LookoutMetrics::AnomalyDetector.AnomalyDetectorConfig": { "additionalProperties": false, "properties": { - "KeyAlgorithm": { - "markdownDescription": "The key algorithm to be use during creation of an AWS Payment Cryptography key.\n\nFor symmetric keys, AWS Payment Cryptography supports `AES` and `TDES` algorithms. For asymmetric keys, AWS Payment Cryptography supports `RSA` and `ECC_NIST` algorithms.", - "title": "KeyAlgorithm", - "type": "string" - }, - "KeyClass": { - "markdownDescription": "The type of AWS Payment Cryptography key to create, which determines the classi\ufb01cation of the cryptographic method and whether AWS Payment Cryptography key contains a symmetric key or an asymmetric key pair.", - "title": "KeyClass", - "type": "string" - }, - "KeyModesOfUse": { - "$ref": "#/definitions/AWS::PaymentCryptography::Key.KeyModesOfUse", - "markdownDescription": "The list of cryptographic operations that you can perform using the key.", - "title": "KeyModesOfUse" - }, - "KeyUsage": { - "markdownDescription": "The cryptographic usage of an AWS Payment Cryptography key as de\ufb01ned in section A.5.2 of the TR-31 spec.", - "title": "KeyUsage", + "AnomalyDetectorFrequency": { + "markdownDescription": "The frequency at which the detector analyzes its source data.", + "title": "AnomalyDetectorFrequency", "type": "string" } }, "required": [ - "KeyAlgorithm", - "KeyClass", - "KeyModesOfUse", - "KeyUsage" + "AnomalyDetectorFrequency" ], "type": "object" }, - "AWS::PaymentCryptography::Key.KeyModesOfUse": { + "AWS::LookoutMetrics::AnomalyDetector.AppFlowConfig": { "additionalProperties": false, "properties": { - "Decrypt": { - "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used to decrypt data.", - "title": "Decrypt", - "type": "boolean" - }, - "DeriveKey": { - "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used to derive new keys.", - "title": "DeriveKey", - "type": "boolean" - }, - "Encrypt": { - "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used to encrypt data.", - "title": "Encrypt", - "type": "boolean" - }, - "Generate": { - "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used to generate and verify other card and PIN verification keys.", - "title": "Generate", - "type": "boolean" - }, - "NoRestrictions": { - "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key has no special restrictions other than the restrictions implied by `KeyUsage` .", - "title": "NoRestrictions", - "type": "boolean" - }, - "Sign": { - "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used for signing.", - "title": "Sign", - "type": "boolean" - }, - "Unwrap": { - "markdownDescription": "", - "title": "Unwrap", - "type": "boolean" - }, - "Verify": { - "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used to verify signatures.", - "title": "Verify", - "type": "boolean" + "FlowName": { + "markdownDescription": "name of the flow.", + "title": "FlowName", + "type": "string" }, - "Wrap": { - "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used to wrap other keys.", - "title": "Wrap", - "type": "boolean" + "RoleArn": { + "markdownDescription": "An IAM role that gives Amazon Lookout for Metrics permission to access the flow.", + "title": "RoleArn", + "type": "string" } }, + "required": [ + "FlowName", + "RoleArn" + ], "type": "object" }, - "AWS::Personalize::Dataset": { + "AWS::LookoutMetrics::AnomalyDetector.CloudwatchConfig": { "additionalProperties": false, "properties": { - "Condition": { + "RoleArn": { + "markdownDescription": "An IAM role that gives Amazon Lookout for Metrics permission to access data in Amazon CloudWatch.", + "title": "RoleArn", "type": "string" - }, + } + }, + "required": [ + "RoleArn" + ], + "type": "object" + }, + "AWS::LookoutMetrics::AnomalyDetector.CsvFormatDescriptor": { + "additionalProperties": false, + "properties": { + "Charset": { + "markdownDescription": "The character set in which the source CSV file is written.", + "title": "Charset", + "type": "string" + }, + "ContainsHeader": { + "markdownDescription": "Whether or not the source CSV file contains a header.", + "title": "ContainsHeader", + "type": "boolean" + }, + "Delimiter": { + "markdownDescription": "The character used to delimit the source CSV file.", + "title": "Delimiter", + "type": "string" + }, + "FileCompression": { + "markdownDescription": "The level of compression of the source CSV file.", + "title": "FileCompression", + "type": "string" + }, + "HeaderList": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the source CSV file's headers, if any.", + "title": "HeaderList", + "type": "array" + }, + "QuoteSymbol": { + "markdownDescription": "The character used as a quote character.", + "title": "QuoteSymbol", + "type": "string" + } + }, + "type": "object" + }, + "AWS::LookoutMetrics::AnomalyDetector.FileFormatDescriptor": { + "additionalProperties": false, + "properties": { + "CsvFormatDescriptor": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.CsvFormatDescriptor", + "markdownDescription": "Contains information about how a source CSV data file should be analyzed.", + "title": "CsvFormatDescriptor" + }, + "JsonFormatDescriptor": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.JsonFormatDescriptor", + "markdownDescription": "Contains information about how a source JSON data file should be analyzed.", + "title": "JsonFormatDescriptor" + } + }, + "type": "object" + }, + "AWS::LookoutMetrics::AnomalyDetector.JsonFormatDescriptor": { + "additionalProperties": false, + "properties": { + "Charset": { + "markdownDescription": "The character set in which the source JSON file is written.", + "title": "Charset", + "type": "string" + }, + "FileCompression": { + "markdownDescription": "The level of compression of the source CSV file.", + "title": "FileCompression", + "type": "string" + } + }, + "type": "object" + }, + "AWS::LookoutMetrics::AnomalyDetector.Metric": { + "additionalProperties": false, + "properties": { + "AggregationFunction": { + "markdownDescription": "The function with which the metric is calculated.", + "title": "AggregationFunction", + "type": "string" + }, + "MetricName": { + "markdownDescription": "The name of the metric.", + "title": "MetricName", + "type": "string" + }, + "Namespace": { + "markdownDescription": "The namespace for the metric.", + "title": "Namespace", + "type": "string" + } + }, + "required": [ + "AggregationFunction", + "MetricName" + ], + "type": "object" + }, + "AWS::LookoutMetrics::AnomalyDetector.MetricSet": { + "additionalProperties": false, + "properties": { + "DimensionList": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the fields you want to treat as dimensions.", + "title": "DimensionList", + "type": "array" + }, + "MetricList": { + "items": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.Metric" + }, + "markdownDescription": "A list of metrics that the dataset will contain.", + "title": "MetricList", + "type": "array" + }, + "MetricSetDescription": { + "markdownDescription": "A description of the dataset you are creating.", + "title": "MetricSetDescription", + "type": "string" + }, + "MetricSetFrequency": { + "markdownDescription": "The frequency with which the source data will be analyzed for anomalies.", + "title": "MetricSetFrequency", + "type": "string" + }, + "MetricSetName": { + "markdownDescription": "The name of the dataset.", + "title": "MetricSetName", + "type": "string" + }, + "MetricSource": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.MetricSource", + "markdownDescription": "Contains information about how the source data should be interpreted.", + "title": "MetricSource" + }, + "Offset": { + "markdownDescription": "After an interval ends, the amount of seconds that the detector waits before importing data. Offset is only supported for S3, Redshift, Athena and datasources.", + "title": "Offset", + "type": "number" + }, + "TimestampColumn": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.TimestampColumn", + "markdownDescription": "Contains information about the column used for tracking time in your source data.", + "title": "TimestampColumn" + }, + "Timezone": { + "markdownDescription": "The time zone in which your source data was recorded.", + "title": "Timezone", + "type": "string" + } + }, + "required": [ + "MetricList", + "MetricSetName", + "MetricSource" + ], + "type": "object" + }, + "AWS::LookoutMetrics::AnomalyDetector.MetricSource": { + "additionalProperties": false, + "properties": { + "AppFlowConfig": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.AppFlowConfig", + "markdownDescription": "Details about an AppFlow datasource.", + "title": "AppFlowConfig" + }, + "CloudwatchConfig": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.CloudwatchConfig", + "markdownDescription": "Details about an Amazon CloudWatch monitoring datasource.", + "title": "CloudwatchConfig" + }, + "RDSSourceConfig": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.RDSSourceConfig", + "markdownDescription": "Details about an Amazon Relational Database Service (RDS) datasource.", + "title": "RDSSourceConfig" + }, + "RedshiftSourceConfig": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.RedshiftSourceConfig", + "markdownDescription": "Details about an Amazon Redshift database datasource.", + "title": "RedshiftSourceConfig" + }, + "S3SourceConfig": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.S3SourceConfig", + "markdownDescription": "Contains information about the configuration of the S3 bucket that contains source files.", + "title": "S3SourceConfig" + } + }, + "type": "object" + }, + "AWS::LookoutMetrics::AnomalyDetector.RDSSourceConfig": { + "additionalProperties": false, + "properties": { + "DBInstanceIdentifier": { + "markdownDescription": "A string identifying the database instance.", + "title": "DBInstanceIdentifier", + "type": "string" + }, + "DatabaseHost": { + "markdownDescription": "The host name of the database.", + "title": "DatabaseHost", + "type": "string" + }, + "DatabaseName": { + "markdownDescription": "The name of the RDS database.", + "title": "DatabaseName", + "type": "string" + }, + "DatabasePort": { + "markdownDescription": "The port number where the database can be accessed.", + "title": "DatabasePort", + "type": "number" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role.", + "title": "RoleArn", + "type": "string" + }, + "SecretManagerArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Secrets Manager role.", + "title": "SecretManagerArn", + "type": "string" + }, + "TableName": { + "markdownDescription": "The name of the table in the database.", + "title": "TableName", + "type": "string" + }, + "VpcConfiguration": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.VpcConfiguration", + "markdownDescription": "An object containing information about the Amazon Virtual Private Cloud (VPC) configuration.", + "title": "VpcConfiguration" + } + }, + "required": [ + "DBInstanceIdentifier", + "DatabaseHost", + "DatabaseName", + "DatabasePort", + "RoleArn", + "SecretManagerArn", + "TableName", + "VpcConfiguration" + ], + "type": "object" + }, + "AWS::LookoutMetrics::AnomalyDetector.RedshiftSourceConfig": { + "additionalProperties": false, + "properties": { + "ClusterIdentifier": { + "markdownDescription": "A string identifying the Redshift cluster.", + "title": "ClusterIdentifier", + "type": "string" + }, + "DatabaseHost": { + "markdownDescription": "The name of the database host.", + "title": "DatabaseHost", + "type": "string" + }, + "DatabaseName": { + "markdownDescription": "The Redshift database name.", + "title": "DatabaseName", + "type": "string" + }, + "DatabasePort": { + "markdownDescription": "The port number where the database can be accessed.", + "title": "DatabasePort", + "type": "number" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role providing access to the database.", + "title": "RoleArn", + "type": "string" + }, + "SecretManagerArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Secrets Manager role.", + "title": "SecretManagerArn", + "type": "string" + }, + "TableName": { + "markdownDescription": "The table name of the Redshift database.", + "title": "TableName", + "type": "string" + }, + "VpcConfiguration": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.VpcConfiguration", + "markdownDescription": "Contains information about the Amazon Virtual Private Cloud (VPC) configuration.", + "title": "VpcConfiguration" + } + }, + "required": [ + "ClusterIdentifier", + "DatabaseHost", + "DatabaseName", + "DatabasePort", + "RoleArn", + "SecretManagerArn", + "TableName", + "VpcConfiguration" + ], + "type": "object" + }, + "AWS::LookoutMetrics::AnomalyDetector.S3SourceConfig": { + "additionalProperties": false, + "properties": { + "FileFormatDescriptor": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.FileFormatDescriptor", + "markdownDescription": "Contains information about a source file's formatting.", + "title": "FileFormatDescriptor" + }, + "HistoricalDataPathList": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of paths to the historical data files.", + "title": "HistoricalDataPathList", + "type": "array" + }, + "RoleArn": { + "markdownDescription": "The ARN of an IAM role that has read and write access permissions to the source S3 bucket.", + "title": "RoleArn", + "type": "string" + }, + "TemplatedPathList": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of templated paths to the source files.", + "title": "TemplatedPathList", + "type": "array" + } + }, + "required": [ + "FileFormatDescriptor", + "RoleArn" + ], + "type": "object" + }, + "AWS::LookoutMetrics::AnomalyDetector.TimestampColumn": { + "additionalProperties": false, + "properties": { + "ColumnFormat": { + "markdownDescription": "The format of the timestamp column.", + "title": "ColumnFormat", + "type": "string" + }, + "ColumnName": { + "markdownDescription": "The name of the timestamp column.", + "title": "ColumnName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::LookoutMetrics::AnomalyDetector.VpcConfiguration": { + "additionalProperties": false, + "properties": { + "SecurityGroupIdList": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of strings containing the list of security groups.", + "title": "SecurityGroupIdList", + "type": "array" + }, + "SubnetIdList": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of strings containing the Amazon VPC subnet IDs (e.g., `subnet-0bb1c79de3EXAMPLE` .", + "title": "SubnetIdList", + "type": "array" + } + }, + "required": [ + "SecurityGroupIdList", + "SubnetIdList" + ], + "type": "object" + }, + "AWS::LookoutVision::Project": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, "DeletionPolicy": { "enum": [ "Delete", @@ -176764,43 +179803,20 @@ "Properties": { "additionalProperties": false, "properties": { - "DatasetGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the dataset group.", - "title": "DatasetGroupArn", - "type": "string" - }, - "DatasetImportJob": { - "$ref": "#/definitions/AWS::Personalize::Dataset.DatasetImportJob", - "markdownDescription": "Describes a job that imports training data from a data source (Amazon S3 bucket) to an Amazon Personalize dataset. If you specify a dataset import job as part of a dataset, all dataset import job fields are required.", - "title": "DatasetImportJob" - }, - "DatasetType": { - "markdownDescription": "One of the following values:\n\n- Interactions\n- Items\n- Users\n\n> You can't use CloudFormation to create an Action Interactions or Actions dataset.", - "title": "DatasetType", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the dataset.", - "title": "Name", - "type": "string" - }, - "SchemaArn": { - "markdownDescription": "The ARN of the associated schema.", - "title": "SchemaArn", + "ProjectName": { + "markdownDescription": "The name of the project.", + "title": "ProjectName", "type": "string" } }, "required": [ - "DatasetGroupArn", - "DatasetType", - "Name", - "SchemaArn" + "ProjectName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Personalize::Dataset" + "AWS::LookoutVision::Project" ], "type": "string" }, @@ -176819,49 +179835,7 @@ ], "type": "object" }, - "AWS::Personalize::Dataset.DataSource": { - "additionalProperties": false, - "properties": { - "DataLocation": { - "markdownDescription": "For dataset import jobs, the path to the Amazon S3 bucket where the data that you want to upload to your dataset is stored. For data deletion jobs, the path to the Amazon S3 bucket that stores the list of records to delete.\n\nFor example:\n\n`s3://bucket-name/folder-name/fileName.csv`\n\nIf your CSV files are in a folder in your Amazon S3 bucket and you want your import job or data deletion job to consider multiple files, you can specify the path to the folder. With a data deletion job, Amazon Personalize uses all files in the folder and any sub folder. Use the following syntax with a `/` after the folder name:\n\n`s3://bucket-name/folder-name/`", - "title": "DataLocation", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Personalize::Dataset.DatasetImportJob": { - "additionalProperties": false, - "properties": { - "DataSource": { - "$ref": "#/definitions/AWS::Personalize::Dataset.DataSource", - "markdownDescription": "The Amazon S3 bucket that contains the training data to import.", - "title": "DataSource" - }, - "DatasetArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the dataset that receives the imported data.", - "title": "DatasetArn", - "type": "string" - }, - "DatasetImportJobArn": { - "markdownDescription": "The ARN of the dataset import job.", - "title": "DatasetImportJobArn", - "type": "string" - }, - "JobName": { - "markdownDescription": "The name of the import job.", - "title": "JobName", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role that has permissions to read from the Amazon S3 data source.", - "title": "RoleArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Personalize::DatasetGroup": { + "AWS::M2::Application": { "additionalProperties": false, "properties": { "Condition": { @@ -176896,35 +179870,57 @@ "Properties": { "additionalProperties": false, "properties": { - "Domain": { - "markdownDescription": "The domain of a Domain dataset group.", - "title": "Domain", + "Definition": { + "$ref": "#/definitions/AWS::M2::Application.Definition", + "markdownDescription": "The application definition for a particular application. You can specify either inline JSON or an Amazon S3 bucket location.\n\nFor information about application definitions, see the [AWS Mainframe Modernization User Guide](https://docs.aws.amazon.com/m2/latest/userguide/applications-m2-definition.html) .", + "title": "Definition" + }, + "Description": { + "markdownDescription": "The description of the application.", + "title": "Description", "type": "string" }, - "KmsKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) key used to encrypt the datasets.", - "title": "KmsKeyArn", + "EngineType": { + "markdownDescription": "The type of the target platform for this application.", + "title": "EngineType", + "type": "string" + }, + "KmsKeyId": { + "markdownDescription": "The identifier of a customer managed key.", + "title": "KmsKeyId", "type": "string" }, "Name": { - "markdownDescription": "The name of the dataset group.", + "markdownDescription": "The name of the application.", "title": "Name", "type": "string" }, "RoleArn": { - "markdownDescription": "The ARN of the AWS Identity and Access Management (IAM) role that has permissions to access the AWS Key Management Service (KMS) key. Supplying an IAM role is only valid when also specifying a KMS key.", + "markdownDescription": "The Amazon Resource Name (ARN) of the role associated with the application.", "title": "RoleArn", "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" } }, "required": [ + "EngineType", "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Personalize::DatasetGroup" + "AWS::M2::Application" ], "type": "string" }, @@ -176943,7 +179939,23 @@ ], "type": "object" }, - "AWS::Personalize::Schema": { + "AWS::M2::Application.Definition": { + "additionalProperties": false, + "properties": { + "Content": { + "markdownDescription": "The content of the application definition. This is a JSON object that contains the resource configuration/definitions that identify an application.", + "title": "Content", + "type": "string" + }, + "S3Location": { + "markdownDescription": "The S3 bucket that contains the application definition.", + "title": "S3Location", + "type": "string" + } + }, + "type": "object" + }, + "AWS::M2::Deployment": { "additionalProperties": false, "properties": { "Condition": { @@ -176978,31 +179990,32 @@ "Properties": { "additionalProperties": false, "properties": { - "Domain": { - "markdownDescription": "The domain of a schema that you created for a dataset in a Domain dataset group.", - "title": "Domain", + "ApplicationId": { + "markdownDescription": "The unique identifier of the application.", + "title": "ApplicationId", "type": "string" }, - "Name": { - "markdownDescription": "The name of the schema.", - "title": "Name", - "type": "string" + "ApplicationVersion": { + "markdownDescription": "The version of the application.", + "title": "ApplicationVersion", + "type": "number" }, - "Schema": { - "markdownDescription": "The schema.", - "title": "Schema", + "EnvironmentId": { + "markdownDescription": "The unique identifier of the runtime environment.", + "title": "EnvironmentId", "type": "string" } }, "required": [ - "Name", - "Schema" + "ApplicationId", + "ApplicationVersion", + "EnvironmentId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Personalize::Schema" + "AWS::M2::Deployment" ], "type": "string" }, @@ -177021,7 +180034,7 @@ ], "type": "object" }, - "AWS::Personalize::Solution": { + "AWS::M2::Environment": { "additionalProperties": false, "properties": { "Condition": { @@ -177056,51 +180069,102 @@ "Properties": { "additionalProperties": false, "properties": { - "DatasetGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the dataset group that provides the training data.", - "title": "DatasetGroupArn", + "Description": { + "markdownDescription": "The description of the runtime environment.", + "title": "Description", "type": "string" }, - "EventType": { - "markdownDescription": "The event type (for example, 'click' or 'like') that is used for training the model. If no `eventType` is provided, Amazon Personalize uses all interactions for training with equal weight regardless of type.", - "title": "EventType", + "EngineType": { + "markdownDescription": "The target platform for the runtime environment.", + "title": "EngineType", + "type": "string" + }, + "EngineVersion": { + "markdownDescription": "The version of the runtime engine.", + "title": "EngineVersion", + "type": "string" + }, + "HighAvailabilityConfig": { + "$ref": "#/definitions/AWS::M2::Environment.HighAvailabilityConfig", + "markdownDescription": "Defines the details of a high availability configuration.", + "title": "HighAvailabilityConfig" + }, + "InstanceType": { + "markdownDescription": "The instance type of the runtime environment.", + "title": "InstanceType", + "type": "string" + }, + "KmsKeyId": { + "markdownDescription": "The identifier of a customer managed key.", + "title": "KmsKeyId", "type": "string" }, "Name": { - "markdownDescription": "The name of the solution.", + "markdownDescription": "The name of the runtime environment.", "title": "Name", "type": "string" }, - "PerformAutoML": { - "markdownDescription": "> We don't recommend enabling automated machine learning. Instead, match your use case to the available Amazon Personalize recipes. For more information, see [Determining your use case.](https://docs.aws.amazon.com/personalize/latest/dg/determining-use-case.html) \n\nWhen true, Amazon Personalize performs a search for the best USER_PERSONALIZATION recipe from the list specified in the solution configuration ( `recipeArn` must not be specified). When false (the default), Amazon Personalize uses `recipeArn` for training.", - "title": "PerformAutoML", - "type": "boolean" + "NetworkType": { + "markdownDescription": "The network type supported by the runtime environment.", + "title": "NetworkType", + "type": "string" }, - "PerformHPO": { - "markdownDescription": "Whether to perform hyperparameter optimization (HPO) on the chosen recipe. The default is `false` .", - "title": "PerformHPO", + "PreferredMaintenanceWindow": { + "markdownDescription": "Configures the maintenance window that you want for the runtime environment. The maintenance window must have the format `ddd:hh24:mi-ddd:hh24:mi` and must be less than 24 hours. The following two examples are valid maintenance windows: `sun:23:45-mon:00:15` or `sat:01:00-sat:03:00` .\n\nIf you do not provide a value, a random system-generated value will be assigned.", + "title": "PreferredMaintenanceWindow", + "type": "string" + }, + "PubliclyAccessible": { + "markdownDescription": "Specifies whether the runtime environment is publicly accessible.", + "title": "PubliclyAccessible", "type": "boolean" }, - "RecipeArn": { - "markdownDescription": "The ARN of the recipe used to create the solution. This is required when `performAutoML` is false.", - "title": "RecipeArn", - "type": "string" + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of security groups for the VPC associated with this runtime environment.", + "title": "SecurityGroupIds", + "type": "array" }, - "SolutionConfig": { - "$ref": "#/definitions/AWS::Personalize::Solution.SolutionConfig", - "markdownDescription": "Describes the configuration properties for the solution.", - "title": "SolutionConfig" + "StorageConfigurations": { + "items": { + "$ref": "#/definitions/AWS::M2::Environment.StorageConfiguration" + }, + "markdownDescription": "Defines the storage configuration for a runtime environment.", + "title": "StorageConfigurations", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of subnets associated with the VPC for this runtime environment.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" } }, "required": [ - "DatasetGroupArn", + "EngineType", + "InstanceType", "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Personalize::Solution" + "AWS::M2::Environment" ], "type": "string" }, @@ -177119,218 +180183,77 @@ ], "type": "object" }, - "AWS::Personalize::Solution.AlgorithmHyperParameterRanges": { - "additionalProperties": false, - "properties": { - "CategoricalHyperParameterRanges": { - "items": { - "$ref": "#/definitions/AWS::Personalize::Solution.CategoricalHyperParameterRange" - }, - "markdownDescription": "Provides the name and range of a categorical hyperparameter.", - "title": "CategoricalHyperParameterRanges", - "type": "array" - }, - "ContinuousHyperParameterRanges": { - "items": { - "$ref": "#/definitions/AWS::Personalize::Solution.ContinuousHyperParameterRange" - }, - "markdownDescription": "Provides the name and range of a continuous hyperparameter.", - "title": "ContinuousHyperParameterRanges", - "type": "array" - }, - "IntegerHyperParameterRanges": { - "items": { - "$ref": "#/definitions/AWS::Personalize::Solution.IntegerHyperParameterRange" - }, - "markdownDescription": "Provides the name and range of an integer-valued hyperparameter.", - "title": "IntegerHyperParameterRanges", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Personalize::Solution.AutoMLConfig": { - "additionalProperties": false, - "properties": { - "MetricName": { - "markdownDescription": "The metric to optimize.", - "title": "MetricName", - "type": "string" - }, - "RecipeList": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of candidate recipes.", - "title": "RecipeList", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Personalize::Solution.CategoricalHyperParameterRange": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the hyperparameter.", - "title": "Name", - "type": "string" - }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the categories for the hyperparameter.", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Personalize::Solution.ContinuousHyperParameterRange": { - "additionalProperties": false, - "properties": { - "MaxValue": { - "markdownDescription": "The maximum allowable value for the hyperparameter.", - "title": "MaxValue", - "type": "number" - }, - "MinValue": { - "markdownDescription": "The minimum allowable value for the hyperparameter.", - "title": "MinValue", - "type": "number" - }, - "Name": { - "markdownDescription": "The name of the hyperparameter.", - "title": "Name", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Personalize::Solution.HpoConfig": { - "additionalProperties": false, - "properties": { - "AlgorithmHyperParameterRanges": { - "$ref": "#/definitions/AWS::Personalize::Solution.AlgorithmHyperParameterRanges", - "markdownDescription": "The hyperparameters and their allowable ranges.", - "title": "AlgorithmHyperParameterRanges" - }, - "HpoObjective": { - "$ref": "#/definitions/AWS::Personalize::Solution.HpoObjective", - "markdownDescription": "The metric to optimize during HPO.\n\n> Amazon Personalize doesn't support configuring the `hpoObjective` at this time.", - "title": "HpoObjective" - }, - "HpoResourceConfig": { - "$ref": "#/definitions/AWS::Personalize::Solution.HpoResourceConfig", - "markdownDescription": "Describes the resource configuration for HPO.", - "title": "HpoResourceConfig" - } - }, - "type": "object" - }, - "AWS::Personalize::Solution.HpoObjective": { + "AWS::M2::Environment.EfsStorageConfiguration": { "additionalProperties": false, "properties": { - "MetricName": { - "markdownDescription": "The name of the metric.", - "title": "MetricName", - "type": "string" - }, - "MetricRegex": { - "markdownDescription": "A regular expression for finding the metric in the training job logs.", - "title": "MetricRegex", + "FileSystemId": { + "markdownDescription": "The file system identifier.", + "title": "FileSystemId", "type": "string" }, - "Type": { - "markdownDescription": "The type of the metric. Valid values are `Maximize` and `Minimize` .", - "title": "Type", + "MountPoint": { + "markdownDescription": "The mount point for the file system.", + "title": "MountPoint", "type": "string" } }, + "required": [ + "FileSystemId", + "MountPoint" + ], "type": "object" }, - "AWS::Personalize::Solution.HpoResourceConfig": { + "AWS::M2::Environment.FsxStorageConfiguration": { "additionalProperties": false, "properties": { - "MaxNumberOfTrainingJobs": { - "markdownDescription": "The maximum number of training jobs when you create a solution version. The maximum value for `maxNumberOfTrainingJobs` is `40` .", - "title": "MaxNumberOfTrainingJobs", + "FileSystemId": { + "markdownDescription": "The file system identifier.", + "title": "FileSystemId", "type": "string" }, - "MaxParallelTrainingJobs": { - "markdownDescription": "The maximum number of parallel training jobs when you create a solution version. The maximum value for `maxParallelTrainingJobs` is `10` .", - "title": "MaxParallelTrainingJobs", + "MountPoint": { + "markdownDescription": "The mount point for the file system.", + "title": "MountPoint", "type": "string" } }, + "required": [ + "FileSystemId", + "MountPoint" + ], "type": "object" }, - "AWS::Personalize::Solution.IntegerHyperParameterRange": { + "AWS::M2::Environment.HighAvailabilityConfig": { "additionalProperties": false, "properties": { - "MaxValue": { - "markdownDescription": "The maximum allowable value for the hyperparameter.", - "title": "MaxValue", - "type": "number" - }, - "MinValue": { - "markdownDescription": "The minimum allowable value for the hyperparameter.", - "title": "MinValue", + "DesiredCapacity": { + "markdownDescription": "The number of instances in a high availability configuration. The minimum possible value is 1 and the maximum is 100.", + "title": "DesiredCapacity", "type": "number" - }, - "Name": { - "markdownDescription": "The name of the hyperparameter.", - "title": "Name", - "type": "string" } }, + "required": [ + "DesiredCapacity" + ], "type": "object" }, - "AWS::Personalize::Solution.SolutionConfig": { + "AWS::M2::Environment.StorageConfiguration": { "additionalProperties": false, "properties": { - "AlgorithmHyperParameters": { - "additionalProperties": true, - "markdownDescription": "Lists the algorithm hyperparameters and their values.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "AlgorithmHyperParameters", - "type": "object" - }, - "AutoMLConfig": { - "$ref": "#/definitions/AWS::Personalize::Solution.AutoMLConfig", - "markdownDescription": "The [AutoMLConfig](https://docs.aws.amazon.com/personalize/latest/dg/API_AutoMLConfig.html) object containing a list of recipes to search when AutoML is performed.", - "title": "AutoMLConfig" - }, - "EventValueThreshold": { - "markdownDescription": "Only events with a value greater than or equal to this threshold are used for training a model.", - "title": "EventValueThreshold", - "type": "string" - }, - "FeatureTransformationParameters": { - "additionalProperties": true, - "markdownDescription": "Lists the feature transformation parameters.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "FeatureTransformationParameters", - "type": "object" + "Efs": { + "$ref": "#/definitions/AWS::M2::Environment.EfsStorageConfiguration", + "markdownDescription": "Defines the storage configuration for an Amazon EFS file system.", + "title": "Efs" }, - "HpoConfig": { - "$ref": "#/definitions/AWS::Personalize::Solution.HpoConfig", - "markdownDescription": "Describes the properties for hyperparameter optimization (HPO).", - "title": "HpoConfig" + "Fsx": { + "$ref": "#/definitions/AWS::M2::Environment.FsxStorageConfiguration", + "markdownDescription": "Defines the storage configuration for an Amazon FSx file system.", + "title": "Fsx" } }, "type": "object" }, - "AWS::Pinpoint::ADMChannel": { + "AWS::MPA::ApprovalTeam": { "additionalProperties": false, "properties": { "Condition": { @@ -177365,37 +180288,58 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationId": { - "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the ADM channel applies to.", - "title": "ApplicationId", - "type": "string" + "ApprovalStrategy": { + "$ref": "#/definitions/AWS::MPA::ApprovalTeam.ApprovalStrategy", + "markdownDescription": "Contains details for how an approval team grants approval.", + "title": "ApprovalStrategy" }, - "ClientId": { - "markdownDescription": "The Client ID that you received from Amazon to send messages by using ADM.", - "title": "ClientId", + "Approvers": { + "items": { + "$ref": "#/definitions/AWS::MPA::ApprovalTeam.Approver" + }, + "markdownDescription": "Contains details for an approver.", + "title": "Approvers", + "type": "array" + }, + "Description": { + "markdownDescription": "Description for the team.", + "title": "Description", "type": "string" }, - "ClientSecret": { - "markdownDescription": "The Client Secret that you received from Amazon to send messages by using ADM.", - "title": "ClientSecret", + "Name": { + "markdownDescription": "Name of the team.", + "title": "Name", "type": "string" }, - "Enabled": { - "markdownDescription": "Specifies whether to enable the ADM channel for the application.", - "title": "Enabled", - "type": "boolean" + "Policies": { + "items": { + "$ref": "#/definitions/AWS::MPA::ApprovalTeam.Policy" + }, + "markdownDescription": "Contains details for a policy. Policies define what operations a team that define the permissions for team resources.", + "title": "Policies", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags that you have added to the specified resource.", + "title": "Tags", + "type": "array" } }, "required": [ - "ApplicationId", - "ClientId", - "ClientSecret" + "ApprovalStrategy", + "Approvers", + "Description", + "Name", + "Policies" ], "type": "object" }, "Type": { "enum": [ - "AWS::Pinpoint::ADMChannel" + "AWS::MPA::ApprovalTeam" ], "type": "string" }, @@ -177414,7 +180358,84 @@ ], "type": "object" }, - "AWS::Pinpoint::APNSChannel": { + "AWS::MPA::ApprovalTeam.ApprovalStrategy": { + "additionalProperties": false, + "properties": { + "MofN": { + "$ref": "#/definitions/AWS::MPA::ApprovalTeam.MofNApprovalStrategy", + "markdownDescription": "Minimum number of approvals (M) required for a total number of approvers (N).", + "title": "MofN" + } + }, + "required": [ + "MofN" + ], + "type": "object" + }, + "AWS::MPA::ApprovalTeam.Approver": { + "additionalProperties": false, + "properties": { + "ApproverId": { + "markdownDescription": "ID for the approver.", + "title": "ApproverId", + "type": "string" + }, + "PrimaryIdentityId": { + "markdownDescription": "ID for the user.", + "title": "PrimaryIdentityId", + "type": "string" + }, + "PrimaryIdentitySourceArn": { + "markdownDescription": "Amazon Resource Name (ARN) for the identity source. The identity source manages the user authentication for approvers.", + "title": "PrimaryIdentitySourceArn", + "type": "string" + }, + "PrimaryIdentityStatus": { + "markdownDescription": "Status for the identity source. For example, if an approver has accepted a team invitation with a user authentication method managed by the identity source.", + "title": "PrimaryIdentityStatus", + "type": "string" + }, + "ResponseTime": { + "markdownDescription": "Timestamp when the approver responded to an approval team invitation.", + "title": "ResponseTime", + "type": "string" + } + }, + "required": [ + "PrimaryIdentityId", + "PrimaryIdentitySourceArn" + ], + "type": "object" + }, + "AWS::MPA::ApprovalTeam.MofNApprovalStrategy": { + "additionalProperties": false, + "properties": { + "MinApprovalsRequired": { + "markdownDescription": "Minimum number of approvals (M) required for a total number of approvers (N).", + "title": "MinApprovalsRequired", + "type": "number" + } + }, + "required": [ + "MinApprovalsRequired" + ], + "type": "object" + }, + "AWS::MPA::ApprovalTeam.Policy": { + "additionalProperties": false, + "properties": { + "PolicyArn": { + "markdownDescription": "", + "title": "PolicyArn", + "type": "string" + } + }, + "required": [ + "PolicyArn" + ], + "type": "object" + }, + "AWS::MPA::IdentitySource": { "additionalProperties": false, "properties": { "Condition": { @@ -177449,60 +180470,28 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationId": { - "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the APNs channel applies to.", - "title": "ApplicationId", - "type": "string" - }, - "BundleId": { - "markdownDescription": "The bundle identifier that's assigned to your iOS app. This identifier is used for APNs tokens.", - "title": "BundleId", - "type": "string" - }, - "Certificate": { - "markdownDescription": "The APNs client certificate that you received from Apple. Specify this value if you want Amazon Pinpoint to communicate with APNs by using an APNs certificate.", - "title": "Certificate", - "type": "string" - }, - "DefaultAuthenticationMethod": { - "markdownDescription": "The default authentication method that you want Amazon Pinpoint to use when authenticating with APNs. Valid options are `key` or `certificate` .", - "title": "DefaultAuthenticationMethod", - "type": "string" - }, - "Enabled": { - "markdownDescription": "Specifies whether to enable the APNs channel for the application.", - "title": "Enabled", - "type": "boolean" - }, - "PrivateKey": { - "markdownDescription": "The private key for the APNs client certificate that you want Amazon Pinpoint to use to communicate with APNs.", - "title": "PrivateKey", - "type": "string" - }, - "TeamId": { - "markdownDescription": "The identifier that's assigned to your Apple Developer Account team. This identifier is used for APNs tokens.", - "title": "TeamId", - "type": "string" - }, - "TokenKey": { - "markdownDescription": "The authentication key to use for APNs tokens.", - "title": "TokenKey", - "type": "string" + "IdentitySourceParameters": { + "$ref": "#/definitions/AWS::MPA::IdentitySource.IdentitySourceParameters", + "markdownDescription": "A `IdentitySourceParameters` object. Contains details for the resource that provides identities to the identity source. For example, an IAM Identity Center instance.", + "title": "IdentitySourceParameters" }, - "TokenKeyId": { - "markdownDescription": "The key identifier that's assigned to your APNs signing key. Specify this value if you want Amazon Pinpoint to communicate with APNs by using APNs tokens.", - "title": "TokenKeyId", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags that you have added to the specified resource.", + "title": "Tags", + "type": "array" } }, "required": [ - "ApplicationId" + "IdentitySourceParameters" ], "type": "object" }, "Type": { "enum": [ - "AWS::Pinpoint::APNSChannel" + "AWS::MPA::IdentitySource" ], "type": "string" }, @@ -177521,114 +180510,46 @@ ], "type": "object" }, - "AWS::Pinpoint::APNSSandboxChannel": { + "AWS::MPA::IdentitySource.IamIdentityCenter": { "additionalProperties": false, "properties": { - "Condition": { + "ApprovalPortalUrl": { + "markdownDescription": "", + "title": "ApprovalPortalUrl", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "InstanceArn": { + "markdownDescription": "Amazon Resource Name (ARN) for the IAM Identity Center instance.", + "title": "InstanceArn", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ApplicationId": { - "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the APNs sandbox channel applies to.", - "title": "ApplicationId", - "type": "string" - }, - "BundleId": { - "markdownDescription": "The bundle identifier that's assigned to your iOS app. This identifier is used for APNs tokens.", - "title": "BundleId", - "type": "string" - }, - "Certificate": { - "markdownDescription": "The APNs client certificate that you received from Apple. Specify this value if you want Amazon Pinpoint to communicate with APNs by using an APNs certificate.", - "title": "Certificate", - "type": "string" - }, - "DefaultAuthenticationMethod": { - "markdownDescription": "The default authentication method that you want Amazon Pinpoint to use when authenticating with APNs. Valid options are `key` or `certificate` .", - "title": "DefaultAuthenticationMethod", - "type": "string" - }, - "Enabled": { - "markdownDescription": "Specifies whether to enable the APNs Sandbox channel for the Amazon Pinpoint application.", - "title": "Enabled", - "type": "boolean" - }, - "PrivateKey": { - "markdownDescription": "The private key for the APNs client certificate that you want Amazon Pinpoint to use to communicate with APNs.", - "title": "PrivateKey", - "type": "string" - }, - "TeamId": { - "markdownDescription": "The identifier that's assigned to your Apple Developer Account team. This identifier is used for APNs tokens.", - "title": "TeamId", - "type": "string" - }, - "TokenKey": { - "markdownDescription": "The authentication key to use for APNs tokens.", - "title": "TokenKey", - "type": "string" - }, - "TokenKeyId": { - "markdownDescription": "The key identifier that's assigned to your APNs signing key. Specify this value if you want Amazon Pinpoint to communicate with APNs by using APNs tokens.", - "title": "TokenKeyId", - "type": "string" - } - }, - "required": [ - "ApplicationId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Pinpoint::APNSSandboxChannel" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Region": { + "markdownDescription": "AWS Region where the IAM Identity Center instance is located.", + "title": "Region", "type": "string" } }, "required": [ - "Type", - "Properties" + "InstanceArn", + "Region" ], "type": "object" }, - "AWS::Pinpoint::APNSVoipChannel": { + "AWS::MPA::IdentitySource.IdentitySourceParameters": { + "additionalProperties": false, + "properties": { + "IamIdentityCenter": { + "$ref": "#/definitions/AWS::MPA::IdentitySource.IamIdentityCenter", + "markdownDescription": "AWS IAM Identity Center credentials.", + "title": "IamIdentityCenter" + } + }, + "required": [ + "IamIdentityCenter" + ], + "type": "object" + }, + "AWS::MSK::BatchScramSecret": { "additionalProperties": false, "properties": { "Condition": { @@ -177663,60 +180584,28 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationId": { - "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the APNs VoIP channel applies to.", - "title": "ApplicationId", - "type": "string" - }, - "BundleId": { - "markdownDescription": "The bundle identifier that's assigned to your iOS app. This identifier is used for APNs tokens.", - "title": "BundleId", - "type": "string" - }, - "Certificate": { - "markdownDescription": "The APNs client certificate that you received from Apple. Specify this value if you want Amazon Pinpoint to communicate with APNs by using an APNs certificate.", - "title": "Certificate", - "type": "string" - }, - "DefaultAuthenticationMethod": { - "markdownDescription": "The default authentication method that you want Amazon Pinpoint to use when authenticating with APNs. Valid options are `key` or `certificate` .", - "title": "DefaultAuthenticationMethod", - "type": "string" - }, - "Enabled": { - "markdownDescription": "Specifies whether to enable the APNs VoIP channel for the Amazon Pinpoint application.", - "title": "Enabled", - "type": "boolean" - }, - "PrivateKey": { - "markdownDescription": "The private key for the APNs client certificate that you want Amazon Pinpoint to use to communicate with APNs.", - "title": "PrivateKey", - "type": "string" - }, - "TeamId": { - "markdownDescription": "The identifier that's assigned to your Apple Developer Account team. This identifier is used for APNs tokens.", - "title": "TeamId", - "type": "string" - }, - "TokenKey": { - "markdownDescription": "The authentication key to use for APNs tokens.", - "title": "TokenKey", + "ClusterArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that uniquely identifies the cluster.", + "title": "ClusterArn", "type": "string" }, - "TokenKeyId": { - "markdownDescription": "The key identifier that's assigned to your APNs signing key. Specify this value if you want Amazon Pinpoint to communicate with APNs by using APNs tokens.", - "title": "TokenKeyId", - "type": "string" + "SecretArnList": { + "items": { + "type": "string" + }, + "markdownDescription": "List of Amazon Resource Name (ARN)s of Secrets Manager secrets.", + "title": "SecretArnList", + "type": "array" } }, "required": [ - "ApplicationId" + "ClusterArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Pinpoint::APNSVoipChannel" + "AWS::MSK::BatchScramSecret" ], "type": "string" }, @@ -177735,7 +180624,7 @@ ], "type": "object" }, - "AWS::Pinpoint::APNSVoipSandboxChannel": { + "AWS::MSK::Cluster": { "additionalProperties": false, "properties": { "Condition": { @@ -177770,60 +180659,89 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationId": { - "markdownDescription": "The unique identifier for the application that the APNs VoIP sandbox channel applies to.", - "title": "ApplicationId", - "type": "string" + "BrokerNodeGroupInfo": { + "$ref": "#/definitions/AWS::MSK::Cluster.BrokerNodeGroupInfo", + "markdownDescription": "Information about the broker nodes in the cluster.", + "title": "BrokerNodeGroupInfo" }, - "BundleId": { - "markdownDescription": "The bundle identifier that's assigned to your iOS app. This identifier is used for APNs tokens.", - "title": "BundleId", - "type": "string" + "ClientAuthentication": { + "$ref": "#/definitions/AWS::MSK::Cluster.ClientAuthentication", + "markdownDescription": "Includes all client authentication related information.", + "title": "ClientAuthentication" }, - "Certificate": { - "markdownDescription": "The APNs client certificate that you received from Apple. Specify this value if you want Amazon Pinpoint to communicate with the APNs sandbox environment by using an APNs certificate.", - "title": "Certificate", + "ClusterName": { + "markdownDescription": "The name of the cluster.", + "title": "ClusterName", "type": "string" }, - "DefaultAuthenticationMethod": { - "markdownDescription": "The default authentication method that you want Amazon Pinpoint to use when authenticating with APNs. Valid options are `key` or `certificate` .", - "title": "DefaultAuthenticationMethod", + "ConfigurationInfo": { + "$ref": "#/definitions/AWS::MSK::Cluster.ConfigurationInfo", + "markdownDescription": "Represents the configuration that you want MSK to use for the cluster.", + "title": "ConfigurationInfo" + }, + "CurrentVersion": { + "markdownDescription": "The version of the cluster that you want to update.", + "title": "CurrentVersion", "type": "string" }, - "Enabled": { - "markdownDescription": "Specifies whether the APNs VoIP sandbox channel is enabled for the application.", - "title": "Enabled", - "type": "boolean" + "EncryptionInfo": { + "$ref": "#/definitions/AWS::MSK::Cluster.EncryptionInfo", + "markdownDescription": "Includes all encryption-related information.", + "title": "EncryptionInfo" }, - "PrivateKey": { - "markdownDescription": "The private key for the APNs client certificate that you want Amazon Pinpoint to use to communicate with the APNs sandbox environment.", - "title": "PrivateKey", + "EnhancedMonitoring": { + "markdownDescription": "Specifies the level of monitoring for the MSK cluster.", + "title": "EnhancedMonitoring", "type": "string" }, - "TeamId": { - "markdownDescription": "The identifier that's assigned to your Apple developer account team. This identifier is used for APNs tokens.", - "title": "TeamId", + "KafkaVersion": { + "markdownDescription": "The version of Apache Kafka. You can use Amazon MSK to create clusters that use [supported Apache Kafka versions](https://docs.aws.amazon.com/msk/latest/developerguide/supported-kafka-versions.html) .", + "title": "KafkaVersion", "type": "string" }, - "TokenKey": { - "markdownDescription": "The authentication key to use for APNs tokens.", - "title": "TokenKey", - "type": "string" + "LoggingInfo": { + "$ref": "#/definitions/AWS::MSK::Cluster.LoggingInfo", + "markdownDescription": "Logging info details for the cluster.", + "title": "LoggingInfo" }, - "TokenKeyId": { - "markdownDescription": "The key identifier that's assigned to your APNs signing key. Specify this value if you want Amazon Pinpoint to communicate with the APNs sandbox environment by using APNs tokens.", - "title": "TokenKeyId", + "NumberOfBrokerNodes": { + "markdownDescription": "The number of broker nodes in the cluster.", + "title": "NumberOfBrokerNodes", + "type": "number" + }, + "OpenMonitoring": { + "$ref": "#/definitions/AWS::MSK::Cluster.OpenMonitoring", + "markdownDescription": "The settings for open monitoring.", + "title": "OpenMonitoring" + }, + "StorageMode": { + "markdownDescription": "This controls storage mode for supported storage tiers.", + "title": "StorageMode", "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "An arbitrary set of tags (key-value pairs) for the cluster.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" } }, "required": [ - "ApplicationId" + "BrokerNodeGroupInfo", + "ClusterName", + "KafkaVersion", + "NumberOfBrokerNodes" ], "type": "object" }, "Type": { "enum": [ - "AWS::Pinpoint::APNSVoipSandboxChannel" + "AWS::MSK::Cluster" ], "type": "string" }, @@ -177842,7 +180760,527 @@ ], "type": "object" }, - "AWS::Pinpoint::App": { + "AWS::MSK::Cluster.BrokerLogs": { + "additionalProperties": false, + "properties": { + "CloudWatchLogs": { + "$ref": "#/definitions/AWS::MSK::Cluster.CloudWatchLogs", + "markdownDescription": "", + "title": "CloudWatchLogs" + }, + "Firehose": { + "$ref": "#/definitions/AWS::MSK::Cluster.Firehose", + "markdownDescription": "Details of the Kinesis Data Firehose delivery stream that is the destination for broker logs.", + "title": "Firehose" + }, + "S3": { + "$ref": "#/definitions/AWS::MSK::Cluster.S3", + "markdownDescription": "Details of the Amazon S3 destination for broker logs.", + "title": "S3" + } + }, + "type": "object" + }, + "AWS::MSK::Cluster.BrokerNodeGroupInfo": { + "additionalProperties": false, + "properties": { + "BrokerAZDistribution": { + "markdownDescription": "This parameter is currently not in use.", + "title": "BrokerAZDistribution", + "type": "string" + }, + "ClientSubnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of subnets to connect to in the client virtual private cloud (VPC). Amazon creates elastic network interfaces (ENIs) inside these subnets. Client applications use ENIs to produce and consume data.\n\nIf you use the US West (N. California) Region, specify exactly two subnets. For other Regions where Amazon MSK is available, you can specify either two or three subnets. The subnets that you specify must be in distinct Availability Zones. When you create a cluster, Amazon MSK distributes the broker nodes evenly across the subnets that you specify.\n\nClient subnets can't occupy the Availability Zone with ID `use1-az3` .", + "title": "ClientSubnets", + "type": "array" + }, + "ConnectivityInfo": { + "$ref": "#/definitions/AWS::MSK::Cluster.ConnectivityInfo", + "markdownDescription": "Information about the cluster's connectivity setting.", + "title": "ConnectivityInfo" + }, + "InstanceType": { + "markdownDescription": "The type of Amazon EC2 instances to use for brokers. Depending on the [broker type](https://docs.aws.amazon.com/msk/latest/developerguide/broker-instance-types.html) , Amazon MSK supports the following broker sizes:\n\n*Standard broker sizes*\n\n- kafka.t3.small\n\n> You can't select the kafka.t3.small instance type when the metadata mode is KRaft.\n- kafka.m5.large, kafka.m5.xlarge, kafka.m5.2xlarge, kafka.m5.4xlarge, kafka.m5.8xlarge, kafka.m5.12xlarge, kafka.m5.16xlarge, kafka.m5.24xlarge\n- kafka.m7g.large, kafka.m7g.xlarge, kafka.m7g.2xlarge, kafka.m7g.4xlarge, kafka.m7g.8xlarge, kafka.m7g.12xlarge, kafka.m7g.16xlarge\n\n*Express broker sizes*\n\n- express.m7g.large, express.m7g.xlarge, express.m7g.2xlarge, express.m7g.4xlarge, express.m7g.8xlarge, express.m7g.12xlarge, express.m7g.16xlarge\n\n> Some broker sizes might not be available in certian AWS Regions. See the updated [Pricing tools](https://docs.aws.amazon.com/msk/pricing/) section on the Amazon MSK pricing page for the latest list of available instances by Region.", + "title": "InstanceType", + "type": "string" + }, + "SecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The security groups to associate with the ENIs in order to specify who can connect to and communicate with the Amazon MSK cluster. If you don't specify a security group, Amazon MSK uses the default security group associated with the VPC. If you specify security groups that were shared with you, you must ensure that you have permissions to them. Specifically, you need the `ec2:DescribeSecurityGroups` permission.", + "title": "SecurityGroups", + "type": "array" + }, + "StorageInfo": { + "$ref": "#/definitions/AWS::MSK::Cluster.StorageInfo", + "markdownDescription": "Contains information about storage volumes attached to Amazon MSK broker nodes.", + "title": "StorageInfo" + } + }, + "required": [ + "ClientSubnets", + "InstanceType" + ], + "type": "object" + }, + "AWS::MSK::Cluster.ClientAuthentication": { + "additionalProperties": false, + "properties": { + "Sasl": { + "$ref": "#/definitions/AWS::MSK::Cluster.Sasl", + "markdownDescription": "Details for client authentication using SASL. To turn on SASL, you must also turn on `EncryptionInTransit` by setting `inCluster` to true. You must set `clientBroker` to either `TLS` or `TLS_PLAINTEXT` . If you choose `TLS_PLAINTEXT` , then you must also set `unauthenticated` to true.", + "title": "Sasl" + }, + "Tls": { + "$ref": "#/definitions/AWS::MSK::Cluster.Tls", + "markdownDescription": "Details for ClientAuthentication using TLS. To turn on TLS access control, you must also turn on `EncryptionInTransit` by setting `inCluster` to true and `clientBroker` to `TLS` .", + "title": "Tls" + }, + "Unauthenticated": { + "$ref": "#/definitions/AWS::MSK::Cluster.Unauthenticated", + "markdownDescription": "Details for ClientAuthentication using no authentication.", + "title": "Unauthenticated" + } + }, + "type": "object" + }, + "AWS::MSK::Cluster.CloudWatchLogs": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Specifies whether broker logs get sent to the specified CloudWatch Logs destination.", + "title": "Enabled", + "type": "boolean" + }, + "LogGroup": { + "markdownDescription": "The CloudWatch log group that is the destination for broker logs.", + "title": "LogGroup", + "type": "string" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::MSK::Cluster.ConfigurationInfo": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "ARN of the configuration to use.", + "title": "Arn", + "type": "string" + }, + "Revision": { + "markdownDescription": "The revision of the configuration to use.", + "title": "Revision", + "type": "number" + } + }, + "required": [ + "Arn", + "Revision" + ], + "type": "object" + }, + "AWS::MSK::Cluster.ConnectivityInfo": { + "additionalProperties": false, + "properties": { + "PublicAccess": { + "$ref": "#/definitions/AWS::MSK::Cluster.PublicAccess", + "markdownDescription": "Access control settings for the cluster's brokers.", + "title": "PublicAccess" + }, + "VpcConnectivity": { + "$ref": "#/definitions/AWS::MSK::Cluster.VpcConnectivity", + "markdownDescription": "VPC connection control settings for brokers.", + "title": "VpcConnectivity" + } + }, + "type": "object" + }, + "AWS::MSK::Cluster.EBSStorageInfo": { + "additionalProperties": false, + "properties": { + "ProvisionedThroughput": { + "$ref": "#/definitions/AWS::MSK::Cluster.ProvisionedThroughput", + "markdownDescription": "EBS volume provisioned throughput information.", + "title": "ProvisionedThroughput" + }, + "VolumeSize": { + "markdownDescription": "The size in GiB of the EBS volume for the data drive on each broker node.", + "title": "VolumeSize", + "type": "number" + } + }, + "type": "object" + }, + "AWS::MSK::Cluster.EncryptionAtRest": { + "additionalProperties": false, + "properties": { + "DataVolumeKMSKeyId": { + "markdownDescription": "The ARN of the Amazon KMS key for encrypting data at rest. If you don't specify a KMS key, MSK creates one for you and uses it.", + "title": "DataVolumeKMSKeyId", + "type": "string" + } + }, + "required": [ + "DataVolumeKMSKeyId" + ], + "type": "object" + }, + "AWS::MSK::Cluster.EncryptionInTransit": { + "additionalProperties": false, + "properties": { + "ClientBroker": { + "markdownDescription": "Indicates the encryption setting for data in transit between clients and brokers. You must set it to one of the following values.\n\n- `TLS` : Indicates that client-broker communication is enabled with TLS only.\n- `TLS_PLAINTEXT` : Indicates that client-broker communication is enabled for both TLS-encrypted, as well as plaintext data.\n- `PLAINTEXT` : Indicates that client-broker communication is enabled in plaintext only.\n\nThe default value is `TLS` .", + "title": "ClientBroker", + "type": "string" + }, + "InCluster": { + "markdownDescription": "When set to true, it indicates that data communication among the broker nodes of the cluster is encrypted. When set to false, the communication happens in plaintext.\n\nThe default value is true.", + "title": "InCluster", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::MSK::Cluster.EncryptionInfo": { + "additionalProperties": false, + "properties": { + "EncryptionAtRest": { + "$ref": "#/definitions/AWS::MSK::Cluster.EncryptionAtRest", + "markdownDescription": "The data-volume encryption details.", + "title": "EncryptionAtRest" + }, + "EncryptionInTransit": { + "$ref": "#/definitions/AWS::MSK::Cluster.EncryptionInTransit", + "markdownDescription": "The details for encryption in transit.", + "title": "EncryptionInTransit" + } + }, + "type": "object" + }, + "AWS::MSK::Cluster.Firehose": { + "additionalProperties": false, + "properties": { + "DeliveryStream": { + "markdownDescription": "The Kinesis Data Firehose delivery stream that is the destination for broker logs.", + "title": "DeliveryStream", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Specifies whether broker logs get send to the specified Kinesis Data Firehose delivery stream.", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::MSK::Cluster.Iam": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "SASL/IAM authentication is enabled or not.", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::MSK::Cluster.JmxExporter": { + "additionalProperties": false, + "properties": { + "EnabledInBroker": { + "markdownDescription": "Indicates whether you want to enable or disable the JMX Exporter.", + "title": "EnabledInBroker", + "type": "boolean" + } + }, + "required": [ + "EnabledInBroker" + ], + "type": "object" + }, + "AWS::MSK::Cluster.LoggingInfo": { + "additionalProperties": false, + "properties": { + "BrokerLogs": { + "$ref": "#/definitions/AWS::MSK::Cluster.BrokerLogs", + "markdownDescription": "You can configure your MSK cluster to send broker logs to different destination types. This configuration specifies the details of these destinations.", + "title": "BrokerLogs" + } + }, + "required": [ + "BrokerLogs" + ], + "type": "object" + }, + "AWS::MSK::Cluster.NodeExporter": { + "additionalProperties": false, + "properties": { + "EnabledInBroker": { + "markdownDescription": "Indicates whether you want to enable or disable the Node Exporter.", + "title": "EnabledInBroker", + "type": "boolean" + } + }, + "required": [ + "EnabledInBroker" + ], + "type": "object" + }, + "AWS::MSK::Cluster.OpenMonitoring": { + "additionalProperties": false, + "properties": { + "Prometheus": { + "$ref": "#/definitions/AWS::MSK::Cluster.Prometheus", + "markdownDescription": "Prometheus exporter settings.", + "title": "Prometheus" + } + }, + "required": [ + "Prometheus" + ], + "type": "object" + }, + "AWS::MSK::Cluster.Prometheus": { + "additionalProperties": false, + "properties": { + "JmxExporter": { + "$ref": "#/definitions/AWS::MSK::Cluster.JmxExporter", + "markdownDescription": "Indicates whether you want to enable or disable the JMX Exporter.", + "title": "JmxExporter" + }, + "NodeExporter": { + "$ref": "#/definitions/AWS::MSK::Cluster.NodeExporter", + "markdownDescription": "Indicates whether you want to enable or disable the Node Exporter.", + "title": "NodeExporter" + } + }, + "type": "object" + }, + "AWS::MSK::Cluster.ProvisionedThroughput": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Provisioned throughput is on or off.", + "title": "Enabled", + "type": "boolean" + }, + "VolumeThroughput": { + "markdownDescription": "Throughput value of the EBS volumes for the data drive on each kafka broker node in MiB per second.", + "title": "VolumeThroughput", + "type": "number" + } + }, + "type": "object" + }, + "AWS::MSK::Cluster.PublicAccess": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "DISABLED means that public access is turned off. SERVICE_PROVIDED_EIPS means that public access is turned on.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::MSK::Cluster.S3": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The name of the S3 bucket that is the destination for broker logs.", + "title": "Bucket", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Specifies whether broker logs get sent to the specified Amazon S3 destination.", + "title": "Enabled", + "type": "boolean" + }, + "Prefix": { + "markdownDescription": "The S3 prefix that is the destination for broker logs.", + "title": "Prefix", + "type": "string" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::MSK::Cluster.Sasl": { + "additionalProperties": false, + "properties": { + "Iam": { + "$ref": "#/definitions/AWS::MSK::Cluster.Iam", + "markdownDescription": "Details for ClientAuthentication using IAM.", + "title": "Iam" + }, + "Scram": { + "$ref": "#/definitions/AWS::MSK::Cluster.Scram", + "markdownDescription": "Details for SASL/SCRAM client authentication.", + "title": "Scram" + } + }, + "type": "object" + }, + "AWS::MSK::Cluster.Scram": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "SASL/SCRAM authentication is enabled or not.", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::MSK::Cluster.StorageInfo": { + "additionalProperties": false, + "properties": { + "EBSStorageInfo": { + "$ref": "#/definitions/AWS::MSK::Cluster.EBSStorageInfo", + "markdownDescription": "EBS volume information.", + "title": "EBSStorageInfo" + } + }, + "type": "object" + }, + "AWS::MSK::Cluster.Tls": { + "additionalProperties": false, + "properties": { + "CertificateAuthorityArnList": { + "items": { + "type": "string" + }, + "markdownDescription": "List of AWS Private CA ARNs.", + "title": "CertificateAuthorityArnList", + "type": "array" + }, + "Enabled": { + "markdownDescription": "TLS authentication is enabled or not.", + "title": "Enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::MSK::Cluster.Unauthenticated": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Unauthenticated is enabled or not.", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::MSK::Cluster.VpcConnectivity": { + "additionalProperties": false, + "properties": { + "ClientAuthentication": { + "$ref": "#/definitions/AWS::MSK::Cluster.VpcConnectivityClientAuthentication", + "markdownDescription": "VPC connection control settings for brokers.", + "title": "ClientAuthentication" + } + }, + "type": "object" + }, + "AWS::MSK::Cluster.VpcConnectivityClientAuthentication": { + "additionalProperties": false, + "properties": { + "Sasl": { + "$ref": "#/definitions/AWS::MSK::Cluster.VpcConnectivitySasl", + "markdownDescription": "Details for VpcConnectivity ClientAuthentication using SASL.", + "title": "Sasl" + }, + "Tls": { + "$ref": "#/definitions/AWS::MSK::Cluster.VpcConnectivityTls", + "markdownDescription": "Details for VpcConnectivity ClientAuthentication using TLS.", + "title": "Tls" + } + }, + "type": "object" + }, + "AWS::MSK::Cluster.VpcConnectivityIam": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "SASL/IAM authentication is enabled or not.", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::MSK::Cluster.VpcConnectivitySasl": { + "additionalProperties": false, + "properties": { + "Iam": { + "$ref": "#/definitions/AWS::MSK::Cluster.VpcConnectivityIam", + "markdownDescription": "Details for ClientAuthentication using IAM for VpcConnectivity.", + "title": "Iam" + }, + "Scram": { + "$ref": "#/definitions/AWS::MSK::Cluster.VpcConnectivityScram", + "markdownDescription": "Details for SASL/SCRAM client authentication for VpcConnectivity.", + "title": "Scram" + } + }, + "type": "object" + }, + "AWS::MSK::Cluster.VpcConnectivityScram": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "SASL/SCRAM authentication is enabled or not.", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::MSK::Cluster.VpcConnectivityTls": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "TLS authentication is enabled or not.", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::MSK::ClusterPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -177877,25 +181315,26 @@ "Properties": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The display name of the application.", - "title": "Name", + "ClusterArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that uniquely identifies the cluster.", + "title": "ClusterArn", "type": "string" }, - "Tags": { - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", + "Policy": { + "markdownDescription": "Resource policy for the cluster.", + "title": "Policy", "type": "object" } }, "required": [ - "Name" + "ClusterArn", + "Policy" ], "type": "object" }, "Type": { "enum": [ - "AWS::Pinpoint::App" + "AWS::MSK::ClusterPolicy" ], "type": "string" }, @@ -177914,7 +181353,7 @@ ], "type": "object" }, - "AWS::Pinpoint::ApplicationSettings": { + "AWS::MSK::Configuration": { "additionalProperties": false, "properties": { "Condition": { @@ -177949,40 +181388,44 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationId": { - "markdownDescription": "The unique identifier for the Amazon Pinpoint application.", - "title": "ApplicationId", + "Description": { + "markdownDescription": "The description of the configuration.", + "title": "Description", "type": "string" }, - "CampaignHook": { - "$ref": "#/definitions/AWS::Pinpoint::ApplicationSettings.CampaignHook", - "markdownDescription": "The settings for the Lambda function to use by default as a code hook for campaigns in the application. To override these settings for a specific campaign, use the Campaign resource to define custom Lambda function settings for the campaign.", - "title": "CampaignHook" + "KafkaVersionsList": { + "items": { + "type": "string" + }, + "markdownDescription": "The [versions of Apache Kafka](https://docs.aws.amazon.com/msk/latest/developerguide/supported-kafka-versions.html) with which you can use this MSK configuration.\n\nWhen you update the `KafkaVersionsList` property, AWS CloudFormation recreates a new configuration with the updated property before deleting the old configuration. Such an update requires a [resource replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) . To successfully update `KafkaVersionsList` , you must also update the `Name` property in the same operation.\n\nIf your configuration is attached with any clusters created using the AWS Management Console or AWS CLI , you'll need to manually delete the old configuration from the console after the update completes.\n\nFor more information, see [Can\u2019t update KafkaVersionsList in MSK configuration](https://docs.aws.amazon.com/msk/latest/developerguide/troubleshooting.html#troubleshoot-kafkaversionslist-cfn-update-failure) in the *Amazon MSK Developer Guide* .", + "title": "KafkaVersionsList", + "type": "array" }, - "CloudWatchMetricsEnabled": { - "markdownDescription": "", - "title": "CloudWatchMetricsEnabled", - "type": "boolean" + "LatestRevision": { + "$ref": "#/definitions/AWS::MSK::Configuration.LatestRevision", + "markdownDescription": "Latest revision of the MSK configuration.", + "title": "LatestRevision" }, - "Limits": { - "$ref": "#/definitions/AWS::Pinpoint::ApplicationSettings.Limits", - "markdownDescription": "The default sending limits for campaigns in the application. To override these limits for a specific campaign, use the Campaign resource to define custom limits for the campaign.", - "title": "Limits" + "Name": { + "markdownDescription": "The name of the configuration. Configuration names are strings that match the regex \"^[0-9A-Za-z][0-9A-Za-z-]{0,}$\".", + "title": "Name", + "type": "string" }, - "QuietTime": { - "$ref": "#/definitions/AWS::Pinpoint::ApplicationSettings.QuietTime", - "markdownDescription": "The default quiet time for campaigns in the application. Quiet time is a specific time range when campaigns don't send messages to endpoints, if all the following conditions are met:\n\n- The `EndpointDemographic.Timezone` property of the endpoint is set to a valid value.\n\n- The current time in the endpoint's time zone is later than or equal to the time specified by the `QuietTime.Start` property for the application (or a campaign that has custom quiet time settings).\n\n- The current time in the endpoint's time zone is earlier than or equal to the time specified by the `QuietTime.End` property for the application (or a campaign that has custom quiet time settings).\n\nIf any of the preceding conditions isn't met, the endpoint will receive messages from a campaign, even if quiet time is enabled.\n\nTo override the default quiet time settings for a specific campaign, use the Campaign resource to define a custom quiet time for the campaign.", - "title": "QuietTime" + "ServerProperties": { + "markdownDescription": "Contents of the `server.properties` file. When using the console, the SDK, or the AWS CLI , the contents of `server.properties` can be in plaintext.", + "title": "ServerProperties", + "type": "string" } }, "required": [ - "ApplicationId" + "Name", + "ServerProperties" ], "type": "object" }, "Type": { "enum": [ - "AWS::Pinpoint::ApplicationSettings" + "AWS::MSK::Configuration" ], "type": "string" }, @@ -178001,74 +181444,28 @@ ], "type": "object" }, - "AWS::Pinpoint::ApplicationSettings.CampaignHook": { + "AWS::MSK::Configuration.LatestRevision": { "additionalProperties": false, "properties": { - "LambdaFunctionName": { - "markdownDescription": "The name or Amazon Resource Name (ARN) of the Lambda function that Amazon Pinpoint invokes to send messages for campaigns in the application.", - "title": "LambdaFunctionName", - "type": "string" - }, - "Mode": { - "markdownDescription": "The mode that Amazon Pinpoint uses to invoke the Lambda function. Possible values are:\n\n- `FILTER` - Invoke the function to customize the segment that's used by a campaign.\n- `DELIVERY` - (Deprecated) Previously, invoked the function to send a campaign through a custom channel. This functionality is not supported anymore. To send a campaign through a custom channel, use the `CustomDeliveryConfiguration` and `CampaignCustomMessage` objects of the campaign.", - "title": "Mode", + "CreationTime": { + "markdownDescription": "The time when the configuration revision was created.", + "title": "CreationTime", "type": "string" }, - "WebUrl": { - "markdownDescription": "The web URL that Amazon Pinpoint calls to invoke the Lambda function over HTTPS.", - "title": "WebUrl", + "Description": { + "markdownDescription": "The description of the configuration revision.", + "title": "Description", "type": "string" - } - }, - "type": "object" - }, - "AWS::Pinpoint::ApplicationSettings.Limits": { - "additionalProperties": false, - "properties": { - "Daily": { - "markdownDescription": "The maximum number of messages that a campaign can send to a single endpoint during a 24-hour period. The maximum value is 100.", - "title": "Daily", - "type": "number" - }, - "MaximumDuration": { - "markdownDescription": "The maximum amount of time, in seconds, that a campaign can attempt to deliver a message after the scheduled start time for the campaign. The minimum value is 60 seconds.", - "title": "MaximumDuration", - "type": "number" - }, - "MessagesPerSecond": { - "markdownDescription": "The maximum number of messages that a campaign can send each second. The minimum value is 1. The maximum value is 20,000.", - "title": "MessagesPerSecond", - "type": "number" }, - "Total": { - "markdownDescription": "The maximum number of messages that a campaign can send to a single endpoint during the course of the campaign. The maximum value is 100.", - "title": "Total", + "Revision": { + "markdownDescription": "The revision number.", + "title": "Revision", "type": "number" } }, "type": "object" }, - "AWS::Pinpoint::ApplicationSettings.QuietTime": { - "additionalProperties": false, - "properties": { - "End": { - "markdownDescription": "The specific time when quiet time ends. This value has to use 24-hour notation and be in HH:MM format, where HH is the hour (with a leading zero, if applicable) and MM is the minutes. For example, use `02:30` to represent 2:30 AM, or `14:30` to represent 2:30 PM.", - "title": "End", - "type": "string" - }, - "Start": { - "markdownDescription": "The specific time when quiet time begins. This value has to use 24-hour notation and be in HH:MM format, where HH is the hour (with a leading zero, if applicable) and MM is the minutes. For example, use `02:30` to represent 2:30 AM, or `14:30` to represent 2:30 PM.", - "title": "Start", - "type": "string" - } - }, - "required": [ - "End", - "Start" - ], - "type": "object" - }, - "AWS::Pinpoint::BaiduChannel": { + "AWS::MSK::Replicator": { "additionalProperties": false, "properties": { "Condition": { @@ -178103,37 +181500,57 @@ "Properties": { "additionalProperties": false, "properties": { - "ApiKey": { - "markdownDescription": "The API key that you received from the Baidu Cloud Push service to communicate with the service.", - "title": "ApiKey", + "Description": { + "markdownDescription": "A summary description of the replicator.", + "title": "Description", "type": "string" }, - "ApplicationId": { - "markdownDescription": "The unique identifier for the Amazon Pinpoint application that you're configuring the Baidu channel for.", - "title": "ApplicationId", - "type": "string" + "KafkaClusters": { + "items": { + "$ref": "#/definitions/AWS::MSK::Replicator.KafkaCluster" + }, + "markdownDescription": "Kafka Clusters to use in setting up sources / targets for replication.", + "title": "KafkaClusters", + "type": "array" }, - "Enabled": { - "markdownDescription": "Specifies whether to enable the Baidu channel for the application.", - "title": "Enabled", - "type": "boolean" + "ReplicationInfoList": { + "items": { + "$ref": "#/definitions/AWS::MSK::Replicator.ReplicationInfo" + }, + "markdownDescription": "A list of replication configurations, where each configuration targets a given source cluster to target cluster replication flow.", + "title": "ReplicationInfoList", + "type": "array" }, - "SecretKey": { - "markdownDescription": "The secret key that you received from the Baidu Cloud Push service to communicate with the service.", - "title": "SecretKey", + "ReplicatorName": { + "markdownDescription": "The name of the replicator. Alpha-numeric characters with '-' are allowed.", + "title": "ReplicatorName", + "type": "string" + }, + "ServiceExecutionRoleArn": { + "markdownDescription": "The ARN of the IAM role used by the replicator to access resources in the customer's account (e.g source and target clusters)", + "title": "ServiceExecutionRoleArn", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "List of tags to attach to created Replicator.", + "title": "Tags", + "type": "array" } }, "required": [ - "ApiKey", - "ApplicationId", - "SecretKey" + "KafkaClusters", + "ReplicationInfoList", + "ReplicatorName", + "ServiceExecutionRoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Pinpoint::BaiduChannel" + "AWS::MSK::Replicator" ], "type": "string" }, @@ -178152,833 +181569,211 @@ ], "type": "object" }, - "AWS::Pinpoint::Campaign": { + "AWS::MSK::Replicator.AmazonMskCluster": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "MskClusterArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an Amazon MSK cluster.", + "title": "MskClusterArn", "type": "string" + } + }, + "required": [ + "MskClusterArn" + ], + "type": "object" + }, + "AWS::MSK::Replicator.ConsumerGroupReplication": { + "additionalProperties": false, + "properties": { + "ConsumerGroupsToExclude": { + "items": { + "type": "string" + }, + "markdownDescription": "List of regular expression patterns indicating the consumer groups that should not be replicated.", + "title": "ConsumerGroupsToExclude", + "type": "array" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ConsumerGroupsToReplicate": { + "items": { + "type": "string" + }, + "markdownDescription": "List of regular expression patterns indicating the consumer groups to copy.", + "title": "ConsumerGroupsToReplicate", + "type": "array" }, - "Metadata": { - "type": "object" + "DetectAndCopyNewConsumerGroups": { + "markdownDescription": "Enables synchronization of consumer groups to target cluster.", + "title": "DetectAndCopyNewConsumerGroups", + "type": "boolean" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AdditionalTreatments": { - "items": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.WriteTreatmentResource" - }, - "markdownDescription": "An array of requests that defines additional treatments for the campaign, in addition to the default treatment for the campaign.", - "title": "AdditionalTreatments", - "type": "array" - }, - "ApplicationId": { - "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the campaign is associated with.", - "title": "ApplicationId", - "type": "string" - }, - "CampaignHook": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.CampaignHook", - "markdownDescription": "Specifies the Lambda function to use as a code hook for a campaign.", - "title": "CampaignHook" - }, - "CustomDeliveryConfiguration": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.CustomDeliveryConfiguration", - "markdownDescription": "The delivery configuration settings for sending the treatment through a custom channel. This object is required if the `MessageConfiguration` object for the treatment specifies a `CustomMessage` object.", - "title": "CustomDeliveryConfiguration" - }, - "Description": { - "markdownDescription": "A custom description of the campaign.", - "title": "Description", - "type": "string" - }, - "HoldoutPercent": { - "markdownDescription": "The allocated percentage of users (segment members) who shouldn't receive messages from the campaign.", - "title": "HoldoutPercent", - "type": "number" - }, - "IsPaused": { - "markdownDescription": "Specifies whether to pause the campaign. A paused campaign doesn't run unless you resume it by changing this value to `false` . If you restart a campaign, the campaign restarts from the beginning and not at the point you paused it. If a campaign is running it will complete and then pause. Pause only pauses or skips the next run for a recurring future scheduled campaign. A campaign scheduled for immediate can't be paused.", - "title": "IsPaused", - "type": "boolean" - }, - "Limits": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.Limits", - "markdownDescription": "The messaging limits for the campaign.", - "title": "Limits" - }, - "MessageConfiguration": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.MessageConfiguration", - "markdownDescription": "The message configuration settings for the treatment.", - "title": "MessageConfiguration" - }, - "Name": { - "markdownDescription": "The name of the campaign.", - "title": "Name", - "type": "string" - }, - "Priority": { - "markdownDescription": "An integer between 1 and 5, inclusive, that represents the priority of the in-app message campaign, where 1 is the highest priority and 5 is the lowest. If there are multiple messages scheduled to be displayed at the same time, the priority determines the order in which those messages are displayed.", - "title": "Priority", - "type": "number" - }, - "Schedule": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.Schedule", - "markdownDescription": "The schedule settings for the treatment.", - "title": "Schedule" - }, - "SegmentId": { - "markdownDescription": "The unique identifier for the segment to associate with the campaign.", - "title": "SegmentId", - "type": "string" - }, - "SegmentVersion": { - "markdownDescription": "The version of the segment to associate with the campaign.", - "title": "SegmentVersion", - "type": "number" - }, - "Tags": { - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "object" - }, - "TemplateConfiguration": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.TemplateConfiguration", - "markdownDescription": "The message template to use for the treatment.", - "title": "TemplateConfiguration" - }, - "TreatmentDescription": { - "markdownDescription": "A custom description of the treatment.", - "title": "TreatmentDescription", - "type": "string" - }, - "TreatmentName": { - "markdownDescription": "A custom name for the treatment.", - "title": "TreatmentName", - "type": "string" - } - }, - "required": [ - "ApplicationId", - "Name", - "Schedule", - "SegmentId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Pinpoint::Campaign" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "SynchroniseConsumerGroupOffsets": { + "markdownDescription": "Enables synchronization of consumer group offsets to target cluster. The translated offsets will be written to topic __consumer_offsets.", + "title": "SynchroniseConsumerGroupOffsets", + "type": "boolean" } }, "required": [ - "Type", - "Properties" + "ConsumerGroupsToReplicate" ], "type": "object" }, - "AWS::Pinpoint::Campaign.AttributeDimension": { - "additionalProperties": false, - "properties": { - "AttributeType": { - "type": "string" - }, - "Values": { - "items": { - "type": "string" - }, - "type": "array" - } - }, - "type": "object" - }, - "AWS::Pinpoint::Campaign.CampaignCustomMessage": { - "additionalProperties": false, - "properties": { - "Data": { - "markdownDescription": "The raw, JSON-formatted string to use as the payload for the message. The maximum size is 5 KB.", - "title": "Data", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Pinpoint::Campaign.CampaignEmailMessage": { - "additionalProperties": false, - "properties": { - "Body": { - "markdownDescription": "The body of the email for recipients whose email clients don't render HTML content.", - "title": "Body", - "type": "string" - }, - "FromAddress": { - "markdownDescription": "The verified email address to send the email from. The default address is the `FromAddress` specified for the email channel for the application.", - "title": "FromAddress", - "type": "string" - }, - "HtmlBody": { - "markdownDescription": "The body of the email, in HTML format, for recipients whose email clients render HTML content.", - "title": "HtmlBody", - "type": "string" - }, - "Title": { - "markdownDescription": "The subject line, or title, of the email.", - "title": "Title", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Pinpoint::Campaign.CampaignEventFilter": { - "additionalProperties": false, - "properties": { - "Dimensions": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.EventDimensions", - "markdownDescription": "The dimension settings of the event filter for the campaign.", - "title": "Dimensions" - }, - "FilterType": { - "markdownDescription": "The type of event that causes the campaign to be sent. Valid values are: `SYSTEM` , sends the campaign when a system event occurs; and, `ENDPOINT` , sends the campaign when an endpoint event (Events resource) occurs.", - "title": "FilterType", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Pinpoint::Campaign.CampaignHook": { + "AWS::MSK::Replicator.KafkaCluster": { "additionalProperties": false, "properties": { - "LambdaFunctionName": { - "markdownDescription": "The name or Amazon Resource Name (ARN) of the Lambda function that Amazon Pinpoint invokes to customize a segment for a campaign.", - "title": "LambdaFunctionName", - "type": "string" - }, - "Mode": { - "markdownDescription": "The mode that Amazon Pinpoint uses to invoke the Lambda function. Possible values are:\n\n- `FILTER` - Invoke the function to customize the segment that's used by a campaign.\n- `DELIVERY` - (Deprecated) Previously, invoked the function to send a campaign through a custom channel. This functionality is not supported anymore. To send a campaign through a custom channel, use the `CustomDeliveryConfiguration` and `CampaignCustomMessage` objects of the campaign.", - "title": "Mode", - "type": "string" + "AmazonMskCluster": { + "$ref": "#/definitions/AWS::MSK::Replicator.AmazonMskCluster", + "markdownDescription": "Details of an Amazon MSK Cluster.", + "title": "AmazonMskCluster" }, - "WebUrl": { - "markdownDescription": "The web URL that Amazon Pinpoint calls to invoke the Lambda function over HTTPS.", - "title": "WebUrl", - "type": "string" + "VpcConfig": { + "$ref": "#/definitions/AWS::MSK::Replicator.KafkaClusterClientVpcConfig", + "markdownDescription": "Details of an Amazon VPC which has network connectivity to the Apache Kafka cluster.", + "title": "VpcConfig" } }, + "required": [ + "AmazonMskCluster", + "VpcConfig" + ], "type": "object" }, - "AWS::Pinpoint::Campaign.CampaignInAppMessage": { + "AWS::MSK::Replicator.KafkaClusterClientVpcConfig": { "additionalProperties": false, "properties": { - "Content": { + "SecurityGroupIds": { "items": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.InAppMessageContent" + "type": "string" }, - "markdownDescription": "An array that contains configurtion information about the in-app message for the campaign, including title and body text, text colors, background colors, image URLs, and button configurations.", - "title": "Content", + "markdownDescription": "The security groups to attach to the ENIs for the broker nodes.", + "title": "SecurityGroupIds", "type": "array" }, - "CustomConfig": { - "markdownDescription": "Custom data, in the form of key-value pairs, that is included in an in-app messaging payload.", - "title": "CustomConfig", - "type": "object" - }, - "Layout": { - "markdownDescription": "A string that describes how the in-app message will appear. You can specify one of the following:\n\n- `BOTTOM_BANNER` \u2013 a message that appears as a banner at the bottom of the page.\n- `TOP_BANNER` \u2013 a message that appears as a banner at the top of the page.\n- `OVERLAYS` \u2013 a message that covers entire screen.\n- `MOBILE_FEED` \u2013 a message that appears in a window in front of the page.\n- `MIDDLE_BANNER` \u2013 a message that appears as a banner in the middle of the page.\n- `CAROUSEL` \u2013 a scrollable layout of up to five unique messages.", - "title": "Layout", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Pinpoint::Campaign.CampaignSmsMessage": { - "additionalProperties": false, - "properties": { - "Body": { - "markdownDescription": "The body of the SMS message.", - "title": "Body", - "type": "string" - }, - "EntityId": { - "markdownDescription": "The entity ID or Principal Entity (PE) id received from the regulatory body for sending SMS in your country.", - "title": "EntityId", - "type": "string" - }, - "MessageType": { - "markdownDescription": "The SMS message type. Valid values are `TRANSACTIONAL` (for messages that are critical or time-sensitive, such as a one-time passwords) and `PROMOTIONAL` (for messsages that aren't critical or time-sensitive, such as marketing messages).", - "title": "MessageType", - "type": "string" - }, - "OriginationNumber": { - "markdownDescription": "The long code to send the SMS message from. This value should be one of the dedicated long codes that's assigned to your AWS account. Although it isn't required, we recommend that you specify the long code using an E.164 format to ensure prompt and accurate delivery of the message. For example, +12065550100.", - "title": "OriginationNumber", - "type": "string" - }, - "SenderId": { - "markdownDescription": "The alphabetic Sender ID to display as the sender of the message on a recipient's device. Support for sender IDs varies by country or region. To specify a phone number as the sender, omit this parameter and use `OriginationNumber` instead. For more information about support for Sender ID by country, see the [Amazon Pinpoint User Guide](https://docs.aws.amazon.com/pinpoint/latest/userguide/channels-sms-countries.html) .", - "title": "SenderId", - "type": "string" - }, - "TemplateId": { - "markdownDescription": "The template ID received from the regulatory body for sending SMS in your country.", - "title": "TemplateId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Pinpoint::Campaign.CustomDeliveryConfiguration": { - "additionalProperties": false, - "properties": { - "DeliveryUri": { - "markdownDescription": "The destination to send the campaign or treatment to. This value can be one of the following:\n\n- The name or Amazon Resource Name (ARN) of an AWS Lambda function to invoke to handle delivery of the campaign or treatment.\n- The URL for a web application or service that supports HTTPS and can receive the message. The URL has to be a full URL, including the HTTPS protocol.", - "title": "DeliveryUri", - "type": "string" - }, - "EndpointTypes": { + "SubnetIds": { "items": { "type": "string" }, - "markdownDescription": "The types of endpoints to send the campaign or treatment to. Each valid value maps to a type of channel that you can associate with an endpoint by using the `ChannelType` property of an endpoint.", - "title": "EndpointTypes", + "markdownDescription": "The list of subnets in the client VPC to connect to.", + "title": "SubnetIds", "type": "array" } }, + "required": [ + "SubnetIds" + ], "type": "object" }, - "AWS::Pinpoint::Campaign.DefaultButtonConfiguration": { - "additionalProperties": false, - "properties": { - "BackgroundColor": { - "markdownDescription": "The background color of a button, expressed as a hex color code (such as #000000 for black).", - "title": "BackgroundColor", - "type": "string" - }, - "BorderRadius": { - "markdownDescription": "The border radius of a button.", - "title": "BorderRadius", - "type": "number" - }, - "ButtonAction": { - "markdownDescription": "The action that occurs when a recipient chooses a button in an in-app message. You can specify one of the following:\n\n- `LINK` \u2013 A link to a web destination.\n- `DEEP_LINK` \u2013 A link to a specific page in an application.\n- `CLOSE` \u2013 Dismisses the message.", - "title": "ButtonAction", - "type": "string" - }, - "Link": { - "markdownDescription": "The destination (such as a URL) for a button.", - "title": "Link", - "type": "string" - }, - "Text": { - "markdownDescription": "The text that appears on a button in an in-app message.", - "title": "Text", - "type": "string" - }, - "TextColor": { - "markdownDescription": "The color of the body text in a button, expressed as a hex color code (such as #000000 for black).", - "title": "TextColor", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Pinpoint::Campaign.EventDimensions": { + "AWS::MSK::Replicator.ReplicationInfo": { "additionalProperties": false, "properties": { - "Attributes": { - "markdownDescription": "One or more custom attributes that your application reports to Amazon Pinpoint. You can use these attributes as selection criteria when you create an event filter.", - "title": "Attributes", - "type": "object" - }, - "EventType": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.SetDimension", - "markdownDescription": "The name of the event that causes the campaign to be sent or the journey activity to be performed. This can be a standard event that Amazon Pinpoint generates, such as `_email.delivered` or `_custom.delivered` . For campaigns, this can also be a custom event that's specific to your application. For information about standard events, see [Streaming Amazon Pinpoint Events](https://docs.aws.amazon.com/pinpoint/latest/developerguide/event-streams.html) in the *Amazon Pinpoint Developer Guide* .", - "title": "EventType" + "ConsumerGroupReplication": { + "$ref": "#/definitions/AWS::MSK::Replicator.ConsumerGroupReplication", + "markdownDescription": "Configuration relating to consumer group replication.", + "title": "ConsumerGroupReplication" }, - "Metrics": { - "markdownDescription": "One or more custom metrics that your application reports to Amazon Pinpoint . You can use these metrics as selection criteria when you create an event filter.", - "title": "Metrics", - "type": "object" - } - }, - "type": "object" - }, - "AWS::Pinpoint::Campaign.InAppMessageBodyConfig": { - "additionalProperties": false, - "properties": { - "Alignment": { - "markdownDescription": "The text alignment of the main body text of the message. Acceptable values: `LEFT` , `CENTER` , `RIGHT` .", - "title": "Alignment", + "SourceKafkaClusterArn": { + "markdownDescription": "The ARN of the source Kafka cluster.", + "title": "SourceKafkaClusterArn", "type": "string" }, - "Body": { - "markdownDescription": "The main body text of the message.", - "title": "Body", + "TargetCompressionType": { + "markdownDescription": "The compression type to use when producing records to target cluster.", + "title": "TargetCompressionType", "type": "string" }, - "TextColor": { - "markdownDescription": "The color of the body text, expressed as a string consisting of a hex color code (such as \"#000000\" for black).", - "title": "TextColor", + "TargetKafkaClusterArn": { + "markdownDescription": "The ARN of the target Kafka cluster.", + "title": "TargetKafkaClusterArn", "type": "string" - } - }, - "type": "object" - }, - "AWS::Pinpoint::Campaign.InAppMessageButton": { - "additionalProperties": false, - "properties": { - "Android": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.OverrideButtonConfiguration", - "markdownDescription": "An object that defines the default behavior for a button in in-app messages sent to Android.", - "title": "Android" - }, - "DefaultConfig": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.DefaultButtonConfiguration", - "markdownDescription": "An object that defines the default behavior for a button in an in-app message.", - "title": "DefaultConfig" - }, - "IOS": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.OverrideButtonConfiguration", - "markdownDescription": "An object that defines the default behavior for a button in in-app messages sent to iOS devices.", - "title": "IOS" }, - "Web": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.OverrideButtonConfiguration", - "markdownDescription": "An object that defines the default behavior for a button in in-app messages for web applications.", - "title": "Web" + "TopicReplication": { + "$ref": "#/definitions/AWS::MSK::Replicator.TopicReplication", + "markdownDescription": "Configuration relating to topic replication.", + "title": "TopicReplication" } }, + "required": [ + "ConsumerGroupReplication", + "SourceKafkaClusterArn", + "TargetCompressionType", + "TargetKafkaClusterArn", + "TopicReplication" + ], "type": "object" }, - "AWS::Pinpoint::Campaign.InAppMessageContent": { + "AWS::MSK::Replicator.ReplicationStartingPosition": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "markdownDescription": "The background color for an in-app message banner, expressed as a hex color code (such as #000000 for black).", - "title": "BackgroundColor", - "type": "string" - }, - "BodyConfig": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.InAppMessageBodyConfig", - "markdownDescription": "Specifies the configuration of main body text in an in-app message template.", - "title": "BodyConfig" - }, - "HeaderConfig": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.InAppMessageHeaderConfig", - "markdownDescription": "Specifies the configuration and content of the header or title text of the in-app message.", - "title": "HeaderConfig" - }, - "ImageUrl": { - "markdownDescription": "The URL of the image that appears on an in-app message banner.", - "title": "ImageUrl", + "Type": { + "markdownDescription": "The type of replication starting position.", + "title": "Type", "type": "string" - }, - "PrimaryBtn": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.InAppMessageButton", - "markdownDescription": "An object that contains configuration information about the primary button in an in-app message.", - "title": "PrimaryBtn" - }, - "SecondaryBtn": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.InAppMessageButton", - "markdownDescription": "An object that contains configuration information about the secondary button in an in-app message.", - "title": "SecondaryBtn" } }, "type": "object" }, - "AWS::Pinpoint::Campaign.InAppMessageHeaderConfig": { + "AWS::MSK::Replicator.ReplicationTopicNameConfiguration": { "additionalProperties": false, "properties": { - "Alignment": { - "markdownDescription": "The text alignment of the title of the message. Acceptable values: `LEFT` , `CENTER` , `RIGHT` .", - "title": "Alignment", - "type": "string" - }, - "Header": { - "markdownDescription": "The header or title text of the in-app message.", - "title": "Header", - "type": "string" - }, - "TextColor": { - "markdownDescription": "The color of the body text, expressed as a string consisting of a hex color code (such as \"#000000\" for black).", - "title": "TextColor", + "Type": { + "markdownDescription": "The type of replication topic name configuration, identical to upstream topic name or prefixed with source cluster alias.", + "title": "Type", "type": "string" } }, "type": "object" }, - "AWS::Pinpoint::Campaign.Limits": { - "additionalProperties": false, - "properties": { - "Daily": { - "markdownDescription": "The maximum number of messages that a campaign can send to a single endpoint during a 24-hour period. The maximum value is 100.", - "title": "Daily", - "type": "number" - }, - "MaximumDuration": { - "markdownDescription": "The maximum amount of time, in seconds, that a campaign can attempt to deliver a message after the scheduled start time for the campaign. The minimum value is 60 seconds.", - "title": "MaximumDuration", - "type": "number" - }, - "MessagesPerSecond": { - "markdownDescription": "The maximum number of messages that a campaign can send each second. The minimum value is 1. The maximum value is 20,000.", - "title": "MessagesPerSecond", - "type": "number" - }, - "Session": { - "markdownDescription": "The maximum number of messages that the campaign can send per user session.", - "title": "Session", - "type": "number" - }, - "Total": { - "markdownDescription": "The maximum number of messages that a campaign can send to a single endpoint during the course of the campaign. The maximum value is 100.", - "title": "Total", - "type": "number" - } - }, - "type": "object" - }, - "AWS::Pinpoint::Campaign.Message": { + "AWS::MSK::Replicator.TopicReplication": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The action to occur if a recipient taps the push notification. Valid values are:\n\n- `OPEN_APP` \u2013 Your app opens or it becomes the foreground app if it was sent to the background. This is the default action.\n- `DEEP_LINK` \u2013 Your app opens and displays a designated user interface in the app. This setting uses the deep-linking features of iOS and Android.\n- `URL` \u2013 The default mobile browser on the recipient's device opens and loads the web page at a URL that you specify.", - "title": "Action", - "type": "string" - }, - "Body": { - "markdownDescription": "The body of the notification message. The maximum number of characters is 200.", - "title": "Body", - "type": "string" - }, - "ImageIconUrl": { - "markdownDescription": "The URL of the image to display as the push notification icon, such as the icon for the app.", - "title": "ImageIconUrl", - "type": "string" - }, - "ImageSmallIconUrl": { - "markdownDescription": "The URL of the image to display as the small, push notification icon, such as a small version of the icon for the app.", - "title": "ImageSmallIconUrl", - "type": "string" - }, - "ImageUrl": { - "markdownDescription": "The URL of an image to display in the push notification.", - "title": "ImageUrl", - "type": "string" - }, - "JsonBody": { - "markdownDescription": "The JSON payload to use for a silent push notification.", - "title": "JsonBody", - "type": "string" - }, - "MediaUrl": { - "markdownDescription": "The URL of the image or video to display in the push notification.", - "title": "MediaUrl", - "type": "string" - }, - "RawContent": { - "markdownDescription": "The raw, JSON-formatted string to use as the payload for the notification message. If specified, this value overrides all other content for the message.", - "title": "RawContent", - "type": "string" - }, - "SilentPush": { - "markdownDescription": "Specifies whether the notification is a silent push notification, which is a push notification that doesn't display on a recipient's device. Silent push notifications can be used for cases such as updating an app's configuration, displaying messages in an in-app message center, or supporting phone home functionality.", - "title": "SilentPush", + "CopyAccessControlListsForTopics": { + "markdownDescription": "Whether to periodically configure remote topic ACLs to match their corresponding upstream topics.", + "title": "CopyAccessControlListsForTopics", "type": "boolean" }, - "TimeToLive": { - "markdownDescription": "The number of seconds that the push notification service should keep the message, if the service is unable to deliver the notification the first time. This value is converted to an expiration value when it's sent to a push notification service. If this value is `0` , the service treats the notification as if it expires immediately and the service doesn't store or try to deliver the notification again.\n\nThis value doesn't apply to messages that are sent through the Amazon Device Messaging (ADM) service.", - "title": "TimeToLive", - "type": "number" - }, - "Title": { - "markdownDescription": "The title to display above the notification message on a recipient's device.", - "title": "Title", - "type": "string" - }, - "Url": { - "markdownDescription": "The URL to open in a recipient's default mobile browser, if a recipient taps the push notification and the value of the `Action` property is `URL` .", - "title": "Url", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Pinpoint::Campaign.MessageConfiguration": { - "additionalProperties": false, - "properties": { - "ADMMessage": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.Message", - "markdownDescription": "The message that the campaign sends through the ADM (Amazon Device Messaging) channel. If specified, this message overrides the default message.", - "title": "ADMMessage" - }, - "APNSMessage": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.Message", - "markdownDescription": "The message that the campaign sends through the APNs (Apple Push Notification service) channel. If specified, this message overrides the default message.", - "title": "APNSMessage" - }, - "BaiduMessage": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.Message", - "markdownDescription": "The message that the campaign sends through the Baidu (Baidu Cloud Push) channel. If specified, this message overrides the default message.", - "title": "BaiduMessage" - }, - "CustomMessage": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.CampaignCustomMessage", - "markdownDescription": "The message that the campaign sends through a custom channel, as specified by the delivery configuration ( `CustomDeliveryConfiguration` ) settings for the campaign. If specified, this message overrides the default message.", - "title": "CustomMessage" - }, - "DefaultMessage": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.Message", - "markdownDescription": "The default message that the campaign sends through all the channels that are configured for the campaign.", - "title": "DefaultMessage" - }, - "EmailMessage": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.CampaignEmailMessage", - "markdownDescription": "The message that the campaign sends through the email channel. If specified, this message overrides the default message.\n\n> The maximum email message size is 200 KB. You can use email templates to send larger email messages.", - "title": "EmailMessage" - }, - "GCMMessage": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.Message", - "markdownDescription": "The message that the campaign sends through the GCM channel, which enables Amazon Pinpoint to send push notifications through the Firebase Cloud Messaging (FCM), formerly Google Cloud Messaging (GCM), service. If specified, this message overrides the default message.", - "title": "GCMMessage" - }, - "InAppMessage": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.CampaignInAppMessage", - "markdownDescription": "The default message for the in-app messaging channel. This message overrides the default message ( `DefaultMessage` ).", - "title": "InAppMessage" - }, - "SMSMessage": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.CampaignSmsMessage", - "markdownDescription": "The message that the campaign sends through the SMS channel. If specified, this message overrides the default message.", - "title": "SMSMessage" - } - }, - "type": "object" - }, - "AWS::Pinpoint::Campaign.MetricDimension": { - "additionalProperties": false, - "properties": { - "ComparisonOperator": { - "type": "string" - }, - "Value": { - "type": "number" - } - }, - "type": "object" - }, - "AWS::Pinpoint::Campaign.OverrideButtonConfiguration": { - "additionalProperties": false, - "properties": { - "ButtonAction": { - "markdownDescription": "The action that occurs when a recipient chooses a button in an in-app message. You can specify one of the following:\n\n- `LINK` \u2013 A link to a web destination.\n- `DEEP_LINK` \u2013 A link to a specific page in an application.\n- `CLOSE` \u2013 Dismisses the message.", - "title": "ButtonAction", - "type": "string" - }, - "Link": { - "markdownDescription": "The destination (such as a URL) for a button.", - "title": "Link", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Pinpoint::Campaign.QuietTime": { - "additionalProperties": false, - "properties": { - "End": { - "markdownDescription": "The specific time when quiet time ends. This value has to use 24-hour notation and be in HH:MM format, where HH is the hour (with a leading zero, if applicable) and MM is the minutes. For example, use `02:30` to represent 2:30 AM, or `14:30` to represent 2:30 PM.", - "title": "End", - "type": "string" - }, - "Start": { - "markdownDescription": "The specific time when quiet time begins. This value has to use 24-hour notation and be in HH:MM format, where HH is the hour (with a leading zero, if applicable) and MM is the minutes. For example, use `02:30` to represent 2:30 AM, or `14:30` to represent 2:30 PM.", - "title": "Start", - "type": "string" - } - }, - "required": [ - "End", - "Start" - ], - "type": "object" - }, - "AWS::Pinpoint::Campaign.Schedule": { - "additionalProperties": false, - "properties": { - "EndTime": { - "markdownDescription": "The scheduled time, in ISO 8601 format, when the campaign ended or will end.", - "title": "EndTime", - "type": "string" - }, - "EventFilter": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.CampaignEventFilter", - "markdownDescription": "The type of event that causes the campaign to be sent, if the value of the `Frequency` property is `EVENT` .", - "title": "EventFilter" - }, - "Frequency": { - "markdownDescription": "Specifies how often the campaign is sent or whether the campaign is sent in response to a specific event.", - "title": "Frequency", - "type": "string" - }, - "IsLocalTime": { - "markdownDescription": "Specifies whether the start and end times for the campaign schedule use each recipient's local time. To base the schedule on each recipient's local time, set this value to `true` .", - "title": "IsLocalTime", + "CopyTopicConfigurations": { + "markdownDescription": "Whether to periodically configure remote topics to match their corresponding upstream topics.", + "title": "CopyTopicConfigurations", "type": "boolean" }, - "QuietTime": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.QuietTime", - "markdownDescription": "The default quiet time for the campaign. Quiet time is a specific time range when a campaign doesn't send messages to endpoints, if all the following conditions are met:\n\n- The `EndpointDemographic.Timezone` property of the endpoint is set to a valid value.\n- The current time in the endpoint's time zone is later than or equal to the time specified by the `QuietTime.Start` property for the campaign.\n- The current time in the endpoint's time zone is earlier than or equal to the time specified by the `QuietTime.End` property for the campaign.\n\nIf any of the preceding conditions isn't met, the endpoint will receive messages from the campaign, even if quiet time is enabled.", - "title": "QuietTime" + "DetectAndCopyNewTopics": { + "markdownDescription": "Whether to periodically check for new topics and partitions.", + "title": "DetectAndCopyNewTopics", + "type": "boolean" }, - "StartTime": { - "markdownDescription": "The scheduled time when the campaign began or will begin. Valid values are: `IMMEDIATE` , to start the campaign immediately; or, a specific time in ISO 8601 format.", - "title": "StartTime", - "type": "string" + "StartingPosition": { + "$ref": "#/definitions/AWS::MSK::Replicator.ReplicationStartingPosition", + "markdownDescription": "Specifies the position in the topics to start replicating from.", + "title": "StartingPosition" }, - "TimeZone": { - "markdownDescription": "The starting UTC offset for the campaign schedule, if the value of the `IsLocalTime` property is `true` . Valid values are: `UTC, UTC+01, UTC+02, UTC+03, UTC+03:30, UTC+04, UTC+04:30, UTC+05, UTC+05:30, UTC+05:45, UTC+06, UTC+06:30, UTC+07, UTC+08, UTC+09, UTC+09:30, UTC+10, UTC+10:30, UTC+11, UTC+12, UTC+13, UTC-02, UTC-03, UTC-04, UTC-05, UTC-06, UTC-07, UTC-08, UTC-09, UTC-10,` and `UTC-11` .", - "title": "TimeZone", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Pinpoint::Campaign.SetDimension": { - "additionalProperties": false, - "properties": { - "DimensionType": { - "markdownDescription": "The type of segment dimension to use. Valid values are: `INCLUSIVE` , endpoints that match the criteria are included in the segment; and, `EXCLUSIVE` , endpoints that match the criteria are excluded from the segment.", - "title": "DimensionType", - "type": "string" + "TopicNameConfiguration": { + "$ref": "#/definitions/AWS::MSK::Replicator.ReplicationTopicNameConfiguration", + "markdownDescription": "Configuration for specifying replicated topic names will be the same as their corresponding upstream topics or prefixed with source cluster alias.", + "title": "TopicNameConfiguration" }, - "Values": { + "TopicsToExclude": { "items": { "type": "string" }, - "markdownDescription": "The criteria values to use for the segment dimension. Depending on the value of the `DimensionType` property, endpoints are included or excluded from the segment if their values match the criteria values.", - "title": "Values", + "markdownDescription": "List of regular expression patterns indicating the topics that should not be replicated.", + "title": "TopicsToExclude", "type": "array" - } - }, - "type": "object" - }, - "AWS::Pinpoint::Campaign.Template": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the message template to use for the message. If specified, this value must match the name of an existing message template.", - "title": "Name", - "type": "string" - }, - "Version": { - "markdownDescription": "The unique identifier for the version of the message template to use for the message. If specified, this value must match the identifier for an existing template version. To retrieve a list of versions and version identifiers for a template, use the [Template Versions](https://docs.aws.amazon.com/pinpoint/latest/apireference/templates-template-name-template-type-versions.html) resource.\n\nIf you don't specify a value for this property, Amazon Pinpoint uses the *active version* of the template. The *active version* is typically the version of a template that's been most recently reviewed and approved for use, depending on your workflow. It isn't necessarily the latest version of a template.", - "title": "Version", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Pinpoint::Campaign.TemplateConfiguration": { - "additionalProperties": false, - "properties": { - "EmailTemplate": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.Template", - "markdownDescription": "The email template to use for the message.", - "title": "EmailTemplate" - }, - "PushTemplate": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.Template", - "markdownDescription": "The push notification template to use for the message.", - "title": "PushTemplate" - }, - "SMSTemplate": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.Template", - "markdownDescription": "The SMS template to use for the message.", - "title": "SMSTemplate" - }, - "VoiceTemplate": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.Template", - "markdownDescription": "The voice template to use for the message. This object isn't supported for campaigns.", - "title": "VoiceTemplate" - } - }, - "type": "object" - }, - "AWS::Pinpoint::Campaign.WriteTreatmentResource": { - "additionalProperties": false, - "properties": { - "CustomDeliveryConfiguration": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.CustomDeliveryConfiguration", - "markdownDescription": "The delivery configuration settings for sending the treatment through a custom channel. This object is required if the `MessageConfiguration` object for the treatment specifies a `CustomMessage` object.", - "title": "CustomDeliveryConfiguration" - }, - "MessageConfiguration": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.MessageConfiguration", - "markdownDescription": "The message configuration settings for the treatment.", - "title": "MessageConfiguration" - }, - "Schedule": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.Schedule", - "markdownDescription": "The schedule settings for the treatment.", - "title": "Schedule" - }, - "SizePercent": { - "markdownDescription": "The allocated percentage of users (segment members) to send the treatment to.", - "title": "SizePercent", - "type": "number" - }, - "TemplateConfiguration": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.TemplateConfiguration", - "markdownDescription": "The message template to use for the treatment.", - "title": "TemplateConfiguration" }, - "TreatmentDescription": { - "markdownDescription": "A custom description of the treatment.", - "title": "TreatmentDescription", - "type": "string" - }, - "TreatmentName": { - "markdownDescription": "A custom name for the treatment.", - "title": "TreatmentName", - "type": "string" + "TopicsToReplicate": { + "items": { + "type": "string" + }, + "markdownDescription": "List of regular expression patterns indicating the topics to copy.", + "title": "TopicsToReplicate", + "type": "array" } }, + "required": [ + "TopicsToReplicate" + ], "type": "object" }, - "AWS::Pinpoint::EmailChannel": { + "AWS::MSK::ServerlessCluster": { "additionalProperties": false, "properties": { "Condition": { @@ -179013,52 +181808,46 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationId": { - "markdownDescription": "The unique identifier for the Amazon Pinpoint application that you're specifying the email channel for.", - "title": "ApplicationId", - "type": "string" - }, - "ConfigurationSet": { - "markdownDescription": "The [Amazon SES configuration set](https://docs.aws.amazon.com/ses/latest/APIReference/API_ConfigurationSet.html) that you want to apply to messages that you send through the channel.", - "title": "ConfigurationSet", - "type": "string" - }, - "Enabled": { - "markdownDescription": "Specifies whether to enable the email channel for the application.", - "title": "Enabled", - "type": "boolean" - }, - "FromAddress": { - "markdownDescription": "The verified email address that you want to send email from when you send email through the channel.", - "title": "FromAddress", - "type": "string" + "ClientAuthentication": { + "$ref": "#/definitions/AWS::MSK::ServerlessCluster.ClientAuthentication", + "markdownDescription": "Includes all client authentication related information.", + "title": "ClientAuthentication" }, - "Identity": { - "markdownDescription": "The Amazon Resource Name (ARN) of the identity, verified with Amazon Simple Email Service (Amazon SES), that you want to use when you send email through the channel.", - "title": "Identity", + "ClusterName": { + "markdownDescription": "The name of the cluster.", + "title": "ClusterName", "type": "string" }, - "OrchestrationSendingRoleArn": { - "markdownDescription": "The ARN of an IAM role for Amazon Pinpoint to use to send email from your campaigns or journeys through Amazon SES .", - "title": "OrchestrationSendingRoleArn", - "type": "string" + "Tags": { + "additionalProperties": true, + "markdownDescription": "An arbitrary set of tags (key-value pairs) for the cluster.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" }, - "RoleArn": { - "markdownDescription": "The ARN of the AWS Identity and Access Management (IAM) role that you want Amazon Pinpoint to use when it submits email-related event data for the channel.", - "title": "RoleArn", - "type": "string" + "VpcConfigs": { + "items": { + "$ref": "#/definitions/AWS::MSK::ServerlessCluster.VpcConfig" + }, + "markdownDescription": "VPC configuration information for the serverless cluster.", + "title": "VpcConfigs", + "type": "array" } }, "required": [ - "ApplicationId", - "FromAddress", - "Identity" + "ClientAuthentication", + "ClusterName", + "VpcConfigs" ], "type": "object" }, "Type": { "enum": [ - "AWS::Pinpoint::EmailChannel" + "AWS::MSK::ServerlessCluster" ], "type": "string" }, @@ -179077,7 +181866,74 @@ ], "type": "object" }, - "AWS::Pinpoint::EmailTemplate": { + "AWS::MSK::ServerlessCluster.ClientAuthentication": { + "additionalProperties": false, + "properties": { + "Sasl": { + "$ref": "#/definitions/AWS::MSK::ServerlessCluster.Sasl", + "markdownDescription": "Details for client authentication using SASL. To turn on SASL, you must also turn on `EncryptionInTransit` by setting `inCluster` to true. You must set `clientBroker` to either `TLS` or `TLS_PLAINTEXT` . If you choose `TLS_PLAINTEXT` , then you must also set `unauthenticated` to true.", + "title": "Sasl" + } + }, + "required": [ + "Sasl" + ], + "type": "object" + }, + "AWS::MSK::ServerlessCluster.Iam": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "SASL/IAM authentication is enabled or not.", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::MSK::ServerlessCluster.Sasl": { + "additionalProperties": false, + "properties": { + "Iam": { + "$ref": "#/definitions/AWS::MSK::ServerlessCluster.Iam", + "markdownDescription": "Details for ClientAuthentication using IAM.", + "title": "Iam" + } + }, + "required": [ + "Iam" + ], + "type": "object" + }, + "AWS::MSK::ServerlessCluster.VpcConfig": { + "additionalProperties": false, + "properties": { + "SecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "SecurityGroups", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "SubnetIds", + "type": "array" + } + }, + "required": [ + "SubnetIds" + ], + "type": "object" + }, + "AWS::MSK::VpcConnection": { "additionalProperties": false, "properties": { "Condition": { @@ -179112,51 +181968,61 @@ "Properties": { "additionalProperties": false, "properties": { - "DefaultSubstitutions": { - "markdownDescription": "A JSON object that specifies the default values to use for message variables in the message template. This object is a set of key-value pairs. Each key defines a message variable in the template. The corresponding value defines the default value for that variable. When you create a message that's based on the template, you can override these defaults with message-specific and address-specific variables and values.", - "title": "DefaultSubstitutions", + "Authentication": { + "markdownDescription": "The type of private link authentication.", + "title": "Authentication", "type": "string" }, - "HtmlPart": { - "markdownDescription": "The message body, in HTML format, to use in email messages that are based on the message template. We recommend using HTML format for email clients that render HTML content. You can include links, formatted text, and more in an HTML message.", - "title": "HtmlPart", - "type": "string" + "ClientSubnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of subnets in the client VPC to connect to.", + "title": "ClientSubnets", + "type": "array" }, - "Subject": { - "markdownDescription": "The subject line, or title, to use in email messages that are based on the message template.", - "title": "Subject", - "type": "string" + "SecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The security groups to attach to the ENIs for the broker nodes.", + "title": "SecurityGroups", + "type": "array" }, "Tags": { - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "additionalProperties": true, + "markdownDescription": "An arbitrary set of tags (key-value pairs) you specify while creating the VPC connection.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, "title": "Tags", "type": "object" }, - "TemplateDescription": { - "markdownDescription": "A custom description of the message template.", - "title": "TemplateDescription", - "type": "string" - }, - "TemplateName": { - "markdownDescription": "The name of the message template.", - "title": "TemplateName", + "TargetClusterArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the cluster.", + "title": "TargetClusterArn", "type": "string" }, - "TextPart": { - "markdownDescription": "The message body, in plain text format, to use in email messages that are based on the message template. We recommend using plain text format for email clients that don't render HTML content and clients that are connected to high-latency networks, such as mobile devices.", - "title": "TextPart", + "VpcId": { + "markdownDescription": "The VPC ID of the remote client.", + "title": "VpcId", "type": "string" } }, "required": [ - "Subject", - "TemplateName" + "Authentication", + "ClientSubnets", + "SecurityGroups", + "TargetClusterArn", + "VpcId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Pinpoint::EmailTemplate" + "AWS::MSK::VpcConnection" ], "type": "string" }, @@ -179175,7 +182041,7 @@ ], "type": "object" }, - "AWS::Pinpoint::EventStream": { + "AWS::MWAA::Environment": { "additionalProperties": false, "properties": { "Condition": { @@ -179210,214 +182076,145 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationId": { - "markdownDescription": "The unique identifier for the Amazon Pinpoint application that you want to export data from.", - "title": "ApplicationId", + "AirflowConfigurationOptions": { + "markdownDescription": "A list of key-value pairs containing the Airflow configuration options for your environment. For example, `core.default_timezone: utc` . To learn more, see [Apache Airflow configuration options](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-env-variables.html) .", + "title": "AirflowConfigurationOptions", + "type": "object" + }, + "AirflowVersion": { + "markdownDescription": "The version of Apache Airflow to use for the environment. If no value is specified, defaults to the latest version.\n\nIf you specify a newer version number for an existing environment, the version update requires some service interruption before taking effect.\n\n*Allowed Values* : `1.10.12` | `2.0.2` | `2.2.2` | `2.4.3` | `2.5.1` | `2.6.3` | `2.7.2` | `2.8.1` | `2.9.2` | `2.10.1` (latest)", + "title": "AirflowVersion", "type": "string" }, - "DestinationStreamArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Kinesis Data Stream or Amazon Data Firehose delivery stream that you want to publish event data to.\n\nFor a Kinesis Data Stream, the ARN format is: `arn:aws:kinesis: region : account-id :stream/ stream_name`\n\nFor a Firehose delivery stream, the ARN format is: `arn:aws:firehose: region : account-id :deliverystream/ stream_name`", - "title": "DestinationStreamArn", + "DagS3Path": { + "markdownDescription": "The relative path to the DAGs folder on your Amazon S3 bucket. For example, `dags` . To learn more, see [Adding or updating DAGs](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-dag-folder.html) .", + "title": "DagS3Path", "type": "string" }, - "RoleArn": { - "markdownDescription": "The AWS Identity and Access Management (IAM) role that authorizes Amazon Pinpoint to publish event data to the stream in your AWS account.", - "title": "RoleArn", + "EndpointManagement": { + "markdownDescription": "Defines whether the VPC endpoints configured for the environment are created, and managed, by the customer or by Amazon MWAA. If set to `SERVICE` , Amazon MWAA will create and manage the required VPC endpoints in your VPC. If set to `CUSTOMER` , you must create, and manage, the VPC endpoints in your VPC.", + "title": "EndpointManagement", "type": "string" - } - }, - "required": [ - "ApplicationId", - "DestinationStreamArn", - "RoleArn" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Pinpoint::EventStream" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::Pinpoint::GCMChannel": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + }, + "EnvironmentClass": { + "markdownDescription": "The environment class type. Valid values: `mw1.micro` , `mw1.small` , `mw1.medium` , `mw1.large` , `mw1.1large` , and `mw1.2large` . To learn more, see [Amazon MWAA environment class](https://docs.aws.amazon.com/mwaa/latest/userguide/environment-class.html) .", + "title": "EnvironmentClass", "type": "string" }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ApiKey": { - "markdownDescription": "The Web API key, also called the *server key* , that you received from Google to communicate with Google services.", - "title": "ApiKey", + "ExecutionRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the execution role in IAM that allows MWAA to access AWS resources in your environment. For example, `arn:aws:iam::123456789:role/my-execution-role` . To learn more, see [Amazon MWAA Execution role](https://docs.aws.amazon.com/mwaa/latest/userguide/mwaa-create-role.html) .", + "title": "ExecutionRoleArn", "type": "string" }, - "ApplicationId": { - "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the GCM channel applies to.", - "title": "ApplicationId", + "KmsKey": { + "markdownDescription": "The AWS Key Management Service (KMS) key to encrypt and decrypt the data in your environment. You can use an AWS KMS key managed by MWAA, or a customer-managed KMS key (advanced).", + "title": "KmsKey", "type": "string" }, - "DefaultAuthenticationMethod": { - "markdownDescription": "The default authentication method used for GCM. Values are either \"TOKEN\" or \"KEY\". Defaults to \"KEY\".", - "title": "DefaultAuthenticationMethod", + "LoggingConfiguration": { + "$ref": "#/definitions/AWS::MWAA::Environment.LoggingConfiguration", + "markdownDescription": "The Apache Airflow logs being sent to CloudWatch Logs: `DagProcessingLogs` , `SchedulerLogs` , `TaskLogs` , `WebserverLogs` , `WorkerLogs` .", + "title": "LoggingConfiguration" + }, + "MaxWebservers": { + "markdownDescription": "The maximum number of web servers that you want to run in your environment. Amazon MWAA scales the number of Apache Airflow web servers up to the number you specify for `MaxWebservers` when you interact with your Apache Airflow environment using Apache Airflow REST API, or the Apache Airflow CLI. For example, in scenarios where your workload requires network calls to the Apache Airflow REST API with a high transaction-per-second (TPS) rate, Amazon MWAA will increase the number of web servers up to the number set in `MaxWebserers` . As TPS rates decrease Amazon MWAA disposes of the additional web servers, and scales down to the number set in `MinxWebserers` .\n\nValid values: For environments larger than mw1.micro, accepts values from `2` to `5` . Defaults to `2` for all environment sizes except mw1.micro, which defaults to `1` .", + "title": "MaxWebservers", + "type": "number" + }, + "MaxWorkers": { + "markdownDescription": "The maximum number of workers that you want to run in your environment. MWAA scales the number of Apache Airflow workers up to the number you specify in the `MaxWorkers` field. For example, `20` . When there are no more tasks running, and no more in the queue, MWAA disposes of the extra workers leaving the one worker that is included with your environment, or the number you specify in `MinWorkers` .", + "title": "MaxWorkers", + "type": "number" + }, + "MinWebservers": { + "markdownDescription": "The minimum number of web servers that you want to run in your environment. Amazon MWAA scales the number of Apache Airflow web servers up to the number you specify for `MaxWebservers` when you interact with your Apache Airflow environment using Apache Airflow REST API, or the Apache Airflow CLI. As the transaction-per-second rate, and the network load, decrease, Amazon MWAA disposes of the additional web servers, and scales down to the number set in `MinxWebserers` .\n\nValid values: For environments larger than mw1.micro, accepts values from `2` to `5` . Defaults to `2` for all environment sizes except mw1.micro, which defaults to `1` .", + "title": "MinWebservers", + "type": "number" + }, + "MinWorkers": { + "markdownDescription": "The minimum number of workers that you want to run in your environment. MWAA scales the number of Apache Airflow workers up to the number you specify in the `MaxWorkers` field. When there are no more tasks running, and no more in the queue, MWAA disposes of the extra workers leaving the worker count you specify in the `MinWorkers` field. For example, `2` .", + "title": "MinWorkers", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of your Amazon MWAA environment.", + "title": "Name", "type": "string" }, - "Enabled": { - "markdownDescription": "Specifies whether to enable the GCM channel for the Amazon Pinpoint application.", - "title": "Enabled", - "type": "boolean" + "NetworkConfiguration": { + "$ref": "#/definitions/AWS::MWAA::Environment.NetworkConfiguration", + "markdownDescription": "The VPC networking components used to secure and enable network traffic between the AWS resources for your environment. To learn more, see [About networking on Amazon MWAA](https://docs.aws.amazon.com/mwaa/latest/userguide/networking-about.html) .", + "title": "NetworkConfiguration" }, - "ServiceJson": { - "markdownDescription": "The contents of the JSON file provided by Google during registration in order to generate an access token for authentication. For more information see [Migrate from legacy FCM APIs to HTTP v1](https://docs.aws.amazon.com/https://firebase.google.com/docs/cloud-messaging/migrate-v1) .", - "title": "ServiceJson", + "PluginsS3ObjectVersion": { + "markdownDescription": "The version of the plugins.zip file on your Amazon S3 bucket. To learn more, see [Installing custom plugins](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-dag-import-plugins.html) .", + "title": "PluginsS3ObjectVersion", "type": "string" - } - }, - "required": [ - "ApplicationId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Pinpoint::GCMChannel" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::Pinpoint::InAppTemplate": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + }, + "PluginsS3Path": { + "markdownDescription": "The relative path to the `plugins.zip` file on your Amazon S3 bucket. For example, `plugins.zip` . To learn more, see [Installing custom plugins](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-dag-import-plugins.html) .", + "title": "PluginsS3Path", "type": "string" }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Content": { - "items": { - "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.InAppMessageContent" - }, - "markdownDescription": "An object that contains information about the content of an in-app message, including its title and body text, text colors, background colors, images, buttons, and behaviors.", - "title": "Content", - "type": "array" + "RequirementsS3ObjectVersion": { + "markdownDescription": "The version of the requirements.txt file on your Amazon S3 bucket. To learn more, see [Installing Python dependencies](https://docs.aws.amazon.com/mwaa/latest/userguide/working-dags-dependencies.html) .", + "title": "RequirementsS3ObjectVersion", + "type": "string" }, - "CustomConfig": { - "markdownDescription": "Custom data, in the form of key-value pairs, that is included in an in-app messaging payload.", - "title": "CustomConfig", - "type": "object" + "RequirementsS3Path": { + "markdownDescription": "The relative path to the `requirements.txt` file on your Amazon S3 bucket. For example, `requirements.txt` . To learn more, see [Installing Python dependencies](https://docs.aws.amazon.com/mwaa/latest/userguide/working-dags-dependencies.html) .", + "title": "RequirementsS3Path", + "type": "string" }, - "Layout": { - "markdownDescription": "A string that determines the appearance of the in-app message. You can specify one of the following:\n\n- `BOTTOM_BANNER` \u2013 a message that appears as a banner at the bottom of the page.\n- `TOP_BANNER` \u2013 a message that appears as a banner at the top of the page.\n- `OVERLAYS` \u2013 a message that covers entire screen.\n- `MOBILE_FEED` \u2013 a message that appears in a window in front of the page.\n- `MIDDLE_BANNER` \u2013 a message that appears as a banner in the middle of the page.\n- `CAROUSEL` \u2013 a scrollable layout of up to five unique messages.", - "title": "Layout", + "Schedulers": { + "markdownDescription": "The number of schedulers that you want to run in your environment. Valid values:\n\n- *v2* - For environments larger than mw1.micro, accepts values from 2 to 5. Defaults to 2 for all environment sizes except mw1.micro, which defaults to 1.\n- *v1* - Accepts 1.", + "title": "Schedulers", + "type": "number" + }, + "SourceBucketArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon S3 bucket where your DAG code and supporting files are stored. For example, `arn:aws:s3:::my-airflow-bucket-unique-name` . To learn more, see [Create an Amazon S3 bucket for Amazon MWAA](https://docs.aws.amazon.com/mwaa/latest/userguide/mwaa-s3-bucket.html) .", + "title": "SourceBucketArn", + "type": "string" + }, + "StartupScriptS3ObjectVersion": { + "markdownDescription": "The version of the startup shell script in your Amazon S3 bucket. You must specify the [version ID](https://docs.aws.amazon.com/AmazonS3/latest/userguide/versioning-workflows.html) that Amazon S3 assigns to the file every time you update the script.\n\nVersion IDs are Unicode, UTF-8 encoded, URL-ready, opaque strings that are no more than 1,024 bytes long. The following is an example:\n\n`3sL4kqtJlcpXroDTDmJ+rmSpXd3dIbrHY+MTRCxf3vjVBH40Nr8X8gdRQBpUMLUo`\n\nFor more information, see [Using a startup script](https://docs.aws.amazon.com/mwaa/latest/userguide/using-startup-script.html) .", + "title": "StartupScriptS3ObjectVersion", + "type": "string" + }, + "StartupScriptS3Path": { + "markdownDescription": "The relative path to the startup shell script in your Amazon S3 bucket. For example, `s3://mwaa-environment/startup.sh` .\n\nAmazon MWAA runs the script as your environment starts, and before running the Apache Airflow process. You can use this script to install dependencies, modify Apache Airflow configuration options, and set environment variables. For more information, see [Using a startup script](https://docs.aws.amazon.com/mwaa/latest/userguide/using-startup-script.html) .", + "title": "StartupScriptS3Path", "type": "string" }, "Tags": { - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "The key-value tag pairs associated to your environment. For example, `\"Environment\": \"Staging\"` . To learn more, see [Tagging](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .\n\nIf you specify new tags for an existing environment, the update requires service interruption before taking effect.", "title": "Tags", "type": "object" }, - "TemplateDescription": { - "markdownDescription": "An optional description of the in-app template.", - "title": "TemplateDescription", + "WebserverAccessMode": { + "markdownDescription": "The Apache Airflow *Web server* access mode. To learn more, see [Apache Airflow access modes](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-networking.html) . Valid values: `PRIVATE_ONLY` or `PUBLIC_ONLY` .", + "title": "WebserverAccessMode", "type": "string" }, - "TemplateName": { - "markdownDescription": "The name of the in-app message template.", - "title": "TemplateName", + "WeeklyMaintenanceWindowStart": { + "markdownDescription": "The day and time of the week to start weekly maintenance updates of your environment in the following format: `DAY:HH:MM` . For example: `TUE:03:30` . You can specify a start time in 30 minute increments only. Supported input includes the following:\n\n- MON|TUE|WED|THU|FRI|SAT|SUN:([01]\\\\d|2[0-3]):(00|30)", + "title": "WeeklyMaintenanceWindowStart", + "type": "string" + }, + "WorkerReplacementStrategy": { + "markdownDescription": "", + "title": "WorkerReplacementStrategy", "type": "string" } }, "required": [ - "TemplateName" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Pinpoint::InAppTemplate" + "AWS::MWAA::Environment" ], "type": "string" }, @@ -179436,163 +182233,81 @@ ], "type": "object" }, - "AWS::Pinpoint::InAppTemplate.BodyConfig": { - "additionalProperties": false, - "properties": { - "Alignment": { - "markdownDescription": "The text alignment of the main body text of the message. Acceptable values: `LEFT` , `CENTER` , `RIGHT` .", - "title": "Alignment", - "type": "string" - }, - "Body": { - "markdownDescription": "The main body text of the message.", - "title": "Body", - "type": "string" - }, - "TextColor": { - "markdownDescription": "The color of the body text, expressed as a hex color code (such as #000000 for black).", - "title": "TextColor", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Pinpoint::InAppTemplate.ButtonConfig": { - "additionalProperties": false, - "properties": { - "Android": { - "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.OverrideButtonConfiguration", - "markdownDescription": "Optional button configuration to use for in-app messages sent to Android devices. This button configuration overrides the default button configuration.", - "title": "Android" - }, - "DefaultConfig": { - "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.DefaultButtonConfiguration", - "markdownDescription": "Specifies the default behavior of a button that appears in an in-app message. You can optionally add button configurations that specifically apply to iOS, Android, or web browser users.", - "title": "DefaultConfig" - }, - "IOS": { - "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.OverrideButtonConfiguration", - "markdownDescription": "Optional button configuration to use for in-app messages sent to iOS devices. This button configuration overrides the default button configuration.", - "title": "IOS" - }, - "Web": { - "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.OverrideButtonConfiguration", - "markdownDescription": "Optional button configuration to use for in-app messages sent to web applications. This button configuration overrides the default button configuration.", - "title": "Web" - } - }, - "type": "object" - }, - "AWS::Pinpoint::InAppTemplate.DefaultButtonConfiguration": { + "AWS::MWAA::Environment.LoggingConfiguration": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "markdownDescription": "The background color of a button, expressed as a hex color code (such as #000000 for black).", - "title": "BackgroundColor", - "type": "string" - }, - "BorderRadius": { - "markdownDescription": "The border radius of a button.", - "title": "BorderRadius", - "type": "number" - }, - "ButtonAction": { - "markdownDescription": "The action that occurs when a recipient chooses a button in an in-app message. You can specify one of the following:\n\n- `LINK` \u2013 A link to a web destination.\n- `DEEP_LINK` \u2013 A link to a specific page in an application.\n- `CLOSE` \u2013 Dismisses the message.", - "title": "ButtonAction", - "type": "string" - }, - "Link": { - "markdownDescription": "The destination (such as a URL) for a button.", - "title": "Link", - "type": "string" + "DagProcessingLogs": { + "$ref": "#/definitions/AWS::MWAA::Environment.ModuleLoggingConfiguration", + "markdownDescription": "Defines the processing logs sent to CloudWatch Logs and the logging level to send.", + "title": "DagProcessingLogs" }, - "Text": { - "markdownDescription": "The text that appears on a button in an in-app message.", - "title": "Text", - "type": "string" + "SchedulerLogs": { + "$ref": "#/definitions/AWS::MWAA::Environment.ModuleLoggingConfiguration", + "markdownDescription": "Defines the scheduler logs sent to CloudWatch Logs and the logging level to send.", + "title": "SchedulerLogs" }, - "TextColor": { - "markdownDescription": "The color of the body text in a button, expressed as a hex color code (such as #000000 for black).", - "title": "TextColor", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Pinpoint::InAppTemplate.HeaderConfig": { - "additionalProperties": false, - "properties": { - "Alignment": { - "markdownDescription": "The text alignment of the title of the message. Acceptable values: `LEFT` , `CENTER` , `RIGHT` .", - "title": "Alignment", - "type": "string" + "TaskLogs": { + "$ref": "#/definitions/AWS::MWAA::Environment.ModuleLoggingConfiguration", + "markdownDescription": "Defines the task logs sent to CloudWatch Logs and the logging level to send.", + "title": "TaskLogs" }, - "Header": { - "markdownDescription": "The title text of the in-app message.", - "title": "Header", - "type": "string" + "WebserverLogs": { + "$ref": "#/definitions/AWS::MWAA::Environment.ModuleLoggingConfiguration", + "markdownDescription": "Defines the web server logs sent to CloudWatch Logs and the logging level to send.", + "title": "WebserverLogs" }, - "TextColor": { - "markdownDescription": "The color of the title text, expressed as a hex color code (such as #000000 for black).", - "title": "TextColor", - "type": "string" + "WorkerLogs": { + "$ref": "#/definitions/AWS::MWAA::Environment.ModuleLoggingConfiguration", + "markdownDescription": "Defines the worker logs sent to CloudWatch Logs and the logging level to send.", + "title": "WorkerLogs" } }, "type": "object" }, - "AWS::Pinpoint::InAppTemplate.InAppMessageContent": { + "AWS::MWAA::Environment.ModuleLoggingConfiguration": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "markdownDescription": "The background color for an in-app message banner, expressed as a hex color code (such as #000000 for black).", - "title": "BackgroundColor", + "CloudWatchLogGroupArn": { + "markdownDescription": "The ARN of the CloudWatch Logs log group for each type of Apache Airflow log type that you have enabled.\n\n> `CloudWatchLogGroupArn` is available only as a return value, accessible when specified as an attribute in the [`Fn:GetAtt`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mwaa-environment.html#aws-resource-mwaa-environment-return-values) intrinsic function. Any value you provide for `CloudWatchLogGroupArn` is discarded by Amazon MWAA.", + "title": "CloudWatchLogGroupArn", "type": "string" }, - "BodyConfig": { - "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.BodyConfig", - "markdownDescription": "An object that contains configuration information about the header or title text of the in-app message.", - "title": "BodyConfig" - }, - "HeaderConfig": { - "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.HeaderConfig", - "markdownDescription": "An object that contains configuration information about the header or title text of the in-app message.", - "title": "HeaderConfig" + "Enabled": { + "markdownDescription": "Indicates whether to enable the Apache Airflow log type (e.g. `DagProcessingLogs` ) in CloudWatch Logs.", + "title": "Enabled", + "type": "boolean" }, - "ImageUrl": { - "markdownDescription": "The URL of the image that appears on an in-app message banner.", - "title": "ImageUrl", + "LogLevel": { + "markdownDescription": "Defines the Apache Airflow logs to send for the log type (e.g. `DagProcessingLogs` ) to CloudWatch Logs. Valid values: `CRITICAL` , `ERROR` , `WARNING` , `INFO` .", + "title": "LogLevel", "type": "string" - }, - "PrimaryBtn": { - "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.ButtonConfig", - "markdownDescription": "An object that contains configuration information about the primary button in an in-app message.", - "title": "PrimaryBtn" - }, - "SecondaryBtn": { - "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.ButtonConfig", - "markdownDescription": "An object that contains configuration information about the secondary button in an in-app message.", - "title": "SecondaryBtn" } }, "type": "object" }, - "AWS::Pinpoint::InAppTemplate.OverrideButtonConfiguration": { + "AWS::MWAA::Environment.NetworkConfiguration": { "additionalProperties": false, "properties": { - "ButtonAction": { - "markdownDescription": "The action that occurs when a recipient chooses a button in an in-app message. You can specify one of the following:\n\n- `LINK` \u2013 A link to a web destination.\n- `DEEP_LINK` \u2013 A link to a specific page in an application.\n- `CLOSE` \u2013 Dismisses the message.", - "title": "ButtonAction", - "type": "string" + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of one or more security group IDs. Accepts up to 5 security group IDs. A security group must be attached to the same VPC as the subnets. To learn more, see [Security in your VPC on Amazon MWAA](https://docs.aws.amazon.com/mwaa/latest/userguide/vpc-security.html) .", + "title": "SecurityGroupIds", + "type": "array" }, - "Link": { - "markdownDescription": "The destination (such as a URL) for a button.", - "title": "Link", - "type": "string" + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of subnet IDs. *Required* to create an environment. Must be private subnets in two different availability zones. A subnet must be attached to the same VPC as the security group. To learn more, see [About networking on Amazon MWAA](https://docs.aws.amazon.com/mwaa/latest/userguide/networking-about.html) .", + "title": "SubnetIds", + "type": "array" } }, "type": "object" }, - "AWS::Pinpoint::PushTemplate": { + "AWS::Macie::AllowList": { "additionalProperties": false, "properties": { "Condition": { @@ -179627,60 +182342,39 @@ "Properties": { "additionalProperties": false, "properties": { - "ADM": { - "$ref": "#/definitions/AWS::Pinpoint::PushTemplate.AndroidPushNotificationTemplate", - "markdownDescription": "The message template to use for the ADM (Amazon Device Messaging) channel. This message template overrides the default template for push notification channels ( `Default` ).", - "title": "ADM" - }, - "APNS": { - "$ref": "#/definitions/AWS::Pinpoint::PushTemplate.APNSPushNotificationTemplate", - "markdownDescription": "The message template to use for the APNs (Apple Push Notification service) channel. This message template overrides the default template for push notification channels ( `Default` ).", - "title": "APNS" - }, - "Baidu": { - "$ref": "#/definitions/AWS::Pinpoint::PushTemplate.AndroidPushNotificationTemplate", - "markdownDescription": "The message template to use for the Baidu (Baidu Cloud Push) channel. This message template overrides the default template for push notification channels ( `Default` ).", - "title": "Baidu" - }, - "Default": { - "$ref": "#/definitions/AWS::Pinpoint::PushTemplate.DefaultPushNotificationTemplate", - "markdownDescription": "The default message template to use for push notification channels.", - "title": "Default" + "Criteria": { + "$ref": "#/definitions/AWS::Macie::AllowList.Criteria", + "markdownDescription": "The criteria that specify the text or text pattern to ignore. The criteria can be the location and name of an Amazon S3 object that lists specific text to ignore ( `S3WordsList` ), or a regular expression ( `Regex` ) that defines a text pattern to ignore.", + "title": "Criteria" }, - "DefaultSubstitutions": { - "markdownDescription": "A JSON object that specifies the default values to use for message variables in the message template. This object is a set of key-value pairs. Each key defines a message variable in the template. The corresponding value defines the default value for that variable. When you create a message that's based on the template, you can override these defaults with message-specific and address-specific variables and values.", - "title": "DefaultSubstitutions", + "Description": { + "markdownDescription": "A custom description of the allow list. The description can contain 1-512 characters.", + "title": "Description", "type": "string" }, - "GCM": { - "$ref": "#/definitions/AWS::Pinpoint::PushTemplate.AndroidPushNotificationTemplate", - "markdownDescription": "The message template to use for the GCM channel, which is used to send notifications through the Firebase Cloud Messaging (FCM), formerly Google Cloud Messaging (GCM), service. This message template overrides the default template for push notification channels ( `Default` ).", - "title": "GCM" + "Name": { + "markdownDescription": "A custom name for the allow list. The name can contain 1-128 characters.", + "title": "Name", + "type": "string" }, "Tags": { - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to the allow list.\n\nFor more information, see [Resource tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", - "type": "object" - }, - "TemplateDescription": { - "markdownDescription": "A custom description of the message template.", - "title": "TemplateDescription", - "type": "string" - }, - "TemplateName": { - "markdownDescription": "The name of the message template to use for the message. If specified, this value must match the name of an existing message template.", - "title": "TemplateName", - "type": "string" + "type": "array" } }, "required": [ - "TemplateName" + "Criteria", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Pinpoint::PushTemplate" + "AWS::Macie::AllowList" ], "type": "string" }, @@ -179699,120 +182393,43 @@ ], "type": "object" }, - "AWS::Pinpoint::PushTemplate.APNSPushNotificationTemplate": { - "additionalProperties": false, - "properties": { - "Action": { - "markdownDescription": "The action to occur if a recipient taps a push notification that's based on the message template. Valid values are:\n\n- `OPEN_APP` \u2013 Your app opens or it becomes the foreground app if it was sent to the background. This is the default action.\n- `DEEP_LINK` \u2013 Your app opens and displays a designated user interface in the app. This setting uses the deep-linking features of the iOS platform.\n- `URL` \u2013 The default mobile browser on the recipient's device opens and loads the web page at a URL that you specify.", - "title": "Action", - "type": "string" - }, - "Body": { - "markdownDescription": "The message body to use in push notifications that are based on the message template.", - "title": "Body", - "type": "string" - }, - "MediaUrl": { - "markdownDescription": "The URL of an image or video to display in push notifications that are based on the message template.", - "title": "MediaUrl", - "type": "string" - }, - "Sound": { - "markdownDescription": "The key for the sound to play when the recipient receives a push notification that's based on the message template. The value for this key is the name of a sound file in your app's main bundle or the `Library/Sounds` folder in your app's data container. If the sound file can't be found or you specify `default` for the value, the system plays the default alert sound.", - "title": "Sound", - "type": "string" - }, - "Title": { - "markdownDescription": "The title to use in push notifications that are based on the message template. This title appears above the notification message on a recipient's device.", - "title": "Title", - "type": "string" - }, - "Url": { - "markdownDescription": "The URL to open in the recipient's default mobile browser, if a recipient taps a push notification that's based on the message template and the value of the `Action` property is `URL` .", - "title": "Url", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Pinpoint::PushTemplate.AndroidPushNotificationTemplate": { + "AWS::Macie::AllowList.Criteria": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The action to occur if a recipient taps a push notification that's based on the message template. Valid values are:\n\n- `OPEN_APP` \u2013 Your app opens or it becomes the foreground app if it was sent to the background. This is the default action.\n- `DEEP_LINK` \u2013 Your app opens and displays a designated user interface in the app. This action uses the deep-linking features of the Android platform.\n- `URL` \u2013 The default mobile browser on the recipient's device opens and loads the web page at a URL that you specify.", - "title": "Action", - "type": "string" - }, - "Body": { - "markdownDescription": "The message body to use in a push notification that's based on the message template.", - "title": "Body", - "type": "string" - }, - "ImageIconUrl": { - "markdownDescription": "The URL of the large icon image to display in the content view of a push notification that's based on the message template.", - "title": "ImageIconUrl", - "type": "string" - }, - "ImageUrl": { - "markdownDescription": "The URL of an image to display in a push notification that's based on the message template.", - "title": "ImageUrl", - "type": "string" - }, - "SmallImageIconUrl": { - "markdownDescription": "The URL of the small icon image to display in the status bar and the content view of a push notification that's based on the message template.", - "title": "SmallImageIconUrl", - "type": "string" - }, - "Sound": { - "markdownDescription": "The sound to play when a recipient receives a push notification that's based on the message template. You can use the default stream or specify the file name of a sound resource that's bundled in your app. On an Android platform, the sound file must reside in `/res/raw/` .", - "title": "Sound", - "type": "string" - }, - "Title": { - "markdownDescription": "The title to use in a push notification that's based on the message template. This title appears above the notification message on a recipient's device.", - "title": "Title", + "Regex": { + "markdownDescription": "The regular expression ( *regex* ) that defines the text pattern to ignore. The expression can contain 1-512 characters.", + "title": "Regex", "type": "string" }, - "Url": { - "markdownDescription": "The URL to open in a recipient's default mobile browser, if a recipient taps a push notification that's based on the message template and the value of the `Action` property is `URL` .", - "title": "Url", - "type": "string" + "S3WordsList": { + "$ref": "#/definitions/AWS::Macie::AllowList.S3WordsList", + "markdownDescription": "The location and name of an Amazon S3 object that lists specific text to ignore.", + "title": "S3WordsList" } }, "type": "object" }, - "AWS::Pinpoint::PushTemplate.DefaultPushNotificationTemplate": { + "AWS::Macie::AllowList.S3WordsList": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The action to occur if a recipient taps a push notification that's based on the message template. Valid values are:\n\n- `OPEN_APP` \u2013 Your app opens or it becomes the foreground app if it was sent to the background. This is the default action.\n- `DEEP_LINK` \u2013 Your app opens and displays a designated user interface in the app. This setting uses the deep-linking features of the iOS and Android platforms.\n- `URL` \u2013 The default mobile browser on the recipient's device opens and loads the web page at a URL that you specify.", - "title": "Action", - "type": "string" - }, - "Body": { - "markdownDescription": "The message body to use in push notifications that are based on the message template.", - "title": "Body", - "type": "string" - }, - "Sound": { - "markdownDescription": "The sound to play when a recipient receives a push notification that's based on the message template. You can use the default stream or specify the file name of a sound resource that's bundled in your app. On an Android platform, the sound file must reside in `/res/raw/` .\n\nFor an iOS platform, this value is the key for the name of a sound file in your app's main bundle or the `Library/Sounds` folder in your app's data container. If the sound file can't be found or you specify `default` for the value, the system plays the default alert sound.", - "title": "Sound", - "type": "string" - }, - "Title": { - "markdownDescription": "The title to use in push notifications that are based on the message template. This title appears above the notification message on a recipient's device.", - "title": "Title", + "BucketName": { + "markdownDescription": "The full name of the S3 bucket that contains the object. This value correlates to the `Name` field of a bucket's properties in Amazon S3 .\n\nThis value is case sensitive. In addition, don't use wildcard characters or specify partial values for the name.", + "title": "BucketName", "type": "string" }, - "Url": { - "markdownDescription": "The URL to open in a recipient's default mobile browser, if a recipient taps a push notification that's based on the message template and the value of the `Action` property is `URL` .", - "title": "Url", + "ObjectKey": { + "markdownDescription": "The full name of the S3 object. This value correlates to the `Key` field of an object's properties in Amazon S3 . If the name includes a path, include the complete path. For example, `AllowLists/Macie/MyList.txt` .\n\nThis value is case sensitive. In addition, don't use wildcard characters or specify partial values for the name.", + "title": "ObjectKey", "type": "string" } }, + "required": [ + "BucketName", + "ObjectKey" + ], "type": "object" }, - "AWS::Pinpoint::SMSChannel": { + "AWS::Macie::CustomDataIdentifier": { "additionalProperties": false, "properties": { "Condition": { @@ -179847,35 +182464,60 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationId": { - "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the SMS channel applies to.", - "title": "ApplicationId", + "Description": { + "markdownDescription": "A custom description of the custom data identifier. The description can contain 1-512 characters.\n\nAvoid including sensitive data in the description. Users of the account might be able to see the description, depending on the actions that they're allowed to perform in Amazon Macie .", + "title": "Description", "type": "string" }, - "Enabled": { - "markdownDescription": "Specifies whether to enable the SMS channel for the application.", - "title": "Enabled", - "type": "boolean" + "IgnoreWords": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of character sequences ( *ignore words* ) to exclude from the results. If text matches the regular expression ( `Regex` ) but it contains a string in this array, Amazon Macie ignores the text and doesn't include it in the results.\n\nThe array can contain 1-10 ignore words. Each ignore word can contain 4-90 UTF-8 characters. Ignore words are case sensitive.", + "title": "IgnoreWords", + "type": "array" }, - "SenderId": { - "markdownDescription": "The identity that you want to display on recipients' devices when they receive messages from the SMS channel.\n\n> SenderIDs are only supported in certain countries and regions. For more information, see [Supported Countries and Regions](https://docs.aws.amazon.com/pinpoint/latest/userguide/channels-sms-countries.html) in the *Amazon Pinpoint User Guide* .", - "title": "SenderId", + "Keywords": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of character sequences ( *keywords* ), one of which must precede and be in proximity ( `MaximumMatchDistance` ) of the regular expression ( `Regex` ) to match.\n\nThe array can contain 1-50 keywords. Each keyword can contain 3-90 UTF-8 characters. Keywords aren't case sensitive.", + "title": "Keywords", + "type": "array" + }, + "MaximumMatchDistance": { + "markdownDescription": "The maximum number of characters that can exist between the end of at least one complete character sequence specified by the `Keywords` array and the end of text that matches the regular expression ( `Regex` ). If a complete keyword precedes all the text that matches the regular expression and the keyword is within the specified distance, Amazon Macie includes the result.\n\nThe distance can be 1-300 characters. The default value is 50.", + "title": "MaximumMatchDistance", + "type": "number" + }, + "Name": { + "markdownDescription": "A custom name for the custom data identifier. The name can contain 1-128 characters.\n\nAvoid including sensitive data in the name of a custom data identifier. Users of the account might be able to see the name, depending on the actions that they're allowed to perform in Amazon Macie .", + "title": "Name", "type": "string" }, - "ShortCode": { - "markdownDescription": "The registered short code that you want to use when you send messages through the SMS channel.\n\n> For information about obtaining a dedicated short code for sending SMS messages, see [Requesting Dedicated Short Codes for SMS Messaging with Amazon Pinpoint](https://docs.aws.amazon.com/pinpoint/latest/userguide/channels-sms-awssupport-short-code.html) in the *Amazon Pinpoint User Guide* .", - "title": "ShortCode", + "Regex": { + "markdownDescription": "The regular expression ( *regex* ) that defines the text pattern to match. The expression can contain 1-512 characters.", + "title": "Regex", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to the custom data identifier.\n\nFor more information, see [Resource tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, "required": [ - "ApplicationId" + "Name", + "Regex" ], "type": "object" }, "Type": { "enum": [ - "AWS::Pinpoint::SMSChannel" + "AWS::Macie::CustomDataIdentifier" ], "type": "string" }, @@ -179894,7 +182536,7 @@ ], "type": "object" }, - "AWS::Pinpoint::Segment": { + "AWS::Macie::FindingsFilter": { "additionalProperties": false, "properties": { "Condition": { @@ -179929,41 +182571,49 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationId": { - "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the segment is associated with.", - "title": "ApplicationId", + "Action": { + "markdownDescription": "The action to perform on findings that match the filter criteria ( `FindingCriteria` ). Valid values are:\n\n- `ARCHIVE` - Suppress (automatically archive) the findings.\n- `NOOP` - Don't perform any action on the findings.", + "title": "Action", "type": "string" }, - "Dimensions": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.SegmentDimensions", - "markdownDescription": "An array that defines the dimensions for the segment.", - "title": "Dimensions" + "Description": { + "markdownDescription": "A custom description of the findings filter. The description can contain 1-512 characters.\n\nAvoid including sensitive data in the description. Users of the account might be able to see the description, depending on the actions that they're allowed to perform in Amazon Macie .", + "title": "Description", + "type": "string" + }, + "FindingCriteria": { + "$ref": "#/definitions/AWS::Macie::FindingsFilter.FindingCriteria", + "markdownDescription": "The criteria to use to filter findings.", + "title": "FindingCriteria" }, "Name": { - "markdownDescription": "The name of the segment.\n\n> A segment must have a name otherwise it will not appear in the Amazon Pinpoint console.", + "markdownDescription": "A custom name for the findings filter. The name can contain 3-64 characters.\n\nAvoid including sensitive data in the name. Users of the account might be able to see the name, depending on the actions that they're allowed to perform in Amazon Macie .", "title": "Name", "type": "string" }, - "SegmentGroups": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.SegmentGroups", - "markdownDescription": "The segment group to use and the dimensions to apply to the group's base segments in order to build the segment. A segment group can consist of zero or more base segments. Your request can include only one segment group.", - "title": "SegmentGroups" + "Position": { + "markdownDescription": "The position of the findings filter in the list of saved filter rules on the Amazon Macie console. This value also determines the order in which the filter is applied to findings, relative to other filters that are also applied to findings.", + "title": "Position", + "type": "number" }, "Tags": { - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to the findings filter.\n\nFor more information, see [Resource tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", - "type": "object" + "type": "array" } }, "required": [ - "ApplicationId", + "FindingCriteria", "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Pinpoint::Segment" + "AWS::Macie::FindingsFilter" ], "type": "string" }, @@ -179982,270 +182632,66 @@ ], "type": "object" }, - "AWS::Pinpoint::Segment.AttributeDimension": { + "AWS::Macie::FindingsFilter.CriterionAdditionalProperties": { "additionalProperties": false, "properties": { - "AttributeType": { - "type": "string" - }, - "Values": { + "eq": { "items": { "type": "string" }, + "markdownDescription": "The value for the specified property matches (equals) the specified value. If you specify multiple values, Amazon Macie uses OR logic to join the values.", + "title": "eq", "type": "array" - } - }, - "type": "object" - }, - "AWS::Pinpoint::Segment.Behavior": { - "additionalProperties": false, - "properties": { - "Recency": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.Recency", - "markdownDescription": "Specifies how recently segment members were active.", - "title": "Recency" - } - }, - "type": "object" - }, - "AWS::Pinpoint::Segment.Coordinates": { - "additionalProperties": false, - "properties": { - "Latitude": { - "markdownDescription": "The latitude coordinate of the location.", - "title": "Latitude", - "type": "number" }, - "Longitude": { - "markdownDescription": "The longitude coordinate of the location.", - "title": "Longitude", + "gt": { + "markdownDescription": "The value for the specified property is greater than the specified value.", + "title": "gt", "type": "number" - } - }, - "required": [ - "Latitude", - "Longitude" - ], - "type": "object" - }, - "AWS::Pinpoint::Segment.Demographic": { - "additionalProperties": false, - "properties": { - "AppVersion": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", - "markdownDescription": "The app version criteria for the segment.", - "title": "AppVersion" - }, - "Channel": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", - "markdownDescription": "The channel criteria for the segment.", - "title": "Channel" - }, - "DeviceType": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", - "markdownDescription": "The device type criteria for the segment.", - "title": "DeviceType" - }, - "Make": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", - "markdownDescription": "The device make criteria for the segment.", - "title": "Make" - }, - "Model": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", - "markdownDescription": "The device model criteria for the segment.", - "title": "Model" - }, - "Platform": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", - "markdownDescription": "The device platform criteria for the segment.", - "title": "Platform" - } - }, - "type": "object" - }, - "AWS::Pinpoint::Segment.GPSPoint": { - "additionalProperties": false, - "properties": { - "Coordinates": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.Coordinates", - "markdownDescription": "The GPS coordinates to measure distance from.", - "title": "Coordinates" }, - "RangeInKilometers": { - "markdownDescription": "The range, in kilometers, from the GPS coordinates.", - "title": "RangeInKilometers", + "gte": { + "markdownDescription": "The value for the specified property is greater than or equal to the specified value.", + "title": "gte", "type": "number" - } - }, - "required": [ - "Coordinates", - "RangeInKilometers" - ], - "type": "object" - }, - "AWS::Pinpoint::Segment.Groups": { - "additionalProperties": false, - "properties": { - "Dimensions": { - "items": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.SegmentDimensions" - }, - "markdownDescription": "An array that defines the dimensions to include or exclude from the segment.", - "title": "Dimensions", - "type": "array" - }, - "SourceSegments": { - "items": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.SourceSegments" - }, - "markdownDescription": "The base segment to build the segment on. A base segment, also called a *source segment* , defines the initial population of endpoints for a segment. When you add dimensions to the segment, Amazon Pinpoint filters the base segment by using the dimensions that you specify.\n\nYou can specify more than one dimensional segment or only one imported segment. If you specify an imported segment, the segment size estimate that displays on the Amazon Pinpoint console indicates the size of the imported segment without any filters applied to it.", - "title": "SourceSegments", - "type": "array" - }, - "SourceType": { - "markdownDescription": "Specifies how to handle multiple base segments for the segment. For example, if you specify three base segments for the segment, whether the resulting segment is based on all, any, or none of the base segments.", - "title": "SourceType", - "type": "string" - }, - "Type": { - "markdownDescription": "Specifies how to handle multiple dimensions for the segment. For example, if you specify three dimensions for the segment, whether the resulting segment includes endpoints that match all, any, or none of the dimensions.", - "title": "Type", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Pinpoint::Segment.Location": { - "additionalProperties": false, - "properties": { - "Country": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", - "markdownDescription": "The country or region code, in ISO 3166-1 alpha-2 format, for the segment.", - "title": "Country" - }, - "GPSPoint": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.GPSPoint", - "markdownDescription": "The GPS point dimension for the segment.", - "title": "GPSPoint" - } - }, - "type": "object" - }, - "AWS::Pinpoint::Segment.Recency": { - "additionalProperties": false, - "properties": { - "Duration": { - "markdownDescription": "The duration to use when determining which users have been active or inactive with your app.\n\nPossible values: `HR_24` | `DAY_7` | `DAY_14` | `DAY_30` .", - "title": "Duration", - "type": "string" - }, - "RecencyType": { - "markdownDescription": "The type of recency dimension to use for the segment. Valid values are: `ACTIVE` and `INACTIVE` . If the value is `ACTIVE` , the segment includes users who have used your app within the specified duration are included in the segment. If the value is `INACTIVE` , the segment includes users who haven't used your app within the specified duration are included in the segment.", - "title": "RecencyType", - "type": "string" - } - }, - "required": [ - "Duration", - "RecencyType" - ], - "type": "object" - }, - "AWS::Pinpoint::Segment.SegmentDimensions": { - "additionalProperties": false, - "properties": { - "Attributes": { - "markdownDescription": "One or more custom attributes to use as criteria for the segment. For more information see [AttributeDimension](https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-segments.html#apps-application-id-segments-model-attributedimension)", - "title": "Attributes", - "type": "object" - }, - "Behavior": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.Behavior", - "markdownDescription": "The behavior-based criteria, such as how recently users have used your app, for the segment.", - "title": "Behavior" - }, - "Demographic": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.Demographic", - "markdownDescription": "The demographic-based criteria, such as device platform, for the segment.", - "title": "Demographic" - }, - "Location": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.Location", - "markdownDescription": "The location-based criteria, such as region or GPS coordinates, for the segment.", - "title": "Location" - }, - "Metrics": { - "markdownDescription": "One or more custom metrics to use as criteria for the segment.", - "title": "Metrics", - "type": "object" }, - "UserAttributes": { - "markdownDescription": "One or more custom user attributes to use as criteria for the segment.", - "title": "UserAttributes", - "type": "object" - } - }, - "type": "object" - }, - "AWS::Pinpoint::Segment.SegmentGroups": { - "additionalProperties": false, - "properties": { - "Groups": { - "items": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.Groups" - }, - "markdownDescription": "Specifies the set of segment criteria to evaluate when handling segment groups for the segment.", - "title": "Groups", - "type": "array" + "lt": { + "markdownDescription": "The value for the specified property is less than the specified value.", + "title": "lt", + "type": "number" }, - "Include": { - "markdownDescription": "Specifies how to handle multiple segment groups for the segment. For example, if the segment includes three segment groups, whether the resulting segment includes endpoints that match all, any, or none of the segment groups.", - "title": "Include", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Pinpoint::Segment.SetDimension": { - "additionalProperties": false, - "properties": { - "DimensionType": { - "markdownDescription": "The type of segment dimension to use. Valid values are: `INCLUSIVE` , endpoints that match the criteria are included in the segment; and, `EXCLUSIVE` , endpoints that match the criteria are excluded from the segment.", - "title": "DimensionType", - "type": "string" + "lte": { + "markdownDescription": "The value for the specified property is less than or equal to the specified value.", + "title": "lte", + "type": "number" }, - "Values": { + "neq": { "items": { "type": "string" }, - "markdownDescription": "The criteria values to use for the segment dimension. Depending on the value of the `DimensionType` property, endpoints are included or excluded from the segment if their values match the criteria values.", - "title": "Values", + "markdownDescription": "The value for the specified property doesn't match (doesn't equal) the specified value. If you specify multiple values, Amazon Macie uses OR logic to join the values.", + "title": "neq", "type": "array" } }, "type": "object" }, - "AWS::Pinpoint::Segment.SourceSegments": { + "AWS::Macie::FindingsFilter.FindingCriteria": { "additionalProperties": false, "properties": { - "Id": { - "markdownDescription": "The unique identifier for the source segment.", - "title": "Id", - "type": "string" - }, - "Version": { - "markdownDescription": "The version number of the source segment.", - "title": "Version", - "type": "number" + "Criterion": { + "additionalProperties": false, + "markdownDescription": "Specifies a condition that defines the property, operator, and one or more values to use to filter the results.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::Macie::FindingsFilter.CriterionAdditionalProperties" + } + }, + "title": "Criterion", + "type": "object" } }, - "required": [ - "Id" - ], "type": "object" }, - "AWS::Pinpoint::SmsTemplate": { + "AWS::Macie::Session": { "additionalProperties": false, "properties": { "Condition": { @@ -180280,41 +182726,22 @@ "Properties": { "additionalProperties": false, "properties": { - "Body": { - "markdownDescription": "The message body to use in text messages that are based on the message template.", - "title": "Body", - "type": "string" - }, - "DefaultSubstitutions": { - "markdownDescription": "A JSON object that specifies the default values to use for message variables in the message template. This object is a set of key-value pairs. Each key defines a message variable in the template. The corresponding value defines the default value for that variable. When you create a message that's based on the template, you can override these defaults with message-specific and address-specific variables and values.", - "title": "DefaultSubstitutions", - "type": "string" - }, - "Tags": { - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "object" - }, - "TemplateDescription": { - "markdownDescription": "A custom description of the message template.", - "title": "TemplateDescription", + "FindingPublishingFrequency": { + "markdownDescription": "Specifies how often Amazon Macie publishes updates to policy findings for the account. This includes publishing updates to AWS Security Hub and Amazon EventBridge (formerly Amazon CloudWatch Events ). Valid values are:\n\n- FIFTEEN_MINUTES\n- ONE_HOUR\n- SIX_HOURS", + "title": "FindingPublishingFrequency", "type": "string" }, - "TemplateName": { - "markdownDescription": "The name of the message template to use for the message. If specified, this value must match the name of an existing message template.", - "title": "TemplateName", + "Status": { + "markdownDescription": "The status of Amazon Macie for the account. Valid values are: `ENABLED` , start or resume Macie activities for the account; and, `PAUSED` , suspend Macie activities for the account.", + "title": "Status", "type": "string" } }, - "required": [ - "Body", - "TemplateName" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Pinpoint::SmsTemplate" + "AWS::Macie::Session" ], "type": "string" }, @@ -180328,12 +182755,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Pinpoint::VoiceChannel": { + "AWS::ManagedBlockchain::Accessor": { "additionalProperties": false, "properties": { "Condition": { @@ -180368,25 +182794,33 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationId": { - "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the voice channel applies to.", - "title": "ApplicationId", + "AccessorType": { + "markdownDescription": "The type of the accessor.\n\n> Currently, accessor type is restricted to `BILLING_TOKEN` .", + "title": "AccessorType", "type": "string" }, - "Enabled": { - "markdownDescription": "Specifies whether to enable the voice channel for the application.", - "title": "Enabled", - "type": "boolean" + "NetworkType": { + "markdownDescription": "The blockchain network that the `Accessor` token is created for.\n\n> We recommend using the appropriate `networkType` value for the blockchain network that you are creating the `Accessor` token for. You cannot use the value `ETHEREUM_MAINNET_AND_GOERLI` to specify a `networkType` for your Accessor token.\n> \n> The default value of `ETHEREUM_MAINNET_AND_GOERLI` is only applied:\n> \n> - when the `CreateAccessor` action does not set a `networkType` .\n> - to all existing `Accessor` tokens that were created before the `networkType` property was introduced.", + "title": "NetworkType", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags assigned to the Accessor.\n\nFor more information about tags, see [Tagging Resources](https://docs.aws.amazon.com/managed-blockchain/latest/ethereum-dev/tagging-resources.html) in the *Amazon Managed Blockchain Ethereum Developer Guide* , or [Tagging Resources](https://docs.aws.amazon.com/managed-blockchain/latest/hyperledger-fabric-dev/tagging-resources.html) in the *Amazon Managed Blockchain Hyperledger Fabric Developer Guide* .", + "title": "Tags", + "type": "array" } }, "required": [ - "ApplicationId" + "AccessorType" ], "type": "object" }, "Type": { "enum": [ - "AWS::Pinpoint::VoiceChannel" + "AWS::ManagedBlockchain::Accessor" ], "type": "string" }, @@ -180405,7 +182839,7 @@ ], "type": "object" }, - "AWS::PinpointEmail::ConfigurationSet": { + "AWS::ManagedBlockchain::Member": { "additionalProperties": false, "properties": { "Condition": { @@ -180440,48 +182874,35 @@ "Properties": { "additionalProperties": false, "properties": { - "DeliveryOptions": { - "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSet.DeliveryOptions", - "markdownDescription": "An object that defines the dedicated IP pool that is used to send emails that you send using the configuration set.", - "title": "DeliveryOptions" - }, - "Name": { - "markdownDescription": "The name of the configuration set.", - "title": "Name", + "InvitationId": { + "markdownDescription": "The unique identifier of the invitation to join the network sent to the account that creates the member.", + "title": "InvitationId", "type": "string" }, - "ReputationOptions": { - "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSet.ReputationOptions", - "markdownDescription": "An object that defines whether or not Amazon Pinpoint collects reputation metrics for the emails that you send that use the configuration set.", - "title": "ReputationOptions" - }, - "SendingOptions": { - "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSet.SendingOptions", - "markdownDescription": "An object that defines whether or not Amazon Pinpoint can send email that you send using the configuration set.", - "title": "SendingOptions" + "MemberConfiguration": { + "$ref": "#/definitions/AWS::ManagedBlockchain::Member.MemberConfiguration", + "markdownDescription": "Configuration properties of the member.", + "title": "MemberConfiguration" }, - "Tags": { - "items": { - "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSet.Tags" - }, - "markdownDescription": "An object that defines the tags (keys and values) that you want to associate with the configuration set.", - "title": "Tags", - "type": "array" + "NetworkConfiguration": { + "$ref": "#/definitions/AWS::ManagedBlockchain::Member.NetworkConfiguration", + "markdownDescription": "Configuration properties of the network to which the member belongs.", + "title": "NetworkConfiguration" }, - "TrackingOptions": { - "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSet.TrackingOptions", - "markdownDescription": "An object that defines the open and click tracking options for emails that you send using the configuration set.", - "title": "TrackingOptions" + "NetworkId": { + "markdownDescription": "The unique identifier of the network to which the member belongs.", + "title": "NetworkId", + "type": "string" } }, "required": [ - "Name" + "MemberConfiguration" ], "type": "object" }, "Type": { "enum": [ - "AWS::PinpointEmail::ConfigurationSet" + "AWS::ManagedBlockchain::Member" ], "type": "string" }, @@ -180500,67 +182921,161 @@ ], "type": "object" }, - "AWS::PinpointEmail::ConfigurationSet.DeliveryOptions": { + "AWS::ManagedBlockchain::Member.ApprovalThresholdPolicy": { "additionalProperties": false, "properties": { - "SendingPoolName": { - "markdownDescription": "The name of the dedicated IP pool that you want to associate with the configuration set.", - "title": "SendingPoolName", + "ProposalDurationInHours": { + "markdownDescription": "The duration from the time that a proposal is created until it expires. If members cast neither the required number of `YES` votes to approve the proposal nor the number of `NO` votes required to reject it before the duration expires, the proposal is `EXPIRED` and `ProposalActions` aren't carried out.", + "title": "ProposalDurationInHours", + "type": "number" + }, + "ThresholdComparator": { + "markdownDescription": "Determines whether the vote percentage must be greater than the `ThresholdPercentage` or must be greater than or equal to the `ThresholdPercentage` to be approved.", + "title": "ThresholdComparator", "type": "string" + }, + "ThresholdPercentage": { + "markdownDescription": "The percentage of votes among all members that must be `YES` for a proposal to be approved. For example, a `ThresholdPercentage` value of `50` indicates 50%. The `ThresholdComparator` determines the precise comparison. If a `ThresholdPercentage` value of `50` is specified on a network with 10 members, along with a `ThresholdComparator` value of `GREATER_THAN` , this indicates that 6 `YES` votes are required for the proposal to be approved.", + "title": "ThresholdPercentage", + "type": "number" } }, "type": "object" }, - "AWS::PinpointEmail::ConfigurationSet.ReputationOptions": { + "AWS::ManagedBlockchain::Member.MemberConfiguration": { "additionalProperties": false, "properties": { - "ReputationMetricsEnabled": { - "markdownDescription": "If `true` , tracking of reputation metrics is enabled for the configuration set. If `false` , tracking of reputation metrics is disabled for the configuration set.", - "title": "ReputationMetricsEnabled", - "type": "boolean" + "Description": { + "markdownDescription": "An optional description of the member.", + "title": "Description", + "type": "string" + }, + "MemberFrameworkConfiguration": { + "$ref": "#/definitions/AWS::ManagedBlockchain::Member.MemberFrameworkConfiguration", + "markdownDescription": "Configuration properties of the blockchain framework relevant to the member.", + "title": "MemberFrameworkConfiguration" + }, + "Name": { + "markdownDescription": "The name of the member.", + "title": "Name", + "type": "string" } }, + "required": [ + "Name" + ], "type": "object" }, - "AWS::PinpointEmail::ConfigurationSet.SendingOptions": { + "AWS::ManagedBlockchain::Member.MemberFabricConfiguration": { "additionalProperties": false, "properties": { - "SendingEnabled": { - "markdownDescription": "If `true` , email sending is enabled for the configuration set. If `false` , email sending is disabled for the configuration set.", - "title": "SendingEnabled", - "type": "boolean" + "AdminPassword": { + "markdownDescription": "The password for the member's initial administrative user. The `AdminPassword` must be at least 8 characters long and no more than 32 characters. It must contain at least one uppercase letter, one lowercase letter, and one digit. It cannot have a single quotation mark (\u2018), a double quotation marks (\u201c), a forward slash(/), a backward slash(\\), @, or a space.", + "title": "AdminPassword", + "type": "string" + }, + "AdminUsername": { + "markdownDescription": "The user name for the member's initial administrative user.", + "title": "AdminUsername", + "type": "string" } }, + "required": [ + "AdminPassword", + "AdminUsername" + ], "type": "object" }, - "AWS::PinpointEmail::ConfigurationSet.Tags": { + "AWS::ManagedBlockchain::Member.MemberFrameworkConfiguration": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "One part of a key-value pair that defines a tag. The maximum length of a tag key is 128 characters. The minimum length is 1 character.\n\nIf you specify tags for the configuration set, then this value is required.", - "title": "Key", + "MemberFabricConfiguration": { + "$ref": "#/definitions/AWS::ManagedBlockchain::Member.MemberFabricConfiguration", + "markdownDescription": "Configuration properties for Hyperledger Fabric.", + "title": "MemberFabricConfiguration" + } + }, + "type": "object" + }, + "AWS::ManagedBlockchain::Member.NetworkConfiguration": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "Attributes of the blockchain framework for the network.", + "title": "Description", "type": "string" }, - "Value": { - "markdownDescription": "The optional part of a key-value pair that defines a tag. The maximum length of a tag value is 256 characters. The minimum length is 0 characters. If you don\u2019t want a resource to have a specific tag value, don\u2019t specify a value for this parameter. Amazon Pinpoint will set the value to an empty string.", - "title": "Value", + "Framework": { + "markdownDescription": "The blockchain framework that the network uses.", + "title": "Framework", + "type": "string" + }, + "FrameworkVersion": { + "markdownDescription": "The version of the blockchain framework that the network uses.", + "title": "FrameworkVersion", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the network.", + "title": "Name", "type": "string" + }, + "NetworkFrameworkConfiguration": { + "$ref": "#/definitions/AWS::ManagedBlockchain::Member.NetworkFrameworkConfiguration", + "markdownDescription": "Configuration properties relevant to the network for the blockchain framework that the network uses.", + "title": "NetworkFrameworkConfiguration" + }, + "VotingPolicy": { + "$ref": "#/definitions/AWS::ManagedBlockchain::Member.VotingPolicy", + "markdownDescription": "The voting rules that the network uses to decide if a proposal is accepted.", + "title": "VotingPolicy" } }, + "required": [ + "Framework", + "FrameworkVersion", + "Name", + "VotingPolicy" + ], "type": "object" }, - "AWS::PinpointEmail::ConfigurationSet.TrackingOptions": { + "AWS::ManagedBlockchain::Member.NetworkFabricConfiguration": { "additionalProperties": false, "properties": { - "CustomRedirectDomain": { - "markdownDescription": "The domain that you want to use for tracking open and click events.", - "title": "CustomRedirectDomain", + "Edition": { + "markdownDescription": "The edition of Amazon Managed Blockchain that the network uses. Valid values are `standard` and `starter` . For more information, see [Amazon Managed Blockchain Pricing](https://docs.aws.amazon.com/managed-blockchain/pricing/)", + "title": "Edition", "type": "string" } }, + "required": [ + "Edition" + ], "type": "object" }, - "AWS::PinpointEmail::ConfigurationSetEventDestination": { + "AWS::ManagedBlockchain::Member.NetworkFrameworkConfiguration": { + "additionalProperties": false, + "properties": { + "NetworkFabricConfiguration": { + "$ref": "#/definitions/AWS::ManagedBlockchain::Member.NetworkFabricConfiguration", + "markdownDescription": "Configuration properties for Hyperledger Fabric for a member in a Managed Blockchain network that is using the Hyperledger Fabric framework.", + "title": "NetworkFabricConfiguration" + } + }, + "type": "object" + }, + "AWS::ManagedBlockchain::Member.VotingPolicy": { + "additionalProperties": false, + "properties": { + "ApprovalThresholdPolicy": { + "$ref": "#/definitions/AWS::ManagedBlockchain::Member.ApprovalThresholdPolicy", + "markdownDescription": "Defines the rules for the network for voting on proposals, such as the percentage of `YES` votes required for the proposal to be approved and the duration of the proposal. The policy applies to all proposals and is specified when the network is created.", + "title": "ApprovalThresholdPolicy" + } + }, + "type": "object" + }, + "AWS::ManagedBlockchain::Node": { "additionalProperties": false, "properties": { "Condition": { @@ -180595,31 +183110,31 @@ "Properties": { "additionalProperties": false, "properties": { - "ConfigurationSetName": { - "markdownDescription": "The name of the configuration set that contains the event destination that you want to modify.", - "title": "ConfigurationSetName", + "MemberId": { + "markdownDescription": "The unique identifier of the member to which the node belongs. Applies only to Hyperledger Fabric.", + "title": "MemberId", "type": "string" }, - "EventDestination": { - "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination.EventDestination", - "markdownDescription": "An object that defines the event destination.", - "title": "EventDestination" - }, - "EventDestinationName": { - "markdownDescription": "The name of the event destination that you want to modify.", - "title": "EventDestinationName", + "NetworkId": { + "markdownDescription": "The unique identifier of the network for the node.\n\nEthereum public networks have the following `NetworkId` s:\n\n- `n-ethereum-mainnet`", + "title": "NetworkId", "type": "string" + }, + "NodeConfiguration": { + "$ref": "#/definitions/AWS::ManagedBlockchain::Node.NodeConfiguration", + "markdownDescription": "Configuration properties of a peer node.", + "title": "NodeConfiguration" } }, "required": [ - "ConfigurationSetName", - "EventDestinationName" + "NetworkId", + "NodeConfiguration" ], "type": "object" }, "Type": { "enum": [ - "AWS::PinpointEmail::ConfigurationSetEventDestination" + "AWS::ManagedBlockchain::Node" ], "type": "string" }, @@ -180638,134 +183153,362 @@ ], "type": "object" }, - "AWS::PinpointEmail::ConfigurationSetEventDestination.CloudWatchDestination": { + "AWS::ManagedBlockchain::Node.NodeConfiguration": { "additionalProperties": false, "properties": { - "DimensionConfigurations": { - "items": { - "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination.DimensionConfiguration" - }, - "markdownDescription": "An array of objects that define the dimensions to use when you send email events to Amazon CloudWatch.", - "title": "DimensionConfigurations", - "type": "array" + "AvailabilityZone": { + "markdownDescription": "The Availability Zone in which the node exists. Required for Ethereum nodes.", + "title": "AvailabilityZone", + "type": "string" + }, + "InstanceType": { + "markdownDescription": "The Amazon Managed Blockchain instance type for the node.", + "title": "InstanceType", + "type": "string" } }, + "required": [ + "AvailabilityZone", + "InstanceType" + ], "type": "object" }, - "AWS::PinpointEmail::ConfigurationSetEventDestination.DimensionConfiguration": { + "AWS::MediaConnect::Bridge": { "additionalProperties": false, "properties": { - "DefaultDimensionValue": { - "markdownDescription": "The default value of the dimension that is published to Amazon CloudWatch if you don't provide the value of the dimension when you send an email. This value has to meet the following criteria:\n\n- It can only contain ASCII letters (a\u2013z, A\u2013Z), numbers (0\u20139), underscores (_), or dashes (-).\n- It can contain no more than 256 characters.", - "title": "DefaultDimensionValue", + "Condition": { "type": "string" }, - "DimensionName": { - "markdownDescription": "The name of an Amazon CloudWatch dimension associated with an email sending metric. The name has to meet the following criteria:\n\n- It can only contain ASCII letters (a\u2013z, A\u2013Z), numbers (0\u20139), underscores (_), or dashes (-).\n- It can contain no more than 256 characters.", - "title": "DimensionName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "DimensionValueSource": { - "markdownDescription": "The location where Amazon Pinpoint finds the value of a dimension to publish to Amazon CloudWatch. Acceptable values: `MESSAGE_TAG` , `EMAIL_HEADER` , and `LINK_TAG` .\n\nIf you want Amazon Pinpoint to use the message tags that you specify using an `X-SES-MESSAGE-TAGS` header or a parameter to the `SendEmail` API, choose `MESSAGE_TAG` . If you want Amazon Pinpoint to use your own email headers, choose `EMAIL_HEADER` . If you want Amazon Pinpoint to use tags that are specified in your links, choose `LINK_TAG` .", - "title": "DimensionValueSource", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "EgressGatewayBridge": { + "$ref": "#/definitions/AWS::MediaConnect::Bridge.EgressGatewayBridge", + "markdownDescription": "An egress bridge is a cloud-to-ground bridge. The content comes from an existing MediaConnect flow and is delivered to your premises.", + "title": "EgressGatewayBridge" + }, + "IngressGatewayBridge": { + "$ref": "#/definitions/AWS::MediaConnect::Bridge.IngressGatewayBridge", + "markdownDescription": "An ingress bridge is a ground-to-cloud bridge. The content originates at your premises and is delivered to the cloud.", + "title": "IngressGatewayBridge" + }, + "Name": { + "markdownDescription": "The name of the bridge. This name can not be modified after the bridge is created.", + "title": "Name", + "type": "string" + }, + "Outputs": { + "items": { + "$ref": "#/definitions/AWS::MediaConnect::Bridge.BridgeOutput" + }, + "markdownDescription": "The outputs that you want to add to this bridge.", + "title": "Outputs", + "type": "array" + }, + "PlacementArn": { + "markdownDescription": "The bridge placement Amazon Resource Number (ARN).", + "title": "PlacementArn", + "type": "string" + }, + "SourceFailoverConfig": { + "$ref": "#/definitions/AWS::MediaConnect::Bridge.FailoverConfig", + "markdownDescription": "The settings for source failover.", + "title": "SourceFailoverConfig" + }, + "Sources": { + "items": { + "$ref": "#/definitions/AWS::MediaConnect::Bridge.BridgeSource" + }, + "markdownDescription": "The sources that you want to add to this bridge.", + "title": "Sources", + "type": "array" + } + }, + "required": [ + "Name", + "PlacementArn", + "Sources" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaConnect::Bridge" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "DefaultDimensionValue", - "DimensionName", - "DimensionValueSource" + "Type", + "Properties" ], "type": "object" }, - "AWS::PinpointEmail::ConfigurationSetEventDestination.EventDestination": { + "AWS::MediaConnect::Bridge.BridgeFlowSource": { "additionalProperties": false, "properties": { - "CloudWatchDestination": { - "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination.CloudWatchDestination", - "markdownDescription": "An object that defines an Amazon CloudWatch destination for email events. You can use Amazon CloudWatch to monitor and gain insights on your email sending metrics.", - "title": "CloudWatchDestination" + "FlowArn": { + "markdownDescription": "The ARN of the cloud flow used as a source of this bridge.", + "title": "FlowArn", + "type": "string" }, - "Enabled": { - "markdownDescription": "If `true` , the event destination is enabled. When the event destination is enabled, the specified event types are sent to the destinations in this `EventDestinationDefinition` .\n\nIf `false` , the event destination is disabled. When the event destination is disabled, events aren't sent to the specified destinations.", - "title": "Enabled", - "type": "boolean" + "FlowVpcInterfaceAttachment": { + "$ref": "#/definitions/AWS::MediaConnect::Bridge.VpcInterfaceAttachment", + "markdownDescription": "The name of the VPC interface attachment to use for this source.", + "title": "FlowVpcInterfaceAttachment" }, - "KinesisFirehoseDestination": { - "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination.KinesisFirehoseDestination", - "markdownDescription": "An object that defines an Amazon Kinesis Data Firehose destination for email events. You can use Amazon Kinesis Data Firehose to stream data to other services, such as Amazon S3 and Amazon Redshift.", - "title": "KinesisFirehoseDestination" + "Name": { + "markdownDescription": "The name of the flow source.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "FlowArn", + "Name" + ], + "type": "object" + }, + "AWS::MediaConnect::Bridge.BridgeNetworkOutput": { + "additionalProperties": false, + "properties": { + "IpAddress": { + "markdownDescription": "The network output IP address.", + "title": "IpAddress", + "type": "string" }, - "MatchingEventTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The types of events that Amazon Pinpoint sends to the specified event destinations. Acceptable values: `SEND` , `REJECT` , `BOUNCE` , `COMPLAINT` , `DELIVERY` , `OPEN` , `CLICK` , and `RENDERING_FAILURE` .", - "title": "MatchingEventTypes", - "type": "array" + "Name": { + "markdownDescription": "The network output name.", + "title": "Name", + "type": "string" }, - "PinpointDestination": { - "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination.PinpointDestination", - "markdownDescription": "An object that defines a Amazon Pinpoint destination for email events. You can use Amazon Pinpoint events to create attributes in Amazon Pinpoint projects. You can use these attributes to create segments for your campaigns.", - "title": "PinpointDestination" + "NetworkName": { + "markdownDescription": "The network output's gateway network name.", + "title": "NetworkName", + "type": "string" }, - "SnsDestination": { - "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination.SnsDestination", - "markdownDescription": "An object that defines an Amazon SNS destination for email events. You can use Amazon SNS to send notification when certain email events occur.", - "title": "SnsDestination" + "Port": { + "markdownDescription": "The network output's port.", + "title": "Port", + "type": "number" + }, + "Protocol": { + "markdownDescription": "The network output protocol.\n\n> AWS Elemental MediaConnect no longer supports the Fujitsu QoS protocol. This reference is maintained for legacy purposes only.", + "title": "Protocol", + "type": "string" + }, + "Ttl": { + "markdownDescription": "The network output TTL.", + "title": "Ttl", + "type": "number" } }, "required": [ - "MatchingEventTypes" + "IpAddress", + "Name", + "NetworkName", + "Port", + "Protocol", + "Ttl" ], "type": "object" }, - "AWS::PinpointEmail::ConfigurationSetEventDestination.KinesisFirehoseDestination": { + "AWS::MediaConnect::Bridge.BridgeNetworkSource": { "additionalProperties": false, "properties": { - "DeliveryStreamArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Kinesis Data Firehose stream that Amazon Pinpoint sends email events to.", - "title": "DeliveryStreamArn", + "MulticastIp": { + "markdownDescription": "The network source multicast IP.", + "title": "MulticastIp", "type": "string" }, - "IamRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that Amazon Pinpoint uses when sending email events to the Amazon Kinesis Data Firehose stream.", - "title": "IamRoleArn", + "MulticastSourceSettings": { + "$ref": "#/definitions/AWS::MediaConnect::Bridge.MulticastSourceSettings", + "markdownDescription": "The settings related to the multicast source.", + "title": "MulticastSourceSettings" + }, + "Name": { + "markdownDescription": "The name of the network source.", + "title": "Name", + "type": "string" + }, + "NetworkName": { + "markdownDescription": "The network source's gateway network name.", + "title": "NetworkName", + "type": "string" + }, + "Port": { + "markdownDescription": "The network source port.", + "title": "Port", + "type": "number" + }, + "Protocol": { + "markdownDescription": "The network source protocol.\n\n> AWS Elemental MediaConnect no longer supports the Fujitsu QoS protocol. This reference is maintained for legacy purposes only.", + "title": "Protocol", "type": "string" } }, "required": [ - "DeliveryStreamArn", - "IamRoleArn" + "MulticastIp", + "Name", + "NetworkName", + "Port", + "Protocol" ], "type": "object" }, - "AWS::PinpointEmail::ConfigurationSetEventDestination.PinpointDestination": { + "AWS::MediaConnect::Bridge.BridgeOutput": { "additionalProperties": false, "properties": { - "ApplicationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Pinpoint project that you want to send email events to.", - "title": "ApplicationArn", - "type": "string" + "NetworkOutput": { + "$ref": "#/definitions/AWS::MediaConnect::Bridge.BridgeNetworkOutput", + "markdownDescription": "The output of the bridge. A network output is delivered to your premises.", + "title": "NetworkOutput" } }, "type": "object" }, - "AWS::PinpointEmail::ConfigurationSetEventDestination.SnsDestination": { + "AWS::MediaConnect::Bridge.BridgeSource": { "additionalProperties": false, "properties": { - "TopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic that you want to publish email events to. For more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) .", - "title": "TopicArn", + "FlowSource": { + "$ref": "#/definitions/AWS::MediaConnect::Bridge.BridgeFlowSource", + "markdownDescription": "The source of the bridge. A flow source originates in MediaConnect as an existing cloud flow.", + "title": "FlowSource" + }, + "NetworkSource": { + "$ref": "#/definitions/AWS::MediaConnect::Bridge.BridgeNetworkSource", + "markdownDescription": "The source of the bridge. A network source originates at your premises.", + "title": "NetworkSource" + } + }, + "type": "object" + }, + "AWS::MediaConnect::Bridge.EgressGatewayBridge": { + "additionalProperties": false, + "properties": { + "MaxBitrate": { + "markdownDescription": "The maximum expected bitrate (in bps) of the egress bridge.", + "title": "MaxBitrate", + "type": "number" + } + }, + "required": [ + "MaxBitrate" + ], + "type": "object" + }, + "AWS::MediaConnect::Bridge.FailoverConfig": { + "additionalProperties": false, + "properties": { + "FailoverMode": { + "markdownDescription": "The type of failover you choose for this flow. MERGE combines the source streams into a single stream, allowing graceful recovery from any single-source loss. FAILOVER allows switching between different streams.", + "title": "FailoverMode", + "type": "string" + }, + "SourcePriority": { + "$ref": "#/definitions/AWS::MediaConnect::Bridge.SourcePriority", + "markdownDescription": "The priority you want to assign to a source. You can have a primary stream and a backup stream or two equally prioritized streams.", + "title": "SourcePriority" + }, + "State": { + "markdownDescription": "The state of source failover on the flow. If the state is inactive, the flow can have only one source. If the state is active, the flow can have one or two sources.", + "title": "State", "type": "string" } }, "required": [ - "TopicArn" + "FailoverMode" ], "type": "object" }, - "AWS::PinpointEmail::DedicatedIpPool": { + "AWS::MediaConnect::Bridge.IngressGatewayBridge": { + "additionalProperties": false, + "properties": { + "MaxBitrate": { + "markdownDescription": "The maximum expected bitrate (in bps) of the ingress bridge.", + "title": "MaxBitrate", + "type": "number" + }, + "MaxOutputs": { + "markdownDescription": "The maximum number of outputs on the ingress bridge.", + "title": "MaxOutputs", + "type": "number" + } + }, + "required": [ + "MaxBitrate", + "MaxOutputs" + ], + "type": "object" + }, + "AWS::MediaConnect::Bridge.MulticastSourceSettings": { + "additionalProperties": false, + "properties": { + "MulticastSourceIp": { + "markdownDescription": "The IP address of the source for source-specific multicast (SSM).", + "title": "MulticastSourceIp", + "type": "string" + } + }, + "type": "object" + }, + "AWS::MediaConnect::Bridge.SourcePriority": { + "additionalProperties": false, + "properties": { + "PrimarySource": { + "markdownDescription": "The name of the source you choose as the primary source for this flow.", + "title": "PrimarySource", + "type": "string" + } + }, + "type": "object" + }, + "AWS::MediaConnect::Bridge.VpcInterfaceAttachment": { + "additionalProperties": false, + "properties": { + "VpcInterfaceName": { + "markdownDescription": "The name of the VPC interface to use for this resource.", + "title": "VpcInterfaceName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::MediaConnect::BridgeOutput": { "additionalProperties": false, "properties": { "Condition": { @@ -180800,25 +183543,32 @@ "Properties": { "additionalProperties": false, "properties": { - "PoolName": { - "markdownDescription": "The name of the dedicated IP pool.", - "title": "PoolName", + "BridgeArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the bridge that you want to update.", + "title": "BridgeArn", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/AWS::PinpointEmail::DedicatedIpPool.Tags" - }, - "markdownDescription": "An object that defines the tags (keys and values) that you want to associate with the dedicated IP pool.", - "title": "Tags", - "type": "array" + "Name": { + "markdownDescription": "The network output name. This name is used to reference the output and must be unique among outputs in this bridge.", + "title": "Name", + "type": "string" + }, + "NetworkOutput": { + "$ref": "#/definitions/AWS::MediaConnect::BridgeOutput.BridgeNetworkOutput", + "markdownDescription": "The network output of the bridge. A network output is delivered to your premises.", + "title": "NetworkOutput" } }, + "required": [ + "BridgeArn", + "Name", + "NetworkOutput" + ], "type": "object" }, "Type": { "enum": [ - "AWS::PinpointEmail::DedicatedIpPool" + "AWS::MediaConnect::BridgeOutput" ], "type": "string" }, @@ -180832,27 +183582,50 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::PinpointEmail::DedicatedIpPool.Tags": { + "AWS::MediaConnect::BridgeOutput.BridgeNetworkOutput": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "One part of a key-value pair that defines a tag. The maximum length of a tag key is 128 characters. The minimum length is 1 character.\n\nIf you specify tags for the dedicated IP pool, then this value is required.", - "title": "Key", + "IpAddress": { + "markdownDescription": "The network output IP address.", + "title": "IpAddress", "type": "string" }, - "Value": { - "markdownDescription": "The optional part of a key-value pair that defines a tag. The maximum length of a tag value is 256 characters. The minimum length is 0 characters. If you don\u2019t want a resource to have a specific tag value, don\u2019t specify a value for this parameter. Amazon Pinpoint will set the value to an empty string.", - "title": "Value", + "NetworkName": { + "markdownDescription": "The network output's gateway network name.", + "title": "NetworkName", + "type": "string" + }, + "Port": { + "markdownDescription": "The network output's port.", + "title": "Port", + "type": "number" + }, + "Protocol": { + "markdownDescription": "The network output protocol.\n\n> AWS Elemental MediaConnect no longer supports the Fujitsu QoS protocol. This reference is maintained for legacy purposes only.", + "title": "Protocol", "type": "string" + }, + "Ttl": { + "markdownDescription": "The network output TTL.", + "title": "Ttl", + "type": "number" } }, + "required": [ + "IpAddress", + "NetworkName", + "Port", + "Protocol", + "Ttl" + ], "type": "object" }, - "AWS::PinpointEmail::Identity": { + "AWS::MediaConnect::BridgeSource": { "additionalProperties": false, "properties": { "Condition": { @@ -180887,43 +183660,36 @@ "Properties": { "additionalProperties": false, "properties": { - "DkimSigningEnabled": { - "markdownDescription": "For domain identities, this attribute is used to enable or disable DomainKeys Identified Mail (DKIM) signing for the domain.\n\nIf the value is `true` , then the messages that you send from the domain are signed using both the DKIM keys for your domain, as well as the keys for the `amazonses.com` domain. If the value is `false` , then the messages that you send are only signed using the DKIM keys for the `amazonses.com` domain.", - "title": "DkimSigningEnabled", - "type": "boolean" - }, - "FeedbackForwardingEnabled": { - "markdownDescription": "Used to enable or disable feedback forwarding for an identity. This setting determines what happens when an identity is used to send an email that results in a bounce or complaint event.\n\nWhen you enable feedback forwarding, Amazon Pinpoint sends you email notifications when bounce or complaint events occur. Amazon Pinpoint sends this notification to the address that you specified in the Return-Path header of the original email.\n\nWhen you disable feedback forwarding, Amazon Pinpoint sends notifications through other mechanisms, such as by notifying an Amazon SNS topic. You're required to have a method of tracking bounces and complaints. If you haven't set up another mechanism for receiving bounce or complaint notifications, Amazon Pinpoint sends an email notification when these events occur (even if this setting is disabled).", - "title": "FeedbackForwardingEnabled", - "type": "boolean" + "BridgeArn": { + "markdownDescription": "The ARN of the bridge feeding this flow.", + "title": "BridgeArn", + "type": "string" }, - "MailFromAttributes": { - "$ref": "#/definitions/AWS::PinpointEmail::Identity.MailFromAttributes", - "markdownDescription": "Used to enable or disable the custom Mail-From domain configuration for an email identity.", - "title": "MailFromAttributes" + "FlowSource": { + "$ref": "#/definitions/AWS::MediaConnect::BridgeSource.BridgeFlowSource", + "markdownDescription": "The source of the flow.", + "title": "FlowSource" }, "Name": { - "markdownDescription": "The address or domain of the identity, such as *sender@example.com* or *example.co.uk* .", + "markdownDescription": "The name of the flow source. This name is used to reference the source and must be unique among sources in this bridge.", "title": "Name", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/AWS::PinpointEmail::Identity.Tags" - }, - "markdownDescription": "An object that defines the tags (keys and values) that you want to associate with the email identity.", - "title": "Tags", - "type": "array" + "NetworkSource": { + "$ref": "#/definitions/AWS::MediaConnect::BridgeSource.BridgeNetworkSource", + "markdownDescription": "The source of the network.", + "title": "NetworkSource" } }, "required": [ + "BridgeArn", "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::PinpointEmail::Identity" + "AWS::MediaConnect::BridgeSource" ], "type": "string" }, @@ -180942,39 +183708,85 @@ ], "type": "object" }, - "AWS::PinpointEmail::Identity.MailFromAttributes": { + "AWS::MediaConnect::BridgeSource.BridgeFlowSource": { "additionalProperties": false, "properties": { - "BehaviorOnMxFailure": { - "markdownDescription": "The action that Amazon Pinpoint to takes if it can't read the required MX record for a custom MAIL FROM domain. When you set this value to `UseDefaultValue` , Amazon Pinpoint uses *amazonses.com* as the MAIL FROM domain. When you set this value to `RejectMessage` , Amazon Pinpoint returns a `MailFromDomainNotVerified` error, and doesn't attempt to deliver the email.\n\nThese behaviors are taken when the custom MAIL FROM domain configuration is in the `Pending` , `Failed` , and `TemporaryFailure` states.", - "title": "BehaviorOnMxFailure", + "FlowArn": { + "markdownDescription": "The ARN of the cloud flow used as a source of this bridge.", + "title": "FlowArn", "type": "string" }, - "MailFromDomain": { - "markdownDescription": "The name of a domain that an email identity uses as a custom MAIL FROM domain.", - "title": "MailFromDomain", - "type": "string" + "FlowVpcInterfaceAttachment": { + "$ref": "#/definitions/AWS::MediaConnect::BridgeSource.VpcInterfaceAttachment", + "markdownDescription": "The name of the VPC interface attachment to use for this source.", + "title": "FlowVpcInterfaceAttachment" } }, + "required": [ + "FlowArn" + ], "type": "object" }, - "AWS::PinpointEmail::Identity.Tags": { + "AWS::MediaConnect::BridgeSource.BridgeNetworkSource": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "One part of a key-value pair that defines a tag. The maximum length of a tag key is 128 characters. The minimum length is 1 character.\n\nIf you specify tags for the identity, then this value is required.", - "title": "Key", + "MulticastIp": { + "markdownDescription": "The network source multicast IP.", + "title": "MulticastIp", "type": "string" }, - "Value": { - "markdownDescription": "The optional part of a key-value pair that defines a tag. The maximum length of a tag value is 256 characters. The minimum length is 0 characters. If you don\u2019t want a resource to have a specific tag value, don\u2019t specify a value for this parameter. Amazon Pinpoint will set the value to an empty string.", - "title": "Value", + "MulticastSourceSettings": { + "$ref": "#/definitions/AWS::MediaConnect::BridgeSource.MulticastSourceSettings", + "markdownDescription": "The settings related to the multicast source.", + "title": "MulticastSourceSettings" + }, + "NetworkName": { + "markdownDescription": "The network source's gateway network name.", + "title": "NetworkName", + "type": "string" + }, + "Port": { + "markdownDescription": "The network source port.", + "title": "Port", + "type": "number" + }, + "Protocol": { + "markdownDescription": "The network source protocol.\n\n> AWS Elemental MediaConnect no longer supports the Fujitsu QoS protocol. This reference is maintained for legacy purposes only.", + "title": "Protocol", + "type": "string" + } + }, + "required": [ + "MulticastIp", + "NetworkName", + "Port", + "Protocol" + ], + "type": "object" + }, + "AWS::MediaConnect::BridgeSource.MulticastSourceSettings": { + "additionalProperties": false, + "properties": { + "MulticastSourceIp": { + "markdownDescription": "The IP address of the source for source-specific multicast (SSM).", + "title": "MulticastSourceIp", "type": "string" } }, "type": "object" }, - "AWS::Pipes::Pipe": { + "AWS::MediaConnect::BridgeSource.VpcInterfaceAttachment": { + "additionalProperties": false, + "properties": { + "VpcInterfaceName": { + "markdownDescription": "The name of the VPC interface to use for this resource.", + "title": "VpcInterfaceName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::MediaConnect::Flow": { "additionalProperties": false, "properties": { "Condition": { @@ -181009,83 +183821,72 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the pipe.", - "title": "Description", - "type": "string" - }, - "DesiredState": { - "markdownDescription": "The state the pipe should be in.", - "title": "DesiredState", + "AvailabilityZone": { + "markdownDescription": "The Availability Zone that you want to create the flow in. These options are limited to the Availability Zones within the current AWS Region.", + "title": "AvailabilityZone", "type": "string" }, - "Enrichment": { - "markdownDescription": "The ARN of the enrichment resource.", - "title": "Enrichment", + "FlowSize": { + "markdownDescription": "Determines the processing capacity and feature set of the flow. Set this optional parameter to LARGE if you want to enable NDI outputs on the flow.", + "title": "FlowSize", "type": "string" }, - "EnrichmentParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeEnrichmentParameters", - "markdownDescription": "The parameters required to set up enrichment on your pipe.", - "title": "EnrichmentParameters" + "Maintenance": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.Maintenance", + "markdownDescription": "The maintenance settings you want to use for the flow.", + "title": "Maintenance" }, - "LogConfiguration": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeLogConfiguration", - "markdownDescription": "The logging configuration settings for the pipe.", - "title": "LogConfiguration" + "MediaStreams": { + "items": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.MediaStream" + }, + "markdownDescription": "The media streams that are associated with the flow. After you associate a media stream with a source, you can also associate it with outputs on the flow.", + "title": "MediaStreams", + "type": "array" }, "Name": { - "markdownDescription": "The name of the pipe.", + "markdownDescription": "The name of the flow.", "title": "Name", "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the role that allows the pipe to send data to the target.", - "title": "RoleArn", - "type": "string" + "NdiConfig": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.NdiConfig", + "markdownDescription": "Specifies the configuration settings for NDI outputs. Required when the flow includes NDI outputs.", + "title": "NdiConfig" }, "Source": { - "markdownDescription": "The ARN of the source resource.", - "title": "Source", - "type": "string" - }, - "SourceParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceParameters", - "markdownDescription": "The parameters required to set up a source for your pipe.", - "title": "SourceParameters" + "$ref": "#/definitions/AWS::MediaConnect::Flow.Source", + "markdownDescription": "The settings for the source that you want to use for the new flow.", + "title": "Source" }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "The list of key-value pairs to associate with the pipe.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" + "SourceFailoverConfig": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.FailoverConfig", + "markdownDescription": "The settings for source failover.", + "title": "SourceFailoverConfig" }, - "Target": { - "markdownDescription": "The ARN of the target resource.", - "title": "Target", - "type": "string" + "SourceMonitoringConfig": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.SourceMonitoringConfig", + "markdownDescription": "The settings for source monitoring.", + "title": "SourceMonitoringConfig" }, - "TargetParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetParameters", - "markdownDescription": "The parameters required to set up a target for your pipe.\n\nFor more information about pipe target parameters, including how to use dynamic path parameters, see [Target parameters](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes-event-target.html) in the *Amazon EventBridge User Guide* .", - "title": "TargetParameters" + "VpcInterfaces": { + "items": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.VpcInterface" + }, + "markdownDescription": "The VPC Interfaces for this flow.", + "title": "VpcInterfaces", + "type": "array" } }, "required": [ - "RoleArn", - "Source", - "Target" + "Name", + "Source" ], "type": "object" }, "Type": { "enum": [ - "AWS::Pipes::Pipe" + "AWS::MediaConnect::Flow" ], "type": "string" }, @@ -181104,1409 +183905,1331 @@ ], "type": "object" }, - "AWS::Pipes::Pipe.AwsVpcConfiguration": { + "AWS::MediaConnect::Flow.AudioMonitoringSetting": { "additionalProperties": false, "properties": { - "AssignPublicIp": { - "markdownDescription": "Specifies whether the task's elastic network interface receives a public IP address. You can specify `ENABLED` only when `LaunchType` in `EcsParameters` is set to `FARGATE` .", - "title": "AssignPublicIp", - "type": "string" - }, - "SecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the security groups associated with the task. These security groups must all be in the same VPC. You can specify as many as five security groups. If you do not specify a security group, the default security group for the VPC is used.", - "title": "SecurityGroups", - "type": "array" - }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the subnets associated with the task. These subnets must all be in the same VPC. You can specify as many as 16 subnets.", - "title": "Subnets", - "type": "array" + "SilentAudio": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.SilentAudio", + "markdownDescription": "Detects periods of silence.", + "title": "SilentAudio" } }, - "required": [ - "Subnets" - ], "type": "object" }, - "AWS::Pipes::Pipe.BatchArrayProperties": { + "AWS::MediaConnect::Flow.BlackFrames": { "additionalProperties": false, "properties": { - "Size": { - "markdownDescription": "The size of the array, if this is an array batch job.", - "title": "Size", + "State": { + "markdownDescription": "Indicates whether the `BlackFrames` metric is enabled or disabled..", + "title": "State", + "type": "string" + }, + "ThresholdSeconds": { + "markdownDescription": "Specifies the number of consecutive seconds of black frames that triggers an event or alert.", + "title": "ThresholdSeconds", "type": "number" } }, "type": "object" }, - "AWS::Pipes::Pipe.BatchContainerOverrides": { + "AWS::MediaConnect::Flow.Encryption": { "additionalProperties": false, "properties": { - "Command": { - "items": { - "type": "string" - }, - "markdownDescription": "The command to send to the container that overrides the default command from the Docker image or the task definition.", - "title": "Command", - "type": "array" + "Algorithm": { + "markdownDescription": "The type of algorithm that is used for static key encryption (such as aes128, aes192, or aes256). If you are using SPEKE or SRT-password encryption, this property must be left blank.", + "title": "Algorithm", + "type": "string" }, - "Environment": { - "items": { - "$ref": "#/definitions/AWS::Pipes::Pipe.BatchEnvironmentVariable" - }, - "markdownDescription": "The environment variables to send to the container. You can add new environment variables, which are added to the container at launch, or you can override the existing environment variables from the Docker image or the task definition.\n\n> Environment variables cannot start with \" `AWS Batch` \". This naming convention is reserved for variables that AWS Batch sets.", - "title": "Environment", - "type": "array" + "ConstantInitializationVector": { + "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, to be used with the key for encrypting content. This parameter is not valid for static key encryption.", + "title": "ConstantInitializationVector", + "type": "string" }, - "InstanceType": { - "markdownDescription": "The instance type to use for a multi-node parallel job.\n\n> This parameter isn't applicable to single-node container jobs or jobs that run on Fargate resources, and shouldn't be provided.", - "title": "InstanceType", + "DeviceId": { + "markdownDescription": "The value of one of the devices that you configured with your digital rights management (DRM) platform key provider. This parameter is required for SPEKE encryption and is not valid for static key encryption.", + "title": "DeviceId", "type": "string" }, - "ResourceRequirements": { - "items": { - "$ref": "#/definitions/AWS::Pipes::Pipe.BatchResourceRequirement" - }, - "markdownDescription": "The type and amount of resources to assign to a container. This overrides the settings in the job definition. The supported resources include `GPU` , `MEMORY` , and `VCPU` .", - "title": "ResourceRequirements", - "type": "array" + "KeyType": { + "markdownDescription": "The type of key that is used for the encryption. If you don't specify a `keyType` value, the service uses the default setting ( `static-key` ). Valid key types are: `static-key` , `speke` , and `srt-password` .", + "title": "KeyType", + "type": "string" + }, + "Region": { + "markdownDescription": "The AWS Region that the API Gateway proxy endpoint was created in. This parameter is required for SPEKE encryption and is not valid for static key encryption.", + "title": "Region", + "type": "string" + }, + "ResourceId": { + "markdownDescription": "An identifier for the content. The service sends this value to the key server to identify the current endpoint. The resource ID is also known as the content ID. This parameter is required for SPEKE encryption and is not valid for static key encryption.", + "title": "ResourceId", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the role that you created during setup (when you set up MediaConnect as a trusted entity).", + "title": "RoleArn", + "type": "string" + }, + "SecretArn": { + "markdownDescription": "The ARN of the secret that you created in AWS Secrets Manager to store the encryption key. This parameter is required for static key encryption and is not valid for SPEKE encryption.", + "title": "SecretArn", + "type": "string" + }, + "Url": { + "markdownDescription": "The URL from the API Gateway proxy that you set up to talk to your key server. This parameter is required for SPEKE encryption and is not valid for static key encryption.", + "title": "Url", + "type": "string" } }, + "required": [ + "RoleArn" + ], "type": "object" }, - "AWS::Pipes::Pipe.BatchEnvironmentVariable": { + "AWS::MediaConnect::Flow.FailoverConfig": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the key-value pair. For environment variables, this is the name of the environment variable.", - "title": "Name", + "FailoverMode": { + "markdownDescription": "The type of failover you choose for this flow. MERGE combines the source streams into a single stream, allowing graceful recovery from any single-source loss. FAILOVER allows switching between different streams. The string for this property must be entered as MERGE or FAILOVER. No other string entry is valid.", + "title": "FailoverMode", "type": "string" }, - "Value": { - "markdownDescription": "The value of the key-value pair. For environment variables, this is the value of the environment variable.", - "title": "Value", + "RecoveryWindow": { + "markdownDescription": "Search window time to look for dash-7 packets.", + "title": "RecoveryWindow", + "type": "number" + }, + "SourcePriority": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.SourcePriority", + "markdownDescription": "The priority you want to assign to a source. You can have a primary stream and a backup stream or two equally prioritized streams.", + "title": "SourcePriority" + }, + "State": { + "markdownDescription": "The state of source failover on the flow. If the state is inactive, the flow can have only one source. If the state is active, the flow can have one or two sources.", + "title": "State", "type": "string" } }, "type": "object" }, - "AWS::Pipes::Pipe.BatchJobDependency": { + "AWS::MediaConnect::Flow.Fmtp": { "additionalProperties": false, "properties": { - "JobId": { - "markdownDescription": "The job ID of the AWS Batch job that's associated with this dependency.", - "title": "JobId", + "ChannelOrder": { + "markdownDescription": "The format of the audio channel.", + "title": "ChannelOrder", "type": "string" }, - "Type": { - "markdownDescription": "The type of the job dependency.", - "title": "Type", + "Colorimetry": { + "markdownDescription": "The format used for the representation of color.", + "title": "Colorimetry", + "type": "string" + }, + "ExactFramerate": { + "markdownDescription": "The frame rate for the video stream, in frames/second. For example: 60000/1001.", + "title": "ExactFramerate", + "type": "string" + }, + "Par": { + "markdownDescription": "The pixel aspect ratio (PAR) of the video.", + "title": "Par", + "type": "string" + }, + "Range": { + "markdownDescription": "The encoding range of the video.", + "title": "Range", + "type": "string" + }, + "ScanMode": { + "markdownDescription": "The type of compression that was used to smooth the video\u2019s appearance.", + "title": "ScanMode", + "type": "string" + }, + "Tcs": { + "markdownDescription": "The transfer characteristic system (TCS) that is used in the video.", + "title": "Tcs", "type": "string" } }, "type": "object" }, - "AWS::Pipes::Pipe.BatchResourceRequirement": { + "AWS::MediaConnect::Flow.FrozenFrames": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The type of resource to assign to a container. The supported resources include `GPU` , `MEMORY` , and `VCPU` .", - "title": "Type", + "State": { + "markdownDescription": "Indicates whether the `FrozenFrames` metric is enabled or disabled.", + "title": "State", "type": "string" }, - "Value": { - "markdownDescription": "The quantity of the specified resource to reserve for the container. The values vary based on the `type` specified.\n\n- **type=\"GPU\"** - The number of physical GPUs to reserve for the container. Make sure that the number of GPUs reserved for all containers in a job doesn't exceed the number of available GPUs on the compute resource that the job is launched on.\n\n> GPUs aren't available for jobs that are running on Fargate resources.\n- **type=\"MEMORY\"** - The memory hard limit (in MiB) present to the container. This parameter is supported for jobs that are running on EC2 resources. If your container attempts to exceed the memory specified, the container is terminated. This parameter maps to `Memory` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--memory` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . You must specify at least 4 MiB of memory for a job. This is required but can be specified in several places for multi-node parallel (MNP) jobs. It must be specified for each node at least once. This parameter maps to `Memory` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--memory` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) .\n\n> If you're trying to maximize your resource utilization by providing your jobs as much memory as possible for a particular instance type, see [Memory management](https://docs.aws.amazon.com/batch/latest/userguide/memory-management.html) in the *AWS Batch User Guide* . \n\nFor jobs that are running on Fargate resources, then `value` is the hard limit (in MiB), and must match one of the supported values and the `VCPU` values must be one of the values supported for that memory value.\n\n- **value = 512** - `VCPU` = 0.25\n- **value = 1024** - `VCPU` = 0.25 or 0.5\n- **value = 2048** - `VCPU` = 0.25, 0.5, or 1\n- **value = 3072** - `VCPU` = 0.5, or 1\n- **value = 4096** - `VCPU` = 0.5, 1, or 2\n- **value = 5120, 6144, or 7168** - `VCPU` = 1 or 2\n- **value = 8192** - `VCPU` = 1, 2, 4, or 8\n- **value = 9216, 10240, 11264, 12288, 13312, 14336, or 15360** - `VCPU` = 2 or 4\n- **value = 16384** - `VCPU` = 2, 4, or 8\n- **value = 17408, 18432, 19456, 21504, 22528, 23552, 25600, 26624, 27648, 29696, or 30720** - `VCPU` = 4\n- **value = 20480, 24576, or 28672** - `VCPU` = 4 or 8\n- **value = 36864, 45056, 53248, or 61440** - `VCPU` = 8\n- **value = 32768, 40960, 49152, or 57344** - `VCPU` = 8 or 16\n- **value = 65536, 73728, 81920, 90112, 98304, 106496, 114688, or 122880** - `VCPU` = 16\n- **type=\"VCPU\"** - The number of vCPUs reserved for the container. This parameter maps to `CpuShares` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--cpu-shares` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . Each vCPU is equivalent to 1,024 CPU shares. For EC2 resources, you must specify at least one vCPU. This is required but can be specified in several places; it must be specified for each node at least once.\n\nThe default for the Fargate On-Demand vCPU resource count quota is 6 vCPUs. For more information about Fargate quotas, see [AWS Fargate quotas](https://docs.aws.amazon.com/general/latest/gr/ecs-service.html#service-quotas-fargate) in the *AWS General Reference* .\n\nFor jobs that are running on Fargate resources, then `value` must match one of the supported values and the `MEMORY` values must be one of the values supported for that `VCPU` value. The supported values are 0.25, 0.5, 1, 2, 4, 8, and 16\n\n- **value = 0.25** - `MEMORY` = 512, 1024, or 2048\n- **value = 0.5** - `MEMORY` = 1024, 2048, 3072, or 4096\n- **value = 1** - `MEMORY` = 2048, 3072, 4096, 5120, 6144, 7168, or 8192\n- **value = 2** - `MEMORY` = 4096, 5120, 6144, 7168, 8192, 9216, 10240, 11264, 12288, 13312, 14336, 15360, or 16384\n- **value = 4** - `MEMORY` = 8192, 9216, 10240, 11264, 12288, 13312, 14336, 15360, 16384, 17408, 18432, 19456, 20480, 21504, 22528, 23552, 24576, 25600, 26624, 27648, 28672, 29696, or 30720\n- **value = 8** - `MEMORY` = 16384, 20480, 24576, 28672, 32768, 36864, 40960, 45056, 49152, 53248, 57344, or 61440\n- **value = 16** - `MEMORY` = 32768, 40960, 49152, 57344, 65536, 73728, 81920, 90112, 98304, 106496, 114688, or 122880", - "title": "Value", - "type": "string" + "ThresholdSeconds": { + "markdownDescription": "Specifies the number of consecutive seconds of a static image that triggers an event or alert.", + "title": "ThresholdSeconds", + "type": "number" } }, - "required": [ - "Type", - "Value" - ], "type": "object" }, - "AWS::Pipes::Pipe.BatchRetryStrategy": { + "AWS::MediaConnect::Flow.GatewayBridgeSource": { "additionalProperties": false, "properties": { - "Attempts": { - "markdownDescription": "The number of times to move a job to the `RUNNABLE` status. If the value of `attempts` is greater than one, the job is retried on failure the same number of attempts as the value.", - "title": "Attempts", - "type": "number" + "BridgeArn": { + "markdownDescription": "The ARN of the bridge feeding this flow.", + "title": "BridgeArn", + "type": "string" + }, + "VpcInterfaceAttachment": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.VpcInterfaceAttachment", + "markdownDescription": "The name of the VPC interface attachment to use for this bridge source.", + "title": "VpcInterfaceAttachment" } }, + "required": [ + "BridgeArn" + ], "type": "object" }, - "AWS::Pipes::Pipe.CapacityProviderStrategyItem": { + "AWS::MediaConnect::Flow.InputConfiguration": { "additionalProperties": false, "properties": { - "Base": { - "markdownDescription": "The base value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined. If no value is specified, the default value of 0 is used.", - "title": "Base", + "InputPort": { + "markdownDescription": "The port that the flow listens on for an incoming media stream.", + "title": "InputPort", "type": "number" }, - "CapacityProvider": { - "markdownDescription": "The short name of the capacity provider.", - "title": "CapacityProvider", - "type": "string" - }, - "Weight": { - "markdownDescription": "The weight value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The weight value is taken into consideration after the base value, if defined, is satisfied.", - "title": "Weight", - "type": "number" + "Interface": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.Interface", + "markdownDescription": "The VPC interface where the media stream comes in from.", + "title": "Interface" } }, "required": [ - "CapacityProvider" + "InputPort", + "Interface" ], "type": "object" }, - "AWS::Pipes::Pipe.CloudwatchLogsLogDestination": { + "AWS::MediaConnect::Flow.Interface": { "additionalProperties": false, "properties": { - "LogGroupArn": { - "markdownDescription": "The AWS Resource Name (ARN) for the CloudWatch log group to which EventBridge sends the log records.", - "title": "LogGroupArn", + "Name": { + "markdownDescription": "The name of the VPC interface.", + "title": "Name", "type": "string" } }, + "required": [ + "Name" + ], "type": "object" }, - "AWS::Pipes::Pipe.DeadLetterConfig": { + "AWS::MediaConnect::Flow.Maintenance": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The ARN of the specified target for the dead-letter queue.\n\nFor Amazon Kinesis stream and Amazon DynamoDB stream sources, specify either an Amazon SNS topic or Amazon SQS queue ARN.", - "title": "Arn", + "MaintenanceDay": { + "markdownDescription": "A day of a week when the maintenance will happen. Use Monday/Tuesday/Wednesday/Thursday/Friday/Saturday/Sunday.", + "title": "MaintenanceDay", + "type": "string" + }, + "MaintenanceStartHour": { + "markdownDescription": "UTC time when the maintenance will happen. Use 24-hour HH:MM format. Minutes must be 00. Example: 13:00. The default value is 02:00.", + "title": "MaintenanceStartHour", "type": "string" } }, + "required": [ + "MaintenanceDay", + "MaintenanceStartHour" + ], "type": "object" }, - "AWS::Pipes::Pipe.EcsContainerOverride": { + "AWS::MediaConnect::Flow.MediaStream": { "additionalProperties": false, "properties": { - "Command": { - "items": { - "type": "string" - }, - "markdownDescription": "The command to send to the container that overrides the default command from the Docker image or the task definition. You must also specify a container name.", - "title": "Command", - "type": "array" + "Attributes": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.MediaStreamAttributes", + "markdownDescription": "Attributes that are related to the media stream.", + "title": "Attributes" }, - "Cpu": { - "markdownDescription": "The number of `cpu` units reserved for the container, instead of the default value from the task definition. You must also specify a container name.", - "title": "Cpu", + "ClockRate": { + "markdownDescription": "The sample rate for the stream. This value is measured in Hz.", + "title": "ClockRate", "type": "number" }, - "Environment": { - "items": { - "$ref": "#/definitions/AWS::Pipes::Pipe.EcsEnvironmentVariable" - }, - "markdownDescription": "The environment variables to send to the container. You can add new environment variables, which are added to the container at launch, or you can override the existing environment variables from the Docker image or the task definition. You must also specify a container name.", - "title": "Environment", - "type": "array" - }, - "EnvironmentFiles": { - "items": { - "$ref": "#/definitions/AWS::Pipes::Pipe.EcsEnvironmentFile" - }, - "markdownDescription": "A list of files containing the environment variables to pass to a container, instead of the value from the container definition.", - "title": "EnvironmentFiles", - "type": "array" + "Description": { + "markdownDescription": "A description that can help you quickly identify what your media stream is used for.", + "title": "Description", + "type": "string" }, - "Memory": { - "markdownDescription": "The hard limit (in MiB) of memory to present to the container, instead of the default value from the task definition. If your container attempts to exceed the memory specified here, the container is killed. You must also specify a container name.", - "title": "Memory", + "Fmt": { + "markdownDescription": "The format type number (sometimes referred to as RTP payload type) of the media stream. MediaConnect assigns this value to the media stream. For ST 2110 JPEG XS outputs, you need to provide this value to the receiver.", + "title": "Fmt", "type": "number" }, - "MemoryReservation": { - "markdownDescription": "The soft limit (in MiB) of memory to reserve for the container, instead of the default value from the task definition. You must also specify a container name.", - "title": "MemoryReservation", + "MediaStreamId": { + "markdownDescription": "A unique identifier for the media stream.", + "title": "MediaStreamId", "type": "number" }, - "Name": { - "markdownDescription": "The name of the container that receives the override. This parameter is required if any override is specified.", - "title": "Name", + "MediaStreamName": { + "markdownDescription": "A name that helps you distinguish one media stream from another.", + "title": "MediaStreamName", "type": "string" }, - "ResourceRequirements": { - "items": { - "$ref": "#/definitions/AWS::Pipes::Pipe.EcsResourceRequirement" - }, - "markdownDescription": "The type and amount of a resource to assign to a container, instead of the default value from the task definition. The only supported resource is a GPU.", - "title": "ResourceRequirements", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Pipes::Pipe.EcsEnvironmentFile": { - "additionalProperties": false, - "properties": { - "Type": { - "markdownDescription": "The file type to use. The only supported value is `s3` .", - "title": "Type", + "MediaStreamType": { + "markdownDescription": "The type of media stream.", + "title": "MediaStreamType", "type": "string" }, - "Value": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon S3 object containing the environment variable file.", - "title": "Value", + "VideoFormat": { + "markdownDescription": "The resolution of the video.", + "title": "VideoFormat", "type": "string" } }, "required": [ - "Type", - "Value" + "MediaStreamId", + "MediaStreamName", + "MediaStreamType" ], "type": "object" }, - "AWS::Pipes::Pipe.EcsEnvironmentVariable": { + "AWS::MediaConnect::Flow.MediaStreamAttributes": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the key-value pair. For environment variables, this is the name of the environment variable.", - "title": "Name", - "type": "string" + "Fmtp": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.Fmtp", + "markdownDescription": "The settings that you want to use to define the media stream.", + "title": "Fmtp" }, - "Value": { - "markdownDescription": "The value of the key-value pair. For environment variables, this is the value of the environment variable.", - "title": "Value", + "Lang": { + "markdownDescription": "The audio language, in a format that is recognized by the receiver.", + "title": "Lang", "type": "string" } }, "type": "object" }, - "AWS::Pipes::Pipe.EcsEphemeralStorage": { + "AWS::MediaConnect::Flow.MediaStreamSourceConfiguration": { "additionalProperties": false, "properties": { - "SizeInGiB": { - "markdownDescription": "The total amount, in GiB, of ephemeral storage to set for the task. The minimum supported value is `21` GiB and the maximum supported value is `200` GiB.", - "title": "SizeInGiB", - "type": "number" + "EncodingName": { + "markdownDescription": "The format that was used to encode the data. For ancillary data streams, set the encoding name to smpte291. For audio streams, set the encoding name to pcm. For video, 2110 streams, set the encoding name to raw. For video, JPEG XS streams, set the encoding name to jxsv.", + "title": "EncodingName", + "type": "string" + }, + "InputConfigurations": { + "items": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.InputConfiguration" + }, + "markdownDescription": "The media streams that you want to associate with the source.", + "title": "InputConfigurations", + "type": "array" + }, + "MediaStreamName": { + "markdownDescription": "A name that helps you distinguish one media stream from another.", + "title": "MediaStreamName", + "type": "string" } }, "required": [ - "SizeInGiB" + "EncodingName", + "MediaStreamName" ], "type": "object" }, - "AWS::Pipes::Pipe.EcsInferenceAcceleratorOverride": { + "AWS::MediaConnect::Flow.NdiConfig": { "additionalProperties": false, "properties": { - "DeviceName": { - "markdownDescription": "The Elastic Inference accelerator device name to override for the task. This parameter must match a `deviceName` specified in the task definition.", - "title": "DeviceName", + "MachineName": { + "markdownDescription": "A prefix for the names of the NDI sources that the flow creates. If a custom name isn't specified, MediaConnect generates a unique 12-character ID as the prefix.", + "title": "MachineName", "type": "string" }, - "DeviceType": { - "markdownDescription": "The Elastic Inference accelerator type to use.", - "title": "DeviceType", + "NdiDiscoveryServers": { + "items": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.NdiDiscoveryServerConfig" + }, + "markdownDescription": "A list of up to three NDI discovery server configurations. While not required by the API, this configuration is necessary for NDI functionality to work properly.", + "title": "NdiDiscoveryServers", + "type": "array" + }, + "NdiState": { + "markdownDescription": "A setting that controls whether NDI outputs can be used in the flow. Must be ENABLED to add NDI outputs. Default is DISABLED.", + "title": "NdiState", "type": "string" } }, "type": "object" }, - "AWS::Pipes::Pipe.EcsResourceRequirement": { + "AWS::MediaConnect::Flow.NdiDiscoveryServerConfig": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The type of resource to assign to a container. The supported values are `GPU` or `InferenceAccelerator` .", - "title": "Type", + "DiscoveryServerAddress": { + "markdownDescription": "The unique network address of the NDI discovery server.", + "title": "DiscoveryServerAddress", "type": "string" }, - "Value": { - "markdownDescription": "The value for the specified resource type.\n\nIf the `GPU` type is used, the value is the number of physical `GPUs` the Amazon ECS container agent reserves for the container. The number of GPUs that's reserved for all containers in a task can't exceed the number of available GPUs on the container instance that the task is launched on.\n\nIf the `InferenceAccelerator` type is used, the `value` matches the `deviceName` for an InferenceAccelerator specified in a task definition.", - "title": "Value", + "DiscoveryServerPort": { + "markdownDescription": "The port for the NDI discovery server. Defaults to 5959 if a custom port isn't specified.", + "title": "DiscoveryServerPort", + "type": "number" + }, + "VpcInterfaceAdapter": { + "markdownDescription": "The identifier for the Virtual Private Cloud (VPC) network interface used by the flow.", + "title": "VpcInterfaceAdapter", "type": "string" } }, "required": [ - "Type", - "Value" + "DiscoveryServerAddress", + "VpcInterfaceAdapter" ], "type": "object" }, - "AWS::Pipes::Pipe.EcsTaskOverride": { + "AWS::MediaConnect::Flow.SilentAudio": { "additionalProperties": false, "properties": { - "ContainerOverrides": { - "items": { - "$ref": "#/definitions/AWS::Pipes::Pipe.EcsContainerOverride" - }, - "markdownDescription": "One or more container overrides that are sent to a task.", - "title": "ContainerOverrides", - "type": "array" + "State": { + "markdownDescription": "Indicates whether the `SilentAudio` metric is enabled or disabled.", + "title": "State", + "type": "string" }, - "Cpu": { - "markdownDescription": "The cpu override for the task.", - "title": "Cpu", + "ThresholdSeconds": { + "markdownDescription": "Specifies the number of consecutive seconds of silence that triggers an event or alert.", + "title": "ThresholdSeconds", + "type": "number" + } + }, + "type": "object" + }, + "AWS::MediaConnect::Flow.Source": { + "additionalProperties": false, + "properties": { + "Decryption": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.Encryption", + "markdownDescription": "The type of encryption that is used on the content ingested from this source.", + "title": "Decryption" + }, + "Description": { + "markdownDescription": "A description for the source. This value is not used or seen outside of the current MediaConnect account.", + "title": "Description", "type": "string" }, - "EphemeralStorage": { - "$ref": "#/definitions/AWS::Pipes::Pipe.EcsEphemeralStorage", - "markdownDescription": "The ephemeral storage setting override for the task.\n\n> This parameter is only supported for tasks hosted on Fargate that use the following platform versions:\n> \n> - Linux platform version `1.4.0` or later.\n> - Windows platform version `1.0.0` or later.", - "title": "EphemeralStorage" + "EntitlementArn": { + "markdownDescription": "The ARN of the entitlement that allows you to subscribe to content that comes from another AWS account. The entitlement is set by the content originator and the ARN is generated as part of the originator's flow.", + "title": "EntitlementArn", + "type": "string" }, - "ExecutionRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the task execution IAM role override for the task. For more information, see [Amazon ECS task execution IAM role](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_execution_IAM_role.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "ExecutionRoleArn", + "GatewayBridgeSource": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.GatewayBridgeSource", + "markdownDescription": "The source configuration for cloud flows receiving a stream from a bridge.", + "title": "GatewayBridgeSource" + }, + "IngestIp": { + "markdownDescription": "The IP address that the flow will be listening on for incoming content.", + "title": "IngestIp", "type": "string" }, - "InferenceAcceleratorOverrides": { + "IngestPort": { + "markdownDescription": "The port that the flow will be listening on for incoming content.", + "title": "IngestPort", + "type": "number" + }, + "MaxBitrate": { + "markdownDescription": "The maximum bitrate for RIST, RTP, and RTP-FEC streams.", + "title": "MaxBitrate", + "type": "number" + }, + "MaxLatency": { + "markdownDescription": "The maximum latency in milliseconds for a RIST or Zixi-based source.", + "title": "MaxLatency", + "type": "number" + }, + "MaxSyncBuffer": { + "markdownDescription": "The size of the buffer (in milliseconds) to use to sync incoming source data.", + "title": "MaxSyncBuffer", + "type": "number" + }, + "MediaStreamSourceConfigurations": { "items": { - "$ref": "#/definitions/AWS::Pipes::Pipe.EcsInferenceAcceleratorOverride" + "$ref": "#/definitions/AWS::MediaConnect::Flow.MediaStreamSourceConfiguration" }, - "markdownDescription": "The Elastic Inference accelerator override for the task.", - "title": "InferenceAcceleratorOverrides", + "markdownDescription": "The media streams that are associated with the source, and the parameters for those associations.", + "title": "MediaStreamSourceConfigurations", "type": "array" }, - "Memory": { - "markdownDescription": "The memory override for the task.", - "title": "Memory", + "MinLatency": { + "markdownDescription": "The minimum latency in milliseconds for SRT-based streams. In streams that use the SRT protocol, this value that you set on your MediaConnect source or output represents the minimal potential latency of that connection. The latency of the stream is set to the highest number between the sender\u2019s minimum latency and the receiver\u2019s minimum latency.", + "title": "MinLatency", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of the source.", + "title": "Name", "type": "string" }, - "TaskRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that containers in this task can assume. All containers in this task are granted the permissions that are specified in this role. For more information, see [IAM Role for Tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-iam-roles.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "TaskRoleArn", + "Protocol": { + "markdownDescription": "The protocol that is used by the source. AWS CloudFormation does not currently support CDI or ST 2110 JPEG XS source protocols.\n\n> AWS Elemental MediaConnect no longer supports the Fujitsu QoS protocol. This reference is maintained for legacy purposes only.", + "title": "Protocol", "type": "string" - } - }, - "type": "object" - }, - "AWS::Pipes::Pipe.Filter": { - "additionalProperties": false, - "properties": { - "Pattern": { - "markdownDescription": "The event pattern.", - "title": "Pattern", + }, + "SenderControlPort": { + "markdownDescription": "The port that the flow uses to send outbound requests to initiate connection with the sender.", + "title": "SenderControlPort", + "type": "number" + }, + "SenderIpAddress": { + "markdownDescription": "The IP address that the flow communicates with to initiate connection with the sender.", + "title": "SenderIpAddress", + "type": "string" + }, + "SourceArn": { + "markdownDescription": "The ARN of the source.", + "title": "SourceArn", + "type": "string" + }, + "SourceIngestPort": { + "markdownDescription": "The port that the flow listens on for incoming content. If the protocol of the source is Zixi, the port must be set to 2088.", + "title": "SourceIngestPort", + "type": "string" + }, + "SourceListenerAddress": { + "markdownDescription": "Source IP or domain name for SRT-caller protocol.", + "title": "SourceListenerAddress", + "type": "string" + }, + "SourceListenerPort": { + "markdownDescription": "Source port for SRT-caller protocol.", + "title": "SourceListenerPort", + "type": "number" + }, + "StreamId": { + "markdownDescription": "The stream ID that you want to use for the transport. This parameter applies only to Zixi-based streams.", + "title": "StreamId", + "type": "string" + }, + "VpcInterfaceName": { + "markdownDescription": "The name of the VPC interface that is used for this source.", + "title": "VpcInterfaceName", + "type": "string" + }, + "WhitelistCidr": { + "markdownDescription": "The range of IP addresses that should be allowed to contribute content to your source. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16.", + "title": "WhitelistCidr", "type": "string" } }, "type": "object" }, - "AWS::Pipes::Pipe.FilterCriteria": { + "AWS::MediaConnect::Flow.SourceMonitoringConfig": { "additionalProperties": false, "properties": { - "Filters": { + "AudioMonitoringSettings": { "items": { - "$ref": "#/definitions/AWS::Pipes::Pipe.Filter" + "$ref": "#/definitions/AWS::MediaConnect::Flow.AudioMonitoringSetting" }, - "markdownDescription": "The event patterns.", - "title": "Filters", + "markdownDescription": "Contains the settings for audio stream metrics monitoring.", + "title": "AudioMonitoringSettings", "type": "array" - } - }, - "type": "object" - }, - "AWS::Pipes::Pipe.FirehoseLogDestination": { - "additionalProperties": false, - "properties": { - "DeliveryStreamArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Firehose delivery stream to which EventBridge delivers the pipe log records.", - "title": "DeliveryStreamArn", + }, + "ContentQualityAnalysisState": { + "markdownDescription": "Indicates whether content quality analysis is enabled or disabled.", + "title": "ContentQualityAnalysisState", + "type": "string" + }, + "ThumbnailState": { + "markdownDescription": "The current state of the thumbnail monitoring.\n\n- If you don't explicitly specify a value when creating a flow, no thumbnail state will be set.\n- If you update an existing flow and remove a previously set thumbnail state, the value will change to `DISABLED` .", + "title": "ThumbnailState", "type": "string" + }, + "VideoMonitoringSettings": { + "items": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.VideoMonitoringSetting" + }, + "markdownDescription": "Contains the settings for video stream metrics monitoring.", + "title": "VideoMonitoringSettings", + "type": "array" } }, "type": "object" }, - "AWS::Pipes::Pipe.MQBrokerAccessCredentials": { + "AWS::MediaConnect::Flow.SourcePriority": { "additionalProperties": false, "properties": { - "BasicAuth": { - "markdownDescription": "The ARN of the Secrets Manager secret.", - "title": "BasicAuth", + "PrimarySource": { + "markdownDescription": "The name of the source you choose as the primary source for this flow.", + "title": "PrimarySource", "type": "string" } }, "required": [ - "BasicAuth" + "PrimarySource" ], "type": "object" }, - "AWS::Pipes::Pipe.MSKAccessCredentials": { + "AWS::MediaConnect::Flow.VideoMonitoringSetting": { "additionalProperties": false, "properties": { - "ClientCertificateTlsAuth": { - "markdownDescription": "The ARN of the Secrets Manager secret.", - "title": "ClientCertificateTlsAuth", - "type": "string" + "BlackFrames": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.BlackFrames", + "markdownDescription": "Detects video frames that are black.", + "title": "BlackFrames" }, - "SaslScram512Auth": { - "markdownDescription": "The ARN of the Secrets Manager secret.", - "title": "SaslScram512Auth", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Pipes::Pipe.NetworkConfiguration": { - "additionalProperties": false, - "properties": { - "AwsvpcConfiguration": { - "$ref": "#/definitions/AWS::Pipes::Pipe.AwsVpcConfiguration", - "markdownDescription": "Use this structure to specify the VPC subnets and security groups for the task, and whether a public IP address is to be used. This structure is relevant only for ECS tasks that use the `awsvpc` network mode.", - "title": "AwsvpcConfiguration" + "FrozenFrames": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.FrozenFrames", + "markdownDescription": "Detects video frames that have not changed.", + "title": "FrozenFrames" } }, "type": "object" }, - "AWS::Pipes::Pipe.PipeEnrichmentHttpParameters": { + "AWS::MediaConnect::Flow.VpcInterface": { "additionalProperties": false, "properties": { - "HeaderParameters": { - "additionalProperties": true, - "markdownDescription": "The headers that need to be sent as part of request invoking the API Gateway REST API or EventBridge ApiDestination.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "HeaderParameters", - "type": "object" + "Name": { + "markdownDescription": "Immutable and has to be a unique against other VpcInterfaces in this Flow.", + "title": "Name", + "type": "string" }, - "PathParameterValues": { + "NetworkInterfaceIds": { "items": { "type": "string" }, - "markdownDescription": "The path parameter values to be used to populate API Gateway REST API or EventBridge ApiDestination path wildcards (\"*\").", - "title": "PathParameterValues", + "markdownDescription": "IDs of the network interfaces created in customer's account by MediaConnect .", + "title": "NetworkInterfaceIds", "type": "array" }, - "QueryStringParameters": { - "additionalProperties": true, - "markdownDescription": "The query string keys/values that need to be sent as part of request invoking the API Gateway REST API or EventBridge ApiDestination.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "QueryStringParameters", - "type": "object" - } - }, - "type": "object" - }, - "AWS::Pipes::Pipe.PipeEnrichmentParameters": { - "additionalProperties": false, - "properties": { - "HttpParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeEnrichmentHttpParameters", - "markdownDescription": "Contains the HTTP parameters to use when the target is a API Gateway REST endpoint or EventBridge ApiDestination.\n\nIf you specify an API Gateway REST API or EventBridge ApiDestination as a target, you can use this parameter to specify headers, path parameters, and query string keys/values as part of your target invoking request. If you're using ApiDestinations, the corresponding Connection can also have these values configured. In case of any conflicting keys, values from the Connection take precedence.", - "title": "HttpParameters" - }, - "InputTemplate": { - "markdownDescription": "Valid JSON text passed to the enrichment. In this case, nothing from the event itself is passed to the enrichment. For more information, see [The JavaScript Object Notation (JSON) Data Interchange Format](https://docs.aws.amazon.com/http://www.rfc-editor.org/rfc/rfc7159.txt) .\n\nTo remove an input template, specify an empty string.", - "title": "InputTemplate", + "NetworkInterfaceType": { + "markdownDescription": "The type of network interface.", + "title": "NetworkInterfaceType", "type": "string" - } - }, - "type": "object" - }, - "AWS::Pipes::Pipe.PipeLogConfiguration": { - "additionalProperties": false, - "properties": { - "CloudwatchLogsLogDestination": { - "$ref": "#/definitions/AWS::Pipes::Pipe.CloudwatchLogsLogDestination", - "markdownDescription": "The logging configuration settings for the pipe.", - "title": "CloudwatchLogsLogDestination" }, - "FirehoseLogDestination": { - "$ref": "#/definitions/AWS::Pipes::Pipe.FirehoseLogDestination", - "markdownDescription": "The Amazon Data Firehose logging configuration settings for the pipe.", - "title": "FirehoseLogDestination" + "RoleArn": { + "markdownDescription": "A role Arn MediaConnect can assume to create ENIs in your account.", + "title": "RoleArn", + "type": "string" }, - "IncludeExecutionData": { + "SecurityGroupIds": { "items": { "type": "string" }, - "markdownDescription": "Whether the execution data (specifically, the `payload` , `awsRequest` , and `awsResponse` fields) is included in the log messages for this pipe.\n\nThis applies to all log destinations for the pipe.\n\nFor more information, see [Including execution data in logs](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes-logs.html#eb-pipes-logs-execution-data) in the *Amazon EventBridge User Guide* .\n\n*Allowed values:* `ALL`", - "title": "IncludeExecutionData", + "markdownDescription": "Security Group IDs to be used on ENI.", + "title": "SecurityGroupIds", "type": "array" }, - "Level": { - "markdownDescription": "The level of logging detail to include. This applies to all log destinations for the pipe.", - "title": "Level", + "SubnetId": { + "markdownDescription": "Subnet must be in the AZ of the Flow.", + "title": "SubnetId", "type": "string" - }, - "S3LogDestination": { - "$ref": "#/definitions/AWS::Pipes::Pipe.S3LogDestination", - "markdownDescription": "The Amazon S3 logging configuration settings for the pipe.", - "title": "S3LogDestination" } }, + "required": [ + "Name", + "RoleArn", + "SecurityGroupIds", + "SubnetId" + ], "type": "object" }, - "AWS::Pipes::Pipe.PipeSourceActiveMQBrokerParameters": { + "AWS::MediaConnect::Flow.VpcInterfaceAttachment": { "additionalProperties": false, "properties": { - "BatchSize": { - "markdownDescription": "The maximum number of records to include in each batch.", - "title": "BatchSize", - "type": "number" - }, - "Credentials": { - "$ref": "#/definitions/AWS::Pipes::Pipe.MQBrokerAccessCredentials", - "markdownDescription": "The credentials needed to access the resource.", - "title": "Credentials" - }, - "MaximumBatchingWindowInSeconds": { - "markdownDescription": "The maximum length of a time to wait for events.", - "title": "MaximumBatchingWindowInSeconds", - "type": "number" - }, - "QueueName": { - "markdownDescription": "The name of the destination queue to consume.", - "title": "QueueName", + "VpcInterfaceName": { + "markdownDescription": "The name of the VPC interface to use for this resource.", + "title": "VpcInterfaceName", "type": "string" } }, - "required": [ - "Credentials", - "QueueName" - ], "type": "object" }, - "AWS::Pipes::Pipe.PipeSourceDynamoDBStreamParameters": { + "AWS::MediaConnect::FlowEntitlement": { "additionalProperties": false, "properties": { - "BatchSize": { - "markdownDescription": "The maximum number of records to include in each batch.", - "title": "BatchSize", - "type": "number" + "Condition": { + "type": "string" }, - "DeadLetterConfig": { - "$ref": "#/definitions/AWS::Pipes::Pipe.DeadLetterConfig", - "markdownDescription": "Define the target queue to send dead-letter queue events to.", - "title": "DeadLetterConfig" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "MaximumBatchingWindowInSeconds": { - "markdownDescription": "The maximum length of a time to wait for events.", - "title": "MaximumBatchingWindowInSeconds", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "MaximumRecordAgeInSeconds": { - "markdownDescription": "Discard records older than the specified age. The default value is -1, which sets the maximum age to infinite. When the value is set to infinite, EventBridge never discards old records.", - "title": "MaximumRecordAgeInSeconds", - "type": "number" + "Metadata": { + "type": "object" }, - "MaximumRetryAttempts": { - "markdownDescription": "Discard records after the specified number of retries. The default value is -1, which sets the maximum number of retries to infinite. When MaximumRetryAttempts is infinite, EventBridge retries failed records until the record expires in the event source.", - "title": "MaximumRetryAttempts", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "DataTransferSubscriberFeePercent": { + "markdownDescription": "The percentage of the entitlement data transfer fee that you want the subscriber to be responsible for.", + "title": "DataTransferSubscriberFeePercent", + "type": "number" + }, + "Description": { + "markdownDescription": "A description of the entitlement. This description appears only on the MediaConnect console and is not visible outside of the current AWS account.", + "title": "Description", + "type": "string" + }, + "Encryption": { + "$ref": "#/definitions/AWS::MediaConnect::FlowEntitlement.Encryption", + "markdownDescription": "Information about the encryption of the flow.", + "title": "Encryption" + }, + "EntitlementStatus": { + "markdownDescription": "An indication of whether the new entitlement should be enabled or disabled as soon as it is created. If you don\u2019t specify the entitlementStatus field in your request, MediaConnect sets it to ENABLED.", + "title": "EntitlementStatus", + "type": "string" + }, + "FlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", + "title": "FlowArn", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the entitlement. This value must be unique within the current flow.", + "title": "Name", + "type": "string" + }, + "Subscribers": { + "items": { + "type": "string" + }, + "markdownDescription": "The AWS account IDs that you want to share your content with. The receiving accounts (subscribers) will be allowed to create their own flows using your content as the source.", + "title": "Subscribers", + "type": "array" + } + }, + "required": [ + "Description", + "FlowArn", + "Name", + "Subscribers" + ], + "type": "object" }, - "OnPartialBatchItemFailure": { - "markdownDescription": "Define how to handle item process failures. `AUTOMATIC_BISECT` halves each batch and retry each half until all the records are processed or there is one failed message left in the batch.", - "title": "OnPartialBatchItemFailure", + "Type": { + "enum": [ + "AWS::MediaConnect::FlowEntitlement" + ], "type": "string" }, - "ParallelizationFactor": { - "markdownDescription": "The number of batches to process concurrently from each shard. The default value is 1.", - "title": "ParallelizationFactor", - "type": "number" - }, - "StartingPosition": { - "markdownDescription": "(Streams only) The position in a stream from which to start reading.\n\n*Valid values* : `TRIM_HORIZON | LATEST`", - "title": "StartingPosition", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "StartingPosition" + "Type", + "Properties" ], "type": "object" }, - "AWS::Pipes::Pipe.PipeSourceKinesisStreamParameters": { + "AWS::MediaConnect::FlowEntitlement.Encryption": { "additionalProperties": false, "properties": { - "BatchSize": { - "markdownDescription": "The maximum number of records to include in each batch.", - "title": "BatchSize", - "type": "number" + "Algorithm": { + "markdownDescription": "The type of algorithm that is used for static key encryption (such as aes128, aes192, or aes256). If you are using SPEKE or SRT-password encryption, this property must be left blank.", + "title": "Algorithm", + "type": "string" }, - "DeadLetterConfig": { - "$ref": "#/definitions/AWS::Pipes::Pipe.DeadLetterConfig", - "markdownDescription": "Define the target queue to send dead-letter queue events to.", - "title": "DeadLetterConfig" + "ConstantInitializationVector": { + "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, to be used with the key for encrypting content. This parameter is not valid for static key encryption.", + "title": "ConstantInitializationVector", + "type": "string" }, - "MaximumBatchingWindowInSeconds": { - "markdownDescription": "The maximum length of a time to wait for events.", - "title": "MaximumBatchingWindowInSeconds", - "type": "number" + "DeviceId": { + "markdownDescription": "The value of one of the devices that you configured with your digital rights management (DRM) platform key provider. This parameter is required for SPEKE encryption and is not valid for static key encryption.", + "title": "DeviceId", + "type": "string" }, - "MaximumRecordAgeInSeconds": { - "markdownDescription": "Discard records older than the specified age. The default value is -1, which sets the maximum age to infinite. When the value is set to infinite, EventBridge never discards old records.", - "title": "MaximumRecordAgeInSeconds", - "type": "number" + "KeyType": { + "markdownDescription": "The type of key that is used for the encryption. If you don't specify a `keyType` value, the service uses the default setting ( `static-key` ). Valid key types are: `static-key` , `speke` , and `srt-password` .", + "title": "KeyType", + "type": "string" }, - "MaximumRetryAttempts": { - "markdownDescription": "Discard records after the specified number of retries. The default value is -1, which sets the maximum number of retries to infinite. When MaximumRetryAttempts is infinite, EventBridge retries failed records until the record expires in the event source.", - "title": "MaximumRetryAttempts", - "type": "number" + "Region": { + "markdownDescription": "The AWS Region that the API Gateway proxy endpoint was created in. This parameter is required for SPEKE encryption and is not valid for static key encryption.", + "title": "Region", + "type": "string" }, - "OnPartialBatchItemFailure": { - "markdownDescription": "Define how to handle item process failures. `AUTOMATIC_BISECT` halves each batch and retry each half until all the records are processed or there is one failed message left in the batch.", - "title": "OnPartialBatchItemFailure", + "ResourceId": { + "markdownDescription": "An identifier for the content. The service sends this value to the key server to identify the current endpoint. The resource ID is also known as the content ID. This parameter is required for SPEKE encryption and is not valid for static key encryption.", + "title": "ResourceId", "type": "string" }, - "ParallelizationFactor": { - "markdownDescription": "The number of batches to process concurrently from each shard. The default value is 1.", - "title": "ParallelizationFactor", - "type": "number" + "RoleArn": { + "markdownDescription": "The ARN of the role that you created during setup (when you set up MediaConnect as a trusted entity).", + "title": "RoleArn", + "type": "string" }, - "StartingPosition": { - "markdownDescription": "The position in a stream from which to start reading.", - "title": "StartingPosition", + "SecretArn": { + "markdownDescription": "The ARN of the secret that you created in AWS Secrets Manager to store the encryption key. This parameter is required for static key encryption and is not valid for SPEKE encryption.", + "title": "SecretArn", "type": "string" }, - "StartingPositionTimestamp": { - "markdownDescription": "With `StartingPosition` set to `AT_TIMESTAMP` , the time from which to start reading, in Unix time seconds.", - "title": "StartingPositionTimestamp", + "Url": { + "markdownDescription": "The URL from the API Gateway proxy that you set up to talk to your key server. This parameter is required for SPEKE encryption and is not valid for static key encryption.", + "title": "Url", "type": "string" } }, "required": [ - "StartingPosition" + "Algorithm", + "RoleArn" ], "type": "object" }, - "AWS::Pipes::Pipe.PipeSourceManagedStreamingKafkaParameters": { + "AWS::MediaConnect::FlowOutput": { "additionalProperties": false, "properties": { - "BatchSize": { - "markdownDescription": "The maximum number of records to include in each batch.", - "title": "BatchSize", - "type": "number" + "Condition": { + "type": "string" }, - "ConsumerGroupID": { - "markdownDescription": "The name of the destination queue to consume.", - "title": "ConsumerGroupID", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Credentials": { - "$ref": "#/definitions/AWS::Pipes::Pipe.MSKAccessCredentials", - "markdownDescription": "The credentials needed to access the resource.", - "title": "Credentials" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "MaximumBatchingWindowInSeconds": { - "markdownDescription": "The maximum length of a time to wait for events.", - "title": "MaximumBatchingWindowInSeconds", - "type": "number" + "Metadata": { + "type": "object" }, - "StartingPosition": { - "markdownDescription": "The position in a stream from which to start reading.", - "title": "StartingPosition", + "Properties": { + "additionalProperties": false, + "properties": { + "CidrAllowList": { + "items": { + "type": "string" + }, + "markdownDescription": "The range of IP addresses that should be allowed to initiate output requests to this flow. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16.", + "title": "CidrAllowList", + "type": "array" + }, + "Description": { + "markdownDescription": "A description of the output. This description appears only on the MediaConnect console and will not be seen by the end user.", + "title": "Description", + "type": "string" + }, + "Destination": { + "markdownDescription": "The IP address where you want to send the output.", + "title": "Destination", + "type": "string" + }, + "Encryption": { + "$ref": "#/definitions/AWS::MediaConnect::FlowOutput.Encryption", + "markdownDescription": "The type of key used for the encryption. If no `keyType` is provided, the service will use the default setting (static-key). Allowable encryption types: static-key.", + "title": "Encryption" + }, + "FlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the flow this output is attached to.", + "title": "FlowArn", + "type": "string" + }, + "MaxLatency": { + "markdownDescription": "The maximum latency in milliseconds. This parameter applies only to RIST-based and Zixi-based streams.", + "title": "MaxLatency", + "type": "number" + }, + "MediaStreamOutputConfigurations": { + "items": { + "$ref": "#/definitions/AWS::MediaConnect::FlowOutput.MediaStreamOutputConfiguration" + }, + "markdownDescription": "The media streams that are associated with the output, and the parameters for those associations.", + "title": "MediaStreamOutputConfigurations", + "type": "array" + }, + "MinLatency": { + "markdownDescription": "The minimum latency in milliseconds for SRT-based streams. In streams that use the SRT protocol, this value that you set on your MediaConnect source or output represents the minimal potential latency of that connection. The latency of the stream is set to the highest number between the sender\u2019s minimum latency and the receiver\u2019s minimum latency.", + "title": "MinLatency", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of the bridge's output.", + "title": "Name", + "type": "string" + }, + "NdiProgramName": { + "markdownDescription": "A suffix for the names of the NDI sources that the flow creates. If a custom name isn't specified, MediaConnect uses the output name.", + "title": "NdiProgramName", + "type": "string" + }, + "NdiSpeedHqQuality": { + "markdownDescription": "A quality setting for the NDI Speed HQ encoder.", + "title": "NdiSpeedHqQuality", + "type": "number" + }, + "OutputStatus": { + "markdownDescription": "", + "title": "OutputStatus", + "type": "string" + }, + "Port": { + "markdownDescription": "The port to use when content is distributed to this output.", + "title": "Port", + "type": "number" + }, + "Protocol": { + "markdownDescription": "The protocol to use for the output.\n\n> AWS Elemental MediaConnect no longer supports the Fujitsu QoS protocol. This reference is maintained for legacy purposes only.", + "title": "Protocol", + "type": "string" + }, + "RemoteId": { + "markdownDescription": "The remote ID for the Zixi-pull stream.", + "title": "RemoteId", + "type": "string" + }, + "SmoothingLatency": { + "markdownDescription": "The smoothing latency in milliseconds for RIST, RTP, and RTP-FEC streams.", + "title": "SmoothingLatency", + "type": "number" + }, + "StreamId": { + "markdownDescription": "The stream ID that you want to use for this transport. This parameter applies only to Zixi and SRT caller-based streams.", + "title": "StreamId", + "type": "string" + }, + "VpcInterfaceAttachment": { + "$ref": "#/definitions/AWS::MediaConnect::FlowOutput.VpcInterfaceAttachment", + "markdownDescription": "The name of the VPC interface attachment to use for this output.", + "title": "VpcInterfaceAttachment" + } + }, + "required": [ + "FlowArn", + "Protocol" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaConnect::FlowOutput" + ], "type": "string" }, - "TopicName": { - "markdownDescription": "The name of the topic that the pipe will read from.", - "title": "TopicName", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "TopicName" + "Type", + "Properties" ], "type": "object" }, - "AWS::Pipes::Pipe.PipeSourceParameters": { + "AWS::MediaConnect::FlowOutput.DestinationConfiguration": { "additionalProperties": false, "properties": { - "ActiveMQBrokerParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceActiveMQBrokerParameters", - "markdownDescription": "The parameters for using an Active MQ broker as a source.", - "title": "ActiveMQBrokerParameters" - }, - "DynamoDBStreamParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceDynamoDBStreamParameters", - "markdownDescription": "The parameters for using a DynamoDB stream as a source.", - "title": "DynamoDBStreamParameters" - }, - "FilterCriteria": { - "$ref": "#/definitions/AWS::Pipes::Pipe.FilterCriteria", - "markdownDescription": "The collection of event patterns used to filter events.\n\nTo remove a filter, specify a `FilterCriteria` object with an empty array of `Filter` objects.\n\nFor more information, see [Events and Event Patterns](https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-and-event-patterns.html) in the *Amazon EventBridge User Guide* .", - "title": "FilterCriteria" - }, - "KinesisStreamParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceKinesisStreamParameters", - "markdownDescription": "The parameters for using a Kinesis stream as a source.", - "title": "KinesisStreamParameters" - }, - "ManagedStreamingKafkaParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceManagedStreamingKafkaParameters", - "markdownDescription": "The parameters for using an MSK stream as a source.", - "title": "ManagedStreamingKafkaParameters" - }, - "RabbitMQBrokerParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceRabbitMQBrokerParameters", - "markdownDescription": "The parameters for using a Rabbit MQ broker as a source.", - "title": "RabbitMQBrokerParameters" + "DestinationIp": { + "markdownDescription": "The IP address where you want MediaConnect to send contents of the media stream.", + "title": "DestinationIp", + "type": "string" }, - "SelfManagedKafkaParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceSelfManagedKafkaParameters", - "markdownDescription": "The parameters for using a self-managed Apache Kafka stream as a source.\n\nA *self managed* cluster refers to any Apache Kafka cluster not hosted by AWS . This includes both clusters you manage yourself, as well as those hosted by a third-party provider, such as [Confluent Cloud](https://docs.aws.amazon.com/https://www.confluent.io/) , [CloudKarafka](https://docs.aws.amazon.com/https://www.cloudkarafka.com/) , or [Redpanda](https://docs.aws.amazon.com/https://redpanda.com/) . For more information, see [Apache Kafka streams as a source](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes-kafka.html) in the *Amazon EventBridge User Guide* .", - "title": "SelfManagedKafkaParameters" + "DestinationPort": { + "markdownDescription": "The port that you want MediaConnect to use when it distributes the media stream to the output.", + "title": "DestinationPort", + "type": "number" }, - "SqsQueueParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceSqsQueueParameters", - "markdownDescription": "The parameters for using a Amazon SQS stream as a source.", - "title": "SqsQueueParameters" + "Interface": { + "$ref": "#/definitions/AWS::MediaConnect::FlowOutput.Interface", + "markdownDescription": "The VPC interface that you want to use for the media stream associated with the output.", + "title": "Interface" } }, + "required": [ + "DestinationIp", + "DestinationPort", + "Interface" + ], "type": "object" }, - "AWS::Pipes::Pipe.PipeSourceRabbitMQBrokerParameters": { + "AWS::MediaConnect::FlowOutput.EncodingParameters": { "additionalProperties": false, "properties": { - "BatchSize": { - "markdownDescription": "The maximum number of records to include in each batch.", - "title": "BatchSize", + "CompressionFactor": { + "markdownDescription": "A value that is used to calculate compression for an output. The bitrate of the output is calculated as follows: Output bitrate = (1 / compressionFactor) * (source bitrate) This property only applies to outputs that use the ST 2110 JPEG XS protocol, with a flow source that uses the CDI protocol. Valid values are floating point numbers in the range of 3.0 to 10.0, inclusive.", + "title": "CompressionFactor", "type": "number" }, - "Credentials": { - "$ref": "#/definitions/AWS::Pipes::Pipe.MQBrokerAccessCredentials", - "markdownDescription": "The credentials needed to access the resource.", - "title": "Credentials" - }, - "MaximumBatchingWindowInSeconds": { - "markdownDescription": "The maximum length of a time to wait for events.", - "title": "MaximumBatchingWindowInSeconds", - "type": "number" - }, - "QueueName": { - "markdownDescription": "The name of the destination queue to consume.", - "title": "QueueName", - "type": "string" - }, - "VirtualHost": { - "markdownDescription": "The name of the virtual host associated with the source broker.", - "title": "VirtualHost", + "EncoderProfile": { + "markdownDescription": "A setting on the encoder that drives compression settings. This property only applies to video media streams associated with outputs that use the ST 2110 JPEG XS protocol, with a flow source that uses the CDI protocol.", + "title": "EncoderProfile", "type": "string" } }, "required": [ - "Credentials", - "QueueName" + "CompressionFactor" ], "type": "object" }, - "AWS::Pipes::Pipe.PipeSourceSelfManagedKafkaParameters": { + "AWS::MediaConnect::FlowOutput.Encryption": { "additionalProperties": false, "properties": { - "AdditionalBootstrapServers": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of server URLs.", - "title": "AdditionalBootstrapServers", - "type": "array" - }, - "BatchSize": { - "markdownDescription": "The maximum number of records to include in each batch.", - "title": "BatchSize", - "type": "number" - }, - "ConsumerGroupID": { - "markdownDescription": "The name of the destination queue to consume.", - "title": "ConsumerGroupID", + "Algorithm": { + "markdownDescription": "The type of algorithm that is used for static key encryption (such as aes128, aes192, or aes256). If you are using SPEKE or SRT-password encryption, this property must be left blank.", + "title": "Algorithm", "type": "string" }, - "Credentials": { - "$ref": "#/definitions/AWS::Pipes::Pipe.SelfManagedKafkaAccessConfigurationCredentials", - "markdownDescription": "The credentials needed to access the resource.", - "title": "Credentials" - }, - "MaximumBatchingWindowInSeconds": { - "markdownDescription": "The maximum length of a time to wait for events.", - "title": "MaximumBatchingWindowInSeconds", - "type": "number" - }, - "ServerRootCaCertificate": { - "markdownDescription": "The ARN of the Secrets Manager secret used for certification.", - "title": "ServerRootCaCertificate", + "KeyType": { + "markdownDescription": "The type of key that is used for the encryption. If you don't specify a `keyType` value, the service uses the default setting ( `static-key` ). Valid key types are: `static-key` , `speke` , and `srt-password` .", + "title": "KeyType", "type": "string" }, - "StartingPosition": { - "markdownDescription": "The position in a stream from which to start reading.", - "title": "StartingPosition", + "RoleArn": { + "markdownDescription": "The ARN of the role that you created during setup (when you set up MediaConnect as a trusted entity).", + "title": "RoleArn", "type": "string" }, - "TopicName": { - "markdownDescription": "The name of the topic that the pipe will read from.", - "title": "TopicName", + "SecretArn": { + "markdownDescription": "The ARN of the secret that you created in AWS Secrets Manager to store the encryption key. This parameter is required for static key encryption and is not valid for SPEKE encryption.", + "title": "SecretArn", "type": "string" - }, - "Vpc": { - "$ref": "#/definitions/AWS::Pipes::Pipe.SelfManagedKafkaAccessConfigurationVpc", - "markdownDescription": "This structure specifies the VPC subnets and security groups for the stream, and whether a public IP address is to be used.", - "title": "Vpc" } }, "required": [ - "TopicName" + "RoleArn", + "SecretArn" ], "type": "object" }, - "AWS::Pipes::Pipe.PipeSourceSqsQueueParameters": { + "AWS::MediaConnect::FlowOutput.Interface": { "additionalProperties": false, "properties": { - "BatchSize": { - "markdownDescription": "The maximum number of records to include in each batch.", - "title": "BatchSize", - "type": "number" - }, - "MaximumBatchingWindowInSeconds": { - "markdownDescription": "The maximum length of a time to wait for events.", - "title": "MaximumBatchingWindowInSeconds", - "type": "number" + "Name": { + "markdownDescription": "The name of the VPC interface.", + "title": "Name", + "type": "string" } }, + "required": [ + "Name" + ], "type": "object" }, - "AWS::Pipes::Pipe.PipeTargetBatchJobParameters": { + "AWS::MediaConnect::FlowOutput.MediaStreamOutputConfiguration": { "additionalProperties": false, "properties": { - "ArrayProperties": { - "$ref": "#/definitions/AWS::Pipes::Pipe.BatchArrayProperties", - "markdownDescription": "The array properties for the submitted job, such as the size of the array. The array size can be between 2 and 10,000. If you specify array properties for a job, it becomes an array job. This parameter is used only if the target is an AWS Batch job.", - "title": "ArrayProperties" - }, - "ContainerOverrides": { - "$ref": "#/definitions/AWS::Pipes::Pipe.BatchContainerOverrides", - "markdownDescription": "The overrides that are sent to a container.", - "title": "ContainerOverrides" - }, - "DependsOn": { + "DestinationConfigurations": { "items": { - "$ref": "#/definitions/AWS::Pipes::Pipe.BatchJobDependency" + "$ref": "#/definitions/AWS::MediaConnect::FlowOutput.DestinationConfiguration" }, - "markdownDescription": "A list of dependencies for the job. A job can depend upon a maximum of 20 jobs. You can specify a `SEQUENTIAL` type dependency without specifying a job ID for array jobs so that each child array job completes sequentially, starting at index 0. You can also specify an `N_TO_N` type dependency with a job ID for array jobs. In that case, each index child of this job must wait for the corresponding index child of each dependency to complete before it can begin.", - "title": "DependsOn", + "markdownDescription": "The transport parameters that are associated with each outbound media stream.", + "title": "DestinationConfigurations", "type": "array" }, - "JobDefinition": { - "markdownDescription": "The job definition used by this job. This value can be one of `name` , `name:revision` , or the Amazon Resource Name (ARN) for the job definition. If name is specified without a revision then the latest active revision is used.", - "title": "JobDefinition", - "type": "string" - }, - "JobName": { - "markdownDescription": "The name of the job. It can be up to 128 letters long. The first character must be alphanumeric, can contain uppercase and lowercase letters, numbers, hyphens (-), and underscores (_).", - "title": "JobName", + "EncodingName": { + "markdownDescription": "The format that was used to encode the data. For ancillary data streams, set the encoding name to smpte291. For audio streams, set the encoding name to pcm. For video, 2110 streams, set the encoding name to raw. For video, JPEG XS streams, set the encoding name to jxsv.", + "title": "EncodingName", "type": "string" }, - "Parameters": { - "additionalProperties": true, - "markdownDescription": "Additional parameters passed to the job that replace parameter substitution placeholders that are set in the job definition. Parameters are specified as a key and value pair mapping. Parameters included here override any corresponding parameter defaults from the job definition.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Parameters", - "type": "object" + "EncodingParameters": { + "$ref": "#/definitions/AWS::MediaConnect::FlowOutput.EncodingParameters", + "markdownDescription": "A collection of parameters that determine how MediaConnect will convert the content. These fields only apply to outputs on flows that have a CDI source.", + "title": "EncodingParameters" }, - "RetryStrategy": { - "$ref": "#/definitions/AWS::Pipes::Pipe.BatchRetryStrategy", - "markdownDescription": "The retry strategy to use for failed jobs. When a retry strategy is specified here, it overrides the retry strategy defined in the job definition.", - "title": "RetryStrategy" + "MediaStreamName": { + "markdownDescription": "The name of the media stream.", + "title": "MediaStreamName", + "type": "string" } }, "required": [ - "JobDefinition", - "JobName" + "EncodingName", + "MediaStreamName" ], "type": "object" }, - "AWS::Pipes::Pipe.PipeTargetCloudWatchLogsParameters": { + "AWS::MediaConnect::FlowOutput.VpcInterfaceAttachment": { "additionalProperties": false, "properties": { - "LogStreamName": { - "markdownDescription": "The name of the log stream.", - "title": "LogStreamName", - "type": "string" - }, - "Timestamp": { - "markdownDescription": "A [dynamic path parameter](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes-event-target.html) to a field in the payload containing the time the event occurred, expressed as the number of milliseconds after Jan 1, 1970 00:00:00 UTC.\n\nThe value cannot be a static timestamp as the provided timestamp would be applied to all events delivered by the Pipe, regardless of when they are actually delivered.\n\nIf no dynamic path parameter is provided, the default value is the time the invocation is processed by the Pipe.", - "title": "Timestamp", + "VpcInterfaceName": { + "markdownDescription": "The name of the VPC interface to use for this resource.", + "title": "VpcInterfaceName", "type": "string" } }, "type": "object" }, - "AWS::Pipes::Pipe.PipeTargetEcsTaskParameters": { + "AWS::MediaConnect::FlowSource": { "additionalProperties": false, "properties": { - "CapacityProviderStrategy": { - "items": { - "$ref": "#/definitions/AWS::Pipes::Pipe.CapacityProviderStrategyItem" - }, - "markdownDescription": "The capacity provider strategy to use for the task.\n\nIf a `capacityProviderStrategy` is specified, the `launchType` parameter must be omitted. If no `capacityProviderStrategy` or launchType is specified, the `defaultCapacityProviderStrategy` for the cluster is used.", - "title": "CapacityProviderStrategy", - "type": "array" - }, - "EnableECSManagedTags": { - "markdownDescription": "Specifies whether to enable Amazon ECS managed tags for the task. For more information, see [Tagging Your Amazon ECS Resources](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-using-tags.html) in the Amazon Elastic Container Service Developer Guide.", - "title": "EnableECSManagedTags", - "type": "boolean" - }, - "EnableExecuteCommand": { - "markdownDescription": "Whether or not to enable the execute command functionality for the containers in this task. If true, this enables execute command functionality on all containers in the task.", - "title": "EnableExecuteCommand", - "type": "boolean" - }, - "Group": { - "markdownDescription": "Specifies an Amazon ECS task group for the task. The maximum length is 255 characters.", - "title": "Group", + "Condition": { "type": "string" }, - "LaunchType": { - "markdownDescription": "Specifies the launch type on which your task is running. The launch type that you specify here must match one of the launch type (compatibilities) of the target task. The `FARGATE` value is supported only in the Regions where AWS Fargate with Amazon ECS is supported. For more information, see [AWS Fargate on Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/AWS-Fargate.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "LaunchType", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "NetworkConfiguration": { - "$ref": "#/definitions/AWS::Pipes::Pipe.NetworkConfiguration", - "markdownDescription": "Use this structure if the Amazon ECS task uses the `awsvpc` network mode. This structure specifies the VPC subnets and security groups associated with the task, and whether a public IP address is to be used. This structure is required if `LaunchType` is `FARGATE` because the `awsvpc` mode is required for Fargate tasks.\n\nIf you specify `NetworkConfiguration` when the target ECS task does not use the `awsvpc` network mode, the task fails.", - "title": "NetworkConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Overrides": { - "$ref": "#/definitions/AWS::Pipes::Pipe.EcsTaskOverride", - "markdownDescription": "The overrides that are associated with a task.", - "title": "Overrides" + "Metadata": { + "type": "object" }, - "PlacementConstraints": { - "items": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PlacementConstraint" - }, - "markdownDescription": "An array of placement constraint objects to use for the task. You can specify up to 10 constraints per task (including constraints in the task definition and those specified at runtime).", - "title": "PlacementConstraints", - "type": "array" - }, - "PlacementStrategy": { - "items": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PlacementStrategy" - }, - "markdownDescription": "The placement strategy objects to use for the task. You can specify a maximum of five strategy rules per task.", - "title": "PlacementStrategy", - "type": "array" - }, - "PlatformVersion": { - "markdownDescription": "Specifies the platform version for the task. Specify only the numeric portion of the platform version, such as `1.1.0` .\n\nThis structure is used only if `LaunchType` is `FARGATE` . For more information about valid platform versions, see [AWS Fargate Platform Versions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "PlatformVersion", - "type": "string" - }, - "PropagateTags": { - "markdownDescription": "Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags are not propagated. Tags can only be propagated to the task during task creation. To add tags to a task after task creation, use the `TagResource` API action.", - "title": "PropagateTags", - "type": "string" - }, - "ReferenceId": { - "markdownDescription": "The reference ID to use for the task.", - "title": "ReferenceId", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The metadata that you apply to the task to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define. To learn more, see [RunTask](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RunTask.html#ECS-RunTask-request-tags) in the Amazon ECS API Reference.", - "title": "Tags", - "type": "array" - }, - "TaskCount": { - "markdownDescription": "The number of tasks to create based on `TaskDefinition` . The default is 1.", - "title": "TaskCount", - "type": "number" - }, - "TaskDefinitionArn": { - "markdownDescription": "The ARN of the task definition to use if the event target is an Amazon ECS task.", - "title": "TaskDefinitionArn", - "type": "string" - } - }, - "required": [ - "TaskDefinitionArn" - ], - "type": "object" - }, - "AWS::Pipes::Pipe.PipeTargetEventBridgeEventBusParameters": { - "additionalProperties": false, - "properties": { - "DetailType": { - "markdownDescription": "A free-form string, with a maximum of 128 characters, used to decide what fields to expect in the event detail.", - "title": "DetailType", - "type": "string" - }, - "EndpointId": { - "markdownDescription": "The URL subdomain of the endpoint. For example, if the URL for Endpoint is https://abcde.veo.endpoints.event.amazonaws.com, then the EndpointId is `abcde.veo` .", - "title": "EndpointId", - "type": "string" - }, - "Resources": { - "items": { - "type": "string" - }, - "markdownDescription": "AWS resources, identified by Amazon Resource Name (ARN), which the event primarily concerns. Any number, including zero, may be present.", - "title": "Resources", - "type": "array" - }, - "Source": { - "markdownDescription": "The source of the event.", - "title": "Source", - "type": "string" - }, - "Time": { - "markdownDescription": "The time stamp of the event, per [RFC3339](https://docs.aws.amazon.com/https://www.rfc-editor.org/rfc/rfc3339.txt) . If no time stamp is provided, the time stamp of the [PutEvents](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_PutEvents.html) call is used.", - "title": "Time", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Pipes::Pipe.PipeTargetHttpParameters": { - "additionalProperties": false, - "properties": { - "HeaderParameters": { - "additionalProperties": true, - "markdownDescription": "The headers that need to be sent as part of request invoking the API Gateway REST API or EventBridge ApiDestination.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { + "Properties": { + "additionalProperties": false, + "properties": { + "Decryption": { + "$ref": "#/definitions/AWS::MediaConnect::FlowSource.Encryption", + "markdownDescription": "The type of encryption that is used on the content ingested from this source. Allowable encryption types: static-key.", + "title": "Decryption" + }, + "Description": { + "markdownDescription": "A description for the source. This value is not used or seen outside of the current MediaConnect account.", + "title": "Description", "type": "string" - } - }, - "title": "HeaderParameters", - "type": "object" - }, - "PathParameterValues": { - "items": { - "type": "string" - }, - "markdownDescription": "The path parameter values to be used to populate API Gateway REST API or EventBridge ApiDestination path wildcards (\"*\").", - "title": "PathParameterValues", - "type": "array" - }, - "QueryStringParameters": { - "additionalProperties": true, - "markdownDescription": "The query string keys/values that need to be sent as part of request invoking the API Gateway REST API or EventBridge ApiDestination.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { + }, + "EntitlementArn": { + "markdownDescription": "The ARN of the entitlement that allows you to subscribe to this flow. The entitlement is set by the flow originator, and the ARN is generated as part of the originator's flow.", + "title": "EntitlementArn", + "type": "string" + }, + "FlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the flow this source is connected to. The flow must have Failover enabled to add an additional source.", + "title": "FlowArn", + "type": "string" + }, + "GatewayBridgeSource": { + "$ref": "#/definitions/AWS::MediaConnect::FlowSource.GatewayBridgeSource", + "markdownDescription": "The bridge's source.", + "title": "GatewayBridgeSource" + }, + "IngestPort": { + "markdownDescription": "The port that the flow listens on for incoming content. If the protocol of the source is Zixi, the port must be set to 2088.", + "title": "IngestPort", + "type": "number" + }, + "MaxBitrate": { + "markdownDescription": "The smoothing max bitrate (in bps) for RIST, RTP, and RTP-FEC streams.", + "title": "MaxBitrate", + "type": "number" + }, + "MaxLatency": { + "markdownDescription": "The maximum latency in milliseconds. This parameter applies only to RIST-based and Zixi-based streams.", + "title": "MaxLatency", + "type": "number" + }, + "MinLatency": { + "markdownDescription": "The minimum latency in milliseconds for SRT-based streams. In streams that use the SRT protocol, this value that you set on your MediaConnect source or output represents the minimal potential latency of that connection. The latency of the stream is set to the highest number between the sender\u2019s minimum latency and the receiver\u2019s minimum latency.", + "title": "MinLatency", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of the source.", + "title": "Name", + "type": "string" + }, + "Protocol": { + "markdownDescription": "The protocol that the source uses to deliver the content to MediaConnect. Adding additional sources to an existing flow requires Failover to be enabled. When you enable Failover, the additional source must use the same protocol as the existing source. Only the following protocols support failover: Zixi-push, RTP-FEC, RTP, RIST and SRT protocols.\n\nIf you use failover with SRT caller or listener, the `FailoverMode` property must be set to `FAILOVER` . The `FailoverMode` property\u00a0is found in\u00a0the `FailoverConfig` resource\u00a0of the same flow ARN you used for the source's `FlowArn` property. SRT caller/listener does not support\u00a0merge\u00a0mode failover.", + "title": "Protocol", + "type": "string" + }, + "SenderControlPort": { + "markdownDescription": "The port that the flow uses to send outbound requests to initiate connection with the sender.", + "title": "SenderControlPort", + "type": "number" + }, + "SenderIpAddress": { + "markdownDescription": "The IP address that the flow communicates with to initiate connection with the sender.", + "title": "SenderIpAddress", + "type": "string" + }, + "SourceListenerAddress": { + "markdownDescription": "Source IP or domain name for SRT-caller protocol.", + "title": "SourceListenerAddress", + "type": "string" + }, + "SourceListenerPort": { + "markdownDescription": "Source port for SRT-caller protocol.", + "title": "SourceListenerPort", + "type": "number" + }, + "StreamId": { + "markdownDescription": "The stream ID that you want to use for this transport. This parameter applies only to Zixi and SRT caller-based streams.", + "title": "StreamId", + "type": "string" + }, + "VpcInterfaceName": { + "markdownDescription": "The name of the VPC interface to use for this source.", + "title": "VpcInterfaceName", + "type": "string" + }, + "WhitelistCidr": { + "markdownDescription": "The range of IP addresses that should be allowed to contribute content to your source. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16.", + "title": "WhitelistCidr", "type": "string" } }, - "title": "QueryStringParameters", + "required": [ + "Description", + "Name" + ], "type": "object" - } - }, - "type": "object" - }, - "AWS::Pipes::Pipe.PipeTargetKinesisStreamParameters": { - "additionalProperties": false, - "properties": { - "PartitionKey": { - "markdownDescription": "Determines which shard in the stream the data record is assigned to. Partition keys are Unicode strings with a maximum length limit of 256 characters for each key. Amazon Kinesis Data Streams uses the partition key as input to a hash function that maps the partition key and associated data to a specific shard. Specifically, an MD5 hash function is used to map partition keys to 128-bit integer values and to map associated data records to shards. As a result of this hashing mechanism, all data records with the same partition key map to the same shard within the stream.", - "title": "PartitionKey", - "type": "string" - } - }, - "required": [ - "PartitionKey" - ], - "type": "object" - }, - "AWS::Pipes::Pipe.PipeTargetLambdaFunctionParameters": { - "additionalProperties": false, - "properties": { - "InvocationType": { - "markdownDescription": "Specify whether to invoke the function synchronously or asynchronously.\n\n- `REQUEST_RESPONSE` (default) - Invoke synchronously. This corresponds to the `RequestResponse` option in the `InvocationType` parameter for the Lambda [Invoke](https://docs.aws.amazon.com/lambda/latest/dg/API_Invoke.html#API_Invoke_RequestSyntax) API.\n- `FIRE_AND_FORGET` - Invoke asynchronously. This corresponds to the `Event` option in the `InvocationType` parameter for the Lambda [Invoke](https://docs.aws.amazon.com/lambda/latest/dg/API_Invoke.html#API_Invoke_RequestSyntax) API.\n\nFor more information, see [Invocation types](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes.html#pipes-invocation) in the *Amazon EventBridge User Guide* .", - "title": "InvocationType", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Pipes::Pipe.PipeTargetParameters": { - "additionalProperties": false, - "properties": { - "BatchJobParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetBatchJobParameters", - "markdownDescription": "The parameters for using an AWS Batch job as a target.", - "title": "BatchJobParameters" - }, - "CloudWatchLogsParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetCloudWatchLogsParameters", - "markdownDescription": "The parameters for using an CloudWatch Logs log stream as a target.", - "title": "CloudWatchLogsParameters" - }, - "EcsTaskParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetEcsTaskParameters", - "markdownDescription": "The parameters for using an Amazon ECS task as a target.", - "title": "EcsTaskParameters" - }, - "EventBridgeEventBusParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetEventBridgeEventBusParameters", - "markdownDescription": "The parameters for using an EventBridge event bus as a target.", - "title": "EventBridgeEventBusParameters" - }, - "HttpParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetHttpParameters", - "markdownDescription": "These are custom parameter to be used when the target is an API Gateway REST APIs or EventBridge ApiDestinations.", - "title": "HttpParameters" - }, - "InputTemplate": { - "markdownDescription": "Valid JSON text passed to the target. In this case, nothing from the event itself is passed to the target. For more information, see [The JavaScript Object Notation (JSON) Data Interchange Format](https://docs.aws.amazon.com/http://www.rfc-editor.org/rfc/rfc7159.txt) .\n\nTo remove an input template, specify an empty string.", - "title": "InputTemplate", - "type": "string" - }, - "KinesisStreamParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetKinesisStreamParameters", - "markdownDescription": "The parameters for using a Kinesis stream as a target.", - "title": "KinesisStreamParameters" - }, - "LambdaFunctionParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetLambdaFunctionParameters", - "markdownDescription": "The parameters for using a Lambda function as a target.", - "title": "LambdaFunctionParameters" - }, - "RedshiftDataParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetRedshiftDataParameters", - "markdownDescription": "These are custom parameters to be used when the target is a Amazon Redshift cluster to invoke the Amazon Redshift Data API BatchExecuteStatement.", - "title": "RedshiftDataParameters" - }, - "SageMakerPipelineParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetSageMakerPipelineParameters", - "markdownDescription": "The parameters for using a SageMaker AI pipeline as a target.", - "title": "SageMakerPipelineParameters" - }, - "SqsQueueParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetSqsQueueParameters", - "markdownDescription": "The parameters for using a Amazon SQS stream as a target.", - "title": "SqsQueueParameters" - }, - "StepFunctionStateMachineParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetStateMachineParameters", - "markdownDescription": "The parameters for using a Step Functions state machine as a target.", - "title": "StepFunctionStateMachineParameters" - } - }, - "type": "object" - }, - "AWS::Pipes::Pipe.PipeTargetRedshiftDataParameters": { - "additionalProperties": false, - "properties": { - "Database": { - "markdownDescription": "The name of the database. Required when authenticating using temporary credentials.", - "title": "Database", - "type": "string" - }, - "DbUser": { - "markdownDescription": "The database user name. Required when authenticating using temporary credentials.", - "title": "DbUser", - "type": "string" }, - "SecretManagerArn": { - "markdownDescription": "The name or ARN of the secret that enables access to the database. Required when authenticating using Secrets Manager.", - "title": "SecretManagerArn", + "Type": { + "enum": [ + "AWS::MediaConnect::FlowSource" + ], "type": "string" }, - "Sqls": { - "items": { - "type": "string" - }, - "markdownDescription": "The SQL statement text to run.", - "title": "Sqls", - "type": "array" - }, - "StatementName": { - "markdownDescription": "The name of the SQL statement. You can name the SQL statement when you create it to identify the query.", - "title": "StatementName", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "WithEvent": { - "markdownDescription": "Indicates whether to send an event back to EventBridge after the SQL statement runs.", - "title": "WithEvent", - "type": "boolean" } }, "required": [ - "Database", - "Sqls" + "Type", + "Properties" ], "type": "object" }, - "AWS::Pipes::Pipe.PipeTargetSageMakerPipelineParameters": { - "additionalProperties": false, - "properties": { - "PipelineParameterList": { - "items": { - "$ref": "#/definitions/AWS::Pipes::Pipe.SageMakerPipelineParameter" - }, - "markdownDescription": "List of Parameter names and values for SageMaker AI Model Building Pipeline execution.", - "title": "PipelineParameterList", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Pipes::Pipe.PipeTargetSqsQueueParameters": { + "AWS::MediaConnect::FlowSource.Encryption": { "additionalProperties": false, "properties": { - "MessageDeduplicationId": { - "markdownDescription": "This parameter applies only to FIFO (first-in-first-out) queues.\n\nThe token used for deduplication of sent messages.", - "title": "MessageDeduplicationId", + "Algorithm": { + "markdownDescription": "The type of algorithm that is used for static key encryption (such as aes128, aes192, or aes256). If you are using SPEKE or SRT-password encryption, this property must be left blank.", + "title": "Algorithm", "type": "string" }, - "MessageGroupId": { - "markdownDescription": "The FIFO message group ID to use as the target.", - "title": "MessageGroupId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Pipes::Pipe.PipeTargetStateMachineParameters": { - "additionalProperties": false, - "properties": { - "InvocationType": { - "markdownDescription": "Specify whether to invoke the Step Functions state machine synchronously or asynchronously.\n\n- `REQUEST_RESPONSE` (default) - Invoke synchronously. For more information, see [StartSyncExecution](https://docs.aws.amazon.com/step-functions/latest/apireference/API_StartSyncExecution.html) in the *AWS Step Functions API Reference* .\n\n> `REQUEST_RESPONSE` is not supported for `STANDARD` state machine workflows.\n- `FIRE_AND_FORGET` - Invoke asynchronously. For more information, see [StartExecution](https://docs.aws.amazon.com/step-functions/latest/apireference/API_StartExecution.html) in the *AWS Step Functions API Reference* .\n\nFor more information, see [Invocation types](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes.html#pipes-invocation) in the *Amazon EventBridge User Guide* .", - "title": "InvocationType", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Pipes::Pipe.PlacementConstraint": { - "additionalProperties": false, - "properties": { - "Expression": { - "markdownDescription": "A cluster query language expression to apply to the constraint. You cannot specify an expression if the constraint type is `distinctInstance` . To learn more, see [Cluster Query Language](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html) in the Amazon Elastic Container Service Developer Guide.", - "title": "Expression", + "ConstantInitializationVector": { + "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, to be used with the key for encrypting content. This parameter is not valid for static key encryption.", + "title": "ConstantInitializationVector", "type": "string" }, - "Type": { - "markdownDescription": "The type of constraint. Use distinctInstance to ensure that each task in a particular group is running on a different container instance. Use memberOf to restrict the selection to a group of valid candidates.", - "title": "Type", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Pipes::Pipe.PlacementStrategy": { - "additionalProperties": false, - "properties": { - "Field": { - "markdownDescription": "The field to apply the placement strategy against. For the spread placement strategy, valid values are instanceId (or host, which has the same effect), or any platform or custom attribute that is applied to a container instance, such as attribute:ecs.availability-zone. For the binpack placement strategy, valid values are cpu and memory. For the random placement strategy, this field is not used.", - "title": "Field", + "DeviceId": { + "markdownDescription": "The value of one of the devices that you configured with your digital rights management (DRM) platform key provider. This parameter is required for SPEKE encryption and is not valid for static key encryption.", + "title": "DeviceId", "type": "string" }, - "Type": { - "markdownDescription": "The type of placement strategy. The random placement strategy randomly places tasks on available candidates. The spread placement strategy spreads placement across available candidates evenly based on the field parameter. The binpack strategy places tasks on available candidates that have the least available amount of the resource that is specified with the field parameter. For example, if you binpack on memory, a task is placed on the instance with the least amount of remaining memory (but still enough to run the task).", - "title": "Type", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Pipes::Pipe.S3LogDestination": { - "additionalProperties": false, - "properties": { - "BucketName": { - "markdownDescription": "The name of the Amazon S3 bucket to which EventBridge delivers the log records for the pipe.", - "title": "BucketName", + "KeyType": { + "markdownDescription": "The type of key that is used for the encryption. If you don't specify a `keyType` value, the service uses the default setting ( `static-key` ). Valid key types are: `static-key` , `speke` , and `srt-password` .", + "title": "KeyType", "type": "string" }, - "BucketOwner": { - "markdownDescription": "The AWS account that owns the Amazon S3 bucket to which EventBridge delivers the log records for the pipe.", - "title": "BucketOwner", + "Region": { + "markdownDescription": "The AWS Region that the API Gateway proxy endpoint was created in. This parameter is required for SPEKE encryption and is not valid for static key encryption.", + "title": "Region", "type": "string" }, - "OutputFormat": { - "markdownDescription": "The format EventBridge uses for the log records.\n\nEventBridge currently only supports `json` formatting.", - "title": "OutputFormat", + "ResourceId": { + "markdownDescription": "An identifier for the content. The service sends this value to the key server to identify the current endpoint. The resource ID is also known as the content ID. This parameter is required for SPEKE encryption and is not valid for static key encryption.", + "title": "ResourceId", "type": "string" }, - "Prefix": { - "markdownDescription": "The prefix text with which to begin Amazon S3 log object names.\n\nFor more information, see [Organizing objects using prefixes](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-prefixes.html) in the *Amazon Simple Storage Service User Guide* .", - "title": "Prefix", + "RoleArn": { + "markdownDescription": "The ARN of the role that you created during setup (when you set up MediaConnect as a trusted entity).", + "title": "RoleArn", "type": "string" - } - }, - "type": "object" - }, - "AWS::Pipes::Pipe.SageMakerPipelineParameter": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "Name of parameter to start execution of a SageMaker AI Model Building Pipeline.", - "title": "Name", + }, + "SecretArn": { + "markdownDescription": "The ARN of the secret that you created in AWS Secrets Manager to store the encryption key. This parameter is required for static key encryption and is not valid for SPEKE encryption.", + "title": "SecretArn", "type": "string" }, - "Value": { - "markdownDescription": "Value of parameter to start execution of a SageMaker AI Model Building Pipeline.", - "title": "Value", + "Url": { + "markdownDescription": "The URL from the API Gateway proxy that you set up to talk to your key server. This parameter is required for SPEKE encryption and is not valid for static key encryption.", + "title": "Url", "type": "string" } }, "required": [ - "Name", - "Value" + "RoleArn" ], "type": "object" }, - "AWS::Pipes::Pipe.SelfManagedKafkaAccessConfigurationCredentials": { + "AWS::MediaConnect::FlowSource.GatewayBridgeSource": { "additionalProperties": false, "properties": { - "BasicAuth": { - "markdownDescription": "The ARN of the Secrets Manager secret.", - "title": "BasicAuth", - "type": "string" - }, - "ClientCertificateTlsAuth": { - "markdownDescription": "The ARN of the Secrets Manager secret.", - "title": "ClientCertificateTlsAuth", - "type": "string" - }, - "SaslScram256Auth": { - "markdownDescription": "The ARN of the Secrets Manager secret.", - "title": "SaslScram256Auth", + "BridgeArn": { + "markdownDescription": "The ARN of the bridge feeding this flow.", + "title": "BridgeArn", "type": "string" }, - "SaslScram512Auth": { - "markdownDescription": "The ARN of the Secrets Manager secret.", - "title": "SaslScram512Auth", - "type": "string" + "VpcInterfaceAttachment": { + "$ref": "#/definitions/AWS::MediaConnect::FlowSource.VpcInterfaceAttachment", + "markdownDescription": "The name of the VPC interface attachment to use for this bridge source.", + "title": "VpcInterfaceAttachment" } }, + "required": [ + "BridgeArn" + ], "type": "object" }, - "AWS::Pipes::Pipe.SelfManagedKafkaAccessConfigurationVpc": { + "AWS::MediaConnect::FlowSource.VpcInterfaceAttachment": { "additionalProperties": false, "properties": { - "SecurityGroup": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the security groups associated with the stream. These security groups must all be in the same VPC. You can specify as many as five security groups.", - "title": "SecurityGroup", - "type": "array" - }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the subnets associated with the stream. These subnets must all be in the same VPC. You can specify as many as 16 subnets.", - "title": "Subnets", - "type": "array" + "VpcInterfaceName": { + "markdownDescription": "The name of the VPC interface to use for this resource.", + "title": "VpcInterfaceName", + "type": "string" } }, "type": "object" }, - "AWS::Proton::EnvironmentAccountConnection": { + "AWS::MediaConnect::FlowVpcInterface": { "additionalProperties": false, "properties": { "Condition": { @@ -182541,50 +185264,47 @@ "Properties": { "additionalProperties": false, "properties": { - "CodebuildRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an IAM service role in the environment account. AWS Proton uses this role to provision infrastructure resources using CodeBuild-based provisioning in the associated environment account.", - "title": "CodebuildRoleArn", - "type": "string" - }, - "ComponentRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM service role that AWS Proton uses when provisioning directly defined components in the associated environment account. It determines the scope of infrastructure that a component can provision in the account.\n\nThe environment account connection must have a `componentRoleArn` to allow directly defined components to be associated with any environments running in the account.\n\nFor more information about components, see [AWS Proton components](https://docs.aws.amazon.com/proton/latest/userguide/ag-components.html) in the *AWS Proton User Guide* .", - "title": "ComponentRoleArn", - "type": "string" - }, - "EnvironmentAccountId": { - "markdownDescription": "The environment account that's connected to the environment account connection.", - "title": "EnvironmentAccountId", - "type": "string" - }, - "EnvironmentName": { - "markdownDescription": "The name of the environment that's associated with the environment account connection.", - "title": "EnvironmentName", + "FlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", + "title": "FlowArn", "type": "string" }, - "ManagementAccountId": { - "markdownDescription": "The ID of the management account that's connected to the environment account connection.", - "title": "ManagementAccountId", + "Name": { + "markdownDescription": "The name for the VPC interface. This name must be unique within the flow.", + "title": "Name", "type": "string" }, "RoleArn": { - "markdownDescription": "The IAM service role that's associated with the environment account connection.", + "markdownDescription": "The Amazon Resource Name (ARN) of the role that you created when you set up MediaConnect as a trusted service.", "title": "RoleArn", "type": "string" }, - "Tags": { + "SecurityGroupIds": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "An optional list of metadata items that you can associate with the AWS Proton environment account connection. A tag is a key-value pair.\n\nFor more information, see [AWS Proton resources and tagging](https://docs.aws.amazon.com/proton/latest/userguide/resources.html) in the *AWS Proton User Guide* .", - "title": "Tags", + "markdownDescription": "A virtual firewall to control inbound and outbound traffic.", + "title": "SecurityGroupIds", "type": "array" + }, + "SubnetId": { + "markdownDescription": "The subnet IDs that you want to use for your VPC interface. A range of IP addresses in your VPC. When you create your VPC, you specify a range of IPv4 addresses for the VPC in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16. This is the primary CIDR block for your VPC. When you create a subnet for your VPC, you specify the CIDR block for the subnet, which is a subset of the VPC CIDR block. The subnets that you use across all VPC interfaces on the flow must be in the same Availability Zone as the flow.", + "title": "SubnetId", + "type": "string" } }, + "required": [ + "FlowArn", + "Name", + "RoleArn", + "SecurityGroupIds", + "SubnetId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Proton::EnvironmentAccountConnection" + "AWS::MediaConnect::FlowVpcInterface" ], "type": "string" }, @@ -182598,11 +185318,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Proton::EnvironmentTemplate": { + "AWS::MediaConnect::Gateway": { "additionalProperties": false, "properties": { "Condition": { @@ -182637,45 +185358,38 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the environment template.", - "title": "Description", - "type": "string" - }, - "DisplayName": { - "markdownDescription": "The name of the environment template as displayed in the developer interface.", - "title": "DisplayName", - "type": "string" - }, - "EncryptionKey": { - "markdownDescription": "The customer provided encryption key for the environment template.", - "title": "EncryptionKey", - "type": "string" + "EgressCidrBlocks": { + "items": { + "type": "string" + }, + "markdownDescription": "The range of IP addresses that are allowed to contribute content or initiate output requests for flows communicating with this gateway. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16.", + "title": "EgressCidrBlocks", + "type": "array" }, "Name": { - "markdownDescription": "The name of the environment template.", + "markdownDescription": "The name of the gateway. This name can not be modified after the gateway is created.", "title": "Name", "type": "string" }, - "Provisioning": { - "markdownDescription": "When included, indicates that the environment template is for customer provisioned and managed infrastructure.", - "title": "Provisioning", - "type": "string" - }, - "Tags": { + "Networks": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::MediaConnect::Gateway.GatewayNetwork" }, - "markdownDescription": "An optional list of metadata items that you can associate with the AWS Proton environment template. A tag is a key-value pair.\n\nFor more information, see [AWS Proton resources and tagging](https://docs.aws.amazon.com/proton/latest/userguide/resources.html) in the *AWS Proton User Guide* .", - "title": "Tags", + "markdownDescription": "The list of networks in the gateway.", + "title": "Networks", "type": "array" } }, + "required": [ + "EgressCidrBlocks", + "Name", + "Networks" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Proton::EnvironmentTemplate" + "AWS::MediaConnect::Gateway" ], "type": "string" }, @@ -182689,11 +185403,32 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Proton::ServiceTemplate": { + "AWS::MediaConnect::Gateway.GatewayNetwork": { + "additionalProperties": false, + "properties": { + "CidrBlock": { + "markdownDescription": "A unique IP address range to use for this network. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16.", + "title": "CidrBlock", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the network. This name is used to reference the network and must be unique among networks in this gateway.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "CidrBlock", + "Name" + ], + "type": "object" + }, + "AWS::MediaConvert::JobTemplate": { "additionalProperties": false, "properties": { "Condition": { @@ -182728,45 +185463,68 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the service template.", - "title": "Description", - "type": "string" + "AccelerationSettings": { + "$ref": "#/definitions/AWS::MediaConvert::JobTemplate.AccelerationSettings", + "markdownDescription": "Accelerated transcoding can significantly speed up jobs with long, visually complex content. Outputs that use this feature incur pro-tier pricing. For information about feature limitations, For more information, see [Job Limitations for Accelerated Transcoding in AWS Elemental MediaConvert](https://docs.aws.amazon.com/mediaconvert/latest/ug/job-requirements.html) in the *AWS Elemental MediaConvert User Guide* .", + "title": "AccelerationSettings" }, - "DisplayName": { - "markdownDescription": "The service template name as displayed in the developer interface.", - "title": "DisplayName", + "Category": { + "markdownDescription": "Optional. A category for the job template you are creating", + "title": "Category", "type": "string" }, - "EncryptionKey": { - "markdownDescription": "The customer provided service template encryption key that's used to encrypt data.", - "title": "EncryptionKey", + "Description": { + "markdownDescription": "Optional. A description of the job template you are creating.", + "title": "Description", "type": "string" }, + "HopDestinations": { + "items": { + "$ref": "#/definitions/AWS::MediaConvert::JobTemplate.HopDestination" + }, + "markdownDescription": "Optional. Configuration for a destination queue to which the job can hop once a customer-defined minimum wait time has passed. For more information, see [Setting Up Queue Hopping to Avoid Long Waits](https://docs.aws.amazon.com/mediaconvert/latest/ug/setting-up-queue-hopping-to-avoid-long-waits.html) in the *AWS Elemental MediaConvert User Guide* .", + "title": "HopDestinations", + "type": "array" + }, "Name": { - "markdownDescription": "The name of the service template.", + "markdownDescription": "Name of the output group", "title": "Name", "type": "string" }, - "PipelineProvisioning": { - "markdownDescription": "If `pipelineProvisioning` is `true` , a service pipeline is included in the service template. Otherwise, a service pipeline *isn't* included in the service template.", - "title": "PipelineProvisioning", + "Priority": { + "markdownDescription": "Specify the relative priority for this job. In any given queue, the service begins processing the job with the highest value first. When more than one job has the same priority, the service begins processing the job that you submitted first. If you don't specify a priority, the service uses the default value 0. Minimum: -50 Maximum: 50", + "title": "Priority", + "type": "number" + }, + "Queue": { + "markdownDescription": "Optional. The queue that jobs created from this template are assigned to. Specify the Amazon Resource Name (ARN) of the queue. For example, arn:aws:mediaconvert:us-west-2:505474453218:queues/Default. If you don't specify this, jobs will go to the default queue.", + "title": "Queue", + "type": "string" + }, + "SettingsJson": { + "markdownDescription": "Specify, in JSON format, the transcoding job settings for this job template. This specification must conform to the AWS Elemental MediaConvert job validation. For information about forming this specification, see the Remarks section later in this topic.\n\nFor more information about MediaConvert job templates, see [Working with AWS Elemental MediaConvert Job Templates](https://docs.aws.amazon.com/mediaconvert/latest/ug/working-with-job-templates.html) in the ** .", + "title": "SettingsJson", + "type": "object" + }, + "StatusUpdateInterval": { + "markdownDescription": "Specify how often MediaConvert sends STATUS_UPDATE events to Amazon CloudWatch Events. Set the interval, in seconds, between status updates. MediaConvert sends an update at this interval from the time the service begins processing your job to the time it completes the transcode or encounters an error.\n\nSpecify one of the following enums:\n\nSECONDS_10\n\nSECONDS_12\n\nSECONDS_15\n\nSECONDS_20\n\nSECONDS_30\n\nSECONDS_60\n\nSECONDS_120\n\nSECONDS_180\n\nSECONDS_240\n\nSECONDS_300\n\nSECONDS_360\n\nSECONDS_420\n\nSECONDS_480\n\nSECONDS_540\n\nSECONDS_600", + "title": "StatusUpdateInterval", "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An object that includes the template bundle S3 bucket path and name for the new version of a service template.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", - "type": "array" + "type": "object" } }, + "required": [ + "SettingsJson" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Proton::ServiceTemplate" + "AWS::MediaConvert::JobTemplate" ], "type": "string" }, @@ -182780,11 +185538,47 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::QLDB::Ledger": { + "AWS::MediaConvert::JobTemplate.AccelerationSettings": { + "additionalProperties": false, + "properties": { + "Mode": { + "markdownDescription": "Specify the conditions when the service will run your job with accelerated transcoding.", + "title": "Mode", + "type": "string" + } + }, + "required": [ + "Mode" + ], + "type": "object" + }, + "AWS::MediaConvert::JobTemplate.HopDestination": { + "additionalProperties": false, + "properties": { + "Priority": { + "markdownDescription": "Optional. When you set up a job to use queue hopping, you can specify a different relative priority for the job in the destination queue. If you don't specify, the relative priority will remain the same as in the previous queue.", + "title": "Priority", + "type": "number" + }, + "Queue": { + "markdownDescription": "Optional unless the job is submitted on the default queue. When you set up a job to use queue hopping, you can specify a destination queue. This queue cannot be the original queue to which the job is submitted. If the original queue isn't the default queue and you don't specify the destination queue, the job will move to the default queue.", + "title": "Queue", + "type": "string" + }, + "WaitMinutes": { + "markdownDescription": "Required for setting up a job to use queue hopping. Minimum wait time in minutes until the job can hop to the destination queue. Valid range is 1 to 4320 minutes, inclusive.", + "title": "WaitMinutes", + "type": "number" + } + }, + "type": "object" + }, + "AWS::MediaConvert::Preset": { "additionalProperties": false, "properties": { "Condition": { @@ -182819,43 +185613,40 @@ "Properties": { "additionalProperties": false, "properties": { - "DeletionProtection": { - "markdownDescription": "Specifies whether the ledger is protected from being deleted by any user. If not defined during ledger creation, this feature is enabled ( `true` ) by default.\n\nIf deletion protection is enabled, you must first disable it before you can delete the ledger. You can disable it by calling the `UpdateLedger` operation to set this parameter to `false` .", - "title": "DeletionProtection", - "type": "boolean" + "Category": { + "markdownDescription": "The new category for the preset, if you are changing it.", + "title": "Category", + "type": "string" }, - "KmsKey": { - "markdownDescription": "The key in AWS Key Management Service ( AWS KMS ) to use for encryption of data at rest in the ledger. For more information, see [Encryption at rest](https://docs.aws.amazon.com/qldb/latest/developerguide/encryption-at-rest.html) in the *Amazon QLDB Developer Guide* .\n\nUse one of the following options to specify this parameter:\n\n- `AWS_OWNED_KMS_KEY` : Use an AWS KMS key that is owned and managed by AWS on your behalf.\n- *Undefined* : By default, use an AWS owned KMS key.\n- *A valid symmetric customer managed KMS key* : Use the specified symmetric encryption KMS key in your account that you create, own, and manage.\n\nAmazon QLDB does not support asymmetric keys. For more information, see [Using symmetric and asymmetric keys](https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html) in the *AWS Key Management Service Developer Guide* .\n\nTo specify a customer managed KMS key, you can use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. When using an alias name, prefix it with `\"alias/\"` . To specify a key in a different AWS account , you must use the key ARN or alias ARN.\n\nFor example:\n\n- Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key ARN: `arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n- Alias name: `alias/ExampleAlias`\n- Alias ARN: `arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias`\n\nFor more information, see [Key identifiers (KeyId)](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id) in the *AWS Key Management Service Developer Guide* .", - "title": "KmsKey", + "Description": { + "markdownDescription": "The new description for the preset, if you are changing it.", + "title": "Description", "type": "string" }, "Name": { - "markdownDescription": "The name of the ledger that you want to create. The name must be unique among all of the ledgers in your AWS account in the current Region.\n\nNaming constraints for ledger names are defined in [Quotas in Amazon QLDB](https://docs.aws.amazon.com/qldb/latest/developerguide/limits.html#limits.naming) in the *Amazon QLDB Developer Guide* .", + "markdownDescription": "The name of the preset that you are modifying.", "title": "Name", "type": "string" }, - "PermissionsMode": { - "markdownDescription": "The permissions mode to assign to the ledger that you want to create. This parameter can have one of the following values:\n\n- `ALLOW_ALL` : A legacy permissions mode that enables access control with API-level granularity for ledgers.\n\nThis mode allows users who have the `SendCommand` API permission for this ledger to run all PartiQL commands (hence, `ALLOW_ALL` ) on any tables in the specified ledger. This mode disregards any table-level or command-level IAM permissions policies that you create for the ledger.\n- `STANDARD` : ( *Recommended* ) A permissions mode that enables access control with finer granularity for ledgers, tables, and PartiQL commands.\n\nBy default, this mode denies all user requests to run any PartiQL commands on any tables in this ledger. To allow PartiQL commands to run, you must create IAM permissions policies for specific table resources and PartiQL actions, in addition to the `SendCommand` API permission for the ledger. For information, see [Getting started with the standard permissions mode](https://docs.aws.amazon.com/qldb/latest/developerguide/getting-started-standard-mode.html) in the *Amazon QLDB Developer Guide* .\n\n> We strongly recommend using the `STANDARD` permissions mode to maximize the security of your ledger data.", - "title": "PermissionsMode", - "type": "string" + "SettingsJson": { + "markdownDescription": "Specify, in JSON format, the transcoding job settings for this output preset. This specification must conform to the AWS Elemental MediaConvert job validation. For information about forming this specification, see the Remarks section later in this topic.\n\nFor more information about MediaConvert output presets, see [Working with AWS Elemental MediaConvert Output Presets](https://docs.aws.amazon.com/mediaconvert/latest/ug/working-with-presets.html) in the ** .", + "title": "SettingsJson", + "type": "object" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", - "type": "array" + "type": "object" } }, "required": [ - "PermissionsMode" + "SettingsJson" ], "type": "object" }, "Type": { "enum": [ - "AWS::QLDB::Ledger" + "AWS::MediaConvert::Preset" ], "type": "string" }, @@ -182874,7 +185665,7 @@ ], "type": "object" }, - "AWS::QLDB::Stream": { + "AWS::MediaConvert::Queue": { "additionalProperties": false, "properties": { "Condition": { @@ -182909,57 +185700,42 @@ "Properties": { "additionalProperties": false, "properties": { - "ExclusiveEndTime": { - "markdownDescription": "The exclusive date and time that specifies when the stream ends. If you don't define this parameter, the stream runs indefinitely until you cancel it.\n\nThe `ExclusiveEndTime` must be in `ISO 8601` date and time format and in Universal Coordinated Time (UTC). For example: `2019-06-13T21:36:34Z` .", - "title": "ExclusiveEndTime", - "type": "string" + "ConcurrentJobs": { + "markdownDescription": "Specify the maximum number of jobs your queue can process concurrently. For on-demand queues, the value you enter is constrained by your service quotas for Maximum concurrent jobs, per on-demand queue and Maximum concurrent jobs, per account. For reserved queues, specify the number of jobs you can process concurrently in your reservation plan instead.", + "title": "ConcurrentJobs", + "type": "number" }, - "InclusiveStartTime": { - "markdownDescription": "The inclusive start date and time from which to start streaming journal data. This parameter must be in `ISO 8601` date and time format and in Universal Coordinated Time (UTC). For example: `2019-06-13T21:36:34Z` .\n\nThe `InclusiveStartTime` cannot be in the future and must be before `ExclusiveEndTime` .\n\nIf you provide an `InclusiveStartTime` that is before the ledger's `CreationDateTime` , QLDB effectively defaults it to the ledger's `CreationDateTime` .", - "title": "InclusiveStartTime", + "Description": { + "markdownDescription": "Optional. A description of the queue that you are creating.", + "title": "Description", "type": "string" }, - "KinesisConfiguration": { - "$ref": "#/definitions/AWS::QLDB::Stream.KinesisConfiguration", - "markdownDescription": "The configuration settings of the Kinesis Data Streams destination for your stream request.", - "title": "KinesisConfiguration" - }, - "LedgerName": { - "markdownDescription": "The name of the ledger.", - "title": "LedgerName", + "Name": { + "markdownDescription": "The name of the queue that you are creating.", + "title": "Name", "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that grants QLDB permissions for a journal stream to write data records to a Kinesis Data Streams resource.\n\nTo pass a role to QLDB when requesting a journal stream, you must have permissions to perform the `iam:PassRole` action on the IAM role resource. This is required for all journal stream requests.", - "title": "RoleArn", + "PricingPlan": { + "markdownDescription": "When you use AWS CloudFormation , you can create only on-demand queues. Therefore, always set `PricingPlan` to the value \"ON_DEMAND\" when declaring an AWS::MediaConvert::Queue in your AWS CloudFormation template.\n\nTo create a reserved queue, use the AWS Elemental MediaConvert console at https://console.aws.amazon.com/mediaconvert to set up a contract. For more information, see [Working with AWS Elemental MediaConvert Queues](https://docs.aws.amazon.com/mediaconvert/latest/ug/working-with-queues.html) in the ** .", + "title": "PricingPlan", "type": "string" }, - "StreamName": { - "markdownDescription": "The name that you want to assign to the QLDB journal stream. User-defined names can help identify and indicate the purpose of a stream.\n\nYour stream name must be unique among other *active* streams for a given ledger. Stream names have the same naming constraints as ledger names, as defined in [Quotas in Amazon QLDB](https://docs.aws.amazon.com/qldb/latest/developerguide/limits.html#limits.naming) in the *Amazon QLDB Developer Guide* .", - "title": "StreamName", + "Status": { + "markdownDescription": "Initial state of the queue. Queues can be either ACTIVE or PAUSED. If you create a paused queue, then jobs that you send to that queue won't begin.", + "title": "Status", "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", - "type": "array" + "type": "object" } }, - "required": [ - "InclusiveStartTime", - "KinesisConfiguration", - "LedgerName", - "RoleArn", - "StreamName" - ], "type": "object" }, "Type": { "enum": [ - "AWS::QLDB::Stream" + "AWS::MediaConvert::Queue" ], "type": "string" }, @@ -182973,28 +185749,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::QLDB::Stream.KinesisConfiguration": { - "additionalProperties": false, - "properties": { - "AggregationEnabled": { - "markdownDescription": "Enables QLDB to publish multiple data records in a single Kinesis Data Streams record, increasing the number of records sent per API call.\n\nDefault: `True`\n\n> Record aggregation has important implications for processing records and requires de-aggregation in your stream consumer. To learn more, see [KPL Key Concepts](https://docs.aws.amazon.com/streams/latest/dev/kinesis-kpl-concepts.html) and [Consumer De-aggregation](https://docs.aws.amazon.com/streams/latest/dev/kinesis-kpl-consumer-deaggregation.html) in the *Amazon Kinesis Data Streams Developer Guide* .", - "title": "AggregationEnabled", - "type": "boolean" - }, - "StreamArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Kinesis Data Streams resource.", - "title": "StreamArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis": { + "AWS::MediaLive::Channel": { "additionalProperties": false, "properties": { "Condition": { @@ -183029,94 +185788,93 @@ "Properties": { "additionalProperties": false, "properties": { - "AnalysisId": { - "markdownDescription": "The ID for the analysis that you're creating. This ID displays in the URL of the analysis.", - "title": "AnalysisId", - "type": "string" + "AnywhereSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AnywhereSettings", + "markdownDescription": "", + "title": "AnywhereSettings" }, - "AwsAccountId": { - "markdownDescription": "The ID of the AWS account where you are creating an analysis.", - "title": "AwsAccountId", + "CdiInputSpecification": { + "$ref": "#/definitions/AWS::MediaLive::Channel.CdiInputSpecification", + "markdownDescription": "Specification of CDI inputs for this channel.", + "title": "CdiInputSpecification" + }, + "ChannelClass": { + "markdownDescription": "The class for this channel. For a channel with two pipelines, the class is STANDARD. For a channel with one pipeline, the class is SINGLE_PIPELINE.", + "title": "ChannelClass", "type": "string" }, - "Definition": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AnalysisDefinition", + "ChannelEngineVersion": { + "$ref": "#/definitions/AWS::MediaLive::Channel.ChannelEngineVersionRequest", "markdownDescription": "", - "title": "Definition" + "title": "ChannelEngineVersion" }, - "Errors": { + "Destinations": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AnalysisError" + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputDestination" }, - "markdownDescription": "Errors associated with the analysis.", - "title": "Errors", + "markdownDescription": "The settings that identify the destination for the outputs in this MediaLive output package.", + "title": "Destinations", "type": "array" }, - "Name": { - "markdownDescription": "A descriptive name for the analysis that you're creating. This name displays for the analysis in the Amazon QuickSight console.", - "title": "Name", - "type": "string" + "DryRun": { + "markdownDescription": "", + "title": "DryRun", + "type": "boolean" }, - "Parameters": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.Parameters", - "markdownDescription": "The parameter names and override values that you want to use. An analysis can have any parameter type, and some parameters might accept multiple values.", - "title": "Parameters" + "EncoderSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.EncoderSettings", + "markdownDescription": "The encoding configuration for the output content.", + "title": "EncoderSettings" }, - "Permissions": { + "InputAttachments": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ResourcePermission" + "$ref": "#/definitions/AWS::MediaLive::Channel.InputAttachment" }, - "markdownDescription": "A structure that describes the principals and the resource-level permissions on an analysis. You can use the `Permissions` structure to grant permissions by providing a list of AWS Identity and Access Management (IAM) action information for each principal listed by Amazon Resource Name (ARN).\n\nTo specify no permissions, omit `Permissions` .", - "title": "Permissions", + "markdownDescription": "The list of input attachments for the channel.", + "title": "InputAttachments", "type": "array" }, - "Sheets": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.Sheet" - }, - "markdownDescription": "A list of the associated sheets with the unique identifier and name of each sheet.", - "title": "Sheets", - "type": "array" + "InputSpecification": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InputSpecification", + "markdownDescription": "The input specification for this channel. It specifies the key characteristics of the inputs for this channel: the maximum bitrate, the resolution, and the codec.", + "title": "InputSpecification" }, - "SourceEntity": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AnalysisSourceEntity", - "markdownDescription": "A source entity to use for the analysis that you're creating. This metadata structure contains details that describe a source template and one or more datasets.\n\nEither a `SourceEntity` or a `Definition` must be provided in order for the request to be valid.", - "title": "SourceEntity" + "LogLevel": { + "markdownDescription": "The verbosity for logging activity for this channel. Charges for logging (which are generated through Amazon CloudWatch Logging) are higher for higher verbosities.", + "title": "LogLevel", + "type": "string" }, - "Status": { - "markdownDescription": "Status associated with the analysis.", - "title": "Status", + "Maintenance": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MaintenanceCreateSettings", + "markdownDescription": "Maintenance settings for this channel.", + "title": "Maintenance" + }, + "Name": { + "markdownDescription": "Name of channel.", + "title": "Name", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The IAM role for MediaLive to assume when running this channel. The role is identified by its ARN.", + "title": "RoleArn", "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Contains a map of the key-value pairs for the resource tag or tags assigned to the analysis.", + "markdownDescription": "A collection of tags for this channel. Each tag is a key-value pair.", "title": "Tags", - "type": "array" - }, - "ThemeArn": { - "markdownDescription": "The ARN for the theme to apply to the analysis that you're creating. To see the theme in the Amazon QuickSight console, make sure that you have access to it.", - "title": "ThemeArn", - "type": "string" + "type": "object" }, - "ValidationStrategy": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ValidationStrategy", - "markdownDescription": "The option to relax the validation that is required to create and update analyses, dashboards, and templates with definition objects. When you set this value to `LENIENT` , validation is skipped for specific errors.", - "title": "ValidationStrategy" + "Vpc": { + "$ref": "#/definitions/AWS::MediaLive::Channel.VpcOutputSettings", + "markdownDescription": "Settings to enable VPC mode in the channel, so that the endpoints for all outputs are in your VPC.", + "title": "Vpc" } }, - "required": [ - "AnalysisId", - "AwsAccountId", - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::QuickSight::Analysis" + "AWS::MediaLive::Channel" ], "type": "string" }, @@ -183130,6176 +185888,5584 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::QuickSight::Analysis.AggregationFunction": { + "AWS::MediaLive::Channel.AacSettings": { "additionalProperties": false, "properties": { - "AttributeAggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AttributeAggregationFunction", - "markdownDescription": "Aggregation for attributes.", - "title": "AttributeAggregationFunction" + "Bitrate": { + "markdownDescription": "The average bitrate in bits/second. Valid values depend on the rate control mode and profile.", + "title": "Bitrate", + "type": "number" }, - "CategoricalAggregationFunction": { - "markdownDescription": "Aggregation for categorical values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values.", - "title": "CategoricalAggregationFunction", + "CodingMode": { + "markdownDescription": "Mono, stereo, or 5.1 channel layout. Valid values depend on the rate control mode and profile. The adReceiverMix setting receives a stereo description plus control track, and emits a mono AAC encode of the description track, with control data emitted in the PES header as per ETSI TS 101 154 Annex E.", + "title": "CodingMode", "type": "string" }, - "DateAggregationFunction": { - "markdownDescription": "Aggregation for date values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values.\n- `MIN` : Select the smallest date value.\n- `MAX` : Select the largest date value.", - "title": "DateAggregationFunction", + "InputType": { + "markdownDescription": "Set to broadcasterMixedAd when the input contains pre-mixed main audio + AD (narration) as a stereo pair. The Audio Type field (audioType) will be set to 3, which signals to downstream systems that this stream contains broadcaster mixed AD. Note that the input received by the encoder must contain pre-mixed audio; MediaLive does not perform the mixing. The values in audioTypeControl and audioType (in AudioDescription) are ignored when set to broadcasterMixedAd. Leave this set to normal when the input does not contain pre-mixed audio + AD.", + "title": "InputType", "type": "string" }, - "NumericalAggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericalAggregationFunction", - "markdownDescription": "Aggregation for numerical values.", - "title": "NumericalAggregationFunction" + "Profile": { + "markdownDescription": "The AAC profile.", + "title": "Profile", + "type": "string" + }, + "RateControlMode": { + "markdownDescription": "The rate control mode.", + "title": "RateControlMode", + "type": "string" + }, + "RawFormat": { + "markdownDescription": "Sets the LATM/LOAS AAC output for raw containers.", + "title": "RawFormat", + "type": "string" + }, + "SampleRate": { + "markdownDescription": "The sample rate in Hz. Valid values depend on the rate control mode and profile.", + "title": "SampleRate", + "type": "number" + }, + "Spec": { + "markdownDescription": "Uses MPEG-2 AAC audio instead of MPEG-4 AAC audio for raw or MPEG-2 Transport Stream containers.", + "title": "Spec", + "type": "string" + }, + "VbrQuality": { + "markdownDescription": "The VBR quality level. This is used only if rateControlMode is VBR.", + "title": "VbrQuality", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.AggregationSortConfiguration": { + "AWS::MediaLive::Channel.Ac3Settings": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationFunction", - "markdownDescription": "The function that aggregates the values in `Column` .", - "title": "AggregationFunction" + "AttenuationControl": { + "markdownDescription": "", + "title": "AttenuationControl", + "type": "string" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that determines the sort order of aggregated values.", - "title": "Column" + "Bitrate": { + "markdownDescription": "The average bitrate in bits/second. Valid bitrates depend on the coding mode.", + "title": "Bitrate", + "type": "number" }, - "SortDirection": { - "markdownDescription": "The sort direction of values.\n\n- `ASC` : Sort in ascending order.\n- `DESC` : Sort in descending order.", - "title": "SortDirection", + "BitstreamMode": { + "markdownDescription": "Specifies the bitstream mode (bsmod) for the emitted AC-3 stream. For more information about these values, see ATSC A/52-2012.", + "title": "BitstreamMode", + "type": "string" + }, + "CodingMode": { + "markdownDescription": "The Dolby Digital coding mode. This determines the number of channels.", + "title": "CodingMode", + "type": "string" + }, + "Dialnorm": { + "markdownDescription": "Sets the dialnorm for the output. If excluded and the input audio is Dolby Digital, dialnorm is passed through.", + "title": "Dialnorm", + "type": "number" + }, + "DrcProfile": { + "markdownDescription": "If set to filmStandard, adds dynamic range compression signaling to the output bitstream as defined in the Dolby Digital specification.", + "title": "DrcProfile", + "type": "string" + }, + "LfeFilter": { + "markdownDescription": "When set to enabled, applies a 120Hz lowpass filter to the LFE channel prior to encoding. This is valid only in codingMode32Lfe mode.", + "title": "LfeFilter", + "type": "string" + }, + "MetadataControl": { + "markdownDescription": "When set to followInput, encoder metadata is sourced from the DD, DD+, or DolbyE decoder that supplies this audio data. If the audio is supplied from one of these streams, the static metadata settings are used.", + "title": "MetadataControl", "type": "string" } }, - "required": [ - "Column", - "SortDirection" - ], "type": "object" }, - "AWS::QuickSight::Analysis.AnalysisDefaults": { + "AWS::MediaLive::Channel.AncillarySourceSettings": { "additionalProperties": false, "properties": { - "DefaultNewSheetConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultNewSheetConfiguration", - "markdownDescription": "The configuration for default new sheet settings.", - "title": "DefaultNewSheetConfiguration" + "SourceAncillaryChannelNumber": { + "markdownDescription": "Specifies the number (1 to 4) of the captions channel you want to extract from the ancillary captions. If you plan to convert the ancillary captions to another format, complete this field. If you plan to choose Embedded as the captions destination in the output (to pass through all the channels in the ancillary captions), leave this field blank because MediaLive ignores the field.", + "title": "SourceAncillaryChannelNumber", + "type": "number" } }, - "required": [ - "DefaultNewSheetConfiguration" - ], "type": "object" }, - "AWS::QuickSight::Analysis.AnalysisDefinition": { + "AWS::MediaLive::Channel.AnywhereSettings": { "additionalProperties": false, "properties": { - "AnalysisDefaults": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AnalysisDefaults", + "ChannelPlacementGroupId": { "markdownDescription": "", - "title": "AnalysisDefaults" - }, - "CalculatedFields": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CalculatedField" - }, - "markdownDescription": "An array of calculated field definitions for the analysis.", - "title": "CalculatedFields", - "type": "array" - }, - "ColumnConfigurations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnConfiguration" - }, - "markdownDescription": "An array of analysis-level column configurations. Column configurations can be used to set default formatting for a column to be used throughout an analysis.", - "title": "ColumnConfigurations", - "type": "array" - }, - "DataSetIdentifierDeclarations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataSetIdentifierDeclaration" - }, - "markdownDescription": "An array of dataset identifier declarations. This mapping allows the usage of dataset identifiers instead of dataset ARNs throughout analysis sub-structures.", - "title": "DataSetIdentifierDeclarations", - "type": "array" - }, - "FilterGroups": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterGroup" - }, - "markdownDescription": "Filter definitions for an analysis.\n\nFor more information, see [Filtering Data in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/adding-a-filter.html) in the *Amazon QuickSight User Guide* .", - "title": "FilterGroups", - "type": "array" - }, - "Options": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AssetOptions", - "markdownDescription": "An array of option definitions for an analysis.", - "title": "Options" - }, - "ParameterDeclarations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterDeclaration" - }, - "markdownDescription": "An array of parameter declarations for an analysis.\n\nParameters are named variables that can transfer a value for use by an action or an object.\n\nFor more information, see [Parameters in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-in-quicksight.html) in the *Amazon QuickSight User Guide* .", - "title": "ParameterDeclarations", - "type": "array" + "title": "ChannelPlacementGroupId", + "type": "string" }, - "Sheets": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetDefinition" - }, - "markdownDescription": "An array of sheet definitions for an analysis. Each `SheetDefinition` provides detailed information about a sheet within this analysis.", - "title": "Sheets", - "type": "array" + "ClusterId": { + "markdownDescription": "", + "title": "ClusterId", + "type": "string" } }, - "required": [ - "DataSetIdentifierDeclarations" - ], "type": "object" }, - "AWS::QuickSight::Analysis.AnalysisError": { + "AWS::MediaLive::Channel.ArchiveCdnSettings": { "additionalProperties": false, "properties": { - "Message": { - "markdownDescription": "The message associated with the analysis error.", - "title": "Message", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of the analysis error.", - "title": "Type", - "type": "string" - }, - "ViolatedEntities": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.Entity" - }, - "markdownDescription": "Lists the violated entities that caused the analysis error", - "title": "ViolatedEntities", - "type": "array" + "ArchiveS3Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.ArchiveS3Settings", + "markdownDescription": "Sets up Amazon S3 as the destination for this Archive output.", + "title": "ArchiveS3Settings" } }, "type": "object" }, - "AWS::QuickSight::Analysis.AnalysisSourceEntity": { + "AWS::MediaLive::Channel.ArchiveContainerSettings": { "additionalProperties": false, "properties": { - "SourceTemplate": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AnalysisSourceTemplate", - "markdownDescription": "The source template for the source entity of the analysis.", - "title": "SourceTemplate" + "M2tsSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.M2tsSettings", + "markdownDescription": "The settings for the M2TS in the archive output.", + "title": "M2tsSettings" + }, + "RawSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.RawSettings", + "markdownDescription": "The settings for Raw archive output type.", + "title": "RawSettings" } }, "type": "object" }, - "AWS::QuickSight::Analysis.AnalysisSourceTemplate": { + "AWS::MediaLive::Channel.ArchiveGroupSettings": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the source template of an analysis.", - "title": "Arn", - "type": "string" + "ArchiveCdnSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.ArchiveCdnSettings", + "markdownDescription": "Settings to configure the destination of an Archive output.", + "title": "ArchiveCdnSettings" }, - "DataSetReferences": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataSetReference" - }, - "markdownDescription": "The dataset references of the source template of an analysis.", - "title": "DataSetReferences", - "type": "array" + "Destination": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", + "markdownDescription": "A directory and base file name where archive files should be written.", + "title": "Destination" + }, + "RolloverInterval": { + "markdownDescription": "The number of seconds to write to an archive file before closing and starting a new one.", + "title": "RolloverInterval", + "type": "number" } }, - "required": [ - "Arn", - "DataSetReferences" - ], "type": "object" }, - "AWS::QuickSight::Analysis.AnchorDateConfiguration": { + "AWS::MediaLive::Channel.ArchiveOutputSettings": { "additionalProperties": false, "properties": { - "AnchorOption": { - "markdownDescription": "The options for the date configuration. Choose one of the options below:\n\n- `NOW`", - "title": "AnchorOption", + "ContainerSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.ArchiveContainerSettings", + "markdownDescription": "The settings that are specific to the container type of the file.", + "title": "ContainerSettings" + }, + "Extension": { + "markdownDescription": "The output file extension. If excluded, this is auto-selected from the container type.", + "title": "Extension", "type": "string" }, - "ParameterName": { - "markdownDescription": "The name of the parameter that is used for the anchor date configuration.", - "title": "ParameterName", + "NameModifier": { + "markdownDescription": "A string that is concatenated to the end of the destination file name. The string is required for multiple outputs of the same type.", + "title": "NameModifier", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ArcAxisConfiguration": { + "AWS::MediaLive::Channel.ArchiveS3Settings": { "additionalProperties": false, "properties": { - "Range": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ArcAxisDisplayRange", - "markdownDescription": "The arc axis range of a `GaugeChartVisual` .", - "title": "Range" - }, - "ReserveRange": { - "markdownDescription": "The reserved range of the arc axis.", - "title": "ReserveRange", - "type": "number" + "CannedAcl": { + "markdownDescription": "Specify the canned ACL to apply to each S3 request. Defaults to none.", + "title": "CannedAcl", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ArcAxisDisplayRange": { + "AWS::MediaLive::Channel.AribDestinationSettings": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::MediaLive::Channel.AribSourceSettings": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::MediaLive::Channel.AudioChannelMapping": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum value of the arc axis range.", - "title": "Max", - "type": "number" + "InputChannelLevels": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InputChannelLevel" + }, + "markdownDescription": "The indices and gain values for each input channel that should be remixed into this output channel.", + "title": "InputChannelLevels", + "type": "array" }, - "Min": { - "markdownDescription": "The minimum value of the arc axis range.", - "title": "Min", + "OutputChannel": { + "markdownDescription": "The index of the output channel that is being produced.", + "title": "OutputChannel", "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ArcConfiguration": { + "AWS::MediaLive::Channel.AudioCodecSettings": { "additionalProperties": false, "properties": { - "ArcAngle": { - "markdownDescription": "The option that determines the arc angle of a `GaugeChartVisual` .", - "title": "ArcAngle", - "type": "number" + "AacSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AacSettings", + "markdownDescription": "The setup of the AAC audio codec in the output.", + "title": "AacSettings" }, - "ArcThickness": { - "markdownDescription": "The options that determine the arc thickness of a `GaugeChartVisual` .", - "title": "ArcThickness", - "type": "string" + "Ac3Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Ac3Settings", + "markdownDescription": "The setup of an AC3 audio codec in the output.", + "title": "Ac3Settings" + }, + "Eac3AtmosSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Eac3AtmosSettings", + "markdownDescription": "", + "title": "Eac3AtmosSettings" + }, + "Eac3Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Eac3Settings", + "markdownDescription": "The setup of an EAC3 audio codec in the output.", + "title": "Eac3Settings" + }, + "Mp2Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Mp2Settings", + "markdownDescription": "The setup of an MP2 audio codec in the output.", + "title": "Mp2Settings" + }, + "PassThroughSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.PassThroughSettings", + "markdownDescription": "The setup to pass through the Dolby audio codec to the output.", + "title": "PassThroughSettings" + }, + "WavSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.WavSettings", + "markdownDescription": "Settings for audio encoded with the WAV codec.", + "title": "WavSettings" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ArcOptions": { + "AWS::MediaLive::Channel.AudioDescription": { "additionalProperties": false, "properties": { - "ArcThickness": { - "markdownDescription": "The arc thickness of a `GaugeChartVisual` .", - "title": "ArcThickness", + "AudioDashRoles": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "AudioDashRoles", + "type": "array" + }, + "AudioNormalizationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioNormalizationSettings", + "markdownDescription": "The advanced audio normalization settings.", + "title": "AudioNormalizationSettings" + }, + "AudioSelectorName": { + "markdownDescription": "The name of the AudioSelector that is used as the source for this AudioDescription.", + "title": "AudioSelectorName", + "type": "string" + }, + "AudioType": { + "markdownDescription": "Applies only if audioTypeControl is useConfigured. The values for audioType are defined in ISO-IEC 13818-1.", + "title": "AudioType", + "type": "string" + }, + "AudioTypeControl": { + "markdownDescription": "Determines how audio type is determined. followInput: If the input contains an ISO 639 audioType, then that value is passed through to the output. If the input contains no ISO 639 audioType, the value in Audio Type is included in the output. useConfigured: The value in Audio Type is included in the output. Note that this field and audioType are both ignored if inputType is broadcasterMixedAd.", + "title": "AudioTypeControl", + "type": "string" + }, + "AudioWatermarkingSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioWatermarkSettings", + "markdownDescription": "Settings to configure one or more solutions that insert audio watermarks in the audio encode", + "title": "AudioWatermarkingSettings" + }, + "CodecSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioCodecSettings", + "markdownDescription": "The audio codec settings.", + "title": "CodecSettings" + }, + "DvbDashAccessibility": { + "markdownDescription": "", + "title": "DvbDashAccessibility", + "type": "string" + }, + "LanguageCode": { + "markdownDescription": "Indicates the language of the audio output track. Used only if languageControlMode is useConfigured, or there is no ISO 639 language code specified in the input.", + "title": "LanguageCode", + "type": "string" + }, + "LanguageCodeControl": { + "markdownDescription": "Choosing followInput causes the ISO 639 language code of the output to follow the ISO 639 language code of the input. The languageCode setting is used when useConfigured is set, or when followInput is selected but there is no ISO 639 language code specified by the input.", + "title": "LanguageCodeControl", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of this AudioDescription. Outputs use this name to uniquely identify this AudioDescription. Description names should be unique within this channel.", + "title": "Name", + "type": "string" + }, + "RemixSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.RemixSettings", + "markdownDescription": "The settings that control how input audio channels are remixed into the output audio channels.", + "title": "RemixSettings" + }, + "StreamName": { + "markdownDescription": "Used for Microsoft Smooth and Apple HLS outputs. Indicates the name displayed by the player (for example, English or Director Commentary).", + "title": "StreamName", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.AssetOptions": { + "AWS::MediaLive::Channel.AudioDolbyEDecode": { "additionalProperties": false, "properties": { - "Timezone": { - "markdownDescription": "Determines the timezone for the analysis.", - "title": "Timezone", - "type": "string" - }, - "WeekStart": { - "markdownDescription": "Determines the week start day for an analysis.", - "title": "WeekStart", + "ProgramSelection": { + "markdownDescription": "", + "title": "ProgramSelection", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.AttributeAggregationFunction": { + "AWS::MediaLive::Channel.AudioHlsRenditionSelection": { "additionalProperties": false, "properties": { - "SimpleAttributeAggregation": { - "markdownDescription": "The built-in aggregation functions for attributes.\n\n- `UNIQUE_VALUE` : Returns the unique value for a field, aggregated by the dimension fields.", - "title": "SimpleAttributeAggregation", + "GroupId": { + "markdownDescription": "Specifies the GROUP-ID in the #EXT-X-MEDIA tag of the target HLS audio rendition.", + "title": "GroupId", "type": "string" }, - "ValueForMultipleValues": { - "markdownDescription": "Used by the `UNIQUE_VALUE` aggregation function. If there are multiple values for the field used by the aggregation, the value for this property will be returned instead. Defaults to '*'.", - "title": "ValueForMultipleValues", + "Name": { + "markdownDescription": "Specifies the NAME in the #EXT-X-MEDIA tag of the target HLS audio rendition.", + "title": "Name", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.AxisDataOptions": { + "AWS::MediaLive::Channel.AudioLanguageSelection": { "additionalProperties": false, "properties": { - "DateAxisOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateAxisOptions", - "markdownDescription": "The options for an axis with a date field.", - "title": "DateAxisOptions" + "LanguageCode": { + "markdownDescription": "Selects a specific three-letter language code from within an audio source.", + "title": "LanguageCode", + "type": "string" }, - "NumericAxisOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericAxisOptions", - "markdownDescription": "The options for an axis with a numeric field.", - "title": "NumericAxisOptions" + "LanguageSelectionPolicy": { + "markdownDescription": "When set to \"strict,\" the transport stream demux strictly identifies audio streams by their language descriptor. If a PMT update occurs such that an audio stream matching the initially selected language is no longer present, then mute is encoded until the language returns. If set to \"loose,\" then on a PMT update the demux chooses another audio stream in the program with the same stream type if it can't find one with the same language.", + "title": "LanguageSelectionPolicy", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.AxisDisplayMinMaxRange": { + "AWS::MediaLive::Channel.AudioNormalizationSettings": { "additionalProperties": false, "properties": { - "Maximum": { - "markdownDescription": "The maximum setup for an axis display range.", - "title": "Maximum", - "type": "number" + "Algorithm": { + "markdownDescription": "The audio normalization algorithm to use. itu17701 conforms to the CALM Act specification. itu17702 conforms to the EBU R-128 specification.", + "title": "Algorithm", + "type": "string" }, - "Minimum": { - "markdownDescription": "The minimum setup for an axis display range.", - "title": "Minimum", + "AlgorithmControl": { + "markdownDescription": "When set to correctAudio, the output audio is corrected using the chosen algorithm. If set to measureOnly, the audio is measured but not adjusted.", + "title": "AlgorithmControl", + "type": "string" + }, + "TargetLkfs": { + "markdownDescription": "The Target LKFS(loudness) to adjust volume to. If no value is entered, a default value is used according to the chosen algorithm. The CALM Act (1770-1) recommends a target of -24 LKFS. The EBU R-128 specification (1770-2) recommends a target of -23 LKFS.", + "title": "TargetLkfs", "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.AxisDisplayOptions": { + "AWS::MediaLive::Channel.AudioOnlyHlsSettings": { "additionalProperties": false, "properties": { - "AxisLineVisibility": { - "markdownDescription": "Determines whether or not the axis line is visible.", - "title": "AxisLineVisibility", - "type": "string" - }, - "AxisOffset": { - "markdownDescription": "The offset value that determines the starting placement of the axis within a visual's bounds.", - "title": "AxisOffset", + "AudioGroupId": { + "markdownDescription": "Specifies the group that the audio rendition belongs to.", + "title": "AudioGroupId", "type": "string" }, - "DataOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDataOptions", - "markdownDescription": "The data options for an axis.", - "title": "DataOptions" + "AudioOnlyImage": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", + "markdownDescription": "Used with an audio-only stream. It must be a .jpg or .png file. If given, this image is used as the cover art for the audio-only output. Ideally, it should be formatted for an iPhone screen for two reasons. The iPhone does not resize the image; instead, it crops a centered image on the top/bottom and left/right. Additionally, this image file gets saved bit-for-bit into every 10-second segment file, so it increases bandwidth by {image file size} * {segment count} * {user count.}.", + "title": "AudioOnlyImage" }, - "GridLineVisibility": { - "markdownDescription": "Determines whether or not the grid line is visible.", - "title": "GridLineVisibility", + "AudioTrackType": { + "markdownDescription": "Four types of audio-only tracks are supported: Audio-Only Variant Stream The client can play back this audio-only stream instead of video in low-bandwidth scenarios. Represented as an EXT-X-STREAM-INF in the HLS manifest. Alternate Audio, Auto Select, Default Alternate rendition that the client should try to play back by default. Represented as an EXT-X-MEDIA in the HLS manifest with DEFAULT=YES, AUTOSELECT=YES Alternate Audio, Auto Select, Not Default Alternate rendition that the client might try to play back by default. Represented as an EXT-X-MEDIA in the HLS manifest with DEFAULT=NO, AUTOSELECT=YES Alternate Audio, not Auto Select Alternate rendition that the client will not try to play back by default. Represented as an EXT-X-MEDIA in the HLS manifest with DEFAULT=NO, AUTOSELECT=NO.", + "title": "AudioTrackType", "type": "string" }, - "ScrollbarOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ScrollBarOptions", - "markdownDescription": "The scroll bar options for an axis.", - "title": "ScrollbarOptions" - }, - "TickLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisTickLabelOptions", - "markdownDescription": "The tick label options of an axis.", - "title": "TickLabelOptions" + "SegmentType": { + "markdownDescription": "Specifies the segment type.", + "title": "SegmentType", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.AxisDisplayRange": { + "AWS::MediaLive::Channel.AudioPidSelection": { "additionalProperties": false, "properties": { - "DataDriven": { - "markdownDescription": "The data-driven setup of an axis display range.", - "title": "DataDriven", - "type": "object" - }, - "MinMax": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayMinMaxRange", - "markdownDescription": "The minimum and maximum setup of an axis display range.", - "title": "MinMax" + "Pid": { + "markdownDescription": "Select the audio by this PID.", + "title": "Pid", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.AxisLabelOptions": { + "AWS::MediaLive::Channel.AudioSelector": { "additionalProperties": false, "properties": { - "ApplyTo": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisLabelReferenceOptions", - "markdownDescription": "The options that indicate which field the label belongs to.", - "title": "ApplyTo" - }, - "CustomLabel": { - "markdownDescription": "The text for the axis label.", - "title": "CustomLabel", + "Name": { + "markdownDescription": "A name for this AudioSelector.", + "title": "Name", "type": "string" }, - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", - "markdownDescription": "The font configuration of the axis label.", - "title": "FontConfiguration" + "SelectorSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioSelectorSettings", + "markdownDescription": "Information about the specific audio to extract from the input.", + "title": "SelectorSettings" } }, "type": "object" }, - "AWS::QuickSight::Analysis.AxisLabelReferenceOptions": { + "AWS::MediaLive::Channel.AudioSelectorSettings": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that the axis label is targeted to.", - "title": "Column" + "AudioHlsRenditionSelection": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioHlsRenditionSelection", + "markdownDescription": "Selector for HLS audio rendition.", + "title": "AudioHlsRenditionSelection" }, - "FieldId": { - "markdownDescription": "The field that the axis label is targeted to.", - "title": "FieldId", - "type": "string" + "AudioLanguageSelection": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioLanguageSelection", + "markdownDescription": "The language code of the audio to select.", + "title": "AudioLanguageSelection" + }, + "AudioPidSelection": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioPidSelection", + "markdownDescription": "The PID of the audio to select.", + "title": "AudioPidSelection" + }, + "AudioTrackSelection": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioTrackSelection", + "markdownDescription": "Information about the audio track to extract.", + "title": "AudioTrackSelection" } }, - "required": [ - "Column", - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.AxisLinearScale": { + "AWS::MediaLive::Channel.AudioSilenceFailoverSettings": { "additionalProperties": false, "properties": { - "StepCount": { - "markdownDescription": "The step count setup of a linear axis.", - "title": "StepCount", - "type": "number" + "AudioSelectorName": { + "markdownDescription": "The name of the audio selector in the input that MediaLive should monitor to detect silence. Select your most important rendition. If you didn't create an audio selector in this input, leave blank.", + "title": "AudioSelectorName", + "type": "string" }, - "StepSize": { - "markdownDescription": "The step size setup of a linear axis.", - "title": "StepSize", + "AudioSilenceThresholdMsec": { + "markdownDescription": "The amount of time (in milliseconds) that the active input must be silent before automatic input failover occurs. Silence is defined as audio loss or audio quieter than -50 dBFS.", + "title": "AudioSilenceThresholdMsec", "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.AxisLogarithmicScale": { + "AWS::MediaLive::Channel.AudioTrack": { "additionalProperties": false, "properties": { - "Base": { - "markdownDescription": "The base setup of a logarithmic axis scale.", - "title": "Base", + "Track": { + "markdownDescription": "1-based integer value that maps to a specific audio track", + "title": "Track", "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.AxisScale": { + "AWS::MediaLive::Channel.AudioTrackSelection": { "additionalProperties": false, "properties": { - "Linear": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisLinearScale", - "markdownDescription": "The linear axis scale setup.", - "title": "Linear" + "DolbyEDecode": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioDolbyEDecode", + "markdownDescription": "", + "title": "DolbyEDecode" }, - "Logarithmic": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisLogarithmicScale", - "markdownDescription": "The logarithmic axis scale setup.", - "title": "Logarithmic" + "Tracks": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioTrack" + }, + "markdownDescription": "Selects one or more unique audio tracks from within a source.", + "title": "Tracks", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.AxisTickLabelOptions": { + "AWS::MediaLive::Channel.AudioWatermarkSettings": { "additionalProperties": false, "properties": { - "LabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", - "markdownDescription": "Determines whether or not the axis ticks are visible.", - "title": "LabelOptions" - }, - "RotationAngle": { - "markdownDescription": "The rotation angle of the axis tick labels.", - "title": "RotationAngle", - "type": "number" + "NielsenWatermarksSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.NielsenWatermarksSettings", + "markdownDescription": "Settings to configure Nielsen Watermarks in the audio encode", + "title": "NielsenWatermarksSettings" } }, "type": "object" }, - "AWS::QuickSight::Analysis.BarChartAggregatedFieldWells": { + "AWS::MediaLive::Channel.AutomaticInputFailoverSettings": { "additionalProperties": false, "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The category (y-axis) field well of a bar chart.", - "title": "Category", - "type": "array" + "ErrorClearTimeMsec": { + "markdownDescription": "This clear time defines the requirement a recovered input must meet to be considered healthy. The input must have no failover conditions for this length of time. Enter a time in milliseconds. This value is particularly important if the input_preference for the failover pair is set to PRIMARY_INPUT_PREFERRED, because after this time, MediaLive will switch back to the primary input.", + "title": "ErrorClearTimeMsec", + "type": "number" }, - "Colors": { + "FailoverConditions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + "$ref": "#/definitions/AWS::MediaLive::Channel.FailoverCondition" }, - "markdownDescription": "The color (group/color) field well of a bar chart.", - "title": "Colors", + "markdownDescription": "A list of failover conditions. If any of these conditions occur, MediaLive will perform a failover to the other input.", + "title": "FailoverConditions", "type": "array" }, - "SmallMultiples": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The small multiples field well of a bar chart.", - "title": "SmallMultiples", - "type": "array" + "InputPreference": { + "markdownDescription": "Input preference when deciding which input to make active when a previously failed input has recovered.", + "title": "InputPreference", + "type": "string" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The value field wells of a bar chart. Values are aggregated by category.", - "title": "Values", - "type": "array" + "SecondaryInputId": { + "markdownDescription": "The input ID of the secondary input in the automatic input failover pair.", + "title": "SecondaryInputId", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.BarChartConfiguration": { + "AWS::MediaLive::Channel.Av1ColorSpaceSettings": { "additionalProperties": false, "properties": { - "BarsArrangement": { - "markdownDescription": "Determines the arrangement of the bars. The orientation and arrangement of bars determine the type of bar that is used in the visual.", - "title": "BarsArrangement", - "type": "string" - }, - "CategoryAxis": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) for bar chart category.", - "title": "CategoryAxis" + "ColorSpacePassthroughSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.ColorSpacePassthroughSettings", + "markdownDescription": "", + "title": "ColorSpacePassthroughSettings" }, - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a bar chart.", - "title": "CategoryLabelOptions" + "Hdr10Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Hdr10Settings", + "markdownDescription": "", + "title": "Hdr10Settings" }, - "ColorLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a color that is used in a bar chart.", - "title": "ColorLabelOptions" + "Rec601Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Rec601Settings", + "markdownDescription": "", + "title": "Rec601Settings" }, - "ContributionAnalysisDefaults": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ContributionAnalysisDefault" - }, - "markdownDescription": "The contribution analysis (anomaly configuration) setup of the visual.", - "title": "ContributionAnalysisDefaults", - "type": "array" + "Rec709Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Rec709Settings", + "markdownDescription": "", + "title": "Rec709Settings" + } + }, + "type": "object" + }, + "AWS::MediaLive::Channel.Av1Settings": { + "additionalProperties": false, + "properties": { + "AfdSignaling": { + "markdownDescription": "", + "title": "AfdSignaling", + "type": "string" }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.", - "title": "DataLabels" + "Bitrate": { + "markdownDescription": "", + "title": "Bitrate", + "type": "number" }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BarChartFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" + "BufSize": { + "markdownDescription": "", + "title": "BufSize", + "type": "number" }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" + "ColorSpaceSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Av1ColorSpaceSettings", + "markdownDescription": "", + "title": "ColorSpaceSettings" }, - "Orientation": { - "markdownDescription": "The orientation of the bars in a bar chart visual. There are two valid values in this structure:\n\n- `HORIZONTAL` : Used for charts that have horizontal bars. Visuals that use this value are horizontal bar charts, horizontal stacked bar charts, and horizontal stacked 100% bar charts.\n- `VERTICAL` : Used for charts that have vertical bars. Visuals that use this value are vertical bar charts, vertical stacked bar charts, and vertical stacked 100% bar charts.", - "title": "Orientation", + "FixedAfd": { + "markdownDescription": "", + "title": "FixedAfd", "type": "string" }, - "ReferenceLines": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLine" - }, - "markdownDescription": "The reference line setup of the visual.", - "title": "ReferenceLines", - "type": "array" + "FramerateDenominator": { + "markdownDescription": "", + "title": "FramerateDenominator", + "type": "number" }, - "SmallMultiplesOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SmallMultiplesOptions", - "markdownDescription": "The small multiples setup for the visual.", - "title": "SmallMultiplesOptions" + "FramerateNumerator": { + "markdownDescription": "", + "title": "FramerateNumerator", + "type": "number" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BarChartSortConfiguration", - "markdownDescription": "The sort configuration of a `BarChartVisual` .", - "title": "SortConfiguration" + "GopSize": { + "markdownDescription": "", + "title": "GopSize", + "type": "number" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" + "GopSizeUnits": { + "markdownDescription": "", + "title": "GopSizeUnits", + "type": "string" }, - "ValueAxis": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) for a bar chart value.", - "title": "ValueAxis" + "Level": { + "markdownDescription": "", + "title": "Level", + "type": "string" }, - "ValueLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a bar chart value.", - "title": "ValueLabelOptions" + "LookAheadRateControl": { + "markdownDescription": "", + "title": "LookAheadRateControl", + "type": "string" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.BarChartFieldWells": { - "additionalProperties": false, - "properties": { - "BarChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BarChartAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a bar chart.", - "title": "BarChartAggregatedFieldWells" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.BarChartSortConfiguration": { - "additionalProperties": false, - "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of categories displayed in a bar chart.", - "title": "CategoryItemsLimit" + "MaxBitrate": { + "markdownDescription": "", + "title": "MaxBitrate", + "type": "number" }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of category fields.", - "title": "CategorySort", - "type": "array" + "MinIInterval": { + "markdownDescription": "", + "title": "MinIInterval", + "type": "number" }, - "ColorItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of values displayed in a bar chart.", - "title": "ColorItemsLimit" + "ParDenominator": { + "markdownDescription": "", + "title": "ParDenominator", + "type": "number" }, - "ColorSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of color fields in a bar chart.", - "title": "ColorSort", - "type": "array" + "ParNumerator": { + "markdownDescription": "", + "title": "ParNumerator", + "type": "number" }, - "SmallMultiplesLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of small multiples panels that are displayed.", - "title": "SmallMultiplesLimitConfiguration" + "QvbrQualityLevel": { + "markdownDescription": "", + "title": "QvbrQualityLevel", + "type": "number" }, - "SmallMultiplesSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the small multiples field.", - "title": "SmallMultiplesSort", - "type": "array" + "RateControlMode": { + "markdownDescription": "", + "title": "RateControlMode", + "type": "string" + }, + "SceneChangeDetect": { + "markdownDescription": "", + "title": "SceneChangeDetect", + "type": "string" + }, + "TimecodeBurninSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.TimecodeBurninSettings", + "markdownDescription": "", + "title": "TimecodeBurninSettings" } }, "type": "object" }, - "AWS::QuickSight::Analysis.BarChartVisual": { + "AWS::MediaLive::Channel.AvailBlanking": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BarChartConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" - }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "AvailBlankingImage": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", + "markdownDescription": "The blanking image to be used. Keep empty for solid black. Only .bmp and .png images are supported.", + "title": "AvailBlankingImage" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "State": { + "markdownDescription": "When set to enabled, the video, audio, and captions are blanked when insertion metadata is added.", + "title": "State", "type": "string" } }, - "required": [ - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.BinCountOptions": { + "AWS::MediaLive::Channel.AvailConfiguration": { "additionalProperties": false, "properties": { - "Value": { - "markdownDescription": "The options that determine the bin count value.", - "title": "Value", - "type": "number" + "AvailSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AvailSettings", + "markdownDescription": "The setup of ad avail handling in the output.", + "title": "AvailSettings" + }, + "Scte35SegmentationScope": { + "markdownDescription": "", + "title": "Scte35SegmentationScope", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.BinWidthOptions": { + "AWS::MediaLive::Channel.AvailSettings": { "additionalProperties": false, "properties": { - "BinCountLimit": { - "markdownDescription": "The options that determine the bin count limit.", - "title": "BinCountLimit", - "type": "number" + "Esam": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Esam", + "markdownDescription": "", + "title": "Esam" }, - "Value": { - "markdownDescription": "The options that determine the bin width value.", - "title": "Value", - "type": "number" + "Scte35SpliceInsert": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Scte35SpliceInsert", + "markdownDescription": "The setup for SCTE-35 splice insert handling.", + "title": "Scte35SpliceInsert" + }, + "Scte35TimeSignalApos": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Scte35TimeSignalApos", + "markdownDescription": "The setup for SCTE-35 time signal APOS handling.", + "title": "Scte35TimeSignalApos" } }, "type": "object" }, - "AWS::QuickSight::Analysis.BodySectionConfiguration": { + "AWS::MediaLive::Channel.BandwidthReductionFilterSettings": { "additionalProperties": false, "properties": { - "Content": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BodySectionContent", - "markdownDescription": "The configuration of content in a body section.", - "title": "Content" - }, - "PageBreakConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionPageBreakConfiguration", - "markdownDescription": "The configuration of a page break for a section.", - "title": "PageBreakConfiguration" - }, - "SectionId": { - "markdownDescription": "The unique identifier of a body section.", - "title": "SectionId", + "PostFilterSharpening": { + "markdownDescription": "", + "title": "PostFilterSharpening", "type": "string" }, - "Style": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionStyle", - "markdownDescription": "The style options of a body section.", - "title": "Style" + "Strength": { + "markdownDescription": "", + "title": "Strength", + "type": "string" } }, - "required": [ - "Content", - "SectionId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.BodySectionContent": { + "AWS::MediaLive::Channel.BlackoutSlate": { "additionalProperties": false, "properties": { - "Layout": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionLayoutConfiguration", - "markdownDescription": "The layout configuration of a body section.", - "title": "Layout" + "BlackoutSlateImage": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", + "markdownDescription": "The blackout slate image to be used. Keep empty for solid black. Only .bmp and .png images are supported.", + "title": "BlackoutSlateImage" + }, + "NetworkEndBlackout": { + "markdownDescription": "Setting to enabled causes MediaLive to blackout the video, audio, and captions, and raise the \"Network Blackout Image\" slate when an SCTE104/35 Network End Segmentation Descriptor is encountered. The blackout is lifted when the Network Start Segmentation Descriptor is encountered. The Network End and Network Start descriptors must contain a network ID that matches the value entered in Network ID.", + "title": "NetworkEndBlackout", + "type": "string" + }, + "NetworkEndBlackoutImage": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", + "markdownDescription": "The path to the local file to use as the Network End Blackout image. The image is scaled to fill the entire output raster.", + "title": "NetworkEndBlackoutImage" + }, + "NetworkId": { + "markdownDescription": "Provides a Network ID that matches EIDR ID format (for example, \"10.XXXX/XXXX-XXXX-XXXX-XXXX-XXXX-C\").", + "title": "NetworkId", + "type": "string" + }, + "State": { + "markdownDescription": "When set to enabled, this causes video, audio, and captions to be blanked when indicated by program metadata.", + "title": "State", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.BoxPlotAggregatedFieldWells": { + "AWS::MediaLive::Channel.BurnInDestinationSettings": { "additionalProperties": false, "properties": { - "GroupBy": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The group by field well of a box plot chart. Values are grouped based on group by fields.", - "title": "GroupBy", - "type": "array" + "Alignment": { + "markdownDescription": "If no explicit xPosition or yPosition is provided, setting alignment to centered places the captions at the bottom center of the output. Similarly, setting a left alignment aligns captions to the bottom left of the output. If x and y positions are specified in conjunction with the alignment parameter, the font is justified (either left or centered) relative to those coordinates. Selecting \"smart\" justification left-justifies live subtitles and center-justifies pre-recorded subtitles. All burn-in and DVB-Sub font settings must match.", + "title": "Alignment", + "type": "string" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The value field well of a box plot chart. Values are aggregated based on group by fields.", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.BoxPlotChartConfiguration": { - "additionalProperties": false, - "properties": { - "BoxPlotOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotOptions", - "markdownDescription": "The box plot chart options for a box plot visual", - "title": "BoxPlotOptions" - }, - "CategoryAxis": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) of a box plot category.", - "title": "CategoryAxis" + "BackgroundColor": { + "markdownDescription": "Specifies the color of the rectangle behind the captions. All burn-in and DVB-Sub font settings must match.", + "title": "BackgroundColor", + "type": "string" }, - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort Icon visibility) of a box plot category.", - "title": "CategoryLabelOptions" + "BackgroundOpacity": { + "markdownDescription": "Specifies the opacity of the background rectangle. 255 is opaque; 0 is transparent. Keeping this parameter blank is equivalent to setting it to 0 (transparent). All burn-in and DVB-Sub font settings must match.", + "title": "BackgroundOpacity", + "type": "number" }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" + "Font": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", + "markdownDescription": "The external font file that is used for captions burn-in. The file extension must be .ttf or .tte. Although you can select output fonts for many different types of input captions, embedded, STL, and Teletext sources use a strict grid system. Using external fonts with these captions sources could cause an unexpected display of proportional fonts. All burn-in and DVB-Sub font settings must match.", + "title": "Font" }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", - "markdownDescription": "", - "title": "Legend" + "FontColor": { + "markdownDescription": "Specifies the color of the burned-in captions. This option is not valid for source captions that are STL, 608/embedded, or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", + "title": "FontColor", + "type": "string" }, - "PrimaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) of a box plot category.", - "title": "PrimaryYAxisDisplayOptions" + "FontOpacity": { + "markdownDescription": "Specifies the opacity of the burned-in captions. 255 is opaque; 0 is transparent. All burn-in and DVB-Sub font settings must match.", + "title": "FontOpacity", + "type": "number" }, - "PrimaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort icon visibility) of a box plot value.", - "title": "PrimaryYAxisLabelOptions" + "FontResolution": { + "markdownDescription": "The font resolution in DPI (dots per inch). The default is 96 dpi. All burn-in and DVB-Sub font settings must match.", + "title": "FontResolution", + "type": "number" }, - "ReferenceLines": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLine" - }, - "markdownDescription": "The reference line setup of the visual.", - "title": "ReferenceLines", - "type": "array" + "FontSize": { + "markdownDescription": "When set to auto, fontSize scales depending on the size of the output. Providing a positive integer specifies the exact font size in points. All burn-in and DVB-Sub font settings must match.", + "title": "FontSize", + "type": "string" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotSortConfiguration", - "markdownDescription": "The sort configuration of a `BoxPlotVisual` .", - "title": "SortConfiguration" + "OutlineColor": { + "markdownDescription": "Specifies the font outline color. This option is not valid for source captions that are either 608/embedded or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", + "title": "OutlineColor", + "type": "string" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" + "OutlineSize": { + "markdownDescription": "Specifies font outline size in pixels. This option is not valid for source captions that are either 608/embedded or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", + "title": "OutlineSize", + "type": "number" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.BoxPlotFieldWells": { - "additionalProperties": false, - "properties": { - "BoxPlotAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a box plot.", - "title": "BoxPlotAggregatedFieldWells" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.BoxPlotOptions": { - "additionalProperties": false, - "properties": { - "AllDataPointsVisibility": { - "markdownDescription": "Determines the visibility of all data points of the box plot.", - "title": "AllDataPointsVisibility", + "ShadowColor": { + "markdownDescription": "Specifies the color of the shadow cast by the captions. All burn-in and DVB-Sub font settings must match.", + "title": "ShadowColor", "type": "string" }, - "OutlierVisibility": { - "markdownDescription": "Determines the visibility of the outlier in a box plot.", - "title": "OutlierVisibility", + "ShadowOpacity": { + "markdownDescription": "Specifies the opacity of the shadow. 255 is opaque; 0 is transparent. Keeping this parameter blank is equivalent to setting it to 0 (transparent). All burn-in and DVB-Sub font settings must match.", + "title": "ShadowOpacity", + "type": "number" + }, + "ShadowXOffset": { + "markdownDescription": "Specifies the horizontal offset of the shadow that is relative to the captions in pixels. A value of -2 would result in a shadow offset 2 pixels to the left. All burn-in and DVB-Sub font settings must match.", + "title": "ShadowXOffset", + "type": "number" + }, + "ShadowYOffset": { + "markdownDescription": "Specifies the vertical offset of the shadow that is relative to the captions in pixels. A value of -2 would result in a shadow offset 2 pixels above the text. All burn-in and DVB-Sub font settings must match.", + "title": "ShadowYOffset", + "type": "number" + }, + "TeletextGridControl": { + "markdownDescription": "Controls whether a fixed grid size is used to generate the output subtitles bitmap. This applies only to Teletext inputs and DVB-Sub/Burn-in outputs.", + "title": "TeletextGridControl", "type": "string" }, - "StyleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotStyleOptions", - "markdownDescription": "The style options of the box plot.", - "title": "StyleOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.BoxPlotSortConfiguration": { - "additionalProperties": false, - "properties": { - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of a group by fields.", - "title": "CategorySort", - "type": "array" + "XPosition": { + "markdownDescription": "Specifies the horizontal position of the captions relative to the left side of the output in pixels. A value of 10 would result in the captions starting 10 pixels from the left of the output. If no explicit xPosition is provided, the horizontal captions position is determined by the alignment parameter. All burn-in and DVB-Sub font settings must match.", + "title": "XPosition", + "type": "number" }, - "PaginationConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PaginationConfiguration", - "markdownDescription": "The pagination configuration of a table visual or box plot.", - "title": "PaginationConfiguration" + "YPosition": { + "markdownDescription": "Specifies the vertical position of the captions relative to the top of the output in pixels. A value of 10 would result in the captions starting 10 pixels from the top of the output. If no explicit yPosition is provided, the captions are positioned towards the bottom of the output. All burn-in and DVB-Sub font settings must match.", + "title": "YPosition", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.BoxPlotStyleOptions": { + "AWS::MediaLive::Channel.CaptionDescription": { "additionalProperties": false, "properties": { - "FillStyle": { - "markdownDescription": "The fill styles (solid, transparent) of the box plot.", - "title": "FillStyle", + "Accessibility": { + "markdownDescription": "", + "title": "Accessibility", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.BoxPlotVisual": { - "additionalProperties": false, - "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotChartConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" }, - "ColumnHierarchies": { + "CaptionDashRoles": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" + "type": "string" }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", + "markdownDescription": "", + "title": "CaptionDashRoles", "type": "array" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "CaptionSelectorName": { + "markdownDescription": "Specifies which input captions selector to use as a captions source when generating output captions. This field should match a captionSelector name.", + "title": "CaptionSelectorName", + "type": "string" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "DestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionDestinationSettings", + "markdownDescription": "Additional settings for a captions destination that depend on the destination type.", + "title": "DestinationSettings" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "DvbDashAccessibility": { + "markdownDescription": "", + "title": "DvbDashAccessibility", "type": "string" - } - }, - "required": [ - "VisualId" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.CalculatedField": { - "additionalProperties": false, - "properties": { - "DataSetIdentifier": { - "markdownDescription": "The data set that is used in this calculated field.", - "title": "DataSetIdentifier", + }, + "LanguageCode": { + "markdownDescription": "An ISO 639-2 three-digit code. For more information, see http://www.loc.gov/standards/iso639-2/.", + "title": "LanguageCode", "type": "string" }, - "Expression": { - "markdownDescription": "The expression of the calculated field.", - "title": "Expression", + "LanguageDescription": { + "markdownDescription": "Human-readable information to indicate the captions that are available for players (for example, English or Spanish).", + "title": "LanguageDescription", "type": "string" }, "Name": { - "markdownDescription": "The name of the calculated field.", + "markdownDescription": "The name of the captions description. The name is used to associate a captions description with an output. Names must be unique within a channel.", "title": "Name", "type": "string" } }, - "required": [ - "DataSetIdentifier", - "Expression", - "Name" - ], "type": "object" }, - "AWS::QuickSight::Analysis.CalculatedMeasureField": { + "AWS::MediaLive::Channel.CaptionDestinationSettings": { "additionalProperties": false, "properties": { - "Expression": { - "markdownDescription": "The expression in the table calculation.", - "title": "Expression", - "type": "string" + "AribDestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AribDestinationSettings", + "markdownDescription": "The configuration of one ARIB captions encode in the output.", + "title": "AribDestinationSettings" }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", - "type": "string" + "BurnInDestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.BurnInDestinationSettings", + "markdownDescription": "The configuration of one burn-in captions encode in the output.", + "title": "BurnInDestinationSettings" + }, + "DvbSubDestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.DvbSubDestinationSettings", + "markdownDescription": "The configuration of one DVB Sub captions encode in the output.", + "title": "DvbSubDestinationSettings" + }, + "EbuTtDDestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.EbuTtDDestinationSettings", + "markdownDescription": "Settings for EBU-TT captions in the output.", + "title": "EbuTtDDestinationSettings" + }, + "EmbeddedDestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.EmbeddedDestinationSettings", + "markdownDescription": "The configuration of one embedded captions encode in the output.", + "title": "EmbeddedDestinationSettings" + }, + "EmbeddedPlusScte20DestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.EmbeddedPlusScte20DestinationSettings", + "markdownDescription": "The configuration of one embedded plus SCTE-20 captions encode in the output.", + "title": "EmbeddedPlusScte20DestinationSettings" + }, + "RtmpCaptionInfoDestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.RtmpCaptionInfoDestinationSettings", + "markdownDescription": "The configuration of one RTMPCaptionInfo captions encode in the output.", + "title": "RtmpCaptionInfoDestinationSettings" + }, + "Scte20PlusEmbeddedDestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Scte20PlusEmbeddedDestinationSettings", + "markdownDescription": "The configuration of one SCTE20 plus embedded captions encode in the output.", + "title": "Scte20PlusEmbeddedDestinationSettings" + }, + "Scte27DestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Scte27DestinationSettings", + "markdownDescription": "The configuration of one SCTE-27 captions encode in the output.", + "title": "Scte27DestinationSettings" + }, + "SmpteTtDestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.SmpteTtDestinationSettings", + "markdownDescription": "The configuration of one SMPTE-TT captions encode in the output.", + "title": "SmpteTtDestinationSettings" + }, + "TeletextDestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.TeletextDestinationSettings", + "markdownDescription": "The configuration of one Teletext captions encode in the output.", + "title": "TeletextDestinationSettings" + }, + "TtmlDestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.TtmlDestinationSettings", + "markdownDescription": "The configuration of one TTML captions encode in the output.", + "title": "TtmlDestinationSettings" + }, + "WebvttDestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.WebvttDestinationSettings", + "markdownDescription": "The configuration of one WebVTT captions encode in the output.", + "title": "WebvttDestinationSettings" } }, - "required": [ - "Expression", - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.CascadingControlConfiguration": { + "AWS::MediaLive::Channel.CaptionLanguageMapping": { "additionalProperties": false, "properties": { - "SourceControls": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CascadingControlSource" - }, - "markdownDescription": "A list of source controls that determine the values that are used in the current control.", - "title": "SourceControls", - "type": "array" + "CaptionChannel": { + "markdownDescription": "The closed caption channel being described by this CaptionLanguageMapping. Each channel mapping must have a unique channel number (maximum of 4).", + "title": "CaptionChannel", + "type": "number" + }, + "LanguageCode": { + "markdownDescription": "A three-character ISO 639-2 language code (see http://www.loc.gov/standards/iso639-2).", + "title": "LanguageCode", + "type": "string" + }, + "LanguageDescription": { + "markdownDescription": "The textual description of language.", + "title": "LanguageDescription", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.CascadingControlSource": { + "AWS::MediaLive::Channel.CaptionRectangle": { "additionalProperties": false, "properties": { - "ColumnToMatch": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column identifier that determines which column to look up for the source sheet control.", - "title": "ColumnToMatch" + "Height": { + "markdownDescription": "See the description in leftOffset.\n\nFor height, specify the entire height of the rectangle as a percentage of the underlying frame height. For example, \\\"80\\\" means the rectangle height is 80% of the underlying frame height. The topOffset and rectangleHeight must add up to 100% or less. This field corresponds to tts:extent - Y in the TTML standard.", + "title": "Height", + "type": "number" }, - "SourceSheetControlId": { - "markdownDescription": "The source sheet control ID of a `CascadingControlSource` .", - "title": "SourceSheetControlId", - "type": "string" + "LeftOffset": { + "markdownDescription": "Applies only if you plan to convert these source captions to EBU-TT-D or TTML in an output. (Make sure to leave the default if you don't have either of these formats in the output.) You can define a display rectangle for the captions that is smaller than the underlying video frame. You define the rectangle by specifying the position of the left edge, top edge, bottom edge, and right edge of the rectangle, all within the underlying video frame. The units for the measurements are percentages. If you specify a value for one of these fields, you must specify a value for all of them.\n\nFor leftOffset, specify the position of the left edge of the rectangle, as a percentage of the underlying frame width, and relative to the left edge of the frame. For example, \\\"10\\\" means the measurement is 10% of the underlying frame width. The rectangle left edge starts at that position from the left edge of the frame. This field corresponds to tts:origin - X in the TTML standard.", + "title": "LeftOffset", + "type": "number" + }, + "TopOffset": { + "markdownDescription": "See the description in leftOffset.\n\nFor topOffset, specify the position of the top edge of the rectangle, as a percentage of the underlying frame height, and relative to the top edge of the frame. For example, \\\"10\\\" means the measurement is 10% of the underlying frame height. The rectangle top edge starts at that position from the top edge of the frame. This field corresponds to tts:origin - Y in the TTML standard.", + "title": "TopOffset", + "type": "number" + }, + "Width": { + "markdownDescription": "See the description in leftOffset.\n\nFor width, specify the entire width of the rectangle as a percentage of the underlying frame width. For example, \\\"80\\\" means the rectangle width is 80% of the underlying frame width. The leftOffset and rectangleWidth must add up to 100% or less. This field corresponds to tts:extent - X in the TTML standard.", + "title": "Width", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.CategoricalDimensionField": { + "AWS::MediaLive::Channel.CaptionSelector": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that is used in the `CategoricalDimensionField` .", - "title": "Column" - }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "LanguageCode": { + "markdownDescription": "When specified, this field indicates the three-letter language code of the captions track to extract from the source.", + "title": "LanguageCode", "type": "string" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.StringFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" - }, - "HierarchyId": { - "markdownDescription": "The custom hierarchy ID.", - "title": "HierarchyId", + "Name": { + "markdownDescription": "The name identifier for a captions selector. This name is used to associate this captions selector with one or more captions descriptions. Names must be unique within a channel.", + "title": "Name", "type": "string" + }, + "SelectorSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionSelectorSettings", + "markdownDescription": "Information about the specific audio to extract from the input.", + "title": "SelectorSettings" } }, - "required": [ - "Column", - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.CategoricalMeasureField": { + "AWS::MediaLive::Channel.CaptionSelectorSettings": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "markdownDescription": "The aggregation function of the measure field.", - "title": "AggregationFunction", - "type": "string" + "AncillarySourceSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AncillarySourceSettings", + "markdownDescription": "Information about the ancillary captions to extract from the input.", + "title": "AncillarySourceSettings" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that is used in the `CategoricalMeasureField` .", - "title": "Column" + "AribSourceSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AribSourceSettings", + "markdownDescription": "Information about the ARIB captions to extract from the input.", + "title": "AribSourceSettings" }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", - "type": "string" + "DvbSubSourceSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.DvbSubSourceSettings", + "markdownDescription": "Information about the DVB Sub captions to extract from the input.", + "title": "DvbSubSourceSettings" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.StringFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" + "EmbeddedSourceSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.EmbeddedSourceSettings", + "markdownDescription": "Information about the embedded captions to extract from the input.", + "title": "EmbeddedSourceSettings" + }, + "Scte20SourceSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Scte20SourceSettings", + "markdownDescription": "Information about the SCTE-20 captions to extract from the input.", + "title": "Scte20SourceSettings" + }, + "Scte27SourceSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Scte27SourceSettings", + "markdownDescription": "Information about the SCTE-27 captions to extract from the input.", + "title": "Scte27SourceSettings" + }, + "TeletextSourceSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.TeletextSourceSettings", + "markdownDescription": "Information about the Teletext captions to extract from the input.", + "title": "TeletextSourceSettings" } }, - "required": [ - "Column", - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.CategoryDrillDownFilter": { + "AWS::MediaLive::Channel.CdiInputSpecification": { "additionalProperties": false, "properties": { - "CategoryValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the string inputs that are the values of the category drill down filter.", - "title": "CategoryValues", - "type": "array" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" + "Resolution": { + "markdownDescription": "Maximum CDI input resolution", + "title": "Resolution", + "type": "string" } }, - "required": [ - "CategoryValues", - "Column" - ], "type": "object" }, - "AWS::QuickSight::Analysis.CategoryFilter": { + "AWS::MediaLive::Channel.ChannelEngineVersionRequest": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "Configuration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CategoryFilterConfiguration", - "markdownDescription": "The configuration for a `CategoryFilter` .", - "title": "Configuration" - }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" - }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", + "Version": { + "markdownDescription": "", + "title": "Version", "type": "string" } }, - "required": [ - "Column", - "Configuration", - "FilterId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.CategoryFilterConfiguration": { + "AWS::MediaLive::Channel.CmafIngestCaptionLanguageMapping": { "additionalProperties": false, "properties": { - "CustomFilterConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomFilterConfiguration", - "markdownDescription": "A custom filter that filters based on a single value. This filter can be partially matched.", - "title": "CustomFilterConfiguration" - }, - "CustomFilterListConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomFilterListConfiguration", - "markdownDescription": "A list of custom filter values. In the Amazon QuickSight console, this filter type is called a custom filter list.", - "title": "CustomFilterListConfiguration" + "CaptionChannel": { + "markdownDescription": "", + "title": "CaptionChannel", + "type": "number" }, - "FilterListConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterListConfiguration", - "markdownDescription": "A list of filter configurations. In the Amazon QuickSight console, this filter type is called a filter list.", - "title": "FilterListConfiguration" + "LanguageCode": { + "markdownDescription": "", + "title": "LanguageCode", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ChartAxisLabelOptions": { + "AWS::MediaLive::Channel.CmafIngestGroupSettings": { "additionalProperties": false, "properties": { - "AxisLabelOptions": { + "CaptionLanguageMappings": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisLabelOptions" + "$ref": "#/definitions/AWS::MediaLive::Channel.CmafIngestCaptionLanguageMapping" }, - "markdownDescription": "The label options for a chart axis.", - "title": "AxisLabelOptions", + "markdownDescription": "", + "title": "CaptionLanguageMappings", "type": "array" }, - "SortIconVisibility": { - "markdownDescription": "The visibility configuration of the sort icon on a chart's axis label.", - "title": "SortIconVisibility", + "Destination": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", + "markdownDescription": "", + "title": "Destination" + }, + "Id3Behavior": { + "markdownDescription": "", + "title": "Id3Behavior", "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of an axis label on a chart. Choose one of the following options:\n\n- `VISIBLE` : Shows the axis.\n- `HIDDEN` : Hides the axis.", - "title": "Visibility", + "Id3NameModifier": { + "markdownDescription": "", + "title": "Id3NameModifier", + "type": "string" + }, + "KlvBehavior": { + "markdownDescription": "", + "title": "KlvBehavior", + "type": "string" + }, + "KlvNameModifier": { + "markdownDescription": "", + "title": "KlvNameModifier", + "type": "string" + }, + "NielsenId3Behavior": { + "markdownDescription": "", + "title": "NielsenId3Behavior", + "type": "string" + }, + "NielsenId3NameModifier": { + "markdownDescription": "", + "title": "NielsenId3NameModifier", + "type": "string" + }, + "Scte35NameModifier": { + "markdownDescription": "", + "title": "Scte35NameModifier", + "type": "string" + }, + "Scte35Type": { + "markdownDescription": "", + "title": "Scte35Type", + "type": "string" + }, + "SegmentLength": { + "markdownDescription": "", + "title": "SegmentLength", + "type": "number" + }, + "SegmentLengthUnits": { + "markdownDescription": "", + "title": "SegmentLengthUnits", + "type": "string" + }, + "SendDelayMs": { + "markdownDescription": "", + "title": "SendDelayMs", + "type": "number" + }, + "TimedMetadataId3Frame": { + "markdownDescription": "", + "title": "TimedMetadataId3Frame", + "type": "string" + }, + "TimedMetadataId3Period": { + "markdownDescription": "", + "title": "TimedMetadataId3Period", + "type": "number" + }, + "TimedMetadataPassthrough": { + "markdownDescription": "", + "title": "TimedMetadataPassthrough", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ClusterMarker": { - "additionalProperties": false, - "properties": { - "SimpleClusterMarker": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SimpleClusterMarker", - "markdownDescription": "The simple cluster marker of the cluster marker.", - "title": "SimpleClusterMarker" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.ClusterMarkerConfiguration": { + "AWS::MediaLive::Channel.CmafIngestOutputSettings": { "additionalProperties": false, "properties": { - "ClusterMarker": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ClusterMarker", - "markdownDescription": "The cluster marker that is a part of the cluster marker configuration.", - "title": "ClusterMarker" + "NameModifier": { + "markdownDescription": "", + "title": "NameModifier", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ColorScale": { + "AWS::MediaLive::Channel.ColorCorrection": { "additionalProperties": false, "properties": { - "ColorFillType": { - "markdownDescription": "Determines the color fill type.", - "title": "ColorFillType", + "InputColorSpace": { + "markdownDescription": "", + "title": "InputColorSpace", "type": "string" }, - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataColor" - }, - "markdownDescription": "Determines the list of colors that are applied to the visual.", - "title": "Colors", - "type": "array" + "OutputColorSpace": { + "markdownDescription": "", + "title": "OutputColorSpace", + "type": "string" }, - "NullValueColor": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataColor", - "markdownDescription": "Determines the color that is applied to null values.", - "title": "NullValueColor" + "Uri": { + "markdownDescription": "", + "title": "Uri", + "type": "string" } }, - "required": [ - "ColorFillType", - "Colors" - ], "type": "object" }, - "AWS::QuickSight::Analysis.ColorsConfiguration": { + "AWS::MediaLive::Channel.ColorCorrectionSettings": { "additionalProperties": false, "properties": { - "CustomColors": { + "GlobalColorCorrections": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomColor" + "$ref": "#/definitions/AWS::MediaLive::Channel.ColorCorrection" }, - "markdownDescription": "A list of up to 50 custom colors.", - "title": "CustomColors", + "markdownDescription": "", + "title": "GlobalColorCorrections", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ColumnConfiguration": { - "additionalProperties": false, - "properties": { - "ColorsConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColorsConfiguration", - "markdownDescription": "The color configurations of the column.", - "title": "ColorsConfiguration" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column.", - "title": "Column" - }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FormatConfiguration", - "markdownDescription": "The format configuration of a column.", - "title": "FormatConfiguration" - }, - "Role": { - "markdownDescription": "The role of the column.", - "title": "Role", - "type": "string" - } - }, - "required": [ - "Column" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.ColumnHierarchy": { + "AWS::MediaLive::Channel.ColorSpacePassthroughSettings": { "additionalProperties": false, - "properties": { - "DateTimeHierarchy": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeHierarchy", - "markdownDescription": "The option that determines the hierarchy of any `DateTime` fields.", - "title": "DateTimeHierarchy" - }, - "ExplicitHierarchy": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ExplicitHierarchy", - "markdownDescription": "The option that determines the hierarchy of the fields that are built within a visual's field wells. These fields can't be duplicated to other visuals.", - "title": "ExplicitHierarchy" - }, - "PredefinedHierarchy": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PredefinedHierarchy", - "markdownDescription": "The option that determines the hierarchy of the fields that are defined during data preparation. These fields are available to use in any analysis that uses the data source.", - "title": "PredefinedHierarchy" - } - }, + "properties": {}, "type": "object" }, - "AWS::QuickSight::Analysis.ColumnIdentifier": { + "AWS::MediaLive::Channel.DolbyVision81Settings": { "additionalProperties": false, - "properties": { - "ColumnName": { - "markdownDescription": "The name of the column.", - "title": "ColumnName", - "type": "string" - }, - "DataSetIdentifier": { - "markdownDescription": "The data set that the column belongs to.", - "title": "DataSetIdentifier", - "type": "string" - } - }, - "required": [ - "ColumnName", - "DataSetIdentifier" - ], + "properties": {}, "type": "object" }, - "AWS::QuickSight::Analysis.ColumnSort": { + "AWS::MediaLive::Channel.DvbNitSettings": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationFunction", - "markdownDescription": "The aggregation function that is defined in the column sort.", - "title": "AggregationFunction" + "NetworkId": { + "markdownDescription": "The numeric value placed in the Network Information Table (NIT).", + "title": "NetworkId", + "type": "number" }, - "Direction": { - "markdownDescription": "The sort direction.", - "title": "Direction", + "NetworkName": { + "markdownDescription": "The network name text placed in the networkNameDescriptor inside the Network Information Table (NIT). The maximum length is 256 characters.", + "title": "NetworkName", "type": "string" }, - "SortBy": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "", - "title": "SortBy" + "RepInterval": { + "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream.", + "title": "RepInterval", + "type": "number" } }, - "required": [ - "Direction", - "SortBy" - ], "type": "object" }, - "AWS::QuickSight::Analysis.ColumnTooltipItem": { + "AWS::MediaLive::Channel.DvbSdtSettings": { "additionalProperties": false, "properties": { - "Aggregation": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationFunction", - "markdownDescription": "The aggregation function of the column tooltip item.", - "title": "Aggregation" + "OutputSdt": { + "markdownDescription": "Selects a method of inserting SDT information into an output stream. The sdtFollow setting copies SDT information from input stream to output stream. The sdtFollowIfPresent setting copies SDT information from input stream to output stream if SDT information is present in the input. Otherwise, it falls back on the user-defined values. The sdtManual setting means that the user will enter the SDT information. The sdtNone setting means that the output stream will not contain SDT information.", + "title": "OutputSdt", + "type": "string" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The target column of the tooltip item.", - "title": "Column" + "RepInterval": { + "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream.", + "title": "RepInterval", + "type": "number" }, - "Label": { - "markdownDescription": "The label of the tooltip item.", - "title": "Label", + "ServiceName": { + "markdownDescription": "The service name placed in the serviceDescriptor in the Service Description Table (SDT). The maximum length is 256 characters.", + "title": "ServiceName", "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the tooltip item.", - "title": "Visibility", + "ServiceProviderName": { + "markdownDescription": "The service provider name placed in the serviceDescriptor in the Service Description Table (SDT). The maximum length is 256 characters.", + "title": "ServiceProviderName", "type": "string" } }, - "required": [ - "Column" - ], "type": "object" }, - "AWS::QuickSight::Analysis.ComboChartAggregatedFieldWells": { + "AWS::MediaLive::Channel.DvbSubDestinationSettings": { "additionalProperties": false, "properties": { - "BarValues": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The aggregated `BarValues` field well of a combo chart.", - "title": "BarValues", - "type": "array" + "Alignment": { + "markdownDescription": "If no explicit xPosition or yPosition is provided, setting the alignment to centered places the captions at the bottom center of the output. Similarly, setting a left alignment aligns captions to the bottom left of the output. If x and y positions are specified in conjunction with the alignment parameter, the font is justified (either left or centered) relative to those coordinates. Selecting \"smart\" justification left-justifies live subtitles and center-justifies pre-recorded subtitles. This option is not valid for source captions that are STL or 608/embedded. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", + "title": "Alignment", + "type": "string" }, - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The aggregated category field wells of a combo chart.", - "title": "Category", - "type": "array" + "BackgroundColor": { + "markdownDescription": "Specifies the color of the rectangle behind the captions. All burn-in and DVB-Sub font settings must match.", + "title": "BackgroundColor", + "type": "string" }, - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The aggregated colors field well of a combo chart.", - "title": "Colors", - "type": "array" + "BackgroundOpacity": { + "markdownDescription": "Specifies the opacity of the background rectangle. 255 is opaque; 0 is transparent. Keeping this parameter blank is equivalent to setting it to 0 (transparent). All burn-in and DVB-Sub font settings must match.", + "title": "BackgroundOpacity", + "type": "number" }, - "LineValues": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The aggregated `LineValues` field well of a combo chart.", - "title": "LineValues", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.ComboChartConfiguration": { - "additionalProperties": false, - "properties": { - "BarDataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.\n\nThe data label options for a bar in a combo chart.", - "title": "BarDataLabels" + "Font": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", + "markdownDescription": "The external font file that is used for captions burn-in. The file extension must be .ttf or .tte. Although you can select output fonts for many different types of input captions, embedded, STL, and Teletext sources use a strict grid system. Using external fonts with these captions sources could cause an unexpected display of proportional fonts. All burn-in and DVB-Sub font settings must match.", + "title": "Font" }, - "BarsArrangement": { - "markdownDescription": "Determines the bar arrangement in a combo chart. The following are valid values in this structure:\n\n- `CLUSTERED` : For clustered bar combo charts.\n- `STACKED` : For stacked bar combo charts.\n- `STACKED_PERCENT` : Do not use. If you use this value, the operation returns a validation error.", - "title": "BarsArrangement", + "FontColor": { + "markdownDescription": "Specifies the color of the burned-in captions. This option is not valid for source captions that are STL, 608/embedded, or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", + "title": "FontColor", "type": "string" }, - "CategoryAxis": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The category axis of a combo chart.", - "title": "CategoryAxis" - }, - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart category (group/color) field well.", - "title": "CategoryLabelOptions" + "FontOpacity": { + "markdownDescription": "Specifies the opacity of the burned-in captions. 255 is opaque; 0 is transparent. All burn-in and DVB-Sub font settings must match.", + "title": "FontOpacity", + "type": "number" }, - "ColorLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's color field well.", - "title": "ColorLabelOptions" + "FontResolution": { + "markdownDescription": "The font resolution in DPI (dots per inch). The default is 96 dpi. All burn-in and DVB-Sub font settings must match.", + "title": "FontResolution", + "type": "number" }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ComboChartFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" + "FontSize": { + "markdownDescription": "When set to auto, fontSize scales depending on the size of the output. Providing a positive integer specifies the exact font size in points. All burn-in and DVB-Sub font settings must match.", + "title": "FontSize", + "type": "string" }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" + "OutlineColor": { + "markdownDescription": "Specifies the font outline color. This option is not valid for source captions that are either 608/embedded or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", + "title": "OutlineColor", + "type": "string" }, - "LineDataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.\n\nThe data label options for a line in a combo chart.", - "title": "LineDataLabels" + "OutlineSize": { + "markdownDescription": "Specifies the font outline size in pixels. This option is not valid for source captions that are either 608/embedded or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", + "title": "OutlineSize", + "type": "number" }, - "PrimaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, and axis step) of a combo chart's primary y-axis (bar) field well.", - "title": "PrimaryYAxisDisplayOptions" + "ShadowColor": { + "markdownDescription": "Specifies the color of the shadow that is cast by the captions. All burn-in and DVB-Sub font settings must match.", + "title": "ShadowColor", + "type": "string" }, - "PrimaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's primary y-axis (bar) field well.", - "title": "PrimaryYAxisLabelOptions" + "ShadowOpacity": { + "markdownDescription": "Specifies the opacity of the shadow. 255 is opaque; 0 is transparent. Keeping this parameter blank is equivalent to setting it to 0 (transparent). All burn-in and DVB-Sub font settings must match.", + "title": "ShadowOpacity", + "type": "number" }, - "ReferenceLines": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLine" - }, - "markdownDescription": "The reference line setup of the visual.", - "title": "ReferenceLines", - "type": "array" + "ShadowXOffset": { + "markdownDescription": "Specifies the horizontal offset of the shadow relative to the captions in pixels. A value of -2 would result in a shadow offset 2 pixels to the left. All burn-in and DVB-Sub font settings must match.", + "title": "ShadowXOffset", + "type": "number" }, - "SecondaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) of a combo chart's secondary y-axis (line) field well.", - "title": "SecondaryYAxisDisplayOptions" + "ShadowYOffset": { + "markdownDescription": "Specifies the vertical offset of the shadow relative to the captions in pixels. A value of -2 would result in a shadow offset 2 pixels above the text. All burn-in and DVB-Sub font settings must match.", + "title": "ShadowYOffset", + "type": "number" }, - "SecondaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's secondary y-axis(line) field well.", - "title": "SecondaryYAxisLabelOptions" + "TeletextGridControl": { + "markdownDescription": "Controls whether a fixed grid size is used to generate the output subtitles bitmap. This applies to only Teletext inputs and DVB-Sub/Burn-in outputs.", + "title": "TeletextGridControl", + "type": "string" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ComboChartSortConfiguration", - "markdownDescription": "The sort configuration of a `ComboChartVisual` .", - "title": "SortConfiguration" + "XPosition": { + "markdownDescription": "Specifies the horizontal position of the captions relative to the left side of the output in pixels. A value of 10 would result in the captions starting 10 pixels from the left of the output. If no explicit xPosition is provided, the horizontal captions position is determined by the alignment parameter. This option is not valid for source captions that are STL, 608/embedded, or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", + "title": "XPosition", + "type": "number" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Tooltip" + "YPosition": { + "markdownDescription": "Specifies the vertical position of the captions relative to the top of the output in pixels. A value of 10 would result in the captions starting 10 pixels from the top of the output. If no explicit yPosition is provided, the captions are positioned towards the bottom of the output. This option is not valid for source captions that are STL, 608/embedded, or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", + "title": "YPosition", + "type": "number" + } + }, + "type": "object" + }, + "AWS::MediaLive::Channel.DvbSubSourceSettings": { + "additionalProperties": false, + "properties": { + "OcrLanguage": { + "markdownDescription": "If you will configure a WebVTT caption description that references this caption selector, use this field to\nprovide the language to consider when translating the image-based source to text.", + "title": "OcrLanguage", + "type": "string" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" + "Pid": { + "markdownDescription": "When using DVB-Sub with burn-in or SMPTE-TT, use this PID for the source content. It is unused for DVB-Sub passthrough. All DVB-Sub content is passed through, regardless of selectors.", + "title": "Pid", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ComboChartFieldWells": { + "AWS::MediaLive::Channel.DvbTdtSettings": { "additionalProperties": false, "properties": { - "ComboChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ComboChartAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a combo chart. Combo charts only have aggregated field wells. Columns in a combo chart are aggregated by category.", - "title": "ComboChartAggregatedFieldWells" + "RepInterval": { + "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream.", + "title": "RepInterval", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ComboChartSortConfiguration": { + "AWS::MediaLive::Channel.Eac3AtmosSettings": { "additionalProperties": false, "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The item limit configuration for the category field well of a combo chart.", - "title": "CategoryItemsLimit" - }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the category field well in a combo chart.", - "title": "CategorySort", - "type": "array" + "Bitrate": { + "markdownDescription": "", + "title": "Bitrate", + "type": "number" }, - "ColorItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The item limit configuration of the color field well in a combo chart.", - "title": "ColorItemsLimit" + "CodingMode": { + "markdownDescription": "", + "title": "CodingMode", + "type": "string" }, - "ColorSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the color field well in a combo chart.", - "title": "ColorSort", - "type": "array" + "Dialnorm": { + "markdownDescription": "", + "title": "Dialnorm", + "type": "number" + }, + "DrcLine": { + "markdownDescription": "", + "title": "DrcLine", + "type": "string" + }, + "DrcRf": { + "markdownDescription": "", + "title": "DrcRf", + "type": "string" + }, + "HeightTrim": { + "markdownDescription": "", + "title": "HeightTrim", + "type": "number" + }, + "SurroundTrim": { + "markdownDescription": "", + "title": "SurroundTrim", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ComboChartVisual": { + "AWS::MediaLive::Channel.Eac3Settings": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "AttenuationControl": { + "markdownDescription": "When set to attenuate3Db, applies a 3 dB attenuation to the surround channels. Used only for the 3/2 coding mode.", + "title": "AttenuationControl", + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ComboChartConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "Bitrate": { + "markdownDescription": "The average bitrate in bits/second. Valid bitrates depend on the coding mode.", + "title": "Bitrate", + "type": "number" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "BitstreamMode": { + "markdownDescription": "Specifies the bitstream mode (bsmod) for the emitted E-AC-3 stream. For more information, see ATSC A/52-2012 (Annex E).", + "title": "BitstreamMode", + "type": "string" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "CodingMode": { + "markdownDescription": "The Dolby Digital Plus coding mode. This mode determines the number of channels.", + "title": "CodingMode", + "type": "string" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "DcFilter": { + "markdownDescription": "When set to enabled, activates a DC highpass filter for all input channels.", + "title": "DcFilter", + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "Dialnorm": { + "markdownDescription": "Sets the dialnorm for the output. If blank and the input audio is Dolby Digital Plus, dialnorm will be passed through.", + "title": "Dialnorm", + "type": "number" + }, + "DrcLine": { + "markdownDescription": "Sets the Dolby dynamic range compression profile.", + "title": "DrcLine", "type": "string" - } - }, - "required": [ - "VisualId" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.ComparisonConfiguration": { - "additionalProperties": false, - "properties": { - "ComparisonFormat": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ComparisonFormatConfiguration", - "markdownDescription": "The format of the comparison.", - "title": "ComparisonFormat" }, - "ComparisonMethod": { - "markdownDescription": "The method of the comparison. Choose from the following options:\n\n- `DIFFERENCE`\n- `PERCENT_DIFFERENCE`\n- `PERCENT`", - "title": "ComparisonMethod", + "DrcRf": { + "markdownDescription": "Sets the profile for heavy Dolby dynamic range compression, ensuring that the instantaneous signal peaks do not exceed specified levels.", + "title": "DrcRf", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.ComparisonFormatConfiguration": { - "additionalProperties": false, - "properties": { - "NumberDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumberDisplayFormatConfiguration", - "markdownDescription": "The number display format.", - "title": "NumberDisplayFormatConfiguration" }, - "PercentageDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PercentageDisplayFormatConfiguration", - "markdownDescription": "The percentage display format.", - "title": "PercentageDisplayFormatConfiguration" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.Computation": { - "additionalProperties": false, - "properties": { - "Forecast": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ForecastComputation", - "markdownDescription": "The forecast computation configuration.", - "title": "Forecast" + "LfeControl": { + "markdownDescription": "When encoding 3/2 audio, setting to lfe enables the LFE channel.", + "title": "LfeControl", + "type": "string" }, - "GrowthRate": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GrowthRateComputation", - "markdownDescription": "The growth rate computation configuration.", - "title": "GrowthRate" + "LfeFilter": { + "markdownDescription": "When set to enabled, applies a 120Hz lowpass filter to the LFE channel prior to encoding. Valid only with a codingMode32 coding mode.", + "title": "LfeFilter", + "type": "string" }, - "MaximumMinimum": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MaximumMinimumComputation", - "markdownDescription": "The maximum and minimum computation configuration.", - "title": "MaximumMinimum" + "LoRoCenterMixLevel": { + "markdownDescription": "The Left only/Right only center mix level. Used only for the 3/2 coding mode.", + "title": "LoRoCenterMixLevel", + "type": "number" }, - "MetricComparison": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MetricComparisonComputation", - "markdownDescription": "The metric comparison computation configuration.", - "title": "MetricComparison" + "LoRoSurroundMixLevel": { + "markdownDescription": "The Left only/Right only surround mix level. Used only for a 3/2 coding mode.", + "title": "LoRoSurroundMixLevel", + "type": "number" }, - "PeriodOverPeriod": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PeriodOverPeriodComputation", - "markdownDescription": "The period over period computation configuration.", - "title": "PeriodOverPeriod" + "LtRtCenterMixLevel": { + "markdownDescription": "The Left total/Right total center mix level. Used only for a 3/2 coding mode.", + "title": "LtRtCenterMixLevel", + "type": "number" }, - "PeriodToDate": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PeriodToDateComputation", - "markdownDescription": "The period to `DataSetIdentifier` computation configuration.", - "title": "PeriodToDate" + "LtRtSurroundMixLevel": { + "markdownDescription": "The Left total/Right total surround mix level. Used only for the 3/2 coding mode.", + "title": "LtRtSurroundMixLevel", + "type": "number" }, - "TopBottomMovers": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TopBottomMoversComputation", - "markdownDescription": "The top movers and bottom movers computation configuration.", - "title": "TopBottomMovers" + "MetadataControl": { + "markdownDescription": "When set to followInput, encoder metadata is sourced from the DD, DD+, or DolbyE decoder that supplies this audio data. If the audio is not supplied from one of these streams, then the static metadata settings are used.", + "title": "MetadataControl", + "type": "string" }, - "TopBottomRanked": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TopBottomRankedComputation", - "markdownDescription": "The top ranked and bottom ranked computation configuration.", - "title": "TopBottomRanked" + "PassthroughControl": { + "markdownDescription": "When set to whenPossible, input DD+ audio will be passed through if it is present on the input. This detection is dynamic over the life of the transcode. Inputs that alternate between DD+ and non-DD+ content will have a consistent DD+ output as the system alternates between passthrough and encoding.", + "title": "PassthroughControl", + "type": "string" }, - "TotalAggregation": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TotalAggregationComputation", - "markdownDescription": "The total aggregation computation configuration.", - "title": "TotalAggregation" + "PhaseControl": { + "markdownDescription": "When set to shift90Degrees, applies a 90-degree phase shift to the surround channels. Used only for a 3/2 coding mode.", + "title": "PhaseControl", + "type": "string" }, - "UniqueValues": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.UniqueValuesComputation", - "markdownDescription": "The unique values computation configuration.", - "title": "UniqueValues" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.ConditionalFormattingColor": { - "additionalProperties": false, - "properties": { - "Gradient": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingGradientColor", - "markdownDescription": "Formatting configuration for gradient color.", - "title": "Gradient" + "StereoDownmix": { + "markdownDescription": "A stereo downmix preference. Used only for the 3/2 coding mode.", + "title": "StereoDownmix", + "type": "string" }, - "Solid": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingSolidColor", - "markdownDescription": "Formatting configuration for solid color.", - "title": "Solid" + "SurroundExMode": { + "markdownDescription": "When encoding 3/2 audio, sets whether an extra center back surround channel is matrix encoded into the left and right surround channels.", + "title": "SurroundExMode", + "type": "string" + }, + "SurroundMode": { + "markdownDescription": "When encoding 2/0 audio, sets whether Dolby Surround is matrix-encoded into the two channels.", + "title": "SurroundMode", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ConditionalFormattingCustomIconCondition": { + "AWS::MediaLive::Channel.EbuTtDDestinationSettings": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "Determines the color of the icon.", - "title": "Color", + "CopyrightHolder": { + "markdownDescription": "Applies only if you plan to convert these source captions to EBU-TT-D or TTML in an output. Complete this field if you want to include the name of the copyright holder in the copyright metadata tag in the TTML", + "title": "CopyrightHolder", "type": "string" }, - "DisplayConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIconDisplayConfiguration", - "markdownDescription": "Determines the icon display configuration.", - "title": "DisplayConfiguration" + "DefaultFontSize": { + "markdownDescription": "", + "title": "DefaultFontSize", + "type": "number" }, - "Expression": { - "markdownDescription": "The expression that determines the condition of the icon set.", - "title": "Expression", - "type": "string" + "DefaultLineHeight": { + "markdownDescription": "", + "title": "DefaultLineHeight", + "type": "number" }, - "IconOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingCustomIconOptions", - "markdownDescription": "Custom icon options for an icon set.", - "title": "IconOptions" - } - }, - "required": [ - "Expression", - "IconOptions" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.ConditionalFormattingCustomIconOptions": { - "additionalProperties": false, - "properties": { - "Icon": { - "markdownDescription": "Determines the type of icon.", - "title": "Icon", + "FillLineGap": { + "markdownDescription": "Specifies how to handle the gap between the lines (in multi-line captions). - enabled: Fill with the captions background color (as specified in the input captions).\n- disabled: Leave the gap unfilled.", + "title": "FillLineGap", "type": "string" }, - "UnicodeIcon": { - "markdownDescription": "Determines the Unicode icon type.", - "title": "UnicodeIcon", + "FontFamily": { + "markdownDescription": "Specifies the font family to include in the font data attached to the EBU-TT captions. Valid only if styleControl is set to include. If you leave this field empty, the font family is set to \"monospaced\". (If styleControl is set to exclude, the font family is always set to \"monospaced\".) You specify only the font family. All other style information (color, bold, position and so on) is copied from the input captions. The size is always set to 100% to allow the downstream player to choose the size. - Enter a list of font families, as a comma-separated list of font names, in order of preference. The name can be a font family (such as \u201cArial\u201d), or a generic font family (such as \u201cserif\u201d), or \u201cdefault\u201d (to let the downstream player choose the font).\n- Leave blank to set the family to \u201cmonospace\u201d.", + "title": "FontFamily", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.ConditionalFormattingGradientColor": { - "additionalProperties": false, - "properties": { - "Color": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GradientColor", - "markdownDescription": "Determines the color.", - "title": "Color" }, - "Expression": { - "markdownDescription": "The expression that determines the formatting configuration for gradient color.", - "title": "Expression", + "StyleControl": { + "markdownDescription": "Specifies the style information (font color, font position, and so on) to include in the font data that is attached to the EBU-TT captions. - include: Take the style information (font color, font position, and so on) from the source captions and include that information in the font data attached to the EBU-TT captions. This option is valid only if the source captions are Embedded or Teletext.\n- exclude: In the font data attached to the EBU-TT captions, set the font family to \"monospaced\". Do not include any other style information.", + "title": "StyleControl", "type": "string" } }, - "required": [ - "Color", - "Expression" - ], "type": "object" }, - "AWS::QuickSight::Analysis.ConditionalFormattingIcon": { + "AWS::MediaLive::Channel.EmbeddedDestinationSettings": { "additionalProperties": false, - "properties": { - "CustomCondition": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingCustomIconCondition", - "markdownDescription": "Determines the custom condition for an icon set.", - "title": "CustomCondition" - }, - "IconSet": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIconSet", - "markdownDescription": "Formatting configuration for icon set.", - "title": "IconSet" - } - }, + "properties": {}, "type": "object" }, - "AWS::QuickSight::Analysis.ConditionalFormattingIconDisplayConfiguration": { + "AWS::MediaLive::Channel.EmbeddedPlusScte20DestinationSettings": { "additionalProperties": false, - "properties": { - "IconDisplayOption": { - "markdownDescription": "Determines the icon display configuration.", - "title": "IconDisplayOption", - "type": "string" - } - }, + "properties": {}, "type": "object" }, - "AWS::QuickSight::Analysis.ConditionalFormattingIconSet": { + "AWS::MediaLive::Channel.EmbeddedSourceSettings": { "additionalProperties": false, "properties": { - "Expression": { - "markdownDescription": "The expression that determines the formatting configuration for the icon set.", - "title": "Expression", + "Convert608To708": { + "markdownDescription": "If this is upconvert, 608 data is both passed through the \"608 compatibility bytes\" fields of the 708 wrapper as well as translated into 708. If 708 data is present in the source content, it is discarded.", + "title": "Convert608To708", "type": "string" }, - "IconSetType": { - "markdownDescription": "Determines the icon set type.", - "title": "IconSetType", - "type": "string" - } - }, - "required": [ - "Expression" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.ConditionalFormattingSolidColor": { - "additionalProperties": false, - "properties": { - "Color": { - "markdownDescription": "Determines the color.", - "title": "Color", + "Scte20Detection": { + "markdownDescription": "Set to \"auto\" to handle streams with intermittent or non-aligned SCTE-20 and embedded captions.", + "title": "Scte20Detection", "type": "string" }, - "Expression": { - "markdownDescription": "The expression that determines the formatting configuration for solid color.", - "title": "Expression", - "type": "string" + "Source608ChannelNumber": { + "markdownDescription": "Specifies the 608/708 channel number within the video track from which to extract captions. This is unused for passthrough.", + "title": "Source608ChannelNumber", + "type": "number" + }, + "Source608TrackNumber": { + "markdownDescription": "This field is unused and deprecated.", + "title": "Source608TrackNumber", + "type": "number" } }, - "required": [ - "Expression" - ], "type": "object" }, - "AWS::QuickSight::Analysis.ContributionAnalysisDefault": { + "AWS::MediaLive::Channel.EncoderSettings": { "additionalProperties": false, "properties": { - "ContributorDimensions": { + "AudioDescriptions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier" + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioDescription" }, - "markdownDescription": "The dimensions columns that are used in the contribution analysis, usually a list of `ColumnIdentifiers` .", - "title": "ContributorDimensions", + "markdownDescription": "The encoding information for output audio.", + "title": "AudioDescriptions", "type": "array" }, - "MeasureFieldId": { - "markdownDescription": "The measure field that is used in the contribution analysis.", - "title": "MeasureFieldId", - "type": "string" - } - }, - "required": [ - "ContributorDimensions", - "MeasureFieldId" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.CurrencyDisplayFormatConfiguration": { - "additionalProperties": false, - "properties": { - "DecimalPlacesConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalPlacesConfiguration", - "markdownDescription": "The option that determines the decimal places configuration.", - "title": "DecimalPlacesConfiguration" + "AvailBlanking": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AvailBlanking", + "markdownDescription": "The settings for ad avail blanking.", + "title": "AvailBlanking" }, - "NegativeValueConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NegativeValueConfiguration", - "markdownDescription": "The options that determine the negative value configuration.", - "title": "NegativeValueConfiguration" + "AvailConfiguration": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AvailConfiguration", + "markdownDescription": "The configuration settings for the ad avail handling.", + "title": "AvailConfiguration" }, - "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NullValueFormatConfiguration", - "markdownDescription": "The options that determine the null value format configuration.", - "title": "NullValueFormatConfiguration" + "BlackoutSlate": { + "$ref": "#/definitions/AWS::MediaLive::Channel.BlackoutSlate", + "markdownDescription": "The settings for the blackout slate.", + "title": "BlackoutSlate" }, - "NumberScale": { - "markdownDescription": "Determines the number scale value for the currency format.", - "title": "NumberScale", - "type": "string" + "CaptionDescriptions": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionDescription" + }, + "markdownDescription": "The encoding information for output captions.", + "title": "CaptionDescriptions", + "type": "array" }, - "Prefix": { - "markdownDescription": "Determines the prefix value of the currency format.", - "title": "Prefix", - "type": "string" + "ColorCorrectionSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.ColorCorrectionSettings", + "markdownDescription": "", + "title": "ColorCorrectionSettings" }, - "SeparatorConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericSeparatorConfiguration", - "markdownDescription": "The options that determine the numeric separator configuration.", - "title": "SeparatorConfiguration" + "FeatureActivations": { + "$ref": "#/definitions/AWS::MediaLive::Channel.FeatureActivations", + "markdownDescription": "Settings to enable specific features.", + "title": "FeatureActivations" }, - "Suffix": { - "markdownDescription": "Determines the suffix value of the currency format.", - "title": "Suffix", - "type": "string" + "GlobalConfiguration": { + "$ref": "#/definitions/AWS::MediaLive::Channel.GlobalConfiguration", + "markdownDescription": "The configuration settings that apply to the entire channel.", + "title": "GlobalConfiguration" }, - "Symbol": { - "markdownDescription": "Determines the symbol for the currency format.", - "title": "Symbol", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.CustomActionFilterOperation": { - "additionalProperties": false, - "properties": { - "SelectedFieldsConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterOperationSelectedFieldsConfiguration", - "markdownDescription": "The configuration that chooses the fields to be filtered.", - "title": "SelectedFieldsConfiguration" + "MotionGraphicsConfiguration": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MotionGraphicsConfiguration", + "markdownDescription": "Settings to enable and configure the motion graphics overlay feature in the channel.", + "title": "MotionGraphicsConfiguration" }, - "TargetVisualsConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterOperationTargetVisualsConfiguration", - "markdownDescription": "The configuration that chooses the target visuals to be filtered.", - "title": "TargetVisualsConfiguration" - } - }, - "required": [ - "SelectedFieldsConfiguration", - "TargetVisualsConfiguration" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.CustomActionNavigationOperation": { - "additionalProperties": false, - "properties": { - "LocalNavigationConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LocalNavigationConfiguration", - "markdownDescription": "The configuration that chooses the navigation target.", - "title": "LocalNavigationConfiguration" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.CustomActionSetParametersOperation": { - "additionalProperties": false, - "properties": { - "ParameterValueConfigurations": { + "NielsenConfiguration": { + "$ref": "#/definitions/AWS::MediaLive::Channel.NielsenConfiguration", + "markdownDescription": "The settings to configure Nielsen watermarks.", + "title": "NielsenConfiguration" + }, + "OutputGroups": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SetParameterValueConfiguration" + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputGroup" }, - "markdownDescription": "The parameter that determines the value configuration.", - "title": "ParameterValueConfigurations", + "markdownDescription": "The settings for the output groups in the channel.", + "title": "OutputGroups", + "type": "array" + }, + "ThumbnailConfiguration": { + "$ref": "#/definitions/AWS::MediaLive::Channel.ThumbnailConfiguration", + "markdownDescription": "", + "title": "ThumbnailConfiguration" + }, + "TimecodeConfig": { + "$ref": "#/definitions/AWS::MediaLive::Channel.TimecodeConfig", + "markdownDescription": "Contains settings used to acquire and adjust timecode information from the inputs.", + "title": "TimecodeConfig" + }, + "VideoDescriptions": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Channel.VideoDescription" + }, + "markdownDescription": "The encoding information for output videos.", + "title": "VideoDescriptions", "type": "array" } }, - "required": [ - "ParameterValueConfigurations" - ], "type": "object" }, - "AWS::QuickSight::Analysis.CustomActionURLOperation": { + "AWS::MediaLive::Channel.EpochLockingSettings": { "additionalProperties": false, "properties": { - "URLTarget": { - "markdownDescription": "The target of the `CustomActionURLOperation` .\n\nValid values are defined as follows:\n\n- `NEW_TAB` : Opens the target URL in a new browser tab.\n- `NEW_WINDOW` : Opens the target URL in a new browser window.\n- `SAME_TAB` : Opens the target URL in the same browser tab.", - "title": "URLTarget", + "CustomEpoch": { + "markdownDescription": "", + "title": "CustomEpoch", "type": "string" }, - "URLTemplate": { - "markdownDescription": "THe URL link of the `CustomActionURLOperation` .", - "title": "URLTemplate", + "JamSyncTime": { + "markdownDescription": "", + "title": "JamSyncTime", "type": "string" } }, - "required": [ - "URLTarget", - "URLTemplate" - ], "type": "object" }, - "AWS::QuickSight::Analysis.CustomColor": { + "AWS::MediaLive::Channel.Esam": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The color that is applied to the data value.", - "title": "Color", + "AcquisitionPointId": { + "markdownDescription": "", + "title": "AcquisitionPointId", "type": "string" }, - "FieldValue": { - "markdownDescription": "The data value that the color is applied to.", - "title": "FieldValue", + "AdAvailOffset": { + "markdownDescription": "", + "title": "AdAvailOffset", + "type": "number" + }, + "PasswordParam": { + "markdownDescription": "", + "title": "PasswordParam", "type": "string" }, - "SpecialValue": { - "markdownDescription": "The value of a special data value.", - "title": "SpecialValue", + "PoisEndpoint": { + "markdownDescription": "", + "title": "PoisEndpoint", + "type": "string" + }, + "Username": { + "markdownDescription": "", + "title": "Username", + "type": "string" + }, + "ZoneIdentity": { + "markdownDescription": "", + "title": "ZoneIdentity", "type": "string" } }, - "required": [ - "Color" - ], "type": "object" }, - "AWS::QuickSight::Analysis.CustomContentConfiguration": { + "AWS::MediaLive::Channel.FailoverCondition": { "additionalProperties": false, "properties": { - "ContentType": { - "markdownDescription": "The content type of the custom content visual. You can use this to have the visual render as an image.", - "title": "ContentType", - "type": "string" - }, - "ContentUrl": { - "markdownDescription": "The input URL that links to the custom content that you want in the custom visual.", - "title": "ContentUrl", - "type": "string" - }, - "ImageScaling": { - "markdownDescription": "The sizing options for the size of the custom content visual. This structure is required when the `ContentType` of the visual is `'IMAGE'` .", - "title": "ImageScaling", - "type": "string" + "FailoverConditionSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.FailoverConditionSettings", + "markdownDescription": "Settings for a specific failover condition.", + "title": "FailoverConditionSettings" } }, "type": "object" }, - "AWS::QuickSight::Analysis.CustomContentVisual": { + "AWS::MediaLive::Channel.FailoverConditionSettings": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomContentConfiguration", - "markdownDescription": "The configuration of a `CustomContentVisual` .", - "title": "ChartConfiguration" - }, - "DataSetIdentifier": { - "markdownDescription": "The dataset that is used to create the custom content visual. You can't create a visual without a dataset.", - "title": "DataSetIdentifier", - "type": "string" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "AudioSilenceSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioSilenceFailoverSettings", + "markdownDescription": "MediaLive will perform a failover if the specified audio selector is silent for the specified period.", + "title": "AudioSilenceSettings" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "InputLossSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InputLossFailoverSettings", + "markdownDescription": "MediaLive will perform a failover if content is not detected in this input for the specified period.", + "title": "InputLossSettings" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", - "type": "string" + "VideoBlackSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.VideoBlackFailoverSettings", + "markdownDescription": "MediaLive will perform a failover if content is considered black for the specified period.", + "title": "VideoBlackSettings" } }, - "required": [ - "DataSetIdentifier", - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.CustomFilterConfiguration": { + "AWS::MediaLive::Channel.FeatureActivations": { "additionalProperties": false, "properties": { - "CategoryValue": { - "markdownDescription": "The category value for the filter.\n\nThis field is mutually exclusive to `ParameterName` .", - "title": "CategoryValue", - "type": "string" - }, - "MatchOperator": { - "markdownDescription": "The match operator that is used to determine if a filter should be applied.", - "title": "MatchOperator", + "InputPrepareScheduleActions": { + "markdownDescription": "Enables the Input Prepare feature. You can create Input Prepare actions in the schedule only if this feature is enabled.\nIf you disable the feature on an existing schedule, make sure that you first delete all input prepare actions from the schedule.", + "title": "InputPrepareScheduleActions", "type": "string" }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", + "OutputStaticImageOverlayScheduleActions": { + "markdownDescription": "", + "title": "OutputStaticImageOverlayScheduleActions", "type": "string" + } + }, + "type": "object" + }, + "AWS::MediaLive::Channel.FecOutputSettings": { + "additionalProperties": false, + "properties": { + "ColumnDepth": { + "markdownDescription": "The parameter D from SMPTE 2022-1. The height of the FEC protection matrix. The number of transport stream packets per column error correction packet. The number must be between 4 and 20, inclusive.", + "title": "ColumnDepth", + "type": "number" }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `CategoryValue` .", - "title": "ParameterName", + "IncludeFec": { + "markdownDescription": "Enables column only or column and row-based FEC.", + "title": "IncludeFec", "type": "string" }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", - "type": "string" + "RowLength": { + "markdownDescription": "The parameter L from SMPTE 2022-1. The width of the FEC protection matrix. Must be between 1 and 20, inclusive. If only Column FEC is used, then larger values increase robustness. If Row FEC is used, then this is the number of transport stream packets per row error correction packet, and the value must be between 4 and 20, inclusive, if includeFec is columnAndRow. If includeFec is column, this value must be 1 to 20, inclusive.", + "title": "RowLength", + "type": "number" } }, - "required": [ - "MatchOperator", - "NullOption" - ], "type": "object" }, - "AWS::QuickSight::Analysis.CustomFilterListConfiguration": { + "AWS::MediaLive::Channel.Fmp4HlsSettings": { "additionalProperties": false, "properties": { - "CategoryValues": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of category values for the filter.", - "title": "CategoryValues", - "type": "array" - }, - "MatchOperator": { - "markdownDescription": "The match operator that is used to determine if a filter should be applied.", - "title": "MatchOperator", + "AudioRenditionSets": { + "markdownDescription": "List all the audio groups that are used with the video output stream. Input all the audio GROUP-IDs that are associated to the video, separate by ','.", + "title": "AudioRenditionSets", "type": "string" }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", + "NielsenId3Behavior": { + "markdownDescription": "If set to passthrough, Nielsen inaudible tones for media tracking will be detected in the input audio and an equivalent ID3 tag will be inserted in the output.", + "title": "NielsenId3Behavior", "type": "string" }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", + "TimedMetadataBehavior": { + "markdownDescription": "When set to passthrough, timed metadata is passed through from input to output.", + "title": "TimedMetadataBehavior", "type": "string" } }, - "required": [ - "MatchOperator", - "NullOption" - ], "type": "object" }, - "AWS::QuickSight::Analysis.CustomNarrativeOptions": { + "AWS::MediaLive::Channel.FrameCaptureCdnSettings": { "additionalProperties": false, "properties": { - "Narrative": { - "markdownDescription": "The string input of custom narrative.", - "title": "Narrative", - "type": "string" + "FrameCaptureS3Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.FrameCaptureS3Settings", + "markdownDescription": "Sets up Amazon S3 as the destination for this Frame Capture output.", + "title": "FrameCaptureS3Settings" } }, - "required": [ - "Narrative" - ], "type": "object" }, - "AWS::QuickSight::Analysis.CustomParameterValues": { + "AWS::MediaLive::Channel.FrameCaptureGroupSettings": { "additionalProperties": false, "properties": { - "DateTimeValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of datetime-type parameter values.", - "title": "DateTimeValues", - "type": "array" - }, - "DecimalValues": { - "items": { - "type": "number" - }, - "markdownDescription": "A list of decimal-type parameter values.", - "title": "DecimalValues", - "type": "array" - }, - "IntegerValues": { - "items": { - "type": "number" - }, - "markdownDescription": "A list of integer-type parameter values.", - "title": "IntegerValues", - "type": "array" + "Destination": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", + "markdownDescription": "The destination for the frame capture files. The destination is either the URI for an Amazon S3 bucket and object, plus a file name prefix (for example, s3ssl://sportsDelivery/highlights/20180820/curling_) or the URI for a MediaStore container, plus a file name prefix (for example, mediastoressl://sportsDelivery/20180820/curling_). The final file names consist of the prefix from the destination field (for example, \"curling_\") + name modifier + the counter (5 digits, starting from 00001) + extension (which is always .jpg). For example, curlingLow.00001.jpg.", + "title": "Destination" }, - "StringValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of string-type parameter values.", - "title": "StringValues", - "type": "array" + "FrameCaptureCdnSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.FrameCaptureCdnSettings", + "markdownDescription": "Settings to configure the destination of a Frame Capture output.", + "title": "FrameCaptureCdnSettings" } }, "type": "object" }, - "AWS::QuickSight::Analysis.CustomValuesConfiguration": { + "AWS::MediaLive::Channel.FrameCaptureHlsSettings": { "additionalProperties": false, - "properties": { - "CustomValues": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomParameterValues", - "markdownDescription": "", - "title": "CustomValues" - }, - "IncludeNullValue": { - "markdownDescription": "Includes the null value in custom action parameter values.", - "title": "IncludeNullValue", - "type": "boolean" - } - }, - "required": [ - "CustomValues" - ], + "properties": {}, "type": "object" }, - "AWS::QuickSight::Analysis.DataBarsOptions": { + "AWS::MediaLive::Channel.FrameCaptureOutputSettings": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID for the data bars options.", - "title": "FieldId", - "type": "string" - }, - "NegativeColor": { - "markdownDescription": "The color of the negative data bar.", - "title": "NegativeColor", - "type": "string" - }, - "PositiveColor": { - "markdownDescription": "The color of the positive data bar.", - "title": "PositiveColor", + "NameModifier": { + "markdownDescription": "Required if the output group contains more than one output. This modifier forms part of the output file name.", + "title": "NameModifier", "type": "string" } }, - "required": [ - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.DataColor": { + "AWS::MediaLive::Channel.FrameCaptureS3Settings": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The color that is applied to the data value.", - "title": "Color", + "CannedAcl": { + "markdownDescription": "Specify the canned ACL to apply to each S3 request. Defaults to none.", + "title": "CannedAcl", "type": "string" - }, - "DataValue": { - "markdownDescription": "The data value that the color is applied to.", - "title": "DataValue", - "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.DataFieldSeriesItem": { + "AWS::MediaLive::Channel.FrameCaptureSettings": { "additionalProperties": false, "properties": { - "AxisBinding": { - "markdownDescription": "The axis that you are binding the field to.", - "title": "AxisBinding", - "type": "string" - }, - "FieldId": { - "markdownDescription": "The field ID of the field that you are setting the axis binding to.", - "title": "FieldId", - "type": "string" + "CaptureInterval": { + "markdownDescription": "The frequency, in seconds, for capturing frames for inclusion in the output. For example, \"10\" means capture a frame every 10 seconds.", + "title": "CaptureInterval", + "type": "number" }, - "FieldValue": { - "markdownDescription": "The field value of the field that you are setting the axis binding to.", - "title": "FieldValue", + "CaptureIntervalUnits": { + "markdownDescription": "Unit for the frame capture interval.", + "title": "CaptureIntervalUnits", "type": "string" }, - "Settings": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartSeriesSettings", - "markdownDescription": "The options that determine the presentation of line series associated to the field.", - "title": "Settings" + "TimecodeBurninSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.TimecodeBurninSettings", + "markdownDescription": "", + "title": "TimecodeBurninSettings" } }, - "required": [ - "AxisBinding", - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.DataLabelOptions": { + "AWS::MediaLive::Channel.GlobalConfiguration": { "additionalProperties": false, "properties": { - "CategoryLabelVisibility": { - "markdownDescription": "Determines the visibility of the category field labels.", - "title": "CategoryLabelVisibility", - "type": "string" - }, - "DataLabelTypes": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelType" - }, - "markdownDescription": "The option that determines the data label type.", - "title": "DataLabelTypes", - "type": "array" - }, - "LabelColor": { - "markdownDescription": "Determines the color of the data labels.", - "title": "LabelColor", - "type": "string" + "InitialAudioGain": { + "markdownDescription": "The value to set the initial audio gain for the channel.", + "title": "InitialAudioGain", + "type": "number" }, - "LabelContent": { - "markdownDescription": "Determines the content of the data labels.", - "title": "LabelContent", + "InputEndAction": { + "markdownDescription": "Indicates the action to take when the current input completes (for example, end-of-file). When switchAndLoopInputs is configured, MediaLive restarts at the beginning of the first input. When \"none\" is configured, MediaLive transcodes either black, a solid color, or a user-specified slate images per the \"Input Loss Behavior\" configuration until the next input switch occurs (which is controlled through the Channel Schedule API).", + "title": "InputEndAction", "type": "string" }, - "LabelFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", - "markdownDescription": "Determines the font configuration of the data labels.", - "title": "LabelFontConfiguration" - }, - "MeasureLabelVisibility": { - "markdownDescription": "Determines the visibility of the measure field labels.", - "title": "MeasureLabelVisibility", - "type": "string" + "InputLossBehavior": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InputLossBehavior", + "markdownDescription": "The settings for system actions when the input is lost.", + "title": "InputLossBehavior" }, - "Overlap": { - "markdownDescription": "Determines whether overlap is enabled or disabled for the data labels.", - "title": "Overlap", + "OutputLockingMode": { + "markdownDescription": "Indicates how MediaLive pipelines are synchronized. PIPELINELOCKING - MediaLive attempts to synchronize the output of each pipeline to the other. EPOCHLOCKING - MediaLive attempts to synchronize the output of each pipeline to the Unix epoch.", + "title": "OutputLockingMode", "type": "string" }, - "Position": { - "markdownDescription": "Determines the position of the data labels.", - "title": "Position", - "type": "string" + "OutputLockingSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLockingSettings", + "markdownDescription": "", + "title": "OutputLockingSettings" }, - "TotalsVisibility": { - "markdownDescription": "Determines the visibility of the total.", - "title": "TotalsVisibility", + "OutputTimingSource": { + "markdownDescription": "Indicates whether the rate of frames emitted by the Live encoder should be paced by its system clock (which optionally might be locked to another source through NTP) or should be locked to the clock of the source that is providing the input stream.", + "title": "OutputTimingSource", "type": "string" }, - "Visibility": { - "markdownDescription": "Determines the visibility of the data labels.", - "title": "Visibility", + "SupportLowFramerateInputs": { + "markdownDescription": "Adjusts the video input buffer for streams with very low video frame rates. This is commonly set to enabled for music channels with less than one video frame per second.", + "title": "SupportLowFramerateInputs", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.DataLabelType": { + "AWS::MediaLive::Channel.H264ColorSpaceSettings": { "additionalProperties": false, "properties": { - "DataPathLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathLabelType", - "markdownDescription": "The option that specifies individual data values for labels.", - "title": "DataPathLabelType" - }, - "FieldLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldLabelType", - "markdownDescription": "Determines the label configuration for the entire field.", - "title": "FieldLabelType" - }, - "MaximumLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MaximumLabelType", - "markdownDescription": "Determines the label configuration for the maximum value in a visual.", - "title": "MaximumLabelType" + "ColorSpacePassthroughSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.ColorSpacePassthroughSettings", + "markdownDescription": "Passthrough applies no color space conversion to the output.", + "title": "ColorSpacePassthroughSettings" }, - "MinimumLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MinimumLabelType", - "markdownDescription": "Determines the label configuration for the minimum value in a visual.", - "title": "MinimumLabelType" + "Rec601Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Rec601Settings", + "markdownDescription": "Settings to configure the handling of Rec601 color space.", + "title": "Rec601Settings" }, - "RangeEndsLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RangeEndsLabelType", - "markdownDescription": "Determines the label configuration for range end value in a visual.", - "title": "RangeEndsLabelType" + "Rec709Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Rec709Settings", + "markdownDescription": "Settings to configure the handling of Rec709 color space.", + "title": "Rec709Settings" } }, "type": "object" }, - "AWS::QuickSight::Analysis.DataPathColor": { + "AWS::MediaLive::Channel.H264FilterSettings": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The color that needs to be applied to the element.", - "title": "Color", - "type": "string" - }, - "Element": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathValue", - "markdownDescription": "The element that the color needs to be applied to.", - "title": "Element" + "BandwidthReductionFilterSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.BandwidthReductionFilterSettings", + "markdownDescription": "", + "title": "BandwidthReductionFilterSettings" }, - "TimeGranularity": { - "markdownDescription": "The time granularity of the field that the color needs to be applied to.", - "title": "TimeGranularity", - "type": "string" + "TemporalFilterSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.TemporalFilterSettings", + "markdownDescription": "Settings for applying the temporal filter to the video.", + "title": "TemporalFilterSettings" } }, - "required": [ - "Color", - "Element" - ], "type": "object" }, - "AWS::QuickSight::Analysis.DataPathLabelType": { + "AWS::MediaLive::Channel.H264Settings": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID of the field that the data label needs to be applied to.", - "title": "FieldId", + "AdaptiveQuantization": { + "markdownDescription": "The adaptive quantization. This allows intra-frame quantizers to vary to improve visual quality.", + "title": "AdaptiveQuantization", "type": "string" }, - "FieldValue": { - "markdownDescription": "The actual value of the field that is labeled.", - "title": "FieldValue", + "AfdSignaling": { + "markdownDescription": "Indicates that AFD values will be written into the output stream. If afdSignaling is auto, the system tries to preserve the input AFD value (in cases where multiple AFD values are valid). If set to fixed, the AFD value is the value configured in the fixedAfd parameter.", + "title": "AfdSignaling", "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the data label.", - "title": "Visibility", + "Bitrate": { + "markdownDescription": "The average bitrate in bits/second. This is required when the rate control mode is VBR or CBR. It isn't used for QVBR. In a Microsoft Smooth output group, each output must have a unique value when its bitrate is rounded down to the nearest multiple of 1000.", + "title": "Bitrate", + "type": "number" + }, + "BufFillPct": { + "markdownDescription": "The percentage of the buffer that should initially be filled (HRD buffer model).", + "title": "BufFillPct", + "type": "number" + }, + "BufSize": { + "markdownDescription": "The size of the buffer (HRD buffer model) in bits/second.", + "title": "BufSize", + "type": "number" + }, + "ColorMetadata": { + "markdownDescription": "Includes color space metadata in the output.", + "title": "ColorMetadata", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.DataPathSort": { - "additionalProperties": false, - "properties": { - "Direction": { - "markdownDescription": "Determines the sort direction.", - "title": "Direction", + }, + "ColorSpaceSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.H264ColorSpaceSettings", + "markdownDescription": "Settings to configure the color space handling for the video.", + "title": "ColorSpaceSettings" + }, + "EntropyEncoding": { + "markdownDescription": "The entropy encoding mode. Use cabac (must be in Main or High profile) or cavlc.", + "title": "EntropyEncoding", "type": "string" }, - "SortPaths": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathValue" - }, - "markdownDescription": "The list of data paths that need to be sorted.", - "title": "SortPaths", - "type": "array" - } - }, - "required": [ - "Direction", - "SortPaths" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.DataPathType": { - "additionalProperties": false, - "properties": { - "PivotTableDataPathType": { - "markdownDescription": "The type of data path value utilized in a pivot table. Choose one of the following options:\n\n- `HIERARCHY_ROWS_LAYOUT_COLUMN` - The type of data path for the rows layout column, when `RowsLayout` is set to `HIERARCHY` .\n- `MULTIPLE_ROW_METRICS_COLUMN` - The type of data path for the metric column when the row is set to Metric Placement.\n- `EMPTY_COLUMN_HEADER` - The type of data path for the column with empty column header, when there is no field in `ColumnsFieldWell` and the row is set to Metric Placement.\n- `COUNT_METRIC_COLUMN` - The type of data path for the column with `COUNT` as the metric, when there is no field in the `ValuesFieldWell` .", - "title": "PivotTableDataPathType", + "FilterSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.H264FilterSettings", + "markdownDescription": "Optional filters that you can apply to an encode.", + "title": "FilterSettings" + }, + "FixedAfd": { + "markdownDescription": "A four-bit AFD value to write on all frames of video in the output stream. Valid only when afdSignaling is set to Fixed.", + "title": "FixedAfd", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.DataPathValue": { - "additionalProperties": false, - "properties": { - "DataPathType": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathType", - "markdownDescription": "The type configuration of the field.", - "title": "DataPathType" }, - "FieldId": { - "markdownDescription": "The field ID of the field that needs to be sorted.", - "title": "FieldId", + "FlickerAq": { + "markdownDescription": "If set to enabled, adjusts the quantization within each frame to reduce flicker or pop on I-frames.", + "title": "FlickerAq", "type": "string" }, - "FieldValue": { - "markdownDescription": "The actual value of the field that needs to be sorted.", - "title": "FieldValue", + "ForceFieldPictures": { + "markdownDescription": "This setting applies only when scan type is \"interlaced.\" It controls whether coding is performed on a field basis or on a frame basis. (When the video is progressive, the coding is always performed on a frame basis.)\nenabled: Force MediaLive to code on a field basis, so that odd and even sets of fields are coded separately.\ndisabled: Code the two sets of fields separately (on a field basis) or together (on a frame basis using PAFF), depending on what is most appropriate for the content.", + "title": "ForceFieldPictures", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.DataSetIdentifierDeclaration": { - "additionalProperties": false, - "properties": { - "DataSetArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the data set.", - "title": "DataSetArn", + }, + "FramerateControl": { + "markdownDescription": "Indicates how the output video frame rate is specified. If you select \"specified,\" the output video frame rate is determined by framerateNumerator and framerateDenominator. If you select \"initializeFromSource,\" the output video frame rate is set equal to the input video frame rate of the first input.", + "title": "FramerateControl", "type": "string" }, - "Identifier": { - "markdownDescription": "The identifier of the data set, typically the data set's name.", - "title": "Identifier", + "FramerateDenominator": { + "markdownDescription": "The frame rate denominator.", + "title": "FramerateDenominator", + "type": "number" + }, + "FramerateNumerator": { + "markdownDescription": "The frame rate numerator. The frame rate is a fraction, for example, 24000/1001 = 23.976 fps.", + "title": "FramerateNumerator", + "type": "number" + }, + "GopBReference": { + "markdownDescription": "If enabled, uses reference B frames for GOP structures that have B frames > 1.", + "title": "GopBReference", "type": "string" - } - }, - "required": [ - "DataSetArn", - "Identifier" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.DataSetReference": { - "additionalProperties": false, - "properties": { - "DataSetArn": { - "markdownDescription": "Dataset Amazon Resource Name (ARN).", - "title": "DataSetArn", + }, + "GopClosedCadence": { + "markdownDescription": "The frequency of closed GOPs. In streaming applications, we recommend that you set this to 1 so that a decoder joining mid-stream will receive an IDR frame as quickly as possible. Setting this value to 0 will break output segmenting.", + "title": "GopClosedCadence", + "type": "number" + }, + "GopNumBFrames": { + "markdownDescription": "The number of B-frames between reference frames.", + "title": "GopNumBFrames", + "type": "number" + }, + "GopSize": { + "markdownDescription": "The GOP size (keyframe interval) in units of either frames or seconds per gopSizeUnits. The value must be greater than zero.", + "title": "GopSize", + "type": "number" + }, + "GopSizeUnits": { + "markdownDescription": "Indicates if the gopSize is specified in frames or seconds. If seconds, the system converts the gopSize into a frame count at runtime.", + "title": "GopSizeUnits", "type": "string" }, - "DataSetPlaceholder": { - "markdownDescription": "Dataset placeholder.", - "title": "DataSetPlaceholder", + "Level": { + "markdownDescription": "The H.264 level.", + "title": "Level", "type": "string" - } - }, - "required": [ - "DataSetArn", - "DataSetPlaceholder" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.DateAxisOptions": { - "additionalProperties": false, - "properties": { - "MissingDateVisibility": { - "markdownDescription": "Determines whether or not missing dates are displayed.", - "title": "MissingDateVisibility", + }, + "LookAheadRateControl": { + "markdownDescription": "The amount of lookahead. A value of low can decrease latency and memory usage, while high can produce better quality for certain content.", + "title": "LookAheadRateControl", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.DateDimensionField": { - "additionalProperties": false, - "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that is used in the `DateDimensionField` .", - "title": "Column" }, - "DateGranularity": { - "markdownDescription": "The date granularity of the `DateDimensionField` . Choose one of the following options:\n\n- `YEAR`\n- `QUARTER`\n- `MONTH`\n- `WEEK`\n- `DAY`\n- `HOUR`\n- `MINUTE`\n- `SECOND`\n- `MILLISECOND`", - "title": "DateGranularity", + "MaxBitrate": { + "markdownDescription": "For QVBR: See the tooltip for Quality level. For VBR: Set the maximum bitrate in order to accommodate expected spikes in the complexity of the video.", + "title": "MaxBitrate", + "type": "number" + }, + "MinIInterval": { + "markdownDescription": "Meaningful only if sceneChangeDetect is set to enabled. This setting enforces separation between repeated (cadence) I-frames and I-frames inserted by Scene Change Detection. If a scene change I-frame is within I-interval frames of a cadence I-frame, the GOP is shrunk or stretched to the scene change I-frame. GOP stretch requires enabling lookahead as well as setting the I-interval. The normal cadence resumes for the next GOP. Note that the maximum GOP stretch = GOP size + Min-I-interval - 1.", + "title": "MinIInterval", + "type": "number" + }, + "MinQp": { + "markdownDescription": "", + "title": "MinQp", + "type": "number" + }, + "NumRefFrames": { + "markdownDescription": "The number of reference frames to use. The encoder might use more than requested if you use B-frames or interlaced encoding.", + "title": "NumRefFrames", + "type": "number" + }, + "ParControl": { + "markdownDescription": "Indicates how the output pixel aspect ratio is specified. If \"specified\" is selected, the output video pixel aspect ratio is determined by parNumerator and parDenominator. If \"initializeFromSource\" is selected, the output pixels aspect ratio will be set equal to the input video pixel aspect ratio of the first input.", + "title": "ParControl", "type": "string" }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "ParDenominator": { + "markdownDescription": "The Pixel Aspect Ratio denominator.", + "title": "ParDenominator", + "type": "number" + }, + "ParNumerator": { + "markdownDescription": "The Pixel Aspect Ratio numerator.", + "title": "ParNumerator", + "type": "number" + }, + "Profile": { + "markdownDescription": "An H.264 profile.", + "title": "Profile", "type": "string" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" + "QualityLevel": { + "markdownDescription": "Leave as STANDARD_QUALITY or choose a different value (which might result in additional costs to run the channel).\n- ENHANCED_QUALITY: Produces a slightly better video quality without an increase in the bitrate. Has an effect only when the Rate control mode is QVBR or CBR. If this channel is in a MediaLive multiplex, the value must be ENHANCED_QUALITY.\n- STANDARD_QUALITY: Valid for any Rate control mode.", + "title": "QualityLevel", + "type": "string" }, - "HierarchyId": { - "markdownDescription": "The custom hierarchy ID.", - "title": "HierarchyId", + "QvbrQualityLevel": { + "markdownDescription": "Controls the target quality for the video encode. This applies only when the rate control mode is QVBR. Set values for the QVBR quality level field and Max bitrate field that suit your most important viewing devices. Recommended values are: - Primary screen: Quality level: 8 to 10. Max bitrate: 4M - PC or tablet: Quality level: 7. Max bitrate: 1.5M to 3M - Smartphone: Quality level: 6. Max bitrate: 1M to 1.5M.", + "title": "QvbrQualityLevel", + "type": "number" + }, + "RateControlMode": { + "markdownDescription": "The rate control mode. QVBR: The quality will match the specified quality level except when it is constrained by the maximum bitrate. We recommend this if you or your viewers pay for bandwidth. VBR: The quality and bitrate vary, depending on the video complexity. We recommend this instead of QVBR if you want to maintain a specific average bitrate over the duration of the channel. CBR: The quality varies, depending on the video complexity. We recommend this only if you distribute your assets to devices that can't handle variable bitrates.", + "title": "RateControlMode", "type": "string" - } - }, - "required": [ - "Column", - "FieldId" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.DateMeasureField": { - "additionalProperties": false, - "properties": { - "AggregationFunction": { - "markdownDescription": "The aggregation function of the measure field.", - "title": "AggregationFunction", + }, + "ScanType": { + "markdownDescription": "Sets the scan type of the output to progressive or top-field-first interlaced.", + "title": "ScanType", "type": "string" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that is used in the `DateMeasureField` .", - "title": "Column" + "SceneChangeDetect": { + "markdownDescription": "The scene change detection. On: inserts I-frames when the scene change is detected. Off: does not force an I-frame when the scene change is detected.", + "title": "SceneChangeDetect", + "type": "string" }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "Slices": { + "markdownDescription": "The number of slices per picture. The number must be less than or equal to the number of macroblock rows for progressive pictures, and less than or equal to half the number of macroblock rows for interlaced pictures. This field is optional. If you don't specify a value, MediaLive chooses the number of slices based on the encode resolution.", + "title": "Slices", + "type": "number" + }, + "Softness": { + "markdownDescription": "Softness. Selects a quantizer matrix. Larger values reduce high-frequency content in the encoded image.", + "title": "Softness", + "type": "number" + }, + "SpatialAq": { + "markdownDescription": "If set to enabled, adjusts quantization within each frame based on the spatial variation of content complexity.", + "title": "SpatialAq", "type": "string" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" - } - }, - "required": [ - "Column", - "FieldId" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.DateTimeDefaultValues": { - "additionalProperties": false, - "properties": { - "DynamicValue": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DynamicDefaultValue", - "markdownDescription": "The dynamic value of the `DataTimeDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", - "title": "DynamicValue" + "SubgopLength": { + "markdownDescription": "If set to fixed, uses gopNumBFrames B-frames per sub-GOP. If set to dynamic, optimizes the number of B-frames used for each sub-GOP to improve visual quality.", + "title": "SubgopLength", + "type": "string" }, - "RollingDate": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RollingDateConfiguration", - "markdownDescription": "The rolling date of the `DataTimeDefaultValues` . The date is determined from the dataset based on input expression.", - "title": "RollingDate" + "Syntax": { + "markdownDescription": "Produces a bitstream that is compliant with SMPTE RP-2027.", + "title": "Syntax", + "type": "string" }, - "StaticValues": { - "items": { - "type": "string" - }, - "markdownDescription": "The static values of the `DataTimeDefaultValues` .", - "title": "StaticValues", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.DateTimeFormatConfiguration": { - "additionalProperties": false, - "properties": { - "DateTimeFormat": { - "markdownDescription": "Determines the `DateTime` format.", - "title": "DateTimeFormat", + "TemporalAq": { + "markdownDescription": "If set to enabled, adjusts quantization within each frame based on the temporal variation of content complexity.", + "title": "TemporalAq", "type": "string" }, - "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NullValueFormatConfiguration", - "markdownDescription": "The options that determine the null value format configuration.", - "title": "NullValueFormatConfiguration" + "TimecodeBurninSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.TimecodeBurninSettings", + "markdownDescription": "", + "title": "TimecodeBurninSettings" }, - "NumericFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericFormatConfiguration", - "markdownDescription": "The formatting configuration for numeric `DateTime` fields.", - "title": "NumericFormatConfiguration" + "TimecodeInsertion": { + "markdownDescription": "Determines how timecodes should be inserted into the video elementary stream. disabled: don't include timecodes. picTimingSei: pass through picture timing SEI messages from the source specified in Timecode Config.", + "title": "TimecodeInsertion", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.DateTimeHierarchy": { + "AWS::MediaLive::Channel.H265ColorSpaceSettings": { "additionalProperties": false, "properties": { - "DrillDownFilters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DrillDownFilter" - }, - "markdownDescription": "The option that determines the drill down filters for the `DateTime` hierarchy.", - "title": "DrillDownFilters", - "type": "array" + "ColorSpacePassthroughSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.ColorSpacePassthroughSettings", + "markdownDescription": "Passthrough applies no color space conversion to the output.", + "title": "ColorSpacePassthroughSettings" }, - "HierarchyId": { - "markdownDescription": "The hierarchy ID of the `DateTime` hierarchy.", - "title": "HierarchyId", - "type": "string" + "DolbyVision81Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.DolbyVision81Settings", + "markdownDescription": "", + "title": "DolbyVision81Settings" + }, + "Hdr10Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Hdr10Settings", + "markdownDescription": "Settings to configure the handling of HDR10 color space.", + "title": "Hdr10Settings" + }, + "Rec601Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Rec601Settings", + "markdownDescription": "Settings to configure the handling of Rec601 color space.", + "title": "Rec601Settings" + }, + "Rec709Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Rec709Settings", + "markdownDescription": "Settings to configure the handling of Rec709 color space.", + "title": "Rec709Settings" } }, - "required": [ - "HierarchyId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.DateTimeParameter": { + "AWS::MediaLive::Channel.H265FilterSettings": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "A display name for the date-time parameter.", - "title": "Name", - "type": "string" + "BandwidthReductionFilterSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.BandwidthReductionFilterSettings", + "markdownDescription": "", + "title": "BandwidthReductionFilterSettings" }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The values for the date-time parameter.", - "title": "Values", - "type": "array" + "TemporalFilterSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.TemporalFilterSettings", + "markdownDescription": "Settings for applying the temporal filter to the video.", + "title": "TemporalFilterSettings" } }, - "required": [ - "Name", - "Values" - ], "type": "object" }, - "AWS::QuickSight::Analysis.DateTimeParameterDeclaration": { + "AWS::MediaLive::Channel.H265Settings": { "additionalProperties": false, "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeDefaultValues", - "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", - "title": "DefaultValues" + "AdaptiveQuantization": { + "markdownDescription": "Adaptive quantization. Allows intra-frame quantizers to vary to improve visual quality.", + "title": "AdaptiveQuantization", + "type": "string" }, - "MappedDataSetParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MappedDataSetParameter" - }, - "markdownDescription": "", - "title": "MappedDataSetParameters", - "type": "array" + "AfdSignaling": { + "markdownDescription": "Indicates that AFD values will be written into the output stream. If afdSignaling is \"auto\", the system will try to preserve the input AFD value (in cases where multiple AFD values are valid). If set to \"fixed\", the AFD value will be the value configured in the fixedAfd parameter.", + "title": "AfdSignaling", + "type": "string" }, - "Name": { - "markdownDescription": "The name of the parameter that is being declared.", - "title": "Name", + "AlternativeTransferFunction": { + "markdownDescription": "Whether or not EML should insert an Alternative Transfer Function SEI message to support backwards compatibility with non-HDR decoders and displays.", + "title": "AlternativeTransferFunction", "type": "string" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", + "Bitrate": { + "markdownDescription": "Average bitrate in bits/second. Required when the rate control mode is VBR or CBR. Not used for QVBR. In an MS Smooth output group, each output must have a unique value when its bitrate is rounded down to the nearest multiple of 1000.", + "title": "Bitrate", + "type": "number" + }, + "BufSize": { + "markdownDescription": "Size of buffer (HRD buffer model) in bits.", + "title": "BufSize", + "type": "number" + }, + "ColorMetadata": { + "markdownDescription": "Includes colorspace metadata in the output.", + "title": "ColorMetadata", "type": "string" }, - "ValueWhenUnset": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeValueWhenUnsetConfiguration", - "markdownDescription": "The configuration that defines the default value of a `DateTime` parameter when a value has not been set.", - "title": "ValueWhenUnset" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.DateTimePickerControlDisplayOptions": { - "additionalProperties": false, - "properties": { - "DateTimeFormat": { - "markdownDescription": "Customize how dates are formatted in controls.", - "title": "DateTimeFormat", + "ColorSpaceSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.H265ColorSpaceSettings", + "markdownDescription": "Color Space settings", + "title": "ColorSpaceSettings" + }, + "Deblocking": { + "markdownDescription": "", + "title": "Deblocking", "type": "string" }, - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" + "FilterSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.H265FilterSettings", + "markdownDescription": "Optional filters that you can apply to an encode.", + "title": "FilterSettings" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.DateTimeValueWhenUnsetConfiguration": { - "additionalProperties": false, - "properties": { - "CustomValue": { - "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", - "title": "CustomValue", + "FixedAfd": { + "markdownDescription": "Four bit AFD value to write on all frames of video in the output stream. Only valid when afdSignaling is set to 'Fixed'.", + "title": "FixedAfd", "type": "string" }, - "ValueWhenUnsetOption": { - "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", - "title": "ValueWhenUnsetOption", + "FlickerAq": { + "markdownDescription": "If set to enabled, adjust quantization within each frame to reduce flicker or 'pop' on I-frames.", + "title": "FlickerAq", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.DecimalDefaultValues": { - "additionalProperties": false, - "properties": { - "DynamicValue": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DynamicDefaultValue", - "markdownDescription": "The dynamic value of the `DecimalDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", - "title": "DynamicValue" }, - "StaticValues": { - "items": { - "type": "number" - }, - "markdownDescription": "The static values of the `DecimalDefaultValues` .", - "title": "StaticValues", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.DecimalParameter": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "A display name for the decimal parameter.", - "title": "Name", + "FramerateDenominator": { + "markdownDescription": "Framerate denominator.", + "title": "FramerateDenominator", + "type": "number" + }, + "FramerateNumerator": { + "markdownDescription": "Framerate numerator - framerate is a fraction, e.g. 24000 / 1001 = 23.976 fps.", + "title": "FramerateNumerator", + "type": "number" + }, + "GopClosedCadence": { + "markdownDescription": "Frequency of closed GOPs. In streaming applications, it is recommended that this be set to 1 so a decoder joining mid-stream will receive an IDR frame as quickly as possible. Setting this value to 0 will break output segmenting.", + "title": "GopClosedCadence", + "type": "number" + }, + "GopSize": { + "markdownDescription": "GOP size (keyframe interval) in units of either frames or seconds per gopSizeUnits.\nIf gopSizeUnits is frames, gopSize must be an integer and must be greater than or equal to 1.\nIf gopSizeUnits is seconds, gopSize must be greater than 0, but need not be an integer.", + "title": "GopSize", + "type": "number" + }, + "GopSizeUnits": { + "markdownDescription": "Indicates if the gopSize is specified in frames or seconds. If seconds the system will convert the gopSize into a frame count at run time.", + "title": "GopSizeUnits", "type": "string" }, - "Values": { - "items": { - "type": "number" - }, - "markdownDescription": "The values for the decimal parameter.", - "title": "Values", - "type": "array" - } - }, - "required": [ - "Name", - "Values" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.DecimalParameterDeclaration": { - "additionalProperties": false, - "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalDefaultValues", - "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", - "title": "DefaultValues" + "Level": { + "markdownDescription": "H.265 Level.", + "title": "Level", + "type": "string" }, - "MappedDataSetParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MappedDataSetParameter" - }, + "LookAheadRateControl": { + "markdownDescription": "Amount of lookahead. A value of low can decrease latency and memory usage, while high can produce better quality for certain content.", + "title": "LookAheadRateControl", + "type": "string" + }, + "MaxBitrate": { + "markdownDescription": "For QVBR: See the tooltip for Quality level", + "title": "MaxBitrate", + "type": "number" + }, + "MinIInterval": { + "markdownDescription": "Only meaningful if sceneChangeDetect is set to enabled. Defaults to 5 if multiplex rate control is used. Enforces separation between repeated (cadence) I-frames and I-frames inserted by Scene Change Detection. If a scene change I-frame is within I-interval frames of a cadence I-frame, the GOP is shrunk and/or stretched to the scene change I-frame. GOP stretch requires enabling lookahead as well as setting I-interval. The normal cadence resumes for the next GOP. Note: Maximum GOP stretch = GOP size + Min-I-interval - 1", + "title": "MinIInterval", + "type": "number" + }, + "MinQp": { "markdownDescription": "", - "title": "MappedDataSetParameters", - "type": "array" + "title": "MinQp", + "type": "number" }, - "Name": { - "markdownDescription": "The name of the parameter that is being declared.", - "title": "Name", + "MvOverPictureBoundaries": { + "markdownDescription": "", + "title": "MvOverPictureBoundaries", "type": "string" }, - "ParameterValueType": { - "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", - "title": "ParameterValueType", + "MvTemporalPredictor": { + "markdownDescription": "", + "title": "MvTemporalPredictor", "type": "string" }, - "ValueWhenUnset": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalValueWhenUnsetConfiguration", - "markdownDescription": "The configuration that defines the default value of a `Decimal` parameter when a value has not been set.", - "title": "ValueWhenUnset" - } - }, - "required": [ - "Name", - "ParameterValueType" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.DecimalPlacesConfiguration": { - "additionalProperties": false, - "properties": { - "DecimalPlaces": { - "markdownDescription": "The values of the decimal places.", - "title": "DecimalPlaces", + "ParDenominator": { + "markdownDescription": "Pixel Aspect Ratio denominator.", + "title": "ParDenominator", "type": "number" - } - }, - "required": [ - "DecimalPlaces" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.DecimalValueWhenUnsetConfiguration": { - "additionalProperties": false, - "properties": { - "CustomValue": { - "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", - "title": "CustomValue", + }, + "ParNumerator": { + "markdownDescription": "Pixel Aspect Ratio numerator.", + "title": "ParNumerator", "type": "number" }, - "ValueWhenUnsetOption": { - "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", - "title": "ValueWhenUnsetOption", + "Profile": { + "markdownDescription": "H.265 Profile.", + "title": "Profile", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.DefaultDateTimePickerControlOptions": { - "additionalProperties": false, - "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimePickerControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" }, - "Type": { - "markdownDescription": "The date time picker type of the `DefaultDateTimePickerControlOptions` . Choose one of the following options:\n\n- `SINGLE_VALUED` : The filter condition is a fixed date.\n- `DATE_RANGE` : The filter condition is a date time range.", - "title": "Type", + "QvbrQualityLevel": { + "markdownDescription": "Controls the target quality for the video encode. Applies only when the rate control mode is QVBR. Set values for the QVBR quality level field and Max bitrate field that suit your most important viewing devices. Recommended values are:\n- Primary screen: Quality level: 8 to 10. Max bitrate: 4M\n- PC or tablet: Quality level: 7. Max bitrate: 1.5M to 3M\n- Smartphone: Quality level: 6. Max bitrate: 1M to 1.5M", + "title": "QvbrQualityLevel", + "type": "number" + }, + "RateControlMode": { + "markdownDescription": "Rate control mode. QVBR: Quality will match the specified quality level except when it is constrained by the\nmaximum bitrate. Recommended if you or your viewers pay for bandwidth. CBR: Quality varies, depending on the video complexity. Recommended only if you distribute\nyour assets to devices that cannot handle variable bitrates. Multiplex: This rate control mode is only supported (and is required) when the video is being\ndelivered to a MediaLive Multiplex in which case the rate control configuration is controlled\nby the properties within the Multiplex Program.", + "title": "RateControlMode", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.DefaultFilterControlConfiguration": { - "additionalProperties": false, - "properties": { - "ControlOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlOptions", - "markdownDescription": "The control option for the `DefaultFilterControlConfiguration` .", - "title": "ControlOptions" }, - "Title": { - "markdownDescription": "The title of the `DefaultFilterControlConfiguration` . This title is shared by all controls that are tied to this filter.", - "title": "Title", + "ScanType": { + "markdownDescription": "Sets the scan type of the output to progressive or top-field-first interlaced.", + "title": "ScanType", "type": "string" - } - }, - "required": [ - "ControlOptions", - "Title" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.DefaultFilterControlOptions": { - "additionalProperties": false, - "properties": { - "DefaultDateTimePickerOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultDateTimePickerControlOptions", - "markdownDescription": "The default options that correspond to the filter control type of a `DateTimePicker` .", - "title": "DefaultDateTimePickerOptions" }, - "DefaultDropdownOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterDropDownControlOptions", - "markdownDescription": "The default options that correspond to the `Dropdown` filter control type.", - "title": "DefaultDropdownOptions" + "SceneChangeDetect": { + "markdownDescription": "Scene change detection.", + "title": "SceneChangeDetect", + "type": "string" }, - "DefaultListOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterListControlOptions", - "markdownDescription": "The default options that correspond to the `List` filter control type.", - "title": "DefaultListOptions" + "Slices": { + "markdownDescription": "Number of slices per picture. Must be less than or equal to the number of macroblock rows for progressive pictures, and less than or equal to half the number of macroblock rows for interlaced pictures.\nThis field is optional; when no value is specified the encoder will choose the number of slices based on encode resolution.", + "title": "Slices", + "type": "number" }, - "DefaultRelativeDateTimeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultRelativeDateTimeControlOptions", - "markdownDescription": "The default options that correspond to the `RelativeDateTime` filter control type.", - "title": "DefaultRelativeDateTimeOptions" + "Tier": { + "markdownDescription": "H.265 Tier.", + "title": "Tier", + "type": "string" }, - "DefaultSliderOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultSliderControlOptions", - "markdownDescription": "The default options that correspond to the `Slider` filter control type.", - "title": "DefaultSliderOptions" + "TileHeight": { + "markdownDescription": "", + "title": "TileHeight", + "type": "number" }, - "DefaultTextAreaOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultTextAreaControlOptions", - "markdownDescription": "The default options that correspond to the `TextArea` filter control type.", - "title": "DefaultTextAreaOptions" + "TilePadding": { + "markdownDescription": "", + "title": "TilePadding", + "type": "string" }, - "DefaultTextFieldOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultTextFieldControlOptions", - "markdownDescription": "The default options that correspond to the `TextField` filter control type.", - "title": "DefaultTextFieldOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.DefaultFilterDropDownControlOptions": { - "additionalProperties": false, - "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DropDownControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "TileWidth": { + "markdownDescription": "", + "title": "TileWidth", + "type": "number" }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" + "TimecodeBurninSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.TimecodeBurninSettings", + "markdownDescription": "", + "title": "TimecodeBurninSettings" }, - "Type": { - "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", - "title": "Type", + "TimecodeInsertion": { + "markdownDescription": "Determines how timecodes should be inserted into the video elementary stream.\n- 'disabled': Do not include timecodes\n- 'picTimingSei': Pass through picture timing SEI messages from the source specified in Timecode Config", + "title": "TimecodeInsertion", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.DefaultFilterListControlOptions": { - "additionalProperties": false, - "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ListControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" }, - "Type": { - "markdownDescription": "The type of the `DefaultFilterListControlOptions` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list.", - "title": "Type", + "TreeblockSize": { + "markdownDescription": "", + "title": "TreeblockSize", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.DefaultFreeFormLayoutConfiguration": { - "additionalProperties": false, - "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutCanvasSizeOptions", - "markdownDescription": "Determines the screen canvas size options for a free-form layout.", - "title": "CanvasSizeOptions" - } - }, - "required": [ - "CanvasSizeOptions" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.DefaultGridLayoutConfiguration": { - "additionalProperties": false, - "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GridLayoutCanvasSizeOptions", - "markdownDescription": "Determines the screen canvas size options for a grid layout.", - "title": "CanvasSizeOptions" - } - }, - "required": [ - "CanvasSizeOptions" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.DefaultInteractiveLayoutConfiguration": { + "AWS::MediaLive::Channel.Hdr10Settings": { "additionalProperties": false, "properties": { - "FreeForm": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFreeFormLayoutConfiguration", - "markdownDescription": "The options that determine the default settings of a free-form layout configuration.", - "title": "FreeForm" + "MaxCll": { + "markdownDescription": "Maximum Content Light Level\nAn integer metadata value defining the maximum light level, in nits,\nof any single pixel within an encoded HDR video stream or file.", + "title": "MaxCll", + "type": "number" }, - "Grid": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultGridLayoutConfiguration", - "markdownDescription": "The options that determine the default settings for a grid layout configuration.", - "title": "Grid" + "MaxFall": { + "markdownDescription": "Maximum Frame Average Light Level\nAn integer metadata value defining the maximum average light level, in nits,\nfor any single frame within an encoded HDR video stream or file.", + "title": "MaxFall", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.DefaultNewSheetConfiguration": { + "AWS::MediaLive::Channel.HlsAkamaiSettings": { "additionalProperties": false, "properties": { - "InteractiveLayoutConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultInteractiveLayoutConfiguration", - "markdownDescription": "The options that determine the default settings for interactive layout configuration.", - "title": "InteractiveLayoutConfiguration" + "ConnectionRetryInterval": { + "markdownDescription": "The number of seconds to wait before retrying a connection to the CDN if the connection is lost.", + "title": "ConnectionRetryInterval", + "type": "number" }, - "PaginatedLayoutConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultPaginatedLayoutConfiguration", - "markdownDescription": "The options that determine the default settings for a paginated layout configuration.", - "title": "PaginatedLayoutConfiguration" + "FilecacheDuration": { + "markdownDescription": "The size, in seconds, of the file cache for streaming outputs.", + "title": "FilecacheDuration", + "type": "number" }, - "SheetContentType": { - "markdownDescription": "The option that determines the sheet content type.", - "title": "SheetContentType", + "HttpTransferMode": { + "markdownDescription": "Specifies whether to use chunked transfer encoding to Akamai. To enable this feature, contact Akamai.", + "title": "HttpTransferMode", + "type": "string" + }, + "NumRetries": { + "markdownDescription": "The number of retry attempts that will be made before the channel is put into an error state.", + "title": "NumRetries", + "type": "number" + }, + "RestartDelay": { + "markdownDescription": "If a streaming output fails, the number of seconds to wait until a restart is initiated. A value of 0 means never restart.", + "title": "RestartDelay", + "type": "number" + }, + "Salt": { + "markdownDescription": "The salt for authenticated Akamai.", + "title": "Salt", + "type": "string" + }, + "Token": { + "markdownDescription": "The token parameter for authenticated Akamai. If this is not specified, _gda_ is used.", + "title": "Token", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.DefaultPaginatedLayoutConfiguration": { - "additionalProperties": false, - "properties": { - "SectionBased": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultSectionBasedLayoutConfiguration", - "markdownDescription": "The options that determine the default settings for a section-based layout configuration.", - "title": "SectionBased" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.DefaultRelativeDateTimeControlOptions": { - "additionalProperties": false, - "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RelativeDateTimeControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.DefaultSectionBasedLayoutConfiguration": { - "additionalProperties": false, - "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionBasedLayoutCanvasSizeOptions", - "markdownDescription": "Determines the screen canvas size options for a section-based layout.", - "title": "CanvasSizeOptions" - } - }, - "required": [ - "CanvasSizeOptions" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.DefaultSliderControlOptions": { + "AWS::MediaLive::Channel.HlsBasicPutSettings": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SliderControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "MaximumValue": { - "markdownDescription": "The larger value that is displayed at the right of the slider.", - "title": "MaximumValue", + "ConnectionRetryInterval": { + "markdownDescription": "The number of seconds to wait before retrying a connection to the CDN if the connection is lost.", + "title": "ConnectionRetryInterval", "type": "number" }, - "MinimumValue": { - "markdownDescription": "The smaller value that is displayed at the left of the slider.", - "title": "MinimumValue", + "FilecacheDuration": { + "markdownDescription": "The size, in seconds, of the file cache for streaming outputs.", + "title": "FilecacheDuration", "type": "number" }, - "StepSize": { - "markdownDescription": "The number of increments that the slider bar is divided into.", - "title": "StepSize", + "NumRetries": { + "markdownDescription": "The number of retry attempts that MediaLive makes before the channel is put into an error state.", + "title": "NumRetries", "type": "number" }, - "Type": { - "markdownDescription": "The type of the `DefaultSliderControlOptions` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range.", - "title": "Type", - "type": "string" + "RestartDelay": { + "markdownDescription": "If a streaming output fails, the number of seconds to wait until a restart is initiated. A value of 0 means never restart.", + "title": "RestartDelay", + "type": "number" } }, - "required": [ - "MaximumValue", - "MinimumValue", - "StepSize" - ], "type": "object" }, - "AWS::QuickSight::Analysis.DefaultTextAreaControlOptions": { + "AWS::MediaLive::Channel.HlsCdnSettings": { "additionalProperties": false, "properties": { - "Delimiter": { - "markdownDescription": "The delimiter that is used to separate the lines in text.", - "title": "Delimiter", - "type": "string" + "HlsAkamaiSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.HlsAkamaiSettings", + "markdownDescription": "Sets up Akamai as the downstream system for the HLS output group.", + "title": "HlsAkamaiSettings" }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TextAreaControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "HlsBasicPutSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.HlsBasicPutSettings", + "markdownDescription": "The settings for Basic Put for the HLS output.", + "title": "HlsBasicPutSettings" + }, + "HlsMediaStoreSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.HlsMediaStoreSettings", + "markdownDescription": "Sets up MediaStore as the destination for the HLS output.", + "title": "HlsMediaStoreSettings" + }, + "HlsS3Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.HlsS3Settings", + "markdownDescription": "Sets up Amazon S3 as the destination for this HLS output.", + "title": "HlsS3Settings" + }, + "HlsWebdavSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.HlsWebdavSettings", + "markdownDescription": "The settings for Web VTT captions in the HLS output group.\n\nThe parent of this entity is HlsGroupSettings.", + "title": "HlsWebdavSettings" } }, "type": "object" }, - "AWS::QuickSight::Analysis.DefaultTextFieldControlOptions": { + "AWS::MediaLive::Channel.HlsGroupSettings": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TextFieldControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.DestinationParameterValueConfiguration": { - "additionalProperties": false, - "properties": { - "CustomValuesConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomValuesConfiguration", - "markdownDescription": "The configuration of custom values for destination parameter in `DestinationParameterValueConfiguration` .", - "title": "CustomValuesConfiguration" + "AdMarkers": { + "items": { + "type": "string" + }, + "markdownDescription": "Chooses one or more ad marker types to pass SCTE35 signals through to this group of Apple HLS outputs.", + "title": "AdMarkers", + "type": "array" }, - "SelectAllValueOptions": { - "markdownDescription": "The configuration that selects all options.", - "title": "SelectAllValueOptions", + "BaseUrlContent": { + "markdownDescription": "A partial URI prefix that will be prepended to each output in the media .m3u8 file. The partial URI prefix can be used if the base manifest is delivered from a different URL than the main .m3u8 file.", + "title": "BaseUrlContent", "type": "string" }, - "SourceColumn": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "A column of a data set.", - "title": "SourceColumn" + "BaseUrlContent1": { + "markdownDescription": "Optional. One value per output group. This field is required only if you are completing Base URL content A, and the downstream system has notified you that the media files for pipeline 1 of all outputs are in a location different from the media files for pipeline 0.", + "title": "BaseUrlContent1", + "type": "string" }, - "SourceField": { - "markdownDescription": "The source field ID of the destination parameter.", - "title": "SourceField", + "BaseUrlManifest": { + "markdownDescription": "A partial URI prefix that will be prepended to each output in the media .m3u8 file. The partial URI prefix can be used if the base manifest is delivered from a different URL than the main .m3u8 file.", + "title": "BaseUrlManifest", "type": "string" }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the destination parameter.", - "title": "SourceParameterName", + "BaseUrlManifest1": { + "markdownDescription": "Optional. One value per output group. Complete this field only if you are completing Base URL manifest A, and the downstream system has notified you that the child manifest files for pipeline 1 of all outputs are in a location different from the child manifest files for pipeline 0.", + "title": "BaseUrlManifest1", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.DimensionField": { - "additionalProperties": false, - "properties": { - "CategoricalDimensionField": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CategoricalDimensionField", - "markdownDescription": "The dimension type field with categorical type columns.", - "title": "CategoricalDimensionField" }, - "DateDimensionField": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateDimensionField", - "markdownDescription": "The dimension type field with date type columns.", - "title": "DateDimensionField" + "CaptionLanguageMappings": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionLanguageMapping" + }, + "markdownDescription": "A mapping of up to 4 captions channels to captions languages. This is meaningful only if captionLanguageSetting is set to \"insert.\"", + "title": "CaptionLanguageMappings", + "type": "array" }, - "NumericalDimensionField": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericalDimensionField", - "markdownDescription": "The dimension type field with numerical type columns.", - "title": "NumericalDimensionField" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.DonutCenterOptions": { - "additionalProperties": false, - "properties": { - "LabelVisibility": { - "markdownDescription": "Determines the visibility of the label in a donut chart. In the Amazon QuickSight console, this option is called `'Show total'` .", - "title": "LabelVisibility", + "CaptionLanguageSetting": { + "markdownDescription": "Applies only to 608 embedded output captions. Insert: Include CLOSED-CAPTIONS lines in the manifest. Specify at least one language in the CC1 Language Code field. One CLOSED-CAPTION line is added for each Language Code that you specify. Make sure to specify the languages in the order in which they appear in the original source (if the source is embedded format) or the order of the captions selectors (if the source is other than embedded). Otherwise, languages in the manifest will not match properly with the output captions. None: Include the CLOSED-CAPTIONS=NONE line in the manifest. Omit: Omit any CLOSED-CAPTIONS line from the manifest.", + "title": "CaptionLanguageSetting", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.DonutOptions": { - "additionalProperties": false, - "properties": { - "ArcOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ArcOptions", - "markdownDescription": "The option for define the arc of the chart shape. Valid values are as follows:\n\n- `WHOLE` - A pie chart\n- `SMALL` - A small-sized donut chart\n- `MEDIUM` - A medium-sized donut chart\n- `LARGE` - A large-sized donut chart", - "title": "ArcOptions" }, - "DonutCenterOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DonutCenterOptions", - "markdownDescription": "The label options of the label that is displayed in the center of a donut chart. This option isn't available for pie charts.", - "title": "DonutCenterOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.DrillDownFilter": { - "additionalProperties": false, - "properties": { - "CategoryFilter": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CategoryDrillDownFilter", - "markdownDescription": "The category type drill down filter. This filter is used for string type columns.", - "title": "CategoryFilter" + "ClientCache": { + "markdownDescription": "When set to \"disabled,\" sets the #EXT-X-ALLOW-CACHE:no tag in the manifest, which prevents clients from saving media segments for later replay.", + "title": "ClientCache", + "type": "string" }, - "NumericEqualityFilter": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericEqualityDrillDownFilter", - "markdownDescription": "The numeric equality type drill down filter. This filter is used for number type columns.", - "title": "NumericEqualityFilter" + "CodecSpecification": { + "markdownDescription": "The specification to use (RFC-6381 or the default RFC-4281) during m3u8 playlist generation.", + "title": "CodecSpecification", + "type": "string" }, - "TimeRangeFilter": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TimeRangeDrillDownFilter", - "markdownDescription": "The time range drill down filter. This filter is used for date time columns.", - "title": "TimeRangeFilter" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.DropDownControlDisplayOptions": { - "additionalProperties": false, - "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" + "ConstantIv": { + "markdownDescription": "Used with encryptionType. This is a 128-bit, 16-byte hex value that is represented by a 32-character text string. If ivSource is set to \"explicit,\" this parameter is required and is used as the IV for encryption.", + "title": "ConstantIv", + "type": "string" }, - "SelectAllOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ListControlSelectAllOptions", - "markdownDescription": "The configuration of the `Select all` options in a dropdown control.", - "title": "SelectAllOptions" + "Destination": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", + "markdownDescription": "A directory or HTTP destination for the HLS segments, manifest files, and encryption keys (if enabled).", + "title": "Destination" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.DynamicDefaultValue": { - "additionalProperties": false, - "properties": { - "DefaultValueColumn": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that contains the default value of each user or group.", - "title": "DefaultValueColumn" + "DirectoryStructure": { + "markdownDescription": "Places segments in subdirectories.", + "title": "DirectoryStructure", + "type": "string" }, - "GroupNameColumn": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that contains the group name.", - "title": "GroupNameColumn" + "DiscontinuityTags": { + "markdownDescription": "Specifies whether to insert EXT-X-DISCONTINUITY tags in the HLS child manifests for this output group.\nTypically, choose Insert because these tags are required in the manifest (according to the HLS specification) and serve an important purpose.\nChoose Never Insert only if the downstream system is doing real-time failover (without using the MediaLive automatic failover feature) and only if that downstream system has advised you to exclude the tags.", + "title": "DiscontinuityTags", + "type": "string" }, - "UserNameColumn": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that contains the username.", - "title": "UserNameColumn" - } - }, - "required": [ - "DefaultValueColumn" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.EmptyVisual": { - "additionalProperties": false, - "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "EncryptionType": { + "markdownDescription": "Encrypts the segments with the specified encryption scheme. Exclude this parameter if you don't want encryption.", + "title": "EncryptionType", + "type": "string" }, - "DataSetIdentifier": { - "markdownDescription": "The data set that is used in the empty visual. Every visual requires a dataset to render.", - "title": "DataSetIdentifier", + "HlsCdnSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.HlsCdnSettings", + "markdownDescription": "The parameters that control interactions with the CDN.", + "title": "HlsCdnSettings" + }, + "HlsId3SegmentTagging": { + "markdownDescription": "State of HLS ID3 Segment Tagging", + "title": "HlsId3SegmentTagging", "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "IFrameOnlyPlaylists": { + "markdownDescription": "DISABLED: Don't create an I-frame-only manifest, but do create the master and media manifests (according to the Output Selection field). STANDARD: Create an I-frame-only manifest for each output that contains video, as well as the other manifests (according to the Output Selection field). The I-frame manifest contains a #EXT-X-I-FRAMES-ONLY tag to indicate it is I-frame only, and one or more #EXT-X-BYTERANGE entries identifying the I-frame position. For example, #EXT-X-BYTERANGE:160364@1461888\".", + "title": "IFrameOnlyPlaylists", "type": "string" - } - }, - "required": [ - "DataSetIdentifier", - "VisualId" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.Entity": { - "additionalProperties": false, - "properties": { - "Path": { - "markdownDescription": "The hierarchical path of the entity within the analysis, template, or dashboard definition tree.", - "title": "Path", + }, + "IncompleteSegmentBehavior": { + "markdownDescription": "Specifies whether to include the final (incomplete) segment in the media output when the pipeline stops producing output because of a channel stop, a channel pause or a loss of input to the pipeline.\nAuto means that MediaLive decides whether to include the final segment, depending on the channel class and the types of output groups.\nSuppress means to never include the incomplete segment. We recommend you choose Auto and let MediaLive control the behavior.", + "title": "IncompleteSegmentBehavior", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.ExcludePeriodConfiguration": { - "additionalProperties": false, - "properties": { - "Amount": { - "markdownDescription": "The amount or number of the exclude period.", - "title": "Amount", + }, + "IndexNSegments": { + "markdownDescription": "Applies only if the Mode field is LIVE. Specifies the maximum number of segments in the media manifest file. After this maximum, older segments are removed from the media manifest. This number must be less than or equal to the Keep Segments field.", + "title": "IndexNSegments", "type": "number" }, - "Granularity": { - "markdownDescription": "The granularity or unit (day, month, year) of the exclude period.", - "title": "Granularity", + "InputLossAction": { + "markdownDescription": "A parameter that controls output group behavior on an input loss.", + "title": "InputLossAction", "type": "string" }, - "Status": { - "markdownDescription": "The status of the exclude period. Choose from the following options:\n\n- `ENABLED`\n- `DISABLED`", - "title": "Status", + "IvInManifest": { + "markdownDescription": "Used with encryptionType. The IV (initialization vector) is a 128-bit number used in conjunction with the key for encrypting blocks. If set to \"include,\" the IV is listed in the manifest. Otherwise, the IV is not in the manifest.", + "title": "IvInManifest", "type": "string" - } - }, - "required": [ - "Amount", - "Granularity" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.ExplicitHierarchy": { - "additionalProperties": false, - "properties": { - "Columns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier" - }, - "markdownDescription": "The list of columns that define the explicit hierarchy.", - "title": "Columns", - "type": "array" }, - "DrillDownFilters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DrillDownFilter" - }, - "markdownDescription": "The option that determines the drill down filters for the explicit hierarchy.", - "title": "DrillDownFilters", - "type": "array" + "IvSource": { + "markdownDescription": "Used with encryptionType. The IV (initialization vector) is a 128-bit number used in conjunction with the key for encrypting blocks. If this setting is \"followsSegmentNumber,\" it causes the IV to change every segment (to match the segment number). If this is set to \"explicit,\" you must enter a constantIv value.", + "title": "IvSource", + "type": "string" }, - "HierarchyId": { - "markdownDescription": "The hierarchy ID of the explicit hierarchy.", - "title": "HierarchyId", + "KeepSegments": { + "markdownDescription": "Applies only if the Mode field is LIVE. Specifies the number of media segments (.ts files) to retain in the destination directory.", + "title": "KeepSegments", + "type": "number" + }, + "KeyFormat": { + "markdownDescription": "Specifies how the key is represented in the resource identified by the URI. If the parameter is absent, an implicit value of \"identity\" is used. A reverse DNS string can also be specified.", + "title": "KeyFormat", + "type": "string" + }, + "KeyFormatVersions": { + "markdownDescription": "Either a single positive integer version value or a slash-delimited list of version values (1/2/3).", + "title": "KeyFormatVersions", + "type": "string" + }, + "KeyProviderSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.KeyProviderSettings", + "markdownDescription": "The key provider settings.", + "title": "KeyProviderSettings" + }, + "ManifestCompression": { + "markdownDescription": "When set to gzip, compresses HLS playlist.", + "title": "ManifestCompression", + "type": "string" + }, + "ManifestDurationFormat": { + "markdownDescription": "Indicates whether the output manifest should use a floating point or integer values for segment duration.", + "title": "ManifestDurationFormat", + "type": "string" + }, + "MinSegmentLength": { + "markdownDescription": "When set, minimumSegmentLength is enforced by looking ahead and back within the specified range for a nearby avail and extending the segment size if needed.", + "title": "MinSegmentLength", + "type": "number" + }, + "Mode": { + "markdownDescription": "If \"vod,\" all segments are indexed and kept permanently in the destination and manifest. If \"live,\" only the number segments specified in keepSegments and indexNSegments are kept. Newer segments replace older segments, which might prevent players from rewinding all the way to the beginning of the channel. VOD mode uses HLS EXT-X-PLAYLIST-TYPE of EVENT while the channel is running, converting it to a \"VOD\" type manifest on completion of the stream.", + "title": "Mode", + "type": "string" + }, + "OutputSelection": { + "markdownDescription": "MANIFESTSANDSEGMENTS: Generates manifests (the master manifest, if applicable, and media manifests) for this output group. SEGMENTSONLY: Doesn't generate any manifests for this output group.", + "title": "OutputSelection", + "type": "string" + }, + "ProgramDateTime": { + "markdownDescription": "Includes or excludes the EXT-X-PROGRAM-DATE-TIME tag in .m3u8 manifest files. The value is calculated as follows: Either the program date and time are initialized using the input timecode source, or the time is initialized using the input timecode source and the date is initialized using the timestampOffset.", + "title": "ProgramDateTime", + "type": "string" + }, + "ProgramDateTimeClock": { + "markdownDescription": "Specifies the algorithm used to drive the HLS EXT-X-PROGRAM-DATE-TIME clock. Options include: INITIALIZE_FROM_OUTPUT_TIMECODE: The PDT clock is initialized as a function of the first output timecode, then incremented by the EXTINF duration of each encoded segment. SYSTEM_CLOCK: The PDT clock is initialized as a function of the UTC wall clock, then incremented by the EXTINF duration of each encoded segment. If the PDT clock diverges from the wall clock by more than 500ms, it is resynchronized to the wall clock.", + "title": "ProgramDateTimeClock", + "type": "string" + }, + "ProgramDateTimePeriod": { + "markdownDescription": "The period of insertion of the EXT-X-PROGRAM-DATE-TIME entry, in seconds.", + "title": "ProgramDateTimePeriod", + "type": "number" + }, + "RedundantManifest": { + "markdownDescription": "ENABLED: The master manifest (.m3u8 file) for each pipeline includes information about both pipelines: first its own media files, then the media files of the other pipeline. This feature allows a playout device that supports stale manifest detection to switch from one manifest to the other, when the current manifest seems to be stale. There are still two destinations and two master manifests, but both master manifests reference the media files from both pipelines. DISABLED: The master manifest (.m3u8 file) for each pipeline includes information about its own pipeline only. For an HLS output group with MediaPackage as the destination, the DISABLED behavior is always followed. MediaPackage regenerates the manifests it serves to players, so a redundant manifest from MediaLive is irrelevant.", + "title": "RedundantManifest", + "type": "string" + }, + "SegmentLength": { + "markdownDescription": "The length of the MPEG-2 Transport Stream segments to create, in seconds. Note that segments will end on the next keyframe after this number of seconds, so the actual segment length might be longer.", + "title": "SegmentLength", + "type": "number" + }, + "SegmentationMode": { + "markdownDescription": "useInputSegmentation has been deprecated. The configured segment size is always used.", + "title": "SegmentationMode", + "type": "string" + }, + "SegmentsPerSubdirectory": { + "markdownDescription": "The number of segments to write to a subdirectory before starting a new one. For this setting to have an effect, directoryStructure must be subdirectoryPerStream.", + "title": "SegmentsPerSubdirectory", + "type": "number" + }, + "StreamInfResolution": { + "markdownDescription": "The include or exclude RESOLUTION attribute for a video in the EXT-X-STREAM-INF tag of a variant manifest.", + "title": "StreamInfResolution", + "type": "string" + }, + "TimedMetadataId3Frame": { + "markdownDescription": "Indicates the ID3 frame that has the timecode.", + "title": "TimedMetadataId3Frame", + "type": "string" + }, + "TimedMetadataId3Period": { + "markdownDescription": "The timed metadata interval, in seconds.", + "title": "TimedMetadataId3Period", + "type": "number" + }, + "TimestampDeltaMilliseconds": { + "markdownDescription": "Provides an extra millisecond delta offset to fine tune the timestamps.", + "title": "TimestampDeltaMilliseconds", + "type": "number" + }, + "TsFileMode": { + "markdownDescription": "SEGMENTEDFILES: Emits the program as segments -multiple .ts media files. SINGLEFILE: Applies only if the Mode field is VOD. Emits the program as a single .ts media file. The media manifest includes #EXT-X-BYTERANGE tags to index segments for playback. A typical use for this value is when sending the output to AWS Elemental MediaConvert, which can accept only a single media file. Playback while the channel is running is not guaranteed due to HTTP server caching.", + "title": "TsFileMode", "type": "string" } }, - "required": [ - "Columns", - "HierarchyId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.FieldBasedTooltip": { + "AWS::MediaLive::Channel.HlsInputSettings": { "additionalProperties": false, "properties": { - "AggregationVisibility": { - "markdownDescription": "The visibility of `Show aggregations` .", - "title": "AggregationVisibility", - "type": "string" + "Bandwidth": { + "markdownDescription": "When specified, the HLS stream with the m3u8 bandwidth that most closely matches this value is chosen. Otherwise, the highest bandwidth stream in the m3u8 is chosen. The bitrate is specified in bits per second, as in an HLS manifest.", + "title": "Bandwidth", + "type": "number" }, - "TooltipFields": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipItem" - }, - "markdownDescription": "The fields configuration in the tooltip.", - "title": "TooltipFields", - "type": "array" + "BufferSegments": { + "markdownDescription": "When specified, reading of the HLS input begins this many buffer segments from the end (most recently written segment). When not specified, the HLS input begins with the first segment specified in the m3u8.", + "title": "BufferSegments", + "type": "number" }, - "TooltipTitleType": { - "markdownDescription": "The type for the >tooltip title. Choose one of the following options:\n\n- `NONE` : Doesn't use the primary value as the title.\n- `PRIMARY_VALUE` : Uses primary value as the title.", - "title": "TooltipTitleType", + "Retries": { + "markdownDescription": "The number of consecutive times that attempts to read a manifest or segment must fail before the input is considered unavailable.", + "title": "Retries", + "type": "number" + }, + "RetryInterval": { + "markdownDescription": "The number of seconds between retries when an attempt to read a manifest or segment fails.", + "title": "RetryInterval", + "type": "number" + }, + "Scte35Source": { + "markdownDescription": "Identifies the source for the SCTE-35 messages that MediaLive will ingest. Messages can be ingested from the content segments (in the stream) or from tags in the playlist (the HLS manifest). MediaLive ignores SCTE-35 information in the source that is not selected.", + "title": "Scte35Source", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.FieldLabelType": { + "AWS::MediaLive::Channel.HlsMediaStoreSettings": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "Indicates the field that is targeted by the field label.", - "title": "FieldId", - "type": "string" + "ConnectionRetryInterval": { + "markdownDescription": "The number of seconds to wait before retrying a connection to the CDN if the connection is lost.", + "title": "ConnectionRetryInterval", + "type": "number" }, - "Visibility": { - "markdownDescription": "The visibility of the field label.", - "title": "Visibility", + "FilecacheDuration": { + "markdownDescription": "The size, in seconds, of the file cache for streaming outputs.", + "title": "FilecacheDuration", + "type": "number" + }, + "MediaStoreStorageClass": { + "markdownDescription": "When set to temporal, output files are stored in non-persistent memory for faster reading and writing.", + "title": "MediaStoreStorageClass", "type": "string" + }, + "NumRetries": { + "markdownDescription": "The number of retry attempts that are made before the channel is put into an error state.", + "title": "NumRetries", + "type": "number" + }, + "RestartDelay": { + "markdownDescription": "If a streaming output fails, the number of seconds to wait until a restart is initiated. A value of 0 means never restart.", + "title": "RestartDelay", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.FieldSeriesItem": { + "AWS::MediaLive::Channel.HlsOutputSettings": { "additionalProperties": false, "properties": { - "AxisBinding": { - "markdownDescription": "The axis that you are binding the field to.", - "title": "AxisBinding", + "H265PackagingType": { + "markdownDescription": "Only applicable when this output is referencing an H.265 video description.\nSpecifies whether MP4 segments should be packaged as HEV1 or HVC1.", + "title": "H265PackagingType", "type": "string" }, - "FieldId": { - "markdownDescription": "The field ID of the field for which you are setting the axis binding.", - "title": "FieldId", + "HlsSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.HlsSettings", + "markdownDescription": "The settings regarding the underlying stream. These settings are different for audio-only outputs.", + "title": "HlsSettings" + }, + "NameModifier": { + "markdownDescription": "A string that is concatenated to the end of the destination file name. Accepts \\\"Format Identifiers\\\":#formatIdentifierParameters.", + "title": "NameModifier", "type": "string" }, - "Settings": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartSeriesSettings", - "markdownDescription": "The options that determine the presentation of line series associated to the field.", - "title": "Settings" + "SegmentModifier": { + "markdownDescription": "A string that is concatenated to the end of segment file names.", + "title": "SegmentModifier", + "type": "string" } }, - "required": [ - "AxisBinding", - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.FieldSort": { + "AWS::MediaLive::Channel.HlsS3Settings": { "additionalProperties": false, "properties": { - "Direction": { - "markdownDescription": "The sort direction. Choose one of the following options:\n\n- `ASC` : Ascending\n- `DESC` : Descending", - "title": "Direction", - "type": "string" - }, - "FieldId": { - "markdownDescription": "The sort configuration target field.", - "title": "FieldId", + "CannedAcl": { + "markdownDescription": "Specify the canned ACL to apply to each S3 request. Defaults to none.", + "title": "CannedAcl", "type": "string" } }, - "required": [ - "Direction", - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.FieldSortOptions": { + "AWS::MediaLive::Channel.HlsSettings": { "additionalProperties": false, "properties": { - "ColumnSort": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnSort", - "markdownDescription": "The sort configuration for a column that is not used in a field well.", - "title": "ColumnSort" + "AudioOnlyHlsSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioOnlyHlsSettings", + "markdownDescription": "The settings for an audio-only output.", + "title": "AudioOnlyHlsSettings" }, - "FieldSort": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSort", - "markdownDescription": "The sort configuration for a field in a field well.", - "title": "FieldSort" + "Fmp4HlsSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Fmp4HlsSettings", + "markdownDescription": "The settings for an fMP4 container.", + "title": "Fmp4HlsSettings" + }, + "FrameCaptureHlsSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.FrameCaptureHlsSettings", + "markdownDescription": "Settings for a frame capture output in an HLS output group.", + "title": "FrameCaptureHlsSettings" + }, + "StandardHlsSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.StandardHlsSettings", + "markdownDescription": "The settings for a standard output (an output that is not audio-only).", + "title": "StandardHlsSettings" } }, "type": "object" }, - "AWS::QuickSight::Analysis.FieldTooltipItem": { + "AWS::MediaLive::Channel.HlsWebdavSettings": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The unique ID of the field that is targeted by the tooltip.", - "title": "FieldId", - "type": "string" + "ConnectionRetryInterval": { + "markdownDescription": "The number of seconds to wait before retrying a connection to the CDN if the connection is lost.", + "title": "ConnectionRetryInterval", + "type": "number" }, - "Label": { - "markdownDescription": "The label of the tooltip item.", - "title": "Label", - "type": "string" + "FilecacheDuration": { + "markdownDescription": "The size, in seconds, of the file cache for streaming outputs.", + "title": "FilecacheDuration", + "type": "number" }, - "Visibility": { - "markdownDescription": "The visibility of the tooltip item.", - "title": "Visibility", + "HttpTransferMode": { + "markdownDescription": "Specifies whether to use chunked transfer encoding to WebDAV.", + "title": "HttpTransferMode", "type": "string" + }, + "NumRetries": { + "markdownDescription": "The number of retry attempts that are made before the channel is put into an error state.", + "title": "NumRetries", + "type": "number" + }, + "RestartDelay": { + "markdownDescription": "If a streaming output fails, the number of seconds to wait until a restart is initiated. A value of 0 means never restart.", + "title": "RestartDelay", + "type": "number" } }, - "required": [ - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.FilledMapAggregatedFieldWells": { + "AWS::MediaLive::Channel.HtmlMotionGraphicsSettings": { "additionalProperties": false, - "properties": { - "Geospatial": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The aggregated location field well of the filled map. Values are grouped by location fields.", - "title": "Geospatial", - "type": "array" - }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The aggregated color field well of a filled map. Values are aggregated based on location fields.", - "title": "Values", - "type": "array" - } - }, + "properties": {}, "type": "object" }, - "AWS::QuickSight::Analysis.FilledMapConditionalFormatting": { + "AWS::MediaLive::Channel.InputAttachment": { "additionalProperties": false, "properties": { - "ConditionalFormattingOptions": { + "AutomaticInputFailoverSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AutomaticInputFailoverSettings", + "markdownDescription": "Settings to implement automatic input failover in this input.", + "title": "AutomaticInputFailoverSettings" + }, + "InputAttachmentName": { + "markdownDescription": "A name for the attachment. This is required if you want to use this input in an input switch action.", + "title": "InputAttachmentName", + "type": "string" + }, + "InputId": { + "markdownDescription": "The ID of the input to attach.", + "title": "InputId", + "type": "string" + }, + "InputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InputSettings", + "markdownDescription": "Information about the content to extract from the input and about the general handling of the content.", + "title": "InputSettings" + }, + "LogicalInterfaceNames": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapConditionalFormattingOption" + "type": "string" }, - "markdownDescription": "Conditional formatting options of a `FilledMapVisual` .", - "title": "ConditionalFormattingOptions", + "markdownDescription": "", + "title": "LogicalInterfaceNames", "type": "array" } }, - "required": [ - "ConditionalFormattingOptions" - ], "type": "object" }, - "AWS::QuickSight::Analysis.FilledMapConditionalFormattingOption": { + "AWS::MediaLive::Channel.InputChannelLevel": { "additionalProperties": false, "properties": { - "Shape": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapShapeConditionalFormatting", - "markdownDescription": "The conditional formatting that determines the shape of the filled map.", - "title": "Shape" + "Gain": { + "markdownDescription": "The remixing value. Units are in dB, and acceptable values are within the range from -60 (mute) to 6 dB.", + "title": "Gain", + "type": "number" + }, + "InputChannel": { + "markdownDescription": "The index of the input channel that is used as a source.", + "title": "InputChannel", + "type": "number" } }, - "required": [ - "Shape" - ], "type": "object" }, - "AWS::QuickSight::Analysis.FilledMapConfiguration": { + "AWS::MediaLive::Channel.InputLocation": { "additionalProperties": false, "properties": { - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" - }, - "MapStyleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapStyleOptions", - "markdownDescription": "The map style options of the filled map visual.", - "title": "MapStyleOptions" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapSortConfiguration", - "markdownDescription": "The sort configuration of a `FilledMapVisual` .", - "title": "SortConfiguration" + "PasswordParam": { + "markdownDescription": "The password parameter that holds the password for accessing the downstream system. This applies only if the downstream system requires credentials.", + "title": "PasswordParam", + "type": "string" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" + "Uri": { + "markdownDescription": "The URI should be a path to a file that is accessible to the Live system (for example, an http:// URI) depending on the output type. For example, an RTMP destination should have a URI similar to rtmp://fmsserver/live.", + "title": "Uri", + "type": "string" }, - "WindowOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialWindowOptions", - "markdownDescription": "The window options of the filled map visual.", - "title": "WindowOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.FilledMapFieldWells": { - "additionalProperties": false, - "properties": { - "FilledMapAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapAggregatedFieldWells", - "markdownDescription": "The aggregated field well of the filled map.", - "title": "FilledMapAggregatedFieldWells" + "Username": { + "markdownDescription": "The user name to connect to the downstream system. This applies only if the downstream system requires credentials.", + "title": "Username", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.FilledMapShapeConditionalFormatting": { + "AWS::MediaLive::Channel.InputLossBehavior": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID of the filled map shape.", - "title": "FieldId", + "BlackFrameMsec": { + "markdownDescription": "On input loss, the number of milliseconds to substitute black into the output before switching to the frame specified by inputLossImageType. A value x, where 0 <= x <= 1,000,000 and a value of 1,000,000, is interpreted as infinite.", + "title": "BlackFrameMsec", + "type": "number" + }, + "InputLossImageColor": { + "markdownDescription": "When the input loss image type is \"color,\" this field specifies the color to use. Value: 6 hex characters that represent the values of RGB.", + "title": "InputLossImageColor", "type": "string" }, - "Format": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ShapeConditionalFormat", - "markdownDescription": "The conditional formatting that determines the background color of a filled map's shape.", - "title": "Format" + "InputLossImageSlate": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", + "markdownDescription": "When the input loss image type is \"slate,\" these fields specify the parameters for accessing the slate.", + "title": "InputLossImageSlate" + }, + "InputLossImageType": { + "markdownDescription": "Indicates whether to substitute a solid color or a slate into the output after the input loss exceeds blackFrameMsec.", + "title": "InputLossImageType", + "type": "string" + }, + "RepeatFrameMsec": { + "markdownDescription": "On input loss, the number of milliseconds to repeat the previous picture before substituting black into the output. A value x, where 0 <= x <= 1,000,000 and a value of 1,000,000, is interpreted as infinite.", + "title": "RepeatFrameMsec", + "type": "number" } }, - "required": [ - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.FilledMapSortConfiguration": { + "AWS::MediaLive::Channel.InputLossFailoverSettings": { "additionalProperties": false, "properties": { - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the location fields.", - "title": "CategorySort", - "type": "array" + "InputLossThresholdMsec": { + "markdownDescription": "The amount of time (in milliseconds) that no input is detected. After that time, an input failover will occur.", + "title": "InputLossThresholdMsec", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.FilledMapVisual": { + "AWS::MediaLive::Channel.InputSettings": { "additionalProperties": false, "properties": { - "Actions": { + "AudioSelectors": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioSelector" }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", + "markdownDescription": "Information about the specific audio to extract from the input.\n\nThe parent of this entity is InputSettings.", + "title": "AudioSelectors", "type": "array" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" - }, - "ColumnHierarchies": { + "CaptionSelectors": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" + "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionSelector" }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", + "markdownDescription": "Information about the specific captions to extract from the input.", + "title": "CaptionSelectors", "type": "array" }, - "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapConditionalFormatting", - "markdownDescription": "The conditional formatting of a `FilledMapVisual` .", - "title": "ConditionalFormatting" + "DeblockFilter": { + "markdownDescription": "Enables or disables the deblock filter when filtering.", + "title": "DeblockFilter", + "type": "string" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "DenoiseFilter": { + "markdownDescription": "Enables or disables the denoise filter when filtering.", + "title": "DenoiseFilter", + "type": "string" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "FilterStrength": { + "markdownDescription": "Adjusts the magnitude of filtering from 1 (minimal) to 5 (strongest).", + "title": "FilterStrength", + "type": "number" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "InputFilter": { + "markdownDescription": "Turns on the filter for this input. MPEG-2 inputs have the deblocking filter enabled by default. 1) auto - filtering is applied depending on input type/quality 2) disabled - no filtering is applied to the input 3) forced - filtering is applied regardless of the input type.", + "title": "InputFilter", "type": "string" - } - }, - "required": [ - "VisualId" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.Filter": { - "additionalProperties": false, - "properties": { - "CategoryFilter": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CategoryFilter", - "markdownDescription": "A `CategoryFilter` filters text values.\n\nFor more information, see [Adding text filters](https://docs.aws.amazon.com/quicksight/latest/user/add-a-text-filter-data-prep.html) in the *Amazon QuickSight User Guide* .", - "title": "CategoryFilter" - }, - "NumericEqualityFilter": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericEqualityFilter", - "markdownDescription": "A `NumericEqualityFilter` filters numeric values that equal or do not equal a given numeric value.", - "title": "NumericEqualityFilter" }, - "NumericRangeFilter": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericRangeFilter", - "markdownDescription": "A `NumericRangeFilter` filters numeric values that are either inside or outside a given numeric range.", - "title": "NumericRangeFilter" + "NetworkInputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.NetworkInputSettings", + "markdownDescription": "Information about how to connect to the upstream system.", + "title": "NetworkInputSettings" }, - "RelativeDatesFilter": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RelativeDatesFilter", - "markdownDescription": "A `RelativeDatesFilter` filters date values that are relative to a given date.", - "title": "RelativeDatesFilter" + "Scte35Pid": { + "markdownDescription": "", + "title": "Scte35Pid", + "type": "number" }, - "TimeEqualityFilter": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TimeEqualityFilter", - "markdownDescription": "A `TimeEqualityFilter` filters date-time values that equal or do not equal a given date/time value.", - "title": "TimeEqualityFilter" + "Smpte2038DataPreference": { + "markdownDescription": "Specifies whether to extract applicable ancillary data from a SMPTE-2038 source in this input. Applicable data types are captions, timecode, AFD, and SCTE-104 messages.\n- PREFER: Extract from SMPTE-2038 if present in this input, otherwise extract from another source (if any).\n- IGNORE: Never extract any ancillary data from SMPTE-2038.", + "title": "Smpte2038DataPreference", + "type": "string" }, - "TimeRangeFilter": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TimeRangeFilter", - "markdownDescription": "A `TimeRangeFilter` filters date-time values that are either inside or outside a given date/time range.", - "title": "TimeRangeFilter" + "SourceEndBehavior": { + "markdownDescription": "The loop input if it is a file.", + "title": "SourceEndBehavior", + "type": "string" }, - "TopBottomFilter": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TopBottomFilter", - "markdownDescription": "A `TopBottomFilter` filters data to the top or bottom values for a given column.", - "title": "TopBottomFilter" + "VideoSelector": { + "$ref": "#/definitions/AWS::MediaLive::Channel.VideoSelector", + "markdownDescription": "Information about one video to extract from the input.", + "title": "VideoSelector" } }, "type": "object" }, - "AWS::QuickSight::Analysis.FilterControl": { + "AWS::MediaLive::Channel.InputSpecification": { "additionalProperties": false, "properties": { - "CrossSheet": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterCrossSheetControl", - "markdownDescription": "A control from a filter that is scoped across more than one sheet. This represents your filter control on a sheet", - "title": "CrossSheet" - }, - "DateTimePicker": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterDateTimePickerControl", - "markdownDescription": "A control from a date filter that is used to specify date and time.", - "title": "DateTimePicker" - }, - "Dropdown": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterDropDownControl", - "markdownDescription": "A control to display a dropdown list with buttons that are used to select a single value.", - "title": "Dropdown" - }, - "List": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterListControl", - "markdownDescription": "A control to display a list of buttons or boxes. This is used to select either a single value or multiple values.", - "title": "List" - }, - "RelativeDateTime": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterRelativeDateTimeControl", - "markdownDescription": "A control from a date filter that is used to specify the relative date.", - "title": "RelativeDateTime" - }, - "Slider": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterSliderControl", - "markdownDescription": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle.", - "title": "Slider" + "Codec": { + "markdownDescription": "The codec to include in the input specification for this channel.", + "title": "Codec", + "type": "string" }, - "TextArea": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterTextAreaControl", - "markdownDescription": "A control to display a text box that is used to enter multiple entries.", - "title": "TextArea" + "MaximumBitrate": { + "markdownDescription": "The maximum input bitrate for any input attached to this channel.", + "title": "MaximumBitrate", + "type": "string" }, - "TextField": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterTextFieldControl", - "markdownDescription": "A control to display a text box that is used to enter a single entry.", - "title": "TextField" + "Resolution": { + "markdownDescription": "The resolution for any input attached to this channel.", + "title": "Resolution", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.FilterCrossSheetControl": { + "AWS::MediaLive::Channel.KeyProviderSettings": { "additionalProperties": false, "properties": { - "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CascadingControlConfiguration", - "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", - "title": "CascadingControlConfiguration" - }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterCrossSheetControl` .", - "title": "FilterControlId", - "type": "string" - }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterCrossSheetControl` .", - "title": "SourceFilterId", - "type": "string" + "StaticKeySettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.StaticKeySettings", + "markdownDescription": "The configuration of static key settings.", + "title": "StaticKeySettings" } }, - "required": [ - "FilterControlId", - "SourceFilterId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.FilterDateTimePickerControl": { + "AWS::MediaLive::Channel.M2tsSettings": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimePickerControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterDateTimePickerControl` .", - "title": "FilterControlId", + "AbsentInputAudioBehavior": { + "markdownDescription": "When set to drop, the output audio streams are removed from the program if the selected input audio stream is removed from the input. This allows the output audio configuration to dynamically change based on the input configuration. If this is set to encodeSilence, all output audio streams will output encoded silence when not connected to an active input stream.", + "title": "AbsentInputAudioBehavior", "type": "string" }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterDateTimePickerControl` .", - "title": "SourceFilterId", + "Arib": { + "markdownDescription": "When set to enabled, uses ARIB-compliant field muxing and removes video descriptor.", + "title": "Arib", "type": "string" }, - "Title": { - "markdownDescription": "The title of the `FilterDateTimePickerControl` .", - "title": "Title", + "AribCaptionsPid": { + "markdownDescription": "The PID for ARIB Captions in the transport stream. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", + "title": "AribCaptionsPid", "type": "string" }, - "Type": { - "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", - "title": "Type", + "AribCaptionsPidControl": { + "markdownDescription": "If set to auto, The PID number used for ARIB Captions will be auto-selected from unused PIDs. If set to useConfigured, ARIB captions will be on the configured PID number.", + "title": "AribCaptionsPidControl", "type": "string" - } - }, - "required": [ - "FilterControlId", - "SourceFilterId", - "Title" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.FilterDropDownControl": { - "additionalProperties": false, - "properties": { - "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CascadingControlConfiguration", - "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", - "title": "CascadingControlConfiguration" - }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DropDownControlDisplayOptions", - "markdownDescription": "The display options of the `FilterDropDownControl` .", - "title": "DisplayOptions" }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterDropDownControl` .", - "title": "FilterControlId", + "AudioBufferModel": { + "markdownDescription": "When set to dvb, uses the DVB buffer model for Dolby Digital audio. When set to atsc, the ATSC model is used.", + "title": "AudioBufferModel", "type": "string" }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" + "AudioFramesPerPes": { + "markdownDescription": "The number of audio frames to insert for each PES packet.", + "title": "AudioFramesPerPes", + "type": "number" }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterDropDownControl` .", - "title": "SourceFilterId", + "AudioPids": { + "markdownDescription": "The PID of the elementary audio streams in the transport stream. Multiple values are accepted, and can be entered in ranges or by comma separation. You can enter the value as a decimal or hexadecimal value. Each PID specified must be in the range of 32 (or 0x20)..8182 (or 0x1ff6).", + "title": "AudioPids", "type": "string" }, - "Title": { - "markdownDescription": "The title of the `FilterDropDownControl` .", - "title": "Title", + "AudioStreamType": { + "markdownDescription": "When set to atsc, uses stream type = 0x81 for AC3 and stream type = 0x87 for EAC3. When set to dvb, uses stream type = 0x06.", + "title": "AudioStreamType", "type": "string" }, - "Type": { - "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "FilterControlId", - "SourceFilterId", - "Title" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.FilterGroup": { - "additionalProperties": false, - "properties": { - "CrossDataset": { - "markdownDescription": "The filter new feature which can apply filter group to all data sets. Choose one of the following options:\n\n- `ALL_DATASETS`\n- `SINGLE_DATASET`", - "title": "CrossDataset", + "Bitrate": { + "markdownDescription": "The output bitrate of the transport stream in bits per second. Setting to 0 lets the muxer automatically determine the appropriate bitrate.", + "title": "Bitrate", + "type": "number" + }, + "BufferModel": { + "markdownDescription": "If set to multiplex, uses the multiplex buffer model for accurate interleaving. Setting to bufferModel to none can lead to lower latency, but low-memory devices might not be able to play back the stream without interruptions.", + "title": "BufferModel", "type": "string" }, - "FilterGroupId": { - "markdownDescription": "The value that uniquely identifies a `FilterGroup` within a dashboard, template, or analysis.", - "title": "FilterGroupId", + "CcDescriptor": { + "markdownDescription": "When set to enabled, generates captionServiceDescriptor in PMT.", + "title": "CcDescriptor", "type": "string" }, - "Filters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.Filter" - }, - "markdownDescription": "The list of filters that are present in a `FilterGroup` .", - "title": "Filters", - "type": "array" + "DvbNitSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.DvbNitSettings", + "markdownDescription": "Inserts a DVB Network Information Table (NIT) at the specified table repetition interval.", + "title": "DvbNitSettings" }, - "ScopeConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterScopeConfiguration", - "markdownDescription": "The configuration that specifies what scope to apply to a `FilterGroup` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", - "title": "ScopeConfiguration" + "DvbSdtSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.DvbSdtSettings", + "markdownDescription": "Inserts a DVB Service Description Table (SDT) at the specified table repetition interval.", + "title": "DvbSdtSettings" }, - "Status": { - "markdownDescription": "The status of the `FilterGroup` .", - "title": "Status", + "DvbSubPids": { + "markdownDescription": "The PID for the input source DVB Subtitle data to this output. Multiple values are accepted, and can be entered in ranges and/or by comma separation. You can enter the value as a decimal or hexadecimal value. Each PID specified must be in the range of 32 (or 0x20)..8182 (or 0x1ff6).", + "title": "DvbSubPids", "type": "string" - } - }, - "required": [ - "CrossDataset", - "FilterGroupId", - "Filters", - "ScopeConfiguration" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.FilterListConfiguration": { - "additionalProperties": false, - "properties": { - "CategoryValues": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of category values for the filter.", - "title": "CategoryValues", - "type": "array" }, - "MatchOperator": { - "markdownDescription": "The match operator that is used to determine if a filter should be applied.", - "title": "MatchOperator", + "DvbTdtSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.DvbTdtSettings", + "markdownDescription": "Inserts DVB Time and Date Table (TDT) at the specified table repetition interval.", + "title": "DvbTdtSettings" + }, + "DvbTeletextPid": { + "markdownDescription": "The PID for the input source DVB Teletext data to this output. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", + "title": "DvbTeletextPid", "type": "string" }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", + "Ebif": { + "markdownDescription": "If set to passthrough, passes any EBIF data from the input source to this output.", + "title": "Ebif", "type": "string" }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", + "EbpAudioInterval": { + "markdownDescription": "When videoAndFixedIntervals is selected, audio EBP markers are added to partitions 3 and 4. The interval between these additional markers is fixed, and is slightly shorter than the video EBP marker interval. This is only available when EBP Cablelabs segmentation markers are selected. Partitions 1 and 2 always follow the video interval.", + "title": "EbpAudioInterval", "type": "string" - } - }, - "required": [ - "MatchOperator" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.FilterListControl": { - "additionalProperties": false, - "properties": { - "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CascadingControlConfiguration", - "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", - "title": "CascadingControlConfiguration" }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ListControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "EbpLookaheadMs": { + "markdownDescription": "When set, enforces that Encoder Boundary Points do not come within the specified time interval of each other by looking ahead at input video. If another EBP is going to come in within the specified time interval, the current EBP is not emitted, and the segment is \"stretched\" to the next marker. The lookahead value does not add latency to the system. The channel must be configured elsewhere to create sufficient latency to make the lookahead accurate.", + "title": "EbpLookaheadMs", + "type": "number" }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterListControl` .", - "title": "FilterControlId", + "EbpPlacement": { + "markdownDescription": "Controls placement of EBP on audio PIDs. If set to videoAndAudioPids, EBP markers are placed on the video PID and all audio PIDs. If set to videoPid, EBP markers are placed on only the video PID.", + "title": "EbpPlacement", "type": "string" }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" + "EcmPid": { + "markdownDescription": "This field is unused and deprecated.", + "title": "EcmPid", + "type": "string" }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterListControl` .", - "title": "SourceFilterId", + "EsRateInPes": { + "markdownDescription": "Includes or excludes the ES Rate field in the PES header.", + "title": "EsRateInPes", "type": "string" }, - "Title": { - "markdownDescription": "The title of the `FilterListControl` .", - "title": "Title", + "EtvPlatformPid": { + "markdownDescription": "The PID for the input source ETV Platform data to this output. You can enter it as a decimal or hexadecimal value. Valid values are 32 (or 0x20) to 8182 (or 0x1ff6).", + "title": "EtvPlatformPid", "type": "string" }, - "Type": { - "markdownDescription": "The type of the `FilterListControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list.", - "title": "Type", + "EtvSignalPid": { + "markdownDescription": "The PID for input source ETV Signal data to this output. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", + "title": "EtvSignalPid", "type": "string" - } - }, - "required": [ - "FilterControlId", - "SourceFilterId", - "Title" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.FilterOperationSelectedFieldsConfiguration": { - "additionalProperties": false, - "properties": { - "SelectedColumns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier" - }, - "markdownDescription": "The selected columns of a dataset.", - "title": "SelectedColumns", - "type": "array" }, - "SelectedFieldOptions": { - "markdownDescription": "A structure that contains the options that choose which fields are filtered in the `CustomActionFilterOperation` .\n\nValid values are defined as follows:\n\n- `ALL_FIELDS` : Applies the filter operation to all fields.", - "title": "SelectedFieldOptions", + "FragmentTime": { + "markdownDescription": "The length in seconds of each fragment. This is used only with EBP markers.", + "title": "FragmentTime", + "type": "number" + }, + "Klv": { + "markdownDescription": "If set to passthrough, passes any KLV data from the input source to this output.", + "title": "Klv", "type": "string" }, - "SelectedFields": { - "items": { - "type": "string" - }, - "markdownDescription": "Chooses the fields that are filtered in `CustomActionFilterOperation` .", - "title": "SelectedFields", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.FilterOperationTargetVisualsConfiguration": { - "additionalProperties": false, - "properties": { - "SameSheetTargetVisualConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SameSheetTargetVisualConfiguration", - "markdownDescription": "The configuration of the same-sheet target visuals that you want to be filtered.", - "title": "SameSheetTargetVisualConfiguration" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.FilterRelativeDateTimeControl": { - "additionalProperties": false, - "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RelativeDateTimeControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "KlvDataPids": { + "markdownDescription": "The PID for the input source KLV data to this output. Multiple values are accepted, and can be entered in ranges or by comma separation. You can enter the value as a decimal or hexadecimal value. Each PID specified must be in the range of 32 (or 0x20)..8182 (or 0x1ff6).", + "title": "KlvDataPids", + "type": "string" }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterTextAreaControl` .", - "title": "FilterControlId", + "NielsenId3Behavior": { + "markdownDescription": "If set to passthrough, Nielsen inaudible tones for media tracking will be detected in the input audio and an equivalent ID3 tag will be inserted in the output.", + "title": "NielsenId3Behavior", "type": "string" }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterTextAreaControl` .", - "title": "SourceFilterId", + "NullPacketBitrate": { + "markdownDescription": "The value, in bits per second, of extra null packets to insert into the transport stream. This can be used if a downstream encryption system requires periodic null packets.", + "title": "NullPacketBitrate", + "type": "number" + }, + "PatInterval": { + "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream. Valid values are 0, 10..1000.", + "title": "PatInterval", + "type": "number" + }, + "PcrControl": { + "markdownDescription": "When set to pcrEveryPesPacket, a Program Clock Reference value is inserted for every Packetized Elementary Stream (PES) header. This parameter is effective only when the PCR PID is the same as the video or audio elementary stream.", + "title": "PcrControl", "type": "string" }, - "Title": { - "markdownDescription": "The title of the `FilterTextAreaControl` .", - "title": "Title", + "PcrPeriod": { + "markdownDescription": "The maximum time, in milliseconds, between Program Clock References (PCRs) inserted into the transport stream.", + "title": "PcrPeriod", + "type": "number" + }, + "PcrPid": { + "markdownDescription": "The PID of the Program Clock Reference (PCR) in the transport stream. When no value is given, MediaLive assigns the same value as the video PID. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", + "title": "PcrPid", "type": "string" - } - }, - "required": [ - "FilterControlId", - "SourceFilterId", - "Title" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.FilterScopeConfiguration": { - "additionalProperties": false, - "properties": { - "AllSheets": { - "markdownDescription": "The configuration that applies a filter to all sheets. When you choose `AllSheets` as the value for a `FilterScopeConfiguration` , this filter is applied to all visuals of all sheets in an Analysis, Dashboard, or Template. The `AllSheetsFilterScopeConfiguration` is chosen.", - "title": "AllSheets", - "type": "object" }, - "SelectedSheets": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SelectedSheetsFilterScopeConfiguration", - "markdownDescription": "The configuration for applying a filter to specific sheets.", - "title": "SelectedSheets" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.FilterSelectableValues": { - "additionalProperties": false, - "properties": { - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The values that are used in the `FilterSelectableValues` .", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.FilterSliderControl": { - "additionalProperties": false, - "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SliderControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "PmtInterval": { + "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream. Valid values are 0, 10..1000.", + "title": "PmtInterval", + "type": "number" }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterSliderControl` .", - "title": "FilterControlId", + "PmtPid": { + "markdownDescription": "The PID for the Program Map Table (PMT) in the transport stream. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", + "title": "PmtPid", "type": "string" }, - "MaximumValue": { - "markdownDescription": "The larger value that is displayed at the right of the slider.", - "title": "MaximumValue", + "ProgramNum": { + "markdownDescription": "The value of the program number field in the Program Map Table (PMT).", + "title": "ProgramNum", "type": "number" }, - "MinimumValue": { - "markdownDescription": "The smaller value that is displayed at the left of the slider.", - "title": "MinimumValue", + "RateMode": { + "markdownDescription": "When VBR, does not insert null packets into the transport stream to fill the specified bitrate. The bitrate setting acts as the maximum bitrate when VBR is set.", + "title": "RateMode", + "type": "string" + }, + "Scte27Pids": { + "markdownDescription": "The PID for the input source SCTE-27 data to this output. Multiple values are accepted, and can be entered in ranges or by comma separation. You can enter the value as a decimal or hexadecimal value. Each PID specified must be in the range of 32 (or 0x20)..8182 (or 0x1ff6).", + "title": "Scte27Pids", + "type": "string" + }, + "Scte35Control": { + "markdownDescription": "Optionally passes SCTE-35 signals from the input source to this output.", + "title": "Scte35Control", + "type": "string" + }, + "Scte35Pid": { + "markdownDescription": "The PID of the SCTE-35 stream in the transport stream. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", + "title": "Scte35Pid", + "type": "string" + }, + "Scte35PrerollPullupMilliseconds": { + "markdownDescription": "", + "title": "Scte35PrerollPullupMilliseconds", "type": "number" }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterSliderControl` .", - "title": "SourceFilterId", + "SegmentationMarkers": { + "markdownDescription": "Inserts segmentation markers at each segmentationTime period. raiSegstart sets the Random Access Indicator bit in the adaptation field. raiAdapt sets the RAI bit and adds the current timecode in the private data bytes. psiSegstart inserts PAT and PMT tables at the start of segments. ebp adds Encoder Boundary Point information to the adaptation field as per OpenCable specification OC-SP-EBP-I01-130118. ebpLegacy adds Encoder Boundary Point information to the adaptation field using a legacy proprietary format.", + "title": "SegmentationMarkers", "type": "string" }, - "StepSize": { - "markdownDescription": "The number of increments that the slider bar is divided into.", - "title": "StepSize", + "SegmentationStyle": { + "markdownDescription": "The segmentation style parameter controls how segmentation markers are inserted into the transport stream. With avails, it is possible that segments might be truncated, which can influence where future segmentation markers are inserted. When a segmentation style of resetCadence is selected and a segment is truncated due to an avail, we will reset the segmentation cadence. This means the subsequent segment will have a duration of $segmentationTime seconds. When a segmentation style of maintainCadence is selected and a segment is truncated due to an avail, we will not reset the segmentation cadence. This means the subsequent segment will likely be truncated as well. However, all segments after that will have a duration of $segmentationTime seconds. Note that EBP lookahead is a slight exception to this rule.", + "title": "SegmentationStyle", + "type": "string" + }, + "SegmentationTime": { + "markdownDescription": "The length, in seconds, of each segment. This is required unless markers is set to None_.", + "title": "SegmentationTime", "type": "number" }, - "Title": { - "markdownDescription": "The title of the `FilterSliderControl` .", - "title": "Title", + "TimedMetadataBehavior": { + "markdownDescription": "When set to passthrough, timed metadata is passed through from input to output.", + "title": "TimedMetadataBehavior", "type": "string" }, - "Type": { - "markdownDescription": "The type of the `FilterSliderControl` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range.", - "title": "Type", + "TimedMetadataPid": { + "markdownDescription": "The PID of the timed metadata stream in the transport stream. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", + "title": "TimedMetadataPid", + "type": "string" + }, + "TransportStreamId": { + "markdownDescription": "The value of the transport stream ID field in the Program Map Table (PMT).", + "title": "TransportStreamId", + "type": "number" + }, + "VideoPid": { + "markdownDescription": "The PID of the elementary video stream in the transport stream. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", + "title": "VideoPid", "type": "string" } }, - "required": [ - "FilterControlId", - "MaximumValue", - "MinimumValue", - "SourceFilterId", - "StepSize", - "Title" - ], "type": "object" }, - "AWS::QuickSight::Analysis.FilterTextAreaControl": { + "AWS::MediaLive::Channel.M3u8Settings": { "additionalProperties": false, "properties": { - "Delimiter": { - "markdownDescription": "The delimiter that is used to separate the lines in text.", - "title": "Delimiter", + "AudioFramesPerPes": { + "markdownDescription": "The number of audio frames to insert for each PES packet.", + "title": "AudioFramesPerPes", + "type": "number" + }, + "AudioPids": { + "markdownDescription": "The PID of the elementary audio streams in the transport stream. Multiple values are accepted, and can be entered in ranges or by comma separation. You can enter the value as a decimal or hexadecimal value.", + "title": "AudioPids", "type": "string" }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TextAreaControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "EcmPid": { + "markdownDescription": "This parameter is unused and deprecated.", + "title": "EcmPid", + "type": "string" }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterTextAreaControl` .", - "title": "FilterControlId", + "KlvBehavior": { + "markdownDescription": "", + "title": "KlvBehavior", "type": "string" }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterTextAreaControl` .", - "title": "SourceFilterId", + "KlvDataPids": { + "markdownDescription": "", + "title": "KlvDataPids", "type": "string" }, - "Title": { - "markdownDescription": "The title of the `FilterTextAreaControl` .", - "title": "Title", + "NielsenId3Behavior": { + "markdownDescription": "If set to passthrough, Nielsen inaudible tones for media tracking will be detected in the input audio and an equivalent ID3 tag will be inserted in the output.", + "title": "NielsenId3Behavior", + "type": "string" + }, + "PatInterval": { + "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream. A value of \\\"0\\\" writes out the PMT once per segment file.", + "title": "PatInterval", + "type": "number" + }, + "PcrControl": { + "markdownDescription": "When set to pcrEveryPesPacket, a Program Clock Reference value is inserted for every Packetized Elementary Stream (PES) header. This parameter is effective only when the PCR PID is the same as the video or audio elementary stream.", + "title": "PcrControl", + "type": "string" + }, + "PcrPeriod": { + "markdownDescription": "The maximum time, in milliseconds, between Program Clock References (PCRs) inserted into the transport stream.", + "title": "PcrPeriod", + "type": "number" + }, + "PcrPid": { + "markdownDescription": "The PID of the Program Clock Reference (PCR) in the transport stream. When no value is given, MediaLive assigns the same value as the video PID. You can enter the value as a decimal or hexadecimal value.", + "title": "PcrPid", + "type": "string" + }, + "PmtInterval": { + "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream. A value of \\\"0\\\" writes out the PMT once per segment file.", + "title": "PmtInterval", + "type": "number" + }, + "PmtPid": { + "markdownDescription": "The PID for the Program Map Table (PMT) in the transport stream. You can enter the value as a decimal or hexadecimal value.", + "title": "PmtPid", + "type": "string" + }, + "ProgramNum": { + "markdownDescription": "The value of the program number field in the Program Map Table (PMT).", + "title": "ProgramNum", + "type": "number" + }, + "Scte35Behavior": { + "markdownDescription": "If set to passthrough, passes any SCTE-35 signals from the input source to this output.", + "title": "Scte35Behavior", + "type": "string" + }, + "Scte35Pid": { + "markdownDescription": "The PID of the SCTE-35 stream in the transport stream. You can enter the value as a decimal or hexadecimal value.", + "title": "Scte35Pid", + "type": "string" + }, + "TimedMetadataBehavior": { + "markdownDescription": "When set to passthrough, timed metadata is passed through from input to output.", + "title": "TimedMetadataBehavior", + "type": "string" + }, + "TimedMetadataPid": { + "markdownDescription": "The PID of the timed metadata stream in the transport stream. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", + "title": "TimedMetadataPid", + "type": "string" + }, + "TransportStreamId": { + "markdownDescription": "The value of the transport stream ID field in the Program Map Table (PMT).", + "title": "TransportStreamId", + "type": "number" + }, + "VideoPid": { + "markdownDescription": "The PID of the elementary video stream in the transport stream. You can enter the value as a decimal or hexadecimal value.", + "title": "VideoPid", "type": "string" } }, - "required": [ - "FilterControlId", - "SourceFilterId", - "Title" - ], "type": "object" }, - "AWS::QuickSight::Analysis.FilterTextFieldControl": { + "AWS::MediaLive::Channel.MaintenanceCreateSettings": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TextFieldControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterTextFieldControl` .", - "title": "FilterControlId", - "type": "string" - }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterTextFieldControl` .", - "title": "SourceFilterId", + "MaintenanceDay": { + "markdownDescription": "Choose one day of the week for maintenance. The chosen day is used for all future maintenance windows.", + "title": "MaintenanceDay", "type": "string" }, - "Title": { - "markdownDescription": "The title of the `FilterTextFieldControl` .", - "title": "Title", + "MaintenanceStartTime": { + "markdownDescription": "Choose the hour that maintenance will start. The chosen time is used for all future maintenance windows.", + "title": "MaintenanceStartTime", "type": "string" } }, - "required": [ - "FilterControlId", - "SourceFilterId", - "Title" - ], "type": "object" }, - "AWS::QuickSight::Analysis.FontConfiguration": { + "AWS::MediaLive::Channel.MaintenanceUpdateSettings": { "additionalProperties": false, "properties": { - "FontColor": { - "markdownDescription": "Determines the color of the text.", - "title": "FontColor", + "MaintenanceDay": { "type": "string" }, - "FontDecoration": { - "markdownDescription": "Determines the appearance of decorative lines on the text.", - "title": "FontDecoration", + "MaintenanceScheduledDate": { "type": "string" }, - "FontSize": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FontSize", - "markdownDescription": "The option that determines the text display size.", - "title": "FontSize" - }, - "FontStyle": { - "markdownDescription": "Determines the text display face that is inherited by the given font family.", - "title": "FontStyle", + "MaintenanceStartTime": { "type": "string" + } + }, + "type": "object" + }, + "AWS::MediaLive::Channel.MediaPackageGroupSettings": { + "additionalProperties": false, + "properties": { + "Destination": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", + "markdownDescription": "The MediaPackage channel destination.", + "title": "Destination" }, - "FontWeight": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FontWeight", - "markdownDescription": "The option that determines the text display weight, or boldness.", - "title": "FontWeight" + "MediapackageV2GroupSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MediaPackageV2GroupSettings" } }, "type": "object" }, - "AWS::QuickSight::Analysis.FontSize": { + "AWS::MediaLive::Channel.MediaPackageOutputDestinationSettings": { "additionalProperties": false, "properties": { - "Relative": { - "markdownDescription": "The lexical name for the text size, proportional to its surrounding context.", - "title": "Relative", + "ChannelGroup": { + "markdownDescription": "", + "title": "ChannelGroup", + "type": "string" + }, + "ChannelId": { + "markdownDescription": "The ID of the channel in MediaPackage that is the destination for this output group. You don't need to specify the individual inputs in MediaPackage; MediaLive handles the connection of the two MediaLive pipelines to the two MediaPackage inputs. The MediaPackage channel and MediaLive channel must be in the same Region.", + "title": "ChannelId", + "type": "string" + }, + "ChannelName": { + "markdownDescription": "", + "title": "ChannelName", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.FontWeight": { + "AWS::MediaLive::Channel.MediaPackageOutputSettings": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The lexical name for the level of boldness of the text display.", - "title": "Name", - "type": "string" + "MediaPackageV2DestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MediaPackageV2DestinationSettings" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ForecastComputation": { + "AWS::MediaLive::Channel.MediaPackageV2DestinationSettings": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", + "AudioGroupId": { "type": "string" }, - "CustomSeasonalityValue": { - "markdownDescription": "The custom seasonality value setup of a forecast computation.", - "title": "CustomSeasonalityValue", - "type": "number" - }, - "LowerBoundary": { - "markdownDescription": "The lower boundary setup of a forecast computation.", - "title": "LowerBoundary", - "type": "number" - }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "AudioRenditionSets": { "type": "string" }, - "PeriodsBackward": { - "markdownDescription": "The periods backward setup of a forecast computation.", - "title": "PeriodsBackward", - "type": "number" - }, - "PeriodsForward": { - "markdownDescription": "The periods forward setup of a forecast computation.", - "title": "PeriodsForward", - "type": "number" - }, - "PredictionInterval": { - "markdownDescription": "The prediction interval setup of a forecast computation.", - "title": "PredictionInterval", - "type": "number" - }, - "Seasonality": { - "markdownDescription": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `AUTOMATIC`\n- `CUSTOM` : Checks the custom seasonality value.", - "title": "Seasonality", + "HlsAutoSelect": { "type": "string" }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" - }, - "UpperBoundary": { - "markdownDescription": "The upper boundary setup of a forecast computation.", - "title": "UpperBoundary", - "type": "number" - }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "HlsDefault": { + "type": "string" } }, - "required": [ - "ComputationId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.ForecastConfiguration": { + "AWS::MediaLive::Channel.MediaPackageV2GroupSettings": { "additionalProperties": false, "properties": { - "ForecastProperties": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TimeBasedForecastProperties", - "markdownDescription": "The forecast properties setup of a forecast in the line chart.", - "title": "ForecastProperties" - }, - "Scenario": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ForecastScenario", - "markdownDescription": "The forecast scenario of a forecast in the line chart.", - "title": "Scenario" + "CaptionLanguageMappings": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionLanguageMapping" + }, + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ForecastScenario": { + "AWS::MediaLive::Channel.MotionGraphicsConfiguration": { "additionalProperties": false, "properties": { - "WhatIfPointScenario": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WhatIfPointScenario", - "markdownDescription": "The what-if analysis forecast setup with the target date.", - "title": "WhatIfPointScenario" + "MotionGraphicsInsertion": { + "markdownDescription": "Enables or disables the motion graphics overlay feature in the channel.", + "title": "MotionGraphicsInsertion", + "type": "string" }, - "WhatIfRangeScenario": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WhatIfRangeScenario", - "markdownDescription": "The what-if analysis forecast setup with the date range.", - "title": "WhatIfRangeScenario" + "MotionGraphicsSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MotionGraphicsSettings", + "markdownDescription": "Settings to enable and configure the motion graphics overlay feature in the channel.", + "title": "MotionGraphicsSettings" } }, "type": "object" }, - "AWS::QuickSight::Analysis.FormatConfiguration": { + "AWS::MediaLive::Channel.MotionGraphicsSettings": { "additionalProperties": false, "properties": { - "DateTimeFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeFormatConfiguration", - "markdownDescription": "Formatting configuration for `DateTime` fields.", - "title": "DateTimeFormatConfiguration" - }, - "NumberFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumberFormatConfiguration", - "markdownDescription": "Formatting configuration for number fields.", - "title": "NumberFormatConfiguration" - }, - "StringFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.StringFormatConfiguration", - "markdownDescription": "Formatting configuration for string fields.", - "title": "StringFormatConfiguration" + "HtmlMotionGraphicsSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.HtmlMotionGraphicsSettings", + "markdownDescription": "Settings to configure the motion graphics overlay to use an HTML asset.", + "title": "HtmlMotionGraphicsSettings" } }, "type": "object" }, - "AWS::QuickSight::Analysis.FreeFormLayoutCanvasSizeOptions": { + "AWS::MediaLive::Channel.Mp2Settings": { "additionalProperties": false, "properties": { - "ScreenCanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutScreenCanvasSizeOptions", - "markdownDescription": "The options that determine the sizing of the canvas used in a free-form layout.", - "title": "ScreenCanvasSizeOptions" + "Bitrate": { + "markdownDescription": "The average bitrate in bits/second.", + "title": "Bitrate", + "type": "number" + }, + "CodingMode": { + "markdownDescription": "The MPEG2 Audio coding mode. Valid values are codingMode10 (for mono) or codingMode20 (for stereo).", + "title": "CodingMode", + "type": "string" + }, + "SampleRate": { + "markdownDescription": "The sample rate in Hz.", + "title": "SampleRate", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.FreeFormLayoutConfiguration": { + "AWS::MediaLive::Channel.Mpeg2FilterSettings": { "additionalProperties": false, "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutCanvasSizeOptions", - "markdownDescription": "", - "title": "CanvasSizeOptions" - }, - "Elements": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutElement" - }, - "markdownDescription": "The elements that are included in a free-form layout.", - "title": "Elements", - "type": "array" + "TemporalFilterSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.TemporalFilterSettings", + "markdownDescription": "Settings for applying the temporal filter to the video.", + "title": "TemporalFilterSettings" } }, - "required": [ - "Elements" - ], "type": "object" }, - "AWS::QuickSight::Analysis.FreeFormLayoutElement": { + "AWS::MediaLive::Channel.Mpeg2Settings": { "additionalProperties": false, "properties": { - "BackgroundStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutElementBackgroundStyle", - "markdownDescription": "The background style configuration of a free-form layout element.", - "title": "BackgroundStyle" + "AdaptiveQuantization": { + "markdownDescription": "Choose Off to disable adaptive quantization. Or choose another value to enable the quantizer and set its strength. The strengths are: Auto, Off, Low, Medium, High. When you enable this field, MediaLive allows intra-frame quantizers to vary, which might improve visual quality.", + "title": "AdaptiveQuantization", + "type": "string" }, - "BorderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutElementBorderStyle", - "markdownDescription": "The border style configuration of a free-form layout element.", - "title": "BorderStyle" + "AfdSignaling": { + "markdownDescription": "Indicates the AFD values that MediaLive will write into the video encode. If you do not know what AFD signaling is, or if your downstream system has not given you guidance, choose AUTO.\nAUTO: MediaLive will try to preserve the input AFD value (in cases where multiple AFD values are valid).\nFIXED: MediaLive will use the value you specify in fixedAFD.", + "title": "AfdSignaling", + "type": "string" }, - "ElementId": { - "markdownDescription": "A unique identifier for an element within a free-form layout.", - "title": "ElementId", + "ColorMetadata": { + "markdownDescription": "Specifies whether to include the color space metadata. The metadata describes the color space that applies to the video (the colorSpace field). We recommend that you insert the metadata.", + "title": "ColorMetadata", "type": "string" }, - "ElementType": { - "markdownDescription": "The type of element.", - "title": "ElementType", + "ColorSpace": { + "markdownDescription": "Choose the type of color space conversion to apply to the output. For detailed information on setting up both the input and the output to obtain the desired color space in the output, see the section on \\\"MediaLive Features - Video - color space\\\" in the MediaLive User Guide.\nPASSTHROUGH: Keep the color space of the input content - do not convert it.\nAUTO:Convert all content that is SD to rec 601, and convert all content that is HD to rec 709.", + "title": "ColorSpace", "type": "string" }, - "Height": { - "markdownDescription": "The height of an element within a free-form layout.", - "title": "Height", + "DisplayAspectRatio": { + "markdownDescription": "Sets the pixel aspect ratio for the encode.", + "title": "DisplayAspectRatio", "type": "string" }, - "LoadingAnimation": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LoadingAnimation", - "markdownDescription": "The loading animation configuration of a free-form layout element.", - "title": "LoadingAnimation" + "FilterSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Mpeg2FilterSettings", + "markdownDescription": "Optionally specify a noise reduction filter, which can improve quality of compressed content. If you do not choose a filter, no filter will be applied.\nTEMPORAL: This filter is useful for both source content that is noisy (when it has excessive digital artifacts) and source content that is clean.\nWhen the content is noisy, the filter cleans up the source content before the encoding phase, with these two effects: First, it improves the output video quality because the content has been cleaned up. Secondly, it decreases the bandwidth because MediaLive does not waste bits on encoding noise.\nWhen the content is reasonably clean, the filter tends to decrease the bitrate.", + "title": "FilterSettings" }, - "RenderingRules": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetElementRenderingRule" - }, - "markdownDescription": "The rendering rules that determine when an element should be displayed within a free-form layout.", - "title": "RenderingRules", - "type": "array" + "FixedAfd": { + "markdownDescription": "Complete this field only when afdSignaling is set to FIXED. Enter the AFD value (4 bits) to write on all frames of the video encode.", + "title": "FixedAfd", + "type": "string" }, - "SelectedBorderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutElementBorderStyle", - "markdownDescription": "The border style configuration of a free-form layout element. This border style is used when the element is selected.", - "title": "SelectedBorderStyle" + "FramerateDenominator": { + "markdownDescription": "description\": \"The framerate denominator. For example, 1001. The framerate is the numerator divided by the denominator. For example, 24000 / 1001 = 23.976 FPS.", + "title": "FramerateDenominator", + "type": "number" }, - "Visibility": { - "markdownDescription": "The visibility of an element within a free-form layout.", - "title": "Visibility", + "FramerateNumerator": { + "markdownDescription": "The framerate numerator. For example, 24000. The framerate is the numerator divided by the denominator. For example, 24000 / 1001 = 23.976 FPS.", + "title": "FramerateNumerator", + "type": "number" + }, + "GopClosedCadence": { + "markdownDescription": "MPEG2: default is open GOP.", + "title": "GopClosedCadence", + "type": "number" + }, + "GopNumBFrames": { + "markdownDescription": "Relates to the GOP structure. The number of B-frames between reference frames. If you do not know what a B-frame is, use the default.", + "title": "GopNumBFrames", + "type": "number" + }, + "GopSize": { + "markdownDescription": "Relates to the GOP structure. The GOP size (keyframe interval) in the units specified in gopSizeUnits. If you do not know what GOP is, use the default.\nIf gopSizeUnits is frames, then the gopSize must be an integer and must be greater than or equal to 1.\nIf gopSizeUnits is seconds, the gopSize must be greater than 0, but does not need to be an integer.", + "title": "GopSize", + "type": "number" + }, + "GopSizeUnits": { + "markdownDescription": "Relates to the GOP structure. Specifies whether the gopSize is specified in frames or seconds. If you do not plan to change the default gopSize, leave the default. If you specify SECONDS, MediaLive will internally convert the gop size to a frame count.", + "title": "GopSizeUnits", "type": "string" }, - "Width": { - "markdownDescription": "The width of an element within a free-form layout.", - "title": "Width", + "ScanType": { + "markdownDescription": "Set the scan type of the output to PROGRESSIVE or INTERLACED (top field first).", + "title": "ScanType", "type": "string" }, - "XAxisLocation": { - "markdownDescription": "The x-axis coordinate of the element.", - "title": "XAxisLocation", + "SubgopLength": { + "markdownDescription": "Relates to the GOP structure. If you do not know what GOP is, use the default.\nFIXED: Set the number of B-frames in each sub-GOP to the value in gopNumBFrames.\nDYNAMIC: Let MediaLive optimize the number of B-frames in each sub-GOP, to improve visual quality.", + "title": "SubgopLength", "type": "string" }, - "YAxisLocation": { - "markdownDescription": "The y-axis coordinate of the element.", - "title": "YAxisLocation", + "TimecodeBurninSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.TimecodeBurninSettings", + "markdownDescription": "", + "title": "TimecodeBurninSettings" + }, + "TimecodeInsertion": { + "markdownDescription": "Determines how MediaLive inserts timecodes in the output video. For detailed information about setting up the input and the output for a timecode, see the section on \\\"MediaLive Features - Timecode configuration\\\" in the MediaLive User Guide.\nDISABLED: do not include timecodes.\nGOP_TIMECODE: Include timecode metadata in the GOP header.", + "title": "TimecodeInsertion", "type": "string" } }, - "required": [ - "ElementId", - "ElementType", - "Height", - "Width", - "XAxisLocation", - "YAxisLocation" - ], "type": "object" }, - "AWS::QuickSight::Analysis.FreeFormLayoutElementBackgroundStyle": { + "AWS::MediaLive::Channel.MsSmoothGroupSettings": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The background color of a free-form layout element.", - "title": "Color", + "AcquisitionPointId": { + "markdownDescription": "The value of the Acquisition Point Identity element that is used in each message placed in the sparse track. Enabled only if sparseTrackType is not \"none.\"", + "title": "AcquisitionPointId", "type": "string" }, - "Visibility": { - "markdownDescription": "The background visibility of a free-form layout element.", - "title": "Visibility", + "AudioOnlyTimecodeControl": { + "markdownDescription": "If set to passthrough for an audio-only Microsoft Smooth output, the fragment absolute time is set to the current timecode. This option does not write timecodes to the audio elementary stream.", + "title": "AudioOnlyTimecodeControl", + "type": "string" + }, + "CertificateMode": { + "markdownDescription": "If set to verifyAuthenticity, verifies the HTTPS certificate chain to a trusted certificate authority (CA). This causes HTTPS outputs to self-signed certificates to fail.", + "title": "CertificateMode", + "type": "string" + }, + "ConnectionRetryInterval": { + "markdownDescription": "The number of seconds to wait before retrying the connection to the IIS server if the connection is lost. Content is cached during this time, and the cache is delivered to the IIS server after the connection is re-established.", + "title": "ConnectionRetryInterval", + "type": "number" + }, + "Destination": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", + "markdownDescription": "The Smooth Streaming publish point on an IIS server. MediaLive acts as a \"Push\" encoder to IIS.", + "title": "Destination" + }, + "EventId": { + "markdownDescription": "The Microsoft Smooth channel ID that is sent to the IIS server. Specify the ID only if eventIdMode is set to useConfigured.", + "title": "EventId", + "type": "string" + }, + "EventIdMode": { + "markdownDescription": "Specifies whether to send a channel ID to the IIS server. If no channel ID is sent and the same channel is used without changing the publishing point, clients might see cached video from the previous run. Options: - \"useConfigured\" - use the value provided in eventId - \"useTimestamp\" - generate and send a channel ID based on the current timestamp - \"noEventId\" - do not send a channel ID to the IIS server.", + "title": "EventIdMode", + "type": "string" + }, + "EventStopBehavior": { + "markdownDescription": "When set to sendEos, sends an EOS signal to an IIS server when stopping the channel.", + "title": "EventStopBehavior", + "type": "string" + }, + "FilecacheDuration": { + "markdownDescription": "The size, in seconds, of the file cache for streaming outputs.", + "title": "FilecacheDuration", + "type": "number" + }, + "FragmentLength": { + "markdownDescription": "The length, in seconds, of mp4 fragments to generate. The fragment length must be compatible with GOP size and frame rate.", + "title": "FragmentLength", + "type": "number" + }, + "InputLossAction": { + "markdownDescription": "A parameter that controls output group behavior on an input loss.", + "title": "InputLossAction", + "type": "string" + }, + "NumRetries": { + "markdownDescription": "The number of retry attempts.", + "title": "NumRetries", + "type": "number" + }, + "RestartDelay": { + "markdownDescription": "The number of seconds before initiating a restart due to output failure, due to exhausting the numRetries on one segment, or exceeding filecacheDuration.", + "title": "RestartDelay", + "type": "number" + }, + "SegmentationMode": { + "markdownDescription": "useInputSegmentation has been deprecated. The configured segment size is always used.", + "title": "SegmentationMode", + "type": "string" + }, + "SendDelayMs": { + "markdownDescription": "The number of milliseconds to delay the output from the second pipeline.", + "title": "SendDelayMs", + "type": "number" + }, + "SparseTrackType": { + "markdownDescription": "If set to scte35, uses incoming SCTE-35 messages to generate a sparse track in this group of Microsoft Smooth outputs.", + "title": "SparseTrackType", + "type": "string" + }, + "StreamManifestBehavior": { + "markdownDescription": "When set to send, sends a stream manifest so that the publishing point doesn't start until all streams start.", + "title": "StreamManifestBehavior", + "type": "string" + }, + "TimestampOffset": { + "markdownDescription": "The timestamp offset for the channel. Used only if timestampOffsetMode is set to useConfiguredOffset.", + "title": "TimestampOffset", + "type": "string" + }, + "TimestampOffsetMode": { + "markdownDescription": "The type of timestamp date offset to use. - useEventStartDate: Use the date the channel was started as the offset - useConfiguredOffset: Use an explicitly configured date as the offset.", + "title": "TimestampOffsetMode", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.FreeFormLayoutElementBorderStyle": { + "AWS::MediaLive::Channel.MsSmoothOutputSettings": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The border color of a free-form layout element.", - "title": "Color", + "H265PackagingType": { + "markdownDescription": "Only applicable when this output is referencing an H.265 video description.\nSpecifies whether MP4 segments should be packaged as HEV1 or HVC1.", + "title": "H265PackagingType", "type": "string" }, - "Visibility": { - "markdownDescription": "The border visibility of a free-form layout element.", - "title": "Visibility", + "NameModifier": { + "markdownDescription": "A string that is concatenated to the end of the destination file name. This is required for multiple outputs of the same type.", + "title": "NameModifier", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.FreeFormLayoutScreenCanvasSizeOptions": { + "AWS::MediaLive::Channel.MulticastInputSettings": { "additionalProperties": false, "properties": { - "OptimizedViewPortWidth": { - "markdownDescription": "The width that the view port will be optimized for when the layout renders.", - "title": "OptimizedViewPortWidth", + "SourceIpAddress": { + "markdownDescription": "", + "title": "SourceIpAddress", "type": "string" } }, - "required": [ - "OptimizedViewPortWidth" - ], "type": "object" }, - "AWS::QuickSight::Analysis.FreeFormSectionLayoutConfiguration": { + "AWS::MediaLive::Channel.MultiplexContainerSettings": { "additionalProperties": false, "properties": { - "Elements": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutElement" - }, - "markdownDescription": "The elements that are included in the free-form layout.", - "title": "Elements", - "type": "array" + "MultiplexM2tsSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MultiplexM2tsSettings", + "markdownDescription": "", + "title": "MultiplexM2tsSettings" } }, - "required": [ - "Elements" - ], "type": "object" }, - "AWS::QuickSight::Analysis.FunnelChartAggregatedFieldWells": { + "AWS::MediaLive::Channel.MultiplexGroupSettings": { "additionalProperties": false, - "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The category field wells of a funnel chart. Values are grouped by category fields.", - "title": "Category", - "type": "array" - }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The value field wells of a funnel chart. Values are aggregated based on categories.", - "title": "Values", - "type": "array" - } - }, + "properties": {}, "type": "object" }, - "AWS::QuickSight::Analysis.FunnelChartConfiguration": { + "AWS::MediaLive::Channel.MultiplexM2tsSettings": { "additionalProperties": false, "properties": { - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options of the categories that are displayed in a `FunnelChartVisual` .", - "title": "CategoryLabelOptions" + "AbsentInputAudioBehavior": { + "markdownDescription": "", + "title": "AbsentInputAudioBehavior", + "type": "string" }, - "DataLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FunnelChartDataLabelOptions", - "markdownDescription": "The options that determine the presentation of the data labels.", - "title": "DataLabelOptions" + "Arib": { + "markdownDescription": "", + "title": "Arib", + "type": "string" }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FunnelChartFieldWells", - "markdownDescription": "The field well configuration of a `FunnelChartVisual` .", - "title": "FieldWells" + "AudioBufferModel": { + "markdownDescription": "", + "title": "AudioBufferModel", + "type": "string" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FunnelChartSortConfiguration", - "markdownDescription": "The sort configuration of a `FunnelChartVisual` .", - "title": "SortConfiguration" - }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", - "markdownDescription": "The tooltip configuration of a `FunnelChartVisual` .", - "title": "Tooltip" + "AudioFramesPerPes": { + "markdownDescription": "", + "title": "AudioFramesPerPes", + "type": "number" }, - "ValueLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options for the values that are displayed in a `FunnelChartVisual` .", - "title": "ValueLabelOptions" + "AudioStreamType": { + "markdownDescription": "", + "title": "AudioStreamType", + "type": "string" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", - "markdownDescription": "The visual palette configuration of a `FunnelChartVisual` .", - "title": "VisualPalette" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.FunnelChartDataLabelOptions": { - "additionalProperties": false, - "properties": { - "CategoryLabelVisibility": { - "markdownDescription": "The visibility of the category labels within the data labels.", - "title": "CategoryLabelVisibility", + "CcDescriptor": { + "markdownDescription": "", + "title": "CcDescriptor", "type": "string" }, - "LabelColor": { - "markdownDescription": "The color of the data label text.", - "title": "LabelColor", + "Ebif": { + "markdownDescription": "", + "title": "Ebif", "type": "string" }, - "LabelFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", - "markdownDescription": "The font configuration for the data labels.\n\nOnly the `FontSize` attribute of the font configuration is used for data labels.", - "title": "LabelFontConfiguration" + "EsRateInPes": { + "markdownDescription": "", + "title": "EsRateInPes", + "type": "string" }, - "MeasureDataLabelStyle": { - "markdownDescription": "Determines the style of the metric labels.", - "title": "MeasureDataLabelStyle", + "Klv": { + "markdownDescription": "", + "title": "Klv", "type": "string" }, - "MeasureLabelVisibility": { - "markdownDescription": "The visibility of the measure labels within the data labels.", - "title": "MeasureLabelVisibility", + "NielsenId3Behavior": { + "markdownDescription": "", + "title": "NielsenId3Behavior", "type": "string" }, - "Position": { - "markdownDescription": "Determines the positioning of the data label relative to a section of the funnel.", - "title": "Position", + "PcrControl": { + "markdownDescription": "", + "title": "PcrControl", "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility option that determines if data labels are displayed.", - "title": "Visibility", + "PcrPeriod": { + "markdownDescription": "", + "title": "PcrPeriod", + "type": "number" + }, + "Scte35Control": { + "markdownDescription": "", + "title": "Scte35Control", "type": "string" + }, + "Scte35PrerollPullupMilliseconds": { + "markdownDescription": "", + "title": "Scte35PrerollPullupMilliseconds", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.FunnelChartFieldWells": { + "AWS::MediaLive::Channel.MultiplexOutputSettings": { "additionalProperties": false, "properties": { - "FunnelChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FunnelChartAggregatedFieldWells", - "markdownDescription": "The field well configuration of a `FunnelChartVisual` .", - "title": "FunnelChartAggregatedFieldWells" + "ContainerSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MultiplexContainerSettings", + "markdownDescription": "", + "title": "ContainerSettings" + }, + "Destination": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", + "markdownDescription": "Destination is a Multiplex.", + "title": "Destination" } }, "type": "object" }, - "AWS::QuickSight::Analysis.FunnelChartSortConfiguration": { + "AWS::MediaLive::Channel.MultiplexProgramChannelDestinationSettings": { "additionalProperties": false, "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of categories displayed.", - "title": "CategoryItemsLimit" + "MultiplexId": { + "markdownDescription": "The ID of the Multiplex that the encoder is providing output to. You do not need to specify the individual inputs to the Multiplex; MediaLive will handle the connection of the two MediaLive pipelines to the two Multiplex instances.\nThe Multiplex must be in the same region as the Channel.", + "title": "MultiplexId", + "type": "string" }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the category fields.", - "title": "CategorySort", - "type": "array" + "ProgramName": { + "markdownDescription": "The program name of the Multiplex program that the encoder is providing output to.", + "title": "ProgramName", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.FunnelChartVisual": { + "AWS::MediaLive::Channel.NetworkInputSettings": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FunnelChartConfiguration", - "markdownDescription": "The configuration of a `FunnelChartVisual` .", - "title": "ChartConfiguration" - }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "HlsInputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.HlsInputSettings", + "markdownDescription": "Information about how to connect to the upstream system.", + "title": "HlsInputSettings" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "MulticastInputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MulticastInputSettings", + "markdownDescription": "", + "title": "MulticastInputSettings" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "ServerValidation": { + "markdownDescription": "Checks HTTPS server certificates. When set to checkCryptographyOnly, cryptography in the certificate is checked, but not the server's name. Certain subdomains (notably S3 buckets that use dots in the bucket name) don't strictly match the corresponding certificate's wildcard pattern and would otherwise cause the channel to error. This setting is ignored for protocols that do not use HTTPS.", + "title": "ServerValidation", "type": "string" } }, - "required": [ - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.GaugeChartArcConditionalFormatting": { + "AWS::MediaLive::Channel.NielsenCBET": { "additionalProperties": false, "properties": { - "ForegroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the arc foreground color.", - "title": "ForegroundColor" + "CbetCheckDigitString": { + "markdownDescription": "Enter the CBET check digits to use in the watermark.", + "title": "CbetCheckDigitString", + "type": "string" + }, + "CbetStepaside": { + "markdownDescription": "Determines the method of CBET insertion mode when prior encoding is detected on the same layer.", + "title": "CbetStepaside", + "type": "string" + }, + "Csid": { + "markdownDescription": "Enter the CBET Source ID (CSID) to use in the watermark", + "title": "Csid", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.GaugeChartConditionalFormatting": { + "AWS::MediaLive::Channel.NielsenConfiguration": { "additionalProperties": false, "properties": { - "ConditionalFormattingOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartConditionalFormattingOption" - }, - "markdownDescription": "Conditional formatting options of a `GaugeChartVisual` .", - "title": "ConditionalFormattingOptions", - "type": "array" + "DistributorId": { + "markdownDescription": "Enter the Distributor ID assigned to your organization by Nielsen.", + "title": "DistributorId", + "type": "string" + }, + "NielsenPcmToId3Tagging": { + "markdownDescription": "Enables Nielsen PCM to ID3 tagging", + "title": "NielsenPcmToId3Tagging", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.GaugeChartConditionalFormattingOption": { + "AWS::MediaLive::Channel.NielsenNaesIiNw": { "additionalProperties": false, "properties": { - "Arc": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartArcConditionalFormatting", - "markdownDescription": "The options that determine the presentation of the arc of a `GaugeChartVisual` .", - "title": "Arc" + "CheckDigitString": { + "markdownDescription": "Enter the check digit string for the watermark", + "title": "CheckDigitString", + "type": "string" }, - "PrimaryValue": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartPrimaryValueConditionalFormatting", - "markdownDescription": "The conditional formatting for the primary value of a `GaugeChartVisual` .", - "title": "PrimaryValue" + "Sid": { + "markdownDescription": "Enter the Nielsen Source ID (SID) to include in the watermark", + "title": "Sid", + "type": "number" + }, + "Timezone": { + "markdownDescription": "", + "title": "Timezone", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.GaugeChartConfiguration": { + "AWS::MediaLive::Channel.NielsenWatermarksSettings": { "additionalProperties": false, "properties": { - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", - "markdownDescription": "The data label configuration of a `GaugeChartVisual` .", - "title": "DataLabels" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartFieldWells", - "markdownDescription": "The field well configuration of a `GaugeChartVisual` .", - "title": "FieldWells" - }, - "GaugeChartOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartOptions", - "markdownDescription": "The options that determine the presentation of the `GaugeChartVisual` .", - "title": "GaugeChartOptions" + "NielsenCbetSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.NielsenCBET", + "markdownDescription": "Complete these fields only if you want to insert watermarks of type Nielsen CBET", + "title": "NielsenCbetSettings" }, - "TooltipOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", - "markdownDescription": "The tooltip configuration of a `GaugeChartVisual` .", - "title": "TooltipOptions" + "NielsenDistributionType": { + "markdownDescription": "Choose the distribution types that you want to assign to the watermarks:\n- PROGRAM_CONTENT\n- FINAL_DISTRIBUTOR", + "title": "NielsenDistributionType", + "type": "string" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", - "markdownDescription": "The visual palette configuration of a `GaugeChartVisual` .", - "title": "VisualPalette" + "NielsenNaesIiNwSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.NielsenNaesIiNw", + "markdownDescription": "Complete these fields only if you want to insert watermarks of type Nielsen NAES II (N2) and Nielsen NAES VI (NW).", + "title": "NielsenNaesIiNwSettings" } }, "type": "object" }, - "AWS::QuickSight::Analysis.GaugeChartFieldWells": { + "AWS::MediaLive::Channel.Output": { "additionalProperties": false, "properties": { - "TargetValues": { + "AudioDescriptionNames": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + "type": "string" }, - "markdownDescription": "The target value field wells of a `GaugeChartVisual` .", - "title": "TargetValues", + "markdownDescription": "The names of the audio descriptions that are used as audio sources for this output.", + "title": "AudioDescriptionNames", "type": "array" }, - "Values": { + "CaptionDescriptionNames": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + "type": "string" }, - "markdownDescription": "The value field wells of a `GaugeChartVisual` .", - "title": "Values", + "markdownDescription": "The names of the caption descriptions that are used as captions sources for this output.", + "title": "CaptionDescriptionNames", "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.GaugeChartOptions": { - "additionalProperties": false, - "properties": { - "Arc": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ArcConfiguration", - "markdownDescription": "The arc configuration of a `GaugeChartVisual` .", - "title": "Arc" }, - "ArcAxis": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ArcAxisConfiguration", - "markdownDescription": "The arc axis configuration of a `GaugeChartVisual` .", - "title": "ArcAxis" + "OutputName": { + "markdownDescription": "The name that is used to identify an output.", + "title": "OutputName", + "type": "string" }, - "Comparison": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ComparisonConfiguration", - "markdownDescription": "The comparison configuration of a `GaugeChartVisual` .", - "title": "Comparison" + "OutputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputSettings", + "markdownDescription": "The output type-specific settings.", + "title": "OutputSettings" }, - "PrimaryValueDisplayType": { - "markdownDescription": "The options that determine the primary value display type.", - "title": "PrimaryValueDisplayType", + "VideoDescriptionName": { + "markdownDescription": "The name of the VideoDescription that is used as the source for this output.", + "title": "VideoDescriptionName", "type": "string" - }, - "PrimaryValueFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", - "markdownDescription": "The options that determine the primary value font configuration.", - "title": "PrimaryValueFontConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Analysis.GaugeChartPrimaryValueConditionalFormatting": { + "AWS::MediaLive::Channel.OutputDestination": { "additionalProperties": false, "properties": { - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting of the primary value icon.", - "title": "Icon" + "Id": { + "markdownDescription": "The ID for this destination.", + "title": "Id", + "type": "string" }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the primary value text color.", - "title": "TextColor" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.GaugeChartVisual": { - "additionalProperties": false, - "properties": { - "Actions": { + "LogicalInterfaceNames": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + "type": "string" }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", + "markdownDescription": "", + "title": "LogicalInterfaceNames", "type": "array" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartConfiguration", - "markdownDescription": "The configuration of a `GaugeChartVisual` .", - "title": "ChartConfiguration" - }, - "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartConditionalFormatting", - "markdownDescription": "The conditional formatting of a `GaugeChartVisual` .", - "title": "ConditionalFormatting" + "MediaPackageSettings": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MediaPackageOutputDestinationSettings" + }, + "markdownDescription": "The destination settings for a MediaPackage output.", + "title": "MediaPackageSettings", + "type": "array" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "MultiplexSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MultiplexProgramChannelDestinationSettings", + "markdownDescription": "Destination settings for a Multiplex output; one destination for both encoders.", + "title": "MultiplexSettings" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Settings": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputDestinationSettings" + }, + "markdownDescription": "The destination settings for an output.", + "title": "Settings", + "type": "array" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", - "type": "string" + "SrtSettings": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Channel.SrtOutputDestinationSettings" + }, + "markdownDescription": "", + "title": "SrtSettings", + "type": "array" } }, - "required": [ - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.GeospatialCoordinateBounds": { + "AWS::MediaLive::Channel.OutputDestinationSettings": { "additionalProperties": false, "properties": { - "East": { - "markdownDescription": "The longitude of the east bound of the geospatial coordinate bounds.", - "title": "East", - "type": "number" + "PasswordParam": { + "markdownDescription": "The password parameter that holds the password for accessing the downstream system. This password parameter applies only if the downstream system requires credentials.", + "title": "PasswordParam", + "type": "string" }, - "North": { - "markdownDescription": "The latitude of the north bound of the geospatial coordinate bounds.", - "title": "North", - "type": "number" + "StreamName": { + "markdownDescription": "The stream name for the content. This applies only to RTMP outputs.", + "title": "StreamName", + "type": "string" }, - "South": { - "markdownDescription": "The latitude of the south bound of the geospatial coordinate bounds.", - "title": "South", - "type": "number" + "Url": { + "markdownDescription": "The URL for the destination.", + "title": "Url", + "type": "string" }, - "West": { - "markdownDescription": "The longitude of the west bound of the geospatial coordinate bounds.", - "title": "West", - "type": "number" + "Username": { + "markdownDescription": "The user name to connect to the downstream system. This applies only if the downstream system requires credentials.", + "title": "Username", + "type": "string" } }, - "required": [ - "East", - "North", - "South", - "West" - ], "type": "object" }, - "AWS::QuickSight::Analysis.GeospatialHeatmapColorScale": { + "AWS::MediaLive::Channel.OutputGroup": { "additionalProperties": false, "properties": { - "Colors": { + "Name": { + "markdownDescription": "A custom output group name that you can optionally define. Only letters, numbers, and the underscore character are allowed. The maximum length is 32 characters.", + "title": "Name", + "type": "string" + }, + "OutputGroupSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputGroupSettings", + "markdownDescription": "The settings associated with the output group.", + "title": "OutputGroupSettings" + }, + "Outputs": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialHeatmapDataColor" + "$ref": "#/definitions/AWS::MediaLive::Channel.Output" }, - "markdownDescription": "The list of colors to be used in heatmap point style.", - "title": "Colors", + "markdownDescription": "The settings for the outputs in the output group.", + "title": "Outputs", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.GeospatialHeatmapConfiguration": { + "AWS::MediaLive::Channel.OutputGroupSettings": { "additionalProperties": false, "properties": { - "HeatmapColor": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialHeatmapColorScale", - "markdownDescription": "The color scale specification for the heatmap point style.", - "title": "HeatmapColor" + "ArchiveGroupSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.ArchiveGroupSettings", + "markdownDescription": "The configuration of an archive output group.\n\nThe parent of this entity is OutputGroupSettings.", + "title": "ArchiveGroupSettings" + }, + "CmafIngestGroupSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.CmafIngestGroupSettings", + "markdownDescription": "", + "title": "CmafIngestGroupSettings" + }, + "FrameCaptureGroupSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.FrameCaptureGroupSettings", + "markdownDescription": "The configuration of a frame capture output group.", + "title": "FrameCaptureGroupSettings" + }, + "HlsGroupSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.HlsGroupSettings", + "markdownDescription": "The configuration of an HLS output group.", + "title": "HlsGroupSettings" + }, + "MediaPackageGroupSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MediaPackageGroupSettings", + "markdownDescription": "The configuration of a MediaPackage output group.", + "title": "MediaPackageGroupSettings" + }, + "MsSmoothGroupSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MsSmoothGroupSettings", + "markdownDescription": "The configuration of a Microsoft Smooth output group.", + "title": "MsSmoothGroupSettings" + }, + "MultiplexGroupSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MultiplexGroupSettings", + "markdownDescription": "The settings for a Multiplex output group.", + "title": "MultiplexGroupSettings" + }, + "RtmpGroupSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.RtmpGroupSettings", + "markdownDescription": "The configuration of an RTMP output group.", + "title": "RtmpGroupSettings" + }, + "SrtGroupSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.SrtGroupSettings", + "markdownDescription": "", + "title": "SrtGroupSettings" + }, + "UdpGroupSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.UdpGroupSettings", + "markdownDescription": "The configuration of a UDP output group.", + "title": "UdpGroupSettings" } }, "type": "object" }, - "AWS::QuickSight::Analysis.GeospatialHeatmapDataColor": { + "AWS::MediaLive::Channel.OutputLocationRef": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The hex color to be used in the heatmap point style.", - "title": "Color", + "DestinationRefId": { + "markdownDescription": "A reference ID for this destination.", + "title": "DestinationRefId", "type": "string" } }, - "required": [ - "Color" - ], "type": "object" }, - "AWS::QuickSight::Analysis.GeospatialMapAggregatedFieldWells": { + "AWS::MediaLive::Channel.OutputLockingSettings": { "additionalProperties": false, "properties": { - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The color field wells of a geospatial map.", - "title": "Colors", - "type": "array" - }, - "Geospatial": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The geospatial field wells of a geospatial map. Values are grouped by geospatial fields.", - "title": "Geospatial", - "type": "array" + "EpochLockingSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.EpochLockingSettings", + "markdownDescription": "", + "title": "EpochLockingSettings" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The size field wells of a geospatial map. Values are aggregated based on geospatial fields.", - "title": "Values", - "type": "array" + "PipelineLockingSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.PipelineLockingSettings", + "markdownDescription": "", + "title": "PipelineLockingSettings" } }, "type": "object" }, - "AWS::QuickSight::Analysis.GeospatialMapConfiguration": { + "AWS::MediaLive::Channel.OutputSettings": { "additionalProperties": false, "properties": { - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" + "ArchiveOutputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.ArchiveOutputSettings", + "markdownDescription": "The settings for an archive output.", + "title": "ArchiveOutputSettings" }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" + "CmafIngestOutputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.CmafIngestOutputSettings", + "markdownDescription": "", + "title": "CmafIngestOutputSettings" }, - "MapStyleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapStyleOptions", - "markdownDescription": "The map style options of the geospatial map.", - "title": "MapStyleOptions" + "FrameCaptureOutputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.FrameCaptureOutputSettings", + "markdownDescription": "The settings for a frame capture output.\n\nThe parent of this entity is OutputGroupSettings.", + "title": "FrameCaptureOutputSettings" }, - "PointStyleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialPointStyleOptions", - "markdownDescription": "The point style options of the geospatial map.", - "title": "PointStyleOptions" + "HlsOutputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.HlsOutputSettings", + "markdownDescription": "The settings for an HLS output.\n\nThe parent of this entity is OutputGroupSettings.", + "title": "HlsOutputSettings" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" + "MediaPackageOutputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MediaPackageOutputSettings", + "markdownDescription": "The settings for a MediaPackage output.\n\nThe parent of this entity is OutputGroupSettings.", + "title": "MediaPackageOutputSettings" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", + "MsSmoothOutputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MsSmoothOutputSettings", + "markdownDescription": "The settings for a Microsoft Smooth output.", + "title": "MsSmoothOutputSettings" + }, + "MultiplexOutputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MultiplexOutputSettings", + "markdownDescription": "Configuration of a Multiplex output.", + "title": "MultiplexOutputSettings" + }, + "RtmpOutputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.RtmpOutputSettings", + "markdownDescription": "The settings for an RTMP output.\n\nThe parent of this entity is OutputGroupSettings.", + "title": "RtmpOutputSettings" + }, + "SrtOutputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.SrtOutputSettings", "markdownDescription": "", - "title": "VisualPalette" + "title": "SrtOutputSettings" }, - "WindowOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialWindowOptions", - "markdownDescription": "The window options of the geospatial map.", - "title": "WindowOptions" + "UdpOutputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.UdpOutputSettings", + "markdownDescription": "The settings for a UDP output.\n\nThe parent of this entity is OutputGroupSettings.", + "title": "UdpOutputSettings" } }, "type": "object" }, - "AWS::QuickSight::Analysis.GeospatialMapFieldWells": { + "AWS::MediaLive::Channel.PassThroughSettings": { "additionalProperties": false, - "properties": { - "GeospatialMapAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapAggregatedFieldWells", - "markdownDescription": "The aggregated field well for a geospatial map.", - "title": "GeospatialMapAggregatedFieldWells" - } - }, + "properties": {}, "type": "object" }, - "AWS::QuickSight::Analysis.GeospatialMapStyleOptions": { + "AWS::MediaLive::Channel.PipelineLockingSettings": { "additionalProperties": false, - "properties": { - "BaseMapStyle": { - "markdownDescription": "The base map style of the geospatial map.", - "title": "BaseMapStyle", - "type": "string" - } - }, + "properties": {}, "type": "object" }, - "AWS::QuickSight::Analysis.GeospatialMapVisual": { + "AWS::MediaLive::Channel.RawSettings": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::MediaLive::Channel.Rec601Settings": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::MediaLive::Channel.Rec709Settings": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::MediaLive::Channel.RemixSettings": { "additionalProperties": false, "properties": { - "Actions": { + "ChannelMappings": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioChannelMapping" }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", + "markdownDescription": "A mapping of input channels to output channels, with appropriate gain adjustments.", + "title": "ChannelMappings", "type": "array" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "ChannelsIn": { + "markdownDescription": "The number of input channels to be used.", + "title": "ChannelsIn", + "type": "number" }, - "ColumnHierarchies": { + "ChannelsOut": { + "markdownDescription": "The number of output channels to be produced. Valid values: 1, 2, 4, 6, 8.", + "title": "ChannelsOut", + "type": "number" + } + }, + "type": "object" + }, + "AWS::MediaLive::Channel.RtmpCaptionInfoDestinationSettings": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::MediaLive::Channel.RtmpGroupSettings": { + "additionalProperties": false, + "properties": { + "AdMarkers": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" + "type": "string" }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", + "markdownDescription": "Choose the ad marker type for this output group. MediaLive will create a message based on the content of each SCTE-35 message, format it for that marker type, and insert it in the datastream.", + "title": "AdMarkers", "type": "array" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "AuthenticationScheme": { + "markdownDescription": "An authentication scheme to use when connecting with a CDN.", + "title": "AuthenticationScheme", + "type": "string" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "CacheFullBehavior": { + "markdownDescription": "Controls behavior when the content cache fills up. If a remote origin server stalls the RTMP connection and doesn't accept content fast enough, the media cache fills up. When the cache reaches the duration specified by cacheLength, the cache stops accepting new content. If set to disconnectImmediately, the RTMP output forces a disconnect. Clear the media cache, and reconnect after restartDelay seconds. If set to waitForServer, the RTMP output waits up to 5 minutes to allow the origin server to begin accepting data again.", + "title": "CacheFullBehavior", + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "CacheLength": { + "markdownDescription": "The cache length, in seconds, that is used to calculate buffer size.", + "title": "CacheLength", + "type": "number" + }, + "CaptionData": { + "markdownDescription": "Controls the types of data that pass to onCaptionInfo outputs. If set to all, 608 and 708 carried DTVCC data is passed. If set to field1AndField2608, DTVCC data is stripped out, but 608 data from both fields is passed. If set to field1608, only the data carried in 608 from field 1 video is passed.", + "title": "CaptionData", + "type": "string" + }, + "IncludeFillerNalUnits": { + "markdownDescription": "", + "title": "IncludeFillerNalUnits", + "type": "string" + }, + "InputLossAction": { + "markdownDescription": "Controls the behavior of this RTMP group if the input becomes unavailable. emitOutput: Emit a slate until the input returns. pauseOutput: Stop transmitting data until the input returns. This does not close the underlying RTMP connection.", + "title": "InputLossAction", "type": "string" + }, + "RestartDelay": { + "markdownDescription": "If a streaming output fails, the number of seconds to wait until a restart is initiated. A value of 0 means never restart.", + "title": "RestartDelay", + "type": "number" } }, - "required": [ - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.GeospatialPointStyleOptions": { + "AWS::MediaLive::Channel.RtmpOutputSettings": { "additionalProperties": false, "properties": { - "ClusterMarkerConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ClusterMarkerConfiguration", - "markdownDescription": "The cluster marker configuration of the geospatial point style.", - "title": "ClusterMarkerConfiguration" + "CertificateMode": { + "markdownDescription": "If set to verifyAuthenticity, verifies the TLS certificate chain to a trusted certificate authority (CA). This causes RTMPS outputs with self-signed certificates to fail.", + "title": "CertificateMode", + "type": "string" }, - "HeatmapConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialHeatmapConfiguration", - "markdownDescription": "The heatmap configuration of the geospatial point style.", - "title": "HeatmapConfiguration" + "ConnectionRetryInterval": { + "markdownDescription": "The number of seconds to wait before retrying a connection to the Flash Media server if the connection is lost.", + "title": "ConnectionRetryInterval", + "type": "number" }, - "SelectedPointStyle": { - "markdownDescription": "The selected point styles (point, cluster) of the geospatial map.", - "title": "SelectedPointStyle", - "type": "string" + "Destination": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", + "markdownDescription": "The RTMP endpoint excluding the stream name (for example, rtmp://host/appname).", + "title": "Destination" + }, + "NumRetries": { + "markdownDescription": "The number of retry attempts.", + "title": "NumRetries", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.GeospatialWindowOptions": { + "AWS::MediaLive::Channel.Scte20PlusEmbeddedDestinationSettings": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::MediaLive::Channel.Scte20SourceSettings": { "additionalProperties": false, "properties": { - "Bounds": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialCoordinateBounds", - "markdownDescription": "The bounds options (north, south, west, east) of the geospatial window options.", - "title": "Bounds" - }, - "MapZoomMode": { - "markdownDescription": "The map zoom modes (manual, auto) of the geospatial window options.", - "title": "MapZoomMode", + "Convert608To708": { + "markdownDescription": "If upconvert, 608 data is both passed through the \"608 compatibility bytes\" fields of the 708 wrapper as well as translated into 708. Any 708 data present in the source content is discarded.", + "title": "Convert608To708", "type": "string" + }, + "Source608ChannelNumber": { + "markdownDescription": "Specifies the 608/708 channel number within the video track from which to extract captions.", + "title": "Source608ChannelNumber", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.GlobalTableBorderOptions": { + "AWS::MediaLive::Channel.Scte27DestinationSettings": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::MediaLive::Channel.Scte27SourceSettings": { "additionalProperties": false, "properties": { - "SideSpecificBorder": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableSideBorderOptions", - "markdownDescription": "Determines the options for side specific border.", - "title": "SideSpecificBorder" + "OcrLanguage": { + "markdownDescription": "If you will configure a WebVTT caption description that references this caption selector, use this field to\nprovide the language to consider when translating the image-based source to text.", + "title": "OcrLanguage", + "type": "string" }, - "UniformBorder": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", - "markdownDescription": "Determines the options for uniform border.", - "title": "UniformBorder" + "Pid": { + "markdownDescription": "The PID field is used in conjunction with the captions selector languageCode field as follows: Specify PID and Language: Extracts captions from that PID; the language is \"informational.\" Specify PID and omit Language: Extracts the specified PID. Omit PID and specify Language: Extracts the specified language, whichever PID that happens to be. Omit PID and omit Language: Valid only if source is DVB-Sub that is being passed through; all languages are passed through.", + "title": "Pid", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.GradientColor": { + "AWS::MediaLive::Channel.Scte35SpliceInsert": { "additionalProperties": false, "properties": { - "Stops": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GradientStop" - }, - "markdownDescription": "The list of gradient color stops.", - "title": "Stops", - "type": "array" + "AdAvailOffset": { + "markdownDescription": "When specified, this offset (in milliseconds) is added to the input ad avail PTS time. This applies only to embedded SCTE 104/35 messages. It doesn't apply to OOB messages.", + "title": "AdAvailOffset", + "type": "number" + }, + "NoRegionalBlackoutFlag": { + "markdownDescription": "When set to ignore, segment descriptors with noRegionalBlackoutFlag set to 0 no longer trigger blackouts or ad avail slates.", + "title": "NoRegionalBlackoutFlag", + "type": "string" + }, + "WebDeliveryAllowedFlag": { + "markdownDescription": "When set to ignore, segment descriptors with webDeliveryAllowedFlag set to 0 no longer trigger blackouts or ad avail slates.", + "title": "WebDeliveryAllowedFlag", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.GradientStop": { + "AWS::MediaLive::Channel.Scte35TimeSignalApos": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "Determines the color.", - "title": "Color", - "type": "string" - }, - "DataValue": { - "markdownDescription": "Determines the data value.", - "title": "DataValue", + "AdAvailOffset": { + "markdownDescription": "When specified, this offset (in milliseconds) is added to the input ad avail PTS time. This applies only to embedded SCTE 104/35 messages. It doesn't apply to OOB messages.", + "title": "AdAvailOffset", "type": "number" }, - "GradientOffset": { - "markdownDescription": "Determines gradient offset value.", - "title": "GradientOffset", - "type": "number" + "NoRegionalBlackoutFlag": { + "markdownDescription": "When set to ignore, segment descriptors with noRegionalBlackoutFlag set to 0 no longer trigger blackouts or ad avail slates.", + "title": "NoRegionalBlackoutFlag", + "type": "string" + }, + "WebDeliveryAllowedFlag": { + "markdownDescription": "When set to ignore, segment descriptors with webDeliveryAllowedFlag set to 0 no longer trigger blackouts or ad avail slates.", + "title": "WebDeliveryAllowedFlag", + "type": "string" } }, - "required": [ - "GradientOffset" - ], "type": "object" }, - "AWS::QuickSight::Analysis.GridLayoutCanvasSizeOptions": { + "AWS::MediaLive::Channel.SmpteTtDestinationSettings": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::MediaLive::Channel.SrtGroupSettings": { "additionalProperties": false, "properties": { - "ScreenCanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GridLayoutScreenCanvasSizeOptions", - "markdownDescription": "The options that determine the sizing of the canvas used in a grid layout.", - "title": "ScreenCanvasSizeOptions" + "InputLossAction": { + "markdownDescription": "", + "title": "InputLossAction", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.GridLayoutConfiguration": { + "AWS::MediaLive::Channel.SrtOutputDestinationSettings": { "additionalProperties": false, "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GridLayoutCanvasSizeOptions", + "EncryptionPassphraseSecretArn": { "markdownDescription": "", - "title": "CanvasSizeOptions" + "title": "EncryptionPassphraseSecretArn", + "type": "string" }, - "Elements": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GridLayoutElement" - }, - "markdownDescription": "The elements that are included in a grid layout.", - "title": "Elements", - "type": "array" + "StreamId": { + "markdownDescription": "", + "title": "StreamId", + "type": "string" + }, + "Url": { + "markdownDescription": "", + "title": "Url", + "type": "string" } }, - "required": [ - "Elements" - ], "type": "object" }, - "AWS::QuickSight::Analysis.GridLayoutElement": { + "AWS::MediaLive::Channel.SrtOutputSettings": { "additionalProperties": false, "properties": { - "ColumnIndex": { - "markdownDescription": "The column index for the upper left corner of an element.", - "title": "ColumnIndex", + "BufferMsec": { + "markdownDescription": "", + "title": "BufferMsec", "type": "number" }, - "ColumnSpan": { - "markdownDescription": "The width of a grid element expressed as a number of grid columns.", - "title": "ColumnSpan", - "type": "number" + "ContainerSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.UdpContainerSettings", + "markdownDescription": "", + "title": "ContainerSettings" }, - "ElementId": { - "markdownDescription": "A unique identifier for an element within a grid layout.", - "title": "ElementId", - "type": "string" + "Destination": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", + "markdownDescription": "", + "title": "Destination" }, - "ElementType": { - "markdownDescription": "The type of element.", - "title": "ElementType", + "EncryptionType": { + "markdownDescription": "", + "title": "EncryptionType", "type": "string" }, - "RowIndex": { - "markdownDescription": "The row index for the upper left corner of an element.", - "title": "RowIndex", - "type": "number" - }, - "RowSpan": { - "markdownDescription": "The height of a grid element expressed as a number of grid rows.", - "title": "RowSpan", + "Latency": { + "markdownDescription": "", + "title": "Latency", "type": "number" } }, - "required": [ - "ColumnSpan", - "ElementId", - "ElementType", - "RowSpan" - ], "type": "object" }, - "AWS::QuickSight::Analysis.GridLayoutScreenCanvasSizeOptions": { + "AWS::MediaLive::Channel.StandardHlsSettings": { "additionalProperties": false, "properties": { - "OptimizedViewPortWidth": { - "markdownDescription": "The width that the view port will be optimized for when the layout renders.", - "title": "OptimizedViewPortWidth", + "AudioRenditionSets": { + "markdownDescription": "Lists all the audio groups that are used with the video output stream. This inputs all the audio GROUP-IDs that are associated with the video, separated by a comma (,).", + "title": "AudioRenditionSets", "type": "string" }, - "ResizeOption": { - "markdownDescription": "This value determines the layout behavior when the viewport is resized.\n\n- `FIXED` : A fixed width will be used when optimizing the layout. In the Amazon QuickSight console, this option is called `Classic` .\n- `RESPONSIVE` : The width of the canvas will be responsive and optimized to the view port. In the Amazon QuickSight console, this option is called `Tiled` .", - "title": "ResizeOption", - "type": "string" + "M3u8Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.M3u8Settings", + "markdownDescription": "Settings for the M3U8 container.", + "title": "M3u8Settings" } }, - "required": [ - "ResizeOption" - ], "type": "object" }, - "AWS::QuickSight::Analysis.GrowthRateComputation": { + "AWS::MediaLive::Channel.StaticKeySettings": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" + "KeyProviderServer": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", + "markdownDescription": "The URL of the license server that is used for protecting content.", + "title": "KeyProviderServer" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "StaticKeyValue": { + "markdownDescription": "The static key value as a 32 character hexadecimal string.", + "title": "StaticKeyValue", "type": "string" - }, - "PeriodSize": { - "markdownDescription": "The period size setup of a growth rate computation.", - "title": "PeriodSize", - "type": "number" - }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" - }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" } }, - "required": [ - "ComputationId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.HeaderFooterSectionConfiguration": { + "AWS::MediaLive::Channel.TeletextDestinationSettings": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::MediaLive::Channel.TeletextSourceSettings": { "additionalProperties": false, "properties": { - "Layout": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionLayoutConfiguration", - "markdownDescription": "The layout configuration of the header or footer section.", - "title": "Layout" + "OutputRectangle": { + "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionRectangle", + "markdownDescription": "Settings to configure the caption rectangle for an output captions that will be created using this Teletext source captions.", + "title": "OutputRectangle" }, - "SectionId": { - "markdownDescription": "The unique identifier of the header or footer section.", - "title": "SectionId", + "PageNumber": { + "markdownDescription": "Specifies the Teletext page number within the data stream from which to extract captions. The range is 0x100 (256) to 0x8FF (2303). This is unused for passthrough. It should be specified as a hexadecimal string with no \"0x\" prefix.", + "title": "PageNumber", "type": "string" - }, - "Style": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionStyle", - "markdownDescription": "The style options of a header or footer section.", - "title": "Style" } }, - "required": [ - "Layout", - "SectionId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.HeatMapAggregatedFieldWells": { + "AWS::MediaLive::Channel.TemporalFilterSettings": { "additionalProperties": false, "properties": { - "Columns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The columns field well of a heat map.", - "title": "Columns", - "type": "array" - }, - "Rows": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The rows field well of a heat map.", - "title": "Rows", - "type": "array" + "PostFilterSharpening": { + "markdownDescription": "If you enable this filter, the results are the following:\n- If the source content is noisy (it contains excessive digital artifacts), the filter cleans up the source.\n- If the source content is already clean, the filter tends to decrease the bitrate, especially when the rate control mode is QVBR.", + "title": "PostFilterSharpening", + "type": "string" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The values field well of a heat map.", - "title": "Values", - "type": "array" + "Strength": { + "markdownDescription": "Choose a filter strength. We recommend a strength of 1 or 2. A higher strength might take out good information, resulting in an image that is overly soft.", + "title": "Strength", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.HeatMapConfiguration": { + "AWS::MediaLive::Channel.ThumbnailConfiguration": { "additionalProperties": false, "properties": { - "ColorScale": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColorScale", - "markdownDescription": "The color options (gradient color, point of divergence) in a heat map.", - "title": "ColorScale" - }, - "ColumnLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options of the column that is displayed in a heat map.", - "title": "ColumnLabelOptions" - }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.", - "title": "DataLabels" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.HeatMapFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" - }, - "RowLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options of the row that is displayed in a `heat map` .", - "title": "RowLabelOptions" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.HeatMapSortConfiguration", - "markdownDescription": "The sort configuration of a heat map.", - "title": "SortConfiguration" - }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" + "State": { + "markdownDescription": "", + "title": "State", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.HeatMapFieldWells": { + "AWS::MediaLive::Channel.TimecodeBurninSettings": { "additionalProperties": false, "properties": { - "HeatMapAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.HeatMapAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a heat map.", - "title": "HeatMapAggregatedFieldWells" + "FontSize": { + "markdownDescription": "", + "title": "FontSize", + "type": "string" + }, + "Position": { + "markdownDescription": "", + "title": "Position", + "type": "string" + }, + "Prefix": { + "markdownDescription": "", + "title": "Prefix", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.HeatMapSortConfiguration": { + "AWS::MediaLive::Channel.TimecodeConfig": { "additionalProperties": false, "properties": { - "HeatMapColumnItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of columns that are displayed in a heat map.", - "title": "HeatMapColumnItemsLimitConfiguration" - }, - "HeatMapColumnSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The column sort configuration for heat map for columns that aren't a part of a field well.", - "title": "HeatMapColumnSort", - "type": "array" - }, - "HeatMapRowItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of rows that are displayed in a heat map.", - "title": "HeatMapRowItemsLimitConfiguration" + "Source": { + "markdownDescription": "Identifies the source for the timecode that will be associated with the channel outputs. Embedded (embedded): Initialize the output timecode with timecode from the source. If no embedded timecode is detected in the source, the system falls back to using \"Start at 0\" (zerobased). System Clock (systemclock): Use the UTC time. Start at 0 (zerobased): The time of the first frame of the channel will be 00:00:00:00.", + "title": "Source", + "type": "string" }, - "HeatMapRowSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The field sort configuration of the rows fields.", - "title": "HeatMapRowSort", - "type": "array" + "SyncThreshold": { + "markdownDescription": "The threshold in frames beyond which output timecode is resynchronized to the input timecode. Discrepancies below this threshold are permitted to avoid unnecessary discontinuities in the output timecode. There is no timecode sync when this is not specified.", + "title": "SyncThreshold", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.HeatMapVisual": { + "AWS::MediaLive::Channel.TtmlDestinationSettings": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.HeatMapConfiguration", - "markdownDescription": "The configuration of a heat map.", - "title": "ChartConfiguration" - }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" - }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "StyleControl": { + "markdownDescription": "When set to passthrough, passes through style and position information from a TTML-like input source (TTML, SMPTE-TT, CFF-TT) to the CFF-TT output or TTML output.", + "title": "StyleControl", "type": "string" } }, - "required": [ - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.HistogramAggregatedFieldWells": { + "AWS::MediaLive::Channel.UdpContainerSettings": { "additionalProperties": false, "properties": { - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The value field wells of a histogram. Values are aggregated by `COUNT` or `DISTINCT_COUNT` .", - "title": "Values", - "type": "array" + "M2tsSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.M2tsSettings", + "markdownDescription": "The M2TS configuration for this UDP output.", + "title": "M2tsSettings" } }, "type": "object" }, - "AWS::QuickSight::Analysis.HistogramBinOptions": { + "AWS::MediaLive::Channel.UdpGroupSettings": { "additionalProperties": false, "properties": { - "BinCount": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BinCountOptions", - "markdownDescription": "The options that determine the bin count of a histogram.", - "title": "BinCount" - }, - "BinWidth": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BinWidthOptions", - "markdownDescription": "The options that determine the bin width of a histogram.", - "title": "BinWidth" + "InputLossAction": { + "markdownDescription": "Specifies the behavior of the last resort when the input video is lost, and no more backup inputs are available. When dropTs is selected, the entire transport stream stops emitting. When dropProgram is selected, the program can be dropped from the transport stream (and replaced with null packets to meet the TS bitrate requirement). Or when emitProgram is selected, the transport stream continues to be produced normally with repeat frames, black frames, or slate frames substituted for the absent input video.", + "title": "InputLossAction", + "type": "string" }, - "SelectedBinType": { - "markdownDescription": "The options that determine the selected bin type.", - "title": "SelectedBinType", + "TimedMetadataId3Frame": { + "markdownDescription": "Indicates the ID3 frame that has the timecode.", + "title": "TimedMetadataId3Frame", "type": "string" }, - "StartValue": { - "markdownDescription": "The options that determine the bin start value.", - "title": "StartValue", + "TimedMetadataId3Period": { + "markdownDescription": "The timed metadata interval in seconds.", + "title": "TimedMetadataId3Period", "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.HistogramConfiguration": { - "additionalProperties": false, - "properties": { - "BinOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.HistogramBinOptions", - "markdownDescription": "The options that determine the presentation of histogram bins.", - "title": "BinOptions" - }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", - "markdownDescription": "The data label configuration of a histogram.", - "title": "DataLabels" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.HistogramFieldWells", - "markdownDescription": "The field well configuration of a histogram.", - "title": "FieldWells" - }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", - "markdownDescription": "The tooltip configuration of a histogram.", - "title": "Tooltip" - }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", - "markdownDescription": "The visual palette configuration of a histogram.", - "title": "VisualPalette" - }, - "XAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the x-axis.", - "title": "XAxisDisplayOptions" - }, - "XAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the x-axis label.", - "title": "XAxisLabelOptions" - }, - "YAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the y-axis.", - "title": "YAxisDisplayOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.HistogramFieldWells": { - "additionalProperties": false, - "properties": { - "HistogramAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.HistogramAggregatedFieldWells", - "markdownDescription": "The field well configuration of a histogram.", - "title": "HistogramAggregatedFieldWells" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.HistogramVisual": { + "AWS::MediaLive::Channel.UdpOutputSettings": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.HistogramConfiguration", - "markdownDescription": "The configuration for a `HistogramVisual` .", - "title": "ChartConfiguration" + "BufferMsec": { + "markdownDescription": "The UDP output buffering in milliseconds. Larger values increase latency through the transcoder but simultaneously assist the transcoder in maintaining a constant, low-jitter UDP/RTP output while accommodating clock recovery, input switching, input disruptions, picture reordering, and so on.", + "title": "BufferMsec", + "type": "number" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "ContainerSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.UdpContainerSettings", + "markdownDescription": "The settings for the UDP output.", + "title": "ContainerSettings" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Destination": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", + "markdownDescription": "The destination address and port number for RTP or UDP packets. These can be unicast or multicast RTP or UDP (for example, rtp://239.10.10.10:5001 or udp://10.100.100.100:5002).", + "title": "Destination" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", - "type": "string" + "FecOutputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.FecOutputSettings", + "markdownDescription": "The settings for enabling and adjusting Forward Error Correction on UDP outputs.", + "title": "FecOutputSettings" } }, - "required": [ - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.InsightConfiguration": { + "AWS::MediaLive::Channel.VideoBlackFailoverSettings": { "additionalProperties": false, "properties": { - "Computations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.Computation" - }, - "markdownDescription": "The computations configurations of the insight visual", - "title": "Computations", - "type": "array" + "BlackDetectThreshold": { + "markdownDescription": "A value used in calculating the threshold below which MediaLive considers a pixel to be 'black'. For the input to be considered black, every pixel in a frame must be below this threshold. The threshold is calculated as a percentage (expressed as a decimal) of white. Therefore .1 means 10% white (or 90% black). Note how the formula works for any color depth. For example, if you set this field to 0.1 in 10-bit color depth: (1023*0.1=102.3), which means a pixel value of 102 or less is 'black'. If you set this field to .1 in an 8-bit color depth: (255*0.1=25.5), which means a pixel value of 25 or less is 'black'. The range is 0.0 to 1.0, with any number of decimal places.", + "title": "BlackDetectThreshold", + "type": "number" }, - "CustomNarrative": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomNarrativeOptions", - "markdownDescription": "The custom narrative of the insight visual.", - "title": "CustomNarrative" + "VideoBlackThresholdMsec": { + "markdownDescription": "The amount of time (in milliseconds) that the active input must be black before automatic input failover occurs.", + "title": "VideoBlackThresholdMsec", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.InsightVisual": { + "AWS::MediaLive::Channel.VideoCodecSettings": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "DataSetIdentifier": { - "markdownDescription": "The dataset that is used in the insight visual.", - "title": "DataSetIdentifier", - "type": "string" + "Av1Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Av1Settings", + "markdownDescription": "", + "title": "Av1Settings" }, - "InsightConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.InsightConfiguration", - "markdownDescription": "The configuration of an insight visual.", - "title": "InsightConfiguration" + "FrameCaptureSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.FrameCaptureSettings", + "markdownDescription": "The settings for the video codec in a frame capture output.", + "title": "FrameCaptureSettings" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "H264Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.H264Settings", + "markdownDescription": "The settings for the H.264 codec in the output.", + "title": "H264Settings" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "H265Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.H265Settings", + "markdownDescription": "Settings for video encoded with the H265 codec.", + "title": "H265Settings" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", - "type": "string" + "Mpeg2Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Mpeg2Settings", + "markdownDescription": "Settings for video encoded with the MPEG-2 codec.", + "title": "Mpeg2Settings" } }, - "required": [ - "DataSetIdentifier", - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.IntegerDefaultValues": { + "AWS::MediaLive::Channel.VideoDescription": { "additionalProperties": false, "properties": { - "DynamicValue": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DynamicDefaultValue", - "markdownDescription": "The dynamic value of the `IntegerDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", - "title": "DynamicValue" + "CodecSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.VideoCodecSettings", + "markdownDescription": "The video codec settings.", + "title": "CodecSettings" + }, + "Height": { + "markdownDescription": "The output video height, in pixels. This must be an even number. For most codecs, you can keep this field and width blank in order to use the height and width (resolution) from the source. Note that we don't recommend keeping the field blank. For the Frame Capture codec, height and width are required.", + "title": "Height", + "type": "number" }, - "StaticValues": { - "items": { - "type": "number" - }, - "markdownDescription": "The static values of the `IntegerDefaultValues` .", - "title": "StaticValues", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.IntegerParameter": { - "additionalProperties": false, - "properties": { "Name": { - "markdownDescription": "The name of the integer parameter.", + "markdownDescription": "The name of this VideoDescription. Outputs use this name to uniquely identify this description. Description names should be unique within this channel.", "title": "Name", "type": "string" }, - "Values": { - "items": { - "type": "number" - }, - "markdownDescription": "The values for the integer parameter.", - "title": "Values", - "type": "array" - } - }, - "required": [ - "Name", - "Values" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.IntegerParameterDeclaration": { - "additionalProperties": false, - "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.IntegerDefaultValues", - "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", - "title": "DefaultValues" - }, - "MappedDataSetParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MappedDataSetParameter" - }, - "markdownDescription": "", - "title": "MappedDataSetParameters", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the parameter that is being declared.", - "title": "Name", + "RespondToAfd": { + "markdownDescription": "Indicates how to respond to the AFD values in the input stream. RESPOND causes input video to be clipped, depending on the AFD value, input display aspect ratio, and output display aspect ratio, and (except for the FRAMECAPTURE codec) includes the values in the output. PASSTHROUGH (does not apply to FRAMECAPTURE codec) ignores the AFD values and includes the values in the output, so input video is not clipped. NONE ignores the AFD values and does not include the values through to the output, so input video is not clipped.", + "title": "RespondToAfd", "type": "string" }, - "ParameterValueType": { - "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", - "title": "ParameterValueType", + "ScalingBehavior": { + "markdownDescription": "STRETCHTOOUTPUT configures the output position to stretch the video to the specified output resolution (height and width). This option overrides any position value. DEFAULT might insert black boxes (pillar boxes or letter boxes) around the video to provide the specified output resolution.", + "title": "ScalingBehavior", "type": "string" }, - "ValueWhenUnset": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.IntegerValueWhenUnsetConfiguration", - "markdownDescription": "A parameter declaration for the `Integer` data type.", - "title": "ValueWhenUnset" - } - }, - "required": [ - "Name", - "ParameterValueType" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.IntegerValueWhenUnsetConfiguration": { - "additionalProperties": false, - "properties": { - "CustomValue": { - "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", - "title": "CustomValue", + "Sharpness": { + "markdownDescription": "Changes the strength of the anti-alias filter used for scaling. 0 is the softest setting, and 100 is the sharpest. We recommend a setting of 50 for most content.", + "title": "Sharpness", "type": "number" }, - "ValueWhenUnsetOption": { - "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", - "title": "ValueWhenUnsetOption", - "type": "string" + "Width": { + "markdownDescription": "The output video width, in pixels. It must be an even number. For most codecs, you can keep this field and height blank in order to use the height and width (resolution) from the source. Note that we don't recommend keeping the field blank. For the Frame Capture codec, height and width are required.", + "title": "Width", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ItemsLimitConfiguration": { + "AWS::MediaLive::Channel.VideoSelector": { "additionalProperties": false, "properties": { - "ItemsLimit": { - "markdownDescription": "The limit on how many items of a field are showed in the chart. For example, the number of slices that are displayed in a pie chart.", - "title": "ItemsLimit", - "type": "number" + "ColorSpace": { + "markdownDescription": "Specifies the color space of an input. This setting works in tandem with colorSpaceConversion to determine if MediaLive will perform any conversion.", + "title": "ColorSpace", + "type": "string" }, - "OtherCategories": { - "markdownDescription": "The `Show other` of an axis in the chart. Choose one of the following options:\n\n- `INCLUDE`\n- `EXCLUDE`", - "title": "OtherCategories", + "ColorSpaceSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.VideoSelectorColorSpaceSettings", + "markdownDescription": "Settings to configure color space settings in the incoming video.", + "title": "ColorSpaceSettings" + }, + "ColorSpaceUsage": { + "markdownDescription": "Applies only if colorSpace is a value other than Follow. This field controls how the value in the colorSpace field is used. Fallback means that when the input does include color space data, that data is used, but when the input has no color space data, the value in colorSpace is used. Choose fallback if your input is sometimes missing color space data, but when it does have color space data, that data is correct. Force means to always use the value in colorSpace. Choose force if your input usually has no color space data or might have unreliable color space data.", + "title": "ColorSpaceUsage", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.KPIActualValueConditionalFormatting": { - "additionalProperties": false, - "properties": { - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting of the actual value's icon.", - "title": "Icon" }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the actual value's text color.", - "title": "TextColor" + "SelectorSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.VideoSelectorSettings", + "markdownDescription": "Information about the video to select from the content.", + "title": "SelectorSettings" } }, "type": "object" }, - "AWS::QuickSight::Analysis.KPIComparisonValueConditionalFormatting": { + "AWS::MediaLive::Channel.VideoSelectorColorSpaceSettings": { "additionalProperties": false, "properties": { - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting of the comparison value's icon.", - "title": "Icon" - }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the comparison value's text color.", - "title": "TextColor" + "Hdr10Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Hdr10Settings", + "markdownDescription": "Settings to configure color space settings in the incoming video.", + "title": "Hdr10Settings" } }, "type": "object" }, - "AWS::QuickSight::Analysis.KPIConditionalFormatting": { + "AWS::MediaLive::Channel.VideoSelectorPid": { "additionalProperties": false, "properties": { - "ConditionalFormattingOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIConditionalFormattingOption" - }, - "markdownDescription": "The conditional formatting options of a KPI visual.", - "title": "ConditionalFormattingOptions", - "type": "array" + "Pid": { + "markdownDescription": "Selects a specific PID from within a video source.", + "title": "Pid", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.KPIConditionalFormattingOption": { + "AWS::MediaLive::Channel.VideoSelectorProgramId": { "additionalProperties": false, "properties": { - "ActualValue": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIActualValueConditionalFormatting", - "markdownDescription": "The conditional formatting for the actual value of a KPI visual.", - "title": "ActualValue" - }, - "ComparisonValue": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIComparisonValueConditionalFormatting", - "markdownDescription": "The conditional formatting for the comparison value of a KPI visual.", - "title": "ComparisonValue" - }, - "PrimaryValue": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIPrimaryValueConditionalFormatting", - "markdownDescription": "The conditional formatting for the primary value of a KPI visual.", - "title": "PrimaryValue" - }, - "ProgressBar": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIProgressBarConditionalFormatting", - "markdownDescription": "The conditional formatting for the progress bar of a KPI visual.", - "title": "ProgressBar" + "ProgramId": { + "markdownDescription": "Selects a specific program from within a multi-program transport stream. If the program doesn't exist, MediaLive selects the first program within the transport stream by default.", + "title": "ProgramId", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.KPIConfiguration": { + "AWS::MediaLive::Channel.VideoSelectorSettings": { "additionalProperties": false, "properties": { - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIFieldWells", - "markdownDescription": "The field well configuration of a KPI visual.", - "title": "FieldWells" - }, - "KPIOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIOptions", - "markdownDescription": "The options that determine the presentation of a KPI visual.", - "title": "KPIOptions" + "VideoSelectorPid": { + "$ref": "#/definitions/AWS::MediaLive::Channel.VideoSelectorPid", + "markdownDescription": "Used to extract video by PID.", + "title": "VideoSelectorPid" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPISortConfiguration", - "markdownDescription": "The sort configuration of a KPI visual.", - "title": "SortConfiguration" + "VideoSelectorProgramId": { + "$ref": "#/definitions/AWS::MediaLive::Channel.VideoSelectorProgramId", + "markdownDescription": "Used to extract video by program ID.", + "title": "VideoSelectorProgramId" } }, "type": "object" }, - "AWS::QuickSight::Analysis.KPIFieldWells": { + "AWS::MediaLive::Channel.VpcOutputSettings": { "additionalProperties": false, "properties": { - "TargetValues": { + "PublicAddressAllocationIds": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + "type": "string" }, - "markdownDescription": "The target value field wells of a KPI visual.", - "title": "TargetValues", + "markdownDescription": "List of public address allocation IDs to associate with ENIs that will be created in Output VPC. Must specify one for SINGLE_PIPELINE, two for STANDARD channels", + "title": "PublicAddressAllocationIds", "type": "array" }, - "TrendGroups": { + "SecurityGroupIds": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + "type": "string" }, - "markdownDescription": "The trend group field wells of a KPI visual.", - "title": "TrendGroups", + "markdownDescription": "A list of up to 5 EC2 VPC security group IDs to attach to the Output VPC network interfaces.\nIf none are specified then the VPC default security group will be used", + "title": "SecurityGroupIds", "type": "array" }, - "Values": { + "SubnetIds": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + "type": "string" }, - "markdownDescription": "The value field wells of a KPI visual.", - "title": "Values", + "markdownDescription": "A list of VPC subnet IDs from the same VPC.\nIf STANDARD channel, subnet IDs must be mapped to two unique availability zones (AZ).", + "title": "SubnetIds", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.KPIOptions": { + "AWS::MediaLive::Channel.WavSettings": { "additionalProperties": false, "properties": { - "Comparison": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ComparisonConfiguration", - "markdownDescription": "The comparison configuration of a KPI visual.", - "title": "Comparison" + "BitDepth": { + "markdownDescription": "Bits per sample.", + "title": "BitDepth", + "type": "number" }, - "PrimaryValueDisplayType": { - "markdownDescription": "The options that determine the primary value display type.", - "title": "PrimaryValueDisplayType", + "CodingMode": { + "markdownDescription": "The audio coding mode for the WAV audio. The mode determines the number of channels in the audio.", + "title": "CodingMode", "type": "string" }, - "PrimaryValueFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", - "markdownDescription": "The options that determine the primary value font configuration.", - "title": "PrimaryValueFontConfiguration" - }, - "ProgressBar": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ProgressBarOptions", - "markdownDescription": "The options that determine the presentation of the progress bar of a KPI visual.", - "title": "ProgressBar" - }, - "SecondaryValue": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SecondaryValueOptions", - "markdownDescription": "The options that determine the presentation of the secondary value of a KPI visual.", - "title": "SecondaryValue" - }, - "SecondaryValueFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", - "markdownDescription": "The options that determine the secondary value font configuration.", - "title": "SecondaryValueFontConfiguration" - }, - "Sparkline": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPISparklineOptions", - "markdownDescription": "The options that determine the visibility, color, type, and tooltip visibility of the sparkline of a KPI visual.", - "title": "Sparkline" - }, - "TrendArrows": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TrendArrowOptions", - "markdownDescription": "The options that determine the presentation of trend arrows in a KPI visual.", - "title": "TrendArrows" - }, - "VisualLayoutOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIVisualLayoutOptions", - "markdownDescription": "The options that determine the layout a KPI visual.", - "title": "VisualLayoutOptions" + "SampleRate": { + "markdownDescription": "Sample rate in Hz.", + "title": "SampleRate", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.KPIPrimaryValueConditionalFormatting": { + "AWS::MediaLive::Channel.WebvttDestinationSettings": { "additionalProperties": false, "properties": { - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting of the primary value's icon.", - "title": "Icon" - }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the primary value's text color.", - "title": "TextColor" + "StyleControl": { + "markdownDescription": "Controls whether the color and position of the source captions is passed through to the WebVTT output captions. PASSTHROUGH - Valid only if the source captions are EMBEDDED or TELETEXT. NO_STYLE_DATA - Don't pass through the style. The output captions will not contain any font styling information.", + "title": "StyleControl", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.KPIProgressBarConditionalFormatting": { + "AWS::MediaLive::ChannelPlacementGroup": { "additionalProperties": false, "properties": { - "ForegroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the progress bar's foreground color.", - "title": "ForegroundColor" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ClusterId": { + "markdownDescription": "", + "title": "ClusterId", + "type": "string" + }, + "Name": { + "markdownDescription": "", + "title": "Name", + "type": "string" + }, + "Nodes": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "Nodes", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::ChannelPlacementGroup.Tags" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaLive::ChannelPlacementGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::QuickSight::Analysis.KPISortConfiguration": { + "AWS::MediaLive::ChannelPlacementGroup.Tags": { "additionalProperties": false, "properties": { - "TrendGroupSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the trend group fields.", - "title": "TrendGroupSort", - "type": "array" + "Key": { + "markdownDescription": "", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "", + "title": "Value", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.KPISparklineOptions": { + "AWS::MediaLive::CloudWatchAlarmTemplate": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The color of the sparkline.", - "title": "Color", + "Condition": { "type": "string" }, - "TooltipVisibility": { - "markdownDescription": "The tooltip visibility of the sparkline.", - "title": "TooltipVisibility", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ComparisonOperator": { + "markdownDescription": "The comparison operator used to compare the specified statistic and the threshold.", + "title": "ComparisonOperator", + "type": "string" + }, + "DatapointsToAlarm": { + "markdownDescription": "The number of datapoints within the evaluation period that must be breaching to trigger the alarm.", + "title": "DatapointsToAlarm", + "type": "number" + }, + "Description": { + "markdownDescription": "A resource's optional description.", + "title": "Description", + "type": "string" + }, + "EvaluationPeriods": { + "markdownDescription": "The number of periods over which data is compared to the specified threshold.", + "title": "EvaluationPeriods", + "type": "number" + }, + "GroupIdentifier": { + "markdownDescription": "A cloudwatch alarm template group's identifier. Can be either be its id or current name.", + "title": "GroupIdentifier", + "type": "string" + }, + "MetricName": { + "markdownDescription": "The name of the metric associated with the alarm. Must be compatible with targetResourceType.", + "title": "MetricName", + "type": "string" + }, + "Name": { + "markdownDescription": "A resource's name. Names must be unique within the scope of a resource type in a specific region.", + "title": "Name", + "type": "string" + }, + "Period": { + "markdownDescription": "The period, in seconds, over which the specified statistic is applied.", + "title": "Period", + "type": "number" + }, + "Statistic": { + "markdownDescription": "The statistic to apply to the alarm's metric data.", + "title": "Statistic", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "TargetResourceType": { + "markdownDescription": "The resource type this template should dynamically generate CloudWatch metric alarms for.", + "title": "TargetResourceType", + "type": "string" + }, + "Threshold": { + "markdownDescription": "The threshold value to compare with the specified statistic.", + "title": "Threshold", + "type": "number" + }, + "TreatMissingData": { + "markdownDescription": "Specifies how missing data points are treated when evaluating the alarm's condition.", + "title": "TreatMissingData", + "type": "string" + } + }, + "required": [ + "ComparisonOperator", + "EvaluationPeriods", + "MetricName", + "Name", + "Period", + "Statistic", + "TargetResourceType", + "Threshold", + "TreatMissingData" + ], + "type": "object" + }, "Type": { - "markdownDescription": "The type of the sparkline.", - "title": "Type", + "enum": [ + "AWS::MediaLive::CloudWatchAlarmTemplate" + ], "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the sparkline.", - "title": "Visibility", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.KPIVisual": { + "AWS::MediaLive::CloudWatchAlarmTemplateGroup": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIConfiguration", - "markdownDescription": "The configuration of a KPI visual.", - "title": "ChartConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIConditionalFormatting", - "markdownDescription": "The conditional formatting of a KPI visual.", - "title": "ConditionalFormatting" + "Metadata": { + "type": "object" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A resource's optional description.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "A resource's name. Names must be unique within the scope of a resource type in a specific region.", + "title": "Name", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "Name" + ], + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Type": { + "enum": [ + "AWS::MediaLive::CloudWatchAlarmTemplateGroup" + ], + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.KPIVisualLayoutOptions": { - "additionalProperties": false, - "properties": { - "StandardLayout": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIVisualStandardLayout", - "markdownDescription": "The standard layout of the KPI visual.", - "title": "StandardLayout" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.KPIVisualStandardLayout": { + "AWS::MediaLive::Cluster": { "additionalProperties": false, "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ClusterType": { + "markdownDescription": "", + "title": "ClusterType", + "type": "string" + }, + "InstanceRoleArn": { + "markdownDescription": "", + "title": "InstanceRoleArn", + "type": "string" + }, + "Name": { + "markdownDescription": "", + "title": "Name", + "type": "string" + }, + "NetworkSettings": { + "$ref": "#/definitions/AWS::MediaLive::Cluster.ClusterNetworkSettings", + "markdownDescription": "", + "title": "NetworkSettings" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Cluster.Tags" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, "Type": { - "markdownDescription": "The standard layout type.", - "title": "Type", + "enum": [ + "AWS::MediaLive::Cluster" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, @@ -189308,5996 +191474,7811 @@ ], "type": "object" }, - "AWS::QuickSight::Analysis.LabelOptions": { + "AWS::MediaLive::Cluster.ClusterNetworkSettings": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The text for the label.", - "title": "CustomLabel", + "DefaultRoute": { + "markdownDescription": "", + "title": "DefaultRoute", "type": "string" }, - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", - "markdownDescription": "The font configuration of the label.", - "title": "FontConfiguration" - }, - "Visibility": { - "markdownDescription": "Determines whether or not the label is visible.", - "title": "Visibility", - "type": "string" + "InterfaceMappings": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Cluster.InterfaceMapping" + }, + "markdownDescription": "", + "title": "InterfaceMappings", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.Layout": { + "AWS::MediaLive::Cluster.InterfaceMapping": { "additionalProperties": false, "properties": { - "Configuration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LayoutConfiguration", - "markdownDescription": "The configuration that determines what the type of layout for a sheet.", - "title": "Configuration" + "LogicalInterfaceName": { + "markdownDescription": "", + "title": "LogicalInterfaceName", + "type": "string" + }, + "NetworkId": { + "markdownDescription": "", + "title": "NetworkId", + "type": "string" } }, - "required": [ - "Configuration" - ], "type": "object" }, - "AWS::QuickSight::Analysis.LayoutConfiguration": { + "AWS::MediaLive::Cluster.Tags": { "additionalProperties": false, "properties": { - "FreeFormLayout": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutConfiguration", - "markdownDescription": "A free-form is optimized for a fixed width and has more control over the exact placement of layout elements.", - "title": "FreeFormLayout" - }, - "GridLayout": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GridLayoutConfiguration", - "markdownDescription": "A type of layout that can be used on a sheet. In a grid layout, visuals snap to a grid with standard spacing and alignment. Dashboards are displayed as designed, with options to fit to screen or view at actual size. A grid layout can be configured to behave in one of two ways when the viewport is resized: `FIXED` or `RESPONSIVE` .", - "title": "GridLayout" + "Key": { + "markdownDescription": "", + "title": "Key", + "type": "string" }, - "SectionBasedLayout": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionBasedLayoutConfiguration", - "markdownDescription": "A section based layout organizes visuals into multiple sections and has customized header, footer and page break.", - "title": "SectionBasedLayout" + "Value": { + "markdownDescription": "", + "title": "Value", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.LegendOptions": { + "AWS::MediaLive::EventBridgeRuleTemplate": { "additionalProperties": false, "properties": { - "Height": { - "markdownDescription": "The height of the legend. If this value is omitted, a default height is used when rendering.", - "title": "Height", + "Condition": { "type": "string" }, - "Position": { - "markdownDescription": "The positions for the legend. Choose one of the following options:\n\n- `AUTO`\n- `RIGHT`\n- `BOTTOM`\n- `LEFT`", - "title": "Position", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", - "markdownDescription": "The custom title for the legend.", - "title": "Title" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Visibility": { - "markdownDescription": "Determines whether or not the legend is visible.", - "title": "Visibility", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A resource's optional description.", + "title": "Description", + "type": "string" + }, + "EventTargets": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::EventBridgeRuleTemplate.EventBridgeRuleTemplateTarget" + }, + "markdownDescription": "The destinations that will receive the event notifications.", + "title": "EventTargets", + "type": "array" + }, + "EventType": { + "markdownDescription": "The type of event to match with the rule.", + "title": "EventType", + "type": "string" + }, + "GroupIdentifier": { + "markdownDescription": "An eventbridge rule template group's identifier. Can be either be its id or current name.", + "title": "GroupIdentifier", + "type": "string" + }, + "Name": { + "markdownDescription": "A resource's name. Names must be unique within the scope of a resource type in a specific region.", + "title": "Name", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "EventType", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaLive::EventBridgeRuleTemplate" + ], "type": "string" }, - "Width": { - "markdownDescription": "The width of the legend. If this value is omitted, a default width is used when rendering.", - "title": "Width", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.LineChartAggregatedFieldWells": { + "AWS::MediaLive::EventBridgeRuleTemplate.EventBridgeRuleTemplateTarget": { "additionalProperties": false, "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The category field wells of a line chart. Values are grouped by category fields.", - "title": "Category", - "type": "array" - }, - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The color field wells of a line chart. Values are grouped by category fields.", - "title": "Colors", - "type": "array" - }, - "SmallMultiples": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The small multiples field well of a line chart.", - "title": "SmallMultiples", - "type": "array" - }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The value field wells of a line chart. Values are aggregated based on categories.", - "title": "Values", - "type": "array" + "Arn": { + "markdownDescription": "Target ARNs must be either an SNS topic or CloudWatch log group.", + "title": "Arn", + "type": "string" } }, + "required": [ + "Arn" + ], "type": "object" }, - "AWS::QuickSight::Analysis.LineChartConfiguration": { + "AWS::MediaLive::EventBridgeRuleTemplateGroup": { "additionalProperties": false, "properties": { - "ContributionAnalysisDefaults": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ContributionAnalysisDefault" - }, - "markdownDescription": "The default configuration of a line chart's contribution analysis.", - "title": "ContributionAnalysisDefaults", - "type": "array" + "Condition": { + "type": "string" }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", - "markdownDescription": "The data label configuration of a line chart.", - "title": "DataLabels" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "DefaultSeriesSettings": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartDefaultSeriesSettings", - "markdownDescription": "The options that determine the default presentation of all line series in `LineChartVisual` .", - "title": "DefaultSeriesSettings" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartFieldWells", - "markdownDescription": "The field well configuration of a line chart.", - "title": "FieldWells" + "Metadata": { + "type": "object" }, - "ForecastConfigurations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ForecastConfiguration" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A resource's optional description.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "A resource's name. Names must be unique within the scope of a resource type in a specific region.", + "title": "Name", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } }, - "markdownDescription": "The forecast configuration of a line chart.", - "title": "ForecastConfigurations", - "type": "array" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", - "markdownDescription": "The legend configuration of a line chart.", - "title": "Legend" + "required": [ + "Name" + ], + "type": "object" }, - "PrimaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineSeriesAxisDisplayOptions", - "markdownDescription": "The series axis configuration of a line chart.", - "title": "PrimaryYAxisDisplayOptions" + "Type": { + "enum": [ + "AWS::MediaLive::EventBridgeRuleTemplateGroup" + ], + "type": "string" }, - "PrimaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the y-axis label.", - "title": "PrimaryYAxisLabelOptions" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::MediaLive::Input": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" }, - "ReferenceLines": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLine" - }, - "markdownDescription": "The reference lines configuration of a line chart.", - "title": "ReferenceLines", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "SecondaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineSeriesAxisDisplayOptions", - "markdownDescription": "The series axis configuration of a line chart.", - "title": "SecondaryYAxisDisplayOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SecondaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the secondary y-axis label.", - "title": "SecondaryYAxisLabelOptions" + "Metadata": { + "type": "object" }, - "Series": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SeriesItem" + "Properties": { + "additionalProperties": false, + "properties": { + "Destinations": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Input.InputDestinationRequest" + }, + "markdownDescription": "Settings that apply only if the input is a push type of input.", + "title": "Destinations", + "type": "array" + }, + "InputDevices": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Input.InputDeviceSettings" + }, + "markdownDescription": "Settings that apply only if the input is an Elemental Link input.", + "title": "InputDevices", + "type": "array" + }, + "InputNetworkLocation": { + "markdownDescription": "", + "title": "InputNetworkLocation", + "type": "string" + }, + "InputSecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of input security groups (referenced by IDs) to attach to the input if the input is a push type.", + "title": "InputSecurityGroups", + "type": "array" + }, + "MediaConnectFlows": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Input.MediaConnectFlowRequest" + }, + "markdownDescription": "Settings that apply only if the input is a MediaConnect input.", + "title": "MediaConnectFlows", + "type": "array" + }, + "MulticastSettings": { + "$ref": "#/definitions/AWS::MediaLive::Input.MulticastSettingsCreateRequest", + "markdownDescription": "", + "title": "MulticastSettings" + }, + "Name": { + "markdownDescription": "A name for the input.", + "title": "Name", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The IAM role for MediaLive to assume when creating a MediaConnect input or Amazon VPC input. This doesn't apply to other types of inputs. The role is identified by its ARN.", + "title": "RoleArn", + "type": "string" + }, + "SdiSources": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "SdiSources", + "type": "array" + }, + "Smpte2110ReceiverGroupSettings": { + "$ref": "#/definitions/AWS::MediaLive::Input.Smpte2110ReceiverGroupSettings", + "markdownDescription": "", + "title": "Smpte2110ReceiverGroupSettings" + }, + "Sources": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Input.InputSourceRequest" + }, + "markdownDescription": "Settings that apply only if the input is a pull type of input.", + "title": "Sources", + "type": "array" + }, + "SrtSettings": { + "$ref": "#/definitions/AWS::MediaLive::Input.SrtSettingsRequest", + "markdownDescription": "", + "title": "SrtSettings" + }, + "Tags": { + "markdownDescription": "A collection of tags for this input. Each tag is a key-value pair.", + "title": "Tags", + "type": "object" + }, + "Type": { + "markdownDescription": "The type for this input.", + "title": "Type", + "type": "string" + }, + "Vpc": { + "$ref": "#/definitions/AWS::MediaLive::Input.InputVpcRequest", + "markdownDescription": "Settings that apply only if the input is an push input where the source is on Amazon VPC.", + "title": "Vpc" + } }, - "markdownDescription": "The series item configuration of a line chart.", - "title": "Series", - "type": "array" - }, - "SmallMultiplesOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SmallMultiplesOptions", - "markdownDescription": "The small multiples setup for the visual.", - "title": "SmallMultiplesOptions" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartSortConfiguration", - "markdownDescription": "The sort configuration of a line chart.", - "title": "SortConfiguration" - }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", - "markdownDescription": "The tooltip configuration of a line chart.", - "title": "Tooltip" + "type": "object" }, "Type": { - "markdownDescription": "Determines the type of the line chart.", - "title": "Type", + "enum": [ + "AWS::MediaLive::Input" + ], "type": "string" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", - "markdownDescription": "The visual palette configuration of a line chart.", - "title": "VisualPalette" - }, - "XAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the x-axis.", - "title": "XAxisDisplayOptions" - }, - "XAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the x-axis label.", - "title": "XAxisLabelOptions" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::QuickSight::Analysis.LineChartDefaultSeriesSettings": { + "AWS::MediaLive::Input.InputDestinationRequest": { "additionalProperties": false, "properties": { - "AxisBinding": { - "markdownDescription": "The axis to which you are binding all line series to.", - "title": "AxisBinding", + "Network": { + "markdownDescription": "", + "title": "Network", "type": "string" }, - "LineStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartLineStyleSettings", - "markdownDescription": "Line styles options for all line series in the visual.", - "title": "LineStyleSettings" + "NetworkRoutes": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Input.InputRequestDestinationRoute" + }, + "markdownDescription": "", + "title": "NetworkRoutes", + "type": "array" }, - "MarkerStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartMarkerStyleSettings", - "markdownDescription": "Marker styles options for all line series in the visual.", - "title": "MarkerStyleSettings" + "StaticIpAddress": { + "markdownDescription": "", + "title": "StaticIpAddress", + "type": "string" + }, + "StreamName": { + "markdownDescription": "The stream name (application name/application instance) for the location the RTMP source content will be pushed to in MediaLive.", + "title": "StreamName", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.LineChartFieldWells": { + "AWS::MediaLive::Input.InputDeviceRequest": { "additionalProperties": false, "properties": { - "LineChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartAggregatedFieldWells", - "markdownDescription": "The field well configuration of a line chart.", - "title": "LineChartAggregatedFieldWells" + "Id": { + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.LineChartLineStyleSettings": { + "AWS::MediaLive::Input.InputDeviceSettings": { "additionalProperties": false, "properties": { - "LineInterpolation": { - "markdownDescription": "Interpolation style for line series.\n\n- `LINEAR` : Show as default, linear style.\n- `SMOOTH` : Show as a smooth curve.\n- `STEPPED` : Show steps in line.", - "title": "LineInterpolation", - "type": "string" - }, - "LineStyle": { - "markdownDescription": "Line style for line series.\n\n- `SOLID` : Show as a solid line.\n- `DOTTED` : Show as a dotted line.\n- `DASHED` : Show as a dashed line.", - "title": "LineStyle", - "type": "string" - }, - "LineVisibility": { - "markdownDescription": "Configuration option that determines whether to show the line for the series.", - "title": "LineVisibility", - "type": "string" - }, - "LineWidth": { - "markdownDescription": "Width that determines the line thickness.", - "title": "LineWidth", + "Id": { + "markdownDescription": "The unique ID for the device.", + "title": "Id", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.LineChartMarkerStyleSettings": { + "AWS::MediaLive::Input.InputRequestDestinationRoute": { "additionalProperties": false, "properties": { - "MarkerColor": { - "markdownDescription": "Color of marker in the series.", - "title": "MarkerColor", - "type": "string" - }, - "MarkerShape": { - "markdownDescription": "Shape option for markers in the series.\n\n- `CIRCLE` : Show marker as a circle.\n- `TRIANGLE` : Show marker as a triangle.\n- `SQUARE` : Show marker as a square.\n- `DIAMOND` : Show marker as a diamond.\n- `ROUNDED_SQUARE` : Show marker as a rounded square.", - "title": "MarkerShape", - "type": "string" - }, - "MarkerSize": { - "markdownDescription": "Size of marker in the series.", - "title": "MarkerSize", + "Cidr": { + "markdownDescription": "", + "title": "Cidr", "type": "string" }, - "MarkerVisibility": { - "markdownDescription": "Configuration option that determines whether to show the markers in the series.", - "title": "MarkerVisibility", + "Gateway": { + "markdownDescription": "", + "title": "Gateway", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.LineChartSeriesSettings": { + "AWS::MediaLive::Input.InputSdpLocation": { "additionalProperties": false, "properties": { - "LineStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartLineStyleSettings", - "markdownDescription": "Line styles options for a line series in `LineChartVisual` .", - "title": "LineStyleSettings" + "MediaIndex": { + "markdownDescription": "", + "title": "MediaIndex", + "type": "number" }, - "MarkerStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartMarkerStyleSettings", - "markdownDescription": "Marker styles options for a line series in `LineChartVisual` .", - "title": "MarkerStyleSettings" + "SdpUrl": { + "markdownDescription": "", + "title": "SdpUrl", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.LineChartSortConfiguration": { + "AWS::MediaLive::Input.InputSourceRequest": { "additionalProperties": false, "properties": { - "CategoryItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of categories that are displayed in a line chart.", - "title": "CategoryItemsLimitConfiguration" - }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the category fields.", - "title": "CategorySort", - "type": "array" - }, - "ColorItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of lines that are displayed in a line chart.", - "title": "ColorItemsLimitConfiguration" + "PasswordParam": { + "markdownDescription": "The password parameter that holds the password for accessing the upstream system. The password parameter applies only if the upstream system requires credentials.", + "title": "PasswordParam", + "type": "string" }, - "SmallMultiplesLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of small multiples panels that are displayed.", - "title": "SmallMultiplesLimitConfiguration" + "Url": { + "markdownDescription": "For a pull input, the URL where MediaLive pulls the source content from.", + "title": "Url", + "type": "string" }, - "SmallMultiplesSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the small multiples field.", - "title": "SmallMultiplesSort", - "type": "array" + "Username": { + "markdownDescription": "The user name to connect to the upstream system. The user name applies only if the upstream system requires credentials.", + "title": "Username", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.LineChartVisual": { + "AWS::MediaLive::Input.InputVpcRequest": { "additionalProperties": false, "properties": { - "Actions": { + "SecurityGroupIds": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + "type": "string" }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", + "markdownDescription": "The list of up to five VPC security group IDs to attach to the input VPC network interfaces. The security groups require subnet IDs. If none are specified, MediaLive uses the VPC default security group.", + "title": "SecurityGroupIds", "type": "array" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartConfiguration", - "markdownDescription": "The configuration of a line chart.", - "title": "ChartConfiguration" - }, - "ColumnHierarchies": { + "SubnetIds": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" + "type": "string" }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", + "markdownDescription": "The list of two VPC subnet IDs from the same VPC. You must associate subnet IDs to two unique Availability Zones.", + "title": "SubnetIds", "type": "array" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" - }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", - "type": "string" } }, - "required": [ - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.LineSeriesAxisDisplayOptions": { + "AWS::MediaLive::Input.MediaConnectFlowRequest": { "additionalProperties": false, "properties": { - "AxisOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the line series axis.", - "title": "AxisOptions" - }, - "MissingDataConfigurations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MissingDataConfiguration" - }, - "markdownDescription": "The configuration options that determine how missing data is treated during the rendering of a line chart.", - "title": "MissingDataConfigurations", - "type": "array" + "FlowArn": { + "markdownDescription": "The ARN of one or two MediaConnect flows that are the sources for this MediaConnect input.", + "title": "FlowArn", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ListControlDisplayOptions": { + "AWS::MediaLive::Input.MulticastSettingsCreateRequest": { "additionalProperties": false, "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" - }, - "SearchOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ListControlSearchOptions", - "markdownDescription": "The configuration of the search options in a list control.", - "title": "SearchOptions" - }, - "SelectAllOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ListControlSelectAllOptions", - "markdownDescription": "The configuration of the `Select all` options in a list control.", - "title": "SelectAllOptions" - }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" + "Sources": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Input.MulticastSourceCreateRequest" + }, + "markdownDescription": "", + "title": "Sources", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ListControlSearchOptions": { + "AWS::MediaLive::Input.MulticastSettingsUpdateRequest": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility configuration of the search options in a list control.", - "title": "Visibility", - "type": "string" + "Sources": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Input.MulticastSourceUpdateRequest" + }, + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ListControlSelectAllOptions": { + "AWS::MediaLive::Input.MulticastSourceCreateRequest": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility configuration of the `Select all` options in a list control.", - "title": "Visibility", + "SourceIp": { + "markdownDescription": "", + "title": "SourceIp", + "type": "string" + }, + "Url": { + "markdownDescription": "", + "title": "Url", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.LoadingAnimation": { + "AWS::MediaLive::Input.MulticastSourceUpdateRequest": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility configuration of `LoadingAnimation` .", - "title": "Visibility", + "SourceIp": { + "type": "string" + }, + "Url": { "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.LocalNavigationConfiguration": { + "AWS::MediaLive::Input.Smpte2110ReceiverGroup": { "additionalProperties": false, "properties": { - "TargetSheetId": { - "markdownDescription": "The sheet that is targeted for navigation in the same analysis.", - "title": "TargetSheetId", - "type": "string" + "SdpSettings": { + "$ref": "#/definitions/AWS::MediaLive::Input.Smpte2110ReceiverGroupSdpSettings", + "markdownDescription": "", + "title": "SdpSettings" } }, - "required": [ - "TargetSheetId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.LongFormatText": { + "AWS::MediaLive::Input.Smpte2110ReceiverGroupSdpSettings": { "additionalProperties": false, "properties": { - "PlainText": { - "markdownDescription": "Plain text format.", - "title": "PlainText", - "type": "string" + "AncillarySdps": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Input.InputSdpLocation" + }, + "markdownDescription": "", + "title": "AncillarySdps", + "type": "array" }, - "RichText": { - "markdownDescription": "Rich text. Examples of rich text include bold, underline, and italics.", - "title": "RichText", - "type": "string" + "AudioSdps": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Input.InputSdpLocation" + }, + "markdownDescription": "", + "title": "AudioSdps", + "type": "array" + }, + "VideoSdp": { + "$ref": "#/definitions/AWS::MediaLive::Input.InputSdpLocation", + "markdownDescription": "", + "title": "VideoSdp" } }, "type": "object" }, - "AWS::QuickSight::Analysis.MappedDataSetParameter": { + "AWS::MediaLive::Input.Smpte2110ReceiverGroupSettings": { "additionalProperties": false, "properties": { - "DataSetIdentifier": { - "markdownDescription": "A unique name that identifies a dataset within the analysis or dashboard.", - "title": "DataSetIdentifier", - "type": "string" - }, - "DataSetParameterName": { - "markdownDescription": "The name of the dataset parameter.", - "title": "DataSetParameterName", - "type": "string" + "Smpte2110ReceiverGroups": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Input.Smpte2110ReceiverGroup" + }, + "markdownDescription": "", + "title": "Smpte2110ReceiverGroups", + "type": "array" } }, - "required": [ - "DataSetIdentifier", - "DataSetParameterName" - ], "type": "object" }, - "AWS::QuickSight::Analysis.MaximumLabelType": { + "AWS::MediaLive::Input.SrtCallerDecryptionRequest": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility of the maximum label.", - "title": "Visibility", + "Algorithm": { + "markdownDescription": "", + "title": "Algorithm", + "type": "string" + }, + "PassphraseSecretArn": { + "markdownDescription": "", + "title": "PassphraseSecretArn", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.MaximumMinimumComputation": { + "AWS::MediaLive::Input.SrtCallerSourceRequest": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" + "Decryption": { + "$ref": "#/definitions/AWS::MediaLive::Input.SrtCallerDecryptionRequest", + "markdownDescription": "", + "title": "Decryption" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", - "type": "string" + "MinimumLatency": { + "markdownDescription": "", + "title": "MinimumLatency", + "type": "number" }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" + "SrtListenerAddress": { + "markdownDescription": "", + "title": "SrtListenerAddress", + "type": "string" }, - "Type": { - "markdownDescription": "The type of computation. Choose one of the following options:\n\n- MAXIMUM: A maximum computation.\n- MINIMUM: A minimum computation.", - "title": "Type", + "SrtListenerPort": { + "markdownDescription": "", + "title": "SrtListenerPort", "type": "string" }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "StreamId": { + "markdownDescription": "", + "title": "StreamId", + "type": "string" } }, - "required": [ - "ComputationId", - "Type" - ], "type": "object" }, - "AWS::QuickSight::Analysis.MeasureField": { + "AWS::MediaLive::Input.SrtSettingsRequest": { "additionalProperties": false, "properties": { - "CalculatedMeasureField": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CalculatedMeasureField", - "markdownDescription": "The calculated measure field only used in pivot tables.", - "title": "CalculatedMeasureField" - }, - "CategoricalMeasureField": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CategoricalMeasureField", - "markdownDescription": "The measure type field with categorical type columns.", - "title": "CategoricalMeasureField" - }, - "DateMeasureField": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateMeasureField", - "markdownDescription": "The measure type field with date type columns.", - "title": "DateMeasureField" - }, - "NumericalMeasureField": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericalMeasureField", - "markdownDescription": "The measure type field with numerical type columns.", - "title": "NumericalMeasureField" + "SrtCallerSources": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Input.SrtCallerSourceRequest" + }, + "markdownDescription": "", + "title": "SrtCallerSources", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.MetricComparisonComputation": { + "AWS::MediaLive::InputSecurityGroup": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", + "Condition": { "type": "string" }, - "FromValue": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", - "markdownDescription": "The field that is used in a metric comparison from value setup.", - "title": "FromValue" - }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "TargetValue": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", - "markdownDescription": "The field that is used in a metric comparison to value setup.", - "title": "TargetValue" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Tags": { + "markdownDescription": "A collection of tags for this input security group. Each tag is a key-value pair.", + "title": "Tags", + "type": "object" + }, + "WhitelistRules": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::InputSecurityGroup.InputWhitelistRuleCidr" + }, + "markdownDescription": "The list of IPv4 CIDR addresses to include in the input security group as \"allowed\" addresses.", + "title": "WhitelistRules", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaLive::InputSecurityGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "ComputationId" + "Type" ], "type": "object" }, - "AWS::QuickSight::Analysis.MinimumLabelType": { + "AWS::MediaLive::InputSecurityGroup.InputWhitelistRuleCidr": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility of the minimum label.", - "title": "Visibility", + "Cidr": { + "markdownDescription": "An IPv4 CIDR range to include in this input security group.", + "title": "Cidr", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.MissingDataConfiguration": { + "AWS::MediaLive::Multiplex": { "additionalProperties": false, "properties": { - "TreatmentOption": { - "markdownDescription": "The treatment option that determines how missing data should be rendered. Choose from the following options:\n\n- `INTERPOLATE` : Interpolate missing values between the prior and the next known value.\n- `SHOW_AS_ZERO` : Show missing values as the value `0` .\n- `SHOW_AS_BLANK` : Display a blank space when rendering missing data.", - "title": "TreatmentOption", + "Condition": { "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.NegativeValueConfiguration": { - "additionalProperties": false, - "properties": { - "DisplayMode": { - "markdownDescription": "Determines the display mode of the negative value configuration.", - "title": "DisplayMode", + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "required": [ - "DisplayMode" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.NullValueFormatConfiguration": { - "additionalProperties": false, - "properties": { - "NullString": { - "markdownDescription": "Determines the null string of null values.", - "title": "NullString", + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AvailabilityZones": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of availability zones for the multiplex.", + "title": "AvailabilityZones", + "type": "array" + }, + "Destinations": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Multiplex.MultiplexOutputDestination" + }, + "markdownDescription": "A list of the multiplex output destinations.", + "title": "Destinations", + "type": "array" + }, + "MultiplexSettings": { + "$ref": "#/definitions/AWS::MediaLive::Multiplex.MultiplexSettings", + "markdownDescription": "Configuration for a multiplex event.", + "title": "MultiplexSettings" + }, + "Name": { + "markdownDescription": "The name of the multiplex.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Multiplex.Tags" + }, + "markdownDescription": "A collection of key-value pairs.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "AvailabilityZones", + "MultiplexSettings", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaLive::Multiplex" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "NullString" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.NumberDisplayFormatConfiguration": { + "AWS::MediaLive::Multiplex.MultiplexMediaConnectOutputDestinationSettings": { "additionalProperties": false, "properties": { - "DecimalPlacesConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalPlacesConfiguration", - "markdownDescription": "The option that determines the decimal places configuration.", - "title": "DecimalPlacesConfiguration" - }, - "NegativeValueConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NegativeValueConfiguration", - "markdownDescription": "The options that determine the negative value configuration.", - "title": "NegativeValueConfiguration" - }, - "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NullValueFormatConfiguration", - "markdownDescription": "The options that determine the null value format configuration.", - "title": "NullValueFormatConfiguration" - }, - "NumberScale": { - "markdownDescription": "Determines the number scale value of the number format.", - "title": "NumberScale", - "type": "string" - }, - "Prefix": { - "markdownDescription": "Determines the prefix value of the number format.", - "title": "Prefix", - "type": "string" - }, - "SeparatorConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericSeparatorConfiguration", - "markdownDescription": "The options that determine the numeric separator configuration.", - "title": "SeparatorConfiguration" - }, - "Suffix": { - "markdownDescription": "Determines the suffix value of the number format.", - "title": "Suffix", + "EntitlementArn": { + "markdownDescription": "The MediaConnect entitlement ARN available as a Flow source.", + "title": "EntitlementArn", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.NumberFormatConfiguration": { + "AWS::MediaLive::Multiplex.MultiplexOutputDestination": { "additionalProperties": false, "properties": { - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericFormatConfiguration", - "markdownDescription": "The options that determine the numeric format configuration.", - "title": "FormatConfiguration" + "MultiplexMediaConnectOutputDestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Multiplex.MultiplexMediaConnectOutputDestinationSettings", + "markdownDescription": "", + "title": "MultiplexMediaConnectOutputDestinationSettings" } }, "type": "object" }, - "AWS::QuickSight::Analysis.NumericAxisOptions": { + "AWS::MediaLive::Multiplex.MultiplexSettings": { "additionalProperties": false, "properties": { - "Range": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayRange", - "markdownDescription": "The range setup of a numeric axis.", - "title": "Range" + "MaximumVideoBufferDelayMilliseconds": { + "markdownDescription": "Maximum video buffer delay in milliseconds.", + "title": "MaximumVideoBufferDelayMilliseconds", + "type": "number" }, - "Scale": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisScale", - "markdownDescription": "The scale setup of a numeric axis.", - "title": "Scale" + "TransportStreamBitrate": { + "markdownDescription": "Transport stream bit rate.", + "title": "TransportStreamBitrate", + "type": "number" + }, + "TransportStreamId": { + "markdownDescription": "Transport stream ID.", + "title": "TransportStreamId", + "type": "number" + }, + "TransportStreamReservedBitrate": { + "markdownDescription": "Transport stream reserved bit rate.", + "title": "TransportStreamReservedBitrate", + "type": "number" } }, + "required": [ + "TransportStreamBitrate", + "TransportStreamId" + ], "type": "object" }, - "AWS::QuickSight::Analysis.NumericEqualityDrillDownFilter": { + "AWS::MediaLive::Multiplex.Tags": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" + "Key": { + "markdownDescription": "", + "title": "Key", + "type": "string" }, "Value": { - "markdownDescription": "The value of the double input numeric drill down filter.", + "markdownDescription": "", "title": "Value", - "type": "number" + "type": "string" } }, - "required": [ - "Column", - "Value" - ], "type": "object" }, - "AWS::QuickSight::Analysis.NumericEqualityFilter": { + "AWS::MediaLive::Multiplexprogram": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationFunction", - "markdownDescription": "The aggregation function of the filter.", - "title": "AggregationFunction" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" - }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", + "Condition": { "type": "string" }, - "MatchOperator": { - "markdownDescription": "The match operator that is used to determine if a filter should be applied.", - "title": "MatchOperator", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.", - "title": "ParameterName", - "type": "string" + "Metadata": { + "type": "object" }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", + "Properties": { + "additionalProperties": false, + "properties": { + "MultiplexId": { + "markdownDescription": "The unique id of the multiplex.", + "title": "MultiplexId", + "type": "string" + }, + "MultiplexProgramSettings": { + "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram.MultiplexProgramSettings", + "markdownDescription": "Multiplex Program settings configuration.", + "title": "MultiplexProgramSettings" + }, + "PacketIdentifiersMap": { + "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram.MultiplexProgramPacketIdentifiersMap", + "markdownDescription": "", + "title": "PacketIdentifiersMap" + }, + "PipelineDetails": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram.MultiplexProgramPipelineDetail" + }, + "markdownDescription": "", + "title": "PipelineDetails", + "type": "array" + }, + "PreferredChannelPipeline": { + "markdownDescription": "Indicates which pipeline is preferred by the multiplex for program ingest.\nIf set to \\\"PIPELINE_0\\\" or \\\"PIPELINE_1\\\" and an unhealthy ingest causes the multiplex to switch to the non-preferred pipeline,\nit will switch back once that ingest is healthy again. If set to \\\"CURRENTLY_ACTIVE\\\",\nit will not switch back to the other pipeline based on it recovering to a healthy state,\nit will only switch if the active pipeline becomes unhealthy.", + "title": "PreferredChannelPipeline", + "type": "string" + }, + "ProgramName": { + "markdownDescription": "", + "title": "ProgramName", + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaLive::Multiplexprogram" + ], "type": "string" }, - "Value": { - "markdownDescription": "The input value.", - "title": "Value", - "type": "number" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Column", - "FilterId", - "MatchOperator", - "NullOption" + "Type" ], "type": "object" }, - "AWS::QuickSight::Analysis.NumericFormatConfiguration": { + "AWS::MediaLive::Multiplexprogram.MultiplexProgramPacketIdentifiersMap": { "additionalProperties": false, "properties": { - "CurrencyDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CurrencyDisplayFormatConfiguration", - "markdownDescription": "The options that determine the currency display format configuration.", - "title": "CurrencyDisplayFormatConfiguration" + "AudioPids": { + "items": { + "type": "number" + }, + "markdownDescription": "", + "title": "AudioPids", + "type": "array" }, - "NumberDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumberDisplayFormatConfiguration", - "markdownDescription": "The options that determine the number display format configuration.", - "title": "NumberDisplayFormatConfiguration" + "DvbSubPids": { + "items": { + "type": "number" + }, + "markdownDescription": "", + "title": "DvbSubPids", + "type": "array" }, - "PercentageDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PercentageDisplayFormatConfiguration", - "markdownDescription": "The options that determine the percentage display format configuration.", - "title": "PercentageDisplayFormatConfiguration" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.NumericRangeFilter": { - "additionalProperties": false, - "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationFunction", - "markdownDescription": "The aggregation function of the filter.", - "title": "AggregationFunction" + "DvbTeletextPid": { + "markdownDescription": "", + "title": "DvbTeletextPid", + "type": "number" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" + "EtvPlatformPid": { + "markdownDescription": "", + "title": "EtvPlatformPid", + "type": "number" }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" + "EtvSignalPid": { + "markdownDescription": "", + "title": "EtvSignalPid", + "type": "number" }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", - "type": "string" + "KlvDataPids": { + "items": { + "type": "number" + }, + "markdownDescription": "", + "title": "KlvDataPids", + "type": "array" }, - "IncludeMaximum": { - "markdownDescription": "Determines whether the maximum value in the filter value range should be included in the filtered results.", - "title": "IncludeMaximum", - "type": "boolean" + "PcrPid": { + "markdownDescription": "", + "title": "PcrPid", + "type": "number" }, - "IncludeMinimum": { - "markdownDescription": "Determines whether the minimum value in the filter value range should be included in the filtered results.", - "title": "IncludeMinimum", - "type": "boolean" + "PmtPid": { + "markdownDescription": "", + "title": "PmtPid", + "type": "number" }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", - "type": "string" + "PrivateMetadataPid": { + "markdownDescription": "", + "title": "PrivateMetadataPid", + "type": "number" }, - "RangeMaximum": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericRangeFilterValue", - "markdownDescription": "The maximum value for the filter value range.", - "title": "RangeMaximum" + "Scte27Pids": { + "items": { + "type": "number" + }, + "markdownDescription": "", + "title": "Scte27Pids", + "type": "array" }, - "RangeMinimum": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericRangeFilterValue", - "markdownDescription": "The minimum value for the filter value range.", - "title": "RangeMinimum" + "Scte35Pid": { + "markdownDescription": "", + "title": "Scte35Pid", + "type": "number" }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", - "type": "string" - } - }, - "required": [ - "Column", - "FilterId", - "NullOption" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.NumericRangeFilterValue": { - "additionalProperties": false, - "properties": { - "Parameter": { - "markdownDescription": "The parameter that is used in the numeric range.", - "title": "Parameter", - "type": "string" + "TimedMetadataPid": { + "markdownDescription": "", + "title": "TimedMetadataPid", + "type": "number" }, - "StaticValue": { - "markdownDescription": "The static value of the numeric range filter.", - "title": "StaticValue", + "VideoPid": { + "markdownDescription": "", + "title": "VideoPid", "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.NumericSeparatorConfiguration": { + "AWS::MediaLive::Multiplexprogram.MultiplexProgramPipelineDetail": { "additionalProperties": false, "properties": { - "DecimalSeparator": { - "markdownDescription": "Determines the decimal separator.", - "title": "DecimalSeparator", + "ActiveChannelPipeline": { + "markdownDescription": "Identifies the channel pipeline that is currently active for the pipeline (identified by PipelineId) in the multiplex.", + "title": "ActiveChannelPipeline", "type": "string" }, - "ThousandsSeparator": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ThousandSeparatorOptions", - "markdownDescription": "The options that determine the thousands separator configuration.", - "title": "ThousandsSeparator" + "PipelineId": { + "markdownDescription": "Identifies a specific pipeline in the multiplex.", + "title": "PipelineId", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.NumericalAggregationFunction": { + "AWS::MediaLive::Multiplexprogram.MultiplexProgramServiceDescriptor": { "additionalProperties": false, "properties": { - "PercentileAggregation": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PercentileAggregation", - "markdownDescription": "An aggregation based on the percentile of values in a dimension or measure.", - "title": "PercentileAggregation" + "ProviderName": { + "markdownDescription": "Name of the provider.", + "title": "ProviderName", + "type": "string" }, - "SimpleNumericalAggregation": { - "markdownDescription": "Built-in aggregation functions for numerical values.\n\n- `SUM` : The sum of a dimension or measure.\n- `AVERAGE` : The average of a dimension or measure.\n- `MIN` : The minimum value of a dimension or measure.\n- `MAX` : The maximum value of a dimension or measure.\n- `COUNT` : The count of a dimension or measure.\n- `DISTINCT_COUNT` : The count of distinct values in a dimension or measure.\n- `VAR` : The variance of a dimension or measure.\n- `VARP` : The partitioned variance of a dimension or measure.\n- `STDEV` : The standard deviation of a dimension or measure.\n- `STDEVP` : The partitioned standard deviation of a dimension or measure.\n- `MEDIAN` : The median value of a dimension or measure.", - "title": "SimpleNumericalAggregation", + "ServiceName": { + "markdownDescription": "Name of the service.", + "title": "ServiceName", "type": "string" } }, + "required": [ + "ProviderName", + "ServiceName" + ], "type": "object" }, - "AWS::QuickSight::Analysis.NumericalDimensionField": { + "AWS::MediaLive::Multiplexprogram.MultiplexProgramSettings": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that is used in the `NumericalDimensionField` .", - "title": "Column" - }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "PreferredChannelPipeline": { + "markdownDescription": "Indicates which pipeline is preferred by the multiplex for program ingest.", + "title": "PreferredChannelPipeline", "type": "string" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumberFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" + "ProgramNumber": { + "markdownDescription": "Unique program number.", + "title": "ProgramNumber", + "type": "number" }, - "HierarchyId": { - "markdownDescription": "The custom hierarchy ID.", - "title": "HierarchyId", - "type": "string" + "ServiceDescriptor": { + "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram.MultiplexProgramServiceDescriptor", + "markdownDescription": "Transport stream service descriptor configuration for the Multiplex program.", + "title": "ServiceDescriptor" + }, + "VideoSettings": { + "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram.MultiplexVideoSettings", + "markdownDescription": "Program video settings configuration.", + "title": "VideoSettings" } }, "required": [ - "Column", - "FieldId" + "ProgramNumber" ], "type": "object" }, - "AWS::QuickSight::Analysis.NumericalMeasureField": { + "AWS::MediaLive::Multiplexprogram.MultiplexStatmuxVideoSettings": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericalAggregationFunction", - "markdownDescription": "The aggregation function of the measure field.", - "title": "AggregationFunction" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that is used in the `NumericalMeasureField` .", - "title": "Column" + "MaximumBitrate": { + "markdownDescription": "Maximum statmux bitrate.", + "title": "MaximumBitrate", + "type": "number" }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", - "type": "string" + "MinimumBitrate": { + "markdownDescription": "Minimum statmux bitrate.", + "title": "MinimumBitrate", + "type": "number" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumberFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" + "Priority": { + "markdownDescription": "The purpose of the priority is to use a combination of the\\nmultiplex rate control algorithm and the QVBR capability of the\\nencoder to prioritize the video quality of some channels in a\\nmultiplex over others. Channels that have a higher priority will\\nget higher video quality at the expense of the video quality of\\nother channels in the multiplex with lower priority.", + "title": "Priority", + "type": "number" } }, - "required": [ - "Column", - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.PaginationConfiguration": { + "AWS::MediaLive::Multiplexprogram.MultiplexVideoSettings": { "additionalProperties": false, "properties": { - "PageNumber": { - "markdownDescription": "Indicates the page number.", - "title": "PageNumber", + "ConstantBitrate": { + "markdownDescription": "The constant bitrate configuration for the video encode.\nWhen this field is defined, StatmuxSettings must be undefined.", + "title": "ConstantBitrate", "type": "number" }, - "PageSize": { - "markdownDescription": "Indicates how many items render in one page.", - "title": "PageSize", - "type": "number" + "StatmuxSettings": { + "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram.MultiplexStatmuxVideoSettings", + "markdownDescription": "Statmux rate control settings.\nWhen this field is defined, ConstantBitrate must be undefined.", + "title": "StatmuxSettings" } }, - "required": [ - "PageNumber", - "PageSize" - ], "type": "object" }, - "AWS::QuickSight::Analysis.PanelConfiguration": { + "AWS::MediaLive::Network": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "markdownDescription": "Sets the background color for each panel.", - "title": "BackgroundColor", + "Condition": { "type": "string" }, - "BackgroundVisibility": { - "markdownDescription": "Determines whether or not a background for each small multiples panel is rendered.", - "title": "BackgroundVisibility", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "BorderColor": { - "markdownDescription": "Sets the line color of panel borders.", - "title": "BorderColor", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "BorderStyle": { - "markdownDescription": "Sets the line style of panel borders.", - "title": "BorderStyle", - "type": "string" + "Metadata": { + "type": "object" }, - "BorderThickness": { - "markdownDescription": "Sets the line thickness of panel borders.", - "title": "BorderThickness", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "IpPools": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Network.IpPool" + }, + "markdownDescription": "", + "title": "IpPools", + "type": "array" + }, + "Name": { + "markdownDescription": "", + "title": "Name", + "type": "string" + }, + "Routes": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Network.Route" + }, + "markdownDescription": "", + "title": "Routes", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Network.Tags" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "IpPools", + "Name" + ], + "type": "object" }, - "BorderVisibility": { - "markdownDescription": "Determines whether or not each panel displays a border.", - "title": "BorderVisibility", + "Type": { + "enum": [ + "AWS::MediaLive::Network" + ], "type": "string" }, - "GutterSpacing": { - "markdownDescription": "Sets the total amount of negative space to display between sibling panels.", - "title": "GutterSpacing", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "GutterVisibility": { - "markdownDescription": "Determines whether or not negative space between sibling panels is rendered.", - "title": "GutterVisibility", + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::MediaLive::Network.IpPool": { + "additionalProperties": false, + "properties": { + "Cidr": { + "markdownDescription": "", + "title": "Cidr", "type": "string" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PanelTitleOptions", - "markdownDescription": "Configures the title display within each small multiples panel.", - "title": "Title" } }, "type": "object" }, - "AWS::QuickSight::Analysis.PanelTitleOptions": { + "AWS::MediaLive::Network.Route": { "additionalProperties": false, "properties": { - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", + "Cidr": { "markdownDescription": "", - "title": "FontConfiguration" - }, - "HorizontalTextAlignment": { - "markdownDescription": "Sets the horizontal text alignment of the title within each panel.", - "title": "HorizontalTextAlignment", + "title": "Cidr", "type": "string" }, - "Visibility": { - "markdownDescription": "Determines whether or not panel titles are displayed.", - "title": "Visibility", + "Gateway": { + "markdownDescription": "", + "title": "Gateway", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ParameterControl": { + "AWS::MediaLive::Network.Tags": { "additionalProperties": false, "properties": { - "DateTimePicker": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterDateTimePickerControl", - "markdownDescription": "A control from a date parameter that specifies date and time.", - "title": "DateTimePicker" - }, - "Dropdown": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterDropDownControl", - "markdownDescription": "A control to display a dropdown list with buttons that are used to select a single value.", - "title": "Dropdown" - }, - "List": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterListControl", - "markdownDescription": "A control to display a list with buttons or boxes that are used to select either a single value or multiple values.", - "title": "List" - }, - "Slider": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterSliderControl", - "markdownDescription": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle.", - "title": "Slider" - }, - "TextArea": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterTextAreaControl", - "markdownDescription": "A control to display a text box that is used to enter multiple entries.", - "title": "TextArea" + "Key": { + "markdownDescription": "", + "title": "Key", + "type": "string" }, - "TextField": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterTextFieldControl", - "markdownDescription": "A control to display a text box that is used to enter a single entry.", - "title": "TextField" + "Value": { + "markdownDescription": "", + "title": "Value", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ParameterDateTimePickerControl": { + "AWS::MediaLive::SdiSource": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimePickerControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "Condition": { + "type": "string" }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterDateTimePickerControl` .", - "title": "ParameterControlId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SourceParameterName": { - "markdownDescription": "The name of the `ParameterDateTimePickerControl` .", - "title": "SourceParameterName", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Mode": { + "markdownDescription": "", + "title": "Mode", + "type": "string" + }, + "Name": { + "markdownDescription": "", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::SdiSource.Tags" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Name", + "Type" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaLive::SdiSource" + ], "type": "string" }, - "Title": { - "markdownDescription": "The title of the `ParameterDateTimePickerControl` .", - "title": "Title", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.ParameterDeclaration": { + "AWS::MediaLive::SdiSource.Tags": { "additionalProperties": false, "properties": { - "DateTimeParameterDeclaration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeParameterDeclaration", - "markdownDescription": "A parameter declaration for the `DateTime` data type.", - "title": "DateTimeParameterDeclaration" - }, - "DecimalParameterDeclaration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalParameterDeclaration", - "markdownDescription": "A parameter declaration for the `Decimal` data type.", - "title": "DecimalParameterDeclaration" - }, - "IntegerParameterDeclaration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.IntegerParameterDeclaration", - "markdownDescription": "A parameter declaration for the `Integer` data type.", - "title": "IntegerParameterDeclaration" + "Key": { + "markdownDescription": "", + "title": "Key", + "type": "string" }, - "StringParameterDeclaration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.StringParameterDeclaration", - "markdownDescription": "A parameter declaration for the `String` data type.", - "title": "StringParameterDeclaration" + "Value": { + "markdownDescription": "", + "title": "Value", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ParameterDropDownControl": { + "AWS::MediaLive::SignalMap": { "additionalProperties": false, "properties": { - "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CascadingControlConfiguration", - "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", - "title": "CascadingControlConfiguration" - }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DropDownControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "Condition": { + "type": "string" }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterDropDownControl` .", - "title": "ParameterControlId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterDropDownControl` .", - "title": "SourceParameterName", - "type": "string" + "Metadata": { + "type": "object" }, - "Title": { - "markdownDescription": "The title of the `ParameterDropDownControl` .", - "title": "Title", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "CloudWatchAlarmTemplateGroupIdentifiers": { + "items": { + "type": "string" + }, + "markdownDescription": "A cloudwatch alarm template group's identifier. Can be either be its id or current name.", + "title": "CloudWatchAlarmTemplateGroupIdentifiers", + "type": "array" + }, + "Description": { + "markdownDescription": "A resource's optional description.", + "title": "Description", + "type": "string" + }, + "DiscoveryEntryPointArn": { + "markdownDescription": "A top-level supported Amazon Web Services resource ARN to discover a signal map from.", + "title": "DiscoveryEntryPointArn", + "type": "string" + }, + "EventBridgeRuleTemplateGroupIdentifiers": { + "items": { + "type": "string" + }, + "markdownDescription": "An eventbridge rule template group's identifier. Can be either be its id or current name.", + "title": "EventBridgeRuleTemplateGroupIdentifiers", + "type": "array" + }, + "ForceRediscovery": { + "markdownDescription": "If true, will force a rediscovery of a signal map if an unchanged discoveryEntryPointArn is provided.", + "title": "ForceRediscovery", + "type": "boolean" + }, + "Name": { + "markdownDescription": "A resource's name. Names must be unique within the scope of a resource type in a specific region.", + "title": "Name", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "DiscoveryEntryPointArn", + "Name" + ], + "type": "object" }, "Type": { - "markdownDescription": "The type parameter name of the `ParameterDropDownControl` .", - "title": "Type", + "enum": [ + "AWS::MediaLive::SignalMap" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.ParameterListControl": { + "AWS::MediaLive::SignalMap.MediaResource": { "additionalProperties": false, "properties": { - "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CascadingControlConfiguration", - "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", - "title": "CascadingControlConfiguration" - }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ListControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "Destinations": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::SignalMap.MediaResourceNeighbor" + }, + "markdownDescription": "A direct destination neighbor to an Amazon Web Services media resource.", + "title": "Destinations", + "type": "array" }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterListControl` .", - "title": "ParameterControlId", + "Name": { + "markdownDescription": "The logical name of an Amazon Web Services media resource.", + "title": "Name", "type": "string" }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" + "Sources": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::SignalMap.MediaResourceNeighbor" + }, + "markdownDescription": "A direct source neighbor to an Amazon Web Services media resource.", + "title": "Sources", + "type": "array" + } + }, + "type": "object" + }, + "AWS::MediaLive::SignalMap.MediaResourceNeighbor": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The ARN of a resource used in Amazon Web Services media workflows.", + "title": "Arn", + "type": "string" }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterListControl` .", - "title": "SourceParameterName", + "Name": { + "markdownDescription": "The logical name of an Amazon Web Services media resource.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Arn" + ], + "type": "object" + }, + "AWS::MediaLive::SignalMap.MonitorDeployment": { + "additionalProperties": false, + "properties": { + "DetailsUri": { + "markdownDescription": "URI associated with a signal map's monitor deployment.", + "title": "DetailsUri", "type": "string" }, - "Title": { - "markdownDescription": "The title of the `ParameterListControl` .", - "title": "Title", + "ErrorMessage": { + "markdownDescription": "Error message associated with a failed monitor deployment of a signal map.", + "title": "ErrorMessage", "type": "string" }, - "Type": { - "markdownDescription": "The type of `ParameterListControl` .", - "title": "Type", + "Status": { + "markdownDescription": "The signal map monitor deployment status.", + "title": "Status", "type": "string" } }, "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" + "Status" ], "type": "object" }, - "AWS::QuickSight::Analysis.ParameterSelectableValues": { + "AWS::MediaLive::SignalMap.SuccessfulMonitorDeployment": { "additionalProperties": false, "properties": { - "LinkToDataSetColumn": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column identifier that fetches values from the data set.", - "title": "LinkToDataSetColumn" + "DetailsUri": { + "markdownDescription": "URI associated with a signal map's monitor deployment.", + "title": "DetailsUri", + "type": "string" }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The values that are used in `ParameterSelectableValues` .", - "title": "Values", - "type": "array" + "Status": { + "markdownDescription": "A signal map's monitor deployment status.", + "title": "Status", + "type": "string" } }, + "required": [ + "DetailsUri", + "Status" + ], "type": "object" }, - "AWS::QuickSight::Analysis.ParameterSliderControl": { + "AWS::MediaPackage::Asset": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SliderControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "Condition": { + "type": "string" }, - "MaximumValue": { - "markdownDescription": "The larger value that is displayed at the right of the slider.", - "title": "MaximumValue", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "MinimumValue": { - "markdownDescription": "The smaller value that is displayed at the left of the slider.", - "title": "MinimumValue", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterSliderControl` .", - "title": "ParameterControlId", - "type": "string" + "Metadata": { + "type": "object" }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterSliderControl` .", - "title": "SourceParameterName", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "EgressEndpoints": { + "items": { + "$ref": "#/definitions/AWS::MediaPackage::Asset.EgressEndpoint" + }, + "markdownDescription": "List of playback endpoints that are available for this asset.", + "title": "EgressEndpoints", + "type": "array" + }, + "Id": { + "markdownDescription": "Unique identifier that you assign to the asset.", + "title": "Id", + "type": "string" + }, + "PackagingGroupId": { + "markdownDescription": "The ID of the packaging group associated with this asset.", + "title": "PackagingGroupId", + "type": "string" + }, + "ResourceId": { + "markdownDescription": "Unique identifier for this asset, as it's configured in the key provider service.", + "title": "ResourceId", + "type": "string" + }, + "SourceArn": { + "markdownDescription": "The ARN for the source content in Amazon S3.", + "title": "SourceArn", + "type": "string" + }, + "SourceRoleArn": { + "markdownDescription": "The ARN for the IAM role that provides AWS Elemental MediaPackage access to the Amazon S3 bucket where the source content is stored. Valid format: arn:aws:iam::{accountID}:role/{name}", + "title": "SourceRoleArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to assign to the asset.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Id", + "PackagingGroupId", + "SourceArn", + "SourceRoleArn" + ], + "type": "object" }, - "StepSize": { - "markdownDescription": "The number of increments that the slider bar is divided into.", - "title": "StepSize", - "type": "number" + "Type": { + "enum": [ + "AWS::MediaPackage::Asset" + ], + "type": "string" }, - "Title": { - "markdownDescription": "The title of the `ParameterSliderControl` .", - "title": "Title", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "MaximumValue", - "MinimumValue", - "ParameterControlId", - "SourceParameterName", - "StepSize", - "Title" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.ParameterTextAreaControl": { + "AWS::MediaPackage::Asset.EgressEndpoint": { "additionalProperties": false, "properties": { - "Delimiter": { - "markdownDescription": "The delimiter that is used to separate the lines in text.", - "title": "Delimiter", - "type": "string" - }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TextAreaControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterTextAreaControl` .", - "title": "ParameterControlId", - "type": "string" - }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterTextAreaControl` .", - "title": "SourceParameterName", + "PackagingConfigurationId": { + "markdownDescription": "The ID of a packaging configuration that's applied to this asset.", + "title": "PackagingConfigurationId", "type": "string" }, - "Title": { - "markdownDescription": "The title of the `ParameterTextAreaControl` .", - "title": "Title", + "Url": { + "markdownDescription": "The URL that's used to request content from this endpoint.", + "title": "Url", "type": "string" } }, "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" + "PackagingConfigurationId", + "Url" ], "type": "object" }, - "AWS::QuickSight::Analysis.ParameterTextFieldControl": { + "AWS::MediaPackage::Channel": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TextFieldControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "Condition": { + "type": "string" }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterTextFieldControl` .", - "title": "ParameterControlId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterTextFieldControl` .", - "title": "SourceParameterName", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "Any descriptive information that you want to add to the channel for future identification purposes.", + "title": "Description", + "type": "string" + }, + "EgressAccessLogs": { + "$ref": "#/definitions/AWS::MediaPackage::Channel.LogConfiguration", + "markdownDescription": "Configures egress access logs.", + "title": "EgressAccessLogs" + }, + "HlsIngest": { + "$ref": "#/definitions/AWS::MediaPackage::Channel.HlsIngest", + "markdownDescription": "The input URL where the source stream should be sent.", + "title": "HlsIngest" + }, + "Id": { + "markdownDescription": "Unique identifier that you assign to the channel.", + "title": "Id", + "type": "string" + }, + "IngressAccessLogs": { + "$ref": "#/definitions/AWS::MediaPackage::Channel.LogConfiguration", + "markdownDescription": "Configures ingress access logs.", + "title": "IngressAccessLogs" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to assign to the channel.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Id" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaPackage::Channel" + ], "type": "string" }, - "Title": { - "markdownDescription": "The title of the `ParameterTextFieldControl` .", - "title": "Title", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.Parameters": { + "AWS::MediaPackage::Channel.HlsIngest": { "additionalProperties": false, "properties": { - "DateTimeParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeParameter" - }, - "markdownDescription": "The parameters that have a data type of date-time.", - "title": "DateTimeParameters", - "type": "array" - }, - "DecimalParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalParameter" - }, - "markdownDescription": "The parameters that have a data type of decimal.", - "title": "DecimalParameters", - "type": "array" - }, - "IntegerParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.IntegerParameter" - }, - "markdownDescription": "The parameters that have a data type of integer.", - "title": "IntegerParameters", - "type": "array" - }, - "StringParameters": { + "ingestEndpoints": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.StringParameter" + "$ref": "#/definitions/AWS::MediaPackage::Channel.IngestEndpoint" }, - "markdownDescription": "The parameters that have a data type of string.", - "title": "StringParameters", + "markdownDescription": "The input URL where the source stream should be sent.", + "title": "ingestEndpoints", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.PercentVisibleRange": { - "additionalProperties": false, - "properties": { - "From": { - "markdownDescription": "The lower bound of the range.", - "title": "From", - "type": "number" - }, - "To": { - "markdownDescription": "The top bound of the range.", - "title": "To", - "type": "number" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.PercentageDisplayFormatConfiguration": { + "AWS::MediaPackage::Channel.IngestEndpoint": { "additionalProperties": false, "properties": { - "DecimalPlacesConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalPlacesConfiguration", - "markdownDescription": "The option that determines the decimal places configuration.", - "title": "DecimalPlacesConfiguration" - }, - "NegativeValueConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NegativeValueConfiguration", - "markdownDescription": "The options that determine the negative value configuration.", - "title": "NegativeValueConfiguration" - }, - "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NullValueFormatConfiguration", - "markdownDescription": "The options that determine the null value format configuration.", - "title": "NullValueFormatConfiguration" + "Id": { + "markdownDescription": "The endpoint identifier.", + "title": "Id", + "type": "string" }, - "Prefix": { - "markdownDescription": "Determines the prefix value of the percentage format.", - "title": "Prefix", + "Password": { + "markdownDescription": "The system-generated password for WebDAV input authentication.", + "title": "Password", "type": "string" }, - "SeparatorConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericSeparatorConfiguration", - "markdownDescription": "The options that determine the numeric separator configuration.", - "title": "SeparatorConfiguration" + "Url": { + "markdownDescription": "The input URL where the source stream should be sent.", + "title": "Url", + "type": "string" }, - "Suffix": { - "markdownDescription": "Determines the suffix value of the percentage format.", - "title": "Suffix", + "Username": { + "markdownDescription": "The system-generated username for WebDAV input authentication.", + "title": "Username", "type": "string" } }, + "required": [ + "Id", + "Password", + "Url", + "Username" + ], "type": "object" }, - "AWS::QuickSight::Analysis.PercentileAggregation": { + "AWS::MediaPackage::Channel.LogConfiguration": { "additionalProperties": false, "properties": { - "PercentileValue": { - "markdownDescription": "The percentile value. This value can be any numeric constant 0\u2013100. A percentile value of 50 computes the median value of the measure.", - "title": "PercentileValue", - "type": "number" + "LogGroupName": { + "markdownDescription": "Sets a custom Amazon CloudWatch log group name.", + "title": "LogGroupName", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.PeriodOverPeriodComputation": { + "AWS::MediaPackage::OriginEndpoint": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", + "Condition": { "type": "string" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Authorization": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.Authorization", + "markdownDescription": "Parameters for CDN authorization.", + "title": "Authorization" + }, + "ChannelId": { + "markdownDescription": "The ID of the channel associated with this endpoint.", + "title": "ChannelId", + "type": "string" + }, + "CmafPackage": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.CmafPackage", + "markdownDescription": "Parameters for Common Media Application Format (CMAF) packaging.", + "title": "CmafPackage" + }, + "DashPackage": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.DashPackage", + "markdownDescription": "Parameters for DASH packaging.", + "title": "DashPackage" + }, + "Description": { + "markdownDescription": "Any descriptive information that you want to add to the endpoint for future identification purposes.", + "title": "Description", + "type": "string" + }, + "HlsPackage": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.HlsPackage", + "markdownDescription": "Parameters for Apple HLS packaging.", + "title": "HlsPackage" + }, + "Id": { + "markdownDescription": "The manifest ID is required and must be unique within the OriginEndpoint. The ID can't be changed after the endpoint is created.", + "title": "Id", + "type": "string" + }, + "ManifestName": { + "markdownDescription": "A short string that's appended to the end of the endpoint URL to create a unique path to this endpoint.", + "title": "ManifestName", + "type": "string" + }, + "MssPackage": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.MssPackage", + "markdownDescription": "Parameters for Microsoft Smooth Streaming packaging.", + "title": "MssPackage" + }, + "Origination": { + "markdownDescription": "Controls video origination from this endpoint.\n\nValid values:\n\n- `ALLOW` - enables this endpoint to serve content to requesting devices.\n- `DENY` - prevents this endpoint from serving content. Denying origination is helpful for harvesting live-to-VOD assets. For more information about harvesting and origination, see [Live-to-VOD Requirements](https://docs.aws.amazon.com/mediapackage/latest/ug/ltov-reqmts.html) .", + "title": "Origination", + "type": "string" + }, + "StartoverWindowSeconds": { + "markdownDescription": "Maximum duration (seconds) of content to retain for startover playback. Omit this attribute or enter `0` to indicate that startover playback is disabled for this endpoint.", + "title": "StartoverWindowSeconds", + "type": "number" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to assign to the endpoint.", + "title": "Tags", + "type": "array" + }, + "TimeDelaySeconds": { + "markdownDescription": "Minimum duration (seconds) of delay to enforce on the playback of live content. Omit this attribute or enter `0` to indicate that there is no time delay in effect for this endpoint.", + "title": "TimeDelaySeconds", + "type": "number" + }, + "Whitelist": { + "items": { + "type": "string" + }, + "markdownDescription": "The IP addresses that can access this endpoint.", + "title": "Whitelist", + "type": "array" + } + }, + "required": [ + "ChannelId", + "Id" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaPackage::OriginEndpoint" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "ComputationId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.PeriodToDateComputation": { + "AWS::MediaPackage::OriginEndpoint.Authorization": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "CdnIdentifierSecret": { + "markdownDescription": "The Amazon Resource Name (ARN) for the secret in AWS Secrets Manager that your Content Delivery Network (CDN) uses for authorization to access your endpoint.", + "title": "CdnIdentifierSecret", "type": "string" }, - "PeriodTimeGranularity": { - "markdownDescription": "The time granularity setup of period to date computation. Choose from the following options:\n\n- YEAR: Year to date.\n- MONTH: Month to date.", - "title": "PeriodTimeGranularity", + "SecretsRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the IAM role that allows AWS Elemental MediaPackage to communicate with AWS Secrets Manager .", + "title": "SecretsRoleArn", "type": "string" - }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" - }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" } }, "required": [ - "ComputationId" + "CdnIdentifierSecret", + "SecretsRoleArn" ], "type": "object" }, - "AWS::QuickSight::Analysis.PieChartAggregatedFieldWells": { + "AWS::MediaPackage::OriginEndpoint.CmafEncryption": { "additionalProperties": false, "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The category (group/color) field wells of a pie chart.", - "title": "Category", - "type": "array" + "ConstantInitializationVector": { + "markdownDescription": "An optional 128-bit, 16-byte hex value represented by a 32-character string, used in conjunction with the key for encrypting blocks. If you don't specify a value, then AWS Elemental MediaPackage creates the constant initialization vector (IV).", + "title": "ConstantInitializationVector", + "type": "string" }, - "SmallMultiples": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The small multiples field well of a pie chart.", - "title": "SmallMultiples", - "type": "array" + "EncryptionMethod": { + "markdownDescription": "The encryption method to use.", + "title": "EncryptionMethod", + "type": "string" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The value field wells of a pie chart. Values are aggregated based on categories.", - "title": "Values", - "type": "array" + "KeyRotationIntervalSeconds": { + "markdownDescription": "Number of seconds before AWS Elemental MediaPackage rotates to a new key. By default, rotation is set to 60 seconds. Set to `0` to disable key rotation.", + "title": "KeyRotationIntervalSeconds", + "type": "number" + }, + "SpekeKeyProvider": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.SpekeKeyProvider", + "markdownDescription": "Parameters for the SPEKE key provider.", + "title": "SpekeKeyProvider" } }, + "required": [ + "SpekeKeyProvider" + ], "type": "object" }, - "AWS::QuickSight::Analysis.PieChartConfiguration": { + "AWS::MediaPackage::OriginEndpoint.CmafPackage": { "additionalProperties": false, "properties": { - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options of the group/color that is displayed in a pie chart.", - "title": "CategoryLabelOptions" + "Encryption": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.CmafEncryption", + "markdownDescription": "Parameters for encrypting content.", + "title": "Encryption" }, - "ContributionAnalysisDefaults": { + "HlsManifests": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ContributionAnalysisDefault" + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.HlsManifest" }, - "markdownDescription": "The contribution analysis (anomaly configuration) setup of the visual.", - "title": "ContributionAnalysisDefaults", + "markdownDescription": "A list of HLS manifest configurations that are available from this endpoint.", + "title": "HlsManifests", "type": "array" }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.", - "title": "DataLabels" - }, - "DonutOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DonutOptions", - "markdownDescription": "The options that determine the shape of the chart. This option determines whether the chart is a pie chart or a donut chart.", - "title": "DonutOptions" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PieChartFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" - }, - "SmallMultiplesOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SmallMultiplesOptions", - "markdownDescription": "The small multiples setup for the visual.", - "title": "SmallMultiplesOptions" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PieChartSortConfiguration", - "markdownDescription": "The sort configuration of a pie chart.", - "title": "SortConfiguration" - }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" + "SegmentDurationSeconds": { + "markdownDescription": "Duration (in seconds) of each segment. Actual segments are rounded to the nearest multiple of the source segment duration.", + "title": "SegmentDurationSeconds", + "type": "number" }, - "ValueLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options for the value that is displayed in a pie chart.", - "title": "ValueLabelOptions" + "SegmentPrefix": { + "markdownDescription": "An optional custom string that is prepended to the name of each segment. If not specified, the segment prefix defaults to the ChannelId.", + "title": "SegmentPrefix", + "type": "string" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" + "StreamSelection": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.StreamSelection", + "markdownDescription": "Limitations for outputs from the endpoint, based on the video bitrate.", + "title": "StreamSelection" } }, "type": "object" }, - "AWS::QuickSight::Analysis.PieChartFieldWells": { + "AWS::MediaPackage::OriginEndpoint.DashEncryption": { "additionalProperties": false, "properties": { - "PieChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PieChartAggregatedFieldWells", - "markdownDescription": "The field well configuration of a pie chart.", - "title": "PieChartAggregatedFieldWells" + "KeyRotationIntervalSeconds": { + "markdownDescription": "Number of seconds before AWS Elemental MediaPackage rotates to a new key. By default, rotation is set to 60 seconds. Set to `0` to disable key rotation.", + "title": "KeyRotationIntervalSeconds", + "type": "number" + }, + "SpekeKeyProvider": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.SpekeKeyProvider", + "markdownDescription": "Parameters for the SPEKE key provider.", + "title": "SpekeKeyProvider" } }, + "required": [ + "SpekeKeyProvider" + ], "type": "object" }, - "AWS::QuickSight::Analysis.PieChartSortConfiguration": { + "AWS::MediaPackage::OriginEndpoint.DashPackage": { "additionalProperties": false, "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of categories that are displayed in a pie chart.", - "title": "CategoryItemsLimit" - }, - "CategorySort": { + "AdTriggers": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + "type": "string" }, - "markdownDescription": "The sort configuration of the category fields.", - "title": "CategorySort", + "markdownDescription": "Specifies the SCTE-35 message types that AWS Elemental MediaPackage treats as ad markers in the output manifest.\n\nValid values:\n\n- `BREAK`\n- `DISTRIBUTOR_ADVERTISEMENT`\n- `DISTRIBUTOR_OVERLAY_PLACEMENT_OPPORTUNITY` .\n- `DISTRIBUTOR_PLACEMENT_OPPORTUNITY` .\n- `PROVIDER_ADVERTISEMENT` .\n- `PROVIDER_OVERLAY_PLACEMENT_OPPORTUNITY` .\n- `PROVIDER_PLACEMENT_OPPORTUNITY` .\n- `SPLICE_INSERT` .", + "title": "AdTriggers", "type": "array" }, - "SmallMultiplesLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of small multiples panels that are displayed.", - "title": "SmallMultiplesLimitConfiguration" + "AdsOnDeliveryRestrictions": { + "markdownDescription": "The flags on SCTE-35 segmentation descriptors that have to be present for AWS Elemental MediaPackage to insert ad markers in the output manifest. For information about SCTE-35 in AWS Elemental MediaPackage , see [SCTE-35 Message Options in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/ug/scte.html) .", + "title": "AdsOnDeliveryRestrictions", + "type": "string" }, - "SmallMultiplesSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the small multiples field.", - "title": "SmallMultiplesSort", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.PieChartVisual": { - "additionalProperties": false, - "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Encryption": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.DashEncryption", + "markdownDescription": "Parameters for encrypting content.", + "title": "Encryption" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PieChartConfiguration", - "markdownDescription": "The configuration of a pie chart.", - "title": "ChartConfiguration" + "IncludeIframeOnlyStream": { + "markdownDescription": "This applies only to stream sets with a single video track. When true, the stream set includes an additional I-frame trick-play only stream, along with the other tracks. If false, this extra stream is not included.", + "title": "IncludeIframeOnlyStream", + "type": "boolean" }, - "ColumnHierarchies": { + "ManifestLayout": { + "markdownDescription": "Determines the position of some tags in the manifest.\n\nValid values:\n\n- `FULL` - Elements like `SegmentTemplate` and `ContentProtection` are included in each `Representation` .\n- `COMPACT` - Duplicate elements are combined and presented at the `AdaptationSet` level.", + "title": "ManifestLayout", + "type": "string" + }, + "ManifestWindowSeconds": { + "markdownDescription": "Time window (in seconds) contained in each manifest.", + "title": "ManifestWindowSeconds", + "type": "number" + }, + "MinBufferTimeSeconds": { + "markdownDescription": "Minimum amount of content (measured in seconds) that a player must keep available in the buffer.", + "title": "MinBufferTimeSeconds", + "type": "number" + }, + "MinUpdatePeriodSeconds": { + "markdownDescription": "Minimum amount of time (in seconds) that the player should wait before requesting updates to the manifest.", + "title": "MinUpdatePeriodSeconds", + "type": "number" + }, + "PeriodTriggers": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" + "type": "string" }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", + "markdownDescription": "Controls whether AWS Elemental MediaPackage produces single-period or multi-period DASH manifests. For more information about periods, see [Multi-period DASH in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/ug/multi-period.html) .\n\nValid values:\n\n- `ADS` - AWS Elemental MediaPackage will produce multi-period DASH manifests. Periods are created based on the SCTE-35 ad markers present in the input manifest.\n- *No value* - AWS Elemental MediaPackage will produce single-period DASH manifests. This is the default setting.", + "title": "PeriodTriggers", "type": "array" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Profile": { + "markdownDescription": "The DASH profile for the output.\n\nValid values:\n\n- `NONE` - The output doesn't use a DASH profile.\n- `HBBTV_1_5` - The output is compliant with HbbTV v1.5.\n- `DVB_DASH_2014` - The output is compliant with DVB-DASH 2014.", + "title": "Profile", + "type": "string" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "SegmentDurationSeconds": { + "markdownDescription": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source fragment duration.", + "title": "SegmentDurationSeconds", + "type": "number" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "SegmentTemplateFormat": { + "markdownDescription": "Determines the type of variable used in the `media` URL of the `SegmentTemplate` tag in the manifest. Also specifies if segment timeline information is included in `SegmentTimeline` or `SegmentTemplate` .\n\nValid values:\n\n- `NUMBER_WITH_TIMELINE` - The `$Number$` variable is used in the `media` URL. The value of this variable is the sequential number of the segment. A full `SegmentTimeline` object is presented in each `SegmentTemplate` .\n- `NUMBER_WITH_DURATION` - The `$Number$` variable is used in the `media` URL and a `duration` attribute is added to the segment template. The `SegmentTimeline` object is removed from the representation.\n- `TIME_WITH_TIMELINE` - The `$Time$` variable is used in the `media` URL. The value of this variable is the timestamp of when the segment starts. A full `SegmentTimeline` object is presented in each `SegmentTemplate` .", + "title": "SegmentTemplateFormat", + "type": "string" + }, + "StreamSelection": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.StreamSelection", + "markdownDescription": "Limitations for outputs from the endpoint, based on the video bitrate.", + "title": "StreamSelection" + }, + "SuggestedPresentationDelaySeconds": { + "markdownDescription": "Amount of time (in seconds) that the player should be from the live point at the end of the manifest.", + "title": "SuggestedPresentationDelaySeconds", + "type": "number" + }, + "UtcTiming": { + "markdownDescription": "Determines the type of UTC timing included in the DASH Media Presentation Description (MPD).", + "title": "UtcTiming", + "type": "string" + }, + "UtcTimingUri": { + "markdownDescription": "Specifies the value attribute of the UTC timing field when utcTiming is set to HTTP-ISO or HTTP-HEAD.", + "title": "UtcTimingUri", "type": "string" } }, - "required": [ - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.PivotFieldSortOptions": { + "AWS::MediaPackage::OriginEndpoint.EncryptionContractConfiguration": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::MediaPackage::OriginEndpoint.HlsEncryption": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID for the field sort options.", - "title": "FieldId", + "ConstantInitializationVector": { + "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, used with the key for encrypting blocks.", + "title": "ConstantInitializationVector", "type": "string" }, - "SortBy": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableSortBy", - "markdownDescription": "The sort by field for the field sort options.", - "title": "SortBy" + "EncryptionMethod": { + "markdownDescription": "HLS encryption type.", + "title": "EncryptionMethod", + "type": "string" + }, + "KeyRotationIntervalSeconds": { + "markdownDescription": "Number of seconds before AWS Elemental MediaPackage rotates to a new key. By default, rotation is set to 60 seconds. Set to `0` to disable key rotation.", + "title": "KeyRotationIntervalSeconds", + "type": "number" + }, + "RepeatExtXKey": { + "markdownDescription": "Repeat the `EXT-X-KEY` directive for every media segment. This might result in an increase in client requests to the DRM server.", + "title": "RepeatExtXKey", + "type": "boolean" + }, + "SpekeKeyProvider": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.SpekeKeyProvider", + "markdownDescription": "Parameters for the SPEKE key provider.", + "title": "SpekeKeyProvider" } }, "required": [ - "FieldId", - "SortBy" + "SpekeKeyProvider" ], "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableAggregatedFieldWells": { + "AWS::MediaPackage::OriginEndpoint.HlsManifest": { "additionalProperties": false, "properties": { - "Columns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The columns field well for a pivot table. Values are grouped by columns fields.", - "title": "Columns", - "type": "array" + "AdMarkers": { + "markdownDescription": "Controls how ad markers are included in the packaged endpoint.\n\nValid values:\n\n- `NONE` - Omits all SCTE-35 ad markers from the output.\n- `PASSTHROUGH` - Creates a copy in the output of the SCTE-35 ad markers (comments) taken directly from the input manifest.\n- `SCTE35_ENHANCED` - Generates ad markers and blackout tags in the output based on the SCTE-35 messages from the input manifest.", + "title": "AdMarkers", + "type": "string" }, - "Rows": { + "AdTriggers": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + "type": "string" }, - "markdownDescription": "The rows field well for a pivot table. Values are grouped by rows fields.", - "title": "Rows", + "markdownDescription": "Specifies the SCTE-35 message types that AWS Elemental MediaPackage treats as ad markers in the output manifest.\n\nValid values:\n\n- `BREAK`\n- `DISTRIBUTOR_ADVERTISEMENT`\n- `DISTRIBUTOR_OVERLAY_PLACEMENT_OPPORTUNITY`\n- `DISTRIBUTOR_PLACEMENT_OPPORTUNITY`\n- `PROVIDER_ADVERTISEMENT`\n- `PROVIDER_OVERLAY_PLACEMENT_OPPORTUNITY`\n- `PROVIDER_PLACEMENT_OPPORTUNITY`\n- `SPLICE_INSERT`", + "title": "AdTriggers", "type": "array" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The values field well for a pivot table. Values are aggregated based on rows and columns fields.", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.PivotTableCellConditionalFormatting": { - "additionalProperties": false, - "properties": { - "FieldId": { - "markdownDescription": "The field ID of the cell for conditional formatting.", - "title": "FieldId", + "AdsOnDeliveryRestrictions": { + "markdownDescription": "The flags on SCTE-35 segmentation descriptors that have to be present for AWS Elemental MediaPackage to insert ad markers in the output manifest. For information about SCTE-35 in AWS Elemental MediaPackage , see [SCTE-35 Message Options in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/ug/scte.html) .", + "title": "AdsOnDeliveryRestrictions", "type": "string" }, - "Scope": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableConditionalFormattingScope", - "markdownDescription": "The scope of the cell for conditional formatting.", - "title": "Scope" + "Id": { + "markdownDescription": "The manifest ID is required and must be unique within the OriginEndpoint. The ID can't be changed after the endpoint is created.", + "title": "Id", + "type": "string" }, - "Scopes": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableConditionalFormattingScope" - }, - "markdownDescription": "A list of cell scopes for conditional formatting.", - "title": "Scopes", - "type": "array" + "IncludeIframeOnlyStream": { + "markdownDescription": "Applies to stream sets with a single video track only. When true, the stream set includes an additional I-frame only stream, along with the other tracks. If false, this extra stream is not included.", + "title": "IncludeIframeOnlyStream", + "type": "boolean" }, - "TextFormat": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TextConditionalFormat", - "markdownDescription": "The text format of the cell for conditional formatting.", - "title": "TextFormat" + "ManifestName": { + "markdownDescription": "A short string that's appended to the end of the endpoint URL to create a unique path to this endpoint. The manifestName on the HLSManifest object overrides the manifestName that you provided on the originEndpoint object.", + "title": "ManifestName", + "type": "string" + }, + "PlaylistType": { + "markdownDescription": "When specified as either `event` or `vod` , a corresponding `EXT-X-PLAYLIST-TYPE` entry is included in the media playlist. Indicates if the playlist is live-to-VOD content.", + "title": "PlaylistType", + "type": "string" + }, + "PlaylistWindowSeconds": { + "markdownDescription": "Time window (in seconds) contained in each parent manifest.", + "title": "PlaylistWindowSeconds", + "type": "number" + }, + "ProgramDateTimeIntervalSeconds": { + "markdownDescription": "Inserts `EXT-X-PROGRAM-DATE-TIME` tags in the output manifest at the interval that you specify.\n\nIrrespective of this parameter, if any ID3Timed metadata is in the HLS input, it is passed through to the HLS output.\n\nOmit this attribute or enter `0` to indicate that the `EXT-X-PROGRAM-DATE-TIME` tags are not included in the manifest.", + "title": "ProgramDateTimeIntervalSeconds", + "type": "number" + }, + "Url": { + "markdownDescription": "The URL that's used to request this manifest from this endpoint.", + "title": "Url", + "type": "string" } }, "required": [ - "FieldId" + "Id" ], "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableConditionalFormatting": { + "AWS::MediaPackage::OriginEndpoint.HlsPackage": { "additionalProperties": false, "properties": { - "ConditionalFormattingOptions": { + "AdMarkers": { + "markdownDescription": "Controls how ad markers are included in the packaged endpoint.\n\nValid values:\n\n- `NONE` - Omits all SCTE-35 ad markers from the output.\n- `PASSTHROUGH` - Creates a copy in the output of the SCTE-35 ad markers (comments) taken directly from the input manifest.\n- `SCTE35_ENHANCED` - Generates ad markers and blackout tags in the output based on the SCTE-35 messages from the input manifest.", + "title": "AdMarkers", + "type": "string" + }, + "AdTriggers": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableConditionalFormattingOption" + "type": "string" }, - "markdownDescription": "Conditional formatting options for a `PivotTableVisual` .", - "title": "ConditionalFormattingOptions", + "markdownDescription": "Specifies the SCTE-35 message types that AWS Elemental MediaPackage treats as ad markers in the output manifest.\n\nValid values:\n\n- `BREAK`\n- `DISTRIBUTOR_ADVERTISEMENT`\n- `DISTRIBUTOR_OVERLAY_PLACEMENT_OPPORTUNITY`\n- `DISTRIBUTOR_PLACEMENT_OPPORTUNITY`\n- `PROVIDER_ADVERTISEMENT`\n- `PROVIDER_OVERLAY_PLACEMENT_OPPORTUNITY`\n- `PROVIDER_PLACEMENT_OPPORTUNITY`\n- `SPLICE_INSERT`", + "title": "AdTriggers", "type": "array" + }, + "AdsOnDeliveryRestrictions": { + "markdownDescription": "The flags on SCTE-35 segmentation descriptors that have to be present for AWS Elemental MediaPackage to insert ad markers in the output manifest. For information about SCTE-35 in AWS Elemental MediaPackage , see [SCTE-35 Message Options in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/ug/scte.html) .", + "title": "AdsOnDeliveryRestrictions", + "type": "string" + }, + "Encryption": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.HlsEncryption", + "markdownDescription": "Parameters for encrypting content.", + "title": "Encryption" + }, + "IncludeDvbSubtitles": { + "markdownDescription": "When enabled, MediaPackage passes through digital video broadcasting (DVB) subtitles into the output.", + "title": "IncludeDvbSubtitles", + "type": "boolean" + }, + "IncludeIframeOnlyStream": { + "markdownDescription": "Only applies to stream sets with a single video track. When true, the stream set includes an additional I-frame only stream, along with the other tracks. If false, this extra stream is not included.", + "title": "IncludeIframeOnlyStream", + "type": "boolean" + }, + "PlaylistType": { + "markdownDescription": "When specified as either `event` or `vod` , a corresponding `EXT-X-PLAYLIST-TYPE` entry is included in the media playlist. Indicates if the playlist is live-to-VOD content.", + "title": "PlaylistType", + "type": "string" + }, + "PlaylistWindowSeconds": { + "markdownDescription": "Time window (in seconds) contained in each parent manifest.", + "title": "PlaylistWindowSeconds", + "type": "number" + }, + "ProgramDateTimeIntervalSeconds": { + "markdownDescription": "Inserts `EXT-X-PROGRAM-DATE-TIME` tags in the output manifest at the interval that you specify.\n\nIrrespective of this parameter, if any ID3Timed metadata is in the HLS input, it is passed through to the HLS output.\n\nOmit this attribute or enter `0` to indicate that the `EXT-X-PROGRAM-DATE-TIME` tags are not included in the manifest.", + "title": "ProgramDateTimeIntervalSeconds", + "type": "number" + }, + "SegmentDurationSeconds": { + "markdownDescription": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source fragment duration.", + "title": "SegmentDurationSeconds", + "type": "number" + }, + "StreamSelection": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.StreamSelection", + "markdownDescription": "Limitations for outputs from the endpoint, based on the video bitrate.", + "title": "StreamSelection" + }, + "UseAudioRenditionGroup": { + "markdownDescription": "When true, AWS Elemental MediaPackage bundles all audio tracks in a rendition group. All other tracks in the stream can be used with any audio rendition from the group.", + "title": "UseAudioRenditionGroup", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableConditionalFormattingOption": { + "AWS::MediaPackage::OriginEndpoint.MssEncryption": { "additionalProperties": false, "properties": { - "Cell": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableCellConditionalFormatting", - "markdownDescription": "The cell conditional formatting option for a pivot table.", - "title": "Cell" + "SpekeKeyProvider": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.SpekeKeyProvider", + "markdownDescription": "Parameters for the SPEKE key provider.", + "title": "SpekeKeyProvider" } }, + "required": [ + "SpekeKeyProvider" + ], "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableConditionalFormattingScope": { + "AWS::MediaPackage::OriginEndpoint.MssPackage": { "additionalProperties": false, "properties": { - "Role": { - "markdownDescription": "The role (field, field total, grand total) of the cell for conditional formatting.", - "title": "Role", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.PivotTableConfiguration": { - "additionalProperties": false, - "properties": { - "FieldOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableFieldOptions", - "markdownDescription": "The field options for a pivot table visual.", - "title": "FieldOptions" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "PaginatedReportOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTablePaginatedReportOptions", - "markdownDescription": "The paginated report options for a pivot table visual.", - "title": "PaginatedReportOptions" + "Encryption": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.MssEncryption", + "markdownDescription": "Parameters for encrypting content.", + "title": "Encryption" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableSortConfiguration", - "markdownDescription": "The sort configuration for a `PivotTableVisual` .", - "title": "SortConfiguration" + "ManifestWindowSeconds": { + "markdownDescription": "Time window (in seconds) contained in each manifest.", + "title": "ManifestWindowSeconds", + "type": "number" }, - "TableOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableOptions", - "markdownDescription": "The table options for a pivot table visual.", - "title": "TableOptions" + "SegmentDurationSeconds": { + "markdownDescription": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source fragment duration.", + "title": "SegmentDurationSeconds", + "type": "number" }, - "TotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableTotalOptions", - "markdownDescription": "The total options for a pivot table visual.", - "title": "TotalOptions" + "StreamSelection": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.StreamSelection", + "markdownDescription": "Limitations for outputs from the endpoint, based on the video bitrate.", + "title": "StreamSelection" } }, "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableDataPathOption": { + "AWS::MediaPackage::OriginEndpoint.SpekeKeyProvider": { "additionalProperties": false, "properties": { - "DataPathList": { + "CertificateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the certificate that you imported to AWS Certificate Manager to add content key encryption to this endpoint. For this feature to work, your DRM key provider must support content key encryption.", + "title": "CertificateArn", + "type": "string" + }, + "EncryptionContractConfiguration": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.EncryptionContractConfiguration", + "markdownDescription": "Use `encryptionContractConfiguration` to configure one or more content encryption keys for your endpoints that use SPEKE Version 2.0. The encryption contract defines which content keys are used to encrypt the audio and video tracks in your stream. To configure the encryption contract, specify which audio and video encryption presets to use.", + "title": "EncryptionContractConfiguration" + }, + "ResourceId": { + "markdownDescription": "Unique identifier for this endpoint, as it is configured in the key provider service.", + "title": "ResourceId", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN for the IAM role that's granted by the key provider to provide access to the key provider API. This role must have a trust policy that allows AWS Elemental MediaPackage to assume the role, and it must have a sufficient permissions policy to allow access to the specific key retrieval URL. Valid format: arn:aws:iam::{accountID}:role/{name}", + "title": "RoleArn", + "type": "string" + }, + "SystemIds": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathValue" + "type": "string" }, - "markdownDescription": "The list of data path values for the data path options.", - "title": "DataPathList", + "markdownDescription": "List of unique identifiers for the DRM systems to use, as defined in the CPIX specification.", + "title": "SystemIds", "type": "array" }, - "Width": { - "markdownDescription": "The width of the data path option.", - "title": "Width", + "Url": { + "markdownDescription": "URL for the key provider\u2019s key retrieval API endpoint. Must start with https://.", + "title": "Url", "type": "string" } }, "required": [ - "DataPathList" + "ResourceId", + "RoleArn", + "SystemIds", + "Url" ], "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableFieldCollapseStateOption": { + "AWS::MediaPackage::OriginEndpoint.StreamSelection": { "additionalProperties": false, "properties": { - "State": { - "markdownDescription": "The state of the field target of a pivot table. Choose one of the following options:\n\n- `COLLAPSED`\n- `EXPANDED`", - "title": "State", - "type": "string" + "MaxVideoBitsPerSecond": { + "markdownDescription": "The upper limit of the bitrates that this endpoint serves. If the video track exceeds this threshold, then AWS Elemental MediaPackage excludes it from output. If you don't specify a value, it defaults to 2147483647 bits per second.", + "title": "MaxVideoBitsPerSecond", + "type": "number" }, - "Target": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableFieldCollapseStateTarget", - "markdownDescription": "A tagged-union object that sets the collapse state.", - "title": "Target" + "MinVideoBitsPerSecond": { + "markdownDescription": "The lower limit of the bitrates that this endpoint serves. If the video track is below this threshold, then AWS Elemental MediaPackage excludes it from output. If you don't specify a value, it defaults to 0 bits per second.", + "title": "MinVideoBitsPerSecond", + "type": "number" + }, + "StreamOrder": { + "markdownDescription": "Order in which the different video bitrates are presented to the player.\n\nValid values: `ORIGINAL` , `VIDEO_BITRATE_ASCENDING` , `VIDEO_BITRATE_DESCENDING` .", + "title": "StreamOrder", + "type": "string" } }, - "required": [ - "Target" - ], "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableFieldCollapseStateTarget": { + "AWS::MediaPackage::PackagingConfiguration": { "additionalProperties": false, "properties": { - "FieldDataPathValues": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathValue" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CmafPackage": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.CmafPackage", + "markdownDescription": "Parameters for CMAF packaging.", + "title": "CmafPackage" + }, + "DashPackage": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.DashPackage", + "markdownDescription": "Parameters for DASH-ISO packaging.", + "title": "DashPackage" + }, + "HlsPackage": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.HlsPackage", + "markdownDescription": "Parameters for Apple HLS packaging.", + "title": "HlsPackage" + }, + "Id": { + "markdownDescription": "Unique identifier that you assign to the packaging configuration.", + "title": "Id", + "type": "string" + }, + "MssPackage": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.MssPackage", + "markdownDescription": "Parameters for Microsoft Smooth Streaming packaging.", + "title": "MssPackage" + }, + "PackagingGroupId": { + "markdownDescription": "The ID of the packaging group associated with this packaging configuration.", + "title": "PackagingGroupId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to assign to the packaging configuration.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The data path of the pivot table's header. Used to set the collapse state.", - "title": "FieldDataPathValues", - "type": "array" + "required": [ + "Id", + "PackagingGroupId" + ], + "type": "object" }, - "FieldId": { - "markdownDescription": "The field ID of the pivot table that the collapse state needs to be set to.", - "title": "FieldId", + "Type": { + "enum": [ + "AWS::MediaPackage::PackagingConfiguration" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableFieldOption": { + "AWS::MediaPackage::PackagingConfiguration.CmafEncryption": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label of the pivot table field.", - "title": "CustomLabel", - "type": "string" - }, - "FieldId": { - "markdownDescription": "The field ID of the pivot table field.", - "title": "FieldId", - "type": "string" - }, - "Visibility": { - "markdownDescription": "The visibility of the pivot table field.", - "title": "Visibility", - "type": "string" + "SpekeKeyProvider": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.SpekeKeyProvider", + "markdownDescription": "Parameters for the SPEKE key provider.", + "title": "SpekeKeyProvider" } }, "required": [ - "FieldId" + "SpekeKeyProvider" ], "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableFieldOptions": { + "AWS::MediaPackage::PackagingConfiguration.CmafPackage": { "additionalProperties": false, "properties": { - "CollapseStateOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableFieldCollapseStateOption" - }, - "markdownDescription": "The collapse state options for the pivot table field options.", - "title": "CollapseStateOptions", - "type": "array" + "Encryption": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.CmafEncryption", + "markdownDescription": "Parameters for encrypting content.", + "title": "Encryption" }, - "DataPathOptions": { + "HlsManifests": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableDataPathOption" + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.HlsManifest" }, - "markdownDescription": "The data path options for the pivot table field options.", - "title": "DataPathOptions", + "markdownDescription": "A list of HLS manifest configurations that are available from this endpoint.", + "title": "HlsManifests", "type": "array" }, - "SelectedFieldOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableFieldOption" - }, - "markdownDescription": "The selected field options for the pivot table field options.", - "title": "SelectedFieldOptions", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.PivotTableFieldSubtotalOptions": { - "additionalProperties": false, - "properties": { - "FieldId": { - "markdownDescription": "The field ID of the subtotal options.", - "title": "FieldId", - "type": "string" + "IncludeEncoderConfigurationInSegments": { + "markdownDescription": "When includeEncoderConfigurationInSegments is set to true, AWS Elemental MediaPackage places your encoder's Sequence Parameter Set (SPS), Picture Parameter Set (PPS), and Video Parameter Set (VPS) metadata in every video segment instead of in the init fragment. This lets you use different SPS/PPS/VPS settings for your assets during content playback.", + "title": "IncludeEncoderConfigurationInSegments", + "type": "boolean" + }, + "SegmentDurationSeconds": { + "markdownDescription": "Duration (in seconds) of each segment. Actual segments are rounded to the nearest multiple of the source fragment duration.", + "title": "SegmentDurationSeconds", + "type": "number" } }, + "required": [ + "HlsManifests" + ], "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableFieldWells": { + "AWS::MediaPackage::PackagingConfiguration.DashEncryption": { "additionalProperties": false, "properties": { - "PivotTableAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableAggregatedFieldWells", - "markdownDescription": "The aggregated field well for the pivot table.", - "title": "PivotTableAggregatedFieldWells" + "SpekeKeyProvider": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.SpekeKeyProvider", + "markdownDescription": "Parameters for the SPEKE key provider.", + "title": "SpekeKeyProvider" } }, + "required": [ + "SpekeKeyProvider" + ], "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableOptions": { + "AWS::MediaPackage::PackagingConfiguration.DashManifest": { "additionalProperties": false, "properties": { - "CellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", - "markdownDescription": "The table cell style of cells.", - "title": "CellStyle" - }, - "CollapsedRowDimensionsVisibility": { - "markdownDescription": "The visibility setting of a pivot table's collapsed row dimension fields. If the value of this structure is `HIDDEN` , all collapsed columns in a pivot table are automatically hidden. The default value is `VISIBLE` .", - "title": "CollapsedRowDimensionsVisibility", + "ManifestLayout": { + "markdownDescription": "Determines the position of some tags in the Media Presentation Description (MPD). When set to `FULL` , elements like `SegmentTemplate` and `ContentProtection` are included in each `Representation` . When set to `COMPACT` , duplicate elements are combined and presented at the AdaptationSet level.", + "title": "ManifestLayout", "type": "string" }, - "ColumnHeaderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", - "markdownDescription": "The table cell style of the column header.", - "title": "ColumnHeaderStyle" - }, - "ColumnNamesVisibility": { - "markdownDescription": "The visibility of the column names.", - "title": "ColumnNamesVisibility", + "ManifestName": { + "markdownDescription": "A short string that's appended to the end of the endpoint URL to create a unique path to this packaging configuration.", + "title": "ManifestName", "type": "string" }, - "DefaultCellWidth": { - "markdownDescription": "The default cell width of the pivot table.", - "title": "DefaultCellWidth", + "MinBufferTimeSeconds": { + "markdownDescription": "Minimum amount of content (measured in seconds) that a player must keep available in the buffer.", + "title": "MinBufferTimeSeconds", + "type": "number" + }, + "Profile": { + "markdownDescription": "The DASH profile type. When set to `HBBTV_1_5` , the content is compliant with HbbTV 1.5.", + "title": "Profile", "type": "string" }, - "MetricPlacement": { - "markdownDescription": "The metric placement (row, column) options.", - "title": "MetricPlacement", + "ScteMarkersSource": { + "markdownDescription": "The source of scte markers used.\n\nValue description:\n\n- `SEGMENTS` - The scte markers are sourced from the segments of the ingested content.\n- `MANIFEST` - the scte markers are sourced from the manifest of the ingested content. The MANIFEST value is compatible with source HLS playlists using the SCTE-35 Enhanced syntax ( `EXT-OATCLS-SCTE35` tags). SCTE-35 Elemental and SCTE-35 Daterange syntaxes are not supported with this option.", + "title": "ScteMarkersSource", "type": "string" }, - "RowAlternateColorOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RowAlternateColorOptions", - "markdownDescription": "The row alternate color options (widget status, row alternate colors).", - "title": "RowAlternateColorOptions" + "StreamSelection": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.StreamSelection", + "markdownDescription": "Limitations for outputs from the endpoint, based on the video bitrate.", + "title": "StreamSelection" + } + }, + "type": "object" + }, + "AWS::MediaPackage::PackagingConfiguration.DashPackage": { + "additionalProperties": false, + "properties": { + "DashManifests": { + "items": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.DashManifest" + }, + "markdownDescription": "A list of DASH manifest configurations that are available from this endpoint.", + "title": "DashManifests", + "type": "array" }, - "RowFieldNamesStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", - "markdownDescription": "The table cell style of row field names.", - "title": "RowFieldNamesStyle" + "Encryption": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.DashEncryption", + "markdownDescription": "Parameters for encrypting content.", + "title": "Encryption" }, - "RowHeaderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", - "markdownDescription": "The table cell style of the row headers.", - "title": "RowHeaderStyle" + "IncludeEncoderConfigurationInSegments": { + "markdownDescription": "When includeEncoderConfigurationInSegments is set to true, AWS Elemental MediaPackage places your encoder's Sequence Parameter Set (SPS), Picture Parameter Set (PPS), and Video Parameter Set (VPS) metadata in every video segment instead of in the init fragment. This lets you use different SPS/PPS/VPS settings for your assets during content playback.", + "title": "IncludeEncoderConfigurationInSegments", + "type": "boolean" }, - "RowsLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableRowsLabelOptions", - "markdownDescription": "The options for the label that is located above the row headers. This option is only applicable when `RowsLayout` is set to `HIERARCHY` .", - "title": "RowsLabelOptions" + "IncludeIframeOnlyStream": { + "markdownDescription": "This applies only to stream sets with a single video track. When true, the stream set includes an additional I-frame trick-play only stream, along with the other tracks. If false, this extra stream is not included.", + "title": "IncludeIframeOnlyStream", + "type": "boolean" }, - "RowsLayout": { - "markdownDescription": "The layout for the row dimension headers of a pivot table. Choose one of the following options.\n\n- `TABULAR` : (Default) Each row field is displayed in a separate column.\n- `HIERARCHY` : All row fields are displayed in a single column. Indentation is used to differentiate row headers of different fields.", - "title": "RowsLayout", - "type": "string" + "PeriodTriggers": { + "items": { + "type": "string" + }, + "markdownDescription": "Controls whether AWS Elemental MediaPackage produces single-period or multi-period DASH manifests. For more information about periods, see [Multi-period DASH in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/ug/multi-period.html) .\n\nValid values:\n\n- `ADS` - AWS Elemental MediaPackage will produce multi-period DASH manifests. Periods are created based on the SCTE-35 ad markers present in the input manifest.\n- *No value* - AWS Elemental MediaPackage will produce single-period DASH manifests. This is the default setting.", + "title": "PeriodTriggers", + "type": "array" }, - "SingleMetricVisibility": { - "markdownDescription": "The visibility of the single metric options.", - "title": "SingleMetricVisibility", - "type": "string" + "SegmentDurationSeconds": { + "markdownDescription": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source segment duration.", + "title": "SegmentDurationSeconds", + "type": "number" }, - "ToggleButtonsVisibility": { - "markdownDescription": "Determines the visibility of the pivot table.", - "title": "ToggleButtonsVisibility", + "SegmentTemplateFormat": { + "markdownDescription": "Determines the type of SegmentTemplate included in the Media Presentation Description (MPD). When set to `NUMBER_WITH_TIMELINE` , a full timeline is presented in each SegmentTemplate, with $Number$ media URLs. When set to `TIME_WITH_TIMELINE` , a full timeline is presented in each SegmentTemplate, with $Time$ media URLs. When set to `NUMBER_WITH_DURATION` , only a duration is included in each SegmentTemplate, with $Number$ media URLs.", + "title": "SegmentTemplateFormat", "type": "string" } }, + "required": [ + "DashManifests" + ], "type": "object" }, - "AWS::QuickSight::Analysis.PivotTablePaginatedReportOptions": { + "AWS::MediaPackage::PackagingConfiguration.EncryptionContractConfiguration": { "additionalProperties": false, "properties": { - "OverflowColumnHeaderVisibility": { - "markdownDescription": "The visibility of the repeating header rows on each page.", - "title": "OverflowColumnHeaderVisibility", + "PresetSpeke20Audio": { + "markdownDescription": "A collection of audio encryption presets.\n\nValue description:\n\n- `PRESET-AUDIO-1` - Use one content key to encrypt all of the audio tracks in your stream.\n- `PRESET-AUDIO-2` - Use one content key to encrypt all of the stereo audio tracks and one content key to encrypt all of the multichannel audio tracks.\n- `PRESET-AUDIO-3` - Use one content key to encrypt all of the stereo audio tracks, one content key to encrypt all of the multichannel audio tracks with 3 to 6 channels, and one content key to encrypt all of the multichannel audio tracks with more than 6 channels.\n- `SHARED` - Use the same content key for all of the audio and video tracks in your stream.\n- `UNENCRYPTED` - Don't encrypt any of the audio tracks in your stream.", + "title": "PresetSpeke20Audio", "type": "string" }, - "VerticalOverflowVisibility": { - "markdownDescription": "The visibility of the printing table overflow across pages.", - "title": "VerticalOverflowVisibility", + "PresetSpeke20Video": { + "markdownDescription": "A collection of video encryption presets.\n\nValue description:\n\n- `PRESET-VIDEO-1` - Use one content key to encrypt all of the video tracks in your stream.\n- `PRESET-VIDEO-2` - Use one content key to encrypt all of the SD video tracks and one content key for all HD and higher resolutions video tracks.\n- `PRESET-VIDEO-3` - Use one content key to encrypt all of the SD video tracks, one content key for HD video tracks and one content key for all UHD video tracks.\n- `PRESET-VIDEO-4` - Use one content key to encrypt all of the SD video tracks, one content key for HD video tracks, one content key for all UHD1 video tracks and one content key for all UHD2 video tracks.\n- `PRESET-VIDEO-5` - Use one content key to encrypt all of the SD video tracks, one content key for HD1 video tracks, one content key for HD2 video tracks, one content key for all UHD1 video tracks and one content key for all UHD2 video tracks.\n- `PRESET-VIDEO-6` - Use one content key to encrypt all of the SD video tracks, one content key for HD1 video tracks, one content key for HD2 video tracks and one content key for all UHD video tracks.\n- `PRESET-VIDEO-7` - Use one content key to encrypt all of the SD+HD1 video tracks, one content key for HD2 video tracks and one content key for all UHD video tracks.\n- `PRESET-VIDEO-8` - Use one content key to encrypt all of the SD+HD1 video tracks, one content key for HD2 video tracks, one content key for all UHD1 video tracks and one content key for all UHD2 video tracks.\n- `SHARED` - Use the same content key for all of the video and audio tracks in your stream.\n- `UNENCRYPTED` - Don't encrypt any of the video tracks in your stream.", + "title": "PresetSpeke20Video", "type": "string" } }, + "required": [ + "PresetSpeke20Audio", + "PresetSpeke20Video" + ], "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableRowsLabelOptions": { + "AWS::MediaPackage::PackagingConfiguration.HlsEncryption": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label string for the rows label.", - "title": "CustomLabel", + "ConstantInitializationVector": { + "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, used with the key for encrypting blocks. If you don't specify a constant initialization vector (IV), AWS Elemental MediaPackage periodically rotates the IV.", + "title": "ConstantInitializationVector", "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the rows label.", - "title": "Visibility", + "EncryptionMethod": { + "markdownDescription": "HLS encryption type.", + "title": "EncryptionMethod", "type": "string" + }, + "SpekeKeyProvider": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.SpekeKeyProvider", + "markdownDescription": "Parameters for the SPEKE key provider.", + "title": "SpekeKeyProvider" } }, + "required": [ + "SpekeKeyProvider" + ], "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableSortBy": { + "AWS::MediaPackage::PackagingConfiguration.HlsManifest": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnSort", - "markdownDescription": "The column sort (field id, direction) for the pivot table sort by options.", - "title": "Column" + "AdMarkers": { + "markdownDescription": "This setting controls ad markers in the packaged content.\n\nValid values:\n\n- `NONE` - Omits all SCTE-35 ad markers from the output.\n- `PASSTHROUGH` - Creates a copy in the output of the SCTE-35 ad markers (comments) taken directly from the input manifest.\n- `SCTE35_ENHANCED` - Generates ad markers and blackout tags in the output based on the SCTE-35 messages from the input manifest.", + "title": "AdMarkers", + "type": "string" }, - "DataPath": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathSort", - "markdownDescription": "The data path sort (data path value, direction) for the pivot table sort by options.", - "title": "DataPath" + "IncludeIframeOnlyStream": { + "markdownDescription": "Applies to stream sets with a single video track only. When enabled, the output includes an additional I-frame only stream, along with the other tracks.", + "title": "IncludeIframeOnlyStream", + "type": "boolean" }, - "Field": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSort", - "markdownDescription": "The field sort (field id, direction) for the pivot table sort by options.", - "title": "Field" + "ManifestName": { + "markdownDescription": "A short string that's appended to the end of the endpoint URL to create a unique path to this packaging configuration.", + "title": "ManifestName", + "type": "string" + }, + "ProgramDateTimeIntervalSeconds": { + "markdownDescription": "Inserts `EXT-X-PROGRAM-DATE-TIME` tags in the output manifest at the interval that you specify.\n\nIrrespective of this parameter, if any ID3Timed metadata is in the HLS input, it is passed through to the HLS output.\n\nOmit this attribute or enter `0` to indicate that the `EXT-X-PROGRAM-DATE-TIME` tags are not included in the manifest.", + "title": "ProgramDateTimeIntervalSeconds", + "type": "number" + }, + "RepeatExtXKey": { + "markdownDescription": "Repeat the `EXT-X-KEY` directive for every media segment. This might result in an increase in client requests to the DRM server.", + "title": "RepeatExtXKey", + "type": "boolean" + }, + "StreamSelection": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.StreamSelection", + "markdownDescription": "Video bitrate limitations for outputs from this packaging configuration.", + "title": "StreamSelection" } }, "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableSortConfiguration": { + "AWS::MediaPackage::PackagingConfiguration.HlsPackage": { "additionalProperties": false, "properties": { - "FieldSortOptions": { + "Encryption": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.HlsEncryption", + "markdownDescription": "Parameters for encrypting content.", + "title": "Encryption" + }, + "HlsManifests": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotFieldSortOptions" + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.HlsManifest" }, - "markdownDescription": "The field sort options for a pivot table sort configuration.", - "title": "FieldSortOptions", + "markdownDescription": "A list of HLS manifest configurations that are available from this endpoint.", + "title": "HlsManifests", "type": "array" + }, + "IncludeDvbSubtitles": { + "markdownDescription": "When enabled, MediaPackage passes through digital video broadcasting (DVB) subtitles into the output.", + "title": "IncludeDvbSubtitles", + "type": "boolean" + }, + "SegmentDurationSeconds": { + "markdownDescription": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source fragment duration.", + "title": "SegmentDurationSeconds", + "type": "number" + }, + "UseAudioRenditionGroup": { + "markdownDescription": "When true, AWS Elemental MediaPackage bundles all audio tracks in a rendition group. All other tracks in the stream can be used with any audio rendition from the group.", + "title": "UseAudioRenditionGroup", + "type": "boolean" } }, + "required": [ + "HlsManifests" + ], "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableTotalOptions": { + "AWS::MediaPackage::PackagingConfiguration.MssEncryption": { "additionalProperties": false, "properties": { - "ColumnSubtotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SubtotalOptions", - "markdownDescription": "The column subtotal options.", - "title": "ColumnSubtotalOptions" - }, - "ColumnTotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTotalOptions", - "markdownDescription": "The column total options.", - "title": "ColumnTotalOptions" - }, - "RowSubtotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SubtotalOptions", - "markdownDescription": "The row subtotal options.", - "title": "RowSubtotalOptions" + "SpekeKeyProvider": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.SpekeKeyProvider", + "markdownDescription": "Parameters for the SPEKE key provider.", + "title": "SpekeKeyProvider" + } + }, + "required": [ + "SpekeKeyProvider" + ], + "type": "object" + }, + "AWS::MediaPackage::PackagingConfiguration.MssManifest": { + "additionalProperties": false, + "properties": { + "ManifestName": { + "markdownDescription": "A short string that's appended to the end of the endpoint URL to create a unique path to this packaging configuration.", + "title": "ManifestName", + "type": "string" }, - "RowTotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTotalOptions", - "markdownDescription": "The row total options.", - "title": "RowTotalOptions" + "StreamSelection": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.StreamSelection", + "markdownDescription": "Video bitrate limitations for outputs from this packaging configuration.", + "title": "StreamSelection" } }, "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableVisual": { + "AWS::MediaPackage::PackagingConfiguration.MssPackage": { "additionalProperties": false, "properties": { - "Actions": { + "Encryption": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.MssEncryption", + "markdownDescription": "Parameters for encrypting content.", + "title": "Encryption" + }, + "MssManifests": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.MssManifest" }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", + "markdownDescription": "A list of Microsoft Smooth manifest configurations that are available from this endpoint.", + "title": "MssManifests", "type": "array" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" - }, - "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableConditionalFormatting", - "markdownDescription": "The conditional formatting for a `PivotTableVisual` .", - "title": "ConditionalFormatting" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" - }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", - "type": "string" + "SegmentDurationSeconds": { + "markdownDescription": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source fragment duration.", + "title": "SegmentDurationSeconds", + "type": "number" } }, "required": [ - "VisualId" + "MssManifests" ], "type": "object" }, - "AWS::QuickSight::Analysis.PivotTotalOptions": { + "AWS::MediaPackage::PackagingConfiguration.SpekeKeyProvider": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label string for the total cells.", - "title": "CustomLabel", - "type": "string" - }, - "MetricHeaderCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", - "markdownDescription": "The cell styling options for the total of header cells.", - "title": "MetricHeaderCellStyle" - }, - "Placement": { - "markdownDescription": "The placement (start, end) for the total cells.", - "title": "Placement", - "type": "string" + "EncryptionContractConfiguration": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.EncryptionContractConfiguration", + "markdownDescription": "Use `encryptionContractConfiguration` to configure one or more content encryption keys for your endpoints that use SPEKE Version 2.0. The encryption contract defines which content keys are used to encrypt the audio and video tracks in your stream. To configure the encryption contract, specify which audio and video encryption presets to use.", + "title": "EncryptionContractConfiguration" }, - "ScrollStatus": { - "markdownDescription": "The scroll status (pinned, scrolled) for the total cells.", - "title": "ScrollStatus", + "RoleArn": { + "markdownDescription": "The ARN for the IAM role that's granted by the key provider to provide access to the key provider API. Valid format: arn:aws:iam::{accountID}:role/{name}", + "title": "RoleArn", "type": "string" }, - "TotalAggregationOptions": { + "SystemIds": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TotalAggregationOption" + "type": "string" }, - "markdownDescription": "The total aggregation options for each value field.", - "title": "TotalAggregationOptions", + "markdownDescription": "List of unique identifiers for the DRM systems to use, as defined in the CPIX specification.", + "title": "SystemIds", "type": "array" }, - "TotalCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", - "markdownDescription": "The cell styling options for the total cells.", - "title": "TotalCellStyle" - }, - "TotalsVisibility": { - "markdownDescription": "The visibility configuration for the total cells.", - "title": "TotalsVisibility", + "Url": { + "markdownDescription": "URL for the key provider's key retrieval API endpoint. Must start with https://.", + "title": "Url", "type": "string" - }, - "ValueCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", - "markdownDescription": "The cell styling options for the totals of value cells.", - "title": "ValueCellStyle" } }, + "required": [ + "RoleArn", + "SystemIds", + "Url" + ], "type": "object" }, - "AWS::QuickSight::Analysis.PredefinedHierarchy": { + "AWS::MediaPackage::PackagingConfiguration.StreamSelection": { "additionalProperties": false, "properties": { - "Columns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier" - }, - "markdownDescription": "The list of columns that define the predefined hierarchy.", - "title": "Columns", - "type": "array" + "MaxVideoBitsPerSecond": { + "markdownDescription": "The upper limit of the bitrates that this endpoint serves. If the video track exceeds this threshold, then AWS Elemental MediaPackage excludes it from output. If you don't specify a value, it defaults to 2147483647 bits per second.", + "title": "MaxVideoBitsPerSecond", + "type": "number" }, - "DrillDownFilters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DrillDownFilter" - }, - "markdownDescription": "The option that determines the drill down filters for the predefined hierarchy.", - "title": "DrillDownFilters", - "type": "array" + "MinVideoBitsPerSecond": { + "markdownDescription": "The lower limit of the bitrates that this endpoint serves. If the video track is below this threshold, then AWS Elemental MediaPackage excludes it from output. If you don't specify a value, it defaults to 0 bits per second.", + "title": "MinVideoBitsPerSecond", + "type": "number" }, - "HierarchyId": { - "markdownDescription": "The hierarchy ID of the predefined hierarchy.", - "title": "HierarchyId", + "StreamOrder": { + "markdownDescription": "Order in which the different video bitrates are presented to the player.\n\nValid values: `ORIGINAL` , `VIDEO_BITRATE_ASCENDING` , `VIDEO_BITRATE_DESCENDING` .", + "title": "StreamOrder", "type": "string" } }, - "required": [ - "Columns", - "HierarchyId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.ProgressBarOptions": { + "AWS::MediaPackage::PackagingGroup": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility of the progress bar.", - "title": "Visibility", + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Authorization": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingGroup.Authorization", + "markdownDescription": "Parameters for CDN authorization.", + "title": "Authorization" + }, + "EgressAccessLogs": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingGroup.LogConfiguration", + "markdownDescription": "The configuration parameters for egress access logging.", + "title": "EgressAccessLogs" + }, + "Id": { + "markdownDescription": "Unique identifier that you assign to the packaging group.", + "title": "Id", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to assign to the packaging group.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Id" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaPackage::PackagingGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.RadarChartAggregatedFieldWells": { + "AWS::MediaPackage::PackagingGroup.Authorization": { "additionalProperties": false, "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The aggregated field well categories of a radar chart.", - "title": "Category", - "type": "array" - }, - "Color": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The color that are assigned to the aggregated field wells of a radar chart.", - "title": "Color", - "type": "array" + "CdnIdentifierSecret": { + "markdownDescription": "The Amazon Resource Name (ARN) for the secret in AWS Secrets Manager that is used for CDN authorization.", + "title": "CdnIdentifierSecret", + "type": "string" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The values that are assigned to the aggregated field wells of a radar chart.", - "title": "Values", - "type": "array" + "SecretsRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the IAM role that allows AWS Elemental MediaPackage to communicate with AWS Secrets Manager .", + "title": "SecretsRoleArn", + "type": "string" } }, + "required": [ + "CdnIdentifierSecret", + "SecretsRoleArn" + ], "type": "object" }, - "AWS::QuickSight::Analysis.RadarChartAreaStyleSettings": { + "AWS::MediaPackage::PackagingGroup.LogConfiguration": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility settings of a radar chart.", - "title": "Visibility", + "LogGroupName": { + "markdownDescription": "Sets a custom Amazon CloudWatch log group name for egress logs. If a log group name isn't specified, the default name is used: /aws/MediaPackage/EgressAccessLogs.", + "title": "LogGroupName", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.RadarChartConfiguration": { + "AWS::MediaPackageV2::Channel": { "additionalProperties": false, "properties": { - "AlternateBandColorsVisibility": { - "markdownDescription": "Determines the visibility of the colors of alternatign bands in a radar chart.", - "title": "AlternateBandColorsVisibility", - "type": "string" - }, - "AlternateBandEvenColor": { - "markdownDescription": "The color of the even-numbered alternate bands of a radar chart.", - "title": "AlternateBandEvenColor", - "type": "string" - }, - "AlternateBandOddColor": { - "markdownDescription": "The color of the odd-numbered alternate bands of a radar chart.", - "title": "AlternateBandOddColor", + "Condition": { "type": "string" }, - "AxesRangeScale": { - "markdownDescription": "The axis behavior options of a radar chart.", - "title": "AxesRangeScale", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "BaseSeriesSettings": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartSeriesSettings", - "markdownDescription": "The base sreies settings of a radar chart.", - "title": "BaseSeriesSettings" - }, - "CategoryAxis": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The category axis of a radar chart.", - "title": "CategoryAxis" - }, - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The category label options of a radar chart.", - "title": "CategoryLabelOptions" - }, - "ColorAxis": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The color axis of a radar chart.", - "title": "ColorAxis" - }, - "ColorLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The color label options of a radar chart.", - "title": "ColorLabelOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartFieldWells", - "markdownDescription": "The field well configuration of a `RadarChartVisual` .", - "title": "FieldWells" + "Metadata": { + "type": "object" }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" + "Properties": { + "additionalProperties": false, + "properties": { + "ChannelGroupName": { + "markdownDescription": "The name of the channel group associated with the channel configuration.", + "title": "ChannelGroupName", + "type": "string" + }, + "ChannelName": { + "markdownDescription": "The name of the channel.", + "title": "ChannelName", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the channel.", + "title": "Description", + "type": "string" + }, + "InputSwitchConfiguration": { + "$ref": "#/definitions/AWS::MediaPackageV2::Channel.InputSwitchConfiguration", + "markdownDescription": "The configuration for input switching based on the media quality confidence score (MQCS) as provided from AWS Elemental MediaLive.", + "title": "InputSwitchConfiguration" + }, + "InputType": { + "markdownDescription": "The input type will be an immutable field which will be used to define whether the channel will allow CMAF ingest or HLS ingest. If unprovided, it will default to HLS to preserve current behavior.\n\nThe allowed values are:\n\n- `HLS` - The HLS streaming specification (which defines M3U8 manifests and TS segments).\n- `CMAF` - The DASH-IF CMAF Ingest specification (which defines CMAF segments with optional DASH manifests).", + "title": "InputType", + "type": "string" + }, + "OutputHeaderConfiguration": { + "$ref": "#/definitions/AWS::MediaPackageV2::Channel.OutputHeaderConfiguration", + "markdownDescription": "The settings for what common media server data (CMSD) headers AWS Elemental MediaPackage includes in responses to the CDN.", + "title": "OutputHeaderConfiguration" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "ChannelGroupName", + "ChannelName" + ], + "type": "object" }, - "Shape": { - "markdownDescription": "The shape of the radar chart.", - "title": "Shape", + "Type": { + "enum": [ + "AWS::MediaPackageV2::Channel" + ], "type": "string" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartSortConfiguration", - "markdownDescription": "The sort configuration of a `RadarChartVisual` .", - "title": "SortConfiguration" - }, - "StartAngle": { - "markdownDescription": "The start angle of a radar chart's axis.", - "title": "StartAngle", - "type": "number" - }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.RadarChartFieldWells": { + "AWS::MediaPackageV2::Channel.IngestEndpoint": { "additionalProperties": false, "properties": { - "RadarChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a radar chart visual.", - "title": "RadarChartAggregatedFieldWells" + "Id": { + "markdownDescription": "The identifier associated with the ingest endpoint of the channel.", + "title": "Id", + "type": "string" + }, + "Url": { + "markdownDescription": "The URL associated with the ingest endpoint of the channel.", + "title": "Url", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.RadarChartSeriesSettings": { + "AWS::MediaPackageV2::Channel.InputSwitchConfiguration": { "additionalProperties": false, "properties": { - "AreaStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartAreaStyleSettings", - "markdownDescription": "The area style settings of a radar chart.", - "title": "AreaStyleSettings" + "MQCSInputSwitching": { + "markdownDescription": "When true, AWS Elemental MediaPackage performs input switching based on the MQCS. Default is true. This setting is valid only when `InputType` is `CMAF` .", + "title": "MQCSInputSwitching", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Analysis.RadarChartSortConfiguration": { + "AWS::MediaPackageV2::Channel.OutputHeaderConfiguration": { "additionalProperties": false, "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The category items limit for a radar chart.", - "title": "CategoryItemsLimit" - }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The category sort options of a radar chart.", - "title": "CategorySort", - "type": "array" - }, - "ColorItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The color items limit of a radar chart.", - "title": "ColorItemsLimit" - }, - "ColorSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The color sort configuration of a radar chart.", - "title": "ColorSort", - "type": "array" + "PublishMQCS": { + "markdownDescription": "When true, AWS Elemental MediaPackage includes the MQCS in responses to the CDN. This setting is valid only when `InputType` is `CMAF` .", + "title": "PublishMQCS", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Analysis.RadarChartVisual": { + "AWS::MediaPackageV2::ChannelGroup": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Metadata": { + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Properties": { + "additionalProperties": false, + "properties": { + "ChannelGroupName": { + "markdownDescription": "The name of the channel group.", + "title": "ChannelGroupName", + "type": "string" + }, + "Description": { + "markdownDescription": "The configuration for a MediaPackage V2 channel group.", + "title": "Description", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags associated with the channel group.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "ChannelGroupName" + ], + "type": "object" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "Type": { + "enum": [ + "AWS::MediaPackageV2::ChannelGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.RangeEndsLabelType": { + "AWS::MediaPackageV2::ChannelPolicy": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility of the range ends label.", - "title": "Visibility", + "Condition": { "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.ReferenceLine": { - "additionalProperties": false, - "properties": { - "DataConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineDataConfiguration", - "markdownDescription": "The data configuration of the reference line.", - "title": "DataConfiguration" }, - "LabelConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineLabelConfiguration", - "markdownDescription": "The label configuration of the reference line.", - "title": "LabelConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Status": { - "markdownDescription": "The status of the reference line. Choose one of the following options:\n\n- `ENABLE`\n- `DISABLE`", - "title": "Status", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ChannelGroupName": { + "markdownDescription": "The name of the channel group associated with the channel policy.", + "title": "ChannelGroupName", + "type": "string" + }, + "ChannelName": { + "markdownDescription": "The name of the channel associated with the channel policy.", + "title": "ChannelName", + "type": "string" + }, + "Policy": { + "markdownDescription": "The policy associated with the channel.", + "title": "Policy", + "type": "object" + } + }, + "required": [ + "ChannelGroupName", + "ChannelName", + "Policy" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaPackageV2::ChannelPolicy" + ], "type": "string" }, - "StyleConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineStyleConfiguration", - "markdownDescription": "The style configuration of the reference line.", - "title": "StyleConfiguration" - } - }, - "required": [ - "DataConfiguration" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.ReferenceLineCustomLabelConfiguration": { - "additionalProperties": false, - "properties": { - "CustomLabel": { - "markdownDescription": "The string text of the custom label.", - "title": "CustomLabel", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "CustomLabel" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.ReferenceLineDataConfiguration": { + "AWS::MediaPackageV2::OriginEndpoint": { "additionalProperties": false, "properties": { - "AxisBinding": { - "markdownDescription": "The axis binding type of the reference line. Choose one of the following options:\n\n- `PrimaryY`\n- `SecondaryY`", - "title": "AxisBinding", + "Condition": { "type": "string" }, - "DynamicConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineDynamicDataConfiguration", - "markdownDescription": "The dynamic configuration of the reference line data configuration.", - "title": "DynamicConfiguration" - }, - "SeriesType": { - "markdownDescription": "The series type of the reference line data configuration. Choose one of the following options:\n\n- `BAR`\n- `LINE`", - "title": "SeriesType", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "StaticConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineStaticDataConfiguration", - "markdownDescription": "The static data configuration of the reference line data configuration.", - "title": "StaticConfiguration" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.ReferenceLineDynamicDataConfiguration": { - "additionalProperties": false, - "properties": { - "Calculation": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericalAggregationFunction", - "markdownDescription": "The calculation that is used in the dynamic data.", - "title": "Calculation" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that the dynamic data targets.", - "title": "Column" + "Metadata": { + "type": "object" }, - "MeasureAggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationFunction", - "markdownDescription": "The aggregation function that is used in the dynamic data.", - "title": "MeasureAggregationFunction" + "Properties": { + "additionalProperties": false, + "properties": { + "ChannelGroupName": { + "markdownDescription": "The name of the channel group associated with the origin endpoint configuration.", + "title": "ChannelGroupName", + "type": "string" + }, + "ChannelName": { + "markdownDescription": "The channel name associated with the origin endpoint.", + "title": "ChannelName", + "type": "string" + }, + "ContainerType": { + "markdownDescription": "The container type associated with the origin endpoint configuration.", + "title": "ContainerType", + "type": "string" + }, + "DashManifests": { + "items": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.DashManifestConfiguration" + }, + "markdownDescription": "A DASH manifest configuration.", + "title": "DashManifests", + "type": "array" + }, + "Description": { + "markdownDescription": "The description associated with the origin endpoint.", + "title": "Description", + "type": "string" + }, + "ForceEndpointErrorConfiguration": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.ForceEndpointErrorConfiguration", + "markdownDescription": "The failover settings for the endpoint.", + "title": "ForceEndpointErrorConfiguration" + }, + "HlsManifests": { + "items": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.HlsManifestConfiguration" + }, + "markdownDescription": "The HLS manifests associated with the origin endpoint configuration.", + "title": "HlsManifests", + "type": "array" + }, + "LowLatencyHlsManifests": { + "items": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.LowLatencyHlsManifestConfiguration" + }, + "markdownDescription": "The low-latency HLS (LL-HLS) manifests associated with the origin endpoint.", + "title": "LowLatencyHlsManifests", + "type": "array" + }, + "OriginEndpointName": { + "markdownDescription": "The name of the origin endpoint associated with the origin endpoint configuration.", + "title": "OriginEndpointName", + "type": "string" + }, + "Segment": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.Segment", + "markdownDescription": "The segment associated with the origin endpoint.", + "title": "Segment" + }, + "StartoverWindowSeconds": { + "markdownDescription": "The size of the window (in seconds) to specify a window of the live stream that's available for on-demand viewing. Viewers can start-over or catch-up on content that falls within the window.", + "title": "StartoverWindowSeconds", + "type": "number" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags associated with the origin endpoint.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "ChannelGroupName", + "ChannelName", + "ContainerType", + "OriginEndpointName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaPackageV2::OriginEndpoint" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Calculation", - "Column" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.ReferenceLineLabelConfiguration": { + "AWS::MediaPackageV2::OriginEndpoint.DashBaseUrl": { "additionalProperties": false, "properties": { - "CustomLabelConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineCustomLabelConfiguration", - "markdownDescription": "The custom label configuration of the label in a reference line.", - "title": "CustomLabelConfiguration" - }, - "FontColor": { - "markdownDescription": "The font color configuration of the label in a reference line.", - "title": "FontColor", - "type": "string" + "DvbPriority": { + "markdownDescription": "For use with DVB-DASH profiles only. The priority of this location for servings segments. The lower the number, the higher the priority.", + "title": "DvbPriority", + "type": "number" }, - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", - "markdownDescription": "The font configuration of the label in a reference line.", - "title": "FontConfiguration" + "DvbWeight": { + "markdownDescription": "For use with DVB-DASH profiles only. The weighting for source locations that have the same priority.", + "title": "DvbWeight", + "type": "number" }, - "HorizontalPosition": { - "markdownDescription": "The horizontal position configuration of the label in a reference line. Choose one of the following options:\n\n- `LEFT`\n- `CENTER`\n- `RIGHT`", - "title": "HorizontalPosition", + "ServiceLocation": { + "markdownDescription": "The name of the source location.", + "title": "ServiceLocation", "type": "string" }, - "ValueLabelConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineValueLabelConfiguration", - "markdownDescription": "The value label configuration of the label in a reference line.", - "title": "ValueLabelConfiguration" - }, - "VerticalPosition": { - "markdownDescription": "The vertical position configuration of the label in a reference line. Choose one of the following options:\n\n- `ABOVE`\n- `BELOW`", - "title": "VerticalPosition", + "Url": { + "markdownDescription": "A source location for segments.", + "title": "Url", "type": "string" } }, - "type": "object" - }, - "AWS::QuickSight::Analysis.ReferenceLineStaticDataConfiguration": { - "additionalProperties": false, - "properties": { - "Value": { - "markdownDescription": "The double input of the static data.", - "title": "Value", - "type": "number" - } - }, "required": [ - "Value" + "Url" ], "type": "object" }, - "AWS::QuickSight::Analysis.ReferenceLineStyleConfiguration": { + "AWS::MediaPackageV2::OriginEndpoint.DashDvbFontDownload": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The hex color of the reference line.", - "title": "Color", + "FontFamily": { + "markdownDescription": "The `fontFamily` name for subtitles, as described in [EBU-TT-D Subtitling Distribution Format](https://docs.aws.amazon.com/https://tech.ebu.ch/publications/tech3380) .", + "title": "FontFamily", "type": "string" }, - "Pattern": { - "markdownDescription": "The pattern type of the line style. Choose one of the following options:\n\n- `SOLID`\n- `DASHED`\n- `DOTTED`", - "title": "Pattern", + "MimeType": { + "markdownDescription": "The `mimeType` of the resource that's at the font download URL.\n\nFor information about font MIME types, see the [MPEG-DASH Profile for Transport of ISO BMFF Based DVB Services over IP Based Networks](https://docs.aws.amazon.com/https://dvb.org/wp-content/uploads/2021/06/A168r4_MPEG-DASH-Profile-for-Transport-of-ISO-BMFF-Based-DVB-Services_Draft-ts_103-285-v140_November_2021.pdf) document.", + "title": "MimeType", + "type": "string" + }, + "Url": { + "markdownDescription": "The URL for downloading fonts for subtitles.", + "title": "Url", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ReferenceLineValueLabelConfiguration": { + "AWS::MediaPackageV2::OriginEndpoint.DashDvbMetricsReporting": { "additionalProperties": false, "properties": { - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericFormatConfiguration", - "markdownDescription": "The format configuration of the value label.", - "title": "FormatConfiguration" + "Probability": { + "markdownDescription": "The number of playback devices per 1000 that will send error reports to the reporting URL. This represents the probability that a playback device will be a reporting player for this session.", + "title": "Probability", + "type": "number" }, - "RelativePosition": { - "markdownDescription": "The relative position of the value label. Choose one of the following options:\n\n- `BEFORE_CUSTOM_LABEL`\n- `AFTER_CUSTOM_LABEL`", - "title": "RelativePosition", + "ReportingUrl": { + "markdownDescription": "The URL where playback devices send error reports.", + "title": "ReportingUrl", "type": "string" } }, + "required": [ + "ReportingUrl" + ], "type": "object" }, - "AWS::QuickSight::Analysis.RelativeDateTimeControlDisplayOptions": { + "AWS::MediaPackageV2::OriginEndpoint.DashDvbSettings": { "additionalProperties": false, "properties": { - "DateTimeFormat": { - "markdownDescription": "Customize how dates are formatted in controls.", - "title": "DateTimeFormat", - "type": "string" - }, - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" + "ErrorMetrics": { + "items": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.DashDvbMetricsReporting" + }, + "markdownDescription": "Playback device error reporting settings.", + "title": "ErrorMetrics", + "type": "array" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" + "FontDownload": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.DashDvbFontDownload", + "markdownDescription": "Subtitle font settings.", + "title": "FontDownload" } }, "type": "object" }, - "AWS::QuickSight::Analysis.RelativeDatesFilter": { + "AWS::MediaPackageV2::OriginEndpoint.DashManifestConfiguration": { "additionalProperties": false, "properties": { - "AnchorDateConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AnchorDateConfiguration", - "markdownDescription": "The date configuration of the filter.", - "title": "AnchorDateConfiguration" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" - }, - "ExcludePeriodConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ExcludePeriodConfiguration", - "markdownDescription": "The configuration for the exclude period of the filter.", - "title": "ExcludePeriodConfiguration" + "BaseUrls": { + "items": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.DashBaseUrl" + }, + "markdownDescription": "The base URLs to use for retrieving segments.", + "title": "BaseUrls", + "type": "array" }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", + "Compactness": { + "markdownDescription": "The layout of the DASH manifest that MediaPackage produces. `STANDARD` indicates a default manifest, which is compacted. `NONE` indicates a full manifest.\n\nFor information about compactness, see [DASH manifest compactness](https://docs.aws.amazon.com/mediapackage/latest/userguide/compacted.html) in the *AWS Elemental MediaPackage v2 User Guide* .", + "title": "Compactness", "type": "string" }, - "MinimumGranularity": { - "markdownDescription": "The minimum granularity (period granularity) of the relative dates filter.", - "title": "MinimumGranularity", + "DrmSignaling": { + "markdownDescription": "Determines how the DASH manifest signals the DRM content.", + "title": "DrmSignaling", "type": "string" }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", - "type": "string" + "DvbSettings": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.DashDvbSettings", + "markdownDescription": "For endpoints that use the DVB-DASH profile only. The font download and error reporting information that you want MediaPackage to pass through to the manifest.", + "title": "DvbSettings" }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.", - "title": "ParameterName", - "type": "string" + "FilterConfiguration": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.FilterConfiguration", + "markdownDescription": "Filter configuration includes settings for manifest filtering, start and end times, and time delay that apply to all of your egress requests for this manifest.", + "title": "FilterConfiguration" }, - "RelativeDateType": { - "markdownDescription": "The range date type of the filter. Choose one of the options below:\n\n- `PREVIOUS`\n- `THIS`\n- `LAST`\n- `NOW`\n- `NEXT`", - "title": "RelativeDateType", + "ManifestName": { + "markdownDescription": "A short string that's appended to the endpoint URL. The child manifest name creates a unique path to this endpoint.", + "title": "ManifestName", "type": "string" }, - "RelativeDateValue": { - "markdownDescription": "The date value of the filter.", - "title": "RelativeDateValue", + "ManifestWindowSeconds": { + "markdownDescription": "The total duration (in seconds) of the manifest's content.", + "title": "ManifestWindowSeconds", "type": "number" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", - "type": "string" - } - }, - "required": [ - "AnchorDateConfiguration", - "Column", - "FilterId", - "NullOption", - "RelativeDateType", - "TimeGranularity" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.ResourcePermission": { - "additionalProperties": false, - "properties": { - "Actions": { + "MinBufferTimeSeconds": { + "markdownDescription": "Minimum amount of content (in seconds) that a player must keep available in the buffer.", + "title": "MinBufferTimeSeconds", + "type": "number" + }, + "MinUpdatePeriodSeconds": { + "markdownDescription": "Minimum amount of time (in seconds) that the player should wait before requesting updates to the manifest.", + "title": "MinUpdatePeriodSeconds", + "type": "number" + }, + "PeriodTriggers": { "items": { "type": "string" }, - "markdownDescription": "The IAM action to grant or revoke permissions on.", - "title": "Actions", + "markdownDescription": "A list of triggers that controls when AWS Elemental MediaPackage separates the MPEG-DASH manifest into multiple periods. Type `ADS` to indicate that AWS Elemental MediaPackage must create periods in the output manifest that correspond to SCTE-35 ad markers in the input source. Leave this value empty to indicate that the manifest is contained all in one period. For more information about periods in the DASH manifest, see [Multi-period DASH in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/userguide/multi-period.html) .", + "title": "PeriodTriggers", "type": "array" }, - "Principal": { - "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", - "title": "Principal", + "Profiles": { + "items": { + "type": "string" + }, + "markdownDescription": "The profile that the output is compliant with.", + "title": "Profiles", + "type": "array" + }, + "ProgramInformation": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.DashProgramInformation", + "markdownDescription": "Details about the content that you want MediaPackage to pass through in the manifest to the playback device.", + "title": "ProgramInformation" + }, + "ScteDash": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.ScteDash", + "markdownDescription": "The SCTE configuration.", + "title": "ScteDash" + }, + "SegmentTemplateFormat": { + "markdownDescription": "Determines the type of variable used in the `media` URL of the `SegmentTemplate` tag in the manifest. Also specifies if segment timeline information is included in `SegmentTimeline` or `SegmentTemplate` .\n\nValue description:\n\n- `NUMBER_WITH_TIMELINE` - The `$Number$` variable is used in the `media` URL. The value of this variable is the sequential number of the segment. A full `SegmentTimeline` object is presented in each `SegmentTemplate` .", + "title": "SegmentTemplateFormat", "type": "string" + }, + "SubtitleConfiguration": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.DashSubtitleConfiguration", + "markdownDescription": "The configuration for DASH subtitles.", + "title": "SubtitleConfiguration" + }, + "SuggestedPresentationDelaySeconds": { + "markdownDescription": "The amount of time (in seconds) that the player should be from the end of the manifest.", + "title": "SuggestedPresentationDelaySeconds", + "type": "number" + }, + "UtcTiming": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.DashUtcTiming", + "markdownDescription": "Determines the type of UTC timing included in the DASH Media Presentation Description (MPD).", + "title": "UtcTiming" } }, "required": [ - "Actions", - "Principal" + "ManifestName" ], "type": "object" }, - "AWS::QuickSight::Analysis.RollingDateConfiguration": { + "AWS::MediaPackageV2::OriginEndpoint.DashProgramInformation": { "additionalProperties": false, "properties": { - "DataSetIdentifier": { - "markdownDescription": "The data set that is used in the rolling date configuration.", - "title": "DataSetIdentifier", + "Copyright": { + "markdownDescription": "A copyright statement about the content.", + "title": "Copyright", "type": "string" }, - "Expression": { - "markdownDescription": "The expression of the rolling date configuration.", - "title": "Expression", + "LanguageCode": { + "markdownDescription": "The language code for this manifest.", + "title": "LanguageCode", + "type": "string" + }, + "MoreInformationUrl": { + "markdownDescription": "An absolute URL that contains more information about this content.", + "title": "MoreInformationUrl", + "type": "string" + }, + "Source": { + "markdownDescription": "Information about the content provider.", + "title": "Source", + "type": "string" + }, + "Title": { + "markdownDescription": "The title for the manifest.", + "title": "Title", "type": "string" } }, - "required": [ - "Expression" - ], "type": "object" }, - "AWS::QuickSight::Analysis.RowAlternateColorOptions": { + "AWS::MediaPackageV2::OriginEndpoint.DashSubtitleConfiguration": { "additionalProperties": false, "properties": { - "RowAlternateColors": { - "items": { - "type": "string" - }, - "markdownDescription": "Determines the list of row alternate colors.", - "title": "RowAlternateColors", - "type": "array" - }, - "Status": { - "markdownDescription": "Determines the widget status.", - "title": "Status", - "type": "string" - }, - "UsePrimaryBackgroundColor": { - "markdownDescription": "The primary background color options for alternate rows.", - "title": "UsePrimaryBackgroundColor", - "type": "string" + "TtmlConfiguration": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.DashTtmlConfiguration", + "markdownDescription": "Settings for TTML subtitles.", + "title": "TtmlConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Analysis.SameSheetTargetVisualConfiguration": { + "AWS::MediaPackageV2::OriginEndpoint.DashTtmlConfiguration": { "additionalProperties": false, "properties": { - "TargetVisualOptions": { - "markdownDescription": "The options that choose the target visual in the same sheet.\n\nValid values are defined as follows:\n\n- `ALL_VISUALS` : Applies the filter operation to all visuals in the same sheet.", - "title": "TargetVisualOptions", + "TtmlProfile": { + "markdownDescription": "The profile that MediaPackage uses when signaling subtitles in the manifest. `IMSC` is the default profile. `EBU-TT-D` produces subtitles that are compliant with the EBU-TT-D TTML profile. MediaPackage passes through subtitle styles to the manifest. For more information about EBU-TT-D subtitles, see [EBU-TT-D Subtitling Distribution Format](https://docs.aws.amazon.com/https://tech.ebu.ch/publications/tech3380) .", + "title": "TtmlProfile", "type": "string" - }, - "TargetVisuals": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the target visual IDs that are located in the same sheet of the analysis.", - "title": "TargetVisuals", - "type": "array" } }, + "required": [ + "TtmlProfile" + ], "type": "object" }, - "AWS::QuickSight::Analysis.SankeyDiagramAggregatedFieldWells": { + "AWS::MediaPackageV2::OriginEndpoint.DashUtcTiming": { "additionalProperties": false, "properties": { - "Destination": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The destination field wells of a sankey diagram.", - "title": "Destination", - "type": "array" - }, - "Source": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The source field wells of a sankey diagram.", - "title": "Source", - "type": "array" + "TimingMode": { + "markdownDescription": "The UTC timing mode.", + "title": "TimingMode", + "type": "string" }, - "Weight": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The weight field wells of a sankey diagram.", - "title": "Weight", - "type": "array" + "TimingSource": { + "markdownDescription": "The the method that the player uses to synchronize to coordinated universal time (UTC) wall clock time.", + "title": "TimingSource", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.SankeyDiagramChartConfiguration": { + "AWS::MediaPackageV2::OriginEndpoint.Encryption": { "additionalProperties": false, "properties": { - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", - "markdownDescription": "The data label configuration of a sankey diagram.", - "title": "DataLabels" + "ConstantInitializationVector": { + "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, used in conjunction with the key for encrypting content. If you don't specify a value, then MediaPackage creates the constant initialization vector (IV).", + "title": "ConstantInitializationVector", + "type": "string" }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SankeyDiagramFieldWells", - "markdownDescription": "The field well configuration of a sankey diagram.", - "title": "FieldWells" + "EncryptionMethod": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.EncryptionMethod", + "markdownDescription": "The encryption method to use.", + "title": "EncryptionMethod" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SankeyDiagramSortConfiguration", - "markdownDescription": "The sort configuration of a sankey diagram.", - "title": "SortConfiguration" + "KeyRotationIntervalSeconds": { + "markdownDescription": "The interval, in seconds, to rotate encryption keys for the origin endpoint.", + "title": "KeyRotationIntervalSeconds", + "type": "number" + }, + "SpekeKeyProvider": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.SpekeKeyProvider", + "markdownDescription": "The SPEKE key provider to use for encryption.", + "title": "SpekeKeyProvider" } }, + "required": [ + "EncryptionMethod", + "SpekeKeyProvider" + ], "type": "object" }, - "AWS::QuickSight::Analysis.SankeyDiagramFieldWells": { + "AWS::MediaPackageV2::OriginEndpoint.EncryptionContractConfiguration": { "additionalProperties": false, "properties": { - "SankeyDiagramAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SankeyDiagramAggregatedFieldWells", - "markdownDescription": "The field well configuration of a sankey diagram.", - "title": "SankeyDiagramAggregatedFieldWells" + "PresetSpeke20Audio": { + "markdownDescription": "A collection of audio encryption presets.\n\nValue description:\n\n- `PRESET-AUDIO-1` - Use one content key to encrypt all of the audio tracks in your stream.\n- `PRESET-AUDIO-2` - Use one content key to encrypt all of the stereo audio tracks and one content key to encrypt all of the multichannel audio tracks.\n- `PRESET-AUDIO-3` - Use one content key to encrypt all of the stereo audio tracks, one content key to encrypt all of the multichannel audio tracks with 3 to 6 channels, and one content key to encrypt all of the multichannel audio tracks with more than 6 channels.\n- `SHARED` - Use the same content key for all of the audio and video tracks in your stream.\n- `UNENCRYPTED` - Don't encrypt any of the audio tracks in your stream.", + "title": "PresetSpeke20Audio", + "type": "string" + }, + "PresetSpeke20Video": { + "markdownDescription": "The SPEKE Version 2.0 preset video associated with the encryption contract configuration of the origin endpoint.\n\nA collection of video encryption presets.\n\nValue description:\n\n- `PRESET-VIDEO-1` - Use one content key to encrypt all of the video tracks in your stream.\n- `PRESET-VIDEO-2` - Use one content key to encrypt all of the SD video tracks and one content key for all HD and higher resolutions video tracks.\n- `PRESET-VIDEO-3` - Use one content key to encrypt all of the SD video tracks, one content key for HD video tracks and one content key for all UHD video tracks.\n- `PRESET-VIDEO-4` - Use one content key to encrypt all of the SD video tracks, one content key for HD video tracks, one content key for all UHD1 video tracks and one content key for all UHD2 video tracks.\n- `PRESET-VIDEO-5` - Use one content key to encrypt all of the SD video tracks, one content key for HD1 video tracks, one content key for HD2 video tracks, one content key for all UHD1 video tracks and one content key for all UHD2 video tracks.\n- `PRESET-VIDEO-6` - Use one content key to encrypt all of the SD video tracks, one content key for HD1 video tracks, one content key for HD2 video tracks and one content key for all UHD video tracks.\n- `PRESET-VIDEO-7` - Use one content key to encrypt all of the SD+HD1 video tracks, one content key for HD2 video tracks and one content key for all UHD video tracks.\n- `PRESET-VIDEO-8` - Use one content key to encrypt all of the SD+HD1 video tracks, one content key for HD2 video tracks, one content key for all UHD1 video tracks and one content key for all UHD2 video tracks.\n- `SHARED` - Use the same content key for all of the video and audio tracks in your stream.\n- `UNENCRYPTED` - Don't encrypt any of the video tracks in your stream.", + "title": "PresetSpeke20Video", + "type": "string" } }, + "required": [ + "PresetSpeke20Audio", + "PresetSpeke20Video" + ], "type": "object" }, - "AWS::QuickSight::Analysis.SankeyDiagramSortConfiguration": { + "AWS::MediaPackageV2::OriginEndpoint.EncryptionMethod": { "additionalProperties": false, "properties": { - "DestinationItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of destination nodes that are displayed in a sankey diagram.", - "title": "DestinationItemsLimit" - }, - "SourceItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of source nodes that are displayed in a sankey diagram.", - "title": "SourceItemsLimit" + "CmafEncryptionMethod": { + "markdownDescription": "The encryption method to use.", + "title": "CmafEncryptionMethod", + "type": "string" }, - "WeightSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the weight fields.", - "title": "WeightSort", - "type": "array" + "TsEncryptionMethod": { + "markdownDescription": "The encryption method to use.", + "title": "TsEncryptionMethod", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.SankeyDiagramVisual": { + "AWS::MediaPackageV2::OriginEndpoint.FilterConfiguration": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SankeyDiagramChartConfiguration", - "markdownDescription": "The configuration of a sankey diagram.", - "title": "ChartConfiguration" + "ClipStartTime": { + "markdownDescription": "Optionally specify the clip start time for all of your manifest egress requests. When you include clip start time, note that you cannot use clip start time query parameters for this manifest's endpoint URL.", + "title": "ClipStartTime", + "type": "string" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "End": { + "markdownDescription": "Optionally specify the end time for all of your manifest egress requests. When you include end time, note that you cannot use end time query parameters for this manifest's endpoint URL.", + "title": "End", + "type": "string" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "ManifestFilter": { + "markdownDescription": "Optionally specify one or more manifest filters for all of your manifest egress requests. When you include a manifest filter, note that you cannot use an identical manifest filter query parameter for this manifest's endpoint URL.", + "title": "ManifestFilter", + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "Start": { + "markdownDescription": "Optionally specify the start time for all of your manifest egress requests. When you include start time, note that you cannot use start time query parameters for this manifest's endpoint URL.", + "title": "Start", "type": "string" + }, + "TimeDelaySeconds": { + "markdownDescription": "Optionally specify the time delay for all of your manifest egress requests. Enter a value that is smaller than your endpoint's startover window. When you include time delay, note that you cannot use time delay query parameters for this manifest's endpoint URL.", + "title": "TimeDelaySeconds", + "type": "number" } }, - "required": [ - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.ScatterPlotCategoricallyAggregatedFieldWells": { + "AWS::MediaPackageV2::OriginEndpoint.ForceEndpointErrorConfiguration": { "additionalProperties": false, "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The category field well of a scatter plot.", - "title": "Category", - "type": "array" - }, - "Label": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The label field well of a scatter plot.", - "title": "Label", - "type": "array" - }, - "Size": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The size field well of a scatter plot.", - "title": "Size", - "type": "array" - }, - "XAxis": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The x-axis field well of a scatter plot.\n\nThe x-axis is aggregated by category.", - "title": "XAxis", - "type": "array" - }, - "YAxis": { + "EndpointErrorConditions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + "type": "string" }, - "markdownDescription": "The y-axis field well of a scatter plot.\n\nThe y-axis is aggregated by category.", - "title": "YAxis", + "markdownDescription": "The failover conditions for the endpoint. The options are:\n\n- `STALE_MANIFEST` - The manifest stalled and there are no new segments or parts.\n- `INCOMPLETE_MANIFEST` - There is a gap in the manifest.\n- `MISSING_DRM_KEY` - Key rotation is enabled but we're unable to fetch the key for the current key period.\n- `SLATE_INPUT` - The segments which contain slate content are considered to be missing content.", + "title": "EndpointErrorConditions", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ScatterPlotConfiguration": { + "AWS::MediaPackageV2::OriginEndpoint.HlsManifestConfiguration": { "additionalProperties": false, "properties": { - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.", - "title": "DataLabels" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ScatterPlotFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" + "ChildManifestName": { + "markdownDescription": "The name of the child manifest associated with the HLS manifest configuration.", + "title": "ChildManifestName", + "type": "string" }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" + "FilterConfiguration": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.FilterConfiguration", + "markdownDescription": "Filter configuration includes settings for manifest filtering, start and end times, and time delay that apply to all of your egress requests for this manifest.", + "title": "FilterConfiguration" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Tooltip" + "ManifestName": { + "markdownDescription": "The name of the manifest associated with the HLS manifest configuration.", + "title": "ManifestName", + "type": "string" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" + "ManifestWindowSeconds": { + "markdownDescription": "The duration of the manifest window, in seconds, for the HLS manifest configuration.", + "title": "ManifestWindowSeconds", + "type": "number" }, - "XAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, and axis step) of the scatter plot's x-axis.", - "title": "XAxisDisplayOptions" + "ProgramDateTimeIntervalSeconds": { + "markdownDescription": "The `EXT-X-PROGRAM-DATE-TIME` interval, in seconds, associated with the HLS manifest configuration.", + "title": "ProgramDateTimeIntervalSeconds", + "type": "number" }, - "XAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's x-axis.", - "title": "XAxisLabelOptions" + "ScteHls": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.ScteHls", + "markdownDescription": "THE SCTE-35 HLS configuration associated with the HLS manifest configuration.", + "title": "ScteHls" }, - "YAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, and axis step) of the scatter plot's y-axis.", - "title": "YAxisDisplayOptions" + "StartTag": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.StartTag", + "markdownDescription": "To insert an EXT-X-START tag in your HLS playlist, specify a StartTag configuration object with a valid TimeOffset. When you do, you can also optionally specify whether to include a PRECISE value in the EXT-X-START tag.", + "title": "StartTag" }, - "YAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's y-axis.", - "title": "YAxisLabelOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.ScatterPlotFieldWells": { - "additionalProperties": false, - "properties": { - "ScatterPlotCategoricallyAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ScatterPlotCategoricallyAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a scatter plot. The x and y-axes of scatter plots with aggregated field wells are aggregated by category, label, or both.", - "title": "ScatterPlotCategoricallyAggregatedFieldWells" + "Url": { + "markdownDescription": "The URL of the HLS manifest configuration.", + "title": "Url", + "type": "string" }, - "ScatterPlotUnaggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ScatterPlotUnaggregatedFieldWells", - "markdownDescription": "The unaggregated field wells of a scatter plot. The x and y-axes of these scatter plots are unaggregated.", - "title": "ScatterPlotUnaggregatedFieldWells" + "UrlEncodeChildManifest": { + "markdownDescription": "When enabled, MediaPackage URL-encodes the query string for API requests for HLS child manifests to comply with AWS Signature Version 4 (SigV4) signature signing protocol. For more information, see [AWS Signature Version 4 for API requests](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_sigv.html) in *AWS Identity and Access Management User Guide* .", + "title": "UrlEncodeChildManifest", + "type": "boolean" } }, + "required": [ + "ManifestName" + ], "type": "object" }, - "AWS::QuickSight::Analysis.ScatterPlotUnaggregatedFieldWells": { + "AWS::MediaPackageV2::OriginEndpoint.LowLatencyHlsManifestConfiguration": { "additionalProperties": false, "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The category field well of a scatter plot.", - "title": "Category", - "type": "array" - }, - "Label": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The label field well of a scatter plot.", - "title": "Label", - "type": "array" - }, - "Size": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The size field well of a scatter plot.", - "title": "Size", - "type": "array" + "ChildManifestName": { + "markdownDescription": "The name of the child manifest associated with the low-latency HLS (LL-HLS) manifest configuration of the origin endpoint.", + "title": "ChildManifestName", + "type": "string" }, - "XAxis": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The x-axis field well of a scatter plot.\n\nThe x-axis is a dimension field and cannot be aggregated.", - "title": "XAxis", - "type": "array" + "FilterConfiguration": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.FilterConfiguration", + "markdownDescription": "Filter configuration includes settings for manifest filtering, start and end times, and time delay that apply to all of your egress requests for this manifest.", + "title": "FilterConfiguration" }, - "YAxis": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The y-axis field well of a scatter plot.\n\nThe y-axis is a dimension field and cannot be aggregated.", - "title": "YAxis", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.ScatterPlotVisual": { - "additionalProperties": false, - "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "ManifestName": { + "markdownDescription": "A short string that's appended to the endpoint URL. The manifest name creates a unique path to this endpoint. If you don't enter a value, MediaPackage uses the default manifest name, `index` . MediaPackage automatically inserts the format extension, such as `.m3u8` . You can't use the same manifest name if you use HLS manifest and low-latency HLS manifest. The `manifestName` on the `HLSManifest` object overrides the `manifestName` you provided on the `originEndpoint` object.", + "title": "ManifestName", + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ScatterPlotConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "ManifestWindowSeconds": { + "markdownDescription": "The total duration (in seconds) of the manifest's content.", + "title": "ManifestWindowSeconds", + "type": "number" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "ProgramDateTimeIntervalSeconds": { + "markdownDescription": "Inserts `EXT-X-PROGRAM-DATE-TIME` tags in the output manifest at the interval that you specify. If you don't enter an interval, `EXT-X-PROGRAM-DATE-TIME` tags aren't included in the manifest. The tags sync the stream to the wall clock so that viewers can seek to a specific time in the playback timeline on the player.\n\nIrrespective of this parameter, if any `ID3Timed` metadata is in the HLS input, MediaPackage passes through that metadata to the HLS output.", + "title": "ProgramDateTimeIntervalSeconds", + "type": "number" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "ScteHls": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.ScteHls", + "markdownDescription": "The SCTE-35 HLS configuration associated with the low-latency HLS (LL-HLS) manifest configuration of the origin endpoint.", + "title": "ScteHls" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "StartTag": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.StartTag", + "markdownDescription": "To insert an EXT-X-START tag in your HLS playlist, specify a StartTag configuration object with a valid TimeOffset. When you do, you can also optionally specify whether to include a PRECISE value in the EXT-X-START tag.", + "title": "StartTag" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "Url": { + "markdownDescription": "The URL of the low-latency HLS (LL-HLS) manifest configuration of the origin endpoint.", + "title": "Url", "type": "string" + }, + "UrlEncodeChildManifest": { + "markdownDescription": "When enabled, MediaPackage URL-encodes the query string for API requests for LL-HLS child manifests to comply with AWS Signature Version 4 (SigV4) signature signing protocol. For more information, see [AWS Signature Version 4 for API requests](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_sigv.html) in *AWS Identity and Access Management User Guide* .", + "title": "UrlEncodeChildManifest", + "type": "boolean" } }, "required": [ - "VisualId" + "ManifestName" ], "type": "object" }, - "AWS::QuickSight::Analysis.ScrollBarOptions": { + "AWS::MediaPackageV2::OriginEndpoint.Scte": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility of the data zoom scroll bar.", - "title": "Visibility", - "type": "string" - }, - "VisibleRange": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisibleRangeOptions", - "markdownDescription": "The visibility range for the data zoom scroll bar.", - "title": "VisibleRange" + "ScteFilter": { + "items": { + "type": "string" + }, + "markdownDescription": "The filter associated with the SCTE-35 configuration.", + "title": "ScteFilter", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.SecondaryValueOptions": { + "AWS::MediaPackageV2::OriginEndpoint.ScteDash": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "Determines the visibility of the secondary value.", - "title": "Visibility", + "AdMarkerDash": { + "markdownDescription": "Choose how ad markers are included in the packaged content. If you include ad markers in the content stream in your upstream encoders, then you need to inform MediaPackage what to do with the ad markers in the output.\n\nValue description:\n\n- `Binary` - The SCTE-35 marker is expressed as a hex-string (Base64 string) rather than full XML.\n- `XML` - The SCTE marker is expressed fully in XML.", + "title": "AdMarkerDash", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.SectionAfterPageBreak": { + "AWS::MediaPackageV2::OriginEndpoint.ScteHls": { "additionalProperties": false, "properties": { - "Status": { - "markdownDescription": "The option that enables or disables a page break at the end of a section.", - "title": "Status", + "AdMarkerHls": { + "markdownDescription": "The SCTE-35 HLS ad-marker configuration.", + "title": "AdMarkerHls", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.SectionBasedLayoutCanvasSizeOptions": { - "additionalProperties": false, - "properties": { - "PaperCanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionBasedLayoutPaperCanvasSizeOptions", - "markdownDescription": "The options for a paper canvas of a section-based layout.", - "title": "PaperCanvasSizeOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.SectionBasedLayoutConfiguration": { + "AWS::MediaPackageV2::OriginEndpoint.Segment": { "additionalProperties": false, "properties": { - "BodySections": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BodySectionConfiguration" - }, - "markdownDescription": "A list of body section configurations.", - "title": "BodySections", - "type": "array" + "Encryption": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.Encryption", + "markdownDescription": "Whether to use encryption for the segment.", + "title": "Encryption" }, - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionBasedLayoutCanvasSizeOptions", - "markdownDescription": "The options for the canvas of a section-based layout.", - "title": "CanvasSizeOptions" + "IncludeIframeOnlyStreams": { + "markdownDescription": "Whether the segment includes I-frame-only streams.", + "title": "IncludeIframeOnlyStreams", + "type": "boolean" }, - "FooterSections": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.HeaderFooterSectionConfiguration" - }, - "markdownDescription": "A list of footer section configurations.", - "title": "FooterSections", - "type": "array" + "Scte": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.Scte", + "markdownDescription": "The SCTE-35 configuration associated with the segment.", + "title": "Scte" }, - "HeaderSections": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.HeaderFooterSectionConfiguration" - }, - "markdownDescription": "A list of header section configurations.", - "title": "HeaderSections", - "type": "array" - } - }, - "required": [ - "BodySections", - "CanvasSizeOptions", - "FooterSections", - "HeaderSections" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.SectionBasedLayoutPaperCanvasSizeOptions": { - "additionalProperties": false, - "properties": { - "PaperMargin": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.Spacing", - "markdownDescription": "Defines the spacing between the canvas content and the top, bottom, left, and right edges.", - "title": "PaperMargin" + "SegmentDurationSeconds": { + "markdownDescription": "The duration of the segment, in seconds.", + "title": "SegmentDurationSeconds", + "type": "number" }, - "PaperOrientation": { - "markdownDescription": "The paper orientation that is used to define canvas dimensions. Choose one of the following options:\n\n- PORTRAIT\n- LANDSCAPE", - "title": "PaperOrientation", + "SegmentName": { + "markdownDescription": "The name of the segment associated with the origin endpoint.", + "title": "SegmentName", "type": "string" }, - "PaperSize": { - "markdownDescription": "The paper size that is used to define canvas dimensions.", - "title": "PaperSize", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.SectionLayoutConfiguration": { - "additionalProperties": false, - "properties": { - "FreeFormLayout": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormSectionLayoutConfiguration", - "markdownDescription": "The free-form layout configuration of a section.", - "title": "FreeFormLayout" - } - }, - "required": [ - "FreeFormLayout" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.SectionPageBreakConfiguration": { - "additionalProperties": false, - "properties": { - "After": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionAfterPageBreak", - "markdownDescription": "The configuration of a page break after a section.", - "title": "After" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.SectionStyle": { - "additionalProperties": false, - "properties": { - "Height": { - "markdownDescription": "The height of a section.\n\nHeights can only be defined for header and footer sections. The default height margin is 0.5 inches.", - "title": "Height", - "type": "string" + "TsIncludeDvbSubtitles": { + "markdownDescription": "Whether the segment includes DVB subtitles.", + "title": "TsIncludeDvbSubtitles", + "type": "boolean" }, - "Padding": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.Spacing", - "markdownDescription": "The spacing between section content and its top, bottom, left, and right edges.\n\nThere is no padding by default.", - "title": "Padding" + "TsUseAudioRenditionGroup": { + "markdownDescription": "Whether the segment is an audio rendition group.", + "title": "TsUseAudioRenditionGroup", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Analysis.SelectedSheetsFilterScopeConfiguration": { + "AWS::MediaPackageV2::OriginEndpoint.SpekeKeyProvider": { "additionalProperties": false, "properties": { - "SheetVisualScopingConfigurations": { + "DrmSystems": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetVisualScopingConfiguration" + "type": "string" }, - "markdownDescription": "The sheet ID and visual IDs of the sheet and visuals that the filter is applied to.", - "title": "SheetVisualScopingConfigurations", + "markdownDescription": "The DRM solution provider you're using to protect your content during distribution.", + "title": "DrmSystems", "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.SeriesItem": { - "additionalProperties": false, - "properties": { - "DataFieldSeriesItem": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataFieldSeriesItem", - "markdownDescription": "The data field series item configuration of a line chart.", - "title": "DataFieldSeriesItem" }, - "FieldSeriesItem": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSeriesItem", - "markdownDescription": "The field series item configuration of a line chart.", - "title": "FieldSeriesItem" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.SetParameterValueConfiguration": { - "additionalProperties": false, - "properties": { - "DestinationParameterName": { - "markdownDescription": "The destination parameter name of the `SetParameterValueConfiguration` .", - "title": "DestinationParameterName", + "EncryptionContractConfiguration": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.EncryptionContractConfiguration", + "markdownDescription": "The encryption contract configuration associated with the SPEKE key provider.", + "title": "EncryptionContractConfiguration" + }, + "ResourceId": { + "markdownDescription": "The unique identifier for the content. The service sends this identifier to the key server to identify the current endpoint. How unique you make this identifier depends on how fine-grained you want access controls to be. The service does not permit you to use the same ID for two simultaneous encryption processes. The resource ID is also known as the content ID.\n\nThe following example shows a resource ID: `MovieNight20171126093045`", + "title": "ResourceId", "type": "string" }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DestinationParameterValueConfiguration", - "markdownDescription": "", - "title": "Value" + "RoleArn": { + "markdownDescription": "The ARN for the IAM role granted by the key provider that provides access to the key provider API. This role must have a trust policy that allows MediaPackage to assume the role, and it must have a sufficient permissions policy to allow access to the specific key retrieval URL. Get this from your DRM solution provider.\n\nValid format: `arn:aws:iam::{accountID}:role/{name}` . The following example shows a role ARN: `arn:aws:iam::444455556666:role/SpekeAccess`", + "title": "RoleArn", + "type": "string" + }, + "Url": { + "markdownDescription": "The URL of the SPEKE key provider.", + "title": "Url", + "type": "string" } }, "required": [ - "DestinationParameterName", - "Value" + "DrmSystems", + "EncryptionContractConfiguration", + "ResourceId", + "RoleArn", + "Url" ], "type": "object" }, - "AWS::QuickSight::Analysis.ShapeConditionalFormat": { + "AWS::MediaPackageV2::OriginEndpoint.StartTag": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting for the shape background color of a filled map visual.", - "title": "BackgroundColor" + "Precise": { + "markdownDescription": "Specify the value for PRECISE within your EXT-X-START tag. Leave blank, or choose false, to use the default value NO. Choose yes to use the value YES.", + "title": "Precise", + "type": "boolean" + }, + "TimeOffset": { + "markdownDescription": "Specify the value for TIME-OFFSET within your EXT-X-START tag. Enter a signed floating point value which, if positive, must be less than the configured manifest duration minus three times the configured segment target duration. If negative, the absolute value must be larger than three times the configured segment target duration, and the absolute value must be smaller than the configured manifest duration.", + "title": "TimeOffset", + "type": "number" } }, "required": [ - "BackgroundColor" + "TimeOffset" ], "type": "object" }, - "AWS::QuickSight::Analysis.Sheet": { + "AWS::MediaPackageV2::OriginEndpointPolicy": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of a sheet. This name is displayed on the sheet's tab in the Amazon QuickSight console.", - "title": "Name", + "Condition": { "type": "string" }, - "SheetId": { - "markdownDescription": "The unique identifier associated with a sheet.", - "title": "SheetId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions": { - "additionalProperties": false, - "properties": { - "InfoIconText": { - "markdownDescription": "The text content of info icon.", - "title": "InfoIconText", + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ChannelGroupName": { + "markdownDescription": "The name of the channel group associated with the origin endpoint policy.", + "title": "ChannelGroupName", + "type": "string" + }, + "ChannelName": { + "markdownDescription": "The channel name associated with the origin endpoint policy.", + "title": "ChannelName", + "type": "string" + }, + "OriginEndpointName": { + "markdownDescription": "The name of the origin endpoint associated with the origin endpoint policy.", + "title": "OriginEndpointName", + "type": "string" + }, + "Policy": { + "markdownDescription": "The policy associated with the origin endpoint.", + "title": "Policy", + "type": "object" + } + }, + "required": [ + "ChannelGroupName", + "ChannelName", + "OriginEndpointName", + "Policy" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaPackageV2::OriginEndpointPolicy" + ], "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility configuration of info icon label options.", - "title": "Visibility", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, - "type": "object" - }, - "AWS::QuickSight::Analysis.SheetControlLayout": { - "additionalProperties": false, - "properties": { - "Configuration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlLayoutConfiguration", - "markdownDescription": "The configuration that determines the elements and canvas size options of sheet control.", - "title": "Configuration" - } - }, "required": [ - "Configuration" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.SheetControlLayoutConfiguration": { - "additionalProperties": false, - "properties": { - "GridLayout": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GridLayoutConfiguration", - "markdownDescription": "The configuration that determines the elements and canvas size options of sheet control.", - "title": "GridLayout" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.SheetDefinition": { + "AWS::MediaStore::Container": { "additionalProperties": false, "properties": { - "ContentType": { - "markdownDescription": "The layout content type of the sheet. Choose one of the following options:\n\n- `PAGINATED` : Creates a sheet for a paginated report.\n- `INTERACTIVE` : Creates a sheet for an interactive dashboard.", - "title": "ContentType", + "Condition": { "type": "string" }, - "Description": { - "markdownDescription": "A description of the sheet.", - "title": "Description", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "FilterControls": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterControl" - }, - "markdownDescription": "The list of filter controls that are on a sheet.\n\nFor more information, see [Adding filter controls to analysis sheets](https://docs.aws.amazon.com/quicksight/latest/user/filter-controls.html) in the *Amazon QuickSight User Guide* .", - "title": "FilterControls", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Layouts": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.Layout" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AccessLoggingEnabled": { + "markdownDescription": "The state of access logging on the container. This value is `false` by default, indicating that AWS Elemental MediaStore does not send access logs to Amazon CloudWatch Logs. When you enable access logging on the container, MediaStore changes this value to `true` , indicating that the service delivers access logs for objects stored in that container to CloudWatch Logs.", + "title": "AccessLoggingEnabled", + "type": "boolean" + }, + "ContainerName": { + "markdownDescription": "The name for the container. The name must be from 1 to 255 characters. Container names must be unique to your AWS account within a specific region. As an example, you could create a container named `movies` in every region, as long as you don\u2019t have an existing container with that name.", + "title": "ContainerName", + "type": "string" + }, + "CorsPolicy": { + "items": { + "$ref": "#/definitions/AWS::MediaStore::Container.CorsRule" + }, + "markdownDescription": "> End of support notice: On November 13, 2025, AWS will discontinue support for AWS Elemental MediaStore. After November 13, 2025, you will no longer be able to access the AWS Elemental MediaStore console or AWS Elemental MediaStore resources. For more information, visit this [blog post](https://docs.aws.amazon.com/media/support-for-aws-elemental-mediastore-ending-soon/) . \n\nSets the cross-origin resource sharing (CORS) configuration on a container so that the container can service cross-origin requests. For example, you might want to enable a request whose origin is http://www.example.com to access your AWS Elemental MediaStore container at my.example.container.com by using the browser's XMLHttpRequest capability.\n\nTo enable CORS on a container, you attach a CORS policy to the container. In the CORS policy, you configure rules that identify origins and the HTTP methods that can be executed on your container. The policy can contain up to 398,000 characters. You can add up to 100 rules to a CORS policy. If more than one rule applies, the service uses the first applicable rule listed.\n\nTo learn more about CORS, see [Cross-Origin Resource Sharing (CORS) in AWS Elemental MediaStore](https://docs.aws.amazon.com/mediastore/latest/ug/cors-policy.html) .", + "title": "CorsPolicy", + "type": "array" + }, + "LifecyclePolicy": { + "markdownDescription": "> End of support notice: On November 13, 2025, AWS will discontinue support for AWS Elemental MediaStore. After November 13, 2025, you will no longer be able to access the AWS Elemental MediaStore console or AWS Elemental MediaStore resources. For more information, visit this [blog post](https://docs.aws.amazon.com/media/support-for-aws-elemental-mediastore-ending-soon/) . \n\nWrites an object lifecycle policy to a container. If the container already has an object lifecycle policy, the service replaces the existing policy with the new policy. It takes up to 20 minutes for the change to take effect.\n\nFor information about how to construct an object lifecycle policy, see [Components of an Object Lifecycle Policy](https://docs.aws.amazon.com/mediastore/latest/ug/policies-object-lifecycle-components.html) .", + "title": "LifecyclePolicy", + "type": "string" + }, + "MetricPolicy": { + "$ref": "#/definitions/AWS::MediaStore::Container.MetricPolicy", + "markdownDescription": "The metric policy that is associated with the container. A metric policy allows AWS Elemental MediaStore to send metrics to Amazon CloudWatch. In the policy, you must indicate whether you want MediaStore to send container-level metrics. You can also include rules to define groups of objects that you want MediaStore to send object-level metrics for.\n\nTo view examples of how to construct a metric policy for your use case, see [Example Metric Policies](https://docs.aws.amazon.com/mediastore/latest/ug/policies-metric-examples.html) .", + "title": "MetricPolicy" + }, + "Policy": { + "markdownDescription": "Creates an access policy for the specified container to restrict the users and clients that can access it. For information about the data that is included in an access policy, see the [AWS Identity and Access Management User Guide](https://docs.aws.amazon.com/iam/) .\n\nFor this release of the REST API, you can create only one policy for a container. If you enter `PutContainerPolicy` twice, the second command modifies the existing policy.", + "title": "Policy", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "Layouts define how the components of a sheet are arranged.\n\nFor more information, see [Types of layout](https://docs.aws.amazon.com/quicksight/latest/user/types-of-layout.html) in the *Amazon QuickSight User Guide* .", - "title": "Layouts", - "type": "array" + "required": [ + "ContainerName" + ], + "type": "object" }, - "Name": { - "markdownDescription": "The name of the sheet. This name is displayed on the sheet's tab in the Amazon QuickSight console.", - "title": "Name", + "Type": { + "enum": [ + "AWS::MediaStore::Container" + ], "type": "string" }, - "ParameterControls": { + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::MediaStore::Container.CorsRule": { + "additionalProperties": false, + "properties": { + "AllowedHeaders": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterControl" + "type": "string" }, - "markdownDescription": "The list of parameter controls that are on a sheet.\n\nFor more information, see [Using a Control with a Parameter in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-controls.html) in the *Amazon QuickSight User Guide* .", - "title": "ParameterControls", + "markdownDescription": "Specifies which headers are allowed in a preflight `OPTIONS` request through the `Access-Control-Request-Headers` header. Each header name that is specified in `Access-Control-Request-Headers` must have a corresponding entry in the rule. Only the headers that were requested are sent back.\n\nThis element can contain only one wildcard character (*).", + "title": "AllowedHeaders", "type": "array" }, - "SheetControlLayouts": { + "AllowedMethods": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlLayout" + "type": "string" }, - "markdownDescription": "The control layouts of the sheet.", - "title": "SheetControlLayouts", + "markdownDescription": "Identifies an HTTP method that the origin that is specified in the rule is allowed to execute.\n\nEach CORS rule must contain at least one `AllowedMethods` and one `AllowedOrigins` element.", + "title": "AllowedMethods", "type": "array" }, - "SheetId": { - "markdownDescription": "The unique identifier of a sheet.", - "title": "SheetId", - "type": "string" - }, - "TextBoxes": { + "AllowedOrigins": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetTextBox" + "type": "string" }, - "markdownDescription": "The text boxes that are on a sheet.", - "title": "TextBoxes", + "markdownDescription": "One or more response headers that you want users to be able to access from their applications (for example, from a JavaScript `XMLHttpRequest` object).\n\nEach CORS rule must have at least one `AllowedOrigins` element. The string value can include only one wildcard character (*), for example, http://*.example.com. Additionally, you can specify only one wildcard character to allow cross-origin access for all origins.", + "title": "AllowedOrigins", "type": "array" }, - "Title": { - "markdownDescription": "The title of the sheet.", - "title": "Title", - "type": "string" - }, - "Visuals": { + "ExposeHeaders": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.Visual" + "type": "string" }, - "markdownDescription": "A list of the visuals that are on a sheet. Visual placement is determined by the layout of the sheet.", - "title": "Visuals", + "markdownDescription": "One or more headers in the response that you want users to be able to access from their applications (for example, from a JavaScript `XMLHttpRequest` object).\n\nThis element is optional for each rule.", + "title": "ExposeHeaders", "type": "array" + }, + "MaxAgeSeconds": { + "markdownDescription": "The time in seconds that your browser caches the preflight response for the specified resource.\n\nA CORS rule can have only one `MaxAgeSeconds` element.", + "title": "MaxAgeSeconds", + "type": "number" } }, - "required": [ - "SheetId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.SheetElementConfigurationOverrides": { + "AWS::MediaStore::Container.MetricPolicy": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "Determines whether or not the overrides are visible. Choose one of the following options:\n\n- `VISIBLE`\n- `HIDDEN`", - "title": "Visibility", + "ContainerLevelMetrics": { + "markdownDescription": "A setting to enable or disable metrics at the container level.", + "title": "ContainerLevelMetrics", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.SheetElementRenderingRule": { - "additionalProperties": false, - "properties": { - "ConfigurationOverrides": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetElementConfigurationOverrides", - "markdownDescription": "The override configuration of the rendering rules of a sheet.", - "title": "ConfigurationOverrides" }, - "Expression": { - "markdownDescription": "The expression of the rendering rules of a sheet.", - "title": "Expression", - "type": "string" + "MetricPolicyRules": { + "items": { + "$ref": "#/definitions/AWS::MediaStore::Container.MetricPolicyRule" + }, + "markdownDescription": "A parameter that holds an array of rules that enable metrics at the object level. This parameter is optional, but if you choose to include it, you must also include at least one rule. By default, you can include up to five rules. You can also [request a quota increase](https://docs.aws.amazon.com/servicequotas/home?region=us-east-1#!/services/mediastore/quotas) to allow up to 300 rules per policy.", + "title": "MetricPolicyRules", + "type": "array" } }, "required": [ - "ConfigurationOverrides", - "Expression" + "ContainerLevelMetrics" ], "type": "object" }, - "AWS::QuickSight::Analysis.SheetTextBox": { + "AWS::MediaStore::Container.MetricPolicyRule": { "additionalProperties": false, "properties": { - "Content": { - "markdownDescription": "The content that is displayed in the text box.", - "title": "Content", + "ObjectGroup": { + "markdownDescription": "A path or file name that defines which objects to include in the group. Wildcards (*) are acceptable.", + "title": "ObjectGroup", "type": "string" }, - "SheetTextBoxId": { - "markdownDescription": "The unique identifier for a text box. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have text boxes that share identifiers.", - "title": "SheetTextBoxId", + "ObjectGroupName": { + "markdownDescription": "A name that allows you to refer to the object group.", + "title": "ObjectGroupName", "type": "string" } }, "required": [ - "SheetTextBoxId" + "ObjectGroup", + "ObjectGroupName" ], "type": "object" }, - "AWS::QuickSight::Analysis.SheetVisualScopingConfiguration": { + "AWS::MediaTailor::Channel": { "additionalProperties": false, "properties": { - "Scope": { - "markdownDescription": "The scope of the applied entities. Choose one of the following options:\n\n- `ALL_VISUALS`\n- `SELECTED_VISUALS`", - "title": "Scope", + "Condition": { "type": "string" }, - "SheetId": { - "markdownDescription": "The selected sheet that the filter is applied to.", - "title": "SheetId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "VisualIds": { - "items": { - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Audiences": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of audiences defined in channel.", + "title": "Audiences", + "type": "array" + }, + "ChannelName": { + "markdownDescription": "The name of the channel.", + "title": "ChannelName", + "type": "string" + }, + "FillerSlate": { + "$ref": "#/definitions/AWS::MediaTailor::Channel.SlateSource", + "markdownDescription": "The slate used to fill gaps between programs in the schedule. You must configure filler slate if your channel uses the `LINEAR` `PlaybackMode` . MediaTailor doesn't support filler slate for channels using the `LOOP` `PlaybackMode` .", + "title": "FillerSlate" + }, + "LogConfiguration": { + "$ref": "#/definitions/AWS::MediaTailor::Channel.LogConfigurationForChannel", + "markdownDescription": "The log configuration.", + "title": "LogConfiguration" + }, + "Outputs": { + "items": { + "$ref": "#/definitions/AWS::MediaTailor::Channel.RequestOutputItem" + }, + "markdownDescription": "The channel's output properties.", + "title": "Outputs", + "type": "array" + }, + "PlaybackMode": { + "markdownDescription": "The type of playback mode for this channel.\n\n`LINEAR` - Programs play back-to-back only once.\n\n`LOOP` - Programs play back-to-back in an endless loop. When the last program in the schedule plays, playback loops back to the first program in the schedule.", + "title": "PlaybackMode", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to assign to the channel. Tags are key-value pairs that you can associate with Amazon resources to help with organization, access control, and cost tracking. For more information, see [Tagging AWS Elemental MediaTailor Resources](https://docs.aws.amazon.com/mediatailor/latest/ug/tagging.html) .", + "title": "Tags", + "type": "array" + }, + "Tier": { + "markdownDescription": "The tier for this channel. STANDARD tier channels can contain live programs.", + "title": "Tier", + "type": "string" + }, + "TimeShiftConfiguration": { + "$ref": "#/definitions/AWS::MediaTailor::Channel.TimeShiftConfiguration", + "markdownDescription": "The configuration for time-shifted viewing.", + "title": "TimeShiftConfiguration" + } }, - "markdownDescription": "The selected visuals that the filter is applied to.", - "title": "VisualIds", - "type": "array" - } - }, - "required": [ - "Scope", - "SheetId" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.ShortFormatText": { - "additionalProperties": false, - "properties": { - "PlainText": { - "markdownDescription": "Plain text format.", - "title": "PlainText", - "type": "string" + "required": [ + "ChannelName", + "Outputs", + "PlaybackMode" + ], + "type": "object" }, - "RichText": { - "markdownDescription": "Rich text. Examples of rich text include bold, underline, and italics.", - "title": "RichText", + "Type": { + "enum": [ + "AWS::MediaTailor::Channel" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.SimpleClusterMarker": { - "additionalProperties": false, - "properties": { - "Color": { - "markdownDescription": "The color of the simple cluster marker.", - "title": "Color", + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.SliderControlDisplayOptions": { + "AWS::MediaTailor::Channel.DashPlaylistSettings": { "additionalProperties": false, "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" + "ManifestWindowSeconds": { + "markdownDescription": "The total duration (in seconds) of each manifest. Minimum value: `30` seconds. Maximum value: `3600` seconds.", + "title": "ManifestWindowSeconds", + "type": "number" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" + "MinBufferTimeSeconds": { + "markdownDescription": "Minimum amount of content (measured in seconds) that a player must keep available in the buffer. Minimum value: `2` seconds. Maximum value: `60` seconds.", + "title": "MinBufferTimeSeconds", + "type": "number" + }, + "MinUpdatePeriodSeconds": { + "markdownDescription": "Minimum amount of time (in seconds) that the player should wait before requesting updates to the manifest. Minimum value: `2` seconds. Maximum value: `60` seconds.", + "title": "MinUpdatePeriodSeconds", + "type": "number" + }, + "SuggestedPresentationDelaySeconds": { + "markdownDescription": "Amount of time (in seconds) that the player should be from the live point at the end of the manifest. Minimum value: `2` seconds. Maximum value: `60` seconds.", + "title": "SuggestedPresentationDelaySeconds", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.SmallMultiplesAxisProperties": { + "AWS::MediaTailor::Channel.HlsPlaylistSettings": { "additionalProperties": false, "properties": { - "Placement": { - "markdownDescription": "Defines the placement of the axis. By default, axes are rendered `OUTSIDE` of the panels. Axes with `INDEPENDENT` scale are rendered `INSIDE` the panels.", - "title": "Placement", - "type": "string" + "AdMarkupType": { + "items": { + "type": "string" + }, + "markdownDescription": "Determines the type of SCTE 35 tags to use in ad markup. Specify `DATERANGE` to use `DATERANGE` tags (for live or VOD content). Specify `SCTE35_ENHANCED` to use `EXT-X-CUE-OUT` and `EXT-X-CUE-IN` tags (for VOD content only).", + "title": "AdMarkupType", + "type": "array" }, - "Scale": { - "markdownDescription": "Determines whether scale of the axes are shared or independent. The default value is `SHARED` .", - "title": "Scale", - "type": "string" + "ManifestWindowSeconds": { + "markdownDescription": "The total duration (in seconds) of each manifest. Minimum value: `30` seconds. Maximum value: `3600` seconds.", + "title": "ManifestWindowSeconds", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.SmallMultiplesOptions": { + "AWS::MediaTailor::Channel.LogConfigurationForChannel": { "additionalProperties": false, "properties": { - "MaxVisibleColumns": { - "markdownDescription": "Sets the maximum number of visible columns to display in the grid of small multiples panels.\n\nThe default is `Auto` , which automatically adjusts the columns in the grid to fit the overall layout and size of the given chart.", - "title": "MaxVisibleColumns", - "type": "number" - }, - "MaxVisibleRows": { - "markdownDescription": "Sets the maximum number of visible rows to display in the grid of small multiples panels.\n\nThe default value is `Auto` , which automatically adjusts the rows in the grid to fit the overall layout and size of the given chart.", - "title": "MaxVisibleRows", - "type": "number" - }, - "PanelConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PanelConfiguration", - "markdownDescription": "Configures the display options for each small multiples panel.", - "title": "PanelConfiguration" - }, - "XAxis": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SmallMultiplesAxisProperties", - "markdownDescription": "The properties of a small multiples X axis.", - "title": "XAxis" - }, - "YAxis": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SmallMultiplesAxisProperties", - "markdownDescription": "The properties of a small multiples Y axis.", - "title": "YAxis" + "LogTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The log types.", + "title": "LogTypes", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.Spacing": { + "AWS::MediaTailor::Channel.RequestOutputItem": { "additionalProperties": false, "properties": { - "Bottom": { - "markdownDescription": "Define the bottom spacing.", - "title": "Bottom", - "type": "string" + "DashPlaylistSettings": { + "$ref": "#/definitions/AWS::MediaTailor::Channel.DashPlaylistSettings", + "markdownDescription": "DASH manifest configuration parameters.", + "title": "DashPlaylistSettings" }, - "Left": { - "markdownDescription": "Define the left spacing.", - "title": "Left", - "type": "string" + "HlsPlaylistSettings": { + "$ref": "#/definitions/AWS::MediaTailor::Channel.HlsPlaylistSettings", + "markdownDescription": "HLS playlist configuration parameters.", + "title": "HlsPlaylistSettings" }, - "Right": { - "markdownDescription": "Define the right spacing.", - "title": "Right", + "ManifestName": { + "markdownDescription": "The name of the manifest for the channel. The name appears in the `PlaybackUrl` .", + "title": "ManifestName", "type": "string" }, - "Top": { - "markdownDescription": "Define the top spacing.", - "title": "Top", + "SourceGroup": { + "markdownDescription": "A string used to match which `HttpPackageConfiguration` is used for each `VodSource` .", + "title": "SourceGroup", "type": "string" } }, + "required": [ + "ManifestName", + "SourceGroup" + ], "type": "object" }, - "AWS::QuickSight::Analysis.StringDefaultValues": { + "AWS::MediaTailor::Channel.SlateSource": { "additionalProperties": false, "properties": { - "DynamicValue": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DynamicDefaultValue", - "markdownDescription": "The dynamic value of the `StringDefaultValues` . Different defaults displayed according to users, groups, and values mapping.", - "title": "DynamicValue" + "SourceLocationName": { + "markdownDescription": "The name of the source location where the slate VOD source is stored.", + "title": "SourceLocationName", + "type": "string" }, - "StaticValues": { - "items": { - "type": "string" - }, - "markdownDescription": "The static values of the `DecimalDefaultValues` .", - "title": "StaticValues", - "type": "array" + "VodSourceName": { + "markdownDescription": "The slate VOD source name. The VOD source must already exist in a source location before it can be used for slate.", + "title": "VodSourceName", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.StringFormatConfiguration": { + "AWS::MediaTailor::Channel.TimeShiftConfiguration": { "additionalProperties": false, "properties": { - "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NullValueFormatConfiguration", - "markdownDescription": "The options that determine the null value format configuration.", - "title": "NullValueFormatConfiguration" - }, - "NumericFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericFormatConfiguration", - "markdownDescription": "The formatting configuration for numeric strings.", - "title": "NumericFormatConfiguration" + "MaxTimeDelaySeconds": { + "markdownDescription": "The maximum time delay for time-shifted viewing. The minimum allowed maximum time delay is 0 seconds, and the maximum allowed maximum time delay is 21600 seconds (6 hours).", + "title": "MaxTimeDelaySeconds", + "type": "number" } }, + "required": [ + "MaxTimeDelaySeconds" + ], "type": "object" }, - "AWS::QuickSight::Analysis.StringParameter": { + "AWS::MediaTailor::ChannelPolicy": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "A display name for a string parameter.", - "title": "Name", + "Condition": { "type": "string" }, - "Values": { - "items": { - "type": "string" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ChannelName": { + "markdownDescription": "The name of the channel associated with this Channel Policy.", + "title": "ChannelName", + "type": "string" + }, + "Policy": { + "markdownDescription": "The IAM policy for the channel. IAM policies are used to control access to your channel.", + "title": "Policy", + "type": "object" + } }, - "markdownDescription": "The values of a string parameter.", - "title": "Values", - "type": "array" + "required": [ + "ChannelName", + "Policy" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaTailor::ChannelPolicy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Name", - "Values" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.StringParameterDeclaration": { + "AWS::MediaTailor::LiveSource": { "additionalProperties": false, "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.StringDefaultValues", - "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", - "title": "DefaultValues" + "Condition": { + "type": "string" }, - "MappedDataSetParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MappedDataSetParameter" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "HttpPackageConfigurations": { + "items": { + "$ref": "#/definitions/AWS::MediaTailor::LiveSource.HttpPackageConfiguration" + }, + "markdownDescription": "The HTTP package configurations for the live source.", + "title": "HttpPackageConfigurations", + "type": "array" + }, + "LiveSourceName": { + "markdownDescription": "The name that's used to refer to a live source.", + "title": "LiveSourceName", + "type": "string" + }, + "SourceLocationName": { + "markdownDescription": "The name of the source location.", + "title": "SourceLocationName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags assigned to the live source. Tags are key-value pairs that you can associate with Amazon resources to help with organization, access control, and cost tracking. For more information, see [Tagging AWS Elemental MediaTailor Resources](https://docs.aws.amazon.com/mediatailor/latest/ug/tagging.html) .", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "", - "title": "MappedDataSetParameters", - "type": "array" + "required": [ + "HttpPackageConfigurations", + "LiveSourceName", + "SourceLocationName" + ], + "type": "object" }, - "Name": { - "markdownDescription": "The name of the parameter that is being declared.", - "title": "Name", + "Type": { + "enum": [ + "AWS::MediaTailor::LiveSource" + ], "type": "string" }, - "ParameterValueType": { - "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", - "title": "ParameterValueType", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "ValueWhenUnset": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.StringValueWhenUnsetConfiguration", - "markdownDescription": "The configuration that defines the default value of a `String` parameter when a value has not been set.", - "title": "ValueWhenUnset" } }, "required": [ - "Name", - "ParameterValueType" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.StringValueWhenUnsetConfiguration": { + "AWS::MediaTailor::LiveSource.HttpPackageConfiguration": { "additionalProperties": false, "properties": { - "CustomValue": { - "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", - "title": "CustomValue", + "Path": { + "markdownDescription": "The relative path to the URL for this VOD source. This is combined with `SourceLocation::HttpConfiguration::BaseUrl` to form a valid URL.", + "title": "Path", "type": "string" }, - "ValueWhenUnsetOption": { - "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", - "title": "ValueWhenUnsetOption", + "SourceGroup": { + "markdownDescription": "The name of the source group. This has to match one of the `Channel::Outputs::SourceGroup` .", + "title": "SourceGroup", + "type": "string" + }, + "Type": { + "markdownDescription": "The streaming protocol for this package configuration. Supported values are `HLS` and `DASH` .", + "title": "Type", "type": "string" } }, + "required": [ + "Path", + "SourceGroup", + "Type" + ], "type": "object" }, - "AWS::QuickSight::Analysis.SubtotalOptions": { + "AWS::MediaTailor::PlaybackConfiguration": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label string for the subtotal cells.", - "title": "CustomLabel", - "type": "string" - }, - "FieldLevel": { - "markdownDescription": "The field level (all, custom, last) for the subtotal cells.", - "title": "FieldLevel", + "Condition": { "type": "string" }, - "FieldLevelOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableFieldSubtotalOptions" - }, - "markdownDescription": "The optional configuration of subtotal cells.", - "title": "FieldLevelOptions", - "type": "array" - }, - "MetricHeaderCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", - "markdownDescription": "The cell styling options for the subtotals of header cells.", - "title": "MetricHeaderCellStyle" - }, - "StyleTargets": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableStyleTarget" - }, - "markdownDescription": "The style targets options for subtotals.", - "title": "StyleTargets", - "type": "array" - }, - "TotalCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", - "markdownDescription": "The cell styling options for the subtotal cells.", - "title": "TotalCellStyle" - }, - "TotalsVisibility": { - "markdownDescription": "The visibility configuration for the subtotal cells.", - "title": "TotalsVisibility", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ValueCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", - "markdownDescription": "The cell styling options for the subtotals of value cells.", - "title": "ValueCellStyle" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.TableAggregatedFieldWells": { - "additionalProperties": false, - "properties": { - "GroupBy": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The group by field well for a pivot table. Values are grouped by group by fields.", - "title": "GroupBy", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AdConditioningConfiguration": { + "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.AdConditioningConfiguration", + "markdownDescription": "The setting that indicates what conditioning MediaTailor will perform on ads that the ad decision server (ADS) returns, and what priority MediaTailor uses when inserting ads.", + "title": "AdConditioningConfiguration" + }, + "AdDecisionServerUrl": { + "markdownDescription": "The URL for the ad decision server (ADS). This includes the specification of static parameters and placeholders for dynamic parameters. AWS Elemental MediaTailor substitutes player-specific and session-specific parameters as needed when calling the ADS. Alternately, for testing you can provide a static VAST URL. The maximum length is 25,000 characters.", + "title": "AdDecisionServerUrl", + "type": "string" + }, + "AvailSuppression": { + "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.AvailSuppression", + "markdownDescription": "The configuration for avail suppression, also known as ad suppression. For more information about ad suppression, see [Ad Suppression](https://docs.aws.amazon.com/mediatailor/latest/ug/ad-behavior.html) .", + "title": "AvailSuppression" + }, + "Bumper": { + "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.Bumper", + "markdownDescription": "The configuration for bumpers. Bumpers are short audio or video clips that play at the start or before the end of an ad break. To learn more about bumpers, see [Bumpers](https://docs.aws.amazon.com/mediatailor/latest/ug/bumpers.html) .", + "title": "Bumper" + }, + "CdnConfiguration": { + "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.CdnConfiguration", + "markdownDescription": "The configuration for using a content delivery network (CDN), like Amazon CloudFront, for content and ad segment management.", + "title": "CdnConfiguration" + }, + "ConfigurationAliases": { + "additionalProperties": true, + "markdownDescription": "The player parameters and aliases used as dynamic variables during session initialization. For more information, see [Domain Variables](https://docs.aws.amazon.com/mediatailor/latest/ug/variables-domain.html) .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "object" + } + }, + "title": "ConfigurationAliases", + "type": "object" + }, + "DashConfiguration": { + "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.DashConfiguration", + "markdownDescription": "The configuration for a DASH source.", + "title": "DashConfiguration" + }, + "HlsConfiguration": { + "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.HlsConfiguration", + "markdownDescription": "The configuration for HLS content.", + "title": "HlsConfiguration" + }, + "InsertionMode": { + "markdownDescription": "The setting that controls whether players can use stitched or guided ad insertion. The default, `STITCHED_ONLY` , forces all player sessions to use stitched (server-side) ad insertion. Choosing `PLAYER_SELECT` allows players to select either stitched or guided ad insertion at session-initialization time. The default for players that do not specify an insertion mode is stitched.", + "title": "InsertionMode", + "type": "string" + }, + "LivePreRollConfiguration": { + "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.LivePreRollConfiguration", + "markdownDescription": "The configuration for pre-roll ad insertion.", + "title": "LivePreRollConfiguration" + }, + "LogConfiguration": { + "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.LogConfiguration", + "markdownDescription": "Defines where AWS Elemental MediaTailor sends logs for the playback configuration.", + "title": "LogConfiguration" + }, + "ManifestProcessingRules": { + "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.ManifestProcessingRules", + "markdownDescription": "The configuration for manifest processing rules. Manifest processing rules enable customization of the personalized manifests created by MediaTailor.", + "title": "ManifestProcessingRules" + }, + "Name": { + "markdownDescription": "The identifier for the playback configuration.", + "title": "Name", + "type": "string" + }, + "PersonalizationThresholdSeconds": { + "markdownDescription": "Defines the maximum duration of underfilled ad time (in seconds) allowed in an ad break. If the duration of underfilled ad time exceeds the personalization threshold, then the personalization of the ad break is abandoned and the underlying content is shown. This feature applies to *ad replacement* in live and VOD streams, rather than ad insertion, because it relies on an underlying content stream. For more information about ad break behavior, including ad replacement and insertion, see [Ad Behavior in AWS Elemental MediaTailor](https://docs.aws.amazon.com/mediatailor/latest/ug/ad-behavior.html) .", + "title": "PersonalizationThresholdSeconds", + "type": "number" + }, + "SlateAdUrl": { + "markdownDescription": "The URL for a video asset to transcode and use to fill in time that's not used by ads. AWS Elemental MediaTailor shows the slate to fill in gaps in media content. Configuring the slate is optional for non-VPAID playback configurations. For VPAID, the slate is required because MediaTailor provides it in the slots designated for dynamic ad content. The slate must be a high-quality asset that contains both audio and video.", + "title": "SlateAdUrl", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to assign to the playback configuration. Tags are key-value pairs that you can associate with Amazon resources to help with organization, access control, and cost tracking. For more information, see [Tagging AWS Elemental MediaTailor Resources](https://docs.aws.amazon.com/mediatailor/latest/ug/tagging.html) .", + "title": "Tags", + "type": "array" + }, + "TranscodeProfileName": { + "markdownDescription": "The name that is used to associate this playback configuration with a custom transcode profile. This overrides the dynamic transcoding defaults of MediaTailor. Use this only if you have already set up custom profiles with the help of AWS Support.", + "title": "TranscodeProfileName", + "type": "string" + }, + "VideoContentSourceUrl": { + "markdownDescription": "The URL prefix for the parent manifest for the stream, minus the asset ID. The maximum length is 512 characters.", + "title": "VideoContentSourceUrl", + "type": "string" + } }, - "markdownDescription": "The values field well for a pivot table. Values are aggregated based on group by fields.", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.TableBorderOptions": { - "additionalProperties": false, - "properties": { - "Color": { - "markdownDescription": "The color of a table border.", - "title": "Color", - "type": "string" + "required": [ + "AdDecisionServerUrl", + "Name", + "VideoContentSourceUrl" + ], + "type": "object" }, - "Style": { - "markdownDescription": "The style (none, solid) of a table border.", - "title": "Style", + "Type": { + "enum": [ + "AWS::MediaTailor::PlaybackConfiguration" + ], "type": "string" }, - "Thickness": { - "markdownDescription": "The thickness of a table border.", - "title": "Thickness", - "type": "number" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.TableCellConditionalFormatting": { - "additionalProperties": false, - "properties": { - "FieldId": { - "markdownDescription": "The field ID of the cell for conditional formatting.", - "title": "FieldId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "TextFormat": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TextConditionalFormat", - "markdownDescription": "The text format of the cell for conditional formatting.", - "title": "TextFormat" } }, "required": [ - "FieldId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.TableCellImageSizingConfiguration": { + "AWS::MediaTailor::PlaybackConfiguration.AdConditioningConfiguration": { "additionalProperties": false, "properties": { - "TableCellImageScalingConfiguration": { - "markdownDescription": "The cell scaling configuration of the sizing options for the table image configuration.", - "title": "TableCellImageScalingConfiguration", + "StreamingMediaFileConditioning": { + "markdownDescription": "For ads that have media files with streaming delivery and supported file extensions, indicates what transcoding action MediaTailor takes when it first receives these ads from the ADS. `TRANSCODE` indicates that MediaTailor must transcode the ads. `NONE` indicates that you have already transcoded the ads outside of MediaTailor and don't need them transcoded as part of the ad insertion workflow. For more information about ad conditioning see [Using preconditioned ads](https://docs.aws.amazon.com/mediatailor/latest/ug/precondition-ads.html) in the AWS Elemental MediaTailor user guide.", + "title": "StreamingMediaFileConditioning", "type": "string" } }, + "required": [ + "StreamingMediaFileConditioning" + ], "type": "object" }, - "AWS::QuickSight::Analysis.TableCellStyle": { + "AWS::MediaTailor::PlaybackConfiguration.AdMarkerPassthrough": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "markdownDescription": "The background color for the table cells.", - "title": "BackgroundColor", - "type": "string" - }, - "Border": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GlobalTableBorderOptions", - "markdownDescription": "The borders for the table cells.", - "title": "Border" - }, - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", - "markdownDescription": "The font configuration of the table cells.", - "title": "FontConfiguration" - }, - "Height": { - "markdownDescription": "The height color for the table cells.", - "title": "Height", - "type": "number" - }, - "HorizontalTextAlignment": { - "markdownDescription": "The horizontal text alignment (left, center, right, auto) for the table cells.", - "title": "HorizontalTextAlignment", - "type": "string" - }, - "TextWrap": { - "markdownDescription": "The text wrap (none, wrap) for the table cells.", - "title": "TextWrap", - "type": "string" - }, - "VerticalTextAlignment": { - "markdownDescription": "The vertical text alignment (top, middle, bottom) for the table cells.", - "title": "VerticalTextAlignment", - "type": "string" - }, - "Visibility": { - "markdownDescription": "The visibility of the table cells.", - "title": "Visibility", - "type": "string" + "Enabled": { + "markdownDescription": "Enables ad marker passthrough for your configuration.", + "title": "Enabled", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Analysis.TableConditionalFormatting": { + "AWS::MediaTailor::PlaybackConfiguration.AdsInteractionLog": { "additionalProperties": false, "properties": { - "ConditionalFormattingOptions": { + "ExcludeEventTypes": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableConditionalFormattingOption" + "type": "string" }, - "markdownDescription": "Conditional formatting options for a `PivotTableVisual` .", - "title": "ConditionalFormattingOptions", + "markdownDescription": "Indicates that MediaTailor won't emit the selected events in the logs for playback sessions that are initialized with this configuration.", + "title": "ExcludeEventTypes", "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.TableConditionalFormattingOption": { - "additionalProperties": false, - "properties": { - "Cell": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellConditionalFormatting", - "markdownDescription": "The cell conditional formatting option for a table.", - "title": "Cell" - }, - "Row": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableRowConditionalFormatting", - "markdownDescription": "The row conditional formatting option for a table.", - "title": "Row" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.TableConfiguration": { - "additionalProperties": false, - "properties": { - "FieldOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldOptions", - "markdownDescription": "The field options for a table visual.", - "title": "FieldOptions" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "PaginatedReportOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TablePaginatedReportOptions", - "markdownDescription": "The paginated report options for a table visual.", - "title": "PaginatedReportOptions" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableSortConfiguration", - "markdownDescription": "The sort configuration for a `TableVisual` .", - "title": "SortConfiguration" }, - "TableInlineVisualizations": { + "PublishOptInEventTypes": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableInlineVisualization" + "type": "string" }, - "markdownDescription": "A collection of inline visualizations to display within a chart.", - "title": "TableInlineVisualizations", + "markdownDescription": "Indicates that MediaTailor emits `RAW_ADS_RESPONSE` logs for playback sessions that are initialized with this configuration.", + "title": "PublishOptInEventTypes", "type": "array" - }, - "TableOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableOptions", - "markdownDescription": "The table options for a table visual.", - "title": "TableOptions" - }, - "TotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TotalOptions", - "markdownDescription": "The total options for a table visual.", - "title": "TotalOptions" } }, "type": "object" }, - "AWS::QuickSight::Analysis.TableFieldCustomIconContent": { + "AWS::MediaTailor::PlaybackConfiguration.AvailSuppression": { "additionalProperties": false, "properties": { - "Icon": { - "markdownDescription": "The icon set type (link) of the custom icon content for table URL link content.", - "title": "Icon", + "FillPolicy": { + "markdownDescription": "Defines the policy to apply to the avail suppression mode. `BEHIND_LIVE_EDGE` will always use the full avail suppression policy. `AFTER_LIVE_EDGE` mode can be used to invoke partial ad break fills when a session starts mid-break.", + "title": "FillPolicy", + "type": "string" + }, + "Mode": { + "markdownDescription": "Sets the ad suppression mode. By default, ad suppression is off and all ad breaks are filled with ads or slate. When Mode is set to `BEHIND_LIVE_EDGE` , ad suppression is active and MediaTailor won't fill ad breaks on or behind the ad suppression Value time in the manifest lookback window. When Mode is set to `AFTER_LIVE_EDGE` , ad suppression is active and MediaTailor won't fill ad breaks that are within the live edge plus the avail suppression value.", + "title": "Mode", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.TableFieldCustomTextContent": { - "additionalProperties": false, - "properties": { - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", - "markdownDescription": "The font configuration of the custom text content for the table URL link content.", - "title": "FontConfiguration" }, "Value": { - "markdownDescription": "The string value of the custom text content for the table URL link content.", + "markdownDescription": "A live edge offset time in HH:MM:SS. MediaTailor won't fill ad breaks on or behind this time in the manifest lookback window. If Value is set to 00:00:00, it is in sync with the live edge, and MediaTailor won't fill any ad breaks on or behind the live edge. If you set a Value time, MediaTailor won't fill any ad breaks on or behind this time in the manifest lookback window. For example, if you set 00:45:00, then MediaTailor will fill ad breaks that occur within 45 minutes behind the live edge, but won't fill ad breaks on or behind 45 minutes behind the live edge.", "title": "Value", "type": "string" } }, - "required": [ - "FontConfiguration" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.TableFieldImageConfiguration": { - "additionalProperties": false, - "properties": { - "SizingOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellImageSizingConfiguration", - "markdownDescription": "The sizing options for the table image configuration.", - "title": "SizingOptions" - } - }, "type": "object" }, - "AWS::QuickSight::Analysis.TableFieldLinkConfiguration": { + "AWS::MediaTailor::PlaybackConfiguration.Bumper": { "additionalProperties": false, "properties": { - "Content": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldLinkContentConfiguration", - "markdownDescription": "The URL content (text, icon) for the table link configuration.", - "title": "Content" + "EndUrl": { + "markdownDescription": "The URL for the end bumper asset.", + "title": "EndUrl", + "type": "string" }, - "Target": { - "markdownDescription": "The URL target (new tab, new window, same tab) for the table link configuration.", - "title": "Target", + "StartUrl": { + "markdownDescription": "The URL for the start bumper asset.", + "title": "StartUrl", "type": "string" } }, - "required": [ - "Content", - "Target" - ], "type": "object" }, - "AWS::QuickSight::Analysis.TableFieldLinkContentConfiguration": { + "AWS::MediaTailor::PlaybackConfiguration.CdnConfiguration": { "additionalProperties": false, "properties": { - "CustomIconContent": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldCustomIconContent", - "markdownDescription": "The custom icon content for the table link content configuration.", - "title": "CustomIconContent" + "AdSegmentUrlPrefix": { + "markdownDescription": "A non-default content delivery network (CDN) to serve ad segments. By default, AWS Elemental MediaTailor uses Amazon CloudFront with default cache settings as its CDN for ad segments. To set up an alternate CDN, create a rule in your CDN for the origin ads.mediatailor. ** .amazonaws.com. Then specify the rule's name in this `AdSegmentUrlPrefix` . When AWS Elemental MediaTailor serves a manifest, it reports your CDN as the source for ad segments.", + "title": "AdSegmentUrlPrefix", + "type": "string" }, - "CustomTextContent": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldCustomTextContent", - "markdownDescription": "The custom text content (value, font configuration) for the table link content configuration.", - "title": "CustomTextContent" + "ContentSegmentUrlPrefix": { + "markdownDescription": "A content delivery network (CDN) to cache content segments, so that content requests don\u2019t always have to go to the origin server. First, create a rule in your CDN for the content segment origin server. Then specify the rule's name in this `ContentSegmentUrlPrefix` . When AWS Elemental MediaTailor serves a manifest, it reports your CDN as the source for content segments.", + "title": "ContentSegmentUrlPrefix", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.TableFieldOption": { + "AWS::MediaTailor::PlaybackConfiguration.DashConfiguration": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label for a table field.", - "title": "CustomLabel", - "type": "string" - }, - "FieldId": { - "markdownDescription": "The field ID for a table field.", - "title": "FieldId", + "ManifestEndpointPrefix": { + "markdownDescription": "The URL generated by MediaTailor to initiate a playback session. The session uses server-side reporting. This setting is ignored in PUT operations.", + "title": "ManifestEndpointPrefix", "type": "string" }, - "URLStyling": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldURLConfiguration", - "markdownDescription": "The URL configuration for a table field.", - "title": "URLStyling" - }, - "Visibility": { - "markdownDescription": "The visibility of a table field.", - "title": "Visibility", + "MpdLocation": { + "markdownDescription": "The setting that controls whether MediaTailor includes the Location tag in DASH manifests. MediaTailor populates the Location tag with the URL for manifest update requests, to be used by players that don't support sticky redirects. Disable this if you have CDN routing rules set up for accessing MediaTailor manifests, and you are either using client-side reporting or your players support sticky HTTP redirects. Valid values are `DISABLED` and `EMT_DEFAULT` . The `EMT_DEFAULT` setting enables the inclusion of the tag and is the default value.", + "title": "MpdLocation", "type": "string" }, - "Width": { - "markdownDescription": "The width for a table field.", - "title": "Width", + "OriginManifestType": { + "markdownDescription": "The setting that controls whether MediaTailor handles manifests from the origin server as multi-period manifests or single-period manifests. If your origin server produces single-period manifests, set this to `SINGLE_PERIOD` . The default setting is `MULTI_PERIOD` . For multi-period manifests, omit this setting or set it to `MULTI_PERIOD` .", + "title": "OriginManifestType", "type": "string" } }, - "required": [ - "FieldId" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.TableFieldOptions": { - "additionalProperties": false, - "properties": { - "Order": { - "items": { - "type": "string" - }, - "markdownDescription": "The order of the field IDs that are configured as field options for a table visual.", - "title": "Order", - "type": "array" - }, - "PinnedFieldOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TablePinnedFieldOptions", - "markdownDescription": "The settings for the pinned columns of a table visual.", - "title": "PinnedFieldOptions" - }, - "SelectedFieldOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldOption" - }, - "markdownDescription": "The field options to be configured to a table.", - "title": "SelectedFieldOptions", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.TableFieldURLConfiguration": { - "additionalProperties": false, - "properties": { - "ImageConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldImageConfiguration", - "markdownDescription": "The image configuration of a table field URL.", - "title": "ImageConfiguration" - }, - "LinkConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldLinkConfiguration", - "markdownDescription": "The link configuration of a table field URL.", - "title": "LinkConfiguration" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.TableFieldWells": { - "additionalProperties": false, - "properties": { - "TableAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableAggregatedFieldWells", - "markdownDescription": "The aggregated field well for the table.", - "title": "TableAggregatedFieldWells" - }, - "TableUnaggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableUnaggregatedFieldWells", - "markdownDescription": "The unaggregated field well for the table.", - "title": "TableUnaggregatedFieldWells" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.TableInlineVisualization": { - "additionalProperties": false, - "properties": { - "DataBars": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataBarsOptions", - "markdownDescription": "The configuration of the inline visualization of the data bars within a chart.", - "title": "DataBars" - } - }, "type": "object" }, - "AWS::QuickSight::Analysis.TableOptions": { + "AWS::MediaTailor::PlaybackConfiguration.HlsConfiguration": { "additionalProperties": false, "properties": { - "CellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", - "markdownDescription": "The table cell style of table cells.", - "title": "CellStyle" - }, - "HeaderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", - "markdownDescription": "The table cell style of a table header.", - "title": "HeaderStyle" - }, - "Orientation": { - "markdownDescription": "The orientation (vertical, horizontal) for a table.", - "title": "Orientation", + "ManifestEndpointPrefix": { + "markdownDescription": "The URL that is used to initiate a playback session for devices that support Apple HLS. The session uses server-side reporting.", + "title": "ManifestEndpointPrefix", "type": "string" - }, - "RowAlternateColorOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RowAlternateColorOptions", - "markdownDescription": "The row alternate color options (widget status, row alternate colors) for a table.", - "title": "RowAlternateColorOptions" } }, "type": "object" }, - "AWS::QuickSight::Analysis.TablePaginatedReportOptions": { + "AWS::MediaTailor::PlaybackConfiguration.LivePreRollConfiguration": { "additionalProperties": false, "properties": { - "OverflowColumnHeaderVisibility": { - "markdownDescription": "The visibility of repeating header rows on each page.", - "title": "OverflowColumnHeaderVisibility", + "AdDecisionServerUrl": { + "markdownDescription": "The URL for the ad decision server (ADS) for pre-roll ads. This includes the specification of static parameters and placeholders for dynamic parameters. AWS Elemental MediaTailor substitutes player-specific and session-specific parameters as needed when calling the ADS. Alternately, for testing, you can provide a static VAST URL. The maximum length is 25,000 characters.", + "title": "AdDecisionServerUrl", "type": "string" }, - "VerticalOverflowVisibility": { - "markdownDescription": "The visibility of printing table overflow across pages.", - "title": "VerticalOverflowVisibility", - "type": "string" + "MaxDurationSeconds": { + "markdownDescription": "The maximum allowed duration for the pre-roll ad avail. AWS Elemental MediaTailor won't play pre-roll ads to exceed this duration, regardless of the total duration of ads that the ADS returns.", + "title": "MaxDurationSeconds", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.TablePinnedFieldOptions": { + "AWS::MediaTailor::PlaybackConfiguration.LogConfiguration": { "additionalProperties": false, "properties": { - "PinnedLeftFields": { + "AdsInteractionLog": { + "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.AdsInteractionLog", + "markdownDescription": "Settings for customizing what events are included in logs for interactions with the ad decision server (ADS).", + "title": "AdsInteractionLog" + }, + "EnabledLoggingStrategies": { "items": { "type": "string" }, - "markdownDescription": "A list of columns to be pinned to the left of a table visual.", - "title": "PinnedLeftFields", + "markdownDescription": "The method used for collecting logs from AWS Elemental MediaTailor. `LEGACY_CLOUDWATCH` indicates that MediaTailor is sending logs directly to Amazon CloudWatch Logs. `VENDED_LOGS` indicates that MediaTailor is sending logs to CloudWatch, which then vends the logs to your destination of choice. Supported destinations are CloudWatch Logs log group, Amazon S3 bucket, and Amazon Data Firehose stream.", + "title": "EnabledLoggingStrategies", "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.TableRowConditionalFormatting": { - "additionalProperties": false, - "properties": { - "BackgroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting color (solid, gradient) of the background for a table row.", - "title": "BackgroundColor" - }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting color (solid, gradient) of the text for a table row.", - "title": "TextColor" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.TableSideBorderOptions": { - "additionalProperties": false, - "properties": { - "Bottom": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", - "markdownDescription": "The table border options of the bottom border.", - "title": "Bottom" - }, - "InnerHorizontal": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", - "markdownDescription": "The table border options of the inner horizontal border.", - "title": "InnerHorizontal" - }, - "InnerVertical": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", - "markdownDescription": "The table border options of the inner vertical border.", - "title": "InnerVertical" - }, - "Left": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", - "markdownDescription": "The table border options of the left border.", - "title": "Left" - }, - "Right": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", - "markdownDescription": "The table border options of the right border.", - "title": "Right" }, - "Top": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", - "markdownDescription": "The table border options of the top border.", - "title": "Top" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.TableSortConfiguration": { - "additionalProperties": false, - "properties": { - "PaginationConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PaginationConfiguration", - "markdownDescription": "The pagination configuration (page size, page number) for the table.", - "title": "PaginationConfiguration" + "ManifestServiceInteractionLog": { + "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.ManifestServiceInteractionLog", + "markdownDescription": "Settings for customizing what events are included in logs for interactions with the origin server.", + "title": "ManifestServiceInteractionLog" }, - "RowSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The field sort options for rows in the table.", - "title": "RowSort", - "type": "array" + "PercentEnabled": { + "markdownDescription": "The percentage of session logs that MediaTailor sends to your configured log destination. For example, if your playback configuration has 1000 sessions and `percentEnabled` is set to `60` , MediaTailor sends logs for 600 of the sessions to CloudWatch Logs. MediaTailor decides at random which of the playback configuration sessions to send logs for. If you want to view logs for a specific session, you can use the [debug log mode](https://docs.aws.amazon.com/mediatailor/latest/ug/debug-log-mode.html) .\n\nValid values: `0` - `100`", + "title": "PercentEnabled", + "type": "number" } }, + "required": [ + "PercentEnabled" + ], "type": "object" }, - "AWS::QuickSight::Analysis.TableStyleTarget": { + "AWS::MediaTailor::PlaybackConfiguration.ManifestProcessingRules": { "additionalProperties": false, "properties": { - "CellType": { - "markdownDescription": "The cell type of the table style target.", - "title": "CellType", - "type": "string" + "AdMarkerPassthrough": { + "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.AdMarkerPassthrough", + "markdownDescription": "For HLS, when set to `true` , MediaTailor passes through `EXT-X-CUE-IN` , `EXT-X-CUE-OUT` , and `EXT-X-SPLICEPOINT-SCTE35` ad markers from the origin manifest to the MediaTailor personalized manifest.\n\nNo logic is applied to these ad markers. For example, if `EXT-X-CUE-OUT` has a value of `60` , but no ads are filled for that ad break, MediaTailor will not set the value to `0` .", + "title": "AdMarkerPassthrough" } }, - "required": [ - "CellType" - ], "type": "object" }, - "AWS::QuickSight::Analysis.TableUnaggregatedFieldWells": { + "AWS::MediaTailor::PlaybackConfiguration.ManifestServiceInteractionLog": { "additionalProperties": false, "properties": { - "Values": { + "ExcludeEventTypes": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.UnaggregatedField" + "type": "string" }, - "markdownDescription": "The values field well for a pivot table. Values are unaggregated for an unaggregated table.", - "title": "Values", + "markdownDescription": "Indicates that MediaTailor won't emit the selected events in the logs for playback sessions that are initialized with this configuration.", + "title": "ExcludeEventTypes", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.TableVisual": { + "AWS::MediaTailor::SourceLocation": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableConditionalFormatting", - "markdownDescription": "The conditional formatting for a `PivotTableVisual` .", - "title": "ConditionalFormatting" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Metadata": { + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Properties": { + "additionalProperties": false, + "properties": { + "AccessConfiguration": { + "$ref": "#/definitions/AWS::MediaTailor::SourceLocation.AccessConfiguration", + "markdownDescription": "The access configuration for the source location.", + "title": "AccessConfiguration" + }, + "DefaultSegmentDeliveryConfiguration": { + "$ref": "#/definitions/AWS::MediaTailor::SourceLocation.DefaultSegmentDeliveryConfiguration", + "markdownDescription": "The default segment delivery configuration.", + "title": "DefaultSegmentDeliveryConfiguration" + }, + "HttpConfiguration": { + "$ref": "#/definitions/AWS::MediaTailor::SourceLocation.HttpConfiguration", + "markdownDescription": "The HTTP configuration for the source location.", + "title": "HttpConfiguration" + }, + "SegmentDeliveryConfigurations": { + "items": { + "$ref": "#/definitions/AWS::MediaTailor::SourceLocation.SegmentDeliveryConfiguration" + }, + "markdownDescription": "The segment delivery configurations for the source location.", + "title": "SegmentDeliveryConfigurations", + "type": "array" + }, + "SourceLocationName": { + "markdownDescription": "The name of the source location.", + "title": "SourceLocationName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags assigned to the source location. Tags are key-value pairs that you can associate with Amazon resources to help with organization, access control, and cost tracking. For more information, see [Tagging AWS Elemental MediaTailor Resources](https://docs.aws.amazon.com/mediatailor/latest/ug/tagging.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "HttpConfiguration", + "SourceLocationName" + ], + "type": "object" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "Type": { + "enum": [ + "AWS::MediaTailor::SourceLocation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.TextAreaControlDisplayOptions": { + "AWS::MediaTailor::SourceLocation.AccessConfiguration": { "additionalProperties": false, "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" - }, - "PlaceholderOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TextControlPlaceholderOptions", - "markdownDescription": "The configuration of the placeholder options in a text area control.", - "title": "PlaceholderOptions" + "AccessType": { + "markdownDescription": "The type of authentication used to access content from `HttpConfiguration::BaseUrl` on your source location. Accepted value: `S3_SIGV4` .\n\n`S3_SIGV4` - AWS Signature Version 4 authentication for Amazon S3 hosted virtual-style access. If your source location base URL is an Amazon S3 bucket, MediaTailor can use AWS Signature Version 4 (SigV4) authentication to access the bucket where your source content is stored. Your MediaTailor source location baseURL must follow the S3 virtual hosted-style request URL format. For example, https://bucket-name.s3.Region.amazonaws.com/key-name.\n\nBefore you can use `S3_SIGV4` , you must meet these requirements:\n\n\u2022 You must allow MediaTailor to access your S3 bucket by granting mediatailor.amazonaws.com principal access in IAM. For information about configuring access in IAM, see Access management in the IAM User Guide.\n\n\u2022 The mediatailor.amazonaws.com service principal must have permissions to read all top level manifests referenced by the VodSource packaging configurations.\n\n\u2022 The caller of the API must have s3:GetObject IAM permissions to read all top level manifests referenced by your MediaTailor VodSource packaging configurations.", + "title": "AccessType", + "type": "string" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" + "SecretsManagerAccessTokenConfiguration": { + "$ref": "#/definitions/AWS::MediaTailor::SourceLocation.SecretsManagerAccessTokenConfiguration", + "markdownDescription": "AWS Secrets Manager access token configuration parameters.", + "title": "SecretsManagerAccessTokenConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Analysis.TextConditionalFormat": { + "AWS::MediaTailor::SourceLocation.DefaultSegmentDeliveryConfiguration": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting for the text background color.", - "title": "BackgroundColor" - }, - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting for the icon.", - "title": "Icon" - }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting for the text color.", - "title": "TextColor" + "BaseUrl": { + "markdownDescription": "The hostname of the server that will be used to serve segments. This string must include the protocol, such as *https://* .", + "title": "BaseUrl", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.TextControlPlaceholderOptions": { + "AWS::MediaTailor::SourceLocation.HttpConfiguration": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility configuration of the placeholder options in a text control.", - "title": "Visibility", + "BaseUrl": { + "markdownDescription": "The base URL for the source location host server. This string must include the protocol, such as *https://* .", + "title": "BaseUrl", "type": "string" } }, + "required": [ + "BaseUrl" + ], "type": "object" }, - "AWS::QuickSight::Analysis.TextFieldControlDisplayOptions": { + "AWS::MediaTailor::SourceLocation.SecretsManagerAccessTokenConfiguration": { "additionalProperties": false, "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" + "HeaderName": { + "markdownDescription": "The name of the HTTP header used to supply the access token in requests to the source location.", + "title": "HeaderName", + "type": "string" }, - "PlaceholderOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TextControlPlaceholderOptions", - "markdownDescription": "The configuration of the placeholder options in a text field control.", - "title": "PlaceholderOptions" + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Secrets Manager secret that contains the access token.", + "title": "SecretArn", + "type": "string" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" + "SecretStringKey": { + "markdownDescription": "The AWS Secrets Manager [SecretString](https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_CreateSecret.html#SecretsManager-CreateSecret-request-SecretString.html) key associated with the access token. MediaTailor uses the key to look up SecretString key and value pair containing the access token.", + "title": "SecretStringKey", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ThousandSeparatorOptions": { + "AWS::MediaTailor::SourceLocation.SegmentDeliveryConfiguration": { "additionalProperties": false, "properties": { - "Symbol": { - "markdownDescription": "Determines the thousands separator symbol.", - "title": "Symbol", + "BaseUrl": { + "markdownDescription": "The base URL of the host or path of the segment delivery server that you're using to serve segments. This is typically a content delivery network (CDN). The URL can be absolute or relative. To use an absolute URL include the protocol, such as `https://example.com/some/path` . To use a relative URL specify the relative path, such as `/some/path*` .", + "title": "BaseUrl", "type": "string" }, - "Visibility": { - "markdownDescription": "Determines the visibility of the thousands separator.", - "title": "Visibility", + "Name": { + "markdownDescription": "A unique identifier used to distinguish between multiple segment delivery configurations in a source location.", + "title": "Name", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.TimeBasedForecastProperties": { + "AWS::MediaTailor::VodSource": { "additionalProperties": false, "properties": { - "LowerBoundary": { - "markdownDescription": "The lower boundary setup of a forecast computation.", - "title": "LowerBoundary", - "type": "number" + "Condition": { + "type": "string" }, - "PeriodsBackward": { - "markdownDescription": "The periods backward setup of a forecast computation.", - "title": "PeriodsBackward", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "PeriodsForward": { - "markdownDescription": "The periods forward setup of a forecast computation.", - "title": "PeriodsForward", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "PredictionInterval": { - "markdownDescription": "The prediction interval setup of a forecast computation.", - "title": "PredictionInterval", - "type": "number" + "Metadata": { + "type": "object" }, - "Seasonality": { - "markdownDescription": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `NULL` : The input is set to `NULL` .\n- `NON_NULL` : The input is set to a custom value.", - "title": "Seasonality", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "HttpPackageConfigurations": { + "items": { + "$ref": "#/definitions/AWS::MediaTailor::VodSource.HttpPackageConfiguration" + }, + "markdownDescription": "The HTTP package configurations for the VOD source.", + "title": "HttpPackageConfigurations", + "type": "array" + }, + "SourceLocationName": { + "markdownDescription": "The name of the source location that the VOD source is associated with.", + "title": "SourceLocationName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags assigned to the VOD source. Tags are key-value pairs that you can associate with Amazon resources to help with organization, access control, and cost tracking. For more information, see [Tagging AWS Elemental MediaTailor Resources](https://docs.aws.amazon.com/mediatailor/latest/ug/tagging.html) .", + "title": "Tags", + "type": "array" + }, + "VodSourceName": { + "markdownDescription": "The name of the VOD source.", + "title": "VodSourceName", + "type": "string" + } + }, + "required": [ + "HttpPackageConfigurations", + "SourceLocationName", + "VodSourceName" + ], + "type": "object" }, - "UpperBoundary": { - "markdownDescription": "The upper boundary setup of a forecast computation.", - "title": "UpperBoundary", - "type": "number" + "Type": { + "enum": [ + "AWS::MediaTailor::VodSource" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.TimeEqualityFilter": { + "AWS::MediaTailor::VodSource.HttpPackageConfiguration": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" - }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", - "type": "string" - }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `Value` and `RollingDate` .", - "title": "ParameterName", + "Path": { + "markdownDescription": "The relative path to the URL for this VOD source. This is combined with `SourceLocation::HttpConfiguration::BaseUrl` to form a valid URL.", + "title": "Path", "type": "string" }, - "RollingDate": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RollingDateConfiguration", - "markdownDescription": "The rolling date input for the `TimeEquality` filter.\n\nThis field is mutually exclusive to `Value` and `ParameterName` .", - "title": "RollingDate" - }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", + "SourceGroup": { + "markdownDescription": "The name of the source group. This has to match one of the `Channel::Outputs::SourceGroup` .", + "title": "SourceGroup", "type": "string" }, - "Value": { - "markdownDescription": "The value of a `TimeEquality` filter.\n\nThis field is mutually exclusive to `RollingDate` and `ParameterName` .", - "title": "Value", + "Type": { + "markdownDescription": "The streaming protocol for this package configuration. Supported values are `HLS` and `DASH` .", + "title": "Type", "type": "string" } }, "required": [ - "Column", - "FilterId" + "Path", + "SourceGroup", + "Type" ], "type": "object" }, - "AWS::QuickSight::Analysis.TimeRangeDrillDownFilter": { + "AWS::MemoryDB::ACL": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "RangeMaximum": { - "markdownDescription": "The maximum value for the filter value range.", - "title": "RangeMaximum", + "Condition": { "type": "string" }, - "RangeMinimum": { - "markdownDescription": "The minimum value for the filter value range.", - "title": "RangeMinimum", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ACLName": { + "markdownDescription": "The name of the Access Control List.", + "title": "ACLName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + }, + "UserNames": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of users that belong to the Access Control List.", + "title": "UserNames", + "type": "array" + } + }, + "required": [ + "ACLName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MemoryDB::ACL" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Column", - "RangeMaximum", - "RangeMinimum", - "TimeGranularity" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.TimeRangeFilter": { + "AWS::MemoryDB::Cluster": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" - }, - "ExcludePeriodConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ExcludePeriodConfiguration", - "markdownDescription": "The exclude period of the time range filter.", - "title": "ExcludePeriodConfiguration" - }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", + "Condition": { "type": "string" }, - "IncludeMaximum": { - "markdownDescription": "Determines whether the maximum value in the filter value range should be included in the filtered results.", - "title": "IncludeMaximum", - "type": "boolean" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "IncludeMinimum": { - "markdownDescription": "Determines whether the minimum value in the filter value range should be included in the filtered results.", - "title": "IncludeMinimum", - "type": "boolean" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", - "type": "string" + "Metadata": { + "type": "object" }, - "RangeMaximumValue": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TimeRangeFilterValue", - "markdownDescription": "The maximum value for the filter value range.", - "title": "RangeMaximumValue" + "Properties": { + "additionalProperties": false, + "properties": { + "ACLName": { + "markdownDescription": "The name of the Access Control List to associate with the cluster .", + "title": "ACLName", + "type": "string" + }, + "AutoMinorVersionUpgrade": { + "markdownDescription": "When set to true, the cluster will automatically receive minor engine version upgrades after launch.", + "title": "AutoMinorVersionUpgrade", + "type": "boolean" + }, + "ClusterEndpoint": { + "$ref": "#/definitions/AWS::MemoryDB::Cluster.Endpoint", + "markdownDescription": "The cluster 's configuration endpoint.", + "title": "ClusterEndpoint" + }, + "ClusterName": { + "markdownDescription": "The name of the cluster .", + "title": "ClusterName", + "type": "string" + }, + "DataTiering": { + "markdownDescription": "Enables data tiering. Data tiering is only supported for clusters using the r6gd node type. This parameter must be set when using r6gd nodes. For more information, see [Data tiering](https://docs.aws.amazon.com/memorydb/latest/devguide/data-tiering.html) .", + "title": "DataTiering", + "type": "string" + }, + "Description": { + "markdownDescription": "A description of the cluster .", + "title": "Description", + "type": "string" + }, + "Engine": { + "markdownDescription": "The name of the engine used by the cluster.", + "title": "Engine", + "type": "string" + }, + "EngineVersion": { + "markdownDescription": "The Redis engine version used by the cluster .", + "title": "EngineVersion", + "type": "string" + }, + "FinalSnapshotName": { + "markdownDescription": "The user-supplied name of a final cluster snapshot. This is the unique name that identifies the snapshot. MemoryDB creates the snapshot, and then deletes the cluster immediately afterward.", + "title": "FinalSnapshotName", + "type": "string" + }, + "IpDiscovery": { + "markdownDescription": "The mechanism that the cluster uses to discover IP addresses. Returns 'ipv4' when DNS endpoints resolve to IPv4 addresses, or 'ipv6' when DNS endpoints resolve to IPv6 addresses.", + "title": "IpDiscovery", + "type": "string" + }, + "KmsKeyId": { + "markdownDescription": "The ID of the KMS key used to encrypt the cluster .", + "title": "KmsKeyId", + "type": "string" + }, + "MaintenanceWindow": { + "markdownDescription": "Specifies the weekly time range during which maintenance on the cluster is performed. It is specified as a range in the format `ddd:hh24:mi-ddd:hh24:mi` (24H Clock UTC). The minimum maintenance window is a 60 minute period.\n\n*Pattern* : `ddd:hh24:mi-ddd:hh24:mi`", + "title": "MaintenanceWindow", + "type": "string" + }, + "MultiRegionClusterName": { + "markdownDescription": "The name of the multi-Region cluster that this cluster belongs to.", + "title": "MultiRegionClusterName", + "type": "string" + }, + "NetworkType": { + "markdownDescription": "The IP address type for the cluster. Returns 'ipv4' for IPv4 only, 'ipv6' for IPv6 only, or 'dual-stack' if the cluster supports both IPv4 and IPv6 addressing.", + "title": "NetworkType", + "type": "string" + }, + "NodeType": { + "markdownDescription": "The cluster 's node type.", + "title": "NodeType", + "type": "string" + }, + "NumReplicasPerShard": { + "markdownDescription": "The number of replicas to apply to each shard.\n\n*Default value* : `1`\n\n*Maximum value* : `5`", + "title": "NumReplicasPerShard", + "type": "number" + }, + "NumShards": { + "markdownDescription": "The number of shards in the cluster .", + "title": "NumShards", + "type": "number" + }, + "ParameterGroupName": { + "markdownDescription": "The name of the parameter group used by the cluster .", + "title": "ParameterGroupName", + "type": "string" + }, + "Port": { + "markdownDescription": "The port used by the cluster .", + "title": "Port", + "type": "number" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of security group names to associate with this cluster .", + "title": "SecurityGroupIds", + "type": "array" + }, + "SnapshotArns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of Amazon Resource Names (ARN) that uniquely identify the RDB snapshot files stored in Amazon S3. The snapshot files are used to populate the new cluster . The Amazon S3 object name in the ARN cannot contain any commas.", + "title": "SnapshotArns", + "type": "array" + }, + "SnapshotName": { + "markdownDescription": "The name of a snapshot from which to restore data into the new cluster . The snapshot status changes to restoring while the new cluster is being created.", + "title": "SnapshotName", + "type": "string" + }, + "SnapshotRetentionLimit": { + "markdownDescription": "The number of days for which MemoryDB retains automatic snapshots before deleting them. For example, if you set SnapshotRetentionLimit to 5, a snapshot that was taken today is retained for 5 days before being deleted.", + "title": "SnapshotRetentionLimit", + "type": "number" + }, + "SnapshotWindow": { + "markdownDescription": "The daily time range (in UTC) during which MemoryDB begins taking a daily snapshot of your shard. Example: 05:00-09:00 If you do not specify this parameter, MemoryDB automatically chooses an appropriate time range.", + "title": "SnapshotWindow", + "type": "string" + }, + "SnsTopicArn": { + "markdownDescription": "When you pass the logical ID of this resource to the intrinsic `Ref` function, Ref returns the ARN of the SNS topic, such as `arn:aws:memorydb:us-east-1:123456789012:mySNSTopic`", + "title": "SnsTopicArn", + "type": "string" + }, + "SnsTopicStatus": { + "markdownDescription": "The SNS topic must be in Active status to receive notifications.", + "title": "SnsTopicStatus", + "type": "string" + }, + "SubnetGroupName": { + "markdownDescription": "The name of the subnet group used by the cluster .", + "title": "SubnetGroupName", + "type": "string" + }, + "TLSEnabled": { + "markdownDescription": "A flag to indicate if In-transit encryption is enabled.", + "title": "TLSEnabled", + "type": "boolean" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "ACLName", + "ClusterName", + "NodeType" + ], + "type": "object" }, - "RangeMinimumValue": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TimeRangeFilterValue", - "markdownDescription": "The minimum value for the filter value range.", - "title": "RangeMinimumValue" + "Type": { + "enum": [ + "AWS::MemoryDB::Cluster" + ], + "type": "string" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Column", - "FilterId", - "NullOption" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.TimeRangeFilterValue": { + "AWS::MemoryDB::Cluster.Endpoint": { "additionalProperties": false, "properties": { - "Parameter": { - "markdownDescription": "The parameter type input value.", - "title": "Parameter", + "Address": { + "markdownDescription": "The DNS hostname of the node.", + "title": "Address", "type": "string" }, - "RollingDate": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RollingDateConfiguration", - "markdownDescription": "The rolling date input value.", - "title": "RollingDate" - }, - "StaticValue": { - "markdownDescription": "The static input value.", - "title": "StaticValue", - "type": "string" + "Port": { + "markdownDescription": "The port number that the engine is listening on.", + "title": "Port", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.TooltipItem": { + "AWS::MemoryDB::MultiRegionCluster": { "additionalProperties": false, "properties": { - "ColumnTooltipItem": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnTooltipItem", - "markdownDescription": "The tooltip item for the columns that are not part of a field well.", - "title": "ColumnTooltipItem" + "Condition": { + "type": "string" }, - "FieldTooltipItem": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldTooltipItem", - "markdownDescription": "The tooltip item for the fields.", - "title": "FieldTooltipItem" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.TooltipOptions": { - "additionalProperties": false, - "properties": { - "FieldBasedTooltip": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldBasedTooltip", - "markdownDescription": "The setup for the detailed tooltip. The tooltip setup is always saved. The display type is decided based on the tooltip type.", - "title": "FieldBasedTooltip" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "SelectedTooltipType": { - "markdownDescription": "The selected type for the tooltip. Choose one of the following options:\n\n- `BASIC` : A basic tooltip.\n- `DETAILED` : A detailed tooltip.", - "title": "SelectedTooltipType", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the multi-Region cluster.", + "title": "Description", + "type": "string" + }, + "Engine": { + "markdownDescription": "The name of the engine used by the multi-Region cluster.", + "title": "Engine", + "type": "string" + }, + "EngineVersion": { + "markdownDescription": "The version of the engine used by the multi-Region cluster.", + "title": "EngineVersion", + "type": "string" + }, + "MultiRegionClusterNameSuffix": { + "markdownDescription": "A suffix to be added to the Multi-Region cluster name. Amazon MemoryDB automatically applies a prefix to the Multi-Region cluster Name when it is created. Each Amazon Region has its own prefix. For instance, a Multi-Region cluster Name created in the US-West-1 region will begin with \"virxk\", along with the suffix name you provide. The suffix guarantees uniqueness of the Multi-Region cluster name across multiple regions.", + "title": "MultiRegionClusterNameSuffix", + "type": "string" + }, + "MultiRegionParameterGroupName": { + "markdownDescription": "The name of the multi-Region parameter group associated with the cluster.", + "title": "MultiRegionParameterGroupName", + "type": "string" + }, + "NodeType": { + "markdownDescription": "The node type used by the multi-Region cluster.", + "title": "NodeType", + "type": "string" + }, + "NumShards": { + "markdownDescription": "The number of shards in the multi-Region cluster.", + "title": "NumShards", + "type": "number" + }, + "TLSEnabled": { + "markdownDescription": "Indiciates if the multi-Region cluster is TLS enabled.", + "title": "TLSEnabled", + "type": "boolean" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags to be applied to the multi-Region cluster.", + "title": "Tags", + "type": "array" + }, + "UpdateStrategy": { + "markdownDescription": "The strategy to use for the update operation. Supported values are \"coordinated\" or \"uncoordinated\".", + "title": "UpdateStrategy", + "type": "string" + } + }, + "required": [ + "NodeType" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MemoryDB::MultiRegionCluster" + ], "type": "string" }, - "TooltipVisibility": { - "markdownDescription": "Determines whether or not the tooltip is visible.", - "title": "TooltipVisibility", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.TopBottomFilter": { + "AWS::MemoryDB::ParameterGroup": { "additionalProperties": false, "properties": { - "AggregationSortConfigurations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationSortConfiguration" - }, - "markdownDescription": "The aggregation and sort configuration of the top bottom filter.", - "title": "AggregationSortConfigurations", - "type": "array" + "Condition": { + "type": "string" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", - "type": "string" + "Metadata": { + "type": "object" }, - "Limit": { - "markdownDescription": "The number of items to include in the top bottom filter results.", - "title": "Limit", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the parameter group.", + "title": "Description", + "type": "string" + }, + "Family": { + "markdownDescription": "The name of the parameter group family that this parameter group is compatible with.", + "title": "Family", + "type": "string" + }, + "ParameterGroupName": { + "markdownDescription": "The name of the parameter group.", + "title": "ParameterGroupName", + "type": "string" + }, + "Parameters": { + "markdownDescription": "Returns the detailed parameter list for the parameter group.", + "title": "Parameters", + "type": "object" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Family", + "ParameterGroupName" + ], + "type": "object" }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.", - "title": "ParameterName", + "Type": { + "enum": [ + "AWS::MemoryDB::ParameterGroup" + ], "type": "string" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "AggregationSortConfigurations", - "Column", - "FilterId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.TopBottomMoversComputation": { + "AWS::MemoryDB::SubnetGroup": { "additionalProperties": false, "properties": { - "Category": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", - "markdownDescription": "The category field that is used in a computation.", - "title": "Category" - }, - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", + "Condition": { "type": "string" }, - "MoverSize": { - "markdownDescription": "The mover size setup of the top and bottom movers computation.", - "title": "MoverSize", - "type": "number" - }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SortOrder": { - "markdownDescription": "The sort order setup of the top and bottom movers computation.", - "title": "SortOrder", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the subnet group.", + "title": "Description", + "type": "string" + }, + "SubnetGroupName": { + "markdownDescription": "The name of the subnet group to be used for the cluster .", + "title": "SubnetGroupName", + "type": "string" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of Amazon VPC subnet IDs for the subnet group.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "SubnetGroupName", + "SubnetIds" + ], + "type": "object" }, "Type": { - "markdownDescription": "The computation type. Choose from the following options:\n\n- TOP: Top movers computation.\n- BOTTOM: Bottom movers computation.", - "title": "Type", + "enum": [ + "AWS::MemoryDB::SubnetGroup" + ], "type": "string" }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "ComputationId", - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.TopBottomRankedComputation": { + "AWS::MemoryDB::User": { "additionalProperties": false, "properties": { - "Category": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", - "markdownDescription": "The category field that is used in a computation.", - "title": "Category" - }, - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", + "Condition": { "type": "string" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ResultSize": { - "markdownDescription": "The result size of a top and bottom ranked computation.", - "title": "ResultSize", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AccessString": { + "markdownDescription": "Access permissions string used for this user.", + "title": "AccessString", + "type": "string" + }, + "AuthenticationMode": { + "$ref": "#/definitions/AWS::MemoryDB::User.AuthenticationMode", + "markdownDescription": "Denotes whether the user requires a password to authenticate.\n\n*Example:*\n\n`mynewdbuser: Type: AWS::MemoryDB::User Properties: AccessString: on ~* &* +@all AuthenticationMode: Passwords: '1234567890123456' Type: password UserName: mynewdbuser AuthenticationMode: { \"Passwords\": [\"1234567890123456\"], \"Type\": \"Password\" }`", + "title": "AuthenticationMode" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + }, + "UserName": { + "markdownDescription": "The name of the user.", + "title": "UserName", + "type": "string" + } + }, + "required": [ + "UserName" + ], + "type": "object" }, "Type": { - "markdownDescription": "The computation type. Choose one of the following options:\n\n- TOP: A top ranked computation.\n- BOTTOM: A bottom ranked computation.", - "title": "Type", + "enum": [ + "AWS::MemoryDB::User" + ], "type": "string" }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "ComputationId", - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.TotalAggregationComputation": { + "AWS::MemoryDB::User.AuthenticationMode": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", + "Passwords": { + "items": { + "type": "string" + }, + "markdownDescription": "The password(s) used for authentication", + "title": "Passwords", + "type": "array" + }, + "Type": { + "markdownDescription": "Indicates whether the user requires a password to authenticate. All newly-created users require a password.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Neptune::DBCluster": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/AWS::Neptune::DBCluster.DBClusterRole" + }, + "markdownDescription": "Provides a list of the Amazon Identity and Access Management (IAM) roles that are associated with the DB cluster. IAM roles that are associated with a DB cluster grant permission for the DB cluster to access other Amazon services on your behalf.", + "title": "AssociatedRoles", + "type": "array" + }, + "AvailabilityZones": { + "items": { + "type": "string" + }, + "markdownDescription": "Provides the list of EC2 Availability Zones that instances in the DB cluster can be created in.", + "title": "AvailabilityZones", + "type": "array" + }, + "BackupRetentionPeriod": { + "markdownDescription": "Specifies the number of days for which automatic DB snapshots are retained.\n\nAn update may require some interruption. See [ModifyDBInstance](https://docs.aws.amazon.com/neptune/latest/userguide/api-instances.html#ModifyDBInstance) in the Amazon Neptune User Guide for more information.", + "title": "BackupRetentionPeriod", + "type": "number" + }, + "CopyTagsToSnapshot": { + "markdownDescription": "*If set to `true` , tags are copied to any snapshot of the DB cluster that is created.*", + "title": "CopyTagsToSnapshot", + "type": "boolean" + }, + "DBClusterIdentifier": { + "markdownDescription": "Contains a user-supplied DB cluster identifier. This identifier is the unique key that identifies a DB cluster.", + "title": "DBClusterIdentifier", + "type": "string" + }, + "DBClusterParameterGroupName": { + "markdownDescription": "Provides the name of the DB cluster parameter group.\n\nAn update may require some interruption. See [ModifyDBInstance](https://docs.aws.amazon.com/neptune/latest/userguide/api-instances.html#ModifyDBInstance) in the Amazon Neptune User Guide for more information.", + "title": "DBClusterParameterGroupName", + "type": "string" + }, + "DBInstanceParameterGroupName": { + "markdownDescription": "The name of the DB parameter group to apply to all instances of the DB cluster. Used only in case of a major engine version upgrade request\n\nNote that when you apply a parameter group using `DBInstanceParameterGroupName` , parameter changes are applied immediately, not during the next maintenance window.\n\n**Constraints** - The DB parameter group must be in the same DB parameter group family as the target DB cluster version.\n- The `DBInstanceParameterGroupName` parameter is only valid for major engine version upgrades.", + "title": "DBInstanceParameterGroupName", + "type": "string" + }, + "DBPort": { + "markdownDescription": "The port number on which the DB instances in the DB cluster accept connections.\n\nIf not specified, the default port used is `8182` .\n\n> The `Port` property will soon be deprecated. Please update existing templates to use the new `DBPort` property that has the same functionality.", + "title": "DBPort", + "type": "number" + }, + "DBSubnetGroupName": { + "markdownDescription": "Specifies information on the subnet group associated with the DB cluster, including the name, description, and subnets in the subnet group.", + "title": "DBSubnetGroupName", + "type": "string" + }, + "DeletionProtection": { + "markdownDescription": "Indicates whether or not the DB cluster has deletion protection enabled. The database can't be deleted when deletion protection is enabled.", + "title": "DeletionProtection", + "type": "boolean" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies a list of log types that are enabled for export to CloudWatch Logs.", + "title": "EnableCloudwatchLogsExports", + "type": "array" + }, + "EngineVersion": { + "markdownDescription": "Indicates the database engine version.", + "title": "EngineVersion", + "type": "string" + }, + "IamAuthEnabled": { + "markdownDescription": "True if mapping of Amazon Identity and Access Management (IAM) accounts to database accounts is enabled, and otherwise false.", + "title": "IamAuthEnabled", + "type": "boolean" + }, + "KmsKeyId": { + "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key that is used to encrypt the database instances in the DB cluster, such as `arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef` . If you enable the `StorageEncrypted` property but don't specify this property, the default KMS key is used. If you specify this property, you must set the `StorageEncrypted` property to `true` .", + "title": "KmsKeyId", + "type": "string" + }, + "PreferredBackupWindow": { + "markdownDescription": "Specifies the daily time range during which automated backups are created if automated backups are enabled, as determined by the `BackupRetentionPeriod` .\n\nAn update may require some interruption.", + "title": "PreferredBackupWindow", + "type": "string" + }, + "PreferredMaintenanceWindow": { + "markdownDescription": "Specifies the weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).", + "title": "PreferredMaintenanceWindow", + "type": "string" + }, + "RestoreToTime": { + "markdownDescription": "Creates a new DB cluster from a DB snapshot or DB cluster snapshot.\n\nIf a DB snapshot is specified, the target DB cluster is created from the source DB snapshot with a default configuration and default security group.\n\nIf a DB cluster snapshot is specified, the target DB cluster is created from the source DB cluster restore point with the same configuration as the original source DB cluster, except that the new DB cluster is created with the default security group.", + "title": "RestoreToTime", + "type": "string" + }, + "RestoreType": { + "markdownDescription": "Creates a new DB cluster from a DB snapshot or DB cluster snapshot.\n\nIf a DB snapshot is specified, the target DB cluster is created from the source DB snapshot with a default configuration and default security group.\n\nIf a DB cluster snapshot is specified, the target DB cluster is created from the source DB cluster restore point with the same configuration as the original source DB cluster, except that the new DB cluster is created with the default security group.", + "title": "RestoreType", + "type": "string" + }, + "ServerlessScalingConfiguration": { + "$ref": "#/definitions/AWS::Neptune::DBCluster.ServerlessScalingConfiguration", + "markdownDescription": "", + "title": "ServerlessScalingConfiguration" + }, + "SnapshotIdentifier": { + "markdownDescription": "Specifies the identifier for a DB cluster snapshot. Must match the identifier of an existing snapshot.\n\nAfter you restore a DB cluster using a `SnapshotIdentifier` , you must specify the same `SnapshotIdentifier` for any future updates to the DB cluster. When you specify this property for an update, the DB cluster is not restored from the snapshot again, and the data in the database is not changed.\n\nHowever, if you don't specify the `SnapshotIdentifier` , an empty DB cluster is created, and the original DB cluster is deleted. If you specify a property that is different from the previous snapshot restore property, the DB cluster is restored from the snapshot specified by the `SnapshotIdentifier` , and the original DB cluster is deleted.", + "title": "SnapshotIdentifier", + "type": "string" + }, + "SourceDBClusterIdentifier": { + "markdownDescription": "Creates a new DB cluster from a DB snapshot or DB cluster snapshot.\n\nIf a DB snapshot is specified, the target DB cluster is created from the source DB snapshot with a default configuration and default security group.\n\nIf a DB cluster snapshot is specified, the target DB cluster is created from the source DB cluster restore point with the same configuration as the original source DB cluster, except that the new DB cluster is created with the default security group.", + "title": "SourceDBClusterIdentifier", + "type": "string" + }, + "StorageEncrypted": { + "markdownDescription": "Indicates whether the DB cluster is encrypted.\n\nIf you specify the `KmsKeyId` property, then you must enable encryption and set this property to `true` .\n\nIf you enable the `StorageEncrypted` property but don't specify the `KmsKeyId` property, then the default KMS key is used. If you specify the `KmsKeyId` property, then that KMS key is used to encrypt the database instances in the DB cluster.\n\nIf you specify the `SourceDBClusterIdentifier` property, and don't specify this property or disable it, the value is inherited from the source DB cluster. If the source DB cluster is encrypted, the `KmsKeyId` property from the source cluster is used.\n\nIf you specify the `DBSnapshotIdentifier` and don't specify this property or disable it, the value is inherited from the snapshot and the specified `KmsKeyId` property from the snapshot is used.", + "title": "StorageEncrypted", + "type": "boolean" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags assigned to this cluster.", + "title": "Tags", + "type": "array" + }, + "UseLatestRestorableTime": { + "markdownDescription": "Creates a new DB cluster from a DB snapshot or DB cluster snapshot.\n\nIf a DB snapshot is specified, the target DB cluster is created from the source DB snapshot with a default configuration and default security group.\n\nIf a DB cluster snapshot is specified, the target DB cluster is created from the source DB cluster restore point with the same configuration as the original source DB cluster, except that the new DB cluster is created with the default security group.", + "title": "UseLatestRestorableTime", + "type": "boolean" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "Provides a list of VPC security groups that the DB cluster belongs to.", + "title": "VpcSecurityGroupIds", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Neptune::DBCluster" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "ComputationId" + "Type" ], "type": "object" }, - "AWS::QuickSight::Analysis.TotalAggregationFunction": { + "AWS::Neptune::DBCluster.DBClusterRole": { "additionalProperties": false, "properties": { - "SimpleTotalAggregationFunction": { - "markdownDescription": "A built in aggregation function for total values.", - "title": "SimpleTotalAggregationFunction", + "FeatureName": { + "markdownDescription": "The name of the feature associated with the Amazon Identity and Access Management (IAM) role. For the list of supported feature names, see [DescribeDBEngineVersions](https://docs.aws.amazon.com/neptune/latest/userguide/api-other-apis.html#DescribeDBEngineVersions) .", + "title": "FeatureName", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that is associated with the DB cluster.", + "title": "RoleArn", "type": "string" } }, + "required": [ + "RoleArn" + ], "type": "object" }, - "AWS::QuickSight::Analysis.TotalAggregationOption": { + "AWS::Neptune::DBCluster.ServerlessScalingConfiguration": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field id that's associated with the total aggregation option.", - "title": "FieldId", - "type": "string" + "MaxCapacity": { + "markdownDescription": "The maximum number of Neptune capacity units (NCUs) for a DB instance in a Neptune Serverless cluster. You can specify NCU values in half-step increments, such as 40, 40.5, 41, and so on.", + "title": "MaxCapacity", + "type": "number" }, - "TotalAggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TotalAggregationFunction", - "markdownDescription": "The total aggregation function that you want to set for a specified field id.", - "title": "TotalAggregationFunction" + "MinCapacity": { + "markdownDescription": "The minimum number of Neptune capacity units (NCUs) for a DB instance in a Neptune Serverless cluster. You can specify NCU values in half-step increments, such as 8, 8.5, 9, and so on.", + "title": "MinCapacity", + "type": "number" } }, "required": [ - "FieldId", - "TotalAggregationFunction" + "MaxCapacity", + "MinCapacity" ], "type": "object" }, - "AWS::QuickSight::Analysis.TotalOptions": { + "AWS::Neptune::DBClusterParameterGroup": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label string for the total cells.", - "title": "CustomLabel", - "type": "string" - }, - "Placement": { - "markdownDescription": "The placement (start, end) for the total cells.", - "title": "Placement", + "Condition": { "type": "string" }, - "ScrollStatus": { - "markdownDescription": "The scroll status (pinned, scrolled) for the total cells.", - "title": "ScrollStatus", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "TotalAggregationOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TotalAggregationOption" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "Provides the customer-specified description for this DB cluster parameter group.", + "title": "Description", + "type": "string" + }, + "Family": { + "markdownDescription": "Must be `neptune1` for engine versions prior to [1.2.0.0](https://docs.aws.amazon.com/neptune/latest/userguide/engine-releases-1.2.0.0.html) , or `neptune1.2` for engine version `1.2.0.0` and higher.", + "title": "Family", + "type": "string" + }, + "Name": { + "markdownDescription": "Provides the name of the DB cluster parameter group.", + "title": "Name", + "type": "string" + }, + "Parameters": { + "markdownDescription": "The parameters to set for this DB cluster parameter group.\n\nThe parameters are expressed as a JSON object consisting of key-value pairs.\n\nIf you update the parameters, some interruption may occur depending on which parameters you update.", + "title": "Parameters", + "type": "object" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags that you want to attach to this parameter group.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The total aggregation settings for each value field.", - "title": "TotalAggregationOptions", - "type": "array" + "required": [ + "Description", + "Family", + "Parameters" + ], + "type": "object" }, - "TotalCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", - "markdownDescription": "Cell styling options for the total cells.", - "title": "TotalCellStyle" + "Type": { + "enum": [ + "AWS::Neptune::DBClusterParameterGroup" + ], + "type": "string" }, - "TotalsVisibility": { - "markdownDescription": "The visibility configuration for the total cells.", - "title": "TotalsVisibility", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.TreeMapAggregatedFieldWells": { + "AWS::Neptune::DBInstance": { "additionalProperties": false, "properties": { - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The color field well of a tree map. Values are grouped by aggregations based on group by fields.", - "title": "Colors", - "type": "array" + "Condition": { + "type": "string" }, - "Groups": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The group by field well of a tree map. Values are grouped based on group by fields.", - "title": "Groups", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Sizes": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AllowMajorVersionUpgrade": { + "markdownDescription": "Indicates that major version upgrades are allowed. Changing this parameter doesn't result in an outage and the change is asynchronously applied as soon as possible. This parameter must be set to true when specifying a value for the EngineVersion parameter that is a different major version than the DB instance's current version.\n\nWhen you change this parameter for an existing DB cluster, CloudFormation will replace your existing DB cluster with a new, empty one that uses the engine version you specified.", + "title": "AllowMajorVersionUpgrade", + "type": "boolean" + }, + "AutoMinorVersionUpgrade": { + "markdownDescription": "Indicates that minor version patches are applied automatically.\n\nWhen updating this property, some interruptions may occur.", + "title": "AutoMinorVersionUpgrade", + "type": "boolean" + }, + "AvailabilityZone": { + "markdownDescription": "Specifies the name of the Availability Zone the DB instance is located in.", + "title": "AvailabilityZone", + "type": "string" + }, + "DBClusterIdentifier": { + "markdownDescription": "If the DB instance is a member of a DB cluster, contains the name of the DB cluster that the DB instance is a member of.", + "title": "DBClusterIdentifier", + "type": "string" + }, + "DBInstanceClass": { + "markdownDescription": "Contains the name of the compute and memory capacity class of the DB instance.\n\nIf you update this property, some interruptions may occur.", + "title": "DBInstanceClass", + "type": "string" + }, + "DBInstanceIdentifier": { + "markdownDescription": "Contains a user-supplied database identifier. This identifier is the unique key that identifies a DB instance.", + "title": "DBInstanceIdentifier", + "type": "string" + }, + "DBParameterGroupName": { + "markdownDescription": "The name of an existing DB parameter group or a reference to an AWS::Neptune::DBParameterGroup resource created in the template. If any of the data members of the referenced parameter group are changed during an update, the DB instance might need to be restarted, which causes some interruption. If the parameter group contains static parameters, whether they were changed or not, an update triggers a reboot.", + "title": "DBParameterGroupName", + "type": "string" + }, + "DBSubnetGroupName": { + "markdownDescription": "A DB subnet group to associate with the DB instance. If you update this value, the new subnet group must be a subnet group in a new virtual private cloud (VPC).", + "title": "DBSubnetGroupName", + "type": "string" + }, + "PreferredMaintenanceWindow": { + "markdownDescription": "Specifies the weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).", + "title": "PreferredMaintenanceWindow", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An arbitrary set of tags (key-value pairs) for this DB instance.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The size field well of a tree map. Values are aggregated based on group by fields.", - "title": "Sizes", - "type": "array" + "required": [ + "DBInstanceClass" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Neptune::DBInstance" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.TreeMapConfiguration": { + "AWS::Neptune::DBParameterGroup": { "additionalProperties": false, "properties": { - "ColorLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility) for the colors displayed in a tree map.", - "title": "ColorLabelOptions" - }, - "ColorScale": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColorScale", - "markdownDescription": "The color options (gradient color, point of divergence) of a tree map.", - "title": "ColorScale" - }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.", - "title": "DataLabels" + "Condition": { + "type": "string" }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TreeMapFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "GroupLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility) of the groups that are displayed in a tree map.", - "title": "GroupLabelOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" + "Metadata": { + "type": "object" }, - "SizeLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility) of the sizes that are displayed in a tree map.", - "title": "SizeLabelOptions" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "Provides the customer-specified description for this DB parameter group.", + "title": "Description", + "type": "string" + }, + "Family": { + "markdownDescription": "Must be `neptune1` for engine versions prior to [1.2.0.0](https://docs.aws.amazon.com/neptune/latest/userguide/engine-releases-1.2.0.0.html) , or `neptune1.2` for engine version `1.2.0.0` and higher.", + "title": "Family", + "type": "string" + }, + "Name": { + "markdownDescription": "Provides the name of the DB parameter group.", + "title": "Name", + "type": "string" + }, + "Parameters": { + "markdownDescription": "The parameters to set for this DB parameter group.\n\nThe parameters are expressed as a JSON object consisting of key-value pairs.\n\nChanges to dynamic parameters are applied immediately. During an update, if you have static parameters (whether they were changed or not), it triggers AWS CloudFormation to reboot the associated DB instance without failover.", + "title": "Parameters", + "type": "object" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags that you want to attach to this parameter group.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Description", + "Family", + "Parameters" + ], + "type": "object" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TreeMapSortConfiguration", - "markdownDescription": "The sort configuration of a tree map.", - "title": "SortConfiguration" + "Type": { + "enum": [ + "AWS::Neptune::DBParameterGroup" + ], + "type": "string" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.TreeMapFieldWells": { - "additionalProperties": false, - "properties": { - "TreeMapAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TreeMapAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a tree map.", - "title": "TreeMapAggregatedFieldWells" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.TreeMapSortConfiguration": { + "AWS::Neptune::DBSubnetGroup": { "additionalProperties": false, "properties": { - "TreeMapGroupItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of groups that are displayed.", - "title": "TreeMapGroupItemsLimitConfiguration" + "Condition": { + "type": "string" }, - "TreeMapSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of group by fields.", - "title": "TreeMapSort", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.TreeMapVisual": { - "additionalProperties": false, - "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TreeMapConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "Metadata": { + "type": "object" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Properties": { + "additionalProperties": false, + "properties": { + "DBSubnetGroupDescription": { + "markdownDescription": "Provides the description of the DB subnet group.", + "title": "DBSubnetGroupDescription", + "type": "string" + }, + "DBSubnetGroupName": { + "markdownDescription": "The name of the DB subnet group.", + "title": "DBSubnetGroupName", + "type": "string" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon EC2 subnet IDs for the DB subnet group.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags that you want to attach to the DB subnet group.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "DBSubnetGroupDescription", + "SubnetIds" + ], + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Type": { + "enum": [ + "AWS::Neptune::DBSubnetGroup" + ], + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.TrendArrowOptions": { + "AWS::Neptune::EventSubscription": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility of the trend arrows.", - "title": "Visibility", + "Condition": { "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.UnaggregatedField": { - "additionalProperties": false, - "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that is used in the `UnaggregatedField` .", - "title": "Column" }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "A Boolean value indicating if the subscription is enabled. True indicates the subscription is enabled.", + "title": "Enabled", + "type": "boolean" + }, + "EventCategories": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "EventCategories", + "type": "array" + }, + "SnsTopicArn": { + "markdownDescription": "The topic ARN of the event notification subscription.", + "title": "SnsTopicArn", + "type": "string" + }, + "SourceIds": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "SourceIds", + "type": "array" + }, + "SourceType": { + "markdownDescription": "The source type for the event notification subscription.", + "title": "SourceType", + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Neptune::EventSubscription" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Column", - "FieldId" + "Type" ], "type": "object" }, - "AWS::QuickSight::Analysis.UniqueValuesComputation": { + "AWS::NeptuneGraph::Graph": { "additionalProperties": false, "properties": { - "Category": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", - "markdownDescription": "The category field that is used in a computation.", - "title": "Category" + "Condition": { + "type": "string" }, - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DeletionProtection": { + "markdownDescription": "A value that indicates whether the graph has deletion protection enabled. The graph can't be deleted when deletion protection is enabled.", + "title": "DeletionProtection", + "type": "boolean" + }, + "GraphName": { + "markdownDescription": "The graph name. For example: `my-graph-1` .\n\nThe name must contain from 1 to 63 letters, numbers, or hyphens, and its first character must be a letter. It cannot end with a hyphen or contain two consecutive hyphens.\n\nIf you don't specify a graph name, a unique graph name is generated for you using the prefix `graph-for` , followed by a combination of `Stack Name` and a `UUID` .", + "title": "GraphName", + "type": "string" + }, + "ProvisionedMemory": { + "markdownDescription": "The provisioned memory-optimized Neptune Capacity Units (m-NCUs) to use for the graph.\n\nMin = 16", + "title": "ProvisionedMemory", + "type": "number" + }, + "PublicConnectivity": { + "markdownDescription": "Specifies whether or not the graph can be reachable over the internet. All access to graphs is IAM authenticated.\n\nWhen the graph is publicly available, its domain name system (DNS) endpoint resolves to the public IP address from the internet. When the graph isn't publicly available, you need to create a `PrivateGraphEndpoint` in a given VPC to ensure the DNS name resolves to a private IP address that is reachable from the VPC.\n\nDefault: If not specified, the default value is false.\n\n> If enabling public connectivity for the first time, there will be a delay while it is enabled.", + "title": "PublicConnectivity", + "type": "boolean" + }, + "ReplicaCount": { + "markdownDescription": "The number of replicas in other AZs.\n\nDefault: If not specified, the default value is 1.", + "title": "ReplicaCount", + "type": "number" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Adds metadata tags to the new graph. These tags can also be used with cost allocation reporting, or used in a Condition statement in an IAM policy.", + "title": "Tags", + "type": "array" + }, + "VectorSearchConfiguration": { + "$ref": "#/definitions/AWS::NeptuneGraph::Graph.VectorSearchConfiguration", + "markdownDescription": "Specifies the number of dimensions for vector embeddings that will be loaded into the graph. The value is specified as `dimension=` value. Max = 65,535", + "title": "VectorSearchConfiguration" + } + }, + "required": [ + "ProvisionedMemory" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NeptuneGraph::Graph" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ComputationId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.ValidationStrategy": { + "AWS::NeptuneGraph::Graph.VectorSearchConfiguration": { "additionalProperties": false, "properties": { - "Mode": { - "markdownDescription": "The mode of validation for the asset to be created or updated. When you set this value to `STRICT` , strict validation for every error is enforced. When you set this value to `LENIENT` , validation is skipped for specific UI errors.", - "title": "Mode", - "type": "string" + "VectorSearchDimension": { + "markdownDescription": "The number of dimensions.", + "title": "VectorSearchDimension", + "type": "number" } }, "required": [ - "Mode" + "VectorSearchDimension" ], "type": "object" }, - "AWS::QuickSight::Analysis.VisibleRangeOptions": { - "additionalProperties": false, - "properties": { - "PercentRange": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PercentVisibleRange", - "markdownDescription": "The percent range in the visible range.", - "title": "PercentRange" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.Visual": { + "AWS::NeptuneGraph::PrivateGraphEndpoint": { "additionalProperties": false, "properties": { - "BarChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BarChartVisual", - "markdownDescription": "A bar chart.\n\nFor more information, see [Using bar charts](https://docs.aws.amazon.com/quicksight/latest/user/bar-charts.html) in the *Amazon QuickSight User Guide* .", - "title": "BarChartVisual" - }, - "BoxPlotVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotVisual", - "markdownDescription": "A box plot.\n\nFor more information, see [Using box plots](https://docs.aws.amazon.com/quicksight/latest/user/box-plots.html) in the *Amazon QuickSight User Guide* .", - "title": "BoxPlotVisual" - }, - "ComboChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ComboChartVisual", - "markdownDescription": "A combo chart.\n\nFor more information, see [Using combo charts](https://docs.aws.amazon.com/quicksight/latest/user/combo-charts.html) in the *Amazon QuickSight User Guide* .", - "title": "ComboChartVisual" - }, - "CustomContentVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomContentVisual", - "markdownDescription": "A visual that contains custom content.\n\nFor more information, see [Using custom visual content](https://docs.aws.amazon.com/quicksight/latest/user/custom-visual-content.html) in the *Amazon QuickSight User Guide* .", - "title": "CustomContentVisual" - }, - "EmptyVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.EmptyVisual", - "markdownDescription": "An empty visual.", - "title": "EmptyVisual" - }, - "FilledMapVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapVisual", - "markdownDescription": "A filled map.\n\nFor more information, see [Creating filled maps](https://docs.aws.amazon.com/quicksight/latest/user/filled-maps.html) in the *Amazon QuickSight User Guide* .", - "title": "FilledMapVisual" - }, - "FunnelChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FunnelChartVisual", - "markdownDescription": "A funnel chart.\n\nFor more information, see [Using funnel charts](https://docs.aws.amazon.com/quicksight/latest/user/funnel-visual-content.html) in the *Amazon QuickSight User Guide* .", - "title": "FunnelChartVisual" - }, - "GaugeChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartVisual", - "markdownDescription": "A gauge chart.\n\nFor more information, see [Using gauge charts](https://docs.aws.amazon.com/quicksight/latest/user/gauge-chart.html) in the *Amazon QuickSight User Guide* .", - "title": "GaugeChartVisual" - }, - "GeospatialMapVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapVisual", - "markdownDescription": "A geospatial map or a points on map visual.\n\nFor more information, see [Creating point maps](https://docs.aws.amazon.com/quicksight/latest/user/point-maps.html) in the *Amazon QuickSight User Guide* .", - "title": "GeospatialMapVisual" - }, - "HeatMapVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.HeatMapVisual", - "markdownDescription": "A heat map.\n\nFor more information, see [Using heat maps](https://docs.aws.amazon.com/quicksight/latest/user/heat-map.html) in the *Amazon QuickSight User Guide* .", - "title": "HeatMapVisual" - }, - "HistogramVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.HistogramVisual", - "markdownDescription": "A histogram.\n\nFor more information, see [Using histograms](https://docs.aws.amazon.com/quicksight/latest/user/histogram-charts.html) in the *Amazon QuickSight User Guide* .", - "title": "HistogramVisual" + "Condition": { + "type": "string" }, - "InsightVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.InsightVisual", - "markdownDescription": "An insight visual.\n\nFor more information, see [Working with insights](https://docs.aws.amazon.com/quicksight/latest/user/computational-insights.html) in the *Amazon QuickSight User Guide* .", - "title": "InsightVisual" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "KPIVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIVisual", - "markdownDescription": "A key performance indicator (KPI).\n\nFor more information, see [Using KPIs](https://docs.aws.amazon.com/quicksight/latest/user/kpi.html) in the *Amazon QuickSight User Guide* .", - "title": "KPIVisual" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "LineChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartVisual", - "markdownDescription": "A line chart.\n\nFor more information, see [Using line charts](https://docs.aws.amazon.com/quicksight/latest/user/line-charts.html) in the *Amazon QuickSight User Guide* .", - "title": "LineChartVisual" + "Metadata": { + "type": "object" }, - "PieChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PieChartVisual", - "markdownDescription": "A pie or donut chart.\n\nFor more information, see [Using pie charts](https://docs.aws.amazon.com/quicksight/latest/user/pie-chart.html) in the *Amazon QuickSight User Guide* .", - "title": "PieChartVisual" + "Properties": { + "additionalProperties": false, + "properties": { + "GraphIdentifier": { + "markdownDescription": "The unique identifier of the Neptune Analytics graph.", + "title": "GraphIdentifier", + "type": "string" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "Security groups to be attached to the private graph endpoint..", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "Subnets in which private graph endpoint ENIs are created.", + "title": "SubnetIds", + "type": "array" + }, + "VpcId": { + "markdownDescription": "The VPC in which the private graph endpoint needs to be created.", + "title": "VpcId", + "type": "string" + } + }, + "required": [ + "GraphIdentifier", + "VpcId" + ], + "type": "object" }, - "PivotTableVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableVisual", - "markdownDescription": "A pivot table.\n\nFor more information, see [Using pivot tables](https://docs.aws.amazon.com/quicksight/latest/user/pivot-table.html) in the *Amazon QuickSight User Guide* .", - "title": "PivotTableVisual" + "Type": { + "enum": [ + "AWS::NeptuneGraph::PrivateGraphEndpoint" + ], + "type": "string" }, - "RadarChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartVisual", - "markdownDescription": "A radar chart visual.\n\nFor more information, see [Using radar charts](https://docs.aws.amazon.com/quicksight/latest/user/radar-chart.html) in the *Amazon QuickSight User Guide* .", - "title": "RadarChartVisual" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::NetworkFirewall::Firewall": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" }, - "SankeyDiagramVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SankeyDiagramVisual", - "markdownDescription": "A sankey diagram.\n\nFor more information, see [Using Sankey diagrams](https://docs.aws.amazon.com/quicksight/latest/user/sankey-diagram.html) in the *Amazon QuickSight User Guide* .", - "title": "SankeyDiagramVisual" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ScatterPlotVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ScatterPlotVisual", - "markdownDescription": "A scatter plot.\n\nFor more information, see [Using scatter plots](https://docs.aws.amazon.com/quicksight/latest/user/scatter-plot.html) in the *Amazon QuickSight User Guide* .", - "title": "ScatterPlotVisual" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "TableVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableVisual", - "markdownDescription": "A table visual.\n\nFor more information, see [Using tables as visuals](https://docs.aws.amazon.com/quicksight/latest/user/tabular.html) in the *Amazon QuickSight User Guide* .", - "title": "TableVisual" + "Metadata": { + "type": "object" }, - "TreeMapVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TreeMapVisual", - "markdownDescription": "A tree map.\n\nFor more information, see [Using tree maps](https://docs.aws.amazon.com/quicksight/latest/user/tree-map.html) in the *Amazon QuickSight User Guide* .", - "title": "TreeMapVisual" + "Properties": { + "additionalProperties": false, + "properties": { + "DeleteProtection": { + "markdownDescription": "A flag indicating whether it is possible to delete the firewall. A setting of `TRUE` indicates that the firewall is protected against deletion. Use this setting to protect against accidentally deleting a firewall that is in use. When you create a firewall, the operation initializes this flag to `TRUE` .", + "title": "DeleteProtection", + "type": "boolean" + }, + "Description": { + "markdownDescription": "A description of the firewall.", + "title": "Description", + "type": "string" + }, + "EnabledAnalysisTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "An optional setting indicating the specific traffic analysis types to enable on the firewall.", + "title": "EnabledAnalysisTypes", + "type": "array" + }, + "FirewallName": { + "markdownDescription": "The descriptive name of the firewall. You can't change the name of a firewall after you create it.", + "title": "FirewallName", + "type": "string" + }, + "FirewallPolicyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the firewall policy.\n\nThe relationship of firewall to firewall policy is many to one. Each firewall requires one firewall policy association, and you can use the same firewall policy for multiple firewalls.", + "title": "FirewallPolicyArn", + "type": "string" + }, + "FirewallPolicyChangeProtection": { + "markdownDescription": "A setting indicating whether the firewall is protected against a change to the firewall policy association. Use this setting to protect against accidentally modifying the firewall policy for a firewall that is in use. When you create a firewall, the operation initializes this setting to `TRUE` .", + "title": "FirewallPolicyChangeProtection", + "type": "boolean" + }, + "SubnetChangeProtection": { + "markdownDescription": "A setting indicating whether the firewall is protected against changes to the subnet associations. Use this setting to protect against accidentally modifying the subnet associations for a firewall that is in use. When you create a firewall, the operation initializes this setting to `TRUE` .", + "title": "SubnetChangeProtection", + "type": "boolean" + }, + "SubnetMappings": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::Firewall.SubnetMapping" + }, + "markdownDescription": "The primary public subnets that Network Firewall is using for the firewall. Network Firewall creates a firewall endpoint in each subnet. Create a subnet mapping for each Availability Zone where you want to use the firewall.\n\nThese subnets are all defined for a single, primary VPC, and each must belong to a different Availability Zone. Each of these subnets establishes the availability of the firewall in its Availability Zone.\n\nIn addition to these subnets, you can define other endpoints for the firewall in `VpcEndpointAssociation` resources. You can define these additional endpoints for any VPC, and for any of the Availability Zones where the firewall resource already has a subnet mapping. VPC endpoint associations give you the ability to protect multiple VPCs using a single firewall, and to define multiple firewall endpoints for a VPC in a single Availability Zone.", + "title": "SubnetMappings", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + }, + "VpcId": { + "markdownDescription": "The unique identifier of the VPC where the firewall is in use. You can't change the VPC of a firewall after you create the firewall.", + "title": "VpcId", + "type": "string" + } + }, + "required": [ + "FirewallName", + "FirewallPolicyArn", + "SubnetMappings", + "VpcId" + ], + "type": "object" }, - "WaterfallVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallVisual", - "markdownDescription": "A waterfall chart.\n\nFor more information, see [Using waterfall charts](https://docs.aws.amazon.com/quicksight/latest/user/waterfall-chart.html) in the *Amazon QuickSight User Guide* .", - "title": "WaterfallVisual" + "Type": { + "enum": [ + "AWS::NetworkFirewall::Firewall" + ], + "type": "string" }, - "WordCloudVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WordCloudVisual", - "markdownDescription": "A word cloud.\n\nFor more information, see [Using word clouds](https://docs.aws.amazon.com/quicksight/latest/user/word-cloud.html) in the *Amazon QuickSight User Guide* .", - "title": "WordCloudVisual" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.VisualCustomAction": { + "AWS::NetworkFirewall::Firewall.SubnetMapping": { "additionalProperties": false, "properties": { - "ActionOperations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomActionOperation" - }, - "markdownDescription": "A list of `VisualCustomActionOperations` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", - "title": "ActionOperations", - "type": "array" - }, - "CustomActionId": { - "markdownDescription": "The ID of the `VisualCustomAction` .", - "title": "CustomActionId", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the `VisualCustomAction` .", - "title": "Name", - "type": "string" - }, - "Status": { - "markdownDescription": "The status of the `VisualCustomAction` .", - "title": "Status", + "IPAddressType": { + "markdownDescription": "The subnet's IP address type. You can't change the IP address type after you create the subnet.", + "title": "IPAddressType", "type": "string" }, - "Trigger": { - "markdownDescription": "The trigger of the `VisualCustomAction` .\n\nValid values are defined as follows:\n\n- `DATA_POINT_CLICK` : Initiates a custom action by a left pointer click on a data point.\n- `DATA_POINT_MENU` : Initiates a custom action by right pointer click from the menu.", - "title": "Trigger", + "SubnetId": { + "markdownDescription": "The unique identifier for the subnet.", + "title": "SubnetId", "type": "string" } }, "required": [ - "ActionOperations", - "CustomActionId", - "Name", - "Trigger" + "SubnetId" ], "type": "object" }, - "AWS::QuickSight::Analysis.VisualCustomActionOperation": { + "AWS::NetworkFirewall::FirewallPolicy": { "additionalProperties": false, "properties": { - "FilterOperation": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionFilterOperation", - "markdownDescription": "The filter operation that filters data included in a visual or in an entire sheet.", - "title": "FilterOperation" + "Condition": { + "type": "string" }, - "NavigationOperation": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionNavigationOperation", - "markdownDescription": "The navigation operation that navigates between different sheets in the same analysis.", - "title": "NavigationOperation" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "SetParametersOperation": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionSetParametersOperation", - "markdownDescription": "The set parameter operation that sets parameters in custom action.", - "title": "SetParametersOperation" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "URLOperation": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionURLOperation", - "markdownDescription": "The URL operation that opens a link to another webpage.", - "title": "URLOperation" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the firewall policy.", + "title": "Description", + "type": "string" + }, + "FirewallPolicy": { + "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.FirewallPolicy", + "markdownDescription": "The traffic filtering behavior of a firewall policy, defined in a collection of stateless and stateful rule groups and other settings.", + "title": "FirewallPolicy" + }, + "FirewallPolicyName": { + "markdownDescription": "The descriptive name of the firewall policy. You can't change the name of a firewall policy after you create it.", + "title": "FirewallPolicyName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "FirewallPolicy", + "FirewallPolicyName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NetworkFirewall::FirewallPolicy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.VisualPalette": { + "AWS::NetworkFirewall::FirewallPolicy.ActionDefinition": { "additionalProperties": false, "properties": { - "ChartColor": { - "markdownDescription": "The chart color options for the visual palette.", - "title": "ChartColor", - "type": "string" - }, - "ColorMap": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathColor" - }, - "markdownDescription": "The color map options for the visual palette.", - "title": "ColorMap", - "type": "array" + "PublishMetricAction": { + "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.PublishMetricAction", + "markdownDescription": "Stateless inspection criteria that publishes the specified metrics to Amazon CloudWatch for the matching packet. This setting defines a CloudWatch dimension value to be published.\n\nYou can pair this custom action with any of the standard stateless rule actions. For example, you could pair this in a rule action with the standard action that forwards the packet for stateful inspection. Then, when a packet matches the rule, Network Firewall publishes metrics for the packet and forwards it.", + "title": "PublishMetricAction" } }, "type": "object" }, - "AWS::QuickSight::Analysis.VisualSubtitleLabelOptions": { + "AWS::NetworkFirewall::FirewallPolicy.CustomAction": { "additionalProperties": false, "properties": { - "FormatText": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LongFormatText", - "markdownDescription": "The long text format of the subtitle label, such as plain text or rich text.", - "title": "FormatText" + "ActionDefinition": { + "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.ActionDefinition", + "markdownDescription": "The custom action associated with the action name.", + "title": "ActionDefinition" }, - "Visibility": { - "markdownDescription": "The visibility of the subtitle label.", - "title": "Visibility", + "ActionName": { + "markdownDescription": "The descriptive name of the custom action. You can't change the name of a custom action after you create it.", + "title": "ActionName", "type": "string" } }, + "required": [ + "ActionDefinition", + "ActionName" + ], "type": "object" }, - "AWS::QuickSight::Analysis.VisualTitleLabelOptions": { + "AWS::NetworkFirewall::FirewallPolicy.Dimension": { "additionalProperties": false, "properties": { - "FormatText": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ShortFormatText", - "markdownDescription": "The short text format of the title label, such as plain text or rich text.", - "title": "FormatText" - }, - "Visibility": { - "markdownDescription": "The visibility of the title label.", - "title": "Visibility", + "Value": { + "markdownDescription": "The value to use in the custom metric dimension.", + "title": "Value", "type": "string" } }, + "required": [ + "Value" + ], "type": "object" }, - "AWS::QuickSight::Analysis.WaterfallChartAggregatedFieldWells": { + "AWS::NetworkFirewall::FirewallPolicy.FirewallPolicy": { "additionalProperties": false, "properties": { - "Breakdowns": { + "PolicyVariables": { + "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.PolicyVariables", + "markdownDescription": "Contains variables that you can use to override default Suricata settings in your firewall policy.", + "title": "PolicyVariables" + }, + "StatefulDefaultActions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + "type": "string" }, - "markdownDescription": "The breakdown field wells of a waterfall visual.", - "title": "Breakdowns", + "markdownDescription": "The default actions to take on a packet that doesn't match any stateful rules. The stateful default action is optional, and is only valid when using the strict rule order.\n\nValid values of the stateful default action:\n\n- aws:drop_strict\n- aws:drop_established\n- aws:alert_strict\n- aws:alert_established\n\nFor more information, see [Strict evaluation order](https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html#suricata-strict-rule-evaluation-order.html) in the *AWS Network Firewall Developer Guide* .", + "title": "StatefulDefaultActions", "type": "array" }, - "Categories": { + "StatefulEngineOptions": { + "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.StatefulEngineOptions", + "markdownDescription": "Additional options governing how Network Firewall handles stateful rules. The stateful rule groups that you use in your policy must have stateful rule options settings that are compatible with these settings.", + "title": "StatefulEngineOptions" + }, + "StatefulRuleGroupReferences": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.StatefulRuleGroupReference" }, - "markdownDescription": "The category field wells of a waterfall visual.", - "title": "Categories", + "markdownDescription": "References to the stateful rule groups that are used in the policy. These define the inspection criteria in stateful rules.", + "title": "StatefulRuleGroupReferences", "type": "array" }, - "Values": { + "StatelessCustomActions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.CustomAction" }, - "markdownDescription": "The value field wells of a waterfall visual.", - "title": "Values", + "markdownDescription": "The custom action definitions that are available for use in the firewall policy's `StatelessDefaultActions` setting. You name each custom action that you define, and then you can use it by name in your default actions specifications.", + "title": "StatelessCustomActions", "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.WaterfallChartConfiguration": { - "additionalProperties": false, - "properties": { - "CategoryAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the category axis.", - "title": "CategoryAxisDisplayOptions" - }, - "CategoryAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the category axis label.", - "title": "CategoryAxisLabelOptions" - }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", - "markdownDescription": "The data label configuration of a waterfall visual.", - "title": "DataLabels" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallChartFieldWells", - "markdownDescription": "The field well configuration of a waterfall visual.", - "title": "FieldWells" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", - "markdownDescription": "The legend configuration of a waterfall visual.", - "title": "Legend" - }, - "PrimaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the y-axis.", - "title": "PrimaryYAxisDisplayOptions" }, - "PrimaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the y-axis label.", - "title": "PrimaryYAxisLabelOptions" + "StatelessDefaultActions": { + "items": { + "type": "string" + }, + "markdownDescription": "The actions to take on a packet if it doesn't match any of the stateless rules in the policy. If you want non-matching packets to be forwarded for stateful inspection, specify `aws:forward_to_sfe` .\n\nYou must specify one of the standard actions: `aws:pass` , `aws:drop` , or `aws:forward_to_sfe` . In addition, you can specify custom actions that are compatible with your standard section choice.\n\nFor example, you could specify `[\"aws:pass\"]` or you could specify `[\"aws:pass\", \u201ccustomActionName\u201d]` . For information about compatibility, see the custom action descriptions.", + "title": "StatelessDefaultActions", + "type": "array" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallChartSortConfiguration", - "markdownDescription": "The sort configuration of a waterfall visual.", - "title": "SortConfiguration" + "StatelessFragmentDefaultActions": { + "items": { + "type": "string" + }, + "markdownDescription": "The actions to take on a fragmented packet if it doesn't match any of the stateless rules in the policy. If you want non-matching fragmented packets to be forwarded for stateful inspection, specify `aws:forward_to_sfe` .\n\nYou must specify one of the standard actions: `aws:pass` , `aws:drop` , or `aws:forward_to_sfe` . In addition, you can specify custom actions that are compatible with your standard section choice.\n\nFor example, you could specify `[\"aws:pass\"]` or you could specify `[\"aws:pass\", \u201ccustomActionName\u201d]` . For information about compatibility, see the custom action descriptions.", + "title": "StatelessFragmentDefaultActions", + "type": "array" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", - "markdownDescription": "The visual palette configuration of a waterfall visual.", - "title": "VisualPalette" + "StatelessRuleGroupReferences": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.StatelessRuleGroupReference" + }, + "markdownDescription": "References to the stateless rule groups that are used in the policy. These define the matching criteria in stateless rules.", + "title": "StatelessRuleGroupReferences", + "type": "array" }, - "WaterfallChartOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallChartOptions", - "markdownDescription": "The options that determine the presentation of a waterfall visual.", - "title": "WaterfallChartOptions" + "TLSInspectionConfigurationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the TLS inspection configuration.", + "title": "TLSInspectionConfigurationArn", + "type": "string" } }, + "required": [ + "StatelessDefaultActions", + "StatelessFragmentDefaultActions" + ], "type": "object" }, - "AWS::QuickSight::Analysis.WaterfallChartFieldWells": { + "AWS::NetworkFirewall::FirewallPolicy.FlowTimeouts": { "additionalProperties": false, "properties": { - "WaterfallChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallChartAggregatedFieldWells", - "markdownDescription": "The field well configuration of a waterfall visual.", - "title": "WaterfallChartAggregatedFieldWells" + "TcpIdleTimeoutSeconds": { + "markdownDescription": "The number of seconds that can pass without any TCP traffic sent through the firewall before the firewall determines that the connection is idle. After the idle timeout passes, data packets are dropped, however, the next TCP SYN packet is considered a new flow and is processed by the firewall. Clients or targets can use TCP keepalive packets to reset the idle timeout.\n\nYou can define the `TcpIdleTimeoutSeconds` value to be between 60 and 6000 seconds. If no value is provided, it defaults to 350 seconds.", + "title": "TcpIdleTimeoutSeconds", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.WaterfallChartOptions": { + "AWS::NetworkFirewall::FirewallPolicy.IPSet": { "additionalProperties": false, "properties": { - "TotalBarLabel": { - "markdownDescription": "This option determines the total bar label of a waterfall visual.", - "title": "TotalBarLabel", - "type": "string" + "Definition": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of IP addresses and address ranges, in CIDR notation.", + "title": "Definition", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.WaterfallChartSortConfiguration": { + "AWS::NetworkFirewall::FirewallPolicy.PolicyVariables": { "additionalProperties": false, "properties": { - "BreakdownItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of bar groups that are displayed.", - "title": "BreakdownItemsLimit" - }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + "RuleVariables": { + "additionalProperties": false, + "markdownDescription": "The IPv4 or IPv6 addresses in CIDR notation to use for the Suricata `HOME_NET` variable. If your firewall uses an inspection VPC, you might want to override the `HOME_NET` variable with the CIDRs of your home networks. If you don't override `HOME_NET` with your own CIDRs, Network Firewall by default uses the CIDR of your inspection VPC.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.IPSet" + } }, - "markdownDescription": "The sort configuration of the category fields.", - "title": "CategorySort", - "type": "array" + "title": "RuleVariables", + "type": "object" } }, "type": "object" }, - "AWS::QuickSight::Analysis.WaterfallVisual": { + "AWS::NetworkFirewall::FirewallPolicy.PublishMetricAction": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallChartConfiguration", - "markdownDescription": "The configuration for a waterfall visual.", - "title": "ChartConfiguration" - }, - "ColumnHierarchies": { + "Dimensions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" + "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.Dimension" }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", + "markdownDescription": "", + "title": "Dimensions", "type": "array" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" - }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", - "type": "string" } }, "required": [ - "VisualId" + "Dimensions" ], "type": "object" }, - "AWS::QuickSight::Analysis.WhatIfPointScenario": { + "AWS::NetworkFirewall::FirewallPolicy.StatefulEngineOptions": { "additionalProperties": false, "properties": { - "Date": { - "markdownDescription": "The date that you need the forecast results for.", - "title": "Date", - "type": "string" + "FlowTimeouts": { + "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.FlowTimeouts", + "markdownDescription": "Configures the amount of time that can pass without any traffic sent through the firewall before the firewall determines that the connection is idle.", + "title": "FlowTimeouts" }, - "Value": { - "markdownDescription": "The target value that you want to meet for the provided date.", - "title": "Value", - "type": "number" - } - }, - "required": [ - "Date", - "Value" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.WhatIfRangeScenario": { - "additionalProperties": false, - "properties": { - "EndDate": { - "markdownDescription": "The end date in the date range that you need the forecast results for.", - "title": "EndDate", + "RuleOrder": { + "markdownDescription": "Indicates how to manage the order of stateful rule evaluation for the policy. `DEFAULT_ACTION_ORDER` is the default behavior. Stateful rules are provided to the rule engine as Suricata compatible strings, and Suricata evaluates them based on certain settings. For more information, see [Evaluation order for stateful rules](https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html) in the *AWS Network Firewall Developer Guide* .", + "title": "RuleOrder", "type": "string" }, - "StartDate": { - "markdownDescription": "The start date in the date range that you need the forecast results for.", - "title": "StartDate", + "StreamExceptionPolicy": { + "markdownDescription": "Configures how Network Firewall processes traffic when a network connection breaks midstream. Network connections can break due to disruptions in external networks or within the firewall itself.\n\n- `DROP` - Network Firewall fails closed and drops all subsequent traffic going to the firewall. This is the default behavior.\n- `CONTINUE` - Network Firewall continues to apply rules to the subsequent traffic without context from traffic before the break. This impacts the behavior of rules that depend on this context. For example, if you have a stateful rule to `drop http` traffic, Network Firewall won't match the traffic for this rule because the service won't have the context from session initialization defining the application layer protocol as HTTP. However, this behavior is rule dependent\u2014a TCP-layer rule using a `flow:stateless` rule would still match, as would the `aws:drop_strict` default action.\n- `REJECT` - Network Firewall fails closed and drops all subsequent traffic going to the firewall. Network Firewall also sends a TCP reject packet back to your client so that the client can immediately establish a new session. Network Firewall will have context about the new session and will apply rules to the subsequent traffic.", + "title": "StreamExceptionPolicy", "type": "string" - }, - "Value": { - "markdownDescription": "The target value that you want to meet for the provided date range.", - "title": "Value", - "type": "number" } }, - "required": [ - "EndDate", - "StartDate", - "Value" - ], "type": "object" }, - "AWS::QuickSight::Analysis.WordCloudAggregatedFieldWells": { + "AWS::NetworkFirewall::FirewallPolicy.StatefulRuleGroupOverride": { "additionalProperties": false, "properties": { - "GroupBy": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The group by field well of a word cloud. Values are grouped by group by fields.", - "title": "GroupBy", - "type": "array" - }, - "Size": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The size field well of a word cloud. Values are aggregated based on group by fields.", - "title": "Size", - "type": "array" + "Action": { + "markdownDescription": "The action that changes the rule group from `DROP` to `ALERT` . This only applies to managed rule groups.", + "title": "Action", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.WordCloudChartConfiguration": { + "AWS::NetworkFirewall::FirewallPolicy.StatefulRuleGroupReference": { "additionalProperties": false, "properties": { - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) for the word cloud category.", - "title": "CategoryLabelOptions" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WordCloudFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" + "Override": { + "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.StatefulRuleGroupOverride", + "markdownDescription": "The action that allows the policy owner to override the behavior of the rule group within a policy.", + "title": "Override" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WordCloudSortConfiguration", - "markdownDescription": "The sort configuration of a word cloud visual.", - "title": "SortConfiguration" + "Priority": { + "markdownDescription": "An integer setting that indicates the order in which to run the stateful rule groups in a single `FirewallPolicy` . This setting only applies to firewall policies that specify the `STRICT_ORDER` rule order in the stateful engine options settings.\n\nNetwork Firewall evalutes each stateful rule group against a packet starting with the group that has the lowest priority setting. You must ensure that the priority settings are unique within each policy.\n\nYou can change the priority settings of your rule groups at any time. To make it easier to insert rule groups later, number them so there's a wide range in between, for example use 100, 200, and so on.", + "title": "Priority", + "type": "number" }, - "WordCloudOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WordCloudOptions", - "markdownDescription": "The options for a word cloud visual.", - "title": "WordCloudOptions" + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the stateful rule group.", + "title": "ResourceArn", + "type": "string" } }, + "required": [ + "ResourceArn" + ], "type": "object" }, - "AWS::QuickSight::Analysis.WordCloudFieldWells": { + "AWS::NetworkFirewall::FirewallPolicy.StatelessRuleGroupReference": { "additionalProperties": false, "properties": { - "WordCloudAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WordCloudAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a word cloud.", - "title": "WordCloudAggregatedFieldWells" + "Priority": { + "markdownDescription": "An integer setting that indicates the order in which to run the stateless rule groups in a single `FirewallPolicy` . Network Firewall applies each stateless rule group to a packet starting with the group that has the lowest priority setting. You must ensure that the priority settings are unique within each policy.", + "title": "Priority", + "type": "number" + }, + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the stateless rule group.", + "title": "ResourceArn", + "type": "string" } }, + "required": [ + "Priority", + "ResourceArn" + ], "type": "object" }, - "AWS::QuickSight::Analysis.WordCloudOptions": { + "AWS::NetworkFirewall::LoggingConfiguration": { "additionalProperties": false, "properties": { - "CloudLayout": { - "markdownDescription": "The cloud layout options (fluid, normal) of a word cloud.", - "title": "CloudLayout", + "Condition": { "type": "string" }, - "MaximumStringLength": { - "markdownDescription": "The length limit of each word from 1-100.", - "title": "MaximumStringLength", - "type": "number" - }, - "WordCasing": { - "markdownDescription": "The word casing options (lower_case, existing_case) for the words in a word cloud.", - "title": "WordCasing", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "WordOrientation": { - "markdownDescription": "The word orientation options (horizontal, horizontal_and_vertical) for the words in a word cloud.", - "title": "WordOrientation", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "WordPadding": { - "markdownDescription": "The word padding options (none, small, medium, large) for the words in a word cloud.", - "title": "WordPadding", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "EnableMonitoringDashboard": { + "markdownDescription": "", + "title": "EnableMonitoringDashboard", + "type": "boolean" + }, + "FirewallArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the `Firewall` that the logging configuration is associated with. You can't change the firewall specification after you create the logging configuration.", + "title": "FirewallArn", + "type": "string" + }, + "FirewallName": { + "markdownDescription": "The name of the firewall that the logging configuration is associated with. You can't change the firewall specification after you create the logging configuration.", + "title": "FirewallName", + "type": "string" + }, + "LoggingConfiguration": { + "$ref": "#/definitions/AWS::NetworkFirewall::LoggingConfiguration.LoggingConfiguration", + "markdownDescription": "Defines how AWS Network Firewall performs logging for a `Firewall` .", + "title": "LoggingConfiguration" + } + }, + "required": [ + "FirewallArn", + "LoggingConfiguration" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NetworkFirewall::LoggingConfiguration" + ], "type": "string" }, - "WordScaling": { - "markdownDescription": "The word scaling options (emphasize, normal) for the words in a word cloud.", - "title": "WordScaling", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.WordCloudSortConfiguration": { + "AWS::NetworkFirewall::LoggingConfiguration.LogDestinationConfig": { "additionalProperties": false, "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of groups that are displayed in a word cloud.", - "title": "CategoryItemsLimit" - }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + "LogDestination": { + "additionalProperties": true, + "markdownDescription": "The named location for the logs, provided in a key:value mapping that is specific to the chosen destination type.\n\n- For an Amazon S3 bucket, provide the name of the bucket, with key `bucketName` , and optionally provide a prefix, with key `prefix` .\n\nThe following example specifies an Amazon S3 bucket named `DOC-EXAMPLE-BUCKET` and the prefix `alerts` :\n\n`\"LogDestination\": { \"bucketName\": \"DOC-EXAMPLE-BUCKET\", \"prefix\": \"alerts\" }`\n- For a CloudWatch log group, provide the name of the CloudWatch log group, with key `logGroup` . The following example specifies a log group named `alert-log-group` :\n\n`\"LogDestination\": { \"logGroup\": \"alert-log-group\" }`\n- For a Firehose delivery stream, provide the name of the delivery stream, with key `deliveryStream` . The following example specifies a delivery stream named `alert-delivery-stream` :\n\n`\"LogDestination\": { \"deliveryStream\": \"alert-delivery-stream\" }`", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "The sort configuration of group by fields.", - "title": "CategorySort", - "type": "array" + "title": "LogDestination", + "type": "object" + }, + "LogDestinationType": { + "markdownDescription": "The type of storage destination to send these logs to. You can send logs to an Amazon S3 bucket, a CloudWatch log group, or a Firehose delivery stream.", + "title": "LogDestinationType", + "type": "string" + }, + "LogType": { + "markdownDescription": "The type of log to record. You can record the following types of logs from your Network Firewall stateful engine.\n\n- `ALERT` - Logs for traffic that matches your stateful rules and that have an action that sends an alert. A stateful rule sends alerts for the rule actions DROP, ALERT, and REJECT. For more information, see the `StatefulRule` property.\n- `FLOW` - Standard network traffic flow logs. The stateful rules engine records flow logs for all network traffic that it receives. Each flow log record captures the network flow for a specific standard stateless rule group.\n- `TLS` - Logs for events that are related to TLS inspection. For more information, see [Inspecting SSL/TLS traffic with TLS inspection configurations](https://docs.aws.amazon.com/network-firewall/latest/developerguide/tls-inspection-configurations.html) in the *Network Firewall Developer Guide* .", + "title": "LogType", + "type": "string" } }, + "required": [ + "LogDestination", + "LogDestinationType", + "LogType" + ], "type": "object" }, - "AWS::QuickSight::Analysis.WordCloudVisual": { + "AWS::NetworkFirewall::LoggingConfiguration.LoggingConfiguration": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WordCloudChartConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" - }, - "ColumnHierarchies": { + "LogDestinationConfigs": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" + "$ref": "#/definitions/AWS::NetworkFirewall::LoggingConfiguration.LogDestinationConfig" }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", + "markdownDescription": "Defines the logging destinations for the logs for a firewall. Network Firewall generates logs for stateful rule groups.", + "title": "LogDestinationConfigs", "type": "array" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" - }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", - "type": "string" } }, "required": [ - "VisualId" + "LogDestinationConfigs" ], "type": "object" }, - "AWS::QuickSight::Dashboard": { + "AWS::NetworkFirewall::RuleGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -195332,96 +199313,50 @@ "Properties": { "additionalProperties": false, "properties": { - "AwsAccountId": { - "markdownDescription": "The ID of the AWS account where you want to create the dashboard.", - "title": "AwsAccountId", - "type": "string" + "Capacity": { + "markdownDescription": "The maximum operating resources that this rule group can use. You can't change a rule group's capacity setting after you create the rule group. When you update a rule group, you are limited to this capacity. When you reference a rule group from a firewall policy, Network Firewall reserves this capacity for the rule group.", + "title": "Capacity", + "type": "number" }, - "DashboardId": { - "markdownDescription": "The ID for the dashboard, also added to the IAM policy.", - "title": "DashboardId", + "Description": { + "markdownDescription": "A description of the rule group.", + "title": "Description", "type": "string" }, - "DashboardPublishOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DashboardPublishOptions", - "markdownDescription": "Options for publishing the dashboard when you create it:\n\n- `AvailabilityStatus` for `AdHocFilteringOption` - This status can be either `ENABLED` or `DISABLED` . When this is set to `DISABLED` , Amazon QuickSight disables the left filter pane on the published dashboard, which can be used for ad hoc (one-time) filtering. This option is `ENABLED` by default.\n- `AvailabilityStatus` for `ExportToCSVOption` - This status can be either `ENABLED` or `DISABLED` . The visual option to export data to .CSV format isn't enabled when this is set to `DISABLED` . This option is `ENABLED` by default.\n- `VisibilityState` for `SheetControlsOption` - This visibility state can be either `COLLAPSED` or `EXPANDED` . This option is `COLLAPSED` by default.", - "title": "DashboardPublishOptions" - }, - "Definition": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DashboardVersionDefinition", - "markdownDescription": "", - "title": "Definition" - }, - "LinkEntities": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of analysis Amazon Resource Names (ARNs) to be linked to the dashboard.", - "title": "LinkEntities", - "type": "array" - }, - "LinkSharingConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LinkSharingConfiguration", - "markdownDescription": "A structure that contains the link sharing configurations that you want to apply overrides to.", - "title": "LinkSharingConfiguration" + "RuleGroup": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.RuleGroup", + "markdownDescription": "An object that defines the rule group rules.", + "title": "RuleGroup" }, - "Name": { - "markdownDescription": "The display name of the dashboard.", - "title": "Name", + "RuleGroupName": { + "markdownDescription": "The descriptive name of the rule group. You can't change the name of a rule group after you create it.", + "title": "RuleGroupName", "type": "string" }, - "Parameters": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.Parameters", - "markdownDescription": "The parameters for the creation of the dashboard, which you want to use to override the default settings. A dashboard can have any type of parameters, and some parameters might accept multiple values.", - "title": "Parameters" - }, - "Permissions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ResourcePermission" - }, - "markdownDescription": "A structure that contains the permissions of the dashboard. You can use this structure for granting permissions by providing a list of IAM action information for each principal ARN.\n\nTo specify no permissions, omit the permissions list.", - "title": "Permissions", - "type": "array" - }, - "SourceEntity": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DashboardSourceEntity", - "markdownDescription": "The entity that you are using as a source when you create the dashboard. In `SourceEntity` , you specify the type of object that you want to use. You can only create a dashboard from a template, so you use a `SourceTemplate` entity. If you need to create a dashboard from an analysis, first convert the analysis to a template by using the `CreateTemplate` API operation. For `SourceTemplate` , specify the Amazon Resource Name (ARN) of the source template. The `SourceTemplate` ARN can contain any AWS account; and any QuickSight-supported AWS Region .\n\nUse the `DataSetReferences` entity within `SourceTemplate` to list the replacement datasets for the placeholders listed in the original. The schema in each dataset must match its placeholder.", - "title": "SourceEntity" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Contains a map of the key-value pairs for the resource tag or tags assigned to the dashboard.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" }, - "ThemeArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the theme that is being used for this dashboard. If you add a value for this field, it overrides the value that is used in the source entity. The theme ARN must exist in the same AWS account where you create the dashboard.", - "title": "ThemeArn", - "type": "string" - }, - "ValidationStrategy": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ValidationStrategy", - "markdownDescription": "The option to relax the validation that is required to create and update analyses, dashboards, and templates with definition objects. When you set this value to `LENIENT` , validation is skipped for specific errors.", - "title": "ValidationStrategy" - }, - "VersionDescription": { - "markdownDescription": "A description for the first version of the dashboard being created.", - "title": "VersionDescription", + "Type": { + "markdownDescription": "Indicates whether the rule group is stateless or stateful. If the rule group is stateless, it contains\nstateless rules. If it is stateful, it contains stateful rules.", + "title": "Type", "type": "string" } }, "required": [ - "AwsAccountId", - "DashboardId", - "Name" + "Capacity", + "RuleGroupName", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::QuickSight::Dashboard" + "AWS::NetworkFirewall::RuleGroup" ], "type": "string" }, @@ -195440,13693 +199375,18011 @@ ], "type": "object" }, - "AWS::QuickSight::Dashboard.AdHocFilteringOption": { + "AWS::NetworkFirewall::RuleGroup.ActionDefinition": { "additionalProperties": false, "properties": { - "AvailabilityStatus": { - "markdownDescription": "Availability status.", - "title": "AvailabilityStatus", - "type": "string" + "PublishMetricAction": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.PublishMetricAction", + "markdownDescription": "Stateless inspection criteria that publishes the specified metrics to Amazon CloudWatch for the matching packet. This setting defines a CloudWatch dimension value to be published.\n\nYou can pair this custom action with any of the standard stateless rule actions. For example, you could pair this in a rule action with the standard action that forwards the packet for stateful inspection. Then, when a packet matches the rule, Network Firewall publishes metrics for the packet and forwards it.", + "title": "PublishMetricAction" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.AggregationFunction": { + "AWS::NetworkFirewall::RuleGroup.Address": { "additionalProperties": false, "properties": { - "AttributeAggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AttributeAggregationFunction", - "markdownDescription": "Aggregation for attributes.", - "title": "AttributeAggregationFunction" - }, - "CategoricalAggregationFunction": { - "markdownDescription": "Aggregation for categorical values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values.", - "title": "CategoricalAggregationFunction", - "type": "string" - }, - "DateAggregationFunction": { - "markdownDescription": "Aggregation for date values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values.\n- `MIN` : Select the smallest date value.\n- `MAX` : Select the largest date value.", - "title": "DateAggregationFunction", + "AddressDefinition": { + "markdownDescription": "Specify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4 and IPv6.\n\nExamples:\n\n- To configure Network Firewall to inspect for the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n- To configure Network Firewall to inspect for the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure Network Firewall to inspect for IP addresses from 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .", + "title": "AddressDefinition", "type": "string" - }, - "NumericalAggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericalAggregationFunction", - "markdownDescription": "Aggregation for numerical values.", - "title": "NumericalAggregationFunction" } }, + "required": [ + "AddressDefinition" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.AggregationSortConfiguration": { + "AWS::NetworkFirewall::RuleGroup.CustomAction": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationFunction", - "markdownDescription": "The function that aggregates the values in `Column` .", - "title": "AggregationFunction" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that determines the sort order of aggregated values.", - "title": "Column" + "ActionDefinition": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.ActionDefinition", + "markdownDescription": "The custom action associated with the action name.", + "title": "ActionDefinition" }, - "SortDirection": { - "markdownDescription": "The sort direction of values.\n\n- `ASC` : Sort in ascending order.\n- `DESC` : Sort in descending order.", - "title": "SortDirection", + "ActionName": { + "markdownDescription": "The descriptive name of the custom action. You can't change the name of a custom action after you create it.", + "title": "ActionName", "type": "string" } }, "required": [ - "Column", - "SortDirection" + "ActionDefinition", + "ActionName" ], "type": "object" }, - "AWS::QuickSight::Dashboard.AnalysisDefaults": { + "AWS::NetworkFirewall::RuleGroup.Dimension": { "additionalProperties": false, "properties": { - "DefaultNewSheetConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultNewSheetConfiguration", - "markdownDescription": "The configuration for default new sheet settings.", - "title": "DefaultNewSheetConfiguration" + "Value": { + "markdownDescription": "The value to use in the custom metric dimension.", + "title": "Value", + "type": "string" } }, "required": [ - "DefaultNewSheetConfiguration" + "Value" ], "type": "object" }, - "AWS::QuickSight::Dashboard.AnchorDateConfiguration": { + "AWS::NetworkFirewall::RuleGroup.Header": { "additionalProperties": false, "properties": { - "AnchorOption": { - "markdownDescription": "The options for the date configuration. Choose one of the options below:\n\n- `NOW`", - "title": "AnchorOption", + "Destination": { + "markdownDescription": "The destination IP address or address range to inspect for, in CIDR notation. To match with any address, specify `ANY` .\n\nSpecify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4 and IPv6.\n\nExamples:\n\n- To configure Network Firewall to inspect for the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n- To configure Network Firewall to inspect for the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure Network Firewall to inspect for IP addresses from 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .", + "title": "Destination", "type": "string" }, - "ParameterName": { - "markdownDescription": "The name of the parameter that is used for the anchor date configuration.", - "title": "ParameterName", + "DestinationPort": { + "markdownDescription": "The destination port to inspect for. You can specify an individual port, for example `1994` and you can specify a port range, for example `1990:1994` . To match with any port, specify `ANY` .", + "title": "DestinationPort", + "type": "string" + }, + "Direction": { + "markdownDescription": "The direction of traffic flow to inspect. If set to `ANY` , the inspection matches bidirectional traffic, both from the source to the destination and from the destination to the source. If set to `FORWARD` , the inspection only matches traffic going from the source to the destination.", + "title": "Direction", + "type": "string" + }, + "Protocol": { + "markdownDescription": "The protocol to inspect for. To specify all, you can use `IP` , because all traffic on AWS and on the internet is IP.", + "title": "Protocol", + "type": "string" + }, + "Source": { + "markdownDescription": "The source IP address or address range to inspect for, in CIDR notation. To match with any address, specify `ANY` .\n\nSpecify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4 and IPv6.\n\nExamples:\n\n- To configure Network Firewall to inspect for the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n- To configure Network Firewall to inspect for the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure Network Firewall to inspect for IP addresses from 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .", + "title": "Source", + "type": "string" + }, + "SourcePort": { + "markdownDescription": "The source port to inspect for. You can specify an individual port, for example `1994` and you can specify a port range, for example `1990:1994` . To match with any port, specify `ANY` .", + "title": "SourcePort", "type": "string" } }, + "required": [ + "Destination", + "DestinationPort", + "Direction", + "Protocol", + "Source", + "SourcePort" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.ArcAxisConfiguration": { + "AWS::NetworkFirewall::RuleGroup.IPSet": { "additionalProperties": false, "properties": { - "Range": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ArcAxisDisplayRange", - "markdownDescription": "The arc axis range of a `GaugeChartVisual` .", - "title": "Range" - }, - "ReserveRange": { - "markdownDescription": "The reserved range of the arc axis.", - "title": "ReserveRange", - "type": "number" + "Definition": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of IP addresses and address ranges, in CIDR notation.", + "title": "Definition", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ArcAxisDisplayRange": { + "AWS::NetworkFirewall::RuleGroup.IPSetReference": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum value of the arc axis range.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum value of the arc axis range.", - "title": "Min", - "type": "number" + "ReferenceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource to include in the `RuleGroup.IPSetReference` .", + "title": "ReferenceArn", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ArcConfiguration": { + "AWS::NetworkFirewall::RuleGroup.MatchAttributes": { "additionalProperties": false, "properties": { - "ArcAngle": { - "markdownDescription": "The option that determines the arc angle of a `GaugeChartVisual` .", - "title": "ArcAngle", - "type": "number" + "DestinationPorts": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.PortRange" + }, + "markdownDescription": "The destination port to inspect for. You can specify an individual port, for example `1994` and you can specify a port range, for example `1990:1994` . To match with any port, specify `ANY` .\n\nThis setting is only used for protocols 6 (TCP) and 17 (UDP).", + "title": "DestinationPorts", + "type": "array" }, - "ArcThickness": { - "markdownDescription": "The options that determine the arc thickness of a `GaugeChartVisual` .", - "title": "ArcThickness", - "type": "string" + "Destinations": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.Address" + }, + "markdownDescription": "The destination IP addresses and address ranges to inspect for, in CIDR notation. If not specified, this matches with any destination address.", + "title": "Destinations", + "type": "array" + }, + "Protocols": { + "items": { + "type": "number" + }, + "markdownDescription": "The protocols to inspect for, specified using the assigned internet protocol number (IANA) for each protocol. If not specified, this matches with any protocol.", + "title": "Protocols", + "type": "array" + }, + "SourcePorts": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.PortRange" + }, + "markdownDescription": "The source port to inspect for. You can specify an individual port, for example `1994` and you can specify a port range, for example `1990:1994` . To match with any port, specify `ANY` .\n\nIf not specified, this matches with any source port.\n\nThis setting is only used for protocols 6 (TCP) and 17 (UDP).", + "title": "SourcePorts", + "type": "array" + }, + "Sources": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.Address" + }, + "markdownDescription": "The source IP addresses and address ranges to inspect for, in CIDR notation. If not specified, this matches with any source address.", + "title": "Sources", + "type": "array" + }, + "TCPFlags": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.TCPFlagField" + }, + "markdownDescription": "The TCP flags and masks to inspect for. If not specified, this matches with any settings. This setting is only used for protocol 6 (TCP).", + "title": "TCPFlags", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ArcOptions": { + "AWS::NetworkFirewall::RuleGroup.PortRange": { "additionalProperties": false, "properties": { - "ArcThickness": { - "markdownDescription": "The arc thickness of a `GaugeChartVisual` .", - "title": "ArcThickness", - "type": "string" + "FromPort": { + "markdownDescription": "The lower limit of the port range. This must be less than or equal to the `ToPort` specification.", + "title": "FromPort", + "type": "number" + }, + "ToPort": { + "markdownDescription": "The upper limit of the port range. This must be greater than or equal to the `FromPort` specification.", + "title": "ToPort", + "type": "number" } }, + "required": [ + "FromPort", + "ToPort" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.AssetOptions": { + "AWS::NetworkFirewall::RuleGroup.PortSet": { "additionalProperties": false, "properties": { - "Timezone": { - "markdownDescription": "Determines the timezone for the analysis.", - "title": "Timezone", - "type": "string" - }, - "WeekStart": { - "markdownDescription": "Determines the week start day for an analysis.", - "title": "WeekStart", - "type": "string" + "Definition": { + "items": { + "type": "string" + }, + "markdownDescription": "The set of port ranges.", + "title": "Definition", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.AttributeAggregationFunction": { + "AWS::NetworkFirewall::RuleGroup.PublishMetricAction": { "additionalProperties": false, "properties": { - "SimpleAttributeAggregation": { - "markdownDescription": "The built-in aggregation functions for attributes.\n\n- `UNIQUE_VALUE` : Returns the unique value for a field, aggregated by the dimension fields.", - "title": "SimpleAttributeAggregation", - "type": "string" - }, - "ValueForMultipleValues": { - "markdownDescription": "Used by the `UNIQUE_VALUE` aggregation function. If there are multiple values for the field used by the aggregation, the value for this property will be returned instead. Defaults to '*'.", - "title": "ValueForMultipleValues", - "type": "string" + "Dimensions": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.Dimension" + }, + "markdownDescription": "", + "title": "Dimensions", + "type": "array" } }, + "required": [ + "Dimensions" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.AxisDataOptions": { + "AWS::NetworkFirewall::RuleGroup.ReferenceSets": { "additionalProperties": false, "properties": { - "DateAxisOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateAxisOptions", - "markdownDescription": "The options for an axis with a date field.", - "title": "DateAxisOptions" - }, - "NumericAxisOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericAxisOptions", - "markdownDescription": "The options for an axis with a numeric field.", - "title": "NumericAxisOptions" + "IPSetReferences": { + "additionalProperties": false, + "markdownDescription": "The IP set references to use in the stateful rule group.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.IPSetReference" + } + }, + "title": "IPSetReferences", + "type": "object" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.AxisDisplayMinMaxRange": { + "AWS::NetworkFirewall::RuleGroup.RuleDefinition": { "additionalProperties": false, "properties": { - "Maximum": { - "markdownDescription": "The maximum setup for an axis display range.", - "title": "Maximum", - "type": "number" + "Actions": { + "items": { + "type": "string" + }, + "markdownDescription": "The actions to take on a packet that matches one of the stateless rule definition's match attributes. You must specify a standard action and you can add custom actions.\n\n> Network Firewall only forwards a packet for stateful rule inspection if you specify `aws:forward_to_sfe` for a rule that the packet matches, or if the packet doesn't match any stateless rule and you specify `aws:forward_to_sfe` for the `StatelessDefaultActions` setting for the `FirewallPolicy` . \n\nFor every rule, you must specify exactly one of the following standard actions.\n\n- *aws:pass* - Discontinues all inspection of the packet and permits it to go to its intended destination.\n- *aws:drop* - Discontinues all inspection of the packet and blocks it from going to its intended destination.\n- *aws:forward_to_sfe* - Discontinues stateless inspection of the packet and forwards it to the stateful rule engine for inspection.\n\nAdditionally, you can specify a custom action. To do this, you define a custom action by name and type, then provide the name you've assigned to the action in this `Actions` setting.\n\nTo provide more than one action in this setting, separate the settings with a comma. For example, if you have a publish metrics custom action that you've named `MyMetricsAction` , then you could specify the standard action `aws:pass` combined with the custom action using `[\u201caws:pass\u201d, \u201cMyMetricsAction\u201d]` .", + "title": "Actions", + "type": "array" }, - "Minimum": { - "markdownDescription": "The minimum setup for an axis display range.", - "title": "Minimum", - "type": "number" + "MatchAttributes": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.MatchAttributes", + "markdownDescription": "Criteria for Network Firewall to use to inspect an individual packet in stateless rule inspection. Each match attributes set can include one or more items such as IP address, CIDR range, port number, protocol, and TCP flags.", + "title": "MatchAttributes" } }, + "required": [ + "Actions", + "MatchAttributes" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.AxisDisplayOptions": { + "AWS::NetworkFirewall::RuleGroup.RuleGroup": { "additionalProperties": false, "properties": { - "AxisLineVisibility": { - "markdownDescription": "Determines whether or not the axis line is visible.", - "title": "AxisLineVisibility", - "type": "string" - }, - "AxisOffset": { - "markdownDescription": "The offset value that determines the starting placement of the axis within a visual's bounds.", - "title": "AxisOffset", - "type": "string" - }, - "DataOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDataOptions", - "markdownDescription": "The data options for an axis.", - "title": "DataOptions" - }, - "GridLineVisibility": { - "markdownDescription": "Determines whether or not the grid line is visible.", - "title": "GridLineVisibility", - "type": "string" + "ReferenceSets": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.ReferenceSets", + "markdownDescription": "The reference sets for the stateful rule group.", + "title": "ReferenceSets" }, - "ScrollbarOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScrollBarOptions", - "markdownDescription": "The scroll bar options for an axis.", - "title": "ScrollbarOptions" + "RuleVariables": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.RuleVariables", + "markdownDescription": "Settings that are available for use in the rules in the rule group. You can only use these for stateful rule groups.", + "title": "RuleVariables" }, - "TickLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisTickLabelOptions", - "markdownDescription": "The tick label options of an axis.", - "title": "TickLabelOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.AxisDisplayRange": { - "additionalProperties": false, - "properties": { - "DataDriven": { - "markdownDescription": "The data-driven setup of an axis display range.", - "title": "DataDriven", - "type": "object" + "RulesSource": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.RulesSource", + "markdownDescription": "The stateful rules or stateless rules for the rule group.", + "title": "RulesSource" }, - "MinMax": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayMinMaxRange", - "markdownDescription": "The minimum and maximum setup of an axis display range.", - "title": "MinMax" + "StatefulRuleOptions": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.StatefulRuleOptions", + "markdownDescription": "Additional options governing how Network Firewall handles stateful rules. The policies where you use your stateful rule group must have stateful rule options settings that are compatible with these settings. Some limitations apply; for more information, see [Strict evaluation order](https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-limitations-caveats.html) in the *AWS Network Firewall Developer Guide* .", + "title": "StatefulRuleOptions" } }, + "required": [ + "RulesSource" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.AxisLabelOptions": { + "AWS::NetworkFirewall::RuleGroup.RuleOption": { "additionalProperties": false, "properties": { - "ApplyTo": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisLabelReferenceOptions", - "markdownDescription": "The options that indicate which field the label belongs to.", - "title": "ApplyTo" - }, - "CustomLabel": { - "markdownDescription": "The text for the axis label.", - "title": "CustomLabel", + "Keyword": { + "markdownDescription": "The Suricata rule option keywords. For Network Firewall , the keyword signature ID (sid) is required in the format `sid:112233` . The sid must be unique within the rule group. For information about Suricata rule option keywords, see [Rule options](https://docs.aws.amazon.com/https://suricata.readthedocs.io/en/suricata-6.0.9/rules/intro.html#rule-options) .", + "title": "Keyword", "type": "string" }, - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", - "markdownDescription": "The font configuration of the axis label.", - "title": "FontConfiguration" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.AxisLabelReferenceOptions": { - "additionalProperties": false, - "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that the axis label is targeted to.", - "title": "Column" - }, - "FieldId": { - "markdownDescription": "The field that the axis label is targeted to.", - "title": "FieldId", - "type": "string" + "Settings": { + "items": { + "type": "string" + }, + "markdownDescription": "The Suricata rule option settings. Settings have zero or more values, and the number of possible settings and required settings depends on the keyword. The format for Settings is `number` . For information about Suricata rule option settings, see [Rule options](https://docs.aws.amazon.com/https://suricata.readthedocs.io/en/suricata-6.0.9/rules/intro.html#rule-options) .", + "title": "Settings", + "type": "array" } }, "required": [ - "Column", - "FieldId" + "Keyword" ], "type": "object" }, - "AWS::QuickSight::Dashboard.AxisLinearScale": { + "AWS::NetworkFirewall::RuleGroup.RuleVariables": { "additionalProperties": false, "properties": { - "StepCount": { - "markdownDescription": "The step count setup of a linear axis.", - "title": "StepCount", - "type": "number" + "IPSets": { + "additionalProperties": false, + "markdownDescription": "A list of IP addresses and address ranges, in CIDR notation.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.IPSet" + } + }, + "title": "IPSets", + "type": "object" }, - "StepSize": { - "markdownDescription": "The step size setup of a linear axis.", - "title": "StepSize", - "type": "number" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.AxisLogarithmicScale": { - "additionalProperties": false, - "properties": { - "Base": { - "markdownDescription": "The base setup of a logarithmic axis scale.", - "title": "Base", - "type": "number" + "PortSets": { + "additionalProperties": false, + "markdownDescription": "A list of port ranges.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.PortSet" + } + }, + "title": "PortSets", + "type": "object" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.AxisScale": { + "AWS::NetworkFirewall::RuleGroup.RulesSource": { "additionalProperties": false, "properties": { - "Linear": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisLinearScale", - "markdownDescription": "The linear axis scale setup.", - "title": "Linear" + "RulesSourceList": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.RulesSourceList", + "markdownDescription": "Stateful inspection criteria for a domain list rule group.", + "title": "RulesSourceList" }, - "Logarithmic": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisLogarithmicScale", - "markdownDescription": "The logarithmic axis scale setup.", - "title": "Logarithmic" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.AxisTickLabelOptions": { - "additionalProperties": false, - "properties": { - "LabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", - "markdownDescription": "Determines whether or not the axis ticks are visible.", - "title": "LabelOptions" + "RulesString": { + "markdownDescription": "Stateful inspection criteria, provided in Suricata compatible rules. Suricata is an open-source threat detection framework that includes a standard rule-based language for network traffic inspection.\n\nThese rules contain the inspection criteria and the action to take for traffic that matches the criteria, so this type of rule group doesn't have a separate action setting.\n\n> You can't use the `priority` keyword if the `RuleOrder` option in `StatefulRuleOptions` is set to `STRICT_ORDER` .", + "title": "RulesString", + "type": "string" }, - "RotationAngle": { - "markdownDescription": "The rotation angle of the axis tick labels.", - "title": "RotationAngle", - "type": "number" + "StatefulRules": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.StatefulRule" + }, + "markdownDescription": "An array of individual stateful rules inspection criteria to be used together in a stateful rule group. Use this option to specify simple Suricata rules with protocol, source and destination, ports, direction, and rule options. For information about the Suricata `Rules` format, see [Rules Format](https://docs.aws.amazon.com/https://suricata.readthedocs.io/en/suricata-7.0.3/rules/intro.html) .", + "title": "StatefulRules", + "type": "array" + }, + "StatelessRulesAndCustomActions": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.StatelessRulesAndCustomActions", + "markdownDescription": "Stateless inspection criteria to be used in a stateless rule group.", + "title": "StatelessRulesAndCustomActions" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.BarChartAggregatedFieldWells": { + "AWS::NetworkFirewall::RuleGroup.RulesSourceList": { "additionalProperties": false, "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The category (y-axis) field well of a bar chart.", - "title": "Category", - "type": "array" - }, - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The color (group/color) field well of a bar chart.", - "title": "Colors", - "type": "array" + "GeneratedRulesType": { + "markdownDescription": "Whether you want to allow or deny access to the domains in your target list.", + "title": "GeneratedRulesType", + "type": "string" }, - "SmallMultiples": { + "TargetTypes": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + "type": "string" }, - "markdownDescription": "The small multiples field well of a bar chart.", - "title": "SmallMultiples", + "markdownDescription": "The types of targets to inspect for. Valid values are `TLS_SNI` and `HTTP_HOST` .", + "title": "TargetTypes", "type": "array" }, - "Values": { + "Targets": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + "type": "string" }, - "markdownDescription": "The value field wells of a bar chart. Values are aggregated by category.", - "title": "Values", + "markdownDescription": "The domains that you want to inspect for in your traffic flows. Valid domain specifications are the following:\n\n- Explicit names. For example, `abc.example.com` matches only the domain `abc.example.com` .\n- Names that use a domain wildcard, which you indicate with an initial ' `.` '. For example, `.example.com` matches `example.com` and matches all subdomains of `example.com` , such as `abc.example.com` and `www.example.com` .", + "title": "Targets", "type": "array" } }, + "required": [ + "GeneratedRulesType", + "TargetTypes", + "Targets" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.BarChartConfiguration": { + "AWS::NetworkFirewall::RuleGroup.StatefulRule": { "additionalProperties": false, "properties": { - "BarsArrangement": { - "markdownDescription": "Determines the arrangement of the bars. The orientation and arrangement of bars determine the type of bar that is used in the visual.", - "title": "BarsArrangement", + "Action": { + "markdownDescription": "Defines what Network Firewall should do with the packets in a traffic flow when the flow matches the stateful rule criteria. For all actions, Network Firewall performs the specified action and discontinues stateful inspection of the traffic flow.\n\nThe actions for a stateful rule are defined as follows:\n\n- *PASS* - Permits the packets to go to the intended destination.\n- *DROP* - Blocks the packets from going to the intended destination and sends an alert log message, if alert logging is configured in the `Firewall` `LoggingConfiguration` .\n- *REJECT* - Drops traffic that matches the conditions of the stateful rule and sends a TCP reset packet back to sender of the packet. A TCP reset packet is a packet with no payload and a `RST` bit contained in the TCP header flags. `REJECT` is available only for TCP traffic.\n- *ALERT* - Permits the packets to go to the intended destination and sends an alert log message, if alert logging is configured in the `Firewall` `LoggingConfiguration` .\n\nYou can use this action to test a rule that you intend to use to drop traffic. You can enable the rule with `ALERT` action, verify in the logs that the rule is filtering as you want, then change the action to `DROP` .\n- *REJECT* - Drops TCP traffic that matches the conditions of the stateful rule, and sends a TCP reset packet back to sender of the packet. A TCP reset packet is a packet with no payload and a `RST` bit contained in the TCP header flags. Also sends an alert log mesage if alert logging is configured in the `Firewall` `LoggingConfiguration` .\n\n`REJECT` isn't currently available for use with IMAP and FTP protocols.", + "title": "Action", "type": "string" }, - "CategoryAxis": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) for bar chart category.", - "title": "CategoryAxis" - }, - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a bar chart.", - "title": "CategoryLabelOptions" - }, - "ColorLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a color that is used in a bar chart.", - "title": "ColorLabelOptions" - }, - "ContributionAnalysisDefaults": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ContributionAnalysisDefault" - }, - "markdownDescription": "The contribution analysis (anomaly configuration) setup of the visual.", - "title": "ContributionAnalysisDefaults", - "type": "array" - }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.", - "title": "DataLabels" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BarChartFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" - }, - "Orientation": { - "markdownDescription": "The orientation of the bars in a bar chart visual. There are two valid values in this structure:\n\n- `HORIZONTAL` : Used for charts that have horizontal bars. Visuals that use this value are horizontal bar charts, horizontal stacked bar charts, and horizontal stacked 100% bar charts.\n- `VERTICAL` : Used for charts that have vertical bars. Visuals that use this value are vertical bar charts, vertical stacked bar charts, and vertical stacked 100% bar charts.", - "title": "Orientation", - "type": "string" + "Header": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.Header", + "markdownDescription": "The stateful inspection criteria for this rule, used to inspect traffic flows.", + "title": "Header" }, - "ReferenceLines": { + "RuleOptions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLine" + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.RuleOption" }, - "markdownDescription": "The reference line setup of the visual.", - "title": "ReferenceLines", + "markdownDescription": "Additional settings for a stateful rule, provided as keywords and settings.", + "title": "RuleOptions", "type": "array" - }, - "SmallMultiplesOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SmallMultiplesOptions", - "markdownDescription": "The small multiples setup for the visual.", - "title": "SmallMultiplesOptions" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BarChartSortConfiguration", - "markdownDescription": "The sort configuration of a `BarChartVisual` .", - "title": "SortConfiguration" - }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" - }, - "ValueAxis": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) for a bar chart value.", - "title": "ValueAxis" - }, - "ValueLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a bar chart value.", - "title": "ValueLabelOptions" - }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" } }, + "required": [ + "Action", + "Header", + "RuleOptions" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.BarChartFieldWells": { + "AWS::NetworkFirewall::RuleGroup.StatefulRuleOptions": { "additionalProperties": false, "properties": { - "BarChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BarChartAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a bar chart.", - "title": "BarChartAggregatedFieldWells" + "RuleOrder": { + "markdownDescription": "Indicates how to manage the order of the rule evaluation for the rule group. `DEFAULT_ACTION_ORDER` is the default behavior. Stateful rules are provided to the rule engine as Suricata compatible strings, and Suricata evaluates them based on certain settings. For more information, see [Evaluation order for stateful rules](https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html) in the *AWS Network Firewall Developer Guide* .", + "title": "RuleOrder", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.BarChartSortConfiguration": { + "AWS::NetworkFirewall::RuleGroup.StatelessRule": { "additionalProperties": false, "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of categories displayed in a bar chart.", - "title": "CategoryItemsLimit" - }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of category fields.", - "title": "CategorySort", - "type": "array" - }, - "ColorItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of values displayed in a bar chart.", - "title": "ColorItemsLimit" + "Priority": { + "markdownDescription": "Indicates the order in which to run this rule relative to all of the rules that are defined for a stateless rule group. Network Firewall evaluates the rules in a rule group starting with the lowest priority setting. You must ensure that the priority settings are unique for the rule group.\n\nEach stateless rule group uses exactly one `StatelessRulesAndCustomActions` object, and each `StatelessRulesAndCustomActions` contains exactly one `StatelessRules` object. To ensure unique priority settings for your rule groups, set unique priorities for the stateless rules that you define inside any single `StatelessRules` object.\n\nYou can change the priority settings of your rules at any time. To make it easier to insert rules later, number them so there's a wide range in between, for example use 100, 200, and so on.", + "title": "Priority", + "type": "number" }, - "ColorSort": { + "RuleDefinition": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.RuleDefinition", + "markdownDescription": "Defines the stateless 5-tuple packet inspection criteria and the action to take on a packet that matches the criteria.", + "title": "RuleDefinition" + } + }, + "required": [ + "Priority", + "RuleDefinition" + ], + "type": "object" + }, + "AWS::NetworkFirewall::RuleGroup.StatelessRulesAndCustomActions": { + "additionalProperties": false, + "properties": { + "CustomActions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.CustomAction" }, - "markdownDescription": "The sort configuration of color fields in a bar chart.", - "title": "ColorSort", + "markdownDescription": "Defines an array of individual custom action definitions that are available for use by the stateless rules in this `StatelessRulesAndCustomActions` specification. You name each custom action that you define, and then you can use it by name in your stateless rule `RuleGroup.RuleDefinition` `Actions` specification.", + "title": "CustomActions", "type": "array" }, - "SmallMultiplesLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of small multiples panels that are displayed.", - "title": "SmallMultiplesLimitConfiguration" - }, - "SmallMultiplesSort": { + "StatelessRules": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.StatelessRule" }, - "markdownDescription": "The sort configuration of the small multiples field.", - "title": "SmallMultiplesSort", + "markdownDescription": "Defines the set of stateless rules for use in a stateless rule group.", + "title": "StatelessRules", "type": "array" } }, + "required": [ + "StatelessRules" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.BarChartVisual": { + "AWS::NetworkFirewall::RuleGroup.TCPFlagField": { "additionalProperties": false, "properties": { - "Actions": { + "Flags": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + "type": "string" }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", + "markdownDescription": "Used in conjunction with the `Masks` setting to define the flags that must be set and flags that must not be set in order for the packet to match. This setting can only specify values that are also specified in the `Masks` setting.\n\nFor the flags that are specified in the masks setting, the following must be true for the packet to match:\n\n- The ones that are set in this flags setting must be set in the packet.\n- The ones that are not set in this flags setting must also not be set in the packet.", + "title": "Flags", "type": "array" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BarChartConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" - }, - "ColumnHierarchies": { + "Masks": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + "type": "string" }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", + "markdownDescription": "The set of flags to consider in the inspection. To inspect all flags in the valid values list, leave this with no setting.", + "title": "Masks", "type": "array" + } + }, + "required": [ + "Flags" + ], + "type": "object" + }, + "AWS::NetworkFirewall::TLSInspectionConfiguration": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the TLS inspection configuration.", + "title": "Description", + "type": "string" + }, + "TLSInspectionConfiguration": { + "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.TLSInspectionConfiguration", + "markdownDescription": "The object that defines a TLS inspection configuration. AWS Network Firewall uses TLS inspection configurations to decrypt your firewall's inbound and outbound SSL/TLS traffic. After decryption, AWS Network Firewall inspects the traffic according to your firewall policy's stateful rules, and then re-encrypts it before sending it to its destination. You can enable inspection of your firewall's inbound traffic, outbound traffic, or both. To use TLS inspection with your firewall, you must first import or provision certificates using AWS Certificate Manager , create a TLS inspection configuration, add that configuration to a new firewall policy, and then associate that policy with your firewall. For more information about using TLS inspection configurations, see [Inspecting SSL/TLS traffic with TLS inspection configurations](https://docs.aws.amazon.com/network-firewall/latest/developerguide/tls-inspection.html) in the *AWS Network Firewall Developer Guide* .", + "title": "TLSInspectionConfiguration" + }, + "TLSInspectionConfigurationName": { + "markdownDescription": "The descriptive name of the TLS inspection configuration. You can't change the name of a TLS inspection configuration after you create it.", + "title": "TLSInspectionConfigurationName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The key:value pairs to associate with the resource.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "TLSInspectionConfiguration", + "TLSInspectionConfigurationName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NetworkFirewall::TLSInspectionConfiguration" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.BinCountOptions": { + "AWS::NetworkFirewall::TLSInspectionConfiguration.Address": { "additionalProperties": false, "properties": { - "Value": { - "markdownDescription": "The options that determine the bin count value.", - "title": "Value", - "type": "number" + "AddressDefinition": { + "markdownDescription": "Specify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4 and IPv6.\n\nExamples:\n\n- To configure Network Firewall to inspect for the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n- To configure Network Firewall to inspect for the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure Network Firewall to inspect for IP addresses from 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .", + "title": "AddressDefinition", + "type": "string" } }, + "required": [ + "AddressDefinition" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.BinWidthOptions": { + "AWS::NetworkFirewall::TLSInspectionConfiguration.CheckCertificateRevocationStatus": { "additionalProperties": false, "properties": { - "BinCountLimit": { - "markdownDescription": "The options that determine the bin count limit.", - "title": "BinCountLimit", - "type": "number" + "RevokedStatusAction": { + "markdownDescription": "Configures how Network Firewall processes traffic when it determines that the certificate presented by the server in the SSL/TLS connection has a revoked status.\n\n- *PASS* - Allow the connection to continue, and pass subsequent packets to the stateful engine for inspection.\n- *DROP* - Network Firewall closes the connection and drops subsequent packets for that connection.\n- *REJECT* - Network Firewall sends a TCP reject packet back to your client. The service closes the connection and drops subsequent packets for that connection. `REJECT` is available only for TCP traffic.", + "title": "RevokedStatusAction", + "type": "string" }, - "Value": { - "markdownDescription": "The options that determine the bin width value.", - "title": "Value", - "type": "number" + "UnknownStatusAction": { + "markdownDescription": "Configures how Network Firewall processes traffic when it determines that the certificate presented by the server in the SSL/TLS connection has an unknown status, or a status that cannot be determined for any other reason, including when the service is unable to connect to the OCSP and CRL endpoints for the certificate.\n\n- *PASS* - Allow the connection to continue, and pass subsequent packets to the stateful engine for inspection.\n- *DROP* - Network Firewall closes the connection and drops subsequent packets for that connection.\n- *REJECT* - Network Firewall sends a TCP reject packet back to your client. The service closes the connection and drops subsequent packets for that connection. `REJECT` is available only for TCP traffic.", + "title": "UnknownStatusAction", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.BodySectionConfiguration": { + "AWS::NetworkFirewall::TLSInspectionConfiguration.PortRange": { "additionalProperties": false, "properties": { - "Content": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BodySectionContent", - "markdownDescription": "The configuration of content in a body section.", - "title": "Content" - }, - "PageBreakConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionPageBreakConfiguration", - "markdownDescription": "The configuration of a page break for a section.", - "title": "PageBreakConfiguration" - }, - "SectionId": { - "markdownDescription": "The unique identifier of a body section.", - "title": "SectionId", - "type": "string" + "FromPort": { + "markdownDescription": "The lower limit of the port range. This must be less than or equal to the `ToPort` specification.", + "title": "FromPort", + "type": "number" }, - "Style": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionStyle", - "markdownDescription": "The style options of a body section.", - "title": "Style" + "ToPort": { + "markdownDescription": "The upper limit of the port range. This must be greater than or equal to the `FromPort` specification.", + "title": "ToPort", + "type": "number" } }, "required": [ - "Content", - "SectionId" + "FromPort", + "ToPort" ], "type": "object" }, - "AWS::QuickSight::Dashboard.BodySectionContent": { + "AWS::NetworkFirewall::TLSInspectionConfiguration.ServerCertificate": { "additionalProperties": false, "properties": { - "Layout": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionLayoutConfiguration", - "markdownDescription": "The layout configuration of a body section.", - "title": "Layout" + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Certificate Manager SSL/TLS server certificate that's used for inbound SSL/TLS inspection.", + "title": "ResourceArn", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.BoxPlotAggregatedFieldWells": { + "AWS::NetworkFirewall::TLSInspectionConfiguration.ServerCertificateConfiguration": { "additionalProperties": false, "properties": { - "GroupBy": { + "CertificateAuthorityArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the imported certificate authority (CA) certificate within AWS Certificate Manager (ACM) to use for outbound SSL/TLS inspection.\n\nThe following limitations apply:\n\n- You can use CA certificates that you imported into ACM, but you can't generate CA certificates with ACM.\n- You can't use certificates issued by AWS Private Certificate Authority .\n\nFor more information about configuring certificates for outbound inspection, see [Using SSL/TLS certificates with TLS inspection configurations](https://docs.aws.amazon.com/network-firewall/latest/developerguide/tls-inspection-certificate-requirements.html) in the *AWS Network Firewall Developer Guide* .\n\nFor information about working with certificates in ACM, see [Importing certificates](https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html) in the *AWS Certificate Manager User Guide* .", + "title": "CertificateAuthorityArn", + "type": "string" + }, + "CheckCertificateRevocationStatus": { + "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.CheckCertificateRevocationStatus", + "markdownDescription": "When enabled, Network Firewall checks if the server certificate presented by the server in the SSL/TLS connection has a revoked or unkown status. If the certificate has an unknown or revoked status, you must specify the actions that Network Firewall takes on outbound traffic. To check the certificate revocation status, you must also specify a `CertificateAuthorityArn` in [ServerCertificateConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-servercertificateconfiguration.html) .", + "title": "CheckCertificateRevocationStatus" + }, + "Scopes": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.ServerCertificateScope" }, - "markdownDescription": "The group by field well of a box plot chart. Values are grouped based on group by fields.", - "title": "GroupBy", + "markdownDescription": "A list of scopes.", + "title": "Scopes", "type": "array" }, - "Values": { + "ServerCertificates": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.ServerCertificate" }, - "markdownDescription": "The value field well of a box plot chart. Values are aggregated based on group by fields.", - "title": "Values", + "markdownDescription": "The list of server certificates to use for inbound SSL/TLS inspection.", + "title": "ServerCertificates", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.BoxPlotChartConfiguration": { + "AWS::NetworkFirewall::TLSInspectionConfiguration.ServerCertificateScope": { "additionalProperties": false, "properties": { - "BoxPlotOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotOptions", - "markdownDescription": "The box plot chart options for a box plot visual", - "title": "BoxPlotOptions" - }, - "CategoryAxis": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) of a box plot category.", - "title": "CategoryAxis" - }, - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort Icon visibility) of a box plot category.", - "title": "CategoryLabelOptions" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", - "markdownDescription": "", - "title": "Legend" - }, - "PrimaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) of a box plot category.", - "title": "PrimaryYAxisDisplayOptions" - }, - "PrimaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort icon visibility) of a box plot value.", - "title": "PrimaryYAxisLabelOptions" + "DestinationPorts": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.PortRange" + }, + "markdownDescription": "The destination ports to decrypt for inspection, in Transmission Control Protocol (TCP) format. If not specified, this matches with any destination port.\n\nYou can specify individual ports, for example `1994` , and you can specify port ranges, such as `1990:1994` .", + "title": "DestinationPorts", + "type": "array" }, - "ReferenceLines": { + "Destinations": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLine" + "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.Address" }, - "markdownDescription": "The reference line setup of the visual.", - "title": "ReferenceLines", + "markdownDescription": "The destination IP addresses and address ranges to decrypt for inspection, in CIDR notation. If not specified, this\nmatches with any destination address.", + "title": "Destinations", "type": "array" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotSortConfiguration", - "markdownDescription": "The sort configuration of a `BoxPlotVisual` .", - "title": "SortConfiguration" + "Protocols": { + "items": { + "type": "number" + }, + "markdownDescription": "The protocols to inspect for, specified using the assigned internet protocol number (IANA) for each protocol. If not specified, this matches with any protocol.\n\nNetwork Firewall currently supports only TCP.", + "title": "Protocols", + "type": "array" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" + "SourcePorts": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.PortRange" + }, + "markdownDescription": "The source ports to decrypt for inspection, in Transmission Control Protocol (TCP) format. If not specified, this matches with any source port.\n\nYou can specify individual ports, for example `1994` , and you can specify port ranges, such as `1990:1994` .", + "title": "SourcePorts", + "type": "array" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" + "Sources": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.Address" + }, + "markdownDescription": "The source IP addresses and address ranges to decrypt for inspection, in CIDR notation. If not specified, this\nmatches with any source address.", + "title": "Sources", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.BoxPlotFieldWells": { + "AWS::NetworkFirewall::TLSInspectionConfiguration.TLSInspectionConfiguration": { "additionalProperties": false, "properties": { - "BoxPlotAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a box plot.", - "title": "BoxPlotAggregatedFieldWells" + "ServerCertificateConfigurations": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.ServerCertificateConfiguration" + }, + "markdownDescription": "Lists the server certificate configurations that are associated with the TLS configuration.", + "title": "ServerCertificateConfigurations", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.BoxPlotOptions": { + "AWS::NetworkFirewall::VpcEndpointAssociation": { "additionalProperties": false, "properties": { - "AllDataPointsVisibility": { - "markdownDescription": "Determines the visibility of all data points of the box plot.", - "title": "AllDataPointsVisibility", + "Condition": { "type": "string" }, - "OutlierVisibility": { - "markdownDescription": "Determines the visibility of the outlier in a box plot.", - "title": "OutlierVisibility", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "StyleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotStyleOptions", - "markdownDescription": "The style options of the box plot.", - "title": "StyleOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.BoxPlotSortConfiguration": { - "additionalProperties": false, - "properties": { - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the VPC endpoint association.", + "title": "Description", + "type": "string" + }, + "FirewallArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the firewall.", + "title": "FirewallArn", + "type": "string" + }, + "SubnetMapping": { + "$ref": "#/definitions/AWS::NetworkFirewall::VpcEndpointAssociation.SubnetMapping", + "markdownDescription": "The ID for a subnet that's used in an association with a firewall. This is used in `CreateFirewall` , `AssociateSubnets` , and `CreateVpcEndpointAssociation` . AWS Network Firewall creates an instance of the associated firewall in each subnet that you specify, to filter traffic in the subnet's Availability Zone.", + "title": "SubnetMapping" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The key:value pairs to associate with the resource.", + "title": "Tags", + "type": "array" + }, + "VpcId": { + "markdownDescription": "The unique identifier of the VPC for the endpoint association.", + "title": "VpcId", + "type": "string" + } }, - "markdownDescription": "The sort configuration of a group by fields.", - "title": "CategorySort", - "type": "array" + "required": [ + "FirewallArn", + "SubnetMapping", + "VpcId" + ], + "type": "object" }, - "PaginationConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PaginationConfiguration", - "markdownDescription": "The pagination configuration of a table visual or box plot.", - "title": "PaginationConfiguration" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.BoxPlotStyleOptions": { - "additionalProperties": false, - "properties": { - "FillStyle": { - "markdownDescription": "The fill styles (solid, transparent) of the box plot.", - "title": "FillStyle", + "Type": { + "enum": [ + "AWS::NetworkFirewall::VpcEndpointAssociation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.BoxPlotVisual": { + "AWS::NetworkFirewall::VpcEndpointAssociation.SubnetMapping": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotChartConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" - }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "IPAddressType": { + "markdownDescription": "The subnet's IP address type. You can't change the IP address type after you create the subnet.", + "title": "IPAddressType", + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "SubnetId": { + "markdownDescription": "The unique identifier for the subnet.", + "title": "SubnetId", "type": "string" } }, "required": [ - "VisualId" + "SubnetId" ], "type": "object" }, - "AWS::QuickSight::Dashboard.CalculatedField": { + "AWS::NetworkManager::ConnectAttachment": { "additionalProperties": false, "properties": { - "DataSetIdentifier": { - "markdownDescription": "The data set that is used in this calculated field.", - "title": "DataSetIdentifier", + "Condition": { "type": "string" }, - "Expression": { - "markdownDescription": "The expression of the calculated field.", - "title": "Expression", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Name": { - "markdownDescription": "The name of the calculated field.", - "title": "Name", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CoreNetworkId": { + "markdownDescription": "The ID of the core network where the Connect attachment is located.", + "title": "CoreNetworkId", + "type": "string" + }, + "EdgeLocation": { + "markdownDescription": "The Region where the edge is located.", + "title": "EdgeLocation", + "type": "string" + }, + "NetworkFunctionGroupName": { + "markdownDescription": "The name of the network function group.", + "title": "NetworkFunctionGroupName", + "type": "string" + }, + "Options": { + "$ref": "#/definitions/AWS::NetworkManager::ConnectAttachment.ConnectAttachmentOptions", + "markdownDescription": "Options for connecting an attachment.", + "title": "Options" + }, + "ProposedNetworkFunctionGroupChange": { + "$ref": "#/definitions/AWS::NetworkManager::ConnectAttachment.ProposedNetworkFunctionGroupChange", + "markdownDescription": "Describes proposed changes to a network function group.", + "title": "ProposedNetworkFunctionGroupChange" + }, + "ProposedSegmentChange": { + "$ref": "#/definitions/AWS::NetworkManager::ConnectAttachment.ProposedSegmentChange", + "markdownDescription": "Describes a proposed segment change. In some cases, the segment change must first be evaluated and accepted.", + "title": "ProposedSegmentChange" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags associated with the Connect attachment.", + "title": "Tags", + "type": "array" + }, + "TransportAttachmentId": { + "markdownDescription": "The ID of the transport attachment.", + "title": "TransportAttachmentId", + "type": "string" + } + }, + "required": [ + "CoreNetworkId", + "EdgeLocation", + "Options", + "TransportAttachmentId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NetworkManager::ConnectAttachment" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "DataSetIdentifier", - "Expression", - "Name" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.CalculatedMeasureField": { + "AWS::NetworkManager::ConnectAttachment.ConnectAttachmentOptions": { "additionalProperties": false, "properties": { - "Expression": { - "markdownDescription": "The expression in the table calculation.", - "title": "Expression", - "type": "string" - }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "Protocol": { + "markdownDescription": "The protocol used for the attachment connection.", + "title": "Protocol", "type": "string" } }, - "required": [ - "Expression", - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.CascadingControlConfiguration": { + "AWS::NetworkManager::ConnectAttachment.ProposedNetworkFunctionGroupChange": { "additionalProperties": false, "properties": { - "SourceControls": { + "AttachmentPolicyRuleNumber": { + "markdownDescription": "The proposed new attachment policy rule number for the network function group.", + "title": "AttachmentPolicyRuleNumber", + "type": "number" + }, + "NetworkFunctionGroupName": { + "markdownDescription": "The proposed name change for the network function group name.", + "title": "NetworkFunctionGroupName", + "type": "string" + }, + "Tags": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CascadingControlSource" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of source controls that determine the values that are used in the current control.", - "title": "SourceControls", + "markdownDescription": "The list of proposed changes to the key-value tags associated with the network function group.", + "title": "Tags", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.CascadingControlSource": { + "AWS::NetworkManager::ConnectAttachment.ProposedSegmentChange": { "additionalProperties": false, "properties": { - "ColumnToMatch": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column identifier that determines which column to look up for the source sheet control.", - "title": "ColumnToMatch" + "AttachmentPolicyRuleNumber": { + "markdownDescription": "The rule number in the policy document that applies to this change.", + "title": "AttachmentPolicyRuleNumber", + "type": "number" }, - "SourceSheetControlId": { - "markdownDescription": "The source sheet control ID of a `CascadingControlSource` .", - "title": "SourceSheetControlId", + "SegmentName": { + "markdownDescription": "The name of the segment to change.", + "title": "SegmentName", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of key-value tags that changed for the segment.", + "title": "Tags", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.CategoricalDimensionField": { + "AWS::NetworkManager::ConnectPeer": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that is used in the `CategoricalDimensionField` .", - "title": "Column" + "Condition": { + "type": "string" }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "HierarchyId": { - "markdownDescription": "The custom hierarchy ID.", - "title": "HierarchyId", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "BgpOptions": { + "$ref": "#/definitions/AWS::NetworkManager::ConnectPeer.BgpOptions", + "markdownDescription": "Describes the BGP options.", + "title": "BgpOptions" + }, + "ConnectAttachmentId": { + "markdownDescription": "The ID of the attachment to connect.", + "title": "ConnectAttachmentId", + "type": "string" + }, + "CoreNetworkAddress": { + "markdownDescription": "The IP address of a core network.", + "title": "CoreNetworkAddress", + "type": "string" + }, + "InsideCidrBlocks": { + "items": { + "type": "string" + }, + "markdownDescription": "The inside IP addresses used for a Connect peer configuration.", + "title": "InsideCidrBlocks", + "type": "array" + }, + "PeerAddress": { + "markdownDescription": "The IP address of the Connect peer.", + "title": "PeerAddress", + "type": "string" + }, + "SubnetArn": { + "markdownDescription": "The subnet ARN of the Connect peer.", + "title": "SubnetArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of key-value tags associated with the Connect peer.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "ConnectAttachmentId", + "PeerAddress" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NetworkManager::ConnectPeer" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Column", - "FieldId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.CategoricalMeasureField": { + "AWS::NetworkManager::ConnectPeer.BgpOptions": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "markdownDescription": "The aggregation function of the measure field.", - "title": "AggregationFunction", + "PeerAsn": { + "markdownDescription": "The Peer ASN of the BGP.", + "title": "PeerAsn", + "type": "number" + } + }, + "type": "object" + }, + "AWS::NetworkManager::ConnectPeer.ConnectPeerBgpConfiguration": { + "additionalProperties": false, + "properties": { + "CoreNetworkAddress": { + "markdownDescription": "The address of a core network.", + "title": "CoreNetworkAddress", "type": "string" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that is used in the `CategoricalMeasureField` .", - "title": "Column" + "CoreNetworkAsn": { + "markdownDescription": "The ASN of the Coret Network.", + "title": "CoreNetworkAsn", + "type": "number" }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "PeerAddress": { + "markdownDescription": "The address of a core network Connect peer.", + "title": "PeerAddress", "type": "string" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" + "PeerAsn": { + "markdownDescription": "The ASN of the Connect peer.", + "title": "PeerAsn", + "type": "number" } }, - "required": [ - "Column", - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.CategoryDrillDownFilter": { + "AWS::NetworkManager::ConnectPeer.ConnectPeerConfiguration": { "additionalProperties": false, "properties": { - "CategoryValues": { + "BgpConfigurations": { + "items": { + "$ref": "#/definitions/AWS::NetworkManager::ConnectPeer.ConnectPeerBgpConfiguration" + }, + "markdownDescription": "The Connect peer BGP configurations.", + "title": "BgpConfigurations", + "type": "array" + }, + "CoreNetworkAddress": { + "markdownDescription": "The IP address of a core network.", + "title": "CoreNetworkAddress", + "type": "string" + }, + "InsideCidrBlocks": { "items": { "type": "string" }, - "markdownDescription": "A list of the string inputs that are the values of the category drill down filter.", - "title": "CategoryValues", + "markdownDescription": "The inside IP addresses used for a Connect peer configuration.", + "title": "InsideCidrBlocks", "type": "array" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" + "PeerAddress": { + "markdownDescription": "The IP address of the Connect peer.", + "title": "PeerAddress", + "type": "string" + }, + "Protocol": { + "markdownDescription": "The protocol used for a Connect peer configuration.", + "title": "Protocol", + "type": "string" } }, - "required": [ - "CategoryValues", - "Column" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.CategoryFilter": { + "AWS::NetworkManager::CoreNetwork": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" + "Condition": { + "type": "string" }, - "Configuration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CategoryFilterConfiguration", - "markdownDescription": "The configuration for a `CategoryFilter` .", - "title": "Configuration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of a core network.", + "title": "Description", + "type": "string" + }, + "GlobalNetworkId": { + "markdownDescription": "The ID of the global network that your core network is a part of.", + "title": "GlobalNetworkId", + "type": "string" + }, + "PolicyDocument": { + "markdownDescription": "Describes a core network policy. For more information, see [Core network policies](https://docs.aws.amazon.com/network-manager/latest/cloudwan/cloudwan-policy-change-sets.html) .\n\nIf you update the policy document, CloudFormation will apply the core network change set generated from the updated policy document, and then set it as the LIVE policy.", + "title": "PolicyDocument", + "type": "object" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of key-value tags associated with a core network.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "GlobalNetworkId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NetworkManager::CoreNetwork" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Column", - "Configuration", - "FilterId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.CategoryFilterConfiguration": { + "AWS::NetworkManager::CoreNetwork.CoreNetworkEdge": { "additionalProperties": false, "properties": { - "CustomFilterConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomFilterConfiguration", - "markdownDescription": "A custom filter that filters based on a single value. This filter can be partially matched.", - "title": "CustomFilterConfiguration" + "Asn": { + "markdownDescription": "The ASN of a core network edge.", + "title": "Asn", + "type": "number" }, - "CustomFilterListConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomFilterListConfiguration", - "markdownDescription": "A list of custom filter values. In the Amazon QuickSight console, this filter type is called a custom filter list.", - "title": "CustomFilterListConfiguration" + "EdgeLocation": { + "markdownDescription": "The Region where a core network edge is located.", + "title": "EdgeLocation", + "type": "string" }, - "FilterListConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterListConfiguration", - "markdownDescription": "A list of filter configurations. In the Amazon QuickSight console, this filter type is called a filter list.", - "title": "FilterListConfiguration" + "InsideCidrBlocks": { + "items": { + "type": "string" + }, + "markdownDescription": "The inside IP addresses used for core network edges.", + "title": "InsideCidrBlocks", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ChartAxisLabelOptions": { + "AWS::NetworkManager::CoreNetwork.CoreNetworkNetworkFunctionGroup": { "additionalProperties": false, "properties": { - "AxisLabelOptions": { + "EdgeLocations": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisLabelOptions" + "type": "string" }, - "markdownDescription": "The label options for a chart axis.", - "title": "AxisLabelOptions", + "markdownDescription": "The core network edge locations.", + "title": "EdgeLocations", "type": "array" }, - "SortIconVisibility": { - "markdownDescription": "The visibility configuration of the sort icon on a chart's axis label.", - "title": "SortIconVisibility", + "Name": { + "markdownDescription": "The name of the network function group.", + "title": "Name", "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of an axis label on a chart. Choose one of the following options:\n\n- `VISIBLE` : Shows the axis.\n- `HIDDEN` : Hides the axis.", - "title": "Visibility", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.ClusterMarker": { - "additionalProperties": false, - "properties": { - "SimpleClusterMarker": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SimpleClusterMarker", - "markdownDescription": "The simple cluster marker of the cluster marker.", - "title": "SimpleClusterMarker" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.ClusterMarkerConfiguration": { - "additionalProperties": false, - "properties": { - "ClusterMarker": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ClusterMarker", - "markdownDescription": "The cluster marker that is a part of the cluster marker configuration.", - "title": "ClusterMarker" + "Segments": { + "$ref": "#/definitions/AWS::NetworkManager::CoreNetwork.Segments", + "markdownDescription": "The segments associated with the network function group.", + "title": "Segments" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ColorScale": { + "AWS::NetworkManager::CoreNetwork.CoreNetworkSegment": { "additionalProperties": false, "properties": { - "ColorFillType": { - "markdownDescription": "Determines the color fill type.", - "title": "ColorFillType", + "EdgeLocations": { + "items": { + "type": "string" + }, + "markdownDescription": "The Regions where the edges are located.", + "title": "EdgeLocations", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of a core network segment.", + "title": "Name", "type": "string" }, - "Colors": { + "SharedSegments": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataColor" + "type": "string" }, - "markdownDescription": "Determines the list of colors that are applied to the visual.", - "title": "Colors", + "markdownDescription": "The shared segments of a core network.", + "title": "SharedSegments", "type": "array" - }, - "NullValueColor": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataColor", - "markdownDescription": "Determines the color that is applied to null values.", - "title": "NullValueColor" } }, - "required": [ - "ColorFillType", - "Colors" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.ColorsConfiguration": { + "AWS::NetworkManager::CoreNetwork.Segments": { "additionalProperties": false, "properties": { - "CustomColors": { + "SendTo": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomColor" + "type": "string" }, - "markdownDescription": "A list of up to 50 custom colors.", - "title": "CustomColors", + "markdownDescription": "", + "title": "SendTo", + "type": "array" + }, + "SendVia": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "SendVia", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ColumnConfiguration": { + "AWS::NetworkManager::CustomerGatewayAssociation": { "additionalProperties": false, "properties": { - "ColorsConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColorsConfiguration", - "markdownDescription": "The color configurations of the column.", - "title": "ColorsConfiguration" + "Condition": { + "type": "string" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column.", - "title": "Column" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FormatConfiguration", - "markdownDescription": "The format configuration of a column.", - "title": "FormatConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Role": { - "markdownDescription": "The role of the column.", - "title": "Role", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CustomerGatewayArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the customer gateway.", + "title": "CustomerGatewayArn", + "type": "string" + }, + "DeviceId": { + "markdownDescription": "The ID of the device.", + "title": "DeviceId", + "type": "string" + }, + "GlobalNetworkId": { + "markdownDescription": "The ID of the global network.", + "title": "GlobalNetworkId", + "type": "string" + }, + "LinkId": { + "markdownDescription": "The ID of the link.", + "title": "LinkId", + "type": "string" + } + }, + "required": [ + "CustomerGatewayArn", + "DeviceId", + "GlobalNetworkId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NetworkManager::CustomerGatewayAssociation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Column" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ColumnHierarchy": { + "AWS::NetworkManager::Device": { "additionalProperties": false, "properties": { - "DateTimeHierarchy": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeHierarchy", - "markdownDescription": "The option that determines the hierarchy of any `DateTime` fields.", - "title": "DateTimeHierarchy" + "Condition": { + "type": "string" }, - "ExplicitHierarchy": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ExplicitHierarchy", - "markdownDescription": "The option that determines the hierarchy of the fields that are built within a visual's field wells. These fields can't be duplicated to other visuals.", - "title": "ExplicitHierarchy" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "PredefinedHierarchy": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PredefinedHierarchy", - "markdownDescription": "The option that determines the hierarchy of the fields that are defined during data preparation. These fields are available to use in any analysis that uses the data source.", - "title": "PredefinedHierarchy" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.ColumnIdentifier": { - "additionalProperties": false, - "properties": { - "ColumnName": { - "markdownDescription": "The name of the column.", - "title": "ColumnName", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AWSLocation": { + "$ref": "#/definitions/AWS::NetworkManager::Device.AWSLocation", + "markdownDescription": "The AWS location of the device.", + "title": "AWSLocation" + }, + "Description": { + "markdownDescription": "A description of the device.\n\nConstraints: Maximum length of 256 characters.", + "title": "Description", + "type": "string" + }, + "GlobalNetworkId": { + "markdownDescription": "The ID of the global network.", + "title": "GlobalNetworkId", + "type": "string" + }, + "Location": { + "$ref": "#/definitions/AWS::NetworkManager::Device.Location", + "markdownDescription": "The site location.", + "title": "Location" + }, + "Model": { + "markdownDescription": "The model of the device.\n\nConstraints: Maximum length of 128 characters.", + "title": "Model", + "type": "string" + }, + "SerialNumber": { + "markdownDescription": "The serial number of the device.\n\nConstraints: Maximum length of 128 characters.", + "title": "SerialNumber", + "type": "string" + }, + "SiteId": { + "markdownDescription": "The site ID.", + "title": "SiteId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the device.", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "The device type.", + "title": "Type", + "type": "string" + }, + "Vendor": { + "markdownDescription": "The vendor of the device.\n\nConstraints: Maximum length of 128 characters.", + "title": "Vendor", + "type": "string" + } + }, + "required": [ + "GlobalNetworkId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NetworkManager::Device" + ], "type": "string" }, - "DataSetIdentifier": { - "markdownDescription": "The data set that the column belongs to.", - "title": "DataSetIdentifier", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ColumnName", - "DataSetIdentifier" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ColumnSort": { + "AWS::NetworkManager::Device.AWSLocation": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationFunction", - "markdownDescription": "The aggregation function that is defined in the column sort.", - "title": "AggregationFunction" - }, - "Direction": { - "markdownDescription": "The sort direction.", - "title": "Direction", + "SubnetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the subnet that the device is located in.", + "title": "SubnetArn", "type": "string" }, - "SortBy": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "", - "title": "SortBy" + "Zone": { + "markdownDescription": "The Zone that the device is located in. Specify the ID of an Availability Zone, Local Zone, Wavelength Zone, or an Outpost.", + "title": "Zone", + "type": "string" } }, - "required": [ - "Direction", - "SortBy" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.ColumnTooltipItem": { + "AWS::NetworkManager::Device.Location": { "additionalProperties": false, "properties": { - "Aggregation": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationFunction", - "markdownDescription": "The aggregation function of the column tooltip item.", - "title": "Aggregation" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The target column of the tooltip item.", - "title": "Column" + "Address": { + "markdownDescription": "The physical address.", + "title": "Address", + "type": "string" }, - "Label": { - "markdownDescription": "The label of the tooltip item.", - "title": "Label", + "Latitude": { + "markdownDescription": "The latitude.", + "title": "Latitude", "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the tooltip item.", - "title": "Visibility", + "Longitude": { + "markdownDescription": "The longitude.", + "title": "Longitude", "type": "string" } }, - "required": [ - "Column" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.ComboChartAggregatedFieldWells": { + "AWS::NetworkManager::DirectConnectGatewayAttachment": { "additionalProperties": false, "properties": { - "BarValues": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The aggregated `BarValues` field well of a combo chart.", - "title": "BarValues", - "type": "array" + "Condition": { + "type": "string" }, - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The aggregated category field wells of a combo chart.", - "title": "Category", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The aggregated colors field well of a combo chart.", - "title": "Colors", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "LineValues": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CoreNetworkId": { + "markdownDescription": "", + "title": "CoreNetworkId", + "type": "string" + }, + "DirectConnectGatewayArn": { + "markdownDescription": "The Direct Connect gateway attachment ARN.", + "title": "DirectConnectGatewayArn", + "type": "string" + }, + "EdgeLocations": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "EdgeLocations", + "type": "array" + }, + "ProposedNetworkFunctionGroupChange": { + "$ref": "#/definitions/AWS::NetworkManager::DirectConnectGatewayAttachment.ProposedNetworkFunctionGroupChange", + "markdownDescription": "Describes proposed changes to a network function group.", + "title": "ProposedNetworkFunctionGroupChange" + }, + "ProposedSegmentChange": { + "$ref": "#/definitions/AWS::NetworkManager::DirectConnectGatewayAttachment.ProposedSegmentChange", + "markdownDescription": "Describes a proposed segment change. In some cases, the segment change must first be evaluated and accepted.", + "title": "ProposedSegmentChange" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The aggregated `LineValues` field well of a combo chart.", - "title": "LineValues", - "type": "array" + "required": [ + "CoreNetworkId", + "DirectConnectGatewayArn", + "EdgeLocations" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NetworkManager::DirectConnectGatewayAttachment" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.ComboChartConfiguration": { + "AWS::NetworkManager::DirectConnectGatewayAttachment.ProposedNetworkFunctionGroupChange": { "additionalProperties": false, "properties": { - "BarDataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.\n\nThe data label options for a bar in a combo chart.", - "title": "BarDataLabels" + "AttachmentPolicyRuleNumber": { + "markdownDescription": "The proposed new attachment policy rule number for the network function group.", + "title": "AttachmentPolicyRuleNumber", + "type": "number" }, - "BarsArrangement": { - "markdownDescription": "Determines the bar arrangement in a combo chart. The following are valid values in this structure:\n\n- `CLUSTERED` : For clustered bar combo charts.\n- `STACKED` : For stacked bar combo charts.\n- `STACKED_PERCENT` : Do not use. If you use this value, the operation returns a validation error.", - "title": "BarsArrangement", + "NetworkFunctionGroupName": { + "markdownDescription": "The proposed name change for the network function group name.", + "title": "NetworkFunctionGroupName", "type": "string" }, - "CategoryAxis": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The category axis of a combo chart.", - "title": "CategoryAxis" - }, - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart category (group/color) field well.", - "title": "CategoryLabelOptions" - }, - "ColorLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's color field well.", - "title": "ColorLabelOptions" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComboChartFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" - }, - "LineDataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.\n\nThe data label options for a line in a combo chart.", - "title": "LineDataLabels" - }, - "PrimaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, and axis step) of a combo chart's primary y-axis (bar) field well.", - "title": "PrimaryYAxisDisplayOptions" - }, - "PrimaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's primary y-axis (bar) field well.", - "title": "PrimaryYAxisLabelOptions" - }, - "ReferenceLines": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLine" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The reference line setup of the visual.", - "title": "ReferenceLines", + "markdownDescription": "The list of proposed changes to the key-value tags associated with the network function group.", + "title": "Tags", "type": "array" - }, - "SecondaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) of a combo chart's secondary y-axis (line) field well.", - "title": "SecondaryYAxisDisplayOptions" - }, - "SecondaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's secondary y-axis(line) field well.", - "title": "SecondaryYAxisLabelOptions" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComboChartSortConfiguration", - "markdownDescription": "The sort configuration of a `ComboChartVisual` .", - "title": "SortConfiguration" - }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Tooltip" - }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.ComboChartFieldWells": { - "additionalProperties": false, - "properties": { - "ComboChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComboChartAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a combo chart. Combo charts only have aggregated field wells. Columns in a combo chart are aggregated by category.", - "title": "ComboChartAggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ComboChartSortConfiguration": { + "AWS::NetworkManager::DirectConnectGatewayAttachment.ProposedSegmentChange": { "additionalProperties": false, "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The item limit configuration for the category field well of a combo chart.", - "title": "CategoryItemsLimit" - }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the category field well in a combo chart.", - "title": "CategorySort", - "type": "array" + "AttachmentPolicyRuleNumber": { + "markdownDescription": "The rule number in the policy document that applies to this change.", + "title": "AttachmentPolicyRuleNumber", + "type": "number" }, - "ColorItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The item limit configuration of the color field well in a combo chart.", - "title": "ColorItemsLimit" + "SegmentName": { + "markdownDescription": "The name of the segment to change.", + "title": "SegmentName", + "type": "string" }, - "ColorSort": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The sort configuration of the color field well in a combo chart.", - "title": "ColorSort", + "markdownDescription": "The list of key-value tags that changed for the segment.", + "title": "Tags", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ComboChartVisual": { + "AWS::NetworkManager::GlobalNetwork": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComboChartConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Metadata": { + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Properties": { + "additionalProperties": false, + "properties": { + "CreatedAt": { + "markdownDescription": "The date and time that the global network was created.", + "title": "CreatedAt", + "type": "string" + }, + "Description": { + "markdownDescription": "A description of the global network.\n\nConstraints: Maximum length of 256 characters.", + "title": "Description", + "type": "string" + }, + "State": { + "markdownDescription": "The state of the global network.", + "title": "State", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the global network.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "Type": { + "enum": [ + "AWS::NetworkManager::GlobalNetwork" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ComparisonConfiguration": { + "AWS::NetworkManager::Link": { "additionalProperties": false, "properties": { - "ComparisonFormat": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComparisonFormatConfiguration", - "markdownDescription": "The format of the comparison.", - "title": "ComparisonFormat" + "Condition": { + "type": "string" }, - "ComparisonMethod": { - "markdownDescription": "The method of the comparison. Choose from the following options:\n\n- `DIFFERENCE`\n- `PERCENT_DIFFERENCE`\n- `PERCENT`", - "title": "ComparisonMethod", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.ComparisonFormatConfiguration": { - "additionalProperties": false, - "properties": { - "NumberDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumberDisplayFormatConfiguration", - "markdownDescription": "The number display format.", - "title": "NumberDisplayFormatConfiguration" }, - "PercentageDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PercentageDisplayFormatConfiguration", - "markdownDescription": "The percentage display format.", - "title": "PercentageDisplayFormatConfiguration" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.Computation": { - "additionalProperties": false, - "properties": { - "Forecast": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ForecastComputation", - "markdownDescription": "The forecast computation configuration.", - "title": "Forecast" - }, - "GrowthRate": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GrowthRateComputation", - "markdownDescription": "The growth rate computation configuration.", - "title": "GrowthRate" - }, - "MaximumMinimum": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MaximumMinimumComputation", - "markdownDescription": "The maximum and minimum computation configuration.", - "title": "MaximumMinimum" - }, - "MetricComparison": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MetricComparisonComputation", - "markdownDescription": "The metric comparison computation configuration.", - "title": "MetricComparison" - }, - "PeriodOverPeriod": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PeriodOverPeriodComputation", - "markdownDescription": "The period over period computation configuration.", - "title": "PeriodOverPeriod" - }, - "PeriodToDate": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PeriodToDateComputation", - "markdownDescription": "The period to `DataSetIdentifier` computation configuration.", - "title": "PeriodToDate" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "TopBottomMovers": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TopBottomMoversComputation", - "markdownDescription": "The top movers and bottom movers computation configuration.", - "title": "TopBottomMovers" + "Metadata": { + "type": "object" }, - "TopBottomRanked": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TopBottomRankedComputation", - "markdownDescription": "The top ranked and bottom ranked computation configuration.", - "title": "TopBottomRanked" + "Properties": { + "additionalProperties": false, + "properties": { + "Bandwidth": { + "$ref": "#/definitions/AWS::NetworkManager::Link.Bandwidth", + "markdownDescription": "The bandwidth for the link.", + "title": "Bandwidth" + }, + "Description": { + "markdownDescription": "A description of the link.\n\nConstraints: Maximum length of 256 characters.", + "title": "Description", + "type": "string" + }, + "GlobalNetworkId": { + "markdownDescription": "The ID of the global network.", + "title": "GlobalNetworkId", + "type": "string" + }, + "Provider": { + "markdownDescription": "The provider of the link.\n\nConstraints: Maximum length of 128 characters. Cannot include the following characters: | \\ ^", + "title": "Provider", + "type": "string" + }, + "SiteId": { + "markdownDescription": "The ID of the site.", + "title": "SiteId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the link.", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of the link.\n\nConstraints: Maximum length of 128 characters. Cannot include the following characters: | \\ ^", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Bandwidth", + "GlobalNetworkId", + "SiteId" + ], + "type": "object" }, - "TotalAggregation": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TotalAggregationComputation", - "markdownDescription": "The total aggregation computation configuration.", - "title": "TotalAggregation" + "Type": { + "enum": [ + "AWS::NetworkManager::Link" + ], + "type": "string" }, - "UniqueValues": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.UniqueValuesComputation", - "markdownDescription": "The unique values computation configuration.", - "title": "UniqueValues" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.ConditionalFormattingColor": { + "AWS::NetworkManager::Link.Bandwidth": { "additionalProperties": false, "properties": { - "Gradient": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingGradientColor", - "markdownDescription": "Formatting configuration for gradient color.", - "title": "Gradient" + "DownloadSpeed": { + "markdownDescription": "Download speed in Mbps.", + "title": "DownloadSpeed", + "type": "number" }, - "Solid": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingSolidColor", - "markdownDescription": "Formatting configuration for solid color.", - "title": "Solid" + "UploadSpeed": { + "markdownDescription": "Upload speed in Mbps.", + "title": "UploadSpeed", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ConditionalFormattingCustomIconCondition": { + "AWS::NetworkManager::LinkAssociation": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "Determines the color of the icon.", - "title": "Color", + "Condition": { "type": "string" }, - "DisplayConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIconDisplayConfiguration", - "markdownDescription": "Determines the icon display configuration.", - "title": "DisplayConfiguration" - }, - "Expression": { - "markdownDescription": "The expression that determines the condition of the icon set.", - "title": "Expression", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "IconOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingCustomIconOptions", - "markdownDescription": "Custom icon options for an icon set.", - "title": "IconOptions" - } - }, - "required": [ - "Expression", - "IconOptions" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.ConditionalFormattingCustomIconOptions": { - "additionalProperties": false, - "properties": { - "Icon": { - "markdownDescription": "Determines the type of icon.", - "title": "Icon", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "UnicodeIcon": { - "markdownDescription": "Determines the Unicode icon type.", - "title": "UnicodeIcon", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DeviceId": { + "markdownDescription": "The device ID for the link association.", + "title": "DeviceId", + "type": "string" + }, + "GlobalNetworkId": { + "markdownDescription": "The ID of the global network.", + "title": "GlobalNetworkId", + "type": "string" + }, + "LinkId": { + "markdownDescription": "The ID of the link.", + "title": "LinkId", + "type": "string" + } + }, + "required": [ + "DeviceId", + "GlobalNetworkId", + "LinkId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NetworkManager::LinkAssociation" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.ConditionalFormattingGradientColor": { - "additionalProperties": false, - "properties": { - "Color": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GradientColor", - "markdownDescription": "Determines the color.", - "title": "Color" }, - "Expression": { - "markdownDescription": "The expression that determines the formatting configuration for gradient color.", - "title": "Expression", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Color", - "Expression" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ConditionalFormattingIcon": { + "AWS::NetworkManager::Site": { "additionalProperties": false, "properties": { - "CustomCondition": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingCustomIconCondition", - "markdownDescription": "Determines the custom condition for an icon set.", - "title": "CustomCondition" + "Condition": { + "type": "string" }, - "IconSet": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIconSet", - "markdownDescription": "Formatting configuration for icon set.", - "title": "IconSet" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.ConditionalFormattingIconDisplayConfiguration": { - "additionalProperties": false, - "properties": { - "IconDisplayOption": { - "markdownDescription": "Determines the icon display configuration.", - "title": "IconDisplayOption", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.ConditionalFormattingIconSet": { - "additionalProperties": false, - "properties": { - "Expression": { - "markdownDescription": "The expression that determines the formatting configuration for the icon set.", - "title": "Expression", + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of your site.\n\nConstraints: Maximum length of 256 characters.", + "title": "Description", + "type": "string" + }, + "GlobalNetworkId": { + "markdownDescription": "The ID of the global network.", + "title": "GlobalNetworkId", + "type": "string" + }, + "Location": { + "$ref": "#/definitions/AWS::NetworkManager::Site.Location", + "markdownDescription": "The site location. This information is used for visualization in the Network Manager console. If you specify the address, the latitude and longitude are automatically calculated.\n\n- `Address` : The physical address of the site.\n- `Latitude` : The latitude of the site.\n- `Longitude` : The longitude of the site.", + "title": "Location" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the site.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "GlobalNetworkId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NetworkManager::Site" + ], "type": "string" }, - "IconSetType": { - "markdownDescription": "Determines the icon set type.", - "title": "IconSetType", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Expression" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ConditionalFormattingSolidColor": { + "AWS::NetworkManager::Site.Location": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "Determines the color.", - "title": "Color", + "Address": { + "markdownDescription": "The physical address.", + "title": "Address", "type": "string" }, - "Expression": { - "markdownDescription": "The expression that determines the formatting configuration for solid color.", - "title": "Expression", + "Latitude": { + "markdownDescription": "The latitude.", + "title": "Latitude", "type": "string" - } - }, - "required": [ - "Expression" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.ContributionAnalysisDefault": { - "additionalProperties": false, - "properties": { - "ContributorDimensions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier" - }, - "markdownDescription": "The dimensions columns that are used in the contribution analysis, usually a list of `ColumnIdentifiers` .", - "title": "ContributorDimensions", - "type": "array" }, - "MeasureFieldId": { - "markdownDescription": "The measure field that is used in the contribution analysis.", - "title": "MeasureFieldId", + "Longitude": { + "markdownDescription": "The longitude.", + "title": "Longitude", "type": "string" } }, - "required": [ - "ContributorDimensions", - "MeasureFieldId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.CurrencyDisplayFormatConfiguration": { + "AWS::NetworkManager::SiteToSiteVpnAttachment": { "additionalProperties": false, "properties": { - "DecimalPlacesConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalPlacesConfiguration", - "markdownDescription": "The option that determines the decimal places configuration.", - "title": "DecimalPlacesConfiguration" - }, - "NegativeValueConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NegativeValueConfiguration", - "markdownDescription": "The options that determine the negative value configuration.", - "title": "NegativeValueConfiguration" - }, - "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NullValueFormatConfiguration", - "markdownDescription": "The options that determine the null value format configuration.", - "title": "NullValueFormatConfiguration" - }, - "NumberScale": { - "markdownDescription": "Determines the number scale value for the currency format.", - "title": "NumberScale", + "Condition": { "type": "string" }, - "Prefix": { - "markdownDescription": "Determines the prefix value of the currency format.", - "title": "Prefix", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SeparatorConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericSeparatorConfiguration", - "markdownDescription": "The options that determine the numeric separator configuration.", - "title": "SeparatorConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Suffix": { - "markdownDescription": "Determines the suffix value of the currency format.", - "title": "Suffix", - "type": "string" + "Metadata": { + "type": "object" }, - "Symbol": { - "markdownDescription": "Determines the symbol for the currency format.", - "title": "Symbol", + "Properties": { + "additionalProperties": false, + "properties": { + "CoreNetworkId": { + "markdownDescription": "", + "title": "CoreNetworkId", + "type": "string" + }, + "NetworkFunctionGroupName": { + "markdownDescription": "The name of the network function group.", + "title": "NetworkFunctionGroupName", + "type": "string" + }, + "ProposedNetworkFunctionGroupChange": { + "$ref": "#/definitions/AWS::NetworkManager::SiteToSiteVpnAttachment.ProposedNetworkFunctionGroupChange", + "markdownDescription": "Describes proposed changes to a network function group.", + "title": "ProposedNetworkFunctionGroupChange" + }, + "ProposedSegmentChange": { + "$ref": "#/definitions/AWS::NetworkManager::SiteToSiteVpnAttachment.ProposedSegmentChange", + "markdownDescription": "Describes a proposed segment change. In some cases, the segment change must first be evaluated and accepted.", + "title": "ProposedSegmentChange" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags associated with the Site-to-Site VPN attachment.", + "title": "Tags", + "type": "array" + }, + "VpnConnectionArn": { + "markdownDescription": "The ARN of the site-to-site VPN attachment.", + "title": "VpnConnectionArn", + "type": "string" + } + }, + "required": [ + "CoreNetworkId", + "VpnConnectionArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NetworkManager::SiteToSiteVpnAttachment" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.CustomActionFilterOperation": { - "additionalProperties": false, - "properties": { - "SelectedFieldsConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterOperationSelectedFieldsConfiguration", - "markdownDescription": "The configuration that chooses the fields to be filtered.", - "title": "SelectedFieldsConfiguration" }, - "TargetVisualsConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterOperationTargetVisualsConfiguration", - "markdownDescription": "The configuration that chooses the target visuals to be filtered.", - "title": "TargetVisualsConfiguration" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "SelectedFieldsConfiguration", - "TargetVisualsConfiguration" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.CustomActionNavigationOperation": { - "additionalProperties": false, - "properties": { - "LocalNavigationConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LocalNavigationConfiguration", - "markdownDescription": "The configuration that chooses the navigation target.", - "title": "LocalNavigationConfiguration" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.CustomActionSetParametersOperation": { + "AWS::NetworkManager::SiteToSiteVpnAttachment.ProposedNetworkFunctionGroupChange": { "additionalProperties": false, "properties": { - "ParameterValueConfigurations": { + "AttachmentPolicyRuleNumber": { + "markdownDescription": "The proposed new attachment policy rule number for the network function group.", + "title": "AttachmentPolicyRuleNumber", + "type": "number" + }, + "NetworkFunctionGroupName": { + "markdownDescription": "The proposed name change for the network function group name.", + "title": "NetworkFunctionGroupName", + "type": "string" + }, + "Tags": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SetParameterValueConfiguration" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The parameter that determines the value configuration.", - "title": "ParameterValueConfigurations", + "markdownDescription": "The list of proposed changes to the key-value tags associated with the network function group.", + "title": "Tags", "type": "array" } }, - "required": [ - "ParameterValueConfigurations" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.CustomActionURLOperation": { + "AWS::NetworkManager::SiteToSiteVpnAttachment.ProposedSegmentChange": { "additionalProperties": false, "properties": { - "URLTarget": { - "markdownDescription": "The target of the `CustomActionURLOperation` .\n\nValid values are defined as follows:\n\n- `NEW_TAB` : Opens the target URL in a new browser tab.\n- `NEW_WINDOW` : Opens the target URL in a new browser window.\n- `SAME_TAB` : Opens the target URL in the same browser tab.", - "title": "URLTarget", - "type": "string" + "AttachmentPolicyRuleNumber": { + "markdownDescription": "The rule number in the policy document that applies to this change.", + "title": "AttachmentPolicyRuleNumber", + "type": "number" }, - "URLTemplate": { - "markdownDescription": "THe URL link of the `CustomActionURLOperation` .", - "title": "URLTemplate", + "SegmentName": { + "markdownDescription": "The name of the segment to change.", + "title": "SegmentName", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of key-value tags that changed for the segment.", + "title": "Tags", + "type": "array" } }, - "required": [ - "URLTarget", - "URLTemplate" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.CustomColor": { + "AWS::NetworkManager::TransitGatewayPeering": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The color that is applied to the data value.", - "title": "Color", + "Condition": { "type": "string" }, - "FieldValue": { - "markdownDescription": "The data value that the color is applied to.", - "title": "FieldValue", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SpecialValue": { - "markdownDescription": "The value of a special data value.", - "title": "SpecialValue", - "type": "string" - } - }, - "required": [ - "Color" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.CustomContentConfiguration": { - "additionalProperties": false, - "properties": { - "ContentType": { - "markdownDescription": "The content type of the custom content visual. You can use this to have the visual render as an image.", - "title": "ContentType", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ContentUrl": { - "markdownDescription": "The input URL that links to the custom content that you want in the custom visual.", - "title": "ContentUrl", - "type": "string" + "Metadata": { + "type": "object" }, - "ImageScaling": { - "markdownDescription": "The sizing options for the size of the custom content visual. This structure is required when the `ContentType` of the visual is `'IMAGE'` .", - "title": "ImageScaling", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.CustomContentVisual": { - "additionalProperties": false, - "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + "Properties": { + "additionalProperties": false, + "properties": { + "CoreNetworkId": { + "markdownDescription": "The ID of the core network.", + "title": "CoreNetworkId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of key-value tags associated with the peering.", + "title": "Tags", + "type": "array" + }, + "TransitGatewayArn": { + "markdownDescription": "The ARN of the transit gateway.", + "title": "TransitGatewayArn", + "type": "string" + } }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomContentConfiguration", - "markdownDescription": "The configuration of a `CustomContentVisual` .", - "title": "ChartConfiguration" + "required": [ + "CoreNetworkId", + "TransitGatewayArn" + ], + "type": "object" }, - "DataSetIdentifier": { - "markdownDescription": "The dataset that is used to create the custom content visual. You can't create a visual without a dataset.", - "title": "DataSetIdentifier", + "Type": { + "enum": [ + "AWS::NetworkManager::TransitGatewayPeering" + ], "type": "string" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" - }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "DataSetIdentifier", - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.CustomFilterConfiguration": { + "AWS::NetworkManager::TransitGatewayRegistration": { "additionalProperties": false, "properties": { - "CategoryValue": { - "markdownDescription": "The category value for the filter.\n\nThis field is mutually exclusive to `ParameterName` .", - "title": "CategoryValue", + "Condition": { "type": "string" }, - "MatchOperator": { - "markdownDescription": "The match operator that is used to determine if a filter should be applied.", - "title": "MatchOperator", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `CategoryValue` .", - "title": "ParameterName", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "GlobalNetworkId": { + "markdownDescription": "The ID of the global network.", + "title": "GlobalNetworkId", + "type": "string" + }, + "TransitGatewayArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the transit gateway.", + "title": "TransitGatewayArn", + "type": "string" + } + }, + "required": [ + "GlobalNetworkId", + "TransitGatewayArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NetworkManager::TransitGatewayRegistration" + ], "type": "string" }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "MatchOperator", - "NullOption" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.CustomFilterListConfiguration": { + "AWS::NetworkManager::TransitGatewayRouteTableAttachment": { "additionalProperties": false, "properties": { - "CategoryValues": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of category values for the filter.", - "title": "CategoryValues", - "type": "array" - }, - "MatchOperator": { - "markdownDescription": "The match operator that is used to determine if a filter should be applied.", - "title": "MatchOperator", + "Condition": { "type": "string" }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "NetworkFunctionGroupName": { + "markdownDescription": "The name of the network function group.", + "title": "NetworkFunctionGroupName", + "type": "string" + }, + "PeeringId": { + "markdownDescription": "The ID of the transit gateway peering.", + "title": "PeeringId", + "type": "string" + }, + "ProposedNetworkFunctionGroupChange": { + "$ref": "#/definitions/AWS::NetworkManager::TransitGatewayRouteTableAttachment.ProposedNetworkFunctionGroupChange", + "markdownDescription": "Describes proposed changes to a network function group.", + "title": "ProposedNetworkFunctionGroupChange" + }, + "ProposedSegmentChange": { + "$ref": "#/definitions/AWS::NetworkManager::TransitGatewayRouteTableAttachment.ProposedSegmentChange", + "markdownDescription": "This property is read-only. Values can't be assigned to it.", + "title": "ProposedSegmentChange" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of key-value pairs associated with the transit gateway route table attachment.", + "title": "Tags", + "type": "array" + }, + "TransitGatewayRouteTableArn": { + "markdownDescription": "The ARN of the transit gateway attachment route table. For example, `\"TransitGatewayRouteTableArn\": \"arn:aws:ec2:us-west-2:123456789012:transit-gateway-route-table/tgw-rtb-9876543210123456\"` .", + "title": "TransitGatewayRouteTableArn", + "type": "string" + } + }, + "required": [ + "PeeringId", + "TransitGatewayRouteTableArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NetworkManager::TransitGatewayRouteTableAttachment" + ], "type": "string" - } - }, - "required": [ - "MatchOperator", - "NullOption" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.CustomNarrativeOptions": { - "additionalProperties": false, - "properties": { - "Narrative": { - "markdownDescription": "The string input of custom narrative.", - "title": "Narrative", + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Narrative" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.CustomParameterValues": { + "AWS::NetworkManager::TransitGatewayRouteTableAttachment.ProposedNetworkFunctionGroupChange": { "additionalProperties": false, "properties": { - "DateTimeValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of datetime-type parameter values.", - "title": "DateTimeValues", - "type": "array" - }, - "DecimalValues": { - "items": { - "type": "number" - }, - "markdownDescription": "A list of decimal-type parameter values.", - "title": "DecimalValues", - "type": "array" + "AttachmentPolicyRuleNumber": { + "markdownDescription": "The proposed new attachment policy rule number for the network function group.", + "title": "AttachmentPolicyRuleNumber", + "type": "number" }, - "IntegerValues": { - "items": { - "type": "number" - }, - "markdownDescription": "A list of integer-type parameter values.", - "title": "IntegerValues", - "type": "array" + "NetworkFunctionGroupName": { + "markdownDescription": "The proposed name change for the network function group name.", + "title": "NetworkFunctionGroupName", + "type": "string" }, - "StringValues": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of string-type parameter values.", - "title": "StringValues", + "markdownDescription": "The list of proposed changes to the key-value tags associated with the network function group.", + "title": "Tags", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.CustomValuesConfiguration": { - "additionalProperties": false, - "properties": { - "CustomValues": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomParameterValues", - "markdownDescription": "", - "title": "CustomValues" - }, - "IncludeNullValue": { - "markdownDescription": "Includes the null value in custom action parameter values.", - "title": "IncludeNullValue", - "type": "boolean" - } - }, - "required": [ - "CustomValues" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.DashboardError": { + "AWS::NetworkManager::TransitGatewayRouteTableAttachment.ProposedSegmentChange": { "additionalProperties": false, "properties": { - "Message": { - "markdownDescription": "Message.", - "title": "Message", - "type": "string" + "AttachmentPolicyRuleNumber": { + "markdownDescription": "The rule number in the policy document that applies to this change.", + "title": "AttachmentPolicyRuleNumber", + "type": "number" }, - "Type": { - "markdownDescription": "Type.", - "title": "Type", + "SegmentName": { + "markdownDescription": "The name of the segment to change.", + "title": "SegmentName", "type": "string" }, - "ViolatedEntities": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.Entity" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "Lists the violated entities that caused the dashboard error.", - "title": "ViolatedEntities", + "markdownDescription": "The list of key-value tags that changed for the segment.", + "title": "Tags", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DashboardPublishOptions": { + "AWS::NetworkManager::VpcAttachment": { "additionalProperties": false, "properties": { - "AdHocFilteringOption": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AdHocFilteringOption", - "markdownDescription": "Ad hoc (one-time) filtering option.", - "title": "AdHocFilteringOption" + "Condition": { + "type": "string" }, - "DataPointDrillUpDownOption": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPointDrillUpDownOption", - "markdownDescription": "The drill-down options of data points in a dashboard.", - "title": "DataPointDrillUpDownOption" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "DataPointMenuLabelOption": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPointMenuLabelOption", - "markdownDescription": "The data point menu label options of a dashboard.", - "title": "DataPointMenuLabelOption" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "DataPointTooltipOption": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPointTooltipOption", - "markdownDescription": "The data point tool tip options of a dashboard.", - "title": "DataPointTooltipOption" - }, - "ExportToCSVOption": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ExportToCSVOption", - "markdownDescription": "Export to .csv option.", - "title": "ExportToCSVOption" - }, - "ExportWithHiddenFieldsOption": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ExportWithHiddenFieldsOption", - "markdownDescription": "Determines if hidden fields are exported with a dashboard.", - "title": "ExportWithHiddenFieldsOption" - }, - "SheetControlsOption": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlsOption", - "markdownDescription": "Sheet controls option.", - "title": "SheetControlsOption" - }, - "SheetLayoutElementMaximizationOption": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetLayoutElementMaximizationOption", - "markdownDescription": "The sheet layout maximization options of a dashbaord.", - "title": "SheetLayoutElementMaximizationOption" + "Metadata": { + "type": "object" }, - "VisualAxisSortOption": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualAxisSortOption", - "markdownDescription": "The axis sort options of a dashboard.", - "title": "VisualAxisSortOption" + "Properties": { + "additionalProperties": false, + "properties": { + "CoreNetworkId": { + "markdownDescription": "The core network ID.", + "title": "CoreNetworkId", + "type": "string" + }, + "Options": { + "$ref": "#/definitions/AWS::NetworkManager::VpcAttachment.VpcOptions", + "markdownDescription": "Options for creating the VPC attachment.", + "title": "Options" + }, + "ProposedNetworkFunctionGroupChange": { + "$ref": "#/definitions/AWS::NetworkManager::VpcAttachment.ProposedNetworkFunctionGroupChange", + "markdownDescription": "Describes proposed changes to a network function group.", + "title": "ProposedNetworkFunctionGroupChange" + }, + "ProposedSegmentChange": { + "$ref": "#/definitions/AWS::NetworkManager::VpcAttachment.ProposedSegmentChange", + "markdownDescription": "Describes a proposed segment change. In some cases, the segment change must first be evaluated and accepted.", + "title": "ProposedSegmentChange" + }, + "SubnetArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The subnet ARNs.", + "title": "SubnetArns", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags associated with the VPC attachment.", + "title": "Tags", + "type": "array" + }, + "VpcArn": { + "markdownDescription": "The ARN of the VPC attachment.", + "title": "VpcArn", + "type": "string" + } + }, + "required": [ + "CoreNetworkId", + "SubnetArns", + "VpcArn" + ], + "type": "object" }, - "VisualMenuOption": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualMenuOption", - "markdownDescription": "The menu options of a visual in a dashboard.", - "title": "VisualMenuOption" + "Type": { + "enum": [ + "AWS::NetworkManager::VpcAttachment" + ], + "type": "string" }, - "VisualPublishOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DashboardVisualPublishOptions", - "markdownDescription": "The visual publish options of a visual in a dashboard.", - "title": "VisualPublishOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.DashboardSourceEntity": { - "additionalProperties": false, - "properties": { - "SourceTemplate": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DashboardSourceTemplate", - "markdownDescription": "Source template.", - "title": "SourceTemplate" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.DashboardSourceTemplate": { + "AWS::NetworkManager::VpcAttachment.ProposedNetworkFunctionGroupChange": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", - "title": "Arn", + "AttachmentPolicyRuleNumber": { + "markdownDescription": "The proposed new attachment policy rule number for the network function group.", + "title": "AttachmentPolicyRuleNumber", + "type": "number" + }, + "NetworkFunctionGroupName": { + "markdownDescription": "The proposed name change for the network function group name.", + "title": "NetworkFunctionGroupName", "type": "string" }, - "DataSetReferences": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataSetReference" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "Dataset references.", - "title": "DataSetReferences", + "markdownDescription": "The list of proposed changes to the key-value tags associated with the network function group.", + "title": "Tags", "type": "array" } }, - "required": [ - "Arn", - "DataSetReferences" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.DashboardVersion": { + "AWS::NetworkManager::VpcAttachment.ProposedSegmentChange": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", - "title": "Arn", - "type": "string" - }, - "CreatedTime": { - "markdownDescription": "The time that this dashboard version was created.", - "title": "CreatedTime", - "type": "string" - }, - "DataSetArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Numbers (ARNs) for the datasets that are associated with this version of the dashboard.", - "title": "DataSetArns", - "type": "array" + "AttachmentPolicyRuleNumber": { + "markdownDescription": "The rule number in the policy document that applies to this change.", + "title": "AttachmentPolicyRuleNumber", + "type": "number" }, - "Description": { - "markdownDescription": "Description.", - "title": "Description", + "SegmentName": { + "markdownDescription": "The name of the segment to change.", + "title": "SegmentName", "type": "string" }, - "Errors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DashboardError" - }, - "markdownDescription": "Errors associated with this dashboard version.", - "title": "Errors", - "type": "array" - }, - "Sheets": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.Sheet" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of the associated sheets with the unique identifier and name of each sheet.", - "title": "Sheets", + "markdownDescription": "The list of key-value tags that changed for the segment.", + "title": "Tags", "type": "array" + } + }, + "type": "object" + }, + "AWS::NetworkManager::VpcAttachment.VpcOptions": { + "additionalProperties": false, + "properties": { + "ApplianceModeSupport": { + "markdownDescription": "Indicates whether appliance mode is supported. If enabled, traffic flow between a source and destination use the same Availability Zone for the VPC attachment for the lifetime of that flow. The default value is `false` .", + "title": "ApplianceModeSupport", + "type": "boolean" }, - "SourceEntityArn": { - "markdownDescription": "Source entity ARN.", - "title": "SourceEntityArn", - "type": "string" - }, - "Status": { - "markdownDescription": "The HTTP status of the request.", - "title": "Status", - "type": "string" + "DnsSupport": { + "markdownDescription": "Indicates whether DNS is supported.", + "title": "DnsSupport", + "type": "boolean" }, - "ThemeArn": { - "markdownDescription": "The ARN of the theme associated with a version of the dashboard.", - "title": "ThemeArn", - "type": "string" + "Ipv6Support": { + "markdownDescription": "Indicates whether IPv6 is supported.", + "title": "Ipv6Support", + "type": "boolean" }, - "VersionNumber": { - "markdownDescription": "Version number for this version of the dashboard.", - "title": "VersionNumber", - "type": "number" + "SecurityGroupReferencingSupport": { + "markdownDescription": "Indicates whether security group referencing is enabled for this VPC attachment. The default is `true` . However, at the core network policy-level the default is set to `false` .", + "title": "SecurityGroupReferencingSupport", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DashboardVersionDefinition": { + "AWS::Notifications::ChannelAssociation": { "additionalProperties": false, "properties": { - "AnalysisDefaults": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AnalysisDefaults", - "markdownDescription": "", - "title": "AnalysisDefaults" + "Condition": { + "type": "string" }, - "CalculatedFields": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CalculatedField" - }, - "markdownDescription": "An array of calculated field definitions for the dashboard.", - "title": "CalculatedFields", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ColumnConfigurations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnConfiguration" - }, - "markdownDescription": "An array of dashboard-level column configurations. Column configurations are used to set the default formatting for a column that is used throughout a dashboard.", - "title": "ColumnConfigurations", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "DataSetIdentifierDeclarations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataSetIdentifierDeclaration" - }, - "markdownDescription": "An array of dataset identifier declarations. With this mapping,you can use dataset identifiers instead of dataset Amazon Resource Names (ARNs) throughout the dashboard's sub-structures.", - "title": "DataSetIdentifierDeclarations", - "type": "array" + "Metadata": { + "type": "object" }, - "FilterGroups": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterGroup" + "Properties": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the `Channel` .", + "title": "Arn", + "type": "string" + }, + "NotificationConfigurationArn": { + "markdownDescription": "The ARN of the `NotificationConfiguration` associated with the `Channel` .", + "title": "NotificationConfigurationArn", + "type": "string" + } }, - "markdownDescription": "The filter definitions for a dashboard.\n\nFor more information, see [Filtering Data in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/adding-a-filter.html) in the *Amazon QuickSight User Guide* .", - "title": "FilterGroups", - "type": "array" - }, - "Options": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AssetOptions", - "markdownDescription": "An array of option definitions for a dashboard.", - "title": "Options" + "required": [ + "Arn", + "NotificationConfigurationArn" + ], + "type": "object" }, - "ParameterDeclarations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterDeclaration" - }, - "markdownDescription": "The parameter declarations for a dashboard. Parameters are named variables that can transfer a value for use by an action or an object.\n\nFor more information, see [Parameters in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-in-quicksight.html) in the *Amazon QuickSight User Guide* .", - "title": "ParameterDeclarations", - "type": "array" + "Type": { + "enum": [ + "AWS::Notifications::ChannelAssociation" + ], + "type": "string" }, - "Sheets": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetDefinition" - }, - "markdownDescription": "An array of sheet definitions for a dashboard.", - "title": "Sheets", - "type": "array" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "DataSetIdentifierDeclarations" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.DashboardVisualPublishOptions": { - "additionalProperties": false, - "properties": { - "ExportHiddenFieldsOption": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ExportHiddenFieldsOption", - "markdownDescription": "Determines if hidden fields are included in an exported dashboard.", - "title": "ExportHiddenFieldsOption" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.DataBarsOptions": { + "AWS::Notifications::EventRule": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID for the data bars options.", - "title": "FieldId", + "Condition": { "type": "string" }, - "NegativeColor": { - "markdownDescription": "The color of the negative data bar.", - "title": "NegativeColor", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "PositiveColor": { - "markdownDescription": "The color of the positive data bar.", - "title": "PositiveColor", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "EventPattern": { + "markdownDescription": "An additional event pattern used to further filter the events this `EventRule` receives.\n\nFor more information, see [Amazon EventBridge event patterns](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-event-patterns.html) in the *Amazon EventBridge User Guide.*", + "title": "EventPattern", + "type": "string" + }, + "EventType": { + "markdownDescription": "The event type this rule should match with the EventBridge events. It must match with atleast one of the valid EventBridge event types. For example, Amazon EC2 Instance State change Notification and Amazon CloudWatch State Change. For more information, see [Event delivery from AWS services](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-service-event.html#eb-service-event-delivery-level) in the *Amazon EventBridge User Guide* .", + "title": "EventType", + "type": "string" + }, + "NotificationConfigurationArn": { + "markdownDescription": "The ARN for the `NotificationConfiguration` associated with this `EventRule` .", + "title": "NotificationConfigurationArn", + "type": "string" + }, + "Regions": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of AWS Regions that send events to this `EventRule` .", + "title": "Regions", + "type": "array" + }, + "Source": { + "markdownDescription": "The event source this rule should match with the EventBridge event sources. It must match with atleast one of the valid EventBridge event sources. Only AWS service sourced events are supported. For example, `aws.ec2` and `aws.cloudwatch` . For more information, see [Event delivery from AWS services](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-service-event.html#eb-service-event-delivery-level) in the *Amazon EventBridge User Guide* .", + "title": "Source", + "type": "string" + } + }, + "required": [ + "EventType", + "NotificationConfigurationArn", + "Regions", + "Source" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Notifications::EventRule" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "FieldId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.DataColor": { - "additionalProperties": false, - "properties": { - "Color": { - "markdownDescription": "The color that is applied to the data value.", - "title": "Color", - "type": "string" - }, - "DataValue": { - "markdownDescription": "The data value that the color is applied to.", - "title": "DataValue", - "type": "number" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.DataFieldSeriesItem": { + "AWS::Notifications::EventRule.EventRuleStatusSummary": { "additionalProperties": false, "properties": { - "AxisBinding": { - "markdownDescription": "The axis that you are binding the field to.", - "title": "AxisBinding", - "type": "string" - }, - "FieldId": { - "markdownDescription": "The field ID of the field that you are setting the axis binding to.", - "title": "FieldId", + "Reason": { + "markdownDescription": "A human-readable reason for `EventRuleStatus` .", + "title": "Reason", "type": "string" }, - "FieldValue": { - "markdownDescription": "The field value of the field that you are setting the axis binding to.", - "title": "FieldValue", + "Status": { + "markdownDescription": "The status of the `EventRule` .\n\n- Values:\n\n- `ACTIVE`\n\n- The `EventRule` can process events.\n- `INACTIVE`\n\n- The `EventRule` may be unable to process events.\n- `CREATING`\n\n- The `EventRule` is being created.\n\nOnly `GET` and `LIST` calls can be run.\n- `UPDATING`\n\n- The `EventRule` is being updated.\n\nOnly `GET` and `LIST` calls can be run.\n- `DELETING`\n\n- The `EventRule` is being deleted.\n\nOnly `GET` and `LIST` calls can be run.", + "title": "Status", "type": "string" - }, - "Settings": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartSeriesSettings", - "markdownDescription": "The options that determine the presentation of line series associated to the field.", - "title": "Settings" } }, "required": [ - "AxisBinding", - "FieldId" + "Reason", + "Status" ], "type": "object" }, - "AWS::QuickSight::Dashboard.DataLabelOptions": { + "AWS::Notifications::ManagedNotificationAccountContactAssociation": { "additionalProperties": false, "properties": { - "CategoryLabelVisibility": { - "markdownDescription": "Determines the visibility of the category field labels.", - "title": "CategoryLabelVisibility", - "type": "string" - }, - "DataLabelTypes": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelType" - }, - "markdownDescription": "The option that determines the data label type.", - "title": "DataLabelTypes", - "type": "array" - }, - "LabelColor": { - "markdownDescription": "Determines the color of the data labels.", - "title": "LabelColor", + "Condition": { "type": "string" }, - "LabelContent": { - "markdownDescription": "Determines the content of the data labels.", - "title": "LabelContent", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "LabelFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", - "markdownDescription": "Determines the font configuration of the data labels.", - "title": "LabelFontConfiguration" - }, - "MeasureLabelVisibility": { - "markdownDescription": "Determines the visibility of the measure field labels.", - "title": "MeasureLabelVisibility", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Overlap": { - "markdownDescription": "Determines whether overlap is enabled or disabled for the data labels.", - "title": "Overlap", - "type": "string" + "Metadata": { + "type": "object" }, - "Position": { - "markdownDescription": "Determines the position of the data labels.", - "title": "Position", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "ContactIdentifier": { + "markdownDescription": "The unique identifier of the notification contact associated with the AWS account. For more information about the contact types associated with an account, see the [Account Management Reference Guide](https://docs.aws.amazon.com/accounts/latest/reference/manage-acct-update-contact-alternate.html#manage-acct-update-contact-alternate-orgs) .", + "title": "ContactIdentifier", + "type": "string" + }, + "ManagedNotificationConfigurationArn": { + "markdownDescription": "The ARN of the `ManagedNotificationConfiguration` to be associated with the `Channel` .", + "title": "ManagedNotificationConfigurationArn", + "type": "string" + } + }, + "required": [ + "ContactIdentifier", + "ManagedNotificationConfigurationArn" + ], + "type": "object" }, - "TotalsVisibility": { - "markdownDescription": "Determines the visibility of the total.", - "title": "TotalsVisibility", + "Type": { + "enum": [ + "AWS::Notifications::ManagedNotificationAccountContactAssociation" + ], "type": "string" }, - "Visibility": { - "markdownDescription": "Determines the visibility of the data labels.", - "title": "Visibility", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.DataLabelType": { + "AWS::Notifications::ManagedNotificationAdditionalChannelAssociation": { "additionalProperties": false, "properties": { - "DataPathLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathLabelType", - "markdownDescription": "The option that specifies individual data values for labels.", - "title": "DataPathLabelType" + "Condition": { + "type": "string" }, - "FieldLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldLabelType", - "markdownDescription": "Determines the label configuration for the entire field.", - "title": "FieldLabelType" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "MaximumLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MaximumLabelType", - "markdownDescription": "Determines the label configuration for the maximum value in a visual.", - "title": "MaximumLabelType" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "MinimumLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MinimumLabelType", - "markdownDescription": "Determines the label configuration for the minimum value in a visual.", - "title": "MinimumLabelType" + "Metadata": { + "type": "object" }, - "RangeEndsLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RangeEndsLabelType", - "markdownDescription": "Determines the label configuration for range end value in a visual.", - "title": "RangeEndsLabelType" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.DataPathColor": { - "additionalProperties": false, - "properties": { - "Color": { - "markdownDescription": "The color that needs to be applied to the element.", - "title": "Color", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "ChannelArn": { + "markdownDescription": "The ARN of the `Channel` .", + "title": "ChannelArn", + "type": "string" + }, + "ManagedNotificationConfigurationArn": { + "markdownDescription": "The ARN of the `ManagedNotificationAdditionalChannelAssociation` associated with the `Channel` .", + "title": "ManagedNotificationConfigurationArn", + "type": "string" + } + }, + "required": [ + "ChannelArn", + "ManagedNotificationConfigurationArn" + ], + "type": "object" }, - "Element": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathValue", - "markdownDescription": "The element that the color needs to be applied to.", - "title": "Element" + "Type": { + "enum": [ + "AWS::Notifications::ManagedNotificationAdditionalChannelAssociation" + ], + "type": "string" }, - "TimeGranularity": { - "markdownDescription": "The time granularity of the field that the color needs to be applied to.", - "title": "TimeGranularity", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Color", - "Element" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.DataPathLabelType": { + "AWS::Notifications::NotificationConfiguration": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID of the field that the data label needs to be applied to.", - "title": "FieldId", + "Condition": { "type": "string" }, - "FieldValue": { - "markdownDescription": "The actual value of the field that is labeled.", - "title": "FieldValue", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the data label.", - "title": "Visibility", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.DataPathSort": { - "additionalProperties": false, - "properties": { - "Direction": { - "markdownDescription": "Determines the sort direction.", - "title": "Direction", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SortPaths": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathValue" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AggregationDuration": { + "markdownDescription": "The aggregation preference of the `NotificationConfiguration` .\n\n- Values:\n\n- `LONG`\n\n- Aggregate notifications for long periods of time (12 hours).\n- `SHORT`\n\n- Aggregate notifications for short periods of time (5 minutes).\n- `NONE`\n\n- Don't aggregate notifications.", + "title": "AggregationDuration", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the `NotificationConfiguration` .", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the `NotificationConfiguration` . Supports RFC 3986's unreserved characters.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A map of tags assigned to a `NotificationConfiguration` .", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The list of data paths that need to be sorted.", - "title": "SortPaths", - "type": "array" - } - }, - "required": [ - "Direction", - "SortPaths" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.DataPathType": { - "additionalProperties": false, - "properties": { - "PivotTableDataPathType": { - "markdownDescription": "The type of data path value utilized in a pivot table. Choose one of the following options:\n\n- `HIERARCHY_ROWS_LAYOUT_COLUMN` - The type of data path for the rows layout column, when `RowsLayout` is set to `HIERARCHY` .\n- `MULTIPLE_ROW_METRICS_COLUMN` - The type of data path for the metric column when the row is set to Metric Placement.\n- `EMPTY_COLUMN_HEADER` - The type of data path for the column with empty column header, when there is no field in `ColumnsFieldWell` and the row is set to Metric Placement.\n- `COUNT_METRIC_COLUMN` - The type of data path for the column with `COUNT` as the metric, when there is no field in the `ValuesFieldWell` .", - "title": "PivotTableDataPathType", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.DataPathValue": { - "additionalProperties": false, - "properties": { - "DataPathType": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathType", - "markdownDescription": "The type configuration of the field.", - "title": "DataPathType" + "required": [ + "Description", + "Name" + ], + "type": "object" }, - "FieldId": { - "markdownDescription": "The field ID of the field that needs to be sorted.", - "title": "FieldId", + "Type": { + "enum": [ + "AWS::Notifications::NotificationConfiguration" + ], "type": "string" }, - "FieldValue": { - "markdownDescription": "The actual value of the field that needs to be sorted.", - "title": "FieldValue", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.DataPointDrillUpDownOption": { - "additionalProperties": false, - "properties": { - "AvailabilityStatus": { - "markdownDescription": "The status of the drill down options of data points.", - "title": "AvailabilityStatus", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.DataPointMenuLabelOption": { + "AWS::Notifications::NotificationHub": { "additionalProperties": false, "properties": { - "AvailabilityStatus": { - "markdownDescription": "The status of the data point menu options.", - "title": "AvailabilityStatus", + "Condition": { "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.DataPointTooltipOption": { - "additionalProperties": false, - "properties": { - "AvailabilityStatus": { - "markdownDescription": "The status of the data point tool tip options.", - "title": "AvailabilityStatus", + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.DataSetIdentifierDeclaration": { - "additionalProperties": false, - "properties": { - "DataSetArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the data set.", - "title": "DataSetArn", + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Region": { + "markdownDescription": "The `NotificationHub` Region.", + "title": "Region", + "type": "string" + } + }, + "required": [ + "Region" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Notifications::NotificationHub" + ], "type": "string" }, - "Identifier": { - "markdownDescription": "The identifier of the data set, typically the data set's name.", - "title": "Identifier", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "DataSetArn", - "Identifier" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.DataSetReference": { + "AWS::Notifications::NotificationHub.NotificationHubStatusSummary": { "additionalProperties": false, "properties": { - "DataSetArn": { - "markdownDescription": "Dataset Amazon Resource Name (ARN).", - "title": "DataSetArn", + "NotificationHubStatus": { + "markdownDescription": "Indicates the current status of the `NotificationHub` .", + "title": "NotificationHubStatus", "type": "string" }, - "DataSetPlaceholder": { - "markdownDescription": "Dataset placeholder.", - "title": "DataSetPlaceholder", + "NotificationHubStatusReason": { + "markdownDescription": "An explanation for the current status.", + "title": "NotificationHubStatusReason", "type": "string" } }, "required": [ - "DataSetArn", - "DataSetPlaceholder" + "NotificationHubStatus", + "NotificationHubStatusReason" ], "type": "object" }, - "AWS::QuickSight::Dashboard.DateAxisOptions": { + "AWS::NotificationsContacts::EmailContact": { "additionalProperties": false, "properties": { - "MissingDateVisibility": { - "markdownDescription": "Determines whether or not missing dates are displayed.", - "title": "MissingDateVisibility", + "Condition": { "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.DateDimensionField": { - "additionalProperties": false, - "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that is used in the `DateDimensionField` .", - "title": "Column" }, - "DateGranularity": { - "markdownDescription": "The date granularity of the `DateDimensionField` . Choose one of the following options:\n\n- `YEAR`\n- `QUARTER`\n- `MONTH`\n- `WEEK`\n- `DAY`\n- `HOUR`\n- `MINUTE`\n- `SECOND`\n- `MILLISECOND`", - "title": "DateGranularity", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" + "Metadata": { + "type": "object" }, - "HierarchyId": { - "markdownDescription": "The custom hierarchy ID.", - "title": "HierarchyId", + "Properties": { + "additionalProperties": false, + "properties": { + "EmailAddress": { + "markdownDescription": "The email address of the contact. The activation and notification emails are sent here.", + "title": "EmailAddress", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the contact.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags to apply to the email contact.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "EmailAddress", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NotificationsContacts::EmailContact" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Column", - "FieldId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.DateMeasureField": { + "AWS::NotificationsContacts::EmailContact.EmailContact": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "markdownDescription": "The aggregation function of the measure field.", - "title": "AggregationFunction", + "Address": { + "markdownDescription": "The email address of the contact.", + "title": "Address", "type": "string" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that is used in the `DateMeasureField` .", - "title": "Column" + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the contact.", + "title": "Arn", + "type": "string" }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "CreationTime": { + "markdownDescription": "The creation time of the `EmailContact` .", + "title": "CreationTime", "type": "string" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" - } - }, - "required": [ - "Column", - "FieldId" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.DateTimeDefaultValues": { - "additionalProperties": false, - "properties": { - "DynamicValue": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DynamicDefaultValue", - "markdownDescription": "The dynamic value of the `DataTimeDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", - "title": "DynamicValue" + "Name": { + "markdownDescription": "The name of the contact.", + "title": "Name", + "type": "string" }, - "RollingDate": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RollingDateConfiguration", - "markdownDescription": "The rolling date of the `DataTimeDefaultValues` . The date is determined from the dataset based on input expression.", - "title": "RollingDate" + "Status": { + "markdownDescription": "The status of the contact. Only activated contacts receive emails.", + "title": "Status", + "type": "string" }, - "StaticValues": { - "items": { - "type": "string" - }, - "markdownDescription": "The static values of the `DataTimeDefaultValues` .", - "title": "StaticValues", - "type": "array" + "UpdateTime": { + "markdownDescription": "The time the `EmailContact` was last updated.", + "title": "UpdateTime", + "type": "string" } }, + "required": [ + "Address", + "Arn", + "CreationTime", + "Name", + "Status", + "UpdateTime" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.DateTimeFormatConfiguration": { + "AWS::ODB::CloudAutonomousVmCluster": { "additionalProperties": false, "properties": { - "DateTimeFormat": { - "markdownDescription": "Determines the `DateTime` format.", - "title": "DateTimeFormat", + "Condition": { "type": "string" }, - "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NullValueFormatConfiguration", - "markdownDescription": "The options that determine the null value format configuration.", - "title": "NullValueFormatConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "NumericFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericFormatConfiguration", - "markdownDescription": "The formatting configuration for numeric `DateTime` fields.", - "title": "NumericFormatConfiguration" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.DateTimeHierarchy": { - "additionalProperties": false, - "properties": { - "DrillDownFilters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DrillDownFilter" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AutonomousDataStorageSizeInTBs": { + "markdownDescription": "The data storage size allocated for Autonomous Databases in the Autonomous VM cluster, in TB.\n\nRequired when creating an Autonomous VM cluster.", + "title": "AutonomousDataStorageSizeInTBs", + "type": "number" + }, + "CloudExadataInfrastructureId": { + "markdownDescription": "The unique identifier of the Cloud Exadata Infrastructure containing this Autonomous VM cluster.\n\nRequired when creating an Autonomous VM cluster.", + "title": "CloudExadataInfrastructureId", + "type": "string" + }, + "CpuCoreCountPerNode": { + "markdownDescription": "The number of CPU cores enabled per node in the Autonomous VM cluster.\n\nRequired when creating an Autonomous VM cluster.", + "title": "CpuCoreCountPerNode", + "type": "number" + }, + "DbServers": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of database servers associated with the Autonomous VM cluster.", + "title": "DbServers", + "type": "array" + }, + "Description": { + "markdownDescription": "The user-provided description of the Autonomous VM cluster.", + "title": "Description", + "type": "string" + }, + "DisplayName": { + "markdownDescription": "The display name of the Autonomous VM cluster.\n\nRequired when creating an Autonomous VM cluster.", + "title": "DisplayName", + "type": "string" + }, + "IsMtlsEnabledVmCluster": { + "markdownDescription": "Specifies whether mutual TLS (mTLS) authentication is enabled for the Autonomous VM cluster.", + "title": "IsMtlsEnabledVmCluster", + "type": "boolean" + }, + "LicenseModel": { + "markdownDescription": "The Oracle license model that applies to the Autonomous VM cluster. Valid values are `LICENSE_INCLUDED` or `BRING_YOUR_OWN_LICENSE` .", + "title": "LicenseModel", + "type": "string" + }, + "MaintenanceWindow": { + "$ref": "#/definitions/AWS::ODB::CloudAutonomousVmCluster.MaintenanceWindow", + "markdownDescription": "The scheduling details for the maintenance window. Patching and system updates take place during the maintenance window.", + "title": "MaintenanceWindow" + }, + "MemoryPerOracleComputeUnitInGBs": { + "markdownDescription": "The amount of memory allocated per Oracle Compute Unit, in GB.\n\nRequired when creating an Autonomous VM cluster.", + "title": "MemoryPerOracleComputeUnitInGBs", + "type": "number" + }, + "OdbNetworkId": { + "markdownDescription": "The unique identifier of the ODB network associated with this Autonomous VM cluster.\n\nRequired when creating an Autonomous VM cluster.", + "title": "OdbNetworkId", + "type": "string" + }, + "ScanListenerPortNonTls": { + "markdownDescription": "The SCAN listener port for non-TLS (TCP) protocol. The default is 1521.", + "title": "ScanListenerPortNonTls", + "type": "number" + }, + "ScanListenerPortTls": { + "markdownDescription": "The SCAN listener port for TLS (TCP) protocol. The default is 2484.", + "title": "ScanListenerPortTls", + "type": "number" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags to assign to the Autonomous Vm Cluster.", + "title": "Tags", + "type": "array" + }, + "TimeZone": { + "markdownDescription": "The time zone of the Autonomous VM cluster.", + "title": "TimeZone", + "type": "string" + }, + "TotalContainerDatabases": { + "markdownDescription": "The total number of Autonomous Container Databases that can be created with the allocated local storage.\n\nRequired when creating an Autonomous VM cluster.", + "title": "TotalContainerDatabases", + "type": "number" + } }, - "markdownDescription": "The option that determines the drill down filters for the `DateTime` hierarchy.", - "title": "DrillDownFilters", - "type": "array" + "type": "object" }, - "HierarchyId": { - "markdownDescription": "The hierarchy ID of the `DateTime` hierarchy.", - "title": "HierarchyId", + "Type": { + "enum": [ + "AWS::ODB::CloudAutonomousVmCluster" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "HierarchyId" + "Type" ], "type": "object" }, - "AWS::QuickSight::Dashboard.DateTimeParameter": { + "AWS::ODB::CloudAutonomousVmCluster.MaintenanceWindow": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "A display name for the date-time parameter.", - "title": "Name", - "type": "string" - }, - "Values": { + "DaysOfWeek": { "items": { "type": "string" }, - "markdownDescription": "The values for the date-time parameter.", - "title": "Values", + "markdownDescription": "The days of the week when maintenance can be performed.", + "title": "DaysOfWeek", "type": "array" - } - }, - "required": [ - "Name", - "Values" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.DateTimeParameterDeclaration": { - "additionalProperties": false, - "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeDefaultValues", - "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", - "title": "DefaultValues" }, - "MappedDataSetParameters": { + "HoursOfDay": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MappedDataSetParameter" + "type": "number" }, - "markdownDescription": "", - "title": "MappedDataSetParameters", + "markdownDescription": "The hours of the day when maintenance can be performed.", + "title": "HoursOfDay", "type": "array" }, - "Name": { - "markdownDescription": "The name of the parameter that is being declared.", - "title": "Name", - "type": "string" - }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", - "type": "string" - }, - "ValueWhenUnset": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeValueWhenUnsetConfiguration", - "markdownDescription": "The configuration that defines the default value of a `DateTime` parameter when a value has not been set.", - "title": "ValueWhenUnset" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.DateTimePickerControlDisplayOptions": { - "additionalProperties": false, - "properties": { - "DateTimeFormat": { - "markdownDescription": "Customize how dates are formatted in controls.", - "title": "DateTimeFormat", - "type": "string" - }, - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" - }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.DateTimeValueWhenUnsetConfiguration": { - "additionalProperties": false, - "properties": { - "CustomValue": { - "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", - "title": "CustomValue", - "type": "string" - }, - "ValueWhenUnsetOption": { - "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", - "title": "ValueWhenUnsetOption", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.DecimalDefaultValues": { - "additionalProperties": false, - "properties": { - "DynamicValue": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DynamicDefaultValue", - "markdownDescription": "The dynamic value of the `DecimalDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", - "title": "DynamicValue" + "LeadTimeInWeeks": { + "markdownDescription": "The lead time in weeks before the maintenance window.", + "title": "LeadTimeInWeeks", + "type": "number" }, - "StaticValues": { + "Months": { "items": { - "type": "number" + "type": "string" }, - "markdownDescription": "The static values of the `DecimalDefaultValues` .", - "title": "StaticValues", + "markdownDescription": "The months when maintenance can be performed.", + "title": "Months", "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.DecimalParameter": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "A display name for the decimal parameter.", - "title": "Name", + }, + "Preference": { + "markdownDescription": "The preference for the maintenance window scheduling.", + "title": "Preference", "type": "string" }, - "Values": { + "WeeksOfMonth": { "items": { "type": "number" }, - "markdownDescription": "The values for the decimal parameter.", - "title": "Values", + "markdownDescription": "The weeks of the month when maintenance can be performed.", + "title": "WeeksOfMonth", "type": "array" } }, - "required": [ - "Name", - "Values" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.DecimalParameterDeclaration": { + "AWS::ODB::CloudExadataInfrastructure": { "additionalProperties": false, "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalDefaultValues", - "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", - "title": "DefaultValues" + "Condition": { + "type": "string" }, - "MappedDataSetParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MappedDataSetParameter" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "markdownDescription": "The name of the Availability Zone (AZ) where the Exadata infrastructure is located.\n\nRequired when creating an Exadata infrastructure. Specify either AvailabilityZone or AvailabilityZoneId to define the location of the infrastructure.", + "title": "AvailabilityZone", + "type": "string" + }, + "AvailabilityZoneId": { + "markdownDescription": "The AZ ID of the AZ where the Exadata infrastructure is located.\n\nRequired when creating an Exadata infrastructure. Specify either AvailabilityZone or AvailabilityZoneId to define the location of the infrastructure.", + "title": "AvailabilityZoneId", + "type": "string" + }, + "ComputeCount": { + "markdownDescription": "The number of database servers for the Exadata infrastructure.\n\nRequired when creating an Exadata infrastructure.", + "title": "ComputeCount", + "type": "number" + }, + "CustomerContactsToSendToOCI": { + "items": { + "$ref": "#/definitions/AWS::ODB::CloudExadataInfrastructure.CustomerContact" + }, + "markdownDescription": "The email addresses of contacts to receive notification from Oracle about maintenance updates for the Exadata infrastructure.", + "title": "CustomerContactsToSendToOCI", + "type": "array" + }, + "DatabaseServerType": { + "markdownDescription": "The database server model type of the Exadata infrastructure. For the list of valid model names, use the `ListDbSystemShapes` operation.", + "title": "DatabaseServerType", + "type": "string" + }, + "DisplayName": { + "markdownDescription": "The user-friendly name for the Exadata infrastructure.\n\nRequired when creating an Exadata infrastructure.", + "title": "DisplayName", + "type": "string" + }, + "Shape": { + "markdownDescription": "The model name of the Exadata infrastructure.\n\nRequired when creating an Exadata infrastructure.", + "title": "Shape", + "type": "string" + }, + "StorageCount": { + "markdownDescription": "The number of storage servers that are activated for the Exadata infrastructure.\n\nRequired when creating an Exadata infrastructure.", + "title": "StorageCount", + "type": "number" + }, + "StorageServerType": { + "markdownDescription": "The storage server model type of the Exadata infrastructure. For the list of valid model names, use the `ListDbSystemShapes` operation.", + "title": "StorageServerType", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags to assign to the Exadata Infrastructure.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "", - "title": "MappedDataSetParameters", - "type": "array" + "type": "object" }, - "Name": { - "markdownDescription": "The name of the parameter that is being declared.", - "title": "Name", + "Type": { + "enum": [ + "AWS::ODB::CloudExadataInfrastructure" + ], "type": "string" }, - "ParameterValueType": { - "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", - "title": "ParameterValueType", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "ValueWhenUnset": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalValueWhenUnsetConfiguration", - "markdownDescription": "The configuration that defines the default value of a `Decimal` parameter when a value has not been set.", - "title": "ValueWhenUnset" } }, "required": [ - "Name", - "ParameterValueType" + "Type" ], "type": "object" }, - "AWS::QuickSight::Dashboard.DecimalPlacesConfiguration": { + "AWS::ODB::CloudExadataInfrastructure.CustomerContact": { "additionalProperties": false, "properties": { - "DecimalPlaces": { - "markdownDescription": "The values of the decimal places.", - "title": "DecimalPlaces", - "type": "number" + "Email": { + "markdownDescription": "The email address of the contact.", + "title": "Email", + "type": "string" } }, - "required": [ - "DecimalPlaces" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.DecimalValueWhenUnsetConfiguration": { + "AWS::ODB::CloudVmCluster": { "additionalProperties": false, "properties": { - "CustomValue": { - "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", - "title": "CustomValue", - "type": "number" + "Condition": { + "type": "string" }, - "ValueWhenUnsetOption": { - "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", - "title": "ValueWhenUnsetOption", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.DefaultDateTimePickerControlOptions": { - "additionalProperties": false, - "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimePickerControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CloudExadataInfrastructureId": { + "markdownDescription": "The unique identifier of the Exadata infrastructure that this VM cluster belongs to.\n\nRequired when creating a VM cluster.", + "title": "CloudExadataInfrastructureId", + "type": "string" + }, + "ClusterName": { + "markdownDescription": "The name of the Grid Infrastructure (GI) cluster.", + "title": "ClusterName", + "type": "string" + }, + "CpuCoreCount": { + "markdownDescription": "The number of CPU cores enabled on the VM cluster.\n\nRequired when creating a VM cluster.", + "title": "CpuCoreCount", + "type": "number" + }, + "DataCollectionOptions": { + "$ref": "#/definitions/AWS::ODB::CloudVmCluster.DataCollectionOptions", + "markdownDescription": "The set of diagnostic collection options enabled for the VM cluster.", + "title": "DataCollectionOptions" + }, + "DataStorageSizeInTBs": { + "markdownDescription": "The size of the data disk group, in terabytes (TB), that's allocated for the VM cluster.", + "title": "DataStorageSizeInTBs", + "type": "number" + }, + "DbNodeStorageSizeInGBs": { + "markdownDescription": "The amount of local node storage, in gigabytes (GB), that's allocated for the VM cluster.", + "title": "DbNodeStorageSizeInGBs", + "type": "number" + }, + "DbServers": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of database servers for the VM cluster.", + "title": "DbServers", + "type": "array" + }, + "DisplayName": { + "markdownDescription": "The user-friendly name for the VM cluster.\n\nRequired when creating a VM cluster.", + "title": "DisplayName", + "type": "string" + }, + "GiVersion": { + "markdownDescription": "The software version of the Oracle Grid Infrastructure (GI) for the VM cluster.\n\nRequired when creating a VM cluster.", + "title": "GiVersion", + "type": "string" + }, + "Hostname": { + "markdownDescription": "The host name for the VM cluster.\n\nRequired when creating a VM cluster.", + "title": "Hostname", + "type": "string" + }, + "IsLocalBackupEnabled": { + "markdownDescription": "Specifies whether database backups to local Exadata storage are enabled for the VM cluster.", + "title": "IsLocalBackupEnabled", + "type": "boolean" + }, + "IsSparseDiskgroupEnabled": { + "markdownDescription": "Specifies whether the VM cluster is configured with a sparse disk group.", + "title": "IsSparseDiskgroupEnabled", + "type": "boolean" + }, + "LicenseModel": { + "markdownDescription": "The Oracle license model applied to the VM cluster.", + "title": "LicenseModel", + "type": "string" + }, + "MemorySizeInGBs": { + "markdownDescription": "The amount of memory, in gigabytes (GB), that's allocated for the VM cluster.", + "title": "MemorySizeInGBs", + "type": "number" + }, + "OdbNetworkId": { + "markdownDescription": "The unique identifier of the ODB network for the VM cluster.\n\nRequired when creating a VM cluster.", + "title": "OdbNetworkId", + "type": "string" + }, + "ScanListenerPortTcp": { + "markdownDescription": "The port number for TCP connections to the single client access name (SCAN) listener.\n\nValid values: `1024\u20138999` with the following exceptions: `2484` , `6100` , `6200` , `7060` , `7070` , `7085` , and `7879`\n\nDefault: `1521`", + "title": "ScanListenerPortTcp", + "type": "number" + }, + "SshPublicKeys": { + "items": { + "type": "string" + }, + "markdownDescription": "The public key portion of one or more key pairs used for SSH access to the VM cluster.\n\nRequired when creating a VM cluster.", + "title": "SshPublicKeys", + "type": "array" + }, + "SystemVersion": { + "markdownDescription": "The operating system version of the image chosen for the VM cluster.", + "title": "SystemVersion", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags to assign to the Vm Cluster.", + "title": "Tags", + "type": "array" + }, + "TimeZone": { + "markdownDescription": "The time zone of the VM cluster.", + "title": "TimeZone", + "type": "string" + } + }, + "type": "object" }, "Type": { - "markdownDescription": "The date time picker type of the `DefaultDateTimePickerControlOptions` . Choose one of the following options:\n\n- `SINGLE_VALUED` : The filter condition is a fixed date.\n- `DATE_RANGE` : The filter condition is a date time range.", - "title": "Type", + "enum": [ + "AWS::ODB::CloudVmCluster" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration": { - "additionalProperties": false, - "properties": { - "ControlOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlOptions", - "markdownDescription": "The control option for the `DefaultFilterControlConfiguration` .", - "title": "ControlOptions" }, - "Title": { - "markdownDescription": "The title of the `DefaultFilterControlConfiguration` . This title is shared by all controls that are tied to this filter.", - "title": "Title", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ControlOptions", - "Title" + "Type" ], "type": "object" }, - "AWS::QuickSight::Dashboard.DefaultFilterControlOptions": { + "AWS::ODB::CloudVmCluster.DataCollectionOptions": { "additionalProperties": false, "properties": { - "DefaultDateTimePickerOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultDateTimePickerControlOptions", - "markdownDescription": "The default options that correspond to the filter control type of a `DateTimePicker` .", - "title": "DefaultDateTimePickerOptions" - }, - "DefaultDropdownOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterDropDownControlOptions", - "markdownDescription": "The default options that correspond to the `Dropdown` filter control type.", - "title": "DefaultDropdownOptions" - }, - "DefaultListOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterListControlOptions", - "markdownDescription": "The default options that correspond to the `List` filter control type.", - "title": "DefaultListOptions" - }, - "DefaultRelativeDateTimeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultRelativeDateTimeControlOptions", - "markdownDescription": "The default options that correspond to the `RelativeDateTime` filter control type.", - "title": "DefaultRelativeDateTimeOptions" - }, - "DefaultSliderOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultSliderControlOptions", - "markdownDescription": "The default options that correspond to the `Slider` filter control type.", - "title": "DefaultSliderOptions" + "IsDiagnosticsEventsEnabled": { + "markdownDescription": "Specifies whether diagnostic collection is enabled for the VM cluster.", + "title": "IsDiagnosticsEventsEnabled", + "type": "boolean" }, - "DefaultTextAreaOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultTextAreaControlOptions", - "markdownDescription": "The default options that correspond to the `TextArea` filter control type.", - "title": "DefaultTextAreaOptions" + "IsHealthMonitoringEnabled": { + "markdownDescription": "Specifies whether health monitoring is enabled for the VM cluster.", + "title": "IsHealthMonitoringEnabled", + "type": "boolean" }, - "DefaultTextFieldOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultTextFieldControlOptions", - "markdownDescription": "The default options that correspond to the `TextField` filter control type.", - "title": "DefaultTextFieldOptions" + "IsIncidentLogsEnabled": { + "markdownDescription": "Specifies whether incident logs are enabled for the VM cluster.", + "title": "IsIncidentLogsEnabled", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DefaultFilterDropDownControlOptions": { + "AWS::ODB::OdbNetwork": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DropDownControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "Condition": { + "type": "string" }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "markdownDescription": "The Availability Zone (AZ) where the ODB network is located.\n\nRequired when creating an ODB network. Specify either AvailabilityZone or AvailabilityZoneId to define the location of the network.", + "title": "AvailabilityZone", + "type": "string" + }, + "AvailabilityZoneId": { + "markdownDescription": "The AZ ID of the AZ where the ODB network is located.\n\nRequired when creating an ODB network. Specify either AvailabilityZone or AvailabilityZoneId to define the location of the network.", + "title": "AvailabilityZoneId", + "type": "string" + }, + "BackupSubnetCidr": { + "markdownDescription": "The CIDR range of the backup subnet in the ODB network.", + "title": "BackupSubnetCidr", + "type": "string" + }, + "ClientSubnetCidr": { + "markdownDescription": "The CIDR range of the client subnet in the ODB network.\n\nRequired when creating an ODB network.", + "title": "ClientSubnetCidr", + "type": "string" + }, + "DefaultDnsPrefix": { + "markdownDescription": "The DNS prefix to the default DNS domain name. The default DNS domain name is oraclevcn.com.", + "title": "DefaultDnsPrefix", + "type": "string" + }, + "DeleteAssociatedResources": { + "markdownDescription": "Specifies whether to delete associated OCI networking resources along with the ODB network.\n\nRequired when creating an ODB network.", + "title": "DeleteAssociatedResources", + "type": "boolean" + }, + "DisplayName": { + "markdownDescription": "The user-friendly name of the ODB network.\n\nRequired when creating an ODB network.", + "title": "DisplayName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags to assign to the Odb Network.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" }, "Type": { - "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", - "title": "Type", + "enum": [ + "AWS::ODB::OdbNetwork" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.DefaultFilterListControlOptions": { + "AWS::OSIS::Pipeline": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ListControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "Condition": { + "type": "string" }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "BufferOptions": { + "$ref": "#/definitions/AWS::OSIS::Pipeline.BufferOptions", + "markdownDescription": "Options that specify the configuration of a persistent buffer. To configure how OpenSearch Ingestion encrypts this data, set the `EncryptionAtRestOptions` . For more information, see [Persistent buffering](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/osis-features-overview.html#persistent-buffering) .", + "title": "BufferOptions" + }, + "EncryptionAtRestOptions": { + "$ref": "#/definitions/AWS::OSIS::Pipeline.EncryptionAtRestOptions", + "markdownDescription": "Options to control how OpenSearch encrypts buffer data.", + "title": "EncryptionAtRestOptions" + }, + "LogPublishingOptions": { + "$ref": "#/definitions/AWS::OSIS::Pipeline.LogPublishingOptions", + "markdownDescription": "Key-value pairs that represent log publishing settings.", + "title": "LogPublishingOptions" + }, + "MaxUnits": { + "markdownDescription": "The maximum pipeline capacity, in Ingestion Compute Units (ICUs).", + "title": "MaxUnits", + "type": "number" + }, + "MinUnits": { + "markdownDescription": "The minimum pipeline capacity, in Ingestion Compute Units (ICUs).", + "title": "MinUnits", + "type": "number" + }, + "PipelineConfigurationBody": { + "markdownDescription": "The Data Prepper pipeline configuration in YAML format.", + "title": "PipelineConfigurationBody", + "type": "string" + }, + "PipelineName": { + "markdownDescription": "The name of the pipeline.", + "title": "PipelineName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "List of tags to add to the pipeline upon creation.", + "title": "Tags", + "type": "array" + }, + "VpcOptions": { + "$ref": "#/definitions/AWS::OSIS::Pipeline.VpcOptions", + "markdownDescription": "Options that specify the subnets and security groups for an OpenSearch Ingestion VPC endpoint.", + "title": "VpcOptions" + } + }, + "required": [ + "MaxUnits", + "MinUnits", + "PipelineConfigurationBody", + "PipelineName" + ], + "type": "object" }, "Type": { - "markdownDescription": "The type of the `DefaultFilterListControlOptions` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list.", - "title": "Type", + "enum": [ + "AWS::OSIS::Pipeline" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.DefaultFreeFormLayoutConfiguration": { - "additionalProperties": false, - "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutCanvasSizeOptions", - "markdownDescription": "Determines the screen canvas size options for a free-form layout.", - "title": "CanvasSizeOptions" } }, "required": [ - "CanvasSizeOptions" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.DefaultGridLayoutConfiguration": { + "AWS::OSIS::Pipeline.BufferOptions": { "additionalProperties": false, "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GridLayoutCanvasSizeOptions", - "markdownDescription": "Determines the screen canvas size options for a grid layout.", - "title": "CanvasSizeOptions" + "PersistentBufferEnabled": { + "markdownDescription": "Whether persistent buffering should be enabled.", + "title": "PersistentBufferEnabled", + "type": "boolean" } }, "required": [ - "CanvasSizeOptions" + "PersistentBufferEnabled" ], "type": "object" }, - "AWS::QuickSight::Dashboard.DefaultInteractiveLayoutConfiguration": { + "AWS::OSIS::Pipeline.CloudWatchLogDestination": { "additionalProperties": false, "properties": { - "FreeForm": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFreeFormLayoutConfiguration", - "markdownDescription": "The options that determine the default settings of a free-form layout configuration.", - "title": "FreeForm" - }, - "Grid": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultGridLayoutConfiguration", - "markdownDescription": "The options that determine the default settings for a grid layout configuration.", - "title": "Grid" + "LogGroup": { + "markdownDescription": "The name of the CloudWatch Logs group to send pipeline logs to. You can specify an existing log group or create a new one. For example, `/aws/vendedlogs/OpenSearchService/pipelines` .", + "title": "LogGroup", + "type": "string" } }, + "required": [ + "LogGroup" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.DefaultNewSheetConfiguration": { + "AWS::OSIS::Pipeline.EncryptionAtRestOptions": { "additionalProperties": false, "properties": { - "InteractiveLayoutConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultInteractiveLayoutConfiguration", - "markdownDescription": "The options that determine the default settings for interactive layout configuration.", - "title": "InteractiveLayoutConfiguration" - }, - "PaginatedLayoutConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultPaginatedLayoutConfiguration", - "markdownDescription": "The options that determine the default settings for a paginated layout configuration.", - "title": "PaginatedLayoutConfiguration" - }, - "SheetContentType": { - "markdownDescription": "The option that determines the sheet content type.", - "title": "SheetContentType", + "KmsKeyArn": { + "markdownDescription": "The ARN of the KMS key used to encrypt buffer data. By default, data is encrypted using an AWS owned key.", + "title": "KmsKeyArn", "type": "string" } }, + "required": [ + "KmsKeyArn" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.DefaultPaginatedLayoutConfiguration": { + "AWS::OSIS::Pipeline.LogPublishingOptions": { "additionalProperties": false, "properties": { - "SectionBased": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultSectionBasedLayoutConfiguration", - "markdownDescription": "The options that determine the default settings for a section-based layout configuration.", - "title": "SectionBased" + "CloudWatchLogDestination": { + "$ref": "#/definitions/AWS::OSIS::Pipeline.CloudWatchLogDestination", + "markdownDescription": "The destination for OpenSearch Ingestion logs sent to Amazon CloudWatch Logs. This parameter is required if `IsLoggingEnabled` is set to `true` .", + "title": "CloudWatchLogDestination" + }, + "IsLoggingEnabled": { + "markdownDescription": "Whether logs should be published.", + "title": "IsLoggingEnabled", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DefaultRelativeDateTimeControlOptions": { + "AWS::OSIS::Pipeline.VpcAttachmentOptions": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RelativeDateTimeControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "AttachToVpc": { + "markdownDescription": "Whether a VPC is attached to the pipeline.", + "title": "AttachToVpc", + "type": "boolean" + }, + "CidrBlock": { + "markdownDescription": "The CIDR block to be reserved for OpenSearch Ingestion to create elastic network interfaces (ENIs).", + "title": "CidrBlock", + "type": "string" } }, + "required": [ + "AttachToVpc", + "CidrBlock" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.DefaultSectionBasedLayoutConfiguration": { + "AWS::OSIS::Pipeline.VpcEndpoint": { "additionalProperties": false, "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionBasedLayoutCanvasSizeOptions", - "markdownDescription": "Determines the screen canvas size options for a section-based layout.", - "title": "CanvasSizeOptions" + "VpcEndpointId": { + "markdownDescription": "The unique identifier of the endpoint.", + "title": "VpcEndpointId", + "type": "string" + }, + "VpcId": { + "markdownDescription": "The ID for your VPC. AWS PrivateLink generates this value when you create a VPC.", + "title": "VpcId", + "type": "string" + }, + "VpcOptions": { + "$ref": "#/definitions/AWS::OSIS::Pipeline.VpcOptions", + "markdownDescription": "Information about the VPC, including associated subnets and security groups.", + "title": "VpcOptions" } }, - "required": [ - "CanvasSizeOptions" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.DefaultSliderControlOptions": { + "AWS::OSIS::Pipeline.VpcOptions": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SliderControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "MaximumValue": { - "markdownDescription": "The larger value that is displayed at the right of the slider.", - "title": "MaximumValue", - "type": "number" + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of security groups associated with the VPC endpoint.", + "title": "SecurityGroupIds", + "type": "array" }, - "MinimumValue": { - "markdownDescription": "The smaller value that is displayed at the left of the slider.", - "title": "MinimumValue", - "type": "number" + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of subnet IDs associated with the VPC endpoint.", + "title": "SubnetIds", + "type": "array" }, - "StepSize": { - "markdownDescription": "The number of increments that the slider bar is divided into.", - "title": "StepSize", - "type": "number" + "VpcAttachmentOptions": { + "$ref": "#/definitions/AWS::OSIS::Pipeline.VpcAttachmentOptions", + "markdownDescription": "Options for attaching a VPC to a pipeline.", + "title": "VpcAttachmentOptions" }, - "Type": { - "markdownDescription": "The type of the `DefaultSliderControlOptions` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range.", - "title": "Type", + "VpcEndpointManagement": { + "markdownDescription": "Defines whether you or Amazon OpenSearch Ingestion service create and manage the VPC endpoint configured for the pipeline.", + "title": "VpcEndpointManagement", "type": "string" } }, "required": [ - "MaximumValue", - "MinimumValue", - "StepSize" + "SubnetIds" ], "type": "object" }, - "AWS::QuickSight::Dashboard.DefaultTextAreaControlOptions": { + "AWS::Oam::Link": { "additionalProperties": false, "properties": { - "Delimiter": { - "markdownDescription": "The delimiter that is used to separate the lines in text.", - "title": "Delimiter", + "Condition": { "type": "string" }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextAreaControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.DefaultTextFieldControlOptions": { - "additionalProperties": false, - "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextFieldControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.DestinationParameterValueConfiguration": { - "additionalProperties": false, - "properties": { - "CustomValuesConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomValuesConfiguration", - "markdownDescription": "The configuration of custom values for destination parameter in `DestinationParameterValueConfiguration` .", - "title": "CustomValuesConfiguration" - }, - "SelectAllValueOptions": { - "markdownDescription": "The configuration that selects all options.", - "title": "SelectAllValueOptions", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SourceColumn": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "A column of a data set.", - "title": "SourceColumn" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SourceField": { - "markdownDescription": "The source field ID of the destination parameter.", - "title": "SourceField", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "LabelTemplate": { + "markdownDescription": "Specify a friendly human-readable name to use to identify this source account when you are viewing data from it in the monitoring account.\n\nYou can include the following variables in your template:\n\n- `$AccountName` is the name of the account\n- `$AccountEmail` is a globally-unique email address, which includes the email domain, such as `mariagarcia@example.com`\n- `$AccountEmailNoDomain` is an email address without the domain name, such as `mariagarcia`\n\n> In the and Regions, the only supported option is to use custom labels, and the `$AccountName` , `$AccountEmail` , and `$AccountEmailNoDomain` variables all resolve as *account-id* instead of the specified variable.", + "title": "LabelTemplate", + "type": "string" + }, + "LinkConfiguration": { + "$ref": "#/definitions/AWS::Oam::Link.LinkConfiguration", + "markdownDescription": "Use this structure to optionally create filters that specify that only some metric namespaces or log groups are to be shared from the source account to the monitoring account.", + "title": "LinkConfiguration" + }, + "ResourceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of strings that define which types of data that the source account shares with the monitoring account. Valid values are `AWS::CloudWatch::Metric | AWS::Logs::LogGroup | AWS::XRay::Trace | AWS::ApplicationInsights::Application | AWS::InternetMonitor::Monitor` .", + "title": "ResourceTypes", + "type": "array" + }, + "SinkIdentifier": { + "markdownDescription": "The ARN of the sink in the monitoring account that you want to link to. You can use [ListSinks](https://docs.aws.amazon.com/OAM/latest/APIReference/API_ListSinks.html) to find the ARNs of sinks.", + "title": "SinkIdentifier", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "An array of key-value pairs to apply to the link.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "ResourceTypes", + "SinkIdentifier" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Oam::Link" + ], "type": "string" }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the destination parameter.", - "title": "SourceParameterName", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.DimensionField": { + "AWS::Oam::Link.LinkConfiguration": { "additionalProperties": false, "properties": { - "CategoricalDimensionField": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CategoricalDimensionField", - "markdownDescription": "The dimension type field with categorical type columns.", - "title": "CategoricalDimensionField" - }, - "DateDimensionField": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateDimensionField", - "markdownDescription": "The dimension type field with date type columns.", - "title": "DateDimensionField" + "LogGroupConfiguration": { + "$ref": "#/definitions/AWS::Oam::Link.LinkFilter", + "markdownDescription": "Use this structure to filter which log groups are to share log events from this source account to the monitoring account.", + "title": "LogGroupConfiguration" }, - "NumericalDimensionField": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericalDimensionField", - "markdownDescription": "The dimension type field with numerical type columns.", - "title": "NumericalDimensionField" + "MetricConfiguration": { + "$ref": "#/definitions/AWS::Oam::Link.LinkFilter", + "markdownDescription": "Use this structure to filter which metric namespaces are to be shared from the source account to the monitoring account.", + "title": "MetricConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DonutCenterOptions": { + "AWS::Oam::Link.LinkFilter": { "additionalProperties": false, "properties": { - "LabelVisibility": { - "markdownDescription": "Determines the visibility of the label in a donut chart. In the Amazon QuickSight console, this option is called `'Show total'` .", - "title": "LabelVisibility", + "Filter": { + "markdownDescription": "When used in `MetricConfiguration` this field specifies which metric namespaces are to be shared with the monitoring account\n\nWhen used in `LogGroupConfiguration` this field specifies which log groups are to share their log events with the monitoring account. Use the term `LogGroupName` and one or more of the following operands.\n\nUse single quotation marks (') around log group names and metric namespaces.\n\nThe matching of log group names and metric namespaces is case sensitive. Each filter has a limit of five conditional operands. Conditional operands are `AND` and `OR` .\n\n- `=` and `!=`\n- `AND`\n- `OR`\n- `LIKE` and `NOT LIKE` . These can be used only as prefix searches. Include a `%` at the end of the string that you want to search for and include.\n- `IN` and `NOT IN` , using parentheses `( )`\n\nExamples:\n\n- `Namespace NOT LIKE 'AWS/%'` includes only namespaces that don't start with `AWS/` , such as custom namespaces.\n- `Namespace IN ('AWS/EC2', 'AWS/ELB', 'AWS/S3')` includes only the metrics in the EC2, Elastic Load Balancing , and Amazon S3 namespaces.\n- `Namespace = 'AWS/EC2' OR Namespace NOT LIKE 'AWS/%'` includes only the EC2 namespace and your custom namespaces.\n- `LogGroupName IN ('This-Log-Group', 'Other-Log-Group')` includes only the log groups with names `This-Log-Group` and `Other-Log-Group` .\n- `LogGroupName NOT IN ('Private-Log-Group', 'Private-Log-Group-2')` includes all log groups except the log groups with names `Private-Log-Group` and `Private-Log-Group-2` .\n- `LogGroupName LIKE 'aws/lambda/%' OR LogGroupName LIKE 'AWSLogs%'` includes all log groups that have names that start with `aws/lambda/` or `AWSLogs` .\n\n> If you are updating a link that uses filters, you can specify `*` as the only value for the `filter` parameter to delete the filter and share all log groups with the monitoring account.", + "title": "Filter", "type": "string" } }, + "required": [ + "Filter" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.DonutOptions": { + "AWS::Oam::Sink": { "additionalProperties": false, "properties": { - "ArcOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ArcOptions", - "markdownDescription": "The option for define the arc of the chart shape. Valid values are as follows:\n\n- `WHOLE` - A pie chart\n- `SMALL` - A small-sized donut chart\n- `MEDIUM` - A medium-sized donut chart\n- `LARGE` - A large-sized donut chart", - "title": "ArcOptions" + "Condition": { + "type": "string" }, - "DonutCenterOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DonutCenterOptions", - "markdownDescription": "The label options of the label that is displayed in the center of a donut chart. This option isn't available for pie charts.", - "title": "DonutCenterOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.DrillDownFilter": { - "additionalProperties": false, - "properties": { - "CategoryFilter": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CategoryDrillDownFilter", - "markdownDescription": "The category type drill down filter. This filter is used for string type columns.", - "title": "CategoryFilter" - }, - "NumericEqualityFilter": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericEqualityDrillDownFilter", - "markdownDescription": "The numeric equality type drill down filter. This filter is used for number type columns.", - "title": "NumericEqualityFilter" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "TimeRangeFilter": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TimeRangeDrillDownFilter", - "markdownDescription": "The time range drill down filter. This filter is used for date time columns.", - "title": "TimeRangeFilter" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.DropDownControlDisplayOptions": { - "additionalProperties": false, - "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SelectAllOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ListControlSelectAllOptions", - "markdownDescription": "The configuration of the `Select all` options in a dropdown control.", - "title": "SelectAllOptions" + "Metadata": { + "type": "object" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.DynamicDefaultValue": { - "additionalProperties": false, - "properties": { - "DefaultValueColumn": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that contains the default value of each user or group.", - "title": "DefaultValueColumn" + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "A name for the sink.", + "title": "Name", + "type": "string" + }, + "Policy": { + "markdownDescription": "The IAM policy that grants permissions to source accounts to link to this sink. The policy can grant permission in the following ways:\n\n- Include organization IDs or organization paths to permit all accounts in an organization\n- Include account IDs to permit the specified accounts", + "title": "Policy", + "type": "object" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "An array of key-value pairs to apply to the sink.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "Name" + ], + "type": "object" }, - "GroupNameColumn": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that contains the group name.", - "title": "GroupNameColumn" + "Type": { + "enum": [ + "AWS::Oam::Sink" + ], + "type": "string" }, - "UserNameColumn": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that contains the username.", - "title": "UserNameColumn" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "DefaultValueColumn" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.EmptyVisual": { + "AWS::Omics::AnnotationStore": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description for the store.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the Annotation Store.", + "title": "Name", + "type": "string" + }, + "Reference": { + "$ref": "#/definitions/AWS::Omics::AnnotationStore.ReferenceItem", + "markdownDescription": "The genome reference for the store's annotations.", + "title": "Reference" + }, + "SseConfig": { + "$ref": "#/definitions/AWS::Omics::AnnotationStore.SseConfig", + "markdownDescription": "The store's server-side encryption (SSE) settings.", + "title": "SseConfig" + }, + "StoreFormat": { + "markdownDescription": "The annotation file format of the store.", + "title": "StoreFormat", + "type": "string" + }, + "StoreOptions": { + "$ref": "#/definitions/AWS::Omics::AnnotationStore.StoreOptions", + "markdownDescription": "File parsing options for the annotation store.", + "title": "StoreOptions" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Tags for the store.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "required": [ + "Name", + "StoreFormat" + ], + "type": "object" }, - "DataSetIdentifier": { - "markdownDescription": "The data set that is used in the empty visual. Every visual requires a dataset to render.", - "title": "DataSetIdentifier", + "Type": { + "enum": [ + "AWS::Omics::AnnotationStore" + ], "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "DataSetIdentifier", - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.Entity": { + "AWS::Omics::AnnotationStore.ReferenceItem": { "additionalProperties": false, "properties": { - "Path": { - "markdownDescription": "The hierarchical path of the entity within the analysis, template, or dashboard definition tree.", - "title": "Path", + "ReferenceArn": { + "markdownDescription": "The reference's ARN.", + "title": "ReferenceArn", "type": "string" } }, + "required": [ + "ReferenceArn" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.ExcludePeriodConfiguration": { + "AWS::Omics::AnnotationStore.SseConfig": { "additionalProperties": false, "properties": { - "Amount": { - "markdownDescription": "The amount or number of the exclude period.", - "title": "Amount", - "type": "number" - }, - "Granularity": { - "markdownDescription": "The granularity or unit (day, month, year) of the exclude period.", - "title": "Granularity", + "KeyArn": { + "markdownDescription": "An encryption key ARN.", + "title": "KeyArn", "type": "string" }, - "Status": { - "markdownDescription": "The status of the exclude period. Choose from the following options:\n\n- `ENABLED`\n- `DISABLED`", - "title": "Status", + "Type": { + "markdownDescription": "The encryption type.", + "title": "Type", "type": "string" } }, "required": [ - "Amount", - "Granularity" + "Type" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ExplicitHierarchy": { + "AWS::Omics::AnnotationStore.StoreOptions": { "additionalProperties": false, "properties": { - "Columns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier" - }, - "markdownDescription": "The list of columns that define the explicit hierarchy.", - "title": "Columns", - "type": "array" - }, - "DrillDownFilters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DrillDownFilter" - }, - "markdownDescription": "The option that determines the drill down filters for the explicit hierarchy.", - "title": "DrillDownFilters", - "type": "array" - }, - "HierarchyId": { - "markdownDescription": "The hierarchy ID of the explicit hierarchy.", - "title": "HierarchyId", - "type": "string" + "TsvStoreOptions": { + "$ref": "#/definitions/AWS::Omics::AnnotationStore.TsvStoreOptions", + "markdownDescription": "Formatting options for a TSV file.", + "title": "TsvStoreOptions" } }, "required": [ - "Columns", - "HierarchyId" + "TsvStoreOptions" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ExportHiddenFieldsOption": { - "additionalProperties": false, - "properties": { - "AvailabilityStatus": { - "markdownDescription": "The status of the export hidden fields options of a dashbaord.", - "title": "AvailabilityStatus", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.ExportToCSVOption": { + "AWS::Omics::AnnotationStore.TsvStoreOptions": { "additionalProperties": false, "properties": { - "AvailabilityStatus": { - "markdownDescription": "Availability status.", - "title": "AvailabilityStatus", + "AnnotationType": { + "markdownDescription": "The store's annotation type.", + "title": "AnnotationType", "type": "string" + }, + "FormatToHeader": { + "additionalProperties": true, + "markdownDescription": "The store's header key to column name mapping.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "FormatToHeader", + "type": "object" + }, + "Schema": { + "markdownDescription": "The schema of an annotation store.", + "title": "Schema", + "type": "object" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ExportWithHiddenFieldsOption": { + "AWS::Omics::ReferenceStore": { "additionalProperties": false, "properties": { - "AvailabilityStatus": { - "markdownDescription": "The status of the export with hidden fields options.", - "title": "AvailabilityStatus", + "Condition": { "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.FieldBasedTooltip": { - "additionalProperties": false, - "properties": { - "AggregationVisibility": { - "markdownDescription": "The visibility of `Show aggregations` .", - "title": "AggregationVisibility", + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "TooltipFields": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipItem" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description for the store.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "A name for the store.", + "title": "Name", + "type": "string" + }, + "SseConfig": { + "$ref": "#/definitions/AWS::Omics::ReferenceStore.SseConfig", + "markdownDescription": "Server-side encryption (SSE) settings for the store.", + "title": "SseConfig" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Tags for the store.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } }, - "markdownDescription": "The fields configuration in the tooltip.", - "title": "TooltipFields", - "type": "array" + "required": [ + "Name" + ], + "type": "object" }, - "TooltipTitleType": { - "markdownDescription": "The type for the >tooltip title. Choose one of the following options:\n\n- `NONE` : Doesn't use the primary value as the title.\n- `PRIMARY_VALUE` : Uses primary value as the title.", - "title": "TooltipTitleType", + "Type": { + "enum": [ + "AWS::Omics::ReferenceStore" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.FieldLabelType": { + "AWS::Omics::ReferenceStore.SseConfig": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "Indicates the field that is targeted by the field label.", - "title": "FieldId", + "KeyArn": { + "markdownDescription": "An encryption key ARN.", + "title": "KeyArn", "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the field label.", - "title": "Visibility", + "Type": { + "markdownDescription": "The encryption type.", + "title": "Type", "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.FieldSeriesItem": { + "AWS::Omics::RunGroup": { "additionalProperties": false, "properties": { - "AxisBinding": { - "markdownDescription": "The axis that you are binding the field to.", - "title": "AxisBinding", + "Condition": { "type": "string" }, - "FieldId": { - "markdownDescription": "The field ID of the field for which you are setting the axis binding.", - "title": "FieldId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Settings": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartSeriesSettings", - "markdownDescription": "The options that determine the presentation of line series associated to the field.", - "title": "Settings" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "MaxCpus": { + "markdownDescription": "The group's maximum CPU count setting.", + "title": "MaxCpus", + "type": "number" + }, + "MaxDuration": { + "markdownDescription": "The group's maximum duration setting in minutes.", + "title": "MaxDuration", + "type": "number" + }, + "MaxGpus": { + "markdownDescription": "The maximum GPUs that can be used by a run group.", + "title": "MaxGpus", + "type": "number" + }, + "MaxRuns": { + "markdownDescription": "The group's maximum concurrent run setting.", + "title": "MaxRuns", + "type": "number" + }, + "Name": { + "markdownDescription": "The group's name.", + "title": "Name", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Tags for the group.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Omics::RunGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "AxisBinding", - "FieldId" + "Type" ], "type": "object" }, - "AWS::QuickSight::Dashboard.FieldSort": { + "AWS::Omics::SequenceStore": { "additionalProperties": false, "properties": { - "Direction": { - "markdownDescription": "The sort direction. Choose one of the following options:\n\n- `ASC` : Ascending\n- `DESC` : Descending", - "title": "Direction", + "Condition": { "type": "string" }, - "FieldId": { - "markdownDescription": "The sort configuration target field.", - "title": "FieldId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AccessLogLocation": { + "markdownDescription": "Location of the access logs.", + "title": "AccessLogLocation", + "type": "string" + }, + "Description": { + "markdownDescription": "A description for the store.", + "title": "Description", + "type": "string" + }, + "ETagAlgorithmFamily": { + "markdownDescription": "The algorithm family of the ETag.", + "title": "ETagAlgorithmFamily", + "type": "string" + }, + "FallbackLocation": { + "markdownDescription": "An S3 location that is used to store files that have failed a direct upload.", + "title": "FallbackLocation", + "type": "string" + }, + "Name": { + "markdownDescription": "A name for the store.", + "title": "Name", + "type": "string" + }, + "PropagatedSetLevelTags": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "PropagatedSetLevelTags", + "type": "array" + }, + "S3AccessPolicy": { + "markdownDescription": "", + "title": "S3AccessPolicy", + "type": "object" + }, + "SseConfig": { + "$ref": "#/definitions/AWS::Omics::SequenceStore.SseConfig", + "markdownDescription": "Server-side encryption (SSE) settings for the store.", + "title": "SseConfig" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Tags for the store.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Omics::SequenceStore" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Direction", - "FieldId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.FieldSortOptions": { + "AWS::Omics::SequenceStore.SseConfig": { "additionalProperties": false, "properties": { - "ColumnSort": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnSort", - "markdownDescription": "The sort configuration for a column that is not used in a field well.", - "title": "ColumnSort" + "KeyArn": { + "markdownDescription": "An encryption key ARN.", + "title": "KeyArn", + "type": "string" }, - "FieldSort": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSort", - "markdownDescription": "The sort configuration for a field in a field well.", - "title": "FieldSort" + "Type": { + "markdownDescription": "The encryption type.", + "title": "Type", + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.FieldTooltipItem": { + "AWS::Omics::VariantStore": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The unique ID of the field that is targeted by the tooltip.", - "title": "FieldId", + "Condition": { "type": "string" }, - "Label": { - "markdownDescription": "The label of the tooltip item.", - "title": "Label", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the tooltip item.", - "title": "Visibility", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description for the store.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "A name for the store.", + "title": "Name", + "type": "string" + }, + "Reference": { + "$ref": "#/definitions/AWS::Omics::VariantStore.ReferenceItem", + "markdownDescription": "The genome reference for the store's variants.", + "title": "Reference" + }, + "SseConfig": { + "$ref": "#/definitions/AWS::Omics::VariantStore.SseConfig", + "markdownDescription": "Server-side encryption (SSE) settings for the store.", + "title": "SseConfig" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Tags for the store.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "Name", + "Reference" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Omics::VariantStore" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "FieldId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.FilledMapAggregatedFieldWells": { - "additionalProperties": false, - "properties": { - "Geospatial": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The aggregated location field well of the filled map. Values are grouped by location fields.", - "title": "Geospatial", - "type": "array" - }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The aggregated color field well of a filled map. Values are aggregated based on location fields.", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.FilledMapConditionalFormatting": { + "AWS::Omics::VariantStore.ReferenceItem": { "additionalProperties": false, "properties": { - "ConditionalFormattingOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapConditionalFormattingOption" - }, - "markdownDescription": "Conditional formatting options of a `FilledMapVisual` .", - "title": "ConditionalFormattingOptions", - "type": "array" + "ReferenceArn": { + "markdownDescription": "The reference's ARN.", + "title": "ReferenceArn", + "type": "string" } }, "required": [ - "ConditionalFormattingOptions" + "ReferenceArn" ], "type": "object" }, - "AWS::QuickSight::Dashboard.FilledMapConditionalFormattingOption": { + "AWS::Omics::VariantStore.SseConfig": { "additionalProperties": false, "properties": { - "Shape": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapShapeConditionalFormatting", - "markdownDescription": "The conditional formatting that determines the shape of the filled map.", - "title": "Shape" + "KeyArn": { + "markdownDescription": "An encryption key ARN.", + "title": "KeyArn", + "type": "string" + }, + "Type": { + "markdownDescription": "The encryption type.", + "title": "Type", + "type": "string" } }, "required": [ - "Shape" + "Type" ], "type": "object" }, - "AWS::QuickSight::Dashboard.FilledMapConfiguration": { + "AWS::Omics::Workflow": { "additionalProperties": false, "properties": { - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" + "Condition": { + "type": "string" }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "MapStyleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapStyleOptions", - "markdownDescription": "The map style options of the filled map visual.", - "title": "MapStyleOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapSortConfiguration", - "markdownDescription": "The sort configuration of a `FilledMapVisual` .", - "title": "SortConfiguration" + "Metadata": { + "type": "object" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" + "Properties": { + "additionalProperties": false, + "properties": { + "Accelerators": { + "markdownDescription": "", + "title": "Accelerators", + "type": "string" + }, + "DefinitionUri": { + "markdownDescription": "The URI of a definition for the workflow.", + "title": "DefinitionUri", + "type": "string" + }, + "Description": { + "markdownDescription": "The parameter's description.", + "title": "Description", + "type": "string" + }, + "Engine": { + "markdownDescription": "An engine for the workflow.", + "title": "Engine", + "type": "string" + }, + "Main": { + "markdownDescription": "The path of the main definition file for the workflow.", + "title": "Main", + "type": "string" + }, + "Name": { + "markdownDescription": "The workflow's name.", + "title": "Name", + "type": "string" + }, + "ParameterTemplate": { + "additionalProperties": false, + "markdownDescription": "The workflow's parameter template.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::Omics::Workflow.WorkflowParameter" + } + }, + "title": "ParameterTemplate", + "type": "object" + }, + "StorageCapacity": { + "markdownDescription": "The default static storage capacity (in gibibytes) for runs that use this workflow or workflow version. The `storageCapacity` can be overwritten at run time. The storage capacity is not required for runs with a `DYNAMIC` storage type.", + "title": "StorageCapacity", + "type": "number" + }, + "StorageType": { + "markdownDescription": "", + "title": "StorageType", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Tags for the workflow.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "type": "object" }, - "WindowOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialWindowOptions", - "markdownDescription": "The window options of the filled map visual.", - "title": "WindowOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.FilledMapFieldWells": { - "additionalProperties": false, - "properties": { - "FilledMapAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapAggregatedFieldWells", - "markdownDescription": "The aggregated field well of the filled map.", - "title": "FilledMapAggregatedFieldWells" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.FilledMapShapeConditionalFormatting": { - "additionalProperties": false, - "properties": { - "FieldId": { - "markdownDescription": "The field ID of the filled map shape.", - "title": "FieldId", + "Type": { + "enum": [ + "AWS::Omics::Workflow" + ], "type": "string" }, - "Format": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ShapeConditionalFormat", - "markdownDescription": "The conditional formatting that determines the background color of a filled map's shape.", - "title": "Format" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "FieldId" + "Type" ], "type": "object" }, - "AWS::QuickSight::Dashboard.FilledMapSortConfiguration": { + "AWS::Omics::Workflow.WorkflowParameter": { "additionalProperties": false, "properties": { - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the location fields.", - "title": "CategorySort", - "type": "array" + "Description": { + "markdownDescription": "The parameter's description.", + "title": "Description", + "type": "string" + }, + "Optional": { + "markdownDescription": "Whether the parameter is optional.", + "title": "Optional", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FilledMapVisual": { + "AWS::Omics::WorkflowVersion": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapConditionalFormatting", - "markdownDescription": "The conditional formatting of a `FilledMapVisual` .", - "title": "ConditionalFormatting" + "Metadata": { + "type": "object" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Properties": { + "additionalProperties": false, + "properties": { + "Accelerators": { + "markdownDescription": "", + "title": "Accelerators", + "type": "string" + }, + "DefinitionUri": { + "markdownDescription": "", + "title": "DefinitionUri", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the workflow version.", + "title": "Description", + "type": "string" + }, + "Engine": { + "markdownDescription": "", + "title": "Engine", + "type": "string" + }, + "Main": { + "markdownDescription": "", + "title": "Main", + "type": "string" + }, + "ParameterTemplate": { + "additionalProperties": false, + "markdownDescription": "", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::Omics::WorkflowVersion.WorkflowParameter" + } + }, + "title": "ParameterTemplate", + "type": "object" + }, + "StorageCapacity": { + "markdownDescription": "", + "title": "StorageCapacity", + "type": "number" + }, + "StorageType": { + "markdownDescription": "", + "title": "StorageType", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "VersionName": { + "markdownDescription": "The name of the workflow version.", + "title": "VersionName", + "type": "string" + }, + "WorkflowBucketOwnerId": { + "markdownDescription": "", + "title": "WorkflowBucketOwnerId", + "type": "string" + }, + "WorkflowId": { + "markdownDescription": "The workflow's ID.", + "title": "WorkflowId", + "type": "string" + } + }, + "required": [ + "VersionName", + "WorkflowId" + ], + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Type": { + "enum": [ + "AWS::Omics::WorkflowVersion" + ], + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.Filter": { + "AWS::Omics::WorkflowVersion.WorkflowParameter": { "additionalProperties": false, "properties": { - "CategoryFilter": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CategoryFilter", - "markdownDescription": "A `CategoryFilter` filters text values.\n\nFor more information, see [Adding text filters](https://docs.aws.amazon.com/quicksight/latest/user/add-a-text-filter-data-prep.html) in the *Amazon QuickSight User Guide* .", - "title": "CategoryFilter" - }, - "NumericEqualityFilter": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericEqualityFilter", - "markdownDescription": "A `NumericEqualityFilter` filters numeric values that equal or do not equal a given numeric value.", - "title": "NumericEqualityFilter" - }, - "NumericRangeFilter": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericRangeFilter", - "markdownDescription": "A `NumericRangeFilter` filters numeric values that are either inside or outside a given numeric range.", - "title": "NumericRangeFilter" - }, - "RelativeDatesFilter": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RelativeDatesFilter", - "markdownDescription": "A `RelativeDatesFilter` filters date values that are relative to a given date.", - "title": "RelativeDatesFilter" - }, - "TimeEqualityFilter": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TimeEqualityFilter", - "markdownDescription": "A `TimeEqualityFilter` filters date-time values that equal or do not equal a given date/time value.", - "title": "TimeEqualityFilter" - }, - "TimeRangeFilter": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TimeRangeFilter", - "markdownDescription": "A `TimeRangeFilter` filters date-time values that are either inside or outside a given date/time range.", - "title": "TimeRangeFilter" + "Description": { + "markdownDescription": "The parameter's description.", + "title": "Description", + "type": "string" }, - "TopBottomFilter": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TopBottomFilter", - "markdownDescription": "A `TopBottomFilter` filters data to the top or bottom values for a given column.", - "title": "TopBottomFilter" + "Optional": { + "markdownDescription": "Whether the parameter is optional.", + "title": "Optional", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FilterControl": { + "AWS::OpenSearchServerless::AccessPolicy": { "additionalProperties": false, "properties": { - "CrossSheet": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterCrossSheetControl", - "markdownDescription": "A control from a filter that is scoped across more than one sheet. This represents your filter control on a sheet", - "title": "CrossSheet" - }, - "DateTimePicker": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterDateTimePickerControl", - "markdownDescription": "A control from a date filter that is used to specify date and time.", - "title": "DateTimePicker" - }, - "Dropdown": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterDropDownControl", - "markdownDescription": "A control to display a dropdown list with buttons that are used to select a single value.", - "title": "Dropdown" - }, - "List": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterListControl", - "markdownDescription": "A control to display a list of buttons or boxes. This is used to select either a single value or multiple values.", - "title": "List" + "Condition": { + "type": "string" }, - "RelativeDateTime": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterRelativeDateTimeControl", - "markdownDescription": "A control from a date filter that is used to specify the relative date.", - "title": "RelativeDateTime" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Slider": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterSliderControl", - "markdownDescription": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle.", - "title": "Slider" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "TextArea": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterTextAreaControl", - "markdownDescription": "A control to display a text box that is used to enter multiple entries.", - "title": "TextArea" + "Metadata": { + "type": "object" }, - "TextField": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterTextFieldControl", - "markdownDescription": "A control to display a text box that is used to enter a single entry.", - "title": "TextField" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.FilterCrossSheetControl": { - "additionalProperties": false, - "properties": { - "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CascadingControlConfiguration", - "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", - "title": "CascadingControlConfiguration" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the policy.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the policy.", + "title": "Name", + "type": "string" + }, + "Policy": { + "markdownDescription": "The JSON policy document without any whitespaces.", + "title": "Policy", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of access policy. Currently the only option is `data` .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Name", + "Policy", + "Type" + ], + "type": "object" }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterCrossSheetControl` .", - "title": "FilterControlId", + "Type": { + "enum": [ + "AWS::OpenSearchServerless::AccessPolicy" + ], "type": "string" }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterCrossSheetControl` .", - "title": "SourceFilterId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "FilterControlId", - "SourceFilterId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.FilterDateTimePickerControl": { + "AWS::OpenSearchServerless::Collection": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimePickerControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterDateTimePickerControl` .", - "title": "FilterControlId", - "type": "string" - }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterDateTimePickerControl` .", - "title": "SourceFilterId", - "type": "string" - }, - "Title": { - "markdownDescription": "The title of the `FilterDateTimePickerControl` .", - "title": "Title", + "Condition": { "type": "string" }, - "Type": { - "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", - "title": "Type", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "required": [ - "FilterControlId", - "SourceFilterId", - "Title" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.FilterDropDownControl": { - "additionalProperties": false, - "properties": { - "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CascadingControlConfiguration", - "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", - "title": "CascadingControlConfiguration" - }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DropDownControlDisplayOptions", - "markdownDescription": "The display options of the `FilterDropDownControl` .", - "title": "DisplayOptions" }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterDropDownControl` .", - "title": "FilterControlId", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" + "Metadata": { + "type": "object" }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterDropDownControl` .", - "title": "SourceFilterId", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the collection.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the collection.\n\nCollection names must meet the following criteria:\n\n- Starts with a lowercase letter\n- Unique to your account and AWS Region\n- Contains between 3 and 28 characters\n- Contains only lowercase letters a-z, the numbers 0-9, and the hyphen (-)", + "title": "Name", + "type": "string" + }, + "StandbyReplicas": { + "markdownDescription": "Indicates whether to use standby replicas for the collection. You can't update this property after the collection is already created. If you attempt to modify this property, the collection continues to use the original value.", + "title": "StandbyReplicas", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An arbitrary set of tags (key\u2013value pairs) to associate with the collection.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of collection. Possible values are `SEARCH` , `TIMESERIES` , and `VECTORSEARCH` . For more information, see [Choosing a collection type](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/serverless-overview.html#serverless-usecase) .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" }, - "Title": { - "markdownDescription": "The title of the `FilterDropDownControl` .", - "title": "Title", + "Type": { + "enum": [ + "AWS::OpenSearchServerless::Collection" + ], "type": "string" }, - "Type": { - "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", - "title": "Type", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "FilterControlId", - "SourceFilterId", - "Title" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.FilterGroup": { + "AWS::OpenSearchServerless::Index": { "additionalProperties": false, "properties": { - "CrossDataset": { - "markdownDescription": "The filter new feature which can apply filter group to all data sets. Choose one of the following options:\n\n- `ALL_DATASETS`\n- `SINGLE_DATASET`", - "title": "CrossDataset", + "Condition": { "type": "string" }, - "FilterGroupId": { - "markdownDescription": "The value that uniquely identifies a `FilterGroup` within a dashboard, template, or analysis.", - "title": "FilterGroupId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Filters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.Filter" - }, - "markdownDescription": "The list of filters that are present in a `FilterGroup` .", - "title": "Filters", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ScopeConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterScopeConfiguration", - "markdownDescription": "The configuration that specifies what scope to apply to a `FilterGroup` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", - "title": "ScopeConfiguration" + "Metadata": { + "type": "object" }, - "Status": { - "markdownDescription": "The status of the `FilterGroup` .", - "title": "Status", - "type": "string" - } - }, - "required": [ - "CrossDataset", - "FilterGroupId", - "Filters", - "ScopeConfiguration" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.FilterListConfiguration": { - "additionalProperties": false, - "properties": { - "CategoryValues": { - "items": { - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "CollectionEndpoint": { + "markdownDescription": "The endpoint for the collection.", + "title": "CollectionEndpoint", + "type": "string" + }, + "IndexName": { + "markdownDescription": "The name of the OpenSearch Serverless index.", + "title": "IndexName", + "type": "string" + }, + "Mappings": { + "$ref": "#/definitions/AWS::OpenSearchServerless::Index.Mappings", + "markdownDescription": "Index mappings for the OpenSearch Serverless index.", + "title": "Mappings" + }, + "Settings": { + "$ref": "#/definitions/AWS::OpenSearchServerless::Index.IndexSettings", + "markdownDescription": "Index settings for the OpenSearch Serverless index.", + "title": "Settings" + } }, - "markdownDescription": "The list of category values for the filter.", - "title": "CategoryValues", - "type": "array" - }, - "MatchOperator": { - "markdownDescription": "The match operator that is used to determine if a filter should be applied.", - "title": "MatchOperator", - "type": "string" + "required": [ + "CollectionEndpoint", + "IndexName" + ], + "type": "object" }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", + "Type": { + "enum": [ + "AWS::OpenSearchServerless::Index" + ], "type": "string" }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "MatchOperator" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.FilterListControl": { + "AWS::OpenSearchServerless::Index.Index": { "additionalProperties": false, "properties": { - "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CascadingControlConfiguration", - "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", - "title": "CascadingControlConfiguration" - }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ListControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterListControl` .", - "title": "FilterControlId", - "type": "string" - }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" - }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterListControl` .", - "title": "SourceFilterId", - "type": "string" + "Knn": { + "markdownDescription": "Enable or disable k-nearest neighbor search capability.", + "title": "Knn", + "type": "boolean" }, - "Title": { - "markdownDescription": "The title of the `FilterListControl` .", - "title": "Title", - "type": "string" + "KnnAlgoParamEfSearch": { + "markdownDescription": "The size of the dynamic list for the nearest neighbors.", + "title": "KnnAlgoParamEfSearch", + "type": "number" }, - "Type": { - "markdownDescription": "The type of the `FilterListControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list.", - "title": "Type", + "RefreshInterval": { + "markdownDescription": "How often to perform a refresh operation. For example, 1s or 5s.", + "title": "RefreshInterval", "type": "string" } }, - "required": [ - "FilterControlId", - "SourceFilterId", - "Title" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.FilterOperationSelectedFieldsConfiguration": { + "AWS::OpenSearchServerless::Index.IndexSettings": { "additionalProperties": false, "properties": { - "SelectedColumns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier" - }, - "markdownDescription": "The selected columns of a dataset.", - "title": "SelectedColumns", - "type": "array" - }, - "SelectedFieldOptions": { - "markdownDescription": "A structure that contains the options that choose which fields are filtered in the `CustomActionFilterOperation` .\n\nValid values are defined as follows:\n\n- `ALL_FIELDS` : Applies the filter operation to all fields.", - "title": "SelectedFieldOptions", - "type": "string" - }, - "SelectedFields": { - "items": { - "type": "string" - }, - "markdownDescription": "Chooses the fields that are filtered in `CustomActionFilterOperation` .", - "title": "SelectedFields", - "type": "array" + "Index": { + "$ref": "#/definitions/AWS::OpenSearchServerless::Index.Index", + "markdownDescription": "Index settings.", + "title": "Index" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FilterOperationTargetVisualsConfiguration": { + "AWS::OpenSearchServerless::Index.Mappings": { "additionalProperties": false, "properties": { - "SameSheetTargetVisualConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SameSheetTargetVisualConfiguration", - "markdownDescription": "The configuration of the same-sheet target visuals that you want to be filtered.", - "title": "SameSheetTargetVisualConfiguration" + "Properties": { + "additionalProperties": false, + "markdownDescription": "Nested fields within an object or nested field type.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::OpenSearchServerless::Index.PropertyMapping" + } + }, + "title": "Properties", + "type": "object" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FilterRelativeDateTimeControl": { + "AWS::OpenSearchServerless::Index.Method": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RelativeDateTimeControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterTextAreaControl` .", - "title": "FilterControlId", + "Engine": { + "markdownDescription": "The k-NN search engine to use", + "title": "Engine", "type": "string" }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterTextAreaControl` .", - "title": "SourceFilterId", + "Name": { + "markdownDescription": "The algorithm name for k-NN search.", + "title": "Name", "type": "string" }, - "Title": { - "markdownDescription": "The title of the `FilterTextAreaControl` .", - "title": "Title", + "Parameters": { + "$ref": "#/definitions/AWS::OpenSearchServerless::Index.Parameters", + "markdownDescription": "Additional parameters for the k-NN algorithm.", + "title": "Parameters" + }, + "SpaceType": { + "markdownDescription": "The distance function used for k-NN search.", + "title": "SpaceType", "type": "string" } }, "required": [ - "FilterControlId", - "SourceFilterId", - "Title" + "Engine", + "Name" ], "type": "object" }, - "AWS::QuickSight::Dashboard.FilterScopeConfiguration": { + "AWS::OpenSearchServerless::Index.Parameters": { "additionalProperties": false, "properties": { - "AllSheets": { - "markdownDescription": "The configuration that applies a filter to all sheets. When you choose `AllSheets` as the value for a `FilterScopeConfiguration` , this filter is applied to all visuals of all sheets in an Analysis, Dashboard, or Template. The `AllSheetsFilterScopeConfiguration` is chosen.", - "title": "AllSheets", - "type": "object" + "EfConstruction": { + "markdownDescription": "The size of the dynamic list used during k-NN graph creation.", + "title": "EfConstruction", + "type": "number" }, - "SelectedSheets": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SelectedSheetsFilterScopeConfiguration", - "markdownDescription": "The configuration for applying a filter to specific sheets.", - "title": "SelectedSheets" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.FilterSelectableValues": { - "additionalProperties": false, - "properties": { - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The values that are used in the `FilterSelectableValues` .", - "title": "Values", - "type": "array" + "M": { + "markdownDescription": "Number of neighbors to consider during k-NN search.", + "title": "M", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FilterSliderControl": { + "AWS::OpenSearchServerless::Index.PropertyMapping": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SliderControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterSliderControl` .", - "title": "FilterControlId", - "type": "string" - }, - "MaximumValue": { - "markdownDescription": "The larger value that is displayed at the right of the slider.", - "title": "MaximumValue", - "type": "number" - }, - "MinimumValue": { - "markdownDescription": "The smaller value that is displayed at the left of the slider.", - "title": "MinimumValue", + "Dimension": { + "markdownDescription": "Dimension size for vector fields, defines the number of dimensions in the vector.", + "title": "Dimension", "type": "number" }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterSliderControl` .", - "title": "SourceFilterId", - "type": "string" + "Index": { + "markdownDescription": "Whether a field should be indexed.", + "title": "Index", + "type": "boolean" }, - "StepSize": { - "markdownDescription": "The number of increments that the slider bar is divided into.", - "title": "StepSize", - "type": "number" + "Method": { + "$ref": "#/definitions/AWS::OpenSearchServerless::Index.Method", + "markdownDescription": "Configuration for k-NN search method.", + "title": "Method" }, - "Title": { - "markdownDescription": "The title of the `FilterSliderControl` .", - "title": "Title", - "type": "string" + "Properties": { + "additionalProperties": false, + "markdownDescription": "Defines the fields within the mapping, including their types and configurations.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::OpenSearchServerless::Index.PropertyMapping" + } + }, + "title": "Properties", + "type": "object" }, "Type": { - "markdownDescription": "The type of the `FilterSliderControl` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range.", + "markdownDescription": "The field data type. Must be a valid OpenSearch field type.", "title": "Type", "type": "string" + }, + "Value": { + "markdownDescription": "Default value for the field when not specified in a document.", + "title": "Value", + "type": "string" } }, "required": [ - "FilterControlId", - "MaximumValue", - "MinimumValue", - "SourceFilterId", - "StepSize", - "Title" + "Type" ], "type": "object" }, - "AWS::QuickSight::Dashboard.FilterTextAreaControl": { + "AWS::OpenSearchServerless::LifecyclePolicy": { "additionalProperties": false, "properties": { - "Delimiter": { - "markdownDescription": "The delimiter that is used to separate the lines in text.", - "title": "Delimiter", + "Condition": { "type": "string" }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextAreaControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterTextAreaControl` .", - "title": "FilterControlId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterTextAreaControl` .", - "title": "SourceFilterId", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the lifecycle policy.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the lifecycle policy.", + "title": "Name", + "type": "string" + }, + "Policy": { + "markdownDescription": "The JSON policy document without any whitespaces.", + "title": "Policy", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of lifecycle policy.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Name", + "Policy", + "Type" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::OpenSearchServerless::LifecyclePolicy" + ], "type": "string" }, - "Title": { - "markdownDescription": "The title of the `FilterTextAreaControl` .", - "title": "Title", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "FilterControlId", - "SourceFilterId", - "Title" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.FilterTextFieldControl": { + "AWS::OpenSearchServerless::SecurityConfig": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextFieldControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "Condition": { + "type": "string" }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterTextFieldControl` .", - "title": "FilterControlId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterTextFieldControl` .", - "title": "SourceFilterId", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the security configuration.", + "title": "Description", + "type": "string" + }, + "IamIdentityCenterOptions": { + "$ref": "#/definitions/AWS::OpenSearchServerless::SecurityConfig.IamIdentityCenterConfigOptions", + "markdownDescription": "Describes IAM Identity Center options in the form of a key-value map.", + "title": "IamIdentityCenterOptions" + }, + "Name": { + "markdownDescription": "The name of the security configuration.", + "title": "Name", + "type": "string" + }, + "SamlOptions": { + "$ref": "#/definitions/AWS::OpenSearchServerless::SecurityConfig.SamlConfigOptions", + "markdownDescription": "SAML options for the security configuration in the form of a key-value map.", + "title": "SamlOptions" + }, + "Type": { + "markdownDescription": "The type of security configuration. Currently the only option is `saml` .", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::OpenSearchServerless::SecurityConfig" + ], "type": "string" }, - "Title": { - "markdownDescription": "The title of the `FilterTextFieldControl` .", - "title": "Title", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "FilterControlId", - "SourceFilterId", - "Title" + "Type" ], "type": "object" }, - "AWS::QuickSight::Dashboard.FontConfiguration": { + "AWS::OpenSearchServerless::SecurityConfig.IamIdentityCenterConfigOptions": { "additionalProperties": false, "properties": { - "FontColor": { - "markdownDescription": "Determines the color of the text.", - "title": "FontColor", + "ApplicationArn": { + "markdownDescription": "The ARN of the IAM Identity Center application used to integrate with OpenSearch Serverless.", + "title": "ApplicationArn", "type": "string" }, - "FontDecoration": { - "markdownDescription": "Determines the appearance of decorative lines on the text.", - "title": "FontDecoration", + "ApplicationDescription": { + "markdownDescription": "The description of the IAM Identity Center application used to integrate with OpenSearch Serverless.", + "title": "ApplicationDescription", "type": "string" }, - "FontSize": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontSize", - "markdownDescription": "The option that determines the text display size.", - "title": "FontSize" + "ApplicationName": { + "markdownDescription": "The name of the IAM Identity Center application used to integrate with OpenSearch Serverless.", + "title": "ApplicationName", + "type": "string" }, - "FontStyle": { - "markdownDescription": "Determines the text display face that is inherited by the given font family.", - "title": "FontStyle", + "GroupAttribute": { + "markdownDescription": "The group attribute for this IAM Identity Center integration. Defaults to `GroupId` .", + "title": "GroupAttribute", "type": "string" }, - "FontWeight": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontWeight", - "markdownDescription": "The option that determines the text display weight, or boldness.", - "title": "FontWeight" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.FontSize": { - "additionalProperties": false, - "properties": { - "Relative": { - "markdownDescription": "The lexical name for the text size, proportional to its surrounding context.", - "title": "Relative", + "InstanceArn": { + "markdownDescription": "The ARN of the IAM Identity Center instance used to integrate with OpenSearch Serverless.", + "title": "InstanceArn", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.FontWeight": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The lexical name for the level of boldness of the text display.", - "title": "Name", + }, + "UserAttribute": { + "markdownDescription": "The user attribute for this IAM Identity Center integration. Defaults to `UserId`", + "title": "UserAttribute", "type": "string" } }, + "required": [ + "InstanceArn" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.ForecastComputation": { + "AWS::OpenSearchServerless::SecurityConfig.SamlConfigOptions": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", + "GroupAttribute": { + "markdownDescription": "The group attribute for this SAML integration.", + "title": "GroupAttribute", "type": "string" }, - "CustomSeasonalityValue": { - "markdownDescription": "The custom seasonality value setup of a forecast computation.", - "title": "CustomSeasonalityValue", - "type": "number" - }, - "LowerBoundary": { - "markdownDescription": "The lower boundary setup of a forecast computation.", - "title": "LowerBoundary", - "type": "number" - }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "Metadata": { + "markdownDescription": "The XML IdP metadata file generated from your identity provider.", + "title": "Metadata", "type": "string" }, - "PeriodsBackward": { - "markdownDescription": "The periods backward setup of a forecast computation.", - "title": "PeriodsBackward", - "type": "number" - }, - "PeriodsForward": { - "markdownDescription": "The periods forward setup of a forecast computation.", - "title": "PeriodsForward", - "type": "number" - }, - "PredictionInterval": { - "markdownDescription": "The prediction interval setup of a forecast computation.", - "title": "PredictionInterval", - "type": "number" - }, - "Seasonality": { - "markdownDescription": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `AUTOMATIC`\n- `CUSTOM` : Checks the custom seasonality value.", - "title": "Seasonality", + "OpenSearchServerlessEntityId": { + "markdownDescription": "Custom entity id attribute to override default entity id for this saml integration.", + "title": "OpenSearchServerlessEntityId", "type": "string" }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" - }, - "UpperBoundary": { - "markdownDescription": "The upper boundary setup of a forecast computation.", - "title": "UpperBoundary", + "SessionTimeout": { + "markdownDescription": "The session timeout, in minutes. Default is 60 minutes (12 hours).", + "title": "SessionTimeout", "type": "number" }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "UserAttribute": { + "markdownDescription": "A user attribute for this SAML integration.", + "title": "UserAttribute", + "type": "string" } }, "required": [ - "ComputationId" + "Metadata" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ForecastConfiguration": { - "additionalProperties": false, - "properties": { - "ForecastProperties": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TimeBasedForecastProperties", - "markdownDescription": "The forecast properties setup of a forecast in the line chart.", - "title": "ForecastProperties" - }, - "Scenario": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ForecastScenario", - "markdownDescription": "The forecast scenario of a forecast in the line chart.", - "title": "Scenario" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.ForecastScenario": { - "additionalProperties": false, - "properties": { - "WhatIfPointScenario": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WhatIfPointScenario", - "markdownDescription": "The what-if analysis forecast setup with the target date.", - "title": "WhatIfPointScenario" - }, - "WhatIfRangeScenario": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WhatIfRangeScenario", - "markdownDescription": "The what-if analysis forecast setup with the date range.", - "title": "WhatIfRangeScenario" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.FormatConfiguration": { + "AWS::OpenSearchServerless::SecurityPolicy": { "additionalProperties": false, "properties": { - "DateTimeFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeFormatConfiguration", - "markdownDescription": "Formatting configuration for `DateTime` fields.", - "title": "DateTimeFormatConfiguration" + "Condition": { + "type": "string" }, - "NumberFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumberFormatConfiguration", - "markdownDescription": "Formatting configuration for number fields.", - "title": "NumberFormatConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "StringFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringFormatConfiguration", - "markdownDescription": "Formatting configuration for string fields.", - "title": "StringFormatConfiguration" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.FreeFormLayoutCanvasSizeOptions": { - "additionalProperties": false, - "properties": { - "ScreenCanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutScreenCanvasSizeOptions", - "markdownDescription": "The options that determine the sizing of the canvas used in a free-form layout.", - "title": "ScreenCanvasSizeOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.FreeFormLayoutConfiguration": { - "additionalProperties": false, - "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutCanvasSizeOptions", - "markdownDescription": "", - "title": "CanvasSizeOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Elements": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutElement" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the security policy.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the policy.", + "title": "Name", + "type": "string" + }, + "Policy": { + "markdownDescription": "The JSON policy document without any whitespaces.", + "title": "Policy", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of security policy. Can be either `encryption` or `network` .", + "title": "Type", + "type": "string" + } }, - "markdownDescription": "The elements that are included in a free-form layout.", - "title": "Elements", - "type": "array" + "required": [ + "Name", + "Policy", + "Type" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::OpenSearchServerless::SecurityPolicy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Elements" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.FreeFormLayoutElement": { + "AWS::OpenSearchServerless::VpcEndpoint": { "additionalProperties": false, "properties": { - "BackgroundStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutElementBackgroundStyle", - "markdownDescription": "The background style configuration of a free-form layout element.", - "title": "BackgroundStyle" - }, - "BorderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutElementBorderStyle", - "markdownDescription": "The border style configuration of a free-form layout element.", - "title": "BorderStyle" - }, - "ElementId": { - "markdownDescription": "A unique identifier for an element within a free-form layout.", - "title": "ElementId", + "Condition": { "type": "string" }, - "ElementType": { - "markdownDescription": "The type of element.", - "title": "ElementType", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Height": { - "markdownDescription": "The height of an element within a free-form layout.", - "title": "Height", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "LoadingAnimation": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LoadingAnimation", - "markdownDescription": "The loading animation configuration of a free-form layout element.", - "title": "LoadingAnimation" + "Metadata": { + "type": "object" }, - "RenderingRules": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetElementRenderingRule" + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the endpoint.", + "title": "Name", + "type": "string" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The unique identifiers of the security groups that define the ports, protocols, and sources for inbound traffic that you are authorizing into your endpoint.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The ID of the subnets from which you access OpenSearch Serverless.", + "title": "SubnetIds", + "type": "array" + }, + "VpcId": { + "markdownDescription": "The ID of the VPC from which you access OpenSearch Serverless.", + "title": "VpcId", + "type": "string" + } }, - "markdownDescription": "The rendering rules that determine when an element should be displayed within a free-form layout.", - "title": "RenderingRules", - "type": "array" - }, - "SelectedBorderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutElementBorderStyle", - "markdownDescription": "The border style configuration of a free-form layout element. This border style is used when the element is selected.", - "title": "SelectedBorderStyle" - }, - "Visibility": { - "markdownDescription": "The visibility of an element within a free-form layout.", - "title": "Visibility", - "type": "string" - }, - "Width": { - "markdownDescription": "The width of an element within a free-form layout.", - "title": "Width", - "type": "string" + "required": [ + "Name", + "SubnetIds", + "VpcId" + ], + "type": "object" }, - "XAxisLocation": { - "markdownDescription": "The x-axis coordinate of the element.", - "title": "XAxisLocation", + "Type": { + "enum": [ + "AWS::OpenSearchServerless::VpcEndpoint" + ], "type": "string" }, - "YAxisLocation": { - "markdownDescription": "The y-axis coordinate of the element.", - "title": "YAxisLocation", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ElementId", - "ElementType", - "Height", - "Width", - "XAxisLocation", - "YAxisLocation" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.FreeFormLayoutElementBackgroundStyle": { + "AWS::OpenSearchService::Application": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The background color of a free-form layout element.", - "title": "Color", + "Condition": { "type": "string" }, - "Visibility": { - "markdownDescription": "The background visibility of a free-form layout element.", - "title": "Visibility", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AppConfigs": { + "items": { + "$ref": "#/definitions/AWS::OpenSearchService::Application.AppConfig" + }, + "markdownDescription": "", + "title": "AppConfigs", + "type": "array" + }, + "DataSources": { + "items": { + "$ref": "#/definitions/AWS::OpenSearchService::Application.DataSource" + }, + "markdownDescription": "", + "title": "DataSources", + "type": "array" + }, + "Endpoint": { + "markdownDescription": "The endpoint URL of an OpenSearch application.", + "title": "Endpoint", + "type": "string" + }, + "IamIdentityCenterOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Application.IamIdentityCenterOptions", + "markdownDescription": "Settings container for integrating IAM Identity Center with OpenSearch UI applications, which enables enabling secure user authentication and access control across multiple data sources. This setup supports single sign-on (SSO) through IAM Identity Center, allowing centralized user management.", + "title": "IamIdentityCenterOptions" + }, + "Name": { + "markdownDescription": "The name of an OpenSearch application.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::OpenSearchService::Application" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.FreeFormLayoutElementBorderStyle": { + "AWS::OpenSearchService::Application.AppConfig": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The border color of a free-form layout element.", - "title": "Color", + "Key": { + "markdownDescription": "The configuration item to set, such as the admin role for the OpenSearch application.", + "title": "Key", "type": "string" }, - "Visibility": { - "markdownDescription": "The border visibility of a free-form layout element.", - "title": "Visibility", + "Value": { + "markdownDescription": "The value assigned to the configuration key, such as an IAM user ARN.", + "title": "Value", "type": "string" } }, + "required": [ + "Key", + "Value" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.FreeFormLayoutScreenCanvasSizeOptions": { + "AWS::OpenSearchService::Application.DataSource": { "additionalProperties": false, "properties": { - "OptimizedViewPortWidth": { - "markdownDescription": "The width that the view port will be optimized for when the layout renders.", - "title": "OptimizedViewPortWidth", + "DataSourceArn": { + "markdownDescription": "", + "title": "DataSourceArn", + "type": "string" + }, + "DataSourceDescription": { + "markdownDescription": "Detailed description of a data source.", + "title": "DataSourceDescription", "type": "string" } }, "required": [ - "OptimizedViewPortWidth" + "DataSourceArn" ], "type": "object" }, - "AWS::QuickSight::Dashboard.FreeFormSectionLayoutConfiguration": { + "AWS::OpenSearchService::Application.IamIdentityCenterOptions": { "additionalProperties": false, "properties": { - "Elements": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutElement" - }, - "markdownDescription": "The elements that are included in the free-form layout.", - "title": "Elements", - "type": "array" + "Enabled": { + "markdownDescription": "Indicates whether IAM Identity Center is enabled for the OpenSearch application.", + "title": "Enabled", + "type": "boolean" + }, + "IamIdentityCenterInstanceArn": { + "markdownDescription": "", + "title": "IamIdentityCenterInstanceArn", + "type": "string" + }, + "IamRoleForIdentityCenterApplicationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role assigned to the IAM Identity Center application for the OpenSearch application.", + "title": "IamRoleForIdentityCenterApplicationArn", + "type": "string" } }, - "required": [ - "Elements" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.FunnelChartAggregatedFieldWells": { + "AWS::OpenSearchService::Domain": { "additionalProperties": false, "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The category field wells of a funnel chart. Values are grouped by category fields.", - "title": "Category", - "type": "array" + "Condition": { + "type": "string" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AccessPolicies": { + "markdownDescription": "An AWS Identity and Access Management ( IAM ) policy document that specifies who can access the OpenSearch Service domain and their permissions. For more information, see [Configuring access policies](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ac.html#ac-creating) in the *Amazon OpenSearch Service Developer Guide* .", + "title": "AccessPolicies", + "type": "object" + }, + "AdvancedOptions": { + "additionalProperties": true, + "markdownDescription": "Additional options to specify for the OpenSearch Service domain. For more information, see [AdvancedOptions](https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_CreateDomain.html#API_CreateDomain_RequestBody) in the OpenSearch Service API reference.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AdvancedOptions", + "type": "object" + }, + "AdvancedSecurityOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.AdvancedSecurityOptionsInput", + "markdownDescription": "Specifies options for fine-grained access control and SAML authentication.\n\nIf you specify advanced security options, you must also enable node-to-node encryption ( [NodeToNodeEncryptionOptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-nodetonodeencryptionoptions.html) ) and encryption at rest ( [EncryptionAtRestOptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-encryptionatrestoptions.html) ). You must also enable `EnforceHTTPS` within [DomainEndpointOptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-domainendpointoptions.html) , which requires HTTPS for all traffic to the domain.", + "title": "AdvancedSecurityOptions" + }, + "ClusterConfig": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.ClusterConfig", + "markdownDescription": "Container for the cluster configuration of a domain.", + "title": "ClusterConfig" + }, + "CognitoOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.CognitoOptions", + "markdownDescription": "Configures OpenSearch Service to use Amazon Cognito authentication for OpenSearch Dashboards.", + "title": "CognitoOptions" + }, + "DomainEndpointOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.DomainEndpointOptions", + "markdownDescription": "Specifies additional options for the domain endpoint, such as whether to require HTTPS for all traffic or whether to use a custom endpoint rather than the default endpoint.", + "title": "DomainEndpointOptions" + }, + "DomainName": { + "markdownDescription": "A name for the OpenSearch Service domain. The name must have a minimum length of 3 and a maximum length of 28. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the domain name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nRequired when creating a new domain.\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "DomainName", + "type": "string" + }, + "EBSOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.EBSOptions", + "markdownDescription": "The configurations of Amazon Elastic Block Store (Amazon EBS) volumes that are attached to data nodes in the OpenSearch Service domain. For more information, see [EBS volume size limits](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/limits.html#ebsresource) in the *Amazon OpenSearch Service Developer Guide* .", + "title": "EBSOptions" + }, + "EncryptionAtRestOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.EncryptionAtRestOptions", + "markdownDescription": "Whether the domain should encrypt data at rest, and if so, the AWS KMS key to use. See [Encryption of data at rest for Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/encryption-at-rest.html) .\n\nIf no encryption at rest options were initially specified in the template, updating this property by adding it causes no interruption. However, if you change this property after it's already been set within a template, the domain is deleted and recreated in order to modify the property.", + "title": "EncryptionAtRestOptions" + }, + "EngineVersion": { + "markdownDescription": "The version of OpenSearch to use. The value must be in the format `OpenSearch_X.Y` or `Elasticsearch_X.Y` . If not specified, the latest version of OpenSearch is used. For information about the versions that OpenSearch Service supports, see [Supported versions of OpenSearch and Elasticsearch](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/what-is.html#choosing-version) in the *Amazon OpenSearch Service Developer Guide* .\n\nIf you set the [EnableVersionUpgrade](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-upgradeopensearchdomain) update policy to `true` , you can update `EngineVersion` without interruption. When `EnableVersionUpgrade` is set to `false` , or is not specified, updating `EngineVersion` results in [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", + "title": "EngineVersion", + "type": "string" + }, + "IPAddressType": { + "markdownDescription": "Choose either dual stack or IPv4 as your IP address type. Dual stack allows you to share domain resources across IPv4 and IPv6 address types, and is the recommended option. If you set your IP address type to dual stack, you can't change your address type later.", + "title": "IPAddressType", + "type": "string" + }, + "IdentityCenterOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.IdentityCenterOptions", + "markdownDescription": "Configuration options for controlling IAM Identity Center integration within a domain.", + "title": "IdentityCenterOptions" + }, + "LogPublishingOptions": { + "additionalProperties": false, + "markdownDescription": "An object with one or more of the following keys: `SEARCH_SLOW_LOGS` , `ES_APPLICATION_LOGS` , `INDEX_SLOW_LOGS` , `AUDIT_LOGS` , depending on the types of logs you want to publish. Each key needs a valid `LogPublishingOption` value. For the full syntax, see the [examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-opensearchservice-domain.html#aws-resource-opensearchservice-domain--examples) .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.LogPublishingOption" + } + }, + "title": "LogPublishingOptions", + "type": "object" + }, + "NodeToNodeEncryptionOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.NodeToNodeEncryptionOptions", + "markdownDescription": "Specifies whether node-to-node encryption is enabled. See [Node-to-node encryption for Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ntn.html) .", + "title": "NodeToNodeEncryptionOptions" + }, + "OffPeakWindowOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.OffPeakWindowOptions", + "markdownDescription": "Options for a domain's off-peak window, during which OpenSearch Service can perform mandatory configuration changes on the domain.", + "title": "OffPeakWindowOptions" + }, + "SkipShardMigrationWait": { + "markdownDescription": "", + "title": "SkipShardMigrationWait", + "type": "boolean" + }, + "SnapshotOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.SnapshotOptions", + "markdownDescription": "*DEPRECATED* . The automated snapshot configuration for the OpenSearch Service domain indexes.", + "title": "SnapshotOptions" + }, + "SoftwareUpdateOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.SoftwareUpdateOptions", + "markdownDescription": "Service software update options for the domain.", + "title": "SoftwareUpdateOptions" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An arbitrary set of tags (key\u2013value pairs) to associate with the OpenSearch Service domain.", + "title": "Tags", + "type": "array" + }, + "VPCOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.VPCOptions", + "markdownDescription": "The virtual private cloud (VPC) configuration for the OpenSearch Service domain. For more information, see [Launching your Amazon OpenSearch Service domains within a VPC](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/vpc.html) in the *Amazon OpenSearch Service Developer Guide* .\n\nIf you remove this entity altogether, along with its associated properties, it causes a replacement. You might encounter this scenario if you're updating your security configuration from a VPC to a public endpoint.", + "title": "VPCOptions" + } }, - "markdownDescription": "The value field wells of a funnel chart. Values are aggregated based on categories.", - "title": "Values", - "type": "array" + "type": "object" + }, + "Type": { + "enum": [ + "AWS::OpenSearchService::Domain" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.FunnelChartConfiguration": { + "AWS::OpenSearchService::Domain.AdvancedSecurityOptionsInput": { "additionalProperties": false, "properties": { - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options of the categories that are displayed in a `FunnelChartVisual` .", - "title": "CategoryLabelOptions" + "AnonymousAuthDisableDate": { + "markdownDescription": "Date and time when the migration period will be disabled. Only necessary when [enabling fine-grained access control on an existing domain](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/fgac.html#fgac-enabling-existing) .", + "title": "AnonymousAuthDisableDate", + "type": "string" }, - "DataLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FunnelChartDataLabelOptions", - "markdownDescription": "The options that determine the presentation of the data labels.", - "title": "DataLabelOptions" + "AnonymousAuthEnabled": { + "markdownDescription": "True to enable a 30-day migration period during which administrators can create role mappings. Only necessary when [enabling fine-grained access control on an existing domain](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/fgac.html#fgac-enabling-existing) .", + "title": "AnonymousAuthEnabled", + "type": "boolean" }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FunnelChartFieldWells", - "markdownDescription": "The field well configuration of a `FunnelChartVisual` .", - "title": "FieldWells" + "Enabled": { + "markdownDescription": "True to enable fine-grained access control. You must also enable encryption of data at rest and node-to-node encryption. See [Fine-grained access control in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/fgac.html) .", + "title": "Enabled", + "type": "boolean" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FunnelChartSortConfiguration", - "markdownDescription": "The sort configuration of a `FunnelChartVisual` .", - "title": "SortConfiguration" + "InternalUserDatabaseEnabled": { + "markdownDescription": "True to enable the internal user database.", + "title": "InternalUserDatabaseEnabled", + "type": "boolean" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", - "markdownDescription": "The tooltip configuration of a `FunnelChartVisual` .", - "title": "Tooltip" + "JWTOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.JWTOptions", + "markdownDescription": "Container for information about the JWT configuration of the Amazon OpenSearch Service.", + "title": "JWTOptions" }, - "ValueLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options for the values that are displayed in a `FunnelChartVisual` .", - "title": "ValueLabelOptions" + "MasterUserOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.MasterUserOptions", + "markdownDescription": "Specifies information about the master user.", + "title": "MasterUserOptions" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", - "markdownDescription": "The visual palette configuration of a `FunnelChartVisual` .", - "title": "VisualPalette" + "SAMLOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.SAMLOptions", + "markdownDescription": "Container for information about the SAML configuration for OpenSearch Dashboards.", + "title": "SAMLOptions" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FunnelChartDataLabelOptions": { + "AWS::OpenSearchService::Domain.ClusterConfig": { "additionalProperties": false, "properties": { - "CategoryLabelVisibility": { - "markdownDescription": "The visibility of the category labels within the data labels.", - "title": "CategoryLabelVisibility", - "type": "string" + "ColdStorageOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.ColdStorageOptions", + "markdownDescription": "Container for cold storage configuration options.", + "title": "ColdStorageOptions" }, - "LabelColor": { - "markdownDescription": "The color of the data label text.", - "title": "LabelColor", - "type": "string" + "DedicatedMasterCount": { + "markdownDescription": "The number of instances to use for the master node. If you specify this property, you must specify `true` for the `DedicatedMasterEnabled` property.", + "title": "DedicatedMasterCount", + "type": "number" }, - "LabelFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", - "markdownDescription": "The font configuration for the data labels.\n\nOnly the `FontSize` attribute of the font configuration is used for data labels.", - "title": "LabelFontConfiguration" + "DedicatedMasterEnabled": { + "markdownDescription": "Indicates whether to use a dedicated master node for the OpenSearch Service domain. A dedicated master node is a cluster node that performs cluster management tasks, but doesn't hold data or respond to data upload requests. Dedicated master nodes offload cluster management tasks to increase the stability of your search clusters. See [Dedicated master nodes in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-dedicatedmasternodes.html) .", + "title": "DedicatedMasterEnabled", + "type": "boolean" }, - "MeasureDataLabelStyle": { - "markdownDescription": "Determines the style of the metric labels.", - "title": "MeasureDataLabelStyle", + "DedicatedMasterType": { + "markdownDescription": "The hardware configuration of the computer that hosts the dedicated master node, such as `m3.medium.search` . If you specify this property, you must specify `true` for the `DedicatedMasterEnabled` property. For valid values, see [Supported instance types in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/supported-instance-types.html) .", + "title": "DedicatedMasterType", "type": "string" }, - "MeasureLabelVisibility": { - "markdownDescription": "The visibility of the measure labels within the data labels.", - "title": "MeasureLabelVisibility", - "type": "string" + "InstanceCount": { + "markdownDescription": "The number of data nodes (instances) to use in the OpenSearch Service domain.", + "title": "InstanceCount", + "type": "number" }, - "Position": { - "markdownDescription": "Determines the positioning of the data label relative to a section of the funnel.", - "title": "Position", + "InstanceType": { + "markdownDescription": "The instance type for your data nodes, such as `m3.medium.search` . For valid values, see [Supported instance types in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/supported-instance-types.html) .", + "title": "InstanceType", "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility option that determines if data labels are displayed.", - "title": "Visibility", + "MultiAZWithStandbyEnabled": { + "markdownDescription": "Indicates whether Multi-AZ with Standby deployment option is enabled. For more information, see [Multi-AZ with Standby](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-multiaz.html#managedomains-za-standby) .", + "title": "MultiAZWithStandbyEnabled", + "type": "boolean" + }, + "NodeOptions": { + "items": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.NodeOption" + }, + "markdownDescription": "List of node options for the domain.", + "title": "NodeOptions", + "type": "array" + }, + "WarmCount": { + "markdownDescription": "The number of warm nodes in the cluster.", + "title": "WarmCount", + "type": "number" + }, + "WarmEnabled": { + "markdownDescription": "Whether to enable UltraWarm storage for the cluster. See [UltraWarm storage for Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ultrawarm.html) .", + "title": "WarmEnabled", + "type": "boolean" + }, + "WarmType": { + "markdownDescription": "The instance type for the cluster's warm nodes.", + "title": "WarmType", "type": "string" + }, + "ZoneAwarenessConfig": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.ZoneAwarenessConfig", + "markdownDescription": "Specifies zone awareness configuration options. Only use if `ZoneAwarenessEnabled` is `true` .", + "title": "ZoneAwarenessConfig" + }, + "ZoneAwarenessEnabled": { + "markdownDescription": "Indicates whether to enable zone awareness for the OpenSearch Service domain. When you enable zone awareness, OpenSearch Service allocates the nodes and replica index shards that belong to a cluster across two Availability Zones (AZs) in the same region to prevent data loss and minimize downtime in the event of node or data center failure. Don't enable zone awareness if your cluster has no replica index shards or is a single-node cluster. For more information, see [Configuring a multi-AZ domain in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-multiaz.html) .", + "title": "ZoneAwarenessEnabled", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FunnelChartFieldWells": { + "AWS::OpenSearchService::Domain.CognitoOptions": { "additionalProperties": false, "properties": { - "FunnelChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FunnelChartAggregatedFieldWells", - "markdownDescription": "The field well configuration of a `FunnelChartVisual` .", - "title": "FunnelChartAggregatedFieldWells" + "Enabled": { + "markdownDescription": "Whether to enable or disable Amazon Cognito authentication for OpenSearch Dashboards. See [Amazon Cognito authentication for OpenSearch Dashboards](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/cognito-auth.html) .", + "title": "Enabled", + "type": "boolean" + }, + "IdentityPoolId": { + "markdownDescription": "The Amazon Cognito identity pool ID that you want OpenSearch Service to use for OpenSearch Dashboards authentication.\n\nRequired if you enabled Cognito Authentication for OpenSearch Dashboards.", + "title": "IdentityPoolId", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The `AmazonOpenSearchServiceCognitoAccess` role that allows OpenSearch Service to configure your user pool and identity pool.\n\nRequired if you enabled Cognito Authentication for OpenSearch Dashboards.", + "title": "RoleArn", + "type": "string" + }, + "UserPoolId": { + "markdownDescription": "The Amazon Cognito user pool ID that you want OpenSearch Service to use for OpenSearch Dashboards authentication.\n\nRequired if you enabled Cognito Authentication for OpenSearch Dashboards.", + "title": "UserPoolId", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FunnelChartSortConfiguration": { + "AWS::OpenSearchService::Domain.ColdStorageOptions": { "additionalProperties": false, "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of categories displayed.", - "title": "CategoryItemsLimit" - }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the category fields.", - "title": "CategorySort", - "type": "array" + "Enabled": { + "markdownDescription": "Whether to enable or disable cold storage on the domain. You must enable UltraWarm storage to enable cold storage.", + "title": "Enabled", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FunnelChartVisual": { + "AWS::OpenSearchService::Domain.DomainEndpointOptions": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FunnelChartConfiguration", - "markdownDescription": "The configuration of a `FunnelChartVisual` .", - "title": "ChartConfiguration" + "CustomEndpoint": { + "markdownDescription": "The fully qualified URL for your custom endpoint. Required if you enabled a custom endpoint for the domain.", + "title": "CustomEndpoint", + "type": "string" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "CustomEndpointCertificateArn": { + "markdownDescription": "The AWS Certificate Manager ARN for your domain's SSL/TLS certificate. Required if you enabled a custom endpoint for the domain.", + "title": "CustomEndpointCertificateArn", + "type": "string" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "CustomEndpointEnabled": { + "markdownDescription": "True to enable a custom endpoint for the domain. If enabled, you must also provide values for `CustomEndpoint` and `CustomEndpointCertificateArn` .", + "title": "CustomEndpointEnabled", + "type": "boolean" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "EnforceHTTPS": { + "markdownDescription": "True to require that all traffic to the domain arrive over HTTPS. Required if you enable fine-grained access control in [AdvancedSecurityOptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .", + "title": "EnforceHTTPS", + "type": "boolean" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "TLSSecurityPolicy": { + "markdownDescription": "The minimum TLS version required for traffic to the domain. The policy can be one of the following values:\n\n- *Policy-Min-TLS-1-0-2019-07:* TLS security policy that supports TLS version 1.0 to TLS version 1.2\n- *Policy-Min-TLS-1-2-2019-07:* TLS security policy that supports only TLS version 1.2\n- *Policy-Min-TLS-1-2-PFS-2023-10:* TLS security policy that supports TLS version 1.2 to TLS version 1.3 with perfect forward secrecy cipher suites", + "title": "TLSSecurityPolicy", "type": "string" } }, - "required": [ - "VisualId" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.GaugeChartArcConditionalFormatting": { - "additionalProperties": false, - "properties": { - "ForegroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the arc foreground color.", - "title": "ForegroundColor" - } - }, "type": "object" }, - "AWS::QuickSight::Dashboard.GaugeChartConditionalFormatting": { + "AWS::OpenSearchService::Domain.EBSOptions": { "additionalProperties": false, "properties": { - "ConditionalFormattingOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartConditionalFormattingOption" - }, - "markdownDescription": "Conditional formatting options of a `GaugeChartVisual` .", - "title": "ConditionalFormattingOptions", - "type": "array" + "EBSEnabled": { + "markdownDescription": "Specifies whether Amazon EBS volumes are attached to data nodes in the OpenSearch Service domain.", + "title": "EBSEnabled", + "type": "boolean" + }, + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS) that the volume supports. This property applies only to the `gp3` and provisioned IOPS EBS volume types.", + "title": "Iops", + "type": "number" + }, + "Throughput": { + "markdownDescription": "The throughput (in MiB/s) of the EBS volumes attached to data nodes. Applies only to the `gp3` volume type.", + "title": "Throughput", + "type": "number" + }, + "VolumeSize": { + "markdownDescription": "The size (in GiB) of the EBS volume for each data node. The minimum and maximum size of an EBS volume depends on the EBS volume type and the instance type to which it is attached. For more information, see [EBS volume size limits](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/limits.html#ebsresource) in the *Amazon OpenSearch Service Developer Guide* .", + "title": "VolumeSize", + "type": "number" + }, + "VolumeType": { + "markdownDescription": "The EBS volume type to use with the OpenSearch Service domain. If you choose `gp3` , you must also specify values for `Iops` and `Throughput` . For more information about each type, see [Amazon EBS volume types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) in the *Amazon EC2 User Guide for Linux Instances* .", + "title": "VolumeType", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.GaugeChartConditionalFormattingOption": { + "AWS::OpenSearchService::Domain.EncryptionAtRestOptions": { "additionalProperties": false, "properties": { - "Arc": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartArcConditionalFormatting", - "markdownDescription": "The options that determine the presentation of the arc of a `GaugeChartVisual` .", - "title": "Arc" + "Enabled": { + "markdownDescription": "Specify `true` to enable encryption at rest. Required if you enable fine-grained access control in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .\n\nIf no encryption at rest options were initially specified in the template, updating this property by adding it causes no interruption. However, if you change this property after it's already been set within a template, the domain is deleted and recreated in order to modify the property.", + "title": "Enabled", + "type": "boolean" }, - "PrimaryValue": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartPrimaryValueConditionalFormatting", - "markdownDescription": "The conditional formatting for the primary value of a `GaugeChartVisual` .", - "title": "PrimaryValue" + "KmsKeyId": { + "markdownDescription": "The KMS key ID. Takes the form `1a2a3a4-1a2a-3a4a-5a6a-1a2a3a4a5a6a` . Required if you enable encryption at rest.\n\nYou can also use `keyAlias` as a value.\n\nIf no encryption at rest options were initially specified in the template, updating this property by adding it causes no interruption. However, if you change this property after it's already been set within a template, the domain is deleted and recreated in order to modify the property.", + "title": "KmsKeyId", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.GaugeChartConfiguration": { + "AWS::OpenSearchService::Domain.IdentityCenterOptions": { "additionalProperties": false, "properties": { - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", - "markdownDescription": "The data label configuration of a `GaugeChartVisual` .", - "title": "DataLabels" + "EnabledAPIAccess": { + "markdownDescription": "Indicates whether IAM Identity Center is enabled for the application.", + "title": "EnabledAPIAccess", + "type": "boolean" }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartFieldWells", - "markdownDescription": "The field well configuration of a `GaugeChartVisual` .", - "title": "FieldWells" + "IdentityCenterApplicationARN": { + "markdownDescription": "The ARN of the IAM Identity Center application that integrates with Amazon OpenSearch Service.", + "title": "IdentityCenterApplicationARN", + "type": "string" }, - "GaugeChartOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartOptions", - "markdownDescription": "The options that determine the presentation of the `GaugeChartVisual` .", - "title": "GaugeChartOptions" + "IdentityCenterInstanceARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM Identity Center instance.", + "title": "IdentityCenterInstanceARN", + "type": "string" }, - "TooltipOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", - "markdownDescription": "The tooltip configuration of a `GaugeChartVisual` .", - "title": "TooltipOptions" + "IdentityStoreId": { + "markdownDescription": "The identifier of the IAM Identity Store.", + "title": "IdentityStoreId", + "type": "string" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", - "markdownDescription": "The visual palette configuration of a `GaugeChartVisual` .", - "title": "VisualPalette" + "RolesKey": { + "markdownDescription": "Specifies the attribute that contains the backend role identifier (such as group name or group ID) in IAM Identity Center.", + "title": "RolesKey", + "type": "string" + }, + "SubjectKey": { + "markdownDescription": "Specifies the attribute that contains the subject identifier (such as username, user ID, or email) in IAM Identity Center.", + "title": "SubjectKey", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.GaugeChartFieldWells": { + "AWS::OpenSearchService::Domain.Idp": { "additionalProperties": false, "properties": { - "TargetValues": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The target value field wells of a `GaugeChartVisual` .", - "title": "TargetValues", - "type": "array" + "EntityId": { + "markdownDescription": "The unique entity ID of the application in the SAML identity provider.", + "title": "EntityId", + "type": "string" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The value field wells of a `GaugeChartVisual` .", - "title": "Values", - "type": "array" + "MetadataContent": { + "markdownDescription": "The metadata of the SAML application, in XML format.", + "title": "MetadataContent", + "type": "string" } }, + "required": [ + "EntityId", + "MetadataContent" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.GaugeChartOptions": { + "AWS::OpenSearchService::Domain.JWTOptions": { "additionalProperties": false, "properties": { - "Arc": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ArcConfiguration", - "markdownDescription": "The arc configuration of a `GaugeChartVisual` .", - "title": "Arc" - }, - "ArcAxis": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ArcAxisConfiguration", - "markdownDescription": "The arc axis configuration of a `GaugeChartVisual` .", - "title": "ArcAxis" + "Enabled": { + "markdownDescription": "", + "title": "Enabled", + "type": "boolean" }, - "Comparison": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComparisonConfiguration", - "markdownDescription": "The comparison configuration of a `GaugeChartVisual` .", - "title": "Comparison" + "PublicKey": { + "markdownDescription": "", + "title": "PublicKey", + "type": "string" }, - "PrimaryValueDisplayType": { - "markdownDescription": "The options that determine the primary value display type.", - "title": "PrimaryValueDisplayType", + "RolesKey": { + "markdownDescription": "", + "title": "RolesKey", "type": "string" }, - "PrimaryValueFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", - "markdownDescription": "The options that determine the primary value font configuration.", - "title": "PrimaryValueFontConfiguration" + "SubjectKey": { + "markdownDescription": "", + "title": "SubjectKey", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.GaugeChartPrimaryValueConditionalFormatting": { + "AWS::OpenSearchService::Domain.LogPublishingOption": { "additionalProperties": false, "properties": { - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting of the primary value icon.", - "title": "Icon" + "CloudWatchLogsLogGroupArn": { + "markdownDescription": "Specifies the CloudWatch log group to publish to. Required if you enable log publishing.", + "title": "CloudWatchLogsLogGroupArn", + "type": "string" }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the primary value text color.", - "title": "TextColor" + "Enabled": { + "markdownDescription": "If `true` , enables the publishing of logs to CloudWatch.\n\nDefault: `false` .", + "title": "Enabled", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.GaugeChartVisual": { + "AWS::OpenSearchService::Domain.MasterUserOptions": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartConfiguration", - "markdownDescription": "The configuration of a `GaugeChartVisual` .", - "title": "ChartConfiguration" - }, - "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartConditionalFormatting", - "markdownDescription": "The conditional formatting of a `GaugeChartVisual` .", - "title": "ConditionalFormatting" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "MasterUserARN": { + "markdownDescription": "Amazon Resource Name (ARN) for the master user. The ARN can point to an IAM user or role. This property is required for Amazon Cognito to work, and it must match the role configured for Cognito. Only specify if `InternalUserDatabaseEnabled` is false in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .", + "title": "MasterUserARN", + "type": "string" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "MasterUserName": { + "markdownDescription": "Username for the master user. Only specify if `InternalUserDatabaseEnabled` is true in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .\n\nIf you don't want to specify this value directly within the template, you can use a [dynamic reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html) instead.", + "title": "MasterUserName", + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "MasterUserPassword": { + "markdownDescription": "Password for the master user. Only specify if `InternalUserDatabaseEnabled` is true in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .\n\nIf you don't want to specify this value directly within the template, you can use a [dynamic reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html) instead.", + "title": "MasterUserPassword", "type": "string" } }, - "required": [ - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.GeospatialCoordinateBounds": { + "AWS::OpenSearchService::Domain.NodeConfig": { "additionalProperties": false, "properties": { - "East": { - "markdownDescription": "The longitude of the east bound of the geospatial coordinate bounds.", - "title": "East", - "type": "number" - }, - "North": { - "markdownDescription": "The latitude of the north bound of the geospatial coordinate bounds.", - "title": "North", + "Count": { + "markdownDescription": "The number of nodes of a specific type within the cluster.", + "title": "Count", "type": "number" }, - "South": { - "markdownDescription": "The latitude of the south bound of the geospatial coordinate bounds.", - "title": "South", - "type": "number" + "Enabled": { + "markdownDescription": "A boolean value indicating whether a specific node type is active or inactive.", + "title": "Enabled", + "type": "boolean" }, - "West": { - "markdownDescription": "The longitude of the west bound of the geospatial coordinate bounds.", - "title": "West", - "type": "number" + "Type": { + "markdownDescription": "The instance type of a particular node within the cluster.", + "title": "Type", + "type": "string" } }, - "required": [ - "East", - "North", - "South", - "West" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.GeospatialHeatmapColorScale": { + "AWS::OpenSearchService::Domain.NodeOption": { "additionalProperties": false, "properties": { - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialHeatmapDataColor" - }, - "markdownDescription": "The list of colors to be used in heatmap point style.", - "title": "Colors", - "type": "array" + "NodeConfig": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.NodeConfig", + "markdownDescription": "Configuration options for defining the setup of any node type.", + "title": "NodeConfig" + }, + "NodeType": { + "markdownDescription": "Defines the type of node, such as coordinating nodes.", + "title": "NodeType", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.GeospatialHeatmapConfiguration": { + "AWS::OpenSearchService::Domain.NodeToNodeEncryptionOptions": { "additionalProperties": false, "properties": { - "HeatmapColor": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialHeatmapColorScale", - "markdownDescription": "The color scale specification for the heatmap point style.", - "title": "HeatmapColor" + "Enabled": { + "markdownDescription": "Specifies to enable or disable node-to-node encryption on the domain. Required if you enable fine-grained access control in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .", + "title": "Enabled", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.GeospatialHeatmapDataColor": { + "AWS::OpenSearchService::Domain.OffPeakWindow": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The hex color to be used in the heatmap point style.", - "title": "Color", - "type": "string" + "WindowStartTime": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.WindowStartTime", + "markdownDescription": "The desired start time for an off-peak maintenance window.", + "title": "WindowStartTime" } }, - "required": [ - "Color" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.GeospatialMapAggregatedFieldWells": { + "AWS::OpenSearchService::Domain.OffPeakWindowOptions": { "additionalProperties": false, "properties": { - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The color field wells of a geospatial map.", - "title": "Colors", - "type": "array" - }, - "Geospatial": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The geospatial field wells of a geospatial map. Values are grouped by geospatial fields.", - "title": "Geospatial", - "type": "array" + "Enabled": { + "markdownDescription": "Specifies whether off-peak window settings are enabled for the domain.", + "title": "Enabled", + "type": "boolean" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The size field wells of a geospatial map. Values are aggregated based on geospatial fields.", - "title": "Values", - "type": "array" + "OffPeakWindow": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.OffPeakWindow", + "markdownDescription": "Off-peak window settings for the domain.", + "title": "OffPeakWindow" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.GeospatialMapConfiguration": { + "AWS::OpenSearchService::Domain.SAMLOptions": { "additionalProperties": false, "properties": { - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" + "Enabled": { + "markdownDescription": "True to enable SAML authentication for a domain.", + "title": "Enabled", + "type": "boolean" }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" + "Idp": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.Idp", + "markdownDescription": "The SAML Identity Provider's information.", + "title": "Idp" }, - "MapStyleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapStyleOptions", - "markdownDescription": "The map style options of the geospatial map.", - "title": "MapStyleOptions" + "MasterBackendRole": { + "markdownDescription": "The backend role that the SAML master user is mapped to.", + "title": "MasterBackendRole", + "type": "string" }, - "PointStyleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialPointStyleOptions", - "markdownDescription": "The point style options of the geospatial map.", - "title": "PointStyleOptions" + "MasterUserName": { + "markdownDescription": "The SAML master user name, which is stored in the domain's internal user database.", + "title": "MasterUserName", + "type": "string" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" + "RolesKey": { + "markdownDescription": "Element of the SAML assertion to use for backend roles. Default is `roles` .", + "title": "RolesKey", + "type": "string" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", - "markdownDescription": "", - "title": "VisualPalette" + "SessionTimeoutMinutes": { + "markdownDescription": "The duration, in minutes, after which a user session becomes inactive. Acceptable values are between 1 and 1440, and the default value is 60.", + "title": "SessionTimeoutMinutes", + "type": "number" }, - "WindowOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialWindowOptions", - "markdownDescription": "The window options of the geospatial map.", - "title": "WindowOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.GeospatialMapFieldWells": { - "additionalProperties": false, - "properties": { - "GeospatialMapAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapAggregatedFieldWells", - "markdownDescription": "The aggregated field well for a geospatial map.", - "title": "GeospatialMapAggregatedFieldWells" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.GeospatialMapStyleOptions": { - "additionalProperties": false, - "properties": { - "BaseMapStyle": { - "markdownDescription": "The base map style of the geospatial map.", - "title": "BaseMapStyle", + "SubjectKey": { + "markdownDescription": "Element of the SAML assertion to use for the user name. Default is `NameID` .", + "title": "SubjectKey", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.GeospatialMapVisual": { + "AWS::OpenSearchService::Domain.ServiceSoftwareOptions": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "AutomatedUpdateDate": { + "markdownDescription": "The timestamp, in Epoch time, until which you can manually request a service software update. After this date, we automatically update your service software.", + "title": "AutomatedUpdateDate", + "type": "string" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "Cancellable": { + "markdownDescription": "True if you're able to cancel your service software version update. False if you can't cancel your service software update.", + "title": "Cancellable", + "type": "boolean" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "CurrentVersion": { + "markdownDescription": "The current service software version present on the domain.", + "title": "CurrentVersion", + "type": "string" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Description": { + "markdownDescription": "A description of the service software update status.", + "title": "Description", + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "NewVersion": { + "markdownDescription": "The new service software version, if one is available.", + "title": "NewVersion", "type": "string" - } - }, - "required": [ - "VisualId" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.GeospatialPointStyleOptions": { - "additionalProperties": false, - "properties": { - "ClusterMarkerConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ClusterMarkerConfiguration", - "markdownDescription": "The cluster marker configuration of the geospatial point style.", - "title": "ClusterMarkerConfiguration" }, - "HeatmapConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialHeatmapConfiguration", - "markdownDescription": "The heatmap configuration of the geospatial point style.", - "title": "HeatmapConfiguration" + "OptionalDeployment": { + "markdownDescription": "True if a service software is never automatically updated. False if a service software is automatically updated after the automated update date.", + "title": "OptionalDeployment", + "type": "boolean" }, - "SelectedPointStyle": { - "markdownDescription": "The selected point styles (point, cluster) of the geospatial map.", - "title": "SelectedPointStyle", + "UpdateAvailable": { + "markdownDescription": "True if you're able to update your service software version. False if you can't update your service software version.", + "title": "UpdateAvailable", + "type": "boolean" + }, + "UpdateStatus": { + "markdownDescription": "The status of your service software update.", + "title": "UpdateStatus", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.GeospatialWindowOptions": { + "AWS::OpenSearchService::Domain.SnapshotOptions": { "additionalProperties": false, "properties": { - "Bounds": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialCoordinateBounds", - "markdownDescription": "The bounds options (north, south, west, east) of the geospatial window options.", - "title": "Bounds" - }, - "MapZoomMode": { - "markdownDescription": "The map zoom modes (manual, auto) of the geospatial window options.", - "title": "MapZoomMode", - "type": "string" + "AutomatedSnapshotStartHour": { + "markdownDescription": "The hour in UTC during which the service takes an automated daily snapshot of the indexes in the OpenSearch Service domain. For example, if you specify 0, OpenSearch Service takes an automated snapshot everyday between midnight and 1 am. You can specify a value between 0 and 23.", + "title": "AutomatedSnapshotStartHour", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.GlobalTableBorderOptions": { + "AWS::OpenSearchService::Domain.SoftwareUpdateOptions": { "additionalProperties": false, "properties": { - "SideSpecificBorder": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableSideBorderOptions", - "markdownDescription": "Determines the options for side specific border.", - "title": "SideSpecificBorder" - }, - "UniformBorder": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", - "markdownDescription": "Determines the options for uniform border.", - "title": "UniformBorder" + "AutoSoftwareUpdateEnabled": { + "markdownDescription": "Specifies whether automatic service software updates are enabled for the domain.", + "title": "AutoSoftwareUpdateEnabled", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.GradientColor": { + "AWS::OpenSearchService::Domain.VPCOptions": { "additionalProperties": false, "properties": { - "Stops": { + "SecurityGroupIds": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GradientStop" + "type": "string" }, - "markdownDescription": "The list of gradient color stops.", - "title": "Stops", + "markdownDescription": "The list of security group IDs that are associated with the VPC endpoints for the domain. If you don't provide a security group ID, OpenSearch Service uses the default security group for the VPC. To learn more, see [Security groups for your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) in the *Amazon VPC User Guide* .", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "Provide one subnet ID for each Availability Zone that your domain uses. For example, you must specify three subnet IDs for a three-AZ domain. To learn more, see [VPCs and subnets](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) in the *Amazon VPC User Guide* .\n\nIf you specify more than one subnet, you must also configure `ZoneAwarenessEnabled` and `ZoneAwarenessConfig` within [ClusterConfig](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-clusterconfig.html) , otherwise you'll see the error \"You must specify exactly one subnet\" during template creation.", + "title": "SubnetIds", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.GradientStop": { + "AWS::OpenSearchService::Domain.WindowStartTime": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "Determines the color.", - "title": "Color", - "type": "string" - }, - "DataValue": { - "markdownDescription": "Determines the data value.", - "title": "DataValue", + "Hours": { + "markdownDescription": "The start hour of the window in Coordinated Universal Time (UTC), using 24-hour time. For example, 17 refers to 5:00 P.M. UTC. The minimum value is 0 and the maximum value is 23.", + "title": "Hours", "type": "number" }, - "GradientOffset": { - "markdownDescription": "Determines gradient offset value.", - "title": "GradientOffset", + "Minutes": { + "markdownDescription": "The start minute of the window, in UTC. The minimum value is 0 and the maximum value is 59.", + "title": "Minutes", "type": "number" } }, "required": [ - "GradientOffset" + "Hours", + "Minutes" ], "type": "object" }, - "AWS::QuickSight::Dashboard.GridLayoutCanvasSizeOptions": { + "AWS::OpenSearchService::Domain.ZoneAwarenessConfig": { "additionalProperties": false, "properties": { - "ScreenCanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GridLayoutScreenCanvasSizeOptions", - "markdownDescription": "The options that determine the sizing of the canvas used in a grid layout.", - "title": "ScreenCanvasSizeOptions" + "AvailabilityZoneCount": { + "markdownDescription": "If you enabled multiple Availability Zones (AZs), the number of AZs that you want the domain to use.\n\nValid values are `2` and `3` . Default is 2.", + "title": "AvailabilityZoneCount", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.GridLayoutConfiguration": { + "AWS::OpsWorks::App": { "additionalProperties": false, "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GridLayoutCanvasSizeOptions", - "markdownDescription": "", - "title": "CanvasSizeOptions" + "Condition": { + "type": "string" }, - "Elements": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GridLayoutElement" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AppSource": { + "$ref": "#/definitions/AWS::OpsWorks::App.Source", + "markdownDescription": "A `Source` object that specifies the app repository.", + "title": "AppSource" + }, + "Attributes": { + "additionalProperties": true, + "markdownDescription": "One or more user-defined key/value pairs to be added to the stack attributes.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Attributes", + "type": "object" + }, + "DataSources": { + "items": { + "$ref": "#/definitions/AWS::OpsWorks::App.DataSource" + }, + "markdownDescription": "The app's data source.", + "title": "DataSources", + "type": "array" + }, + "Description": { + "markdownDescription": "A description of the app.", + "title": "Description", + "type": "string" + }, + "Domains": { + "items": { + "type": "string" + }, + "markdownDescription": "The app virtual host settings, with multiple domains separated by commas. For example: `'www.example.com, example.com'`", + "title": "Domains", + "type": "array" + }, + "EnableSsl": { + "markdownDescription": "Whether to enable SSL for the app.", + "title": "EnableSsl", + "type": "boolean" + }, + "Environment": { + "items": { + "$ref": "#/definitions/AWS::OpsWorks::App.EnvironmentVariable" + }, + "markdownDescription": "An array of `EnvironmentVariable` objects that specify environment variables to be associated with the app. After you deploy the app, these variables are defined on the associated app server instance. For more information, see [Environment Variables](https://docs.aws.amazon.com/opsworks/latest/userguide/workingapps-creating.html#workingapps-creating-environment) .\n\nThere is no specific limit on the number of environment variables. However, the size of the associated data structure - which includes the variables' names, values, and protected flag values - cannot exceed 20 KB. This limit should accommodate most if not all use cases. Exceeding it will cause an exception with the message, \"Environment: is too large (maximum is 20KB).\"\n\n> If you have specified one or more environment variables, you cannot modify the stack's Chef version.", + "title": "Environment", + "type": "array" + }, + "Name": { + "markdownDescription": "The app name.", + "title": "Name", + "type": "string" + }, + "Shortname": { + "markdownDescription": "The app's short name.", + "title": "Shortname", + "type": "string" + }, + "SslConfiguration": { + "$ref": "#/definitions/AWS::OpsWorks::App.SslConfiguration", + "markdownDescription": "An `SslConfiguration` object with the SSL configuration.", + "title": "SslConfiguration" + }, + "StackId": { + "markdownDescription": "The stack ID.", + "title": "StackId", + "type": "string" + }, + "Type": { + "markdownDescription": "The app type. Each supported type is associated with a particular layer. For example, PHP applications are associated with a PHP layer. AWS OpsWorks Stacks deploys an application to those instances that are members of the corresponding layer. If your app isn't one of the standard types, or you prefer to implement your own Deploy recipes, specify `other` .", + "title": "Type", + "type": "string" + } }, - "markdownDescription": "The elements that are included in a grid layout.", - "title": "Elements", - "type": "array" + "required": [ + "Name", + "StackId", + "Type" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::OpsWorks::App" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Elements" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.GridLayoutElement": { + "AWS::OpsWorks::App.DataSource": { "additionalProperties": false, "properties": { - "ColumnIndex": { - "markdownDescription": "The column index for the upper left corner of an element.", - "title": "ColumnIndex", - "type": "number" - }, - "ColumnSpan": { - "markdownDescription": "The width of a grid element expressed as a number of grid columns.", - "title": "ColumnSpan", - "type": "number" - }, - "ElementId": { - "markdownDescription": "A unique identifier for an element within a grid layout.", - "title": "ElementId", + "Arn": { + "markdownDescription": "The data source's ARN.", + "title": "Arn", "type": "string" }, - "ElementType": { - "markdownDescription": "The type of element.", - "title": "ElementType", + "DatabaseName": { + "markdownDescription": "The database name.", + "title": "DatabaseName", "type": "string" }, - "RowIndex": { - "markdownDescription": "The row index for the upper left corner of an element.", - "title": "RowIndex", - "type": "number" - }, - "RowSpan": { - "markdownDescription": "The height of a grid element expressed as a number of grid rows.", - "title": "RowSpan", - "type": "number" + "Type": { + "markdownDescription": "The data source's type, `AutoSelectOpsworksMysqlInstance` , `OpsworksMysqlInstance` , `RdsDbInstance` , or `None` .", + "title": "Type", + "type": "string" } }, - "required": [ - "ColumnSpan", - "ElementId", - "ElementType", - "RowSpan" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.GridLayoutScreenCanvasSizeOptions": { + "AWS::OpsWorks::App.EnvironmentVariable": { "additionalProperties": false, "properties": { - "OptimizedViewPortWidth": { - "markdownDescription": "The width that the view port will be optimized for when the layout renders.", - "title": "OptimizedViewPortWidth", + "Key": { + "markdownDescription": "(Required) The environment variable's name, which can consist of up to 64 characters and must be specified. The name can contain upper- and lowercase letters, numbers, and underscores (_), but it must start with a letter or underscore.", + "title": "Key", "type": "string" }, - "ResizeOption": { - "markdownDescription": "This value determines the layout behavior when the viewport is resized.\n\n- `FIXED` : A fixed width will be used when optimizing the layout. In the Amazon QuickSight console, this option is called `Classic` .\n- `RESPONSIVE` : The width of the canvas will be responsive and optimized to the view port. In the Amazon QuickSight console, this option is called `Tiled` .", - "title": "ResizeOption", + "Secure": { + "markdownDescription": "(Optional) Whether the variable's value is returned by the `DescribeApps` action. To hide an environment variable's value, set `Secure` to `true` . `DescribeApps` returns `*****FILTERED*****` instead of the actual value. The default value for `Secure` is `false` .", + "title": "Secure", + "type": "boolean" + }, + "Value": { + "markdownDescription": "(Optional) The environment variable's value, which can be left empty. If you specify a value, it can contain up to 256 characters, which must all be printable.", + "title": "Value", "type": "string" } }, "required": [ - "ResizeOption" + "Key", + "Value" ], "type": "object" }, - "AWS::QuickSight::Dashboard.GrowthRateComputation": { + "AWS::OpsWorks::App.Source": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", + "Password": { + "markdownDescription": "When included in a request, the parameter depends on the repository type.\n\n- For Amazon S3 bundles, set `Password` to the appropriate IAM secret access key.\n- For HTTP bundles and Subversion repositories, set `Password` to the password.\n\nFor more information on how to safely handle IAM credentials, see [](https://docs.aws.amazon.com/general/latest/gr/aws-access-keys-best-practices.html) .\n\nIn responses, AWS OpsWorks Stacks returns `*****FILTERED*****` instead of the actual value.", + "title": "Password", "type": "string" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "Revision": { + "markdownDescription": "The application's version. AWS OpsWorks Stacks enables you to easily deploy new versions of an application. One of the simplest approaches is to have branches or revisions in your repository that represent different versions that can potentially be deployed.", + "title": "Revision", "type": "string" }, - "PeriodSize": { - "markdownDescription": "The period size setup of a growth rate computation.", - "title": "PeriodSize", - "type": "number" - }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" + "SshKey": { + "markdownDescription": "In requests, the repository's SSH key.\n\nIn responses, AWS OpsWorks Stacks returns `*****FILTERED*****` instead of the actual value.", + "title": "SshKey", + "type": "string" }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" - } - }, - "required": [ - "ComputationId" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.HeaderFooterSectionConfiguration": { - "additionalProperties": false, - "properties": { - "Layout": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionLayoutConfiguration", - "markdownDescription": "The layout configuration of the header or footer section.", - "title": "Layout" + "Type": { + "markdownDescription": "The repository type.", + "title": "Type", + "type": "string" }, - "SectionId": { - "markdownDescription": "The unique identifier of the header or footer section.", - "title": "SectionId", + "Url": { + "markdownDescription": "The source URL. The following is an example of an Amazon S3 source URL: `https://s3.amazonaws.com/opsworks-demo-bucket/opsworks_cookbook_demo.tar.gz` .", + "title": "Url", "type": "string" }, - "Style": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionStyle", - "markdownDescription": "The style options of a header or footer section.", - "title": "Style" + "Username": { + "markdownDescription": "This parameter depends on the repository type.\n\n- For Amazon S3 bundles, set `Username` to the appropriate IAM access key ID.\n- For HTTP bundles, Git repositories, and Subversion repositories, set `Username` to the user name.", + "title": "Username", + "type": "string" } }, - "required": [ - "Layout", - "SectionId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.HeatMapAggregatedFieldWells": { + "AWS::OpsWorks::App.SslConfiguration": { "additionalProperties": false, "properties": { - "Columns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The columns field well of a heat map.", - "title": "Columns", - "type": "array" + "Certificate": { + "markdownDescription": "The contents of the certificate's domain.crt file.", + "title": "Certificate", + "type": "string" }, - "Rows": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The rows field well of a heat map.", - "title": "Rows", - "type": "array" + "Chain": { + "markdownDescription": "Optional. Can be used to specify an intermediate certificate authority key or client authentication.", + "title": "Chain", + "type": "string" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The values field well of a heat map.", - "title": "Values", - "type": "array" + "PrivateKey": { + "markdownDescription": "The private key; the contents of the certificate's domain.kex file.", + "title": "PrivateKey", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.HeatMapConfiguration": { + "AWS::OpsWorks::ElasticLoadBalancerAttachment": { "additionalProperties": false, "properties": { - "ColorScale": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColorScale", - "markdownDescription": "The color options (gradient color, point of divergence) in a heat map.", - "title": "ColorScale" - }, - "ColumnLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options of the column that is displayed in a heat map.", - "title": "ColumnLabelOptions" + "Condition": { + "type": "string" }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.", - "title": "DataLabels" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeatMapFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" + "Metadata": { + "type": "object" }, - "RowLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options of the row that is displayed in a `heat map` .", - "title": "RowLabelOptions" + "Properties": { + "additionalProperties": false, + "properties": { + "ElasticLoadBalancerName": { + "markdownDescription": "The Elastic Load Balancing instance name.", + "title": "ElasticLoadBalancerName", + "type": "string" + }, + "LayerId": { + "markdownDescription": "The AWS OpsWorks layer ID to which the Elastic Load Balancing load balancer is attached.", + "title": "LayerId", + "type": "string" + } + }, + "required": [ + "ElasticLoadBalancerName", + "LayerId" + ], + "type": "object" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeatMapSortConfiguration", - "markdownDescription": "The sort configuration of a heat map.", - "title": "SortConfiguration" + "Type": { + "enum": [ + "AWS::OpsWorks::ElasticLoadBalancerAttachment" + ], + "type": "string" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.HeatMapFieldWells": { - "additionalProperties": false, - "properties": { - "HeatMapAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeatMapAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a heat map.", - "title": "HeatMapAggregatedFieldWells" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.HeatMapSortConfiguration": { + "AWS::OpsWorks::Instance": { "additionalProperties": false, "properties": { - "HeatMapColumnItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of columns that are displayed in a heat map.", - "title": "HeatMapColumnItemsLimitConfiguration" - }, - "HeatMapColumnSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The column sort configuration for heat map for columns that aren't a part of a field well.", - "title": "HeatMapColumnSort", - "type": "array" + "Condition": { + "type": "string" }, - "HeatMapRowItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of rows that are displayed in a heat map.", - "title": "HeatMapRowItemsLimitConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "HeatMapRowSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The field sort configuration of the rows fields.", - "title": "HeatMapRowSort", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.HeatMapVisual": { - "additionalProperties": false, - "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeatMapConfiguration", - "markdownDescription": "The configuration of a heat map.", - "title": "ChartConfiguration" + "Metadata": { + "type": "object" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + "Properties": { + "additionalProperties": false, + "properties": { + "AgentVersion": { + "markdownDescription": "The default AWS OpsWorks Stacks agent version. You have the following options:\n\n- `INHERIT` - Use the stack's default agent version setting.\n- *version_number* - Use the specified agent version. This value overrides the stack's default setting. To update the agent version, edit the instance configuration and specify a new version. AWS OpsWorks Stacks installs that version on the instance.\n\nThe default setting is `INHERIT` . To specify an agent version, you must use the complete version number, not the abbreviated number shown on the console. For a list of available agent version numbers, call `DescribeAgentVersions` . AgentVersion cannot be set to Chef 12.2.", + "title": "AgentVersion", + "type": "string" + }, + "AmiId": { + "markdownDescription": "A custom AMI ID to be used to create the instance. The AMI should be based on one of the supported operating systems. For more information, see [Using Custom AMIs](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-custom-ami.html) .\n\n> If you specify a custom AMI, you must set `Os` to `Custom` .", + "title": "AmiId", + "type": "string" + }, + "Architecture": { + "markdownDescription": "The instance architecture. The default option is `x86_64` . Instance types do not necessarily support both architectures. For a list of the architectures that are supported by the different instance types, see [Instance Families and Types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) .", + "title": "Architecture", + "type": "string" + }, + "AutoScalingType": { + "markdownDescription": "For load-based or time-based instances, the type. Windows stacks can use only time-based instances.", + "title": "AutoScalingType", + "type": "string" + }, + "AvailabilityZone": { + "markdownDescription": "The Availability Zone of the AWS OpsWorks instance, such as `us-east-2a` .", + "title": "AvailabilityZone", + "type": "string" + }, + "BlockDeviceMappings": { + "items": { + "$ref": "#/definitions/AWS::OpsWorks::Instance.BlockDeviceMapping" + }, + "markdownDescription": "An array of `BlockDeviceMapping` objects that specify the instance's block devices. For more information, see [Block Device Mapping](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/block-device-mapping-concepts.html) . Note that block device mappings are not supported for custom AMIs.", + "title": "BlockDeviceMappings", + "type": "array" + }, + "EbsOptimized": { + "markdownDescription": "Whether to create an Amazon EBS-optimized instance.", + "title": "EbsOptimized", + "type": "boolean" + }, + "ElasticIps": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of Elastic IP addresses to associate with the instance.", + "title": "ElasticIps", + "type": "array" + }, + "Hostname": { + "markdownDescription": "The instance host name. The following are character limits for instance host names.\n\n- Linux-based instances: 63 characters\n- Windows-based instances: 15 characters", + "title": "Hostname", + "type": "string" + }, + "InstallUpdatesOnBoot": { + "markdownDescription": "Whether to install operating system and package updates when the instance boots. The default value is `true` . To control when updates are installed, set this value to `false` . You must then update your instances manually by using `CreateDeployment` to run the `update_dependencies` stack command or by manually running `yum` (Amazon Linux) or `apt-get` (Ubuntu) on the instances.\n\n> We strongly recommend using the default value of `true` to ensure that your instances have the latest security updates.", + "title": "InstallUpdatesOnBoot", + "type": "boolean" + }, + "InstanceType": { + "markdownDescription": "The instance type, such as `t2.micro` . For a list of supported instance types, open the stack in the console, choose *Instances* , and choose *+ Instance* . The *Size* list contains the currently supported types. For more information, see [Instance Families and Types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) . The parameter values that you use to specify the various types are in the *API Name* column of the *Available Instance Types* table.", + "title": "InstanceType", + "type": "string" + }, + "LayerIds": { + "items": { + "type": "string" + }, + "markdownDescription": "An array that contains the instance's layer IDs.", + "title": "LayerIds", + "type": "array" + }, + "Os": { + "markdownDescription": "The instance's operating system, which must be set to one of the following.\n\n- A supported Linux operating system: An Amazon Linux version, such as `Amazon Linux 2` , `Amazon Linux 2018.03` , `Amazon Linux 2017.09` , `Amazon Linux 2017.03` , `Amazon Linux 2016.09` , `Amazon Linux 2016.03` , `Amazon Linux 2015.09` , or `Amazon Linux 2015.03` .\n- A supported Ubuntu operating system, such as `Ubuntu 18.04 LTS` , `Ubuntu 16.04 LTS` , `Ubuntu 14.04 LTS` , or `Ubuntu 12.04 LTS` .\n- `CentOS Linux 7`\n- `Red Hat Enterprise Linux 7`\n- A supported Windows operating system, such as `Microsoft Windows Server 2012 R2 Base` , `Microsoft Windows Server 2012 R2 with SQL Server Express` , `Microsoft Windows Server 2012 R2 with SQL Server Standard` , or `Microsoft Windows Server 2012 R2 with SQL Server Web` .\n- A custom AMI: `Custom` .\n\nNot all operating systems are supported with all versions of Chef. For more information about the supported operating systems, see [AWS OpsWorks Stacks Operating Systems](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-os.html) .\n\nThe default option is the current Amazon Linux version. If you set this parameter to `Custom` , you must use the `CreateInstance` action's AmiId parameter to specify the custom AMI that you want to use. Block device mappings are not supported if the value is `Custom` . For more information about how to use custom AMIs with AWS OpsWorks Stacks, see [Using Custom AMIs](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-custom-ami.html) .", + "title": "Os", + "type": "string" + }, + "RootDeviceType": { + "markdownDescription": "The instance root device type. For more information, see [Storage for the Root Device](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ComponentsAMIs.html#storage-for-the-root-device) .", + "title": "RootDeviceType", + "type": "string" + }, + "SshKeyName": { + "markdownDescription": "The instance's Amazon EC2 key-pair name.", + "title": "SshKeyName", + "type": "string" + }, + "StackId": { + "markdownDescription": "The stack ID.", + "title": "StackId", + "type": "string" + }, + "SubnetId": { + "markdownDescription": "The ID of the instance's subnet. If the stack is running in a VPC, you can use this parameter to override the stack's default subnet ID value and direct AWS OpsWorks Stacks to launch the instance in a different subnet.", + "title": "SubnetId", + "type": "string" + }, + "Tenancy": { + "markdownDescription": "The instance's tenancy option. The default option is no tenancy, or if the instance is running in a VPC, inherit tenancy settings from the VPC. The following are valid values for this parameter: `dedicated` , `default` , or `host` . Because there are costs associated with changes in tenancy options, we recommend that you research tenancy options before choosing them for your instances. For more information about dedicated hosts, see [Dedicated Hosts Overview](https://docs.aws.amazon.com/ec2/dedicated-hosts/) and [Amazon EC2 Dedicated Hosts](https://docs.aws.amazon.com/ec2/dedicated-hosts/) . For more information about dedicated instances, see [Dedicated Instances](https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/dedicated-instance.html) and [Amazon EC2 Dedicated Instances](https://docs.aws.amazon.com/ec2/purchasing-options/dedicated-instances/) .", + "title": "Tenancy", + "type": "string" + }, + "TimeBasedAutoScaling": { + "$ref": "#/definitions/AWS::OpsWorks::Instance.TimeBasedAutoScaling", + "markdownDescription": "The time-based scaling configuration for the instance.", + "title": "TimeBasedAutoScaling" + }, + "VirtualizationType": { + "markdownDescription": "The instance's virtualization type, `paravirtual` or `hvm` .", + "title": "VirtualizationType", + "type": "string" + }, + "Volumes": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of AWS OpsWorks volume IDs to associate with the instance. For more information, see [`AWS::OpsWorks::Volume`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-opsworks-volume.html) .", + "title": "Volumes", + "type": "array" + } }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "required": [ + "InstanceType", + "LayerIds", + "StackId" + ], + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Type": { + "enum": [ + "AWS::OpsWorks::Instance" + ], + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.HistogramAggregatedFieldWells": { + "AWS::OpsWorks::Instance.BlockDeviceMapping": { "additionalProperties": false, "properties": { - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The value field wells of a histogram. Values are aggregated by `COUNT` or `DISTINCT_COUNT` .", - "title": "Values", - "type": "array" + "DeviceName": { + "markdownDescription": "The device name that is exposed to the instance, such as `/dev/sdh` . For the root device, you can use the explicit device name or you can set this parameter to `ROOT_DEVICE` and AWS OpsWorks Stacks will provide the correct device name.", + "title": "DeviceName", + "type": "string" + }, + "Ebs": { + "$ref": "#/definitions/AWS::OpsWorks::Instance.EbsBlockDevice", + "markdownDescription": "An `EBSBlockDevice` that defines how to configure an Amazon EBS volume when the instance is launched. You can specify either the `VirtualName` or `Ebs` , but not both.", + "title": "Ebs" + }, + "NoDevice": { + "markdownDescription": "Suppresses the specified device included in the AMI's block device mapping.", + "title": "NoDevice", + "type": "string" + }, + "VirtualName": { + "markdownDescription": "The virtual device name. For more information, see [BlockDeviceMapping](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_BlockDeviceMapping.html) . You can specify either the `VirtualName` or `Ebs` , but not both.", + "title": "VirtualName", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.HistogramBinOptions": { + "AWS::OpsWorks::Instance.EbsBlockDevice": { "additionalProperties": false, "properties": { - "BinCount": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BinCountOptions", - "markdownDescription": "The options that determine the bin count of a histogram.", - "title": "BinCount" + "DeleteOnTermination": { + "markdownDescription": "Whether the volume is deleted on instance termination.", + "title": "DeleteOnTermination", + "type": "boolean" }, - "BinWidth": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BinWidthOptions", - "markdownDescription": "The options that determine the bin width of a histogram.", - "title": "BinWidth" + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS) that the volume supports. For more information, see [EbsBlockDevice](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_EbsBlockDevice.html) .", + "title": "Iops", + "type": "number" }, - "SelectedBinType": { - "markdownDescription": "The options that determine the selected bin type.", - "title": "SelectedBinType", + "SnapshotId": { + "markdownDescription": "The snapshot ID.", + "title": "SnapshotId", "type": "string" }, - "StartValue": { - "markdownDescription": "The options that determine the bin start value.", - "title": "StartValue", + "VolumeSize": { + "markdownDescription": "The volume size, in GiB. For more information, see [EbsBlockDevice](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_EbsBlockDevice.html) .", + "title": "VolumeSize", "type": "number" + }, + "VolumeType": { + "markdownDescription": "The volume type. `gp2` for General Purpose (SSD) volumes, `io1` for Provisioned IOPS (SSD) volumes, `st1` for Throughput Optimized hard disk drives (HDD), `sc1` for Cold HDD,and `standard` for Magnetic volumes.\n\nIf you specify the `io1` volume type, you must also specify a value for the `Iops` attribute. The maximum ratio of provisioned IOPS to requested volume size (in GiB) is 50:1. AWS uses the default volume size (in GiB) specified in the AMI attributes to set IOPS to 50 x (volume size).", + "title": "VolumeType", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.HistogramConfiguration": { + "AWS::OpsWorks::Instance.TimeBasedAutoScaling": { "additionalProperties": false, "properties": { - "BinOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.HistogramBinOptions", - "markdownDescription": "The options that determine the presentation of histogram bins.", - "title": "BinOptions" - }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", - "markdownDescription": "The data label configuration of a histogram.", - "title": "DataLabels" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.HistogramFieldWells", - "markdownDescription": "The field well configuration of a histogram.", - "title": "FieldWells" + "Friday": { + "additionalProperties": true, + "markdownDescription": "The schedule for Friday.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Friday", + "type": "object" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", - "markdownDescription": "The tooltip configuration of a histogram.", - "title": "Tooltip" - }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", - "markdownDescription": "The visual palette configuration of a histogram.", - "title": "VisualPalette" - }, - "XAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the x-axis.", - "title": "XAxisDisplayOptions" - }, - "XAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the x-axis label.", - "title": "XAxisLabelOptions" - }, - "YAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the y-axis.", - "title": "YAxisDisplayOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.HistogramFieldWells": { - "additionalProperties": false, - "properties": { - "HistogramAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.HistogramAggregatedFieldWells", - "markdownDescription": "The field well configuration of a histogram.", - "title": "HistogramAggregatedFieldWells" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.HistogramVisual": { - "additionalProperties": false, - "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + "Monday": { + "additionalProperties": true, + "markdownDescription": "The schedule for Monday.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "title": "Monday", + "type": "object" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.HistogramConfiguration", - "markdownDescription": "The configuration for a `HistogramVisual` .", - "title": "ChartConfiguration" + "Saturday": { + "additionalProperties": true, + "markdownDescription": "The schedule for Saturday.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Saturday", + "type": "object" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Sunday": { + "additionalProperties": true, + "markdownDescription": "The schedule for Sunday.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Sunday", + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Thursday": { + "additionalProperties": true, + "markdownDescription": "The schedule for Thursday.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Thursday", + "type": "object" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", - "type": "string" - } - }, - "required": [ - "VisualId" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.InsightConfiguration": { - "additionalProperties": false, - "properties": { - "Computations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.Computation" + "Tuesday": { + "additionalProperties": true, + "markdownDescription": "The schedule for Tuesday.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "The computations configurations of the insight visual", - "title": "Computations", - "type": "array" + "title": "Tuesday", + "type": "object" }, - "CustomNarrative": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomNarrativeOptions", - "markdownDescription": "The custom narrative of the insight visual.", - "title": "CustomNarrative" + "Wednesday": { + "additionalProperties": true, + "markdownDescription": "The schedule for Wednesday.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Wednesday", + "type": "object" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.InsightVisual": { + "AWS::OpsWorks::Layer": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "DataSetIdentifier": { - "markdownDescription": "The dataset that is used in the insight visual.", - "title": "DataSetIdentifier", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "InsightConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.InsightConfiguration", - "markdownDescription": "The configuration of an insight visual.", - "title": "InsightConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Metadata": { + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Properties": { + "additionalProperties": false, + "properties": { + "Attributes": { + "additionalProperties": true, + "markdownDescription": "One or more user-defined key-value pairs to be added to the stack attributes.\n\nTo create a cluster layer, set the `EcsClusterArn` attribute to the cluster's ARN.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Attributes", + "type": "object" + }, + "AutoAssignElasticIps": { + "markdownDescription": "Whether to automatically assign an [Elastic IP address](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html) to the layer's instances. For more information, see [How to Edit a Layer](https://docs.aws.amazon.com/opsworks/latest/userguide/workinglayers-basics-edit.html) .", + "title": "AutoAssignElasticIps", + "type": "boolean" + }, + "AutoAssignPublicIps": { + "markdownDescription": "For stacks that are running in a VPC, whether to automatically assign a public IP address to the layer's instances. For more information, see [How to Edit a Layer](https://docs.aws.amazon.com/opsworks/latest/userguide/workinglayers-basics-edit.html) .", + "title": "AutoAssignPublicIps", + "type": "boolean" + }, + "CustomInstanceProfileArn": { + "markdownDescription": "The ARN of an IAM profile to be used for the layer's EC2 instances. For more information about IAM ARNs, see [Using Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) .", + "title": "CustomInstanceProfileArn", + "type": "string" + }, + "CustomJson": { + "markdownDescription": "A JSON-formatted string containing custom stack configuration and deployment attributes to be installed on the layer's instances. For more information, see [Using Custom JSON](https://docs.aws.amazon.com/opsworks/latest/userguide/workingcookbook-json-override.html) . This feature is supported as of version 1.7.42 of the AWS CLI .", + "title": "CustomJson", + "type": "object" + }, + "CustomRecipes": { + "$ref": "#/definitions/AWS::OpsWorks::Layer.Recipes", + "markdownDescription": "A `LayerCustomRecipes` object that specifies the layer custom recipes.", + "title": "CustomRecipes" + }, + "CustomSecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "An array containing the layer custom security group IDs.", + "title": "CustomSecurityGroupIds", + "type": "array" + }, + "EnableAutoHealing": { + "markdownDescription": "Whether to disable auto healing for the layer.", + "title": "EnableAutoHealing", + "type": "boolean" + }, + "InstallUpdatesOnBoot": { + "markdownDescription": "Whether to install operating system and package updates when the instance boots. The default value is `true` . To control when updates are installed, set this value to `false` . You must then update your instances manually by using `CreateDeployment` to run the `update_dependencies` stack command or by manually running `yum` (Amazon Linux) or `apt-get` (Ubuntu) on the instances.\n\n> To ensure that your instances have the latest security updates, we strongly recommend using the default value of `true` .", + "title": "InstallUpdatesOnBoot", + "type": "boolean" + }, + "LifecycleEventConfiguration": { + "$ref": "#/definitions/AWS::OpsWorks::Layer.LifecycleEventConfiguration", + "markdownDescription": "A `LifeCycleEventConfiguration` object that you can use to configure the Shutdown event to specify an execution timeout and enable or disable Elastic Load Balancer connection draining.", + "title": "LifecycleEventConfiguration" + }, + "LoadBasedAutoScaling": { + "$ref": "#/definitions/AWS::OpsWorks::Layer.LoadBasedAutoScaling", + "markdownDescription": "The load-based scaling configuration for the AWS OpsWorks layer.", + "title": "LoadBasedAutoScaling" + }, + "Name": { + "markdownDescription": "The layer name, which is used by the console. Layer names can be a maximum of 32 characters.", + "title": "Name", + "type": "string" + }, + "Packages": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of `Package` objects that describes the layer packages.", + "title": "Packages", + "type": "array" + }, + "Shortname": { + "markdownDescription": "For custom layers only, use this parameter to specify the layer's short name, which is used internally by AWS OpsWorks Stacks and by Chef recipes. The short name is also used as the name for the directory where your app files are installed. It can have a maximum of 32 characters, which are limited to the alphanumeric characters, '-', '_', and '.'.\n\nBuilt-in layer short names are defined by AWS OpsWorks Stacks. For more information, see the [Layer Reference](https://docs.aws.amazon.com/opsworks/latest/userguide/layers.html) .", + "title": "Shortname", + "type": "string" + }, + "StackId": { + "markdownDescription": "The layer stack ID.", + "title": "StackId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies one or more sets of tags (key\u2013value pairs) to associate with this AWS OpsWorks layer. Use tags to manage your resources.", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "The layer type. A stack cannot have more than one built-in layer of the same type. It can have any number of custom layers. Built-in layers are not available in Chef 12 stacks.", + "title": "Type", + "type": "string" + }, + "UseEbsOptimizedInstances": { + "markdownDescription": "Whether to use Amazon EBS-optimized instances.", + "title": "UseEbsOptimizedInstances", + "type": "boolean" + }, + "VolumeConfigurations": { + "items": { + "$ref": "#/definitions/AWS::OpsWorks::Layer.VolumeConfiguration" + }, + "markdownDescription": "A `VolumeConfigurations` object that describes the layer's Amazon EBS volumes.", + "title": "VolumeConfigurations", + "type": "array" + } + }, + "required": [ + "AutoAssignElasticIps", + "AutoAssignPublicIps", + "EnableAutoHealing", + "Name", + "Shortname", + "StackId", + "Type" + ], + "type": "object" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "Type": { + "enum": [ + "AWS::OpsWorks::Layer" + ], "type": "string" - } - }, - "required": [ - "DataSetIdentifier", - "VisualId" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.IntegerDefaultValues": { - "additionalProperties": false, - "properties": { - "DynamicValue": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DynamicDefaultValue", - "markdownDescription": "The dynamic value of the `IntegerDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", - "title": "DynamicValue" }, - "StaticValues": { - "items": { - "type": "number" - }, - "markdownDescription": "The static values of the `IntegerDefaultValues` .", - "title": "StaticValues", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.IntegerParameter": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the integer parameter.", - "title": "Name", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "Values": { - "items": { - "type": "number" - }, - "markdownDescription": "The values for the integer parameter.", - "title": "Values", - "type": "array" } }, "required": [ - "Name", - "Values" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.IntegerParameterDeclaration": { + "AWS::OpsWorks::Layer.AutoScalingThresholds": { "additionalProperties": false, "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.IntegerDefaultValues", - "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", - "title": "DefaultValues" - }, - "MappedDataSetParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MappedDataSetParameter" - }, - "markdownDescription": "", - "title": "MappedDataSetParameters", - "type": "array" + "CpuThreshold": { + "markdownDescription": "The CPU utilization threshold, as a percent of the available CPU. A value of -1 disables the threshold.", + "title": "CpuThreshold", + "type": "number" }, - "Name": { - "markdownDescription": "The name of the parameter that is being declared.", - "title": "Name", - "type": "string" + "IgnoreMetricsTime": { + "markdownDescription": "The amount of time (in minutes) after a scaling event occurs that AWS OpsWorks Stacks should ignore metrics and suppress additional scaling events. For example, AWS OpsWorks Stacks adds new instances following an upscaling event but the instances won't start reducing the load until they have been booted and configured. There is no point in raising additional scaling events during that operation, which typically takes several minutes. `IgnoreMetricsTime` allows you to direct AWS OpsWorks Stacks to suppress scaling events long enough to get the new instances online.", + "title": "IgnoreMetricsTime", + "type": "number" }, - "ParameterValueType": { - "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", - "title": "ParameterValueType", - "type": "string" + "InstanceCount": { + "markdownDescription": "The number of instances to add or remove when the load exceeds a threshold.", + "title": "InstanceCount", + "type": "number" }, - "ValueWhenUnset": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.IntegerValueWhenUnsetConfiguration", - "markdownDescription": "A parameter declaration for the `Integer` data type.", - "title": "ValueWhenUnset" - } - }, - "required": [ - "Name", - "ParameterValueType" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.IntegerValueWhenUnsetConfiguration": { - "additionalProperties": false, - "properties": { - "CustomValue": { - "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", - "title": "CustomValue", + "LoadThreshold": { + "markdownDescription": "The load threshold. A value of -1 disables the threshold. For more information about how load is computed, see [Load (computing)](https://docs.aws.amazon.com/http://en.wikipedia.org/wiki/Load_%28computing%29) .", + "title": "LoadThreshold", "type": "number" }, - "ValueWhenUnsetOption": { - "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", - "title": "ValueWhenUnsetOption", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.ItemsLimitConfiguration": { - "additionalProperties": false, - "properties": { - "ItemsLimit": { - "markdownDescription": "The limit on how many items of a field are showed in the chart. For example, the number of slices that are displayed in a pie chart.", - "title": "ItemsLimit", + "MemoryThreshold": { + "markdownDescription": "The memory utilization threshold, as a percent of the available memory. A value of -1 disables the threshold.", + "title": "MemoryThreshold", "type": "number" }, - "OtherCategories": { - "markdownDescription": "The `Show other` of an axis in the chart. Choose one of the following options:\n\n- `INCLUDE`\n- `EXCLUDE`", - "title": "OtherCategories", - "type": "string" + "ThresholdsWaitTime": { + "markdownDescription": "The amount of time, in minutes, that the load must exceed a threshold before more instances are added or removed.", + "title": "ThresholdsWaitTime", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.KPIActualValueConditionalFormatting": { + "AWS::OpsWorks::Layer.LifecycleEventConfiguration": { "additionalProperties": false, "properties": { - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting of the actual value's icon.", - "title": "Icon" - }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the actual value's text color.", - "title": "TextColor" + "ShutdownEventConfiguration": { + "$ref": "#/definitions/AWS::OpsWorks::Layer.ShutdownEventConfiguration", + "markdownDescription": "The Shutdown event configuration.", + "title": "ShutdownEventConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.KPIComparisonValueConditionalFormatting": { + "AWS::OpsWorks::Layer.LoadBasedAutoScaling": { "additionalProperties": false, "properties": { - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting of the comparison value's icon.", - "title": "Icon" + "DownScaling": { + "$ref": "#/definitions/AWS::OpsWorks::Layer.AutoScalingThresholds", + "markdownDescription": "An `AutoScalingThresholds` object that describes the downscaling configuration, which defines how and when AWS OpsWorks Stacks reduces the number of instances.", + "title": "DownScaling" }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the comparison value's text color.", - "title": "TextColor" + "Enable": { + "markdownDescription": "Whether load-based auto scaling is enabled for the layer.", + "title": "Enable", + "type": "boolean" + }, + "UpScaling": { + "$ref": "#/definitions/AWS::OpsWorks::Layer.AutoScalingThresholds", + "markdownDescription": "An `AutoScalingThresholds` object that describes the upscaling configuration, which defines how and when AWS OpsWorks Stacks increases the number of instances.", + "title": "UpScaling" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.KPIConditionalFormatting": { + "AWS::OpsWorks::Layer.Recipes": { "additionalProperties": false, "properties": { - "ConditionalFormattingOptions": { + "Configure": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIConditionalFormattingOption" + "type": "string" }, - "markdownDescription": "The conditional formatting options of a KPI visual.", - "title": "ConditionalFormattingOptions", + "markdownDescription": "An array of custom recipe names to be run following a `configure` event.", + "title": "Configure", "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.KPIConditionalFormattingOption": { - "additionalProperties": false, - "properties": { - "ActualValue": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIActualValueConditionalFormatting", - "markdownDescription": "The conditional formatting for the actual value of a KPI visual.", - "title": "ActualValue" - }, - "ComparisonValue": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIComparisonValueConditionalFormatting", - "markdownDescription": "The conditional formatting for the comparison value of a KPI visual.", - "title": "ComparisonValue" - }, - "PrimaryValue": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIPrimaryValueConditionalFormatting", - "markdownDescription": "The conditional formatting for the primary value of a KPI visual.", - "title": "PrimaryValue" - }, - "ProgressBar": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIProgressBarConditionalFormatting", - "markdownDescription": "The conditional formatting for the progress bar of a KPI visual.", - "title": "ProgressBar" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.KPIConfiguration": { - "additionalProperties": false, - "properties": { - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIFieldWells", - "markdownDescription": "The field well configuration of a KPI visual.", - "title": "FieldWells" }, - "KPIOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIOptions", - "markdownDescription": "The options that determine the presentation of a KPI visual.", - "title": "KPIOptions" + "Deploy": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of custom recipe names to be run following a `deploy` event.", + "title": "Deploy", + "type": "array" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPISortConfiguration", - "markdownDescription": "The sort configuration of a KPI visual.", - "title": "SortConfiguration" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.KPIFieldWells": { - "additionalProperties": false, - "properties": { - "TargetValues": { + "Setup": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + "type": "string" }, - "markdownDescription": "The target value field wells of a KPI visual.", - "title": "TargetValues", + "markdownDescription": "An array of custom recipe names to be run following a `setup` event.", + "title": "Setup", "type": "array" }, - "TrendGroups": { + "Shutdown": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + "type": "string" }, - "markdownDescription": "The trend group field wells of a KPI visual.", - "title": "TrendGroups", + "markdownDescription": "An array of custom recipe names to be run following a `shutdown` event.", + "title": "Shutdown", "type": "array" }, - "Values": { + "Undeploy": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + "type": "string" }, - "markdownDescription": "The value field wells of a KPI visual.", - "title": "Values", + "markdownDescription": "An array of custom recipe names to be run following a `undeploy` event.", + "title": "Undeploy", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.KPIOptions": { + "AWS::OpsWorks::Layer.ShutdownEventConfiguration": { "additionalProperties": false, "properties": { - "Comparison": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComparisonConfiguration", - "markdownDescription": "The comparison configuration of a KPI visual.", - "title": "Comparison" - }, - "PrimaryValueDisplayType": { - "markdownDescription": "The options that determine the primary value display type.", - "title": "PrimaryValueDisplayType", - "type": "string" + "DelayUntilElbConnectionsDrained": { + "markdownDescription": "Whether to enable Elastic Load Balancing connection draining. For more information, see [Connection Draining](https://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/TerminologyandKeyConcepts.html#conn-drain)", + "title": "DelayUntilElbConnectionsDrained", + "type": "boolean" }, - "PrimaryValueFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", - "markdownDescription": "The options that determine the primary value font configuration.", - "title": "PrimaryValueFontConfiguration" + "ExecutionTimeout": { + "markdownDescription": "The time, in seconds, that AWS OpsWorks Stacks waits after triggering a Shutdown event before shutting down an instance.", + "title": "ExecutionTimeout", + "type": "number" + } + }, + "type": "object" + }, + "AWS::OpsWorks::Layer.VolumeConfiguration": { + "additionalProperties": false, + "properties": { + "Encrypted": { + "markdownDescription": "Specifies whether an Amazon EBS volume is encrypted. For more information, see [Amazon EBS Encryption](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) .", + "title": "Encrypted", + "type": "boolean" }, - "ProgressBar": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ProgressBarOptions", - "markdownDescription": "The options that determine the presentation of the progress bar of a KPI visual.", - "title": "ProgressBar" + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS) to provision for the volume. For PIOPS volumes, the IOPS per disk.\n\nIf you specify `io1` for the volume type, you must specify this property.", + "title": "Iops", + "type": "number" }, - "SecondaryValue": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SecondaryValueOptions", - "markdownDescription": "The options that determine the presentation of the secondary value of a KPI visual.", - "title": "SecondaryValue" + "MountPoint": { + "markdownDescription": "The volume mount point. For example \"/dev/sdh\".", + "title": "MountPoint", + "type": "string" }, - "SecondaryValueFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", - "markdownDescription": "The options that determine the secondary value font configuration.", - "title": "SecondaryValueFontConfiguration" + "NumberOfDisks": { + "markdownDescription": "The number of disks in the volume.", + "title": "NumberOfDisks", + "type": "number" }, - "Sparkline": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPISparklineOptions", - "markdownDescription": "The options that determine the visibility, color, type, and tooltip visibility of the sparkline of a KPI visual.", - "title": "Sparkline" + "RaidLevel": { + "markdownDescription": "The volume [RAID level](https://docs.aws.amazon.com/http://en.wikipedia.org/wiki/Standard_RAID_levels) .", + "title": "RaidLevel", + "type": "number" }, - "TrendArrows": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TrendArrowOptions", - "markdownDescription": "The options that determine the presentation of trend arrows in a KPI visual.", - "title": "TrendArrows" + "Size": { + "markdownDescription": "The volume size.", + "title": "Size", + "type": "number" }, - "VisualLayoutOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIVisualLayoutOptions", - "markdownDescription": "The options that determine the layout a KPI visual.", - "title": "VisualLayoutOptions" + "VolumeType": { + "markdownDescription": "The volume type. For more information, see [Amazon EBS Volume Types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) .\n\n- `standard` - Magnetic. Magnetic volumes must have a minimum size of 1 GiB and a maximum size of 1024 GiB.\n- `io1` - Provisioned IOPS (SSD). PIOPS volumes must have a minimum size of 4 GiB and a maximum size of 16384 GiB.\n- `gp2` - General Purpose (SSD). General purpose volumes must have a minimum size of 1 GiB and a maximum size of 16384 GiB.\n- `st1` - Throughput Optimized hard disk drive (HDD). Throughput optimized HDD volumes must have a minimum size of 125 GiB and a maximum size of 16384 GiB.\n- `sc1` - Cold HDD. Cold HDD volumes must have a minimum size of 125 GiB and a maximum size of 16384 GiB.", + "title": "VolumeType", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.KPIPrimaryValueConditionalFormatting": { + "AWS::OpsWorks::Stack": { "additionalProperties": false, "properties": { - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting of the primary value's icon.", - "title": "Icon" + "Condition": { + "type": "string" }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the primary value's text color.", - "title": "TextColor" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AgentVersion": { + "markdownDescription": "The default AWS OpsWorks Stacks agent version. You have the following options:\n\n- Auto-update - Set this parameter to `LATEST` . AWS OpsWorks Stacks automatically installs new agent versions on the stack's instances as soon as they are available.\n- Fixed version - Set this parameter to your preferred agent version. To update the agent version, you must edit the stack configuration and specify a new version. AWS OpsWorks Stacks installs that version on the stack's instances.\n\nThe default setting is the most recent release of the agent. To specify an agent version, you must use the complete version number, not the abbreviated number shown on the console. For a list of available agent version numbers, call `DescribeAgentVersions` . AgentVersion cannot be set to Chef 12.2.\n\n> You can also specify an agent version when you create or update an instance, which overrides the stack's default setting.", + "title": "AgentVersion", + "type": "string" + }, + "Attributes": { + "additionalProperties": true, + "markdownDescription": "One or more user-defined key-value pairs to be added to the stack attributes.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Attributes", + "type": "object" + }, + "ChefConfiguration": { + "$ref": "#/definitions/AWS::OpsWorks::Stack.ChefConfiguration", + "markdownDescription": "A `ChefConfiguration` object that specifies whether to enable Berkshelf and the Berkshelf version on Chef 11.10 stacks. For more information, see [Create a New Stack](https://docs.aws.amazon.com/opsworks/latest/userguide/workingstacks-creating.html) .", + "title": "ChefConfiguration" + }, + "CloneAppIds": { + "items": { + "type": "string" + }, + "markdownDescription": "If you're cloning an AWS OpsWorks stack, a list of AWS OpsWorks application stack IDs from the source stack to include in the cloned stack.", + "title": "CloneAppIds", + "type": "array" + }, + "ClonePermissions": { + "markdownDescription": "If you're cloning an AWS OpsWorks stack, indicates whether to clone the source stack's permissions.", + "title": "ClonePermissions", + "type": "boolean" + }, + "ConfigurationManager": { + "$ref": "#/definitions/AWS::OpsWorks::Stack.StackConfigurationManager", + "markdownDescription": "The configuration manager. When you create a stack we recommend that you use the configuration manager to specify the Chef version: 12, 11.10, or 11.4 for Linux stacks, or 12.2 for Windows stacks. The default value for Linux stacks is currently 12.", + "title": "ConfigurationManager" + }, + "CustomCookbooksSource": { + "$ref": "#/definitions/AWS::OpsWorks::Stack.Source", + "markdownDescription": "Contains the information required to retrieve an app or cookbook from a repository. For more information, see [Adding Apps](https://docs.aws.amazon.com/opsworks/latest/userguide/workingapps-creating.html) or [Cookbooks and Recipes](https://docs.aws.amazon.com/opsworks/latest/userguide/workingcookbook.html) .", + "title": "CustomCookbooksSource" + }, + "CustomJson": { + "markdownDescription": "A string that contains user-defined, custom JSON. It can be used to override the corresponding default stack configuration attribute values or to pass data to recipes. The string should be in the following format:\n\n`\"{\\\"key1\\\": \\\"value1\\\", \\\"key2\\\": \\\"value2\\\",...}\"`\n\nFor more information about custom JSON, see [Use Custom JSON to Modify the Stack Configuration Attributes](https://docs.aws.amazon.com/opsworks/latest/userguide/workingstacks-json.html) .", + "title": "CustomJson", + "type": "object" + }, + "DefaultAvailabilityZone": { + "markdownDescription": "The stack's default Availability Zone, which must be in the specified region. For more information, see [Regions and Endpoints](https://docs.aws.amazon.com/general/latest/gr/rande.html) . If you also specify a value for `DefaultSubnetId` , the subnet must be in the same zone. For more information, see the `VpcId` parameter description.", + "title": "DefaultAvailabilityZone", + "type": "string" + }, + "DefaultInstanceProfileArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM profile that is the default profile for all of the stack's EC2 instances. For more information about IAM ARNs, see [Using Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) .", + "title": "DefaultInstanceProfileArn", + "type": "string" + }, + "DefaultOs": { + "markdownDescription": "The stack's default operating system, which is installed on every instance unless you specify a different operating system when you create the instance. You can specify one of the following.\n\n- A supported Linux operating system: An Amazon Linux version, such as `Amazon Linux 2` , `Amazon Linux 2018.03` , `Amazon Linux 2017.09` , `Amazon Linux 2017.03` , `Amazon Linux 2016.09` , `Amazon Linux 2016.03` , `Amazon Linux 2015.09` , or `Amazon Linux 2015.03` .\n- A supported Ubuntu operating system, such as `Ubuntu 18.04 LTS` , `Ubuntu 16.04 LTS` , `Ubuntu 14.04 LTS` , or `Ubuntu 12.04 LTS` .\n- `CentOS Linux 7`\n- `Red Hat Enterprise Linux 7`\n- A supported Windows operating system, such as `Microsoft Windows Server 2012 R2 Base` , `Microsoft Windows Server 2012 R2 with SQL Server Express` , `Microsoft Windows Server 2012 R2 with SQL Server Standard` , or `Microsoft Windows Server 2012 R2 with SQL Server Web` .\n- A custom AMI: `Custom` . You specify the custom AMI you want to use when you create instances. For more information, see [Using Custom AMIs](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-custom-ami.html) .\n\nThe default option is the current Amazon Linux version. Not all operating systems are supported with all versions of Chef. For more information about supported operating systems, see [AWS OpsWorks Stacks Operating Systems](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-os.html) .", + "title": "DefaultOs", + "type": "string" + }, + "DefaultRootDeviceType": { + "markdownDescription": "The default root device type. This value is the default for all instances in the stack, but you can override it when you create an instance. The default option is `instance-store` . For more information, see [Storage for the Root Device](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ComponentsAMIs.html#storage-for-the-root-device) .", + "title": "DefaultRootDeviceType", + "type": "string" + }, + "DefaultSshKeyName": { + "markdownDescription": "A default Amazon EC2 key pair name. The default value is none. If you specify a key pair name, AWS OpsWorks installs the public key on the instance and you can use the private key with an SSH client to log in to the instance. For more information, see [Using SSH to Communicate with an Instance](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-ssh.html) and [Managing SSH Access](https://docs.aws.amazon.com/opsworks/latest/userguide/security-ssh-access.html) . You can override this setting by specifying a different key pair, or no key pair, when you [create an instance](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-add.html) .", + "title": "DefaultSshKeyName", + "type": "string" + }, + "DefaultSubnetId": { + "markdownDescription": "The stack's default subnet ID. All instances are launched into this subnet unless you specify another subnet ID when you create the instance. This parameter is required if you specify a value for the `VpcId` parameter. If you also specify a value for `DefaultAvailabilityZone` , the subnet must be in that zone.", + "title": "DefaultSubnetId", + "type": "string" + }, + "EcsClusterArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Elastic Container Service ( Amazon ECS ) cluster to register with the AWS OpsWorks stack.\n\n> If you specify a cluster that's registered with another AWS OpsWorks stack, AWS CloudFormation deregisters the existing association before registering the cluster.", + "title": "EcsClusterArn", + "type": "string" + }, + "ElasticIps": { + "items": { + "$ref": "#/definitions/AWS::OpsWorks::Stack.ElasticIp" + }, + "markdownDescription": "A list of Elastic IP addresses to register with the AWS OpsWorks stack.\n\n> If you specify an IP address that's registered with another AWS OpsWorks stack, AWS CloudFormation deregisters the existing association before registering the IP address.", + "title": "ElasticIps", + "type": "array" + }, + "HostnameTheme": { + "markdownDescription": "The stack's host name theme, with spaces replaced by underscores. The theme is used to generate host names for the stack's instances. By default, `HostnameTheme` is set to `Layer_Dependent` , which creates host names by appending integers to the layer's short name. The other themes are:\n\n- `Baked_Goods`\n- `Clouds`\n- `Europe_Cities`\n- `Fruits`\n- `Greek_Deities_and_Titans`\n- `Legendary_creatures_from_Japan`\n- `Planets_and_Moons`\n- `Roman_Deities`\n- `Scottish_Islands`\n- `US_Cities`\n- `Wild_Cats`\n\nTo obtain a generated host name, call `GetHostNameSuggestion` , which returns a host name based on the current theme.", + "title": "HostnameTheme", + "type": "string" + }, + "Name": { + "markdownDescription": "The stack name. Stack names can be a maximum of 64 characters.", + "title": "Name", + "type": "string" + }, + "RdsDbInstances": { + "items": { + "$ref": "#/definitions/AWS::OpsWorks::Stack.RdsDbInstance" + }, + "markdownDescription": "The Amazon Relational Database Service ( Amazon RDS ) database instance to register with the AWS OpsWorks stack.\n\n> If you specify a database instance that's registered with another AWS OpsWorks stack, AWS CloudFormation deregisters the existing association before registering the database instance.", + "title": "RdsDbInstances", + "type": "array" + }, + "ServiceRoleArn": { + "markdownDescription": "The stack's IAM role, which allows AWS OpsWorks Stacks to work with AWS resources on your behalf. You must set this parameter to the Amazon Resource Name (ARN) for an existing IAM role. For more information about IAM ARNs, see [Using Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) .", + "title": "ServiceRoleArn", + "type": "string" + }, + "SourceStackId": { + "markdownDescription": "If you're cloning an AWS OpsWorks stack, the stack ID of the source AWS OpsWorks stack to clone.", + "title": "SourceStackId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A map that contains tag keys and tag values that are attached to a stack or layer.\n\n- The key cannot be empty.\n- The key can be a maximum of 127 characters, and can contain only Unicode letters, numbers, or separators, or the following special characters: `+ - = . _ : /`\n- The value can be a maximum 255 characters, and contain only Unicode letters, numbers, or separators, or the following special characters: `+ - = . _ : /`\n- Leading and trailing white spaces are trimmed from both the key and value.\n- A maximum of 40 tags is allowed for any resource.", + "title": "Tags", + "type": "array" + }, + "UseCustomCookbooks": { + "markdownDescription": "Whether the stack uses custom cookbooks.", + "title": "UseCustomCookbooks", + "type": "boolean" + }, + "UseOpsworksSecurityGroups": { + "markdownDescription": "Whether to associate the AWS OpsWorks Stacks built-in security groups with the stack's layers.\n\nAWS OpsWorks Stacks provides a standard set of built-in security groups, one for each layer, which are associated with layers by default. With `UseOpsworksSecurityGroups` you can instead provide your own custom security groups. `UseOpsworksSecurityGroups` has the following settings:\n\n- True - AWS OpsWorks Stacks automatically associates the appropriate built-in security group with each layer (default setting). You can associate additional security groups with a layer after you create it, but you cannot delete the built-in security group.\n- False - AWS OpsWorks Stacks does not associate built-in security groups with layers. You must create appropriate EC2 security groups and associate a security group with each layer that you create. However, you can still manually associate a built-in security group with a layer on creation; custom security groups are required only for those layers that need custom settings.\n\nFor more information, see [Create a New Stack](https://docs.aws.amazon.com/opsworks/latest/userguide/workingstacks-creating.html) .", + "title": "UseOpsworksSecurityGroups", + "type": "boolean" + }, + "VpcId": { + "markdownDescription": "The ID of the VPC that the stack is to be launched into. The VPC must be in the stack's region. All instances are launched into this VPC. You cannot change the ID later.\n\n- If your account supports EC2-Classic, the default value is `no VPC` .\n- If your account does not support EC2-Classic, the default value is the default VPC for the specified region.\n\nIf the VPC ID corresponds to a default VPC and you have specified either the `DefaultAvailabilityZone` or the `DefaultSubnetId` parameter only, AWS OpsWorks Stacks infers the value of the other parameter. If you specify neither parameter, AWS OpsWorks Stacks sets these parameters to the first valid Availability Zone for the specified region and the corresponding default VPC subnet ID, respectively.\n\nIf you specify a nondefault VPC ID, note the following:\n\n- It must belong to a VPC in your account that is in the specified region.\n- You must specify a value for `DefaultSubnetId` .\n\nFor more information about how to use AWS OpsWorks Stacks with a VPC, see [Running a Stack in a VPC](https://docs.aws.amazon.com/opsworks/latest/userguide/workingstacks-vpc.html) . For more information about default VPC and EC2-Classic, see [Supported Platforms](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-supported-platforms.html) .", + "title": "VpcId", + "type": "string" + } + }, + "required": [ + "DefaultInstanceProfileArn", + "Name", + "ServiceRoleArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::OpsWorks::Stack" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.KPIProgressBarConditionalFormatting": { + "AWS::OpsWorks::Stack.ChefConfiguration": { "additionalProperties": false, "properties": { - "ForegroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the progress bar's foreground color.", - "title": "ForegroundColor" + "BerkshelfVersion": { + "markdownDescription": "The Berkshelf version.", + "title": "BerkshelfVersion", + "type": "string" + }, + "ManageBerkshelf": { + "markdownDescription": "Whether to enable Berkshelf.", + "title": "ManageBerkshelf", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.KPISortConfiguration": { + "AWS::OpsWorks::Stack.ElasticIp": { "additionalProperties": false, "properties": { - "TrendGroupSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the trend group fields.", - "title": "TrendGroupSort", - "type": "array" + "Ip": { + "markdownDescription": "The IP address.", + "title": "Ip", + "type": "string" + }, + "Name": { + "markdownDescription": "The name, which can be a maximum of 32 characters.", + "title": "Name", + "type": "string" } }, + "required": [ + "Ip" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.KPISparklineOptions": { + "AWS::OpsWorks::Stack.RdsDbInstance": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The color of the sparkline.", - "title": "Color", - "type": "string" - }, - "TooltipVisibility": { - "markdownDescription": "The tooltip visibility of the sparkline.", - "title": "TooltipVisibility", + "DbPassword": { + "markdownDescription": "AWS OpsWorks Stacks returns `*****FILTERED*****` instead of the actual value.", + "title": "DbPassword", "type": "string" }, - "Type": { - "markdownDescription": "The type of the sparkline.", - "title": "Type", + "DbUser": { + "markdownDescription": "The master user name.", + "title": "DbUser", "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the sparkline.", - "title": "Visibility", + "RdsDbInstanceArn": { + "markdownDescription": "The instance's ARN.", + "title": "RdsDbInstanceArn", "type": "string" } }, "required": [ - "Type" + "DbPassword", + "DbUser", + "RdsDbInstanceArn" ], "type": "object" }, - "AWS::QuickSight::Dashboard.KPIVisual": { + "AWS::OpsWorks::Stack.Source": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIConfiguration", - "markdownDescription": "The configuration of a KPI visual.", - "title": "ChartConfiguration" + "Password": { + "markdownDescription": "When included in a request, the parameter depends on the repository type.\n\n- For Amazon S3 bundles, set `Password` to the appropriate IAM secret access key.\n- For HTTP bundles and Subversion repositories, set `Password` to the password.\n\nFor more information on how to safely handle IAM credentials, see [](https://docs.aws.amazon.com/general/latest/gr/aws-access-keys-best-practices.html) .\n\nIn responses, AWS OpsWorks Stacks returns `*****FILTERED*****` instead of the actual value.", + "title": "Password", + "type": "string" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "Revision": { + "markdownDescription": "The application's version. AWS OpsWorks Stacks enables you to easily deploy new versions of an application. One of the simplest approaches is to have branches or revisions in your repository that represent different versions that can potentially be deployed.", + "title": "Revision", + "type": "string" }, - "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIConditionalFormatting", - "markdownDescription": "The conditional formatting of a KPI visual.", - "title": "ConditionalFormatting" + "SshKey": { + "markdownDescription": "The repository's SSH key. For more information, see [Using Git Repository SSH Keys](https://docs.aws.amazon.com/opsworks/latest/userguide/workingapps-deploykeys.html) in the *AWS OpsWorks User Guide* . To pass in an SSH key as a parameter, see the following example:\n\n`\"Parameters\" : { \"GitSSHKey\" : { \"Description\" : \"Change SSH key newlines to commas.\", \"Type\" : \"CommaDelimitedList\", \"NoEcho\" : \"true\" }, ... \"CustomCookbooksSource\": { \"Revision\" : { \"Ref\": \"GitRevision\"}, \"SshKey\" : { \"Fn::Join\" : [ \"\\n\", { \"Ref\": \"GitSSHKey\"} ] }, \"Type\": \"git\", \"Url\": { \"Ref\": \"GitURL\"} } ...`", + "title": "SshKey", + "type": "string" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Type": { + "markdownDescription": "The repository type.", + "title": "Type", + "type": "string" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Url": { + "markdownDescription": "The source URL. The following is an example of an Amazon S3 source URL: `https://s3.amazonaws.com/opsworks-demo-bucket/opsworks_cookbook_demo.tar.gz` .", + "title": "Url", + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "Username": { + "markdownDescription": "This parameter depends on the repository type.\n\n- For Amazon S3 bundles, set `Username` to the appropriate IAM access key ID.\n- For HTTP bundles, Git repositories, and Subversion repositories, set `Username` to the user name.", + "title": "Username", "type": "string" } }, - "required": [ - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.KPIVisualLayoutOptions": { + "AWS::OpsWorks::Stack.StackConfigurationManager": { "additionalProperties": false, "properties": { - "StandardLayout": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIVisualStandardLayout", - "markdownDescription": "The standard layout of the KPI visual.", - "title": "StandardLayout" + "Name": { + "markdownDescription": "The name. This parameter must be set to `Chef` .", + "title": "Name", + "type": "string" + }, + "Version": { + "markdownDescription": "The Chef version. This parameter must be set to 12, 11.10, or 11.4 for Linux stacks, and to 12.2 for Windows stacks. The default value for Linux stacks is 12.", + "title": "Version", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.KPIVisualStandardLayout": { + "AWS::OpsWorks::UserProfile": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The standard layout type.", - "title": "Type", + "Condition": { "type": "string" - } - }, + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AllowSelfManagement": { + "markdownDescription": "Whether users can specify their own SSH public key through the My Settings page. For more information, see [Managing User Permissions](https://docs.aws.amazon.com/opsworks/latest/userguide/security-settingsshkey.html) .", + "title": "AllowSelfManagement", + "type": "boolean" + }, + "IamUserArn": { + "markdownDescription": "The user's IAM ARN.", + "title": "IamUserArn", + "type": "string" + }, + "SshPublicKey": { + "markdownDescription": "The user's SSH public key.", + "title": "SshPublicKey", + "type": "string" + }, + "SshUsername": { + "markdownDescription": "The user's SSH user name.", + "title": "SshUsername", + "type": "string" + } + }, + "required": [ + "IamUserArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::OpsWorks::UserProfile" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.LabelOptions": { + "AWS::OpsWorks::Volume": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The text for the label.", - "title": "CustomLabel", + "Condition": { "type": "string" }, - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", - "markdownDescription": "The font configuration of the label.", - "title": "FontConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Visibility": { - "markdownDescription": "Determines whether or not the label is visible.", - "title": "Visibility", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Ec2VolumeId": { + "markdownDescription": "The Amazon EC2 volume ID.", + "title": "Ec2VolumeId", + "type": "string" + }, + "MountPoint": { + "markdownDescription": "The volume mount point. For example, \"/mnt/disk1\".", + "title": "MountPoint", + "type": "string" + }, + "Name": { + "markdownDescription": "The volume name. Volume names are a maximum of 128 characters.", + "title": "Name", + "type": "string" + }, + "StackId": { + "markdownDescription": "The stack ID.", + "title": "StackId", + "type": "string" + } + }, + "required": [ + "Ec2VolumeId", + "StackId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::OpsWorks::Volume" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.Layout": { + "AWS::OpsWorksCM::Server": { "additionalProperties": false, "properties": { - "Configuration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LayoutConfiguration", - "markdownDescription": "The configuration that determines what the type of layout for a sheet.", - "title": "Configuration" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AssociatePublicIpAddress": { + "markdownDescription": "Associate a public IP address with a server that you are launching. Valid values are `true` or `false` . The default value is `true` .", + "title": "AssociatePublicIpAddress", + "type": "boolean" + }, + "BackupId": { + "markdownDescription": "If you specify this field, AWS OpsWorks CM creates the server by using the backup represented by BackupId.", + "title": "BackupId", + "type": "string" + }, + "BackupRetentionCount": { + "markdownDescription": "The number of automated backups that you want to keep. Whenever a new backup is created, AWS OpsWorks CM deletes the oldest backups if this number is exceeded. The default value is `1` .", + "title": "BackupRetentionCount", + "type": "number" + }, + "CustomCertificate": { + "markdownDescription": "Supported on servers running Chef Automate 2.0 only. A PEM-formatted HTTPS certificate. The value can be be a single, self-signed certificate, or a certificate chain. If you specify a custom certificate, you must also specify values for `CustomDomain` and `CustomPrivateKey` . The following are requirements for the `CustomCertificate` value:\n\n- You can provide either a self-signed, custom certificate, or the full certificate chain.\n- The certificate must be a valid X509 certificate, or a certificate chain in PEM format.\n- The certificate must be valid at the time of upload. A certificate can't be used before its validity period begins (the certificate's `NotBefore` date), or after it expires (the certificate's `NotAfter` date).\n- The certificate\u2019s common name or subject alternative names (SANs), if present, must match the value of `CustomDomain` .\n- The certificate must match the value of `CustomPrivateKey` .", + "title": "CustomCertificate", + "type": "string" + }, + "CustomDomain": { + "markdownDescription": "Supported on servers running Chef Automate 2.0 only. An optional public endpoint of a server, such as `https://aws.my-company.com` . To access the server, create a CNAME DNS record in your preferred DNS service that points the custom domain to the endpoint that is generated when the server is created (the value of the CreateServer Endpoint attribute). You cannot access the server by using the generated `Endpoint` value if the server is using a custom domain. If you specify a custom domain, you must also specify values for `CustomCertificate` and `CustomPrivateKey` .", + "title": "CustomDomain", + "type": "string" + }, + "CustomPrivateKey": { + "markdownDescription": "Supported on servers running Chef Automate 2.0 only. A private key in PEM format for connecting to the server by using HTTPS. The private key must not be encrypted; it cannot be protected by a password or passphrase. If you specify a custom private key, you must also specify values for `CustomDomain` and `CustomCertificate` .", + "title": "CustomPrivateKey", + "type": "string" + }, + "DisableAutomatedBackup": { + "markdownDescription": "Enable or disable scheduled backups. Valid values are `true` or `false` . The default value is `true` .", + "title": "DisableAutomatedBackup", + "type": "boolean" + }, + "Engine": { + "markdownDescription": "The configuration management engine to use. Valid values include `ChefAutomate` and `Puppet` .", + "title": "Engine", + "type": "string" + }, + "EngineAttributes": { + "items": { + "$ref": "#/definitions/AWS::OpsWorksCM::Server.EngineAttribute" + }, + "markdownDescription": "Optional engine attributes on a specified server.\n\n**Attributes accepted in a Chef createServer request:** - `CHEF_AUTOMATE_PIVOTAL_KEY` : A base64-encoded RSA public key. The corresponding private key is required to access the Chef API. When no CHEF_AUTOMATE_PIVOTAL_KEY is set, a private key is generated and returned in the response. When you are specifying the value of CHEF_AUTOMATE_PIVOTAL_KEY as a parameter in the AWS CloudFormation console, you must add newline ( `\\n` ) characters at the end of each line of the pivotal key value.\n- `CHEF_AUTOMATE_ADMIN_PASSWORD` : The password for the administrative user in the Chef Automate web-based dashboard. The password length is a minimum of eight characters, and a maximum of 32. The password can contain letters, numbers, and special characters (!/@#$%^&+=_). The password must contain at least one lower case letter, one upper case letter, one number, and one special character. When no CHEF_AUTOMATE_ADMIN_PASSWORD is set, one is generated and returned in the response.\n\n**Attributes accepted in a Puppet createServer request:** - `PUPPET_ADMIN_PASSWORD` : To work with the Puppet Enterprise console, a password must use ASCII characters.\n- `PUPPET_R10K_REMOTE` : The r10k remote is the URL of your control repository (for example, ssh://git@your.git-repo.com:user/control-repo.git). Specifying an r10k remote opens TCP port 8170.\n- `PUPPET_R10K_PRIVATE_KEY` : If you are using a private Git repository, add PUPPET_R10K_PRIVATE_KEY to specify a PEM-encoded private SSH key.", + "title": "EngineAttributes", + "type": "array" + }, + "EngineModel": { + "markdownDescription": "The engine model of the server. Valid values in this release include `Monolithic` for Puppet and `Single` for Chef.", + "title": "EngineModel", + "type": "string" + }, + "EngineVersion": { + "markdownDescription": "The major release version of the engine that you want to use. For a Chef server, the valid value for EngineVersion is currently `2` . For a Puppet server, valid values are `2019` or `2017` .", + "title": "EngineVersion", + "type": "string" + }, + "InstanceProfileArn": { + "markdownDescription": "The ARN of the instance profile that your Amazon EC2 instances use.", + "title": "InstanceProfileArn", + "type": "string" + }, + "InstanceType": { + "markdownDescription": "The Amazon EC2 instance type to use. For example, `m5.large` .", + "title": "InstanceType", + "type": "string" + }, + "KeyPair": { + "markdownDescription": "The Amazon EC2 key pair to set for the instance. This parameter is optional; if desired, you may specify this parameter to connect to your instances by using SSH.", + "title": "KeyPair", + "type": "string" + }, + "PreferredBackupWindow": { + "markdownDescription": "The start time for a one-hour period during which AWS OpsWorks CM backs up application-level data on your server if automated backups are enabled. Valid values must be specified in one of the following formats:\n\n- `HH:MM` for daily backups\n- `DDD:HH:MM` for weekly backups\n\n`MM` must be specified as `00` . The specified time is in coordinated universal time (UTC). The default value is a random, daily start time.\n\n*Example:* `08:00` , which represents a daily start time of 08:00 UTC.\n\n*Example:* `Mon:08:00` , which represents a start time of every Monday at 08:00 UTC. (8:00 a.m.)", + "title": "PreferredBackupWindow", + "type": "string" + }, + "PreferredMaintenanceWindow": { + "markdownDescription": "The start time for a one-hour period each week during which AWS OpsWorks CM performs maintenance on the instance. Valid values must be specified in the following format: `DDD:HH:MM` . `MM` must be specified as `00` . The specified time is in coordinated universal time (UTC). The default value is a random one-hour period on Tuesday, Wednesday, or Friday. See `TimeWindowDefinition` for more information.\n\n*Example:* `Mon:08:00` , which represents a start time of every Monday at 08:00 UTC. (8:00 a.m.)", + "title": "PreferredMaintenanceWindow", + "type": "string" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of security group IDs to attach to the Amazon EC2 instance. If you add this parameter, the specified security groups must be within the VPC that is specified by `SubnetIds` .\n\nIf you do not specify this parameter, AWS OpsWorks CM creates one new security group that uses TCP ports 22 and 443, open to 0.0.0.0/0 (everyone).", + "title": "SecurityGroupIds", + "type": "array" + }, + "ServerName": { + "markdownDescription": "The name of the server. The server name must be unique within your AWS account, within each region. Server names must start with a letter; then letters, numbers, or hyphens (-) are allowed, up to a maximum of 40 characters.", + "title": "ServerName", + "type": "string" + }, + "ServiceRoleArn": { + "markdownDescription": "The service role that the AWS OpsWorks CM service backend uses to work with your account.", + "title": "ServiceRoleArn", + "type": "string" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of subnets in which to launch the server EC2 instance.\n\nAmazon EC2-Classic customers: This field is required. All servers must run within a VPC. The VPC must have \"Auto Assign Public IP\" enabled.\n\nEC2-VPC customers: This field is optional. If you do not specify subnet IDs, your EC2 instances are created in a default subnet that is selected by Amazon EC2. If you specify subnet IDs, the VPC must have \"Auto Assign Public IP\" enabled.\n\nFor more information about supported Amazon EC2 platforms, see [Supported Platforms](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-supported-platforms.html) .", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A map that contains tag keys and tag values to attach to an AWS OpsWorks for Chef Automate or OpsWorks for Puppet Enterprise server.\n\n- The key cannot be empty.\n- The key can be a maximum of 127 characters, and can contain only Unicode letters, numbers, or separators, or the following special characters: `+ - = . _ : / @`\n- The value can be a maximum 255 characters, and contain only Unicode letters, numbers, or separators, or the following special characters: `+ - = . _ : / @`\n- Leading and trailing spaces are trimmed from both the key and value.\n- A maximum of 50 user-applied tags is allowed for any AWS OpsWorks CM server.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "InstanceProfileArn", + "InstanceType", + "ServiceRoleArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::OpsWorksCM::Server" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Configuration" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.LayoutConfiguration": { + "AWS::OpsWorksCM::Server.EngineAttribute": { "additionalProperties": false, "properties": { - "FreeFormLayout": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutConfiguration", - "markdownDescription": "A free-form is optimized for a fixed width and has more control over the exact placement of layout elements.", - "title": "FreeFormLayout" - }, - "GridLayout": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GridLayoutConfiguration", - "markdownDescription": "A type of layout that can be used on a sheet. In a grid layout, visuals snap to a grid with standard spacing and alignment. Dashboards are displayed as designed, with options to fit to screen or view at actual size. A grid layout can be configured to behave in one of two ways when the viewport is resized: `FIXED` or `RESPONSIVE` .", - "title": "GridLayout" + "Name": { + "markdownDescription": "The name of the engine attribute.\n\n*Attribute name for Chef Automate servers:*\n\n- `CHEF_AUTOMATE_ADMIN_PASSWORD`\n\n*Attribute names for Puppet Enterprise servers:*\n\n- `PUPPET_ADMIN_PASSWORD`\n- `PUPPET_R10K_REMOTE`\n- `PUPPET_R10K_PRIVATE_KEY`", + "title": "Name", + "type": "string" }, - "SectionBasedLayout": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionBasedLayoutConfiguration", - "markdownDescription": "A section based layout organizes visuals into multiple sections and has customized header, footer and page break.", - "title": "SectionBasedLayout" + "Value": { + "markdownDescription": "The value of the engine attribute.\n\n*Attribute value for Chef Automate servers:*\n\n- `CHEF_AUTOMATE_PIVOTAL_KEY` : A base64-encoded RSA public key. The corresponding private key is required to access the Chef API. You can generate this key by running the following [OpenSSL](https://docs.aws.amazon.com/https://www.openssl.org/) command on Linux-based computers.\n\n`openssl genrsa -out *pivotal_key_file_name* .pem 2048`\n\nOn Windows-based computers, you can use the PuTTYgen utility to generate a base64-encoded RSA private key. For more information, see [PuTTYgen - Key Generator for PuTTY on Windows](https://docs.aws.amazon.com/https://www.ssh.com/ssh/putty/windows/puttygen) on SSH.com.\n\n*Attribute values for Puppet Enterprise servers:*\n\n- `PUPPET_ADMIN_PASSWORD` : An administrator password that you can use to sign in to the Puppet Enterprise console webpage after the server is online. The password must use between 8 and 32 ASCII characters.\n- `PUPPET_R10K_REMOTE` : The r10k remote is the URL of your control repository (for example, ssh://git@your.git-repo.com:user/control-repo.git). Specifying an r10k remote opens TCP port 8170.\n- `PUPPET_R10K_PRIVATE_KEY` : If you are using a private Git repository, add `PUPPET_R10K_PRIVATE_KEY` to specify a PEM-encoded private SSH key.", + "title": "Value", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.LegendOptions": { + "AWS::Organizations::Account": { "additionalProperties": false, "properties": { - "Height": { - "markdownDescription": "The height of the legend. If this value is omitted, a default height is used when rendering.", - "title": "Height", + "Condition": { "type": "string" }, - "Position": { - "markdownDescription": "The positions for the legend. Choose one of the following options:\n\n- `AUTO`\n- `RIGHT`\n- `BOTTOM`\n- `LEFT`", - "title": "Position", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", - "markdownDescription": "The custom title for the legend.", - "title": "Title" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Visibility": { - "markdownDescription": "Determines whether or not the legend is visible.", - "title": "Visibility", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AccountName": { + "markdownDescription": "The account name given to the account when it was created.", + "title": "AccountName", + "type": "string" + }, + "Email": { + "markdownDescription": "The email address associated with the AWS account.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) for this parameter is a string of characters that represents a standard internet email address.", + "title": "Email", + "type": "string" + }, + "ParentIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The unique identifier (ID) of the root or organizational unit (OU) that you want to create the new account in. If you don't specify this parameter, the `ParentId` defaults to the root ID.\n\nThis parameter only accepts a string array with one string value.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) for a parent ID string requires one of the following:\n\n- *Root* - A string that begins with \"r-\" followed by from 4 to 32 lowercase letters or digits.\n- *Organizational unit (OU)* - A string that begins with \"ou-\" followed by from 4 to 32 lowercase letters or digits (the ID of the root that the OU is in). This string is followed by a second \"-\" dash and from 8 to 32 additional lowercase letters or digits.", + "title": "ParentIds", + "type": "array" + }, + "RoleName": { + "markdownDescription": "The name of an IAM role that AWS Organizations automatically preconfigures in the new member account. This role trusts the management account, allowing users in the management account to assume the role, as permitted by the management account administrator. The role has administrator permissions in the new member account.\n\nIf you don't specify this parameter, the role name defaults to `OrganizationAccountAccessRole` .\n\nFor more information about how to use this role to access the member account, see the following links:\n\n- [Creating the OrganizationAccountAccessRole in an invited member account](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_access.html#orgs_manage_accounts_create-cross-account-role) in the *AWS Organizations User Guide*\n- Steps 2 and 3 in [IAM Tutorial: Delegate access across AWS accounts using IAM roles](https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_cross-account-with-roles.html) in the *IAM User Guide*\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) that is used to validate this parameter. The pattern can include uppercase letters, lowercase letters, digits with no spaces, and any of the following characters: =,.@-", + "title": "RoleName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags that you want to attach to the newly created account. For each tag in the list, you must specify both a tag key and a value. You can set the value to an empty string, but you can't set it to `null` . For more information about tagging, see [Tagging AWS Organizations resources](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_tagging.html) in the AWS Organizations User Guide.\n\n> If any one of the tags is not valid or if you exceed the maximum allowed number of tags for an account, then the entire request fails and the account is not created.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "AccountName", + "Email" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Organizations::Account" + ], "type": "string" }, - "Width": { - "markdownDescription": "The width of the legend. If this value is omitted, a default width is used when rendering.", - "title": "Width", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.LineChartAggregatedFieldWells": { + "AWS::Organizations::Organization": { "additionalProperties": false, "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The category field wells of a line chart. Values are grouped by category fields.", - "title": "Category", - "type": "array" + "Condition": { + "type": "string" }, - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The color field wells of a line chart. Values are grouped by category fields.", - "title": "Colors", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "SmallMultiples": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The small multiples field well of a line chart.", - "title": "SmallMultiples", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "FeatureSet": { + "markdownDescription": "Specifies the feature set supported by the new organization. Each feature set supports different levels of functionality.\n\n- `ALL` In addition to all the features supported by the consolidated billing feature set, the management account gains access to advanced features that give you more control over accounts in your organization. For more information, see [All features](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html#feature-set-all) in the *AWS Organizations User Guide* .\n- `CONSOLIDATED_BILLING` All member accounts have their bills consolidated to and paid by the management account. For more information, see [Consolidated billing](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html#feature-set-cb-only) in the *AWS Organizations User Guide* .\n\n> The consolidated billing feature feature set isn't available for organizations in the AWS GovCloud (US) Region.\n\nIf you don't specify this property, the default value is `ALL` .", + "title": "FeatureSet", + "type": "string" + } }, - "markdownDescription": "The value field wells of a line chart. Values are aggregated based on categories.", - "title": "Values", - "type": "array" + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Organizations::Organization" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.LineChartConfiguration": { + "AWS::Organizations::OrganizationalUnit": { "additionalProperties": false, "properties": { - "ContributionAnalysisDefaults": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ContributionAnalysisDefault" - }, - "markdownDescription": "The default configuration of a line chart's contribution analysis.", - "title": "ContributionAnalysisDefaults", - "type": "array" - }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", - "markdownDescription": "The data label configuration of a line chart.", - "title": "DataLabels" - }, - "DefaultSeriesSettings": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartDefaultSeriesSettings", - "markdownDescription": "The options that determine the default presentation of all line series in `LineChartVisual` .", - "title": "DefaultSeriesSettings" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartFieldWells", - "markdownDescription": "The field well configuration of a line chart.", - "title": "FieldWells" - }, - "ForecastConfigurations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ForecastConfiguration" - }, - "markdownDescription": "The forecast configuration of a line chart.", - "title": "ForecastConfigurations", - "type": "array" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", - "markdownDescription": "The legend configuration of a line chart.", - "title": "Legend" - }, - "PrimaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineSeriesAxisDisplayOptions", - "markdownDescription": "The series axis configuration of a line chart.", - "title": "PrimaryYAxisDisplayOptions" - }, - "PrimaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the y-axis label.", - "title": "PrimaryYAxisLabelOptions" + "Condition": { + "type": "string" }, - "ReferenceLines": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLine" - }, - "markdownDescription": "The reference lines configuration of a line chart.", - "title": "ReferenceLines", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "SecondaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineSeriesAxisDisplayOptions", - "markdownDescription": "The series axis configuration of a line chart.", - "title": "SecondaryYAxisDisplayOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SecondaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the secondary y-axis label.", - "title": "SecondaryYAxisLabelOptions" + "Metadata": { + "type": "object" }, - "Series": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SeriesItem" + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The friendly name of this OU.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) that is used to validate this parameter is a string of any of the characters in the ASCII character range.", + "title": "Name", + "type": "string" + }, + "ParentId": { + "markdownDescription": "The unique identifier (ID) of the parent root or OU that you want to create the new OU in.\n\n> To update the `ParentId` parameter value, you must first remove all accounts attached to the organizational unit (OU). OUs can't be moved within the organization with accounts still attached. \n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) for a parent ID string requires one of the following:\n\n- *Root* - A string that begins with \"r-\" followed by from 4 to 32 lowercase letters or digits.\n- *Organizational unit (OU)* - A string that begins with \"ou-\" followed by from 4 to 32 lowercase letters or digits (the ID of the root that the OU is in). This string is followed by a second \"-\" dash and from 8 to 32 additional lowercase letters or digits.", + "title": "ParentId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags that you want to attach to the newly created OU. For each tag in the list, you must specify both a tag key and a value. You can set the value to an empty string, but you can't set it to `null` . For more information about tagging, see [Tagging AWS Organizations resources](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_tagging.html) in the AWS Organizations User Guide.\n\n> If any one of the tags is not valid or if you exceed the allowed number of tags for an OU, then the entire request fails and the OU is not created.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The series item configuration of a line chart.", - "title": "Series", - "type": "array" - }, - "SmallMultiplesOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SmallMultiplesOptions", - "markdownDescription": "The small multiples setup for the visual.", - "title": "SmallMultiplesOptions" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartSortConfiguration", - "markdownDescription": "The sort configuration of a line chart.", - "title": "SortConfiguration" - }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", - "markdownDescription": "The tooltip configuration of a line chart.", - "title": "Tooltip" + "required": [ + "Name", + "ParentId" + ], + "type": "object" }, "Type": { - "markdownDescription": "Determines the type of the line chart.", - "title": "Type", + "enum": [ + "AWS::Organizations::OrganizationalUnit" + ], "type": "string" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", - "markdownDescription": "The visual palette configuration of a line chart.", - "title": "VisualPalette" - }, - "XAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the x-axis.", - "title": "XAxisDisplayOptions" - }, - "XAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the x-axis label.", - "title": "XAxisLabelOptions" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.LineChartDefaultSeriesSettings": { + "AWS::Organizations::Policy": { "additionalProperties": false, "properties": { - "AxisBinding": { - "markdownDescription": "The axis to which you are binding all line series to.", - "title": "AxisBinding", + "Condition": { "type": "string" }, - "LineStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartLineStyleSettings", - "markdownDescription": "Line styles options for all line series in the visual.", - "title": "LineStyleSettings" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "MarkerStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartMarkerStyleSettings", - "markdownDescription": "Marker styles options for all line series in the visual.", - "title": "MarkerStyleSettings" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.LineChartFieldWells": { - "additionalProperties": false, - "properties": { - "LineChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartAggregatedFieldWells", - "markdownDescription": "The field well configuration of a line chart.", - "title": "LineChartAggregatedFieldWells" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Content": { + "markdownDescription": "The policy text content. You can specify the policy content as a JSON object or a JSON string.\n\n> When you specify the policy content as a JSON string, you can't perform drift detection on the CloudFormation stack. For this reason, we recommend specifying the policy content as a JSON object instead. \n\nThe text that you supply must adhere to the rules of the policy type you specify in the `Type` parameter. The following AWS Organizations quotas are enforced for the maximum size of a policy document:\n\n- Service control policies: 5,120 characters\n- Resource control policies: 5,120 characters\n- Declarative policies: 10,000 characters\n- Backup policies: 10,000 characters\n- Tag policies: 10,000 characters\n- Chat applications policies: 10,000 characters\n- AI services opt-out policies: 2,500 characters\n\nFor more information about Organizations service quotas, see [Quotas for AWS Organizations](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) in the *AWS Organizations User Guide* .", + "title": "Content", + "type": "object" + }, + "Description": { + "markdownDescription": "Human readable description of the policy.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "Name of the policy.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) that is used to validate this parameter is a string of any of the characters in the ASCII character range.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags that you want to attach to the newly created policy. For each tag in the list, you must specify both a tag key and a value. You can set the value to an empty string, but you can't set it to `null` . For more information about tagging, see [Tagging AWS Organizations resources](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_tagging.html) in the AWS Organizations User Guide.\n\n> If any one of the tags is not valid or if you exceed the allowed number of tags for a policy, then the entire request fails and the policy is not created.", + "title": "Tags", + "type": "array" + }, + "TargetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "List of unique identifiers (IDs) of the root, OU, or account that you want to attach the policy to. You can get the ID by calling the [ListRoots](https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListRoots.html) , [ListOrganizationalUnitsForParent](https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListOrganizationalUnitsForParent.html) , or [ListAccounts](https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListAccounts.html) operations. If you don't specify this parameter, the policy is created but not attached to any organization resource.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) for a target ID string requires one of the following:\n\n- *Root* - A string that begins with \"r-\" followed by from 4 to 32 lowercase letters or digits.\n- *Account* - A string that consists of exactly 12 digits.\n- *Organizational unit (OU)* - A string that begins with \"ou-\" followed by from 4 to 32 lowercase letters or digits (the ID of the root that the OU is in). This string is followed by a second \"-\" dash and from 8 to 32 additional lowercase letters or digits.", + "title": "TargetIds", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of policy to create.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Content", + "Name", + "Type" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Organizations::Policy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.LineChartLineStyleSettings": { + "AWS::Organizations::ResourcePolicy": { "additionalProperties": false, "properties": { - "LineInterpolation": { - "markdownDescription": "Interpolation style for line series.\n\n- `LINEAR` : Show as default, linear style.\n- `SMOOTH` : Show as a smooth curve.\n- `STEPPED` : Show steps in line.", - "title": "LineInterpolation", + "Condition": { "type": "string" }, - "LineStyle": { - "markdownDescription": "Line style for line series.\n\n- `SOLID` : Show as a solid line.\n- `DOTTED` : Show as a dotted line.\n- `DASHED` : Show as a dashed line.", - "title": "LineStyle", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "LineVisibility": { - "markdownDescription": "Configuration option that determines whether to show the line for the series.", - "title": "LineVisibility", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Content": { + "markdownDescription": "The policy text of the organization resource policy. You can specify the resource policy content as a JSON object or a JSON string.\n\n> When you specify the resource policy content as a JSON string, you can't perform drift detection on the CloudFormation stack. For this reason, we recommend specifying the resource policy content as a JSON object instead.", + "title": "Content", + "type": "object" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags that you want to attach to the newly created resource policy. For each tag in the list, you must specify both a tag key and a value. You can set the value to an empty string, but you can't set it to `null` . For more information about tagging, see [Tagging AWS Organizations resources](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_tagging.html) in the *AWS Organizations User Guide* .\n\n> If any one of the tags is not valid or if you exceed the allowed number of tags for the resource policy, then the entire request fails and the resource policy is not created.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Content" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Organizations::ResourcePolicy" + ], "type": "string" }, - "LineWidth": { - "markdownDescription": "Width that determines the line thickness.", - "title": "LineWidth", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.LineChartMarkerStyleSettings": { + "AWS::PCAConnectorAD::Connector": { "additionalProperties": false, "properties": { - "MarkerColor": { - "markdownDescription": "Color of marker in the series.", - "title": "MarkerColor", + "Condition": { "type": "string" }, - "MarkerShape": { - "markdownDescription": "Shape option for markers in the series.\n\n- `CIRCLE` : Show marker as a circle.\n- `TRIANGLE` : Show marker as a triangle.\n- `SQUARE` : Show marker as a square.\n- `DIAMOND` : Show marker as a diamond.\n- `ROUNDED_SQUARE` : Show marker as a rounded square.", - "title": "MarkerShape", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "MarkerSize": { - "markdownDescription": "Size of marker in the series.", - "title": "MarkerSize", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CertificateAuthorityArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the certificate authority being used.", + "title": "CertificateAuthorityArn", + "type": "string" + }, + "DirectoryId": { + "markdownDescription": "The identifier of the Active Directory.", + "title": "DirectoryId", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Metadata assigned to a connector consisting of a key-value pair.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "VpcInformation": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Connector.VpcInformation", + "markdownDescription": "Information of the VPC and security group(s) used with the connector.", + "title": "VpcInformation" + } + }, + "required": [ + "CertificateAuthorityArn", + "DirectoryId", + "VpcInformation" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::PCAConnectorAD::Connector" + ], "type": "string" }, - "MarkerVisibility": { - "markdownDescription": "Configuration option that determines whether to show the markers in the series.", - "title": "MarkerVisibility", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.LineChartSeriesSettings": { + "AWS::PCAConnectorAD::Connector.VpcInformation": { "additionalProperties": false, "properties": { - "LineStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartLineStyleSettings", - "markdownDescription": "Line styles options for a line series in `LineChartVisual` .", - "title": "LineStyleSettings" + "IpAddressType": { + "markdownDescription": "The VPC IP address type.", + "title": "IpAddressType", + "type": "string" }, - "MarkerStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartMarkerStyleSettings", - "markdownDescription": "Marker styles options for a line series in `LineChartVisual` .", - "title": "MarkerStyleSettings" + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The security groups used with the connector. You can use a maximum of 4 security groups with a connector.", + "title": "SecurityGroupIds", + "type": "array" } }, + "required": [ + "SecurityGroupIds" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.LineChartSortConfiguration": { + "AWS::PCAConnectorAD::DirectoryRegistration": { "additionalProperties": false, "properties": { - "CategoryItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of categories that are displayed in a line chart.", - "title": "CategoryItemsLimitConfiguration" + "Condition": { + "type": "string" }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the category fields.", - "title": "CategorySort", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ColorItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of lines that are displayed in a line chart.", - "title": "ColorItemsLimitConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SmallMultiplesLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of small multiples panels that are displayed.", - "title": "SmallMultiplesLimitConfiguration" + "Metadata": { + "type": "object" }, - "SmallMultiplesSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + "Properties": { + "additionalProperties": false, + "properties": { + "DirectoryId": { + "markdownDescription": "The identifier of the Active Directory.", + "title": "DirectoryId", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Metadata assigned to a directory registration consisting of a key-value pair.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } }, - "markdownDescription": "The sort configuration of the small multiples field.", - "title": "SmallMultiplesSort", - "type": "array" + "required": [ + "DirectoryId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::PCAConnectorAD::DirectoryRegistration" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.LineChartVisual": { + "AWS::PCAConnectorAD::ServicePrincipalName": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartConfiguration", - "markdownDescription": "The configuration of a line chart.", - "title": "ChartConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Metadata": { + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Properties": { + "additionalProperties": false, + "properties": { + "ConnectorArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that was returned when you called [CreateConnector.html](https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateConnector.html) .", + "title": "ConnectorArn", + "type": "string" + }, + "DirectoryRegistrationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that was returned when you called [CreateDirectoryRegistration](https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateDirectoryRegistration.html) .", + "title": "DirectoryRegistrationArn", + "type": "string" + } + }, + "type": "object" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "Type": { + "enum": [ + "AWS::PCAConnectorAD::ServicePrincipalName" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type" ], "type": "object" }, - "AWS::QuickSight::Dashboard.LineSeriesAxisDisplayOptions": { + "AWS::PCAConnectorAD::Template": { "additionalProperties": false, "properties": { - "AxisOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the line series axis.", - "title": "AxisOptions" + "Condition": { + "type": "string" }, - "MissingDataConfigurations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MissingDataConfiguration" - }, - "markdownDescription": "The configuration options that determine how missing data is treated during the rendering of a line chart.", - "title": "MissingDataConfigurations", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.LinkSharingConfiguration": { - "additionalProperties": false, - "properties": { - "Permissions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ResourcePermission" - }, - "markdownDescription": "A structure that contains the permissions of a shareable link.", - "title": "Permissions", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.ListControlDisplayOptions": { - "additionalProperties": false, - "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "SearchOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ListControlSearchOptions", - "markdownDescription": "The configuration of the search options in a list control.", - "title": "SearchOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SelectAllOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ListControlSelectAllOptions", - "markdownDescription": "The configuration of the `Select all` options in a list control.", - "title": "SelectAllOptions" + "Metadata": { + "type": "object" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.ListControlSearchOptions": { - "additionalProperties": false, - "properties": { - "Visibility": { - "markdownDescription": "The visibility configuration of the search options in a list control.", - "title": "Visibility", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.ListControlSelectAllOptions": { - "additionalProperties": false, - "properties": { - "Visibility": { - "markdownDescription": "The visibility configuration of the `Select all` options in a list control.", - "title": "Visibility", + "Properties": { + "additionalProperties": false, + "properties": { + "ConnectorArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that was returned when you called [CreateConnector](https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateConnector.html) .", + "title": "ConnectorArn", + "type": "string" + }, + "Definition": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.TemplateDefinition", + "markdownDescription": "Template configuration to define the information included in certificates. Define certificate validity and renewal periods, certificate request handling and enrollment options, key usage extensions, application policies, and cryptography settings.", + "title": "Definition" + }, + "Name": { + "markdownDescription": "Name of the templates. Template names must be unique.", + "title": "Name", + "type": "string" + }, + "ReenrollAllCertificateHolders": { + "markdownDescription": "This setting allows the major version of a template to be increased automatically. All members of Active Directory groups that are allowed to enroll with a template will receive a new certificate issued using that template.", + "title": "ReenrollAllCertificateHolders", + "type": "boolean" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Metadata assigned to a template consisting of a key-value pair.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "ConnectorArn", + "Definition", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::PCAConnectorAD::Template" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.LoadingAnimation": { - "additionalProperties": false, - "properties": { - "Visibility": { - "markdownDescription": "The visibility configuration of `LoadingAnimation` .", - "title": "Visibility", + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.LocalNavigationConfiguration": { + "AWS::PCAConnectorAD::Template.ApplicationPolicies": { "additionalProperties": false, "properties": { - "TargetSheetId": { - "markdownDescription": "The sheet that is targeted for navigation in the same analysis.", - "title": "TargetSheetId", - "type": "string" + "Critical": { + "markdownDescription": "Marks the application policy extension as critical.", + "title": "Critical", + "type": "boolean" + }, + "Policies": { + "items": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ApplicationPolicy" + }, + "markdownDescription": "Application policies describe what the certificate can be used for.", + "title": "Policies", + "type": "array" } }, "required": [ - "TargetSheetId" + "Policies" ], "type": "object" }, - "AWS::QuickSight::Dashboard.LongFormatText": { + "AWS::PCAConnectorAD::Template.ApplicationPolicy": { "additionalProperties": false, "properties": { - "PlainText": { - "markdownDescription": "Plain text format.", - "title": "PlainText", + "PolicyObjectIdentifier": { + "markdownDescription": "The object identifier (OID) of an application policy.", + "title": "PolicyObjectIdentifier", "type": "string" }, - "RichText": { - "markdownDescription": "Rich text. Examples of rich text include bold, underline, and italics.", - "title": "RichText", + "PolicyType": { + "markdownDescription": "The type of application policy", + "title": "PolicyType", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.MappedDataSetParameter": { + "AWS::PCAConnectorAD::Template.CertificateValidity": { "additionalProperties": false, "properties": { - "DataSetIdentifier": { - "markdownDescription": "A unique name that identifies a dataset within the analysis or dashboard.", - "title": "DataSetIdentifier", - "type": "string" + "RenewalPeriod": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ValidityPeriod", + "markdownDescription": "Renewal period is the period of time before certificate expiration when a new certificate will be requested.", + "title": "RenewalPeriod" }, - "DataSetParameterName": { - "markdownDescription": "The name of the dataset parameter.", - "title": "DataSetParameterName", - "type": "string" + "ValidityPeriod": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ValidityPeriod", + "markdownDescription": "Information describing the end of the validity period of the certificate. This parameter sets the \u201cNot After\u201d date for the certificate. Certificate validity is the period of time during which a certificate is valid. Validity can be expressed as an explicit date and time when the certificate expires, or as a span of time after issuance, stated in days, months, or years. For more information, see Validity in RFC 5280. This value is unaffected when ValidityNotBefore is also specified. For example, if Validity is set to 20 days in the future, the certificate will expire 20 days from issuance time regardless of the ValidityNotBefore value.", + "title": "ValidityPeriod" } }, "required": [ - "DataSetIdentifier", - "DataSetParameterName" + "RenewalPeriod", + "ValidityPeriod" ], "type": "object" }, - "AWS::QuickSight::Dashboard.MaximumLabelType": { - "additionalProperties": false, - "properties": { - "Visibility": { - "markdownDescription": "The visibility of the maximum label.", - "title": "Visibility", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.MaximumMinimumComputation": { + "AWS::PCAConnectorAD::Template.EnrollmentFlagsV2": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" + "EnableKeyReuseOnNtTokenKeysetStorageFull": { + "markdownDescription": "Allow renewal using the same key.", + "title": "EnableKeyReuseOnNtTokenKeysetStorageFull", + "type": "boolean" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", - "type": "string" + "IncludeSymmetricAlgorithms": { + "markdownDescription": "Include symmetric algorithms allowed by the subject.", + "title": "IncludeSymmetricAlgorithms", + "type": "boolean" }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" + "NoSecurityExtension": { + "markdownDescription": "This flag instructs the CA to not include the security extension szOID_NTDS_CA_SECURITY_EXT (OID:1.3.6.1.4.1.311.25.2), as specified in [MS-WCCE] sections 2.2.2.7.7.4 and 3.2.2.6.2.1.4.5.9, in the issued certificate. This addresses a Windows Kerberos elevation-of-privilege vulnerability.", + "title": "NoSecurityExtension", + "type": "boolean" }, - "Type": { - "markdownDescription": "The type of computation. Choose one of the following options:\n\n- MAXIMUM: A maximum computation.\n- MINIMUM: A minimum computation.", - "title": "Type", - "type": "string" + "RemoveInvalidCertificateFromPersonalStore": { + "markdownDescription": "Delete expired or revoked certificates instead of archiving them.", + "title": "RemoveInvalidCertificateFromPersonalStore", + "type": "boolean" }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "UserInteractionRequired": { + "markdownDescription": "Require user interaction when the subject is enrolled and the private key associated with the certificate is used.", + "title": "UserInteractionRequired", + "type": "boolean" } }, - "required": [ - "ComputationId", - "Type" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.MeasureField": { + "AWS::PCAConnectorAD::Template.EnrollmentFlagsV3": { "additionalProperties": false, "properties": { - "CalculatedMeasureField": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CalculatedMeasureField", - "markdownDescription": "The calculated measure field only used in pivot tables.", - "title": "CalculatedMeasureField" + "EnableKeyReuseOnNtTokenKeysetStorageFull": { + "markdownDescription": "Allow renewal using the same key.", + "title": "EnableKeyReuseOnNtTokenKeysetStorageFull", + "type": "boolean" }, - "CategoricalMeasureField": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CategoricalMeasureField", - "markdownDescription": "The measure type field with categorical type columns.", - "title": "CategoricalMeasureField" + "IncludeSymmetricAlgorithms": { + "markdownDescription": "Include symmetric algorithms allowed by the subject.", + "title": "IncludeSymmetricAlgorithms", + "type": "boolean" }, - "DateMeasureField": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateMeasureField", - "markdownDescription": "The measure type field with date type columns.", - "title": "DateMeasureField" + "NoSecurityExtension": { + "markdownDescription": "This flag instructs the CA to not include the security extension szOID_NTDS_CA_SECURITY_EXT (OID:1.3.6.1.4.1.311.25.2), as specified in [MS-WCCE] sections 2.2.2.7.7.4 and 3.2.2.6.2.1.4.5.9, in the issued certificate. This addresses a Windows Kerberos elevation-of-privilege vulnerability.", + "title": "NoSecurityExtension", + "type": "boolean" }, - "NumericalMeasureField": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericalMeasureField", - "markdownDescription": "The measure type field with numerical type columns.", - "title": "NumericalMeasureField" + "RemoveInvalidCertificateFromPersonalStore": { + "markdownDescription": "Delete expired or revoked certificates instead of archiving them.", + "title": "RemoveInvalidCertificateFromPersonalStore", + "type": "boolean" + }, + "UserInteractionRequired": { + "markdownDescription": "Require user interaction when the subject is enrolled and the private key associated with the certificate is used.", + "title": "UserInteractionRequired", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.MetricComparisonComputation": { + "AWS::PCAConnectorAD::Template.EnrollmentFlagsV4": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" + "EnableKeyReuseOnNtTokenKeysetStorageFull": { + "markdownDescription": "Allow renewal using the same key.", + "title": "EnableKeyReuseOnNtTokenKeysetStorageFull", + "type": "boolean" }, - "FromValue": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", - "markdownDescription": "The field that is used in a metric comparison from value setup.", - "title": "FromValue" + "IncludeSymmetricAlgorithms": { + "markdownDescription": "Include symmetric algorithms allowed by the subject.", + "title": "IncludeSymmetricAlgorithms", + "type": "boolean" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", - "type": "string" + "NoSecurityExtension": { + "markdownDescription": "This flag instructs the CA to not include the security extension szOID_NTDS_CA_SECURITY_EXT (OID:1.3.6.1.4.1.311.25.2), as specified in [MS-WCCE] sections 2.2.2.7.7.4 and 3.2.2.6.2.1.4.5.9, in the issued certificate. This addresses a Windows Kerberos elevation-of-privilege vulnerability.", + "title": "NoSecurityExtension", + "type": "boolean" }, - "TargetValue": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", - "markdownDescription": "The field that is used in a metric comparison to value setup.", - "title": "TargetValue" + "RemoveInvalidCertificateFromPersonalStore": { + "markdownDescription": "Delete expired or revoked certificates instead of archiving them.", + "title": "RemoveInvalidCertificateFromPersonalStore", + "type": "boolean" }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" - } - }, - "required": [ - "ComputationId" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.MinimumLabelType": { - "additionalProperties": false, - "properties": { - "Visibility": { - "markdownDescription": "The visibility of the minimum label.", - "title": "Visibility", - "type": "string" + "UserInteractionRequired": { + "markdownDescription": "Require user interaction when the subject is enrolled and the private key associated with the certificate is used.", + "title": "UserInteractionRequired", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.MissingDataConfiguration": { + "AWS::PCAConnectorAD::Template.ExtensionsV2": { "additionalProperties": false, "properties": { - "TreatmentOption": { - "markdownDescription": "The treatment option that determines how missing data should be rendered. Choose from the following options:\n\n- `INTERPOLATE` : Interpolate missing values between the prior and the next known value.\n- `SHOW_AS_ZERO` : Show missing values as the value `0` .\n- `SHOW_AS_BLANK` : Display a blank space when rendering missing data.", - "title": "TreatmentOption", - "type": "string" + "ApplicationPolicies": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ApplicationPolicies", + "markdownDescription": "Application policies specify what the certificate is used for and its purpose.", + "title": "ApplicationPolicies" + }, + "KeyUsage": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsage", + "markdownDescription": "The key usage extension defines the purpose (e.g., encipherment, signature, certificate signing) of the key contained in the certificate.", + "title": "KeyUsage" } }, + "required": [ + "KeyUsage" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.NegativeValueConfiguration": { + "AWS::PCAConnectorAD::Template.ExtensionsV3": { "additionalProperties": false, "properties": { - "DisplayMode": { - "markdownDescription": "Determines the display mode of the negative value configuration.", - "title": "DisplayMode", - "type": "string" + "ApplicationPolicies": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ApplicationPolicies", + "markdownDescription": "Application policies specify what the certificate is used for and its purpose.", + "title": "ApplicationPolicies" + }, + "KeyUsage": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsage", + "markdownDescription": "The key usage extension defines the purpose (e.g., encipherment, signature, certificate signing) of the key contained in the certificate.", + "title": "KeyUsage" } }, "required": [ - "DisplayMode" + "KeyUsage" ], "type": "object" }, - "AWS::QuickSight::Dashboard.NullValueFormatConfiguration": { + "AWS::PCAConnectorAD::Template.ExtensionsV4": { "additionalProperties": false, "properties": { - "NullString": { - "markdownDescription": "Determines the null string of null values.", - "title": "NullString", - "type": "string" + "ApplicationPolicies": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ApplicationPolicies", + "markdownDescription": "Application policies specify what the certificate is used for and its purpose.", + "title": "ApplicationPolicies" + }, + "KeyUsage": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsage", + "markdownDescription": "The key usage extension defines the purpose (e.g., encipherment, signature) of the key contained in the certificate.", + "title": "KeyUsage" } }, "required": [ - "NullString" + "KeyUsage" ], "type": "object" }, - "AWS::QuickSight::Dashboard.NumberDisplayFormatConfiguration": { + "AWS::PCAConnectorAD::Template.GeneralFlagsV2": { "additionalProperties": false, "properties": { - "DecimalPlacesConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalPlacesConfiguration", - "markdownDescription": "The option that determines the decimal places configuration.", - "title": "DecimalPlacesConfiguration" - }, - "NegativeValueConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NegativeValueConfiguration", - "markdownDescription": "The options that determine the negative value configuration.", - "title": "NegativeValueConfiguration" - }, - "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NullValueFormatConfiguration", - "markdownDescription": "The options that determine the null value format configuration.", - "title": "NullValueFormatConfiguration" - }, - "NumberScale": { - "markdownDescription": "Determines the number scale value of the number format.", - "title": "NumberScale", - "type": "string" - }, - "Prefix": { - "markdownDescription": "Determines the prefix value of the number format.", - "title": "Prefix", - "type": "string" - }, - "SeparatorConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericSeparatorConfiguration", - "markdownDescription": "The options that determine the numeric separator configuration.", - "title": "SeparatorConfiguration" + "AutoEnrollment": { + "markdownDescription": "Allows certificate issuance using autoenrollment. Set to TRUE to allow autoenrollment.", + "title": "AutoEnrollment", + "type": "boolean" }, - "Suffix": { - "markdownDescription": "Determines the suffix value of the number format.", - "title": "Suffix", - "type": "string" + "MachineType": { + "markdownDescription": "Defines if the template is for machines or users. Set to TRUE if the template is for machines. Set to FALSE if the template is for users.", + "title": "MachineType", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.NumberFormatConfiguration": { + "AWS::PCAConnectorAD::Template.GeneralFlagsV3": { "additionalProperties": false, "properties": { - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericFormatConfiguration", - "markdownDescription": "The options that determine the numeric format configuration.", - "title": "FormatConfiguration" + "AutoEnrollment": { + "markdownDescription": "Allows certificate issuance using autoenrollment. Set to TRUE to allow autoenrollment.", + "title": "AutoEnrollment", + "type": "boolean" + }, + "MachineType": { + "markdownDescription": "Defines if the template is for machines or users. Set to TRUE if the template is for machines. Set to FALSE if the template is for users", + "title": "MachineType", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.NumericAxisOptions": { + "AWS::PCAConnectorAD::Template.GeneralFlagsV4": { "additionalProperties": false, "properties": { - "Range": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayRange", - "markdownDescription": "The range setup of a numeric axis.", - "title": "Range" + "AutoEnrollment": { + "markdownDescription": "Allows certificate issuance using autoenrollment. Set to TRUE to allow autoenrollment.", + "title": "AutoEnrollment", + "type": "boolean" }, - "Scale": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisScale", - "markdownDescription": "The scale setup of a numeric axis.", - "title": "Scale" + "MachineType": { + "markdownDescription": "Defines if the template is for machines or users. Set to TRUE if the template is for machines. Set to FALSE if the template is for users", + "title": "MachineType", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.NumericEqualityDrillDownFilter": { + "AWS::PCAConnectorAD::Template.KeyUsage": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" + "Critical": { + "markdownDescription": "Sets the key usage extension to critical.", + "title": "Critical", + "type": "boolean" }, - "Value": { - "markdownDescription": "The value of the double input numeric drill down filter.", - "title": "Value", - "type": "number" + "UsageFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsageFlags", + "markdownDescription": "The key usage flags represent the purpose (e.g., encipherment, signature) of the key contained in the certificate.", + "title": "UsageFlags" } }, "required": [ - "Column", - "Value" + "UsageFlags" ], "type": "object" }, - "AWS::QuickSight::Dashboard.NumericEqualityFilter": { + "AWS::PCAConnectorAD::Template.KeyUsageFlags": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationFunction", - "markdownDescription": "The aggregation function of the filter.", - "title": "AggregationFunction" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" - }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", - "type": "string" - }, - "MatchOperator": { - "markdownDescription": "The match operator that is used to determine if a filter should be applied.", - "title": "MatchOperator", - "type": "string" + "DataEncipherment": { + "markdownDescription": "DataEncipherment is asserted when the subject public key is used for directly enciphering raw user data without the use of an intermediate symmetric cipher.", + "title": "DataEncipherment", + "type": "boolean" }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", - "type": "string" + "DigitalSignature": { + "markdownDescription": "The digitalSignature is asserted when the subject public key is used for verifying digital signatures.", + "title": "DigitalSignature", + "type": "boolean" }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.", - "title": "ParameterName", - "type": "string" + "KeyAgreement": { + "markdownDescription": "KeyAgreement is asserted when the subject public key is used for key agreement.", + "title": "KeyAgreement", + "type": "boolean" }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", - "type": "string" + "KeyEncipherment": { + "markdownDescription": "KeyEncipherment is asserted when the subject public key is used for enciphering private or secret keys, i.e., for key transport.", + "title": "KeyEncipherment", + "type": "boolean" }, - "Value": { - "markdownDescription": "The input value.", - "title": "Value", - "type": "number" + "NonRepudiation": { + "markdownDescription": "NonRepudiation is asserted when the subject public key is used to verify digital signatures.", + "title": "NonRepudiation", + "type": "boolean" } }, - "required": [ - "Column", - "FilterId", - "MatchOperator", - "NullOption" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.NumericFormatConfiguration": { + "AWS::PCAConnectorAD::Template.KeyUsageProperty": { "additionalProperties": false, "properties": { - "CurrencyDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CurrencyDisplayFormatConfiguration", - "markdownDescription": "The options that determine the currency display format configuration.", - "title": "CurrencyDisplayFormatConfiguration" - }, - "NumberDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumberDisplayFormatConfiguration", - "markdownDescription": "The options that determine the number display format configuration.", - "title": "NumberDisplayFormatConfiguration" + "PropertyFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsagePropertyFlags", + "markdownDescription": "You can specify key usage for encryption, key agreement, and signature. You can use property flags or property type but not both.", + "title": "PropertyFlags" }, - "PercentageDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PercentageDisplayFormatConfiguration", - "markdownDescription": "The options that determine the percentage display format configuration.", - "title": "PercentageDisplayFormatConfiguration" + "PropertyType": { + "markdownDescription": "You can specify all key usages using property type ALL. You can use property type or property flags but not both.", + "title": "PropertyType", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.NumericRangeFilter": { + "AWS::PCAConnectorAD::Template.KeyUsagePropertyFlags": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationFunction", - "markdownDescription": "The aggregation function of the filter.", - "title": "AggregationFunction" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" - }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", - "type": "string" - }, - "IncludeMaximum": { - "markdownDescription": "Determines whether the maximum value in the filter value range should be included in the filtered results.", - "title": "IncludeMaximum", + "Decrypt": { + "markdownDescription": "Allows key for encryption and decryption.", + "title": "Decrypt", "type": "boolean" }, - "IncludeMinimum": { - "markdownDescription": "Determines whether the minimum value in the filter value range should be included in the filtered results.", - "title": "IncludeMinimum", + "KeyAgreement": { + "markdownDescription": "Allows key exchange without encryption.", + "title": "KeyAgreement", "type": "boolean" }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", - "type": "string" - }, - "RangeMaximum": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericRangeFilterValue", - "markdownDescription": "The maximum value for the filter value range.", - "title": "RangeMaximum" - }, - "RangeMinimum": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericRangeFilterValue", - "markdownDescription": "The minimum value for the filter value range.", - "title": "RangeMinimum" - }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", - "type": "string" + "Sign": { + "markdownDescription": "Allow key use for digital signature.", + "title": "Sign", + "type": "boolean" } }, - "required": [ - "Column", - "FilterId", - "NullOption" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.NumericRangeFilterValue": { + "AWS::PCAConnectorAD::Template.PrivateKeyAttributesV2": { "additionalProperties": false, "properties": { - "Parameter": { - "markdownDescription": "The parameter that is used in the numeric range.", - "title": "Parameter", + "CryptoProviders": { + "items": { + "type": "string" + }, + "markdownDescription": "Defines the cryptographic providers used to generate the private key.", + "title": "CryptoProviders", + "type": "array" + }, + "KeySpec": { + "markdownDescription": "Defines the purpose of the private key. Set it to \"KEY_EXCHANGE\" or \"SIGNATURE\" value.", + "title": "KeySpec", "type": "string" }, - "StaticValue": { - "markdownDescription": "The static value of the numeric range filter.", - "title": "StaticValue", + "MinimalKeyLength": { + "markdownDescription": "Set the minimum key length of the private key.", + "title": "MinimalKeyLength", "type": "number" } }, + "required": [ + "KeySpec", + "MinimalKeyLength" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.NumericSeparatorConfiguration": { + "AWS::PCAConnectorAD::Template.PrivateKeyAttributesV3": { "additionalProperties": false, "properties": { - "DecimalSeparator": { - "markdownDescription": "Determines the decimal separator.", - "title": "DecimalSeparator", + "Algorithm": { + "markdownDescription": "Defines the algorithm used to generate the private key.", + "title": "Algorithm", "type": "string" }, - "ThousandsSeparator": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ThousandSeparatorOptions", - "markdownDescription": "The options that determine the thousands separator configuration.", - "title": "ThousandsSeparator" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.NumericalAggregationFunction": { - "additionalProperties": false, - "properties": { - "PercentileAggregation": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PercentileAggregation", - "markdownDescription": "An aggregation based on the percentile of values in a dimension or measure.", - "title": "PercentileAggregation" + "CryptoProviders": { + "items": { + "type": "string" + }, + "markdownDescription": "Defines the cryptographic providers used to generate the private key.", + "title": "CryptoProviders", + "type": "array" }, - "SimpleNumericalAggregation": { - "markdownDescription": "Built-in aggregation functions for numerical values.\n\n- `SUM` : The sum of a dimension or measure.\n- `AVERAGE` : The average of a dimension or measure.\n- `MIN` : The minimum value of a dimension or measure.\n- `MAX` : The maximum value of a dimension or measure.\n- `COUNT` : The count of a dimension or measure.\n- `DISTINCT_COUNT` : The count of distinct values in a dimension or measure.\n- `VAR` : The variance of a dimension or measure.\n- `VARP` : The partitioned variance of a dimension or measure.\n- `STDEV` : The standard deviation of a dimension or measure.\n- `STDEVP` : The partitioned standard deviation of a dimension or measure.\n- `MEDIAN` : The median value of a dimension or measure.", - "title": "SimpleNumericalAggregation", + "KeySpec": { + "markdownDescription": "Defines the purpose of the private key. Set it to \"KEY_EXCHANGE\" or \"SIGNATURE\" value.", + "title": "KeySpec", "type": "string" + }, + "KeyUsageProperty": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsageProperty", + "markdownDescription": "The key usage property defines the purpose of the private key contained in the certificate. You can specify specific purposes using property flags or all by using property type ALL.", + "title": "KeyUsageProperty" + }, + "MinimalKeyLength": { + "markdownDescription": "Set the minimum key length of the private key.", + "title": "MinimalKeyLength", + "type": "number" } }, + "required": [ + "Algorithm", + "KeySpec", + "KeyUsageProperty", + "MinimalKeyLength" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.NumericalDimensionField": { + "AWS::PCAConnectorAD::Template.PrivateKeyAttributesV4": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that is used in the `NumericalDimensionField` .", - "title": "Column" - }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "Algorithm": { + "markdownDescription": "Defines the algorithm used to generate the private key.", + "title": "Algorithm", "type": "string" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumberFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" + "CryptoProviders": { + "items": { + "type": "string" + }, + "markdownDescription": "Defines the cryptographic providers used to generate the private key.", + "title": "CryptoProviders", + "type": "array" }, - "HierarchyId": { - "markdownDescription": "The custom hierarchy ID.", - "title": "HierarchyId", + "KeySpec": { + "markdownDescription": "Defines the purpose of the private key. Set it to \"KEY_EXCHANGE\" or \"SIGNATURE\" value.", + "title": "KeySpec", "type": "string" + }, + "KeyUsageProperty": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsageProperty", + "markdownDescription": "The key usage property defines the purpose of the private key contained in the certificate. You can specify specific purposes using property flags or all by using property type ALL.", + "title": "KeyUsageProperty" + }, + "MinimalKeyLength": { + "markdownDescription": "Set the minimum key length of the private key.", + "title": "MinimalKeyLength", + "type": "number" } }, "required": [ - "Column", - "FieldId" + "KeySpec", + "MinimalKeyLength" ], "type": "object" }, - "AWS::QuickSight::Dashboard.NumericalMeasureField": { + "AWS::PCAConnectorAD::Template.PrivateKeyFlagsV2": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericalAggregationFunction", - "markdownDescription": "The aggregation function of the measure field.", - "title": "AggregationFunction" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that is used in the `NumericalMeasureField` .", - "title": "Column" - }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "ClientVersion": { + "markdownDescription": "Defines the minimum client compatibility.", + "title": "ClientVersion", "type": "string" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumberFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" + "ExportableKey": { + "markdownDescription": "Allows the private key to be exported.", + "title": "ExportableKey", + "type": "boolean" + }, + "StrongKeyProtectionRequired": { + "markdownDescription": "Require user input when using the private key for enrollment.", + "title": "StrongKeyProtectionRequired", + "type": "boolean" } }, "required": [ - "Column", - "FieldId" + "ClientVersion" ], "type": "object" }, - "AWS::QuickSight::Dashboard.PaginationConfiguration": { + "AWS::PCAConnectorAD::Template.PrivateKeyFlagsV3": { "additionalProperties": false, "properties": { - "PageNumber": { - "markdownDescription": "Indicates the page number.", - "title": "PageNumber", - "type": "number" + "ClientVersion": { + "markdownDescription": "Defines the minimum client compatibility.", + "title": "ClientVersion", + "type": "string" }, - "PageSize": { - "markdownDescription": "Indicates how many items render in one page.", - "title": "PageSize", - "type": "number" + "ExportableKey": { + "markdownDescription": "Allows the private key to be exported.", + "title": "ExportableKey", + "type": "boolean" + }, + "RequireAlternateSignatureAlgorithm": { + "markdownDescription": "Reguires the PKCS #1 v2.1 signature format for certificates. You should verify that your CA, objects, and applications can accept this signature format.", + "title": "RequireAlternateSignatureAlgorithm", + "type": "boolean" + }, + "StrongKeyProtectionRequired": { + "markdownDescription": "Requirer user input when using the private key for enrollment.", + "title": "StrongKeyProtectionRequired", + "type": "boolean" } }, "required": [ - "PageNumber", - "PageSize" + "ClientVersion" ], "type": "object" }, - "AWS::QuickSight::Dashboard.PanelConfiguration": { + "AWS::PCAConnectorAD::Template.PrivateKeyFlagsV4": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "markdownDescription": "Sets the background color for each panel.", - "title": "BackgroundColor", + "ClientVersion": { + "markdownDescription": "Defines the minimum client compatibility.", + "title": "ClientVersion", "type": "string" }, - "BackgroundVisibility": { - "markdownDescription": "Determines whether or not a background for each small multiples panel is rendered.", - "title": "BackgroundVisibility", - "type": "string" - }, - "BorderColor": { - "markdownDescription": "Sets the line color of panel borders.", - "title": "BorderColor", - "type": "string" - }, - "BorderStyle": { - "markdownDescription": "Sets the line style of panel borders.", - "title": "BorderStyle", - "type": "string" - }, - "BorderThickness": { - "markdownDescription": "Sets the line thickness of panel borders.", - "title": "BorderThickness", - "type": "string" + "ExportableKey": { + "markdownDescription": "Allows the private key to be exported.", + "title": "ExportableKey", + "type": "boolean" }, - "BorderVisibility": { - "markdownDescription": "Determines whether or not each panel displays a border.", - "title": "BorderVisibility", - "type": "string" + "RequireAlternateSignatureAlgorithm": { + "markdownDescription": "Requires the PKCS #1 v2.1 signature format for certificates. You should verify that your CA, objects, and applications can accept this signature format.", + "title": "RequireAlternateSignatureAlgorithm", + "type": "boolean" }, - "GutterSpacing": { - "markdownDescription": "Sets the total amount of negative space to display between sibling panels.", - "title": "GutterSpacing", - "type": "string" + "RequireSameKeyRenewal": { + "markdownDescription": "Renew certificate using the same private key.", + "title": "RequireSameKeyRenewal", + "type": "boolean" }, - "GutterVisibility": { - "markdownDescription": "Determines whether or not negative space between sibling panels is rendered.", - "title": "GutterVisibility", - "type": "string" + "StrongKeyProtectionRequired": { + "markdownDescription": "Require user input when using the private key for enrollment.", + "title": "StrongKeyProtectionRequired", + "type": "boolean" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PanelTitleOptions", - "markdownDescription": "Configures the title display within each small multiples panel.", - "title": "Title" + "UseLegacyProvider": { + "markdownDescription": "Specifies the cryptographic service provider category used to generate private keys. Set to TRUE to use Legacy Cryptographic Service Providers and FALSE to use Key Storage Providers.", + "title": "UseLegacyProvider", + "type": "boolean" } }, + "required": [ + "ClientVersion" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.PanelTitleOptions": { + "AWS::PCAConnectorAD::Template.SubjectNameFlagsV2": { "additionalProperties": false, "properties": { - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", - "markdownDescription": "", - "title": "FontConfiguration" + "RequireCommonName": { + "markdownDescription": "Include the common name in the subject name.", + "title": "RequireCommonName", + "type": "boolean" }, - "HorizontalTextAlignment": { - "markdownDescription": "Sets the horizontal text alignment of the title within each panel.", - "title": "HorizontalTextAlignment", - "type": "string" + "RequireDirectoryPath": { + "markdownDescription": "Include the directory path in the subject name.", + "title": "RequireDirectoryPath", + "type": "boolean" }, - "Visibility": { - "markdownDescription": "Determines whether or not panel titles are displayed.", - "title": "Visibility", - "type": "string" + "RequireDnsAsCn": { + "markdownDescription": "Include the DNS as common name in the subject name.", + "title": "RequireDnsAsCn", + "type": "boolean" + }, + "RequireEmail": { + "markdownDescription": "Include the subject's email in the subject name.", + "title": "RequireEmail", + "type": "boolean" + }, + "SanRequireDirectoryGuid": { + "markdownDescription": "Include the globally unique identifier (GUID) in the subject alternate name.", + "title": "SanRequireDirectoryGuid", + "type": "boolean" + }, + "SanRequireDns": { + "markdownDescription": "Include the DNS in the subject alternate name.", + "title": "SanRequireDns", + "type": "boolean" + }, + "SanRequireDomainDns": { + "markdownDescription": "Include the domain DNS in the subject alternate name.", + "title": "SanRequireDomainDns", + "type": "boolean" + }, + "SanRequireEmail": { + "markdownDescription": "Include the subject's email in the subject alternate name.", + "title": "SanRequireEmail", + "type": "boolean" + }, + "SanRequireSpn": { + "markdownDescription": "Include the service principal name (SPN) in the subject alternate name.", + "title": "SanRequireSpn", + "type": "boolean" + }, + "SanRequireUpn": { + "markdownDescription": "Include the user principal name (UPN) in the subject alternate name.", + "title": "SanRequireUpn", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ParameterControl": { + "AWS::PCAConnectorAD::Template.SubjectNameFlagsV3": { "additionalProperties": false, "properties": { - "DateTimePicker": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterDateTimePickerControl", - "markdownDescription": "A control from a date parameter that specifies date and time.", - "title": "DateTimePicker" + "RequireCommonName": { + "markdownDescription": "Include the common name in the subject name.", + "title": "RequireCommonName", + "type": "boolean" }, - "Dropdown": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterDropDownControl", - "markdownDescription": "A control to display a dropdown list with buttons that are used to select a single value.", - "title": "Dropdown" + "RequireDirectoryPath": { + "markdownDescription": "Include the directory path in the subject name.", + "title": "RequireDirectoryPath", + "type": "boolean" }, - "List": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterListControl", - "markdownDescription": "A control to display a list with buttons or boxes that are used to select either a single value or multiple values.", - "title": "List" + "RequireDnsAsCn": { + "markdownDescription": "Include the DNS as common name in the subject name.", + "title": "RequireDnsAsCn", + "type": "boolean" }, - "Slider": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterSliderControl", - "markdownDescription": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle.", - "title": "Slider" + "RequireEmail": { + "markdownDescription": "Include the subject's email in the subject name.", + "title": "RequireEmail", + "type": "boolean" }, - "TextArea": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterTextAreaControl", - "markdownDescription": "A control to display a text box that is used to enter multiple entries.", - "title": "TextArea" + "SanRequireDirectoryGuid": { + "markdownDescription": "Include the globally unique identifier (GUID) in the subject alternate name.", + "title": "SanRequireDirectoryGuid", + "type": "boolean" }, - "TextField": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterTextFieldControl", - "markdownDescription": "A control to display a text box that is used to enter a single entry.", - "title": "TextField" + "SanRequireDns": { + "markdownDescription": "Include the DNS in the subject alternate name.", + "title": "SanRequireDns", + "type": "boolean" + }, + "SanRequireDomainDns": { + "markdownDescription": "Include the domain DNS in the subject alternate name.", + "title": "SanRequireDomainDns", + "type": "boolean" + }, + "SanRequireEmail": { + "markdownDescription": "Include the subject's email in the subject alternate name.", + "title": "SanRequireEmail", + "type": "boolean" + }, + "SanRequireSpn": { + "markdownDescription": "Include the service principal name (SPN) in the subject alternate name.", + "title": "SanRequireSpn", + "type": "boolean" + }, + "SanRequireUpn": { + "markdownDescription": "Include the user principal name (UPN) in the subject alternate name.", + "title": "SanRequireUpn", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ParameterDateTimePickerControl": { + "AWS::PCAConnectorAD::Template.SubjectNameFlagsV4": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimePickerControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "RequireCommonName": { + "markdownDescription": "Include the common name in the subject name.", + "title": "RequireCommonName", + "type": "boolean" }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterDateTimePickerControl` .", - "title": "ParameterControlId", - "type": "string" + "RequireDirectoryPath": { + "markdownDescription": "Include the directory path in the subject name.", + "title": "RequireDirectoryPath", + "type": "boolean" }, - "SourceParameterName": { - "markdownDescription": "The name of the `ParameterDateTimePickerControl` .", - "title": "SourceParameterName", - "type": "string" + "RequireDnsAsCn": { + "markdownDescription": "Include the DNS as common name in the subject name.", + "title": "RequireDnsAsCn", + "type": "boolean" }, - "Title": { - "markdownDescription": "The title of the `ParameterDateTimePickerControl` .", - "title": "Title", - "type": "string" + "RequireEmail": { + "markdownDescription": "Include the subject's email in the subject name.", + "title": "RequireEmail", + "type": "boolean" + }, + "SanRequireDirectoryGuid": { + "markdownDescription": "Include the globally unique identifier (GUID) in the subject alternate name.", + "title": "SanRequireDirectoryGuid", + "type": "boolean" + }, + "SanRequireDns": { + "markdownDescription": "Include the DNS in the subject alternate name.", + "title": "SanRequireDns", + "type": "boolean" + }, + "SanRequireDomainDns": { + "markdownDescription": "Include the domain DNS in the subject alternate name.", + "title": "SanRequireDomainDns", + "type": "boolean" + }, + "SanRequireEmail": { + "markdownDescription": "Include the subject's email in the subject alternate name.", + "title": "SanRequireEmail", + "type": "boolean" + }, + "SanRequireSpn": { + "markdownDescription": "Include the service principal name (SPN) in the subject alternate name.", + "title": "SanRequireSpn", + "type": "boolean" + }, + "SanRequireUpn": { + "markdownDescription": "Include the user principal name (UPN) in the subject alternate name.", + "title": "SanRequireUpn", + "type": "boolean" } }, - "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.ParameterDeclaration": { + "AWS::PCAConnectorAD::Template.TemplateDefinition": { "additionalProperties": false, "properties": { - "DateTimeParameterDeclaration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeParameterDeclaration", - "markdownDescription": "A parameter declaration for the `DateTime` data type.", - "title": "DateTimeParameterDeclaration" - }, - "DecimalParameterDeclaration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalParameterDeclaration", - "markdownDescription": "A parameter declaration for the `Decimal` data type.", - "title": "DecimalParameterDeclaration" + "TemplateV2": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.TemplateV2", + "markdownDescription": "Template configuration to define the information included in certificates. Define certificate validity and renewal periods, certificate request handling and enrollment options, key usage extensions, application policies, and cryptography settings.", + "title": "TemplateV2" }, - "IntegerParameterDeclaration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.IntegerParameterDeclaration", - "markdownDescription": "A parameter declaration for the `Integer` data type.", - "title": "IntegerParameterDeclaration" + "TemplateV3": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.TemplateV3", + "markdownDescription": "Template configuration to define the information included in certificates. Define certificate validity and renewal periods, certificate request handling and enrollment options, key usage extensions, application policies, and cryptography settings.", + "title": "TemplateV3" }, - "StringParameterDeclaration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringParameterDeclaration", - "markdownDescription": "A parameter declaration for the `String` data type.", - "title": "StringParameterDeclaration" + "TemplateV4": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.TemplateV4", + "markdownDescription": "Template configuration to define the information included in certificates. Define certificate validity and renewal periods, certificate request handling and enrollment options, key usage extensions, application policies, and cryptography settings.", + "title": "TemplateV4" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ParameterDropDownControl": { + "AWS::PCAConnectorAD::Template.TemplateV2": { "additionalProperties": false, "properties": { - "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CascadingControlConfiguration", - "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", - "title": "CascadingControlConfiguration" + "CertificateValidity": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.CertificateValidity", + "markdownDescription": "Certificate validity describes the validity and renewal periods of a certificate.", + "title": "CertificateValidity" }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DropDownControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "EnrollmentFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.EnrollmentFlagsV2", + "markdownDescription": "Enrollment flags describe the enrollment settings for certificates such as using the existing private key and deleting expired or revoked certificates.", + "title": "EnrollmentFlags" }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterDropDownControl` .", - "title": "ParameterControlId", - "type": "string" + "Extensions": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ExtensionsV2", + "markdownDescription": "Extensions describe the key usage extensions and application policies for a template.", + "title": "Extensions" }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" + "GeneralFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.GeneralFlagsV2", + "markdownDescription": "General flags describe whether the template is used for computers or users and if the template can be used with autoenrollment.", + "title": "GeneralFlags" }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterDropDownControl` .", - "title": "SourceParameterName", - "type": "string" + "PrivateKeyAttributes": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.PrivateKeyAttributesV2", + "markdownDescription": "Private key attributes allow you to specify the minimal key length, key spec, and cryptographic providers for the private key of a certificate for v2 templates. V2 templates allow you to use Legacy Cryptographic Service Providers.", + "title": "PrivateKeyAttributes" }, - "Title": { - "markdownDescription": "The title of the `ParameterDropDownControl` .", - "title": "Title", - "type": "string" + "PrivateKeyFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.PrivateKeyFlagsV2", + "markdownDescription": "Private key flags for v2 templates specify the client compatibility, if the private key can be exported, and if user input is required when using a private key.", + "title": "PrivateKeyFlags" }, - "Type": { - "markdownDescription": "The type parameter name of the `ParameterDropDownControl` .", - "title": "Type", - "type": "string" + "SubjectNameFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.SubjectNameFlagsV2", + "markdownDescription": "Subject name flags describe the subject name and subject alternate name that is included in a certificate.", + "title": "SubjectNameFlags" + }, + "SupersededTemplates": { + "items": { + "type": "string" + }, + "markdownDescription": "List of templates in Active Directory that are superseded by this template.", + "title": "SupersededTemplates", + "type": "array" } }, "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" + "CertificateValidity", + "EnrollmentFlags", + "Extensions", + "GeneralFlags", + "PrivateKeyAttributes", + "PrivateKeyFlags", + "SubjectNameFlags" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ParameterListControl": { + "AWS::PCAConnectorAD::Template.TemplateV3": { "additionalProperties": false, "properties": { - "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CascadingControlConfiguration", - "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", - "title": "CascadingControlConfiguration" + "CertificateValidity": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.CertificateValidity", + "markdownDescription": "Certificate validity describes the validity and renewal periods of a certificate.", + "title": "CertificateValidity" }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ListControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "EnrollmentFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.EnrollmentFlagsV3", + "markdownDescription": "Enrollment flags describe the enrollment settings for certificates such as using the existing private key and deleting expired or revoked certificates.", + "title": "EnrollmentFlags" }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterListControl` .", - "title": "ParameterControlId", - "type": "string" + "Extensions": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ExtensionsV3", + "markdownDescription": "Extensions describe the key usage extensions and application policies for a template.", + "title": "Extensions" }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" + "GeneralFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.GeneralFlagsV3", + "markdownDescription": "General flags describe whether the template is used for computers or users and if the template can be used with autoenrollment.", + "title": "GeneralFlags" }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterListControl` .", - "title": "SourceParameterName", + "HashAlgorithm": { + "markdownDescription": "Specifies the hash algorithm used to hash the private key.", + "title": "HashAlgorithm", "type": "string" }, - "Title": { - "markdownDescription": "The title of the `ParameterListControl` .", - "title": "Title", - "type": "string" + "PrivateKeyAttributes": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.PrivateKeyAttributesV3", + "markdownDescription": "Private key attributes allow you to specify the algorithm, minimal key length, key spec, key usage, and cryptographic providers for the private key of a certificate for v3 templates. V3 templates allow you to use Key Storage Providers.", + "title": "PrivateKeyAttributes" }, - "Type": { - "markdownDescription": "The type of `ParameterListControl` .", - "title": "Type", - "type": "string" + "PrivateKeyFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.PrivateKeyFlagsV3", + "markdownDescription": "Private key flags for v3 templates specify the client compatibility, if the private key can be exported, if user input is required when using a private key, and if an alternate signature algorithm should be used.", + "title": "PrivateKeyFlags" + }, + "SubjectNameFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.SubjectNameFlagsV3", + "markdownDescription": "Subject name flags describe the subject name and subject alternate name that is included in a certificate.", + "title": "SubjectNameFlags" + }, + "SupersededTemplates": { + "items": { + "type": "string" + }, + "markdownDescription": "List of templates in Active Directory that are superseded by this template.", + "title": "SupersededTemplates", + "type": "array" } }, "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" + "CertificateValidity", + "EnrollmentFlags", + "Extensions", + "GeneralFlags", + "HashAlgorithm", + "PrivateKeyAttributes", + "PrivateKeyFlags", + "SubjectNameFlags" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ParameterSelectableValues": { + "AWS::PCAConnectorAD::Template.TemplateV4": { "additionalProperties": false, "properties": { - "LinkToDataSetColumn": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column identifier that fetches values from the data set.", - "title": "LinkToDataSetColumn" + "CertificateValidity": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.CertificateValidity", + "markdownDescription": "Certificate validity describes the validity and renewal periods of a certificate.", + "title": "CertificateValidity" }, - "Values": { + "EnrollmentFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.EnrollmentFlagsV4", + "markdownDescription": "Enrollment flags describe the enrollment settings for certificates using the existing private key and deleting expired or revoked certificates.", + "title": "EnrollmentFlags" + }, + "Extensions": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ExtensionsV4", + "markdownDescription": "Extensions describe the key usage extensions and application policies for a template.", + "title": "Extensions" + }, + "GeneralFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.GeneralFlagsV4", + "markdownDescription": "General flags describe whether the template is used for computers or users and if the template can be used with autoenrollment.", + "title": "GeneralFlags" + }, + "HashAlgorithm": { + "markdownDescription": "Specifies the hash algorithm used to hash the private key. Hash algorithm can only be specified when using Key Storage Providers.", + "title": "HashAlgorithm", + "type": "string" + }, + "PrivateKeyAttributes": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.PrivateKeyAttributesV4", + "markdownDescription": "Private key attributes allow you to specify the minimal key length, key spec, key usage, and cryptographic providers for the private key of a certificate for v4 templates. V4 templates allow you to use either Key Storage Providers or Legacy Cryptographic Service Providers. You specify the cryptography provider category in private key flags.", + "title": "PrivateKeyAttributes" + }, + "PrivateKeyFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.PrivateKeyFlagsV4", + "markdownDescription": "Private key flags for v4 templates specify the client compatibility, if the private key can be exported, if user input is required when using a private key, if an alternate signature algorithm should be used, and if certificates are renewed using the same private key.", + "title": "PrivateKeyFlags" + }, + "SubjectNameFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.SubjectNameFlagsV4", + "markdownDescription": "Subject name flags describe the subject name and subject alternate name that is included in a certificate.", + "title": "SubjectNameFlags" + }, + "SupersededTemplates": { "items": { "type": "string" }, - "markdownDescription": "The values that are used in `ParameterSelectableValues` .", - "title": "Values", + "markdownDescription": "List of templates in Active Directory that are superseded by this template.", + "title": "SupersededTemplates", "type": "array" } }, + "required": [ + "CertificateValidity", + "EnrollmentFlags", + "Extensions", + "GeneralFlags", + "PrivateKeyAttributes", + "PrivateKeyFlags", + "SubjectNameFlags" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.ParameterSliderControl": { + "AWS::PCAConnectorAD::Template.ValidityPeriod": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SliderControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "MaximumValue": { - "markdownDescription": "The larger value that is displayed at the right of the slider.", - "title": "MaximumValue", - "type": "number" - }, - "MinimumValue": { - "markdownDescription": "The smaller value that is displayed at the left of the slider.", - "title": "MinimumValue", + "Period": { + "markdownDescription": "The numeric value for the validity period.", + "title": "Period", "type": "number" }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterSliderControl` .", - "title": "ParameterControlId", + "PeriodType": { + "markdownDescription": "The unit of time. You can select hours, days, weeks, months, and years.", + "title": "PeriodType", + "type": "string" + } + }, + "required": [ + "Period", + "PeriodType" + ], + "type": "object" + }, + "AWS::PCAConnectorAD::TemplateGroupAccessControlEntry": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterSliderControl` .", - "title": "SourceParameterName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "StepSize": { - "markdownDescription": "The number of increments that the slider bar is divided into.", - "title": "StepSize", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Title": { - "markdownDescription": "The title of the `ParameterSliderControl` .", - "title": "Title", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AccessRights": { + "$ref": "#/definitions/AWS::PCAConnectorAD::TemplateGroupAccessControlEntry.AccessRights", + "markdownDescription": "Permissions to allow or deny an Active Directory group to enroll or autoenroll certificates issued against a template.", + "title": "AccessRights" + }, + "GroupDisplayName": { + "markdownDescription": "Name of the Active Directory group. This name does not need to match the group name in Active Directory.", + "title": "GroupDisplayName", + "type": "string" + }, + "GroupSecurityIdentifier": { + "markdownDescription": "Security identifier (SID) of the group object from Active Directory. The SID starts with \"S-\".", + "title": "GroupSecurityIdentifier", + "type": "string" + }, + "TemplateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that was returned when you called [CreateTemplate](https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateTemplate.html) .", + "title": "TemplateArn", + "type": "string" + } + }, + "required": [ + "AccessRights", + "GroupDisplayName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::PCAConnectorAD::TemplateGroupAccessControlEntry" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "MaximumValue", - "MinimumValue", - "ParameterControlId", - "SourceParameterName", - "StepSize", - "Title" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ParameterTextAreaControl": { + "AWS::PCAConnectorAD::TemplateGroupAccessControlEntry.AccessRights": { "additionalProperties": false, "properties": { - "Delimiter": { - "markdownDescription": "The delimiter that is used to separate the lines in text.", - "title": "Delimiter", + "AutoEnroll": { + "markdownDescription": "Allow or deny an Active Directory group from autoenrolling certificates issued against a template. The Active Directory group must be allowed to enroll to allow autoenrollment", + "title": "AutoEnroll", "type": "string" }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextAreaControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "Enroll": { + "markdownDescription": "Allow or deny an Active Directory group from enrolling certificates issued against a template.", + "title": "Enroll", + "type": "string" + } + }, + "type": "object" + }, + "AWS::PCAConnectorSCEP::Challenge": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterTextAreaControl` .", - "title": "ParameterControlId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterTextAreaControl` .", - "title": "SourceParameterName", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ConnectorArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the connector.", + "title": "ConnectorArn", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "ConnectorArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::PCAConnectorSCEP::Challenge" + ], "type": "string" }, - "Title": { - "markdownDescription": "The title of the `ParameterTextAreaControl` .", - "title": "Title", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ParameterTextFieldControl": { + "AWS::PCAConnectorSCEP::Connector": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextFieldControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "Condition": { + "type": "string" }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterTextFieldControl` .", - "title": "ParameterControlId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterTextFieldControl` .", - "title": "SourceParameterName", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CertificateAuthorityArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the certificate authority associated with the connector.", + "title": "CertificateAuthorityArn", + "type": "string" + }, + "MobileDeviceManagement": { + "$ref": "#/definitions/AWS::PCAConnectorSCEP::Connector.MobileDeviceManagement", + "markdownDescription": "Contains settings relevant to the mobile device management system that you chose for the connector. If you didn't configure `MobileDeviceManagement` , then the connector is for general-purpose use and this object is empty.", + "title": "MobileDeviceManagement" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "CertificateAuthorityArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::PCAConnectorSCEP::Connector" + ], "type": "string" }, - "Title": { - "markdownDescription": "The title of the `ParameterTextFieldControl` .", - "title": "Title", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.Parameters": { + "AWS::PCAConnectorSCEP::Connector.IntuneConfiguration": { "additionalProperties": false, "properties": { - "DateTimeParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeParameter" - }, - "markdownDescription": "The parameters that have a data type of date-time.", - "title": "DateTimeParameters", - "type": "array" - }, - "DecimalParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalParameter" - }, - "markdownDescription": "The parameters that have a data type of decimal.", - "title": "DecimalParameters", - "type": "array" - }, - "IntegerParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.IntegerParameter" - }, - "markdownDescription": "The parameters that have a data type of integer.", - "title": "IntegerParameters", - "type": "array" + "AzureApplicationId": { + "markdownDescription": "The directory (tenant) ID from your Microsoft Entra ID app registration.", + "title": "AzureApplicationId", + "type": "string" }, - "StringParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringParameter" - }, - "markdownDescription": "The parameters that have a data type of string.", - "title": "StringParameters", - "type": "array" + "Domain": { + "markdownDescription": "The primary domain from your Microsoft Entra ID app registration.", + "title": "Domain", + "type": "string" } }, + "required": [ + "AzureApplicationId", + "Domain" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.PercentVisibleRange": { + "AWS::PCAConnectorSCEP::Connector.MobileDeviceManagement": { "additionalProperties": false, "properties": { - "From": { - "markdownDescription": "The lower bound of the range.", - "title": "From", - "type": "number" - }, - "To": { - "markdownDescription": "The top bound of the range.", - "title": "To", - "type": "number" + "Intune": { + "$ref": "#/definitions/AWS::PCAConnectorSCEP::Connector.IntuneConfiguration", + "markdownDescription": "Configuration settings for use with Microsoft Intune. For information about using Connector for SCEP for Microsoft Intune, see [Using Connector for SCEP for Microsoft Intune](https://docs.aws.amazon.com/privateca/latest/userguide/scep-connector.htmlconnector-for-scep-intune.html) .", + "title": "Intune" } }, + "required": [ + "Intune" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.PercentageDisplayFormatConfiguration": { + "AWS::PCAConnectorSCEP::Connector.OpenIdConfiguration": { "additionalProperties": false, "properties": { - "DecimalPlacesConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalPlacesConfiguration", - "markdownDescription": "The option that determines the decimal places configuration.", - "title": "DecimalPlacesConfiguration" + "Audience": { + "markdownDescription": "The audience value to copy into your Microsoft Entra app registration's OIDC.", + "title": "Audience", + "type": "string" }, - "NegativeValueConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NegativeValueConfiguration", - "markdownDescription": "The options that determine the negative value configuration.", - "title": "NegativeValueConfiguration" + "Issuer": { + "markdownDescription": "The issuer value to copy into your Microsoft Entra app registration's OIDC.", + "title": "Issuer", + "type": "string" }, - "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NullValueFormatConfiguration", - "markdownDescription": "The options that determine the null value format configuration.", - "title": "NullValueFormatConfiguration" + "Subject": { + "markdownDescription": "The subject value to copy into your Microsoft Entra app registration's OIDC.", + "title": "Subject", + "type": "string" + } + }, + "type": "object" + }, + "AWS::PCS::Cluster": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" }, - "Prefix": { - "markdownDescription": "Determines the prefix value of the percentage format.", - "title": "Prefix", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SeparatorConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericSeparatorConfiguration", - "markdownDescription": "The options that determine the numeric separator configuration.", - "title": "SeparatorConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Suffix": { - "markdownDescription": "Determines the suffix value of the percentage format.", - "title": "Suffix", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name that identifies the cluster.", + "title": "Name", + "type": "string" + }, + "Networking": { + "$ref": "#/definitions/AWS::PCS::Cluster.Networking", + "markdownDescription": "The networking configuration for the cluster's control plane.", + "title": "Networking" + }, + "Scheduler": { + "$ref": "#/definitions/AWS::PCS::Cluster.Scheduler", + "markdownDescription": "The cluster management and job scheduling software associated with the cluster.", + "title": "Scheduler" + }, + "Size": { + "markdownDescription": "The size of the cluster.", + "title": "Size", + "type": "string" + }, + "SlurmConfiguration": { + "$ref": "#/definitions/AWS::PCS::Cluster.SlurmConfiguration", + "markdownDescription": "Additional options related to the Slurm scheduler.", + "title": "SlurmConfiguration" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "1 or more tags added to the resource. Each tag consists of a tag key and tag value. The tag value is optional and can be an empty string.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "Networking", + "Scheduler", + "Size" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::PCS::Cluster" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.PercentileAggregation": { + "AWS::PCS::Cluster.Accounting": { "additionalProperties": false, "properties": { - "PercentileValue": { - "markdownDescription": "The percentile value. This value can be any numeric constant 0\u2013100. A percentile value of 50 computes the median value of the measure.", - "title": "PercentileValue", + "DefaultPurgeTimeInDays": { + "markdownDescription": "The default value for all purge settings for `slurmdbd.conf` . For more information, see the [slurmdbd.conf documentation at SchedMD](https://docs.aws.amazon.com/https://slurm.schedmd.com/slurmdbd.conf.html) .\n\nThe default value `-1` means there is no purge time and records persist as long as the cluster exists.\n\n> `0` isn't a valid value.", + "title": "DefaultPurgeTimeInDays", "type": "number" + }, + "Mode": { + "markdownDescription": "The default value for `mode` is `STANDARD` . A value of `STANDARD` means Slurm accounting is enabled.", + "title": "Mode", + "type": "string" } }, + "required": [ + "Mode" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.PeriodOverPeriodComputation": { + "AWS::PCS::Cluster.AuthKey": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the shared Slurm key.", + "title": "SecretArn", "type": "string" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "SecretVersion": { + "markdownDescription": "The version of the shared Slurm key.", + "title": "SecretVersion", "type": "string" - }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" - }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" } }, "required": [ - "ComputationId" + "SecretArn", + "SecretVersion" ], "type": "object" }, - "AWS::QuickSight::Dashboard.PeriodToDateComputation": { + "AWS::PCS::Cluster.Endpoint": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", + "Port": { + "markdownDescription": "The endpoint's connection port number.", + "title": "Port", "type": "string" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "PrivateIpAddress": { + "markdownDescription": "The endpoint's private IP address.", + "title": "PrivateIpAddress", "type": "string" }, - "PeriodTimeGranularity": { - "markdownDescription": "The time granularity setup of period to date computation. Choose from the following options:\n\n- YEAR: Year to date.\n- MONTH: Month to date.", - "title": "PeriodTimeGranularity", + "PublicIpAddress": { + "markdownDescription": "The endpoint's public IP address.", + "title": "PublicIpAddress", "type": "string" }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" - }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "Type": { + "markdownDescription": "Indicates the type of endpoint running at the specific IP address.", + "title": "Type", + "type": "string" } }, "required": [ - "ComputationId" + "Port", + "PrivateIpAddress", + "Type" ], "type": "object" }, - "AWS::QuickSight::Dashboard.PieChartAggregatedFieldWells": { + "AWS::PCS::Cluster.ErrorInfo": { "additionalProperties": false, "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The category (group/color) field wells of a pie chart.", - "title": "Category", - "type": "array" - }, - "SmallMultiples": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The small multiples field well of a pie chart.", - "title": "SmallMultiples", - "type": "array" + "Code": { + "markdownDescription": "The short-form error code.", + "title": "Code", + "type": "string" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The value field wells of a pie chart. Values are aggregated based on categories.", - "title": "Values", - "type": "array" + "Message": { + "markdownDescription": "The detailed error information.", + "title": "Message", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.PieChartConfiguration": { + "AWS::PCS::Cluster.Networking": { "additionalProperties": false, "properties": { - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options of the group/color that is displayed in a pie chart.", - "title": "CategoryLabelOptions" - }, - "ContributionAnalysisDefaults": { + "SecurityGroupIds": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ContributionAnalysisDefault" + "type": "string" }, - "markdownDescription": "The contribution analysis (anomaly configuration) setup of the visual.", - "title": "ContributionAnalysisDefaults", + "markdownDescription": "The list of security group IDs associated with the Elastic Network Interface (ENI) created in subnets.", + "title": "SecurityGroupIds", "type": "array" }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.", - "title": "DataLabels" - }, - "DonutOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DonutOptions", - "markdownDescription": "The options that determine the shape of the chart. This option determines whether the chart is a pie chart or a donut chart.", - "title": "DonutOptions" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PieChartFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" - }, - "SmallMultiplesOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SmallMultiplesOptions", - "markdownDescription": "The small multiples setup for the visual.", - "title": "SmallMultiplesOptions" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PieChartSortConfiguration", - "markdownDescription": "The sort configuration of a pie chart.", - "title": "SortConfiguration" - }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" - }, - "ValueLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options for the value that is displayed in a pie chart.", - "title": "ValueLabelOptions" - }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of subnet IDs where AWS PCS creates an Elastic Network Interface (ENI) to enable communication between managed controllers and AWS PCS resources. The subnet must have an available IP address, cannot reside in AWS Outposts, AWS Wavelength, or an AWS Local Zone. AWS PCS currently supports only 1 subnet in this list.", + "title": "SubnetIds", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.PieChartFieldWells": { + "AWS::PCS::Cluster.Scheduler": { "additionalProperties": false, "properties": { - "PieChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PieChartAggregatedFieldWells", - "markdownDescription": "The field well configuration of a pie chart.", - "title": "PieChartAggregatedFieldWells" + "Type": { + "markdownDescription": "The software AWS PCS uses to manage cluster scaling and job scheduling.", + "title": "Type", + "type": "string" + }, + "Version": { + "markdownDescription": "The version of the specified scheduling software that AWS PCS uses to manage cluster scaling and job scheduling.", + "title": "Version", + "type": "string" } }, + "required": [ + "Type", + "Version" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.PieChartSortConfiguration": { + "AWS::PCS::Cluster.SlurmConfiguration": { "additionalProperties": false, "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of categories that are displayed in a pie chart.", - "title": "CategoryItemsLimit" + "Accounting": { + "$ref": "#/definitions/AWS::PCS::Cluster.Accounting", + "markdownDescription": "The accounting configuration includes configurable settings for Slurm accounting.", + "title": "Accounting" }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the category fields.", - "title": "CategorySort", - "type": "array" + "AuthKey": { + "$ref": "#/definitions/AWS::PCS::Cluster.AuthKey", + "markdownDescription": "The shared Slurm key for authentication, also known as the cluster secret.", + "title": "AuthKey" }, - "SmallMultiplesLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of small multiples panels that are displayed.", - "title": "SmallMultiplesLimitConfiguration" + "ScaleDownIdleTimeInSeconds": { + "markdownDescription": "The time before an idle node is scaled down.", + "title": "ScaleDownIdleTimeInSeconds", + "type": "number" }, - "SmallMultiplesSort": { + "SlurmCustomSettings": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + "$ref": "#/definitions/AWS::PCS::Cluster.SlurmCustomSetting" }, - "markdownDescription": "The sort configuration of the small multiples field.", - "title": "SmallMultiplesSort", + "markdownDescription": "Additional Slurm-specific configuration that directly maps to Slurm settings.", + "title": "SlurmCustomSettings", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.PieChartVisual": { + "AWS::PCS::Cluster.SlurmCustomSetting": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PieChartConfiguration", - "markdownDescription": "The configuration of a pie chart.", - "title": "ChartConfiguration" - }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "ParameterName": { + "markdownDescription": "AWS PCS supports configuration of the following Slurm parameters:\n\n- For *clusters*\n\n- [`Prolog`](https://docs.aws.amazon.com/https://slurm.schedmd.com/slurm.conf.html#OPT_Prolog_1)\n- [`Epilog`](https://docs.aws.amazon.com/https://slurm.schedmd.com/slurm.conf.html#OPT_Epilog_1)\n- [`SelectTypeParameters`](https://docs.aws.amazon.com/https://slurm.schedmd.com/slurm.conf.html#OPT_SelectTypeParameters)\n- For *compute node groups*\n\n- [`Weight`](https://docs.aws.amazon.com/https://slurm.schedmd.com/slurm.conf.html#OPT_Weight)\n- [`RealMemory`](https://docs.aws.amazon.com/https://slurm.schedmd.com/slurm.conf.html#OPT_Weight)", + "title": "ParameterName", + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "ParameterValue": { + "markdownDescription": "The values for the configured Slurm settings.", + "title": "ParameterValue", "type": "string" } }, "required": [ - "VisualId" + "ParameterName", + "ParameterValue" ], "type": "object" }, - "AWS::QuickSight::Dashboard.PivotFieldSortOptions": { + "AWS::PCS::ComputeNodeGroup": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID for the field sort options.", - "title": "FieldId", + "Condition": { "type": "string" }, - "SortBy": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableSortBy", - "markdownDescription": "The sort by field for the field sort options.", - "title": "SortBy" - } - }, - "required": [ - "FieldId", - "SortBy" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.PivotTableAggregatedFieldWells": { - "additionalProperties": false, - "properties": { - "Columns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The columns field well for a pivot table. Values are grouped by columns fields.", - "title": "Columns", - "type": "array" - }, - "Rows": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The rows field well for a pivot table. Values are grouped by rows fields.", - "title": "Rows", - "type": "array" - }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The values field well for a pivot table. Values are aggregated based on rows and columns fields.", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.PivotTableCellConditionalFormatting": { - "additionalProperties": false, - "properties": { - "FieldId": { - "markdownDescription": "The field ID of the cell for conditional formatting.", - "title": "FieldId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Scope": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableConditionalFormattingScope", - "markdownDescription": "The scope of the cell for conditional formatting.", - "title": "Scope" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Scopes": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableConditionalFormattingScope" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AmiId": { + "markdownDescription": "The ID of the Amazon Machine Image (AMI) that AWS PCS uses to launch instances. If not provided, AWS PCS uses the AMI ID specified in the custom launch template.", + "title": "AmiId", + "type": "string" + }, + "ClusterId": { + "markdownDescription": "The ID of the cluster of the compute node group.", + "title": "ClusterId", + "type": "string" + }, + "CustomLaunchTemplate": { + "$ref": "#/definitions/AWS::PCS::ComputeNodeGroup.CustomLaunchTemplate", + "markdownDescription": "An Amazon EC2 launch template AWS PCS uses to launch compute nodes.", + "title": "CustomLaunchTemplate" + }, + "IamInstanceProfileArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM instance profile used to pass an IAM role when launching EC2 instances. The role contained in your instance profile must have pcs:RegisterComputeNodeGroupInstance permissions attached to provision instances correctly.", + "title": "IamInstanceProfileArn", + "type": "string" + }, + "InstanceConfigs": { + "items": { + "$ref": "#/definitions/AWS::PCS::ComputeNodeGroup.InstanceConfig" + }, + "markdownDescription": "A list of EC2 instance configurations that AWS PCS can provision in the compute node group.", + "title": "InstanceConfigs", + "type": "array" + }, + "Name": { + "markdownDescription": "The name that identifies the compute node group.", + "title": "Name", + "type": "string" + }, + "PurchaseOption": { + "markdownDescription": "Specifies how EC2 instances are purchased on your behalf. AWS PCS supports On-Demand and Spot instances. For more information, see Instance purchasing options in the Amazon Elastic Compute Cloud User Guide. If you don't provide this option, it defaults to On-Demand.", + "title": "PurchaseOption", + "type": "string" + }, + "ScalingConfiguration": { + "$ref": "#/definitions/AWS::PCS::ComputeNodeGroup.ScalingConfiguration", + "markdownDescription": "Specifies the boundaries of the compute node group auto scaling.", + "title": "ScalingConfiguration" + }, + "SlurmConfiguration": { + "$ref": "#/definitions/AWS::PCS::ComputeNodeGroup.SlurmConfiguration", + "markdownDescription": "Additional options related to the Slurm scheduler.", + "title": "SlurmConfiguration" + }, + "SpotOptions": { + "$ref": "#/definitions/AWS::PCS::ComputeNodeGroup.SpotOptions", + "markdownDescription": "Additional configuration when you specify `SPOT` as the `purchaseOption` .", + "title": "SpotOptions" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of subnet IDs where instances are provisioned by the compute node group. The subnets must be in the same VPC as the cluster.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "1 or more tags added to the resource. Each tag consists of a tag key and tag value. The tag value is optional and can be an empty string.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } }, - "markdownDescription": "A list of cell scopes for conditional formatting.", - "title": "Scopes", - "type": "array" + "required": [ + "ClusterId", + "CustomLaunchTemplate", + "IamInstanceProfileArn", + "InstanceConfigs", + "ScalingConfiguration", + "SubnetIds" + ], + "type": "object" }, - "TextFormat": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextConditionalFormat", - "markdownDescription": "The text format of the cell for conditional formatting.", - "title": "TextFormat" + "Type": { + "enum": [ + "AWS::PCS::ComputeNodeGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "FieldId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableConditionalFormatting": { + "AWS::PCS::ComputeNodeGroup.CustomLaunchTemplate": { "additionalProperties": false, "properties": { - "ConditionalFormattingOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableConditionalFormattingOption" - }, - "markdownDescription": "Conditional formatting options for a `PivotTableVisual` .", - "title": "ConditionalFormattingOptions", - "type": "array" + "TemplateId": { + "markdownDescription": "The ID of the EC2 launch template to use to provision instances.", + "title": "TemplateId", + "type": "string" + }, + "Version": { + "markdownDescription": "The version of the EC2 launch template to use to provision instances.", + "title": "Version", + "type": "string" } }, + "required": [ + "Version" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableConditionalFormattingOption": { + "AWS::PCS::ComputeNodeGroup.ErrorInfo": { "additionalProperties": false, "properties": { - "Cell": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableCellConditionalFormatting", - "markdownDescription": "The cell conditional formatting option for a pivot table.", - "title": "Cell" + "Code": { + "markdownDescription": "The short-form error code.", + "title": "Code", + "type": "string" + }, + "Message": { + "markdownDescription": "The detailed error information.", + "title": "Message", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableConditionalFormattingScope": { + "AWS::PCS::ComputeNodeGroup.InstanceConfig": { "additionalProperties": false, "properties": { - "Role": { - "markdownDescription": "The role (field, field total, grand total) of the cell for conditional formatting.", - "title": "Role", + "InstanceType": { + "markdownDescription": "The EC2 instance type that AWS PCS can provision in the compute node group.\n\nExample: `t2.xlarge`", + "title": "InstanceType", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableConfiguration": { + "AWS::PCS::ComputeNodeGroup.ScalingConfiguration": { "additionalProperties": false, "properties": { - "FieldOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableFieldOptions", - "markdownDescription": "The field options for a pivot table visual.", - "title": "FieldOptions" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "PaginatedReportOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTablePaginatedReportOptions", - "markdownDescription": "The paginated report options for a pivot table visual.", - "title": "PaginatedReportOptions" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableSortConfiguration", - "markdownDescription": "The sort configuration for a `PivotTableVisual` .", - "title": "SortConfiguration" - }, - "TableOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableOptions", - "markdownDescription": "The table options for a pivot table visual.", - "title": "TableOptions" + "MaxInstanceCount": { + "markdownDescription": "The upper bound of the number of instances allowed in the compute fleet.", + "title": "MaxInstanceCount", + "type": "number" }, - "TotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableTotalOptions", - "markdownDescription": "The total options for a pivot table visual.", - "title": "TotalOptions" + "MinInstanceCount": { + "markdownDescription": "The lower bound of the number of instances allowed in the compute fleet.", + "title": "MinInstanceCount", + "type": "number" } }, + "required": [ + "MaxInstanceCount", + "MinInstanceCount" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableDataPathOption": { + "AWS::PCS::ComputeNodeGroup.SlurmConfiguration": { "additionalProperties": false, "properties": { - "DataPathList": { + "SlurmCustomSettings": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathValue" + "$ref": "#/definitions/AWS::PCS::ComputeNodeGroup.SlurmCustomSetting" }, - "markdownDescription": "The list of data path values for the data path options.", - "title": "DataPathList", + "markdownDescription": "Additional Slurm-specific configuration that directly maps to Slurm settings.", + "title": "SlurmCustomSettings", "type": "array" - }, - "Width": { - "markdownDescription": "The width of the data path option.", - "title": "Width", - "type": "string" } }, - "required": [ - "DataPathList" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableFieldCollapseStateOption": { + "AWS::PCS::ComputeNodeGroup.SlurmCustomSetting": { "additionalProperties": false, "properties": { - "State": { - "markdownDescription": "The state of the field target of a pivot table. Choose one of the following options:\n\n- `COLLAPSED`\n- `EXPANDED`", - "title": "State", + "ParameterName": { + "markdownDescription": "AWS PCS supports configuration of the following Slurm parameters:\n\n- For *clusters*\n\n- [`Prolog`](https://docs.aws.amazon.com/https://slurm.schedmd.com/slurm.conf.html#OPT_Prolog_1)\n- [`Epilog`](https://docs.aws.amazon.com/https://slurm.schedmd.com/slurm.conf.html#OPT_Epilog_1)\n- [`SelectTypeParameters`](https://docs.aws.amazon.com/https://slurm.schedmd.com/slurm.conf.html#OPT_SelectTypeParameters)\n- For *compute node groups*\n\n- [`Weight`](https://docs.aws.amazon.com/https://slurm.schedmd.com/slurm.conf.html#OPT_Weight)\n- [`RealMemory`](https://docs.aws.amazon.com/https://slurm.schedmd.com/slurm.conf.html#OPT_Weight)", + "title": "ParameterName", "type": "string" }, - "Target": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableFieldCollapseStateTarget", - "markdownDescription": "A tagged-union object that sets the collapse state.", - "title": "Target" + "ParameterValue": { + "markdownDescription": "The values for the configured Slurm settings.", + "title": "ParameterValue", + "type": "string" } }, "required": [ - "Target" + "ParameterName", + "ParameterValue" ], "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableFieldCollapseStateTarget": { + "AWS::PCS::ComputeNodeGroup.SpotOptions": { "additionalProperties": false, "properties": { - "FieldDataPathValues": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathValue" - }, - "markdownDescription": "The data path of the pivot table's header. Used to set the collapse state.", - "title": "FieldDataPathValues", - "type": "array" - }, - "FieldId": { - "markdownDescription": "The field ID of the pivot table that the collapse state needs to be set to.", - "title": "FieldId", + "AllocationStrategy": { + "markdownDescription": "The Amazon EC2 allocation strategy AWS PCS uses to provision EC2 instances. AWS PCS supports lowest price, capacity optimized, and price capacity optimized. If you don't provide this option, it defaults to price capacity optimized.", + "title": "AllocationStrategy", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableFieldOption": { + "AWS::PCS::Queue": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label of the pivot table field.", - "title": "CustomLabel", + "Condition": { "type": "string" }, - "FieldId": { - "markdownDescription": "The field ID of the pivot table field.", - "title": "FieldId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the pivot table field.", - "title": "Visibility", - "type": "string" - } - }, - "required": [ - "FieldId" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.PivotTableFieldOptions": { - "additionalProperties": false, - "properties": { - "CollapseStateOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableFieldCollapseStateOption" - }, - "markdownDescription": "The collapse state options for the pivot table field options.", - "title": "CollapseStateOptions", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "DataPathOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableDataPathOption" - }, - "markdownDescription": "The data path options for the pivot table field options.", - "title": "DataPathOptions", - "type": "array" + "Metadata": { + "type": "object" }, - "SelectedFieldOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableFieldOption" + "Properties": { + "additionalProperties": false, + "properties": { + "ClusterId": { + "markdownDescription": "The ID of the cluster of the queue.", + "title": "ClusterId", + "type": "string" + }, + "ComputeNodeGroupConfigurations": { + "items": { + "$ref": "#/definitions/AWS::PCS::Queue.ComputeNodeGroupConfiguration" + }, + "markdownDescription": "The list of compute node group configurations associated with the queue. Queues assign jobs to associated compute node groups.", + "title": "ComputeNodeGroupConfigurations", + "type": "array" + }, + "Name": { + "markdownDescription": "The name that identifies the queue.", + "title": "Name", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "1 or more tags added to the resource. Each tag consists of a tag key and tag value. The tag value is optional and can be an empty string.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } }, - "markdownDescription": "The selected field options for the pivot table field options.", - "title": "SelectedFieldOptions", - "type": "array" + "required": [ + "ClusterId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::PCS::Queue" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableFieldSubtotalOptions": { + "AWS::PCS::Queue.ComputeNodeGroupConfiguration": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID of the subtotal options.", - "title": "FieldId", + "ComputeNodeGroupId": { + "markdownDescription": "The compute node group ID for the compute node group configuration.", + "title": "ComputeNodeGroupId", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableFieldWells": { + "AWS::PCS::Queue.ErrorInfo": { "additionalProperties": false, "properties": { - "PivotTableAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableAggregatedFieldWells", - "markdownDescription": "The aggregated field well for the pivot table.", - "title": "PivotTableAggregatedFieldWells" + "Code": { + "markdownDescription": "The short-form error code.", + "title": "Code", + "type": "string" + }, + "Message": { + "markdownDescription": "TBDThe detailed error information.", + "title": "Message", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableOptions": { + "AWS::Panorama::ApplicationInstance": { "additionalProperties": false, "properties": { - "CellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", - "markdownDescription": "The table cell style of cells.", - "title": "CellStyle" - }, - "CollapsedRowDimensionsVisibility": { - "markdownDescription": "The visibility setting of a pivot table's collapsed row dimension fields. If the value of this structure is `HIDDEN` , all collapsed columns in a pivot table are automatically hidden. The default value is `VISIBLE` .", - "title": "CollapsedRowDimensionsVisibility", - "type": "string" - }, - "ColumnHeaderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", - "markdownDescription": "The table cell style of the column header.", - "title": "ColumnHeaderStyle" - }, - "ColumnNamesVisibility": { - "markdownDescription": "The visibility of the column names.", - "title": "ColumnNamesVisibility", - "type": "string" - }, - "DefaultCellWidth": { - "markdownDescription": "The default cell width of the pivot table.", - "title": "DefaultCellWidth", + "Condition": { "type": "string" }, - "MetricPlacement": { - "markdownDescription": "The metric placement (row, column) options.", - "title": "MetricPlacement", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "RowAlternateColorOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RowAlternateColorOptions", - "markdownDescription": "The row alternate color options (widget status, row alternate colors).", - "title": "RowAlternateColorOptions" - }, - "RowFieldNamesStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", - "markdownDescription": "The table cell style of row field names.", - "title": "RowFieldNamesStyle" - }, - "RowHeaderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", - "markdownDescription": "The table cell style of the row headers.", - "title": "RowHeaderStyle" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "RowsLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableRowsLabelOptions", - "markdownDescription": "The options for the label that is located above the row headers. This option is only applicable when `RowsLayout` is set to `HIERARCHY` .", - "title": "RowsLabelOptions" + "Metadata": { + "type": "object" }, - "RowsLayout": { - "markdownDescription": "The layout for the row dimension headers of a pivot table. Choose one of the following options.\n\n- `TABULAR` : (Default) Each row field is displayed in a separate column.\n- `HIERARCHY` : All row fields are displayed in a single column. Indentation is used to differentiate row headers of different fields.", - "title": "RowsLayout", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationInstanceIdToReplace": { + "markdownDescription": "The ID of an application instance to replace with the new instance.", + "title": "ApplicationInstanceIdToReplace", + "type": "string" + }, + "DefaultRuntimeContextDevice": { + "markdownDescription": "The device's ID.", + "title": "DefaultRuntimeContextDevice", + "type": "string" + }, + "Description": { + "markdownDescription": "A description for the application instance.", + "title": "Description", + "type": "string" + }, + "ManifestOverridesPayload": { + "$ref": "#/definitions/AWS::Panorama::ApplicationInstance.ManifestOverridesPayload", + "markdownDescription": "Setting overrides for the application manifest.", + "title": "ManifestOverridesPayload" + }, + "ManifestPayload": { + "$ref": "#/definitions/AWS::Panorama::ApplicationInstance.ManifestPayload", + "markdownDescription": "The application's manifest document.", + "title": "ManifestPayload" + }, + "Name": { + "markdownDescription": "A name for the application instance.", + "title": "Name", + "type": "string" + }, + "RuntimeRoleArn": { + "markdownDescription": "The ARN of a runtime role for the application instance.", + "title": "RuntimeRoleArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags for the application instance.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "DefaultRuntimeContextDevice", + "ManifestPayload" + ], + "type": "object" }, - "SingleMetricVisibility": { - "markdownDescription": "The visibility of the single metric options.", - "title": "SingleMetricVisibility", + "Type": { + "enum": [ + "AWS::Panorama::ApplicationInstance" + ], "type": "string" }, - "ToggleButtonsVisibility": { - "markdownDescription": "Determines the visibility of the pivot table.", - "title": "ToggleButtonsVisibility", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTablePaginatedReportOptions": { + "AWS::Panorama::ApplicationInstance.ManifestOverridesPayload": { "additionalProperties": false, "properties": { - "OverflowColumnHeaderVisibility": { - "markdownDescription": "The visibility of the repeating header rows on each page.", - "title": "OverflowColumnHeaderVisibility", - "type": "string" - }, - "VerticalOverflowVisibility": { - "markdownDescription": "The visibility of the printing table overflow across pages.", - "title": "VerticalOverflowVisibility", + "PayloadData": { + "markdownDescription": "The overrides document.", + "title": "PayloadData", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableRowsLabelOptions": { + "AWS::Panorama::ApplicationInstance.ManifestPayload": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label string for the rows label.", - "title": "CustomLabel", - "type": "string" - }, - "Visibility": { - "markdownDescription": "The visibility of the rows label.", - "title": "Visibility", + "PayloadData": { + "markdownDescription": "The application manifest.", + "title": "PayloadData", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableSortBy": { + "AWS::Panorama::Package": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnSort", - "markdownDescription": "The column sort (field id, direction) for the pivot table sort by options.", - "title": "Column" + "Condition": { + "type": "string" }, - "DataPath": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathSort", - "markdownDescription": "The data path sort (data path value, direction) for the pivot table sort by options.", - "title": "DataPath" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Field": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSort", - "markdownDescription": "The field sort (field id, direction) for the pivot table sort by options.", - "title": "Field" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.PivotTableSortConfiguration": { - "additionalProperties": false, - "properties": { - "FieldSortOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotFieldSortOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "PackageName": { + "markdownDescription": "A name for the package.", + "title": "PackageName", + "type": "string" + }, + "StorageLocation": { + "$ref": "#/definitions/AWS::Panorama::Package.StorageLocation", + "markdownDescription": "A storage location.", + "title": "StorageLocation" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags for the package.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The field sort options for a pivot table sort configuration.", - "title": "FieldSortOptions", - "type": "array" + "required": [ + "PackageName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Panorama::Package" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableTotalOptions": { + "AWS::Panorama::Package.StorageLocation": { "additionalProperties": false, "properties": { - "ColumnSubtotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SubtotalOptions", - "markdownDescription": "The column subtotal options.", - "title": "ColumnSubtotalOptions" + "BinaryPrefixLocation": { + "markdownDescription": "The location's binary prefix.", + "title": "BinaryPrefixLocation", + "type": "string" }, - "ColumnTotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTotalOptions", - "markdownDescription": "The column total options.", - "title": "ColumnTotalOptions" + "Bucket": { + "markdownDescription": "The location's bucket.", + "title": "Bucket", + "type": "string" }, - "RowSubtotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SubtotalOptions", - "markdownDescription": "The row subtotal options.", - "title": "RowSubtotalOptions" + "GeneratedPrefixLocation": { + "markdownDescription": "The location's generated prefix.", + "title": "GeneratedPrefixLocation", + "type": "string" }, - "RowTotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTotalOptions", - "markdownDescription": "The row total options.", - "title": "RowTotalOptions" + "ManifestPrefixLocation": { + "markdownDescription": "The location's manifest prefix.", + "title": "ManifestPrefixLocation", + "type": "string" + }, + "RepoPrefixLocation": { + "markdownDescription": "The location's repo prefix.", + "title": "RepoPrefixLocation", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableVisual": { + "AWS::Panorama::PackageVersion": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableConditionalFormatting", - "markdownDescription": "The conditional formatting for a `PivotTableVisual` .", - "title": "ConditionalFormatting" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Metadata": { + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Properties": { + "additionalProperties": false, + "properties": { + "MarkLatest": { + "markdownDescription": "Whether to mark the new version as the latest version.", + "title": "MarkLatest", + "type": "boolean" + }, + "OwnerAccount": { + "markdownDescription": "An owner account.", + "title": "OwnerAccount", + "type": "string" + }, + "PackageId": { + "markdownDescription": "A package ID.", + "title": "PackageId", + "type": "string" + }, + "PackageVersion": { + "markdownDescription": "A package version.", + "title": "PackageVersion", + "type": "string" + }, + "PatchVersion": { + "markdownDescription": "A patch version.", + "title": "PatchVersion", + "type": "string" + }, + "UpdatedLatestPatchVersion": { + "markdownDescription": "If the version was marked latest, the new version to maker as latest.", + "title": "UpdatedLatestPatchVersion", + "type": "string" + } + }, + "required": [ + "PackageId", + "PackageVersion", + "PatchVersion" + ], + "type": "object" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "Type": { + "enum": [ + "AWS::Panorama::PackageVersion" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTotalOptions": { + "AWS::PaymentCryptography::Alias": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label string for the total cells.", - "title": "CustomLabel", + "Condition": { "type": "string" }, - "MetricHeaderCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", - "markdownDescription": "The cell styling options for the total of header cells.", - "title": "MetricHeaderCellStyle" - }, - "Placement": { - "markdownDescription": "The placement (start, end) for the total cells.", - "title": "Placement", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ScrollStatus": { - "markdownDescription": "The scroll status (pinned, scrolled) for the total cells.", - "title": "ScrollStatus", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "TotalAggregationOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TotalAggregationOption" - }, - "markdownDescription": "The total aggregation options for each value field.", - "title": "TotalAggregationOptions", - "type": "array" + "Metadata": { + "type": "object" }, - "TotalCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", - "markdownDescription": "The cell styling options for the total cells.", - "title": "TotalCellStyle" + "Properties": { + "additionalProperties": false, + "properties": { + "AliasName": { + "markdownDescription": "A friendly name that you can use to refer to a key. The value must begin with `alias/` .\n\n> Do not include confidential or sensitive information in this field. This field may be displayed in plaintext in AWS CloudTrail logs and other output.", + "title": "AliasName", + "type": "string" + }, + "KeyArn": { + "markdownDescription": "The `KeyARN` of the key associated with the alias.", + "title": "KeyArn", + "type": "string" + } + }, + "required": [ + "AliasName" + ], + "type": "object" }, - "TotalsVisibility": { - "markdownDescription": "The visibility configuration for the total cells.", - "title": "TotalsVisibility", + "Type": { + "enum": [ + "AWS::PaymentCryptography::Alias" + ], "type": "string" }, - "ValueCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", - "markdownDescription": "The cell styling options for the totals of value cells.", - "title": "ValueCellStyle" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.PredefinedHierarchy": { + "AWS::PaymentCryptography::Key": { "additionalProperties": false, "properties": { - "Columns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier" - }, - "markdownDescription": "The list of columns that define the predefined hierarchy.", - "title": "Columns", - "type": "array" + "Condition": { + "type": "string" }, - "DrillDownFilters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DrillDownFilter" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DeriveKeyUsage": { + "markdownDescription": "The cryptographic usage of an ECDH derived key as de\ufb01ned in section A.5.2 of the TR-31 spec.", + "title": "DeriveKeyUsage", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Specifies whether the key is enabled.", + "title": "Enabled", + "type": "boolean" + }, + "Exportable": { + "markdownDescription": "Specifies whether the key is exportable. This data is immutable after the key is created.", + "title": "Exportable", + "type": "boolean" + }, + "KeyAttributes": { + "$ref": "#/definitions/AWS::PaymentCryptography::Key.KeyAttributes", + "markdownDescription": "The role of the key, the algorithm it supports, and the cryptographic operations allowed with the key. This data is immutable after the key is created.", + "title": "KeyAttributes" + }, + "KeyCheckValueAlgorithm": { + "markdownDescription": "The algorithm that AWS Payment Cryptography uses to calculate the key check value (KCV). It is used to validate the key integrity.\n\nFor TDES keys, the KCV is computed by encrypting 8 bytes, each with value of zero, with the key to be checked and retaining the 3 highest order bytes of the encrypted result. For AES keys, the KCV is computed using a CMAC algorithm where the input data is 16 bytes of zero and retaining the 3 highest order bytes of the encrypted result.", + "title": "KeyCheckValueAlgorithm", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The option that determines the drill down filters for the predefined hierarchy.", - "title": "DrillDownFilters", - "type": "array" + "required": [ + "Exportable", + "KeyAttributes" + ], + "type": "object" }, - "HierarchyId": { - "markdownDescription": "The hierarchy ID of the predefined hierarchy.", - "title": "HierarchyId", + "Type": { + "enum": [ + "AWS::PaymentCryptography::Key" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Columns", - "HierarchyId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ProgressBarOptions": { + "AWS::PaymentCryptography::Key.KeyAttributes": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility of the progress bar.", - "title": "Visibility", + "KeyAlgorithm": { + "markdownDescription": "The key algorithm to be use during creation of an AWS Payment Cryptography key.\n\nFor symmetric keys, AWS Payment Cryptography supports `AES` and `TDES` algorithms. For asymmetric keys, AWS Payment Cryptography supports `RSA` and `ECC_NIST` algorithms.", + "title": "KeyAlgorithm", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.RadarChartAggregatedFieldWells": { - "additionalProperties": false, - "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The aggregated field well categories of a radar chart.", - "title": "Category", - "type": "array" }, - "Color": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The color that are assigned to the aggregated field wells of a radar chart.", - "title": "Color", - "type": "array" + "KeyClass": { + "markdownDescription": "The type of AWS Payment Cryptography key to create, which determines the classi\ufb01cation of the cryptographic method and whether AWS Payment Cryptography key contains a symmetric key or an asymmetric key pair.", + "title": "KeyClass", + "type": "string" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The values that are assigned to the aggregated field wells of a radar chart.", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.RadarChartAreaStyleSettings": { - "additionalProperties": false, - "properties": { - "Visibility": { - "markdownDescription": "The visibility settings of a radar chart.", - "title": "Visibility", + "KeyModesOfUse": { + "$ref": "#/definitions/AWS::PaymentCryptography::Key.KeyModesOfUse", + "markdownDescription": "The list of cryptographic operations that you can perform using the key.", + "title": "KeyModesOfUse" + }, + "KeyUsage": { + "markdownDescription": "The cryptographic usage of an AWS Payment Cryptography key as de\ufb01ned in section A.5.2 of the TR-31 spec.", + "title": "KeyUsage", "type": "string" } }, + "required": [ + "KeyAlgorithm", + "KeyClass", + "KeyModesOfUse", + "KeyUsage" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.RadarChartConfiguration": { + "AWS::PaymentCryptography::Key.KeyModesOfUse": { "additionalProperties": false, "properties": { - "AlternateBandColorsVisibility": { - "markdownDescription": "Determines the visibility of the colors of alternatign bands in a radar chart.", - "title": "AlternateBandColorsVisibility", - "type": "string" + "Decrypt": { + "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used to decrypt data.", + "title": "Decrypt", + "type": "boolean" }, - "AlternateBandEvenColor": { - "markdownDescription": "The color of the even-numbered alternate bands of a radar chart.", - "title": "AlternateBandEvenColor", - "type": "string" + "DeriveKey": { + "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used to derive new keys.", + "title": "DeriveKey", + "type": "boolean" }, - "AlternateBandOddColor": { - "markdownDescription": "The color of the odd-numbered alternate bands of a radar chart.", - "title": "AlternateBandOddColor", - "type": "string" + "Encrypt": { + "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used to encrypt data.", + "title": "Encrypt", + "type": "boolean" }, - "AxesRangeScale": { - "markdownDescription": "The axis behavior options of a radar chart.", - "title": "AxesRangeScale", - "type": "string" + "Generate": { + "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used to generate and verify other card and PIN verification keys.", + "title": "Generate", + "type": "boolean" }, - "BaseSeriesSettings": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartSeriesSettings", - "markdownDescription": "The base sreies settings of a radar chart.", - "title": "BaseSeriesSettings" + "NoRestrictions": { + "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key has no special restrictions other than the restrictions implied by `KeyUsage` .", + "title": "NoRestrictions", + "type": "boolean" }, - "CategoryAxis": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The category axis of a radar chart.", - "title": "CategoryAxis" + "Sign": { + "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used for signing.", + "title": "Sign", + "type": "boolean" }, - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The category label options of a radar chart.", - "title": "CategoryLabelOptions" + "Unwrap": { + "markdownDescription": "", + "title": "Unwrap", + "type": "boolean" }, - "ColorAxis": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The color axis of a radar chart.", - "title": "ColorAxis" + "Verify": { + "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used to verify signatures.", + "title": "Verify", + "type": "boolean" }, - "ColorLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The color label options of a radar chart.", - "title": "ColorLabelOptions" + "Wrap": { + "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used to wrap other keys.", + "title": "Wrap", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::Personalize::Dataset": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartFieldWells", - "markdownDescription": "The field well configuration of a `RadarChartVisual` .", - "title": "FieldWells" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Shape": { - "markdownDescription": "The shape of the radar chart.", - "title": "Shape", - "type": "string" + "Metadata": { + "type": "object" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartSortConfiguration", - "markdownDescription": "The sort configuration of a `RadarChartVisual` .", - "title": "SortConfiguration" + "Properties": { + "additionalProperties": false, + "properties": { + "DatasetGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the dataset group.", + "title": "DatasetGroupArn", + "type": "string" + }, + "DatasetImportJob": { + "$ref": "#/definitions/AWS::Personalize::Dataset.DatasetImportJob", + "markdownDescription": "Describes a job that imports training data from a data source (Amazon S3 bucket) to an Amazon Personalize dataset. If you specify a dataset import job as part of a dataset, all dataset import job fields are required.", + "title": "DatasetImportJob" + }, + "DatasetType": { + "markdownDescription": "One of the following values:\n\n- Interactions\n- Items\n- Users\n\n> You can't use CloudFormation to create an Action Interactions or Actions dataset.", + "title": "DatasetType", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the dataset.", + "title": "Name", + "type": "string" + }, + "SchemaArn": { + "markdownDescription": "The ARN of the associated schema.", + "title": "SchemaArn", + "type": "string" + } + }, + "required": [ + "DatasetGroupArn", + "DatasetType", + "Name", + "SchemaArn" + ], + "type": "object" }, - "StartAngle": { - "markdownDescription": "The start angle of a radar chart's axis.", - "title": "StartAngle", - "type": "number" + "Type": { + "enum": [ + "AWS::Personalize::Dataset" + ], + "type": "string" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.RadarChartFieldWells": { + "AWS::Personalize::Dataset.DataSource": { "additionalProperties": false, "properties": { - "RadarChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a radar chart visual.", - "title": "RadarChartAggregatedFieldWells" + "DataLocation": { + "markdownDescription": "For dataset import jobs, the path to the Amazon S3 bucket where the data that you want to upload to your dataset is stored. For data deletion jobs, the path to the Amazon S3 bucket that stores the list of records to delete.\n\nFor example:\n\n`s3://bucket-name/folder-name/fileName.csv`\n\nIf your CSV files are in a folder in your Amazon S3 bucket and you want your import job or data deletion job to consider multiple files, you can specify the path to the folder. With a data deletion job, Amazon Personalize uses all files in the folder and any sub folder. Use the following syntax with a `/` after the folder name:\n\n`s3://bucket-name/folder-name/`", + "title": "DataLocation", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.RadarChartSeriesSettings": { + "AWS::Personalize::Dataset.DatasetImportJob": { "additionalProperties": false, "properties": { - "AreaStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartAreaStyleSettings", - "markdownDescription": "The area style settings of a radar chart.", - "title": "AreaStyleSettings" + "DataSource": { + "$ref": "#/definitions/AWS::Personalize::Dataset.DataSource", + "markdownDescription": "The Amazon S3 bucket that contains the training data to import.", + "title": "DataSource" + }, + "DatasetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the dataset that receives the imported data.", + "title": "DatasetArn", + "type": "string" + }, + "DatasetImportJobArn": { + "markdownDescription": "The ARN of the dataset import job.", + "title": "DatasetImportJobArn", + "type": "string" + }, + "JobName": { + "markdownDescription": "The name of the import job.", + "title": "JobName", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that has permissions to read from the Amazon S3 data source.", + "title": "RoleArn", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.RadarChartSortConfiguration": { + "AWS::Personalize::DatasetGroup": { "additionalProperties": false, "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The category items limit for a radar chart.", - "title": "CategoryItemsLimit" + "Condition": { + "type": "string" }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The category sort options of a radar chart.", - "title": "CategorySort", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ColorItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The color items limit of a radar chart.", - "title": "ColorItemsLimit" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ColorSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Domain": { + "markdownDescription": "The domain of a Domain dataset group.", + "title": "Domain", + "type": "string" + }, + "KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) key used to encrypt the datasets.", + "title": "KmsKeyArn", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the dataset group.", + "title": "Name", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the AWS Identity and Access Management (IAM) role that has permissions to access the AWS Key Management Service (KMS) key. Supplying an IAM role is only valid when also specifying a KMS key.", + "title": "RoleArn", + "type": "string" + } }, - "markdownDescription": "The color sort configuration of a radar chart.", - "title": "ColorSort", - "type": "array" + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Personalize::DatasetGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.RadarChartVisual": { + "AWS::Personalize::Schema": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Metadata": { + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Properties": { + "additionalProperties": false, + "properties": { + "Domain": { + "markdownDescription": "The domain of a schema that you created for a dataset in a Domain dataset group.", + "title": "Domain", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the schema.", + "title": "Name", + "type": "string" + }, + "Schema": { + "markdownDescription": "The schema.", + "title": "Schema", + "type": "string" + } + }, + "required": [ + "Name", + "Schema" + ], + "type": "object" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "Type": { + "enum": [ + "AWS::Personalize::Schema" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.RangeEndsLabelType": { + "AWS::Personalize::Solution": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility of the range ends label.", - "title": "Visibility", + "Condition": { "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.ReferenceLine": { - "additionalProperties": false, - "properties": { - "DataConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineDataConfiguration", - "markdownDescription": "The data configuration of the reference line.", - "title": "DataConfiguration" }, - "LabelConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineLabelConfiguration", - "markdownDescription": "The label configuration of the reference line.", - "title": "LabelConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Status": { - "markdownDescription": "The status of the reference line. Choose one of the following options:\n\n- `ENABLE`\n- `DISABLE`", - "title": "Status", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DatasetGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the dataset group that provides the training data.", + "title": "DatasetGroupArn", + "type": "string" + }, + "EventType": { + "markdownDescription": "The event type (for example, 'click' or 'like') that is used for training the model. If no `eventType` is provided, Amazon Personalize uses all interactions for training with equal weight regardless of type.", + "title": "EventType", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the solution.", + "title": "Name", + "type": "string" + }, + "PerformAutoML": { + "markdownDescription": "> We don't recommend enabling automated machine learning. Instead, match your use case to the available Amazon Personalize recipes. For more information, see [Determining your use case.](https://docs.aws.amazon.com/personalize/latest/dg/determining-use-case.html) \n\nWhen true, Amazon Personalize performs a search for the best USER_PERSONALIZATION recipe from the list specified in the solution configuration ( `recipeArn` must not be specified). When false (the default), Amazon Personalize uses `recipeArn` for training.", + "title": "PerformAutoML", + "type": "boolean" + }, + "PerformHPO": { + "markdownDescription": "Whether to perform hyperparameter optimization (HPO) on the chosen recipe. The default is `false` .", + "title": "PerformHPO", + "type": "boolean" + }, + "RecipeArn": { + "markdownDescription": "The ARN of the recipe used to create the solution. This is required when `performAutoML` is false.", + "title": "RecipeArn", + "type": "string" + }, + "SolutionConfig": { + "$ref": "#/definitions/AWS::Personalize::Solution.SolutionConfig", + "markdownDescription": "Describes the configuration properties for the solution.", + "title": "SolutionConfig" + } + }, + "required": [ + "DatasetGroupArn", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Personalize::Solution" + ], "type": "string" }, - "StyleConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineStyleConfiguration", - "markdownDescription": "The style configuration of the reference line.", - "title": "StyleConfiguration" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "DataConfiguration" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ReferenceLineCustomLabelConfiguration": { + "AWS::Personalize::Solution.AlgorithmHyperParameterRanges": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The string text of the custom label.", - "title": "CustomLabel", - "type": "string" + "CategoricalHyperParameterRanges": { + "items": { + "$ref": "#/definitions/AWS::Personalize::Solution.CategoricalHyperParameterRange" + }, + "markdownDescription": "Provides the name and range of a categorical hyperparameter.", + "title": "CategoricalHyperParameterRanges", + "type": "array" + }, + "ContinuousHyperParameterRanges": { + "items": { + "$ref": "#/definitions/AWS::Personalize::Solution.ContinuousHyperParameterRange" + }, + "markdownDescription": "Provides the name and range of a continuous hyperparameter.", + "title": "ContinuousHyperParameterRanges", + "type": "array" + }, + "IntegerHyperParameterRanges": { + "items": { + "$ref": "#/definitions/AWS::Personalize::Solution.IntegerHyperParameterRange" + }, + "markdownDescription": "Provides the name and range of an integer-valued hyperparameter.", + "title": "IntegerHyperParameterRanges", + "type": "array" } }, - "required": [ - "CustomLabel" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.ReferenceLineDataConfiguration": { + "AWS::Personalize::Solution.AutoMLConfig": { "additionalProperties": false, "properties": { - "AxisBinding": { - "markdownDescription": "The axis binding type of the reference line. Choose one of the following options:\n\n- `PrimaryY`\n- `SecondaryY`", - "title": "AxisBinding", - "type": "string" - }, - "DynamicConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineDynamicDataConfiguration", - "markdownDescription": "The dynamic configuration of the reference line data configuration.", - "title": "DynamicConfiguration" - }, - "SeriesType": { - "markdownDescription": "The series type of the reference line data configuration. Choose one of the following options:\n\n- `BAR`\n- `LINE`", - "title": "SeriesType", + "MetricName": { + "markdownDescription": "The metric to optimize.", + "title": "MetricName", "type": "string" }, - "StaticConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineStaticDataConfiguration", - "markdownDescription": "The static data configuration of the reference line data configuration.", - "title": "StaticConfiguration" + "RecipeList": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of candidate recipes.", + "title": "RecipeList", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ReferenceLineDynamicDataConfiguration": { + "AWS::Personalize::Solution.CategoricalHyperParameterRange": { "additionalProperties": false, "properties": { - "Calculation": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericalAggregationFunction", - "markdownDescription": "The calculation that is used in the dynamic data.", - "title": "Calculation" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that the dynamic data targets.", - "title": "Column" + "Name": { + "markdownDescription": "The name of the hyperparameter.", + "title": "Name", + "type": "string" }, - "MeasureAggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationFunction", - "markdownDescription": "The aggregation function that is used in the dynamic data.", - "title": "MeasureAggregationFunction" + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the categories for the hyperparameter.", + "title": "Values", + "type": "array" } }, - "required": [ - "Calculation", - "Column" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.ReferenceLineLabelConfiguration": { + "AWS::Personalize::Solution.ContinuousHyperParameterRange": { "additionalProperties": false, "properties": { - "CustomLabelConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineCustomLabelConfiguration", - "markdownDescription": "The custom label configuration of the label in a reference line.", - "title": "CustomLabelConfiguration" - }, - "FontColor": { - "markdownDescription": "The font color configuration of the label in a reference line.", - "title": "FontColor", - "type": "string" - }, - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", - "markdownDescription": "The font configuration of the label in a reference line.", - "title": "FontConfiguration" - }, - "HorizontalPosition": { - "markdownDescription": "The horizontal position configuration of the label in a reference line. Choose one of the following options:\n\n- `LEFT`\n- `CENTER`\n- `RIGHT`", - "title": "HorizontalPosition", - "type": "string" + "MaxValue": { + "markdownDescription": "The maximum allowable value for the hyperparameter.", + "title": "MaxValue", + "type": "number" }, - "ValueLabelConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineValueLabelConfiguration", - "markdownDescription": "The value label configuration of the label in a reference line.", - "title": "ValueLabelConfiguration" + "MinValue": { + "markdownDescription": "The minimum allowable value for the hyperparameter.", + "title": "MinValue", + "type": "number" }, - "VerticalPosition": { - "markdownDescription": "The vertical position configuration of the label in a reference line. Choose one of the following options:\n\n- `ABOVE`\n- `BELOW`", - "title": "VerticalPosition", + "Name": { + "markdownDescription": "The name of the hyperparameter.", + "title": "Name", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ReferenceLineStaticDataConfiguration": { + "AWS::Personalize::Solution.HpoConfig": { "additionalProperties": false, "properties": { - "Value": { - "markdownDescription": "The double input of the static data.", - "title": "Value", - "type": "number" + "AlgorithmHyperParameterRanges": { + "$ref": "#/definitions/AWS::Personalize::Solution.AlgorithmHyperParameterRanges", + "markdownDescription": "The hyperparameters and their allowable ranges.", + "title": "AlgorithmHyperParameterRanges" + }, + "HpoObjective": { + "$ref": "#/definitions/AWS::Personalize::Solution.HpoObjective", + "markdownDescription": "The metric to optimize during HPO.\n\n> Amazon Personalize doesn't support configuring the `hpoObjective` at this time.", + "title": "HpoObjective" + }, + "HpoResourceConfig": { + "$ref": "#/definitions/AWS::Personalize::Solution.HpoResourceConfig", + "markdownDescription": "Describes the resource configuration for HPO.", + "title": "HpoResourceConfig" } }, - "required": [ - "Value" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.ReferenceLineStyleConfiguration": { + "AWS::Personalize::Solution.HpoObjective": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The hex color of the reference line.", - "title": "Color", + "MetricName": { + "markdownDescription": "The name of the metric.", + "title": "MetricName", "type": "string" }, - "Pattern": { - "markdownDescription": "The pattern type of the line style. Choose one of the following options:\n\n- `SOLID`\n- `DASHED`\n- `DOTTED`", - "title": "Pattern", + "MetricRegex": { + "markdownDescription": "A regular expression for finding the metric in the training job logs.", + "title": "MetricRegex", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the metric. Valid values are `Maximize` and `Minimize` .", + "title": "Type", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ReferenceLineValueLabelConfiguration": { + "AWS::Personalize::Solution.HpoResourceConfig": { "additionalProperties": false, "properties": { - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericFormatConfiguration", - "markdownDescription": "The format configuration of the value label.", - "title": "FormatConfiguration" + "MaxNumberOfTrainingJobs": { + "markdownDescription": "The maximum number of training jobs when you create a solution version. The maximum value for `maxNumberOfTrainingJobs` is `40` .", + "title": "MaxNumberOfTrainingJobs", + "type": "string" }, - "RelativePosition": { - "markdownDescription": "The relative position of the value label. Choose one of the following options:\n\n- `BEFORE_CUSTOM_LABEL`\n- `AFTER_CUSTOM_LABEL`", - "title": "RelativePosition", + "MaxParallelTrainingJobs": { + "markdownDescription": "The maximum number of parallel training jobs when you create a solution version. The maximum value for `maxParallelTrainingJobs` is `10` .", + "title": "MaxParallelTrainingJobs", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.RelativeDateTimeControlDisplayOptions": { + "AWS::Personalize::Solution.IntegerHyperParameterRange": { "additionalProperties": false, "properties": { - "DateTimeFormat": { - "markdownDescription": "Customize how dates are formatted in controls.", - "title": "DateTimeFormat", - "type": "string" + "MaxValue": { + "markdownDescription": "The maximum allowable value for the hyperparameter.", + "title": "MaxValue", + "type": "number" }, - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" + "MinValue": { + "markdownDescription": "The minimum allowable value for the hyperparameter.", + "title": "MinValue", + "type": "number" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" + "Name": { + "markdownDescription": "The name of the hyperparameter.", + "title": "Name", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.RelativeDatesFilter": { + "AWS::Personalize::Solution.SolutionConfig": { "additionalProperties": false, "properties": { - "AnchorDateConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AnchorDateConfiguration", - "markdownDescription": "The date configuration of the filter.", - "title": "AnchorDateConfiguration" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" + "AlgorithmHyperParameters": { + "additionalProperties": true, + "markdownDescription": "Lists the algorithm hyperparameters and their values.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AlgorithmHyperParameters", + "type": "object" }, - "ExcludePeriodConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ExcludePeriodConfiguration", - "markdownDescription": "The configuration for the exclude period of the filter.", - "title": "ExcludePeriodConfiguration" + "AutoMLConfig": { + "$ref": "#/definitions/AWS::Personalize::Solution.AutoMLConfig", + "markdownDescription": "The [AutoMLConfig](https://docs.aws.amazon.com/personalize/latest/dg/API_AutoMLConfig.html) object containing a list of recipes to search when AutoML is performed.", + "title": "AutoMLConfig" }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", + "EventValueThreshold": { + "markdownDescription": "Only events with a value greater than or equal to this threshold are used for training a model.", + "title": "EventValueThreshold", "type": "string" }, - "MinimumGranularity": { - "markdownDescription": "The minimum granularity (period granularity) of the relative dates filter.", - "title": "MinimumGranularity", - "type": "string" + "FeatureTransformationParameters": { + "additionalProperties": true, + "markdownDescription": "Lists the feature transformation parameters.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "FeatureTransformationParameters", + "type": "object" }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", + "HpoConfig": { + "$ref": "#/definitions/AWS::Personalize::Solution.HpoConfig", + "markdownDescription": "Describes the properties for hyperparameter optimization (HPO).", + "title": "HpoConfig" + } + }, + "type": "object" + }, + "AWS::Pinpoint::ADMChannel": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.", - "title": "ParameterName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "RelativeDateType": { - "markdownDescription": "The range date type of the filter. Choose one of the options below:\n\n- `PREVIOUS`\n- `THIS`\n- `LAST`\n- `NOW`\n- `NEXT`", - "title": "RelativeDateType", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "RelativeDateValue": { - "markdownDescription": "The date value of the filter.", - "title": "RelativeDateValue", - "type": "number" + "Metadata": { + "type": "object" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the ADM channel applies to.", + "title": "ApplicationId", + "type": "string" + }, + "ClientId": { + "markdownDescription": "The Client ID that you received from Amazon to send messages by using ADM.", + "title": "ClientId", + "type": "string" + }, + "ClientSecret": { + "markdownDescription": "The Client Secret that you received from Amazon to send messages by using ADM.", + "title": "ClientSecret", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Specifies whether to enable the ADM channel for the application.", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "ApplicationId", + "ClientId", + "ClientSecret" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Pinpoint::ADMChannel" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "AnchorDateConfiguration", - "Column", - "FilterId", - "NullOption", - "RelativeDateType", - "TimeGranularity" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ResourcePermission": { + "AWS::Pinpoint::APNSChannel": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "type": "string" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the APNs channel applies to.", + "title": "ApplicationId", + "type": "string" + }, + "BundleId": { + "markdownDescription": "The bundle identifier that's assigned to your iOS app. This identifier is used for APNs tokens.", + "title": "BundleId", + "type": "string" + }, + "Certificate": { + "markdownDescription": "The APNs client certificate that you received from Apple. Specify this value if you want Amazon Pinpoint to communicate with APNs by using an APNs certificate.", + "title": "Certificate", + "type": "string" + }, + "DefaultAuthenticationMethod": { + "markdownDescription": "The default authentication method that you want Amazon Pinpoint to use when authenticating with APNs. Valid options are `key` or `certificate` .", + "title": "DefaultAuthenticationMethod", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Specifies whether to enable the APNs channel for the application.", + "title": "Enabled", + "type": "boolean" + }, + "PrivateKey": { + "markdownDescription": "The private key for the APNs client certificate that you want Amazon Pinpoint to use to communicate with APNs.", + "title": "PrivateKey", + "type": "string" + }, + "TeamId": { + "markdownDescription": "The identifier that's assigned to your Apple Developer Account team. This identifier is used for APNs tokens.", + "title": "TeamId", + "type": "string" + }, + "TokenKey": { + "markdownDescription": "The authentication key to use for APNs tokens.", + "title": "TokenKey", + "type": "string" + }, + "TokenKeyId": { + "markdownDescription": "The key identifier that's assigned to your APNs signing key. Specify this value if you want Amazon Pinpoint to communicate with APNs by using APNs tokens.", + "title": "TokenKeyId", + "type": "string" + } }, - "markdownDescription": "The IAM action to grant or revoke permissions on.", - "title": "Actions", - "type": "array" + "required": [ + "ApplicationId" + ], + "type": "object" }, - "Principal": { - "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", - "title": "Principal", + "Type": { + "enum": [ + "AWS::Pinpoint::APNSChannel" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Actions", - "Principal" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.RollingDateConfiguration": { + "AWS::Pinpoint::APNSSandboxChannel": { "additionalProperties": false, "properties": { - "DataSetIdentifier": { - "markdownDescription": "The data set that is used in the rolling date configuration.", - "title": "DataSetIdentifier", + "Condition": { "type": "string" }, - "Expression": { - "markdownDescription": "The expression of the rolling date configuration.", - "title": "Expression", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the APNs sandbox channel applies to.", + "title": "ApplicationId", + "type": "string" + }, + "BundleId": { + "markdownDescription": "The bundle identifier that's assigned to your iOS app. This identifier is used for APNs tokens.", + "title": "BundleId", + "type": "string" + }, + "Certificate": { + "markdownDescription": "The APNs client certificate that you received from Apple. Specify this value if you want Amazon Pinpoint to communicate with APNs by using an APNs certificate.", + "title": "Certificate", + "type": "string" + }, + "DefaultAuthenticationMethod": { + "markdownDescription": "The default authentication method that you want Amazon Pinpoint to use when authenticating with APNs. Valid options are `key` or `certificate` .", + "title": "DefaultAuthenticationMethod", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Specifies whether to enable the APNs Sandbox channel for the Amazon Pinpoint application.", + "title": "Enabled", + "type": "boolean" + }, + "PrivateKey": { + "markdownDescription": "The private key for the APNs client certificate that you want Amazon Pinpoint to use to communicate with APNs.", + "title": "PrivateKey", + "type": "string" + }, + "TeamId": { + "markdownDescription": "The identifier that's assigned to your Apple Developer Account team. This identifier is used for APNs tokens.", + "title": "TeamId", + "type": "string" + }, + "TokenKey": { + "markdownDescription": "The authentication key to use for APNs tokens.", + "title": "TokenKey", + "type": "string" + }, + "TokenKeyId": { + "markdownDescription": "The key identifier that's assigned to your APNs signing key. Specify this value if you want Amazon Pinpoint to communicate with APNs by using APNs tokens.", + "title": "TokenKeyId", + "type": "string" + } + }, + "required": [ + "ApplicationId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Pinpoint::APNSSandboxChannel" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Expression" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.RowAlternateColorOptions": { + "AWS::Pinpoint::APNSVoipChannel": { "additionalProperties": false, "properties": { - "RowAlternateColors": { - "items": { - "type": "string" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the APNs VoIP channel applies to.", + "title": "ApplicationId", + "type": "string" + }, + "BundleId": { + "markdownDescription": "The bundle identifier that's assigned to your iOS app. This identifier is used for APNs tokens.", + "title": "BundleId", + "type": "string" + }, + "Certificate": { + "markdownDescription": "The APNs client certificate that you received from Apple. Specify this value if you want Amazon Pinpoint to communicate with APNs by using an APNs certificate.", + "title": "Certificate", + "type": "string" + }, + "DefaultAuthenticationMethod": { + "markdownDescription": "The default authentication method that you want Amazon Pinpoint to use when authenticating with APNs. Valid options are `key` or `certificate` .", + "title": "DefaultAuthenticationMethod", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Specifies whether to enable the APNs VoIP channel for the Amazon Pinpoint application.", + "title": "Enabled", + "type": "boolean" + }, + "PrivateKey": { + "markdownDescription": "The private key for the APNs client certificate that you want Amazon Pinpoint to use to communicate with APNs.", + "title": "PrivateKey", + "type": "string" + }, + "TeamId": { + "markdownDescription": "The identifier that's assigned to your Apple Developer Account team. This identifier is used for APNs tokens.", + "title": "TeamId", + "type": "string" + }, + "TokenKey": { + "markdownDescription": "The authentication key to use for APNs tokens.", + "title": "TokenKey", + "type": "string" + }, + "TokenKeyId": { + "markdownDescription": "The key identifier that's assigned to your APNs signing key. Specify this value if you want Amazon Pinpoint to communicate with APNs by using APNs tokens.", + "title": "TokenKeyId", + "type": "string" + } }, - "markdownDescription": "Determines the list of row alternate colors.", - "title": "RowAlternateColors", - "type": "array" + "required": [ + "ApplicationId" + ], + "type": "object" }, - "Status": { - "markdownDescription": "Determines the widget status.", - "title": "Status", + "Type": { + "enum": [ + "AWS::Pinpoint::APNSVoipChannel" + ], "type": "string" }, - "UsePrimaryBackgroundColor": { - "markdownDescription": "The primary background color options for alternate rows.", - "title": "UsePrimaryBackgroundColor", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.SameSheetTargetVisualConfiguration": { + "AWS::Pinpoint::APNSVoipSandboxChannel": { "additionalProperties": false, "properties": { - "TargetVisualOptions": { - "markdownDescription": "The options that choose the target visual in the same sheet.\n\nValid values are defined as follows:\n\n- `ALL_VISUALS` : Applies the filter operation to all visuals in the same sheet.", - "title": "TargetVisualOptions", + "Condition": { "type": "string" }, - "TargetVisuals": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the target visual IDs that are located in the same sheet of the analysis.", - "title": "TargetVisuals", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.SankeyDiagramAggregatedFieldWells": { - "additionalProperties": false, - "properties": { - "Destination": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The destination field wells of a sankey diagram.", - "title": "Destination", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Source": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The source field wells of a sankey diagram.", - "title": "Source", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Weight": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The unique identifier for the application that the APNs VoIP sandbox channel applies to.", + "title": "ApplicationId", + "type": "string" + }, + "BundleId": { + "markdownDescription": "The bundle identifier that's assigned to your iOS app. This identifier is used for APNs tokens.", + "title": "BundleId", + "type": "string" + }, + "Certificate": { + "markdownDescription": "The APNs client certificate that you received from Apple. Specify this value if you want Amazon Pinpoint to communicate with the APNs sandbox environment by using an APNs certificate.", + "title": "Certificate", + "type": "string" + }, + "DefaultAuthenticationMethod": { + "markdownDescription": "The default authentication method that you want Amazon Pinpoint to use when authenticating with APNs. Valid options are `key` or `certificate` .", + "title": "DefaultAuthenticationMethod", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Specifies whether the APNs VoIP sandbox channel is enabled for the application.", + "title": "Enabled", + "type": "boolean" + }, + "PrivateKey": { + "markdownDescription": "The private key for the APNs client certificate that you want Amazon Pinpoint to use to communicate with the APNs sandbox environment.", + "title": "PrivateKey", + "type": "string" + }, + "TeamId": { + "markdownDescription": "The identifier that's assigned to your Apple developer account team. This identifier is used for APNs tokens.", + "title": "TeamId", + "type": "string" + }, + "TokenKey": { + "markdownDescription": "The authentication key to use for APNs tokens.", + "title": "TokenKey", + "type": "string" + }, + "TokenKeyId": { + "markdownDescription": "The key identifier that's assigned to your APNs signing key. Specify this value if you want Amazon Pinpoint to communicate with the APNs sandbox environment by using APNs tokens.", + "title": "TokenKeyId", + "type": "string" + } }, - "markdownDescription": "The weight field wells of a sankey diagram.", - "title": "Weight", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.SankeyDiagramChartConfiguration": { - "additionalProperties": false, - "properties": { - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", - "markdownDescription": "The data label configuration of a sankey diagram.", - "title": "DataLabels" + "required": [ + "ApplicationId" + ], + "type": "object" }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SankeyDiagramFieldWells", - "markdownDescription": "The field well configuration of a sankey diagram.", - "title": "FieldWells" + "Type": { + "enum": [ + "AWS::Pinpoint::APNSVoipSandboxChannel" + ], + "type": "string" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SankeyDiagramSortConfiguration", - "markdownDescription": "The sort configuration of a sankey diagram.", - "title": "SortConfiguration" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.SankeyDiagramFieldWells": { - "additionalProperties": false, - "properties": { - "SankeyDiagramAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SankeyDiagramAggregatedFieldWells", - "markdownDescription": "The field well configuration of a sankey diagram.", - "title": "SankeyDiagramAggregatedFieldWells" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.SankeyDiagramSortConfiguration": { + "AWS::Pinpoint::App": { "additionalProperties": false, "properties": { - "DestinationItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of destination nodes that are displayed in a sankey diagram.", - "title": "DestinationItemsLimit" + "Condition": { + "type": "string" }, - "SourceItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of source nodes that are displayed in a sankey diagram.", - "title": "SourceItemsLimit" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "WeightSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the weight fields.", - "title": "WeightSort", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.SankeyDiagramVisual": { - "additionalProperties": false, - "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SankeyDiagramChartConfiguration", - "markdownDescription": "The configuration of a sankey diagram.", - "title": "ChartConfiguration" + "Metadata": { + "type": "object" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The display name of the application.", + "title": "Name", + "type": "string" + }, + "Tags": { + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "object" + } + }, + "required": [ + "Name" + ], + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Type": { + "enum": [ + "AWS::Pinpoint::App" + ], + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ScatterPlotCategoricallyAggregatedFieldWells": { + "AWS::Pinpoint::ApplicationSettings": { "additionalProperties": false, "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The category field well of a scatter plot.", - "title": "Category", - "type": "array" + "Condition": { + "type": "string" }, - "Label": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The label field well of a scatter plot.", - "title": "Label", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Size": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The size field well of a scatter plot.", - "title": "Size", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "XAxis": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The x-axis field well of a scatter plot.\n\nThe x-axis is aggregated by category.", - "title": "XAxis", - "type": "array" + "Metadata": { + "type": "object" }, - "YAxis": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The unique identifier for the Amazon Pinpoint application.", + "title": "ApplicationId", + "type": "string" + }, + "CampaignHook": { + "$ref": "#/definitions/AWS::Pinpoint::ApplicationSettings.CampaignHook", + "markdownDescription": "The settings for the Lambda function to use by default as a code hook for campaigns in the application. To override these settings for a specific campaign, use the Campaign resource to define custom Lambda function settings for the campaign.", + "title": "CampaignHook" + }, + "CloudWatchMetricsEnabled": { + "markdownDescription": "", + "title": "CloudWatchMetricsEnabled", + "type": "boolean" + }, + "Limits": { + "$ref": "#/definitions/AWS::Pinpoint::ApplicationSettings.Limits", + "markdownDescription": "The default sending limits for campaigns in the application. To override these limits for a specific campaign, use the Campaign resource to define custom limits for the campaign.", + "title": "Limits" + }, + "QuietTime": { + "$ref": "#/definitions/AWS::Pinpoint::ApplicationSettings.QuietTime", + "markdownDescription": "The default quiet time for campaigns in the application. Quiet time is a specific time range when campaigns don't send messages to endpoints, if all the following conditions are met:\n\n- The `EndpointDemographic.Timezone` property of the endpoint is set to a valid value.\n\n- The current time in the endpoint's time zone is later than or equal to the time specified by the `QuietTime.Start` property for the application (or a campaign that has custom quiet time settings).\n\n- The current time in the endpoint's time zone is earlier than or equal to the time specified by the `QuietTime.End` property for the application (or a campaign that has custom quiet time settings).\n\nIf any of the preceding conditions isn't met, the endpoint will receive messages from a campaign, even if quiet time is enabled.\n\nTo override the default quiet time settings for a specific campaign, use the Campaign resource to define a custom quiet time for the campaign.", + "title": "QuietTime" + } }, - "markdownDescription": "The y-axis field well of a scatter plot.\n\nThe y-axis is aggregated by category.", - "title": "YAxis", - "type": "array" + "required": [ + "ApplicationId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Pinpoint::ApplicationSettings" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.ScatterPlotConfiguration": { + "AWS::Pinpoint::ApplicationSettings.CampaignHook": { "additionalProperties": false, "properties": { - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.", - "title": "DataLabels" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScatterPlotFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" - }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Tooltip" - }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" - }, - "XAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, and axis step) of the scatter plot's x-axis.", - "title": "XAxisDisplayOptions" - }, - "XAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's x-axis.", - "title": "XAxisLabelOptions" + "LambdaFunctionName": { + "markdownDescription": "The name or Amazon Resource Name (ARN) of the Lambda function that Amazon Pinpoint invokes to send messages for campaigns in the application.", + "title": "LambdaFunctionName", + "type": "string" }, - "YAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, and axis step) of the scatter plot's y-axis.", - "title": "YAxisDisplayOptions" + "Mode": { + "markdownDescription": "The mode that Amazon Pinpoint uses to invoke the Lambda function. Possible values are:\n\n- `FILTER` - Invoke the function to customize the segment that's used by a campaign.\n- `DELIVERY` - (Deprecated) Previously, invoked the function to send a campaign through a custom channel. This functionality is not supported anymore. To send a campaign through a custom channel, use the `CustomDeliveryConfiguration` and `CampaignCustomMessage` objects of the campaign.", + "title": "Mode", + "type": "string" }, - "YAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's y-axis.", - "title": "YAxisLabelOptions" + "WebUrl": { + "markdownDescription": "The web URL that Amazon Pinpoint calls to invoke the Lambda function over HTTPS.", + "title": "WebUrl", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ScatterPlotFieldWells": { + "AWS::Pinpoint::ApplicationSettings.Limits": { "additionalProperties": false, "properties": { - "ScatterPlotCategoricallyAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScatterPlotCategoricallyAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a scatter plot. The x and y-axes of scatter plots with aggregated field wells are aggregated by category, label, or both.", - "title": "ScatterPlotCategoricallyAggregatedFieldWells" + "Daily": { + "markdownDescription": "The maximum number of messages that a campaign can send to a single endpoint during a 24-hour period. The maximum value is 100.", + "title": "Daily", + "type": "number" }, - "ScatterPlotUnaggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScatterPlotUnaggregatedFieldWells", - "markdownDescription": "The unaggregated field wells of a scatter plot. The x and y-axes of these scatter plots are unaggregated.", - "title": "ScatterPlotUnaggregatedFieldWells" + "MaximumDuration": { + "markdownDescription": "The maximum amount of time, in seconds, that a campaign can attempt to deliver a message after the scheduled start time for the campaign. The minimum value is 60 seconds.", + "title": "MaximumDuration", + "type": "number" + }, + "MessagesPerSecond": { + "markdownDescription": "The maximum number of messages that a campaign can send each second. The minimum value is 1. The maximum value is 20,000.", + "title": "MessagesPerSecond", + "type": "number" + }, + "Total": { + "markdownDescription": "The maximum number of messages that a campaign can send to a single endpoint during the course of the campaign. The maximum value is 100.", + "title": "Total", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ScatterPlotUnaggregatedFieldWells": { + "AWS::Pinpoint::ApplicationSettings.QuietTime": { "additionalProperties": false, "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The category field well of a scatter plot.", - "title": "Category", - "type": "array" - }, - "Label": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The label field well of a scatter plot.", - "title": "Label", - "type": "array" - }, - "Size": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The size field well of a scatter plot.", - "title": "Size", - "type": "array" - }, - "XAxis": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The x-axis field well of a scatter plot.\n\nThe x-axis is a dimension field and cannot be aggregated.", - "title": "XAxis", - "type": "array" + "End": { + "markdownDescription": "The specific time when quiet time ends. This value has to use 24-hour notation and be in HH:MM format, where HH is the hour (with a leading zero, if applicable) and MM is the minutes. For example, use `02:30` to represent 2:30 AM, or `14:30` to represent 2:30 PM.", + "title": "End", + "type": "string" }, - "YAxis": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The y-axis field well of a scatter plot.\n\nThe y-axis is a dimension field and cannot be aggregated.", - "title": "YAxis", - "type": "array" + "Start": { + "markdownDescription": "The specific time when quiet time begins. This value has to use 24-hour notation and be in HH:MM format, where HH is the hour (with a leading zero, if applicable) and MM is the minutes. For example, use `02:30` to represent 2:30 AM, or `14:30` to represent 2:30 PM.", + "title": "Start", + "type": "string" } }, + "required": [ + "End", + "Start" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.ScatterPlotVisual": { + "AWS::Pinpoint::BaiduChannel": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScatterPlotConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Metadata": { + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Properties": { + "additionalProperties": false, + "properties": { + "ApiKey": { + "markdownDescription": "The API key that you received from the Baidu Cloud Push service to communicate with the service.", + "title": "ApiKey", + "type": "string" + }, + "ApplicationId": { + "markdownDescription": "The unique identifier for the Amazon Pinpoint application that you're configuring the Baidu channel for.", + "title": "ApplicationId", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Specifies whether to enable the Baidu channel for the application.", + "title": "Enabled", + "type": "boolean" + }, + "SecretKey": { + "markdownDescription": "The secret key that you received from the Baidu Cloud Push service to communicate with the service.", + "title": "SecretKey", + "type": "string" + } + }, + "required": [ + "ApiKey", + "ApplicationId", + "SecretKey" + ], + "type": "object" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "Type": { + "enum": [ + "AWS::Pinpoint::BaiduChannel" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ScrollBarOptions": { + "AWS::Pinpoint::Campaign": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility of the data zoom scroll bar.", - "title": "Visibility", + "Condition": { "type": "string" }, - "VisibleRange": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisibleRangeOptions", - "markdownDescription": "The visibility range for the data zoom scroll bar.", - "title": "VisibleRange" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.SecondaryValueOptions": { - "additionalProperties": false, - "properties": { - "Visibility": { - "markdownDescription": "Determines the visibility of the secondary value.", - "title": "Visibility", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AdditionalTreatments": { + "items": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.WriteTreatmentResource" + }, + "markdownDescription": "An array of requests that defines additional treatments for the campaign, in addition to the default treatment for the campaign.", + "title": "AdditionalTreatments", + "type": "array" + }, + "ApplicationId": { + "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the campaign is associated with.", + "title": "ApplicationId", + "type": "string" + }, + "CampaignHook": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.CampaignHook", + "markdownDescription": "Specifies the Lambda function to use as a code hook for a campaign.", + "title": "CampaignHook" + }, + "CustomDeliveryConfiguration": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.CustomDeliveryConfiguration", + "markdownDescription": "The delivery configuration settings for sending the treatment through a custom channel. This object is required if the `MessageConfiguration` object for the treatment specifies a `CustomMessage` object.", + "title": "CustomDeliveryConfiguration" + }, + "Description": { + "markdownDescription": "A custom description of the campaign.", + "title": "Description", + "type": "string" + }, + "HoldoutPercent": { + "markdownDescription": "The allocated percentage of users (segment members) who shouldn't receive messages from the campaign.", + "title": "HoldoutPercent", + "type": "number" + }, + "IsPaused": { + "markdownDescription": "Specifies whether to pause the campaign. A paused campaign doesn't run unless you resume it by changing this value to `false` . If you restart a campaign, the campaign restarts from the beginning and not at the point you paused it. If a campaign is running it will complete and then pause. Pause only pauses or skips the next run for a recurring future scheduled campaign. A campaign scheduled for immediate can't be paused.", + "title": "IsPaused", + "type": "boolean" + }, + "Limits": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.Limits", + "markdownDescription": "The messaging limits for the campaign.", + "title": "Limits" + }, + "MessageConfiguration": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.MessageConfiguration", + "markdownDescription": "The message configuration settings for the treatment.", + "title": "MessageConfiguration" + }, + "Name": { + "markdownDescription": "The name of the campaign.", + "title": "Name", + "type": "string" + }, + "Priority": { + "markdownDescription": "An integer between 1 and 5, inclusive, that represents the priority of the in-app message campaign, where 1 is the highest priority and 5 is the lowest. If there are multiple messages scheduled to be displayed at the same time, the priority determines the order in which those messages are displayed.", + "title": "Priority", + "type": "number" + }, + "Schedule": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.Schedule", + "markdownDescription": "The schedule settings for the treatment.", + "title": "Schedule" + }, + "SegmentId": { + "markdownDescription": "The unique identifier for the segment to associate with the campaign.", + "title": "SegmentId", + "type": "string" + }, + "SegmentVersion": { + "markdownDescription": "The version of the segment to associate with the campaign.", + "title": "SegmentVersion", + "type": "number" + }, + "Tags": { + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "object" + }, + "TemplateConfiguration": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.TemplateConfiguration", + "markdownDescription": "The message template to use for the treatment.", + "title": "TemplateConfiguration" + }, + "TreatmentDescription": { + "markdownDescription": "A custom description of the treatment.", + "title": "TreatmentDescription", + "type": "string" + }, + "TreatmentName": { + "markdownDescription": "A custom name for the treatment.", + "title": "TreatmentName", + "type": "string" + } + }, + "required": [ + "ApplicationId", + "Name", + "Schedule", + "SegmentId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Pinpoint::Campaign" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.SectionAfterPageBreak": { + "AWS::Pinpoint::Campaign.AttributeDimension": { "additionalProperties": false, "properties": { - "Status": { - "markdownDescription": "The option that enables or disables a page break at the end of a section.", - "title": "Status", + "AttributeType": { "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SectionBasedLayoutCanvasSizeOptions": { + "AWS::Pinpoint::Campaign.CampaignCustomMessage": { "additionalProperties": false, "properties": { - "PaperCanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionBasedLayoutPaperCanvasSizeOptions", - "markdownDescription": "The options for a paper canvas of a section-based layout.", - "title": "PaperCanvasSizeOptions" + "Data": { + "markdownDescription": "The raw, JSON-formatted string to use as the payload for the message. The maximum size is 5 KB.", + "title": "Data", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SectionBasedLayoutConfiguration": { + "AWS::Pinpoint::Campaign.CampaignEmailMessage": { "additionalProperties": false, "properties": { - "BodySections": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BodySectionConfiguration" - }, - "markdownDescription": "A list of body section configurations.", - "title": "BodySections", - "type": "array" + "Body": { + "markdownDescription": "The body of the email for recipients whose email clients don't render HTML content.", + "title": "Body", + "type": "string" }, - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionBasedLayoutCanvasSizeOptions", - "markdownDescription": "The options for the canvas of a section-based layout.", - "title": "CanvasSizeOptions" + "FromAddress": { + "markdownDescription": "The verified email address to send the email from. The default address is the `FromAddress` specified for the email channel for the application.", + "title": "FromAddress", + "type": "string" }, - "FooterSections": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeaderFooterSectionConfiguration" - }, - "markdownDescription": "A list of footer section configurations.", - "title": "FooterSections", - "type": "array" + "HtmlBody": { + "markdownDescription": "The body of the email, in HTML format, for recipients whose email clients render HTML content.", + "title": "HtmlBody", + "type": "string" }, - "HeaderSections": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeaderFooterSectionConfiguration" - }, - "markdownDescription": "A list of header section configurations.", - "title": "HeaderSections", - "type": "array" + "Title": { + "markdownDescription": "The subject line, or title, of the email.", + "title": "Title", + "type": "string" } }, - "required": [ - "BodySections", - "CanvasSizeOptions", - "FooterSections", - "HeaderSections" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.SectionBasedLayoutPaperCanvasSizeOptions": { + "AWS::Pinpoint::Campaign.CampaignEventFilter": { "additionalProperties": false, "properties": { - "PaperMargin": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.Spacing", - "markdownDescription": "Defines the spacing between the canvas content and the top, bottom, left, and right edges.", - "title": "PaperMargin" - }, - "PaperOrientation": { - "markdownDescription": "The paper orientation that is used to define canvas dimensions. Choose one of the following options:\n\n- PORTRAIT\n- LANDSCAPE", - "title": "PaperOrientation", - "type": "string" + "Dimensions": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.EventDimensions", + "markdownDescription": "The dimension settings of the event filter for the campaign.", + "title": "Dimensions" }, - "PaperSize": { - "markdownDescription": "The paper size that is used to define canvas dimensions.", - "title": "PaperSize", + "FilterType": { + "markdownDescription": "The type of event that causes the campaign to be sent. Valid values are: `SYSTEM` , sends the campaign when a system event occurs; and, `ENDPOINT` , sends the campaign when an endpoint event (Events resource) occurs.", + "title": "FilterType", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SectionLayoutConfiguration": { + "AWS::Pinpoint::Campaign.CampaignHook": { "additionalProperties": false, "properties": { - "FreeFormLayout": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormSectionLayoutConfiguration", - "markdownDescription": "The free-form layout configuration of a section.", - "title": "FreeFormLayout" + "LambdaFunctionName": { + "markdownDescription": "The name or Amazon Resource Name (ARN) of the Lambda function that Amazon Pinpoint invokes to customize a segment for a campaign.", + "title": "LambdaFunctionName", + "type": "string" + }, + "Mode": { + "markdownDescription": "The mode that Amazon Pinpoint uses to invoke the Lambda function. Possible values are:\n\n- `FILTER` - Invoke the function to customize the segment that's used by a campaign.\n- `DELIVERY` - (Deprecated) Previously, invoked the function to send a campaign through a custom channel. This functionality is not supported anymore. To send a campaign through a custom channel, use the `CustomDeliveryConfiguration` and `CampaignCustomMessage` objects of the campaign.", + "title": "Mode", + "type": "string" + }, + "WebUrl": { + "markdownDescription": "The web URL that Amazon Pinpoint calls to invoke the Lambda function over HTTPS.", + "title": "WebUrl", + "type": "string" } }, - "required": [ - "FreeFormLayout" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.SectionPageBreakConfiguration": { + "AWS::Pinpoint::Campaign.CampaignInAppMessage": { "additionalProperties": false, "properties": { - "After": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionAfterPageBreak", - "markdownDescription": "The configuration of a page break after a section.", - "title": "After" + "Content": { + "items": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.InAppMessageContent" + }, + "markdownDescription": "An array that contains configurtion information about the in-app message for the campaign, including title and body text, text colors, background colors, image URLs, and button configurations.", + "title": "Content", + "type": "array" + }, + "CustomConfig": { + "markdownDescription": "Custom data, in the form of key-value pairs, that is included in an in-app messaging payload.", + "title": "CustomConfig", + "type": "object" + }, + "Layout": { + "markdownDescription": "A string that describes how the in-app message will appear. You can specify one of the following:\n\n- `BOTTOM_BANNER` \u2013 a message that appears as a banner at the bottom of the page.\n- `TOP_BANNER` \u2013 a message that appears as a banner at the top of the page.\n- `OVERLAYS` \u2013 a message that covers entire screen.\n- `MOBILE_FEED` \u2013 a message that appears in a window in front of the page.\n- `MIDDLE_BANNER` \u2013 a message that appears as a banner in the middle of the page.\n- `CAROUSEL` \u2013 a scrollable layout of up to five unique messages.", + "title": "Layout", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SectionStyle": { + "AWS::Pinpoint::Campaign.CampaignSmsMessage": { "additionalProperties": false, "properties": { - "Height": { - "markdownDescription": "The height of a section.\n\nHeights can only be defined for header and footer sections. The default height margin is 0.5 inches.", - "title": "Height", + "Body": { + "markdownDescription": "The body of the SMS message.", + "title": "Body", "type": "string" }, - "Padding": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.Spacing", - "markdownDescription": "The spacing between section content and its top, bottom, left, and right edges.\n\nThere is no padding by default.", - "title": "Padding" + "EntityId": { + "markdownDescription": "The entity ID or Principal Entity (PE) id received from the regulatory body for sending SMS in your country.", + "title": "EntityId", + "type": "string" + }, + "MessageType": { + "markdownDescription": "The SMS message type. Valid values are `TRANSACTIONAL` (for messages that are critical or time-sensitive, such as a one-time passwords) and `PROMOTIONAL` (for messsages that aren't critical or time-sensitive, such as marketing messages).", + "title": "MessageType", + "type": "string" + }, + "OriginationNumber": { + "markdownDescription": "The long code to send the SMS message from. This value should be one of the dedicated long codes that's assigned to your AWS account. Although it isn't required, we recommend that you specify the long code using an E.164 format to ensure prompt and accurate delivery of the message. For example, +12065550100.", + "title": "OriginationNumber", + "type": "string" + }, + "SenderId": { + "markdownDescription": "The alphabetic Sender ID to display as the sender of the message on a recipient's device. Support for sender IDs varies by country or region. To specify a phone number as the sender, omit this parameter and use `OriginationNumber` instead. For more information about support for Sender ID by country, see the [Amazon Pinpoint User Guide](https://docs.aws.amazon.com/pinpoint/latest/userguide/channels-sms-countries.html) .", + "title": "SenderId", + "type": "string" + }, + "TemplateId": { + "markdownDescription": "The template ID received from the regulatory body for sending SMS in your country.", + "title": "TemplateId", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SelectedSheetsFilterScopeConfiguration": { + "AWS::Pinpoint::Campaign.CustomDeliveryConfiguration": { "additionalProperties": false, "properties": { - "SheetVisualScopingConfigurations": { + "DeliveryUri": { + "markdownDescription": "The destination to send the campaign or treatment to. This value can be one of the following:\n\n- The name or Amazon Resource Name (ARN) of an AWS Lambda function to invoke to handle delivery of the campaign or treatment.\n- The URL for a web application or service that supports HTTPS and can receive the message. The URL has to be a full URL, including the HTTPS protocol.", + "title": "DeliveryUri", + "type": "string" + }, + "EndpointTypes": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetVisualScopingConfiguration" + "type": "string" }, - "markdownDescription": "The sheet ID and visual IDs of the sheet and visuals that the filter is applied to.", - "title": "SheetVisualScopingConfigurations", + "markdownDescription": "The types of endpoints to send the campaign or treatment to. Each valid value maps to a type of channel that you can associate with an endpoint by using the `ChannelType` property of an endpoint.", + "title": "EndpointTypes", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SeriesItem": { + "AWS::Pinpoint::Campaign.DefaultButtonConfiguration": { "additionalProperties": false, "properties": { - "DataFieldSeriesItem": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataFieldSeriesItem", - "markdownDescription": "The data field series item configuration of a line chart.", - "title": "DataFieldSeriesItem" + "BackgroundColor": { + "markdownDescription": "The background color of a button, expressed as a hex color code (such as #000000 for black).", + "title": "BackgroundColor", + "type": "string" }, - "FieldSeriesItem": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSeriesItem", - "markdownDescription": "The field series item configuration of a line chart.", - "title": "FieldSeriesItem" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.SetParameterValueConfiguration": { - "additionalProperties": false, - "properties": { - "DestinationParameterName": { - "markdownDescription": "The destination parameter name of the `SetParameterValueConfiguration` .", - "title": "DestinationParameterName", + "BorderRadius": { + "markdownDescription": "The border radius of a button.", + "title": "BorderRadius", + "type": "number" + }, + "ButtonAction": { + "markdownDescription": "The action that occurs when a recipient chooses a button in an in-app message. You can specify one of the following:\n\n- `LINK` \u2013 A link to a web destination.\n- `DEEP_LINK` \u2013 A link to a specific page in an application.\n- `CLOSE` \u2013 Dismisses the message.", + "title": "ButtonAction", "type": "string" }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DestinationParameterValueConfiguration", - "markdownDescription": "", - "title": "Value" + "Link": { + "markdownDescription": "The destination (such as a URL) for a button.", + "title": "Link", + "type": "string" + }, + "Text": { + "markdownDescription": "The text that appears on a button in an in-app message.", + "title": "Text", + "type": "string" + }, + "TextColor": { + "markdownDescription": "The color of the body text in a button, expressed as a hex color code (such as #000000 for black).", + "title": "TextColor", + "type": "string" } }, - "required": [ - "DestinationParameterName", - "Value" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.ShapeConditionalFormat": { + "AWS::Pinpoint::Campaign.EventDimensions": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting for the shape background color of a filled map visual.", - "title": "BackgroundColor" + "Attributes": { + "markdownDescription": "One or more custom attributes that your application reports to Amazon Pinpoint. You can use these attributes as selection criteria when you create an event filter.", + "title": "Attributes", + "type": "object" + }, + "EventType": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.SetDimension", + "markdownDescription": "The name of the event that causes the campaign to be sent or the journey activity to be performed. This can be a standard event that Amazon Pinpoint generates, such as `_email.delivered` or `_custom.delivered` . For campaigns, this can also be a custom event that's specific to your application. For information about standard events, see [Streaming Amazon Pinpoint Events](https://docs.aws.amazon.com/pinpoint/latest/developerguide/event-streams.html) in the *Amazon Pinpoint Developer Guide* .", + "title": "EventType" + }, + "Metrics": { + "markdownDescription": "One or more custom metrics that your application reports to Amazon Pinpoint . You can use these metrics as selection criteria when you create an event filter.", + "title": "Metrics", + "type": "object" } }, - "required": [ - "BackgroundColor" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.Sheet": { + "AWS::Pinpoint::Campaign.InAppMessageBodyConfig": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of a sheet. This name is displayed on the sheet's tab in the Amazon QuickSight console.", - "title": "Name", + "Alignment": { + "markdownDescription": "The text alignment of the main body text of the message. Acceptable values: `LEFT` , `CENTER` , `RIGHT` .", + "title": "Alignment", "type": "string" }, - "SheetId": { - "markdownDescription": "The unique identifier associated with a sheet.", - "title": "SheetId", + "Body": { + "markdownDescription": "The main body text of the message.", + "title": "Body", + "type": "string" + }, + "TextColor": { + "markdownDescription": "The color of the body text, expressed as a string consisting of a hex color code (such as \"#000000\" for black).", + "title": "TextColor", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions": { + "AWS::Pinpoint::Campaign.InAppMessageButton": { "additionalProperties": false, "properties": { - "InfoIconText": { - "markdownDescription": "The text content of info icon.", - "title": "InfoIconText", - "type": "string" + "Android": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.OverrideButtonConfiguration", + "markdownDescription": "An object that defines the default behavior for a button in in-app messages sent to Android.", + "title": "Android" }, - "Visibility": { - "markdownDescription": "The visibility configuration of info icon label options.", - "title": "Visibility", - "type": "string" + "DefaultConfig": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.DefaultButtonConfiguration", + "markdownDescription": "An object that defines the default behavior for a button in an in-app message.", + "title": "DefaultConfig" + }, + "IOS": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.OverrideButtonConfiguration", + "markdownDescription": "An object that defines the default behavior for a button in in-app messages sent to iOS devices.", + "title": "IOS" + }, + "Web": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.OverrideButtonConfiguration", + "markdownDescription": "An object that defines the default behavior for a button in in-app messages for web applications.", + "title": "Web" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SheetControlLayout": { + "AWS::Pinpoint::Campaign.InAppMessageContent": { "additionalProperties": false, "properties": { - "Configuration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlLayoutConfiguration", - "markdownDescription": "The configuration that determines the elements and canvas size options of sheet control.", - "title": "Configuration" + "BackgroundColor": { + "markdownDescription": "The background color for an in-app message banner, expressed as a hex color code (such as #000000 for black).", + "title": "BackgroundColor", + "type": "string" + }, + "BodyConfig": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.InAppMessageBodyConfig", + "markdownDescription": "Specifies the configuration of main body text in an in-app message template.", + "title": "BodyConfig" + }, + "HeaderConfig": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.InAppMessageHeaderConfig", + "markdownDescription": "Specifies the configuration and content of the header or title text of the in-app message.", + "title": "HeaderConfig" + }, + "ImageUrl": { + "markdownDescription": "The URL of the image that appears on an in-app message banner.", + "title": "ImageUrl", + "type": "string" + }, + "PrimaryBtn": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.InAppMessageButton", + "markdownDescription": "An object that contains configuration information about the primary button in an in-app message.", + "title": "PrimaryBtn" + }, + "SecondaryBtn": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.InAppMessageButton", + "markdownDescription": "An object that contains configuration information about the secondary button in an in-app message.", + "title": "SecondaryBtn" } }, - "required": [ - "Configuration" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.SheetControlLayoutConfiguration": { + "AWS::Pinpoint::Campaign.InAppMessageHeaderConfig": { "additionalProperties": false, "properties": { - "GridLayout": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GridLayoutConfiguration", - "markdownDescription": "The configuration that determines the elements and canvas size options of sheet control.", - "title": "GridLayout" + "Alignment": { + "markdownDescription": "The text alignment of the title of the message. Acceptable values: `LEFT` , `CENTER` , `RIGHT` .", + "title": "Alignment", + "type": "string" + }, + "Header": { + "markdownDescription": "The header or title text of the in-app message.", + "title": "Header", + "type": "string" + }, + "TextColor": { + "markdownDescription": "The color of the body text, expressed as a string consisting of a hex color code (such as \"#000000\" for black).", + "title": "TextColor", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SheetControlsOption": { + "AWS::Pinpoint::Campaign.Limits": { "additionalProperties": false, "properties": { - "VisibilityState": { - "markdownDescription": "Visibility state.", - "title": "VisibilityState", - "type": "string" + "Daily": { + "markdownDescription": "The maximum number of messages that a campaign can send to a single endpoint during a 24-hour period. The maximum value is 100.", + "title": "Daily", + "type": "number" + }, + "MaximumDuration": { + "markdownDescription": "The maximum amount of time, in seconds, that a campaign can attempt to deliver a message after the scheduled start time for the campaign. The minimum value is 60 seconds.", + "title": "MaximumDuration", + "type": "number" + }, + "MessagesPerSecond": { + "markdownDescription": "The maximum number of messages that a campaign can send each second. The minimum value is 1. The maximum value is 20,000.", + "title": "MessagesPerSecond", + "type": "number" + }, + "Session": { + "markdownDescription": "The maximum number of messages that the campaign can send per user session.", + "title": "Session", + "type": "number" + }, + "Total": { + "markdownDescription": "The maximum number of messages that a campaign can send to a single endpoint during the course of the campaign. The maximum value is 100.", + "title": "Total", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SheetDefinition": { + "AWS::Pinpoint::Campaign.Message": { "additionalProperties": false, "properties": { - "ContentType": { - "markdownDescription": "The layout content type of the sheet. Choose one of the following options:\n\n- `PAGINATED` : Creates a sheet for a paginated report.\n- `INTERACTIVE` : Creates a sheet for an interactive dashboard.", - "title": "ContentType", + "Action": { + "markdownDescription": "The action to occur if a recipient taps the push notification. Valid values are:\n\n- `OPEN_APP` \u2013 Your app opens or it becomes the foreground app if it was sent to the background. This is the default action.\n- `DEEP_LINK` \u2013 Your app opens and displays a designated user interface in the app. This setting uses the deep-linking features of iOS and Android.\n- `URL` \u2013 The default mobile browser on the recipient's device opens and loads the web page at a URL that you specify.", + "title": "Action", "type": "string" }, - "Description": { - "markdownDescription": "A description of the sheet.", - "title": "Description", + "Body": { + "markdownDescription": "The body of the notification message. The maximum number of characters is 200.", + "title": "Body", "type": "string" }, - "FilterControls": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterControl" - }, - "markdownDescription": "The list of filter controls that are on a sheet.\n\nFor more information, see [Adding filter controls to analysis sheets](https://docs.aws.amazon.com/quicksight/latest/user/filter-controls.html) in the *Amazon QuickSight User Guide* .", - "title": "FilterControls", - "type": "array" + "ImageIconUrl": { + "markdownDescription": "The URL of the image to display as the push notification icon, such as the icon for the app.", + "title": "ImageIconUrl", + "type": "string" }, - "Layouts": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.Layout" - }, - "markdownDescription": "Layouts define how the components of a sheet are arranged.\n\nFor more information, see [Types of layout](https://docs.aws.amazon.com/quicksight/latest/user/types-of-layout.html) in the *Amazon QuickSight User Guide* .", - "title": "Layouts", - "type": "array" + "ImageSmallIconUrl": { + "markdownDescription": "The URL of the image to display as the small, push notification icon, such as a small version of the icon for the app.", + "title": "ImageSmallIconUrl", + "type": "string" }, - "Name": { - "markdownDescription": "The name of the sheet. This name is displayed on the sheet's tab in the Amazon QuickSight console.", - "title": "Name", + "ImageUrl": { + "markdownDescription": "The URL of an image to display in the push notification.", + "title": "ImageUrl", "type": "string" }, - "ParameterControls": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterControl" - }, - "markdownDescription": "The list of parameter controls that are on a sheet.\n\nFor more information, see [Using a Control with a Parameter in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-controls.html) in the *Amazon QuickSight User Guide* .", - "title": "ParameterControls", - "type": "array" + "JsonBody": { + "markdownDescription": "The JSON payload to use for a silent push notification.", + "title": "JsonBody", + "type": "string" }, - "SheetControlLayouts": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlLayout" - }, - "markdownDescription": "The control layouts of the sheet.", - "title": "SheetControlLayouts", - "type": "array" + "MediaUrl": { + "markdownDescription": "The URL of the image or video to display in the push notification.", + "title": "MediaUrl", + "type": "string" }, - "SheetId": { - "markdownDescription": "The unique identifier of a sheet.", - "title": "SheetId", + "RawContent": { + "markdownDescription": "The raw, JSON-formatted string to use as the payload for the notification message. If specified, this value overrides all other content for the message.", + "title": "RawContent", "type": "string" }, - "TextBoxes": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetTextBox" - }, - "markdownDescription": "The text boxes that are on a sheet.", - "title": "TextBoxes", - "type": "array" + "SilentPush": { + "markdownDescription": "Specifies whether the notification is a silent push notification, which is a push notification that doesn't display on a recipient's device. Silent push notifications can be used for cases such as updating an app's configuration, displaying messages in an in-app message center, or supporting phone home functionality.", + "title": "SilentPush", + "type": "boolean" + }, + "TimeToLive": { + "markdownDescription": "The number of seconds that the push notification service should keep the message, if the service is unable to deliver the notification the first time. This value is converted to an expiration value when it's sent to a push notification service. If this value is `0` , the service treats the notification as if it expires immediately and the service doesn't store or try to deliver the notification again.\n\nThis value doesn't apply to messages that are sent through the Amazon Device Messaging (ADM) service.", + "title": "TimeToLive", + "type": "number" }, "Title": { - "markdownDescription": "The title of the sheet.", + "markdownDescription": "The title to display above the notification message on a recipient's device.", "title": "Title", "type": "string" }, - "Visuals": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.Visual" - }, - "markdownDescription": "A list of the visuals that are on a sheet. Visual placement is determined by the layout of the sheet.", - "title": "Visuals", - "type": "array" - } - }, - "required": [ - "SheetId" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.SheetElementConfigurationOverrides": { - "additionalProperties": false, - "properties": { - "Visibility": { - "markdownDescription": "Determines whether or not the overrides are visible. Choose one of the following options:\n\n- `VISIBLE`\n- `HIDDEN`", - "title": "Visibility", + "Url": { + "markdownDescription": "The URL to open in a recipient's default mobile browser, if a recipient taps the push notification and the value of the `Action` property is `URL` .", + "title": "Url", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SheetElementRenderingRule": { + "AWS::Pinpoint::Campaign.MessageConfiguration": { "additionalProperties": false, "properties": { - "ConfigurationOverrides": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetElementConfigurationOverrides", - "markdownDescription": "The override configuration of the rendering rules of a sheet.", - "title": "ConfigurationOverrides" + "ADMMessage": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.Message", + "markdownDescription": "The message that the campaign sends through the ADM (Amazon Device Messaging) channel. If specified, this message overrides the default message.", + "title": "ADMMessage" }, - "Expression": { - "markdownDescription": "The expression of the rendering rules of a sheet.", - "title": "Expression", - "type": "string" + "APNSMessage": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.Message", + "markdownDescription": "The message that the campaign sends through the APNs (Apple Push Notification service) channel. If specified, this message overrides the default message.", + "title": "APNSMessage" + }, + "BaiduMessage": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.Message", + "markdownDescription": "The message that the campaign sends through the Baidu (Baidu Cloud Push) channel. If specified, this message overrides the default message.", + "title": "BaiduMessage" + }, + "CustomMessage": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.CampaignCustomMessage", + "markdownDescription": "The message that the campaign sends through a custom channel, as specified by the delivery configuration ( `CustomDeliveryConfiguration` ) settings for the campaign. If specified, this message overrides the default message.", + "title": "CustomMessage" + }, + "DefaultMessage": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.Message", + "markdownDescription": "The default message that the campaign sends through all the channels that are configured for the campaign.", + "title": "DefaultMessage" + }, + "EmailMessage": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.CampaignEmailMessage", + "markdownDescription": "The message that the campaign sends through the email channel. If specified, this message overrides the default message.\n\n> The maximum email message size is 200 KB. You can use email templates to send larger email messages.", + "title": "EmailMessage" + }, + "GCMMessage": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.Message", + "markdownDescription": "The message that the campaign sends through the GCM channel, which enables Amazon Pinpoint to send push notifications through the Firebase Cloud Messaging (FCM), formerly Google Cloud Messaging (GCM), service. If specified, this message overrides the default message.", + "title": "GCMMessage" + }, + "InAppMessage": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.CampaignInAppMessage", + "markdownDescription": "The default message for the in-app messaging channel. This message overrides the default message ( `DefaultMessage` ).", + "title": "InAppMessage" + }, + "SMSMessage": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.CampaignSmsMessage", + "markdownDescription": "The message that the campaign sends through the SMS channel. If specified, this message overrides the default message.", + "title": "SMSMessage" } }, - "required": [ - "ConfigurationOverrides", - "Expression" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.SheetLayoutElementMaximizationOption": { + "AWS::Pinpoint::Campaign.MetricDimension": { "additionalProperties": false, "properties": { - "AvailabilityStatus": { - "markdownDescription": "The status of the sheet layout maximization options of a dashbaord.", - "title": "AvailabilityStatus", + "ComparisonOperator": { "type": "string" + }, + "Value": { + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SheetTextBox": { + "AWS::Pinpoint::Campaign.OverrideButtonConfiguration": { "additionalProperties": false, "properties": { - "Content": { - "markdownDescription": "The content that is displayed in the text box.", - "title": "Content", + "ButtonAction": { + "markdownDescription": "The action that occurs when a recipient chooses a button in an in-app message. You can specify one of the following:\n\n- `LINK` \u2013 A link to a web destination.\n- `DEEP_LINK` \u2013 A link to a specific page in an application.\n- `CLOSE` \u2013 Dismisses the message.", + "title": "ButtonAction", "type": "string" }, - "SheetTextBoxId": { - "markdownDescription": "The unique identifier for a text box. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have text boxes that share identifiers.", - "title": "SheetTextBoxId", + "Link": { + "markdownDescription": "The destination (such as a URL) for a button.", + "title": "Link", "type": "string" } }, - "required": [ - "SheetTextBoxId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.SheetVisualScopingConfiguration": { + "AWS::Pinpoint::Campaign.QuietTime": { "additionalProperties": false, "properties": { - "Scope": { - "markdownDescription": "The scope of the applied entities. Choose one of the following options:\n\n- `ALL_VISUALS`\n- `SELECTED_VISUALS`", - "title": "Scope", + "End": { + "markdownDescription": "The specific time when quiet time ends. This value has to use 24-hour notation and be in HH:MM format, where HH is the hour (with a leading zero, if applicable) and MM is the minutes. For example, use `02:30` to represent 2:30 AM, or `14:30` to represent 2:30 PM.", + "title": "End", "type": "string" }, - "SheetId": { - "markdownDescription": "The selected sheet that the filter is applied to.", - "title": "SheetId", + "Start": { + "markdownDescription": "The specific time when quiet time begins. This value has to use 24-hour notation and be in HH:MM format, where HH is the hour (with a leading zero, if applicable) and MM is the minutes. For example, use `02:30` to represent 2:30 AM, or `14:30` to represent 2:30 PM.", + "title": "Start", "type": "string" - }, - "VisualIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The selected visuals that the filter is applied to.", - "title": "VisualIds", - "type": "array" } }, "required": [ - "Scope", - "SheetId" + "End", + "Start" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ShortFormatText": { + "AWS::Pinpoint::Campaign.Schedule": { "additionalProperties": false, "properties": { - "PlainText": { - "markdownDescription": "Plain text format.", - "title": "PlainText", + "EndTime": { + "markdownDescription": "The scheduled time, in ISO 8601 format, when the campaign ended or will end.", + "title": "EndTime", "type": "string" }, - "RichText": { - "markdownDescription": "Rich text. Examples of rich text include bold, underline, and italics.", - "title": "RichText", + "EventFilter": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.CampaignEventFilter", + "markdownDescription": "The type of event that causes the campaign to be sent, if the value of the `Frequency` property is `EVENT` .", + "title": "EventFilter" + }, + "Frequency": { + "markdownDescription": "Specifies how often the campaign is sent or whether the campaign is sent in response to a specific event.", + "title": "Frequency", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.SimpleClusterMarker": { - "additionalProperties": false, - "properties": { - "Color": { - "markdownDescription": "The color of the simple cluster marker.", - "title": "Color", + }, + "IsLocalTime": { + "markdownDescription": "Specifies whether the start and end times for the campaign schedule use each recipient's local time. To base the schedule on each recipient's local time, set this value to `true` .", + "title": "IsLocalTime", + "type": "boolean" + }, + "QuietTime": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.QuietTime", + "markdownDescription": "The default quiet time for the campaign. Quiet time is a specific time range when a campaign doesn't send messages to endpoints, if all the following conditions are met:\n\n- The `EndpointDemographic.Timezone` property of the endpoint is set to a valid value.\n- The current time in the endpoint's time zone is later than or equal to the time specified by the `QuietTime.Start` property for the campaign.\n- The current time in the endpoint's time zone is earlier than or equal to the time specified by the `QuietTime.End` property for the campaign.\n\nIf any of the preceding conditions isn't met, the endpoint will receive messages from the campaign, even if quiet time is enabled.", + "title": "QuietTime" + }, + "StartTime": { + "markdownDescription": "The scheduled time when the campaign began or will begin. Valid values are: `IMMEDIATE` , to start the campaign immediately; or, a specific time in ISO 8601 format.", + "title": "StartTime", + "type": "string" + }, + "TimeZone": { + "markdownDescription": "The starting UTC offset for the campaign schedule, if the value of the `IsLocalTime` property is `true` . Valid values are: `UTC, UTC+01, UTC+02, UTC+03, UTC+03:30, UTC+04, UTC+04:30, UTC+05, UTC+05:30, UTC+05:45, UTC+06, UTC+06:30, UTC+07, UTC+08, UTC+09, UTC+09:30, UTC+10, UTC+10:30, UTC+11, UTC+12, UTC+13, UTC-02, UTC-03, UTC-04, UTC-05, UTC-06, UTC-07, UTC-08, UTC-09, UTC-10,` and `UTC-11` .", + "title": "TimeZone", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SliderControlDisplayOptions": { + "AWS::Pinpoint::Campaign.SetDimension": { "additionalProperties": false, "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" + "DimensionType": { + "markdownDescription": "The type of segment dimension to use. Valid values are: `INCLUSIVE` , endpoints that match the criteria are included in the segment; and, `EXCLUSIVE` , endpoints that match the criteria are excluded from the segment.", + "title": "DimensionType", + "type": "string" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The criteria values to use for the segment dimension. Depending on the value of the `DimensionType` property, endpoints are included or excluded from the segment if their values match the criteria values.", + "title": "Values", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SmallMultiplesAxisProperties": { + "AWS::Pinpoint::Campaign.Template": { "additionalProperties": false, "properties": { - "Placement": { - "markdownDescription": "Defines the placement of the axis. By default, axes are rendered `OUTSIDE` of the panels. Axes with `INDEPENDENT` scale are rendered `INSIDE` the panels.", - "title": "Placement", + "Name": { + "markdownDescription": "The name of the message template to use for the message. If specified, this value must match the name of an existing message template.", + "title": "Name", "type": "string" }, - "Scale": { - "markdownDescription": "Determines whether scale of the axes are shared or independent. The default value is `SHARED` .", - "title": "Scale", + "Version": { + "markdownDescription": "The unique identifier for the version of the message template to use for the message. If specified, this value must match the identifier for an existing template version. To retrieve a list of versions and version identifiers for a template, use the [Template Versions](https://docs.aws.amazon.com/pinpoint/latest/apireference/templates-template-name-template-type-versions.html) resource.\n\nIf you don't specify a value for this property, Amazon Pinpoint uses the *active version* of the template. The *active version* is typically the version of a template that's been most recently reviewed and approved for use, depending on your workflow. It isn't necessarily the latest version of a template.", + "title": "Version", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SmallMultiplesOptions": { + "AWS::Pinpoint::Campaign.TemplateConfiguration": { "additionalProperties": false, "properties": { - "MaxVisibleColumns": { - "markdownDescription": "Sets the maximum number of visible columns to display in the grid of small multiples panels.\n\nThe default is `Auto` , which automatically adjusts the columns in the grid to fit the overall layout and size of the given chart.", - "title": "MaxVisibleColumns", - "type": "number" - }, - "MaxVisibleRows": { - "markdownDescription": "Sets the maximum number of visible rows to display in the grid of small multiples panels.\n\nThe default value is `Auto` , which automatically adjusts the rows in the grid to fit the overall layout and size of the given chart.", - "title": "MaxVisibleRows", - "type": "number" + "EmailTemplate": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.Template", + "markdownDescription": "The email template to use for the message.", + "title": "EmailTemplate" }, - "PanelConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PanelConfiguration", - "markdownDescription": "Configures the display options for each small multiples panel.", - "title": "PanelConfiguration" + "PushTemplate": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.Template", + "markdownDescription": "The push notification template to use for the message.", + "title": "PushTemplate" }, - "XAxis": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SmallMultiplesAxisProperties", - "markdownDescription": "The properties of a small multiples X axis.", - "title": "XAxis" + "SMSTemplate": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.Template", + "markdownDescription": "The SMS template to use for the message.", + "title": "SMSTemplate" }, - "YAxis": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SmallMultiplesAxisProperties", - "markdownDescription": "The properties of a small multiples Y axis.", - "title": "YAxis" + "VoiceTemplate": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.Template", + "markdownDescription": "The voice template to use for the message. This object isn't supported for campaigns.", + "title": "VoiceTemplate" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.Spacing": { + "AWS::Pinpoint::Campaign.WriteTreatmentResource": { "additionalProperties": false, "properties": { - "Bottom": { - "markdownDescription": "Define the bottom spacing.", - "title": "Bottom", - "type": "string" + "CustomDeliveryConfiguration": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.CustomDeliveryConfiguration", + "markdownDescription": "The delivery configuration settings for sending the treatment through a custom channel. This object is required if the `MessageConfiguration` object for the treatment specifies a `CustomMessage` object.", + "title": "CustomDeliveryConfiguration" }, - "Left": { - "markdownDescription": "Define the left spacing.", - "title": "Left", - "type": "string" + "MessageConfiguration": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.MessageConfiguration", + "markdownDescription": "The message configuration settings for the treatment.", + "title": "MessageConfiguration" }, - "Right": { - "markdownDescription": "Define the right spacing.", - "title": "Right", - "type": "string" + "Schedule": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.Schedule", + "markdownDescription": "The schedule settings for the treatment.", + "title": "Schedule" }, - "Top": { - "markdownDescription": "Define the top spacing.", - "title": "Top", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.StringDefaultValues": { - "additionalProperties": false, - "properties": { - "DynamicValue": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DynamicDefaultValue", - "markdownDescription": "The dynamic value of the `StringDefaultValues` . Different defaults displayed according to users, groups, and values mapping.", - "title": "DynamicValue" + "SizePercent": { + "markdownDescription": "The allocated percentage of users (segment members) to send the treatment to.", + "title": "SizePercent", + "type": "number" }, - "StaticValues": { - "items": { - "type": "string" - }, - "markdownDescription": "The static values of the `DecimalDefaultValues` .", - "title": "StaticValues", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.StringFormatConfiguration": { - "additionalProperties": false, - "properties": { - "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NullValueFormatConfiguration", - "markdownDescription": "The options that determine the null value format configuration.", - "title": "NullValueFormatConfiguration" + "TemplateConfiguration": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.TemplateConfiguration", + "markdownDescription": "The message template to use for the treatment.", + "title": "TemplateConfiguration" }, - "NumericFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericFormatConfiguration", - "markdownDescription": "The formatting configuration for numeric strings.", - "title": "NumericFormatConfiguration" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.StringParameter": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "A display name for a string parameter.", - "title": "Name", + "TreatmentDescription": { + "markdownDescription": "A custom description of the treatment.", + "title": "TreatmentDescription", "type": "string" }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The values of a string parameter.", - "title": "Values", - "type": "array" + "TreatmentName": { + "markdownDescription": "A custom name for the treatment.", + "title": "TreatmentName", + "type": "string" } }, - "required": [ - "Name", - "Values" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.StringParameterDeclaration": { + "AWS::Pinpoint::EmailChannel": { "additionalProperties": false, "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringDefaultValues", - "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", - "title": "DefaultValues" - }, - "MappedDataSetParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MappedDataSetParameter" - }, - "markdownDescription": "", - "title": "MappedDataSetParameters", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the parameter that is being declared.", - "title": "Name", + "Condition": { "type": "string" }, - "ParameterValueType": { - "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", - "title": "ParameterValueType", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ValueWhenUnset": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringValueWhenUnsetConfiguration", - "markdownDescription": "The configuration that defines the default value of a `String` parameter when a value has not been set.", - "title": "ValueWhenUnset" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The unique identifier for the Amazon Pinpoint application that you're specifying the email channel for.", + "title": "ApplicationId", + "type": "string" + }, + "ConfigurationSet": { + "markdownDescription": "The [Amazon SES configuration set](https://docs.aws.amazon.com/ses/latest/APIReference/API_ConfigurationSet.html) that you want to apply to messages that you send through the channel.", + "title": "ConfigurationSet", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Specifies whether to enable the email channel for the application.", + "title": "Enabled", + "type": "boolean" + }, + "FromAddress": { + "markdownDescription": "The verified email address that you want to send email from when you send email through the channel.", + "title": "FromAddress", + "type": "string" + }, + "Identity": { + "markdownDescription": "The Amazon Resource Name (ARN) of the identity, verified with Amazon Simple Email Service (Amazon SES), that you want to use when you send email through the channel.", + "title": "Identity", + "type": "string" + }, + "OrchestrationSendingRoleArn": { + "markdownDescription": "The ARN of an IAM role for Amazon Pinpoint to use to send email from your campaigns or journeys through Amazon SES .", + "title": "OrchestrationSendingRoleArn", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the AWS Identity and Access Management (IAM) role that you want Amazon Pinpoint to use when it submits email-related event data for the channel.", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "ApplicationId", + "FromAddress", + "Identity" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Pinpoint::EmailChannel" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Name", - "ParameterValueType" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.StringValueWhenUnsetConfiguration": { + "AWS::Pinpoint::EmailTemplate": { "additionalProperties": false, "properties": { - "CustomValue": { - "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", - "title": "CustomValue", + "Condition": { "type": "string" }, - "ValueWhenUnsetOption": { - "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", - "title": "ValueWhenUnsetOption", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DefaultSubstitutions": { + "markdownDescription": "A JSON object that specifies the default values to use for message variables in the message template. This object is a set of key-value pairs. Each key defines a message variable in the template. The corresponding value defines the default value for that variable. When you create a message that's based on the template, you can override these defaults with message-specific and address-specific variables and values.", + "title": "DefaultSubstitutions", + "type": "string" + }, + "HtmlPart": { + "markdownDescription": "The message body, in HTML format, to use in email messages that are based on the message template. We recommend using HTML format for email clients that render HTML content. You can include links, formatted text, and more in an HTML message.", + "title": "HtmlPart", + "type": "string" + }, + "Subject": { + "markdownDescription": "The subject line, or title, to use in email messages that are based on the message template.", + "title": "Subject", + "type": "string" + }, + "Tags": { + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "object" + }, + "TemplateDescription": { + "markdownDescription": "A custom description of the message template.", + "title": "TemplateDescription", + "type": "string" + }, + "TemplateName": { + "markdownDescription": "The name of the message template.", + "title": "TemplateName", + "type": "string" + }, + "TextPart": { + "markdownDescription": "The message body, in plain text format, to use in email messages that are based on the message template. We recommend using plain text format for email clients that don't render HTML content and clients that are connected to high-latency networks, such as mobile devices.", + "title": "TextPart", + "type": "string" + } + }, + "required": [ + "Subject", + "TemplateName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Pinpoint::EmailTemplate" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.SubtotalOptions": { + "AWS::Pinpoint::EventStream": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label string for the subtotal cells.", - "title": "CustomLabel", + "Condition": { "type": "string" }, - "FieldLevel": { - "markdownDescription": "The field level (all, custom, last) for the subtotal cells.", - "title": "FieldLevel", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "FieldLevelOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableFieldSubtotalOptions" - }, - "markdownDescription": "The optional configuration of subtotal cells.", - "title": "FieldLevelOptions", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "MetricHeaderCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", - "markdownDescription": "The cell styling options for the subtotals of header cells.", - "title": "MetricHeaderCellStyle" + "Metadata": { + "type": "object" }, - "StyleTargets": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableStyleTarget" + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The unique identifier for the Amazon Pinpoint application that you want to export data from.", + "title": "ApplicationId", + "type": "string" + }, + "DestinationStreamArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Kinesis Data Stream or Amazon Data Firehose delivery stream that you want to publish event data to.\n\nFor a Kinesis Data Stream, the ARN format is: `arn:aws:kinesis: region : account-id :stream/ stream_name`\n\nFor a Firehose delivery stream, the ARN format is: `arn:aws:firehose: region : account-id :deliverystream/ stream_name`", + "title": "DestinationStreamArn", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The AWS Identity and Access Management (IAM) role that authorizes Amazon Pinpoint to publish event data to the stream in your AWS account.", + "title": "RoleArn", + "type": "string" + } }, - "markdownDescription": "The style targets options for subtotals.", - "title": "StyleTargets", - "type": "array" - }, - "TotalCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", - "markdownDescription": "The cell styling options for the subtotal cells.", - "title": "TotalCellStyle" + "required": [ + "ApplicationId", + "DestinationStreamArn", + "RoleArn" + ], + "type": "object" }, - "TotalsVisibility": { - "markdownDescription": "The visibility configuration for the subtotal cells.", - "title": "TotalsVisibility", + "Type": { + "enum": [ + "AWS::Pinpoint::EventStream" + ], "type": "string" }, - "ValueCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", - "markdownDescription": "The cell styling options for the subtotals of value cells.", - "title": "ValueCellStyle" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TableAggregatedFieldWells": { + "AWS::Pinpoint::GCMChannel": { "additionalProperties": false, "properties": { - "GroupBy": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The group by field well for a pivot table. Values are grouped by group by fields.", - "title": "GroupBy", - "type": "array" + "Condition": { + "type": "string" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApiKey": { + "markdownDescription": "The Web API key, also called the *server key* , that you received from Google to communicate with Google services.", + "title": "ApiKey", + "type": "string" + }, + "ApplicationId": { + "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the GCM channel applies to.", + "title": "ApplicationId", + "type": "string" + }, + "DefaultAuthenticationMethod": { + "markdownDescription": "The default authentication method used for GCM. Values are either \"TOKEN\" or \"KEY\". Defaults to \"KEY\".", + "title": "DefaultAuthenticationMethod", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Specifies whether to enable the GCM channel for the Amazon Pinpoint application.", + "title": "Enabled", + "type": "boolean" + }, + "ServiceJson": { + "markdownDescription": "The contents of the JSON file provided by Google during registration in order to generate an access token for authentication. For more information see [Migrate from legacy FCM APIs to HTTP v1](https://docs.aws.amazon.com/https://firebase.google.com/docs/cloud-messaging/migrate-v1) .", + "title": "ServiceJson", + "type": "string" + } }, - "markdownDescription": "The values field well for a pivot table. Values are aggregated based on group by fields.", - "title": "Values", - "type": "array" + "required": [ + "ApplicationId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Pinpoint::GCMChannel" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TableBorderOptions": { + "AWS::Pinpoint::InAppTemplate": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The color of a table border.", - "title": "Color", + "Condition": { "type": "string" }, - "Style": { - "markdownDescription": "The style (none, solid) of a table border.", - "title": "Style", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Thickness": { - "markdownDescription": "The thickness of a table border.", - "title": "Thickness", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Content": { + "items": { + "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.InAppMessageContent" + }, + "markdownDescription": "An object that contains information about the content of an in-app message, including its title and body text, text colors, background colors, images, buttons, and behaviors.", + "title": "Content", + "type": "array" + }, + "CustomConfig": { + "markdownDescription": "Custom data, in the form of key-value pairs, that is included in an in-app messaging payload.", + "title": "CustomConfig", + "type": "object" + }, + "Layout": { + "markdownDescription": "A string that determines the appearance of the in-app message. You can specify one of the following:\n\n- `BOTTOM_BANNER` \u2013 a message that appears as a banner at the bottom of the page.\n- `TOP_BANNER` \u2013 a message that appears as a banner at the top of the page.\n- `OVERLAYS` \u2013 a message that covers entire screen.\n- `MOBILE_FEED` \u2013 a message that appears in a window in front of the page.\n- `MIDDLE_BANNER` \u2013 a message that appears as a banner in the middle of the page.\n- `CAROUSEL` \u2013 a scrollable layout of up to five unique messages.", + "title": "Layout", + "type": "string" + }, + "Tags": { + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "object" + }, + "TemplateDescription": { + "markdownDescription": "An optional description of the in-app template.", + "title": "TemplateDescription", + "type": "string" + }, + "TemplateName": { + "markdownDescription": "The name of the in-app message template.", + "title": "TemplateName", + "type": "string" + } + }, + "required": [ + "TemplateName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Pinpoint::InAppTemplate" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TableCellConditionalFormatting": { + "AWS::Pinpoint::InAppTemplate.BodyConfig": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID of the cell for conditional formatting.", - "title": "FieldId", + "Alignment": { + "markdownDescription": "The text alignment of the main body text of the message. Acceptable values: `LEFT` , `CENTER` , `RIGHT` .", + "title": "Alignment", "type": "string" }, - "TextFormat": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextConditionalFormat", - "markdownDescription": "The text format of the cell for conditional formatting.", - "title": "TextFormat" + "Body": { + "markdownDescription": "The main body text of the message.", + "title": "Body", + "type": "string" + }, + "TextColor": { + "markdownDescription": "The color of the body text, expressed as a hex color code (such as #000000 for black).", + "title": "TextColor", + "type": "string" } }, - "required": [ - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.TableCellImageSizingConfiguration": { + "AWS::Pinpoint::InAppTemplate.ButtonConfig": { "additionalProperties": false, "properties": { - "TableCellImageScalingConfiguration": { - "markdownDescription": "The cell scaling configuration of the sizing options for the table image configuration.", - "title": "TableCellImageScalingConfiguration", - "type": "string" + "Android": { + "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.OverrideButtonConfiguration", + "markdownDescription": "Optional button configuration to use for in-app messages sent to Android devices. This button configuration overrides the default button configuration.", + "title": "Android" + }, + "DefaultConfig": { + "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.DefaultButtonConfiguration", + "markdownDescription": "Specifies the default behavior of a button that appears in an in-app message. You can optionally add button configurations that specifically apply to iOS, Android, or web browser users.", + "title": "DefaultConfig" + }, + "IOS": { + "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.OverrideButtonConfiguration", + "markdownDescription": "Optional button configuration to use for in-app messages sent to iOS devices. This button configuration overrides the default button configuration.", + "title": "IOS" + }, + "Web": { + "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.OverrideButtonConfiguration", + "markdownDescription": "Optional button configuration to use for in-app messages sent to web applications. This button configuration overrides the default button configuration.", + "title": "Web" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TableCellStyle": { + "AWS::Pinpoint::InAppTemplate.DefaultButtonConfiguration": { "additionalProperties": false, "properties": { "BackgroundColor": { - "markdownDescription": "The background color for the table cells.", + "markdownDescription": "The background color of a button, expressed as a hex color code (such as #000000 for black).", "title": "BackgroundColor", "type": "string" }, - "Border": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GlobalTableBorderOptions", - "markdownDescription": "The borders for the table cells.", - "title": "Border" - }, - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", - "markdownDescription": "The font configuration of the table cells.", - "title": "FontConfiguration" - }, - "Height": { - "markdownDescription": "The height color for the table cells.", - "title": "Height", + "BorderRadius": { + "markdownDescription": "The border radius of a button.", + "title": "BorderRadius", "type": "number" }, - "HorizontalTextAlignment": { - "markdownDescription": "The horizontal text alignment (left, center, right, auto) for the table cells.", - "title": "HorizontalTextAlignment", + "ButtonAction": { + "markdownDescription": "The action that occurs when a recipient chooses a button in an in-app message. You can specify one of the following:\n\n- `LINK` \u2013 A link to a web destination.\n- `DEEP_LINK` \u2013 A link to a specific page in an application.\n- `CLOSE` \u2013 Dismisses the message.", + "title": "ButtonAction", "type": "string" }, - "TextWrap": { - "markdownDescription": "The text wrap (none, wrap) for the table cells.", - "title": "TextWrap", + "Link": { + "markdownDescription": "The destination (such as a URL) for a button.", + "title": "Link", "type": "string" }, - "VerticalTextAlignment": { - "markdownDescription": "The vertical text alignment (top, middle, bottom) for the table cells.", - "title": "VerticalTextAlignment", + "Text": { + "markdownDescription": "The text that appears on a button in an in-app message.", + "title": "Text", "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the table cells.", - "title": "Visibility", + "TextColor": { + "markdownDescription": "The color of the body text in a button, expressed as a hex color code (such as #000000 for black).", + "title": "TextColor", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TableConditionalFormatting": { - "additionalProperties": false, - "properties": { - "ConditionalFormattingOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableConditionalFormattingOption" - }, - "markdownDescription": "Conditional formatting options for a `PivotTableVisual` .", - "title": "ConditionalFormattingOptions", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.TableConditionalFormattingOption": { + "AWS::Pinpoint::InAppTemplate.HeaderConfig": { "additionalProperties": false, "properties": { - "Cell": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellConditionalFormatting", - "markdownDescription": "The cell conditional formatting option for a table.", - "title": "Cell" + "Alignment": { + "markdownDescription": "The text alignment of the title of the message. Acceptable values: `LEFT` , `CENTER` , `RIGHT` .", + "title": "Alignment", + "type": "string" }, - "Row": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableRowConditionalFormatting", - "markdownDescription": "The row conditional formatting option for a table.", - "title": "Row" + "Header": { + "markdownDescription": "The title text of the in-app message.", + "title": "Header", + "type": "string" + }, + "TextColor": { + "markdownDescription": "The color of the title text, expressed as a hex color code (such as #000000 for black).", + "title": "TextColor", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TableConfiguration": { + "AWS::Pinpoint::InAppTemplate.InAppMessageContent": { "additionalProperties": false, "properties": { - "FieldOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldOptions", - "markdownDescription": "The field options for a table visual.", - "title": "FieldOptions" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" + "BackgroundColor": { + "markdownDescription": "The background color for an in-app message banner, expressed as a hex color code (such as #000000 for black).", + "title": "BackgroundColor", + "type": "string" }, - "PaginatedReportOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TablePaginatedReportOptions", - "markdownDescription": "The paginated report options for a table visual.", - "title": "PaginatedReportOptions" + "BodyConfig": { + "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.BodyConfig", + "markdownDescription": "An object that contains configuration information about the header or title text of the in-app message.", + "title": "BodyConfig" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableSortConfiguration", - "markdownDescription": "The sort configuration for a `TableVisual` .", - "title": "SortConfiguration" + "HeaderConfig": { + "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.HeaderConfig", + "markdownDescription": "An object that contains configuration information about the header or title text of the in-app message.", + "title": "HeaderConfig" }, - "TableInlineVisualizations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableInlineVisualization" - }, - "markdownDescription": "A collection of inline visualizations to display within a chart.", - "title": "TableInlineVisualizations", - "type": "array" + "ImageUrl": { + "markdownDescription": "The URL of the image that appears on an in-app message banner.", + "title": "ImageUrl", + "type": "string" }, - "TableOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableOptions", - "markdownDescription": "The table options for a table visual.", - "title": "TableOptions" + "PrimaryBtn": { + "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.ButtonConfig", + "markdownDescription": "An object that contains configuration information about the primary button in an in-app message.", + "title": "PrimaryBtn" }, - "TotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TotalOptions", - "markdownDescription": "The total options for a table visual.", - "title": "TotalOptions" + "SecondaryBtn": { + "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.ButtonConfig", + "markdownDescription": "An object that contains configuration information about the secondary button in an in-app message.", + "title": "SecondaryBtn" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TableFieldCustomIconContent": { + "AWS::Pinpoint::InAppTemplate.OverrideButtonConfiguration": { "additionalProperties": false, "properties": { - "Icon": { - "markdownDescription": "The icon set type (link) of the custom icon content for table URL link content.", - "title": "Icon", + "ButtonAction": { + "markdownDescription": "The action that occurs when a recipient chooses a button in an in-app message. You can specify one of the following:\n\n- `LINK` \u2013 A link to a web destination.\n- `DEEP_LINK` \u2013 A link to a specific page in an application.\n- `CLOSE` \u2013 Dismisses the message.", + "title": "ButtonAction", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.TableFieldCustomTextContent": { - "additionalProperties": false, - "properties": { - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", - "markdownDescription": "The font configuration of the custom text content for the table URL link content.", - "title": "FontConfiguration" }, - "Value": { - "markdownDescription": "The string value of the custom text content for the table URL link content.", - "title": "Value", + "Link": { + "markdownDescription": "The destination (such as a URL) for a button.", + "title": "Link", "type": "string" } }, - "required": [ - "FontConfiguration" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.TableFieldImageConfiguration": { - "additionalProperties": false, - "properties": { - "SizingOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellImageSizingConfiguration", - "markdownDescription": "The sizing options for the table image configuration.", - "title": "SizingOptions" - } - }, "type": "object" }, - "AWS::QuickSight::Dashboard.TableFieldLinkConfiguration": { + "AWS::Pinpoint::PushTemplate": { "additionalProperties": false, "properties": { - "Content": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldLinkContentConfiguration", - "markdownDescription": "The URL content (text, icon) for the table link configuration.", - "title": "Content" + "Condition": { + "type": "string" }, - "Target": { - "markdownDescription": "The URL target (new tab, new window, same tab) for the table link configuration.", - "title": "Target", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ADM": { + "$ref": "#/definitions/AWS::Pinpoint::PushTemplate.AndroidPushNotificationTemplate", + "markdownDescription": "The message template to use for the ADM (Amazon Device Messaging) channel. This message template overrides the default template for push notification channels ( `Default` ).", + "title": "ADM" + }, + "APNS": { + "$ref": "#/definitions/AWS::Pinpoint::PushTemplate.APNSPushNotificationTemplate", + "markdownDescription": "The message template to use for the APNs (Apple Push Notification service) channel. This message template overrides the default template for push notification channels ( `Default` ).", + "title": "APNS" + }, + "Baidu": { + "$ref": "#/definitions/AWS::Pinpoint::PushTemplate.AndroidPushNotificationTemplate", + "markdownDescription": "The message template to use for the Baidu (Baidu Cloud Push) channel. This message template overrides the default template for push notification channels ( `Default` ).", + "title": "Baidu" + }, + "Default": { + "$ref": "#/definitions/AWS::Pinpoint::PushTemplate.DefaultPushNotificationTemplate", + "markdownDescription": "The default message template to use for push notification channels.", + "title": "Default" + }, + "DefaultSubstitutions": { + "markdownDescription": "A JSON object that specifies the default values to use for message variables in the message template. This object is a set of key-value pairs. Each key defines a message variable in the template. The corresponding value defines the default value for that variable. When you create a message that's based on the template, you can override these defaults with message-specific and address-specific variables and values.", + "title": "DefaultSubstitutions", + "type": "string" + }, + "GCM": { + "$ref": "#/definitions/AWS::Pinpoint::PushTemplate.AndroidPushNotificationTemplate", + "markdownDescription": "The message template to use for the GCM channel, which is used to send notifications through the Firebase Cloud Messaging (FCM), formerly Google Cloud Messaging (GCM), service. This message template overrides the default template for push notification channels ( `Default` ).", + "title": "GCM" + }, + "Tags": { + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "object" + }, + "TemplateDescription": { + "markdownDescription": "A custom description of the message template.", + "title": "TemplateDescription", + "type": "string" + }, + "TemplateName": { + "markdownDescription": "The name of the message template to use for the message. If specified, this value must match the name of an existing message template.", + "title": "TemplateName", + "type": "string" + } + }, + "required": [ + "TemplateName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Pinpoint::PushTemplate" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Content", - "Target" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.TableFieldLinkContentConfiguration": { + "AWS::Pinpoint::PushTemplate.APNSPushNotificationTemplate": { "additionalProperties": false, "properties": { - "CustomIconContent": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldCustomIconContent", - "markdownDescription": "The custom icon content for the table link content configuration.", - "title": "CustomIconContent" + "Action": { + "markdownDescription": "The action to occur if a recipient taps a push notification that's based on the message template. Valid values are:\n\n- `OPEN_APP` \u2013 Your app opens or it becomes the foreground app if it was sent to the background. This is the default action.\n- `DEEP_LINK` \u2013 Your app opens and displays a designated user interface in the app. This setting uses the deep-linking features of the iOS platform.\n- `URL` \u2013 The default mobile browser on the recipient's device opens and loads the web page at a URL that you specify.", + "title": "Action", + "type": "string" }, - "CustomTextContent": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldCustomTextContent", - "markdownDescription": "The custom text content (value, font configuration) for the table link content configuration.", - "title": "CustomTextContent" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.TableFieldOption": { - "additionalProperties": false, - "properties": { - "CustomLabel": { - "markdownDescription": "The custom label for a table field.", - "title": "CustomLabel", + "Body": { + "markdownDescription": "The message body to use in push notifications that are based on the message template.", + "title": "Body", "type": "string" }, - "FieldId": { - "markdownDescription": "The field ID for a table field.", - "title": "FieldId", + "MediaUrl": { + "markdownDescription": "The URL of an image or video to display in push notifications that are based on the message template.", + "title": "MediaUrl", "type": "string" }, - "URLStyling": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldURLConfiguration", - "markdownDescription": "The URL configuration for a table field.", - "title": "URLStyling" + "Sound": { + "markdownDescription": "The key for the sound to play when the recipient receives a push notification that's based on the message template. The value for this key is the name of a sound file in your app's main bundle or the `Library/Sounds` folder in your app's data container. If the sound file can't be found or you specify `default` for the value, the system plays the default alert sound.", + "title": "Sound", + "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of a table field.", - "title": "Visibility", + "Title": { + "markdownDescription": "The title to use in push notifications that are based on the message template. This title appears above the notification message on a recipient's device.", + "title": "Title", "type": "string" }, - "Width": { - "markdownDescription": "The width for a table field.", - "title": "Width", + "Url": { + "markdownDescription": "The URL to open in the recipient's default mobile browser, if a recipient taps a push notification that's based on the message template and the value of the `Action` property is `URL` .", + "title": "Url", "type": "string" } }, - "required": [ - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.TableFieldOptions": { + "AWS::Pinpoint::PushTemplate.AndroidPushNotificationTemplate": { "additionalProperties": false, "properties": { - "Order": { - "items": { - "type": "string" - }, - "markdownDescription": "The order of the field IDs that are configured as field options for a table visual.", - "title": "Order", - "type": "array" + "Action": { + "markdownDescription": "The action to occur if a recipient taps a push notification that's based on the message template. Valid values are:\n\n- `OPEN_APP` \u2013 Your app opens or it becomes the foreground app if it was sent to the background. This is the default action.\n- `DEEP_LINK` \u2013 Your app opens and displays a designated user interface in the app. This action uses the deep-linking features of the Android platform.\n- `URL` \u2013 The default mobile browser on the recipient's device opens and loads the web page at a URL that you specify.", + "title": "Action", + "type": "string" }, - "PinnedFieldOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TablePinnedFieldOptions", - "markdownDescription": "The settings for the pinned columns of a table visual.", - "title": "PinnedFieldOptions" + "Body": { + "markdownDescription": "The message body to use in a push notification that's based on the message template.", + "title": "Body", + "type": "string" }, - "SelectedFieldOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldOption" - }, - "markdownDescription": "The field options to be configured to a table.", - "title": "SelectedFieldOptions", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.TableFieldURLConfiguration": { - "additionalProperties": false, - "properties": { - "ImageConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldImageConfiguration", - "markdownDescription": "The image configuration of a table field URL.", - "title": "ImageConfiguration" + "ImageIconUrl": { + "markdownDescription": "The URL of the large icon image to display in the content view of a push notification that's based on the message template.", + "title": "ImageIconUrl", + "type": "string" }, - "LinkConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldLinkConfiguration", - "markdownDescription": "The link configuration of a table field URL.", - "title": "LinkConfiguration" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.TableFieldWells": { - "additionalProperties": false, - "properties": { - "TableAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableAggregatedFieldWells", - "markdownDescription": "The aggregated field well for the table.", - "title": "TableAggregatedFieldWells" + "ImageUrl": { + "markdownDescription": "The URL of an image to display in a push notification that's based on the message template.", + "title": "ImageUrl", + "type": "string" }, - "TableUnaggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableUnaggregatedFieldWells", - "markdownDescription": "The unaggregated field well for the table.", - "title": "TableUnaggregatedFieldWells" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.TableInlineVisualization": { - "additionalProperties": false, - "properties": { - "DataBars": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataBarsOptions", - "markdownDescription": "The configuration of the inline visualization of the data bars within a chart.", - "title": "DataBars" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.TableOptions": { - "additionalProperties": false, - "properties": { - "CellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", - "markdownDescription": "The table cell style of table cells.", - "title": "CellStyle" + "SmallImageIconUrl": { + "markdownDescription": "The URL of the small icon image to display in the status bar and the content view of a push notification that's based on the message template.", + "title": "SmallImageIconUrl", + "type": "string" }, - "HeaderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", - "markdownDescription": "The table cell style of a table header.", - "title": "HeaderStyle" + "Sound": { + "markdownDescription": "The sound to play when a recipient receives a push notification that's based on the message template. You can use the default stream or specify the file name of a sound resource that's bundled in your app. On an Android platform, the sound file must reside in `/res/raw/` .", + "title": "Sound", + "type": "string" }, - "Orientation": { - "markdownDescription": "The orientation (vertical, horizontal) for a table.", - "title": "Orientation", + "Title": { + "markdownDescription": "The title to use in a push notification that's based on the message template. This title appears above the notification message on a recipient's device.", + "title": "Title", "type": "string" }, - "RowAlternateColorOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RowAlternateColorOptions", - "markdownDescription": "The row alternate color options (widget status, row alternate colors) for a table.", - "title": "RowAlternateColorOptions" + "Url": { + "markdownDescription": "The URL to open in a recipient's default mobile browser, if a recipient taps a push notification that's based on the message template and the value of the `Action` property is `URL` .", + "title": "Url", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TablePaginatedReportOptions": { + "AWS::Pinpoint::PushTemplate.DefaultPushNotificationTemplate": { "additionalProperties": false, "properties": { - "OverflowColumnHeaderVisibility": { - "markdownDescription": "The visibility of repeating header rows on each page.", - "title": "OverflowColumnHeaderVisibility", + "Action": { + "markdownDescription": "The action to occur if a recipient taps a push notification that's based on the message template. Valid values are:\n\n- `OPEN_APP` \u2013 Your app opens or it becomes the foreground app if it was sent to the background. This is the default action.\n- `DEEP_LINK` \u2013 Your app opens and displays a designated user interface in the app. This setting uses the deep-linking features of the iOS and Android platforms.\n- `URL` \u2013 The default mobile browser on the recipient's device opens and loads the web page at a URL that you specify.", + "title": "Action", "type": "string" }, - "VerticalOverflowVisibility": { - "markdownDescription": "The visibility of printing table overflow across pages.", - "title": "VerticalOverflowVisibility", + "Body": { + "markdownDescription": "The message body to use in push notifications that are based on the message template.", + "title": "Body", + "type": "string" + }, + "Sound": { + "markdownDescription": "The sound to play when a recipient receives a push notification that's based on the message template. You can use the default stream or specify the file name of a sound resource that's bundled in your app. On an Android platform, the sound file must reside in `/res/raw/` .\n\nFor an iOS platform, this value is the key for the name of a sound file in your app's main bundle or the `Library/Sounds` folder in your app's data container. If the sound file can't be found or you specify `default` for the value, the system plays the default alert sound.", + "title": "Sound", + "type": "string" + }, + "Title": { + "markdownDescription": "The title to use in push notifications that are based on the message template. This title appears above the notification message on a recipient's device.", + "title": "Title", + "type": "string" + }, + "Url": { + "markdownDescription": "The URL to open in a recipient's default mobile browser, if a recipient taps a push notification that's based on the message template and the value of the `Action` property is `URL` .", + "title": "Url", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TablePinnedFieldOptions": { - "additionalProperties": false, - "properties": { - "PinnedLeftFields": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of columns to be pinned to the left of a table visual.", - "title": "PinnedLeftFields", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.TableRowConditionalFormatting": { + "AWS::Pinpoint::SMSChannel": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting color (solid, gradient) of the background for a table row.", - "title": "BackgroundColor" + "Condition": { + "type": "string" }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting color (solid, gradient) of the text for a table row.", - "title": "TextColor" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.TableSideBorderOptions": { - "additionalProperties": false, - "properties": { - "Bottom": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", - "markdownDescription": "The table border options of the bottom border.", - "title": "Bottom" - }, - "InnerHorizontal": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", - "markdownDescription": "The table border options of the inner horizontal border.", - "title": "InnerHorizontal" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "InnerVertical": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", - "markdownDescription": "The table border options of the inner vertical border.", - "title": "InnerVertical" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Left": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", - "markdownDescription": "The table border options of the left border.", - "title": "Left" + "Metadata": { + "type": "object" }, - "Right": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", - "markdownDescription": "The table border options of the right border.", - "title": "Right" + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the SMS channel applies to.", + "title": "ApplicationId", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Specifies whether to enable the SMS channel for the application.", + "title": "Enabled", + "type": "boolean" + }, + "SenderId": { + "markdownDescription": "The identity that you want to display on recipients' devices when they receive messages from the SMS channel.\n\n> SenderIDs are only supported in certain countries and regions. For more information, see [Supported Countries and Regions](https://docs.aws.amazon.com/pinpoint/latest/userguide/channels-sms-countries.html) in the *Amazon Pinpoint User Guide* .", + "title": "SenderId", + "type": "string" + }, + "ShortCode": { + "markdownDescription": "The registered short code that you want to use when you send messages through the SMS channel.\n\n> For information about obtaining a dedicated short code for sending SMS messages, see [Requesting Dedicated Short Codes for SMS Messaging with Amazon Pinpoint](https://docs.aws.amazon.com/pinpoint/latest/userguide/channels-sms-awssupport-short-code.html) in the *Amazon Pinpoint User Guide* .", + "title": "ShortCode", + "type": "string" + } + }, + "required": [ + "ApplicationId" + ], + "type": "object" }, - "Top": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", - "markdownDescription": "The table border options of the top border.", - "title": "Top" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.TableSortConfiguration": { - "additionalProperties": false, - "properties": { - "PaginationConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PaginationConfiguration", - "markdownDescription": "The pagination configuration (page size, page number) for the table.", - "title": "PaginationConfiguration" + "Type": { + "enum": [ + "AWS::Pinpoint::SMSChannel" + ], + "type": "string" }, - "RowSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The field sort options for rows in the table.", - "title": "RowSort", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.TableStyleTarget": { - "additionalProperties": false, - "properties": { - "CellType": { - "markdownDescription": "The cell type of the table style target.", - "title": "CellType", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "CellType" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.TableUnaggregatedFieldWells": { - "additionalProperties": false, - "properties": { - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.UnaggregatedField" - }, - "markdownDescription": "The values field well for a pivot table. Values are unaggregated for an unaggregated table.", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.TableVisual": { + "AWS::Pinpoint::Segment": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableConditionalFormatting", - "markdownDescription": "The conditional formatting for a `PivotTableVisual` .", - "title": "ConditionalFormatting" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Metadata": { + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the segment is associated with.", + "title": "ApplicationId", + "type": "string" + }, + "Dimensions": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.SegmentDimensions", + "markdownDescription": "An array that defines the dimensions for the segment.", + "title": "Dimensions" + }, + "Name": { + "markdownDescription": "The name of the segment.\n\n> A segment must have a name otherwise it will not appear in the Amazon Pinpoint console.", + "title": "Name", + "type": "string" + }, + "SegmentGroups": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.SegmentGroups", + "markdownDescription": "The segment group to use and the dimensions to apply to the group's base segments in order to build the segment. A segment group can consist of zero or more base segments. Your request can include only one segment group.", + "title": "SegmentGroups" + }, + "Tags": { + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "object" + } + }, + "required": [ + "ApplicationId", + "Name" + ], + "type": "object" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "Type": { + "enum": [ + "AWS::Pinpoint::Segment" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.TextAreaControlDisplayOptions": { + "AWS::Pinpoint::Segment.AttributeDimension": { "additionalProperties": false, "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" - }, - "PlaceholderOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextControlPlaceholderOptions", - "markdownDescription": "The configuration of the placeholder options in a text area control.", - "title": "PlaceholderOptions" + "AttributeType": { + "type": "string" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" + "Values": { + "items": { + "type": "string" + }, + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TextConditionalFormat": { + "AWS::Pinpoint::Segment.Behavior": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting for the text background color.", - "title": "BackgroundColor" - }, - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting for the icon.", - "title": "Icon" - }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting for the text color.", - "title": "TextColor" + "Recency": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.Recency", + "markdownDescription": "Specifies how recently segment members were active.", + "title": "Recency" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TextControlPlaceholderOptions": { + "AWS::Pinpoint::Segment.Coordinates": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility configuration of the placeholder options in a text control.", - "title": "Visibility", - "type": "string" + "Latitude": { + "markdownDescription": "The latitude coordinate of the location.", + "title": "Latitude", + "type": "number" + }, + "Longitude": { + "markdownDescription": "The longitude coordinate of the location.", + "title": "Longitude", + "type": "number" } }, + "required": [ + "Latitude", + "Longitude" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TextFieldControlDisplayOptions": { + "AWS::Pinpoint::Segment.Demographic": { "additionalProperties": false, "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" + "AppVersion": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", + "markdownDescription": "The app version criteria for the segment.", + "title": "AppVersion" }, - "PlaceholderOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextControlPlaceholderOptions", - "markdownDescription": "The configuration of the placeholder options in a text field control.", - "title": "PlaceholderOptions" + "Channel": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", + "markdownDescription": "The channel criteria for the segment.", + "title": "Channel" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" + "DeviceType": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", + "markdownDescription": "The device type criteria for the segment.", + "title": "DeviceType" + }, + "Make": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", + "markdownDescription": "The device make criteria for the segment.", + "title": "Make" + }, + "Model": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", + "markdownDescription": "The device model criteria for the segment.", + "title": "Model" + }, + "Platform": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", + "markdownDescription": "The device platform criteria for the segment.", + "title": "Platform" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ThousandSeparatorOptions": { + "AWS::Pinpoint::Segment.GPSPoint": { "additionalProperties": false, "properties": { - "Symbol": { - "markdownDescription": "Determines the thousands separator symbol.", - "title": "Symbol", - "type": "string" + "Coordinates": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.Coordinates", + "markdownDescription": "The GPS coordinates to measure distance from.", + "title": "Coordinates" }, - "Visibility": { - "markdownDescription": "Determines the visibility of the thousands separator.", - "title": "Visibility", - "type": "string" + "RangeInKilometers": { + "markdownDescription": "The range, in kilometers, from the GPS coordinates.", + "title": "RangeInKilometers", + "type": "number" } }, + "required": [ + "Coordinates", + "RangeInKilometers" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TimeBasedForecastProperties": { + "AWS::Pinpoint::Segment.Groups": { "additionalProperties": false, "properties": { - "LowerBoundary": { - "markdownDescription": "The lower boundary setup of a forecast computation.", - "title": "LowerBoundary", - "type": "number" - }, - "PeriodsBackward": { - "markdownDescription": "The periods backward setup of a forecast computation.", - "title": "PeriodsBackward", - "type": "number" - }, - "PeriodsForward": { - "markdownDescription": "The periods forward setup of a forecast computation.", - "title": "PeriodsForward", - "type": "number" + "Dimensions": { + "items": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.SegmentDimensions" + }, + "markdownDescription": "An array that defines the dimensions to include or exclude from the segment.", + "title": "Dimensions", + "type": "array" }, - "PredictionInterval": { - "markdownDescription": "The prediction interval setup of a forecast computation.", - "title": "PredictionInterval", - "type": "number" + "SourceSegments": { + "items": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.SourceSegments" + }, + "markdownDescription": "The base segment to build the segment on. A base segment, also called a *source segment* , defines the initial population of endpoints for a segment. When you add dimensions to the segment, Amazon Pinpoint filters the base segment by using the dimensions that you specify.\n\nYou can specify more than one dimensional segment or only one imported segment. If you specify an imported segment, the segment size estimate that displays on the Amazon Pinpoint console indicates the size of the imported segment without any filters applied to it.", + "title": "SourceSegments", + "type": "array" }, - "Seasonality": { - "markdownDescription": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `NULL` : The input is set to `NULL` .\n- `NON_NULL` : The input is set to a custom value.", - "title": "Seasonality", - "type": "number" + "SourceType": { + "markdownDescription": "Specifies how to handle multiple base segments for the segment. For example, if you specify three base segments for the segment, whether the resulting segment is based on all, any, or none of the base segments.", + "title": "SourceType", + "type": "string" }, - "UpperBoundary": { - "markdownDescription": "The upper boundary setup of a forecast computation.", - "title": "UpperBoundary", - "type": "number" + "Type": { + "markdownDescription": "Specifies how to handle multiple dimensions for the segment. For example, if you specify three dimensions for the segment, whether the resulting segment includes endpoints that match all, any, or none of the dimensions.", + "title": "Type", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TimeEqualityFilter": { + "AWS::Pinpoint::Segment.Location": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" - }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", - "type": "string" - }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `Value` and `RollingDate` .", - "title": "ParameterName", - "type": "string" - }, - "RollingDate": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RollingDateConfiguration", - "markdownDescription": "The rolling date input for the `TimeEquality` filter.\n\nThis field is mutually exclusive to `Value` and `ParameterName` .", - "title": "RollingDate" - }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", - "type": "string" + "Country": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", + "markdownDescription": "The country or region code, in ISO 3166-1 alpha-2 format, for the segment.", + "title": "Country" }, - "Value": { - "markdownDescription": "The value of a `TimeEquality` filter.\n\nThis field is mutually exclusive to `RollingDate` and `ParameterName` .", - "title": "Value", - "type": "string" + "GPSPoint": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.GPSPoint", + "markdownDescription": "The GPS point dimension for the segment.", + "title": "GPSPoint" } }, - "required": [ - "Column", - "FilterId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.TimeRangeDrillDownFilter": { + "AWS::Pinpoint::Segment.Recency": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "RangeMaximum": { - "markdownDescription": "The maximum value for the filter value range.", - "title": "RangeMaximum", - "type": "string" - }, - "RangeMinimum": { - "markdownDescription": "The minimum value for the filter value range.", - "title": "RangeMinimum", + "Duration": { + "markdownDescription": "The duration to use when determining which users have been active or inactive with your app.\n\nPossible values: `HR_24` | `DAY_7` | `DAY_14` | `DAY_30` .", + "title": "Duration", "type": "string" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", + "RecencyType": { + "markdownDescription": "The type of recency dimension to use for the segment. Valid values are: `ACTIVE` and `INACTIVE` . If the value is `ACTIVE` , the segment includes users who have used your app within the specified duration are included in the segment. If the value is `INACTIVE` , the segment includes users who haven't used your app within the specified duration are included in the segment.", + "title": "RecencyType", "type": "string" } }, "required": [ - "Column", - "RangeMaximum", - "RangeMinimum", - "TimeGranularity" + "Duration", + "RecencyType" ], "type": "object" }, - "AWS::QuickSight::Dashboard.TimeRangeFilter": { + "AWS::Pinpoint::Segment.SegmentDimensions": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" - }, - "ExcludePeriodConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ExcludePeriodConfiguration", - "markdownDescription": "The exclude period of the time range filter.", - "title": "ExcludePeriodConfiguration" - }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", - "type": "string" - }, - "IncludeMaximum": { - "markdownDescription": "Determines whether the maximum value in the filter value range should be included in the filtered results.", - "title": "IncludeMaximum", - "type": "boolean" + "Attributes": { + "markdownDescription": "One or more custom attributes to use as criteria for the segment. For more information see [AttributeDimension](https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-segments.html#apps-application-id-segments-model-attributedimension)", + "title": "Attributes", + "type": "object" }, - "IncludeMinimum": { - "markdownDescription": "Determines whether the minimum value in the filter value range should be included in the filtered results.", - "title": "IncludeMinimum", - "type": "boolean" + "Behavior": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.Behavior", + "markdownDescription": "The behavior-based criteria, such as how recently users have used your app, for the segment.", + "title": "Behavior" }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", - "type": "string" + "Demographic": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.Demographic", + "markdownDescription": "The demographic-based criteria, such as device platform, for the segment.", + "title": "Demographic" }, - "RangeMaximumValue": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TimeRangeFilterValue", - "markdownDescription": "The maximum value for the filter value range.", - "title": "RangeMaximumValue" + "Location": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.Location", + "markdownDescription": "The location-based criteria, such as region or GPS coordinates, for the segment.", + "title": "Location" }, - "RangeMinimumValue": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TimeRangeFilterValue", - "markdownDescription": "The minimum value for the filter value range.", - "title": "RangeMinimumValue" + "Metrics": { + "markdownDescription": "One or more custom metrics to use as criteria for the segment.", + "title": "Metrics", + "type": "object" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", - "type": "string" + "UserAttributes": { + "markdownDescription": "One or more custom user attributes to use as criteria for the segment.", + "title": "UserAttributes", + "type": "object" } }, - "required": [ - "Column", - "FilterId", - "NullOption" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.TimeRangeFilterValue": { + "AWS::Pinpoint::Segment.SegmentGroups": { "additionalProperties": false, "properties": { - "Parameter": { - "markdownDescription": "The parameter type input value.", - "title": "Parameter", - "type": "string" - }, - "RollingDate": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RollingDateConfiguration", - "markdownDescription": "The rolling date input value.", - "title": "RollingDate" + "Groups": { + "items": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.Groups" + }, + "markdownDescription": "Specifies the set of segment criteria to evaluate when handling segment groups for the segment.", + "title": "Groups", + "type": "array" }, - "StaticValue": { - "markdownDescription": "The static input value.", - "title": "StaticValue", + "Include": { + "markdownDescription": "Specifies how to handle multiple segment groups for the segment. For example, if the segment includes three segment groups, whether the resulting segment includes endpoints that match all, any, or none of the segment groups.", + "title": "Include", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TooltipItem": { + "AWS::Pinpoint::Segment.SetDimension": { "additionalProperties": false, "properties": { - "ColumnTooltipItem": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnTooltipItem", - "markdownDescription": "The tooltip item for the columns that are not part of a field well.", - "title": "ColumnTooltipItem" + "DimensionType": { + "markdownDescription": "The type of segment dimension to use. Valid values are: `INCLUSIVE` , endpoints that match the criteria are included in the segment; and, `EXCLUSIVE` , endpoints that match the criteria are excluded from the segment.", + "title": "DimensionType", + "type": "string" }, - "FieldTooltipItem": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldTooltipItem", - "markdownDescription": "The tooltip item for the fields.", - "title": "FieldTooltipItem" + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The criteria values to use for the segment dimension. Depending on the value of the `DimensionType` property, endpoints are included or excluded from the segment if their values match the criteria values.", + "title": "Values", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TooltipOptions": { + "AWS::Pinpoint::Segment.SourceSegments": { "additionalProperties": false, "properties": { - "FieldBasedTooltip": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldBasedTooltip", - "markdownDescription": "The setup for the detailed tooltip. The tooltip setup is always saved. The display type is decided based on the tooltip type.", - "title": "FieldBasedTooltip" - }, - "SelectedTooltipType": { - "markdownDescription": "The selected type for the tooltip. Choose one of the following options:\n\n- `BASIC` : A basic tooltip.\n- `DETAILED` : A detailed tooltip.", - "title": "SelectedTooltipType", + "Id": { + "markdownDescription": "The unique identifier for the source segment.", + "title": "Id", "type": "string" }, - "TooltipVisibility": { - "markdownDescription": "Determines whether or not the tooltip is visible.", - "title": "TooltipVisibility", - "type": "string" + "Version": { + "markdownDescription": "The version number of the source segment.", + "title": "Version", + "type": "number" } }, + "required": [ + "Id" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TopBottomFilter": { + "AWS::Pinpoint::SmsTemplate": { "additionalProperties": false, "properties": { - "AggregationSortConfigurations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationSortConfiguration" - }, - "markdownDescription": "The aggregation and sort configuration of the top bottom filter.", - "title": "AggregationSortConfigurations", - "type": "array" + "Condition": { + "type": "string" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", - "type": "string" + "Metadata": { + "type": "object" }, - "Limit": { - "markdownDescription": "The number of items to include in the top bottom filter results.", - "title": "Limit", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "Body": { + "markdownDescription": "The message body to use in text messages that are based on the message template.", + "title": "Body", + "type": "string" + }, + "DefaultSubstitutions": { + "markdownDescription": "A JSON object that specifies the default values to use for message variables in the message template. This object is a set of key-value pairs. Each key defines a message variable in the template. The corresponding value defines the default value for that variable. When you create a message that's based on the template, you can override these defaults with message-specific and address-specific variables and values.", + "title": "DefaultSubstitutions", + "type": "string" + }, + "Tags": { + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "object" + }, + "TemplateDescription": { + "markdownDescription": "A custom description of the message template.", + "title": "TemplateDescription", + "type": "string" + }, + "TemplateName": { + "markdownDescription": "The name of the message template to use for the message. If specified, this value must match the name of an existing message template.", + "title": "TemplateName", + "type": "string" + } + }, + "required": [ + "Body", + "TemplateName" + ], + "type": "object" }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.", - "title": "ParameterName", + "Type": { + "enum": [ + "AWS::Pinpoint::SmsTemplate" + ], "type": "string" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "AggregationSortConfigurations", - "Column", - "FilterId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.TopBottomMoversComputation": { + "AWS::Pinpoint::VoiceChannel": { "additionalProperties": false, "properties": { - "Category": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", - "markdownDescription": "The category field that is used in a computation.", - "title": "Category" - }, - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", + "Condition": { "type": "string" }, - "MoverSize": { - "markdownDescription": "The mover size setup of the top and bottom movers computation.", - "title": "MoverSize", - "type": "number" - }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SortOrder": { - "markdownDescription": "The sort order setup of the top and bottom movers computation.", - "title": "SortOrder", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the voice channel applies to.", + "title": "ApplicationId", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Specifies whether to enable the voice channel for the application.", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "ApplicationId" + ], + "type": "object" }, "Type": { - "markdownDescription": "The computation type. Choose from the following options:\n\n- TOP: Top movers computation.\n- BOTTOM: Bottom movers computation.", - "title": "Type", + "enum": [ + "AWS::Pinpoint::VoiceChannel" + ], "type": "string" }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "ComputationId", - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.TopBottomRankedComputation": { + "AWS::PinpointEmail::ConfigurationSet": { "additionalProperties": false, "properties": { - "Category": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", - "markdownDescription": "The category field that is used in a computation.", - "title": "Category" - }, - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", + "Condition": { "type": "string" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ResultSize": { - "markdownDescription": "The result size of a top and bottom ranked computation.", - "title": "ResultSize", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DeliveryOptions": { + "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSet.DeliveryOptions", + "markdownDescription": "An object that defines the dedicated IP pool that is used to send emails that you send using the configuration set.", + "title": "DeliveryOptions" + }, + "Name": { + "markdownDescription": "The name of the configuration set.", + "title": "Name", + "type": "string" + }, + "ReputationOptions": { + "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSet.ReputationOptions", + "markdownDescription": "An object that defines whether or not Amazon Pinpoint collects reputation metrics for the emails that you send that use the configuration set.", + "title": "ReputationOptions" + }, + "SendingOptions": { + "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSet.SendingOptions", + "markdownDescription": "An object that defines whether or not Amazon Pinpoint can send email that you send using the configuration set.", + "title": "SendingOptions" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSet.Tags" + }, + "markdownDescription": "An object that defines the tags (keys and values) that you want to associate with the configuration set.", + "title": "Tags", + "type": "array" + }, + "TrackingOptions": { + "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSet.TrackingOptions", + "markdownDescription": "An object that defines the open and click tracking options for emails that you send using the configuration set.", + "title": "TrackingOptions" + } + }, + "required": [ + "Name" + ], + "type": "object" }, "Type": { - "markdownDescription": "The computation type. Choose one of the following options:\n\n- TOP: A top ranked computation.\n- BOTTOM: A bottom ranked computation.", - "title": "Type", + "enum": [ + "AWS::PinpointEmail::ConfigurationSet" + ], "type": "string" }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "ComputationId", - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.TotalAggregationComputation": { + "AWS::PinpointEmail::ConfigurationSet.DeliveryOptions": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "SendingPoolName": { + "markdownDescription": "The name of the dedicated IP pool that you want to associate with the configuration set.", + "title": "SendingPoolName", "type": "string" - }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" } }, - "required": [ - "ComputationId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.TotalAggregationFunction": { + "AWS::PinpointEmail::ConfigurationSet.ReputationOptions": { "additionalProperties": false, "properties": { - "SimpleTotalAggregationFunction": { - "markdownDescription": "A built in aggregation function for total values.", - "title": "SimpleTotalAggregationFunction", - "type": "string" + "ReputationMetricsEnabled": { + "markdownDescription": "If `true` , tracking of reputation metrics is enabled for the configuration set. If `false` , tracking of reputation metrics is disabled for the configuration set.", + "title": "ReputationMetricsEnabled", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TotalAggregationOption": { + "AWS::PinpointEmail::ConfigurationSet.SendingOptions": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field id that's associated with the total aggregation option.", - "title": "FieldId", - "type": "string" - }, - "TotalAggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TotalAggregationFunction", - "markdownDescription": "The total aggregation function that you want to set for a specified field id.", - "title": "TotalAggregationFunction" + "SendingEnabled": { + "markdownDescription": "If `true` , email sending is enabled for the configuration set. If `false` , email sending is disabled for the configuration set.", + "title": "SendingEnabled", + "type": "boolean" } }, - "required": [ - "FieldId", - "TotalAggregationFunction" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.TotalOptions": { + "AWS::PinpointEmail::ConfigurationSet.Tags": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label string for the total cells.", - "title": "CustomLabel", - "type": "string" - }, - "Placement": { - "markdownDescription": "The placement (start, end) for the total cells.", - "title": "Placement", - "type": "string" - }, - "ScrollStatus": { - "markdownDescription": "The scroll status (pinned, scrolled) for the total cells.", - "title": "ScrollStatus", + "Key": { + "markdownDescription": "One part of a key-value pair that defines a tag. The maximum length of a tag key is 128 characters. The minimum length is 1 character.\n\nIf you specify tags for the configuration set, then this value is required.", + "title": "Key", "type": "string" }, - "TotalAggregationOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TotalAggregationOption" - }, - "markdownDescription": "The total aggregation settings for each value field.", - "title": "TotalAggregationOptions", - "type": "array" - }, - "TotalCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", - "markdownDescription": "Cell styling options for the total cells.", - "title": "TotalCellStyle" - }, - "TotalsVisibility": { - "markdownDescription": "The visibility configuration for the total cells.", - "title": "TotalsVisibility", + "Value": { + "markdownDescription": "The optional part of a key-value pair that defines a tag. The maximum length of a tag value is 256 characters. The minimum length is 0 characters. If you don\u2019t want a resource to have a specific tag value, don\u2019t specify a value for this parameter. Amazon Pinpoint will set the value to an empty string.", + "title": "Value", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TreeMapAggregatedFieldWells": { + "AWS::PinpointEmail::ConfigurationSet.TrackingOptions": { "additionalProperties": false, "properties": { - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The color field well of a tree map. Values are grouped by aggregations based on group by fields.", - "title": "Colors", - "type": "array" - }, - "Groups": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The group by field well of a tree map. Values are grouped based on group by fields.", - "title": "Groups", - "type": "array" - }, - "Sizes": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The size field well of a tree map. Values are aggregated based on group by fields.", - "title": "Sizes", - "type": "array" + "CustomRedirectDomain": { + "markdownDescription": "The domain that you want to use for tracking open and click events.", + "title": "CustomRedirectDomain", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TreeMapConfiguration": { + "AWS::PinpointEmail::ConfigurationSetEventDestination": { "additionalProperties": false, "properties": { - "ColorLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility) for the colors displayed in a tree map.", - "title": "ColorLabelOptions" - }, - "ColorScale": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColorScale", - "markdownDescription": "The color options (gradient color, point of divergence) of a tree map.", - "title": "ColorScale" - }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.", - "title": "DataLabels" + "Condition": { + "type": "string" }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TreeMapFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "GroupLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility) of the groups that are displayed in a tree map.", - "title": "GroupLabelOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" + "Metadata": { + "type": "object" }, - "SizeLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility) of the sizes that are displayed in a tree map.", - "title": "SizeLabelOptions" + "Properties": { + "additionalProperties": false, + "properties": { + "ConfigurationSetName": { + "markdownDescription": "The name of the configuration set that contains the event destination that you want to modify.", + "title": "ConfigurationSetName", + "type": "string" + }, + "EventDestination": { + "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination.EventDestination", + "markdownDescription": "An object that defines the event destination.", + "title": "EventDestination" + }, + "EventDestinationName": { + "markdownDescription": "The name of the event destination that you want to modify.", + "title": "EventDestinationName", + "type": "string" + } + }, + "required": [ + "ConfigurationSetName", + "EventDestinationName" + ], + "type": "object" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TreeMapSortConfiguration", - "markdownDescription": "The sort configuration of a tree map.", - "title": "SortConfiguration" + "Type": { + "enum": [ + "AWS::PinpointEmail::ConfigurationSetEventDestination" + ], + "type": "string" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TreeMapFieldWells": { + "AWS::PinpointEmail::ConfigurationSetEventDestination.CloudWatchDestination": { "additionalProperties": false, "properties": { - "TreeMapAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TreeMapAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a tree map.", - "title": "TreeMapAggregatedFieldWells" + "DimensionConfigurations": { + "items": { + "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination.DimensionConfiguration" + }, + "markdownDescription": "An array of objects that define the dimensions to use when you send email events to Amazon CloudWatch.", + "title": "DimensionConfigurations", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TreeMapSortConfiguration": { + "AWS::PinpointEmail::ConfigurationSetEventDestination.DimensionConfiguration": { "additionalProperties": false, "properties": { - "TreeMapGroupItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of groups that are displayed.", - "title": "TreeMapGroupItemsLimitConfiguration" + "DefaultDimensionValue": { + "markdownDescription": "The default value of the dimension that is published to Amazon CloudWatch if you don't provide the value of the dimension when you send an email. This value has to meet the following criteria:\n\n- It can only contain ASCII letters (a\u2013z, A\u2013Z), numbers (0\u20139), underscores (_), or dashes (-).\n- It can contain no more than 256 characters.", + "title": "DefaultDimensionValue", + "type": "string" }, - "TreeMapSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of group by fields.", - "title": "TreeMapSort", - "type": "array" + "DimensionName": { + "markdownDescription": "The name of an Amazon CloudWatch dimension associated with an email sending metric. The name has to meet the following criteria:\n\n- It can only contain ASCII letters (a\u2013z, A\u2013Z), numbers (0\u20139), underscores (_), or dashes (-).\n- It can contain no more than 256 characters.", + "title": "DimensionName", + "type": "string" + }, + "DimensionValueSource": { + "markdownDescription": "The location where Amazon Pinpoint finds the value of a dimension to publish to Amazon CloudWatch. Acceptable values: `MESSAGE_TAG` , `EMAIL_HEADER` , and `LINK_TAG` .\n\nIf you want Amazon Pinpoint to use the message tags that you specify using an `X-SES-MESSAGE-TAGS` header or a parameter to the `SendEmail` API, choose `MESSAGE_TAG` . If you want Amazon Pinpoint to use your own email headers, choose `EMAIL_HEADER` . If you want Amazon Pinpoint to use tags that are specified in your links, choose `LINK_TAG` .", + "title": "DimensionValueSource", + "type": "string" } }, + "required": [ + "DefaultDimensionValue", + "DimensionName", + "DimensionValueSource" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TreeMapVisual": { + "AWS::PinpointEmail::ConfigurationSetEventDestination.EventDestination": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "CloudWatchDestination": { + "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination.CloudWatchDestination", + "markdownDescription": "An object that defines an Amazon CloudWatch destination for email events. You can use Amazon CloudWatch to monitor and gain insights on your email sending metrics.", + "title": "CloudWatchDestination" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TreeMapConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "Enabled": { + "markdownDescription": "If `true` , the event destination is enabled. When the event destination is enabled, the specified event types are sent to the destinations in this `EventDestinationDefinition` .\n\nIf `false` , the event destination is disabled. When the event destination is disabled, events aren't sent to the specified destinations.", + "title": "Enabled", + "type": "boolean" }, - "ColumnHierarchies": { + "KinesisFirehoseDestination": { + "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination.KinesisFirehoseDestination", + "markdownDescription": "An object that defines an Amazon Kinesis Data Firehose destination for email events. You can use Amazon Kinesis Data Firehose to stream data to other services, such as Amazon S3 and Amazon Redshift.", + "title": "KinesisFirehoseDestination" + }, + "MatchingEventTypes": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + "type": "string" }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", + "markdownDescription": "The types of events that Amazon Pinpoint sends to the specified event destinations. Acceptable values: `SEND` , `REJECT` , `BOUNCE` , `COMPLAINT` , `DELIVERY` , `OPEN` , `CLICK` , and `RENDERING_FAILURE` .", + "title": "MatchingEventTypes", "type": "array" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "PinpointDestination": { + "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination.PinpointDestination", + "markdownDescription": "An object that defines a Amazon Pinpoint destination for email events. You can use Amazon Pinpoint events to create attributes in Amazon Pinpoint projects. You can use these attributes to create segments for your campaigns.", + "title": "PinpointDestination" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", - "type": "string" + "SnsDestination": { + "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination.SnsDestination", + "markdownDescription": "An object that defines an Amazon SNS destination for email events. You can use Amazon SNS to send notification when certain email events occur.", + "title": "SnsDestination" } }, "required": [ - "VisualId" + "MatchingEventTypes" ], "type": "object" }, - "AWS::QuickSight::Dashboard.TrendArrowOptions": { + "AWS::PinpointEmail::ConfigurationSetEventDestination.KinesisFirehoseDestination": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility of the trend arrows.", - "title": "Visibility", + "DeliveryStreamArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Kinesis Data Firehose stream that Amazon Pinpoint sends email events to.", + "title": "DeliveryStreamArn", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.UnaggregatedField": { - "additionalProperties": false, - "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that is used in the `UnaggregatedField` .", - "title": "Column" }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "IamRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that Amazon Pinpoint uses when sending email events to the Amazon Kinesis Data Firehose stream.", + "title": "IamRoleArn", "type": "string" - }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" } }, "required": [ - "Column", - "FieldId" + "DeliveryStreamArn", + "IamRoleArn" ], "type": "object" }, - "AWS::QuickSight::Dashboard.UniqueValuesComputation": { + "AWS::PinpointEmail::ConfigurationSetEventDestination.PinpointDestination": { "additionalProperties": false, "properties": { - "Category": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", - "markdownDescription": "The category field that is used in a computation.", - "title": "Category" - }, - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "ApplicationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Pinpoint project that you want to send email events to.", + "title": "ApplicationArn", "type": "string" } }, - "required": [ - "ComputationId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.ValidationStrategy": { + "AWS::PinpointEmail::ConfigurationSetEventDestination.SnsDestination": { "additionalProperties": false, "properties": { - "Mode": { - "markdownDescription": "The mode of validation for the asset to be created or updated. When you set this value to `STRICT` , strict validation for every error is enforced. When you set this value to `LENIENT` , validation is skipped for specific UI errors.", - "title": "Mode", + "TopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic that you want to publish email events to. For more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) .", + "title": "TopicArn", "type": "string" } }, "required": [ - "Mode" + "TopicArn" ], "type": "object" }, - "AWS::QuickSight::Dashboard.VisibleRangeOptions": { - "additionalProperties": false, - "properties": { - "PercentRange": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PercentVisibleRange", - "markdownDescription": "The percent range in the visible range.", - "title": "PercentRange" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.Visual": { + "AWS::PinpointEmail::DedicatedIpPool": { "additionalProperties": false, "properties": { - "BarChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BarChartVisual", - "markdownDescription": "A bar chart.\n\nFor more information, see [Using bar charts](https://docs.aws.amazon.com/quicksight/latest/user/bar-charts.html) in the *Amazon QuickSight User Guide* .", - "title": "BarChartVisual" - }, - "BoxPlotVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotVisual", - "markdownDescription": "A box plot.\n\nFor more information, see [Using box plots](https://docs.aws.amazon.com/quicksight/latest/user/box-plots.html) in the *Amazon QuickSight User Guide* .", - "title": "BoxPlotVisual" - }, - "ComboChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComboChartVisual", - "markdownDescription": "A combo chart.\n\nFor more information, see [Using combo charts](https://docs.aws.amazon.com/quicksight/latest/user/combo-charts.html) in the *Amazon QuickSight User Guide* .", - "title": "ComboChartVisual" - }, - "CustomContentVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomContentVisual", - "markdownDescription": "A visual that contains custom content.\n\nFor more information, see [Using custom visual content](https://docs.aws.amazon.com/quicksight/latest/user/custom-visual-content.html) in the *Amazon QuickSight User Guide* .", - "title": "CustomContentVisual" - }, - "EmptyVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.EmptyVisual", - "markdownDescription": "An empty visual.", - "title": "EmptyVisual" - }, - "FilledMapVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapVisual", - "markdownDescription": "A filled map.\n\nFor more information, see [Creating filled maps](https://docs.aws.amazon.com/quicksight/latest/user/filled-maps.html) in the *Amazon QuickSight User Guide* .", - "title": "FilledMapVisual" - }, - "FunnelChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FunnelChartVisual", - "markdownDescription": "A funnel chart.\n\nFor more information, see [Using funnel charts](https://docs.aws.amazon.com/quicksight/latest/user/funnel-visual-content.html) in the *Amazon QuickSight User Guide* .", - "title": "FunnelChartVisual" - }, - "GaugeChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartVisual", - "markdownDescription": "A gauge chart.\n\nFor more information, see [Using gauge charts](https://docs.aws.amazon.com/quicksight/latest/user/gauge-chart.html) in the *Amazon QuickSight User Guide* .", - "title": "GaugeChartVisual" - }, - "GeospatialMapVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapVisual", - "markdownDescription": "A geospatial map or a points on map visual.\n\nFor more information, see [Creating point maps](https://docs.aws.amazon.com/quicksight/latest/user/point-maps.html) in the *Amazon QuickSight User Guide* .", - "title": "GeospatialMapVisual" - }, - "HeatMapVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeatMapVisual", - "markdownDescription": "A heat map.\n\nFor more information, see [Using heat maps](https://docs.aws.amazon.com/quicksight/latest/user/heat-map.html) in the *Amazon QuickSight User Guide* .", - "title": "HeatMapVisual" - }, - "HistogramVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.HistogramVisual", - "markdownDescription": "A histogram.\n\nFor more information, see [Using histograms](https://docs.aws.amazon.com/quicksight/latest/user/histogram-charts.html) in the *Amazon QuickSight User Guide* .", - "title": "HistogramVisual" - }, - "InsightVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.InsightVisual", - "markdownDescription": "An insight visual.\n\nFor more information, see [Working with insights](https://docs.aws.amazon.com/quicksight/latest/user/computational-insights.html) in the *Amazon QuickSight User Guide* .", - "title": "InsightVisual" - }, - "KPIVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIVisual", - "markdownDescription": "A key performance indicator (KPI).\n\nFor more information, see [Using KPIs](https://docs.aws.amazon.com/quicksight/latest/user/kpi.html) in the *Amazon QuickSight User Guide* .", - "title": "KPIVisual" - }, - "LineChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartVisual", - "markdownDescription": "A line chart.\n\nFor more information, see [Using line charts](https://docs.aws.amazon.com/quicksight/latest/user/line-charts.html) in the *Amazon QuickSight User Guide* .", - "title": "LineChartVisual" - }, - "PieChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PieChartVisual", - "markdownDescription": "A pie or donut chart.\n\nFor more information, see [Using pie charts](https://docs.aws.amazon.com/quicksight/latest/user/pie-chart.html) in the *Amazon QuickSight User Guide* .", - "title": "PieChartVisual" - }, - "PivotTableVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableVisual", - "markdownDescription": "A pivot table.\n\nFor more information, see [Using pivot tables](https://docs.aws.amazon.com/quicksight/latest/user/pivot-table.html) in the *Amazon QuickSight User Guide* .", - "title": "PivotTableVisual" - }, - "RadarChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartVisual", - "markdownDescription": "A radar chart visual.\n\nFor more information, see [Using radar charts](https://docs.aws.amazon.com/quicksight/latest/user/radar-chart.html) in the *Amazon QuickSight User Guide* .", - "title": "RadarChartVisual" + "Condition": { + "type": "string" }, - "SankeyDiagramVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SankeyDiagramVisual", - "markdownDescription": "A sankey diagram.\n\nFor more information, see [Using Sankey diagrams](https://docs.aws.amazon.com/quicksight/latest/user/sankey-diagram.html) in the *Amazon QuickSight User Guide* .", - "title": "SankeyDiagramVisual" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ScatterPlotVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScatterPlotVisual", - "markdownDescription": "A scatter plot.\n\nFor more information, see [Using scatter plots](https://docs.aws.amazon.com/quicksight/latest/user/scatter-plot.html) in the *Amazon QuickSight User Guide* .", - "title": "ScatterPlotVisual" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "TableVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableVisual", - "markdownDescription": "A table visual.\n\nFor more information, see [Using tables as visuals](https://docs.aws.amazon.com/quicksight/latest/user/tabular.html) in the *Amazon QuickSight User Guide* .", - "title": "TableVisual" + "Metadata": { + "type": "object" }, - "TreeMapVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TreeMapVisual", - "markdownDescription": "A tree map.\n\nFor more information, see [Using tree maps](https://docs.aws.amazon.com/quicksight/latest/user/tree-map.html) in the *Amazon QuickSight User Guide* .", - "title": "TreeMapVisual" + "Properties": { + "additionalProperties": false, + "properties": { + "PoolName": { + "markdownDescription": "The name of the dedicated IP pool.", + "title": "PoolName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::PinpointEmail::DedicatedIpPool.Tags" + }, + "markdownDescription": "An object that defines the tags (keys and values) that you want to associate with the dedicated IP pool.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" }, - "WaterfallVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallVisual", - "markdownDescription": "A waterfall chart.\n\nFor more information, see [Using waterfall charts](https://docs.aws.amazon.com/quicksight/latest/user/waterfall-chart.html) in the *Amazon QuickSight User Guide* .", - "title": "WaterfallVisual" + "Type": { + "enum": [ + "AWS::PinpointEmail::DedicatedIpPool" + ], + "type": "string" }, - "WordCloudVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WordCloudVisual", - "markdownDescription": "A word cloud.\n\nFor more information, see [Using word clouds](https://docs.aws.amazon.com/quicksight/latest/user/word-cloud.html) in the *Amazon QuickSight User Guide* .", - "title": "WordCloudVisual" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.VisualAxisSortOption": { + "AWS::PinpointEmail::DedicatedIpPool.Tags": { "additionalProperties": false, "properties": { - "AvailabilityStatus": { - "markdownDescription": "The availaiblity status of a visual's axis sort options.", - "title": "AvailabilityStatus", + "Key": { + "markdownDescription": "One part of a key-value pair that defines a tag. The maximum length of a tag key is 128 characters. The minimum length is 1 character.\n\nIf you specify tags for the dedicated IP pool, then this value is required.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The optional part of a key-value pair that defines a tag. The maximum length of a tag value is 256 characters. The minimum length is 0 characters. If you don\u2019t want a resource to have a specific tag value, don\u2019t specify a value for this parameter. Amazon Pinpoint will set the value to an empty string.", + "title": "Value", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.VisualCustomAction": { + "AWS::PinpointEmail::Identity": { "additionalProperties": false, "properties": { - "ActionOperations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomActionOperation" - }, - "markdownDescription": "A list of `VisualCustomActionOperations` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", - "title": "ActionOperations", - "type": "array" - }, - "CustomActionId": { - "markdownDescription": "The ID of the `VisualCustomAction` .", - "title": "CustomActionId", + "Condition": { "type": "string" }, - "Name": { - "markdownDescription": "The name of the `VisualCustomAction` .", - "title": "Name", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Status": { - "markdownDescription": "The status of the `VisualCustomAction` .", - "title": "Status", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DkimSigningEnabled": { + "markdownDescription": "For domain identities, this attribute is used to enable or disable DomainKeys Identified Mail (DKIM) signing for the domain.\n\nIf the value is `true` , then the messages that you send from the domain are signed using both the DKIM keys for your domain, as well as the keys for the `amazonses.com` domain. If the value is `false` , then the messages that you send are only signed using the DKIM keys for the `amazonses.com` domain.", + "title": "DkimSigningEnabled", + "type": "boolean" + }, + "FeedbackForwardingEnabled": { + "markdownDescription": "Used to enable or disable feedback forwarding for an identity. This setting determines what happens when an identity is used to send an email that results in a bounce or complaint event.\n\nWhen you enable feedback forwarding, Amazon Pinpoint sends you email notifications when bounce or complaint events occur. Amazon Pinpoint sends this notification to the address that you specified in the Return-Path header of the original email.\n\nWhen you disable feedback forwarding, Amazon Pinpoint sends notifications through other mechanisms, such as by notifying an Amazon SNS topic. You're required to have a method of tracking bounces and complaints. If you haven't set up another mechanism for receiving bounce or complaint notifications, Amazon Pinpoint sends an email notification when these events occur (even if this setting is disabled).", + "title": "FeedbackForwardingEnabled", + "type": "boolean" + }, + "MailFromAttributes": { + "$ref": "#/definitions/AWS::PinpointEmail::Identity.MailFromAttributes", + "markdownDescription": "Used to enable or disable the custom Mail-From domain configuration for an email identity.", + "title": "MailFromAttributes" + }, + "Name": { + "markdownDescription": "The address or domain of the identity, such as *sender@example.com* or *example.co.uk* .", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::PinpointEmail::Identity.Tags" + }, + "markdownDescription": "An object that defines the tags (keys and values) that you want to associate with the email identity.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::PinpointEmail::Identity" + ], "type": "string" }, - "Trigger": { - "markdownDescription": "The trigger of the `VisualCustomAction` .\n\nValid values are defined as follows:\n\n- `DATA_POINT_CLICK` : Initiates a custom action by a left pointer click on a data point.\n- `DATA_POINT_MENU` : Initiates a custom action by right pointer click from the menu.", - "title": "Trigger", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ActionOperations", - "CustomActionId", - "Name", - "Trigger" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.VisualCustomActionOperation": { + "AWS::PinpointEmail::Identity.MailFromAttributes": { "additionalProperties": false, "properties": { - "FilterOperation": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionFilterOperation", - "markdownDescription": "The filter operation that filters data included in a visual or in an entire sheet.", - "title": "FilterOperation" - }, - "NavigationOperation": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionNavigationOperation", - "markdownDescription": "The navigation operation that navigates between different sheets in the same analysis.", - "title": "NavigationOperation" - }, - "SetParametersOperation": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionSetParametersOperation", - "markdownDescription": "The set parameter operation that sets parameters in custom action.", - "title": "SetParametersOperation" + "BehaviorOnMxFailure": { + "markdownDescription": "The action that Amazon Pinpoint to takes if it can't read the required MX record for a custom MAIL FROM domain. When you set this value to `UseDefaultValue` , Amazon Pinpoint uses *amazonses.com* as the MAIL FROM domain. When you set this value to `RejectMessage` , Amazon Pinpoint returns a `MailFromDomainNotVerified` error, and doesn't attempt to deliver the email.\n\nThese behaviors are taken when the custom MAIL FROM domain configuration is in the `Pending` , `Failed` , and `TemporaryFailure` states.", + "title": "BehaviorOnMxFailure", + "type": "string" }, - "URLOperation": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionURLOperation", - "markdownDescription": "The URL operation that opens a link to another webpage.", - "title": "URLOperation" + "MailFromDomain": { + "markdownDescription": "The name of a domain that an email identity uses as a custom MAIL FROM domain.", + "title": "MailFromDomain", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.VisualMenuOption": { + "AWS::PinpointEmail::Identity.Tags": { "additionalProperties": false, "properties": { - "AvailabilityStatus": { - "markdownDescription": "The availaiblity status of a visual's menu options.", - "title": "AvailabilityStatus", + "Key": { + "markdownDescription": "One part of a key-value pair that defines a tag. The maximum length of a tag key is 128 characters. The minimum length is 1 character.\n\nIf you specify tags for the identity, then this value is required.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The optional part of a key-value pair that defines a tag. The maximum length of a tag value is 256 characters. The minimum length is 0 characters. If you don\u2019t want a resource to have a specific tag value, don\u2019t specify a value for this parameter. Amazon Pinpoint will set the value to an empty string.", + "title": "Value", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.VisualPalette": { + "AWS::Pipes::Pipe": { "additionalProperties": false, "properties": { - "ChartColor": { - "markdownDescription": "The chart color options for the visual palette.", - "title": "ChartColor", + "Condition": { "type": "string" }, - "ColorMap": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathColor" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the pipe.", + "title": "Description", + "type": "string" + }, + "DesiredState": { + "markdownDescription": "The state the pipe should be in.", + "title": "DesiredState", + "type": "string" + }, + "Enrichment": { + "markdownDescription": "The ARN of the enrichment resource.", + "title": "Enrichment", + "type": "string" + }, + "EnrichmentParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeEnrichmentParameters", + "markdownDescription": "The parameters required to set up enrichment on your pipe.", + "title": "EnrichmentParameters" + }, + "KmsKeyIdentifier": { + "markdownDescription": "The identifier of the AWS KMS customer managed key for EventBridge to use, if you choose to use a customer managed key to encrypt pipe data. The identifier can be the key Amazon Resource Name (ARN), KeyId, key alias, or key alias ARN.\n\nTo update a pipe that is using the default AWS owned key to use a customer managed key instead, or update a pipe that is using a customer managed key to use a different customer managed key, specify a customer managed key identifier.\n\nTo update a pipe that is using a customer managed key to use the default AWS owned key , specify an empty string.\n\nFor more information, see [Managing keys](https://docs.aws.amazon.com/kms/latest/developerguide/getting-started.html) in the *AWS Key Management Service Developer Guide* .", + "title": "KmsKeyIdentifier", + "type": "string" + }, + "LogConfiguration": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeLogConfiguration", + "markdownDescription": "The logging configuration settings for the pipe.", + "title": "LogConfiguration" + }, + "Name": { + "markdownDescription": "The name of the pipe.", + "title": "Name", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the role that allows the pipe to send data to the target.", + "title": "RoleArn", + "type": "string" + }, + "Source": { + "markdownDescription": "The ARN of the source resource.", + "title": "Source", + "type": "string" + }, + "SourceParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceParameters", + "markdownDescription": "The parameters required to set up a source for your pipe.", + "title": "SourceParameters" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The list of key-value pairs to associate with the pipe.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "Target": { + "markdownDescription": "The ARN of the target resource.", + "title": "Target", + "type": "string" + }, + "TargetParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetParameters", + "markdownDescription": "The parameters required to set up a target for your pipe.\n\nFor more information about pipe target parameters, including how to use dynamic path parameters, see [Target parameters](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes-event-target.html) in the *Amazon EventBridge User Guide* .", + "title": "TargetParameters" + } }, - "markdownDescription": "The color map options for the visual palette.", - "title": "ColorMap", - "type": "array" + "required": [ + "RoleArn", + "Source", + "Target" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Pipes::Pipe" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions": { + "AWS::Pipes::Pipe.AwsVpcConfiguration": { "additionalProperties": false, "properties": { - "FormatText": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LongFormatText", - "markdownDescription": "The long text format of the subtitle label, such as plain text or rich text.", - "title": "FormatText" - }, - "Visibility": { - "markdownDescription": "The visibility of the subtitle label.", - "title": "Visibility", + "AssignPublicIp": { + "markdownDescription": "Specifies whether the task's elastic network interface receives a public IP address. You can specify `ENABLED` only when `LaunchType` in `EcsParameters` is set to `FARGATE` .", + "title": "AssignPublicIp", "type": "string" + }, + "SecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the security groups associated with the task. These security groups must all be in the same VPC. You can specify as many as five security groups. If you do not specify a security group, the default security group for the VPC is used.", + "title": "SecurityGroups", + "type": "array" + }, + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the subnets associated with the task. These subnets must all be in the same VPC. You can specify as many as 16 subnets.", + "title": "Subnets", + "type": "array" } }, + "required": [ + "Subnets" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.VisualTitleLabelOptions": { + "AWS::Pipes::Pipe.BatchArrayProperties": { "additionalProperties": false, "properties": { - "FormatText": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ShortFormatText", - "markdownDescription": "The short text format of the title label, such as plain text or rich text.", - "title": "FormatText" - }, - "Visibility": { - "markdownDescription": "The visibility of the title label.", - "title": "Visibility", - "type": "string" + "Size": { + "markdownDescription": "The size of the array, if this is an array batch job.", + "title": "Size", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.WaterfallChartAggregatedFieldWells": { + "AWS::Pipes::Pipe.BatchContainerOverrides": { "additionalProperties": false, "properties": { - "Breakdowns": { + "Command": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + "type": "string" }, - "markdownDescription": "The breakdown field wells of a waterfall visual.", - "title": "Breakdowns", + "markdownDescription": "The command to send to the container that overrides the default command from the Docker image or the task definition.", + "title": "Command", "type": "array" }, - "Categories": { + "Environment": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + "$ref": "#/definitions/AWS::Pipes::Pipe.BatchEnvironmentVariable" }, - "markdownDescription": "The category field wells of a waterfall visual.", - "title": "Categories", + "markdownDescription": "The environment variables to send to the container. You can add new environment variables, which are added to the container at launch, or you can override the existing environment variables from the Docker image or the task definition.\n\n> Environment variables cannot start with \" `AWS Batch` \". This naming convention is reserved for variables that AWS Batch sets.", + "title": "Environment", "type": "array" }, - "Values": { + "InstanceType": { + "markdownDescription": "The instance type to use for a multi-node parallel job.\n\n> This parameter isn't applicable to single-node container jobs or jobs that run on Fargate resources, and shouldn't be provided.", + "title": "InstanceType", + "type": "string" + }, + "ResourceRequirements": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + "$ref": "#/definitions/AWS::Pipes::Pipe.BatchResourceRequirement" }, - "markdownDescription": "The value field wells of a waterfall visual.", - "title": "Values", + "markdownDescription": "The type and amount of resources to assign to a container. This overrides the settings in the job definition. The supported resources include `GPU` , `MEMORY` , and `VCPU` .", + "title": "ResourceRequirements", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.WaterfallChartConfiguration": { + "AWS::Pipes::Pipe.BatchEnvironmentVariable": { "additionalProperties": false, "properties": { - "CategoryAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the category axis.", - "title": "CategoryAxisDisplayOptions" - }, - "CategoryAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the category axis label.", - "title": "CategoryAxisLabelOptions" - }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", - "markdownDescription": "The data label configuration of a waterfall visual.", - "title": "DataLabels" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallChartFieldWells", - "markdownDescription": "The field well configuration of a waterfall visual.", - "title": "FieldWells" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", - "markdownDescription": "The legend configuration of a waterfall visual.", - "title": "Legend" - }, - "PrimaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the y-axis.", - "title": "PrimaryYAxisDisplayOptions" - }, - "PrimaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the y-axis label.", - "title": "PrimaryYAxisLabelOptions" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallChartSortConfiguration", - "markdownDescription": "The sort configuration of a waterfall visual.", - "title": "SortConfiguration" - }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", - "markdownDescription": "The visual palette configuration of a waterfall visual.", - "title": "VisualPalette" + "Name": { + "markdownDescription": "The name of the key-value pair. For environment variables, this is the name of the environment variable.", + "title": "Name", + "type": "string" }, - "WaterfallChartOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallChartOptions", - "markdownDescription": "The options that determine the presentation of a waterfall visual.", - "title": "WaterfallChartOptions" + "Value": { + "markdownDescription": "The value of the key-value pair. For environment variables, this is the value of the environment variable.", + "title": "Value", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.WaterfallChartFieldWells": { + "AWS::Pipes::Pipe.BatchJobDependency": { "additionalProperties": false, "properties": { - "WaterfallChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallChartAggregatedFieldWells", - "markdownDescription": "The field well configuration of a waterfall visual.", - "title": "WaterfallChartAggregatedFieldWells" + "JobId": { + "markdownDescription": "The job ID of the AWS Batch job that's associated with this dependency.", + "title": "JobId", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the job dependency.", + "title": "Type", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.WaterfallChartOptions": { + "AWS::Pipes::Pipe.BatchResourceRequirement": { "additionalProperties": false, "properties": { - "TotalBarLabel": { - "markdownDescription": "This option determines the total bar label of a waterfall visual.", - "title": "TotalBarLabel", + "Type": { + "markdownDescription": "The type of resource to assign to a container. The supported resources include `GPU` , `MEMORY` , and `VCPU` .", + "title": "Type", + "type": "string" + }, + "Value": { + "markdownDescription": "The quantity of the specified resource to reserve for the container. The values vary based on the `type` specified.\n\n- **type=\"GPU\"** - The number of physical GPUs to reserve for the container. Make sure that the number of GPUs reserved for all containers in a job doesn't exceed the number of available GPUs on the compute resource that the job is launched on.\n\n> GPUs aren't available for jobs that are running on Fargate resources.\n- **type=\"MEMORY\"** - The memory hard limit (in MiB) present to the container. This parameter is supported for jobs that are running on EC2 resources. If your container attempts to exceed the memory specified, the container is terminated. This parameter maps to `Memory` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--memory` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . You must specify at least 4 MiB of memory for a job. This is required but can be specified in several places for multi-node parallel (MNP) jobs. It must be specified for each node at least once. This parameter maps to `Memory` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--memory` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) .\n\n> If you're trying to maximize your resource utilization by providing your jobs as much memory as possible for a particular instance type, see [Memory management](https://docs.aws.amazon.com/batch/latest/userguide/memory-management.html) in the *AWS Batch User Guide* . \n\nFor jobs that are running on Fargate resources, then `value` is the hard limit (in MiB), and must match one of the supported values and the `VCPU` values must be one of the values supported for that memory value.\n\n- **value = 512** - `VCPU` = 0.25\n- **value = 1024** - `VCPU` = 0.25 or 0.5\n- **value = 2048** - `VCPU` = 0.25, 0.5, or 1\n- **value = 3072** - `VCPU` = 0.5, or 1\n- **value = 4096** - `VCPU` = 0.5, 1, or 2\n- **value = 5120, 6144, or 7168** - `VCPU` = 1 or 2\n- **value = 8192** - `VCPU` = 1, 2, 4, or 8\n- **value = 9216, 10240, 11264, 12288, 13312, 14336, or 15360** - `VCPU` = 2 or 4\n- **value = 16384** - `VCPU` = 2, 4, or 8\n- **value = 17408, 18432, 19456, 21504, 22528, 23552, 25600, 26624, 27648, 29696, or 30720** - `VCPU` = 4\n- **value = 20480, 24576, or 28672** - `VCPU` = 4 or 8\n- **value = 36864, 45056, 53248, or 61440** - `VCPU` = 8\n- **value = 32768, 40960, 49152, or 57344** - `VCPU` = 8 or 16\n- **value = 65536, 73728, 81920, 90112, 98304, 106496, 114688, or 122880** - `VCPU` = 16\n- **type=\"VCPU\"** - The number of vCPUs reserved for the container. This parameter maps to `CpuShares` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--cpu-shares` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . Each vCPU is equivalent to 1,024 CPU shares. For EC2 resources, you must specify at least one vCPU. This is required but can be specified in several places; it must be specified for each node at least once.\n\nThe default for the Fargate On-Demand vCPU resource count quota is 6 vCPUs. For more information about Fargate quotas, see [AWS Fargate quotas](https://docs.aws.amazon.com/general/latest/gr/ecs-service.html#service-quotas-fargate) in the *AWS General Reference* .\n\nFor jobs that are running on Fargate resources, then `value` must match one of the supported values and the `MEMORY` values must be one of the values supported for that `VCPU` value. The supported values are 0.25, 0.5, 1, 2, 4, 8, and 16\n\n- **value = 0.25** - `MEMORY` = 512, 1024, or 2048\n- **value = 0.5** - `MEMORY` = 1024, 2048, 3072, or 4096\n- **value = 1** - `MEMORY` = 2048, 3072, 4096, 5120, 6144, 7168, or 8192\n- **value = 2** - `MEMORY` = 4096, 5120, 6144, 7168, 8192, 9216, 10240, 11264, 12288, 13312, 14336, 15360, or 16384\n- **value = 4** - `MEMORY` = 8192, 9216, 10240, 11264, 12288, 13312, 14336, 15360, 16384, 17408, 18432, 19456, 20480, 21504, 22528, 23552, 24576, 25600, 26624, 27648, 28672, 29696, or 30720\n- **value = 8** - `MEMORY` = 16384, 20480, 24576, 28672, 32768, 36864, 40960, 45056, 49152, 53248, 57344, or 61440\n- **value = 16** - `MEMORY` = 32768, 40960, 49152, 57344, 65536, 73728, 81920, 90112, 98304, 106496, 114688, or 122880", + "title": "Value", "type": "string" } }, + "required": [ + "Type", + "Value" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.WaterfallChartSortConfiguration": { + "AWS::Pipes::Pipe.BatchRetryStrategy": { "additionalProperties": false, "properties": { - "BreakdownItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of bar groups that are displayed.", - "title": "BreakdownItemsLimit" - }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the category fields.", - "title": "CategorySort", - "type": "array" + "Attempts": { + "markdownDescription": "The number of times to move a job to the `RUNNABLE` status. If the value of `attempts` is greater than one, the job is retried on failure the same number of attempts as the value.", + "title": "Attempts", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.WaterfallVisual": { + "AWS::Pipes::Pipe.CapacityProviderStrategyItem": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallChartConfiguration", - "markdownDescription": "The configuration for a waterfall visual.", - "title": "ChartConfiguration" - }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Base": { + "markdownDescription": "The base value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined. If no value is specified, the default value of 0 is used.", + "title": "Base", + "type": "number" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "CapacityProvider": { + "markdownDescription": "The short name of the capacity provider.", + "title": "CapacityProvider", "type": "string" + }, + "Weight": { + "markdownDescription": "The weight value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The weight value is taken into consideration after the base value, if defined, is satisfied.", + "title": "Weight", + "type": "number" } }, "required": [ - "VisualId" + "CapacityProvider" ], "type": "object" }, - "AWS::QuickSight::Dashboard.WhatIfPointScenario": { + "AWS::Pipes::Pipe.CloudwatchLogsLogDestination": { "additionalProperties": false, "properties": { - "Date": { - "markdownDescription": "The date that you need the forecast results for.", - "title": "Date", + "LogGroupArn": { + "markdownDescription": "The AWS Resource Name (ARN) for the CloudWatch log group to which EventBridge sends the log records.", + "title": "LogGroupArn", "type": "string" - }, - "Value": { - "markdownDescription": "The target value that you want to meet for the provided date.", - "title": "Value", - "type": "number" } }, - "required": [ - "Date", - "Value" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.WhatIfRangeScenario": { + "AWS::Pipes::Pipe.DeadLetterConfig": { "additionalProperties": false, "properties": { - "EndDate": { - "markdownDescription": "The end date in the date range that you need the forecast results for.", - "title": "EndDate", - "type": "string" - }, - "StartDate": { - "markdownDescription": "The start date in the date range that you need the forecast results for.", - "title": "StartDate", + "Arn": { + "markdownDescription": "The ARN of the specified target for the dead-letter queue.\n\nFor Amazon Kinesis stream and Amazon DynamoDB stream sources, specify either an Amazon SNS topic or Amazon SQS queue ARN.", + "title": "Arn", "type": "string" - }, - "Value": { - "markdownDescription": "The target value that you want to meet for the provided date range.", - "title": "Value", - "type": "number" - } - }, - "required": [ - "EndDate", - "StartDate", - "Value" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.WordCloudAggregatedFieldWells": { - "additionalProperties": false, - "properties": { - "GroupBy": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The group by field well of a word cloud. Values are grouped by group by fields.", - "title": "GroupBy", - "type": "array" - }, - "Size": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The size field well of a word cloud. Values are aggregated based on group by fields.", - "title": "Size", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.WordCloudChartConfiguration": { - "additionalProperties": false, - "properties": { - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) for the word cloud category.", - "title": "CategoryLabelOptions" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WordCloudFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WordCloudSortConfiguration", - "markdownDescription": "The sort configuration of a word cloud visual.", - "title": "SortConfiguration" - }, - "WordCloudOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WordCloudOptions", - "markdownDescription": "The options for a word cloud visual.", - "title": "WordCloudOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.WordCloudFieldWells": { - "additionalProperties": false, - "properties": { - "WordCloudAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WordCloudAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a word cloud.", - "title": "WordCloudAggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.WordCloudOptions": { + "AWS::Pipes::Pipe.DimensionMapping": { "additionalProperties": false, "properties": { - "CloudLayout": { - "markdownDescription": "The cloud layout options (fluid, normal) of a word cloud.", - "title": "CloudLayout", - "type": "string" - }, - "MaximumStringLength": { - "markdownDescription": "The length limit of each word from 1-100.", - "title": "MaximumStringLength", - "type": "number" - }, - "WordCasing": { - "markdownDescription": "The word casing options (lower_case, existing_case) for the words in a word cloud.", - "title": "WordCasing", - "type": "string" - }, - "WordOrientation": { - "markdownDescription": "The word orientation options (horizontal, horizontal_and_vertical) for the words in a word cloud.", - "title": "WordOrientation", + "DimensionName": { + "markdownDescription": "The metadata attributes of the time series. For example, the name and Availability Zone of an Amazon EC2 instance or the name of the manufacturer of a wind turbine are dimensions.", + "title": "DimensionName", "type": "string" }, - "WordPadding": { - "markdownDescription": "The word padding options (none, small, medium, large) for the words in a word cloud.", - "title": "WordPadding", + "DimensionValue": { + "markdownDescription": "Dynamic path to the dimension value in the source event.", + "title": "DimensionValue", "type": "string" }, - "WordScaling": { - "markdownDescription": "The word scaling options (emphasize, normal) for the words in a word cloud.", - "title": "WordScaling", + "DimensionValueType": { + "markdownDescription": "The data type of the dimension for the time-series data.", + "title": "DimensionValueType", "type": "string" } }, + "required": [ + "DimensionName", + "DimensionValue", + "DimensionValueType" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.WordCloudSortConfiguration": { + "AWS::Pipes::Pipe.EcsContainerOverride": { "additionalProperties": false, "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of groups that are displayed in a word cloud.", - "title": "CategoryItemsLimit" - }, - "CategorySort": { + "Command": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + "type": "string" }, - "markdownDescription": "The sort configuration of group by fields.", - "title": "CategorySort", + "markdownDescription": "The command to send to the container that overrides the default command from the Docker image or the task definition. You must also specify a container name.", + "title": "Command", "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.WordCloudVisual": { - "additionalProperties": false, - "properties": { - "Actions": { + }, + "Cpu": { + "markdownDescription": "The number of `cpu` units reserved for the container, instead of the default value from the task definition. You must also specify a container name.", + "title": "Cpu", + "type": "number" + }, + "Environment": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + "$ref": "#/definitions/AWS::Pipes::Pipe.EcsEnvironmentVariable" }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", + "markdownDescription": "The environment variables to send to the container. You can add new environment variables, which are added to the container at launch, or you can override the existing environment variables from the Docker image or the task definition. You must also specify a container name.", + "title": "Environment", "type": "array" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WordCloudChartConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" - }, - "ColumnHierarchies": { + "EnvironmentFiles": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + "$ref": "#/definitions/AWS::Pipes::Pipe.EcsEnvironmentFile" }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", + "markdownDescription": "A list of files containing the environment variables to pass to a container, instead of the value from the container definition.", + "title": "EnvironmentFiles", "type": "array" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Memory": { + "markdownDescription": "The hard limit (in MiB) of memory to present to the container, instead of the default value from the task definition. If your container attempts to exceed the memory specified here, the container is killed. You must also specify a container name.", + "title": "Memory", + "type": "number" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "MemoryReservation": { + "markdownDescription": "The soft limit (in MiB) of memory to reserve for the container, instead of the default value from the task definition. You must also specify a container name.", + "title": "MemoryReservation", + "type": "number" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "Name": { + "markdownDescription": "The name of the container that receives the override. This parameter is required if any override is specified.", + "title": "Name", "type": "string" + }, + "ResourceRequirements": { + "items": { + "$ref": "#/definitions/AWS::Pipes::Pipe.EcsResourceRequirement" + }, + "markdownDescription": "The type and amount of a resource to assign to a container, instead of the default value from the task definition. The only supported resource is a GPU.", + "title": "ResourceRequirements", + "type": "array" } }, - "required": [ - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::DataSet": { + "AWS::Pipes::Pipe.EcsEnvironmentFile": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AwsAccountId": { - "markdownDescription": "The AWS account ID.", - "title": "AwsAccountId", - "type": "string" - }, - "ColumnGroups": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.ColumnGroup" - }, - "markdownDescription": "Groupings of columns that work together in certain Amazon QuickSight features. Currently, only geospatial hierarchy is supported.", - "title": "ColumnGroups", - "type": "array" - }, - "ColumnLevelPermissionRules": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.ColumnLevelPermissionRule" - }, - "markdownDescription": "A set of one or more definitions of a `ColumnLevelPermissionRule` .", - "title": "ColumnLevelPermissionRules", - "type": "array" - }, - "DataSetId": { - "markdownDescription": "An ID for the dataset that you want to create. This ID is unique per AWS Region for each AWS account.", - "title": "DataSetId", - "type": "string" - }, - "DataSetRefreshProperties": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.DataSetRefreshProperties", - "markdownDescription": "The refresh properties of a dataset.", - "title": "DataSetRefreshProperties" - }, - "DataSetUsageConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.DataSetUsageConfiguration", - "markdownDescription": "The usage configuration to apply to child datasets that reference this dataset as a source.", - "title": "DataSetUsageConfiguration" - }, - "DatasetParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.DatasetParameter" - }, - "markdownDescription": "The parameters that are declared in a dataset.", - "title": "DatasetParameters", - "type": "array" - }, - "FieldFolders": { - "additionalProperties": false, - "markdownDescription": "The folder that contains fields and nested subfolders for your dataset.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.FieldFolder" - } - }, - "title": "FieldFolders", - "type": "object" - }, - "ImportMode": { - "markdownDescription": "Indicates whether you want to import the data into SPICE.", - "title": "ImportMode", - "type": "string" - }, - "IngestionWaitPolicy": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.IngestionWaitPolicy", - "markdownDescription": "The wait policy to use when creating or updating a Dataset. The default is to wait for SPICE ingestion to finish with timeout of 36 hours.", - "title": "IngestionWaitPolicy" - }, - "LogicalTableMap": { - "additionalProperties": false, - "markdownDescription": "Configures the combination and transformation of the data from the physical tables.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.LogicalTable" - } - }, - "title": "LogicalTableMap", - "type": "object" - }, - "Name": { - "markdownDescription": "The display name for the dataset.", - "title": "Name", - "type": "string" - }, - "Permissions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.ResourcePermission" - }, - "markdownDescription": "A list of resource permissions on the dataset.", - "title": "Permissions", - "type": "array" - }, - "PhysicalTableMap": { - "additionalProperties": false, - "markdownDescription": "Declares the physical tables that are available in the underlying data sources.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.PhysicalTable" - } - }, - "title": "PhysicalTableMap", - "type": "object" - }, - "RowLevelPermissionDataSet": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.RowLevelPermissionDataSet", - "markdownDescription": "The row-level security configuration for the data that you want to create.", - "title": "RowLevelPermissionDataSet" - }, - "RowLevelPermissionTagConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.RowLevelPermissionTagConfiguration", - "markdownDescription": "The element you can use to define tags for row-level security.", - "title": "RowLevelPermissionTagConfiguration" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Contains a map of the key-value pairs for the resource tag or tags assigned to the dataset.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, "Type": { - "enum": [ - "AWS::QuickSight::DataSet" - ], + "markdownDescription": "The file type to use. The only supported value is `s3` .", + "title": "Type", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Value": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon S3 object containing the environment variable file.", + "title": "Value", "type": "string" } }, "required": [ - "Type" + "Type", + "Value" ], "type": "object" }, - "AWS::QuickSight::DataSet.CalculatedColumn": { + "AWS::Pipes::Pipe.EcsEnvironmentVariable": { "additionalProperties": false, "properties": { - "ColumnId": { - "markdownDescription": "A unique ID to identify a calculated column. During a dataset update, if the column ID of a calculated column matches that of an existing calculated column, Amazon QuickSight preserves the existing calculated column.", - "title": "ColumnId", - "type": "string" - }, - "ColumnName": { - "markdownDescription": "Column name.", - "title": "ColumnName", + "Name": { + "markdownDescription": "The name of the key-value pair. For environment variables, this is the name of the environment variable.", + "title": "Name", "type": "string" }, - "Expression": { - "markdownDescription": "An expression that defines the calculated column.", - "title": "Expression", + "Value": { + "markdownDescription": "The value of the key-value pair. For environment variables, this is the value of the environment variable.", + "title": "Value", "type": "string" } }, - "required": [ - "ColumnId", - "ColumnName", - "Expression" - ], "type": "object" }, - "AWS::QuickSight::DataSet.CastColumnTypeOperation": { + "AWS::Pipes::Pipe.EcsEphemeralStorage": { "additionalProperties": false, "properties": { - "ColumnName": { - "markdownDescription": "Column name.", - "title": "ColumnName", - "type": "string" - }, - "Format": { - "markdownDescription": "When casting a column from string to datetime type, you can supply a string in a format supported by Amazon QuickSight to denote the source data format.", - "title": "Format", - "type": "string" - }, - "NewColumnType": { - "markdownDescription": "New column data type.", - "title": "NewColumnType", - "type": "string" - }, - "SubType": { - "markdownDescription": "The sub data type of the new column. Sub types are only available for decimal columns that are part of a SPICE dataset.", - "title": "SubType", - "type": "string" + "SizeInGiB": { + "markdownDescription": "The total amount, in GiB, of ephemeral storage to set for the task. The minimum supported value is `21` GiB and the maximum supported value is `200` GiB.", + "title": "SizeInGiB", + "type": "number" } }, "required": [ - "ColumnName", - "NewColumnType" + "SizeInGiB" ], "type": "object" }, - "AWS::QuickSight::DataSet.ColumnDescription": { + "AWS::Pipes::Pipe.EcsInferenceAcceleratorOverride": { "additionalProperties": false, "properties": { - "Text": { - "markdownDescription": "The text of a description for a column.", - "title": "Text", + "DeviceName": { + "markdownDescription": "The Elastic Inference accelerator device name to override for the task. This parameter must match a `deviceName` specified in the task definition.", + "title": "DeviceName", + "type": "string" + }, + "DeviceType": { + "markdownDescription": "The Elastic Inference accelerator type to use.", + "title": "DeviceType", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::DataSet.ColumnGroup": { + "AWS::Pipes::Pipe.EcsResourceRequirement": { "additionalProperties": false, "properties": { - "GeoSpatialColumnGroup": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.GeoSpatialColumnGroup", - "markdownDescription": "Geospatial column group that denotes a hierarchy.", - "title": "GeoSpatialColumnGroup" + "Type": { + "markdownDescription": "The type of resource to assign to a container. The supported values are `GPU` or `InferenceAccelerator` .", + "title": "Type", + "type": "string" + }, + "Value": { + "markdownDescription": "The value for the specified resource type.\n\nIf the `GPU` type is used, the value is the number of physical `GPUs` the Amazon ECS container agent reserves for the container. The number of GPUs that's reserved for all containers in a task can't exceed the number of available GPUs on the container instance that the task is launched on.\n\nIf the `InferenceAccelerator` type is used, the `value` matches the `deviceName` for an InferenceAccelerator specified in a task definition.", + "title": "Value", + "type": "string" } }, + "required": [ + "Type", + "Value" + ], "type": "object" }, - "AWS::QuickSight::DataSet.ColumnLevelPermissionRule": { + "AWS::Pipes::Pipe.EcsTaskOverride": { "additionalProperties": false, "properties": { - "ColumnNames": { + "ContainerOverrides": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Pipes::Pipe.EcsContainerOverride" }, - "markdownDescription": "An array of column names.", - "title": "ColumnNames", + "markdownDescription": "One or more container overrides that are sent to a task.", + "title": "ContainerOverrides", "type": "array" }, - "Principals": { + "Cpu": { + "markdownDescription": "The cpu override for the task.", + "title": "Cpu", + "type": "string" + }, + "EphemeralStorage": { + "$ref": "#/definitions/AWS::Pipes::Pipe.EcsEphemeralStorage", + "markdownDescription": "The ephemeral storage setting override for the task.\n\n> This parameter is only supported for tasks hosted on Fargate that use the following platform versions:\n> \n> - Linux platform version `1.4.0` or later.\n> - Windows platform version `1.0.0` or later.", + "title": "EphemeralStorage" + }, + "ExecutionRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the task execution IAM role override for the task. For more information, see [Amazon ECS task execution IAM role](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_execution_IAM_role.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "ExecutionRoleArn", + "type": "string" + }, + "InferenceAcceleratorOverrides": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Pipes::Pipe.EcsInferenceAcceleratorOverride" }, - "markdownDescription": "An array of Amazon Resource Names (ARNs) for QuickSight users or groups.", - "title": "Principals", + "markdownDescription": "The Elastic Inference accelerator override for the task.", + "title": "InferenceAcceleratorOverrides", "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::DataSet.ColumnTag": { - "additionalProperties": false, - "properties": { - "ColumnDescription": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.ColumnDescription", - "markdownDescription": "A description for a column.", - "title": "ColumnDescription" }, - "ColumnGeographicRole": { - "markdownDescription": "A geospatial role for a column.", - "title": "ColumnGeographicRole", + "Memory": { + "markdownDescription": "The memory override for the task.", + "title": "Memory", + "type": "string" + }, + "TaskRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that containers in this task can assume. All containers in this task are granted the permissions that are specified in this role. For more information, see [IAM Role for Tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-iam-roles.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "TaskRoleArn", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::DataSet.CreateColumnsOperation": { + "AWS::Pipes::Pipe.Filter": { "additionalProperties": false, "properties": { - "Columns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.CalculatedColumn" - }, - "markdownDescription": "Calculated columns to create.", - "title": "Columns", - "type": "array" + "Pattern": { + "markdownDescription": "The event pattern.", + "title": "Pattern", + "type": "string" } }, - "required": [ - "Columns" - ], "type": "object" }, - "AWS::QuickSight::DataSet.CustomSql": { + "AWS::Pipes::Pipe.FilterCriteria": { "additionalProperties": false, "properties": { - "Columns": { + "Filters": { "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.InputColumn" + "$ref": "#/definitions/AWS::Pipes::Pipe.Filter" }, - "markdownDescription": "The column schema from the SQL query result set.", - "title": "Columns", + "markdownDescription": "The event patterns.", + "title": "Filters", "type": "array" - }, - "DataSourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the data source.", - "title": "DataSourceArn", - "type": "string" - }, - "Name": { - "markdownDescription": "A display name for the SQL query result.", - "title": "Name", - "type": "string" - }, - "SqlQuery": { - "markdownDescription": "The SQL query.", - "title": "SqlQuery", - "type": "string" } }, - "required": [ - "Columns", - "DataSourceArn", - "Name", - "SqlQuery" - ], "type": "object" }, - "AWS::QuickSight::DataSet.DataSetRefreshProperties": { + "AWS::Pipes::Pipe.FirehoseLogDestination": { "additionalProperties": false, "properties": { - "RefreshConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.RefreshConfiguration", - "markdownDescription": "The refresh configuration for a dataset.", - "title": "RefreshConfiguration" + "DeliveryStreamArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Firehose delivery stream to which EventBridge delivers the pipe log records.", + "title": "DeliveryStreamArn", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::DataSet.DataSetUsageConfiguration": { + "AWS::Pipes::Pipe.MQBrokerAccessCredentials": { "additionalProperties": false, "properties": { - "DisableUseAsDirectQuerySource": { - "markdownDescription": "An option that controls whether a child dataset of a direct query can use this dataset as a source.", - "title": "DisableUseAsDirectQuerySource", - "type": "boolean" - }, - "DisableUseAsImportedSource": { - "markdownDescription": "An option that controls whether a child dataset that's stored in QuickSight can use this dataset as a source.", - "title": "DisableUseAsImportedSource", - "type": "boolean" + "BasicAuth": { + "markdownDescription": "The ARN of the Secrets Manager secret.", + "title": "BasicAuth", + "type": "string" } }, + "required": [ + "BasicAuth" + ], "type": "object" }, - "AWS::QuickSight::DataSet.DatasetParameter": { + "AWS::Pipes::Pipe.MSKAccessCredentials": { "additionalProperties": false, "properties": { - "DateTimeDatasetParameter": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.DateTimeDatasetParameter", - "markdownDescription": "A date time parameter that is created in the dataset.", - "title": "DateTimeDatasetParameter" - }, - "DecimalDatasetParameter": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.DecimalDatasetParameter", - "markdownDescription": "A decimal parameter that is created in the dataset.", - "title": "DecimalDatasetParameter" - }, - "IntegerDatasetParameter": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.IntegerDatasetParameter", - "markdownDescription": "An integer parameter that is created in the dataset.", - "title": "IntegerDatasetParameter" + "ClientCertificateTlsAuth": { + "markdownDescription": "The ARN of the Secrets Manager secret.", + "title": "ClientCertificateTlsAuth", + "type": "string" }, - "StringDatasetParameter": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.StringDatasetParameter", - "markdownDescription": "A string parameter that is created in the dataset.", - "title": "StringDatasetParameter" + "SaslScram512Auth": { + "markdownDescription": "The ARN of the Secrets Manager secret.", + "title": "SaslScram512Auth", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::DataSet.DateTimeDatasetParameter": { + "AWS::Pipes::Pipe.MultiMeasureAttributeMapping": { "additionalProperties": false, "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.DateTimeDatasetParameterDefaultValues", - "markdownDescription": "A list of default values for a given date time parameter. This structure only accepts static values.", - "title": "DefaultValues" - }, - "Id": { - "markdownDescription": "An identifier for the parameter that is created in the dataset.", - "title": "Id", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the date time parameter that is created in the dataset.", - "title": "Name", + "MeasureValue": { + "markdownDescription": "Dynamic path to the measurement attribute in the source event.", + "title": "MeasureValue", "type": "string" }, - "TimeGranularity": { - "markdownDescription": "The time granularity of the date time parameter.", - "title": "TimeGranularity", + "MeasureValueType": { + "markdownDescription": "Data type of the measurement attribute in the source event.", + "title": "MeasureValueType", "type": "string" }, - "ValueType": { - "markdownDescription": "The value type of the dataset parameter. Valid values are `single value` or `multi value` .", - "title": "ValueType", + "MultiMeasureAttributeName": { + "markdownDescription": "Target measure name to be used.", + "title": "MultiMeasureAttributeName", "type": "string" } }, "required": [ - "Id", - "Name", - "ValueType" + "MeasureValue", + "MeasureValueType", + "MultiMeasureAttributeName" ], "type": "object" }, - "AWS::QuickSight::DataSet.DateTimeDatasetParameterDefaultValues": { + "AWS::Pipes::Pipe.MultiMeasureMapping": { "additionalProperties": false, "properties": { - "StaticValues": { + "MultiMeasureAttributeMappings": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Pipes::Pipe.MultiMeasureAttributeMapping" }, - "markdownDescription": "A list of static default values for a given date time parameter. The valid format for this property is `yyyy-MM-dd\u2019T\u2019HH:mm:ss\u2019Z\u2019` .", - "title": "StaticValues", + "markdownDescription": "Mappings that represent multiple source event fields mapped to measures in the same Timestream for LiveAnalytics record.", + "title": "MultiMeasureAttributeMappings", "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::DataSet.DecimalDatasetParameter": { - "additionalProperties": false, - "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.DecimalDatasetParameterDefaultValues", - "markdownDescription": "A list of default values for a given decimal parameter. This structure only accepts static values.", - "title": "DefaultValues" - }, - "Id": { - "markdownDescription": "An identifier for the decimal parameter created in the dataset.", - "title": "Id", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the decimal parameter that is created in the dataset.", - "title": "Name", - "type": "string" }, - "ValueType": { - "markdownDescription": "The value type of the dataset parameter. Valid values are `single value` or `multi value` .", - "title": "ValueType", + "MultiMeasureName": { + "markdownDescription": "The name of the multiple measurements per record (multi-measure).", + "title": "MultiMeasureName", "type": "string" } }, "required": [ - "Id", - "Name", - "ValueType" + "MultiMeasureAttributeMappings", + "MultiMeasureName" ], "type": "object" }, - "AWS::QuickSight::DataSet.DecimalDatasetParameterDefaultValues": { + "AWS::Pipes::Pipe.NetworkConfiguration": { "additionalProperties": false, "properties": { - "StaticValues": { - "items": { - "type": "number" - }, - "markdownDescription": "A list of static default values for a given decimal parameter.", - "title": "StaticValues", - "type": "array" + "AwsvpcConfiguration": { + "$ref": "#/definitions/AWS::Pipes::Pipe.AwsVpcConfiguration", + "markdownDescription": "Use this structure to specify the VPC subnets and security groups for the task, and whether a public IP address is to be used. This structure is relevant only for ECS tasks that use the `awsvpc` network mode.", + "title": "AwsvpcConfiguration" } }, "type": "object" }, - "AWS::QuickSight::DataSet.FieldFolder": { + "AWS::Pipes::Pipe.PipeEnrichmentHttpParameters": { "additionalProperties": false, "properties": { - "Columns": { + "HeaderParameters": { + "additionalProperties": true, + "markdownDescription": "The headers that need to be sent as part of request invoking the API Gateway REST API or EventBridge ApiDestination.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "HeaderParameters", + "type": "object" + }, + "PathParameterValues": { "items": { "type": "string" }, - "markdownDescription": "A folder has a list of columns. A column can only be in one folder.", - "title": "Columns", + "markdownDescription": "The path parameter values to be used to populate API Gateway REST API or EventBridge ApiDestination path wildcards (\"*\").", + "title": "PathParameterValues", "type": "array" }, - "Description": { - "markdownDescription": "The description for a field folder.", - "title": "Description", - "type": "string" + "QueryStringParameters": { + "additionalProperties": true, + "markdownDescription": "The query string keys/values that need to be sent as part of request invoking the API Gateway REST API or EventBridge ApiDestination.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "QueryStringParameters", + "type": "object" } }, "type": "object" }, - "AWS::QuickSight::DataSet.FilterOperation": { + "AWS::Pipes::Pipe.PipeEnrichmentParameters": { "additionalProperties": false, "properties": { - "ConditionExpression": { - "markdownDescription": "An expression that must evaluate to a Boolean value. Rows for which the expression evaluates to true are kept in the dataset.", - "title": "ConditionExpression", + "HttpParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeEnrichmentHttpParameters", + "markdownDescription": "Contains the HTTP parameters to use when the target is a API Gateway REST endpoint or EventBridge ApiDestination.\n\nIf you specify an API Gateway REST API or EventBridge ApiDestination as a target, you can use this parameter to specify headers, path parameters, and query string keys/values as part of your target invoking request. If you're using ApiDestinations, the corresponding Connection can also have these values configured. In case of any conflicting keys, values from the Connection take precedence.", + "title": "HttpParameters" + }, + "InputTemplate": { + "markdownDescription": "Valid JSON text passed to the enrichment. In this case, nothing from the event itself is passed to the enrichment. For more information, see [The JavaScript Object Notation (JSON) Data Interchange Format](https://docs.aws.amazon.com/http://www.rfc-editor.org/rfc/rfc7159.txt) .\n\nTo remove an input template, specify an empty string.", + "title": "InputTemplate", "type": "string" } }, - "required": [ - "ConditionExpression" - ], "type": "object" }, - "AWS::QuickSight::DataSet.GeoSpatialColumnGroup": { + "AWS::Pipes::Pipe.PipeLogConfiguration": { "additionalProperties": false, "properties": { - "Columns": { + "CloudwatchLogsLogDestination": { + "$ref": "#/definitions/AWS::Pipes::Pipe.CloudwatchLogsLogDestination", + "markdownDescription": "The logging configuration settings for the pipe.", + "title": "CloudwatchLogsLogDestination" + }, + "FirehoseLogDestination": { + "$ref": "#/definitions/AWS::Pipes::Pipe.FirehoseLogDestination", + "markdownDescription": "The Amazon Data Firehose logging configuration settings for the pipe.", + "title": "FirehoseLogDestination" + }, + "IncludeExecutionData": { "items": { "type": "string" }, - "markdownDescription": "Columns in this hierarchy.", - "title": "Columns", + "markdownDescription": "Whether the execution data (specifically, the `payload` , `awsRequest` , and `awsResponse` fields) is included in the log messages for this pipe.\n\nThis applies to all log destinations for the pipe.\n\nFor more information, see [Including execution data in logs](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes-logs.html#eb-pipes-logs-execution-data) in the *Amazon EventBridge User Guide* .\n\n*Allowed values:* `ALL`", + "title": "IncludeExecutionData", "type": "array" }, - "CountryCode": { - "markdownDescription": "Country code.", - "title": "CountryCode", + "Level": { + "markdownDescription": "The level of logging detail to include. This applies to all log destinations for the pipe.", + "title": "Level", "type": "string" }, - "Name": { - "markdownDescription": "A display name for the hierarchy.", - "title": "Name", - "type": "string" - } - }, - "required": [ - "Columns", - "Name" - ], - "type": "object" - }, - "AWS::QuickSight::DataSet.IncrementalRefresh": { - "additionalProperties": false, - "properties": { - "LookbackWindow": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.LookbackWindow", - "markdownDescription": "The lookback window setup for an incremental refresh configuration.", - "title": "LookbackWindow" + "S3LogDestination": { + "$ref": "#/definitions/AWS::Pipes::Pipe.S3LogDestination", + "markdownDescription": "The Amazon S3 logging configuration settings for the pipe.", + "title": "S3LogDestination" } }, "type": "object" }, - "AWS::QuickSight::DataSet.IngestionWaitPolicy": { + "AWS::Pipes::Pipe.PipeSourceActiveMQBrokerParameters": { "additionalProperties": false, "properties": { - "IngestionWaitTimeInHours": { - "markdownDescription": "The maximum time (in hours) to wait for Ingestion to complete. Default timeout is 36 hours. Applicable only when `DataSetImportMode` mode is set to SPICE and `WaitForSpiceIngestion` is set to true.", - "title": "IngestionWaitTimeInHours", + "BatchSize": { + "markdownDescription": "The maximum number of records to include in each batch.", + "title": "BatchSize", "type": "number" }, - "WaitForSpiceIngestion": { - "markdownDescription": "Wait for SPICE ingestion to finish to mark dataset creation or update as successful. Default (true). Applicable only when `DataSetImportMode` mode is set to SPICE.", - "title": "WaitForSpiceIngestion", - "type": "boolean" + "Credentials": { + "$ref": "#/definitions/AWS::Pipes::Pipe.MQBrokerAccessCredentials", + "markdownDescription": "The credentials needed to access the resource.", + "title": "Credentials" + }, + "MaximumBatchingWindowInSeconds": { + "markdownDescription": "The maximum length of a time to wait for events.", + "title": "MaximumBatchingWindowInSeconds", + "type": "number" + }, + "QueueName": { + "markdownDescription": "The name of the destination queue to consume.", + "title": "QueueName", + "type": "string" } }, + "required": [ + "Credentials", + "QueueName" + ], "type": "object" }, - "AWS::QuickSight::DataSet.InputColumn": { + "AWS::Pipes::Pipe.PipeSourceDynamoDBStreamParameters": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of this column in the underlying data source.", - "title": "Name", - "type": "string" + "BatchSize": { + "markdownDescription": "The maximum number of records to include in each batch.", + "title": "BatchSize", + "type": "number" }, - "SubType": { - "markdownDescription": "The sub data type of the column. Sub types are only available for decimal columns that are part of a SPICE dataset.", - "title": "SubType", + "DeadLetterConfig": { + "$ref": "#/definitions/AWS::Pipes::Pipe.DeadLetterConfig", + "markdownDescription": "Define the target queue to send dead-letter queue events to.", + "title": "DeadLetterConfig" + }, + "MaximumBatchingWindowInSeconds": { + "markdownDescription": "The maximum length of a time to wait for events.", + "title": "MaximumBatchingWindowInSeconds", + "type": "number" + }, + "MaximumRecordAgeInSeconds": { + "markdownDescription": "Discard records older than the specified age. The default value is -1, which sets the maximum age to infinite. When the value is set to infinite, EventBridge never discards old records.", + "title": "MaximumRecordAgeInSeconds", + "type": "number" + }, + "MaximumRetryAttempts": { + "markdownDescription": "Discard records after the specified number of retries. The default value is -1, which sets the maximum number of retries to infinite. When MaximumRetryAttempts is infinite, EventBridge retries failed records until the record expires in the event source.", + "title": "MaximumRetryAttempts", + "type": "number" + }, + "OnPartialBatchItemFailure": { + "markdownDescription": "Define how to handle item process failures. `AUTOMATIC_BISECT` halves each batch and retry each half until all the records are processed or there is one failed message left in the batch.", + "title": "OnPartialBatchItemFailure", "type": "string" }, - "Type": { - "markdownDescription": "The data type of the column.", - "title": "Type", + "ParallelizationFactor": { + "markdownDescription": "The number of batches to process concurrently from each shard. The default value is 1.", + "title": "ParallelizationFactor", + "type": "number" + }, + "StartingPosition": { + "markdownDescription": "(Streams only) The position in a stream from which to start reading.\n\n*Valid values* : `TRIM_HORIZON | LATEST`", + "title": "StartingPosition", "type": "string" } }, "required": [ - "Name", - "Type" + "StartingPosition" ], "type": "object" }, - "AWS::QuickSight::DataSet.IntegerDatasetParameter": { + "AWS::Pipes::Pipe.PipeSourceKinesisStreamParameters": { "additionalProperties": false, "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.IntegerDatasetParameterDefaultValues", - "markdownDescription": "A list of default values for a given integer parameter. This structure only accepts static values.", - "title": "DefaultValues" + "BatchSize": { + "markdownDescription": "The maximum number of records to include in each batch.", + "title": "BatchSize", + "type": "number" }, - "Id": { - "markdownDescription": "An identifier for the integer parameter created in the dataset.", - "title": "Id", + "DeadLetterConfig": { + "$ref": "#/definitions/AWS::Pipes::Pipe.DeadLetterConfig", + "markdownDescription": "Define the target queue to send dead-letter queue events to.", + "title": "DeadLetterConfig" + }, + "MaximumBatchingWindowInSeconds": { + "markdownDescription": "The maximum length of a time to wait for events.", + "title": "MaximumBatchingWindowInSeconds", + "type": "number" + }, + "MaximumRecordAgeInSeconds": { + "markdownDescription": "Discard records older than the specified age. The default value is -1, which sets the maximum age to infinite. When the value is set to infinite, EventBridge never discards old records.", + "title": "MaximumRecordAgeInSeconds", + "type": "number" + }, + "MaximumRetryAttempts": { + "markdownDescription": "Discard records after the specified number of retries. The default value is -1, which sets the maximum number of retries to infinite. When MaximumRetryAttempts is infinite, EventBridge retries failed records until the record expires in the event source.", + "title": "MaximumRetryAttempts", + "type": "number" + }, + "OnPartialBatchItemFailure": { + "markdownDescription": "Define how to handle item process failures. `AUTOMATIC_BISECT` halves each batch and retry each half until all the records are processed or there is one failed message left in the batch.", + "title": "OnPartialBatchItemFailure", "type": "string" }, - "Name": { - "markdownDescription": "The name of the integer parameter that is created in the dataset.", - "title": "Name", + "ParallelizationFactor": { + "markdownDescription": "The number of batches to process concurrently from each shard. The default value is 1.", + "title": "ParallelizationFactor", + "type": "number" + }, + "StartingPosition": { + "markdownDescription": "The position in a stream from which to start reading.", + "title": "StartingPosition", "type": "string" }, - "ValueType": { - "markdownDescription": "The value type of the dataset parameter. Valid values are `single value` or `multi value` .", - "title": "ValueType", + "StartingPositionTimestamp": { + "markdownDescription": "With `StartingPosition` set to `AT_TIMESTAMP` , the time from which to start reading, in Unix time seconds.", + "title": "StartingPositionTimestamp", "type": "string" } }, "required": [ - "Id", - "Name", - "ValueType" + "StartingPosition" ], "type": "object" }, - "AWS::QuickSight::DataSet.IntegerDatasetParameterDefaultValues": { - "additionalProperties": false, - "properties": { - "StaticValues": { - "items": { - "type": "number" - }, - "markdownDescription": "A list of static default values for a given integer parameter.", - "title": "StaticValues", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::DataSet.JoinInstruction": { + "AWS::Pipes::Pipe.PipeSourceManagedStreamingKafkaParameters": { "additionalProperties": false, "properties": { - "LeftJoinKeyProperties": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.JoinKeyProperties", - "markdownDescription": "Join key properties of the left operand.", - "title": "LeftJoinKeyProperties" + "BatchSize": { + "markdownDescription": "The maximum number of records to include in each batch.", + "title": "BatchSize", + "type": "number" }, - "LeftOperand": { - "markdownDescription": "The operand on the left side of a join.", - "title": "LeftOperand", + "ConsumerGroupID": { + "markdownDescription": "The name of the destination queue to consume.", + "title": "ConsumerGroupID", "type": "string" }, - "OnClause": { - "markdownDescription": "The join instructions provided in the `ON` clause of a join.", - "title": "OnClause", - "type": "string" + "Credentials": { + "$ref": "#/definitions/AWS::Pipes::Pipe.MSKAccessCredentials", + "markdownDescription": "The credentials needed to access the resource.", + "title": "Credentials" }, - "RightJoinKeyProperties": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.JoinKeyProperties", - "markdownDescription": "Join key properties of the right operand.", - "title": "RightJoinKeyProperties" + "MaximumBatchingWindowInSeconds": { + "markdownDescription": "The maximum length of a time to wait for events.", + "title": "MaximumBatchingWindowInSeconds", + "type": "number" }, - "RightOperand": { - "markdownDescription": "The operand on the right side of a join.", - "title": "RightOperand", + "StartingPosition": { + "markdownDescription": "The position in a stream from which to start reading.", + "title": "StartingPosition", "type": "string" }, - "Type": { - "markdownDescription": "The type of join that it is.", - "title": "Type", + "TopicName": { + "markdownDescription": "The name of the topic that the pipe will read from.", + "title": "TopicName", "type": "string" } }, "required": [ - "LeftOperand", - "OnClause", - "RightOperand", - "Type" + "TopicName" ], "type": "object" }, - "AWS::QuickSight::DataSet.JoinKeyProperties": { + "AWS::Pipes::Pipe.PipeSourceParameters": { "additionalProperties": false, "properties": { - "UniqueKey": { - "markdownDescription": "A value that indicates that a row in a table is uniquely identified by the columns in a join key. This is used by QuickSight to optimize query performance.", - "title": "UniqueKey", - "type": "boolean" + "ActiveMQBrokerParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceActiveMQBrokerParameters", + "markdownDescription": "The parameters for using an Active MQ broker as a source.", + "title": "ActiveMQBrokerParameters" + }, + "DynamoDBStreamParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceDynamoDBStreamParameters", + "markdownDescription": "The parameters for using a DynamoDB stream as a source.", + "title": "DynamoDBStreamParameters" + }, + "FilterCriteria": { + "$ref": "#/definitions/AWS::Pipes::Pipe.FilterCriteria", + "markdownDescription": "The collection of event patterns used to filter events.\n\nTo remove a filter, specify a `FilterCriteria` object with an empty array of `Filter` objects.\n\nFor more information, see [Events and Event Patterns](https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-and-event-patterns.html) in the *Amazon EventBridge User Guide* .", + "title": "FilterCriteria" + }, + "KinesisStreamParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceKinesisStreamParameters", + "markdownDescription": "The parameters for using a Kinesis stream as a source.", + "title": "KinesisStreamParameters" + }, + "ManagedStreamingKafkaParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceManagedStreamingKafkaParameters", + "markdownDescription": "The parameters for using an MSK stream as a source.", + "title": "ManagedStreamingKafkaParameters" + }, + "RabbitMQBrokerParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceRabbitMQBrokerParameters", + "markdownDescription": "The parameters for using a Rabbit MQ broker as a source.", + "title": "RabbitMQBrokerParameters" + }, + "SelfManagedKafkaParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceSelfManagedKafkaParameters", + "markdownDescription": "The parameters for using a self-managed Apache Kafka stream as a source.\n\nA *self managed* cluster refers to any Apache Kafka cluster not hosted by AWS . This includes both clusters you manage yourself, as well as those hosted by a third-party provider, such as [Confluent Cloud](https://docs.aws.amazon.com/https://www.confluent.io/) , [CloudKarafka](https://docs.aws.amazon.com/https://www.cloudkarafka.com/) , or [Redpanda](https://docs.aws.amazon.com/https://redpanda.com/) . For more information, see [Apache Kafka streams as a source](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes-kafka.html) in the *Amazon EventBridge User Guide* .", + "title": "SelfManagedKafkaParameters" + }, + "SqsQueueParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceSqsQueueParameters", + "markdownDescription": "The parameters for using a Amazon SQS stream as a source.", + "title": "SqsQueueParameters" } }, "type": "object" }, - "AWS::QuickSight::DataSet.LogicalTable": { + "AWS::Pipes::Pipe.PipeSourceRabbitMQBrokerParameters": { "additionalProperties": false, "properties": { - "Alias": { - "markdownDescription": "A display name for the logical table.", - "title": "Alias", + "BatchSize": { + "markdownDescription": "The maximum number of records to include in each batch.", + "title": "BatchSize", + "type": "number" + }, + "Credentials": { + "$ref": "#/definitions/AWS::Pipes::Pipe.MQBrokerAccessCredentials", + "markdownDescription": "The credentials needed to access the resource.", + "title": "Credentials" + }, + "MaximumBatchingWindowInSeconds": { + "markdownDescription": "The maximum length of a time to wait for events.", + "title": "MaximumBatchingWindowInSeconds", + "type": "number" + }, + "QueueName": { + "markdownDescription": "The name of the destination queue to consume.", + "title": "QueueName", "type": "string" }, - "DataTransforms": { + "VirtualHost": { + "markdownDescription": "The name of the virtual host associated with the source broker.", + "title": "VirtualHost", + "type": "string" + } + }, + "required": [ + "Credentials", + "QueueName" + ], + "type": "object" + }, + "AWS::Pipes::Pipe.PipeSourceSelfManagedKafkaParameters": { + "additionalProperties": false, + "properties": { + "AdditionalBootstrapServers": { "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.TransformOperation" + "type": "string" }, - "markdownDescription": "Transform operations that act on this logical table. For this structure to be valid, only one of the attributes can be non-null.", - "title": "DataTransforms", + "markdownDescription": "An array of server URLs.", + "title": "AdditionalBootstrapServers", "type": "array" }, - "Source": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.LogicalTableSource", - "markdownDescription": "Source of this logical table.", - "title": "Source" + "BatchSize": { + "markdownDescription": "The maximum number of records to include in each batch.", + "title": "BatchSize", + "type": "number" + }, + "ConsumerGroupID": { + "markdownDescription": "The name of the destination queue to consume.", + "title": "ConsumerGroupID", + "type": "string" + }, + "Credentials": { + "$ref": "#/definitions/AWS::Pipes::Pipe.SelfManagedKafkaAccessConfigurationCredentials", + "markdownDescription": "The credentials needed to access the resource.", + "title": "Credentials" + }, + "MaximumBatchingWindowInSeconds": { + "markdownDescription": "The maximum length of a time to wait for events.", + "title": "MaximumBatchingWindowInSeconds", + "type": "number" + }, + "ServerRootCaCertificate": { + "markdownDescription": "The ARN of the Secrets Manager secret used for certification.", + "title": "ServerRootCaCertificate", + "type": "string" + }, + "StartingPosition": { + "markdownDescription": "The position in a stream from which to start reading.", + "title": "StartingPosition", + "type": "string" + }, + "TopicName": { + "markdownDescription": "The name of the topic that the pipe will read from.", + "title": "TopicName", + "type": "string" + }, + "Vpc": { + "$ref": "#/definitions/AWS::Pipes::Pipe.SelfManagedKafkaAccessConfigurationVpc", + "markdownDescription": "This structure specifies the VPC subnets and security groups for the stream, and whether a public IP address is to be used.", + "title": "Vpc" } }, "required": [ - "Alias", - "Source" + "TopicName" ], "type": "object" }, - "AWS::QuickSight::DataSet.LogicalTableSource": { + "AWS::Pipes::Pipe.PipeSourceSqsQueueParameters": { "additionalProperties": false, "properties": { - "DataSetArn": { - "markdownDescription": "The Amazon Resource Number (ARN) of the parent dataset.", - "title": "DataSetArn", - "type": "string" + "BatchSize": { + "markdownDescription": "The maximum number of records to include in each batch.", + "title": "BatchSize", + "type": "number" }, - "JoinInstruction": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.JoinInstruction", - "markdownDescription": "Specifies the result of a join of two logical tables.", - "title": "JoinInstruction" + "MaximumBatchingWindowInSeconds": { + "markdownDescription": "The maximum length of a time to wait for events.", + "title": "MaximumBatchingWindowInSeconds", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Pipes::Pipe.PipeTargetBatchJobParameters": { + "additionalProperties": false, + "properties": { + "ArrayProperties": { + "$ref": "#/definitions/AWS::Pipes::Pipe.BatchArrayProperties", + "markdownDescription": "The array properties for the submitted job, such as the size of the array. The array size can be between 2 and 10,000. If you specify array properties for a job, it becomes an array job. This parameter is used only if the target is an AWS Batch job.", + "title": "ArrayProperties" }, - "PhysicalTableId": { - "markdownDescription": "Physical table ID.", - "title": "PhysicalTableId", + "ContainerOverrides": { + "$ref": "#/definitions/AWS::Pipes::Pipe.BatchContainerOverrides", + "markdownDescription": "The overrides that are sent to a container.", + "title": "ContainerOverrides" + }, + "DependsOn": { + "items": { + "$ref": "#/definitions/AWS::Pipes::Pipe.BatchJobDependency" + }, + "markdownDescription": "A list of dependencies for the job. A job can depend upon a maximum of 20 jobs. You can specify a `SEQUENTIAL` type dependency without specifying a job ID for array jobs so that each child array job completes sequentially, starting at index 0. You can also specify an `N_TO_N` type dependency with a job ID for array jobs. In that case, each index child of this job must wait for the corresponding index child of each dependency to complete before it can begin.", + "title": "DependsOn", + "type": "array" + }, + "JobDefinition": { + "markdownDescription": "The job definition used by this job. This value can be one of `name` , `name:revision` , or the Amazon Resource Name (ARN) for the job definition. If name is specified without a revision then the latest active revision is used.", + "title": "JobDefinition", + "type": "string" + }, + "JobName": { + "markdownDescription": "The name of the job. It can be up to 128 letters long. The first character must be alphanumeric, can contain uppercase and lowercase letters, numbers, hyphens (-), and underscores (_).", + "title": "JobName", "type": "string" + }, + "Parameters": { + "additionalProperties": true, + "markdownDescription": "Additional parameters passed to the job that replace parameter substitution placeholders that are set in the job definition. Parameters are specified as a key and value pair mapping. Parameters included here override any corresponding parameter defaults from the job definition.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Parameters", + "type": "object" + }, + "RetryStrategy": { + "$ref": "#/definitions/AWS::Pipes::Pipe.BatchRetryStrategy", + "markdownDescription": "The retry strategy to use for failed jobs. When a retry strategy is specified here, it overrides the retry strategy defined in the job definition.", + "title": "RetryStrategy" } }, + "required": [ + "JobDefinition", + "JobName" + ], "type": "object" }, - "AWS::QuickSight::DataSet.LookbackWindow": { + "AWS::Pipes::Pipe.PipeTargetCloudWatchLogsParameters": { "additionalProperties": false, "properties": { - "ColumnName": { - "markdownDescription": "The name of the lookback window column.", - "title": "ColumnName", + "LogStreamName": { + "markdownDescription": "The name of the log stream.", + "title": "LogStreamName", "type": "string" }, - "Size": { - "markdownDescription": "The lookback window column size.", - "title": "Size", - "type": "number" - }, - "SizeUnit": { - "markdownDescription": "The size unit that is used for the lookback window column. Valid values for this structure are `HOUR` , `DAY` , and `WEEK` .", - "title": "SizeUnit", + "Timestamp": { + "markdownDescription": "A [dynamic path parameter](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes-event-target.html) to a field in the payload containing the time the event occurred, expressed as the number of milliseconds after Jan 1, 1970 00:00:00 UTC.\n\nThe value cannot be a static timestamp as the provided timestamp would be applied to all events delivered by the Pipe, regardless of when they are actually delivered.\n\nIf no dynamic path parameter is provided, the default value is the time the invocation is processed by the Pipe.", + "title": "Timestamp", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::DataSet.NewDefaultValues": { + "AWS::Pipes::Pipe.PipeTargetEcsTaskParameters": { "additionalProperties": false, "properties": { - "DateTimeStaticValues": { + "CapacityProviderStrategy": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Pipes::Pipe.CapacityProviderStrategyItem" }, - "markdownDescription": "A list of static default values for a given date time parameter. The valid format for this property is `yyyy-MM-dd\u2019T\u2019HH:mm:ss\u2019Z\u2019` .", - "title": "DateTimeStaticValues", + "markdownDescription": "The capacity provider strategy to use for the task.\n\nIf a `capacityProviderStrategy` is specified, the `launchType` parameter must be omitted. If no `capacityProviderStrategy` or launchType is specified, the `defaultCapacityProviderStrategy` for the cluster is used.", + "title": "CapacityProviderStrategy", "type": "array" }, - "DecimalStaticValues": { + "EnableECSManagedTags": { + "markdownDescription": "Specifies whether to enable Amazon ECS managed tags for the task. For more information, see [Tagging Your Amazon ECS Resources](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-using-tags.html) in the Amazon Elastic Container Service Developer Guide.", + "title": "EnableECSManagedTags", + "type": "boolean" + }, + "EnableExecuteCommand": { + "markdownDescription": "Whether or not to enable the execute command functionality for the containers in this task. If true, this enables execute command functionality on all containers in the task.", + "title": "EnableExecuteCommand", + "type": "boolean" + }, + "Group": { + "markdownDescription": "Specifies an Amazon ECS task group for the task. The maximum length is 255 characters.", + "title": "Group", + "type": "string" + }, + "LaunchType": { + "markdownDescription": "Specifies the launch type on which your task is running. The launch type that you specify here must match one of the launch type (compatibilities) of the target task. The `FARGATE` value is supported only in the Regions where AWS Fargate with Amazon ECS is supported. For more information, see [AWS Fargate on Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/AWS-Fargate.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "LaunchType", + "type": "string" + }, + "NetworkConfiguration": { + "$ref": "#/definitions/AWS::Pipes::Pipe.NetworkConfiguration", + "markdownDescription": "Use this structure if the Amazon ECS task uses the `awsvpc` network mode. This structure specifies the VPC subnets and security groups associated with the task, and whether a public IP address is to be used. This structure is required if `LaunchType` is `FARGATE` because the `awsvpc` mode is required for Fargate tasks.\n\nIf you specify `NetworkConfiguration` when the target ECS task does not use the `awsvpc` network mode, the task fails.", + "title": "NetworkConfiguration" + }, + "Overrides": { + "$ref": "#/definitions/AWS::Pipes::Pipe.EcsTaskOverride", + "markdownDescription": "The overrides that are associated with a task.", + "title": "Overrides" + }, + "PlacementConstraints": { "items": { - "type": "number" + "$ref": "#/definitions/AWS::Pipes::Pipe.PlacementConstraint" }, - "markdownDescription": "A list of static default values for a given decimal parameter.", - "title": "DecimalStaticValues", + "markdownDescription": "An array of placement constraint objects to use for the task. You can specify up to 10 constraints per task (including constraints in the task definition and those specified at runtime).", + "title": "PlacementConstraints", "type": "array" }, - "IntegerStaticValues": { + "PlacementStrategy": { "items": { - "type": "number" + "$ref": "#/definitions/AWS::Pipes::Pipe.PlacementStrategy" }, - "markdownDescription": "A list of static default values for a given integer parameter.", - "title": "IntegerStaticValues", + "markdownDescription": "The placement strategy objects to use for the task. You can specify a maximum of five strategy rules per task.", + "title": "PlacementStrategy", "type": "array" }, - "StringStaticValues": { + "PlatformVersion": { + "markdownDescription": "Specifies the platform version for the task. Specify only the numeric portion of the platform version, such as `1.1.0` .\n\nThis structure is used only if `LaunchType` is `FARGATE` . For more information about valid platform versions, see [AWS Fargate Platform Versions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "PlatformVersion", + "type": "string" + }, + "PropagateTags": { + "markdownDescription": "Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags are not propagated. Tags can only be propagated to the task during task creation. To add tags to a task after task creation, use the `TagResource` API action.", + "title": "PropagateTags", + "type": "string" + }, + "ReferenceId": { + "markdownDescription": "The reference ID to use for the task.", + "title": "ReferenceId", + "type": "string" + }, + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of static default values for a given string parameter.", - "title": "StringStaticValues", + "markdownDescription": "The metadata that you apply to the task to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define. To learn more, see [RunTask](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RunTask.html#ECS-RunTask-request-tags) in the Amazon ECS API Reference.", + "title": "Tags", "type": "array" + }, + "TaskCount": { + "markdownDescription": "The number of tasks to create based on `TaskDefinition` . The default is 1.", + "title": "TaskCount", + "type": "number" + }, + "TaskDefinitionArn": { + "markdownDescription": "The ARN of the task definition to use if the event target is an Amazon ECS task.", + "title": "TaskDefinitionArn", + "type": "string" } }, + "required": [ + "TaskDefinitionArn" + ], "type": "object" }, - "AWS::QuickSight::DataSet.OutputColumn": { + "AWS::Pipes::Pipe.PipeTargetEventBridgeEventBusParameters": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description for a column.", - "title": "Description", + "DetailType": { + "markdownDescription": "A free-form string, with a maximum of 128 characters, used to decide what fields to expect in the event detail.", + "title": "DetailType", "type": "string" }, - "Name": { - "markdownDescription": "The display name of the column..", - "title": "Name", + "EndpointId": { + "markdownDescription": "The URL subdomain of the endpoint. For example, if the URL for Endpoint is https://abcde.veo.endpoints.event.amazonaws.com, then the EndpointId is `abcde.veo` .", + "title": "EndpointId", "type": "string" }, - "SubType": { - "markdownDescription": "The sub data type of the column.", - "title": "SubType", + "Resources": { + "items": { + "type": "string" + }, + "markdownDescription": "AWS resources, identified by Amazon Resource Name (ARN), which the event primarily concerns. Any number, including zero, may be present.", + "title": "Resources", + "type": "array" + }, + "Source": { + "markdownDescription": "The source of the event.", + "title": "Source", "type": "string" }, - "Type": { - "markdownDescription": "The data type of the column.", - "title": "Type", + "Time": { + "markdownDescription": "The time stamp of the event, per [RFC3339](https://docs.aws.amazon.com/https://www.rfc-editor.org/rfc/rfc3339.txt) . If no time stamp is provided, the time stamp of the [PutEvents](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_PutEvents.html) call is used.", + "title": "Time", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::DataSet.OverrideDatasetParameterOperation": { + "AWS::Pipes::Pipe.PipeTargetHttpParameters": { "additionalProperties": false, "properties": { - "NewDefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.NewDefaultValues", - "markdownDescription": "The new default values for the parameter.", - "title": "NewDefaultValues" + "HeaderParameters": { + "additionalProperties": true, + "markdownDescription": "The headers that need to be sent as part of request invoking the API Gateway REST API or EventBridge ApiDestination.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "HeaderParameters", + "type": "object" }, - "NewParameterName": { - "markdownDescription": "The new name for the parameter.", - "title": "NewParameterName", - "type": "string" + "PathParameterValues": { + "items": { + "type": "string" + }, + "markdownDescription": "The path parameter values to be used to populate API Gateway REST API or EventBridge ApiDestination path wildcards (\"*\").", + "title": "PathParameterValues", + "type": "array" }, - "ParameterName": { - "markdownDescription": "The name of the parameter to be overridden with different values.", - "title": "ParameterName", - "type": "string" + "QueryStringParameters": { + "additionalProperties": true, + "markdownDescription": "The query string keys/values that need to be sent as part of request invoking the API Gateway REST API or EventBridge ApiDestination.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "QueryStringParameters", + "type": "object" } }, - "required": [ - "ParameterName" - ], "type": "object" }, - "AWS::QuickSight::DataSet.PhysicalTable": { + "AWS::Pipes::Pipe.PipeTargetKinesisStreamParameters": { "additionalProperties": false, "properties": { - "CustomSql": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.CustomSql", - "markdownDescription": "A physical table type built from the results of the custom SQL query.", - "title": "CustomSql" - }, - "RelationalTable": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.RelationalTable", - "markdownDescription": "A physical table type for relational data sources.", - "title": "RelationalTable" - }, - "S3Source": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.S3Source", - "markdownDescription": "A physical table type for as S3 data source.", - "title": "S3Source" + "PartitionKey": { + "markdownDescription": "Determines which shard in the stream the data record is assigned to. Partition keys are Unicode strings with a maximum length limit of 256 characters for each key. Amazon Kinesis Data Streams uses the partition key as input to a hash function that maps the partition key and associated data to a specific shard. Specifically, an MD5 hash function is used to map partition keys to 128-bit integer values and to map associated data records to shards. As a result of this hashing mechanism, all data records with the same partition key map to the same shard within the stream.", + "title": "PartitionKey", + "type": "string" } }, + "required": [ + "PartitionKey" + ], "type": "object" }, - "AWS::QuickSight::DataSet.ProjectOperation": { + "AWS::Pipes::Pipe.PipeTargetLambdaFunctionParameters": { "additionalProperties": false, "properties": { - "ProjectedColumns": { - "items": { - "type": "string" - }, - "markdownDescription": "Projected columns.", - "title": "ProjectedColumns", - "type": "array" + "InvocationType": { + "markdownDescription": "Specify whether to invoke the function synchronously or asynchronously.\n\n- `REQUEST_RESPONSE` (default) - Invoke synchronously. This corresponds to the `RequestResponse` option in the `InvocationType` parameter for the Lambda [Invoke](https://docs.aws.amazon.com/lambda/latest/dg/API_Invoke.html#API_Invoke_RequestSyntax) API.\n- `FIRE_AND_FORGET` - Invoke asynchronously. This corresponds to the `Event` option in the `InvocationType` parameter for the Lambda [Invoke](https://docs.aws.amazon.com/lambda/latest/dg/API_Invoke.html#API_Invoke_RequestSyntax) API.\n\nFor more information, see [Invocation types](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes.html#pipes-invocation) in the *Amazon EventBridge User Guide* .", + "title": "InvocationType", + "type": "string" } }, - "required": [ - "ProjectedColumns" - ], "type": "object" }, - "AWS::QuickSight::DataSet.RefreshConfiguration": { + "AWS::Pipes::Pipe.PipeTargetParameters": { "additionalProperties": false, "properties": { - "IncrementalRefresh": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.IncrementalRefresh", - "markdownDescription": "The incremental refresh for the dataset.", - "title": "IncrementalRefresh" + "BatchJobParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetBatchJobParameters", + "markdownDescription": "The parameters for using an AWS Batch job as a target.", + "title": "BatchJobParameters" + }, + "CloudWatchLogsParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetCloudWatchLogsParameters", + "markdownDescription": "The parameters for using an CloudWatch Logs log stream as a target.", + "title": "CloudWatchLogsParameters" + }, + "EcsTaskParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetEcsTaskParameters", + "markdownDescription": "The parameters for using an Amazon ECS task as a target.", + "title": "EcsTaskParameters" + }, + "EventBridgeEventBusParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetEventBridgeEventBusParameters", + "markdownDescription": "The parameters for using an EventBridge event bus as a target.", + "title": "EventBridgeEventBusParameters" + }, + "HttpParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetHttpParameters", + "markdownDescription": "These are custom parameter to be used when the target is an API Gateway REST APIs or EventBridge ApiDestinations.", + "title": "HttpParameters" + }, + "InputTemplate": { + "markdownDescription": "Valid JSON text passed to the target. In this case, nothing from the event itself is passed to the target. For more information, see [The JavaScript Object Notation (JSON) Data Interchange Format](https://docs.aws.amazon.com/http://www.rfc-editor.org/rfc/rfc7159.txt) .\n\nTo remove an input template, specify an empty string.", + "title": "InputTemplate", + "type": "string" + }, + "KinesisStreamParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetKinesisStreamParameters", + "markdownDescription": "The parameters for using a Kinesis stream as a target.", + "title": "KinesisStreamParameters" + }, + "LambdaFunctionParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetLambdaFunctionParameters", + "markdownDescription": "The parameters for using a Lambda function as a target.", + "title": "LambdaFunctionParameters" + }, + "RedshiftDataParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetRedshiftDataParameters", + "markdownDescription": "These are custom parameters to be used when the target is a Amazon Redshift cluster to invoke the Amazon Redshift Data API BatchExecuteStatement.", + "title": "RedshiftDataParameters" + }, + "SageMakerPipelineParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetSageMakerPipelineParameters", + "markdownDescription": "The parameters for using a SageMaker AI pipeline as a target.", + "title": "SageMakerPipelineParameters" + }, + "SqsQueueParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetSqsQueueParameters", + "markdownDescription": "The parameters for using a Amazon SQS stream as a target.", + "title": "SqsQueueParameters" + }, + "StepFunctionStateMachineParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetStateMachineParameters", + "markdownDescription": "The parameters for using a Step Functions state machine as a target.", + "title": "StepFunctionStateMachineParameters" + }, + "TimestreamParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetTimestreamParameters", + "markdownDescription": "The parameters for using a Timestream for LiveAnalytics table as a target.", + "title": "TimestreamParameters" } }, "type": "object" }, - "AWS::QuickSight::DataSet.RelationalTable": { + "AWS::Pipes::Pipe.PipeTargetRedshiftDataParameters": { "additionalProperties": false, "properties": { - "Catalog": { - "markdownDescription": "The catalog associated with a table.", - "title": "Catalog", + "Database": { + "markdownDescription": "The name of the database. Required when authenticating using temporary credentials.", + "title": "Database", "type": "string" }, - "DataSourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the data source.", - "title": "DataSourceArn", + "DbUser": { + "markdownDescription": "The database user name. Required when authenticating using temporary credentials.", + "title": "DbUser", "type": "string" }, - "InputColumns": { + "SecretManagerArn": { + "markdownDescription": "The name or ARN of the secret that enables access to the database. Required when authenticating using Secrets Manager.", + "title": "SecretManagerArn", + "type": "string" + }, + "Sqls": { "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.InputColumn" + "type": "string" }, - "markdownDescription": "The column schema of the table.", - "title": "InputColumns", + "markdownDescription": "The SQL statement text to run.", + "title": "Sqls", "type": "array" }, - "Name": { - "markdownDescription": "The name of the relational table.", - "title": "Name", + "StatementName": { + "markdownDescription": "The name of the SQL statement. You can name the SQL statement when you create it to identify the query.", + "title": "StatementName", "type": "string" }, - "Schema": { - "markdownDescription": "The schema name. This name applies to certain relational database engines.", - "title": "Schema", - "type": "string" + "WithEvent": { + "markdownDescription": "Indicates whether to send an event back to EventBridge after the SQL statement runs.", + "title": "WithEvent", + "type": "boolean" } }, "required": [ - "DataSourceArn", - "InputColumns", - "Name" + "Database", + "Sqls" ], "type": "object" }, - "AWS::QuickSight::DataSet.RenameColumnOperation": { + "AWS::Pipes::Pipe.PipeTargetSageMakerPipelineParameters": { "additionalProperties": false, "properties": { - "ColumnName": { - "markdownDescription": "The name of the column to be renamed.", - "title": "ColumnName", + "PipelineParameterList": { + "items": { + "$ref": "#/definitions/AWS::Pipes::Pipe.SageMakerPipelineParameter" + }, + "markdownDescription": "List of Parameter names and values for SageMaker AI Model Building Pipeline execution.", + "title": "PipelineParameterList", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Pipes::Pipe.PipeTargetSqsQueueParameters": { + "additionalProperties": false, + "properties": { + "MessageDeduplicationId": { + "markdownDescription": "This parameter applies only to FIFO (first-in-first-out) queues.\n\nThe token used for deduplication of sent messages.", + "title": "MessageDeduplicationId", "type": "string" }, - "NewColumnName": { - "markdownDescription": "The new name for the column.", - "title": "NewColumnName", + "MessageGroupId": { + "markdownDescription": "The FIFO message group ID to use as the target.", + "title": "MessageGroupId", "type": "string" } }, - "required": [ - "ColumnName", - "NewColumnName" - ], "type": "object" }, - "AWS::QuickSight::DataSet.ResourcePermission": { + "AWS::Pipes::Pipe.PipeTargetStateMachineParameters": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "type": "string" - }, - "markdownDescription": "The IAM action to grant or revoke permisions on", - "title": "Actions", - "type": "array" - }, - "Principal": { - "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", - "title": "Principal", + "InvocationType": { + "markdownDescription": "Specify whether to invoke the Step Functions state machine synchronously or asynchronously.\n\n- `REQUEST_RESPONSE` (default) - Invoke synchronously. For more information, see [StartSyncExecution](https://docs.aws.amazon.com/step-functions/latest/apireference/API_StartSyncExecution.html) in the *AWS Step Functions API Reference* .\n\n> `REQUEST_RESPONSE` is not supported for `STANDARD` state machine workflows.\n- `FIRE_AND_FORGET` - Invoke asynchronously. For more information, see [StartExecution](https://docs.aws.amazon.com/step-functions/latest/apireference/API_StartExecution.html) in the *AWS Step Functions API Reference* .\n\nFor more information, see [Invocation types](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes.html#pipes-invocation) in the *Amazon EventBridge User Guide* .", + "title": "InvocationType", "type": "string" } }, - "required": [ - "Actions", - "Principal" - ], "type": "object" }, - "AWS::QuickSight::DataSet.RowLevelPermissionDataSet": { + "AWS::Pipes::Pipe.PipeTargetTimestreamParameters": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the dataset that contains permissions for RLS.", - "title": "Arn", + "DimensionMappings": { + "items": { + "$ref": "#/definitions/AWS::Pipes::Pipe.DimensionMapping" + }, + "markdownDescription": "Map source data to dimensions in the target Timestream for LiveAnalytics table.\n\nFor more information, see [Amazon Timestream for LiveAnalytics concepts](https://docs.aws.amazon.com/timestream/latest/developerguide/concepts.html)", + "title": "DimensionMappings", + "type": "array" + }, + "EpochTimeUnit": { + "markdownDescription": "The granularity of the time units used. Default is `MILLISECONDS` .\n\nRequired if `TimeFieldType` is specified as `EPOCH` .", + "title": "EpochTimeUnit", "type": "string" }, - "FormatVersion": { - "markdownDescription": "The user or group rules associated with the dataset that contains permissions for RLS.\n\nBy default, `FormatVersion` is `VERSION_1` . When `FormatVersion` is `VERSION_1` , `UserName` and `GroupName` are required. When `FormatVersion` is `VERSION_2` , `UserARN` and `GroupARN` are required, and `Namespace` must not exist.", - "title": "FormatVersion", + "MultiMeasureMappings": { + "items": { + "$ref": "#/definitions/AWS::Pipes::Pipe.MultiMeasureMapping" + }, + "markdownDescription": "Maps multiple measures from the source event to the same record in the specified Timestream for LiveAnalytics table.", + "title": "MultiMeasureMappings", + "type": "array" + }, + "SingleMeasureMappings": { + "items": { + "$ref": "#/definitions/AWS::Pipes::Pipe.SingleMeasureMapping" + }, + "markdownDescription": "Mappings of single source data fields to individual records in the specified Timestream for LiveAnalytics table.", + "title": "SingleMeasureMappings", + "type": "array" + }, + "TimeFieldType": { + "markdownDescription": "The type of time value used.\n\nThe default is `EPOCH` .", + "title": "TimeFieldType", "type": "string" }, - "Namespace": { - "markdownDescription": "The namespace associated with the dataset that contains permissions for RLS.", - "title": "Namespace", + "TimeValue": { + "markdownDescription": "Dynamic path to the source data field that represents the time value for your data.", + "title": "TimeValue", "type": "string" }, - "PermissionPolicy": { - "markdownDescription": "The type of permissions to use when interpreting the permissions for RLS. `DENY_ACCESS` is included for backward compatibility only.", - "title": "PermissionPolicy", + "TimestampFormat": { + "markdownDescription": "How to format the timestamps. For example, `yyyy-MM-dd'T'HH:mm:ss'Z'` .\n\nRequired if `TimeFieldType` is specified as `TIMESTAMP_FORMAT` .", + "title": "TimestampFormat", "type": "string" }, - "Status": { - "markdownDescription": "The status of the row-level security permission dataset. If enabled, the status is `ENABLED` . If disabled, the status is `DISABLED` .", - "title": "Status", + "VersionValue": { + "markdownDescription": "64 bit version value or source data field that represents the version value for your data.\n\nWrite requests with a higher version number will update the existing measure values of the record and version. In cases where the measure value is the same, the version will still be updated.\n\nDefault value is 1.\n\nTimestream for LiveAnalytics does not support updating partial measure values in a record.\n\nWrite requests for duplicate data with a higher version number will update the existing measure value and version. In cases where the measure value is the same, `Version` will still be updated. Default value is `1` .\n\n> `Version` must be `1` or greater, or you will receive a `ValidationException` error.", + "title": "VersionValue", "type": "string" } }, "required": [ - "Arn", - "PermissionPolicy" + "DimensionMappings", + "TimeValue", + "VersionValue" ], "type": "object" }, - "AWS::QuickSight::DataSet.RowLevelPermissionTagConfiguration": { + "AWS::Pipes::Pipe.PlacementConstraint": { "additionalProperties": false, "properties": { - "Status": { - "markdownDescription": "The status of row-level security tags. If enabled, the status is `ENABLED` . If disabled, the status is `DISABLED` .", - "title": "Status", + "Expression": { + "markdownDescription": "A cluster query language expression to apply to the constraint. You cannot specify an expression if the constraint type is `distinctInstance` . To learn more, see [Cluster Query Language](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html) in the Amazon Elastic Container Service Developer Guide.", + "title": "Expression", "type": "string" }, - "TagRuleConfigurations": { - "markdownDescription": "The configuration of tags on a dataset to set row-level security.", - "title": "TagRuleConfigurations", - "type": "object" + "Type": { + "markdownDescription": "The type of constraint. Use distinctInstance to ensure that each task in a particular group is running on a different container instance. Use memberOf to restrict the selection to a group of valid candidates.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Pipes::Pipe.PlacementStrategy": { + "additionalProperties": false, + "properties": { + "Field": { + "markdownDescription": "The field to apply the placement strategy against. For the spread placement strategy, valid values are instanceId (or host, which has the same effect), or any platform or custom attribute that is applied to a container instance, such as attribute:ecs.availability-zone. For the binpack placement strategy, valid values are cpu and memory. For the random placement strategy, this field is not used.", + "title": "Field", + "type": "string" }, - "TagRules": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.RowLevelPermissionTagRule" - }, - "markdownDescription": "A set of rules associated with row-level security, such as the tag names and columns that they are assigned to.", - "title": "TagRules", - "type": "array" + "Type": { + "markdownDescription": "The type of placement strategy. The random placement strategy randomly places tasks on available candidates. The spread placement strategy spreads placement across available candidates evenly based on the field parameter. The binpack strategy places tasks on available candidates that have the least available amount of the resource that is specified with the field parameter. For example, if you binpack on memory, a task is placed on the instance with the least amount of remaining memory (but still enough to run the task).", + "title": "Type", + "type": "string" } }, - "required": [ - "TagRules" - ], "type": "object" }, - "AWS::QuickSight::DataSet.RowLevelPermissionTagRule": { + "AWS::Pipes::Pipe.S3LogDestination": { "additionalProperties": false, "properties": { - "ColumnName": { - "markdownDescription": "The column name that a tag key is assigned to.", - "title": "ColumnName", + "BucketName": { + "markdownDescription": "The name of the Amazon S3 bucket to which EventBridge delivers the log records for the pipe.", + "title": "BucketName", "type": "string" }, - "MatchAllValue": { - "markdownDescription": "A string that you want to use to filter by all the values in a column in the dataset and don\u2019t want to list the values one by one. For example, you can use an asterisk as your match all value.", - "title": "MatchAllValue", + "BucketOwner": { + "markdownDescription": "The AWS account that owns the Amazon S3 bucket to which EventBridge delivers the log records for the pipe.", + "title": "BucketOwner", "type": "string" }, - "TagKey": { - "markdownDescription": "The unique key for a tag.", - "title": "TagKey", + "OutputFormat": { + "markdownDescription": "The format EventBridge uses for the log records.\n\nEventBridge currently only supports `json` formatting.", + "title": "OutputFormat", "type": "string" }, - "TagMultiValueDelimiter": { - "markdownDescription": "A string that you want to use to delimit the values when you pass the values at run time. For example, you can delimit the values with a comma.", - "title": "TagMultiValueDelimiter", + "Prefix": { + "markdownDescription": "The prefix text with which to begin Amazon S3 log object names.\n\nFor more information, see [Organizing objects using prefixes](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-prefixes.html) in the *Amazon Simple Storage Service User Guide* .", + "title": "Prefix", "type": "string" } }, - "required": [ - "ColumnName", - "TagKey" - ], "type": "object" }, - "AWS::QuickSight::DataSet.S3Source": { + "AWS::Pipes::Pipe.SageMakerPipelineParameter": { "additionalProperties": false, "properties": { - "DataSourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the data source.", - "title": "DataSourceArn", + "Name": { + "markdownDescription": "Name of parameter to start execution of a SageMaker AI Model Building Pipeline.", + "title": "Name", "type": "string" }, - "InputColumns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.InputColumn" - }, - "markdownDescription": "A physical table type for an S3 data source.\n\n> For files that aren't JSON, only `STRING` data types are supported in input columns.", - "title": "InputColumns", - "type": "array" - }, - "UploadSettings": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.UploadSettings", - "markdownDescription": "Information about the format for the S3 source file or files.", - "title": "UploadSettings" + "Value": { + "markdownDescription": "Value of parameter to start execution of a SageMaker AI Model Building Pipeline.", + "title": "Value", + "type": "string" } }, "required": [ - "DataSourceArn", - "InputColumns" + "Name", + "Value" ], "type": "object" }, - "AWS::QuickSight::DataSet.StringDatasetParameter": { + "AWS::Pipes::Pipe.SelfManagedKafkaAccessConfigurationCredentials": { "additionalProperties": false, "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.StringDatasetParameterDefaultValues", - "markdownDescription": "A list of default values for a given string dataset parameter type. This structure only accepts static values.", - "title": "DefaultValues" + "BasicAuth": { + "markdownDescription": "The ARN of the Secrets Manager secret.", + "title": "BasicAuth", + "type": "string" }, - "Id": { - "markdownDescription": "An identifier for the string parameter that is created in the dataset.", - "title": "Id", + "ClientCertificateTlsAuth": { + "markdownDescription": "The ARN of the Secrets Manager secret.", + "title": "ClientCertificateTlsAuth", "type": "string" }, - "Name": { - "markdownDescription": "The name of the string parameter that is created in the dataset.", - "title": "Name", + "SaslScram256Auth": { + "markdownDescription": "The ARN of the Secrets Manager secret.", + "title": "SaslScram256Auth", "type": "string" }, - "ValueType": { - "markdownDescription": "The value type of the dataset parameter. Valid values are `single value` or `multi value` .", - "title": "ValueType", + "SaslScram512Auth": { + "markdownDescription": "The ARN of the Secrets Manager secret.", + "title": "SaslScram512Auth", "type": "string" } }, - "required": [ - "Id", - "Name", - "ValueType" - ], "type": "object" }, - "AWS::QuickSight::DataSet.StringDatasetParameterDefaultValues": { + "AWS::Pipes::Pipe.SelfManagedKafkaAccessConfigurationVpc": { "additionalProperties": false, "properties": { - "StaticValues": { + "SecurityGroup": { "items": { "type": "string" }, - "markdownDescription": "A list of static default values for a given string parameter.", - "title": "StaticValues", + "markdownDescription": "Specifies the security groups associated with the stream. These security groups must all be in the same VPC. You can specify as many as five security groups.", + "title": "SecurityGroup", "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::DataSet.TagColumnOperation": { - "additionalProperties": false, - "properties": { - "ColumnName": { - "markdownDescription": "The column that this operation acts on.", - "title": "ColumnName", - "type": "string" }, - "Tags": { + "Subnets": { "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.ColumnTag" + "type": "string" }, - "markdownDescription": "The dataset column tag, currently only used for geospatial type tagging.\n\n> This is not tags for the AWS tagging feature.", - "title": "Tags", + "markdownDescription": "Specifies the subnets associated with the stream. These subnets must all be in the same VPC. You can specify as many as 16 subnets.", + "title": "Subnets", "type": "array" } }, - "required": [ - "ColumnName", - "Tags" - ], - "type": "object" - }, - "AWS::QuickSight::DataSet.TransformOperation": { - "additionalProperties": false, - "properties": { - "CastColumnTypeOperation": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.CastColumnTypeOperation", - "markdownDescription": "A transform operation that casts a column to a different type.", - "title": "CastColumnTypeOperation" - }, - "CreateColumnsOperation": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.CreateColumnsOperation", - "markdownDescription": "An operation that creates calculated columns. Columns created in one such operation form a lexical closure.", - "title": "CreateColumnsOperation" - }, - "FilterOperation": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.FilterOperation", - "markdownDescription": "An operation that filters rows based on some condition.", - "title": "FilterOperation" - }, - "OverrideDatasetParameterOperation": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.OverrideDatasetParameterOperation", - "markdownDescription": "A transform operation that overrides the dataset parameter values that are defined in another dataset.", - "title": "OverrideDatasetParameterOperation" - }, - "ProjectOperation": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.ProjectOperation", - "markdownDescription": "An operation that projects columns. Operations that come after a projection can only refer to projected columns.", - "title": "ProjectOperation" - }, - "RenameColumnOperation": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.RenameColumnOperation", - "markdownDescription": "An operation that renames a column.", - "title": "RenameColumnOperation" - }, - "TagColumnOperation": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.TagColumnOperation", - "markdownDescription": "An operation that tags a column with additional information.", - "title": "TagColumnOperation" - } - }, "type": "object" }, - "AWS::QuickSight::DataSet.UploadSettings": { + "AWS::Pipes::Pipe.SingleMeasureMapping": { "additionalProperties": false, "properties": { - "ContainsHeader": { - "markdownDescription": "Whether the file has a header row, or the files each have a header row.", - "title": "ContainsHeader", - "type": "boolean" - }, - "Delimiter": { - "markdownDescription": "The delimiter between values in the file.", - "title": "Delimiter", + "MeasureName": { + "markdownDescription": "Target measure name for the measurement attribute in the Timestream table.", + "title": "MeasureName", "type": "string" }, - "Format": { - "markdownDescription": "File format.", - "title": "Format", + "MeasureValue": { + "markdownDescription": "Dynamic path of the source field to map to the measure in the record.", + "title": "MeasureValue", "type": "string" }, - "StartFromRow": { - "markdownDescription": "A row number to start reading data from.", - "title": "StartFromRow", - "type": "number" - }, - "TextQualifier": { - "markdownDescription": "Text qualifier.", - "title": "TextQualifier", + "MeasureValueType": { + "markdownDescription": "Data type of the source field.", + "title": "MeasureValueType", "type": "string" } }, + "required": [ + "MeasureName", + "MeasureValue", + "MeasureValueType" + ], "type": "object" }, - "AWS::QuickSight::DataSource": { + "AWS::Proton::EnvironmentAccountConnection": { "additionalProperties": false, "properties": { "Condition": { @@ -209161,81 +217414,50 @@ "Properties": { "additionalProperties": false, "properties": { - "AlternateDataSourceParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.DataSourceParameters" - }, - "markdownDescription": "A set of alternate data source parameters that you want to share for the credentials stored with this data source. The credentials are applied in tandem with the data source parameters when you copy a data source by using a create or update request. The API operation compares the `DataSourceParameters` structure that's in the request with the structures in the `AlternateDataSourceParameters` allow list. If the structures are an exact match, the request is allowed to use the credentials from this existing data source. If the `AlternateDataSourceParameters` list is null, the `Credentials` originally used with this `DataSourceParameters` are automatically allowed.", - "title": "AlternateDataSourceParameters", - "type": "array" - }, - "AwsAccountId": { - "markdownDescription": "The AWS account ID.", - "title": "AwsAccountId", + "CodebuildRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM service role in the environment account. AWS Proton uses this role to provision infrastructure resources using CodeBuild-based provisioning in the associated environment account.", + "title": "CodebuildRoleArn", "type": "string" }, - "Credentials": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.DataSourceCredentials", - "markdownDescription": "The credentials Amazon QuickSight that uses to connect to your underlying source. Currently, only credentials based on user name and password are supported.", - "title": "Credentials" - }, - "DataSourceId": { - "markdownDescription": "An ID for the data source. This ID is unique per AWS Region for each AWS account.", - "title": "DataSourceId", + "ComponentRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM service role that AWS Proton uses when provisioning directly defined components in the associated environment account. It determines the scope of infrastructure that a component can provision in the account.\n\nThe environment account connection must have a `componentRoleArn` to allow directly defined components to be associated with any environments running in the account.\n\nFor more information about components, see [AWS Proton components](https://docs.aws.amazon.com/proton/latest/userguide/ag-components.html) in the *AWS Proton User Guide* .", + "title": "ComponentRoleArn", "type": "string" }, - "DataSourceParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.DataSourceParameters", - "markdownDescription": "The parameters that Amazon QuickSight uses to connect to your underlying source.", - "title": "DataSourceParameters" - }, - "ErrorInfo": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.DataSourceErrorInfo", - "markdownDescription": "Error information from the last update or the creation of the data source.", - "title": "ErrorInfo" + "EnvironmentAccountId": { + "markdownDescription": "The environment account that's connected to the environment account connection.", + "title": "EnvironmentAccountId", + "type": "string" }, - "Name": { - "markdownDescription": "A display name for the data source.", - "title": "Name", + "EnvironmentName": { + "markdownDescription": "The name of the environment that's associated with the environment account connection.", + "title": "EnvironmentName", "type": "string" }, - "Permissions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.ResourcePermission" - }, - "markdownDescription": "A list of resource permissions on the data source.", - "title": "Permissions", - "type": "array" + "ManagementAccountId": { + "markdownDescription": "The ID of the management account that's connected to the environment account connection.", + "title": "ManagementAccountId", + "type": "string" }, - "SslProperties": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.SslProperties", - "markdownDescription": "Secure Socket Layer (SSL) properties that apply when Amazon QuickSight connects to your underlying source.", - "title": "SslProperties" + "RoleArn": { + "markdownDescription": "The IAM service role that's associated with the environment account connection.", + "title": "RoleArn", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Contains a map of the key-value pairs for the resource tag or tags assigned to the data source.", + "markdownDescription": "An optional list of metadata items that you can associate with the AWS Proton environment account connection. A tag is a key-value pair.\n\nFor more information, see [AWS Proton resources and tagging](https://docs.aws.amazon.com/proton/latest/userguide/resources.html) in the *AWS Proton User Guide* .", "title": "Tags", "type": "array" - }, - "Type": { - "markdownDescription": "The type of the data source. To return a list of all data sources, use `ListDataSources` .\n\nUse `AMAZON_ELASTICSEARCH` for Amazon OpenSearch Service.", - "title": "Type", - "type": "string" - }, - "VpcConnectionProperties": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.VpcConnectionProperties", - "markdownDescription": "Use this parameter only when you want Amazon QuickSight to use a VPC connection when connecting to your underlying source.", - "title": "VpcConnectionProperties" } }, "type": "object" }, "Type": { "enum": [ - "AWS::QuickSight::DataSource" + "AWS::Proton::EnvironmentAccountConnection" ], "type": "string" }, @@ -209253,721 +217475,1074 @@ ], "type": "object" }, - "AWS::QuickSight::DataSource.AmazonElasticsearchParameters": { + "AWS::Proton::EnvironmentTemplate": { "additionalProperties": false, "properties": { - "Domain": { - "markdownDescription": "The OpenSearch domain.", - "title": "Domain", + "Condition": { "type": "string" - } - }, - "required": [ - "Domain" - ], - "type": "object" - }, - "AWS::QuickSight::DataSource.AmazonOpenSearchParameters": { - "additionalProperties": false, - "properties": { - "Domain": { - "markdownDescription": "The OpenSearch domain.", - "title": "Domain", + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "required": [ - "Domain" - ], - "type": "object" - }, - "AWS::QuickSight::DataSource.AthenaParameters": { - "additionalProperties": false, - "properties": { - "RoleArn": { - "markdownDescription": "Use the `RoleArn` structure to override an account-wide role for a specific Athena data source. For example, say an account administrator has turned off all Athena access with an account-wide role. The administrator can then use `RoleArn` to bypass the account-wide role and allow Athena access for the single Athena data source that is specified in the structure, even if the account-wide role forbidding Athena access is still active.", - "title": "RoleArn", + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the environment template.", + "title": "Description", + "type": "string" + }, + "DisplayName": { + "markdownDescription": "The name of the environment template as displayed in the developer interface.", + "title": "DisplayName", + "type": "string" + }, + "EncryptionKey": { + "markdownDescription": "The customer provided encryption key for the environment template.", + "title": "EncryptionKey", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the environment template.", + "title": "Name", + "type": "string" + }, + "Provisioning": { + "markdownDescription": "When included, indicates that the environment template is for customer provisioned and managed infrastructure.", + "title": "Provisioning", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An optional list of metadata items that you can associate with the AWS Proton environment template. A tag is a key-value pair.\n\nFor more information, see [AWS Proton resources and tagging](https://docs.aws.amazon.com/proton/latest/userguide/resources.html) in the *AWS Proton User Guide* .", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Proton::EnvironmentTemplate" + ], "type": "string" }, - "WorkGroup": { - "markdownDescription": "The workgroup that Amazon Athena uses.", - "title": "WorkGroup", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::QuickSight::DataSource.AuroraParameters": { + "AWS::Proton::ServiceTemplate": { "additionalProperties": false, "properties": { - "Database": { - "markdownDescription": "Database.", - "title": "Database", + "Condition": { "type": "string" }, - "Host": { - "markdownDescription": "Host.", - "title": "Host", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Port": { - "markdownDescription": "Port.", - "title": "Port", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the service template.", + "title": "Description", + "type": "string" + }, + "DisplayName": { + "markdownDescription": "The service template name as displayed in the developer interface.", + "title": "DisplayName", + "type": "string" + }, + "EncryptionKey": { + "markdownDescription": "The customer provided service template encryption key that's used to encrypt data.", + "title": "EncryptionKey", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the service template.", + "title": "Name", + "type": "string" + }, + "PipelineProvisioning": { + "markdownDescription": "If `pipelineProvisioning` is `true` , a service pipeline is included in the service template. Otherwise, a service pipeline *isn't* included in the service template.", + "title": "PipelineProvisioning", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An object that includes the template bundle S3 bucket path and name for the new version of a service template.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Proton::ServiceTemplate" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Database", - "Host", - "Port" + "Type" ], "type": "object" }, - "AWS::QuickSight::DataSource.AuroraPostgreSqlParameters": { + "AWS::QBusiness::Application": { "additionalProperties": false, "properties": { - "Database": { - "markdownDescription": "The Amazon Aurora PostgreSQL database to connect to.", - "title": "Database", + "Condition": { "type": "string" }, - "Host": { - "markdownDescription": "The Amazon Aurora PostgreSQL-Compatible host to connect to.", - "title": "Host", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Port": { - "markdownDescription": "The port that Amazon Aurora PostgreSQL is listening on.", - "title": "Port", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AttachmentsConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::Application.AttachmentsConfiguration", + "markdownDescription": "Configuration information for the file upload during chat feature.", + "title": "AttachmentsConfiguration" + }, + "AutoSubscriptionConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::Application.AutoSubscriptionConfiguration", + "markdownDescription": "Subscription configuration information for an Amazon Q Business application using IAM identity federation for user management.", + "title": "AutoSubscriptionConfiguration" + }, + "ClientIdsForOIDC": { + "items": { + "type": "string" + }, + "markdownDescription": "The OIDC client ID for a Amazon Q Business application.", + "title": "ClientIdsForOIDC", + "type": "array" + }, + "Description": { + "markdownDescription": "A description for the Amazon Q Business application.", + "title": "Description", + "type": "string" + }, + "DisplayName": { + "markdownDescription": "The name of the Amazon Q Business application.", + "title": "DisplayName", + "type": "string" + }, + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::Application.EncryptionConfiguration", + "markdownDescription": "Provides the identifier of the AWS KMS key used to encrypt data indexed by Amazon Q Business. Amazon Q Business doesn't support asymmetric keys.", + "title": "EncryptionConfiguration" + }, + "IamIdentityProviderArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an identity provider being used by an Amazon Q Business application.", + "title": "IamIdentityProviderArn", + "type": "string" + }, + "IdentityCenterInstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM Identity Center instance you are either creating for\u2014or connecting to\u2014your Amazon Q Business application.\n\n*Required* : `Yes`", + "title": "IdentityCenterInstanceArn", + "type": "string" + }, + "IdentityType": { + "markdownDescription": "The authentication type being used by a Amazon Q Business application.", + "title": "IdentityType", + "type": "string" + }, + "PersonalizationConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::Application.PersonalizationConfiguration", + "markdownDescription": "Configuration information about chat response personalization. For more information, see [Personalizing chat responses](https://docs.aws.amazon.com/amazonq/latest/qbusiness-ug/personalizing-chat-responses.html) .", + "title": "PersonalizationConfiguration" + }, + "QAppsConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::Application.QAppsConfiguration", + "markdownDescription": "Configuration information about Amazon Q Apps.", + "title": "QAppsConfiguration" + }, + "QuickSightConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::Application.QuickSightConfiguration", + "markdownDescription": "The Amazon QuickSight configuration for an Amazon Q Business application that uses QuickSight as the identity provider.", + "title": "QuickSightConfiguration" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role with permissions to access your Amazon CloudWatch logs and metrics. If this property is not specified, Amazon Q Business will create a [service linked role (SLR)](https://docs.aws.amazon.com/amazonq/latest/qbusiness-ug/using-service-linked-roles.html#slr-permissions) and use it as the application's role.", + "title": "RoleArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs that identify or categorize your Amazon Q Business application. You can also use tags to help control access to the application. Tag keys and values can consist of Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "DisplayName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QBusiness::Application" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Database", - "Host", - "Port" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::DataSource.CredentialPair": { + "AWS::QBusiness::Application.AttachmentsConfiguration": { "additionalProperties": false, "properties": { - "AlternateDataSourceParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.DataSourceParameters" - }, - "markdownDescription": "A set of alternate data source parameters that you want to share for these credentials. The credentials are applied in tandem with the data source parameters when you copy a data source by using a create or update request. The API operation compares the `DataSourceParameters` structure that's in the request with the structures in the `AlternateDataSourceParameters` allow list. If the structures are an exact match, the request is allowed to use the new data source with the existing credentials. If the `AlternateDataSourceParameters` list is null, the `DataSourceParameters` originally used with these `Credentials` is automatically allowed.", - "title": "AlternateDataSourceParameters", - "type": "array" - }, - "Password": { - "markdownDescription": "Password.", - "title": "Password", - "type": "string" - }, - "Username": { - "markdownDescription": "User name.", - "title": "Username", + "AttachmentsControlMode": { + "markdownDescription": "Status information about whether file upload functionality is activated or deactivated for your end user.", + "title": "AttachmentsControlMode", "type": "string" } }, "required": [ - "Password", - "Username" + "AttachmentsControlMode" ], "type": "object" }, - "AWS::QuickSight::DataSource.DataSourceCredentials": { + "AWS::QBusiness::Application.AutoSubscriptionConfiguration": { "additionalProperties": false, "properties": { - "CopySourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of a data source that has the credential pair that you want to use. When `CopySourceArn` is not null, the credential pair from the data source in the ARN is used as the credentials for the `DataSourceCredentials` structure.", - "title": "CopySourceArn", + "AutoSubscribe": { + "markdownDescription": "Describes whether automatic subscriptions are enabled for an Amazon Q Business application using IAM identity federation for user management.", + "title": "AutoSubscribe", "type": "string" }, - "CredentialPair": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.CredentialPair", - "markdownDescription": "Credential pair. For more information, see `[CredentialPair](https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CredentialPair.html)` .", - "title": "CredentialPair" - }, - "SecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the secret associated with the data source in AWS Secrets Manager .", - "title": "SecretArn", + "DefaultSubscriptionType": { + "markdownDescription": "Describes the default subscription type assigned to an Amazon Q Business application using IAM identity federation for user management. If the value for `autoSubscribe` is set to `ENABLED` you must select a value for this field.", + "title": "DefaultSubscriptionType", "type": "string" } }, + "required": [ + "AutoSubscribe" + ], "type": "object" }, - "AWS::QuickSight::DataSource.DataSourceErrorInfo": { + "AWS::QBusiness::Application.EncryptionConfiguration": { "additionalProperties": false, "properties": { - "Message": { - "markdownDescription": "Error message.", - "title": "Message", - "type": "string" - }, - "Type": { - "markdownDescription": "Error type.", - "title": "Type", + "KmsKeyId": { + "markdownDescription": "The identifier of the AWS KMS key. Amazon Q Business doesn't support asymmetric keys.", + "title": "KmsKeyId", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::DataSource.DataSourceParameters": { + "AWS::QBusiness::Application.PersonalizationConfiguration": { "additionalProperties": false, "properties": { - "AmazonElasticsearchParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.AmazonElasticsearchParameters", - "markdownDescription": "The parameters for OpenSearch.", - "title": "AmazonElasticsearchParameters" - }, - "AmazonOpenSearchParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.AmazonOpenSearchParameters", - "markdownDescription": "The parameters for OpenSearch.", - "title": "AmazonOpenSearchParameters" - }, - "AthenaParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.AthenaParameters", - "markdownDescription": "The parameters for Amazon Athena.", - "title": "AthenaParameters" - }, - "AuroraParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.AuroraParameters", - "markdownDescription": "The parameters for Amazon Aurora MySQL.", - "title": "AuroraParameters" - }, - "AuroraPostgreSqlParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.AuroraPostgreSqlParameters", - "markdownDescription": "The parameters for Amazon Aurora.", - "title": "AuroraPostgreSqlParameters" - }, - "DatabricksParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.DatabricksParameters", - "markdownDescription": "The required parameters that are needed to connect to a Databricks data source.", - "title": "DatabricksParameters" - }, - "MariaDbParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.MariaDbParameters", - "markdownDescription": "The parameters for MariaDB.", - "title": "MariaDbParameters" - }, - "MySqlParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.MySqlParameters", - "markdownDescription": "The parameters for MySQL.", - "title": "MySqlParameters" - }, - "OracleParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.OracleParameters", - "markdownDescription": "Oracle parameters.", - "title": "OracleParameters" - }, - "PostgreSqlParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.PostgreSqlParameters", - "markdownDescription": "The parameters for PostgreSQL.", - "title": "PostgreSqlParameters" - }, - "PrestoParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.PrestoParameters", - "markdownDescription": "The parameters for Presto.", - "title": "PrestoParameters" - }, - "RdsParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.RdsParameters", - "markdownDescription": "The parameters for Amazon RDS.", - "title": "RdsParameters" - }, - "RedshiftParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.RedshiftParameters", - "markdownDescription": "The parameters for Amazon Redshift.", - "title": "RedshiftParameters" - }, - "S3Parameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.S3Parameters", - "markdownDescription": "The parameters for S3.", - "title": "S3Parameters" - }, - "SnowflakeParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.SnowflakeParameters", - "markdownDescription": "The parameters for Snowflake.", - "title": "SnowflakeParameters" - }, - "SparkParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.SparkParameters", - "markdownDescription": "The parameters for Spark.", - "title": "SparkParameters" - }, - "SqlServerParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.SqlServerParameters", - "markdownDescription": "The parameters for SQL Server.", - "title": "SqlServerParameters" - }, - "StarburstParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.StarburstParameters", - "markdownDescription": "The parameters that are required to connect to a Starburst data source.", - "title": "StarburstParameters" - }, - "TeradataParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.TeradataParameters", - "markdownDescription": "The parameters for Teradata.", - "title": "TeradataParameters" - }, - "TrinoParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.TrinoParameters", - "markdownDescription": "The parameters that are required to connect to a Trino data source.", - "title": "TrinoParameters" + "PersonalizationControlMode": { + "markdownDescription": "An option to allow Amazon Q Business to customize chat responses using user specific metadata\u2014specifically, location and job information\u2014in your IAM Identity Center instance.", + "title": "PersonalizationControlMode", + "type": "string" } }, + "required": [ + "PersonalizationControlMode" + ], "type": "object" }, - "AWS::QuickSight::DataSource.DatabricksParameters": { + "AWS::QBusiness::Application.QAppsConfiguration": { "additionalProperties": false, "properties": { - "Host": { - "markdownDescription": "The host name of the Databricks data source.", - "title": "Host", - "type": "string" - }, - "Port": { - "markdownDescription": "The port for the Databricks data source.", - "title": "Port", - "type": "number" - }, - "SqlEndpointPath": { - "markdownDescription": "The HTTP path of the Databricks data source.", - "title": "SqlEndpointPath", + "QAppsControlMode": { + "markdownDescription": "Status information about whether end users can create and use Amazon Q Apps in the web experience.", + "title": "QAppsControlMode", "type": "string" } }, "required": [ - "Host", - "Port", - "SqlEndpointPath" + "QAppsControlMode" ], "type": "object" }, - "AWS::QuickSight::DataSource.ManifestFileLocation": { + "AWS::QBusiness::Application.QuickSightConfiguration": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "Amazon S3 bucket.", - "title": "Bucket", - "type": "string" - }, - "Key": { - "markdownDescription": "Amazon S3 key that identifies an object.", - "title": "Key", + "ClientNamespace": { + "markdownDescription": "The Amazon QuickSight namespace that is used as the identity provider. For more information about QuickSight namespaces, see [Namespace operations](https://docs.aws.amazon.com/quicksight/latest/developerguide/namespace-operations.html) .", + "title": "ClientNamespace", "type": "string" } }, "required": [ - "Bucket", - "Key" + "ClientNamespace" ], "type": "object" }, - "AWS::QuickSight::DataSource.MariaDbParameters": { + "AWS::QBusiness::DataAccessor": { "additionalProperties": false, "properties": { - "Database": { - "markdownDescription": "Database.", - "title": "Database", + "Condition": { "type": "string" }, - "Host": { - "markdownDescription": "Host.", - "title": "Host", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Port": { - "markdownDescription": "Port.", - "title": "Port", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ActionConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.ActionConfiguration" + }, + "markdownDescription": "A list of action configurations specifying the allowed actions and any associated filters.", + "title": "ActionConfigurations", + "type": "array" + }, + "ApplicationId": { + "markdownDescription": "The unique identifier of the Amazon Q Business application.", + "title": "ApplicationId", + "type": "string" + }, + "AuthenticationDetail": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.DataAccessorAuthenticationDetail", + "markdownDescription": "The authentication configuration details for the data accessor. This specifies how the ISV authenticates when accessing data through this data accessor.", + "title": "AuthenticationDetail" + }, + "DisplayName": { + "markdownDescription": "The friendly name of the data accessor.", + "title": "DisplayName", + "type": "string" + }, + "Principal": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role for the ISV associated with this data accessor.", + "title": "Principal", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to associate with the data accessor.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "ActionConfigurations", + "ApplicationId", + "DisplayName", + "Principal" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QBusiness::DataAccessor" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Database", - "Host", - "Port" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::DataSource.MySqlParameters": { + "AWS::QBusiness::DataAccessor.ActionConfiguration": { "additionalProperties": false, "properties": { - "Database": { - "markdownDescription": "Database.", - "title": "Database", - "type": "string" - }, - "Host": { - "markdownDescription": "Host.", - "title": "Host", + "Action": { + "markdownDescription": "The Amazon Q Business action that is allowed.", + "title": "Action", "type": "string" }, - "Port": { - "markdownDescription": "Port.", - "title": "Port", - "type": "number" + "FilterConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.ActionFilterConfiguration", + "markdownDescription": "The filter configuration for the action, if any.", + "title": "FilterConfiguration" } }, "required": [ - "Database", - "Host", - "Port" + "Action" ], "type": "object" }, - "AWS::QuickSight::DataSource.OracleParameters": { + "AWS::QBusiness::DataAccessor.ActionFilterConfiguration": { "additionalProperties": false, "properties": { - "Database": { - "markdownDescription": "Database.", - "title": "Database", - "type": "string" + "DocumentAttributeFilter": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.AttributeFilter", + "markdownDescription": "Enables filtering of responses based on document attributes or metadata fields.", + "title": "DocumentAttributeFilter" + } + }, + "required": [ + "DocumentAttributeFilter" + ], + "type": "object" + }, + "AWS::QBusiness::DataAccessor.AttributeFilter": { + "additionalProperties": false, + "properties": { + "AndAllFilters": { + "items": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.AttributeFilter" + }, + "markdownDescription": "Performs a logical `AND` operation on all supplied filters.", + "title": "AndAllFilters", + "type": "array" }, - "Host": { - "markdownDescription": "Host.", - "title": "Host", - "type": "string" + "ContainsAll": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.DocumentAttribute", + "markdownDescription": "Returns `true` when a document contains all the specified document attributes or metadata fields. Supported for the following [document attribute value types](https://docs.aws.amazon.com/amazonq/latest/api-reference/API_DocumentAttributeValue.html) : `stringListValue` .", + "title": "ContainsAll" }, - "Port": { - "markdownDescription": "Port.", - "title": "Port", - "type": "number" + "ContainsAny": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.DocumentAttribute", + "markdownDescription": "Returns `true` when a document contains any of the specified document attributes or metadata fields. Supported for the following [document attribute value types](https://docs.aws.amazon.com/amazonq/latest/api-reference/API_DocumentAttributeValue.html) : `stringListValue` .", + "title": "ContainsAny" + }, + "EqualsTo": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.DocumentAttribute", + "markdownDescription": "Performs an equals operation on two document attributes or metadata fields. Supported for the following [document attribute value types](https://docs.aws.amazon.com/amazonq/latest/api-reference/API_DocumentAttributeValue.html) : `dateValue` , `longValue` , `stringListValue` and `stringValue` .", + "title": "EqualsTo" + }, + "GreaterThan": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.DocumentAttribute", + "markdownDescription": "Performs a greater than operation on two document attributes or metadata fields. Supported for the following [document attribute value types](https://docs.aws.amazon.com/amazonq/latest/api-reference/API_DocumentAttributeValue.html) : `dateValue` and `longValue` .", + "title": "GreaterThan" + }, + "GreaterThanOrEquals": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.DocumentAttribute", + "markdownDescription": "Performs a greater or equals than operation on two document attributes or metadata fields. Supported for the following [document attribute value types](https://docs.aws.amazon.com/amazonq/latest/api-reference/API_DocumentAttributeValue.html) : `dateValue` and `longValue` .", + "title": "GreaterThanOrEquals" + }, + "LessThan": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.DocumentAttribute", + "markdownDescription": "Performs a less than operation on two document attributes or metadata fields. Supported for the following [document attribute value types](https://docs.aws.amazon.com/amazonq/latest/api-reference/API_DocumentAttributeValue.html) : `dateValue` and `longValue` .", + "title": "LessThan" + }, + "LessThanOrEquals": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.DocumentAttribute", + "markdownDescription": "Performs a less than or equals operation on two document attributes or metadata fields.Supported for the following [document attribute value type](https://docs.aws.amazon.com/amazonq/latest/api-reference/API_DocumentAttributeValue.html) : `dateValue` and `longValue` .", + "title": "LessThanOrEquals" + }, + "NotFilter": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.AttributeFilter", + "markdownDescription": "Performs a logical `NOT` operation on all supplied filters.", + "title": "NotFilter" + }, + "OrAllFilters": { + "items": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.AttributeFilter" + }, + "markdownDescription": "Performs a logical `OR` operation on all supplied filters.", + "title": "OrAllFilters", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QBusiness::DataAccessor.DataAccessorAuthenticationConfiguration": { + "additionalProperties": false, + "properties": { + "IdcTrustedTokenIssuerConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.DataAccessorIdcTrustedTokenIssuerConfiguration", + "markdownDescription": "Configuration for IAM Identity Center Trusted Token Issuer (TTI) authentication used when the authentication type is `AWS_IAM_IDC_TTI` .", + "title": "IdcTrustedTokenIssuerConfiguration" } }, "required": [ - "Database", - "Host", - "Port" + "IdcTrustedTokenIssuerConfiguration" ], "type": "object" }, - "AWS::QuickSight::DataSource.PostgreSqlParameters": { + "AWS::QBusiness::DataAccessor.DataAccessorAuthenticationDetail": { "additionalProperties": false, "properties": { - "Database": { - "markdownDescription": "Database.", - "title": "Database", - "type": "string" + "AuthenticationConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.DataAccessorAuthenticationConfiguration", + "markdownDescription": "The specific authentication configuration based on the authentication type.", + "title": "AuthenticationConfiguration" }, - "Host": { - "markdownDescription": "Host.", - "title": "Host", + "AuthenticationType": { + "markdownDescription": "The type of authentication to use for the data accessor. This determines how the ISV authenticates when accessing data. You can use one of two authentication types:\n\n- `AWS_IAM_IDC_TTI` - Authentication using IAM Identity Center Trusted Token Issuer (TTI). This authentication type allows the ISV to use a trusted token issuer to generate tokens for accessing the data.\n- `AWS_IAM_IDC_AUTH_CODE` - Authentication using IAM Identity Center authorization code flow. This authentication type uses the standard OAuth 2.0 authorization code flow for authentication.", + "title": "AuthenticationType", "type": "string" }, - "Port": { - "markdownDescription": "Port.", - "title": "Port", - "type": "number" + "ExternalIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of external identifiers associated with this authentication configuration. These are used to correlate the data accessor with external systems.", + "title": "ExternalIds", + "type": "array" } }, "required": [ - "Database", - "Host", - "Port" + "AuthenticationType" ], "type": "object" }, - "AWS::QuickSight::DataSource.PrestoParameters": { + "AWS::QBusiness::DataAccessor.DataAccessorIdcTrustedTokenIssuerConfiguration": { "additionalProperties": false, "properties": { - "Catalog": { - "markdownDescription": "Catalog.", - "title": "Catalog", + "IdcTrustedTokenIssuerArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM Identity Center Trusted Token Issuer that will be used for authentication.", + "title": "IdcTrustedTokenIssuerArn", "type": "string" - }, - "Host": { - "markdownDescription": "Host.", - "title": "Host", + } + }, + "required": [ + "IdcTrustedTokenIssuerArn" + ], + "type": "object" + }, + "AWS::QBusiness::DataAccessor.DocumentAttribute": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The identifier for the attribute.", + "title": "Name", "type": "string" }, - "Port": { - "markdownDescription": "Port.", - "title": "Port", - "type": "number" + "Value": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.DocumentAttributeValue", + "markdownDescription": "The value of the attribute.", + "title": "Value" } }, "required": [ - "Catalog", - "Host", - "Port" + "Name", + "Value" ], "type": "object" }, - "AWS::QuickSight::DataSource.RdsParameters": { + "AWS::QBusiness::DataAccessor.DocumentAttributeValue": { "additionalProperties": false, "properties": { - "Database": { - "markdownDescription": "Database.", - "title": "Database", + "DateValue": { + "markdownDescription": "A date expressed as an ISO 8601 string.\n\nIt's important for the time zone to be included in the ISO 8601 date-time format. For example, 2012-03-25T12:30:10+01:00 is the ISO 8601 date-time format for March 25th 2012 at 12:30PM (plus 10 seconds) in Central European Time.", + "title": "DateValue", "type": "string" }, - "InstanceId": { - "markdownDescription": "Instance ID.", - "title": "InstanceId", + "LongValue": { + "markdownDescription": "A long integer value.", + "title": "LongValue", + "type": "number" + }, + "StringListValue": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of strings.", + "title": "StringListValue", + "type": "array" + }, + "StringValue": { + "markdownDescription": "A string.", + "title": "StringValue", "type": "string" } }, - "required": [ - "Database", - "InstanceId" - ], "type": "object" }, - "AWS::QuickSight::DataSource.RedshiftParameters": { + "AWS::QBusiness::DataSource": { "additionalProperties": false, "properties": { - "ClusterId": { - "markdownDescription": "Cluster ID. This field can be blank if the `Host` and `Port` are provided.", - "title": "ClusterId", + "Condition": { "type": "string" }, - "Database": { - "markdownDescription": "Database.", - "title": "Database", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Host": { - "markdownDescription": "Host. This field can be blank if `ClusterId` is provided.", - "title": "Host", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The identifier of the Amazon Q Business application the data source will be attached to.", + "title": "ApplicationId", + "type": "string" + }, + "Configuration": { + "markdownDescription": "Use this property to specify a JSON or YAML schema with configuration properties specific to your data source connector to connect your data source repository to Amazon Q Business . You must use the JSON or YAML schema provided by Amazon Q .\n\nThe following links have the configuration properties and schemas for AWS CloudFormation for the following connectors:\n\n- [Amazon Simple Storage Service](https://docs.aws.amazon.com/amazonq/latest/qbusiness-ug/s3-cfn.html)\n- [Amazon Q Web Crawler](https://docs.aws.amazon.com/amazonq/latest/qbusiness-ug/web-crawler-cfn.html)\n\nSimilarly, you can find configuration templates and properties for your specific data source using the following steps:\n\n- Navigate to the [Supported connectors](https://docs.aws.amazon.com/amazonq/latest/business-use-dg/connectors-list.html) page in the Amazon Q Business User Guide, and select the data source connector of your choice.\n- Then, from that specific data source connector's page, choose the topic containing *Using AWS CloudFormation* to find the schemas for your data source connector, including configuration parameter descriptions and examples.", + "title": "Configuration", + "type": "object" + }, + "Description": { + "markdownDescription": "A description for the data source connector.", + "title": "Description", + "type": "string" + }, + "DisplayName": { + "markdownDescription": "The name of the Amazon Q Business data source.", + "title": "DisplayName", + "type": "string" + }, + "DocumentEnrichmentConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.DocumentEnrichmentConfiguration", + "markdownDescription": "Provides the configuration information for altering document metadata and content during the document ingestion process.\n\nFor more information, see [Custom document enrichment](https://docs.aws.amazon.com/amazonq/latest/business-use-dg/custom-document-enrichment.html) .", + "title": "DocumentEnrichmentConfiguration" + }, + "IndexId": { + "markdownDescription": "The identifier of the index the data source is attached to.", + "title": "IndexId", + "type": "string" + }, + "MediaExtractionConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.MediaExtractionConfiguration", + "markdownDescription": "The configuration for extracting information from media in documents.", + "title": "MediaExtractionConfiguration" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role with permission to access the data source and required resources.", + "title": "RoleArn", + "type": "string" + }, + "SyncSchedule": { + "markdownDescription": "Sets the frequency for Amazon Q Business to check the documents in your data source repository and update your index. If you don't set a schedule, Amazon Q Business won't periodically update the index.\n\nSpecify a `cron-` format schedule string or an empty string to indicate that the index is updated on demand. You can't specify the `Schedule` parameter when the `Type` parameter is set to `CUSTOM` . If you do, you receive a `ValidationException` exception.", + "title": "SyncSchedule", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs that identify or categorize the data source connector. You can also use tags to help control access to the data source connector. Tag keys and values can consist of Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @.", + "title": "Tags", + "type": "array" + }, + "VpcConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.DataSourceVpcConfiguration", + "markdownDescription": "Configuration information for an Amazon VPC (Virtual Private Cloud) to connect to your data source. For more information, see [Using Amazon VPC with Amazon Q Business connectors](https://docs.aws.amazon.com/amazonq/latest/business-use-dg/connector-vpc.html) .", + "title": "VpcConfiguration" + } + }, + "required": [ + "ApplicationId", + "Configuration", + "DisplayName", + "IndexId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QBusiness::DataSource" + ], "type": "string" }, - "Port": { - "markdownDescription": "Port. This field can be blank if the `ClusterId` is provided.", - "title": "Port", - "type": "number" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Database" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::DataSource.ResourcePermission": { + "AWS::QBusiness::DataSource.AudioExtractionConfiguration": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "type": "string" - }, - "markdownDescription": "The IAM action to grant or revoke permissions on.", - "title": "Actions", - "type": "array" - }, - "Principal": { - "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", - "title": "Principal", + "AudioExtractionStatus": { + "markdownDescription": "The status of audio extraction (ENABLED or DISABLED) for processing audio content from files.", + "title": "AudioExtractionStatus", "type": "string" } }, "required": [ - "Actions", - "Principal" + "AudioExtractionStatus" ], "type": "object" }, - "AWS::QuickSight::DataSource.S3Parameters": { + "AWS::QBusiness::DataSource.DataSourceVpcConfiguration": { "additionalProperties": false, "properties": { - "ManifestFileLocation": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.ManifestFileLocation", - "markdownDescription": "Location of the Amazon S3 manifest file. This is NULL if the manifest file was uploaded into Amazon QuickSight.", - "title": "ManifestFileLocation" + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of identifiers of security groups within your Amazon VPC. The security groups should enable Amazon Q Business to connect to the data source.", + "title": "SecurityGroupIds", + "type": "array" }, - "RoleArn": { - "markdownDescription": "Use the `RoleArn` structure to override an account-wide role for a specific S3 data source. For example, say an account administrator has turned off all S3 access with an account-wide role. The administrator can then use `RoleArn` to bypass the account-wide role and allow S3 access for the single S3 data source that is specified in the structure, even if the account-wide role forbidding S3 access is still active.", - "title": "RoleArn", - "type": "string" + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of identifiers for subnets within your Amazon VPC. The subnets should be able to connect to each other in the VPC, and they should have outgoing access to the Internet through a NAT device.", + "title": "SubnetIds", + "type": "array" } }, "required": [ - "ManifestFileLocation" + "SecurityGroupIds", + "SubnetIds" ], "type": "object" }, - "AWS::QuickSight::DataSource.SnowflakeParameters": { + "AWS::QBusiness::DataSource.DocumentAttributeCondition": { "additionalProperties": false, "properties": { - "Database": { - "markdownDescription": "Database.", - "title": "Database", + "Key": { + "markdownDescription": "The identifier of the document attribute used for the condition.\n\nFor example, 'Source_URI' could be an identifier for the attribute or metadata field that contains source URIs associated with the documents.\n\nAmazon Q Business currently doesn't support `_document_body` as an attribute key used for the condition.", + "title": "Key", "type": "string" }, - "Host": { - "markdownDescription": "Host.", - "title": "Host", + "Operator": { + "markdownDescription": "The identifier of the document attribute used for the condition.\n\nFor example, 'Source_URI' could be an identifier for the attribute or metadata field that contains source URIs associated with the documents.\n\nAmazon Q Business currently does not support `_document_body` as an attribute key used for the condition.", + "title": "Operator", "type": "string" }, - "Warehouse": { - "markdownDescription": "Warehouse.", - "title": "Warehouse", - "type": "string" + "Value": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.DocumentAttributeValue", + "markdownDescription": "The value of a document attribute. You can only provide one value for a document attribute.", + "title": "Value" } }, "required": [ - "Database", - "Host", - "Warehouse" + "Key", + "Operator" ], "type": "object" }, - "AWS::QuickSight::DataSource.SparkParameters": { + "AWS::QBusiness::DataSource.DocumentAttributeTarget": { "additionalProperties": false, "properties": { - "Host": { - "markdownDescription": "Host.", - "title": "Host", + "AttributeValueOperator": { + "markdownDescription": "`TRUE` to delete the existing target value for your specified target attribute key. You cannot create a target value and set this to `TRUE` .", + "title": "AttributeValueOperator", "type": "string" }, - "Port": { - "markdownDescription": "Port.", - "title": "Port", - "type": "number" + "Key": { + "markdownDescription": "The identifier of the target document attribute or metadata field. For example, 'Department' could be an identifier for the target attribute or metadata field that includes the department names associated with the documents.", + "title": "Key", + "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.DocumentAttributeValue", + "markdownDescription": "The value of a document attribute. You can only provide one value for a document attribute.", + "title": "Value" } }, "required": [ - "Host", - "Port" + "Key" ], "type": "object" }, - "AWS::QuickSight::DataSource.SqlServerParameters": { + "AWS::QBusiness::DataSource.DocumentAttributeValue": { "additionalProperties": false, "properties": { - "Database": { - "markdownDescription": "Database.", - "title": "Database", - "type": "string" - }, - "Host": { - "markdownDescription": "Host.", - "title": "Host", + "DateValue": { + "markdownDescription": "A date expressed as an ISO 8601 string.\n\nIt's important for the time zone to be included in the ISO 8601 date-time format. For example, 2012-03-25T12:30:10+01:00 is the ISO 8601 date-time format for March 25th 2012 at 12:30PM (plus 10 seconds) in Central European Time.", + "title": "DateValue", "type": "string" }, - "Port": { - "markdownDescription": "Port.", - "title": "Port", + "LongValue": { + "markdownDescription": "A long integer value.", + "title": "LongValue", "type": "number" + }, + "StringListValue": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of strings.", + "title": "StringListValue", + "type": "array" + }, + "StringValue": { + "markdownDescription": "A string.", + "title": "StringValue", + "type": "string" } }, - "required": [ - "Database", - "Host", - "Port" - ], "type": "object" }, - "AWS::QuickSight::DataSource.SslProperties": { + "AWS::QBusiness::DataSource.DocumentEnrichmentConfiguration": { "additionalProperties": false, "properties": { - "DisableSsl": { - "markdownDescription": "A Boolean option to control whether SSL should be disabled.", - "title": "DisableSsl", - "type": "boolean" + "InlineConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.InlineDocumentEnrichmentConfiguration" + }, + "markdownDescription": "Configuration information to alter document attributes or metadata fields and content when ingesting documents into Amazon Q Business.", + "title": "InlineConfigurations", + "type": "array" + }, + "PostExtractionHookConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.HookConfiguration", + "markdownDescription": "Configuration information for invoking a Lambda function in AWS Lambda on the structured documents with their metadata and text extracted. You can use a Lambda function to apply advanced logic for creating, modifying, or deleting document metadata and content. For more information, see [Using Lambda functions](https://docs.aws.amazon.com/amazonq/latest/business-use-dg/cde-lambda-operations.html) .", + "title": "PostExtractionHookConfiguration" + }, + "PreExtractionHookConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.HookConfiguration", + "markdownDescription": "Configuration information for invoking a Lambda function in AWS Lambda on the original or raw documents before extracting their metadata and text. You can use a Lambda function to apply advanced logic for creating, modifying, or deleting document metadata and content. For more information, see [Using Lambda functions](https://docs.aws.amazon.com/amazonq/latest/business-use-dg/cde-lambda-operations.html) .", + "title": "PreExtractionHookConfiguration" } }, "type": "object" }, - "AWS::QuickSight::DataSource.StarburstParameters": { + "AWS::QBusiness::DataSource.HookConfiguration": { "additionalProperties": false, "properties": { - "Catalog": { - "markdownDescription": "The catalog name for the Starburst data source.", - "title": "Catalog", - "type": "string" + "InvocationCondition": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.DocumentAttributeCondition", + "markdownDescription": "The condition used for when a Lambda function should be invoked.\n\nFor example, you can specify a condition that if there are empty date-time values, then Amazon Q Business should invoke a function that inserts the current date-time.", + "title": "InvocationCondition" }, - "Host": { - "markdownDescription": "The host name of the Starburst data source.", - "title": "Host", + "LambdaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function during ingestion. For more information, see [Using Lambda functions for Amazon Q Business document enrichment](https://docs.aws.amazon.com/amazonq/latest/qbusiness-ug/cde-lambda-operations.html) .", + "title": "LambdaArn", "type": "string" }, - "Port": { - "markdownDescription": "The port for the Starburst data source.", - "title": "Port", - "type": "number" + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of a role with permission to run `PreExtractionHookConfiguration` and `PostExtractionHookConfiguration` for altering document metadata and content during the document ingestion process.", + "title": "RoleArn", + "type": "string" }, - "ProductType": { - "markdownDescription": "The product type for the Starburst data source.", - "title": "ProductType", + "S3BucketName": { + "markdownDescription": "Stores the original, raw documents or the structured, parsed documents before and after altering them. For more information, see [Data contracts for Lambda functions](https://docs.aws.amazon.com/amazonq/latest/business-use-dg/cde-lambda-operations.html#cde-lambda-operations-data-contracts) .", + "title": "S3BucketName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QBusiness::DataSource.ImageExtractionConfiguration": { + "additionalProperties": false, + "properties": { + "ImageExtractionStatus": { + "markdownDescription": "Specify whether to extract semantic meaning from images and visuals from documents.", + "title": "ImageExtractionStatus", "type": "string" } }, "required": [ - "Catalog", - "Host", - "Port" + "ImageExtractionStatus" ], "type": "object" }, - "AWS::QuickSight::DataSource.TeradataParameters": { + "AWS::QBusiness::DataSource.InlineDocumentEnrichmentConfiguration": { "additionalProperties": false, "properties": { - "Database": { - "markdownDescription": "Database.", - "title": "Database", - "type": "string" + "Condition": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.DocumentAttributeCondition", + "markdownDescription": "Configuration of the condition used for the target document attribute or metadata field when ingesting documents into Amazon Q Business .", + "title": "Condition" }, - "Host": { - "markdownDescription": "Host.", - "title": "Host", + "DocumentContentOperator": { + "markdownDescription": "`TRUE` to delete content if the condition used for the target attribute is met.", + "title": "DocumentContentOperator", "type": "string" }, - "Port": { - "markdownDescription": "Port.", - "title": "Port", - "type": "number" + "Target": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.DocumentAttributeTarget", + "markdownDescription": "Configuration of the target document attribute or metadata field when ingesting documents into Amazon Q Business . You can also include a value.", + "title": "Target" } }, - "required": [ - "Database", - "Host", - "Port" - ], "type": "object" }, - "AWS::QuickSight::DataSource.TrinoParameters": { + "AWS::QBusiness::DataSource.MediaExtractionConfiguration": { "additionalProperties": false, "properties": { - "Catalog": { - "markdownDescription": "The catalog name for the Trino data source.", - "title": "Catalog", - "type": "string" + "AudioExtractionConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.AudioExtractionConfiguration", + "markdownDescription": "Configuration settings for extracting and processing audio content from media files.", + "title": "AudioExtractionConfiguration" }, - "Host": { - "markdownDescription": "The host name of the Trino data source.", - "title": "Host", - "type": "string" + "ImageExtractionConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.ImageExtractionConfiguration", + "markdownDescription": "The configuration for extracting semantic meaning from images in documents. For more information, see [Extracting semantic meaning from images and visuals](https://docs.aws.amazon.com/amazonq/latest/qbusiness-ug/extracting-meaning-from-images.html) .", + "title": "ImageExtractionConfiguration" }, - "Port": { - "markdownDescription": "The port for the Trino data source.", - "title": "Port", - "type": "number" + "VideoExtractionConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.VideoExtractionConfiguration", + "markdownDescription": "Configuration settings for extracting and processing video content from media files.", + "title": "VideoExtractionConfiguration" } }, - "required": [ - "Catalog", - "Host", - "Port" - ], "type": "object" }, - "AWS::QuickSight::DataSource.VpcConnectionProperties": { + "AWS::QBusiness::DataSource.VideoExtractionConfiguration": { "additionalProperties": false, "properties": { - "VpcConnectionArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the VPC connection.", - "title": "VpcConnectionArn", + "VideoExtractionStatus": { + "markdownDescription": "The status of video extraction (ENABLED or DISABLED) for processing video content from files.", + "title": "VideoExtractionStatus", "type": "string" } }, "required": [ - "VpcConnectionArn" + "VideoExtractionStatus" ], "type": "object" }, - "AWS::QuickSight::RefreshSchedule": { + "AWS::QBusiness::Index": { "additionalProperties": false, "properties": { "Condition": { @@ -210002,27 +218577,57 @@ "Properties": { "additionalProperties": false, "properties": { - "AwsAccountId": { - "markdownDescription": "The AWS account ID of the account that you are creating a schedule in.", - "title": "AwsAccountId", + "ApplicationId": { + "markdownDescription": "The identifier of the Amazon Q Business application using the index.", + "title": "ApplicationId", "type": "string" }, - "DataSetId": { - "markdownDescription": "The ID of the dataset that you are creating a refresh schedule for.", - "title": "DataSetId", + "CapacityConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::Index.IndexCapacityConfiguration", + "markdownDescription": "The capacity units you want to provision for your index. You can add and remove capacity to fit your usage needs.", + "title": "CapacityConfiguration" + }, + "Description": { + "markdownDescription": "A description for the Amazon Q Business index.", + "title": "Description", "type": "string" }, - "Schedule": { - "$ref": "#/definitions/AWS::QuickSight::RefreshSchedule.RefreshScheduleMap", - "markdownDescription": "The refresh schedule of a dataset.", - "title": "Schedule" + "DisplayName": { + "markdownDescription": "The name of the index.", + "title": "DisplayName", + "type": "string" + }, + "DocumentAttributeConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QBusiness::Index.DocumentAttributeConfiguration" + }, + "markdownDescription": "Configuration information for document attributes. Document attributes are metadata or fields associated with your documents. For example, the company department name associated with each document.\n\nFor more information, see [Understanding document attributes](https://docs.aws.amazon.com/amazonq/latest/business-use-dg/doc-attributes.html) .", + "title": "DocumentAttributeConfigurations", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs that identify or categorize the index. You can also use tags to help control access to the index. Tag keys and values can consist of Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @.", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "The index type that's suitable for your needs. For more information on what's included in each type of index, see [Amazon Q Business tiers](https://docs.aws.amazon.com/amazonq/latest/qbusiness-ug/tiers.html#index-tiers) .", + "title": "Type", + "type": "string" } }, + "required": [ + "ApplicationId", + "DisplayName" + ], "type": "object" }, "Type": { "enum": [ - "AWS::QuickSight::RefreshSchedule" + "AWS::QBusiness::Index" ], "type": "string" }, @@ -210036,79 +218641,71 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::RefreshSchedule.RefreshOnDay": { + "AWS::QBusiness::Index.DocumentAttributeConfiguration": { "additionalProperties": false, "properties": { - "DayOfMonth": { - "markdownDescription": "The day of the month that you want your dataset to refresh. This value is required for monthly refresh intervals.", - "title": "DayOfMonth", + "Name": { + "markdownDescription": "The name of the document attribute.", + "title": "Name", "type": "string" }, - "DayOfWeek": { - "markdownDescription": "The day of the week that you want to schedule the refresh on. This value is required for weekly and monthly refresh intervals.", - "title": "DayOfWeek", + "Search": { + "markdownDescription": "Information about whether the document attribute can be used by an end user to search for information on their web experience.", + "title": "Search", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of document attribute.", + "title": "Type", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::RefreshSchedule.RefreshScheduleMap": { + "AWS::QBusiness::Index.IndexCapacityConfiguration": { "additionalProperties": false, "properties": { - "RefreshType": { - "markdownDescription": "The type of refresh that a dataset undergoes. Valid values are as follows:\n\n- `FULL_REFRESH` : A complete refresh of a dataset.\n- `INCREMENTAL_REFRESH` : A partial refresh of some rows of a dataset, based on the time window specified.\n\nFor more information on full and incremental refreshes, see [Refreshing SPICE data](https://docs.aws.amazon.com/quicksight/latest/user/refreshing-imported-data.html) in the *QuickSight User Guide* .", - "title": "RefreshType", - "type": "string" - }, - "ScheduleFrequency": { - "$ref": "#/definitions/AWS::QuickSight::RefreshSchedule.ScheduleFrequency", - "markdownDescription": "The frequency for the refresh schedule.", - "title": "ScheduleFrequency" - }, - "ScheduleId": { - "markdownDescription": "An identifier for the refresh schedule.", - "title": "ScheduleId", - "type": "string" - }, - "StartAfterDateTime": { - "markdownDescription": "Time after which the refresh schedule can be started, expressed in `YYYY-MM-DDTHH:MM:SS` format.", - "title": "StartAfterDateTime", - "type": "string" + "Units": { + "markdownDescription": "The number of storage units configured for an Amazon Q Business index.", + "title": "Units", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::RefreshSchedule.ScheduleFrequency": { + "AWS::QBusiness::Index.IndexStatistics": { "additionalProperties": false, "properties": { - "Interval": { - "markdownDescription": "The interval between scheduled refreshes. Valid values are as follows:\n\n- `MINUTE15` : The dataset refreshes every 15 minutes. This value is only supported for incremental refreshes. This interval can only be used for one schedule per dataset.\n- `MINUTE30` : The dataset refreshes every 30 minutes. This value is only supported for incremental refreshes. This interval can only be used for one schedule per dataset.\n- `HOURLY` : The dataset refreshes every hour. This interval can only be used for one schedule per dataset.\n- `DAILY` : The dataset refreshes every day.\n- `WEEKLY` : The dataset refreshes every week.\n- `MONTHLY` : The dataset refreshes every month.", - "title": "Interval", - "type": "string" - }, - "RefreshOnDay": { - "$ref": "#/definitions/AWS::QuickSight::RefreshSchedule.RefreshOnDay", - "markdownDescription": "The day of the week that you want to schedule the refresh on. This value is required for weekly and monthly refresh intervals.", - "title": "RefreshOnDay" - }, - "TimeOfTheDay": { - "markdownDescription": "The time of day that you want the dataset to refresh. This value is expressed in HH:MM format. This field is not required for schedules that refresh hourly.", - "title": "TimeOfTheDay", - "type": "string" + "TextDocumentStatistics": { + "$ref": "#/definitions/AWS::QBusiness::Index.TextDocumentStatistics", + "markdownDescription": "The number of documents indexed.", + "title": "TextDocumentStatistics" + } + }, + "type": "object" + }, + "AWS::QBusiness::Index.TextDocumentStatistics": { + "additionalProperties": false, + "properties": { + "IndexedTextBytes": { + "markdownDescription": "The total size, in bytes, of the indexed documents.", + "title": "IndexedTextBytes", + "type": "number" }, - "TimeZone": { - "markdownDescription": "The timezone that you want the refresh schedule to use. The timezone ID must match a corresponding ID found on `java.util.time.getAvailableIDs()` .", - "title": "TimeZone", - "type": "string" + "IndexedTextDocumentCount": { + "markdownDescription": "The number of text documents indexed.", + "title": "IndexedTextDocumentCount", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Template": { + "AWS::QBusiness::Permission": { "additionalProperties": false, "properties": { "Condition": { @@ -210143,67 +218740,1035 @@ "Properties": { "additionalProperties": false, "properties": { - "AwsAccountId": { - "markdownDescription": "The ID for the AWS account that the group is in. You use the ID for the AWS account that contains your Amazon QuickSight account.", - "title": "AwsAccountId", + "Actions": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of Amazon Q Business actions that the ISV is allowed to perform.", + "title": "Actions", + "type": "array" + }, + "ApplicationId": { + "markdownDescription": "The unique identifier of the Amazon Q Business application.", + "title": "ApplicationId", "type": "string" }, - "Definition": { - "$ref": "#/definitions/AWS::QuickSight::Template.TemplateVersionDefinition", + "Conditions": { + "items": { + "$ref": "#/definitions/AWS::QBusiness::Permission.Condition" + }, "markdownDescription": "", - "title": "Definition" + "title": "Conditions", + "type": "array" + }, + "Principal": { + "markdownDescription": "Provides user and group information used for filtering documents to use for generating Amazon Q Business conversation responses.", + "title": "Principal", + "type": "string" + }, + "StatementId": { + "markdownDescription": "A unique identifier for the policy statement.", + "title": "StatementId", + "type": "string" + } + }, + "required": [ + "Actions", + "ApplicationId", + "Principal", + "StatementId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QBusiness::Permission" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::QBusiness::Permission.Condition": { + "additionalProperties": false, + "properties": { + "ConditionKey": { + "markdownDescription": "", + "title": "ConditionKey", + "type": "string" + }, + "ConditionOperator": { + "markdownDescription": "", + "title": "ConditionOperator", + "type": "string" + }, + "ConditionValues": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "ConditionValues", + "type": "array" + } + }, + "required": [ + "ConditionKey", + "ConditionOperator", + "ConditionValues" + ], + "type": "object" + }, + "AWS::QBusiness::Plugin": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The identifier of the application that will contain the plugin.", + "title": "ApplicationId", + "type": "string" + }, + "AuthConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::Plugin.PluginAuthConfiguration", + "markdownDescription": "Authentication configuration information for an Amazon Q Business plugin.", + "title": "AuthConfiguration" + }, + "CustomPluginConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::Plugin.CustomPluginConfiguration", + "markdownDescription": "Configuration information required to create a custom plugin.", + "title": "CustomPluginConfiguration" + }, + "DisplayName": { + "markdownDescription": "The name of the plugin.", + "title": "DisplayName", + "type": "string" + }, + "ServerUrl": { + "markdownDescription": "The plugin server URL used for configuration.", + "title": "ServerUrl", + "type": "string" + }, + "State": { + "markdownDescription": "The current status of the plugin.", + "title": "State", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs that identify or categorize the data source connector. You can also use tags to help control access to the data source connector. Tag keys and values can consist of Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @.", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of the plugin.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "AuthConfiguration", + "DisplayName", + "Type" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QBusiness::Plugin" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::QBusiness::Plugin.APISchema": { + "additionalProperties": false, + "properties": { + "Payload": { + "markdownDescription": "The JSON or YAML-formatted payload defining the OpenAPI schema for a custom plugin.", + "title": "Payload", + "type": "string" + }, + "S3": { + "$ref": "#/definitions/AWS::QBusiness::Plugin.S3", + "markdownDescription": "Contains details about the S3 object containing the OpenAPI schema for a custom plugin. The schema could be in either JSON or YAML format.", + "title": "S3" + } + }, + "type": "object" + }, + "AWS::QBusiness::Plugin.BasicAuthConfiguration": { + "additionalProperties": false, + "properties": { + "RoleArn": { + "markdownDescription": "The ARN of an IAM role used by Amazon Q Business to access the basic authentication credentials stored in a Secrets Manager secret.", + "title": "RoleArn", + "type": "string" + }, + "SecretArn": { + "markdownDescription": "The ARN of the Secrets Manager secret that stores the basic authentication credentials used for plugin configuration..", + "title": "SecretArn", + "type": "string" + } + }, + "required": [ + "RoleArn", + "SecretArn" + ], + "type": "object" + }, + "AWS::QBusiness::Plugin.CustomPluginConfiguration": { + "additionalProperties": false, + "properties": { + "ApiSchema": { + "$ref": "#/definitions/AWS::QBusiness::Plugin.APISchema", + "markdownDescription": "Contains either details about the S3 object containing the OpenAPI schema for the action group or the JSON or YAML-formatted payload defining the schema.", + "title": "ApiSchema" + }, + "ApiSchemaType": { + "markdownDescription": "The type of OpenAPI schema to use.", + "title": "ApiSchemaType", + "type": "string" + }, + "Description": { + "markdownDescription": "A description for your custom plugin configuration.", + "title": "Description", + "type": "string" + } + }, + "required": [ + "ApiSchema", + "ApiSchemaType", + "Description" + ], + "type": "object" + }, + "AWS::QBusiness::Plugin.OAuth2ClientCredentialConfiguration": { + "additionalProperties": false, + "properties": { + "AuthorizationUrl": { + "markdownDescription": "The redirect URL required by the OAuth 2.0 protocol for Amazon Q Business to authenticate a plugin user through a third party authentication server.", + "title": "AuthorizationUrl", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of an IAM role used by Amazon Q Business to access the OAuth 2.0 authentication credentials stored in a Secrets Manager secret.", + "title": "RoleArn", + "type": "string" + }, + "SecretArn": { + "markdownDescription": "The ARN of the Secrets Manager secret that stores the OAuth 2.0 credentials/token used for plugin configuration.", + "title": "SecretArn", + "type": "string" + }, + "TokenUrl": { + "markdownDescription": "The URL required by the OAuth 2.0 protocol to exchange an end user authorization code for an access token.", + "title": "TokenUrl", + "type": "string" + } + }, + "required": [ + "RoleArn", + "SecretArn" + ], + "type": "object" + }, + "AWS::QBusiness::Plugin.PluginAuthConfiguration": { + "additionalProperties": false, + "properties": { + "BasicAuthConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::Plugin.BasicAuthConfiguration", + "markdownDescription": "Information about the basic authentication credentials used to configure a plugin.", + "title": "BasicAuthConfiguration" + }, + "NoAuthConfiguration": { + "markdownDescription": "Information about invoking a custom plugin without any authentication.", + "title": "NoAuthConfiguration", + "type": "object" + }, + "OAuth2ClientCredentialConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::Plugin.OAuth2ClientCredentialConfiguration", + "markdownDescription": "Information about the OAuth 2.0 authentication credential/token used to configure a plugin.", + "title": "OAuth2ClientCredentialConfiguration" + } + }, + "type": "object" + }, + "AWS::QBusiness::Plugin.S3": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The name of the S3 bucket that contains the file.", + "title": "Bucket", + "type": "string" + }, + "Key": { + "markdownDescription": "The name of the file.", + "title": "Key", + "type": "string" + } + }, + "required": [ + "Bucket", + "Key" + ], + "type": "object" + }, + "AWS::QBusiness::Retriever": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The identifier of the Amazon Q Business application using the retriever.", + "title": "ApplicationId", + "type": "string" + }, + "Configuration": { + "$ref": "#/definitions/AWS::QBusiness::Retriever.RetrieverConfiguration", + "markdownDescription": "Provides information on how the retriever used for your Amazon Q Business application is configured.", + "title": "Configuration" + }, + "DisplayName": { + "markdownDescription": "The name of your retriever.", + "title": "DisplayName", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of an IAM role used by Amazon Q Business to access the basic authentication credentials stored in a Secrets Manager secret.", + "title": "RoleArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs that identify or categorize the retriever. You can also use tags to help control access to the retriever. Tag keys and values can consist of Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @.", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of your retriever.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "ApplicationId", + "Configuration", + "DisplayName", + "Type" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QBusiness::Retriever" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::QBusiness::Retriever.KendraIndexConfiguration": { + "additionalProperties": false, + "properties": { + "IndexId": { + "markdownDescription": "The identifier of the Amazon Kendra index.", + "title": "IndexId", + "type": "string" + } + }, + "required": [ + "IndexId" + ], + "type": "object" + }, + "AWS::QBusiness::Retriever.NativeIndexConfiguration": { + "additionalProperties": false, + "properties": { + "IndexId": { + "markdownDescription": "The identifier for the Amazon Q Business index.", + "title": "IndexId", + "type": "string" + } + }, + "required": [ + "IndexId" + ], + "type": "object" + }, + "AWS::QBusiness::Retriever.RetrieverConfiguration": { + "additionalProperties": false, + "properties": { + "KendraIndexConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::Retriever.KendraIndexConfiguration", + "markdownDescription": "Provides information on how the Amazon Kendra index used as a retriever for your Amazon Q Business application is configured.", + "title": "KendraIndexConfiguration" + }, + "NativeIndexConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::Retriever.NativeIndexConfiguration", + "markdownDescription": "Provides information on how a Amazon Q Business index used as a retriever for your Amazon Q Business application is configured.", + "title": "NativeIndexConfiguration" + } + }, + "type": "object" + }, + "AWS::QBusiness::WebExperience": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The identifier of the Amazon Q Business web experience.", + "title": "ApplicationId", + "type": "string" + }, + "BrowserExtensionConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::WebExperience.BrowserExtensionConfiguration", + "markdownDescription": "The container for browser extension configuration for an Amazon Q Business web experience.", + "title": "BrowserExtensionConfiguration" + }, + "CustomizationConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::WebExperience.CustomizationConfiguration", + "markdownDescription": "Contains the configuration information to customize the logo, font, and color of an Amazon Q Business web experience with individual files for each property or a CSS file for them all.", + "title": "CustomizationConfiguration" + }, + "IdentityProviderConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::WebExperience.IdentityProviderConfiguration", + "markdownDescription": "Provides information about the identity provider (IdP) used to authenticate end users of an Amazon Q Business web experience.", + "title": "IdentityProviderConfiguration" + }, + "Origins": { + "items": { + "type": "string" + }, + "markdownDescription": "Sets the website domain origins that are allowed to embed the Amazon Q Business web experience. The *domain origin* refers to the base URL for accessing a website including the protocol ( `http/https` ), the domain name, and the port number (if specified).\n\n> You must only submit a *base URL* and not a full path. For example, `https://docs.aws.amazon.com` .", + "title": "Origins", + "type": "array" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the service role attached to your web experience.\n\n> You must provide this value if you're using IAM Identity Center to manage end user access to your application. If you're using legacy identity management to manage user access, you don't need to provide this value.", + "title": "RoleArn", + "type": "string" + }, + "SamplePromptsControlMode": { + "markdownDescription": "Determines whether sample prompts are enabled in the web experience for an end user.", + "title": "SamplePromptsControlMode", + "type": "string" + }, + "Subtitle": { + "markdownDescription": "A subtitle to personalize your Amazon Q Business web experience.", + "title": "Subtitle", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs that identify or categorize your Amazon Q Business web experience. You can also use tags to help control access to the web experience. Tag keys and values can consist of Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @.", + "title": "Tags", + "type": "array" + }, + "Title": { + "markdownDescription": "The title for your Amazon Q Business web experience.", + "title": "Title", + "type": "string" + }, + "WelcomeMessage": { + "markdownDescription": "A message in an Amazon Q Business web experience.", + "title": "WelcomeMessage", + "type": "string" + } + }, + "required": [ + "ApplicationId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QBusiness::WebExperience" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::QBusiness::WebExperience.BrowserExtensionConfiguration": { + "additionalProperties": false, + "properties": { + "EnabledBrowserExtensions": { + "items": { + "type": "string" + }, + "markdownDescription": "Specify the browser extensions allowed for your Amazon Q web experience.\n\n- `CHROME` \u2014 Enables the extension for Chromium-based browsers (Google Chrome, Microsoft Edge, Opera, etc.).\n- `FIREFOX` \u2014 Enables the extension for Mozilla Firefox.\n- `CHROME` and `FIREFOX` \u2014 Enable the extension for Chromium-based browsers and Mozilla Firefox.", + "title": "EnabledBrowserExtensions", + "type": "array" + } + }, + "required": [ + "EnabledBrowserExtensions" + ], + "type": "object" + }, + "AWS::QBusiness::WebExperience.CustomizationConfiguration": { + "additionalProperties": false, + "properties": { + "CustomCSSUrl": { + "markdownDescription": "Provides the URL where the custom CSS file is hosted for an Amazon Q web experience.", + "title": "CustomCSSUrl", + "type": "string" + }, + "FaviconUrl": { + "markdownDescription": "Provides the URL where the custom favicon file is hosted for an Amazon Q web experience.", + "title": "FaviconUrl", + "type": "string" + }, + "FontUrl": { + "markdownDescription": "Provides the URL where the custom font file is hosted for an Amazon Q web experience.", + "title": "FontUrl", + "type": "string" + }, + "LogoUrl": { + "markdownDescription": "Provides the URL where the custom logo file is hosted for an Amazon Q web experience.", + "title": "LogoUrl", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QBusiness::WebExperience.IdentityProviderConfiguration": { + "additionalProperties": false, + "properties": { + "OpenIDConnectConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::WebExperience.OpenIDConnectProviderConfiguration", + "markdownDescription": "The OIDC-compliant identity provider (IdP) used to authenticate end users of an Amazon Q Business web experience.", + "title": "OpenIDConnectConfiguration" + }, + "SamlConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::WebExperience.SamlProviderConfiguration", + "markdownDescription": "The SAML 2.0-compliant identity provider (IdP) used to authenticate end users of an Amazon Q Business web experience.", + "title": "SamlConfiguration" + } + }, + "type": "object" + }, + "AWS::QBusiness::WebExperience.OpenIDConnectProviderConfiguration": { + "additionalProperties": false, + "properties": { + "SecretsArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of a Secrets Manager secret containing the OIDC client secret.", + "title": "SecretsArn", + "type": "string" + }, + "SecretsRole": { + "markdownDescription": "An IAM role with permissions to access AWS KMS to decrypt the Secrets Manager secret containing your OIDC client secret.", + "title": "SecretsRole", + "type": "string" + } + }, + "required": [ + "SecretsArn", + "SecretsRole" + ], + "type": "object" + }, + "AWS::QBusiness::WebExperience.SamlProviderConfiguration": { + "additionalProperties": false, + "properties": { + "AuthenticationUrl": { + "markdownDescription": "The URL where Amazon Q Business end users will be redirected for authentication.", + "title": "AuthenticationUrl", + "type": "string" + } + }, + "required": [ + "AuthenticationUrl" + ], + "type": "object" + }, + "AWS::QLDB::Ledger": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DeletionProtection": { + "markdownDescription": "Specifies whether the ledger is protected from being deleted by any user. If not defined during ledger creation, this feature is enabled ( `true` ) by default.\n\nIf deletion protection is enabled, you must first disable it before you can delete the ledger. You can disable it by calling the `UpdateLedger` operation to set this parameter to `false` .", + "title": "DeletionProtection", + "type": "boolean" + }, + "KmsKey": { + "markdownDescription": "The key in AWS Key Management Service ( AWS KMS ) to use for encryption of data at rest in the ledger. For more information, see [Encryption at rest](https://docs.aws.amazon.com/qldb/latest/developerguide/encryption-at-rest.html) in the *Amazon QLDB Developer Guide* .\n\nUse one of the following options to specify this parameter:\n\n- `AWS_OWNED_KMS_KEY` : Use an AWS KMS key that is owned and managed by AWS on your behalf.\n- *Undefined* : By default, use an AWS owned KMS key.\n- *A valid symmetric customer managed KMS key* : Use the specified symmetric encryption KMS key in your account that you create, own, and manage.\n\nAmazon QLDB does not support asymmetric keys. For more information, see [Using symmetric and asymmetric keys](https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html) in the *AWS Key Management Service Developer Guide* .\n\nTo specify a customer managed KMS key, you can use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. When using an alias name, prefix it with `\"alias/\"` . To specify a key in a different AWS account , you must use the key ARN or alias ARN.\n\nFor example:\n\n- Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key ARN: `arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n- Alias name: `alias/ExampleAlias`\n- Alias ARN: `arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias`\n\nFor more information, see [Key identifiers (KeyId)](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id) in the *AWS Key Management Service Developer Guide* .", + "title": "KmsKey", + "type": "string" }, "Name": { - "markdownDescription": "A display name for the template.", + "markdownDescription": "The name of the ledger that you want to create. The name must be unique among all of the ledgers in your AWS account in the current Region.\n\nNaming constraints for ledger names are defined in [Quotas in Amazon QLDB](https://docs.aws.amazon.com/qldb/latest/developerguide/limits.html#limits.naming) in the *Amazon QLDB Developer Guide* .", + "title": "Name", + "type": "string" + }, + "PermissionsMode": { + "markdownDescription": "The permissions mode to assign to the ledger that you want to create. This parameter can have one of the following values:\n\n- `ALLOW_ALL` : A legacy permissions mode that enables access control with API-level granularity for ledgers.\n\nThis mode allows users who have the `SendCommand` API permission for this ledger to run all PartiQL commands (hence, `ALLOW_ALL` ) on any tables in the specified ledger. This mode disregards any table-level or command-level IAM permissions policies that you create for the ledger.\n- `STANDARD` : ( *Recommended* ) A permissions mode that enables access control with finer granularity for ledgers, tables, and PartiQL commands.\n\nBy default, this mode denies all user requests to run any PartiQL commands on any tables in this ledger. To allow PartiQL commands to run, you must create IAM permissions policies for specific table resources and PartiQL actions, in addition to the `SendCommand` API permission for the ledger. For information, see [Getting started with the standard permissions mode](https://docs.aws.amazon.com/qldb/latest/developerguide/getting-started-standard-mode.html) in the *Amazon QLDB Developer Guide* .\n\n> We strongly recommend using the `STANDARD` permissions mode to maximize the security of your ledger data.", + "title": "PermissionsMode", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "PermissionsMode" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QLDB::Ledger" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::QLDB::Stream": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ExclusiveEndTime": { + "markdownDescription": "The exclusive date and time that specifies when the stream ends. If you don't define this parameter, the stream runs indefinitely until you cancel it.\n\nThe `ExclusiveEndTime` must be in `ISO 8601` date and time format and in Universal Coordinated Time (UTC). For example: `2019-06-13T21:36:34Z` .", + "title": "ExclusiveEndTime", + "type": "string" + }, + "InclusiveStartTime": { + "markdownDescription": "The inclusive start date and time from which to start streaming journal data. This parameter must be in `ISO 8601` date and time format and in Universal Coordinated Time (UTC). For example: `2019-06-13T21:36:34Z` .\n\nThe `InclusiveStartTime` cannot be in the future and must be before `ExclusiveEndTime` .\n\nIf you provide an `InclusiveStartTime` that is before the ledger's `CreationDateTime` , QLDB effectively defaults it to the ledger's `CreationDateTime` .", + "title": "InclusiveStartTime", + "type": "string" + }, + "KinesisConfiguration": { + "$ref": "#/definitions/AWS::QLDB::Stream.KinesisConfiguration", + "markdownDescription": "The configuration settings of the Kinesis Data Streams destination for your stream request.", + "title": "KinesisConfiguration" + }, + "LedgerName": { + "markdownDescription": "The name of the ledger.", + "title": "LedgerName", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that grants QLDB permissions for a journal stream to write data records to a Kinesis Data Streams resource.\n\nTo pass a role to QLDB when requesting a journal stream, you must have permissions to perform the `iam:PassRole` action on the IAM role resource. This is required for all journal stream requests.", + "title": "RoleArn", + "type": "string" + }, + "StreamName": { + "markdownDescription": "The name that you want to assign to the QLDB journal stream. User-defined names can help identify and indicate the purpose of a stream.\n\nYour stream name must be unique among other *active* streams for a given ledger. Stream names have the same naming constraints as ledger names, as defined in [Quotas in Amazon QLDB](https://docs.aws.amazon.com/qldb/latest/developerguide/limits.html#limits.naming) in the *Amazon QLDB Developer Guide* .", + "title": "StreamName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "InclusiveStartTime", + "KinesisConfiguration", + "LedgerName", + "RoleArn", + "StreamName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QLDB::Stream" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::QLDB::Stream.KinesisConfiguration": { + "additionalProperties": false, + "properties": { + "AggregationEnabled": { + "markdownDescription": "Enables QLDB to publish multiple data records in a single Kinesis Data Streams record, increasing the number of records sent per API call.\n\nDefault: `True`\n\n> Record aggregation has important implications for processing records and requires de-aggregation in your stream consumer. To learn more, see [KPL Key Concepts](https://docs.aws.amazon.com/streams/latest/dev/kinesis-kpl-concepts.html) and [Consumer De-aggregation](https://docs.aws.amazon.com/streams/latest/dev/kinesis-kpl-consumer-deaggregation.html) in the *Amazon Kinesis Data Streams Developer Guide* .", + "title": "AggregationEnabled", + "type": "boolean" + }, + "StreamArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Kinesis Data Streams resource.", + "title": "StreamArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AnalysisId": { + "markdownDescription": "The ID for the analysis that you're creating. This ID displays in the URL of the analysis.", + "title": "AnalysisId", + "type": "string" + }, + "AwsAccountId": { + "markdownDescription": "The ID of the AWS account where you are creating an analysis.", + "title": "AwsAccountId", + "type": "string" + }, + "Definition": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AnalysisDefinition", + "markdownDescription": "", + "title": "Definition" + }, + "Errors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AnalysisError" + }, + "markdownDescription": "Errors associated with the analysis.", + "title": "Errors", + "type": "array" + }, + "FolderArns": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "FolderArns", + "type": "array" + }, + "Name": { + "markdownDescription": "A descriptive name for the analysis that you're creating. This name displays for the analysis in the Amazon QuickSight console.", "title": "Name", "type": "string" }, + "Parameters": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.Parameters", + "markdownDescription": "The parameter names and override values that you want to use. An analysis can have any parameter type, and some parameters might accept multiple values.", + "title": "Parameters" + }, "Permissions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ResourcePermission" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ResourcePermission" }, - "markdownDescription": "A list of resource permissions to be set on the template.", + "markdownDescription": "A structure that describes the principals and the resource-level permissions on an analysis. You can use the `Permissions` structure to grant permissions by providing a list of AWS Identity and Access Management (IAM) action information for each principal listed by Amazon Resource Name (ARN).\n\nTo specify no permissions, omit `Permissions` .", "title": "Permissions", "type": "array" }, + "Sheets": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.Sheet" + }, + "markdownDescription": "A list of the associated sheets with the unique identifier and name of each sheet.", + "title": "Sheets", + "type": "array" + }, "SourceEntity": { - "$ref": "#/definitions/AWS::QuickSight::Template.TemplateSourceEntity", - "markdownDescription": "The entity that you are using as a source when you create the template. In `SourceEntity` , you specify the type of object you're using as source: `SourceTemplate` for a template or `SourceAnalysis` for an analysis. Both of these require an Amazon Resource Name (ARN). For `SourceTemplate` , specify the ARN of the source template. For `SourceAnalysis` , specify the ARN of the source analysis. The `SourceTemplate` ARN can contain any AWS account and any Amazon QuickSight-supported AWS Region .\n\nUse the `DataSetReferences` entity within `SourceTemplate` or `SourceAnalysis` to list the replacement datasets for the placeholders listed in the original. The schema in each dataset must match its placeholder.\n\nEither a `SourceEntity` or a `Definition` must be provided in order for the request to be valid.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.AnalysisSourceEntity", + "markdownDescription": "A source entity to use for the analysis that you're creating. This metadata structure contains details that describe a source template and one or more datasets.\n\nEither a `SourceEntity` or a `Definition` must be provided in order for the request to be valid.", "title": "SourceEntity" }, + "Status": { + "markdownDescription": "Status associated with the analysis.", + "title": "Status", + "type": "string" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Contains a map of the key-value pairs for the resource tag or tags assigned to the resource.", + "markdownDescription": "Contains a map of the key-value pairs for the resource tag or tags assigned to the analysis.", "title": "Tags", "type": "array" }, - "TemplateId": { - "markdownDescription": "An ID for the template that you want to create. This template is unique per AWS Region ; in each AWS account.", - "title": "TemplateId", + "ThemeArn": { + "markdownDescription": "The ARN for the theme to apply to the analysis that you're creating. To see the theme in the Amazon QuickSight console, make sure that you have access to it.", + "title": "ThemeArn", "type": "string" }, "ValidationStrategy": { - "$ref": "#/definitions/AWS::QuickSight::Template.ValidationStrategy", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ValidationStrategy", "markdownDescription": "The option to relax the validation that is required to create and update analyses, dashboards, and templates with definition objects. When you set this value to `LENIENT` , validation is skipped for specific errors.", "title": "ValidationStrategy" - }, - "VersionDescription": { - "markdownDescription": "A description of the current template version being created. This API operation creates the first version of the template. Every time `UpdateTemplate` is called, a new version is created. Each version of the template maintains a description of the version in the `VersionDescription` field.", - "title": "VersionDescription", - "type": "string" } }, "required": [ + "AnalysisId", "AwsAccountId", - "TemplateId" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::QuickSight::Template" + "AWS::QuickSight::Analysis" ], "type": "string" }, @@ -210222,11 +219787,11 @@ ], "type": "object" }, - "AWS::QuickSight::Template.AggregationFunction": { + "AWS::QuickSight::Analysis.AggregationFunction": { "additionalProperties": false, "properties": { "AttributeAggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Template.AttributeAggregationFunction", + "$ref": "#/definitions/AWS::QuickSight::Analysis.AttributeAggregationFunction", "markdownDescription": "Aggregation for attributes.", "title": "AttributeAggregationFunction" }, @@ -210241,23 +219806,23 @@ "type": "string" }, "NumericalAggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericalAggregationFunction", + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericalAggregationFunction", "markdownDescription": "Aggregation for numerical values.", "title": "NumericalAggregationFunction" } }, "type": "object" }, - "AWS::QuickSight::Template.AggregationSortConfiguration": { + "AWS::QuickSight::Analysis.AggregationSortConfiguration": { "additionalProperties": false, "properties": { "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Template.AggregationFunction", + "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationFunction", "markdownDescription": "The function that aggregates the values in `Column` .", "title": "AggregationFunction" }, "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The column that determines the sort order of aggregated values.", "title": "Column" }, @@ -210273,11 +219838,11 @@ ], "type": "object" }, - "AWS::QuickSight::Template.AnalysisDefaults": { + "AWS::QuickSight::Analysis.AnalysisDefaults": { "additionalProperties": false, "properties": { "DefaultNewSheetConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultNewSheetConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultNewSheetConfiguration", "markdownDescription": "The configuration for default new sheet settings.", "title": "DefaultNewSheetConfiguration" } @@ -210287,7 +219852,145 @@ ], "type": "object" }, - "AWS::QuickSight::Template.AnchorDateConfiguration": { + "AWS::QuickSight::Analysis.AnalysisDefinition": { + "additionalProperties": false, + "properties": { + "AnalysisDefaults": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AnalysisDefaults", + "markdownDescription": "", + "title": "AnalysisDefaults" + }, + "CalculatedFields": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CalculatedField" + }, + "markdownDescription": "An array of calculated field definitions for the analysis.", + "title": "CalculatedFields", + "type": "array" + }, + "ColumnConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnConfiguration" + }, + "markdownDescription": "An array of analysis-level column configurations. Column configurations can be used to set default formatting for a column to be used throughout an analysis.", + "title": "ColumnConfigurations", + "type": "array" + }, + "DataSetIdentifierDeclarations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataSetIdentifierDeclaration" + }, + "markdownDescription": "An array of dataset identifier declarations. This mapping allows the usage of dataset identifiers instead of dataset ARNs throughout analysis sub-structures.", + "title": "DataSetIdentifierDeclarations", + "type": "array" + }, + "FilterGroups": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterGroup" + }, + "markdownDescription": "Filter definitions for an analysis.\n\nFor more information, see [Filtering Data in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/adding-a-filter.html) in the *Amazon QuickSight User Guide* .", + "title": "FilterGroups", + "type": "array" + }, + "Options": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AssetOptions", + "markdownDescription": "An array of option definitions for an analysis.", + "title": "Options" + }, + "ParameterDeclarations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterDeclaration" + }, + "markdownDescription": "An array of parameter declarations for an analysis.\n\nParameters are named variables that can transfer a value for use by an action or an object.\n\nFor more information, see [Parameters in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-in-quicksight.html) in the *Amazon QuickSight User Guide* .", + "title": "ParameterDeclarations", + "type": "array" + }, + "QueryExecutionOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.QueryExecutionOptions", + "markdownDescription": "", + "title": "QueryExecutionOptions" + }, + "Sheets": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetDefinition" + }, + "markdownDescription": "An array of sheet definitions for an analysis. Each `SheetDefinition` provides detailed information about a sheet within this analysis.", + "title": "Sheets", + "type": "array" + }, + "StaticFiles": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.StaticFile" + }, + "markdownDescription": "The static files for the definition.", + "title": "StaticFiles", + "type": "array" + } + }, + "required": [ + "DataSetIdentifierDeclarations" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.AnalysisError": { + "additionalProperties": false, + "properties": { + "Message": { + "markdownDescription": "The message associated with the analysis error.", + "title": "Message", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the analysis error.", + "title": "Type", + "type": "string" + }, + "ViolatedEntities": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.Entity" + }, + "markdownDescription": "Lists the violated entities that caused the analysis error", + "title": "ViolatedEntities", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.AnalysisSourceEntity": { + "additionalProperties": false, + "properties": { + "SourceTemplate": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AnalysisSourceTemplate", + "markdownDescription": "The source template for the source entity of the analysis.", + "title": "SourceTemplate" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.AnalysisSourceTemplate": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the source template of an analysis.", + "title": "Arn", + "type": "string" + }, + "DataSetReferences": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataSetReference" + }, + "markdownDescription": "The dataset references of the source template of an analysis.", + "title": "DataSetReferences", + "type": "array" + } + }, + "required": [ + "Arn", + "DataSetReferences" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.AnchorDateConfiguration": { "additionalProperties": false, "properties": { "AnchorOption": { @@ -210303,11 +220006,11 @@ }, "type": "object" }, - "AWS::QuickSight::Template.ArcAxisConfiguration": { + "AWS::QuickSight::Analysis.ArcAxisConfiguration": { "additionalProperties": false, "properties": { "Range": { - "$ref": "#/definitions/AWS::QuickSight::Template.ArcAxisDisplayRange", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ArcAxisDisplayRange", "markdownDescription": "The arc axis range of a `GaugeChartVisual` .", "title": "Range" }, @@ -210319,7 +220022,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.ArcAxisDisplayRange": { + "AWS::QuickSight::Analysis.ArcAxisDisplayRange": { "additionalProperties": false, "properties": { "Max": { @@ -210335,7 +220038,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.ArcConfiguration": { + "AWS::QuickSight::Analysis.ArcConfiguration": { "additionalProperties": false, "properties": { "ArcAngle": { @@ -210351,7 +220054,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.ArcOptions": { + "AWS::QuickSight::Analysis.ArcOptions": { "additionalProperties": false, "properties": { "ArcThickness": { @@ -210362,7 +220065,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.AssetOptions": { + "AWS::QuickSight::Analysis.AssetOptions": { "additionalProperties": false, "properties": { "Timezone": { @@ -210378,7 +220081,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.AttributeAggregationFunction": { + "AWS::QuickSight::Analysis.AttributeAggregationFunction": { "additionalProperties": false, "properties": { "SimpleAttributeAggregation": { @@ -210394,23 +220097,23 @@ }, "type": "object" }, - "AWS::QuickSight::Template.AxisDataOptions": { + "AWS::QuickSight::Analysis.AxisDataOptions": { "additionalProperties": false, "properties": { "DateAxisOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DateAxisOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateAxisOptions", "markdownDescription": "The options for an axis with a date field.", "title": "DateAxisOptions" }, "NumericAxisOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericAxisOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericAxisOptions", "markdownDescription": "The options for an axis with a numeric field.", "title": "NumericAxisOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.AxisDisplayMinMaxRange": { + "AWS::QuickSight::Analysis.AxisDisplayMinMaxRange": { "additionalProperties": false, "properties": { "Maximum": { @@ -210426,7 +220129,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.AxisDisplayOptions": { + "AWS::QuickSight::Analysis.AxisDisplayOptions": { "additionalProperties": false, "properties": { "AxisLineVisibility": { @@ -210440,7 +220143,7 @@ "type": "string" }, "DataOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDataOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDataOptions", "markdownDescription": "The data options for an axis.", "title": "DataOptions" }, @@ -210450,19 +220153,19 @@ "type": "string" }, "ScrollbarOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ScrollBarOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ScrollBarOptions", "markdownDescription": "The scroll bar options for an axis.", "title": "ScrollbarOptions" }, "TickLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisTickLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisTickLabelOptions", "markdownDescription": "The tick label options of an axis.", "title": "TickLabelOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.AxisDisplayRange": { + "AWS::QuickSight::Analysis.AxisDisplayRange": { "additionalProperties": false, "properties": { "DataDriven": { @@ -210471,18 +220174,18 @@ "type": "object" }, "MinMax": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayMinMaxRange", + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayMinMaxRange", "markdownDescription": "The minimum and maximum setup of an axis display range.", "title": "MinMax" } }, "type": "object" }, - "AWS::QuickSight::Template.AxisLabelOptions": { + "AWS::QuickSight::Analysis.AxisLabelOptions": { "additionalProperties": false, "properties": { "ApplyTo": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisLabelReferenceOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisLabelReferenceOptions", "markdownDescription": "The options that indicate which field the label belongs to.", "title": "ApplyTo" }, @@ -210492,18 +220195,18 @@ "type": "string" }, "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", "markdownDescription": "The font configuration of the axis label.", "title": "FontConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Template.AxisLabelReferenceOptions": { + "AWS::QuickSight::Analysis.AxisLabelReferenceOptions": { "additionalProperties": false, "properties": { "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The column that the axis label is targeted to.", "title": "Column" }, @@ -210519,7 +220222,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.AxisLinearScale": { + "AWS::QuickSight::Analysis.AxisLinearScale": { "additionalProperties": false, "properties": { "StepCount": { @@ -210535,7 +220238,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.AxisLogarithmicScale": { + "AWS::QuickSight::Analysis.AxisLogarithmicScale": { "additionalProperties": false, "properties": { "Base": { @@ -210546,27 +220249,27 @@ }, "type": "object" }, - "AWS::QuickSight::Template.AxisScale": { + "AWS::QuickSight::Analysis.AxisScale": { "additionalProperties": false, "properties": { "Linear": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisLinearScale", + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisLinearScale", "markdownDescription": "The linear axis scale setup.", "title": "Linear" }, "Logarithmic": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisLogarithmicScale", + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisLogarithmicScale", "markdownDescription": "The logarithmic axis scale setup.", "title": "Logarithmic" } }, "type": "object" }, - "AWS::QuickSight::Template.AxisTickLabelOptions": { + "AWS::QuickSight::Analysis.AxisTickLabelOptions": { "additionalProperties": false, "properties": { "LabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", "markdownDescription": "Determines whether or not the axis ticks are visible.", "title": "LabelOptions" }, @@ -210578,12 +220281,12 @@ }, "type": "object" }, - "AWS::QuickSight::Template.BarChartAggregatedFieldWells": { + "AWS::QuickSight::Analysis.BarChartAggregatedFieldWells": { "additionalProperties": false, "properties": { "Category": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The category (y-axis) field well of a bar chart.", "title": "Category", @@ -210591,7 +220294,7 @@ }, "Colors": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The color (group/color) field well of a bar chart.", "title": "Colors", @@ -210599,7 +220302,7 @@ }, "SmallMultiples": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The small multiples field well of a bar chart.", "title": "SmallMultiples", @@ -210607,7 +220310,7 @@ }, "Values": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, "markdownDescription": "The value field wells of a bar chart. Values are aggregated by category.", "title": "Values", @@ -210616,7 +220319,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.BarChartConfiguration": { + "AWS::QuickSight::Analysis.BarChartConfiguration": { "additionalProperties": false, "properties": { "BarsArrangement": { @@ -210625,40 +220328,45 @@ "type": "string" }, "CategoryAxis": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", "markdownDescription": "The label display options (grid line, range, scale, axis step) for bar chart category.", "title": "CategoryAxis" }, "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a bar chart.", "title": "CategoryLabelOptions" }, "ColorLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a color that is used in a bar chart.", "title": "ColorLabelOptions" }, "ContributionAnalysisDefaults": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ContributionAnalysisDefault" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ContributionAnalysisDefault" }, "markdownDescription": "The contribution analysis (anomaly configuration) setup of the visual.", "title": "ContributionAnalysisDefaults", "type": "array" }, "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", "markdownDescription": "The options that determine if visual data labels are displayed.", "title": "DataLabels" }, "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.BarChartFieldWells", + "$ref": "#/definitions/AWS::QuickSight::Analysis.BarChartFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Legend" }, @@ -210669,93 +220377,93 @@ }, "ReferenceLines": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLine" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLine" }, "markdownDescription": "The reference line setup of the visual.", "title": "ReferenceLines", "type": "array" }, "SmallMultiplesOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SmallMultiplesOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.SmallMultiplesOptions", "markdownDescription": "The small multiples setup for the visual.", "title": "SmallMultiplesOptions" }, "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.BarChartSortConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.BarChartSortConfiguration", "markdownDescription": "The sort configuration of a `BarChartVisual` .", "title": "SortConfiguration" }, "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", "markdownDescription": "The tooltip display setup of the visual.", "title": "Tooltip" }, "ValueAxis": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", "markdownDescription": "The label display options (grid line, range, scale, axis step) for a bar chart value.", "title": "ValueAxis" }, "ValueLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a bar chart value.", "title": "ValueLabelOptions" }, "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", "markdownDescription": "The palette (chart color) display setup of the visual.", "title": "VisualPalette" } }, "type": "object" }, - "AWS::QuickSight::Template.BarChartFieldWells": { + "AWS::QuickSight::Analysis.BarChartFieldWells": { "additionalProperties": false, "properties": { "BarChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.BarChartAggregatedFieldWells", + "$ref": "#/definitions/AWS::QuickSight::Analysis.BarChartAggregatedFieldWells", "markdownDescription": "The aggregated field wells of a bar chart.", "title": "BarChartAggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Template.BarChartSortConfiguration": { + "AWS::QuickSight::Analysis.BarChartSortConfiguration": { "additionalProperties": false, "properties": { "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of categories displayed in a bar chart.", "title": "CategoryItemsLimit" }, "CategorySort": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, "markdownDescription": "The sort configuration of category fields.", "title": "CategorySort", "type": "array" }, "ColorItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of values displayed in a bar chart.", "title": "ColorItemsLimit" }, "ColorSort": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, "markdownDescription": "The sort configuration of color fields in a bar chart.", "title": "ColorSort", "type": "array" }, "SmallMultiplesLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of small multiples panels that are displayed.", "title": "SmallMultiplesLimitConfiguration" }, "SmallMultiplesSort": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, "markdownDescription": "The sort configuration of the small multiples field.", "title": "SmallMultiplesSort", @@ -210764,40 +220472,45 @@ }, "type": "object" }, - "AWS::QuickSight::Template.BarChartVisual": { + "AWS::QuickSight::Analysis.BarChartVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.BarChartConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.BarChartConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", @@ -210809,7 +220522,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.BinCountOptions": { + "AWS::QuickSight::Analysis.BinCountOptions": { "additionalProperties": false, "properties": { "Value": { @@ -210820,7 +220533,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.BinWidthOptions": { + "AWS::QuickSight::Analysis.BinWidthOptions": { "additionalProperties": false, "properties": { "BinCountLimit": { @@ -210836,26 +220549,31 @@ }, "type": "object" }, - "AWS::QuickSight::Template.BodySectionConfiguration": { + "AWS::QuickSight::Analysis.BodySectionConfiguration": { "additionalProperties": false, "properties": { "Content": { - "$ref": "#/definitions/AWS::QuickSight::Template.BodySectionContent", + "$ref": "#/definitions/AWS::QuickSight::Analysis.BodySectionContent", "markdownDescription": "The configuration of content in a body section.", "title": "Content" }, "PageBreakConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.SectionPageBreakConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionPageBreakConfiguration", "markdownDescription": "The configuration of a page break for a section.", "title": "PageBreakConfiguration" }, + "RepeatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BodySectionRepeatConfiguration", + "markdownDescription": "Describes the configurations that are required to declare a section as repeating.", + "title": "RepeatConfiguration" + }, "SectionId": { "markdownDescription": "The unique identifier of a body section.", "title": "SectionId", "type": "string" }, "Style": { - "$ref": "#/definitions/AWS::QuickSight::Template.SectionStyle", + "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionStyle", "markdownDescription": "The style options of a body section.", "title": "Style" } @@ -210866,23 +220584,131 @@ ], "type": "object" }, - "AWS::QuickSight::Template.BodySectionContent": { + "AWS::QuickSight::Analysis.BodySectionContent": { "additionalProperties": false, "properties": { "Layout": { - "$ref": "#/definitions/AWS::QuickSight::Template.SectionLayoutConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionLayoutConfiguration", "markdownDescription": "The layout configuration of a body section.", "title": "Layout" } }, "type": "object" }, - "AWS::QuickSight::Template.BoxPlotAggregatedFieldWells": { + "AWS::QuickSight::Analysis.BodySectionDynamicCategoryDimensionConfiguration": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "", + "title": "Column" + }, + "Limit": { + "markdownDescription": "Number of values to use from the column for repetition.", + "title": "Limit", + "type": "number" + }, + "SortByMetrics": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnSort" + }, + "markdownDescription": "Sort criteria on the column values that you use for repetition.", + "title": "SortByMetrics", + "type": "array" + } + }, + "required": [ + "Column" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.BodySectionDynamicNumericDimensionConfiguration": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "", + "title": "Column" + }, + "Limit": { + "markdownDescription": "Number of values to use from the column for repetition.", + "title": "Limit", + "type": "number" + }, + "SortByMetrics": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnSort" + }, + "markdownDescription": "Sort criteria on the column values that you use for repetition.", + "title": "SortByMetrics", + "type": "array" + } + }, + "required": [ + "Column" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.BodySectionRepeatConfiguration": { + "additionalProperties": false, + "properties": { + "DimensionConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BodySectionRepeatDimensionConfiguration" + }, + "markdownDescription": "List of `BodySectionRepeatDimensionConfiguration` values that describe the dataset column and constraints for the column used to repeat the contents of a section.", + "title": "DimensionConfigurations", + "type": "array" + }, + "NonRepeatingVisuals": { + "items": { + "type": "string" + }, + "markdownDescription": "List of visuals to exclude from repetition in repeating sections. The visuals will render identically, and ignore the repeating configurations in all repeating instances.", + "title": "NonRepeatingVisuals", + "type": "array" + }, + "PageBreakConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BodySectionRepeatPageBreakConfiguration", + "markdownDescription": "Page break configuration to apply for each repeating instance.", + "title": "PageBreakConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.BodySectionRepeatDimensionConfiguration": { + "additionalProperties": false, + "properties": { + "DynamicCategoryDimensionConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BodySectionDynamicCategoryDimensionConfiguration", + "markdownDescription": "Describes the *Category* dataset column and constraints around the dynamic values that will be used in repeating the section contents.", + "title": "DynamicCategoryDimensionConfiguration" + }, + "DynamicNumericDimensionConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BodySectionDynamicNumericDimensionConfiguration", + "markdownDescription": "Describes the *Numeric* dataset column and constraints around the dynamic values used to repeat the contents of a section.", + "title": "DynamicNumericDimensionConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.BodySectionRepeatPageBreakConfiguration": { + "additionalProperties": false, + "properties": { + "After": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionAfterPageBreak", + "markdownDescription": "", + "title": "After" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.BoxPlotAggregatedFieldWells": { "additionalProperties": false, "properties": { "GroupBy": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The group by field well of a box plot chart. Values are grouped based on group by fields.", "title": "GroupBy", @@ -210890,7 +220716,7 @@ }, "Values": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, "markdownDescription": "The value field well of a box plot chart. Values are aggregated based on group by fields.", "title": "Values", @@ -210899,82 +220725,87 @@ }, "type": "object" }, - "AWS::QuickSight::Template.BoxPlotChartConfiguration": { + "AWS::QuickSight::Analysis.BoxPlotChartConfiguration": { "additionalProperties": false, "properties": { "BoxPlotOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotOptions", "markdownDescription": "The box plot chart options for a box plot visual", "title": "BoxPlotOptions" }, "CategoryAxis": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", "markdownDescription": "The label display options (grid line, range, scale, axis step) of a box plot category.", "title": "CategoryAxis" }, "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility and sort Icon visibility) of a box plot category.", "title": "CategoryLabelOptions" }, "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotFieldWells", + "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", "markdownDescription": "", "title": "Legend" }, "PrimaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", "markdownDescription": "The label display options (grid line, range, scale, axis step) of a box plot category.", "title": "PrimaryYAxisDisplayOptions" }, "PrimaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility and sort icon visibility) of a box plot value.", "title": "PrimaryYAxisLabelOptions" }, "ReferenceLines": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLine" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLine" }, "markdownDescription": "The reference line setup of the visual.", "title": "ReferenceLines", "type": "array" }, "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotSortConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotSortConfiguration", "markdownDescription": "The sort configuration of a `BoxPlotVisual` .", "title": "SortConfiguration" }, "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", "markdownDescription": "The tooltip display setup of the visual.", "title": "Tooltip" }, "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", "markdownDescription": "The palette (chart color) display setup of the visual.", "title": "VisualPalette" } }, "type": "object" }, - "AWS::QuickSight::Template.BoxPlotFieldWells": { + "AWS::QuickSight::Analysis.BoxPlotFieldWells": { "additionalProperties": false, "properties": { "BoxPlotAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotAggregatedFieldWells", + "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotAggregatedFieldWells", "markdownDescription": "The aggregated field wells of a box plot.", "title": "BoxPlotAggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Template.BoxPlotOptions": { + "AWS::QuickSight::Analysis.BoxPlotOptions": { "additionalProperties": false, "properties": { "AllDataPointsVisibility": { @@ -210988,33 +220819,33 @@ "type": "string" }, "StyleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotStyleOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotStyleOptions", "markdownDescription": "The style options of the box plot.", "title": "StyleOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.BoxPlotSortConfiguration": { + "AWS::QuickSight::Analysis.BoxPlotSortConfiguration": { "additionalProperties": false, "properties": { "CategorySort": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, "markdownDescription": "The sort configuration of a group by fields.", "title": "CategorySort", "type": "array" }, "PaginationConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.PaginationConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.PaginationConfiguration", "markdownDescription": "The pagination configuration of a table visual or box plot.", "title": "PaginationConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Template.BoxPlotStyleOptions": { + "AWS::QuickSight::Analysis.BoxPlotStyleOptions": { "additionalProperties": false, "properties": { "FillStyle": { @@ -211025,40 +220856,45 @@ }, "type": "object" }, - "AWS::QuickSight::Template.BoxPlotVisual": { + "AWS::QuickSight::Analysis.BoxPlotVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotChartConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotChartConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", "title": "VisualId", @@ -211070,7 +220906,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.CalculatedField": { + "AWS::QuickSight::Analysis.CalculatedField": { "additionalProperties": false, "properties": { "DataSetIdentifier": { @@ -211096,7 +220932,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.CalculatedMeasureField": { + "AWS::QuickSight::Analysis.CalculatedMeasureField": { "additionalProperties": false, "properties": { "Expression": { @@ -211116,12 +220952,12 @@ ], "type": "object" }, - "AWS::QuickSight::Template.CascadingControlConfiguration": { + "AWS::QuickSight::Analysis.CascadingControlConfiguration": { "additionalProperties": false, "properties": { "SourceControls": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.CascadingControlSource" + "$ref": "#/definitions/AWS::QuickSight::Analysis.CascadingControlSource" }, "markdownDescription": "A list of source controls that determine the values that are used in the current control.", "title": "SourceControls", @@ -211130,11 +220966,11 @@ }, "type": "object" }, - "AWS::QuickSight::Template.CascadingControlSource": { + "AWS::QuickSight::Analysis.CascadingControlSource": { "additionalProperties": false, "properties": { "ColumnToMatch": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The column identifier that determines which column to look up for the source sheet control.", "title": "ColumnToMatch" }, @@ -211146,11 +220982,11 @@ }, "type": "object" }, - "AWS::QuickSight::Template.CategoricalDimensionField": { + "AWS::QuickSight::Analysis.CategoricalDimensionField": { "additionalProperties": false, "properties": { "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The column that is used in the `CategoricalDimensionField` .", "title": "Column" }, @@ -211160,7 +220996,7 @@ "type": "string" }, "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.StringFormatConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.StringFormatConfiguration", "markdownDescription": "The format configuration of the field.", "title": "FormatConfiguration" }, @@ -211176,7 +221012,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.CategoricalMeasureField": { + "AWS::QuickSight::Analysis.CategoricalMeasureField": { "additionalProperties": false, "properties": { "AggregationFunction": { @@ -211185,7 +221021,7 @@ "type": "string" }, "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The column that is used in the `CategoricalMeasureField` .", "title": "Column" }, @@ -211195,7 +221031,7 @@ "type": "string" }, "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.StringFormatConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.StringFormatConfiguration", "markdownDescription": "The format configuration of the field.", "title": "FormatConfiguration" } @@ -211206,7 +221042,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.CategoryDrillDownFilter": { + "AWS::QuickSight::Analysis.CategoryDrillDownFilter": { "additionalProperties": false, "properties": { "CategoryValues": { @@ -211218,7 +221054,7 @@ "type": "array" }, "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The column that the filter is applied to.", "title": "Column" } @@ -211229,21 +221065,21 @@ ], "type": "object" }, - "AWS::QuickSight::Template.CategoryFilter": { + "AWS::QuickSight::Analysis.CategoryFilter": { "additionalProperties": false, "properties": { "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The column that the filter is applied to.", "title": "Column" }, "Configuration": { - "$ref": "#/definitions/AWS::QuickSight::Template.CategoryFilterConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.CategoryFilterConfiguration", "markdownDescription": "The configuration for a `CategoryFilter` .", "title": "Configuration" }, "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", "title": "DefaultFilterControlConfiguration" }, @@ -211260,33 +221096,58 @@ ], "type": "object" }, - "AWS::QuickSight::Template.CategoryFilterConfiguration": { + "AWS::QuickSight::Analysis.CategoryFilterConfiguration": { "additionalProperties": false, "properties": { "CustomFilterConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.CustomFilterConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomFilterConfiguration", "markdownDescription": "A custom filter that filters based on a single value. This filter can be partially matched.", "title": "CustomFilterConfiguration" }, "CustomFilterListConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.CustomFilterListConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomFilterListConfiguration", "markdownDescription": "A list of custom filter values. In the Amazon QuickSight console, this filter type is called a custom filter list.", "title": "CustomFilterListConfiguration" }, "FilterListConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterListConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterListConfiguration", "markdownDescription": "A list of filter configurations. In the Amazon QuickSight console, this filter type is called a filter list.", "title": "FilterListConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Template.ChartAxisLabelOptions": { + "AWS::QuickSight::Analysis.CategoryInnerFilter": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "", + "title": "Column" + }, + "Configuration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CategoryFilterConfiguration", + "markdownDescription": "", + "title": "Configuration" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", + "markdownDescription": "", + "title": "DefaultFilterControlConfiguration" + } + }, + "required": [ + "Column", + "Configuration" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.ChartAxisLabelOptions": { "additionalProperties": false, "properties": { "AxisLabelOptions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisLabelOptions" + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisLabelOptions" }, "markdownDescription": "The label options for a chart axis.", "title": "AxisLabelOptions", @@ -211305,29 +221166,29 @@ }, "type": "object" }, - "AWS::QuickSight::Template.ClusterMarker": { + "AWS::QuickSight::Analysis.ClusterMarker": { "additionalProperties": false, "properties": { "SimpleClusterMarker": { - "$ref": "#/definitions/AWS::QuickSight::Template.SimpleClusterMarker", + "$ref": "#/definitions/AWS::QuickSight::Analysis.SimpleClusterMarker", "markdownDescription": "The simple cluster marker of the cluster marker.", "title": "SimpleClusterMarker" } }, "type": "object" }, - "AWS::QuickSight::Template.ClusterMarkerConfiguration": { + "AWS::QuickSight::Analysis.ClusterMarkerConfiguration": { "additionalProperties": false, "properties": { "ClusterMarker": { - "$ref": "#/definitions/AWS::QuickSight::Template.ClusterMarker", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ClusterMarker", "markdownDescription": "The cluster marker that is a part of the cluster marker configuration.", "title": "ClusterMarker" } }, "type": "object" }, - "AWS::QuickSight::Template.ColorScale": { + "AWS::QuickSight::Analysis.ColorScale": { "additionalProperties": false, "properties": { "ColorFillType": { @@ -211337,14 +221198,14 @@ }, "Colors": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataColor" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataColor" }, "markdownDescription": "Determines the list of colors that are applied to the visual.", "title": "Colors", "type": "array" }, "NullValueColor": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataColor", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataColor", "markdownDescription": "Determines the color that is applied to null values.", "title": "NullValueColor" } @@ -211355,12 +221216,12 @@ ], "type": "object" }, - "AWS::QuickSight::Template.ColorsConfiguration": { + "AWS::QuickSight::Analysis.ColorsConfiguration": { "additionalProperties": false, "properties": { "CustomColors": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.CustomColor" + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomColor" }, "markdownDescription": "A list of up to 50 custom colors.", "title": "CustomColors", @@ -211369,21 +221230,21 @@ }, "type": "object" }, - "AWS::QuickSight::Template.ColumnConfiguration": { + "AWS::QuickSight::Analysis.ColumnConfiguration": { "additionalProperties": false, "properties": { "ColorsConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColorsConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColorsConfiguration", "markdownDescription": "The color configurations of the column.", "title": "ColorsConfiguration" }, "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The column.", "title": "Column" }, "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FormatConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FormatConfiguration", "markdownDescription": "The format configuration of a column.", "title": "FormatConfiguration" }, @@ -211398,58 +221259,28 @@ ], "type": "object" }, - "AWS::QuickSight::Template.ColumnGroupColumnSchema": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the column group's column schema.", - "title": "Name", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.ColumnGroupSchema": { - "additionalProperties": false, - "properties": { - "ColumnGroupColumnSchemaList": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnGroupColumnSchema" - }, - "markdownDescription": "A structure containing the list of schemas for column group columns.", - "title": "ColumnGroupColumnSchemaList", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the column group schema.", - "title": "Name", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.ColumnHierarchy": { + "AWS::QuickSight::Analysis.ColumnHierarchy": { "additionalProperties": false, "properties": { "DateTimeHierarchy": { - "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeHierarchy", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeHierarchy", "markdownDescription": "The option that determines the hierarchy of any `DateTime` fields.", "title": "DateTimeHierarchy" }, "ExplicitHierarchy": { - "$ref": "#/definitions/AWS::QuickSight::Template.ExplicitHierarchy", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ExplicitHierarchy", "markdownDescription": "The option that determines the hierarchy of the fields that are built within a visual's field wells. These fields can't be duplicated to other visuals.", "title": "ExplicitHierarchy" }, "PredefinedHierarchy": { - "$ref": "#/definitions/AWS::QuickSight::Template.PredefinedHierarchy", + "$ref": "#/definitions/AWS::QuickSight::Analysis.PredefinedHierarchy", "markdownDescription": "The option that determines the hierarchy of the fields that are defined during data preparation. These fields are available to use in any analysis that uses the data source.", "title": "PredefinedHierarchy" } }, "type": "object" }, - "AWS::QuickSight::Template.ColumnIdentifier": { + "AWS::QuickSight::Analysis.ColumnIdentifier": { "additionalProperties": false, "properties": { "ColumnName": { @@ -211469,32 +221300,11 @@ ], "type": "object" }, - "AWS::QuickSight::Template.ColumnSchema": { - "additionalProperties": false, - "properties": { - "DataType": { - "markdownDescription": "The data type of the column schema.", - "title": "DataType", - "type": "string" - }, - "GeographicRole": { - "markdownDescription": "The geographic role of the column schema.", - "title": "GeographicRole", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the column schema.", - "title": "Name", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.ColumnSort": { + "AWS::QuickSight::Analysis.ColumnSort": { "additionalProperties": false, "properties": { "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Template.AggregationFunction", + "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationFunction", "markdownDescription": "The aggregation function that is defined in the column sort.", "title": "AggregationFunction" }, @@ -211504,7 +221314,7 @@ "type": "string" }, "SortBy": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "", "title": "SortBy" } @@ -211515,16 +221325,16 @@ ], "type": "object" }, - "AWS::QuickSight::Template.ColumnTooltipItem": { + "AWS::QuickSight::Analysis.ColumnTooltipItem": { "additionalProperties": false, "properties": { "Aggregation": { - "$ref": "#/definitions/AWS::QuickSight::Template.AggregationFunction", + "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationFunction", "markdownDescription": "The aggregation function of the column tooltip item.", "title": "Aggregation" }, "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The target column of the tooltip item.", "title": "Column" }, @@ -211533,6 +221343,11 @@ "title": "Label", "type": "string" }, + "TooltipTarget": { + "markdownDescription": "Determines the target of the column tooltip item in a combo chart visual.", + "title": "TooltipTarget", + "type": "string" + }, "Visibility": { "markdownDescription": "The visibility of the tooltip item.", "title": "Visibility", @@ -211544,12 +221359,12 @@ ], "type": "object" }, - "AWS::QuickSight::Template.ComboChartAggregatedFieldWells": { + "AWS::QuickSight::Analysis.ComboChartAggregatedFieldWells": { "additionalProperties": false, "properties": { "BarValues": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, "markdownDescription": "The aggregated `BarValues` field well of a combo chart.", "title": "BarValues", @@ -211557,7 +221372,7 @@ }, "Category": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The aggregated category field wells of a combo chart.", "title": "Category", @@ -211565,7 +221380,7 @@ }, "Colors": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The aggregated colors field well of a combo chart.", "title": "Colors", @@ -211573,7 +221388,7 @@ }, "LineValues": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, "markdownDescription": "The aggregated `LineValues` field well of a combo chart.", "title": "LineValues", @@ -211582,11 +221397,11 @@ }, "type": "object" }, - "AWS::QuickSight::Template.ComboChartConfiguration": { + "AWS::QuickSight::Analysis.ComboChartConfiguration": { "additionalProperties": false, "properties": { "BarDataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", "markdownDescription": "The options that determine if visual data labels are displayed.\n\nThe data label options for a bar in a combo chart.", "title": "BarDataLabels" }, @@ -211596,116 +221411,126 @@ "type": "string" }, "CategoryAxis": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", "markdownDescription": "The category axis of a combo chart.", "title": "CategoryAxis" }, "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart category (group/color) field well.", "title": "CategoryLabelOptions" }, "ColorLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's color field well.", "title": "ColorLabelOptions" }, "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.ComboChartFieldWells", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ComboChartFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Legend" }, "LineDataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", "markdownDescription": "The options that determine if visual data labels are displayed.\n\nThe data label options for a line in a combo chart.", "title": "LineDataLabels" }, "PrimaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", "markdownDescription": "The label display options (grid line, range, scale, and axis step) of a combo chart's primary y-axis (bar) field well.", "title": "PrimaryYAxisDisplayOptions" }, "PrimaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's primary y-axis (bar) field well.", "title": "PrimaryYAxisLabelOptions" }, "ReferenceLines": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLine" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLine" }, "markdownDescription": "The reference line setup of the visual.", "title": "ReferenceLines", "type": "array" }, "SecondaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", "markdownDescription": "The label display options (grid line, range, scale, axis step) of a combo chart's secondary y-axis (line) field well.", "title": "SecondaryYAxisDisplayOptions" }, "SecondaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's secondary y-axis(line) field well.", "title": "SecondaryYAxisLabelOptions" }, + "SingleAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SingleAxisOptions", + "markdownDescription": "", + "title": "SingleAxisOptions" + }, "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ComboChartSortConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ComboChartSortConfiguration", "markdownDescription": "The sort configuration of a `ComboChartVisual` .", "title": "SortConfiguration" }, "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Tooltip" }, "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", "markdownDescription": "The palette (chart color) display setup of the visual.", "title": "VisualPalette" } }, "type": "object" }, - "AWS::QuickSight::Template.ComboChartFieldWells": { + "AWS::QuickSight::Analysis.ComboChartFieldWells": { "additionalProperties": false, "properties": { "ComboChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.ComboChartAggregatedFieldWells", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ComboChartAggregatedFieldWells", "markdownDescription": "The aggregated field wells of a combo chart. Combo charts only have aggregated field wells. Columns in a combo chart are aggregated by category.", "title": "ComboChartAggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Template.ComboChartSortConfiguration": { + "AWS::QuickSight::Analysis.ComboChartSortConfiguration": { "additionalProperties": false, "properties": { "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", "markdownDescription": "The item limit configuration for the category field well of a combo chart.", "title": "CategoryItemsLimit" }, "CategorySort": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, "markdownDescription": "The sort configuration of the category field well in a combo chart.", "title": "CategorySort", "type": "array" }, "ColorItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", "markdownDescription": "The item limit configuration of the color field well in a combo chart.", "title": "ColorItemsLimit" }, "ColorSort": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, "markdownDescription": "The sort configuration of the color field well in a combo chart.", "title": "ColorSort", @@ -211714,40 +221539,45 @@ }, "type": "object" }, - "AWS::QuickSight::Template.ComboChartVisual": { + "AWS::QuickSight::Analysis.ComboChartVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ComboChartConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ComboChartConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", @@ -211759,11 +221589,11 @@ ], "type": "object" }, - "AWS::QuickSight::Template.ComparisonConfiguration": { + "AWS::QuickSight::Analysis.ComparisonConfiguration": { "additionalProperties": false, "properties": { "ComparisonFormat": { - "$ref": "#/definitions/AWS::QuickSight::Template.ComparisonFormatConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ComparisonFormatConfiguration", "markdownDescription": "The format of the comparison.", "title": "ComparisonFormat" }, @@ -211775,95 +221605,95 @@ }, "type": "object" }, - "AWS::QuickSight::Template.ComparisonFormatConfiguration": { + "AWS::QuickSight::Analysis.ComparisonFormatConfiguration": { "additionalProperties": false, "properties": { "NumberDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumberDisplayFormatConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumberDisplayFormatConfiguration", "markdownDescription": "The number display format.", "title": "NumberDisplayFormatConfiguration" }, "PercentageDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.PercentageDisplayFormatConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.PercentageDisplayFormatConfiguration", "markdownDescription": "The percentage display format.", "title": "PercentageDisplayFormatConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Template.Computation": { + "AWS::QuickSight::Analysis.Computation": { "additionalProperties": false, "properties": { "Forecast": { - "$ref": "#/definitions/AWS::QuickSight::Template.ForecastComputation", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ForecastComputation", "markdownDescription": "The forecast computation configuration.", "title": "Forecast" }, "GrowthRate": { - "$ref": "#/definitions/AWS::QuickSight::Template.GrowthRateComputation", + "$ref": "#/definitions/AWS::QuickSight::Analysis.GrowthRateComputation", "markdownDescription": "The growth rate computation configuration.", "title": "GrowthRate" }, "MaximumMinimum": { - "$ref": "#/definitions/AWS::QuickSight::Template.MaximumMinimumComputation", + "$ref": "#/definitions/AWS::QuickSight::Analysis.MaximumMinimumComputation", "markdownDescription": "The maximum and minimum computation configuration.", "title": "MaximumMinimum" }, "MetricComparison": { - "$ref": "#/definitions/AWS::QuickSight::Template.MetricComparisonComputation", + "$ref": "#/definitions/AWS::QuickSight::Analysis.MetricComparisonComputation", "markdownDescription": "The metric comparison computation configuration.", "title": "MetricComparison" }, "PeriodOverPeriod": { - "$ref": "#/definitions/AWS::QuickSight::Template.PeriodOverPeriodComputation", + "$ref": "#/definitions/AWS::QuickSight::Analysis.PeriodOverPeriodComputation", "markdownDescription": "The period over period computation configuration.", "title": "PeriodOverPeriod" }, "PeriodToDate": { - "$ref": "#/definitions/AWS::QuickSight::Template.PeriodToDateComputation", + "$ref": "#/definitions/AWS::QuickSight::Analysis.PeriodToDateComputation", "markdownDescription": "The period to `DataSetIdentifier` computation configuration.", "title": "PeriodToDate" }, "TopBottomMovers": { - "$ref": "#/definitions/AWS::QuickSight::Template.TopBottomMoversComputation", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TopBottomMoversComputation", "markdownDescription": "The top movers and bottom movers computation configuration.", "title": "TopBottomMovers" }, "TopBottomRanked": { - "$ref": "#/definitions/AWS::QuickSight::Template.TopBottomRankedComputation", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TopBottomRankedComputation", "markdownDescription": "The top ranked and bottom ranked computation configuration.", "title": "TopBottomRanked" }, "TotalAggregation": { - "$ref": "#/definitions/AWS::QuickSight::Template.TotalAggregationComputation", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TotalAggregationComputation", "markdownDescription": "The total aggregation computation configuration.", "title": "TotalAggregation" }, "UniqueValues": { - "$ref": "#/definitions/AWS::QuickSight::Template.UniqueValuesComputation", + "$ref": "#/definitions/AWS::QuickSight::Analysis.UniqueValuesComputation", "markdownDescription": "The unique values computation configuration.", "title": "UniqueValues" } }, "type": "object" }, - "AWS::QuickSight::Template.ConditionalFormattingColor": { + "AWS::QuickSight::Analysis.ConditionalFormattingColor": { "additionalProperties": false, "properties": { "Gradient": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingGradientColor", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingGradientColor", "markdownDescription": "Formatting configuration for gradient color.", "title": "Gradient" }, "Solid": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingSolidColor", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingSolidColor", "markdownDescription": "Formatting configuration for solid color.", "title": "Solid" } }, "type": "object" }, - "AWS::QuickSight::Template.ConditionalFormattingCustomIconCondition": { + "AWS::QuickSight::Analysis.ConditionalFormattingCustomIconCondition": { "additionalProperties": false, "properties": { "Color": { @@ -211872,7 +221702,7 @@ "type": "string" }, "DisplayConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIconDisplayConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIconDisplayConfiguration", "markdownDescription": "Determines the icon display configuration.", "title": "DisplayConfiguration" }, @@ -211882,7 +221712,7 @@ "type": "string" }, "IconOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingCustomIconOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingCustomIconOptions", "markdownDescription": "Custom icon options for an icon set.", "title": "IconOptions" } @@ -211893,7 +221723,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.ConditionalFormattingCustomIconOptions": { + "AWS::QuickSight::Analysis.ConditionalFormattingCustomIconOptions": { "additionalProperties": false, "properties": { "Icon": { @@ -211909,11 +221739,11 @@ }, "type": "object" }, - "AWS::QuickSight::Template.ConditionalFormattingGradientColor": { + "AWS::QuickSight::Analysis.ConditionalFormattingGradientColor": { "additionalProperties": false, "properties": { "Color": { - "$ref": "#/definitions/AWS::QuickSight::Template.GradientColor", + "$ref": "#/definitions/AWS::QuickSight::Analysis.GradientColor", "markdownDescription": "Determines the color.", "title": "Color" }, @@ -211929,23 +221759,23 @@ ], "type": "object" }, - "AWS::QuickSight::Template.ConditionalFormattingIcon": { + "AWS::QuickSight::Analysis.ConditionalFormattingIcon": { "additionalProperties": false, "properties": { "CustomCondition": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingCustomIconCondition", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingCustomIconCondition", "markdownDescription": "Determines the custom condition for an icon set.", "title": "CustomCondition" }, "IconSet": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIconSet", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIconSet", "markdownDescription": "Formatting configuration for icon set.", "title": "IconSet" } }, "type": "object" }, - "AWS::QuickSight::Template.ConditionalFormattingIconDisplayConfiguration": { + "AWS::QuickSight::Analysis.ConditionalFormattingIconDisplayConfiguration": { "additionalProperties": false, "properties": { "IconDisplayOption": { @@ -211956,7 +221786,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.ConditionalFormattingIconSet": { + "AWS::QuickSight::Analysis.ConditionalFormattingIconSet": { "additionalProperties": false, "properties": { "Expression": { @@ -211975,7 +221805,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.ConditionalFormattingSolidColor": { + "AWS::QuickSight::Analysis.ConditionalFormattingSolidColor": { "additionalProperties": false, "properties": { "Color": { @@ -211994,12 +221824,23 @@ ], "type": "object" }, - "AWS::QuickSight::Template.ContributionAnalysisDefault": { + "AWS::QuickSight::Analysis.ContextMenuOption": { + "additionalProperties": false, + "properties": { + "AvailabilityStatus": { + "markdownDescription": "The availability status of the context menu options. If the value of this property is set to `ENABLED` , dashboard readers can interact with the context menu.", + "title": "AvailabilityStatus", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ContributionAnalysisDefault": { "additionalProperties": false, "properties": { "ContributorDimensions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier" }, "markdownDescription": "The dimensions columns that are used in the contribution analysis, usually a list of `ColumnIdentifiers` .", "title": "ContributorDimensions", @@ -212017,21 +221858,21 @@ ], "type": "object" }, - "AWS::QuickSight::Template.CurrencyDisplayFormatConfiguration": { + "AWS::QuickSight::Analysis.CurrencyDisplayFormatConfiguration": { "additionalProperties": false, "properties": { "DecimalPlacesConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DecimalPlacesConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalPlacesConfiguration", "markdownDescription": "The option that determines the decimal places configuration.", "title": "DecimalPlacesConfiguration" }, "NegativeValueConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NegativeValueConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.NegativeValueConfiguration", "markdownDescription": "The options that determine the negative value configuration.", "title": "NegativeValueConfiguration" }, "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NullValueFormatConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.NullValueFormatConfiguration", "markdownDescription": "The options that determine the null value format configuration.", "title": "NullValueFormatConfiguration" }, @@ -212046,7 +221887,7 @@ "type": "string" }, "SeparatorConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericSeparatorConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericSeparatorConfiguration", "markdownDescription": "The options that determine the numeric separator configuration.", "title": "SeparatorConfiguration" }, @@ -212063,16 +221904,16 @@ }, "type": "object" }, - "AWS::QuickSight::Template.CustomActionFilterOperation": { + "AWS::QuickSight::Analysis.CustomActionFilterOperation": { "additionalProperties": false, "properties": { "SelectedFieldsConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterOperationSelectedFieldsConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterOperationSelectedFieldsConfiguration", "markdownDescription": "The configuration that chooses the fields to be filtered.", "title": "SelectedFieldsConfiguration" }, "TargetVisualsConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterOperationTargetVisualsConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterOperationTargetVisualsConfiguration", "markdownDescription": "The configuration that chooses the target visuals to be filtered.", "title": "TargetVisualsConfiguration" } @@ -212083,23 +221924,23 @@ ], "type": "object" }, - "AWS::QuickSight::Template.CustomActionNavigationOperation": { + "AWS::QuickSight::Analysis.CustomActionNavigationOperation": { "additionalProperties": false, "properties": { "LocalNavigationConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.LocalNavigationConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.LocalNavigationConfiguration", "markdownDescription": "The configuration that chooses the navigation target.", "title": "LocalNavigationConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Template.CustomActionSetParametersOperation": { + "AWS::QuickSight::Analysis.CustomActionSetParametersOperation": { "additionalProperties": false, "properties": { "ParameterValueConfigurations": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.SetParameterValueConfiguration" + "$ref": "#/definitions/AWS::QuickSight::Analysis.SetParameterValueConfiguration" }, "markdownDescription": "The parameter that determines the value configuration.", "title": "ParameterValueConfigurations", @@ -212111,7 +221952,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.CustomActionURLOperation": { + "AWS::QuickSight::Analysis.CustomActionURLOperation": { "additionalProperties": false, "properties": { "URLTarget": { @@ -212131,7 +221972,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.CustomColor": { + "AWS::QuickSight::Analysis.CustomColor": { "additionalProperties": false, "properties": { "Color": { @@ -212155,7 +221996,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.CustomContentConfiguration": { + "AWS::QuickSight::Analysis.CustomContentConfiguration": { "additionalProperties": false, "properties": { "ContentType": { @@ -212172,23 +222013,28 @@ "markdownDescription": "The sizing options for the size of the custom content visual. This structure is required when the `ContentType` of the visual is `'IMAGE'` .", "title": "ImageScaling", "type": "string" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" } }, "type": "object" }, - "AWS::QuickSight::Template.CustomContentVisual": { + "AWS::QuickSight::Analysis.CustomContentVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.CustomContentConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomContentConfiguration", "markdownDescription": "The configuration of a `CustomContentVisual` .", "title": "ChartConfiguration" }, @@ -212198,15 +222044,20 @@ "type": "string" }, "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", @@ -212219,7 +222070,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.CustomFilterConfiguration": { + "AWS::QuickSight::Analysis.CustomFilterConfiguration": { "additionalProperties": false, "properties": { "CategoryValue": { @@ -212254,7 +222105,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.CustomFilterListConfiguration": { + "AWS::QuickSight::Analysis.CustomFilterListConfiguration": { "additionalProperties": false, "properties": { "CategoryValues": { @@ -212287,7 +222138,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.CustomNarrativeOptions": { + "AWS::QuickSight::Analysis.CustomNarrativeOptions": { "additionalProperties": false, "properties": { "Narrative": { @@ -212301,7 +222152,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.CustomParameterValues": { + "AWS::QuickSight::Analysis.CustomParameterValues": { "additionalProperties": false, "properties": { "DateTimeValues": { @@ -212339,11 +222190,11 @@ }, "type": "object" }, - "AWS::QuickSight::Template.CustomValuesConfiguration": { + "AWS::QuickSight::Analysis.CustomValuesConfiguration": { "additionalProperties": false, "properties": { "CustomValues": { - "$ref": "#/definitions/AWS::QuickSight::Template.CustomParameterValues", + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomParameterValues", "markdownDescription": "", "title": "CustomValues" }, @@ -212358,7 +222209,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.DataBarsOptions": { + "AWS::QuickSight::Analysis.DataBarsOptions": { "additionalProperties": false, "properties": { "FieldId": { @@ -212382,7 +222233,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.DataColor": { + "AWS::QuickSight::Analysis.DataColor": { "additionalProperties": false, "properties": { "Color": { @@ -212398,7 +222249,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.DataFieldSeriesItem": { + "AWS::QuickSight::Analysis.DataFieldSeriesItem": { "additionalProperties": false, "properties": { "AxisBinding": { @@ -212417,7 +222268,7 @@ "type": "string" }, "Settings": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineChartSeriesSettings", + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartSeriesSettings", "markdownDescription": "The options that determine the presentation of line series associated to the field.", "title": "Settings" } @@ -212428,7 +222279,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.DataLabelOptions": { + "AWS::QuickSight::Analysis.DataLabelOptions": { "additionalProperties": false, "properties": { "CategoryLabelVisibility": { @@ -212438,7 +222289,7 @@ }, "DataLabelTypes": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelType" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelType" }, "markdownDescription": "The option that determines the data label type.", "title": "DataLabelTypes", @@ -212455,7 +222306,7 @@ "type": "string" }, "LabelFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", "markdownDescription": "Determines the font configuration of the data labels.", "title": "LabelFontConfiguration" }, @@ -212487,38 +222338,38 @@ }, "type": "object" }, - "AWS::QuickSight::Template.DataLabelType": { + "AWS::QuickSight::Analysis.DataLabelType": { "additionalProperties": false, "properties": { "DataPathLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataPathLabelType", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathLabelType", "markdownDescription": "The option that specifies individual data values for labels.", "title": "DataPathLabelType" }, "FieldLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldLabelType", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldLabelType", "markdownDescription": "Determines the label configuration for the entire field.", "title": "FieldLabelType" }, "MaximumLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Template.MaximumLabelType", + "$ref": "#/definitions/AWS::QuickSight::Analysis.MaximumLabelType", "markdownDescription": "Determines the label configuration for the maximum value in a visual.", "title": "MaximumLabelType" }, "MinimumLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Template.MinimumLabelType", + "$ref": "#/definitions/AWS::QuickSight::Analysis.MinimumLabelType", "markdownDescription": "Determines the label configuration for the minimum value in a visual.", "title": "MinimumLabelType" }, "RangeEndsLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Template.RangeEndsLabelType", + "$ref": "#/definitions/AWS::QuickSight::Analysis.RangeEndsLabelType", "markdownDescription": "Determines the label configuration for range end value in a visual.", "title": "RangeEndsLabelType" } }, "type": "object" }, - "AWS::QuickSight::Template.DataPathColor": { + "AWS::QuickSight::Analysis.DataPathColor": { "additionalProperties": false, "properties": { "Color": { @@ -212527,7 +222378,7 @@ "type": "string" }, "Element": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataPathValue", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathValue", "markdownDescription": "The element that the color needs to be applied to.", "title": "Element" }, @@ -212543,7 +222394,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.DataPathLabelType": { + "AWS::QuickSight::Analysis.DataPathLabelType": { "additionalProperties": false, "properties": { "FieldId": { @@ -212564,7 +222415,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.DataPathSort": { + "AWS::QuickSight::Analysis.DataPathSort": { "additionalProperties": false, "properties": { "Direction": { @@ -212574,7 +222425,7 @@ }, "SortPaths": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataPathValue" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathValue" }, "markdownDescription": "The list of data paths that need to be sorted.", "title": "SortPaths", @@ -212587,7 +222438,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.DataPathType": { + "AWS::QuickSight::Analysis.DataPathType": { "additionalProperties": false, "properties": { "PivotTableDataPathType": { @@ -212598,11 +222449,11 @@ }, "type": "object" }, - "AWS::QuickSight::Template.DataPathValue": { + "AWS::QuickSight::Analysis.DataPathValue": { "additionalProperties": false, "properties": { "DataPathType": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataPathType", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathType", "markdownDescription": "The type configuration of the field.", "title": "DataPathType" }, @@ -212619,31 +222470,27 @@ }, "type": "object" }, - "AWS::QuickSight::Template.DataSetConfiguration": { + "AWS::QuickSight::Analysis.DataSetIdentifierDeclaration": { "additionalProperties": false, "properties": { - "ColumnGroupSchemaList": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnGroupSchema" - }, - "markdownDescription": "A structure containing the list of column group schemas.", - "title": "ColumnGroupSchemaList", - "type": "array" - }, - "DataSetSchema": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataSetSchema", - "markdownDescription": "Dataset schema.", - "title": "DataSetSchema" + "DataSetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the data set.", + "title": "DataSetArn", + "type": "string" }, - "Placeholder": { - "markdownDescription": "Placeholder.", - "title": "Placeholder", + "Identifier": { + "markdownDescription": "The identifier of the data set, typically the data set's name.", + "title": "Identifier", "type": "string" } }, + "required": [ + "DataSetArn", + "Identifier" + ], "type": "object" }, - "AWS::QuickSight::Template.DataSetReference": { + "AWS::QuickSight::Analysis.DataSetReference": { "additionalProperties": false, "properties": { "DataSetArn": { @@ -212663,21 +222510,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.DataSetSchema": { - "additionalProperties": false, - "properties": { - "ColumnSchemaList": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnSchema" - }, - "markdownDescription": "A structure containing the list of column schemas.", - "title": "ColumnSchemaList", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.DateAxisOptions": { + "AWS::QuickSight::Analysis.DateAxisOptions": { "additionalProperties": false, "properties": { "MissingDateVisibility": { @@ -212688,11 +222521,11 @@ }, "type": "object" }, - "AWS::QuickSight::Template.DateDimensionField": { + "AWS::QuickSight::Analysis.DateDimensionField": { "additionalProperties": false, "properties": { "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The column that is used in the `DateDimensionField` .", "title": "Column" }, @@ -212707,7 +222540,7 @@ "type": "string" }, "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeFormatConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeFormatConfiguration", "markdownDescription": "The format configuration of the field.", "title": "FormatConfiguration" }, @@ -212723,7 +222556,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.DateMeasureField": { + "AWS::QuickSight::Analysis.DateMeasureField": { "additionalProperties": false, "properties": { "AggregationFunction": { @@ -212732,7 +222565,7 @@ "type": "string" }, "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The column that is used in the `DateMeasureField` .", "title": "Column" }, @@ -212742,7 +222575,7 @@ "type": "string" }, "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeFormatConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeFormatConfiguration", "markdownDescription": "The format configuration of the field.", "title": "FormatConfiguration" } @@ -212753,16 +222586,16 @@ ], "type": "object" }, - "AWS::QuickSight::Template.DateTimeDefaultValues": { + "AWS::QuickSight::Analysis.DateTimeDefaultValues": { "additionalProperties": false, "properties": { "DynamicValue": { - "$ref": "#/definitions/AWS::QuickSight::Template.DynamicDefaultValue", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DynamicDefaultValue", "markdownDescription": "The dynamic value of the `DataTimeDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", "title": "DynamicValue" }, "RollingDate": { - "$ref": "#/definitions/AWS::QuickSight::Template.RollingDateConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.RollingDateConfiguration", "markdownDescription": "The rolling date of the `DataTimeDefaultValues` . The date is determined from the dataset based on input expression.", "title": "RollingDate" }, @@ -212777,7 +222610,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.DateTimeFormatConfiguration": { + "AWS::QuickSight::Analysis.DateTimeFormatConfiguration": { "additionalProperties": false, "properties": { "DateTimeFormat": { @@ -212786,24 +222619,24 @@ "type": "string" }, "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NullValueFormatConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.NullValueFormatConfiguration", "markdownDescription": "The options that determine the null value format configuration.", "title": "NullValueFormatConfiguration" }, "NumericFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericFormatConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericFormatConfiguration", "markdownDescription": "The formatting configuration for numeric `DateTime` fields.", "title": "NumericFormatConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Template.DateTimeHierarchy": { + "AWS::QuickSight::Analysis.DateTimeHierarchy": { "additionalProperties": false, "properties": { "DrillDownFilters": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DrillDownFilter" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DrillDownFilter" }, "markdownDescription": "The option that determines the drill down filters for the `DateTime` hierarchy.", "title": "DrillDownFilters", @@ -212820,17 +222653,40 @@ ], "type": "object" }, - "AWS::QuickSight::Template.DateTimeParameterDeclaration": { + "AWS::QuickSight::Analysis.DateTimeParameter": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "A display name for the date-time parameter.", + "title": "Name", + "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The values for the date-time parameter.", + "title": "Values", + "type": "array" + } + }, + "required": [ + "Name", + "Values" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.DateTimeParameterDeclaration": { "additionalProperties": false, "properties": { "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeDefaultValues", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeDefaultValues", "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", "title": "DefaultValues" }, "MappedDataSetParameters": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MappedDataSetParameter" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MappedDataSetParameter" }, "markdownDescription": "", "title": "MappedDataSetParameters", @@ -212847,7 +222703,7 @@ "type": "string" }, "ValueWhenUnset": { - "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeValueWhenUnsetConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeValueWhenUnsetConfiguration", "markdownDescription": "The configuration that defines the default value of a `DateTime` parameter when a value has not been set.", "title": "ValueWhenUnset" } @@ -212857,28 +222713,38 @@ ], "type": "object" }, - "AWS::QuickSight::Template.DateTimePickerControlDisplayOptions": { + "AWS::QuickSight::Analysis.DateTimePickerControlDisplayOptions": { "additionalProperties": false, "properties": { + "DateIconVisibility": { + "markdownDescription": "The date icon visibility of the `DateTimePickerControlDisplayOptions` .", + "title": "DateIconVisibility", + "type": "string" + }, "DateTimeFormat": { "markdownDescription": "Customize how dates are formatted in controls.", "title": "DateTimeFormat", "type": "string" }, + "HelperTextVisibility": { + "markdownDescription": "The helper text visibility of the `DateTimePickerControlDisplayOptions` .", + "title": "HelperTextVisibility", + "type": "string" + }, "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", "markdownDescription": "The configuration of info icon label options.", "title": "InfoIconLabelOptions" }, "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", "markdownDescription": "The options to configure the title visibility, name, and font size.", "title": "TitleOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.DateTimeValueWhenUnsetConfiguration": { + "AWS::QuickSight::Analysis.DateTimeValueWhenUnsetConfiguration": { "additionalProperties": false, "properties": { "CustomValue": { @@ -212894,11 +222760,11 @@ }, "type": "object" }, - "AWS::QuickSight::Template.DecimalDefaultValues": { + "AWS::QuickSight::Analysis.DecimalDefaultValues": { "additionalProperties": false, "properties": { "DynamicValue": { - "$ref": "#/definitions/AWS::QuickSight::Template.DynamicDefaultValue", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DynamicDefaultValue", "markdownDescription": "The dynamic value of the `DecimalDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", "title": "DynamicValue" }, @@ -212913,17 +222779,40 @@ }, "type": "object" }, - "AWS::QuickSight::Template.DecimalParameterDeclaration": { + "AWS::QuickSight::Analysis.DecimalParameter": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "A display name for the decimal parameter.", + "title": "Name", + "type": "string" + }, + "Values": { + "items": { + "type": "number" + }, + "markdownDescription": "The values for the decimal parameter.", + "title": "Values", + "type": "array" + } + }, + "required": [ + "Name", + "Values" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.DecimalParameterDeclaration": { "additionalProperties": false, "properties": { "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::Template.DecimalDefaultValues", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalDefaultValues", "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", "title": "DefaultValues" }, "MappedDataSetParameters": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MappedDataSetParameter" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MappedDataSetParameter" }, "markdownDescription": "", "title": "MappedDataSetParameters", @@ -212940,7 +222829,7 @@ "type": "string" }, "ValueWhenUnset": { - "$ref": "#/definitions/AWS::QuickSight::Template.DecimalValueWhenUnsetConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalValueWhenUnsetConfiguration", "markdownDescription": "The configuration that defines the default value of a `Decimal` parameter when a value has not been set.", "title": "ValueWhenUnset" } @@ -212951,7 +222840,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.DecimalPlacesConfiguration": { + "AWS::QuickSight::Analysis.DecimalPlacesConfiguration": { "additionalProperties": false, "properties": { "DecimalPlaces": { @@ -212965,7 +222854,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.DecimalValueWhenUnsetConfiguration": { + "AWS::QuickSight::Analysis.DecimalValueWhenUnsetConfiguration": { "additionalProperties": false, "properties": { "CustomValue": { @@ -212981,11 +222870,16 @@ }, "type": "object" }, - "AWS::QuickSight::Template.DefaultDateTimePickerControlOptions": { + "AWS::QuickSight::Analysis.DefaultDateTimePickerControlOptions": { "additionalProperties": false, "properties": { + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `DateTimePickerControl` .", + "title": "CommitMode", + "type": "string" + }, "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DateTimePickerControlDisplayOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimePickerControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, @@ -212997,11 +222891,11 @@ }, "type": "object" }, - "AWS::QuickSight::Template.DefaultFilterControlConfiguration": { + "AWS::QuickSight::Analysis.DefaultFilterControlConfiguration": { "additionalProperties": false, "properties": { "ControlOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlOptions", "markdownDescription": "The control option for the `DefaultFilterControlConfiguration` .", "title": "ControlOptions" }, @@ -213017,57 +222911,62 @@ ], "type": "object" }, - "AWS::QuickSight::Template.DefaultFilterControlOptions": { + "AWS::QuickSight::Analysis.DefaultFilterControlOptions": { "additionalProperties": false, "properties": { "DefaultDateTimePickerOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultDateTimePickerControlOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultDateTimePickerControlOptions", "markdownDescription": "The default options that correspond to the filter control type of a `DateTimePicker` .", "title": "DefaultDateTimePickerOptions" }, "DefaultDropdownOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterDropDownControlOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterDropDownControlOptions", "markdownDescription": "The default options that correspond to the `Dropdown` filter control type.", "title": "DefaultDropdownOptions" }, "DefaultListOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterListControlOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterListControlOptions", "markdownDescription": "The default options that correspond to the `List` filter control type.", "title": "DefaultListOptions" }, "DefaultRelativeDateTimeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultRelativeDateTimeControlOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultRelativeDateTimeControlOptions", "markdownDescription": "The default options that correspond to the `RelativeDateTime` filter control type.", "title": "DefaultRelativeDateTimeOptions" }, "DefaultSliderOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultSliderControlOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultSliderControlOptions", "markdownDescription": "The default options that correspond to the `Slider` filter control type.", "title": "DefaultSliderOptions" }, "DefaultTextAreaOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultTextAreaControlOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultTextAreaControlOptions", "markdownDescription": "The default options that correspond to the `TextArea` filter control type.", "title": "DefaultTextAreaOptions" }, "DefaultTextFieldOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultTextFieldControlOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultTextFieldControlOptions", "markdownDescription": "The default options that correspond to the `TextField` filter control type.", "title": "DefaultTextFieldOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.DefaultFilterDropDownControlOptions": { + "AWS::QuickSight::Analysis.DefaultFilterDropDownControlOptions": { "additionalProperties": false, "properties": { + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `FilterDropDownControl` .", + "title": "CommitMode", + "type": "string" + }, "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DropDownControlDisplayOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DropDownControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterSelectableValues", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterSelectableValues", "markdownDescription": "A list of selectable values that are used in a control.", "title": "SelectableValues" }, @@ -213079,16 +222978,16 @@ }, "type": "object" }, - "AWS::QuickSight::Template.DefaultFilterListControlOptions": { + "AWS::QuickSight::Analysis.DefaultFilterListControlOptions": { "additionalProperties": false, "properties": { "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ListControlDisplayOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ListControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterSelectableValues", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterSelectableValues", "markdownDescription": "A list of selectable values that are used in a control.", "title": "SelectableValues" }, @@ -213100,11 +222999,11 @@ }, "type": "object" }, - "AWS::QuickSight::Template.DefaultFreeFormLayoutConfiguration": { + "AWS::QuickSight::Analysis.DefaultFreeFormLayoutConfiguration": { "additionalProperties": false, "properties": { "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutCanvasSizeOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutCanvasSizeOptions", "markdownDescription": "Determines the screen canvas size options for a free-form layout.", "title": "CanvasSizeOptions" } @@ -213114,11 +223013,11 @@ ], "type": "object" }, - "AWS::QuickSight::Template.DefaultGridLayoutConfiguration": { + "AWS::QuickSight::Analysis.DefaultGridLayoutConfiguration": { "additionalProperties": false, "properties": { "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.GridLayoutCanvasSizeOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.GridLayoutCanvasSizeOptions", "markdownDescription": "Determines the screen canvas size options for a grid layout.", "title": "CanvasSizeOptions" } @@ -213128,32 +223027,32 @@ ], "type": "object" }, - "AWS::QuickSight::Template.DefaultInteractiveLayoutConfiguration": { + "AWS::QuickSight::Analysis.DefaultInteractiveLayoutConfiguration": { "additionalProperties": false, "properties": { "FreeForm": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFreeFormLayoutConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFreeFormLayoutConfiguration", "markdownDescription": "The options that determine the default settings of a free-form layout configuration.", "title": "FreeForm" }, "Grid": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultGridLayoutConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultGridLayoutConfiguration", "markdownDescription": "The options that determine the default settings for a grid layout configuration.", "title": "Grid" } }, "type": "object" }, - "AWS::QuickSight::Template.DefaultNewSheetConfiguration": { + "AWS::QuickSight::Analysis.DefaultNewSheetConfiguration": { "additionalProperties": false, "properties": { "InteractiveLayoutConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultInteractiveLayoutConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultInteractiveLayoutConfiguration", "markdownDescription": "The options that determine the default settings for interactive layout configuration.", "title": "InteractiveLayoutConfiguration" }, "PaginatedLayoutConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultPaginatedLayoutConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultPaginatedLayoutConfiguration", "markdownDescription": "The options that determine the default settings for a paginated layout configuration.", "title": "PaginatedLayoutConfiguration" }, @@ -213165,33 +223064,38 @@ }, "type": "object" }, - "AWS::QuickSight::Template.DefaultPaginatedLayoutConfiguration": { + "AWS::QuickSight::Analysis.DefaultPaginatedLayoutConfiguration": { "additionalProperties": false, "properties": { "SectionBased": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultSectionBasedLayoutConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultSectionBasedLayoutConfiguration", "markdownDescription": "The options that determine the default settings for a section-based layout configuration.", "title": "SectionBased" } }, "type": "object" }, - "AWS::QuickSight::Template.DefaultRelativeDateTimeControlOptions": { + "AWS::QuickSight::Analysis.DefaultRelativeDateTimeControlOptions": { "additionalProperties": false, "properties": { + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `RelativeDateTimeControl` .", + "title": "CommitMode", + "type": "string" + }, "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.RelativeDateTimeControlDisplayOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.RelativeDateTimeControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.DefaultSectionBasedLayoutConfiguration": { + "AWS::QuickSight::Analysis.DefaultSectionBasedLayoutConfiguration": { "additionalProperties": false, "properties": { "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SectionBasedLayoutCanvasSizeOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionBasedLayoutCanvasSizeOptions", "markdownDescription": "Determines the screen canvas size options for a section-based layout.", "title": "CanvasSizeOptions" } @@ -213201,11 +223105,11 @@ ], "type": "object" }, - "AWS::QuickSight::Template.DefaultSliderControlOptions": { + "AWS::QuickSight::Analysis.DefaultSliderControlOptions": { "additionalProperties": false, "properties": { "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SliderControlDisplayOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.SliderControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, @@ -213237,7 +223141,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.DefaultTextAreaControlOptions": { + "AWS::QuickSight::Analysis.DefaultTextAreaControlOptions": { "additionalProperties": false, "properties": { "Delimiter": { @@ -213246,29 +223150,29 @@ "type": "string" }, "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TextAreaControlDisplayOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TextAreaControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.DefaultTextFieldControlOptions": { + "AWS::QuickSight::Analysis.DefaultTextFieldControlOptions": { "additionalProperties": false, "properties": { "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TextFieldControlDisplayOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TextFieldControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.DestinationParameterValueConfiguration": { + "AWS::QuickSight::Analysis.DestinationParameterValueConfiguration": { "additionalProperties": false, "properties": { "CustomValuesConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.CustomValuesConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomValuesConfiguration", "markdownDescription": "The configuration of custom values for destination parameter in `DestinationParameterValueConfiguration` .", "title": "CustomValuesConfiguration" }, @@ -213278,7 +223182,7 @@ "type": "string" }, "SourceColumn": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "A column of a data set.", "title": "SourceColumn" }, @@ -213295,28 +223199,28 @@ }, "type": "object" }, - "AWS::QuickSight::Template.DimensionField": { + "AWS::QuickSight::Analysis.DimensionField": { "additionalProperties": false, "properties": { "CategoricalDimensionField": { - "$ref": "#/definitions/AWS::QuickSight::Template.CategoricalDimensionField", + "$ref": "#/definitions/AWS::QuickSight::Analysis.CategoricalDimensionField", "markdownDescription": "The dimension type field with categorical type columns.", "title": "CategoricalDimensionField" }, "DateDimensionField": { - "$ref": "#/definitions/AWS::QuickSight::Template.DateDimensionField", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateDimensionField", "markdownDescription": "The dimension type field with date type columns.", "title": "DateDimensionField" }, "NumericalDimensionField": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericalDimensionField", + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericalDimensionField", "markdownDescription": "The dimension type field with numerical type columns.", "title": "NumericalDimensionField" } }, "type": "object" }, - "AWS::QuickSight::Template.DonutCenterOptions": { + "AWS::QuickSight::Analysis.DonutCenterOptions": { "additionalProperties": false, "properties": { "LabelVisibility": { @@ -213327,79 +223231,79 @@ }, "type": "object" }, - "AWS::QuickSight::Template.DonutOptions": { + "AWS::QuickSight::Analysis.DonutOptions": { "additionalProperties": false, "properties": { "ArcOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ArcOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ArcOptions", "markdownDescription": "The option for define the arc of the chart shape. Valid values are as follows:\n\n- `WHOLE` - A pie chart\n- `SMALL` - A small-sized donut chart\n- `MEDIUM` - A medium-sized donut chart\n- `LARGE` - A large-sized donut chart", "title": "ArcOptions" }, "DonutCenterOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DonutCenterOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DonutCenterOptions", "markdownDescription": "The label options of the label that is displayed in the center of a donut chart. This option isn't available for pie charts.", "title": "DonutCenterOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.DrillDownFilter": { + "AWS::QuickSight::Analysis.DrillDownFilter": { "additionalProperties": false, "properties": { "CategoryFilter": { - "$ref": "#/definitions/AWS::QuickSight::Template.CategoryDrillDownFilter", + "$ref": "#/definitions/AWS::QuickSight::Analysis.CategoryDrillDownFilter", "markdownDescription": "The category type drill down filter. This filter is used for string type columns.", "title": "CategoryFilter" }, "NumericEqualityFilter": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericEqualityDrillDownFilter", + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericEqualityDrillDownFilter", "markdownDescription": "The numeric equality type drill down filter. This filter is used for number type columns.", "title": "NumericEqualityFilter" }, "TimeRangeFilter": { - "$ref": "#/definitions/AWS::QuickSight::Template.TimeRangeDrillDownFilter", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TimeRangeDrillDownFilter", "markdownDescription": "The time range drill down filter. This filter is used for date time columns.", "title": "TimeRangeFilter" } }, "type": "object" }, - "AWS::QuickSight::Template.DropDownControlDisplayOptions": { + "AWS::QuickSight::Analysis.DropDownControlDisplayOptions": { "additionalProperties": false, "properties": { "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", "markdownDescription": "The configuration of info icon label options.", "title": "InfoIconLabelOptions" }, "SelectAllOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ListControlSelectAllOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ListControlSelectAllOptions", "markdownDescription": "The configuration of the `Select all` options in a dropdown control.", "title": "SelectAllOptions" }, "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", "markdownDescription": "The options to configure the title visibility, name, and font size.", "title": "TitleOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.DynamicDefaultValue": { + "AWS::QuickSight::Analysis.DynamicDefaultValue": { "additionalProperties": false, "properties": { "DefaultValueColumn": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The column that contains the default value of each user or group.", "title": "DefaultValueColumn" }, "GroupNameColumn": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The column that contains the group name.", "title": "GroupNameColumn" }, "UserNameColumn": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The column that contains the username.", "title": "UserNameColumn" } @@ -213409,12 +223313,12 @@ ], "type": "object" }, - "AWS::QuickSight::Template.EmptyVisual": { + "AWS::QuickSight::Analysis.EmptyVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", @@ -213437,7 +223341,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.Entity": { + "AWS::QuickSight::Analysis.Entity": { "additionalProperties": false, "properties": { "Path": { @@ -213448,7 +223352,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.ExcludePeriodConfiguration": { + "AWS::QuickSight::Analysis.ExcludePeriodConfiguration": { "additionalProperties": false, "properties": { "Amount": { @@ -213473,12 +223377,12 @@ ], "type": "object" }, - "AWS::QuickSight::Template.ExplicitHierarchy": { + "AWS::QuickSight::Analysis.ExplicitHierarchy": { "additionalProperties": false, "properties": { "Columns": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier" }, "markdownDescription": "The list of columns that define the explicit hierarchy.", "title": "Columns", @@ -213486,7 +223390,7 @@ }, "DrillDownFilters": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DrillDownFilter" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DrillDownFilter" }, "markdownDescription": "The option that determines the drill down filters for the explicit hierarchy.", "title": "DrillDownFilters", @@ -213504,7 +223408,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.FieldBasedTooltip": { + "AWS::QuickSight::Analysis.FieldBasedTooltip": { "additionalProperties": false, "properties": { "AggregationVisibility": { @@ -213514,7 +223418,7 @@ }, "TooltipFields": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.TooltipItem" + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipItem" }, "markdownDescription": "The fields configuration in the tooltip.", "title": "TooltipFields", @@ -213528,7 +223432,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.FieldLabelType": { + "AWS::QuickSight::Analysis.FieldLabelType": { "additionalProperties": false, "properties": { "FieldId": { @@ -213544,7 +223448,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.FieldSeriesItem": { + "AWS::QuickSight::Analysis.FieldSeriesItem": { "additionalProperties": false, "properties": { "AxisBinding": { @@ -213558,7 +223462,7 @@ "type": "string" }, "Settings": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineChartSeriesSettings", + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartSeriesSettings", "markdownDescription": "The options that determine the presentation of line series associated to the field.", "title": "Settings" } @@ -213569,7 +223473,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.FieldSort": { + "AWS::QuickSight::Analysis.FieldSort": { "additionalProperties": false, "properties": { "Direction": { @@ -213589,23 +223493,23 @@ ], "type": "object" }, - "AWS::QuickSight::Template.FieldSortOptions": { + "AWS::QuickSight::Analysis.FieldSortOptions": { "additionalProperties": false, "properties": { "ColumnSort": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnSort", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnSort", "markdownDescription": "The sort configuration for a column that is not used in a field well.", "title": "ColumnSort" }, "FieldSort": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSort", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSort", "markdownDescription": "The sort configuration for a field in a field well.", "title": "FieldSort" } }, "type": "object" }, - "AWS::QuickSight::Template.FieldTooltipItem": { + "AWS::QuickSight::Analysis.FieldTooltipItem": { "additionalProperties": false, "properties": { "FieldId": { @@ -213618,6 +223522,11 @@ "title": "Label", "type": "string" }, + "TooltipTarget": { + "markdownDescription": "Determines the target of the field tooltip item in a combo chart visual.", + "title": "TooltipTarget", + "type": "string" + }, "Visibility": { "markdownDescription": "The visibility of the tooltip item.", "title": "Visibility", @@ -213629,12 +223538,12 @@ ], "type": "object" }, - "AWS::QuickSight::Template.FilledMapAggregatedFieldWells": { + "AWS::QuickSight::Analysis.FilledMapAggregatedFieldWells": { "additionalProperties": false, "properties": { "Geospatial": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The aggregated location field well of the filled map. Values are grouped by location fields.", "title": "Geospatial", @@ -213642,7 +223551,7 @@ }, "Values": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, "markdownDescription": "The aggregated color field well of a filled map. Values are aggregated based on location fields.", "title": "Values", @@ -213651,12 +223560,12 @@ }, "type": "object" }, - "AWS::QuickSight::Template.FilledMapConditionalFormatting": { + "AWS::QuickSight::Analysis.FilledMapConditionalFormatting": { "additionalProperties": false, "properties": { "ConditionalFormattingOptions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapConditionalFormattingOption" + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapConditionalFormattingOption" }, "markdownDescription": "Conditional formatting options of a `FilledMapVisual` .", "title": "ConditionalFormattingOptions", @@ -213668,11 +223577,11 @@ ], "type": "object" }, - "AWS::QuickSight::Template.FilledMapConditionalFormattingOption": { + "AWS::QuickSight::Analysis.FilledMapConditionalFormattingOption": { "additionalProperties": false, "properties": { "Shape": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapShapeConditionalFormatting", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapShapeConditionalFormatting", "markdownDescription": "The conditional formatting that determines the shape of the filled map.", "title": "Shape" } @@ -213682,54 +223591,59 @@ ], "type": "object" }, - "AWS::QuickSight::Template.FilledMapConfiguration": { + "AWS::QuickSight::Analysis.FilledMapConfiguration": { "additionalProperties": false, "properties": { "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapFieldWells", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Legend" }, "MapStyleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialMapStyleOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapStyleOptions", "markdownDescription": "The map style options of the filled map visual.", "title": "MapStyleOptions" }, "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapSortConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapSortConfiguration", "markdownDescription": "The sort configuration of a `FilledMapVisual` .", "title": "SortConfiguration" }, "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", "markdownDescription": "The tooltip display setup of the visual.", "title": "Tooltip" }, "WindowOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialWindowOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialWindowOptions", "markdownDescription": "The window options of the filled map visual.", "title": "WindowOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.FilledMapFieldWells": { + "AWS::QuickSight::Analysis.FilledMapFieldWells": { "additionalProperties": false, "properties": { "FilledMapAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapAggregatedFieldWells", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapAggregatedFieldWells", "markdownDescription": "The aggregated field well of the filled map.", "title": "FilledMapAggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Template.FilledMapShapeConditionalFormatting": { + "AWS::QuickSight::Analysis.FilledMapShapeConditionalFormatting": { "additionalProperties": false, "properties": { "FieldId": { @@ -213738,7 +223652,7 @@ "type": "string" }, "Format": { - "$ref": "#/definitions/AWS::QuickSight::Template.ShapeConditionalFormat", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ShapeConditionalFormat", "markdownDescription": "The conditional formatting that determines the background color of a filled map's shape.", "title": "Format" } @@ -213748,12 +223662,12 @@ ], "type": "object" }, - "AWS::QuickSight::Template.FilledMapSortConfiguration": { + "AWS::QuickSight::Analysis.FilledMapSortConfiguration": { "additionalProperties": false, "properties": { "CategorySort": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, "markdownDescription": "The sort configuration of the location fields.", "title": "CategorySort", @@ -213762,45 +223676,50 @@ }, "type": "object" }, - "AWS::QuickSight::Template.FilledMapVisual": { + "AWS::QuickSight::Analysis.FilledMapVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapConditionalFormatting", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapConditionalFormatting", "markdownDescription": "The conditional formatting of a `FilledMapVisual` .", "title": "ConditionalFormatting" }, "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", "title": "VisualId", @@ -213812,98 +223731,103 @@ ], "type": "object" }, - "AWS::QuickSight::Template.Filter": { + "AWS::QuickSight::Analysis.Filter": { "additionalProperties": false, "properties": { "CategoryFilter": { - "$ref": "#/definitions/AWS::QuickSight::Template.CategoryFilter", + "$ref": "#/definitions/AWS::QuickSight::Analysis.CategoryFilter", "markdownDescription": "A `CategoryFilter` filters text values.\n\nFor more information, see [Adding text filters](https://docs.aws.amazon.com/quicksight/latest/user/add-a-text-filter-data-prep.html) in the *Amazon QuickSight User Guide* .", "title": "CategoryFilter" }, + "NestedFilter": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NestedFilter", + "markdownDescription": "A `NestedFilter` filters data with a subset of data that is defined by the nested inner filter.", + "title": "NestedFilter" + }, "NumericEqualityFilter": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericEqualityFilter", + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericEqualityFilter", "markdownDescription": "A `NumericEqualityFilter` filters numeric values that equal or do not equal a given numeric value.", "title": "NumericEqualityFilter" }, "NumericRangeFilter": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericRangeFilter", + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericRangeFilter", "markdownDescription": "A `NumericRangeFilter` filters numeric values that are either inside or outside a given numeric range.", "title": "NumericRangeFilter" }, "RelativeDatesFilter": { - "$ref": "#/definitions/AWS::QuickSight::Template.RelativeDatesFilter", + "$ref": "#/definitions/AWS::QuickSight::Analysis.RelativeDatesFilter", "markdownDescription": "A `RelativeDatesFilter` filters date values that are relative to a given date.", "title": "RelativeDatesFilter" }, "TimeEqualityFilter": { - "$ref": "#/definitions/AWS::QuickSight::Template.TimeEqualityFilter", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TimeEqualityFilter", "markdownDescription": "A `TimeEqualityFilter` filters date-time values that equal or do not equal a given date/time value.", "title": "TimeEqualityFilter" }, "TimeRangeFilter": { - "$ref": "#/definitions/AWS::QuickSight::Template.TimeRangeFilter", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TimeRangeFilter", "markdownDescription": "A `TimeRangeFilter` filters date-time values that are either inside or outside a given date/time range.", "title": "TimeRangeFilter" }, "TopBottomFilter": { - "$ref": "#/definitions/AWS::QuickSight::Template.TopBottomFilter", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TopBottomFilter", "markdownDescription": "A `TopBottomFilter` filters data to the top or bottom values for a given column.", "title": "TopBottomFilter" } }, "type": "object" }, - "AWS::QuickSight::Template.FilterControl": { + "AWS::QuickSight::Analysis.FilterControl": { "additionalProperties": false, "properties": { "CrossSheet": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterCrossSheetControl", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterCrossSheetControl", "markdownDescription": "A control from a filter that is scoped across more than one sheet. This represents your filter control on a sheet", "title": "CrossSheet" }, "DateTimePicker": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterDateTimePickerControl", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterDateTimePickerControl", "markdownDescription": "A control from a date filter that is used to specify date and time.", "title": "DateTimePicker" }, "Dropdown": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterDropDownControl", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterDropDownControl", "markdownDescription": "A control to display a dropdown list with buttons that are used to select a single value.", "title": "Dropdown" }, "List": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterListControl", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterListControl", "markdownDescription": "A control to display a list of buttons or boxes. This is used to select either a single value or multiple values.", "title": "List" }, "RelativeDateTime": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterRelativeDateTimeControl", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterRelativeDateTimeControl", "markdownDescription": "A control from a date filter that is used to specify the relative date.", "title": "RelativeDateTime" }, "Slider": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterSliderControl", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterSliderControl", "markdownDescription": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle.", "title": "Slider" }, "TextArea": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterTextAreaControl", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterTextAreaControl", "markdownDescription": "A control to display a text box that is used to enter multiple entries.", "title": "TextArea" }, "TextField": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterTextFieldControl", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterTextFieldControl", "markdownDescription": "A control to display a text box that is used to enter a single entry.", "title": "TextField" } }, "type": "object" }, - "AWS::QuickSight::Template.FilterCrossSheetControl": { + "AWS::QuickSight::Analysis.FilterCrossSheetControl": { "additionalProperties": false, "properties": { "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.CascadingControlConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.CascadingControlConfiguration", "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", "title": "CascadingControlConfiguration" }, @@ -213924,11 +223848,16 @@ ], "type": "object" }, - "AWS::QuickSight::Template.FilterDateTimePickerControl": { + "AWS::QuickSight::Analysis.FilterDateTimePickerControl": { "additionalProperties": false, "properties": { + "CommitMode": { + "markdownDescription": "The visibility configurationof the Apply button on a `DateTimePickerControl` .", + "title": "CommitMode", + "type": "string" + }, "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DateTimePickerControlDisplayOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimePickerControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, @@ -213960,16 +223889,21 @@ ], "type": "object" }, - "AWS::QuickSight::Template.FilterDropDownControl": { + "AWS::QuickSight::Analysis.FilterDropDownControl": { "additionalProperties": false, "properties": { "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.CascadingControlConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.CascadingControlConfiguration", "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", "title": "CascadingControlConfiguration" }, + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `FilterDropDownControl` .", + "title": "CommitMode", + "type": "string" + }, "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DropDownControlDisplayOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DropDownControlDisplayOptions", "markdownDescription": "The display options of the `FilterDropDownControl` .", "title": "DisplayOptions" }, @@ -213979,7 +223913,7 @@ "type": "string" }, "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterSelectableValues", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterSelectableValues", "markdownDescription": "A list of selectable values that are used in a control.", "title": "SelectableValues" }, @@ -214006,7 +223940,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.FilterGroup": { + "AWS::QuickSight::Analysis.FilterGroup": { "additionalProperties": false, "properties": { "CrossDataset": { @@ -214021,14 +223955,14 @@ }, "Filters": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.Filter" + "$ref": "#/definitions/AWS::QuickSight::Analysis.Filter" }, "markdownDescription": "The list of filters that are present in a `FilterGroup` .", "title": "Filters", "type": "array" }, "ScopeConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterScopeConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterScopeConfiguration", "markdownDescription": "The configuration that specifies what scope to apply to a `FilterGroup` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", "title": "ScopeConfiguration" }, @@ -214046,7 +223980,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.FilterListConfiguration": { + "AWS::QuickSight::Analysis.FilterListConfiguration": { "additionalProperties": false, "properties": { "CategoryValues": { @@ -214078,16 +224012,16 @@ ], "type": "object" }, - "AWS::QuickSight::Template.FilterListControl": { + "AWS::QuickSight::Analysis.FilterListControl": { "additionalProperties": false, "properties": { "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.CascadingControlConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.CascadingControlConfiguration", "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", "title": "CascadingControlConfiguration" }, "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ListControlDisplayOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ListControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, @@ -214097,7 +224031,7 @@ "type": "string" }, "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterSelectableValues", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterSelectableValues", "markdownDescription": "A list of selectable values that are used in a control.", "title": "SelectableValues" }, @@ -214124,12 +224058,12 @@ ], "type": "object" }, - "AWS::QuickSight::Template.FilterOperationSelectedFieldsConfiguration": { + "AWS::QuickSight::Analysis.FilterOperationSelectedFieldsConfiguration": { "additionalProperties": false, "properties": { "SelectedColumns": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier" }, "markdownDescription": "The selected columns of a dataset.", "title": "SelectedColumns", @@ -214151,22 +224085,27 @@ }, "type": "object" }, - "AWS::QuickSight::Template.FilterOperationTargetVisualsConfiguration": { + "AWS::QuickSight::Analysis.FilterOperationTargetVisualsConfiguration": { "additionalProperties": false, "properties": { "SameSheetTargetVisualConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.SameSheetTargetVisualConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.SameSheetTargetVisualConfiguration", "markdownDescription": "The configuration of the same-sheet target visuals that you want to be filtered.", "title": "SameSheetTargetVisualConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Template.FilterRelativeDateTimeControl": { + "AWS::QuickSight::Analysis.FilterRelativeDateTimeControl": { "additionalProperties": false, "properties": { + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `FilterRelativeDateTimeControl` .", + "title": "CommitMode", + "type": "string" + }, "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.RelativeDateTimeControlDisplayOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.RelativeDateTimeControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, @@ -214193,7 +224132,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.FilterScopeConfiguration": { + "AWS::QuickSight::Analysis.FilterScopeConfiguration": { "additionalProperties": false, "properties": { "AllSheets": { @@ -214202,14 +224141,14 @@ "type": "object" }, "SelectedSheets": { - "$ref": "#/definitions/AWS::QuickSight::Template.SelectedSheetsFilterScopeConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.SelectedSheetsFilterScopeConfiguration", "markdownDescription": "The configuration for applying a filter to specific sheets.", "title": "SelectedSheets" } }, "type": "object" }, - "AWS::QuickSight::Template.FilterSelectableValues": { + "AWS::QuickSight::Analysis.FilterSelectableValues": { "additionalProperties": false, "properties": { "Values": { @@ -214223,11 +224162,11 @@ }, "type": "object" }, - "AWS::QuickSight::Template.FilterSliderControl": { + "AWS::QuickSight::Analysis.FilterSliderControl": { "additionalProperties": false, "properties": { "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SliderControlDisplayOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.SliderControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, @@ -214277,7 +224216,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.FilterTextAreaControl": { + "AWS::QuickSight::Analysis.FilterTextAreaControl": { "additionalProperties": false, "properties": { "Delimiter": { @@ -214286,7 +224225,7 @@ "type": "string" }, "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TextAreaControlDisplayOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TextAreaControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, @@ -214313,11 +224252,11 @@ ], "type": "object" }, - "AWS::QuickSight::Template.FilterTextFieldControl": { + "AWS::QuickSight::Analysis.FilterTextFieldControl": { "additionalProperties": false, "properties": { "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TextFieldControlDisplayOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TextFieldControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, @@ -214344,7 +224283,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.FontConfiguration": { + "AWS::QuickSight::Analysis.FontConfiguration": { "additionalProperties": false, "properties": { "FontColor": { @@ -214357,8 +224296,13 @@ "title": "FontDecoration", "type": "string" }, + "FontFamily": { + "markdownDescription": "The font family that you want to use.", + "title": "FontFamily", + "type": "string" + }, "FontSize": { - "$ref": "#/definitions/AWS::QuickSight::Template.FontSize", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontSize", "markdownDescription": "The option that determines the text display size.", "title": "FontSize" }, @@ -214368,16 +224312,21 @@ "type": "string" }, "FontWeight": { - "$ref": "#/definitions/AWS::QuickSight::Template.FontWeight", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontWeight", "markdownDescription": "The option that determines the text display weight, or boldness.", "title": "FontWeight" } }, "type": "object" }, - "AWS::QuickSight::Template.FontSize": { + "AWS::QuickSight::Analysis.FontSize": { "additionalProperties": false, "properties": { + "Absolute": { + "markdownDescription": "The font size that you want to use in px.", + "title": "Absolute", + "type": "string" + }, "Relative": { "markdownDescription": "The lexical name for the text size, proportional to its surrounding context.", "title": "Relative", @@ -214386,7 +224335,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.FontWeight": { + "AWS::QuickSight::Analysis.FontWeight": { "additionalProperties": false, "properties": { "Name": { @@ -214397,7 +224346,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.ForecastComputation": { + "AWS::QuickSight::Analysis.ForecastComputation": { "additionalProperties": false, "properties": { "ComputationId": { @@ -214441,7 +224390,7 @@ "type": "string" }, "Time": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", "markdownDescription": "The time field that is used in a computation.", "title": "Time" }, @@ -214451,7 +224400,7 @@ "type": "number" }, "Value": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", "markdownDescription": "The value field that is used in a computation.", "title": "Value" } @@ -214461,81 +224410,81 @@ ], "type": "object" }, - "AWS::QuickSight::Template.ForecastConfiguration": { + "AWS::QuickSight::Analysis.ForecastConfiguration": { "additionalProperties": false, "properties": { "ForecastProperties": { - "$ref": "#/definitions/AWS::QuickSight::Template.TimeBasedForecastProperties", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TimeBasedForecastProperties", "markdownDescription": "The forecast properties setup of a forecast in the line chart.", "title": "ForecastProperties" }, "Scenario": { - "$ref": "#/definitions/AWS::QuickSight::Template.ForecastScenario", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ForecastScenario", "markdownDescription": "The forecast scenario of a forecast in the line chart.", "title": "Scenario" } }, "type": "object" }, - "AWS::QuickSight::Template.ForecastScenario": { + "AWS::QuickSight::Analysis.ForecastScenario": { "additionalProperties": false, "properties": { "WhatIfPointScenario": { - "$ref": "#/definitions/AWS::QuickSight::Template.WhatIfPointScenario", + "$ref": "#/definitions/AWS::QuickSight::Analysis.WhatIfPointScenario", "markdownDescription": "The what-if analysis forecast setup with the target date.", "title": "WhatIfPointScenario" }, "WhatIfRangeScenario": { - "$ref": "#/definitions/AWS::QuickSight::Template.WhatIfRangeScenario", + "$ref": "#/definitions/AWS::QuickSight::Analysis.WhatIfRangeScenario", "markdownDescription": "The what-if analysis forecast setup with the date range.", "title": "WhatIfRangeScenario" } }, "type": "object" }, - "AWS::QuickSight::Template.FormatConfiguration": { + "AWS::QuickSight::Analysis.FormatConfiguration": { "additionalProperties": false, "properties": { "DateTimeFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeFormatConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeFormatConfiguration", "markdownDescription": "Formatting configuration for `DateTime` fields.", "title": "DateTimeFormatConfiguration" }, "NumberFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumberFormatConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumberFormatConfiguration", "markdownDescription": "Formatting configuration for number fields.", "title": "NumberFormatConfiguration" }, "StringFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.StringFormatConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.StringFormatConfiguration", "markdownDescription": "Formatting configuration for string fields.", "title": "StringFormatConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Template.FreeFormLayoutCanvasSizeOptions": { + "AWS::QuickSight::Analysis.FreeFormLayoutCanvasSizeOptions": { "additionalProperties": false, "properties": { "ScreenCanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutScreenCanvasSizeOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutScreenCanvasSizeOptions", "markdownDescription": "The options that determine the sizing of the canvas used in a free-form layout.", "title": "ScreenCanvasSizeOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.FreeFormLayoutConfiguration": { + "AWS::QuickSight::Analysis.FreeFormLayoutConfiguration": { "additionalProperties": false, "properties": { "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutCanvasSizeOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutCanvasSizeOptions", "markdownDescription": "", "title": "CanvasSizeOptions" }, "Elements": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutElement" + "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutElement" }, "markdownDescription": "The elements that are included in a free-form layout.", "title": "Elements", @@ -214547,16 +224496,16 @@ ], "type": "object" }, - "AWS::QuickSight::Template.FreeFormLayoutElement": { + "AWS::QuickSight::Analysis.FreeFormLayoutElement": { "additionalProperties": false, "properties": { "BackgroundStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutElementBackgroundStyle", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutElementBackgroundStyle", "markdownDescription": "The background style configuration of a free-form layout element.", "title": "BackgroundStyle" }, "BorderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutElementBorderStyle", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutElementBorderStyle", "markdownDescription": "The border style configuration of a free-form layout element.", "title": "BorderStyle" }, @@ -214576,20 +224525,20 @@ "type": "string" }, "LoadingAnimation": { - "$ref": "#/definitions/AWS::QuickSight::Template.LoadingAnimation", + "$ref": "#/definitions/AWS::QuickSight::Analysis.LoadingAnimation", "markdownDescription": "The loading animation configuration of a free-form layout element.", "title": "LoadingAnimation" }, "RenderingRules": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetElementRenderingRule" + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetElementRenderingRule" }, "markdownDescription": "The rendering rules that determine when an element should be displayed within a free-form layout.", "title": "RenderingRules", "type": "array" }, "SelectedBorderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutElementBorderStyle", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutElementBorderStyle", "markdownDescription": "The border style configuration of a free-form layout element. This border style is used when the element is selected.", "title": "SelectedBorderStyle" }, @@ -214624,7 +224573,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.FreeFormLayoutElementBackgroundStyle": { + "AWS::QuickSight::Analysis.FreeFormLayoutElementBackgroundStyle": { "additionalProperties": false, "properties": { "Color": { @@ -214640,7 +224589,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.FreeFormLayoutElementBorderStyle": { + "AWS::QuickSight::Analysis.FreeFormLayoutElementBorderStyle": { "additionalProperties": false, "properties": { "Color": { @@ -214656,7 +224605,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.FreeFormLayoutScreenCanvasSizeOptions": { + "AWS::QuickSight::Analysis.FreeFormLayoutScreenCanvasSizeOptions": { "additionalProperties": false, "properties": { "OptimizedViewPortWidth": { @@ -214670,12 +224619,12 @@ ], "type": "object" }, - "AWS::QuickSight::Template.FreeFormSectionLayoutConfiguration": { + "AWS::QuickSight::Analysis.FreeFormSectionLayoutConfiguration": { "additionalProperties": false, "properties": { "Elements": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutElement" + "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutElement" }, "markdownDescription": "The elements that are included in the free-form layout.", "title": "Elements", @@ -214687,12 +224636,12 @@ ], "type": "object" }, - "AWS::QuickSight::Template.FunnelChartAggregatedFieldWells": { + "AWS::QuickSight::Analysis.FunnelChartAggregatedFieldWells": { "additionalProperties": false, "properties": { "Category": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The category field wells of a funnel chart. Values are grouped by category fields.", "title": "Category", @@ -214700,7 +224649,7 @@ }, "Values": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, "markdownDescription": "The value field wells of a funnel chart. Values are aggregated based on categories.", "title": "Values", @@ -214709,48 +224658,53 @@ }, "type": "object" }, - "AWS::QuickSight::Template.FunnelChartConfiguration": { + "AWS::QuickSight::Analysis.FunnelChartConfiguration": { "additionalProperties": false, "properties": { "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The label options of the categories that are displayed in a `FunnelChartVisual` .", "title": "CategoryLabelOptions" }, "DataLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.FunnelChartDataLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FunnelChartDataLabelOptions", "markdownDescription": "The options that determine the presentation of the data labels.", "title": "DataLabelOptions" }, "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.FunnelChartFieldWells", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FunnelChartFieldWells", "markdownDescription": "The field well configuration of a `FunnelChartVisual` .", "title": "FieldWells" }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FunnelChartSortConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FunnelChartSortConfiguration", "markdownDescription": "The sort configuration of a `FunnelChartVisual` .", "title": "SortConfiguration" }, "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", "markdownDescription": "The tooltip configuration of a `FunnelChartVisual` .", "title": "Tooltip" }, "ValueLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The label options for the values that are displayed in a `FunnelChartVisual` .", "title": "ValueLabelOptions" }, "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", "markdownDescription": "The visual palette configuration of a `FunnelChartVisual` .", "title": "VisualPalette" } }, "type": "object" }, - "AWS::QuickSight::Template.FunnelChartDataLabelOptions": { + "AWS::QuickSight::Analysis.FunnelChartDataLabelOptions": { "additionalProperties": false, "properties": { "CategoryLabelVisibility": { @@ -214764,7 +224718,7 @@ "type": "string" }, "LabelFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", "markdownDescription": "The font configuration for the data labels.\n\nOnly the `FontSize` attribute of the font configuration is used for data labels.", "title": "LabelFontConfiguration" }, @@ -214791,28 +224745,28 @@ }, "type": "object" }, - "AWS::QuickSight::Template.FunnelChartFieldWells": { + "AWS::QuickSight::Analysis.FunnelChartFieldWells": { "additionalProperties": false, "properties": { "FunnelChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.FunnelChartAggregatedFieldWells", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FunnelChartAggregatedFieldWells", "markdownDescription": "The field well configuration of a `FunnelChartVisual` .", "title": "FunnelChartAggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Template.FunnelChartSortConfiguration": { + "AWS::QuickSight::Analysis.FunnelChartSortConfiguration": { "additionalProperties": false, "properties": { "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of categories displayed.", "title": "CategoryItemsLimit" }, "CategorySort": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, "markdownDescription": "The sort configuration of the category fields.", "title": "CategorySort", @@ -214821,40 +224775,45 @@ }, "type": "object" }, - "AWS::QuickSight::Template.FunnelChartVisual": { + "AWS::QuickSight::Analysis.FunnelChartVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FunnelChartConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FunnelChartConfiguration", "markdownDescription": "The configuration of a `FunnelChartVisual` .", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", "title": "VisualId", @@ -214866,23 +224825,39 @@ ], "type": "object" }, - "AWS::QuickSight::Template.GaugeChartArcConditionalFormatting": { + "AWS::QuickSight::Analysis.GaugeChartArcConditionalFormatting": { "additionalProperties": false, "properties": { "ForegroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", "markdownDescription": "The conditional formatting of the arc foreground color.", "title": "ForegroundColor" } }, "type": "object" }, - "AWS::QuickSight::Template.GaugeChartConditionalFormatting": { + "AWS::QuickSight::Analysis.GaugeChartColorConfiguration": { + "additionalProperties": false, + "properties": { + "BackgroundColor": { + "markdownDescription": "The background color configuration of a `GaugeChartVisual` .", + "title": "BackgroundColor", + "type": "string" + }, + "ForegroundColor": { + "markdownDescription": "The foreground color configuration of a `GaugeChartVisual` .", + "title": "ForegroundColor", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GaugeChartConditionalFormatting": { "additionalProperties": false, "properties": { "ConditionalFormattingOptions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartConditionalFormattingOption" + "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartConditionalFormattingOption" }, "markdownDescription": "Conditional formatting options of a `GaugeChartVisual` .", "title": "ConditionalFormattingOptions", @@ -214891,59 +224866,69 @@ }, "type": "object" }, - "AWS::QuickSight::Template.GaugeChartConditionalFormattingOption": { + "AWS::QuickSight::Analysis.GaugeChartConditionalFormattingOption": { "additionalProperties": false, "properties": { "Arc": { - "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartArcConditionalFormatting", + "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartArcConditionalFormatting", "markdownDescription": "The options that determine the presentation of the arc of a `GaugeChartVisual` .", "title": "Arc" }, "PrimaryValue": { - "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartPrimaryValueConditionalFormatting", + "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartPrimaryValueConditionalFormatting", "markdownDescription": "The conditional formatting for the primary value of a `GaugeChartVisual` .", "title": "PrimaryValue" } }, "type": "object" }, - "AWS::QuickSight::Template.GaugeChartConfiguration": { + "AWS::QuickSight::Analysis.GaugeChartConfiguration": { "additionalProperties": false, "properties": { + "ColorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartColorConfiguration", + "markdownDescription": "The color configuration of a `GaugeChartVisual` .", + "title": "ColorConfiguration" + }, "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", "markdownDescription": "The data label configuration of a `GaugeChartVisual` .", "title": "DataLabels" }, "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartFieldWells", + "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartFieldWells", "markdownDescription": "The field well configuration of a `GaugeChartVisual` .", "title": "FieldWells" }, "GaugeChartOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartOptions", "markdownDescription": "The options that determine the presentation of the `GaugeChartVisual` .", "title": "GaugeChartOptions" }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, "TooltipOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", "markdownDescription": "The tooltip configuration of a `GaugeChartVisual` .", "title": "TooltipOptions" }, "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", "markdownDescription": "The visual palette configuration of a `GaugeChartVisual` .", "title": "VisualPalette" } }, "type": "object" }, - "AWS::QuickSight::Template.GaugeChartFieldWells": { + "AWS::QuickSight::Analysis.GaugeChartFieldWells": { "additionalProperties": false, "properties": { "TargetValues": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, "markdownDescription": "The target value field wells of a `GaugeChartVisual` .", "title": "TargetValues", @@ -214951,7 +224936,7 @@ }, "Values": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, "markdownDescription": "The value field wells of a `GaugeChartVisual` .", "title": "Values", @@ -214960,21 +224945,21 @@ }, "type": "object" }, - "AWS::QuickSight::Template.GaugeChartOptions": { + "AWS::QuickSight::Analysis.GaugeChartOptions": { "additionalProperties": false, "properties": { "Arc": { - "$ref": "#/definitions/AWS::QuickSight::Template.ArcConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ArcConfiguration", "markdownDescription": "The arc configuration of a `GaugeChartVisual` .", "title": "Arc" }, "ArcAxis": { - "$ref": "#/definitions/AWS::QuickSight::Template.ArcAxisConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ArcAxisConfiguration", "markdownDescription": "The arc axis configuration of a `GaugeChartVisual` .", "title": "ArcAxis" }, "Comparison": { - "$ref": "#/definitions/AWS::QuickSight::Template.ComparisonConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ComparisonConfiguration", "markdownDescription": "The comparison configuration of a `GaugeChartVisual` .", "title": "Comparison" }, @@ -214984,60 +224969,65 @@ "type": "string" }, "PrimaryValueFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", "markdownDescription": "The options that determine the primary value font configuration.", "title": "PrimaryValueFontConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Template.GaugeChartPrimaryValueConditionalFormatting": { + "AWS::QuickSight::Analysis.GaugeChartPrimaryValueConditionalFormatting": { "additionalProperties": false, "properties": { "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIcon", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIcon", "markdownDescription": "The conditional formatting of the primary value icon.", "title": "Icon" }, "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", "markdownDescription": "The conditional formatting of the primary value text color.", "title": "TextColor" } }, "type": "object" }, - "AWS::QuickSight::Template.GaugeChartVisual": { + "AWS::QuickSight::Analysis.GaugeChartVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartConfiguration", "markdownDescription": "The configuration of a `GaugeChartVisual` .", "title": "ChartConfiguration" }, "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartConditionalFormatting", + "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartConditionalFormatting", "markdownDescription": "The conditional formatting of a `GaugeChartVisual` .", "title": "ConditionalFormatting" }, "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", @@ -215049,7 +225039,117 @@ ], "type": "object" }, - "AWS::QuickSight::Template.GeospatialCoordinateBounds": { + "AWS::QuickSight::Analysis.GeospatialCategoricalColor": { + "additionalProperties": false, + "properties": { + "CategoryDataColors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialCategoricalDataColor" + }, + "markdownDescription": "A list of categorical data colors for each category.", + "title": "CategoryDataColors", + "type": "array" + }, + "DefaultOpacity": { + "markdownDescription": "The default opacity of a categorical color.", + "title": "DefaultOpacity", + "type": "number" + }, + "NullDataSettings": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialNullDataSettings", + "markdownDescription": "The null data visualization settings.", + "title": "NullDataSettings" + }, + "NullDataVisibility": { + "markdownDescription": "The state of visibility for null data.", + "title": "NullDataVisibility", + "type": "string" + } + }, + "required": [ + "CategoryDataColors" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialCategoricalDataColor": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The color and opacity values for the category data color.", + "title": "Color", + "type": "string" + }, + "DataValue": { + "markdownDescription": "The data value for the category data color.", + "title": "DataValue", + "type": "string" + } + }, + "required": [ + "Color", + "DataValue" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialCircleRadius": { + "additionalProperties": false, + "properties": { + "Radius": { + "markdownDescription": "The positive value for the radius of a circle.", + "title": "Radius", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialCircleSymbolStyle": { + "additionalProperties": false, + "properties": { + "CircleRadius": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialCircleRadius", + "markdownDescription": "The radius of the circle.", + "title": "CircleRadius" + }, + "FillColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialColor", + "markdownDescription": "The color and opacity values for the fill color.", + "title": "FillColor" + }, + "StrokeColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialColor", + "markdownDescription": "The color and opacity values for the stroke color.", + "title": "StrokeColor" + }, + "StrokeWidth": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialLineWidth", + "markdownDescription": "The width of the stroke (border).", + "title": "StrokeWidth" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialColor": { + "additionalProperties": false, + "properties": { + "Categorical": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialCategoricalColor", + "markdownDescription": "The visualization properties for the categorical color.", + "title": "Categorical" + }, + "Gradient": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialGradientColor", + "markdownDescription": "The visualization properties for the gradient color.", + "title": "Gradient" + }, + "Solid": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialSolidColor", + "markdownDescription": "The visualization properties for the solid color.", + "title": "Solid" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialCoordinateBounds": { "additionalProperties": false, "properties": { "East": { @@ -215081,12 +225181,75 @@ ], "type": "object" }, - "AWS::QuickSight::Template.GeospatialHeatmapColorScale": { + "AWS::QuickSight::Analysis.GeospatialDataSourceItem": { + "additionalProperties": false, + "properties": { + "StaticFileDataSource": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialStaticFileSource", + "markdownDescription": "The static file data source properties for the geospatial data.", + "title": "StaticFileDataSource" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialGradientColor": { + "additionalProperties": false, + "properties": { + "DefaultOpacity": { + "markdownDescription": "The default opacity for the gradient color.", + "title": "DefaultOpacity", + "type": "number" + }, + "NullDataSettings": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialNullDataSettings", + "markdownDescription": "The null data visualization settings.", + "title": "NullDataSettings" + }, + "NullDataVisibility": { + "markdownDescription": "The state of visibility for null data.", + "title": "NullDataVisibility", + "type": "string" + }, + "StepColors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialGradientStepColor" + }, + "markdownDescription": "A list of gradient step colors for the gradient.", + "title": "StepColors", + "type": "array" + } + }, + "required": [ + "StepColors" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialGradientStepColor": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The color and opacity values for the gradient step color.", + "title": "Color", + "type": "string" + }, + "DataValue": { + "markdownDescription": "The data value for the gradient step color.", + "title": "DataValue", + "type": "number" + } + }, + "required": [ + "Color", + "DataValue" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialHeatmapColorScale": { "additionalProperties": false, "properties": { "Colors": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialHeatmapDataColor" + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialHeatmapDataColor" }, "markdownDescription": "The list of colors to be used in heatmap point style.", "title": "Colors", @@ -215095,18 +225258,18 @@ }, "type": "object" }, - "AWS::QuickSight::Template.GeospatialHeatmapConfiguration": { + "AWS::QuickSight::Analysis.GeospatialHeatmapConfiguration": { "additionalProperties": false, "properties": { "HeatmapColor": { - "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialHeatmapColorScale", + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialHeatmapColorScale", "markdownDescription": "The color scale specification for the heatmap point style.", "title": "HeatmapColor" } }, "type": "object" }, - "AWS::QuickSight::Template.GeospatialHeatmapDataColor": { + "AWS::QuickSight::Analysis.GeospatialHeatmapDataColor": { "additionalProperties": false, "properties": { "Color": { @@ -215120,12 +225283,219 @@ ], "type": "object" }, - "AWS::QuickSight::Template.GeospatialMapAggregatedFieldWells": { + "AWS::QuickSight::Analysis.GeospatialLayerColorField": { + "additionalProperties": false, + "properties": { + "ColorDimensionsFields": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "A list of color dimension fields.", + "title": "ColorDimensionsFields", + "type": "array" + }, + "ColorValuesFields": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "A list of color measure fields.", + "title": "ColorValuesFields", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialLayerDefinition": { + "additionalProperties": false, + "properties": { + "LineLayer": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialLineLayer", + "markdownDescription": "The definition for a line layer.", + "title": "LineLayer" + }, + "PointLayer": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialPointLayer", + "markdownDescription": "The definition for a point layer.", + "title": "PointLayer" + }, + "PolygonLayer": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialPolygonLayer", + "markdownDescription": "The definition for a polygon layer.", + "title": "PolygonLayer" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialLayerItem": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LayerCustomAction" + }, + "markdownDescription": "A list of custom actions for a layer.", + "title": "Actions", + "type": "array" + }, + "DataSource": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialDataSourceItem", + "markdownDescription": "The data source for the layer.", + "title": "DataSource" + }, + "JoinDefinition": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialLayerJoinDefinition", + "markdownDescription": "The join definition properties for a layer.", + "title": "JoinDefinition" + }, + "Label": { + "markdownDescription": "The label that is displayed for the layer.", + "title": "Label", + "type": "string" + }, + "LayerDefinition": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialLayerDefinition", + "markdownDescription": "The definition properties for a layer.", + "title": "LayerDefinition" + }, + "LayerId": { + "markdownDescription": "The ID of the layer.", + "title": "LayerId", + "type": "string" + }, + "LayerType": { + "markdownDescription": "The layer type.", + "title": "LayerType", + "type": "string" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", + "markdownDescription": "", + "title": "Tooltip" + }, + "Visibility": { + "markdownDescription": "The state of visibility for the layer.", + "title": "Visibility", + "type": "string" + } + }, + "required": [ + "LayerId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialLayerJoinDefinition": { + "additionalProperties": false, + "properties": { + "ColorField": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialLayerColorField", + "markdownDescription": "The geospatial color field for the join definition.", + "title": "ColorField" + }, + "DatasetKeyField": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.UnaggregatedField", + "markdownDescription": "", + "title": "DatasetKeyField" + }, + "ShapeKeyField": { + "markdownDescription": "The name of the field or property in the geospatial data source.", + "title": "ShapeKeyField", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialLayerMapConfiguration": { + "additionalProperties": false, + "properties": { + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", + "markdownDescription": "", + "title": "Legend" + }, + "MapLayers": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialLayerItem" + }, + "markdownDescription": "The geospatial layers to visualize on the map.", + "title": "MapLayers", + "type": "array" + }, + "MapState": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapState", + "markdownDescription": "The map state properties for the map.", + "title": "MapState" + }, + "MapStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapStyle", + "markdownDescription": "The map style properties for the map.", + "title": "MapStyle" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialLineLayer": { + "additionalProperties": false, + "properties": { + "Style": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialLineStyle", + "markdownDescription": "The visualization style for a line layer.", + "title": "Style" + } + }, + "required": [ + "Style" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialLineStyle": { + "additionalProperties": false, + "properties": { + "LineSymbolStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialLineSymbolStyle", + "markdownDescription": "The symbol style for a line style.", + "title": "LineSymbolStyle" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialLineSymbolStyle": { + "additionalProperties": false, + "properties": { + "FillColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialColor", + "markdownDescription": "The color and opacity values for the fill color.", + "title": "FillColor" + }, + "LineWidth": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialLineWidth", + "markdownDescription": "The width value for a line.", + "title": "LineWidth" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialLineWidth": { + "additionalProperties": false, + "properties": { + "LineWidth": { + "markdownDescription": "The positive value for the width of a line.", + "title": "LineWidth", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialMapAggregatedFieldWells": { "additionalProperties": false, "properties": { "Colors": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The color field wells of a geospatial map.", "title": "Colors", @@ -215133,7 +225503,7 @@ }, "Geospatial": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The geospatial field wells of a geospatial map. Values are grouped by geospatial fields.", "title": "Geospatial", @@ -215141,7 +225511,7 @@ }, "Values": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, "markdownDescription": "The size field wells of a geospatial map. Values are aggregated based on geospatial fields.", "title": "Values", @@ -215150,59 +225520,101 @@ }, "type": "object" }, - "AWS::QuickSight::Template.GeospatialMapConfiguration": { + "AWS::QuickSight::Analysis.GeospatialMapConfiguration": { "additionalProperties": false, "properties": { "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialMapFieldWells", + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Legend" }, "MapStyleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialMapStyleOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapStyleOptions", "markdownDescription": "The map style options of the geospatial map.", "title": "MapStyleOptions" }, "PointStyleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialPointStyleOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialPointStyleOptions", "markdownDescription": "The point style options of the geospatial map.", "title": "PointStyleOptions" }, "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", "markdownDescription": "The tooltip display setup of the visual.", "title": "Tooltip" }, "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", "markdownDescription": "", "title": "VisualPalette" }, "WindowOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialWindowOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialWindowOptions", "markdownDescription": "The window options of the geospatial map.", "title": "WindowOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.GeospatialMapFieldWells": { + "AWS::QuickSight::Analysis.GeospatialMapFieldWells": { "additionalProperties": false, "properties": { "GeospatialMapAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialMapAggregatedFieldWells", + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapAggregatedFieldWells", "markdownDescription": "The aggregated field well for a geospatial map.", "title": "GeospatialMapAggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Template.GeospatialMapStyleOptions": { + "AWS::QuickSight::Analysis.GeospatialMapState": { + "additionalProperties": false, + "properties": { + "Bounds": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialCoordinateBounds", + "markdownDescription": "", + "title": "Bounds" + }, + "MapNavigation": { + "markdownDescription": "Enables or disables map navigation for a map.", + "title": "MapNavigation", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialMapStyle": { + "additionalProperties": false, + "properties": { + "BackgroundColor": { + "markdownDescription": "The background color and opacity values for a map.", + "title": "BackgroundColor", + "type": "string" + }, + "BaseMapStyle": { + "markdownDescription": "The selected base map style.", + "title": "BaseMapStyle", + "type": "string" + }, + "BaseMapVisibility": { + "markdownDescription": "The state of visibility for the base map.", + "title": "BaseMapVisibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialMapStyleOptions": { "additionalProperties": false, "properties": { "BaseMapStyle": { @@ -215213,40 +225625,45 @@ }, "type": "object" }, - "AWS::QuickSight::Template.GeospatialMapVisual": { + "AWS::QuickSight::Analysis.GeospatialMapVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialMapConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", "title": "VisualId", @@ -215258,16 +225675,76 @@ ], "type": "object" }, - "AWS::QuickSight::Template.GeospatialPointStyleOptions": { + "AWS::QuickSight::Analysis.GeospatialNullDataSettings": { + "additionalProperties": false, + "properties": { + "SymbolStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialNullSymbolStyle", + "markdownDescription": "The symbol style for null data.", + "title": "SymbolStyle" + } + }, + "required": [ + "SymbolStyle" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialNullSymbolStyle": { + "additionalProperties": false, + "properties": { + "FillColor": { + "markdownDescription": "The color and opacity values for the fill color.", + "title": "FillColor", + "type": "string" + }, + "StrokeColor": { + "markdownDescription": "The color and opacity values for the stroke color.", + "title": "StrokeColor", + "type": "string" + }, + "StrokeWidth": { + "markdownDescription": "The width of the border stroke.", + "title": "StrokeWidth", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialPointLayer": { + "additionalProperties": false, + "properties": { + "Style": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialPointStyle", + "markdownDescription": "The visualization style for a point layer.", + "title": "Style" + } + }, + "required": [ + "Style" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialPointStyle": { + "additionalProperties": false, + "properties": { + "CircleSymbolStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialCircleSymbolStyle", + "markdownDescription": "The circle symbol style for a point layer.", + "title": "CircleSymbolStyle" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialPointStyleOptions": { "additionalProperties": false, "properties": { "ClusterMarkerConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ClusterMarkerConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ClusterMarkerConfiguration", "markdownDescription": "The cluster marker configuration of the geospatial point style.", "title": "ClusterMarkerConfiguration" }, "HeatmapConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialHeatmapConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialHeatmapConfiguration", "markdownDescription": "The heatmap configuration of the geospatial point style.", "title": "HeatmapConfiguration" }, @@ -215279,11 +225756,90 @@ }, "type": "object" }, - "AWS::QuickSight::Template.GeospatialWindowOptions": { + "AWS::QuickSight::Analysis.GeospatialPolygonLayer": { + "additionalProperties": false, + "properties": { + "Style": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialPolygonStyle", + "markdownDescription": "The visualization style for a polygon layer.", + "title": "Style" + } + }, + "required": [ + "Style" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialPolygonStyle": { + "additionalProperties": false, + "properties": { + "PolygonSymbolStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialPolygonSymbolStyle", + "markdownDescription": "The polygon symbol style for a polygon layer.", + "title": "PolygonSymbolStyle" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialPolygonSymbolStyle": { + "additionalProperties": false, + "properties": { + "FillColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialColor", + "markdownDescription": "The color and opacity values for the fill color.", + "title": "FillColor" + }, + "StrokeColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialColor", + "markdownDescription": "The color and opacity values for the stroke color.", + "title": "StrokeColor" + }, + "StrokeWidth": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialLineWidth", + "markdownDescription": "The width of the border stroke.", + "title": "StrokeWidth" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialSolidColor": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The color and opacity values for the color.", + "title": "Color", + "type": "string" + }, + "State": { + "markdownDescription": "Enables and disables the view state of the color.", + "title": "State", + "type": "string" + } + }, + "required": [ + "Color" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialStaticFileSource": { + "additionalProperties": false, + "properties": { + "StaticFileId": { + "markdownDescription": "The ID of the static file.", + "title": "StaticFileId", + "type": "string" + } + }, + "required": [ + "StaticFileId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialWindowOptions": { "additionalProperties": false, "properties": { "Bounds": { - "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialCoordinateBounds", + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialCoordinateBounds", "markdownDescription": "The bounds options (north, south, west, east) of the geospatial window options.", "title": "Bounds" }, @@ -215295,28 +225851,28 @@ }, "type": "object" }, - "AWS::QuickSight::Template.GlobalTableBorderOptions": { + "AWS::QuickSight::Analysis.GlobalTableBorderOptions": { "additionalProperties": false, "properties": { "SideSpecificBorder": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableSideBorderOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableSideBorderOptions", "markdownDescription": "Determines the options for side specific border.", "title": "SideSpecificBorder" }, "UniformBorder": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", "markdownDescription": "Determines the options for uniform border.", "title": "UniformBorder" } }, "type": "object" }, - "AWS::QuickSight::Template.GradientColor": { + "AWS::QuickSight::Analysis.GradientColor": { "additionalProperties": false, "properties": { "Stops": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.GradientStop" + "$ref": "#/definitions/AWS::QuickSight::Analysis.GradientStop" }, "markdownDescription": "The list of gradient color stops.", "title": "Stops", @@ -215325,7 +225881,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.GradientStop": { + "AWS::QuickSight::Analysis.GradientStop": { "additionalProperties": false, "properties": { "Color": { @@ -215349,28 +225905,28 @@ ], "type": "object" }, - "AWS::QuickSight::Template.GridLayoutCanvasSizeOptions": { + "AWS::QuickSight::Analysis.GridLayoutCanvasSizeOptions": { "additionalProperties": false, "properties": { "ScreenCanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.GridLayoutScreenCanvasSizeOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.GridLayoutScreenCanvasSizeOptions", "markdownDescription": "The options that determine the sizing of the canvas used in a grid layout.", "title": "ScreenCanvasSizeOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.GridLayoutConfiguration": { + "AWS::QuickSight::Analysis.GridLayoutConfiguration": { "additionalProperties": false, "properties": { "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.GridLayoutCanvasSizeOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.GridLayoutCanvasSizeOptions", "markdownDescription": "", "title": "CanvasSizeOptions" }, "Elements": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.GridLayoutElement" + "$ref": "#/definitions/AWS::QuickSight::Analysis.GridLayoutElement" }, "markdownDescription": "The elements that are included in a grid layout.", "title": "Elements", @@ -215382,7 +225938,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.GridLayoutElement": { + "AWS::QuickSight::Analysis.GridLayoutElement": { "additionalProperties": false, "properties": { "ColumnIndex": { @@ -215424,7 +225980,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.GridLayoutScreenCanvasSizeOptions": { + "AWS::QuickSight::Analysis.GridLayoutScreenCanvasSizeOptions": { "additionalProperties": false, "properties": { "OptimizedViewPortWidth": { @@ -215443,7 +225999,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.GrowthRateComputation": { + "AWS::QuickSight::Analysis.GrowthRateComputation": { "additionalProperties": false, "properties": { "ComputationId": { @@ -215462,12 +226018,12 @@ "type": "number" }, "Time": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", "markdownDescription": "The time field that is used in a computation.", "title": "Time" }, "Value": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", "markdownDescription": "The value field that is used in a computation.", "title": "Value" } @@ -215477,11 +226033,11 @@ ], "type": "object" }, - "AWS::QuickSight::Template.HeaderFooterSectionConfiguration": { + "AWS::QuickSight::Analysis.HeaderFooterSectionConfiguration": { "additionalProperties": false, "properties": { "Layout": { - "$ref": "#/definitions/AWS::QuickSight::Template.SectionLayoutConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionLayoutConfiguration", "markdownDescription": "The layout configuration of the header or footer section.", "title": "Layout" }, @@ -215491,7 +226047,7 @@ "type": "string" }, "Style": { - "$ref": "#/definitions/AWS::QuickSight::Template.SectionStyle", + "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionStyle", "markdownDescription": "The style options of a header or footer section.", "title": "Style" } @@ -215502,12 +226058,12 @@ ], "type": "object" }, - "AWS::QuickSight::Template.HeatMapAggregatedFieldWells": { + "AWS::QuickSight::Analysis.HeatMapAggregatedFieldWells": { "additionalProperties": false, "properties": { "Columns": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The columns field well of a heat map.", "title": "Columns", @@ -215515,7 +226071,7 @@ }, "Rows": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The rows field well of a heat map.", "title": "Rows", @@ -215523,7 +226079,7 @@ }, "Values": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, "markdownDescription": "The values field well of a heat map.", "title": "Values", @@ -215532,87 +226088,92 @@ }, "type": "object" }, - "AWS::QuickSight::Template.HeatMapConfiguration": { + "AWS::QuickSight::Analysis.HeatMapConfiguration": { "additionalProperties": false, "properties": { "ColorScale": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColorScale", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColorScale", "markdownDescription": "The color options (gradient color, point of divergence) in a heat map.", "title": "ColorScale" }, "ColumnLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The label options of the column that is displayed in a heat map.", "title": "ColumnLabelOptions" }, "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", "markdownDescription": "The options that determine if visual data labels are displayed.", "title": "DataLabels" }, "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.HeatMapFieldWells", + "$ref": "#/definitions/AWS::QuickSight::Analysis.HeatMapFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Legend" }, "RowLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The label options of the row that is displayed in a `heat map` .", "title": "RowLabelOptions" }, "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.HeatMapSortConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.HeatMapSortConfiguration", "markdownDescription": "The sort configuration of a heat map.", "title": "SortConfiguration" }, "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", "markdownDescription": "The tooltip display setup of the visual.", "title": "Tooltip" } }, "type": "object" }, - "AWS::QuickSight::Template.HeatMapFieldWells": { + "AWS::QuickSight::Analysis.HeatMapFieldWells": { "additionalProperties": false, "properties": { "HeatMapAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.HeatMapAggregatedFieldWells", + "$ref": "#/definitions/AWS::QuickSight::Analysis.HeatMapAggregatedFieldWells", "markdownDescription": "The aggregated field wells of a heat map.", "title": "HeatMapAggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Template.HeatMapSortConfiguration": { + "AWS::QuickSight::Analysis.HeatMapSortConfiguration": { "additionalProperties": false, "properties": { "HeatMapColumnItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of columns that are displayed in a heat map.", "title": "HeatMapColumnItemsLimitConfiguration" }, "HeatMapColumnSort": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, "markdownDescription": "The column sort configuration for heat map for columns that aren't a part of a field well.", "title": "HeatMapColumnSort", "type": "array" }, "HeatMapRowItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of rows that are displayed in a heat map.", "title": "HeatMapRowItemsLimitConfiguration" }, "HeatMapRowSort": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, "markdownDescription": "The field sort configuration of the rows fields.", "title": "HeatMapRowSort", @@ -215621,40 +226182,45 @@ }, "type": "object" }, - "AWS::QuickSight::Template.HeatMapVisual": { + "AWS::QuickSight::Analysis.HeatMapVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.HeatMapConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.HeatMapConfiguration", "markdownDescription": "The configuration of a heat map.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", @@ -215666,12 +226232,12 @@ ], "type": "object" }, - "AWS::QuickSight::Template.HistogramAggregatedFieldWells": { + "AWS::QuickSight::Analysis.HistogramAggregatedFieldWells": { "additionalProperties": false, "properties": { "Values": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, "markdownDescription": "The value field wells of a histogram. Values are aggregated by `COUNT` or `DISTINCT_COUNT` .", "title": "Values", @@ -215680,16 +226246,16 @@ }, "type": "object" }, - "AWS::QuickSight::Template.HistogramBinOptions": { + "AWS::QuickSight::Analysis.HistogramBinOptions": { "additionalProperties": false, "properties": { "BinCount": { - "$ref": "#/definitions/AWS::QuickSight::Template.BinCountOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.BinCountOptions", "markdownDescription": "The options that determine the bin count of a histogram.", "title": "BinCount" }, "BinWidth": { - "$ref": "#/definitions/AWS::QuickSight::Template.BinWidthOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.BinWidthOptions", "markdownDescription": "The options that determine the bin width of a histogram.", "title": "BinWidth" }, @@ -215706,89 +226272,99 @@ }, "type": "object" }, - "AWS::QuickSight::Template.HistogramConfiguration": { + "AWS::QuickSight::Analysis.HistogramConfiguration": { "additionalProperties": false, "properties": { "BinOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.HistogramBinOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.HistogramBinOptions", "markdownDescription": "The options that determine the presentation of histogram bins.", "title": "BinOptions" }, "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", "markdownDescription": "The data label configuration of a histogram.", "title": "DataLabels" }, "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.HistogramFieldWells", + "$ref": "#/definitions/AWS::QuickSight::Analysis.HistogramFieldWells", "markdownDescription": "The field well configuration of a histogram.", "title": "FieldWells" }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", "markdownDescription": "The tooltip configuration of a histogram.", "title": "Tooltip" }, "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", "markdownDescription": "The visual palette configuration of a histogram.", "title": "VisualPalette" }, "XAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", "markdownDescription": "The options that determine the presentation of the x-axis.", "title": "XAxisDisplayOptions" }, "XAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The options that determine the presentation of the x-axis label.", "title": "XAxisLabelOptions" }, "YAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", "markdownDescription": "The options that determine the presentation of the y-axis.", "title": "YAxisDisplayOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.HistogramFieldWells": { + "AWS::QuickSight::Analysis.HistogramFieldWells": { "additionalProperties": false, "properties": { "HistogramAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.HistogramAggregatedFieldWells", + "$ref": "#/definitions/AWS::QuickSight::Analysis.HistogramAggregatedFieldWells", "markdownDescription": "The field well configuration of a histogram.", "title": "HistogramAggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Template.HistogramVisual": { + "AWS::QuickSight::Analysis.HistogramVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.HistogramConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.HistogramConfiguration", "markdownDescription": "The configuration for a `HistogramVisual` .", "title": "ChartConfiguration" }, "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", @@ -215800,31 +226376,149 @@ ], "type": "object" }, - "AWS::QuickSight::Template.InsightConfiguration": { + "AWS::QuickSight::Analysis.ImageCustomAction": { + "additionalProperties": false, + "properties": { + "ActionOperations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ImageCustomActionOperation" + }, + "markdownDescription": "A list of `ImageCustomActionOperations` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", + "title": "ActionOperations", + "type": "array" + }, + "CustomActionId": { + "markdownDescription": "The ID of the custom action.", + "title": "CustomActionId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the custom action.", + "title": "Name", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the custom action.", + "title": "Status", + "type": "string" + }, + "Trigger": { + "markdownDescription": "The trigger of the `VisualCustomAction` .\n\nValid values are defined as follows:\n\n- `CLICK` : Initiates a custom action by a left pointer click on a data point.\n- `MENU` : Initiates a custom action by right pointer click from the menu.", + "title": "Trigger", + "type": "string" + } + }, + "required": [ + "ActionOperations", + "CustomActionId", + "Name", + "Trigger" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.ImageCustomActionOperation": { + "additionalProperties": false, + "properties": { + "NavigationOperation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionNavigationOperation", + "markdownDescription": "", + "title": "NavigationOperation" + }, + "SetParametersOperation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionSetParametersOperation", + "markdownDescription": "", + "title": "SetParametersOperation" + }, + "URLOperation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionURLOperation", + "markdownDescription": "", + "title": "URLOperation" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ImageInteractionOptions": { + "additionalProperties": false, + "properties": { + "ImageMenuOption": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ImageMenuOption", + "markdownDescription": "The menu options for the image.", + "title": "ImageMenuOption" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ImageMenuOption": { + "additionalProperties": false, + "properties": { + "AvailabilityStatus": { + "markdownDescription": "The availability status of the image menu. If the value of this property is set to `ENABLED` , dashboard readers can interact with the image menu.", + "title": "AvailabilityStatus", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ImageStaticFile": { + "additionalProperties": false, + "properties": { + "Source": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.StaticFileSource", + "markdownDescription": "The source of the image static file.", + "title": "Source" + }, + "StaticFileId": { + "markdownDescription": "The ID of the static file that contains an image.", + "title": "StaticFileId", + "type": "string" + } + }, + "required": [ + "StaticFileId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.InnerFilter": { + "additionalProperties": false, + "properties": { + "CategoryInnerFilter": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CategoryInnerFilter", + "markdownDescription": "A `CategoryInnerFilter` filters text values for the `NestedFilter` .", + "title": "CategoryInnerFilter" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.InsightConfiguration": { "additionalProperties": false, "properties": { "Computations": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.Computation" + "$ref": "#/definitions/AWS::QuickSight::Analysis.Computation" }, "markdownDescription": "The computations configurations of the insight visual", "title": "Computations", "type": "array" }, "CustomNarrative": { - "$ref": "#/definitions/AWS::QuickSight::Template.CustomNarrativeOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomNarrativeOptions", "markdownDescription": "The custom narrative of the insight visual.", "title": "CustomNarrative" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" } }, "type": "object" }, - "AWS::QuickSight::Template.InsightVisual": { + "AWS::QuickSight::Analysis.InsightVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", @@ -215836,20 +226530,25 @@ "type": "string" }, "InsightConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.InsightConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.InsightConfiguration", "markdownDescription": "The configuration of an insight visual.", "title": "InsightConfiguration" }, "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", @@ -215862,11 +226561,11 @@ ], "type": "object" }, - "AWS::QuickSight::Template.IntegerDefaultValues": { + "AWS::QuickSight::Analysis.IntegerDefaultValues": { "additionalProperties": false, "properties": { "DynamicValue": { - "$ref": "#/definitions/AWS::QuickSight::Template.DynamicDefaultValue", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DynamicDefaultValue", "markdownDescription": "The dynamic value of the `IntegerDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", "title": "DynamicValue" }, @@ -215881,17 +226580,40 @@ }, "type": "object" }, - "AWS::QuickSight::Template.IntegerParameterDeclaration": { + "AWS::QuickSight::Analysis.IntegerParameter": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the integer parameter.", + "title": "Name", + "type": "string" + }, + "Values": { + "items": { + "type": "number" + }, + "markdownDescription": "The values for the integer parameter.", + "title": "Values", + "type": "array" + } + }, + "required": [ + "Name", + "Values" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.IntegerParameterDeclaration": { "additionalProperties": false, "properties": { "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::Template.IntegerDefaultValues", + "$ref": "#/definitions/AWS::QuickSight::Analysis.IntegerDefaultValues", "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", "title": "DefaultValues" }, "MappedDataSetParameters": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MappedDataSetParameter" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MappedDataSetParameter" }, "markdownDescription": "", "title": "MappedDataSetParameters", @@ -215908,7 +226630,7 @@ "type": "string" }, "ValueWhenUnset": { - "$ref": "#/definitions/AWS::QuickSight::Template.IntegerValueWhenUnsetConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.IntegerValueWhenUnsetConfiguration", "markdownDescription": "A parameter declaration for the `Integer` data type.", "title": "ValueWhenUnset" } @@ -215919,7 +226641,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.IntegerValueWhenUnsetConfiguration": { + "AWS::QuickSight::Analysis.IntegerValueWhenUnsetConfiguration": { "additionalProperties": false, "properties": { "CustomValue": { @@ -215935,7 +226657,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.ItemsLimitConfiguration": { + "AWS::QuickSight::Analysis.ItemsLimitConfiguration": { "additionalProperties": false, "properties": { "ItemsLimit": { @@ -215951,44 +226673,44 @@ }, "type": "object" }, - "AWS::QuickSight::Template.KPIActualValueConditionalFormatting": { + "AWS::QuickSight::Analysis.KPIActualValueConditionalFormatting": { "additionalProperties": false, "properties": { "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIcon", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIcon", "markdownDescription": "The conditional formatting of the actual value's icon.", "title": "Icon" }, "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", "markdownDescription": "The conditional formatting of the actual value's text color.", "title": "TextColor" } }, "type": "object" }, - "AWS::QuickSight::Template.KPIComparisonValueConditionalFormatting": { + "AWS::QuickSight::Analysis.KPIComparisonValueConditionalFormatting": { "additionalProperties": false, "properties": { "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIcon", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIcon", "markdownDescription": "The conditional formatting of the comparison value's icon.", "title": "Icon" }, "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", "markdownDescription": "The conditional formatting of the comparison value's text color.", "title": "TextColor" } }, "type": "object" }, - "AWS::QuickSight::Template.KPIConditionalFormatting": { + "AWS::QuickSight::Analysis.KPIConditionalFormatting": { "additionalProperties": false, "properties": { "ConditionalFormattingOptions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPIConditionalFormattingOption" + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIConditionalFormattingOption" }, "markdownDescription": "The conditional formatting options of a KPI visual.", "title": "ConditionalFormattingOptions", @@ -215997,59 +226719,64 @@ }, "type": "object" }, - "AWS::QuickSight::Template.KPIConditionalFormattingOption": { + "AWS::QuickSight::Analysis.KPIConditionalFormattingOption": { "additionalProperties": false, "properties": { "ActualValue": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPIActualValueConditionalFormatting", + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIActualValueConditionalFormatting", "markdownDescription": "The conditional formatting for the actual value of a KPI visual.", "title": "ActualValue" }, "ComparisonValue": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPIComparisonValueConditionalFormatting", + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIComparisonValueConditionalFormatting", "markdownDescription": "The conditional formatting for the comparison value of a KPI visual.", "title": "ComparisonValue" }, "PrimaryValue": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPIPrimaryValueConditionalFormatting", + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIPrimaryValueConditionalFormatting", "markdownDescription": "The conditional formatting for the primary value of a KPI visual.", "title": "PrimaryValue" }, "ProgressBar": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPIProgressBarConditionalFormatting", + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIProgressBarConditionalFormatting", "markdownDescription": "The conditional formatting for the progress bar of a KPI visual.", "title": "ProgressBar" } }, "type": "object" }, - "AWS::QuickSight::Template.KPIConfiguration": { + "AWS::QuickSight::Analysis.KPIConfiguration": { "additionalProperties": false, "properties": { "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPIFieldWells", + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIFieldWells", "markdownDescription": "The field well configuration of a KPI visual.", "title": "FieldWells" }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, "KPIOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPIOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIOptions", "markdownDescription": "The options that determine the presentation of a KPI visual.", "title": "KPIOptions" }, "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPISortConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPISortConfiguration", "markdownDescription": "The sort configuration of a KPI visual.", "title": "SortConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Template.KPIFieldWells": { + "AWS::QuickSight::Analysis.KPIFieldWells": { "additionalProperties": false, "properties": { "TargetValues": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, "markdownDescription": "The target value field wells of a KPI visual.", "title": "TargetValues", @@ -216057,7 +226784,7 @@ }, "TrendGroups": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The trend group field wells of a KPI visual.", "title": "TrendGroups", @@ -216065,7 +226792,7 @@ }, "Values": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, "markdownDescription": "The value field wells of a KPI visual.", "title": "Values", @@ -216074,11 +226801,11 @@ }, "type": "object" }, - "AWS::QuickSight::Template.KPIOptions": { + "AWS::QuickSight::Analysis.KPIOptions": { "additionalProperties": false, "properties": { "Comparison": { - "$ref": "#/definitions/AWS::QuickSight::Template.ComparisonConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ComparisonConfiguration", "markdownDescription": "The comparison configuration of a KPI visual.", "title": "Comparison" }, @@ -216088,76 +226815,76 @@ "type": "string" }, "PrimaryValueFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", "markdownDescription": "The options that determine the primary value font configuration.", "title": "PrimaryValueFontConfiguration" }, "ProgressBar": { - "$ref": "#/definitions/AWS::QuickSight::Template.ProgressBarOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ProgressBarOptions", "markdownDescription": "The options that determine the presentation of the progress bar of a KPI visual.", "title": "ProgressBar" }, "SecondaryValue": { - "$ref": "#/definitions/AWS::QuickSight::Template.SecondaryValueOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.SecondaryValueOptions", "markdownDescription": "The options that determine the presentation of the secondary value of a KPI visual.", "title": "SecondaryValue" }, "SecondaryValueFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", "markdownDescription": "The options that determine the secondary value font configuration.", "title": "SecondaryValueFontConfiguration" }, "Sparkline": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPISparklineOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPISparklineOptions", "markdownDescription": "The options that determine the visibility, color, type, and tooltip visibility of the sparkline of a KPI visual.", "title": "Sparkline" }, "TrendArrows": { - "$ref": "#/definitions/AWS::QuickSight::Template.TrendArrowOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TrendArrowOptions", "markdownDescription": "The options that determine the presentation of trend arrows in a KPI visual.", "title": "TrendArrows" }, "VisualLayoutOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPIVisualLayoutOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIVisualLayoutOptions", "markdownDescription": "The options that determine the layout a KPI visual.", "title": "VisualLayoutOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.KPIPrimaryValueConditionalFormatting": { + "AWS::QuickSight::Analysis.KPIPrimaryValueConditionalFormatting": { "additionalProperties": false, "properties": { "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIcon", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIcon", "markdownDescription": "The conditional formatting of the primary value's icon.", "title": "Icon" }, "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", "markdownDescription": "The conditional formatting of the primary value's text color.", "title": "TextColor" } }, "type": "object" }, - "AWS::QuickSight::Template.KPIProgressBarConditionalFormatting": { + "AWS::QuickSight::Analysis.KPIProgressBarConditionalFormatting": { "additionalProperties": false, "properties": { "ForegroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", "markdownDescription": "The conditional formatting of the progress bar's foreground color.", "title": "ForegroundColor" } }, "type": "object" }, - "AWS::QuickSight::Template.KPISortConfiguration": { + "AWS::QuickSight::Analysis.KPISortConfiguration": { "additionalProperties": false, "properties": { "TrendGroupSort": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, "markdownDescription": "The sort configuration of the trend group fields.", "title": "TrendGroupSort", @@ -216166,7 +226893,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.KPISparklineOptions": { + "AWS::QuickSight::Analysis.KPISparklineOptions": { "additionalProperties": false, "properties": { "Color": { @@ -216195,45 +226922,50 @@ ], "type": "object" }, - "AWS::QuickSight::Template.KPIVisual": { + "AWS::QuickSight::Analysis.KPIVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPIConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIConfiguration", "markdownDescription": "The configuration of a KPI visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPIConditionalFormatting", + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIConditionalFormatting", "markdownDescription": "The conditional formatting of a KPI visual.", "title": "ConditionalFormatting" }, "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", @@ -216245,18 +226977,18 @@ ], "type": "object" }, - "AWS::QuickSight::Template.KPIVisualLayoutOptions": { + "AWS::QuickSight::Analysis.KPIVisualLayoutOptions": { "additionalProperties": false, "properties": { "StandardLayout": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPIVisualStandardLayout", + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIVisualStandardLayout", "markdownDescription": "The standard layout of the KPI visual.", "title": "StandardLayout" } }, "type": "object" }, - "AWS::QuickSight::Template.KPIVisualStandardLayout": { + "AWS::QuickSight::Analysis.KPIVisualStandardLayout": { "additionalProperties": false, "properties": { "Type": { @@ -216270,7 +227002,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.LabelOptions": { + "AWS::QuickSight::Analysis.LabelOptions": { "additionalProperties": false, "properties": { "CustomLabel": { @@ -216279,7 +227011,7 @@ "type": "string" }, "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", "markdownDescription": "The font configuration of the label.", "title": "FontConfiguration" }, @@ -216291,43 +227023,149 @@ }, "type": "object" }, - "AWS::QuickSight::Template.Layout": { + "AWS::QuickSight::Analysis.LayerCustomAction": { "additionalProperties": false, "properties": { - "Configuration": { - "$ref": "#/definitions/AWS::QuickSight::Template.LayoutConfiguration", - "markdownDescription": "The configuration that determines what the type of layout for a sheet.", - "title": "Configuration" + "ActionOperations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LayerCustomActionOperation" + }, + "markdownDescription": "A list of `LayerCustomActionOperations` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", + "title": "ActionOperations", + "type": "array" + }, + "CustomActionId": { + "markdownDescription": "The ID of the custom action.", + "title": "CustomActionId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the custom action.", + "title": "Name", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the `LayerCustomAction` .", + "title": "Status", + "type": "string" + }, + "Trigger": { + "markdownDescription": "The trigger of the `LayerCustomAction` .\n\nValid values are defined as follows:\n\n- `DATA_POINT_CLICK` : Initiates a custom action by a left pointer click on a data point.\n- `DATA_POINT_MENU` : Initiates a custom action by right pointer click from the menu.", + "title": "Trigger", + "type": "string" } }, "required": [ - "Configuration" + "ActionOperations", + "CustomActionId", + "Name", + "Trigger" ], "type": "object" }, - "AWS::QuickSight::Template.LayoutConfiguration": { + "AWS::QuickSight::Analysis.LayerCustomActionOperation": { "additionalProperties": false, "properties": { - "FreeFormLayout": { - "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutConfiguration", - "markdownDescription": "A free-form is optimized for a fixed width and has more control over the exact placement of layout elements.", - "title": "FreeFormLayout" + "FilterOperation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionFilterOperation", + "markdownDescription": "", + "title": "FilterOperation" }, - "GridLayout": { - "$ref": "#/definitions/AWS::QuickSight::Template.GridLayoutConfiguration", - "markdownDescription": "A type of layout that can be used on a sheet. In a grid layout, visuals snap to a grid with standard spacing and alignment. Dashboards are displayed as designed, with options to fit to screen or view at actual size. A grid layout can be configured to behave in one of two ways when the viewport is resized: `FIXED` or `RESPONSIVE` .", - "title": "GridLayout" + "NavigationOperation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionNavigationOperation", + "markdownDescription": "", + "title": "NavigationOperation" }, - "SectionBasedLayout": { - "$ref": "#/definitions/AWS::QuickSight::Template.SectionBasedLayoutConfiguration", - "markdownDescription": "A section based layout organizes visuals into multiple sections and has customized header, footer and page break.", - "title": "SectionBasedLayout" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.LegendOptions": { - "additionalProperties": false, + "SetParametersOperation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionSetParametersOperation", + "markdownDescription": "", + "title": "SetParametersOperation" + }, + "URLOperation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionURLOperation", + "markdownDescription": "", + "title": "URLOperation" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.LayerMapVisual": { + "additionalProperties": false, + "properties": { + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialLayerMapConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "DataSetIdentifier": { + "markdownDescription": "The dataset that is used to create the layer map visual. You can't create a visual without a dataset.", + "title": "DataSetIdentifier", + "type": "string" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The ID of the visual.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "DataSetIdentifier", + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.Layout": { + "additionalProperties": false, + "properties": { + "Configuration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LayoutConfiguration", + "markdownDescription": "The configuration that determines what the type of layout for a sheet.", + "title": "Configuration" + } + }, + "required": [ + "Configuration" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.LayoutConfiguration": { + "additionalProperties": false, + "properties": { + "FreeFormLayout": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutConfiguration", + "markdownDescription": "A free-form is optimized for a fixed width and has more control over the exact placement of layout elements.", + "title": "FreeFormLayout" + }, + "GridLayout": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GridLayoutConfiguration", + "markdownDescription": "A type of layout that can be used on a sheet. In a grid layout, visuals snap to a grid with standard spacing and alignment. Dashboards are displayed as designed, with options to fit to screen or view at actual size. A grid layout can be configured to behave in one of two ways when the viewport is resized: `FIXED` or `RESPONSIVE` .", + "title": "GridLayout" + }, + "SectionBasedLayout": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionBasedLayoutConfiguration", + "markdownDescription": "A section based layout organizes visuals into multiple sections and has customized header, footer and page break.", + "title": "SectionBasedLayout" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.LegendOptions": { + "additionalProperties": false, "properties": { "Height": { "markdownDescription": "The height of the legend. If this value is omitted, a default height is used when rendering.", @@ -216340,10 +227178,15 @@ "type": "string" }, "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", "markdownDescription": "The custom title for the legend.", "title": "Title" }, + "ValueFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", + "markdownDescription": "", + "title": "ValueFontConfiguration" + }, "Visibility": { "markdownDescription": "Determines whether or not the legend is visible.", "title": "Visibility", @@ -216357,12 +227200,12 @@ }, "type": "object" }, - "AWS::QuickSight::Template.LineChartAggregatedFieldWells": { + "AWS::QuickSight::Analysis.LineChartAggregatedFieldWells": { "additionalProperties": false, "properties": { "Category": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The category field wells of a line chart. Values are grouped by category fields.", "title": "Category", @@ -216370,7 +227213,7 @@ }, "Colors": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The color field wells of a line chart. Values are grouped by category fields.", "title": "Colors", @@ -216378,7 +227221,7 @@ }, "SmallMultiples": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The small multiples field well of a line chart.", "title": "SmallMultiples", @@ -216386,7 +227229,7 @@ }, "Values": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, "markdownDescription": "The value field wells of a line chart. Values are aggregated based on categories.", "title": "Values", @@ -216395,93 +227238,103 @@ }, "type": "object" }, - "AWS::QuickSight::Template.LineChartConfiguration": { + "AWS::QuickSight::Analysis.LineChartConfiguration": { "additionalProperties": false, "properties": { "ContributionAnalysisDefaults": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ContributionAnalysisDefault" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ContributionAnalysisDefault" }, "markdownDescription": "The default configuration of a line chart's contribution analysis.", "title": "ContributionAnalysisDefaults", "type": "array" }, "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", "markdownDescription": "The data label configuration of a line chart.", "title": "DataLabels" }, "DefaultSeriesSettings": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineChartDefaultSeriesSettings", + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartDefaultSeriesSettings", "markdownDescription": "The options that determine the default presentation of all line series in `LineChartVisual` .", "title": "DefaultSeriesSettings" }, "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineChartFieldWells", + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartFieldWells", "markdownDescription": "The field well configuration of a line chart.", "title": "FieldWells" }, "ForecastConfigurations": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ForecastConfiguration" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ForecastConfiguration" }, "markdownDescription": "The forecast configuration of a line chart.", "title": "ForecastConfigurations", "type": "array" }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", "markdownDescription": "The legend configuration of a line chart.", "title": "Legend" }, "PrimaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineSeriesAxisDisplayOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineSeriesAxisDisplayOptions", "markdownDescription": "The series axis configuration of a line chart.", "title": "PrimaryYAxisDisplayOptions" }, "PrimaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The options that determine the presentation of the y-axis label.", "title": "PrimaryYAxisLabelOptions" }, "ReferenceLines": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLine" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLine" }, "markdownDescription": "The reference lines configuration of a line chart.", "title": "ReferenceLines", "type": "array" }, "SecondaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineSeriesAxisDisplayOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineSeriesAxisDisplayOptions", "markdownDescription": "The series axis configuration of a line chart.", "title": "SecondaryYAxisDisplayOptions" }, "SecondaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The options that determine the presentation of the secondary y-axis label.", "title": "SecondaryYAxisLabelOptions" }, "Series": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.SeriesItem" + "$ref": "#/definitions/AWS::QuickSight::Analysis.SeriesItem" }, "markdownDescription": "The series item configuration of a line chart.", "title": "Series", "type": "array" }, + "SingleAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SingleAxisOptions", + "markdownDescription": "", + "title": "SingleAxisOptions" + }, "SmallMultiplesOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SmallMultiplesOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.SmallMultiplesOptions", "markdownDescription": "The small multiples setup for the visual.", "title": "SmallMultiplesOptions" }, "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineChartSortConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartSortConfiguration", "markdownDescription": "The sort configuration of a line chart.", "title": "SortConfiguration" }, "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", "markdownDescription": "The tooltip configuration of a line chart.", "title": "Tooltip" }, @@ -216491,24 +227344,24 @@ "type": "string" }, "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", "markdownDescription": "The visual palette configuration of a line chart.", "title": "VisualPalette" }, "XAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", "markdownDescription": "The options that determine the presentation of the x-axis.", "title": "XAxisDisplayOptions" }, "XAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The options that determine the presentation of the x-axis label.", "title": "XAxisLabelOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.LineChartDefaultSeriesSettings": { + "AWS::QuickSight::Analysis.LineChartDefaultSeriesSettings": { "additionalProperties": false, "properties": { "AxisBinding": { @@ -216517,30 +227370,30 @@ "type": "string" }, "LineStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineChartLineStyleSettings", + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartLineStyleSettings", "markdownDescription": "Line styles options for all line series in the visual.", "title": "LineStyleSettings" }, "MarkerStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineChartMarkerStyleSettings", + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartMarkerStyleSettings", "markdownDescription": "Marker styles options for all line series in the visual.", "title": "MarkerStyleSettings" } }, "type": "object" }, - "AWS::QuickSight::Template.LineChartFieldWells": { + "AWS::QuickSight::Analysis.LineChartFieldWells": { "additionalProperties": false, "properties": { "LineChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineChartAggregatedFieldWells", + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartAggregatedFieldWells", "markdownDescription": "The field well configuration of a line chart.", "title": "LineChartAggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Template.LineChartLineStyleSettings": { + "AWS::QuickSight::Analysis.LineChartLineStyleSettings": { "additionalProperties": false, "properties": { "LineInterpolation": { @@ -216566,7 +227419,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.LineChartMarkerStyleSettings": { + "AWS::QuickSight::Analysis.LineChartMarkerStyleSettings": { "additionalProperties": false, "properties": { "MarkerColor": { @@ -216592,51 +227445,51 @@ }, "type": "object" }, - "AWS::QuickSight::Template.LineChartSeriesSettings": { + "AWS::QuickSight::Analysis.LineChartSeriesSettings": { "additionalProperties": false, "properties": { "LineStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineChartLineStyleSettings", + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartLineStyleSettings", "markdownDescription": "Line styles options for a line series in `LineChartVisual` .", "title": "LineStyleSettings" }, "MarkerStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineChartMarkerStyleSettings", + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartMarkerStyleSettings", "markdownDescription": "Marker styles options for a line series in `LineChartVisual` .", "title": "MarkerStyleSettings" } }, "type": "object" }, - "AWS::QuickSight::Template.LineChartSortConfiguration": { + "AWS::QuickSight::Analysis.LineChartSortConfiguration": { "additionalProperties": false, "properties": { "CategoryItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of categories that are displayed in a line chart.", "title": "CategoryItemsLimitConfiguration" }, "CategorySort": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, "markdownDescription": "The sort configuration of the category fields.", "title": "CategorySort", "type": "array" }, "ColorItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of lines that are displayed in a line chart.", "title": "ColorItemsLimitConfiguration" }, "SmallMultiplesLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of small multiples panels that are displayed.", "title": "SmallMultiplesLimitConfiguration" }, "SmallMultiplesSort": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, "markdownDescription": "The sort configuration of the small multiples field.", "title": "SmallMultiplesSort", @@ -216645,40 +227498,45 @@ }, "type": "object" }, - "AWS::QuickSight::Template.LineChartVisual": { + "AWS::QuickSight::Analysis.LineChartVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineChartConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartConfiguration", "markdownDescription": "The configuration of a line chart.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", @@ -216690,17 +227548,17 @@ ], "type": "object" }, - "AWS::QuickSight::Template.LineSeriesAxisDisplayOptions": { + "AWS::QuickSight::Analysis.LineSeriesAxisDisplayOptions": { "additionalProperties": false, "properties": { "AxisOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", "markdownDescription": "The options that determine the presentation of the line series axis.", "title": "AxisOptions" }, "MissingDataConfigurations": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MissingDataConfiguration" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MissingDataConfiguration" }, "markdownDescription": "The configuration options that determine how missing data is treated during the rendering of a line chart.", "title": "MissingDataConfigurations", @@ -216709,33 +227567,33 @@ }, "type": "object" }, - "AWS::QuickSight::Template.ListControlDisplayOptions": { + "AWS::QuickSight::Analysis.ListControlDisplayOptions": { "additionalProperties": false, "properties": { "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", "markdownDescription": "The configuration of info icon label options.", "title": "InfoIconLabelOptions" }, "SearchOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ListControlSearchOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ListControlSearchOptions", "markdownDescription": "The configuration of the search options in a list control.", "title": "SearchOptions" }, "SelectAllOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ListControlSelectAllOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ListControlSelectAllOptions", "markdownDescription": "The configuration of the `Select all` options in a list control.", "title": "SelectAllOptions" }, "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", "markdownDescription": "The options to configure the title visibility, name, and font size.", "title": "TitleOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.ListControlSearchOptions": { + "AWS::QuickSight::Analysis.ListControlSearchOptions": { "additionalProperties": false, "properties": { "Visibility": { @@ -216746,7 +227604,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.ListControlSelectAllOptions": { + "AWS::QuickSight::Analysis.ListControlSelectAllOptions": { "additionalProperties": false, "properties": { "Visibility": { @@ -216757,7 +227615,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.LoadingAnimation": { + "AWS::QuickSight::Analysis.LoadingAnimation": { "additionalProperties": false, "properties": { "Visibility": { @@ -216768,7 +227626,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.LocalNavigationConfiguration": { + "AWS::QuickSight::Analysis.LocalNavigationConfiguration": { "additionalProperties": false, "properties": { "TargetSheetId": { @@ -216782,7 +227640,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.LongFormatText": { + "AWS::QuickSight::Analysis.LongFormatText": { "additionalProperties": false, "properties": { "PlainText": { @@ -216798,7 +227656,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.MappedDataSetParameter": { + "AWS::QuickSight::Analysis.MappedDataSetParameter": { "additionalProperties": false, "properties": { "DataSetIdentifier": { @@ -216818,7 +227676,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.MaximumLabelType": { + "AWS::QuickSight::Analysis.MaximumLabelType": { "additionalProperties": false, "properties": { "Visibility": { @@ -216829,7 +227687,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.MaximumMinimumComputation": { + "AWS::QuickSight::Analysis.MaximumMinimumComputation": { "additionalProperties": false, "properties": { "ComputationId": { @@ -216843,7 +227701,7 @@ "type": "string" }, "Time": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", "markdownDescription": "The time field that is used in a computation.", "title": "Time" }, @@ -216853,7 +227711,7 @@ "type": "string" }, "Value": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", "markdownDescription": "The value field that is used in a computation.", "title": "Value" } @@ -216864,33 +227722,33 @@ ], "type": "object" }, - "AWS::QuickSight::Template.MeasureField": { + "AWS::QuickSight::Analysis.MeasureField": { "additionalProperties": false, "properties": { "CalculatedMeasureField": { - "$ref": "#/definitions/AWS::QuickSight::Template.CalculatedMeasureField", + "$ref": "#/definitions/AWS::QuickSight::Analysis.CalculatedMeasureField", "markdownDescription": "The calculated measure field only used in pivot tables.", "title": "CalculatedMeasureField" }, "CategoricalMeasureField": { - "$ref": "#/definitions/AWS::QuickSight::Template.CategoricalMeasureField", + "$ref": "#/definitions/AWS::QuickSight::Analysis.CategoricalMeasureField", "markdownDescription": "The measure type field with categorical type columns.", "title": "CategoricalMeasureField" }, "DateMeasureField": { - "$ref": "#/definitions/AWS::QuickSight::Template.DateMeasureField", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateMeasureField", "markdownDescription": "The measure type field with date type columns.", "title": "DateMeasureField" }, "NumericalMeasureField": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericalMeasureField", + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericalMeasureField", "markdownDescription": "The measure type field with numerical type columns.", "title": "NumericalMeasureField" } }, "type": "object" }, - "AWS::QuickSight::Template.MetricComparisonComputation": { + "AWS::QuickSight::Analysis.MetricComparisonComputation": { "additionalProperties": false, "properties": { "ComputationId": { @@ -216899,7 +227757,7 @@ "type": "string" }, "FromValue": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", "markdownDescription": "The field that is used in a metric comparison from value setup.", "title": "FromValue" }, @@ -216909,12 +227767,12 @@ "type": "string" }, "TargetValue": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", "markdownDescription": "The field that is used in a metric comparison to value setup.", "title": "TargetValue" }, "Time": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", "markdownDescription": "The time field that is used in a computation.", "title": "Time" } @@ -216924,7 +227782,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.MinimumLabelType": { + "AWS::QuickSight::Analysis.MinimumLabelType": { "additionalProperties": false, "properties": { "Visibility": { @@ -216935,7 +227793,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.MissingDataConfiguration": { + "AWS::QuickSight::Analysis.MissingDataConfiguration": { "additionalProperties": false, "properties": { "TreatmentOption": { @@ -216946,7 +227804,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.NegativeValueConfiguration": { + "AWS::QuickSight::Analysis.NegativeValueConfiguration": { "additionalProperties": false, "properties": { "DisplayMode": { @@ -216960,7 +227818,39 @@ ], "type": "object" }, - "AWS::QuickSight::Template.NullValueFormatConfiguration": { + "AWS::QuickSight::Analysis.NestedFilter": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + }, + "IncludeInnerSet": { + "markdownDescription": "A boolean condition to include or exclude the subset that is defined by the values of the nested inner filter.", + "title": "IncludeInnerSet", + "type": "boolean" + }, + "InnerFilter": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.InnerFilter", + "markdownDescription": "The `InnerFilter` defines the subset of data to be used with the `NestedFilter` .", + "title": "InnerFilter" + } + }, + "required": [ + "Column", + "FilterId", + "IncludeInnerSet", + "InnerFilter" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.NullValueFormatConfiguration": { "additionalProperties": false, "properties": { "NullString": { @@ -216974,21 +227864,21 @@ ], "type": "object" }, - "AWS::QuickSight::Template.NumberDisplayFormatConfiguration": { + "AWS::QuickSight::Analysis.NumberDisplayFormatConfiguration": { "additionalProperties": false, "properties": { "DecimalPlacesConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DecimalPlacesConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalPlacesConfiguration", "markdownDescription": "The option that determines the decimal places configuration.", "title": "DecimalPlacesConfiguration" }, "NegativeValueConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NegativeValueConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.NegativeValueConfiguration", "markdownDescription": "The options that determine the negative value configuration.", "title": "NegativeValueConfiguration" }, "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NullValueFormatConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.NullValueFormatConfiguration", "markdownDescription": "The options that determine the null value format configuration.", "title": "NullValueFormatConfiguration" }, @@ -217003,7 +227893,7 @@ "type": "string" }, "SeparatorConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericSeparatorConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericSeparatorConfiguration", "markdownDescription": "The options that determine the numeric separator configuration.", "title": "SeparatorConfiguration" }, @@ -217015,38 +227905,38 @@ }, "type": "object" }, - "AWS::QuickSight::Template.NumberFormatConfiguration": { + "AWS::QuickSight::Analysis.NumberFormatConfiguration": { "additionalProperties": false, "properties": { "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericFormatConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericFormatConfiguration", "markdownDescription": "The options that determine the numeric format configuration.", "title": "FormatConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Template.NumericAxisOptions": { + "AWS::QuickSight::Analysis.NumericAxisOptions": { "additionalProperties": false, "properties": { "Range": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayRange", + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayRange", "markdownDescription": "The range setup of a numeric axis.", "title": "Range" }, "Scale": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisScale", + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisScale", "markdownDescription": "The scale setup of a numeric axis.", "title": "Scale" } }, "type": "object" }, - "AWS::QuickSight::Template.NumericEqualityDrillDownFilter": { + "AWS::QuickSight::Analysis.NumericEqualityDrillDownFilter": { "additionalProperties": false, "properties": { "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The column that the filter is applied to.", "title": "Column" }, @@ -217062,21 +227952,21 @@ ], "type": "object" }, - "AWS::QuickSight::Template.NumericEqualityFilter": { + "AWS::QuickSight::Analysis.NumericEqualityFilter": { "additionalProperties": false, "properties": { "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Template.AggregationFunction", + "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationFunction", "markdownDescription": "The aggregation function of the filter.", "title": "AggregationFunction" }, "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The column that the filter is applied to.", "title": "Column" }, "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", "title": "DefaultFilterControlConfiguration" }, @@ -217119,42 +228009,42 @@ ], "type": "object" }, - "AWS::QuickSight::Template.NumericFormatConfiguration": { + "AWS::QuickSight::Analysis.NumericFormatConfiguration": { "additionalProperties": false, "properties": { "CurrencyDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.CurrencyDisplayFormatConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.CurrencyDisplayFormatConfiguration", "markdownDescription": "The options that determine the currency display format configuration.", "title": "CurrencyDisplayFormatConfiguration" }, "NumberDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumberDisplayFormatConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumberDisplayFormatConfiguration", "markdownDescription": "The options that determine the number display format configuration.", "title": "NumberDisplayFormatConfiguration" }, "PercentageDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.PercentageDisplayFormatConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.PercentageDisplayFormatConfiguration", "markdownDescription": "The options that determine the percentage display format configuration.", "title": "PercentageDisplayFormatConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Template.NumericRangeFilter": { + "AWS::QuickSight::Analysis.NumericRangeFilter": { "additionalProperties": false, "properties": { "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Template.AggregationFunction", + "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationFunction", "markdownDescription": "The aggregation function of the filter.", "title": "AggregationFunction" }, "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The column that the filter is applied to.", "title": "Column" }, "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", "title": "DefaultFilterControlConfiguration" }, @@ -217179,12 +228069,12 @@ "type": "string" }, "RangeMaximum": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericRangeFilterValue", + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericRangeFilterValue", "markdownDescription": "The maximum value for the filter value range.", "title": "RangeMaximum" }, "RangeMinimum": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericRangeFilterValue", + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericRangeFilterValue", "markdownDescription": "The minimum value for the filter value range.", "title": "RangeMinimum" }, @@ -217201,7 +228091,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.NumericRangeFilterValue": { + "AWS::QuickSight::Analysis.NumericRangeFilterValue": { "additionalProperties": false, "properties": { "Parameter": { @@ -217217,7 +228107,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.NumericSeparatorConfiguration": { + "AWS::QuickSight::Analysis.NumericSeparatorConfiguration": { "additionalProperties": false, "properties": { "DecimalSeparator": { @@ -217226,18 +228116,18 @@ "type": "string" }, "ThousandsSeparator": { - "$ref": "#/definitions/AWS::QuickSight::Template.ThousandSeparatorOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ThousandSeparatorOptions", "markdownDescription": "The options that determine the thousands separator configuration.", "title": "ThousandsSeparator" } }, "type": "object" }, - "AWS::QuickSight::Template.NumericalAggregationFunction": { + "AWS::QuickSight::Analysis.NumericalAggregationFunction": { "additionalProperties": false, "properties": { "PercentileAggregation": { - "$ref": "#/definitions/AWS::QuickSight::Template.PercentileAggregation", + "$ref": "#/definitions/AWS::QuickSight::Analysis.PercentileAggregation", "markdownDescription": "An aggregation based on the percentile of values in a dimension or measure.", "title": "PercentileAggregation" }, @@ -217249,11 +228139,11 @@ }, "type": "object" }, - "AWS::QuickSight::Template.NumericalDimensionField": { + "AWS::QuickSight::Analysis.NumericalDimensionField": { "additionalProperties": false, "properties": { "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The column that is used in the `NumericalDimensionField` .", "title": "Column" }, @@ -217263,7 +228153,7 @@ "type": "string" }, "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumberFormatConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumberFormatConfiguration", "markdownDescription": "The format configuration of the field.", "title": "FormatConfiguration" }, @@ -217279,16 +228169,16 @@ ], "type": "object" }, - "AWS::QuickSight::Template.NumericalMeasureField": { + "AWS::QuickSight::Analysis.NumericalMeasureField": { "additionalProperties": false, "properties": { "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericalAggregationFunction", + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericalAggregationFunction", "markdownDescription": "The aggregation function of the measure field.", "title": "AggregationFunction" }, "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The column that is used in the `NumericalMeasureField` .", "title": "Column" }, @@ -217298,7 +228188,7 @@ "type": "string" }, "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumberFormatConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumberFormatConfiguration", "markdownDescription": "The format configuration of the field.", "title": "FormatConfiguration" } @@ -217309,7 +228199,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.PaginationConfiguration": { + "AWS::QuickSight::Analysis.PaginationConfiguration": { "additionalProperties": false, "properties": { "PageNumber": { @@ -217329,7 +228219,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.PanelConfiguration": { + "AWS::QuickSight::Analysis.PanelConfiguration": { "additionalProperties": false, "properties": { "BackgroundColor": { @@ -217373,18 +228263,18 @@ "type": "string" }, "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.PanelTitleOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.PanelTitleOptions", "markdownDescription": "Configures the title display within each small multiples panel.", "title": "Title" } }, "type": "object" }, - "AWS::QuickSight::Template.PanelTitleOptions": { + "AWS::QuickSight::Analysis.PanelTitleOptions": { "additionalProperties": false, "properties": { "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", "markdownDescription": "", "title": "FontConfiguration" }, @@ -217401,47 +228291,47 @@ }, "type": "object" }, - "AWS::QuickSight::Template.ParameterControl": { + "AWS::QuickSight::Analysis.ParameterControl": { "additionalProperties": false, "properties": { "DateTimePicker": { - "$ref": "#/definitions/AWS::QuickSight::Template.ParameterDateTimePickerControl", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterDateTimePickerControl", "markdownDescription": "A control from a date parameter that specifies date and time.", "title": "DateTimePicker" }, "Dropdown": { - "$ref": "#/definitions/AWS::QuickSight::Template.ParameterDropDownControl", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterDropDownControl", "markdownDescription": "A control to display a dropdown list with buttons that are used to select a single value.", "title": "Dropdown" }, "List": { - "$ref": "#/definitions/AWS::QuickSight::Template.ParameterListControl", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterListControl", "markdownDescription": "A control to display a list with buttons or boxes that are used to select either a single value or multiple values.", "title": "List" }, "Slider": { - "$ref": "#/definitions/AWS::QuickSight::Template.ParameterSliderControl", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterSliderControl", "markdownDescription": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle.", "title": "Slider" }, "TextArea": { - "$ref": "#/definitions/AWS::QuickSight::Template.ParameterTextAreaControl", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterTextAreaControl", "markdownDescription": "A control to display a text box that is used to enter multiple entries.", "title": "TextArea" }, "TextField": { - "$ref": "#/definitions/AWS::QuickSight::Template.ParameterTextFieldControl", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterTextFieldControl", "markdownDescription": "A control to display a text box that is used to enter a single entry.", "title": "TextField" } }, "type": "object" }, - "AWS::QuickSight::Template.ParameterDateTimePickerControl": { + "AWS::QuickSight::Analysis.ParameterDateTimePickerControl": { "additionalProperties": false, "properties": { "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DateTimePickerControlDisplayOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimePickerControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, @@ -217468,42 +228358,47 @@ ], "type": "object" }, - "AWS::QuickSight::Template.ParameterDeclaration": { + "AWS::QuickSight::Analysis.ParameterDeclaration": { "additionalProperties": false, "properties": { "DateTimeParameterDeclaration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeParameterDeclaration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeParameterDeclaration", "markdownDescription": "A parameter declaration for the `DateTime` data type.", "title": "DateTimeParameterDeclaration" }, "DecimalParameterDeclaration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DecimalParameterDeclaration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalParameterDeclaration", "markdownDescription": "A parameter declaration for the `Decimal` data type.", "title": "DecimalParameterDeclaration" }, "IntegerParameterDeclaration": { - "$ref": "#/definitions/AWS::QuickSight::Template.IntegerParameterDeclaration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.IntegerParameterDeclaration", "markdownDescription": "A parameter declaration for the `Integer` data type.", "title": "IntegerParameterDeclaration" }, "StringParameterDeclaration": { - "$ref": "#/definitions/AWS::QuickSight::Template.StringParameterDeclaration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.StringParameterDeclaration", "markdownDescription": "A parameter declaration for the `String` data type.", "title": "StringParameterDeclaration" } }, "type": "object" }, - "AWS::QuickSight::Template.ParameterDropDownControl": { + "AWS::QuickSight::Analysis.ParameterDropDownControl": { "additionalProperties": false, "properties": { "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.CascadingControlConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.CascadingControlConfiguration", "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", "title": "CascadingControlConfiguration" }, + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `ParameterDropDownControl` .", + "title": "CommitMode", + "type": "string" + }, "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DropDownControlDisplayOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DropDownControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, @@ -217513,7 +228408,7 @@ "type": "string" }, "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Template.ParameterSelectableValues", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterSelectableValues", "markdownDescription": "A list of selectable values that are used in a control.", "title": "SelectableValues" }, @@ -217540,16 +228435,16 @@ ], "type": "object" }, - "AWS::QuickSight::Template.ParameterListControl": { + "AWS::QuickSight::Analysis.ParameterListControl": { "additionalProperties": false, "properties": { "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.CascadingControlConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.CascadingControlConfiguration", "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", "title": "CascadingControlConfiguration" }, "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ListControlDisplayOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ListControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, @@ -217559,7 +228454,7 @@ "type": "string" }, "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Template.ParameterSelectableValues", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterSelectableValues", "markdownDescription": "A list of selectable values that are used in a control.", "title": "SelectableValues" }, @@ -217586,11 +228481,11 @@ ], "type": "object" }, - "AWS::QuickSight::Template.ParameterSelectableValues": { + "AWS::QuickSight::Analysis.ParameterSelectableValues": { "additionalProperties": false, "properties": { "LinkToDataSetColumn": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The column identifier that fetches values from the data set.", "title": "LinkToDataSetColumn" }, @@ -217605,11 +228500,11 @@ }, "type": "object" }, - "AWS::QuickSight::Template.ParameterSliderControl": { + "AWS::QuickSight::Analysis.ParameterSliderControl": { "additionalProperties": false, "properties": { "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SliderControlDisplayOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.SliderControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, @@ -217654,7 +228549,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.ParameterTextAreaControl": { + "AWS::QuickSight::Analysis.ParameterTextAreaControl": { "additionalProperties": false, "properties": { "Delimiter": { @@ -217663,7 +228558,7 @@ "type": "string" }, "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TextAreaControlDisplayOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TextAreaControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, @@ -217690,11 +228585,11 @@ ], "type": "object" }, - "AWS::QuickSight::Template.ParameterTextFieldControl": { + "AWS::QuickSight::Analysis.ParameterTextFieldControl": { "additionalProperties": false, "properties": { "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TextFieldControlDisplayOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TextFieldControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, @@ -217721,7 +228616,45 @@ ], "type": "object" }, - "AWS::QuickSight::Template.PercentVisibleRange": { + "AWS::QuickSight::Analysis.Parameters": { + "additionalProperties": false, + "properties": { + "DateTimeParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeParameter" + }, + "markdownDescription": "The parameters that have a data type of date-time.", + "title": "DateTimeParameters", + "type": "array" + }, + "DecimalParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalParameter" + }, + "markdownDescription": "The parameters that have a data type of decimal.", + "title": "DecimalParameters", + "type": "array" + }, + "IntegerParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.IntegerParameter" + }, + "markdownDescription": "The parameters that have a data type of integer.", + "title": "IntegerParameters", + "type": "array" + }, + "StringParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.StringParameter" + }, + "markdownDescription": "The parameters that have a data type of string.", + "title": "StringParameters", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.PercentVisibleRange": { "additionalProperties": false, "properties": { "From": { @@ -217737,21 +228670,21 @@ }, "type": "object" }, - "AWS::QuickSight::Template.PercentageDisplayFormatConfiguration": { + "AWS::QuickSight::Analysis.PercentageDisplayFormatConfiguration": { "additionalProperties": false, "properties": { "DecimalPlacesConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DecimalPlacesConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalPlacesConfiguration", "markdownDescription": "The option that determines the decimal places configuration.", "title": "DecimalPlacesConfiguration" }, "NegativeValueConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NegativeValueConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.NegativeValueConfiguration", "markdownDescription": "The options that determine the negative value configuration.", "title": "NegativeValueConfiguration" }, "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NullValueFormatConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.NullValueFormatConfiguration", "markdownDescription": "The options that determine the null value format configuration.", "title": "NullValueFormatConfiguration" }, @@ -217761,7 +228694,7 @@ "type": "string" }, "SeparatorConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericSeparatorConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericSeparatorConfiguration", "markdownDescription": "The options that determine the numeric separator configuration.", "title": "SeparatorConfiguration" }, @@ -217773,7 +228706,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.PercentileAggregation": { + "AWS::QuickSight::Analysis.PercentileAggregation": { "additionalProperties": false, "properties": { "PercentileValue": { @@ -217784,7 +228717,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.PeriodOverPeriodComputation": { + "AWS::QuickSight::Analysis.PeriodOverPeriodComputation": { "additionalProperties": false, "properties": { "ComputationId": { @@ -217798,12 +228731,12 @@ "type": "string" }, "Time": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", "markdownDescription": "The time field that is used in a computation.", "title": "Time" }, "Value": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", "markdownDescription": "The value field that is used in a computation.", "title": "Value" } @@ -217813,7 +228746,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.PeriodToDateComputation": { + "AWS::QuickSight::Analysis.PeriodToDateComputation": { "additionalProperties": false, "properties": { "ComputationId": { @@ -217832,12 +228765,12 @@ "type": "string" }, "Time": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", "markdownDescription": "The time field that is used in a computation.", "title": "Time" }, "Value": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", "markdownDescription": "The value field that is used in a computation.", "title": "Value" } @@ -217847,12 +228780,12 @@ ], "type": "object" }, - "AWS::QuickSight::Template.PieChartAggregatedFieldWells": { + "AWS::QuickSight::Analysis.PieChartAggregatedFieldWells": { "additionalProperties": false, "properties": { "Category": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The category (group/color) field wells of a pie chart.", "title": "Category", @@ -217860,7 +228793,7 @@ }, "SmallMultiples": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The small multiples field well of a pie chart.", "title": "SmallMultiples", @@ -217868,7 +228801,7 @@ }, "Values": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, "markdownDescription": "The value field wells of a pie chart. Values are aggregated based on categories.", "title": "Values", @@ -217877,105 +228810,110 @@ }, "type": "object" }, - "AWS::QuickSight::Template.PieChartConfiguration": { + "AWS::QuickSight::Analysis.PieChartConfiguration": { "additionalProperties": false, "properties": { "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The label options of the group/color that is displayed in a pie chart.", "title": "CategoryLabelOptions" }, "ContributionAnalysisDefaults": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ContributionAnalysisDefault" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ContributionAnalysisDefault" }, "markdownDescription": "The contribution analysis (anomaly configuration) setup of the visual.", "title": "ContributionAnalysisDefaults", "type": "array" }, "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", "markdownDescription": "The options that determine if visual data labels are displayed.", "title": "DataLabels" }, "DonutOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DonutOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DonutOptions", "markdownDescription": "The options that determine the shape of the chart. This option determines whether the chart is a pie chart or a donut chart.", "title": "DonutOptions" }, "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.PieChartFieldWells", + "$ref": "#/definitions/AWS::QuickSight::Analysis.PieChartFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Legend" }, "SmallMultiplesOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SmallMultiplesOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.SmallMultiplesOptions", "markdownDescription": "The small multiples setup for the visual.", "title": "SmallMultiplesOptions" }, "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.PieChartSortConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.PieChartSortConfiguration", "markdownDescription": "The sort configuration of a pie chart.", "title": "SortConfiguration" }, "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", "markdownDescription": "The tooltip display setup of the visual.", "title": "Tooltip" }, "ValueLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The label options for the value that is displayed in a pie chart.", "title": "ValueLabelOptions" }, "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", "markdownDescription": "The palette (chart color) display setup of the visual.", "title": "VisualPalette" } }, "type": "object" }, - "AWS::QuickSight::Template.PieChartFieldWells": { + "AWS::QuickSight::Analysis.PieChartFieldWells": { "additionalProperties": false, "properties": { "PieChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.PieChartAggregatedFieldWells", + "$ref": "#/definitions/AWS::QuickSight::Analysis.PieChartAggregatedFieldWells", "markdownDescription": "The field well configuration of a pie chart.", "title": "PieChartAggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Template.PieChartSortConfiguration": { + "AWS::QuickSight::Analysis.PieChartSortConfiguration": { "additionalProperties": false, "properties": { "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of categories that are displayed in a pie chart.", "title": "CategoryItemsLimit" }, "CategorySort": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, "markdownDescription": "The sort configuration of the category fields.", "title": "CategorySort", "type": "array" }, "SmallMultiplesLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of small multiples panels that are displayed.", "title": "SmallMultiplesLimitConfiguration" }, "SmallMultiplesSort": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, "markdownDescription": "The sort configuration of the small multiples field.", "title": "SmallMultiplesSort", @@ -217984,40 +228922,45 @@ }, "type": "object" }, - "AWS::QuickSight::Template.PieChartVisual": { + "AWS::QuickSight::Analysis.PieChartVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.PieChartConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.PieChartConfiguration", "markdownDescription": "The configuration of a pie chart.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", @@ -218029,7 +228972,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.PivotFieldSortOptions": { + "AWS::QuickSight::Analysis.PivotFieldSortOptions": { "additionalProperties": false, "properties": { "FieldId": { @@ -218038,7 +228981,7 @@ "type": "string" }, "SortBy": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableSortBy", + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableSortBy", "markdownDescription": "The sort by field for the field sort options.", "title": "SortBy" } @@ -218049,12 +228992,12 @@ ], "type": "object" }, - "AWS::QuickSight::Template.PivotTableAggregatedFieldWells": { + "AWS::QuickSight::Analysis.PivotTableAggregatedFieldWells": { "additionalProperties": false, "properties": { "Columns": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The columns field well for a pivot table. Values are grouped by columns fields.", "title": "Columns", @@ -218062,7 +229005,7 @@ }, "Rows": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The rows field well for a pivot table. Values are grouped by rows fields.", "title": "Rows", @@ -218070,7 +229013,7 @@ }, "Values": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, "markdownDescription": "The values field well for a pivot table. Values are aggregated based on rows and columns fields.", "title": "Values", @@ -218079,7 +229022,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.PivotTableCellConditionalFormatting": { + "AWS::QuickSight::Analysis.PivotTableCellConditionalFormatting": { "additionalProperties": false, "properties": { "FieldId": { @@ -218088,20 +229031,20 @@ "type": "string" }, "Scope": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableConditionalFormattingScope", + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableConditionalFormattingScope", "markdownDescription": "The scope of the cell for conditional formatting.", "title": "Scope" }, "Scopes": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableConditionalFormattingScope" + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableConditionalFormattingScope" }, "markdownDescription": "A list of cell scopes for conditional formatting.", "title": "Scopes", "type": "array" }, "TextFormat": { - "$ref": "#/definitions/AWS::QuickSight::Template.TextConditionalFormat", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TextConditionalFormat", "markdownDescription": "The text format of the cell for conditional formatting.", "title": "TextFormat" } @@ -218111,12 +229054,12 @@ ], "type": "object" }, - "AWS::QuickSight::Template.PivotTableConditionalFormatting": { + "AWS::QuickSight::Analysis.PivotTableConditionalFormatting": { "additionalProperties": false, "properties": { "ConditionalFormattingOptions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableConditionalFormattingOption" + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableConditionalFormattingOption" }, "markdownDescription": "Conditional formatting options for a `PivotTableVisual` .", "title": "ConditionalFormattingOptions", @@ -218125,18 +229068,18 @@ }, "type": "object" }, - "AWS::QuickSight::Template.PivotTableConditionalFormattingOption": { + "AWS::QuickSight::Analysis.PivotTableConditionalFormattingOption": { "additionalProperties": false, "properties": { "Cell": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableCellConditionalFormatting", + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableCellConditionalFormatting", "markdownDescription": "The cell conditional formatting option for a pivot table.", "title": "Cell" } }, "type": "object" }, - "AWS::QuickSight::Template.PivotTableConditionalFormattingScope": { + "AWS::QuickSight::Analysis.PivotTableConditionalFormattingScope": { "additionalProperties": false, "properties": { "Role": { @@ -218147,48 +229090,53 @@ }, "type": "object" }, - "AWS::QuickSight::Template.PivotTableConfiguration": { + "AWS::QuickSight::Analysis.PivotTableConfiguration": { "additionalProperties": false, "properties": { "FieldOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableFieldOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableFieldOptions", "markdownDescription": "The field options for a pivot table visual.", "title": "FieldOptions" }, "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableFieldWells", + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, "PaginatedReportOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTablePaginatedReportOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTablePaginatedReportOptions", "markdownDescription": "The paginated report options for a pivot table visual.", "title": "PaginatedReportOptions" }, "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableSortConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableSortConfiguration", "markdownDescription": "The sort configuration for a `PivotTableVisual` .", "title": "SortConfiguration" }, "TableOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableOptions", "markdownDescription": "The table options for a pivot table visual.", "title": "TableOptions" }, "TotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableTotalOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableTotalOptions", "markdownDescription": "The total options for a pivot table visual.", "title": "TotalOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.PivotTableDataPathOption": { + "AWS::QuickSight::Analysis.PivotTableDataPathOption": { "additionalProperties": false, "properties": { "DataPathList": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataPathValue" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathValue" }, "markdownDescription": "The list of data path values for the data path options.", "title": "DataPathList", @@ -218205,7 +229153,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.PivotTableFieldCollapseStateOption": { + "AWS::QuickSight::Analysis.PivotTableFieldCollapseStateOption": { "additionalProperties": false, "properties": { "State": { @@ -218214,7 +229162,7 @@ "type": "string" }, "Target": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableFieldCollapseStateTarget", + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableFieldCollapseStateTarget", "markdownDescription": "A tagged-union object that sets the collapse state.", "title": "Target" } @@ -218224,12 +229172,12 @@ ], "type": "object" }, - "AWS::QuickSight::Template.PivotTableFieldCollapseStateTarget": { + "AWS::QuickSight::Analysis.PivotTableFieldCollapseStateTarget": { "additionalProperties": false, "properties": { "FieldDataPathValues": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataPathValue" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathValue" }, "markdownDescription": "The data path of the pivot table's header. Used to set the collapse state.", "title": "FieldDataPathValues", @@ -218243,7 +229191,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.PivotTableFieldOption": { + "AWS::QuickSight::Analysis.PivotTableFieldOption": { "additionalProperties": false, "properties": { "CustomLabel": { @@ -218267,12 +229215,12 @@ ], "type": "object" }, - "AWS::QuickSight::Template.PivotTableFieldOptions": { + "AWS::QuickSight::Analysis.PivotTableFieldOptions": { "additionalProperties": false, "properties": { "CollapseStateOptions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableFieldCollapseStateOption" + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableFieldCollapseStateOption" }, "markdownDescription": "The collapse state options for the pivot table field options.", "title": "CollapseStateOptions", @@ -218280,7 +229228,7 @@ }, "DataPathOptions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableDataPathOption" + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableDataPathOption" }, "markdownDescription": "The data path options for the pivot table field options.", "title": "DataPathOptions", @@ -218288,7 +229236,7 @@ }, "SelectedFieldOptions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableFieldOption" + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableFieldOption" }, "markdownDescription": "The selected field options for the pivot table field options.", "title": "SelectedFieldOptions", @@ -218297,7 +229245,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.PivotTableFieldSubtotalOptions": { + "AWS::QuickSight::Analysis.PivotTableFieldSubtotalOptions": { "additionalProperties": false, "properties": { "FieldId": { @@ -218308,22 +229256,22 @@ }, "type": "object" }, - "AWS::QuickSight::Template.PivotTableFieldWells": { + "AWS::QuickSight::Analysis.PivotTableFieldWells": { "additionalProperties": false, "properties": { "PivotTableAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableAggregatedFieldWells", + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableAggregatedFieldWells", "markdownDescription": "The aggregated field well for the pivot table.", "title": "PivotTableAggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Template.PivotTableOptions": { + "AWS::QuickSight::Analysis.PivotTableOptions": { "additionalProperties": false, "properties": { "CellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", "markdownDescription": "The table cell style of cells.", "title": "CellStyle" }, @@ -218333,7 +229281,7 @@ "type": "string" }, "ColumnHeaderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", "markdownDescription": "The table cell style of the column header.", "title": "ColumnHeaderStyle" }, @@ -218353,22 +229301,22 @@ "type": "string" }, "RowAlternateColorOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.RowAlternateColorOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.RowAlternateColorOptions", "markdownDescription": "The row alternate color options (widget status, row alternate colors).", "title": "RowAlternateColorOptions" }, "RowFieldNamesStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", "markdownDescription": "The table cell style of row field names.", "title": "RowFieldNamesStyle" }, "RowHeaderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", "markdownDescription": "The table cell style of the row headers.", "title": "RowHeaderStyle" }, "RowsLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableRowsLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableRowsLabelOptions", "markdownDescription": "The options for the label that is located above the row headers. This option is only applicable when `RowsLayout` is set to `HIERARCHY` .", "title": "RowsLabelOptions" }, @@ -218390,7 +229338,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.PivotTablePaginatedReportOptions": { + "AWS::QuickSight::Analysis.PivotTablePaginatedReportOptions": { "additionalProperties": false, "properties": { "OverflowColumnHeaderVisibility": { @@ -218406,7 +229354,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.PivotTableRowsLabelOptions": { + "AWS::QuickSight::Analysis.PivotTableRowsLabelOptions": { "additionalProperties": false, "properties": { "CustomLabel": { @@ -218422,33 +229370,33 @@ }, "type": "object" }, - "AWS::QuickSight::Template.PivotTableSortBy": { + "AWS::QuickSight::Analysis.PivotTableSortBy": { "additionalProperties": false, "properties": { "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnSort", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnSort", "markdownDescription": "The column sort (field id, direction) for the pivot table sort by options.", "title": "Column" }, "DataPath": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataPathSort", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathSort", "markdownDescription": "The data path sort (data path value, direction) for the pivot table sort by options.", "title": "DataPath" }, "Field": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSort", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSort", "markdownDescription": "The field sort (field id, direction) for the pivot table sort by options.", "title": "Field" } }, "type": "object" }, - "AWS::QuickSight::Template.PivotTableSortConfiguration": { + "AWS::QuickSight::Analysis.PivotTableSortConfiguration": { "additionalProperties": false, "properties": { "FieldSortOptions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotFieldSortOptions" + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotFieldSortOptions" }, "markdownDescription": "The field sort options for a pivot table sort configuration.", "title": "FieldSortOptions", @@ -218457,63 +229405,68 @@ }, "type": "object" }, - "AWS::QuickSight::Template.PivotTableTotalOptions": { + "AWS::QuickSight::Analysis.PivotTableTotalOptions": { "additionalProperties": false, "properties": { "ColumnSubtotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SubtotalOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.SubtotalOptions", "markdownDescription": "The column subtotal options.", "title": "ColumnSubtotalOptions" }, "ColumnTotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTotalOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTotalOptions", "markdownDescription": "The column total options.", "title": "ColumnTotalOptions" }, "RowSubtotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SubtotalOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.SubtotalOptions", "markdownDescription": "The row subtotal options.", "title": "RowSubtotalOptions" }, "RowTotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTotalOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTotalOptions", "markdownDescription": "The row total options.", "title": "RowTotalOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.PivotTableVisual": { + "AWS::QuickSight::Analysis.PivotTableVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableConditionalFormatting", + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableConditionalFormatting", "markdownDescription": "The conditional formatting for a `PivotTableVisual` .", "title": "ConditionalFormatting" }, "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", "title": "VisualId", @@ -218525,7 +229478,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.PivotTotalOptions": { + "AWS::QuickSight::Analysis.PivotTotalOptions": { "additionalProperties": false, "properties": { "CustomLabel": { @@ -218534,7 +229487,7 @@ "type": "string" }, "MetricHeaderCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", "markdownDescription": "The cell styling options for the total of header cells.", "title": "MetricHeaderCellStyle" }, @@ -218550,14 +229503,14 @@ }, "TotalAggregationOptions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.TotalAggregationOption" + "$ref": "#/definitions/AWS::QuickSight::Analysis.TotalAggregationOption" }, "markdownDescription": "The total aggregation options for each value field.", "title": "TotalAggregationOptions", "type": "array" }, "TotalCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", "markdownDescription": "The cell styling options for the total cells.", "title": "TotalCellStyle" }, @@ -218567,19 +229520,189 @@ "type": "string" }, "ValueCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", "markdownDescription": "The cell styling options for the totals of value cells.", "title": "ValueCellStyle" } }, "type": "object" }, - "AWS::QuickSight::Template.PredefinedHierarchy": { + "AWS::QuickSight::Analysis.PluginVisual": { + "additionalProperties": false, + "properties": { + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PluginVisualConfiguration", + "markdownDescription": "A description of the plugin field wells and their persisted properties.", + "title": "ChartConfiguration" + }, + "PluginArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that reflects the plugin and version.", + "title": "PluginArn", + "type": "string" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The ID of the visual that you want to use.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "PluginArn", + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.PluginVisualConfiguration": { + "additionalProperties": false, + "properties": { + "FieldWells": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PluginVisualFieldWell" + }, + "markdownDescription": "The field wells configuration of the plugin visual.", + "title": "FieldWells", + "type": "array" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PluginVisualSortConfiguration", + "markdownDescription": "The sort configuration of the plugin visual.", + "title": "SortConfiguration" + }, + "VisualOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PluginVisualOptions", + "markdownDescription": "The persisted properties of the plugin visual.", + "title": "VisualOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.PluginVisualFieldWell": { + "additionalProperties": false, + "properties": { + "AxisName": { + "markdownDescription": "The semantic axis name for the field well.", + "title": "AxisName", + "type": "string" + }, + "Dimensions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "A list of dimensions for the field well.", + "title": "Dimensions", + "type": "array" + }, + "Measures": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "A list of measures that exist in the field well.", + "title": "Measures", + "type": "array" + }, + "Unaggregated": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.UnaggregatedField" + }, + "markdownDescription": "A list of unaggregated fields that exist in the field well.", + "title": "Unaggregated", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.PluginVisualItemsLimitConfiguration": { + "additionalProperties": false, + "properties": { + "ItemsLimit": { + "markdownDescription": "Determines how many values are be fetched at once.", + "title": "ItemsLimit", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.PluginVisualOptions": { + "additionalProperties": false, + "properties": { + "VisualProperties": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PluginVisualProperty" + }, + "markdownDescription": "The persisted properties and their values.", + "title": "VisualProperties", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.PluginVisualProperty": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the plugin visual property.", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the plugin visual property.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.PluginVisualSortConfiguration": { + "additionalProperties": false, + "properties": { + "PluginVisualTableQuerySort": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PluginVisualTableQuerySort", + "markdownDescription": "The table query sorting options for the plugin visual.", + "title": "PluginVisualTableQuerySort" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.PluginVisualTableQuerySort": { + "additionalProperties": false, + "properties": { + "ItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PluginVisualItemsLimitConfiguration", + "markdownDescription": "The maximum amount of data to be returned by a query.", + "title": "ItemsLimitConfiguration" + }, + "RowSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + }, + "markdownDescription": "Determines how data is sorted in the response.", + "title": "RowSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.PredefinedHierarchy": { "additionalProperties": false, "properties": { "Columns": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier" }, "markdownDescription": "The list of columns that define the predefined hierarchy.", "title": "Columns", @@ -218587,7 +229710,7 @@ }, "DrillDownFilters": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DrillDownFilter" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DrillDownFilter" }, "markdownDescription": "The option that determines the drill down filters for the predefined hierarchy.", "title": "DrillDownFilters", @@ -218605,7 +229728,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.ProgressBarOptions": { + "AWS::QuickSight::Analysis.ProgressBarOptions": { "additionalProperties": false, "properties": { "Visibility": { @@ -218616,12 +229739,23 @@ }, "type": "object" }, - "AWS::QuickSight::Template.RadarChartAggregatedFieldWells": { + "AWS::QuickSight::Analysis.QueryExecutionOptions": { + "additionalProperties": false, + "properties": { + "QueryExecutionMode": { + "markdownDescription": "A structure that describes the query execution mode.", + "title": "QueryExecutionMode", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.RadarChartAggregatedFieldWells": { "additionalProperties": false, "properties": { "Category": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The aggregated field well categories of a radar chart.", "title": "Category", @@ -218629,7 +229763,7 @@ }, "Color": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The color that are assigned to the aggregated field wells of a radar chart.", "title": "Color", @@ -218637,7 +229771,7 @@ }, "Values": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, "markdownDescription": "The values that are assigned to the aggregated field wells of a radar chart.", "title": "Values", @@ -218646,7 +229780,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.RadarChartAreaStyleSettings": { + "AWS::QuickSight::Analysis.RadarChartAreaStyleSettings": { "additionalProperties": false, "properties": { "Visibility": { @@ -218657,7 +229791,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.RadarChartConfiguration": { + "AWS::QuickSight::Analysis.RadarChartConfiguration": { "additionalProperties": false, "properties": { "AlternateBandColorsVisibility": { @@ -218681,37 +229815,42 @@ "type": "string" }, "BaseSeriesSettings": { - "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartSeriesSettings", + "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartSeriesSettings", "markdownDescription": "The base sreies settings of a radar chart.", "title": "BaseSeriesSettings" }, "CategoryAxis": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", "markdownDescription": "The category axis of a radar chart.", "title": "CategoryAxis" }, "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The category label options of a radar chart.", "title": "CategoryLabelOptions" }, "ColorAxis": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", "markdownDescription": "The color axis of a radar chart.", "title": "ColorAxis" }, "ColorLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The color label options of a radar chart.", "title": "ColorLabelOptions" }, "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartFieldWells", + "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartFieldWells", "markdownDescription": "The field well configuration of a `RadarChartVisual` .", "title": "FieldWells" }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Legend" }, @@ -218721,7 +229860,7 @@ "type": "string" }, "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartSortConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartSortConfiguration", "markdownDescription": "The sort configuration of a `RadarChartVisual` .", "title": "SortConfiguration" }, @@ -218731,59 +229870,59 @@ "type": "number" }, "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", "markdownDescription": "The palette (chart color) display setup of the visual.", "title": "VisualPalette" } }, "type": "object" }, - "AWS::QuickSight::Template.RadarChartFieldWells": { + "AWS::QuickSight::Analysis.RadarChartFieldWells": { "additionalProperties": false, "properties": { "RadarChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartAggregatedFieldWells", + "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartAggregatedFieldWells", "markdownDescription": "The aggregated field wells of a radar chart visual.", "title": "RadarChartAggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Template.RadarChartSeriesSettings": { + "AWS::QuickSight::Analysis.RadarChartSeriesSettings": { "additionalProperties": false, "properties": { "AreaStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartAreaStyleSettings", + "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartAreaStyleSettings", "markdownDescription": "The area style settings of a radar chart.", "title": "AreaStyleSettings" } }, "type": "object" }, - "AWS::QuickSight::Template.RadarChartSortConfiguration": { + "AWS::QuickSight::Analysis.RadarChartSortConfiguration": { "additionalProperties": false, "properties": { "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", "markdownDescription": "The category items limit for a radar chart.", "title": "CategoryItemsLimit" }, "CategorySort": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, "markdownDescription": "The category sort options of a radar chart.", "title": "CategorySort", "type": "array" }, "ColorItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", "markdownDescription": "The color items limit of a radar chart.", "title": "ColorItemsLimit" }, "ColorSort": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, "markdownDescription": "The color sort configuration of a radar chart.", "title": "ColorSort", @@ -218792,40 +229931,45 @@ }, "type": "object" }, - "AWS::QuickSight::Template.RadarChartVisual": { + "AWS::QuickSight::Analysis.RadarChartVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", @@ -218837,7 +229981,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.RangeEndsLabelType": { + "AWS::QuickSight::Analysis.RangeEndsLabelType": { "additionalProperties": false, "properties": { "Visibility": { @@ -218848,16 +229992,16 @@ }, "type": "object" }, - "AWS::QuickSight::Template.ReferenceLine": { + "AWS::QuickSight::Analysis.ReferenceLine": { "additionalProperties": false, "properties": { "DataConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineDataConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineDataConfiguration", "markdownDescription": "The data configuration of the reference line.", "title": "DataConfiguration" }, "LabelConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineLabelConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineLabelConfiguration", "markdownDescription": "The label configuration of the reference line.", "title": "LabelConfiguration" }, @@ -218867,7 +230011,7 @@ "type": "string" }, "StyleConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineStyleConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineStyleConfiguration", "markdownDescription": "The style configuration of the reference line.", "title": "StyleConfiguration" } @@ -218877,7 +230021,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.ReferenceLineCustomLabelConfiguration": { + "AWS::QuickSight::Analysis.ReferenceLineCustomLabelConfiguration": { "additionalProperties": false, "properties": { "CustomLabel": { @@ -218891,7 +230035,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.ReferenceLineDataConfiguration": { + "AWS::QuickSight::Analysis.ReferenceLineDataConfiguration": { "additionalProperties": false, "properties": { "AxisBinding": { @@ -218900,7 +230044,7 @@ "type": "string" }, "DynamicConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineDynamicDataConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineDynamicDataConfiguration", "markdownDescription": "The dynamic configuration of the reference line data configuration.", "title": "DynamicConfiguration" }, @@ -218910,28 +230054,28 @@ "type": "string" }, "StaticConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineStaticDataConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineStaticDataConfiguration", "markdownDescription": "The static data configuration of the reference line data configuration.", "title": "StaticConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Template.ReferenceLineDynamicDataConfiguration": { + "AWS::QuickSight::Analysis.ReferenceLineDynamicDataConfiguration": { "additionalProperties": false, "properties": { "Calculation": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericalAggregationFunction", + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericalAggregationFunction", "markdownDescription": "The calculation that is used in the dynamic data.", "title": "Calculation" }, "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The column that the dynamic data targets.", "title": "Column" }, "MeasureAggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Template.AggregationFunction", + "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationFunction", "markdownDescription": "The aggregation function that is used in the dynamic data.", "title": "MeasureAggregationFunction" } @@ -218942,11 +230086,11 @@ ], "type": "object" }, - "AWS::QuickSight::Template.ReferenceLineLabelConfiguration": { + "AWS::QuickSight::Analysis.ReferenceLineLabelConfiguration": { "additionalProperties": false, "properties": { "CustomLabelConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineCustomLabelConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineCustomLabelConfiguration", "markdownDescription": "The custom label configuration of the label in a reference line.", "title": "CustomLabelConfiguration" }, @@ -218956,7 +230100,7 @@ "type": "string" }, "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", "markdownDescription": "The font configuration of the label in a reference line.", "title": "FontConfiguration" }, @@ -218966,7 +230110,7 @@ "type": "string" }, "ValueLabelConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineValueLabelConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineValueLabelConfiguration", "markdownDescription": "The value label configuration of the label in a reference line.", "title": "ValueLabelConfiguration" }, @@ -218978,7 +230122,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.ReferenceLineStaticDataConfiguration": { + "AWS::QuickSight::Analysis.ReferenceLineStaticDataConfiguration": { "additionalProperties": false, "properties": { "Value": { @@ -218992,7 +230136,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.ReferenceLineStyleConfiguration": { + "AWS::QuickSight::Analysis.ReferenceLineStyleConfiguration": { "additionalProperties": false, "properties": { "Color": { @@ -219008,11 +230152,11 @@ }, "type": "object" }, - "AWS::QuickSight::Template.ReferenceLineValueLabelConfiguration": { + "AWS::QuickSight::Analysis.ReferenceLineValueLabelConfiguration": { "additionalProperties": false, "properties": { "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericFormatConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericFormatConfiguration", "markdownDescription": "The format configuration of the value label.", "title": "FormatConfiguration" }, @@ -219024,7 +230168,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.RelativeDateTimeControlDisplayOptions": { + "AWS::QuickSight::Analysis.RelativeDateTimeControlDisplayOptions": { "additionalProperties": false, "properties": { "DateTimeFormat": { @@ -219033,38 +230177,38 @@ "type": "string" }, "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", "markdownDescription": "The configuration of info icon label options.", "title": "InfoIconLabelOptions" }, "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", "markdownDescription": "The options to configure the title visibility, name, and font size.", "title": "TitleOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.RelativeDatesFilter": { + "AWS::QuickSight::Analysis.RelativeDatesFilter": { "additionalProperties": false, "properties": { "AnchorDateConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.AnchorDateConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.AnchorDateConfiguration", "markdownDescription": "The date configuration of the filter.", "title": "AnchorDateConfiguration" }, "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The column that the filter is applied to.", "title": "Column" }, "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", "title": "DefaultFilterControlConfiguration" }, "ExcludePeriodConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ExcludePeriodConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ExcludePeriodConfiguration", "markdownDescription": "The configuration for the exclude period of the filter.", "title": "ExcludePeriodConfiguration" }, @@ -219114,7 +230258,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.ResourcePermission": { + "AWS::QuickSight::Analysis.ResourcePermission": { "additionalProperties": false, "properties": { "Actions": { @@ -219137,7 +230281,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.RollingDateConfiguration": { + "AWS::QuickSight::Analysis.RollingDateConfiguration": { "additionalProperties": false, "properties": { "DataSetIdentifier": { @@ -219156,7 +230300,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.RowAlternateColorOptions": { + "AWS::QuickSight::Analysis.RowAlternateColorOptions": { "additionalProperties": false, "properties": { "RowAlternateColors": { @@ -219180,7 +230324,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.SameSheetTargetVisualConfiguration": { + "AWS::QuickSight::Analysis.SameSheetTargetVisualConfiguration": { "additionalProperties": false, "properties": { "TargetVisualOptions": { @@ -219199,12 +230343,12 @@ }, "type": "object" }, - "AWS::QuickSight::Template.SankeyDiagramAggregatedFieldWells": { + "AWS::QuickSight::Analysis.SankeyDiagramAggregatedFieldWells": { "additionalProperties": false, "properties": { "Destination": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The destination field wells of a sankey diagram.", "title": "Destination", @@ -219212,7 +230356,7 @@ }, "Source": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The source field wells of a sankey diagram.", "title": "Source", @@ -219220,7 +230364,7 @@ }, "Weight": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, "markdownDescription": "The weight field wells of a sankey diagram.", "title": "Weight", @@ -219229,54 +230373,59 @@ }, "type": "object" }, - "AWS::QuickSight::Template.SankeyDiagramChartConfiguration": { + "AWS::QuickSight::Analysis.SankeyDiagramChartConfiguration": { "additionalProperties": false, "properties": { "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", "markdownDescription": "The data label configuration of a sankey diagram.", "title": "DataLabels" }, "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.SankeyDiagramFieldWells", + "$ref": "#/definitions/AWS::QuickSight::Analysis.SankeyDiagramFieldWells", "markdownDescription": "The field well configuration of a sankey diagram.", "title": "FieldWells" }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.SankeyDiagramSortConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.SankeyDiagramSortConfiguration", "markdownDescription": "The sort configuration of a sankey diagram.", "title": "SortConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Template.SankeyDiagramFieldWells": { + "AWS::QuickSight::Analysis.SankeyDiagramFieldWells": { "additionalProperties": false, "properties": { "SankeyDiagramAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.SankeyDiagramAggregatedFieldWells", + "$ref": "#/definitions/AWS::QuickSight::Analysis.SankeyDiagramAggregatedFieldWells", "markdownDescription": "The field well configuration of a sankey diagram.", "title": "SankeyDiagramAggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Template.SankeyDiagramSortConfiguration": { + "AWS::QuickSight::Analysis.SankeyDiagramSortConfiguration": { "additionalProperties": false, "properties": { "DestinationItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of destination nodes that are displayed in a sankey diagram.", "title": "DestinationItemsLimit" }, "SourceItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of source nodes that are displayed in a sankey diagram.", "title": "SourceItemsLimit" }, "WeightSort": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, "markdownDescription": "The sort configuration of the weight fields.", "title": "WeightSort", @@ -219285,32 +230434,37 @@ }, "type": "object" }, - "AWS::QuickSight::Template.SankeyDiagramVisual": { + "AWS::QuickSight::Analysis.SankeyDiagramVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.SankeyDiagramChartConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.SankeyDiagramChartConfiguration", "markdownDescription": "The configuration of a sankey diagram.", "title": "ChartConfiguration" }, "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", @@ -219322,12 +230476,12 @@ ], "type": "object" }, - "AWS::QuickSight::Template.ScatterPlotCategoricallyAggregatedFieldWells": { + "AWS::QuickSight::Analysis.ScatterPlotCategoricallyAggregatedFieldWells": { "additionalProperties": false, "properties": { "Category": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The category field well of a scatter plot.", "title": "Category", @@ -219335,7 +230489,7 @@ }, "Label": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The label field well of a scatter plot.", "title": "Label", @@ -219343,7 +230497,7 @@ }, "Size": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, "markdownDescription": "The size field well of a scatter plot.", "title": "Size", @@ -219351,7 +230505,7 @@ }, "XAxis": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, "markdownDescription": "The x-axis field well of a scatter plot.\n\nThe x-axis is aggregated by category.", "title": "XAxis", @@ -219359,7 +230513,7 @@ }, "YAxis": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, "markdownDescription": "The y-axis field well of a scatter plot.\n\nThe y-axis is aggregated by category.", "title": "YAxis", @@ -219368,79 +230522,100 @@ }, "type": "object" }, - "AWS::QuickSight::Template.ScatterPlotConfiguration": { + "AWS::QuickSight::Analysis.ScatterPlotConfiguration": { "additionalProperties": false, "properties": { "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", "markdownDescription": "The options that determine if visual data labels are displayed.", "title": "DataLabels" }, "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.ScatterPlotFieldWells", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ScatterPlotFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Legend" }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ScatterPlotSortConfiguration", + "markdownDescription": "The sort configuration of a scatter plot.", + "title": "SortConfiguration" + }, "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Tooltip" }, "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", "markdownDescription": "The palette (chart color) display setup of the visual.", "title": "VisualPalette" }, "XAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", "markdownDescription": "The label display options (grid line, range, scale, and axis step) of the scatter plot's x-axis.", "title": "XAxisDisplayOptions" }, "XAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's x-axis.", "title": "XAxisLabelOptions" }, "YAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", "markdownDescription": "The label display options (grid line, range, scale, and axis step) of the scatter plot's y-axis.", "title": "YAxisDisplayOptions" }, "YAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's y-axis.", "title": "YAxisLabelOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.ScatterPlotFieldWells": { + "AWS::QuickSight::Analysis.ScatterPlotFieldWells": { "additionalProperties": false, "properties": { "ScatterPlotCategoricallyAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.ScatterPlotCategoricallyAggregatedFieldWells", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ScatterPlotCategoricallyAggregatedFieldWells", "markdownDescription": "The aggregated field wells of a scatter plot. The x and y-axes of scatter plots with aggregated field wells are aggregated by category, label, or both.", "title": "ScatterPlotCategoricallyAggregatedFieldWells" }, "ScatterPlotUnaggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.ScatterPlotUnaggregatedFieldWells", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ScatterPlotUnaggregatedFieldWells", "markdownDescription": "The unaggregated field wells of a scatter plot. The x and y-axes of these scatter plots are unaggregated.", "title": "ScatterPlotUnaggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Template.ScatterPlotUnaggregatedFieldWells": { + "AWS::QuickSight::Analysis.ScatterPlotSortConfiguration": { + "additionalProperties": false, + "properties": { + "ScatterPlotLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "", + "title": "ScatterPlotLimitConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ScatterPlotUnaggregatedFieldWells": { "additionalProperties": false, "properties": { "Category": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The category field well of a scatter plot.", "title": "Category", @@ -219448,7 +230623,7 @@ }, "Label": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The label field well of a scatter plot.", "title": "Label", @@ -219456,7 +230631,7 @@ }, "Size": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, "markdownDescription": "The size field well of a scatter plot.", "title": "Size", @@ -219464,7 +230639,7 @@ }, "XAxis": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The x-axis field well of a scatter plot.\n\nThe x-axis is a dimension field and cannot be aggregated.", "title": "XAxis", @@ -219472,7 +230647,7 @@ }, "YAxis": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The y-axis field well of a scatter plot.\n\nThe y-axis is a dimension field and cannot be aggregated.", "title": "YAxis", @@ -219481,40 +230656,45 @@ }, "type": "object" }, - "AWS::QuickSight::Template.ScatterPlotVisual": { + "AWS::QuickSight::Analysis.ScatterPlotVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ScatterPlotConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ScatterPlotConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", @@ -219526,7 +230706,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.ScrollBarOptions": { + "AWS::QuickSight::Analysis.ScrollBarOptions": { "additionalProperties": false, "properties": { "Visibility": { @@ -219535,14 +230715,14 @@ "type": "string" }, "VisibleRange": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisibleRangeOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisibleRangeOptions", "markdownDescription": "The visibility range for the data zoom scroll bar.", "title": "VisibleRange" } }, "type": "object" }, - "AWS::QuickSight::Template.SecondaryValueOptions": { + "AWS::QuickSight::Analysis.SecondaryValueOptions": { "additionalProperties": false, "properties": { "Visibility": { @@ -219553,7 +230733,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.SectionAfterPageBreak": { + "AWS::QuickSight::Analysis.SectionAfterPageBreak": { "additionalProperties": false, "properties": { "Status": { @@ -219564,36 +230744,36 @@ }, "type": "object" }, - "AWS::QuickSight::Template.SectionBasedLayoutCanvasSizeOptions": { + "AWS::QuickSight::Analysis.SectionBasedLayoutCanvasSizeOptions": { "additionalProperties": false, "properties": { "PaperCanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SectionBasedLayoutPaperCanvasSizeOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionBasedLayoutPaperCanvasSizeOptions", "markdownDescription": "The options for a paper canvas of a section-based layout.", "title": "PaperCanvasSizeOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.SectionBasedLayoutConfiguration": { + "AWS::QuickSight::Analysis.SectionBasedLayoutConfiguration": { "additionalProperties": false, "properties": { "BodySections": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.BodySectionConfiguration" + "$ref": "#/definitions/AWS::QuickSight::Analysis.BodySectionConfiguration" }, "markdownDescription": "A list of body section configurations.", "title": "BodySections", "type": "array" }, "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SectionBasedLayoutCanvasSizeOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionBasedLayoutCanvasSizeOptions", "markdownDescription": "The options for the canvas of a section-based layout.", "title": "CanvasSizeOptions" }, "FooterSections": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.HeaderFooterSectionConfiguration" + "$ref": "#/definitions/AWS::QuickSight::Analysis.HeaderFooterSectionConfiguration" }, "markdownDescription": "A list of footer section configurations.", "title": "FooterSections", @@ -219601,7 +230781,7 @@ }, "HeaderSections": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.HeaderFooterSectionConfiguration" + "$ref": "#/definitions/AWS::QuickSight::Analysis.HeaderFooterSectionConfiguration" }, "markdownDescription": "A list of header section configurations.", "title": "HeaderSections", @@ -219616,11 +230796,11 @@ ], "type": "object" }, - "AWS::QuickSight::Template.SectionBasedLayoutPaperCanvasSizeOptions": { + "AWS::QuickSight::Analysis.SectionBasedLayoutPaperCanvasSizeOptions": { "additionalProperties": false, "properties": { "PaperMargin": { - "$ref": "#/definitions/AWS::QuickSight::Template.Spacing", + "$ref": "#/definitions/AWS::QuickSight::Analysis.Spacing", "markdownDescription": "Defines the spacing between the canvas content and the top, bottom, left, and right edges.", "title": "PaperMargin" }, @@ -219637,11 +230817,11 @@ }, "type": "object" }, - "AWS::QuickSight::Template.SectionLayoutConfiguration": { + "AWS::QuickSight::Analysis.SectionLayoutConfiguration": { "additionalProperties": false, "properties": { "FreeFormLayout": { - "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormSectionLayoutConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormSectionLayoutConfiguration", "markdownDescription": "The free-form layout configuration of a section.", "title": "FreeFormLayout" } @@ -219651,18 +230831,18 @@ ], "type": "object" }, - "AWS::QuickSight::Template.SectionPageBreakConfiguration": { + "AWS::QuickSight::Analysis.SectionPageBreakConfiguration": { "additionalProperties": false, "properties": { "After": { - "$ref": "#/definitions/AWS::QuickSight::Template.SectionAfterPageBreak", + "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionAfterPageBreak", "markdownDescription": "The configuration of a page break after a section.", "title": "After" } }, "type": "object" }, - "AWS::QuickSight::Template.SectionStyle": { + "AWS::QuickSight::Analysis.SectionStyle": { "additionalProperties": false, "properties": { "Height": { @@ -219671,19 +230851,19 @@ "type": "string" }, "Padding": { - "$ref": "#/definitions/AWS::QuickSight::Template.Spacing", + "$ref": "#/definitions/AWS::QuickSight::Analysis.Spacing", "markdownDescription": "The spacing between section content and its top, bottom, left, and right edges.\n\nThere is no padding by default.", "title": "Padding" } }, "type": "object" }, - "AWS::QuickSight::Template.SelectedSheetsFilterScopeConfiguration": { + "AWS::QuickSight::Analysis.SelectedSheetsFilterScopeConfiguration": { "additionalProperties": false, "properties": { "SheetVisualScopingConfigurations": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetVisualScopingConfiguration" + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetVisualScopingConfiguration" }, "markdownDescription": "The sheet ID and visual IDs of the sheet and visuals that the filter is applied to.", "title": "SheetVisualScopingConfigurations", @@ -219692,23 +230872,23 @@ }, "type": "object" }, - "AWS::QuickSight::Template.SeriesItem": { + "AWS::QuickSight::Analysis.SeriesItem": { "additionalProperties": false, "properties": { "DataFieldSeriesItem": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataFieldSeriesItem", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataFieldSeriesItem", "markdownDescription": "The data field series item configuration of a line chart.", "title": "DataFieldSeriesItem" }, "FieldSeriesItem": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSeriesItem", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSeriesItem", "markdownDescription": "The field series item configuration of a line chart.", "title": "FieldSeriesItem" } }, "type": "object" }, - "AWS::QuickSight::Template.SetParameterValueConfiguration": { + "AWS::QuickSight::Analysis.SetParameterValueConfiguration": { "additionalProperties": false, "properties": { "DestinationParameterName": { @@ -219717,7 +230897,7 @@ "type": "string" }, "Value": { - "$ref": "#/definitions/AWS::QuickSight::Template.DestinationParameterValueConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DestinationParameterValueConfiguration", "markdownDescription": "", "title": "Value" } @@ -219728,11 +230908,11 @@ ], "type": "object" }, - "AWS::QuickSight::Template.ShapeConditionalFormat": { + "AWS::QuickSight::Analysis.ShapeConditionalFormat": { "additionalProperties": false, "properties": { "BackgroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", "markdownDescription": "The conditional formatting for the shape background color of a filled map visual.", "title": "BackgroundColor" } @@ -219742,7 +230922,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.Sheet": { + "AWS::QuickSight::Analysis.Sheet": { "additionalProperties": false, "properties": { "Name": { @@ -219758,7 +230938,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.SheetControlInfoIconLabelOptions": { + "AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions": { "additionalProperties": false, "properties": { "InfoIconText": { @@ -219774,11 +230954,11 @@ }, "type": "object" }, - "AWS::QuickSight::Template.SheetControlLayout": { + "AWS::QuickSight::Analysis.SheetControlLayout": { "additionalProperties": false, "properties": { "Configuration": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlLayoutConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlLayoutConfiguration", "markdownDescription": "The configuration that determines the elements and canvas size options of sheet control.", "title": "Configuration" } @@ -219788,18 +230968,18 @@ ], "type": "object" }, - "AWS::QuickSight::Template.SheetControlLayoutConfiguration": { + "AWS::QuickSight::Analysis.SheetControlLayoutConfiguration": { "additionalProperties": false, "properties": { "GridLayout": { - "$ref": "#/definitions/AWS::QuickSight::Template.GridLayoutConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.GridLayoutConfiguration", "markdownDescription": "The configuration that determines the elements and canvas size options of sheet control.", "title": "GridLayout" } }, "type": "object" }, - "AWS::QuickSight::Template.SheetDefinition": { + "AWS::QuickSight::Analysis.SheetDefinition": { "additionalProperties": false, "properties": { "ContentType": { @@ -219814,15 +230994,23 @@ }, "FilterControls": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterControl" + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterControl" }, "markdownDescription": "The list of filter controls that are on a sheet.\n\nFor more information, see [Adding filter controls to analysis sheets](https://docs.aws.amazon.com/quicksight/latest/user/filter-controls.html) in the *Amazon QuickSight User Guide* .", "title": "FilterControls", "type": "array" }, + "Images": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetImage" + }, + "markdownDescription": "A list of images on a sheet.", + "title": "Images", + "type": "array" + }, "Layouts": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.Layout" + "$ref": "#/definitions/AWS::QuickSight::Analysis.Layout" }, "markdownDescription": "Layouts define how the components of a sheet are arranged.\n\nFor more information, see [Types of layout](https://docs.aws.amazon.com/quicksight/latest/user/types-of-layout.html) in the *Amazon QuickSight User Guide* .", "title": "Layouts", @@ -219835,7 +231023,7 @@ }, "ParameterControls": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ParameterControl" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterControl" }, "markdownDescription": "The list of parameter controls that are on a sheet.\n\nFor more information, see [Using a Control with a Parameter in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-controls.html) in the *Amazon QuickSight User Guide* .", "title": "ParameterControls", @@ -219843,7 +231031,7 @@ }, "SheetControlLayouts": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlLayout" + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlLayout" }, "markdownDescription": "The control layouts of the sheet.", "title": "SheetControlLayouts", @@ -219856,7 +231044,7 @@ }, "TextBoxes": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetTextBox" + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetTextBox" }, "markdownDescription": "The text boxes that are on a sheet.", "title": "TextBoxes", @@ -219869,7 +231057,7 @@ }, "Visuals": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.Visual" + "$ref": "#/definitions/AWS::QuickSight::Analysis.Visual" }, "markdownDescription": "A list of the visuals that are on a sheet. Visual placement is determined by the layout of the sheet.", "title": "Visuals", @@ -219881,7 +231069,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.SheetElementConfigurationOverrides": { + "AWS::QuickSight::Analysis.SheetElementConfigurationOverrides": { "additionalProperties": false, "properties": { "Visibility": { @@ -219892,11 +231080,11 @@ }, "type": "object" }, - "AWS::QuickSight::Template.SheetElementRenderingRule": { + "AWS::QuickSight::Analysis.SheetElementRenderingRule": { "additionalProperties": false, "properties": { "ConfigurationOverrides": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetElementConfigurationOverrides", + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetElementConfigurationOverrides", "markdownDescription": "The override configuration of the rendering rules of a sheet.", "title": "ConfigurationOverrides" }, @@ -219912,7 +231100,118 @@ ], "type": "object" }, - "AWS::QuickSight::Template.SheetTextBox": { + "AWS::QuickSight::Analysis.SheetImage": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ImageCustomAction" + }, + "markdownDescription": "A list of custom actions that are configured for an image.", + "title": "Actions", + "type": "array" + }, + "ImageContentAltText": { + "markdownDescription": "The alt text for the image.", + "title": "ImageContentAltText", + "type": "string" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ImageInteractionOptions", + "markdownDescription": "The general image interactions setup for an image.", + "title": "Interactions" + }, + "Scaling": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetImageScalingConfiguration", + "markdownDescription": "Determines how the image is scaled.", + "title": "Scaling" + }, + "SheetImageId": { + "markdownDescription": "The ID of the sheet image.", + "title": "SheetImageId", + "type": "string" + }, + "Source": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetImageSource", + "markdownDescription": "The source of the image.", + "title": "Source" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetImageTooltipConfiguration", + "markdownDescription": "The tooltip to be shown when hovering over the image.", + "title": "Tooltip" + } + }, + "required": [ + "SheetImageId", + "Source" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.SheetImageScalingConfiguration": { + "additionalProperties": false, + "properties": { + "ScalingType": { + "markdownDescription": "The scaling option to use when fitting the image inside the container.\n\nValid values are defined as follows:\n\n- `SCALE_TO_WIDTH` : The image takes up the entire width of the container. The image aspect ratio is preserved.\n- `SCALE_TO_HEIGHT` : The image takes up the entire height of the container. The image aspect ratio is preserved.\n- `SCALE_TO_CONTAINER` : The image takes up the entire width and height of the container. The image aspect ratio is not preserved.\n- `SCALE_NONE` : The image is displayed in its original size and is not scaled to the container.", + "title": "ScalingType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SheetImageSource": { + "additionalProperties": false, + "properties": { + "SheetImageStaticFileSource": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetImageStaticFileSource", + "markdownDescription": "The source of the static file that contains the image.", + "title": "SheetImageStaticFileSource" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SheetImageStaticFileSource": { + "additionalProperties": false, + "properties": { + "StaticFileId": { + "markdownDescription": "The ID of the static file that contains the image.", + "title": "StaticFileId", + "type": "string" + } + }, + "required": [ + "StaticFileId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.SheetImageTooltipConfiguration": { + "additionalProperties": false, + "properties": { + "TooltipText": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetImageTooltipText", + "markdownDescription": "The text that appears in the tooltip.", + "title": "TooltipText" + }, + "Visibility": { + "markdownDescription": "The visibility of the tooltip.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SheetImageTooltipText": { + "additionalProperties": false, + "properties": { + "PlainText": { + "markdownDescription": "The plain text format.", + "title": "PlainText", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SheetTextBox": { "additionalProperties": false, "properties": { "Content": { @@ -219931,7 +231230,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.SheetVisualScopingConfiguration": { + "AWS::QuickSight::Analysis.SheetVisualScopingConfiguration": { "additionalProperties": false, "properties": { "Scope": { @@ -219959,7 +231258,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.ShortFormatText": { + "AWS::QuickSight::Analysis.ShortFormatText": { "additionalProperties": false, "properties": { "PlainText": { @@ -219975,7 +231274,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.SimpleClusterMarker": { + "AWS::QuickSight::Analysis.SimpleClusterMarker": { "additionalProperties": false, "properties": { "Color": { @@ -219986,23 +231285,34 @@ }, "type": "object" }, - "AWS::QuickSight::Template.SliderControlDisplayOptions": { + "AWS::QuickSight::Analysis.SingleAxisOptions": { + "additionalProperties": false, + "properties": { + "YAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.YAxisOptions", + "markdownDescription": "The Y axis options of a single axis configuration.", + "title": "YAxisOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SliderControlDisplayOptions": { "additionalProperties": false, "properties": { "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", "markdownDescription": "The configuration of info icon label options.", "title": "InfoIconLabelOptions" }, "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", "markdownDescription": "The options to configure the title visibility, name, and font size.", "title": "TitleOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.SmallMultiplesAxisProperties": { + "AWS::QuickSight::Analysis.SmallMultiplesAxisProperties": { "additionalProperties": false, "properties": { "Placement": { @@ -220018,7 +231328,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.SmallMultiplesOptions": { + "AWS::QuickSight::Analysis.SmallMultiplesOptions": { "additionalProperties": false, "properties": { "MaxVisibleColumns": { @@ -220032,24 +231342,24 @@ "type": "number" }, "PanelConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.PanelConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.PanelConfiguration", "markdownDescription": "Configures the display options for each small multiples panel.", "title": "PanelConfiguration" }, "XAxis": { - "$ref": "#/definitions/AWS::QuickSight::Template.SmallMultiplesAxisProperties", + "$ref": "#/definitions/AWS::QuickSight::Analysis.SmallMultiplesAxisProperties", "markdownDescription": "The properties of a small multiples X axis.", "title": "XAxis" }, "YAxis": { - "$ref": "#/definitions/AWS::QuickSight::Template.SmallMultiplesAxisProperties", + "$ref": "#/definitions/AWS::QuickSight::Analysis.SmallMultiplesAxisProperties", "markdownDescription": "The properties of a small multiples Y axis.", "title": "YAxis" } }, "type": "object" }, - "AWS::QuickSight::Template.Spacing": { + "AWS::QuickSight::Analysis.Spacing": { "additionalProperties": false, "properties": { "Bottom": { @@ -220075,11 +231385,102 @@ }, "type": "object" }, - "AWS::QuickSight::Template.StringDefaultValues": { + "AWS::QuickSight::Analysis.SpatialStaticFile": { + "additionalProperties": false, + "properties": { + "Source": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.StaticFileSource", + "markdownDescription": "The source of the spatial static file.", + "title": "Source" + }, + "StaticFileId": { + "markdownDescription": "The ID of the spatial static file.", + "title": "StaticFileId", + "type": "string" + } + }, + "required": [ + "StaticFileId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.StaticFile": { + "additionalProperties": false, + "properties": { + "ImageStaticFile": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ImageStaticFile", + "markdownDescription": "The image static file.", + "title": "ImageStaticFile" + }, + "SpatialStaticFile": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SpatialStaticFile", + "markdownDescription": "The spacial static file.", + "title": "SpatialStaticFile" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.StaticFileS3SourceOptions": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "The name of the Amazon S3 bucket.", + "title": "BucketName", + "type": "string" + }, + "ObjectKey": { + "markdownDescription": "The identifier of the static file in the Amazon S3 bucket.", + "title": "ObjectKey", + "type": "string" + }, + "Region": { + "markdownDescription": "The Region of the Amazon S3 account that contains the bucket.", + "title": "Region", + "type": "string" + } + }, + "required": [ + "BucketName", + "ObjectKey", + "Region" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.StaticFileSource": { + "additionalProperties": false, + "properties": { + "S3Options": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.StaticFileS3SourceOptions", + "markdownDescription": "The structure that contains the Amazon S3 location to download the static file from.", + "title": "S3Options" + }, + "UrlOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.StaticFileUrlSourceOptions", + "markdownDescription": "The structure that contains the URL to download the static file from.", + "title": "UrlOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.StaticFileUrlSourceOptions": { + "additionalProperties": false, + "properties": { + "Url": { + "markdownDescription": "The URL to download the static file from.", + "title": "Url", + "type": "string" + } + }, + "required": [ + "Url" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.StringDefaultValues": { "additionalProperties": false, "properties": { "DynamicValue": { - "$ref": "#/definitions/AWS::QuickSight::Template.DynamicDefaultValue", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DynamicDefaultValue", "markdownDescription": "The dynamic value of the `StringDefaultValues` . Different defaults displayed according to users, groups, and values mapping.", "title": "DynamicValue" }, @@ -220094,33 +231495,56 @@ }, "type": "object" }, - "AWS::QuickSight::Template.StringFormatConfiguration": { + "AWS::QuickSight::Analysis.StringFormatConfiguration": { "additionalProperties": false, "properties": { "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NullValueFormatConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.NullValueFormatConfiguration", "markdownDescription": "The options that determine the null value format configuration.", "title": "NullValueFormatConfiguration" }, "NumericFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericFormatConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericFormatConfiguration", "markdownDescription": "The formatting configuration for numeric strings.", "title": "NumericFormatConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Template.StringParameterDeclaration": { + "AWS::QuickSight::Analysis.StringParameter": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "A display name for a string parameter.", + "title": "Name", + "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The values of a string parameter.", + "title": "Values", + "type": "array" + } + }, + "required": [ + "Name", + "Values" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.StringParameterDeclaration": { "additionalProperties": false, "properties": { "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::Template.StringDefaultValues", + "$ref": "#/definitions/AWS::QuickSight::Analysis.StringDefaultValues", "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", "title": "DefaultValues" }, "MappedDataSetParameters": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MappedDataSetParameter" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MappedDataSetParameter" }, "markdownDescription": "", "title": "MappedDataSetParameters", @@ -220137,7 +231561,7 @@ "type": "string" }, "ValueWhenUnset": { - "$ref": "#/definitions/AWS::QuickSight::Template.StringValueWhenUnsetConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.StringValueWhenUnsetConfiguration", "markdownDescription": "The configuration that defines the default value of a `String` parameter when a value has not been set.", "title": "ValueWhenUnset" } @@ -220148,7 +231572,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.StringValueWhenUnsetConfiguration": { + "AWS::QuickSight::Analysis.StringValueWhenUnsetConfiguration": { "additionalProperties": false, "properties": { "CustomValue": { @@ -220164,7 +231588,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.SubtotalOptions": { + "AWS::QuickSight::Analysis.SubtotalOptions": { "additionalProperties": false, "properties": { "CustomLabel": { @@ -220179,27 +231603,27 @@ }, "FieldLevelOptions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableFieldSubtotalOptions" + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableFieldSubtotalOptions" }, "markdownDescription": "The optional configuration of subtotal cells.", "title": "FieldLevelOptions", "type": "array" }, "MetricHeaderCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", "markdownDescription": "The cell styling options for the subtotals of header cells.", "title": "MetricHeaderCellStyle" }, "StyleTargets": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableStyleTarget" + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableStyleTarget" }, "markdownDescription": "The style targets options for subtotals.", "title": "StyleTargets", "type": "array" }, "TotalCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", "markdownDescription": "The cell styling options for the subtotal cells.", "title": "TotalCellStyle" }, @@ -220209,19 +231633,19 @@ "type": "string" }, "ValueCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", "markdownDescription": "The cell styling options for the subtotals of value cells.", "title": "ValueCellStyle" } }, "type": "object" }, - "AWS::QuickSight::Template.TableAggregatedFieldWells": { + "AWS::QuickSight::Analysis.TableAggregatedFieldWells": { "additionalProperties": false, "properties": { "GroupBy": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The group by field well for a pivot table. Values are grouped by group by fields.", "title": "GroupBy", @@ -220229,7 +231653,7 @@ }, "Values": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, "markdownDescription": "The values field well for a pivot table. Values are aggregated based on group by fields.", "title": "Values", @@ -220238,7 +231662,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.TableBorderOptions": { + "AWS::QuickSight::Analysis.TableBorderOptions": { "additionalProperties": false, "properties": { "Color": { @@ -220259,7 +231683,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.TableCellConditionalFormatting": { + "AWS::QuickSight::Analysis.TableCellConditionalFormatting": { "additionalProperties": false, "properties": { "FieldId": { @@ -220268,7 +231692,7 @@ "type": "string" }, "TextFormat": { - "$ref": "#/definitions/AWS::QuickSight::Template.TextConditionalFormat", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TextConditionalFormat", "markdownDescription": "The text format of the cell for conditional formatting.", "title": "TextFormat" } @@ -220278,7 +231702,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.TableCellImageSizingConfiguration": { + "AWS::QuickSight::Analysis.TableCellImageSizingConfiguration": { "additionalProperties": false, "properties": { "TableCellImageScalingConfiguration": { @@ -220289,7 +231713,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.TableCellStyle": { + "AWS::QuickSight::Analysis.TableCellStyle": { "additionalProperties": false, "properties": { "BackgroundColor": { @@ -220298,12 +231722,12 @@ "type": "string" }, "Border": { - "$ref": "#/definitions/AWS::QuickSight::Template.GlobalTableBorderOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.GlobalTableBorderOptions", "markdownDescription": "The borders for the table cells.", "title": "Border" }, "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", "markdownDescription": "The font configuration of the table cells.", "title": "FontConfiguration" }, @@ -220335,12 +231759,12 @@ }, "type": "object" }, - "AWS::QuickSight::Template.TableConditionalFormatting": { + "AWS::QuickSight::Analysis.TableConditionalFormatting": { "additionalProperties": false, "properties": { "ConditionalFormattingOptions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableConditionalFormattingOption" + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableConditionalFormattingOption" }, "markdownDescription": "Conditional formatting options for a `PivotTableVisual` .", "title": "ConditionalFormattingOptions", @@ -220349,67 +231773,72 @@ }, "type": "object" }, - "AWS::QuickSight::Template.TableConditionalFormattingOption": { + "AWS::QuickSight::Analysis.TableConditionalFormattingOption": { "additionalProperties": false, "properties": { "Cell": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellConditionalFormatting", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellConditionalFormatting", "markdownDescription": "The cell conditional formatting option for a table.", "title": "Cell" }, "Row": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableRowConditionalFormatting", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableRowConditionalFormatting", "markdownDescription": "The row conditional formatting option for a table.", "title": "Row" } }, "type": "object" }, - "AWS::QuickSight::Template.TableConfiguration": { + "AWS::QuickSight::Analysis.TableConfiguration": { "additionalProperties": false, "properties": { "FieldOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldOptions", "markdownDescription": "The field options for a table visual.", "title": "FieldOptions" }, "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldWells", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, "PaginatedReportOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TablePaginatedReportOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TablePaginatedReportOptions", "markdownDescription": "The paginated report options for a table visual.", "title": "PaginatedReportOptions" }, "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableSortConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableSortConfiguration", "markdownDescription": "The sort configuration for a `TableVisual` .", "title": "SortConfiguration" }, "TableInlineVisualizations": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableInlineVisualization" + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableInlineVisualization" }, "markdownDescription": "A collection of inline visualizations to display within a chart.", "title": "TableInlineVisualizations", "type": "array" }, "TableOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableOptions", "markdownDescription": "The table options for a table visual.", "title": "TableOptions" }, "TotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TotalOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TotalOptions", "markdownDescription": "The total options for a table visual.", "title": "TotalOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.TableFieldCustomIconContent": { + "AWS::QuickSight::Analysis.TableFieldCustomIconContent": { "additionalProperties": false, "properties": { "Icon": { @@ -220420,11 +231849,11 @@ }, "type": "object" }, - "AWS::QuickSight::Template.TableFieldCustomTextContent": { + "AWS::QuickSight::Analysis.TableFieldCustomTextContent": { "additionalProperties": false, "properties": { "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", "markdownDescription": "The font configuration of the custom text content for the table URL link content.", "title": "FontConfiguration" }, @@ -220439,22 +231868,22 @@ ], "type": "object" }, - "AWS::QuickSight::Template.TableFieldImageConfiguration": { + "AWS::QuickSight::Analysis.TableFieldImageConfiguration": { "additionalProperties": false, "properties": { "SizingOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellImageSizingConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellImageSizingConfiguration", "markdownDescription": "The sizing options for the table image configuration.", "title": "SizingOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.TableFieldLinkConfiguration": { + "AWS::QuickSight::Analysis.TableFieldLinkConfiguration": { "additionalProperties": false, "properties": { "Content": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldLinkContentConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldLinkContentConfiguration", "markdownDescription": "The URL content (text, icon) for the table link configuration.", "title": "Content" }, @@ -220470,23 +231899,23 @@ ], "type": "object" }, - "AWS::QuickSight::Template.TableFieldLinkContentConfiguration": { + "AWS::QuickSight::Analysis.TableFieldLinkContentConfiguration": { "additionalProperties": false, "properties": { "CustomIconContent": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldCustomIconContent", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldCustomIconContent", "markdownDescription": "The custom icon content for the table link content configuration.", "title": "CustomIconContent" }, "CustomTextContent": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldCustomTextContent", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldCustomTextContent", "markdownDescription": "The custom text content (value, font configuration) for the table link content configuration.", "title": "CustomTextContent" } }, "type": "object" }, - "AWS::QuickSight::Template.TableFieldOption": { + "AWS::QuickSight::Analysis.TableFieldOption": { "additionalProperties": false, "properties": { "CustomLabel": { @@ -220500,7 +231929,7 @@ "type": "string" }, "URLStyling": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldURLConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldURLConfiguration", "markdownDescription": "The URL configuration for a table field.", "title": "URLStyling" }, @@ -220520,7 +231949,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.TableFieldOptions": { + "AWS::QuickSight::Analysis.TableFieldOptions": { "additionalProperties": false, "properties": { "Order": { @@ -220532,74 +231961,82 @@ "type": "array" }, "PinnedFieldOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TablePinnedFieldOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TablePinnedFieldOptions", "markdownDescription": "The settings for the pinned columns of a table visual.", "title": "PinnedFieldOptions" }, "SelectedFieldOptions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldOption" + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldOption" }, "markdownDescription": "The field options to be configured to a table.", "title": "SelectedFieldOptions", "type": "array" + }, + "TransposedTableOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TransposedTableOption" + }, + "markdownDescription": "The `TableOptions` of a transposed table.", + "title": "TransposedTableOptions", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.TableFieldURLConfiguration": { + "AWS::QuickSight::Analysis.TableFieldURLConfiguration": { "additionalProperties": false, "properties": { "ImageConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldImageConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldImageConfiguration", "markdownDescription": "The image configuration of a table field URL.", "title": "ImageConfiguration" }, "LinkConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldLinkConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldLinkConfiguration", "markdownDescription": "The link configuration of a table field URL.", "title": "LinkConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Template.TableFieldWells": { + "AWS::QuickSight::Analysis.TableFieldWells": { "additionalProperties": false, "properties": { "TableAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableAggregatedFieldWells", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableAggregatedFieldWells", "markdownDescription": "The aggregated field well for the table.", "title": "TableAggregatedFieldWells" }, "TableUnaggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableUnaggregatedFieldWells", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableUnaggregatedFieldWells", "markdownDescription": "The unaggregated field well for the table.", "title": "TableUnaggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Template.TableInlineVisualization": { + "AWS::QuickSight::Analysis.TableInlineVisualization": { "additionalProperties": false, "properties": { "DataBars": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataBarsOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataBarsOptions", "markdownDescription": "The configuration of the inline visualization of the data bars within a chart.", "title": "DataBars" } }, "type": "object" }, - "AWS::QuickSight::Template.TableOptions": { + "AWS::QuickSight::Analysis.TableOptions": { "additionalProperties": false, "properties": { "CellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", "markdownDescription": "The table cell style of table cells.", "title": "CellStyle" }, "HeaderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", "markdownDescription": "The table cell style of a table header.", "title": "HeaderStyle" }, @@ -220609,14 +232046,14 @@ "type": "string" }, "RowAlternateColorOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.RowAlternateColorOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.RowAlternateColorOptions", "markdownDescription": "The row alternate color options (widget status, row alternate colors) for a table.", "title": "RowAlternateColorOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.TablePaginatedReportOptions": { + "AWS::QuickSight::Analysis.TablePaginatedReportOptions": { "additionalProperties": false, "properties": { "OverflowColumnHeaderVisibility": { @@ -220632,7 +232069,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.TablePinnedFieldOptions": { + "AWS::QuickSight::Analysis.TablePinnedFieldOptions": { "additionalProperties": false, "properties": { "PinnedLeftFields": { @@ -220646,69 +232083,69 @@ }, "type": "object" }, - "AWS::QuickSight::Template.TableRowConditionalFormatting": { + "AWS::QuickSight::Analysis.TableRowConditionalFormatting": { "additionalProperties": false, "properties": { "BackgroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", "markdownDescription": "The conditional formatting color (solid, gradient) of the background for a table row.", "title": "BackgroundColor" }, "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", "markdownDescription": "The conditional formatting color (solid, gradient) of the text for a table row.", "title": "TextColor" } }, "type": "object" }, - "AWS::QuickSight::Template.TableSideBorderOptions": { + "AWS::QuickSight::Analysis.TableSideBorderOptions": { "additionalProperties": false, "properties": { "Bottom": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", "markdownDescription": "The table border options of the bottom border.", "title": "Bottom" }, "InnerHorizontal": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", "markdownDescription": "The table border options of the inner horizontal border.", "title": "InnerHorizontal" }, "InnerVertical": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", "markdownDescription": "The table border options of the inner vertical border.", "title": "InnerVertical" }, "Left": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", "markdownDescription": "The table border options of the left border.", "title": "Left" }, "Right": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", "markdownDescription": "The table border options of the right border.", "title": "Right" }, "Top": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", "markdownDescription": "The table border options of the top border.", "title": "Top" } }, "type": "object" }, - "AWS::QuickSight::Template.TableSortConfiguration": { + "AWS::QuickSight::Analysis.TableSortConfiguration": { "additionalProperties": false, "properties": { "PaginationConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.PaginationConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.PaginationConfiguration", "markdownDescription": "The pagination configuration (page size, page number) for the table.", "title": "PaginationConfiguration" }, "RowSort": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, "markdownDescription": "The field sort options for rows in the table.", "title": "RowSort", @@ -220717,7 +232154,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.TableStyleTarget": { + "AWS::QuickSight::Analysis.TableStyleTarget": { "additionalProperties": false, "properties": { "CellType": { @@ -220731,12 +232168,12 @@ ], "type": "object" }, - "AWS::QuickSight::Template.TableUnaggregatedFieldWells": { + "AWS::QuickSight::Analysis.TableUnaggregatedFieldWells": { "additionalProperties": false, "properties": { "Values": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.UnaggregatedField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.UnaggregatedField" }, "markdownDescription": "The values field well for a pivot table. Values are unaggregated for an unaggregated table.", "title": "Values", @@ -220745,37 +232182,42 @@ }, "type": "object" }, - "AWS::QuickSight::Template.TableVisual": { + "AWS::QuickSight::Analysis.TableVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableConditionalFormatting", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableConditionalFormatting", "markdownDescription": "The conditional formatting for a `PivotTableVisual` .", "title": "ConditionalFormatting" }, "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", "title": "VisualId", @@ -220787,253 +232229,49 @@ ], "type": "object" }, - "AWS::QuickSight::Template.TemplateError": { - "additionalProperties": false, - "properties": { - "Message": { - "markdownDescription": "Description of the error type.", - "title": "Message", - "type": "string" - }, - "Type": { - "markdownDescription": "Type of error.", - "title": "Type", - "type": "string" - }, - "ViolatedEntities": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.Entity" - }, - "markdownDescription": "An error path that shows which entities caused the template error.", - "title": "ViolatedEntities", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.TemplateSourceAnalysis": { - "additionalProperties": false, - "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", - "title": "Arn", - "type": "string" - }, - "DataSetReferences": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataSetReference" - }, - "markdownDescription": "A structure containing information about the dataset references used as placeholders in the template.", - "title": "DataSetReferences", - "type": "array" - } - }, - "required": [ - "Arn", - "DataSetReferences" - ], - "type": "object" - }, - "AWS::QuickSight::Template.TemplateSourceEntity": { - "additionalProperties": false, - "properties": { - "SourceAnalysis": { - "$ref": "#/definitions/AWS::QuickSight::Template.TemplateSourceAnalysis", - "markdownDescription": "The source analysis, if it is based on an analysis.", - "title": "SourceAnalysis" - }, - "SourceTemplate": { - "$ref": "#/definitions/AWS::QuickSight::Template.TemplateSourceTemplate", - "markdownDescription": "The source template, if it is based on an template.", - "title": "SourceTemplate" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.TemplateSourceTemplate": { - "additionalProperties": false, - "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", - "title": "Arn", - "type": "string" - } - }, - "required": [ - "Arn" - ], - "type": "object" - }, - "AWS::QuickSight::Template.TemplateVersion": { - "additionalProperties": false, - "properties": { - "CreatedTime": { - "markdownDescription": "The time that this template version was created.", - "title": "CreatedTime", - "type": "string" - }, - "DataSetConfigurations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataSetConfiguration" - }, - "markdownDescription": "Schema of the dataset identified by the placeholder. Any dashboard created from this template should be bound to new datasets matching the same schema described through this API operation.", - "title": "DataSetConfigurations", - "type": "array" - }, - "Description": { - "markdownDescription": "The description of the template.", - "title": "Description", - "type": "string" - }, - "Errors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.TemplateError" - }, - "markdownDescription": "Errors associated with this template version.", - "title": "Errors", - "type": "array" - }, - "Sheets": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.Sheet" - }, - "markdownDescription": "A list of the associated sheets with the unique identifier and name of each sheet.", - "title": "Sheets", - "type": "array" - }, - "SourceEntityArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an analysis or template that was used to create this template.", - "title": "SourceEntityArn", - "type": "string" - }, - "Status": { - "markdownDescription": "The status that is associated with the template.\n\n- `CREATION_IN_PROGRESS`\n- `CREATION_SUCCESSFUL`\n- `CREATION_FAILED`\n- `UPDATE_IN_PROGRESS`\n- `UPDATE_SUCCESSFUL`\n- `UPDATE_FAILED`\n- `DELETED`", - "title": "Status", - "type": "string" - }, - "ThemeArn": { - "markdownDescription": "The ARN of the theme associated with this version of the template.", - "title": "ThemeArn", - "type": "string" - }, - "VersionNumber": { - "markdownDescription": "The version number of the template version.", - "title": "VersionNumber", - "type": "number" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.TemplateVersionDefinition": { - "additionalProperties": false, - "properties": { - "AnalysisDefaults": { - "$ref": "#/definitions/AWS::QuickSight::Template.AnalysisDefaults", - "markdownDescription": "", - "title": "AnalysisDefaults" - }, - "CalculatedFields": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.CalculatedField" - }, - "markdownDescription": "An array of calculated field definitions for the template.", - "title": "CalculatedFields", - "type": "array" - }, - "ColumnConfigurations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnConfiguration" - }, - "markdownDescription": "An array of template-level column configurations. Column configurations are used to set default formatting for a column that's used throughout a template.", - "title": "ColumnConfigurations", - "type": "array" - }, - "DataSetConfigurations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataSetConfiguration" - }, - "markdownDescription": "An array of dataset configurations. These configurations define the required columns for each dataset used within a template.", - "title": "DataSetConfigurations", - "type": "array" - }, - "FilterGroups": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterGroup" - }, - "markdownDescription": "Filter definitions for a template.\n\nFor more information, see [Filtering Data](https://docs.aws.amazon.com/quicksight/latest/user/filtering-visual-data.html) in the *Amazon QuickSight User Guide* .", - "title": "FilterGroups", - "type": "array" - }, - "Options": { - "$ref": "#/definitions/AWS::QuickSight::Template.AssetOptions", - "markdownDescription": "An array of option definitions for a template.", - "title": "Options" - }, - "ParameterDeclarations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ParameterDeclaration" - }, - "markdownDescription": "An array of parameter declarations for a template.\n\n*Parameters* are named variables that can transfer a value for use by an action or an object.\n\nFor more information, see [Parameters in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-in-quicksight.html) in the *Amazon QuickSight User Guide* .", - "title": "ParameterDeclarations", - "type": "array" - }, - "Sheets": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetDefinition" - }, - "markdownDescription": "An array of sheet definitions for a template.", - "title": "Sheets", - "type": "array" - } - }, - "required": [ - "DataSetConfigurations" - ], - "type": "object" - }, - "AWS::QuickSight::Template.TextAreaControlDisplayOptions": { + "AWS::QuickSight::Analysis.TextAreaControlDisplayOptions": { "additionalProperties": false, "properties": { "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", "markdownDescription": "The configuration of info icon label options.", "title": "InfoIconLabelOptions" }, "PlaceholderOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TextControlPlaceholderOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TextControlPlaceholderOptions", "markdownDescription": "The configuration of the placeholder options in a text area control.", "title": "PlaceholderOptions" }, "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", "markdownDescription": "The options to configure the title visibility, name, and font size.", "title": "TitleOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.TextConditionalFormat": { + "AWS::QuickSight::Analysis.TextConditionalFormat": { "additionalProperties": false, "properties": { "BackgroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", "markdownDescription": "The conditional formatting for the text background color.", "title": "BackgroundColor" }, "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIcon", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIcon", "markdownDescription": "The conditional formatting for the icon.", "title": "Icon" }, "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", "markdownDescription": "The conditional formatting for the text color.", "title": "TextColor" } }, "type": "object" }, - "AWS::QuickSight::Template.TextControlPlaceholderOptions": { + "AWS::QuickSight::Analysis.TextControlPlaceholderOptions": { "additionalProperties": false, "properties": { "Visibility": { @@ -221044,30 +232282,35 @@ }, "type": "object" }, - "AWS::QuickSight::Template.TextFieldControlDisplayOptions": { + "AWS::QuickSight::Analysis.TextFieldControlDisplayOptions": { "additionalProperties": false, "properties": { "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", "markdownDescription": "The configuration of info icon label options.", "title": "InfoIconLabelOptions" }, "PlaceholderOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TextControlPlaceholderOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TextControlPlaceholderOptions", "markdownDescription": "The configuration of the placeholder options in a text field control.", "title": "PlaceholderOptions" }, "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", "markdownDescription": "The options to configure the title visibility, name, and font size.", "title": "TitleOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.ThousandSeparatorOptions": { + "AWS::QuickSight::Analysis.ThousandSeparatorOptions": { "additionalProperties": false, "properties": { + "GroupingStyle": { + "markdownDescription": "Determines the way numbers are styled to accommodate different readability standards. The `DEFAULT` value uses the standard international grouping system and groups numbers by the thousands. The `LAKHS` value uses the Indian numbering system and groups numbers by lakhs and crores.", + "title": "GroupingStyle", + "type": "string" + }, "Symbol": { "markdownDescription": "Determines the thousands separator symbol.", "title": "Symbol", @@ -221081,7 +232324,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.TimeBasedForecastProperties": { + "AWS::QuickSight::Analysis.TimeBasedForecastProperties": { "additionalProperties": false, "properties": { "LowerBoundary": { @@ -221117,16 +232360,16 @@ }, "type": "object" }, - "AWS::QuickSight::Template.TimeEqualityFilter": { + "AWS::QuickSight::Analysis.TimeEqualityFilter": { "additionalProperties": false, "properties": { "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The column that the filter is applied to.", "title": "Column" }, "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", "title": "DefaultFilterControlConfiguration" }, @@ -221141,7 +232384,7 @@ "type": "string" }, "RollingDate": { - "$ref": "#/definitions/AWS::QuickSight::Template.RollingDateConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.RollingDateConfiguration", "markdownDescription": "The rolling date input for the `TimeEquality` filter.\n\nThis field is mutually exclusive to `Value` and `ParameterName` .", "title": "RollingDate" }, @@ -221162,11 +232405,11 @@ ], "type": "object" }, - "AWS::QuickSight::Template.TimeRangeDrillDownFilter": { + "AWS::QuickSight::Analysis.TimeRangeDrillDownFilter": { "additionalProperties": false, "properties": { "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The column that the filter is applied to.", "title": "Column" }, @@ -221194,21 +232437,21 @@ ], "type": "object" }, - "AWS::QuickSight::Template.TimeRangeFilter": { + "AWS::QuickSight::Analysis.TimeRangeFilter": { "additionalProperties": false, "properties": { "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The column that the filter is applied to.", "title": "Column" }, "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", "title": "DefaultFilterControlConfiguration" }, "ExcludePeriodConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ExcludePeriodConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ExcludePeriodConfiguration", "markdownDescription": "The exclude period of the time range filter.", "title": "ExcludePeriodConfiguration" }, @@ -221233,12 +232476,12 @@ "type": "string" }, "RangeMaximumValue": { - "$ref": "#/definitions/AWS::QuickSight::Template.TimeRangeFilterValue", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TimeRangeFilterValue", "markdownDescription": "The maximum value for the filter value range.", "title": "RangeMaximumValue" }, "RangeMinimumValue": { - "$ref": "#/definitions/AWS::QuickSight::Template.TimeRangeFilterValue", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TimeRangeFilterValue", "markdownDescription": "The minimum value for the filter value range.", "title": "RangeMinimumValue" }, @@ -221255,7 +232498,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.TimeRangeFilterValue": { + "AWS::QuickSight::Analysis.TimeRangeFilterValue": { "additionalProperties": false, "properties": { "Parameter": { @@ -221264,7 +232507,7 @@ "type": "string" }, "RollingDate": { - "$ref": "#/definitions/AWS::QuickSight::Template.RollingDateConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.RollingDateConfiguration", "markdownDescription": "The rolling date input value.", "title": "RollingDate" }, @@ -221276,27 +232519,27 @@ }, "type": "object" }, - "AWS::QuickSight::Template.TooltipItem": { + "AWS::QuickSight::Analysis.TooltipItem": { "additionalProperties": false, "properties": { "ColumnTooltipItem": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnTooltipItem", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnTooltipItem", "markdownDescription": "The tooltip item for the columns that are not part of a field well.", "title": "ColumnTooltipItem" }, "FieldTooltipItem": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldTooltipItem", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldTooltipItem", "markdownDescription": "The tooltip item for the fields.", "title": "FieldTooltipItem" } }, "type": "object" }, - "AWS::QuickSight::Template.TooltipOptions": { + "AWS::QuickSight::Analysis.TooltipOptions": { "additionalProperties": false, "properties": { "FieldBasedTooltip": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldBasedTooltip", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldBasedTooltip", "markdownDescription": "The setup for the detailed tooltip. The tooltip setup is always saved. The display type is decided based on the tooltip type.", "title": "FieldBasedTooltip" }, @@ -221313,24 +232556,24 @@ }, "type": "object" }, - "AWS::QuickSight::Template.TopBottomFilter": { + "AWS::QuickSight::Analysis.TopBottomFilter": { "additionalProperties": false, "properties": { "AggregationSortConfigurations": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.AggregationSortConfiguration" + "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationSortConfiguration" }, "markdownDescription": "The aggregation and sort configuration of the top bottom filter.", "title": "AggregationSortConfigurations", "type": "array" }, "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The column that the filter is applied to.", "title": "Column" }, "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", "title": "DefaultFilterControlConfiguration" }, @@ -221362,11 +232605,11 @@ ], "type": "object" }, - "AWS::QuickSight::Template.TopBottomMoversComputation": { + "AWS::QuickSight::Analysis.TopBottomMoversComputation": { "additionalProperties": false, "properties": { "Category": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", "markdownDescription": "The category field that is used in a computation.", "title": "Category" }, @@ -221391,7 +232634,7 @@ "type": "string" }, "Time": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", "markdownDescription": "The time field that is used in a computation.", "title": "Time" }, @@ -221401,7 +232644,7 @@ "type": "string" }, "Value": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", "markdownDescription": "The value field that is used in a computation.", "title": "Value" } @@ -221412,11 +232655,11 @@ ], "type": "object" }, - "AWS::QuickSight::Template.TopBottomRankedComputation": { + "AWS::QuickSight::Analysis.TopBottomRankedComputation": { "additionalProperties": false, "properties": { "Category": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", "markdownDescription": "The category field that is used in a computation.", "title": "Category" }, @@ -221441,7 +232684,7 @@ "type": "string" }, "Value": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", "markdownDescription": "The value field that is used in a computation.", "title": "Value" } @@ -221452,7 +232695,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.TotalAggregationComputation": { + "AWS::QuickSight::Analysis.TotalAggregationComputation": { "additionalProperties": false, "properties": { "ComputationId": { @@ -221466,7 +232709,7 @@ "type": "string" }, "Value": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", "markdownDescription": "The value field that is used in a computation.", "title": "Value" } @@ -221476,7 +232719,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.TotalAggregationFunction": { + "AWS::QuickSight::Analysis.TotalAggregationFunction": { "additionalProperties": false, "properties": { "SimpleTotalAggregationFunction": { @@ -221487,7 +232730,7 @@ }, "type": "object" }, - "AWS::QuickSight::Template.TotalAggregationOption": { + "AWS::QuickSight::Analysis.TotalAggregationOption": { "additionalProperties": false, "properties": { "FieldId": { @@ -221496,7 +232739,7 @@ "type": "string" }, "TotalAggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Template.TotalAggregationFunction", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TotalAggregationFunction", "markdownDescription": "The total aggregation function that you want to set for a specified field id.", "title": "TotalAggregationFunction" } @@ -221507,7 +232750,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.TotalOptions": { + "AWS::QuickSight::Analysis.TotalOptions": { "additionalProperties": false, "properties": { "CustomLabel": { @@ -221527,14 +232770,14 @@ }, "TotalAggregationOptions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.TotalAggregationOption" + "$ref": "#/definitions/AWS::QuickSight::Analysis.TotalAggregationOption" }, "markdownDescription": "The total aggregation settings for each value field.", "title": "TotalAggregationOptions", "type": "array" }, "TotalCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", "markdownDescription": "Cell styling options for the total cells.", "title": "TotalCellStyle" }, @@ -221546,12 +232789,36 @@ }, "type": "object" }, - "AWS::QuickSight::Template.TreeMapAggregatedFieldWells": { + "AWS::QuickSight::Analysis.TransposedTableOption": { + "additionalProperties": false, + "properties": { + "ColumnIndex": { + "markdownDescription": "The index of a columns in a transposed table. The index range is 0-9999.", + "title": "ColumnIndex", + "type": "number" + }, + "ColumnType": { + "markdownDescription": "The column type of the column in a transposed table. Choose one of the following options:\n\n- `ROW_HEADER_COLUMN` : Refers to the leftmost column of the row header in the transposed table.\n- `VALUE_COLUMN` : Refers to all value columns in the transposed table.", + "title": "ColumnType", + "type": "string" + }, + "ColumnWidth": { + "markdownDescription": "The width of a column in a transposed table.", + "title": "ColumnWidth", + "type": "string" + } + }, + "required": [ + "ColumnType" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.TreeMapAggregatedFieldWells": { "additionalProperties": false, "properties": { "Colors": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, "markdownDescription": "The color field well of a tree map. Values are grouped by aggregations based on group by fields.", "title": "Colors", @@ -221559,7 +232826,7 @@ }, "Groups": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The group by field well of a tree map. Values are grouped based on group by fields.", "title": "Groups", @@ -221567,7 +232834,7 @@ }, "Sizes": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, "markdownDescription": "The size field well of a tree map. Values are aggregated based on group by fields.", "title": "Sizes", @@ -221576,79 +232843,84 @@ }, "type": "object" }, - "AWS::QuickSight::Template.TreeMapConfiguration": { + "AWS::QuickSight::Analysis.TreeMapConfiguration": { "additionalProperties": false, "properties": { "ColorLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility) for the colors displayed in a tree map.", "title": "ColorLabelOptions" }, "ColorScale": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColorScale", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColorScale", "markdownDescription": "The color options (gradient color, point of divergence) of a tree map.", "title": "ColorScale" }, "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", "markdownDescription": "The options that determine if visual data labels are displayed.", "title": "DataLabels" }, "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.TreeMapFieldWells", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TreeMapFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, "GroupLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility) of the groups that are displayed in a tree map.", "title": "GroupLabelOptions" }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Legend" }, "SizeLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility) of the sizes that are displayed in a tree map.", "title": "SizeLabelOptions" }, "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.TreeMapSortConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TreeMapSortConfiguration", "markdownDescription": "The sort configuration of a tree map.", "title": "SortConfiguration" }, "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", "markdownDescription": "The tooltip display setup of the visual.", "title": "Tooltip" } }, "type": "object" }, - "AWS::QuickSight::Template.TreeMapFieldWells": { + "AWS::QuickSight::Analysis.TreeMapFieldWells": { "additionalProperties": false, "properties": { "TreeMapAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.TreeMapAggregatedFieldWells", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TreeMapAggregatedFieldWells", "markdownDescription": "The aggregated field wells of a tree map.", "title": "TreeMapAggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Template.TreeMapSortConfiguration": { + "AWS::QuickSight::Analysis.TreeMapSortConfiguration": { "additionalProperties": false, "properties": { "TreeMapGroupItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of groups that are displayed.", "title": "TreeMapGroupItemsLimitConfiguration" }, "TreeMapSort": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, "markdownDescription": "The sort configuration of group by fields.", "title": "TreeMapSort", @@ -221657,40 +232929,45 @@ }, "type": "object" }, - "AWS::QuickSight::Template.TreeMapVisual": { + "AWS::QuickSight::Analysis.TreeMapVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.TreeMapConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TreeMapConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", "title": "VisualId", @@ -221702,7 +232979,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.TrendArrowOptions": { + "AWS::QuickSight::Analysis.TrendArrowOptions": { "additionalProperties": false, "properties": { "Visibility": { @@ -221713,11 +232990,11 @@ }, "type": "object" }, - "AWS::QuickSight::Template.UnaggregatedField": { + "AWS::QuickSight::Analysis.UnaggregatedField": { "additionalProperties": false, "properties": { "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The column that is used in the `UnaggregatedField` .", "title": "Column" }, @@ -221727,7 +233004,7 @@ "type": "string" }, "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FormatConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FormatConfiguration", "markdownDescription": "The format configuration of the field.", "title": "FormatConfiguration" } @@ -221738,11 +233015,11 @@ ], "type": "object" }, - "AWS::QuickSight::Template.UniqueValuesComputation": { + "AWS::QuickSight::Analysis.UniqueValuesComputation": { "additionalProperties": false, "properties": { "Category": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", "markdownDescription": "The category field that is used in a computation.", "title": "Category" }, @@ -221762,7 +233039,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.ValidationStrategy": { + "AWS::QuickSight::Analysis.ValidationStrategy": { "additionalProperties": false, "properties": { "Mode": { @@ -221776,144 +233053,154 @@ ], "type": "object" }, - "AWS::QuickSight::Template.VisibleRangeOptions": { + "AWS::QuickSight::Analysis.VisibleRangeOptions": { "additionalProperties": false, "properties": { "PercentRange": { - "$ref": "#/definitions/AWS::QuickSight::Template.PercentVisibleRange", + "$ref": "#/definitions/AWS::QuickSight::Analysis.PercentVisibleRange", "markdownDescription": "The percent range in the visible range.", "title": "PercentRange" } }, "type": "object" }, - "AWS::QuickSight::Template.Visual": { + "AWS::QuickSight::Analysis.Visual": { "additionalProperties": false, "properties": { "BarChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.BarChartVisual", + "$ref": "#/definitions/AWS::QuickSight::Analysis.BarChartVisual", "markdownDescription": "A bar chart.\n\nFor more information, see [Using bar charts](https://docs.aws.amazon.com/quicksight/latest/user/bar-charts.html) in the *Amazon QuickSight User Guide* .", "title": "BarChartVisual" }, "BoxPlotVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotVisual", + "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotVisual", "markdownDescription": "A box plot.\n\nFor more information, see [Using box plots](https://docs.aws.amazon.com/quicksight/latest/user/box-plots.html) in the *Amazon QuickSight User Guide* .", "title": "BoxPlotVisual" }, "ComboChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.ComboChartVisual", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ComboChartVisual", "markdownDescription": "A combo chart.\n\nFor more information, see [Using combo charts](https://docs.aws.amazon.com/quicksight/latest/user/combo-charts.html) in the *Amazon QuickSight User Guide* .", "title": "ComboChartVisual" }, "CustomContentVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.CustomContentVisual", + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomContentVisual", "markdownDescription": "A visual that contains custom content.\n\nFor more information, see [Using custom visual content](https://docs.aws.amazon.com/quicksight/latest/user/custom-visual-content.html) in the *Amazon QuickSight User Guide* .", "title": "CustomContentVisual" }, "EmptyVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.EmptyVisual", + "$ref": "#/definitions/AWS::QuickSight::Analysis.EmptyVisual", "markdownDescription": "An empty visual.", "title": "EmptyVisual" }, "FilledMapVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapVisual", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapVisual", "markdownDescription": "A filled map.\n\nFor more information, see [Creating filled maps](https://docs.aws.amazon.com/quicksight/latest/user/filled-maps.html) in the *Amazon QuickSight User Guide* .", "title": "FilledMapVisual" }, "FunnelChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.FunnelChartVisual", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FunnelChartVisual", "markdownDescription": "A funnel chart.\n\nFor more information, see [Using funnel charts](https://docs.aws.amazon.com/quicksight/latest/user/funnel-visual-content.html) in the *Amazon QuickSight User Guide* .", "title": "FunnelChartVisual" }, "GaugeChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartVisual", + "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartVisual", "markdownDescription": "A gauge chart.\n\nFor more information, see [Using gauge charts](https://docs.aws.amazon.com/quicksight/latest/user/gauge-chart.html) in the *Amazon QuickSight User Guide* .", "title": "GaugeChartVisual" }, "GeospatialMapVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialMapVisual", + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapVisual", "markdownDescription": "A geospatial map or a points on map visual.\n\nFor more information, see [Creating point maps](https://docs.aws.amazon.com/quicksight/latest/user/point-maps.html) in the *Amazon QuickSight User Guide* .", "title": "GeospatialMapVisual" }, "HeatMapVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.HeatMapVisual", + "$ref": "#/definitions/AWS::QuickSight::Analysis.HeatMapVisual", "markdownDescription": "A heat map.\n\nFor more information, see [Using heat maps](https://docs.aws.amazon.com/quicksight/latest/user/heat-map.html) in the *Amazon QuickSight User Guide* .", "title": "HeatMapVisual" }, "HistogramVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.HistogramVisual", + "$ref": "#/definitions/AWS::QuickSight::Analysis.HistogramVisual", "markdownDescription": "A histogram.\n\nFor more information, see [Using histograms](https://docs.aws.amazon.com/quicksight/latest/user/histogram-charts.html) in the *Amazon QuickSight User Guide* .", "title": "HistogramVisual" }, "InsightVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.InsightVisual", + "$ref": "#/definitions/AWS::QuickSight::Analysis.InsightVisual", "markdownDescription": "An insight visual.\n\nFor more information, see [Working with insights](https://docs.aws.amazon.com/quicksight/latest/user/computational-insights.html) in the *Amazon QuickSight User Guide* .", "title": "InsightVisual" }, "KPIVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPIVisual", + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIVisual", "markdownDescription": "A key performance indicator (KPI).\n\nFor more information, see [Using KPIs](https://docs.aws.amazon.com/quicksight/latest/user/kpi.html) in the *Amazon QuickSight User Guide* .", "title": "KPIVisual" }, + "LayerMapVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LayerMapVisual", + "markdownDescription": "The properties for a layer map visual", + "title": "LayerMapVisual" + }, "LineChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineChartVisual", + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartVisual", "markdownDescription": "A line chart.\n\nFor more information, see [Using line charts](https://docs.aws.amazon.com/quicksight/latest/user/line-charts.html) in the *Amazon QuickSight User Guide* .", "title": "LineChartVisual" }, "PieChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.PieChartVisual", + "$ref": "#/definitions/AWS::QuickSight::Analysis.PieChartVisual", "markdownDescription": "A pie or donut chart.\n\nFor more information, see [Using pie charts](https://docs.aws.amazon.com/quicksight/latest/user/pie-chart.html) in the *Amazon QuickSight User Guide* .", "title": "PieChartVisual" }, "PivotTableVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableVisual", + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableVisual", "markdownDescription": "A pivot table.\n\nFor more information, see [Using pivot tables](https://docs.aws.amazon.com/quicksight/latest/user/pivot-table.html) in the *Amazon QuickSight User Guide* .", "title": "PivotTableVisual" }, + "PluginVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PluginVisual", + "markdownDescription": "The custom plugin visual type.", + "title": "PluginVisual" + }, "RadarChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartVisual", + "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartVisual", "markdownDescription": "A radar chart visual.\n\nFor more information, see [Using radar charts](https://docs.aws.amazon.com/quicksight/latest/user/radar-chart.html) in the *Amazon QuickSight User Guide* .", "title": "RadarChartVisual" }, "SankeyDiagramVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.SankeyDiagramVisual", + "$ref": "#/definitions/AWS::QuickSight::Analysis.SankeyDiagramVisual", "markdownDescription": "A sankey diagram.\n\nFor more information, see [Using Sankey diagrams](https://docs.aws.amazon.com/quicksight/latest/user/sankey-diagram.html) in the *Amazon QuickSight User Guide* .", "title": "SankeyDiagramVisual" }, "ScatterPlotVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.ScatterPlotVisual", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ScatterPlotVisual", "markdownDescription": "A scatter plot.\n\nFor more information, see [Using scatter plots](https://docs.aws.amazon.com/quicksight/latest/user/scatter-plot.html) in the *Amazon QuickSight User Guide* .", "title": "ScatterPlotVisual" }, "TableVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableVisual", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableVisual", "markdownDescription": "A table visual.\n\nFor more information, see [Using tables as visuals](https://docs.aws.amazon.com/quicksight/latest/user/tabular.html) in the *Amazon QuickSight User Guide* .", "title": "TableVisual" }, "TreeMapVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.TreeMapVisual", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TreeMapVisual", "markdownDescription": "A tree map.\n\nFor more information, see [Using tree maps](https://docs.aws.amazon.com/quicksight/latest/user/tree-map.html) in the *Amazon QuickSight User Guide* .", "title": "TreeMapVisual" }, "WaterfallVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallVisual", + "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallVisual", "markdownDescription": "A waterfall chart.\n\nFor more information, see [Using waterfall charts](https://docs.aws.amazon.com/quicksight/latest/user/waterfall-chart.html) in the *Amazon QuickSight User Guide* .", "title": "WaterfallVisual" }, "WordCloudVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.WordCloudVisual", + "$ref": "#/definitions/AWS::QuickSight::Analysis.WordCloudVisual", "markdownDescription": "A word cloud.\n\nFor more information, see [Using word clouds](https://docs.aws.amazon.com/quicksight/latest/user/word-cloud.html) in the *Amazon QuickSight User Guide* .", "title": "WordCloudVisual" } }, "type": "object" }, - "AWS::QuickSight::Template.VisualCustomAction": { + "AWS::QuickSight::Analysis.VisualCustomAction": { "additionalProperties": false, "properties": { "ActionOperations": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomActionOperation" + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomActionOperation" }, "markdownDescription": "A list of `VisualCustomActionOperations` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", "title": "ActionOperations", @@ -221948,33 +233235,60 @@ ], "type": "object" }, - "AWS::QuickSight::Template.VisualCustomActionOperation": { + "AWS::QuickSight::Analysis.VisualCustomActionOperation": { "additionalProperties": false, "properties": { "FilterOperation": { - "$ref": "#/definitions/AWS::QuickSight::Template.CustomActionFilterOperation", + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionFilterOperation", "markdownDescription": "The filter operation that filters data included in a visual or in an entire sheet.", "title": "FilterOperation" }, "NavigationOperation": { - "$ref": "#/definitions/AWS::QuickSight::Template.CustomActionNavigationOperation", + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionNavigationOperation", "markdownDescription": "The navigation operation that navigates between different sheets in the same analysis.", "title": "NavigationOperation" }, "SetParametersOperation": { - "$ref": "#/definitions/AWS::QuickSight::Template.CustomActionSetParametersOperation", + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionSetParametersOperation", "markdownDescription": "The set parameter operation that sets parameters in custom action.", "title": "SetParametersOperation" }, "URLOperation": { - "$ref": "#/definitions/AWS::QuickSight::Template.CustomActionURLOperation", + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionURLOperation", "markdownDescription": "The URL operation that opens a link to another webpage.", "title": "URLOperation" } }, "type": "object" }, - "AWS::QuickSight::Template.VisualPalette": { + "AWS::QuickSight::Analysis.VisualInteractionOptions": { + "additionalProperties": false, + "properties": { + "ContextMenuOption": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ContextMenuOption", + "markdownDescription": "The context menu options for a visual.", + "title": "ContextMenuOption" + }, + "VisualMenuOption": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualMenuOption", + "markdownDescription": "The on-visual menu options for a visual.", + "title": "VisualMenuOption" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.VisualMenuOption": { + "additionalProperties": false, + "properties": { + "AvailabilityStatus": { + "markdownDescription": "The availaiblity status of a visual's menu options.", + "title": "AvailabilityStatus", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.VisualPalette": { "additionalProperties": false, "properties": { "ChartColor": { @@ -221984,7 +233298,7 @@ }, "ColorMap": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataPathColor" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathColor" }, "markdownDescription": "The color map options for the visual palette.", "title": "ColorMap", @@ -221993,11 +233307,11 @@ }, "type": "object" }, - "AWS::QuickSight::Template.VisualSubtitleLabelOptions": { + "AWS::QuickSight::Analysis.VisualSubtitleLabelOptions": { "additionalProperties": false, "properties": { "FormatText": { - "$ref": "#/definitions/AWS::QuickSight::Template.LongFormatText", + "$ref": "#/definitions/AWS::QuickSight::Analysis.LongFormatText", "markdownDescription": "The long text format of the subtitle label, such as plain text or rich text.", "title": "FormatText" }, @@ -222009,11 +233323,11 @@ }, "type": "object" }, - "AWS::QuickSight::Template.VisualTitleLabelOptions": { + "AWS::QuickSight::Analysis.VisualTitleLabelOptions": { "additionalProperties": false, "properties": { "FormatText": { - "$ref": "#/definitions/AWS::QuickSight::Template.ShortFormatText", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ShortFormatText", "markdownDescription": "The short text format of the title label, such as plain text or rich text.", "title": "FormatText" }, @@ -222025,12 +233339,12 @@ }, "type": "object" }, - "AWS::QuickSight::Template.WaterfallChartAggregatedFieldWells": { + "AWS::QuickSight::Analysis.WaterfallChartAggregatedFieldWells": { "additionalProperties": false, "properties": { "Breakdowns": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The breakdown field wells of a waterfall visual.", "title": "Breakdowns", @@ -222038,7 +233352,7 @@ }, "Categories": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The category field wells of a waterfall visual.", "title": "Categories", @@ -222046,7 +233360,7 @@ }, "Values": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, "markdownDescription": "The value field wells of a waterfall visual.", "title": "Values", @@ -222055,74 +233369,116 @@ }, "type": "object" }, - "AWS::QuickSight::Template.WaterfallChartConfiguration": { + "AWS::QuickSight::Analysis.WaterfallChartColorConfiguration": { + "additionalProperties": false, + "properties": { + "GroupColorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallChartGroupColorConfiguration", + "markdownDescription": "The color configuration for individual groups within a waterfall visual.", + "title": "GroupColorConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.WaterfallChartConfiguration": { "additionalProperties": false, "properties": { "CategoryAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", "markdownDescription": "The options that determine the presentation of the category axis.", "title": "CategoryAxisDisplayOptions" }, "CategoryAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The options that determine the presentation of the category axis label.", "title": "CategoryAxisLabelOptions" }, + "ColorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallChartColorConfiguration", + "markdownDescription": "The color configuration of a waterfall visual.", + "title": "ColorConfiguration" + }, "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", "markdownDescription": "The data label configuration of a waterfall visual.", "title": "DataLabels" }, "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallChartFieldWells", + "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallChartFieldWells", "markdownDescription": "The field well configuration of a waterfall visual.", "title": "FieldWells" }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", "markdownDescription": "The legend configuration of a waterfall visual.", "title": "Legend" }, "PrimaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", "markdownDescription": "The options that determine the presentation of the y-axis.", "title": "PrimaryYAxisDisplayOptions" }, "PrimaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The options that determine the presentation of the y-axis label.", "title": "PrimaryYAxisLabelOptions" }, "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallChartSortConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallChartSortConfiguration", "markdownDescription": "The sort configuration of a waterfall visual.", "title": "SortConfiguration" }, "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", "markdownDescription": "The visual palette configuration of a waterfall visual.", "title": "VisualPalette" }, "WaterfallChartOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallChartOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallChartOptions", "markdownDescription": "The options that determine the presentation of a waterfall visual.", "title": "WaterfallChartOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.WaterfallChartFieldWells": { + "AWS::QuickSight::Analysis.WaterfallChartFieldWells": { "additionalProperties": false, "properties": { "WaterfallChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallChartAggregatedFieldWells", + "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallChartAggregatedFieldWells", "markdownDescription": "The field well configuration of a waterfall visual.", "title": "WaterfallChartAggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Template.WaterfallChartOptions": { + "AWS::QuickSight::Analysis.WaterfallChartGroupColorConfiguration": { + "additionalProperties": false, + "properties": { + "NegativeBarColor": { + "markdownDescription": "Defines the color for the negative bars of a waterfall chart.", + "title": "NegativeBarColor", + "type": "string" + }, + "PositiveBarColor": { + "markdownDescription": "Defines the color for the positive bars of a waterfall chart.", + "title": "PositiveBarColor", + "type": "string" + }, + "TotalBarColor": { + "markdownDescription": "Defines the color for the total bars of a waterfall chart.", + "title": "TotalBarColor", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.WaterfallChartOptions": { "additionalProperties": false, "properties": { "TotalBarLabel": { @@ -222133,17 +233489,17 @@ }, "type": "object" }, - "AWS::QuickSight::Template.WaterfallChartSortConfiguration": { + "AWS::QuickSight::Analysis.WaterfallChartSortConfiguration": { "additionalProperties": false, "properties": { "BreakdownItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of bar groups that are displayed.", "title": "BreakdownItemsLimit" }, "CategorySort": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, "markdownDescription": "The sort configuration of the category fields.", "title": "CategorySort", @@ -222152,40 +233508,45 @@ }, "type": "object" }, - "AWS::QuickSight::Template.WaterfallVisual": { + "AWS::QuickSight::Analysis.WaterfallVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallChartConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallChartConfiguration", "markdownDescription": "The configuration for a waterfall visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", @@ -222197,7 +233558,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.WhatIfPointScenario": { + "AWS::QuickSight::Analysis.WhatIfPointScenario": { "additionalProperties": false, "properties": { "Date": { @@ -222217,7 +233578,7 @@ ], "type": "object" }, - "AWS::QuickSight::Template.WhatIfRangeScenario": { + "AWS::QuickSight::Analysis.WhatIfRangeScenario": { "additionalProperties": false, "properties": { "EndDate": { @@ -222243,12 +233604,12 @@ ], "type": "object" }, - "AWS::QuickSight::Template.WordCloudAggregatedFieldWells": { + "AWS::QuickSight::Analysis.WordCloudAggregatedFieldWells": { "additionalProperties": false, "properties": { "GroupBy": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The group by field well of a word cloud. Values are grouped by group by fields.", "title": "GroupBy", @@ -222256,7 +233617,7 @@ }, "Size": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, "markdownDescription": "The size field well of a word cloud. Values are aggregated based on group by fields.", "title": "Size", @@ -222265,44 +233626,49 @@ }, "type": "object" }, - "AWS::QuickSight::Template.WordCloudChartConfiguration": { + "AWS::QuickSight::Analysis.WordCloudChartConfiguration": { "additionalProperties": false, "properties": { "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) for the word cloud category.", "title": "CategoryLabelOptions" }, "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.WordCloudFieldWells", + "$ref": "#/definitions/AWS::QuickSight::Analysis.WordCloudFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.WordCloudSortConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.WordCloudSortConfiguration", "markdownDescription": "The sort configuration of a word cloud visual.", "title": "SortConfiguration" }, "WordCloudOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.WordCloudOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.WordCloudOptions", "markdownDescription": "The options for a word cloud visual.", "title": "WordCloudOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.WordCloudFieldWells": { + "AWS::QuickSight::Analysis.WordCloudFieldWells": { "additionalProperties": false, "properties": { "WordCloudAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.WordCloudAggregatedFieldWells", + "$ref": "#/definitions/AWS::QuickSight::Analysis.WordCloudAggregatedFieldWells", "markdownDescription": "The aggregated field wells of a word cloud.", "title": "WordCloudAggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Template.WordCloudOptions": { + "AWS::QuickSight::Analysis.WordCloudOptions": { "additionalProperties": false, "properties": { "CloudLayout": { @@ -222338,17 +233704,17 @@ }, "type": "object" }, - "AWS::QuickSight::Template.WordCloudSortConfiguration": { + "AWS::QuickSight::Analysis.WordCloudSortConfiguration": { "additionalProperties": false, "properties": { "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of groups that are displayed in a word cloud.", "title": "CategoryItemsLimit" }, "CategorySort": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, "markdownDescription": "The sort configuration of group by fields.", "title": "CategorySort", @@ -222357,40 +233723,45 @@ }, "type": "object" }, - "AWS::QuickSight::Template.WordCloudVisual": { + "AWS::QuickSight::Analysis.WordCloudVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.WordCloudChartConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.WordCloudChartConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", "title": "VisualId", @@ -222402,7 +233773,21 @@ ], "type": "object" }, - "AWS::QuickSight::Theme": { + "AWS::QuickSight::Analysis.YAxisOptions": { + "additionalProperties": false, + "properties": { + "YAxis": { + "markdownDescription": "The Y axis type to be used in the chart.\n\nIf you choose `PRIMARY_Y_AXIS` , the primary Y Axis is located on the leftmost vertical axis of the chart.", + "title": "YAxis", + "type": "string" + } + }, + "required": [ + "YAxis" + ], + "type": "object" + }, + "AWS::QuickSight::CustomPermissions": { "additionalProperties": false, "properties": { "Condition": { @@ -222438,64 +233823,38 @@ "additionalProperties": false, "properties": { "AwsAccountId": { - "markdownDescription": "The ID of the AWS account where you want to store the new theme.", + "markdownDescription": "The ID of the AWS account that contains the custom permission configuration that you want to update.", "title": "AwsAccountId", "type": "string" }, - "BaseThemeId": { - "markdownDescription": "The ID of the theme that a custom theme will inherit from. All themes inherit from one of the starting themes defined by Amazon QuickSight. For a list of the starting themes, use `ListThemes` or choose *Themes* from within an analysis.", - "title": "BaseThemeId", - "type": "string" - }, - "Configuration": { - "$ref": "#/definitions/AWS::QuickSight::Theme.ThemeConfiguration", - "markdownDescription": "The theme configuration, which contains the theme display properties.", - "title": "Configuration" + "Capabilities": { + "$ref": "#/definitions/AWS::QuickSight::CustomPermissions.Capabilities", + "markdownDescription": "A set of actions in the custom permissions profile.", + "title": "Capabilities" }, - "Name": { - "markdownDescription": "A display name for the theme.", - "title": "Name", + "CustomPermissionsName": { + "markdownDescription": "The name of the custom permissions profile.", + "title": "CustomPermissionsName", "type": "string" }, - "Permissions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Theme.ResourcePermission" - }, - "markdownDescription": "A valid grouping of resource permissions to apply to the new theme.", - "title": "Permissions", - "type": "array" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A map of the key-value pairs for the resource tag or tags that you want to add to the resource.", + "markdownDescription": "The tags to associate with the custom permissions profile.", "title": "Tags", "type": "array" - }, - "ThemeId": { - "markdownDescription": "An ID for the theme that you want to create. The theme ID is unique per AWS Region in each AWS account.", - "title": "ThemeId", - "type": "string" - }, - "VersionDescription": { - "markdownDescription": "A description of the first version of the theme that you're creating. Every time `UpdateTheme` is called, a new version is created. Each version of the theme has a description of the version in the `VersionDescription` field.", - "title": "VersionDescription", - "type": "string" } }, "required": [ "AwsAccountId", - "BaseThemeId", - "Configuration", - "Name", - "ThemeId" + "CustomPermissionsName" ], "type": "object" }, "Type": { "enum": [ - "AWS::QuickSight::Theme" + "AWS::QuickSight::CustomPermissions" ], "type": "string" }, @@ -222514,335 +233873,128 @@ ], "type": "object" }, - "AWS::QuickSight::Theme.BorderStyle": { - "additionalProperties": false, - "properties": { - "Show": { - "markdownDescription": "The option to enable display of borders for visuals.", - "title": "Show", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::QuickSight::Theme.DataColorPalette": { - "additionalProperties": false, - "properties": { - "Colors": { - "items": { - "type": "string" - }, - "markdownDescription": "The hexadecimal codes for the colors.", - "title": "Colors", - "type": "array" - }, - "EmptyFillColor": { - "markdownDescription": "The hexadecimal code of a color that applies to charts where a lack of data is highlighted.", - "title": "EmptyFillColor", - "type": "string" - }, - "MinMaxGradient": { - "items": { - "type": "string" - }, - "markdownDescription": "The minimum and maximum hexadecimal codes that describe a color gradient.", - "title": "MinMaxGradient", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Theme.Font": { - "additionalProperties": false, - "properties": { - "FontFamily": { - "markdownDescription": "Determines the font family settings.", - "title": "FontFamily", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Theme.GutterStyle": { - "additionalProperties": false, - "properties": { - "Show": { - "markdownDescription": "This Boolean value controls whether to display a gutter space between sheet tiles.", - "title": "Show", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::QuickSight::Theme.MarginStyle": { - "additionalProperties": false, - "properties": { - "Show": { - "markdownDescription": "This Boolean value controls whether to display sheet margins.", - "title": "Show", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::QuickSight::Theme.ResourcePermission": { + "AWS::QuickSight::CustomPermissions.Capabilities": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "type": "string" - }, - "markdownDescription": "The IAM action to grant or revoke permissions on.", - "title": "Actions", - "type": "array" - }, - "Principal": { - "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", - "title": "Principal", + "AddOrRunAnomalyDetectionForAnalyses": { + "markdownDescription": "The ability to add or run anomaly detection.", + "title": "AddOrRunAnomalyDetectionForAnalyses", "type": "string" - } - }, - "required": [ - "Actions", - "Principal" - ], - "type": "object" - }, - "AWS::QuickSight::Theme.SheetStyle": { - "additionalProperties": false, - "properties": { - "Tile": { - "$ref": "#/definitions/AWS::QuickSight::Theme.TileStyle", - "markdownDescription": "The display options for tiles.", - "title": "Tile" - }, - "TileLayout": { - "$ref": "#/definitions/AWS::QuickSight::Theme.TileLayoutStyle", - "markdownDescription": "The layout options for tiles.", - "title": "TileLayout" - } - }, - "type": "object" - }, - "AWS::QuickSight::Theme.ThemeConfiguration": { - "additionalProperties": false, - "properties": { - "DataColorPalette": { - "$ref": "#/definitions/AWS::QuickSight::Theme.DataColorPalette", - "markdownDescription": "Color properties that apply to chart data colors.", - "title": "DataColorPalette" - }, - "Sheet": { - "$ref": "#/definitions/AWS::QuickSight::Theme.SheetStyle", - "markdownDescription": "Display options related to sheets.", - "title": "Sheet" - }, - "Typography": { - "$ref": "#/definitions/AWS::QuickSight::Theme.Typography", - "markdownDescription": "Determines the typography options.", - "title": "Typography" }, - "UIColorPalette": { - "$ref": "#/definitions/AWS::QuickSight::Theme.UIColorPalette", - "markdownDescription": "Color properties that apply to the UI and to charts, excluding the colors that apply to data.", - "title": "UIColorPalette" - } - }, - "type": "object" - }, - "AWS::QuickSight::Theme.ThemeError": { - "additionalProperties": false, - "properties": { - "Message": { - "markdownDescription": "The error message.", - "title": "Message", + "CreateAndUpdateDashboardEmailReports": { + "markdownDescription": "The ability to create and update email reports.", + "title": "CreateAndUpdateDashboardEmailReports", "type": "string" }, - "Type": { - "markdownDescription": "The type of error.", - "title": "Type", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Theme.ThemeVersion": { - "additionalProperties": false, - "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", - "title": "Arn", + "CreateAndUpdateDataSources": { + "markdownDescription": "The ability to create and update data sources.", + "title": "CreateAndUpdateDataSources", "type": "string" }, - "BaseThemeId": { - "markdownDescription": "The Amazon QuickSight-defined ID of the theme that a custom theme inherits from. All themes initially inherit from a default Amazon QuickSight theme.", - "title": "BaseThemeId", + "CreateAndUpdateDatasets": { + "markdownDescription": "The ability to create and update datasets.", + "title": "CreateAndUpdateDatasets", "type": "string" }, - "Configuration": { - "$ref": "#/definitions/AWS::QuickSight::Theme.ThemeConfiguration", - "markdownDescription": "The theme configuration, which contains all the theme display properties.", - "title": "Configuration" - }, - "CreatedTime": { - "markdownDescription": "The date and time that this theme version was created.", - "title": "CreatedTime", + "CreateAndUpdateThemes": { + "markdownDescription": "The ability to export to Create and Update themes.", + "title": "CreateAndUpdateThemes", "type": "string" }, - "Description": { - "markdownDescription": "The description of the theme.", - "title": "Description", + "CreateAndUpdateThresholdAlerts": { + "markdownDescription": "The ability to create and update threshold alerts.", + "title": "CreateAndUpdateThresholdAlerts", "type": "string" }, - "Errors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Theme.ThemeError" - }, - "markdownDescription": "Errors associated with the theme.", - "title": "Errors", - "type": "array" - }, - "Status": { - "markdownDescription": "The status of the theme version.", - "title": "Status", + "CreateSPICEDataset": { + "markdownDescription": "The ability to create a SPICE dataset.", + "title": "CreateSPICEDataset", "type": "string" }, - "VersionNumber": { - "markdownDescription": "The version number of the theme.", - "title": "VersionNumber", - "type": "number" - } - }, - "type": "object" - }, - "AWS::QuickSight::Theme.TileLayoutStyle": { - "additionalProperties": false, - "properties": { - "Gutter": { - "$ref": "#/definitions/AWS::QuickSight::Theme.GutterStyle", - "markdownDescription": "The gutter settings that apply between tiles.", - "title": "Gutter" - }, - "Margin": { - "$ref": "#/definitions/AWS::QuickSight::Theme.MarginStyle", - "markdownDescription": "The margin settings that apply around the outside edge of sheets.", - "title": "Margin" - } - }, - "type": "object" - }, - "AWS::QuickSight::Theme.TileStyle": { - "additionalProperties": false, - "properties": { - "Border": { - "$ref": "#/definitions/AWS::QuickSight::Theme.BorderStyle", - "markdownDescription": "The border around a tile.", - "title": "Border" - } - }, - "type": "object" - }, - "AWS::QuickSight::Theme.Typography": { - "additionalProperties": false, - "properties": { - "FontFamilies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Theme.Font" - }, - "markdownDescription": "Determines the list of font families.", - "title": "FontFamilies", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Theme.UIColorPalette": { - "additionalProperties": false, - "properties": { - "Accent": { - "markdownDescription": "This color is that applies to selected states and buttons.", - "title": "Accent", + "CreateSharedFolders": { + "markdownDescription": "The ability to create shared folders.", + "title": "CreateSharedFolders", "type": "string" }, - "AccentForeground": { - "markdownDescription": "The foreground color that applies to any text or other elements that appear over the accent color.", - "title": "AccentForeground", + "ExportToCsv": { + "markdownDescription": "The ability to export to CSV files from the UI.", + "title": "ExportToCsv", "type": "string" }, - "Danger": { - "markdownDescription": "The color that applies to error messages.", - "title": "Danger", + "ExportToCsvInScheduledReports": { + "markdownDescription": "The ability to export to CSV files in scheduled email reports.", + "title": "ExportToCsvInScheduledReports", "type": "string" }, - "DangerForeground": { - "markdownDescription": "The foreground color that applies to any text or other elements that appear over the error color.", - "title": "DangerForeground", + "ExportToExcel": { + "markdownDescription": "The ability to export to Excel files from the UI.", + "title": "ExportToExcel", "type": "string" }, - "Dimension": { - "markdownDescription": "The color that applies to the names of fields that are identified as dimensions.", - "title": "Dimension", + "ExportToExcelInScheduledReports": { + "markdownDescription": "The ability to export to Excel files in scheduled email reports.", + "title": "ExportToExcelInScheduledReports", "type": "string" }, - "DimensionForeground": { - "markdownDescription": "The foreground color that applies to any text or other elements that appear over the dimension color.", - "title": "DimensionForeground", + "ExportToPdf": { + "markdownDescription": "The ability to export to PDF files from the UI.", + "title": "ExportToPdf", "type": "string" }, - "Measure": { - "markdownDescription": "The color that applies to the names of fields that are identified as measures.", - "title": "Measure", + "ExportToPdfInScheduledReports": { + "markdownDescription": "The ability to export to PDF files in scheduled email reports.", + "title": "ExportToPdfInScheduledReports", "type": "string" }, - "MeasureForeground": { - "markdownDescription": "The foreground color that applies to any text or other elements that appear over the measure color.", - "title": "MeasureForeground", + "IncludeContentInScheduledReportsEmail": { + "markdownDescription": "The ability to include content in scheduled email reports.", + "title": "IncludeContentInScheduledReportsEmail", "type": "string" }, - "PrimaryBackground": { - "markdownDescription": "The background color that applies to visuals and other high emphasis UI.", - "title": "PrimaryBackground", + "PrintReports": { + "markdownDescription": "The ability to print reports.", + "title": "PrintReports", "type": "string" }, - "PrimaryForeground": { - "markdownDescription": "The color of text and other foreground elements that appear over the primary background regions, such as grid lines, borders, table banding, icons, and so on.", - "title": "PrimaryForeground", + "RenameSharedFolders": { + "markdownDescription": "The ability to rename shared folders.", + "title": "RenameSharedFolders", "type": "string" }, - "SecondaryBackground": { - "markdownDescription": "The background color that applies to the sheet background and sheet controls.", - "title": "SecondaryBackground", + "ShareAnalyses": { + "markdownDescription": "The ability to share analyses.", + "title": "ShareAnalyses", "type": "string" }, - "SecondaryForeground": { - "markdownDescription": "The foreground color that applies to any sheet title, sheet control text, or UI that appears over the secondary background.", - "title": "SecondaryForeground", + "ShareDashboards": { + "markdownDescription": "The ability to share dashboards.", + "title": "ShareDashboards", "type": "string" }, - "Success": { - "markdownDescription": "The color that applies to success messages, for example the check mark for a successful download.", - "title": "Success", + "ShareDataSources": { + "markdownDescription": "The ability to share data sources.", + "title": "ShareDataSources", "type": "string" }, - "SuccessForeground": { - "markdownDescription": "The foreground color that applies to any text or other elements that appear over the success color.", - "title": "SuccessForeground", + "ShareDatasets": { + "markdownDescription": "The ability to share datasets.", + "title": "ShareDatasets", "type": "string" }, - "Warning": { - "markdownDescription": "This color that applies to warning and informational messages.", - "title": "Warning", + "SubscribeDashboardEmailReports": { + "markdownDescription": "The ability to subscribe to email reports.", + "title": "SubscribeDashboardEmailReports", "type": "string" }, - "WarningForeground": { - "markdownDescription": "The foreground color that applies to any text or other elements that appear over the warning color.", - "title": "WarningForeground", + "ViewAccountSPICECapacity": { + "markdownDescription": "The ability to view account SPICE capacity.", + "title": "ViewAccountSPICECapacity", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Topic": { + "AWS::QuickSight::Dashboard": { "additionalProperties": false, "properties": { "Condition": { @@ -222878,44 +234030,103 @@ "additionalProperties": false, "properties": { "AwsAccountId": { - "markdownDescription": "The ID of the AWS account that you want to create a topic in.", + "markdownDescription": "The ID of the AWS account where you want to create the dashboard.", "title": "AwsAccountId", "type": "string" }, - "DataSets": { + "DashboardId": { + "markdownDescription": "The ID for the dashboard, also added to the IAM policy.", + "title": "DashboardId", + "type": "string" + }, + "DashboardPublishOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DashboardPublishOptions", + "markdownDescription": "Options for publishing the dashboard when you create it:\n\n- `AvailabilityStatus` for `AdHocFilteringOption` - This status can be either `ENABLED` or `DISABLED` . When this is set to `DISABLED` , Amazon QuickSight disables the left filter pane on the published dashboard, which can be used for ad hoc (one-time) filtering. This option is `ENABLED` by default.\n- `AvailabilityStatus` for `ExportToCSVOption` - This status can be either `ENABLED` or `DISABLED` . The visual option to export data to .CSV format isn't enabled when this is set to `DISABLED` . This option is `ENABLED` by default.\n- `VisibilityState` for `SheetControlsOption` - This visibility state can be either `COLLAPSED` or `EXPANDED` . This option is `COLLAPSED` by default.", + "title": "DashboardPublishOptions" + }, + "Definition": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DashboardVersionDefinition", + "markdownDescription": "", + "title": "Definition" + }, + "FolderArns": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Topic.DatasetMetadata" + "type": "string" }, - "markdownDescription": "The data sets that the topic is associated with.", - "title": "DataSets", + "markdownDescription": "", + "title": "FolderArns", "type": "array" }, - "Description": { - "markdownDescription": "The description of the topic.", - "title": "Description", - "type": "string" + "LinkEntities": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of analysis Amazon Resource Names (ARNs) to be linked to the dashboard.", + "title": "LinkEntities", + "type": "array" + }, + "LinkSharingConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LinkSharingConfiguration", + "markdownDescription": "A structure that contains the link sharing configurations that you want to apply overrides to.", + "title": "LinkSharingConfiguration" }, "Name": { - "markdownDescription": "The name of the topic.", + "markdownDescription": "The display name of the dashboard.", "title": "Name", "type": "string" }, - "TopicId": { - "markdownDescription": "The ID for the topic. This ID is unique per AWS Region for each AWS account.", - "title": "TopicId", + "Parameters": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.Parameters", + "markdownDescription": "The parameters for the creation of the dashboard, which you want to use to override the default settings. A dashboard can have any type of parameters, and some parameters might accept multiple values.", + "title": "Parameters" + }, + "Permissions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ResourcePermission" + }, + "markdownDescription": "A structure that contains the permissions of the dashboard. You can use this structure for granting permissions by providing a list of IAM action information for each principal ARN.\n\nTo specify no permissions, omit the permissions list.", + "title": "Permissions", + "type": "array" + }, + "SourceEntity": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DashboardSourceEntity", + "markdownDescription": "The entity that you are using as a source when you create the dashboard. In `SourceEntity` , you specify the type of object that you want to use. You can only create a dashboard from a template, so you use a `SourceTemplate` entity. If you need to create a dashboard from an analysis, first convert the analysis to a template by using the `CreateTemplate` API operation. For `SourceTemplate` , specify the Amazon Resource Name (ARN) of the source template. The `SourceTemplate` ARN can contain any AWS account; and any QuickSight-supported AWS Region .\n\nUse the `DataSetReferences` entity within `SourceTemplate` to list the replacement datasets for the placeholders listed in the original. The schema in each dataset must match its placeholder.", + "title": "SourceEntity" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Contains a map of the key-value pairs for the resource tag or tags assigned to the dashboard.", + "title": "Tags", + "type": "array" + }, + "ThemeArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the theme that is being used for this dashboard. If you add a value for this field, it overrides the value that is used in the source entity. The theme ARN must exist in the same AWS account where you create the dashboard.", + "title": "ThemeArn", "type": "string" }, - "UserExperienceVersion": { - "markdownDescription": "The user experience version of the topic.", - "title": "UserExperienceVersion", + "ValidationStrategy": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ValidationStrategy", + "markdownDescription": "The option to relax the validation that is required to create and update analyses, dashboards, and templates with definition objects. When you set this value to `LENIENT` , validation is skipped for specific errors.", + "title": "ValidationStrategy" + }, + "VersionDescription": { + "markdownDescription": "A description for the first version of the dashboard being created.", + "title": "VersionDescription", "type": "string" } }, + "required": [ + "AwsAccountId", + "DashboardId", + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::QuickSight::Topic" + "AWS::QuickSight::Dashboard" ], "type": "string" }, @@ -222929,18906 +234140,14257 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Topic.CellValueSynonym": { + "AWS::QuickSight::Dashboard.AdHocFilteringOption": { "additionalProperties": false, "properties": { - "CellValue": { - "markdownDescription": "The cell value.", - "title": "CellValue", + "AvailabilityStatus": { + "markdownDescription": "Availability status.", + "title": "AvailabilityStatus", "type": "string" - }, - "Synonyms": { - "items": { - "type": "string" - }, - "markdownDescription": "Other names or aliases for the cell value.", - "title": "Synonyms", - "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Topic.CollectiveConstant": { + "AWS::QuickSight::Dashboard.AggregationFunction": { "additionalProperties": false, "properties": { - "ValueList": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of values for the collective constant.", - "title": "ValueList", - "type": "array" + "AttributeAggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AttributeAggregationFunction", + "markdownDescription": "Aggregation for attributes.", + "title": "AttributeAggregationFunction" + }, + "CategoricalAggregationFunction": { + "markdownDescription": "Aggregation for categorical values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values.", + "title": "CategoricalAggregationFunction", + "type": "string" + }, + "DateAggregationFunction": { + "markdownDescription": "Aggregation for date values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values.\n- `MIN` : Select the smallest date value.\n- `MAX` : Select the largest date value.", + "title": "DateAggregationFunction", + "type": "string" + }, + "NumericalAggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericalAggregationFunction", + "markdownDescription": "Aggregation for numerical values.", + "title": "NumericalAggregationFunction" } }, "type": "object" }, - "AWS::QuickSight::Topic.ComparativeOrder": { + "AWS::QuickSight::Dashboard.AggregationSortConfiguration": { "additionalProperties": false, "properties": { - "SpecifedOrder": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of columns to be used in the ordering.", - "title": "SpecifedOrder", - "type": "array" + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationFunction", + "markdownDescription": "The function that aggregates the values in `Column` .", + "title": "AggregationFunction" }, - "TreatUndefinedSpecifiedValues": { - "markdownDescription": "The treat of undefined specified values. Valid values for this structure are `LEAST` and `MOST` .", - "title": "TreatUndefinedSpecifiedValues", - "type": "string" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that determines the sort order of aggregated values.", + "title": "Column" }, - "UseOrdering": { - "markdownDescription": "The ordering type for a column. Valid values for this structure are `GREATER_IS_BETTER` , `LESSER_IS_BETTER` and `SPECIFIED` .", - "title": "UseOrdering", + "SortDirection": { + "markdownDescription": "The sort direction of values.\n\n- `ASC` : Sort in ascending order.\n- `DESC` : Sort in descending order.", + "title": "SortDirection", "type": "string" } }, + "required": [ + "Column", + "SortDirection" + ], "type": "object" }, - "AWS::QuickSight::Topic.DataAggregation": { + "AWS::QuickSight::Dashboard.AnalysisDefaults": { "additionalProperties": false, "properties": { - "DatasetRowDateGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "DatasetRowDateGranularity", + "DefaultNewSheetConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultNewSheetConfiguration", + "markdownDescription": "The configuration for default new sheet settings.", + "title": "DefaultNewSheetConfiguration" + } + }, + "required": [ + "DefaultNewSheetConfiguration" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.AnchorDateConfiguration": { + "additionalProperties": false, + "properties": { + "AnchorOption": { + "markdownDescription": "The options for the date configuration. Choose one of the options below:\n\n- `NOW`", + "title": "AnchorOption", "type": "string" }, - "DefaultDateColumnName": { - "markdownDescription": "The column name for the default date.", - "title": "DefaultDateColumnName", + "ParameterName": { + "markdownDescription": "The name of the parameter that is used for the anchor date configuration.", + "title": "ParameterName", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Topic.DatasetMetadata": { + "AWS::QuickSight::Dashboard.ArcAxisConfiguration": { "additionalProperties": false, "properties": { - "CalculatedFields": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicCalculatedField" - }, - "markdownDescription": "The list of calculated field definitions.", - "title": "CalculatedFields", - "type": "array" - }, - "Columns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicColumn" - }, - "markdownDescription": "The list of column definitions.", - "title": "Columns", - "type": "array" - }, - "DataAggregation": { - "$ref": "#/definitions/AWS::QuickSight::Topic.DataAggregation", - "markdownDescription": "The definition of a data aggregation.", - "title": "DataAggregation" + "Range": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ArcAxisDisplayRange", + "markdownDescription": "The arc axis range of a `GaugeChartVisual` .", + "title": "Range" }, - "DatasetArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the dataset.", - "title": "DatasetArn", - "type": "string" + "ReserveRange": { + "markdownDescription": "The reserved range of the arc axis.", + "title": "ReserveRange", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ArcAxisDisplayRange": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum value of the arc axis range.", + "title": "Max", + "type": "number" }, - "DatasetDescription": { - "markdownDescription": "The description of the dataset.", - "title": "DatasetDescription", - "type": "string" + "Min": { + "markdownDescription": "The minimum value of the arc axis range.", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ArcConfiguration": { + "additionalProperties": false, + "properties": { + "ArcAngle": { + "markdownDescription": "The option that determines the arc angle of a `GaugeChartVisual` .", + "title": "ArcAngle", + "type": "number" }, - "DatasetName": { - "markdownDescription": "The name of the dataset.", - "title": "DatasetName", + "ArcThickness": { + "markdownDescription": "The options that determine the arc thickness of a `GaugeChartVisual` .", + "title": "ArcThickness", "type": "string" - }, - "Filters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicFilter" - }, - "markdownDescription": "The list of filter definitions.", - "title": "Filters", - "type": "array" - }, - "NamedEntities": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicNamedEntity" - }, - "markdownDescription": "The list of named entities definitions.", - "title": "NamedEntities", - "type": "array" } }, - "required": [ - "DatasetArn" - ], "type": "object" }, - "AWS::QuickSight::Topic.DefaultFormatting": { + "AWS::QuickSight::Dashboard.ArcOptions": { "additionalProperties": false, "properties": { - "DisplayFormat": { - "markdownDescription": "The display format. Valid values for this structure are `AUTO` , `PERCENT` , `CURRENCY` , `NUMBER` , `DATE` , and `STRING` .", - "title": "DisplayFormat", + "ArcThickness": { + "markdownDescription": "The arc thickness of a `GaugeChartVisual` .", + "title": "ArcThickness", "type": "string" - }, - "DisplayFormatOptions": { - "$ref": "#/definitions/AWS::QuickSight::Topic.DisplayFormatOptions", - "markdownDescription": "The additional options for display formatting.", - "title": "DisplayFormatOptions" } }, "type": "object" }, - "AWS::QuickSight::Topic.DisplayFormatOptions": { + "AWS::QuickSight::Dashboard.AssetOptions": { "additionalProperties": false, "properties": { - "BlankCellFormat": { - "markdownDescription": "Determines the blank cell format.", - "title": "BlankCellFormat", + "Timezone": { + "markdownDescription": "Determines the timezone for the analysis.", + "title": "Timezone", "type": "string" }, - "CurrencySymbol": { - "markdownDescription": "The currency symbol, such as `USD` .", - "title": "CurrencySymbol", + "WeekStart": { + "markdownDescription": "Determines the week start day for an analysis.", + "title": "WeekStart", "type": "string" - }, - "DateFormat": { - "markdownDescription": "Determines the `DateTime` format.", - "title": "DateFormat", + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.AttributeAggregationFunction": { + "additionalProperties": false, + "properties": { + "SimpleAttributeAggregation": { + "markdownDescription": "The built-in aggregation functions for attributes.\n\n- `UNIQUE_VALUE` : Returns the unique value for a field, aggregated by the dimension fields.", + "title": "SimpleAttributeAggregation", "type": "string" }, - "DecimalSeparator": { - "markdownDescription": "Determines the decimal separator.", - "title": "DecimalSeparator", + "ValueForMultipleValues": { + "markdownDescription": "Used by the `UNIQUE_VALUE` aggregation function. If there are multiple values for the field used by the aggregation, the value for this property will be returned instead. Defaults to '*'.", + "title": "ValueForMultipleValues", "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.AxisDataOptions": { + "additionalProperties": false, + "properties": { + "DateAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateAxisOptions", + "markdownDescription": "The options for an axis with a date field.", + "title": "DateAxisOptions" }, - "FractionDigits": { - "markdownDescription": "Determines the number of fraction digits.", - "title": "FractionDigits", + "NumericAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericAxisOptions", + "markdownDescription": "The options for an axis with a numeric field.", + "title": "NumericAxisOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.AxisDisplayMinMaxRange": { + "additionalProperties": false, + "properties": { + "Maximum": { + "markdownDescription": "The maximum setup for an axis display range.", + "title": "Maximum", "type": "number" }, - "GroupingSeparator": { - "markdownDescription": "Determines the grouping separator.", - "title": "GroupingSeparator", + "Minimum": { + "markdownDescription": "The minimum setup for an axis display range.", + "title": "Minimum", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.AxisDisplayOptions": { + "additionalProperties": false, + "properties": { + "AxisLineVisibility": { + "markdownDescription": "Determines whether or not the axis line is visible.", + "title": "AxisLineVisibility", "type": "string" }, - "NegativeFormat": { - "$ref": "#/definitions/AWS::QuickSight::Topic.NegativeFormat", - "markdownDescription": "The negative format.", - "title": "NegativeFormat" - }, - "Prefix": { - "markdownDescription": "The prefix value for a display format.", - "title": "Prefix", + "AxisOffset": { + "markdownDescription": "The offset value that determines the starting placement of the axis within a visual's bounds.", + "title": "AxisOffset", "type": "string" }, - "Suffix": { - "markdownDescription": "The suffix value for a display format.", - "title": "Suffix", - "type": "string" + "DataOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDataOptions", + "markdownDescription": "The data options for an axis.", + "title": "DataOptions" }, - "UnitScaler": { - "markdownDescription": "The unit scaler. Valid values for this structure are: `NONE` , `AUTO` , `THOUSANDS` , `MILLIONS` , `BILLIONS` , and `TRILLIONS` .", - "title": "UnitScaler", + "GridLineVisibility": { + "markdownDescription": "Determines whether or not the grid line is visible.", + "title": "GridLineVisibility", "type": "string" }, - "UseBlankCellFormat": { - "markdownDescription": "A Boolean value that indicates whether to use blank cell format.", - "title": "UseBlankCellFormat", - "type": "boolean" + "ScrollbarOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScrollBarOptions", + "markdownDescription": "The scroll bar options for an axis.", + "title": "ScrollbarOptions" }, - "UseGrouping": { - "markdownDescription": "A Boolean value that indicates whether to use grouping.", - "title": "UseGrouping", - "type": "boolean" + "TickLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisTickLabelOptions", + "markdownDescription": "The tick label options of an axis.", + "title": "TickLabelOptions" } }, "type": "object" }, - "AWS::QuickSight::Topic.NamedEntityDefinition": { + "AWS::QuickSight::Dashboard.AxisDisplayRange": { "additionalProperties": false, "properties": { - "FieldName": { - "markdownDescription": "The name of the entity.", - "title": "FieldName", - "type": "string" + "DataDriven": { + "markdownDescription": "The data-driven setup of an axis display range.", + "title": "DataDriven", + "type": "object" }, - "Metric": { - "$ref": "#/definitions/AWS::QuickSight::Topic.NamedEntityDefinitionMetric", - "markdownDescription": "The definition of a metric.", - "title": "Metric" + "MinMax": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayMinMaxRange", + "markdownDescription": "The minimum and maximum setup of an axis display range.", + "title": "MinMax" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.AxisLabelOptions": { + "additionalProperties": false, + "properties": { + "ApplyTo": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisLabelReferenceOptions", + "markdownDescription": "The options that indicate which field the label belongs to.", + "title": "ApplyTo" }, - "PropertyName": { - "markdownDescription": "The property name to be used for the named entity.", - "title": "PropertyName", + "CustomLabel": { + "markdownDescription": "The text for the axis label.", + "title": "CustomLabel", "type": "string" }, - "PropertyRole": { - "markdownDescription": "The property role. Valid values for this structure are `PRIMARY` and `ID` .", - "title": "PropertyRole", - "type": "string" + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", + "markdownDescription": "The font configuration of the axis label.", + "title": "FontConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.AxisLabelReferenceOptions": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that the axis label is targeted to.", + "title": "Column" }, - "PropertyUsage": { - "markdownDescription": "The property usage. Valid values for this structure are `INHERIT` , `DIMENSION` , and `MEASURE` .", - "title": "PropertyUsage", + "FieldId": { + "markdownDescription": "The field that the axis label is targeted to.", + "title": "FieldId", "type": "string" } }, + "required": [ + "Column", + "FieldId" + ], "type": "object" }, - "AWS::QuickSight::Topic.NamedEntityDefinitionMetric": { + "AWS::QuickSight::Dashboard.AxisLinearScale": { "additionalProperties": false, "properties": { - "Aggregation": { - "markdownDescription": "The aggregation of a named entity. Valid values for this structure are `SUM` , `MIN` , `MAX` , `COUNT` , `AVERAGE` , `DISTINCT_COUNT` , `STDEV` , `STDEVP` , `VAR` , `VARP` , `PERCENTILE` , `MEDIAN` , and `CUSTOM` .", - "title": "Aggregation", - "type": "string" + "StepCount": { + "markdownDescription": "The step count setup of a linear axis.", + "title": "StepCount", + "type": "number" }, - "AggregationFunctionParameters": { - "additionalProperties": true, - "markdownDescription": "The additional parameters for an aggregation function.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "AggregationFunctionParameters", - "type": "object" + "StepSize": { + "markdownDescription": "The step size setup of a linear axis.", + "title": "StepSize", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Topic.NegativeFormat": { + "AWS::QuickSight::Dashboard.AxisLogarithmicScale": { "additionalProperties": false, "properties": { - "Prefix": { - "markdownDescription": "The prefix for a negative format.", - "title": "Prefix", - "type": "string" - }, - "Suffix": { - "markdownDescription": "The suffix for a negative format.", - "title": "Suffix", - "type": "string" + "Base": { + "markdownDescription": "The base setup of a logarithmic axis scale.", + "title": "Base", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Topic.RangeConstant": { + "AWS::QuickSight::Dashboard.AxisScale": { "additionalProperties": false, "properties": { - "Maximum": { - "markdownDescription": "The maximum value for a range constant.", - "title": "Maximum", - "type": "string" + "Linear": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisLinearScale", + "markdownDescription": "The linear axis scale setup.", + "title": "Linear" }, - "Minimum": { - "markdownDescription": "The minimum value for a range constant.", - "title": "Minimum", - "type": "string" + "Logarithmic": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisLogarithmicScale", + "markdownDescription": "The logarithmic axis scale setup.", + "title": "Logarithmic" } }, "type": "object" }, - "AWS::QuickSight::Topic.SemanticEntityType": { + "AWS::QuickSight::Dashboard.AxisTickLabelOptions": { "additionalProperties": false, "properties": { - "SubTypeName": { - "markdownDescription": "The semantic entity sub type name.", - "title": "SubTypeName", - "type": "string" - }, - "TypeName": { - "markdownDescription": "The semantic entity type name.", - "title": "TypeName", - "type": "string" + "LabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", + "markdownDescription": "Determines whether or not the axis ticks are visible.", + "title": "LabelOptions" }, - "TypeParameters": { - "additionalProperties": true, - "markdownDescription": "The semantic entity type parameters.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "TypeParameters", - "type": "object" + "RotationAngle": { + "markdownDescription": "The rotation angle of the axis tick labels.", + "title": "RotationAngle", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Topic.SemanticType": { + "AWS::QuickSight::Dashboard.BarChartAggregatedFieldWells": { "additionalProperties": false, "properties": { - "FalseyCellValue": { - "markdownDescription": "The semantic type falsey cell value.", - "title": "FalseyCellValue", - "type": "string" - }, - "FalseyCellValueSynonyms": { + "Category": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, - "markdownDescription": "The other names or aliases for the false cell value.", - "title": "FalseyCellValueSynonyms", + "markdownDescription": "The category (y-axis) field well of a bar chart.", + "title": "Category", "type": "array" }, - "SubTypeName": { - "markdownDescription": "The semantic type sub type name.", - "title": "SubTypeName", - "type": "string" - }, - "TruthyCellValue": { - "markdownDescription": "The semantic type truthy cell value.", - "title": "TruthyCellValue", - "type": "string" - }, - "TruthyCellValueSynonyms": { + "Colors": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, - "markdownDescription": "The other names or aliases for the true cell value.", - "title": "TruthyCellValueSynonyms", + "markdownDescription": "The color (group/color) field well of a bar chart.", + "title": "Colors", "type": "array" }, - "TypeName": { - "markdownDescription": "The semantic type name.", - "title": "TypeName", - "type": "string" + "SmallMultiples": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The small multiples field well of a bar chart.", + "title": "SmallMultiples", + "type": "array" }, - "TypeParameters": { - "additionalProperties": true, - "markdownDescription": "The semantic type parameters.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" }, - "title": "TypeParameters", - "type": "object" + "markdownDescription": "The value field wells of a bar chart. Values are aggregated by category.", + "title": "Values", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Topic.TopicCalculatedField": { + "AWS::QuickSight::Dashboard.BarChartConfiguration": { "additionalProperties": false, "properties": { - "Aggregation": { - "markdownDescription": "The default aggregation. Valid values for this structure are `SUM` , `MAX` , `MIN` , `COUNT` , `DISTINCT_COUNT` , and `AVERAGE` .", - "title": "Aggregation", + "BarsArrangement": { + "markdownDescription": "Determines the arrangement of the bars. The orientation and arrangement of bars determine the type of bar that is used in the visual.", + "title": "BarsArrangement", "type": "string" }, - "AllowedAggregations": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of aggregation types that are allowed for the calculated field. Valid values for this structure are `COUNT` , `DISTINCT_COUNT` , `MIN` , `MAX` , `MEDIAN` , `SUM` , `AVERAGE` , `STDEV` , `STDEVP` , `VAR` , `VARP` , and `PERCENTILE` .", - "title": "AllowedAggregations", - "type": "array" - }, - "CalculatedFieldDescription": { - "markdownDescription": "The calculated field description.", - "title": "CalculatedFieldDescription", - "type": "string" + "CategoryAxis": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) for bar chart category.", + "title": "CategoryAxis" }, - "CalculatedFieldName": { - "markdownDescription": "The calculated field name.", - "title": "CalculatedFieldName", - "type": "string" + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a bar chart.", + "title": "CategoryLabelOptions" }, - "CalculatedFieldSynonyms": { - "items": { - "type": "string" - }, - "markdownDescription": "The other names or aliases for the calculated field.", - "title": "CalculatedFieldSynonyms", - "type": "array" + "ColorLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a color that is used in a bar chart.", + "title": "ColorLabelOptions" }, - "CellValueSynonyms": { + "ContributionAnalysisDefaults": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Topic.CellValueSynonym" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ContributionAnalysisDefault" }, - "markdownDescription": "The other names or aliases for the calculated field cell value.", - "title": "CellValueSynonyms", + "markdownDescription": "The contribution analysis (anomaly configuration) setup of the visual.", + "title": "ContributionAnalysisDefaults", "type": "array" }, - "ColumnDataRole": { - "markdownDescription": "The column data role for a calculated field. Valid values for this structure are `DIMENSION` and `MEASURE` .", - "title": "ColumnDataRole", - "type": "string" - }, - "ComparativeOrder": { - "$ref": "#/definitions/AWS::QuickSight::Topic.ComparativeOrder", - "markdownDescription": "The order in which data is displayed for the calculated field when it's used in a comparative context.", - "title": "ComparativeOrder" - }, - "DefaultFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Topic.DefaultFormatting", - "markdownDescription": "The default formatting definition.", - "title": "DefaultFormatting" + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.", + "title": "DataLabels" }, - "Expression": { - "markdownDescription": "The calculated field expression.", - "title": "Expression", - "type": "string" + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BarChartFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" }, - "IsIncludedInTopic": { - "markdownDescription": "A boolean value that indicates if a calculated field is included in the topic.", - "title": "IsIncludedInTopic", - "type": "boolean" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" }, - "NeverAggregateInFilter": { - "markdownDescription": "A Boolean value that indicates whether to never aggregate calculated field in filters.", - "title": "NeverAggregateInFilter", - "type": "boolean" + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" }, - "NonAdditive": { - "markdownDescription": "The non additive for the table style target.", - "title": "NonAdditive", - "type": "boolean" + "Orientation": { + "markdownDescription": "The orientation of the bars in a bar chart visual. There are two valid values in this structure:\n\n- `HORIZONTAL` : Used for charts that have horizontal bars. Visuals that use this value are horizontal bar charts, horizontal stacked bar charts, and horizontal stacked 100% bar charts.\n- `VERTICAL` : Used for charts that have vertical bars. Visuals that use this value are vertical bar charts, vertical stacked bar charts, and vertical stacked 100% bar charts.", + "title": "Orientation", + "type": "string" }, - "NotAllowedAggregations": { + "ReferenceLines": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLine" }, - "markdownDescription": "The list of aggregation types that are not allowed for the calculated field. Valid values for this structure are `COUNT` , `DISTINCT_COUNT` , `MIN` , `MAX` , `MEDIAN` , `SUM` , `AVERAGE` , `STDEV` , `STDEVP` , `VAR` , `VARP` , and `PERCENTILE` .", - "title": "NotAllowedAggregations", + "markdownDescription": "The reference line setup of the visual.", + "title": "ReferenceLines", "type": "array" }, - "SemanticType": { - "$ref": "#/definitions/AWS::QuickSight::Topic.SemanticType", - "markdownDescription": "The semantic type.", - "title": "SemanticType" + "SmallMultiplesOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SmallMultiplesOptions", + "markdownDescription": "The small multiples setup for the visual.", + "title": "SmallMultiplesOptions" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", - "type": "string" - } - }, - "required": [ - "CalculatedFieldName", - "Expression" - ], - "type": "object" - }, - "AWS::QuickSight::Topic.TopicCategoryFilter": { - "additionalProperties": false, - "properties": { - "CategoryFilterFunction": { - "markdownDescription": "The category filter function. Valid values for this structure are `EXACT` and `CONTAINS` .", - "title": "CategoryFilterFunction", - "type": "string" + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BarChartSortConfiguration", + "markdownDescription": "The sort configuration of a `BarChartVisual` .", + "title": "SortConfiguration" }, - "CategoryFilterType": { - "markdownDescription": "The category filter type. This element is used to specify whether a filter is a simple category filter or an inverse category filter.", - "title": "CategoryFilterType", - "type": "string" + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" }, - "Constant": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicCategoryFilterConstant", - "markdownDescription": "The constant used in a category filter.", - "title": "Constant" + "ValueAxis": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) for a bar chart value.", + "title": "ValueAxis" }, - "Inverse": { - "markdownDescription": "A Boolean value that indicates if the filter is inverse.", - "title": "Inverse", - "type": "boolean" + "ValueLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a bar chart value.", + "title": "ValueLabelOptions" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" } }, "type": "object" }, - "AWS::QuickSight::Topic.TopicCategoryFilterConstant": { + "AWS::QuickSight::Dashboard.BarChartFieldWells": { "additionalProperties": false, "properties": { - "CollectiveConstant": { - "$ref": "#/definitions/AWS::QuickSight::Topic.CollectiveConstant", - "markdownDescription": "A collective constant used in a category filter. This element is used to specify a list of values for the constant.", - "title": "CollectiveConstant" - }, - "ConstantType": { - "markdownDescription": "The type of category filter constant. This element is used to specify whether a constant is a singular or collective. Valid values are `SINGULAR` and `COLLECTIVE` .", - "title": "ConstantType", - "type": "string" - }, - "SingularConstant": { - "markdownDescription": "A singular constant used in a category filter. This element is used to specify a single value for the constant.", - "title": "SingularConstant", - "type": "string" + "BarChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BarChartAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a bar chart.", + "title": "BarChartAggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Topic.TopicColumn": { + "AWS::QuickSight::Dashboard.BarChartSortConfiguration": { "additionalProperties": false, "properties": { - "Aggregation": { - "markdownDescription": "The type of aggregation that is performed on the column data when it's queried.", - "title": "Aggregation", - "type": "string" + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of categories displayed in a bar chart.", + "title": "CategoryItemsLimit" }, - "AllowedAggregations": { + "CategorySort": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" }, - "markdownDescription": "The list of aggregation types that are allowed for the column. Valid values for this structure are `COUNT` , `DISTINCT_COUNT` , `MIN` , `MAX` , `MEDIAN` , `SUM` , `AVERAGE` , `STDEV` , `STDEVP` , `VAR` , `VARP` , and `PERCENTILE` .", - "title": "AllowedAggregations", + "markdownDescription": "The sort configuration of category fields.", + "title": "CategorySort", "type": "array" }, - "CellValueSynonyms": { + "ColorItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of values displayed in a bar chart.", + "title": "ColorItemsLimit" + }, + "ColorSort": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Topic.CellValueSynonym" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" }, - "markdownDescription": "The other names or aliases for the column cell value.", - "title": "CellValueSynonyms", + "markdownDescription": "The sort configuration of color fields in a bar chart.", + "title": "ColorSort", "type": "array" }, - "ColumnDataRole": { - "markdownDescription": "The role of the column in the data. Valid values are `DIMENSION` and `MEASURE` .", - "title": "ColumnDataRole", - "type": "string" - }, - "ColumnDescription": { - "markdownDescription": "A description of the column and its contents.", - "title": "ColumnDescription", - "type": "string" - }, - "ColumnFriendlyName": { - "markdownDescription": "A user-friendly name for the column.", - "title": "ColumnFriendlyName", - "type": "string" - }, - "ColumnName": { - "markdownDescription": "The name of the column.", - "title": "ColumnName", - "type": "string" + "SmallMultiplesLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of small multiples panels that are displayed.", + "title": "SmallMultiplesLimitConfiguration" }, - "ColumnSynonyms": { + "SmallMultiplesSort": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" }, - "markdownDescription": "The other names or aliases for the column.", - "title": "ColumnSynonyms", + "markdownDescription": "The sort configuration of the small multiples field.", + "title": "SmallMultiplesSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BarChartVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", "type": "array" }, - "ComparativeOrder": { - "$ref": "#/definitions/AWS::QuickSight::Topic.ComparativeOrder", - "markdownDescription": "The order in which data is displayed for the column when it's used in a comparative context.", - "title": "ComparativeOrder" - }, - "DefaultFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Topic.DefaultFormatting", - "markdownDescription": "The default formatting used for values in the column.", - "title": "DefaultFormatting" - }, - "IsIncludedInTopic": { - "markdownDescription": "A Boolean value that indicates whether the column is included in the query results.", - "title": "IsIncludedInTopic", - "type": "boolean" - }, - "NeverAggregateInFilter": { - "markdownDescription": "A Boolean value that indicates whether to aggregate the column data when it's used in a filter context.", - "title": "NeverAggregateInFilter", - "type": "boolean" - }, - "NonAdditive": { - "markdownDescription": "The non additive value for the column.", - "title": "NonAdditive", - "type": "boolean" + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BarChartConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" }, - "NotAllowedAggregations": { + "ColumnHierarchies": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" }, - "markdownDescription": "The list of aggregation types that are not allowed for the column. Valid values for this structure are `COUNT` , `DISTINCT_COUNT` , `MIN` , `MAX` , `MEDIAN` , `SUM` , `AVERAGE` , `STDEV` , `STDEVP` , `VAR` , `VARP` , and `PERCENTILE` .", - "title": "NotAllowedAggregations", + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", "type": "array" }, - "SemanticType": { - "$ref": "#/definitions/AWS::QuickSight::Topic.SemanticType", - "markdownDescription": "The semantic type of data contained in the column.", - "title": "SemanticType" + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", "type": "string" } }, "required": [ - "ColumnName" + "VisualId" ], "type": "object" }, - "AWS::QuickSight::Topic.TopicDateRangeFilter": { + "AWS::QuickSight::Dashboard.BinCountOptions": { "additionalProperties": false, "properties": { - "Constant": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicRangeFilterConstant", - "markdownDescription": "The constant used in a date range filter.", - "title": "Constant" + "Value": { + "markdownDescription": "The options that determine the bin count value.", + "title": "Value", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BinWidthOptions": { + "additionalProperties": false, + "properties": { + "BinCountLimit": { + "markdownDescription": "The options that determine the bin count limit.", + "title": "BinCountLimit", + "type": "number" }, - "Inclusive": { - "markdownDescription": "A Boolean value that indicates whether the date range filter should include the boundary values. If set to true, the filter includes the start and end dates. If set to false, the filter excludes them.", - "title": "Inclusive", - "type": "boolean" + "Value": { + "markdownDescription": "The options that determine the bin width value.", + "title": "Value", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Topic.TopicFilter": { + "AWS::QuickSight::Dashboard.BodySectionConfiguration": { "additionalProperties": false, "properties": { - "CategoryFilter": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicCategoryFilter", - "markdownDescription": "The category filter that is associated with this filter.", - "title": "CategoryFilter" + "Content": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BodySectionContent", + "markdownDescription": "The configuration of content in a body section.", + "title": "Content" }, - "DateRangeFilter": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicDateRangeFilter", - "markdownDescription": "The date range filter.", - "title": "DateRangeFilter" + "PageBreakConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionPageBreakConfiguration", + "markdownDescription": "The configuration of a page break for a section.", + "title": "PageBreakConfiguration" }, - "FilterClass": { - "markdownDescription": "The class of the filter. Valid values for this structure are `ENFORCED_VALUE_FILTER` , `CONDITIONAL_VALUE_FILTER` , and `NAMED_VALUE_FILTER` .", - "title": "FilterClass", - "type": "string" + "RepeatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BodySectionRepeatConfiguration", + "markdownDescription": "Describes the configurations that are required to declare a section as repeating.", + "title": "RepeatConfiguration" }, - "FilterDescription": { - "markdownDescription": "A description of the filter used to select items for a topic.", - "title": "FilterDescription", + "SectionId": { + "markdownDescription": "The unique identifier of a body section.", + "title": "SectionId", "type": "string" }, - "FilterName": { - "markdownDescription": "The name of the filter.", - "title": "FilterName", - "type": "string" + "Style": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionStyle", + "markdownDescription": "The style options of a body section.", + "title": "Style" + } + }, + "required": [ + "Content", + "SectionId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.BodySectionContent": { + "additionalProperties": false, + "properties": { + "Layout": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionLayoutConfiguration", + "markdownDescription": "The layout configuration of a body section.", + "title": "Layout" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BodySectionDynamicCategoryDimensionConfiguration": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "", + "title": "Column" }, - "FilterSynonyms": { + "Limit": { + "markdownDescription": "Number of values to use from the column for repetition.", + "title": "Limit", + "type": "number" + }, + "SortByMetrics": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnSort" }, - "markdownDescription": "The other names or aliases for the filter.", - "title": "FilterSynonyms", + "markdownDescription": "Sort criteria on the column values that you use for repetition.", + "title": "SortByMetrics", "type": "array" + } + }, + "required": [ + "Column" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.BodySectionDynamicNumericDimensionConfiguration": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "", + "title": "Column" }, - "FilterType": { - "markdownDescription": "The type of the filter. Valid values for this structure are `CATEGORY_FILTER` , `NUMERIC_EQUALITY_FILTER` , `NUMERIC_RANGE_FILTER` , `DATE_RANGE_FILTER` , and `RELATIVE_DATE_FILTER` .", - "title": "FilterType", - "type": "string" - }, - "NumericEqualityFilter": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicNumericEqualityFilter", - "markdownDescription": "The numeric equality filter.", - "title": "NumericEqualityFilter" - }, - "NumericRangeFilter": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicNumericRangeFilter", - "markdownDescription": "The numeric range filter.", - "title": "NumericRangeFilter" - }, - "OperandFieldName": { - "markdownDescription": "The name of the field that the filter operates on.", - "title": "OperandFieldName", - "type": "string" + "Limit": { + "markdownDescription": "Number of values to use from the column for repetition.", + "title": "Limit", + "type": "number" }, - "RelativeDateFilter": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicRelativeDateFilter", - "markdownDescription": "The relative date filter.", - "title": "RelativeDateFilter" + "SortByMetrics": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnSort" + }, + "markdownDescription": "Sort criteria on the column values that you use for repetition.", + "title": "SortByMetrics", + "type": "array" } }, "required": [ - "FilterName", - "OperandFieldName" + "Column" ], "type": "object" }, - "AWS::QuickSight::Topic.TopicNamedEntity": { + "AWS::QuickSight::Dashboard.BodySectionRepeatConfiguration": { "additionalProperties": false, "properties": { - "Definition": { + "DimensionConfigurations": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Topic.NamedEntityDefinition" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BodySectionRepeatDimensionConfiguration" }, - "markdownDescription": "The definition of a named entity.", - "title": "Definition", + "markdownDescription": "List of `BodySectionRepeatDimensionConfiguration` values that describe the dataset column and constraints for the column used to repeat the contents of a section.", + "title": "DimensionConfigurations", "type": "array" }, - "EntityDescription": { - "markdownDescription": "The description of the named entity.", - "title": "EntityDescription", - "type": "string" - }, - "EntityName": { - "markdownDescription": "The name of the named entity.", - "title": "EntityName", - "type": "string" - }, - "EntitySynonyms": { + "NonRepeatingVisuals": { "items": { "type": "string" }, - "markdownDescription": "The other names or aliases for the named entity.", - "title": "EntitySynonyms", + "markdownDescription": "List of visuals to exclude from repetition in repeating sections. The visuals will render identically, and ignore the repeating configurations in all repeating instances.", + "title": "NonRepeatingVisuals", "type": "array" }, - "SemanticEntityType": { - "$ref": "#/definitions/AWS::QuickSight::Topic.SemanticEntityType", - "markdownDescription": "The type of named entity that a topic represents.", - "title": "SemanticEntityType" + "PageBreakConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BodySectionRepeatPageBreakConfiguration", + "markdownDescription": "Page break configuration to apply for each repeating instance.", + "title": "PageBreakConfiguration" } }, - "required": [ - "EntityName" - ], "type": "object" }, - "AWS::QuickSight::Topic.TopicNumericEqualityFilter": { + "AWS::QuickSight::Dashboard.BodySectionRepeatDimensionConfiguration": { "additionalProperties": false, "properties": { - "Aggregation": { - "markdownDescription": "An aggregation function that specifies how to calculate the value of a numeric field for a topic. Valid values for this structure are `NO_AGGREGATION` , `SUM` , `AVERAGE` , `COUNT` , `DISTINCT_COUNT` , `MAX` , `MEDIAN` , `MIN` , `STDEV` , `STDEVP` , `VAR` , and `VARP` .", - "title": "Aggregation", - "type": "string" + "DynamicCategoryDimensionConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BodySectionDynamicCategoryDimensionConfiguration", + "markdownDescription": "Describes the *Category* dataset column and constraints around the dynamic values that will be used in repeating the section contents.", + "title": "DynamicCategoryDimensionConfiguration" }, - "Constant": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicSingularFilterConstant", - "markdownDescription": "The constant used in a numeric equality filter.", - "title": "Constant" + "DynamicNumericDimensionConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BodySectionDynamicNumericDimensionConfiguration", + "markdownDescription": "Describes the *Numeric* dataset column and constraints around the dynamic values used to repeat the contents of a section.", + "title": "DynamicNumericDimensionConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Topic.TopicNumericRangeFilter": { + "AWS::QuickSight::Dashboard.BodySectionRepeatPageBreakConfiguration": { "additionalProperties": false, "properties": { - "Aggregation": { - "markdownDescription": "An aggregation function that specifies how to calculate the value of a numeric field for a topic, Valid values for this structure are `NO_AGGREGATION` , `SUM` , `AVERAGE` , `COUNT` , `DISTINCT_COUNT` , `MAX` , `MEDIAN` , `MIN` , `STDEV` , `STDEVP` , `VAR` , and `VARP` .", - "title": "Aggregation", - "type": "string" - }, - "Constant": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicRangeFilterConstant", - "markdownDescription": "The constant used in a numeric range filter.", - "title": "Constant" - }, - "Inclusive": { - "markdownDescription": "A Boolean value that indicates whether the endpoints of the numeric range are included in the filter. If set to true, topics whose numeric field value is equal to the endpoint values will be included in the filter. If set to false, topics whose numeric field value is equal to the endpoint values will be excluded from the filter.", - "title": "Inclusive", - "type": "boolean" + "After": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionAfterPageBreak", + "markdownDescription": "", + "title": "After" } }, "type": "object" }, - "AWS::QuickSight::Topic.TopicRangeFilterConstant": { + "AWS::QuickSight::Dashboard.BoxPlotAggregatedFieldWells": { "additionalProperties": false, "properties": { - "ConstantType": { - "markdownDescription": "The data type of the constant value that is used in a range filter. Valid values for this structure are `RANGE` .", - "title": "ConstantType", - "type": "string" + "GroupBy": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The group by field well of a box plot chart. Values are grouped based on group by fields.", + "title": "GroupBy", + "type": "array" }, - "RangeConstant": { - "$ref": "#/definitions/AWS::QuickSight::Topic.RangeConstant", - "markdownDescription": "The value of the constant that is used to specify the endpoints of a range filter.", - "title": "RangeConstant" + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The value field well of a box plot chart. Values are aggregated based on group by fields.", + "title": "Values", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Topic.TopicRelativeDateFilter": { + "AWS::QuickSight::Dashboard.BoxPlotChartConfiguration": { "additionalProperties": false, "properties": { - "Constant": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicSingularFilterConstant", - "markdownDescription": "The constant used in a relative date filter.", - "title": "Constant" + "BoxPlotOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotOptions", + "markdownDescription": "The box plot chart options for a box plot visual", + "title": "BoxPlotOptions" }, - "RelativeDateFilterFunction": { - "markdownDescription": "The function to be used in a relative date filter to determine the range of dates to include in the results. Valid values for this structure are `BEFORE` , `AFTER` , and `BETWEEN` .", - "title": "RelativeDateFilterFunction", - "type": "string" + "CategoryAxis": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) of a box plot category.", + "title": "CategoryAxis" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", - "type": "string" + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort Icon visibility) of a box plot category.", + "title": "CategoryLabelOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", + "markdownDescription": "", + "title": "Legend" + }, + "PrimaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) of a box plot category.", + "title": "PrimaryYAxisDisplayOptions" + }, + "PrimaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort icon visibility) of a box plot value.", + "title": "PrimaryYAxisLabelOptions" + }, + "ReferenceLines": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLine" + }, + "markdownDescription": "The reference line setup of the visual.", + "title": "ReferenceLines", + "type": "array" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotSortConfiguration", + "markdownDescription": "The sort configuration of a `BoxPlotVisual` .", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" } }, "type": "object" }, - "AWS::QuickSight::Topic.TopicSingularFilterConstant": { + "AWS::QuickSight::Dashboard.BoxPlotFieldWells": { "additionalProperties": false, "properties": { - "ConstantType": { - "markdownDescription": "The type of the singular filter constant. Valid values for this structure are `SINGULAR` .", - "title": "ConstantType", + "BoxPlotAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a box plot.", + "title": "BoxPlotAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BoxPlotOptions": { + "additionalProperties": false, + "properties": { + "AllDataPointsVisibility": { + "markdownDescription": "Determines the visibility of all data points of the box plot.", + "title": "AllDataPointsVisibility", "type": "string" }, - "SingularConstant": { - "markdownDescription": "The value of the singular filter constant.", - "title": "SingularConstant", + "OutlierVisibility": { + "markdownDescription": "Determines the visibility of the outlier in a box plot.", + "title": "OutlierVisibility", "type": "string" + }, + "StyleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotStyleOptions", + "markdownDescription": "The style options of the box plot.", + "title": "StyleOptions" } }, "type": "object" }, - "AWS::QuickSight::VPCConnection": { + "AWS::QuickSight::Dashboard.BoxPlotSortConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of a group by fields.", + "title": "CategorySort", + "type": "array" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "PaginationConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PaginationConfiguration", + "markdownDescription": "The pagination configuration of a table visual or box plot.", + "title": "PaginationConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BoxPlotStyleOptions": { + "additionalProperties": false, + "properties": { + "FillStyle": { + "markdownDescription": "The fill styles (solid, transparent) of the box plot.", + "title": "FillStyle", "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BoxPlotVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotChartConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AvailabilityStatus": { - "markdownDescription": "The availability status of the VPC connection.", - "title": "AvailabilityStatus", - "type": "string" - }, - "AwsAccountId": { - "markdownDescription": "The AWS account ID of the account where you want to create a new VPC connection.", - "title": "AwsAccountId", - "type": "string" - }, - "DnsResolvers": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of IP addresses of DNS resolver endpoints for the VPC connection.", - "title": "DnsResolvers", - "type": "array" - }, - "Name": { - "markdownDescription": "The display name for the VPC connection.", - "title": "Name", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role associated with the VPC connection.", - "title": "RoleArn", - "type": "string" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon EC2 security group IDs associated with the VPC connection.", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of subnet IDs for the VPC connection.", - "title": "SubnetIds", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A map of the key-value pairs for the resource tag or tags assigned to the VPC connection.", - "title": "Tags", - "type": "array" - }, - "VPCConnectionId": { - "markdownDescription": "The ID of the VPC connection that you're creating. This ID is a unique identifier for each AWS Region in an AWS account.", - "title": "VPCConnectionId", - "type": "string" - } + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" }, - "type": "object" + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" }, - "Type": { - "enum": [ - "AWS::QuickSight::VPCConnection" - ], + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", "type": "string" } }, "required": [ - "Type" + "VisualId" ], "type": "object" }, - "AWS::QuickSight::VPCConnection.NetworkInterface": { + "AWS::QuickSight::Dashboard.CalculatedField": { "additionalProperties": false, "properties": { - "AvailabilityZone": { - "markdownDescription": "The availability zone that the network interface resides in.", - "title": "AvailabilityZone", + "DataSetIdentifier": { + "markdownDescription": "The data set that is used in this calculated field.", + "title": "DataSetIdentifier", "type": "string" }, - "ErrorMessage": { - "markdownDescription": "An error message.", - "title": "ErrorMessage", + "Expression": { + "markdownDescription": "The expression of the calculated field.", + "title": "Expression", "type": "string" }, - "NetworkInterfaceId": { - "markdownDescription": "The network interface ID.", - "title": "NetworkInterfaceId", + "Name": { + "markdownDescription": "The name of the calculated field.", + "title": "Name", "type": "string" - }, - "Status": { - "markdownDescription": "The status of the network interface.", - "title": "Status", + } + }, + "required": [ + "DataSetIdentifier", + "Expression", + "Name" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.CalculatedMeasureField": { + "additionalProperties": false, + "properties": { + "Expression": { + "markdownDescription": "The expression in the table calculation.", + "title": "Expression", "type": "string" }, - "SubnetId": { - "markdownDescription": "The subnet ID associated with the network interface.", - "title": "SubnetId", + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", "type": "string" } }, + "required": [ + "Expression", + "FieldId" + ], "type": "object" }, - "AWS::RAM::Permission": { + "AWS::QuickSight::Dashboard.CascadingControlConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "SourceControls": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CascadingControlSource" + }, + "markdownDescription": "A list of source controls that determine the values that are used in the current control.", + "title": "SourceControls", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.CascadingControlSource": { + "additionalProperties": false, + "properties": { + "ColumnToMatch": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column identifier that determines which column to look up for the source sheet control.", + "title": "ColumnToMatch" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SourceSheetControlId": { + "markdownDescription": "The source sheet control ID of a `CascadingControlSource` .", + "title": "SourceSheetControlId", "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.CategoricalDimensionField": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that is used in the `CategoricalDimensionField` .", + "title": "Column" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "Specifies the name of the customer managed permission. The name must be unique within the AWS Region .", - "title": "Name", - "type": "string" - }, - "PolicyTemplate": { - "markdownDescription": "A string in JSON format string that contains the following elements of a resource-based policy:\n\n- *Effect* : must be set to `ALLOW` .\n- *Action* : specifies the actions that are allowed by this customer managed permission. The list must contain only actions that are supported by the specified resource type. For a list of all actions supported by each resource type, see [Actions, resources, and condition keys for AWS services](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html) in the *AWS Identity and Access Management User Guide* .\n- *Condition* : (optional) specifies conditional parameters that must evaluate to true when a user attempts an action for that action to be allowed. For more information about the Condition element, see [IAM policies: Condition element](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition.html) in the *AWS Identity and Access Management User Guide* .\n\nThis template can't include either the `Resource` or `Principal` elements. Those are both filled in by AWS RAM when it instantiates the resource-based policy on each resource shared using this managed permission. The `Resource` comes from the ARN of the specific resource that you are sharing. The `Principal` comes from the list of identities added to the resource share.", - "title": "PolicyTemplate", - "type": "object" - }, - "ResourceType": { - "markdownDescription": "Specifies the name of the resource type that this customer managed permission applies to.\n\nThe format is `** : **` and is not case sensitive. For example, to specify an Amazon EC2 Subnet, you can use the string `ec2:subnet` . To see the list of valid values for this parameter, query the [ListResourceTypes](https://docs.aws.amazon.com/ram/latest/APIReference/API_ListResourceTypes.html) operation.", - "title": "ResourceType", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Specifies a list of one or more tag key and value pairs to attach to the permission.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Name", - "PolicyTemplate", - "ResourceType" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::RAM::Permission" - ], + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" + }, + "HierarchyId": { + "markdownDescription": "The custom hierarchy ID.", + "title": "HierarchyId", "type": "string" } }, "required": [ - "Type", - "Properties" + "Column", + "FieldId" ], "type": "object" }, - "AWS::RAM::ResourceShare": { + "AWS::QuickSight::Dashboard.CategoricalMeasureField": { "additionalProperties": false, "properties": { - "Condition": { + "AggregationFunction": { + "markdownDescription": "The aggregation function of the measure field.", + "title": "AggregationFunction", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that is used in the `CategoricalMeasureField` .", + "title": "Column" + }, + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" + } + }, + "required": [ + "Column", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.CategoryDrillDownFilter": { + "additionalProperties": false, + "properties": { + "CategoryValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the string inputs that are the values of the category drill down filter.", + "title": "CategoryValues", + "type": "array" }, - "Metadata": { - "type": "object" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + } + }, + "required": [ + "CategoryValues", + "Column" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.CategoryFilter": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AllowExternalPrincipals": { - "markdownDescription": "Specifies whether principals outside your organization in AWS Organizations can be associated with a resource share. A value of `true` lets you share with individual AWS accounts that are *not* in your organization. A value of `false` only has meaning if your account is a member of an AWS Organization. The default value is `true` .", - "title": "AllowExternalPrincipals", - "type": "boolean" - }, - "Name": { - "markdownDescription": "Specifies the name of the resource share.", - "title": "Name", - "type": "string" - }, - "PermissionArns": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html) of the AWS RAM permission to associate with the resource share. If you do not specify an ARN for the permission, AWS RAM automatically attaches the default version of the permission for each resource type. You can associate only one permission with each resource type included in the resource share.", - "title": "PermissionArns", - "type": "array" - }, - "Principals": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the principals to associate with the resource share. The possible values are:\n\n- An AWS account ID\n- An Amazon Resource Name (ARN) of an organization in AWS Organizations\n- An ARN of an organizational unit (OU) in AWS Organizations\n- An ARN of an IAM role\n- An ARN of an IAM user\n\n> Not all resource types can be shared with IAM roles and users. For more information, see the column *Can share with IAM roles and users* in the tables on [Shareable AWS resources](https://docs.aws.amazon.com/ram/latest/userguide/shareable.html) in the *AWS Resource Access Manager User Guide* .", - "title": "Principals", - "type": "array" - }, - "ResourceArns": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies a list of one or more ARNs of the resources to associate with the resource share.", - "title": "ResourceArns", - "type": "array" - }, - "Sources": { - "items": { - "type": "string" - }, - "markdownDescription": "", - "title": "Sources", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Specifies one or more tags to attach to the resource share itself. It doesn't attach the tags to the resources associated with the resource share.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Name" - ], - "type": "object" + "Configuration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CategoryFilterConfiguration", + "markdownDescription": "The configuration for a `CategoryFilter` .", + "title": "Configuration" }, - "Type": { - "enum": [ - "AWS::RAM::ResourceShare" - ], - "type": "string" + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", "type": "string" } }, "required": [ - "Type", - "Properties" + "Column", + "Configuration", + "FilterId" ], "type": "object" }, - "AWS::RDS::CustomDBEngineVersion": { + "AWS::QuickSight::Dashboard.CategoryFilterConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "CustomFilterConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomFilterConfiguration", + "markdownDescription": "A custom filter that filters based on a single value. This filter can be partially matched.", + "title": "CustomFilterConfiguration" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "CustomFilterListConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomFilterListConfiguration", + "markdownDescription": "A list of custom filter values. In the Amazon QuickSight console, this filter type is called a custom filter list.", + "title": "CustomFilterListConfiguration" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "FilterListConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterListConfiguration", + "markdownDescription": "A list of filter configurations. In the Amazon QuickSight console, this filter type is called a filter list.", + "title": "FilterListConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.CategoryInnerFilter": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "", + "title": "Column" }, - "Metadata": { - "type": "object" + "Configuration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CategoryFilterConfiguration", + "markdownDescription": "", + "title": "Configuration" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DatabaseInstallationFilesS3BucketName": { - "markdownDescription": "The name of an Amazon S3 bucket that contains database installation files for your CEV. For example, a valid bucket name is `my-custom-installation-files` .", - "title": "DatabaseInstallationFilesS3BucketName", - "type": "string" - }, - "DatabaseInstallationFilesS3Prefix": { - "markdownDescription": "The Amazon S3 directory that contains the database installation files for your CEV. For example, a valid bucket name is `123456789012/cev1` . If this setting isn't specified, no prefix is assumed.", - "title": "DatabaseInstallationFilesS3Prefix", - "type": "string" - }, - "Description": { - "markdownDescription": "An optional description of your CEV.", - "title": "Description", - "type": "string" - }, - "Engine": { - "markdownDescription": "The database engine to use for your custom engine version (CEV).\n\nValid values:\n\n- `custom-oracle-ee`\n- `custom-oracle-ee-cdb`", - "title": "Engine", - "type": "string" - }, - "EngineVersion": { - "markdownDescription": "The name of your CEV. The name format is `major version.customized_string` . For example, a valid CEV name is `19.my_cev1` . This setting is required for RDS Custom for Oracle, but optional for Amazon RDS. The combination of `Engine` and `EngineVersion` is unique per customer per Region.\n\n*Constraints:* Minimum length is 1. Maximum length is 60.\n\n*Pattern:* `^[a-z0-9_.-]{1,60$` }", - "title": "EngineVersion", - "type": "string" - }, - "ImageId": { - "markdownDescription": "A value that indicates the ID of the AMI.", - "title": "ImageId", - "type": "string" - }, - "KMSKeyId": { - "markdownDescription": "The AWS KMS key identifier for an encrypted CEV. A symmetric encryption KMS key is required for RDS Custom, but optional for Amazon RDS.\n\nIf you have an existing symmetric encryption KMS key in your account, you can use it with RDS Custom. No further action is necessary. If you don't already have a symmetric encryption KMS key in your account, follow the instructions in [Creating a symmetric encryption KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/create-keys.html#create-symmetric-cmk) in the *AWS Key Management Service Developer Guide* .\n\nYou can choose the same symmetric encryption key when you create a CEV and a DB instance, or choose different keys.", - "title": "KMSKeyId", - "type": "string" - }, - "Manifest": { - "markdownDescription": "The CEV manifest, which is a JSON document that describes the installation .zip files stored in Amazon S3. Specify the name/value pairs in a file or a quoted string. RDS Custom applies the patches in the order in which they are listed.\n\nThe following JSON fields are valid:\n\n- **MediaImportTemplateVersion** - Version of the CEV manifest. The date is in the format `YYYY-MM-DD` .\n- **databaseInstallationFileNames** - Ordered list of installation files for the CEV.\n- **opatchFileNames** - Ordered list of OPatch installers used for the Oracle DB engine.\n- **psuRuPatchFileNames** - The PSU and RU patches for this CEV.\n- **OtherPatchFileNames** - The patches that are not in the list of PSU and RU patches. Amazon RDS applies these patches after applying the PSU and RU patches.\n\nFor more information, see [Creating the CEV manifest](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-cev.html#custom-cev.preparing.manifest) in the *Amazon RDS User Guide* .", - "title": "Manifest", - "type": "string" - }, - "SourceCustomDbEngineVersionIdentifier": { - "markdownDescription": "The ARN of a CEV to use as a source for creating a new CEV. You can specify a different Amazon Machine Imagine (AMI) by using either `Source` or `UseAwsProvidedLatestImage` . You can't specify a different JSON manifest when you specify `SourceCustomDbEngineVersionIdentifier` .", - "title": "SourceCustomDbEngineVersionIdentifier", - "type": "string" - }, - "Status": { - "markdownDescription": "A value that indicates the status of a custom engine version (CEV).", - "title": "Status", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of tags. For more information, see [Tagging Amazon RDS Resources](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) in the *Amazon RDS User Guide.*", - "title": "Tags", - "type": "array" - }, - "UseAwsProvidedLatestImage": { - "markdownDescription": "Specifies whether to use the latest service-provided Amazon Machine Image (AMI) for the CEV. If you specify `UseAwsProvidedLatestImage` , you can't also specify `ImageId` .", - "title": "UseAwsProvidedLatestImage", - "type": "boolean" - } + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", + "markdownDescription": "", + "title": "DefaultFilterControlConfiguration" + } + }, + "required": [ + "Column", + "Configuration" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ChartAxisLabelOptions": { + "additionalProperties": false, + "properties": { + "AxisLabelOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisLabelOptions" }, - "required": [ - "Engine", - "EngineVersion" - ], - "type": "object" + "markdownDescription": "The label options for a chart axis.", + "title": "AxisLabelOptions", + "type": "array" }, - "Type": { - "enum": [ - "AWS::RDS::CustomDBEngineVersion" - ], + "SortIconVisibility": { + "markdownDescription": "The visibility configuration of the sort icon on a chart's axis label.", + "title": "SortIconVisibility", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Visibility": { + "markdownDescription": "The visibility of an axis label on a chart. Choose one of the following options:\n\n- `VISIBLE` : Shows the axis.\n- `HIDDEN` : Hides the axis.", + "title": "Visibility", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::RDS::DBCluster": { + "AWS::QuickSight::Dashboard.ClusterMarker": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SimpleClusterMarker": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SimpleClusterMarker", + "markdownDescription": "The simple cluster marker of the cluster marker.", + "title": "SimpleClusterMarker" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ClusterMarkerConfiguration": { + "additionalProperties": false, + "properties": { + "ClusterMarker": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ClusterMarker", + "markdownDescription": "The cluster marker that is a part of the cluster marker configuration.", + "title": "ClusterMarker" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ColorScale": { + "additionalProperties": false, + "properties": { + "ColorFillType": { + "markdownDescription": "Determines the color fill type.", + "title": "ColorFillType", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AllocatedStorage": { - "markdownDescription": "The amount of storage in gibibytes (GiB) to allocate to each DB instance in the Multi-AZ DB cluster.\n\nValid for Cluster Type: Multi-AZ DB clusters only\n\nThis setting is required to create a Multi-AZ DB cluster.", - "title": "AllocatedStorage", - "type": "number" - }, - "AssociatedRoles": { - "items": { - "$ref": "#/definitions/AWS::RDS::DBCluster.DBClusterRole" - }, - "markdownDescription": "Provides a list of the AWS Identity and Access Management (IAM) roles that are associated with the DB cluster. IAM roles that are associated with a DB cluster grant permission for the DB cluster to access other Amazon Web Services on your behalf.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "AssociatedRoles", - "type": "array" - }, - "AutoMinorVersionUpgrade": { - "markdownDescription": "Specifies whether minor engine upgrades are applied automatically to the DB cluster during the maintenance window. By default, minor engine upgrades are applied automatically.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB cluster.\n\nFor more information about automatic minor version upgrades, see [Automatically upgrading the minor engine version](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Upgrading.html#USER_UpgradeDBInstance.Upgrading.AutoMinorVersionUpgrades) .", - "title": "AutoMinorVersionUpgrade", - "type": "boolean" - }, - "AvailabilityZones": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of Availability Zones (AZs) where instances in the DB cluster can be created. For information on AWS Regions and Availability Zones, see [Choosing the Regions and Availability Zones](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.RegionsAndAvailabilityZones.html) in the *Amazon Aurora User Guide* .\n\nValid for: Aurora DB clusters only", - "title": "AvailabilityZones", - "type": "array" - }, - "BacktrackWindow": { - "markdownDescription": "The target backtrack window, in seconds. To disable backtracking, set this value to `0` .\n\nValid for Cluster Type: Aurora MySQL DB clusters only\n\nDefault: `0`\n\nConstraints:\n\n- If specified, this value must be set to a number from 0 to 259,200 (72 hours).", - "title": "BacktrackWindow", - "type": "number" - }, - "BackupRetentionPeriod": { - "markdownDescription": "The number of days for which automated backups are retained.\n\nDefault: 1\n\nConstraints:\n\n- Must be a value from 1 to 35\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "BackupRetentionPeriod", - "type": "number" - }, - "CopyTagsToSnapshot": { - "markdownDescription": "A value that indicates whether to copy all tags from the DB cluster to snapshots of the DB cluster. The default is not to copy them.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "CopyTagsToSnapshot", - "type": "boolean" - }, - "DBClusterIdentifier": { - "markdownDescription": "The DB cluster identifier. This parameter is stored as a lowercase string.\n\nConstraints:\n\n- Must contain from 1 to 63 letters, numbers, or hyphens.\n- First character must be a letter.\n- Can't end with a hyphen or contain two consecutive hyphens.\n\nExample: `my-cluster1`\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "DBClusterIdentifier", - "type": "string" - }, - "DBClusterInstanceClass": { - "markdownDescription": "The compute and memory capacity of each DB instance in the Multi-AZ DB cluster, for example `db.m6gd.xlarge` . Not all DB instance classes are available in all AWS Regions , or for all database engines.\n\nFor the full list of DB instance classes and availability for your engine, see [DB instance class](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html) in the *Amazon RDS User Guide* .\n\nThis setting is required to create a Multi-AZ DB cluster.\n\nValid for Cluster Type: Multi-AZ DB clusters only", - "title": "DBClusterInstanceClass", - "type": "string" - }, - "DBClusterParameterGroupName": { - "markdownDescription": "The name of the DB cluster parameter group to associate with this DB cluster.\n\n> If you apply a parameter group to an existing DB cluster, then its DB instances might need to reboot. This can result in an outage while the DB instances are rebooting.\n> \n> If you apply a change to parameter group associated with a stopped DB cluster, then the update stack waits until the DB cluster is started. \n\nTo list all of the available DB cluster parameter group names, use the following command:\n\n`aws rds describe-db-cluster-parameter-groups --query \"DBClusterParameterGroups[].DBClusterParameterGroupName\" --output text`\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "DBClusterParameterGroupName", - "type": "string" - }, - "DBInstanceParameterGroupName": { - "markdownDescription": "The name of the DB parameter group to apply to all instances of the DB cluster.\n\n> When you apply a parameter group using the `DBInstanceParameterGroupName` parameter, the DB cluster isn't rebooted automatically. Also, parameter changes are applied immediately rather than during the next maintenance window. \n\nValid for Cluster Type: Aurora DB clusters only\n\nDefault: The existing name setting\n\nConstraints:\n\n- The DB parameter group must be in the same DB parameter group family as this DB cluster.\n- The `DBInstanceParameterGroupName` parameter is valid in combination with the `AllowMajorVersionUpgrade` parameter for a major version upgrade only.", - "title": "DBInstanceParameterGroupName", - "type": "string" - }, - "DBSubnetGroupName": { - "markdownDescription": "A DB subnet group that you want to associate with this DB cluster.\n\nIf you are restoring a DB cluster to a point in time with `RestoreType` set to `copy-on-write` , and don't specify a DB subnet group name, then the DB cluster is restored with a default DB subnet group.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "DBSubnetGroupName", - "type": "string" - }, - "DBSystemId": { - "markdownDescription": "Reserved for future use.", - "title": "DBSystemId", - "type": "string" - }, - "DatabaseName": { - "markdownDescription": "The name of your database. If you don't provide a name, then Amazon RDS won't create a database in this DB cluster. For naming constraints, see [Naming Constraints](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/CHAP_Limits.html#RDS_Limits.Constraints) in the *Amazon Aurora User Guide* .\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "DatabaseName", - "type": "string" - }, - "DeletionProtection": { - "markdownDescription": "A value that indicates whether the DB cluster has deletion protection enabled. The database can't be deleted when deletion protection is enabled. By default, deletion protection is disabled.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "DeletionProtection", - "type": "boolean" - }, - "Domain": { - "markdownDescription": "Indicates the directory ID of the Active Directory to create the DB cluster.\n\nFor Amazon Aurora DB clusters, Amazon RDS can use Kerberos authentication to authenticate users that connect to the DB cluster.\n\nFor more information, see [Kerberos authentication](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/kerberos-authentication.html) in the *Amazon Aurora User Guide* .\n\nValid for: Aurora DB clusters only", - "title": "Domain", - "type": "string" - }, - "DomainIAMRoleName": { - "markdownDescription": "Specifies the name of the IAM role to use when making API calls to the Directory Service.\n\nValid for: Aurora DB clusters only", - "title": "DomainIAMRoleName", - "type": "string" - }, - "EnableCloudwatchLogsExports": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of log types that need to be enabled for exporting to CloudWatch Logs. The values in the list depend on the DB engine being used. For more information, see [Publishing Database Logs to Amazon CloudWatch Logs](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_LogAccess.html#USER_LogAccess.Procedural.UploadtoCloudWatch) in the *Amazon Aurora User Guide* .\n\n*Aurora MySQL*\n\nValid values: `audit` , `error` , `general` , `slowquery`\n\n*Aurora PostgreSQL*\n\nValid values: `postgresql`\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "EnableCloudwatchLogsExports", - "type": "array" - }, - "EnableGlobalWriteForwarding": { - "markdownDescription": "Specifies whether to enable this DB cluster to forward write operations to the primary cluster of a global cluster (Aurora global database). By default, write operations are not allowed on Aurora DB clusters that are secondary clusters in an Aurora global database.\n\nYou can set this value only on Aurora DB clusters that are members of an Aurora global database. With this parameter enabled, a secondary cluster can forward writes to the current primary cluster, and the resulting changes are replicated back to this cluster. For the primary DB cluster of an Aurora global database, this value is used immediately if the primary is demoted by a global cluster API operation, but it does nothing until then.\n\nValid for Cluster Type: Aurora DB clusters only", - "title": "EnableGlobalWriteForwarding", - "type": "boolean" - }, - "EnableHttpEndpoint": { - "markdownDescription": "Specifies whether to enable the HTTP endpoint for the DB cluster. By default, the HTTP endpoint isn't enabled.\n\nWhen enabled, the HTTP endpoint provides a connectionless web service API (RDS Data API) for running SQL queries on the DB cluster. You can also query your database from inside the RDS console with the RDS query editor.\n\nFor more information, see [Using RDS Data API](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/data-api.html) in the *Amazon Aurora User Guide* .\n\nValid for Cluster Type: Aurora DB clusters only", - "title": "EnableHttpEndpoint", - "type": "boolean" - }, - "EnableIAMDatabaseAuthentication": { - "markdownDescription": "A value that indicates whether to enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts. By default, mapping is disabled.\n\nFor more information, see [IAM Database Authentication](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.IAMDBAuth.html) in the *Amazon Aurora User Guide.*\n\nValid for: Aurora DB clusters only", - "title": "EnableIAMDatabaseAuthentication", - "type": "boolean" - }, - "Engine": { - "markdownDescription": "The name of the database engine to be used for this DB cluster.\n\nValid Values:\n\n- `aurora-mysql`\n- `aurora-postgresql`\n- `mysql`\n- `postgres`\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "Engine", - "type": "string" - }, - "EngineMode": { - "markdownDescription": "The DB engine mode of the DB cluster, either `provisioned` or `serverless` .\n\nThe `serverless` engine mode only applies for Aurora Serverless v1 DB clusters. Aurora Serverless v2 DB clusters use the `provisioned` engine mode.\n\nFor information about limitations and requirements for Serverless DB clusters, see the following sections in the *Amazon Aurora User Guide* :\n\n- [Limitations of Aurora Serverless v1](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.html#aurora-serverless.limitations)\n- [Requirements for Aurora Serverless v2](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless-v2.requirements.html)\n\nValid for Cluster Type: Aurora DB clusters only", - "title": "EngineMode", - "type": "string" - }, - "EngineVersion": { - "markdownDescription": "The version number of the database engine to use.\n\nTo list all of the available engine versions for Aurora MySQL version 2 (5.7-compatible) and version 3 (8.0-compatible), use the following command:\n\n`aws rds describe-db-engine-versions --engine aurora-mysql --query \"DBEngineVersions[].EngineVersion\"`\n\nYou can supply either `5.7` or `8.0` to use the default engine version for Aurora MySQL version 2 or version 3, respectively.\n\nTo list all of the available engine versions for Aurora PostgreSQL, use the following command:\n\n`aws rds describe-db-engine-versions --engine aurora-postgresql --query \"DBEngineVersions[].EngineVersion\"`\n\nTo list all of the available engine versions for RDS for MySQL, use the following command:\n\n`aws rds describe-db-engine-versions --engine mysql --query \"DBEngineVersions[].EngineVersion\"`\n\nTo list all of the available engine versions for RDS for PostgreSQL, use the following command:\n\n`aws rds describe-db-engine-versions --engine postgres --query \"DBEngineVersions[].EngineVersion\"`\n\n*Aurora MySQL*\n\nFor information, see [Database engine updates for Amazon Aurora MySQL](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraMySQL.Updates.html) in the *Amazon Aurora User Guide* .\n\n*Aurora PostgreSQL*\n\nFor information, see [Amazon Aurora PostgreSQL releases and engine versions](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraPostgreSQL.Updates.20180305.html) in the *Amazon Aurora User Guide* .\n\n*MySQL*\n\nFor information, see [Amazon RDS for MySQL](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MySQL.html#MySQL.Concepts.VersionMgmt) in the *Amazon RDS User Guide* .\n\n*PostgreSQL*\n\nFor information, see [Amazon RDS for PostgreSQL](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_PostgreSQL.html#PostgreSQL.Concepts) in the *Amazon RDS User Guide* .\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "EngineVersion", - "type": "string" - }, - "GlobalClusterIdentifier": { - "markdownDescription": "If you are configuring an Aurora global database cluster and want your Aurora DB cluster to be a secondary member in the global database cluster, specify the global cluster ID of the global database cluster. To define the primary database cluster of the global cluster, use the [AWS::RDS::GlobalCluster](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-globalcluster.html) resource.\n\nIf you aren't configuring a global database cluster, don't specify this property.\n\n> To remove the DB cluster from a global database cluster, specify an empty value for the `GlobalClusterIdentifier` property. \n\nFor information about Aurora global databases, see [Working with Amazon Aurora Global Databases](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database.html) in the *Amazon Aurora User Guide* .\n\nValid for: Aurora DB clusters only", - "title": "GlobalClusterIdentifier", - "type": "string" - }, - "Iops": { - "markdownDescription": "The amount of Provisioned IOPS (input/output operations per second) to be initially allocated for each DB instance in the Multi-AZ DB cluster.\n\nFor information about valid IOPS values, see [Provisioned IOPS storage](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#USER_PIOPS) in the *Amazon RDS User Guide* .\n\nThis setting is required to create a Multi-AZ DB cluster.\n\nValid for Cluster Type: Multi-AZ DB clusters only\n\nConstraints:\n\n- Must be a multiple between .5 and 50 of the storage amount for the DB cluster.", - "title": "Iops", - "type": "number" - }, - "KmsKeyId": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key that is used to encrypt the database instances in the DB cluster, such as `arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef` . If you enable the `StorageEncrypted` property but don't specify this property, the default KMS key is used. If you specify this property, you must set the `StorageEncrypted` property to `true` .\n\nIf you specify the `SnapshotIdentifier` property, the `StorageEncrypted` property value is inherited from the snapshot, and if the DB cluster is encrypted, the specified `KmsKeyId` property is used.\n\nIf you create a read replica of an encrypted DB cluster in another AWS Region, make sure to set `KmsKeyId` to a KMS key identifier that is valid in the destination AWS Region. This KMS key is used to encrypt the read replica in that AWS Region.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "KmsKeyId", - "type": "string" - }, - "ManageMasterUserPassword": { - "markdownDescription": "Specifies whether to manage the master user password with AWS Secrets Manager.\n\nFor more information, see [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide* and [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html) in the *Amazon Aurora User Guide.*\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n\nConstraints:\n\n- Can't manage the master user password with AWS Secrets Manager if `MasterUserPassword` is specified.", - "title": "ManageMasterUserPassword", - "type": "boolean" - }, - "MasterUserPassword": { - "markdownDescription": "The master password for the DB instance.\n\n> If you specify the `SourceDBClusterIdentifier` , `SnapshotIdentifier` , or `GlobalClusterIdentifier` property, don't specify this property. The value is inherited from the source DB cluster, the snapshot, or the primary DB cluster for the global database cluster, respectively. \n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "MasterUserPassword", - "type": "string" - }, - "MasterUserSecret": { - "$ref": "#/definitions/AWS::RDS::DBCluster.MasterUserSecret", - "markdownDescription": "The secret managed by RDS in AWS Secrets Manager for the master user password.\n\n> When you restore a DB cluster from a snapshot, Amazon RDS generates a new secret instead of reusing the secret specified in the `SecretArn` property. This ensures that the restored DB cluster is securely managed with a dedicated secret. To maintain consistent integration with your application, you might need to update resource configurations to reference the newly created secret. \n\nFor more information, see [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide* and [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html) in the *Amazon Aurora User Guide.*", - "title": "MasterUserSecret" - }, - "MasterUsername": { - "markdownDescription": "The name of the master user for the DB cluster.\n\n> If you specify the `SourceDBClusterIdentifier` , `SnapshotIdentifier` , or `GlobalClusterIdentifier` property, don't specify this property. The value is inherited from the source DB cluster, the snapshot, or the primary DB cluster for the global database cluster, respectively. \n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "MasterUsername", - "type": "string" - }, - "MonitoringInterval": { - "markdownDescription": "The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB cluster. To turn off collecting Enhanced Monitoring metrics, specify `0` .\n\nIf `MonitoringRoleArn` is specified, also set `MonitoringInterval` to a value other than `0` .\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n\nValid Values: `0 | 1 | 5 | 10 | 15 | 30 | 60`\n\nDefault: `0`", - "title": "MonitoringInterval", - "type": "number" - }, - "MonitoringRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the IAM role that permits RDS to send Enhanced Monitoring metrics to Amazon CloudWatch Logs. An example is `arn:aws:iam:123456789012:role/emaccess` . For information on creating a monitoring role, see [Setting up and enabling Enhanced Monitoring](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.OS.html#USER_Monitoring.OS.Enabling) in the *Amazon RDS User Guide* .\n\nIf `MonitoringInterval` is set to a value other than `0` , supply a `MonitoringRoleArn` value.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters", - "title": "MonitoringRoleArn", - "type": "string" - }, - "NetworkType": { - "markdownDescription": "The network type of the DB cluster.\n\nValid values:\n\n- `IPV4`\n- `DUAL`\n\nThe network type is determined by the `DBSubnetGroup` specified for the DB cluster. A `DBSubnetGroup` can support only the IPv4 protocol or the IPv4 and IPv6 protocols ( `DUAL` ).\n\nFor more information, see [Working with a DB instance in a VPC](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_VPC.WorkingWithRDSInstanceinaVPC.html) in the *Amazon Aurora User Guide.*\n\nValid for: Aurora DB clusters only", - "title": "NetworkType", - "type": "string" - }, - "PerformanceInsightsEnabled": { - "markdownDescription": "Specifies whether to turn on Performance Insights for the DB cluster.\n\nFor more information, see [Using Amazon Performance Insights](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.html) in the *Amazon RDS User Guide* .\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters", - "title": "PerformanceInsightsEnabled", - "type": "boolean" - }, - "PerformanceInsightsKmsKeyId": { - "markdownDescription": "The AWS KMS key identifier for encryption of Performance Insights data.\n\nThe AWS KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.\n\nIf you don't specify a value for `PerformanceInsightsKMSKeyId` , then Amazon RDS uses your default KMS key. There is a default KMS key for your AWS account . Your AWS account has a different default KMS key for each AWS Region .\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters", - "title": "PerformanceInsightsKmsKeyId", - "type": "string" - }, - "PerformanceInsightsRetentionPeriod": { - "markdownDescription": "The number of days to retain Performance Insights data. When creating a DB cluster without enabling Performance Insights, you can't specify the parameter `PerformanceInsightsRetentionPeriod` .\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n\nValid Values:\n\n- `7`\n- *month* * 31, where *month* is a number of months from 1-23. Examples: `93` (3 months * 31), `341` (11 months * 31), `589` (19 months * 31)\n- `731`\n\nDefault: `7` days\n\nIf you specify a retention period that isn't valid, such as `94` , Amazon RDS issues an error.", - "title": "PerformanceInsightsRetentionPeriod", - "type": "number" - }, - "Port": { - "markdownDescription": "The port number on which the DB instances in the DB cluster accept connections.\n\nDefault:\n\n- When `EngineMode` is `provisioned` , `3306` (for both Aurora MySQL and Aurora PostgreSQL)\n- When `EngineMode` is `serverless` :\n\n- `3306` when `Engine` is `aurora` or `aurora-mysql`\n- `5432` when `Engine` is `aurora-postgresql`\n\n> The `No interruption` on update behavior only applies to DB clusters. If you are updating a DB instance, see [Port](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-port) for the AWS::RDS::DBInstance resource. \n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "Port", - "type": "number" - }, - "PreferredBackupWindow": { - "markdownDescription": "The daily time range during which automated backups are created. For more information, see [Backup Window](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Managing.Backups.html#Aurora.Managing.Backups.BackupWindow) in the *Amazon Aurora User Guide.*\n\nConstraints:\n\n- Must be in the format `hh24:mi-hh24:mi` .\n- Must be in Universal Coordinated Time (UTC).\n- Must not conflict with the preferred maintenance window.\n- Must be at least 30 minutes.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "PreferredBackupWindow", - "type": "string" - }, - "PreferredMaintenanceWindow": { - "markdownDescription": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n\nFormat: `ddd:hh24:mi-ddd:hh24:mi`\n\nThe default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region, occurring on a random day of the week. To see the time blocks available, see [Maintaining an Amazon Aurora DB cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_UpgradeDBInstance.Maintenance.html#AdjustingTheMaintenanceWindow.Aurora) in the *Amazon Aurora User Guide.*\n\nValid Days: Mon, Tue, Wed, Thu, Fri, Sat, Sun.\n\nConstraints: Minimum 30-minute window.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "PreferredMaintenanceWindow", - "type": "string" - }, - "PubliclyAccessible": { - "markdownDescription": "Specifies whether the DB cluster is publicly accessible.\n\nWhen the DB cluster is publicly accessible and you connect from outside of the DB cluster's virtual private cloud (VPC), its Domain Name System (DNS) endpoint resolves to the public IP address. When you connect from within the same VPC as the DB cluster, the endpoint resolves to the private IP address. Access to the DB cluster is ultimately controlled by the security group it uses. That public access isn't permitted if the security group assigned to the DB cluster doesn't permit it.\n\nWhen the DB cluster isn't publicly accessible, it is an internal DB cluster with a DNS name that resolves to a private IP address.\n\nValid for Cluster Type: Multi-AZ DB clusters only\n\nDefault: The default behavior varies depending on whether `DBSubnetGroupName` is specified.\n\nIf `DBSubnetGroupName` isn't specified, and `PubliclyAccessible` isn't specified, the following applies:\n\n- If the default VPC in the target Region doesn\u2019t have an internet gateway attached to it, the DB cluster is private.\n- If the default VPC in the target Region has an internet gateway attached to it, the DB cluster is public.\n\nIf `DBSubnetGroupName` is specified, and `PubliclyAccessible` isn't specified, the following applies:\n\n- If the subnets are part of a VPC that doesn\u2019t have an internet gateway attached to it, the DB cluster is private.\n- If the subnets are part of a VPC that has an internet gateway attached to it, the DB cluster is public.", - "title": "PubliclyAccessible", - "type": "boolean" - }, - "ReplicationSourceIdentifier": { - "markdownDescription": "The Amazon Resource Name (ARN) of the source DB instance or DB cluster if this DB cluster is created as a read replica.\n\nValid for: Aurora DB clusters only", - "title": "ReplicationSourceIdentifier", - "type": "string" - }, - "RestoreToTime": { - "markdownDescription": "The date and time to restore the DB cluster to.\n\nValid Values: Value must be a time in Universal Coordinated Time (UTC) format\n\nConstraints:\n\n- Must be before the latest restorable time for the DB instance\n- Must be specified if `UseLatestRestorableTime` parameter isn't provided\n- Can't be specified if the `UseLatestRestorableTime` parameter is enabled\n- Can't be specified if the `RestoreType` parameter is `copy-on-write`\n\nThis property must be used with `SourceDBClusterIdentifier` property. The resulting cluster will have the identifier that matches the value of the `DBclusterIdentifier` property.\n\nExample: `2015-03-07T23:45:00Z`\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "RestoreToTime", - "type": "string" - }, - "RestoreType": { - "markdownDescription": "The type of restore to be performed. You can specify one of the following values:\n\n- `full-copy` - The new DB cluster is restored as a full copy of the source DB cluster.\n- `copy-on-write` - The new DB cluster is restored as a clone of the source DB cluster.\n\nIf you don't specify a `RestoreType` value, then the new DB cluster is restored as a full copy of the source DB cluster.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "RestoreType", - "type": "string" - }, - "ScalingConfiguration": { - "$ref": "#/definitions/AWS::RDS::DBCluster.ScalingConfiguration", - "markdownDescription": "The scaling configuration of an Aurora Serverless v1 DB cluster.\n\nThis property is only supported for Aurora Serverless v1. For Aurora Serverless v2, Use the `ServerlessV2ScalingConfiguration` property.\n\nValid for: Aurora Serverless v1 DB clusters only", - "title": "ScalingConfiguration" - }, - "ServerlessV2ScalingConfiguration": { - "$ref": "#/definitions/AWS::RDS::DBCluster.ServerlessV2ScalingConfiguration", - "markdownDescription": "The scaling configuration of an Aurora Serverless V2 DB cluster.\n\nThis property is only supported for Aurora Serverless v2. For Aurora Serverless v1, Use the `ScalingConfiguration` property.\n\nValid for: Aurora Serverless v2 DB clusters only", - "title": "ServerlessV2ScalingConfiguration" - }, - "SnapshotIdentifier": { - "markdownDescription": "The identifier for the DB snapshot or DB cluster snapshot to restore from.\n\nYou can use either the name or the Amazon Resource Name (ARN) to specify a DB cluster snapshot. However, you can use only the ARN to specify a DB snapshot.\n\nAfter you restore a DB cluster with a `SnapshotIdentifier` property, you must specify the same `SnapshotIdentifier` property for any future updates to the DB cluster. When you specify this property for an update, the DB cluster is not restored from the snapshot again, and the data in the database is not changed. However, if you don't specify the `SnapshotIdentifier` property, an empty DB cluster is created, and the original DB cluster is deleted. If you specify a property that is different from the previous snapshot restore property, a new DB cluster is restored from the specified `SnapshotIdentifier` property, and the original DB cluster is deleted.\n\nIf you specify the `SnapshotIdentifier` property to restore a DB cluster (as opposed to specifying it for DB cluster updates), then don't specify the following properties:\n\n- `GlobalClusterIdentifier`\n- `MasterUsername`\n- `MasterUserPassword`\n- `ReplicationSourceIdentifier`\n- `RestoreType`\n- `SourceDBClusterIdentifier`\n- `SourceRegion`\n- `StorageEncrypted` (for an encrypted snapshot)\n- `UseLatestRestorableTime`\n\nConstraints:\n\n- Must match the identifier of an existing Snapshot.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "SnapshotIdentifier", - "type": "string" - }, - "SourceDBClusterIdentifier": { - "markdownDescription": "When restoring a DB cluster to a point in time, the identifier of the source DB cluster from which to restore.\n\nConstraints:\n\n- Must match the identifier of an existing DBCluster.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "SourceDBClusterIdentifier", - "type": "string" - }, - "SourceRegion": { - "markdownDescription": "The AWS Region which contains the source DB cluster when replicating a DB cluster. For example, `us-east-1` .\n\nValid for: Aurora DB clusters only", - "title": "SourceRegion", - "type": "string" - }, - "StorageEncrypted": { - "markdownDescription": "Indicates whether the DB cluster is encrypted.\n\nIf you specify the `KmsKeyId` property, then you must enable encryption.\n\nIf you specify the `SourceDBClusterIdentifier` property, don't specify this property. The value is inherited from the source DB cluster, and if the DB cluster is encrypted, the specified `KmsKeyId` property is used.\n\nIf you specify the `SnapshotIdentifier` and the specified snapshot is encrypted, don't specify this property. The value is inherited from the snapshot, and the specified `KmsKeyId` property is used.\n\nIf you specify the `SnapshotIdentifier` and the specified snapshot isn't encrypted, you can use this property to specify that the restored DB cluster is encrypted. Specify the `KmsKeyId` property for the KMS key to use for encryption. If you don't want the restored DB cluster to be encrypted, then don't set this property or set it to `false` .\n\n> If you specify both the `StorageEncrypted` and `SnapshotIdentifier` properties without specifying the `KmsKeyId` property, then the restored DB cluster inherits the encryption settings from the DB snapshot that provide. \n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "StorageEncrypted", - "type": "boolean" - }, - "StorageType": { - "markdownDescription": "The storage type to associate with the DB cluster.\n\nFor information on storage types for Aurora DB clusters, see [Storage configurations for Amazon Aurora DB clusters](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Overview.StorageReliability.html#aurora-storage-type) . For information on storage types for Multi-AZ DB clusters, see [Settings for creating Multi-AZ DB clusters](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/create-multi-az-db-cluster.html#create-multi-az-db-cluster-settings) .\n\nThis setting is required to create a Multi-AZ DB cluster.\n\nWhen specified for a Multi-AZ DB cluster, a value for the `Iops` parameter is required.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n\nValid Values:\n\n- Aurora DB clusters - `aurora | aurora-iopt1`\n- Multi-AZ DB clusters - `io1 | io2 | gp3`\n\nDefault:\n\n- Aurora DB clusters - `aurora`\n- Multi-AZ DB clusters - `io1`\n\n> When you create an Aurora DB cluster with the storage type set to `aurora-iopt1` , the storage type is returned in the response. The storage type isn't returned when you set it to `aurora` .", - "title": "StorageType", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Tags to assign to the DB cluster.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters", - "title": "Tags", - "type": "array" - }, - "UseLatestRestorableTime": { - "markdownDescription": "A value that indicates whether to restore the DB cluster to the latest restorable backup time. By default, the DB cluster is not restored to the latest restorable backup time.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "UseLatestRestorableTime", - "type": "boolean" - }, - "VpcSecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of EC2 VPC security groups to associate with this DB cluster.\n\nIf you plan to update the resource, don't specify VPC security groups in a shared VPC.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "VpcSecurityGroupIds", - "type": "array" - } + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataColor" }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::RDS::DBCluster" - ], - "type": "string" + "markdownDescription": "Determines the list of colors that are applied to the visual.", + "title": "Colors", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "NullValueColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataColor", + "markdownDescription": "Determines the color that is applied to null values.", + "title": "NullValueColor" } }, "required": [ - "Type" + "ColorFillType", + "Colors" ], "type": "object" }, - "AWS::RDS::DBCluster.DBClusterRole": { + "AWS::QuickSight::Dashboard.ColorsConfiguration": { "additionalProperties": false, "properties": { - "FeatureName": { - "markdownDescription": "The name of the feature associated with the AWS Identity and Access Management (IAM) role. IAM roles that are associated with a DB cluster grant permission for the DB cluster to access other AWS services on your behalf. For the list of supported feature names, see the `SupportedFeatureNames` description in [DBEngineVersion](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DBEngineVersion.html) in the *Amazon RDS API Reference* .", - "title": "FeatureName", - "type": "string" + "CustomColors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomColor" + }, + "markdownDescription": "A list of up to 50 custom colors.", + "title": "CustomColors", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ColumnConfiguration": { + "additionalProperties": false, + "properties": { + "ColorsConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColorsConfiguration", + "markdownDescription": "The color configurations of the column.", + "title": "ColorsConfiguration" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that is associated with the DB cluster.", - "title": "RoleArn", + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column.", + "title": "Column" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FormatConfiguration", + "markdownDescription": "The format configuration of a column.", + "title": "FormatConfiguration" + }, + "Role": { + "markdownDescription": "The role of the column.", + "title": "Role", "type": "string" } }, "required": [ - "RoleArn" + "Column" ], "type": "object" }, - "AWS::RDS::DBCluster.Endpoint": { + "AWS::QuickSight::Dashboard.ColumnHierarchy": { "additionalProperties": false, "properties": { - "Address": { - "markdownDescription": "Specifies the connection endpoint for the primary instance of the DB cluster.", - "title": "Address", - "type": "string" + "DateTimeHierarchy": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeHierarchy", + "markdownDescription": "The option that determines the hierarchy of any `DateTime` fields.", + "title": "DateTimeHierarchy" }, - "Port": { - "markdownDescription": "Specifies the port that the database engine is listening on.", - "title": "Port", - "type": "string" + "ExplicitHierarchy": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ExplicitHierarchy", + "markdownDescription": "The option that determines the hierarchy of the fields that are built within a visual's field wells. These fields can't be duplicated to other visuals.", + "title": "ExplicitHierarchy" + }, + "PredefinedHierarchy": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PredefinedHierarchy", + "markdownDescription": "The option that determines the hierarchy of the fields that are defined during data preparation. These fields are available to use in any analysis that uses the data source.", + "title": "PredefinedHierarchy" } }, "type": "object" }, - "AWS::RDS::DBCluster.MasterUserSecret": { + "AWS::QuickSight::Dashboard.ColumnIdentifier": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "The AWS KMS key identifier that is used to encrypt the secret.", - "title": "KmsKeyId", + "ColumnName": { + "markdownDescription": "The name of the column.", + "title": "ColumnName", "type": "string" }, - "SecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the secret. This parameter is a return value that you can retrieve using the `Fn::GetAtt` intrinsic function. For more information, see [Return values](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#aws-resource-rds-dbcluster-return-values) .", - "title": "SecretArn", + "DataSetIdentifier": { + "markdownDescription": "The data set that the column belongs to.", + "title": "DataSetIdentifier", "type": "string" } }, + "required": [ + "ColumnName", + "DataSetIdentifier" + ], "type": "object" }, - "AWS::RDS::DBCluster.ReadEndpoint": { + "AWS::QuickSight::Dashboard.ColumnSort": { "additionalProperties": false, "properties": { - "Address": { - "markdownDescription": "The host address of the reader endpoint.", - "title": "Address", + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationFunction", + "markdownDescription": "The aggregation function that is defined in the column sort.", + "title": "AggregationFunction" + }, + "Direction": { + "markdownDescription": "The sort direction.", + "title": "Direction", "type": "string" + }, + "SortBy": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "", + "title": "SortBy" } }, + "required": [ + "Direction", + "SortBy" + ], "type": "object" }, - "AWS::RDS::DBCluster.ScalingConfiguration": { + "AWS::QuickSight::Dashboard.ColumnTooltipItem": { "additionalProperties": false, "properties": { - "AutoPause": { - "markdownDescription": "Indicates whether to allow or disallow automatic pause for an Aurora DB cluster in `serverless` DB engine mode. A DB cluster can be paused only when it's idle (it has no connections).\n\n> If a DB cluster is paused for more than seven days, the DB cluster might be backed up with a snapshot. In this case, the DB cluster is restored when there is a request to connect to it.", - "title": "AutoPause", - "type": "boolean" - }, - "MaxCapacity": { - "markdownDescription": "The maximum capacity for an Aurora DB cluster in `serverless` DB engine mode.\n\nFor Aurora MySQL, valid capacity values are `1` , `2` , `4` , `8` , `16` , `32` , `64` , `128` , and `256` .\n\nFor Aurora PostgreSQL, valid capacity values are `2` , `4` , `8` , `16` , `32` , `64` , `192` , and `384` .\n\nThe maximum capacity must be greater than or equal to the minimum capacity.", - "title": "MaxCapacity", - "type": "number" + "Aggregation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationFunction", + "markdownDescription": "The aggregation function of the column tooltip item.", + "title": "Aggregation" }, - "MinCapacity": { - "markdownDescription": "The minimum capacity for an Aurora DB cluster in `serverless` DB engine mode.\n\nFor Aurora MySQL, valid capacity values are `1` , `2` , `4` , `8` , `16` , `32` , `64` , `128` , and `256` .\n\nFor Aurora PostgreSQL, valid capacity values are `2` , `4` , `8` , `16` , `32` , `64` , `192` , and `384` .\n\nThe minimum capacity must be less than or equal to the maximum capacity.", - "title": "MinCapacity", - "type": "number" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The target column of the tooltip item.", + "title": "Column" }, - "SecondsBeforeTimeout": { - "markdownDescription": "The amount of time, in seconds, that Aurora Serverless v1 tries to find a scaling point to perform seamless scaling before enforcing the timeout action. The default is 300.\n\nSpecify a value between 60 and 600 seconds.", - "title": "SecondsBeforeTimeout", - "type": "number" + "Label": { + "markdownDescription": "The label of the tooltip item.", + "title": "Label", + "type": "string" }, - "SecondsUntilAutoPause": { - "markdownDescription": "The time, in seconds, before an Aurora DB cluster in `serverless` mode is paused.\n\nSpecify a value between 300 and 86,400 seconds.", - "title": "SecondsUntilAutoPause", - "type": "number" + "TooltipTarget": { + "markdownDescription": "Determines the target of the column tooltip item in a combo chart visual.", + "title": "TooltipTarget", + "type": "string" }, - "TimeoutAction": { - "markdownDescription": "The action to take when the timeout is reached, either `ForceApplyCapacityChange` or `RollbackCapacityChange` .\n\n`ForceApplyCapacityChange` sets the capacity to the specified value as soon as possible.\n\n`RollbackCapacityChange` , the default, ignores the capacity change if a scaling point isn't found in the timeout period.\n\n> If you specify `ForceApplyCapacityChange` , connections that prevent Aurora Serverless v1 from finding a scaling point might be dropped. \n\nFor more information, see [Autoscaling for Aurora Serverless v1](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.how-it-works.html#aurora-serverless.how-it-works.auto-scaling) in the *Amazon Aurora User Guide* .", - "title": "TimeoutAction", + "Visibility": { + "markdownDescription": "The visibility of the tooltip item.", + "title": "Visibility", "type": "string" } }, + "required": [ + "Column" + ], "type": "object" }, - "AWS::RDS::DBCluster.ServerlessV2ScalingConfiguration": { + "AWS::QuickSight::Dashboard.ComboChartAggregatedFieldWells": { "additionalProperties": false, "properties": { - "MaxCapacity": { - "markdownDescription": "The maximum number of Aurora capacity units (ACUs) for a DB instance in an Aurora Serverless v2 cluster. You can specify ACU values in half-step increments, such as 40, 40.5, 41, and so on. The largest value that you can use is 128.\n\nThe maximum capacity must be higher than 0.5 ACUs. For more information, see [Choosing the maximum Aurora Serverless v2 capacity setting for a cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless-v2.setting-capacity.html#aurora-serverless-v2.max_capacity_considerations) in the *Amazon Aurora User Guide* .\n\nAurora automatically sets certain parameters for Aurora Serverless V2 DB instances to values that depend on the maximum ACU value in the capacity range. When you update the maximum capacity value, the `ParameterApplyStatus` value for the DB instance changes to `pending-reboot` . You can update the parameter values by rebooting the DB instance after changing the capacity range.", - "title": "MaxCapacity", - "type": "number" + "BarValues": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The aggregated `BarValues` field well of a combo chart.", + "title": "BarValues", + "type": "array" }, - "MinCapacity": { - "markdownDescription": "The minimum number of Aurora capacity units (ACUs) for a DB instance in an Aurora Serverless v2 cluster. You can specify ACU values in half-step increments, such as 8, 8.5, 9, and so on. For Aurora versions that support the Aurora Serverless v2 auto-pause feature, the smallest value that you can use is 0. For versions that don't support Aurora Serverless v2 auto-pause, the smallest value that you can use is 0.5.", - "title": "MinCapacity", - "type": "number" + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The aggregated category field wells of a combo chart.", + "title": "Category", + "type": "array" + }, + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The aggregated colors field well of a combo chart.", + "title": "Colors", + "type": "array" + }, + "LineValues": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The aggregated `LineValues` field well of a combo chart.", + "title": "LineValues", + "type": "array" } }, "type": "object" }, - "AWS::RDS::DBClusterParameterGroup": { + "AWS::QuickSight::Dashboard.ComboChartConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "BarDataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.\n\nThe data label options for a bar in a combo chart.", + "title": "BarDataLabels" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "BarsArrangement": { + "markdownDescription": "Determines the bar arrangement in a combo chart. The following are valid values in this structure:\n\n- `CLUSTERED` : For clustered bar combo charts.\n- `STACKED` : For stacked bar combo charts.\n- `STACKED_PERCENT` : Do not use. If you use this value, the operation returns a validation error.", + "title": "BarsArrangement", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "CategoryAxis": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The category axis of a combo chart.", + "title": "CategoryAxis" }, - "Metadata": { - "type": "object" + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart category (group/color) field well.", + "title": "CategoryLabelOptions" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DBClusterParameterGroupName": { - "markdownDescription": "The name of the DB cluster parameter group.\n\nConstraints:\n\n- Must not match the name of an existing DB cluster parameter group.\n\n> This value is stored as a lowercase string.", - "title": "DBClusterParameterGroupName", - "type": "string" - }, - "Description": { - "markdownDescription": "The description for the DB cluster parameter group.", - "title": "Description", - "type": "string" - }, - "Family": { - "markdownDescription": "The DB cluster parameter group family name. A DB cluster parameter group can be associated with one and only one DB cluster parameter group family, and can be applied only to a DB cluster running a database engine and engine version compatible with that DB cluster parameter group family.\n\n*Aurora MySQL*\n\nExample: `aurora-mysql5.7` , `aurora-mysql8.0`\n\n*Aurora PostgreSQL*\n\nExample: `aurora-postgresql14`\n\n*RDS for MySQL*\n\nExample: `mysql8.0`\n\n*RDS for PostgreSQL*\n\nExample: `postgres13`\n\nTo list all of the available parameter group families for a DB engine, use the following command:\n\n`aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine `\n\nFor example, to list all of the available parameter group families for the Aurora PostgreSQL DB engine, use the following command:\n\n`aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine aurora-postgresql`\n\n> The output contains duplicates. \n\nThe following are the valid DB engine values:\n\n- `aurora-mysql`\n- `aurora-postgresql`\n- `mysql`\n- `postgres`", - "title": "Family", - "type": "string" - }, - "Parameters": { - "markdownDescription": "Provides a list of parameters for the DB cluster parameter group.", - "title": "Parameters", - "type": "object" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Tags to assign to the DB cluster parameter group.", - "title": "Tags", - "type": "array" - } + "ColorLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's color field well.", + "title": "ColorLabelOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComboChartFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "LineDataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.\n\nThe data label options for a line in a combo chart.", + "title": "LineDataLabels" + }, + "PrimaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, and axis step) of a combo chart's primary y-axis (bar) field well.", + "title": "PrimaryYAxisDisplayOptions" + }, + "PrimaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's primary y-axis (bar) field well.", + "title": "PrimaryYAxisLabelOptions" + }, + "ReferenceLines": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLine" }, - "required": [ - "Description", - "Family", - "Parameters" - ], - "type": "object" + "markdownDescription": "The reference line setup of the visual.", + "title": "ReferenceLines", + "type": "array" }, - "Type": { - "enum": [ - "AWS::RDS::DBClusterParameterGroup" - ], - "type": "string" + "SecondaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) of a combo chart's secondary y-axis (line) field well.", + "title": "SecondaryYAxisDisplayOptions" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "SecondaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's secondary y-axis(line) field well.", + "title": "SecondaryYAxisLabelOptions" + }, + "SingleAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SingleAxisOptions", + "markdownDescription": "", + "title": "SingleAxisOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComboChartSortConfiguration", + "markdownDescription": "The sort configuration of a `ComboChartVisual` .", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Tooltip" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::RDS::DBInstance": { + "AWS::QuickSight::Dashboard.ComboChartFieldWells": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "ComboChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComboChartAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a combo chart. Combo charts only have aggregated field wells. Columns in a combo chart are aggregated by category.", + "title": "ComboChartAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ComboChartSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The item limit configuration for the category field well of a combo chart.", + "title": "CategoryItemsLimit" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the category field well in a combo chart.", + "title": "CategorySort", + "type": "array" }, - "Metadata": { - "type": "object" + "ColorItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The item limit configuration of the color field well in a combo chart.", + "title": "ColorItemsLimit" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AllocatedStorage": { - "markdownDescription": "The amount of storage in gibibytes (GiB) to be initially allocated for the database instance.\n\n> If any value is set in the `Iops` parameter, `AllocatedStorage` must be at least 100 GiB, which corresponds to the minimum Iops value of 1,000. If you increase the `Iops` value (in 1,000 IOPS increments), then you must also increase the `AllocatedStorage` value (in 100-GiB increments). \n\n*Amazon Aurora*\n\nNot applicable. Aurora cluster volumes automatically grow as the amount of data in your database increases, though you are only charged for the space that you use in an Aurora cluster volume.\n\n*Db2*\n\nConstraints to the amount of storage for each storage type are the following:\n\n- General Purpose (SSD) storage (gp3): Must be an integer from 20 to 64000.\n- Provisioned IOPS storage (io1): Must be an integer from 100 to 64000.\n\n*MySQL*\n\nConstraints to the amount of storage for each storage type are the following:\n\n- General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.\n- Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.\n- Magnetic storage (standard): Must be an integer from 5 to 3072.\n\n*MariaDB*\n\nConstraints to the amount of storage for each storage type are the following:\n\n- General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.\n- Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.\n- Magnetic storage (standard): Must be an integer from 5 to 3072.\n\n*PostgreSQL*\n\nConstraints to the amount of storage for each storage type are the following:\n\n- General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.\n- Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.\n- Magnetic storage (standard): Must be an integer from 5 to 3072.\n\n*Oracle*\n\nConstraints to the amount of storage for each storage type are the following:\n\n- General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.\n- Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.\n- Magnetic storage (standard): Must be an integer from 10 to 3072.\n\n*SQL Server*\n\nConstraints to the amount of storage for each storage type are the following:\n\n- General Purpose (SSD) storage (gp2):\n\n- Enterprise and Standard editions: Must be an integer from 20 to 16384.\n- Web and Express editions: Must be an integer from 20 to 16384.\n- Provisioned IOPS storage (io1):\n\n- Enterprise and Standard editions: Must be an integer from 20 to 16384.\n- Web and Express editions: Must be an integer from 20 to 16384.\n- Magnetic storage (standard):\n\n- Enterprise and Standard editions: Must be an integer from 20 to 1024.\n- Web and Express editions: Must be an integer from 20 to 1024.", - "title": "AllocatedStorage", - "type": "string" - }, - "AllowMajorVersionUpgrade": { - "markdownDescription": "A value that indicates whether major version upgrades are allowed. Changing this parameter doesn't result in an outage and the change is asynchronously applied as soon as possible.\n\nConstraints: Major version upgrades must be allowed when specifying a value for the `EngineVersion` parameter that is a different major version than the DB instance's current version.", - "title": "AllowMajorVersionUpgrade", - "type": "boolean" - }, - "AssociatedRoles": { - "items": { - "$ref": "#/definitions/AWS::RDS::DBInstance.DBInstanceRole" - }, - "markdownDescription": "The AWS Identity and Access Management (IAM) roles associated with the DB instance.\n\n*Amazon Aurora*\n\nNot applicable. The associated roles are managed by the DB cluster.", - "title": "AssociatedRoles", - "type": "array" - }, - "AutoMinorVersionUpgrade": { - "markdownDescription": "A value that indicates whether minor engine upgrades are applied automatically to the DB instance during the maintenance window. By default, minor engine upgrades are applied automatically.", - "title": "AutoMinorVersionUpgrade", - "type": "boolean" - }, - "AutomaticBackupReplicationKmsKeyId": { - "markdownDescription": "The AWS KMS key identifier for encryption of the replicated automated backups. The KMS key ID is the Amazon Resource Name (ARN) for the KMS encryption key in the destination AWS Region , for example, `arn:aws:kms:us-east-1:123456789012:key/AKIAIOSFODNN7EXAMPLE` .", - "title": "AutomaticBackupReplicationKmsKeyId", - "type": "string" - }, - "AutomaticBackupReplicationRegion": { - "markdownDescription": "The AWS Region associated with the automated backup.", - "title": "AutomaticBackupReplicationRegion", - "type": "string" - }, - "AvailabilityZone": { - "markdownDescription": "The Availability Zone (AZ) where the database will be created. For information on AWS Regions and Availability Zones, see [Regions and Availability Zones](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html) .\n\nFor Amazon Aurora, each Aurora DB cluster hosts copies of its storage in three separate Availability Zones. Specify one of these Availability Zones. Aurora automatically chooses an appropriate Availability Zone if you don't specify one.\n\nDefault: A random, system-chosen Availability Zone in the endpoint's AWS Region .\n\nConstraints:\n\n- The `AvailabilityZone` parameter can't be specified if the DB instance is a Multi-AZ deployment.\n- The specified Availability Zone must be in the same AWS Region as the current endpoint.\n\nExample: `us-east-1d`", - "title": "AvailabilityZone", - "type": "string" - }, - "BackupRetentionPeriod": { - "markdownDescription": "The number of days for which automated backups are retained. Setting this parameter to a positive number enables backups. Setting this parameter to 0 disables automated backups.\n\n*Amazon Aurora*\n\nNot applicable. The retention period for automated backups is managed by the DB cluster.\n\nDefault: 1\n\nConstraints:\n\n- Must be a value from 0 to 35\n- Can't be set to 0 if the DB instance is a source to read replicas", - "title": "BackupRetentionPeriod", - "type": "number" - }, - "CACertificateIdentifier": { - "markdownDescription": "The identifier of the CA certificate for this DB instance.\n\nFor more information, see [Using SSL/TLS to encrypt a connection to a DB instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html) in the *Amazon RDS User Guide* and [Using SSL/TLS to encrypt a connection to a DB cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL.html) in the *Amazon Aurora User Guide* .", - "title": "CACertificateIdentifier", - "type": "string" - }, - "CertificateDetails": { - "$ref": "#/definitions/AWS::RDS::DBInstance.CertificateDetails" - }, - "CertificateRotationRestart": { - "markdownDescription": "Specifies whether the DB instance is restarted when you rotate your SSL/TLS certificate.\n\nBy default, the DB instance is restarted when you rotate your SSL/TLS certificate. The certificate is not updated until the DB instance is restarted.\n\n> Set this parameter only if you are *not* using SSL/TLS to connect to the DB instance. \n\nIf you are using SSL/TLS to connect to the DB instance, follow the appropriate instructions for your DB engine to rotate your SSL/TLS certificate:\n\n- For more information about rotating your SSL/TLS certificate for RDS DB engines, see [Rotating Your SSL/TLS Certificate.](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL-certificate-rotation.html) in the *Amazon RDS User Guide.*\n- For more information about rotating your SSL/TLS certificate for Aurora DB engines, see [Rotating Your SSL/TLS Certificate](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL-certificate-rotation.html) in the *Amazon Aurora User Guide* .\n\nThis setting doesn't apply to RDS Custom DB instances.", - "title": "CertificateRotationRestart", - "type": "boolean" - }, - "CharacterSetName": { - "markdownDescription": "For supported engines, indicates that the DB instance should be associated with the specified character set.\n\n*Amazon Aurora*\n\nNot applicable. The character set is managed by the DB cluster. For more information, see [AWS::RDS::DBCluster](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html) .", - "title": "CharacterSetName", - "type": "string" - }, - "CopyTagsToSnapshot": { - "markdownDescription": "Specifies whether to copy tags from the DB instance to snapshots of the DB instance. By default, tags are not copied.\n\nThis setting doesn't apply to Amazon Aurora DB instances. Copying tags to snapshots is managed by the DB cluster. Setting this value for an Aurora DB instance has no effect on the DB cluster setting.", - "title": "CopyTagsToSnapshot", - "type": "boolean" - }, - "CustomIAMInstanceProfile": { - "markdownDescription": "The instance profile associated with the underlying Amazon EC2 instance of an RDS Custom DB instance.\n\nThis setting is required for RDS Custom.\n\nConstraints:\n\n- The profile must exist in your account.\n- The profile must have an IAM role that Amazon EC2 has permissions to assume.\n- The instance profile name and the associated IAM role name must start with the prefix `AWSRDSCustom` .\n\nFor the list of permissions required for the IAM role, see [Configure IAM and your VPC](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-setup-orcl.html#custom-setup-orcl.iam-vpc) in the *Amazon RDS User Guide* .", - "title": "CustomIAMInstanceProfile", - "type": "string" - }, - "DBClusterIdentifier": { - "markdownDescription": "The identifier of the DB cluster that this DB instance will belong to.\n\nThis setting doesn't apply to RDS Custom DB instances.", - "title": "DBClusterIdentifier", - "type": "string" - }, - "DBClusterSnapshotIdentifier": { - "markdownDescription": "The identifier for the Multi-AZ DB cluster snapshot to restore from.\n\nFor more information on Multi-AZ DB clusters, see [Multi-AZ DB cluster deployments](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) in the *Amazon RDS User Guide* .\n\nConstraints:\n\n- Must match the identifier of an existing Multi-AZ DB cluster snapshot.\n- Can't be specified when `DBSnapshotIdentifier` is specified.\n- Must be specified when `DBSnapshotIdentifier` isn't specified.\n- If you are restoring from a shared manual Multi-AZ DB cluster snapshot, the `DBClusterSnapshotIdentifier` must be the ARN of the shared snapshot.\n- Can't be the identifier of an Aurora DB cluster snapshot.", - "title": "DBClusterSnapshotIdentifier", - "type": "string" - }, - "DBInstanceClass": { - "markdownDescription": "The compute and memory capacity of the DB instance, for example `db.m5.large` . Not all DB instance classes are available in all AWS Regions , or for all database engines. For the full list of DB instance classes, and availability for your engine, see [DB instance classes](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html) in the *Amazon RDS User Guide* or [Aurora DB instance classes](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.DBInstanceClass.html) in the *Amazon Aurora User Guide* .", - "title": "DBInstanceClass", - "type": "string" - }, - "DBInstanceIdentifier": { - "markdownDescription": "A name for the DB instance. If you specify a name, AWS CloudFormation converts it to lowercase. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the DB instance. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nFor information about constraints that apply to DB instance identifiers, see [Naming constraints in Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints) in the *Amazon RDS User Guide* .\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "DBInstanceIdentifier", - "type": "string" - }, - "DBName": { - "markdownDescription": "The meaning of this parameter differs according to the database engine you use.\n\n> If you specify the `[DBSnapshotIdentifier](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-dbsnapshotidentifier)` property, this property only applies to RDS for Oracle. \n\n*Amazon Aurora*\n\nNot applicable. The database name is managed by the DB cluster.\n\n*Db2*\n\nThe name of the database to create when the DB instance is created. If this parameter isn't specified, no database is created in the DB instance.\n\nConstraints:\n\n- Must contain 1 to 64 letters or numbers.\n- Must begin with a letter. Subsequent characters can be letters, underscores, or digits (0-9).\n- Can't be a word reserved by the specified database engine.\n\n*MySQL*\n\nThe name of the database to create when the DB instance is created. If this parameter is not specified, no database is created in the DB instance.\n\nConstraints:\n\n- Must contain 1 to 64 letters or numbers.\n- Can't be a word reserved by the specified database engine\n\n*MariaDB*\n\nThe name of the database to create when the DB instance is created. If this parameter is not specified, no database is created in the DB instance.\n\nConstraints:\n\n- Must contain 1 to 64 letters or numbers.\n- Can't be a word reserved by the specified database engine\n\n*PostgreSQL*\n\nThe name of the database to create when the DB instance is created. If this parameter is not specified, the default `postgres` database is created in the DB instance.\n\nConstraints:\n\n- Must begin with a letter. Subsequent characters can be letters, underscores, or digits (0-9).\n- Must contain 1 to 63 characters.\n- Can't be a word reserved by the specified database engine\n\n*Oracle*\n\nThe Oracle System ID (SID) of the created DB instance. If you specify `null` , the default value `ORCL` is used. You can't specify the string NULL, or any other reserved word, for `DBName` .\n\nDefault: `ORCL`\n\nConstraints:\n\n- Can't be longer than 8 characters\n\n*SQL Server*\n\nNot applicable. Must be null.", - "title": "DBName", - "type": "string" - }, - "DBParameterGroupName": { - "markdownDescription": "The name of an existing DB parameter group or a reference to an [AWS::RDS::DBParameterGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-dbparametergroup.html) resource created in the template.\n\nTo list all of the available DB parameter group names, use the following command:\n\n`aws rds describe-db-parameter-groups --query \"DBParameterGroups[].DBParameterGroupName\" --output text`\n\n> If any of the data members of the referenced parameter group are changed during an update, the DB instance might need to be restarted, which causes some interruption. If the parameter group contains static parameters, whether they were changed or not, an update triggers a reboot. \n\nIf you don't specify a value for `DBParameterGroupName` property, the default DB parameter group for the specified engine and engine version is used.", - "title": "DBParameterGroupName", - "type": "string" - }, - "DBSecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the DB security groups to assign to the DB instance. The list can include both the name of existing DB security groups or references to AWS::RDS::DBSecurityGroup resources created in the template.\n\nIf you set DBSecurityGroups, you must not set VPCSecurityGroups, and vice versa. Also, note that the DBSecurityGroups property exists only for backwards compatibility with older regions and is no longer recommended for providing security information to an RDS DB instance. Instead, use VPCSecurityGroups.\n\n> If you specify this property, AWS CloudFormation sends only the following properties (if specified) to Amazon RDS during create operations:\n> \n> - `AllocatedStorage`\n> - `AutoMinorVersionUpgrade`\n> - `AvailabilityZone`\n> - `BackupRetentionPeriod`\n> - `CharacterSetName`\n> - `DBInstanceClass`\n> - `DBName`\n> - `DBParameterGroupName`\n> - `DBSecurityGroups`\n> - `DBSubnetGroupName`\n> - `Engine`\n> - `EngineVersion`\n> - `Iops`\n> - `LicenseModel`\n> - `MasterUsername`\n> - `MasterUserPassword`\n> - `MultiAZ`\n> - `OptionGroupName`\n> - `PreferredBackupWindow`\n> - `PreferredMaintenanceWindow`\n> \n> All other properties are ignored. Specify a virtual private cloud (VPC) security group if you want to submit other properties, such as `StorageType` , `StorageEncrypted` , or `KmsKeyId` . If you're already using the `DBSecurityGroups` property, you can't use these other properties by updating your DB instance to use a VPC security group. You must recreate the DB instance.", - "title": "DBSecurityGroups", - "type": "array" - }, - "DBSnapshotIdentifier": { - "markdownDescription": "The name or Amazon Resource Name (ARN) of the DB snapshot that's used to restore the DB instance. If you're restoring from a shared manual DB snapshot, you must specify the ARN of the snapshot.\n\nBy specifying this property, you can create a DB instance from the specified DB snapshot. If the `DBSnapshotIdentifier` property is an empty string or the `AWS::RDS::DBInstance` declaration has no `DBSnapshotIdentifier` property, AWS CloudFormation creates a new database. If the property contains a value (other than an empty string), AWS CloudFormation creates a database from the specified snapshot. If a snapshot with the specified name doesn't exist, AWS CloudFormation can't create the database and it rolls back the stack.\n\nSome DB instance properties aren't valid when you restore from a snapshot, such as the `MasterUsername` and `MasterUserPassword` properties, and the point-in-time recovery properties `RestoreTime` and `UseLatestRestorableTime` . For information about the properties that you can specify, see the [`RestoreDBInstanceFromDBSnapshot`](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_RestoreDBInstanceFromDBSnapshot.html) action in the *Amazon RDS API Reference* .\n\nAfter you restore a DB instance with a `DBSnapshotIdentifier` property, you must specify the same `DBSnapshotIdentifier` property for any future updates to the DB instance. When you specify this property for an update, the DB instance is not restored from the DB snapshot again, and the data in the database is not changed. However, if you don't specify the `DBSnapshotIdentifier` property, an empty DB instance is created, and the original DB instance is deleted. If you specify a property that is different from the previous snapshot restore property, a new DB instance is restored from the specified `DBSnapshotIdentifier` property, and the original DB instance is deleted.\n\nIf you specify the `DBSnapshotIdentifier` property to restore a DB instance (as opposed to specifying it for DB instance updates), then don't specify the following properties:\n\n- `CharacterSetName`\n- `DBClusterIdentifier`\n- `DBName`\n- `KmsKeyId`\n- `MasterUsername`\n- `MasterUserPassword`\n- `PromotionTier`\n- `SourceDBInstanceIdentifier`\n- `SourceRegion`\n- `StorageEncrypted` (for an unencrypted snapshot)\n- `Timezone`\n\n*Amazon Aurora*\n\nNot applicable. Snapshot restore is managed by the DB cluster.", - "title": "DBSnapshotIdentifier", - "type": "string" - }, - "DBSubnetGroupName": { - "markdownDescription": "A DB subnet group to associate with the DB instance. If you update this value, the new subnet group must be a subnet group in a new VPC.\n\nIf you don't specify a DB subnet group, RDS uses the default DB subnet group if one exists. If a default DB subnet group does not exist, and you don't specify a `DBSubnetGroupName` , the DB instance fails to launch.\n\nFor more information about using Amazon RDS in a VPC, see [Amazon VPC and Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.html) in the *Amazon RDS User Guide* .\n\nThis setting doesn't apply to Amazon Aurora DB instances. The DB subnet group is managed by the DB cluster. If specified, the setting must match the DB cluster setting.", - "title": "DBSubnetGroupName", - "type": "string" - }, - "DedicatedLogVolume": { - "markdownDescription": "Indicates whether the DB instance has a dedicated log volume (DLV) enabled.", - "title": "DedicatedLogVolume", - "type": "boolean" - }, - "DeleteAutomatedBackups": { - "markdownDescription": "A value that indicates whether to remove automated backups immediately after the DB instance is deleted. This parameter isn't case-sensitive. The default is to remove automated backups immediately after the DB instance is deleted.\n\n*Amazon Aurora*\n\nNot applicable. When you delete a DB cluster, all automated backups for that DB cluster are deleted and can't be recovered. Manual DB cluster snapshots of the DB cluster are not deleted.", - "title": "DeleteAutomatedBackups", - "type": "boolean" - }, - "DeletionProtection": { - "markdownDescription": "Specifies whether the DB instance has deletion protection enabled. The database can't be deleted when deletion protection is enabled. By default, deletion protection isn't enabled. For more information, see [Deleting a DB Instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_DeleteInstance.html) .\n\nThis setting doesn't apply to Amazon Aurora DB instances. You can enable or disable deletion protection for the DB cluster. For more information, see `CreateDBCluster` . DB instances in a DB cluster can be deleted even when deletion protection is enabled for the DB cluster.", - "title": "DeletionProtection", - "type": "boolean" - }, - "Domain": { - "markdownDescription": "The Active Directory directory ID to create the DB instance in. Currently, only Db2, MySQL, Microsoft SQL Server, Oracle, and PostgreSQL DB instances can be created in an Active Directory Domain.\n\nFor more information, see [Kerberos Authentication](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/kerberos-authentication.html) in the *Amazon RDS User Guide* .", - "title": "Domain", - "type": "string" - }, - "DomainAuthSecretArn": { - "markdownDescription": "The ARN for the Secrets Manager secret with the credentials for the user joining the domain.\n\nExample: `arn:aws:secretsmanager:region:account-number:secret:myselfmanagedADtestsecret-123456`", - "title": "DomainAuthSecretArn", - "type": "string" - }, - "DomainDnsIps": { - "items": { - "type": "string" - }, - "markdownDescription": "The IPv4 DNS IP addresses of your primary and secondary Active Directory domain controllers.\n\nConstraints:\n\n- Two IP addresses must be provided. If there isn't a secondary domain controller, use the IP address of the primary domain controller for both entries in the list.\n\nExample: `123.124.125.126,234.235.236.237`", - "title": "DomainDnsIps", - "type": "array" - }, - "DomainFqdn": { - "markdownDescription": "The fully qualified domain name (FQDN) of an Active Directory domain.\n\nConstraints:\n\n- Can't be longer than 64 characters.\n\nExample: `mymanagedADtest.mymanagedAD.mydomain`", - "title": "DomainFqdn", - "type": "string" - }, - "DomainIAMRoleName": { - "markdownDescription": "The name of the IAM role to use when making API calls to the Directory Service.\n\nThis setting doesn't apply to the following DB instances:\n\n- Amazon Aurora (The domain is managed by the DB cluster.)\n- RDS Custom", - "title": "DomainIAMRoleName", - "type": "string" - }, - "DomainOu": { - "markdownDescription": "The Active Directory organizational unit for your DB instance to join.\n\nConstraints:\n\n- Must be in the distinguished name format.\n- Can't be longer than 64 characters.\n\nExample: `OU=mymanagedADtestOU,DC=mymanagedADtest,DC=mymanagedAD,DC=mydomain`", - "title": "DomainOu", - "type": "string" - }, - "EnableCloudwatchLogsExports": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of log types that need to be enabled for exporting to CloudWatch Logs. The values in the list depend on the DB engine being used. For more information, see [Publishing Database Logs to Amazon CloudWatch Logs](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_LogAccess.html#USER_LogAccess.Procedural.UploadtoCloudWatch) in the *Amazon Relational Database Service User Guide* .\n\n*Amazon Aurora*\n\nNot applicable. CloudWatch Logs exports are managed by the DB cluster.\n\n*Db2*\n\nValid values: `diag.log` , `notify.log`\n\n*MariaDB*\n\nValid values: `audit` , `error` , `general` , `slowquery`\n\n*Microsoft SQL Server*\n\nValid values: `agent` , `error`\n\n*MySQL*\n\nValid values: `audit` , `error` , `general` , `slowquery`\n\n*Oracle*\n\nValid values: `alert` , `audit` , `listener` , `trace` , `oemagent`\n\n*PostgreSQL*\n\nValid values: `postgresql` , `upgrade`", - "title": "EnableCloudwatchLogsExports", - "type": "array" - }, - "EnableIAMDatabaseAuthentication": { - "markdownDescription": "A value that indicates whether to enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts. By default, mapping is disabled.\n\nThis property is supported for RDS for MariaDB, RDS for MySQL, and RDS for PostgreSQL. For more information, see [IAM Database Authentication for MariaDB, MySQL, and PostgreSQL](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAMDBAuth.html) in the *Amazon RDS User Guide.*\n\n*Amazon Aurora*\n\nNot applicable. Mapping AWS IAM accounts to database accounts is managed by the DB cluster.", - "title": "EnableIAMDatabaseAuthentication", - "type": "boolean" - }, - "EnablePerformanceInsights": { - "markdownDescription": "Specifies whether to enable Performance Insights for the DB instance. For more information, see [Using Amazon Performance Insights](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.html) in the *Amazon RDS User Guide* .\n\nThis setting doesn't apply to RDS Custom DB instances.", - "title": "EnablePerformanceInsights", - "type": "boolean" - }, - "Endpoint": { - "$ref": "#/definitions/AWS::RDS::DBInstance.Endpoint" - }, - "Engine": { - "markdownDescription": "The name of the database engine to use for this DB instance. Not every database engine is available in every AWS Region.\n\nThis property is required when creating a DB instance.\n\n> You can convert an Oracle database from the non-CDB architecture to the container database (CDB) architecture by updating the `Engine` value in your templates from `oracle-ee` to `oracle-ee-cdb` or from `oracle-se2` to `oracle-se2-cdb` . Converting to the CDB architecture requires an interruption. \n\nValid Values:\n\n- `aurora-mysql` (for Aurora MySQL DB instances)\n- `aurora-postgresql` (for Aurora PostgreSQL DB instances)\n- `custom-oracle-ee` (for RDS Custom for Oracle DB instances)\n- `custom-oracle-ee-cdb` (for RDS Custom for Oracle DB instances)\n- `custom-sqlserver-ee` (for RDS Custom for SQL Server DB instances)\n- `custom-sqlserver-se` (for RDS Custom for SQL Server DB instances)\n- `custom-sqlserver-web` (for RDS Custom for SQL Server DB instances)\n- `db2-ae`\n- `db2-se`\n- `mariadb`\n- `mysql`\n- `oracle-ee`\n- `oracle-ee-cdb`\n- `oracle-se2`\n- `oracle-se2-cdb`\n- `postgres`\n- `sqlserver-ee`\n- `sqlserver-se`\n- `sqlserver-ex`\n- `sqlserver-web`", - "title": "Engine", - "type": "string" - }, - "EngineVersion": { - "markdownDescription": "The version number of the database engine to use.\n\nFor a list of valid engine versions, use the `DescribeDBEngineVersions` action.\n\nThe following are the database engines and links to information about the major and minor versions that are available with Amazon RDS. Not every database engine is available for every AWS Region.\n\n*Amazon Aurora*\n\nNot applicable. The version number of the database engine to be used by the DB instance is managed by the DB cluster.\n\n*Db2*\n\nSee [Amazon RDS for Db2](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Db2.html#Db2.Concepts.VersionMgmt) in the *Amazon RDS User Guide.*\n\n*MariaDB*\n\nSee [MariaDB on Amazon RDS Versions](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MariaDB.html#MariaDB.Concepts.VersionMgmt) in the *Amazon RDS User Guide.*\n\n*Microsoft SQL Server*\n\nSee [Microsoft SQL Server Versions on Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.VersionSupport) in the *Amazon RDS User Guide.*\n\n*MySQL*\n\nSee [MySQL on Amazon RDS Versions](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MySQL.html#MySQL.Concepts.VersionMgmt) in the *Amazon RDS User Guide.*\n\n*Oracle*\n\nSee [Oracle Database Engine Release Notes](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.Oracle.PatchComposition.html) in the *Amazon RDS User Guide.*\n\n*PostgreSQL*\n\nSee [Supported PostgreSQL Database Versions](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_PostgreSQL.html#PostgreSQL.Concepts.General.DBVersions) in the *Amazon RDS User Guide.*", - "title": "EngineVersion", - "type": "string" - }, - "Iops": { - "markdownDescription": "The number of I/O operations per second (IOPS) that the database provisions. The value must be equal to or greater than 1000.\n\nIf you specify this property, you must follow the range of allowed ratios of your requested IOPS rate to the amount of storage that you allocate (IOPS to allocated storage). For example, you can provision an Oracle database instance with 1000 IOPS and 200 GiB of storage (a ratio of 5:1), or specify 2000 IOPS with 200 GiB of storage (a ratio of 10:1). For more information, see [Amazon RDS Provisioned IOPS Storage to Improve Performance](https://docs.aws.amazon.com/AmazonRDS/latest/DeveloperGuide/CHAP_Storage.html#USER_PIOPS) in the *Amazon RDS User Guide* .\n\n> If you specify `io1` for the `StorageType` property, then you must also specify the `Iops` property. \n\nConstraints:\n\n- For RDS for Db2, MariaDB, MySQL, Oracle, and PostgreSQL - Must be a multiple between .5 and 50 of the storage amount for the DB instance.\n- For RDS for SQL Server - Must be a multiple between 1 and 50 of the storage amount for the DB instance.", - "title": "Iops", - "type": "number" - }, - "KmsKeyId": { - "markdownDescription": "The ARN of the AWS KMS key that's used to encrypt the DB instance, such as `arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef` . If you enable the StorageEncrypted property but don't specify this property, AWS CloudFormation uses the default KMS key. If you specify this property, you must set the StorageEncrypted property to true.\n\nIf you specify the `SourceDBInstanceIdentifier` or `SourceDbiResourceId` property, don't specify this property. The value is inherited from the source DB instance, and if the DB instance is encrypted, the specified `KmsKeyId` property is used. However, if the source DB instance is in a different AWS Region, you must specify a KMS key ID.\n\nIf you specify the `SourceDBInstanceAutomatedBackupsArn` property, don't specify this property. The value is inherited from the source DB instance automated backup, and if the automated backup is encrypted, the specified `KmsKeyId` property is used.\n\nIf you create an encrypted read replica in a different AWS Region, then you must specify a KMS key for the destination AWS Region. KMS encryption keys are specific to the region that they're created in, and you can't use encryption keys from one region in another region.\n\nIf you specify the `DBSnapshotIdentifier` property, don't specify this property. The `StorageEncrypted` property value is inherited from the snapshot. If the DB instance is encrypted, the specified `KmsKeyId` property is also inherited from the snapshot.\n\nIf you specify `DBSecurityGroups` , AWS CloudFormation ignores this property. To specify both a security group and this property, you must use a VPC security group. For more information about Amazon RDS and VPC, see [Using Amazon RDS with Amazon VPC](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.html) in the *Amazon RDS User Guide* .\n\n*Amazon Aurora*\n\nNot applicable. The KMS key identifier is managed by the DB cluster.", - "title": "KmsKeyId", - "type": "string" - }, - "LicenseModel": { - "markdownDescription": "License model information for this DB instance.\n\nValid Values:\n\n- Aurora MySQL - `general-public-license`\n- Aurora PostgreSQL - `postgresql-license`\n- RDS for Db2 - `bring-your-own-license` . For more information about RDS for Db2 licensing, see [](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/db2-licensing.html) in the *Amazon RDS User Guide.*\n- RDS for MariaDB - `general-public-license`\n- RDS for Microsoft SQL Server - `license-included`\n- RDS for MySQL - `general-public-license`\n- RDS for Oracle - `bring-your-own-license` or `license-included`\n- RDS for PostgreSQL - `postgresql-license`\n\n> If you've specified `DBSecurityGroups` and then you update the license model, AWS CloudFormation replaces the underlying DB instance. This will incur some interruptions to database availability.", - "title": "LicenseModel", - "type": "string" - }, - "ManageMasterUserPassword": { - "markdownDescription": "Specifies whether to manage the master user password with AWS Secrets Manager.\n\nFor more information, see [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide.*\n\nConstraints:\n\n- Can't manage the master user password with AWS Secrets Manager if `MasterUserPassword` is specified.", - "title": "ManageMasterUserPassword", - "type": "boolean" - }, - "MasterUserPassword": { - "markdownDescription": "The password for the master user. The password can include any printable ASCII character except \"/\", \"\"\", or \"@\".\n\n*Amazon Aurora*\n\nNot applicable. The password for the master user is managed by the DB cluster.\n\n*RDS for Db2*\n\nMust contain from 8 to 255 characters.\n\n*RDS for MariaDB*\n\nConstraints: Must contain from 8 to 41 characters.\n\n*RDS for Microsoft SQL Server*\n\nConstraints: Must contain from 8 to 128 characters.\n\n*RDS for MySQL*\n\nConstraints: Must contain from 8 to 41 characters.\n\n*RDS for Oracle*\n\nConstraints: Must contain from 8 to 30 characters.\n\n*RDS for PostgreSQL*\n\nConstraints: Must contain from 8 to 128 characters.", - "title": "MasterUserPassword", - "type": "string" - }, - "MasterUserSecret": { - "$ref": "#/definitions/AWS::RDS::DBInstance.MasterUserSecret", - "markdownDescription": "The secret managed by RDS in AWS Secrets Manager for the master user password.\n\nFor more information, see [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide.*", - "title": "MasterUserSecret" - }, - "MasterUsername": { - "markdownDescription": "The master user name for the DB instance.\n\n> If you specify the `SourceDBInstanceIdentifier` or `DBSnapshotIdentifier` property, don't specify this property. The value is inherited from the source DB instance or snapshot.\n> \n> When migrating a self-managed Db2 database, we recommend that you use the same master username as your self-managed Db2 instance name. \n\n*Amazon Aurora*\n\nNot applicable. The name for the master user is managed by the DB cluster.\n\n*RDS for Db2*\n\nConstraints:\n\n- Must be 1 to 16 letters or numbers.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.\n\n*RDS for MariaDB*\n\nConstraints:\n\n- Must be 1 to 16 letters or numbers.\n- Can't be a reserved word for the chosen database engine.\n\n*RDS for Microsoft SQL Server*\n\nConstraints:\n\n- Must be 1 to 128 letters or numbers.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.\n\n*RDS for MySQL*\n\nConstraints:\n\n- Must be 1 to 16 letters or numbers.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.\n\n*RDS for Oracle*\n\nConstraints:\n\n- Must be 1 to 30 letters or numbers.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.\n\n*RDS for PostgreSQL*\n\nConstraints:\n\n- Must be 1 to 63 letters or numbers.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.", - "title": "MasterUsername", - "type": "string" - }, - "MaxAllocatedStorage": { - "markdownDescription": "The upper limit in gibibytes (GiB) to which Amazon RDS can automatically scale the storage of the DB instance.\n\nFor more information about this setting, including limitations that apply to it, see [Managing capacity automatically with Amazon RDS storage autoscaling](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIOPS.StorageTypes.html#USER_PIOPS.Autoscaling) in the *Amazon RDS User Guide* .\n\nThis setting doesn't apply to the following DB instances:\n\n- Amazon Aurora (Storage is managed by the DB cluster.)\n- RDS Custom", - "title": "MaxAllocatedStorage", - "type": "number" - }, - "MonitoringInterval": { - "markdownDescription": "The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance. To disable collection of Enhanced Monitoring metrics, specify `0` .\n\nIf `MonitoringRoleArn` is specified, then you must set `MonitoringInterval` to a value other than `0` .\n\nThis setting doesn't apply to RDS Custom DB instances.\n\nValid Values: `0 | 1 | 5 | 10 | 15 | 30 | 60`\n\nDefault: `0`", - "title": "MonitoringInterval", - "type": "number" - }, - "MonitoringRoleArn": { - "markdownDescription": "The ARN for the IAM role that permits RDS to send enhanced monitoring metrics to Amazon CloudWatch Logs. For example, `arn:aws:iam:123456789012:role/emaccess` . For information on creating a monitoring role, see [Setting Up and Enabling Enhanced Monitoring](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.OS.html#USER_Monitoring.OS.Enabling) in the *Amazon RDS User Guide* .\n\nIf `MonitoringInterval` is set to a value other than `0` , then you must supply a `MonitoringRoleArn` value.\n\nThis setting doesn't apply to RDS Custom DB instances.", - "title": "MonitoringRoleArn", - "type": "string" - }, - "MultiAZ": { - "markdownDescription": "Specifies whether the DB instance is a Multi-AZ deployment. You can't set the `AvailabilityZone` parameter if the DB instance is a Multi-AZ deployment.\n\nThis setting doesn't apply to the following DB instances:\n\n- Amazon Aurora (DB instance Availability Zones (AZs) are managed by the DB cluster.)\n- RDS Custom", - "title": "MultiAZ", - "type": "boolean" - }, - "NcharCharacterSetName": { - "markdownDescription": "The name of the NCHAR character set for the Oracle DB instance.\n\nThis setting doesn't apply to RDS Custom DB instances.", - "title": "NcharCharacterSetName", - "type": "string" - }, - "NetworkType": { - "markdownDescription": "The network type of the DB instance.\n\nValid values:\n\n- `IPV4`\n- `DUAL`\n\nThe network type is determined by the `DBSubnetGroup` specified for the DB instance. A `DBSubnetGroup` can support only the IPv4 protocol or the IPv4 and IPv6 protocols ( `DUAL` ).\n\nFor more information, see [Working with a DB instance in a VPC](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.WorkingWithRDSInstanceinaVPC.html) in the *Amazon RDS User Guide.*", - "title": "NetworkType", - "type": "string" - }, - "OptionGroupName": { - "markdownDescription": "Indicates that the DB instance should be associated with the specified option group.\n\nPermanent options, such as the TDE option for Oracle Advanced Security TDE, can't be removed from an option group. Also, that option group can't be removed from a DB instance once it is associated with a DB instance.", - "title": "OptionGroupName", - "type": "string" - }, - "PerformanceInsightsKMSKeyId": { - "markdownDescription": "The AWS KMS key identifier for encryption of Performance Insights data.\n\nThe KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.\n\nIf you do not specify a value for `PerformanceInsightsKMSKeyId` , then Amazon RDS uses your default KMS key. There is a default KMS key for your AWS account. Your AWS account has a different default KMS key for each AWS Region.\n\nFor information about enabling Performance Insights, see [EnablePerformanceInsights](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-enableperformanceinsights) .", - "title": "PerformanceInsightsKMSKeyId", - "type": "string" - }, - "PerformanceInsightsRetentionPeriod": { - "markdownDescription": "The number of days to retain Performance Insights data. When creating a DB instance without enabling Performance Insights, you can't specify the parameter `PerformanceInsightsRetentionPeriod` .\n\nThis setting doesn't apply to RDS Custom DB instances.\n\nValid Values:\n\n- `7`\n- *month* * 31, where *month* is a number of months from 1-23. Examples: `93` (3 months * 31), `341` (11 months * 31), `589` (19 months * 31)\n- `731`\n\nDefault: `7` days\n\nIf you specify a retention period that isn't valid, such as `94` , Amazon RDS returns an error.", - "title": "PerformanceInsightsRetentionPeriod", - "type": "number" - }, - "Port": { - "markdownDescription": "The port number on which the database accepts connections.\n\nThis setting doesn't apply to Aurora DB instances. The port number is managed by the cluster.\n\nValid Values: `1150-65535`\n\nDefault:\n\n- RDS for Db2 - `50000`\n- RDS for MariaDB - `3306`\n- RDS for Microsoft SQL Server - `1433`\n- RDS for MySQL - `3306`\n- RDS for Oracle - `1521`\n- RDS for PostgreSQL - `5432`\n\nConstraints:\n\n- For RDS for Microsoft SQL Server, the value can't be `1234` , `1434` , `3260` , `3343` , `3389` , `47001` , or `49152-49156` .", - "title": "Port", - "type": "string" - }, - "PreferredBackupWindow": { - "markdownDescription": "The daily time range during which automated backups are created if automated backups are enabled, using the `BackupRetentionPeriod` parameter. For more information, see [Backup Window](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithAutomatedBackups.html#USER_WorkingWithAutomatedBackups.BackupWindow) in the *Amazon RDS User Guide.*\n\nConstraints:\n\n- Must be in the format `hh24:mi-hh24:mi` .\n- Must be in Universal Coordinated Time (UTC).\n- Must not conflict with the preferred maintenance window.\n- Must be at least 30 minutes.\n\n*Amazon Aurora*\n\nNot applicable. The daily time range for creating automated backups is managed by the DB cluster.", - "title": "PreferredBackupWindow", - "type": "string" - }, - "PreferredMaintenanceWindow": { - "markdownDescription": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n\nFormat: `ddd:hh24:mi-ddd:hh24:mi`\n\nThe default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region, occurring on a random day of the week. To see the time blocks available, see [Maintaining a DB instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Maintenance.html#AdjustingTheMaintenanceWindow) in the *Amazon RDS User Guide.*\n\n> This property applies when AWS CloudFormation initially creates the DB instance. If you use AWS CloudFormation to update the DB instance, those updates are applied immediately. \n\nConstraints: Minimum 30-minute window.", - "title": "PreferredMaintenanceWindow", - "type": "string" - }, - "ProcessorFeatures": { - "items": { - "$ref": "#/definitions/AWS::RDS::DBInstance.ProcessorFeature" - }, - "markdownDescription": "The number of CPU cores and the number of threads per core for the DB instance class of the DB instance.\n\nThis setting doesn't apply to Amazon Aurora or RDS Custom DB instances.", - "title": "ProcessorFeatures", - "type": "array" - }, - "PromotionTier": { - "markdownDescription": "The order of priority in which an Aurora Replica is promoted to the primary instance after a failure of the existing primary instance. For more information, see [Fault Tolerance for an Aurora DB Cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.AuroraHighAvailability.html#Aurora.Managing.FaultTolerance) in the *Amazon Aurora User Guide* .\n\nThis setting doesn't apply to RDS Custom DB instances.\n\nDefault: `1`\n\nValid Values: `0 - 15`", - "title": "PromotionTier", - "type": "number" - }, - "PubliclyAccessible": { - "markdownDescription": "Indicates whether the DB instance is an internet-facing instance. If you specify true, AWS CloudFormation creates an instance with a publicly resolvable DNS name, which resolves to a public IP address. If you specify false, AWS CloudFormation creates an internal instance with a DNS name that resolves to a private IP address.\n\nThe default behavior value depends on your VPC setup and the database subnet group. For more information, see the `PubliclyAccessible` parameter in the [CreateDBInstance](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html) in the *Amazon RDS API Reference* .", - "title": "PubliclyAccessible", - "type": "boolean" - }, - "ReplicaMode": { - "markdownDescription": "The open mode of an Oracle read replica. For more information, see [Working with Oracle Read Replicas for Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/oracle-read-replicas.html) in the *Amazon RDS User Guide* .\n\nThis setting is only supported in RDS for Oracle.\n\nDefault: `open-read-only`\n\nValid Values: `open-read-only` or `mounted`", - "title": "ReplicaMode", - "type": "string" - }, - "RestoreTime": { - "markdownDescription": "The date and time to restore from. This parameter applies to point-in-time recovery. For more information, see [Restoring a DB instance to a specified time](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIT.html) in the in the *Amazon RDS User Guide* .\n\nConstraints:\n\n- Must be a time in Universal Coordinated Time (UTC) format.\n- Must be before the latest restorable time for the DB instance.\n- Can't be specified if the `UseLatestRestorableTime` parameter is enabled.\n\nExample: `2009-09-07T23:45:00Z`", - "title": "RestoreTime", - "type": "string" - }, - "SourceDBClusterIdentifier": { - "markdownDescription": "The identifier of the Multi-AZ DB cluster that will act as the source for the read replica. Each DB cluster can have up to 15 read replicas.\n\nConstraints:\n\n- Must be the identifier of an existing Multi-AZ DB cluster.\n- Can't be specified if the `SourceDBInstanceIdentifier` parameter is also specified.\n- The specified DB cluster must have automatic backups enabled, that is, its backup retention period must be greater than 0.\n- The source DB cluster must be in the same AWS Region as the read replica. Cross-Region replication isn't supported.", - "title": "SourceDBClusterIdentifier", - "type": "string" - }, - "SourceDBInstanceAutomatedBackupsArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the replicated automated backups from which to restore, for example, `arn:aws:rds:us-east-1:123456789012:auto-backup:ab-L2IJCEXJP7XQ7HOJ4SIEXAMPLE` .\n\nThis setting doesn't apply to RDS Custom.", - "title": "SourceDBInstanceAutomatedBackupsArn", - "type": "string" - }, - "SourceDBInstanceIdentifier": { - "markdownDescription": "If you want to create a read replica DB instance, specify the ID of the source DB instance. Each DB instance can have a limited number of read replicas. For more information, see [Working with Read Replicas](https://docs.aws.amazon.com/AmazonRDS/latest/DeveloperGuide/USER_ReadRepl.html) in the *Amazon RDS User Guide* .\n\nFor information about constraints that apply to DB instance identifiers, see [Naming constraints in Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints) in the *Amazon RDS User Guide* .\n\nThe `SourceDBInstanceIdentifier` property determines whether a DB instance is a read replica. If you remove the `SourceDBInstanceIdentifier` property from your template and then update your stack, AWS CloudFormation promotes the read replica to a standalone DB instance.\n\nIf you specify the `UseLatestRestorableTime` or `RestoreTime` properties in conjunction with the `SourceDBInstanceIdentifier` property, RDS restores the DB instance to the requested point in time, thereby creating a new DB instance.\n\n> - If you specify a source DB instance that uses VPC security groups, we recommend that you specify the `VPCSecurityGroups` property. If you don't specify the property, the read replica inherits the value of the `VPCSecurityGroups` property from the source DB when you create the replica. However, if you update the stack, AWS CloudFormation reverts the replica's `VPCSecurityGroups` property to the default value because it's not defined in the stack's template. This change might cause unexpected issues.\n> - Read replicas don't support deletion policies. AWS CloudFormation ignores any deletion policy that's associated with a read replica.\n> - If you specify `SourceDBInstanceIdentifier` , don't specify the `DBSnapshotIdentifier` property. You can't create a read replica from a snapshot.\n> - Don't set the `BackupRetentionPeriod` , `DBName` , `MasterUsername` , `MasterUserPassword` , and `PreferredBackupWindow` properties. The database attributes are inherited from the source DB instance, and backups are disabled for read replicas.\n> - If the source DB instance is in a different region than the read replica, specify the source region in `SourceRegion` , and specify an ARN for a valid DB instance in `SourceDBInstanceIdentifier` . For more information, see [Constructing a Amazon RDS Amazon Resource Name (ARN)](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html#USER_Tagging.ARN) in the *Amazon RDS User Guide* .\n> - For DB instances in Amazon Aurora clusters, don't specify this property. Amazon RDS automatically assigns writer and reader DB instances.", - "title": "SourceDBInstanceIdentifier", - "type": "string" - }, - "SourceDbiResourceId": { - "markdownDescription": "The resource ID of the source DB instance from which to restore.", - "title": "SourceDbiResourceId", - "type": "string" - }, - "SourceRegion": { - "markdownDescription": "The ID of the region that contains the source DB instance for the read replica.", - "title": "SourceRegion", - "type": "string" - }, - "StorageEncrypted": { - "markdownDescription": "A value that indicates whether the DB instance is encrypted. By default, it isn't encrypted.\n\nIf you specify the `KmsKeyId` property, then you must enable encryption.\n\nIf you specify the `SourceDBInstanceIdentifier` or `SourceDbiResourceId` property, don't specify this property. The value is inherited from the source DB instance, and if the DB instance is encrypted, the specified `KmsKeyId` property is used.\n\nIf you specify the `SourceDBInstanceAutomatedBackupsArn` property, don't specify this property. The value is inherited from the source DB instance automated backup.\n\nIf you specify `DBSnapshotIdentifier` property, don't specify this property. The value is inherited from the snapshot.\n\n*Amazon Aurora*\n\nNot applicable. The encryption for DB instances is managed by the DB cluster.", - "title": "StorageEncrypted", - "type": "boolean" - }, - "StorageThroughput": { - "markdownDescription": "Specifies the storage throughput value, in mebibyte per second (MiBps), for the DB instance. This setting applies only to the `gp3` storage type.\n\nThis setting doesn't apply to RDS Custom or Amazon Aurora.", - "title": "StorageThroughput", - "type": "number" - }, - "StorageType": { - "markdownDescription": "The storage type to associate with the DB instance.\n\nIf you specify `io1` , `io2` , or `gp3` , you must also include a value for the `Iops` parameter.\n\nThis setting doesn't apply to Amazon Aurora DB instances. Storage is managed by the DB cluster.\n\nValid Values: `gp2 | gp3 | io1 | io2 | standard`\n\nDefault: `io1` , if the `Iops` parameter is specified. Otherwise, `gp3` .", - "title": "StorageType", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Tags to assign to the DB instance.", - "title": "Tags", - "type": "array" - }, - "Timezone": { - "markdownDescription": "The time zone of the DB instance. The time zone parameter is currently supported only by [RDS for Db2](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/db2-time-zone) and [RDS for SQL Server](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.TimeZone) .", - "title": "Timezone", - "type": "string" - }, - "UseDefaultProcessorFeatures": { - "markdownDescription": "Specifies whether the DB instance class of the DB instance uses its default processor features.\n\nThis setting doesn't apply to RDS Custom DB instances.", - "title": "UseDefaultProcessorFeatures", - "type": "boolean" - }, - "UseLatestRestorableTime": { - "markdownDescription": "Specifies whether the DB instance is restored from the latest backup time. By default, the DB instance isn't restored from the latest backup time. This parameter applies to point-in-time recovery. For more information, see [Restoring a DB instance to a specified time](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIT.html) in the in the *Amazon RDS User Guide* .\n\nConstraints:\n\n- Can't be specified if the `RestoreTime` parameter is provided.", - "title": "UseLatestRestorableTime", - "type": "boolean" - }, - "VPCSecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the VPC security group IDs to assign to the DB instance. The list can include both the physical IDs of existing VPC security groups and references to [AWS::EC2::SecurityGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html) resources created in the template.\n\nIf you plan to update the resource, don't specify VPC security groups in a shared VPC.\n\nIf you set `VPCSecurityGroups` , you must not set [`DBSecurityGroups`](https://docs.aws.amazon.com//AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-dbsecuritygroups) , and vice versa.\n\n> You can migrate a DB instance in your stack from an RDS DB security group to a VPC security group, but keep the following in mind:\n> \n> - You can't revert to using an RDS security group after you establish a VPC security group membership.\n> - When you migrate your DB instance to VPC security groups, if your stack update rolls back because the DB instance update fails or because an update fails in another AWS CloudFormation resource, the rollback fails because it can't revert to an RDS security group.\n> - To use the properties that are available when you use a VPC security group, you must recreate the DB instance. If you don't, AWS CloudFormation submits only the property values that are listed in the [`DBSecurityGroups`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-dbsecuritygroups) property. \n\nTo avoid this situation, migrate your DB instance to using VPC security groups only when that is the only change in your stack template.\n\n*Amazon Aurora*\n\nNot applicable. The associated list of EC2 VPC security groups is managed by the DB cluster. If specified, the setting must match the DB cluster setting.", - "title": "VPCSecurityGroups", - "type": "array" - } + "ColorSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::RDS::DBInstance" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "markdownDescription": "The sort configuration of the color field well in a combo chart.", + "title": "ColorSort", + "type": "array" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::RDS::DBInstance.CertificateDetails": { + "AWS::QuickSight::Dashboard.ComboChartVisual": { "additionalProperties": false, "properties": { - "CAIdentifier": { - "markdownDescription": "The CA identifier of the CA certificate used for the DB instance's server certificate.", - "title": "CAIdentifier", + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComboChartConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", "type": "string" }, - "ValidTill": { - "markdownDescription": "The expiration date of the DB instance\u2019s server certificate.", - "title": "ValidTill", + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", "type": "string" } }, + "required": [ + "VisualId" + ], "type": "object" }, - "AWS::RDS::DBInstance.DBInstanceRole": { + "AWS::QuickSight::Dashboard.ComparisonConfiguration": { "additionalProperties": false, "properties": { - "FeatureName": { - "markdownDescription": "The name of the feature associated with the AWS Identity and Access Management (IAM) role. IAM roles that are associated with a DB instance grant permission for the DB instance to access other AWS services on your behalf. For the list of supported feature names, see the `SupportedFeatureNames` description in [DBEngineVersion](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DBEngineVersion.html) in the *Amazon RDS API Reference* .", - "title": "FeatureName", - "type": "string" + "ComparisonFormat": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComparisonFormatConfiguration", + "markdownDescription": "The format of the comparison.", + "title": "ComparisonFormat" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that is associated with the DB instance.", - "title": "RoleArn", + "ComparisonMethod": { + "markdownDescription": "The method of the comparison. Choose from the following options:\n\n- `DIFFERENCE`\n- `PERCENT_DIFFERENCE`\n- `PERCENT`", + "title": "ComparisonMethod", "type": "string" } }, - "required": [ - "FeatureName", - "RoleArn" - ], "type": "object" }, - "AWS::RDS::DBInstance.Endpoint": { + "AWS::QuickSight::Dashboard.ComparisonFormatConfiguration": { "additionalProperties": false, "properties": { - "Address": { - "markdownDescription": "Specifies the DNS address of the DB instance.", - "title": "Address", - "type": "string" - }, - "HostedZoneId": { - "markdownDescription": "Specifies the ID that Amazon Route 53 assigns when you create a hosted zone.", - "title": "HostedZoneId", - "type": "string" + "NumberDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumberDisplayFormatConfiguration", + "markdownDescription": "The number display format.", + "title": "NumberDisplayFormatConfiguration" }, - "Port": { - "markdownDescription": "Specifies the port that the database engine is listening on.", - "title": "Port", - "type": "string" + "PercentageDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PercentageDisplayFormatConfiguration", + "markdownDescription": "The percentage display format.", + "title": "PercentageDisplayFormatConfiguration" } }, "type": "object" }, - "AWS::RDS::DBInstance.MasterUserSecret": { + "AWS::QuickSight::Dashboard.Computation": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "The AWS KMS key identifier that is used to encrypt the secret.", - "title": "KmsKeyId", - "type": "string" + "Forecast": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ForecastComputation", + "markdownDescription": "The forecast computation configuration.", + "title": "Forecast" }, - "SecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the secret. This parameter is a return value that you can retrieve using the `Fn::GetAtt` intrinsic function. For more information, see [Return values](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbinstance.html#aws-resource-rds-dbinstance-return-values) .", - "title": "SecretArn", - "type": "string" + "GrowthRate": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GrowthRateComputation", + "markdownDescription": "The growth rate computation configuration.", + "title": "GrowthRate" + }, + "MaximumMinimum": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MaximumMinimumComputation", + "markdownDescription": "The maximum and minimum computation configuration.", + "title": "MaximumMinimum" + }, + "MetricComparison": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MetricComparisonComputation", + "markdownDescription": "The metric comparison computation configuration.", + "title": "MetricComparison" + }, + "PeriodOverPeriod": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PeriodOverPeriodComputation", + "markdownDescription": "The period over period computation configuration.", + "title": "PeriodOverPeriod" + }, + "PeriodToDate": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PeriodToDateComputation", + "markdownDescription": "The period to `DataSetIdentifier` computation configuration.", + "title": "PeriodToDate" + }, + "TopBottomMovers": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TopBottomMoversComputation", + "markdownDescription": "The top movers and bottom movers computation configuration.", + "title": "TopBottomMovers" + }, + "TopBottomRanked": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TopBottomRankedComputation", + "markdownDescription": "The top ranked and bottom ranked computation configuration.", + "title": "TopBottomRanked" + }, + "TotalAggregation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TotalAggregationComputation", + "markdownDescription": "The total aggregation computation configuration.", + "title": "TotalAggregation" + }, + "UniqueValues": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.UniqueValuesComputation", + "markdownDescription": "The unique values computation configuration.", + "title": "UniqueValues" } }, "type": "object" }, - "AWS::RDS::DBInstance.ProcessorFeature": { + "AWS::QuickSight::Dashboard.ConditionalFormattingColor": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the processor feature. Valid names are `coreCount` and `threadsPerCore` .", - "title": "Name", - "type": "string" + "Gradient": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingGradientColor", + "markdownDescription": "Formatting configuration for gradient color.", + "title": "Gradient" }, - "Value": { - "markdownDescription": "The value of a processor feature.", - "title": "Value", - "type": "string" + "Solid": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingSolidColor", + "markdownDescription": "Formatting configuration for solid color.", + "title": "Solid" } }, "type": "object" }, - "AWS::RDS::DBParameterGroup": { + "AWS::QuickSight::Dashboard.ConditionalFormattingCustomIconCondition": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Color": { + "markdownDescription": "Determines the color of the icon.", + "title": "Color", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DBParameterGroupName": { - "markdownDescription": "The name of the DB parameter group.\n\nConstraints:\n\n- Must be 1 to 255 letters, numbers, or hyphens.\n- First character must be a letter\n- Can't end with a hyphen or contain two consecutive hyphens\n\nIf you don't specify a value for `DBParameterGroupName` property, a name is automatically created for the DB parameter group.\n\n> This value is stored as a lowercase string.", - "title": "DBParameterGroupName", - "type": "string" - }, - "Description": { - "markdownDescription": "Provides the customer-specified description for this DB parameter group.", - "title": "Description", - "type": "string" - }, - "Family": { - "markdownDescription": "The DB parameter group family name. A DB parameter group can be associated with one and only one DB parameter group family, and can be applied only to a DB instance running a database engine and engine version compatible with that DB parameter group family.\n\nTo list all of the available parameter group families for a DB engine, use the following command:\n\n`aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine `\n\nFor example, to list all of the available parameter group families for the MySQL DB engine, use the following command:\n\n`aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine mysql`\n\n> The output contains duplicates. \n\nThe following are the valid DB engine values:\n\n- `aurora-mysql`\n- `aurora-postgresql`\n- `db2-ae`\n- `db2-se`\n- `mysql`\n- `oracle-ee`\n- `oracle-ee-cdb`\n- `oracle-se2`\n- `oracle-se2-cdb`\n- `postgres`\n- `sqlserver-ee`\n- `sqlserver-se`\n- `sqlserver-ex`\n- `sqlserver-web`", - "title": "Family", - "type": "string" - }, - "Parameters": { - "markdownDescription": "A mapping of parameter names and values for the parameter update. You must specify at least one parameter name and value.\n\nFor more information about parameter groups, see [Working with parameter groups](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithParamGroups.html) in the *Amazon RDS User Guide* , or [Working with parameter groups](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_WorkingWithParamGroups.html) in the *Amazon Aurora User Guide* .\n\n> AWS CloudFormation doesn't support specifying an apply method for each individual parameter. The default apply method for each parameter is used.", - "title": "Parameters", - "type": "object" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Tags to assign to the DB parameter group.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Description", - "Family" - ], - "type": "object" + "DisplayConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIconDisplayConfiguration", + "markdownDescription": "Determines the icon display configuration.", + "title": "DisplayConfiguration" }, - "Type": { - "enum": [ - "AWS::RDS::DBParameterGroup" - ], + "Expression": { + "markdownDescription": "The expression that determines the condition of the icon set.", + "title": "Expression", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "IconOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingCustomIconOptions", + "markdownDescription": "Custom icon options for an icon set.", + "title": "IconOptions" } }, "required": [ - "Type", - "Properties" + "Expression", + "IconOptions" ], "type": "object" }, - "AWS::RDS::DBProxy": { + "AWS::QuickSight::Dashboard.ConditionalFormattingCustomIconOptions": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Icon": { + "markdownDescription": "Determines the type of icon.", + "title": "Icon", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Auth": { - "items": { - "$ref": "#/definitions/AWS::RDS::DBProxy.AuthFormat" - }, - "markdownDescription": "The authorization mechanism that the proxy uses.", - "title": "Auth", - "type": "array" - }, - "DBProxyName": { - "markdownDescription": "The identifier for the proxy. This name must be unique for all proxies owned by your AWS account in the specified AWS Region . An identifier must begin with a letter and must contain only ASCII letters, digits, and hyphens; it can't end with a hyphen or contain two consecutive hyphens.", - "title": "DBProxyName", - "type": "string" - }, - "DebugLogging": { - "markdownDescription": "Specifies whether the proxy includes detailed information about SQL statements in its logs. This information helps you to debug issues involving SQL behavior or the performance and scalability of the proxy connections. The debug information includes the text of SQL statements that you submit through the proxy. Thus, only enable this setting when needed for debugging, and only when you have security measures in place to safeguard any sensitive information that appears in the logs.", - "title": "DebugLogging", - "type": "boolean" - }, - "EngineFamily": { - "markdownDescription": "The kinds of databases that the proxy can connect to. This value determines which database network protocol the proxy recognizes when it interprets network traffic to and from the database. For Aurora MySQL, RDS for MariaDB, and RDS for MySQL databases, specify `MYSQL` . For Aurora PostgreSQL and RDS for PostgreSQL databases, specify `POSTGRESQL` . For RDS for Microsoft SQL Server, specify `SQLSERVER` .", - "title": "EngineFamily", - "type": "string" - }, - "IdleClientTimeout": { - "markdownDescription": "The number of seconds that a connection to the proxy can be inactive before the proxy disconnects it. You can set this value higher or lower than the connection timeout limit for the associated database.", - "title": "IdleClientTimeout", - "type": "number" - }, - "RequireTLS": { - "markdownDescription": "Specifies whether Transport Layer Security (TLS) encryption is required for connections to the proxy. By enabling this setting, you can enforce encrypted TLS connections to the proxy.", - "title": "RequireTLS", - "type": "boolean" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that the proxy uses to access secrets in AWS Secrets Manager.", - "title": "RoleArn", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/AWS::RDS::DBProxy.TagFormat" - }, - "markdownDescription": "An optional set of key-value pairs to associate arbitrary data of your choosing with the proxy.", - "title": "Tags", - "type": "array" - }, - "VpcSecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more VPC security group IDs to associate with the new proxy.\n\nIf you plan to update the resource, don't specify VPC security groups in a shared VPC.", - "title": "VpcSecurityGroupIds", - "type": "array" - }, - "VpcSubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more VPC subnet IDs to associate with the new proxy.", - "title": "VpcSubnetIds", - "type": "array" - } - }, - "required": [ - "Auth", - "DBProxyName", - "EngineFamily", - "RoleArn", - "VpcSubnetIds" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::RDS::DBProxy" - ], + "UnicodeIcon": { + "markdownDescription": "Determines the Unicode icon type.", + "title": "UnicodeIcon", "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ConditionalFormattingGradientColor": { + "additionalProperties": false, + "properties": { + "Color": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GradientColor", + "markdownDescription": "Determines the color.", + "title": "Color" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Expression": { + "markdownDescription": "The expression that determines the formatting configuration for gradient color.", + "title": "Expression", "type": "string" } }, "required": [ - "Type", - "Properties" + "Color", + "Expression" ], "type": "object" }, - "AWS::RDS::DBProxy.AuthFormat": { + "AWS::QuickSight::Dashboard.ConditionalFormattingIcon": { "additionalProperties": false, "properties": { - "AuthScheme": { - "markdownDescription": "The type of authentication that the proxy uses for connections from the proxy to the underlying database.", - "title": "AuthScheme", - "type": "string" - }, - "ClientPasswordAuthType": { - "markdownDescription": "Specifies the details of authentication used by a proxy to log in as a specific database user.", - "title": "ClientPasswordAuthType", - "type": "string" - }, - "Description": { - "markdownDescription": "A user-specified description about the authentication used by a proxy to log in as a specific database user.", - "title": "Description", - "type": "string" - }, - "IAMAuth": { - "markdownDescription": "A value that indicates whether to require or disallow AWS Identity and Access Management (IAM) authentication for connections to the proxy. The `ENABLED` value is valid only for proxies with RDS for Microsoft SQL Server.", - "title": "IAMAuth", - "type": "string" + "CustomCondition": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingCustomIconCondition", + "markdownDescription": "Determines the custom condition for an icon set.", + "title": "CustomCondition" }, - "SecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) representing the secret that the proxy uses to authenticate to the RDS DB instance or Aurora DB cluster. These secrets are stored within Amazon Secrets Manager.", - "title": "SecretArn", - "type": "string" + "IconSet": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIconSet", + "markdownDescription": "Formatting configuration for icon set.", + "title": "IconSet" } }, "type": "object" }, - "AWS::RDS::DBProxy.TagFormat": { + "AWS::QuickSight::Dashboard.ConditionalFormattingIconDisplayConfiguration": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "A key is the required name of the tag. The string value can be from 1 to 128 Unicode characters in length and can't be prefixed with `aws:` or `rds:` . The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\").", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "A value is the optional value of the tag. The string value can be from 1 to 256 Unicode characters in length and can't be prefixed with `aws:` or `rds:` . The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\").", - "title": "Value", + "IconDisplayOption": { + "markdownDescription": "Determines the icon display configuration.", + "title": "IconDisplayOption", "type": "string" } }, "type": "object" }, - "AWS::RDS::DBProxyEndpoint": { + "AWS::QuickSight::Dashboard.ConditionalFormattingIconSet": { "additionalProperties": false, "properties": { - "Condition": { + "Expression": { + "markdownDescription": "The expression that determines the formatting configuration for the icon set.", + "title": "Expression", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "IconSetType": { + "markdownDescription": "Determines the icon set type.", + "title": "IconSetType", "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DBProxyEndpointName": { - "markdownDescription": "The name of the DB proxy endpoint to create.", - "title": "DBProxyEndpointName", - "type": "string" - }, - "DBProxyName": { - "markdownDescription": "The name of the DB proxy associated with the DB proxy endpoint that you create.", - "title": "DBProxyName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/AWS::RDS::DBProxyEndpoint.TagFormat" - }, - "markdownDescription": "An optional set of key-value pairs to associate arbitrary data of your choosing with the proxy.", - "title": "Tags", - "type": "array" - }, - "TargetRole": { - "markdownDescription": "A value that indicates whether the DB proxy endpoint can be used for read/write or read-only operations.", - "title": "TargetRole", - "type": "string" - }, - "VpcSecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The VPC security group IDs for the DB proxy endpoint that you create. You can specify a different set of security group IDs than for the original DB proxy. The default is the default security group for the VPC.", - "title": "VpcSecurityGroupIds", - "type": "array" - }, - "VpcSubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The VPC subnet IDs for the DB proxy endpoint that you create. You can specify a different set of subnet IDs than for the original DB proxy.", - "title": "VpcSubnetIds", - "type": "array" - } - }, - "required": [ - "DBProxyEndpointName", - "DBProxyName", - "VpcSubnetIds" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::RDS::DBProxyEndpoint" - ], + } + }, + "required": [ + "Expression" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ConditionalFormattingSolidColor": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "Determines the color.", + "title": "Color", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Expression": { + "markdownDescription": "The expression that determines the formatting configuration for solid color.", + "title": "Expression", "type": "string" } }, "required": [ - "Type", - "Properties" + "Expression" ], "type": "object" }, - "AWS::RDS::DBProxyEndpoint.TagFormat": { + "AWS::QuickSight::Dashboard.ContextMenuOption": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "A key is the required name of the tag. The string value can be from 1 to 128 Unicode characters in length and can't be prefixed with `aws:` or `rds:` . The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\").", - "title": "Key", + "AvailabilityStatus": { + "markdownDescription": "The availability status of the context menu options. If the value of this property is set to `ENABLED` , dashboard readers can interact with the context menu.", + "title": "AvailabilityStatus", "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ContributionAnalysisDefault": { + "additionalProperties": false, + "properties": { + "ContributorDimensions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier" + }, + "markdownDescription": "The dimensions columns that are used in the contribution analysis, usually a list of `ColumnIdentifiers` .", + "title": "ContributorDimensions", + "type": "array" }, - "Value": { - "markdownDescription": "A value is the optional value of the tag. The string value can be from 1 to 256 Unicode characters in length and can't be prefixed with `aws:` or `rds:` . The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\").", - "title": "Value", + "MeasureFieldId": { + "markdownDescription": "The measure field that is used in the contribution analysis.", + "title": "MeasureFieldId", "type": "string" } }, + "required": [ + "ContributorDimensions", + "MeasureFieldId" + ], "type": "object" }, - "AWS::RDS::DBProxyTargetGroup": { + "AWS::QuickSight::Dashboard.CurrencyDisplayFormatConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "DecimalPlacesConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalPlacesConfiguration", + "markdownDescription": "The option that determines the decimal places configuration.", + "title": "DecimalPlacesConfiguration" + }, + "NegativeValueConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NegativeValueConfiguration", + "markdownDescription": "The options that determine the negative value configuration.", + "title": "NegativeValueConfiguration" + }, + "NullValueFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NullValueFormatConfiguration", + "markdownDescription": "The options that determine the null value format configuration.", + "title": "NullValueFormatConfiguration" + }, + "NumberScale": { + "markdownDescription": "Determines the number scale value for the currency format.", + "title": "NumberScale", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Prefix": { + "markdownDescription": "Determines the prefix value of the currency format.", + "title": "Prefix", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ConnectionPoolConfigurationInfo": { - "$ref": "#/definitions/AWS::RDS::DBProxyTargetGroup.ConnectionPoolConfigurationInfoFormat", - "markdownDescription": "Displays the settings that control the size and behavior of the connection pool associated with a `DBProxyTarget` .", - "title": "ConnectionPoolConfigurationInfo" - }, - "DBClusterIdentifiers": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more DB cluster identifiers.", - "title": "DBClusterIdentifiers", - "type": "array" - }, - "DBInstanceIdentifiers": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more DB instance identifiers.", - "title": "DBInstanceIdentifiers", - "type": "array" - }, - "DBProxyName": { - "markdownDescription": "The identifier of the `DBProxy` that is associated with the `DBProxyTargetGroup` .", - "title": "DBProxyName", - "type": "string" - }, - "TargetGroupName": { - "markdownDescription": "The identifier for the target group.\n\n> Currently, this property must be set to `default` .", - "title": "TargetGroupName", - "type": "string" - } - }, - "required": [ - "DBProxyName", - "TargetGroupName" - ], - "type": "object" + "SeparatorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericSeparatorConfiguration", + "markdownDescription": "The options that determine the numeric separator configuration.", + "title": "SeparatorConfiguration" }, - "Type": { - "enum": [ - "AWS::RDS::DBProxyTargetGroup" - ], + "Suffix": { + "markdownDescription": "Determines the suffix value of the currency format.", + "title": "Suffix", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Symbol": { + "markdownDescription": "Determines the symbol for the currency format.", + "title": "Symbol", "type": "string" } }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.CustomActionFilterOperation": { + "additionalProperties": false, + "properties": { + "SelectedFieldsConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterOperationSelectedFieldsConfiguration", + "markdownDescription": "The configuration that chooses the fields to be filtered.", + "title": "SelectedFieldsConfiguration" + }, + "TargetVisualsConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterOperationTargetVisualsConfiguration", + "markdownDescription": "The configuration that chooses the target visuals to be filtered.", + "title": "TargetVisualsConfiguration" + } + }, "required": [ - "Type", - "Properties" + "SelectedFieldsConfiguration", + "TargetVisualsConfiguration" ], "type": "object" }, - "AWS::RDS::DBProxyTargetGroup.ConnectionPoolConfigurationInfoFormat": { + "AWS::QuickSight::Dashboard.CustomActionNavigationOperation": { "additionalProperties": false, "properties": { - "ConnectionBorrowTimeout": { - "markdownDescription": "The number of seconds for a proxy to wait for a connection to become available in the connection pool. This setting only applies when the proxy has opened its maximum number of connections and all connections are busy with client sessions.\n\nDefault: `120`\n\nConstraints:\n\n- Must be between 0 and 300.", - "title": "ConnectionBorrowTimeout", - "type": "number" - }, - "InitQuery": { - "markdownDescription": "Add an initialization query, or modify the current one. You can specify one or more SQL statements for the proxy to run when opening each new database connection. The setting is typically used with `SET` statements to make sure that each connection has identical settings. Make sure the query added here is valid. This is an optional field, so you can choose to leave it empty. For including multiple variables in a single SET statement, use a comma separator.\n\nFor example: `SET variable1=value1, variable2=value2`\n\nDefault: no initialization query", - "title": "InitQuery", - "type": "string" - }, - "MaxConnectionsPercent": { - "markdownDescription": "The maximum size of the connection pool for each target in a target group. The value is expressed as a percentage of the `max_connections` setting for the RDS DB instance or Aurora DB cluster used by the target group.\n\nIf you specify `MaxIdleConnectionsPercent` , then you must also include a value for this parameter.\n\nDefault: `10` for RDS for Microsoft SQL Server, and `100` for all other engines\n\nConstraints:\n\n- Must be between 1 and 100.", - "title": "MaxConnectionsPercent", - "type": "number" - }, - "MaxIdleConnectionsPercent": { - "markdownDescription": "A value that controls how actively the proxy closes idle database connections in the connection pool. The value is expressed as a percentage of the `max_connections` setting for the RDS DB instance or Aurora DB cluster used by the target group. With a high value, the proxy leaves a high percentage of idle database connections open. A low value causes the proxy to close more idle connections and return them to the database.\n\nIf you specify this parameter, then you must also include a value for `MaxConnectionsPercent` .\n\nDefault: The default value is half of the value of `MaxConnectionsPercent` . For example, if `MaxConnectionsPercent` is 80, then the default value of `MaxIdleConnectionsPercent` is 40. If the value of `MaxConnectionsPercent` isn't specified, then for SQL Server, `MaxIdleConnectionsPercent` is `5` , and for all other engines, the default is `50` .\n\nConstraints:\n\n- Must be between 0 and the value of `MaxConnectionsPercent` .", - "title": "MaxIdleConnectionsPercent", - "type": "number" - }, - "SessionPinningFilters": { - "items": { - "type": "string" - }, - "markdownDescription": "Each item in the list represents a class of SQL operations that normally cause all later statements in a session using a proxy to be pinned to the same underlying database connection. Including an item in the list exempts that class of SQL operations from the pinning behavior.\n\nDefault: no session pinning filters", - "title": "SessionPinningFilters", - "type": "array" + "LocalNavigationConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LocalNavigationConfiguration", + "markdownDescription": "The configuration that chooses the navigation target.", + "title": "LocalNavigationConfiguration" } }, "type": "object" }, - "AWS::RDS::DBSecurityGroup": { + "AWS::QuickSight::Dashboard.CustomActionSetParametersOperation": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DBSecurityGroupIngress": { - "items": { - "$ref": "#/definitions/AWS::RDS::DBSecurityGroup.Ingress" - }, - "markdownDescription": "Ingress rules to be applied to the DB security group.", - "title": "DBSecurityGroupIngress", - "type": "array" - }, - "EC2VpcId": { - "markdownDescription": "The identifier of an Amazon virtual private cloud (VPC). This property indicates the VPC that this DB security group belongs to.\n\n> This property is included for backwards compatibility and is no longer recommended for providing security information to an RDS DB instance.", - "title": "EC2VpcId", - "type": "string" - }, - "GroupDescription": { - "markdownDescription": "Provides the description of the DB security group.", - "title": "GroupDescription", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata assigned to an Amazon RDS resource consisting of a key-value pair.\n\nFor more information, see [Tagging Amazon RDS resources](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) in the *Amazon RDS User Guide* or [Tagging Amazon Aurora and Amazon RDS resources](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Tagging.html) in the *Amazon Aurora User Guide* .", - "title": "Tags", - "type": "array" - } + "ParameterValueConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SetParameterValueConfiguration" }, - "required": [ - "DBSecurityGroupIngress", - "GroupDescription" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::RDS::DBSecurityGroup" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "markdownDescription": "The parameter that determines the value configuration.", + "title": "ParameterValueConfigurations", + "type": "array" } }, "required": [ - "Type", - "Properties" + "ParameterValueConfigurations" ], "type": "object" }, - "AWS::RDS::DBSecurityGroup.Ingress": { + "AWS::QuickSight::Dashboard.CustomActionURLOperation": { "additionalProperties": false, "properties": { - "CIDRIP": { - "markdownDescription": "The IP range to authorize.", - "title": "CIDRIP", - "type": "string" - }, - "EC2SecurityGroupId": { - "markdownDescription": "Id of the EC2 security group to authorize. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.", - "title": "EC2SecurityGroupId", - "type": "string" - }, - "EC2SecurityGroupName": { - "markdownDescription": "Name of the EC2 security group to authorize. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.", - "title": "EC2SecurityGroupName", + "URLTarget": { + "markdownDescription": "The target of the `CustomActionURLOperation` .\n\nValid values are defined as follows:\n\n- `NEW_TAB` : Opens the target URL in a new browser tab.\n- `NEW_WINDOW` : Opens the target URL in a new browser window.\n- `SAME_TAB` : Opens the target URL in the same browser tab.", + "title": "URLTarget", "type": "string" }, - "EC2SecurityGroupOwnerId": { - "markdownDescription": "AWS account number of the owner of the EC2 security group specified in the `EC2SecurityGroupName` parameter. The AWS access key ID isn't an acceptable value. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.", - "title": "EC2SecurityGroupOwnerId", + "URLTemplate": { + "markdownDescription": "THe URL link of the `CustomActionURLOperation` .", + "title": "URLTemplate", "type": "string" } }, + "required": [ + "URLTarget", + "URLTemplate" + ], "type": "object" }, - "AWS::RDS::DBSecurityGroupIngress": { + "AWS::QuickSight::Dashboard.CustomColor": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Color": { + "markdownDescription": "The color that is applied to the data value.", + "title": "Color", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "CIDRIP": { - "markdownDescription": "The IP range to authorize.", - "title": "CIDRIP", - "type": "string" - }, - "DBSecurityGroupName": { - "markdownDescription": "The name of the DB security group to add authorization to.", - "title": "DBSecurityGroupName", - "type": "string" - }, - "EC2SecurityGroupId": { - "markdownDescription": "Id of the EC2 security group to authorize. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.", - "title": "EC2SecurityGroupId", - "type": "string" - }, - "EC2SecurityGroupName": { - "markdownDescription": "Name of the EC2 security group to authorize. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.", - "title": "EC2SecurityGroupName", - "type": "string" - }, - "EC2SecurityGroupOwnerId": { - "markdownDescription": "AWS account number of the owner of the EC2 security group specified in the `EC2SecurityGroupName` parameter. The AWS access key ID isn't an acceptable value. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.", - "title": "EC2SecurityGroupOwnerId", - "type": "string" - } - }, - "required": [ - "DBSecurityGroupName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::RDS::DBSecurityGroupIngress" - ], + "FieldValue": { + "markdownDescription": "The data value that the color is applied to.", + "title": "FieldValue", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SpecialValue": { + "markdownDescription": "The value of a special data value.", + "title": "SpecialValue", "type": "string" } }, "required": [ - "Type", - "Properties" + "Color" ], "type": "object" }, - "AWS::RDS::DBSubnetGroup": { + "AWS::QuickSight::Dashboard.CustomContentConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "ContentType": { + "markdownDescription": "The content type of the custom content visual. You can use this to have the visual render as an image.", + "title": "ContentType", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ContentUrl": { + "markdownDescription": "The input URL that links to the custom content that you want in the custom visual.", + "title": "ContentUrl", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DBSubnetGroupDescription": { - "markdownDescription": "The description for the DB subnet group.", - "title": "DBSubnetGroupDescription", - "type": "string" - }, - "DBSubnetGroupName": { - "markdownDescription": "The name for the DB subnet group. This value is stored as a lowercase string.\n\nConstraints:\n\n- Must contain no more than 255 letters, numbers, periods, underscores, spaces, or hyphens.\n- Must not be default.\n- First character must be a letter.\n\nExample: `mydbsubnetgroup`", - "title": "DBSubnetGroupName", - "type": "string" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The EC2 Subnet IDs for the DB subnet group.", - "title": "SubnetIds", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Tags to assign to the DB subnet group.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "DBSubnetGroupDescription", - "SubnetIds" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::RDS::DBSubnetGroup" - ], + "ImageScaling": { + "markdownDescription": "The sizing options for the size of the custom content visual. This structure is required when the `ContentType` of the visual is `'IMAGE'` .", + "title": "ImageScaling", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::RDS::EventSubscription": { + "AWS::QuickSight::Dashboard.CustomContentVisual": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomContentConfiguration", + "markdownDescription": "The configuration of a `CustomContentVisual` .", + "title": "ChartConfiguration" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "DataSetIdentifier": { + "markdownDescription": "The dataset that is used to create the custom content visual. You can't create a visual without a dataset.", + "title": "DataSetIdentifier", + "type": "string" }, - "Metadata": { - "type": "object" + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Specifies whether to activate the subscription. If the event notification subscription isn't activated, the subscription is created but not active.", - "title": "Enabled", - "type": "boolean" - }, - "EventCategories": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of event categories for a particular source type ( `SourceType` ) that you want to subscribe to. You can see a list of the categories for a given source type in the \"Amazon RDS event categories and event messages\" section of the [*Amazon RDS User Guide*](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Events.Messages.html) or the [*Amazon Aurora User Guide*](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Events.Messages.html) . You can also see this list by using the `DescribeEventCategories` operation.", - "title": "EventCategories", - "type": "array" - }, - "SnsTopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the SNS topic created for event notification. SNS automatically creates the ARN when you create a topic and subscribe to it.\n\n> RDS doesn't support FIFO (first in, first out) topics. For more information, see [Message ordering and deduplication (FIFO topics)](https://docs.aws.amazon.com/sns/latest/dg/sns-fifo-topics.html) in the *Amazon Simple Notification Service Developer Guide* .", - "title": "SnsTopicArn", - "type": "string" - }, - "SourceIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of identifiers of the event sources for which events are returned. If not specified, then all sources are included in the response. An identifier must begin with a letter and must contain only ASCII letters, digits, and hyphens. It can't end with a hyphen or contain two consecutive hyphens.\n\nConstraints:\n\n- If `SourceIds` are supplied, `SourceType` must also be provided.\n- If the source type is a DB instance, a `DBInstanceIdentifier` value must be supplied.\n- If the source type is a DB cluster, a `DBClusterIdentifier` value must be supplied.\n- If the source type is a DB parameter group, a `DBParameterGroupName` value must be supplied.\n- If the source type is a DB security group, a `DBSecurityGroupName` value must be supplied.\n- If the source type is a DB snapshot, a `DBSnapshotIdentifier` value must be supplied.\n- If the source type is a DB cluster snapshot, a `DBClusterSnapshotIdentifier` value must be supplied.\n- If the source type is an RDS Proxy, a `DBProxyName` value must be supplied.", - "title": "SourceIds", - "type": "array" - }, - "SourceType": { - "markdownDescription": "The type of source that is generating the events. For example, if you want to be notified of events generated by a DB instance, you set this parameter to `db-instance` . For RDS Proxy events, specify `db-proxy` . If this value isn't specified, all events are returned.\n\nValid Values: `db-instance | db-cluster | db-parameter-group | db-security-group | db-snapshot | db-cluster-snapshot | db-proxy | zero-etl | custom-engine-version | blue-green-deployment`", - "title": "SourceType", - "type": "string" - }, - "SubscriptionName": { - "markdownDescription": "The name of the subscription.\n\nConstraints: The name must be less than 255 characters.", - "title": "SubscriptionName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An optional array of key-value pairs to apply to this subscription.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "SnsTopicArn" - ], - "type": "object" + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" }, - "Type": { - "enum": [ - "AWS::RDS::EventSubscription" - ], + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", "type": "string" } }, "required": [ - "Type", - "Properties" + "DataSetIdentifier", + "VisualId" ], "type": "object" }, - "AWS::RDS::GlobalCluster": { + "AWS::QuickSight::Dashboard.CustomFilterConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "CategoryValue": { + "markdownDescription": "The category value for the filter.\n\nThis field is mutually exclusive to `ParameterName` .", + "title": "CategoryValue", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "MatchOperator": { + "markdownDescription": "The match operator that is used to determine if a filter should be applied.", + "title": "MatchOperator", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DeletionProtection": { - "markdownDescription": "Specifies whether to enable deletion protection for the new global database cluster. The global database can't be deleted when deletion protection is enabled.", - "title": "DeletionProtection", - "type": "boolean" - }, - "Engine": { - "markdownDescription": "The database engine to use for this global database cluster.\n\nValid Values: `aurora-mysql | aurora-postgresql`\n\nConstraints:\n\n- Can't be specified if `SourceDBClusterIdentifier` is specified. In this case, Amazon Aurora uses the engine of the source DB cluster.", - "title": "Engine", - "type": "string" - }, - "EngineVersion": { - "markdownDescription": "The engine version to use for this global database cluster.\n\nConstraints:\n\n- Can't be specified if `SourceDBClusterIdentifier` is specified. In this case, Amazon Aurora uses the engine version of the source DB cluster.", - "title": "EngineVersion", - "type": "string" - }, - "GlobalClusterIdentifier": { - "markdownDescription": "The cluster identifier for this global database cluster. This parameter is stored as a lowercase string.", - "title": "GlobalClusterIdentifier", - "type": "string" - }, - "SourceDBClusterIdentifier": { - "markdownDescription": "The Amazon Resource Name (ARN) to use as the primary cluster of the global database.\n\nIf you provide a value for this parameter, don't specify values for the following settings because Amazon Aurora uses the values from the specified source DB cluster:\n\n- `DatabaseName`\n- `Engine`\n- `EngineVersion`\n- `StorageEncrypted`", - "title": "SourceDBClusterIdentifier", - "type": "string" - }, - "StorageEncrypted": { - "markdownDescription": "Specifies whether to enable storage encryption for the new global database cluster.\n\nConstraints:\n\n- Can't be specified if `SourceDBClusterIdentifier` is specified. In this case, Amazon Aurora uses the setting from the source DB cluster.", - "title": "StorageEncrypted", - "type": "boolean" - } - }, - "type": "object" + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" }, - "Type": { - "enum": [ - "AWS::RDS::GlobalCluster" - ], + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `CategoryValue` .", + "title": "ParameterName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", "type": "string" } }, "required": [ - "Type" + "MatchOperator", + "NullOption" ], "type": "object" }, - "AWS::RDS::Integration": { + "AWS::QuickSight::Dashboard.CustomFilterListConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "CategoryValues": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of category values for the filter.", + "title": "CategoryValues", + "type": "array" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "MatchOperator": { + "markdownDescription": "The match operator that is used to determine if a filter should be applied.", + "title": "MatchOperator", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AdditionalEncryptionContext": { - "additionalProperties": true, - "markdownDescription": "An optional set of non-secret key\u2013value pairs that contains additional contextual information about the data. For more information, see [Encryption context](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context) in the *AWS Key Management Service Developer Guide* .\n\nYou can only include this parameter if you specify the `KMSKeyId` parameter.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "AdditionalEncryptionContext", - "type": "object" - }, - "DataFilter": { - "markdownDescription": "Data filters for the integration. These filters determine which tables from the source database are sent to the target Amazon Redshift data warehouse.", - "title": "DataFilter", - "type": "string" - }, - "Description": { - "markdownDescription": "A description of the integration.", - "title": "Description", - "type": "string" - }, - "IntegrationName": { - "markdownDescription": "The name of the integration.", - "title": "IntegrationName", - "type": "string" - }, - "KMSKeyId": { - "markdownDescription": "The AWS Key Management System ( AWS KMS) key identifier for the key to use to encrypt the integration. If you don't specify an encryption key, RDS uses a default AWS owned key.", - "title": "KMSKeyId", - "type": "string" - }, - "SourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the database to use as the source for replication.", - "title": "SourceArn", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An optional array of key-value pairs to apply to this integration.", - "title": "Tags", - "type": "array" - }, - "TargetArn": { - "markdownDescription": "The ARN of the Redshift data warehouse to use as the target for replication.", - "title": "TargetArn", - "type": "string" - } - }, - "required": [ - "SourceArn", - "TargetArn" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::RDS::Integration" - ], + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", "type": "string" } }, "required": [ - "Type", - "Properties" + "MatchOperator", + "NullOption" ], "type": "object" }, - "AWS::RDS::OptionGroup": { + "AWS::QuickSight::Dashboard.CustomNarrativeOptions": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "EngineName": { - "markdownDescription": "Specifies the name of the engine that this option group should be associated with.\n\nValid Values:\n\n- `mariadb`\n- `mysql`\n- `oracle-ee`\n- `oracle-ee-cdb`\n- `oracle-se2`\n- `oracle-se2-cdb`\n- `postgres`\n- `sqlserver-ee`\n- `sqlserver-se`\n- `sqlserver-ex`\n- `sqlserver-web`", - "title": "EngineName", - "type": "string" - }, - "MajorEngineVersion": { - "markdownDescription": "Specifies the major version of the engine that this option group should be associated with.", - "title": "MajorEngineVersion", - "type": "string" - }, - "OptionConfigurations": { - "items": { - "$ref": "#/definitions/AWS::RDS::OptionGroup.OptionConfiguration" - }, - "markdownDescription": "A list of all available options for an option group.", - "title": "OptionConfigurations", - "type": "array" - }, - "OptionGroupDescription": { - "markdownDescription": "The description of the option group.", - "title": "OptionGroupDescription", - "type": "string" - }, - "OptionGroupName": { - "markdownDescription": "The name of the option group to be created.\n\nConstraints:\n\n- Must be 1 to 255 letters, numbers, or hyphens\n- First character must be a letter\n- Can't end with a hyphen or contain two consecutive hyphens\n\nExample: `myoptiongroup`\n\nIf you don't specify a value for `OptionGroupName` property, a name is automatically created for the option group.\n\n> This value is stored as a lowercase string.", - "title": "OptionGroupName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Tags to assign to the option group.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "EngineName", - "MajorEngineVersion", - "OptionGroupDescription" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::RDS::OptionGroup" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Narrative": { + "markdownDescription": "The string input of custom narrative.", + "title": "Narrative", "type": "string" } }, "required": [ - "Type", - "Properties" + "Narrative" ], "type": "object" }, - "AWS::RDS::OptionGroup.OptionConfiguration": { + "AWS::QuickSight::Dashboard.CustomParameterValues": { "additionalProperties": false, "properties": { - "DBSecurityGroupMemberships": { + "DateTimeValues": { "items": { "type": "string" }, - "markdownDescription": "A list of DB security groups used for this option.", - "title": "DBSecurityGroupMemberships", + "markdownDescription": "A list of datetime-type parameter values.", + "title": "DateTimeValues", "type": "array" }, - "OptionName": { - "markdownDescription": "The configuration of options to include in a group.", - "title": "OptionName", - "type": "string" - }, - "OptionSettings": { + "DecimalValues": { "items": { - "$ref": "#/definitions/AWS::RDS::OptionGroup.OptionSetting" + "type": "number" }, - "markdownDescription": "The option settings to include in an option group.", - "title": "OptionSettings", + "markdownDescription": "A list of decimal-type parameter values.", + "title": "DecimalValues", "type": "array" }, - "OptionVersion": { - "markdownDescription": "The version for the option.", - "title": "OptionVersion", - "type": "string" - }, - "Port": { - "markdownDescription": "The optional port for the option.", - "title": "Port", - "type": "number" + "IntegerValues": { + "items": { + "type": "number" + }, + "markdownDescription": "A list of integer-type parameter values.", + "title": "IntegerValues", + "type": "array" }, - "VpcSecurityGroupMemberships": { + "StringValues": { "items": { "type": "string" }, - "markdownDescription": "A list of VPC security group names used for this option.", - "title": "VpcSecurityGroupMemberships", + "markdownDescription": "A list of string-type parameter values.", + "title": "StringValues", "type": "array" } }, - "required": [ - "OptionName" - ], "type": "object" }, - "AWS::RDS::OptionGroup.OptionSetting": { + "AWS::QuickSight::Dashboard.CustomValuesConfiguration": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the option that has settings that you can set.", - "title": "Name", - "type": "string" + "CustomValues": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomParameterValues", + "markdownDescription": "", + "title": "CustomValues" }, - "Value": { - "markdownDescription": "The current value of the option setting.", - "title": "Value", - "type": "string" + "IncludeNullValue": { + "markdownDescription": "Includes the null value in custom action parameter values.", + "title": "IncludeNullValue", + "type": "boolean" } }, + "required": [ + "CustomValues" + ], "type": "object" }, - "AWS::RUM::AppMonitor": { + "AWS::QuickSight::Dashboard.DashboardError": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Message": { + "markdownDescription": "Message.", + "title": "Message", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AppMonitorConfiguration": { - "$ref": "#/definitions/AWS::RUM::AppMonitor.AppMonitorConfiguration", - "markdownDescription": "A structure that contains much of the configuration data for the app monitor. If you are using Amazon Cognito for authorization, you must include this structure in your request, and it must include the ID of the Amazon Cognito identity pool to use for authorization. If you don't include `AppMonitorConfiguration` , you must set up your own authorization method. For more information, see [Authorize your application to send data to AWS](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-RUM-get-started-authorization.html) .\n\nIf you omit this argument, the sample rate used for CloudWatch RUM is set to 10% of the user sessions.", - "title": "AppMonitorConfiguration" - }, - "CustomEvents": { - "$ref": "#/definitions/AWS::RUM::AppMonitor.CustomEvents", - "markdownDescription": "Specifies whether this app monitor allows the web client to define and send custom events. If you omit this parameter, custom events are `DISABLED` .", - "title": "CustomEvents" - }, - "CwLogEnabled": { - "markdownDescription": "Data collected by CloudWatch RUM is kept by RUM for 30 days and then deleted. This parameter specifies whether CloudWatch RUM sends a copy of this telemetry data to Amazon CloudWatch Logs in your account. This enables you to keep the telemetry data for more than 30 days, but it does incur Amazon CloudWatch Logs charges.\n\nIf you omit this parameter, the default is `false` .", - "title": "CwLogEnabled", - "type": "boolean" - }, - "Domain": { - "markdownDescription": "The top-level internet domain name for which your application has administrative authority. This parameter or the `DomainList` parameter is required.", - "title": "Domain", - "type": "string" - }, - "Name": { - "markdownDescription": "A name for the app monitor. This parameter is required.", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Assigns one or more tags (key-value pairs) to the app monitor.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with an app monitor.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Domain", - "Name" - ], - "type": "object" - }, "Type": { - "enum": [ - "AWS::RUM::AppMonitor" - ], + "markdownDescription": "Type.", + "title": "Type", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "ViolatedEntities": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.Entity" + }, + "markdownDescription": "Lists the violated entities that caused the dashboard error.", + "title": "ViolatedEntities", + "type": "array" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::RUM::AppMonitor.AppMonitorConfiguration": { + "AWS::QuickSight::Dashboard.DashboardPublishOptions": { "additionalProperties": false, "properties": { - "AllowCookies": { - "markdownDescription": "If you set this to `true` , the CloudWatch RUM web client sets two cookies, a session cookie and a user cookie. The cookies allow the CloudWatch RUM web client to collect data relating to the number of users an application has and the behavior of the application across a sequence of events. Cookies are stored in the top-level domain of the current page.", - "title": "AllowCookies", - "type": "boolean" + "AdHocFilteringOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AdHocFilteringOption", + "markdownDescription": "Ad hoc (one-time) filtering option.", + "title": "AdHocFilteringOption" }, - "EnableXRay": { - "markdownDescription": "If you set this to `true` , CloudWatch RUM sends client-side traces to X-Ray for each sampled session. You can then see traces and segments from these user sessions in the RUM dashboard and the CloudWatch ServiceLens console. For more information, see [What is AWS X-Ray ?](https://docs.aws.amazon.com/xray/latest/devguide/aws-xray.html)", - "title": "EnableXRay", - "type": "boolean" + "DataPointDrillUpDownOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPointDrillUpDownOption", + "markdownDescription": "The drill-down options of data points in a dashboard.", + "title": "DataPointDrillUpDownOption" }, - "ExcludedPages": { + "DataPointMenuLabelOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPointMenuLabelOption", + "markdownDescription": "The data point menu label options of a dashboard.", + "title": "DataPointMenuLabelOption" + }, + "DataPointTooltipOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPointTooltipOption", + "markdownDescription": "The data point tool tip options of a dashboard.", + "title": "DataPointTooltipOption" + }, + "ExportToCSVOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ExportToCSVOption", + "markdownDescription": "Export to .csv option.", + "title": "ExportToCSVOption" + }, + "ExportWithHiddenFieldsOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ExportWithHiddenFieldsOption", + "markdownDescription": "Determines if hidden fields are exported with a dashboard.", + "title": "ExportWithHiddenFieldsOption" + }, + "SheetControlsOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlsOption", + "markdownDescription": "Sheet controls option.", + "title": "SheetControlsOption" + }, + "SheetLayoutElementMaximizationOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetLayoutElementMaximizationOption", + "markdownDescription": "The sheet layout maximization options of a dashbaord.", + "title": "SheetLayoutElementMaximizationOption" + }, + "VisualAxisSortOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualAxisSortOption", + "markdownDescription": "The axis sort options of a dashboard.", + "title": "VisualAxisSortOption" + }, + "VisualMenuOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualMenuOption", + "markdownDescription": "The menu options of a visual in a dashboard.", + "title": "VisualMenuOption" + }, + "VisualPublishOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DashboardVisualPublishOptions", + "markdownDescription": "The visual publish options of a visual in a dashboard.", + "title": "VisualPublishOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DashboardSourceEntity": { + "additionalProperties": false, + "properties": { + "SourceTemplate": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DashboardSourceTemplate", + "markdownDescription": "Source template.", + "title": "SourceTemplate" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DashboardSourceTemplate": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", + "title": "Arn", + "type": "string" + }, + "DataSetReferences": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataSetReference" }, - "markdownDescription": "A list of URLs in your website or application to exclude from RUM data collection.\n\nYou can't include both `ExcludedPages` and `IncludedPages` in the same app monitor.", - "title": "ExcludedPages", + "markdownDescription": "Dataset references.", + "title": "DataSetReferences", "type": "array" + } + }, + "required": [ + "Arn", + "DataSetReferences" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.DashboardVersion": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", + "title": "Arn", + "type": "string" }, - "FavoritePages": { + "CreatedTime": { + "markdownDescription": "The time that this dashboard version was created.", + "title": "CreatedTime", + "type": "string" + }, + "DataSetArns": { "items": { "type": "string" }, - "markdownDescription": "A list of pages in your application that are to be displayed with a \"favorite\" icon in the CloudWatch RUM console.", - "title": "FavoritePages", + "markdownDescription": "The Amazon Resource Numbers (ARNs) for the datasets that are associated with this version of the dashboard.", + "title": "DataSetArns", "type": "array" }, - "GuestRoleArn": { - "markdownDescription": "The ARN of the guest IAM role that is attached to the Amazon Cognito identity pool that is used to authorize the sending of data to CloudWatch RUM.", - "title": "GuestRoleArn", + "Description": { + "markdownDescription": "Description.", + "title": "Description", "type": "string" }, - "IdentityPoolId": { - "markdownDescription": "The ID of the Amazon Cognito identity pool that is used to authorize the sending of data to CloudWatch RUM.", - "title": "IdentityPoolId", + "Errors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DashboardError" + }, + "markdownDescription": "Errors associated with this dashboard version.", + "title": "Errors", + "type": "array" + }, + "Sheets": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.Sheet" + }, + "markdownDescription": "A list of the associated sheets with the unique identifier and name of each sheet.", + "title": "Sheets", + "type": "array" + }, + "SourceEntityArn": { + "markdownDescription": "Source entity ARN.", + "title": "SourceEntityArn", "type": "string" }, - "IncludedPages": { + "Status": { + "markdownDescription": "The HTTP status of the request.", + "title": "Status", + "type": "string" + }, + "ThemeArn": { + "markdownDescription": "The ARN of the theme associated with a version of the dashboard.", + "title": "ThemeArn", + "type": "string" + }, + "VersionNumber": { + "markdownDescription": "Version number for this version of the dashboard.", + "title": "VersionNumber", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DashboardVersionDefinition": { + "additionalProperties": false, + "properties": { + "AnalysisDefaults": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AnalysisDefaults", + "markdownDescription": "", + "title": "AnalysisDefaults" + }, + "CalculatedFields": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CalculatedField" }, - "markdownDescription": "If this app monitor is to collect data from only certain pages in your application, this structure lists those pages.\n\nYou can't include both `ExcludedPages` and `IncludedPages` in the same app monitor.", - "title": "IncludedPages", + "markdownDescription": "An array of calculated field definitions for the dashboard.", + "title": "CalculatedFields", "type": "array" }, - "MetricDestinations": { + "ColumnConfigurations": { "items": { - "$ref": "#/definitions/AWS::RUM::AppMonitor.MetricDestination" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnConfiguration" }, - "markdownDescription": "An array of structures that each define a destination that this app monitor will send extended metrics to.", - "title": "MetricDestinations", + "markdownDescription": "An array of dashboard-level column configurations. Column configurations are used to set the default formatting for a column that is used throughout a dashboard.", + "title": "ColumnConfigurations", "type": "array" }, - "SessionSampleRate": { - "markdownDescription": "Specifies the portion of user sessions to use for CloudWatch RUM data collection. Choosing a higher portion gives you more data but also incurs more costs.\n\nThe range for this value is 0 to 1 inclusive. Setting this to 1 means that 100% of user sessions are sampled, and setting it to 0.1 means that 10% of user sessions are sampled.\n\nIf you omit this parameter, the default of 0.1 is used, and 10% of sessions will be sampled.", - "title": "SessionSampleRate", - "type": "number" + "DataSetIdentifierDeclarations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataSetIdentifierDeclaration" + }, + "markdownDescription": "An array of dataset identifier declarations. With this mapping,you can use dataset identifiers instead of dataset Amazon Resource Names (ARNs) throughout the dashboard's sub-structures.", + "title": "DataSetIdentifierDeclarations", + "type": "array" }, - "Telemetries": { + "FilterGroups": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterGroup" }, - "markdownDescription": "An array that lists the types of telemetry data that this app monitor is to collect.\n\n- `errors` indicates that RUM collects data about unhandled JavaScript errors raised by your application.\n- `performance` indicates that RUM collects performance data about how your application and its resources are loaded and rendered. This includes Core Web Vitals.\n- `http` indicates that RUM collects data about HTTP errors thrown by your application.", - "title": "Telemetries", + "markdownDescription": "The filter definitions for a dashboard.\n\nFor more information, see [Filtering Data in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/adding-a-filter.html) in the *Amazon QuickSight User Guide* .", + "title": "FilterGroups", + "type": "array" + }, + "Options": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AssetOptions", + "markdownDescription": "An array of option definitions for a dashboard.", + "title": "Options" + }, + "ParameterDeclarations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterDeclaration" + }, + "markdownDescription": "The parameter declarations for a dashboard. Parameters are named variables that can transfer a value for use by an action or an object.\n\nFor more information, see [Parameters in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-in-quicksight.html) in the *Amazon QuickSight User Guide* .", + "title": "ParameterDeclarations", + "type": "array" + }, + "Sheets": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetDefinition" + }, + "markdownDescription": "An array of sheet definitions for a dashboard.", + "title": "Sheets", + "type": "array" + }, + "StaticFiles": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.StaticFile" + }, + "markdownDescription": "The static files for the definition.", + "title": "StaticFiles", "type": "array" } }, + "required": [ + "DataSetIdentifierDeclarations" + ], "type": "object" }, - "AWS::RUM::AppMonitor.CustomEvents": { + "AWS::QuickSight::Dashboard.DashboardVisualPublishOptions": { "additionalProperties": false, "properties": { - "Status": { - "markdownDescription": "Set this to `ENABLED` to allow the web client to send custom events for this app monitor.\n\nValid values are `ENABLED` and `DISABLED` .", - "title": "Status", - "type": "string" + "ExportHiddenFieldsOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ExportHiddenFieldsOption", + "markdownDescription": "Determines if hidden fields are included in an exported dashboard.", + "title": "ExportHiddenFieldsOption" } }, "type": "object" }, - "AWS::RUM::AppMonitor.MetricDefinition": { + "AWS::QuickSight::Dashboard.DataBarsOptions": { "additionalProperties": false, "properties": { - "DimensionKeys": { - "additionalProperties": true, - "markdownDescription": "This field is a map of field paths to dimension names. It defines the dimensions to associate with this metric in CloudWatch . The value of this field is used only if the metric destination is `CloudWatch` . If the metric destination is `Evidently` , the value of `DimensionKeys` is ignored.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "DimensionKeys", - "type": "object" - }, - "EventPattern": { - "markdownDescription": "The pattern that defines the metric. RUM checks events that happen in a user's session against the pattern, and events that match the pattern are sent to the metric destination.\n\nIf the metrics destination is `CloudWatch` and the event also matches a value in `DimensionKeys` , then the metric is published with the specified dimensions.", - "title": "EventPattern", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the metric that is defined in this structure.", - "title": "Name", - "type": "string" - }, - "Namespace": { - "markdownDescription": "If you are creating a custom metric instead of an extended metrics, use this parameter to define the metric namespace for that custom metric. Do not specify this parameter if you are creating an extended metric.\n\nYou can't use any string that starts with `AWS/` for your namespace.", - "title": "Namespace", + "FieldId": { + "markdownDescription": "The field ID for the data bars options.", + "title": "FieldId", "type": "string" }, - "UnitLabel": { - "markdownDescription": "Use this field only if you are sending this metric to CloudWatch . It defines the CloudWatch metric unit that this metric is measured in.", - "title": "UnitLabel", + "NegativeColor": { + "markdownDescription": "The color of the negative data bar.", + "title": "NegativeColor", "type": "string" }, - "ValueKey": { - "markdownDescription": "The field within the event object that the metric value is sourced from.", - "title": "ValueKey", + "PositiveColor": { + "markdownDescription": "The color of the positive data bar.", + "title": "PositiveColor", "type": "string" } }, "required": [ - "Name" + "FieldId" ], "type": "object" }, - "AWS::RUM::AppMonitor.MetricDestination": { + "AWS::QuickSight::Dashboard.DataColor": { "additionalProperties": false, "properties": { - "Destination": { - "markdownDescription": "Defines the destination to send the metrics to. Valid values are `CloudWatch` and `Evidently` . If you specify `Evidently` , you must also specify the ARN of the CloudWatch Evidently experiment that is to be the destination and an IAM role that has permission to write to the experiment.", - "title": "Destination", + "Color": { + "markdownDescription": "The color that is applied to the data value.", + "title": "Color", "type": "string" }, - "DestinationArn": { - "markdownDescription": "Use this parameter only if `Destination` is `Evidently` . This parameter specifies the ARN of the Evidently experiment that will receive the extended metrics.", - "title": "DestinationArn", + "DataValue": { + "markdownDescription": "The data value that the color is applied to.", + "title": "DataValue", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DataFieldSeriesItem": { + "additionalProperties": false, + "properties": { + "AxisBinding": { + "markdownDescription": "The axis that you are binding the field to.", + "title": "AxisBinding", "type": "string" }, - "IamRoleArn": { - "markdownDescription": "This parameter is required if `Destination` is `Evidently` . If `Destination` is `CloudWatch` , do not use this parameter.\n\nThis parameter specifies the ARN of an IAM role that RUM will assume to write to the Evidently experiment that you are sending metrics to. This role must have permission to write to that experiment.", - "title": "IamRoleArn", + "FieldId": { + "markdownDescription": "The field ID of the field that you are setting the axis binding to.", + "title": "FieldId", "type": "string" }, - "MetricDefinitions": { - "items": { - "$ref": "#/definitions/AWS::RUM::AppMonitor.MetricDefinition" - }, - "markdownDescription": "An array of structures which define the metrics that you want to send.", - "title": "MetricDefinitions", - "type": "array" + "FieldValue": { + "markdownDescription": "The field value of the field that you are setting the axis binding to.", + "title": "FieldValue", + "type": "string" + }, + "Settings": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartSeriesSettings", + "markdownDescription": "The options that determine the presentation of line series associated to the field.", + "title": "Settings" } }, "required": [ - "Destination" + "AxisBinding", + "FieldId" ], "type": "object" }, - "AWS::Redshift::Cluster": { + "AWS::QuickSight::Dashboard.DataLabelOptions": { "additionalProperties": false, "properties": { - "Condition": { + "CategoryLabelVisibility": { + "markdownDescription": "Determines the visibility of the category field labels.", + "title": "CategoryLabelVisibility", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DataLabelTypes": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelType" + }, + "markdownDescription": "The option that determines the data label type.", + "title": "DataLabelTypes", + "type": "array" + }, + "LabelColor": { + "markdownDescription": "Determines the color of the data labels.", + "title": "LabelColor", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "LabelContent": { + "markdownDescription": "Determines the content of the data labels.", + "title": "LabelContent", + "type": "string" }, - "Metadata": { - "type": "object" + "LabelFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", + "markdownDescription": "Determines the font configuration of the data labels.", + "title": "LabelFontConfiguration" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AllowVersionUpgrade": { - "markdownDescription": "If `true` , major version upgrades can be applied during the maintenance window to the Amazon Redshift engine that is running on the cluster.\n\nWhen a new major version of the Amazon Redshift engine is released, you can request that the service automatically apply upgrades during the maintenance window to the Amazon Redshift engine that is running on your cluster.\n\nDefault: `true`", - "title": "AllowVersionUpgrade", - "type": "boolean" - }, - "AquaConfigurationStatus": { - "markdownDescription": "This parameter is retired. It does not set the AQUA configuration status. Amazon Redshift automatically determines whether to use AQUA (Advanced Query Accelerator).", - "title": "AquaConfigurationStatus", - "type": "string" - }, - "AutomatedSnapshotRetentionPeriod": { - "markdownDescription": "The number of days that automated snapshots are retained. If the value is 0, automated snapshots are disabled. Even if automated snapshots are disabled, you can still create manual snapshots when you want with [CreateClusterSnapshot](https://docs.aws.amazon.com/redshift/latest/APIReference/API_CreateClusterSnapshot.html) in the *Amazon Redshift API Reference* .\n\nDefault: `1`\n\nConstraints: Must be a value from 0 to 35.", - "title": "AutomatedSnapshotRetentionPeriod", - "type": "number" - }, - "AvailabilityZone": { - "markdownDescription": "The EC2 Availability Zone (AZ) in which you want Amazon Redshift to provision the cluster. For example, if you have several EC2 instances running in a specific Availability Zone, then you might want the cluster to be provisioned in the same zone in order to decrease network latency.\n\nDefault: A random, system-chosen Availability Zone in the region that is specified by the endpoint.\n\nExample: `us-east-2d`\n\nConstraint: The specified Availability Zone must be in the same region as the current endpoint.", - "title": "AvailabilityZone", - "type": "string" - }, - "AvailabilityZoneRelocation": { - "markdownDescription": "The option to enable relocation for an Amazon Redshift cluster between Availability Zones after the cluster is created.", - "title": "AvailabilityZoneRelocation", - "type": "boolean" - }, - "AvailabilityZoneRelocationStatus": { - "markdownDescription": "Describes the status of the Availability Zone relocation operation.", - "title": "AvailabilityZoneRelocationStatus", - "type": "string" - }, - "Classic": { - "markdownDescription": "A boolean value indicating whether the resize operation is using the classic resize process. If you don't provide this parameter or set the value to `false` , the resize type is elastic.", - "title": "Classic", - "type": "boolean" - }, - "ClusterIdentifier": { - "markdownDescription": "A unique identifier for the cluster. You use this identifier to refer to the cluster for any subsequent cluster operations such as deleting or modifying. The identifier also appears in the Amazon Redshift console.\n\nConstraints:\n\n- Must contain from 1 to 63 alphanumeric characters or hyphens.\n- Alphabetic characters must be lowercase.\n- First character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.\n- Must be unique for all clusters within an AWS account .\n\nExample: `myexamplecluster`", - "title": "ClusterIdentifier", - "type": "string" - }, - "ClusterParameterGroupName": { - "markdownDescription": "The name of the parameter group to be associated with this cluster.\n\nDefault: The default Amazon Redshift cluster parameter group. For information about the default parameter group, go to [Working with Amazon Redshift Parameter Groups](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-parameter-groups.html)\n\nConstraints:\n\n- Must be 1 to 255 alphanumeric characters or hyphens.\n- First character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.", - "title": "ClusterParameterGroupName", - "type": "string" - }, - "ClusterSecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of security groups to be associated with this cluster.\n\nDefault: The default cluster security group for Amazon Redshift.", - "title": "ClusterSecurityGroups", - "type": "array" - }, - "ClusterSubnetGroupName": { - "markdownDescription": "The name of a cluster subnet group to be associated with this cluster.\n\nIf this parameter is not provided the resulting cluster will be deployed outside virtual private cloud (VPC).", - "title": "ClusterSubnetGroupName", - "type": "string" - }, - "ClusterType": { - "markdownDescription": "The type of the cluster. When cluster type is specified as\n\n- `single-node` , the *NumberOfNodes* parameter is not required.\n- `multi-node` , the *NumberOfNodes* parameter is required.\n\nValid Values: `multi-node` | `single-node`\n\nDefault: `multi-node`", - "title": "ClusterType", - "type": "string" - }, - "ClusterVersion": { - "markdownDescription": "The version of the Amazon Redshift engine software that you want to deploy on the cluster.\n\nThe version selected runs on all the nodes in the cluster.\n\nConstraints: Only version 1.0 is currently available.\n\nExample: `1.0`", - "title": "ClusterVersion", - "type": "string" - }, - "DBName": { - "markdownDescription": "The name of the first database to be created when the cluster is created.\n\nTo create additional databases after the cluster is created, connect to the cluster with a SQL client and use SQL commands to create a database. For more information, go to [Create a Database](https://docs.aws.amazon.com/redshift/latest/dg/t_creating_database.html) in the Amazon Redshift Database Developer Guide.\n\nDefault: `dev`\n\nConstraints:\n\n- Must contain 1 to 64 alphanumeric characters.\n- Must contain only lowercase letters.\n- Cannot be a word that is reserved by the service. A list of reserved words can be found in [Reserved Words](https://docs.aws.amazon.com/redshift/latest/dg/r_pg_keywords.html) in the Amazon Redshift Database Developer Guide.", - "title": "DBName", - "type": "string" - }, - "DeferMaintenance": { - "markdownDescription": "A Boolean indicating whether to enable the deferred maintenance window.", - "title": "DeferMaintenance", - "type": "boolean" - }, - "DeferMaintenanceDuration": { - "markdownDescription": "An integer indicating the duration of the maintenance window in days. If you specify a duration, you can't specify an end time. The duration must be 45 days or less.", - "title": "DeferMaintenanceDuration", - "type": "number" - }, - "DeferMaintenanceEndTime": { - "markdownDescription": "A timestamp for the end of the time period when we defer maintenance.", - "title": "DeferMaintenanceEndTime", - "type": "string" - }, - "DeferMaintenanceStartTime": { - "markdownDescription": "A timestamp indicating the start time for the deferred maintenance window.", - "title": "DeferMaintenanceStartTime", - "type": "string" - }, - "DestinationRegion": { - "markdownDescription": "The destination region that snapshots are automatically copied to when cross-region snapshot copy is enabled.", - "title": "DestinationRegion", - "type": "string" - }, - "ElasticIp": { - "markdownDescription": "The Elastic IP (EIP) address for the cluster.\n\nConstraints: The cluster must be provisioned in EC2-VPC and publicly-accessible through an Internet gateway. Don't specify the Elastic IP address for a publicly accessible cluster with availability zone relocation turned on. For more information about provisioning clusters in EC2-VPC, go to [Supported Platforms to Launch Your Cluster](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-clusters.html#cluster-platforms) in the Amazon Redshift Cluster Management Guide.", - "title": "ElasticIp", - "type": "string" - }, - "Encrypted": { - "markdownDescription": "If `true` , the data in the cluster is encrypted at rest. If you set the value on this parameter to `false` , the request will fail.\n\nDefault: true", - "title": "Encrypted", - "type": "boolean" - }, - "Endpoint": { - "$ref": "#/definitions/AWS::Redshift::Cluster.Endpoint", - "markdownDescription": "The connection endpoint.", - "title": "Endpoint" - }, - "EnhancedVpcRouting": { - "markdownDescription": "An option that specifies whether to create the cluster with enhanced VPC routing enabled. To create a cluster that uses enhanced VPC routing, the cluster must be in a VPC. For more information, see [Enhanced VPC Routing](https://docs.aws.amazon.com/redshift/latest/mgmt/enhanced-vpc-routing.html) in the Amazon Redshift Cluster Management Guide.\n\nIf this option is `true` , enhanced VPC routing is enabled.\n\nDefault: false", - "title": "EnhancedVpcRouting", - "type": "boolean" - }, - "HsmClientCertificateIdentifier": { - "markdownDescription": "Specifies the name of the HSM client certificate the Amazon Redshift cluster uses to retrieve the data encryption keys stored in an HSM.", - "title": "HsmClientCertificateIdentifier", - "type": "string" - }, - "HsmConfigurationIdentifier": { - "markdownDescription": "Specifies the name of the HSM configuration that contains the information the Amazon Redshift cluster can use to retrieve and store keys in an HSM.", - "title": "HsmConfigurationIdentifier", - "type": "string" - }, - "IamRoles": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of AWS Identity and Access Management (IAM) roles that can be used by the cluster to access other AWS services. You must supply the IAM roles in their Amazon Resource Name (ARN) format.\n\nThe maximum number of IAM roles that you can associate is subject to a quota. For more information, go to [Quotas and limits](https://docs.aws.amazon.com/redshift/latest/mgmt/amazon-redshift-limits.html) in the *Amazon Redshift Cluster Management Guide* .", - "title": "IamRoles", - "type": "array" - }, - "KmsKeyId": { - "markdownDescription": "The AWS Key Management Service (KMS) key ID of the encryption key that you want to use to encrypt data in the cluster.", - "title": "KmsKeyId", - "type": "string" - }, - "LoggingProperties": { - "$ref": "#/definitions/AWS::Redshift::Cluster.LoggingProperties", - "markdownDescription": "Specifies logging information, such as queries and connection attempts, for the specified Amazon Redshift cluster.", - "title": "LoggingProperties" - }, - "MaintenanceTrackName": { - "markdownDescription": "An optional parameter for the name of the maintenance track for the cluster. If you don't provide a maintenance track name, the cluster is assigned to the `current` track.", - "title": "MaintenanceTrackName", - "type": "string" - }, - "ManageMasterPassword": { - "markdownDescription": "If `true` , Amazon Redshift uses AWS Secrets Manager to manage this cluster's admin credentials. You can't use `MasterUserPassword` if `ManageMasterPassword` is true. If `ManageMasterPassword` is false or not set, Amazon Redshift uses `MasterUserPassword` for the admin user account's password.", - "title": "ManageMasterPassword", - "type": "boolean" - }, - "ManualSnapshotRetentionPeriod": { - "markdownDescription": "The default number of days to retain a manual snapshot. If the value is -1, the snapshot is retained indefinitely. This setting doesn't change the retention period of existing snapshots.\n\nThe value must be either -1 or an integer between 1 and 3,653.", - "title": "ManualSnapshotRetentionPeriod", - "type": "number" - }, - "MasterPasswordSecretKmsKeyId": { - "markdownDescription": "The ID of the AWS Key Management Service (KMS) key used to encrypt and store the cluster's admin credentials secret. You can only use this parameter if `ManageMasterPassword` is true.", - "title": "MasterPasswordSecretKmsKeyId", - "type": "string" - }, - "MasterUserPassword": { - "markdownDescription": "The password associated with the admin user account for the cluster that is being created.\n\nYou can't use `MasterUserPassword` if `ManageMasterPassword` is `true` .\n\nConstraints:\n\n- Must be between 8 and 64 characters in length.\n- Must contain at least one uppercase letter.\n- Must contain at least one lowercase letter.\n- Must contain one number.\n- Can be any printable ASCII character (ASCII code 33-126) except `'` (single quote), `\"` (double quote), `\\` , `/` , or `@` .", - "title": "MasterUserPassword", - "type": "string" - }, - "MasterUsername": { - "markdownDescription": "The user name associated with the admin user account for the cluster that is being created.\n\nConstraints:\n\n- Must be 1 - 128 alphanumeric characters or hyphens. The user name can't be `PUBLIC` .\n- Must contain only lowercase letters, numbers, underscore, plus sign, period (dot), at symbol (@), or hyphen.\n- The first character must be a letter.\n- Must not contain a colon (:) or a slash (/).\n- Cannot be a reserved word. A list of reserved words can be found in [Reserved Words](https://docs.aws.amazon.com/redshift/latest/dg/r_pg_keywords.html) in the Amazon Redshift Database Developer Guide.", - "title": "MasterUsername", - "type": "string" - }, - "MultiAZ": { - "markdownDescription": "A boolean indicating whether Amazon Redshift should deploy the cluster in two Availability Zones. The default is false.", - "title": "MultiAZ", - "type": "boolean" - }, - "NamespaceResourcePolicy": { - "markdownDescription": "The policy that is attached to a resource.", - "title": "NamespaceResourcePolicy", - "type": "object" - }, - "NodeType": { - "markdownDescription": "The node type to be provisioned for the cluster. For information about node types, go to [Working with Clusters](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-clusters.html#how-many-nodes) in the *Amazon Redshift Cluster Management Guide* .\n\nValid Values: `dc2.large` | `dc2.8xlarge` | `ra3.large` | `ra3.xlplus` | `ra3.4xlarge` | `ra3.16xlarge`", - "title": "NodeType", - "type": "string" - }, - "NumberOfNodes": { - "markdownDescription": "The number of compute nodes in the cluster. This parameter is required when the *ClusterType* parameter is specified as `multi-node` .\n\nFor information about determining how many nodes you need, go to [Working with Clusters](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-clusters.html#how-many-nodes) in the *Amazon Redshift Cluster Management Guide* .\n\nIf you don't specify this parameter, you get a single-node cluster. When requesting a multi-node cluster, you must specify the number of nodes that you want in the cluster.\n\nDefault: `1`\n\nConstraints: Value must be at least 1 and no more than 100.", - "title": "NumberOfNodes", - "type": "number" - }, - "OwnerAccount": { - "markdownDescription": "The AWS account used to create or copy the snapshot. Required if you are restoring a snapshot you do not own, optional if you own the snapshot.", - "title": "OwnerAccount", - "type": "string" - }, - "Port": { - "markdownDescription": "The port number on which the cluster accepts incoming connections.\n\nThe cluster is accessible only via the JDBC and ODBC connection strings. Part of the connection string requires the port on which the cluster will listen for incoming connections.\n\nDefault: `5439`\n\nValid Values:\n\n- For clusters with ra3 nodes - Select a port within the ranges `5431-5455` or `8191-8215` . (If you have an existing cluster with ra3 nodes, it isn't required that you change the port to these ranges.)\n- For clusters with dc2 nodes - Select a port within the range `1150-65535` .", - "title": "Port", - "type": "number" - }, - "PreferredMaintenanceWindow": { - "markdownDescription": "The weekly time range (in UTC) during which automated cluster maintenance can occur.\n\nFormat: `ddd:hh24:mi-ddd:hh24:mi`\n\nDefault: A 30-minute window selected at random from an 8-hour block of time per region, occurring on a random day of the week. For more information about the time blocks for each region, see [Maintenance Windows](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-clusters.html#rs-maintenance-windows) in Amazon Redshift Cluster Management Guide.\n\nValid Days: Mon | Tue | Wed | Thu | Fri | Sat | Sun\n\nConstraints: Minimum 30-minute window.", - "title": "PreferredMaintenanceWindow", - "type": "string" - }, - "PubliclyAccessible": { - "markdownDescription": "If `true` , the cluster can be accessed from a public network.\n\nDefault: false", - "title": "PubliclyAccessible", - "type": "boolean" - }, - "ResourceAction": { - "markdownDescription": "The Amazon Redshift operation to be performed. Supported operations are `pause-cluster` , `resume-cluster` , and `failover-primary-compute` .", - "title": "ResourceAction", - "type": "string" - }, - "RevisionTarget": { - "markdownDescription": "Describes a `RevisionTarget` object.", - "title": "RevisionTarget", - "type": "string" - }, - "RotateEncryptionKey": { - "markdownDescription": "Rotates the encryption keys for a cluster.", - "title": "RotateEncryptionKey", - "type": "boolean" - }, - "SnapshotClusterIdentifier": { - "markdownDescription": "The name of the cluster the source snapshot was created from. This parameter is required if your user or role has a policy containing a snapshot resource element that specifies anything other than * for the cluster name.", - "title": "SnapshotClusterIdentifier", - "type": "string" - }, - "SnapshotCopyGrantName": { - "markdownDescription": "The name of the snapshot copy grant.", - "title": "SnapshotCopyGrantName", - "type": "string" - }, - "SnapshotCopyManual": { - "markdownDescription": "Indicates whether to apply the snapshot retention period to newly copied manual snapshots instead of automated snapshots.", - "title": "SnapshotCopyManual", - "type": "boolean" - }, - "SnapshotCopyRetentionPeriod": { - "markdownDescription": "The number of days to retain automated snapshots in the destination AWS Region after they are copied from the source AWS Region .\n\nBy default, this only changes the retention period of copied automated snapshots.\n\nIf you decrease the retention period for automated snapshots that are copied to a destination AWS Region , Amazon Redshift deletes any existing automated snapshots that were copied to the destination AWS Region and that fall outside of the new retention period.\n\nConstraints: Must be at least 1 and no more than 35 for automated snapshots.\n\nIf you specify the `manual` option, only newly copied manual snapshots will have the new retention period.\n\nIf you specify the value of -1 newly copied manual snapshots are retained indefinitely.\n\nConstraints: The number of days must be either -1 or an integer between 1 and 3,653 for manual snapshots.", - "title": "SnapshotCopyRetentionPeriod", - "type": "number" - }, - "SnapshotIdentifier": { - "markdownDescription": "The name of the snapshot from which to create the new cluster. This parameter isn't case sensitive. You must specify this parameter or `snapshotArn` , but not both.\n\nExample: `my-snapshot-id`", - "title": "SnapshotIdentifier", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of tag instances.", - "title": "Tags", - "type": "array" - }, - "VpcSecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of Virtual Private Cloud (VPC) security groups to be associated with the cluster.\n\nDefault: The default VPC security group is associated with the cluster.", - "title": "VpcSecurityGroupIds", - "type": "array" - } - }, - "required": [ - "ClusterType", - "DBName", - "MasterUsername", - "NodeType" - ], - "type": "object" + "MeasureLabelVisibility": { + "markdownDescription": "Determines the visibility of the measure field labels.", + "title": "MeasureLabelVisibility", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Redshift::Cluster" - ], + "Overlap": { + "markdownDescription": "Determines whether overlap is enabled or disabled for the data labels.", + "title": "Overlap", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Position": { + "markdownDescription": "Determines the position of the data labels.", + "title": "Position", + "type": "string" + }, + "TotalsVisibility": { + "markdownDescription": "Determines the visibility of the total.", + "title": "TotalsVisibility", + "type": "string" + }, + "Visibility": { + "markdownDescription": "Determines the visibility of the data labels.", + "title": "Visibility", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Redshift::Cluster.Endpoint": { + "AWS::QuickSight::Dashboard.DataLabelType": { "additionalProperties": false, "properties": { - "Address": { - "markdownDescription": "The DNS address of the cluster. This property is read only.", - "title": "Address", - "type": "string" + "DataPathLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathLabelType", + "markdownDescription": "The option that specifies individual data values for labels.", + "title": "DataPathLabelType" }, - "Port": { - "markdownDescription": "The port that the database engine is listening on. This property is read only.", - "title": "Port", - "type": "string" + "FieldLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldLabelType", + "markdownDescription": "Determines the label configuration for the entire field.", + "title": "FieldLabelType" + }, + "MaximumLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MaximumLabelType", + "markdownDescription": "Determines the label configuration for the maximum value in a visual.", + "title": "MaximumLabelType" + }, + "MinimumLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MinimumLabelType", + "markdownDescription": "Determines the label configuration for the minimum value in a visual.", + "title": "MinimumLabelType" + }, + "RangeEndsLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RangeEndsLabelType", + "markdownDescription": "Determines the label configuration for range end value in a visual.", + "title": "RangeEndsLabelType" } }, "type": "object" }, - "AWS::Redshift::Cluster.LoggingProperties": { + "AWS::QuickSight::Dashboard.DataPathColor": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "The name of an existing S3 bucket where the log files are to be stored.\n\nConstraints:\n\n- Must be in the same region as the cluster\n- The cluster must have read bucket and put object permissions", - "title": "BucketName", + "Color": { + "markdownDescription": "The color that needs to be applied to the element.", + "title": "Color", "type": "string" }, - "S3KeyPrefix": { - "markdownDescription": "The prefix applied to the log file names.\n\nValid characters are any letter from any language, any whitespace character, any numeric character, and the following characters: underscore ( `_` ), period ( `.` ), colon ( `:` ), slash ( `/` ), equal ( `=` ), plus ( `+` ), backslash ( `\\` ), hyphen ( `-` ), at symbol ( `@` ).", - "title": "S3KeyPrefix", + "Element": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathValue", + "markdownDescription": "The element that the color needs to be applied to.", + "title": "Element" + }, + "TimeGranularity": { + "markdownDescription": "The time granularity of the field that the color needs to be applied to.", + "title": "TimeGranularity", "type": "string" } }, + "required": [ + "Color", + "Element" + ], "type": "object" }, - "AWS::Redshift::ClusterParameterGroup": { + "AWS::QuickSight::Dashboard.DataPathLabelType": { "additionalProperties": false, "properties": { - "Condition": { + "FieldId": { + "markdownDescription": "The field ID of the field that the data label needs to be applied to.", + "title": "FieldId", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FieldValue": { + "markdownDescription": "The actual value of the field that is labeled.", + "title": "FieldValue", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "Visibility": { + "markdownDescription": "The visibility of the data label.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DataPathSort": { + "additionalProperties": false, + "properties": { + "Direction": { + "markdownDescription": "Determines the sort direction.", + "title": "Direction", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The description of the parameter group.", - "title": "Description", - "type": "string" - }, - "ParameterGroupFamily": { - "markdownDescription": "The name of the cluster parameter group family that this cluster parameter group is compatible with. You can create a custom parameter group and then associate your cluster with it. For more information, see [Amazon Redshift parameter groups](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-parameter-groups.html) .", - "title": "ParameterGroupFamily", - "type": "string" - }, - "ParameterGroupName": { - "markdownDescription": "The name of the cluster parameter group.", - "title": "ParameterGroupName", - "type": "string" - }, - "Parameters": { - "items": { - "$ref": "#/definitions/AWS::Redshift::ClusterParameterGroup.Parameter" - }, - "markdownDescription": "An array of parameters to be modified. A maximum of 20 parameters can be modified in a single request.\n\nFor each parameter to be modified, you must supply at least the parameter name and parameter value; other name-value pairs of the parameter are optional.\n\nFor the workload management (WLM) configuration, you must supply all the name-value pairs in the wlm_json_configuration parameter.", - "title": "Parameters", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The list of tags for the cluster parameter group.", - "title": "Tags", - "type": "array" - } + "SortPaths": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathValue" }, - "required": [ - "Description", - "ParameterGroupFamily" - ], - "type": "object" + "markdownDescription": "The list of data paths that need to be sorted.", + "title": "SortPaths", + "type": "array" + } + }, + "required": [ + "Direction", + "SortPaths" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.DataPathType": { + "additionalProperties": false, + "properties": { + "PivotTableDataPathType": { + "markdownDescription": "The type of data path value utilized in a pivot table. Choose one of the following options:\n\n- `HIERARCHY_ROWS_LAYOUT_COLUMN` - The type of data path for the rows layout column, when `RowsLayout` is set to `HIERARCHY` .\n- `MULTIPLE_ROW_METRICS_COLUMN` - The type of data path for the metric column when the row is set to Metric Placement.\n- `EMPTY_COLUMN_HEADER` - The type of data path for the column with empty column header, when there is no field in `ColumnsFieldWell` and the row is set to Metric Placement.\n- `COUNT_METRIC_COLUMN` - The type of data path for the column with `COUNT` as the metric, when there is no field in the `ValuesFieldWell` .", + "title": "PivotTableDataPathType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DataPathValue": { + "additionalProperties": false, + "properties": { + "DataPathType": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathType", + "markdownDescription": "The type configuration of the field.", + "title": "DataPathType" }, - "Type": { - "enum": [ - "AWS::Redshift::ClusterParameterGroup" - ], + "FieldId": { + "markdownDescription": "The field ID of the field that needs to be sorted.", + "title": "FieldId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FieldValue": { + "markdownDescription": "The actual value of the field that needs to be sorted.", + "title": "FieldValue", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Redshift::ClusterParameterGroup.Parameter": { + "AWS::QuickSight::Dashboard.DataPointDrillUpDownOption": { "additionalProperties": false, "properties": { - "ParameterName": { - "markdownDescription": "The name of the parameter.", - "title": "ParameterName", + "AvailabilityStatus": { + "markdownDescription": "The status of the drill down options of data points.", + "title": "AvailabilityStatus", "type": "string" - }, - "ParameterValue": { - "markdownDescription": "The value of the parameter. If `ParameterName` is `wlm_json_configuration` , then the maximum size of `ParameterValue` is 8000 characters.", - "title": "ParameterValue", + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DataPointMenuLabelOption": { + "additionalProperties": false, + "properties": { + "AvailabilityStatus": { + "markdownDescription": "The status of the data point menu options.", + "title": "AvailabilityStatus", "type": "string" } }, - "required": [ - "ParameterName", - "ParameterValue" - ], "type": "object" }, - "AWS::Redshift::ClusterSecurityGroup": { + "AWS::QuickSight::Dashboard.DataPointTooltipOption": { "additionalProperties": false, "properties": { - "Condition": { + "AvailabilityStatus": { + "markdownDescription": "The status of the data point tool tip options.", + "title": "AvailabilityStatus", "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DataSetIdentifierDeclaration": { + "additionalProperties": false, + "properties": { + "DataSetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the data set.", + "title": "DataSetArn", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description for the security group.", - "title": "Description", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Specifies an arbitrary set of tags (key\u2013value pairs) to associate with this security group. Use tags to manage your resources.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Description" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Redshift::ClusterSecurityGroup" - ], + "Identifier": { + "markdownDescription": "The identifier of the data set, typically the data set's name.", + "title": "Identifier", + "type": "string" + } + }, + "required": [ + "DataSetArn", + "Identifier" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.DataSetReference": { + "additionalProperties": false, + "properties": { + "DataSetArn": { + "markdownDescription": "Dataset Amazon Resource Name (ARN).", + "title": "DataSetArn", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DataSetPlaceholder": { + "markdownDescription": "Dataset placeholder.", + "title": "DataSetPlaceholder", "type": "string" } }, "required": [ - "Type", - "Properties" + "DataSetArn", + "DataSetPlaceholder" ], "type": "object" }, - "AWS::Redshift::ClusterSecurityGroupIngress": { + "AWS::QuickSight::Dashboard.DateAxisOptions": { "additionalProperties": false, "properties": { - "Condition": { + "MissingDateVisibility": { + "markdownDescription": "Determines whether or not missing dates are displayed.", + "title": "MissingDateVisibility", "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DateDimensionField": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that is used in the `DateDimensionField` .", + "title": "Column" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DateGranularity": { + "markdownDescription": "The date granularity of the `DateDimensionField` . Choose one of the following options:\n\n- `YEAR`\n- `QUARTER`\n- `MONTH`\n- `WEEK`\n- `DAY`\n- `HOUR`\n- `MINUTE`\n- `SECOND`\n- `MILLISECOND`", + "title": "DateGranularity", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "CIDRIP": { - "markdownDescription": "The IP range to be added the Amazon Redshift security group.", - "title": "CIDRIP", - "type": "string" - }, - "ClusterSecurityGroupName": { - "markdownDescription": "The name of the security group to which the ingress rule is added.", - "title": "ClusterSecurityGroupName", - "type": "string" - }, - "EC2SecurityGroupName": { - "markdownDescription": "The EC2 security group to be added the Amazon Redshift security group.", - "title": "EC2SecurityGroupName", - "type": "string" - }, - "EC2SecurityGroupOwnerId": { - "markdownDescription": "The AWS account number of the owner of the security group specified by the *EC2SecurityGroupName* parameter. The AWS Access Key ID is not an acceptable value.\n\nExample: `111122223333`\n\nConditional. If you specify the `EC2SecurityGroupName` property, you must specify this property.", - "title": "EC2SecurityGroupOwnerId", - "type": "string" - } - }, - "required": [ - "ClusterSecurityGroupName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Redshift::ClusterSecurityGroupIngress" - ], + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" + }, + "HierarchyId": { + "markdownDescription": "The custom hierarchy ID.", + "title": "HierarchyId", "type": "string" } }, "required": [ - "Type", - "Properties" + "Column", + "FieldId" ], "type": "object" }, - "AWS::Redshift::ClusterSubnetGroup": { + "AWS::QuickSight::Dashboard.DateMeasureField": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "AggregationFunction": { + "markdownDescription": "The aggregation function of the measure field.", + "title": "AggregationFunction", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description for the subnet group.", - "title": "Description", - "type": "string" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of VPC subnet IDs. A maximum of 20 subnets can be modified in a single request.", - "title": "SubnetIds", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Specifies an arbitrary set of tags (key\u2013value pairs) to associate with this subnet group. Use tags to manage your resources.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Description", - "SubnetIds" - ], - "type": "object" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that is used in the `DateMeasureField` .", + "title": "Column" }, - "Type": { - "enum": [ - "AWS::Redshift::ClusterSubnetGroup" - ], + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" } }, "required": [ - "Type", - "Properties" + "Column", + "FieldId" ], "type": "object" }, - "AWS::Redshift::EndpointAccess": { + "AWS::QuickSight::Dashboard.DateTimeDefaultValues": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "DynamicValue": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DynamicDefaultValue", + "markdownDescription": "The dynamic value of the `DataTimeDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", + "title": "DynamicValue" }, - "Metadata": { - "type": "object" + "RollingDate": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RollingDateConfiguration", + "markdownDescription": "The rolling date of the `DataTimeDefaultValues` . The date is determined from the dataset based on input expression.", + "title": "RollingDate" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ClusterIdentifier": { - "markdownDescription": "The cluster identifier of the cluster associated with the endpoint.", - "title": "ClusterIdentifier", - "type": "string" - }, - "EndpointName": { - "markdownDescription": "The name of the endpoint.", - "title": "EndpointName", - "type": "string" - }, - "ResourceOwner": { - "markdownDescription": "The AWS account ID of the owner of the cluster.", - "title": "ResourceOwner", - "type": "string" - }, - "SubnetGroupName": { - "markdownDescription": "The subnet group name where Amazon Redshift chooses to deploy the endpoint.", - "title": "SubnetGroupName", - "type": "string" - }, - "VpcSecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The security group that defines the ports, protocols, and sources for inbound traffic that you are authorizing into your endpoint.", - "title": "VpcSecurityGroupIds", - "type": "array" - } + "StaticValues": { + "items": { + "type": "string" }, - "required": [ - "ClusterIdentifier", - "EndpointName", - "SubnetGroupName", - "VpcSecurityGroupIds" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Redshift::EndpointAccess" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "markdownDescription": "The static values of the `DataTimeDefaultValues` .", + "title": "StaticValues", + "type": "array" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Redshift::EndpointAccess.NetworkInterface": { + "AWS::QuickSight::Dashboard.DateTimeFormatConfiguration": { "additionalProperties": false, "properties": { - "AvailabilityZone": { - "markdownDescription": "The Availability Zone.", - "title": "AvailabilityZone", - "type": "string" - }, - "NetworkInterfaceId": { - "markdownDescription": "The network interface identifier.", - "title": "NetworkInterfaceId", + "DateTimeFormat": { + "markdownDescription": "Determines the `DateTime` format.", + "title": "DateTimeFormat", "type": "string" }, - "PrivateIpAddress": { - "markdownDescription": "The IPv4 address of the network interface within the subnet.", - "title": "PrivateIpAddress", - "type": "string" + "NullValueFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NullValueFormatConfiguration", + "markdownDescription": "The options that determine the null value format configuration.", + "title": "NullValueFormatConfiguration" }, - "SubnetId": { - "markdownDescription": "The subnet identifier.", - "title": "SubnetId", - "type": "string" + "NumericFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericFormatConfiguration", + "markdownDescription": "The formatting configuration for numeric `DateTime` fields.", + "title": "NumericFormatConfiguration" } }, "type": "object" }, - "AWS::Redshift::EndpointAccess.VpcEndpoint": { + "AWS::QuickSight::Dashboard.DateTimeHierarchy": { "additionalProperties": false, "properties": { - "NetworkInterfaces": { + "DrillDownFilters": { "items": { - "$ref": "#/definitions/AWS::Redshift::EndpointAccess.NetworkInterface" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DrillDownFilter" }, - "markdownDescription": "One or more network interfaces of the endpoint. Also known as an interface endpoint.", - "title": "NetworkInterfaces", + "markdownDescription": "The option that determines the drill down filters for the `DateTime` hierarchy.", + "title": "DrillDownFilters", "type": "array" }, - "VpcEndpointId": { - "markdownDescription": "The connection endpoint ID for connecting an Amazon Redshift cluster through the proxy.", - "title": "VpcEndpointId", - "type": "string" - }, - "VpcId": { - "markdownDescription": "The VPC identifier that the endpoint is associated.", - "title": "VpcId", + "HierarchyId": { + "markdownDescription": "The hierarchy ID of the `DateTime` hierarchy.", + "title": "HierarchyId", "type": "string" } }, + "required": [ + "HierarchyId" + ], "type": "object" }, - "AWS::Redshift::EndpointAccess.VpcSecurityGroup": { + "AWS::QuickSight::Dashboard.DateTimeParameter": { "additionalProperties": false, "properties": { - "Status": { - "markdownDescription": "The status of the endpoint.", - "title": "Status", + "Name": { + "markdownDescription": "A display name for the date-time parameter.", + "title": "Name", "type": "string" }, - "VpcSecurityGroupId": { - "markdownDescription": "The identifier of the VPC security group.", - "title": "VpcSecurityGroupId", - "type": "string" + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The values for the date-time parameter.", + "title": "Values", + "type": "array" } }, + "required": [ + "Name", + "Values" + ], "type": "object" }, - "AWS::Redshift::EndpointAuthorization": { + "AWS::QuickSight::Dashboard.DateTimeParameterDeclaration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeDefaultValues", + "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", + "title": "DefaultValues" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Account": { - "markdownDescription": "The AWS account ID of either the cluster owner (grantor) or grantee. If `Grantee` parameter is true, then the `Account` value is of the grantor.", - "title": "Account", - "type": "string" - }, - "ClusterIdentifier": { - "markdownDescription": "The cluster identifier.", - "title": "ClusterIdentifier", - "type": "string" - }, - "Force": { - "markdownDescription": "Indicates whether to force the revoke action. If true, the Redshift-managed VPC endpoints associated with the endpoint authorization are also deleted.", - "title": "Force", - "type": "boolean" - }, - "VpcIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The virtual private cloud (VPC) identifiers to grant access to.", - "title": "VpcIds", - "type": "array" - } + "MappedDataSetParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MappedDataSetParameter" }, - "required": [ - "Account", - "ClusterIdentifier" - ], - "type": "object" + "markdownDescription": "", + "title": "MappedDataSetParameters", + "type": "array" }, - "Type": { - "enum": [ - "AWS::Redshift::EndpointAuthorization" - ], + "Name": { + "markdownDescription": "The name of the parameter that is being declared.", + "title": "Name", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", "type": "string" + }, + "ValueWhenUnset": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeValueWhenUnsetConfiguration", + "markdownDescription": "The configuration that defines the default value of a `DateTime` parameter when a value has not been set.", + "title": "ValueWhenUnset" } }, "required": [ - "Type", - "Properties" + "Name" ], "type": "object" }, - "AWS::Redshift::EventSubscription": { + "AWS::QuickSight::Dashboard.DateTimePickerControlDisplayOptions": { "additionalProperties": false, "properties": { - "Condition": { + "DateIconVisibility": { + "markdownDescription": "The date icon visibility of the `DateTimePickerControlDisplayOptions` .", + "title": "DateIconVisibility", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DateTimeFormat": { + "markdownDescription": "Customize how dates are formatted in controls.", + "title": "DateTimeFormat", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "A boolean value; set to `true` to activate the subscription, and set to `false` to create the subscription but not activate it.", - "title": "Enabled", - "type": "boolean" - }, - "EventCategories": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the Amazon Redshift event categories to be published by the event notification subscription.\n\nValues: configuration, management, monitoring, security, pending", - "title": "EventCategories", - "type": "array" - }, - "Severity": { - "markdownDescription": "Specifies the Amazon Redshift event severity to be published by the event notification subscription.\n\nValues: ERROR, INFO", - "title": "Severity", - "type": "string" - }, - "SnsTopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic used to transmit the event notifications. The ARN is created by Amazon SNS when you create a topic and subscribe to it.", - "title": "SnsTopicArn", - "type": "string" - }, - "SourceIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of one or more identifiers of Amazon Redshift source objects. All of the objects must be of the same type as was specified in the source type parameter. The event subscription will return only events generated by the specified objects. If not specified, then events are returned for all objects within the source type specified.\n\nExample: my-cluster-1, my-cluster-2\n\nExample: my-snapshot-20131010", - "title": "SourceIds", - "type": "array" - }, - "SourceType": { - "markdownDescription": "The type of source that will be generating the events. For example, if you want to be notified of events generated by a cluster, you would set this parameter to cluster. If this value is not specified, events are returned for all Amazon Redshift objects in your AWS account . You must specify a source type in order to specify source IDs.\n\nValid values: cluster, cluster-parameter-group, cluster-security-group, cluster-snapshot, and scheduled-action.", - "title": "SourceType", - "type": "string" - }, - "SubscriptionName": { - "markdownDescription": "The name of the event subscription to be created.\n\nConstraints:\n\n- Cannot be null, empty, or blank.\n- Must contain from 1 to 255 alphanumeric characters or hyphens.\n- First character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.", - "title": "SubscriptionName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of tag instances.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "SubscriptionName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Redshift::EventSubscription" - ], + "HelperTextVisibility": { + "markdownDescription": "The helper text visibility of the `DateTimePickerControlDisplayOptions` .", + "title": "HelperTextVisibility", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Redshift::ScheduledAction": { + "AWS::QuickSight::Dashboard.DateTimeValueWhenUnsetConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "CustomValue": { + "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", + "title": "CustomValue", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ValueWhenUnsetOption": { + "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", + "title": "ValueWhenUnsetOption", "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DecimalDefaultValues": { + "additionalProperties": false, + "properties": { + "DynamicValue": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DynamicDefaultValue", + "markdownDescription": "The dynamic value of the `DecimalDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", + "title": "DynamicValue" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Enable": { - "markdownDescription": "If true, the schedule is enabled. If false, the scheduled action does not trigger. For more information about `state` of the scheduled action, see `ScheduledAction` .", - "title": "Enable", - "type": "boolean" - }, - "EndTime": { - "markdownDescription": "The end time in UTC when the schedule is no longer active. After this time, the scheduled action does not trigger.", - "title": "EndTime", - "type": "string" - }, - "IamRole": { - "markdownDescription": "The IAM role to assume to run the scheduled action. This IAM role must have permission to run the Amazon Redshift API operation in the scheduled action. This IAM role must allow the Amazon Redshift scheduler (Principal scheduler.redshift.amazonaws.com) to assume permissions on your behalf. For more information about the IAM role to use with the Amazon Redshift scheduler, see [Using Identity-Based Policies for Amazon Redshift](https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-iam-access-control-identity-based.html) in the *Amazon Redshift Cluster Management Guide* .", - "title": "IamRole", - "type": "string" - }, - "Schedule": { - "markdownDescription": "The schedule for a one-time (at format) or recurring (cron format) scheduled action. Schedule invocations must be separated by at least one hour.\n\nFormat of at expressions is \" `at(yyyy-mm-ddThh:mm:ss)` \". For example, \" `at(2016-03-04T17:27:00)` \".\n\nFormat of cron expressions is \" `cron(Minutes Hours Day-of-month Month Day-of-week Year)` \". For example, \" `cron(0 10 ? * MON *)` \". For more information, see [Cron Expressions](https://docs.aws.amazon.com//AmazonCloudWatch/latest/events/ScheduledEvents.html#CronExpressions) in the *Amazon CloudWatch Events User Guide* .", - "title": "Schedule", - "type": "string" - }, - "ScheduledActionDescription": { - "markdownDescription": "The description of the scheduled action.", - "title": "ScheduledActionDescription", - "type": "string" - }, - "ScheduledActionName": { - "markdownDescription": "The name of the scheduled action.", - "title": "ScheduledActionName", - "type": "string" - }, - "StartTime": { - "markdownDescription": "The start time in UTC when the schedule is active. Before this time, the scheduled action does not trigger.", - "title": "StartTime", - "type": "string" - }, - "TargetAction": { - "$ref": "#/definitions/AWS::Redshift::ScheduledAction.ScheduledActionType", - "markdownDescription": "A JSON format string of the Amazon Redshift API operation with input parameters.\n\n\" `{\\\"ResizeCluster\\\":{\\\"NodeType\\\":\\\"ra3.4xlarge\\\",\\\"ClusterIdentifier\\\":\\\"my-test-cluster\\\",\\\"NumberOfNodes\\\":3}}` \".", - "title": "TargetAction" - } + "StaticValues": { + "items": { + "type": "number" }, - "required": [ - "ScheduledActionName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Redshift::ScheduledAction" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "markdownDescription": "The static values of the `DecimalDefaultValues` .", + "title": "StaticValues", + "type": "array" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Redshift::ScheduledAction.PauseClusterMessage": { + "AWS::QuickSight::Dashboard.DecimalParameter": { "additionalProperties": false, "properties": { - "ClusterIdentifier": { - "markdownDescription": "The identifier of the cluster to be paused.", - "title": "ClusterIdentifier", + "Name": { + "markdownDescription": "A display name for the decimal parameter.", + "title": "Name", "type": "string" + }, + "Values": { + "items": { + "type": "number" + }, + "markdownDescription": "The values for the decimal parameter.", + "title": "Values", + "type": "array" } }, "required": [ - "ClusterIdentifier" + "Name", + "Values" ], "type": "object" }, - "AWS::Redshift::ScheduledAction.ResizeClusterMessage": { + "AWS::QuickSight::Dashboard.DecimalParameterDeclaration": { "additionalProperties": false, "properties": { - "Classic": { - "markdownDescription": "A boolean value indicating whether the resize operation is using the classic resize process. If you don't provide this parameter or set the value to `false` , the resize type is elastic.", - "title": "Classic", - "type": "boolean" + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalDefaultValues", + "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", + "title": "DefaultValues" }, - "ClusterIdentifier": { - "markdownDescription": "The unique identifier for the cluster to resize.", - "title": "ClusterIdentifier", - "type": "string" + "MappedDataSetParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MappedDataSetParameter" + }, + "markdownDescription": "", + "title": "MappedDataSetParameters", + "type": "array" }, - "ClusterType": { - "markdownDescription": "The new cluster type for the specified cluster.", - "title": "ClusterType", + "Name": { + "markdownDescription": "The name of the parameter that is being declared.", + "title": "Name", "type": "string" }, - "NodeType": { - "markdownDescription": "The new node type for the nodes you are adding. If not specified, the cluster's current node type is used.", - "title": "NodeType", + "ParameterValueType": { + "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", + "title": "ParameterValueType", "type": "string" }, - "NumberOfNodes": { - "markdownDescription": "The new number of nodes for the cluster. If not specified, the cluster's current number of nodes is used.", - "title": "NumberOfNodes", - "type": "number" + "ValueWhenUnset": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalValueWhenUnsetConfiguration", + "markdownDescription": "The configuration that defines the default value of a `Decimal` parameter when a value has not been set.", + "title": "ValueWhenUnset" } }, "required": [ - "ClusterIdentifier" + "Name", + "ParameterValueType" ], "type": "object" }, - "AWS::Redshift::ScheduledAction.ResumeClusterMessage": { + "AWS::QuickSight::Dashboard.DecimalPlacesConfiguration": { "additionalProperties": false, "properties": { - "ClusterIdentifier": { - "markdownDescription": "The identifier of the cluster to be resumed.", - "title": "ClusterIdentifier", - "type": "string" + "DecimalPlaces": { + "markdownDescription": "The values of the decimal places.", + "title": "DecimalPlaces", + "type": "number" } }, "required": [ - "ClusterIdentifier" + "DecimalPlaces" ], "type": "object" }, - "AWS::Redshift::ScheduledAction.ScheduledActionType": { + "AWS::QuickSight::Dashboard.DecimalValueWhenUnsetConfiguration": { "additionalProperties": false, "properties": { - "PauseCluster": { - "$ref": "#/definitions/AWS::Redshift::ScheduledAction.PauseClusterMessage", - "markdownDescription": "An action that runs a `PauseCluster` API operation.", - "title": "PauseCluster" - }, - "ResizeCluster": { - "$ref": "#/definitions/AWS::Redshift::ScheduledAction.ResizeClusterMessage", - "markdownDescription": "An action that runs a `ResizeCluster` API operation.", - "title": "ResizeCluster" + "CustomValue": { + "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", + "title": "CustomValue", + "type": "number" }, - "ResumeCluster": { - "$ref": "#/definitions/AWS::Redshift::ScheduledAction.ResumeClusterMessage", - "markdownDescription": "An action that runs a `ResumeCluster` API operation.", - "title": "ResumeCluster" + "ValueWhenUnsetOption": { + "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", + "title": "ValueWhenUnsetOption", + "type": "string" } }, "type": "object" }, - "AWS::RedshiftServerless::Namespace": { + "AWS::QuickSight::Dashboard.DefaultDateTimePickerControlOptions": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `DateTimePickerControl` .", + "title": "CommitMode", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AdminPasswordSecretKmsKeyId": { - "markdownDescription": "The ID of the AWS Key Management Service (KMS) key used to encrypt and store the namespace's admin credentials secret. You can only use this parameter if `ManageAdminPassword` is `true` .", - "title": "AdminPasswordSecretKmsKeyId", - "type": "string" - }, - "AdminUserPassword": { - "markdownDescription": "The password of the administrator for the primary database created in the namespace.", - "title": "AdminUserPassword", - "type": "string" - }, - "AdminUsername": { - "markdownDescription": "The username of the administrator for the primary database created in the namespace.", - "title": "AdminUsername", - "type": "string" - }, - "DbName": { - "markdownDescription": "The name of the primary database created in the namespace.", - "title": "DbName", - "type": "string" - }, - "DefaultIamRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to set as a default in the namespace.", - "title": "DefaultIamRoleArn", - "type": "string" - }, - "FinalSnapshotName": { - "markdownDescription": "The name of the snapshot to be created before the namespace is deleted.", - "title": "FinalSnapshotName", - "type": "string" - }, - "FinalSnapshotRetentionPeriod": { - "markdownDescription": "How long to retain the final snapshot.", - "title": "FinalSnapshotRetentionPeriod", - "type": "number" - }, - "IamRoles": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of IAM roles to associate with the namespace.", - "title": "IamRoles", - "type": "array" - }, - "KmsKeyId": { - "markdownDescription": "The ID of the AWS Key Management Service key used to encrypt your data.", - "title": "KmsKeyId", - "type": "string" - }, - "LogExports": { - "items": { - "type": "string" - }, - "markdownDescription": "The types of logs the namespace can export. Available export types are `userlog` , `connectionlog` , and `useractivitylog` .", - "title": "LogExports", - "type": "array" - }, - "ManageAdminPassword": { - "markdownDescription": "If true, Amazon Redshift uses AWS Secrets Manager to manage the namespace's admin credentials. You can't use `AdminUserPassword` if `ManageAdminPassword` is true. If `ManageAdminPassword` is `false` or not set, Amazon Redshift uses `AdminUserPassword` for the admin user account's password.", - "title": "ManageAdminPassword", - "type": "boolean" - }, - "NamespaceName": { - "markdownDescription": "The name of the namespace. Must be between 3-64 alphanumeric characters in lowercase, and it cannot be a reserved word. A list of reserved words can be found in [Reserved Words](https://docs.aws.amazon.com//redshift/latest/dg/r_pg_keywords.html) in the Amazon Redshift Database Developer Guide.", - "title": "NamespaceName", - "type": "string" - }, - "NamespaceResourcePolicy": { - "markdownDescription": "The resource policy that will be attached to the namespace.", - "title": "NamespaceResourcePolicy", - "type": "object" - }, - "RedshiftIdcApplicationArn": { - "markdownDescription": "The ARN for the Redshift application that integrates with IAM Identity Center.", - "title": "RedshiftIdcApplicationArn", - "type": "string" - }, - "SnapshotCopyConfigurations": { - "items": { - "$ref": "#/definitions/AWS::RedshiftServerless::Namespace.SnapshotCopyConfiguration" - }, - "markdownDescription": "", - "title": "SnapshotCopyConfigurations", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The map of the key-value pairs used to tag the namespace.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "NamespaceName" - ], - "type": "object" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimePickerControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" }, "Type": { - "enum": [ - "AWS::RedshiftServerless::Namespace" - ], + "markdownDescription": "The date time picker type of the `DefaultDateTimePickerControlOptions` . Choose one of the following options:\n\n- `SINGLE_VALUED` : The filter condition is a fixed date.\n- `DATE_RANGE` : The filter condition is a date time range.", + "title": "Type", "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration": { + "additionalProperties": false, + "properties": { + "ControlOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlOptions", + "markdownDescription": "The control option for the `DefaultFilterControlConfiguration` .", + "title": "ControlOptions" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Title": { + "markdownDescription": "The title of the `DefaultFilterControlConfiguration` . This title is shared by all controls that are tied to this filter.", + "title": "Title", "type": "string" } }, "required": [ - "Type", - "Properties" + "ControlOptions", + "Title" ], "type": "object" }, - "AWS::RedshiftServerless::Namespace.Namespace": { + "AWS::QuickSight::Dashboard.DefaultFilterControlOptions": { "additionalProperties": false, "properties": { - "AdminPasswordSecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the namespace's admin user credentials secret.", - "title": "AdminPasswordSecretArn", - "type": "string" - }, - "AdminPasswordSecretKmsKeyId": { - "markdownDescription": "The ID of the AWS Key Management Service (KMS) key used to encrypt and store the namespace's admin credentials secret.", - "title": "AdminPasswordSecretKmsKeyId", - "type": "string" - }, - "AdminUsername": { - "markdownDescription": "The username of the administrator for the first database created in the namespace.", - "title": "AdminUsername", - "type": "string" - }, - "CreationDate": { - "markdownDescription": "The date of when the namespace was created.", - "title": "CreationDate", - "type": "string" - }, - "DbName": { - "markdownDescription": "The name of the first database created in the namespace.", - "title": "DbName", - "type": "string" - }, - "DefaultIamRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to set as a default in the namespace.", - "title": "DefaultIamRoleArn", - "type": "string" - }, - "IamRoles": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of IAM roles to associate with the namespace.", - "title": "IamRoles", - "type": "array" + "DefaultDateTimePickerOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultDateTimePickerControlOptions", + "markdownDescription": "The default options that correspond to the filter control type of a `DateTimePicker` .", + "title": "DefaultDateTimePickerOptions" }, - "KmsKeyId": { - "markdownDescription": "The ID of the AWS Key Management Service key used to encrypt your data.", - "title": "KmsKeyId", - "type": "string" + "DefaultDropdownOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterDropDownControlOptions", + "markdownDescription": "The default options that correspond to the `Dropdown` filter control type.", + "title": "DefaultDropdownOptions" }, - "LogExports": { - "items": { - "type": "string" - }, - "markdownDescription": "The types of logs the namespace can export. Available export types are User log, Connection log, and User activity log.", - "title": "LogExports", - "type": "array" + "DefaultListOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterListControlOptions", + "markdownDescription": "The default options that correspond to the `List` filter control type.", + "title": "DefaultListOptions" }, - "NamespaceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) associated with a namespace.", - "title": "NamespaceArn", - "type": "string" + "DefaultRelativeDateTimeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultRelativeDateTimeControlOptions", + "markdownDescription": "The default options that correspond to the `RelativeDateTime` filter control type.", + "title": "DefaultRelativeDateTimeOptions" }, - "NamespaceId": { - "markdownDescription": "The unique identifier of a namespace.", - "title": "NamespaceId", - "type": "string" + "DefaultSliderOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultSliderControlOptions", + "markdownDescription": "The default options that correspond to the `Slider` filter control type.", + "title": "DefaultSliderOptions" }, - "NamespaceName": { - "markdownDescription": "The name of the namespace. Must be between 3-64 alphanumeric characters in lowercase, and it cannot be a reserved word. A list of reserved words can be found in [Reserved Words](https://docs.aws.amazon.com//redshift/latest/dg/r_pg_keywords.html) in the Amazon Redshift Database Developer Guide.", - "title": "NamespaceName", - "type": "string" + "DefaultTextAreaOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultTextAreaControlOptions", + "markdownDescription": "The default options that correspond to the `TextArea` filter control type.", + "title": "DefaultTextAreaOptions" }, - "Status": { - "markdownDescription": "The status of the namespace.", - "title": "Status", - "type": "string" + "DefaultTextFieldOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultTextFieldControlOptions", + "markdownDescription": "The default options that correspond to the `TextField` filter control type.", + "title": "DefaultTextFieldOptions" } }, "type": "object" }, - "AWS::RedshiftServerless::Namespace.SnapshotCopyConfiguration": { + "AWS::QuickSight::Dashboard.DefaultFilterDropDownControlOptions": { "additionalProperties": false, "properties": { - "DestinationKmsKeyId": { - "markdownDescription": "The ID of the KMS key to use to encrypt your snapshots in the destination AWS Region .", - "title": "DestinationKmsKeyId", + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `FilterDropDownControl` .", + "title": "CommitMode", "type": "string" }, - "DestinationRegion": { - "markdownDescription": "The destination AWS Region to copy snapshots to.", - "title": "DestinationRegion", - "type": "string" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DropDownControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" }, - "SnapshotRetentionPeriod": { - "markdownDescription": "The retention period of snapshots that are copied to the destination AWS Region .", - "title": "SnapshotRetentionPeriod", - "type": "number" + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "Type": { + "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", + "title": "Type", + "type": "string" } }, - "required": [ - "DestinationRegion" - ], "type": "object" }, - "AWS::RedshiftServerless::Workgroup": { + "AWS::QuickSight::Dashboard.DefaultFilterListControlOptions": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ListControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" }, - "Properties": { - "additionalProperties": false, - "properties": { - "BaseCapacity": { - "markdownDescription": "The base compute capacity of the workgroup in Redshift Processing Units (RPUs).", - "title": "BaseCapacity", - "type": "number" - }, - "ConfigParameters": { - "items": { - "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.ConfigParameter" - }, - "markdownDescription": "The key of the parameter. The options are `auto_mv` , `datestyle` , `enable_case_sensitive_identifier` , `enable_user_activity_logging` , `query_group` , `search_path` , `require_ssl` , `use_fips_ssl` , and query monitoring metrics that let you define performance boundaries. For more information about query monitoring rules and available metrics, see [Query monitoring metrics for Amazon Redshift Serverless](https://docs.aws.amazon.com/redshift/latest/dg/cm-c-wlm-query-monitoring-rules.html#cm-c-wlm-query-monitoring-metrics-serverless) .", - "title": "ConfigParameters", - "type": "array" - }, - "EnhancedVpcRouting": { - "markdownDescription": "The value that specifies whether to enable enhanced virtual private cloud (VPC) routing, which forces Amazon Redshift Serverless to route traffic through your VPC.", - "title": "EnhancedVpcRouting", - "type": "boolean" - }, - "MaxCapacity": { - "markdownDescription": "The maximum data-warehouse capacity Amazon Redshift Serverless uses to serve queries. The max capacity is specified in RPUs.", - "title": "MaxCapacity", - "type": "number" - }, - "NamespaceName": { - "markdownDescription": "The namespace the workgroup is associated with.", - "title": "NamespaceName", - "type": "string" - }, - "Port": { - "markdownDescription": "The custom port to use when connecting to a workgroup. Valid port ranges are 5431-5455 and 8191-8215. The default is 5439.", - "title": "Port", - "type": "number" - }, - "PubliclyAccessible": { - "markdownDescription": "A value that specifies whether the workgroup can be accessible from a public network.", - "title": "PubliclyAccessible", - "type": "boolean" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of security group IDs to associate with the workgroup.", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of subnet IDs the workgroup is associated with.", - "title": "SubnetIds", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The map of the key-value pairs used to tag the workgroup.", - "title": "Tags", - "type": "array" - }, - "WorkgroupName": { - "markdownDescription": "The name of the workgroup.", - "title": "WorkgroupName", - "type": "string" - } - }, - "required": [ - "WorkgroupName" - ], - "type": "object" + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" }, "Type": { - "enum": [ - "AWS::RedshiftServerless::Workgroup" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "markdownDescription": "The type of the `DefaultFilterListControlOptions` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list.", + "title": "Type", "type": "string" } }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DefaultFreeFormLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutCanvasSizeOptions", + "markdownDescription": "Determines the screen canvas size options for a free-form layout.", + "title": "CanvasSizeOptions" + } + }, "required": [ - "Type", - "Properties" + "CanvasSizeOptions" ], "type": "object" }, - "AWS::RedshiftServerless::Workgroup.ConfigParameter": { + "AWS::QuickSight::Dashboard.DefaultGridLayoutConfiguration": { "additionalProperties": false, "properties": { - "ParameterKey": { - "markdownDescription": "The key of the parameter. The options are `auto_mv` , `datestyle` , `enable_case_sensitive_identifier` , `enable_user_activity_logging` , `query_group` , `search_path` , `require_ssl` , `use_fips_ssl` , and query monitoring metrics that let you define performance boundaries. For more information about query monitoring rules and available metrics, see [Query monitoring metrics for Amazon Redshift Serverless](https://docs.aws.amazon.com/redshift/latest/dg/cm-c-wlm-query-monitoring-rules.html#cm-c-wlm-query-monitoring-metrics-serverless) .", - "title": "ParameterKey", - "type": "string" - }, - "ParameterValue": { - "markdownDescription": "The value of the parameter to set.", - "title": "ParameterValue", - "type": "string" + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GridLayoutCanvasSizeOptions", + "markdownDescription": "Determines the screen canvas size options for a grid layout.", + "title": "CanvasSizeOptions" } }, + "required": [ + "CanvasSizeOptions" + ], "type": "object" }, - "AWS::RedshiftServerless::Workgroup.Endpoint": { + "AWS::QuickSight::Dashboard.DefaultInteractiveLayoutConfiguration": { "additionalProperties": false, "properties": { - "Address": { - "markdownDescription": "The DNS address of the VPC endpoint.", - "title": "Address", - "type": "string" - }, - "Port": { - "markdownDescription": "The port that Amazon Redshift Serverless listens on.", - "title": "Port", - "type": "number" + "FreeForm": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFreeFormLayoutConfiguration", + "markdownDescription": "The options that determine the default settings of a free-form layout configuration.", + "title": "FreeForm" }, - "VpcEndpoints": { - "items": { - "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.VpcEndpoint" - }, - "markdownDescription": "An array of `VpcEndpoint` objects.", - "title": "VpcEndpoints", - "type": "array" + "Grid": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultGridLayoutConfiguration", + "markdownDescription": "The options that determine the default settings for a grid layout configuration.", + "title": "Grid" } }, "type": "object" }, - "AWS::RedshiftServerless::Workgroup.NetworkInterface": { + "AWS::QuickSight::Dashboard.DefaultNewSheetConfiguration": { "additionalProperties": false, "properties": { - "AvailabilityZone": { - "markdownDescription": "The availability Zone.", - "title": "AvailabilityZone", - "type": "string" - }, - "NetworkInterfaceId": { - "markdownDescription": "The unique identifier of the network interface.", - "title": "NetworkInterfaceId", - "type": "string" + "InteractiveLayoutConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultInteractiveLayoutConfiguration", + "markdownDescription": "The options that determine the default settings for interactive layout configuration.", + "title": "InteractiveLayoutConfiguration" }, - "PrivateIpAddress": { - "markdownDescription": "The IPv4 address of the network interface within the subnet.", - "title": "PrivateIpAddress", - "type": "string" + "PaginatedLayoutConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultPaginatedLayoutConfiguration", + "markdownDescription": "The options that determine the default settings for a paginated layout configuration.", + "title": "PaginatedLayoutConfiguration" }, - "SubnetId": { - "markdownDescription": "The unique identifier of the subnet.", - "title": "SubnetId", + "SheetContentType": { + "markdownDescription": "The option that determines the sheet content type.", + "title": "SheetContentType", "type": "string" } }, "type": "object" }, - "AWS::RedshiftServerless::Workgroup.VpcEndpoint": { + "AWS::QuickSight::Dashboard.DefaultPaginatedLayoutConfiguration": { "additionalProperties": false, "properties": { - "NetworkInterfaces": { - "items": { - "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.NetworkInterface" - }, - "markdownDescription": "One or more network interfaces of the endpoint. Also known as an interface endpoint.", - "title": "NetworkInterfaces", - "type": "array" - }, - "VpcEndpointId": { - "markdownDescription": "The connection endpoint ID for connecting to Amazon Redshift Serverless.", - "title": "VpcEndpointId", - "type": "string" - }, - "VpcId": { - "markdownDescription": "The VPC identifier that the endpoint is associated with.", - "title": "VpcId", - "type": "string" + "SectionBased": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultSectionBasedLayoutConfiguration", + "markdownDescription": "The options that determine the default settings for a section-based layout configuration.", + "title": "SectionBased" } }, "type": "object" }, - "AWS::RedshiftServerless::Workgroup.Workgroup": { + "AWS::QuickSight::Dashboard.DefaultRelativeDateTimeControlOptions": { "additionalProperties": false, "properties": { - "BaseCapacity": { - "markdownDescription": "The base data warehouse capacity of the workgroup in Redshift Processing Units (RPUs).", - "title": "BaseCapacity", - "type": "number" - }, - "ConfigParameters": { - "items": { - "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.ConfigParameter" - }, - "markdownDescription": "An array of parameters to set for advanced control over a database. The options are `auto_mv` , `datestyle` , `enable_case_sensitive_identifier` , `enable_user_activity_logging` , `query_group` , `search_path` , `require_ssl` , `use_fips_ssl` , and query monitoring metrics that let you define performance boundaries. For more information about query monitoring rules and available metrics, see [Query monitoring metrics for Amazon Redshift Serverless](https://docs.aws.amazon.com/redshift/latest/dg/cm-c-wlm-query-monitoring-rules.html#cm-c-wlm-query-monitoring-metrics-serverless) .", - "title": "ConfigParameters", - "type": "array" - }, - "CreationDate": { - "markdownDescription": "The creation date of the workgroup.", - "title": "CreationDate", - "type": "string" - }, - "Endpoint": { - "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.Endpoint", - "markdownDescription": "The endpoint that is created from the workgroup.", - "title": "Endpoint" - }, - "EnhancedVpcRouting": { - "markdownDescription": "The value that specifies whether to enable enhanced virtual private cloud (VPC) routing, which forces Amazon Redshift Serverless to route traffic through your VPC.", - "title": "EnhancedVpcRouting", - "type": "boolean" - }, - "MaxCapacity": { - "markdownDescription": "The maximum data-warehouse capacity Amazon Redshift Serverless uses to serve queries. The max capacity is specified in RPUs.", - "title": "MaxCapacity", - "type": "number" - }, - "NamespaceName": { - "markdownDescription": "The namespace the workgroup is associated with.", - "title": "NamespaceName", - "type": "string" - }, - "PubliclyAccessible": { - "markdownDescription": "A value that specifies whether the workgroup can be accessible from a public network.", - "title": "PubliclyAccessible", - "type": "boolean" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of security group IDs to associate with the workgroup.", - "title": "SecurityGroupIds", - "type": "array" - }, - "Status": { - "markdownDescription": "The status of the workgroup.", - "title": "Status", - "type": "string" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of subnet IDs the workgroup is associated with.", - "title": "SubnetIds", - "type": "array" - }, - "WorkgroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) that links to the workgroup.", - "title": "WorkgroupArn", - "type": "string" - }, - "WorkgroupId": { - "markdownDescription": "The unique identifier of the workgroup.", - "title": "WorkgroupId", + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `RelativeDateTimeControl` .", + "title": "CommitMode", "type": "string" }, - "WorkgroupName": { - "markdownDescription": "The name of the workgroup.", - "title": "WorkgroupName", - "type": "string" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RelativeDateTimeControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" } }, "type": "object" }, - "AWS::RefactorSpaces::Application": { + "AWS::QuickSight::Dashboard.DefaultSectionBasedLayoutConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionBasedLayoutCanvasSizeOptions", + "markdownDescription": "Determines the screen canvas size options for a section-based layout.", + "title": "CanvasSizeOptions" + } + }, + "required": [ + "CanvasSizeOptions" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.DefaultSliderControlOptions": { + "additionalProperties": false, + "properties": { + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SliderControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "MaximumValue": { + "markdownDescription": "The larger value that is displayed at the right of the slider.", + "title": "MaximumValue", + "type": "number" }, - "Metadata": { - "type": "object" + "MinimumValue": { + "markdownDescription": "The smaller value that is displayed at the left of the slider.", + "title": "MinimumValue", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ApiGatewayProxy": { - "$ref": "#/definitions/AWS::RefactorSpaces::Application.ApiGatewayProxyInput", - "markdownDescription": "The endpoint URL of the Amazon API Gateway proxy.", - "title": "ApiGatewayProxy" - }, - "EnvironmentIdentifier": { - "markdownDescription": "The unique identifier of the environment.", - "title": "EnvironmentIdentifier", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the application.", - "title": "Name", - "type": "string" - }, - "ProxyType": { - "markdownDescription": "The proxy type of the proxy created within the application.", - "title": "ProxyType", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags assigned to the application.", - "title": "Tags", - "type": "array" - }, - "VpcId": { - "markdownDescription": "The ID of the virtual private cloud (VPC).", - "title": "VpcId", - "type": "string" - } - }, - "required": [ - "EnvironmentIdentifier", - "Name", - "ProxyType", - "VpcId" - ], - "type": "object" + "StepSize": { + "markdownDescription": "The number of increments that the slider bar is divided into.", + "title": "StepSize", + "type": "number" }, "Type": { - "enum": [ - "AWS::RefactorSpaces::Application" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "markdownDescription": "The type of the `DefaultSliderControlOptions` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range.", + "title": "Type", "type": "string" } }, "required": [ - "Type", - "Properties" + "MaximumValue", + "MinimumValue", + "StepSize" ], "type": "object" }, - "AWS::RefactorSpaces::Application.ApiGatewayProxyInput": { + "AWS::QuickSight::Dashboard.DefaultTextAreaControlOptions": { "additionalProperties": false, "properties": { - "EndpointType": { - "markdownDescription": "The type of endpoint to use for the API Gateway proxy. If no value is specified in the request, the value is set to `REGIONAL` by default.\n\nIf the value is set to `PRIVATE` in the request, this creates a private API endpoint that is isolated from the public internet. The private endpoint can only be accessed by using Amazon Virtual Private Cloud (Amazon VPC) interface endpoints for the Amazon API Gateway that has been granted access. For more information about creating a private connection with Refactor Spaces and interface endpoint ( AWS PrivateLink ) availability, see [Access Refactor Spaces using an interface endpoint ( AWS PrivateLink )](https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/userguide/vpc-interface-endpoints.html) .", - "title": "EndpointType", + "Delimiter": { + "markdownDescription": "The delimiter that is used to separate the lines in text.", + "title": "Delimiter", "type": "string" }, - "StageName": { - "markdownDescription": "The name of the API Gateway stage. The name defaults to `prod` .", - "title": "StageName", - "type": "string" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextAreaControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" } }, "type": "object" }, - "AWS::RefactorSpaces::Environment": { + "AWS::QuickSight::Dashboard.DefaultTextFieldControlOptions": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextFieldControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DestinationParameterValueConfiguration": { + "additionalProperties": false, + "properties": { + "CustomValuesConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomValuesConfiguration", + "markdownDescription": "The configuration of custom values for destination parameter in `DestinationParameterValueConfiguration` .", + "title": "CustomValuesConfiguration" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SelectAllValueOptions": { + "markdownDescription": "The configuration that selects all options.", + "title": "SelectAllValueOptions", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description of the environment.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the environment.", - "title": "Name", - "type": "string" - }, - "NetworkFabricType": { - "markdownDescription": "The network fabric type of the environment.", - "title": "NetworkFabricType", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags assigned to the environment.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Name", - "NetworkFabricType" - ], - "type": "object" + "SourceColumn": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "A column of a data set.", + "title": "SourceColumn" }, - "Type": { - "enum": [ - "AWS::RefactorSpaces::Environment" - ], + "SourceField": { + "markdownDescription": "The source field ID of the destination parameter.", + "title": "SourceField", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SourceParameterName": { + "markdownDescription": "The source parameter name of the destination parameter.", + "title": "SourceParameterName", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::RefactorSpaces::Route": { + "AWS::QuickSight::Dashboard.DimensionField": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ApplicationIdentifier": { - "markdownDescription": "The unique identifier of the application.", - "title": "ApplicationIdentifier", - "type": "string" - }, - "DefaultRoute": { - "$ref": "#/definitions/AWS::RefactorSpaces::Route.DefaultRouteInput", - "markdownDescription": "Configuration for the default route type.", - "title": "DefaultRoute" - }, - "EnvironmentIdentifier": { - "markdownDescription": "The unique identifier of the environment.", - "title": "EnvironmentIdentifier", - "type": "string" - }, - "RouteType": { - "markdownDescription": "The route type of the route.", - "title": "RouteType", - "type": "string" - }, - "ServiceIdentifier": { - "markdownDescription": "The unique identifier of the service.", - "title": "ServiceIdentifier", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags assigned to the route.", - "title": "Tags", - "type": "array" - }, - "UriPathRoute": { - "$ref": "#/definitions/AWS::RefactorSpaces::Route.UriPathRouteInput", - "markdownDescription": "The configuration for the URI path route type.", - "title": "UriPathRoute" - } - }, - "required": [ - "ApplicationIdentifier", - "EnvironmentIdentifier", - "RouteType", - "ServiceIdentifier" - ], - "type": "object" + "CategoricalDimensionField": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CategoricalDimensionField", + "markdownDescription": "The dimension type field with categorical type columns.", + "title": "CategoricalDimensionField" }, - "Type": { - "enum": [ - "AWS::RefactorSpaces::Route" - ], - "type": "string" + "DateDimensionField": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateDimensionField", + "markdownDescription": "The dimension type field with date type columns.", + "title": "DateDimensionField" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "NumericalDimensionField": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericalDimensionField", + "markdownDescription": "The dimension type field with numerical type columns.", + "title": "NumericalDimensionField" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::RefactorSpaces::Route.DefaultRouteInput": { + "AWS::QuickSight::Dashboard.DonutCenterOptions": { "additionalProperties": false, "properties": { - "ActivationState": { - "markdownDescription": "If set to `ACTIVE` , traffic is forwarded to this route\u2019s service after the route is created.", - "title": "ActivationState", + "LabelVisibility": { + "markdownDescription": "Determines the visibility of the label in a donut chart. In the Amazon QuickSight console, this option is called `'Show total'` .", + "title": "LabelVisibility", "type": "string" } }, - "required": [ - "ActivationState" - ], "type": "object" }, - "AWS::RefactorSpaces::Route.UriPathRouteInput": { + "AWS::QuickSight::Dashboard.DonutOptions": { "additionalProperties": false, "properties": { - "ActivationState": { - "markdownDescription": "If set to `ACTIVE` , traffic is forwarded to this route\u2019s service after the route is created.", - "title": "ActivationState", - "type": "string" - }, - "AppendSourcePath": { - "markdownDescription": "If set to `true` , this option appends the source path to the service URL endpoint.", - "title": "AppendSourcePath", - "type": "boolean" + "ArcOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ArcOptions", + "markdownDescription": "The option for define the arc of the chart shape. Valid values are as follows:\n\n- `WHOLE` - A pie chart\n- `SMALL` - A small-sized donut chart\n- `MEDIUM` - A medium-sized donut chart\n- `LARGE` - A large-sized donut chart", + "title": "ArcOptions" }, - "IncludeChildPaths": { - "markdownDescription": "Indicates whether to match all subpaths of the given source path. If this value is `false` , requests must match the source path exactly before they are forwarded to this route's service.", - "title": "IncludeChildPaths", - "type": "boolean" + "DonutCenterOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DonutCenterOptions", + "markdownDescription": "The label options of the label that is displayed in the center of a donut chart. This option isn't available for pie charts.", + "title": "DonutCenterOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DrillDownFilter": { + "additionalProperties": false, + "properties": { + "CategoryFilter": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CategoryDrillDownFilter", + "markdownDescription": "The category type drill down filter. This filter is used for string type columns.", + "title": "CategoryFilter" }, - "Methods": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of HTTP methods to match. An empty list matches all values. If a method is present, only HTTP requests using that method are forwarded to this route\u2019s service.", - "title": "Methods", - "type": "array" + "NumericEqualityFilter": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericEqualityDrillDownFilter", + "markdownDescription": "The numeric equality type drill down filter. This filter is used for number type columns.", + "title": "NumericEqualityFilter" }, - "SourcePath": { - "markdownDescription": "This is the path that Refactor Spaces uses to match traffic. Paths must start with `/` and are relative to the base of the application. To use path parameters in the source path, add a variable in curly braces. For example, the resource path {user} represents a path parameter called 'user'.", - "title": "SourcePath", - "type": "string" + "TimeRangeFilter": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TimeRangeDrillDownFilter", + "markdownDescription": "The time range drill down filter. This filter is used for date time columns.", + "title": "TimeRangeFilter" } }, - "required": [ - "ActivationState" - ], "type": "object" }, - "AWS::RefactorSpaces::Service": { + "AWS::QuickSight::Dashboard.DropDownControlDisplayOptions": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "SelectAllOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ListControlSelectAllOptions", + "markdownDescription": "The configuration of the `Select all` options in a dropdown control.", + "title": "SelectAllOptions" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DynamicDefaultValue": { + "additionalProperties": false, + "properties": { + "DefaultValueColumn": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that contains the default value of each user or group.", + "title": "DefaultValueColumn" }, - "Metadata": { - "type": "object" + "GroupNameColumn": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that contains the group name.", + "title": "GroupNameColumn" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ApplicationIdentifier": { - "markdownDescription": "The unique identifier of the application.", - "title": "ApplicationIdentifier", - "type": "string" - }, - "Description": { - "markdownDescription": "A description of the service.", - "title": "Description", - "type": "string" - }, - "EndpointType": { - "markdownDescription": "The endpoint type of the service.", - "title": "EndpointType", - "type": "string" - }, - "EnvironmentIdentifier": { - "markdownDescription": "The unique identifier of the environment.", - "title": "EnvironmentIdentifier", - "type": "string" - }, - "LambdaEndpoint": { - "$ref": "#/definitions/AWS::RefactorSpaces::Service.LambdaEndpointInput", - "markdownDescription": "A summary of the configuration for the AWS Lambda endpoint type.", - "title": "LambdaEndpoint" - }, - "Name": { - "markdownDescription": "The name of the service.", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags assigned to the service.", - "title": "Tags", - "type": "array" - }, - "UrlEndpoint": { - "$ref": "#/definitions/AWS::RefactorSpaces::Service.UrlEndpointInput", - "markdownDescription": "The summary of the configuration for the URL endpoint type.", - "title": "UrlEndpoint" - }, - "VpcId": { - "markdownDescription": "The ID of the virtual private cloud (VPC).", - "title": "VpcId", - "type": "string" - } + "UserNameColumn": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that contains the username.", + "title": "UserNameColumn" + } + }, + "required": [ + "DefaultValueColumn" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.EmptyVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" }, - "required": [ - "ApplicationIdentifier", - "EndpointType", - "EnvironmentIdentifier", - "Name" - ], - "type": "object" + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" }, - "Type": { - "enum": [ - "AWS::RefactorSpaces::Service" - ], + "DataSetIdentifier": { + "markdownDescription": "The data set that is used in the empty visual. Every visual requires a dataset to render.", + "title": "DataSetIdentifier", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", "type": "string" } }, "required": [ - "Type", - "Properties" + "DataSetIdentifier", + "VisualId" ], "type": "object" }, - "AWS::RefactorSpaces::Service.LambdaEndpointInput": { + "AWS::QuickSight::Dashboard.Entity": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function or alias.", - "title": "Arn", + "Path": { + "markdownDescription": "The hierarchical path of the entity within the analysis, template, or dashboard definition tree.", + "title": "Path", "type": "string" } }, - "required": [ - "Arn" - ], "type": "object" }, - "AWS::RefactorSpaces::Service.UrlEndpointInput": { + "AWS::QuickSight::Dashboard.ExcludePeriodConfiguration": { "additionalProperties": false, "properties": { - "HealthUrl": { - "markdownDescription": "The health check URL of the URL endpoint type. If the URL is a public endpoint, the `HealthUrl` must also be a public endpoint. If the URL is a private endpoint inside a virtual private cloud (VPC), the health URL must also be a private endpoint, and the host must be the same as the URL.", - "title": "HealthUrl", + "Amount": { + "markdownDescription": "The amount or number of the exclude period.", + "title": "Amount", + "type": "number" + }, + "Granularity": { + "markdownDescription": "The granularity or unit (day, month, year) of the exclude period.", + "title": "Granularity", "type": "string" }, - "Url": { - "markdownDescription": "The URL to route traffic to. The URL must be an [rfc3986-formatted URL](https://docs.aws.amazon.com/https://datatracker.ietf.org/doc/html/rfc3986) . If the host is a domain name, the name must be resolvable over the public internet. If the scheme is `https` , the top level domain of the host must be listed in the [IANA root zone database](https://docs.aws.amazon.com/https://www.iana.org/domains/root/db) .", - "title": "Url", + "Status": { + "markdownDescription": "The status of the exclude period. Choose from the following options:\n\n- `ENABLED`\n- `DISABLED`", + "title": "Status", "type": "string" } }, "required": [ - "Url" + "Amount", + "Granularity" ], "type": "object" }, - "AWS::Rekognition::Collection": { + "AWS::QuickSight::Dashboard.ExplicitHierarchy": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "CollectionId": { - "markdownDescription": "ID for the collection that you are creating.", - "title": "CollectionId", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A set of tags (key-value pairs) that you want to attach to the collection.", - "title": "Tags", - "type": "array" - } + "Columns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier" }, - "required": [ - "CollectionId" - ], - "type": "object" + "markdownDescription": "The list of columns that define the explicit hierarchy.", + "title": "Columns", + "type": "array" }, - "Type": { - "enum": [ - "AWS::Rekognition::Collection" - ], - "type": "string" + "DrillDownFilters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DrillDownFilter" + }, + "markdownDescription": "The option that determines the drill down filters for the explicit hierarchy.", + "title": "DrillDownFilters", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "HierarchyId": { + "markdownDescription": "The hierarchy ID of the explicit hierarchy.", + "title": "HierarchyId", "type": "string" } }, "required": [ - "Type", - "Properties" + "Columns", + "HierarchyId" ], "type": "object" }, - "AWS::Rekognition::Project": { + "AWS::QuickSight::Dashboard.ExportHiddenFieldsOption": { "additionalProperties": false, "properties": { - "Condition": { + "AvailabilityStatus": { + "markdownDescription": "The status of the export hidden fields options of a dashbaord.", + "title": "AvailabilityStatus", "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ExportToCSVOption": { + "additionalProperties": false, + "properties": { + "AvailabilityStatus": { + "markdownDescription": "Availability status.", + "title": "AvailabilityStatus", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ExportWithHiddenFieldsOption": { + "additionalProperties": false, + "properties": { + "AvailabilityStatus": { + "markdownDescription": "The status of the export with hidden fields options.", + "title": "AvailabilityStatus", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FieldBasedTooltip": { + "additionalProperties": false, + "properties": { + "AggregationVisibility": { + "markdownDescription": "The visibility of `Show aggregations` .", + "title": "AggregationVisibility", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ProjectName": { - "markdownDescription": "The name of the project to create.", - "title": "ProjectName", - "type": "string" - } + "TooltipFields": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipItem" }, - "required": [ - "ProjectName" - ], - "type": "object" + "markdownDescription": "The fields configuration in the tooltip.", + "title": "TooltipFields", + "type": "array" }, - "Type": { - "enum": [ - "AWS::Rekognition::Project" - ], + "TooltipTitleType": { + "markdownDescription": "The type for the >tooltip title. Choose one of the following options:\n\n- `NONE` : Doesn't use the primary value as the title.\n- `PRIMARY_VALUE` : Uses primary value as the title.", + "title": "TooltipTitleType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FieldLabelType": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "Indicates the field that is targeted by the field label.", + "title": "FieldId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Visibility": { + "markdownDescription": "The visibility of the field label.", + "title": "Visibility", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Rekognition::StreamProcessor": { + "AWS::QuickSight::Dashboard.FieldSeriesItem": { "additionalProperties": false, "properties": { - "Condition": { + "AxisBinding": { + "markdownDescription": "The axis that you are binding the field to.", + "title": "AxisBinding", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FieldId": { + "markdownDescription": "The field ID of the field for which you are setting the axis binding.", + "title": "FieldId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "BoundingBoxRegionsOfInterest": { - "items": { - "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.BoundingBox" - }, - "markdownDescription": "List of BoundingBox objects, each of which denotes a region of interest on screen. For more information, see the BoundingBox field of [RegionOfInterest](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_RegionOfInterest) .", - "title": "BoundingBoxRegionsOfInterest", - "type": "array" - }, - "ConnectedHomeSettings": { - "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.ConnectedHomeSettings", - "markdownDescription": "Connected home settings to use on a streaming video. You can use a stream processor for connected home features and select what you want the stream processor to detect, such as people or pets. When the stream processor has started, one notification is sent for each object class specified. For more information, see the ConnectedHome section of [StreamProcessorSettings](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StreamProcessorSettings) .", - "title": "ConnectedHomeSettings" - }, - "DataSharingPreference": { - "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.DataSharingPreference", - "markdownDescription": "Allows you to opt in or opt out to share data with Rekognition to improve model performance. You can choose this option at the account level or on a per-stream basis. Note that if you opt out at the account level this setting is ignored on individual streams. For more information, see [StreamProcessorDataSharingPreference](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StreamProcessorDataSharingPreference) .", - "title": "DataSharingPreference" - }, - "FaceSearchSettings": { - "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.FaceSearchSettings", - "markdownDescription": "The input parameters used to recognize faces in a streaming video analyzed by an Amazon Rekognition stream processor. For more information regarding the contents of the parameters, see [FaceSearchSettings](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_FaceSearchSettings) .", - "title": "FaceSearchSettings" - }, - "KinesisDataStream": { - "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.KinesisDataStream", - "markdownDescription": "Amazon Rekognition's Video Stream Processor takes a Kinesis video stream as input. This is the Amazon Kinesis Data Streams instance to which the Amazon Rekognition stream processor streams the analysis results. This must be created within the constraints specified at [KinesisDataStream](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_KinesisDataStream) .", - "title": "KinesisDataStream" - }, - "KinesisVideoStream": { - "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.KinesisVideoStream", - "markdownDescription": "The Kinesis video stream that provides the source of the streaming video for an Amazon Rekognition Video stream processor. For more information, see [KinesisVideoStream](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_KinesisVideoStream) .", - "title": "KinesisVideoStream" - }, - "KmsKeyId": { - "markdownDescription": "The identifier for your Amazon Key Management Service key (Amazon KMS key). Optional parameter for connected home stream processors used to encrypt results and data published to your Amazon S3 bucket. For more information, see the KMSKeyId section of [CreateStreamProcessor](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_CreateStreamProcessor) .", - "title": "KmsKeyId", - "type": "string" - }, - "Name": { - "markdownDescription": "The Name attribute specifies the name of the stream processor and it must be within the constraints described in the Name section of [StreamProcessor](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StreamProcessor) . If you don't specify a name, Amazon CloudFormation generates a unique ID and uses that ID for the stream processor name.", - "title": "Name", - "type": "string" - }, - "NotificationChannel": { - "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.NotificationChannel", - "markdownDescription": "The Amazon Simple Notification Service topic to which Amazon Rekognition publishes the object detection results and completion status of a video analysis operation. Amazon Rekognition publishes a notification the first time an object of interest or a person is detected in the video stream. Amazon Rekognition also publishes an end-of-session notification with a summary when the stream processing session is complete. For more information, see [StreamProcessorNotificationChannel](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StreamProcessorNotificationChannel) .", - "title": "NotificationChannel" - }, - "PolygonRegionsOfInterest": { - "markdownDescription": "A set of ordered lists of [Point](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_Point) objects. Each entry of the set contains a polygon denoting a region of interest on the screen. Each polygon is an ordered list of [Point](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_Point) objects. For more information, see the Polygon field of [RegionOfInterest](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_RegionOfInterest) .", - "title": "PolygonRegionsOfInterest", - "type": "object" - }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role that allows access to the stream processor. The IAM role provides Rekognition read permissions to the Kinesis stream. It also provides write permissions to an Amazon S3 bucket and Amazon Simple Notification Service topic for a connected home stream processor. This is required for both face search and connected home stream processors. For information about constraints, see the RoleArn section of [CreateStreamProcessor](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_CreateStreamProcessor) .", - "title": "RoleArn", - "type": "string" - }, - "S3Destination": { - "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.S3Destination", - "markdownDescription": "The Amazon S3 bucket location to which Amazon Rekognition publishes the detailed inference results of a video analysis operation. For more information, see the S3Destination section of [StreamProcessorOutput](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StreamProcessorOutput) .", - "title": "S3Destination" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A set of tags (key-value pairs) that you want to attach to the stream processor. For more information, see the Tags section of [CreateStreamProcessor](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_CreateStreamProcessor) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "KinesisVideoStream", - "RoleArn" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Rekognition::StreamProcessor" - ], + "Settings": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartSeriesSettings", + "markdownDescription": "The options that determine the presentation of line series associated to the field.", + "title": "Settings" + } + }, + "required": [ + "AxisBinding", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.FieldSort": { + "additionalProperties": false, + "properties": { + "Direction": { + "markdownDescription": "The sort direction. Choose one of the following options:\n\n- `ASC` : Ascending\n- `DESC` : Descending", + "title": "Direction", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FieldId": { + "markdownDescription": "The sort configuration target field.", + "title": "FieldId", "type": "string" } }, "required": [ - "Type", - "Properties" + "Direction", + "FieldId" ], "type": "object" }, - "AWS::Rekognition::StreamProcessor.BoundingBox": { + "AWS::QuickSight::Dashboard.FieldSortOptions": { "additionalProperties": false, "properties": { - "Height": { - "markdownDescription": "Height of the bounding box as a ratio of the overall image height.", - "title": "Height", - "type": "number" + "ColumnSort": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnSort", + "markdownDescription": "The sort configuration for a column that is not used in a field well.", + "title": "ColumnSort" }, - "Left": { - "markdownDescription": "Left coordinate of the bounding box as a ratio of overall image width.", - "title": "Left", - "type": "number" + "FieldSort": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSort", + "markdownDescription": "The sort configuration for a field in a field well.", + "title": "FieldSort" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FieldTooltipItem": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The unique ID of the field that is targeted by the tooltip.", + "title": "FieldId", + "type": "string" }, - "Top": { - "markdownDescription": "Top coordinate of the bounding box as a ratio of overall image height.", - "title": "Top", - "type": "number" + "Label": { + "markdownDescription": "The label of the tooltip item.", + "title": "Label", + "type": "string" }, - "Width": { - "markdownDescription": "Width of the bounding box as a ratio of the overall image width.", - "title": "Width", - "type": "number" + "TooltipTarget": { + "markdownDescription": "Determines the target of the field tooltip item in a combo chart visual.", + "title": "TooltipTarget", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the tooltip item.", + "title": "Visibility", + "type": "string" } }, "required": [ - "Height", - "Left", - "Top", - "Width" + "FieldId" ], "type": "object" }, - "AWS::Rekognition::StreamProcessor.ConnectedHomeSettings": { + "AWS::QuickSight::Dashboard.FilledMapAggregatedFieldWells": { "additionalProperties": false, "properties": { - "Labels": { + "Geospatial": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, - "markdownDescription": "Specifies what you want to detect in the video, such as people, packages, or pets. The current valid labels you can include in this list are: \"PERSON\", \"PET\", \"PACKAGE\", and \"ALL\".", - "title": "Labels", + "markdownDescription": "The aggregated location field well of the filled map. Values are grouped by location fields.", + "title": "Geospatial", "type": "array" }, - "MinConfidence": { - "markdownDescription": "The minimum confidence required to label an object in the video.", - "title": "MinConfidence", - "type": "number" + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The aggregated color field well of a filled map. Values are aggregated based on location fields.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FilledMapConditionalFormatting": { + "additionalProperties": false, + "properties": { + "ConditionalFormattingOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapConditionalFormattingOption" + }, + "markdownDescription": "Conditional formatting options of a `FilledMapVisual` .", + "title": "ConditionalFormattingOptions", + "type": "array" } }, "required": [ - "Labels" + "ConditionalFormattingOptions" ], "type": "object" }, - "AWS::Rekognition::StreamProcessor.DataSharingPreference": { + "AWS::QuickSight::Dashboard.FilledMapConditionalFormattingOption": { "additionalProperties": false, "properties": { - "OptIn": { - "markdownDescription": "Describes the opt-in status applied to a stream processor's data sharing policy.", - "title": "OptIn", - "type": "boolean" + "Shape": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapShapeConditionalFormatting", + "markdownDescription": "The conditional formatting that determines the shape of the filled map.", + "title": "Shape" } }, "required": [ - "OptIn" + "Shape" ], "type": "object" }, - "AWS::Rekognition::StreamProcessor.FaceSearchSettings": { + "AWS::QuickSight::Dashboard.FilledMapConfiguration": { "additionalProperties": false, "properties": { - "CollectionId": { - "markdownDescription": "The ID of a collection that contains faces that you want to search for.", - "title": "CollectionId", - "type": "string" + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" }, - "FaceMatchThreshold": { - "markdownDescription": "Minimum face match confidence score that must be met to return a result for a recognized face. The default is 80. 0 is the lowest confidence. 100 is the highest confidence. Values between 0 and 100 are accepted, and values lower than 80 are set to 80.", - "title": "FaceMatchThreshold", - "type": "number" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "MapStyleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapStyleOptions", + "markdownDescription": "The map style options of the filled map visual.", + "title": "MapStyleOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapSortConfiguration", + "markdownDescription": "The sort configuration of a `FilledMapVisual` .", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + }, + "WindowOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialWindowOptions", + "markdownDescription": "The window options of the filled map visual.", + "title": "WindowOptions" } }, - "required": [ - "CollectionId" - ], "type": "object" }, - "AWS::Rekognition::StreamProcessor.KinesisDataStream": { + "AWS::QuickSight::Dashboard.FilledMapFieldWells": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "ARN of the output Amazon Kinesis Data Streams stream.", - "title": "Arn", - "type": "string" + "FilledMapAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapAggregatedFieldWells", + "markdownDescription": "The aggregated field well of the filled map.", + "title": "FilledMapAggregatedFieldWells" } }, - "required": [ - "Arn" - ], "type": "object" }, - "AWS::Rekognition::StreamProcessor.KinesisVideoStream": { + "AWS::QuickSight::Dashboard.FilledMapShapeConditionalFormatting": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "ARN of the Kinesis video stream stream that streams the source video.", - "title": "Arn", + "FieldId": { + "markdownDescription": "The field ID of the filled map shape.", + "title": "FieldId", "type": "string" + }, + "Format": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ShapeConditionalFormat", + "markdownDescription": "The conditional formatting that determines the background color of a filled map's shape.", + "title": "Format" } }, "required": [ - "Arn" + "FieldId" ], "type": "object" }, - "AWS::Rekognition::StreamProcessor.NotificationChannel": { + "AWS::QuickSight::Dashboard.FilledMapSortConfiguration": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The ARN of the SNS topic that receives notifications.", - "title": "Arn", - "type": "string" + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the location fields.", + "title": "CategorySort", + "type": "array" } }, - "required": [ - "Arn" - ], "type": "object" }, - "AWS::Rekognition::StreamProcessor.S3Destination": { + "AWS::QuickSight::Dashboard.FilledMapVisual": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "Describes the destination Amazon Simple Storage Service (Amazon S3) bucket name of a stream processor's exports.", - "title": "BucketName", + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "ConditionalFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapConditionalFormatting", + "markdownDescription": "The conditional formatting of a `FilledMapVisual` .", + "title": "ConditionalFormatting" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", "type": "string" }, - "ObjectKeyPrefix": { - "markdownDescription": "Describes the destination Amazon Simple Storage Service (Amazon S3) object keys of a stream processor's exports.", - "title": "ObjectKeyPrefix", + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", "type": "string" } }, "required": [ - "BucketName" + "VisualId" ], "type": "object" }, - "AWS::ResilienceHub::App": { + "AWS::QuickSight::Dashboard.Filter": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "CategoryFilter": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CategoryFilter", + "markdownDescription": "A `CategoryFilter` filters text values.\n\nFor more information, see [Adding text filters](https://docs.aws.amazon.com/quicksight/latest/user/add-a-text-filter-data-prep.html) in the *Amazon QuickSight User Guide* .", + "title": "CategoryFilter" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "NestedFilter": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NestedFilter", + "markdownDescription": "A `NestedFilter` filters data with a subset of data that is defined by the nested inner filter.", + "title": "NestedFilter" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "NumericEqualityFilter": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericEqualityFilter", + "markdownDescription": "A `NumericEqualityFilter` filters numeric values that equal or do not equal a given numeric value.", + "title": "NumericEqualityFilter" }, - "Metadata": { - "type": "object" + "NumericRangeFilter": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericRangeFilter", + "markdownDescription": "A `NumericRangeFilter` filters numeric values that are either inside or outside a given numeric range.", + "title": "NumericRangeFilter" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AppAssessmentSchedule": { - "markdownDescription": "Assessment execution schedule with 'Daily' or 'Disabled' values.", - "title": "AppAssessmentSchedule", - "type": "string" - }, - "AppTemplateBody": { - "markdownDescription": "A JSON string that provides information about your application structure. To learn more about the `appTemplateBody` template, see the sample template in [Sample appTemplateBody template](https://docs.aws.amazon.com//resilience-hub/latest/APIReference/API_PutDraftAppVersionTemplate.html#API_PutDraftAppVersionTemplate_Examples) .\n\nThe `appTemplateBody` JSON string has the following structure:\n\n- *`resources`*\n\nThe list of logical resources that needs to be included in the AWS Resilience Hub application.\n\nType: Array\n\n> Don't add the resources that you want to exclude. \n\nEach `resources` array item includes the following fields:\n\n- *`logicalResourceId`*\n\nThe logical identifier of the resource.\n\nType: Object\n\nEach `logicalResourceId` object includes the following fields:\n\n- `identifier`\n\nIdentifier of the resource.\n\nType: String\n- `logicalStackName`\n\nName of the AWS CloudFormation stack this resource belongs to.\n\nType: String\n- `resourceGroupName`\n\nName of the resource group this resource belongs to.\n\nType: String\n- `terraformSourceName`\n\nName of the Terraform S3 state file this resource belongs to.\n\nType: String\n- `eksSourceName`\n\nName of the Amazon Elastic Kubernetes Service cluster and namespace this resource belongs to.\n\n> This parameter accepts values in \"eks-cluster/namespace\" format. \n\nType: String\n- *`type`*\n\nThe type of resource.\n\nType: string\n- *`name`*\n\nName of the resource.\n\nType: String\n- `additionalInfo`\n\nAdditional configuration parameters for an AWS Resilience Hub application. If you want to implement `additionalInfo` through the AWS Resilience Hub console rather than using an API call, see [Configure the application configuration parameters](https://docs.aws.amazon.com//resilience-hub/latest/userguide/app-config-param.html) .\n\n> Currently, this parameter accepts a key-value mapping (in a string format) of only one failover region and one associated account.\n> \n> Key: `\"failover-regions\"`\n> \n> Value: `\"[{\"region\":\"\", \"accounts\":[{\"id\":\"\"}]}]\"`\n- *`appComponents`*\n\nThe list of Application Components (AppComponent) that this resource belongs to. If an AppComponent is not part of the AWS Resilience Hub application, it will be added.\n\nType: Array\n\nEach `appComponents` array item includes the following fields:\n\n- `name`\n\nName of the AppComponent.\n\nType: String\n- `type`\n\nThe type of AppComponent. For more information about the types of AppComponent, see [Grouping resources in an AppComponent](https://docs.aws.amazon.com/resilience-hub/latest/userguide/AppComponent.grouping.html) .\n\nType: String\n- `resourceNames`\n\nThe list of included resources that are assigned to the AppComponent.\n\nType: Array of strings\n- `additionalInfo`\n\nAdditional configuration parameters for an AWS Resilience Hub application. If you want to implement `additionalInfo` through the AWS Resilience Hub console rather than using an API call, see [Configure the application configuration parameters](https://docs.aws.amazon.com//resilience-hub/latest/userguide/app-config-param.html) .\n\n> Currently, this parameter accepts a key-value mapping (in a string format) of only one failover region and one associated account.\n> \n> Key: `\"failover-regions\"`\n> \n> Value: `\"[{\"region\":\"\", \"accounts\":[{\"id\":\"\"}]}]\"`\n- *`excludedResources`*\n\nThe list of logical resource identifiers to be excluded from the application.\n\nType: Array\n\n> Don't add the resources that you want to include. \n\nEach `excludedResources` array item includes the following fields:\n\n- *`logicalResourceIds`*\n\nThe logical identifier of the resource.\n\nType: Object\n\n> You can configure only one of the following fields:\n> \n> - `logicalStackName`\n> - `resourceGroupName`\n> - `terraformSourceName`\n> - `eksSourceName` \n\nEach `logicalResourceIds` object includes the following fields:\n\n- `identifier`\n\nThe identifier of the resource.\n\nType: String\n- `logicalStackName`\n\nName of the AWS CloudFormation stack this resource belongs to.\n\nType: String\n- `resourceGroupName`\n\nName of the resource group this resource belongs to.\n\nType: String\n- `terraformSourceName`\n\nName of the Terraform S3 state file this resource belongs to.\n\nType: String\n- `eksSourceName`\n\nName of the Amazon Elastic Kubernetes Service cluster and namespace this resource belongs to.\n\n> This parameter accepts values in \"eks-cluster/namespace\" format. \n\nType: String\n- *`version`*\n\nThe AWS Resilience Hub application version.\n- `additionalInfo`\n\nAdditional configuration parameters for an AWS Resilience Hub application. If you want to implement `additionalInfo` through the AWS Resilience Hub console rather than using an API call, see [Configure the application configuration parameters](https://docs.aws.amazon.com//resilience-hub/latest/userguide/app-config-param.html) .\n\n> Currently, this parameter accepts a key-value mapping (in a string format) of only one failover region and one associated account.\n> \n> Key: `\"failover-regions\"`\n> \n> Value: `\"[{\"region\":\"\", \"accounts\":[{\"id\":\"\"}]}]\"`", - "title": "AppTemplateBody", - "type": "string" - }, - "Description": { - "markdownDescription": "Optional description for an application.", - "title": "Description", - "type": "string" - }, - "EventSubscriptions": { - "items": { - "$ref": "#/definitions/AWS::ResilienceHub::App.EventSubscription" - }, - "markdownDescription": "The list of events you would like to subscribe and get notification for. Currently, AWS Resilience Hub supports notifications only for *Drift detected* and *Scheduled assessment failure* events.", - "title": "EventSubscriptions", - "type": "array" - }, - "Name": { - "markdownDescription": "Name for the application.", - "title": "Name", - "type": "string" - }, - "PermissionModel": { - "$ref": "#/definitions/AWS::ResilienceHub::App.PermissionModel", - "markdownDescription": "Defines the roles and credentials that AWS Resilience Hub would use while creating the application, importing its resources, and running an assessment.", - "title": "PermissionModel" - }, - "ResiliencyPolicyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resiliency policy.", - "title": "ResiliencyPolicyArn", - "type": "string" - }, - "ResourceMappings": { - "items": { - "$ref": "#/definitions/AWS::ResilienceHub::App.ResourceMapping" - }, - "markdownDescription": "An array of `ResourceMapping` objects.", - "title": "ResourceMappings", - "type": "array" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Tags assigned to the resource. A tag is a label that you assign to an AWS resource. Each tag consists of a key/value pair.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - } - }, - "required": [ - "AppTemplateBody", - "Name", - "ResourceMappings" - ], - "type": "object" + "RelativeDatesFilter": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RelativeDatesFilter", + "markdownDescription": "A `RelativeDatesFilter` filters date values that are relative to a given date.", + "title": "RelativeDatesFilter" }, - "Type": { - "enum": [ - "AWS::ResilienceHub::App" - ], - "type": "string" + "TimeEqualityFilter": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TimeEqualityFilter", + "markdownDescription": "A `TimeEqualityFilter` filters date-time values that equal or do not equal a given date/time value.", + "title": "TimeEqualityFilter" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "TimeRangeFilter": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TimeRangeFilter", + "markdownDescription": "A `TimeRangeFilter` filters date-time values that are either inside or outside a given date/time range.", + "title": "TimeRangeFilter" + }, + "TopBottomFilter": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TopBottomFilter", + "markdownDescription": "A `TopBottomFilter` filters data to the top or bottom values for a given column.", + "title": "TopBottomFilter" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::ResilienceHub::App.EventSubscription": { + "AWS::QuickSight::Dashboard.FilterControl": { "additionalProperties": false, "properties": { - "EventType": { - "markdownDescription": "The type of event you would like to subscribe and get notification for. Currently, AWS Resilience Hub supports notifications only for *Drift detected* ( `DriftDetected` ) and *Scheduled assessment failure* ( `ScheduledAssessmentFailure` ) events.", - "title": "EventType", - "type": "string" + "CrossSheet": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterCrossSheetControl", + "markdownDescription": "A control from a filter that is scoped across more than one sheet. This represents your filter control on a sheet", + "title": "CrossSheet" }, - "Name": { - "markdownDescription": "Unique name to identify an event subscription.", - "title": "Name", - "type": "string" + "DateTimePicker": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterDateTimePickerControl", + "markdownDescription": "A control from a date filter that is used to specify date and time.", + "title": "DateTimePicker" }, - "SnsTopicArn": { - "markdownDescription": "Amazon Resource Name (ARN) of the Amazon Simple Notification Service topic. The format for this ARN is: `arn:partition:sns:region:account:topic-name` . For more information about ARNs, see [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* guide.", - "title": "SnsTopicArn", - "type": "string" + "Dropdown": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterDropDownControl", + "markdownDescription": "A control to display a dropdown list with buttons that are used to select a single value.", + "title": "Dropdown" + }, + "List": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterListControl", + "markdownDescription": "A control to display a list of buttons or boxes. This is used to select either a single value or multiple values.", + "title": "List" + }, + "RelativeDateTime": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterRelativeDateTimeControl", + "markdownDescription": "A control from a date filter that is used to specify the relative date.", + "title": "RelativeDateTime" + }, + "Slider": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterSliderControl", + "markdownDescription": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle.", + "title": "Slider" + }, + "TextArea": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterTextAreaControl", + "markdownDescription": "A control to display a text box that is used to enter multiple entries.", + "title": "TextArea" + }, + "TextField": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterTextFieldControl", + "markdownDescription": "A control to display a text box that is used to enter a single entry.", + "title": "TextField" } }, - "required": [ - "EventType", - "Name" - ], "type": "object" }, - "AWS::ResilienceHub::App.PermissionModel": { + "AWS::QuickSight::Dashboard.FilterCrossSheetControl": { "additionalProperties": false, "properties": { - "CrossAccountRoleArns": { - "items": { - "type": "string" - }, - "markdownDescription": "Defines a list of role Amazon Resource Names (ARNs) to be used in other accounts. These ARNs are used for querying purposes while importing resources and assessing your application.\n\n> - These ARNs are required only when your resources are in other accounts and you have different role name in these accounts. Else, the invoker role name will be used in the other accounts.\n> - These roles must have a trust policy with `iam:AssumeRole` permission to the invoker role in the primary account.", - "title": "CrossAccountRoleArns", - "type": "array" + "CascadingControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CascadingControlConfiguration", + "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", + "title": "CascadingControlConfiguration" }, - "InvokerRoleName": { - "markdownDescription": "Existing AWS IAM role name in the primary AWS account that will be assumed by AWS Resilience Hub Service Principle to obtain a read-only access to your application resources while running an assessment.\n\nIf your IAM role includes a path, you must include the path in the `invokerRoleName` parameter. For example, if your IAM role's ARN is `arn:aws:iam:123456789012:role/my-path/role-name` , you should pass `my-path/role-name` .\n\n> - You must have `iam:passRole` permission for this role while creating or updating the application.\n> - Currently, `invokerRoleName` accepts only `[A-Za-z0-9_+=,.@-]` characters.", - "title": "InvokerRoleName", + "FilterControlId": { + "markdownDescription": "The ID of the `FilterCrossSheetControl` .", + "title": "FilterControlId", "type": "string" }, - "Type": { - "markdownDescription": "Defines how AWS Resilience Hub scans your resources. It can scan for the resources by using a pre-existing role in your AWS account, or by using the credentials of the current IAM user.", - "title": "Type", + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterCrossSheetControl` .", + "title": "SourceFilterId", "type": "string" } }, "required": [ - "Type" + "FilterControlId", + "SourceFilterId" ], "type": "object" }, - "AWS::ResilienceHub::App.PhysicalResourceId": { + "AWS::QuickSight::Dashboard.FilterDateTimePickerControl": { "additionalProperties": false, "properties": { - "AwsAccountId": { - "markdownDescription": "The AWS account that owns the physical resource.", - "title": "AwsAccountId", + "CommitMode": { + "markdownDescription": "The visibility configurationof the Apply button on a `DateTimePickerControl` .", + "title": "CommitMode", "type": "string" }, - "AwsRegion": { - "markdownDescription": "The AWS Region that the physical resource is located in.", - "title": "AwsRegion", + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimePickerControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterDateTimePickerControl` .", + "title": "FilterControlId", "type": "string" }, - "Identifier": { - "markdownDescription": "Identifier of the physical resource.", - "title": "Identifier", + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterDateTimePickerControl` .", + "title": "SourceFilterId", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `FilterDateTimePickerControl` .", + "title": "Title", "type": "string" }, "Type": { - "markdownDescription": "Specifies the type of physical resource identifier.\n\n- **Arn** - The resource identifier is an Amazon Resource Name (ARN) and it can identify the following list of resources:\n\n- `AWS::ECS::Service`\n- `AWS::EFS::FileSystem`\n- `AWS::ElasticLoadBalancingV2::LoadBalancer`\n- `AWS::Lambda::Function`\n- `AWS::SNS::Topic`\n- **Native** - The resource identifier is an AWS Resilience Hub -native identifier and it can identify the following list of resources:\n\n- `AWS::ApiGateway::RestApi`\n- `AWS::ApiGatewayV2::Api`\n- `AWS::AutoScaling::AutoScalingGroup`\n- `AWS::DocDB::DBCluster`\n- `AWS::DocDB::DBGlobalCluster`\n- `AWS::DocDB::DBInstance`\n- `AWS::DynamoDB::GlobalTable`\n- `AWS::DynamoDB::Table`\n- `AWS::EC2::EC2Fleet`\n- `AWS::EC2::Instance`\n- `AWS::EC2::NatGateway`\n- `AWS::EC2::Volume`\n- `AWS::ElasticLoadBalancing::LoadBalancer`\n- `AWS::RDS::DBCluster`\n- `AWS::RDS::DBInstance`\n- `AWS::RDS::GlobalCluster`\n- `AWS::Route53::RecordSet`\n- `AWS::S3::Bucket`\n- `AWS::SQS::Queue`", + "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", "title": "Type", "type": "string" } }, "required": [ - "Identifier", - "Type" + "FilterControlId", + "SourceFilterId", + "Title" ], "type": "object" }, - "AWS::ResilienceHub::App.ResourceMapping": { + "AWS::QuickSight::Dashboard.FilterDropDownControl": { "additionalProperties": false, "properties": { - "EksSourceName": { - "markdownDescription": "Name of the Amazon Elastic Kubernetes Service cluster and namespace that this resource is mapped to when the `mappingType` is `EKS` .\n\n> This parameter accepts values in \"eks-cluster/namespace\" format.", - "title": "EksSourceName", - "type": "string" + "CascadingControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CascadingControlConfiguration", + "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", + "title": "CascadingControlConfiguration" }, - "LogicalStackName": { - "markdownDescription": "Name of the AWS CloudFormation stack this resource is mapped to when the `mappingType` is `CfnStack` .", - "title": "LogicalStackName", + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `FilterDropDownControl` .", + "title": "CommitMode", "type": "string" }, - "MappingType": { - "markdownDescription": "Specifies the type of resource mapping.", - "title": "MappingType", + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DropDownControlDisplayOptions", + "markdownDescription": "The display options of the `FilterDropDownControl` .", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterDropDownControl` .", + "title": "FilterControlId", "type": "string" }, - "PhysicalResourceId": { - "$ref": "#/definitions/AWS::ResilienceHub::App.PhysicalResourceId", - "markdownDescription": "Identifier of the physical resource.", - "title": "PhysicalResourceId" + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" }, - "ResourceName": { - "markdownDescription": "Name of the resource that this resource is mapped to when the `mappingType` is `Resource` .", - "title": "ResourceName", + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterDropDownControl` .", + "title": "SourceFilterId", "type": "string" }, - "TerraformSourceName": { - "markdownDescription": "Name of the Terraform source that this resource is mapped to when the `mappingType` is `Terraform` .", - "title": "TerraformSourceName", + "Title": { + "markdownDescription": "The title of the `FilterDropDownControl` .", + "title": "Title", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", + "title": "Type", "type": "string" } }, "required": [ - "MappingType", - "PhysicalResourceId" + "FilterControlId", + "SourceFilterId", + "Title" ], "type": "object" }, - "AWS::ResilienceHub::ResiliencyPolicy": { + "AWS::QuickSight::Dashboard.FilterGroup": { "additionalProperties": false, "properties": { - "Condition": { + "CrossDataset": { + "markdownDescription": "The filter new feature which can apply filter group to all data sets. Choose one of the following options:\n\n- `ALL_DATASETS`\n- `SINGLE_DATASET`", + "title": "CrossDataset", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FilterGroupId": { + "markdownDescription": "The value that uniquely identifies a `FilterGroup` within a dashboard, template, or analysis.", + "title": "FilterGroupId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DataLocationConstraint": { - "markdownDescription": "Specifies a high-level geographical location constraint for where your resilience policy data can be stored.", - "title": "DataLocationConstraint", - "type": "string" - }, - "Policy": { - "$ref": "#/definitions/AWS::ResilienceHub::ResiliencyPolicy.PolicyMap", - "markdownDescription": "The resiliency policy.", - "title": "Policy" - }, - "PolicyDescription": { - "markdownDescription": "Description of the resiliency policy.", - "title": "PolicyDescription", - "type": "string" - }, - "PolicyName": { - "markdownDescription": "The name of the policy", - "title": "PolicyName", - "type": "string" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Tags assigned to the resource. A tag is a label that you assign to an AWS resource. Each tag consists of a key/value pair.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - }, - "Tier": { - "markdownDescription": "The tier for this resiliency policy, ranging from the highest severity ( `MissionCritical` ) to lowest ( `NonCritical` ).", - "title": "Tier", - "type": "string" - } + "Filters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.Filter" }, - "required": [ - "Policy", - "PolicyName", - "Tier" - ], - "type": "object" + "markdownDescription": "The list of filters that are present in a `FilterGroup` .", + "title": "Filters", + "type": "array" }, - "Type": { - "enum": [ - "AWS::ResilienceHub::ResiliencyPolicy" - ], - "type": "string" + "ScopeConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterScopeConfiguration", + "markdownDescription": "The configuration that specifies what scope to apply to a `FilterGroup` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", + "title": "ScopeConfiguration" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Status": { + "markdownDescription": "The status of the `FilterGroup` .", + "title": "Status", "type": "string" } }, "required": [ - "Type", - "Properties" + "CrossDataset", + "FilterGroupId", + "Filters", + "ScopeConfiguration" ], "type": "object" }, - "AWS::ResilienceHub::ResiliencyPolicy.FailurePolicy": { + "AWS::QuickSight::Dashboard.FilterListConfiguration": { "additionalProperties": false, "properties": { - "RpoInSecs": { - "markdownDescription": "Recovery Point Objective (RPO) in seconds.", - "title": "RpoInSecs", - "type": "number" + "CategoryValues": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of category values for the filter.", + "title": "CategoryValues", + "type": "array" }, - "RtoInSecs": { - "markdownDescription": "Recovery Time Objective (RTO) in seconds.", - "title": "RtoInSecs", - "type": "number" + "MatchOperator": { + "markdownDescription": "The match operator that is used to determine if a filter should be applied.", + "title": "MatchOperator", + "type": "string" + }, + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" + }, + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", + "type": "string" } }, "required": [ - "RpoInSecs", - "RtoInSecs" + "MatchOperator" ], "type": "object" }, - "AWS::ResilienceHub::ResiliencyPolicy.PolicyMap": { + "AWS::QuickSight::Dashboard.FilterListControl": { "additionalProperties": false, "properties": { - "AZ": { - "$ref": "#/definitions/AWS::ResilienceHub::ResiliencyPolicy.FailurePolicy", - "markdownDescription": "Defines the RTO and RPO targets for Availability Zone disruption.", - "title": "AZ" + "CascadingControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CascadingControlConfiguration", + "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", + "title": "CascadingControlConfiguration" }, - "Hardware": { - "$ref": "#/definitions/AWS::ResilienceHub::ResiliencyPolicy.FailurePolicy", - "markdownDescription": "Defines the RTO and RPO targets for hardware disruption.", - "title": "Hardware" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ListControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" }, - "Region": { - "$ref": "#/definitions/AWS::ResilienceHub::ResiliencyPolicy.FailurePolicy", - "markdownDescription": "Defines the RTO and RPO targets for Regional disruption.", - "title": "Region" + "FilterControlId": { + "markdownDescription": "The ID of the `FilterListControl` .", + "title": "FilterControlId", + "type": "string" }, - "Software": { - "$ref": "#/definitions/AWS::ResilienceHub::ResiliencyPolicy.FailurePolicy", - "markdownDescription": "Defines the RTO and RPO targets for software disruption.", - "title": "Software" + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterListControl` .", + "title": "SourceFilterId", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `FilterListControl` .", + "title": "Title", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the `FilterListControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list.", + "title": "Type", + "type": "string" } }, "required": [ - "AZ", - "Hardware", - "Software" + "FilterControlId", + "SourceFilterId", + "Title" ], "type": "object" }, - "AWS::ResourceExplorer2::DefaultViewAssociation": { + "AWS::QuickSight::Dashboard.FilterOperationSelectedFieldsConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "SelectedColumns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier" + }, + "markdownDescription": "The selected columns of a dataset.", + "title": "SelectedColumns", + "type": "array" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SelectedFieldOptions": { + "markdownDescription": "A structure that contains the options that choose which fields are filtered in the `CustomActionFilterOperation` .\n\nValid values are defined as follows:\n\n- `ALL_FIELDS` : Applies the filter operation to all fields.", + "title": "SelectedFieldOptions", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "SelectedFields": { + "items": { + "type": "string" + }, + "markdownDescription": "Chooses the fields that are filtered in `CustomActionFilterOperation` .", + "title": "SelectedFields", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FilterOperationTargetVisualsConfiguration": { + "additionalProperties": false, + "properties": { + "SameSheetTargetVisualConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SameSheetTargetVisualConfiguration", + "markdownDescription": "The configuration of the same-sheet target visuals that you want to be filtered.", + "title": "SameSheetTargetVisualConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FilterRelativeDateTimeControl": { + "additionalProperties": false, + "properties": { + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `FilterRelativeDateTimeControl` .", + "title": "CommitMode", + "type": "string" }, - "Metadata": { - "type": "object" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RelativeDateTimeControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ViewArn": { - "markdownDescription": "The ARN of the view to set as the default for the AWS Region and AWS account in which you call this operation. The specified view must already exist in the specified Region.", - "title": "ViewArn", - "type": "string" - } - }, - "required": [ - "ViewArn" - ], - "type": "object" + "FilterControlId": { + "markdownDescription": "The ID of the `FilterTextAreaControl` .", + "title": "FilterControlId", + "type": "string" }, - "Type": { - "enum": [ - "AWS::ResourceExplorer2::DefaultViewAssociation" - ], + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterTextAreaControl` .", + "title": "SourceFilterId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Title": { + "markdownDescription": "The title of the `FilterTextAreaControl` .", + "title": "Title", "type": "string" } }, "required": [ - "Type", - "Properties" + "FilterControlId", + "SourceFilterId", + "Title" ], "type": "object" }, - "AWS::ResourceExplorer2::Index": { + "AWS::QuickSight::Dashboard.FilterScopeConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "AllSheets": { + "markdownDescription": "The configuration that applies a filter to all sheets. When you choose `AllSheets` as the value for a `FilterScopeConfiguration` , this filter is applied to all visuals of all sheets in an Analysis, Dashboard, or Template. The `AllSheetsFilterScopeConfiguration` is chosen.", + "title": "AllSheets", + "type": "object" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SelectedSheets": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SelectedSheetsFilterScopeConfiguration", + "markdownDescription": "The configuration for applying a filter to specific sheets.", + "title": "SelectedSheets" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FilterSelectableValues": { + "additionalProperties": false, + "properties": { + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The values that are used in the `FilterSelectableValues` .", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FilterSliderControl": { + "additionalProperties": false, + "properties": { + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SliderControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterSliderControl` .", + "title": "FilterControlId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "MaximumValue": { + "markdownDescription": "The larger value that is displayed at the right of the slider.", + "title": "MaximumValue", + "type": "number" }, - "Metadata": { - "type": "object" + "MinimumValue": { + "markdownDescription": "The smaller value that is displayed at the left of the slider.", + "title": "MinimumValue", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Tags": { - "additionalProperties": true, - "markdownDescription": "The specified tags are attached to only the index created in this AWS Region . The tags don't attach to any of the resources listed in the index.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - }, - "Type": { - "markdownDescription": "Specifies the type of the index in this Region. For information about the aggregator index and how it differs from a local index, see [Turning on cross-Region search by creating an aggregator index](https://docs.aws.amazon.com/resource-explorer/latest/userguide/manage-aggregator-region.html) in the *AWS Resource Explorer User Guide.* .", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterSliderControl` .", + "title": "SourceFilterId", + "type": "string" }, - "Type": { - "enum": [ - "AWS::ResourceExplorer2::Index" - ], + "StepSize": { + "markdownDescription": "The number of increments that the slider bar is divided into.", + "title": "StepSize", + "type": "number" + }, + "Title": { + "markdownDescription": "The title of the `FilterSliderControl` .", + "title": "Title", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Type": { + "markdownDescription": "The type of the `FilterSliderControl` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range.", + "title": "Type", "type": "string" } }, "required": [ - "Type", - "Properties" + "FilterControlId", + "MaximumValue", + "MinimumValue", + "SourceFilterId", + "StepSize", + "Title" ], "type": "object" }, - "AWS::ResourceExplorer2::View": { + "AWS::QuickSight::Dashboard.FilterTextAreaControl": { "additionalProperties": false, "properties": { - "Condition": { + "Delimiter": { + "markdownDescription": "The delimiter that is used to separate the lines in text.", + "title": "Delimiter", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextAreaControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterTextAreaControl` .", + "title": "FilterControlId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterTextAreaControl` .", + "title": "SourceFilterId", + "type": "string" }, - "Metadata": { - "type": "object" + "Title": { + "markdownDescription": "The title of the `FilterTextAreaControl` .", + "title": "Title", + "type": "string" + } + }, + "required": [ + "FilterControlId", + "SourceFilterId", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.FilterTextFieldControl": { + "additionalProperties": false, + "properties": { + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextFieldControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Filters": { - "$ref": "#/definitions/AWS::ResourceExplorer2::View.SearchFilter", - "markdownDescription": "An array of strings that include search keywords, prefixes, and operators that filter the results that are returned for queries made using this view. When you use this view in a [Search](https://docs.aws.amazon.com/resource-explorer/latest/apireference/API_Search.html) operation, the filter string is combined with the search's `QueryString` parameter using a logical `AND` operator.\n\nFor information about the supported syntax, see [Search query reference for Resource Explorer](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html) in the *AWS Resource Explorer User Guide* .\n\n> This query string in the context of this operation supports only [filter prefixes](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html#query-syntax-filters) with optional [operators](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html#query-syntax-operators) . It doesn't support free-form text. For example, the string `region:us* service:ec2 -tag:stage=prod` includes all Amazon EC2 resources in any AWS Region that begin with the letters `us` and are *not* tagged with a key `Stage` that has the value `prod` .", - "title": "Filters" - }, - "IncludedProperties": { - "items": { - "$ref": "#/definitions/AWS::ResourceExplorer2::View.IncludedProperty" - }, - "markdownDescription": "A list of fields that provide additional information about the view.", - "title": "IncludedProperties", - "type": "array" - }, - "Scope": { - "markdownDescription": "The root ARN of the account, an organizational unit (OU), or an organization ARN. If left empty, the default is account.", - "title": "Scope", - "type": "string" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Tag key and value pairs that are attached to the view.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - }, - "ViewName": { - "markdownDescription": "The name of the new view.", - "title": "ViewName", - "type": "string" - } - }, - "required": [ - "ViewName" - ], - "type": "object" + "FilterControlId": { + "markdownDescription": "The ID of the `FilterTextFieldControl` .", + "title": "FilterControlId", + "type": "string" }, - "Type": { - "enum": [ - "AWS::ResourceExplorer2::View" - ], + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterTextFieldControl` .", + "title": "SourceFilterId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Title": { + "markdownDescription": "The title of the `FilterTextFieldControl` .", + "title": "Title", "type": "string" } }, "required": [ - "Type", - "Properties" + "FilterControlId", + "SourceFilterId", + "Title" ], "type": "object" }, - "AWS::ResourceExplorer2::View.IncludedProperty": { + "AWS::QuickSight::Dashboard.FontConfiguration": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the property that is included in this view.", - "title": "Name", + "FontColor": { + "markdownDescription": "Determines the color of the text.", + "title": "FontColor", + "type": "string" + }, + "FontDecoration": { + "markdownDescription": "Determines the appearance of decorative lines on the text.", + "title": "FontDecoration", + "type": "string" + }, + "FontFamily": { + "markdownDescription": "The font family that you want to use.", + "title": "FontFamily", + "type": "string" + }, + "FontSize": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontSize", + "markdownDescription": "The option that determines the text display size.", + "title": "FontSize" + }, + "FontStyle": { + "markdownDescription": "Determines the text display face that is inherited by the given font family.", + "title": "FontStyle", "type": "string" + }, + "FontWeight": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontWeight", + "markdownDescription": "The option that determines the text display weight, or boldness.", + "title": "FontWeight" } }, - "required": [ - "Name" - ], "type": "object" }, - "AWS::ResourceExplorer2::View.SearchFilter": { + "AWS::QuickSight::Dashboard.FontSize": { "additionalProperties": false, "properties": { - "FilterString": { - "markdownDescription": "The string that contains the search keywords, prefixes, and operators to control the results that can be returned by a Search operation.\n\nFor information about the supported syntax, see [Search query reference](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html) in the *AWS Resource Explorer User Guide* .\n\n> This query string in the context of this operation supports only [filter prefixes](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html#query-syntax-filters) with optional [operators](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html#query-syntax-operators) . It doesn't support free-form text. For example, the string `region:us* service:ec2 -tag:stage=prod` includes all Amazon EC2 resources in any AWS Region that begin with the letters `us` and are *not* tagged with a key `Stage` that has the value `prod` .", - "title": "FilterString", + "Absolute": { + "markdownDescription": "The font size that you want to use in px.", + "title": "Absolute", + "type": "string" + }, + "Relative": { + "markdownDescription": "The lexical name for the text size, proportional to its surrounding context.", + "title": "Relative", "type": "string" } }, - "required": [ - "FilterString" - ], "type": "object" }, - "AWS::ResourceGroups::Group": { + "AWS::QuickSight::Dashboard.FontWeight": { "additionalProperties": false, "properties": { - "Condition": { + "Name": { + "markdownDescription": "The lexical name for the level of boldness of the text display.", + "title": "Name", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ForecastComputation": { + "additionalProperties": false, + "properties": { + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "CustomSeasonalityValue": { + "markdownDescription": "The custom seasonality value setup of a forecast computation.", + "title": "CustomSeasonalityValue", + "type": "number" + }, + "LowerBoundary": { + "markdownDescription": "The lower boundary setup of a forecast computation.", + "title": "LowerBoundary", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "PeriodsBackward": { + "markdownDescription": "The periods backward setup of a forecast computation.", + "title": "PeriodsBackward", + "type": "number" }, - "Metadata": { - "type": "object" + "PeriodsForward": { + "markdownDescription": "The periods forward setup of a forecast computation.", + "title": "PeriodsForward", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Configuration": { - "items": { - "$ref": "#/definitions/AWS::ResourceGroups::Group.ConfigurationItem" - }, - "markdownDescription": "The service configuration currently associated with the resource group and in effect for the members of the resource group. A `Configuration` consists of one or more `ConfigurationItem` entries. For information about service configurations for resource groups and how to construct them, see [Service configurations for resource groups](https://docs.aws.amazon.com//ARG/latest/APIReference/about-slg.html) in the *AWS Resource Groups User Guide* .\n\n> You can include either a `Configuration` or a `ResourceQuery` , but not both.", - "title": "Configuration", - "type": "array" - }, - "Description": { - "markdownDescription": "The description of the resource group.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of a resource group. The name must be unique within the AWS Region in which you create the resource. To create multiple resource groups based on the same CloudFormation stack, you must generate unique names for each.", - "title": "Name", - "type": "string" - }, - "ResourceQuery": { - "$ref": "#/definitions/AWS::ResourceGroups::Group.ResourceQuery", - "markdownDescription": "The resource query structure that is used to dynamically determine which AWS resources are members of the associated resource group. For more information about queries and how to construct them, see [Build queries and groups in AWS Resource Groups](https://docs.aws.amazon.com//ARG/latest/userguide/gettingstarted-query.html) in the *AWS Resource Groups User Guide*\n\n> - You can include either a `ResourceQuery` or a `Configuration` , but not both.\n> - You can specify the group's membership either by using a `ResourceQuery` or by using a list of `Resources` , but not both.", - "title": "ResourceQuery" - }, - "Resources": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the Amazon Resource Names (ARNs) of AWS resources that you want to add to the specified group.\n\n> - You can specify the group membership either by using a list of `Resources` or by using a `ResourceQuery` , but not both.\n> - You can include a `Resources` property only if you also specify a `Configuration` property.", - "title": "Resources", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tag key and value pairs that are attached to the resource group.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Name" - ], - "type": "object" + "PredictionInterval": { + "markdownDescription": "The prediction interval setup of a forecast computation.", + "title": "PredictionInterval", + "type": "number" }, - "Type": { - "enum": [ - "AWS::ResourceGroups::Group" - ], + "Seasonality": { + "markdownDescription": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `AUTOMATIC`\n- `CUSTOM` : Checks the custom seasonality value.", + "title": "Seasonality", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + }, + "UpperBoundary": { + "markdownDescription": "The upper boundary setup of a forecast computation.", + "title": "UpperBoundary", + "type": "number" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" } }, "required": [ - "Type", - "Properties" + "ComputationId" ], "type": "object" }, - "AWS::ResourceGroups::Group.ConfigurationItem": { + "AWS::QuickSight::Dashboard.ForecastConfiguration": { "additionalProperties": false, "properties": { - "Parameters": { - "items": { - "$ref": "#/definitions/AWS::ResourceGroups::Group.ConfigurationParameter" - }, - "markdownDescription": "A collection of parameters for this configuration item. For the list of parameters that you can use with each configuration item `Type` , see [Supported resource types and parameters](https://docs.aws.amazon.com//ARG/latest/APIReference/about-slg.html#about-slg-types) in the *AWS Resource Groups User Guide* .", - "title": "Parameters", - "type": "array" + "ForecastProperties": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TimeBasedForecastProperties", + "markdownDescription": "The forecast properties setup of a forecast in the line chart.", + "title": "ForecastProperties" }, - "Type": { - "markdownDescription": "Specifies the type of configuration item. Each item must have a unique value for type. For the list of the types that you can specify for a configuration item, see [Supported resource types and parameters](https://docs.aws.amazon.com//ARG/latest/APIReference/about-slg.html#about-slg-types) in the *AWS Resource Groups User Guide* .", - "title": "Type", - "type": "string" + "Scenario": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ForecastScenario", + "markdownDescription": "The forecast scenario of a forecast in the line chart.", + "title": "Scenario" } }, "type": "object" }, - "AWS::ResourceGroups::Group.ConfigurationParameter": { + "AWS::QuickSight::Dashboard.ForecastScenario": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the group configuration parameter. For the list of parameters that you can use with each configuration item type, see [Supported resource types and parameters](https://docs.aws.amazon.com//ARG/latest/APIReference/about-slg.html#about-slg-types) in the *AWS Resource Groups User Guide* .", - "title": "Name", - "type": "string" + "WhatIfPointScenario": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WhatIfPointScenario", + "markdownDescription": "The what-if analysis forecast setup with the target date.", + "title": "WhatIfPointScenario" }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The value or values to be used for the specified parameter. For the list of values you can use with each parameter, see [Supported resource types and parameters](https://docs.aws.amazon.com//ARG/latest/APIReference/about-slg.html#about-slg-types) .", - "title": "Values", - "type": "array" + "WhatIfRangeScenario": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WhatIfRangeScenario", + "markdownDescription": "The what-if analysis forecast setup with the date range.", + "title": "WhatIfRangeScenario" } }, "type": "object" }, - "AWS::ResourceGroups::Group.Query": { + "AWS::QuickSight::Dashboard.FormatConfiguration": { "additionalProperties": false, "properties": { - "ResourceTypeFilters": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies limits to the types of resources that can be included in the resource group. For example, if `ResourceTypeFilters` is `[\"AWS::EC2::Instance\", \"AWS::DynamoDB::Table\"]` , only EC2 instances or DynamoDB tables can be members of this resource group. The default value is `[\"AWS::AllSupported\"]` .", - "title": "ResourceTypeFilters", - "type": "array" + "DateTimeFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeFormatConfiguration", + "markdownDescription": "Formatting configuration for `DateTime` fields.", + "title": "DateTimeFormatConfiguration" }, - "StackIdentifier": { - "markdownDescription": "Specifies the ARN of a CloudFormation stack. All supported resources of the CloudFormation stack are members of the resource group. If you don't specify an ARN, this parameter defaults to the current stack that you are defining, which means that all the resources of the current stack are grouped.\n\nYou can specify a value for `StackIdentifier` only when the `ResourceQuery.Type` property is `CLOUDFORMATION_STACK_1_0.`", - "title": "StackIdentifier", - "type": "string" + "NumberFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumberFormatConfiguration", + "markdownDescription": "Formatting configuration for number fields.", + "title": "NumberFormatConfiguration" }, - "TagFilters": { - "items": { - "$ref": "#/definitions/AWS::ResourceGroups::Group.TagFilter" - }, - "markdownDescription": "A list of key-value pair objects that limit which resources can be members of the resource group. This property is required when the `ResourceQuery.Type` property is `TAG_FILTERS_1_0` .\n\nA resource must have a tag that matches every filter that is provided in the `TagFilters` list.", - "title": "TagFilters", - "type": "array" + "StringFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringFormatConfiguration", + "markdownDescription": "Formatting configuration for string fields.", + "title": "StringFormatConfiguration" } }, "type": "object" }, - "AWS::ResourceGroups::Group.ResourceQuery": { + "AWS::QuickSight::Dashboard.FreeFormLayoutCanvasSizeOptions": { "additionalProperties": false, "properties": { - "Query": { - "$ref": "#/definitions/AWS::ResourceGroups::Group.Query", - "markdownDescription": "The query that defines the membership of the group. This is a structure with properties that depend on the `Type` .\n\nThe `Query` structure must be included in the following scenarios:\n\n- When the `Type` is `TAG_FILTERS_1_0` , you must specify a `Query` structure that contains a `TagFilters` list of tags. Resources with tags that match those in the `TagFilter` list become members of the resource group.\n- When the `Type` is `CLOUDFORMATION_STACK_1_0` then this field is required only when you must specify a CloudFormation stack other than the one you are defining. To do this, the `Query` structure must contain the `StackIdentifier` property. If you don't specify either a `Query` structure or a `StackIdentifier` within that `Query` , then it defaults to the CloudFormation stack that you're currently constructing.", - "title": "Query" - }, - "Type": { - "markdownDescription": "Specifies the type of resource query that determines this group's membership. There are two valid query types:\n\n- `TAG_FILTERS_1_0` indicates that the group is a tag-based group. To complete the group membership, you must include the `TagFilters` property to specify the tag filters to use in the query.\n- `CLOUDFORMATION_STACK_1_0` , the default, indicates that the group is a CloudFormation stack-based group. Group membership is based on the CloudFormation stack. You must specify the `StackIdentifier` property in the query to define which stack to associate the group with, or leave it empty to default to the stack where the group is defined.", - "title": "Type", - "type": "string" + "ScreenCanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutScreenCanvasSizeOptions", + "markdownDescription": "The options that determine the sizing of the canvas used in a free-form layout.", + "title": "ScreenCanvasSizeOptions" } }, "type": "object" }, - "AWS::ResourceGroups::Group.TagFilter": { + "AWS::QuickSight::Dashboard.FreeFormLayoutConfiguration": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "A string that defines a tag key. Only resources in the account that are tagged with a specified tag key are members of the tag-based resource group.\n\nThis field is required when the `ResourceQuery` structure's `Type` property is `TAG_FILTERS_1_0` . You must specify at least one tag key.", - "title": "Key", - "type": "string" + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutCanvasSizeOptions", + "markdownDescription": "", + "title": "CanvasSizeOptions" }, - "Values": { + "Elements": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutElement" }, - "markdownDescription": "A list of tag values that can be included in the tag-based resource group. This is optional. If you don't specify a value or values for a key, then an AWS resource with any value for that key is a member.", - "title": "Values", + "markdownDescription": "The elements that are included in a free-form layout.", + "title": "Elements", "type": "array" } }, + "required": [ + "Elements" + ], "type": "object" }, - "AWS::RoboMaker::Fleet": { + "AWS::QuickSight::Dashboard.FreeFormLayoutElement": { "additionalProperties": false, "properties": { - "Condition": { + "BackgroundStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutElementBackgroundStyle", + "markdownDescription": "The background style configuration of a free-form layout element.", + "title": "BackgroundStyle" + }, + "BorderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutElementBorderStyle", + "markdownDescription": "The border style configuration of a free-form layout element.", + "title": "BorderStyle" + }, + "ElementId": { + "markdownDescription": "A unique identifier for an element within a free-form layout.", + "title": "ElementId", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ElementType": { + "markdownDescription": "The type of element.", + "title": "ElementType", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Height": { + "markdownDescription": "The height of an element within a free-form layout.", + "title": "Height", + "type": "string" }, - "Metadata": { - "type": "object" + "LoadingAnimation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LoadingAnimation", + "markdownDescription": "The loading animation configuration of a free-form layout element.", + "title": "LoadingAnimation" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the fleet.", - "title": "Name", - "type": "string" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "The list of all tags added to the fleet.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - } + "RenderingRules": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetElementRenderingRule" }, - "type": "object" + "markdownDescription": "The rendering rules that determine when an element should be displayed within a free-form layout.", + "title": "RenderingRules", + "type": "array" }, - "Type": { - "enum": [ - "AWS::RoboMaker::Fleet" - ], + "SelectedBorderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutElementBorderStyle", + "markdownDescription": "The border style configuration of a free-form layout element. This border style is used when the element is selected.", + "title": "SelectedBorderStyle" + }, + "Visibility": { + "markdownDescription": "The visibility of an element within a free-form layout.", + "title": "Visibility", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Width": { + "markdownDescription": "The width of an element within a free-form layout.", + "title": "Width", + "type": "string" + }, + "XAxisLocation": { + "markdownDescription": "The x-axis coordinate of the element.", + "title": "XAxisLocation", + "type": "string" + }, + "YAxisLocation": { + "markdownDescription": "The y-axis coordinate of the element.", + "title": "YAxisLocation", "type": "string" } }, "required": [ - "Type" + "ElementId", + "ElementType", + "Height", + "Width", + "XAxisLocation", + "YAxisLocation" ], "type": "object" }, - "AWS::RoboMaker::Robot": { + "AWS::QuickSight::Dashboard.FreeFormLayoutElementBackgroundStyle": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Architecture": { - "markdownDescription": "The architecture of the robot.", - "title": "Architecture", - "type": "string" - }, - "Fleet": { - "markdownDescription": "The Amazon Resource Name (ARN) of the fleet to which the robot will be registered.", - "title": "Fleet", - "type": "string" - }, - "GreengrassGroupId": { - "markdownDescription": "The Greengrass group associated with the robot.", - "title": "GreengrassGroupId", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the robot.", - "title": "Name", - "type": "string" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "A map that contains tag keys and tag values that are attached to the robot.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - } - }, - "required": [ - "Architecture", - "GreengrassGroupId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::RoboMaker::Robot" - ], + "Color": { + "markdownDescription": "The background color of a free-form layout element.", + "title": "Color", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Visibility": { + "markdownDescription": "The background visibility of a free-form layout element.", + "title": "Visibility", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::RoboMaker::RobotApplication": { + "AWS::QuickSight::Dashboard.FreeFormLayoutElementBorderStyle": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Color": { + "markdownDescription": "The border color of a free-form layout element.", + "title": "Color", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "CurrentRevisionId": { - "markdownDescription": "The current revision id.", - "title": "CurrentRevisionId", - "type": "string" - }, - "Environment": { - "markdownDescription": "The environment of the robot application.", - "title": "Environment", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the robot application.", - "title": "Name", - "type": "string" - }, - "RobotSoftwareSuite": { - "$ref": "#/definitions/AWS::RoboMaker::RobotApplication.RobotSoftwareSuite", - "markdownDescription": "The robot software suite used by the robot application.", - "title": "RobotSoftwareSuite" - }, - "Sources": { - "items": { - "$ref": "#/definitions/AWS::RoboMaker::RobotApplication.SourceConfig" - }, - "markdownDescription": "The sources of the robot application.", - "title": "Sources", - "type": "array" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "A map that contains tag keys and tag values that are attached to the robot application.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - } - }, - "required": [ - "RobotSoftwareSuite" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::RoboMaker::RobotApplication" - ], + "Visibility": { + "markdownDescription": "The border visibility of a free-form layout element.", + "title": "Visibility", "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FreeFormLayoutScreenCanvasSizeOptions": { + "additionalProperties": false, + "properties": { + "OptimizedViewPortWidth": { + "markdownDescription": "The width that the view port will be optimized for when the layout renders.", + "title": "OptimizedViewPortWidth", "type": "string" } }, "required": [ - "Type", - "Properties" + "OptimizedViewPortWidth" ], "type": "object" }, - "AWS::RoboMaker::RobotApplication.RobotSoftwareSuite": { + "AWS::QuickSight::Dashboard.FreeFormSectionLayoutConfiguration": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the robot software suite. `General` is the only supported value.", - "title": "Name", - "type": "string" - }, - "Version": { - "markdownDescription": "The version of the robot software suite. Not applicable for General software suite.", - "title": "Version", - "type": "string" + "Elements": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutElement" + }, + "markdownDescription": "The elements that are included in the free-form layout.", + "title": "Elements", + "type": "array" } }, "required": [ - "Name" + "Elements" ], "type": "object" }, - "AWS::RoboMaker::RobotApplication.SourceConfig": { + "AWS::QuickSight::Dashboard.FunnelChartAggregatedFieldWells": { "additionalProperties": false, "properties": { - "Architecture": { - "markdownDescription": "The target processor architecture for the application.", - "title": "Architecture", - "type": "string" - }, - "S3Bucket": { - "markdownDescription": "The Amazon S3 bucket name.", - "title": "S3Bucket", - "type": "string" + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The category field wells of a funnel chart. Values are grouped by category fields.", + "title": "Category", + "type": "array" }, - "S3Key": { - "markdownDescription": "The s3 object key.", - "title": "S3Key", - "type": "string" + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The value field wells of a funnel chart. Values are aggregated based on categories.", + "title": "Values", + "type": "array" } }, - "required": [ - "Architecture", - "S3Bucket", - "S3Key" - ], "type": "object" }, - "AWS::RoboMaker::RobotApplicationVersion": { + "AWS::QuickSight::Dashboard.FunnelChartConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options of the categories that are displayed in a `FunnelChartVisual` .", + "title": "CategoryLabelOptions" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "DataLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FunnelChartDataLabelOptions", + "markdownDescription": "The options that determine the presentation of the data labels.", + "title": "DataLabelOptions" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FunnelChartFieldWells", + "markdownDescription": "The field well configuration of a `FunnelChartVisual` .", + "title": "FieldWells" }, - "Metadata": { - "type": "object" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Application": { - "markdownDescription": "The application information for the robot application.", - "title": "Application", - "type": "string" - }, - "CurrentRevisionId": { - "markdownDescription": "The current revision id for the robot application. If you provide a value and it matches the latest revision ID, a new version will be created.", - "title": "CurrentRevisionId", - "type": "string" - } - }, - "required": [ - "Application" - ], - "type": "object" + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FunnelChartSortConfiguration", + "markdownDescription": "The sort configuration of a `FunnelChartVisual` .", + "title": "SortConfiguration" }, - "Type": { - "enum": [ - "AWS::RoboMaker::RobotApplicationVersion" - ], - "type": "string" + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", + "markdownDescription": "The tooltip configuration of a `FunnelChartVisual` .", + "title": "Tooltip" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "ValueLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options for the values that are displayed in a `FunnelChartVisual` .", + "title": "ValueLabelOptions" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", + "markdownDescription": "The visual palette configuration of a `FunnelChartVisual` .", + "title": "VisualPalette" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::RoboMaker::SimulationApplication": { + "AWS::QuickSight::Dashboard.FunnelChartDataLabelOptions": { "additionalProperties": false, "properties": { - "Condition": { + "CategoryLabelVisibility": { + "markdownDescription": "The visibility of the category labels within the data labels.", + "title": "CategoryLabelVisibility", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "LabelColor": { + "markdownDescription": "The color of the data label text.", + "title": "LabelColor", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "LabelFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", + "markdownDescription": "The font configuration for the data labels.\n\nOnly the `FontSize` attribute of the font configuration is used for data labels.", + "title": "LabelFontConfiguration" }, - "Metadata": { - "type": "object" + "MeasureDataLabelStyle": { + "markdownDescription": "Determines the style of the metric labels.", + "title": "MeasureDataLabelStyle", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "CurrentRevisionId": { - "markdownDescription": "The current revision id.", - "title": "CurrentRevisionId", - "type": "string" - }, - "Environment": { - "markdownDescription": "The environment of the simulation application.", - "title": "Environment", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the simulation application.", - "title": "Name", - "type": "string" - }, - "RenderingEngine": { - "$ref": "#/definitions/AWS::RoboMaker::SimulationApplication.RenderingEngine", - "markdownDescription": "The rendering engine for the simulation application.", - "title": "RenderingEngine" - }, - "RobotSoftwareSuite": { - "$ref": "#/definitions/AWS::RoboMaker::SimulationApplication.RobotSoftwareSuite", - "markdownDescription": "The robot software suite used by the simulation application.", - "title": "RobotSoftwareSuite" - }, - "SimulationSoftwareSuite": { - "$ref": "#/definitions/AWS::RoboMaker::SimulationApplication.SimulationSoftwareSuite", - "markdownDescription": "The simulation software suite used by the simulation application.", - "title": "SimulationSoftwareSuite" - }, - "Sources": { - "items": { - "$ref": "#/definitions/AWS::RoboMaker::SimulationApplication.SourceConfig" - }, - "markdownDescription": "The sources of the simulation application.", - "title": "Sources", - "type": "array" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "A map that contains tag keys and tag values that are attached to the simulation application.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - } - }, - "required": [ - "RobotSoftwareSuite", - "SimulationSoftwareSuite" - ], - "type": "object" + "MeasureLabelVisibility": { + "markdownDescription": "The visibility of the measure labels within the data labels.", + "title": "MeasureLabelVisibility", + "type": "string" }, - "Type": { - "enum": [ - "AWS::RoboMaker::SimulationApplication" - ], + "Position": { + "markdownDescription": "Determines the positioning of the data label relative to a section of the funnel.", + "title": "Position", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Visibility": { + "markdownDescription": "The visibility option that determines if data labels are displayed.", + "title": "Visibility", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::RoboMaker::SimulationApplication.RenderingEngine": { + "AWS::QuickSight::Dashboard.FunnelChartFieldWells": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the rendering engine.", - "title": "Name", - "type": "string" - }, - "Version": { - "markdownDescription": "The version of the rendering engine.", - "title": "Version", - "type": "string" + "FunnelChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FunnelChartAggregatedFieldWells", + "markdownDescription": "The field well configuration of a `FunnelChartVisual` .", + "title": "FunnelChartAggregatedFieldWells" } }, - "required": [ - "Name", - "Version" - ], "type": "object" }, - "AWS::RoboMaker::SimulationApplication.RobotSoftwareSuite": { + "AWS::QuickSight::Dashboard.FunnelChartSortConfiguration": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the robot software suite. `General` is the only supported value.", - "title": "Name", - "type": "string" + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of categories displayed.", + "title": "CategoryItemsLimit" }, - "Version": { - "markdownDescription": "The version of the robot software suite. Not applicable for General software suite.", - "title": "Version", - "type": "string" + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the category fields.", + "title": "CategorySort", + "type": "array" } }, - "required": [ - "Name" - ], "type": "object" }, - "AWS::RoboMaker::SimulationApplication.SimulationSoftwareSuite": { + "AWS::QuickSight::Dashboard.FunnelChartVisual": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the simulation software suite. `SimulationRuntime` is the only supported value.", - "title": "Name", + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FunnelChartConfiguration", + "markdownDescription": "The configuration of a `FunnelChartVisual` .", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", "type": "string" }, - "Version": { - "markdownDescription": "The version of the simulation software suite. Not applicable for `SimulationRuntime` .", - "title": "Version", + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", "type": "string" } }, "required": [ - "Name" + "VisualId" ], "type": "object" }, - "AWS::RoboMaker::SimulationApplication.SourceConfig": { + "AWS::QuickSight::Dashboard.GaugeChartArcConditionalFormatting": { "additionalProperties": false, "properties": { - "Architecture": { - "markdownDescription": "The target processor architecture for the application.", - "title": "Architecture", + "ForegroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the arc foreground color.", + "title": "ForegroundColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GaugeChartColorConfiguration": { + "additionalProperties": false, + "properties": { + "BackgroundColor": { + "markdownDescription": "The background color configuration of a `GaugeChartVisual` .", + "title": "BackgroundColor", "type": "string" }, - "S3Bucket": { - "markdownDescription": "The Amazon S3 bucket name.", - "title": "S3Bucket", + "ForegroundColor": { + "markdownDescription": "The foreground color configuration of a `GaugeChartVisual` .", + "title": "ForegroundColor", "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GaugeChartConditionalFormatting": { + "additionalProperties": false, + "properties": { + "ConditionalFormattingOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartConditionalFormattingOption" + }, + "markdownDescription": "Conditional formatting options of a `GaugeChartVisual` .", + "title": "ConditionalFormattingOptions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GaugeChartConditionalFormattingOption": { + "additionalProperties": false, + "properties": { + "Arc": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartArcConditionalFormatting", + "markdownDescription": "The options that determine the presentation of the arc of a `GaugeChartVisual` .", + "title": "Arc" }, - "S3Key": { - "markdownDescription": "The s3 object key.", - "title": "S3Key", - "type": "string" + "PrimaryValue": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartPrimaryValueConditionalFormatting", + "markdownDescription": "The conditional formatting for the primary value of a `GaugeChartVisual` .", + "title": "PrimaryValue" } }, - "required": [ - "Architecture", - "S3Bucket", - "S3Key" - ], "type": "object" }, - "AWS::RoboMaker::SimulationApplicationVersion": { + "AWS::QuickSight::Dashboard.GaugeChartConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "ColorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartColorConfiguration", + "markdownDescription": "The color configuration of a `GaugeChartVisual` .", + "title": "ColorConfiguration" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", + "markdownDescription": "The data label configuration of a `GaugeChartVisual` .", + "title": "DataLabels" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartFieldWells", + "markdownDescription": "The field well configuration of a `GaugeChartVisual` .", + "title": "FieldWells" }, - "Metadata": { - "type": "object" + "GaugeChartOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartOptions", + "markdownDescription": "The options that determine the presentation of the `GaugeChartVisual` .", + "title": "GaugeChartOptions" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Application": { - "markdownDescription": "The application information for the simulation application.", - "title": "Application", - "type": "string" - }, - "CurrentRevisionId": { - "markdownDescription": "The current revision id for the simulation application. If you provide a value and it matches the latest revision ID, a new version will be created.", - "title": "CurrentRevisionId", - "type": "string" - } - }, - "required": [ - "Application" - ], - "type": "object" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" }, - "Type": { - "enum": [ - "AWS::RoboMaker::SimulationApplicationVersion" - ], - "type": "string" + "TooltipOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", + "markdownDescription": "The tooltip configuration of a `GaugeChartVisual` .", + "title": "TooltipOptions" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", + "markdownDescription": "The visual palette configuration of a `GaugeChartVisual` .", + "title": "VisualPalette" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::RolesAnywhere::CRL": { + "AWS::QuickSight::Dashboard.GaugeChartFieldWells": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "TargetValues": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The target value field wells of a `GaugeChartVisual` .", + "title": "TargetValues", + "type": "array" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The value field wells of a `GaugeChartVisual` .", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GaugeChartOptions": { + "additionalProperties": false, + "properties": { + "Arc": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ArcConfiguration", + "markdownDescription": "The arc configuration of a `GaugeChartVisual` .", + "title": "Arc" }, - "Metadata": { - "type": "object" + "ArcAxis": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ArcAxisConfiguration", + "markdownDescription": "The arc axis configuration of a `GaugeChartVisual` .", + "title": "ArcAxis" }, - "Properties": { - "additionalProperties": false, - "properties": { - "CrlData": { - "markdownDescription": "The x509 v3 specified certificate revocation list (CRL).", - "title": "CrlData", - "type": "string" - }, - "Enabled": { - "markdownDescription": "Specifies whether the certificate revocation list (CRL) is enabled.", - "title": "Enabled", - "type": "boolean" - }, - "Name": { - "markdownDescription": "The name of the certificate revocation list (CRL).", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of tags to attach to the certificate revocation list (CRL).", - "title": "Tags", - "type": "array" - }, - "TrustAnchorArn": { - "markdownDescription": "The ARN of the TrustAnchor the certificate revocation list (CRL) will provide revocation for.", - "title": "TrustAnchorArn", - "type": "string" - } - }, - "required": [ - "CrlData", - "Name" - ], - "type": "object" + "Comparison": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComparisonConfiguration", + "markdownDescription": "The comparison configuration of a `GaugeChartVisual` .", + "title": "Comparison" }, - "Type": { - "enum": [ - "AWS::RolesAnywhere::CRL" - ], + "PrimaryValueDisplayType": { + "markdownDescription": "The options that determine the primary value display type.", + "title": "PrimaryValueDisplayType", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "PrimaryValueFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", + "markdownDescription": "The options that determine the primary value font configuration.", + "title": "PrimaryValueFontConfiguration" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::RolesAnywhere::Profile": { + "AWS::QuickSight::Dashboard.GaugeChartPrimaryValueConditionalFormatting": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting of the primary value icon.", + "title": "Icon" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the primary value text color.", + "title": "TextColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GaugeChartVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartConfiguration", + "markdownDescription": "The configuration of a `GaugeChartVisual` .", + "title": "ChartConfiguration" }, - "Metadata": { - "type": "object" + "ConditionalFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartConditionalFormatting", + "markdownDescription": "The conditional formatting of a `GaugeChartVisual` .", + "title": "ConditionalFormatting" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DurationSeconds": { - "markdownDescription": "The number of seconds vended session credentials will be valid for", - "title": "DurationSeconds", - "type": "number" - }, - "Enabled": { - "markdownDescription": "The enabled status of the resource.", - "title": "Enabled", - "type": "boolean" - }, - "ManagedPolicyArns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of managed policy ARNs. Managed policies identified by this list will be applied to the vended session credentials.", - "title": "ManagedPolicyArns", - "type": "array" - }, - "Name": { - "markdownDescription": "The customer specified name of the resource.", - "title": "Name", - "type": "string" - }, - "RequireInstanceProperties": { - "markdownDescription": "Specifies whether instance properties are required in CreateSession requests with this profile.", - "title": "RequireInstanceProperties", - "type": "boolean" - }, - "RoleArns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of IAM role ARNs that can be assumed when this profile is specified in a CreateSession request.", - "title": "RoleArns", - "type": "array" - }, - "SessionPolicy": { - "markdownDescription": "A session policy that will applied to the trust boundary of the vended session credentials.", - "title": "SessionPolicy", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of Tags.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Name", - "RoleArns" - ], - "type": "object" + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" }, - "Type": { - "enum": [ - "AWS::RolesAnywhere::Profile" - ], + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", "type": "string" } }, "required": [ - "Type", - "Properties" + "VisualId" ], "type": "object" }, - "AWS::RolesAnywhere::TrustAnchor": { + "AWS::QuickSight::Dashboard.GeospatialCategoricalColor": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Indicates whether the trust anchor is enabled.", - "title": "Enabled", - "type": "boolean" - }, - "Name": { - "markdownDescription": "The name of the trust anchor.", - "title": "Name", - "type": "string" - }, - "NotificationSettings": { - "items": { - "$ref": "#/definitions/AWS::RolesAnywhere::TrustAnchor.NotificationSetting" - }, - "markdownDescription": "A list of notification settings to be associated to the trust anchor.", - "title": "NotificationSettings", - "type": "array" - }, - "Source": { - "$ref": "#/definitions/AWS::RolesAnywhere::TrustAnchor.Source", - "markdownDescription": "The trust anchor type and its related certificate data.", - "title": "Source" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to attach to the trust anchor.", - "title": "Tags", - "type": "array" - } + "CategoryDataColors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialCategoricalDataColor" }, - "required": [ - "Name", - "Source" - ], - "type": "object" + "markdownDescription": "A list of categorical data colors for each category.", + "title": "CategoryDataColors", + "type": "array" }, - "Type": { - "enum": [ - "AWS::RolesAnywhere::TrustAnchor" - ], - "type": "string" + "DefaultOpacity": { + "markdownDescription": "The default opacity of a categorical color.", + "title": "DefaultOpacity", + "type": "number" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "NullDataSettings": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialNullDataSettings", + "markdownDescription": "The null data visualization settings.", + "title": "NullDataSettings" + }, + "NullDataVisibility": { + "markdownDescription": "The state of visibility for null data.", + "title": "NullDataVisibility", "type": "string" } }, "required": [ - "Type", - "Properties" + "CategoryDataColors" ], "type": "object" }, - "AWS::RolesAnywhere::TrustAnchor.NotificationSetting": { + "AWS::QuickSight::Dashboard.GeospatialCategoricalDataColor": { "additionalProperties": false, "properties": { - "Channel": { - "markdownDescription": "The specified channel of notification. IAM Roles Anywhere uses CloudWatch metrics, EventBridge, and AWS Health Dashboard to notify for an event.\n\n> In the absence of a specific channel, IAM Roles Anywhere applies this setting to 'ALL' channels.", - "title": "Channel", + "Color": { + "markdownDescription": "The color and opacity values for the category data color.", + "title": "Color", "type": "string" }, - "Enabled": { - "markdownDescription": "Indicates whether the notification setting is enabled.", - "title": "Enabled", - "type": "boolean" - }, - "Event": { - "markdownDescription": "The event to which this notification setting is applied.", - "title": "Event", + "DataValue": { + "markdownDescription": "The data value for the category data color.", + "title": "DataValue", "type": "string" - }, - "Threshold": { - "markdownDescription": "The number of days before a notification event. This value is required for a notification setting that is enabled.", - "title": "Threshold", - "type": "number" } }, "required": [ - "Enabled", - "Event" + "Color", + "DataValue" ], "type": "object" }, - "AWS::RolesAnywhere::TrustAnchor.Source": { + "AWS::QuickSight::Dashboard.GeospatialCircleRadius": { "additionalProperties": false, "properties": { - "SourceData": { - "$ref": "#/definitions/AWS::RolesAnywhere::TrustAnchor.SourceData", - "markdownDescription": "A union object representing the data field of the TrustAnchor depending on its type", - "title": "SourceData" - }, - "SourceType": { - "markdownDescription": "The type of the TrustAnchor.", - "title": "SourceType", - "type": "string" + "Radius": { + "markdownDescription": "The positive value for the radius of a circle.", + "title": "Radius", + "type": "number" } }, "type": "object" }, - "AWS::RolesAnywhere::TrustAnchor.SourceData": { + "AWS::QuickSight::Dashboard.GeospatialCircleSymbolStyle": { "additionalProperties": false, "properties": { - "AcmPcaArn": { - "markdownDescription": "The root certificate of the AWS Private Certificate Authority specified by this ARN is used in trust validation for temporary credential requests. Included for trust anchors of type `AWS_ACM_PCA` .\n\n> This field is not supported in your region.", - "title": "AcmPcaArn", - "type": "string" + "CircleRadius": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialCircleRadius", + "markdownDescription": "The radius of the circle.", + "title": "CircleRadius" }, - "X509CertificateData": { - "markdownDescription": "The PEM-encoded data for the certificate anchor. Included for trust anchors of type `CERTIFICATE_BUNDLE` .", - "title": "X509CertificateData", - "type": "string" + "FillColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialColor", + "markdownDescription": "The color and opacity values for the fill color.", + "title": "FillColor" + }, + "StrokeColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialColor", + "markdownDescription": "The color and opacity values for the stroke color.", + "title": "StrokeColor" + }, + "StrokeWidth": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialLineWidth", + "markdownDescription": "The width of the stroke (border).", + "title": "StrokeWidth" } }, "type": "object" }, - "AWS::Route53::CidrCollection": { + "AWS::QuickSight::Dashboard.GeospatialColor": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Categorical": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialCategoricalColor", + "markdownDescription": "The visualization properties for the categorical color.", + "title": "Categorical" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Gradient": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialGradientColor", + "markdownDescription": "The visualization properties for the gradient color.", + "title": "Gradient" }, - "Metadata": { - "type": "object" + "Solid": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialSolidColor", + "markdownDescription": "The visualization properties for the solid color.", + "title": "Solid" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialCoordinateBounds": { + "additionalProperties": false, + "properties": { + "East": { + "markdownDescription": "The longitude of the east bound of the geospatial coordinate bounds.", + "title": "East", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Locations": { - "items": { - "$ref": "#/definitions/AWS::Route53::CidrCollection.Location" - }, - "markdownDescription": "A complex type that contains information about the list of CIDR locations.", - "title": "Locations", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of a CIDR collection.", - "title": "Name", - "type": "string" - } - }, - "required": [ - "Name" - ], - "type": "object" + "North": { + "markdownDescription": "The latitude of the north bound of the geospatial coordinate bounds.", + "title": "North", + "type": "number" }, - "Type": { - "enum": [ - "AWS::Route53::CidrCollection" - ], - "type": "string" + "South": { + "markdownDescription": "The latitude of the south bound of the geospatial coordinate bounds.", + "title": "South", + "type": "number" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "West": { + "markdownDescription": "The longitude of the west bound of the geospatial coordinate bounds.", + "title": "West", + "type": "number" } }, "required": [ - "Type", - "Properties" + "East", + "North", + "South", + "West" ], "type": "object" }, - "AWS::Route53::CidrCollection.Location": { + "AWS::QuickSight::Dashboard.GeospatialDataSourceItem": { "additionalProperties": false, "properties": { - "CidrList": { + "StaticFileDataSource": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialStaticFileSource", + "markdownDescription": "The static file data source properties for the geospatial data.", + "title": "StaticFileDataSource" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialGradientColor": { + "additionalProperties": false, + "properties": { + "DefaultOpacity": { + "markdownDescription": "The default opacity for the gradient color.", + "title": "DefaultOpacity", + "type": "number" + }, + "NullDataSettings": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialNullDataSettings", + "markdownDescription": "The null data visualization settings.", + "title": "NullDataSettings" + }, + "NullDataVisibility": { + "markdownDescription": "The state of visibility for null data.", + "title": "NullDataVisibility", + "type": "string" + }, + "StepColors": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialGradientStepColor" }, - "markdownDescription": "List of CIDR blocks.", - "title": "CidrList", + "markdownDescription": "A list of gradient step colors for the gradient.", + "title": "StepColors", "type": "array" - }, - "LocationName": { - "markdownDescription": "The CIDR collection location name.", - "title": "LocationName", - "type": "string" } }, "required": [ - "CidrList", - "LocationName" + "StepColors" ], "type": "object" }, - "AWS::Route53::DNSSEC": { + "AWS::QuickSight::Dashboard.GeospatialGradientStepColor": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Color": { + "markdownDescription": "The color and opacity values for the gradient step color.", + "title": "Color", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "HostedZoneId": { - "markdownDescription": "A unique string (ID) that is used to identify a hosted zone. For example: `Z00001111A1ABCaaABC11` .", - "title": "HostedZoneId", - "type": "string" - } + "DataValue": { + "markdownDescription": "The data value for the gradient step color.", + "title": "DataValue", + "type": "number" + } + }, + "required": [ + "Color", + "DataValue" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialHeatmapColorScale": { + "additionalProperties": false, + "properties": { + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialHeatmapDataColor" }, - "required": [ - "HostedZoneId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Route53::DNSSEC" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "markdownDescription": "The list of colors to be used in heatmap point style.", + "title": "Colors", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialHeatmapConfiguration": { + "additionalProperties": false, + "properties": { + "HeatmapColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialHeatmapColorScale", + "markdownDescription": "The color scale specification for the heatmap point style.", + "title": "HeatmapColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialHeatmapDataColor": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The hex color to be used in the heatmap point style.", + "title": "Color", "type": "string" } }, "required": [ - "Type", - "Properties" + "Color" ], "type": "object" }, - "AWS::Route53::HealthCheck": { + "AWS::QuickSight::Dashboard.GeospatialLayerColorField": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "HealthCheckConfig": { - "$ref": "#/definitions/AWS::Route53::HealthCheck.HealthCheckConfig", - "markdownDescription": "A complex type that contains detailed information about one health check.\n\nFor the values to enter for `HealthCheckConfig` , see [HealthCheckConfig](https://docs.aws.amazon.com/Route53/latest/APIReference/API_HealthCheckConfig.html)", - "title": "HealthCheckConfig" - }, - "HealthCheckTags": { - "items": { - "$ref": "#/definitions/AWS::Route53::HealthCheck.HealthCheckTag" - }, - "markdownDescription": "The `HealthCheckTags` property describes key-value pairs that are associated with an `AWS::Route53::HealthCheck` resource.", - "title": "HealthCheckTags", - "type": "array" - } + "ColorDimensionsFields": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, - "required": [ - "HealthCheckConfig" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Route53::HealthCheck" - ], - "type": "string" + "markdownDescription": "A list of color dimension fields.", + "title": "ColorDimensionsFields", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "ColorValuesFields": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "A list of color measure fields.", + "title": "ColorValuesFields", + "type": "array" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Route53::HealthCheck.AlarmIdentifier": { + "AWS::QuickSight::Dashboard.GeospatialLayerDefinition": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the CloudWatch alarm that you want Amazon Route 53 health checkers to use to determine whether this health check is healthy.\n\n> Route 53 supports CloudWatch alarms with the following features:\n> \n> - Standard-resolution metrics. High-resolution metrics aren't supported. For more information, see [High-Resolution Metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/publishingMetrics.html#high-resolution-metrics) in the *Amazon CloudWatch User Guide* .\n> - Statistics: Average, Minimum, Maximum, Sum, and SampleCount. Extended statistics aren't supported.", - "title": "Name", - "type": "string" + "LineLayer": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialLineLayer", + "markdownDescription": "The definition for a line layer.", + "title": "LineLayer" }, - "Region": { - "markdownDescription": "For the CloudWatch alarm that you want Route 53 health checkers to use to determine whether this health check is healthy, the region that the alarm was created in.\n\nFor the current list of CloudWatch regions, see [Amazon CloudWatch endpoints and quotas](https://docs.aws.amazon.com/general/latest/gr/cw_region.html) in the *Amazon Web Services General Reference* .", - "title": "Region", - "type": "string" + "PointLayer": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialPointLayer", + "markdownDescription": "The definition for a point layer.", + "title": "PointLayer" + }, + "PolygonLayer": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialPolygonLayer", + "markdownDescription": "The definition for a polygon layer.", + "title": "PolygonLayer" } }, - "required": [ - "Name", - "Region" - ], "type": "object" }, - "AWS::Route53::HealthCheck.HealthCheckConfig": { + "AWS::QuickSight::Dashboard.GeospatialLayerItem": { "additionalProperties": false, "properties": { - "AlarmIdentifier": { - "$ref": "#/definitions/AWS::Route53::HealthCheck.AlarmIdentifier", - "markdownDescription": "A complex type that identifies the CloudWatch alarm that you want Amazon Route 53 health checkers to use to determine whether the specified health check is healthy.", - "title": "AlarmIdentifier" - }, - "ChildHealthChecks": { + "Actions": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LayerCustomAction" }, - "markdownDescription": "(CALCULATED Health Checks Only) A complex type that contains one `ChildHealthCheck` element for each health check that you want to associate with a `CALCULATED` health check.", - "title": "ChildHealthChecks", + "markdownDescription": "A list of custom actions for a layer.", + "title": "Actions", "type": "array" }, - "EnableSNI": { - "markdownDescription": "Specify whether you want Amazon Route 53 to send the value of `FullyQualifiedDomainName` to the endpoint in the `client_hello` message during TLS negotiation. This allows the endpoint to respond to `HTTPS` health check requests with the applicable SSL/TLS certificate.\n\nSome endpoints require that `HTTPS` requests include the host name in the `client_hello` message. If you don't enable SNI, the status of the health check will be `SSL alert handshake_failure` . A health check can also have that status for other reasons. If SNI is enabled and you're still getting the error, check the SSL/TLS configuration on your endpoint and confirm that your certificate is valid.\n\nThe SSL/TLS certificate on your endpoint includes a domain name in the `Common Name` field and possibly several more in the `Subject Alternative Names` field. One of the domain names in the certificate should match the value that you specify for `FullyQualifiedDomainName` . If the endpoint responds to the `client_hello` message with a certificate that does not include the domain name that you specified in `FullyQualifiedDomainName` , a health checker will retry the handshake. In the second attempt, the health checker will omit `FullyQualifiedDomainName` from the `client_hello` message.", - "title": "EnableSNI", - "type": "boolean" - }, - "FailureThreshold": { - "markdownDescription": "The number of consecutive health checks that an endpoint must pass or fail for Amazon Route 53 to change the current status of the endpoint from unhealthy to healthy or vice versa. For more information, see [How Amazon Route 53 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html) in the *Amazon Route 53 Developer Guide* .\n\nIf you don't specify a value for `FailureThreshold` , the default value is three health checks.", - "title": "FailureThreshold", - "type": "number" - }, - "FullyQualifiedDomainName": { - "markdownDescription": "Amazon Route 53 behavior depends on whether you specify a value for `IPAddress` .\n\n*If you specify a value for* `IPAddress` :\n\nAmazon Route 53 sends health check requests to the specified IPv4 or IPv6 address and passes the value of `FullyQualifiedDomainName` in the `Host` header for all health checks except TCP health checks. This is typically the fully qualified DNS name of the endpoint on which you want Route 53 to perform health checks.\n\nWhen Route 53 checks the health of an endpoint, here is how it constructs the `Host` header:\n\n- If you specify a value of `80` for `Port` and `HTTP` or `HTTP_STR_MATCH` for `Type` , Route 53 passes the value of `FullyQualifiedDomainName` to the endpoint in the Host header.\n- If you specify a value of `443` for `Port` and `HTTPS` or `HTTPS_STR_MATCH` for `Type` , Route 53 passes the value of `FullyQualifiedDomainName` to the endpoint in the `Host` header.\n- If you specify another value for `Port` and any value except `TCP` for `Type` , Route 53 passes `FullyQualifiedDomainName:Port` to the endpoint in the `Host` header.\n\nIf you don't specify a value for `FullyQualifiedDomainName` , Route 53 substitutes the value of `IPAddress` in the `Host` header in each of the preceding cases.\n\n*If you don't specify a value for `IPAddress`* :\n\nRoute 53 sends a DNS request to the domain that you specify for `FullyQualifiedDomainName` at the interval that you specify for `RequestInterval` . Using an IPv4 address that DNS returns, Route 53 then checks the health of the endpoint.\n\n> If you don't specify a value for `IPAddress` , Route 53 uses only IPv4 to send health checks to the endpoint. If there's no record with a type of A for the name that you specify for `FullyQualifiedDomainName` , the health check fails with a \"DNS resolution failed\" error. \n\nIf you want to check the health of multiple records that have the same name and type, such as multiple weighted records, and if you choose to specify the endpoint only by `FullyQualifiedDomainName` , we recommend that you create a separate health check for each endpoint. For example, create a health check for each HTTP server that is serving content for www.example.com. For the value of `FullyQualifiedDomainName` , specify the domain name of the server (such as us-east-2-www.example.com), not the name of the records (www.example.com).\n\n> In this configuration, if you create a health check for which the value of `FullyQualifiedDomainName` matches the name of the records and you then associate the health check with those records, health check results will be unpredictable. \n\nIn addition, if the value that you specify for `Type` is `HTTP` , `HTTPS` , `HTTP_STR_MATCH` , or `HTTPS_STR_MATCH` , Route 53 passes the value of `FullyQualifiedDomainName` in the `Host` header, as it does when you specify a value for `IPAddress` . If the value of `Type` is `TCP` , Route 53 doesn't pass a `Host` header.", - "title": "FullyQualifiedDomainName", - "type": "string" - }, - "HealthThreshold": { - "markdownDescription": "The number of child health checks that are associated with a `CALCULATED` health check that Amazon Route 53 must consider healthy for the `CALCULATED` health check to be considered healthy. To specify the child health checks that you want to associate with a `CALCULATED` health check, use the [ChildHealthChecks](https://docs.aws.amazon.com/Route53/latest/APIReference/API_UpdateHealthCheck.html#Route53-UpdateHealthCheck-request-ChildHealthChecks) element.\n\nNote the following:\n\n- If you specify a number greater than the number of child health checks, Route 53 always considers this health check to be unhealthy.\n- If you specify `0` , Route 53 always considers this health check to be healthy.", - "title": "HealthThreshold", - "type": "number" + "DataSource": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialDataSourceItem", + "markdownDescription": "The data source for the layer.", + "title": "DataSource" }, - "IPAddress": { - "markdownDescription": "The IPv4 or IPv6 IP address of the endpoint that you want Amazon Route 53 to perform health checks on. If you don't specify a value for `IPAddress` , Route 53 sends a DNS request to resolve the domain name that you specify in `FullyQualifiedDomainName` at the interval that you specify in `RequestInterval` . Using an IP address returned by DNS, Route 53 then checks the health of the endpoint.\n\nUse one of the following formats for the value of `IPAddress` :\n\n- *IPv4 address* : four values between 0 and 255, separated by periods (.), for example, `192.0.2.44` .\n- *IPv6 address* : eight groups of four hexadecimal values, separated by colons (:), for example, `2001:0db8:85a3:0000:0000:abcd:0001:2345` . You can also shorten IPv6 addresses as described in RFC 5952, for example, `2001:db8:85a3::abcd:1:2345` .\n\nIf the endpoint is an EC2 instance, we recommend that you create an Elastic IP address, associate it with your EC2 instance, and specify the Elastic IP address for `IPAddress` . This ensures that the IP address of your instance will never change.\n\nFor more information, see [FullyQualifiedDomainName](https://docs.aws.amazon.com/Route53/latest/APIReference/API_UpdateHealthCheck.html#Route53-UpdateHealthCheck-request-FullyQualifiedDomainName) .\n\nConstraints: Route 53 can't check the health of endpoints for which the IP address is in local, private, non-routable, or multicast ranges. For more information about IP addresses for which you can't create health checks, see the following documents:\n\n- [RFC 5735, Special Use IPv4 Addresses](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc5735)\n- [RFC 6598, IANA-Reserved IPv4 Prefix for Shared Address Space](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6598)\n- [RFC 5156, Special-Use IPv6 Addresses](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc5156)\n\nWhen the value of `Type` is `CALCULATED` or `CLOUDWATCH_METRIC` , omit `IPAddress` .", - "title": "IPAddress", - "type": "string" + "JoinDefinition": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialLayerJoinDefinition", + "markdownDescription": "The join definition properties for a layer.", + "title": "JoinDefinition" }, - "InsufficientDataHealthStatus": { - "markdownDescription": "When CloudWatch has insufficient data about the metric to determine the alarm state, the status that you want Amazon Route 53 to assign to the health check:\n\n- `Healthy` : Route 53 considers the health check to be healthy.\n- `Unhealthy` : Route 53 considers the health check to be unhealthy.\n- `LastKnownStatus` : Route 53 uses the status of the health check from the last time that CloudWatch had sufficient data to determine the alarm state. For new health checks that have no last known status, the default status for the health check is healthy.", - "title": "InsufficientDataHealthStatus", + "Label": { + "markdownDescription": "The label that is displayed for the layer.", + "title": "Label", "type": "string" }, - "Inverted": { - "markdownDescription": "Specify whether you want Amazon Route 53 to invert the status of a health check, for example, to consider a health check unhealthy when it otherwise would be considered healthy.", - "title": "Inverted", - "type": "boolean" - }, - "MeasureLatency": { - "markdownDescription": "Specify whether you want Amazon Route 53 to measure the latency between health checkers in multiple AWS regions and your endpoint, and to display CloudWatch latency graphs on the *Health Checks* page in the Route 53 console.\n\n> You can't change the value of `MeasureLatency` after you create a health check.", - "title": "MeasureLatency", - "type": "boolean" - }, - "Port": { - "markdownDescription": "The port on the endpoint that you want Amazon Route 53 to perform health checks on.\n\n> Don't specify a value for `Port` when you specify a value for [Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-healthcheck-healthcheckconfig.html#cfn-route53-healthcheck-healthcheckconfig-type) of `CLOUDWATCH_METRIC` or `CALCULATED` .", - "title": "Port", - "type": "number" - }, - "Regions": { - "items": { - "type": "string" - }, - "markdownDescription": "A complex type that contains one `Region` element for each region from which you want Amazon Route 53 health checkers to check the specified endpoint.\n\nIf you don't specify any regions, Route 53 health checkers automatically performs checks from all of the regions that are listed under *Valid Values* .\n\nIf you update a health check to remove a region that has been performing health checks, Route 53 will briefly continue to perform checks from that region to ensure that some health checkers are always checking the endpoint (for example, if you replace three regions with four different regions).", - "title": "Regions", - "type": "array" - }, - "RequestInterval": { - "markdownDescription": "The number of seconds between the time that Amazon Route 53 gets a response from your endpoint and the time that it sends the next health check request. Each Route 53 health checker makes requests at this interval.\n\n> You can't change the value of `RequestInterval` after you create a health check. \n\nIf you don't specify a value for `RequestInterval` , the default value is `30` seconds.", - "title": "RequestInterval", - "type": "number" + "LayerDefinition": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialLayerDefinition", + "markdownDescription": "The definition properties for a layer.", + "title": "LayerDefinition" }, - "ResourcePath": { - "markdownDescription": "The path, if any, that you want Amazon Route 53 to request when performing health checks. The path can be any value for which your endpoint will return an HTTP status code of 2xx or 3xx when the endpoint is healthy, for example, the file /docs/route53-health-check.html. You can also include query string parameters, for example, `/welcome.html?language=jp&login=y` .", - "title": "ResourcePath", + "LayerId": { + "markdownDescription": "The ID of the layer.", + "title": "LayerId", "type": "string" }, - "RoutingControlArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the Route 53 Application Recovery Controller routing control.\n\nFor more information about Route 53 Application Recovery Controller, see [Route 53 Application Recovery Controller Developer Guide.](https://docs.aws.amazon.com/r53recovery/latest/dg/what-is-route-53-recovery.html) .", - "title": "RoutingControlArn", + "LayerType": { + "markdownDescription": "The layer type.", + "title": "LayerType", "type": "string" }, - "SearchString": { - "markdownDescription": "If the value of Type is `HTTP_STR_MATCH` or `HTTPS_STR_MATCH` , the string that you want Amazon Route 53 to search for in the response body from the specified resource. If the string appears in the response body, Route 53 considers the resource healthy.\n\nRoute 53 considers case when searching for `SearchString` in the response body.", - "title": "SearchString", - "type": "string" + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", + "markdownDescription": "", + "title": "Tooltip" }, - "Type": { - "markdownDescription": "The type of health check that you want to create, which indicates how Amazon Route 53 determines whether an endpoint is healthy.\n\n> You can't change the value of `Type` after you create a health check. \n\nYou can create the following types of health checks:\n\n- *HTTP* : Route 53 tries to establish a TCP connection. If successful, Route 53 submits an HTTP request and waits for an HTTP status code of 200 or greater and less than 400.\n- *HTTPS* : Route 53 tries to establish a TCP connection. If successful, Route 53 submits an HTTPS request and waits for an HTTP status code of 200 or greater and less than 400.\n\n> If you specify `HTTPS` for the value of `Type` , the endpoint must support TLS v1.0 or later.\n- *HTTP_STR_MATCH* : Route 53 tries to establish a TCP connection. If successful, Route 53 submits an HTTP request and searches the first 5,120 bytes of the response body for the string that you specify in `SearchString` .\n- *HTTPS_STR_MATCH* : Route 53 tries to establish a TCP connection. If successful, Route 53 submits an `HTTPS` request and searches the first 5,120 bytes of the response body for the string that you specify in `SearchString` .\n- *TCP* : Route 53 tries to establish a TCP connection.\n- *CLOUDWATCH_METRIC* : The health check is associated with a CloudWatch alarm. If the state of the alarm is `OK` , the health check is considered healthy. If the state is `ALARM` , the health check is considered unhealthy. If CloudWatch doesn't have sufficient data to determine whether the state is `OK` or `ALARM` , the health check status depends on the setting for `InsufficientDataHealthStatus` : `Healthy` , `Unhealthy` , or `LastKnownStatus` .\n\n> Route 53 supports CloudWatch alarms with the following features:\n> \n> - Standard-resolution metrics. High-resolution metrics aren't supported. For more information, see [High-Resolution Metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/publishingMetrics.html#high-resolution-metrics) in the *Amazon CloudWatch User Guide* .\n> - Statistics: Average, Minimum, Maximum, Sum, and SampleCount. Extended statistics aren't supported.\n- *CALCULATED* : For health checks that monitor the status of other health checks, Route 53 adds up the number of health checks that Route 53 health checkers consider to be healthy and compares that number with the value of `HealthThreshold` .\n- *RECOVERY_CONTROL* : The health check is assocated with a Route53 Application Recovery Controller routing control. If the routing control state is `ON` , the health check is considered healthy. If the state is `OFF` , the health check is considered unhealthy.\n\nFor more information, see [How Route 53 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html) in the *Amazon Route 53 Developer Guide* .", - "title": "Type", + "Visibility": { + "markdownDescription": "The state of visibility for the layer.", + "title": "Visibility", "type": "string" } }, "required": [ - "Type" + "LayerId" ], "type": "object" }, - "AWS::Route53::HealthCheck.HealthCheckTag": { + "AWS::QuickSight::Dashboard.GeospatialLayerJoinDefinition": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The value of `Key` depends on the operation that you want to perform:\n\n- *Add a tag to a health check or hosted zone* : `Key` is the name that you want to give the new tag.\n- *Edit a tag* : `Key` is the name of the tag that you want to change the `Value` for.\n- *Delete a key* : `Key` is the name of the tag you want to remove.\n- *Give a name to a health check* : Edit the default `Name` tag. In the Amazon Route 53 console, the list of your health checks includes a *Name* column that lets you see the name that you've given to each health check.", - "title": "Key", - "type": "string" + "ColorField": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialLayerColorField", + "markdownDescription": "The geospatial color field for the join definition.", + "title": "ColorField" }, - "Value": { - "markdownDescription": "The value of `Value` depends on the operation that you want to perform:\n\n- *Add a tag to a health check or hosted zone* : `Value` is the value that you want to give the new tag.\n- *Edit a tag* : `Value` is the new value that you want to assign the tag.", - "title": "Value", + "DatasetKeyField": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.UnaggregatedField", + "markdownDescription": "", + "title": "DatasetKeyField" + }, + "ShapeKeyField": { + "markdownDescription": "The name of the field or property in the geospatial data source.", + "title": "ShapeKeyField", "type": "string" } }, - "required": [ - "Key", - "Value" - ], "type": "object" }, - "AWS::Route53::HostedZone": { + "AWS::QuickSight::Dashboard.GeospatialLayerMapConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "", + "title": "Interactions" }, - "Metadata": { - "type": "object" + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", + "markdownDescription": "", + "title": "Legend" }, - "Properties": { - "additionalProperties": false, - "properties": { - "HostedZoneConfig": { - "$ref": "#/definitions/AWS::Route53::HostedZone.HostedZoneConfig", - "markdownDescription": "A complex type that contains an optional comment.\n\nIf you don't want to specify a comment, omit the `HostedZoneConfig` and `Comment` elements.", - "title": "HostedZoneConfig" - }, - "HostedZoneTags": { - "items": { - "$ref": "#/definitions/AWS::Route53::HostedZone.HostedZoneTag" - }, - "markdownDescription": "Adds, edits, or deletes tags for a health check or a hosted zone.\n\nFor information about using tags for cost allocation, see [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html) in the *Billing and Cost Management User Guide* .", - "title": "HostedZoneTags", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the domain. Specify a fully qualified domain name, for example, *www.example.com* . The trailing dot is optional; Amazon Route 53 assumes that the domain name is fully qualified. This means that Route 53 treats *www.example.com* (without a trailing dot) and *www.example.com.* (with a trailing dot) as identical.\n\nIf you're creating a public hosted zone, this is the name you have registered with your DNS registrar. If your domain name is registered with a registrar other than Route 53, change the name servers for your domain to the set of `NameServers` that are returned by the `Fn::GetAtt` intrinsic function.", - "title": "Name", - "type": "string" - }, - "QueryLoggingConfig": { - "$ref": "#/definitions/AWS::Route53::HostedZone.QueryLoggingConfig", - "markdownDescription": "Creates a configuration for DNS query logging. After you create a query logging configuration, Amazon Route 53 begins to publish log data to an Amazon CloudWatch Logs log group.\n\nDNS query logs contain information about the queries that Route 53 receives for a specified public hosted zone, such as the following:\n\n- Route 53 edge location that responded to the DNS query\n- Domain or subdomain that was requested\n- DNS record type, such as A or AAAA\n- DNS response code, such as `NoError` or `ServFail`\n\n- **Log Group and Resource Policy** - Before you create a query logging configuration, perform the following operations.\n\n> If you create a query logging configuration using the Route 53 console, Route 53 performs these operations automatically. \n\n- Create a CloudWatch Logs log group, and make note of the ARN, which you specify when you create a query logging configuration. Note the following:\n\n- You must create the log group in the us-east-1 region.\n- You must use the same AWS account to create the log group and the hosted zone that you want to configure query logging for.\n- When you create log groups for query logging, we recommend that you use a consistent prefix, for example:\n\n`/aws/route53/ *hosted zone name*`\n\nIn the next step, you'll create a resource policy, which controls access to one or more log groups and the associated AWS resources, such as Route 53 hosted zones. There's a limit on the number of resource policies that you can create, so we recommend that you use a consistent prefix so you can use the same resource policy for all the log groups that you create for query logging.\n- Create a CloudWatch Logs resource policy, and give it the permissions that Route 53 needs to create log streams and to send query logs to log streams. You must create the CloudWatch Logs resource policy in the us-east-1 region. For the value of `Resource` , specify the ARN for the log group that you created in the previous step. To use the same resource policy for all the CloudWatch Logs log groups that you created for query logging configurations, replace the hosted zone name with `*` , for example:\n\n`arn:aws:logs:us-east-1:123412341234:log-group:/aws/route53/*`\n\nTo avoid the confused deputy problem, a security issue where an entity without a permission for an action can coerce a more-privileged entity to perform it, you can optionally limit the permissions that a service has to a resource in a resource-based policy by supplying the following values:\n\n- For `aws:SourceArn` , supply the hosted zone ARN used in creating the query logging configuration. For example, `aws:SourceArn: arn:aws:route53:::hostedzone/hosted zone ID` .\n- For `aws:SourceAccount` , supply the account ID for the account that creates the query logging configuration. For example, `aws:SourceAccount:111111111111` .\n\nFor more information, see [The confused deputy problem](https://docs.aws.amazon.com/IAM/latest/UserGuide/confused-deputy.html) in the *AWS IAM User Guide* .\n\n> You can't use the CloudWatch console to create or edit a resource policy. You must use the CloudWatch API, one of the AWS SDKs, or the AWS CLI .\n- **Log Streams and Edge Locations** - When Route 53 finishes creating the configuration for DNS query logging, it does the following:\n\n- Creates a log stream for an edge location the first time that the edge location responds to DNS queries for the specified hosted zone. That log stream is used to log all queries that Route 53 responds to for that edge location.\n- Begins to send query logs to the applicable log stream.\n\nThe name of each log stream is in the following format:\n\n`*hosted zone ID* / *edge location code*`\n\nThe edge location code is a three-letter code and an arbitrarily assigned number, for example, DFW3. The three-letter code typically corresponds with the International Air Transport Association airport code for an airport near the edge location. (These abbreviations might change in the future.) For a list of edge locations, see \"The Route 53 Global Network\" on the [Route 53 Product Details](https://docs.aws.amazon.com/route53/details/) page.\n- **Queries That Are Logged** - Query logs contain only the queries that DNS resolvers forward to Route 53. If a DNS resolver has already cached the response to a query (such as the IP address for a load balancer for example.com), the resolver will continue to return the cached response. It doesn't forward another query to Route 53 until the TTL for the corresponding resource record set expires. Depending on how many DNS queries are submitted for a resource record set, and depending on the TTL for that resource record set, query logs might contain information about only one query out of every several thousand queries that are submitted to DNS. For more information about how DNS works, see [Routing Internet Traffic to Your Website or Web Application](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/welcome-dns-service.html) in the *Amazon Route 53 Developer Guide* .\n- **Log File Format** - For a list of the values in each query log and the format of each value, see [Logging DNS Queries](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/query-logs.html) in the *Amazon Route 53 Developer Guide* .\n- **Pricing** - For information about charges for query logs, see [Amazon CloudWatch Pricing](https://docs.aws.amazon.com/cloudwatch/pricing/) .\n- **How to Stop Logging** - If you want Route 53 to stop sending query logs to CloudWatch Logs, delete the query logging configuration. For more information, see [DeleteQueryLoggingConfig](https://docs.aws.amazon.com/Route53/latest/APIReference/API_DeleteQueryLoggingConfig.html) .", - "title": "QueryLoggingConfig" - }, - "VPCs": { - "items": { - "$ref": "#/definitions/AWS::Route53::HostedZone.VPC" - }, - "markdownDescription": "*Private hosted zones:* A complex type that contains information about the VPCs that are associated with the specified hosted zone.\n\n> For public hosted zones, omit `VPCs` , `VPCId` , and `VPCRegion` .", - "title": "VPCs", - "type": "array" - } + "MapLayers": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialLayerItem" }, - "type": "object" + "markdownDescription": "The geospatial layers to visualize on the map.", + "title": "MapLayers", + "type": "array" }, - "Type": { - "enum": [ - "AWS::Route53::HostedZone" - ], - "type": "string" + "MapState": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapState", + "markdownDescription": "The map state properties for the map.", + "title": "MapState" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "MapStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapStyle", + "markdownDescription": "The map style properties for the map.", + "title": "MapStyle" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialLineLayer": { + "additionalProperties": false, + "properties": { + "Style": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialLineStyle", + "markdownDescription": "The visualization style for a line layer.", + "title": "Style" } }, "required": [ - "Type" + "Style" ], "type": "object" }, - "AWS::Route53::HostedZone.HostedZoneConfig": { + "AWS::QuickSight::Dashboard.GeospatialLineStyle": { "additionalProperties": false, "properties": { - "Comment": { - "markdownDescription": "Any comments that you want to include about the hosted zone.", - "title": "Comment", - "type": "string" + "LineSymbolStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialLineSymbolStyle", + "markdownDescription": "The symbol style for a line style.", + "title": "LineSymbolStyle" } }, "type": "object" }, - "AWS::Route53::HostedZone.HostedZoneTag": { + "AWS::QuickSight::Dashboard.GeospatialLineSymbolStyle": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The value of `Key` depends on the operation that you want to perform:\n\n- *Add a tag to a health check or hosted zone* : `Key` is the name that you want to give the new tag.\n- *Edit a tag* : `Key` is the name of the tag that you want to change the `Value` for.\n- *Delete a key* : `Key` is the name of the tag you want to remove.\n- *Give a name to a health check* : Edit the default `Name` tag. In the Amazon Route 53 console, the list of your health checks includes a *Name* column that lets you see the name that you've given to each health check.", - "title": "Key", - "type": "string" + "FillColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialColor", + "markdownDescription": "The color and opacity values for the fill color.", + "title": "FillColor" }, - "Value": { - "markdownDescription": "The value of `Value` depends on the operation that you want to perform:\n\n- *Add a tag to a health check or hosted zone* : `Value` is the value that you want to give the new tag.\n- *Edit a tag* : `Value` is the new value that you want to assign the tag.", - "title": "Value", - "type": "string" + "LineWidth": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialLineWidth", + "markdownDescription": "The width value for a line.", + "title": "LineWidth" } }, - "required": [ - "Key", - "Value" - ], "type": "object" }, - "AWS::Route53::HostedZone.QueryLoggingConfig": { + "AWS::QuickSight::Dashboard.GeospatialLineWidth": { "additionalProperties": false, "properties": { - "CloudWatchLogsLogGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the CloudWatch Logs log group that Amazon Route 53 is publishing logs to.", - "title": "CloudWatchLogsLogGroupArn", - "type": "string" + "LineWidth": { + "markdownDescription": "The positive value for the width of a line.", + "title": "LineWidth", + "type": "number" } }, - "required": [ - "CloudWatchLogsLogGroupArn" - ], "type": "object" }, - "AWS::Route53::HostedZone.VPC": { + "AWS::QuickSight::Dashboard.GeospatialMapAggregatedFieldWells": { "additionalProperties": false, "properties": { - "VPCId": { - "markdownDescription": "*Private hosted zones only:* The ID of an Amazon VPC.\n\n> For public hosted zones, omit `VPCs` , `VPCId` , and `VPCRegion` .", - "title": "VPCId", - "type": "string" + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The color field wells of a geospatial map.", + "title": "Colors", + "type": "array" }, - "VPCRegion": { - "markdownDescription": "*Private hosted zones only:* The region that an Amazon VPC was created in.\n\n> For public hosted zones, omit `VPCs` , `VPCId` , and `VPCRegion` .", - "title": "VPCRegion", - "type": "string" + "Geospatial": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The geospatial field wells of a geospatial map. Values are grouped by geospatial fields.", + "title": "Geospatial", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The size field wells of a geospatial map. Values are aggregated based on geospatial fields.", + "title": "Values", + "type": "array" } }, - "required": [ - "VPCId", - "VPCRegion" - ], "type": "object" }, - "AWS::Route53::KeySigningKey": { + "AWS::QuickSight::Dashboard.GeospatialMapConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" }, - "Metadata": { - "type": "object" + "MapStyleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapStyleOptions", + "markdownDescription": "The map style options of the geospatial map.", + "title": "MapStyleOptions" }, - "Properties": { - "additionalProperties": false, - "properties": { - "HostedZoneId": { - "markdownDescription": "The unique string (ID) that is used to identify a hosted zone. For example: `Z00001111A1ABCaaABC11` .", - "title": "HostedZoneId", - "type": "string" - }, - "KeyManagementServiceArn": { - "markdownDescription": "The Amazon resource name (ARN) for a customer managed customer master key (CMK) in AWS Key Management Service ( AWS KMS ). The `KeyManagementServiceArn` must be unique for each key-signing key (KSK) in a single hosted zone. For example: `arn:aws:kms:us-east-1:111122223333:key/111a2222-a11b-1ab1-2ab2-1ab21a2b3a111` .", - "title": "KeyManagementServiceArn", - "type": "string" - }, - "Name": { - "markdownDescription": "A string used to identify a key-signing key (KSK). `Name` can include numbers, letters, and underscores (_). `Name` must be unique for each key-signing key in the same hosted zone.", - "title": "Name", - "type": "string" - }, - "Status": { - "markdownDescription": "A string that represents the current key-signing key (KSK) status.\n\nStatus can have one of the following values:\n\n- **ACTIVE** - The KSK is being used for signing.\n- **INACTIVE** - The KSK is not being used for signing.\n- **DELETING** - The KSK is in the process of being deleted.\n- **ACTION_NEEDED** - There is a problem with the KSK that requires you to take action to resolve. For example, the customer managed key might have been deleted, or the permissions for the customer managed key might have been changed.\n- **INTERNAL_FAILURE** - There was an error during a request. Before you can continue to work with DNSSEC signing, including actions that involve this KSK, you must correct the problem. For example, you may need to activate or deactivate the KSK.", - "title": "Status", - "type": "string" - } - }, - "required": [ - "HostedZoneId", - "KeyManagementServiceArn", - "Name", - "Status" - ], - "type": "object" + "PointStyleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialPointStyleOptions", + "markdownDescription": "The point style options of the geospatial map.", + "title": "PointStyleOptions" }, - "Type": { - "enum": [ - "AWS::Route53::KeySigningKey" - ], - "type": "string" + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", + "markdownDescription": "", + "title": "VisualPalette" + }, + "WindowOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialWindowOptions", + "markdownDescription": "The window options of the geospatial map.", + "title": "WindowOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialMapFieldWells": { + "additionalProperties": false, + "properties": { + "GeospatialMapAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapAggregatedFieldWells", + "markdownDescription": "The aggregated field well for a geospatial map.", + "title": "GeospatialMapAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialMapState": { + "additionalProperties": false, + "properties": { + "Bounds": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialCoordinateBounds", + "markdownDescription": "", + "title": "Bounds" + }, + "MapNavigation": { + "markdownDescription": "Enables or disables map navigation for a map.", + "title": "MapNavigation", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Route53::RecordSet": { + "AWS::QuickSight::Dashboard.GeospatialMapStyle": { "additionalProperties": false, "properties": { - "Condition": { + "BackgroundColor": { + "markdownDescription": "The background color and opacity values for a map.", + "title": "BackgroundColor", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "BaseMapStyle": { + "markdownDescription": "The selected base map style.", + "title": "BaseMapStyle", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "BaseMapVisibility": { + "markdownDescription": "The state of visibility for the base map.", + "title": "BaseMapVisibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialMapStyleOptions": { + "additionalProperties": false, + "properties": { + "BaseMapStyle": { + "markdownDescription": "The base map style of the geospatial map.", + "title": "BaseMapStyle", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialMapVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" }, - "Metadata": { - "type": "object" + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AliasTarget": { - "$ref": "#/definitions/AWS::Route53::RecordSet.AliasTarget", - "markdownDescription": "*Alias resource record sets only:* Information about the AWS resource, such as a CloudFront distribution or an Amazon S3 bucket, that you want to route traffic to.\n\nIf you're creating resource records sets for a private hosted zone, note the following:\n\n- You can't create an alias resource record set in a private hosted zone to route traffic to a CloudFront distribution.\n- For information about creating failover resource record sets in a private hosted zone, see [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html) in the *Amazon Route 53 Developer Guide* .", - "title": "AliasTarget" - }, - "CidrRoutingConfig": { - "$ref": "#/definitions/AWS::Route53::RecordSet.CidrRoutingConfig", - "markdownDescription": "The object that is specified in resource record set object when you are linking a resource record set to a CIDR location.\n\nA `LocationName` with an asterisk \u201c*\u201d can be used to create a default CIDR record. `CollectionId` is still required for default record.", - "title": "CidrRoutingConfig" - }, - "Comment": { - "markdownDescription": "*Optional:* Any comments you want to include about a change batch request.", - "title": "Comment", - "type": "string" - }, - "Failover": { - "markdownDescription": "*Failover resource record sets only:* To configure failover, you add the `Failover` element to two resource record sets. For one resource record set, you specify `PRIMARY` as the value for `Failover` ; for the other resource record set, you specify `SECONDARY` . In addition, you include the `HealthCheckId` element and specify the health check that you want Amazon Route 53 to perform for each resource record set.\n\nExcept where noted, the following failover behaviors assume that you have included the `HealthCheckId` element in both resource record sets:\n\n- When the primary resource record set is healthy, Route 53 responds to DNS queries with the applicable value from the primary resource record set regardless of the health of the secondary resource record set.\n- When the primary resource record set is unhealthy and the secondary resource record set is healthy, Route 53 responds to DNS queries with the applicable value from the secondary resource record set.\n- When the secondary resource record set is unhealthy, Route 53 responds to DNS queries with the applicable value from the primary resource record set regardless of the health of the primary resource record set.\n- If you omit the `HealthCheckId` element for the secondary resource record set, and if the primary resource record set is unhealthy, Route 53 always responds to DNS queries with the applicable value from the secondary resource record set. This is true regardless of the health of the associated endpoint.\n\nYou can't create non-failover resource record sets that have the same values for the `Name` and `Type` elements as failover resource record sets.\n\nFor failover alias resource record sets, you must also include the `EvaluateTargetHealth` element and set the value to true.\n\nFor more information about configuring failover for Route 53, see the following topics in the *Amazon Route 53 Developer Guide* :\n\n- [Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html)\n- [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html)", - "title": "Failover", - "type": "string" - }, - "GeoLocation": { - "$ref": "#/definitions/AWS::Route53::RecordSet.GeoLocation", - "markdownDescription": "*Geolocation resource record sets only:* A complex type that lets you control how Amazon Route 53 responds to DNS queries based on the geographic origin of the query. For example, if you want all queries from Africa to be routed to a web server with an IP address of `192.0.2.111` , create a resource record set with a `Type` of `A` and a `ContinentCode` of `AF` .\n\nIf you create separate resource record sets for overlapping geographic regions (for example, one resource record set for a continent and one for a country on the same continent), priority goes to the smallest geographic region. This allows you to route most queries for a continent to one resource and to route queries for a country on that continent to a different resource.\n\nYou can't create two geolocation resource record sets that specify the same geographic location.\n\nThe value `*` in the `CountryCode` element matches all geographic locations that aren't specified in other geolocation resource record sets that have the same values for the `Name` and `Type` elements.\n\n> Geolocation works by mapping IP addresses to locations. However, some IP addresses aren't mapped to geographic locations, so even if you create geolocation resource record sets that cover all seven continents, Route 53 will receive some DNS queries from locations that it can't identify. We recommend that you create a resource record set for which the value of `CountryCode` is `*` . Two groups of queries are routed to the resource that you specify in this record: queries that come from locations for which you haven't created geolocation resource record sets and queries from IP addresses that aren't mapped to a location. If you don't create a `*` resource record set, Route 53 returns a \"no answer\" response for queries from those locations. \n\nYou can't create non-geolocation resource record sets that have the same values for the `Name` and `Type` elements as geolocation resource record sets.", - "title": "GeoLocation" - }, - "GeoProximityLocation": { - "$ref": "#/definitions/AWS::Route53::RecordSet.GeoProximityLocation", - "markdownDescription": "*GeoproximityLocation resource record sets only:* A complex type that lets you control how Route\u00a053 responds to DNS queries based on the geographic origin of the query and your resources.", - "title": "GeoProximityLocation" - }, - "HealthCheckId": { - "markdownDescription": "If you want Amazon Route 53 to return this resource record set in response to a DNS query only when the status of a health check is healthy, include the `HealthCheckId` element and specify the ID of the applicable health check.\n\nRoute 53 determines whether a resource record set is healthy based on one of the following:\n\n- By periodically sending a request to the endpoint that is specified in the health check\n- By aggregating the status of a specified group of health checks (calculated health checks)\n- By determining the current state of a CloudWatch alarm (CloudWatch metric health checks)\n\n> Route 53 doesn't check the health of the endpoint that is specified in the resource record set, for example, the endpoint specified by the IP address in the `Value` element. When you add a `HealthCheckId` element to a resource record set, Route 53 checks the health of the endpoint that you specified in the health check. \n\nFor more information, see the following topics in the *Amazon Route 53 Developer Guide* :\n\n- [How Amazon Route 53 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html)\n- [Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html)\n- [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html)\n\n*When to Specify HealthCheckId*\n\nSpecifying a value for `HealthCheckId` is useful only when Route 53 is choosing between two or more resource record sets to respond to a DNS query, and you want Route 53 to base the choice in part on the status of a health check. Configuring health checks makes sense only in the following configurations:\n\n- *Non-alias resource record sets* : You're checking the health of a group of non-alias resource record sets that have the same routing policy, name, and type (such as multiple weighted records named www.example.com with a type of A) and you specify health check IDs for all the resource record sets.\n\nIf the health check status for a resource record set is healthy, Route 53 includes the record among the records that it responds to DNS queries with.\n\nIf the health check status for a resource record set is unhealthy, Route 53 stops responding to DNS queries using the value for that resource record set.\n\nIf the health check status for all resource record sets in the group is unhealthy, Route 53 considers all resource record sets in the group healthy and responds to DNS queries accordingly.\n- *Alias resource record sets* : You specify the following settings:\n\n- You set `EvaluateTargetHealth` to true for an alias resource record set in a group of resource record sets that have the same routing policy, name, and type (such as multiple weighted records named www.example.com with a type of A).\n- You configure the alias resource record set to route traffic to a non-alias resource record set in the same hosted zone.\n- You specify a health check ID for the non-alias resource record set.\n\nIf the health check status is healthy, Route 53 considers the alias resource record set to be healthy and includes the alias record among the records that it responds to DNS queries with.\n\nIf the health check status is unhealthy, Route 53 stops responding to DNS queries using the alias resource record set.\n\n> The alias resource record set can also route traffic to a *group* of non-alias resource record sets that have the same routing policy, name, and type. In that configuration, associate health checks with all of the resource record sets in the group of non-alias resource record sets.\n\n*Geolocation Routing*\n\nFor geolocation resource record sets, if an endpoint is unhealthy, Route 53 looks for a resource record set for the larger, associated geographic region. For example, suppose you have resource record sets for a state in the United States, for the entire United States, for North America, and a resource record set that has `*` for `CountryCode` is `*` , which applies to all locations. If the endpoint for the state resource record set is unhealthy, Route 53 checks for healthy resource record sets in the following order until it finds a resource record set for which the endpoint is healthy:\n\n- The United States\n- North America\n- The default resource record set\n\n*Specifying the Health Check Endpoint by Domain Name*\n\nIf your health checks specify the endpoint only by domain name, we recommend that you create a separate health check for each endpoint. For example, create a health check for each `HTTP` server that is serving content for `www.example.com` . For the value of `FullyQualifiedDomainName` , specify the domain name of the server (such as `us-east-2-www.example.com` ), not the name of the resource record sets ( `www.example.com` ).\n\n> Health check results will be unpredictable if you do the following:\n> \n> - Create a health check that has the same value for `FullyQualifiedDomainName` as the name of a resource record set.\n> - Associate that health check with the resource record set.", - "title": "HealthCheckId", - "type": "string" - }, - "HostedZoneId": { - "markdownDescription": "The ID of the hosted zone that you want to create records in.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", - "title": "HostedZoneId", - "type": "string" - }, - "HostedZoneName": { - "markdownDescription": "The name of the hosted zone that you want to create records in. You must include a trailing dot (for example, `www.example.com.` ) as part of the `HostedZoneName` .\n\nWhen you create a stack using an AWS::Route53::RecordSet that specifies `HostedZoneName` , AWS CloudFormation attempts to find a hosted zone whose name matches the HostedZoneName. If AWS CloudFormation cannot find a hosted zone with a matching domain name, or if there is more than one hosted zone with the specified domain name, AWS CloudFormation will not create the stack.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", - "title": "HostedZoneName", - "type": "string" - }, - "MultiValueAnswer": { - "markdownDescription": "*Multivalue answer resource record sets only* : To route traffic approximately randomly to multiple resources, such as web servers, create one multivalue answer record for each resource and specify `true` for `MultiValueAnswer` . Note the following:\n\n- If you associate a health check with a multivalue answer resource record set, Amazon Route 53 responds to DNS queries with the corresponding IP address only when the health check is healthy.\n- If you don't associate a health check with a multivalue answer record, Route 53 always considers the record to be healthy.\n- Route 53 responds to DNS queries with up to eight healthy records; if you have eight or fewer healthy records, Route 53 responds to all DNS queries with all the healthy records.\n- If you have more than eight healthy records, Route 53 responds to different DNS resolvers with different combinations of healthy records.\n- When all records are unhealthy, Route 53 responds to DNS queries with up to eight unhealthy records.\n- If a resource becomes unavailable after a resolver caches a response, client software typically tries another of the IP addresses in the response.\n\nYou can't create multivalue answer alias records.", - "title": "MultiValueAnswer", - "type": "boolean" - }, - "Name": { - "markdownDescription": "For `ChangeResourceRecordSets` requests, the name of the record that you want to create, update, or delete. For `ListResourceRecordSets` responses, the name of a record in the specified hosted zone.\n\n*ChangeResourceRecordSets Only*\n\nEnter a fully qualified domain name, for example, `www.example.com` . You can optionally include a trailing dot. If you omit the trailing dot, Amazon Route 53 assumes that the domain name that you specify is fully qualified. This means that Route 53 treats `www.example.com` (without a trailing dot) and `www.example.com.` (with a trailing dot) as identical.\n\nFor information about how to specify characters other than `a-z` , `0-9` , and `-` (hyphen) and how to specify internationalized domain names, see [DNS Domain Name Format](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/DomainNameFormat.html) in the *Amazon Route 53 Developer Guide* .\n\nYou can use the asterisk (*) wildcard to replace the leftmost label in a domain name, for example, `*.example.com` . Note the following:\n\n- The * must replace the entire label. For example, you can't specify `*prod.example.com` or `prod*.example.com` .\n- The * can't replace any of the middle labels, for example, marketing.*.example.com.\n- If you include * in any position other than the leftmost label in a domain name, DNS treats it as an * character (ASCII 42), not as a wildcard.\n\n> You can't use the * wildcard for resource records sets that have a type of NS.", - "title": "Name", - "type": "string" - }, - "Region": { - "markdownDescription": "*Latency-based resource record sets only:* The Amazon EC2 Region where you created the resource that this resource record set refers to. The resource typically is an AWS resource, such as an EC2 instance or an ELB load balancer, and is referred to by an IP address or a DNS domain name, depending on the record type.\n\nWhen Amazon Route 53 receives a DNS query for a domain name and type for which you have created latency resource record sets, Route 53 selects the latency resource record set that has the lowest latency between the end user and the associated Amazon EC2 Region. Route 53 then returns the value that is associated with the selected resource record set.\n\nNote the following:\n\n- You can only specify one `ResourceRecord` per latency resource record set.\n- You can only create one latency resource record set for each Amazon EC2 Region.\n- You aren't required to create latency resource record sets for all Amazon EC2 Regions. Route 53 will choose the region with the best latency from among the regions that you create latency resource record sets for.\n- You can't create non-latency resource record sets that have the same values for the `Name` and `Type` elements as latency resource record sets.", - "title": "Region", - "type": "string" - }, - "ResourceRecords": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more values that correspond with the value that you specified for the `Type` property. For example, if you specified `A` for `Type` , you specify one or more IP addresses in IPv4 format for `ResourceRecords` . For information about the format of values for each record type, see [Supported DNS Resource Record Types](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ResourceRecordTypes.html) in the *Amazon Route 53 Developer Guide* .\n\nNote the following:\n\n- You can specify more than one value for all record types except CNAME and SOA.\n- The maximum length of a value is 4000 characters.\n- If you're creating an alias record, omit `ResourceRecords` .", - "title": "ResourceRecords", - "type": "array" - }, - "SetIdentifier": { - "markdownDescription": "*Resource record sets that have a routing policy other than simple:* An identifier that differentiates among multiple resource record sets that have the same combination of name and type, such as multiple weighted resource record sets named acme.example.com that have a type of A. In a group of resource record sets that have the same name and type, the value of `SetIdentifier` must be unique for each resource record set.\n\nFor information about routing policies, see [Choosing a Routing Policy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html) in the *Amazon Route 53 Developer Guide* .", - "title": "SetIdentifier", - "type": "string" - }, - "TTL": { - "markdownDescription": "The resource record cache time to live (TTL), in seconds. Note the following:\n\n- If you're creating or updating an alias resource record set, omit `TTL` . Amazon Route 53 uses the value of `TTL` for the alias target.\n- If you're associating this resource record set with a health check (if you're adding a `HealthCheckId` element), we recommend that you specify a `TTL` of 60 seconds or less so clients respond quickly to changes in health status.\n- All of the resource record sets in a group of weighted resource record sets must have the same value for `TTL` .\n- If a group of weighted resource record sets includes one or more weighted alias resource record sets for which the alias target is an ELB load balancer, we recommend that you specify a `TTL` of 60 seconds for all of the non-alias weighted resource record sets that have the same name and type. Values other than 60 seconds (the TTL for load balancers) will change the effect of the values that you specify for `Weight` .", - "title": "TTL", - "type": "string" - }, - "Type": { - "markdownDescription": "The DNS record type. For information about different record types and how data is encoded for them, see [Supported DNS Resource Record Types](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ResourceRecordTypes.html) in the *Amazon Route 53 Developer Guide* .\n\nValid values for basic resource record sets: `A` | `AAAA` | `CAA` | `CNAME` | `DS` | `MX` | `NAPTR` | `NS` | `PTR` | `SOA` | `SPF` | `SRV` | `TXT` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS`\n\nValues for weighted, latency, geolocation, and failover resource record sets: `A` | `AAAA` | `CAA` | `CNAME` | `MX` | `NAPTR` | `PTR` | `SPF` | `SRV` | `TXT` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS` . When creating a group of weighted, latency, geolocation, or failover resource record sets, specify the same value for all of the resource record sets in the group.\n\nValid values for multivalue answer resource record sets: `A` | `AAAA` | `MX` | `NAPTR` | `PTR` | `SPF` | `SRV` | `TXT` | `CAA` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS`\n\n> SPF records were formerly used to verify the identity of the sender of email messages. However, we no longer recommend that you create resource record sets for which the value of `Type` is `SPF` . RFC 7208, *Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1* , has been updated to say, \"...[I]ts existence and mechanism defined in [RFC4408] have led to some interoperability issues. Accordingly, its use is no longer appropriate for SPF version 1; implementations are not to use it.\" In RFC 7208, see section 14.1, [The SPF DNS Record Type](https://docs.aws.amazon.com/http://tools.ietf.org/html/rfc7208#section-14.1) . \n\nValues for alias resource record sets:\n\n- *Amazon API Gateway custom regional APIs and edge-optimized APIs:* `A`\n- *CloudFront distributions:* `A`\n\nIf IPv6 is enabled for the distribution, create two resource record sets to route traffic to your distribution, one with a value of `A` and one with a value of `AAAA` .\n- *Amazon API Gateway environment that has a regionalized subdomain* : `A`\n- *ELB load balancers:* `A` | `AAAA`\n- *Amazon S3 buckets:* `A`\n- *Amazon Virtual Private Cloud interface VPC endpoints* `A`\n- *Another resource record set in this hosted zone:* Specify the type of the resource record set that you're creating the alias for. All values are supported except `NS` and `SOA` .\n\n> If you're creating an alias record that has the same name as the hosted zone (known as the zone apex), you can't route traffic to a record for which the value of `Type` is `CNAME` . This is because the alias record must have the same type as the record you're routing traffic to, and creating a CNAME record for the zone apex isn't supported even for an alias record.", - "title": "Type", - "type": "string" - }, - "Weight": { - "markdownDescription": "*Weighted resource record sets only:* Among resource record sets that have the same combination of DNS name and type, a value that determines the proportion of DNS queries that Amazon Route 53 responds to using the current resource record set. Route 53 calculates the sum of the weights for the resource record sets that have the same combination of DNS name and type. Route 53 then responds to queries based on the ratio of a resource's weight to the total. Note the following:\n\n- You must specify a value for the `Weight` element for every weighted resource record set.\n- You can only specify one `ResourceRecord` per weighted resource record set.\n- You can't create latency, failover, or geolocation resource record sets that have the same values for the `Name` and `Type` elements as weighted resource record sets.\n- You can create a maximum of 100 weighted resource record sets that have the same values for the `Name` and `Type` elements.\n- For weighted (but not weighted alias) resource record sets, if you set `Weight` to `0` for a resource record set, Route 53 never responds to queries with the applicable value for that resource record set. However, if you set `Weight` to `0` for all resource record sets that have the same combination of DNS name and type, traffic is routed to all resources with equal probability.\n\nThe effect of setting `Weight` to `0` is different when you associate health checks with weighted resource record sets. For more information, see [Options for Configuring Route 53 Active-Active and Active-Passive Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-configuring-options.html) in the *Amazon Route 53 Developer Guide* .", - "title": "Weight", - "type": "number" - } + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" }, - "required": [ - "Name", - "Type" - ], - "type": "object" + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" }, - "Type": { - "enum": [ - "AWS::Route53::RecordSet" - ], + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", "type": "string" } }, "required": [ - "Type", - "Properties" + "VisualId" ], "type": "object" }, - "AWS::Route53::RecordSet.AliasTarget": { + "AWS::QuickSight::Dashboard.GeospatialNullDataSettings": { "additionalProperties": false, "properties": { - "DNSName": { - "markdownDescription": "*Alias records only:* The value that you specify depends on where you want to route queries:\n\n- **Amazon API Gateway custom regional APIs and edge-optimized APIs** - Specify the applicable domain name for your API. You can get the applicable value using the AWS CLI command [get-domain-names](https://docs.aws.amazon.com/cli/latest/reference/apigateway/get-domain-names.html) :\n\n- For regional APIs, specify the value of `regionalDomainName` .\n- For edge-optimized APIs, specify the value of `distributionDomainName` . This is the name of the associated CloudFront distribution, such as `da1b2c3d4e5.cloudfront.net` .\n\n> The name of the record that you're creating must match a custom domain name for your API, such as `api.example.com` .\n- **Amazon Virtual Private Cloud interface VPC endpoint** - Enter the API endpoint for the interface endpoint, such as `vpce-123456789abcdef01-example-us-east-1a.elasticloadbalancing.us-east-1.vpce.amazonaws.com` . For edge-optimized APIs, this is the domain name for the corresponding CloudFront distribution. You can get the value of `DnsName` using the AWS CLI command [describe-vpc-endpoints](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-vpc-endpoints.html) .\n- **CloudFront distribution** - Specify the domain name that CloudFront assigned when you created your distribution.\n\nYour CloudFront distribution must include an alternate domain name that matches the name of the record. For example, if the name of the record is *acme.example.com* , your CloudFront distribution must include *acme.example.com* as one of the alternate domain names. For more information, see [Using Alternate Domain Names (CNAMEs)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/CNAMEs.html) in the *Amazon CloudFront Developer Guide* .\n\nYou can't create a record in a private hosted zone to route traffic to a CloudFront distribution.\n\n> For failover alias records, you can't specify a CloudFront distribution for both the primary and secondary records. A distribution must include an alternate domain name that matches the name of the record. However, the primary and secondary records have the same name, and you can't include the same alternate domain name in more than one distribution.\n- **Elastic Beanstalk environment** - If the domain name for your Elastic Beanstalk environment includes the region that you deployed the environment in, you can create an alias record that routes traffic to the environment. For example, the domain name `my-environment. *us-west-2* .elasticbeanstalk.com` is a regionalized domain name.\n\n> For environments that were created before early 2016, the domain name doesn't include the region. To route traffic to these environments, you must create a CNAME record instead of an alias record. Note that you can't create a CNAME record for the root domain name. For example, if your domain name is example.com, you can create a record that routes traffic for acme.example.com to your Elastic Beanstalk environment, but you can't create a record that routes traffic for example.com to your Elastic Beanstalk environment. \n\nFor Elastic Beanstalk environments that have regionalized subdomains, specify the `CNAME` attribute for the environment. You can use the following methods to get the value of the CNAME attribute:\n\n- *AWS Management Console* : For information about how to get the value by using the console, see [Using Custom Domains with AWS Elastic Beanstalk](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/customdomains.html) in the *AWS Elastic Beanstalk Developer Guide* .\n- *Elastic Beanstalk API* : Use the `DescribeEnvironments` action to get the value of the `CNAME` attribute. For more information, see [DescribeEnvironments](https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DescribeEnvironments.html) in the *AWS Elastic Beanstalk API Reference* .\n- *AWS CLI* : Use the `describe-environments` command to get the value of the `CNAME` attribute. For more information, see [describe-environments](https://docs.aws.amazon.com/cli/latest/reference/elasticbeanstalk/describe-environments.html) in the *AWS CLI* .\n- **ELB load balancer** - Specify the DNS name that is associated with the load balancer. Get the DNS name by using the AWS Management Console , the ELB API, or the AWS CLI .\n\n- *AWS Management Console* : Go to the EC2 page, choose *Load Balancers* in the navigation pane, choose the load balancer, choose the *Description* tab, and get the value of the *DNS name* field.\n\nIf you're routing traffic to a Classic Load Balancer, get the value that begins with *dualstack* . If you're routing traffic to another type of load balancer, get the value that applies to the record type, A or AAAA.\n- *Elastic Load Balancing API* : Use `DescribeLoadBalancers` to get the value of `DNSName` . For more information, see the applicable guide:\n\n- Classic Load Balancers: [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DescribeLoadBalancers.html)\n- Application and Network Load Balancers: [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html)\n- *CloudFormation Fn::GetAtt intrinsic function* : Use the [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-getatt.html) intrinsic function to get the value of `DNSName` :\n\n- [Classic Load Balancers](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html#aws-properties-ec2-elb-return-values) .\n- [Application and Network Load Balancers](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#aws-resource-elasticloadbalancingv2-loadbalancer-return-values) .\n- *AWS CLI* : Use `describe-load-balancers` to get the value of `DNSName` . For more information, see the applicable guide:\n\n- Classic Load Balancers: [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elb/describe-load-balancers.html)\n- Application and Network Load Balancers: [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elbv2/describe-load-balancers.html)\n- **Global Accelerator accelerator** - Specify the DNS name for your accelerator:\n\n- *Global Accelerator API* : To get the DNS name, use [DescribeAccelerator](https://docs.aws.amazon.com/global-accelerator/latest/api/API_DescribeAccelerator.html) .\n- *AWS CLI* : To get the DNS name, use [describe-accelerator](https://docs.aws.amazon.com/cli/latest/reference/globalaccelerator/describe-accelerator.html) .\n- **Amazon S3 bucket that is configured as a static website** - Specify the domain name of the Amazon S3 website endpoint that you created the bucket in, for example, `s3-website.us-east-2.amazonaws.com` . For more information about valid values, see the table [Amazon S3 Website Endpoints](https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_website_region_endpoints) in the *Amazon Web Services General Reference* . For more information about using S3 buckets for websites, see [Getting Started with Amazon Route 53](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/getting-started.html) in the *Amazon Route 53 Developer Guide.*\n- **Another Route 53 record** - Specify the value of the `Name` element for a record in the current hosted zone.\n\n> If you're creating an alias record that has the same name as the hosted zone (known as the zone apex), you can't specify the domain name for a record for which the value of `Type` is `CNAME` . This is because the alias record must have the same type as the record that you're routing traffic to, and creating a CNAME record for the zone apex isn't supported even for an alias record.", - "title": "DNSName", - "type": "string" - }, - "EvaluateTargetHealth": { - "markdownDescription": "*Applies only to alias, failover alias, geolocation alias, latency alias, and weighted alias resource record sets:* When `EvaluateTargetHealth` is `true` , an alias resource record set inherits the health of the referenced AWS resource, such as an ELB load balancer or another resource record set in the hosted zone.\n\nNote the following:\n\n- **CloudFront distributions** - You can't set `EvaluateTargetHealth` to `true` when the alias target is a CloudFront distribution.\n- **Elastic Beanstalk environments that have regionalized subdomains** - If you specify an Elastic Beanstalk environment in `DNSName` and the environment contains an ELB load balancer, Elastic Load Balancing routes queries only to the healthy Amazon EC2 instances that are registered with the load balancer. (An environment automatically contains an ELB load balancer if it includes more than one Amazon EC2 instance.) If you set `EvaluateTargetHealth` to `true` and either no Amazon EC2 instances are healthy or the load balancer itself is unhealthy, Route 53 routes queries to other available resources that are healthy, if any.\n\nIf the environment contains a single Amazon EC2 instance, there are no special requirements.\n- **ELB load balancers** - Health checking behavior depends on the type of load balancer:\n\n- *Classic Load Balancers* : If you specify an ELB Classic Load Balancer in `DNSName` , Elastic Load Balancing routes queries only to the healthy Amazon EC2 instances that are registered with the load balancer. If you set `EvaluateTargetHealth` to `true` and either no EC2 instances are healthy or the load balancer itself is unhealthy, Route 53 routes queries to other resources.\n- *Application and Network Load Balancers* : If you specify an ELB Application or Network Load Balancer and you set `EvaluateTargetHealth` to `true` , Route 53 routes queries to the load balancer based on the health of the target groups that are associated with the load balancer:\n\n- For an Application or Network Load Balancer to be considered healthy, every target group that contains targets must contain at least one healthy target. If any target group contains only unhealthy targets, the load balancer is considered unhealthy, and Route 53 routes queries to other resources.\n- A target group that has no registered targets is considered unhealthy.\n\n> When you create a load balancer, you configure settings for Elastic Load Balancing health checks; they're not Route 53 health checks, but they perform a similar function. Do not create Route 53 health checks for the EC2 instances that you register with an ELB load balancer.\n- **S3 buckets** - There are no special requirements for setting `EvaluateTargetHealth` to `true` when the alias target is an S3 bucket.\n- **Other records in the same hosted zone** - If the AWS resource that you specify in `DNSName` is a record or a group of records (for example, a group of weighted records) but is not another alias record, we recommend that you associate a health check with all of the records in the alias target. For more information, see [What Happens When You Omit Health Checks?](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-complex-configs.html#dns-failover-complex-configs-hc-omitting) in the *Amazon Route 53 Developer Guide* .\n\nFor more information and examples, see [Amazon Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html) in the *Amazon Route 53 Developer Guide* .", - "title": "EvaluateTargetHealth", - "type": "boolean" - }, - "HostedZoneId": { - "markdownDescription": "*Alias resource records sets only* : The value used depends on where you want to route traffic:\n\n- **Amazon API Gateway custom regional APIs and edge-optimized APIs** - Specify the hosted zone ID for your API. You can get the applicable value using the AWS CLI command [get-domain-names](https://docs.aws.amazon.com/cli/latest/reference/apigateway/get-domain-names.html) :\n\n- For regional APIs, specify the value of `regionalHostedZoneId` .\n- For edge-optimized APIs, specify the value of `distributionHostedZoneId` .\n- **Amazon Virtual Private Cloud interface VPC endpoint** - Specify the hosted zone ID for your interface endpoint. You can get the value of `HostedZoneId` using the AWS CLI command [describe-vpc-endpoints](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-vpc-endpoints.html) .\n- **CloudFront distribution** - Specify `Z2FDTNDATAQYW2` . This is always the hosted zone ID when you create an alias record that routes traffic to a CloudFront distribution.\n\n> Alias records for CloudFront can't be created in a private zone.\n- **Elastic Beanstalk environment** - Specify the hosted zone ID for the region that you created the environment in. The environment must have a regionalized subdomain. For a list of regions and the corresponding hosted zone IDs, see [AWS Elastic Beanstalk endpoints and quotas](https://docs.aws.amazon.com/general/latest/gr/elasticbeanstalk.html) in the *Amazon Web Services General Reference* .\n- **ELB load balancer** - Specify the value of the hosted zone ID for the load balancer. Use the following methods to get the hosted zone ID:\n\n- [Service Endpoints](https://docs.aws.amazon.com/general/latest/gr/elb.html) table in the \"Elastic Load Balancing Endpoints and Quotas\" topic in the *Amazon Web Services General Reference* : Use the value that corresponds with the region that you created your load balancer in. Note that there are separate columns for Application and Classic Load Balancers and for Network Load Balancers.\n- *AWS Management Console* : Go to the Amazon EC2 page, choose *Load Balancers* in the navigation pane, select the load balancer, and get the value of the *Hosted zone* field on the *Description* tab.\n- *Elastic Load Balancing API* : Use `DescribeLoadBalancers` to get the applicable value. For more information, see the applicable guide:\n\n- Classic Load Balancers: Use [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DescribeLoadBalancers.html) to get the value of `CanonicalHostedZoneNameID` .\n- Application and Network Load Balancers: Use [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html) to get the value of `CanonicalHostedZoneID` .\n- *CloudFormation Fn::GetAtt intrinsic function* : Use the [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-getatt.html) intrinsic function to get the applicable value:\n\n- Classic Load Balancers: Get [CanonicalHostedZoneNameID](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html#aws-properties-ec2-elb-return-values) .\n- Application and Network Load Balancers: Get [CanonicalHostedZoneID](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#aws-resource-elasticloadbalancingv2-loadbalancer-return-values) .\n- *AWS CLI* : Use `describe-load-balancers` to get the applicable value. For more information, see the applicable guide:\n\n- Classic Load Balancers: Use [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elb/describe-load-balancers.html) to get the value of `CanonicalHostedZoneNameID` .\n- Application and Network Load Balancers: Use [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elbv2/describe-load-balancers.html) to get the value of `CanonicalHostedZoneID` .\n- **Global Accelerator accelerator** - Specify `Z2BJ6XQ5FK7U4H` .\n- **An Amazon S3 bucket configured as a static website** - Specify the hosted zone ID for the region that you created the bucket in. For more information about valid values, see the table [Amazon S3 Website Endpoints](https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_website_region_endpoints) in the *Amazon Web Services General Reference* .\n- **Another Route 53 record in your hosted zone** - Specify the hosted zone ID of your hosted zone. (An alias record can't reference a record in a different hosted zone.)", - "title": "HostedZoneId", - "type": "string" + "SymbolStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialNullSymbolStyle", + "markdownDescription": "The symbol style for null data.", + "title": "SymbolStyle" } }, "required": [ - "DNSName", - "HostedZoneId" + "SymbolStyle" ], "type": "object" }, - "AWS::Route53::RecordSet.CidrRoutingConfig": { + "AWS::QuickSight::Dashboard.GeospatialNullSymbolStyle": { "additionalProperties": false, "properties": { - "CollectionId": { - "markdownDescription": "The CIDR collection ID.", - "title": "CollectionId", + "FillColor": { + "markdownDescription": "The color and opacity values for the fill color.", + "title": "FillColor", "type": "string" }, - "LocationName": { - "markdownDescription": "The CIDR collection location name.", - "title": "LocationName", + "StrokeColor": { + "markdownDescription": "The color and opacity values for the stroke color.", + "title": "StrokeColor", "type": "string" + }, + "StrokeWidth": { + "markdownDescription": "The width of the border stroke.", + "title": "StrokeWidth", + "type": "number" } }, - "required": [ - "CollectionId", - "LocationName" - ], "type": "object" }, - "AWS::Route53::RecordSet.Coordinates": { + "AWS::QuickSight::Dashboard.GeospatialPointLayer": { "additionalProperties": false, "properties": { - "Latitude": { - "markdownDescription": "Specifies a coordinate of the north\u2013south position of a geographic point on the surface of the Earth (-90 - 90).", - "title": "Latitude", - "type": "string" - }, - "Longitude": { - "markdownDescription": "Specifies a coordinate of the east\u2013west position of a geographic point on the surface of the Earth (-180 - 180).", - "title": "Longitude", - "type": "string" + "Style": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialPointStyle", + "markdownDescription": "The visualization style for a point layer.", + "title": "Style" } }, "required": [ - "Latitude", - "Longitude" + "Style" ], "type": "object" }, - "AWS::Route53::RecordSet.GeoLocation": { + "AWS::QuickSight::Dashboard.GeospatialPointStyle": { "additionalProperties": false, "properties": { - "ContinentCode": { - "markdownDescription": "For geolocation resource record sets, a two-letter abbreviation that identifies a continent. Route 53 supports the following continent codes:\n\n- *AF* : Africa\n- *AN* : Antarctica\n- *AS* : Asia\n- *EU* : Europe\n- *OC* : Oceania\n- *NA* : North America\n- *SA* : South America\n\nConstraint: Specifying `ContinentCode` with either `CountryCode` or `SubdivisionCode` returns an `InvalidInput` error.", - "title": "ContinentCode", - "type": "string" - }, - "CountryCode": { - "markdownDescription": "For geolocation resource record sets, the two-letter code for a country.\n\nRoute 53 uses the two-letter country codes that are specified in [ISO standard 3166-1 alpha-2](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2) .", - "title": "CountryCode", - "type": "string" - }, - "SubdivisionCode": { - "markdownDescription": "For geolocation resource record sets, the two-letter code for a state of the United States. Route 53 doesn't support any other values for `SubdivisionCode` . For a list of state abbreviations, see [Appendix B: Two\u2013Letter State and Possession Abbreviations](https://docs.aws.amazon.com/https://pe.usps.com/text/pub28/28apb.htm) on the United States Postal Service website.\n\nIf you specify `subdivisioncode` , you must also specify `US` for `CountryCode` .", - "title": "SubdivisionCode", - "type": "string" + "CircleSymbolStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialCircleSymbolStyle", + "markdownDescription": "The circle symbol style for a point layer.", + "title": "CircleSymbolStyle" } }, "type": "object" }, - "AWS::Route53::RecordSet.GeoProximityLocation": { + "AWS::QuickSight::Dashboard.GeospatialPointStyleOptions": { "additionalProperties": false, "properties": { - "AWSRegion": { - "markdownDescription": "The AWS Region the resource you are directing DNS traffic to, is in.", - "title": "AWSRegion", - "type": "string" - }, - "Bias": { - "markdownDescription": "The bias increases or decreases the size of the geographic region from which Route\u00a053 routes traffic to a resource.\n\nTo use `Bias` to change the size of the geographic region, specify the applicable value for the bias:\n\n- To expand the size of the geographic region from which Route\u00a053 routes traffic to a resource, specify a positive integer from 1 to 99 for the bias. Route\u00a053 shrinks the size of adjacent regions.\n- To shrink the size of the geographic region from which Route\u00a053 routes traffic to a resource, specify a negative bias of -1 to -99. Route\u00a053 expands the size of adjacent regions.", - "title": "Bias", - "type": "number" + "ClusterMarkerConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ClusterMarkerConfiguration", + "markdownDescription": "The cluster marker configuration of the geospatial point style.", + "title": "ClusterMarkerConfiguration" }, - "Coordinates": { - "$ref": "#/definitions/AWS::Route53::RecordSet.Coordinates", - "markdownDescription": "Contains the longitude and latitude for a geographic region.", - "title": "Coordinates" + "HeatmapConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialHeatmapConfiguration", + "markdownDescription": "The heatmap configuration of the geospatial point style.", + "title": "HeatmapConfiguration" }, - "LocalZoneGroup": { - "markdownDescription": "Specifies an AWS Local Zone Group.\n\nA local Zone Group is usually the Local Zone code without the ending character. For example, if the Local Zone is `us-east-1-bue-1a` the Local Zone Group is `us-east-1-bue-1` .\n\nYou can identify the Local Zones Group for a specific Local Zone by using the [describe-availability-zones](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-availability-zones.html) CLI command:\n\nThis command returns: `\"GroupName\": \"us-west-2-den-1\"` , specifying that the Local Zone `us-west-2-den-1a` belongs to the Local Zone Group `us-west-2-den-1` .", - "title": "LocalZoneGroup", + "SelectedPointStyle": { + "markdownDescription": "The selected point styles (point, cluster) of the geospatial map.", + "title": "SelectedPointStyle", "type": "string" } }, "type": "object" }, - "AWS::Route53::RecordSetGroup": { + "AWS::QuickSight::Dashboard.GeospatialPolygonLayer": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Comment": { - "markdownDescription": "*Optional:* Any comments you want to include about a change batch request.", - "title": "Comment", - "type": "string" - }, - "HostedZoneId": { - "markdownDescription": "The ID of the hosted zone that you want to create records in.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", - "title": "HostedZoneId", - "type": "string" - }, - "HostedZoneName": { - "markdownDescription": "The name of the hosted zone that you want to create records in. You must include a trailing dot (for example, `www.example.com.` ) as part of the `HostedZoneName` .\n\nWhen you create a stack using an `AWS::Route53::RecordSet` that specifies `HostedZoneName` , AWS CloudFormation attempts to find a hosted zone whose name matches the `HostedZoneName` . If AWS CloudFormation can't find a hosted zone with a matching domain name, or if there is more than one hosted zone with the specified domain name, AWS CloudFormation will not create the stack.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", - "title": "HostedZoneName", - "type": "string" - }, - "RecordSets": { - "items": { - "$ref": "#/definitions/AWS::Route53::RecordSetGroup.RecordSet" - }, - "markdownDescription": "A complex type that contains one `RecordSet` element for each record that you want to create.", - "title": "RecordSets", - "type": "array" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Route53::RecordSetGroup" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Style": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialPolygonStyle", + "markdownDescription": "The visualization style for a polygon layer.", + "title": "Style" } }, "required": [ - "Type" + "Style" ], "type": "object" }, - "AWS::Route53::RecordSetGroup.AliasTarget": { + "AWS::QuickSight::Dashboard.GeospatialPolygonStyle": { "additionalProperties": false, "properties": { - "DNSName": { - "markdownDescription": "*Alias records only:* The value that you specify depends on where you want to route queries:\n\n- **Amazon API Gateway custom regional APIs and edge-optimized APIs** - Specify the applicable domain name for your API. You can get the applicable value using the AWS CLI command [get-domain-names](https://docs.aws.amazon.com/cli/latest/reference/apigateway/get-domain-names.html) :\n\n- For regional APIs, specify the value of `regionalDomainName` .\n- For edge-optimized APIs, specify the value of `distributionDomainName` . This is the name of the associated CloudFront distribution, such as `da1b2c3d4e5.cloudfront.net` .\n\n> The name of the record that you're creating must match a custom domain name for your API, such as `api.example.com` .\n- **Amazon Virtual Private Cloud interface VPC endpoint** - Enter the API endpoint for the interface endpoint, such as `vpce-123456789abcdef01-example-us-east-1a.elasticloadbalancing.us-east-1.vpce.amazonaws.com` . For edge-optimized APIs, this is the domain name for the corresponding CloudFront distribution. You can get the value of `DnsName` using the AWS CLI command [describe-vpc-endpoints](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-vpc-endpoints.html) .\n- **CloudFront distribution** - Specify the domain name that CloudFront assigned when you created your distribution.\n\nYour CloudFront distribution must include an alternate domain name that matches the name of the record. For example, if the name of the record is *acme.example.com* , your CloudFront distribution must include *acme.example.com* as one of the alternate domain names. For more information, see [Using Alternate Domain Names (CNAMEs)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/CNAMEs.html) in the *Amazon CloudFront Developer Guide* .\n\nYou can't create a record in a private hosted zone to route traffic to a CloudFront distribution.\n\n> For failover alias records, you can't specify a CloudFront distribution for both the primary and secondary records. A distribution must include an alternate domain name that matches the name of the record. However, the primary and secondary records have the same name, and you can't include the same alternate domain name in more than one distribution.\n- **Elastic Beanstalk environment** - If the domain name for your Elastic Beanstalk environment includes the region that you deployed the environment in, you can create an alias record that routes traffic to the environment. For example, the domain name `my-environment. *us-west-2* .elasticbeanstalk.com` is a regionalized domain name.\n\n> For environments that were created before early 2016, the domain name doesn't include the region. To route traffic to these environments, you must create a CNAME record instead of an alias record. Note that you can't create a CNAME record for the root domain name. For example, if your domain name is example.com, you can create a record that routes traffic for acme.example.com to your Elastic Beanstalk environment, but you can't create a record that routes traffic for example.com to your Elastic Beanstalk environment. \n\nFor Elastic Beanstalk environments that have regionalized subdomains, specify the `CNAME` attribute for the environment. You can use the following methods to get the value of the CNAME attribute:\n\n- *AWS Management Console* : For information about how to get the value by using the console, see [Using Custom Domains with AWS Elastic Beanstalk](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/customdomains.html) in the *AWS Elastic Beanstalk Developer Guide* .\n- *Elastic Beanstalk API* : Use the `DescribeEnvironments` action to get the value of the `CNAME` attribute. For more information, see [DescribeEnvironments](https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DescribeEnvironments.html) in the *AWS Elastic Beanstalk API Reference* .\n- *AWS CLI* : Use the `describe-environments` command to get the value of the `CNAME` attribute. For more information, see [describe-environments](https://docs.aws.amazon.com/cli/latest/reference/elasticbeanstalk/describe-environments.html) in the *AWS CLI* .\n- **ELB load balancer** - Specify the DNS name that is associated with the load balancer. Get the DNS name by using the AWS Management Console , the ELB API, or the AWS CLI .\n\n- *AWS Management Console* : Go to the EC2 page, choose *Load Balancers* in the navigation pane, choose the load balancer, choose the *Description* tab, and get the value of the *DNS name* field.\n\nIf you're routing traffic to a Classic Load Balancer, get the value that begins with *dualstack* . If you're routing traffic to another type of load balancer, get the value that applies to the record type, A or AAAA.\n- *Elastic Load Balancing API* : Use `DescribeLoadBalancers` to get the value of `DNSName` . For more information, see the applicable guide:\n\n- Classic Load Balancers: [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DescribeLoadBalancers.html)\n- Application and Network Load Balancers: [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html)\n- *CloudFormation Fn::GetAtt intrinsic function* : Use the [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-getatt.html) intrinsic function to get the value of `DNSName` :\n\n- [Classic Load Balancers](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html#aws-properties-ec2-elb-return-values) .\n- [Application and Network Load Balancers](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#aws-resource-elasticloadbalancingv2-loadbalancer-return-values) .\n- *AWS CLI* : Use `describe-load-balancers` to get the value of `DNSName` . For more information, see the applicable guide:\n\n- Classic Load Balancers: [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elb/describe-load-balancers.html)\n- Application and Network Load Balancers: [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elbv2/describe-load-balancers.html)\n- **Global Accelerator accelerator** - Specify the DNS name for your accelerator:\n\n- *Global Accelerator API* : To get the DNS name, use [DescribeAccelerator](https://docs.aws.amazon.com/global-accelerator/latest/api/API_DescribeAccelerator.html) .\n- *AWS CLI* : To get the DNS name, use [describe-accelerator](https://docs.aws.amazon.com/cli/latest/reference/globalaccelerator/describe-accelerator.html) .\n- **Amazon S3 bucket that is configured as a static website** - Specify the domain name of the Amazon S3 website endpoint that you created the bucket in, for example, `s3-website.us-east-2.amazonaws.com` . For more information about valid values, see the table [Amazon S3 Website Endpoints](https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_website_region_endpoints) in the *Amazon Web Services General Reference* . For more information about using S3 buckets for websites, see [Getting Started with Amazon Route 53](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/getting-started.html) in the *Amazon Route 53 Developer Guide.*\n- **Another Route 53 record** - Specify the value of the `Name` element for a record in the current hosted zone.\n\n> If you're creating an alias record that has the same name as the hosted zone (known as the zone apex), you can't specify the domain name for a record for which the value of `Type` is `CNAME` . This is because the alias record must have the same type as the record that you're routing traffic to, and creating a CNAME record for the zone apex isn't supported even for an alias record.", - "title": "DNSName", - "type": "string" + "PolygonSymbolStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialPolygonSymbolStyle", + "markdownDescription": "The polygon symbol style for a polygon layer.", + "title": "PolygonSymbolStyle" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialPolygonSymbolStyle": { + "additionalProperties": false, + "properties": { + "FillColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialColor", + "markdownDescription": "The color and opacity values for the fill color.", + "title": "FillColor" }, - "EvaluateTargetHealth": { - "markdownDescription": "*Applies only to alias records with any routing policy:* When `EvaluateTargetHealth` is `true` , an alias record inherits the health of the referenced AWS resource, such as an ELB load balancer or another record in the hosted zone.\n\nNote the following:\n\n- **CloudFront distributions** - You can't set `EvaluateTargetHealth` to `true` when the alias target is a CloudFront distribution.\n- **Elastic Beanstalk environments that have regionalized subdomains** - If you specify an Elastic Beanstalk environment in `DNSName` and the environment contains an ELB load balancer, Elastic Load Balancing routes queries only to the healthy Amazon EC2 instances that are registered with the load balancer. (An environment automatically contains an ELB load balancer if it includes more than one Amazon EC2 instance.) If you set `EvaluateTargetHealth` to `true` and either no Amazon EC2 instances are healthy or the load balancer itself is unhealthy, Route 53 routes queries to other available resources that are healthy, if any.\n\nIf the environment contains a single Amazon EC2 instance, there are no special requirements.\n- **ELB load balancers** - Health checking behavior depends on the type of load balancer:\n\n- *Classic Load Balancers* : If you specify an ELB Classic Load Balancer in `DNSName` , Elastic Load Balancing routes queries only to the healthy Amazon EC2 instances that are registered with the load balancer. If you set `EvaluateTargetHealth` to `true` and either no EC2 instances are healthy or the load balancer itself is unhealthy, Route 53 routes queries to other resources.\n- *Application and Network Load Balancers* : If you specify an ELB Application or Network Load Balancer and you set `EvaluateTargetHealth` to `true` , Route 53 routes queries to the load balancer based on the health of the target groups that are associated with the load balancer:\n\n- For an Application or Network Load Balancer to be considered healthy, every target group that contains targets must contain at least one healthy target. If any target group contains only unhealthy targets, the load balancer is considered unhealthy, and Route 53 routes queries to other resources.\n- A target group that has no registered targets is considered unhealthy.\n\n> When you create a load balancer, you configure settings for Elastic Load Balancing health checks; they're not Route 53 health checks, but they perform a similar function. Do not create Route 53 health checks for the EC2 instances that you register with an ELB load balancer.\n- **S3 buckets** - There are no special requirements for setting `EvaluateTargetHealth` to `true` when the alias target is an S3 bucket.\n- **Other records in the same hosted zone** - If the AWS resource that you specify in `DNSName` is a record or a group of records (for example, a group of weighted records) but is not another alias record, we recommend that you associate a health check with all of the records in the alias target. For more information, see [What Happens When You Omit Health Checks?](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-complex-configs.html#dns-failover-complex-configs-hc-omitting) in the *Amazon Route 53 Developer Guide* .\n\nFor more information and examples, see [Amazon Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html) in the *Amazon Route 53 Developer Guide* .", - "title": "EvaluateTargetHealth", - "type": "boolean" + "StrokeColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialColor", + "markdownDescription": "The color and opacity values for the stroke color.", + "title": "StrokeColor" }, - "HostedZoneId": { - "markdownDescription": "*Alias resource records sets only* : The value used depends on where you want to route traffic:\n\n- **Amazon API Gateway custom regional APIs and edge-optimized APIs** - Specify the hosted zone ID for your API. You can get the applicable value using the AWS CLI command [get-domain-names](https://docs.aws.amazon.com/cli/latest/reference/apigateway/get-domain-names.html) :\n\n- For regional APIs, specify the value of `regionalHostedZoneId` .\n- For edge-optimized APIs, specify the value of `distributionHostedZoneId` .\n- **Amazon Virtual Private Cloud interface VPC endpoint** - Specify the hosted zone ID for your interface endpoint. You can get the value of `HostedZoneId` using the AWS CLI command [describe-vpc-endpoints](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-vpc-endpoints.html) .\n- **CloudFront distribution** - Specify `Z2FDTNDATAQYW2` . This is always the hosted zone ID when you create an alias record that routes traffic to a CloudFront distribution.\n\n> Alias records for CloudFront can't be created in a private zone.\n- **Elastic Beanstalk environment** - Specify the hosted zone ID for the region that you created the environment in. The environment must have a regionalized subdomain. For a list of regions and the corresponding hosted zone IDs, see [AWS Elastic Beanstalk endpoints and quotas](https://docs.aws.amazon.com/general/latest/gr/elasticbeanstalk.html) in the *Amazon Web Services General Reference* .\n- **ELB load balancer** - Specify the value of the hosted zone ID for the load balancer. Use the following methods to get the hosted zone ID:\n\n- [Service Endpoints](https://docs.aws.amazon.com/general/latest/gr/elb.html) table in the \"Elastic Load Balancing endpoints and quotas\" topic in the *Amazon Web Services General Reference* : Use the value that corresponds with the region that you created your load balancer in. Note that there are separate columns for Application and Classic Load Balancers and for Network Load Balancers.\n- *AWS Management Console* : Go to the Amazon EC2 page, choose *Load Balancers* in the navigation pane, select the load balancer, and get the value of the *Hosted zone* field on the *Description* tab.\n- *Elastic Load Balancing API* : Use `DescribeLoadBalancers` to get the applicable value. For more information, see the applicable guide:\n\n- Classic Load Balancers: Use [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DescribeLoadBalancers.html) to get the value of `CanonicalHostedZoneNameID` .\n- Application and Network Load Balancers: Use [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html) to get the value of `CanonicalHostedZoneID` .\n- *CloudFormation Fn::GetAtt intrinsic function* : Use the [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-getatt.html) intrinsic function to get the applicable value:\n\n- Classic Load Balancers: Get [CanonicalHostedZoneNameID](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html#aws-properties-ec2-elb-return-values) .\n- Application and Network Load Balancers: Get [CanonicalHostedZoneID](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#aws-resource-elasticloadbalancingv2-loadbalancer-return-values) .\n- *AWS CLI* : Use `describe-load-balancers` to get the applicable value. For more information, see the applicable guide:\n\n- Classic Load Balancers: Use [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elb/describe-load-balancers.html) to get the value of `CanonicalHostedZoneNameID` .\n- Application and Network Load Balancers: Use [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elbv2/describe-load-balancers.html) to get the value of `CanonicalHostedZoneID` .\n- **Global Accelerator accelerator** - Specify `Z2BJ6XQ5FK7U4H` .\n- **An Amazon S3 bucket configured as a static website** - Specify the hosted zone ID for the region that you created the bucket in. For more information about valid values, see the table [Amazon S3 Website Endpoints](https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_website_region_endpoints) in the *Amazon Web Services General Reference* .\n- **Another Route 53 record in your hosted zone** - Specify the hosted zone ID of your hosted zone. (An alias record can't reference a record in a different hosted zone.)", - "title": "HostedZoneId", - "type": "string" + "StrokeWidth": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialLineWidth", + "markdownDescription": "The width of the border stroke.", + "title": "StrokeWidth" } }, - "required": [ - "DNSName", - "HostedZoneId" - ], "type": "object" }, - "AWS::Route53::RecordSetGroup.CidrRoutingConfig": { + "AWS::QuickSight::Dashboard.GeospatialSolidColor": { "additionalProperties": false, "properties": { - "CollectionId": { - "markdownDescription": "The CIDR collection ID.", - "title": "CollectionId", + "Color": { + "markdownDescription": "The color and opacity values for the color.", + "title": "Color", "type": "string" }, - "LocationName": { - "markdownDescription": "The CIDR collection location name.", - "title": "LocationName", + "State": { + "markdownDescription": "Enables and disables the view state of the color.", + "title": "State", "type": "string" } }, "required": [ - "CollectionId", - "LocationName" + "Color" ], "type": "object" }, - "AWS::Route53::RecordSetGroup.Coordinates": { + "AWS::QuickSight::Dashboard.GeospatialStaticFileSource": { "additionalProperties": false, "properties": { - "Latitude": { - "markdownDescription": "Specifies a coordinate of the north\u2013south position of a geographic point on the surface of the Earth (-90 - 90).", - "title": "Latitude", - "type": "string" - }, - "Longitude": { - "markdownDescription": "Specifies a coordinate of the east\u2013west position of a geographic point on the surface of the Earth (-180 - 180).", - "title": "Longitude", + "StaticFileId": { + "markdownDescription": "The ID of the static file.", + "title": "StaticFileId", "type": "string" } }, "required": [ - "Latitude", - "Longitude" + "StaticFileId" ], "type": "object" }, - "AWS::Route53::RecordSetGroup.GeoLocation": { + "AWS::QuickSight::Dashboard.GeospatialWindowOptions": { "additionalProperties": false, "properties": { - "ContinentCode": { - "markdownDescription": "For geolocation resource record sets, a two-letter abbreviation that identifies a continent. Route 53 supports the following continent codes:\n\n- *AF* : Africa\n- *AN* : Antarctica\n- *AS* : Asia\n- *EU* : Europe\n- *OC* : Oceania\n- *NA* : North America\n- *SA* : South America\n\nConstraint: Specifying `ContinentCode` with either `CountryCode` or `SubdivisionCode` returns an `InvalidInput` error.", - "title": "ContinentCode", - "type": "string" - }, - "CountryCode": { - "markdownDescription": "For geolocation resource record sets, the two-letter code for a country.\n\nRoute 53 uses the two-letter country codes that are specified in [ISO standard 3166-1 alpha-2](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2) .", - "title": "CountryCode", - "type": "string" + "Bounds": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialCoordinateBounds", + "markdownDescription": "The bounds options (north, south, west, east) of the geospatial window options.", + "title": "Bounds" }, - "SubdivisionCode": { - "markdownDescription": "For geolocation resource record sets, the two-letter code for a state of the United States. Route 53 doesn't support any other values for `SubdivisionCode` . For a list of state abbreviations, see [Appendix B: Two\u2013Letter State and Possession Abbreviations](https://docs.aws.amazon.com/https://pe.usps.com/text/pub28/28apb.htm) on the United States Postal Service website.\n\nIf you specify `subdivisioncode` , you must also specify `US` for `CountryCode` .", - "title": "SubdivisionCode", + "MapZoomMode": { + "markdownDescription": "The map zoom modes (manual, auto) of the geospatial window options.", + "title": "MapZoomMode", "type": "string" } }, "type": "object" }, - "AWS::Route53::RecordSetGroup.GeoProximityLocation": { + "AWS::QuickSight::Dashboard.GlobalTableBorderOptions": { "additionalProperties": false, "properties": { - "AWSRegion": { - "markdownDescription": "The AWS Region the resource you are directing DNS traffic to, is in.", - "title": "AWSRegion", - "type": "string" - }, - "Bias": { - "markdownDescription": "The bias increases or decreases the size of the geographic region from which Route\u00a053 routes traffic to a resource.\n\nTo use `Bias` to change the size of the geographic region, specify the applicable value for the bias:\n\n- To expand the size of the geographic region from which Route\u00a053 routes traffic to a resource, specify a positive integer from 1 to 99 for the bias. Route\u00a053 shrinks the size of adjacent regions.\n- To shrink the size of the geographic region from which Route\u00a053 routes traffic to a resource, specify a negative bias of -1 to -99. Route\u00a053 expands the size of adjacent regions.", - "title": "Bias", - "type": "number" - }, - "Coordinates": { - "$ref": "#/definitions/AWS::Route53::RecordSetGroup.Coordinates", - "markdownDescription": "Contains the longitude and latitude for a geographic region.", - "title": "Coordinates" + "SideSpecificBorder": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableSideBorderOptions", + "markdownDescription": "Determines the options for side specific border.", + "title": "SideSpecificBorder" }, - "LocalZoneGroup": { - "markdownDescription": "Specifies an AWS Local Zone Group.\n\nA local Zone Group is usually the Local Zone code without the ending character. For example, if the Local Zone is `us-east-1-bue-1a` the Local Zone Group is `us-east-1-bue-1` .\n\nYou can identify the Local Zones Group for a specific Local Zone by using the [describe-availability-zones](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-availability-zones.html) CLI command:\n\nThis command returns: `\"GroupName\": \"us-west-2-den-1\"` , specifying that the Local Zone `us-west-2-den-1a` belongs to the Local Zone Group `us-west-2-den-1` .", - "title": "LocalZoneGroup", - "type": "string" + "UniformBorder": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", + "markdownDescription": "Determines the options for uniform border.", + "title": "UniformBorder" } }, "type": "object" }, - "AWS::Route53::RecordSetGroup.RecordSet": { + "AWS::QuickSight::Dashboard.GradientColor": { "additionalProperties": false, "properties": { - "AliasTarget": { - "$ref": "#/definitions/AWS::Route53::RecordSetGroup.AliasTarget", - "markdownDescription": "*Alias resource record sets only:* Information about the AWS resource, such as a CloudFront distribution or an Amazon S3 bucket, that you want to route traffic to.\n\nIf you're creating resource records sets for a private hosted zone, note the following:\n\n- You can't create an alias resource record set in a private hosted zone to route traffic to a CloudFront distribution.\n- For information about creating failover resource record sets in a private hosted zone, see [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html) in the *Amazon Route 53 Developer Guide* .", - "title": "AliasTarget" - }, - "CidrRoutingConfig": { - "$ref": "#/definitions/AWS::Route53::RecordSetGroup.CidrRoutingConfig", - "markdownDescription": "", - "title": "CidrRoutingConfig" - }, - "Failover": { - "markdownDescription": "*Failover resource record sets only:* To configure failover, you add the `Failover` element to two resource record sets. For one resource record set, you specify `PRIMARY` as the value for `Failover` ; for the other resource record set, you specify `SECONDARY` . In addition, you include the `HealthCheckId` element and specify the health check that you want Amazon Route 53 to perform for each resource record set.\n\nExcept where noted, the following failover behaviors assume that you have included the `HealthCheckId` element in both resource record sets:\n\n- When the primary resource record set is healthy, Route 53 responds to DNS queries with the applicable value from the primary resource record set regardless of the health of the secondary resource record set.\n- When the primary resource record set is unhealthy and the secondary resource record set is healthy, Route 53 responds to DNS queries with the applicable value from the secondary resource record set.\n- When the secondary resource record set is unhealthy, Route 53 responds to DNS queries with the applicable value from the primary resource record set regardless of the health of the primary resource record set.\n- If you omit the `HealthCheckId` element for the secondary resource record set, and if the primary resource record set is unhealthy, Route 53 always responds to DNS queries with the applicable value from the secondary resource record set. This is true regardless of the health of the associated endpoint.\n\nYou can't create non-failover resource record sets that have the same values for the `Name` and `Type` elements as failover resource record sets.\n\nFor failover alias resource record sets, you must also include the `EvaluateTargetHealth` element and set the value to true.\n\nFor more information about configuring failover for Route 53, see the following topics in the *Amazon Route 53 Developer Guide* :\n\n- [Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html)\n- [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html)", - "title": "Failover", - "type": "string" - }, - "GeoLocation": { - "$ref": "#/definitions/AWS::Route53::RecordSetGroup.GeoLocation", - "markdownDescription": "*Geolocation resource record sets only:* A complex type that lets you control how Amazon Route 53 responds to DNS queries based on the geographic origin of the query. For example, if you want all queries from Africa to be routed to a web server with an IP address of `192.0.2.111` , create a resource record set with a `Type` of `A` and a `ContinentCode` of `AF` .\n\nIf you create separate resource record sets for overlapping geographic regions (for example, one resource record set for a continent and one for a country on the same continent), priority goes to the smallest geographic region. This allows you to route most queries for a continent to one resource and to route queries for a country on that continent to a different resource.\n\nYou can't create two geolocation resource record sets that specify the same geographic location.\n\nThe value `*` in the `CountryCode` element matches all geographic locations that aren't specified in other geolocation resource record sets that have the same values for the `Name` and `Type` elements.\n\n> Geolocation works by mapping IP addresses to locations. However, some IP addresses aren't mapped to geographic locations, so even if you create geolocation resource record sets that cover all seven continents, Route 53 will receive some DNS queries from locations that it can't identify. We recommend that you create a resource record set for which the value of `CountryCode` is `*` . Two groups of queries are routed to the resource that you specify in this record: queries that come from locations for which you haven't created geolocation resource record sets and queries from IP addresses that aren't mapped to a location. If you don't create a `*` resource record set, Route 53 returns a \"no answer\" response for queries from those locations. \n\nYou can't create non-geolocation resource record sets that have the same values for the `Name` and `Type` elements as geolocation resource record sets.", - "title": "GeoLocation" - }, - "GeoProximityLocation": { - "$ref": "#/definitions/AWS::Route53::RecordSetGroup.GeoProximityLocation", - "markdownDescription": "A complex type that contains information about a geographic location.", - "title": "GeoProximityLocation" - }, - "HealthCheckId": { - "markdownDescription": "If you want Amazon Route 53 to return this resource record set in response to a DNS query only when the status of a health check is healthy, include the `HealthCheckId` element and specify the ID of the applicable health check.\n\nRoute 53 determines whether a resource record set is healthy based on one of the following:\n\n- By periodically sending a request to the endpoint that is specified in the health check\n- By aggregating the status of a specified group of health checks (calculated health checks)\n- By determining the current state of a CloudWatch alarm (CloudWatch metric health checks)\n\n> Route 53 doesn't check the health of the endpoint that is specified in the resource record set, for example, the endpoint specified by the IP address in the `Value` element. When you add a `HealthCheckId` element to a resource record set, Route 53 checks the health of the endpoint that you specified in the health check. \n\nFor more information, see the following topics in the *Amazon Route 53 Developer Guide* :\n\n- [How Amazon Route 53 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html)\n- [Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html)\n- [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html)\n\n*When to Specify HealthCheckId*\n\nSpecifying a value for `HealthCheckId` is useful only when Route 53 is choosing between two or more resource record sets to respond to a DNS query, and you want Route 53 to base the choice in part on the status of a health check. Configuring health checks makes sense only in the following configurations:\n\n- *Non-alias resource record sets* : You're checking the health of a group of non-alias resource record sets that have the same routing policy, name, and type (such as multiple weighted records named www.example.com with a type of A) and you specify health check IDs for all the resource record sets.\n\nIf the health check status for a resource record set is healthy, Route 53 includes the record among the records that it responds to DNS queries with.\n\nIf the health check status for a resource record set is unhealthy, Route 53 stops responding to DNS queries using the value for that resource record set.\n\nIf the health check status for all resource record sets in the group is unhealthy, Route 53 considers all resource record sets in the group healthy and responds to DNS queries accordingly.\n- *Alias resource record sets* : You specify the following settings:\n\n- You set `EvaluateTargetHealth` to true for an alias resource record set in a group of resource record sets that have the same routing policy, name, and type (such as multiple weighted records named www.example.com with a type of A).\n- You configure the alias resource record set to route traffic to a non-alias resource record set in the same hosted zone.\n- You specify a health check ID for the non-alias resource record set.\n\nIf the health check status is healthy, Route 53 considers the alias resource record set to be healthy and includes the alias record among the records that it responds to DNS queries with.\n\nIf the health check status is unhealthy, Route 53 stops responding to DNS queries using the alias resource record set.\n\n> The alias resource record set can also route traffic to a *group* of non-alias resource record sets that have the same routing policy, name, and type. In that configuration, associate health checks with all of the resource record sets in the group of non-alias resource record sets.\n\n*Geolocation Routing*\n\nFor geolocation resource record sets, if an endpoint is unhealthy, Route 53 looks for a resource record set for the larger, associated geographic region. For example, suppose you have resource record sets for a state in the United States, for the entire United States, for North America, and a resource record set that has `*` for `CountryCode` is `*` , which applies to all locations. If the endpoint for the state resource record set is unhealthy, Route 53 checks for healthy resource record sets in the following order until it finds a resource record set for which the endpoint is healthy:\n\n- The United States\n- North America\n- The default resource record set\n\n*Specifying the Health Check Endpoint by Domain Name*\n\nIf your health checks specify the endpoint only by domain name, we recommend that you create a separate health check for each endpoint. For example, create a health check for each `HTTP` server that is serving content for `www.example.com` . For the value of `FullyQualifiedDomainName` , specify the domain name of the server (such as `us-east-2-www.example.com` ), not the name of the resource record sets ( `www.example.com` ).\n\n> Health check results will be unpredictable if you do the following:\n> \n> - Create a health check that has the same value for `FullyQualifiedDomainName` as the name of a resource record set.\n> - Associate that health check with the resource record set.", - "title": "HealthCheckId", - "type": "string" - }, - "HostedZoneId": { - "markdownDescription": "The ID of the hosted zone that you want to create records in.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .\n\nDo not provide the `HostedZoneId` if it is already defined in `AWS::Route53::RecordSetGroup` . The creation fails if `HostedZoneId` is defined in both.", - "title": "HostedZoneId", - "type": "string" - }, - "HostedZoneName": { - "markdownDescription": "The name of the hosted zone that you want to create records in. You must include a trailing dot (for example, `www.example.com.` ) as part of the `HostedZoneName` .\n\nWhen you create a stack using an `AWS::Route53::RecordSet` that specifies `HostedZoneName` , AWS CloudFormation attempts to find a hosted zone whose name matches the `HostedZoneName` . If AWS CloudFormation can't find a hosted zone with a matching domain name, or if there is more than one hosted zone with the specified domain name, AWS CloudFormation will not create the stack.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", - "title": "HostedZoneName", - "type": "string" - }, - "MultiValueAnswer": { - "markdownDescription": "*Multivalue answer resource record sets only* : To route traffic approximately randomly to multiple resources, such as web servers, create one multivalue answer record for each resource and specify `true` for `MultiValueAnswer` . Note the following:\n\n- If you associate a health check with a multivalue answer resource record set, Amazon Route 53 responds to DNS queries with the corresponding IP address only when the health check is healthy.\n- If you don't associate a health check with a multivalue answer record, Route 53 always considers the record to be healthy.\n- Route 53 responds to DNS queries with up to eight healthy records; if you have eight or fewer healthy records, Route 53 responds to all DNS queries with all the healthy records.\n- If you have more than eight healthy records, Route 53 responds to different DNS resolvers with different combinations of healthy records.\n- When all records are unhealthy, Route 53 responds to DNS queries with up to eight unhealthy records.\n- If a resource becomes unavailable after a resolver caches a response, client software typically tries another of the IP addresses in the response.\n\nYou can't create multivalue answer alias records.", - "title": "MultiValueAnswer", - "type": "boolean" - }, - "Name": { - "markdownDescription": "For `ChangeResourceRecordSets` requests, the name of the record that you want to create, update, or delete. For `ListResourceRecordSets` responses, the name of a record in the specified hosted zone.\n\n*ChangeResourceRecordSets Only*\n\nEnter a fully qualified domain name, for example, `www.example.com` . You can optionally include a trailing dot. If you omit the trailing dot, Amazon Route 53 assumes that the domain name that you specify is fully qualified. This means that Route 53 treats `www.example.com` (without a trailing dot) and `www.example.com.` (with a trailing dot) as identical.\n\nFor information about how to specify characters other than `a-z` , `0-9` , and `-` (hyphen) and how to specify internationalized domain names, see [DNS Domain Name Format](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/DomainNameFormat.html) in the *Amazon Route 53 Developer Guide* .\n\nYou can use the asterisk (*) wildcard to replace the leftmost label in a domain name, for example, `*.example.com` . Note the following:\n\n- The * must replace the entire label. For example, you can't specify `*prod.example.com` or `prod*.example.com` .\n- The * can't replace any of the middle labels, for example, marketing.*.example.com.\n- If you include * in any position other than the leftmost label in a domain name, DNS treats it as an * character (ASCII 42), not as a wildcard.\n\n> You can't use the * wildcard for resource records sets that have a type of NS.", - "title": "Name", - "type": "string" - }, - "Region": { - "markdownDescription": "*Latency-based resource record sets only:* The Amazon EC2 Region where you created the resource that this resource record set refers to. The resource typically is an AWS resource, such as an EC2 instance or an ELB load balancer, and is referred to by an IP address or a DNS domain name, depending on the record type.\n\nWhen Amazon Route 53 receives a DNS query for a domain name and type for which you have created latency resource record sets, Route 53 selects the latency resource record set that has the lowest latency between the end user and the associated Amazon EC2 Region. Route 53 then returns the value that is associated with the selected resource record set.\n\nNote the following:\n\n- You can only specify one `ResourceRecord` per latency resource record set.\n- You can only create one latency resource record set for each Amazon EC2 Region.\n- You aren't required to create latency resource record sets for all Amazon EC2 Regions. Route 53 will choose the region with the best latency from among the regions that you create latency resource record sets for.\n- You can't create non-latency resource record sets that have the same values for the `Name` and `Type` elements as latency resource record sets.", - "title": "Region", - "type": "string" - }, - "ResourceRecords": { + "Stops": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GradientStop" }, - "markdownDescription": "Information about the records that you want to create. Each record should be in the format appropriate for the record type specified by the `Type` property. For information about different record types and their record formats, see [Values That You Specify When You Create or Edit Amazon Route 53 Records](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/resource-record-sets-values.html) in the *Amazon Route 53 Developer Guide* .", - "title": "ResourceRecords", + "markdownDescription": "The list of gradient color stops.", + "title": "Stops", "type": "array" - }, - "SetIdentifier": { - "markdownDescription": "*Resource record sets that have a routing policy other than simple:* An identifier that differentiates among multiple resource record sets that have the same combination of name and type, such as multiple weighted resource record sets named acme.example.com that have a type of A. In a group of resource record sets that have the same name and type, the value of `SetIdentifier` must be unique for each resource record set.\n\nFor information about routing policies, see [Choosing a Routing Policy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html) in the *Amazon Route 53 Developer Guide* .", - "title": "SetIdentifier", - "type": "string" - }, - "TTL": { - "markdownDescription": "The resource record cache time to live (TTL), in seconds. Note the following:\n\n- If you're creating or updating an alias resource record set, omit `TTL` . Amazon Route 53 uses the value of `TTL` for the alias target.\n- If you're associating this resource record set with a health check (if you're adding a `HealthCheckId` element), we recommend that you specify a `TTL` of 60 seconds or less so clients respond quickly to changes in health status.\n- All of the resource record sets in a group of weighted resource record sets must have the same value for `TTL` .\n- If a group of weighted resource record sets includes one or more weighted alias resource record sets for which the alias target is an ELB load balancer, we recommend that you specify a `TTL` of 60 seconds for all of the non-alias weighted resource record sets that have the same name and type. Values other than 60 seconds (the TTL for load balancers) will change the effect of the values that you specify for `Weight` .", - "title": "TTL", + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GradientStop": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "Determines the color.", + "title": "Color", "type": "string" }, - "Type": { - "markdownDescription": "The DNS record type. For information about different record types and how data is encoded for them, see [Supported DNS Resource Record Types](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ResourceRecordTypes.html) in the *Amazon Route 53 Developer Guide* .\n\nValid values for basic resource record sets: `A` | `AAAA` | `CAA` | `CNAME` | `DS` | `MX` | `NAPTR` | `NS` | `PTR` | `SOA` | `SPF` | `SRV` | `TXT` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS`\n\nValues for weighted, latency, geolocation, and failover resource record sets: `A` | `AAAA` | `CAA` | `CNAME` | `MX` | `NAPTR` | `PTR` | `SPF` | `SRV` | `TXT` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS` . When creating a group of weighted, latency, geolocation, or failover resource record sets, specify the same value for all of the resource record sets in the group.\n\nValid values for multivalue answer resource record sets: `A` | `AAAA` | `MX` | `NAPTR` | `PTR` | `SPF` | `SRV` | `TXT` | `CAA` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS`\n\n> SPF records were formerly used to verify the identity of the sender of email messages. However, we no longer recommend that you create resource record sets for which the value of `Type` is `SPF` . RFC 7208, *Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1* , has been updated to say, \"...[I]ts existence and mechanism defined in [RFC4408] have led to some interoperability issues. Accordingly, its use is no longer appropriate for SPF version 1; implementations are not to use it.\" In RFC 7208, see section 14.1, [The SPF DNS Record Type](https://docs.aws.amazon.com/http://tools.ietf.org/html/rfc7208#section-14.1) . \n\nValues for alias resource record sets:\n\n- *Amazon API Gateway custom regional APIs and edge-optimized APIs:* `A`\n- *CloudFront distributions:* `A`\n\nIf IPv6 is enabled for the distribution, create two resource record sets to route traffic to your distribution, one with a value of `A` and one with a value of `AAAA` .\n- *Amazon API Gateway environment that has a regionalized subdomain* : `A`\n- *ELB load balancers:* `A` | `AAAA`\n- *Amazon S3 buckets:* `A`\n- *Amazon Virtual Private Cloud interface VPC endpoints* `A`\n- *Another resource record set in this hosted zone:* Specify the type of the resource record set that you're creating the alias for. All values are supported except `NS` and `SOA` .\n\n> If you're creating an alias record that has the same name as the hosted zone (known as the zone apex), you can't route traffic to a record for which the value of `Type` is `CNAME` . This is because the alias record must have the same type as the record you're routing traffic to, and creating a CNAME record for the zone apex isn't supported even for an alias record.", - "title": "Type", - "type": "string" + "DataValue": { + "markdownDescription": "Determines the data value.", + "title": "DataValue", + "type": "number" }, - "Weight": { - "markdownDescription": "*Weighted resource record sets only:* Among resource record sets that have the same combination of DNS name and type, a value that determines the proportion of DNS queries that Amazon Route 53 responds to using the current resource record set. Route 53 calculates the sum of the weights for the resource record sets that have the same combination of DNS name and type. Route 53 then responds to queries based on the ratio of a resource's weight to the total. Note the following:\n\n- You must specify a value for the `Weight` element for every weighted resource record set.\n- You can only specify one `ResourceRecord` per weighted resource record set.\n- You can't create latency, failover, or geolocation resource record sets that have the same values for the `Name` and `Type` elements as weighted resource record sets.\n- You can create a maximum of 100 weighted resource record sets that have the same values for the `Name` and `Type` elements.\n- For weighted (but not weighted alias) resource record sets, if you set `Weight` to `0` for a resource record set, Route 53 never responds to queries with the applicable value for that resource record set. However, if you set `Weight` to `0` for all resource record sets that have the same combination of DNS name and type, traffic is routed to all resources with equal probability.\n\nThe effect of setting `Weight` to `0` is different when you associate health checks with weighted resource record sets. For more information, see [Options for Configuring Route 53 Active-Active and Active-Passive Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-configuring-options.html) in the *Amazon Route 53 Developer Guide* .", - "title": "Weight", + "GradientOffset": { + "markdownDescription": "Determines gradient offset value.", + "title": "GradientOffset", "type": "number" } }, "required": [ - "Name", - "Type" + "GradientOffset" ], "type": "object" }, - "AWS::Route53Profiles::Profile": { + "AWS::QuickSight::Dashboard.GridLayoutCanvasSizeOptions": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "ScreenCanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GridLayoutScreenCanvasSizeOptions", + "markdownDescription": "The options that determine the sizing of the canvas used in a grid layout.", + "title": "ScreenCanvasSizeOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GridLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GridLayoutCanvasSizeOptions", + "markdownDescription": "", + "title": "CanvasSizeOptions" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "Name of the Profile.", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of the tag keys and values that you want to associate with the profile.", - "title": "Tags", - "type": "array" - } + "Elements": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GridLayoutElement" }, - "required": [ - "Name" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Route53Profiles::Profile" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "markdownDescription": "The elements that are included in a grid layout.", + "title": "Elements", + "type": "array" } }, "required": [ - "Type", - "Properties" + "Elements" ], "type": "object" }, - "AWS::Route53Profiles::ProfileAssociation": { + "AWS::QuickSight::Dashboard.GridLayoutElement": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "ColumnIndex": { + "markdownDescription": "The column index for the upper left corner of an element.", + "title": "ColumnIndex", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the profile association to a VPC.", - "title": "Arn", - "type": "string" - }, - "Name": { - "markdownDescription": "Name of the Profile association.", - "title": "Name", - "type": "string" - }, - "ProfileId": { - "markdownDescription": "ID of the Profile.\n\nUpdate to this property requires update to the `ResourceId` property as well, because you can only associate one Profile per VPC. For more information, see [Route 53 Profiles](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/profiles.html) .", - "title": "ProfileId", - "type": "string" - }, - "ResourceId": { - "markdownDescription": "The ID of the VPC.", - "title": "ResourceId", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Name", - "ProfileId", - "ResourceId" - ], - "type": "object" + "ColumnSpan": { + "markdownDescription": "The width of a grid element expressed as a number of grid columns.", + "title": "ColumnSpan", + "type": "number" }, - "Type": { - "enum": [ - "AWS::Route53Profiles::ProfileAssociation" - ], + "ElementId": { + "markdownDescription": "A unique identifier for an element within a grid layout.", + "title": "ElementId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ElementType": { + "markdownDescription": "The type of element.", + "title": "ElementType", "type": "string" + }, + "RowIndex": { + "markdownDescription": "The row index for the upper left corner of an element.", + "title": "RowIndex", + "type": "number" + }, + "RowSpan": { + "markdownDescription": "The height of a grid element expressed as a number of grid rows.", + "title": "RowSpan", + "type": "number" } }, "required": [ - "Type", - "Properties" + "ColumnSpan", + "ElementId", + "ElementType", + "RowSpan" ], "type": "object" }, - "AWS::Route53Profiles::ProfileResourceAssociation": { + "AWS::QuickSight::Dashboard.GridLayoutScreenCanvasSizeOptions": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "Name of the Profile resource association.", - "title": "Name", - "type": "string" - }, - "ProfileId": { - "markdownDescription": "Profile ID of the Profile that the resources are associated with.", - "title": "ProfileId", - "type": "string" - }, - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource association.", - "title": "ResourceArn", - "type": "string" - }, - "ResourceProperties": { - "markdownDescription": "If the DNS resource is a DNS Firewall rule group, this indicates the priority.", - "title": "ResourceProperties", - "type": "string" - } - }, - "required": [ - "Name", - "ProfileId", - "ResourceArn" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Route53Profiles::ProfileResourceAssociation" - ], + "OptimizedViewPortWidth": { + "markdownDescription": "The width that the view port will be optimized for when the layout renders.", + "title": "OptimizedViewPortWidth", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ResizeOption": { + "markdownDescription": "This value determines the layout behavior when the viewport is resized.\n\n- `FIXED` : A fixed width will be used when optimizing the layout. In the Amazon QuickSight console, this option is called `Classic` .\n- `RESPONSIVE` : The width of the canvas will be responsive and optimized to the view port. In the Amazon QuickSight console, this option is called `Tiled` .", + "title": "ResizeOption", "type": "string" } }, "required": [ - "Type", - "Properties" + "ResizeOption" ], "type": "object" }, - "AWS::Route53RecoveryControl::Cluster": { + "AWS::QuickSight::Dashboard.GrowthRateComputation": { "additionalProperties": false, "properties": { - "Condition": { + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "PeriodSize": { + "markdownDescription": "The period size setup of a growth rate computation.", + "title": "PeriodSize", + "type": "number" }, - "Metadata": { - "type": "object" + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "Name of the cluster. You can use any non-white space character in the name except the following: & > < ' (single quote) \" (double quote) ; (semicolon).", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags associated with the cluster.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Name" - ], - "type": "object" + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" + } + }, + "required": [ + "ComputationId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.HeaderFooterSectionConfiguration": { + "additionalProperties": false, + "properties": { + "Layout": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionLayoutConfiguration", + "markdownDescription": "The layout configuration of the header or footer section.", + "title": "Layout" }, - "Type": { - "enum": [ - "AWS::Route53RecoveryControl::Cluster" - ], + "SectionId": { + "markdownDescription": "The unique identifier of the header or footer section.", + "title": "SectionId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Style": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionStyle", + "markdownDescription": "The style options of a header or footer section.", + "title": "Style" } }, "required": [ - "Type", - "Properties" + "Layout", + "SectionId" ], "type": "object" }, - "AWS::Route53RecoveryControl::Cluster.ClusterEndpoint": { + "AWS::QuickSight::Dashboard.HeatMapAggregatedFieldWells": { "additionalProperties": false, "properties": { - "Endpoint": { - "markdownDescription": "A cluster endpoint URL for one of the five redundant clusters that you specify to set or retrieve a routing control state.", - "title": "Endpoint", - "type": "string" + "Columns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The columns field well of a heat map.", + "title": "Columns", + "type": "array" }, - "Region": { - "markdownDescription": "The AWS Region for a cluster endpoint.", - "title": "Region", - "type": "string" + "Rows": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The rows field well of a heat map.", + "title": "Rows", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The values field well of a heat map.", + "title": "Values", + "type": "array" } }, "type": "object" }, - "AWS::Route53RecoveryControl::ControlPanel": { + "AWS::QuickSight::Dashboard.HeatMapConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "ColorScale": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColorScale", + "markdownDescription": "The color options (gradient color, point of divergence) in a heat map.", + "title": "ColorScale" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "ColumnLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options of the column that is displayed in a heat map.", + "title": "ColumnLabelOptions" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.", + "title": "DataLabels" }, - "Metadata": { - "type": "object" + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeatMapFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ClusterArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the cluster for the control panel.", - "title": "ClusterArn", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the control panel. You can use any non-white space character in the name.", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags associated with the control panel.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Name" - ], - "type": "object" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" }, - "Type": { - "enum": [ - "AWS::Route53RecoveryControl::ControlPanel" - ], - "type": "string" + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "RowLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options of the row that is displayed in a `heat map` .", + "title": "RowLabelOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeatMapSortConfiguration", + "markdownDescription": "The sort configuration of a heat map.", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Route53RecoveryControl::RoutingControl": { + "AWS::QuickSight::Dashboard.HeatMapFieldWells": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "HeatMapAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeatMapAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a heat map.", + "title": "HeatMapAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.HeatMapSortConfiguration": { + "additionalProperties": false, + "properties": { + "HeatMapColumnItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of columns that are displayed in a heat map.", + "title": "HeatMapColumnItemsLimitConfiguration" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ClusterArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the cluster that hosts the routing control.", - "title": "ClusterArn", - "type": "string" - }, - "ControlPanelArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the control panel that includes the routing control.", - "title": "ControlPanelArn", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the routing control. You can use any non-white space character in the name.", - "title": "Name", - "type": "string" - } + "HeatMapColumnSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" }, - "required": [ - "Name" - ], - "type": "object" + "markdownDescription": "The column sort configuration for heat map for columns that aren't a part of a field well.", + "title": "HeatMapColumnSort", + "type": "array" }, - "Type": { - "enum": [ - "AWS::Route53RecoveryControl::RoutingControl" - ], - "type": "string" + "HeatMapRowItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of rows that are displayed in a heat map.", + "title": "HeatMapRowItemsLimitConfiguration" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "HeatMapRowSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The field sort configuration of the rows fields.", + "title": "HeatMapRowSort", + "type": "array" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Route53RecoveryControl::SafetyRule": { + "AWS::QuickSight::Dashboard.HeatMapVisual": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeatMapConfiguration", + "markdownDescription": "The configuration of a heat map.", + "title": "ChartConfiguration" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" }, - "Metadata": { - "type": "object" + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AssertionRule": { - "$ref": "#/definitions/AWS::Route53RecoveryControl::SafetyRule.AssertionRule", - "markdownDescription": "An assertion rule enforces that, when you change a routing control state, that the criteria that you set in the rule configuration is met. Otherwise, the change to the routing control is not accepted. For example, the criteria might be that at least one routing control state is `On` after the transaction so that traffic continues to flow to at least one cell for the application. This ensures that you avoid a fail-open scenario.", - "title": "AssertionRule" - }, - "ControlPanelArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the control panel.", - "title": "ControlPanelArn", - "type": "string" - }, - "GatingRule": { - "$ref": "#/definitions/AWS::Route53RecoveryControl::SafetyRule.GatingRule", - "markdownDescription": "A gating rule verifies that a gating routing control or set of gating routing controls, evaluates as true, based on a rule configuration that you specify, which allows a set of routing control state changes to complete.\n\nFor example, if you specify one gating routing control and you set the `Type` in the rule configuration to `OR` , that indicates that you must set the gating routing control to `On` for the rule to evaluate as true; that is, for the gating control switch to be On. When you do that, then you can update the routing control states for the target routing controls that you specify in the gating rule.", - "title": "GatingRule" - }, - "Name": { - "markdownDescription": "The name of the assertion rule. The name must be unique within a control panel. You can use any non-white space character in the name except the following: & > < ' (single quote) \" (double quote) ; (semicolon)", - "title": "Name", - "type": "string" - }, - "RuleConfig": { - "$ref": "#/definitions/AWS::Route53RecoveryControl::SafetyRule.RuleConfig", - "markdownDescription": "The criteria that you set for specific assertion controls (routing controls) that designate how many control states must be `ON` as the result of a transaction. For example, if you have three assertion controls, you might specify `ATLEAST 2` for your rule configuration. This means that at least two assertion controls must be `ON` , so that at least two AWS Regions have traffic flowing to them.", - "title": "RuleConfig" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags associated with the safety rule.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "ControlPanelArn", - "Name", - "RuleConfig" - ], - "type": "object" + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" }, - "Type": { - "enum": [ - "AWS::Route53RecoveryControl::SafetyRule" - ], + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", "type": "string" } }, "required": [ - "Type", - "Properties" + "VisualId" ], "type": "object" }, - "AWS::Route53RecoveryControl::SafetyRule.AssertionRule": { + "AWS::QuickSight::Dashboard.HistogramAggregatedFieldWells": { "additionalProperties": false, "properties": { - "AssertedControls": { + "Values": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" }, - "markdownDescription": "The routing controls that are part of transactions that are evaluated to determine if a request to change a routing control state is allowed. For example, you might include three routing controls, one for each of three AWS Regions.", - "title": "AssertedControls", + "markdownDescription": "The value field wells of a histogram. Values are aggregated by `COUNT` or `DISTINCT_COUNT` .", + "title": "Values", "type": "array" - }, - "WaitPeriodMs": { - "markdownDescription": "An evaluation period, in milliseconds (ms), during which any request against the target routing controls will fail. This helps prevent flapping of state. The wait period is 5000 ms by default, but you can choose a custom value.", - "title": "WaitPeriodMs", - "type": "number" } }, - "required": [ - "AssertedControls", - "WaitPeriodMs" - ], "type": "object" }, - "AWS::Route53RecoveryControl::SafetyRule.GatingRule": { + "AWS::QuickSight::Dashboard.HistogramBinOptions": { "additionalProperties": false, "properties": { - "GatingControls": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of gating routing control Amazon Resource Names (ARNs). For a simple on-off switch, specify the ARN for one routing control. The gating routing controls are evaluated by the rule configuration that you specify to determine if the target routing control states can be changed.", - "title": "GatingControls", - "type": "array" + "BinCount": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BinCountOptions", + "markdownDescription": "The options that determine the bin count of a histogram.", + "title": "BinCount" }, - "TargetControls": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of target routing control Amazon Resource Names (ARNs) for which the states can only be updated if the rule configuration that you specify evaluates to true for the gating routing control. As a simple example, if you have a single gating control, it acts as an overall on-off switch for a set of target routing controls. You can use this to manually override automated failover, for example.", - "title": "TargetControls", - "type": "array" + "BinWidth": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BinWidthOptions", + "markdownDescription": "The options that determine the bin width of a histogram.", + "title": "BinWidth" }, - "WaitPeriodMs": { - "markdownDescription": "An evaluation period, in milliseconds (ms), during which any request against the target routing controls will fail. This helps prevent flapping of state. The wait period is 5000 ms by default, but you can choose a custom value.", - "title": "WaitPeriodMs", + "SelectedBinType": { + "markdownDescription": "The options that determine the selected bin type.", + "title": "SelectedBinType", + "type": "string" + }, + "StartValue": { + "markdownDescription": "The options that determine the bin start value.", + "title": "StartValue", "type": "number" } }, - "required": [ - "GatingControls", - "TargetControls", - "WaitPeriodMs" - ], "type": "object" }, - "AWS::Route53RecoveryControl::SafetyRule.RuleConfig": { + "AWS::QuickSight::Dashboard.HistogramConfiguration": { "additionalProperties": false, "properties": { - "Inverted": { - "markdownDescription": "Logical negation of the rule. If the rule would usually evaluate true, it's evaluated as false, and vice versa.", - "title": "Inverted", - "type": "boolean" + "BinOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.HistogramBinOptions", + "markdownDescription": "The options that determine the presentation of histogram bins.", + "title": "BinOptions" }, - "Threshold": { - "markdownDescription": "The value of N, when you specify an `ATLEAST` rule type. That is, `Threshold` is the number of controls that must be set when you specify an `ATLEAST` type.", - "title": "Threshold", - "type": "number" + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", + "markdownDescription": "The data label configuration of a histogram.", + "title": "DataLabels" }, - "Type": { - "markdownDescription": "A rule can be one of the following: `ATLEAST` , `AND` , or `OR` .", - "title": "Type", - "type": "string" + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.HistogramFieldWells", + "markdownDescription": "The field well configuration of a histogram.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", + "markdownDescription": "The tooltip configuration of a histogram.", + "title": "Tooltip" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", + "markdownDescription": "The visual palette configuration of a histogram.", + "title": "VisualPalette" + }, + "XAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the x-axis.", + "title": "XAxisDisplayOptions" + }, + "XAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the x-axis label.", + "title": "XAxisLabelOptions" + }, + "YAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the y-axis.", + "title": "YAxisDisplayOptions" } }, - "required": [ - "Inverted", - "Threshold", - "Type" - ], "type": "object" }, - "AWS::Route53RecoveryReadiness::Cell": { + "AWS::QuickSight::Dashboard.HistogramFieldWells": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "HistogramAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.HistogramAggregatedFieldWells", + "markdownDescription": "The field well configuration of a histogram.", + "title": "HistogramAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.HistogramVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.HistogramConfiguration", + "markdownDescription": "The configuration for a `HistogramVisual` .", + "title": "ChartConfiguration" }, - "Metadata": { - "type": "object" + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" }, - "Properties": { - "additionalProperties": false, - "properties": { - "CellName": { - "markdownDescription": "The name of the cell to create.", - "title": "CellName", - "type": "string" - }, - "Cells": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of cell Amazon Resource Names (ARNs) contained within this cell, for use in nested cells. For example, Availability Zones within specific AWS Regions .", - "title": "Cells", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A collection of tags associated with a resource.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" }, - "Type": { - "enum": [ - "AWS::Route53RecoveryReadiness::Cell" - ], + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", "type": "string" } }, "required": [ - "Type" + "VisualId" ], "type": "object" }, - "AWS::Route53RecoveryReadiness::ReadinessCheck": { + "AWS::QuickSight::Dashboard.ImageCustomAction": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "ActionOperations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ImageCustomActionOperation" + }, + "markdownDescription": "A list of `ImageCustomActionOperations` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", + "title": "ActionOperations", + "type": "array" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "CustomActionId": { + "markdownDescription": "The ID of the custom action.", + "title": "CustomActionId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ReadinessCheckName": { - "markdownDescription": "The name of the readiness check to create.", - "title": "ReadinessCheckName", - "type": "string" - }, - "ResourceSetName": { - "markdownDescription": "The name of the resource set to check.", - "title": "ResourceSetName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A collection of tags associated with a resource.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" + "Name": { + "markdownDescription": "The name of the custom action.", + "title": "Name", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Route53RecoveryReadiness::ReadinessCheck" - ], + "Status": { + "markdownDescription": "The status of the custom action.", + "title": "Status", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Trigger": { + "markdownDescription": "The trigger of the `VisualCustomAction` .\n\nValid values are defined as follows:\n\n- `CLICK` : Initiates a custom action by a left pointer click on a data point.\n- `MENU` : Initiates a custom action by right pointer click from the menu.", + "title": "Trigger", "type": "string" } }, "required": [ - "Type" + "ActionOperations", + "CustomActionId", + "Name", + "Trigger" ], "type": "object" }, - "AWS::Route53RecoveryReadiness::RecoveryGroup": { + "AWS::QuickSight::Dashboard.ImageCustomActionOperation": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "NavigationOperation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionNavigationOperation", + "markdownDescription": "", + "title": "NavigationOperation" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Cells": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the cell Amazon Resource Names (ARNs) in the recovery group.", - "title": "Cells", - "type": "array" - }, - "RecoveryGroupName": { - "markdownDescription": "The name of the recovery group to create.", - "title": "RecoveryGroupName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A collection of tags associated with a resource.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" + "SetParametersOperation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionSetParametersOperation", + "markdownDescription": "", + "title": "SetParametersOperation" }, - "Type": { - "enum": [ - "AWS::Route53RecoveryReadiness::RecoveryGroup" - ], + "URLOperation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionURLOperation", + "markdownDescription": "", + "title": "URLOperation" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ImageInteractionOptions": { + "additionalProperties": false, + "properties": { + "ImageMenuOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ImageMenuOption", + "markdownDescription": "The menu options for the image.", + "title": "ImageMenuOption" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ImageMenuOption": { + "additionalProperties": false, + "properties": { + "AvailabilityStatus": { + "markdownDescription": "The availability status of the image menu. If the value of this property is set to `ENABLED` , dashboard readers can interact with the image menu.", + "title": "AvailabilityStatus", "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ImageStaticFile": { + "additionalProperties": false, + "properties": { + "Source": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.StaticFileSource", + "markdownDescription": "The source of the image static file.", + "title": "Source" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "StaticFileId": { + "markdownDescription": "The ID of the static file that contains an image.", + "title": "StaticFileId", "type": "string" } }, "required": [ - "Type" + "StaticFileId" ], "type": "object" }, - "AWS::Route53RecoveryReadiness::ResourceSet": { + "AWS::QuickSight::Dashboard.InnerFilter": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "CategoryInnerFilter": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CategoryInnerFilter", + "markdownDescription": "A `CategoryInnerFilter` filters text values for the `NestedFilter` .", + "title": "CategoryInnerFilter" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.InsightConfiguration": { + "additionalProperties": false, + "properties": { + "Computations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.Computation" + }, + "markdownDescription": "The computations configurations of the insight visual", + "title": "Computations", + "type": "array" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "CustomNarrative": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomNarrativeOptions", + "markdownDescription": "The custom narrative of the insight visual.", + "title": "CustomNarrative" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.InsightVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "DataSetIdentifier": { + "markdownDescription": "The dataset that is used in the insight visual.", + "title": "DataSetIdentifier", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "InsightConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.InsightConfiguration", + "markdownDescription": "The configuration of an insight visual.", + "title": "InsightConfiguration" }, - "Metadata": { - "type": "object" + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ResourceSetName": { - "markdownDescription": "The name of the resource set to create.", - "title": "ResourceSetName", - "type": "string" - }, - "ResourceSetType": { - "markdownDescription": "The resource type of the resources in the resource set. Enter one of the following values for resource type:\n\nAWS::ApiGateway::Stage, AWS::ApiGatewayV2::Stage, AWS::AutoScaling::AutoScalingGroup, AWS::CloudWatch::Alarm, AWS::EC2::CustomerGateway, AWS::DynamoDB::Table, AWS::EC2::Volume, AWS::ElasticLoadBalancing::LoadBalancer, AWS::ElasticLoadBalancingV2::LoadBalancer, AWS::Lambda::Function, AWS::MSK::Cluster, AWS::RDS::DBCluster, AWS::Route53::HealthCheck, AWS::SQS::Queue, AWS::SNS::Topic, AWS::SNS::Subscription, AWS::EC2::VPC, AWS::EC2::VPNConnection, AWS::EC2::VPNGateway, AWS::Route53RecoveryReadiness::DNSTargetResource.\n\nNote that AWS::Route53RecoveryReadiness::DNSTargetResource is only used for this setting. It isn't an actual AWS CloudFormation resource type.", - "title": "ResourceSetType", - "type": "string" - }, - "Resources": { - "items": { - "$ref": "#/definitions/AWS::Route53RecoveryReadiness::ResourceSet.Resource" - }, - "markdownDescription": "A list of resource objects in the resource set.", - "title": "Resources", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A tag to associate with the parameters for a resource set.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "ResourceSetType", - "Resources" - ], - "type": "object" + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" }, - "Type": { - "enum": [ - "AWS::Route53RecoveryReadiness::ResourceSet" - ], + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", "type": "string" } }, "required": [ - "Type", - "Properties" + "DataSetIdentifier", + "VisualId" ], "type": "object" }, - "AWS::Route53RecoveryReadiness::ResourceSet.DNSTargetResource": { + "AWS::QuickSight::Dashboard.IntegerDefaultValues": { "additionalProperties": false, "properties": { - "DomainName": { - "markdownDescription": "The domain name that acts as an ingress point to a portion of the customer application.", - "title": "DomainName", - "type": "string" + "DynamicValue": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DynamicDefaultValue", + "markdownDescription": "The dynamic value of the `IntegerDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", + "title": "DynamicValue" }, - "HostedZoneArn": { - "markdownDescription": "The hosted zone Amazon Resource Name (ARN) that contains the DNS record with the provided name of the target resource.", - "title": "HostedZoneArn", + "StaticValues": { + "items": { + "type": "number" + }, + "markdownDescription": "The static values of the `IntegerDefaultValues` .", + "title": "StaticValues", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.IntegerParameter": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the integer parameter.", + "title": "Name", "type": "string" }, - "RecordSetId": { - "markdownDescription": "The Amazon Route 53 record set ID that uniquely identifies a DNS record, given a name and a type.", - "title": "RecordSetId", + "Values": { + "items": { + "type": "number" + }, + "markdownDescription": "The values for the integer parameter.", + "title": "Values", + "type": "array" + } + }, + "required": [ + "Name", + "Values" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.IntegerParameterDeclaration": { + "additionalProperties": false, + "properties": { + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.IntegerDefaultValues", + "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", + "title": "DefaultValues" + }, + "MappedDataSetParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MappedDataSetParameter" + }, + "markdownDescription": "", + "title": "MappedDataSetParameters", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the parameter that is being declared.", + "title": "Name", "type": "string" }, - "RecordType": { - "markdownDescription": "The type of DNS record of the target resource.", - "title": "RecordType", + "ParameterValueType": { + "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", + "title": "ParameterValueType", "type": "string" }, - "TargetResource": { - "$ref": "#/definitions/AWS::Route53RecoveryReadiness::ResourceSet.TargetResource", - "markdownDescription": "The target resource that the Route 53 record points to.", - "title": "TargetResource" + "ValueWhenUnset": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.IntegerValueWhenUnsetConfiguration", + "markdownDescription": "A parameter declaration for the `Integer` data type.", + "title": "ValueWhenUnset" } }, + "required": [ + "Name", + "ParameterValueType" + ], "type": "object" }, - "AWS::Route53RecoveryReadiness::ResourceSet.NLBResource": { + "AWS::QuickSight::Dashboard.IntegerValueWhenUnsetConfiguration": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Network Load Balancer resource Amazon Resource Name (ARN).", - "title": "Arn", + "CustomValue": { + "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", + "title": "CustomValue", + "type": "number" + }, + "ValueWhenUnsetOption": { + "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", + "title": "ValueWhenUnsetOption", "type": "string" } }, "type": "object" }, - "AWS::Route53RecoveryReadiness::ResourceSet.R53ResourceRecord": { + "AWS::QuickSight::Dashboard.ItemsLimitConfiguration": { "additionalProperties": false, "properties": { - "DomainName": { - "markdownDescription": "The DNS target domain name.", - "title": "DomainName", - "type": "string" + "ItemsLimit": { + "markdownDescription": "The limit on how many items of a field are showed in the chart. For example, the number of slices that are displayed in a pie chart.", + "title": "ItemsLimit", + "type": "number" }, - "RecordSetId": { - "markdownDescription": "The Amazon Route 53 Resource Record Set ID.", - "title": "RecordSetId", + "OtherCategories": { + "markdownDescription": "The `Show other` of an axis in the chart. Choose one of the following options:\n\n- `INCLUDE`\n- `EXCLUDE`", + "title": "OtherCategories", "type": "string" } }, "type": "object" }, - "AWS::Route53RecoveryReadiness::ResourceSet.Resource": { + "AWS::QuickSight::Dashboard.KPIActualValueConditionalFormatting": { "additionalProperties": false, "properties": { - "ComponentId": { - "markdownDescription": "The component identifier of the resource, generated when DNS target resource is used.", - "title": "ComponentId", - "type": "string" + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting of the actual value's icon.", + "title": "Icon" }, - "DnsTargetResource": { - "$ref": "#/definitions/AWS::Route53RecoveryReadiness::ResourceSet.DNSTargetResource", - "markdownDescription": "A component for DNS/routing control readiness checks. This is a required setting when `ResourceSet` `ResourceSetType` is set to `AWS::Route53RecoveryReadiness::DNSTargetResource` . Do not set it for any other `ResourceSetType` setting.", - "title": "DnsTargetResource" + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the actual value's text color.", + "title": "TextColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.KPIComparisonValueConditionalFormatting": { + "additionalProperties": false, + "properties": { + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting of the comparison value's icon.", + "title": "Icon" }, - "ReadinessScopes": { + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the comparison value's text color.", + "title": "TextColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.KPIConditionalFormatting": { + "additionalProperties": false, + "properties": { + "ConditionalFormattingOptions": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIConditionalFormattingOption" }, - "markdownDescription": "The recovery group Amazon Resource Name (ARN) or the cell ARN that the readiness checks for this resource set are scoped to.", - "title": "ReadinessScopes", + "markdownDescription": "The conditional formatting options of a KPI visual.", + "title": "ConditionalFormattingOptions", "type": "array" - }, - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS resource. This is a required setting for all `ResourceSet` `ResourceSetType` settings except `AWS::Route53RecoveryReadiness::DNSTargetResource` . Do not set this when `ResourceSetType` is set to `AWS::Route53RecoveryReadiness::DNSTargetResource` .", - "title": "ResourceArn", - "type": "string" } }, "type": "object" }, - "AWS::Route53RecoveryReadiness::ResourceSet.TargetResource": { + "AWS::QuickSight::Dashboard.KPIConditionalFormattingOption": { "additionalProperties": false, "properties": { - "NLBResource": { - "$ref": "#/definitions/AWS::Route53RecoveryReadiness::ResourceSet.NLBResource", - "markdownDescription": "The Network Load Balancer resource that a DNS target resource points to.", - "title": "NLBResource" + "ActualValue": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIActualValueConditionalFormatting", + "markdownDescription": "The conditional formatting for the actual value of a KPI visual.", + "title": "ActualValue" }, - "R53Resource": { - "$ref": "#/definitions/AWS::Route53RecoveryReadiness::ResourceSet.R53ResourceRecord", - "markdownDescription": "The Route 53 resource that a DNS target resource record points to.", - "title": "R53Resource" + "ComparisonValue": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIComparisonValueConditionalFormatting", + "markdownDescription": "The conditional formatting for the comparison value of a KPI visual.", + "title": "ComparisonValue" + }, + "PrimaryValue": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIPrimaryValueConditionalFormatting", + "markdownDescription": "The conditional formatting for the primary value of a KPI visual.", + "title": "PrimaryValue" + }, + "ProgressBar": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIProgressBarConditionalFormatting", + "markdownDescription": "The conditional formatting for the progress bar of a KPI visual.", + "title": "ProgressBar" } }, "type": "object" }, - "AWS::Route53Resolver::FirewallDomainList": { + "AWS::QuickSight::Dashboard.KPIConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIFieldWells", + "markdownDescription": "The field well configuration of a KPI visual.", + "title": "FieldWells" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" }, - "Metadata": { - "type": "object" + "KPIOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIOptions", + "markdownDescription": "The options that determine the presentation of a KPI visual.", + "title": "KPIOptions" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DomainFileUrl": { - "markdownDescription": "The fully qualified URL or URI of the file stored in Amazon Simple Storage Service (Amazon S3) that contains the list of domains to import.\n\nThe file must be in an S3 bucket that's in the same Region as your DNS Firewall. The file must be a text file and must contain a single domain per line.", - "title": "DomainFileUrl", - "type": "string" - }, - "Domains": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the domain lists that you have defined.", - "title": "Domains", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the domain list.", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of the tag keys and values that you want to associate with the domain list.", - "title": "Tags", - "type": "array" - } + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPISortConfiguration", + "markdownDescription": "The sort configuration of a KPI visual.", + "title": "SortConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.KPIFieldWells": { + "additionalProperties": false, + "properties": { + "TargetValues": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" }, - "type": "object" + "markdownDescription": "The target value field wells of a KPI visual.", + "title": "TargetValues", + "type": "array" }, - "Type": { - "enum": [ - "AWS::Route53Resolver::FirewallDomainList" - ], - "type": "string" + "TrendGroups": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The trend group field wells of a KPI visual.", + "title": "TrendGroups", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The value field wells of a KPI visual.", + "title": "Values", + "type": "array" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::Route53Resolver::FirewallRuleGroup": { + "AWS::QuickSight::Dashboard.KPIOptions": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Comparison": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComparisonConfiguration", + "markdownDescription": "The comparison configuration of a KPI visual.", + "title": "Comparison" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "PrimaryValueDisplayType": { + "markdownDescription": "The options that determine the primary value display type.", + "title": "PrimaryValueDisplayType", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "PrimaryValueFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", + "markdownDescription": "The options that determine the primary value font configuration.", + "title": "PrimaryValueFontConfiguration" }, - "Metadata": { - "type": "object" + "ProgressBar": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ProgressBarOptions", + "markdownDescription": "The options that determine the presentation of the progress bar of a KPI visual.", + "title": "ProgressBar" }, - "Properties": { - "additionalProperties": false, - "properties": { - "FirewallRules": { - "items": { - "$ref": "#/definitions/AWS::Route53Resolver::FirewallRuleGroup.FirewallRule" - }, - "markdownDescription": "A list of the rules that you have defined.", - "title": "FirewallRules", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the rule group.", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of the tag keys and values that you want to associate with the rule group.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" + "SecondaryValue": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SecondaryValueOptions", + "markdownDescription": "The options that determine the presentation of the secondary value of a KPI visual.", + "title": "SecondaryValue" }, - "Type": { - "enum": [ - "AWS::Route53Resolver::FirewallRuleGroup" - ], - "type": "string" + "SecondaryValueFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", + "markdownDescription": "The options that determine the secondary value font configuration.", + "title": "SecondaryValueFontConfiguration" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Sparkline": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPISparklineOptions", + "markdownDescription": "The options that determine the visibility, color, type, and tooltip visibility of the sparkline of a KPI visual.", + "title": "Sparkline" + }, + "TrendArrows": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TrendArrowOptions", + "markdownDescription": "The options that determine the presentation of trend arrows in a KPI visual.", + "title": "TrendArrows" + }, + "VisualLayoutOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIVisualLayoutOptions", + "markdownDescription": "The options that determine the layout a KPI visual.", + "title": "VisualLayoutOptions" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::Route53Resolver::FirewallRuleGroup.FirewallRule": { + "AWS::QuickSight::Dashboard.KPIPrimaryValueConditionalFormatting": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The action that DNS Firewall should take on a DNS query when it matches one of the domains in the rule's domain list, or a threat in a DNS Firewall Advvanced rule:\n\n- `ALLOW` - Permit the request to go through. Not available for DNS Firewall Advanced rules.\n- `ALERT` - Permit the request to go through but send an alert to the logs.\n- `BLOCK` - Disallow the request. If this is specified,then `BlockResponse` must also be specified.\n\nif `BlockResponse` is `OVERRIDE` , then all of the following `OVERRIDE` attributes must be specified:\n\n- `BlockOverrideDnsType`\n- `BlockOverrideDomain`\n- `BlockOverrideTtl`", - "title": "Action", - "type": "string" - }, - "BlockOverrideDnsType": { - "markdownDescription": "The DNS record's type. This determines the format of the record value that you provided in `BlockOverrideDomain` . Used for the rule action `BLOCK` with a `BlockResponse` setting of `OVERRIDE` .", - "title": "BlockOverrideDnsType", - "type": "string" + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting of the primary value's icon.", + "title": "Icon" }, - "BlockOverrideDomain": { - "markdownDescription": "The custom DNS record to send back in response to the query. Used for the rule action `BLOCK` with a `BlockResponse` setting of `OVERRIDE` .", - "title": "BlockOverrideDomain", + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the primary value's text color.", + "title": "TextColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.KPIProgressBarConditionalFormatting": { + "additionalProperties": false, + "properties": { + "ForegroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the progress bar's foreground color.", + "title": "ForegroundColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.KPISortConfiguration": { + "additionalProperties": false, + "properties": { + "TrendGroupSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the trend group fields.", + "title": "TrendGroupSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.KPISparklineOptions": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The color of the sparkline.", + "title": "Color", "type": "string" }, - "BlockOverrideTtl": { - "markdownDescription": "The recommended amount of time, in seconds, for the DNS resolver or web browser to cache the provided override record. Used for the rule action `BLOCK` with a `BlockResponse` setting of `OVERRIDE` .", - "title": "BlockOverrideTtl", - "type": "number" - }, - "BlockResponse": { - "markdownDescription": "The way that you want DNS Firewall to block the request. Used for the rule action setting `BLOCK` .\n\n- `NODATA` - Respond indicating that the query was successful, but no response is available for it.\n- `NXDOMAIN` - Respond indicating that the domain name that's in the query doesn't exist.\n- `OVERRIDE` - Provide a custom override in the response. This option requires custom handling details in the rule's `BlockOverride*` settings.", - "title": "BlockResponse", + "TooltipVisibility": { + "markdownDescription": "The tooltip visibility of the sparkline.", + "title": "TooltipVisibility", "type": "string" }, - "FirewallDomainListId": { - "markdownDescription": "The ID of the domain list that's used in the rule.", - "title": "FirewallDomainListId", + "Type": { + "markdownDescription": "The type of the sparkline.", + "title": "Type", "type": "string" }, - "Priority": { - "markdownDescription": "The priority of the rule in the rule group. This value must be unique within the rule group. DNS Firewall processes the rules in a rule group by order of priority, starting from the lowest setting.", - "title": "Priority", - "type": "number" - }, - "Qtype": { - "markdownDescription": "The DNS query type you want the rule to evaluate. Allowed values are;\n\n- A: Returns an IPv4 address.\n- AAAA: Returns an Ipv6 address.\n- CAA: Restricts CAs that can create SSL/TLS certifications for the domain.\n- CNAME: Returns another domain name.\n- DS: Record that identifies the DNSSEC signing key of a delegated zone.\n- MX: Specifies mail servers.\n- NAPTR: Regular-expression-based rewriting of domain names.\n- NS: Authoritative name servers.\n- PTR: Maps an IP address to a domain name.\n- SOA: Start of authority record for the zone.\n- SPF: Lists the servers authorized to send emails from a domain.\n- SRV: Application specific values that identify servers.\n- TXT: Verifies email senders and application-specific values.\n- A query type you define by using the DNS type ID, for example 28 for AAAA. The values must be defined as TYPE NUMBER , where the NUMBER can be 1-65334, for example, TYPE28. For more information, see [List of DNS record types](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/List_of_DNS_record_types) .", - "title": "Qtype", + "Visibility": { + "markdownDescription": "The visibility of the sparkline.", + "title": "Visibility", "type": "string" } }, "required": [ - "Action", - "FirewallDomainListId", - "Priority" + "Type" ], "type": "object" }, - "AWS::Route53Resolver::FirewallRuleGroupAssociation": { + "AWS::QuickSight::Dashboard.KPIVisual": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIConfiguration", + "markdownDescription": "The configuration of a KPI visual.", + "title": "ChartConfiguration" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" }, - "Metadata": { - "type": "object" + "ConditionalFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIConditionalFormatting", + "markdownDescription": "The conditional formatting of a KPI visual.", + "title": "ConditionalFormatting" }, - "Properties": { - "additionalProperties": false, - "properties": { - "FirewallRuleGroupId": { - "markdownDescription": "The unique identifier of the firewall rule group.", - "title": "FirewallRuleGroupId", - "type": "string" - }, - "MutationProtection": { - "markdownDescription": "If enabled, this setting disallows modification or removal of the association, to help prevent against accidentally altering DNS firewall protections.", - "title": "MutationProtection", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the association.", - "title": "Name", - "type": "string" - }, - "Priority": { - "markdownDescription": "The setting that determines the processing order of the rule group among the rule groups that are associated with a single VPC. DNS Firewall filters VPC traffic starting from rule group with the lowest numeric priority setting.\n\nYou must specify a unique priority for each rule group that you associate with a single VPC. To make it easier to insert rule groups later, leave space between the numbers, for example, use 101, 200, and so on. You can change the priority setting for a rule group association after you create it.\n\nThe allowed values for `Priority` are between 100 and 9900 (excluding 100 and 9900).", - "title": "Priority", - "type": "number" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of the tag keys and values that you want to associate with the rule group.", - "title": "Tags", - "type": "array" - }, - "VpcId": { - "markdownDescription": "The unique identifier of the VPC that is associated with the rule group.", - "title": "VpcId", - "type": "string" - } - }, - "required": [ - "FirewallRuleGroupId", - "Priority", - "VpcId" - ], - "type": "object" + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" }, - "Type": { - "enum": [ - "AWS::Route53Resolver::FirewallRuleGroupAssociation" - ], + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", "type": "string" } }, "required": [ - "Type", - "Properties" + "VisualId" ], "type": "object" }, - "AWS::Route53Resolver::OutpostResolver": { + "AWS::QuickSight::Dashboard.KPIVisualLayoutOptions": { + "additionalProperties": false, + "properties": { + "StandardLayout": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIVisualStandardLayout", + "markdownDescription": "The standard layout of the KPI visual.", + "title": "StandardLayout" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.KPIVisualStandardLayout": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "InstanceCount": { - "markdownDescription": "Amazon EC2 instance count for the Resolver on the Outpost.", - "title": "InstanceCount", - "type": "number" - }, - "Name": { - "markdownDescription": "Name of the Resolver.", - "title": "Name", - "type": "string" - }, - "OutpostArn": { - "markdownDescription": "The ARN (Amazon Resource Name) for the Outpost.", - "title": "OutpostArn", - "type": "string" - }, - "PreferredInstanceType": { - "markdownDescription": "The Amazon EC2 instance type. If you specify this, you must also specify a value for the `OutpostArn` .", - "title": "PreferredInstanceType", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A key value pair that helps you identify a Route\u00a053 Resolver .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Name", - "OutpostArn", - "PreferredInstanceType" - ], - "type": "object" - }, "Type": { - "enum": [ - "AWS::Route53Resolver::OutpostResolver" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "markdownDescription": "The standard layout type.", + "title": "Type", "type": "string" } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Route53Resolver::ResolverConfig": { + "AWS::QuickSight::Dashboard.LabelOptions": { "additionalProperties": false, "properties": { - "Condition": { + "CustomLabel": { + "markdownDescription": "The text for the label.", + "title": "CustomLabel", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", + "markdownDescription": "The font configuration of the label.", + "title": "FontConfiguration" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Visibility": { + "markdownDescription": "Determines whether or not the label is visible.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.LayerCustomAction": { + "additionalProperties": false, + "properties": { + "ActionOperations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LayerCustomActionOperation" + }, + "markdownDescription": "A list of `LayerCustomActionOperations` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", + "title": "ActionOperations", + "type": "array" }, - "Metadata": { - "type": "object" + "CustomActionId": { + "markdownDescription": "The ID of the custom action.", + "title": "CustomActionId", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AutodefinedReverseFlag": { - "markdownDescription": "Represents the desired status of `AutodefinedReverse` . The only supported value on creation is `DISABLE` . Deletion of this resource will return `AutodefinedReverse` to its default value of `ENABLED` .", - "title": "AutodefinedReverseFlag", - "type": "string" - }, - "ResourceId": { - "markdownDescription": "The ID of the Amazon Virtual Private Cloud VPC or a Route 53 Profile that you're configuring Resolver for.", - "title": "ResourceId", - "type": "string" - } - }, - "required": [ - "AutodefinedReverseFlag", - "ResourceId" - ], - "type": "object" + "Name": { + "markdownDescription": "The name of the custom action.", + "title": "Name", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Route53Resolver::ResolverConfig" - ], + "Status": { + "markdownDescription": "The status of the `LayerCustomAction` .", + "title": "Status", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Trigger": { + "markdownDescription": "The trigger of the `LayerCustomAction` .\n\nValid values are defined as follows:\n\n- `DATA_POINT_CLICK` : Initiates a custom action by a left pointer click on a data point.\n- `DATA_POINT_MENU` : Initiates a custom action by right pointer click from the menu.", + "title": "Trigger", "type": "string" } }, "required": [ - "Type", - "Properties" + "ActionOperations", + "CustomActionId", + "Name", + "Trigger" ], "type": "object" }, - "AWS::Route53Resolver::ResolverDNSSECConfig": { + "AWS::QuickSight::Dashboard.LayerCustomActionOperation": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "FilterOperation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionFilterOperation", + "markdownDescription": "", + "title": "FilterOperation" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ResourceId": { - "markdownDescription": "The ID of the virtual private cloud (VPC) that you're configuring the DNSSEC validation status for.", - "title": "ResourceId", - "type": "string" - } - }, - "type": "object" + "NavigationOperation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionNavigationOperation", + "markdownDescription": "", + "title": "NavigationOperation" }, - "Type": { - "enum": [ - "AWS::Route53Resolver::ResolverDNSSECConfig" - ], - "type": "string" + "SetParametersOperation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionSetParametersOperation", + "markdownDescription": "", + "title": "SetParametersOperation" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "URLOperation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionURLOperation", + "markdownDescription": "", + "title": "URLOperation" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::Route53Resolver::ResolverEndpoint": { + "AWS::QuickSight::Dashboard.LayerMapVisual": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialLayerMapConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DataSetIdentifier": { + "markdownDescription": "The dataset that is used to create the layer map visual. You can't create a visual without a dataset.", + "title": "DataSetIdentifier", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "", + "title": "Subtitle" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Direction": { - "markdownDescription": "Indicates whether the Resolver endpoint allows inbound or outbound DNS queries:\n\n- `INBOUND` : allows DNS queries to your VPC from your network\n- `OUTBOUND` : allows DNS queries from your VPC to your network", - "title": "Direction", - "type": "string" - }, - "IpAddresses": { - "items": { - "$ref": "#/definitions/AWS::Route53Resolver::ResolverEndpoint.IpAddressRequest" - }, - "markdownDescription": "The subnets and IP addresses in your VPC that DNS queries originate from (for outbound endpoints) or that you forward DNS queries to (for inbound endpoints). The subnet ID uniquely identifies a VPC.\n\n> Even though the minimum is 1, Route\u00a053 requires that you create at least two.", - "title": "IpAddresses", - "type": "array" - }, - "Name": { - "markdownDescription": "A friendly name that lets you easily find a configuration in the Resolver dashboard in the Route 53 console.", - "title": "Name", - "type": "string" - }, - "OutpostArn": { - "markdownDescription": "The ARN (Amazon Resource Name) for the Outpost.", - "title": "OutpostArn", - "type": "string" - }, - "PreferredInstanceType": { - "markdownDescription": "The Amazon EC2 instance type.", - "title": "PreferredInstanceType", - "type": "string" - }, - "Protocols": { - "items": { - "type": "string" - }, - "markdownDescription": "Protocols used for the endpoint. DoH-FIPS is applicable for inbound endpoints only.\n\nFor an inbound endpoint you can apply the protocols as follows:\n\n- Do53 and DoH in combination.\n- Do53 and DoH-FIPS in combination.\n- Do53 alone.\n- DoH alone.\n- DoH-FIPS alone.\n- None, which is treated as Do53.\n\nFor an outbound endpoint you can apply the protocols as follows:\n\n- Do53 and DoH in combination.\n- Do53 alone.\n- DoH alone.\n- None, which is treated as Do53.", - "title": "Protocols", - "type": "array" - }, - "ResolverEndpointType": { - "markdownDescription": "The Resolver endpoint IP address type.", - "title": "ResolverEndpointType", - "type": "string" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The ID of one or more security groups that control access to this VPC. The security group must include one or more inbound rules (for inbound endpoints) or outbound rules (for outbound endpoints). Inbound and outbound rules must allow TCP and UDP access. For inbound access, open port 53. For outbound access, open the port that you're using for DNS queries on your network.", - "title": "SecurityGroupIds", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Route 53 Resolver doesn't support updating tags through CloudFormation.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Direction", - "IpAddresses", - "SecurityGroupIds" - ], - "type": "object" + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "", + "title": "Title" }, - "Type": { - "enum": [ - "AWS::Route53Resolver::ResolverEndpoint" - ], + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VisualId": { + "markdownDescription": "The ID of the visual.", + "title": "VisualId", "type": "string" } }, "required": [ - "Type", - "Properties" + "DataSetIdentifier", + "VisualId" ], "type": "object" }, - "AWS::Route53Resolver::ResolverEndpoint.IpAddressRequest": { + "AWS::QuickSight::Dashboard.Layout": { "additionalProperties": false, "properties": { - "Ip": { - "markdownDescription": "The IPv4 address that you want to use for DNS queries.", - "title": "Ip", - "type": "string" - }, - "Ipv6": { - "markdownDescription": "The IPv6 address that you want to use for DNS queries.", - "title": "Ipv6", - "type": "string" - }, - "SubnetId": { - "markdownDescription": "The ID of the subnet that contains the IP address.", - "title": "SubnetId", - "type": "string" + "Configuration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LayoutConfiguration", + "markdownDescription": "The configuration that determines what the type of layout for a sheet.", + "title": "Configuration" } }, "required": [ - "SubnetId" + "Configuration" ], "type": "object" }, - "AWS::Route53Resolver::ResolverQueryLoggingConfig": { + "AWS::QuickSight::Dashboard.LayoutConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "FreeFormLayout": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutConfiguration", + "markdownDescription": "A free-form is optimized for a fixed width and has more control over the exact placement of layout elements.", + "title": "FreeFormLayout" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "GridLayout": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GridLayoutConfiguration", + "markdownDescription": "A type of layout that can be used on a sheet. In a grid layout, visuals snap to a grid with standard spacing and alignment. Dashboards are displayed as designed, with options to fit to screen or view at actual size. A grid layout can be configured to behave in one of two ways when the viewport is resized: `FIXED` or `RESPONSIVE` .", + "title": "GridLayout" + }, + "SectionBasedLayout": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionBasedLayoutConfiguration", + "markdownDescription": "A section based layout organizes visuals into multiple sections and has customized header, footer and page break.", + "title": "SectionBasedLayout" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.LegendOptions": { + "additionalProperties": false, + "properties": { + "Height": { + "markdownDescription": "The height of the legend. If this value is omitted, a default height is used when rendering.", + "title": "Height", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Position": { + "markdownDescription": "The positions for the legend. Choose one of the following options:\n\n- `AUTO`\n- `RIGHT`\n- `BOTTOM`\n- `LEFT`", + "title": "Position", + "type": "string" }, - "Metadata": { - "type": "object" + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", + "markdownDescription": "The custom title for the legend.", + "title": "Title" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DestinationArn": { - "markdownDescription": "The ARN of the resource that you want Resolver to send query logs: an Amazon S3 bucket, a CloudWatch Logs log group, or a Kinesis Data Firehose delivery stream.", - "title": "DestinationArn", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the query logging configuration.", - "title": "Name", - "type": "string" - } - }, - "type": "object" + "ValueFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", + "markdownDescription": "", + "title": "ValueFontConfiguration" }, - "Type": { - "enum": [ - "AWS::Route53Resolver::ResolverQueryLoggingConfig" - ], + "Visibility": { + "markdownDescription": "Determines whether or not the legend is visible.", + "title": "Visibility", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Width": { + "markdownDescription": "The width of the legend. If this value is omitted, a default width is used when rendering.", + "title": "Width", "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation": { + "AWS::QuickSight::Dashboard.LineChartAggregatedFieldWells": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The category field wells of a line chart. Values are grouped by category fields.", + "title": "Category", + "type": "array" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ResolverQueryLogConfigId": { - "markdownDescription": "The ID of the query logging configuration that a VPC is associated with.", - "title": "ResolverQueryLogConfigId", - "type": "string" - }, - "ResourceId": { - "markdownDescription": "The ID of the Amazon VPC that is associated with the query logging configuration.", - "title": "ResourceId", - "type": "string" - } + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, - "type": "object" + "markdownDescription": "The color field wells of a line chart. Values are grouped by category fields.", + "title": "Colors", + "type": "array" }, - "Type": { - "enum": [ - "AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation" - ], - "type": "string" + "SmallMultiples": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The small multiples field well of a line chart.", + "title": "SmallMultiples", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The value field wells of a line chart. Values are aggregated based on categories.", + "title": "Values", + "type": "array" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::Route53Resolver::ResolverRule": { + "AWS::QuickSight::Dashboard.LineChartConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "ContributionAnalysisDefaults": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ContributionAnalysisDefault" + }, + "markdownDescription": "The default configuration of a line chart's contribution analysis.", + "title": "ContributionAnalysisDefaults", + "type": "array" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", + "markdownDescription": "The data label configuration of a line chart.", + "title": "DataLabels" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "DefaultSeriesSettings": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartDefaultSeriesSettings", + "markdownDescription": "The options that determine the default presentation of all line series in `LineChartVisual` .", + "title": "DefaultSeriesSettings" }, - "Metadata": { - "type": "object" + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartFieldWells", + "markdownDescription": "The field well configuration of a line chart.", + "title": "FieldWells" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DomainName": { - "markdownDescription": "DNS queries for this domain name are forwarded to the IP addresses that are specified in `TargetIps` . If a query matches multiple Resolver rules (example.com and www.example.com), the query is routed using the Resolver rule that contains the most specific domain name (www.example.com).", - "title": "DomainName", - "type": "string" - }, - "Name": { - "markdownDescription": "The name for the Resolver rule, which you specified when you created the Resolver rule.", - "title": "Name", - "type": "string" - }, - "ResolverEndpointId": { - "markdownDescription": "The ID of the endpoint that the rule is associated with.", - "title": "ResolverEndpointId", - "type": "string" - }, - "RuleType": { - "markdownDescription": "When you want to forward DNS queries for specified domain name to resolvers on your network, specify `FORWARD` .\n\nWhen you have a forwarding rule to forward DNS queries for a domain to your network and you want Resolver to process queries for a subdomain of that domain, specify `SYSTEM` .\n\nFor example, to forward DNS queries for example.com to resolvers on your network, you create a rule and specify `FORWARD` for `RuleType` . To then have Resolver process queries for apex.example.com, you create a rule and specify `SYSTEM` for `RuleType` .\n\nCurrently, only Resolver can create rules that have a value of `RECURSIVE` for `RuleType` .", - "title": "RuleType", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Tags help organize and categorize your Resolver rules. Each tag consists of a key and an optional value, both of which you define.", - "title": "Tags", - "type": "array" - }, - "TargetIps": { - "items": { - "$ref": "#/definitions/AWS::Route53Resolver::ResolverRule.TargetAddress" - }, - "markdownDescription": "An array that contains the IP addresses and ports that an outbound endpoint forwards DNS queries to. Typically, these are the IP addresses of DNS resolvers on your network.", - "title": "TargetIps", - "type": "array" - } + "ForecastConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ForecastConfiguration" }, - "required": [ - "DomainName", - "RuleType" - ], - "type": "object" + "markdownDescription": "The forecast configuration of a line chart.", + "title": "ForecastConfigurations", + "type": "array" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", + "markdownDescription": "The legend configuration of a line chart.", + "title": "Legend" + }, + "PrimaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineSeriesAxisDisplayOptions", + "markdownDescription": "The series axis configuration of a line chart.", + "title": "PrimaryYAxisDisplayOptions" + }, + "PrimaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the y-axis label.", + "title": "PrimaryYAxisLabelOptions" + }, + "ReferenceLines": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLine" + }, + "markdownDescription": "The reference lines configuration of a line chart.", + "title": "ReferenceLines", + "type": "array" + }, + "SecondaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineSeriesAxisDisplayOptions", + "markdownDescription": "The series axis configuration of a line chart.", + "title": "SecondaryYAxisDisplayOptions" + }, + "SecondaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the secondary y-axis label.", + "title": "SecondaryYAxisLabelOptions" + }, + "Series": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SeriesItem" + }, + "markdownDescription": "The series item configuration of a line chart.", + "title": "Series", + "type": "array" + }, + "SingleAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SingleAxisOptions", + "markdownDescription": "", + "title": "SingleAxisOptions" + }, + "SmallMultiplesOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SmallMultiplesOptions", + "markdownDescription": "The small multiples setup for the visual.", + "title": "SmallMultiplesOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartSortConfiguration", + "markdownDescription": "The sort configuration of a line chart.", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", + "markdownDescription": "The tooltip configuration of a line chart.", + "title": "Tooltip" }, "Type": { - "enum": [ - "AWS::Route53Resolver::ResolverRule" - ], + "markdownDescription": "Determines the type of the line chart.", + "title": "Type", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", + "markdownDescription": "The visual palette configuration of a line chart.", + "title": "VisualPalette" + }, + "XAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the x-axis.", + "title": "XAxisDisplayOptions" + }, + "XAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the x-axis label.", + "title": "XAxisLabelOptions" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Route53Resolver::ResolverRule.TargetAddress": { + "AWS::QuickSight::Dashboard.LineChartDefaultSeriesSettings": { "additionalProperties": false, "properties": { - "Ip": { - "markdownDescription": "One IPv4 address that you want to forward DNS queries to.", - "title": "Ip", - "type": "string" - }, - "Ipv6": { - "markdownDescription": "One IPv6 address that you want to forward DNS queries to.", - "title": "Ipv6", + "AxisBinding": { + "markdownDescription": "The axis to which you are binding all line series to.", + "title": "AxisBinding", "type": "string" }, - "Port": { - "markdownDescription": "The port at `Ip` that you want to forward DNS queries to.", - "title": "Port", - "type": "string" + "LineStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartLineStyleSettings", + "markdownDescription": "Line styles options for all line series in the visual.", + "title": "LineStyleSettings" }, - "Protocol": { - "markdownDescription": "The protocols for the target address. The protocol you choose needs to be supported by the outbound endpoint of the Resolver rule.", - "title": "Protocol", - "type": "string" + "MarkerStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartMarkerStyleSettings", + "markdownDescription": "Marker styles options for all line series in the visual.", + "title": "MarkerStyleSettings" } }, "type": "object" }, - "AWS::Route53Resolver::ResolverRuleAssociation": { + "AWS::QuickSight::Dashboard.LineChartFieldWells": { "additionalProperties": false, "properties": { - "Condition": { + "LineChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartAggregatedFieldWells", + "markdownDescription": "The field well configuration of a line chart.", + "title": "LineChartAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.LineChartLineStyleSettings": { + "additionalProperties": false, + "properties": { + "LineInterpolation": { + "markdownDescription": "Interpolation style for line series.\n\n- `LINEAR` : Show as default, linear style.\n- `SMOOTH` : Show as a smooth curve.\n- `STEPPED` : Show steps in line.", + "title": "LineInterpolation", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "LineStyle": { + "markdownDescription": "Line style for line series.\n\n- `SOLID` : Show as a solid line.\n- `DOTTED` : Show as a dotted line.\n- `DASHED` : Show as a dashed line.", + "title": "LineStyle", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of an association between a Resolver rule and a VPC.", - "title": "Name", - "type": "string" - }, - "ResolverRuleId": { - "markdownDescription": "The ID of the Resolver rule that you associated with the VPC that is specified by `VPCId` .", - "title": "ResolverRuleId", - "type": "string" - }, - "VPCId": { - "markdownDescription": "The ID of the VPC that you associated the Resolver rule with.", - "title": "VPCId", - "type": "string" - } - }, - "required": [ - "ResolverRuleId", - "VPCId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Route53Resolver::ResolverRuleAssociation" - ], + "LineVisibility": { + "markdownDescription": "Configuration option that determines whether to show the line for the series.", + "title": "LineVisibility", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "LineWidth": { + "markdownDescription": "Width that determines the line thickness.", + "title": "LineWidth", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::S3::AccessGrant": { + "AWS::QuickSight::Dashboard.LineChartMarkerStyleSettings": { "additionalProperties": false, "properties": { - "Condition": { + "MarkerColor": { + "markdownDescription": "Color of marker in the series.", + "title": "MarkerColor", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "MarkerShape": { + "markdownDescription": "Shape option for markers in the series.\n\n- `CIRCLE` : Show marker as a circle.\n- `TRIANGLE` : Show marker as a triangle.\n- `SQUARE` : Show marker as a square.\n- `DIAMOND` : Show marker as a diamond.\n- `ROUNDED_SQUARE` : Show marker as a rounded square.", + "title": "MarkerShape", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AccessGrantsLocationConfiguration": { - "$ref": "#/definitions/AWS::S3::AccessGrant.AccessGrantsLocationConfiguration", - "markdownDescription": "The configuration options of the grant location. The grant location is the S3 path to the data to which you are granting access. It contains the `S3SubPrefix` field. The grant scope is the result of appending the subprefix to the location scope of the registered location.", - "title": "AccessGrantsLocationConfiguration" - }, - "AccessGrantsLocationId": { - "markdownDescription": "The ID of the registered location to which you are granting access. S3 Access Grants assigns this ID when you register the location. S3 Access Grants assigns the ID `default` to the default location `s3://` and assigns an auto-generated ID to other locations that you register.", - "title": "AccessGrantsLocationId", - "type": "string" - }, - "ApplicationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS IAM Identity Center application associated with your Identity Center instance. If the grant includes an application ARN, the grantee can only access the S3 data through this application.", - "title": "ApplicationArn", - "type": "string" - }, - "Grantee": { - "$ref": "#/definitions/AWS::S3::AccessGrant.Grantee", - "markdownDescription": "The user, group, or role to which you are granting access. You can grant access to an IAM user or role. If you have added your corporate directory to AWS IAM Identity Center and associated your Identity Center instance with your S3 Access Grants instance, the grantee can also be a corporate directory user or group.", - "title": "Grantee" - }, - "Permission": { - "markdownDescription": "The type of access that you are granting to your S3 data, which can be set to one of the following values:\n\n- `READ` \u2013 Grant read-only access to the S3 data.\n- `WRITE` \u2013 Grant write-only access to the S3 data.\n- `READWRITE` \u2013 Grant both read and write access to the S3 data.", - "title": "Permission", - "type": "string" - }, - "S3PrefixType": { - "markdownDescription": "The type of `S3SubPrefix` . The only possible value is `Object` . Pass this value if the access grant scope is an object. Do not pass this value if the access grant scope is a bucket or a bucket and a prefix.", - "title": "S3PrefixType", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The AWS resource tags that you are adding to the access grant. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "AccessGrantsLocationId", - "Grantee", - "Permission" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::S3::AccessGrant" - ], + "MarkerSize": { + "markdownDescription": "Size of marker in the series.", + "title": "MarkerSize", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "MarkerVisibility": { + "markdownDescription": "Configuration option that determines whether to show the markers in the series.", + "title": "MarkerVisibility", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::S3::AccessGrant.AccessGrantsLocationConfiguration": { + "AWS::QuickSight::Dashboard.LineChartSeriesSettings": { "additionalProperties": false, "properties": { - "S3SubPrefix": { - "markdownDescription": "The `S3SubPrefix` is appended to the location scope creating the grant scope. Use this field to narrow the scope of the grant to a subset of the location scope. This field is required if the location scope is the default location `s3://` because you cannot create a grant for all of your S3 data in the Region and must narrow the scope. For example, if the location scope is the default location `s3://` , the `S3SubPrefx` can be a `/*` , so the full grant scope path would be `s3:///*` . Or the `S3SubPrefx` can be `/*` , so the full grant scope path would be `s3:///*` .\n\nIf the `S3SubPrefix` includes a prefix, append the wildcard character `*` after the prefix to indicate that you want to include all object key names in the bucket that start with that prefix.", - "title": "S3SubPrefix", - "type": "string" + "LineStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartLineStyleSettings", + "markdownDescription": "Line styles options for a line series in `LineChartVisual` .", + "title": "LineStyleSettings" + }, + "MarkerStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartMarkerStyleSettings", + "markdownDescription": "Marker styles options for a line series in `LineChartVisual` .", + "title": "MarkerStyleSettings" } }, - "required": [ - "S3SubPrefix" - ], "type": "object" }, - "AWS::S3::AccessGrant.Grantee": { + "AWS::QuickSight::Dashboard.LineChartSortConfiguration": { "additionalProperties": false, "properties": { - "GranteeIdentifier": { - "markdownDescription": "The unique identifier of the `Grantee` . If the grantee type is `IAM` , the identifier is the IAM Amazon Resource Name (ARN) of the user or role. If the grantee type is a directory user or group, the identifier is 128-bit universally unique identifier (UUID) in the format `a1b2c3d4-5678-90ab-cdef-EXAMPLE11111` . You can obtain this UUID from your AWS IAM Identity Center instance.", - "title": "GranteeIdentifier", - "type": "string" + "CategoryItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of categories that are displayed in a line chart.", + "title": "CategoryItemsLimitConfiguration" }, - "GranteeType": { - "markdownDescription": "The type of the grantee to which access has been granted. It can be one of the following values:\n\n- `IAM` - An IAM user or role.\n- `DIRECTORY_USER` - Your corporate directory user. You can use this option if you have added your corporate identity directory to IAM Identity Center and associated the IAM Identity Center instance with your S3 Access Grants instance.\n- `DIRECTORY_GROUP` - Your corporate directory group. You can use this option if you have added your corporate identity directory to IAM Identity Center and associated the IAM Identity Center instance with your S3 Access Grants instance.", - "title": "GranteeType", - "type": "string" + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the category fields.", + "title": "CategorySort", + "type": "array" + }, + "ColorItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of lines that are displayed in a line chart.", + "title": "ColorItemsLimitConfiguration" + }, + "SmallMultiplesLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of small multiples panels that are displayed.", + "title": "SmallMultiplesLimitConfiguration" + }, + "SmallMultiplesSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the small multiples field.", + "title": "SmallMultiplesSort", + "type": "array" } }, - "required": [ - "GranteeIdentifier", - "GranteeType" - ], "type": "object" }, - "AWS::S3::AccessGrantsInstance": { + "AWS::QuickSight::Dashboard.LineChartVisual": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartConfiguration", + "markdownDescription": "The configuration of a line chart.", + "title": "ChartConfiguration" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" }, - "Metadata": { - "type": "object" + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" }, - "Properties": { - "additionalProperties": false, - "properties": { - "IdentityCenterArn": { - "markdownDescription": "If you would like to associate your S3 Access Grants instance with an AWS IAM Identity Center instance, use this field to pass the Amazon Resource Name (ARN) of the AWS IAM Identity Center instance that you are associating with your S3 Access Grants instance. An IAM Identity Center instance is your corporate identity directory that you added to the IAM Identity Center.", - "title": "IdentityCenterArn", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The AWS resource tags that you are adding to the S3 Access Grants instance. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" }, - "Type": { - "enum": [ - "AWS::S3::AccessGrantsInstance" - ], + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", "type": "string" } }, "required": [ - "Type" + "VisualId" ], "type": "object" }, - "AWS::S3::AccessGrantsLocation": { + "AWS::QuickSight::Dashboard.LineSeriesAxisDisplayOptions": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "AxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the line series axis.", + "title": "AxisOptions" }, - "Properties": { - "additionalProperties": false, - "properties": { - "IamRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role for the registered location. S3 Access Grants assumes this role to manage access to the registered location.", - "title": "IamRoleArn", - "type": "string" - }, - "LocationScope": { - "markdownDescription": "The S3 URI path to the location that you are registering. The location scope can be the default S3 location `s3://` , the S3 path to a bucket, or the S3 path to a bucket and prefix. A prefix in S3 is a string of characters at the beginning of an object key name used to organize the objects that you store in your S3 buckets. For example, object key names that start with the `engineering/` prefix or object key names that start with the `marketing/campaigns/` prefix.", - "title": "LocationScope", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The AWS resource tags that you are adding to the S3 Access Grants location. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.", - "title": "Tags", - "type": "array" - } + "MissingDataConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MissingDataConfiguration" }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::S3::AccessGrantsLocation" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "markdownDescription": "The configuration options that determine how missing data is treated during the rendering of a line chart.", + "title": "MissingDataConfigurations", + "type": "array" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::S3::AccessPoint": { + "AWS::QuickSight::Dashboard.LinkSharingConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Bucket": { - "markdownDescription": "The name of the bucket associated with this access point.", - "title": "Bucket", - "type": "string" - }, - "BucketAccountId": { - "markdownDescription": "The AWS account ID associated with the S3 bucket associated with this access point.", - "title": "BucketAccountId", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of this access point. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the access point name.", - "title": "Name", - "type": "string" - }, - "Policy": { - "markdownDescription": "The access point policy associated with this access point.", - "title": "Policy", - "type": "object" - }, - "PublicAccessBlockConfiguration": { - "$ref": "#/definitions/AWS::S3::AccessPoint.PublicAccessBlockConfiguration", - "markdownDescription": "The PublicAccessBlock configuration that you want to apply to this Amazon S3 bucket. You can enable the configuration options in any combination. For more information about when Amazon S3 considers a bucket or object public, see [The Meaning of \"Public\"](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status) in the *Amazon S3 User Guide* .", - "title": "PublicAccessBlockConfiguration" - }, - "VpcConfiguration": { - "$ref": "#/definitions/AWS::S3::AccessPoint.VpcConfiguration", - "markdownDescription": "The Virtual Private Cloud (VPC) configuration for this access point, if one exists.", - "title": "VpcConfiguration" - } + "Permissions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ResourcePermission" }, - "required": [ - "Bucket" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::S3::AccessPoint" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "markdownDescription": "A structure that contains the permissions of a shareable link.", + "title": "Permissions", + "type": "array" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::S3::AccessPoint.PublicAccessBlockConfiguration": { + "AWS::QuickSight::Dashboard.ListControlDisplayOptions": { "additionalProperties": false, "properties": { - "BlockPublicAcls": { - "markdownDescription": "Specifies whether Amazon S3 should block public access control lists (ACLs) for this bucket and objects in this bucket. Setting this element to `TRUE` causes the following behavior:\n\n- PUT Bucket ACL and PUT Object ACL calls fail if the specified ACL is public.\n- PUT Object calls fail if the request includes a public ACL.\n- PUT Bucket calls fail if the request includes a public ACL.\n\nEnabling this setting doesn't affect existing policies or ACLs.", - "title": "BlockPublicAcls", - "type": "boolean" + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" }, - "BlockPublicPolicy": { - "markdownDescription": "Specifies whether Amazon S3 should block public bucket policies for this bucket. Setting this element to `TRUE` causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.\n\nEnabling this setting doesn't affect existing bucket policies.", - "title": "BlockPublicPolicy", - "type": "boolean" + "SearchOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ListControlSearchOptions", + "markdownDescription": "The configuration of the search options in a list control.", + "title": "SearchOptions" }, - "IgnorePublicAcls": { - "markdownDescription": "Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects in this bucket. Setting this element to `TRUE` causes Amazon S3 to ignore all public ACLs on this bucket and objects in this bucket.\n\nEnabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.", - "title": "IgnorePublicAcls", - "type": "boolean" + "SelectAllOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ListControlSelectAllOptions", + "markdownDescription": "The configuration of the `Select all` options in a list control.", + "title": "SelectAllOptions" }, - "RestrictPublicBuckets": { - "markdownDescription": "Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to `TRUE` restricts access to this bucket to only AWS service principals and authorized users within this account if the bucket has a public policy.\n\nEnabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.", - "title": "RestrictPublicBuckets", - "type": "boolean" + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" } }, "type": "object" }, - "AWS::S3::AccessPoint.VpcConfiguration": { + "AWS::QuickSight::Dashboard.ListControlSearchOptions": { "additionalProperties": false, "properties": { - "VpcId": { - "markdownDescription": "If this field is specified, the access point will only allow connections from the specified VPC ID.", - "title": "VpcId", + "Visibility": { + "markdownDescription": "The visibility configuration of the search options in a list control.", + "title": "Visibility", "type": "string" } }, "type": "object" }, - "AWS::S3::Bucket": { + "AWS::QuickSight::Dashboard.ListControlSelectAllOptions": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AccelerateConfiguration": { - "$ref": "#/definitions/AWS::S3::Bucket.AccelerateConfiguration", - "markdownDescription": "Configures the transfer acceleration state for an Amazon S3 bucket. For more information, see [Amazon S3 Transfer Acceleration](https://docs.aws.amazon.com/AmazonS3/latest/dev/transfer-acceleration.html) in the *Amazon S3 User Guide* .", - "title": "AccelerateConfiguration" - }, - "AccessControl": { - "markdownDescription": "> This is a legacy property, and it is not recommended for most use cases. A majority of modern use cases in Amazon S3 no longer require the use of ACLs, and we recommend that you keep ACLs disabled. For more information, see [Controlling object ownership](https://docs.aws.amazon.com//AmazonS3/latest/userguide/about-object-ownership.html) in the *Amazon S3 User Guide* . \n\nA canned access control list (ACL) that grants predefined permissions to the bucket. For more information about canned ACLs, see [Canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) in the *Amazon S3 User Guide* .\n\nS3 buckets are created with ACLs disabled by default. Therefore, unless you explicitly set the [AWS::S3::OwnershipControls](https://docs.aws.amazon.com//AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-ownershipcontrols.html) property to enable ACLs, your resource will fail to deploy with any value other than Private. Use cases requiring ACLs are uncommon.\n\nThe majority of access control configurations can be successfully and more easily achieved with bucket policies. For more information, see [AWS::S3::BucketPolicy](https://docs.aws.amazon.com//AWSCloudFormation/latest/UserGuide/aws-properties-s3-policy.html) . For examples of common policy configurations, including S3 Server Access Logs buckets and more, see [Bucket policy examples](https://docs.aws.amazon.com/AmazonS3/latest/userguide/example-bucket-policies.html) in the *Amazon S3 User Guide* .", - "title": "AccessControl", - "type": "string" - }, - "AnalyticsConfigurations": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.AnalyticsConfiguration" - }, - "markdownDescription": "Specifies the configuration and any analyses for the analytics filter of an Amazon S3 bucket.", - "title": "AnalyticsConfigurations", - "type": "array" - }, - "BucketEncryption": { - "$ref": "#/definitions/AWS::S3::Bucket.BucketEncryption", - "markdownDescription": "Specifies default encryption for a bucket using server-side encryption with Amazon S3-managed keys (SSE-S3), AWS KMS-managed keys (SSE-KMS), or dual-layer server-side encryption with KMS-managed keys (DSSE-KMS). For information about the Amazon S3 default encryption feature, see [Amazon S3 Default Encryption for S3 Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html) in the *Amazon S3 User Guide* .", - "title": "BucketEncryption" - }, - "BucketName": { - "markdownDescription": "A name for the bucket. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the bucket name. The bucket name must contain only lowercase letters, numbers, periods (.), and dashes (-) and must follow [Amazon S3 bucket restrictions and limitations](https://docs.aws.amazon.com/AmazonS3/latest/dev/BucketRestrictions.html) . For more information, see [Rules for naming Amazon S3 buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html) in the *Amazon S3 User Guide* .\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you need to replace the resource, specify a new name.", - "title": "BucketName", - "type": "string" - }, - "CorsConfiguration": { - "$ref": "#/definitions/AWS::S3::Bucket.CorsConfiguration", - "markdownDescription": "Describes the cross-origin access configuration for objects in an Amazon S3 bucket. For more information, see [Enabling Cross-Origin Resource Sharing](https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html) in the *Amazon S3 User Guide* .", - "title": "CorsConfiguration" - }, - "IntelligentTieringConfigurations": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.IntelligentTieringConfiguration" - }, - "markdownDescription": "Defines how Amazon S3 handles Intelligent-Tiering storage.", - "title": "IntelligentTieringConfigurations", - "type": "array" - }, - "InventoryConfigurations": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.InventoryConfiguration" - }, - "markdownDescription": "Specifies the inventory configuration for an Amazon S3 bucket. For more information, see [GET Bucket inventory](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketGETInventoryConfig.html) in the *Amazon S3 API Reference* .", - "title": "InventoryConfigurations", - "type": "array" - }, - "LifecycleConfiguration": { - "$ref": "#/definitions/AWS::S3::Bucket.LifecycleConfiguration", - "markdownDescription": "Specifies the lifecycle configuration for objects in an Amazon S3 bucket. For more information, see [Object Lifecycle Management](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html) in the *Amazon S3 User Guide* .", - "title": "LifecycleConfiguration" - }, - "LoggingConfiguration": { - "$ref": "#/definitions/AWS::S3::Bucket.LoggingConfiguration", - "markdownDescription": "Settings that define where logs are stored.", - "title": "LoggingConfiguration" - }, - "MetricsConfigurations": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.MetricsConfiguration" - }, - "markdownDescription": "Specifies a metrics configuration for the CloudWatch request metrics (specified by the metrics configuration ID) from an Amazon S3 bucket. If you're updating an existing metrics configuration, note that this is a full replacement of the existing metrics configuration. If you don't include the elements you want to keep, they are erased. For more information, see [PutBucketMetricsConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTMetricConfiguration.html) .", - "title": "MetricsConfigurations", - "type": "array" - }, - "NotificationConfiguration": { - "$ref": "#/definitions/AWS::S3::Bucket.NotificationConfiguration", - "markdownDescription": "Configuration that defines how Amazon S3 handles bucket notifications.", - "title": "NotificationConfiguration" - }, - "ObjectLockConfiguration": { - "$ref": "#/definitions/AWS::S3::Bucket.ObjectLockConfiguration", - "markdownDescription": "> This operation is not supported for directory buckets. \n\nPlaces an Object Lock configuration on the specified bucket. The rule specified in the Object Lock configuration will be applied by default to every new object placed in the specified bucket. For more information, see [Locking Objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html) .\n\n> - The `DefaultRetention` settings require both a mode and a period.\n> - The `DefaultRetention` period can be either `Days` or `Years` but you must select one. You cannot specify `Days` and `Years` at the same time.\n> - You can enable Object Lock for new or existing buckets. For more information, see [Configuring Object Lock](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock-configure.html) .", - "title": "ObjectLockConfiguration" - }, - "ObjectLockEnabled": { - "markdownDescription": "Indicates whether this bucket has an Object Lock configuration enabled. Enable `ObjectLockEnabled` when you apply `ObjectLockConfiguration` to a bucket.", - "title": "ObjectLockEnabled", - "type": "boolean" - }, - "OwnershipControls": { - "$ref": "#/definitions/AWS::S3::Bucket.OwnershipControls", - "markdownDescription": "Configuration that defines how Amazon S3 handles Object Ownership rules.", - "title": "OwnershipControls" - }, - "PublicAccessBlockConfiguration": { - "$ref": "#/definitions/AWS::S3::Bucket.PublicAccessBlockConfiguration", - "markdownDescription": "Configuration that defines how Amazon S3 handles public access.", - "title": "PublicAccessBlockConfiguration" - }, - "ReplicationConfiguration": { - "$ref": "#/definitions/AWS::S3::Bucket.ReplicationConfiguration", - "markdownDescription": "Configuration for replicating objects in an S3 bucket. To enable replication, you must also enable versioning by using the `VersioningConfiguration` property.\n\nAmazon S3 can store replicated objects in a single destination bucket or multiple destination buckets. The destination bucket or buckets must already exist.", - "title": "ReplicationConfiguration" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An arbitrary set of tags (key-value pairs) for this S3 bucket.", - "title": "Tags", - "type": "array" - }, - "VersioningConfiguration": { - "$ref": "#/definitions/AWS::S3::Bucket.VersioningConfiguration", - "markdownDescription": "Enables multiple versions of all objects in this bucket. You might enable versioning to prevent objects from being deleted or overwritten by mistake or to archive objects so that you can retrieve previous versions of them.\n\n> When you enable versioning on a bucket for the first time, it might take a short amount of time for the change to be fully propagated. We recommend that you wait for 15 minutes after enabling versioning before issuing write operations ( `PUT` or `DELETE` ) on objects in the bucket.", - "title": "VersioningConfiguration" - }, - "WebsiteConfiguration": { - "$ref": "#/definitions/AWS::S3::Bucket.WebsiteConfiguration", - "markdownDescription": "Information used to configure the bucket as a static website. For more information, see [Hosting Websites on Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html) .", - "title": "WebsiteConfiguration" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::S3::Bucket" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Visibility": { + "markdownDescription": "The visibility configuration of the `Select all` options in a list control.", + "title": "Visibility", "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::S3::Bucket.AbortIncompleteMultipartUpload": { + "AWS::QuickSight::Dashboard.LoadingAnimation": { "additionalProperties": false, "properties": { - "DaysAfterInitiation": { - "markdownDescription": "Specifies the number of days after which Amazon S3 stops an incomplete multipart upload.", - "title": "DaysAfterInitiation", - "type": "number" + "Visibility": { + "markdownDescription": "The visibility configuration of `LoadingAnimation` .", + "title": "Visibility", + "type": "string" } }, - "required": [ - "DaysAfterInitiation" - ], "type": "object" }, - "AWS::S3::Bucket.AccelerateConfiguration": { + "AWS::QuickSight::Dashboard.LocalNavigationConfiguration": { "additionalProperties": false, "properties": { - "AccelerationStatus": { - "markdownDescription": "Specifies the transfer acceleration status of the bucket.", - "title": "AccelerationStatus", + "TargetSheetId": { + "markdownDescription": "The sheet that is targeted for navigation in the same analysis.", + "title": "TargetSheetId", "type": "string" } }, "required": [ - "AccelerationStatus" + "TargetSheetId" ], "type": "object" }, - "AWS::S3::Bucket.AccessControlTranslation": { + "AWS::QuickSight::Dashboard.LongFormatText": { "additionalProperties": false, "properties": { - "Owner": { - "markdownDescription": "Specifies the replica ownership. For default and valid values, see [PUT bucket replication](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTreplication.html) in the *Amazon S3 API Reference* .", - "title": "Owner", + "PlainText": { + "markdownDescription": "Plain text format.", + "title": "PlainText", + "type": "string" + }, + "RichText": { + "markdownDescription": "Rich text. Examples of rich text include bold, underline, and italics.", + "title": "RichText", "type": "string" } }, - "required": [ - "Owner" - ], "type": "object" }, - "AWS::S3::Bucket.AnalyticsConfiguration": { + "AWS::QuickSight::Dashboard.MappedDataSetParameter": { "additionalProperties": false, "properties": { - "Id": { - "markdownDescription": "The ID that identifies the analytics configuration.", - "title": "Id", + "DataSetIdentifier": { + "markdownDescription": "A unique name that identifies a dataset within the analysis or dashboard.", + "title": "DataSetIdentifier", "type": "string" }, - "Prefix": { - "markdownDescription": "The prefix that an object must have to be included in the analytics results.", - "title": "Prefix", + "DataSetParameterName": { + "markdownDescription": "The name of the dataset parameter.", + "title": "DataSetParameterName", "type": "string" - }, - "StorageClassAnalysis": { - "$ref": "#/definitions/AWS::S3::Bucket.StorageClassAnalysis", - "markdownDescription": "Contains data related to access patterns to be collected and made available to analyze the tradeoffs between different storage classes.", - "title": "StorageClassAnalysis" - }, - "TagFilters": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.TagFilter" - }, - "markdownDescription": "The tags to use when evaluating an analytics filter.\n\nThe analytics only includes objects that meet the filter's criteria. If no filter is specified, all of the contents of the bucket are included in the analysis.", - "title": "TagFilters", - "type": "array" } }, "required": [ - "Id", - "StorageClassAnalysis" + "DataSetIdentifier", + "DataSetParameterName" ], "type": "object" }, - "AWS::S3::Bucket.BucketEncryption": { + "AWS::QuickSight::Dashboard.MaximumLabelType": { "additionalProperties": false, "properties": { - "ServerSideEncryptionConfiguration": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.ServerSideEncryptionRule" - }, - "markdownDescription": "Specifies the default server-side-encryption configuration.", - "title": "ServerSideEncryptionConfiguration", - "type": "array" + "Visibility": { + "markdownDescription": "The visibility of the maximum label.", + "title": "Visibility", + "type": "string" } }, - "required": [ - "ServerSideEncryptionConfiguration" - ], "type": "object" }, - "AWS::S3::Bucket.CorsConfiguration": { + "AWS::QuickSight::Dashboard.MaximumMinimumComputation": { "additionalProperties": false, "properties": { - "CorsRules": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.CorsRule" - }, - "markdownDescription": "A set of origins and methods (cross-origin access that you want to allow). You can add up to 100 rules to the configuration.", - "title": "CorsRules", - "type": "array" + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + }, + "Type": { + "markdownDescription": "The type of computation. Choose one of the following options:\n\n- MAXIMUM: A maximum computation.\n- MINIMUM: A minimum computation.", + "title": "Type", + "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" } }, "required": [ - "CorsRules" + "ComputationId", + "Type" ], "type": "object" }, - "AWS::S3::Bucket.CorsRule": { + "AWS::QuickSight::Dashboard.MeasureField": { "additionalProperties": false, "properties": { - "AllowedHeaders": { - "items": { - "type": "string" - }, - "markdownDescription": "Headers that are specified in the `Access-Control-Request-Headers` header. These headers are allowed in a preflight OPTIONS request. In response to any preflight OPTIONS request, Amazon S3 returns any requested headers that are allowed.", - "title": "AllowedHeaders", - "type": "array" + "CalculatedMeasureField": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CalculatedMeasureField", + "markdownDescription": "The calculated measure field only used in pivot tables.", + "title": "CalculatedMeasureField" }, - "AllowedMethods": { - "items": { - "type": "string" - }, - "markdownDescription": "An HTTP method that you allow the origin to run.\n\n*Allowed values* : `GET` | `PUT` | `HEAD` | `POST` | `DELETE`", - "title": "AllowedMethods", - "type": "array" + "CategoricalMeasureField": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CategoricalMeasureField", + "markdownDescription": "The measure type field with categorical type columns.", + "title": "CategoricalMeasureField" }, - "AllowedOrigins": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more origins you want customers to be able to access the bucket from.", - "title": "AllowedOrigins", - "type": "array" + "DateMeasureField": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateMeasureField", + "markdownDescription": "The measure type field with date type columns.", + "title": "DateMeasureField" }, - "ExposedHeaders": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript `XMLHttpRequest` object).", - "title": "ExposedHeaders", - "type": "array" + "NumericalMeasureField": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericalMeasureField", + "markdownDescription": "The measure type field with numerical type columns.", + "title": "NumericalMeasureField" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.MetricComparisonComputation": { + "additionalProperties": false, + "properties": { + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" }, - "Id": { - "markdownDescription": "A unique identifier for this rule. The value must be no more than 255 characters.", - "title": "Id", + "FromValue": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", + "markdownDescription": "The field that is used in a metric comparison from value setup.", + "title": "FromValue" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", "type": "string" }, - "MaxAge": { - "markdownDescription": "The time in seconds that your browser is to cache the preflight response for the specified resource.", - "title": "MaxAge", - "type": "number" + "TargetValue": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", + "markdownDescription": "The field that is used in a metric comparison to value setup.", + "title": "TargetValue" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" } }, "required": [ - "AllowedMethods", - "AllowedOrigins" + "ComputationId" ], "type": "object" }, - "AWS::S3::Bucket.DataExport": { + "AWS::QuickSight::Dashboard.MinimumLabelType": { "additionalProperties": false, "properties": { - "Destination": { - "$ref": "#/definitions/AWS::S3::Bucket.Destination", - "markdownDescription": "The place to store the data for an analysis.", - "title": "Destination" - }, - "OutputSchemaVersion": { - "markdownDescription": "The version of the output schema to use when exporting data. Must be `V_1` .", - "title": "OutputSchemaVersion", + "Visibility": { + "markdownDescription": "The visibility of the minimum label.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.MissingDataConfiguration": { + "additionalProperties": false, + "properties": { + "TreatmentOption": { + "markdownDescription": "The treatment option that determines how missing data should be rendered. Choose from the following options:\n\n- `INTERPOLATE` : Interpolate missing values between the prior and the next known value.\n- `SHOW_AS_ZERO` : Show missing values as the value `0` .\n- `SHOW_AS_BLANK` : Display a blank space when rendering missing data.", + "title": "TreatmentOption", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.NegativeValueConfiguration": { + "additionalProperties": false, + "properties": { + "DisplayMode": { + "markdownDescription": "Determines the display mode of the negative value configuration.", + "title": "DisplayMode", "type": "string" } }, "required": [ - "Destination", - "OutputSchemaVersion" + "DisplayMode" ], "type": "object" }, - "AWS::S3::Bucket.DefaultRetention": { + "AWS::QuickSight::Dashboard.NestedFilter": { "additionalProperties": false, "properties": { - "Days": { - "markdownDescription": "The number of days that you want to specify for the default retention period. If Object Lock is turned on, you must specify `Mode` and specify either `Days` or `Years` .", - "title": "Days", - "type": "number" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" }, - "Mode": { - "markdownDescription": "The default Object Lock retention mode you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, you must specify `Mode` and specify either `Days` or `Years` .", - "title": "Mode", + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", "type": "string" }, - "Years": { - "markdownDescription": "The number of years that you want to specify for the default retention period. If Object Lock is turned on, you must specify `Mode` and specify either `Days` or `Years` .", - "title": "Years", - "type": "number" + "IncludeInnerSet": { + "markdownDescription": "A boolean condition to include or exclude the subset that is defined by the values of the nested inner filter.", + "title": "IncludeInnerSet", + "type": "boolean" + }, + "InnerFilter": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.InnerFilter", + "markdownDescription": "The `InnerFilter` defines the subset of data to be used with the `NestedFilter` .", + "title": "InnerFilter" } }, + "required": [ + "Column", + "FilterId", + "IncludeInnerSet", + "InnerFilter" + ], "type": "object" }, - "AWS::S3::Bucket.DeleteMarkerReplication": { + "AWS::QuickSight::Dashboard.NullValueFormatConfiguration": { "additionalProperties": false, "properties": { - "Status": { - "markdownDescription": "Indicates whether to replicate delete markers. Disabled by default.", - "title": "Status", + "NullString": { + "markdownDescription": "Determines the null string of null values.", + "title": "NullString", "type": "string" } }, + "required": [ + "NullString" + ], "type": "object" }, - "AWS::S3::Bucket.Destination": { + "AWS::QuickSight::Dashboard.NumberDisplayFormatConfiguration": { "additionalProperties": false, "properties": { - "BucketAccountId": { - "markdownDescription": "The account ID that owns the destination S3 bucket. If no account ID is provided, the owner is not validated before exporting data.\n\n> Although this value is optional, we strongly recommend that you set it to help prevent problems if the destination bucket ownership changes.", - "title": "BucketAccountId", - "type": "string" + "DecimalPlacesConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalPlacesConfiguration", + "markdownDescription": "The option that determines the decimal places configuration.", + "title": "DecimalPlacesConfiguration" }, - "BucketArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the bucket to which data is exported.", - "title": "BucketArn", - "type": "string" + "NegativeValueConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NegativeValueConfiguration", + "markdownDescription": "The options that determine the negative value configuration.", + "title": "NegativeValueConfiguration" }, - "Format": { - "markdownDescription": "Specifies the file format used when exporting data to Amazon S3.\n\n*Allowed values* : `CSV` | `ORC` | `Parquet`", - "title": "Format", + "NullValueFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NullValueFormatConfiguration", + "markdownDescription": "The options that determine the null value format configuration.", + "title": "NullValueFormatConfiguration" + }, + "NumberScale": { + "markdownDescription": "Determines the number scale value of the number format.", + "title": "NumberScale", "type": "string" }, "Prefix": { - "markdownDescription": "The prefix to use when exporting data. The prefix is prepended to all results.", + "markdownDescription": "Determines the prefix value of the number format.", "title": "Prefix", "type": "string" + }, + "SeparatorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericSeparatorConfiguration", + "markdownDescription": "The options that determine the numeric separator configuration.", + "title": "SeparatorConfiguration" + }, + "Suffix": { + "markdownDescription": "Determines the suffix value of the number format.", + "title": "Suffix", + "type": "string" } }, - "required": [ - "BucketArn", - "Format" - ], "type": "object" }, - "AWS::S3::Bucket.EncryptionConfiguration": { + "AWS::QuickSight::Dashboard.NumberFormatConfiguration": { "additionalProperties": false, "properties": { - "ReplicaKmsKeyID": { - "markdownDescription": "Specifies the ID (Key ARN or Alias ARN) of the customer managed AWS KMS key stored in AWS Key Management Service (KMS) for the destination bucket. Amazon S3 uses this key to encrypt replica objects. Amazon S3 only supports symmetric encryption KMS keys. For more information, see [Asymmetric keys in AWS KMS](https://docs.aws.amazon.com//kms/latest/developerguide/symmetric-asymmetric.html) in the *AWS Key Management Service Developer Guide* .", - "title": "ReplicaKmsKeyID", - "type": "string" + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericFormatConfiguration", + "markdownDescription": "The options that determine the numeric format configuration.", + "title": "FormatConfiguration" } }, - "required": [ - "ReplicaKmsKeyID" - ], "type": "object" }, - "AWS::S3::Bucket.EventBridgeConfiguration": { + "AWS::QuickSight::Dashboard.NumericAxisOptions": { "additionalProperties": false, "properties": { - "EventBridgeEnabled": { - "markdownDescription": "Enables delivery of events to Amazon EventBridge.", - "title": "EventBridgeEnabled", - "type": "boolean" + "Range": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayRange", + "markdownDescription": "The range setup of a numeric axis.", + "title": "Range" + }, + "Scale": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisScale", + "markdownDescription": "The scale setup of a numeric axis.", + "title": "Scale" } }, - "required": [ - "EventBridgeEnabled" - ], "type": "object" }, - "AWS::S3::Bucket.FilterRule": { + "AWS::QuickSight::Dashboard.NumericEqualityDrillDownFilter": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The object key name prefix or suffix identifying one or more objects to which the filtering rule applies. The maximum length is 1,024 characters. Overlapping prefixes and suffixes are not supported. For more information, see [Configuring Event Notifications](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide* .", - "title": "Name", - "type": "string" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" }, "Value": { - "markdownDescription": "The value that the filter searches for in object key names.", + "markdownDescription": "The value of the double input numeric drill down filter.", "title": "Value", - "type": "string" + "type": "number" } }, "required": [ - "Name", + "Column", "Value" ], "type": "object" }, - "AWS::S3::Bucket.IntelligentTieringConfiguration": { + "AWS::QuickSight::Dashboard.NumericEqualityFilter": { "additionalProperties": false, "properties": { - "Id": { - "markdownDescription": "The ID used to identify the S3 Intelligent-Tiering configuration.", - "title": "Id", + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationFunction", + "markdownDescription": "The aggregation function of the filter.", + "title": "AggregationFunction" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", "type": "string" }, - "Prefix": { - "markdownDescription": "An object key name prefix that identifies the subset of objects to which the rule applies.", - "title": "Prefix", + "MatchOperator": { + "markdownDescription": "The match operator that is used to determine if a filter should be applied.", + "title": "MatchOperator", "type": "string" }, - "Status": { - "markdownDescription": "Specifies the status of the configuration.", - "title": "Status", + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", "type": "string" }, - "TagFilters": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.TagFilter" - }, - "markdownDescription": "A container for a key-value pair.", - "title": "TagFilters", - "type": "array" + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.", + "title": "ParameterName", + "type": "string" }, - "Tierings": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.Tiering" - }, - "markdownDescription": "Specifies a list of S3 Intelligent-Tiering storage class tiers in the configuration. At least one tier must be defined in the list. At most, you can specify two tiers in the list, one for each available AccessTier: `ARCHIVE_ACCESS` and `DEEP_ARCHIVE_ACCESS` .\n\n> You only need Intelligent Tiering Configuration enabled on a bucket if you want to automatically move objects stored in the Intelligent-Tiering storage class to Archive Access or Deep Archive Access tiers.", - "title": "Tierings", - "type": "array" + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", + "type": "string" + }, + "Value": { + "markdownDescription": "The input value.", + "title": "Value", + "type": "number" } }, "required": [ - "Id", - "Status", - "Tierings" + "Column", + "FilterId", + "MatchOperator", + "NullOption" ], "type": "object" }, - "AWS::S3::Bucket.InventoryConfiguration": { + "AWS::QuickSight::Dashboard.NumericFormatConfiguration": { "additionalProperties": false, "properties": { - "Destination": { - "$ref": "#/definitions/AWS::S3::Bucket.Destination", - "markdownDescription": "Contains information about where to publish the inventory results.", - "title": "Destination" - }, - "Enabled": { - "markdownDescription": "Specifies whether the inventory is enabled or disabled. If set to `True` , an inventory list is generated. If set to `False` , no inventory list is generated.", - "title": "Enabled", - "type": "boolean" - }, - "Id": { - "markdownDescription": "The ID used to identify the inventory configuration.", - "title": "Id", - "type": "string" - }, - "IncludedObjectVersions": { - "markdownDescription": "Object versions to include in the inventory list. If set to `All` , the list includes all the object versions, which adds the version-related fields `VersionId` , `IsLatest` , and `DeleteMarker` to the list. If set to `Current` , the list does not contain these version-related fields.", - "title": "IncludedObjectVersions", - "type": "string" - }, - "OptionalFields": { - "items": { - "type": "string" - }, - "markdownDescription": "Contains the optional fields that are included in the inventory results.", - "title": "OptionalFields", - "type": "array" + "CurrencyDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CurrencyDisplayFormatConfiguration", + "markdownDescription": "The options that determine the currency display format configuration.", + "title": "CurrencyDisplayFormatConfiguration" }, - "Prefix": { - "markdownDescription": "Specifies the inventory filter prefix.", - "title": "Prefix", - "type": "string" + "NumberDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumberDisplayFormatConfiguration", + "markdownDescription": "The options that determine the number display format configuration.", + "title": "NumberDisplayFormatConfiguration" }, - "ScheduleFrequency": { - "markdownDescription": "Specifies the schedule for generating inventory results.", - "title": "ScheduleFrequency", - "type": "string" + "PercentageDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PercentageDisplayFormatConfiguration", + "markdownDescription": "The options that determine the percentage display format configuration.", + "title": "PercentageDisplayFormatConfiguration" } }, - "required": [ - "Destination", - "Enabled", - "Id", - "IncludedObjectVersions", - "ScheduleFrequency" - ], "type": "object" }, - "AWS::S3::Bucket.LambdaConfiguration": { + "AWS::QuickSight::Dashboard.NumericRangeFilter": { "additionalProperties": false, "properties": { - "Event": { - "markdownDescription": "The Amazon S3 bucket event for which to invoke the AWS Lambda function. For more information, see [Supported Event Types](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide* .", - "title": "Event", + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationFunction", + "markdownDescription": "The aggregation function of the filter.", + "title": "AggregationFunction" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", "type": "string" }, - "Filter": { - "$ref": "#/definitions/AWS::S3::Bucket.NotificationFilter", - "markdownDescription": "The filtering rules that determine which objects invoke the AWS Lambda function. For example, you can create a filter so that only image files with a `.jpg` extension invoke the function when they are added to the Amazon S3 bucket.", - "title": "Filter" + "IncludeMaximum": { + "markdownDescription": "Determines whether the maximum value in the filter value range should be included in the filtered results.", + "title": "IncludeMaximum", + "type": "boolean" }, - "Function": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Lambda function that Amazon S3 invokes when the specified event type occurs.", - "title": "Function", + "IncludeMinimum": { + "markdownDescription": "Determines whether the minimum value in the filter value range should be included in the filtered results.", + "title": "IncludeMinimum", + "type": "boolean" + }, + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" + }, + "RangeMaximum": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericRangeFilterValue", + "markdownDescription": "The maximum value for the filter value range.", + "title": "RangeMaximum" + }, + "RangeMinimum": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericRangeFilterValue", + "markdownDescription": "The minimum value for the filter value range.", + "title": "RangeMinimum" + }, + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", "type": "string" } }, "required": [ - "Event", - "Function" + "Column", + "FilterId", + "NullOption" ], "type": "object" }, - "AWS::S3::Bucket.LifecycleConfiguration": { + "AWS::QuickSight::Dashboard.NumericRangeFilterValue": { "additionalProperties": false, "properties": { - "Rules": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.Rule" - }, - "markdownDescription": "A lifecycle rule for individual objects in an Amazon S3 bucket.", - "title": "Rules", - "type": "array" + "Parameter": { + "markdownDescription": "The parameter that is used in the numeric range.", + "title": "Parameter", + "type": "string" + }, + "StaticValue": { + "markdownDescription": "The static value of the numeric range filter.", + "title": "StaticValue", + "type": "number" } }, - "required": [ - "Rules" - ], "type": "object" }, - "AWS::S3::Bucket.LoggingConfiguration": { + "AWS::QuickSight::Dashboard.NumericSeparatorConfiguration": { "additionalProperties": false, "properties": { - "DestinationBucketName": { - "markdownDescription": "The name of the bucket where Amazon S3 should store server access log files. You can store log files in any bucket that you own. By default, logs are stored in the bucket where the `LoggingConfiguration` property is defined.", - "title": "DestinationBucketName", - "type": "string" - }, - "LogFilePrefix": { - "markdownDescription": "A prefix for all log object keys. If you store log files from multiple Amazon S3 buckets in a single bucket, you can use a prefix to distinguish which log files came from which bucket.", - "title": "LogFilePrefix", + "DecimalSeparator": { + "markdownDescription": "Determines the decimal separator.", + "title": "DecimalSeparator", "type": "string" }, - "TargetObjectKeyFormat": { - "$ref": "#/definitions/AWS::S3::Bucket.TargetObjectKeyFormat", - "markdownDescription": "Amazon S3 key format for log objects. Only one format, either PartitionedPrefix or SimplePrefix, is allowed.", - "title": "TargetObjectKeyFormat" + "ThousandsSeparator": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ThousandSeparatorOptions", + "markdownDescription": "The options that determine the thousands separator configuration.", + "title": "ThousandsSeparator" } }, "type": "object" }, - "AWS::S3::Bucket.Metrics": { + "AWS::QuickSight::Dashboard.NumericalAggregationFunction": { "additionalProperties": false, "properties": { - "EventThreshold": { - "$ref": "#/definitions/AWS::S3::Bucket.ReplicationTimeValue", - "markdownDescription": "A container specifying the time threshold for emitting the `s3:Replication:OperationMissedThreshold` event.", - "title": "EventThreshold" + "PercentileAggregation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PercentileAggregation", + "markdownDescription": "An aggregation based on the percentile of values in a dimension or measure.", + "title": "PercentileAggregation" }, - "Status": { - "markdownDescription": "Specifies whether the replication metrics are enabled.", - "title": "Status", + "SimpleNumericalAggregation": { + "markdownDescription": "Built-in aggregation functions for numerical values.\n\n- `SUM` : The sum of a dimension or measure.\n- `AVERAGE` : The average of a dimension or measure.\n- `MIN` : The minimum value of a dimension or measure.\n- `MAX` : The maximum value of a dimension or measure.\n- `COUNT` : The count of a dimension or measure.\n- `DISTINCT_COUNT` : The count of distinct values in a dimension or measure.\n- `VAR` : The variance of a dimension or measure.\n- `VARP` : The partitioned variance of a dimension or measure.\n- `STDEV` : The standard deviation of a dimension or measure.\n- `STDEVP` : The partitioned standard deviation of a dimension or measure.\n- `MEDIAN` : The median value of a dimension or measure.", + "title": "SimpleNumericalAggregation", "type": "string" } }, - "required": [ - "Status" - ], "type": "object" }, - "AWS::S3::Bucket.MetricsConfiguration": { + "AWS::QuickSight::Dashboard.NumericalDimensionField": { "additionalProperties": false, "properties": { - "AccessPointArn": { - "markdownDescription": "The access point that was used while performing operations on the object. The metrics configuration only includes objects that meet the filter's criteria.", - "title": "AccessPointArn", - "type": "string" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that is used in the `NumericalDimensionField` .", + "title": "Column" }, - "Id": { - "markdownDescription": "The ID used to identify the metrics configuration. This can be any value you choose that helps you identify your metrics configuration.", - "title": "Id", + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", "type": "string" }, - "Prefix": { - "markdownDescription": "The prefix that an object must have to be included in the metrics results.", - "title": "Prefix", - "type": "string" + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumberFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" }, - "TagFilters": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.TagFilter" - }, - "markdownDescription": "Specifies a list of tag filters to use as a metrics configuration filter. The metrics configuration includes only objects that meet the filter's criteria.", - "title": "TagFilters", - "type": "array" + "HierarchyId": { + "markdownDescription": "The custom hierarchy ID.", + "title": "HierarchyId", + "type": "string" } }, "required": [ - "Id" + "Column", + "FieldId" ], "type": "object" }, - "AWS::S3::Bucket.NoncurrentVersionExpiration": { + "AWS::QuickSight::Dashboard.NumericalMeasureField": { "additionalProperties": false, "properties": { - "NewerNoncurrentVersions": { - "markdownDescription": "Specifies how many noncurrent versions Amazon S3 will retain. If there are this many more recent noncurrent versions, Amazon S3 will take the associated action. For more information about noncurrent versions, see [Lifecycle configuration elements](https://docs.aws.amazon.com/AmazonS3/latest/userguide/intro-lifecycle-rules.html) in the *Amazon S3 User Guide* .", - "title": "NewerNoncurrentVersions", - "type": "number" + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericalAggregationFunction", + "markdownDescription": "The aggregation function of the measure field.", + "title": "AggregationFunction" }, - "NoncurrentDays": { - "markdownDescription": "Specifies the number of days an object is noncurrent before Amazon S3 can perform the associated action. For information about the noncurrent days calculations, see [How Amazon S3 Calculates When an Object Became Noncurrent](https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecycle-rules.html#non-current-days-calculations) in the *Amazon S3 User Guide* .", - "title": "NoncurrentDays", - "type": "number" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that is used in the `NumericalMeasureField` .", + "title": "Column" + }, + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumberFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" } }, "required": [ - "NoncurrentDays" + "Column", + "FieldId" ], "type": "object" }, - "AWS::S3::Bucket.NoncurrentVersionTransition": { + "AWS::QuickSight::Dashboard.PaginationConfiguration": { "additionalProperties": false, "properties": { - "NewerNoncurrentVersions": { - "markdownDescription": "Specifies how many noncurrent versions Amazon S3 will retain. If there are this many more recent noncurrent versions, Amazon S3 will take the associated action. For more information about noncurrent versions, see [Lifecycle configuration elements](https://docs.aws.amazon.com/AmazonS3/latest/userguide/intro-lifecycle-rules.html) in the *Amazon S3 User Guide* .", - "title": "NewerNoncurrentVersions", + "PageNumber": { + "markdownDescription": "Indicates the page number.", + "title": "PageNumber", "type": "number" }, - "StorageClass": { - "markdownDescription": "The class of storage used to store the object.", - "title": "StorageClass", - "type": "string" - }, - "TransitionInDays": { - "markdownDescription": "Specifies the number of days an object is noncurrent before Amazon S3 can perform the associated action. For information about the noncurrent days calculations, see [How Amazon S3 Calculates How Long an Object Has Been Noncurrent](https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecycle-rules.html#non-current-days-calculations) in the *Amazon S3 User Guide* .", - "title": "TransitionInDays", + "PageSize": { + "markdownDescription": "Indicates how many items render in one page.", + "title": "PageSize", "type": "number" } }, "required": [ - "StorageClass", - "TransitionInDays" + "PageNumber", + "PageSize" ], "type": "object" }, - "AWS::S3::Bucket.NotificationConfiguration": { + "AWS::QuickSight::Dashboard.PanelConfiguration": { "additionalProperties": false, "properties": { - "EventBridgeConfiguration": { - "$ref": "#/definitions/AWS::S3::Bucket.EventBridgeConfiguration", - "markdownDescription": "Enables delivery of events to Amazon EventBridge.", - "title": "EventBridgeConfiguration" + "BackgroundColor": { + "markdownDescription": "Sets the background color for each panel.", + "title": "BackgroundColor", + "type": "string" }, - "LambdaConfigurations": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.LambdaConfiguration" - }, - "markdownDescription": "Describes the AWS Lambda functions to invoke and the events for which to invoke them.", - "title": "LambdaConfigurations", - "type": "array" + "BackgroundVisibility": { + "markdownDescription": "Determines whether or not a background for each small multiples panel is rendered.", + "title": "BackgroundVisibility", + "type": "string" }, - "QueueConfigurations": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.QueueConfiguration" - }, - "markdownDescription": "The Amazon Simple Queue Service queues to publish messages to and the events for which to publish messages.", - "title": "QueueConfigurations", - "type": "array" + "BorderColor": { + "markdownDescription": "Sets the line color of panel borders.", + "title": "BorderColor", + "type": "string" }, - "TopicConfigurations": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.TopicConfiguration" - }, - "markdownDescription": "The topic to which notifications are sent and the events for which notifications are generated.", - "title": "TopicConfigurations", - "type": "array" - } - }, - "type": "object" - }, - "AWS::S3::Bucket.NotificationFilter": { - "additionalProperties": false, - "properties": { - "S3Key": { - "$ref": "#/definitions/AWS::S3::Bucket.S3KeyFilter", - "markdownDescription": "A container for object key name prefix and suffix filtering rules.", - "title": "S3Key" - } - }, - "required": [ - "S3Key" - ], - "type": "object" - }, - "AWS::S3::Bucket.ObjectLockConfiguration": { - "additionalProperties": false, - "properties": { - "ObjectLockEnabled": { - "markdownDescription": "Indicates whether this bucket has an Object Lock configuration enabled. Enable `ObjectLockEnabled` when you apply `ObjectLockConfiguration` to a bucket.", - "title": "ObjectLockEnabled", + "BorderStyle": { + "markdownDescription": "Sets the line style of panel borders.", + "title": "BorderStyle", "type": "string" }, - "Rule": { - "$ref": "#/definitions/AWS::S3::Bucket.ObjectLockRule", - "markdownDescription": "Specifies the Object Lock rule for the specified object. Enable this rule when you apply `ObjectLockConfiguration` to a bucket. If Object Lock is turned on, bucket settings require both `Mode` and a period of either `Days` or `Years` . You cannot specify `Days` and `Years` at the same time. For more information, see [ObjectLockRule](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-objectlockrule.html) and [DefaultRetention](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-defaultretention.html) .", - "title": "Rule" - } - }, - "type": "object" - }, - "AWS::S3::Bucket.ObjectLockRule": { - "additionalProperties": false, - "properties": { - "DefaultRetention": { - "$ref": "#/definitions/AWS::S3::Bucket.DefaultRetention", - "markdownDescription": "The default Object Lock retention mode and period that you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, bucket settings require both `Mode` and a period of either `Days` or `Years` . You cannot specify `Days` and `Years` at the same time. For more information about allowable values for mode and period, see [DefaultRetention](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-defaultretention.html) .", - "title": "DefaultRetention" - } - }, - "type": "object" - }, - "AWS::S3::Bucket.OwnershipControls": { - "additionalProperties": false, - "properties": { - "Rules": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.OwnershipControlsRule" - }, - "markdownDescription": "Specifies the container element for Object Ownership rules.", - "title": "Rules", - "type": "array" - } - }, - "required": [ - "Rules" - ], - "type": "object" - }, - "AWS::S3::Bucket.OwnershipControlsRule": { - "additionalProperties": false, - "properties": { - "ObjectOwnership": { - "markdownDescription": "Specifies an object ownership rule.", - "title": "ObjectOwnership", + "BorderThickness": { + "markdownDescription": "Sets the line thickness of panel borders.", + "title": "BorderThickness", + "type": "string" + }, + "BorderVisibility": { + "markdownDescription": "Determines whether or not each panel displays a border.", + "title": "BorderVisibility", + "type": "string" + }, + "GutterSpacing": { + "markdownDescription": "Sets the total amount of negative space to display between sibling panels.", + "title": "GutterSpacing", "type": "string" + }, + "GutterVisibility": { + "markdownDescription": "Determines whether or not negative space between sibling panels is rendered.", + "title": "GutterVisibility", + "type": "string" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PanelTitleOptions", + "markdownDescription": "Configures the title display within each small multiples panel.", + "title": "Title" } }, "type": "object" }, - "AWS::S3::Bucket.PartitionedPrefix": { + "AWS::QuickSight::Dashboard.PanelTitleOptions": { "additionalProperties": false, "properties": { - "PartitionDateSource": { - "markdownDescription": "Specifies the partition date source for the partitioned prefix. `PartitionDateSource` can be `EventTime` or `DeliveryTime` .\n\nFor `DeliveryTime` , the time in the log file names corresponds to the delivery time for the log files.\n\nFor `EventTime` , The logs delivered are for a specific day only. The year, month, and day correspond to the day on which the event occurred, and the hour, minutes and seconds are set to 00 in the key.", - "title": "PartitionDateSource", + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", + "markdownDescription": "", + "title": "FontConfiguration" + }, + "HorizontalTextAlignment": { + "markdownDescription": "Sets the horizontal text alignment of the title within each panel.", + "title": "HorizontalTextAlignment", + "type": "string" + }, + "Visibility": { + "markdownDescription": "Determines whether or not panel titles are displayed.", + "title": "Visibility", "type": "string" } }, "type": "object" }, - "AWS::S3::Bucket.PublicAccessBlockConfiguration": { + "AWS::QuickSight::Dashboard.ParameterControl": { "additionalProperties": false, "properties": { - "BlockPublicAcls": { - "markdownDescription": "Specifies whether Amazon S3 should block public access control lists (ACLs) for this bucket and objects in this bucket. Setting this element to `TRUE` causes the following behavior:\n\n- PUT Bucket ACL and PUT Object ACL calls fail if the specified ACL is public.\n- PUT Object calls fail if the request includes a public ACL.\n- PUT Bucket calls fail if the request includes a public ACL.\n\nEnabling this setting doesn't affect existing policies or ACLs.", - "title": "BlockPublicAcls", - "type": "boolean" + "DateTimePicker": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterDateTimePickerControl", + "markdownDescription": "A control from a date parameter that specifies date and time.", + "title": "DateTimePicker" }, - "BlockPublicPolicy": { - "markdownDescription": "Specifies whether Amazon S3 should block public bucket policies for this bucket. Setting this element to `TRUE` causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.\n\nEnabling this setting doesn't affect existing bucket policies.", - "title": "BlockPublicPolicy", - "type": "boolean" + "Dropdown": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterDropDownControl", + "markdownDescription": "A control to display a dropdown list with buttons that are used to select a single value.", + "title": "Dropdown" }, - "IgnorePublicAcls": { - "markdownDescription": "Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects in this bucket. Setting this element to `TRUE` causes Amazon S3 to ignore all public ACLs on this bucket and objects in this bucket.\n\nEnabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.", - "title": "IgnorePublicAcls", - "type": "boolean" + "List": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterListControl", + "markdownDescription": "A control to display a list with buttons or boxes that are used to select either a single value or multiple values.", + "title": "List" }, - "RestrictPublicBuckets": { - "markdownDescription": "Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to `TRUE` restricts access to this bucket to only AWS service principals and authorized users within this account if the bucket has a public policy.\n\nEnabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.", - "title": "RestrictPublicBuckets", - "type": "boolean" + "Slider": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterSliderControl", + "markdownDescription": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle.", + "title": "Slider" + }, + "TextArea": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterTextAreaControl", + "markdownDescription": "A control to display a text box that is used to enter multiple entries.", + "title": "TextArea" + }, + "TextField": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterTextFieldControl", + "markdownDescription": "A control to display a text box that is used to enter a single entry.", + "title": "TextField" } }, "type": "object" }, - "AWS::S3::Bucket.QueueConfiguration": { + "AWS::QuickSight::Dashboard.ParameterDateTimePickerControl": { "additionalProperties": false, "properties": { - "Event": { - "markdownDescription": "The Amazon S3 bucket event about which you want to publish messages to Amazon SQS. For more information, see [Supported Event Types](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide* .", - "title": "Event", + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimePickerControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterDateTimePickerControl` .", + "title": "ParameterControlId", "type": "string" }, - "Filter": { - "$ref": "#/definitions/AWS::S3::Bucket.NotificationFilter", - "markdownDescription": "The filtering rules that determine which objects trigger notifications. For example, you can create a filter so that Amazon S3 sends notifications only when image files with a `.jpg` extension are added to the bucket. For more information, see [Configuring event notifications using object key name filtering](https://docs.aws.amazon.com/AmazonS3/latest/user-guide/notification-how-to-filtering.html) in the *Amazon S3 User Guide* .", - "title": "Filter" + "SourceParameterName": { + "markdownDescription": "The name of the `ParameterDateTimePickerControl` .", + "title": "SourceParameterName", + "type": "string" }, - "Queue": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SQS queue to which Amazon S3 publishes a message when it detects events of the specified type. FIFO queues are not allowed when enabling an SQS queue as the event notification destination.", - "title": "Queue", + "Title": { + "markdownDescription": "The title of the `ParameterDateTimePickerControl` .", + "title": "Title", "type": "string" } }, "required": [ - "Event", - "Queue" + "ParameterControlId", + "SourceParameterName", + "Title" ], "type": "object" }, - "AWS::S3::Bucket.RedirectAllRequestsTo": { + "AWS::QuickSight::Dashboard.ParameterDeclaration": { "additionalProperties": false, "properties": { - "HostName": { - "markdownDescription": "Name of the host where requests are redirected.", - "title": "HostName", - "type": "string" + "DateTimeParameterDeclaration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeParameterDeclaration", + "markdownDescription": "A parameter declaration for the `DateTime` data type.", + "title": "DateTimeParameterDeclaration" }, - "Protocol": { - "markdownDescription": "Protocol to use when redirecting requests. The default is the protocol that is used in the original request.", - "title": "Protocol", - "type": "string" + "DecimalParameterDeclaration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalParameterDeclaration", + "markdownDescription": "A parameter declaration for the `Decimal` data type.", + "title": "DecimalParameterDeclaration" + }, + "IntegerParameterDeclaration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.IntegerParameterDeclaration", + "markdownDescription": "A parameter declaration for the `Integer` data type.", + "title": "IntegerParameterDeclaration" + }, + "StringParameterDeclaration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringParameterDeclaration", + "markdownDescription": "A parameter declaration for the `String` data type.", + "title": "StringParameterDeclaration" } }, - "required": [ - "HostName" - ], "type": "object" }, - "AWS::S3::Bucket.RedirectRule": { + "AWS::QuickSight::Dashboard.ParameterDropDownControl": { "additionalProperties": false, "properties": { - "HostName": { - "markdownDescription": "The host name to use in the redirect request.", - "title": "HostName", + "CascadingControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CascadingControlConfiguration", + "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", + "title": "CascadingControlConfiguration" + }, + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `ParameterDropDownControl` .", + "title": "CommitMode", "type": "string" }, - "HttpRedirectCode": { - "markdownDescription": "The HTTP redirect code to use on the response. Not required if one of the siblings is present.", - "title": "HttpRedirectCode", + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DropDownControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterDropDownControl` .", + "title": "ParameterControlId", "type": "string" }, - "Protocol": { - "markdownDescription": "Protocol to use when redirecting requests. The default is the protocol that is used in the original request.", - "title": "Protocol", + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterDropDownControl` .", + "title": "SourceParameterName", "type": "string" }, - "ReplaceKeyPrefixWith": { - "markdownDescription": "The object key prefix to use in the redirect request. For example, to redirect requests for all pages with prefix `docs/` (objects in the `docs/` folder) to `documents/` , you can set a condition block with `KeyPrefixEquals` set to `docs/` and in the Redirect set `ReplaceKeyPrefixWith` to `/documents` . Not required if one of the siblings is present. Can be present only if `ReplaceKeyWith` is not provided.\n\n> Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints) .", - "title": "ReplaceKeyPrefixWith", + "Title": { + "markdownDescription": "The title of the `ParameterDropDownControl` .", + "title": "Title", "type": "string" }, - "ReplaceKeyWith": { - "markdownDescription": "The specific object key to use in the redirect request. For example, redirect request to `error.html` . Not required if one of the siblings is present. Can be present only if `ReplaceKeyPrefixWith` is not provided.\n\n> Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints) .", - "title": "ReplaceKeyWith", + "Type": { + "markdownDescription": "The type parameter name of the `ParameterDropDownControl` .", + "title": "Type", "type": "string" } }, + "required": [ + "ParameterControlId", + "SourceParameterName", + "Title" + ], "type": "object" }, - "AWS::S3::Bucket.ReplicaModifications": { + "AWS::QuickSight::Dashboard.ParameterListControl": { "additionalProperties": false, "properties": { - "Status": { - "markdownDescription": "Specifies whether Amazon S3 replicates modifications on replicas.\n\n*Allowed values* : `Enabled` | `Disabled`", - "title": "Status", + "CascadingControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CascadingControlConfiguration", + "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", + "title": "CascadingControlConfiguration" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ListControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterListControl` .", + "title": "ParameterControlId", + "type": "string" + }, + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterListControl` .", + "title": "SourceParameterName", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `ParameterListControl` .", + "title": "Title", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of `ParameterListControl` .", + "title": "Type", "type": "string" } }, "required": [ - "Status" + "ParameterControlId", + "SourceParameterName", + "Title" ], "type": "object" }, - "AWS::S3::Bucket.ReplicationConfiguration": { + "AWS::QuickSight::Dashboard.ParameterSelectableValues": { "additionalProperties": false, "properties": { - "Role": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that Amazon S3 assumes when replicating objects. For more information, see [How to Set Up Replication](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-how-setup.html) in the *Amazon S3 User Guide* .", - "title": "Role", - "type": "string" + "LinkToDataSetColumn": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column identifier that fetches values from the data set.", + "title": "LinkToDataSetColumn" }, - "Rules": { + "Values": { "items": { - "$ref": "#/definitions/AWS::S3::Bucket.ReplicationRule" + "type": "string" }, - "markdownDescription": "A container for one or more replication rules. A replication configuration must have at least one rule and can contain a maximum of 1,000 rules.", - "title": "Rules", + "markdownDescription": "The values that are used in `ParameterSelectableValues` .", + "title": "Values", "type": "array" } }, - "required": [ - "Role", - "Rules" - ], "type": "object" }, - "AWS::S3::Bucket.ReplicationDestination": { + "AWS::QuickSight::Dashboard.ParameterSliderControl": { "additionalProperties": false, "properties": { - "AccessControlTranslation": { - "$ref": "#/definitions/AWS::S3::Bucket.AccessControlTranslation", - "markdownDescription": "Specify this only in a cross-account scenario (where source and destination bucket owners are not the same), and you want to change replica ownership to the AWS account that owns the destination bucket. If this is not specified in the replication configuration, the replicas are owned by same AWS account that owns the source object.", - "title": "AccessControlTranslation" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SliderControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" }, - "Account": { - "markdownDescription": "Destination bucket owner account ID. In a cross-account scenario, if you direct Amazon S3 to change replica ownership to the AWS account that owns the destination bucket by specifying the `AccessControlTranslation` property, this is the account ID of the destination bucket owner. For more information, see [Cross-Region Replication Additional Configuration: Change Replica Owner](https://docs.aws.amazon.com/AmazonS3/latest/dev/crr-change-owner.html) in the *Amazon S3 User Guide* .\n\nIf you specify the `AccessControlTranslation` property, the `Account` property is required.", - "title": "Account", - "type": "string" + "MaximumValue": { + "markdownDescription": "The larger value that is displayed at the right of the slider.", + "title": "MaximumValue", + "type": "number" }, - "Bucket": { - "markdownDescription": "The Amazon Resource Name (ARN) of the bucket where you want Amazon S3 to store the results.", - "title": "Bucket", - "type": "string" + "MinimumValue": { + "markdownDescription": "The smaller value that is displayed at the left of the slider.", + "title": "MinimumValue", + "type": "number" }, - "EncryptionConfiguration": { - "$ref": "#/definitions/AWS::S3::Bucket.EncryptionConfiguration", - "markdownDescription": "Specifies encryption-related information.", - "title": "EncryptionConfiguration" + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterSliderControl` .", + "title": "ParameterControlId", + "type": "string" }, - "Metrics": { - "$ref": "#/definitions/AWS::S3::Bucket.Metrics", - "markdownDescription": "A container specifying replication metrics-related settings enabling replication metrics and events.", - "title": "Metrics" + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterSliderControl` .", + "title": "SourceParameterName", + "type": "string" }, - "ReplicationTime": { - "$ref": "#/definitions/AWS::S3::Bucket.ReplicationTime", - "markdownDescription": "A container specifying S3 Replication Time Control (S3 RTC), including whether S3 RTC is enabled and the time when all objects and operations on objects must be replicated. Must be specified together with a `Metrics` block.", - "title": "ReplicationTime" + "StepSize": { + "markdownDescription": "The number of increments that the slider bar is divided into.", + "title": "StepSize", + "type": "number" }, - "StorageClass": { - "markdownDescription": "The storage class to use when replicating objects, such as S3 Standard or reduced redundancy. By default, Amazon S3 uses the storage class of the source object to create the object replica.\n\nFor valid values, see the `StorageClass` element of the [PUT Bucket replication](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTreplication.html) action in the *Amazon S3 API Reference* .", - "title": "StorageClass", + "Title": { + "markdownDescription": "The title of the `ParameterSliderControl` .", + "title": "Title", "type": "string" } }, "required": [ - "Bucket" + "MaximumValue", + "MinimumValue", + "ParameterControlId", + "SourceParameterName", + "StepSize", + "Title" ], "type": "object" }, - "AWS::S3::Bucket.ReplicationRule": { + "AWS::QuickSight::Dashboard.ParameterTextAreaControl": { "additionalProperties": false, "properties": { - "DeleteMarkerReplication": { - "$ref": "#/definitions/AWS::S3::Bucket.DeleteMarkerReplication", - "markdownDescription": "Specifies whether Amazon S3 replicates delete markers. If you specify a `Filter` in your replication configuration, you must also include a `DeleteMarkerReplication` element. If your `Filter` includes a `Tag` element, the `DeleteMarkerReplication` `Status` must be set to Disabled, because Amazon S3 does not support replicating delete markers for tag-based rules. For an example configuration, see [Basic Rule Configuration](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-config-min-rule-config) .\n\nFor more information about delete marker replication, see [Basic Rule Configuration](https://docs.aws.amazon.com/AmazonS3/latest/dev/delete-marker-replication.html) .\n\n> If you are using an earlier version of the replication configuration, Amazon S3 handles replication of delete markers differently. For more information, see [Backward Compatibility](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-backward-compat-considerations) .", - "title": "DeleteMarkerReplication" + "Delimiter": { + "markdownDescription": "The delimiter that is used to separate the lines in text.", + "title": "Delimiter", + "type": "string" }, - "Destination": { - "$ref": "#/definitions/AWS::S3::Bucket.ReplicationDestination", - "markdownDescription": "A container for information about the replication destination and its configurations including enabling the S3 Replication Time Control (S3 RTC).", - "title": "Destination" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextAreaControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" }, - "Filter": { - "$ref": "#/definitions/AWS::S3::Bucket.ReplicationRuleFilter", - "markdownDescription": "A filter that identifies the subset of objects to which the replication rule applies. A `Filter` must specify exactly one `Prefix` , `TagFilter` , or an `And` child element. The use of the filter field indicates that this is a V2 replication configuration. This field isn't supported in a V1 replication configuration.\n\n> V1 replication configuration only supports filtering by key prefix. To filter using a V1 replication configuration, add the `Prefix` directly as a child element of the `Rule` element.", - "title": "Filter" + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterTextAreaControl` .", + "title": "ParameterControlId", + "type": "string" }, - "Id": { - "markdownDescription": "A unique identifier for the rule. The maximum value is 255 characters. If you don't specify a value, AWS CloudFormation generates a random ID. When using a V2 replication configuration this property is capitalized as \"ID\".", - "title": "Id", + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterTextAreaControl` .", + "title": "SourceParameterName", "type": "string" }, - "Prefix": { - "markdownDescription": "An object key name prefix that identifies the object or objects to which the rule applies. The maximum prefix length is 1,024 characters. To include all objects in a bucket, specify an empty string. To filter using a V1 replication configuration, add the `Prefix` directly as a child element of the `Rule` element.\n\n> Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints) .", - "title": "Prefix", + "Title": { + "markdownDescription": "The title of the `ParameterTextAreaControl` .", + "title": "Title", "type": "string" + } + }, + "required": [ + "ParameterControlId", + "SourceParameterName", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ParameterTextFieldControl": { + "additionalProperties": false, + "properties": { + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextFieldControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" }, - "Priority": { - "markdownDescription": "The priority indicates which rule has precedence whenever two or more replication rules conflict. Amazon S3 will attempt to replicate objects according to all replication rules. However, if there are two or more rules with the same destination bucket, then objects will be replicated according to the rule with the highest priority. The higher the number, the higher the priority.\n\nFor more information, see [Replication](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication.html) in the *Amazon S3 User Guide* .", - "title": "Priority", - "type": "number" + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterTextFieldControl` .", + "title": "ParameterControlId", + "type": "string" }, - "SourceSelectionCriteria": { - "$ref": "#/definitions/AWS::S3::Bucket.SourceSelectionCriteria", - "markdownDescription": "A container that describes additional filters for identifying the source objects that you want to replicate. You can choose to enable or disable the replication of these objects.", - "title": "SourceSelectionCriteria" + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterTextFieldControl` .", + "title": "SourceParameterName", + "type": "string" }, - "Status": { - "markdownDescription": "Specifies whether the rule is enabled.", - "title": "Status", + "Title": { + "markdownDescription": "The title of the `ParameterTextFieldControl` .", + "title": "Title", "type": "string" } }, "required": [ - "Destination", - "Status" + "ParameterControlId", + "SourceParameterName", + "Title" ], "type": "object" }, - "AWS::S3::Bucket.ReplicationRuleAndOperator": { + "AWS::QuickSight::Dashboard.Parameters": { "additionalProperties": false, "properties": { - "Prefix": { - "markdownDescription": "An object key name prefix that identifies the subset of objects to which the rule applies.", - "title": "Prefix", - "type": "string" + "DateTimeParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeParameter" + }, + "markdownDescription": "The parameters that have a data type of date-time.", + "title": "DateTimeParameters", + "type": "array" }, - "TagFilters": { + "DecimalParameters": { "items": { - "$ref": "#/definitions/AWS::S3::Bucket.TagFilter" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalParameter" }, - "markdownDescription": "An array of tags containing key and value pairs.", - "title": "TagFilters", + "markdownDescription": "The parameters that have a data type of decimal.", + "title": "DecimalParameters", + "type": "array" + }, + "IntegerParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.IntegerParameter" + }, + "markdownDescription": "The parameters that have a data type of integer.", + "title": "IntegerParameters", + "type": "array" + }, + "StringParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringParameter" + }, + "markdownDescription": "The parameters that have a data type of string.", + "title": "StringParameters", "type": "array" } }, "type": "object" }, - "AWS::S3::Bucket.ReplicationRuleFilter": { + "AWS::QuickSight::Dashboard.PercentVisibleRange": { "additionalProperties": false, "properties": { - "And": { - "$ref": "#/definitions/AWS::S3::Bucket.ReplicationRuleAndOperator", - "markdownDescription": "A container for specifying rule filters. The filters determine the subset of objects to which the rule applies. This element is required only if you specify more than one filter. For example:\n\n- If you specify both a `Prefix` and a `TagFilter` , wrap these filters in an `And` tag.\n- If you specify a filter based on multiple tags, wrap the `TagFilter` elements in an `And` tag.", - "title": "And" - }, - "Prefix": { - "markdownDescription": "An object key name prefix that identifies the subset of objects to which the rule applies.\n\n> Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints) .", - "title": "Prefix", - "type": "string" + "From": { + "markdownDescription": "The lower bound of the range.", + "title": "From", + "type": "number" }, - "TagFilter": { - "$ref": "#/definitions/AWS::S3::Bucket.TagFilter", - "markdownDescription": "A container for specifying a tag key and value.\n\nThe rule applies only to objects that have the tag in their tag set.", - "title": "TagFilter" + "To": { + "markdownDescription": "The top bound of the range.", + "title": "To", + "type": "number" } }, "type": "object" }, - "AWS::S3::Bucket.ReplicationTime": { + "AWS::QuickSight::Dashboard.PercentageDisplayFormatConfiguration": { "additionalProperties": false, "properties": { - "Status": { - "markdownDescription": "Specifies whether the replication time is enabled.", - "title": "Status", + "DecimalPlacesConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalPlacesConfiguration", + "markdownDescription": "The option that determines the decimal places configuration.", + "title": "DecimalPlacesConfiguration" + }, + "NegativeValueConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NegativeValueConfiguration", + "markdownDescription": "The options that determine the negative value configuration.", + "title": "NegativeValueConfiguration" + }, + "NullValueFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NullValueFormatConfiguration", + "markdownDescription": "The options that determine the null value format configuration.", + "title": "NullValueFormatConfiguration" + }, + "Prefix": { + "markdownDescription": "Determines the prefix value of the percentage format.", + "title": "Prefix", "type": "string" }, - "Time": { - "$ref": "#/definitions/AWS::S3::Bucket.ReplicationTimeValue", - "markdownDescription": "A container specifying the time by which replication should be complete for all objects and operations on objects.", - "title": "Time" + "SeparatorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericSeparatorConfiguration", + "markdownDescription": "The options that determine the numeric separator configuration.", + "title": "SeparatorConfiguration" + }, + "Suffix": { + "markdownDescription": "Determines the suffix value of the percentage format.", + "title": "Suffix", + "type": "string" } }, - "required": [ - "Status", - "Time" - ], "type": "object" }, - "AWS::S3::Bucket.ReplicationTimeValue": { + "AWS::QuickSight::Dashboard.PercentileAggregation": { "additionalProperties": false, "properties": { - "Minutes": { - "markdownDescription": "Contains an integer specifying time in minutes.\n\nValid value: 15", - "title": "Minutes", + "PercentileValue": { + "markdownDescription": "The percentile value. This value can be any numeric constant 0\u2013100. A percentile value of 50 computes the median value of the measure.", + "title": "PercentileValue", "type": "number" } }, - "required": [ - "Minutes" - ], "type": "object" }, - "AWS::S3::Bucket.RoutingRule": { + "AWS::QuickSight::Dashboard.PeriodOverPeriodComputation": { "additionalProperties": false, "properties": { - "RedirectRule": { - "$ref": "#/definitions/AWS::S3::Bucket.RedirectRule", - "markdownDescription": "Container for redirect information. You can redirect requests to another host, to another page, or with another protocol. In the event of an error, you can specify a different error code to return.", - "title": "RedirectRule" + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" }, - "RoutingRuleCondition": { - "$ref": "#/definitions/AWS::S3::Bucket.RoutingRuleCondition", - "markdownDescription": "A container for describing a condition that must be met for the specified redirect to apply. For example, 1. If request is for pages in the `/docs` folder, redirect to the `/documents` folder. 2. If request results in HTTP error 4xx, redirect request to another host where you might process the error.", - "title": "RoutingRuleCondition" + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" } }, "required": [ - "RedirectRule" + "ComputationId" ], "type": "object" }, - "AWS::S3::Bucket.RoutingRuleCondition": { + "AWS::QuickSight::Dashboard.PeriodToDateComputation": { "additionalProperties": false, "properties": { - "HttpErrorCodeReturnedEquals": { - "markdownDescription": "The HTTP error code when the redirect is applied. In the event of an error, if the error code equals this value, then the specified redirect is applied.\n\nRequired when parent element `Condition` is specified and sibling `KeyPrefixEquals` is not specified. If both are specified, then both must be true for the redirect to be applied.", - "title": "HttpErrorCodeReturnedEquals", + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", "type": "string" }, - "KeyPrefixEquals": { - "markdownDescription": "The object key name prefix when the redirect is applied. For example, to redirect requests for `ExamplePage.html` , the key prefix will be `ExamplePage.html` . To redirect request for all pages with the prefix `docs/` , the key prefix will be `docs/` , which identifies all objects in the docs/ folder.\n\nRequired when the parent element `Condition` is specified and sibling `HttpErrorCodeReturnedEquals` is not specified. If both conditions are specified, both must be true for the redirect to be applied.", - "title": "KeyPrefixEquals", + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "PeriodTimeGranularity": { + "markdownDescription": "The time granularity setup of period to date computation. Choose from the following options:\n\n- YEAR: Year to date.\n- MONTH: Month to date.", + "title": "PeriodTimeGranularity", "type": "string" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" } }, + "required": [ + "ComputationId" + ], "type": "object" }, - "AWS::S3::Bucket.Rule": { + "AWS::QuickSight::Dashboard.PieChartAggregatedFieldWells": { "additionalProperties": false, "properties": { - "AbortIncompleteMultipartUpload": { - "$ref": "#/definitions/AWS::S3::Bucket.AbortIncompleteMultipartUpload", - "markdownDescription": "Specifies a lifecycle rule that stops incomplete multipart uploads to an Amazon S3 bucket.", - "title": "AbortIncompleteMultipartUpload" + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The category (group/color) field wells of a pie chart.", + "title": "Category", + "type": "array" }, - "ExpirationDate": { - "markdownDescription": "Indicates when objects are deleted from Amazon S3 and Amazon S3 Glacier. The date value must be in ISO 8601 format. The time is always midnight UTC. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time.", - "title": "ExpirationDate", - "type": "string" + "SmallMultiples": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The small multiples field well of a pie chart.", + "title": "SmallMultiples", + "type": "array" }, - "ExpirationInDays": { - "markdownDescription": "Indicates the number of days after creation when objects are deleted from Amazon S3 and Amazon S3 Glacier. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time.", - "title": "ExpirationInDays", - "type": "number" + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The value field wells of a pie chart. Values are aggregated based on categories.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PieChartConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options of the group/color that is displayed in a pie chart.", + "title": "CategoryLabelOptions" }, - "ExpiredObjectDeleteMarker": { - "markdownDescription": "Indicates whether Amazon S3 will remove a delete marker without any noncurrent versions. If set to true, the delete marker will be removed if there are no noncurrent versions. This cannot be specified with `ExpirationInDays` , `ExpirationDate` , or `TagFilters` .", - "title": "ExpiredObjectDeleteMarker", - "type": "boolean" + "ContributionAnalysisDefaults": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ContributionAnalysisDefault" + }, + "markdownDescription": "The contribution analysis (anomaly configuration) setup of the visual.", + "title": "ContributionAnalysisDefaults", + "type": "array" }, - "Id": { - "markdownDescription": "Unique identifier for the rule. The value can't be longer than 255 characters.", - "title": "Id", - "type": "string" + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.", + "title": "DataLabels" }, - "NoncurrentVersionExpiration": { - "$ref": "#/definitions/AWS::S3::Bucket.NoncurrentVersionExpiration", - "markdownDescription": "Specifies when noncurrent object versions expire. Upon expiration, Amazon S3 permanently deletes the noncurrent object versions. You set this lifecycle configuration action on a bucket that has versioning enabled (or suspended) to request that Amazon S3 delete noncurrent object versions at a specific period in the object's lifetime.", - "title": "NoncurrentVersionExpiration" + "DonutOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DonutOptions", + "markdownDescription": "The options that determine the shape of the chart. This option determines whether the chart is a pie chart or a donut chart.", + "title": "DonutOptions" }, - "NoncurrentVersionExpirationInDays": { - "markdownDescription": "(Deprecated.) For buckets with versioning enabled (or suspended), specifies the time, in days, between when a new version of the object is uploaded to the bucket and when old versions of the object expire. When object versions expire, Amazon S3 permanently deletes them. If you specify a transition and expiration time, the expiration time must be later than the transition time.", - "title": "NoncurrentVersionExpirationInDays", - "type": "number" + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PieChartFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" }, - "NoncurrentVersionTransition": { - "$ref": "#/definitions/AWS::S3::Bucket.NoncurrentVersionTransition", - "markdownDescription": "(Deprecated.) For buckets with versioning enabled (or suspended), specifies when non-current objects transition to a specified storage class. If you specify a transition and expiration time, the expiration time must be later than the transition time. If you specify this property, don't specify the `NoncurrentVersionTransitions` property.", - "title": "NoncurrentVersionTransition" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" }, - "NoncurrentVersionTransitions": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.NoncurrentVersionTransition" - }, - "markdownDescription": "For buckets with versioning enabled (or suspended), one or more transition rules that specify when non-current objects transition to a specified storage class. If you specify a transition and expiration time, the expiration time must be later than the transition time. If you specify this property, don't specify the `NoncurrentVersionTransition` property.", - "title": "NoncurrentVersionTransitions", - "type": "array" + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" }, - "ObjectSizeGreaterThan": { - "markdownDescription": "Specifies the minimum object size in bytes for this rule to apply to. Objects must be larger than this value in bytes. For more information about size based rules, see [Lifecycle configuration using size-based rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-configuration-examples.html#lc-size-rules) in the *Amazon S3 User Guide* .", - "title": "ObjectSizeGreaterThan", - "type": "string" + "SmallMultiplesOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SmallMultiplesOptions", + "markdownDescription": "The small multiples setup for the visual.", + "title": "SmallMultiplesOptions" }, - "ObjectSizeLessThan": { - "markdownDescription": "Specifies the maximum object size in bytes for this rule to apply to. Objects must be smaller than this value in bytes. For more information about sized based rules, see [Lifecycle configuration using size-based rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-configuration-examples.html#lc-size-rules) in the *Amazon S3 User Guide* .", - "title": "ObjectSizeLessThan", - "type": "string" + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PieChartSortConfiguration", + "markdownDescription": "The sort configuration of a pie chart.", + "title": "SortConfiguration" }, - "Prefix": { - "markdownDescription": "Object key prefix that identifies one or more objects to which this rule applies.\n\n> Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints) .", - "title": "Prefix", - "type": "string" + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" }, - "Status": { - "markdownDescription": "If `Enabled` , the rule is currently being applied. If `Disabled` , the rule is not currently being applied.", - "title": "Status", - "type": "string" + "ValueLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options for the value that is displayed in a pie chart.", + "title": "ValueLabelOptions" }, - "TagFilters": { + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PieChartFieldWells": { + "additionalProperties": false, + "properties": { + "PieChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PieChartAggregatedFieldWells", + "markdownDescription": "The field well configuration of a pie chart.", + "title": "PieChartAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PieChartSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of categories that are displayed in a pie chart.", + "title": "CategoryItemsLimit" + }, + "CategorySort": { "items": { - "$ref": "#/definitions/AWS::S3::Bucket.TagFilter" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" }, - "markdownDescription": "Tags to use to identify a subset of objects to which the lifecycle rule applies.", - "title": "TagFilters", + "markdownDescription": "The sort configuration of the category fields.", + "title": "CategorySort", "type": "array" }, - "Transition": { - "$ref": "#/definitions/AWS::S3::Bucket.Transition", - "markdownDescription": "(Deprecated.) Specifies when an object transitions to a specified storage class. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time. If you specify this property, don't specify the `Transitions` property.", - "title": "Transition" + "SmallMultiplesLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of small multiples panels that are displayed.", + "title": "SmallMultiplesLimitConfiguration" }, - "Transitions": { + "SmallMultiplesSort": { "items": { - "$ref": "#/definitions/AWS::S3::Bucket.Transition" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" }, - "markdownDescription": "One or more transition rules that specify when an object transitions to a specified storage class. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time. If you specify this property, don't specify the `Transition` property.", - "title": "Transitions", + "markdownDescription": "The sort configuration of the small multiples field.", + "title": "SmallMultiplesSort", "type": "array" } }, - "required": [ - "Status" - ], "type": "object" }, - "AWS::S3::Bucket.S3KeyFilter": { + "AWS::QuickSight::Dashboard.PieChartVisual": { "additionalProperties": false, "properties": { - "Rules": { + "Actions": { "items": { - "$ref": "#/definitions/AWS::S3::Bucket.FilterRule" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" }, - "markdownDescription": "A list of containers for the key-value pair that defines the criteria for the filter rule.", - "title": "Rules", + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PieChartConfiguration", + "markdownDescription": "The configuration of a pie chart.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" } }, "required": [ - "Rules" + "VisualId" ], "type": "object" }, - "AWS::S3::Bucket.ServerSideEncryptionByDefault": { + "AWS::QuickSight::Dashboard.PivotFieldSortOptions": { "additionalProperties": false, "properties": { - "KMSMasterKeyID": { - "markdownDescription": "AWS Key Management Service (KMS) customer managed key ID to use for the default encryption.\n\n> - *General purpose buckets* - This parameter is allowed if and only if `SSEAlgorithm` is set to `aws:kms` or `aws:kms:dsse` .\n> - *Directory buckets* - This parameter is allowed if and only if `SSEAlgorithm` is set to `aws:kms` . \n\nYou can specify the key ID, key alias, or the Amazon Resource Name (ARN) of the KMS key.\n\n- Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key ARN: `arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key Alias: `alias/alias-name`\n\nIf you are using encryption with cross-account or AWS service operations, you must use a fully qualified KMS key ARN. For more information, see [Using encryption for cross-account operations](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html#bucket-encryption-update-bucket-policy) .\n\n> - *General purpose buckets* - If you're specifying a customer managed KMS key, we recommend using a fully qualified KMS key ARN. If you use a KMS key alias instead, then AWS KMS resolves the key within the requester\u2019s account. This behavior can result in data that's encrypted with a KMS key that belongs to the requester, and not the bucket owner. Also, if you use a key ID, you can run into a LogDestination undeliverable error when creating a VPC flow log.\n> - *Directory buckets* - When you specify an [AWS KMS customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk) for encryption in your directory bucket, only use the key ID or key ARN. The key alias format of the KMS key isn't supported. > Amazon S3 only supports symmetric encryption KMS keys. For more information, see [Asymmetric keys in AWS KMS](https://docs.aws.amazon.com//kms/latest/developerguide/symmetric-asymmetric.html) in the *AWS Key Management Service Developer Guide* .", - "title": "KMSMasterKeyID", + "FieldId": { + "markdownDescription": "The field ID for the field sort options.", + "title": "FieldId", "type": "string" }, - "SSEAlgorithm": { - "markdownDescription": "Server-side encryption algorithm to use for the default encryption.\n\n> For directory buckets, there are only two supported values for server-side encryption: `AES256` and `aws:kms` .", - "title": "SSEAlgorithm", - "type": "string" + "SortBy": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableSortBy", + "markdownDescription": "The sort by field for the field sort options.", + "title": "SortBy" } }, "required": [ - "SSEAlgorithm" + "FieldId", + "SortBy" ], "type": "object" }, - "AWS::S3::Bucket.ServerSideEncryptionRule": { + "AWS::QuickSight::Dashboard.PivotTableAggregatedFieldWells": { "additionalProperties": false, "properties": { - "BucketKeyEnabled": { - "markdownDescription": "Specifies whether Amazon S3 should use an S3 Bucket Key with server-side encryption using KMS (SSE-KMS) for new objects in the bucket. Existing objects are not affected. Setting the `BucketKeyEnabled` element to `true` causes Amazon S3 to use an S3 Bucket Key. By default, S3 Bucket Key is not enabled.\n\nFor more information, see [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) in the *Amazon S3 User Guide* .", - "title": "BucketKeyEnabled", - "type": "boolean" + "Columns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The columns field well for a pivot table. Values are grouped by columns fields.", + "title": "Columns", + "type": "array" }, - "ServerSideEncryptionByDefault": { - "$ref": "#/definitions/AWS::S3::Bucket.ServerSideEncryptionByDefault", - "markdownDescription": "Specifies the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied.", - "title": "ServerSideEncryptionByDefault" + "Rows": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The rows field well for a pivot table. Values are grouped by rows fields.", + "title": "Rows", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The values field well for a pivot table. Values are aggregated based on rows and columns fields.", + "title": "Values", + "type": "array" } }, "type": "object" }, - "AWS::S3::Bucket.SourceSelectionCriteria": { + "AWS::QuickSight::Dashboard.PivotTableCellConditionalFormatting": { "additionalProperties": false, "properties": { - "ReplicaModifications": { - "$ref": "#/definitions/AWS::S3::Bucket.ReplicaModifications", - "markdownDescription": "A filter that you can specify for selection for modifications on replicas.", - "title": "ReplicaModifications" + "FieldId": { + "markdownDescription": "The field ID of the cell for conditional formatting.", + "title": "FieldId", + "type": "string" }, - "SseKmsEncryptedObjects": { - "$ref": "#/definitions/AWS::S3::Bucket.SseKmsEncryptedObjects", - "markdownDescription": "A container for filter information for the selection of Amazon S3 objects encrypted with AWS KMS.", - "title": "SseKmsEncryptedObjects" + "Scope": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableConditionalFormattingScope", + "markdownDescription": "The scope of the cell for conditional formatting.", + "title": "Scope" + }, + "Scopes": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableConditionalFormattingScope" + }, + "markdownDescription": "A list of cell scopes for conditional formatting.", + "title": "Scopes", + "type": "array" + }, + "TextFormat": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextConditionalFormat", + "markdownDescription": "The text format of the cell for conditional formatting.", + "title": "TextFormat" } }, + "required": [ + "FieldId" + ], "type": "object" }, - "AWS::S3::Bucket.SseKmsEncryptedObjects": { + "AWS::QuickSight::Dashboard.PivotTableConditionalFormatting": { "additionalProperties": false, "properties": { - "Status": { - "markdownDescription": "Specifies whether Amazon S3 replicates objects created with server-side encryption using an AWS KMS key stored in AWS Key Management Service.", - "title": "Status", - "type": "string" + "ConditionalFormattingOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableConditionalFormattingOption" + }, + "markdownDescription": "Conditional formatting options for a `PivotTableVisual` .", + "title": "ConditionalFormattingOptions", + "type": "array" } }, - "required": [ - "Status" - ], "type": "object" }, - "AWS::S3::Bucket.StorageClassAnalysis": { + "AWS::QuickSight::Dashboard.PivotTableConditionalFormattingOption": { "additionalProperties": false, "properties": { - "DataExport": { - "$ref": "#/definitions/AWS::S3::Bucket.DataExport", - "markdownDescription": "Specifies how data related to the storage class analysis for an Amazon S3 bucket should be exported.", - "title": "DataExport" + "Cell": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableCellConditionalFormatting", + "markdownDescription": "The cell conditional formatting option for a pivot table.", + "title": "Cell" } }, "type": "object" }, - "AWS::S3::Bucket.TagFilter": { + "AWS::QuickSight::Dashboard.PivotTableConditionalFormattingScope": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The tag key.", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "The tag value.", - "title": "Value", + "Role": { + "markdownDescription": "The role (field, field total, grand total) of the cell for conditional formatting.", + "title": "Role", "type": "string" } }, - "required": [ - "Key", - "Value" - ], "type": "object" }, - "AWS::S3::Bucket.TargetObjectKeyFormat": { + "AWS::QuickSight::Dashboard.PivotTableConfiguration": { "additionalProperties": false, "properties": { - "PartitionedPrefix": { - "$ref": "#/definitions/AWS::S3::Bucket.PartitionedPrefix", - "markdownDescription": "Partitioned S3 key for log objects.", - "title": "PartitionedPrefix" + "FieldOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableFieldOptions", + "markdownDescription": "The field options for a pivot table visual.", + "title": "FieldOptions" }, - "SimplePrefix": { - "markdownDescription": "To use the simple format for S3 keys for log objects. To specify SimplePrefix format, set SimplePrefix to {}.", - "title": "SimplePrefix", - "type": "object" + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "PaginatedReportOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTablePaginatedReportOptions", + "markdownDescription": "The paginated report options for a pivot table visual.", + "title": "PaginatedReportOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableSortConfiguration", + "markdownDescription": "The sort configuration for a `PivotTableVisual` .", + "title": "SortConfiguration" + }, + "TableOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableOptions", + "markdownDescription": "The table options for a pivot table visual.", + "title": "TableOptions" + }, + "TotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableTotalOptions", + "markdownDescription": "The total options for a pivot table visual.", + "title": "TotalOptions" } }, "type": "object" }, - "AWS::S3::Bucket.Tiering": { + "AWS::QuickSight::Dashboard.PivotTableDataPathOption": { "additionalProperties": false, "properties": { - "AccessTier": { - "markdownDescription": "S3 Intelligent-Tiering access tier. See [Storage class for automatically optimizing frequently and infrequently accessed objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html#sc-dynamic-data-access) for a list of access tiers in the S3 Intelligent-Tiering storage class.", - "title": "AccessTier", - "type": "string" + "DataPathList": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathValue" + }, + "markdownDescription": "The list of data path values for the data path options.", + "title": "DataPathList", + "type": "array" }, - "Days": { - "markdownDescription": "The number of consecutive days of no access after which an object will be eligible to be transitioned to the corresponding tier. The minimum number of days specified for Archive Access tier must be at least 90 days and Deep Archive Access tier must be at least 180 days. The maximum can be up to 2 years (730 days).", - "title": "Days", - "type": "number" + "Width": { + "markdownDescription": "The width of the data path option.", + "title": "Width", + "type": "string" } }, "required": [ - "AccessTier", - "Days" + "DataPathList" ], "type": "object" }, - "AWS::S3::Bucket.TopicConfiguration": { + "AWS::QuickSight::Dashboard.PivotTableFieldCollapseStateOption": { "additionalProperties": false, "properties": { - "Event": { - "markdownDescription": "The Amazon S3 bucket event about which to send notifications. For more information, see [Supported Event Types](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide* .", - "title": "Event", + "State": { + "markdownDescription": "The state of the field target of a pivot table. Choose one of the following options:\n\n- `COLLAPSED`\n- `EXPANDED`", + "title": "State", "type": "string" }, - "Filter": { - "$ref": "#/definitions/AWS::S3::Bucket.NotificationFilter", - "markdownDescription": "The filtering rules that determine for which objects to send notifications. For example, you can create a filter so that Amazon S3 sends notifications only when image files with a `.jpg` extension are added to the bucket.", - "title": "Filter" - }, - "Topic": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to which Amazon S3 publishes a message when it detects events of the specified type.", - "title": "Topic", - "type": "string" + "Target": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableFieldCollapseStateTarget", + "markdownDescription": "A tagged-union object that sets the collapse state.", + "title": "Target" } }, "required": [ - "Event", - "Topic" + "Target" ], "type": "object" }, - "AWS::S3::Bucket.Transition": { + "AWS::QuickSight::Dashboard.PivotTableFieldCollapseStateTarget": { "additionalProperties": false, "properties": { - "StorageClass": { - "markdownDescription": "The storage class to which you want the object to transition.", - "title": "StorageClass", - "type": "string" + "FieldDataPathValues": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathValue" + }, + "markdownDescription": "The data path of the pivot table's header. Used to set the collapse state.", + "title": "FieldDataPathValues", + "type": "array" }, - "TransitionDate": { - "markdownDescription": "Indicates when objects are transitioned to the specified storage class. The date value must be in ISO 8601 format. The time is always midnight UTC.", - "title": "TransitionDate", + "FieldId": { + "markdownDescription": "The field ID of the pivot table that the collapse state needs to be set to.", + "title": "FieldId", "type": "string" - }, - "TransitionInDays": { - "markdownDescription": "Indicates the number of days after creation when objects are transitioned to the specified storage class. If the specified storage class is `INTELLIGENT_TIERING` , `GLACIER_IR` , `GLACIER` , or `DEEP_ARCHIVE` , valid values are `0` or positive integers. If the specified storage class is `STANDARD_IA` or `ONEZONE_IA` , valid values are positive integers greater than `30` . Be aware that some storage classes have a minimum storage duration and that you're charged for transitioning objects before their minimum storage duration. For more information, see [Constraints and considerations for transitions](https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-transition-general-considerations.html#lifecycle-configuration-constraints) in the *Amazon S3 User Guide* .", - "title": "TransitionInDays", - "type": "number" } }, - "required": [ - "StorageClass" - ], "type": "object" }, - "AWS::S3::Bucket.VersioningConfiguration": { + "AWS::QuickSight::Dashboard.PivotTableFieldOption": { "additionalProperties": false, "properties": { - "Status": { - "markdownDescription": "The versioning state of the bucket.", - "title": "Status", + "CustomLabel": { + "markdownDescription": "The custom label of the pivot table field.", + "title": "CustomLabel", + "type": "string" + }, + "FieldId": { + "markdownDescription": "The field ID of the pivot table field.", + "title": "FieldId", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the pivot table field.", + "title": "Visibility", "type": "string" } }, "required": [ - "Status" + "FieldId" ], "type": "object" }, - "AWS::S3::Bucket.WebsiteConfiguration": { + "AWS::QuickSight::Dashboard.PivotTableFieldOptions": { "additionalProperties": false, "properties": { - "ErrorDocument": { - "markdownDescription": "The name of the error document for the website.", - "title": "ErrorDocument", - "type": "string" - }, - "IndexDocument": { - "markdownDescription": "The name of the index document for the website.", - "title": "IndexDocument", - "type": "string" + "CollapseStateOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableFieldCollapseStateOption" + }, + "markdownDescription": "The collapse state options for the pivot table field options.", + "title": "CollapseStateOptions", + "type": "array" }, - "RedirectAllRequestsTo": { - "$ref": "#/definitions/AWS::S3::Bucket.RedirectAllRequestsTo", - "markdownDescription": "The redirect behavior for every request to this bucket's website endpoint.\n\n> If you specify this property, you can't specify any other property.", - "title": "RedirectAllRequestsTo" + "DataPathOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableDataPathOption" + }, + "markdownDescription": "The data path options for the pivot table field options.", + "title": "DataPathOptions", + "type": "array" }, - "RoutingRules": { + "SelectedFieldOptions": { "items": { - "$ref": "#/definitions/AWS::S3::Bucket.RoutingRule" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableFieldOption" }, - "markdownDescription": "Rules that define when a redirect is applied and the redirect behavior.", - "title": "RoutingRules", + "markdownDescription": "The selected field options for the pivot table field options.", + "title": "SelectedFieldOptions", "type": "array" } }, "type": "object" }, - "AWS::S3::BucketPolicy": { + "AWS::QuickSight::Dashboard.PivotTableFieldSubtotalOptions": { "additionalProperties": false, "properties": { - "Condition": { + "FieldId": { + "markdownDescription": "The field ID of the subtotal options.", + "title": "FieldId", "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotTableFieldWells": { + "additionalProperties": false, + "properties": { + "PivotTableAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableAggregatedFieldWells", + "markdownDescription": "The aggregated field well for the pivot table.", + "title": "PivotTableAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotTableOptions": { + "additionalProperties": false, + "properties": { + "CellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", + "markdownDescription": "The table cell style of cells.", + "title": "CellStyle" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "CollapsedRowDimensionsVisibility": { + "markdownDescription": "The visibility setting of a pivot table's collapsed row dimension fields. If the value of this structure is `HIDDEN` , all collapsed columns in a pivot table are automatically hidden. The default value is `VISIBLE` .", + "title": "CollapsedRowDimensionsVisibility", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ColumnHeaderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", + "markdownDescription": "The table cell style of the column header.", + "title": "ColumnHeaderStyle" }, - "Metadata": { - "type": "object" + "ColumnNamesVisibility": { + "markdownDescription": "The visibility of the column names.", + "title": "ColumnNamesVisibility", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Bucket": { - "markdownDescription": "The name of the Amazon S3 bucket to which the policy applies.", - "title": "Bucket", - "type": "string" - }, - "PolicyDocument": { - "markdownDescription": "A policy document containing permissions to add to the specified bucket. In IAM, you must provide policy documents in JSON format. However, in CloudFormation you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to IAM. For more information, see the AWS::IAM::Policy [PolicyDocument](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html#cfn-iam-policy-policydocument) resource description in this guide and [Access Policy Language Overview](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-policy-language-overview.html) in the *Amazon S3 User Guide* .", - "title": "PolicyDocument", - "type": "object" - } - }, - "required": [ - "Bucket", - "PolicyDocument" - ], - "type": "object" + "DefaultCellWidth": { + "markdownDescription": "The default cell width of the pivot table.", + "title": "DefaultCellWidth", + "type": "string" }, - "Type": { - "enum": [ - "AWS::S3::BucketPolicy" - ], + "MetricPlacement": { + "markdownDescription": "The metric placement (row, column) options.", + "title": "MetricPlacement", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "RowAlternateColorOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RowAlternateColorOptions", + "markdownDescription": "The row alternate color options (widget status, row alternate colors).", + "title": "RowAlternateColorOptions" + }, + "RowFieldNamesStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", + "markdownDescription": "The table cell style of row field names.", + "title": "RowFieldNamesStyle" + }, + "RowHeaderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", + "markdownDescription": "The table cell style of the row headers.", + "title": "RowHeaderStyle" + }, + "RowsLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableRowsLabelOptions", + "markdownDescription": "The options for the label that is located above the row headers. This option is only applicable when `RowsLayout` is set to `HIERARCHY` .", + "title": "RowsLabelOptions" + }, + "RowsLayout": { + "markdownDescription": "The layout for the row dimension headers of a pivot table. Choose one of the following options.\n\n- `TABULAR` : (Default) Each row field is displayed in a separate column.\n- `HIERARCHY` : All row fields are displayed in a single column. Indentation is used to differentiate row headers of different fields.", + "title": "RowsLayout", + "type": "string" + }, + "SingleMetricVisibility": { + "markdownDescription": "The visibility of the single metric options.", + "title": "SingleMetricVisibility", + "type": "string" + }, + "ToggleButtonsVisibility": { + "markdownDescription": "Determines the visibility of the pivot table.", + "title": "ToggleButtonsVisibility", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::S3::MultiRegionAccessPoint": { + "AWS::QuickSight::Dashboard.PivotTablePaginatedReportOptions": { "additionalProperties": false, "properties": { - "Condition": { + "OverflowColumnHeaderVisibility": { + "markdownDescription": "The visibility of the repeating header rows on each page.", + "title": "OverflowColumnHeaderVisibility", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VerticalOverflowVisibility": { + "markdownDescription": "The visibility of the printing table overflow across pages.", + "title": "VerticalOverflowVisibility", "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the Multi-Region Access Point.", - "title": "Name", - "type": "string" - }, - "PublicAccessBlockConfiguration": { - "$ref": "#/definitions/AWS::S3::MultiRegionAccessPoint.PublicAccessBlockConfiguration", - "markdownDescription": "The PublicAccessBlock configuration that you want to apply to this Multi-Region Access Point. You can enable the configuration options in any combination. For more information about when Amazon S3 considers an object public, see [The Meaning of \"Public\"](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status) in the *Amazon S3 User Guide* .", - "title": "PublicAccessBlockConfiguration" - }, - "Regions": { - "items": { - "$ref": "#/definitions/AWS::S3::MultiRegionAccessPoint.Region" - }, - "markdownDescription": "A collection of the Regions and buckets associated with the Multi-Region Access Point.", - "title": "Regions", - "type": "array" - } - }, - "required": [ - "Regions" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::S3::MultiRegionAccessPoint" - ], + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotTableRowsLabelOptions": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The custom label string for the rows label.", + "title": "CustomLabel", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Visibility": { + "markdownDescription": "The visibility of the rows label.", + "title": "Visibility", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::S3::MultiRegionAccessPoint.PublicAccessBlockConfiguration": { + "AWS::QuickSight::Dashboard.PivotTableSortBy": { "additionalProperties": false, "properties": { - "BlockPublicAcls": { - "markdownDescription": "Specifies whether Amazon S3 should block public access control lists (ACLs) for this bucket and objects in this bucket. Setting this element to `TRUE` causes the following behavior:\n\n- PUT Bucket ACL and PUT Object ACL calls fail if the specified ACL is public.\n- PUT Object calls fail if the request includes a public ACL.\n- PUT Bucket calls fail if the request includes a public ACL.\n\nEnabling this setting doesn't affect existing policies or ACLs.", - "title": "BlockPublicAcls", - "type": "boolean" - }, - "BlockPublicPolicy": { - "markdownDescription": "Specifies whether Amazon S3 should block public bucket policies for this bucket. Setting this element to `TRUE` causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.\n\nEnabling this setting doesn't affect existing bucket policies.", - "title": "BlockPublicPolicy", - "type": "boolean" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnSort", + "markdownDescription": "The column sort (field id, direction) for the pivot table sort by options.", + "title": "Column" }, - "IgnorePublicAcls": { - "markdownDescription": "Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects in this bucket. Setting this element to `TRUE` causes Amazon S3 to ignore all public ACLs on this bucket and objects in this bucket.\n\nEnabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.", - "title": "IgnorePublicAcls", - "type": "boolean" + "DataPath": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathSort", + "markdownDescription": "The data path sort (data path value, direction) for the pivot table sort by options.", + "title": "DataPath" }, - "RestrictPublicBuckets": { - "markdownDescription": "Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to `TRUE` restricts access to this bucket to only AWS service principals and authorized users within this account if the bucket has a public policy.\n\nEnabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.", - "title": "RestrictPublicBuckets", - "type": "boolean" + "Field": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSort", + "markdownDescription": "The field sort (field id, direction) for the pivot table sort by options.", + "title": "Field" } }, "type": "object" }, - "AWS::S3::MultiRegionAccessPoint.Region": { + "AWS::QuickSight::Dashboard.PivotTableSortConfiguration": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The name of the associated bucket for the Region.", - "title": "Bucket", - "type": "string" + "FieldSortOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotFieldSortOptions" + }, + "markdownDescription": "The field sort options for a pivot table sort configuration.", + "title": "FieldSortOptions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotTableTotalOptions": { + "additionalProperties": false, + "properties": { + "ColumnSubtotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SubtotalOptions", + "markdownDescription": "The column subtotal options.", + "title": "ColumnSubtotalOptions" }, - "BucketAccountId": { - "markdownDescription": "The AWS account ID that owns the Amazon S3 bucket that's associated with this Multi-Region Access Point.", - "title": "BucketAccountId", - "type": "string" + "ColumnTotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTotalOptions", + "markdownDescription": "The column total options.", + "title": "ColumnTotalOptions" + }, + "RowSubtotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SubtotalOptions", + "markdownDescription": "The row subtotal options.", + "title": "RowSubtotalOptions" + }, + "RowTotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTotalOptions", + "markdownDescription": "The row total options.", + "title": "RowTotalOptions" } }, - "required": [ - "Bucket" - ], "type": "object" }, - "AWS::S3::MultiRegionAccessPointPolicy": { + "AWS::QuickSight::Dashboard.PivotTableVisual": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ConditionalFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableConditionalFormatting", + "markdownDescription": "The conditional formatting for a `PivotTableVisual` .", + "title": "ConditionalFormatting" }, - "Metadata": { - "type": "object" + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" }, - "Properties": { - "additionalProperties": false, - "properties": { - "MrapName": { - "markdownDescription": "The name of the Multi-Region Access Point.", - "title": "MrapName", - "type": "string" - }, - "Policy": { - "markdownDescription": "The access policy associated with the Multi-Region Access Point.", - "title": "Policy", - "type": "object" - } - }, - "required": [ - "MrapName", - "Policy" - ], - "type": "object" + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" }, - "Type": { - "enum": [ - "AWS::S3::MultiRegionAccessPointPolicy" - ], + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", "type": "string" } }, "required": [ - "Type", - "Properties" + "VisualId" ], "type": "object" }, - "AWS::S3::MultiRegionAccessPointPolicy.PolicyStatus": { + "AWS::QuickSight::Dashboard.PivotTotalOptions": { "additionalProperties": false, "properties": { - "IsPublic": { - "markdownDescription": "The policy status for this bucket. `TRUE` indicates that this bucket is public. `FALSE` indicates that the bucket is not public.", - "title": "IsPublic", + "CustomLabel": { + "markdownDescription": "The custom label string for the total cells.", + "title": "CustomLabel", + "type": "string" + }, + "MetricHeaderCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", + "markdownDescription": "The cell styling options for the total of header cells.", + "title": "MetricHeaderCellStyle" + }, + "Placement": { + "markdownDescription": "The placement (start, end) for the total cells.", + "title": "Placement", + "type": "string" + }, + "ScrollStatus": { + "markdownDescription": "The scroll status (pinned, scrolled) for the total cells.", + "title": "ScrollStatus", + "type": "string" + }, + "TotalAggregationOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TotalAggregationOption" + }, + "markdownDescription": "The total aggregation options for each value field.", + "title": "TotalAggregationOptions", + "type": "array" + }, + "TotalCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", + "markdownDescription": "The cell styling options for the total cells.", + "title": "TotalCellStyle" + }, + "TotalsVisibility": { + "markdownDescription": "The visibility configuration for the total cells.", + "title": "TotalsVisibility", "type": "string" + }, + "ValueCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", + "markdownDescription": "The cell styling options for the totals of value cells.", + "title": "ValueCellStyle" } }, - "required": [ - "IsPublic" - ], "type": "object" }, - "AWS::S3::StorageLens": { + "AWS::QuickSight::Dashboard.PluginVisual": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PluginVisualConfiguration", + "markdownDescription": "A description of the plugin field wells and their persisted properties.", + "title": "ChartConfiguration" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "PluginArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that reflects the plugin and version.", + "title": "PluginArn", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "", + "title": "Subtitle" }, - "Properties": { - "additionalProperties": false, - "properties": { - "StorageLensConfiguration": { - "$ref": "#/definitions/AWS::S3::StorageLens.StorageLensConfiguration", - "markdownDescription": "This resource contains the details Amazon S3 Storage Lens configuration.", - "title": "StorageLensConfiguration" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A set of tags (key\u2013value pairs) to associate with the Storage Lens configuration.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "StorageLensConfiguration" - ], - "type": "object" + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "", + "title": "Title" }, - "Type": { - "enum": [ - "AWS::S3::StorageLens" - ], + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VisualId": { + "markdownDescription": "The ID of the visual that you want to use.", + "title": "VisualId", "type": "string" } }, "required": [ - "Type", - "Properties" + "PluginArn", + "VisualId" ], "type": "object" }, - "AWS::S3::StorageLens.AccountLevel": { + "AWS::QuickSight::Dashboard.PluginVisualConfiguration": { "additionalProperties": false, "properties": { - "ActivityMetrics": { - "$ref": "#/definitions/AWS::S3::StorageLens.ActivityMetrics", - "markdownDescription": "This property contains the details of account-level activity metrics for S3 Storage Lens.", - "title": "ActivityMetrics" + "FieldWells": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PluginVisualFieldWell" + }, + "markdownDescription": "The field wells configuration of the plugin visual.", + "title": "FieldWells", + "type": "array" }, - "AdvancedCostOptimizationMetrics": { - "$ref": "#/definitions/AWS::S3::StorageLens.AdvancedCostOptimizationMetrics", - "markdownDescription": "This property contains the details of account-level advanced cost optimization metrics for S3 Storage Lens.", - "title": "AdvancedCostOptimizationMetrics" + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PluginVisualSortConfiguration", + "markdownDescription": "The sort configuration of the plugin visual.", + "title": "SortConfiguration" }, - "AdvancedDataProtectionMetrics": { - "$ref": "#/definitions/AWS::S3::StorageLens.AdvancedDataProtectionMetrics", - "markdownDescription": "This property contains the details of account-level advanced data protection metrics for S3 Storage Lens.", - "title": "AdvancedDataProtectionMetrics" + "VisualOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PluginVisualOptions", + "markdownDescription": "The persisted properties of the plugin visual.", + "title": "VisualOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PluginVisualFieldWell": { + "additionalProperties": false, + "properties": { + "AxisName": { + "markdownDescription": "The semantic axis name for the field well.", + "title": "AxisName", + "type": "string" }, - "BucketLevel": { - "$ref": "#/definitions/AWS::S3::StorageLens.BucketLevel", - "markdownDescription": "This property contains the details of the account-level bucket-level configurations for Amazon S3 Storage Lens. To enable bucket-level configurations, make sure to also set the same metrics at the account level.", - "title": "BucketLevel" + "Dimensions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "A list of dimensions for the field well.", + "title": "Dimensions", + "type": "array" }, - "DetailedStatusCodesMetrics": { - "$ref": "#/definitions/AWS::S3::StorageLens.DetailedStatusCodesMetrics", - "markdownDescription": "This property contains the details of account-level detailed status code metrics for S3 Storage Lens.", - "title": "DetailedStatusCodesMetrics" + "Measures": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "A list of measures that exist in the field well.", + "title": "Measures", + "type": "array" }, - "StorageLensGroupLevel": { - "$ref": "#/definitions/AWS::S3::StorageLens.StorageLensGroupLevel", - "markdownDescription": "This property determines the scope of Storage Lens group data that is displayed in the Storage Lens dashboard.", - "title": "StorageLensGroupLevel" + "Unaggregated": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.UnaggregatedField" + }, + "markdownDescription": "A list of unaggregated fields that exist in the field well.", + "title": "Unaggregated", + "type": "array" } }, - "required": [ - "BucketLevel" - ], "type": "object" }, - "AWS::S3::StorageLens.ActivityMetrics": { + "AWS::QuickSight::Dashboard.PluginVisualItemsLimitConfiguration": { "additionalProperties": false, "properties": { - "IsEnabled": { - "markdownDescription": "A property that indicates whether the activity metrics is enabled.", - "title": "IsEnabled", - "type": "boolean" + "ItemsLimit": { + "markdownDescription": "Determines how many values are be fetched at once.", + "title": "ItemsLimit", + "type": "number" } }, "type": "object" }, - "AWS::S3::StorageLens.AdvancedCostOptimizationMetrics": { + "AWS::QuickSight::Dashboard.PluginVisualOptions": { "additionalProperties": false, "properties": { - "IsEnabled": { - "markdownDescription": "Indicates whether advanced cost optimization metrics are enabled.", - "title": "IsEnabled", - "type": "boolean" + "VisualProperties": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PluginVisualProperty" + }, + "markdownDescription": "The persisted properties and their values.", + "title": "VisualProperties", + "type": "array" } }, "type": "object" }, - "AWS::S3::StorageLens.AdvancedDataProtectionMetrics": { + "AWS::QuickSight::Dashboard.PluginVisualProperty": { "additionalProperties": false, "properties": { - "IsEnabled": { - "markdownDescription": "Indicates whether advanced data protection metrics are enabled.", - "title": "IsEnabled", - "type": "boolean" + "Name": { + "markdownDescription": "The name of the plugin visual property.", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the plugin visual property.", + "title": "Value", + "type": "string" } }, "type": "object" }, - "AWS::S3::StorageLens.AwsOrg": { + "AWS::QuickSight::Dashboard.PluginVisualSortConfiguration": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "This resource contains the ARN of the AWS Organization.", - "title": "Arn", - "type": "string" + "PluginVisualTableQuerySort": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PluginVisualTableQuerySort", + "markdownDescription": "The table query sorting options for the plugin visual.", + "title": "PluginVisualTableQuerySort" } }, - "required": [ - "Arn" - ], "type": "object" }, - "AWS::S3::StorageLens.BucketLevel": { + "AWS::QuickSight::Dashboard.PluginVisualTableQuerySort": { "additionalProperties": false, "properties": { - "ActivityMetrics": { - "$ref": "#/definitions/AWS::S3::StorageLens.ActivityMetrics", - "markdownDescription": "A property for bucket-level activity metrics for S3 Storage Lens.", - "title": "ActivityMetrics" - }, - "AdvancedCostOptimizationMetrics": { - "$ref": "#/definitions/AWS::S3::StorageLens.AdvancedCostOptimizationMetrics", - "markdownDescription": "A property for bucket-level advanced cost optimization metrics for S3 Storage Lens.", - "title": "AdvancedCostOptimizationMetrics" - }, - "AdvancedDataProtectionMetrics": { - "$ref": "#/definitions/AWS::S3::StorageLens.AdvancedDataProtectionMetrics", - "markdownDescription": "A property for bucket-level advanced data protection metrics for S3 Storage Lens.", - "title": "AdvancedDataProtectionMetrics" - }, - "DetailedStatusCodesMetrics": { - "$ref": "#/definitions/AWS::S3::StorageLens.DetailedStatusCodesMetrics", - "markdownDescription": "A property for bucket-level detailed status code metrics for S3 Storage Lens.", - "title": "DetailedStatusCodesMetrics" + "ItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PluginVisualItemsLimitConfiguration", + "markdownDescription": "The maximum amount of data to be returned by a query.", + "title": "ItemsLimitConfiguration" }, - "PrefixLevel": { - "$ref": "#/definitions/AWS::S3::StorageLens.PrefixLevel", - "markdownDescription": "A property for bucket-level prefix-level storage metrics for S3 Storage Lens.", - "title": "PrefixLevel" + "RowSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "Determines how data is sorted in the response.", + "title": "RowSort", + "type": "array" } }, "type": "object" }, - "AWS::S3::StorageLens.BucketsAndRegions": { + "AWS::QuickSight::Dashboard.PredefinedHierarchy": { "additionalProperties": false, "properties": { - "Buckets": { + "Columns": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier" }, - "markdownDescription": "This property contains the details of the buckets for the Amazon S3 Storage Lens configuration. This should be the bucket Amazon Resource Name(ARN). For valid values, see [Buckets ARN format here](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_Include.html#API_control_Include_Contents) in the *Amazon S3 API Reference* .", - "title": "Buckets", + "markdownDescription": "The list of columns that define the predefined hierarchy.", + "title": "Columns", "type": "array" }, - "Regions": { + "DrillDownFilters": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DrillDownFilter" }, - "markdownDescription": "This property contains the details of the Regions for the S3 Storage Lens configuration.", - "title": "Regions", + "markdownDescription": "The option that determines the drill down filters for the predefined hierarchy.", + "title": "DrillDownFilters", "type": "array" + }, + "HierarchyId": { + "markdownDescription": "The hierarchy ID of the predefined hierarchy.", + "title": "HierarchyId", + "type": "string" } }, + "required": [ + "Columns", + "HierarchyId" + ], "type": "object" }, - "AWS::S3::StorageLens.CloudWatchMetrics": { + "AWS::QuickSight::Dashboard.ProgressBarOptions": { "additionalProperties": false, "properties": { - "IsEnabled": { - "markdownDescription": "This property identifies whether the CloudWatch publishing option for S3 Storage Lens is enabled.", - "title": "IsEnabled", - "type": "boolean" + "Visibility": { + "markdownDescription": "The visibility of the progress bar.", + "title": "Visibility", + "type": "string" } }, - "required": [ - "IsEnabled" - ], "type": "object" }, - "AWS::S3::StorageLens.DataExport": { + "AWS::QuickSight::Dashboard.RadarChartAggregatedFieldWells": { "additionalProperties": false, "properties": { - "CloudWatchMetrics": { - "$ref": "#/definitions/AWS::S3::StorageLens.CloudWatchMetrics", - "markdownDescription": "This property enables the Amazon CloudWatch publishing option for S3 Storage Lens metrics.", - "title": "CloudWatchMetrics" + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The aggregated field well categories of a radar chart.", + "title": "Category", + "type": "array" }, - "S3BucketDestination": { - "$ref": "#/definitions/AWS::S3::StorageLens.S3BucketDestination", - "markdownDescription": "This property contains the details of the bucket where the S3 Storage Lens metrics export will be placed.", - "title": "S3BucketDestination" + "Color": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The color that are assigned to the aggregated field wells of a radar chart.", + "title": "Color", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The values that are assigned to the aggregated field wells of a radar chart.", + "title": "Values", + "type": "array" } }, "type": "object" }, - "AWS::S3::StorageLens.DetailedStatusCodesMetrics": { + "AWS::QuickSight::Dashboard.RadarChartAreaStyleSettings": { "additionalProperties": false, "properties": { - "IsEnabled": { - "markdownDescription": "Indicates whether detailed status code metrics are enabled.", - "title": "IsEnabled", - "type": "boolean" + "Visibility": { + "markdownDescription": "The visibility settings of a radar chart.", + "title": "Visibility", + "type": "string" } }, "type": "object" }, - "AWS::S3::StorageLens.Encryption": { + "AWS::QuickSight::Dashboard.RadarChartConfiguration": { "additionalProperties": false, "properties": { - "SSEKMS": { - "$ref": "#/definitions/AWS::S3::StorageLens.SSEKMS", - "markdownDescription": "Specifies the use of AWS Key Management Service keys (SSE-KMS) to encrypt the S3 Storage Lens metrics export file.", - "title": "SSEKMS" + "AlternateBandColorsVisibility": { + "markdownDescription": "Determines the visibility of the colors of alternatign bands in a radar chart.", + "title": "AlternateBandColorsVisibility", + "type": "string" }, - "SSES3": { - "markdownDescription": "Specifies the use of an Amazon S3-managed key (SSE-S3) to encrypt the S3 Storage Lens metrics export file.", - "title": "SSES3", - "type": "object" + "AlternateBandEvenColor": { + "markdownDescription": "The color of the even-numbered alternate bands of a radar chart.", + "title": "AlternateBandEvenColor", + "type": "string" + }, + "AlternateBandOddColor": { + "markdownDescription": "The color of the odd-numbered alternate bands of a radar chart.", + "title": "AlternateBandOddColor", + "type": "string" + }, + "AxesRangeScale": { + "markdownDescription": "The axis behavior options of a radar chart.", + "title": "AxesRangeScale", + "type": "string" + }, + "BaseSeriesSettings": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartSeriesSettings", + "markdownDescription": "The base sreies settings of a radar chart.", + "title": "BaseSeriesSettings" + }, + "CategoryAxis": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The category axis of a radar chart.", + "title": "CategoryAxis" + }, + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The category label options of a radar chart.", + "title": "CategoryLabelOptions" + }, + "ColorAxis": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The color axis of a radar chart.", + "title": "ColorAxis" + }, + "ColorLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The color label options of a radar chart.", + "title": "ColorLabelOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartFieldWells", + "markdownDescription": "The field well configuration of a `RadarChartVisual` .", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "Shape": { + "markdownDescription": "The shape of the radar chart.", + "title": "Shape", + "type": "string" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartSortConfiguration", + "markdownDescription": "The sort configuration of a `RadarChartVisual` .", + "title": "SortConfiguration" + }, + "StartAngle": { + "markdownDescription": "The start angle of a radar chart's axis.", + "title": "StartAngle", + "type": "number" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" } }, "type": "object" }, - "AWS::S3::StorageLens.PrefixLevel": { + "AWS::QuickSight::Dashboard.RadarChartFieldWells": { "additionalProperties": false, "properties": { - "StorageMetrics": { - "$ref": "#/definitions/AWS::S3::StorageLens.PrefixLevelStorageMetrics", - "markdownDescription": "A property for the prefix-level storage metrics for Amazon S3 Storage Lens.", - "title": "StorageMetrics" + "RadarChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a radar chart visual.", + "title": "RadarChartAggregatedFieldWells" } }, - "required": [ - "StorageMetrics" - ], "type": "object" }, - "AWS::S3::StorageLens.PrefixLevelStorageMetrics": { + "AWS::QuickSight::Dashboard.RadarChartSeriesSettings": { "additionalProperties": false, "properties": { - "IsEnabled": { - "markdownDescription": "This property identifies whether the details of the prefix-level storage metrics for S3 Storage Lens are enabled.", - "title": "IsEnabled", - "type": "boolean" - }, - "SelectionCriteria": { - "$ref": "#/definitions/AWS::S3::StorageLens.SelectionCriteria", - "markdownDescription": "This property identifies whether the details of the prefix-level storage metrics for S3 Storage Lens are enabled.", - "title": "SelectionCriteria" + "AreaStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartAreaStyleSettings", + "markdownDescription": "The area style settings of a radar chart.", + "title": "AreaStyleSettings" } }, "type": "object" }, - "AWS::S3::StorageLens.S3BucketDestination": { + "AWS::QuickSight::Dashboard.RadarChartSortConfiguration": { "additionalProperties": false, "properties": { - "AccountId": { - "markdownDescription": "This property contains the details of the AWS account ID of the S3 Storage Lens export bucket destination.", - "title": "AccountId", - "type": "string" - }, - "Arn": { - "markdownDescription": "This property contains the details of the ARN of the bucket destination of the S3 Storage Lens export.", - "title": "Arn", - "type": "string" + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The category items limit for a radar chart.", + "title": "CategoryItemsLimit" }, - "Encryption": { - "$ref": "#/definitions/AWS::S3::StorageLens.Encryption", - "markdownDescription": "This property contains the details of the encryption of the bucket destination of the Amazon S3 Storage Lens metrics export.", - "title": "Encryption" + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The category sort options of a radar chart.", + "title": "CategorySort", + "type": "array" }, - "Format": { - "markdownDescription": "This property contains the details of the format of the S3 Storage Lens export bucket destination.", - "title": "Format", - "type": "string" + "ColorItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The color items limit of a radar chart.", + "title": "ColorItemsLimit" }, - "OutputSchemaVersion": { - "markdownDescription": "This property contains the details of the output schema version of the S3 Storage Lens export bucket destination.", - "title": "OutputSchemaVersion", - "type": "string" - }, - "Prefix": { - "markdownDescription": "This property contains the details of the prefix of the bucket destination of the S3 Storage Lens export .", - "title": "Prefix", - "type": "string" + "ColorSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The color sort configuration of a radar chart.", + "title": "ColorSort", + "type": "array" } }, - "required": [ - "AccountId", - "Arn", - "Format", - "OutputSchemaVersion" - ], "type": "object" }, - "AWS::S3::StorageLens.SSEKMS": { + "AWS::QuickSight::Dashboard.RadarChartVisual": { "additionalProperties": false, "properties": { - "KeyId": { - "markdownDescription": "Specifies the Amazon Resource Name (ARN) of the customer managed AWS KMS key to use for encrypting the S3 Storage Lens metrics export file. Amazon S3 only supports symmetric encryption keys. For more information, see [Special-purpose keys](https://docs.aws.amazon.com/kms/latest/developerguide/key-types.html) in the *AWS Key Management Service Developer Guide* .", - "title": "KeyId", + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", "type": "string" } }, "required": [ - "KeyId" + "VisualId" ], "type": "object" }, - "AWS::S3::StorageLens.SelectionCriteria": { + "AWS::QuickSight::Dashboard.RangeEndsLabelType": { "additionalProperties": false, "properties": { - "Delimiter": { - "markdownDescription": "This property contains the details of the S3 Storage Lens delimiter being used.", - "title": "Delimiter", + "Visibility": { + "markdownDescription": "The visibility of the range ends label.", + "title": "Visibility", "type": "string" - }, - "MaxDepth": { - "markdownDescription": "This property contains the details of the max depth that S3 Storage Lens will collect metrics up to.", - "title": "MaxDepth", - "type": "number" - }, - "MinStorageBytesPercentage": { - "markdownDescription": "This property contains the details of the minimum storage bytes percentage threshold that S3 Storage Lens will collect metrics up to.", - "title": "MinStorageBytesPercentage", - "type": "number" } }, "type": "object" }, - "AWS::S3::StorageLens.StorageLensConfiguration": { + "AWS::QuickSight::Dashboard.ReferenceLine": { "additionalProperties": false, "properties": { - "AccountLevel": { - "$ref": "#/definitions/AWS::S3::StorageLens.AccountLevel", - "markdownDescription": "This property contains the details of the account-level metrics for Amazon S3 Storage Lens configuration.", - "title": "AccountLevel" - }, - "AwsOrg": { - "$ref": "#/definitions/AWS::S3::StorageLens.AwsOrg", - "markdownDescription": "This property contains the details of the AWS Organization for the S3 Storage Lens configuration.", - "title": "AwsOrg" - }, - "DataExport": { - "$ref": "#/definitions/AWS::S3::StorageLens.DataExport", - "markdownDescription": "This property contains the details of this S3 Storage Lens configuration's metrics export.", - "title": "DataExport" + "DataConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineDataConfiguration", + "markdownDescription": "The data configuration of the reference line.", + "title": "DataConfiguration" }, - "Exclude": { - "$ref": "#/definitions/AWS::S3::StorageLens.BucketsAndRegions", - "markdownDescription": "This property contains the details of the bucket and or Regions excluded for Amazon S3 Storage Lens configuration.", - "title": "Exclude" + "LabelConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineLabelConfiguration", + "markdownDescription": "The label configuration of the reference line.", + "title": "LabelConfiguration" }, - "Id": { - "markdownDescription": "This property contains the details of the ID of the S3 Storage Lens configuration.", - "title": "Id", + "Status": { + "markdownDescription": "The status of the reference line. Choose one of the following options:\n\n- `ENABLE`\n- `DISABLE`", + "title": "Status", "type": "string" }, - "Include": { - "$ref": "#/definitions/AWS::S3::StorageLens.BucketsAndRegions", - "markdownDescription": "This property contains the details of the bucket and or Regions included for Amazon S3 Storage Lens configuration.", - "title": "Include" - }, - "IsEnabled": { - "markdownDescription": "This property contains the details of whether the Amazon S3 Storage Lens configuration is enabled.", - "title": "IsEnabled", - "type": "boolean" - }, - "StorageLensArn": { - "markdownDescription": "This property contains the details of the ARN of the S3 Storage Lens configuration. This property is read-only.", - "title": "StorageLensArn", - "type": "string" + "StyleConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineStyleConfiguration", + "markdownDescription": "The style configuration of the reference line.", + "title": "StyleConfiguration" } }, "required": [ - "AccountLevel", - "Id", - "IsEnabled" + "DataConfiguration" ], "type": "object" }, - "AWS::S3::StorageLens.StorageLensGroupLevel": { - "additionalProperties": false, - "properties": { - "StorageLensGroupSelectionCriteria": { - "$ref": "#/definitions/AWS::S3::StorageLens.StorageLensGroupSelectionCriteria", - "markdownDescription": "This property indicates which Storage Lens group ARNs to include or exclude in the Storage Lens group aggregation. If this value is left null, then all Storage Lens groups are selected.", - "title": "StorageLensGroupSelectionCriteria" - } - }, - "type": "object" - }, - "AWS::S3::StorageLens.StorageLensGroupSelectionCriteria": { + "AWS::QuickSight::Dashboard.ReferenceLineCustomLabelConfiguration": { "additionalProperties": false, "properties": { - "Exclude": { - "items": { - "type": "string" - }, - "markdownDescription": "This property indicates which Storage Lens group ARNs to exclude from the Storage Lens group aggregation.", - "title": "Exclude", - "type": "array" - }, - "Include": { - "items": { - "type": "string" - }, - "markdownDescription": "This property indicates which Storage Lens group ARNs to include in the Storage Lens group aggregation.", - "title": "Include", - "type": "array" + "CustomLabel": { + "markdownDescription": "The string text of the custom label.", + "title": "CustomLabel", + "type": "string" } }, + "required": [ + "CustomLabel" + ], "type": "object" }, - "AWS::S3::StorageLensGroup": { + "AWS::QuickSight::Dashboard.ReferenceLineDataConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "AxisBinding": { + "markdownDescription": "The axis binding type of the reference line. Choose one of the following options:\n\n- `PrimaryY`\n- `SecondaryY`", + "title": "AxisBinding", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Filter": { - "$ref": "#/definitions/AWS::S3::StorageLensGroup.Filter", - "markdownDescription": "This property contains the criteria for the Storage Lens group data that is displayed", - "title": "Filter" - }, - "Name": { - "markdownDescription": "This property contains the Storage Lens group name.", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "This property contains the AWS resource tags that you're adding to your Storage Lens group. This parameter is optional.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Filter", - "Name" - ], - "type": "object" + "DynamicConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineDynamicDataConfiguration", + "markdownDescription": "The dynamic configuration of the reference line data configuration.", + "title": "DynamicConfiguration" }, - "Type": { - "enum": [ - "AWS::S3::StorageLensGroup" - ], + "SeriesType": { + "markdownDescription": "The series type of the reference line data configuration. Choose one of the following options:\n\n- `BAR`\n- `LINE`", + "title": "SeriesType", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "StaticConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineStaticDataConfiguration", + "markdownDescription": "The static data configuration of the reference line data configuration.", + "title": "StaticConfiguration" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::S3::StorageLensGroup.And": { + "AWS::QuickSight::Dashboard.ReferenceLineDynamicDataConfiguration": { "additionalProperties": false, "properties": { - "MatchAnyPrefix": { - "items": { - "type": "string" - }, - "markdownDescription": "This property contains a list of prefixes. At least one prefix must be specified. Up to 10 prefixes are allowed.", - "title": "MatchAnyPrefix", - "type": "array" - }, - "MatchAnySuffix": { - "items": { - "type": "string" - }, - "markdownDescription": "This property contains a list of suffixes. At least one suffix must be specified. Up to 10 suffixes are allowed.", - "title": "MatchAnySuffix", - "type": "array" - }, - "MatchAnyTag": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "This property contains the list of object tags. At least one object tag must be specified. Up to 10 object tags are allowed.", - "title": "MatchAnyTag", - "type": "array" + "Calculation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericalAggregationFunction", + "markdownDescription": "The calculation that is used in the dynamic data.", + "title": "Calculation" }, - "MatchObjectAge": { - "$ref": "#/definitions/AWS::S3::StorageLensGroup.MatchObjectAge", - "markdownDescription": "This property contains `DaysGreaterThan` and `DaysLessThan` properties to define the object age range (minimum and maximum number of days).", - "title": "MatchObjectAge" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that the dynamic data targets.", + "title": "Column" }, - "MatchObjectSize": { - "$ref": "#/definitions/AWS::S3::StorageLensGroup.MatchObjectSize", - "markdownDescription": "This property contains `BytesGreaterThan` and `BytesLessThan` to define the object size range (minimum and maximum number of Bytes).", - "title": "MatchObjectSize" + "MeasureAggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationFunction", + "markdownDescription": "The aggregation function that is used in the dynamic data.", + "title": "MeasureAggregationFunction" } }, + "required": [ + "Calculation", + "Column" + ], "type": "object" }, - "AWS::S3::StorageLensGroup.Filter": { + "AWS::QuickSight::Dashboard.ReferenceLineLabelConfiguration": { "additionalProperties": false, "properties": { - "And": { - "$ref": "#/definitions/AWS::S3::StorageLensGroup.And", - "markdownDescription": "This property contains the `And` logical operator, which allows multiple filter conditions to be joined for more complex comparisons of Storage Lens group data. Objects must match all of the listed filter conditions that are joined by the `And` logical operator. Only one of each filter condition is allowed.", - "title": "And" - }, - "MatchAnyPrefix": { - "items": { - "type": "string" - }, - "markdownDescription": "This property contains a list of prefixes. At least one prefix must be specified. Up to 10 prefixes are allowed.", - "title": "MatchAnyPrefix", - "type": "array" + "CustomLabelConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineCustomLabelConfiguration", + "markdownDescription": "The custom label configuration of the label in a reference line.", + "title": "CustomLabelConfiguration" }, - "MatchAnySuffix": { - "items": { - "type": "string" - }, - "markdownDescription": "This property contains a list of suffixes. At least one suffix must be specified. Up to 10 suffixes are allowed.", - "title": "MatchAnySuffix", - "type": "array" + "FontColor": { + "markdownDescription": "The font color configuration of the label in a reference line.", + "title": "FontColor", + "type": "string" }, - "MatchAnyTag": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "This property contains the list of S3 object tags. At least one object tag must be specified. Up to 10 object tags are allowed.", - "title": "MatchAnyTag", - "type": "array" + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", + "markdownDescription": "The font configuration of the label in a reference line.", + "title": "FontConfiguration" }, - "MatchObjectAge": { - "$ref": "#/definitions/AWS::S3::StorageLensGroup.MatchObjectAge", - "markdownDescription": "This property contains `DaysGreaterThan` and `DaysLessThan` to define the object age range (minimum and maximum number of days).", - "title": "MatchObjectAge" + "HorizontalPosition": { + "markdownDescription": "The horizontal position configuration of the label in a reference line. Choose one of the following options:\n\n- `LEFT`\n- `CENTER`\n- `RIGHT`", + "title": "HorizontalPosition", + "type": "string" }, - "MatchObjectSize": { - "$ref": "#/definitions/AWS::S3::StorageLensGroup.MatchObjectSize", - "markdownDescription": "This property contains `BytesGreaterThan` and `BytesLessThan` to define the object size range (minimum and maximum number of Bytes).", - "title": "MatchObjectSize" + "ValueLabelConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineValueLabelConfiguration", + "markdownDescription": "The value label configuration of the label in a reference line.", + "title": "ValueLabelConfiguration" }, - "Or": { - "$ref": "#/definitions/AWS::S3::StorageLensGroup.Or", - "markdownDescription": "This property contains the `Or` logical operator, which allows multiple filter conditions to be joined. Objects can match any of the listed filter conditions, which are joined by the `Or` logical operator. Only one of each filter condition is allowed.", - "title": "Or" + "VerticalPosition": { + "markdownDescription": "The vertical position configuration of the label in a reference line. Choose one of the following options:\n\n- `ABOVE`\n- `BELOW`", + "title": "VerticalPosition", + "type": "string" } }, "type": "object" }, - "AWS::S3::StorageLensGroup.MatchObjectAge": { + "AWS::QuickSight::Dashboard.ReferenceLineStaticDataConfiguration": { "additionalProperties": false, "properties": { - "DaysGreaterThan": { - "markdownDescription": "This property indicates the minimum object age in days.", - "title": "DaysGreaterThan", - "type": "number" - }, - "DaysLessThan": { - "markdownDescription": "This property indicates the maximum object age in days.", - "title": "DaysLessThan", + "Value": { + "markdownDescription": "The double input of the static data.", + "title": "Value", "type": "number" } }, + "required": [ + "Value" + ], "type": "object" }, - "AWS::S3::StorageLensGroup.MatchObjectSize": { + "AWS::QuickSight::Dashboard.ReferenceLineStyleConfiguration": { "additionalProperties": false, "properties": { - "BytesGreaterThan": { - "markdownDescription": "This property specifies the minimum object size in bytes. The value must be a positive number, greater than 0 and less than 5 TB.", - "title": "BytesGreaterThan", - "type": "number" + "Color": { + "markdownDescription": "The hex color of the reference line.", + "title": "Color", + "type": "string" }, - "BytesLessThan": { - "markdownDescription": "This property specifies the maximum object size in bytes. The value must be a positive number, greater than the minimum object size and less than 5 TB.", - "title": "BytesLessThan", - "type": "number" + "Pattern": { + "markdownDescription": "The pattern type of the line style. Choose one of the following options:\n\n- `SOLID`\n- `DASHED`\n- `DOTTED`", + "title": "Pattern", + "type": "string" } }, "type": "object" }, - "AWS::S3::StorageLensGroup.Or": { + "AWS::QuickSight::Dashboard.ReferenceLineValueLabelConfiguration": { "additionalProperties": false, "properties": { - "MatchAnyPrefix": { - "items": { - "type": "string" - }, - "markdownDescription": "This property contains a list of prefixes. At least one prefix must be specified. Up to 10 prefixes are allowed.", - "title": "MatchAnyPrefix", - "type": "array" - }, - "MatchAnySuffix": { - "items": { - "type": "string" - }, - "markdownDescription": "This property contains the list of suffixes. At least one suffix must be specified. Up to 10 suffixes are allowed.", - "title": "MatchAnySuffix", - "type": "array" - }, - "MatchAnyTag": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "This property contains the list of S3 object tags. At least one object tag must be specified. Up to 10 object tags are allowed.", - "title": "MatchAnyTag", - "type": "array" - }, - "MatchObjectAge": { - "$ref": "#/definitions/AWS::S3::StorageLensGroup.MatchObjectAge", - "markdownDescription": "This property filters objects that match the specified object age range.", - "title": "MatchObjectAge" + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericFormatConfiguration", + "markdownDescription": "The format configuration of the value label.", + "title": "FormatConfiguration" }, - "MatchObjectSize": { - "$ref": "#/definitions/AWS::S3::StorageLensGroup.MatchObjectSize", - "markdownDescription": "This property contains the `BytesGreaterThan` and `BytesLessThan` values to define the object size range (minimum and maximum number of Bytes).", - "title": "MatchObjectSize" + "RelativePosition": { + "markdownDescription": "The relative position of the value label. Choose one of the following options:\n\n- `BEFORE_CUSTOM_LABEL`\n- `AFTER_CUSTOM_LABEL`", + "title": "RelativePosition", + "type": "string" } }, "type": "object" }, - "AWS::S3Express::BucketPolicy": { + "AWS::QuickSight::Dashboard.RelativeDateTimeControlDisplayOptions": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DateTimeFormat": { + "markdownDescription": "Customize how dates are formatted in controls.", + "title": "DateTimeFormat", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Bucket": { - "markdownDescription": "The name of the S3 directory bucket to which the policy applies.", - "title": "Bucket", - "type": "string" - }, - "PolicyDocument": { - "markdownDescription": "A policy document containing permissions to add to the specified bucket. In IAM, you must provide policy documents in JSON format. However, in CloudFormation you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to IAM. For more information, see the AWS::IAM::Policy [PolicyDocument](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html#cfn-iam-policy-policydocument) resource description in this guide and [Policies and Permissions in Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-policy-language-overview.html) in the *Amazon S3 User Guide* .", - "title": "PolicyDocument", - "type": "object" - } - }, - "required": [ - "Bucket", - "PolicyDocument" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::S3Express::BucketPolicy" - ], - "type": "string" + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::S3Express::DirectoryBucket": { + "AWS::QuickSight::Dashboard.RelativeDatesFilter": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "AnchorDateConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AnchorDateConfiguration", + "markdownDescription": "The date configuration of the filter.", + "title": "AnchorDateConfiguration" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "ExcludePeriodConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ExcludePeriodConfiguration", + "markdownDescription": "The configuration for the exclude period of the filter.", + "title": "ExcludePeriodConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "MinimumGranularity": { + "markdownDescription": "The minimum granularity (period granularity) of the relative dates filter.", + "title": "MinimumGranularity", + "type": "string" }, - "Metadata": { - "type": "object" + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "BucketName": { - "markdownDescription": "A name for the bucket. The bucket name must contain only lowercase letters, numbers, and hyphens (-). A directory bucket name must be unique in the chosen Zone (Availability Zone or Local Zone). The bucket name must also follow the format `*bucket_base_name* -- *zone_id* --x-s3` (for example, `*bucket_base_name* -- *usw2-az1* --x-s3` ). If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the bucket name. For information about bucket naming restrictions, see [Directory bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) in the *Amazon S3 User Guide* .\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you need to replace the resource, specify a new name.", - "title": "BucketName", - "type": "string" - }, - "DataRedundancy": { - "markdownDescription": "The number of Zone (Availability Zone or Local Zone) that's used for redundancy for the bucket.", - "title": "DataRedundancy", - "type": "string" - }, - "LocationName": { - "markdownDescription": "The name of the location where the bucket will be created.\n\nFor directory buckets, the name of the location is the Zone ID of the Availability Zone (AZ) or Local Zone (LZ) where the bucket will be created. An example AZ ID value is `usw2-az1` .", - "title": "LocationName", - "type": "string" - } - }, - "required": [ - "DataRedundancy", - "LocationName" - ], - "type": "object" + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.", + "title": "ParameterName", + "type": "string" }, - "Type": { - "enum": [ - "AWS::S3Express::DirectoryBucket" - ], + "RelativeDateType": { + "markdownDescription": "The range date type of the filter. Choose one of the options below:\n\n- `PREVIOUS`\n- `THIS`\n- `LAST`\n- `NOW`\n- `NEXT`", + "title": "RelativeDateType", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "RelativeDateValue": { + "markdownDescription": "The date value of the filter.", + "title": "RelativeDateValue", + "type": "number" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", "type": "string" } }, "required": [ - "Type", - "Properties" + "AnchorDateConfiguration", + "Column", + "FilterId", + "NullOption", + "RelativeDateType", + "TimeGranularity" ], "type": "object" }, - "AWS::S3ObjectLambda::AccessPoint": { + "AWS::QuickSight::Dashboard.ResourcePermission": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of this access point.", - "title": "Name", - "type": "string" - }, - "ObjectLambdaConfiguration": { - "$ref": "#/definitions/AWS::S3ObjectLambda::AccessPoint.ObjectLambdaConfiguration", - "markdownDescription": "A configuration used when creating an Object Lambda Access Point.", - "title": "ObjectLambdaConfiguration" - } + "Actions": { + "items": { + "type": "string" }, - "required": [ - "ObjectLambdaConfiguration" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::S3ObjectLambda::AccessPoint" - ], - "type": "string" + "markdownDescription": "The IAM action to grant or revoke permissions on.", + "title": "Actions", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Principal": { + "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", + "title": "Principal", "type": "string" } }, "required": [ - "Type", - "Properties" + "Actions", + "Principal" ], "type": "object" }, - "AWS::S3ObjectLambda::AccessPoint.Alias": { + "AWS::QuickSight::Dashboard.RollingDateConfiguration": { "additionalProperties": false, "properties": { - "Status": { - "markdownDescription": "The status of the Object Lambda Access Point alias. If the status is `PROVISIONING` , the Object Lambda Access Point is provisioning the alias and the alias is not ready for use yet. If the status is `READY` , the Object Lambda Access Point alias is successfully provisioned and ready for use.", - "title": "Status", + "DataSetIdentifier": { + "markdownDescription": "The data set that is used in the rolling date configuration.", + "title": "DataSetIdentifier", "type": "string" }, - "Value": { - "markdownDescription": "The alias value of the Object Lambda Access Point.", - "title": "Value", + "Expression": { + "markdownDescription": "The expression of the rolling date configuration.", + "title": "Expression", "type": "string" } }, "required": [ - "Value" + "Expression" ], "type": "object" }, - "AWS::S3ObjectLambda::AccessPoint.AwsLambda": { + "AWS::QuickSight::Dashboard.RowAlternateColorOptions": { "additionalProperties": false, "properties": { - "FunctionArn": { - "markdownDescription": "", - "title": "FunctionArn", + "RowAlternateColors": { + "items": { + "type": "string" + }, + "markdownDescription": "Determines the list of row alternate colors.", + "title": "RowAlternateColors", + "type": "array" + }, + "Status": { + "markdownDescription": "Determines the widget status.", + "title": "Status", "type": "string" }, - "FunctionPayload": { - "markdownDescription": "", - "title": "FunctionPayload", + "UsePrimaryBackgroundColor": { + "markdownDescription": "The primary background color options for alternate rows.", + "title": "UsePrimaryBackgroundColor", "type": "string" } }, - "required": [ - "FunctionArn" - ], "type": "object" }, - "AWS::S3ObjectLambda::AccessPoint.ContentTransformation": { + "AWS::QuickSight::Dashboard.SameSheetTargetVisualConfiguration": { "additionalProperties": false, "properties": { - "AwsLambda": { - "$ref": "#/definitions/AWS::S3ObjectLambda::AccessPoint.AwsLambda", - "markdownDescription": "", - "title": "AwsLambda" + "TargetVisualOptions": { + "markdownDescription": "The options that choose the target visual in the same sheet.\n\nValid values are defined as follows:\n\n- `ALL_VISUALS` : Applies the filter operation to all visuals in the same sheet.", + "title": "TargetVisualOptions", + "type": "string" + }, + "TargetVisuals": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the target visual IDs that are located in the same sheet of the analysis.", + "title": "TargetVisuals", + "type": "array" } }, - "required": [ - "AwsLambda" - ], "type": "object" }, - "AWS::S3ObjectLambda::AccessPoint.ObjectLambdaConfiguration": { + "AWS::QuickSight::Dashboard.SankeyDiagramAggregatedFieldWells": { "additionalProperties": false, "properties": { - "AllowedFeatures": { + "Destination": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, - "markdownDescription": "A container for allowed features. Valid inputs are `GetObject-Range` , `GetObject-PartNumber` , `HeadObject-Range` , and `HeadObject-PartNumber` .", - "title": "AllowedFeatures", + "markdownDescription": "The destination field wells of a sankey diagram.", + "title": "Destination", "type": "array" }, - "CloudWatchMetricsEnabled": { - "markdownDescription": "A container for whether the CloudWatch metrics configuration is enabled.", - "title": "CloudWatchMetricsEnabled", - "type": "boolean" - }, - "SupportingAccessPoint": { - "markdownDescription": "Standard access point associated with the Object Lambda Access Point.", - "title": "SupportingAccessPoint", - "type": "string" + "Source": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The source field wells of a sankey diagram.", + "title": "Source", + "type": "array" }, - "TransformationConfigurations": { + "Weight": { "items": { - "$ref": "#/definitions/AWS::S3ObjectLambda::AccessPoint.TransformationConfiguration" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" }, - "markdownDescription": "A container for transformation configurations for an Object Lambda Access Point.", - "title": "TransformationConfigurations", + "markdownDescription": "The weight field wells of a sankey diagram.", + "title": "Weight", "type": "array" } }, - "required": [ - "SupportingAccessPoint", - "TransformationConfigurations" - ], "type": "object" }, - "AWS::S3ObjectLambda::AccessPoint.PublicAccessBlockConfiguration": { + "AWS::QuickSight::Dashboard.SankeyDiagramChartConfiguration": { "additionalProperties": false, "properties": { - "BlockPublicAcls": { - "markdownDescription": "Specifies whether Amazon S3 should block public access control lists (ACLs) for buckets in this account. Setting this element to `TRUE` causes the following behavior:\n\n- `PutBucketAcl` and `PutObjectAcl` calls fail if the specified ACL is public.\n- PUT Object calls fail if the request includes a public ACL.\n- PUT Bucket calls fail if the request includes a public ACL.\n\nEnabling this setting doesn't affect existing policies or ACLs.\n\nThis property is not supported for Amazon S3 on Outposts.", - "title": "BlockPublicAcls", - "type": "boolean" + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", + "markdownDescription": "The data label configuration of a sankey diagram.", + "title": "DataLabels" }, - "BlockPublicPolicy": { - "markdownDescription": "Specifies whether Amazon S3 should block public bucket policies for buckets in this account. Setting this element to `TRUE` causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.\n\nEnabling this setting doesn't affect existing bucket policies.\n\nThis property is not supported for Amazon S3 on Outposts.", - "title": "BlockPublicPolicy", - "type": "boolean" + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SankeyDiagramFieldWells", + "markdownDescription": "The field well configuration of a sankey diagram.", + "title": "FieldWells" }, - "IgnorePublicAcls": { - "markdownDescription": "Specifies whether Amazon S3 should ignore public ACLs for buckets in this account. Setting this element to `TRUE` causes Amazon S3 to ignore all public ACLs on buckets in this account and any objects that they contain.\n\nEnabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.\n\nThis property is not supported for Amazon S3 on Outposts.", - "title": "IgnorePublicAcls", - "type": "boolean" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" }, - "RestrictPublicBuckets": { - "markdownDescription": "Specifies whether Amazon S3 should restrict public bucket policies for buckets in this account. Setting this element to `TRUE` restricts access to buckets with public policies to only AWS service principals and authorized users within this account.\n\nEnabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.\n\nThis property is not supported for Amazon S3 on Outposts.", - "title": "RestrictPublicBuckets", - "type": "boolean" + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SankeyDiagramSortConfiguration", + "markdownDescription": "The sort configuration of a sankey diagram.", + "title": "SortConfiguration" } }, "type": "object" }, - "AWS::S3ObjectLambda::AccessPoint.TransformationConfiguration": { + "AWS::QuickSight::Dashboard.SankeyDiagramFieldWells": { "additionalProperties": false, "properties": { - "Actions": { + "SankeyDiagramAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SankeyDiagramAggregatedFieldWells", + "markdownDescription": "The field well configuration of a sankey diagram.", + "title": "SankeyDiagramAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SankeyDiagramSortConfiguration": { + "additionalProperties": false, + "properties": { + "DestinationItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of destination nodes that are displayed in a sankey diagram.", + "title": "DestinationItemsLimit" + }, + "SourceItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of source nodes that are displayed in a sankey diagram.", + "title": "SourceItemsLimit" + }, + "WeightSort": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" }, - "markdownDescription": "A container for the action of an Object Lambda Access Point configuration. Valid inputs are `GetObject` , `HeadObject` , `ListObject` , and `ListObjectV2` .", - "title": "Actions", + "markdownDescription": "The sort configuration of the weight fields.", + "title": "WeightSort", "type": "array" - }, - "ContentTransformation": { - "$ref": "#/definitions/AWS::S3ObjectLambda::AccessPoint.ContentTransformation", - "markdownDescription": "A container for the content transformation of an Object Lambda Access Point configuration. Can include the FunctionArn and FunctionPayload. For more information, see [AwsLambdaTransformation](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_AwsLambdaTransformation.html) in the *Amazon S3 API Reference* .", - "title": "ContentTransformation" } }, - "required": [ - "Actions", - "ContentTransformation" - ], "type": "object" }, - "AWS::S3ObjectLambda::AccessPointPolicy": { + "AWS::QuickSight::Dashboard.SankeyDiagramVisual": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SankeyDiagramChartConfiguration", + "markdownDescription": "The configuration of a sankey diagram.", + "title": "ChartConfiguration" }, - "Metadata": { - "type": "object" + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ObjectLambdaAccessPoint": { - "markdownDescription": "An access point with an attached AWS Lambda function used to access transformed data from an Amazon S3 bucket.", - "title": "ObjectLambdaAccessPoint", - "type": "string" - }, - "PolicyDocument": { - "markdownDescription": "Object Lambda Access Point resource policy document.", - "title": "PolicyDocument", - "type": "object" - } - }, - "required": [ - "ObjectLambdaAccessPoint", - "PolicyDocument" - ], - "type": "object" + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" }, - "Type": { - "enum": [ - "AWS::S3ObjectLambda::AccessPointPolicy" - ], + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", "type": "string" } }, "required": [ - "Type", - "Properties" + "VisualId" ], "type": "object" }, - "AWS::S3Outposts::AccessPoint": { + "AWS::QuickSight::Dashboard.ScatterPlotCategoricallyAggregatedFieldWells": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The category field well of a scatter plot.", + "title": "Category", + "type": "array" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Label": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The label field well of a scatter plot.", + "title": "Label", + "type": "array" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Size": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The size field well of a scatter plot.", + "title": "Size", + "type": "array" }, - "Metadata": { - "type": "object" + "XAxis": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The x-axis field well of a scatter plot.\n\nThe x-axis is aggregated by category.", + "title": "XAxis", + "type": "array" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Bucket": { - "markdownDescription": "The Amazon Resource Name (ARN) of the S3 on Outposts bucket that is associated with this access point.", - "title": "Bucket", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of this access point.", - "title": "Name", - "type": "string" - }, - "Policy": { - "markdownDescription": "The access point policy associated with this access point.", - "title": "Policy", - "type": "object" - }, - "VpcConfiguration": { - "$ref": "#/definitions/AWS::S3Outposts::AccessPoint.VpcConfiguration", - "markdownDescription": "The virtual private cloud (VPC) configuration for this access point, if one exists.", - "title": "VpcConfiguration" - } + "YAxis": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" }, - "required": [ - "Bucket", - "Name", - "VpcConfiguration" - ], - "type": "object" + "markdownDescription": "The y-axis field well of a scatter plot.\n\nThe y-axis is aggregated by category.", + "title": "YAxis", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ScatterPlotConfiguration": { + "additionalProperties": false, + "properties": { + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.", + "title": "DataLabels" }, - "Type": { - "enum": [ - "AWS::S3Outposts::AccessPoint" - ], - "type": "string" + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScatterPlotFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScatterPlotSortConfiguration", + "markdownDescription": "The sort configuration of a scatter plot.", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Tooltip" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" + }, + "XAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, and axis step) of the scatter plot's x-axis.", + "title": "XAxisDisplayOptions" + }, + "XAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's x-axis.", + "title": "XAxisLabelOptions" + }, + "YAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, and axis step) of the scatter plot's y-axis.", + "title": "YAxisDisplayOptions" + }, + "YAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's y-axis.", + "title": "YAxisLabelOptions" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::S3Outposts::AccessPoint.VpcConfiguration": { + "AWS::QuickSight::Dashboard.ScatterPlotFieldWells": { "additionalProperties": false, "properties": { - "VpcId": { + "ScatterPlotCategoricallyAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScatterPlotCategoricallyAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a scatter plot. The x and y-axes of scatter plots with aggregated field wells are aggregated by category, label, or both.", + "title": "ScatterPlotCategoricallyAggregatedFieldWells" + }, + "ScatterPlotUnaggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScatterPlotUnaggregatedFieldWells", + "markdownDescription": "The unaggregated field wells of a scatter plot. The x and y-axes of these scatter plots are unaggregated.", + "title": "ScatterPlotUnaggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ScatterPlotSortConfiguration": { + "additionalProperties": false, + "properties": { + "ScatterPlotLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", "markdownDescription": "", - "title": "VpcId", - "type": "string" + "title": "ScatterPlotLimitConfiguration" } }, "type": "object" }, - "AWS::S3Outposts::Bucket": { + "AWS::QuickSight::Dashboard.ScatterPlotUnaggregatedFieldWells": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The category field well of a scatter plot.", + "title": "Category", + "type": "array" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Label": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The label field well of a scatter plot.", + "title": "Label", + "type": "array" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Size": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The size field well of a scatter plot.", + "title": "Size", + "type": "array" }, - "Metadata": { - "type": "object" + "XAxis": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The x-axis field well of a scatter plot.\n\nThe x-axis is a dimension field and cannot be aggregated.", + "title": "XAxis", + "type": "array" }, - "Properties": { - "additionalProperties": false, - "properties": { - "BucketName": { - "markdownDescription": "A name for the S3 on Outposts bucket. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the bucket name. The bucket name must contain only lowercase letters, numbers, periods (.), and dashes (-) and must follow [Amazon S3 bucket restrictions and limitations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/BucketRestrictions.html) . For more information, see [Bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/BucketRestrictions.html#bucketnamingrules) .\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you need to replace the resource, specify a new name.", - "title": "BucketName", - "type": "string" - }, - "LifecycleConfiguration": { - "$ref": "#/definitions/AWS::S3Outposts::Bucket.LifecycleConfiguration", - "markdownDescription": "Creates a new lifecycle configuration for the S3 on Outposts bucket or replaces an existing lifecycle configuration. Outposts buckets only support lifecycle configurations that delete/expire objects after a certain period of time and abort incomplete multipart uploads.", - "title": "LifecycleConfiguration" - }, - "OutpostId": { - "markdownDescription": "The ID of the Outpost of the specified bucket.", - "title": "OutpostId", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Sets the tags for an S3 on Outposts bucket. For more information, see [Using Amazon S3 on Outposts](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) .\n\nUse tags to organize your AWS bill to reflect your own cost structure. To do this, sign up to get your AWS account bill with tag key values included. Then, to see the cost of combined resources, organize your billing information according to resources with the same tag key values. For example, you can tag several resources with a specific application name, and then organize your billing information to see the total cost of that application across several services. For more information, see [Cost allocation and tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html) .\n\n> Within a bucket, if you add a tag that has the same key as an existing tag, the new value overwrites the old value. For more information, see [Using cost allocation and bucket tags](https://docs.aws.amazon.com/AmazonS3/latest/userguide/CostAllocTagging.html) . \n\nTo use this resource, you must have permissions to perform the `s3-outposts:PutBucketTagging` . The S3 on Outposts bucket owner has this permission by default and can grant this permission to others. For more information about permissions, see [Permissions Related to Bucket Subresource Operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) and [Managing access permissions to your Amazon S3 resources](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html) .", - "title": "Tags", - "type": "array" - } + "YAxis": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, - "required": [ - "BucketName", - "OutpostId" - ], - "type": "object" + "markdownDescription": "The y-axis field well of a scatter plot.\n\nThe y-axis is a dimension field and cannot be aggregated.", + "title": "YAxis", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ScatterPlotVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" }, - "Type": { - "enum": [ - "AWS::S3Outposts::Bucket" - ], + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScatterPlotConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", "type": "string" } }, "required": [ - "Type", - "Properties" + "VisualId" ], "type": "object" }, - "AWS::S3Outposts::Bucket.AbortIncompleteMultipartUpload": { + "AWS::QuickSight::Dashboard.ScrollBarOptions": { "additionalProperties": false, "properties": { - "DaysAfterInitiation": { - "markdownDescription": "Specifies the number of days after initiation that Amazon S3 on Outposts aborts an incomplete multipart upload.", - "title": "DaysAfterInitiation", - "type": "number" + "Visibility": { + "markdownDescription": "The visibility of the data zoom scroll bar.", + "title": "Visibility", + "type": "string" + }, + "VisibleRange": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisibleRangeOptions", + "markdownDescription": "The visibility range for the data zoom scroll bar.", + "title": "VisibleRange" } }, - "required": [ - "DaysAfterInitiation" - ], "type": "object" }, - "AWS::S3Outposts::Bucket.Filter": { + "AWS::QuickSight::Dashboard.SecondaryValueOptions": { "additionalProperties": false, "properties": { - "AndOperator": { - "$ref": "#/definitions/AWS::S3Outposts::Bucket.FilterAndOperator", - "markdownDescription": "", - "title": "AndOperator" - }, - "Prefix": { - "markdownDescription": "", - "title": "Prefix", + "Visibility": { + "markdownDescription": "Determines the visibility of the secondary value.", + "title": "Visibility", "type": "string" - }, - "Tag": { - "$ref": "#/definitions/AWS::S3Outposts::Bucket.FilterTag", - "markdownDescription": "", - "title": "Tag" } }, "type": "object" }, - "AWS::S3Outposts::Bucket.FilterAndOperator": { + "AWS::QuickSight::Dashboard.SectionAfterPageBreak": { "additionalProperties": false, "properties": { - "Prefix": { - "markdownDescription": "", - "title": "Prefix", + "Status": { + "markdownDescription": "The option that enables or disables a page break at the end of a section.", + "title": "Status", "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SectionBasedLayoutCanvasSizeOptions": { + "additionalProperties": false, + "properties": { + "PaperCanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionBasedLayoutPaperCanvasSizeOptions", + "markdownDescription": "The options for a paper canvas of a section-based layout.", + "title": "PaperCanvasSizeOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SectionBasedLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "BodySections": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BodySectionConfiguration" + }, + "markdownDescription": "A list of body section configurations.", + "title": "BodySections", + "type": "array" }, - "Tags": { + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionBasedLayoutCanvasSizeOptions", + "markdownDescription": "The options for the canvas of a section-based layout.", + "title": "CanvasSizeOptions" + }, + "FooterSections": { "items": { - "$ref": "#/definitions/AWS::S3Outposts::Bucket.FilterTag" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeaderFooterSectionConfiguration" }, - "markdownDescription": "", - "title": "Tags", + "markdownDescription": "A list of footer section configurations.", + "title": "FooterSections", + "type": "array" + }, + "HeaderSections": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeaderFooterSectionConfiguration" + }, + "markdownDescription": "A list of header section configurations.", + "title": "HeaderSections", "type": "array" } }, "required": [ - "Tags" + "BodySections", + "CanvasSizeOptions", + "FooterSections", + "HeaderSections" ], "type": "object" }, - "AWS::S3Outposts::Bucket.FilterTag": { + "AWS::QuickSight::Dashboard.SectionBasedLayoutPaperCanvasSizeOptions": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "", - "title": "Key", + "PaperMargin": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.Spacing", + "markdownDescription": "Defines the spacing between the canvas content and the top, bottom, left, and right edges.", + "title": "PaperMargin" + }, + "PaperOrientation": { + "markdownDescription": "The paper orientation that is used to define canvas dimensions. Choose one of the following options:\n\n- PORTRAIT\n- LANDSCAPE", + "title": "PaperOrientation", "type": "string" }, - "Value": { - "markdownDescription": "", - "title": "Value", + "PaperSize": { + "markdownDescription": "The paper size that is used to define canvas dimensions.", + "title": "PaperSize", "type": "string" } }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SectionLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "FreeFormLayout": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormSectionLayoutConfiguration", + "markdownDescription": "The free-form layout configuration of a section.", + "title": "FreeFormLayout" + } + }, "required": [ - "Key", - "Value" + "FreeFormLayout" ], "type": "object" }, - "AWS::S3Outposts::Bucket.LifecycleConfiguration": { + "AWS::QuickSight::Dashboard.SectionPageBreakConfiguration": { "additionalProperties": false, "properties": { - "Rules": { + "After": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionAfterPageBreak", + "markdownDescription": "The configuration of a page break after a section.", + "title": "After" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SectionStyle": { + "additionalProperties": false, + "properties": { + "Height": { + "markdownDescription": "The height of a section.\n\nHeights can only be defined for header and footer sections. The default height margin is 0.5 inches.", + "title": "Height", + "type": "string" + }, + "Padding": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.Spacing", + "markdownDescription": "The spacing between section content and its top, bottom, left, and right edges.\n\nThere is no padding by default.", + "title": "Padding" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SelectedSheetsFilterScopeConfiguration": { + "additionalProperties": false, + "properties": { + "SheetVisualScopingConfigurations": { "items": { - "$ref": "#/definitions/AWS::S3Outposts::Bucket.Rule" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetVisualScopingConfiguration" }, - "markdownDescription": "The container for the lifecycle configuration rules for the objects stored in the S3 on Outposts bucket.", - "title": "Rules", + "markdownDescription": "The sheet ID and visual IDs of the sheet and visuals that the filter is applied to.", + "title": "SheetVisualScopingConfigurations", "type": "array" } }, - "required": [ - "Rules" - ], "type": "object" }, - "AWS::S3Outposts::Bucket.Rule": { + "AWS::QuickSight::Dashboard.SeriesItem": { "additionalProperties": false, "properties": { - "AbortIncompleteMultipartUpload": { - "$ref": "#/definitions/AWS::S3Outposts::Bucket.AbortIncompleteMultipartUpload", - "markdownDescription": "The container for the abort incomplete multipart upload rule.", - "title": "AbortIncompleteMultipartUpload" + "DataFieldSeriesItem": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataFieldSeriesItem", + "markdownDescription": "The data field series item configuration of a line chart.", + "title": "DataFieldSeriesItem" }, - "ExpirationDate": { - "markdownDescription": "Specifies the expiration for the lifecycle of the object by specifying an expiry date.", - "title": "ExpirationDate", + "FieldSeriesItem": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSeriesItem", + "markdownDescription": "The field series item configuration of a line chart.", + "title": "FieldSeriesItem" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SetParameterValueConfiguration": { + "additionalProperties": false, + "properties": { + "DestinationParameterName": { + "markdownDescription": "The destination parameter name of the `SetParameterValueConfiguration` .", + "title": "DestinationParameterName", "type": "string" }, - "ExpirationInDays": { - "markdownDescription": "Specifies the expiration for the lifecycle of the object in the form of days that the object has been in the S3 on Outposts bucket.", - "title": "ExpirationInDays", - "type": "number" - }, - "Filter": { - "$ref": "#/definitions/AWS::S3Outposts::Bucket.Filter", - "markdownDescription": "The container for the filter of the lifecycle rule.", - "title": "Filter" - }, - "Id": { + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DestinationParameterValueConfiguration", "markdownDescription": "", - "title": "Id", - "type": "string" - }, - "Status": { - "markdownDescription": "If `Enabled` , the rule is currently being applied. If `Disabled` , the rule is not currently being applied.", - "title": "Status", - "type": "string" + "title": "Value" } }, "required": [ - "Status" + "DestinationParameterName", + "Value" ], "type": "object" }, - "AWS::S3Outposts::BucketPolicy": { + "AWS::QuickSight::Dashboard.ShapeConditionalFormat": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Bucket": { - "markdownDescription": "The name of the Amazon S3 Outposts bucket to which the policy applies.", - "title": "Bucket", - "type": "string" - }, - "PolicyDocument": { - "markdownDescription": "A policy document containing permissions to add to the specified bucket. In IAM, you must provide policy documents in JSON format. However, in CloudFormation, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to IAM. For more information, see the AWS::IAM::Policy [PolicyDocument](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html#cfn-iam-policy-policydocument) resource description in this guide and [Access Policy Language Overview](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-policy-language-overview.html) .", - "title": "PolicyDocument", - "type": "object" - } - }, - "required": [ - "Bucket", - "PolicyDocument" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::S3Outposts::BucketPolicy" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "BackgroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting for the shape background color of a filled map visual.", + "title": "BackgroundColor" } }, "required": [ - "Type", - "Properties" + "BackgroundColor" ], "type": "object" }, - "AWS::S3Outposts::Endpoint": { + "AWS::QuickSight::Dashboard.Sheet": { "additionalProperties": false, "properties": { - "Condition": { + "Name": { + "markdownDescription": "The name of a sheet. This name is displayed on the sheet's tab in the Amazon QuickSight console.", + "title": "Name", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SheetId": { + "markdownDescription": "The unique identifier associated with a sheet.", + "title": "SheetId", "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AccessType": { - "markdownDescription": "The container for the type of connectivity used to access the Amazon S3 on Outposts endpoint. To use the Amazon VPC , choose `Private` . To use the endpoint with an on-premises network, choose `CustomerOwnedIp` . If you choose `CustomerOwnedIp` , you must also provide the customer-owned IP address pool (CoIP pool).\n\n> `Private` is the default access type value.", - "title": "AccessType", - "type": "string" - }, - "CustomerOwnedIpv4Pool": { - "markdownDescription": "The ID of the customer-owned IPv4 address pool (CoIP pool) for the endpoint. IP addresses are allocated from this pool for the endpoint.", - "title": "CustomerOwnedIpv4Pool", - "type": "string" - }, - "FailedReason": { - "$ref": "#/definitions/AWS::S3Outposts::Endpoint.FailedReason", - "markdownDescription": "The failure reason, if any, for a create or delete endpoint operation.", - "title": "FailedReason" - }, - "OutpostId": { - "markdownDescription": "The ID of the Outpost.", - "title": "OutpostId", - "type": "string" - }, - "SecurityGroupId": { - "markdownDescription": "The ID of the security group used for the endpoint.", - "title": "SecurityGroupId", - "type": "string" - }, - "SubnetId": { - "markdownDescription": "The ID of the subnet used for the endpoint.", - "title": "SubnetId", - "type": "string" - } - }, - "required": [ - "OutpostId", - "SecurityGroupId", - "SubnetId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::S3Outposts::Endpoint" - ], + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions": { + "additionalProperties": false, + "properties": { + "InfoIconText": { + "markdownDescription": "The text content of info icon.", + "title": "InfoIconText", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Visibility": { + "markdownDescription": "The visibility configuration of info icon label options.", + "title": "Visibility", "type": "string" } }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SheetControlLayout": { + "additionalProperties": false, + "properties": { + "Configuration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlLayoutConfiguration", + "markdownDescription": "The configuration that determines the elements and canvas size options of sheet control.", + "title": "Configuration" + } + }, "required": [ - "Type", - "Properties" + "Configuration" ], "type": "object" }, - "AWS::S3Outposts::Endpoint.FailedReason": { + "AWS::QuickSight::Dashboard.SheetControlLayoutConfiguration": { "additionalProperties": false, "properties": { - "ErrorCode": { - "markdownDescription": "The failure code, if any, for a create or delete endpoint operation.", - "title": "ErrorCode", - "type": "string" - }, - "Message": { - "markdownDescription": "Additional error details describing the endpoint failure and recommended action.", - "title": "Message", - "type": "string" + "GridLayout": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GridLayoutConfiguration", + "markdownDescription": "The configuration that determines the elements and canvas size options of sheet control.", + "title": "GridLayout" } }, "type": "object" }, - "AWS::S3Outposts::Endpoint.NetworkInterface": { + "AWS::QuickSight::Dashboard.SheetControlsOption": { "additionalProperties": false, "properties": { - "NetworkInterfaceId": { - "markdownDescription": "The ID for the network interface.", - "title": "NetworkInterfaceId", + "VisibilityState": { + "markdownDescription": "Visibility state.", + "title": "VisibilityState", "type": "string" } }, - "required": [ - "NetworkInterfaceId" - ], "type": "object" }, - "AWS::SDB::Domain": { + "AWS::QuickSight::Dashboard.SheetDefinition": { "additionalProperties": false, "properties": { - "Condition": { + "ContentType": { + "markdownDescription": "The layout content type of the sheet. Choose one of the following options:\n\n- `PAGINATED` : Creates a sheet for a paginated report.\n- `INTERACTIVE` : Creates a sheet for an interactive dashboard.", + "title": "ContentType", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Description": { + "markdownDescription": "A description of the sheet.", + "title": "Description", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "FilterControls": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterControl" + }, + "markdownDescription": "The list of filter controls that are on a sheet.\n\nFor more information, see [Adding filter controls to analysis sheets](https://docs.aws.amazon.com/quicksight/latest/user/filter-controls.html) in the *Amazon QuickSight User Guide* .", + "title": "FilterControls", + "type": "array" }, - "Metadata": { - "type": "object" + "Images": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetImage" + }, + "markdownDescription": "A list of images on a sheet.", + "title": "Images", + "type": "array" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "Information about the SimpleDB domain.", - "title": "Description", - "type": "string" - } + "Layouts": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.Layout" }, - "type": "object" + "markdownDescription": "Layouts define how the components of a sheet are arranged.\n\nFor more information, see [Types of layout](https://docs.aws.amazon.com/quicksight/latest/user/types-of-layout.html) in the *Amazon QuickSight User Guide* .", + "title": "Layouts", + "type": "array" }, - "Type": { - "enum": [ - "AWS::SDB::Domain" - ], + "Name": { + "markdownDescription": "The name of the sheet. This name is displayed on the sheet's tab in the Amazon QuickSight console.", + "title": "Name", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ParameterControls": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterControl" + }, + "markdownDescription": "The list of parameter controls that are on a sheet.\n\nFor more information, see [Using a Control with a Parameter in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-controls.html) in the *Amazon QuickSight User Guide* .", + "title": "ParameterControls", + "type": "array" + }, + "SheetControlLayouts": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlLayout" + }, + "markdownDescription": "The control layouts of the sheet.", + "title": "SheetControlLayouts", + "type": "array" + }, + "SheetId": { + "markdownDescription": "The unique identifier of a sheet.", + "title": "SheetId", + "type": "string" + }, + "TextBoxes": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetTextBox" + }, + "markdownDescription": "The text boxes that are on a sheet.", + "title": "TextBoxes", + "type": "array" + }, + "Title": { + "markdownDescription": "The title of the sheet.", + "title": "Title", "type": "string" + }, + "Visuals": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.Visual" + }, + "markdownDescription": "A list of the visuals that are on a sheet. Visual placement is determined by the layout of the sheet.", + "title": "Visuals", + "type": "array" } }, "required": [ - "Type" + "SheetId" ], "type": "object" }, - "AWS::SES::ConfigurationSet": { + "AWS::QuickSight::Dashboard.SheetElementConfigurationOverrides": { "additionalProperties": false, "properties": { - "Condition": { + "Visibility": { + "markdownDescription": "Determines whether or not the overrides are visible. Choose one of the following options:\n\n- `VISIBLE`\n- `HIDDEN`", + "title": "Visibility", "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SheetElementRenderingRule": { + "additionalProperties": false, + "properties": { + "ConfigurationOverrides": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetElementConfigurationOverrides", + "markdownDescription": "The override configuration of the rendering rules of a sheet.", + "title": "ConfigurationOverrides" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Expression": { + "markdownDescription": "The expression of the rendering rules of a sheet.", + "title": "Expression", "type": "string" + } + }, + "required": [ + "ConfigurationOverrides", + "Expression" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.SheetImage": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ImageCustomAction" + }, + "markdownDescription": "A list of custom actions that are configured for an image.", + "title": "Actions", + "type": "array" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ImageContentAltText": { + "markdownDescription": "The alt text for the image.", + "title": "ImageContentAltText", + "type": "string" }, - "Metadata": { - "type": "object" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ImageInteractionOptions", + "markdownDescription": "The general image interactions setup for an image.", + "title": "Interactions" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DeliveryOptions": { - "$ref": "#/definitions/AWS::SES::ConfigurationSet.DeliveryOptions", - "markdownDescription": "Specifies the name of the dedicated IP pool to associate with the configuration set and whether messages that use the configuration set are required to use Transport Layer Security (TLS).", - "title": "DeliveryOptions" - }, - "Name": { - "markdownDescription": "The name of the configuration set. The name must meet the following requirements:\n\n- Contain only letters (a-z, A-Z), numbers (0-9), underscores (_), or dashes (-).\n- Contain 64 characters or fewer.", - "title": "Name", - "type": "string" - }, - "ReputationOptions": { - "$ref": "#/definitions/AWS::SES::ConfigurationSet.ReputationOptions", - "markdownDescription": "An object that defines whether or not Amazon SES collects reputation metrics for the emails that you send that use the configuration set.", - "title": "ReputationOptions" - }, - "SendingOptions": { - "$ref": "#/definitions/AWS::SES::ConfigurationSet.SendingOptions", - "markdownDescription": "An object that defines whether or not Amazon SES can send email that you send using the configuration set.", - "title": "SendingOptions" - }, - "SuppressionOptions": { - "$ref": "#/definitions/AWS::SES::ConfigurationSet.SuppressionOptions", - "markdownDescription": "An object that contains information about the suppression list preferences for your account.", - "title": "SuppressionOptions" - }, - "TrackingOptions": { - "$ref": "#/definitions/AWS::SES::ConfigurationSet.TrackingOptions", - "markdownDescription": "An object that defines the open and click tracking options for emails that you send using the configuration set.", - "title": "TrackingOptions" - }, - "VdmOptions": { - "$ref": "#/definitions/AWS::SES::ConfigurationSet.VdmOptions", - "markdownDescription": "The Virtual Deliverability Manager (VDM) options that apply to the configuration set.", - "title": "VdmOptions" - } - }, - "type": "object" + "Scaling": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetImageScalingConfiguration", + "markdownDescription": "Determines how the image is scaled.", + "title": "Scaling" }, - "Type": { - "enum": [ - "AWS::SES::ConfigurationSet" - ], + "SheetImageId": { + "markdownDescription": "The ID of the sheet image.", + "title": "SheetImageId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Source": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetImageSource", + "markdownDescription": "The source of the image.", + "title": "Source" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetImageTooltipConfiguration", + "markdownDescription": "The tooltip to be shown when hovering over the image.", + "title": "Tooltip" } }, "required": [ - "Type" + "SheetImageId", + "Source" ], "type": "object" }, - "AWS::SES::ConfigurationSet.DashboardOptions": { + "AWS::QuickSight::Dashboard.SheetImageScalingConfiguration": { "additionalProperties": false, "properties": { - "EngagementMetrics": { - "markdownDescription": "Specifies the status of your VDM engagement metrics collection. Can be one of the following:\n\n- `ENABLED` \u2013 Amazon SES enables engagement metrics for the configuration set.\n- `DISABLED` \u2013 Amazon SES disables engagement metrics for the configuration set.", - "title": "EngagementMetrics", + "ScalingType": { + "markdownDescription": "The scaling option to use when fitting the image inside the container.\n\nValid values are defined as follows:\n\n- `SCALE_TO_WIDTH` : The image takes up the entire width of the container. The image aspect ratio is preserved.\n- `SCALE_TO_HEIGHT` : The image takes up the entire height of the container. The image aspect ratio is preserved.\n- `SCALE_TO_CONTAINER` : The image takes up the entire width and height of the container. The image aspect ratio is not preserved.\n- `SCALE_NONE` : The image is displayed in its original size and is not scaled to the container.", + "title": "ScalingType", "type": "string" } }, - "required": [ - "EngagementMetrics" - ], "type": "object" }, - "AWS::SES::ConfigurationSet.DeliveryOptions": { + "AWS::QuickSight::Dashboard.SheetImageSource": { "additionalProperties": false, "properties": { - "SendingPoolName": { - "markdownDescription": "The name of the dedicated IP pool to associate with the configuration set.", - "title": "SendingPoolName", - "type": "string" - }, - "TlsPolicy": { - "markdownDescription": "Specifies whether messages that use the configuration set are required to use Transport Layer Security (TLS). If the value is `REQUIRE` , messages are only delivered if a TLS connection can be established. If the value is `OPTIONAL` , messages can be delivered in plain text if a TLS connection can't be established.\n\nValid Values: `REQUIRE | OPTIONAL`", - "title": "TlsPolicy", - "type": "string" + "SheetImageStaticFileSource": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetImageStaticFileSource", + "markdownDescription": "The source of the static file that contains the image.", + "title": "SheetImageStaticFileSource" } }, "type": "object" }, - "AWS::SES::ConfigurationSet.GuardianOptions": { + "AWS::QuickSight::Dashboard.SheetImageStaticFileSource": { "additionalProperties": false, "properties": { - "OptimizedSharedDelivery": { - "markdownDescription": "Specifies the status of your VDM optimized shared delivery. Can be one of the following:\n\n- `ENABLED` \u2013 Amazon SES enables optimized shared delivery for the configuration set.\n- `DISABLED` \u2013 Amazon SES disables optimized shared delivery for the configuration set.", - "title": "OptimizedSharedDelivery", + "StaticFileId": { + "markdownDescription": "The ID of the static file that contains the image.", + "title": "StaticFileId", "type": "string" } }, "required": [ - "OptimizedSharedDelivery" + "StaticFileId" ], "type": "object" }, - "AWS::SES::ConfigurationSet.ReputationOptions": { + "AWS::QuickSight::Dashboard.SheetImageTooltipConfiguration": { "additionalProperties": false, "properties": { - "ReputationMetricsEnabled": { - "markdownDescription": "If `true` , tracking of reputation metrics is enabled for the configuration set. If `false` , tracking of reputation metrics is disabled for the configuration set.", - "title": "ReputationMetricsEnabled", - "type": "boolean" + "TooltipText": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetImageTooltipText", + "markdownDescription": "The text that appears in the tooltip.", + "title": "TooltipText" + }, + "Visibility": { + "markdownDescription": "The visibility of the tooltip.", + "title": "Visibility", + "type": "string" } }, "type": "object" }, - "AWS::SES::ConfigurationSet.SendingOptions": { + "AWS::QuickSight::Dashboard.SheetImageTooltipText": { "additionalProperties": false, "properties": { - "SendingEnabled": { - "markdownDescription": "If `true` , email sending is enabled for the configuration set. If `false` , email sending is disabled for the configuration set.", - "title": "SendingEnabled", - "type": "boolean" + "PlainText": { + "markdownDescription": "The plain text format.", + "title": "PlainText", + "type": "string" } }, "type": "object" }, - "AWS::SES::ConfigurationSet.SuppressionOptions": { + "AWS::QuickSight::Dashboard.SheetLayoutElementMaximizationOption": { "additionalProperties": false, "properties": { - "SuppressedReasons": { - "items": { - "type": "string" - }, - "markdownDescription": "A list that contains the reasons that email addresses are automatically added to the suppression list for your account. This list can contain any or all of the following:\n\n- `COMPLAINT` \u2013 Amazon SES adds an email address to the suppression list for your account when a message sent to that address results in a complaint.\n- `BOUNCE` \u2013 Amazon SES adds an email address to the suppression list for your account when a message sent to that address results in a hard bounce.", - "title": "SuppressedReasons", - "type": "array" + "AvailabilityStatus": { + "markdownDescription": "The status of the sheet layout maximization options of a dashbaord.", + "title": "AvailabilityStatus", + "type": "string" } }, "type": "object" }, - "AWS::SES::ConfigurationSet.TrackingOptions": { + "AWS::QuickSight::Dashboard.SheetTextBox": { "additionalProperties": false, "properties": { - "CustomRedirectDomain": { - "markdownDescription": "The custom subdomain that is used to redirect email recipients to the Amazon SES event tracking domain.", - "title": "CustomRedirectDomain", + "Content": { + "markdownDescription": "The content that is displayed in the text box.", + "title": "Content", + "type": "string" + }, + "SheetTextBoxId": { + "markdownDescription": "The unique identifier for a text box. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have text boxes that share identifiers.", + "title": "SheetTextBoxId", "type": "string" } }, + "required": [ + "SheetTextBoxId" + ], "type": "object" }, - "AWS::SES::ConfigurationSet.VdmOptions": { + "AWS::QuickSight::Dashboard.SheetVisualScopingConfiguration": { "additionalProperties": false, "properties": { - "DashboardOptions": { - "$ref": "#/definitions/AWS::SES::ConfigurationSet.DashboardOptions", - "markdownDescription": "Specifies additional settings for your VDM configuration as applicable to the Dashboard.", - "title": "DashboardOptions" + "Scope": { + "markdownDescription": "The scope of the applied entities. Choose one of the following options:\n\n- `ALL_VISUALS`\n- `SELECTED_VISUALS`", + "title": "Scope", + "type": "string" }, - "GuardianOptions": { - "$ref": "#/definitions/AWS::SES::ConfigurationSet.GuardianOptions", - "markdownDescription": "Specifies additional settings for your VDM configuration as applicable to the Guardian.", - "title": "GuardianOptions" + "SheetId": { + "markdownDescription": "The selected sheet that the filter is applied to.", + "title": "SheetId", + "type": "string" + }, + "VisualIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The selected visuals that the filter is applied to.", + "title": "VisualIds", + "type": "array" } }, + "required": [ + "Scope", + "SheetId" + ], "type": "object" }, - "AWS::SES::ConfigurationSetEventDestination": { + "AWS::QuickSight::Dashboard.ShortFormatText": { "additionalProperties": false, "properties": { - "Condition": { + "PlainText": { + "markdownDescription": "Plain text format.", + "title": "PlainText", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ConfigurationSetName": { - "markdownDescription": "The name of the configuration set that contains the event destination.", - "title": "ConfigurationSetName", - "type": "string" - }, - "EventDestination": { - "$ref": "#/definitions/AWS::SES::ConfigurationSetEventDestination.EventDestination", - "markdownDescription": "An object that defines the event destination.", - "title": "EventDestination" - } - }, - "required": [ - "ConfigurationSetName", - "EventDestination" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::SES::ConfigurationSetEventDestination" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "RichText": { + "markdownDescription": "Rich text. Examples of rich text include bold, underline, and italics.", + "title": "RichText", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::SES::ConfigurationSetEventDestination.CloudWatchDestination": { + "AWS::QuickSight::Dashboard.SimpleClusterMarker": { "additionalProperties": false, "properties": { - "DimensionConfigurations": { - "items": { - "$ref": "#/definitions/AWS::SES::ConfigurationSetEventDestination.DimensionConfiguration" - }, - "markdownDescription": "An array of objects that define the dimensions to use when you send email events to Amazon CloudWatch.", - "title": "DimensionConfigurations", - "type": "array" + "Color": { + "markdownDescription": "The color of the simple cluster marker.", + "title": "Color", + "type": "string" } }, "type": "object" }, - "AWS::SES::ConfigurationSetEventDestination.DimensionConfiguration": { + "AWS::QuickSight::Dashboard.SingleAxisOptions": { "additionalProperties": false, "properties": { - "DefaultDimensionValue": { - "markdownDescription": "The default value of the dimension that is published to Amazon CloudWatch if you don't provide the value of the dimension when you send an email. This value has to meet the following criteria:\n\n- Can only contain ASCII letters (a\u2013z, A\u2013Z), numbers (0\u20139), underscores (_), or dashes (-), at signs (@), and periods (.).\n- It can contain no more than 256 characters.", - "title": "DefaultDimensionValue", - "type": "string" - }, - "DimensionName": { - "markdownDescription": "The name of an Amazon CloudWatch dimension associated with an email sending metric. The name has to meet the following criteria:\n\n- It can only contain ASCII letters (a\u2013z, A\u2013Z), numbers (0\u20139), underscores (_), or dashes (-).\n- It can contain no more than 256 characters.", - "title": "DimensionName", - "type": "string" - }, - "DimensionValueSource": { - "markdownDescription": "The location where the Amazon SES API v2 finds the value of a dimension to publish to Amazon CloudWatch. To use the message tags that you specify using an `X-SES-MESSAGE-TAGS` header or a parameter to the `SendEmail` or `SendRawEmail` API, choose `messageTag` . To use your own email headers, choose `emailHeader` . To use link tags, choose `linkTag` .", - "title": "DimensionValueSource", - "type": "string" + "YAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.YAxisOptions", + "markdownDescription": "The Y axis options of a single axis configuration.", + "title": "YAxisOptions" } }, - "required": [ - "DefaultDimensionValue", - "DimensionName", - "DimensionValueSource" - ], "type": "object" }, - "AWS::SES::ConfigurationSetEventDestination.EventDestination": { + "AWS::QuickSight::Dashboard.SliderControlDisplayOptions": { "additionalProperties": false, "properties": { - "CloudWatchDestination": { - "$ref": "#/definitions/AWS::SES::ConfigurationSetEventDestination.CloudWatchDestination", - "markdownDescription": "An object that defines an Amazon CloudWatch destination for email events. You can use Amazon CloudWatch to monitor and gain insights on your email sending metrics.", - "title": "CloudWatchDestination" - }, - "Enabled": { - "markdownDescription": "If `true` , the event destination is enabled. When the event destination is enabled, the specified event types are sent to the destinations in this `EventDestinationDefinition` .\n\nIf `false` , the event destination is disabled. When the event destination is disabled, events aren't sent to the specified destinations.", - "title": "Enabled", - "type": "boolean" - }, - "KinesisFirehoseDestination": { - "$ref": "#/definitions/AWS::SES::ConfigurationSetEventDestination.KinesisFirehoseDestination", - "markdownDescription": "An object that contains the delivery stream ARN and the IAM role ARN associated with an Amazon Kinesis Firehose event destination.", - "title": "KinesisFirehoseDestination" - }, - "MatchingEventTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The types of events that Amazon SES sends to the specified event destinations.\n\n- `SEND` - The send request was successful and SES will attempt to deliver the message to the recipient\u2019s mail server. (If account-level or global suppression is being used, SES will still count it as a send, but delivery is suppressed.)\n- `REJECT` - SES accepted the email, but determined that it contained a virus and didn\u2019t attempt to deliver it to the recipient\u2019s mail server.\n- `BOUNCE` - ( *Hard bounce* ) The recipient's mail server permanently rejected the email. ( *Soft bounces* are only included when SES fails to deliver the email after retrying for a period of time.)\n- `COMPLAINT` - The email was successfully delivered to the recipient\u2019s mail server, but the recipient marked it as spam.\n- `DELIVERY` - SES successfully delivered the email to the recipient's mail server.\n- `OPEN` - The recipient received the message and opened it in their email client.\n- `CLICK` - The recipient clicked one or more links in the email.\n- `RENDERING_FAILURE` - The email wasn't sent because of a template rendering issue. This event type can occur when template data is missing, or when there is a mismatch between template parameters and data. (This event type only occurs when you send email using the [`SendEmail`](https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_SendEmail.html) or [`SendBulkEmail`](https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_SendBulkEmail.html) API operations.)\n- `DELIVERY_DELAY` - The email couldn't be delivered to the recipient\u2019s mail server because a temporary issue occurred. Delivery delays can occur, for example, when the recipient's inbox is full, or when the receiving email server experiences a transient issue.\n- `SUBSCRIPTION` - The email was successfully delivered, but the recipient updated their subscription preferences by clicking on an *unsubscribe* link as part of your [subscription management](https://docs.aws.amazon.com/ses/latest/dg/sending-email-subscription-management.html) .", - "title": "MatchingEventTypes", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the event destination. The name must meet the following requirements:\n\n- Contain only ASCII letters (a-z, A-Z), numbers (0-9), underscores (_), or dashes (-).\n- Contain 64 characters or fewer.", - "title": "Name", - "type": "string" + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" }, - "SnsDestination": { - "$ref": "#/definitions/AWS::SES::ConfigurationSetEventDestination.SnsDestination", - "markdownDescription": "An object that contains the topic ARN associated with an Amazon Simple Notification Service (Amazon SNS) event destination.", - "title": "SnsDestination" + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" } }, - "required": [ - "MatchingEventTypes" - ], "type": "object" }, - "AWS::SES::ConfigurationSetEventDestination.KinesisFirehoseDestination": { + "AWS::QuickSight::Dashboard.SmallMultiplesAxisProperties": { "additionalProperties": false, "properties": { - "DeliveryStreamARN": { - "markdownDescription": "The ARN of the Amazon Kinesis Firehose stream that email sending events should be published to.", - "title": "DeliveryStreamARN", + "Placement": { + "markdownDescription": "Defines the placement of the axis. By default, axes are rendered `OUTSIDE` of the panels. Axes with `INDEPENDENT` scale are rendered `INSIDE` the panels.", + "title": "Placement", "type": "string" }, - "IAMRoleARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that the Amazon SES API v2 uses to send email events to the Amazon Kinesis Data Firehose stream.", - "title": "IAMRoleARN", + "Scale": { + "markdownDescription": "Determines whether scale of the axes are shared or independent. The default value is `SHARED` .", + "title": "Scale", "type": "string" } }, - "required": [ - "DeliveryStreamARN", - "IAMRoleARN" - ], "type": "object" }, - "AWS::SES::ConfigurationSetEventDestination.SnsDestination": { + "AWS::QuickSight::Dashboard.SmallMultiplesOptions": { "additionalProperties": false, "properties": { - "TopicARN": { - "markdownDescription": "The ARN of the Amazon SNS topic for email sending events. You can find the ARN of a topic by using the [ListTopics](https://docs.aws.amazon.com/sns/latest/api/API_ListTopics.html) Amazon SNS operation.\n\nFor more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) .", - "title": "TopicARN", - "type": "string" + "MaxVisibleColumns": { + "markdownDescription": "Sets the maximum number of visible columns to display in the grid of small multiples panels.\n\nThe default is `Auto` , which automatically adjusts the columns in the grid to fit the overall layout and size of the given chart.", + "title": "MaxVisibleColumns", + "type": "number" + }, + "MaxVisibleRows": { + "markdownDescription": "Sets the maximum number of visible rows to display in the grid of small multiples panels.\n\nThe default value is `Auto` , which automatically adjusts the rows in the grid to fit the overall layout and size of the given chart.", + "title": "MaxVisibleRows", + "type": "number" + }, + "PanelConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PanelConfiguration", + "markdownDescription": "Configures the display options for each small multiples panel.", + "title": "PanelConfiguration" + }, + "XAxis": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SmallMultiplesAxisProperties", + "markdownDescription": "The properties of a small multiples X axis.", + "title": "XAxis" + }, + "YAxis": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SmallMultiplesAxisProperties", + "markdownDescription": "The properties of a small multiples Y axis.", + "title": "YAxis" } }, - "required": [ - "TopicARN" - ], "type": "object" }, - "AWS::SES::ContactList": { + "AWS::QuickSight::Dashboard.Spacing": { "additionalProperties": false, "properties": { - "Condition": { + "Bottom": { + "markdownDescription": "Define the bottom spacing.", + "title": "Bottom", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Left": { + "markdownDescription": "Define the left spacing.", + "title": "Left", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ContactListName": { - "markdownDescription": "The name of the contact list.", - "title": "ContactListName", - "type": "string" - }, - "Description": { - "markdownDescription": "A description of what the contact list is about.", - "title": "Description", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags associated with a contact list.", - "title": "Tags", - "type": "array" - }, - "Topics": { - "items": { - "$ref": "#/definitions/AWS::SES::ContactList.Topic" - }, - "markdownDescription": "An interest group, theme, or label within a list. A contact list can have multiple topics.", - "title": "Topics", - "type": "array" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::SES::ContactList" - ], + "Right": { + "markdownDescription": "Define the right spacing.", + "title": "Right", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Top": { + "markdownDescription": "Define the top spacing.", + "title": "Top", "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::SES::ContactList.Topic": { + "AWS::QuickSight::Dashboard.SpatialStaticFile": { "additionalProperties": false, "properties": { - "DefaultSubscriptionStatus": { - "markdownDescription": "The default subscription status to be applied to a contact if the contact has not noted their preference for subscribing to a topic.", - "title": "DefaultSubscriptionStatus", - "type": "string" - }, - "Description": { - "markdownDescription": "A description of what the topic is about, which the contact will see.", - "title": "Description", - "type": "string" - }, - "DisplayName": { - "markdownDescription": "The name of the topic the contact will see.", - "title": "DisplayName", - "type": "string" + "Source": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.StaticFileSource", + "markdownDescription": "The source of the spatial static file.", + "title": "Source" }, - "TopicName": { - "markdownDescription": "The name of the topic.", - "title": "TopicName", + "StaticFileId": { + "markdownDescription": "The ID of the spatial static file.", + "title": "StaticFileId", "type": "string" } }, "required": [ - "DefaultSubscriptionStatus", - "DisplayName", - "TopicName" + "StaticFileId" ], "type": "object" }, - "AWS::SES::DedicatedIpPool": { + "AWS::QuickSight::Dashboard.StaticFile": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "PoolName": { - "markdownDescription": "The name of the dedicated IP pool that the IP address is associated with.", - "title": "PoolName", - "type": "string" - }, - "ScalingMode": { - "markdownDescription": "The type of scaling mode.\n\nThe following options are available:\n\n- `STANDARD` - The customer controls which IPs are part of the dedicated IP pool.\n- `MANAGED` - The reputation and number of IPs are automatically managed by Amazon SES .\n\nThe `STANDARD` option is selected by default if no value is specified.\n\n> Updating *ScalingMode* doesn't require a replacement if you're updating its value from `STANDARD` to `MANAGED` . However, updating *ScalingMode* from `MANAGED` to `STANDARD` is not supported.", - "title": "ScalingMode", - "type": "string" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::SES::DedicatedIpPool" - ], - "type": "string" + "ImageStaticFile": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ImageStaticFile", + "markdownDescription": "The image static file.", + "title": "ImageStaticFile" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "SpatialStaticFile": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SpatialStaticFile", + "markdownDescription": "The spacial static file.", + "title": "SpatialStaticFile" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::SES::EmailIdentity": { + "AWS::QuickSight::Dashboard.StaticFileS3SourceOptions": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "BucketName": { + "markdownDescription": "The name of the Amazon S3 bucket.", + "title": "BucketName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ConfigurationSetAttributes": { - "$ref": "#/definitions/AWS::SES::EmailIdentity.ConfigurationSetAttributes", - "markdownDescription": "Used to associate a configuration set with an email identity.", - "title": "ConfigurationSetAttributes" - }, - "DkimAttributes": { - "$ref": "#/definitions/AWS::SES::EmailIdentity.DkimAttributes", - "markdownDescription": "An object that contains information about the DKIM attributes for the identity.", - "title": "DkimAttributes" - }, - "DkimSigningAttributes": { - "$ref": "#/definitions/AWS::SES::EmailIdentity.DkimSigningAttributes", - "markdownDescription": "If your request includes this object, Amazon SES configures the identity to use Bring Your Own DKIM (BYODKIM) for DKIM authentication purposes, or, configures the key length to be used for [Easy DKIM](https://docs.aws.amazon.com/ses/latest/DeveloperGuide/easy-dkim.html) .\n\nYou can only specify this object if the email identity is a domain, as opposed to an address.", - "title": "DkimSigningAttributes" - }, - "EmailIdentity": { - "markdownDescription": "The email address or domain to verify.", - "title": "EmailIdentity", - "type": "string" - }, - "FeedbackAttributes": { - "$ref": "#/definitions/AWS::SES::EmailIdentity.FeedbackAttributes", - "markdownDescription": "Used to enable or disable feedback forwarding for an identity.", - "title": "FeedbackAttributes" - }, - "MailFromAttributes": { - "$ref": "#/definitions/AWS::SES::EmailIdentity.MailFromAttributes", - "markdownDescription": "Used to enable or disable the custom Mail-From domain configuration for an email identity.", - "title": "MailFromAttributes" - } - }, - "required": [ - "EmailIdentity" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::SES::EmailIdentity" - ], + "ObjectKey": { + "markdownDescription": "The identifier of the static file in the Amazon S3 bucket.", + "title": "ObjectKey", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Region": { + "markdownDescription": "The Region of the Amazon S3 account that contains the bucket.", + "title": "Region", "type": "string" } }, "required": [ - "Type", - "Properties" + "BucketName", + "ObjectKey", + "Region" ], "type": "object" }, - "AWS::SES::EmailIdentity.ConfigurationSetAttributes": { - "additionalProperties": false, - "properties": { - "ConfigurationSetName": { - "markdownDescription": "The configuration set to associate with an email identity.", - "title": "ConfigurationSetName", - "type": "string" - } - }, - "type": "object" - }, - "AWS::SES::EmailIdentity.DkimAttributes": { + "AWS::QuickSight::Dashboard.StaticFileSource": { "additionalProperties": false, "properties": { - "SigningEnabled": { - "markdownDescription": "Sets the DKIM signing configuration for the identity.\n\nWhen you set this value `true` , then the messages that are sent from the identity are signed using DKIM. If you set this value to `false` , your messages are sent without DKIM signing.", - "title": "SigningEnabled", - "type": "boolean" + "S3Options": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.StaticFileS3SourceOptions", + "markdownDescription": "The structure that contains the Amazon S3 location to download the static file from.", + "title": "S3Options" + }, + "UrlOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.StaticFileUrlSourceOptions", + "markdownDescription": "The structure that contains the URL to download the static file from.", + "title": "UrlOptions" } }, "type": "object" }, - "AWS::SES::EmailIdentity.DkimSigningAttributes": { + "AWS::QuickSight::Dashboard.StaticFileUrlSourceOptions": { "additionalProperties": false, "properties": { - "DomainSigningPrivateKey": { - "markdownDescription": "[Bring Your Own DKIM] A private key that's used to generate a DKIM signature.\n\nThe private key must use 1024 or 2048-bit RSA encryption, and must be encoded using base64 encoding.\n\n> Rather than embedding sensitive information directly in your CFN templates, we recommend you use dynamic parameters in the stack template to reference sensitive information that is stored and managed outside of CFN, such as in the AWS Systems Manager Parameter Store or AWS Secrets Manager.\n> \n> For more information, see the [Do not embed credentials in your templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/best-practices.html#creds) best practice.", - "title": "DomainSigningPrivateKey", - "type": "string" - }, - "DomainSigningSelector": { - "markdownDescription": "[Bring Your Own DKIM] A string that's used to identify a public key in the DNS configuration for a domain.", - "title": "DomainSigningSelector", - "type": "string" - }, - "NextSigningKeyLength": { - "markdownDescription": "[Easy DKIM] The key length of the future DKIM key pair to be generated. This can be changed at most once per day.\n\nValid Values: `RSA_1024_BIT | RSA_2048_BIT`", - "title": "NextSigningKeyLength", + "Url": { + "markdownDescription": "The URL to download the static file from.", + "title": "Url", "type": "string" } }, + "required": [ + "Url" + ], "type": "object" }, - "AWS::SES::EmailIdentity.FeedbackAttributes": { + "AWS::QuickSight::Dashboard.StringDefaultValues": { "additionalProperties": false, "properties": { - "EmailForwardingEnabled": { - "markdownDescription": "Sets the feedback forwarding configuration for the identity.\n\nIf the value is `true` , you receive email notifications when bounce or complaint events occur. These notifications are sent to the address that you specified in the `Return-Path` header of the original email.\n\nYou're required to have a method of tracking bounces and complaints. If you haven't set up another mechanism for receiving bounce or complaint notifications (for example, by setting up an event destination), you receive an email notification when these events occur (even if this setting is disabled).", - "title": "EmailForwardingEnabled", - "type": "boolean" + "DynamicValue": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DynamicDefaultValue", + "markdownDescription": "The dynamic value of the `StringDefaultValues` . Different defaults displayed according to users, groups, and values mapping.", + "title": "DynamicValue" + }, + "StaticValues": { + "items": { + "type": "string" + }, + "markdownDescription": "The static values of the `DecimalDefaultValues` .", + "title": "StaticValues", + "type": "array" } }, "type": "object" }, - "AWS::SES::EmailIdentity.MailFromAttributes": { + "AWS::QuickSight::Dashboard.StringFormatConfiguration": { "additionalProperties": false, "properties": { - "BehaviorOnMxFailure": { - "markdownDescription": "The action to take if the required MX record isn't found when you send an email. When you set this value to `USE_DEFAULT_VALUE` , the mail is sent using *amazonses.com* as the MAIL FROM domain. When you set this value to `REJECT_MESSAGE` , the Amazon SES API v2 returns a `MailFromDomainNotVerified` error, and doesn't attempt to deliver the email.\n\nThese behaviors are taken when the custom MAIL FROM domain configuration is in the `Pending` , `Failed` , and `TemporaryFailure` states.\n\nValid Values: `USE_DEFAULT_VALUE | REJECT_MESSAGE`", - "title": "BehaviorOnMxFailure", - "type": "string" + "NullValueFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NullValueFormatConfiguration", + "markdownDescription": "The options that determine the null value format configuration.", + "title": "NullValueFormatConfiguration" }, - "MailFromDomain": { - "markdownDescription": "The custom MAIL FROM domain that you want the verified identity to use. The MAIL FROM domain must meet the following criteria:\n\n- It has to be a subdomain of the verified identity.\n- It can't be used to receive email.\n- It can't be used in a \"From\" address if the MAIL FROM domain is a destination for feedback forwarding emails.", - "title": "MailFromDomain", - "type": "string" + "NumericFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericFormatConfiguration", + "markdownDescription": "The formatting configuration for numeric strings.", + "title": "NumericFormatConfiguration" } }, "type": "object" }, - "AWS::SES::ReceiptFilter": { + "AWS::QuickSight::Dashboard.StringParameter": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "A display name for a string parameter.", + "title": "Name", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Filter": { - "$ref": "#/definitions/AWS::SES::ReceiptFilter.Filter", - "markdownDescription": "A data structure that describes the IP address filter to create, which consists of a name, an IP address range, and whether to allow or block mail from it.", - "title": "Filter" - } + "Values": { + "items": { + "type": "string" }, - "required": [ - "Filter" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::SES::ReceiptFilter" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "markdownDescription": "The values of a string parameter.", + "title": "Values", + "type": "array" } }, "required": [ - "Type", - "Properties" + "Name", + "Values" ], "type": "object" }, - "AWS::SES::ReceiptFilter.Filter": { + "AWS::QuickSight::Dashboard.StringParameterDeclaration": { "additionalProperties": false, "properties": { - "IpFilter": { - "$ref": "#/definitions/AWS::SES::ReceiptFilter.IpFilter", - "markdownDescription": "A structure that provides the IP addresses to block or allow, and whether to block or allow incoming mail from them.", - "title": "IpFilter" + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringDefaultValues", + "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", + "title": "DefaultValues" + }, + "MappedDataSetParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MappedDataSetParameter" + }, + "markdownDescription": "", + "title": "MappedDataSetParameters", + "type": "array" }, "Name": { - "markdownDescription": "The name of the IP address filter. The name must meet the following requirements:\n\n- Contain only ASCII letters (a-z, A-Z), numbers (0-9), underscores (_), or dashes (-).\n- Start and end with a letter or number.\n- Contain 64 characters or fewer.", + "markdownDescription": "The name of the parameter that is being declared.", "title": "Name", "type": "string" + }, + "ParameterValueType": { + "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", + "title": "ParameterValueType", + "type": "string" + }, + "ValueWhenUnset": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringValueWhenUnsetConfiguration", + "markdownDescription": "The configuration that defines the default value of a `String` parameter when a value has not been set.", + "title": "ValueWhenUnset" } }, "required": [ - "IpFilter" + "Name", + "ParameterValueType" ], "type": "object" }, - "AWS::SES::ReceiptFilter.IpFilter": { + "AWS::QuickSight::Dashboard.StringValueWhenUnsetConfiguration": { "additionalProperties": false, "properties": { - "Cidr": { - "markdownDescription": "A single IP address or a range of IP addresses to block or allow, specified in Classless Inter-Domain Routing (CIDR) notation. An example of a single email address is 10.0.0.1. An example of a range of IP addresses is 10.0.0.1/24. For more information about CIDR notation, see [RFC 2317](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc2317) .", - "title": "Cidr", + "CustomValue": { + "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", + "title": "CustomValue", "type": "string" }, - "Policy": { - "markdownDescription": "Indicates whether to block or allow incoming mail from the specified IP addresses.", - "title": "Policy", + "ValueWhenUnsetOption": { + "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", + "title": "ValueWhenUnsetOption", "type": "string" } }, - "required": [ - "Cidr", - "Policy" - ], "type": "object" }, - "AWS::SES::ReceiptRule": { + "AWS::QuickSight::Dashboard.SubtotalOptions": { "additionalProperties": false, "properties": { - "Condition": { + "CustomLabel": { + "markdownDescription": "The custom label string for the subtotal cells.", + "title": "CustomLabel", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FieldLevel": { + "markdownDescription": "The field level (all, custom, last) for the subtotal cells.", + "title": "FieldLevel", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "FieldLevelOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableFieldSubtotalOptions" + }, + "markdownDescription": "The optional configuration of subtotal cells.", + "title": "FieldLevelOptions", + "type": "array" }, - "Metadata": { - "type": "object" + "MetricHeaderCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", + "markdownDescription": "The cell styling options for the subtotals of header cells.", + "title": "MetricHeaderCellStyle" }, - "Properties": { - "additionalProperties": false, - "properties": { - "After": { - "markdownDescription": "The name of an existing rule after which the new rule is placed. If this parameter is null, the new rule is inserted at the beginning of the rule list.", - "title": "After", - "type": "string" - }, - "Rule": { - "$ref": "#/definitions/AWS::SES::ReceiptRule.Rule", - "markdownDescription": "A data structure that contains the specified rule's name, actions, recipients, domains, enabled status, scan status, and TLS policy.", - "title": "Rule" - }, - "RuleSetName": { - "markdownDescription": "The name of the rule set where the receipt rule is added.", - "title": "RuleSetName", - "type": "string" - } + "StyleTargets": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableStyleTarget" }, - "required": [ - "Rule", - "RuleSetName" - ], - "type": "object" + "markdownDescription": "The style targets options for subtotals.", + "title": "StyleTargets", + "type": "array" }, - "Type": { - "enum": [ - "AWS::SES::ReceiptRule" - ], - "type": "string" + "TotalCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", + "markdownDescription": "The cell styling options for the subtotal cells.", + "title": "TotalCellStyle" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TotalsVisibility": { + "markdownDescription": "The visibility configuration for the subtotal cells.", + "title": "TotalsVisibility", "type": "string" + }, + "ValueCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", + "markdownDescription": "The cell styling options for the subtotals of value cells.", + "title": "ValueCellStyle" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::SES::ReceiptRule.Action": { + "AWS::QuickSight::Dashboard.TableAggregatedFieldWells": { "additionalProperties": false, "properties": { - "AddHeaderAction": { - "$ref": "#/definitions/AWS::SES::ReceiptRule.AddHeaderAction", - "markdownDescription": "Adds a header to the received email.", - "title": "AddHeaderAction" - }, - "BounceAction": { - "$ref": "#/definitions/AWS::SES::ReceiptRule.BounceAction", - "markdownDescription": "Rejects the received email by returning a bounce response to the sender and, optionally, publishes a notification to Amazon Simple Notification Service (Amazon SNS).", - "title": "BounceAction" - }, - "LambdaAction": { - "$ref": "#/definitions/AWS::SES::ReceiptRule.LambdaAction", - "markdownDescription": "Calls an AWS Lambda function, and optionally, publishes a notification to Amazon SNS.", - "title": "LambdaAction" - }, - "S3Action": { - "$ref": "#/definitions/AWS::SES::ReceiptRule.S3Action", - "markdownDescription": "Saves the received message to an Amazon Simple Storage Service (Amazon S3) bucket and, optionally, publishes a notification to Amazon SNS.", - "title": "S3Action" - }, - "SNSAction": { - "$ref": "#/definitions/AWS::SES::ReceiptRule.SNSAction", - "markdownDescription": "Publishes the email content within a notification to Amazon SNS.", - "title": "SNSAction" - }, - "StopAction": { - "$ref": "#/definitions/AWS::SES::ReceiptRule.StopAction", - "markdownDescription": "Terminates the evaluation of the receipt rule set and optionally publishes a notification to Amazon SNS.", - "title": "StopAction" + "GroupBy": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The group by field well for a pivot table. Values are grouped by group by fields.", + "title": "GroupBy", + "type": "array" }, - "WorkmailAction": { - "$ref": "#/definitions/AWS::SES::ReceiptRule.WorkmailAction", - "markdownDescription": "Calls Amazon WorkMail and, optionally, publishes a notification to Amazon SNS.", - "title": "WorkmailAction" + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The values field well for a pivot table. Values are aggregated based on group by fields.", + "title": "Values", + "type": "array" } }, "type": "object" }, - "AWS::SES::ReceiptRule.AddHeaderAction": { + "AWS::QuickSight::Dashboard.TableBorderOptions": { "additionalProperties": false, "properties": { - "HeaderName": { - "markdownDescription": "The name of the header to add to the incoming message. The name must contain at least one character, and can contain up to 50 characters. It consists of alphanumeric ( `a\u2013z, A\u2013Z, 0\u20139` ) characters and dashes.", - "title": "HeaderName", + "Color": { + "markdownDescription": "The color of a table border.", + "title": "Color", "type": "string" }, - "HeaderValue": { - "markdownDescription": "The content to include in the header. This value can contain up to 2048 characters. It can't contain newline ( `\\n` ) or carriage return ( `\\r` ) characters.", - "title": "HeaderValue", + "Style": { + "markdownDescription": "The style (none, solid) of a table border.", + "title": "Style", "type": "string" + }, + "Thickness": { + "markdownDescription": "The thickness of a table border.", + "title": "Thickness", + "type": "number" } }, - "required": [ - "HeaderName", - "HeaderValue" - ], "type": "object" }, - "AWS::SES::ReceiptRule.BounceAction": { + "AWS::QuickSight::Dashboard.TableCellConditionalFormatting": { "additionalProperties": false, "properties": { - "Message": { - "markdownDescription": "Human-readable text to include in the bounce message.", - "title": "Message", - "type": "string" - }, - "Sender": { - "markdownDescription": "The email address of the sender of the bounced email. This is the address from which the bounce message is sent.", - "title": "Sender", - "type": "string" - }, - "SmtpReplyCode": { - "markdownDescription": "The SMTP reply code, as defined by [RFC 5321](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc5321) .", - "title": "SmtpReplyCode", - "type": "string" - }, - "StatusCode": { - "markdownDescription": "The SMTP enhanced status code, as defined by [RFC 3463](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc3463) .", - "title": "StatusCode", + "FieldId": { + "markdownDescription": "The field ID of the cell for conditional formatting.", + "title": "FieldId", "type": "string" }, - "TopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to notify when the bounce action is taken. You can find the ARN of a topic by using the [ListTopics](https://docs.aws.amazon.com/sns/latest/api/API_ListTopics.html) operation in Amazon SNS.\n\nFor more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) .", - "title": "TopicArn", - "type": "string" + "TextFormat": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextConditionalFormat", + "markdownDescription": "The text format of the cell for conditional formatting.", + "title": "TextFormat" } }, "required": [ - "Message", - "Sender", - "SmtpReplyCode" + "FieldId" ], "type": "object" }, - "AWS::SES::ReceiptRule.LambdaAction": { + "AWS::QuickSight::Dashboard.TableCellImageSizingConfiguration": { "additionalProperties": false, "properties": { - "FunctionArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Lambda function. An example of an AWS Lambda function ARN is `arn:aws:lambda:us-west-2:account-id:function:MyFunction` . For more information about AWS Lambda, see the [AWS Lambda Developer Guide](https://docs.aws.amazon.com/lambda/latest/dg/welcome.html) .", - "title": "FunctionArn", - "type": "string" - }, - "InvocationType": { - "markdownDescription": "The invocation type of the AWS Lambda function. An invocation type of `RequestResponse` means that the execution of the function immediately results in a response, and a value of `Event` means that the function is invoked asynchronously. The default value is `Event` . For information about AWS Lambda invocation types, see the [AWS Lambda Developer Guide](https://docs.aws.amazon.com/lambda/latest/dg/API_Invoke.html) .\n\n> There is a 30-second timeout on `RequestResponse` invocations. You should use `Event` invocation in most cases. Use `RequestResponse` only to make a mail flow decision, such as whether to stop the receipt rule or the receipt rule set.", - "title": "InvocationType", - "type": "string" - }, - "TopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to notify when the Lambda action is executed. You can find the ARN of a topic by using the [ListTopics](https://docs.aws.amazon.com/sns/latest/api/API_ListTopics.html) operation in Amazon SNS.\n\nFor more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) .", - "title": "TopicArn", + "TableCellImageScalingConfiguration": { + "markdownDescription": "The cell scaling configuration of the sizing options for the table image configuration.", + "title": "TableCellImageScalingConfiguration", "type": "string" } }, - "required": [ - "FunctionArn" - ], "type": "object" }, - "AWS::SES::ReceiptRule.Rule": { + "AWS::QuickSight::Dashboard.TableCellStyle": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::SES::ReceiptRule.Action" - }, - "markdownDescription": "An ordered list of actions to perform on messages that match at least one of the recipient email addresses or domains specified in the receipt rule.", - "title": "Actions", - "type": "array" - }, - "Enabled": { - "markdownDescription": "If `true` , the receipt rule is active. The default value is `false` .", - "title": "Enabled", - "type": "boolean" - }, - "Name": { - "markdownDescription": "The name of the receipt rule. The name must meet the following requirements:\n\n- Contain only ASCII letters (a-z, A-Z), numbers (0-9), underscores (_), dashes (-), or periods (.).\n- Start and end with a letter or number.\n- Contain 64 characters or fewer.", - "title": "Name", + "BackgroundColor": { + "markdownDescription": "The background color for the table cells.", + "title": "BackgroundColor", "type": "string" }, - "Recipients": { - "items": { - "type": "string" - }, - "markdownDescription": "The recipient domains and email addresses that the receipt rule applies to. If this field is not specified, this rule matches all recipients on all verified domains.", - "title": "Recipients", - "type": "array" + "Border": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GlobalTableBorderOptions", + "markdownDescription": "The borders for the table cells.", + "title": "Border" }, - "ScanEnabled": { - "markdownDescription": "If `true` , then messages that this receipt rule applies to are scanned for spam and viruses. The default value is `false` .", - "title": "ScanEnabled", - "type": "boolean" + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", + "markdownDescription": "The font configuration of the table cells.", + "title": "FontConfiguration" }, - "TlsPolicy": { - "markdownDescription": "Specifies whether Amazon SES should require that incoming email is delivered over a connection encrypted with Transport Layer Security (TLS). If this parameter is set to `Require` , Amazon SES bounces emails that are not received over TLS. The default is `Optional` .\n\nValid Values: `Require | Optional`", - "title": "TlsPolicy", - "type": "string" - } - }, - "type": "object" - }, - "AWS::SES::ReceiptRule.S3Action": { - "additionalProperties": false, - "properties": { - "BucketName": { - "markdownDescription": "The name of the Amazon S3 bucket for incoming email.", - "title": "BucketName", - "type": "string" + "Height": { + "markdownDescription": "The height color for the table cells.", + "title": "Height", + "type": "number" }, - "KmsKeyArn": { - "markdownDescription": "The customer managed key that Amazon SES should use to encrypt your emails before saving them to the Amazon S3 bucket. You can use the AWS managed key or a customer managed key that you created in AWS KMS as follows:\n\n- To use the AWS managed key, provide an ARN in the form of `arn:aws:kms:REGION:ACCOUNT-ID-WITHOUT-HYPHENS:alias/aws/ses` . For example, if your AWS account ID is 123456789012 and you want to use the AWS managed key in the US West (Oregon) Region, the ARN of the AWS managed key would be `arn:aws:kms:us-west-2:123456789012:alias/aws/ses` . If you use the AWS managed key, you don't need to perform any extra steps to give Amazon SES permission to use the key.\n- To use a customer managed key that you created in AWS KMS, provide the ARN of the customer managed key and ensure that you add a statement to your key's policy to give Amazon SES permission to use it. For more information about giving permissions, see the [Amazon SES Developer Guide](https://docs.aws.amazon.com/ses/latest/dg/receiving-email-permissions.html) .\n\nFor more information about key policies, see the [AWS KMS Developer Guide](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html) . If you do not specify an AWS KMS key, Amazon SES does not encrypt your emails.\n\n> Your mail is encrypted by Amazon SES using the Amazon S3 encryption client before the mail is submitted to Amazon S3 for storage. It is not encrypted using Amazon S3 server-side encryption. This means that you must use the Amazon S3 encryption client to decrypt the email after retrieving it from Amazon S3, as the service has no access to use your AWS KMS keys for decryption. This encryption client is currently available with the [AWS SDK for Java](https://docs.aws.amazon.com/sdk-for-java/) and [AWS SDK for Ruby](https://docs.aws.amazon.com/sdk-for-ruby/) only. For more information about client-side encryption using AWS KMS managed keys, see the [Amazon S3 Developer Guide](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingClientSideEncryption.html) .", - "title": "KmsKeyArn", + "HorizontalTextAlignment": { + "markdownDescription": "The horizontal text alignment (left, center, right, auto) for the table cells.", + "title": "HorizontalTextAlignment", "type": "string" }, - "ObjectKeyPrefix": { - "markdownDescription": "The key prefix of the Amazon S3 bucket. The key prefix is similar to a directory name that enables you to store similar data under the same directory in a bucket.", - "title": "ObjectKeyPrefix", + "TextWrap": { + "markdownDescription": "The text wrap (none, wrap) for the table cells.", + "title": "TextWrap", "type": "string" }, - "TopicArn": { - "markdownDescription": "The ARN of the Amazon SNS topic to notify when the message is saved to the Amazon S3 bucket. You can find the ARN of a topic by using the [ListTopics](https://docs.aws.amazon.com/sns/latest/api/API_ListTopics.html) operation in Amazon SNS.\n\nFor more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) .", - "title": "TopicArn", - "type": "string" - } - }, - "required": [ - "BucketName" - ], - "type": "object" - }, - "AWS::SES::ReceiptRule.SNSAction": { - "additionalProperties": false, - "properties": { - "Encoding": { - "markdownDescription": "The encoding to use for the email within the Amazon SNS notification. The default value is `UTF-8` . Use `BASE64` if you need to preserve all special characters, especially when the original message uses a different encoding format.", - "title": "Encoding", + "VerticalTextAlignment": { + "markdownDescription": "The vertical text alignment (top, middle, bottom) for the table cells.", + "title": "VerticalTextAlignment", "type": "string" }, - "TopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS Topic to which notification for the email received will be published.", - "title": "TopicArn", + "Visibility": { + "markdownDescription": "The visibility of the table cells.", + "title": "Visibility", "type": "string" } }, "type": "object" }, - "AWS::SES::ReceiptRule.StopAction": { + "AWS::QuickSight::Dashboard.TableConditionalFormatting": { "additionalProperties": false, "properties": { - "Scope": { - "markdownDescription": "The scope of the StopAction. The only acceptable value is `RuleSet` .", - "title": "Scope", - "type": "string" - }, - "TopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to notify when the stop action is taken. You can find the ARN of a topic by using the [ListTopics](https://docs.aws.amazon.com/sns/latest/api/API_ListTopics.html) Amazon SNS operation.\n\nFor more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) .", - "title": "TopicArn", - "type": "string" + "ConditionalFormattingOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableConditionalFormattingOption" + }, + "markdownDescription": "Conditional formatting options for a `PivotTableVisual` .", + "title": "ConditionalFormattingOptions", + "type": "array" } }, - "required": [ - "Scope" - ], "type": "object" }, - "AWS::SES::ReceiptRule.WorkmailAction": { + "AWS::QuickSight::Dashboard.TableConditionalFormattingOption": { "additionalProperties": false, "properties": { - "OrganizationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon WorkMail organization. Amazon WorkMail ARNs use the following format:\n\n`arn:aws:workmail:::organization/`\n\nYou can find the ID of your organization by using the [ListOrganizations](https://docs.aws.amazon.com/workmail/latest/APIReference/API_ListOrganizations.html) operation in Amazon WorkMail. Amazon WorkMail organization IDs begin with \" `m-` \", followed by a string of alphanumeric characters.\n\nFor information about Amazon WorkMail organizations, see the [Amazon WorkMail Administrator Guide](https://docs.aws.amazon.com/workmail/latest/adminguide/organizations_overview.html) .", - "title": "OrganizationArn", - "type": "string" + "Cell": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellConditionalFormatting", + "markdownDescription": "The cell conditional formatting option for a table.", + "title": "Cell" }, - "TopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to notify when the WorkMail action is called. You can find the ARN of a topic by using the [ListTopics](https://docs.aws.amazon.com/sns/latest/api/API_ListTopics.html) operation in Amazon SNS.\n\nFor more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) .", - "title": "TopicArn", - "type": "string" + "Row": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableRowConditionalFormatting", + "markdownDescription": "The row conditional formatting option for a table.", + "title": "Row" } }, - "required": [ - "OrganizationArn" - ], "type": "object" }, - "AWS::SES::ReceiptRuleSet": { + "AWS::QuickSight::Dashboard.TableConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "FieldOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldOptions", + "markdownDescription": "The field options for a table visual.", + "title": "FieldOptions" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" }, - "Metadata": { - "type": "object" + "PaginatedReportOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TablePaginatedReportOptions", + "markdownDescription": "The paginated report options for a table visual.", + "title": "PaginatedReportOptions" }, - "Properties": { - "additionalProperties": false, - "properties": { - "RuleSetName": { - "markdownDescription": "The name of the receipt rule set to make active. Setting this value to null disables all email receiving.", - "title": "RuleSetName", - "type": "string" - } + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableSortConfiguration", + "markdownDescription": "The sort configuration for a `TableVisual` .", + "title": "SortConfiguration" + }, + "TableInlineVisualizations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableInlineVisualization" }, - "type": "object" + "markdownDescription": "A collection of inline visualizations to display within a chart.", + "title": "TableInlineVisualizations", + "type": "array" }, - "Type": { - "enum": [ - "AWS::SES::ReceiptRuleSet" - ], + "TableOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableOptions", + "markdownDescription": "The table options for a table visual.", + "title": "TableOptions" + }, + "TotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TotalOptions", + "markdownDescription": "The total options for a table visual.", + "title": "TotalOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableFieldCustomIconContent": { + "additionalProperties": false, + "properties": { + "Icon": { + "markdownDescription": "The icon set type (link) of the custom icon content for table URL link content.", + "title": "Icon", "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableFieldCustomTextContent": { + "additionalProperties": false, + "properties": { + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", + "markdownDescription": "The font configuration of the custom text content for the table URL link content.", + "title": "FontConfiguration" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Value": { + "markdownDescription": "The string value of the custom text content for the table URL link content.", + "title": "Value", "type": "string" } }, "required": [ - "Type" + "FontConfiguration" ], "type": "object" }, - "AWS::SES::Template": { + "AWS::QuickSight::Dashboard.TableFieldImageConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Template": { - "$ref": "#/definitions/AWS::SES::Template.Template", - "markdownDescription": "The content of the email, composed of a subject line and either an HTML part or a text-only part.", - "title": "Template" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::SES::Template" - ], - "type": "string" + "SizingOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellImageSizingConfiguration", + "markdownDescription": "The sizing options for the table image configuration.", + "title": "SizingOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableFieldLinkConfiguration": { + "additionalProperties": false, + "properties": { + "Content": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldLinkContentConfiguration", + "markdownDescription": "The URL content (text, icon) for the table link configuration.", + "title": "Content" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Target": { + "markdownDescription": "The URL target (new tab, new window, same tab) for the table link configuration.", + "title": "Target", "type": "string" } }, "required": [ - "Type" + "Content", + "Target" ], "type": "object" }, - "AWS::SES::Template.Template": { + "AWS::QuickSight::Dashboard.TableFieldLinkContentConfiguration": { "additionalProperties": false, "properties": { - "HtmlPart": { - "markdownDescription": "The HTML body of the email.", - "title": "HtmlPart", + "CustomIconContent": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldCustomIconContent", + "markdownDescription": "The custom icon content for the table link content configuration.", + "title": "CustomIconContent" + }, + "CustomTextContent": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldCustomTextContent", + "markdownDescription": "The custom text content (value, font configuration) for the table link content configuration.", + "title": "CustomTextContent" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableFieldOption": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The custom label for a table field.", + "title": "CustomLabel", "type": "string" }, - "SubjectPart": { - "markdownDescription": "The subject line of the email.", - "title": "SubjectPart", + "FieldId": { + "markdownDescription": "The field ID for a table field.", + "title": "FieldId", "type": "string" }, - "TemplateName": { - "markdownDescription": "The name of the template. You will refer to this name when you send email using the `SendEmail` or `SendBulkEmail` operations.", - "title": "TemplateName", + "URLStyling": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldURLConfiguration", + "markdownDescription": "The URL configuration for a table field.", + "title": "URLStyling" + }, + "Visibility": { + "markdownDescription": "The visibility of a table field.", + "title": "Visibility", "type": "string" }, - "TextPart": { - "markdownDescription": "The email body that is visible to recipients whose email clients do not display HTML content.", - "title": "TextPart", + "Width": { + "markdownDescription": "The width for a table field.", + "title": "Width", "type": "string" } }, "required": [ - "SubjectPart" + "FieldId" ], "type": "object" }, - "AWS::SES::VdmAttributes": { + "AWS::QuickSight::Dashboard.TableFieldOptions": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Order": { + "items": { + "type": "string" + }, + "markdownDescription": "The order of the field IDs that are configured as field options for a table visual.", + "title": "Order", + "type": "array" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "PinnedFieldOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TablePinnedFieldOptions", + "markdownDescription": "The settings for the pinned columns of a table visual.", + "title": "PinnedFieldOptions" }, - "Metadata": { - "type": "object" + "SelectedFieldOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldOption" + }, + "markdownDescription": "The field options to be configured to a table.", + "title": "SelectedFieldOptions", + "type": "array" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DashboardAttributes": { - "$ref": "#/definitions/AWS::SES::VdmAttributes.DashboardAttributes", - "markdownDescription": "Specifies additional settings for your VDM configuration as applicable to the Dashboard.", - "title": "DashboardAttributes" - }, - "GuardianAttributes": { - "$ref": "#/definitions/AWS::SES::VdmAttributes.GuardianAttributes", - "markdownDescription": "Specifies additional settings for your VDM configuration as applicable to the Guardian.", - "title": "GuardianAttributes" - } + "TransposedTableOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TransposedTableOption" }, - "type": "object" + "markdownDescription": "The `TableOptions` of a transposed table.", + "title": "TransposedTableOptions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableFieldURLConfiguration": { + "additionalProperties": false, + "properties": { + "ImageConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldImageConfiguration", + "markdownDescription": "The image configuration of a table field URL.", + "title": "ImageConfiguration" }, - "Type": { - "enum": [ - "AWS::SES::VdmAttributes" - ], - "type": "string" + "LinkConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldLinkConfiguration", + "markdownDescription": "The link configuration of a table field URL.", + "title": "LinkConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableFieldWells": { + "additionalProperties": false, + "properties": { + "TableAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableAggregatedFieldWells", + "markdownDescription": "The aggregated field well for the table.", + "title": "TableAggregatedFieldWells" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "TableUnaggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableUnaggregatedFieldWells", + "markdownDescription": "The unaggregated field well for the table.", + "title": "TableUnaggregatedFieldWells" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::SES::VdmAttributes.DashboardAttributes": { + "AWS::QuickSight::Dashboard.TableInlineVisualization": { "additionalProperties": false, "properties": { - "EngagementMetrics": { - "markdownDescription": "Specifies the status of your VDM engagement metrics collection. Can be one of the following:\n\n- `ENABLED` \u2013 Amazon SES enables engagement metrics for your account.\n- `DISABLED` \u2013 Amazon SES disables engagement metrics for your account.", - "title": "EngagementMetrics", - "type": "string" + "DataBars": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataBarsOptions", + "markdownDescription": "The configuration of the inline visualization of the data bars within a chart.", + "title": "DataBars" } }, "type": "object" }, - "AWS::SES::VdmAttributes.GuardianAttributes": { + "AWS::QuickSight::Dashboard.TableOptions": { "additionalProperties": false, "properties": { - "OptimizedSharedDelivery": { - "markdownDescription": "Specifies the status of your VDM optimized shared delivery. Can be one of the following:\n\n- `ENABLED` \u2013 Amazon SES enables optimized shared delivery for your account.\n- `DISABLED` \u2013 Amazon SES disables optimized shared delivery for your account.", - "title": "OptimizedSharedDelivery", + "CellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", + "markdownDescription": "The table cell style of table cells.", + "title": "CellStyle" + }, + "HeaderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", + "markdownDescription": "The table cell style of a table header.", + "title": "HeaderStyle" + }, + "Orientation": { + "markdownDescription": "The orientation (vertical, horizontal) for a table.", + "title": "Orientation", "type": "string" + }, + "RowAlternateColorOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RowAlternateColorOptions", + "markdownDescription": "The row alternate color options (widget status, row alternate colors) for a table.", + "title": "RowAlternateColorOptions" } }, "type": "object" }, - "AWS::SNS::Subscription": { + "AWS::QuickSight::Dashboard.TablePaginatedReportOptions": { "additionalProperties": false, "properties": { - "Condition": { + "OverflowColumnHeaderVisibility": { + "markdownDescription": "The visibility of repeating header rows on each page.", + "title": "OverflowColumnHeaderVisibility", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VerticalOverflowVisibility": { + "markdownDescription": "The visibility of printing table overflow across pages.", + "title": "VerticalOverflowVisibility", "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TablePinnedFieldOptions": { + "additionalProperties": false, + "properties": { + "PinnedLeftFields": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of columns to be pinned to the left of a table visual.", + "title": "PinnedLeftFields", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableRowConditionalFormatting": { + "additionalProperties": false, + "properties": { + "BackgroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting color (solid, gradient) of the background for a table row.", + "title": "BackgroundColor" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting color (solid, gradient) of the text for a table row.", + "title": "TextColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableSideBorderOptions": { + "additionalProperties": false, + "properties": { + "Bottom": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", + "markdownDescription": "The table border options of the bottom border.", + "title": "Bottom" }, - "Metadata": { - "type": "object" + "InnerHorizontal": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", + "markdownDescription": "The table border options of the inner horizontal border.", + "title": "InnerHorizontal" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DeliveryPolicy": { - "markdownDescription": "The delivery policy JSON assigned to the subscription. Enables the subscriber to define the message delivery retry strategy in the case of an HTTP/S endpoint subscribed to the topic. For more information, see `[GetSubscriptionAttributes](https://docs.aws.amazon.com/sns/latest/api/API_GetSubscriptionAttributes.html)` in the *Amazon SNS API Reference* and [Message delivery retries](https://docs.aws.amazon.com/sns/latest/dg/sns-message-delivery-retries.html) in the *Amazon SNS Developer Guide* .", - "title": "DeliveryPolicy", - "type": "object" - }, - "Endpoint": { - "markdownDescription": "The subscription's endpoint. The endpoint value depends on the protocol that you specify. For more information, see the `Endpoint` parameter of the `[Subscribe](https://docs.aws.amazon.com/sns/latest/api/API_Subscribe.html)` action in the *Amazon SNS API Reference* .", - "title": "Endpoint", - "type": "string" - }, - "FilterPolicy": { - "markdownDescription": "The filter policy JSON assigned to the subscription. Enables the subscriber to filter out unwanted messages. For more information, see `[GetSubscriptionAttributes](https://docs.aws.amazon.com/sns/latest/api/API_GetSubscriptionAttributes.html)` in the *Amazon SNS API Reference* and [Message filtering](https://docs.aws.amazon.com/sns/latest/dg/sns-message-filtering.html) in the *Amazon SNS Developer Guide* .", - "title": "FilterPolicy", - "type": "object" - }, - "FilterPolicyScope": { - "markdownDescription": "This attribute lets you choose the filtering scope by using one of the following string value types:\n\n- `MessageAttributes` (default) - The filter is applied on the message attributes.\n- `MessageBody` - The filter is applied on the message body.\n\n> `Null` is not a valid value for `FilterPolicyScope` . To delete a filter policy, delete the `FilterPolicy` property but keep `FilterPolicyScope` property as is.", - "title": "FilterPolicyScope", - "type": "string" - }, - "Protocol": { - "markdownDescription": "The subscription's protocol. For more information, see the `Protocol` parameter of the `[Subscribe](https://docs.aws.amazon.com/sns/latest/api/API_Subscribe.html)` action in the *Amazon SNS API Reference* .", - "title": "Protocol", - "type": "string" - }, - "RawMessageDelivery": { - "markdownDescription": "When set to `true` , enables raw message delivery. Raw messages don't contain any JSON formatting and can be sent to Amazon SQS and HTTP/S endpoints. For more information, see `[GetSubscriptionAttributes](https://docs.aws.amazon.com/sns/latest/api/API_GetSubscriptionAttributes.html)` in the *Amazon SNS API Reference* .", - "title": "RawMessageDelivery", - "type": "boolean" - }, - "RedrivePolicy": { - "markdownDescription": "When specified, sends undeliverable messages to the specified Amazon SQS dead-letter queue. Messages that can't be delivered due to client errors (for example, when the subscribed endpoint is unreachable) or server errors (for example, when the service that powers the subscribed endpoint becomes unavailable) are held in the dead-letter queue for further analysis or reprocessing.\n\nFor more information about the redrive policy and dead-letter queues, see [Amazon SQS dead-letter queues](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-dead-letter-queues.html) in the *Amazon SQS Developer Guide* .", - "title": "RedrivePolicy", - "type": "object" - }, - "Region": { - "markdownDescription": "For cross-region subscriptions, the region in which the topic resides.\n\nIf no region is specified, AWS CloudFormation uses the region of the caller as the default.\n\nIf you perform an update operation that only updates the `Region` property of a `AWS::SNS::Subscription` resource, that operation will fail unless you are either:\n\n- Updating the `Region` from `NULL` to the caller region.\n- Updating the `Region` from the caller region to `NULL` .", - "title": "Region", - "type": "string" - }, - "ReplayPolicy": { - "markdownDescription": "Specifies whether Amazon SNS resends the notification to the subscription when a message's attribute changes.", - "title": "ReplayPolicy", - "type": "object" - }, - "SubscriptionRoleArn": { - "markdownDescription": "This property applies only to Amazon Data Firehose delivery stream subscriptions. Specify the ARN of the IAM role that has the following:\n\n- Permission to write to the Amazon Data Firehose delivery stream\n- Amazon SNS listed as a trusted entity\n\nSpecifying a valid ARN for this attribute is required for Firehose delivery stream subscriptions. For more information, see [Fanout to Amazon Data Firehose delivery streams](https://docs.aws.amazon.com/sns/latest/dg/sns-firehose-as-subscriber.html) in the *Amazon SNS Developer Guide.*", - "title": "SubscriptionRoleArn", - "type": "string" - }, - "TopicArn": { - "markdownDescription": "The ARN of the topic to subscribe to.", - "title": "TopicArn", - "type": "string" - } - }, - "required": [ - "Protocol", - "TopicArn" - ], - "type": "object" + "InnerVertical": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", + "markdownDescription": "The table border options of the inner vertical border.", + "title": "InnerVertical" }, - "Type": { - "enum": [ - "AWS::SNS::Subscription" - ], - "type": "string" + "Left": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", + "markdownDescription": "The table border options of the left border.", + "title": "Left" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Right": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", + "markdownDescription": "The table border options of the right border.", + "title": "Right" + }, + "Top": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", + "markdownDescription": "The table border options of the top border.", + "title": "Top" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableSortConfiguration": { + "additionalProperties": false, + "properties": { + "PaginationConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PaginationConfiguration", + "markdownDescription": "The pagination configuration (page size, page number) for the table.", + "title": "PaginationConfiguration" + }, + "RowSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The field sort options for rows in the table.", + "title": "RowSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableStyleTarget": { + "additionalProperties": false, + "properties": { + "CellType": { + "markdownDescription": "The cell type of the table style target.", + "title": "CellType", "type": "string" } }, "required": [ - "Type", - "Properties" + "CellType" ], "type": "object" }, - "AWS::SNS::Topic": { + "AWS::QuickSight::Dashboard.TableUnaggregatedFieldWells": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.UnaggregatedField" + }, + "markdownDescription": "The values field well for a pivot table. Values are unaggregated for an unaggregated table.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ConditionalFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableConditionalFormatting", + "markdownDescription": "The conditional formatting for a `PivotTableVisual` .", + "title": "ConditionalFormatting" }, - "Metadata": { - "type": "object" + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ArchivePolicy": { - "markdownDescription": "The `ArchivePolicy` determines the number of days Amazon SNS retains messages in FIFO topics. You can set a retention period ranging from 1 to 365 days. This property is only applicable to FIFO topics; attempting to use it with standard topics will result in a creation failure.", - "title": "ArchivePolicy", - "type": "object" - }, - "ContentBasedDeduplication": { - "markdownDescription": "`ContentBasedDeduplication` enables deduplication of messages based on their content for FIFO topics. By default, this property is set to false. If you create a FIFO topic with `ContentBasedDeduplication` set to false, you must provide a `MessageDeduplicationId` for each `Publish` action. When set to true, Amazon SNS automatically generates a `MessageDeduplicationId` using a SHA-256 hash of the message body (excluding message attributes). You can optionally override this generated value by specifying a `MessageDeduplicationId` in the `Publish` action. Note that this property only applies to FIFO topics; using it with standard topics will cause the creation to fail.", - "title": "ContentBasedDeduplication", - "type": "boolean" - }, - "DataProtectionPolicy": { - "markdownDescription": "The body of the policy document you want to use for this topic.\n\nYou can only add one policy per topic.\n\nThe policy must be in JSON string format.\n\nLength Constraints: Maximum length of 30,720.", - "title": "DataProtectionPolicy", - "type": "object" - }, - "DeliveryStatusLogging": { - "items": { - "$ref": "#/definitions/AWS::SNS::Topic.LoggingConfig" - }, - "markdownDescription": "The `DeliveryStatusLogging` configuration enables you to log the delivery status of messages sent from your Amazon SNS topic to subscribed endpoints with the following supported delivery protocols:\n\n- HTTP\n- Amazon Kinesis Data Firehose\n- AWS Lambda\n- Platform application endpoint\n- Amazon Simple Queue Service\n\nOnce configured, log entries are sent to Amazon CloudWatch Logs.", - "title": "DeliveryStatusLogging", - "type": "array" - }, - "DisplayName": { - "markdownDescription": "The display name to use for an Amazon SNS topic with SMS subscriptions. The display name must be maximum 100 characters long, including hyphens (-), underscores (_), spaces, and tabs.", - "title": "DisplayName", - "type": "string" - }, - "FifoTopic": { - "markdownDescription": "Set to true to create a FIFO topic.", - "title": "FifoTopic", - "type": "boolean" - }, - "KmsMasterKeyId": { - "markdownDescription": "The ID of an AWS managed customer master key (CMK) for Amazon SNS or a custom CMK. For more information, see [Key terms](https://docs.aws.amazon.com/sns/latest/dg/sns-server-side-encryption.html#sse-key-terms) . For more examples, see `[KeyId](https://docs.aws.amazon.com/kms/latest/APIReference/API_DescribeKey.html#API_DescribeKey_RequestParameters)` in the *AWS Key Management Service API Reference* .\n\nThis property applies only to [server-side-encryption](https://docs.aws.amazon.com/sns/latest/dg/sns-server-side-encryption.html) .", - "title": "KmsMasterKeyId", - "type": "string" - }, - "SignatureVersion": { - "markdownDescription": "The signature version corresponds to the hashing algorithm used while creating the signature of the notifications, subscription confirmations, or unsubscribe confirmation messages sent by Amazon SNS. By default, `SignatureVersion` is set to `1` .", - "title": "SignatureVersion", - "type": "string" - }, - "Subscription": { - "items": { - "$ref": "#/definitions/AWS::SNS::Topic.Subscription" - }, - "markdownDescription": "The Amazon SNS subscriptions (endpoints) for this topic.\n\n> If you specify the `Subscription` property in the `AWS::SNS::Topic` resource and it creates an associated subscription resource, the associated subscription is not deleted when the `AWS::SNS::Topic` resource is deleted.", - "title": "Subscription", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The list of tags to add to a new topic.\n\n> To be able to tag a topic on creation, you must have the `sns:CreateTopic` and `sns:TagResource` permissions.", - "title": "Tags", - "type": "array" - }, - "TopicName": { - "markdownDescription": "The name of the topic you want to create. Topic names must include only uppercase and lowercase ASCII letters, numbers, underscores, and hyphens, and must be between 1 and 256 characters long. FIFO topic names must end with `.fifo` .\n\nIf you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the topic name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "TopicName", - "type": "string" - }, - "TracingConfig": { - "markdownDescription": "Tracing mode of an Amazon SNS topic. By default `TracingConfig` is set to `PassThrough` , and the topic passes through the tracing header it receives from an Amazon SNS publisher to its subscriptions. If set to `Active` , Amazon SNS will vend X-Ray segment data to topic owner account if the sampled flag in the tracing header is true.", - "title": "TracingConfig", - "type": "string" - } - }, - "type": "object" + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" }, - "Type": { - "enum": [ - "AWS::SNS::Topic" - ], + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", "type": "string" } }, "required": [ - "Type" + "VisualId" ], "type": "object" }, - "AWS::SNS::Topic.LoggingConfig": { + "AWS::QuickSight::Dashboard.TextAreaControlDisplayOptions": { "additionalProperties": false, "properties": { - "FailureFeedbackRoleArn": { - "markdownDescription": "The IAM role ARN to be used when logging failed message deliveries in Amazon CloudWatch.", - "title": "FailureFeedbackRoleArn", + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "PlaceholderOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextControlPlaceholderOptions", + "markdownDescription": "The configuration of the placeholder options in a text area control.", + "title": "PlaceholderOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TextConditionalFormat": { + "additionalProperties": false, + "properties": { + "BackgroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting for the text background color.", + "title": "BackgroundColor" + }, + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting for the icon.", + "title": "Icon" + }, + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting for the text color.", + "title": "TextColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TextControlPlaceholderOptions": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility configuration of the placeholder options in a text control.", + "title": "Visibility", "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TextFieldControlDisplayOptions": { + "additionalProperties": false, + "properties": { + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" }, - "Protocol": { - "markdownDescription": "Indicates one of the supported protocols for the Amazon SNS topic.\n\n> At least one of the other three `LoggingConfig` properties is recommend along with `Protocol` .", - "title": "Protocol", + "PlaceholderOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextControlPlaceholderOptions", + "markdownDescription": "The configuration of the placeholder options in a text field control.", + "title": "PlaceholderOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ThousandSeparatorOptions": { + "additionalProperties": false, + "properties": { + "GroupingStyle": { + "markdownDescription": "Determines the way numbers are styled to accommodate different readability standards. The `DEFAULT` value uses the standard international grouping system and groups numbers by the thousands. The `LAKHS` value uses the Indian numbering system and groups numbers by lakhs and crores.", + "title": "GroupingStyle", "type": "string" }, - "SuccessFeedbackRoleArn": { - "markdownDescription": "The IAM role ARN to be used when logging successful message deliveries in Amazon CloudWatch.", - "title": "SuccessFeedbackRoleArn", + "Symbol": { + "markdownDescription": "Determines the thousands separator symbol.", + "title": "Symbol", "type": "string" }, - "SuccessFeedbackSampleRate": { - "markdownDescription": "The percentage of successful message deliveries to be logged in Amazon CloudWatch. Valid percentage values range from 0 to 100.", - "title": "SuccessFeedbackSampleRate", + "Visibility": { + "markdownDescription": "Determines the visibility of the thousands separator.", + "title": "Visibility", "type": "string" } }, - "required": [ - "Protocol" - ], "type": "object" }, - "AWS::SNS::Topic.Subscription": { + "AWS::QuickSight::Dashboard.TimeBasedForecastProperties": { "additionalProperties": false, "properties": { - "Endpoint": { - "markdownDescription": "The endpoint that receives notifications from the Amazon SNS topic. The endpoint value depends on the protocol that you specify. For more information, see the `Endpoint` parameter of the `[Subscribe](https://docs.aws.amazon.com/sns/latest/api/API_Subscribe.html)` action in the *Amazon SNS API Reference* .", - "title": "Endpoint", - "type": "string" + "LowerBoundary": { + "markdownDescription": "The lower boundary setup of a forecast computation.", + "title": "LowerBoundary", + "type": "number" }, - "Protocol": { - "markdownDescription": "The subscription's protocol. For more information, see the `Protocol` parameter of the `[Subscribe](https://docs.aws.amazon.com/sns/latest/api/API_Subscribe.html)` action in the *Amazon SNS API Reference* .", - "title": "Protocol", - "type": "string" + "PeriodsBackward": { + "markdownDescription": "The periods backward setup of a forecast computation.", + "title": "PeriodsBackward", + "type": "number" + }, + "PeriodsForward": { + "markdownDescription": "The periods forward setup of a forecast computation.", + "title": "PeriodsForward", + "type": "number" + }, + "PredictionInterval": { + "markdownDescription": "The prediction interval setup of a forecast computation.", + "title": "PredictionInterval", + "type": "number" + }, + "Seasonality": { + "markdownDescription": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `NULL` : The input is set to `NULL` .\n- `NON_NULL` : The input is set to a custom value.", + "title": "Seasonality", + "type": "number" + }, + "UpperBoundary": { + "markdownDescription": "The upper boundary setup of a forecast computation.", + "title": "UpperBoundary", + "type": "number" } }, - "required": [ - "Endpoint", - "Protocol" - ], "type": "object" }, - "AWS::SNS::TopicInlinePolicy": { + "AWS::QuickSight::Dashboard.TimeEqualityFilter": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" }, - "Metadata": { - "type": "object" + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `Value` and `RollingDate` .", + "title": "ParameterName", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "PolicyDocument": { - "markdownDescription": "A policy document that contains permissions to add to the specified Amazon SNS topic.", - "title": "PolicyDocument", - "type": "object" - }, - "TopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the topic to which you want to add the policy.", - "title": "TopicArn", - "type": "string" - } - }, - "required": [ - "PolicyDocument", - "TopicArn" - ], - "type": "object" + "RollingDate": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RollingDateConfiguration", + "markdownDescription": "The rolling date input for the `TimeEquality` filter.\n\nThis field is mutually exclusive to `Value` and `ParameterName` .", + "title": "RollingDate" }, - "Type": { - "enum": [ - "AWS::SNS::TopicInlinePolicy" - ], + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Value": { + "markdownDescription": "The value of a `TimeEquality` filter.\n\nThis field is mutually exclusive to `RollingDate` and `ParameterName` .", + "title": "Value", "type": "string" } }, "required": [ - "Type", - "Properties" + "Column", + "FilterId" ], "type": "object" }, - "AWS::SNS::TopicPolicy": { + "AWS::QuickSight::Dashboard.TimeRangeDrillDownFilter": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "RangeMaximum": { + "markdownDescription": "The maximum value for the filter value range.", + "title": "RangeMaximum", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "PolicyDocument": { - "markdownDescription": "A policy document that contains permissions to add to the specified SNS topics.", - "title": "PolicyDocument", - "type": "object" - }, - "Topics": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Names (ARN) of the topics to which you want to add the policy. You can use the `[Ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html)` function to specify an `[AWS::SNS::Topic](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sns-topic.html)` resource.", - "title": "Topics", - "type": "array" - } - }, - "required": [ - "PolicyDocument", - "Topics" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::SNS::TopicPolicy" - ], + "RangeMinimum": { + "markdownDescription": "The minimum value for the filter value range.", + "title": "RangeMinimum", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", "type": "string" } }, "required": [ - "Type", - "Properties" + "Column", + "RangeMaximum", + "RangeMinimum", + "TimeGranularity" ], "type": "object" }, - "AWS::SQS::Queue": { + "AWS::QuickSight::Dashboard.TimeRangeFilter": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ExcludePeriodConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ExcludePeriodConfiguration", + "markdownDescription": "The exclude period of the time range filter.", + "title": "ExcludePeriodConfiguration" }, - "Metadata": { - "type": "object" + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ContentBasedDeduplication": { - "markdownDescription": "For first-in-first-out (FIFO) queues, specifies whether to enable content-based deduplication. During the deduplication interval, Amazon SQS treats messages that are sent with identical content as duplicates and delivers only one copy of the message. For more information, see the `ContentBasedDeduplication` attribute for the `[CreateQueue](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_CreateQueue.html)` action in the *Amazon SQS API Reference* .", - "title": "ContentBasedDeduplication", - "type": "boolean" - }, - "DeduplicationScope": { - "markdownDescription": "For high throughput for FIFO queues, specifies whether message deduplication occurs at the message group or queue level. Valid values are `messageGroup` and `queue` .\n\nTo enable high throughput for a FIFO queue, set this attribute to `messageGroup` *and* set the `FifoThroughputLimit` attribute to `perMessageGroupId` . If you set these attributes to anything other than these values, normal throughput is in effect and deduplication occurs as specified. For more information, see [High throughput for FIFO queues](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/high-throughput-fifo.html) and [Quotas related to messages](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/quotas-messages.html) in the *Amazon SQS Developer Guide* .", - "title": "DeduplicationScope", - "type": "string" - }, - "DelaySeconds": { - "markdownDescription": "The time in seconds for which the delivery of all messages in the queue is delayed. You can specify an integer value of `0` to `900` (15 minutes). The default value is `0` .", - "title": "DelaySeconds", - "type": "number" - }, - "FifoQueue": { - "markdownDescription": "If set to true, creates a FIFO queue. If you don't specify this property, Amazon SQS creates a standard queue. For more information, see [Amazon SQS FIFO queues](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-fifo-queues.html) in the *Amazon SQS Developer Guide* .", - "title": "FifoQueue", - "type": "boolean" - }, - "FifoThroughputLimit": { - "markdownDescription": "For high throughput for FIFO queues, specifies whether the FIFO queue throughput quota applies to the entire queue or per message group. Valid values are `perQueue` and `perMessageGroupId` .\n\nTo enable high throughput for a FIFO queue, set this attribute to `perMessageGroupId` *and* set the `DeduplicationScope` attribute to `messageGroup` . If you set these attributes to anything other than these values, normal throughput is in effect and deduplication occurs as specified. For more information, see [High throughput for FIFO queues](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/high-throughput-fifo.html) and [Quotas related to messages](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/quotas-messages.html) in the *Amazon SQS Developer Guide* .", - "title": "FifoThroughputLimit", - "type": "string" - }, - "KmsDataKeyReusePeriodSeconds": { - "markdownDescription": "The length of time in seconds for which Amazon SQS can reuse a data key to encrypt or decrypt messages before calling AWS KMS again. The value must be an integer between 60 (1 minute) and 86,400 (24 hours). The default is 300 (5 minutes).\n\n> A shorter time period provides better security, but results in more calls to AWS KMS , which might incur charges after Free Tier. For more information, see [Encryption at rest](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-server-side-encryption.html#sqs-how-does-the-data-key-reuse-period-work) in the *Amazon SQS Developer Guide* .", - "title": "KmsDataKeyReusePeriodSeconds", - "type": "number" - }, - "KmsMasterKeyId": { - "markdownDescription": "The ID of an AWS Key Management Service (KMS) for Amazon SQS , or a custom KMS. To use the AWS managed KMS for Amazon SQS , specify a (default) alias ARN, alias name (for example `alias/aws/sqs` ), key ARN, or key ID. For more information, see the following:\n\n- [Encryption at rest](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-server-side-encryption.html) in the *Amazon SQS Developer Guide*\n- [CreateQueue](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_CreateQueue.html) in the *Amazon SQS API Reference*\n- [Request Parameters](https://docs.aws.amazon.com/kms/latest/APIReference/API_DescribeKey.html#API_DescribeKey_RequestParameters) in the *AWS Key Management Service API Reference*\n- The Key Management Service (KMS) section of the [Security best practices for AWS Key Management Service](https://docs.aws.amazon.com/kms/latest/developerguide/best-practices.html) in the *AWS Key Management Service Developer Guide*", - "title": "KmsMasterKeyId", - "type": "string" - }, - "MaximumMessageSize": { - "markdownDescription": "The limit of how many bytes that a message can contain before Amazon SQS rejects it. You can specify an integer value from `1,024` bytes (1 KiB) to `262,144` bytes (256 KiB). The default value is `262,144` (256 KiB).", - "title": "MaximumMessageSize", - "type": "number" - }, - "MessageRetentionPeriod": { - "markdownDescription": "The number of seconds that Amazon SQS retains a message. You can specify an integer value from `60` seconds (1 minute) to `1,209,600` seconds (14 days). The default value is `345,600` seconds (4 days).", - "title": "MessageRetentionPeriod", - "type": "number" - }, - "QueueName": { - "markdownDescription": "A name for the queue. To create a FIFO queue, the name of your FIFO queue must end with the `.fifo` suffix. For more information, see [Amazon SQS FIFO queues](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-fifo-queues.html) in the *Amazon SQS Developer Guide* .\n\nIf you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the queue name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) in the *AWS CloudFormation User Guide* .\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "QueueName", - "type": "string" - }, - "ReceiveMessageWaitTimeSeconds": { - "markdownDescription": "Specifies the duration, in seconds, that the ReceiveMessage action call waits until a message is in the queue in order to include it in the response, rather than returning an empty response if a message isn't yet available. You can specify an integer from 1 to 20. Short polling is used as the default or when you specify 0 for this property. For more information, see [Consuming messages using long polling](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-short-and-long-polling.html#sqs-long-polling) in the *Amazon SQS Developer Guide* .", - "title": "ReceiveMessageWaitTimeSeconds", - "type": "number" - }, - "RedriveAllowPolicy": { - "markdownDescription": "The string that includes the parameters for the permissions for the dead-letter queue redrive permission and which source queues can specify dead-letter queues as a JSON object. The parameters are as follows:\n\n- `redrivePermission` : The permission type that defines which source queues can specify the current queue as the dead-letter queue. Valid values are:\n\n- `allowAll` : (Default) Any source queues in this AWS account in the same Region can specify this queue as the dead-letter queue.\n- `denyAll` : No source queues can specify this queue as the dead-letter queue.\n- `byQueue` : Only queues specified by the `sourceQueueArns` parameter can specify this queue as the dead-letter queue.\n- `sourceQueueArns` : The Amazon Resource Names (ARN)s of the source queues that can specify this queue as the dead-letter queue and redrive messages. You can specify this parameter only when the `redrivePermission` parameter is set to `byQueue` . You can specify up to 10 source queue ARNs. To allow more than 10 source queues to specify dead-letter queues, set the `redrivePermission` parameter to `allowAll` .", - "title": "RedriveAllowPolicy", - "type": "object" - }, - "RedrivePolicy": { - "markdownDescription": "The string that includes the parameters for the dead-letter queue functionality of the source queue as a JSON object. The parameters are as follows:\n\n- `deadLetterTargetArn` : The Amazon Resource Name (ARN) of the dead-letter queue to which Amazon SQS moves messages after the value of `maxReceiveCount` is exceeded.\n- `maxReceiveCount` : The number of times a message is received by a consumer of the source queue before being moved to the dead-letter queue. When the `ReceiveCount` for a message exceeds the `maxReceiveCount` for a queue, Amazon SQS moves the message to the dead-letter-queue.\n\n> The dead-letter queue of a FIFO queue must also be a FIFO queue. Similarly, the dead-letter queue of a standard queue must also be a standard queue. \n\n*JSON*\n\n`{ \"deadLetterTargetArn\" : *String* , \"maxReceiveCount\" : *Integer* }`\n\n*YAML*\n\n`deadLetterTargetArn : *String*`\n\n`maxReceiveCount : *Integer*`", - "title": "RedrivePolicy", - "type": "object" - }, - "SqsManagedSseEnabled": { - "markdownDescription": "Enables server-side queue encryption using SQS owned encryption keys. Only one server-side encryption option is supported per queue (for example, [SSE-KMS](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-configure-sse-existing-queue.html) or [SSE-SQS](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-configure-sqs-sse-queue.html) ). When `SqsManagedSseEnabled` is not defined, `SSE-SQS` encryption is enabled by default.", - "title": "SqsManagedSseEnabled", - "type": "boolean" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags that you attach to this queue. For more information, see [Resource tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .", - "title": "Tags", - "type": "array" - }, - "VisibilityTimeout": { - "markdownDescription": "The length of time during which a message will be unavailable after a message is delivered from the queue. This blocks other components from receiving the same message and gives the initial component time to process and delete the message from the queue.\n\nValues must be from 0 to 43,200 seconds (12 hours). If you don't specify a value, AWS CloudFormation uses the default value of 30 seconds.\n\nFor more information about Amazon SQS queue visibility timeouts, see [Visibility timeout](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-visibility-timeout.html) in the *Amazon SQS Developer Guide* .", - "title": "VisibilityTimeout", - "type": "number" - } - }, - "type": "object" + "IncludeMaximum": { + "markdownDescription": "Determines whether the maximum value in the filter value range should be included in the filtered results.", + "title": "IncludeMaximum", + "type": "boolean" }, - "Type": { - "enum": [ - "AWS::SQS::Queue" - ], + "IncludeMinimum": { + "markdownDescription": "Determines whether the minimum value in the filter value range should be included in the filtered results.", + "title": "IncludeMinimum", + "type": "boolean" + }, + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "RangeMaximumValue": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TimeRangeFilterValue", + "markdownDescription": "The maximum value for the filter value range.", + "title": "RangeMaximumValue" + }, + "RangeMinimumValue": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TimeRangeFilterValue", + "markdownDescription": "The minimum value for the filter value range.", + "title": "RangeMinimumValue" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", "type": "string" } }, "required": [ - "Type" + "Column", + "FilterId", + "NullOption" ], "type": "object" }, - "AWS::SQS::QueueInlinePolicy": { + "AWS::QuickSight::Dashboard.TimeRangeFilterValue": { "additionalProperties": false, "properties": { - "Condition": { + "Parameter": { + "markdownDescription": "The parameter type input value.", + "title": "Parameter", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "RollingDate": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RollingDateConfiguration", + "markdownDescription": "The rolling date input value.", + "title": "RollingDate" + }, + "StaticValue": { + "markdownDescription": "The static input value.", + "title": "StaticValue", "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TooltipItem": { + "additionalProperties": false, + "properties": { + "ColumnTooltipItem": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnTooltipItem", + "markdownDescription": "The tooltip item for the columns that are not part of a field well.", + "title": "ColumnTooltipItem" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "FieldTooltipItem": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldTooltipItem", + "markdownDescription": "The tooltip item for the fields.", + "title": "FieldTooltipItem" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TooltipOptions": { + "additionalProperties": false, + "properties": { + "FieldBasedTooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldBasedTooltip", + "markdownDescription": "The setup for the detailed tooltip. The tooltip setup is always saved. The display type is decided based on the tooltip type.", + "title": "FieldBasedTooltip" }, - "Metadata": { - "type": "object" + "SelectedTooltipType": { + "markdownDescription": "The selected type for the tooltip. Choose one of the following options:\n\n- `BASIC` : A basic tooltip.\n- `DETAILED` : A detailed tooltip.", + "title": "SelectedTooltipType", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "PolicyDocument": { - "markdownDescription": "A policy document that contains the permissions for the specified Amazon SQS queues. For more information about Amazon SQS policies, see [Using custom policies with the Amazon SQS access policy language](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-creating-custom-policies.html) in the *Amazon SQS Developer Guide* .", - "title": "PolicyDocument", - "type": "object" - }, - "Queue": { - "markdownDescription": "The URLs of the queues to which you want to add the policy. You can use the `[Ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html)` function to specify an `[AWS::SQS::Queue](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sqs-queues.html)` resource.", - "title": "Queue", - "type": "string" - } + "TooltipVisibility": { + "markdownDescription": "Determines whether or not the tooltip is visible.", + "title": "TooltipVisibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TopBottomFilter": { + "additionalProperties": false, + "properties": { + "AggregationSortConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationSortConfiguration" }, - "required": [ - "PolicyDocument", - "Queue" - ], - "type": "object" + "markdownDescription": "The aggregation and sort configuration of the top bottom filter.", + "title": "AggregationSortConfigurations", + "type": "array" }, - "Type": { - "enum": [ - "AWS::SQS::QueueInlinePolicy" - ], + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Limit": { + "markdownDescription": "The number of items to include in the top bottom filter results.", + "title": "Limit", + "type": "number" + }, + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.", + "title": "ParameterName", + "type": "string" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", "type": "string" } }, "required": [ - "Type", - "Properties" + "AggregationSortConfigurations", + "Column", + "FilterId" ], "type": "object" }, - "AWS::SQS::QueuePolicy": { + "AWS::QuickSight::Dashboard.TopBottomMoversComputation": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Category": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", + "markdownDescription": "The category field that is used in a computation.", + "title": "Category" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "MoverSize": { + "markdownDescription": "The mover size setup of the top and bottom movers computation.", + "title": "MoverSize", + "type": "number" }, - "Metadata": { - "type": "object" + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "PolicyDocument": { - "markdownDescription": "A policy document that contains the permissions for the specified Amazon SQS queues. For more information about Amazon SQS policies, see [Using custom policies with the Amazon SQS access policy language](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-creating-custom-policies.html) in the *Amazon SQS Developer Guide* .", - "title": "PolicyDocument", - "type": "object" - }, - "Queues": { - "items": { - "type": "string" - }, - "markdownDescription": "The URLs of the queues to which you want to add the policy. You can use the `[Ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html)` function to specify an `[AWS::SQS::Queue](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sqs-queue.html)` resource.", - "title": "Queues", - "type": "array" - } - }, - "required": [ - "PolicyDocument", - "Queues" - ], - "type": "object" + "SortOrder": { + "markdownDescription": "The sort order setup of the top and bottom movers computation.", + "title": "SortOrder", + "type": "string" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" }, "Type": { - "enum": [ - "AWS::SQS::QueuePolicy" - ], + "markdownDescription": "The computation type. Choose from the following options:\n\n- TOP: Top movers computation.\n- BOTTOM: Bottom movers computation.", + "title": "Type", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" } }, "required": [ - "Type", - "Properties" + "ComputationId", + "Type" ], "type": "object" }, - "AWS::SSM::Association": { + "AWS::QuickSight::Dashboard.TopBottomRankedComputation": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Category": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", + "markdownDescription": "The category field that is used in a computation.", + "title": "Category" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ApplyOnlyAtCronInterval": { - "markdownDescription": "By default, when you create a new association, the system runs it immediately after it is created and then according to the schedule you specified. Specify this option if you don't want an association to run immediately after you create it. This parameter is not supported for rate expressions.", - "title": "ApplyOnlyAtCronInterval", - "type": "boolean" - }, - "AssociationName": { - "markdownDescription": "Specify a descriptive name for the association.", - "title": "AssociationName", - "type": "string" - }, - "AutomationTargetParameterName": { - "markdownDescription": "Choose the parameter that will define how your automation will branch out. This target is required for associations that use an Automation runbook and target resources by using rate controls. Automation is a tool in AWS Systems Manager .", - "title": "AutomationTargetParameterName", - "type": "string" - }, - "CalendarNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The names or Amazon Resource Names (ARNs) of the Change Calendar type documents your associations are gated under. The associations only run when that Change Calendar is open. For more information, see [AWS Systems Manager Change Calendar](https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-change-calendar) in the *AWS Systems Manager User Guide* .", - "title": "CalendarNames", - "type": "array" - }, - "ComplianceSeverity": { - "markdownDescription": "The severity level that is assigned to the association.", - "title": "ComplianceSeverity", - "type": "string" - }, - "DocumentVersion": { - "markdownDescription": "The version of the SSM document to associate with the target.\n\n> Note the following important information.\n> \n> - State Manager doesn't support running associations that use a new version of a document if that document is shared from another account. State Manager always runs the `default` version of a document if shared from another account, even though the Systems Manager console shows that a new version was processed. If you want to run an association using a new version of a document shared form another account, you must set the document version to `default` .\n> - `DocumentVersion` is not valid for documents owned by AWS , such as `AWS-RunPatchBaseline` or `AWS-UpdateSSMAgent` . If you specify `DocumentVersion` for an AWS document, the system returns the following error: \"Error occurred during operation 'CreateAssociation'.\" (RequestToken: , HandlerErrorCode: GeneralServiceException).", - "title": "DocumentVersion", - "type": "string" - }, - "InstanceId": { - "markdownDescription": "The ID of the instance that the SSM document is associated with. You must specify the `InstanceId` or `Targets` property.\n\n> `InstanceId` has been deprecated. To specify an instance ID for an association, use the `Targets` parameter. If you use the parameter `InstanceId` , you cannot use the parameters `AssociationName` , `DocumentVersion` , `MaxErrors` , `MaxConcurrency` , `OutputLocation` , or `ScheduleExpression` . To use these parameters, you must use the `Targets` parameter.", - "title": "InstanceId", - "type": "string" - }, - "MaxConcurrency": { - "markdownDescription": "The maximum number of targets allowed to run the association at the same time. You can specify a number, for example 10, or a percentage of the target set, for example 10%. The default value is 100%, which means all targets run the association at the same time.\n\nIf a new managed node starts and attempts to run an association while Systems Manager is running `MaxConcurrency` associations, the association is allowed to run. During the next association interval, the new managed node will process its association within the limit specified for `MaxConcurrency` .", - "title": "MaxConcurrency", - "type": "string" - }, - "MaxErrors": { - "markdownDescription": "The number of errors that are allowed before the system stops sending requests to run the association on additional targets. You can specify either an absolute number of errors, for example 10, or a percentage of the target set, for example 10%. If you specify 3, for example, the system stops sending requests when the fourth error is received. If you specify 0, then the system stops sending requests after the first error is returned. If you run an association on 50 managed nodes and set `MaxError` to 10%, then the system stops sending the request when the sixth error is received.\n\nExecutions that are already running an association when `MaxErrors` is reached are allowed to complete, but some of these executions may fail as well. If you need to ensure that there won't be more than max-errors failed executions, set `MaxConcurrency` to 1 so that executions proceed one at a time.", - "title": "MaxErrors", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the SSM document that contains the configuration information for the instance. You can specify `Command` or `Automation` documents. The documents can be AWS -predefined documents, documents you created, or a document that is shared with you from another account. For SSM documents that are shared with you from other AWS accounts , you must specify the complete SSM document ARN, in the following format:\n\n`arn:partition:ssm:region:account-id:document/document-name`\n\nFor example: `arn:aws:ssm:us-east-2:12345678912:document/My-Shared-Document`\n\nFor AWS -predefined documents and SSM documents you created in your account, you only need to specify the document name. For example, `AWS -ApplyPatchBaseline` or `My-Document` .", - "title": "Name", - "type": "string" - }, - "OutputLocation": { - "$ref": "#/definitions/AWS::SSM::Association.InstanceAssociationOutputLocation", - "markdownDescription": "An Amazon Simple Storage Service (Amazon S3) bucket where you want to store the output details of the request.", - "title": "OutputLocation" - }, - "Parameters": { - "markdownDescription": "The parameters for the runtime configuration of the document.", - "title": "Parameters", - "type": "object" - }, - "ScheduleExpression": { - "markdownDescription": "A cron expression that specifies a schedule when the association runs. The schedule runs in Coordinated Universal Time (UTC).", - "title": "ScheduleExpression", - "type": "string" - }, - "ScheduleOffset": { - "markdownDescription": "Number of days to wait after the scheduled day to run an association.", - "title": "ScheduleOffset", - "type": "number" - }, - "SyncCompliance": { - "markdownDescription": "The mode for generating association compliance. You can specify `AUTO` or `MANUAL` . In `AUTO` mode, the system uses the status of the association execution to determine the compliance status. If the association execution runs successfully, then the association is `COMPLIANT` . If the association execution doesn't run successfully, the association is `NON-COMPLIANT` .\n\nIn `MANUAL` mode, you must specify the `AssociationId` as a parameter for the `PutComplianceItems` API action. In this case, compliance data is not managed by State Manager. It is managed by your direct call to the `PutComplianceItems` API action.\n\nBy default, all associations use `AUTO` mode.", - "title": "SyncCompliance", - "type": "string" - }, - "Targets": { - "items": { - "$ref": "#/definitions/AWS::SSM::Association.Target" - }, - "markdownDescription": "The targets for the association. You must specify the `InstanceId` or `Targets` property. You can target all instances in an AWS account by specifying t he `InstanceIds` key with a value of `*` .\n\nSupported formats include the following.\n\n- `Key=InstanceIds,Values=,,`\n- `Key=tag-key,Values=,`\n\nTo view a JSON and a YAML example that targets all instances, see \"Create an association for all managed instances in an AWS account \" on the Examples page.", - "title": "Targets", - "type": "array" - }, - "WaitForSuccessTimeoutSeconds": { - "markdownDescription": "The number of seconds the service should wait for the association status to show \"Success\" before proceeding with the stack execution. If the association status doesn't show \"Success\" after the specified number of seconds, then stack creation fails.\n\n> When you specify a value for the `WaitForSuccessTimeoutSeconds` , [drift detection](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-stack-drift.html) for your AWS CloudFormation stack\u2019s configuration might yield inaccurate results. If drift detection is important in your scenario, we recommend that you don\u2019t include `WaitForSuccessTimeoutSeconds` in your template.", - "title": "WaitForSuccessTimeoutSeconds", - "type": "number" - } - }, - "required": [ - "Name" - ], - "type": "object" + "ResultSize": { + "markdownDescription": "The result size of a top and bottom ranked computation.", + "title": "ResultSize", + "type": "number" }, "Type": { - "enum": [ - "AWS::SSM::Association" - ], + "markdownDescription": "The computation type. Choose one of the following options:\n\n- TOP: A top ranked computation.\n- BOTTOM: A bottom ranked computation.", + "title": "Type", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" } }, "required": [ - "Type", - "Properties" + "ComputationId", + "Type" ], "type": "object" }, - "AWS::SSM::Association.InstanceAssociationOutputLocation": { + "AWS::QuickSight::Dashboard.TotalAggregationComputation": { "additionalProperties": false, "properties": { - "S3Location": { - "$ref": "#/definitions/AWS::SSM::Association.S3OutputLocation", - "markdownDescription": "`S3OutputLocation` is a property of the [InstanceAssociationOutputLocation](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-association-instanceassociationoutputlocation.html) property that specifies an Amazon S3 bucket where you want to store the results of this request.", - "title": "S3Location" + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" } }, + "required": [ + "ComputationId" + ], "type": "object" }, - "AWS::SSM::Association.S3OutputLocation": { + "AWS::QuickSight::Dashboard.TotalAggregationFunction": { "additionalProperties": false, "properties": { - "OutputS3BucketName": { - "markdownDescription": "The name of the S3 bucket.", - "title": "OutputS3BucketName", - "type": "string" - }, - "OutputS3KeyPrefix": { - "markdownDescription": "The S3 bucket subfolder.", - "title": "OutputS3KeyPrefix", - "type": "string" - }, - "OutputS3Region": { - "markdownDescription": "The AWS Region of the S3 bucket.", - "title": "OutputS3Region", + "SimpleTotalAggregationFunction": { + "markdownDescription": "A built in aggregation function for total values.", + "title": "SimpleTotalAggregationFunction", "type": "string" } }, "type": "object" }, - "AWS::SSM::Association.Target": { + "AWS::QuickSight::Dashboard.TotalAggregationOption": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "User-defined criteria for sending commands that target managed nodes that meet the criteria.", - "title": "Key", + "FieldId": { + "markdownDescription": "The field id that's associated with the total aggregation option.", + "title": "FieldId", "type": "string" }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "User-defined criteria that maps to `Key` . For example, if you specified `tag:ServerRole` , you could specify `value:WebServer` to run a command on instances that include EC2 tags of `ServerRole,WebServer` .\n\nDepending on the type of target, the maximum number of values for a key might be lower than the global maximum of 50.", - "title": "Values", - "type": "array" + "TotalAggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TotalAggregationFunction", + "markdownDescription": "The total aggregation function that you want to set for a specified field id.", + "title": "TotalAggregationFunction" } }, "required": [ - "Key", - "Values" + "FieldId", + "TotalAggregationFunction" ], "type": "object" }, - "AWS::SSM::Document": { + "AWS::QuickSight::Dashboard.TotalOptions": { "additionalProperties": false, "properties": { - "Condition": { + "CustomLabel": { + "markdownDescription": "The custom label string for the total cells.", + "title": "CustomLabel", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Placement": { + "markdownDescription": "The placement (start, end) for the total cells.", + "title": "Placement", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "ScrollStatus": { + "markdownDescription": "The scroll status (pinned, scrolled) for the total cells.", + "title": "ScrollStatus", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Attachments": { - "items": { - "$ref": "#/definitions/AWS::SSM::Document.AttachmentsSource" - }, - "markdownDescription": "A list of key-value pairs that describe attachments to a version of a document.", - "title": "Attachments", - "type": "array" - }, - "Content": { - "markdownDescription": "The content for the new SSM document in JSON or YAML. For more information about the schemas for SSM document content, see [SSM document schema features and examples](https://docs.aws.amazon.com/systems-manager/latest/userguide/document-schemas-features.html) in the *AWS Systems Manager User Guide* .\n\n> This parameter also supports `String` data types.", - "title": "Content", - "type": "object" - }, - "DocumentFormat": { - "markdownDescription": "Specify the document format for the request. `JSON` is the default format.", - "title": "DocumentFormat", - "type": "string" - }, - "DocumentType": { - "markdownDescription": "The type of document to create.", - "title": "DocumentType", - "type": "string" - }, - "Name": { - "markdownDescription": "A name for the SSM document.\n\n> You can't use the following strings as document name prefixes. These are reserved by AWS for use as document name prefixes:\n> \n> - `aws`\n> - `amazon`\n> - `amzn`\n> - `AWSEC2`\n> - `AWSConfigRemediation`\n> - `AWSSupport`", - "title": "Name", - "type": "string" - }, - "Requires": { - "items": { - "$ref": "#/definitions/AWS::SSM::Document.DocumentRequires" - }, - "markdownDescription": "A list of SSM documents required by a document. This parameter is used exclusively by AWS AppConfig . When a user creates an AWS AppConfig configuration in an SSM document, the user must also specify a required document for validation purposes. In this case, an `ApplicationConfiguration` document requires an `ApplicationConfigurationSchema` document for validation purposes. For more information, see [What is AWS AppConfig ?](https://docs.aws.amazon.com/appconfig/latest/userguide/what-is-appconfig.html) in the *AWS AppConfig User Guide* .", - "title": "Requires", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "AWS CloudFormation resource tags to apply to the document. Use tags to help you identify and categorize resources.", - "title": "Tags", - "type": "array" - }, - "TargetType": { - "markdownDescription": "Specify a target type to define the kinds of resources the document can run on. For example, to run a document on EC2 instances, specify the following value: `/AWS::EC2::Instance` . If you specify a value of '/' the document can run on all types of resources. If you don't specify a value, the document can't run on any resources. For a list of valid resource types, see [AWS resource and property types reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html) in the *AWS CloudFormation User Guide* .", - "title": "TargetType", - "type": "string" - }, - "UpdateMethod": { - "markdownDescription": "If the document resource you specify in your template already exists, this parameter determines whether a new version of the existing document is created, or the existing document is replaced. `Replace` is the default method. If you specify `NewVersion` for the `UpdateMethod` parameter, and the `Name` of the document does not match an existing resource, a new document is created. When you specify `NewVersion` , the default version of the document is changed to the newly created version.", - "title": "UpdateMethod", - "type": "string" - }, - "VersionName": { - "markdownDescription": "An optional field specifying the version of the artifact you are creating with the document. For example, `Release12.1` . This value is unique across all versions of a document, and can't be changed.", - "title": "VersionName", - "type": "string" - } + "TotalAggregationOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TotalAggregationOption" }, - "required": [ - "Content" - ], - "type": "object" + "markdownDescription": "The total aggregation settings for each value field.", + "title": "TotalAggregationOptions", + "type": "array" }, - "Type": { - "enum": [ - "AWS::SSM::Document" - ], + "TotalCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", + "markdownDescription": "Cell styling options for the total cells.", + "title": "TotalCellStyle" + }, + "TotalsVisibility": { + "markdownDescription": "The visibility configuration for the total cells.", + "title": "TotalsVisibility", "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TransposedTableOption": { + "additionalProperties": false, + "properties": { + "ColumnIndex": { + "markdownDescription": "The index of a columns in a transposed table. The index range is 0-9999.", + "title": "ColumnIndex", + "type": "number" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ColumnType": { + "markdownDescription": "The column type of the column in a transposed table. Choose one of the following options:\n\n- `ROW_HEADER_COLUMN` : Refers to the leftmost column of the row header in the transposed table.\n- `VALUE_COLUMN` : Refers to all value columns in the transposed table.", + "title": "ColumnType", + "type": "string" + }, + "ColumnWidth": { + "markdownDescription": "The width of a column in a transposed table.", + "title": "ColumnWidth", "type": "string" } }, "required": [ - "Type", - "Properties" + "ColumnType" ], "type": "object" }, - "AWS::SSM::Document.AttachmentsSource": { + "AWS::QuickSight::Dashboard.TreeMapAggregatedFieldWells": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The key of a key-value pair that identifies the location of an attachment to a document.", - "title": "Key", - "type": "string" + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The color field well of a tree map. Values are grouped by aggregations based on group by fields.", + "title": "Colors", + "type": "array" }, - "Name": { - "markdownDescription": "The name of the document attachment file.", - "title": "Name", - "type": "string" + "Groups": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The group by field well of a tree map. Values are grouped based on group by fields.", + "title": "Groups", + "type": "array" }, - "Values": { + "Sizes": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" }, - "markdownDescription": "The value of a key-value pair that identifies the location of an attachment to a document. The format for *Value* depends on the type of key you specify.\n\n- For the key *SourceUrl* , the value is an S3 bucket location. For example:\n\n`\"Values\": [ \"s3://amzn-s3-demo-bucket/my-prefix\" ]`\n- For the key *S3FileUrl* , the value is a file in an S3 bucket. For example:\n\n`\"Values\": [ \"s3://amzn-s3-demo-bucket/my-prefix/my-file.py\" ]`\n- For the key *AttachmentReference* , the value is constructed from the name of another SSM document in your account, a version number of that document, and a file attached to that document version that you want to reuse. For example:\n\n`\"Values\": [ \"MyOtherDocument/3/my-other-file.py\" ]`\n\nHowever, if the SSM document is shared with you from another account, the full SSM document ARN must be specified instead of the document name only. For example:\n\n`\"Values\": [ \"arn:aws:ssm:us-east-2:111122223333:document/OtherAccountDocument/3/their-file.py\" ]`", - "title": "Values", + "markdownDescription": "The size field well of a tree map. Values are aggregated based on group by fields.", + "title": "Sizes", "type": "array" } }, "type": "object" }, - "AWS::SSM::Document.DocumentRequires": { + "AWS::QuickSight::Dashboard.TreeMapConfiguration": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the required SSM document. The name can be an Amazon Resource Name (ARN).", - "title": "Name", - "type": "string" + "ColorLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility) for the colors displayed in a tree map.", + "title": "ColorLabelOptions" }, - "Version": { - "markdownDescription": "The document version required by the current document.", - "title": "Version", - "type": "string" + "ColorScale": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColorScale", + "markdownDescription": "The color options (gradient color, point of divergence) of a tree map.", + "title": "ColorScale" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.", + "title": "DataLabels" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TreeMapFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "GroupLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility) of the groups that are displayed in a tree map.", + "title": "GroupLabelOptions" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "SizeLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility) of the sizes that are displayed in a tree map.", + "title": "SizeLabelOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TreeMapSortConfiguration", + "markdownDescription": "The sort configuration of a tree map.", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" } }, "type": "object" }, - "AWS::SSM::MaintenanceWindow": { + "AWS::QuickSight::Dashboard.TreeMapFieldWells": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "TreeMapAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TreeMapAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a tree map.", + "title": "TreeMapAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TreeMapSortConfiguration": { + "additionalProperties": false, + "properties": { + "TreeMapGroupItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of groups that are displayed.", + "title": "TreeMapGroupItemsLimitConfiguration" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "TreeMapSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of group by fields.", + "title": "TreeMapSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TreeMapVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" }, - "Metadata": { - "type": "object" + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TreeMapConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AllowUnassociatedTargets": { - "markdownDescription": "Enables a maintenance window task to run on managed instances, even if you have not registered those instances as targets. If enabled, then you must specify the unregistered instances (by instance ID) when you register a task with the maintenance window.", - "title": "AllowUnassociatedTargets", - "type": "boolean" - }, - "Cutoff": { - "markdownDescription": "The number of hours before the end of the maintenance window that AWS Systems Manager stops scheduling new tasks for execution.", - "title": "Cutoff", - "type": "number" - }, - "Description": { - "markdownDescription": "A description of the maintenance window.", - "title": "Description", - "type": "string" - }, - "Duration": { - "markdownDescription": "The duration of the maintenance window in hours.", - "title": "Duration", - "type": "number" - }, - "EndDate": { - "markdownDescription": "The date and time, in ISO-8601 Extended format, for when the maintenance window is scheduled to become inactive.", - "title": "EndDate", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the maintenance window.", - "title": "Name", - "type": "string" - }, - "Schedule": { - "markdownDescription": "The schedule of the maintenance window in the form of a cron or rate expression.", - "title": "Schedule", - "type": "string" - }, - "ScheduleOffset": { - "markdownDescription": "The number of days to wait to run a maintenance window after the scheduled cron expression date and time.", - "title": "ScheduleOffset", - "type": "number" - }, - "ScheduleTimezone": { - "markdownDescription": "The time zone that the scheduled maintenance window executions are based on, in Internet Assigned Numbers Authority (IANA) format.", - "title": "ScheduleTimezone", - "type": "string" - }, - "StartDate": { - "markdownDescription": "The date and time, in ISO-8601 Extended format, for when the maintenance window is scheduled to become active. `StartDate` allows you to delay activation of the maintenance window until the specified future date.", - "title": "StartDate", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Optional metadata that you assign to a resource in the form of an arbitrary set of tags (key-value pairs). Tags enable you to categorize a resource in different ways, such as by purpose, owner, or environment. For example, you might want to tag a maintenance window to identify the type of tasks it will run, the types of targets, and the environment it will run in.", - "title": "Tags", - "type": "array" - } + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" }, - "required": [ - "AllowUnassociatedTargets", - "Cutoff", - "Duration", - "Name", - "Schedule" - ], - "type": "object" + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" }, - "Type": { - "enum": [ - "AWS::SSM::MaintenanceWindow" - ], + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", "type": "string" } }, "required": [ - "Type", - "Properties" + "VisualId" ], "type": "object" }, - "AWS::SSM::MaintenanceWindowTarget": { + "AWS::QuickSight::Dashboard.TrendArrowOptions": { "additionalProperties": false, "properties": { - "Condition": { + "Visibility": { + "markdownDescription": "The visibility of the trend arrows.", + "title": "Visibility", "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.UnaggregatedField": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that is used in the `UnaggregatedField` .", + "title": "Column" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description for the target.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The name for the maintenance window target.", - "title": "Name", - "type": "string" - }, - "OwnerInformation": { - "markdownDescription": "A user-provided value that will be included in any Amazon CloudWatch Events events that are raised while running tasks for these targets in this maintenance window.", - "title": "OwnerInformation", - "type": "string" - }, - "ResourceType": { - "markdownDescription": "The type of target that is being registered with the maintenance window.", - "title": "ResourceType", - "type": "string" - }, - "Targets": { - "items": { - "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTarget.Targets" - }, - "markdownDescription": "The targets to register with the maintenance window. In other words, the instances to run commands on when the maintenance window runs.\n\nYou must specify targets by using the `WindowTargetIds` parameter.", - "title": "Targets", - "type": "array" - }, - "WindowId": { - "markdownDescription": "The ID of the maintenance window to register the target with.", - "title": "WindowId", - "type": "string" - } - }, - "required": [ - "ResourceType", - "Targets", - "WindowId" - ], - "type": "object" + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" + } + }, + "required": [ + "Column", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.UniqueValuesComputation": { + "additionalProperties": false, + "properties": { + "Category": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", + "markdownDescription": "The category field that is used in a computation.", + "title": "Category" }, - "Type": { - "enum": [ - "AWS::SSM::MaintenanceWindowTarget" - ], + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", "type": "string" } }, "required": [ - "Type", - "Properties" + "ComputationId" ], "type": "object" }, - "AWS::SSM::MaintenanceWindowTarget.Targets": { + "AWS::QuickSight::Dashboard.ValidationStrategy": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "User-defined criteria for sending commands that target managed nodes that meet the criteria.", - "title": "Key", + "Mode": { + "markdownDescription": "The mode of validation for the asset to be created or updated. When you set this value to `STRICT` , strict validation for every error is enforced. When you set this value to `LENIENT` , validation is skipped for specific UI errors.", + "title": "Mode", "type": "string" - }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "User-defined criteria that maps to `Key` . For example, if you specified `tag:ServerRole` , you could specify `value:WebServer` to run a command on instances that include EC2 tags of `ServerRole,WebServer` .\n\nDepending on the type of target, the maximum number of values for a key might be lower than the global maximum of 50.", - "title": "Values", - "type": "array" } }, "required": [ - "Key", - "Values" + "Mode" ], "type": "object" }, - "AWS::SSM::MaintenanceWindowTask": { + "AWS::QuickSight::Dashboard.VisibleRangeOptions": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "PercentRange": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PercentVisibleRange", + "markdownDescription": "The percent range in the visible range.", + "title": "PercentRange" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.Visual": { + "additionalProperties": false, + "properties": { + "BarChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BarChartVisual", + "markdownDescription": "A bar chart.\n\nFor more information, see [Using bar charts](https://docs.aws.amazon.com/quicksight/latest/user/bar-charts.html) in the *Amazon QuickSight User Guide* .", + "title": "BarChartVisual" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "BoxPlotVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotVisual", + "markdownDescription": "A box plot.\n\nFor more information, see [Using box plots](https://docs.aws.amazon.com/quicksight/latest/user/box-plots.html) in the *Amazon QuickSight User Guide* .", + "title": "BoxPlotVisual" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ComboChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComboChartVisual", + "markdownDescription": "A combo chart.\n\nFor more information, see [Using combo charts](https://docs.aws.amazon.com/quicksight/latest/user/combo-charts.html) in the *Amazon QuickSight User Guide* .", + "title": "ComboChartVisual" }, - "Metadata": { - "type": "object" + "CustomContentVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomContentVisual", + "markdownDescription": "A visual that contains custom content.\n\nFor more information, see [Using custom visual content](https://docs.aws.amazon.com/quicksight/latest/user/custom-visual-content.html) in the *Amazon QuickSight User Guide* .", + "title": "CustomContentVisual" }, - "Properties": { - "additionalProperties": false, - "properties": { - "CutoffBehavior": { - "markdownDescription": "The specification for whether tasks should continue to run after the cutoff time specified in the maintenance windows is reached.", - "title": "CutoffBehavior", - "type": "string" - }, - "Description": { - "markdownDescription": "A description of the task.", - "title": "Description", - "type": "string" - }, - "LoggingInfo": { - "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.LoggingInfo", - "markdownDescription": "Information about an Amazon S3 bucket to write Run Command task-level logs to.\n\n> `LoggingInfo` has been deprecated. To specify an Amazon S3 bucket to contain logs for Run Command tasks, instead use the `OutputS3BucketName` and `OutputS3KeyPrefix` options in the `TaskInvocationParameters` structure. For information about how Systems Manager handles these options for the supported maintenance window task types, see [AWS ::SSM::MaintenanceWindowTask MaintenanceWindowRunCommandParameters](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-maintenancewindowtask-maintenancewindowruncommandparameters.html) .", - "title": "LoggingInfo" - }, - "MaxConcurrency": { - "markdownDescription": "The maximum number of targets this task can be run for, in parallel.\n\n> Although this element is listed as \"Required: No\", a value can be omitted only when you are registering or updating a [targetless task](https://docs.aws.amazon.com/systems-manager/latest/userguide/maintenance-windows-targetless-tasks.html) You must provide a value in all other cases.\n> \n> For maintenance window tasks without a target specified, you can't supply a value for this option. Instead, the system inserts a placeholder value of `1` . This value doesn't affect the running of your task.", - "title": "MaxConcurrency", - "type": "string" - }, - "MaxErrors": { - "markdownDescription": "The maximum number of errors allowed before this task stops being scheduled.\n\n> Although this element is listed as \"Required: No\", a value can be omitted only when you are registering or updating a [targetless task](https://docs.aws.amazon.com/systems-manager/latest/userguide/maintenance-windows-targetless-tasks.html) You must provide a value in all other cases.\n> \n> For maintenance window tasks without a target specified, you can't supply a value for this option. Instead, the system inserts a placeholder value of `1` . This value doesn't affect the running of your task.", - "title": "MaxErrors", - "type": "string" - }, - "Name": { - "markdownDescription": "The task name.", - "title": "Name", - "type": "string" - }, - "Priority": { - "markdownDescription": "The priority of the task in the maintenance window. The lower the number, the higher the priority. Tasks that have the same priority are scheduled in parallel.", - "title": "Priority", - "type": "number" - }, - "ServiceRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM service role for AWS Systems Manager to assume when running a maintenance window task. If you do not specify a service role ARN, Systems Manager uses a service-linked role in your account. If no appropriate service-linked role for Systems Manager exists in your account, it is created when you run `RegisterTaskWithMaintenanceWindow` .\n\nHowever, for an improved security posture, we strongly recommend creating a custom policy and custom service role for running your maintenance window tasks. The policy can be crafted to provide only the permissions needed for your particular maintenance window tasks. For more information, see [Setting up Maintenance Windows](https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-maintenance-permissions.html) in the in the *AWS Systems Manager User Guide* .", - "title": "ServiceRoleArn", - "type": "string" - }, - "Targets": { - "items": { - "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.Target" - }, - "markdownDescription": "The targets, either instances or window target IDs.\n\n- Specify instances using `Key=InstanceIds,Values= *instanceid1* , *instanceid2*` .\n- Specify window target IDs using `Key=WindowTargetIds,Values= *window-target-id-1* , *window-target-id-2*` .", - "title": "Targets", - "type": "array" - }, - "TaskArn": { - "markdownDescription": "The resource that the task uses during execution.\n\nFor `RUN_COMMAND` and `AUTOMATION` task types, `TaskArn` is the SSM document name or Amazon Resource Name (ARN).\n\nFor `LAMBDA` tasks, `TaskArn` is the function name or ARN.\n\nFor `STEP_FUNCTIONS` tasks, `TaskArn` is the state machine ARN.", - "title": "TaskArn", - "type": "string" - }, - "TaskInvocationParameters": { - "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.TaskInvocationParameters", - "markdownDescription": "The parameters to pass to the task when it runs. Populate only the fields that match the task type. All other fields should be empty.\n\n> When you update a maintenance window task that has options specified in `TaskInvocationParameters` , you must provide again all the `TaskInvocationParameters` values that you want to retain. The values you do not specify again are removed. For example, suppose that when you registered a Run Command task, you specified `TaskInvocationParameters` values for `Comment` , `NotificationConfig` , and `OutputS3BucketName` . If you update the maintenance window task and specify only a different `OutputS3BucketName` value, the values for `Comment` and `NotificationConfig` are removed.", - "title": "TaskInvocationParameters" - }, - "TaskParameters": { - "markdownDescription": "The parameters to pass to the task when it runs.\n\n> `TaskParameters` has been deprecated. To specify parameters to pass to a task when it runs, instead use the `Parameters` option in the `TaskInvocationParameters` structure. For information about how Systems Manager handles these options for the supported maintenance window task types, see [MaintenanceWindowTaskInvocationParameters](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_MaintenanceWindowTaskInvocationParameters.html) .", - "title": "TaskParameters", - "type": "object" - }, - "TaskType": { - "markdownDescription": "The type of task. Valid values: `RUN_COMMAND` , `AUTOMATION` , `LAMBDA` , `STEP_FUNCTIONS` .", - "title": "TaskType", - "type": "string" - }, - "WindowId": { - "markdownDescription": "The ID of the maintenance window where the task is registered.", - "title": "WindowId", - "type": "string" - } - }, - "required": [ - "Priority", - "TaskArn", - "TaskType", - "WindowId" - ], - "type": "object" + "EmptyVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.EmptyVisual", + "markdownDescription": "An empty visual.", + "title": "EmptyVisual" }, - "Type": { - "enum": [ - "AWS::SSM::MaintenanceWindowTask" - ], - "type": "string" + "FilledMapVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapVisual", + "markdownDescription": "A filled map.\n\nFor more information, see [Creating filled maps](https://docs.aws.amazon.com/quicksight/latest/user/filled-maps.html) in the *Amazon QuickSight User Guide* .", + "title": "FilledMapVisual" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "FunnelChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FunnelChartVisual", + "markdownDescription": "A funnel chart.\n\nFor more information, see [Using funnel charts](https://docs.aws.amazon.com/quicksight/latest/user/funnel-visual-content.html) in the *Amazon QuickSight User Guide* .", + "title": "FunnelChartVisual" + }, + "GaugeChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartVisual", + "markdownDescription": "A gauge chart.\n\nFor more information, see [Using gauge charts](https://docs.aws.amazon.com/quicksight/latest/user/gauge-chart.html) in the *Amazon QuickSight User Guide* .", + "title": "GaugeChartVisual" + }, + "GeospatialMapVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapVisual", + "markdownDescription": "A geospatial map or a points on map visual.\n\nFor more information, see [Creating point maps](https://docs.aws.amazon.com/quicksight/latest/user/point-maps.html) in the *Amazon QuickSight User Guide* .", + "title": "GeospatialMapVisual" + }, + "HeatMapVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeatMapVisual", + "markdownDescription": "A heat map.\n\nFor more information, see [Using heat maps](https://docs.aws.amazon.com/quicksight/latest/user/heat-map.html) in the *Amazon QuickSight User Guide* .", + "title": "HeatMapVisual" + }, + "HistogramVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.HistogramVisual", + "markdownDescription": "A histogram.\n\nFor more information, see [Using histograms](https://docs.aws.amazon.com/quicksight/latest/user/histogram-charts.html) in the *Amazon QuickSight User Guide* .", + "title": "HistogramVisual" + }, + "InsightVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.InsightVisual", + "markdownDescription": "An insight visual.\n\nFor more information, see [Working with insights](https://docs.aws.amazon.com/quicksight/latest/user/computational-insights.html) in the *Amazon QuickSight User Guide* .", + "title": "InsightVisual" + }, + "KPIVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIVisual", + "markdownDescription": "A key performance indicator (KPI).\n\nFor more information, see [Using KPIs](https://docs.aws.amazon.com/quicksight/latest/user/kpi.html) in the *Amazon QuickSight User Guide* .", + "title": "KPIVisual" + }, + "LayerMapVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LayerMapVisual", + "markdownDescription": "The properties for a layer map visual", + "title": "LayerMapVisual" + }, + "LineChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartVisual", + "markdownDescription": "A line chart.\n\nFor more information, see [Using line charts](https://docs.aws.amazon.com/quicksight/latest/user/line-charts.html) in the *Amazon QuickSight User Guide* .", + "title": "LineChartVisual" + }, + "PieChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PieChartVisual", + "markdownDescription": "A pie or donut chart.\n\nFor more information, see [Using pie charts](https://docs.aws.amazon.com/quicksight/latest/user/pie-chart.html) in the *Amazon QuickSight User Guide* .", + "title": "PieChartVisual" + }, + "PivotTableVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableVisual", + "markdownDescription": "A pivot table.\n\nFor more information, see [Using pivot tables](https://docs.aws.amazon.com/quicksight/latest/user/pivot-table.html) in the *Amazon QuickSight User Guide* .", + "title": "PivotTableVisual" + }, + "PluginVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PluginVisual", + "markdownDescription": "The custom plugin visual type.", + "title": "PluginVisual" + }, + "RadarChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartVisual", + "markdownDescription": "A radar chart visual.\n\nFor more information, see [Using radar charts](https://docs.aws.amazon.com/quicksight/latest/user/radar-chart.html) in the *Amazon QuickSight User Guide* .", + "title": "RadarChartVisual" + }, + "SankeyDiagramVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SankeyDiagramVisual", + "markdownDescription": "A sankey diagram.\n\nFor more information, see [Using Sankey diagrams](https://docs.aws.amazon.com/quicksight/latest/user/sankey-diagram.html) in the *Amazon QuickSight User Guide* .", + "title": "SankeyDiagramVisual" + }, + "ScatterPlotVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScatterPlotVisual", + "markdownDescription": "A scatter plot.\n\nFor more information, see [Using scatter plots](https://docs.aws.amazon.com/quicksight/latest/user/scatter-plot.html) in the *Amazon QuickSight User Guide* .", + "title": "ScatterPlotVisual" + }, + "TableVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableVisual", + "markdownDescription": "A table visual.\n\nFor more information, see [Using tables as visuals](https://docs.aws.amazon.com/quicksight/latest/user/tabular.html) in the *Amazon QuickSight User Guide* .", + "title": "TableVisual" + }, + "TreeMapVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TreeMapVisual", + "markdownDescription": "A tree map.\n\nFor more information, see [Using tree maps](https://docs.aws.amazon.com/quicksight/latest/user/tree-map.html) in the *Amazon QuickSight User Guide* .", + "title": "TreeMapVisual" + }, + "WaterfallVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallVisual", + "markdownDescription": "A waterfall chart.\n\nFor more information, see [Using waterfall charts](https://docs.aws.amazon.com/quicksight/latest/user/waterfall-chart.html) in the *Amazon QuickSight User Guide* .", + "title": "WaterfallVisual" + }, + "WordCloudVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WordCloudVisual", + "markdownDescription": "A word cloud.\n\nFor more information, see [Using word clouds](https://docs.aws.amazon.com/quicksight/latest/user/word-cloud.html) in the *Amazon QuickSight User Guide* .", + "title": "WordCloudVisual" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::SSM::MaintenanceWindowTask.CloudWatchOutputConfig": { + "AWS::QuickSight::Dashboard.VisualAxisSortOption": { "additionalProperties": false, "properties": { - "CloudWatchLogGroupName": { - "markdownDescription": "The name of the CloudWatch Logs log group where you want to send command output. If you don't specify a group name, AWS Systems Manager automatically creates a log group for you. The log group uses the following naming format:\n\n`aws/ssm/ *SystemsManagerDocumentName*`", - "title": "CloudWatchLogGroupName", + "AvailabilityStatus": { + "markdownDescription": "The availaiblity status of a visual's axis sort options.", + "title": "AvailabilityStatus", "type": "string" - }, - "CloudWatchOutputEnabled": { - "markdownDescription": "Enables Systems Manager to send command output to CloudWatch Logs.", - "title": "CloudWatchOutputEnabled", - "type": "boolean" } }, "type": "object" }, - "AWS::SSM::MaintenanceWindowTask.LoggingInfo": { + "AWS::QuickSight::Dashboard.VisualCustomAction": { "additionalProperties": false, "properties": { - "Region": { - "markdownDescription": "The AWS Region where the S3 bucket is located.", - "title": "Region", + "ActionOperations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomActionOperation" + }, + "markdownDescription": "A list of `VisualCustomActionOperations` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", + "title": "ActionOperations", + "type": "array" + }, + "CustomActionId": { + "markdownDescription": "The ID of the `VisualCustomAction` .", + "title": "CustomActionId", "type": "string" }, - "S3Bucket": { - "markdownDescription": "The name of an S3 bucket where execution logs are stored.", - "title": "S3Bucket", + "Name": { + "markdownDescription": "The name of the `VisualCustomAction` .", + "title": "Name", "type": "string" }, - "S3Prefix": { - "markdownDescription": "The Amazon S3 bucket subfolder.", - "title": "S3Prefix", + "Status": { + "markdownDescription": "The status of the `VisualCustomAction` .", + "title": "Status", + "type": "string" + }, + "Trigger": { + "markdownDescription": "The trigger of the `VisualCustomAction` .\n\nValid values are defined as follows:\n\n- `DATA_POINT_CLICK` : Initiates a custom action by a left pointer click on a data point.\n- `DATA_POINT_MENU` : Initiates a custom action by right pointer click from the menu.", + "title": "Trigger", "type": "string" } }, "required": [ - "Region", - "S3Bucket" + "ActionOperations", + "CustomActionId", + "Name", + "Trigger" ], "type": "object" }, - "AWS::SSM::MaintenanceWindowTask.MaintenanceWindowAutomationParameters": { + "AWS::QuickSight::Dashboard.VisualCustomActionOperation": { "additionalProperties": false, "properties": { - "DocumentVersion": { - "markdownDescription": "The version of an Automation runbook to use during task execution.", - "title": "DocumentVersion", - "type": "string" + "FilterOperation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionFilterOperation", + "markdownDescription": "The filter operation that filters data included in a visual or in an entire sheet.", + "title": "FilterOperation" }, - "Parameters": { - "markdownDescription": "The parameters for the `AUTOMATION` type task.", - "title": "Parameters", - "type": "object" + "NavigationOperation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionNavigationOperation", + "markdownDescription": "The navigation operation that navigates between different sheets in the same analysis.", + "title": "NavigationOperation" + }, + "SetParametersOperation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionSetParametersOperation", + "markdownDescription": "The set parameter operation that sets parameters in custom action.", + "title": "SetParametersOperation" + }, + "URLOperation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionURLOperation", + "markdownDescription": "The URL operation that opens a link to another webpage.", + "title": "URLOperation" } }, "type": "object" }, - "AWS::SSM::MaintenanceWindowTask.MaintenanceWindowLambdaParameters": { + "AWS::QuickSight::Dashboard.VisualInteractionOptions": { "additionalProperties": false, "properties": { - "ClientContext": { - "markdownDescription": "Client-specific information to pass to the AWS Lambda function that you're invoking. You can then use the `context` variable to process the client information in your AWS Lambda function.", - "title": "ClientContext", - "type": "string" + "ContextMenuOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ContextMenuOption", + "markdownDescription": "The context menu options for a visual.", + "title": "ContextMenuOption" }, - "Payload": { - "markdownDescription": "JSON to provide to your AWS Lambda function as input.\n\n> Although `Type` is listed as \"String\" for this property, the payload content must be formatted as a Base64-encoded binary data object. \n\n*Length Constraint:* 4096", - "title": "Payload", + "VisualMenuOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualMenuOption", + "markdownDescription": "The on-visual menu options for a visual.", + "title": "VisualMenuOption" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.VisualMenuOption": { + "additionalProperties": false, + "properties": { + "AvailabilityStatus": { + "markdownDescription": "The availaiblity status of a visual's menu options.", + "title": "AvailabilityStatus", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.VisualPalette": { + "additionalProperties": false, + "properties": { + "ChartColor": { + "markdownDescription": "The chart color options for the visual palette.", + "title": "ChartColor", "type": "string" }, - "Qualifier": { - "markdownDescription": "An AWS Lambda function version or alias name. If you specify a function version, the action uses the qualified function Amazon Resource Name (ARN) to invoke a specific Lambda function. If you specify an alias name, the action uses the alias ARN to invoke the Lambda function version that the alias points to.", - "title": "Qualifier", + "ColorMap": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathColor" + }, + "markdownDescription": "The color map options for the visual palette.", + "title": "ColorMap", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions": { + "additionalProperties": false, + "properties": { + "FormatText": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LongFormatText", + "markdownDescription": "The long text format of the subtitle label, such as plain text or rich text.", + "title": "FormatText" + }, + "Visibility": { + "markdownDescription": "The visibility of the subtitle label.", + "title": "Visibility", "type": "string" } }, "type": "object" }, - "AWS::SSM::MaintenanceWindowTask.MaintenanceWindowRunCommandParameters": { + "AWS::QuickSight::Dashboard.VisualTitleLabelOptions": { "additionalProperties": false, "properties": { - "CloudWatchOutputConfig": { - "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.CloudWatchOutputConfig", - "markdownDescription": "Configuration options for sending command output to Amazon CloudWatch Logs.", - "title": "CloudWatchOutputConfig" + "FormatText": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ShortFormatText", + "markdownDescription": "The short text format of the title label, such as plain text or rich text.", + "title": "FormatText" }, - "Comment": { - "markdownDescription": "Information about the command or commands to run.", - "title": "Comment", + "Visibility": { + "markdownDescription": "The visibility of the title label.", + "title": "Visibility", "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.WaterfallChartAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Breakdowns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The breakdown field wells of a waterfall visual.", + "title": "Breakdowns", + "type": "array" }, - "DocumentHash": { - "markdownDescription": "The SHA-256 or SHA-1 hash created by the system when the document was created. SHA-1 hashes have been deprecated.", - "title": "DocumentHash", + "Categories": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The category field wells of a waterfall visual.", + "title": "Categories", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The value field wells of a waterfall visual.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.WaterfallChartColorConfiguration": { + "additionalProperties": false, + "properties": { + "GroupColorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallChartGroupColorConfiguration", + "markdownDescription": "The color configuration for individual groups within a waterfall visual.", + "title": "GroupColorConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.WaterfallChartConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the category axis.", + "title": "CategoryAxisDisplayOptions" + }, + "CategoryAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the category axis label.", + "title": "CategoryAxisLabelOptions" + }, + "ColorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallChartColorConfiguration", + "markdownDescription": "The color configuration of a waterfall visual.", + "title": "ColorConfiguration" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", + "markdownDescription": "The data label configuration of a waterfall visual.", + "title": "DataLabels" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallChartFieldWells", + "markdownDescription": "The field well configuration of a waterfall visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", + "markdownDescription": "The legend configuration of a waterfall visual.", + "title": "Legend" + }, + "PrimaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the y-axis.", + "title": "PrimaryYAxisDisplayOptions" + }, + "PrimaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the y-axis label.", + "title": "PrimaryYAxisLabelOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallChartSortConfiguration", + "markdownDescription": "The sort configuration of a waterfall visual.", + "title": "SortConfiguration" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", + "markdownDescription": "The visual palette configuration of a waterfall visual.", + "title": "VisualPalette" + }, + "WaterfallChartOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallChartOptions", + "markdownDescription": "The options that determine the presentation of a waterfall visual.", + "title": "WaterfallChartOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.WaterfallChartFieldWells": { + "additionalProperties": false, + "properties": { + "WaterfallChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallChartAggregatedFieldWells", + "markdownDescription": "The field well configuration of a waterfall visual.", + "title": "WaterfallChartAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.WaterfallChartGroupColorConfiguration": { + "additionalProperties": false, + "properties": { + "NegativeBarColor": { + "markdownDescription": "Defines the color for the negative bars of a waterfall chart.", + "title": "NegativeBarColor", "type": "string" }, - "DocumentHashType": { - "markdownDescription": "The SHA-256 or SHA-1 hash type. SHA-1 hashes are deprecated.", - "title": "DocumentHashType", + "PositiveBarColor": { + "markdownDescription": "Defines the color for the positive bars of a waterfall chart.", + "title": "PositiveBarColor", "type": "string" }, - "DocumentVersion": { - "markdownDescription": "The AWS Systems Manager document (SSM document) version to use in the request. You can specify `$DEFAULT` , `$LATEST` , or a specific version number. If you run commands by using the AWS CLI, then you must escape the first two options by using a backslash. If you specify a version number, then you don't need to use the backslash. For example:\n\n`--document-version \"\\$DEFAULT\"`\n\n`--document-version \"\\$LATEST\"`\n\n`--document-version \"3\"`", - "title": "DocumentVersion", + "TotalBarColor": { + "markdownDescription": "Defines the color for the total bars of a waterfall chart.", + "title": "TotalBarColor", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.WaterfallChartOptions": { + "additionalProperties": false, + "properties": { + "TotalBarLabel": { + "markdownDescription": "This option determines the total bar label of a waterfall visual.", + "title": "TotalBarLabel", "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.WaterfallChartSortConfiguration": { + "additionalProperties": false, + "properties": { + "BreakdownItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of bar groups that are displayed.", + "title": "BreakdownItemsLimit" }, - "NotificationConfig": { - "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.NotificationConfig", - "markdownDescription": "Configurations for sending notifications about command status changes on a per-managed node basis.", - "title": "NotificationConfig" + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the category fields.", + "title": "CategorySort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.WaterfallVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" }, - "OutputS3BucketName": { - "markdownDescription": "The name of the Amazon Simple Storage Service (Amazon S3) bucket.", - "title": "OutputS3BucketName", - "type": "string" + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallChartConfiguration", + "markdownDescription": "The configuration for a waterfall visual.", + "title": "ChartConfiguration" }, - "OutputS3KeyPrefix": { - "markdownDescription": "The S3 bucket subfolder.", - "title": "OutputS3KeyPrefix", - "type": "string" + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" }, - "Parameters": { - "markdownDescription": "The parameters for the `RUN_COMMAND` task execution.\n\nThe supported parameters are the same as those for the `SendCommand` API call. For more information, see [SendCommand](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_SendCommand.html) in the *AWS Systems Manager API Reference* .", - "title": "Parameters", - "type": "object" + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" }, - "ServiceRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM service role for AWS Systems Manager to assume when running a maintenance window task. If you do not specify a service role ARN, Systems Manager uses a service-linked role in your account. If no appropriate service-linked role for Systems Manager exists in your account, it is created when you run `RegisterTaskWithMaintenanceWindow` .\n\nHowever, for an improved security posture, we strongly recommend creating a custom policy and custom service role for running your maintenance window tasks. The policy can be crafted to provide only the permissions needed for your particular maintenance window tasks. For more information, see [Setting up Maintenance Windows](https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-maintenance-permissions.html) in the in the *AWS Systems Manager User Guide* .", - "title": "ServiceRoleArn", + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", "type": "string" }, - "TimeoutSeconds": { - "markdownDescription": "If this time is reached and the command hasn't already started running, it doesn't run.", - "title": "TimeoutSeconds", + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.WhatIfPointScenario": { + "additionalProperties": false, + "properties": { + "Date": { + "markdownDescription": "The date that you need the forecast results for.", + "title": "Date", + "type": "string" + }, + "Value": { + "markdownDescription": "The target value that you want to meet for the provided date.", + "title": "Value", "type": "number" } }, + "required": [ + "Date", + "Value" + ], "type": "object" }, - "AWS::SSM::MaintenanceWindowTask.MaintenanceWindowStepFunctionsParameters": { + "AWS::QuickSight::Dashboard.WhatIfRangeScenario": { "additionalProperties": false, "properties": { - "Input": { - "markdownDescription": "The inputs for the `STEP_FUNCTIONS` task.", - "title": "Input", + "EndDate": { + "markdownDescription": "The end date in the date range that you need the forecast results for.", + "title": "EndDate", "type": "string" }, - "Name": { - "markdownDescription": "The name of the `STEP_FUNCTIONS` task.", - "title": "Name", + "StartDate": { + "markdownDescription": "The start date in the date range that you need the forecast results for.", + "title": "StartDate", "type": "string" + }, + "Value": { + "markdownDescription": "The target value that you want to meet for the provided date range.", + "title": "Value", + "type": "number" } }, + "required": [ + "EndDate", + "StartDate", + "Value" + ], "type": "object" }, - "AWS::SSM::MaintenanceWindowTask.NotificationConfig": { + "AWS::QuickSight::Dashboard.WordCloudAggregatedFieldWells": { "additionalProperties": false, "properties": { - "NotificationArn": { - "markdownDescription": "An Amazon Resource Name (ARN) for an Amazon Simple Notification Service (Amazon SNS) topic. Run Command pushes notifications about command status changes to this topic.", - "title": "NotificationArn", - "type": "string" + "GroupBy": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The group by field well of a word cloud. Values are grouped by group by fields.", + "title": "GroupBy", + "type": "array" }, - "NotificationEvents": { + "Size": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" }, - "markdownDescription": "The different events that you can receive notifications for. These events include the following: `All` (events), `InProgress` , `Success` , `TimedOut` , `Cancelled` , `Failed` . To learn more about these events, see [Configuring Amazon SNS Notifications for AWS Systems Manager](https://docs.aws.amazon.com/systems-manager/latest/userguide/monitoring-sns-notifications.html) in the *AWS Systems Manager User Guide* .", - "title": "NotificationEvents", + "markdownDescription": "The size field well of a word cloud. Values are aggregated based on group by fields.", + "title": "Size", "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.WordCloudChartConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) for the word cloud category.", + "title": "CategoryLabelOptions" }, - "NotificationType": { - "markdownDescription": "The notification type.\n\n- `Command` : Receive notification when the status of a command changes.\n- `Invocation` : For commands sent to multiple instances, receive notification on a per-instance basis when the status of a command changes.", - "title": "NotificationType", - "type": "string" + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WordCloudFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WordCloudSortConfiguration", + "markdownDescription": "The sort configuration of a word cloud visual.", + "title": "SortConfiguration" + }, + "WordCloudOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WordCloudOptions", + "markdownDescription": "The options for a word cloud visual.", + "title": "WordCloudOptions" } }, - "required": [ - "NotificationArn" - ], "type": "object" }, - "AWS::SSM::MaintenanceWindowTask.Target": { + "AWS::QuickSight::Dashboard.WordCloudFieldWells": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "User-defined criteria for sending commands that target instances that meet the criteria. `Key` can be `InstanceIds` or `WindowTargetIds` . For more information about how to target instances within a maintenance window task, see [About 'register-task-with-maintenance-window' Options and Values](https://docs.aws.amazon.com/systems-manager/latest/userguide/register-tasks-options.html) in the *AWS Systems Manager User Guide* .", - "title": "Key", + "WordCloudAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WordCloudAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a word cloud.", + "title": "WordCloudAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.WordCloudOptions": { + "additionalProperties": false, + "properties": { + "CloudLayout": { + "markdownDescription": "The cloud layout options (fluid, normal) of a word cloud.", + "title": "CloudLayout", "type": "string" }, - "Values": { + "MaximumStringLength": { + "markdownDescription": "The length limit of each word from 1-100.", + "title": "MaximumStringLength", + "type": "number" + }, + "WordCasing": { + "markdownDescription": "The word casing options (lower_case, existing_case) for the words in a word cloud.", + "title": "WordCasing", + "type": "string" + }, + "WordOrientation": { + "markdownDescription": "The word orientation options (horizontal, horizontal_and_vertical) for the words in a word cloud.", + "title": "WordOrientation", + "type": "string" + }, + "WordPadding": { + "markdownDescription": "The word padding options (none, small, medium, large) for the words in a word cloud.", + "title": "WordPadding", + "type": "string" + }, + "WordScaling": { + "markdownDescription": "The word scaling options (emphasize, normal) for the words in a word cloud.", + "title": "WordScaling", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.WordCloudSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of groups that are displayed in a word cloud.", + "title": "CategoryItemsLimit" + }, + "CategorySort": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" }, - "markdownDescription": "User-defined criteria that maps to `Key` . For example, if you specify `InstanceIds` , you can specify `i-1234567890abcdef0,i-9876543210abcdef0` to run a command on two EC2 instances. For more information about how to target instances within a maintenance window task, see [About 'register-task-with-maintenance-window' Options and Values](https://docs.aws.amazon.com/systems-manager/latest/userguide/register-tasks-options.html) in the *AWS Systems Manager User Guide* .", - "title": "Values", + "markdownDescription": "The sort configuration of group by fields.", + "title": "CategorySort", "type": "array" } }, - "required": [ - "Key", - "Values" - ], "type": "object" }, - "AWS::SSM::MaintenanceWindowTask.TaskInvocationParameters": { + "AWS::QuickSight::Dashboard.WordCloudVisual": { "additionalProperties": false, "properties": { - "MaintenanceWindowAutomationParameters": { - "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.MaintenanceWindowAutomationParameters", - "markdownDescription": "The parameters for an `AUTOMATION` task type.", - "title": "MaintenanceWindowAutomationParameters" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" }, - "MaintenanceWindowLambdaParameters": { - "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.MaintenanceWindowLambdaParameters", - "markdownDescription": "The parameters for a `LAMBDA` task type.", - "title": "MaintenanceWindowLambdaParameters" + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WordCloudChartConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" }, - "MaintenanceWindowRunCommandParameters": { - "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.MaintenanceWindowRunCommandParameters", - "markdownDescription": "The parameters for a `RUN_COMMAND` task type.", - "title": "MaintenanceWindowRunCommandParameters" + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" }, - "MaintenanceWindowStepFunctionsParameters": { - "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.MaintenanceWindowStepFunctionsParameters", - "markdownDescription": "The parameters for a `STEP_FUNCTIONS` task type.", - "title": "MaintenanceWindowStepFunctionsParameters" + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", + "type": "string" } }, + "required": [ + "VisualId" + ], "type": "object" }, - "AWS::SSM::Parameter": { + "AWS::QuickSight::Dashboard.YAxisOptions": { + "additionalProperties": false, + "properties": { + "YAxis": { + "markdownDescription": "The Y axis type to be used in the chart.\n\nIf you choose `PRIMARY_Y_AXIS` , the primary Y Axis is located on the leftmost vertical axis of the chart.", + "title": "YAxis", + "type": "string" + } + }, + "required": [ + "YAxis" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet": { "additionalProperties": false, "properties": { "Condition": { @@ -241863,214 +248425,148 @@ "Properties": { "additionalProperties": false, "properties": { - "AllowedPattern": { - "markdownDescription": "A regular expression used to validate the parameter value. For example, for `String` types with values restricted to numbers, you can specify the following: `AllowedPattern=^\\d+$`", - "title": "AllowedPattern", + "AwsAccountId": { + "markdownDescription": "The AWS account ID.", + "title": "AwsAccountId", "type": "string" }, - "DataType": { - "markdownDescription": "The data type of the parameter, such as `text` or `aws:ec2:image` . The default is `text` .", - "title": "DataType", - "type": "string" + "ColumnGroups": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.ColumnGroup" + }, + "markdownDescription": "Groupings of columns that work together in certain Amazon QuickSight features. Currently, only geospatial hierarchy is supported.", + "title": "ColumnGroups", + "type": "array" }, - "Description": { - "markdownDescription": "Information about the parameter.", - "title": "Description", - "type": "string" + "ColumnLevelPermissionRules": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.ColumnLevelPermissionRule" + }, + "markdownDescription": "A set of one or more definitions of a `ColumnLevelPermissionRule` .", + "title": "ColumnLevelPermissionRules", + "type": "array" }, - "Name": { - "markdownDescription": "The name of the parameter.\n\n> The maximum length constraint listed below includes capacity for additional system attributes that aren't part of the name. The maximum length for a parameter name, including the full length of the parameter Amazon Resource Name (ARN), is 1011 characters. For example, the length of the following parameter name is 65 characters, not 20 characters: `arn:aws:ssm:us-east-2:111222333444:parameter/ExampleParameterName`", - "title": "Name", + "DataSetId": { + "markdownDescription": "An ID for the dataset that you want to create. This ID is unique per AWS Region for each AWS account.", + "title": "DataSetId", "type": "string" }, - "Policies": { - "markdownDescription": "Information about the policies assigned to a parameter.\n\n[Assigning parameter policies](https://docs.aws.amazon.com/systems-manager/latest/userguide/parameter-store-policies.html) in the *AWS Systems Manager User Guide* .", - "title": "Policies", - "type": "string" + "DataSetRefreshProperties": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.DataSetRefreshProperties", + "markdownDescription": "The refresh properties of a dataset.", + "title": "DataSetRefreshProperties" }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Optional metadata that you assign to a resource in the form of an arbitrary set of tags (key-value pairs). Tags enable you to categorize a resource in different ways, such as by purpose, owner, or environment. For example, you might want to tag a Systems Manager parameter to identify the type of resource to which it applies, the environment, or the type of configuration data referenced by the parameter.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "DataSetUsageConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.DataSetUsageConfiguration", + "markdownDescription": "The usage configuration to apply to child datasets that reference this dataset as a source.", + "title": "DataSetUsageConfiguration" + }, + "DatasetParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.DatasetParameter" }, - "title": "Tags", - "type": "object" + "markdownDescription": "The parameters that are declared in a dataset.", + "title": "DatasetParameters", + "type": "array" }, - "Tier": { - "markdownDescription": "The parameter tier.", - "title": "Tier", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of parameter.\n\n> Parameters of type `SecureString` are not supported by AWS CloudFormation .", - "title": "Type", - "type": "string" - }, - "Value": { - "markdownDescription": "The parameter value.\n\n> If type is `StringList` , the system returns a comma-separated string with no spaces between commas in the `Value` field.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Type", - "Value" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::SSM::Parameter" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::SSM::PatchBaseline": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" + "FieldFolders": { + "additionalProperties": false, + "markdownDescription": "The folder that contains fields and nested subfolders for your dataset.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.FieldFolder" + } }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ApprovalRules": { - "$ref": "#/definitions/AWS::SSM::PatchBaseline.RuleGroup", - "markdownDescription": "A set of rules used to include patches in the baseline.", - "title": "ApprovalRules" + "title": "FieldFolders", + "type": "object" }, - "ApprovedPatches": { + "FolderArns": { "items": { "type": "string" }, - "markdownDescription": "A list of explicitly approved patches for the baseline.\n\nFor information about accepted formats for lists of approved patches and rejected patches, see [Package name formats for approved and rejected patch lists](https://docs.aws.amazon.com/systems-manager/latest/userguide/patch-manager-approved-rejected-package-name-formats.html) in the *AWS Systems Manager User Guide* .", - "title": "ApprovedPatches", + "markdownDescription": "", + "title": "FolderArns", "type": "array" }, - "ApprovedPatchesComplianceLevel": { - "markdownDescription": "Defines the compliance level for approved patches. When an approved patch is reported as missing, this value describes the severity of the compliance violation. The default value is `UNSPECIFIED` .", - "title": "ApprovedPatchesComplianceLevel", + "ImportMode": { + "markdownDescription": "Indicates whether you want to import the data into SPICE.", + "title": "ImportMode", "type": "string" }, - "ApprovedPatchesEnableNonSecurity": { - "markdownDescription": "Indicates whether the list of approved patches includes non-security updates that should be applied to the managed nodes. The default value is `false` . Applies to Linux managed nodes only.", - "title": "ApprovedPatchesEnableNonSecurity", - "type": "boolean" - }, - "DefaultBaseline": { - "markdownDescription": "Indicates whether this is the default baseline. AWS Systems Manager supports creating multiple default patch baselines. For example, you can create a default patch baseline for each operating system.", - "title": "DefaultBaseline", - "type": "boolean" - }, - "Description": { - "markdownDescription": "A description of the patch baseline.", - "title": "Description", - "type": "string" + "IngestionWaitPolicy": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.IngestionWaitPolicy", + "markdownDescription": "The wait policy to use when creating or updating a Dataset. The default is to wait for SPICE ingestion to finish with timeout of 36 hours.", + "title": "IngestionWaitPolicy" }, - "GlobalFilters": { - "$ref": "#/definitions/AWS::SSM::PatchBaseline.PatchFilterGroup", - "markdownDescription": "A set of global filters used to include patches in the baseline.\n\n> The `GlobalFilters` parameter can be configured only by using the AWS CLI or an AWS SDK. It can't be configured from the Patch Manager console, and its value isn't displayed in the console.", - "title": "GlobalFilters" + "LogicalTableMap": { + "additionalProperties": false, + "markdownDescription": "Configures the combination and transformation of the data from the physical tables.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.LogicalTable" + } + }, + "title": "LogicalTableMap", + "type": "object" }, "Name": { - "markdownDescription": "The name of the patch baseline.", + "markdownDescription": "The display name for the dataset.", "title": "Name", "type": "string" }, - "OperatingSystem": { - "markdownDescription": "Defines the operating system the patch baseline applies to. The default value is `WINDOWS` .", - "title": "OperatingSystem", - "type": "string" + "PerformanceConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.PerformanceConfiguration", + "markdownDescription": "The performance optimization configuration of a dataset.", + "title": "PerformanceConfiguration" }, - "PatchGroups": { + "Permissions": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::DataSet.ResourcePermission" }, - "markdownDescription": "The name of the patch group to be registered with the patch baseline.", - "title": "PatchGroups", + "markdownDescription": "A list of resource permissions on the dataset.", + "title": "Permissions", "type": "array" }, - "RejectedPatches": { - "items": { - "type": "string" + "PhysicalTableMap": { + "additionalProperties": false, + "markdownDescription": "Declares the physical tables that are available in the underlying data sources.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.PhysicalTable" + } }, - "markdownDescription": "A list of explicitly rejected patches for the baseline.\n\nFor information about accepted formats for lists of approved patches and rejected patches, see [Package name formats for approved and rejected patch lists](https://docs.aws.amazon.com/systems-manager/latest/userguide/patch-manager-approved-rejected-package-name-formats.html) in the *AWS Systems Manager User Guide* .", - "title": "RejectedPatches", - "type": "array" + "title": "PhysicalTableMap", + "type": "object" }, - "RejectedPatchesAction": { - "markdownDescription": "The action for Patch Manager to take on patches included in the `RejectedPackages` list.\n\n- **ALLOW_AS_DEPENDENCY** - *Linux and macOS* : A package in the rejected patches list is installed only if it is a dependency of another package. It is considered compliant with the patch baseline, and its status is reported as `INSTALLED_OTHER` . This is the default action if no option is specified.\n\n*Windows Server* : Windows Server doesn't support the concept of package dependencies. If a package in the rejected patches list and already installed on the node, its status is reported as `INSTALLED_OTHER` . Any package not already installed on the node is skipped. This is the default action if no option is specified.\n- **BLOCK** - *All OSs* : Packages in the rejected patches list, and packages that include them as dependencies, aren't installed by Patch Manager under any circumstances. If a package was installed before it was added to the rejected patches list, or is installed outside of Patch Manager afterward, it's considered noncompliant with the patch baseline and its status is reported as `INSTALLED_REJECTED` .", - "title": "RejectedPatchesAction", - "type": "string" + "RowLevelPermissionDataSet": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.RowLevelPermissionDataSet", + "markdownDescription": "The row-level security configuration for the data that you want to create.", + "title": "RowLevelPermissionDataSet" }, - "Sources": { - "items": { - "$ref": "#/definitions/AWS::SSM::PatchBaseline.PatchSource" - }, - "markdownDescription": "Information about the patches to use to update the managed nodes, including target operating systems and source repositories. Applies to Linux managed nodes only.", - "title": "Sources", - "type": "array" + "RowLevelPermissionTagConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.RowLevelPermissionTagConfiguration", + "markdownDescription": "The element you can use to define tags for row-level security.", + "title": "RowLevelPermissionTagConfiguration" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Optional metadata that you assign to a resource. Tags enable you to categorize a resource in different ways, such as by purpose, owner, or environment. For example, you might want to tag a patch baseline to identify the severity level of patches it specifies and the operating system family it applies to.", + "markdownDescription": "Contains a map of the key-value pairs for the resource tag or tags assigned to the dataset.", "title": "Tags", "type": "array" + }, + "UseAs": { + "markdownDescription": "The usage of the dataset.", + "title": "UseAs", + "type": "string" } }, - "required": [ - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::SSM::PatchBaseline" + "AWS::QuickSight::DataSet" ], "type": "string" }, @@ -242084,1507 +248580,1176 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::SSM::PatchBaseline.PatchFilter": { + "AWS::QuickSight::DataSet.CalculatedColumn": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The key for the filter.\n\nFor information about valid keys, see [PatchFilter](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_PatchFilter.html) in the *AWS Systems Manager API Reference* .", - "title": "Key", + "ColumnId": { + "markdownDescription": "A unique ID to identify a calculated column. During a dataset update, if the column ID of a calculated column matches that of an existing calculated column, Amazon QuickSight preserves the existing calculated column.", + "title": "ColumnId", "type": "string" }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The value for the filter key.\n\nFor information about valid values for each key based on operating system type, see [PatchFilter](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_PatchFilter.html) in the *AWS Systems Manager API Reference* .", - "title": "Values", - "type": "array" + "ColumnName": { + "markdownDescription": "Column name.", + "title": "ColumnName", + "type": "string" + }, + "Expression": { + "markdownDescription": "An expression that defines the calculated column.", + "title": "Expression", + "type": "string" } }, + "required": [ + "ColumnId", + "ColumnName", + "Expression" + ], "type": "object" }, - "AWS::SSM::PatchBaseline.PatchFilterGroup": { + "AWS::QuickSight::DataSet.CastColumnTypeOperation": { "additionalProperties": false, "properties": { - "PatchFilters": { - "items": { - "$ref": "#/definitions/AWS::SSM::PatchBaseline.PatchFilter" - }, - "markdownDescription": "The set of patch filters that make up the group.", - "title": "PatchFilters", - "type": "array" + "ColumnName": { + "markdownDescription": "Column name.", + "title": "ColumnName", + "type": "string" + }, + "Format": { + "markdownDescription": "When casting a column from string to datetime type, you can supply a string in a format supported by Amazon QuickSight to denote the source data format.", + "title": "Format", + "type": "string" + }, + "NewColumnType": { + "markdownDescription": "New column data type.", + "title": "NewColumnType", + "type": "string" + }, + "SubType": { + "markdownDescription": "The sub data type of the new column. Sub types are only available for decimal columns that are part of a SPICE dataset.", + "title": "SubType", + "type": "string" } }, + "required": [ + "ColumnName", + "NewColumnType" + ], "type": "object" }, - "AWS::SSM::PatchBaseline.PatchSource": { + "AWS::QuickSight::DataSet.ColumnDescription": { "additionalProperties": false, "properties": { - "Configuration": { - "markdownDescription": "The value of the yum repo configuration. For example:\n\n`[main]`\n\n`name=MyCustomRepository`\n\n`baseurl=https://my-custom-repository`\n\n`enabled=1`\n\n> For information about other options available for your yum repository configuration, see [dnf.conf(5)](https://docs.aws.amazon.com/https://man7.org/linux/man-pages/man5/dnf.conf.5.html) .", - "title": "Configuration", - "type": "string" - }, - "Name": { - "markdownDescription": "The name specified to identify the patch source.", - "title": "Name", + "Text": { + "markdownDescription": "The text of a description for a column.", + "title": "Text", "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.ColumnGroup": { + "additionalProperties": false, + "properties": { + "GeoSpatialColumnGroup": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.GeoSpatialColumnGroup", + "markdownDescription": "Geospatial column group that denotes a hierarchy.", + "title": "GeoSpatialColumnGroup" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.ColumnLevelPermissionRule": { + "additionalProperties": false, + "properties": { + "ColumnNames": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of column names.", + "title": "ColumnNames", + "type": "array" }, - "Products": { + "Principals": { "items": { "type": "string" }, - "markdownDescription": "The specific operating system versions a patch repository applies to, such as \"Ubuntu16.04\", \"RedhatEnterpriseLinux7.2\" or \"Suse12.7\". For lists of supported product values, see [PatchFilter](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_PatchFilter.html) in the *AWS Systems Manager API Reference* .", - "title": "Products", + "markdownDescription": "An array of Amazon Resource Names (ARNs) for QuickSight users or groups.", + "title": "Principals", "type": "array" } }, "type": "object" }, - "AWS::SSM::PatchBaseline.Rule": { + "AWS::QuickSight::DataSet.ColumnTag": { "additionalProperties": false, "properties": { - "ApproveAfterDays": { - "markdownDescription": "The number of days after the release date of each patch matched by the rule that the patch is marked as approved in the patch baseline. For example, a value of `7` means that patches are approved seven days after they are released.\n\nThis parameter is marked as `Required: No` , but your request must include a value for either `ApproveAfterDays` or `ApproveUntilDate` .\n\nNot supported for Debian Server or Ubuntu Server.\n\n> Use caution when setting this value for Windows Server patch baselines. Because patch updates that are replaced by later updates are removed, setting too broad a value for this parameter can result in crucial patches not being installed. For more information, see the *Windows Server* tab in the topic [How security patches are selected](https://docs.aws.amazon.com/systems-manager/latest/userguide/patch-manager-selecting-patches.html) in the *AWS Systems Manager User Guide* .", - "title": "ApproveAfterDays", - "type": "number" - }, - "ApproveUntilDate": { - "markdownDescription": "The cutoff date for auto approval of released patches. Any patches released on or before this date are installed automatically.\n\nEnter dates in the format `YYYY-MM-DD` . For example, `2024-12-31` .\n\nThis parameter is marked as `Required: No` , but your request must include a value for either `ApproveUntilDate` or `ApproveAfterDays` .\n\nNot supported for Debian Server or Ubuntu Server.\n\n> Use caution when setting this value for Windows Server patch baselines. Because patch updates that are replaced by later updates are removed, setting too broad a value for this parameter can result in crucial patches not being installed. For more information, see the *Windows Server* tab in the topic [How security patches are selected](https://docs.aws.amazon.com/systems-manager/latest/userguide/patch-manager-selecting-patches.html) in the *AWS Systems Manager User Guide* .", - "title": "ApproveUntilDate", - "type": "string" + "ColumnDescription": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.ColumnDescription", + "markdownDescription": "A description for a column.", + "title": "ColumnDescription" }, - "ComplianceLevel": { - "markdownDescription": "A compliance severity level for all approved patches in a patch baseline. Valid compliance severity levels include the following: `UNSPECIFIED` , `CRITICAL` , `HIGH` , `MEDIUM` , `LOW` , and `INFORMATIONAL` .", - "title": "ComplianceLevel", + "ColumnGeographicRole": { + "markdownDescription": "A geospatial role for a column.", + "title": "ColumnGeographicRole", "type": "string" - }, - "EnableNonSecurity": { - "markdownDescription": "For managed nodes identified by the approval rule filters, enables a patch baseline to apply non-security updates available in the specified repository. The default value is `false` . Applies to Linux managed nodes only.", - "title": "EnableNonSecurity", - "type": "boolean" - }, - "PatchFilterGroup": { - "$ref": "#/definitions/AWS::SSM::PatchBaseline.PatchFilterGroup", - "markdownDescription": "The patch filter group that defines the criteria for the rule.", - "title": "PatchFilterGroup" } }, "type": "object" }, - "AWS::SSM::PatchBaseline.RuleGroup": { + "AWS::QuickSight::DataSet.CreateColumnsOperation": { "additionalProperties": false, "properties": { - "PatchRules": { + "Columns": { "items": { - "$ref": "#/definitions/AWS::SSM::PatchBaseline.Rule" + "$ref": "#/definitions/AWS::QuickSight::DataSet.CalculatedColumn" }, - "markdownDescription": "The rules that make up the rule group.", - "title": "PatchRules", + "markdownDescription": "Calculated columns to create.", + "title": "Columns", "type": "array" } }, "type": "object" }, - "AWS::SSM::ResourceDataSync": { + "AWS::QuickSight::DataSet.CustomSql": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Columns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.InputColumn" + }, + "markdownDescription": "The column schema from the SQL query result set.", + "title": "Columns", + "type": "array" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DataSourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the data source.", + "title": "DataSourceArn", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "BucketName": { - "markdownDescription": "The name of the S3 bucket where the aggregated data is stored.", - "title": "BucketName", - "type": "string" - }, - "BucketPrefix": { - "markdownDescription": "An Amazon S3 prefix for the bucket.", - "title": "BucketPrefix", - "type": "string" - }, - "BucketRegion": { - "markdownDescription": "The AWS Region with the S3 bucket targeted by the resource data sync.", - "title": "BucketRegion", - "type": "string" - }, - "KMSKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an encryption key for a destination in Amazon S3 . You can use a KMS key to encrypt inventory data in Amazon S3 . You must specify a key that exist in the same AWS Region as the destination Amazon S3 bucket.", - "title": "KMSKeyArn", - "type": "string" - }, - "S3Destination": { - "$ref": "#/definitions/AWS::SSM::ResourceDataSync.S3Destination", - "markdownDescription": "Configuration information for the target S3 bucket.", - "title": "S3Destination" - }, - "SyncFormat": { - "markdownDescription": "A supported sync format. The following format is currently supported: JsonSerDe", - "title": "SyncFormat", - "type": "string" - }, - "SyncName": { - "markdownDescription": "A name for the resource data sync.", - "title": "SyncName", - "type": "string" - }, - "SyncSource": { - "$ref": "#/definitions/AWS::SSM::ResourceDataSync.SyncSource", - "markdownDescription": "Information about the source where the data was synchronized.", - "title": "SyncSource" - }, - "SyncType": { - "markdownDescription": "The type of resource data sync. If `SyncType` is `SyncToDestination` , then the resource data sync synchronizes data to an S3 bucket. If the `SyncType` is `SyncFromSource` then the resource data sync synchronizes data from AWS Organizations or from multiple AWS Regions .", - "title": "SyncType", - "type": "string" - } - }, - "required": [ - "SyncName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::SSM::ResourceDataSync" - ], + "Name": { + "markdownDescription": "A display name for the SQL query result.", + "title": "Name", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SqlQuery": { + "markdownDescription": "The SQL query.", + "title": "SqlQuery", "type": "string" } }, "required": [ - "Type", - "Properties" + "DataSourceArn", + "Name", + "SqlQuery" ], "type": "object" }, - "AWS::SSM::ResourceDataSync.AwsOrganizationsSource": { + "AWS::QuickSight::DataSet.DataSetRefreshProperties": { "additionalProperties": false, "properties": { - "OrganizationSourceType": { - "markdownDescription": "If an AWS organization is present, this is either `OrganizationalUnits` or `EntireOrganization` . For `OrganizationalUnits` , the data is aggregated from a set of organization units. For `EntireOrganization` , the data is aggregated from the entire AWS organization.", - "title": "OrganizationSourceType", - "type": "string" + "FailureConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.RefreshFailureConfiguration", + "markdownDescription": "The failure configuration for a dataset.", + "title": "FailureConfiguration" }, - "OrganizationalUnits": { - "items": { - "type": "string" - }, - "markdownDescription": "The AWS Organizations organization units included in the sync.", - "title": "OrganizationalUnits", - "type": "array" + "RefreshConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.RefreshConfiguration", + "markdownDescription": "The refresh configuration for a dataset.", + "title": "RefreshConfiguration" } }, - "required": [ - "OrganizationSourceType" - ], "type": "object" }, - "AWS::SSM::ResourceDataSync.S3Destination": { + "AWS::QuickSight::DataSet.DataSetUsageConfiguration": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "The name of the S3 bucket where the aggregated data is stored.", - "title": "BucketName", - "type": "string" + "DisableUseAsDirectQuerySource": { + "markdownDescription": "An option that controls whether a child dataset of a direct query can use this dataset as a source.", + "title": "DisableUseAsDirectQuerySource", + "type": "boolean" }, - "BucketPrefix": { - "markdownDescription": "An Amazon S3 prefix for the bucket.", - "title": "BucketPrefix", + "DisableUseAsImportedSource": { + "markdownDescription": "An option that controls whether a child dataset that's stored in QuickSight can use this dataset as a source.", + "title": "DisableUseAsImportedSource", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.DatasetParameter": { + "additionalProperties": false, + "properties": { + "DateTimeDatasetParameter": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.DateTimeDatasetParameter", + "markdownDescription": "A date time parameter that is created in the dataset.", + "title": "DateTimeDatasetParameter" + }, + "DecimalDatasetParameter": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.DecimalDatasetParameter", + "markdownDescription": "A decimal parameter that is created in the dataset.", + "title": "DecimalDatasetParameter" + }, + "IntegerDatasetParameter": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.IntegerDatasetParameter", + "markdownDescription": "An integer parameter that is created in the dataset.", + "title": "IntegerDatasetParameter" + }, + "StringDatasetParameter": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.StringDatasetParameter", + "markdownDescription": "A string parameter that is created in the dataset.", + "title": "StringDatasetParameter" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.DateTimeDatasetParameter": { + "additionalProperties": false, + "properties": { + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.DateTimeDatasetParameterDefaultValues", + "markdownDescription": "A list of default values for a given date time parameter. This structure only accepts static values.", + "title": "DefaultValues" + }, + "Id": { + "markdownDescription": "An identifier for the parameter that is created in the dataset.", + "title": "Id", "type": "string" }, - "BucketRegion": { - "markdownDescription": "The AWS Region with the S3 bucket targeted by the resource data sync.", - "title": "BucketRegion", + "Name": { + "markdownDescription": "The name of the date time parameter that is created in the dataset.", + "title": "Name", "type": "string" }, - "KMSKeyArn": { - "markdownDescription": "The ARN of an encryption key for a destination in Amazon S3. Must belong to the same Region as the destination S3 bucket.", - "title": "KMSKeyArn", + "TimeGranularity": { + "markdownDescription": "The time granularity of the date time parameter.", + "title": "TimeGranularity", "type": "string" }, - "SyncFormat": { - "markdownDescription": "A supported sync format. The following format is currently supported: JsonSerDe", - "title": "SyncFormat", + "ValueType": { + "markdownDescription": "The value type of the dataset parameter. Valid values are `single value` or `multi value` .", + "title": "ValueType", "type": "string" } }, "required": [ - "BucketName", - "BucketRegion", - "SyncFormat" + "Id", + "Name", + "ValueType" ], "type": "object" }, - "AWS::SSM::ResourceDataSync.SyncSource": { + "AWS::QuickSight::DataSet.DateTimeDatasetParameterDefaultValues": { "additionalProperties": false, "properties": { - "AwsOrganizationsSource": { - "$ref": "#/definitions/AWS::SSM::ResourceDataSync.AwsOrganizationsSource", - "markdownDescription": "Information about the AwsOrganizationsSource resource data sync source. A sync source of this type can synchronize data from AWS Organizations .", - "title": "AwsOrganizationsSource" - }, - "IncludeFutureRegions": { - "markdownDescription": "Whether to automatically synchronize and aggregate data from new AWS Regions when those Regions come online.", - "title": "IncludeFutureRegions", - "type": "boolean" - }, - "SourceRegions": { + "StaticValues": { "items": { "type": "string" }, - "markdownDescription": "The `SyncSource` AWS Regions included in the resource data sync.", - "title": "SourceRegions", + "markdownDescription": "A list of static default values for a given date time parameter. The valid format for this property is `yyyy-MM-dd\u2019T\u2019HH:mm:ss\u2019Z\u2019` .", + "title": "StaticValues", "type": "array" - }, - "SourceType": { - "markdownDescription": "The type of data source for the resource data sync. `SourceType` is either `AwsOrganizations` (if an organization is present in AWS Organizations ) or `SingleAccountMultiRegions` .", - "title": "SourceType", - "type": "string" } }, - "required": [ - "SourceRegions", - "SourceType" - ], "type": "object" }, - "AWS::SSM::ResourcePolicy": { + "AWS::QuickSight::DataSet.DecimalDatasetParameter": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.DecimalDatasetParameterDefaultValues", + "markdownDescription": "A list of default values for a given decimal parameter. This structure only accepts static values.", + "title": "DefaultValues" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Id": { + "markdownDescription": "An identifier for the decimal parameter created in the dataset.", + "title": "Id", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Policy": { - "markdownDescription": "A policy you want to associate with a resource.", - "title": "Policy", - "type": "object" - }, - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource to which you want to attach a policy.", - "title": "ResourceArn", - "type": "string" - } - }, - "required": [ - "Policy", - "ResourceArn" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::SSM::ResourcePolicy" - ], + "Name": { + "markdownDescription": "The name of the decimal parameter that is created in the dataset.", + "title": "Name", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ValueType": { + "markdownDescription": "The value type of the dataset parameter. Valid values are `single value` or `multi value` .", + "title": "ValueType", "type": "string" } }, "required": [ - "Type", - "Properties" + "Id", + "Name", + "ValueType" ], "type": "object" }, - "AWS::SSMContacts::Contact": { + "AWS::QuickSight::DataSet.DecimalDatasetParameterDefaultValues": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Alias": { - "markdownDescription": "The unique and identifiable alias of the contact or escalation plan.", - "title": "Alias", - "type": "string" - }, - "DisplayName": { - "markdownDescription": "The full name of the contact or escalation plan.", - "title": "DisplayName", - "type": "string" - }, - "Plan": { - "items": { - "$ref": "#/definitions/AWS::SSMContacts::Contact.Stage" - }, - "markdownDescription": "A list of stages. A contact has an engagement plan with stages that contact specified contact channels. An escalation plan uses stages that contact specified contacts.", - "title": "Plan", - "type": "array" - }, - "Type": { - "markdownDescription": "The type of contact.\n\n- `PERSONAL` : A single, individual contact.\n- `ESCALATION` : An escalation plan.\n- `ONCALL_SCHEDULE` : An on-call schedule.", - "title": "Type", - "type": "string" - } + "StaticValues": { + "items": { + "type": "number" }, - "required": [ - "Alias", - "DisplayName", - "Type" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::SSMContacts::Contact" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "markdownDescription": "A list of static default values for a given decimal parameter.", + "title": "StaticValues", + "type": "array" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::SSMContacts::Contact.ChannelTargetInfo": { + "AWS::QuickSight::DataSet.FieldFolder": { "additionalProperties": false, "properties": { - "ChannelId": { - "markdownDescription": "The Amazon Resource Name (ARN) of the contact channel.", - "title": "ChannelId", - "type": "string" + "Columns": { + "items": { + "type": "string" + }, + "markdownDescription": "A folder has a list of columns. A column can only be in one folder.", + "title": "Columns", + "type": "array" }, - "RetryIntervalInMinutes": { - "markdownDescription": "The number of minutes to wait before retrying to send engagement if the engagement initially failed.", - "title": "RetryIntervalInMinutes", - "type": "number" + "Description": { + "markdownDescription": "The description for a field folder.", + "title": "Description", + "type": "string" } }, - "required": [ - "ChannelId", - "RetryIntervalInMinutes" - ], "type": "object" }, - "AWS::SSMContacts::Contact.ContactTargetInfo": { + "AWS::QuickSight::DataSet.FilterOperation": { "additionalProperties": false, "properties": { - "ContactId": { - "markdownDescription": "The Amazon Resource Name (ARN) of the contact.", - "title": "ContactId", + "ConditionExpression": { + "markdownDescription": "An expression that must evaluate to a Boolean value. Rows for which the expression evaluates to true are kept in the dataset.", + "title": "ConditionExpression", "type": "string" - }, - "IsEssential": { - "markdownDescription": "A Boolean value determining if the contact's acknowledgement stops the progress of stages in the plan.", - "title": "IsEssential", - "type": "boolean" } }, "required": [ - "ContactId", - "IsEssential" + "ConditionExpression" ], "type": "object" }, - "AWS::SSMContacts::Contact.Stage": { + "AWS::QuickSight::DataSet.GeoSpatialColumnGroup": { "additionalProperties": false, "properties": { - "DurationInMinutes": { - "markdownDescription": "The time to wait until beginning the next stage. The duration can only be set to 0 if a target is specified.", - "title": "DurationInMinutes", - "type": "number" - }, - "RotationIds": { + "Columns": { "items": { "type": "string" }, - "markdownDescription": "The Amazon Resource Names (ARNs) of the on-call rotations associated with the plan.", - "title": "RotationIds", + "markdownDescription": "Columns in this hierarchy.", + "title": "Columns", "type": "array" }, - "Targets": { - "items": { - "$ref": "#/definitions/AWS::SSMContacts::Contact.Targets" - }, - "markdownDescription": "The contacts or contact methods that the escalation plan or engagement plan is engaging.", - "title": "Targets", - "type": "array" + "CountryCode": { + "markdownDescription": "Country code.", + "title": "CountryCode", + "type": "string" + }, + "Name": { + "markdownDescription": "A display name for the hierarchy.", + "title": "Name", + "type": "string" } }, + "required": [ + "Columns", + "Name" + ], "type": "object" }, - "AWS::SSMContacts::Contact.Targets": { + "AWS::QuickSight::DataSet.IncrementalRefresh": { "additionalProperties": false, "properties": { - "ChannelTargetInfo": { - "$ref": "#/definitions/AWS::SSMContacts::Contact.ChannelTargetInfo", - "markdownDescription": "Information about the contact channel that Incident Manager engages.", - "title": "ChannelTargetInfo" + "LookbackWindow": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.LookbackWindow", + "markdownDescription": "The lookback window setup for an incremental refresh configuration.", + "title": "LookbackWindow" + } + }, + "required": [ + "LookbackWindow" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.IngestionWaitPolicy": { + "additionalProperties": false, + "properties": { + "IngestionWaitTimeInHours": { + "markdownDescription": "The maximum time (in hours) to wait for Ingestion to complete. Default timeout is 36 hours. Applicable only when `DataSetImportMode` mode is set to SPICE and `WaitForSpiceIngestion` is set to true.", + "title": "IngestionWaitTimeInHours", + "type": "number" }, - "ContactTargetInfo": { - "$ref": "#/definitions/AWS::SSMContacts::Contact.ContactTargetInfo", - "markdownDescription": "The contact that Incident Manager is engaging during an incident.", - "title": "ContactTargetInfo" + "WaitForSpiceIngestion": { + "markdownDescription": "Wait for SPICE ingestion to finish to mark dataset creation or update as successful. Default (true). Applicable only when `DataSetImportMode` mode is set to SPICE.", + "title": "WaitForSpiceIngestion", + "type": "boolean" } }, "type": "object" }, - "AWS::SSMContacts::ContactChannel": { + "AWS::QuickSight::DataSet.InputColumn": { "additionalProperties": false, "properties": { - "Condition": { + "Name": { + "markdownDescription": "The name of this column in the underlying data source.", + "title": "Name", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SubType": { + "markdownDescription": "The sub data type of the column. Sub types are only available for decimal columns that are part of a SPICE dataset.", + "title": "SubType", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ChannelAddress": { - "markdownDescription": "The details that Incident Manager uses when trying to engage the contact channel.", - "title": "ChannelAddress", - "type": "string" - }, - "ChannelName": { - "markdownDescription": "The name of the contact channel.", - "title": "ChannelName", - "type": "string" - }, - "ChannelType": { - "markdownDescription": "The type of the contact channel. Incident Manager supports three contact methods:\n\n- SMS\n- VOICE\n- EMAIL", - "title": "ChannelType", - "type": "string" - }, - "ContactId": { - "markdownDescription": "The Amazon Resource Name (ARN) of the contact you are adding the contact channel to.", - "title": "ContactId", - "type": "string" - }, - "DeferActivation": { - "markdownDescription": "If you want to activate the channel at a later time, you can choose to defer activation. Incident Manager can't engage your contact channel until it has been activated.", - "title": "DeferActivation", - "type": "boolean" - } - }, - "required": [ - "ChannelAddress", - "ChannelName", - "ChannelType", - "ContactId" - ], - "type": "object" - }, "Type": { - "enum": [ - "AWS::SSMContacts::ContactChannel" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "markdownDescription": "The data type of the column.", + "title": "Type", "type": "string" } }, "required": [ - "Type", - "Properties" + "Name", + "Type" ], "type": "object" }, - "AWS::SSMContacts::Plan": { + "AWS::QuickSight::DataSet.IntegerDatasetParameter": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.IntegerDatasetParameterDefaultValues", + "markdownDescription": "A list of default values for a given integer parameter. This structure only accepts static values.", + "title": "DefaultValues" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Id": { + "markdownDescription": "An identifier for the integer parameter created in the dataset.", + "title": "Id", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ContactId": { - "markdownDescription": "The Amazon Resource Name (ARN) of the contact.", - "title": "ContactId", - "type": "string" - }, - "RotationIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Names (ARNs) of the on-call rotations associated with the plan.", - "title": "RotationIds", - "type": "array" - }, - "Stages": { - "items": { - "$ref": "#/definitions/AWS::SSMContacts::Plan.Stage" - }, - "markdownDescription": "A list of stages that the escalation plan or engagement plan uses to engage contacts and contact methods.", - "title": "Stages", - "type": "array" - } - }, - "required": [ - "ContactId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::SSMContacts::Plan" - ], + "Name": { + "markdownDescription": "The name of the integer parameter that is created in the dataset.", + "title": "Name", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ValueType": { + "markdownDescription": "The value type of the dataset parameter. Valid values are `single value` or `multi value` .", + "title": "ValueType", "type": "string" } }, "required": [ - "Type", - "Properties" + "Id", + "Name", + "ValueType" ], "type": "object" }, - "AWS::SSMContacts::Plan.ChannelTargetInfo": { + "AWS::QuickSight::DataSet.IntegerDatasetParameterDefaultValues": { "additionalProperties": false, "properties": { - "ChannelId": { - "markdownDescription": "The Amazon Resource Name (ARN) of the contact channel.", - "title": "ChannelId", - "type": "string" - }, - "RetryIntervalInMinutes": { - "markdownDescription": "The number of minutes to wait before retrying to send engagement if the engagement initially failed.", - "title": "RetryIntervalInMinutes", - "type": "number" + "StaticValues": { + "items": { + "type": "number" + }, + "markdownDescription": "A list of static default values for a given integer parameter.", + "title": "StaticValues", + "type": "array" } }, - "required": [ - "ChannelId", - "RetryIntervalInMinutes" - ], "type": "object" }, - "AWS::SSMContacts::Plan.ContactTargetInfo": { + "AWS::QuickSight::DataSet.JoinInstruction": { "additionalProperties": false, "properties": { - "ContactId": { - "markdownDescription": "The Amazon Resource Name (ARN) of the contact.", - "title": "ContactId", + "LeftJoinKeyProperties": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.JoinKeyProperties", + "markdownDescription": "Join key properties of the left operand.", + "title": "LeftJoinKeyProperties" + }, + "LeftOperand": { + "markdownDescription": "The operand on the left side of a join.", + "title": "LeftOperand", "type": "string" }, - "IsEssential": { - "markdownDescription": "A Boolean value determining if the contact's acknowledgement stops the progress of stages in the plan.", - "title": "IsEssential", - "type": "boolean" - } - }, - "required": [ - "ContactId", - "IsEssential" - ], - "type": "object" - }, - "AWS::SSMContacts::Plan.Stage": { - "additionalProperties": false, - "properties": { - "DurationInMinutes": { - "markdownDescription": "The time to wait until beginning the next stage. The duration can only be set to 0 if a target is specified.", - "title": "DurationInMinutes", - "type": "number" + "OnClause": { + "markdownDescription": "The join instructions provided in the `ON` clause of a join.", + "title": "OnClause", + "type": "string" }, - "Targets": { - "items": { - "$ref": "#/definitions/AWS::SSMContacts::Plan.Targets" - }, - "markdownDescription": "The contacts or contact methods that the escalation plan or engagement plan is engaging.", - "title": "Targets", - "type": "array" + "RightJoinKeyProperties": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.JoinKeyProperties", + "markdownDescription": "Join key properties of the right operand.", + "title": "RightJoinKeyProperties" + }, + "RightOperand": { + "markdownDescription": "The operand on the right side of a join.", + "title": "RightOperand", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of join that it is.", + "title": "Type", + "type": "string" } }, "required": [ - "DurationInMinutes" + "LeftOperand", + "OnClause", + "RightOperand", + "Type" ], "type": "object" }, - "AWS::SSMContacts::Plan.Targets": { + "AWS::QuickSight::DataSet.JoinKeyProperties": { "additionalProperties": false, "properties": { - "ChannelTargetInfo": { - "$ref": "#/definitions/AWS::SSMContacts::Plan.ChannelTargetInfo", - "markdownDescription": "Information about the contact channel that Incident Manager engages.", - "title": "ChannelTargetInfo" - }, - "ContactTargetInfo": { - "$ref": "#/definitions/AWS::SSMContacts::Plan.ContactTargetInfo", - "markdownDescription": "Information about the contact that Incident Manager engages.", - "title": "ContactTargetInfo" + "UniqueKey": { + "markdownDescription": "A value that indicates that a row in a table is uniquely identified by the columns in a join key. This is used by QuickSight to optimize query performance.", + "title": "UniqueKey", + "type": "boolean" } }, "type": "object" }, - "AWS::SSMContacts::Rotation": { + "AWS::QuickSight::DataSet.LogicalTable": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Alias": { + "markdownDescription": "A display name for the logical table.", + "title": "Alias", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ContactIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Names (ARNs) of the contacts to add to the rotation.\n\n> Only the `PERSONAL` contact type is supported. The contact types `ESCALATION` and `ONCALL_SCHEDULE` are not supported for this operation. \n\nThe order in which you list the contacts is their shift order in the rotation schedule.", - "title": "ContactIds", - "type": "array" - }, - "Name": { - "markdownDescription": "The name for the rotation.", - "title": "Name", - "type": "string" - }, - "Recurrence": { - "$ref": "#/definitions/AWS::SSMContacts::Rotation.RecurrenceSettings", - "markdownDescription": "Information about the rule that specifies when shift team members rotate.", - "title": "Recurrence" - }, - "StartTime": { - "markdownDescription": "The date and time the rotation goes into effect.", - "title": "StartTime", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Optional metadata to assign to the rotation. Tags enable you to categorize a resource in different ways, such as by purpose, owner, or environment. For more information, see [Tagging Incident Manager resources](https://docs.aws.amazon.com/incident-manager/latest/userguide/tagging.html) in the *Incident Manager User Guide* .", - "title": "Tags", - "type": "array" - }, - "TimeZoneId": { - "markdownDescription": "The time zone to base the rotation\u2019s activity on, in Internet Assigned Numbers Authority (IANA) format. For example: \"America/Los_Angeles\", \"UTC\", or \"Asia/Seoul\". For more information, see the [Time Zone Database](https://docs.aws.amazon.com/https://www.iana.org/time-zones) on the IANA website.\n\n> Designators for time zones that don\u2019t support Daylight Savings Time rules, such as Pacific Standard Time (PST), are not supported.", - "title": "TimeZoneId", - "type": "string" - } + "DataTransforms": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.TransformOperation" }, - "required": [ - "ContactIds", - "Name", - "Recurrence", - "StartTime", - "TimeZoneId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::SSMContacts::Rotation" - ], - "type": "string" + "markdownDescription": "Transform operations that act on this logical table. For this structure to be valid, only one of the attributes can be non-null.", + "title": "DataTransforms", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Source": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.LogicalTableSource", + "markdownDescription": "Source of this logical table.", + "title": "Source" } }, "required": [ - "Type", - "Properties" + "Alias" ], "type": "object" }, - "AWS::SSMContacts::Rotation.CoverageTime": { + "AWS::QuickSight::DataSet.LogicalTableSource": { "additionalProperties": false, "properties": { - "EndTime": { - "markdownDescription": "Information about when an on-call rotation shift ends.", - "title": "EndTime", + "DataSetArn": { + "markdownDescription": "The Amazon Resource Number (ARN) of the parent dataset.", + "title": "DataSetArn", "type": "string" }, - "StartTime": { - "markdownDescription": "Information about when an on-call rotation shift begins.", - "title": "StartTime", + "JoinInstruction": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.JoinInstruction", + "markdownDescription": "Specifies the result of a join of two logical tables.", + "title": "JoinInstruction" + }, + "PhysicalTableId": { + "markdownDescription": "Physical table ID.", + "title": "PhysicalTableId", "type": "string" } }, - "required": [ - "EndTime", - "StartTime" - ], "type": "object" }, - "AWS::SSMContacts::Rotation.MonthlySetting": { + "AWS::QuickSight::DataSet.LookbackWindow": { "additionalProperties": false, "properties": { - "DayOfMonth": { - "markdownDescription": "The day of the month when monthly recurring on-call rotations begin.", - "title": "DayOfMonth", + "ColumnName": { + "markdownDescription": "The name of the lookback window column.", + "title": "ColumnName", + "type": "string" + }, + "Size": { + "markdownDescription": "The lookback window column size.", + "title": "Size", "type": "number" }, - "HandOffTime": { - "markdownDescription": "The time of day when a monthly recurring on-call shift rotation begins.", - "title": "HandOffTime", + "SizeUnit": { + "markdownDescription": "The size unit that is used for the lookback window column. Valid values for this structure are `HOUR` , `DAY` , and `WEEK` .", + "title": "SizeUnit", "type": "string" } }, "required": [ - "DayOfMonth", - "HandOffTime" + "ColumnName", + "Size", + "SizeUnit" ], "type": "object" }, - "AWS::SSMContacts::Rotation.RecurrenceSettings": { + "AWS::QuickSight::DataSet.NewDefaultValues": { "additionalProperties": false, "properties": { - "DailySettings": { + "DateTimeStaticValues": { "items": { "type": "string" }, - "markdownDescription": "Information about on-call rotations that recur daily.", - "title": "DailySettings", + "markdownDescription": "A list of static default values for a given date time parameter. The valid format for this property is `yyyy-MM-dd\u2019T\u2019HH:mm:ss\u2019Z\u2019` .", + "title": "DateTimeStaticValues", "type": "array" }, - "MonthlySettings": { + "DecimalStaticValues": { "items": { - "$ref": "#/definitions/AWS::SSMContacts::Rotation.MonthlySetting" + "type": "number" }, - "markdownDescription": "Information about on-call rotations that recur monthly.", - "title": "MonthlySettings", + "markdownDescription": "A list of static default values for a given decimal parameter.", + "title": "DecimalStaticValues", "type": "array" }, - "NumberOfOnCalls": { - "markdownDescription": "The number of contacts, or shift team members designated to be on call concurrently during a shift. For example, in an on-call schedule that contains ten contacts, a value of `2` designates that two of them are on call at any given time.", - "title": "NumberOfOnCalls", - "type": "number" - }, - "RecurrenceMultiplier": { - "markdownDescription": "The number of days, weeks, or months a single rotation lasts.", - "title": "RecurrenceMultiplier", - "type": "number" - }, - "ShiftCoverages": { + "IntegerStaticValues": { "items": { - "$ref": "#/definitions/AWS::SSMContacts::Rotation.ShiftCoverage" + "type": "number" }, - "markdownDescription": "Information about the days of the week included in on-call rotation coverage.", - "title": "ShiftCoverages", + "markdownDescription": "A list of static default values for a given integer parameter.", + "title": "IntegerStaticValues", "type": "array" }, - "WeeklySettings": { + "StringStaticValues": { "items": { - "$ref": "#/definitions/AWS::SSMContacts::Rotation.WeeklySetting" + "type": "string" }, - "markdownDescription": "Information about on-call rotations that recur weekly.", - "title": "WeeklySettings", + "markdownDescription": "A list of static default values for a given string parameter.", + "title": "StringStaticValues", "type": "array" } }, - "required": [ - "NumberOfOnCalls", - "RecurrenceMultiplier" - ], "type": "object" }, - "AWS::SSMContacts::Rotation.ShiftCoverage": { + "AWS::QuickSight::DataSet.OutputColumn": { "additionalProperties": false, "properties": { - "CoverageTimes": { - "items": { - "$ref": "#/definitions/AWS::SSMContacts::Rotation.CoverageTime" - }, - "markdownDescription": "The start and end times of the shift.", - "title": "CoverageTimes", - "type": "array" + "Description": { + "markdownDescription": "A description for a column.", + "title": "Description", + "type": "string" }, - "DayOfWeek": { - "markdownDescription": "A list of days on which the schedule is active.", - "title": "DayOfWeek", + "Name": { + "markdownDescription": "The display name of the column..", + "title": "Name", + "type": "string" + }, + "SubType": { + "markdownDescription": "The sub data type of the column.", + "title": "SubType", + "type": "string" + }, + "Type": { + "markdownDescription": "The data type of the column.", + "title": "Type", "type": "string" } }, - "required": [ - "CoverageTimes", - "DayOfWeek" - ], "type": "object" }, - "AWS::SSMContacts::Rotation.WeeklySetting": { + "AWS::QuickSight::DataSet.OverrideDatasetParameterOperation": { "additionalProperties": false, "properties": { - "DayOfWeek": { - "markdownDescription": "The day of the week when weekly recurring on-call shift rotations begins.", - "title": "DayOfWeek", + "NewDefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.NewDefaultValues", + "markdownDescription": "The new default values for the parameter.", + "title": "NewDefaultValues" + }, + "NewParameterName": { + "markdownDescription": "The new name for the parameter.", + "title": "NewParameterName", "type": "string" }, - "HandOffTime": { - "markdownDescription": "The time of day when a weekly recurring on-call shift rotation begins.", - "title": "HandOffTime", + "ParameterName": { + "markdownDescription": "The name of the parameter to be overridden with different values.", + "title": "ParameterName", "type": "string" } }, "required": [ - "DayOfWeek", - "HandOffTime" + "ParameterName" ], "type": "object" }, - "AWS::SSMIncidents::ReplicationSet": { + "AWS::QuickSight::DataSet.PerformanceConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DeletionProtected": { - "markdownDescription": "Determines if the replication set deletion protection is enabled or not. If deletion protection is enabled, you can't delete the last Region in the replication set.", - "title": "DeletionProtected", - "type": "boolean" - }, - "Regions": { - "items": { - "$ref": "#/definitions/AWS::SSMIncidents::ReplicationSet.ReplicationRegion" - }, - "markdownDescription": "Specifies the Regions of the replication set.", - "title": "Regions", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of tags to add to the replication set.", - "title": "Tags", - "type": "array" - } + "UniqueKeys": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.UniqueKey" }, - "required": [ - "Regions" - ], - "type": "object" + "markdownDescription": "", + "title": "UniqueKeys", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.PhysicalTable": { + "additionalProperties": false, + "properties": { + "CustomSql": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.CustomSql", + "markdownDescription": "A physical table type built from the results of the custom SQL query.", + "title": "CustomSql" }, - "Type": { - "enum": [ - "AWS::SSMIncidents::ReplicationSet" - ], - "type": "string" + "RelationalTable": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.RelationalTable", + "markdownDescription": "A physical table type for relational data sources.", + "title": "RelationalTable" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "S3Source": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.S3Source", + "markdownDescription": "A physical table type for as S3 data source.", + "title": "S3Source" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.ProjectOperation": { + "additionalProperties": false, + "properties": { + "ProjectedColumns": { + "items": { + "type": "string" + }, + "markdownDescription": "Projected columns.", + "title": "ProjectedColumns", + "type": "array" } }, "required": [ - "Type", - "Properties" + "ProjectedColumns" ], "type": "object" }, - "AWS::SSMIncidents::ReplicationSet.RegionConfiguration": { + "AWS::QuickSight::DataSet.RefreshConfiguration": { "additionalProperties": false, "properties": { - "SseKmsKeyId": { - "markdownDescription": "The AWS Key Management Service key ID to use to encrypt your replication set.", - "title": "SseKmsKeyId", - "type": "string" + "IncrementalRefresh": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.IncrementalRefresh", + "markdownDescription": "The incremental refresh for the dataset.", + "title": "IncrementalRefresh" } }, "required": [ - "SseKmsKeyId" + "IncrementalRefresh" ], "type": "object" }, - "AWS::SSMIncidents::ReplicationSet.ReplicationRegion": { + "AWS::QuickSight::DataSet.RefreshFailureConfiguration": { "additionalProperties": false, "properties": { - "RegionConfiguration": { - "$ref": "#/definitions/AWS::SSMIncidents::ReplicationSet.RegionConfiguration", - "markdownDescription": "Specifies the Region configuration.", - "title": "RegionConfiguration" - }, - "RegionName": { - "markdownDescription": "Specifies the region name to add to the replication set.", - "title": "RegionName", + "EmailAlert": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.RefreshFailureEmailAlert", + "markdownDescription": "The email alert configuration for a dataset refresh failure.", + "title": "EmailAlert" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.RefreshFailureEmailAlert": { + "additionalProperties": false, + "properties": { + "AlertStatus": { + "markdownDescription": "The status value that determines if email alerts are sent.", + "title": "AlertStatus", "type": "string" } }, "type": "object" }, - "AWS::SSMIncidents::ResponsePlan": { + "AWS::QuickSight::DataSet.RelationalTable": { "additionalProperties": false, "properties": { - "Condition": { + "Catalog": { + "markdownDescription": "The catalog associated with a table.", + "title": "Catalog", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DataSourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the data source.", + "title": "DataSourceArn", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.Action" - }, - "markdownDescription": "The actions that the response plan starts at the beginning of an incident.", - "title": "Actions", - "type": "array" - }, - "ChatChannel": { - "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.ChatChannel", - "markdownDescription": "The chat channel used for collaboration during an incident.", - "title": "ChatChannel" - }, - "DisplayName": { - "markdownDescription": "The human readable name of the response plan.", - "title": "DisplayName", - "type": "string" - }, - "Engagements": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Name (ARN) for the contacts and escalation plans that the response plan engages during an incident.", - "title": "Engagements", - "type": "array" - }, - "IncidentTemplate": { - "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.IncidentTemplate", - "markdownDescription": "Details used to create an incident when using this response plan.", - "title": "IncidentTemplate" - }, - "Integrations": { - "items": { - "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.Integration" - }, - "markdownDescription": "Information about third-party services integrated into the response plan.", - "title": "Integrations", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the response plan.", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } + "InputColumns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.InputColumn" }, - "required": [ - "IncidentTemplate", - "Name" - ], - "type": "object" + "markdownDescription": "The column schema of the table.", + "title": "InputColumns", + "type": "array" }, - "Type": { - "enum": [ - "AWS::SSMIncidents::ResponsePlan" - ], + "Name": { + "markdownDescription": "The name of the relational table.", + "title": "Name", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Schema": { + "markdownDescription": "The schema name. This name applies to certain relational database engines.", + "title": "Schema", "type": "string" } }, "required": [ - "Type", - "Properties" + "DataSourceArn", + "Name" ], "type": "object" }, - "AWS::SSMIncidents::ResponsePlan.Action": { + "AWS::QuickSight::DataSet.RenameColumnOperation": { "additionalProperties": false, "properties": { - "SsmAutomation": { - "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.SsmAutomation", - "markdownDescription": "Details about the Systems Manager automation document that will be used as a runbook during an incident.", - "title": "SsmAutomation" + "ColumnName": { + "markdownDescription": "The name of the column to be renamed.", + "title": "ColumnName", + "type": "string" + }, + "NewColumnName": { + "markdownDescription": "The new name for the column.", + "title": "NewColumnName", + "type": "string" } }, + "required": [ + "ColumnName" + ], "type": "object" }, - "AWS::SSMIncidents::ResponsePlan.ChatChannel": { + "AWS::QuickSight::DataSet.ResourcePermission": { "additionalProperties": false, "properties": { - "ChatbotSns": { + "Actions": { "items": { "type": "string" }, - "markdownDescription": "The Amazon SNS targets that uses to notify the chat channel of updates to an incident. You can also make updates to the incident through the chat channel by using the Amazon SNS topics", - "title": "ChatbotSns", + "markdownDescription": "The IAM action to grant or revoke permisions on", + "title": "Actions", "type": "array" + }, + "Principal": { + "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", + "title": "Principal", + "type": "string" } }, + "required": [ + "Actions", + "Principal" + ], "type": "object" }, - "AWS::SSMIncidents::ResponsePlan.DynamicSsmParameter": { + "AWS::QuickSight::DataSet.RowLevelPermissionDataSet": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The key parameter to use when running the Systems Manager Automation runbook.", - "title": "Key", + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the dataset that contains permissions for RLS.", + "title": "Arn", "type": "string" }, - "Value": { - "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.DynamicSsmParameterValue", - "markdownDescription": "The dynamic parameter value.", - "title": "Value" + "FormatVersion": { + "markdownDescription": "The user or group rules associated with the dataset that contains permissions for RLS.\n\nBy default, `FormatVersion` is `VERSION_1` . When `FormatVersion` is `VERSION_1` , `UserName` and `GroupName` are required. When `FormatVersion` is `VERSION_2` , `UserARN` and `GroupARN` are required, and `Namespace` must not exist.", + "title": "FormatVersion", + "type": "string" + }, + "Namespace": { + "markdownDescription": "The namespace associated with the dataset that contains permissions for RLS.", + "title": "Namespace", + "type": "string" + }, + "PermissionPolicy": { + "markdownDescription": "The type of permissions to use when interpreting the permissions for RLS. `DENY_ACCESS` is included for backward compatibility only.", + "title": "PermissionPolicy", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the row-level security permission dataset. If enabled, the status is `ENABLED` . If disabled, the status is `DISABLED` .", + "title": "Status", + "type": "string" } }, "required": [ - "Key", - "Value" + "Arn", + "PermissionPolicy" ], "type": "object" }, - "AWS::SSMIncidents::ResponsePlan.DynamicSsmParameterValue": { + "AWS::QuickSight::DataSet.RowLevelPermissionTagConfiguration": { "additionalProperties": false, "properties": { - "Variable": { - "markdownDescription": "Variable dynamic parameters. A parameter value is determined when an incident is created.", - "title": "Variable", + "Status": { + "markdownDescription": "The status of row-level security tags. If enabled, the status is `ENABLED` . If disabled, the status is `DISABLED` .", + "title": "Status", "type": "string" + }, + "TagRuleConfigurations": { + "markdownDescription": "The configuration of tags on a dataset to set row-level security.", + "title": "TagRuleConfigurations", + "type": "object" + }, + "TagRules": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.RowLevelPermissionTagRule" + }, + "markdownDescription": "A set of rules associated with row-level security, such as the tag names and columns that they are assigned to.", + "title": "TagRules", + "type": "array" } }, + "required": [ + "TagRules" + ], "type": "object" }, - "AWS::SSMIncidents::ResponsePlan.IncidentTemplate": { + "AWS::QuickSight::DataSet.RowLevelPermissionTagRule": { "additionalProperties": false, "properties": { - "DedupeString": { - "markdownDescription": "Used to create only one incident record for an incident.", - "title": "DedupeString", + "ColumnName": { + "markdownDescription": "The column name that a tag key is assigned to.", + "title": "ColumnName", "type": "string" }, - "Impact": { - "markdownDescription": "Defines the impact to the customers. Providing an impact overwrites the impact provided by a response plan.\n\n**Possible impacts:** - `1` - Critical impact, this typically relates to full application failure that impacts many to all customers.\n- `2` - High impact, partial application failure with impact to many customers.\n- `3` - Medium impact, the application is providing reduced service to customers.\n- `4` - Low impact, customer might aren't impacted by the problem yet.\n- `5` - No impact, customers aren't currently impacted but urgent action is needed to avoid impact.", - "title": "Impact", - "type": "number" - }, - "IncidentTags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Tags to assign to the template. When the `StartIncident` API action is called, Incident Manager assigns the tags specified in the template to the incident.", - "title": "IncidentTags", - "type": "array" - }, - "NotificationTargets": { - "items": { - "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.NotificationTargetItem" - }, - "markdownDescription": "The Amazon Simple Notification Service ( Amazon SNS ) targets that uses to notify the chat channel of updates to an incident. You can also make updates to the incident through the chat channel using the Amazon SNS topics.", - "title": "NotificationTargets", - "type": "array" + "MatchAllValue": { + "markdownDescription": "A string that you want to use to filter by all the values in a column in the dataset and don\u2019t want to list the values one by one. For example, you can use an asterisk as your match all value.", + "title": "MatchAllValue", + "type": "string" }, - "Summary": { - "markdownDescription": "The summary describes what has happened during the incident.", - "title": "Summary", + "TagKey": { + "markdownDescription": "The unique key for a tag.", + "title": "TagKey", "type": "string" }, - "Title": { - "markdownDescription": "The title of the incident is a brief and easily recognizable.", - "title": "Title", + "TagMultiValueDelimiter": { + "markdownDescription": "A string that you want to use to delimit the values when you pass the values at run time. For example, you can delimit the values with a comma.", + "title": "TagMultiValueDelimiter", "type": "string" } }, "required": [ - "Impact", - "Title" + "ColumnName", + "TagKey" ], "type": "object" }, - "AWS::SSMIncidents::ResponsePlan.Integration": { + "AWS::QuickSight::DataSet.S3Source": { "additionalProperties": false, "properties": { - "PagerDutyConfiguration": { - "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.PagerDutyConfiguration", - "markdownDescription": "Information about the PagerDuty service where the response plan creates an incident.", - "title": "PagerDutyConfiguration" + "DataSourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the data source.", + "title": "DataSourceArn", + "type": "string" + }, + "InputColumns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.InputColumn" + }, + "markdownDescription": "A physical table type for an S3 data source.\n\n> For files that aren't JSON, only `STRING` data types are supported in input columns.", + "title": "InputColumns", + "type": "array" + }, + "UploadSettings": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.UploadSettings", + "markdownDescription": "Information about the format for the S3 source file or files.", + "title": "UploadSettings" } }, "required": [ - "PagerDutyConfiguration" + "DataSourceArn" ], "type": "object" }, - "AWS::SSMIncidents::ResponsePlan.NotificationTargetItem": { + "AWS::QuickSight::DataSet.StringDatasetParameter": { "additionalProperties": false, "properties": { - "SnsTopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic.", - "title": "SnsTopicArn", + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.StringDatasetParameterDefaultValues", + "markdownDescription": "A list of default values for a given string dataset parameter type. This structure only accepts static values.", + "title": "DefaultValues" + }, + "Id": { + "markdownDescription": "An identifier for the string parameter that is created in the dataset.", + "title": "Id", "type": "string" - } - }, - "type": "object" - }, - "AWS::SSMIncidents::ResponsePlan.PagerDutyConfiguration": { - "additionalProperties": false, - "properties": { + }, "Name": { - "markdownDescription": "The name of the PagerDuty configuration.", + "markdownDescription": "The name of the string parameter that is created in the dataset.", "title": "Name", "type": "string" }, - "PagerDutyIncidentConfiguration": { - "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.PagerDutyIncidentConfiguration", - "markdownDescription": "Details about the PagerDuty service associated with the configuration.", - "title": "PagerDutyIncidentConfiguration" - }, - "SecretId": { - "markdownDescription": "The ID of the AWS Secrets Manager secret that stores your PagerDuty key, either a General Access REST API Key or User Token REST API Key, and other user credentials.", - "title": "SecretId", + "ValueType": { + "markdownDescription": "The value type of the dataset parameter. Valid values are `single value` or `multi value` .", + "title": "ValueType", "type": "string" } }, "required": [ + "Id", "Name", - "PagerDutyIncidentConfiguration", - "SecretId" + "ValueType" ], "type": "object" }, - "AWS::SSMIncidents::ResponsePlan.PagerDutyIncidentConfiguration": { + "AWS::QuickSight::DataSet.StringDatasetParameterDefaultValues": { "additionalProperties": false, "properties": { - "ServiceId": { - "markdownDescription": "The ID of the PagerDuty service that the response plan associates with an incident when it launches.", - "title": "ServiceId", - "type": "string" + "StaticValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of static default values for a given string parameter.", + "title": "StaticValues", + "type": "array" } }, - "required": [ - "ServiceId" - ], "type": "object" }, - "AWS::SSMIncidents::ResponsePlan.SsmAutomation": { + "AWS::QuickSight::DataSet.TagColumnOperation": { "additionalProperties": false, "properties": { - "DocumentName": { - "markdownDescription": "The automation document's name.", - "title": "DocumentName", - "type": "string" - }, - "DocumentVersion": { - "markdownDescription": "The version of the runbook to use when running.", - "title": "DocumentVersion", + "ColumnName": { + "markdownDescription": "The column that this operation acts on.", + "title": "ColumnName", "type": "string" }, - "DynamicParameters": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.DynamicSsmParameter" + "$ref": "#/definitions/AWS::QuickSight::DataSet.ColumnTag" }, - "markdownDescription": "The key-value pairs to resolve dynamic parameter values when processing a Systems Manager Automation runbook.", - "title": "DynamicParameters", + "markdownDescription": "The dataset column tag, currently only used for geospatial type tagging.\n\n> This is not tags for the AWS tagging feature.", + "title": "Tags", "type": "array" + } + }, + "required": [ + "ColumnName", + "Tags" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.TransformOperation": { + "additionalProperties": false, + "properties": { + "CastColumnTypeOperation": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.CastColumnTypeOperation", + "markdownDescription": "A transform operation that casts a column to a different type.", + "title": "CastColumnTypeOperation" }, - "Parameters": { + "CreateColumnsOperation": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.CreateColumnsOperation", + "markdownDescription": "An operation that creates calculated columns. Columns created in one such operation form a lexical closure.", + "title": "CreateColumnsOperation" + }, + "FilterOperation": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.FilterOperation", + "markdownDescription": "An operation that filters rows based on some condition.", + "title": "FilterOperation" + }, + "OverrideDatasetParameterOperation": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.OverrideDatasetParameterOperation", + "markdownDescription": "A transform operation that overrides the dataset parameter values that are defined in another dataset.", + "title": "OverrideDatasetParameterOperation" + }, + "ProjectOperation": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.ProjectOperation", + "markdownDescription": "An operation that projects columns. Operations that come after a projection can only refer to projected columns.", + "title": "ProjectOperation" + }, + "RenameColumnOperation": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.RenameColumnOperation", + "markdownDescription": "An operation that renames a column.", + "title": "RenameColumnOperation" + }, + "TagColumnOperation": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.TagColumnOperation", + "markdownDescription": "An operation that tags a column with additional information.", + "title": "TagColumnOperation" + }, + "UntagColumnOperation": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.UntagColumnOperation", + "markdownDescription": "", + "title": "UntagColumnOperation" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.UniqueKey": { + "additionalProperties": false, + "properties": { + "ColumnNames": { "items": { - "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.SsmParameter" + "type": "string" }, - "markdownDescription": "The key-value pair parameters to use when running the runbook.", - "title": "Parameters", + "markdownDescription": "", + "title": "ColumnNames", "type": "array" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role that the automation document will assume when running commands.", - "title": "RoleArn", - "type": "string" - }, - "TargetAccount": { - "markdownDescription": "The account that the automation document will be run in. This can be in either the management account or an application account.", - "title": "TargetAccount", - "type": "string" } }, "required": [ - "DocumentName", - "RoleArn" + "ColumnNames" ], "type": "object" }, - "AWS::SSMIncidents::ResponsePlan.SsmParameter": { + "AWS::QuickSight::DataSet.UntagColumnOperation": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The key parameter to use when running the Automation runbook.", - "title": "Key", + "ColumnName": { + "markdownDescription": "The column that this operation acts on.", + "title": "ColumnName", "type": "string" }, - "Values": { + "TagNames": { "items": { "type": "string" }, - "markdownDescription": "The value parameter to use when running the Automation runbook.", - "title": "Values", + "markdownDescription": "The column tags to remove from this column.", + "title": "TagNames", "type": "array" } }, "required": [ - "Key", - "Values" + "ColumnName", + "TagNames" ], "type": "object" }, - "AWS::SSO::Assignment": { + "AWS::QuickSight::DataSet.UploadSettings": { + "additionalProperties": false, + "properties": { + "ContainsHeader": { + "markdownDescription": "Whether the file has a header row, or the files each have a header row.", + "title": "ContainsHeader", + "type": "boolean" + }, + "Delimiter": { + "markdownDescription": "The delimiter between values in the file.", + "title": "Delimiter", + "type": "string" + }, + "Format": { + "markdownDescription": "File format.", + "title": "Format", + "type": "string" + }, + "StartFromRow": { + "markdownDescription": "A row number to start reading data from.", + "title": "StartFromRow", + "type": "number" + }, + "TextQualifier": { + "markdownDescription": "Text qualifier.", + "title": "TextQualifier", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSource": { "additionalProperties": false, "properties": { "Condition": { @@ -243619,125 +249784,93 @@ "Properties": { "additionalProperties": false, "properties": { - "InstanceArn": { - "markdownDescription": "The ARN of the IAM Identity Center instance under which the operation will be executed. For more information about ARNs, see [Amazon Resource Names (ARNs) and AWS Service Namespaces](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* .", - "title": "InstanceArn", - "type": "string" + "AlternateDataSourceParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.DataSourceParameters" + }, + "markdownDescription": "A set of alternate data source parameters that you want to share for the credentials stored with this data source. The credentials are applied in tandem with the data source parameters when you copy a data source by using a create or update request. The API operation compares the `DataSourceParameters` structure that's in the request with the structures in the `AlternateDataSourceParameters` allow list. If the structures are an exact match, the request is allowed to use the credentials from this existing data source. If the `AlternateDataSourceParameters` list is null, the `Credentials` originally used with this `DataSourceParameters` are automatically allowed.", + "title": "AlternateDataSourceParameters", + "type": "array" }, - "PermissionSetArn": { - "markdownDescription": "The ARN of the permission set.", - "title": "PermissionSetArn", + "AwsAccountId": { + "markdownDescription": "The AWS account ID.", + "title": "AwsAccountId", "type": "string" }, - "PrincipalId": { - "markdownDescription": "An identifier for an object in IAM Identity Center, such as a user or group. PrincipalIds are GUIDs (For example, f81d4fae-7dec-11d0-a765-00a0c91e6bf6). For more information about PrincipalIds in IAM Identity Center, see the [IAM Identity Center Identity Store API Reference](https://docs.aws.amazon.com//singlesignon/latest/IdentityStoreAPIReference/welcome.html) .", - "title": "PrincipalId", - "type": "string" + "Credentials": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.DataSourceCredentials", + "markdownDescription": "The credentials Amazon QuickSight that uses to connect to your underlying source. Currently, only credentials based on user name and password are supported.", + "title": "Credentials" }, - "PrincipalType": { - "markdownDescription": "The entity type for which the assignment will be created.", - "title": "PrincipalType", + "DataSourceId": { + "markdownDescription": "An ID for the data source. This ID is unique per AWS Region for each AWS account.", + "title": "DataSourceId", "type": "string" }, - "TargetId": { - "markdownDescription": "TargetID is an AWS account identifier, (For example, 123456789012).", - "title": "TargetId", - "type": "string" + "DataSourceParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.DataSourceParameters", + "markdownDescription": "The parameters that Amazon QuickSight uses to connect to your underlying source.", + "title": "DataSourceParameters" }, - "TargetType": { - "markdownDescription": "The entity type for which the assignment will be created.", - "title": "TargetType", - "type": "string" - } - }, - "required": [ - "InstanceArn", - "PermissionSetArn", - "PrincipalId", - "PrincipalType", - "TargetId", - "TargetType" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::SSO::Assignment" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::SSO::InstanceAccessControlAttributeConfiguration": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + "ErrorInfo": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.DataSourceErrorInfo", + "markdownDescription": "Error information from the last update or the creation of the data source.", + "title": "ErrorInfo" + }, + "FolderArns": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "FolderArns", + "type": "array" + }, + "Name": { + "markdownDescription": "A display name for the data source.", + "title": "Name", "type": "string" }, - { + "Permissions": { "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::DataSource.ResourcePermission" }, + "markdownDescription": "A list of resource permissions on the data source.", + "title": "Permissions", "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AccessControlAttributes": { + }, + "SslProperties": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.SslProperties", + "markdownDescription": "Secure Socket Layer (SSL) properties that apply when Amazon QuickSight connects to your underlying source.", + "title": "SslProperties" + }, + "Tags": { "items": { - "$ref": "#/definitions/AWS::SSO::InstanceAccessControlAttributeConfiguration.AccessControlAttribute" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "Lists the attributes that are configured for ABAC in the specified IAM Identity Center instance.", - "title": "AccessControlAttributes", + "markdownDescription": "Contains a map of the key-value pairs for the resource tag or tags assigned to the data source.", + "title": "Tags", "type": "array" }, - "InstanceArn": { - "markdownDescription": "The ARN of the IAM Identity Center instance under which the operation will be executed.", - "title": "InstanceArn", + "Type": { + "markdownDescription": "The type of the data source. To return a list of all data sources, use `ListDataSources` .\n\nUse `AMAZON_ELASTICSEARCH` for Amazon OpenSearch Service.", + "title": "Type", "type": "string" + }, + "VpcConnectionProperties": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.VpcConnectionProperties", + "markdownDescription": "Use this parameter only when you want Amazon QuickSight to use a VPC connection when connecting to your underlying source.", + "title": "VpcConnectionProperties" } }, "required": [ - "InstanceArn" + "Name", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::SSO::InstanceAccessControlAttributeConfiguration" + "AWS::QuickSight::DataSource" ], "type": "string" }, @@ -243756,1168 +249889,848 @@ ], "type": "object" }, - "AWS::SSO::InstanceAccessControlAttributeConfiguration.AccessControlAttribute": { + "AWS::QuickSight::DataSource.AmazonElasticsearchParameters": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The name of the attribute associated with your identities in your identity source. This is used to map a specified attribute in your identity source with an attribute in IAM Identity Center .", - "title": "Key", + "Domain": { + "markdownDescription": "The OpenSearch domain.", + "title": "Domain", "type": "string" - }, - "Value": { - "$ref": "#/definitions/AWS::SSO::InstanceAccessControlAttributeConfiguration.AccessControlAttributeValue", - "markdownDescription": "The value used for mapping a specified attribute to an identity source.", - "title": "Value" } }, "required": [ - "Key", - "Value" + "Domain" ], "type": "object" }, - "AWS::SSO::InstanceAccessControlAttributeConfiguration.AccessControlAttributeValue": { + "AWS::QuickSight::DataSource.AmazonOpenSearchParameters": { "additionalProperties": false, "properties": { - "Source": { - "items": { - "type": "string" - }, - "markdownDescription": "The identity source to use when mapping a specified attribute to IAM Identity Center .", - "title": "Source", - "type": "array" + "Domain": { + "markdownDescription": "The OpenSearch domain.", + "title": "Domain", + "type": "string" } }, "required": [ - "Source" + "Domain" ], "type": "object" }, - "AWS::SSO::PermissionSet": { + "AWS::QuickSight::DataSource.AthenaParameters": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "IdentityCenterConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.IdentityCenterConfiguration", + "markdownDescription": "An optional parameter that configures IAM Identity Center authentication to grant Amazon QuickSight access to your workgroup.\n\nThis parameter can only be specified if your Amazon QuickSight account is configured with IAM Identity Center.", + "title": "IdentityCenterConfiguration" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "RoleArn": { + "markdownDescription": "Use the `RoleArn` structure to override an account-wide role for a specific Athena data source. For example, say an account administrator has turned off all Athena access with an account-wide role. The administrator can then use `RoleArn` to bypass the account-wide role and allow Athena access for the single Athena data source that is specified in the structure, even if the account-wide role forbidding Athena access is still active.", + "title": "RoleArn", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "WorkGroup": { + "markdownDescription": "The workgroup that Amazon Athena uses.", + "title": "WorkGroup", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSource.AuroraParameters": { + "additionalProperties": false, + "properties": { + "Database": { + "markdownDescription": "Database.", + "title": "Database", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "CustomerManagedPolicyReferences": { - "items": { - "$ref": "#/definitions/AWS::SSO::PermissionSet.CustomerManagedPolicyReference" - }, - "markdownDescription": "Specifies the names and paths of the customer managed policies that you have attached to your permission set.", - "title": "CustomerManagedPolicyReferences", - "type": "array" - }, - "Description": { - "markdownDescription": "The description of the `PermissionSet` .", - "title": "Description", - "type": "string" - }, - "InlinePolicy": { - "markdownDescription": "The inline policy that is attached to the permission set.\n\n> For `Length Constraints` , if a valid ARN is provided for a permission set, it is possible for an empty inline policy to be returned.", - "title": "InlinePolicy", - "type": "object" - }, - "InstanceArn": { - "markdownDescription": "The ARN of the IAM Identity Center instance under which the operation will be executed. For more information about ARNs, see [Amazon Resource Names (ARNs) and AWS Service Namespaces](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* .", - "title": "InstanceArn", - "type": "string" - }, - "ManagedPolicies": { - "items": { - "type": "string" - }, - "markdownDescription": "A structure that stores a list of managed policy ARNs that describe the associated AWS managed policy.", - "title": "ManagedPolicies", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the permission set.", - "title": "Name", - "type": "string" - }, - "PermissionsBoundary": { - "$ref": "#/definitions/AWS::SSO::PermissionSet.PermissionsBoundary", - "markdownDescription": "Specifies the configuration of the AWS managed or customer managed policy that you want to set as a permissions boundary. Specify either `CustomerManagedPolicyReference` to use the name and path of a customer managed policy, or `ManagedPolicyArn` to use the ARN of an AWS managed policy. A permissions boundary represents the maximum permissions that any policy can grant your role. For more information, see [Permissions boundaries for IAM entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) in the *IAM User Guide* .\n\n> Policies used as permissions boundaries don't provide permissions. You must also attach an IAM policy to the role. To learn how the effective permissions for a role are evaluated, see [IAM JSON policy evaluation logic](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html) in the *IAM User Guide* .", - "title": "PermissionsBoundary" - }, - "RelayStateType": { - "markdownDescription": "Used to redirect users within the application during the federation authentication process.", - "title": "RelayStateType", - "type": "string" - }, - "SessionDuration": { - "markdownDescription": "The length of time that the application user sessions are valid for in the ISO-8601 standard.", - "title": "SessionDuration", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to attach to the new `PermissionSet` .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "InstanceArn", - "Name" - ], - "type": "object" + "Host": { + "markdownDescription": "Host.", + "title": "Host", + "type": "string" }, - "Type": { - "enum": [ - "AWS::SSO::PermissionSet" - ], + "Port": { + "markdownDescription": "Port.", + "title": "Port", + "type": "number" + } + }, + "required": [ + "Database", + "Host", + "Port" + ], + "type": "object" + }, + "AWS::QuickSight::DataSource.AuroraPostgreSqlParameters": { + "additionalProperties": false, + "properties": { + "Database": { + "markdownDescription": "The Amazon Aurora PostgreSQL database to connect to.", + "title": "Database", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Host": { + "markdownDescription": "The Amazon Aurora PostgreSQL-Compatible host to connect to.", + "title": "Host", "type": "string" + }, + "Port": { + "markdownDescription": "The port that Amazon Aurora PostgreSQL is listening on.", + "title": "Port", + "type": "number" } }, "required": [ - "Type", - "Properties" + "Database", + "Host", + "Port" ], "type": "object" }, - "AWS::SSO::PermissionSet.CustomerManagedPolicyReference": { + "AWS::QuickSight::DataSource.CredentialPair": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the IAM policy that you have configured in each account where you want to deploy your permission set.", - "title": "Name", + "AlternateDataSourceParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.DataSourceParameters" + }, + "markdownDescription": "A set of alternate data source parameters that you want to share for these credentials. The credentials are applied in tandem with the data source parameters when you copy a data source by using a create or update request. The API operation compares the `DataSourceParameters` structure that's in the request with the structures in the `AlternateDataSourceParameters` allow list. If the structures are an exact match, the request is allowed to use the new data source with the existing credentials. If the `AlternateDataSourceParameters` list is null, the `DataSourceParameters` originally used with these `Credentials` is automatically allowed.", + "title": "AlternateDataSourceParameters", + "type": "array" + }, + "Password": { + "markdownDescription": "Password.", + "title": "Password", "type": "string" }, - "Path": { - "markdownDescription": "The path to the IAM policy that you have configured in each account where you want to deploy your permission set. The default is `/` . For more information, see [Friendly names and paths](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-friendly-names) in the *IAM User Guide* .", - "title": "Path", + "Username": { + "markdownDescription": "User name.", + "title": "Username", "type": "string" } }, "required": [ - "Name" + "Password", + "Username" ], "type": "object" }, - "AWS::SSO::PermissionSet.PermissionsBoundary": { + "AWS::QuickSight::DataSource.DataSourceCredentials": { "additionalProperties": false, "properties": { - "CustomerManagedPolicyReference": { - "$ref": "#/definitions/AWS::SSO::PermissionSet.CustomerManagedPolicyReference", - "markdownDescription": "Specifies the name and path of a customer managed policy. You must have an IAM policy that matches the name and path in each AWS account where you want to deploy your permission set.", - "title": "CustomerManagedPolicyReference" + "CopySourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of a data source that has the credential pair that you want to use. When `CopySourceArn` is not null, the credential pair from the data source in the ARN is used as the credentials for the `DataSourceCredentials` structure.", + "title": "CopySourceArn", + "type": "string" }, - "ManagedPolicyArn": { - "markdownDescription": "The AWS managed policy ARN that you want to attach to a permission set as a permissions boundary.", - "title": "ManagedPolicyArn", + "CredentialPair": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.CredentialPair", + "markdownDescription": "Credential pair. For more information, see `[CredentialPair](https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CredentialPair.html)` .", + "title": "CredentialPair" + }, + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the secret associated with the data source in AWS Secrets Manager .", + "title": "SecretArn", "type": "string" } }, "type": "object" }, - "AWS::SageMaker::App": { + "AWS::QuickSight::DataSource.DataSourceErrorInfo": { "additionalProperties": false, "properties": { - "Condition": { + "Message": { + "markdownDescription": "Error message.", + "title": "Message", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Type": { + "markdownDescription": "Error type.", + "title": "Type", "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSource.DataSourceParameters": { + "additionalProperties": false, + "properties": { + "AmazonElasticsearchParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.AmazonElasticsearchParameters", + "markdownDescription": "The parameters for OpenSearch.", + "title": "AmazonElasticsearchParameters" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "AmazonOpenSearchParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.AmazonOpenSearchParameters", + "markdownDescription": "The parameters for OpenSearch.", + "title": "AmazonOpenSearchParameters" }, - "Metadata": { - "type": "object" + "AthenaParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.AthenaParameters", + "markdownDescription": "The parameters for Amazon Athena.", + "title": "AthenaParameters" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AppName": { - "markdownDescription": "The name of the app.", - "title": "AppName", - "type": "string" - }, - "AppType": { - "markdownDescription": "The type of app.", - "title": "AppType", - "type": "string" - }, - "DomainId": { - "markdownDescription": "The domain ID.", - "title": "DomainId", - "type": "string" - }, - "ResourceSpec": { - "$ref": "#/definitions/AWS::SageMaker::App.ResourceSpec", - "markdownDescription": "Specifies the ARNs of a SageMaker image and SageMaker image version, and the instance type that the version runs on.", - "title": "ResourceSpec" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - }, - "UserProfileName": { - "markdownDescription": "The user profile name.", - "title": "UserProfileName", - "type": "string" - } - }, - "required": [ - "AppName", - "AppType", - "DomainId", - "UserProfileName" - ], - "type": "object" + "AuroraParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.AuroraParameters", + "markdownDescription": "The parameters for Amazon Aurora MySQL.", + "title": "AuroraParameters" }, - "Type": { - "enum": [ - "AWS::SageMaker::App" - ], + "AuroraPostgreSqlParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.AuroraPostgreSqlParameters", + "markdownDescription": "The parameters for Amazon Aurora.", + "title": "AuroraPostgreSqlParameters" + }, + "DatabricksParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.DatabricksParameters", + "markdownDescription": "The required parameters that are needed to connect to a Databricks data source.", + "title": "DatabricksParameters" + }, + "MariaDbParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.MariaDbParameters", + "markdownDescription": "The parameters for MariaDB.", + "title": "MariaDbParameters" + }, + "MySqlParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.MySqlParameters", + "markdownDescription": "The parameters for MySQL.", + "title": "MySqlParameters" + }, + "OracleParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.OracleParameters", + "markdownDescription": "Oracle parameters.", + "title": "OracleParameters" + }, + "PostgreSqlParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.PostgreSqlParameters", + "markdownDescription": "The parameters for PostgreSQL.", + "title": "PostgreSqlParameters" + }, + "PrestoParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.PrestoParameters", + "markdownDescription": "The parameters for Presto.", + "title": "PrestoParameters" + }, + "RdsParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.RdsParameters", + "markdownDescription": "The parameters for Amazon RDS.", + "title": "RdsParameters" + }, + "RedshiftParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.RedshiftParameters", + "markdownDescription": "The parameters for Amazon Redshift.", + "title": "RedshiftParameters" + }, + "S3Parameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.S3Parameters", + "markdownDescription": "The parameters for S3.", + "title": "S3Parameters" + }, + "SnowflakeParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.SnowflakeParameters", + "markdownDescription": "The parameters for Snowflake.", + "title": "SnowflakeParameters" + }, + "SparkParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.SparkParameters", + "markdownDescription": "The parameters for Spark.", + "title": "SparkParameters" + }, + "SqlServerParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.SqlServerParameters", + "markdownDescription": "The parameters for SQL Server.", + "title": "SqlServerParameters" + }, + "StarburstParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.StarburstParameters", + "markdownDescription": "The parameters that are required to connect to a Starburst data source.", + "title": "StarburstParameters" + }, + "TeradataParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.TeradataParameters", + "markdownDescription": "The parameters for Teradata.", + "title": "TeradataParameters" + }, + "TrinoParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.TrinoParameters", + "markdownDescription": "The parameters that are required to connect to a Trino data source.", + "title": "TrinoParameters" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSource.DatabricksParameters": { + "additionalProperties": false, + "properties": { + "Host": { + "markdownDescription": "The host name of the Databricks data source.", + "title": "Host", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Port": { + "markdownDescription": "The port for the Databricks data source.", + "title": "Port", + "type": "number" + }, + "SqlEndpointPath": { + "markdownDescription": "The HTTP path of the Databricks data source.", + "title": "SqlEndpointPath", "type": "string" } }, "required": [ - "Type", - "Properties" + "Host", + "Port", + "SqlEndpointPath" ], "type": "object" }, - "AWS::SageMaker::App.ResourceSpec": { + "AWS::QuickSight::DataSource.IdentityCenterConfiguration": { "additionalProperties": false, "properties": { - "InstanceType": { - "markdownDescription": "The instance type that the image version runs on.\n\n> *JupyterServer apps* only support the `system` value.\n> \n> For *KernelGateway apps* , the `system` value is translated to `ml.t3.medium` . KernelGateway apps also support all other values for available instance types.", - "title": "InstanceType", + "EnableIdentityPropagation": { + "markdownDescription": "A Boolean option that controls whether Trusted Identity Propagation should be used.", + "title": "EnableIdentityPropagation", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSource.ManifestFileLocation": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "Amazon S3 bucket.", + "title": "Bucket", "type": "string" }, - "SageMakerImageArn": { - "markdownDescription": "The ARN of the SageMaker AI image that the image version belongs to.", - "title": "SageMakerImageArn", + "Key": { + "markdownDescription": "Amazon S3 key that identifies an object.", + "title": "Key", + "type": "string" + } + }, + "required": [ + "Bucket", + "Key" + ], + "type": "object" + }, + "AWS::QuickSight::DataSource.MariaDbParameters": { + "additionalProperties": false, + "properties": { + "Database": { + "markdownDescription": "Database.", + "title": "Database", "type": "string" }, - "SageMakerImageVersionArn": { - "markdownDescription": "The ARN of the image version created on the instance. To clear the value set for `SageMakerImageVersionArn` , pass `None` as the value.", - "title": "SageMakerImageVersionArn", + "Host": { + "markdownDescription": "Host.", + "title": "Host", "type": "string" + }, + "Port": { + "markdownDescription": "Port.", + "title": "Port", + "type": "number" } }, + "required": [ + "Database", + "Host", + "Port" + ], "type": "object" }, - "AWS::SageMaker::AppImageConfig": { + "AWS::QuickSight::DataSource.MySqlParameters": { "additionalProperties": false, "properties": { - "Condition": { + "Database": { + "markdownDescription": "Database.", + "title": "Database", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Host": { + "markdownDescription": "Host.", + "title": "Host", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Port": { + "markdownDescription": "Port.", + "title": "Port", + "type": "number" + } + }, + "required": [ + "Database", + "Host", + "Port" + ], + "type": "object" + }, + "AWS::QuickSight::DataSource.OAuthParameters": { + "additionalProperties": false, + "properties": { + "IdentityProviderResourceUri": { + "markdownDescription": "The resource uri of the identity provider.", + "title": "IdentityProviderResourceUri", + "type": "string" }, - "Metadata": { - "type": "object" + "IdentityProviderVpcConnectionProperties": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.VpcConnectionProperties", + "markdownDescription": "", + "title": "IdentityProviderVpcConnectionProperties" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AppImageConfigName": { - "markdownDescription": "The name of the AppImageConfig. Must be unique to your account.", - "title": "AppImageConfigName", - "type": "string" - }, - "CodeEditorAppImageConfig": { - "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.CodeEditorAppImageConfig", - "markdownDescription": "The configuration for the file system and the runtime, such as the environment variables and entry point.", - "title": "CodeEditorAppImageConfig" - }, - "JupyterLabAppImageConfig": { - "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.JupyterLabAppImageConfig", - "markdownDescription": "The configuration for the file system and the runtime, such as the environment variables and entry point.", - "title": "JupyterLabAppImageConfig" - }, - "KernelGatewayImageConfig": { - "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.KernelGatewayImageConfig", - "markdownDescription": "The configuration for the file system and kernels in the SageMaker AI image.", - "title": "KernelGatewayImageConfig" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "AppImageConfigName" - ], - "type": "object" + "OAuthScope": { + "markdownDescription": "The OAuth scope.", + "title": "OAuthScope", + "type": "string" }, - "Type": { - "enum": [ - "AWS::SageMaker::AppImageConfig" - ], + "TokenProviderUrl": { + "markdownDescription": "The token endpoint URL of the identity provider.", + "title": "TokenProviderUrl", + "type": "string" + } + }, + "required": [ + "TokenProviderUrl" + ], + "type": "object" + }, + "AWS::QuickSight::DataSource.OracleParameters": { + "additionalProperties": false, + "properties": { + "Database": { + "markdownDescription": "Database.", + "title": "Database", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Host": { + "markdownDescription": "Host.", + "title": "Host", "type": "string" + }, + "Port": { + "markdownDescription": "Port.", + "title": "Port", + "type": "number" + }, + "UseServiceName": { + "markdownDescription": "A Boolean value that indicates whether the `Database` uses a service name or an SID. If this value is left blank, the default value is `SID` . If this value is set to `false` , the value is `SID` .", + "title": "UseServiceName", + "type": "boolean" } }, "required": [ - "Type", - "Properties" + "Database", + "Host", + "Port" ], "type": "object" }, - "AWS::SageMaker::AppImageConfig.CodeEditorAppImageConfig": { + "AWS::QuickSight::DataSource.PostgreSqlParameters": { "additionalProperties": false, "properties": { - "ContainerConfig": { - "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.ContainerConfig", - "markdownDescription": "", - "title": "ContainerConfig" + "Database": { + "markdownDescription": "Database.", + "title": "Database", + "type": "string" + }, + "Host": { + "markdownDescription": "Host.", + "title": "Host", + "type": "string" + }, + "Port": { + "markdownDescription": "Port.", + "title": "Port", + "type": "number" } }, + "required": [ + "Database", + "Host", + "Port" + ], "type": "object" }, - "AWS::SageMaker::AppImageConfig.ContainerConfig": { + "AWS::QuickSight::DataSource.PrestoParameters": { "additionalProperties": false, "properties": { - "ContainerArguments": { - "items": { - "type": "string" - }, - "markdownDescription": "The arguments for the container when you're running the application.", - "title": "ContainerArguments", - "type": "array" + "Catalog": { + "markdownDescription": "Catalog.", + "title": "Catalog", + "type": "string" }, - "ContainerEntrypoint": { - "items": { - "type": "string" - }, - "markdownDescription": "The entrypoint used to run the application in the container.", - "title": "ContainerEntrypoint", - "type": "array" + "Host": { + "markdownDescription": "Host.", + "title": "Host", + "type": "string" }, - "ContainerEnvironmentVariables": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.CustomImageContainerEnvironmentVariable" - }, - "markdownDescription": "The environment variables to set in the container", - "title": "ContainerEnvironmentVariables", - "type": "array" + "Port": { + "markdownDescription": "Port.", + "title": "Port", + "type": "number" } }, + "required": [ + "Catalog", + "Host", + "Port" + ], "type": "object" }, - "AWS::SageMaker::AppImageConfig.CustomImageContainerEnvironmentVariable": { + "AWS::QuickSight::DataSource.RdsParameters": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The key that identifies a container environment variable.", - "title": "Key", + "Database": { + "markdownDescription": "Database.", + "title": "Database", "type": "string" }, - "Value": { - "markdownDescription": "The value of the container environment variable.", - "title": "Value", + "InstanceId": { + "markdownDescription": "Instance ID.", + "title": "InstanceId", "type": "string" } }, "required": [ - "Key", - "Value" + "Database", + "InstanceId" ], "type": "object" }, - "AWS::SageMaker::AppImageConfig.FileSystemConfig": { + "AWS::QuickSight::DataSource.RedshiftIAMParameters": { "additionalProperties": false, "properties": { - "DefaultGid": { - "markdownDescription": "The default POSIX group ID (GID). If not specified, defaults to `100` .", - "title": "DefaultGid", - "type": "number" + "AutoCreateDatabaseUser": { + "markdownDescription": "Automatically creates a database user. If your database doesn't have a `DatabaseUser` , set this parameter to `True` . If there is no `DatabaseUser` , Amazon QuickSight can't connect to your cluster. The `RoleArn` that you use for this operation must grant access to `redshift:CreateClusterUser` to successfully create the user.", + "title": "AutoCreateDatabaseUser", + "type": "boolean" }, - "DefaultUid": { - "markdownDescription": "The default POSIX user ID (UID). If not specified, defaults to `1000` .", - "title": "DefaultUid", - "type": "number" + "DatabaseGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of groups whose permissions will be granted to Amazon QuickSight to access the cluster. These permissions are combined with the permissions granted to Amazon QuickSight by the `DatabaseUser` . If you choose to include this parameter, the `RoleArn` must grant access to `redshift:JoinGroup` .", + "title": "DatabaseGroups", + "type": "array" }, - "MountPath": { - "markdownDescription": "The path within the image to mount the user's EFS home directory. The directory should be empty. If not specified, defaults to */home/sagemaker-user* .", - "title": "MountPath", + "DatabaseUser": { + "markdownDescription": "The user whose permissions and group memberships will be used by Amazon QuickSight to access the cluster. If this user already exists in your database, Amazon QuickSight is granted the same permissions that the user has. If the user doesn't exist, set the value of `AutoCreateDatabaseUser` to `True` to create a new user with PUBLIC permissions.", + "title": "DatabaseUser", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "Use the `RoleArn` structure to allow Amazon QuickSight to call `redshift:GetClusterCredentials` on your cluster. The calling principal must have `iam:PassRole` access to pass the role to Amazon QuickSight. The role's trust policy must allow the Amazon QuickSight service principal to assume the role.", + "title": "RoleArn", "type": "string" } }, + "required": [ + "RoleArn" + ], "type": "object" }, - "AWS::SageMaker::AppImageConfig.JupyterLabAppImageConfig": { + "AWS::QuickSight::DataSource.RedshiftParameters": { "additionalProperties": false, "properties": { - "ContainerConfig": { - "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.ContainerConfig", - "markdownDescription": "The configuration used to run the application image container.", - "title": "ContainerConfig" + "ClusterId": { + "markdownDescription": "Cluster ID. This field can be blank if the `Host` and `Port` are provided.", + "title": "ClusterId", + "type": "string" + }, + "Database": { + "markdownDescription": "Database.", + "title": "Database", + "type": "string" + }, + "Host": { + "markdownDescription": "Host. This field can be blank if `ClusterId` is provided.", + "title": "Host", + "type": "string" + }, + "IAMParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.RedshiftIAMParameters", + "markdownDescription": "An optional parameter that uses IAM authentication to grant Amazon QuickSight access to your cluster. This parameter can be used instead of [DataSourceCredentials](https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DataSourceCredentials.html) .", + "title": "IAMParameters" + }, + "IdentityCenterConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.IdentityCenterConfiguration", + "markdownDescription": "An optional parameter that configures IAM Identity Center authentication to grant Amazon QuickSight access to your cluster.\n\nThis parameter can only be specified if your Amazon QuickSight account is configured with IAM Identity Center.", + "title": "IdentityCenterConfiguration" + }, + "Port": { + "markdownDescription": "Port. This field can be blank if the `ClusterId` is provided.", + "title": "Port", + "type": "number" } }, + "required": [ + "Database" + ], "type": "object" }, - "AWS::SageMaker::AppImageConfig.KernelGatewayImageConfig": { + "AWS::QuickSight::DataSource.ResourcePermission": { "additionalProperties": false, "properties": { - "FileSystemConfig": { - "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.FileSystemConfig", - "markdownDescription": "The Amazon Elastic File System storage configuration for a SageMaker AI image.", - "title": "FileSystemConfig" - }, - "KernelSpecs": { + "Actions": { "items": { - "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.KernelSpec" + "type": "string" }, - "markdownDescription": "The specification of the Jupyter kernels in the image.", - "title": "KernelSpecs", + "markdownDescription": "The IAM action to grant or revoke permissions on.", + "title": "Actions", "type": "array" + }, + "Principal": { + "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", + "title": "Principal", + "type": "string" + }, + "Resource": { + "markdownDescription": "", + "title": "Resource", + "type": "string" } }, "required": [ - "KernelSpecs" + "Actions", + "Principal" ], "type": "object" }, - "AWS::SageMaker::AppImageConfig.KernelSpec": { + "AWS::QuickSight::DataSource.S3Parameters": { "additionalProperties": false, "properties": { - "DisplayName": { - "markdownDescription": "The display name of the kernel.", - "title": "DisplayName", - "type": "string" + "ManifestFileLocation": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.ManifestFileLocation", + "markdownDescription": "Location of the Amazon S3 manifest file. This is NULL if the manifest file was uploaded into Amazon QuickSight.", + "title": "ManifestFileLocation" }, - "Name": { - "markdownDescription": "The name of the Jupyter kernel in the image. This value is case sensitive.", - "title": "Name", + "RoleArn": { + "markdownDescription": "Use the `RoleArn` structure to override an account-wide role for a specific S3 data source. For example, say an account administrator has turned off all S3 access with an account-wide role. The administrator can then use `RoleArn` to bypass the account-wide role and allow S3 access for the single S3 data source that is specified in the structure, even if the account-wide role forbidding S3 access is still active.", + "title": "RoleArn", "type": "string" } }, "required": [ - "Name" + "ManifestFileLocation" ], "type": "object" }, - "AWS::SageMaker::CodeRepository": { + "AWS::QuickSight::DataSource.SnowflakeParameters": { "additionalProperties": false, "properties": { - "Condition": { + "AuthenticationType": { + "markdownDescription": "The authentication type that you want to use for your connection. This parameter accepts OAuth and non-OAuth authentication types.", + "title": "AuthenticationType", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Database": { + "markdownDescription": "Database.", + "title": "Database", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "CodeRepositoryName": { - "markdownDescription": "The name of the Git repository.", - "title": "CodeRepositoryName", - "type": "string" - }, - "GitConfig": { - "$ref": "#/definitions/AWS::SageMaker::CodeRepository.GitConfig", - "markdownDescription": "Configuration details for the Git repository, including the URL where it is located and the ARN of the AWS Secrets Manager secret that contains the credentials used to access the repository.", - "title": "GitConfig" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "List of tags for Code Repository.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "GitConfig" - ], - "type": "object" + "DatabaseAccessControlRole": { + "markdownDescription": "The database access control role.", + "title": "DatabaseAccessControlRole", + "type": "string" }, - "Type": { - "enum": [ - "AWS::SageMaker::CodeRepository" - ], + "Host": { + "markdownDescription": "Host.", + "title": "Host", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "OAuthParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.OAuthParameters", + "markdownDescription": "An object that contains information needed to create a data source connection between an Amazon QuickSight account and Snowflake.", + "title": "OAuthParameters" + }, + "Warehouse": { + "markdownDescription": "Warehouse.", + "title": "Warehouse", "type": "string" } }, "required": [ - "Type", - "Properties" + "Database", + "Host", + "Warehouse" ], "type": "object" }, - "AWS::SageMaker::CodeRepository.GitConfig": { + "AWS::QuickSight::DataSource.SparkParameters": { "additionalProperties": false, "properties": { - "Branch": { - "markdownDescription": "The default branch for the Git repository.", - "title": "Branch", - "type": "string" - }, - "RepositoryUrl": { - "markdownDescription": "The URL where the Git repository is located.", - "title": "RepositoryUrl", + "Host": { + "markdownDescription": "Host.", + "title": "Host", "type": "string" }, - "SecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Secrets Manager secret that contains the credentials used to access the git repository. The secret must have a staging label of `AWSCURRENT` and must be in the following format:\n\n`{\"username\": *UserName* , \"password\": *Password* }`", - "title": "SecretArn", - "type": "string" + "Port": { + "markdownDescription": "Port.", + "title": "Port", + "type": "number" } }, "required": [ - "RepositoryUrl" + "Host", + "Port" ], "type": "object" }, - "AWS::SageMaker::DataQualityJobDefinition": { + "AWS::QuickSight::DataSource.SqlServerParameters": { "additionalProperties": false, "properties": { - "Condition": { + "Database": { + "markdownDescription": "Database.", + "title": "Database", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Host": { + "markdownDescription": "Host.", + "title": "Host", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DataQualityAppSpecification": { - "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.DataQualityAppSpecification", - "markdownDescription": "Specifies the container that runs the monitoring job.", - "title": "DataQualityAppSpecification" - }, - "DataQualityBaselineConfig": { - "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.DataQualityBaselineConfig", - "markdownDescription": "Configures the constraints and baselines for the monitoring job.", - "title": "DataQualityBaselineConfig" - }, - "DataQualityJobInput": { - "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.DataQualityJobInput", - "markdownDescription": "A list of inputs for the monitoring job. Currently endpoints are supported as monitoring inputs.", - "title": "DataQualityJobInput" - }, - "DataQualityJobOutputConfig": { - "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.MonitoringOutputConfig", - "markdownDescription": "The output configuration for monitoring jobs.", - "title": "DataQualityJobOutputConfig" - }, - "EndpointName": { - "markdownDescription": "", - "title": "EndpointName", - "type": "string" - }, - "JobDefinitionName": { - "markdownDescription": "The name for the monitoring job definition.", - "title": "JobDefinitionName", - "type": "string" - }, - "JobResources": { - "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.MonitoringResources", - "markdownDescription": "Identifies the resources to deploy for a monitoring job.", - "title": "JobResources" - }, - "NetworkConfig": { - "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.NetworkConfig", - "markdownDescription": "Specifies networking configuration for the monitoring job.", - "title": "NetworkConfig" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to perform tasks on your behalf.", - "title": "RoleArn", - "type": "string" - }, - "StoppingCondition": { - "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.StoppingCondition", - "markdownDescription": "A time limit for how long the monitoring job is allowed to run before stopping.", - "title": "StoppingCondition" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "DataQualityAppSpecification", - "DataQualityJobInput", - "DataQualityJobOutputConfig", - "JobResources", - "RoleArn" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::SageMaker::DataQualityJobDefinition" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::SageMaker::DataQualityJobDefinition.BatchTransformInput": { - "additionalProperties": false, - "properties": { - "DataCapturedDestinationS3Uri": { - "markdownDescription": "The Amazon S3 location being used to capture the data.", - "title": "DataCapturedDestinationS3Uri", - "type": "string" - }, - "DatasetFormat": { - "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.DatasetFormat", - "markdownDescription": "The dataset format for your batch transform job.", - "title": "DatasetFormat" - }, - "ExcludeFeaturesAttribute": { - "markdownDescription": "The attributes of the input data to exclude from the analysis.", - "title": "ExcludeFeaturesAttribute", - "type": "string" - }, - "LocalPath": { - "markdownDescription": "Path to the filesystem where the batch transform data is available to the container.", - "title": "LocalPath", - "type": "string" - }, - "S3DataDistributionType": { - "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defaults to `FullyReplicated`", - "title": "S3DataDistributionType", - "type": "string" - }, - "S3InputMode": { - "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", - "title": "S3InputMode", - "type": "string" - } - }, - "required": [ - "DataCapturedDestinationS3Uri", - "DatasetFormat", - "LocalPath" - ], - "type": "object" - }, - "AWS::SageMaker::DataQualityJobDefinition.ClusterConfig": { - "additionalProperties": false, - "properties": { - "InstanceCount": { - "markdownDescription": "The number of ML compute instances to use in the model monitoring job. For distributed processing jobs, specify a value greater than 1. The default value is 1.", - "title": "InstanceCount", - "type": "number" - }, - "InstanceType": { - "markdownDescription": "The ML compute instance type for the processing job.", - "title": "InstanceType", - "type": "string" - }, - "VolumeKmsKeyId": { - "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance(s) that run the model monitoring job.", - "title": "VolumeKmsKeyId", - "type": "string" - }, - "VolumeSizeInGB": { - "markdownDescription": "The size of the ML storage volume, in gigabytes, that you want to provision. You must specify sufficient ML storage for your scenario.", - "title": "VolumeSizeInGB", + "Port": { + "markdownDescription": "Port.", + "title": "Port", "type": "number" } }, "required": [ - "InstanceCount", - "InstanceType", - "VolumeSizeInGB" + "Database", + "Host", + "Port" ], "type": "object" }, - "AWS::SageMaker::DataQualityJobDefinition.ConstraintsResource": { - "additionalProperties": false, - "properties": { - "S3Uri": { - "markdownDescription": "The Amazon S3 URI for the constraints resource.", - "title": "S3Uri", - "type": "string" - } - }, - "type": "object" - }, - "AWS::SageMaker::DataQualityJobDefinition.Csv": { + "AWS::QuickSight::DataSource.SslProperties": { "additionalProperties": false, "properties": { - "Header": { - "markdownDescription": "", - "title": "Header", + "DisableSsl": { + "markdownDescription": "A Boolean option to control whether SSL should be disabled.", + "title": "DisableSsl", "type": "boolean" } }, "type": "object" }, - "AWS::SageMaker::DataQualityJobDefinition.DataQualityAppSpecification": { + "AWS::QuickSight::DataSource.StarburstParameters": { "additionalProperties": false, "properties": { - "ContainerArguments": { - "items": { - "type": "string" - }, - "markdownDescription": "The arguments to send to the container that the monitoring job runs.", - "title": "ContainerArguments", - "type": "array" - }, - "ContainerEntrypoint": { - "items": { - "type": "string" - }, - "markdownDescription": "The entrypoint for a container used to run a monitoring job.", - "title": "ContainerEntrypoint", - "type": "array" - }, - "Environment": { - "additionalProperties": true, - "markdownDescription": "Sets the environment variables in the container that the monitoring job runs.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Environment", - "type": "object" - }, - "ImageUri": { - "markdownDescription": "The container image that the data quality monitoring job runs.", - "title": "ImageUri", - "type": "string" - }, - "PostAnalyticsProcessorSourceUri": { - "markdownDescription": "An Amazon S3 URI to a script that is called after analysis has been performed. Applicable only for the built-in (first party) containers.", - "title": "PostAnalyticsProcessorSourceUri", + "AuthenticationType": { + "markdownDescription": "The authentication type that you want to use for your connection. This parameter accepts OAuth and non-OAuth authentication types.", + "title": "AuthenticationType", "type": "string" }, - "RecordPreprocessorSourceUri": { - "markdownDescription": "An Amazon S3 URI to a script that is called per row prior to running analysis. It can base64 decode the payload and convert it into a flattened JSON so that the built-in container can use the converted data. Applicable only for the built-in (first party) containers.", - "title": "RecordPreprocessorSourceUri", - "type": "string" - } - }, - "required": [ - "ImageUri" - ], - "type": "object" - }, - "AWS::SageMaker::DataQualityJobDefinition.DataQualityBaselineConfig": { - "additionalProperties": false, - "properties": { - "BaseliningJobName": { - "markdownDescription": "The name of the job that performs baselining for the data quality monitoring job.", - "title": "BaseliningJobName", + "Catalog": { + "markdownDescription": "The catalog name for the Starburst data source.", + "title": "Catalog", "type": "string" }, - "ConstraintsResource": { - "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.ConstraintsResource", - "markdownDescription": "The constraints resource for a monitoring job.", - "title": "ConstraintsResource" - }, - "StatisticsResource": { - "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.StatisticsResource", - "markdownDescription": "Configuration for monitoring constraints and monitoring statistics. These baseline resources are compared against the results of the current job from the series of jobs scheduled to collect data periodically.", - "title": "StatisticsResource" - } - }, - "type": "object" - }, - "AWS::SageMaker::DataQualityJobDefinition.DataQualityJobInput": { - "additionalProperties": false, - "properties": { - "BatchTransformInput": { - "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.BatchTransformInput", - "markdownDescription": "Input object for the batch transform job.", - "title": "BatchTransformInput" - }, - "EndpointInput": { - "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.EndpointInput", - "markdownDescription": "Input object for the endpoint", - "title": "EndpointInput" - } - }, - "type": "object" - }, - "AWS::SageMaker::DataQualityJobDefinition.DatasetFormat": { - "additionalProperties": false, - "properties": { - "Csv": { - "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.Csv", - "markdownDescription": "", - "title": "Csv" - }, - "Json": { - "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.Json", - "markdownDescription": "", - "title": "Json" - }, - "Parquet": { - "markdownDescription": "", - "title": "Parquet", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::SageMaker::DataQualityJobDefinition.EndpointInput": { - "additionalProperties": false, - "properties": { - "EndpointName": { - "markdownDescription": "An endpoint in customer's account which has enabled `DataCaptureConfig` enabled.", - "title": "EndpointName", + "DatabaseAccessControlRole": { + "markdownDescription": "The database access control role.", + "title": "DatabaseAccessControlRole", "type": "string" }, - "ExcludeFeaturesAttribute": { - "markdownDescription": "The attributes of the input data to exclude from the analysis.", - "title": "ExcludeFeaturesAttribute", + "Host": { + "markdownDescription": "The host name of the Starburst data source.", + "title": "Host", "type": "string" }, - "LocalPath": { - "markdownDescription": "Path to the filesystem where the endpoint data is available to the container.", - "title": "LocalPath", - "type": "string" + "OAuthParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.OAuthParameters", + "markdownDescription": "An object that contains information needed to create a data source connection between an Amazon QuickSight account and Starburst.", + "title": "OAuthParameters" }, - "S3DataDistributionType": { - "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an Amazon S3 key. Defaults to `FullyReplicated`", - "title": "S3DataDistributionType", - "type": "string" + "Port": { + "markdownDescription": "The port for the Starburst data source.", + "title": "Port", + "type": "number" }, - "S3InputMode": { - "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", - "title": "S3InputMode", + "ProductType": { + "markdownDescription": "The product type for the Starburst data source.", + "title": "ProductType", "type": "string" } }, "required": [ - "EndpointName", - "LocalPath" - ], - "type": "object" - }, - "AWS::SageMaker::DataQualityJobDefinition.Json": { - "additionalProperties": false, - "properties": { - "Line": { - "markdownDescription": "", - "title": "Line", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::SageMaker::DataQualityJobDefinition.MonitoringOutput": { - "additionalProperties": false, - "properties": { - "S3Output": { - "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.S3Output", - "markdownDescription": "The Amazon S3 storage location where the results of a monitoring job are saved.", - "title": "S3Output" - } - }, - "required": [ - "S3Output" + "Catalog", + "Host", + "Port" ], "type": "object" }, - "AWS::SageMaker::DataQualityJobDefinition.MonitoringOutputConfig": { + "AWS::QuickSight::DataSource.TeradataParameters": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "The AWS Key Management Service ( AWS KMS ) key that Amazon SageMaker AI uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption.", - "title": "KmsKeyId", + "Database": { + "markdownDescription": "Database.", + "title": "Database", "type": "string" }, - "MonitoringOutputs": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.MonitoringOutput" - }, - "markdownDescription": "Monitoring outputs for monitoring jobs. This is where the output of the periodic monitoring jobs is uploaded.", - "title": "MonitoringOutputs", - "type": "array" - } - }, - "required": [ - "MonitoringOutputs" - ], - "type": "object" - }, - "AWS::SageMaker::DataQualityJobDefinition.MonitoringResources": { - "additionalProperties": false, - "properties": { - "ClusterConfig": { - "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.ClusterConfig", - "markdownDescription": "The configuration for the cluster resources used to run the processing job.", - "title": "ClusterConfig" + "Host": { + "markdownDescription": "Host.", + "title": "Host", + "type": "string" + }, + "Port": { + "markdownDescription": "Port.", + "title": "Port", + "type": "number" } }, "required": [ - "ClusterConfig" + "Database", + "Host", + "Port" ], "type": "object" }, - "AWS::SageMaker::DataQualityJobDefinition.NetworkConfig": { - "additionalProperties": false, - "properties": { - "EnableInterContainerTrafficEncryption": { - "markdownDescription": "Whether to encrypt all communications between distributed processing jobs. Choose `True` to encrypt communications. Encryption provides greater security for distributed processing jobs, but the processing might take longer.", - "title": "EnableInterContainerTrafficEncryption", - "type": "boolean" - }, - "EnableNetworkIsolation": { - "markdownDescription": "Whether to allow inbound and outbound network calls to and from the containers used for the processing job.", - "title": "EnableNetworkIsolation", - "type": "boolean" - }, - "VpcConfig": { - "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.VpcConfig", - "markdownDescription": "Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC.", - "title": "VpcConfig" - } - }, - "type": "object" - }, - "AWS::SageMaker::DataQualityJobDefinition.S3Output": { + "AWS::QuickSight::DataSource.TrinoParameters": { "additionalProperties": false, "properties": { - "LocalPath": { - "markdownDescription": "The local path to the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job. LocalPath is an absolute path for the output data.", - "title": "LocalPath", + "Catalog": { + "markdownDescription": "The catalog name for the Trino data source.", + "title": "Catalog", "type": "string" }, - "S3UploadMode": { - "markdownDescription": "Whether to upload the results of the monitoring job continuously or after the job completes.", - "title": "S3UploadMode", + "Host": { + "markdownDescription": "The host name of the Trino data source.", + "title": "Host", "type": "string" }, - "S3Uri": { - "markdownDescription": "A URI that identifies the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job.", - "title": "S3Uri", - "type": "string" - } - }, - "required": [ - "LocalPath", - "S3Uri" - ], - "type": "object" - }, - "AWS::SageMaker::DataQualityJobDefinition.StatisticsResource": { - "additionalProperties": false, - "properties": { - "S3Uri": { - "markdownDescription": "The Amazon S3 URI for the statistics resource.", - "title": "S3Uri", - "type": "string" - } - }, - "type": "object" - }, - "AWS::SageMaker::DataQualityJobDefinition.StoppingCondition": { - "additionalProperties": false, - "properties": { - "MaxRuntimeInSeconds": { - "markdownDescription": "The maximum length of time, in seconds, that a training or compilation job can run before it is stopped.\n\nFor compilation jobs, if the job does not complete during this time, a `TimeOut` error is generated. We recommend starting with 900 seconds and increasing as necessary based on your model.\n\nFor all other jobs, if the job does not complete during this time, SageMaker ends the job. When `RetryStrategy` is specified in the job request, `MaxRuntimeInSeconds` specifies the maximum time for all of the attempts in total, not each individual attempt. The default value is 1 day. The maximum value is 28 days.\n\nThe maximum time that a `TrainingJob` can run in total, including any time spent publishing metrics or archiving and uploading models after it has been stopped, is 30 days.", - "title": "MaxRuntimeInSeconds", + "Port": { + "markdownDescription": "The port for the Trino data source.", + "title": "Port", "type": "number" } }, "required": [ - "MaxRuntimeInSeconds" + "Catalog", + "Host", + "Port" ], "type": "object" }, - "AWS::SageMaker::DataQualityJobDefinition.VpcConfig": { + "AWS::QuickSight::DataSource.VpcConnectionProperties": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The VPC security group IDs, in the form `sg-xxxxxxxx` . Specify the security groups for the VPC that is specified in the `Subnets` field.", - "title": "SecurityGroupIds", - "type": "array" - }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "The ID of the subnets in the VPC to which you want to connect your training job or model. For information about the availability of specific instance types, see [Supported Instance Types and Availability Zones](https://docs.aws.amazon.com/sagemaker/latest/dg/instance-types-az.html) .", - "title": "Subnets", - "type": "array" + "VpcConnectionArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the VPC connection.", + "title": "VpcConnectionArn", + "type": "string" } }, "required": [ - "SecurityGroupIds", - "Subnets" + "VpcConnectionArn" ], "type": "object" }, - "AWS::SageMaker::Device": { + "AWS::QuickSight::Folder": { "additionalProperties": false, "properties": { "Condition": { @@ -244952,33 +250765,58 @@ "Properties": { "additionalProperties": false, "properties": { - "Device": { - "$ref": "#/definitions/AWS::SageMaker::Device.Device", - "markdownDescription": "Edge device you want to create.", - "title": "Device" + "AwsAccountId": { + "markdownDescription": "The ID for the AWS account where you want to create the folder.", + "title": "AwsAccountId", + "type": "string" }, - "DeviceFleetName": { - "markdownDescription": "The name of the fleet the device belongs to.", - "title": "DeviceFleetName", + "FolderId": { + "markdownDescription": "The ID of the folder.", + "title": "FolderId", + "type": "string" + }, + "FolderType": { + "markdownDescription": "The type of folder it is.", + "title": "FolderType", + "type": "string" + }, + "Name": { + "markdownDescription": "A display name for the folder.", + "title": "Name", + "type": "string" + }, + "ParentFolderArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the folder.", + "title": "ParentFolderArn", + "type": "string" + }, + "Permissions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Folder.ResourcePermission" + }, + "markdownDescription": "A structure that describes the principals and the resource-level permissions of a folder.\n\nTo specify no permissions, omit `Permissions` .", + "title": "Permissions", + "type": "array" + }, + "SharingModel": { + "markdownDescription": "The sharing scope of the folder.", + "title": "SharingModel", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs that contain metadata to help you categorize and organize your devices. Each tag consists of a key and a value, both of which you define.", + "markdownDescription": "A list of tags for the folders that you want to apply overrides to.", "title": "Tags", "type": "array" } }, - "required": [ - "DeviceFleetName" - ], "type": "object" }, "Type": { "enum": [ - "AWS::SageMaker::Device" + "AWS::QuickSight::Folder" ], "type": "string" }, @@ -244992,36 +250830,34 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::SageMaker::Device.Device": { + "AWS::QuickSight::Folder.ResourcePermission": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "Description of the device.", - "title": "Description", - "type": "string" - }, - "DeviceName": { - "markdownDescription": "The name of the device.", - "title": "DeviceName", - "type": "string" + "Actions": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "Actions", + "type": "array" }, - "IotThingName": { - "markdownDescription": "AWS Internet of Things (IoT) object name.", - "title": "IotThingName", + "Principal": { + "markdownDescription": "", + "title": "Principal", "type": "string" } }, "required": [ - "DeviceName" + "Actions", + "Principal" ], "type": "object" }, - "AWS::SageMaker::DeviceFleet": { + "AWS::QuickSight::RefreshSchedule": { "additionalProperties": false, "properties": { "Condition": { @@ -245056,45 +250892,27 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the fleet.", - "title": "Description", - "type": "string" - }, - "DeviceFleetName": { - "markdownDescription": "Name of the device fleet.", - "title": "DeviceFleetName", + "AwsAccountId": { + "markdownDescription": "The AWS account ID of the account that you are creating a schedule in.", + "title": "AwsAccountId", "type": "string" }, - "OutputConfig": { - "$ref": "#/definitions/AWS::SageMaker::DeviceFleet.EdgeOutputConfig", - "markdownDescription": "The output configuration for storing sample data collected by the fleet.", - "title": "OutputConfig" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) that has access to AWS Internet of Things (IoT).", - "title": "RoleArn", + "DataSetId": { + "markdownDescription": "The ID of the dataset that you are creating a refresh schedule for.", + "title": "DataSetId", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs that contain metadata to help you categorize and organize your device fleets. Each tag consists of a key and a value, both of which you define.", - "title": "Tags", - "type": "array" + "Schedule": { + "$ref": "#/definitions/AWS::QuickSight::RefreshSchedule.RefreshScheduleMap", + "markdownDescription": "The refresh schedule of a dataset.", + "title": "Schedule" } }, - "required": [ - "DeviceFleetName", - "OutputConfig", - "RoleArn" - ], "type": "object" }, "Type": { "enum": [ - "AWS::SageMaker::DeviceFleet" + "AWS::QuickSight::RefreshSchedule" ], "type": "string" }, @@ -245108,31 +250926,79 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::SageMaker::DeviceFleet.EdgeOutputConfig": { + "AWS::QuickSight::RefreshSchedule.RefreshOnDay": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume after compilation job. If you don't provide a KMS key ID, Amazon SageMaker uses the default KMS key for Amazon S3 for your role's account.", - "title": "KmsKeyId", + "DayOfMonth": { + "markdownDescription": "The day of the month that you want your dataset to refresh. This value is required for monthly refresh intervals.", + "title": "DayOfMonth", "type": "string" }, - "S3OutputLocation": { - "markdownDescription": "The Amazon Simple Storage (S3) bucket URI.", - "title": "S3OutputLocation", + "DayOfWeek": { + "markdownDescription": "The day of the week that you want to schedule the refresh on. This value is required for weekly and monthly refresh intervals.", + "title": "DayOfWeek", "type": "string" } }, - "required": [ - "S3OutputLocation" - ], "type": "object" }, - "AWS::SageMaker::Domain": { + "AWS::QuickSight::RefreshSchedule.RefreshScheduleMap": { + "additionalProperties": false, + "properties": { + "RefreshType": { + "markdownDescription": "The type of refresh that a dataset undergoes. Valid values are as follows:\n\n- `FULL_REFRESH` : A complete refresh of a dataset.\n- `INCREMENTAL_REFRESH` : A partial refresh of some rows of a dataset, based on the time window specified.\n\nFor more information on full and incremental refreshes, see [Refreshing SPICE data](https://docs.aws.amazon.com/quicksight/latest/user/refreshing-imported-data.html) in the *QuickSight User Guide* .", + "title": "RefreshType", + "type": "string" + }, + "ScheduleFrequency": { + "$ref": "#/definitions/AWS::QuickSight::RefreshSchedule.ScheduleFrequency", + "markdownDescription": "The frequency for the refresh schedule.", + "title": "ScheduleFrequency" + }, + "ScheduleId": { + "markdownDescription": "An identifier for the refresh schedule.", + "title": "ScheduleId", + "type": "string" + }, + "StartAfterDateTime": { + "markdownDescription": "Time after which the refresh schedule can be started, expressed in `YYYY-MM-DDTHH:MM:SS` format.", + "title": "StartAfterDateTime", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::RefreshSchedule.ScheduleFrequency": { + "additionalProperties": false, + "properties": { + "Interval": { + "markdownDescription": "The interval between scheduled refreshes. Valid values are as follows:\n\n- `MINUTE15` : The dataset refreshes every 15 minutes. This value is only supported for incremental refreshes. This interval can only be used for one schedule per dataset.\n- `MINUTE30` : The dataset refreshes every 30 minutes. This value is only supported for incremental refreshes. This interval can only be used for one schedule per dataset.\n- `HOURLY` : The dataset refreshes every hour. This interval can only be used for one schedule per dataset.\n- `DAILY` : The dataset refreshes every day.\n- `WEEKLY` : The dataset refreshes every week.\n- `MONTHLY` : The dataset refreshes every month.", + "title": "Interval", + "type": "string" + }, + "RefreshOnDay": { + "$ref": "#/definitions/AWS::QuickSight::RefreshSchedule.RefreshOnDay", + "markdownDescription": "The day of the week that you want to schedule the refresh on. This value is required for weekly and monthly refresh intervals.", + "title": "RefreshOnDay" + }, + "TimeOfTheDay": { + "markdownDescription": "The time of day that you want the dataset to refresh. This value is expressed in HH:MM format. This field is not required for schedules that refresh hourly.", + "title": "TimeOfTheDay", + "type": "string" + }, + "TimeZone": { + "markdownDescription": "The timezone that you want the refresh schedule to use. The timezone ID must match a corresponding ID found on `java.util.time.getAvailableIDs()` .", + "title": "TimeZone", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template": { "additionalProperties": false, "properties": { "Condition": { @@ -245167,80 +251033,67 @@ "Properties": { "additionalProperties": false, "properties": { - "AppNetworkAccessType": { - "markdownDescription": "Specifies the VPC used for non-EFS traffic. The default value is `PublicInternetOnly` .\n\n- `PublicInternetOnly` - Non-EFS traffic is through a VPC managed by Amazon SageMaker AI , which allows direct internet access\n- `VpcOnly` - All Studio traffic is through the specified VPC and subnets\n\n*Valid Values* : `PublicInternetOnly | VpcOnly`", - "title": "AppNetworkAccessType", - "type": "string" - }, - "AppSecurityGroupManagement": { - "markdownDescription": "The entity that creates and manages the required security groups for inter-app communication in `VpcOnly` mode. Required when `CreateDomain.AppNetworkAccessType` is `VpcOnly` and `DomainSettings.RStudioServerProDomainSettings.DomainExecutionRoleArn` is provided. If setting up the domain for use with RStudio, this value must be set to `Service` .\n\n*Allowed Values* : `Service` | `Customer`", - "title": "AppSecurityGroupManagement", - "type": "string" - }, - "AuthMode": { - "markdownDescription": "The mode of authentication that members use to access the Domain.\n\n*Valid Values* : `SSO | IAM`", - "title": "AuthMode", - "type": "string" - }, - "DefaultSpaceSettings": { - "$ref": "#/definitions/AWS::SageMaker::Domain.DefaultSpaceSettings", - "markdownDescription": "The default settings for shared spaces that users create in the domain.\n\nSageMaker applies these settings only to shared spaces. It doesn't apply them to private spaces.", - "title": "DefaultSpaceSettings" - }, - "DefaultUserSettings": { - "$ref": "#/definitions/AWS::SageMaker::Domain.UserSettings", - "markdownDescription": "The default user settings.", - "title": "DefaultUserSettings" - }, - "DomainName": { - "markdownDescription": "The domain name.", - "title": "DomainName", + "AwsAccountId": { + "markdownDescription": "The ID for the AWS account that the group is in. You use the ID for the AWS account that contains your Amazon QuickSight account.", + "title": "AwsAccountId", "type": "string" }, - "DomainSettings": { - "$ref": "#/definitions/AWS::SageMaker::Domain.DomainSettings", - "markdownDescription": "A collection of settings that apply to the `SageMaker Domain` . These settings are specified through the `CreateDomain` API call.", - "title": "DomainSettings" + "Definition": { + "$ref": "#/definitions/AWS::QuickSight::Template.TemplateVersionDefinition", + "markdownDescription": "", + "title": "Definition" }, - "KmsKeyId": { - "markdownDescription": "SageMaker uses AWS KMS to encrypt the EFS volume attached to the Domain with an AWS managed customer master key (CMK) by default. For more control, specify a customer managed CMK.\n\n*Length Constraints* : Maximum length of 2048.\n\n*Pattern* : `.*`", - "title": "KmsKeyId", + "Name": { + "markdownDescription": "A display name for the template.", + "title": "Name", "type": "string" }, - "SubnetIds": { + "Permissions": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Template.ResourcePermission" }, - "markdownDescription": "The VPC subnets that Studio uses for communication.\n\n*Length Constraints* : Maximum length of 32.\n\n*Array members* : Minimum number of 1 item. Maximum number of 16 items.\n\n*Pattern* : `[-0-9a-zA-Z]+`", - "title": "SubnetIds", + "markdownDescription": "A list of resource permissions to be set on the template.", + "title": "Permissions", "type": "array" }, + "SourceEntity": { + "$ref": "#/definitions/AWS::QuickSight::Template.TemplateSourceEntity", + "markdownDescription": "The entity that you are using as a source when you create the template. In `SourceEntity` , you specify the type of object you're using as source: `SourceTemplate` for a template or `SourceAnalysis` for an analysis. Both of these require an Amazon Resource Name (ARN). For `SourceTemplate` , specify the ARN of the source template. For `SourceAnalysis` , specify the ARN of the source analysis. The `SourceTemplate` ARN can contain any AWS account and any Amazon QuickSight-supported AWS Region .\n\nUse the `DataSetReferences` entity within `SourceTemplate` or `SourceAnalysis` to list the replacement datasets for the placeholders listed in the original. The schema in each dataset must match its placeholder.\n\nEither a `SourceEntity` or a `Definition` must be provided in order for the request to be valid.", + "title": "SourceEntity" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Tags to associated with the Domain. Each tag consists of a key and an optional value. Tag keys must be unique per resource. Tags are searchable using the Search API.\n\nTags that you specify for the Domain are also added to all apps that are launched in the Domain.\n\n*Array members* : Minimum number of 0 items. Maximum number of 50 items.", + "markdownDescription": "Contains a map of the key-value pairs for the resource tag or tags assigned to the resource.", "title": "Tags", "type": "array" }, - "VpcId": { - "markdownDescription": "The ID of the Amazon Virtual Private Cloud (Amazon VPC) that Studio uses for communication.\n\n*Length Constraints* : Maximum length of 32.\n\n*Pattern* : `[-0-9a-zA-Z]+`", - "title": "VpcId", + "TemplateId": { + "markdownDescription": "An ID for the template that you want to create. This template is unique per AWS Region ; in each AWS account.", + "title": "TemplateId", + "type": "string" + }, + "ValidationStrategy": { + "$ref": "#/definitions/AWS::QuickSight::Template.ValidationStrategy", + "markdownDescription": "The option to relax the validation that is required to create and update analyses, dashboards, and templates with definition objects. When you set this value to `LENIENT` , validation is skipped for specific errors.", + "title": "ValidationStrategy" + }, + "VersionDescription": { + "markdownDescription": "A description of the current template version being created. This API operation creates the first version of the template. Every time `UpdateTemplate` is called, a new version is created. Each version of the template maintains a description of the version in the `VersionDescription` field.", + "title": "VersionDescription", "type": "string" } }, "required": [ - "AuthMode", - "DefaultUserSettings", - "DomainName", - "SubnetIds", - "VpcId" + "AwsAccountId", + "TemplateId" ], "type": "object" }, "Type": { "enum": [ - "AWS::SageMaker::Domain" + "AWS::QuickSight::Template" ], "type": "string" }, @@ -245259,11234 +251112,55950 @@ ], "type": "object" }, - "AWS::SageMaker::Domain.CodeEditorAppSettings": { + "AWS::QuickSight::Template.AggregationFunction": { "additionalProperties": false, "properties": { - "CustomImages": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::Domain.CustomImage" - }, - "markdownDescription": "A list of custom SageMaker images that are configured to run as a Code Editor app.", - "title": "CustomImages", - "type": "array" + "AttributeAggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Template.AttributeAggregationFunction", + "markdownDescription": "Aggregation for attributes.", + "title": "AttributeAggregationFunction" }, - "DefaultResourceSpec": { - "$ref": "#/definitions/AWS::SageMaker::Domain.ResourceSpec", - "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the Code Editor app.", - "title": "DefaultResourceSpec" + "CategoricalAggregationFunction": { + "markdownDescription": "Aggregation for categorical values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values.", + "title": "CategoricalAggregationFunction", + "type": "string" }, - "LifecycleConfigArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Name (ARN) of the Code Editor application lifecycle configuration.", - "title": "LifecycleConfigArns", - "type": "array" + "DateAggregationFunction": { + "markdownDescription": "Aggregation for date values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values.\n- `MIN` : Select the smallest date value.\n- `MAX` : Select the largest date value.", + "title": "DateAggregationFunction", + "type": "string" + }, + "NumericalAggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericalAggregationFunction", + "markdownDescription": "Aggregation for numerical values.", + "title": "NumericalAggregationFunction" } }, "type": "object" }, - "AWS::SageMaker::Domain.CodeRepository": { + "AWS::QuickSight::Template.AggregationSortConfiguration": { "additionalProperties": false, "properties": { - "RepositoryUrl": { - "markdownDescription": "The URL of the Git repository.", - "title": "RepositoryUrl", + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Template.AggregationFunction", + "markdownDescription": "The function that aggregates the values in `Column` .", + "title": "AggregationFunction" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that determines the sort order of aggregated values.", + "title": "Column" + }, + "SortDirection": { + "markdownDescription": "The sort direction of values.\n\n- `ASC` : Sort in ascending order.\n- `DESC` : Sort in descending order.", + "title": "SortDirection", "type": "string" } }, "required": [ - "RepositoryUrl" + "Column", + "SortDirection" ], "type": "object" }, - "AWS::SageMaker::Domain.CustomFileSystemConfig": { + "AWS::QuickSight::Template.AnalysisDefaults": { "additionalProperties": false, "properties": { - "EFSFileSystemConfig": { - "$ref": "#/definitions/AWS::SageMaker::Domain.EFSFileSystemConfig", - "markdownDescription": "The settings for a custom Amazon EFS file system.", - "title": "EFSFileSystemConfig" + "DefaultNewSheetConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultNewSheetConfiguration", + "markdownDescription": "The configuration for default new sheet settings.", + "title": "DefaultNewSheetConfiguration" } }, + "required": [ + "DefaultNewSheetConfiguration" + ], "type": "object" }, - "AWS::SageMaker::Domain.CustomImage": { + "AWS::QuickSight::Template.AnchorDateConfiguration": { "additionalProperties": false, "properties": { - "AppImageConfigName": { - "markdownDescription": "The name of the AppImageConfig.", - "title": "AppImageConfigName", + "AnchorOption": { + "markdownDescription": "The options for the date configuration. Choose one of the options below:\n\n- `NOW`", + "title": "AnchorOption", "type": "string" }, - "ImageName": { - "markdownDescription": "The name of the CustomImage. Must be unique to your account.", - "title": "ImageName", + "ParameterName": { + "markdownDescription": "The name of the parameter that is used for the anchor date configuration.", + "title": "ParameterName", "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ArcAxisConfiguration": { + "additionalProperties": false, + "properties": { + "Range": { + "$ref": "#/definitions/AWS::QuickSight::Template.ArcAxisDisplayRange", + "markdownDescription": "The arc axis range of a `GaugeChartVisual` .", + "title": "Range" }, - "ImageVersionNumber": { - "markdownDescription": "The version number of the CustomImage.", - "title": "ImageVersionNumber", + "ReserveRange": { + "markdownDescription": "The reserved range of the arc axis.", + "title": "ReserveRange", "type": "number" } }, - "required": [ - "AppImageConfigName", - "ImageName" - ], "type": "object" }, - "AWS::SageMaker::Domain.CustomPosixUserConfig": { + "AWS::QuickSight::Template.ArcAxisDisplayRange": { "additionalProperties": false, "properties": { - "Gid": { - "markdownDescription": "The POSIX group ID.", - "title": "Gid", + "Max": { + "markdownDescription": "The maximum value of the arc axis range.", + "title": "Max", "type": "number" }, - "Uid": { - "markdownDescription": "The POSIX user ID.", - "title": "Uid", + "Min": { + "markdownDescription": "The minimum value of the arc axis range.", + "title": "Min", "type": "number" } }, - "required": [ - "Gid", - "Uid" - ], "type": "object" }, - "AWS::SageMaker::Domain.DefaultEbsStorageSettings": { + "AWS::QuickSight::Template.ArcConfiguration": { "additionalProperties": false, "properties": { - "DefaultEbsVolumeSizeInGb": { - "markdownDescription": "The default size of the EBS storage volume for a space.", - "title": "DefaultEbsVolumeSizeInGb", + "ArcAngle": { + "markdownDescription": "The option that determines the arc angle of a `GaugeChartVisual` .", + "title": "ArcAngle", "type": "number" }, - "MaximumEbsVolumeSizeInGb": { - "markdownDescription": "The maximum size of the EBS storage volume for a space.", - "title": "MaximumEbsVolumeSizeInGb", - "type": "number" + "ArcThickness": { + "markdownDescription": "The options that determine the arc thickness of a `GaugeChartVisual` .", + "title": "ArcThickness", + "type": "string" } }, - "required": [ - "DefaultEbsVolumeSizeInGb", - "MaximumEbsVolumeSizeInGb" - ], "type": "object" }, - "AWS::SageMaker::Domain.DefaultSpaceSettings": { + "AWS::QuickSight::Template.ArcOptions": { "additionalProperties": false, "properties": { - "ExecutionRole": { - "markdownDescription": "The ARN of the execution role for the space.", - "title": "ExecutionRole", + "ArcThickness": { + "markdownDescription": "The arc thickness of a `GaugeChartVisual` .", + "title": "ArcThickness", "type": "string" - }, - "JupyterServerAppSettings": { - "$ref": "#/definitions/AWS::SageMaker::Domain.JupyterServerAppSettings", - "markdownDescription": "The JupyterServer app settings.", - "title": "JupyterServerAppSettings" - }, - "KernelGatewayAppSettings": { - "$ref": "#/definitions/AWS::SageMaker::Domain.KernelGatewayAppSettings", - "markdownDescription": "The KernelGateway app settings.", - "title": "KernelGatewayAppSettings" - }, - "SecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "The security group IDs for the Amazon VPC that the space uses for communication.", - "title": "SecurityGroups", - "type": "array" } }, - "required": [ - "ExecutionRole" - ], "type": "object" }, - "AWS::SageMaker::Domain.DefaultSpaceStorageSettings": { + "AWS::QuickSight::Template.AssetOptions": { "additionalProperties": false, "properties": { - "DefaultEbsStorageSettings": { - "$ref": "#/definitions/AWS::SageMaker::Domain.DefaultEbsStorageSettings", - "markdownDescription": "The default EBS storage settings for a space.", - "title": "DefaultEbsStorageSettings" + "Timezone": { + "markdownDescription": "Determines the timezone for the analysis.", + "title": "Timezone", + "type": "string" + }, + "WeekStart": { + "markdownDescription": "Determines the week start day for an analysis.", + "title": "WeekStart", + "type": "string" } }, "type": "object" }, - "AWS::SageMaker::Domain.DockerSettings": { + "AWS::QuickSight::Template.AttributeAggregationFunction": { "additionalProperties": false, "properties": { - "EnableDockerAccess": { - "markdownDescription": "Indicates whether the domain can access Docker.", - "title": "EnableDockerAccess", + "SimpleAttributeAggregation": { + "markdownDescription": "The built-in aggregation functions for attributes.\n\n- `UNIQUE_VALUE` : Returns the unique value for a field, aggregated by the dimension fields.", + "title": "SimpleAttributeAggregation", "type": "string" }, - "VpcOnlyTrustedAccounts": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of AWS accounts that are trusted when the domain is created in VPC-only mode.", - "title": "VpcOnlyTrustedAccounts", - "type": "array" + "ValueForMultipleValues": { + "markdownDescription": "Used by the `UNIQUE_VALUE` aggregation function. If there are multiple values for the field used by the aggregation, the value for this property will be returned instead. Defaults to '*'.", + "title": "ValueForMultipleValues", + "type": "string" } }, "type": "object" }, - "AWS::SageMaker::Domain.DomainSettings": { + "AWS::QuickSight::Template.AxisDataOptions": { "additionalProperties": false, "properties": { - "DockerSettings": { - "$ref": "#/definitions/AWS::SageMaker::Domain.DockerSettings", - "markdownDescription": "A collection of settings that configure the domain's Docker interaction.", - "title": "DockerSettings" - }, - "RStudioServerProDomainSettings": { - "$ref": "#/definitions/AWS::SageMaker::Domain.RStudioServerProDomainSettings", - "markdownDescription": "A collection of settings that configure the `RStudioServerPro` Domain-level app.", - "title": "RStudioServerProDomainSettings" + "DateAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DateAxisOptions", + "markdownDescription": "The options for an axis with a date field.", + "title": "DateAxisOptions" }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The security groups for the Amazon Virtual Private Cloud that the `Domain` uses for communication between Domain-level apps and user apps.", - "title": "SecurityGroupIds", - "type": "array" + "NumericAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericAxisOptions", + "markdownDescription": "The options for an axis with a numeric field.", + "title": "NumericAxisOptions" } }, "type": "object" }, - "AWS::SageMaker::Domain.EFSFileSystemConfig": { + "AWS::QuickSight::Template.AxisDisplayMinMaxRange": { "additionalProperties": false, "properties": { - "FileSystemId": { - "markdownDescription": "The ID of your Amazon EFS file system.", - "title": "FileSystemId", - "type": "string" + "Maximum": { + "markdownDescription": "The maximum setup for an axis display range.", + "title": "Maximum", + "type": "number" }, - "FileSystemPath": { - "markdownDescription": "The path to the file system directory that is accessible in Amazon SageMaker AI Studio. Permitted users can access only this directory and below.", - "title": "FileSystemPath", - "type": "string" + "Minimum": { + "markdownDescription": "The minimum setup for an axis display range.", + "title": "Minimum", + "type": "number" } }, - "required": [ - "FileSystemId" - ], "type": "object" }, - "AWS::SageMaker::Domain.JupyterLabAppSettings": { + "AWS::QuickSight::Template.AxisDisplayOptions": { "additionalProperties": false, "properties": { - "CodeRepositories": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::Domain.CodeRepository" - }, - "markdownDescription": "A list of Git repositories that SageMaker automatically displays to users for cloning in the JupyterLab application.", - "title": "CodeRepositories", - "type": "array" + "AxisLineVisibility": { + "markdownDescription": "Determines whether or not the axis line is visible.", + "title": "AxisLineVisibility", + "type": "object" }, - "CustomImages": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::Domain.CustomImage" - }, - "markdownDescription": "A list of custom SageMaker images that are configured to run as a JupyterLab app.", - "title": "CustomImages", - "type": "array" + "AxisOffset": { + "markdownDescription": "The offset value that determines the starting placement of the axis within a visual's bounds.", + "title": "AxisOffset", + "type": "string" }, - "DefaultResourceSpec": { - "$ref": "#/definitions/AWS::SageMaker::Domain.ResourceSpec", - "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the JupyterLab app.", - "title": "DefaultResourceSpec" + "DataOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDataOptions", + "markdownDescription": "The data options for an axis.", + "title": "DataOptions" }, - "LifecycleConfigArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Name (ARN) of the lifecycle configurations attached to the user profile or domain. To remove a lifecycle config, you must set `LifecycleConfigArns` to an empty list.", - "title": "LifecycleConfigArns", - "type": "array" + "GridLineVisibility": { + "markdownDescription": "Determines whether or not the grid line is visible.", + "title": "GridLineVisibility", + "type": "object" + }, + "ScrollbarOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ScrollBarOptions", + "markdownDescription": "The scroll bar options for an axis.", + "title": "ScrollbarOptions" + }, + "TickLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisTickLabelOptions", + "markdownDescription": "The tick label options of an axis.", + "title": "TickLabelOptions" } }, "type": "object" }, - "AWS::SageMaker::Domain.JupyterServerAppSettings": { + "AWS::QuickSight::Template.AxisDisplayRange": { "additionalProperties": false, "properties": { - "DefaultResourceSpec": { - "$ref": "#/definitions/AWS::SageMaker::Domain.ResourceSpec", - "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the JupyterServer app.", - "title": "DefaultResourceSpec" + "DataDriven": { + "markdownDescription": "The data-driven setup of an axis display range.", + "title": "DataDriven", + "type": "object" + }, + "MinMax": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayMinMaxRange", + "markdownDescription": "The minimum and maximum setup of an axis display range.", + "title": "MinMax" } }, "type": "object" }, - "AWS::SageMaker::Domain.KernelGatewayAppSettings": { + "AWS::QuickSight::Template.AxisLabelOptions": { "additionalProperties": false, "properties": { - "CustomImages": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::Domain.CustomImage" - }, - "markdownDescription": "A list of custom SageMaker AI images that are configured to run as a KernelGateway app.\n\nThe maximum number of custom images are as follows.\n\n- On a domain level: 200\n- On a space level: 5\n- On a user profile level: 5", - "title": "CustomImages", - "type": "array" + "ApplyTo": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisLabelReferenceOptions", + "markdownDescription": "The options that indicate which field the label belongs to.", + "title": "ApplyTo" }, - "DefaultResourceSpec": { - "$ref": "#/definitions/AWS::SageMaker::Domain.ResourceSpec", - "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker AI image used by the KernelGateway app.\n\n> The Amazon SageMaker AI Studio UI does not use the default instance type value set here. The default instance type set here is used when Apps are created using the AWS CLI or AWS CloudFormation and the instance type parameter value is not passed.", - "title": "DefaultResourceSpec" + "CustomLabel": { + "markdownDescription": "The text for the axis label.", + "title": "CustomLabel", + "type": "string" + }, + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "markdownDescription": "The font configuration of the axis label.", + "title": "FontConfiguration" } }, "type": "object" }, - "AWS::SageMaker::Domain.RSessionAppSettings": { + "AWS::QuickSight::Template.AxisLabelReferenceOptions": { "additionalProperties": false, "properties": { - "CustomImages": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::Domain.CustomImage" - }, - "markdownDescription": "A list of custom SageMaker AI images that are configured to run as a RSession app.", - "title": "CustomImages", - "type": "array" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that the axis label is targeted to.", + "title": "Column" }, - "DefaultResourceSpec": { - "$ref": "#/definitions/AWS::SageMaker::Domain.ResourceSpec", - "markdownDescription": "Specifies the ARNs of a SageMaker image and SageMaker image version, and the instance type that the version runs on.", - "title": "DefaultResourceSpec" + "FieldId": { + "markdownDescription": "The field that the axis label is targeted to.", + "title": "FieldId", + "type": "string" } }, + "required": [ + "Column", + "FieldId" + ], "type": "object" }, - "AWS::SageMaker::Domain.RStudioServerProAppSettings": { + "AWS::QuickSight::Template.AxisLinearScale": { "additionalProperties": false, "properties": { - "AccessStatus": { - "markdownDescription": "Indicates whether the current user has access to the `RStudioServerPro` app.", - "title": "AccessStatus", - "type": "string" + "StepCount": { + "markdownDescription": "The step count setup of a linear axis.", + "title": "StepCount", + "type": "number" }, - "UserGroup": { - "markdownDescription": "The level of permissions that the user has within the `RStudioServerPro` app. This value defaults to `User`. The `Admin` value allows the user access to the RStudio Administrative Dashboard.", - "title": "UserGroup", - "type": "string" + "StepSize": { + "markdownDescription": "The step size setup of a linear axis.", + "title": "StepSize", + "type": "number" } }, "type": "object" }, - "AWS::SageMaker::Domain.RStudioServerProDomainSettings": { + "AWS::QuickSight::Template.AxisLogarithmicScale": { "additionalProperties": false, "properties": { - "DefaultResourceSpec": { - "$ref": "#/definitions/AWS::SageMaker::Domain.ResourceSpec", - "markdownDescription": "A collection that defines the default `InstanceType` , `SageMakerImageArn` , and `SageMakerImageVersionArn` for the Domain.", - "title": "DefaultResourceSpec" - }, - "DomainExecutionRoleArn": { - "markdownDescription": "The ARN of the execution role for the `RStudioServerPro` Domain-level app.", - "title": "DomainExecutionRoleArn", - "type": "string" - }, - "RStudioConnectUrl": { - "markdownDescription": "A URL pointing to an RStudio Connect server.", - "title": "RStudioConnectUrl", - "type": "string" - }, - "RStudioPackageManagerUrl": { - "markdownDescription": "A URL pointing to an RStudio Package Manager server.", - "title": "RStudioPackageManagerUrl", - "type": "string" + "Base": { + "markdownDescription": "The base setup of a logarithmic axis scale.", + "title": "Base", + "type": "number" } }, - "required": [ - "DomainExecutionRoleArn" - ], "type": "object" }, - "AWS::SageMaker::Domain.ResourceSpec": { + "AWS::QuickSight::Template.AxisScale": { "additionalProperties": false, "properties": { - "InstanceType": { - "markdownDescription": "The instance type that the image version runs on.\n\n> *JupyterServer apps* only support the `system` value.\n> \n> For *KernelGateway apps* , the `system` value is translated to `ml.t3.medium` . KernelGateway apps also support all other values for available instance types.", - "title": "InstanceType", - "type": "string" - }, - "LifecycleConfigArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Lifecycle Configuration attached to the Resource.", - "title": "LifecycleConfigArn", - "type": "string" - }, - "SageMakerImageArn": { - "markdownDescription": "The ARN of the SageMaker AI image that the image version belongs to.", - "title": "SageMakerImageArn", - "type": "string" + "Linear": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisLinearScale", + "markdownDescription": "The linear axis scale setup.", + "title": "Linear" }, - "SageMakerImageVersionArn": { - "markdownDescription": "The ARN of the image version created on the instance. To clear the value set for `SageMakerImageVersionArn` , pass `None` as the value.", - "title": "SageMakerImageVersionArn", - "type": "string" + "Logarithmic": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisLogarithmicScale", + "markdownDescription": "The logarithmic axis scale setup.", + "title": "Logarithmic" } }, "type": "object" }, - "AWS::SageMaker::Domain.SharingSettings": { + "AWS::QuickSight::Template.AxisTickLabelOptions": { "additionalProperties": false, "properties": { - "NotebookOutputOption": { - "markdownDescription": "Whether to include the notebook cell output when sharing the notebook. The default is `Disabled` .", - "title": "NotebookOutputOption", - "type": "string" - }, - "S3KmsKeyId": { - "markdownDescription": "When `NotebookOutputOption` is `Allowed` , the AWS Key Management Service (KMS) encryption key ID used to encrypt the notebook cell output in the Amazon S3 bucket.", - "title": "S3KmsKeyId", - "type": "string" + "LabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", + "markdownDescription": "Determines whether or not the axis ticks are visible.", + "title": "LabelOptions" }, - "S3OutputPath": { - "markdownDescription": "When `NotebookOutputOption` is `Allowed` , the Amazon S3 bucket used to store the shared notebook snapshots.", - "title": "S3OutputPath", - "type": "string" + "RotationAngle": { + "markdownDescription": "The rotation angle of the axis tick labels.", + "title": "RotationAngle", + "type": "number" } }, "type": "object" }, - "AWS::SageMaker::Domain.UserSettings": { + "AWS::QuickSight::Template.BarChartAggregatedFieldWells": { "additionalProperties": false, "properties": { - "CodeEditorAppSettings": { - "$ref": "#/definitions/AWS::SageMaker::Domain.CodeEditorAppSettings", - "markdownDescription": "The Code Editor application settings.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", - "title": "CodeEditorAppSettings" + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The category (y-axis) field well of a bar chart.", + "title": "Category", + "type": "array" }, - "CustomFileSystemConfigs": { + "Colors": { "items": { - "$ref": "#/definitions/AWS::SageMaker::Domain.CustomFileSystemConfig" + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, - "markdownDescription": "The settings for assigning a custom file system to a user profile. Permitted users can access this file system in Amazon SageMaker AI Studio.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", - "title": "CustomFileSystemConfigs", + "markdownDescription": "The color (group/color) field well of a bar chart.", + "title": "Colors", "type": "array" }, - "CustomPosixUserConfig": { - "$ref": "#/definitions/AWS::SageMaker::Domain.CustomPosixUserConfig", - "markdownDescription": "Details about the POSIX identity that is used for file system operations.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", - "title": "CustomPosixUserConfig" + "SmallMultiples": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The small multiples field well of a bar chart.", + "title": "SmallMultiples", + "type": "array" }, - "DefaultLandingUri": { - "markdownDescription": "The default experience that the user is directed to when accessing the domain. The supported values are:\n\n- `studio::` : Indicates that Studio is the default experience. This value can only be passed if `StudioWebPortal` is set to `ENABLED` .\n- `app:JupyterServer:` : Indicates that Studio Classic is the default experience.", - "title": "DefaultLandingUri", + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The value field wells of a bar chart. Values are aggregated by category.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.BarChartConfiguration": { + "additionalProperties": false, + "properties": { + "BarsArrangement": { + "markdownDescription": "Determines the arrangement of the bars. The orientation and arrangement of bars determine the type of bar that is used in the visual.", + "title": "BarsArrangement", "type": "string" }, - "ExecutionRole": { - "markdownDescription": "The execution role for the user.\n\nSageMaker applies this setting only to private spaces that the user creates in the domain. SageMaker doesn't apply this setting to shared spaces.", - "title": "ExecutionRole", - "type": "string" + "CategoryAxis": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) for bar chart category.", + "title": "CategoryAxis" }, - "JupyterLabAppSettings": { - "$ref": "#/definitions/AWS::SageMaker::Domain.JupyterLabAppSettings", - "markdownDescription": "The settings for the JupyterLab application.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", - "title": "JupyterLabAppSettings" + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a bar chart.", + "title": "CategoryLabelOptions" }, - "JupyterServerAppSettings": { - "$ref": "#/definitions/AWS::SageMaker::Domain.JupyterServerAppSettings", - "markdownDescription": "The Jupyter server's app settings.", - "title": "JupyterServerAppSettings" + "ColorLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a color that is used in a bar chart.", + "title": "ColorLabelOptions" }, - "KernelGatewayAppSettings": { - "$ref": "#/definitions/AWS::SageMaker::Domain.KernelGatewayAppSettings", - "markdownDescription": "The kernel gateway app settings.", - "title": "KernelGatewayAppSettings" + "ContributionAnalysisDefaults": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ContributionAnalysisDefault" + }, + "markdownDescription": "The contribution analysis (anomaly configuration) setup of the visual.", + "title": "ContributionAnalysisDefaults", + "type": "array" }, - "RSessionAppSettings": { - "$ref": "#/definitions/AWS::SageMaker::Domain.RSessionAppSettings", - "markdownDescription": "A collection of settings that configure the `RSessionGateway` app.", - "title": "RSessionAppSettings" + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.", + "title": "DataLabels" }, - "RStudioServerProAppSettings": { - "$ref": "#/definitions/AWS::SageMaker::Domain.RStudioServerProAppSettings", - "markdownDescription": "A collection of settings that configure user interaction with the `RStudioServerPro` app.", - "title": "RStudioServerProAppSettings" + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.BarChartFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" }, - "SecurityGroups": { + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "Orientation": { + "markdownDescription": "The orientation of the bars in a bar chart visual. There are two valid values in this structure:\n\n- `HORIZONTAL` : Used for charts that have horizontal bars. Visuals that use this value are horizontal bar charts, horizontal stacked bar charts, and horizontal stacked 100% bar charts.\n- `VERTICAL` : Used for charts that have vertical bars. Visuals that use this value are vertical bar charts, vertical stacked bar charts, and vertical stacked 100% bar charts.", + "title": "Orientation", + "type": "string" + }, + "ReferenceLines": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLine" }, - "markdownDescription": "The security groups for the Amazon Virtual Private Cloud (VPC) that the domain uses for communication.\n\nOptional when the `CreateDomain.AppNetworkAccessType` parameter is set to `PublicInternetOnly` .\n\nRequired when the `CreateDomain.AppNetworkAccessType` parameter is set to `VpcOnly` , unless specified as part of the `DefaultUserSettings` for the domain.\n\nAmazon SageMaker AI adds a security group to allow NFS traffic from Amazon SageMaker AI Studio. Therefore, the number of security groups that you can specify is one less than the maximum number shown.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", - "title": "SecurityGroups", + "markdownDescription": "The reference line setup of the visual.", + "title": "ReferenceLines", "type": "array" }, - "SharingSettings": { - "$ref": "#/definitions/AWS::SageMaker::Domain.SharingSettings", - "markdownDescription": "Specifies options for sharing Amazon SageMaker AI Studio notebooks.", - "title": "SharingSettings" + "SmallMultiplesOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SmallMultiplesOptions", + "markdownDescription": "The small multiples setup for the visual.", + "title": "SmallMultiplesOptions" }, - "SpaceStorageSettings": { - "$ref": "#/definitions/AWS::SageMaker::Domain.DefaultSpaceStorageSettings", - "markdownDescription": "The storage settings for a space.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", - "title": "SpaceStorageSettings" + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.BarChartSortConfiguration", + "markdownDescription": "The sort configuration of a `BarChartVisual` .", + "title": "SortConfiguration" }, - "StudioWebPortal": { - "markdownDescription": "Whether the user can access Studio. If this value is set to `DISABLED` , the user cannot access Studio, even if that is the default experience for the domain.", - "title": "StudioWebPortal", - "type": "string" + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + }, + "ValueAxis": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) for a bar chart value.", + "title": "ValueAxis" + }, + "ValueLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a bar chart value.", + "title": "ValueLabelOptions" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" } }, - "required": [ - "ExecutionRole" - ], "type": "object" }, - "AWS::SageMaker::Endpoint": { + "AWS::QuickSight::Template.BarChartFieldWells": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "BarChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.BarChartAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a bar chart.", + "title": "BarChartAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.BarChartSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of categories displayed in a bar chart.", + "title": "CategoryItemsLimit" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of category fields.", + "title": "CategorySort", + "type": "array" }, - "Metadata": { - "type": "object" + "ColorItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of values displayed in a bar chart.", + "title": "ColorItemsLimit" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DeploymentConfig": { - "$ref": "#/definitions/AWS::SageMaker::Endpoint.DeploymentConfig", - "markdownDescription": "The deployment configuration for an endpoint, which contains the desired deployment strategy and rollback configurations.", - "title": "DeploymentConfig" - }, - "EndpointConfigName": { - "markdownDescription": "The name of the [AWS::SageMaker::EndpointConfig](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sagemaker-endpointconfig.html) resource that specifies the configuration for the endpoint. For more information, see [CreateEndpointConfig](https://docs.aws.amazon.com/sagemaker/latest/dg/API_CreateEndpointConfig.html) .", - "title": "EndpointConfigName", - "type": "string" - }, - "EndpointName": { - "markdownDescription": "The name of the endpoint. The name must be unique within an AWS Region in your AWS account. The name is case-insensitive in `CreateEndpoint` , but the case is preserved and must be matched in [](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_runtime_InvokeEndpoint.html) .", - "title": "EndpointName", - "type": "string" - }, - "ExcludeRetainedVariantProperties": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::Endpoint.VariantProperty" - }, - "markdownDescription": "When you are updating endpoint resources with [RetainAllVariantProperties](https://docs.aws.amazon.com/sagemaker/latest/dg/API_UpdateEndpoint.html#SageMaker-UpdateEndpoint-request-RetainAllVariantProperties) whose value is set to `true` , `ExcludeRetainedVariantProperties` specifies the list of type [VariantProperty](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sagemaker-endpoint-variantproperty.html) to override with the values provided by `EndpointConfig` . If you don't specify a value for `ExcludeAllVariantProperties` , no variant properties are overridden. Don't use this property when creating new endpoint resources or when `RetainAllVariantProperties` is set to `false` .", - "title": "ExcludeRetainedVariantProperties", - "type": "array" - }, - "RetainAllVariantProperties": { - "markdownDescription": "When updating endpoint resources, enables or disables the retention of variant properties, such as the instance count or the variant weight. To retain the variant properties of an endpoint when updating it, set `RetainAllVariantProperties` to `true` . To use the variant properties specified in a new `EndpointConfig` call when updating an endpoint, set `RetainAllVariantProperties` to `false` . Use this property only when updating endpoint resources, not when creating new endpoint resources.", - "title": "RetainAllVariantProperties", - "type": "boolean" - }, - "RetainDeploymentConfig": { - "markdownDescription": "Specifies whether to reuse the last deployment configuration. The default value is false (the configuration is not reused).", - "title": "RetainDeploymentConfig", - "type": "boolean" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of key-value pairs to apply to this resource.\n\nFor more information, see [Resource Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) and [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html#allocation-what) in the *AWS Billing and Cost Management User Guide* .", - "title": "Tags", - "type": "array" - } + "ColorSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" }, - "required": [ - "EndpointConfigName" - ], - "type": "object" + "markdownDescription": "The sort configuration of color fields in a bar chart.", + "title": "ColorSort", + "type": "array" }, - "Type": { - "enum": [ - "AWS::SageMaker::Endpoint" - ], - "type": "string" + "SmallMultiplesLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of small multiples panels that are displayed.", + "title": "SmallMultiplesLimitConfiguration" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "SmallMultiplesSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the small multiples field.", + "title": "SmallMultiplesSort", + "type": "array" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::SageMaker::Endpoint.Alarm": { + "AWS::QuickSight::Template.BarChartVisual": { "additionalProperties": false, "properties": { - "AlarmName": { - "markdownDescription": "The name of a CloudWatch alarm in your account.", - "title": "AlarmName", + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.BarChartConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", "type": "string" } }, "required": [ - "AlarmName" + "VisualId" ], "type": "object" }, - "AWS::SageMaker::Endpoint.AutoRollbackConfig": { + "AWS::QuickSight::Template.BinCountOptions": { "additionalProperties": false, "properties": { - "Alarms": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::Endpoint.Alarm" - }, - "markdownDescription": "List of CloudWatch alarms in your account that are configured to monitor metrics on an endpoint. If any alarms are tripped during a deployment, SageMaker rolls back the deployment.", - "title": "Alarms", - "type": "array" + "Value": { + "markdownDescription": "The options that determine the bin count value.", + "title": "Value", + "type": "number" } }, - "required": [ - "Alarms" - ], "type": "object" }, - "AWS::SageMaker::Endpoint.BlueGreenUpdatePolicy": { + "AWS::QuickSight::Template.BinWidthOptions": { "additionalProperties": false, "properties": { - "MaximumExecutionTimeoutInSeconds": { - "markdownDescription": "Maximum execution timeout for the deployment. Note that the timeout value should be larger than the total waiting time specified in `TerminationWaitInSeconds` and `WaitIntervalInSeconds` .", - "title": "MaximumExecutionTimeoutInSeconds", + "BinCountLimit": { + "markdownDescription": "The options that determine the bin count limit.", + "title": "BinCountLimit", "type": "number" }, - "TerminationWaitInSeconds": { - "markdownDescription": "Additional waiting time in seconds after the completion of an endpoint deployment before terminating the old endpoint fleet. Default is 0.", - "title": "TerminationWaitInSeconds", + "Value": { + "markdownDescription": "The options that determine the bin width value.", + "title": "Value", "type": "number" - }, - "TrafficRoutingConfiguration": { - "$ref": "#/definitions/AWS::SageMaker::Endpoint.TrafficRoutingConfig", - "markdownDescription": "Defines the traffic routing strategy to shift traffic from the old fleet to the new fleet during an endpoint deployment.", - "title": "TrafficRoutingConfiguration" } }, - "required": [ - "TrafficRoutingConfiguration" - ], "type": "object" }, - "AWS::SageMaker::Endpoint.CapacitySize": { + "AWS::QuickSight::Template.BodySectionConfiguration": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "Specifies the endpoint capacity type.\n\n- `INSTANCE_COUNT` : The endpoint activates based on the number of instances.\n- `CAPACITY_PERCENT` : The endpoint activates based on the specified percentage of capacity.", - "title": "Type", + "Content": { + "$ref": "#/definitions/AWS::QuickSight::Template.BodySectionContent", + "markdownDescription": "The configuration of content in a body section.", + "title": "Content" + }, + "PageBreakConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.SectionPageBreakConfiguration", + "markdownDescription": "The configuration of a page break for a section.", + "title": "PageBreakConfiguration" + }, + "RepeatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.BodySectionRepeatConfiguration", + "markdownDescription": "Describes the configurations that are required to declare a section as repeating.", + "title": "RepeatConfiguration" + }, + "SectionId": { + "markdownDescription": "The unique identifier of a body section.", + "title": "SectionId", "type": "string" }, - "Value": { - "markdownDescription": "Defines the capacity size, either as a number of instances or a capacity percentage.", - "title": "Value", - "type": "number" + "Style": { + "$ref": "#/definitions/AWS::QuickSight::Template.SectionStyle", + "markdownDescription": "The style options of a body section.", + "title": "Style" } }, "required": [ - "Type", - "Value" + "Content", + "SectionId" ], "type": "object" }, - "AWS::SageMaker::Endpoint.DeploymentConfig": { + "AWS::QuickSight::Template.BodySectionContent": { "additionalProperties": false, "properties": { - "AutoRollbackConfiguration": { - "$ref": "#/definitions/AWS::SageMaker::Endpoint.AutoRollbackConfig", - "markdownDescription": "Automatic rollback configuration for handling endpoint deployment failures and recovery.", - "title": "AutoRollbackConfiguration" - }, - "BlueGreenUpdatePolicy": { - "$ref": "#/definitions/AWS::SageMaker::Endpoint.BlueGreenUpdatePolicy", - "markdownDescription": "Update policy for a blue/green deployment. If this update policy is specified, SageMaker creates a new fleet during the deployment while maintaining the old fleet. SageMaker flips traffic to the new fleet according to the specified traffic routing configuration. Only one update policy should be used in the deployment configuration. If no update policy is specified, SageMaker uses a blue/green deployment strategy with all at once traffic shifting by default.", - "title": "BlueGreenUpdatePolicy" - }, - "RollingUpdatePolicy": { - "$ref": "#/definitions/AWS::SageMaker::Endpoint.RollingUpdatePolicy", - "markdownDescription": "Specifies a rolling deployment strategy for updating a SageMaker endpoint.", - "title": "RollingUpdatePolicy" + "Layout": { + "$ref": "#/definitions/AWS::QuickSight::Template.SectionLayoutConfiguration", + "markdownDescription": "The layout configuration of a body section.", + "title": "Layout" } }, "type": "object" }, - "AWS::SageMaker::Endpoint.RollingUpdatePolicy": { + "AWS::QuickSight::Template.BodySectionDynamicCategoryDimensionConfiguration": { "additionalProperties": false, "properties": { - "MaximumBatchSize": { - "$ref": "#/definitions/AWS::SageMaker::Endpoint.CapacitySize", - "markdownDescription": "Batch size for each rolling step to provision capacity and turn on traffic on the new endpoint fleet, and terminate capacity on the old endpoint fleet. Value must be between 5% to 50% of the variant's total instance count.", - "title": "MaximumBatchSize" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "", + "title": "Column" }, - "MaximumExecutionTimeoutInSeconds": { - "markdownDescription": "The time limit for the total deployment. Exceeding this limit causes a timeout.", - "title": "MaximumExecutionTimeoutInSeconds", + "Limit": { + "markdownDescription": "Number of values to use from the column for repetition.", + "title": "Limit", "type": "number" }, - "RollbackMaximumBatchSize": { - "$ref": "#/definitions/AWS::SageMaker::Endpoint.CapacitySize", - "markdownDescription": "Batch size for rollback to the old endpoint fleet. Each rolling step to provision capacity and turn on traffic on the old endpoint fleet, and terminate capacity on the new endpoint fleet. If this field is absent, the default value will be set to 100% of total capacity which means to bring up the whole capacity of the old fleet at once during rollback.", - "title": "RollbackMaximumBatchSize" - }, - "WaitIntervalInSeconds": { - "markdownDescription": "The length of the baking period, during which SageMaker monitors alarms for each batch on the new fleet.", - "title": "WaitIntervalInSeconds", - "type": "number" + "SortByMetrics": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnSort" + }, + "markdownDescription": "Sort criteria on the column values that you use for repetition.", + "title": "SortByMetrics", + "type": "array" } }, "required": [ - "MaximumBatchSize", - "WaitIntervalInSeconds" + "Column" ], "type": "object" }, - "AWS::SageMaker::Endpoint.TrafficRoutingConfig": { + "AWS::QuickSight::Template.BodySectionDynamicNumericDimensionConfiguration": { "additionalProperties": false, "properties": { - "CanarySize": { - "$ref": "#/definitions/AWS::SageMaker::Endpoint.CapacitySize", - "markdownDescription": "Batch size for the first step to turn on traffic on the new endpoint fleet. `Value` must be less than or equal to 50% of the variant's total instance count.", - "title": "CanarySize" - }, - "LinearStepSize": { - "$ref": "#/definitions/AWS::SageMaker::Endpoint.CapacitySize", - "markdownDescription": "Batch size for each step to turn on traffic on the new endpoint fleet. `Value` must be 10-50% of the variant's total instance count.", - "title": "LinearStepSize" - }, - "Type": { - "markdownDescription": "Traffic routing strategy type.\n\n- `ALL_AT_ONCE` : Endpoint traffic shifts to the new fleet in a single step.\n- `CANARY` : Endpoint traffic shifts to the new fleet in two steps. The first step is the canary, which is a small portion of the traffic. The second step is the remainder of the traffic.\n- `LINEAR` : Endpoint traffic shifts to the new fleet in n steps of a configurable size.", - "title": "Type", - "type": "string" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "", + "title": "Column" }, - "WaitIntervalInSeconds": { - "markdownDescription": "The waiting time (in seconds) between incremental steps to turn on traffic on the new endpoint fleet.", - "title": "WaitIntervalInSeconds", + "Limit": { + "markdownDescription": "Number of values to use from the column for repetition.", + "title": "Limit", "type": "number" + }, + "SortByMetrics": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnSort" + }, + "markdownDescription": "Sort criteria on the column values that you use for repetition.", + "title": "SortByMetrics", + "type": "array" } }, "required": [ - "Type" + "Column" ], "type": "object" }, - "AWS::SageMaker::Endpoint.VariantProperty": { + "AWS::QuickSight::Template.BodySectionRepeatConfiguration": { "additionalProperties": false, "properties": { - "VariantPropertyType": { - "markdownDescription": "The type of variant property. The supported values are:\n\n- `DesiredInstanceCount` : Overrides the existing variant instance counts using the [InitialInstanceCount](https://docs.aws.amazon.com/sagemaker/latest/dg/API_ProductionVariant.html#SageMaker-Type-ProductionVariant-InitialInstanceCount) values in the [ProductionVariants](https://docs.aws.amazon.com/sagemaker/latest/dg/API_CreateEndpointConfig.html#SageMaker-CreateEndpointConfig-request-ProductionVariants) .\n- `DesiredWeight` : Overrides the existing variant weights using the [InitialVariantWeight](https://docs.aws.amazon.com/sagemaker/latest/dg/API_ProductionVariant.html#SageMaker-Type-ProductionVariant-InitialVariantWeight) values in the [ProductionVariants](https://docs.aws.amazon.com/sagemaker/latest/dg/API_CreateEndpointConfig.html#SageMaker-CreateEndpointConfig-request-ProductionVariants) .\n- `DataCaptureConfig` : (Not currently supported.)", - "title": "VariantPropertyType", - "type": "string" + "DimensionConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.BodySectionRepeatDimensionConfiguration" + }, + "markdownDescription": "List of `BodySectionRepeatDimensionConfiguration` values that describe the dataset column and constraints for the column used to repeat the contents of a section.", + "title": "DimensionConfigurations", + "type": "array" + }, + "NonRepeatingVisuals": { + "items": { + "type": "string" + }, + "markdownDescription": "List of visuals to exclude from repetition in repeating sections. The visuals will render identically, and ignore the repeating configurations in all repeating instances.", + "title": "NonRepeatingVisuals", + "type": "array" + }, + "PageBreakConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.BodySectionRepeatPageBreakConfiguration", + "markdownDescription": "Page break configuration to apply for each repeating instance.", + "title": "PageBreakConfiguration" } }, "type": "object" }, - "AWS::SageMaker::EndpointConfig": { + "AWS::QuickSight::Template.BodySectionRepeatDimensionConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AsyncInferenceConfig": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.AsyncInferenceConfig", - "markdownDescription": "Specifies configuration for how an endpoint performs asynchronous inference.", - "title": "AsyncInferenceConfig" - }, - "DataCaptureConfig": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.DataCaptureConfig", - "markdownDescription": "Specifies how to capture endpoint data for model monitor. The data capture configuration applies to all production variants hosted at the endpoint.", - "title": "DataCaptureConfig" - }, - "EnableNetworkIsolation": { - "type": "boolean" - }, - "EndpointConfigName": { - "markdownDescription": "The name of the endpoint configuration.", - "title": "EndpointConfigName", - "type": "string" - }, - "ExecutionRoleArn": { - "type": "string" - }, - "ExplainerConfig": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ExplainerConfig", - "markdownDescription": "A parameter to activate explainers.", - "title": "ExplainerConfig" - }, - "KmsKeyId": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Key Management Service key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance that hosts the endpoint.\n\n- Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key ARN: `arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n- Alias name: `alias/ExampleAlias`\n- Alias name ARN: `arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias`\n\nThe KMS key policy must grant permission to the IAM role that you specify in your `CreateEndpoint` , `UpdateEndpoint` requests. For more information, refer to the AWS Key Management Service section [Using Key Policies in AWS KMS](https://docs.aws.amazon.com//kms/latest/developerguide/key-policies.html)\n\n> Certain Nitro-based instances include local storage, dependent on the instance type. Local storage volumes are encrypted using a hardware module on the instance. You can't request a `KmsKeyId` when using an instance type with local storage. If any of the models that you specify in the `ProductionVariants` parameter use nitro-based instances with local storage, do not specify a value for the `KmsKeyId` parameter. If you specify a value for `KmsKeyId` when using any nitro-based instances with local storage, the call to `CreateEndpointConfig` fails.\n> \n> For a list of instance types that support local instance storage, see [Instance Store Volumes](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html#instance-store-volumes) .\n> \n> For more information about local instance storage encryption, see [SSD Instance Store Volumes](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ssd-instance-store.html) .", - "title": "KmsKeyId", - "type": "string" - }, - "ProductionVariants": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ProductionVariant" - }, - "markdownDescription": "A list of `ProductionVariant` objects, one for each model that you want to host at this endpoint.", - "title": "ProductionVariants", - "type": "array" - }, - "ShadowProductionVariants": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ProductionVariant" - }, - "markdownDescription": "Array of `ProductionVariant` objects. There is one for each model that you want to host at this endpoint in shadow mode with production traffic replicated from the model specified on `ProductionVariants` . If you use this field, you can only specify one variant for `ProductionVariants` and one variant for `ShadowProductionVariants` .", - "title": "ShadowProductionVariants", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of key-value pairs to apply to this resource.\n\nFor more information, see [Resource Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) and [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html#allocation-what) .", - "title": "Tags", - "type": "array" - }, - "VpcConfig": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.VpcConfig" - } - }, - "required": [ - "ProductionVariants" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::SageMaker::EndpointConfig" - ], - "type": "string" + "DynamicCategoryDimensionConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.BodySectionDynamicCategoryDimensionConfiguration", + "markdownDescription": "Describes the *Category* dataset column and constraints around the dynamic values that will be used in repeating the section contents.", + "title": "DynamicCategoryDimensionConfiguration" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "DynamicNumericDimensionConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.BodySectionDynamicNumericDimensionConfiguration", + "markdownDescription": "Describes the *Numeric* dataset column and constraints around the dynamic values used to repeat the contents of a section.", + "title": "DynamicNumericDimensionConfiguration" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::SageMaker::EndpointConfig.AsyncInferenceClientConfig": { + "AWS::QuickSight::Template.BodySectionRepeatPageBreakConfiguration": { "additionalProperties": false, "properties": { - "MaxConcurrentInvocationsPerInstance": { - "markdownDescription": "The maximum number of concurrent requests sent by the SageMaker client to the model container. If no value is provided, SageMaker will choose an optimal value for you.", - "title": "MaxConcurrentInvocationsPerInstance", - "type": "number" + "After": { + "$ref": "#/definitions/AWS::QuickSight::Template.SectionAfterPageBreak", + "markdownDescription": "", + "title": "After" } }, "type": "object" }, - "AWS::SageMaker::EndpointConfig.AsyncInferenceConfig": { + "AWS::QuickSight::Template.BoxPlotAggregatedFieldWells": { "additionalProperties": false, "properties": { - "ClientConfig": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.AsyncInferenceClientConfig", - "markdownDescription": "Configures the behavior of the client used by SageMaker to interact with the model container during asynchronous inference.", - "title": "ClientConfig" + "GroupBy": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The group by field well of a box plot chart. Values are grouped based on group by fields.", + "title": "GroupBy", + "type": "array" }, - "OutputConfig": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.AsyncInferenceOutputConfig", - "markdownDescription": "Specifies the configuration for asynchronous inference invocation outputs.", - "title": "OutputConfig" + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The value field well of a box plot chart. Values are aggregated based on group by fields.", + "title": "Values", + "type": "array" } }, - "required": [ - "OutputConfig" - ], "type": "object" }, - "AWS::SageMaker::EndpointConfig.AsyncInferenceNotificationConfig": { + "AWS::QuickSight::Template.BoxPlotChartConfiguration": { "additionalProperties": false, "properties": { - "ErrorTopic": { - "markdownDescription": "Amazon SNS topic to post a notification to when an inference fails. If no topic is provided, no notification is sent on failure.", - "title": "ErrorTopic", - "type": "string" + "BoxPlotOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotOptions", + "markdownDescription": "The box plot chart options for a box plot visual", + "title": "BoxPlotOptions" }, - "IncludeInferenceResponseIn": { + "CategoryAxis": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) of a box plot category.", + "title": "CategoryAxis" + }, + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort Icon visibility) of a box plot category.", + "title": "CategoryLabelOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "markdownDescription": "", + "title": "Legend" + }, + "PrimaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) of a box plot category.", + "title": "PrimaryYAxisDisplayOptions" + }, + "PrimaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort icon visibility) of a box plot value.", + "title": "PrimaryYAxisLabelOptions" + }, + "ReferenceLines": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLine" }, - "markdownDescription": "The Amazon SNS topics where you want the inference response to be included.\n\n> The inference response is included only if the response size is less than or equal to 128 KB.", - "title": "IncludeInferenceResponseIn", + "markdownDescription": "The reference line setup of the visual.", + "title": "ReferenceLines", "type": "array" }, - "SuccessTopic": { - "markdownDescription": "Amazon SNS topic to post a notification to when an inference completes successfully. If no topic is provided, no notification is sent on success.", - "title": "SuccessTopic", - "type": "string" + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotSortConfiguration", + "markdownDescription": "The sort configuration of a `BoxPlotVisual` .", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" } }, "type": "object" }, - "AWS::SageMaker::EndpointConfig.AsyncInferenceOutputConfig": { + "AWS::QuickSight::Template.BoxPlotFieldWells": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt the asynchronous inference output in Amazon S3.", - "title": "KmsKeyId", - "type": "string" - }, - "NotificationConfig": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.AsyncInferenceNotificationConfig", - "markdownDescription": "Specifies the configuration for notifications of inference results for asynchronous inference.", - "title": "NotificationConfig" + "BoxPlotAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a box plot.", + "title": "BoxPlotAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.BoxPlotOptions": { + "additionalProperties": false, + "properties": { + "AllDataPointsVisibility": { + "markdownDescription": "Determines the visibility of all data points of the box plot.", + "title": "AllDataPointsVisibility", + "type": "object" }, - "S3FailurePath": { - "markdownDescription": "The Amazon S3 location to upload failure inference responses to.", - "title": "S3FailurePath", - "type": "string" + "OutlierVisibility": { + "markdownDescription": "Determines the visibility of the outlier in a box plot.", + "title": "OutlierVisibility", + "type": "object" }, - "S3OutputPath": { - "markdownDescription": "The Amazon S3 location to upload inference responses to.", - "title": "S3OutputPath", - "type": "string" + "StyleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotStyleOptions", + "markdownDescription": "The style options of the box plot.", + "title": "StyleOptions" } }, "type": "object" }, - "AWS::SageMaker::EndpointConfig.CaptureContentTypeHeader": { + "AWS::QuickSight::Template.BoxPlotSortConfiguration": { "additionalProperties": false, "properties": { - "CsvContentTypes": { + "CategorySort": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" }, - "markdownDescription": "A list of the CSV content types of the data that the endpoint captures. For the endpoint to capture the data, you must also specify the content type when you invoke the endpoint.", - "title": "CsvContentTypes", + "markdownDescription": "The sort configuration of a group by fields.", + "title": "CategorySort", "type": "array" }, - "JsonContentTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the JSON content types of the data that the endpoint captures. For the endpoint to capture the data, you must also specify the content type when you invoke the endpoint.", - "title": "JsonContentTypes", - "type": "array" + "PaginationConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.PaginationConfiguration", + "markdownDescription": "The pagination configuration of a table visual or box plot.", + "title": "PaginationConfiguration" } }, "type": "object" }, - "AWS::SageMaker::EndpointConfig.CaptureOption": { + "AWS::QuickSight::Template.BoxPlotStyleOptions": { "additionalProperties": false, "properties": { - "CaptureMode": { - "markdownDescription": "Specifies whether the endpoint captures input data or output data.", - "title": "CaptureMode", + "FillStyle": { + "markdownDescription": "The fill styles (solid, transparent) of the box plot.", + "title": "FillStyle", "type": "string" } }, - "required": [ - "CaptureMode" - ], "type": "object" }, - "AWS::SageMaker::EndpointConfig.ClarifyExplainerConfig": { + "AWS::QuickSight::Template.BoxPlotVisual": { "additionalProperties": false, "properties": { - "EnableExplanations": { - "markdownDescription": "A JMESPath boolean expression used to filter which records to explain. Explanations are activated by default. See [`EnableExplanations`](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-online-explainability-create-endpoint.html#clarify-online-explainability-create-endpoint-enable) for additional information.", - "title": "EnableExplanations", - "type": "string" - }, - "InferenceConfig": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyInferenceConfig", - "markdownDescription": "The inference configuration parameter for the model container.", - "title": "InferenceConfig" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" }, - "ShapConfig": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyShapConfig", - "markdownDescription": "The configuration for SHAP analysis.", - "title": "ShapConfig" + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotChartConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", + "type": "string" } }, "required": [ - "ShapConfig" + "VisualId" ], "type": "object" }, - "AWS::SageMaker::EndpointConfig.ClarifyFeatureType": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::SageMaker::EndpointConfig.ClarifyHeader": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::SageMaker::EndpointConfig.ClarifyInferenceConfig": { + "AWS::QuickSight::Template.CalculatedField": { "additionalProperties": false, "properties": { - "ContentTemplate": { - "markdownDescription": "A template string used to format a JSON record into an acceptable model container input. For example, a `ContentTemplate` string `'{\"myfeatures\":$features}'` will format a list of features `[1,2,3]` into the record string `'{\"myfeatures\":[1,2,3]}'` . Required only when the model container input is in JSON Lines format.", - "title": "ContentTemplate", + "DataSetIdentifier": { + "markdownDescription": "The data set that is used in this calculated field.", + "title": "DataSetIdentifier", "type": "string" }, - "FeatureHeaders": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyHeader" - }, - "markdownDescription": "The names of the features. If provided, these are included in the endpoint response payload to help readability of the `InvokeEndpoint` output. See the [Response](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-online-explainability-invoke-endpoint.html#clarify-online-explainability-response) section under *Invoke the endpoint* in the Developer Guide for more information.", - "title": "FeatureHeaders", - "type": "array" - }, - "FeatureTypes": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyFeatureType" - }, - "markdownDescription": "A list of data types of the features (optional). Applicable only to NLP explainability. If provided, `FeatureTypes` must have at least one `'text'` string (for example, `['text']` ). If `FeatureTypes` is not provided, the explainer infers the feature types based on the baseline data. The feature types are included in the endpoint response payload. For additional information see the [response](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-online-explainability-invoke-endpoint.html#clarify-online-explainability-response) section under *Invoke the endpoint* in the Developer Guide for more information.", - "title": "FeatureTypes", - "type": "array" - }, - "FeaturesAttribute": { - "markdownDescription": "Provides the JMESPath expression to extract the features from a model container input in JSON Lines format. For example, if `FeaturesAttribute` is the JMESPath expression `'myfeatures'` , it extracts a list of features `[1,2,3]` from request data `'{\"myfeatures\":[1,2,3]}'` .", - "title": "FeaturesAttribute", + "Expression": { + "markdownDescription": "The expression of the calculated field.", + "title": "Expression", "type": "string" }, - "LabelAttribute": { - "markdownDescription": "A JMESPath expression used to locate the list of label headers in the model container output.\n\n*Example* : If the model container output of a batch request is `'{\"labels\":[\"cat\",\"dog\",\"fish\"],\"probability\":[0.6,0.3,0.1]}'` , then set `LabelAttribute` to `'labels'` to extract the list of label headers `[\"cat\",\"dog\",\"fish\"]`", - "title": "LabelAttribute", + "Name": { + "markdownDescription": "The name of the calculated field.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "DataSetIdentifier", + "Expression", + "Name" + ], + "type": "object" + }, + "AWS::QuickSight::Template.CalculatedMeasureField": { + "additionalProperties": false, + "properties": { + "Expression": { + "markdownDescription": "The expression in the table calculation.", + "title": "Expression", "type": "string" }, - "LabelHeaders": { + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" + } + }, + "required": [ + "Expression", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.CascadingControlConfiguration": { + "additionalProperties": false, + "properties": { + "SourceControls": { "items": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyHeader" + "$ref": "#/definitions/AWS::QuickSight::Template.CascadingControlSource" }, - "markdownDescription": "For multiclass classification problems, the label headers are the names of the classes. Otherwise, the label header is the name of the predicted label. These are used to help readability for the output of the `InvokeEndpoint` API. See the [response](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-online-explainability-invoke-endpoint.html#clarify-online-explainability-response) section under *Invoke the endpoint* in the Developer Guide for more information. If there are no label headers in the model container output, provide them manually using this parameter.", - "title": "LabelHeaders", + "markdownDescription": "A list of source controls that determine the values that are used in the current control.", + "title": "SourceControls", "type": "array" - }, - "LabelIndex": { - "markdownDescription": "A zero-based index used to extract a label header or list of label headers from model container output in CSV format.\n\n*Example for a multiclass model:* If the model container output consists of label headers followed by probabilities: `'\"[\\'cat\\',\\'dog\\',\\'fish\\']\",\"[0.1,0.6,0.3]\"'` , set `LabelIndex` to `0` to select the label headers `['cat','dog','fish']` .", - "title": "LabelIndex", - "type": "number" - }, - "MaxPayloadInMB": { - "markdownDescription": "The maximum payload size (MB) allowed of a request from the explainer to the model container. Defaults to `6` MB.", - "title": "MaxPayloadInMB", - "type": "number" - }, - "MaxRecordCount": { - "markdownDescription": "The maximum number of records in a request that the model container can process when querying the model container for the predictions of a [synthetic dataset](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-online-explainability-create-endpoint.html#clarify-online-explainability-create-endpoint-synthetic) . A record is a unit of input data that inference can be made on, for example, a single line in CSV data. If `MaxRecordCount` is `1` , the model container expects one record per request. A value of 2 or greater means that the model expects batch requests, which can reduce overhead and speed up the inferencing process. If this parameter is not provided, the explainer will tune the record count per request according to the model container's capacity at runtime.", - "title": "MaxRecordCount", - "type": "number" - }, - "ProbabilityAttribute": { - "markdownDescription": "A JMESPath expression used to extract the probability (or score) from the model container output if the model container is in JSON Lines format.\n\n*Example* : If the model container output of a single request is `'{\"predicted_label\":1,\"probability\":0.6}'` , then set `ProbabilityAttribute` to `'probability'` .", - "title": "ProbabilityAttribute", - "type": "string" - }, - "ProbabilityIndex": { - "markdownDescription": "A zero-based index used to extract a probability value (score) or list from model container output in CSV format. If this value is not provided, the entire model container output will be treated as a probability value (score) or list.\n\n*Example for a single class model:* If the model container output consists of a string-formatted prediction label followed by its probability: `'1,0.6'` , set `ProbabilityIndex` to `1` to select the probability value `0.6` .\n\n*Example for a multiclass model:* If the model container output consists of a string-formatted prediction label followed by its probability: `'\"[\\'cat\\',\\'dog\\',\\'fish\\']\",\"[0.1,0.6,0.3]\"'` , set `ProbabilityIndex` to `1` to select the probability values `[0.1,0.6,0.3]` .", - "title": "ProbabilityIndex", - "type": "number" } }, "type": "object" }, - "AWS::SageMaker::EndpointConfig.ClarifyShapBaselineConfig": { + "AWS::QuickSight::Template.CascadingControlSource": { "additionalProperties": false, "properties": { - "MimeType": { - "markdownDescription": "The MIME type of the baseline data. Choose from `'text/csv'` or `'application/jsonlines'` . Defaults to `'text/csv'` .", - "title": "MimeType", - "type": "string" - }, - "ShapBaseline": { - "markdownDescription": "The inline SHAP baseline data in string format. `ShapBaseline` can have one or multiple records to be used as the baseline dataset. The format of the SHAP baseline file should be the same format as the training dataset. For example, if the training dataset is in CSV format and each record contains four features, and all features are numerical, then the format of the baseline data should also share these characteristics. For natural language processing (NLP) of text columns, the baseline value should be the value used to replace the unit of text specified by the `Granularity` of the `TextConfig` parameter. The size limit for `ShapBasline` is 4 KB. Use the `ShapBaselineUri` parameter if you want to provide more than 4 KB of baseline data.", - "title": "ShapBaseline", - "type": "string" + "ColumnToMatch": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column identifier that determines which column to look up for the source sheet control.", + "title": "ColumnToMatch" }, - "ShapBaselineUri": { - "markdownDescription": "The uniform resource identifier (URI) of the S3 bucket where the SHAP baseline file is stored. The format of the SHAP baseline file should be the same format as the format of the training dataset. For example, if the training dataset is in CSV format, and each record in the training dataset has four features, and all features are numerical, then the baseline file should also have this same format. Each record should contain only the features. If you are using a virtual private cloud (VPC), the `ShapBaselineUri` should be accessible to the VPC. For more information about setting up endpoints with Amazon Virtual Private Cloud, see [Give SageMaker access to Resources in your Amazon Virtual Private Cloud](https://docs.aws.amazon.com/sagemaker/latest/dg/infrastructure-give-access.html) .", - "title": "ShapBaselineUri", + "SourceSheetControlId": { + "markdownDescription": "The source sheet control ID of a `CascadingControlSource` .", + "title": "SourceSheetControlId", "type": "string" } }, "type": "object" }, - "AWS::SageMaker::EndpointConfig.ClarifyShapConfig": { + "AWS::QuickSight::Template.CategoricalDimensionField": { "additionalProperties": false, "properties": { - "NumberOfSamples": { - "markdownDescription": "The number of samples to be used for analysis by the Kernal SHAP algorithm.\n\n> The number of samples determines the size of the synthetic dataset, which has an impact on latency of explainability requests. For more information, see the *Synthetic data* of [Configure and create an endpoint](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-online-explainability-create-endpoint.html) .", - "title": "NumberOfSamples", - "type": "number" - }, - "Seed": { - "markdownDescription": "The starting value used to initialize the random number generator in the explainer. Provide a value for this parameter to obtain a deterministic SHAP result.", - "title": "Seed", - "type": "number" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that is used in the `CategoricalDimensionField` .", + "title": "Column" }, - "ShapBaselineConfig": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyShapBaselineConfig", - "markdownDescription": "The configuration for the SHAP baseline of the Kernal SHAP algorithm.", - "title": "ShapBaselineConfig" + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" }, - "TextConfig": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyTextConfig", - "markdownDescription": "A parameter that indicates if text features are treated as text and explanations are provided for individual units of text. Required for natural language processing (NLP) explainability only.", - "title": "TextConfig" + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.StringFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" }, - "UseLogit": { - "markdownDescription": "A Boolean toggle to indicate if you want to use the logit function (true) or log-odds units (false) for model predictions. Defaults to false.", - "title": "UseLogit", - "type": "boolean" + "HierarchyId": { + "markdownDescription": "The custom hierarchy ID.", + "title": "HierarchyId", + "type": "string" } }, "required": [ - "ShapBaselineConfig" + "Column", + "FieldId" ], "type": "object" }, - "AWS::SageMaker::EndpointConfig.ClarifyTextConfig": { + "AWS::QuickSight::Template.CategoricalMeasureField": { "additionalProperties": false, "properties": { - "Granularity": { - "markdownDescription": "The unit of granularity for the analysis of text features. For example, if the unit is `'token'` , then each token (like a word in English) of the text is treated as a feature. SHAP values are computed for each unit/feature.", - "title": "Granularity", + "AggregationFunction": { + "markdownDescription": "The aggregation function of the measure field.", + "title": "AggregationFunction", "type": "string" }, - "Language": { - "markdownDescription": "Specifies the language of the text features in [ISO 639-1](https://docs.aws.amazon.com/ https://en.wikipedia.org/wiki/List_of_ISO_639-1_codes) or [ISO 639-3](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/ISO_639-3) code of a supported language.\n\n> For a mix of multiple languages, use code `'xx'` .", - "title": "Language", + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that is used in the `CategoricalMeasureField` .", + "title": "Column" + }, + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", "type": "string" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.StringFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" } }, "required": [ - "Granularity", - "Language" + "Column", + "FieldId" ], "type": "object" }, - "AWS::SageMaker::EndpointConfig.DataCaptureConfig": { + "AWS::QuickSight::Template.CategoryDrillDownFilter": { "additionalProperties": false, "properties": { - "CaptureContentTypeHeader": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.CaptureContentTypeHeader", - "markdownDescription": "A list of the JSON and CSV content type that the endpoint captures.", - "title": "CaptureContentTypeHeader" - }, - "CaptureOptions": { + "CategoryValues": { "items": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.CaptureOption" + "type": "string" }, - "markdownDescription": "Specifies whether the endpoint captures input data to your model, output data from your model, or both.", - "title": "CaptureOptions", + "markdownDescription": "A list of the string inputs that are the values of the category drill down filter.", + "title": "CategoryValues", "type": "array" }, - "DestinationS3Uri": { - "markdownDescription": "The S3 bucket where model monitor stores captured data.", - "title": "DestinationS3Uri", - "type": "string" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + } + }, + "required": [ + "CategoryValues", + "Column" + ], + "type": "object" + }, + "AWS::QuickSight::Template.CategoryFilter": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" }, - "EnableCapture": { - "markdownDescription": "Set to `True` to enable data capture.", - "title": "EnableCapture", - "type": "boolean" + "Configuration": { + "$ref": "#/definitions/AWS::QuickSight::Template.CategoryFilterConfiguration", + "markdownDescription": "The configuration for a `CategoryFilter` .", + "title": "Configuration" }, - "InitialSamplingPercentage": { - "markdownDescription": "The percentage of data to capture.", - "title": "InitialSamplingPercentage", - "type": "number" + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" }, - "KmsKeyId": { - "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt the captured data at rest using Amazon S3 server-side encryption. The KmsKeyId can be any of the following formats: Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab Key ARN: arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab Alias name: alias/ExampleAlias Alias name ARN: arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias If you don't provide a KMS key ID, Amazon SageMaker uses the default KMS key for Amazon S3 for your role's account. For more information, see KMS-Managed Encryption Keys (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingKMSEncryption.html) in the Amazon Simple Storage Service Developer Guide. The KMS key policy must grant permission to the IAM role that you specify in your CreateModel (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateModel.html) request. For more information, see Using Key Policies in AWS KMS (http://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html) in the AWS Key Management Service Developer Guide.", - "title": "KmsKeyId", + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", "type": "string" } }, "required": [ - "CaptureOptions", - "DestinationS3Uri", - "InitialSamplingPercentage" + "Column", + "Configuration", + "FilterId" ], "type": "object" }, - "AWS::SageMaker::EndpointConfig.ExplainerConfig": { + "AWS::QuickSight::Template.CategoryFilterConfiguration": { "additionalProperties": false, "properties": { - "ClarifyExplainerConfig": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyExplainerConfig", - "markdownDescription": "A member of `ExplainerConfig` that contains configuration parameters for the SageMaker Clarify explainer.", - "title": "ClarifyExplainerConfig" + "CustomFilterConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomFilterConfiguration", + "markdownDescription": "A custom filter that filters based on a single value. This filter can be partially matched.", + "title": "CustomFilterConfiguration" + }, + "CustomFilterListConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomFilterListConfiguration", + "markdownDescription": "A list of custom filter values. In the Amazon QuickSight console, this filter type is called a custom filter list.", + "title": "CustomFilterListConfiguration" + }, + "FilterListConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterListConfiguration", + "markdownDescription": "A list of filter configurations. In the Amazon QuickSight console, this filter type is called a filter list.", + "title": "FilterListConfiguration" } }, "type": "object" }, - "AWS::SageMaker::EndpointConfig.ManagedInstanceScaling": { + "AWS::QuickSight::Template.CategoryInnerFilter": { "additionalProperties": false, "properties": { - "MaxInstanceCount": { - "type": "number" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "", + "title": "Column" }, - "MinInstanceCount": { - "type": "number" + "Configuration": { + "$ref": "#/definitions/AWS::QuickSight::Template.CategoryFilterConfiguration", + "markdownDescription": "", + "title": "Configuration" }, - "Status": { - "type": "string" + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", + "markdownDescription": "", + "title": "DefaultFilterControlConfiguration" } }, + "required": [ + "Column", + "Configuration" + ], "type": "object" }, - "AWS::SageMaker::EndpointConfig.ProductionVariant": { + "AWS::QuickSight::Template.ChartAxisLabelOptions": { "additionalProperties": false, "properties": { - "AcceleratorType": { - "markdownDescription": "The size of the Elastic Inference (EI) instance to use for the production variant. EI instances provide on-demand GPU computing for inference. For more information, see [Using Elastic Inference in Amazon SageMaker](https://docs.aws.amazon.com/sagemaker/latest/dg/ei.html) . For more information, see [Using Elastic Inference in Amazon SageMaker](https://docs.aws.amazon.com/sagemaker/latest/dg/ei.html) .", - "title": "AcceleratorType", - "type": "string" - }, - "ContainerStartupHealthCheckTimeoutInSeconds": { - "markdownDescription": "The timeout value, in seconds, for your inference container to pass health check by SageMaker Hosting. For more information about health check, see [How Your Container Should Respond to Health Check (Ping) Requests](https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms-inference-code.html#your-algorithms-inference-algo-ping-requests) .", - "title": "ContainerStartupHealthCheckTimeoutInSeconds", - "type": "number" - }, - "EnableSSMAccess": { - "markdownDescription": "You can use this parameter to turn on native AWS Systems Manager (SSM) access for a production variant behind an endpoint. By default, SSM access is disabled for all production variants behind an endpoint. You can turn on or turn off SSM access for a production variant behind an existing endpoint by creating a new endpoint configuration and calling `UpdateEndpoint` .", - "title": "EnableSSMAccess", - "type": "boolean" - }, - "InitialInstanceCount": { - "markdownDescription": "Number of instances to launch initially.", - "title": "InitialInstanceCount", - "type": "number" - }, - "InitialVariantWeight": { - "markdownDescription": "Determines initial traffic distribution among all of the models that you specify in the endpoint configuration. The traffic to a production variant is determined by the ratio of the `VariantWeight` to the sum of all `VariantWeight` values across all ProductionVariants. If unspecified, it defaults to 1.0.", - "title": "InitialVariantWeight", - "type": "number" - }, - "InstanceType": { - "markdownDescription": "The ML compute instance type.", - "title": "InstanceType", - "type": "string" - }, - "ManagedInstanceScaling": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ManagedInstanceScaling" - }, - "ModelDataDownloadTimeoutInSeconds": { - "markdownDescription": "The timeout value, in seconds, to download and extract the model that you want to host from Amazon S3 to the individual inference instance associated with this production variant.", - "title": "ModelDataDownloadTimeoutInSeconds", - "type": "number" - }, - "ModelName": { - "markdownDescription": "The name of the model that you want to host. This is the name that you specified when creating the model.", - "title": "ModelName", - "type": "string" - }, - "RoutingConfig": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.RoutingConfig" - }, - "ServerlessConfig": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ServerlessConfig", - "markdownDescription": "The serverless configuration for an endpoint. Specifies a serverless endpoint configuration instead of an instance-based endpoint configuration.", - "title": "ServerlessConfig" + "AxisLabelOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisLabelOptions" + }, + "markdownDescription": "The label options for a chart axis.", + "title": "AxisLabelOptions", + "type": "array" }, - "VariantName": { - "markdownDescription": "The name of the production variant.", - "title": "VariantName", - "type": "string" + "SortIconVisibility": { + "markdownDescription": "The visibility configuration of the sort icon on a chart's axis label.", + "title": "SortIconVisibility", + "type": "object" }, - "VolumeSizeInGB": { - "markdownDescription": "The size, in GB, of the ML storage volume attached to individual inference instance associated with the production variant. Currently only Amazon EBS gp2 storage volumes are supported.", - "title": "VolumeSizeInGB", - "type": "number" + "Visibility": { + "markdownDescription": "The visibility of an axis label on a chart. Choose one of the following options:\n\n- `VISIBLE` : Shows the axis.\n- `HIDDEN` : Hides the axis.", + "title": "Visibility", + "type": "object" } }, - "required": [ - "VariantName" - ], "type": "object" }, - "AWS::SageMaker::EndpointConfig.RoutingConfig": { + "AWS::QuickSight::Template.ClusterMarker": { "additionalProperties": false, "properties": { - "RoutingStrategy": { - "type": "string" + "SimpleClusterMarker": { + "$ref": "#/definitions/AWS::QuickSight::Template.SimpleClusterMarker", + "markdownDescription": "The simple cluster marker of the cluster marker.", + "title": "SimpleClusterMarker" } }, "type": "object" }, - "AWS::SageMaker::EndpointConfig.ServerlessConfig": { + "AWS::QuickSight::Template.ClusterMarkerConfiguration": { "additionalProperties": false, "properties": { - "MaxConcurrency": { - "markdownDescription": "The maximum number of concurrent invocations your serverless endpoint can process.", - "title": "MaxConcurrency", - "type": "number" + "ClusterMarker": { + "$ref": "#/definitions/AWS::QuickSight::Template.ClusterMarker", + "markdownDescription": "The cluster marker that is a part of the cluster marker configuration.", + "title": "ClusterMarker" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ColorScale": { + "additionalProperties": false, + "properties": { + "ColorFillType": { + "markdownDescription": "Determines the color fill type.", + "title": "ColorFillType", + "type": "string" }, - "MemorySizeInMB": { - "markdownDescription": "The memory size of your serverless endpoint. Valid values are in 1 GB increments: 1024 MB, 2048 MB, 3072 MB, 4096 MB, 5120 MB, or 6144 MB.", - "title": "MemorySizeInMB", - "type": "number" + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataColor" + }, + "markdownDescription": "Determines the list of colors that are applied to the visual.", + "title": "Colors", + "type": "array" }, - "ProvisionedConcurrency": { - "markdownDescription": "The amount of provisioned concurrency to allocate for the serverless endpoint. Should be less than or equal to `MaxConcurrency` .\n\n> This field is not supported for serverless endpoint recommendations for Inference Recommender jobs. For more information about creating an Inference Recommender job, see [CreateInferenceRecommendationsJobs](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateInferenceRecommendationsJob.html) .", - "title": "ProvisionedConcurrency", - "type": "number" + "NullValueColor": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataColor", + "markdownDescription": "Determines the color that is applied to null values.", + "title": "NullValueColor" } }, "required": [ - "MaxConcurrency", - "MemorySizeInMB" + "ColorFillType", + "Colors" ], "type": "object" }, - "AWS::SageMaker::EndpointConfig.VpcConfig": { + "AWS::QuickSight::Template.ColorsConfiguration": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { + "CustomColors": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Template.CustomColor" }, + "markdownDescription": "A list of up to 50 custom colors.", + "title": "CustomColors", "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ColumnConfiguration": { + "additionalProperties": false, + "properties": { + "ColorsConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColorsConfiguration", + "markdownDescription": "The color configurations of the column.", + "title": "ColorsConfiguration" }, - "Subnets": { - "items": { - "type": "string" - }, - "type": "array" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column.", + "title": "Column" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FormatConfiguration", + "markdownDescription": "The format configuration of a column.", + "title": "FormatConfiguration" + }, + "Role": { + "markdownDescription": "The role of the column.", + "title": "Role", + "type": "string" } }, "required": [ - "SecurityGroupIds", - "Subnets" + "Column" ], "type": "object" }, - "AWS::SageMaker::FeatureGroup": { + "AWS::QuickSight::Template.ColumnGroupColumnSchema": { "additionalProperties": false, "properties": { - "Condition": { + "Name": { + "markdownDescription": "The name of the column group's column schema.", + "title": "Name", "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ColumnGroupSchema": { + "additionalProperties": false, + "properties": { + "ColumnGroupColumnSchemaList": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnGroupColumnSchema" + }, + "markdownDescription": "A structure containing the list of schemas for column group columns.", + "title": "ColumnGroupColumnSchemaList", + "type": "array" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "The name of the column group schema.", + "title": "Name", "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ColumnHierarchy": { + "additionalProperties": false, + "properties": { + "DateTimeHierarchy": { + "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeHierarchy", + "markdownDescription": "The option that determines the hierarchy of any `DateTime` fields.", + "title": "DateTimeHierarchy" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A free form description of a `FeatureGroup` .", - "title": "Description", - "type": "string" - }, - "EventTimeFeatureName": { - "markdownDescription": "The name of the feature that stores the `EventTime` of a Record in a `FeatureGroup` .\n\nA `EventTime` is point in time when a new event occurs that corresponds to the creation or update of a `Record` in `FeatureGroup` . All `Records` in the `FeatureGroup` must have a corresponding `EventTime` .", - "title": "EventTimeFeatureName", - "type": "string" - }, - "FeatureDefinitions": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.FeatureDefinition" - }, - "markdownDescription": "A list of `Feature` s. Each `Feature` must include a `FeatureName` and a `FeatureType` .\n\nValid `FeatureType` s are `Integral` , `Fractional` and `String` .\n\n`FeatureName` s cannot be any of the following: `is_deleted` , `write_time` , `api_invocation_time` .\n\nYou can create up to 2,500 `FeatureDefinition` s per `FeatureGroup` .", - "title": "FeatureDefinitions", - "type": "array" - }, - "FeatureGroupName": { - "markdownDescription": "The name of the `FeatureGroup` .", - "title": "FeatureGroupName", - "type": "string" - }, - "OfflineStoreConfig": { - "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.OfflineStoreConfig", - "markdownDescription": "The configuration of an `OfflineStore` .", - "title": "OfflineStoreConfig" - }, - "OnlineStoreConfig": { - "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.OnlineStoreConfig", - "markdownDescription": "The configuration of an `OnlineStore` .", - "title": "OnlineStoreConfig" - }, - "RecordIdentifierFeatureName": { - "markdownDescription": "The name of the `Feature` whose value uniquely identifies a `Record` defined in the `FeatureGroup` `FeatureDefinitions` .", - "title": "RecordIdentifierFeatureName", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM execution role used to create the feature group.", - "title": "RoleArn", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Tags used to define a `FeatureGroup` .", - "title": "Tags", - "type": "array" - }, - "ThroughputConfig": { - "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.ThroughputConfig", - "markdownDescription": "Used to set feature group throughput configuration. There are two modes: `ON_DEMAND` and `PROVISIONED` . With on-demand mode, you are charged for data reads and writes that your application performs on your feature group. You do not need to specify read and write throughput because Feature Store accommodates your workloads as they ramp up and down. You can switch a feature group to on-demand only once in a 24 hour period. With provisioned throughput mode, you specify the read and write capacity per second that you expect your application to require, and you are billed based on those limits. Exceeding provisioned throughput will result in your requests being throttled.\n\nNote: `PROVISIONED` throughput mode is supported only for feature groups that are offline-only, or use the [`Standard`](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_OnlineStoreConfig.html#sagemaker-Type-OnlineStoreConfig-StorageType) tier online store.", - "title": "ThroughputConfig" - } - }, - "required": [ - "EventTimeFeatureName", - "FeatureDefinitions", - "FeatureGroupName", - "RecordIdentifierFeatureName" - ], - "type": "object" + "ExplicitHierarchy": { + "$ref": "#/definitions/AWS::QuickSight::Template.ExplicitHierarchy", + "markdownDescription": "The option that determines the hierarchy of the fields that are built within a visual's field wells. These fields can't be duplicated to other visuals.", + "title": "ExplicitHierarchy" }, - "Type": { - "enum": [ - "AWS::SageMaker::FeatureGroup" - ], + "PredefinedHierarchy": { + "$ref": "#/definitions/AWS::QuickSight::Template.PredefinedHierarchy", + "markdownDescription": "The option that determines the hierarchy of the fields that are defined during data preparation. These fields are available to use in any analysis that uses the data source.", + "title": "PredefinedHierarchy" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ColumnIdentifier": { + "additionalProperties": false, + "properties": { + "ColumnName": { + "markdownDescription": "The name of the column.", + "title": "ColumnName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DataSetIdentifier": { + "markdownDescription": "The data set that the column belongs to.", + "title": "DataSetIdentifier", "type": "string" } }, "required": [ - "Type", - "Properties" + "ColumnName", + "DataSetIdentifier" ], "type": "object" }, - "AWS::SageMaker::FeatureGroup.DataCatalogConfig": { + "AWS::QuickSight::Template.ColumnSchema": { "additionalProperties": false, "properties": { - "Catalog": { - "markdownDescription": "The name of the Glue table catalog.", - "title": "Catalog", + "DataType": { + "markdownDescription": "The data type of the column schema.", + "title": "DataType", "type": "string" }, - "Database": { - "markdownDescription": "The name of the Glue table database.", - "title": "Database", + "GeographicRole": { + "markdownDescription": "The geographic role of the column schema.", + "title": "GeographicRole", "type": "string" }, - "TableName": { - "markdownDescription": "The name of the Glue table.", - "title": "TableName", + "Name": { + "markdownDescription": "The name of the column schema.", + "title": "Name", "type": "string" } }, - "required": [ - "Catalog", - "Database", - "TableName" - ], "type": "object" }, - "AWS::SageMaker::FeatureGroup.FeatureDefinition": { + "AWS::QuickSight::Template.ColumnSort": { "additionalProperties": false, "properties": { - "FeatureName": { - "markdownDescription": "The name of a feature. The type must be a string. `FeatureName` cannot be any of the following: `is_deleted` , `write_time` , `api_invocation_time` .\n\nThe name:\n\n- Must start with an alphanumeric character.\n- Can only include alphanumeric characters, underscores, and hyphens. Spaces are not allowed.", - "title": "FeatureName", - "type": "string" + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Template.AggregationFunction", + "markdownDescription": "The aggregation function that is defined in the column sort.", + "title": "AggregationFunction" }, - "FeatureType": { - "markdownDescription": "The value type of a feature. Valid values are Integral, Fractional, or String.", - "title": "FeatureType", + "Direction": { + "markdownDescription": "The sort direction.", + "title": "Direction", "type": "string" + }, + "SortBy": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "", + "title": "SortBy" } }, "required": [ - "FeatureName", - "FeatureType" + "Direction", + "SortBy" ], "type": "object" }, - "AWS::SageMaker::FeatureGroup.OfflineStoreConfig": { + "AWS::QuickSight::Template.ColumnTooltipItem": { "additionalProperties": false, "properties": { - "DataCatalogConfig": { - "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.DataCatalogConfig", - "markdownDescription": "The meta data of the Glue table that is autogenerated when an `OfflineStore` is created.", - "title": "DataCatalogConfig" + "Aggregation": { + "$ref": "#/definitions/AWS::QuickSight::Template.AggregationFunction", + "markdownDescription": "The aggregation function of the column tooltip item.", + "title": "Aggregation" }, - "DisableGlueTableCreation": { - "markdownDescription": "Set to `True` to disable the automatic creation of an AWS Glue table when configuring an `OfflineStore` . If set to `False` , Feature Store will name the `OfflineStore` Glue table following [Athena's naming recommendations](https://docs.aws.amazon.com/athena/latest/ug/tables-databases-columns-names.html) .\n\nThe default value is `False` .", - "title": "DisableGlueTableCreation", - "type": "boolean" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The target column of the tooltip item.", + "title": "Column" }, - "S3StorageConfig": { - "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.S3StorageConfig", - "markdownDescription": "The Amazon Simple Storage (Amazon S3) location of `OfflineStore` .", - "title": "S3StorageConfig" + "Label": { + "markdownDescription": "The label of the tooltip item.", + "title": "Label", + "type": "string" }, - "TableFormat": { - "markdownDescription": "Format for the offline store table. Supported formats are Glue (Default) and [Apache Iceberg](https://docs.aws.amazon.com/https://iceberg.apache.org/) .", - "title": "TableFormat", + "TooltipTarget": { + "markdownDescription": "Determines the target of the column tooltip item in a combo chart visual.", + "title": "TooltipTarget", "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the tooltip item.", + "title": "Visibility", + "type": "object" } }, "required": [ - "S3StorageConfig" + "Column" ], "type": "object" }, - "AWS::SageMaker::FeatureGroup.OnlineStoreConfig": { + "AWS::QuickSight::Template.ComboChartAggregatedFieldWells": { "additionalProperties": false, "properties": { - "EnableOnlineStore": { - "markdownDescription": "Turn `OnlineStore` off by specifying `False` for the `EnableOnlineStore` flag. Turn `OnlineStore` on by specifying `True` for the `EnableOnlineStore` flag.\n\nThe default value is `False` .", - "title": "EnableOnlineStore", - "type": "boolean" + "BarValues": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The aggregated `BarValues` field well of a combo chart.", + "title": "BarValues", + "type": "array" }, - "SecurityConfig": { - "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.OnlineStoreSecurityConfig", - "markdownDescription": "Use to specify KMS Key ID ( `KMSKeyId` ) for at-rest encryption of your `OnlineStore` .", - "title": "SecurityConfig" + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The aggregated category field wells of a combo chart.", + "title": "Category", + "type": "array" }, - "StorageType": { - "markdownDescription": "Option for different tiers of low latency storage for real-time data retrieval.\n\n- `Standard` : A managed low latency data store for feature groups.\n- `InMemory` : A managed data store for feature groups that supports very low latency retrieval.", - "title": "StorageType", - "type": "string" + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The aggregated colors field well of a combo chart.", + "title": "Colors", + "type": "array" }, - "TtlDuration": { - "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.TtlDuration", - "markdownDescription": "Time to live duration, where the record is hard deleted after the expiration time is reached; `ExpiresAt` = `EventTime` + `TtlDuration` . For information on HardDelete, see the [DeleteRecord](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_feature_store_DeleteRecord.html) API in the Amazon SageMaker API Reference guide.", - "title": "TtlDuration" + "LineValues": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The aggregated `LineValues` field well of a combo chart.", + "title": "LineValues", + "type": "array" } }, "type": "object" }, - "AWS::SageMaker::FeatureGroup.OnlineStoreSecurityConfig": { + "AWS::QuickSight::Template.ComboChartConfiguration": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "The AWS Key Management Service (KMS) key ARN that SageMaker Feature Store uses to encrypt the Amazon S3 objects at rest using Amazon S3 server-side encryption.\n\nThe caller (either user or IAM role) of `CreateFeatureGroup` must have below permissions to the `OnlineStore` `KmsKeyId` :\n\n- `\"kms:Encrypt\"`\n- `\"kms:Decrypt\"`\n- `\"kms:DescribeKey\"`\n- `\"kms:CreateGrant\"`\n- `\"kms:RetireGrant\"`\n- `\"kms:ReEncryptFrom\"`\n- `\"kms:ReEncryptTo\"`\n- `\"kms:GenerateDataKey\"`\n- `\"kms:ListAliases\"`\n- `\"kms:ListGrants\"`\n- `\"kms:RevokeGrant\"`\n\nThe caller (either user or IAM role) to all DataPlane operations ( `PutRecord` , `GetRecord` , `DeleteRecord` ) must have the following permissions to the `KmsKeyId` :\n\n- `\"kms:Decrypt\"`", - "title": "KmsKeyId", + "BarDataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.\n\nThe data label options for a bar in a combo chart.", + "title": "BarDataLabels" + }, + "BarsArrangement": { + "markdownDescription": "Determines the bar arrangement in a combo chart. The following are valid values in this structure:\n\n- `CLUSTERED` : For clustered bar combo charts.\n- `STACKED` : For stacked bar combo charts.\n- `STACKED_PERCENT` : Do not use. If you use this value, the operation returns a validation error.", + "title": "BarsArrangement", "type": "string" + }, + "CategoryAxis": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The category axis of a combo chart.", + "title": "CategoryAxis" + }, + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart category (group/color) field well.", + "title": "CategoryLabelOptions" + }, + "ColorLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's color field well.", + "title": "ColorLabelOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.ComboChartFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "LineDataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.\n\nThe data label options for a line in a combo chart.", + "title": "LineDataLabels" + }, + "PrimaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, and axis step) of a combo chart's primary y-axis (bar) field well.", + "title": "PrimaryYAxisDisplayOptions" + }, + "PrimaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's primary y-axis (bar) field well.", + "title": "PrimaryYAxisLabelOptions" + }, + "ReferenceLines": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLine" + }, + "markdownDescription": "The reference line setup of the visual.", + "title": "ReferenceLines", + "type": "array" + }, + "SecondaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) of a combo chart's secondary y-axis (line) field well.", + "title": "SecondaryYAxisDisplayOptions" + }, + "SecondaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's secondary y-axis(line) field well.", + "title": "SecondaryYAxisLabelOptions" + }, + "SingleAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SingleAxisOptions", + "markdownDescription": "", + "title": "SingleAxisOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ComboChartSortConfiguration", + "markdownDescription": "The sort configuration of a `ComboChartVisual` .", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Tooltip" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" } }, "type": "object" }, - "AWS::SageMaker::FeatureGroup.S3StorageConfig": { + "AWS::QuickSight::Template.ComboChartFieldWells": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "The AWS Key Management Service (KMS) key ARN of the key used to encrypt any objects written into the `OfflineStore` S3 location.\n\nThe IAM `roleARN` that is passed as a parameter to `CreateFeatureGroup` must have below permissions to the `KmsKeyId` :\n\n- `\"kms:GenerateDataKey\"`", - "title": "KmsKeyId", - "type": "string" + "ComboChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.ComboChartAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a combo chart. Combo charts only have aggregated field wells. Columns in a combo chart are aggregated by category.", + "title": "ComboChartAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ComboChartSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The item limit configuration for the category field well of a combo chart.", + "title": "CategoryItemsLimit" }, - "S3Uri": { - "markdownDescription": "The S3 URI, or location in Amazon S3, of `OfflineStore` .\n\nS3 URIs have a format similar to the following: `s3://example-bucket/prefix/` .", - "title": "S3Uri", - "type": "string" + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the category field well in a combo chart.", + "title": "CategorySort", + "type": "array" + }, + "ColorItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The item limit configuration of the color field well in a combo chart.", + "title": "ColorItemsLimit" + }, + "ColorSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the color field well in a combo chart.", + "title": "ColorSort", + "type": "array" } }, - "required": [ - "S3Uri" - ], "type": "object" }, - "AWS::SageMaker::FeatureGroup.ThroughputConfig": { + "AWS::QuickSight::Template.ComboChartVisual": { "additionalProperties": false, "properties": { - "ProvisionedReadCapacityUnits": { - "markdownDescription": "For provisioned feature groups with online store enabled, this indicates the read throughput you are billed for and can consume without throttling.\n\nThis field is not applicable for on-demand feature groups.", - "title": "ProvisionedReadCapacityUnits", - "type": "number" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" }, - "ProvisionedWriteCapacityUnits": { - "markdownDescription": "For provisioned feature groups, this indicates the write throughput you are billed for and can consume without throttling.\n\nThis field is not applicable for on-demand feature groups.", - "title": "ProvisionedWriteCapacityUnits", - "type": "number" + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ComboChartConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" }, - "ThroughputMode": { - "markdownDescription": "The mode used for your feature group throughput: `ON_DEMAND` or `PROVISIONED` .", - "title": "ThroughputMode", + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", "type": "string" } }, "required": [ - "ThroughputMode" + "VisualId" ], "type": "object" }, - "AWS::SageMaker::FeatureGroup.TtlDuration": { + "AWS::QuickSight::Template.ComparisonConfiguration": { "additionalProperties": false, "properties": { - "Unit": { - "markdownDescription": "`TtlDuration` time unit.", - "title": "Unit", - "type": "string" + "ComparisonFormat": { + "$ref": "#/definitions/AWS::QuickSight::Template.ComparisonFormatConfiguration", + "markdownDescription": "The format of the comparison.", + "title": "ComparisonFormat" }, - "Value": { - "markdownDescription": "`TtlDuration` time value.", - "title": "Value", - "type": "number" + "ComparisonMethod": { + "markdownDescription": "The method of the comparison. Choose from the following options:\n\n- `DIFFERENCE`\n- `PERCENT_DIFFERENCE`\n- `PERCENT`", + "title": "ComparisonMethod", + "type": "string" } }, "type": "object" }, - "AWS::SageMaker::Image": { + "AWS::QuickSight::Template.ComparisonFormatConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "NumberDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumberDisplayFormatConfiguration", + "markdownDescription": "The number display format.", + "title": "NumberDisplayFormatConfiguration" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ImageDescription": { - "markdownDescription": "The description of the image.", - "title": "ImageDescription", - "type": "string" - }, - "ImageDisplayName": { - "markdownDescription": "The display name of the image.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 128.\n\n*Pattern* : `^\\S(.*\\S)?$`", - "title": "ImageDisplayName", - "type": "string" - }, - "ImageName": { - "markdownDescription": "The name of the Image. Must be unique by region in your account.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 63.\n\n*Pattern* : `^[a-zA-Z0-9]([-.]?[a-zA-Z0-9]){0,62}$`", - "title": "ImageName", - "type": "string" - }, - "ImageRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role that enables Amazon SageMaker to perform tasks on your behalf.\n\n*Length Constraints* : Minimum length of 20. Maximum length of 2048.\n\n*Pattern* : `^arn:aws[a-z\\-]*:iam::\\d{12}:role/?[a-zA-Z_0-9+=,.@\\-_/]+$`", - "title": "ImageRoleArn", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of key-value pairs to apply to this resource.\n\n*Array Members* : Minimum number of 0 items. Maximum number of 50 items.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "ImageName", - "ImageRoleArn" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::SageMaker::Image" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "PercentageDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.PercentageDisplayFormatConfiguration", + "markdownDescription": "The percentage display format.", + "title": "PercentageDisplayFormatConfiguration" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::SageMaker::ImageVersion": { + "AWS::QuickSight::Template.Computation": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Forecast": { + "$ref": "#/definitions/AWS::QuickSight::Template.ForecastComputation", + "markdownDescription": "The forecast computation configuration.", + "title": "Forecast" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "GrowthRate": { + "$ref": "#/definitions/AWS::QuickSight::Template.GrowthRateComputation", + "markdownDescription": "The growth rate computation configuration.", + "title": "GrowthRate" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "MaximumMinimum": { + "$ref": "#/definitions/AWS::QuickSight::Template.MaximumMinimumComputation", + "markdownDescription": "The maximum and minimum computation configuration.", + "title": "MaximumMinimum" }, - "Metadata": { - "type": "object" + "MetricComparison": { + "$ref": "#/definitions/AWS::QuickSight::Template.MetricComparisonComputation", + "markdownDescription": "The metric comparison computation configuration.", + "title": "MetricComparison" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Alias": { - "markdownDescription": "", - "title": "Alias", - "type": "string" - }, - "Aliases": { - "items": { - "type": "string" - }, - "markdownDescription": "", - "title": "Aliases", - "type": "array" - }, - "BaseImage": { - "markdownDescription": "The container image that the SageMaker image version is based on.", - "title": "BaseImage", - "type": "string" - }, - "Horovod": { - "markdownDescription": "", - "title": "Horovod", - "type": "boolean" - }, - "ImageName": { - "markdownDescription": "The name of the parent image.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 63.\n\n*Pattern* : `^[a-zA-Z0-9]([-.]?[a-zA-Z0-9]){0,62}$`", - "title": "ImageName", - "type": "string" - }, - "JobType": { - "markdownDescription": "", - "title": "JobType", - "type": "string" - }, - "MLFramework": { - "markdownDescription": "", - "title": "MLFramework", - "type": "string" - }, - "Processor": { - "markdownDescription": "", - "title": "Processor", - "type": "string" - }, - "ProgrammingLang": { - "markdownDescription": "", - "title": "ProgrammingLang", - "type": "string" - }, - "ReleaseNotes": { - "markdownDescription": "", - "title": "ReleaseNotes", - "type": "string" - }, - "VendorGuidance": { - "markdownDescription": "", - "title": "VendorGuidance", - "type": "string" - } - }, - "required": [ - "BaseImage", - "ImageName" - ], - "type": "object" + "PeriodOverPeriod": { + "$ref": "#/definitions/AWS::QuickSight::Template.PeriodOverPeriodComputation", + "markdownDescription": "The period over period computation configuration.", + "title": "PeriodOverPeriod" }, - "Type": { - "enum": [ - "AWS::SageMaker::ImageVersion" - ], - "type": "string" + "PeriodToDate": { + "$ref": "#/definitions/AWS::QuickSight::Template.PeriodToDateComputation", + "markdownDescription": "The period to `DataSetIdentifier` computation configuration.", + "title": "PeriodToDate" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "TopBottomMovers": { + "$ref": "#/definitions/AWS::QuickSight::Template.TopBottomMoversComputation", + "markdownDescription": "The top movers and bottom movers computation configuration.", + "title": "TopBottomMovers" + }, + "TopBottomRanked": { + "$ref": "#/definitions/AWS::QuickSight::Template.TopBottomRankedComputation", + "markdownDescription": "The top ranked and bottom ranked computation configuration.", + "title": "TopBottomRanked" + }, + "TotalAggregation": { + "$ref": "#/definitions/AWS::QuickSight::Template.TotalAggregationComputation", + "markdownDescription": "The total aggregation computation configuration.", + "title": "TotalAggregation" + }, + "UniqueValues": { + "$ref": "#/definitions/AWS::QuickSight::Template.UniqueValuesComputation", + "markdownDescription": "The unique values computation configuration.", + "title": "UniqueValues" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::SageMaker::InferenceComponent": { + "AWS::QuickSight::Template.ConditionalFormattingColor": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Gradient": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingGradientColor", + "markdownDescription": "Formatting configuration for gradient color.", + "title": "Gradient" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Solid": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingSolidColor", + "markdownDescription": "Formatting configuration for solid color.", + "title": "Solid" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ConditionalFormattingCustomIconCondition": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "Determines the color of the icon.", + "title": "Color", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "EndpointArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the endpoint that hosts the inference component.", - "title": "EndpointArn", - "type": "string" - }, - "EndpointName": { - "markdownDescription": "The name of the endpoint that hosts the inference component.", - "title": "EndpointName", - "type": "string" - }, - "InferenceComponentName": { - "markdownDescription": "The name of the inference component.", - "title": "InferenceComponentName", - "type": "string" - }, - "RuntimeConfig": { - "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.InferenceComponentRuntimeConfig", - "markdownDescription": "", - "title": "RuntimeConfig" - }, - "Specification": { - "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.InferenceComponentSpecification", - "markdownDescription": "", - "title": "Specification" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "", - "title": "Tags", - "type": "array" - }, - "VariantName": { - "markdownDescription": "The name of the production variant that hosts the inference component.", - "title": "VariantName", - "type": "string" - } - }, - "required": [ - "EndpointName", - "RuntimeConfig", - "Specification", - "VariantName" - ], - "type": "object" + "DisplayConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIconDisplayConfiguration", + "markdownDescription": "Determines the icon display configuration.", + "title": "DisplayConfiguration" }, - "Type": { - "enum": [ - "AWS::SageMaker::InferenceComponent" - ], + "Expression": { + "markdownDescription": "The expression that determines the condition of the icon set.", + "title": "Expression", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "IconOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingCustomIconOptions", + "markdownDescription": "Custom icon options for an icon set.", + "title": "IconOptions" } }, "required": [ - "Type", - "Properties" + "Expression", + "IconOptions" ], "type": "object" }, - "AWS::SageMaker::InferenceComponent.DeployedImage": { + "AWS::QuickSight::Template.ConditionalFormattingCustomIconOptions": { "additionalProperties": false, "properties": { - "ResolutionTime": { - "markdownDescription": "The date and time when the image path for the model resolved to the `ResolvedImage`", - "title": "ResolutionTime", + "Icon": { + "markdownDescription": "Determines the type of icon.", + "title": "Icon", "type": "string" }, - "ResolvedImage": { - "markdownDescription": "The specific digest path of the image hosted in this `ProductionVariant` .", - "title": "ResolvedImage", + "UnicodeIcon": { + "markdownDescription": "Determines the Unicode icon type.", + "title": "UnicodeIcon", "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ConditionalFormattingGradientColor": { + "additionalProperties": false, + "properties": { + "Color": { + "$ref": "#/definitions/AWS::QuickSight::Template.GradientColor", + "markdownDescription": "Determines the color.", + "title": "Color" }, - "SpecifiedImage": { - "markdownDescription": "The image path you specified when you created the model.", - "title": "SpecifiedImage", + "Expression": { + "markdownDescription": "The expression that determines the formatting configuration for gradient color.", + "title": "Expression", "type": "string" } }, + "required": [ + "Color", + "Expression" + ], "type": "object" }, - "AWS::SageMaker::InferenceComponent.InferenceComponentComputeResourceRequirements": { + "AWS::QuickSight::Template.ConditionalFormattingIcon": { "additionalProperties": false, "properties": { - "MaxMemoryRequiredInMb": { - "markdownDescription": "The maximum MB of memory to allocate to run a model that you assign to an inference component.", - "title": "MaxMemoryRequiredInMb", - "type": "number" - }, - "MinMemoryRequiredInMb": { - "markdownDescription": "The minimum MB of memory to allocate to run a model that you assign to an inference component.", - "title": "MinMemoryRequiredInMb", - "type": "number" - }, - "NumberOfAcceleratorDevicesRequired": { - "markdownDescription": "The number of accelerators to allocate to run a model that you assign to an inference component. Accelerators include GPUs and AWS Inferentia.", - "title": "NumberOfAcceleratorDevicesRequired", - "type": "number" + "CustomCondition": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingCustomIconCondition", + "markdownDescription": "Determines the custom condition for an icon set.", + "title": "CustomCondition" }, - "NumberOfCpuCoresRequired": { - "markdownDescription": "The number of CPU cores to allocate to run a model that you assign to an inference component.", - "title": "NumberOfCpuCoresRequired", - "type": "number" + "IconSet": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIconSet", + "markdownDescription": "Formatting configuration for icon set.", + "title": "IconSet" } }, "type": "object" }, - "AWS::SageMaker::InferenceComponent.InferenceComponentContainerSpecification": { + "AWS::QuickSight::Template.ConditionalFormattingIconDisplayConfiguration": { "additionalProperties": false, "properties": { - "ArtifactUrl": { - "markdownDescription": "The Amazon S3 path where the model artifacts, which result from model training, are stored. This path must point to a single gzip compressed tar archive (.tar.gz suffix).", - "title": "ArtifactUrl", - "type": "string" - }, - "DeployedImage": { - "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.DeployedImage", - "markdownDescription": "", - "title": "DeployedImage" - }, - "Environment": { - "additionalProperties": true, - "markdownDescription": "The environment variables to set in the Docker container. Each key and value in the Environment string-to-string map can have length of up to 1024. We support up to 16 entries in the map.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Environment", - "type": "object" - }, - "Image": { - "markdownDescription": "The Amazon Elastic Container Registry (Amazon ECR) path where the Docker image for the model is stored.", - "title": "Image", + "IconDisplayOption": { + "markdownDescription": "Determines the icon display configuration.", + "title": "IconDisplayOption", "type": "string" } }, "type": "object" }, - "AWS::SageMaker::InferenceComponent.InferenceComponentRuntimeConfig": { + "AWS::QuickSight::Template.ConditionalFormattingIconSet": { "additionalProperties": false, "properties": { - "CopyCount": { - "markdownDescription": "The number of runtime copies of the model container to deploy with the inference component. Each copy can serve inference requests.", - "title": "CopyCount", - "type": "number" - }, - "CurrentCopyCount": { - "markdownDescription": "", - "title": "CurrentCopyCount", - "type": "number" + "Expression": { + "markdownDescription": "The expression that determines the formatting configuration for the icon set.", + "title": "Expression", + "type": "string" }, - "DesiredCopyCount": { - "markdownDescription": "", - "title": "DesiredCopyCount", - "type": "number" + "IconSetType": { + "markdownDescription": "Determines the icon set type.", + "title": "IconSetType", + "type": "string" } }, + "required": [ + "Expression" + ], "type": "object" }, - "AWS::SageMaker::InferenceComponent.InferenceComponentSpecification": { + "AWS::QuickSight::Template.ConditionalFormattingSolidColor": { "additionalProperties": false, "properties": { - "ComputeResourceRequirements": { - "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.InferenceComponentComputeResourceRequirements", - "markdownDescription": "The compute resources allocated to run the model, plus any adapter models, that you assign to the inference component.\n\nOmit this parameter if your request is meant to create an adapter inference component. An adapter inference component is loaded by a base inference component, and it uses the compute resources of the base inference component.", - "title": "ComputeResourceRequirements" - }, - "Container": { - "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.InferenceComponentContainerSpecification", - "markdownDescription": "Defines a container that provides the runtime environment for a model that you deploy with an inference component.", - "title": "Container" - }, - "ModelName": { - "markdownDescription": "The name of an existing SageMaker AI model object in your account that you want to deploy with the inference component.", - "title": "ModelName", + "Color": { + "markdownDescription": "Determines the color.", + "title": "Color", "type": "string" }, - "StartupParameters": { - "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.InferenceComponentStartupParameters", - "markdownDescription": "Settings that take effect while the model container starts up.", - "title": "StartupParameters" + "Expression": { + "markdownDescription": "The expression that determines the formatting configuration for solid color.", + "title": "Expression", + "type": "string" } }, "required": [ - "ComputeResourceRequirements" + "Expression" ], "type": "object" }, - "AWS::SageMaker::InferenceComponent.InferenceComponentStartupParameters": { + "AWS::QuickSight::Template.ContextMenuOption": { "additionalProperties": false, "properties": { - "ContainerStartupHealthCheckTimeoutInSeconds": { - "markdownDescription": "The timeout value, in seconds, for your inference container to pass health check by Amazon S3 Hosting. For more information about health check, see [How Your Container Should Respond to Health Check (Ping) Requests](https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms-inference-code.html#your-algorithms-inference-algo-ping-requests) .", - "title": "ContainerStartupHealthCheckTimeoutInSeconds", - "type": "number" - }, - "ModelDataDownloadTimeoutInSeconds": { - "markdownDescription": "The timeout value, in seconds, to download and extract the model that you want to host from Amazon S3 to the individual inference instance associated with this inference component.", - "title": "ModelDataDownloadTimeoutInSeconds", - "type": "number" + "AvailabilityStatus": { + "markdownDescription": "The availability status of the context menu options. If the value of this property is set to `ENABLED` , dashboard readers can interact with the context menu.", + "title": "AvailabilityStatus", + "type": "string" } }, "type": "object" }, - "AWS::SageMaker::InferenceExperiment": { + "AWS::QuickSight::Template.ContributionAnalysisDefault": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "ContributorDimensions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier" + }, + "markdownDescription": "The dimensions columns that are used in the contribution analysis, usually a list of `ColumnIdentifiers` .", + "title": "ContributorDimensions", + "type": "array" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "MeasureFieldId": { + "markdownDescription": "The measure field that is used in the contribution analysis.", + "title": "MeasureFieldId", "type": "string" + } + }, + "required": [ + "ContributorDimensions", + "MeasureFieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.CurrencyDisplayFormatConfiguration": { + "additionalProperties": false, + "properties": { + "DecimalPlacesConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DecimalPlacesConfiguration", + "markdownDescription": "The option that determines the decimal places configuration.", + "title": "DecimalPlacesConfiguration" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "NegativeValueConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NegativeValueConfiguration", + "markdownDescription": "The options that determine the negative value configuration.", + "title": "NegativeValueConfiguration" }, - "Metadata": { - "type": "object" + "NullValueFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NullValueFormatConfiguration", + "markdownDescription": "The options that determine the null value format configuration.", + "title": "NullValueFormatConfiguration" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DataStorageConfig": { - "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.DataStorageConfig", - "markdownDescription": "The Amazon S3 location and configuration for storing inference request and response data.", - "title": "DataStorageConfig" - }, - "Description": { - "markdownDescription": "The description of the inference experiment.", - "title": "Description", - "type": "string" - }, - "DesiredState": { - "markdownDescription": "The desired state of the experiment after stopping. The possible states are the following:\n\n- `Completed` : The experiment completed successfully\n- `Cancelled` : The experiment was canceled", - "title": "DesiredState", - "type": "string" - }, - "EndpointName": { - "markdownDescription": "The name of the endpoint.", - "title": "EndpointName", - "type": "string" - }, - "KmsKey": { - "markdownDescription": "The AWS Key Management Service key that Amazon SageMaker uses to encrypt captured data at rest using Amazon S3 server-side encryption.", - "title": "KmsKey", - "type": "string" - }, - "ModelVariants": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.ModelVariantConfig" - }, - "markdownDescription": "An array of `ModelVariantConfigSummary` objects. There is one for each variant in the inference experiment. Each `ModelVariantConfigSummary` object in the array describes the infrastructure configuration for deploying the corresponding variant.", - "title": "ModelVariants", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the inference experiment.", - "title": "Name", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role that Amazon SageMaker can assume to access model artifacts and container images, and manage Amazon SageMaker Inference endpoints for model deployment.", - "title": "RoleArn", - "type": "string" - }, - "Schedule": { - "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.InferenceExperimentSchedule", - "markdownDescription": "The duration for which the inference experiment ran or will run.\n\nThe maximum duration that you can set for an inference experiment is 30 days.", - "title": "Schedule" - }, - "ShadowModeConfig": { - "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.ShadowModeConfig", - "markdownDescription": "The configuration of `ShadowMode` inference experiment type, which shows the production variant that takes all the inference requests, and the shadow variant to which Amazon SageMaker replicates a percentage of the inference requests. For the shadow variant it also shows the percentage of requests that Amazon SageMaker replicates.", - "title": "ShadowModeConfig" - }, - "StatusReason": { - "markdownDescription": "The error message for the inference experiment status result.", - "title": "StatusReason", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - }, - "Type": { - "markdownDescription": "The type of the inference experiment.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "EndpointName", - "ModelVariants", - "Name", - "RoleArn", - "Type" - ], - "type": "object" + "NumberScale": { + "markdownDescription": "Determines the number scale value for the currency format.", + "title": "NumberScale", + "type": "string" }, - "Type": { - "enum": [ - "AWS::SageMaker::InferenceExperiment" - ], + "Prefix": { + "markdownDescription": "Determines the prefix value of the currency format.", + "title": "Prefix", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SeparatorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericSeparatorConfiguration", + "markdownDescription": "The options that determine the numeric separator configuration.", + "title": "SeparatorConfiguration" + }, + "Suffix": { + "markdownDescription": "Determines the suffix value of the currency format.", + "title": "Suffix", + "type": "string" + }, + "Symbol": { + "markdownDescription": "Determines the symbol for the currency format.", + "title": "Symbol", "type": "string" } }, + "type": "object" + }, + "AWS::QuickSight::Template.CustomActionFilterOperation": { + "additionalProperties": false, + "properties": { + "SelectedFieldsConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterOperationSelectedFieldsConfiguration", + "markdownDescription": "The configuration that chooses the fields to be filtered.", + "title": "SelectedFieldsConfiguration" + }, + "TargetVisualsConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterOperationTargetVisualsConfiguration", + "markdownDescription": "The configuration that chooses the target visuals to be filtered.", + "title": "TargetVisualsConfiguration" + } + }, "required": [ - "Type", - "Properties" + "SelectedFieldsConfiguration", + "TargetVisualsConfiguration" ], "type": "object" }, - "AWS::SageMaker::InferenceExperiment.CaptureContentTypeHeader": { + "AWS::QuickSight::Template.CustomActionNavigationOperation": { "additionalProperties": false, "properties": { - "CsvContentTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of all content type headers that Amazon SageMaker AI will treat as CSV and capture accordingly.", - "title": "CsvContentTypes", - "type": "array" - }, - "JsonContentTypes": { + "LocalNavigationConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.LocalNavigationConfiguration", + "markdownDescription": "The configuration that chooses the navigation target.", + "title": "LocalNavigationConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.CustomActionSetParametersOperation": { + "additionalProperties": false, + "properties": { + "ParameterValueConfigurations": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Template.SetParameterValueConfiguration" }, - "markdownDescription": "The list of all content type headers that SageMaker AI will treat as JSON and capture accordingly.", - "title": "JsonContentTypes", + "markdownDescription": "The parameter that determines the value configuration.", + "title": "ParameterValueConfigurations", "type": "array" } }, + "required": [ + "ParameterValueConfigurations" + ], "type": "object" }, - "AWS::SageMaker::InferenceExperiment.DataStorageConfig": { + "AWS::QuickSight::Template.CustomActionURLOperation": { "additionalProperties": false, "properties": { - "ContentType": { - "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.CaptureContentTypeHeader", - "markdownDescription": "Configuration specifying how to treat different headers. If no headers are specified SageMaker will by default base64 encode when capturing the data.", - "title": "ContentType" - }, - "Destination": { - "markdownDescription": "The Amazon S3 bucket where the inference request and response data is stored.", - "title": "Destination", + "URLTarget": { + "markdownDescription": "The target of the `CustomActionURLOperation` .\n\nValid values are defined as follows:\n\n- `NEW_TAB` : Opens the target URL in a new browser tab.\n- `NEW_WINDOW` : Opens the target URL in a new browser window.\n- `SAME_TAB` : Opens the target URL in the same browser tab.", + "title": "URLTarget", "type": "string" }, - "KmsKey": { - "markdownDescription": "The AWS Key Management Service key that Amazon SageMaker uses to encrypt captured data at rest using Amazon S3 server-side encryption.", - "title": "KmsKey", + "URLTemplate": { + "markdownDescription": "THe URL link of the `CustomActionURLOperation` .", + "title": "URLTemplate", "type": "string" } }, "required": [ - "Destination" + "URLTarget", + "URLTemplate" ], "type": "object" }, - "AWS::SageMaker::InferenceExperiment.EndpointMetadata": { + "AWS::QuickSight::Template.CustomColor": { "additionalProperties": false, "properties": { - "EndpointConfigName": { - "markdownDescription": "The name of the endpoint configuration.", - "title": "EndpointConfigName", + "Color": { + "markdownDescription": "The color that is applied to the data value.", + "title": "Color", "type": "string" }, - "EndpointName": { - "markdownDescription": "The name of the endpoint.", - "title": "EndpointName", + "FieldValue": { + "markdownDescription": "The data value that the color is applied to.", + "title": "FieldValue", "type": "string" }, - "EndpointStatus": { - "markdownDescription": "The status of the endpoint. For possible values of the status of an endpoint, see [](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sagemaker-inferenceexperiment-endpointmetadata.html#cfn-sagemaker-inferenceexperiment-endpointmetadata-endpointstatus) .", - "title": "EndpointStatus", + "SpecialValue": { + "markdownDescription": "The value of a special data value.", + "title": "SpecialValue", "type": "string" } }, "required": [ - "EndpointName" + "Color" ], "type": "object" }, - "AWS::SageMaker::InferenceExperiment.InferenceExperimentSchedule": { + "AWS::QuickSight::Template.CustomContentConfiguration": { "additionalProperties": false, "properties": { - "EndTime": { - "markdownDescription": "The timestamp at which the inference experiment ended or will end.", - "title": "EndTime", + "ContentType": { + "markdownDescription": "The content type of the custom content visual. You can use this to have the visual render as an image.", + "title": "ContentType", "type": "string" }, - "StartTime": { - "markdownDescription": "The timestamp at which the inference experiment started or will start.", - "title": "StartTime", + "ContentUrl": { + "markdownDescription": "The input URL that links to the custom content that you want in the custom visual.", + "title": "ContentUrl", + "type": "string" + }, + "ImageScaling": { + "markdownDescription": "The sizing options for the size of the custom content visual. This structure is required when the `ContentType` of the visual is `'IMAGE'` .", + "title": "ImageScaling", "type": "string" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" } }, "type": "object" }, - "AWS::SageMaker::InferenceExperiment.ModelInfrastructureConfig": { + "AWS::QuickSight::Template.CustomContentVisual": { "additionalProperties": false, "properties": { - "InfrastructureType": { - "markdownDescription": "The inference option to which to deploy your model. Possible values are the following:\n\n- `RealTime` : Deploy to real-time inference.", - "title": "InfrastructureType", + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomContentConfiguration", + "markdownDescription": "The configuration of a `CustomContentVisual` .", + "title": "ChartConfiguration" + }, + "DataSetIdentifier": { + "markdownDescription": "The dataset that is used to create the custom content visual. You can't create a visual without a dataset.", + "title": "DataSetIdentifier", "type": "string" }, - "RealTimeInferenceConfig": { - "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.RealTimeInferenceConfig", - "markdownDescription": "The infrastructure configuration for deploying the model to real-time inference.", - "title": "RealTimeInferenceConfig" + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" } }, "required": [ - "InfrastructureType", - "RealTimeInferenceConfig" + "DataSetIdentifier", + "VisualId" ], "type": "object" }, - "AWS::SageMaker::InferenceExperiment.ModelVariantConfig": { + "AWS::QuickSight::Template.CustomFilterConfiguration": { "additionalProperties": false, "properties": { - "InfrastructureConfig": { - "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.ModelInfrastructureConfig", - "markdownDescription": "The configuration for the infrastructure that the model will be deployed to.", - "title": "InfrastructureConfig" + "CategoryValue": { + "markdownDescription": "The category value for the filter.\n\nThis field is mutually exclusive to `ParameterName` .", + "title": "CategoryValue", + "type": "string" }, - "ModelName": { - "markdownDescription": "The name of the Amazon SageMaker Model entity.", - "title": "ModelName", + "MatchOperator": { + "markdownDescription": "The match operator that is used to determine if a filter should be applied.", + "title": "MatchOperator", "type": "string" }, - "VariantName": { - "markdownDescription": "The name of the variant.", - "title": "VariantName", + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" + }, + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `CategoryValue` .", + "title": "ParameterName", + "type": "string" + }, + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", "type": "string" } }, "required": [ - "InfrastructureConfig", - "ModelName", - "VariantName" + "MatchOperator", + "NullOption" ], "type": "object" }, - "AWS::SageMaker::InferenceExperiment.RealTimeInferenceConfig": { + "AWS::QuickSight::Template.CustomFilterListConfiguration": { "additionalProperties": false, "properties": { - "InstanceCount": { - "markdownDescription": "The number of instances of the type specified by `InstanceType` .", - "title": "InstanceCount", - "type": "number" + "CategoryValues": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of category values for the filter.", + "title": "CategoryValues", + "type": "array" }, - "InstanceType": { - "markdownDescription": "The instance type the model is deployed to.", - "title": "InstanceType", + "MatchOperator": { + "markdownDescription": "The match operator that is used to determine if a filter should be applied.", + "title": "MatchOperator", + "type": "string" + }, + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" + }, + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", "type": "string" } }, "required": [ - "InstanceCount", - "InstanceType" + "MatchOperator", + "NullOption" ], "type": "object" }, - "AWS::SageMaker::InferenceExperiment.ShadowModeConfig": { + "AWS::QuickSight::Template.CustomNarrativeOptions": { "additionalProperties": false, "properties": { - "ShadowModelVariants": { + "Narrative": { + "markdownDescription": "The string input of custom narrative.", + "title": "Narrative", + "type": "string" + } + }, + "required": [ + "Narrative" + ], + "type": "object" + }, + "AWS::QuickSight::Template.CustomParameterValues": { + "additionalProperties": false, + "properties": { + "DateTimeValues": { "items": { - "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.ShadowModelVariantConfig" + "type": "string" }, - "markdownDescription": "List of shadow variant configurations.", - "title": "ShadowModelVariants", + "markdownDescription": "A list of datetime-type parameter values.", + "title": "DateTimeValues", "type": "array" }, - "SourceModelVariantName": { - "markdownDescription": "The name of the production variant, which takes all the inference requests.", - "title": "SourceModelVariantName", - "type": "string" + "DecimalValues": { + "items": { + "type": "number" + }, + "markdownDescription": "A list of decimal-type parameter values.", + "title": "DecimalValues", + "type": "array" + }, + "IntegerValues": { + "items": { + "type": "number" + }, + "markdownDescription": "A list of integer-type parameter values.", + "title": "IntegerValues", + "type": "array" + }, + "StringValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of string-type parameter values.", + "title": "StringValues", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.CustomValuesConfiguration": { + "additionalProperties": false, + "properties": { + "CustomValues": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomParameterValues", + "markdownDescription": "", + "title": "CustomValues" + }, + "IncludeNullValue": { + "markdownDescription": "Includes the null value in custom action parameter values.", + "title": "IncludeNullValue", + "type": "boolean" } }, "required": [ - "ShadowModelVariants", - "SourceModelVariantName" + "CustomValues" ], "type": "object" }, - "AWS::SageMaker::InferenceExperiment.ShadowModelVariantConfig": { + "AWS::QuickSight::Template.DataBarsOptions": { "additionalProperties": false, "properties": { - "SamplingPercentage": { - "markdownDescription": "The percentage of inference requests that Amazon SageMaker replicates from the production variant to the shadow variant.", - "title": "SamplingPercentage", - "type": "number" + "FieldId": { + "markdownDescription": "The field ID for the data bars options.", + "title": "FieldId", + "type": "string" }, - "ShadowModelVariantName": { - "markdownDescription": "The name of the shadow variant.", - "title": "ShadowModelVariantName", + "NegativeColor": { + "markdownDescription": "The color of the negative data bar.", + "title": "NegativeColor", + "type": "string" + }, + "PositiveColor": { + "markdownDescription": "The color of the positive data bar.", + "title": "PositiveColor", "type": "string" } }, "required": [ - "SamplingPercentage", - "ShadowModelVariantName" + "FieldId" ], "type": "object" }, - "AWS::SageMaker::Model": { + "AWS::QuickSight::Template.DataColor": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Color": { + "markdownDescription": "The color that is applied to the data value.", + "title": "Color", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Containers": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::Model.ContainerDefinition" - }, - "markdownDescription": "Specifies the containers in the inference pipeline.", - "title": "Containers", - "type": "array" - }, - "EnableNetworkIsolation": { - "markdownDescription": "Isolates the model container. No inbound or outbound network calls can be made to or from the model container.", - "title": "EnableNetworkIsolation", - "type": "boolean" - }, - "ExecutionRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that SageMaker can assume to access model artifacts and docker image for deployment on ML compute instances or for batch transform jobs. Deploying on ML compute instances is part of model hosting. For more information, see [SageMaker Roles](https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-roles.html) .\n\n> To be able to pass this role to SageMaker, the caller of this API must have the `iam:PassRole` permission.", - "title": "ExecutionRoleArn", - "type": "string" - }, - "InferenceExecutionConfig": { - "$ref": "#/definitions/AWS::SageMaker::Model.InferenceExecutionConfig", - "markdownDescription": "Specifies details of how containers in a multi-container endpoint are called.", - "title": "InferenceExecutionConfig" - }, - "ModelName": { - "markdownDescription": "The name of the new model.", - "title": "ModelName", - "type": "string" - }, - "PrimaryContainer": { - "$ref": "#/definitions/AWS::SageMaker::Model.ContainerDefinition", - "markdownDescription": "The location of the primary docker image containing inference code, associated artifacts, and custom environment map that the inference code uses when the model is deployed for predictions.", - "title": "PrimaryContainer" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of key-value pairs to apply to this resource.\n\nFor more information, see [Resource Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) and [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html#allocation-what) in the *AWS Billing and Cost Management User Guide* .", - "title": "Tags", - "type": "array" - }, - "VpcConfig": { - "$ref": "#/definitions/AWS::SageMaker::Model.VpcConfig", - "markdownDescription": "A [VpcConfig](https://docs.aws.amazon.com/sagemaker/latest/dg/API_VpcConfig.html) object that specifies the VPC that you want your model to connect to. Control access to and from your model container by configuring the VPC. `VpcConfig` is used in hosting services and in batch transform. For more information, see [Protect Endpoints by Using an Amazon Virtual Private Cloud](https://docs.aws.amazon.com/sagemaker/latest/dg/host-vpc.html) and [Protect Data in Batch Transform Jobs by Using an Amazon Virtual Private Cloud](https://docs.aws.amazon.com/sagemaker/latest/dg/batch-vpc.html) .", - "title": "VpcConfig" - } - }, - "type": "object" + "DataValue": { + "markdownDescription": "The data value that the color is applied to.", + "title": "DataValue", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DataFieldSeriesItem": { + "additionalProperties": false, + "properties": { + "AxisBinding": { + "markdownDescription": "The axis that you are binding the field to.", + "title": "AxisBinding", + "type": "string" }, - "Type": { - "enum": [ - "AWS::SageMaker::Model" - ], + "FieldId": { + "markdownDescription": "The field ID of the field that you are setting the axis binding to.", + "title": "FieldId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FieldValue": { + "markdownDescription": "The field value of the field that you are setting the axis binding to.", + "title": "FieldValue", "type": "string" + }, + "Settings": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineChartSeriesSettings", + "markdownDescription": "The options that determine the presentation of line series associated to the field.", + "title": "Settings" } }, "required": [ - "Type" + "AxisBinding", + "FieldId" ], "type": "object" }, - "AWS::SageMaker::Model.ContainerDefinition": { + "AWS::QuickSight::Template.DataLabelOptions": { "additionalProperties": false, "properties": { - "ContainerHostname": { - "markdownDescription": "This parameter is ignored for models that contain only a `PrimaryContainer` .\n\nWhen a `ContainerDefinition` is part of an inference pipeline, the value of the parameter uniquely identifies the container for the purposes of logging and metrics. For information, see [Use Logs and Metrics to Monitor an Inference Pipeline](https://docs.aws.amazon.com/sagemaker/latest/dg/inference-pipeline-logs-metrics.html) . If you don't specify a value for this parameter for a `ContainerDefinition` that is part of an inference pipeline, a unique name is automatically assigned based on the position of the `ContainerDefinition` in the pipeline. If you specify a value for the `ContainerHostName` for any `ContainerDefinition` that is part of an inference pipeline, you must specify a value for the `ContainerHostName` parameter of every `ContainerDefinition` in that pipeline.", - "title": "ContainerHostname", - "type": "string" - }, - "Environment": { - "markdownDescription": "The environment variables to set in the Docker container. Don't include any sensitive data in your environment variables.\n\nThe maximum length of each key and value in the `Environment` map is 1024 bytes. The maximum length of all keys and values in the map, combined, is 32 KB. If you pass multiple containers to a `CreateModel` request, then the maximum length of all of their maps, combined, is also 32 KB.", - "title": "Environment", + "CategoryLabelVisibility": { + "markdownDescription": "Determines the visibility of the category field labels.", + "title": "CategoryLabelVisibility", "type": "object" }, - "Image": { - "markdownDescription": "The path where inference code is stored. This can be either in Amazon EC2 Container Registry or in a Docker registry that is accessible from the same VPC that you configure for your endpoint. If you are using your own custom algorithm instead of an algorithm provided by SageMaker, the inference code must meet SageMaker requirements. SageMaker supports both `registry/repository[:tag]` and `registry/repository[@digest]` image path formats. For more information, see [Using Your Own Algorithms with Amazon SageMaker](https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms.html) .\n\n> The model artifacts in an Amazon S3 bucket and the Docker image for inference container in Amazon EC2 Container Registry must be in the same region as the model or endpoint you are creating.", - "title": "Image", - "type": "string" - }, - "ImageConfig": { - "$ref": "#/definitions/AWS::SageMaker::Model.ImageConfig", - "markdownDescription": "Specifies whether the model container is in Amazon ECR or a private Docker registry accessible from your Amazon Virtual Private Cloud (VPC). For information about storing containers in a private Docker registry, see [Use a Private Docker Registry for Real-Time Inference Containers](https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms-containers-inference-private.html) .\n\n> The model artifacts in an Amazon S3 bucket and the Docker image for inference container in Amazon EC2 Container Registry must be in the same region as the model or endpoint you are creating.", - "title": "ImageConfig" + "DataLabelTypes": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelType" + }, + "markdownDescription": "The option that determines the data label type.", + "title": "DataLabelTypes", + "type": "array" }, - "InferenceSpecificationName": { - "markdownDescription": "The inference specification name in the model package version.", - "title": "InferenceSpecificationName", + "LabelColor": { + "markdownDescription": "Determines the color of the data labels.", + "title": "LabelColor", "type": "string" }, - "Mode": { - "markdownDescription": "Whether the container hosts a single model or multiple models.", - "title": "Mode", + "LabelContent": { + "markdownDescription": "Determines the content of the data labels.", + "title": "LabelContent", "type": "string" }, - "ModelDataSource": { - "$ref": "#/definitions/AWS::SageMaker::Model.ModelDataSource", - "markdownDescription": "Specifies the location of ML model data to deploy.\n\n> Currently you cannot use `ModelDataSource` in conjunction with SageMaker batch transform, SageMaker serverless endpoints, SageMaker multi-model endpoints, and SageMaker Marketplace.", - "title": "ModelDataSource" + "LabelFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "markdownDescription": "Determines the font configuration of the data labels.", + "title": "LabelFontConfiguration" }, - "ModelDataUrl": { - "markdownDescription": "The S3 path where the model artifacts, which result from model training, are stored. This path must point to a single gzip compressed tar archive (.tar.gz suffix). The S3 path is required for SageMaker built-in algorithms, but not if you use your own algorithms. For more information on built-in algorithms, see [Common Parameters](https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-algo-docker-registry-paths.html) .\n\n> The model artifacts must be in an S3 bucket that is in the same region as the model or endpoint you are creating. \n\nIf you provide a value for this parameter, SageMaker uses AWS Security Token Service to download model artifacts from the S3 path you provide. AWS STS is activated in your AWS account by default. If you previously deactivated AWS STS for a region, you need to reactivate AWS STS for that region. For more information, see [Activating and Deactivating AWS STS in an AWS Region](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) in the *AWS Identity and Access Management User Guide* .\n\n> If you use a built-in algorithm to create a model, SageMaker requires that you provide a S3 path to the model artifacts in `ModelDataUrl` .", - "title": "ModelDataUrl", + "MeasureLabelVisibility": { + "markdownDescription": "Determines the visibility of the measure field labels.", + "title": "MeasureLabelVisibility", + "type": "object" + }, + "Overlap": { + "markdownDescription": "Determines whether overlap is enabled or disabled for the data labels.", + "title": "Overlap", "type": "string" }, - "ModelPackageName": { - "markdownDescription": "The name or Amazon Resource Name (ARN) of the model package to use to create the model.", - "title": "ModelPackageName", + "Position": { + "markdownDescription": "Determines the position of the data labels.", + "title": "Position", "type": "string" }, - "MultiModelConfig": { - "$ref": "#/definitions/AWS::SageMaker::Model.MultiModelConfig", - "markdownDescription": "Specifies additional configuration for multi-model endpoints.", - "title": "MultiModelConfig" + "TotalsVisibility": { + "markdownDescription": "Determines the visibility of the total.", + "title": "TotalsVisibility", + "type": "object" + }, + "Visibility": { + "markdownDescription": "Determines the visibility of the data labels.", + "title": "Visibility", + "type": "object" } }, "type": "object" }, - "AWS::SageMaker::Model.ImageConfig": { + "AWS::QuickSight::Template.DataLabelType": { "additionalProperties": false, "properties": { - "RepositoryAccessMode": { - "markdownDescription": "Set this to one of the following values:\n\n- `Platform` - The model image is hosted in Amazon ECR.\n- `Vpc` - The model image is hosted in a private Docker registry in your VPC.", - "title": "RepositoryAccessMode", - "type": "string" + "DataPathLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataPathLabelType", + "markdownDescription": "The option that specifies individual data values for labels.", + "title": "DataPathLabelType" }, - "RepositoryAuthConfig": { - "$ref": "#/definitions/AWS::SageMaker::Model.RepositoryAuthConfig", - "markdownDescription": "(Optional) Specifies an authentication configuration for the private docker registry where your model image is hosted. Specify a value for this property only if you specified `Vpc` as the value for the `RepositoryAccessMode` field, and the private Docker registry where the model image is hosted requires authentication.", - "title": "RepositoryAuthConfig" + "FieldLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldLabelType", + "markdownDescription": "Determines the label configuration for the entire field.", + "title": "FieldLabelType" + }, + "MaximumLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Template.MaximumLabelType", + "markdownDescription": "Determines the label configuration for the maximum value in a visual.", + "title": "MaximumLabelType" + }, + "MinimumLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Template.MinimumLabelType", + "markdownDescription": "Determines the label configuration for the minimum value in a visual.", + "title": "MinimumLabelType" + }, + "RangeEndsLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Template.RangeEndsLabelType", + "markdownDescription": "Determines the label configuration for range end value in a visual.", + "title": "RangeEndsLabelType" } }, - "required": [ - "RepositoryAccessMode" - ], "type": "object" }, - "AWS::SageMaker::Model.InferenceExecutionConfig": { + "AWS::QuickSight::Template.DataPathColor": { "additionalProperties": false, "properties": { - "Mode": { - "markdownDescription": "How containers in a multi-container are run. The following values are valid.\n\n- `Serial` - Containers run as a serial pipeline.\n- `Direct` - Only the individual container that you specify is run.", - "title": "Mode", + "Color": { + "markdownDescription": "The color that needs to be applied to the element.", + "title": "Color", + "type": "string" + }, + "Element": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataPathValue", + "markdownDescription": "The element that the color needs to be applied to.", + "title": "Element" + }, + "TimeGranularity": { + "markdownDescription": "The time granularity of the field that the color needs to be applied to.", + "title": "TimeGranularity", "type": "string" } }, "required": [ - "Mode" + "Color", + "Element" ], "type": "object" }, - "AWS::SageMaker::Model.ModelAccessConfig": { + "AWS::QuickSight::Template.DataPathLabelType": { "additionalProperties": false, "properties": { - "AcceptEula": { - "markdownDescription": "Specifies agreement to the model end-user license agreement (EULA). The `AcceptEula` value must be explicitly defined as `True` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.", - "title": "AcceptEula", - "type": "boolean" + "FieldId": { + "markdownDescription": "The field ID of the field that the data label needs to be applied to.", + "title": "FieldId", + "type": "string" + }, + "FieldValue": { + "markdownDescription": "The actual value of the field that is labeled.", + "title": "FieldValue", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the data label.", + "title": "Visibility", + "type": "object" } }, - "required": [ - "AcceptEula" - ], "type": "object" }, - "AWS::SageMaker::Model.ModelDataSource": { + "AWS::QuickSight::Template.DataPathSort": { "additionalProperties": false, "properties": { - "S3DataSource": { - "$ref": "#/definitions/AWS::SageMaker::Model.S3DataSource", - "markdownDescription": "Specifies the S3 location of ML model data to deploy.", - "title": "S3DataSource" + "Direction": { + "markdownDescription": "Determines the sort direction.", + "title": "Direction", + "type": "string" + }, + "SortPaths": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataPathValue" + }, + "markdownDescription": "The list of data paths that need to be sorted.", + "title": "SortPaths", + "type": "array" } }, "required": [ - "S3DataSource" + "Direction", + "SortPaths" ], "type": "object" }, - "AWS::SageMaker::Model.MultiModelConfig": { + "AWS::QuickSight::Template.DataPathType": { "additionalProperties": false, "properties": { - "ModelCacheSetting": { - "markdownDescription": "Whether to cache models for a multi-model endpoint. By default, multi-model endpoints cache models so that a model does not have to be loaded into memory each time it is invoked. Some use cases do not benefit from model caching. For example, if an endpoint hosts a large number of models that are each invoked infrequently, the endpoint might perform better if you disable model caching. To disable model caching, set the value of this parameter to Disabled.", - "title": "ModelCacheSetting", + "PivotTableDataPathType": { + "markdownDescription": "The type of data path value utilized in a pivot table. Choose one of the following options:\n\n- `HIERARCHY_ROWS_LAYOUT_COLUMN` - The type of data path for the rows layout column, when `RowsLayout` is set to `HIERARCHY` .\n- `MULTIPLE_ROW_METRICS_COLUMN` - The type of data path for the metric column when the row is set to Metric Placement.\n- `EMPTY_COLUMN_HEADER` - The type of data path for the column with empty column header, when there is no field in `ColumnsFieldWell` and the row is set to Metric Placement.\n- `COUNT_METRIC_COLUMN` - The type of data path for the column with `COUNT` as the metric, when there is no field in the `ValuesFieldWell` .", + "title": "PivotTableDataPathType", "type": "string" } }, "type": "object" }, - "AWS::SageMaker::Model.RepositoryAuthConfig": { + "AWS::QuickSight::Template.DataPathValue": { "additionalProperties": false, "properties": { - "RepositoryCredentialsProviderArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the *AWS Lambda Developer Guide* .", - "title": "RepositoryCredentialsProviderArn", + "DataPathType": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataPathType", + "markdownDescription": "The type configuration of the field.", + "title": "DataPathType" + }, + "FieldId": { + "markdownDescription": "The field ID of the field that needs to be sorted.", + "title": "FieldId", + "type": "string" + }, + "FieldValue": { + "markdownDescription": "The actual value of the field that needs to be sorted.", + "title": "FieldValue", "type": "string" } }, - "required": [ - "RepositoryCredentialsProviderArn" - ], "type": "object" }, - "AWS::SageMaker::Model.S3DataSource": { + "AWS::QuickSight::Template.DataSetConfiguration": { "additionalProperties": false, "properties": { - "CompressionType": { - "markdownDescription": "", - "title": "CompressionType", - "type": "string" + "ColumnGroupSchemaList": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnGroupSchema" + }, + "markdownDescription": "A structure containing the list of column group schemas.", + "title": "ColumnGroupSchemaList", + "type": "array" }, - "ModelAccessConfig": { - "$ref": "#/definitions/AWS::SageMaker::Model.ModelAccessConfig", - "markdownDescription": "", - "title": "ModelAccessConfig" + "DataSetSchema": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataSetSchema", + "markdownDescription": "Dataset schema.", + "title": "DataSetSchema" }, - "S3DataType": { - "markdownDescription": "If you choose `S3Prefix` , `S3Uri` identifies a key name prefix. SageMaker uses all objects that match the specified key name prefix for model training.\n\nIf you choose `ManifestFile` , `S3Uri` identifies an object that is a manifest file containing a list of object keys that you want SageMaker to use for model training.\n\nIf you choose `AugmentedManifestFile` , `S3Uri` identifies an object that is an augmented manifest file in JSON lines format. This file contains the data you want to use for model training. `AugmentedManifestFile` can only be used if the Channel's input mode is `Pipe` .", - "title": "S3DataType", + "Placeholder": { + "markdownDescription": "Placeholder.", + "title": "Placeholder", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DataSetReference": { + "additionalProperties": false, + "properties": { + "DataSetArn": { + "markdownDescription": "Dataset Amazon Resource Name (ARN).", + "title": "DataSetArn", "type": "string" }, - "S3Uri": { - "markdownDescription": "Depending on the value specified for the `S3DataType` , identifies either a key name prefix or a manifest. For example:\n\n- A key name prefix might look like this: `s3://bucketname/exampleprefix/`\n- A manifest might look like this: `s3://bucketname/example.manifest`\n\nA manifest is an S3 object which is a JSON file consisting of an array of elements. The first element is a prefix which is followed by one or more suffixes. SageMaker appends the suffix elements to the prefix to get a full set of `S3Uri` . Note that the prefix must be a valid non-empty `S3Uri` that precludes users from specifying a manifest whose individual `S3Uri` is sourced from different S3 buckets.\n\nThe following code example shows a valid manifest format:\n\n`[ {\"prefix\": \"s3://customer_bucket/some/prefix/\"},`\n\n`\"relative/path/to/custdata-1\",`\n\n`\"relative/path/custdata-2\",`\n\n`...`\n\n`\"relative/path/custdata-N\"`\n\n`]`\n\nThis JSON is equivalent to the following `S3Uri` list:\n\n`s3://customer_bucket/some/prefix/relative/path/to/custdata-1`\n\n`s3://customer_bucket/some/prefix/relative/path/custdata-2`\n\n`...`\n\n`s3://customer_bucket/some/prefix/relative/path/custdata-N`\n\nThe complete set of `S3Uri` in this manifest is the input data for the channel for this data source. The object that each `S3Uri` points to must be readable by the IAM role that SageMaker uses to perform tasks on your behalf.\n\nYour input bucket must be located in same AWS region as your training job.", - "title": "S3Uri", + "DataSetPlaceholder": { + "markdownDescription": "Dataset placeholder.", + "title": "DataSetPlaceholder", "type": "string" } }, "required": [ - "CompressionType", - "S3DataType", - "S3Uri" + "DataSetArn", + "DataSetPlaceholder" ], "type": "object" }, - "AWS::SageMaker::Model.VpcConfig": { + "AWS::QuickSight::Template.DataSetSchema": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The VPC security group IDs, in the form `sg-xxxxxxxx` . Specify the security groups for the VPC that is specified in the `Subnets` field.", - "title": "SecurityGroupIds", - "type": "array" - }, - "Subnets": { + "ColumnSchemaList": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnSchema" }, - "markdownDescription": "The ID of the subnets in the VPC to which you want to connect your training job or model. For information about the availability of specific instance types, see [Supported Instance Types and Availability Zones](https://docs.aws.amazon.com/sagemaker/latest/dg/instance-types-az.html) .", - "title": "Subnets", + "markdownDescription": "A structure containing the list of column schemas.", + "title": "ColumnSchemaList", "type": "array" } }, - "required": [ - "SecurityGroupIds", - "Subnets" - ], "type": "object" }, - "AWS::SageMaker::ModelBiasJobDefinition": { + "AWS::QuickSight::Template.DateAxisOptions": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "EndpointName": { - "markdownDescription": "", - "title": "EndpointName", - "type": "string" - }, - "JobDefinitionName": { - "markdownDescription": "The name of the bias job definition. The name must be unique within an AWS Region in the AWS account.", - "title": "JobDefinitionName", - "type": "string" - }, - "JobResources": { - "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.MonitoringResources", - "markdownDescription": "Identifies the resources to deploy for a monitoring job.", - "title": "JobResources" - }, - "ModelBiasAppSpecification": { - "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.ModelBiasAppSpecification", - "markdownDescription": "Configures the model bias job to run a specified Docker container image.", - "title": "ModelBiasAppSpecification" - }, - "ModelBiasBaselineConfig": { - "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.ModelBiasBaselineConfig", - "markdownDescription": "The baseline configuration for a model bias job.", - "title": "ModelBiasBaselineConfig" - }, - "ModelBiasJobInput": { - "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.ModelBiasJobInput", - "markdownDescription": "Inputs for the model bias job.", - "title": "ModelBiasJobInput" - }, - "ModelBiasJobOutputConfig": { - "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.MonitoringOutputConfig", - "markdownDescription": "The output configuration for monitoring jobs.", - "title": "ModelBiasJobOutputConfig" - }, - "NetworkConfig": { - "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.NetworkConfig", - "markdownDescription": "Networking options for a model bias job.", - "title": "NetworkConfig" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to perform tasks on your behalf.", - "title": "RoleArn", - "type": "string" - }, - "StoppingCondition": { - "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.StoppingCondition", - "markdownDescription": "A time limit for how long the monitoring job is allowed to run before stopping.", - "title": "StoppingCondition" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "JobResources", - "ModelBiasAppSpecification", - "ModelBiasJobInput", - "ModelBiasJobOutputConfig", - "RoleArn" - ], + "MissingDateVisibility": { + "markdownDescription": "Determines whether or not missing dates are displayed.", + "title": "MissingDateVisibility", "type": "object" - }, - "Type": { - "enum": [ - "AWS::SageMaker::ModelBiasJobDefinition" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::SageMaker::ModelBiasJobDefinition.BatchTransformInput": { + "AWS::QuickSight::Template.DateDimensionField": { "additionalProperties": false, "properties": { - "DataCapturedDestinationS3Uri": { - "markdownDescription": "The Amazon S3 location being used to capture the data.", - "title": "DataCapturedDestinationS3Uri", - "type": "string" - }, - "DatasetFormat": { - "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.DatasetFormat", - "markdownDescription": "The dataset format for your batch transform job.", - "title": "DatasetFormat" - }, - "EndTimeOffset": { - "markdownDescription": "If specified, monitoring jobs subtract this time from the end time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", - "title": "EndTimeOffset", - "type": "string" - }, - "FeaturesAttribute": { - "markdownDescription": "The attributes of the input data that are the input features.", - "title": "FeaturesAttribute", - "type": "string" - }, - "InferenceAttribute": { - "markdownDescription": "The attribute of the input data that represents the ground truth label.", - "title": "InferenceAttribute", - "type": "string" - }, - "LocalPath": { - "markdownDescription": "Path to the filesystem where the batch transform data is available to the container.", - "title": "LocalPath", - "type": "string" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that is used in the `DateDimensionField` .", + "title": "Column" }, - "ProbabilityAttribute": { - "markdownDescription": "In a classification problem, the attribute that represents the class probability.", - "title": "ProbabilityAttribute", + "DateGranularity": { + "markdownDescription": "The date granularity of the `DateDimensionField` . Choose one of the following options:\n\n- `YEAR`\n- `QUARTER`\n- `MONTH`\n- `WEEK`\n- `DAY`\n- `HOUR`\n- `MINUTE`\n- `SECOND`\n- `MILLISECOND`", + "title": "DateGranularity", "type": "string" }, - "ProbabilityThresholdAttribute": { - "markdownDescription": "The threshold for the class probability to be evaluated as a positive result.", - "title": "ProbabilityThresholdAttribute", - "type": "number" - }, - "S3DataDistributionType": { - "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defaults to `FullyReplicated`", - "title": "S3DataDistributionType", + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", "type": "string" }, - "S3InputMode": { - "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", - "title": "S3InputMode", - "type": "string" + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" }, - "StartTimeOffset": { - "markdownDescription": "If specified, monitoring jobs substract this time from the start time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", - "title": "StartTimeOffset", + "HierarchyId": { + "markdownDescription": "The custom hierarchy ID.", + "title": "HierarchyId", "type": "string" } }, "required": [ - "DataCapturedDestinationS3Uri", - "DatasetFormat", - "LocalPath" + "Column", + "FieldId" ], "type": "object" }, - "AWS::SageMaker::ModelBiasJobDefinition.ClusterConfig": { + "AWS::QuickSight::Template.DateMeasureField": { "additionalProperties": false, "properties": { - "InstanceCount": { - "markdownDescription": "The number of ML compute instances to use in the model monitoring job. For distributed processing jobs, specify a value greater than 1. The default value is 1.", - "title": "InstanceCount", - "type": "number" - }, - "InstanceType": { - "markdownDescription": "The ML compute instance type for the processing job.", - "title": "InstanceType", + "AggregationFunction": { + "markdownDescription": "The aggregation function of the measure field.", + "title": "AggregationFunction", "type": "string" }, - "VolumeKmsKeyId": { - "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance(s) that run the model monitoring job.", - "title": "VolumeKmsKeyId", + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that is used in the `DateMeasureField` .", + "title": "Column" + }, + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", "type": "string" }, - "VolumeSizeInGB": { - "markdownDescription": "The size of the ML storage volume, in gigabytes, that you want to provision. You must specify sufficient ML storage for your scenario.", - "title": "VolumeSizeInGB", - "type": "number" + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" } }, "required": [ - "InstanceCount", - "InstanceType", - "VolumeSizeInGB" + "Column", + "FieldId" ], "type": "object" }, - "AWS::SageMaker::ModelBiasJobDefinition.ConstraintsResource": { + "AWS::QuickSight::Template.DateTimeDefaultValues": { "additionalProperties": false, "properties": { - "S3Uri": { - "markdownDescription": "The Amazon S3 URI for the constraints resource.", - "title": "S3Uri", - "type": "string" + "DynamicValue": { + "$ref": "#/definitions/AWS::QuickSight::Template.DynamicDefaultValue", + "markdownDescription": "The dynamic value of the `DataTimeDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", + "title": "DynamicValue" + }, + "RollingDate": { + "$ref": "#/definitions/AWS::QuickSight::Template.RollingDateConfiguration", + "markdownDescription": "The rolling date of the `DataTimeDefaultValues` . The date is determined from the dataset based on input expression.", + "title": "RollingDate" + }, + "StaticValues": { + "items": { + "type": "string" + }, + "markdownDescription": "The static values of the `DataTimeDefaultValues` .", + "title": "StaticValues", + "type": "array" } }, "type": "object" }, - "AWS::SageMaker::ModelBiasJobDefinition.Csv": { + "AWS::QuickSight::Template.DateTimeFormatConfiguration": { "additionalProperties": false, "properties": { - "Header": { - "markdownDescription": "", - "title": "Header", - "type": "boolean" + "DateTimeFormat": { + "markdownDescription": "Determines the `DateTime` format.", + "title": "DateTimeFormat", + "type": "string" + }, + "NullValueFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NullValueFormatConfiguration", + "markdownDescription": "The options that determine the null value format configuration.", + "title": "NullValueFormatConfiguration" + }, + "NumericFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericFormatConfiguration", + "markdownDescription": "The formatting configuration for numeric `DateTime` fields.", + "title": "NumericFormatConfiguration" } }, "type": "object" }, - "AWS::SageMaker::ModelBiasJobDefinition.DatasetFormat": { + "AWS::QuickSight::Template.DateTimeHierarchy": { "additionalProperties": false, "properties": { - "Csv": { - "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.Csv", - "markdownDescription": "", - "title": "Csv" - }, - "Json": { - "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.Json", - "markdownDescription": "", - "title": "Json" + "DrillDownFilters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DrillDownFilter" + }, + "markdownDescription": "The option that determines the drill down filters for the `DateTime` hierarchy.", + "title": "DrillDownFilters", + "type": "array" }, - "Parquet": { - "markdownDescription": "", - "title": "Parquet", - "type": "boolean" + "HierarchyId": { + "markdownDescription": "The hierarchy ID of the `DateTime` hierarchy.", + "title": "HierarchyId", + "type": "string" } }, + "required": [ + "HierarchyId" + ], "type": "object" }, - "AWS::SageMaker::ModelBiasJobDefinition.EndpointInput": { + "AWS::QuickSight::Template.DateTimeParameterDeclaration": { "additionalProperties": false, "properties": { - "EndTimeOffset": { - "markdownDescription": "If specified, monitoring jobs substract this time from the end time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", - "title": "EndTimeOffset", - "type": "string" - }, - "EndpointName": { - "markdownDescription": "An endpoint in customer's account which has enabled `DataCaptureConfig` enabled.", - "title": "EndpointName", - "type": "string" - }, - "FeaturesAttribute": { - "markdownDescription": "The attributes of the input data that are the input features.", - "title": "FeaturesAttribute", - "type": "string" - }, - "InferenceAttribute": { - "markdownDescription": "The attribute of the input data that represents the ground truth label.", - "title": "InferenceAttribute", - "type": "string" - }, - "LocalPath": { - "markdownDescription": "Path to the filesystem where the endpoint data is available to the container.", - "title": "LocalPath", - "type": "string" - }, - "ProbabilityAttribute": { - "markdownDescription": "In a classification problem, the attribute that represents the class probability.", - "title": "ProbabilityAttribute", - "type": "string" + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeDefaultValues", + "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", + "title": "DefaultValues" }, - "ProbabilityThresholdAttribute": { - "markdownDescription": "The threshold for the class probability to be evaluated as a positive result.", - "title": "ProbabilityThresholdAttribute", - "type": "number" + "MappedDataSetParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MappedDataSetParameter" + }, + "markdownDescription": "", + "title": "MappedDataSetParameters", + "type": "array" }, - "S3DataDistributionType": { - "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an Amazon S3 key. Defaults to `FullyReplicated`", - "title": "S3DataDistributionType", + "Name": { + "markdownDescription": "The name of the parameter that is being declared.", + "title": "Name", "type": "string" }, - "S3InputMode": { - "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", - "title": "S3InputMode", + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", "type": "string" }, - "StartTimeOffset": { - "markdownDescription": "If specified, monitoring jobs substract this time from the start time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", - "title": "StartTimeOffset", - "type": "string" + "ValueWhenUnset": { + "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeValueWhenUnsetConfiguration", + "markdownDescription": "The configuration that defines the default value of a `DateTime` parameter when a value has not been set.", + "title": "ValueWhenUnset" } }, "required": [ - "EndpointName", - "LocalPath" + "Name" ], "type": "object" }, - "AWS::SageMaker::ModelBiasJobDefinition.Json": { + "AWS::QuickSight::Template.DateTimePickerControlDisplayOptions": { "additionalProperties": false, "properties": { - "Line": { - "markdownDescription": "", - "title": "Line", - "type": "boolean" + "DateIconVisibility": { + "markdownDescription": "The date icon visibility of the `DateTimePickerControlDisplayOptions` .", + "title": "DateIconVisibility", + "type": "object" + }, + "DateTimeFormat": { + "markdownDescription": "Customize how dates are formatted in controls.", + "title": "DateTimeFormat", + "type": "string" + }, + "HelperTextVisibility": { + "markdownDescription": "The helper text visibility of the `DateTimePickerControlDisplayOptions` .", + "title": "HelperTextVisibility", + "type": "object" + }, + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" } }, "type": "object" }, - "AWS::SageMaker::ModelBiasJobDefinition.ModelBiasAppSpecification": { + "AWS::QuickSight::Template.DateTimeValueWhenUnsetConfiguration": { "additionalProperties": false, "properties": { - "ConfigUri": { - "markdownDescription": "JSON formatted S3 file that defines bias parameters. For more information on this JSON configuration file, see [Configure bias parameters](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-config-json-monitor-bias-parameters.html) .", - "title": "ConfigUri", + "CustomValue": { + "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", + "title": "CustomValue", "type": "string" }, - "Environment": { - "additionalProperties": true, - "markdownDescription": "Sets the environment variables in the Docker container.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Environment", - "type": "object" - }, - "ImageUri": { - "markdownDescription": "The container image to be run by the model bias job.", - "title": "ImageUri", + "ValueWhenUnsetOption": { + "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", + "title": "ValueWhenUnsetOption", "type": "string" } }, - "required": [ - "ConfigUri", - "ImageUri" - ], "type": "object" }, - "AWS::SageMaker::ModelBiasJobDefinition.ModelBiasBaselineConfig": { + "AWS::QuickSight::Template.DecimalDefaultValues": { "additionalProperties": false, "properties": { - "BaseliningJobName": { - "markdownDescription": "The name of the baseline model bias job.", - "title": "BaseliningJobName", - "type": "string" + "DynamicValue": { + "$ref": "#/definitions/AWS::QuickSight::Template.DynamicDefaultValue", + "markdownDescription": "The dynamic value of the `DecimalDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", + "title": "DynamicValue" }, - "ConstraintsResource": { - "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.ConstraintsResource", - "markdownDescription": "The constraints resource for a monitoring job.", - "title": "ConstraintsResource" + "StaticValues": { + "items": { + "type": "number" + }, + "markdownDescription": "The static values of the `DecimalDefaultValues` .", + "title": "StaticValues", + "type": "array" } }, "type": "object" }, - "AWS::SageMaker::ModelBiasJobDefinition.ModelBiasJobInput": { + "AWS::QuickSight::Template.DecimalParameterDeclaration": { "additionalProperties": false, "properties": { - "BatchTransformInput": { - "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.BatchTransformInput", - "markdownDescription": "Input object for the batch transform job.", - "title": "BatchTransformInput" + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::Template.DecimalDefaultValues", + "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", + "title": "DefaultValues" }, - "EndpointInput": { - "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.EndpointInput", - "markdownDescription": "Input object for the endpoint", - "title": "EndpointInput" + "MappedDataSetParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MappedDataSetParameter" + }, + "markdownDescription": "", + "title": "MappedDataSetParameters", + "type": "array" }, - "GroundTruthS3Input": { - "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.MonitoringGroundTruthS3Input", - "markdownDescription": "Location of ground truth labels to use in model bias job.", - "title": "GroundTruthS3Input" + "Name": { + "markdownDescription": "The name of the parameter that is being declared.", + "title": "Name", + "type": "string" + }, + "ParameterValueType": { + "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", + "title": "ParameterValueType", + "type": "string" + }, + "ValueWhenUnset": { + "$ref": "#/definitions/AWS::QuickSight::Template.DecimalValueWhenUnsetConfiguration", + "markdownDescription": "The configuration that defines the default value of a `Decimal` parameter when a value has not been set.", + "title": "ValueWhenUnset" } }, "required": [ - "GroundTruthS3Input" + "Name", + "ParameterValueType" ], "type": "object" }, - "AWS::SageMaker::ModelBiasJobDefinition.MonitoringGroundTruthS3Input": { + "AWS::QuickSight::Template.DecimalPlacesConfiguration": { "additionalProperties": false, "properties": { - "S3Uri": { - "markdownDescription": "The address of the Amazon S3 location of the ground truth labels.", - "title": "S3Uri", - "type": "string" + "DecimalPlaces": { + "markdownDescription": "The values of the decimal places.", + "title": "DecimalPlaces", + "type": "number" } }, "required": [ - "S3Uri" + "DecimalPlaces" ], "type": "object" }, - "AWS::SageMaker::ModelBiasJobDefinition.MonitoringOutput": { + "AWS::QuickSight::Template.DecimalValueWhenUnsetConfiguration": { "additionalProperties": false, "properties": { - "S3Output": { - "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.S3Output", - "markdownDescription": "The Amazon S3 storage location where the results of a monitoring job are saved.", - "title": "S3Output" + "CustomValue": { + "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", + "title": "CustomValue", + "type": "number" + }, + "ValueWhenUnsetOption": { + "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", + "title": "ValueWhenUnsetOption", + "type": "string" } }, - "required": [ - "S3Output" - ], "type": "object" }, - "AWS::SageMaker::ModelBiasJobDefinition.MonitoringOutputConfig": { + "AWS::QuickSight::Template.DefaultDateTimePickerControlOptions": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "The AWS Key Management Service ( AWS KMS ) key that Amazon SageMaker AI uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption.", - "title": "KmsKeyId", + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `DateTimePickerControl` .", + "title": "CommitMode", "type": "string" }, - "MonitoringOutputs": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.MonitoringOutput" - }, - "markdownDescription": "Monitoring outputs for monitoring jobs. This is where the output of the periodic monitoring jobs is uploaded.", - "title": "MonitoringOutputs", - "type": "array" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DateTimePickerControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "Type": { + "markdownDescription": "The date time picker type of the `DefaultDateTimePickerControlOptions` . Choose one of the following options:\n\n- `SINGLE_VALUED` : The filter condition is a fixed date.\n- `DATE_RANGE` : The filter condition is a date time range.", + "title": "Type", + "type": "string" } }, - "required": [ - "MonitoringOutputs" - ], "type": "object" }, - "AWS::SageMaker::ModelBiasJobDefinition.MonitoringResources": { + "AWS::QuickSight::Template.DefaultFilterControlConfiguration": { "additionalProperties": false, "properties": { - "ClusterConfig": { - "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.ClusterConfig", - "markdownDescription": "The configuration for the cluster resources used to run the processing job.", - "title": "ClusterConfig" + "ControlOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlOptions", + "markdownDescription": "The control option for the `DefaultFilterControlConfiguration` .", + "title": "ControlOptions" + }, + "Title": { + "markdownDescription": "The title of the `DefaultFilterControlConfiguration` . This title is shared by all controls that are tied to this filter.", + "title": "Title", + "type": "string" } }, "required": [ - "ClusterConfig" + "ControlOptions", + "Title" ], "type": "object" }, - "AWS::SageMaker::ModelBiasJobDefinition.NetworkConfig": { + "AWS::QuickSight::Template.DefaultFilterControlOptions": { "additionalProperties": false, "properties": { - "EnableInterContainerTrafficEncryption": { - "markdownDescription": "Whether to encrypt all communications between distributed processing jobs. Choose `True` to encrypt communications. Encryption provides greater security for distributed processing jobs, but the processing might take longer.", - "title": "EnableInterContainerTrafficEncryption", - "type": "boolean" + "DefaultDateTimePickerOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultDateTimePickerControlOptions", + "markdownDescription": "The default options that correspond to the filter control type of a `DateTimePicker` .", + "title": "DefaultDateTimePickerOptions" }, - "EnableNetworkIsolation": { - "markdownDescription": "Whether to allow inbound and outbound network calls to and from the containers used for the processing job.", - "title": "EnableNetworkIsolation", - "type": "boolean" + "DefaultDropdownOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterDropDownControlOptions", + "markdownDescription": "The default options that correspond to the `Dropdown` filter control type.", + "title": "DefaultDropdownOptions" }, - "VpcConfig": { - "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.VpcConfig", - "markdownDescription": "Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC.", - "title": "VpcConfig" + "DefaultListOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterListControlOptions", + "markdownDescription": "The default options that correspond to the `List` filter control type.", + "title": "DefaultListOptions" + }, + "DefaultRelativeDateTimeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultRelativeDateTimeControlOptions", + "markdownDescription": "The default options that correspond to the `RelativeDateTime` filter control type.", + "title": "DefaultRelativeDateTimeOptions" + }, + "DefaultSliderOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultSliderControlOptions", + "markdownDescription": "The default options that correspond to the `Slider` filter control type.", + "title": "DefaultSliderOptions" + }, + "DefaultTextAreaOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultTextAreaControlOptions", + "markdownDescription": "The default options that correspond to the `TextArea` filter control type.", + "title": "DefaultTextAreaOptions" + }, + "DefaultTextFieldOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultTextFieldControlOptions", + "markdownDescription": "The default options that correspond to the `TextField` filter control type.", + "title": "DefaultTextFieldOptions" } }, "type": "object" }, - "AWS::SageMaker::ModelBiasJobDefinition.S3Output": { + "AWS::QuickSight::Template.DefaultFilterDropDownControlOptions": { "additionalProperties": false, "properties": { - "LocalPath": { - "markdownDescription": "The local path to the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job. `LocalPath` is an absolute path for the output data.", - "title": "LocalPath", + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `FilterDropDownControl` .", + "title": "CommitMode", "type": "string" }, - "S3UploadMode": { - "markdownDescription": "Whether to upload the results of the monitoring job continuously or after the job completes.", - "title": "S3UploadMode", - "type": "string" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DropDownControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" }, - "S3Uri": { - "markdownDescription": "A URI that identifies the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job.", - "title": "S3Uri", + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "Type": { + "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", + "title": "Type", "type": "string" } }, - "required": [ - "LocalPath", - "S3Uri" - ], "type": "object" }, - "AWS::SageMaker::ModelBiasJobDefinition.StoppingCondition": { + "AWS::QuickSight::Template.DefaultFilterListControlOptions": { "additionalProperties": false, "properties": { - "MaxRuntimeInSeconds": { - "markdownDescription": "The maximum length of time, in seconds, that a training or compilation job can run before it is stopped.\n\nFor compilation jobs, if the job does not complete during this time, a `TimeOut` error is generated. We recommend starting with 900 seconds and increasing as necessary based on your model.\n\nFor all other jobs, if the job does not complete during this time, SageMaker ends the job. When `RetryStrategy` is specified in the job request, `MaxRuntimeInSeconds` specifies the maximum time for all of the attempts in total, not each individual attempt. The default value is 1 day. The maximum value is 28 days.\n\nThe maximum time that a `TrainingJob` can run in total, including any time spent publishing metrics or archiving and uploading models after it has been stopped, is 30 days.", - "title": "MaxRuntimeInSeconds", - "type": "number" - } - }, - "required": [ - "MaxRuntimeInSeconds" - ], - "type": "object" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ListControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "Type": { + "markdownDescription": "The type of the `DefaultFilterListControlOptions` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list.", + "title": "Type", + "type": "string" + } + }, + "type": "object" }, - "AWS::SageMaker::ModelBiasJobDefinition.VpcConfig": { + "AWS::QuickSight::Template.DefaultFreeFormLayoutConfiguration": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The VPC security group IDs, in the form `sg-xxxxxxxx` . Specify the security groups for the VPC that is specified in the `Subnets` field.", - "title": "SecurityGroupIds", - "type": "array" - }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "The ID of the subnets in the VPC to which you want to connect your training job or model. For information about the availability of specific instance types, see [Supported Instance Types and Availability Zones](https://docs.aws.amazon.com/sagemaker/latest/dg/instance-types-az.html) .", - "title": "Subnets", - "type": "array" + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutCanvasSizeOptions", + "markdownDescription": "Determines the screen canvas size options for a free-form layout.", + "title": "CanvasSizeOptions" } }, "required": [ - "SecurityGroupIds", - "Subnets" + "CanvasSizeOptions" ], "type": "object" }, - "AWS::SageMaker::ModelCard": { + "AWS::QuickSight::Template.DefaultGridLayoutConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Content": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.Content", - "markdownDescription": "The content of the model card. Content uses the [model card JSON schema](https://docs.aws.amazon.com/sagemaker/latest/dg/model-cards.html#model-cards-json-schema) .", - "title": "Content" - }, - "CreatedBy": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.UserContext", - "markdownDescription": "Information about the user who created or modified one or more of the following:\n\n- Experiment\n- Trial\n- Trial component\n- Lineage group\n- Project\n- Model Card", - "title": "CreatedBy" - }, - "LastModifiedBy": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.UserContext", - "markdownDescription": "", - "title": "LastModifiedBy" - }, - "ModelCardName": { - "markdownDescription": "The unique name of the model card.", - "title": "ModelCardName", - "type": "string" - }, - "ModelCardStatus": { - "markdownDescription": "The approval status of the model card within your organization. Different organizations might have different criteria for model card review and approval.\n\n- `Draft` : The model card is a work in progress.\n- `PendingReview` : The model card is pending review.\n- `Approved` : The model card is approved.\n- `Archived` : The model card is archived. No more updates should be made to the model card, but it can still be exported.", - "title": "ModelCardStatus", - "type": "string" - }, - "SecurityConfig": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.SecurityConfig", - "markdownDescription": "The security configuration used to protect model card data.", - "title": "SecurityConfig" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Key-value pairs used to manage metadata for the model card.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Content", - "ModelCardName", - "ModelCardStatus" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::SageMaker::ModelCard" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.GridLayoutCanvasSizeOptions", + "markdownDescription": "Determines the screen canvas size options for a grid layout.", + "title": "CanvasSizeOptions" } }, "required": [ - "Type", - "Properties" + "CanvasSizeOptions" ], "type": "object" }, - "AWS::SageMaker::ModelCard.AdditionalInformation": { + "AWS::QuickSight::Template.DefaultInteractiveLayoutConfiguration": { "additionalProperties": false, "properties": { - "CaveatsAndRecommendations": { - "markdownDescription": "Caveats and recommendations for those who might use this model in their applications.", - "title": "CaveatsAndRecommendations", - "type": "string" - }, - "CustomDetails": { - "additionalProperties": true, - "markdownDescription": "Any additional information to document about the model.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "CustomDetails", - "type": "object" + "FreeForm": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFreeFormLayoutConfiguration", + "markdownDescription": "The options that determine the default settings of a free-form layout configuration.", + "title": "FreeForm" }, - "EthicalConsiderations": { - "markdownDescription": "Any ethical considerations documented by the model card author.", - "title": "EthicalConsiderations", - "type": "string" + "Grid": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultGridLayoutConfiguration", + "markdownDescription": "The options that determine the default settings for a grid layout configuration.", + "title": "Grid" } }, "type": "object" }, - "AWS::SageMaker::ModelCard.BusinessDetails": { + "AWS::QuickSight::Template.DefaultNewSheetConfiguration": { "additionalProperties": false, "properties": { - "BusinessProblem": { - "markdownDescription": "The specific business problem that the model is trying to solve.", - "title": "BusinessProblem", - "type": "string" + "InteractiveLayoutConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultInteractiveLayoutConfiguration", + "markdownDescription": "The options that determine the default settings for interactive layout configuration.", + "title": "InteractiveLayoutConfiguration" }, - "BusinessStakeholders": { - "markdownDescription": "The relevant stakeholders for the model.", - "title": "BusinessStakeholders", - "type": "string" + "PaginatedLayoutConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultPaginatedLayoutConfiguration", + "markdownDescription": "The options that determine the default settings for a paginated layout configuration.", + "title": "PaginatedLayoutConfiguration" }, - "LineOfBusiness": { - "markdownDescription": "The broader business need that the model is serving.", - "title": "LineOfBusiness", + "SheetContentType": { + "markdownDescription": "The option that determines the sheet content type.", + "title": "SheetContentType", "type": "string" } }, "type": "object" }, - "AWS::SageMaker::ModelCard.Container": { + "AWS::QuickSight::Template.DefaultPaginatedLayoutConfiguration": { "additionalProperties": false, "properties": { - "Image": { - "markdownDescription": "", - "title": "Image", - "type": "string" - }, - "ModelDataUrl": { - "markdownDescription": "", - "title": "ModelDataUrl", + "SectionBased": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultSectionBasedLayoutConfiguration", + "markdownDescription": "The options that determine the default settings for a section-based layout configuration.", + "title": "SectionBased" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DefaultRelativeDateTimeControlOptions": { + "additionalProperties": false, + "properties": { + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `RelativeDateTimeControl` .", + "title": "CommitMode", "type": "string" }, - "NearestModelName": { - "markdownDescription": "", - "title": "NearestModelName", - "type": "string" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.RelativeDateTimeControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DefaultSectionBasedLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SectionBasedLayoutCanvasSizeOptions", + "markdownDescription": "Determines the screen canvas size options for a section-based layout.", + "title": "CanvasSizeOptions" } }, "required": [ - "Image" + "CanvasSizeOptions" ], "type": "object" }, - "AWS::SageMaker::ModelCard.Content": { + "AWS::QuickSight::Template.DefaultSliderControlOptions": { "additionalProperties": false, "properties": { - "AdditionalInformation": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.AdditionalInformation", - "markdownDescription": "Additional information about the model.", - "title": "AdditionalInformation" - }, - "BusinessDetails": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.BusinessDetails", - "markdownDescription": "Information about how the model supports business goals.", - "title": "BusinessDetails" - }, - "EvaluationDetails": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.EvaluationDetail" - }, - "markdownDescription": "An overview about the model's evaluation.", - "title": "EvaluationDetails", - "type": "array" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SliderControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" }, - "IntendedUses": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.IntendedUses", - "markdownDescription": "The intended usage of the model.", - "title": "IntendedUses" + "MaximumValue": { + "markdownDescription": "The larger value that is displayed at the right of the slider.", + "title": "MaximumValue", + "type": "number" }, - "ModelOverview": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.ModelOverview", - "markdownDescription": "An overview about the model", - "title": "ModelOverview" + "MinimumValue": { + "markdownDescription": "The smaller value that is displayed at the left of the slider.", + "title": "MinimumValue", + "type": "number" }, - "ModelPackageDetails": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.ModelPackageDetails", - "markdownDescription": "", - "title": "ModelPackageDetails" + "StepSize": { + "markdownDescription": "The number of increments that the slider bar is divided into.", + "title": "StepSize", + "type": "number" }, - "TrainingDetails": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.TrainingDetails", - "markdownDescription": "An overview about model training.", - "title": "TrainingDetails" + "Type": { + "markdownDescription": "The type of the `DefaultSliderControlOptions` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range.", + "title": "Type", + "type": "string" } }, + "required": [ + "MaximumValue", + "MinimumValue", + "StepSize" + ], "type": "object" }, - "AWS::SageMaker::ModelCard.EvaluationDetail": { + "AWS::QuickSight::Template.DefaultTextAreaControlOptions": { "additionalProperties": false, "properties": { - "Datasets": { - "items": { - "type": "string" - }, - "markdownDescription": "The location of the datasets used to evaluate the model.", - "title": "Datasets", - "type": "array" - }, - "EvaluationJobArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the evaluation job.", - "title": "EvaluationJobArn", + "Delimiter": { + "markdownDescription": "The delimiter that is used to separate the lines in text.", + "title": "Delimiter", "type": "string" }, - "EvaluationObservation": { - "markdownDescription": "Any observations made during the model evaluation.", - "title": "EvaluationObservation", + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TextAreaControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DefaultTextFieldControlOptions": { + "additionalProperties": false, + "properties": { + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TextFieldControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DestinationParameterValueConfiguration": { + "additionalProperties": false, + "properties": { + "CustomValuesConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomValuesConfiguration", + "markdownDescription": "The configuration of custom values for destination parameter in `DestinationParameterValueConfiguration` .", + "title": "CustomValuesConfiguration" + }, + "SelectAllValueOptions": { + "markdownDescription": "The configuration that selects all options.", + "title": "SelectAllValueOptions", "type": "string" }, - "Metadata": { - "additionalProperties": true, - "markdownDescription": "Additional attributes associated with the evaluation results.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Metadata", - "type": "object" + "SourceColumn": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "A column of a data set.", + "title": "SourceColumn" }, - "MetricGroups": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.MetricGroup" - }, - "markdownDescription": "An evaluation Metric Group object.", - "title": "MetricGroups", - "type": "array" + "SourceField": { + "markdownDescription": "The source field ID of the destination parameter.", + "title": "SourceField", + "type": "string" }, - "Name": { - "markdownDescription": "The evaluation job name.", - "title": "Name", + "SourceParameterName": { + "markdownDescription": "The source parameter name of the destination parameter.", + "title": "SourceParameterName", "type": "string" } }, - "required": [ - "Name" - ], "type": "object" }, - "AWS::SageMaker::ModelCard.Function": { + "AWS::QuickSight::Template.DimensionField": { "additionalProperties": false, "properties": { - "Condition": { - "markdownDescription": "An optional description of any conditions of your objective function metric.", - "title": "Condition", - "type": "string" + "CategoricalDimensionField": { + "$ref": "#/definitions/AWS::QuickSight::Template.CategoricalDimensionField", + "markdownDescription": "The dimension type field with categorical type columns.", + "title": "CategoricalDimensionField" }, - "Facet": { - "markdownDescription": "The metric of the model's objective function. For example, *loss* or *rmse* . The following list shows examples of the values that you can specify for the metric:\n\n- `ACCURACY`\n- `AUC`\n- `LOSS`\n- `MAE`\n- `RMSE`", - "title": "Facet", - "type": "string" + "DateDimensionField": { + "$ref": "#/definitions/AWS::QuickSight::Template.DateDimensionField", + "markdownDescription": "The dimension type field with date type columns.", + "title": "DateDimensionField" }, - "Function": { - "markdownDescription": "The optimization direction of the model's objective function. You must specify one of the following values:\n\n- `Maximize`\n- `Minimize`", - "title": "Function", - "type": "string" + "NumericalDimensionField": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericalDimensionField", + "markdownDescription": "The dimension type field with numerical type columns.", + "title": "NumericalDimensionField" } }, "type": "object" }, - "AWS::SageMaker::ModelCard.InferenceEnvironment": { + "AWS::QuickSight::Template.DonutCenterOptions": { "additionalProperties": false, "properties": { - "ContainerImage": { - "items": { - "type": "string" - }, - "markdownDescription": "The container used to run the inference environment.", - "title": "ContainerImage", - "type": "array" + "LabelVisibility": { + "markdownDescription": "Determines the visibility of the label in a donut chart. In the Amazon QuickSight console, this option is called `'Show total'` .", + "title": "LabelVisibility", + "type": "object" } }, "type": "object" }, - "AWS::SageMaker::ModelCard.InferenceSpecification": { + "AWS::QuickSight::Template.DonutOptions": { "additionalProperties": false, "properties": { - "Containers": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.Container" - }, - "markdownDescription": "The Amazon ECR registry path of the Docker image that contains the inference code.", - "title": "Containers", - "type": "array" + "ArcOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ArcOptions", + "markdownDescription": "The option for define the arc of the chart shape. Valid values are as follows:\n\n- `WHOLE` - A pie chart\n- `SMALL` - A small-sized donut chart\n- `MEDIUM` - A medium-sized donut chart\n- `LARGE` - A large-sized donut chart", + "title": "ArcOptions" + }, + "DonutCenterOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DonutCenterOptions", + "markdownDescription": "The label options of the label that is displayed in the center of a donut chart. This option isn't available for pie charts.", + "title": "DonutCenterOptions" } }, - "required": [ - "Containers" - ], "type": "object" }, - "AWS::SageMaker::ModelCard.IntendedUses": { + "AWS::QuickSight::Template.DrillDownFilter": { "additionalProperties": false, "properties": { - "ExplanationsForRiskRating": { - "markdownDescription": "An explanation of why your organization categorizes the model with its risk rating.", - "title": "ExplanationsForRiskRating", - "type": "string" - }, - "FactorsAffectingModelEfficiency": { - "markdownDescription": "Factors affecting model efficacy.", - "title": "FactorsAffectingModelEfficiency", - "type": "string" - }, - "IntendedUses": { - "markdownDescription": "The intended use cases for the model.", - "title": "IntendedUses", - "type": "string" + "CategoryFilter": { + "$ref": "#/definitions/AWS::QuickSight::Template.CategoryDrillDownFilter", + "markdownDescription": "The category type drill down filter. This filter is used for string type columns.", + "title": "CategoryFilter" }, - "PurposeOfModel": { - "markdownDescription": "The general purpose of the model.", - "title": "PurposeOfModel", - "type": "string" + "NumericEqualityFilter": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericEqualityDrillDownFilter", + "markdownDescription": "The numeric equality type drill down filter. This filter is used for number type columns.", + "title": "NumericEqualityFilter" }, - "RiskRating": { - "markdownDescription": "Your organization's risk rating. You can specify one the following values as the risk rating:\n\n- High\n- Medium\n- Low\n- Unknown", - "title": "RiskRating", - "type": "string" + "TimeRangeFilter": { + "$ref": "#/definitions/AWS::QuickSight::Template.TimeRangeDrillDownFilter", + "markdownDescription": "The time range drill down filter. This filter is used for date time columns.", + "title": "TimeRangeFilter" } }, "type": "object" }, - "AWS::SageMaker::ModelCard.MetricDataItems": { + "AWS::QuickSight::Template.DropDownControlDisplayOptions": { "additionalProperties": false, "properties": { - "Name": { - "type": "string" - }, - "Notes": { - "type": "string" - }, - "Type": { - "type": "string" - }, - "Value": { - "type": "object" + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" }, - "XAxisName": { - "items": { - "type": "string" - }, - "type": "array" + "SelectAllOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ListControlSelectAllOptions", + "markdownDescription": "The configuration of the `Select all` options in a dropdown control.", + "title": "SelectAllOptions" }, - "YAxisName": { - "items": { - "type": "string" - }, - "type": "array" + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" } }, - "required": [ - "Name", - "Type", - "Value" - ], "type": "object" }, - "AWS::SageMaker::ModelCard.MetricGroup": { + "AWS::QuickSight::Template.DynamicDefaultValue": { "additionalProperties": false, "properties": { - "MetricData": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.MetricDataItems" - }, - "markdownDescription": "A list of metric objects. The `MetricDataItems` list can have one of the following values:\n\n- `bar_chart_metric`\n- `matrix_metric`\n- `simple_metric`\n- `linear_graph_metric`\n\nFor more information about the metric schema, see the definition section of the [model card JSON schema](https://docs.aws.amazon.com/sagemaker/latest/dg/model-cards.html#model-cards-json-schema) .", - "title": "MetricData", - "type": "array" + "DefaultValueColumn": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that contains the default value of each user or group.", + "title": "DefaultValueColumn" }, - "Name": { - "markdownDescription": "The metric group name.", - "title": "Name", - "type": "string" + "GroupNameColumn": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that contains the group name.", + "title": "GroupNameColumn" + }, + "UserNameColumn": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that contains the username.", + "title": "UserNameColumn" } }, "required": [ - "MetricData", - "Name" + "DefaultValueColumn" ], "type": "object" }, - "AWS::SageMaker::ModelCard.ModelOverview": { + "AWS::QuickSight::Template.EmptyVisual": { "additionalProperties": false, "properties": { - "AlgorithmType": { - "markdownDescription": "The algorithm used to solve the problem.", - "title": "AlgorithmType", - "type": "string" - }, - "InferenceEnvironment": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.InferenceEnvironment", - "markdownDescription": "An overview about model inference.", - "title": "InferenceEnvironment" - }, - "ModelArtifact": { + "Actions": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" }, - "markdownDescription": "The location of the model artifact.", - "title": "ModelArtifact", + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", "type": "array" }, - "ModelCreator": { - "markdownDescription": "The creator of the model.", - "title": "ModelCreator", - "type": "string" - }, - "ModelDescription": { - "markdownDescription": "A description of the model.", - "title": "ModelDescription", - "type": "string" - }, - "ModelId": { - "markdownDescription": "The SageMaker AI Model ARN or non- SageMaker AI Model ID.", - "title": "ModelId", - "type": "string" - }, - "ModelName": { - "markdownDescription": "The name of the model.", - "title": "ModelName", - "type": "string" - }, - "ModelOwner": { - "markdownDescription": "The owner of the model.", - "title": "ModelOwner", + "DataSetIdentifier": { + "markdownDescription": "The data set that is used in the empty visual. Every visual requires a dataset to render.", + "title": "DataSetIdentifier", "type": "string" }, - "ModelVersion": { - "markdownDescription": "The version of the model.", - "title": "ModelVersion", - "type": "number" - }, - "ProblemType": { - "markdownDescription": "The problem being solved with the model.", - "title": "ProblemType", + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", "type": "string" } }, + "required": [ + "DataSetIdentifier", + "VisualId" + ], "type": "object" }, - "AWS::SageMaker::ModelCard.ModelPackageCreator": { + "AWS::QuickSight::Template.Entity": { "additionalProperties": false, "properties": { - "UserProfileName": { - "markdownDescription": "", - "title": "UserProfileName", + "Path": { + "markdownDescription": "The hierarchical path of the entity within the analysis, template, or dashboard definition tree.", + "title": "Path", "type": "string" } }, "type": "object" }, - "AWS::SageMaker::ModelCard.ModelPackageDetails": { + "AWS::QuickSight::Template.ExcludePeriodConfiguration": { "additionalProperties": false, "properties": { - "ApprovalDescription": { - "markdownDescription": "", - "title": "ApprovalDescription", - "type": "string" - }, - "CreatedBy": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.ModelPackageCreator", - "markdownDescription": "", - "title": "CreatedBy" - }, - "Domain": { - "markdownDescription": "", - "title": "Domain", - "type": "string" - }, - "InferenceSpecification": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.InferenceSpecification", - "markdownDescription": "", - "title": "InferenceSpecification" - }, - "ModelApprovalStatus": { - "markdownDescription": "", - "title": "ModelApprovalStatus", - "type": "string" - }, - "ModelPackageArn": { - "markdownDescription": "", - "title": "ModelPackageArn", - "type": "string" - }, - "ModelPackageDescription": { - "markdownDescription": "", - "title": "ModelPackageDescription", - "type": "string" - }, - "ModelPackageGroupName": { - "markdownDescription": "", - "title": "ModelPackageGroupName", - "type": "string" + "Amount": { + "markdownDescription": "The amount or number of the exclude period.", + "title": "Amount", + "type": "number" }, - "ModelPackageName": { - "markdownDescription": "", - "title": "ModelPackageName", + "Granularity": { + "markdownDescription": "The granularity or unit (day, month, year) of the exclude period.", + "title": "Granularity", "type": "string" }, - "ModelPackageStatus": { - "markdownDescription": "", - "title": "ModelPackageStatus", + "Status": { + "markdownDescription": "The status of the exclude period. Choose from the following options:\n\n- `ENABLED`\n- `DISABLED`", + "title": "Status", "type": "string" + } + }, + "required": [ + "Amount", + "Granularity" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ExplicitHierarchy": { + "additionalProperties": false, + "properties": { + "Columns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier" + }, + "markdownDescription": "The list of columns that define the explicit hierarchy.", + "title": "Columns", + "type": "array" }, - "ModelPackageVersion": { - "markdownDescription": "", - "title": "ModelPackageVersion", - "type": "number" - }, - "SourceAlgorithms": { + "DrillDownFilters": { "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.SourceAlgorithm" + "$ref": "#/definitions/AWS::QuickSight::Template.DrillDownFilter" }, - "markdownDescription": "", - "title": "SourceAlgorithms", + "markdownDescription": "The option that determines the drill down filters for the explicit hierarchy.", + "title": "DrillDownFilters", "type": "array" }, - "Task": { - "markdownDescription": "", - "title": "Task", + "HierarchyId": { + "markdownDescription": "The hierarchy ID of the explicit hierarchy.", + "title": "HierarchyId", "type": "string" } }, + "required": [ + "Columns", + "HierarchyId" + ], "type": "object" }, - "AWS::SageMaker::ModelCard.ObjectiveFunction": { + "AWS::QuickSight::Template.FieldBasedTooltip": { "additionalProperties": false, "properties": { - "Function": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.Function", - "markdownDescription": "A function object that details optimization direction, metric, and additional descriptions.", - "title": "Function" + "AggregationVisibility": { + "markdownDescription": "The visibility of `Show aggregations` .", + "title": "AggregationVisibility", + "type": "object" }, - "Notes": { - "markdownDescription": "Notes about the object function, including other considerations for possible objective functions.", - "title": "Notes", + "TooltipFields": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.TooltipItem" + }, + "markdownDescription": "The fields configuration in the tooltip.", + "title": "TooltipFields", + "type": "array" + }, + "TooltipTitleType": { + "markdownDescription": "The type for the >tooltip title. Choose one of the following options:\n\n- `NONE` : Doesn't use the primary value as the title.\n- `PRIMARY_VALUE` : Uses primary value as the title.", + "title": "TooltipTitleType", "type": "string" } }, "type": "object" }, - "AWS::SageMaker::ModelCard.SecurityConfig": { + "AWS::QuickSight::Template.FieldLabelType": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "A AWS Key Management Service [key ID](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id-key-id) used to encrypt a model card.", - "title": "KmsKeyId", + "FieldId": { + "markdownDescription": "Indicates the field that is targeted by the field label.", + "title": "FieldId", "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the field label.", + "title": "Visibility", + "type": "object" } }, "type": "object" }, - "AWS::SageMaker::ModelCard.SourceAlgorithm": { + "AWS::QuickSight::Template.FieldSeriesItem": { "additionalProperties": false, "properties": { - "AlgorithmName": { - "markdownDescription": "The name of an algorithm that was used to create the model package. The algorithm must be either an algorithm resource in your SageMaker account or an algorithm in AWS Marketplace that you are subscribed to.", - "title": "AlgorithmName", + "AxisBinding": { + "markdownDescription": "The axis that you are binding the field to.", + "title": "AxisBinding", "type": "string" }, - "ModelDataUrl": { - "markdownDescription": "The Amazon S3 path where the model artifacts, which result from model training, are stored. This path must point to a single `gzip` compressed tar archive ( `.tar.gz` suffix).\n\n> The model artifacts must be in an S3 bucket that is in the same AWS region as the algorithm.", - "title": "ModelDataUrl", + "FieldId": { + "markdownDescription": "The field ID of the field for which you are setting the axis binding.", + "title": "FieldId", "type": "string" + }, + "Settings": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineChartSeriesSettings", + "markdownDescription": "The options that determine the presentation of line series associated to the field.", + "title": "Settings" } }, "required": [ - "AlgorithmName" + "AxisBinding", + "FieldId" ], "type": "object" }, - "AWS::SageMaker::ModelCard.TrainingDetails": { + "AWS::QuickSight::Template.FieldSort": { "additionalProperties": false, "properties": { - "ObjectiveFunction": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.ObjectiveFunction", - "markdownDescription": "The function that is optimized during model training.", - "title": "ObjectiveFunction" - }, - "TrainingJobDetails": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.TrainingJobDetails", - "markdownDescription": "Details about any associated training jobs.", - "title": "TrainingJobDetails" + "Direction": { + "markdownDescription": "The sort direction. Choose one of the following options:\n\n- `ASC` : Ascending\n- `DESC` : Descending", + "title": "Direction", + "type": "string" }, - "TrainingObservations": { - "markdownDescription": "Any observations about training.", - "title": "TrainingObservations", + "FieldId": { + "markdownDescription": "The sort configuration target field.", + "title": "FieldId", "type": "string" } }, + "required": [ + "Direction", + "FieldId" + ], "type": "object" }, - "AWS::SageMaker::ModelCard.TrainingEnvironment": { + "AWS::QuickSight::Template.FieldSortOptions": { "additionalProperties": false, "properties": { - "ContainerImage": { - "items": { - "type": "string" - }, - "markdownDescription": "SageMaker AI inference image URI.", - "title": "ContainerImage", - "type": "array" + "ColumnSort": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnSort", + "markdownDescription": "The sort configuration for a column that is not used in a field well.", + "title": "ColumnSort" + }, + "FieldSort": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSort", + "markdownDescription": "The sort configuration for a field in a field well.", + "title": "FieldSort" } }, "type": "object" }, - "AWS::SageMaker::ModelCard.TrainingHyperParameter": { + "AWS::QuickSight::Template.FieldTooltipItem": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the hyper parameter.", - "title": "Name", + "FieldId": { + "markdownDescription": "The unique ID of the field that is targeted by the tooltip.", + "title": "FieldId", "type": "string" }, - "Value": { - "markdownDescription": "The value specified for the hyper parameter.", - "title": "Value", + "Label": { + "markdownDescription": "The label of the tooltip item.", + "title": "Label", + "type": "string" + }, + "TooltipTarget": { + "markdownDescription": "Determines the target of the field tooltip item in a combo chart visual.", + "title": "TooltipTarget", "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the tooltip item.", + "title": "Visibility", + "type": "object" } }, "required": [ - "Name", - "Value" + "FieldId" ], "type": "object" }, - "AWS::SageMaker::ModelCard.TrainingJobDetails": { + "AWS::QuickSight::Template.FilledMapAggregatedFieldWells": { "additionalProperties": false, "properties": { - "HyperParameters": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.TrainingHyperParameter" - }, - "markdownDescription": "The hyper parameters used in the training job.", - "title": "HyperParameters", - "type": "array" - }, - "TrainingArn": { - "markdownDescription": "The SageMaker AI training job Amazon Resource Name (ARN)", - "title": "TrainingArn", - "type": "string" - }, - "TrainingDatasets": { - "items": { - "type": "string" - }, - "markdownDescription": "The location of the datasets used to train the model.", - "title": "TrainingDatasets", - "type": "array" - }, - "TrainingEnvironment": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.TrainingEnvironment", - "markdownDescription": "The SageMaker AI training job image URI.", - "title": "TrainingEnvironment" - }, - "TrainingMetrics": { + "Geospatial": { "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.TrainingMetric" + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, - "markdownDescription": "The SageMaker AI training job results.", - "title": "TrainingMetrics", + "markdownDescription": "The aggregated location field well of the filled map. Values are grouped by location fields.", + "title": "Geospatial", "type": "array" }, - "UserProvidedHyperParameters": { + "Values": { "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.TrainingHyperParameter" + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" }, - "markdownDescription": "Additional hyper parameters that you've specified when training the model.", - "title": "UserProvidedHyperParameters", + "markdownDescription": "The aggregated color field well of a filled map. Values are aggregated based on location fields.", + "title": "Values", "type": "array" - }, - "UserProvidedTrainingMetrics": { + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FilledMapConditionalFormatting": { + "additionalProperties": false, + "properties": { + "ConditionalFormattingOptions": { "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.TrainingMetric" + "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapConditionalFormattingOption" }, - "markdownDescription": "Custom training job results.", - "title": "UserProvidedTrainingMetrics", + "markdownDescription": "Conditional formatting options of a `FilledMapVisual` .", + "title": "ConditionalFormattingOptions", "type": "array" } }, + "required": [ + "ConditionalFormattingOptions" + ], "type": "object" }, - "AWS::SageMaker::ModelCard.TrainingMetric": { + "AWS::QuickSight::Template.FilledMapConditionalFormattingOption": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the result from the SageMaker AI training job.", - "title": "Name", - "type": "string" - }, - "Notes": { - "markdownDescription": "Any additional notes describing the result of the training job.", - "title": "Notes", - "type": "string" - }, - "Value": { - "markdownDescription": "The value of a result from the SageMaker AI training job.", - "title": "Value", - "type": "number" + "Shape": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapShapeConditionalFormatting", + "markdownDescription": "The conditional formatting that determines the shape of the filled map.", + "title": "Shape" } }, "required": [ - "Name", - "Value" + "Shape" ], "type": "object" }, - "AWS::SageMaker::ModelCard.UserContext": { + "AWS::QuickSight::Template.FilledMapConfiguration": { "additionalProperties": false, "properties": { - "DomainId": { - "markdownDescription": "The domain associated with the user.", - "title": "DomainId", - "type": "string" + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" }, - "UserProfileArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the user's profile.", - "title": "UserProfileArn", - "type": "string" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" }, - "UserProfileName": { - "markdownDescription": "The name of the user's profile.", - "title": "UserProfileName", - "type": "string" + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "MapStyleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialMapStyleOptions", + "markdownDescription": "The map style options of the filled map visual.", + "title": "MapStyleOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapSortConfiguration", + "markdownDescription": "The sort configuration of a `FilledMapVisual` .", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + }, + "WindowOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialWindowOptions", + "markdownDescription": "The window options of the filled map visual.", + "title": "WindowOptions" } }, "type": "object" }, - "AWS::SageMaker::ModelExplainabilityJobDefinition": { + "AWS::QuickSight::Template.FilledMapFieldWells": { "additionalProperties": false, "properties": { - "Condition": { + "FilledMapAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapAggregatedFieldWells", + "markdownDescription": "The aggregated field well of the filled map.", + "title": "FilledMapAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FilledMapShapeConditionalFormatting": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The field ID of the filled map shape.", + "title": "FieldId", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Format": { + "$ref": "#/definitions/AWS::QuickSight::Template.ShapeConditionalFormat", + "markdownDescription": "The conditional formatting that determines the background color of a filled map's shape.", + "title": "Format" + } + }, + "required": [ + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.FilledMapSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the location fields.", + "title": "CategorySort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FilledMapVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" }, - "Properties": { - "additionalProperties": false, - "properties": { - "EndpointName": { - "markdownDescription": "", - "title": "EndpointName", - "type": "string" - }, - "JobDefinitionName": { - "markdownDescription": "The name of the model explainability job definition. The name must be unique within an AWS Region in the AWS account.", - "title": "JobDefinitionName", - "type": "string" - }, - "JobResources": { - "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.MonitoringResources", - "markdownDescription": "Identifies the resources to deploy for a monitoring job.", - "title": "JobResources" - }, - "ModelExplainabilityAppSpecification": { - "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.ModelExplainabilityAppSpecification", - "markdownDescription": "Configures the model explainability job to run a specified Docker container image.", - "title": "ModelExplainabilityAppSpecification" - }, - "ModelExplainabilityBaselineConfig": { - "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.ModelExplainabilityBaselineConfig", - "markdownDescription": "The baseline configuration for a model explainability job.", - "title": "ModelExplainabilityBaselineConfig" - }, - "ModelExplainabilityJobInput": { - "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.ModelExplainabilityJobInput", - "markdownDescription": "Inputs for the model explainability job.", - "title": "ModelExplainabilityJobInput" - }, - "ModelExplainabilityJobOutputConfig": { - "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.MonitoringOutputConfig", - "markdownDescription": "The output configuration for monitoring jobs.", - "title": "ModelExplainabilityJobOutputConfig" - }, - "NetworkConfig": { - "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.NetworkConfig", - "markdownDescription": "Networking options for a model explainability job.", - "title": "NetworkConfig" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to perform tasks on your behalf.", - "title": "RoleArn", - "type": "string" - }, - "StoppingCondition": { - "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.StoppingCondition", - "markdownDescription": "A time limit for how long the monitoring job is allowed to run before stopping.", - "title": "StoppingCondition" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" }, - "required": [ - "JobResources", - "ModelExplainabilityAppSpecification", - "ModelExplainabilityJobInput", - "ModelExplainabilityJobOutputConfig", - "RoleArn" - ], - "type": "object" + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" }, - "Type": { - "enum": [ - "AWS::SageMaker::ModelExplainabilityJobDefinition" - ], + "ConditionalFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapConditionalFormatting", + "markdownDescription": "The conditional formatting of a `FilledMapVisual` .", + "title": "ConditionalFormatting" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", "type": "string" } }, "required": [ - "Type", - "Properties" + "VisualId" ], "type": "object" }, - "AWS::SageMaker::ModelExplainabilityJobDefinition.BatchTransformInput": { + "AWS::QuickSight::Template.Filter": { "additionalProperties": false, "properties": { - "DataCapturedDestinationS3Uri": { - "markdownDescription": "The Amazon S3 location being used to capture the data.", - "title": "DataCapturedDestinationS3Uri", - "type": "string" + "CategoryFilter": { + "$ref": "#/definitions/AWS::QuickSight::Template.CategoryFilter", + "markdownDescription": "A `CategoryFilter` filters text values.\n\nFor more information, see [Adding text filters](https://docs.aws.amazon.com/quicksight/latest/user/add-a-text-filter-data-prep.html) in the *Amazon QuickSight User Guide* .", + "title": "CategoryFilter" }, - "DatasetFormat": { - "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.DatasetFormat", - "markdownDescription": "The dataset format for your batch transform job.", - "title": "DatasetFormat" + "NestedFilter": { + "$ref": "#/definitions/AWS::QuickSight::Template.NestedFilter", + "markdownDescription": "A `NestedFilter` filters data with a subset of data that is defined by the nested inner filter.", + "title": "NestedFilter" }, - "FeaturesAttribute": { - "markdownDescription": "The attributes of the input data that are the input features.", - "title": "FeaturesAttribute", - "type": "string" + "NumericEqualityFilter": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericEqualityFilter", + "markdownDescription": "A `NumericEqualityFilter` filters numeric values that equal or do not equal a given numeric value.", + "title": "NumericEqualityFilter" }, - "InferenceAttribute": { - "markdownDescription": "The attribute of the input data that represents the ground truth label.", - "title": "InferenceAttribute", - "type": "string" + "NumericRangeFilter": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericRangeFilter", + "markdownDescription": "A `NumericRangeFilter` filters numeric values that are either inside or outside a given numeric range.", + "title": "NumericRangeFilter" }, - "LocalPath": { - "markdownDescription": "Path to the filesystem where the batch transform data is available to the container.", - "title": "LocalPath", - "type": "string" + "RelativeDatesFilter": { + "$ref": "#/definitions/AWS::QuickSight::Template.RelativeDatesFilter", + "markdownDescription": "A `RelativeDatesFilter` filters date values that are relative to a given date.", + "title": "RelativeDatesFilter" }, - "ProbabilityAttribute": { - "markdownDescription": "In a classification problem, the attribute that represents the class probability.", - "title": "ProbabilityAttribute", - "type": "string" + "TimeEqualityFilter": { + "$ref": "#/definitions/AWS::QuickSight::Template.TimeEqualityFilter", + "markdownDescription": "A `TimeEqualityFilter` filters date-time values that equal or do not equal a given date/time value.", + "title": "TimeEqualityFilter" }, - "S3DataDistributionType": { - "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defaults to `FullyReplicated`", - "title": "S3DataDistributionType", - "type": "string" + "TimeRangeFilter": { + "$ref": "#/definitions/AWS::QuickSight::Template.TimeRangeFilter", + "markdownDescription": "A `TimeRangeFilter` filters date-time values that are either inside or outside a given date/time range.", + "title": "TimeRangeFilter" }, - "S3InputMode": { - "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", - "title": "S3InputMode", - "type": "string" + "TopBottomFilter": { + "$ref": "#/definitions/AWS::QuickSight::Template.TopBottomFilter", + "markdownDescription": "A `TopBottomFilter` filters data to the top or bottom values for a given column.", + "title": "TopBottomFilter" } }, - "required": [ - "DataCapturedDestinationS3Uri", - "DatasetFormat", - "LocalPath" - ], "type": "object" }, - "AWS::SageMaker::ModelExplainabilityJobDefinition.ClusterConfig": { + "AWS::QuickSight::Template.FilterControl": { "additionalProperties": false, "properties": { - "InstanceCount": { - "markdownDescription": "The number of ML compute instances to use in the model monitoring job. For distributed processing jobs, specify a value greater than 1. The default value is 1.", - "title": "InstanceCount", - "type": "number" + "CrossSheet": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterCrossSheetControl", + "markdownDescription": "A control from a filter that is scoped across more than one sheet. This represents your filter control on a sheet", + "title": "CrossSheet" }, - "InstanceType": { - "markdownDescription": "The ML compute instance type for the processing job.", - "title": "InstanceType", - "type": "string" + "DateTimePicker": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterDateTimePickerControl", + "markdownDescription": "A control from a date filter that is used to specify date and time.", + "title": "DateTimePicker" }, - "VolumeKmsKeyId": { - "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance(s) that run the model monitoring job.", - "title": "VolumeKmsKeyId", - "type": "string" + "Dropdown": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterDropDownControl", + "markdownDescription": "A control to display a dropdown list with buttons that are used to select a single value.", + "title": "Dropdown" }, - "VolumeSizeInGB": { - "markdownDescription": "The size of the ML storage volume, in gigabytes, that you want to provision. You must specify sufficient ML storage for your scenario.", - "title": "VolumeSizeInGB", - "type": "number" + "List": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterListControl", + "markdownDescription": "A control to display a list of buttons or boxes. This is used to select either a single value or multiple values.", + "title": "List" + }, + "RelativeDateTime": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterRelativeDateTimeControl", + "markdownDescription": "A control from a date filter that is used to specify the relative date.", + "title": "RelativeDateTime" + }, + "Slider": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterSliderControl", + "markdownDescription": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle.", + "title": "Slider" + }, + "TextArea": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterTextAreaControl", + "markdownDescription": "A control to display a text box that is used to enter multiple entries.", + "title": "TextArea" + }, + "TextField": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterTextFieldControl", + "markdownDescription": "A control to display a text box that is used to enter a single entry.", + "title": "TextField" } }, - "required": [ - "InstanceCount", - "InstanceType", - "VolumeSizeInGB" - ], "type": "object" }, - "AWS::SageMaker::ModelExplainabilityJobDefinition.ConstraintsResource": { + "AWS::QuickSight::Template.FilterCrossSheetControl": { "additionalProperties": false, "properties": { - "S3Uri": { - "markdownDescription": "The Amazon S3 URI for the constraints resource.", - "title": "S3Uri", + "CascadingControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.CascadingControlConfiguration", + "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", + "title": "CascadingControlConfiguration" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterCrossSheetControl` .", + "title": "FilterControlId", + "type": "string" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterCrossSheetControl` .", + "title": "SourceFilterId", "type": "string" } }, + "required": [ + "FilterControlId", + "SourceFilterId" + ], "type": "object" }, - "AWS::SageMaker::ModelExplainabilityJobDefinition.Csv": { - "additionalProperties": false, - "properties": { - "Header": { - "markdownDescription": "", - "title": "Header", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::SageMaker::ModelExplainabilityJobDefinition.DatasetFormat": { + "AWS::QuickSight::Template.FilterDateTimePickerControl": { "additionalProperties": false, "properties": { - "Csv": { - "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.Csv", - "markdownDescription": "", - "title": "Csv" + "CommitMode": { + "markdownDescription": "The visibility configurationof the Apply button on a `DateTimePickerControl` .", + "title": "CommitMode", + "type": "string" }, - "Json": { - "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.Json", - "markdownDescription": "", - "title": "Json" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DateTimePickerControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" }, - "Parquet": { - "markdownDescription": "", - "title": "Parquet", - "type": "boolean" + "FilterControlId": { + "markdownDescription": "The ID of the `FilterDateTimePickerControl` .", + "title": "FilterControlId", + "type": "string" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterDateTimePickerControl` .", + "title": "SourceFilterId", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `FilterDateTimePickerControl` .", + "title": "Title", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", + "title": "Type", + "type": "string" } }, + "required": [ + "FilterControlId", + "SourceFilterId", + "Title" + ], "type": "object" }, - "AWS::SageMaker::ModelExplainabilityJobDefinition.EndpointInput": { + "AWS::QuickSight::Template.FilterDropDownControl": { "additionalProperties": false, "properties": { - "EndpointName": { - "markdownDescription": "An endpoint in customer's account which has enabled `DataCaptureConfig` enabled.", - "title": "EndpointName", - "type": "string" + "CascadingControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.CascadingControlConfiguration", + "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", + "title": "CascadingControlConfiguration" }, - "FeaturesAttribute": { - "markdownDescription": "The attributes of the input data that are the input features.", - "title": "FeaturesAttribute", + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `FilterDropDownControl` .", + "title": "CommitMode", "type": "string" }, - "InferenceAttribute": { - "markdownDescription": "The attribute of the input data that represents the ground truth label.", - "title": "InferenceAttribute", - "type": "string" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DropDownControlDisplayOptions", + "markdownDescription": "The display options of the `FilterDropDownControl` .", + "title": "DisplayOptions" }, - "LocalPath": { - "markdownDescription": "Path to the filesystem where the endpoint data is available to the container.", - "title": "LocalPath", + "FilterControlId": { + "markdownDescription": "The ID of the `FilterDropDownControl` .", + "title": "FilterControlId", "type": "string" }, - "ProbabilityAttribute": { - "markdownDescription": "In a classification problem, the attribute that represents the class probability.", - "title": "ProbabilityAttribute", + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterDropDownControl` .", + "title": "SourceFilterId", "type": "string" }, - "S3DataDistributionType": { - "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an Amazon S3 key. Defaults to `FullyReplicated`", - "title": "S3DataDistributionType", + "Title": { + "markdownDescription": "The title of the `FilterDropDownControl` .", + "title": "Title", "type": "string" }, - "S3InputMode": { - "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", - "title": "S3InputMode", + "Type": { + "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", + "title": "Type", "type": "string" } }, "required": [ - "EndpointName", - "LocalPath" + "FilterControlId", + "SourceFilterId", + "Title" ], "type": "object" }, - "AWS::SageMaker::ModelExplainabilityJobDefinition.Json": { - "additionalProperties": false, - "properties": { - "Line": { - "markdownDescription": "", - "title": "Line", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::SageMaker::ModelExplainabilityJobDefinition.ModelExplainabilityAppSpecification": { + "AWS::QuickSight::Template.FilterGroup": { "additionalProperties": false, "properties": { - "ConfigUri": { - "markdownDescription": "JSON formatted Amazon S3 file that defines explainability parameters. For more information on this JSON configuration file, see [Configure model explainability parameters](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-config-json-monitor-model-explainability-parameters.html) .", - "title": "ConfigUri", + "CrossDataset": { + "markdownDescription": "The filter new feature which can apply filter group to all data sets. Choose one of the following options:\n\n- `ALL_DATASETS`\n- `SINGLE_DATASET`", + "title": "CrossDataset", "type": "string" }, - "Environment": { - "additionalProperties": true, - "markdownDescription": "Sets the environment variables in the Docker container.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "FilterGroupId": { + "markdownDescription": "The value that uniquely identifies a `FilterGroup` within a dashboard, template, or analysis.", + "title": "FilterGroupId", + "type": "string" + }, + "Filters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.Filter" }, - "title": "Environment", - "type": "object" + "markdownDescription": "The list of filters that are present in a `FilterGroup` .", + "title": "Filters", + "type": "array" }, - "ImageUri": { - "markdownDescription": "The container image to be run by the model explainability job.", - "title": "ImageUri", + "ScopeConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterScopeConfiguration", + "markdownDescription": "The configuration that specifies what scope to apply to a `FilterGroup` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", + "title": "ScopeConfiguration" + }, + "Status": { + "markdownDescription": "The status of the `FilterGroup` .", + "title": "Status", "type": "string" } }, "required": [ - "ConfigUri", - "ImageUri" + "CrossDataset", + "FilterGroupId", + "Filters", + "ScopeConfiguration" ], "type": "object" }, - "AWS::SageMaker::ModelExplainabilityJobDefinition.ModelExplainabilityBaselineConfig": { + "AWS::QuickSight::Template.FilterListConfiguration": { "additionalProperties": false, "properties": { - "BaseliningJobName": { - "markdownDescription": "The name of the baseline model explainability job.", - "title": "BaseliningJobName", + "CategoryValues": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of category values for the filter.", + "title": "CategoryValues", + "type": "array" + }, + "MatchOperator": { + "markdownDescription": "The match operator that is used to determine if a filter should be applied.", + "title": "MatchOperator", "type": "string" }, - "ConstraintsResource": { - "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.ConstraintsResource", - "markdownDescription": "The constraints resource for a model explainability job.", - "title": "ConstraintsResource" - } - }, - "type": "object" - }, - "AWS::SageMaker::ModelExplainabilityJobDefinition.ModelExplainabilityJobInput": { - "additionalProperties": false, - "properties": { - "BatchTransformInput": { - "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.BatchTransformInput", - "markdownDescription": "Input object for the batch transform job.", - "title": "BatchTransformInput" + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" }, - "EndpointInput": { - "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.EndpointInput", - "markdownDescription": "Input object for the endpoint", - "title": "EndpointInput" + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", + "type": "string" } }, + "required": [ + "MatchOperator" + ], "type": "object" }, - "AWS::SageMaker::ModelExplainabilityJobDefinition.MonitoringOutput": { + "AWS::QuickSight::Template.FilterListControl": { "additionalProperties": false, "properties": { - "S3Output": { - "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.S3Output", - "markdownDescription": "The Amazon S3 storage location where the results of a monitoring job are saved.", - "title": "S3Output" + "CascadingControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.CascadingControlConfiguration", + "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", + "title": "CascadingControlConfiguration" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ListControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterListControl` .", + "title": "FilterControlId", + "type": "string" + }, + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterListControl` .", + "title": "SourceFilterId", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `FilterListControl` .", + "title": "Title", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the `FilterListControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list.", + "title": "Type", + "type": "string" } }, "required": [ - "S3Output" + "FilterControlId", + "SourceFilterId", + "Title" ], "type": "object" }, - "AWS::SageMaker::ModelExplainabilityJobDefinition.MonitoringOutputConfig": { + "AWS::QuickSight::Template.FilterOperationSelectedFieldsConfiguration": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "The AWS Key Management Service ( AWS KMS ) key that Amazon SageMaker AI uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption.", - "title": "KmsKeyId", + "SelectedColumns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier" + }, + "markdownDescription": "The selected columns of a dataset.", + "title": "SelectedColumns", + "type": "array" + }, + "SelectedFieldOptions": { + "markdownDescription": "A structure that contains the options that choose which fields are filtered in the `CustomActionFilterOperation` .\n\nValid values are defined as follows:\n\n- `ALL_FIELDS` : Applies the filter operation to all fields.", + "title": "SelectedFieldOptions", "type": "string" }, - "MonitoringOutputs": { + "SelectedFields": { "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.MonitoringOutput" + "type": "string" }, - "markdownDescription": "Monitoring outputs for monitoring jobs. This is where the output of the periodic monitoring jobs is uploaded.", - "title": "MonitoringOutputs", + "markdownDescription": "Chooses the fields that are filtered in `CustomActionFilterOperation` .", + "title": "SelectedFields", "type": "array" } }, - "required": [ - "MonitoringOutputs" - ], "type": "object" }, - "AWS::SageMaker::ModelExplainabilityJobDefinition.MonitoringResources": { + "AWS::QuickSight::Template.FilterOperationTargetVisualsConfiguration": { "additionalProperties": false, "properties": { - "ClusterConfig": { - "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.ClusterConfig", - "markdownDescription": "The configuration for the cluster resources used to run the processing job.", - "title": "ClusterConfig" + "SameSheetTargetVisualConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.SameSheetTargetVisualConfiguration", + "markdownDescription": "The configuration of the same-sheet target visuals that you want to be filtered.", + "title": "SameSheetTargetVisualConfiguration" } }, - "required": [ - "ClusterConfig" - ], "type": "object" }, - "AWS::SageMaker::ModelExplainabilityJobDefinition.NetworkConfig": { + "AWS::QuickSight::Template.FilterRelativeDateTimeControl": { "additionalProperties": false, "properties": { - "EnableInterContainerTrafficEncryption": { - "markdownDescription": "Whether to encrypt all communications between distributed processing jobs. Choose `True` to encrypt communications. Encryption provides greater security for distributed processing jobs, but the processing might take longer.", - "title": "EnableInterContainerTrafficEncryption", - "type": "boolean" + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `FilterRelativeDateTimeControl` .", + "title": "CommitMode", + "type": "string" }, - "EnableNetworkIsolation": { - "markdownDescription": "Whether to allow inbound and outbound network calls to and from the containers used for the processing job.", - "title": "EnableNetworkIsolation", - "type": "boolean" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.RelativeDateTimeControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" }, - "VpcConfig": { - "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.VpcConfig", - "markdownDescription": "Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC.", - "title": "VpcConfig" - } - }, - "type": "object" - }, - "AWS::SageMaker::ModelExplainabilityJobDefinition.S3Output": { - "additionalProperties": false, - "properties": { - "LocalPath": { - "markdownDescription": "The local path to the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job. LocalPath is an absolute path for the output data.", - "title": "LocalPath", + "FilterControlId": { + "markdownDescription": "The ID of the `FilterTextAreaControl` .", + "title": "FilterControlId", "type": "string" }, - "S3UploadMode": { - "markdownDescription": "Whether to upload the results of the monitoring job continuously or after the job completes.", - "title": "S3UploadMode", + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterTextAreaControl` .", + "title": "SourceFilterId", "type": "string" }, - "S3Uri": { - "markdownDescription": "A URI that identifies the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job.", - "title": "S3Uri", + "Title": { + "markdownDescription": "The title of the `FilterTextAreaControl` .", + "title": "Title", "type": "string" } }, "required": [ - "LocalPath", - "S3Uri" + "FilterControlId", + "SourceFilterId", + "Title" ], "type": "object" }, - "AWS::SageMaker::ModelExplainabilityJobDefinition.StoppingCondition": { + "AWS::QuickSight::Template.FilterScopeConfiguration": { "additionalProperties": false, "properties": { - "MaxRuntimeInSeconds": { - "markdownDescription": "The maximum length of time, in seconds, that a training or compilation job can run before it is stopped.\n\nFor compilation jobs, if the job does not complete during this time, a `TimeOut` error is generated. We recommend starting with 900 seconds and increasing as necessary based on your model.\n\nFor all other jobs, if the job does not complete during this time, SageMaker ends the job. When `RetryStrategy` is specified in the job request, `MaxRuntimeInSeconds` specifies the maximum time for all of the attempts in total, not each individual attempt. The default value is 1 day. The maximum value is 28 days.\n\nThe maximum time that a `TrainingJob` can run in total, including any time spent publishing metrics or archiving and uploading models after it has been stopped, is 30 days.", - "title": "MaxRuntimeInSeconds", - "type": "number" + "AllSheets": { + "markdownDescription": "The configuration that applies a filter to all sheets. When you choose `AllSheets` as the value for a `FilterScopeConfiguration` , this filter is applied to all visuals of all sheets in an Analysis, Dashboard, or Template. The `AllSheetsFilterScopeConfiguration` is chosen.", + "title": "AllSheets", + "type": "object" + }, + "SelectedSheets": { + "$ref": "#/definitions/AWS::QuickSight::Template.SelectedSheetsFilterScopeConfiguration", + "markdownDescription": "The configuration for applying a filter to specific sheets.", + "title": "SelectedSheets" } }, - "required": [ - "MaxRuntimeInSeconds" - ], "type": "object" }, - "AWS::SageMaker::ModelExplainabilityJobDefinition.VpcConfig": { + "AWS::QuickSight::Template.FilterSelectableValues": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The VPC security group IDs, in the form `sg-xxxxxxxx` . Specify the security groups for the VPC that is specified in the `Subnets` field.", - "title": "SecurityGroupIds", - "type": "array" - }, - "Subnets": { + "Values": { "items": { "type": "string" }, - "markdownDescription": "The ID of the subnets in the VPC to which you want to connect your training job or model. For information about the availability of specific instance types, see [Supported Instance Types and Availability Zones](https://docs.aws.amazon.com/sagemaker/latest/dg/instance-types-az.html) .", - "title": "Subnets", + "markdownDescription": "The values that are used in the `FilterSelectableValues` .", + "title": "Values", "type": "array" } }, - "required": [ - "SecurityGroupIds", - "Subnets" - ], "type": "object" }, - "AWS::SageMaker::ModelPackage": { + "AWS::QuickSight::Template.FilterSliderControl": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SliderControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FilterControlId": { + "markdownDescription": "The ID of the `FilterSliderControl` .", + "title": "FilterControlId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "MaximumValue": { + "markdownDescription": "The larger value that is displayed at the right of the slider.", + "title": "MaximumValue", + "type": "number" }, - "Metadata": { - "type": "object" + "MinimumValue": { + "markdownDescription": "The smaller value that is displayed at the left of the slider.", + "title": "MinimumValue", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AdditionalInferenceSpecifications": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.AdditionalInferenceSpecificationDefinition" - }, - "markdownDescription": "An array of additional Inference Specification objects.", - "title": "AdditionalInferenceSpecifications", - "type": "array" - }, - "AdditionalInferenceSpecificationsToAdd": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.AdditionalInferenceSpecificationDefinition" - }, - "markdownDescription": "An array of additional Inference Specification objects to be added to the existing array. The total number of additional Inference Specification objects cannot exceed 15. Each additional Inference Specification object specifies artifacts based on this model package that can be used on inference endpoints. Generally used with SageMaker Neo to store the compiled artifacts.", - "title": "AdditionalInferenceSpecificationsToAdd", - "type": "array" - }, - "ApprovalDescription": { - "markdownDescription": "A description provided when the model approval is set.", - "title": "ApprovalDescription", - "type": "string" - }, - "CertifyForMarketplace": { - "markdownDescription": "Whether the model package is to be certified to be listed on AWS Marketplace. For information about listing model packages on AWS Marketplace, see [List Your Algorithm or Model Package on AWS Marketplace](https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-mkt-list.html) .", - "title": "CertifyForMarketplace", - "type": "boolean" - }, - "ClientToken": { - "markdownDescription": "A unique token that guarantees that the call to this API is idempotent.", - "title": "ClientToken", - "type": "string" - }, - "CustomerMetadataProperties": { - "additionalProperties": true, - "markdownDescription": "The metadata properties for the model package.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "CustomerMetadataProperties", - "type": "object" - }, - "Domain": { - "markdownDescription": "The machine learning domain of your model package and its components. Common machine learning domains include computer vision and natural language processing.", - "title": "Domain", - "type": "string" - }, - "DriftCheckBaselines": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.DriftCheckBaselines", - "markdownDescription": "Represents the drift check baselines that can be used when the model monitor is set using the model package.", - "title": "DriftCheckBaselines" - }, - "InferenceSpecification": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.InferenceSpecification", - "markdownDescription": "Defines how to perform inference generation after a training job is run.", - "title": "InferenceSpecification" - }, - "LastModifiedTime": { - "markdownDescription": "The last time the model package was modified.", - "title": "LastModifiedTime", - "type": "string" - }, - "MetadataProperties": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetadataProperties", - "markdownDescription": "Metadata properties of the tracking entity, trial, or trial component.", - "title": "MetadataProperties" - }, - "ModelApprovalStatus": { - "markdownDescription": "The approval status of the model. This can be one of the following values.\n\n- `APPROVED` - The model is approved\n- `REJECTED` - The model is rejected.\n- `PENDING_MANUAL_APPROVAL` - The model is waiting for manual approval.", - "title": "ModelApprovalStatus", - "type": "string" - }, - "ModelMetrics": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelMetrics", - "markdownDescription": "Metrics for the model.", - "title": "ModelMetrics" - }, - "ModelPackageDescription": { - "markdownDescription": "The description of the model package.", - "title": "ModelPackageDescription", - "type": "string" - }, - "ModelPackageGroupName": { - "markdownDescription": "The model group to which the model belongs.", - "title": "ModelPackageGroupName", - "type": "string" - }, - "ModelPackageName": { - "markdownDescription": "The name of the model package. The name can be as follows:\n\n- For a versioned model, the name is automatically generated by SageMaker Model Registry and follows the format ' `ModelPackageGroupName/ModelPackageVersion` '.\n- For an unversioned model, you must provide the name.", - "title": "ModelPackageName", - "type": "string" - }, - "ModelPackageStatusDetails": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelPackageStatusDetails", - "markdownDescription": "Specifies the validation and image scan statuses of the model package.", - "title": "ModelPackageStatusDetails" - }, - "ModelPackageVersion": { - "markdownDescription": "The version number of a versioned model.", - "title": "ModelPackageVersion", - "type": "number" - }, - "SamplePayloadUrl": { - "markdownDescription": "The Amazon Simple Storage Service path where the sample payload are stored. This path must point to a single gzip compressed tar archive (.tar.gz suffix).", - "title": "SamplePayloadUrl", - "type": "string" - }, - "SkipModelValidation": { - "markdownDescription": "Indicates if you want to skip model validation.", - "title": "SkipModelValidation", - "type": "string" - }, - "SourceAlgorithmSpecification": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.SourceAlgorithmSpecification", - "markdownDescription": "A list of algorithms that were used to create a model package.", - "title": "SourceAlgorithmSpecification" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of the tags associated with the model package. For more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference Guide* .", - "title": "Tags", - "type": "array" - }, - "Task": { - "markdownDescription": "The machine learning task your model package accomplishes. Common machine learning tasks include object detection and image classification.", - "title": "Task", - "type": "string" - }, - "ValidationSpecification": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ValidationSpecification", - "markdownDescription": "Specifies batch transform jobs that SageMaker runs to validate your model package.", - "title": "ValidationSpecification" - } - }, - "type": "object" + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterSliderControl` .", + "title": "SourceFilterId", + "type": "string" }, - "Type": { - "enum": [ - "AWS::SageMaker::ModelPackage" - ], + "StepSize": { + "markdownDescription": "The number of increments that the slider bar is divided into.", + "title": "StepSize", + "type": "number" + }, + "Title": { + "markdownDescription": "The title of the `FilterSliderControl` .", + "title": "Title", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Type": { + "markdownDescription": "The type of the `FilterSliderControl` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range.", + "title": "Type", "type": "string" } }, "required": [ - "Type" + "FilterControlId", + "MaximumValue", + "MinimumValue", + "SourceFilterId", + "StepSize", + "Title" ], "type": "object" }, - "AWS::SageMaker::ModelPackage.AdditionalInferenceSpecificationDefinition": { + "AWS::QuickSight::Template.FilterTextAreaControl": { "additionalProperties": false, "properties": { - "Containers": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelPackageContainerDefinition" - }, - "markdownDescription": "The Amazon ECR registry path of the Docker image that contains the inference code.", - "title": "Containers", - "type": "array" + "Delimiter": { + "markdownDescription": "The delimiter that is used to separate the lines in text.", + "title": "Delimiter", + "type": "string" }, - "Description": { - "markdownDescription": "A description of the additional Inference specification", - "title": "Description", + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TextAreaControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterTextAreaControl` .", + "title": "FilterControlId", "type": "string" }, - "Name": { - "markdownDescription": "A unique name to identify the additional inference specification. The name must be unique within the list of your additional inference specifications for a particular model package.", - "title": "Name", + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterTextAreaControl` .", + "title": "SourceFilterId", "type": "string" }, - "SupportedContentTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The supported MIME types for the input data.", - "title": "SupportedContentTypes", - "type": "array" + "Title": { + "markdownDescription": "The title of the `FilterTextAreaControl` .", + "title": "Title", + "type": "string" + } + }, + "required": [ + "FilterControlId", + "SourceFilterId", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Template.FilterTextFieldControl": { + "additionalProperties": false, + "properties": { + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TextFieldControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" }, - "SupportedRealtimeInferenceInstanceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the instance types that are used to generate inferences in real-time.", - "title": "SupportedRealtimeInferenceInstanceTypes", - "type": "array" + "FilterControlId": { + "markdownDescription": "The ID of the `FilterTextFieldControl` .", + "title": "FilterControlId", + "type": "string" }, - "SupportedResponseMIMETypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The supported MIME types for the output data.", - "title": "SupportedResponseMIMETypes", - "type": "array" + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterTextFieldControl` .", + "title": "SourceFilterId", + "type": "string" }, - "SupportedTransformInstanceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the instance types on which a transformation job can be run or on which an endpoint can be deployed.", - "title": "SupportedTransformInstanceTypes", - "type": "array" + "Title": { + "markdownDescription": "The title of the `FilterTextFieldControl` .", + "title": "Title", + "type": "string" } }, "required": [ - "Containers", - "Name" + "FilterControlId", + "SourceFilterId", + "Title" ], "type": "object" }, - "AWS::SageMaker::ModelPackage.Bias": { + "AWS::QuickSight::Template.FontConfiguration": { "additionalProperties": false, "properties": { - "PostTrainingReport": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", - "markdownDescription": "The post-training bias report for a model.", - "title": "PostTrainingReport" + "FontColor": { + "markdownDescription": "Determines the color of the text.", + "title": "FontColor", + "type": "string" }, - "PreTrainingReport": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", - "markdownDescription": "The pre-training bias report for a model.", - "title": "PreTrainingReport" + "FontDecoration": { + "markdownDescription": "Determines the appearance of decorative lines on the text.", + "title": "FontDecoration", + "type": "string" }, - "Report": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", - "markdownDescription": "The bias report for a model", - "title": "Report" + "FontFamily": { + "markdownDescription": "The font family that you want to use.", + "title": "FontFamily", + "type": "string" + }, + "FontSize": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontSize", + "markdownDescription": "The option that determines the text display size.", + "title": "FontSize" + }, + "FontStyle": { + "markdownDescription": "Determines the text display face that is inherited by the given font family.", + "title": "FontStyle", + "type": "string" + }, + "FontWeight": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontWeight", + "markdownDescription": "The option that determines the text display weight, or boldness.", + "title": "FontWeight" } }, "type": "object" }, - "AWS::SageMaker::ModelPackage.DataSource": { + "AWS::QuickSight::Template.FontSize": { "additionalProperties": false, "properties": { - "S3DataSource": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.S3DataSource", - "markdownDescription": "The S3 location of the data source that is associated with a channel.", - "title": "S3DataSource" + "Absolute": { + "markdownDescription": "The font size that you want to use in px.", + "title": "Absolute", + "type": "string" + }, + "Relative": { + "markdownDescription": "The lexical name for the text size, proportional to its surrounding context.", + "title": "Relative", + "type": "string" } }, - "required": [ - "S3DataSource" - ], "type": "object" }, - "AWS::SageMaker::ModelPackage.DriftCheckBaselines": { + "AWS::QuickSight::Template.FontWeight": { "additionalProperties": false, "properties": { - "Bias": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.DriftCheckBias", - "markdownDescription": "Represents the drift check bias baselines that can be used when the model monitor is set using the model package.", - "title": "Bias" - }, - "Explainability": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.DriftCheckExplainability", - "markdownDescription": "Represents the drift check explainability baselines that can be used when the model monitor is set using the model package.", - "title": "Explainability" - }, - "ModelDataQuality": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.DriftCheckModelDataQuality", - "markdownDescription": "Represents the drift check model data quality baselines that can be used when the model monitor is set using the model package.", - "title": "ModelDataQuality" - }, - "ModelQuality": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.DriftCheckModelQuality", - "markdownDescription": "Represents the drift check model quality baselines that can be used when the model monitor is set using the model package.", - "title": "ModelQuality" + "Name": { + "markdownDescription": "The lexical name for the level of boldness of the text display.", + "title": "Name", + "type": "string" } }, "type": "object" }, - "AWS::SageMaker::ModelPackage.DriftCheckBias": { + "AWS::QuickSight::Template.ForecastComputation": { "additionalProperties": false, "properties": { - "ConfigFile": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.FileSource", - "markdownDescription": "The bias config file for a model.", - "title": "ConfigFile" + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" }, - "PostTrainingConstraints": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", - "markdownDescription": "The post-training constraints.", - "title": "PostTrainingConstraints" + "CustomSeasonalityValue": { + "markdownDescription": "The custom seasonality value setup of a forecast computation.", + "title": "CustomSeasonalityValue", + "type": "number" }, - "PreTrainingConstraints": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", - "markdownDescription": "The pre-training constraints.", - "title": "PreTrainingConstraints" + "LowerBoundary": { + "markdownDescription": "The lower boundary setup of a forecast computation.", + "title": "LowerBoundary", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "PeriodsBackward": { + "markdownDescription": "The periods backward setup of a forecast computation.", + "title": "PeriodsBackward", + "type": "number" + }, + "PeriodsForward": { + "markdownDescription": "The periods forward setup of a forecast computation.", + "title": "PeriodsForward", + "type": "number" + }, + "PredictionInterval": { + "markdownDescription": "The prediction interval setup of a forecast computation.", + "title": "PredictionInterval", + "type": "number" + }, + "Seasonality": { + "markdownDescription": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `AUTOMATIC`\n- `CUSTOM` : Checks the custom seasonality value.", + "title": "Seasonality", + "type": "string" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + }, + "UpperBoundary": { + "markdownDescription": "The upper boundary setup of a forecast computation.", + "title": "UpperBoundary", + "type": "number" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" } }, + "required": [ + "ComputationId" + ], "type": "object" }, - "AWS::SageMaker::ModelPackage.DriftCheckExplainability": { + "AWS::QuickSight::Template.ForecastConfiguration": { "additionalProperties": false, "properties": { - "ConfigFile": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.FileSource", - "markdownDescription": "The explainability config file for the model.", - "title": "ConfigFile" + "ForecastProperties": { + "$ref": "#/definitions/AWS::QuickSight::Template.TimeBasedForecastProperties", + "markdownDescription": "The forecast properties setup of a forecast in the line chart.", + "title": "ForecastProperties" }, - "Constraints": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", - "markdownDescription": "The drift check explainability constraints.", - "title": "Constraints" + "Scenario": { + "$ref": "#/definitions/AWS::QuickSight::Template.ForecastScenario", + "markdownDescription": "The forecast scenario of a forecast in the line chart.", + "title": "Scenario" } }, "type": "object" }, - "AWS::SageMaker::ModelPackage.DriftCheckModelDataQuality": { + "AWS::QuickSight::Template.ForecastScenario": { "additionalProperties": false, "properties": { - "Constraints": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", - "markdownDescription": "The drift check model data quality constraints.", - "title": "Constraints" + "WhatIfPointScenario": { + "$ref": "#/definitions/AWS::QuickSight::Template.WhatIfPointScenario", + "markdownDescription": "The what-if analysis forecast setup with the target date.", + "title": "WhatIfPointScenario" }, - "Statistics": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", - "markdownDescription": "The drift check model data quality statistics.", - "title": "Statistics" + "WhatIfRangeScenario": { + "$ref": "#/definitions/AWS::QuickSight::Template.WhatIfRangeScenario", + "markdownDescription": "The what-if analysis forecast setup with the date range.", + "title": "WhatIfRangeScenario" } }, "type": "object" }, - "AWS::SageMaker::ModelPackage.DriftCheckModelQuality": { + "AWS::QuickSight::Template.FormatConfiguration": { "additionalProperties": false, "properties": { - "Constraints": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", - "markdownDescription": "The drift check model quality constraints.", - "title": "Constraints" + "DateTimeFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeFormatConfiguration", + "markdownDescription": "Formatting configuration for `DateTime` fields.", + "title": "DateTimeFormatConfiguration" }, - "Statistics": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", - "markdownDescription": "The drift check model quality statistics.", - "title": "Statistics" + "NumberFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumberFormatConfiguration", + "markdownDescription": "Formatting configuration for number fields.", + "title": "NumberFormatConfiguration" + }, + "StringFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.StringFormatConfiguration", + "markdownDescription": "Formatting configuration for string fields.", + "title": "StringFormatConfiguration" } }, "type": "object" }, - "AWS::SageMaker::ModelPackage.Explainability": { + "AWS::QuickSight::Template.FreeFormLayoutCanvasSizeOptions": { "additionalProperties": false, "properties": { - "Report": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", - "markdownDescription": "The explainability report for a model.", - "title": "Report" + "ScreenCanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutScreenCanvasSizeOptions", + "markdownDescription": "The options that determine the sizing of the canvas used in a free-form layout.", + "title": "ScreenCanvasSizeOptions" } }, "type": "object" }, - "AWS::SageMaker::ModelPackage.FileSource": { + "AWS::QuickSight::Template.FreeFormLayoutConfiguration": { "additionalProperties": false, "properties": { - "ContentDigest": { - "markdownDescription": "The digest of the file source.", - "title": "ContentDigest", - "type": "string" - }, - "ContentType": { - "markdownDescription": "The type of content stored in the file source.", - "title": "ContentType", - "type": "string" + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutCanvasSizeOptions", + "markdownDescription": "", + "title": "CanvasSizeOptions" }, - "S3Uri": { - "markdownDescription": "The Amazon S3 URI for the file source.", - "title": "S3Uri", - "type": "string" + "Elements": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutElement" + }, + "markdownDescription": "The elements that are included in a free-form layout.", + "title": "Elements", + "type": "array" } }, "required": [ - "S3Uri" + "Elements" ], "type": "object" }, - "AWS::SageMaker::ModelPackage.InferenceSpecification": { + "AWS::QuickSight::Template.FreeFormLayoutElement": { "additionalProperties": false, "properties": { - "Containers": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelPackageContainerDefinition" - }, - "markdownDescription": "The Amazon ECR registry path of the Docker image that contains the inference code.", - "title": "Containers", - "type": "array" + "BackgroundStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutElementBackgroundStyle", + "markdownDescription": "The background style configuration of a free-form layout element.", + "title": "BackgroundStyle" }, - "SupportedContentTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The supported MIME types for the input data.", - "title": "SupportedContentTypes", - "type": "array" + "BorderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutElementBorderStyle", + "markdownDescription": "The border style configuration of a free-form layout element.", + "title": "BorderStyle" }, - "SupportedRealtimeInferenceInstanceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the instance types that are used to generate inferences in real-time.\n\nThis parameter is required for unversioned models, and optional for versioned models.", - "title": "SupportedRealtimeInferenceInstanceTypes", - "type": "array" + "ElementId": { + "markdownDescription": "A unique identifier for an element within a free-form layout.", + "title": "ElementId", + "type": "string" }, - "SupportedResponseMIMETypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The supported MIME types for the output data.", - "title": "SupportedResponseMIMETypes", - "type": "array" + "ElementType": { + "markdownDescription": "The type of element.", + "title": "ElementType", + "type": "string" }, - "SupportedTransformInstanceTypes": { + "Height": { + "markdownDescription": "The height of an element within a free-form layout.", + "title": "Height", + "type": "string" + }, + "LoadingAnimation": { + "$ref": "#/definitions/AWS::QuickSight::Template.LoadingAnimation", + "markdownDescription": "The loading animation configuration of a free-form layout element.", + "title": "LoadingAnimation" + }, + "RenderingRules": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Template.SheetElementRenderingRule" }, - "markdownDescription": "A list of the instance types on which a transformation job can be run or on which an endpoint can be deployed.\n\nThis parameter is required for unversioned models, and optional for versioned models.", - "title": "SupportedTransformInstanceTypes", + "markdownDescription": "The rendering rules that determine when an element should be displayed within a free-form layout.", + "title": "RenderingRules", "type": "array" + }, + "SelectedBorderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutElementBorderStyle", + "markdownDescription": "The border style configuration of a free-form layout element. This border style is used when the element is selected.", + "title": "SelectedBorderStyle" + }, + "Visibility": { + "markdownDescription": "The visibility of an element within a free-form layout.", + "title": "Visibility", + "type": "object" + }, + "Width": { + "markdownDescription": "The width of an element within a free-form layout.", + "title": "Width", + "type": "string" + }, + "XAxisLocation": { + "markdownDescription": "The x-axis coordinate of the element.", + "title": "XAxisLocation", + "type": "string" + }, + "YAxisLocation": { + "markdownDescription": "The y-axis coordinate of the element.", + "title": "YAxisLocation", + "type": "string" } }, "required": [ - "Containers", - "SupportedContentTypes", - "SupportedResponseMIMETypes" + "ElementId", + "ElementType", + "Height", + "Width", + "XAxisLocation", + "YAxisLocation" ], "type": "object" }, - "AWS::SageMaker::ModelPackage.MetadataProperties": { + "AWS::QuickSight::Template.FreeFormLayoutElementBackgroundStyle": { "additionalProperties": false, "properties": { - "CommitId": { - "markdownDescription": "The commit ID.", - "title": "CommitId", - "type": "string" - }, - "GeneratedBy": { - "markdownDescription": "The entity this entity was generated by.", - "title": "GeneratedBy", - "type": "string" - }, - "ProjectId": { - "markdownDescription": "The project ID.", - "title": "ProjectId", + "Color": { + "markdownDescription": "The background color of a free-form layout element.", + "title": "Color", "type": "string" }, - "Repository": { - "markdownDescription": "The repository.", - "title": "Repository", - "type": "string" + "Visibility": { + "markdownDescription": "The background visibility of a free-form layout element.", + "title": "Visibility", + "type": "object" } }, "type": "object" }, - "AWS::SageMaker::ModelPackage.MetricsSource": { + "AWS::QuickSight::Template.FreeFormLayoutElementBorderStyle": { "additionalProperties": false, "properties": { - "ContentDigest": { - "markdownDescription": "The hash key used for the metrics source.", - "title": "ContentDigest", - "type": "string" - }, - "ContentType": { - "markdownDescription": "The metric source content type.", - "title": "ContentType", + "Color": { + "markdownDescription": "The border color of a free-form layout element.", + "title": "Color", "type": "string" }, - "S3Uri": { - "markdownDescription": "The S3 URI for the metrics source.", - "title": "S3Uri", + "Visibility": { + "markdownDescription": "The border visibility of a free-form layout element.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FreeFormLayoutScreenCanvasSizeOptions": { + "additionalProperties": false, + "properties": { + "OptimizedViewPortWidth": { + "markdownDescription": "The width that the view port will be optimized for when the layout renders.", + "title": "OptimizedViewPortWidth", "type": "string" } }, "required": [ - "ContentType", - "S3Uri" + "OptimizedViewPortWidth" ], "type": "object" }, - "AWS::SageMaker::ModelPackage.ModelDataQuality": { + "AWS::QuickSight::Template.FreeFormSectionLayoutConfiguration": { "additionalProperties": false, "properties": { - "Constraints": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", - "markdownDescription": "Data quality constraints for a model.", - "title": "Constraints" - }, - "Statistics": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", - "markdownDescription": "Data quality statistics for a model.", - "title": "Statistics" + "Elements": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutElement" + }, + "markdownDescription": "The elements that are included in the free-form layout.", + "title": "Elements", + "type": "array" } }, + "required": [ + "Elements" + ], "type": "object" }, - "AWS::SageMaker::ModelPackage.ModelInput": { + "AWS::QuickSight::Template.FunnelChartAggregatedFieldWells": { "additionalProperties": false, "properties": { - "DataInputConfig": { - "markdownDescription": "The input configuration object for the model.", - "title": "DataInputConfig", - "type": "string" + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The category field wells of a funnel chart. Values are grouped by category fields.", + "title": "Category", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The value field wells of a funnel chart. Values are aggregated based on categories.", + "title": "Values", + "type": "array" } }, - "required": [ - "DataInputConfig" - ], "type": "object" }, - "AWS::SageMaker::ModelPackage.ModelMetrics": { + "AWS::QuickSight::Template.FunnelChartConfiguration": { "additionalProperties": false, "properties": { - "Bias": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.Bias", - "markdownDescription": "Metrics that measure bias in a model.", - "title": "Bias" + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options of the categories that are displayed in a `FunnelChartVisual` .", + "title": "CategoryLabelOptions" }, - "Explainability": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.Explainability", - "markdownDescription": "Metrics that help explain a model.", - "title": "Explainability" + "DataLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.FunnelChartDataLabelOptions", + "markdownDescription": "The options that determine the presentation of the data labels.", + "title": "DataLabelOptions" }, - "ModelDataQuality": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelDataQuality", - "markdownDescription": "Metrics that measure the quality of the input data for a model.", - "title": "ModelDataQuality" + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.FunnelChartFieldWells", + "markdownDescription": "The field well configuration of a `FunnelChartVisual` .", + "title": "FieldWells" }, - "ModelQuality": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelQuality", - "markdownDescription": "Metrics that measure the quality of a model.", - "title": "ModelQuality" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FunnelChartSortConfiguration", + "markdownDescription": "The sort configuration of a `FunnelChartVisual` .", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "markdownDescription": "The tooltip configuration of a `FunnelChartVisual` .", + "title": "Tooltip" + }, + "ValueLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options for the values that are displayed in a `FunnelChartVisual` .", + "title": "ValueLabelOptions" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "markdownDescription": "The visual palette configuration of a `FunnelChartVisual` .", + "title": "VisualPalette" } }, "type": "object" }, - "AWS::SageMaker::ModelPackage.ModelPackageContainerDefinition": { + "AWS::QuickSight::Template.FunnelChartDataLabelOptions": { "additionalProperties": false, "properties": { - "ContainerHostname": { - "markdownDescription": "The DNS host name for the Docker container.", - "title": "ContainerHostname", - "type": "string" - }, - "Environment": { - "additionalProperties": true, - "markdownDescription": "The environment variables to set in the Docker container. Each key and value in the `Environment` string to string map can have length of up to 1024. We support up to 16 entries in the map.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Environment", + "CategoryLabelVisibility": { + "markdownDescription": "The visibility of the category labels within the data labels.", + "title": "CategoryLabelVisibility", "type": "object" }, - "Framework": { - "markdownDescription": "The machine learning framework of the model package container image.", - "title": "Framework", + "LabelColor": { + "markdownDescription": "The color of the data label text.", + "title": "LabelColor", "type": "string" }, - "FrameworkVersion": { - "markdownDescription": "The framework version of the Model Package Container Image.", - "title": "FrameworkVersion", - "type": "string" + "LabelFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "markdownDescription": "The font configuration for the data labels.\n\nOnly the `FontSize` attribute of the font configuration is used for data labels.", + "title": "LabelFontConfiguration" }, - "Image": { - "markdownDescription": "The Amazon Elastic Container Registry (Amazon ECR) path where inference code is stored.\n\nIf you are using your own custom algorithm instead of an algorithm provided by SageMaker, the inference code must meet SageMaker requirements. SageMaker supports both `registry/repository[:tag]` and `registry/repository[@digest]` image path formats. For more information, see [Using Your Own Algorithms with Amazon SageMaker](https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms.html) .", - "title": "Image", + "MeasureDataLabelStyle": { + "markdownDescription": "Determines the style of the metric labels.", + "title": "MeasureDataLabelStyle", "type": "string" }, - "ImageDigest": { - "markdownDescription": "An MD5 hash of the training algorithm that identifies the Docker image used for training.", - "title": "ImageDigest", - "type": "string" + "MeasureLabelVisibility": { + "markdownDescription": "The visibility of the measure labels within the data labels.", + "title": "MeasureLabelVisibility", + "type": "object" }, - "ModelDataUrl": { - "markdownDescription": "The Amazon S3 path where the model artifacts, which result from model training, are stored. This path must point to a single `gzip` compressed tar archive ( `.tar.gz` suffix).\n\n> The model artifacts must be in an S3 bucket that is in the same region as the model package.", - "title": "ModelDataUrl", + "Position": { + "markdownDescription": "Determines the positioning of the data label relative to a section of the funnel.", + "title": "Position", "type": "string" }, - "ModelInput": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelInput", - "markdownDescription": "A structure with Model Input details.", - "title": "ModelInput" - }, - "NearestModelName": { - "markdownDescription": "The name of a pre-trained machine learning benchmarked by Amazon SageMaker Inference Recommender model that matches your model. You can find a list of benchmarked models by calling `ListModelMetadata` .", - "title": "NearestModelName", - "type": "string" + "Visibility": { + "markdownDescription": "The visibility option that determines if data labels are displayed.", + "title": "Visibility", + "type": "object" } }, - "required": [ - "Image" - ], "type": "object" }, - "AWS::SageMaker::ModelPackage.ModelPackageStatusDetails": { + "AWS::QuickSight::Template.FunnelChartFieldWells": { "additionalProperties": false, "properties": { - "ValidationStatuses": { + "FunnelChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.FunnelChartAggregatedFieldWells", + "markdownDescription": "The field well configuration of a `FunnelChartVisual` .", + "title": "FunnelChartAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FunnelChartSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of categories displayed.", + "title": "CategoryItemsLimit" + }, + "CategorySort": { "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelPackageStatusItem" + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" }, - "markdownDescription": "The validation status of the model package.", - "title": "ValidationStatuses", + "markdownDescription": "The sort configuration of the category fields.", + "title": "CategorySort", "type": "array" } }, "type": "object" }, - "AWS::SageMaker::ModelPackage.ModelPackageStatusItem": { + "AWS::QuickSight::Template.FunnelChartVisual": { "additionalProperties": false, "properties": { - "FailureReason": { - "markdownDescription": "if the overall status is `Failed` , the reason for the failure.", - "title": "FailureReason", - "type": "string" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" }, - "Name": { - "markdownDescription": "The name of the model package for which the overall status is being reported.", - "title": "Name", + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FunnelChartConfiguration", + "markdownDescription": "The configuration of a `FunnelChartVisual` .", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", "type": "string" }, - "Status": { - "markdownDescription": "The current status.", - "title": "Status", + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", "type": "string" } }, "required": [ - "Name", - "Status" + "VisualId" ], "type": "object" }, - "AWS::SageMaker::ModelPackage.ModelQuality": { + "AWS::QuickSight::Template.GaugeChartArcConditionalFormatting": { "additionalProperties": false, "properties": { - "Constraints": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", - "markdownDescription": "Model quality constraints.", - "title": "Constraints" - }, - "Statistics": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", - "markdownDescription": "Model quality statistics.", - "title": "Statistics" + "ForegroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the arc foreground color.", + "title": "ForegroundColor" } }, "type": "object" }, - "AWS::SageMaker::ModelPackage.S3DataSource": { + "AWS::QuickSight::Template.GaugeChartColorConfiguration": { "additionalProperties": false, "properties": { - "S3DataType": { - "markdownDescription": "If you choose `S3Prefix` , `S3Uri` identifies a key name prefix. SageMaker uses all objects that match the specified key name prefix for model training.\n\nIf you choose `ManifestFile` , `S3Uri` identifies an object that is a manifest file containing a list of object keys that you want SageMaker to use for model training.\n\nIf you choose `AugmentedManifestFile` , `S3Uri` identifies an object that is an augmented manifest file in JSON lines format. This file contains the data you want to use for model training. `AugmentedManifestFile` can only be used if the Channel's input mode is `Pipe` .", - "title": "S3DataType", + "BackgroundColor": { + "markdownDescription": "The background color configuration of a `GaugeChartVisual` .", + "title": "BackgroundColor", "type": "string" }, - "S3Uri": { - "markdownDescription": "Depending on the value specified for the `S3DataType` , identifies either a key name prefix or a manifest. For example:\n\n- A key name prefix might look like this: `s3://bucketname/exampleprefix/`\n- A manifest might look like this: `s3://bucketname/example.manifest`\n\nA manifest is an S3 object which is a JSON file consisting of an array of elements. The first element is a prefix which is followed by one or more suffixes. SageMaker appends the suffix elements to the prefix to get a full set of `S3Uri` . Note that the prefix must be a valid non-empty `S3Uri` that precludes users from specifying a manifest whose individual `S3Uri` is sourced from different S3 buckets.\n\nThe following code example shows a valid manifest format:\n\n`[ {\"prefix\": \"s3://customer_bucket/some/prefix/\"},`\n\n`\"relative/path/to/custdata-1\",`\n\n`\"relative/path/custdata-2\",`\n\n`...`\n\n`\"relative/path/custdata-N\"`\n\n`]`\n\nThis JSON is equivalent to the following `S3Uri` list:\n\n`s3://customer_bucket/some/prefix/relative/path/to/custdata-1`\n\n`s3://customer_bucket/some/prefix/relative/path/custdata-2`\n\n`...`\n\n`s3://customer_bucket/some/prefix/relative/path/custdata-N`\n\nThe complete set of `S3Uri` in this manifest is the input data for the channel for this data source. The object that each `S3Uri` points to must be readable by the IAM role that SageMaker uses to perform tasks on your behalf.\n\nYour input bucket must be located in same AWS region as your training job.", - "title": "S3Uri", + "ForegroundColor": { + "markdownDescription": "The foreground color configuration of a `GaugeChartVisual` .", + "title": "ForegroundColor", "type": "string" } }, - "required": [ - "S3DataType", - "S3Uri" - ], "type": "object" }, - "AWS::SageMaker::ModelPackage.SourceAlgorithm": { + "AWS::QuickSight::Template.GaugeChartConditionalFormatting": { "additionalProperties": false, "properties": { - "AlgorithmName": { - "markdownDescription": "The name of an algorithm that was used to create the model package. The algorithm must be either an algorithm resource in your SageMaker account or an algorithm in AWS Marketplace that you are subscribed to.", - "title": "AlgorithmName", - "type": "string" - }, - "ModelDataUrl": { - "markdownDescription": "The Amazon S3 path where the model artifacts, which result from model training, are stored. This path must point to a single `gzip` compressed tar archive ( `.tar.gz` suffix).\n\n> The model artifacts must be in an S3 bucket that is in the same AWS region as the algorithm.", - "title": "ModelDataUrl", - "type": "string" + "ConditionalFormattingOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartConditionalFormattingOption" + }, + "markdownDescription": "Conditional formatting options of a `GaugeChartVisual` .", + "title": "ConditionalFormattingOptions", + "type": "array" } }, - "required": [ - "AlgorithmName" - ], "type": "object" }, - "AWS::SageMaker::ModelPackage.SourceAlgorithmSpecification": { + "AWS::QuickSight::Template.GaugeChartConditionalFormattingOption": { "additionalProperties": false, "properties": { - "SourceAlgorithms": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.SourceAlgorithm" - }, - "markdownDescription": "A list of the algorithms that were used to create a model package.", - "title": "SourceAlgorithms", - "type": "array" + "Arc": { + "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartArcConditionalFormatting", + "markdownDescription": "The options that determine the presentation of the arc of a `GaugeChartVisual` .", + "title": "Arc" + }, + "PrimaryValue": { + "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartPrimaryValueConditionalFormatting", + "markdownDescription": "The conditional formatting for the primary value of a `GaugeChartVisual` .", + "title": "PrimaryValue" } }, - "required": [ - "SourceAlgorithms" - ], "type": "object" }, - "AWS::SageMaker::ModelPackage.TransformInput": { + "AWS::QuickSight::Template.GaugeChartConfiguration": { "additionalProperties": false, "properties": { - "CompressionType": { - "markdownDescription": "If your transform data is compressed, specify the compression type. Amazon SageMaker automatically decompresses the data for the transform job accordingly. The default value is `None` .", - "title": "CompressionType", - "type": "string" + "ColorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartColorConfiguration", + "markdownDescription": "The color configuration of a `GaugeChartVisual` .", + "title": "ColorConfiguration" }, - "ContentType": { - "markdownDescription": "The multipurpose internet mail extension (MIME) type of the data. Amazon SageMaker uses the MIME type with each http call to transfer data to the transform job.", - "title": "ContentType", - "type": "string" + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "markdownDescription": "The data label configuration of a `GaugeChartVisual` .", + "title": "DataLabels" }, - "DataSource": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.DataSource", - "markdownDescription": "Describes the location of the channel data, which is, the S3 location of the input data that the model can consume.", - "title": "DataSource" + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartFieldWells", + "markdownDescription": "The field well configuration of a `GaugeChartVisual` .", + "title": "FieldWells" }, - "SplitType": { - "markdownDescription": "The method to use to split the transform job's data files into smaller batches. Splitting is necessary when the total size of each object is too large to fit in a single request. You can also use data splitting to improve performance by processing multiple concurrent mini-batches. The default value for `SplitType` is `None` , which indicates that input data files are not split, and request payloads contain the entire contents of an input object. Set the value of this parameter to `Line` to split records on a newline character boundary. `SplitType` also supports a number of record-oriented binary data formats. Currently, the supported record formats are:\n\n- RecordIO\n- TFRecord\n\nWhen splitting is enabled, the size of a mini-batch depends on the values of the `BatchStrategy` and `MaxPayloadInMB` parameters. When the value of `BatchStrategy` is `MultiRecord` , Amazon SageMaker sends the maximum number of records in each request, up to the `MaxPayloadInMB` limit. If the value of `BatchStrategy` is `SingleRecord` , Amazon SageMaker sends individual records in each request.\n\n> Some data formats represent a record as a binary payload wrapped with extra padding bytes. When splitting is applied to a binary data format, padding is removed if the value of `BatchStrategy` is set to `SingleRecord` . Padding is not removed if the value of `BatchStrategy` is set to `MultiRecord` .\n> \n> For more information about `RecordIO` , see [Create a Dataset Using RecordIO](https://docs.aws.amazon.com/https://mxnet.apache.org/api/faq/recordio) in the MXNet documentation. For more information about `TFRecord` , see [Consuming TFRecord data](https://docs.aws.amazon.com/https://www.tensorflow.org/guide/data#consuming_tfrecord_data) in the TensorFlow documentation.", - "title": "SplitType", - "type": "string" + "GaugeChartOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartOptions", + "markdownDescription": "The options that determine the presentation of the `GaugeChartVisual` .", + "title": "GaugeChartOptions" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "TooltipOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "markdownDescription": "The tooltip configuration of a `GaugeChartVisual` .", + "title": "TooltipOptions" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "markdownDescription": "The visual palette configuration of a `GaugeChartVisual` .", + "title": "VisualPalette" } }, - "required": [ - "DataSource" - ], "type": "object" }, - "AWS::SageMaker::ModelPackage.TransformJobDefinition": { + "AWS::QuickSight::Template.GaugeChartFieldWells": { "additionalProperties": false, "properties": { - "BatchStrategy": { - "markdownDescription": "A string that determines the number of records included in a single mini-batch.\n\n`SingleRecord` means only one record is used per mini-batch. `MultiRecord` means a mini-batch is set to contain as many records that can fit within the `MaxPayloadInMB` limit.", - "title": "BatchStrategy", - "type": "string" - }, - "Environment": { - "additionalProperties": true, - "markdownDescription": "The environment variables to set in the Docker container. We support up to 16 key and values entries in the map.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "TargetValues": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" }, - "title": "Environment", - "type": "object" + "markdownDescription": "The target value field wells of a `GaugeChartVisual` .", + "title": "TargetValues", + "type": "array" }, - "MaxConcurrentTransforms": { - "markdownDescription": "The maximum number of parallel requests that can be sent to each instance in a transform job. The default value is 1.", - "title": "MaxConcurrentTransforms", - "type": "number" + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The value field wells of a `GaugeChartVisual` .", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.GaugeChartOptions": { + "additionalProperties": false, + "properties": { + "Arc": { + "$ref": "#/definitions/AWS::QuickSight::Template.ArcConfiguration", + "markdownDescription": "The arc configuration of a `GaugeChartVisual` .", + "title": "Arc" }, - "MaxPayloadInMB": { - "markdownDescription": "The maximum payload size allowed, in MB. A payload is the data portion of a record (without metadata).", - "title": "MaxPayloadInMB", - "type": "number" + "ArcAxis": { + "$ref": "#/definitions/AWS::QuickSight::Template.ArcAxisConfiguration", + "markdownDescription": "The arc axis configuration of a `GaugeChartVisual` .", + "title": "ArcAxis" }, - "TransformInput": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.TransformInput", - "markdownDescription": "A description of the input source and the way the transform job consumes it.", - "title": "TransformInput" + "Comparison": { + "$ref": "#/definitions/AWS::QuickSight::Template.ComparisonConfiguration", + "markdownDescription": "The comparison configuration of a `GaugeChartVisual` .", + "title": "Comparison" }, - "TransformOutput": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.TransformOutput", - "markdownDescription": "Identifies the Amazon S3 location where you want Amazon SageMaker to save the results from the transform job.", - "title": "TransformOutput" + "PrimaryValueDisplayType": { + "markdownDescription": "The options that determine the primary value display type.", + "title": "PrimaryValueDisplayType", + "type": "string" }, - "TransformResources": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.TransformResources", - "markdownDescription": "Identifies the ML compute instances for the transform job.", - "title": "TransformResources" + "PrimaryValueFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "markdownDescription": "The options that determine the primary value font configuration.", + "title": "PrimaryValueFontConfiguration" } }, - "required": [ - "TransformInput", - "TransformOutput", - "TransformResources" - ], "type": "object" }, - "AWS::SageMaker::ModelPackage.TransformOutput": { + "AWS::QuickSight::Template.GaugeChartPrimaryValueConditionalFormatting": { "additionalProperties": false, "properties": { - "Accept": { - "markdownDescription": "The MIME type used to specify the output data. Amazon SageMaker uses the MIME type with each http call to transfer data from the transform job.", - "title": "Accept", - "type": "string" - }, - "AssembleWith": { - "markdownDescription": "Defines how to assemble the results of the transform job as a single S3 object. Choose a format that is most convenient to you. To concatenate the results in binary format, specify `None` . To add a newline character at the end of every transformed record, specify `Line` .", - "title": "AssembleWith", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption. The `KmsKeyId` can be any of the following formats:\n\n- Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key ARN: `arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n- Alias name: `alias/ExampleAlias`\n- Alias name ARN: `arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias`\n\nIf you don't provide a KMS key ID, Amazon SageMaker uses the default KMS key for Amazon S3 for your role's account. For more information, see [KMS-Managed Encryption Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingKMSEncryption.html) in the *Amazon Simple Storage Service Developer Guide.*\n\nThe KMS key policy must grant permission to the IAM role that you specify in your [CreateModel](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateModel.html) request. For more information, see [Using Key Policies in AWS KMS](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html) in the *AWS Key Management Service Developer Guide* .", - "title": "KmsKeyId", - "type": "string" + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting of the primary value icon.", + "title": "Icon" }, - "S3OutputPath": { - "markdownDescription": "The Amazon S3 path where you want Amazon SageMaker to store the results of the transform job. For example, `s3://bucket-name/key-name-prefix` .\n\nFor every S3 object used as input for the transform job, batch transform stores the transformed data with an . `out` suffix in a corresponding subfolder in the location in the output prefix. For example, for the input data stored at `s3://bucket-name/input-name-prefix/dataset01/data.csv` , batch transform stores the transformed data at `s3://bucket-name/output-name-prefix/input-name-prefix/data.csv.out` . Batch transform doesn't upload partially processed objects. For an input S3 object that contains multiple records, it creates an . `out` file only if the transform job succeeds on the entire file. When the input contains multiple S3 objects, the batch transform job processes the listed S3 objects and uploads only the output for successfully processed objects. If any object fails in the transform job batch transform marks the job as failed to prompt investigation.", - "title": "S3OutputPath", - "type": "string" + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the primary value text color.", + "title": "TextColor" } }, - "required": [ - "S3OutputPath" - ], "type": "object" }, - "AWS::SageMaker::ModelPackage.TransformResources": { + "AWS::QuickSight::Template.GaugeChartVisual": { "additionalProperties": false, "properties": { - "InstanceCount": { - "markdownDescription": "The number of ML compute instances to use in the transform job. The default value is `1` , and the maximum is `100` . For distributed transform jobs, specify a value greater than `1` .", - "title": "InstanceCount", - "type": "number" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" }, - "InstanceType": { - "markdownDescription": "The ML compute instance type for the transform job. If you are using built-in algorithms to transform moderately sized datasets, we recommend using ml.m4.xlarge or `ml.m5.large` instance types.", - "title": "InstanceType", + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartConfiguration", + "markdownDescription": "The configuration of a `GaugeChartVisual` .", + "title": "ChartConfiguration" + }, + "ConditionalFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartConditionalFormatting", + "markdownDescription": "The conditional formatting of a `GaugeChartVisual` .", + "title": "ConditionalFormatting" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", "type": "string" }, - "VolumeKmsKeyId": { - "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt model data on the storage volume attached to the ML compute instance(s) that run the batch transform job.\n\n> Certain Nitro-based instances include local storage, dependent on the instance type. Local storage volumes are encrypted using a hardware module on the instance. You can't request a `VolumeKmsKeyId` when using an instance type with local storage.\n> \n> For a list of instance types that support local instance storage, see [Instance Store Volumes](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html#instance-store-volumes) .\n> \n> For more information about local instance storage encryption, see [SSD Instance Store Volumes](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ssd-instance-store.html) . \n\nThe `VolumeKmsKeyId` can be any of the following formats:\n\n- Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key ARN: `arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n- Alias name: `alias/ExampleAlias`\n- Alias name ARN: `arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias`", - "title": "VolumeKmsKeyId", + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", "type": "string" } }, "required": [ - "InstanceCount", - "InstanceType" + "VisualId" ], "type": "object" }, - "AWS::SageMaker::ModelPackage.ValidationProfile": { + "AWS::QuickSight::Template.GeospatialCoordinateBounds": { "additionalProperties": false, "properties": { - "ProfileName": { - "markdownDescription": "The name of the profile for the model package.", - "title": "ProfileName", - "type": "string" + "East": { + "markdownDescription": "The longitude of the east bound of the geospatial coordinate bounds.", + "title": "East", + "type": "number" }, - "TransformJobDefinition": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.TransformJobDefinition", - "markdownDescription": "The `TransformJobDefinition` object that describes the transform job used for the validation of the model package.", - "title": "TransformJobDefinition" + "North": { + "markdownDescription": "The latitude of the north bound of the geospatial coordinate bounds.", + "title": "North", + "type": "number" + }, + "South": { + "markdownDescription": "The latitude of the south bound of the geospatial coordinate bounds.", + "title": "South", + "type": "number" + }, + "West": { + "markdownDescription": "The longitude of the west bound of the geospatial coordinate bounds.", + "title": "West", + "type": "number" } }, "required": [ - "ProfileName", - "TransformJobDefinition" + "East", + "North", + "South", + "West" ], "type": "object" }, - "AWS::SageMaker::ModelPackage.ValidationSpecification": { + "AWS::QuickSight::Template.GeospatialHeatmapColorScale": { "additionalProperties": false, "properties": { - "ValidationProfiles": { + "Colors": { "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ValidationProfile" + "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialHeatmapDataColor" }, - "markdownDescription": "An array of `ModelPackageValidationProfile` objects, each of which specifies a batch transform job that SageMaker runs to validate your model package.", - "title": "ValidationProfiles", + "markdownDescription": "The list of colors to be used in heatmap point style.", + "title": "Colors", "type": "array" - }, - "ValidationRole": { - "markdownDescription": "The IAM roles to be used for the validation of the model package.", - "title": "ValidationRole", + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.GeospatialHeatmapConfiguration": { + "additionalProperties": false, + "properties": { + "HeatmapColor": { + "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialHeatmapColorScale", + "markdownDescription": "The color scale specification for the heatmap point style.", + "title": "HeatmapColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.GeospatialHeatmapDataColor": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The hex color to be used in the heatmap point style.", + "title": "Color", "type": "string" } }, "required": [ - "ValidationProfiles", - "ValidationRole" + "Color" ], "type": "object" }, - "AWS::SageMaker::ModelPackageGroup": { + "AWS::QuickSight::Template.GeospatialMapAggregatedFieldWells": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ModelPackageGroupDescription": { - "markdownDescription": "The description for the model group.", - "title": "ModelPackageGroupDescription", - "type": "string" - }, - "ModelPackageGroupName": { - "markdownDescription": "The name of the model group.", - "title": "ModelPackageGroupName", - "type": "string" - }, - "ModelPackageGroupPolicy": { - "markdownDescription": "A resouce policy to control access to a model group. For information about resoure policies, see [Identity-based policies and resource-based policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_identity-vs-resource.html) in the *AWS Identity and Access Management User Guide.* .", - "title": "ModelPackageGroupPolicy", - "type": "object" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, - "required": [ - "ModelPackageGroupName" - ], - "type": "object" + "markdownDescription": "The color field wells of a geospatial map.", + "title": "Colors", + "type": "array" }, - "Type": { - "enum": [ - "AWS::SageMaker::ModelPackageGroup" - ], - "type": "string" + "Geospatial": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The geospatial field wells of a geospatial map. Values are grouped by geospatial fields.", + "title": "Geospatial", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The size field wells of a geospatial map. Values are aggregated based on geospatial fields.", + "title": "Values", + "type": "array" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::SageMaker::ModelQualityJobDefinition": { + "AWS::QuickSight::Template.GeospatialMapConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialMapFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "MapStyleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialMapStyleOptions", + "markdownDescription": "The map style options of the geospatial map.", + "title": "MapStyleOptions" }, - "Metadata": { - "type": "object" + "PointStyleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialPointStyleOptions", + "markdownDescription": "The point style options of the geospatial map.", + "title": "PointStyleOptions" }, - "Properties": { - "additionalProperties": false, - "properties": { - "EndpointName": { - "markdownDescription": "", - "title": "EndpointName", - "type": "string" - }, - "JobDefinitionName": { - "markdownDescription": "The name of the monitoring job definition.", - "title": "JobDefinitionName", - "type": "string" - }, - "JobResources": { - "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.MonitoringResources", - "markdownDescription": "Identifies the resources to deploy for a monitoring job.", - "title": "JobResources" - }, - "ModelQualityAppSpecification": { - "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.ModelQualityAppSpecification", - "markdownDescription": "Container image configuration object for the monitoring job.", - "title": "ModelQualityAppSpecification" - }, - "ModelQualityBaselineConfig": { - "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.ModelQualityBaselineConfig", - "markdownDescription": "Specifies the constraints and baselines for the monitoring job.", - "title": "ModelQualityBaselineConfig" - }, - "ModelQualityJobInput": { - "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.ModelQualityJobInput", - "markdownDescription": "A list of the inputs that are monitored. Currently endpoints are supported.", - "title": "ModelQualityJobInput" - }, - "ModelQualityJobOutputConfig": { - "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.MonitoringOutputConfig", - "markdownDescription": "The output configuration for monitoring jobs.", - "title": "ModelQualityJobOutputConfig" - }, - "NetworkConfig": { - "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.NetworkConfig", - "markdownDescription": "Specifies the network configuration for the monitoring job.", - "title": "NetworkConfig" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to perform tasks on your behalf.", - "title": "RoleArn", - "type": "string" - }, - "StoppingCondition": { - "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.StoppingCondition", - "markdownDescription": "A time limit for how long the monitoring job is allowed to run before stopping.", - "title": "StoppingCondition" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "JobResources", - "ModelQualityAppSpecification", - "ModelQualityJobInput", - "ModelQualityJobOutputConfig", - "RoleArn" - ], - "type": "object" + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" }, - "Type": { - "enum": [ - "AWS::SageMaker::ModelQualityJobDefinition" - ], - "type": "string" + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "markdownDescription": "", + "title": "VisualPalette" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "WindowOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialWindowOptions", + "markdownDescription": "The window options of the geospatial map.", + "title": "WindowOptions" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::SageMaker::ModelQualityJobDefinition.BatchTransformInput": { + "AWS::QuickSight::Template.GeospatialMapFieldWells": { "additionalProperties": false, "properties": { - "DataCapturedDestinationS3Uri": { - "markdownDescription": "The Amazon S3 location being used to capture the data.", - "title": "DataCapturedDestinationS3Uri", - "type": "string" - }, - "DatasetFormat": { - "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.DatasetFormat", - "markdownDescription": "The dataset format for your batch transform job.", - "title": "DatasetFormat" - }, - "EndTimeOffset": { - "markdownDescription": "If specified, monitoring jobs subtract this time from the end time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", - "title": "EndTimeOffset", - "type": "string" - }, - "InferenceAttribute": { - "markdownDescription": "The attribute of the input data that represents the ground truth label.", - "title": "InferenceAttribute", + "GeospatialMapAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialMapAggregatedFieldWells", + "markdownDescription": "The aggregated field well for a geospatial map.", + "title": "GeospatialMapAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.GeospatialMapStyleOptions": { + "additionalProperties": false, + "properties": { + "BaseMapStyle": { + "markdownDescription": "The base map style of the geospatial map.", + "title": "BaseMapStyle", "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.GeospatialMapVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" }, - "LocalPath": { - "markdownDescription": "Path to the filesystem where the batch transform data is available to the container.", - "title": "LocalPath", - "type": "string" + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialMapConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" }, - "ProbabilityAttribute": { - "markdownDescription": "In a classification problem, the attribute that represents the class probability.", - "title": "ProbabilityAttribute", - "type": "string" + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" }, - "ProbabilityThresholdAttribute": { - "markdownDescription": "The threshold for the class probability to be evaluated as a positive result.", - "title": "ProbabilityThresholdAttribute", - "type": "number" + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" }, - "S3DataDistributionType": { - "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defaults to `FullyReplicated`", - "title": "S3DataDistributionType", - "type": "string" + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" }, - "S3InputMode": { - "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", - "title": "S3InputMode", + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", "type": "string" }, - "StartTimeOffset": { - "markdownDescription": "If specified, monitoring jobs substract this time from the start time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", - "title": "StartTimeOffset", + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", "type": "string" } }, "required": [ - "DataCapturedDestinationS3Uri", - "DatasetFormat", - "LocalPath" + "VisualId" ], "type": "object" }, - "AWS::SageMaker::ModelQualityJobDefinition.ClusterConfig": { + "AWS::QuickSight::Template.GeospatialPointStyleOptions": { "additionalProperties": false, "properties": { - "InstanceCount": { - "markdownDescription": "The number of ML compute instances to use in the model monitoring job. For distributed processing jobs, specify a value greater than 1. The default value is 1.", - "title": "InstanceCount", - "type": "number" + "ClusterMarkerConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ClusterMarkerConfiguration", + "markdownDescription": "The cluster marker configuration of the geospatial point style.", + "title": "ClusterMarkerConfiguration" }, - "InstanceType": { - "markdownDescription": "The ML compute instance type for the processing job.", - "title": "InstanceType", - "type": "string" + "HeatmapConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialHeatmapConfiguration", + "markdownDescription": "The heatmap configuration of the geospatial point style.", + "title": "HeatmapConfiguration" }, - "VolumeKmsKeyId": { - "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance(s) that run the model monitoring job.", - "title": "VolumeKmsKeyId", + "SelectedPointStyle": { + "markdownDescription": "The selected point styles (point, cluster) of the geospatial map.", + "title": "SelectedPointStyle", "type": "string" - }, - "VolumeSizeInGB": { - "markdownDescription": "The size of the ML storage volume, in gigabytes, that you want to provision. You must specify sufficient ML storage for your scenario.", - "title": "VolumeSizeInGB", - "type": "number" } }, - "required": [ - "InstanceCount", - "InstanceType", - "VolumeSizeInGB" - ], "type": "object" }, - "AWS::SageMaker::ModelQualityJobDefinition.ConstraintsResource": { + "AWS::QuickSight::Template.GeospatialWindowOptions": { "additionalProperties": false, "properties": { - "S3Uri": { - "markdownDescription": "The Amazon S3 URI for the constraints resource.", - "title": "S3Uri", + "Bounds": { + "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialCoordinateBounds", + "markdownDescription": "The bounds options (north, south, west, east) of the geospatial window options.", + "title": "Bounds" + }, + "MapZoomMode": { + "markdownDescription": "The map zoom modes (manual, auto) of the geospatial window options.", + "title": "MapZoomMode", "type": "string" } }, "type": "object" }, - "AWS::SageMaker::ModelQualityJobDefinition.Csv": { + "AWS::QuickSight::Template.GlobalTableBorderOptions": { "additionalProperties": false, "properties": { - "Header": { - "markdownDescription": "", - "title": "Header", - "type": "boolean" + "SideSpecificBorder": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableSideBorderOptions", + "markdownDescription": "Determines the options for side specific border.", + "title": "SideSpecificBorder" + }, + "UniformBorder": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", + "markdownDescription": "Determines the options for uniform border.", + "title": "UniformBorder" } }, "type": "object" }, - "AWS::SageMaker::ModelQualityJobDefinition.DatasetFormat": { + "AWS::QuickSight::Template.GradientColor": { "additionalProperties": false, "properties": { - "Csv": { - "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.Csv", - "markdownDescription": "", - "title": "Csv" - }, - "Json": { - "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.Json", - "markdownDescription": "", - "title": "Json" - }, - "Parquet": { - "markdownDescription": "", - "title": "Parquet", - "type": "boolean" + "Stops": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.GradientStop" + }, + "markdownDescription": "The list of gradient color stops.", + "title": "Stops", + "type": "array" } }, "type": "object" }, - "AWS::SageMaker::ModelQualityJobDefinition.EndpointInput": { + "AWS::QuickSight::Template.GradientStop": { "additionalProperties": false, "properties": { - "EndTimeOffset": { - "markdownDescription": "If specified, monitoring jobs substract this time from the end time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", - "title": "EndTimeOffset", - "type": "string" - }, - "EndpointName": { - "markdownDescription": "An endpoint in customer's account which has enabled `DataCaptureConfig` enabled.", - "title": "EndpointName", - "type": "string" - }, - "InferenceAttribute": { - "markdownDescription": "The attribute of the input data that represents the ground truth label.", - "title": "InferenceAttribute", - "type": "string" - }, - "LocalPath": { - "markdownDescription": "Path to the filesystem where the endpoint data is available to the container.", - "title": "LocalPath", - "type": "string" - }, - "ProbabilityAttribute": { - "markdownDescription": "In a classification problem, the attribute that represents the class probability.", - "title": "ProbabilityAttribute", + "Color": { + "markdownDescription": "Determines the color.", + "title": "Color", "type": "string" }, - "ProbabilityThresholdAttribute": { - "markdownDescription": "The threshold for the class probability to be evaluated as a positive result.", - "title": "ProbabilityThresholdAttribute", + "DataValue": { + "markdownDescription": "Determines the data value.", + "title": "DataValue", "type": "number" }, - "S3DataDistributionType": { - "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an Amazon S3 key. Defaults to `FullyReplicated`", - "title": "S3DataDistributionType", - "type": "string" - }, - "S3InputMode": { - "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", - "title": "S3InputMode", - "type": "string" - }, - "StartTimeOffset": { - "markdownDescription": "If specified, monitoring jobs substract this time from the start time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", - "title": "StartTimeOffset", - "type": "string" + "GradientOffset": { + "markdownDescription": "Determines gradient offset value.", + "title": "GradientOffset", + "type": "number" } }, "required": [ - "EndpointName", - "LocalPath" + "GradientOffset" ], "type": "object" }, - "AWS::SageMaker::ModelQualityJobDefinition.Json": { + "AWS::QuickSight::Template.GridLayoutCanvasSizeOptions": { "additionalProperties": false, "properties": { - "Line": { - "markdownDescription": "", - "title": "Line", - "type": "boolean" + "ScreenCanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.GridLayoutScreenCanvasSizeOptions", + "markdownDescription": "The options that determine the sizing of the canvas used in a grid layout.", + "title": "ScreenCanvasSizeOptions" } }, "type": "object" }, - "AWS::SageMaker::ModelQualityJobDefinition.ModelQualityAppSpecification": { + "AWS::QuickSight::Template.GridLayoutConfiguration": { "additionalProperties": false, "properties": { - "ContainerArguments": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of arguments for the container used to run the monitoring job.", - "title": "ContainerArguments", - "type": "array" + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.GridLayoutCanvasSizeOptions", + "markdownDescription": "", + "title": "CanvasSizeOptions" }, - "ContainerEntrypoint": { + "Elements": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Template.GridLayoutElement" }, - "markdownDescription": "Specifies the entrypoint for a container that the monitoring job runs.", - "title": "ContainerEntrypoint", + "markdownDescription": "The elements that are included in a grid layout.", + "title": "Elements", "type": "array" + } + }, + "required": [ + "Elements" + ], + "type": "object" + }, + "AWS::QuickSight::Template.GridLayoutElement": { + "additionalProperties": false, + "properties": { + "ColumnIndex": { + "markdownDescription": "The column index for the upper left corner of an element.", + "title": "ColumnIndex", + "type": "number" }, - "Environment": { - "additionalProperties": true, - "markdownDescription": "Sets the environment variables in the container that the monitoring job runs.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Environment", - "type": "object" + "ColumnSpan": { + "markdownDescription": "The width of a grid element expressed as a number of grid columns.", + "title": "ColumnSpan", + "type": "number" }, - "ImageUri": { - "markdownDescription": "The address of the container image that the monitoring job runs.", - "title": "ImageUri", + "ElementId": { + "markdownDescription": "A unique identifier for an element within a grid layout.", + "title": "ElementId", "type": "string" }, - "PostAnalyticsProcessorSourceUri": { - "markdownDescription": "An Amazon S3 URI to a script that is called after analysis has been performed. Applicable only for the built-in (first party) containers.", - "title": "PostAnalyticsProcessorSourceUri", + "ElementType": { + "markdownDescription": "The type of element.", + "title": "ElementType", "type": "string" }, - "ProblemType": { - "markdownDescription": "The machine learning problem type of the model that the monitoring job monitors.", - "title": "ProblemType", - "type": "string" + "RowIndex": { + "markdownDescription": "The row index for the upper left corner of an element.", + "title": "RowIndex", + "type": "number" }, - "RecordPreprocessorSourceUri": { - "markdownDescription": "An Amazon S3 URI to a script that is called per row prior to running analysis. It can base64 decode the payload and convert it into a flattened JSON so that the built-in container can use the converted data. Applicable only for the built-in (first party) containers.", - "title": "RecordPreprocessorSourceUri", - "type": "string" + "RowSpan": { + "markdownDescription": "The height of a grid element expressed as a number of grid rows.", + "title": "RowSpan", + "type": "number" } }, "required": [ - "ImageUri", - "ProblemType" + "ColumnSpan", + "ElementId", + "ElementType", + "RowSpan" ], "type": "object" }, - "AWS::SageMaker::ModelQualityJobDefinition.ModelQualityBaselineConfig": { + "AWS::QuickSight::Template.GridLayoutScreenCanvasSizeOptions": { "additionalProperties": false, "properties": { - "BaseliningJobName": { - "markdownDescription": "The name of the job that performs baselining for the monitoring job.", - "title": "BaseliningJobName", + "OptimizedViewPortWidth": { + "markdownDescription": "The width that the view port will be optimized for when the layout renders.", + "title": "OptimizedViewPortWidth", "type": "string" }, - "ConstraintsResource": { - "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.ConstraintsResource", - "markdownDescription": "The constraints resource for a monitoring job.", - "title": "ConstraintsResource" + "ResizeOption": { + "markdownDescription": "This value determines the layout behavior when the viewport is resized.\n\n- `FIXED` : A fixed width will be used when optimizing the layout. In the Amazon QuickSight console, this option is called `Classic` .\n- `RESPONSIVE` : The width of the canvas will be responsive and optimized to the view port. In the Amazon QuickSight console, this option is called `Tiled` .", + "title": "ResizeOption", + "type": "string" } }, + "required": [ + "ResizeOption" + ], "type": "object" }, - "AWS::SageMaker::ModelQualityJobDefinition.ModelQualityJobInput": { + "AWS::QuickSight::Template.GrowthRateComputation": { "additionalProperties": false, "properties": { - "BatchTransformInput": { - "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.BatchTransformInput", - "markdownDescription": "Input object for the batch transform job.", - "title": "BatchTransformInput" + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" }, - "EndpointInput": { - "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.EndpointInput", - "markdownDescription": "Input object for the endpoint", - "title": "EndpointInput" + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" }, - "GroundTruthS3Input": { - "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.MonitoringGroundTruthS3Input", - "markdownDescription": "The ground truth label provided for the model.", - "title": "GroundTruthS3Input" + "PeriodSize": { + "markdownDescription": "The period size setup of a growth rate computation.", + "title": "PeriodSize", + "type": "number" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" } }, "required": [ - "GroundTruthS3Input" + "ComputationId" ], "type": "object" }, - "AWS::SageMaker::ModelQualityJobDefinition.MonitoringGroundTruthS3Input": { + "AWS::QuickSight::Template.HeaderFooterSectionConfiguration": { "additionalProperties": false, "properties": { - "S3Uri": { - "markdownDescription": "The address of the Amazon S3 location of the ground truth labels.", - "title": "S3Uri", + "Layout": { + "$ref": "#/definitions/AWS::QuickSight::Template.SectionLayoutConfiguration", + "markdownDescription": "The layout configuration of the header or footer section.", + "title": "Layout" + }, + "SectionId": { + "markdownDescription": "The unique identifier of the header or footer section.", + "title": "SectionId", "type": "string" + }, + "Style": { + "$ref": "#/definitions/AWS::QuickSight::Template.SectionStyle", + "markdownDescription": "The style options of a header or footer section.", + "title": "Style" } }, "required": [ - "S3Uri" + "Layout", + "SectionId" ], "type": "object" }, - "AWS::SageMaker::ModelQualityJobDefinition.MonitoringOutput": { + "AWS::QuickSight::Template.HeatMapAggregatedFieldWells": { "additionalProperties": false, "properties": { - "S3Output": { - "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.S3Output", - "markdownDescription": "The Amazon S3 storage location where the results of a monitoring job are saved.", - "title": "S3Output" + "Columns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The columns field well of a heat map.", + "title": "Columns", + "type": "array" + }, + "Rows": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The rows field well of a heat map.", + "title": "Rows", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The values field well of a heat map.", + "title": "Values", + "type": "array" } }, - "required": [ - "S3Output" - ], "type": "object" }, - "AWS::SageMaker::ModelQualityJobDefinition.MonitoringOutputConfig": { + "AWS::QuickSight::Template.HeatMapConfiguration": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "The AWS Key Management Service ( AWS KMS ) key that Amazon SageMaker AI uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption.", - "title": "KmsKeyId", - "type": "string" + "ColorScale": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColorScale", + "markdownDescription": "The color options (gradient color, point of divergence) in a heat map.", + "title": "ColorScale" }, - "MonitoringOutputs": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.MonitoringOutput" - }, - "markdownDescription": "Monitoring outputs for monitoring jobs. This is where the output of the periodic monitoring jobs is uploaded.", - "title": "MonitoringOutputs", - "type": "array" + "ColumnLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options of the column that is displayed in a heat map.", + "title": "ColumnLabelOptions" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.", + "title": "DataLabels" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.HeatMapFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "RowLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options of the row that is displayed in a `heat map` .", + "title": "RowLabelOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.HeatMapSortConfiguration", + "markdownDescription": "The sort configuration of a heat map.", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" } }, - "required": [ - "MonitoringOutputs" - ], "type": "object" }, - "AWS::SageMaker::ModelQualityJobDefinition.MonitoringResources": { + "AWS::QuickSight::Template.HeatMapFieldWells": { "additionalProperties": false, "properties": { - "ClusterConfig": { - "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.ClusterConfig", - "markdownDescription": "The configuration for the cluster resources used to run the processing job.", - "title": "ClusterConfig" + "HeatMapAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.HeatMapAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a heat map.", + "title": "HeatMapAggregatedFieldWells" } }, - "required": [ - "ClusterConfig" - ], "type": "object" }, - "AWS::SageMaker::ModelQualityJobDefinition.NetworkConfig": { + "AWS::QuickSight::Template.HeatMapSortConfiguration": { "additionalProperties": false, "properties": { - "EnableInterContainerTrafficEncryption": { - "markdownDescription": "Whether to encrypt all communications between distributed processing jobs. Choose `True` to encrypt communications. Encryption provides greater security for distributed processing jobs, but the processing might take longer.", - "title": "EnableInterContainerTrafficEncryption", - "type": "boolean" + "HeatMapColumnItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of columns that are displayed in a heat map.", + "title": "HeatMapColumnItemsLimitConfiguration" }, - "EnableNetworkIsolation": { - "markdownDescription": "Whether to allow inbound and outbound network calls to and from the containers used for the processing job.", - "title": "EnableNetworkIsolation", - "type": "boolean" + "HeatMapColumnSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The column sort configuration for heat map for columns that aren't a part of a field well.", + "title": "HeatMapColumnSort", + "type": "array" }, - "VpcConfig": { - "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.VpcConfig", - "markdownDescription": "Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC.", - "title": "VpcConfig" + "HeatMapRowItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of rows that are displayed in a heat map.", + "title": "HeatMapRowItemsLimitConfiguration" + }, + "HeatMapRowSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The field sort configuration of the rows fields.", + "title": "HeatMapRowSort", + "type": "array" } }, "type": "object" }, - "AWS::SageMaker::ModelQualityJobDefinition.S3Output": { + "AWS::QuickSight::Template.HeatMapVisual": { "additionalProperties": false, "properties": { - "LocalPath": { - "markdownDescription": "The local path to the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job. LocalPath is an absolute path for the output data.", - "title": "LocalPath", - "type": "string" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" }, - "S3UploadMode": { - "markdownDescription": "Whether to upload the results of the monitoring job continuously or after the job completes.", - "title": "S3UploadMode", + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.HeatMapConfiguration", + "markdownDescription": "The configuration of a heat map.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", "type": "string" }, - "S3Uri": { - "markdownDescription": "A URI that identifies the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job.", - "title": "S3Uri", + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", "type": "string" } }, "required": [ - "LocalPath", - "S3Uri" + "VisualId" ], "type": "object" }, - "AWS::SageMaker::ModelQualityJobDefinition.StoppingCondition": { + "AWS::QuickSight::Template.HistogramAggregatedFieldWells": { "additionalProperties": false, "properties": { - "MaxRuntimeInSeconds": { - "markdownDescription": "The maximum length of time, in seconds, that a training or compilation job can run before it is stopped.\n\nFor compilation jobs, if the job does not complete during this time, a `TimeOut` error is generated. We recommend starting with 900 seconds and increasing as necessary based on your model.\n\nFor all other jobs, if the job does not complete during this time, SageMaker ends the job. When `RetryStrategy` is specified in the job request, `MaxRuntimeInSeconds` specifies the maximum time for all of the attempts in total, not each individual attempt. The default value is 1 day. The maximum value is 28 days.\n\nThe maximum time that a `TrainingJob` can run in total, including any time spent publishing metrics or archiving and uploading models after it has been stopped, is 30 days.", - "title": "MaxRuntimeInSeconds", - "type": "number" + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The value field wells of a histogram. Values are aggregated by `COUNT` or `DISTINCT_COUNT` .", + "title": "Values", + "type": "array" } }, - "required": [ - "MaxRuntimeInSeconds" - ], "type": "object" }, - "AWS::SageMaker::ModelQualityJobDefinition.VpcConfig": { + "AWS::QuickSight::Template.HistogramBinOptions": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The VPC security group IDs, in the form `sg-xxxxxxxx` . Specify the security groups for the VPC that is specified in the `Subnets` field.", - "title": "SecurityGroupIds", - "type": "array" + "BinCount": { + "$ref": "#/definitions/AWS::QuickSight::Template.BinCountOptions", + "markdownDescription": "The options that determine the bin count of a histogram.", + "title": "BinCount" }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "The ID of the subnets in the VPC to which you want to connect your training job or model. For information about the availability of specific instance types, see [Supported Instance Types and Availability Zones](https://docs.aws.amazon.com/sagemaker/latest/dg/instance-types-az.html) .", - "title": "Subnets", - "type": "array" + "BinWidth": { + "$ref": "#/definitions/AWS::QuickSight::Template.BinWidthOptions", + "markdownDescription": "The options that determine the bin width of a histogram.", + "title": "BinWidth" + }, + "SelectedBinType": { + "markdownDescription": "The options that determine the selected bin type.", + "title": "SelectedBinType", + "type": "string" + }, + "StartValue": { + "markdownDescription": "The options that determine the bin start value.", + "title": "StartValue", + "type": "number" } }, - "required": [ - "SecurityGroupIds", - "Subnets" - ], "type": "object" }, - "AWS::SageMaker::MonitoringSchedule": { + "AWS::QuickSight::Template.HistogramConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "BinOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.HistogramBinOptions", + "markdownDescription": "The options that determine the presentation of histogram bins.", + "title": "BinOptions" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "markdownDescription": "The data label configuration of a histogram.", + "title": "DataLabels" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.HistogramFieldWells", + "markdownDescription": "The field well configuration of a histogram.", + "title": "FieldWells" }, - "Metadata": { - "type": "object" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" }, - "Properties": { - "additionalProperties": false, - "properties": { - "EndpointName": { - "markdownDescription": "The name of the endpoint using the monitoring schedule.", - "title": "EndpointName", - "type": "string" - }, - "FailureReason": { - "markdownDescription": "Contains the reason a monitoring job failed, if it failed.", - "title": "FailureReason", - "type": "string" - }, - "LastMonitoringExecutionSummary": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringExecutionSummary", - "markdownDescription": "Describes metadata on the last execution to run, if there was one.", - "title": "LastMonitoringExecutionSummary" - }, - "MonitoringScheduleConfig": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringScheduleConfig", - "markdownDescription": "The configuration object that specifies the monitoring schedule and defines the monitoring job.", - "title": "MonitoringScheduleConfig" - }, - "MonitoringScheduleName": { - "markdownDescription": "The name of the monitoring schedule.", - "title": "MonitoringScheduleName", - "type": "string" - }, - "MonitoringScheduleStatus": { - "markdownDescription": "The status of the monitoring schedule.", - "title": "MonitoringScheduleStatus", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "MonitoringScheduleConfig", - "MonitoringScheduleName" - ], - "type": "object" + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "markdownDescription": "The tooltip configuration of a histogram.", + "title": "Tooltip" }, - "Type": { - "enum": [ - "AWS::SageMaker::MonitoringSchedule" - ], - "type": "string" + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "markdownDescription": "The visual palette configuration of a histogram.", + "title": "VisualPalette" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "XAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the x-axis.", + "title": "XAxisDisplayOptions" + }, + "XAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the x-axis label.", + "title": "XAxisLabelOptions" + }, + "YAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the y-axis.", + "title": "YAxisDisplayOptions" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.BaselineConfig": { + "AWS::QuickSight::Template.HistogramFieldWells": { "additionalProperties": false, "properties": { - "ConstraintsResource": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.ConstraintsResource", - "markdownDescription": "The Amazon S3 URI for the constraints resource.", - "title": "ConstraintsResource" - }, - "StatisticsResource": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.StatisticsResource", - "markdownDescription": "The baseline statistics file in Amazon S3 that the current monitoring job should be validated against.", - "title": "StatisticsResource" + "HistogramAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.HistogramAggregatedFieldWells", + "markdownDescription": "The field well configuration of a histogram.", + "title": "HistogramAggregatedFieldWells" } }, "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.BatchTransformInput": { + "AWS::QuickSight::Template.HistogramVisual": { "additionalProperties": false, "properties": { - "DataCapturedDestinationS3Uri": { - "markdownDescription": "The Amazon S3 location being used to capture the data.", - "title": "DataCapturedDestinationS3Uri", - "type": "string" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" }, - "DatasetFormat": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.DatasetFormat", - "markdownDescription": "The dataset format for your batch transform job.", - "title": "DatasetFormat" + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.HistogramConfiguration", + "markdownDescription": "The configuration for a `HistogramVisual` .", + "title": "ChartConfiguration" }, - "ExcludeFeaturesAttribute": { - "markdownDescription": "The attributes of the input data to exclude from the analysis.", - "title": "ExcludeFeaturesAttribute", - "type": "string" + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" }, - "LocalPath": { - "markdownDescription": "Path to the filesystem where the batch transform data is available to the container.", - "title": "LocalPath", - "type": "string" + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" }, - "S3DataDistributionType": { - "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defaults to `FullyReplicated`", - "title": "S3DataDistributionType", + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", "type": "string" }, - "S3InputMode": { - "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", - "title": "S3InputMode", + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", "type": "string" } }, "required": [ - "DataCapturedDestinationS3Uri", - "DatasetFormat", - "LocalPath" + "VisualId" ], "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.ClusterConfig": { + "AWS::QuickSight::Template.ImageCustomAction": { "additionalProperties": false, "properties": { - "InstanceCount": { - "markdownDescription": "The number of ML compute instances to use in the model monitoring job. For distributed processing jobs, specify a value greater than 1. The default value is 1.", - "title": "InstanceCount", - "type": "number" + "ActionOperations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ImageCustomActionOperation" + }, + "markdownDescription": "A list of `ImageCustomActionOperations` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", + "title": "ActionOperations", + "type": "array" }, - "InstanceType": { - "markdownDescription": "The ML compute instance type for the processing job.", - "title": "InstanceType", + "CustomActionId": { + "markdownDescription": "The ID of the custom action.", + "title": "CustomActionId", "type": "string" }, - "VolumeKmsKeyId": { - "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance(s) that run the model monitoring job.", - "title": "VolumeKmsKeyId", + "Name": { + "markdownDescription": "The name of the custom action.", + "title": "Name", "type": "string" }, - "VolumeSizeInGB": { - "markdownDescription": "The size of the ML storage volume, in gigabytes, that you want to provision. You must specify sufficient ML storage for your scenario.", - "title": "VolumeSizeInGB", - "type": "number" + "Status": { + "markdownDescription": "The status of the custom action.", + "title": "Status", + "type": "string" + }, + "Trigger": { + "markdownDescription": "The trigger of the `VisualCustomAction` .\n\nValid values are defined as follows:\n\n- `CLICK` : Initiates a custom action by a left pointer click on a data point.\n- `MENU` : Initiates a custom action by right pointer click from the menu.", + "title": "Trigger", + "type": "string" } }, "required": [ - "InstanceCount", - "InstanceType", - "VolumeSizeInGB" + "ActionOperations", + "CustomActionId", + "Name", + "Trigger" ], "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.ConstraintsResource": { - "additionalProperties": false, - "properties": { - "S3Uri": { - "markdownDescription": "The Amazon S3 URI for the constraints resource.", - "title": "S3Uri", - "type": "string" - } - }, - "type": "object" - }, - "AWS::SageMaker::MonitoringSchedule.Csv": { + "AWS::QuickSight::Template.ImageCustomActionOperation": { "additionalProperties": false, "properties": { - "Header": { + "NavigationOperation": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomActionNavigationOperation", "markdownDescription": "", - "title": "Header", - "type": "boolean" + "title": "NavigationOperation" + }, + "SetParametersOperation": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomActionSetParametersOperation", + "markdownDescription": "", + "title": "SetParametersOperation" + }, + "URLOperation": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomActionURLOperation", + "markdownDescription": "", + "title": "URLOperation" } }, "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.DatasetFormat": { + "AWS::QuickSight::Template.ImageInteractionOptions": { "additionalProperties": false, "properties": { - "Csv": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.Csv", - "markdownDescription": "", - "title": "Csv" - }, - "Json": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.Json", - "markdownDescription": "", - "title": "Json" - }, - "Parquet": { - "markdownDescription": "", - "title": "Parquet", - "type": "boolean" + "ImageMenuOption": { + "$ref": "#/definitions/AWS::QuickSight::Template.ImageMenuOption", + "markdownDescription": "The menu options for the image.", + "title": "ImageMenuOption" } }, "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.EndpointInput": { + "AWS::QuickSight::Template.ImageMenuOption": { "additionalProperties": false, "properties": { - "EndpointName": { - "markdownDescription": "An endpoint in customer's account which has enabled `DataCaptureConfig` enabled.", - "title": "EndpointName", - "type": "string" - }, - "ExcludeFeaturesAttribute": { - "markdownDescription": "The attributes of the input data to exclude from the analysis.", - "title": "ExcludeFeaturesAttribute", - "type": "string" - }, - "LocalPath": { - "markdownDescription": "Path to the filesystem where the endpoint data is available to the container.", - "title": "LocalPath", - "type": "string" - }, - "S3DataDistributionType": { - "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an Amazon S3 key. Defaults to `FullyReplicated`", - "title": "S3DataDistributionType", - "type": "string" - }, - "S3InputMode": { - "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", - "title": "S3InputMode", + "AvailabilityStatus": { + "markdownDescription": "The availability status of the image menu. If the value of this property is set to `ENABLED` , dashboard readers can interact with the image menu.", + "title": "AvailabilityStatus", "type": "string" } }, - "required": [ - "EndpointName", - "LocalPath" - ], "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.Json": { + "AWS::QuickSight::Template.InnerFilter": { "additionalProperties": false, "properties": { - "Line": { - "markdownDescription": "", - "title": "Line", - "type": "boolean" + "CategoryInnerFilter": { + "$ref": "#/definitions/AWS::QuickSight::Template.CategoryInnerFilter", + "markdownDescription": "A `CategoryInnerFilter` filters text values for the `NestedFilter` .", + "title": "CategoryInnerFilter" } }, "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.MonitoringAppSpecification": { + "AWS::QuickSight::Template.InsightConfiguration": { "additionalProperties": false, "properties": { - "ContainerArguments": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of arguments for the container used to run the monitoring job.", - "title": "ContainerArguments", - "type": "array" - }, - "ContainerEntrypoint": { + "Computations": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Template.Computation" }, - "markdownDescription": "Specifies the entrypoint for a container used to run the monitoring job.", - "title": "ContainerEntrypoint", + "markdownDescription": "The computations configurations of the insight visual", + "title": "Computations", "type": "array" }, - "ImageUri": { - "markdownDescription": "The container image to be run by the monitoring job.", - "title": "ImageUri", - "type": "string" - }, - "PostAnalyticsProcessorSourceUri": { - "markdownDescription": "An Amazon S3 URI to a script that is called after analysis has been performed. Applicable only for the built-in (first party) containers.", - "title": "PostAnalyticsProcessorSourceUri", - "type": "string" + "CustomNarrative": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomNarrativeOptions", + "markdownDescription": "The custom narrative of the insight visual.", + "title": "CustomNarrative" }, - "RecordPreprocessorSourceUri": { - "markdownDescription": "An Amazon S3 URI to a script that is called per row prior to running analysis. It can base64 decode the payload and convert it into a flattened JSON so that the built-in container can use the converted data. Applicable only for the built-in (first party) containers.", - "title": "RecordPreprocessorSourceUri", - "type": "string" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" } }, - "required": [ - "ImageUri" - ], "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.MonitoringExecutionSummary": { + "AWS::QuickSight::Template.InsightVisual": { "additionalProperties": false, "properties": { - "CreationTime": { - "markdownDescription": "The time at which the monitoring job was created.", - "title": "CreationTime", - "type": "string" - }, - "EndpointName": { - "markdownDescription": "The name of the endpoint used to run the monitoring job.", - "title": "EndpointName", - "type": "string" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" }, - "FailureReason": { - "markdownDescription": "Contains the reason a monitoring job failed, if it failed.", - "title": "FailureReason", + "DataSetIdentifier": { + "markdownDescription": "The dataset that is used in the insight visual.", + "title": "DataSetIdentifier", "type": "string" }, - "LastModifiedTime": { - "markdownDescription": "A timestamp that indicates the last time the monitoring job was modified.", - "title": "LastModifiedTime", - "type": "string" + "InsightConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.InsightConfiguration", + "markdownDescription": "The configuration of an insight visual.", + "title": "InsightConfiguration" }, - "MonitoringExecutionStatus": { - "markdownDescription": "The status of the monitoring job.", - "title": "MonitoringExecutionStatus", - "type": "string" + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" }, - "MonitoringScheduleName": { - "markdownDescription": "The name of the monitoring schedule.", - "title": "MonitoringScheduleName", - "type": "string" + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" }, - "ProcessingJobArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the monitoring job.", - "title": "ProcessingJobArn", + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", "type": "string" }, - "ScheduledTime": { - "markdownDescription": "The time the monitoring job was scheduled.", - "title": "ScheduledTime", + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", "type": "string" } }, "required": [ - "CreationTime", - "LastModifiedTime", - "MonitoringExecutionStatus", - "MonitoringScheduleName", - "ScheduledTime" + "DataSetIdentifier", + "VisualId" ], "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.MonitoringInput": { + "AWS::QuickSight::Template.IntegerDefaultValues": { "additionalProperties": false, "properties": { - "BatchTransformInput": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.BatchTransformInput", - "markdownDescription": "Input object for the batch transform job.", - "title": "BatchTransformInput" + "DynamicValue": { + "$ref": "#/definitions/AWS::QuickSight::Template.DynamicDefaultValue", + "markdownDescription": "The dynamic value of the `IntegerDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", + "title": "DynamicValue" }, - "EndpointInput": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.EndpointInput", - "markdownDescription": "The endpoint for a monitoring job.", - "title": "EndpointInput" + "StaticValues": { + "items": { + "type": "number" + }, + "markdownDescription": "The static values of the `IntegerDefaultValues` .", + "title": "StaticValues", + "type": "array" } }, "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.MonitoringJobDefinition": { + "AWS::QuickSight::Template.IntegerParameterDeclaration": { "additionalProperties": false, "properties": { - "BaselineConfig": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.BaselineConfig", - "markdownDescription": "Baseline configuration used to validate that the data conforms to the specified constraints and statistics", - "title": "BaselineConfig" - }, - "Environment": { - "additionalProperties": true, - "markdownDescription": "Sets the environment variables in the Docker container.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Environment", - "type": "object" - }, - "MonitoringAppSpecification": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringAppSpecification", - "markdownDescription": "Configures the monitoring job to run a specified Docker container image.", - "title": "MonitoringAppSpecification" + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::Template.IntegerDefaultValues", + "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", + "title": "DefaultValues" }, - "MonitoringInputs": { + "MappedDataSetParameters": { "items": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringInput" + "$ref": "#/definitions/AWS::QuickSight::Template.MappedDataSetParameter" }, - "markdownDescription": "The array of inputs for the monitoring job. Currently we support monitoring an Amazon SageMaker AI Endpoint.", - "title": "MonitoringInputs", + "markdownDescription": "", + "title": "MappedDataSetParameters", "type": "array" }, - "MonitoringOutputConfig": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringOutputConfig", - "markdownDescription": "The array of outputs from the monitoring job to be uploaded to Amazon S3.", - "title": "MonitoringOutputConfig" - }, - "MonitoringResources": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringResources", - "markdownDescription": "Identifies the resources, ML compute instances, and ML storage volumes to deploy for a monitoring job. In distributed processing, you specify more than one instance.", - "title": "MonitoringResources" - }, - "NetworkConfig": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.NetworkConfig", - "markdownDescription": "Specifies networking options for an monitoring job.", - "title": "NetworkConfig" + "Name": { + "markdownDescription": "The name of the parameter that is being declared.", + "title": "Name", + "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker AI can assume to perform tasks on your behalf.", - "title": "RoleArn", + "ParameterValueType": { + "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", + "title": "ParameterValueType", "type": "string" }, - "StoppingCondition": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.StoppingCondition", - "markdownDescription": "Specifies a time limit for how long the monitoring job is allowed to run.", - "title": "StoppingCondition" + "ValueWhenUnset": { + "$ref": "#/definitions/AWS::QuickSight::Template.IntegerValueWhenUnsetConfiguration", + "markdownDescription": "A parameter declaration for the `Integer` data type.", + "title": "ValueWhenUnset" } }, "required": [ - "MonitoringAppSpecification", - "MonitoringInputs", - "MonitoringOutputConfig", - "MonitoringResources", - "RoleArn" + "Name", + "ParameterValueType" ], "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.MonitoringOutput": { + "AWS::QuickSight::Template.IntegerValueWhenUnsetConfiguration": { "additionalProperties": false, "properties": { - "S3Output": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.S3Output", - "markdownDescription": "The Amazon S3 storage location where the results of a monitoring job are saved.", - "title": "S3Output" + "CustomValue": { + "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", + "title": "CustomValue", + "type": "number" + }, + "ValueWhenUnsetOption": { + "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", + "title": "ValueWhenUnsetOption", + "type": "string" } }, - "required": [ - "S3Output" - ], "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.MonitoringOutputConfig": { + "AWS::QuickSight::Template.ItemsLimitConfiguration": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "The AWS Key Management Service ( AWS KMS ) key that Amazon SageMaker AI uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption.", - "title": "KmsKeyId", + "ItemsLimit": { + "markdownDescription": "The limit on how many items of a field are showed in the chart. For example, the number of slices that are displayed in a pie chart.", + "title": "ItemsLimit", + "type": "number" + }, + "OtherCategories": { + "markdownDescription": "The `Show other` of an axis in the chart. Choose one of the following options:\n\n- `INCLUDE`\n- `EXCLUDE`", + "title": "OtherCategories", "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.KPIActualValueConditionalFormatting": { + "additionalProperties": false, + "properties": { + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting of the actual value's icon.", + "title": "Icon" }, - "MonitoringOutputs": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringOutput" - }, - "markdownDescription": "Monitoring outputs for monitoring jobs. This is where the output of the periodic monitoring jobs is uploaded.", - "title": "MonitoringOutputs", - "type": "array" + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the actual value's text color.", + "title": "TextColor" } }, - "required": [ - "MonitoringOutputs" - ], "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.MonitoringResources": { + "AWS::QuickSight::Template.KPIComparisonValueConditionalFormatting": { "additionalProperties": false, "properties": { - "ClusterConfig": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.ClusterConfig", - "markdownDescription": "The configuration for the cluster resources used to run the processing job.", - "title": "ClusterConfig" + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting of the comparison value's icon.", + "title": "Icon" + }, + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the comparison value's text color.", + "title": "TextColor" } }, - "required": [ - "ClusterConfig" - ], "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.MonitoringScheduleConfig": { + "AWS::QuickSight::Template.KPIConditionalFormatting": { "additionalProperties": false, "properties": { - "MonitoringJobDefinition": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringJobDefinition", - "markdownDescription": "Defines the monitoring job.", - "title": "MonitoringJobDefinition" + "ConditionalFormattingOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPIConditionalFormattingOption" + }, + "markdownDescription": "The conditional formatting options of a KPI visual.", + "title": "ConditionalFormattingOptions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.KPIConditionalFormattingOption": { + "additionalProperties": false, + "properties": { + "ActualValue": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPIActualValueConditionalFormatting", + "markdownDescription": "The conditional formatting for the actual value of a KPI visual.", + "title": "ActualValue" }, - "MonitoringJobDefinitionName": { - "markdownDescription": "The name of the monitoring job definition to schedule.", - "title": "MonitoringJobDefinitionName", - "type": "string" + "ComparisonValue": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPIComparisonValueConditionalFormatting", + "markdownDescription": "The conditional formatting for the comparison value of a KPI visual.", + "title": "ComparisonValue" }, - "MonitoringType": { - "markdownDescription": "The type of the monitoring job definition to schedule.", - "title": "MonitoringType", - "type": "string" + "PrimaryValue": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPIPrimaryValueConditionalFormatting", + "markdownDescription": "The conditional formatting for the primary value of a KPI visual.", + "title": "PrimaryValue" }, - "ScheduleConfig": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.ScheduleConfig", - "markdownDescription": "Configures the monitoring schedule.", - "title": "ScheduleConfig" + "ProgressBar": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPIProgressBarConditionalFormatting", + "markdownDescription": "The conditional formatting for the progress bar of a KPI visual.", + "title": "ProgressBar" } }, "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.NetworkConfig": { + "AWS::QuickSight::Template.KPIConfiguration": { "additionalProperties": false, "properties": { - "EnableInterContainerTrafficEncryption": { - "markdownDescription": "Whether to encrypt all communications between distributed processing jobs. Choose `True` to encrypt communications. Encryption provides greater security for distributed processing jobs, but the processing might take longer.", - "title": "EnableInterContainerTrafficEncryption", - "type": "boolean" + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPIFieldWells", + "markdownDescription": "The field well configuration of a KPI visual.", + "title": "FieldWells" }, - "EnableNetworkIsolation": { - "markdownDescription": "Whether to allow inbound and outbound network calls to and from the containers used for the processing job.", - "title": "EnableNetworkIsolation", - "type": "boolean" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" }, - "VpcConfig": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.VpcConfig", - "markdownDescription": "Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC. For more information, see [Protect Endpoints by Using an Amazon Virtual Private Cloud](https://docs.aws.amazon.com/sagemaker/latest/dg/host-vpc.html) and [Protect Training Jobs by Using an Amazon Virtual Private Cloud](https://docs.aws.amazon.com/sagemaker/latest/dg/train-vpc.html) .", - "title": "VpcConfig" + "KPIOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPIOptions", + "markdownDescription": "The options that determine the presentation of a KPI visual.", + "title": "KPIOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPISortConfiguration", + "markdownDescription": "The sort configuration of a KPI visual.", + "title": "SortConfiguration" } }, "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.S3Output": { + "AWS::QuickSight::Template.KPIFieldWells": { "additionalProperties": false, "properties": { - "LocalPath": { - "markdownDescription": "The local path to the S3 storage location where SageMaker saves the results of a monitoring job. LocalPath is an absolute path for the output data.", - "title": "LocalPath", - "type": "string" + "TargetValues": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The target value field wells of a KPI visual.", + "title": "TargetValues", + "type": "array" }, - "S3UploadMode": { - "markdownDescription": "Whether to upload the results of the monitoring job continuously or after the job completes.", - "title": "S3UploadMode", - "type": "string" + "TrendGroups": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The trend group field wells of a KPI visual.", + "title": "TrendGroups", + "type": "array" }, - "S3Uri": { - "markdownDescription": "A URI that identifies the S3 storage location where SageMaker saves the results of a monitoring job.", - "title": "S3Uri", - "type": "string" + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The value field wells of a KPI visual.", + "title": "Values", + "type": "array" } }, - "required": [ - "LocalPath", - "S3Uri" - ], "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.ScheduleConfig": { + "AWS::QuickSight::Template.KPIOptions": { "additionalProperties": false, "properties": { - "DataAnalysisEndTime": { - "markdownDescription": "Sets the end time for a monitoring job window. Express this time as an offset to the times that you schedule your monitoring jobs to run. You schedule monitoring jobs with the `ScheduleExpression` parameter. Specify this offset in ISO 8601 duration format. For example, if you want to end the window one hour before the start of each monitoring job, you would specify: `\"-PT1H\"` .\n\nThe end time that you specify must not follow the start time that you specify by more than 24 hours. You specify the start time with the `DataAnalysisStartTime` parameter.\n\nIf you set `ScheduleExpression` to `NOW` , this parameter is required.", - "title": "DataAnalysisEndTime", - "type": "string" + "Comparison": { + "$ref": "#/definitions/AWS::QuickSight::Template.ComparisonConfiguration", + "markdownDescription": "The comparison configuration of a KPI visual.", + "title": "Comparison" }, - "DataAnalysisStartTime": { - "markdownDescription": "Sets the start time for a monitoring job window. Express this time as an offset to the times that you schedule your monitoring jobs to run. You schedule monitoring jobs with the `ScheduleExpression` parameter. Specify this offset in ISO 8601 duration format. For example, if you want to monitor the five hours of data in your dataset that precede the start of each monitoring job, you would specify: `\"-PT5H\"` .\n\nThe start time that you specify must not precede the end time that you specify by more than 24 hours. You specify the end time with the `DataAnalysisEndTime` parameter.\n\nIf you set `ScheduleExpression` to `NOW` , this parameter is required.", - "title": "DataAnalysisStartTime", + "PrimaryValueDisplayType": { + "markdownDescription": "The options that determine the primary value display type.", + "title": "PrimaryValueDisplayType", "type": "string" }, - "ScheduleExpression": { - "markdownDescription": "A cron expression that describes details about the monitoring schedule.\n\nThe supported cron expressions are:\n\n- If you want to set the job to start every hour, use the following:\n\n`Hourly: cron(0 * ? * * *)`\n- If you want to start the job daily:\n\n`cron(0 [00-23] ? * * *)`\n- If you want to run the job one time, immediately, use the following keyword:\n\n`NOW`\n\nFor example, the following are valid cron expressions:\n\n- Daily at noon UTC: `cron(0 12 ? * * *)`\n- Daily at midnight UTC: `cron(0 0 ? * * *)`\n\nTo support running every 6, 12 hours, the following are also supported:\n\n`cron(0 [00-23]/[01-24] ? * * *)`\n\nFor example, the following are valid cron expressions:\n\n- Every 12 hours, starting at 5pm UTC: `cron(0 17/12 ? * * *)`\n- Every two hours starting at midnight: `cron(0 0/2 ? * * *)`\n\n> - Even though the cron expression is set to start at 5PM UTC, note that there could be a delay of 0-20 minutes from the actual requested time to run the execution.\n> - We recommend that if you would like a daily schedule, you do not provide this parameter. Amazon SageMaker AI will pick a time for running every day. \n\nYou can also specify the keyword `NOW` to run the monitoring job immediately, one time, without recurring.", - "title": "ScheduleExpression", - "type": "string" + "PrimaryValueFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "markdownDescription": "The options that determine the primary value font configuration.", + "title": "PrimaryValueFontConfiguration" + }, + "ProgressBar": { + "$ref": "#/definitions/AWS::QuickSight::Template.ProgressBarOptions", + "markdownDescription": "The options that determine the presentation of the progress bar of a KPI visual.", + "title": "ProgressBar" + }, + "SecondaryValue": { + "$ref": "#/definitions/AWS::QuickSight::Template.SecondaryValueOptions", + "markdownDescription": "The options that determine the presentation of the secondary value of a KPI visual.", + "title": "SecondaryValue" + }, + "SecondaryValueFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "markdownDescription": "The options that determine the secondary value font configuration.", + "title": "SecondaryValueFontConfiguration" + }, + "Sparkline": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPISparklineOptions", + "markdownDescription": "The options that determine the visibility, color, type, and tooltip visibility of the sparkline of a KPI visual.", + "title": "Sparkline" + }, + "TrendArrows": { + "$ref": "#/definitions/AWS::QuickSight::Template.TrendArrowOptions", + "markdownDescription": "The options that determine the presentation of trend arrows in a KPI visual.", + "title": "TrendArrows" + }, + "VisualLayoutOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPIVisualLayoutOptions", + "markdownDescription": "The options that determine the layout a KPI visual.", + "title": "VisualLayoutOptions" } }, - "required": [ - "ScheduleExpression" - ], "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.StatisticsResource": { + "AWS::QuickSight::Template.KPIPrimaryValueConditionalFormatting": { "additionalProperties": false, "properties": { - "S3Uri": { - "markdownDescription": "The S3 URI for the statistics resource.", - "title": "S3Uri", - "type": "string" + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting of the primary value's icon.", + "title": "Icon" + }, + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the primary value's text color.", + "title": "TextColor" } }, "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.StoppingCondition": { + "AWS::QuickSight::Template.KPIProgressBarConditionalFormatting": { "additionalProperties": false, "properties": { - "MaxRuntimeInSeconds": { - "markdownDescription": "The maximum length of time, in seconds, that a training or compilation job can run before it is stopped.\n\nFor compilation jobs, if the job does not complete during this time, a `TimeOut` error is generated. We recommend starting with 900 seconds and increasing as necessary based on your model.\n\nFor all other jobs, if the job does not complete during this time, SageMaker ends the job. When `RetryStrategy` is specified in the job request, `MaxRuntimeInSeconds` specifies the maximum time for all of the attempts in total, not each individual attempt. The default value is 1 day. The maximum value is 28 days.\n\nThe maximum time that a `TrainingJob` can run in total, including any time spent publishing metrics or archiving and uploading models after it has been stopped, is 30 days.", - "title": "MaxRuntimeInSeconds", - "type": "number" + "ForegroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the progress bar's foreground color.", + "title": "ForegroundColor" } }, - "required": [ - "MaxRuntimeInSeconds" - ], "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.VpcConfig": { + "AWS::QuickSight::Template.KPISortConfiguration": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The VPC security group IDs, in the form `sg-xxxxxxxx` . Specify the security groups for the VPC that is specified in the `Subnets` field.", - "title": "SecurityGroupIds", - "type": "array" - }, - "Subnets": { + "TrendGroupSort": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" }, - "markdownDescription": "The ID of the subnets in the VPC to which you want to connect your training job or model. For information about the availability of specific instance types, see [Supported Instance Types and Availability Zones](https://docs.aws.amazon.com/sagemaker/latest/dg/instance-types-az.html) .", - "title": "Subnets", + "markdownDescription": "The sort configuration of the trend group fields.", + "title": "TrendGroupSort", "type": "array" } }, - "required": [ - "SecurityGroupIds", - "Subnets" - ], "type": "object" }, - "AWS::SageMaker::NotebookInstance": { + "AWS::QuickSight::Template.KPISparklineOptions": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Color": { + "markdownDescription": "The color of the sparkline.", + "title": "Color", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AcceleratorTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of Amazon Elastic Inference (EI) instance types to associate with the notebook instance. Currently, only one instance type can be associated with a notebook instance. For more information, see [Using Elastic Inference in Amazon SageMaker](https://docs.aws.amazon.com/sagemaker/latest/dg/ei.html) .\n\n*Valid Values:* `ml.eia1.medium | ml.eia1.large | ml.eia1.xlarge | ml.eia2.medium | ml.eia2.large | ml.eia2.xlarge` .", - "title": "AcceleratorTypes", - "type": "array" - }, - "AdditionalCodeRepositories": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of up to three Git repositories associated with the notebook instance. These can be either the names of Git repositories stored as resources in your account, or the URL of Git repositories in [AWS CodeCommit](https://docs.aws.amazon.com/codecommit/latest/userguide/welcome.html) or in any other Git repository. These repositories are cloned at the same level as the default repository of your notebook instance. For more information, see [Associating Git Repositories with SageMaker AI Notebook Instances](https://docs.aws.amazon.com/sagemaker/latest/dg/nbi-git-repo.html) .", - "title": "AdditionalCodeRepositories", - "type": "array" - }, - "DefaultCodeRepository": { - "markdownDescription": "The Git repository associated with the notebook instance as its default code repository. This can be either the name of a Git repository stored as a resource in your account, or the URL of a Git repository in [AWS CodeCommit](https://docs.aws.amazon.com/codecommit/latest/userguide/welcome.html) or in any other Git repository. When you open a notebook instance, it opens in the directory that contains this repository. For more information, see [Associating Git Repositories with SageMaker AI Notebook Instances](https://docs.aws.amazon.com/sagemaker/latest/dg/nbi-git-repo.html) .", - "title": "DefaultCodeRepository", - "type": "string" - }, - "DirectInternetAccess": { - "markdownDescription": "Sets whether SageMaker AI provides internet access to the notebook instance. If you set this to `Disabled` this notebook instance is able to access resources only in your VPC, and is not be able to connect to SageMaker AI training and endpoint services unless you configure a NAT Gateway in your VPC.\n\nFor more information, see [Notebook Instances Are Internet-Enabled by Default](https://docs.aws.amazon.com/sagemaker/latest/dg/appendix-additional-considerations.html#appendix-notebook-and-internet-access) . You can set the value of this parameter to `Disabled` only if you set a value for the `SubnetId` parameter.", - "title": "DirectInternetAccess", - "type": "string" - }, - "InstanceMetadataServiceConfiguration": { - "$ref": "#/definitions/AWS::SageMaker::NotebookInstance.InstanceMetadataServiceConfiguration", - "markdownDescription": "Information on the IMDS configuration of the notebook instance", - "title": "InstanceMetadataServiceConfiguration" - }, - "InstanceType": { - "markdownDescription": "The type of ML compute instance to launch for the notebook instance.\n\n> Expect some interruption of service if this parameter is changed as CloudFormation stops a notebook instance and starts it up again to update it.", - "title": "InstanceType", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "The Amazon Resource Name (ARN) of a AWS Key Management Service key that SageMaker AI uses to encrypt data on the storage volume attached to your notebook instance. The KMS key you provide must be enabled. For information, see [Enabling and Disabling Keys](https://docs.aws.amazon.com/kms/latest/developerguide/enabling-keys.html) in the *AWS Key Management Service Developer Guide* .", - "title": "KmsKeyId", - "type": "string" - }, - "LifecycleConfigName": { - "markdownDescription": "The name of a lifecycle configuration to associate with the notebook instance. For information about lifecycle configurations, see [Customize a Notebook Instance](https://docs.aws.amazon.com/sagemaker/latest/dg/notebook-lifecycle-config.html) in the *Amazon SageMaker Developer Guide* .", - "title": "LifecycleConfigName", - "type": "string" - }, - "NotebookInstanceName": { - "markdownDescription": "The name of the new notebook instance.", - "title": "NotebookInstanceName", - "type": "string" - }, - "PlatformIdentifier": { - "markdownDescription": "The platform identifier of the notebook instance runtime environment.", - "title": "PlatformIdentifier", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "When you send any requests to AWS resources from the notebook instance, SageMaker AI assumes this role to perform tasks on your behalf. You must grant this role necessary permissions so SageMaker AI can perform these tasks. The policy must allow the SageMaker AI service principal (sagemaker.amazonaws.com) permissions to assume this role. For more information, see [SageMaker AI Roles](https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-roles.html) .\n\n> To be able to pass this role to SageMaker AI, the caller of this API must have the `iam:PassRole` permission.", - "title": "RoleArn", - "type": "string" - }, - "RootAccess": { - "markdownDescription": "Whether root access is enabled or disabled for users of the notebook instance. The default value is `Enabled` .\n\n> Lifecycle configurations need root access to be able to set up a notebook instance. Because of this, lifecycle configurations associated with a notebook instance always run with root access even if you disable root access for users.", - "title": "RootAccess", - "type": "string" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The VPC security group IDs, in the form sg-xxxxxxxx. The security groups must be for the same VPC as specified in the subnet.", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetId": { - "markdownDescription": "The ID of the subnet in a VPC to which you would like to have a connectivity from your ML compute instance.", - "title": "SubnetId", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of key-value pairs to apply to this resource.\n\nFor more information, see [Resource Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) and [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html#allocation-what) .\n\nYou can add tags later by using the `CreateTags` API.", - "title": "Tags", - "type": "array" - }, - "VolumeSizeInGB": { - "markdownDescription": "The size, in GB, of the ML storage volume to attach to the notebook instance. The default value is 5 GB.\n\n> Expect some interruption of service if this parameter is changed as CloudFormation stops a notebook instance and starts it up again to update it.", - "title": "VolumeSizeInGB", - "type": "number" - } - }, - "required": [ - "InstanceType", - "RoleArn" - ], + "TooltipVisibility": { + "markdownDescription": "The tooltip visibility of the sparkline.", + "title": "TooltipVisibility", "type": "object" }, "Type": { - "enum": [ - "AWS::SageMaker::NotebookInstance" - ], + "markdownDescription": "The type of the sparkline.", + "title": "Type", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::SageMaker::NotebookInstance.InstanceMetadataServiceConfiguration": { - "additionalProperties": false, - "properties": { - "MinimumInstanceMetadataServiceVersion": { - "markdownDescription": "Indicates the minimum IMDS version that the notebook instance supports. When passed as part of `CreateNotebookInstance` , if no value is selected, then it defaults to IMDSv1. This means that both IMDSv1 and IMDSv2 are supported. If passed as part of `UpdateNotebookInstance` , there is no default.", - "title": "MinimumInstanceMetadataServiceVersion", - "type": "string" + "Visibility": { + "markdownDescription": "The visibility of the sparkline.", + "title": "Visibility", + "type": "object" } }, "required": [ - "MinimumInstanceMetadataServiceVersion" + "Type" ], "type": "object" }, - "AWS::SageMaker::NotebookInstanceLifecycleConfig": { + "AWS::QuickSight::Template.KPIVisual": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPIConfiguration", + "markdownDescription": "The configuration of a KPI visual.", + "title": "ChartConfiguration" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" }, - "Metadata": { - "type": "object" + "ConditionalFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPIConditionalFormatting", + "markdownDescription": "The conditional formatting of a KPI visual.", + "title": "ConditionalFormatting" }, - "Properties": { - "additionalProperties": false, - "properties": { - "NotebookInstanceLifecycleConfigName": { - "markdownDescription": "The name of the lifecycle configuration.", - "title": "NotebookInstanceLifecycleConfigName", - "type": "string" - }, - "OnCreate": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::NotebookInstanceLifecycleConfig.NotebookInstanceLifecycleHook" - }, - "markdownDescription": "A shell script that runs only once, when you create a notebook instance. The shell script must be a base64-encoded string.", - "title": "OnCreate", - "type": "array" - }, - "OnStart": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::NotebookInstanceLifecycleConfig.NotebookInstanceLifecycleHook" - }, - "markdownDescription": "A shell script that runs every time you start a notebook instance, including when you create the notebook instance. The shell script must be a base64-encoded string.", - "title": "OnStart", - "type": "array" - } - }, - "type": "object" + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" }, - "Type": { - "enum": [ - "AWS::SageMaker::NotebookInstanceLifecycleConfig" - ], + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", "type": "string" } }, "required": [ - "Type" + "VisualId" ], "type": "object" }, - "AWS::SageMaker::NotebookInstanceLifecycleConfig.NotebookInstanceLifecycleHook": { + "AWS::QuickSight::Template.KPIVisualLayoutOptions": { "additionalProperties": false, "properties": { - "Content": { - "markdownDescription": "A base64-encoded string that contains a shell script for a notebook instance lifecycle configuration.", - "title": "Content", - "type": "string" + "StandardLayout": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPIVisualStandardLayout", + "markdownDescription": "The standard layout of the KPI visual.", + "title": "StandardLayout" } }, "type": "object" }, - "AWS::SageMaker::Pipeline": { + "AWS::QuickSight::Template.KPIVisualStandardLayout": { "additionalProperties": false, "properties": { - "Condition": { + "Type": { + "markdownDescription": "The standard layout type.", + "title": "Type", "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::QuickSight::Template.LabelOptions": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The text for the label.", + "title": "CustomLabel", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "markdownDescription": "The font configuration of the label.", + "title": "FontConfiguration" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ParallelismConfiguration": { - "$ref": "#/definitions/AWS::SageMaker::Pipeline.ParallelismConfiguration", - "markdownDescription": "The parallelism configuration applied to the pipeline.", - "title": "ParallelismConfiguration" - }, - "PipelineDefinition": { - "$ref": "#/definitions/AWS::SageMaker::Pipeline.PipelineDefinition", - "markdownDescription": "The definition of the pipeline. This can be either a JSON string or an Amazon S3 location.", - "title": "PipelineDefinition" - }, - "PipelineDescription": { - "markdownDescription": "The description of the pipeline.", - "title": "PipelineDescription", - "type": "string" - }, - "PipelineDisplayName": { - "markdownDescription": "The display name of the pipeline.", - "title": "PipelineDisplayName", - "type": "string" - }, - "PipelineName": { - "markdownDescription": "The name of the pipeline.", - "title": "PipelineName", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role used to execute the pipeline.", - "title": "RoleArn", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags of the pipeline.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "PipelineDefinition", - "PipelineName", - "RoleArn" - ], + "Visibility": { + "markdownDescription": "Determines whether or not the label is visible.", + "title": "Visibility", "type": "object" - }, - "Type": { - "enum": [ - "AWS::SageMaker::Pipeline" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::SageMaker::Pipeline.ParallelismConfiguration": { + "AWS::QuickSight::Template.Layout": { "additionalProperties": false, "properties": { - "MaxParallelExecutionSteps": { - "markdownDescription": "The max number of steps that can be executed in parallel.", - "title": "MaxParallelExecutionSteps", - "type": "number" + "Configuration": { + "$ref": "#/definitions/AWS::QuickSight::Template.LayoutConfiguration", + "markdownDescription": "The configuration that determines what the type of layout for a sheet.", + "title": "Configuration" } }, "required": [ - "MaxParallelExecutionSteps" + "Configuration" ], "type": "object" }, - "AWS::SageMaker::Pipeline.PipelineDefinition": { + "AWS::QuickSight::Template.LayoutConfiguration": { "additionalProperties": false, "properties": { - "PipelineDefinitionBody": { - "markdownDescription": "The [JSON pipeline definition](https://docs.aws.amazon.com/https://aws-sagemaker-mlops.github.io/sagemaker-model-building-pipeline-definition-JSON-schema/) of the pipeline.", - "title": "PipelineDefinitionBody", - "type": "string" + "FreeFormLayout": { + "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutConfiguration", + "markdownDescription": "A free-form is optimized for a fixed width and has more control over the exact placement of layout elements.", + "title": "FreeFormLayout" }, - "PipelineDefinitionS3Location": { - "$ref": "#/definitions/AWS::SageMaker::Pipeline.S3Location", - "markdownDescription": "The location of the pipeline definition stored in Amazon S3. If specified, SageMaker retrieves the pipeline definition from this location.", - "title": "PipelineDefinitionS3Location" + "GridLayout": { + "$ref": "#/definitions/AWS::QuickSight::Template.GridLayoutConfiguration", + "markdownDescription": "A type of layout that can be used on a sheet. In a grid layout, visuals snap to a grid with standard spacing and alignment. Dashboards are displayed as designed, with options to fit to screen or view at actual size. A grid layout can be configured to behave in one of two ways when the viewport is resized: `FIXED` or `RESPONSIVE` .", + "title": "GridLayout" + }, + "SectionBasedLayout": { + "$ref": "#/definitions/AWS::QuickSight::Template.SectionBasedLayoutConfiguration", + "markdownDescription": "A section based layout organizes visuals into multiple sections and has customized header, footer and page break.", + "title": "SectionBasedLayout" } }, "type": "object" }, - "AWS::SageMaker::Pipeline.S3Location": { + "AWS::QuickSight::Template.LegendOptions": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The name of the S3 bucket.", - "title": "Bucket", + "Height": { + "markdownDescription": "The height of the legend. If this value is omitted, a default height is used when rendering.", + "title": "Height", "type": "string" }, - "ETag": { - "markdownDescription": "A file checksum of the pipeline definition file.", - "title": "ETag", + "Position": { + "markdownDescription": "The positions for the legend. Choose one of the following options:\n\n- `AUTO`\n- `RIGHT`\n- `BOTTOM`\n- `LEFT`", + "title": "Position", "type": "string" }, - "Key": { - "markdownDescription": "The object key (or key name) which uniquely identifies the object in an S3 bucket.", - "title": "Key", - "type": "string" + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", + "markdownDescription": "The custom title for the legend.", + "title": "Title" }, - "Version": { - "markdownDescription": "The version ID of the pipeline definition file. If not specified, Amazon SageMaker will retrieve the latest version.", - "title": "Version", + "ValueFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "markdownDescription": "", + "title": "ValueFontConfiguration" + }, + "Visibility": { + "markdownDescription": "Determines whether or not the legend is visible.", + "title": "Visibility", + "type": "object" + }, + "Width": { + "markdownDescription": "The width of the legend. If this value is omitted, a default width is used when rendering.", + "title": "Width", "type": "string" } }, - "required": [ - "Bucket", - "Key" - ], "type": "object" }, - "AWS::SageMaker::Project": { + "AWS::QuickSight::Template.LineChartAggregatedFieldWells": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The category field wells of a line chart. Values are grouped by category fields.", + "title": "Category", + "type": "array" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The color field wells of a line chart. Values are grouped by category fields.", + "title": "Colors", + "type": "array" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "SmallMultiples": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The small multiples field well of a line chart.", + "title": "SmallMultiples", + "type": "array" }, - "Metadata": { - "type": "object" + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The value field wells of a line chart. Values are aggregated based on categories.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.LineChartConfiguration": { + "additionalProperties": false, + "properties": { + "ContributionAnalysisDefaults": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ContributionAnalysisDefault" + }, + "markdownDescription": "The default configuration of a line chart's contribution analysis.", + "title": "ContributionAnalysisDefaults", + "type": "array" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ProjectDescription": { - "markdownDescription": "The description of the project.", - "title": "ProjectDescription", - "type": "string" - }, - "ProjectName": { - "markdownDescription": "The name of the project.", - "title": "ProjectName", - "type": "string" - }, - "ServiceCatalogProvisionedProductDetails": { - "$ref": "#/definitions/AWS::SageMaker::Project.ServiceCatalogProvisionedProductDetails", - "markdownDescription": "Details of a provisioned service catalog product. For information about service catalog, see [What is AWS Service Catalog](https://docs.aws.amazon.com/servicecatalog/latest/adminguide/introduction.html) .", - "title": "ServiceCatalogProvisionedProductDetails" - }, - "ServiceCatalogProvisioningDetails": { - "$ref": "#/definitions/AWS::SageMaker::Project.ServiceCatalogProvisioningDetails", - "markdownDescription": "The product ID and provisioning artifact ID to provision a service catalog. For information, see [What is AWS Service Catalog](https://docs.aws.amazon.com/servicecatalog/latest/adminguide/introduction.html) .", - "title": "ServiceCatalogProvisioningDetails" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of key-value pairs to apply to this resource.\n\nFor more information, see [Resource Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) and [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html#allocation-what) in the *AWS Billing and Cost Management User Guide* .", - "title": "Tags", - "type": "array" - } + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "markdownDescription": "The data label configuration of a line chart.", + "title": "DataLabels" + }, + "DefaultSeriesSettings": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineChartDefaultSeriesSettings", + "markdownDescription": "The options that determine the default presentation of all line series in `LineChartVisual` .", + "title": "DefaultSeriesSettings" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineChartFieldWells", + "markdownDescription": "The field well configuration of a line chart.", + "title": "FieldWells" + }, + "ForecastConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ForecastConfiguration" }, - "required": [ - "ProjectName", - "ServiceCatalogProvisioningDetails" - ], - "type": "object" + "markdownDescription": "The forecast configuration of a line chart.", + "title": "ForecastConfigurations", + "type": "array" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "markdownDescription": "The legend configuration of a line chart.", + "title": "Legend" + }, + "PrimaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineSeriesAxisDisplayOptions", + "markdownDescription": "The series axis configuration of a line chart.", + "title": "PrimaryYAxisDisplayOptions" + }, + "PrimaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the y-axis label.", + "title": "PrimaryYAxisLabelOptions" + }, + "ReferenceLines": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLine" + }, + "markdownDescription": "The reference lines configuration of a line chart.", + "title": "ReferenceLines", + "type": "array" + }, + "SecondaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineSeriesAxisDisplayOptions", + "markdownDescription": "The series axis configuration of a line chart.", + "title": "SecondaryYAxisDisplayOptions" + }, + "SecondaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the secondary y-axis label.", + "title": "SecondaryYAxisLabelOptions" + }, + "Series": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.SeriesItem" + }, + "markdownDescription": "The series item configuration of a line chart.", + "title": "Series", + "type": "array" + }, + "SingleAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SingleAxisOptions", + "markdownDescription": "", + "title": "SingleAxisOptions" + }, + "SmallMultiplesOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SmallMultiplesOptions", + "markdownDescription": "The small multiples setup for the visual.", + "title": "SmallMultiplesOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineChartSortConfiguration", + "markdownDescription": "The sort configuration of a line chart.", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "markdownDescription": "The tooltip configuration of a line chart.", + "title": "Tooltip" }, "Type": { - "enum": [ - "AWS::SageMaker::Project" - ], + "markdownDescription": "Determines the type of the line chart.", + "title": "Type", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "markdownDescription": "The visual palette configuration of a line chart.", + "title": "VisualPalette" + }, + "XAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the x-axis.", + "title": "XAxisDisplayOptions" + }, + "XAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the x-axis label.", + "title": "XAxisLabelOptions" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::SageMaker::Project.ProvisioningParameter": { + "AWS::QuickSight::Template.LineChartDefaultSeriesSettings": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The key that identifies a provisioning parameter.", - "title": "Key", + "AxisBinding": { + "markdownDescription": "The axis to which you are binding all line series to.", + "title": "AxisBinding", "type": "string" }, - "Value": { - "markdownDescription": "The value of the provisioning parameter.", - "title": "Value", - "type": "string" + "LineStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineChartLineStyleSettings", + "markdownDescription": "Line styles options for all line series in the visual.", + "title": "LineStyleSettings" + }, + "MarkerStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineChartMarkerStyleSettings", + "markdownDescription": "Marker styles options for all line series in the visual.", + "title": "MarkerStyleSettings" } }, - "required": [ - "Key", - "Value" - ], "type": "object" }, - "AWS::SageMaker::Project.ServiceCatalogProvisionedProductDetails": { + "AWS::QuickSight::Template.LineChartFieldWells": { "additionalProperties": false, "properties": { - "ProvisionedProductId": { - "markdownDescription": "The ID of the provisioned product.", - "title": "ProvisionedProductId", - "type": "string" - }, - "ProvisionedProductStatusMessage": { - "markdownDescription": "The current status of the product.\n\n- `AVAILABLE` - Stable state, ready to perform any operation. The most recent operation succeeded and completed.\n- `UNDER_CHANGE` - Transitive state. Operations performed might not have valid results. Wait for an AVAILABLE status before performing operations.\n- `TAINTED` - Stable state, ready to perform any operation. The stack has completed the requested operation but is not exactly what was requested. For example, a request to update to a new version failed and the stack rolled back to the current version.\n- `ERROR` - An unexpected error occurred. The provisioned product exists but the stack is not running. For example, CloudFormation received a parameter value that was not valid and could not launch the stack.\n- `PLAN_IN_PROGRESS` - Transitive state. The plan operations were performed to provision a new product, but resources have not yet been created. After reviewing the list of resources to be created, execute the plan. Wait for an AVAILABLE status before performing operations.", - "title": "ProvisionedProductStatusMessage", - "type": "string" + "LineChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineChartAggregatedFieldWells", + "markdownDescription": "The field well configuration of a line chart.", + "title": "LineChartAggregatedFieldWells" } }, "type": "object" }, - "AWS::SageMaker::Project.ServiceCatalogProvisioningDetails": { + "AWS::QuickSight::Template.LineChartLineStyleSettings": { "additionalProperties": false, "properties": { - "PathId": { - "markdownDescription": "The path identifier of the product. This value is optional if the product has a default path, and required if the product has more than one path.", - "title": "PathId", + "LineInterpolation": { + "markdownDescription": "Interpolation style for line series.\n\n- `LINEAR` : Show as default, linear style.\n- `SMOOTH` : Show as a smooth curve.\n- `STEPPED` : Show steps in line.", + "title": "LineInterpolation", "type": "string" }, - "ProductId": { - "markdownDescription": "The ID of the product to provision.", - "title": "ProductId", + "LineStyle": { + "markdownDescription": "Line style for line series.\n\n- `SOLID` : Show as a solid line.\n- `DOTTED` : Show as a dotted line.\n- `DASHED` : Show as a dashed line.", + "title": "LineStyle", "type": "string" }, - "ProvisioningArtifactId": { - "markdownDescription": "The ID of the provisioning artifact.", - "title": "ProvisioningArtifactId", - "type": "string" + "LineVisibility": { + "markdownDescription": "Configuration option that determines whether to show the line for the series.", + "title": "LineVisibility", + "type": "object" }, - "ProvisioningParameters": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::Project.ProvisioningParameter" - }, - "markdownDescription": "A list of key value pairs that you specify when you provision a product.", - "title": "ProvisioningParameters", - "type": "array" + "LineWidth": { + "markdownDescription": "Width that determines the line thickness.", + "title": "LineWidth", + "type": "string" } }, - "required": [ - "ProductId" - ], "type": "object" }, - "AWS::SageMaker::Space": { + "AWS::QuickSight::Template.LineChartMarkerStyleSettings": { "additionalProperties": false, "properties": { - "Condition": { + "MarkerColor": { + "markdownDescription": "Color of marker in the series.", + "title": "MarkerColor", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "MarkerShape": { + "markdownDescription": "Shape option for markers in the series.\n\n- `CIRCLE` : Show marker as a circle.\n- `TRIANGLE` : Show marker as a triangle.\n- `SQUARE` : Show marker as a square.\n- `DIAMOND` : Show marker as a diamond.\n- `ROUNDED_SQUARE` : Show marker as a rounded square.", + "title": "MarkerShape", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DomainId": { - "markdownDescription": "The ID of the associated domain.", - "title": "DomainId", - "type": "string" - }, - "OwnershipSettings": { - "$ref": "#/definitions/AWS::SageMaker::Space.OwnershipSettings", - "markdownDescription": "The collection of ownership settings for a space.", - "title": "OwnershipSettings" - }, - "SpaceDisplayName": { - "markdownDescription": "The name of the space that appears in the Studio UI.", - "title": "SpaceDisplayName", - "type": "string" - }, - "SpaceName": { - "markdownDescription": "The name of the space.", - "title": "SpaceName", - "type": "string" - }, - "SpaceSettings": { - "$ref": "#/definitions/AWS::SageMaker::Space.SpaceSettings", - "markdownDescription": "A collection of space settings.", - "title": "SpaceSettings" - }, - "SpaceSharingSettings": { - "$ref": "#/definitions/AWS::SageMaker::Space.SpaceSharingSettings", - "markdownDescription": "A collection of space sharing settings.", - "title": "SpaceSharingSettings" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "DomainId", - "SpaceName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::SageMaker::Space" - ], + "MarkerSize": { + "markdownDescription": "Size of marker in the series.", + "title": "MarkerSize", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "MarkerVisibility": { + "markdownDescription": "Configuration option that determines whether to show the markers in the series.", + "title": "MarkerVisibility", + "type": "object" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::SageMaker::Space.CodeRepository": { + "AWS::QuickSight::Template.LineChartSeriesSettings": { "additionalProperties": false, "properties": { - "RepositoryUrl": { - "markdownDescription": "The URL of the Git repository.", - "title": "RepositoryUrl", - "type": "string" + "LineStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineChartLineStyleSettings", + "markdownDescription": "Line styles options for a line series in `LineChartVisual` .", + "title": "LineStyleSettings" + }, + "MarkerStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineChartMarkerStyleSettings", + "markdownDescription": "Marker styles options for a line series in `LineChartVisual` .", + "title": "MarkerStyleSettings" } }, - "required": [ - "RepositoryUrl" - ], "type": "object" }, - "AWS::SageMaker::Space.CustomFileSystem": { + "AWS::QuickSight::Template.LineChartSortConfiguration": { "additionalProperties": false, "properties": { - "EFSFileSystem": { - "$ref": "#/definitions/AWS::SageMaker::Space.EFSFileSystem", - "markdownDescription": "A custom file system in Amazon EFS.", - "title": "EFSFileSystem" + "CategoryItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of categories that are displayed in a line chart.", + "title": "CategoryItemsLimitConfiguration" + }, + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the category fields.", + "title": "CategorySort", + "type": "array" + }, + "ColorItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of lines that are displayed in a line chart.", + "title": "ColorItemsLimitConfiguration" + }, + "SmallMultiplesLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of small multiples panels that are displayed.", + "title": "SmallMultiplesLimitConfiguration" + }, + "SmallMultiplesSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the small multiples field.", + "title": "SmallMultiplesSort", + "type": "array" } }, "type": "object" }, - "AWS::SageMaker::Space.CustomImage": { + "AWS::QuickSight::Template.LineChartVisual": { "additionalProperties": false, "properties": { - "AppImageConfigName": { - "markdownDescription": "The name of the AppImageConfig.", - "title": "AppImageConfigName", - "type": "string" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" }, - "ImageName": { - "markdownDescription": "The name of the CustomImage. Must be unique to your account.", - "title": "ImageName", + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineChartConfiguration", + "markdownDescription": "The configuration of a line chart.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", "type": "string" }, - "ImageVersionNumber": { - "markdownDescription": "The version number of the CustomImage.", - "title": "ImageVersionNumber", - "type": "number" + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" } }, "required": [ - "AppImageConfigName", - "ImageName" + "VisualId" ], "type": "object" }, - "AWS::SageMaker::Space.EFSFileSystem": { + "AWS::QuickSight::Template.LineSeriesAxisDisplayOptions": { "additionalProperties": false, "properties": { - "FileSystemId": { - "markdownDescription": "The ID of your Amazon EFS file system.", - "title": "FileSystemId", - "type": "string" + "AxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the line series axis.", + "title": "AxisOptions" + }, + "MissingDataConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MissingDataConfiguration" + }, + "markdownDescription": "The configuration options that determine how missing data is treated during the rendering of a line chart.", + "title": "MissingDataConfigurations", + "type": "array" } }, - "required": [ - "FileSystemId" - ], "type": "object" }, - "AWS::SageMaker::Space.EbsStorageSettings": { + "AWS::QuickSight::Template.ListControlDisplayOptions": { "additionalProperties": false, "properties": { - "EbsVolumeSizeInGb": { - "markdownDescription": "The size of an EBS storage volume for a space.", - "title": "EbsVolumeSizeInGb", - "type": "number" + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "SearchOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ListControlSearchOptions", + "markdownDescription": "The configuration of the search options in a list control.", + "title": "SearchOptions" + }, + "SelectAllOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ListControlSelectAllOptions", + "markdownDescription": "The configuration of the `Select all` options in a list control.", + "title": "SelectAllOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" } }, - "required": [ - "EbsVolumeSizeInGb" - ], "type": "object" }, - "AWS::SageMaker::Space.JupyterServerAppSettings": { + "AWS::QuickSight::Template.ListControlSearchOptions": { "additionalProperties": false, "properties": { - "DefaultResourceSpec": { - "$ref": "#/definitions/AWS::SageMaker::Space.ResourceSpec", - "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker AI image used by the JupyterServer app. If you use the `LifecycleConfigArns` parameter, then this parameter is also required.", - "title": "DefaultResourceSpec" + "Visibility": { + "markdownDescription": "The visibility configuration of the search options in a list control.", + "title": "Visibility", + "type": "object" } }, "type": "object" }, - "AWS::SageMaker::Space.KernelGatewayAppSettings": { + "AWS::QuickSight::Template.ListControlSelectAllOptions": { "additionalProperties": false, "properties": { - "CustomImages": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::Space.CustomImage" - }, - "markdownDescription": "A list of custom SageMaker AI images that are configured to run as a KernelGateway app.\n\nThe maximum number of custom images are as follows.\n\n- On a domain level: 200\n- On a space level: 5\n- On a user profile level: 5", - "title": "CustomImages", - "type": "array" - }, - "DefaultResourceSpec": { - "$ref": "#/definitions/AWS::SageMaker::Space.ResourceSpec", - "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker AI image used by the KernelGateway app.\n\n> The Amazon SageMaker AI Studio UI does not use the default instance type value set here. The default instance type set here is used when Apps are created using the AWS CLI or AWS CloudFormation and the instance type parameter value is not passed.", - "title": "DefaultResourceSpec" + "Visibility": { + "markdownDescription": "The visibility configuration of the `Select all` options in a list control.", + "title": "Visibility", + "type": "object" } }, "type": "object" }, - "AWS::SageMaker::Space.OwnershipSettings": { + "AWS::QuickSight::Template.LoadingAnimation": { "additionalProperties": false, "properties": { - "OwnerUserProfileName": { - "markdownDescription": "The user profile who is the owner of the space.", - "title": "OwnerUserProfileName", + "Visibility": { + "markdownDescription": "The visibility configuration of `LoadingAnimation` .", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.LocalNavigationConfiguration": { + "additionalProperties": false, + "properties": { + "TargetSheetId": { + "markdownDescription": "The sheet that is targeted for navigation in the same analysis.", + "title": "TargetSheetId", "type": "string" } }, "required": [ - "OwnerUserProfileName" + "TargetSheetId" ], "type": "object" }, - "AWS::SageMaker::Space.ResourceSpec": { + "AWS::QuickSight::Template.LongFormatText": { "additionalProperties": false, "properties": { - "InstanceType": { - "markdownDescription": "The instance type that the image version runs on.\n\n> *JupyterServer apps* only support the `system` value.\n> \n> For *KernelGateway apps* , the `system` value is translated to `ml.t3.medium` . KernelGateway apps also support all other values for available instance types.", - "title": "InstanceType", - "type": "string" - }, - "SageMakerImageArn": { - "markdownDescription": "The ARN of the SageMaker AI image that the image version belongs to.", - "title": "SageMakerImageArn", + "PlainText": { + "markdownDescription": "Plain text format.", + "title": "PlainText", "type": "string" }, - "SageMakerImageVersionArn": { - "markdownDescription": "The ARN of the image version created on the instance. To clear the value set for `SageMakerImageVersionArn` , pass `None` as the value.", - "title": "SageMakerImageVersionArn", + "RichText": { + "markdownDescription": "Rich text. Examples of rich text include bold, underline, and italics.", + "title": "RichText", "type": "string" } }, "type": "object" }, - "AWS::SageMaker::Space.SpaceCodeEditorAppSettings": { + "AWS::QuickSight::Template.MappedDataSetParameter": { "additionalProperties": false, "properties": { - "DefaultResourceSpec": { - "$ref": "#/definitions/AWS::SageMaker::Space.ResourceSpec", - "markdownDescription": "Specifies the ARNs of a SageMaker image and SageMaker image version, and the instance type that the version runs on.", - "title": "DefaultResourceSpec" + "DataSetIdentifier": { + "markdownDescription": "A unique name that identifies a dataset within the analysis or dashboard.", + "title": "DataSetIdentifier", + "type": "string" + }, + "DataSetParameterName": { + "markdownDescription": "The name of the dataset parameter.", + "title": "DataSetParameterName", + "type": "string" } }, + "required": [ + "DataSetIdentifier", + "DataSetParameterName" + ], "type": "object" }, - "AWS::SageMaker::Space.SpaceJupyterLabAppSettings": { + "AWS::QuickSight::Template.MaximumLabelType": { "additionalProperties": false, "properties": { - "CodeRepositories": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::Space.CodeRepository" - }, - "markdownDescription": "A list of Git repositories that SageMaker automatically displays to users for cloning in the JupyterLab application.", - "title": "CodeRepositories", - "type": "array" - }, - "DefaultResourceSpec": { - "$ref": "#/definitions/AWS::SageMaker::Space.ResourceSpec", - "markdownDescription": "Specifies the ARNs of a SageMaker image and SageMaker image version, and the instance type that the version runs on.", - "title": "DefaultResourceSpec" + "Visibility": { + "markdownDescription": "The visibility of the maximum label.", + "title": "Visibility", + "type": "object" } }, "type": "object" }, - "AWS::SageMaker::Space.SpaceSettings": { + "AWS::QuickSight::Template.MaximumMinimumComputation": { "additionalProperties": false, "properties": { - "AppType": { - "markdownDescription": "The type of app created within the space.\n\nIf using the [UpdateSpace](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateSpace.html) API, you can't change the app type of your space by specifying a different value for this field.", - "title": "AppType", + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", "type": "string" }, - "CodeEditorAppSettings": { - "$ref": "#/definitions/AWS::SageMaker::Space.SpaceCodeEditorAppSettings", - "markdownDescription": "The Code Editor application settings.", - "title": "CodeEditorAppSettings" - }, - "CustomFileSystems": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::Space.CustomFileSystem" - }, - "markdownDescription": "A file system, created by you, that you assign to a space for an Amazon SageMaker AI Domain. Permitted users can access this file system in Amazon SageMaker AI Studio.", - "title": "CustomFileSystems", - "type": "array" - }, - "JupyterLabAppSettings": { - "$ref": "#/definitions/AWS::SageMaker::Space.SpaceJupyterLabAppSettings", - "markdownDescription": "The settings for the JupyterLab application.", - "title": "JupyterLabAppSettings" - }, - "JupyterServerAppSettings": { - "$ref": "#/definitions/AWS::SageMaker::Space.JupyterServerAppSettings", - "markdownDescription": "The JupyterServer app settings.", - "title": "JupyterServerAppSettings" + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" }, - "KernelGatewayAppSettings": { - "$ref": "#/definitions/AWS::SageMaker::Space.KernelGatewayAppSettings", - "markdownDescription": "The KernelGateway app settings.", - "title": "KernelGatewayAppSettings" + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" }, - "SpaceStorageSettings": { - "$ref": "#/definitions/AWS::SageMaker::Space.SpaceStorageSettings", - "markdownDescription": "The storage settings for a space.", - "title": "SpaceStorageSettings" - } - }, - "type": "object" - }, - "AWS::SageMaker::Space.SpaceSharingSettings": { - "additionalProperties": false, - "properties": { - "SharingType": { - "markdownDescription": "Specifies the sharing type of the space.", - "title": "SharingType", + "Type": { + "markdownDescription": "The type of computation. Choose one of the following options:\n\n- MAXIMUM: A maximum computation.\n- MINIMUM: A minimum computation.", + "title": "Type", "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" } }, "required": [ - "SharingType" + "ComputationId", + "Type" ], "type": "object" }, - "AWS::SageMaker::Space.SpaceStorageSettings": { + "AWS::QuickSight::Template.MeasureField": { "additionalProperties": false, "properties": { - "EbsStorageSettings": { - "$ref": "#/definitions/AWS::SageMaker::Space.EbsStorageSettings", - "markdownDescription": "A collection of EBS storage settings for a space.", - "title": "EbsStorageSettings" + "CalculatedMeasureField": { + "$ref": "#/definitions/AWS::QuickSight::Template.CalculatedMeasureField", + "markdownDescription": "The calculated measure field only used in pivot tables.", + "title": "CalculatedMeasureField" + }, + "CategoricalMeasureField": { + "$ref": "#/definitions/AWS::QuickSight::Template.CategoricalMeasureField", + "markdownDescription": "The measure type field with categorical type columns.", + "title": "CategoricalMeasureField" + }, + "DateMeasureField": { + "$ref": "#/definitions/AWS::QuickSight::Template.DateMeasureField", + "markdownDescription": "The measure type field with date type columns.", + "title": "DateMeasureField" + }, + "NumericalMeasureField": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericalMeasureField", + "markdownDescription": "The measure type field with numerical type columns.", + "title": "NumericalMeasureField" } }, "type": "object" }, - "AWS::SageMaker::UserProfile": { + "AWS::QuickSight::Template.MetricComparisonComputation": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DomainId": { - "markdownDescription": "The domain ID.", - "title": "DomainId", - "type": "string" - }, - "SingleSignOnUserIdentifier": { - "markdownDescription": "A specifier for the type of value specified in SingleSignOnUserValue. Currently, the only supported value is \"UserName\". If the Domain's AuthMode is IAM Identity Center , this field is required. If the Domain's AuthMode is not IAM Identity Center , this field cannot be specified.", - "title": "SingleSignOnUserIdentifier", - "type": "string" - }, - "SingleSignOnUserValue": { - "markdownDescription": "The username of the associated AWS Single Sign-On User for this UserProfile. If the Domain's AuthMode is IAM Identity Center , this field is required, and must match a valid username of a user in your directory. If the Domain's AuthMode is not IAM Identity Center , this field cannot be specified.", - "title": "SingleSignOnUserValue", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nTags that you specify for the User Profile are also added to all apps that the User Profile launches.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - }, - "UserProfileName": { - "markdownDescription": "The user profile name.", - "title": "UserProfileName", - "type": "string" - }, - "UserSettings": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.UserSettings", - "markdownDescription": "A collection of settings that apply to users of Amazon SageMaker Studio.", - "title": "UserSettings" - } - }, - "required": [ - "DomainId", - "UserProfileName" - ], - "type": "object" + "FromValue": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", + "markdownDescription": "The field that is used in a metric comparison from value setup.", + "title": "FromValue" }, - "Type": { - "enum": [ - "AWS::SageMaker::UserProfile" - ], + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "TargetValue": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", + "markdownDescription": "The field that is used in a metric comparison to value setup.", + "title": "TargetValue" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" } }, "required": [ - "Type", - "Properties" + "ComputationId" ], "type": "object" }, - "AWS::SageMaker::UserProfile.CodeEditorAppSettings": { + "AWS::QuickSight::Template.MinimumLabelType": { "additionalProperties": false, "properties": { - "CustomImages": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.CustomImage" - }, - "markdownDescription": "A list of custom SageMaker images that are configured to run as a Code Editor app.", - "title": "CustomImages", - "type": "array" - }, - "DefaultResourceSpec": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.ResourceSpec", - "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the Code Editor app.", - "title": "DefaultResourceSpec" - }, - "LifecycleConfigArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Name (ARN) of the Code Editor application lifecycle configuration.", - "title": "LifecycleConfigArns", - "type": "array" + "Visibility": { + "markdownDescription": "The visibility of the minimum label.", + "title": "Visibility", + "type": "object" } }, "type": "object" }, - "AWS::SageMaker::UserProfile.CodeRepository": { + "AWS::QuickSight::Template.MissingDataConfiguration": { "additionalProperties": false, "properties": { - "RepositoryUrl": { - "markdownDescription": "The URL of the Git repository.", - "title": "RepositoryUrl", + "TreatmentOption": { + "markdownDescription": "The treatment option that determines how missing data should be rendered. Choose from the following options:\n\n- `INTERPOLATE` : Interpolate missing values between the prior and the next known value.\n- `SHOW_AS_ZERO` : Show missing values as the value `0` .\n- `SHOW_AS_BLANK` : Display a blank space when rendering missing data.", + "title": "TreatmentOption", "type": "string" } }, - "required": [ - "RepositoryUrl" - ], "type": "object" }, - "AWS::SageMaker::UserProfile.CustomFileSystemConfig": { + "AWS::QuickSight::Template.NegativeValueConfiguration": { "additionalProperties": false, "properties": { - "EFSFileSystemConfig": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.EFSFileSystemConfig", - "markdownDescription": "The settings for a custom Amazon EFS file system.", - "title": "EFSFileSystemConfig" + "DisplayMode": { + "markdownDescription": "Determines the display mode of the negative value configuration.", + "title": "DisplayMode", + "type": "string" } }, + "required": [ + "DisplayMode" + ], "type": "object" }, - "AWS::SageMaker::UserProfile.CustomImage": { + "AWS::QuickSight::Template.NestedFilter": { "additionalProperties": false, "properties": { - "AppImageConfigName": { - "markdownDescription": "The name of the AppImageConfig.", - "title": "AppImageConfigName", - "type": "string" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" }, - "ImageName": { - "markdownDescription": "The name of the CustomImage. Must be unique to your account.", - "title": "ImageName", + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", "type": "string" }, - "ImageVersionNumber": { - "markdownDescription": "The version number of the CustomImage.", - "title": "ImageVersionNumber", - "type": "number" + "IncludeInnerSet": { + "markdownDescription": "A boolean condition to include or exclude the subset that is defined by the values of the nested inner filter.", + "title": "IncludeInnerSet", + "type": "boolean" + }, + "InnerFilter": { + "$ref": "#/definitions/AWS::QuickSight::Template.InnerFilter", + "markdownDescription": "The `InnerFilter` defines the subset of data to be used with the `NestedFilter` .", + "title": "InnerFilter" } }, "required": [ - "AppImageConfigName", - "ImageName" + "Column", + "FilterId", + "IncludeInnerSet", + "InnerFilter" ], "type": "object" }, - "AWS::SageMaker::UserProfile.CustomPosixUserConfig": { + "AWS::QuickSight::Template.NullValueFormatConfiguration": { "additionalProperties": false, "properties": { - "Gid": { - "markdownDescription": "The POSIX group ID.", - "title": "Gid", - "type": "number" - }, - "Uid": { - "markdownDescription": "The POSIX user ID.", - "title": "Uid", - "type": "number" + "NullString": { + "markdownDescription": "Determines the null string of null values.", + "title": "NullString", + "type": "string" } }, "required": [ - "Gid", - "Uid" + "NullString" ], "type": "object" }, - "AWS::SageMaker::UserProfile.DefaultEbsStorageSettings": { + "AWS::QuickSight::Template.NumberDisplayFormatConfiguration": { "additionalProperties": false, "properties": { - "DefaultEbsVolumeSizeInGb": { - "markdownDescription": "The default size of the EBS storage volume for a space.", - "title": "DefaultEbsVolumeSizeInGb", - "type": "number" + "DecimalPlacesConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DecimalPlacesConfiguration", + "markdownDescription": "The option that determines the decimal places configuration.", + "title": "DecimalPlacesConfiguration" }, - "MaximumEbsVolumeSizeInGb": { - "markdownDescription": "The maximum size of the EBS storage volume for a space.", - "title": "MaximumEbsVolumeSizeInGb", - "type": "number" + "NegativeValueConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NegativeValueConfiguration", + "markdownDescription": "The options that determine the negative value configuration.", + "title": "NegativeValueConfiguration" + }, + "NullValueFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NullValueFormatConfiguration", + "markdownDescription": "The options that determine the null value format configuration.", + "title": "NullValueFormatConfiguration" + }, + "NumberScale": { + "markdownDescription": "Determines the number scale value of the number format.", + "title": "NumberScale", + "type": "string" + }, + "Prefix": { + "markdownDescription": "Determines the prefix value of the number format.", + "title": "Prefix", + "type": "string" + }, + "SeparatorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericSeparatorConfiguration", + "markdownDescription": "The options that determine the numeric separator configuration.", + "title": "SeparatorConfiguration" + }, + "Suffix": { + "markdownDescription": "Determines the suffix value of the number format.", + "title": "Suffix", + "type": "string" } }, - "required": [ - "DefaultEbsVolumeSizeInGb", - "MaximumEbsVolumeSizeInGb" - ], "type": "object" }, - "AWS::SageMaker::UserProfile.DefaultSpaceStorageSettings": { + "AWS::QuickSight::Template.NumberFormatConfiguration": { "additionalProperties": false, "properties": { - "DefaultEbsStorageSettings": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.DefaultEbsStorageSettings", - "markdownDescription": "The default EBS storage settings for a space.", - "title": "DefaultEbsStorageSettings" + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericFormatConfiguration", + "markdownDescription": "The options that determine the numeric format configuration.", + "title": "FormatConfiguration" } }, "type": "object" }, - "AWS::SageMaker::UserProfile.EFSFileSystemConfig": { + "AWS::QuickSight::Template.NumericAxisOptions": { "additionalProperties": false, "properties": { - "FileSystemId": { - "markdownDescription": "The ID of your Amazon EFS file system.", - "title": "FileSystemId", - "type": "string" + "Range": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayRange", + "markdownDescription": "The range setup of a numeric axis.", + "title": "Range" }, - "FileSystemPath": { - "markdownDescription": "The path to the file system directory that is accessible in Amazon SageMaker AI Studio. Permitted users can access only this directory and below.", - "title": "FileSystemPath", - "type": "string" + "Scale": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisScale", + "markdownDescription": "The scale setup of a numeric axis.", + "title": "Scale" } }, - "required": [ - "FileSystemId" - ], "type": "object" }, - "AWS::SageMaker::UserProfile.JupyterLabAppSettings": { + "AWS::QuickSight::Template.NumericEqualityDrillDownFilter": { "additionalProperties": false, "properties": { - "CodeRepositories": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.CodeRepository" - }, - "markdownDescription": "A list of Git repositories that SageMaker automatically displays to users for cloning in the JupyterLab application.", - "title": "CodeRepositories", - "type": "array" - }, - "CustomImages": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.CustomImage" - }, - "markdownDescription": "A list of custom SageMaker images that are configured to run as a JupyterLab app.", - "title": "CustomImages", - "type": "array" - }, - "DefaultResourceSpec": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.ResourceSpec", - "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the JupyterLab app.", - "title": "DefaultResourceSpec" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" }, - "LifecycleConfigArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Name (ARN) of the lifecycle configurations attached to the user profile or domain. To remove a lifecycle config, you must set `LifecycleConfigArns` to an empty list.", - "title": "LifecycleConfigArns", - "type": "array" - } - }, - "type": "object" - }, - "AWS::SageMaker::UserProfile.JupyterServerAppSettings": { - "additionalProperties": false, - "properties": { - "DefaultResourceSpec": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.ResourceSpec", - "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the JupyterServer app.", - "title": "DefaultResourceSpec" + "Value": { + "markdownDescription": "The value of the double input numeric drill down filter.", + "title": "Value", + "type": "number" } }, + "required": [ + "Column", + "Value" + ], "type": "object" }, - "AWS::SageMaker::UserProfile.KernelGatewayAppSettings": { + "AWS::QuickSight::Template.NumericEqualityFilter": { "additionalProperties": false, "properties": { - "CustomImages": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.CustomImage" - }, - "markdownDescription": "A list of custom SageMaker AI images that are configured to run as a KernelGateway app.\n\nThe maximum number of custom images are as follows.\n\n- On a domain level: 200\n- On a space level: 5\n- On a user profile level: 5", - "title": "CustomImages", - "type": "array" + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Template.AggregationFunction", + "markdownDescription": "The aggregation function of the filter.", + "title": "AggregationFunction" }, - "DefaultResourceSpec": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.ResourceSpec", - "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker AI image used by the KernelGateway app.\n\n> The Amazon SageMaker AI Studio UI does not use the default instance type value set here. The default instance type set here is used when Apps are created using the AWS CLI or AWS CloudFormation and the instance type parameter value is not passed.", - "title": "DefaultResourceSpec" - } - }, - "type": "object" - }, - "AWS::SageMaker::UserProfile.RStudioServerProAppSettings": { - "additionalProperties": false, - "properties": { - "AccessStatus": { - "markdownDescription": "Indicates whether the current user has access to the `RStudioServerPro` app.", - "title": "AccessStatus", + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", "type": "string" }, - "UserGroup": { - "markdownDescription": "The level of permissions that the user has within the `RStudioServerPro` app. This value defaults to `User`. The `Admin` value allows the user access to the RStudio Administrative Dashboard.", - "title": "UserGroup", + "MatchOperator": { + "markdownDescription": "The match operator that is used to determine if a filter should be applied.", + "title": "MatchOperator", "type": "string" - } - }, - "type": "object" - }, - "AWS::SageMaker::UserProfile.ResourceSpec": { - "additionalProperties": false, - "properties": { - "InstanceType": { - "markdownDescription": "The instance type that the image version runs on.\n\n> *JupyterServer apps* only support the `system` value.\n> \n> For *KernelGateway apps* , the `system` value is translated to `ml.t3.medium` . KernelGateway apps also support all other values for available instance types.", - "title": "InstanceType", + }, + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", "type": "string" }, - "SageMakerImageArn": { - "markdownDescription": "The ARN of the SageMaker AI image that the image version belongs to.", - "title": "SageMakerImageArn", + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.", + "title": "ParameterName", "type": "string" }, - "SageMakerImageVersionArn": { - "markdownDescription": "The ARN of the image version created on the instance. To clear the value set for `SageMakerImageVersionArn` , pass `None` as the value.", - "title": "SageMakerImageVersionArn", + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", "type": "string" + }, + "Value": { + "markdownDescription": "The input value.", + "title": "Value", + "type": "number" } }, + "required": [ + "Column", + "FilterId", + "MatchOperator", + "NullOption" + ], "type": "object" }, - "AWS::SageMaker::UserProfile.SharingSettings": { + "AWS::QuickSight::Template.NumericFormatConfiguration": { "additionalProperties": false, "properties": { - "NotebookOutputOption": { - "markdownDescription": "Whether to include the notebook cell output when sharing the notebook. The default is `Disabled` .", - "title": "NotebookOutputOption", - "type": "string" + "CurrencyDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.CurrencyDisplayFormatConfiguration", + "markdownDescription": "The options that determine the currency display format configuration.", + "title": "CurrencyDisplayFormatConfiguration" }, - "S3KmsKeyId": { - "markdownDescription": "When `NotebookOutputOption` is `Allowed` , the AWS Key Management Service (KMS) encryption key ID used to encrypt the notebook cell output in the Amazon S3 bucket.", - "title": "S3KmsKeyId", - "type": "string" + "NumberDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumberDisplayFormatConfiguration", + "markdownDescription": "The options that determine the number display format configuration.", + "title": "NumberDisplayFormatConfiguration" }, - "S3OutputPath": { - "markdownDescription": "When `NotebookOutputOption` is `Allowed` , the Amazon S3 bucket used to store the shared notebook snapshots.", - "title": "S3OutputPath", - "type": "string" + "PercentageDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.PercentageDisplayFormatConfiguration", + "markdownDescription": "The options that determine the percentage display format configuration.", + "title": "PercentageDisplayFormatConfiguration" } }, "type": "object" }, - "AWS::SageMaker::UserProfile.UserSettings": { + "AWS::QuickSight::Template.NumericRangeFilter": { "additionalProperties": false, "properties": { - "CodeEditorAppSettings": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.CodeEditorAppSettings", - "markdownDescription": "The Code Editor application settings.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", - "title": "CodeEditorAppSettings" - }, - "CustomFileSystemConfigs": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.CustomFileSystemConfig" - }, - "markdownDescription": "The settings for assigning a custom file system to a user profile. Permitted users can access this file system in Amazon SageMaker AI Studio.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", - "title": "CustomFileSystemConfigs", - "type": "array" + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Template.AggregationFunction", + "markdownDescription": "The aggregation function of the filter.", + "title": "AggregationFunction" }, - "CustomPosixUserConfig": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.CustomPosixUserConfig", - "markdownDescription": "Details about the POSIX identity that is used for file system operations.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", - "title": "CustomPosixUserConfig" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" }, - "DefaultLandingUri": { - "markdownDescription": "The default experience that the user is directed to when accessing the domain. The supported values are:\n\n- `studio::` : Indicates that Studio is the default experience. This value can only be passed if `StudioWebPortal` is set to `ENABLED` .\n- `app:JupyterServer:` : Indicates that Studio Classic is the default experience.", - "title": "DefaultLandingUri", - "type": "string" + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" }, - "ExecutionRole": { - "markdownDescription": "The execution role for the user.\n\nSageMaker applies this setting only to private spaces that the user creates in the domain. SageMaker doesn't apply this setting to shared spaces.", - "title": "ExecutionRole", + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", "type": "string" }, - "JupyterLabAppSettings": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.JupyterLabAppSettings", - "markdownDescription": "The settings for the JupyterLab application.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", - "title": "JupyterLabAppSettings" - }, - "JupyterServerAppSettings": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.JupyterServerAppSettings", - "markdownDescription": "The Jupyter server's app settings.", - "title": "JupyterServerAppSettings" - }, - "KernelGatewayAppSettings": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.KernelGatewayAppSettings", - "markdownDescription": "The kernel gateway app settings.", - "title": "KernelGatewayAppSettings" - }, - "RStudioServerProAppSettings": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.RStudioServerProAppSettings", - "markdownDescription": "A collection of settings that configure user interaction with the `RStudioServerPro` app.", - "title": "RStudioServerProAppSettings" - }, - "SecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "The security groups for the Amazon Virtual Private Cloud (VPC) that the domain uses for communication.\n\nOptional when the `CreateDomain.AppNetworkAccessType` parameter is set to `PublicInternetOnly` .\n\nRequired when the `CreateDomain.AppNetworkAccessType` parameter is set to `VpcOnly` , unless specified as part of the `DefaultUserSettings` for the domain.\n\nAmazon SageMaker AI adds a security group to allow NFS traffic from Amazon SageMaker AI Studio. Therefore, the number of security groups that you can specify is one less than the maximum number shown.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", - "title": "SecurityGroups", - "type": "array" - }, - "SharingSettings": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.SharingSettings", - "markdownDescription": "Specifies options for sharing Amazon SageMaker AI Studio notebooks.", - "title": "SharingSettings" - }, - "SpaceStorageSettings": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.DefaultSpaceStorageSettings", - "markdownDescription": "The storage settings for a space.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", - "title": "SpaceStorageSettings" + "IncludeMaximum": { + "markdownDescription": "Determines whether the maximum value in the filter value range should be included in the filtered results.", + "title": "IncludeMaximum", + "type": "boolean" }, - "StudioWebPortal": { - "markdownDescription": "Whether the user can access Studio. If this value is set to `DISABLED` , the user cannot access Studio, even if that is the default experience for the domain.", - "title": "StudioWebPortal", - "type": "string" - } - }, - "type": "object" - }, - "AWS::SageMaker::Workteam": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" + "IncludeMinimum": { + "markdownDescription": "Determines whether the minimum value in the filter value range should be included in the filtered results.", + "title": "IncludeMinimum", + "type": "boolean" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description of the work team.", - "title": "Description", - "type": "string" - }, - "MemberDefinitions": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::Workteam.MemberDefinition" - }, - "markdownDescription": "A list of `MemberDefinition` objects that contains objects that identify the workers that make up the work team.\n\nWorkforces can be created using Amazon Cognito or your own OIDC Identity Provider (IdP). For private workforces created using Amazon Cognito use `CognitoMemberDefinition` . For workforces created using your own OIDC identity provider (IdP) use `OidcMemberDefinition` .", - "title": "MemberDefinitions", - "type": "array" - }, - "NotificationConfiguration": { - "$ref": "#/definitions/AWS::SageMaker::Workteam.NotificationConfiguration", - "markdownDescription": "Configures SNS notifications of available or expiring work items for work teams.", - "title": "NotificationConfiguration" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs.", - "title": "Tags", - "type": "array" - }, - "WorkforceName": { - "markdownDescription": "The name of the workforce.", - "title": "WorkforceName", - "type": "string" - }, - "WorkteamName": { - "markdownDescription": "The name of the work team.", - "title": "WorkteamName", - "type": "string" - } - }, - "type": "object" + "RangeMaximum": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericRangeFilterValue", + "markdownDescription": "The maximum value for the filter value range.", + "title": "RangeMaximum" }, - "Type": { - "enum": [ - "AWS::SageMaker::Workteam" - ], - "type": "string" + "RangeMinimum": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericRangeFilterValue", + "markdownDescription": "The minimum value for the filter value range.", + "title": "RangeMinimum" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", "type": "string" } }, "required": [ - "Type" + "Column", + "FilterId", + "NullOption" ], "type": "object" }, - "AWS::SageMaker::Workteam.CognitoMemberDefinition": { + "AWS::QuickSight::Template.NumericRangeFilterValue": { "additionalProperties": false, "properties": { - "CognitoClientId": { - "markdownDescription": "An identifier for an application client. You must create the app client ID using Amazon Cognito .", - "title": "CognitoClientId", - "type": "string" - }, - "CognitoUserGroup": { - "markdownDescription": "An identifier for a user group.", - "title": "CognitoUserGroup", + "Parameter": { + "markdownDescription": "The parameter that is used in the numeric range.", + "title": "Parameter", "type": "string" }, - "CognitoUserPool": { - "markdownDescription": "An identifier for a user pool. The user pool must be in the same region as the service that you are calling.", - "title": "CognitoUserPool", - "type": "string" + "StaticValue": { + "markdownDescription": "The static value of the numeric range filter.", + "title": "StaticValue", + "type": "number" } }, - "required": [ - "CognitoClientId", - "CognitoUserGroup", - "CognitoUserPool" - ], "type": "object" }, - "AWS::SageMaker::Workteam.MemberDefinition": { + "AWS::QuickSight::Template.NumericSeparatorConfiguration": { "additionalProperties": false, "properties": { - "CognitoMemberDefinition": { - "$ref": "#/definitions/AWS::SageMaker::Workteam.CognitoMemberDefinition", - "markdownDescription": "The Amazon Cognito user group that is part of the work team.", - "title": "CognitoMemberDefinition" + "DecimalSeparator": { + "markdownDescription": "Determines the decimal separator.", + "title": "DecimalSeparator", + "type": "string" }, - "OidcMemberDefinition": { - "$ref": "#/definitions/AWS::SageMaker::Workteam.OidcMemberDefinition", - "markdownDescription": "A list user groups that exist in your OIDC Identity Provider (IdP). One to ten groups can be used to create a single private work team. When you add a user group to the list of `Groups` , you can add that user group to one or more private work teams. If you add a user group to a private work team, all workers in that user group are added to the work team.", - "title": "OidcMemberDefinition" + "ThousandsSeparator": { + "$ref": "#/definitions/AWS::QuickSight::Template.ThousandSeparatorOptions", + "markdownDescription": "The options that determine the thousands separator configuration.", + "title": "ThousandsSeparator" } }, "type": "object" }, - "AWS::SageMaker::Workteam.NotificationConfiguration": { + "AWS::QuickSight::Template.NumericalAggregationFunction": { "additionalProperties": false, "properties": { - "NotificationTopicArn": { - "markdownDescription": "The ARN for the Amazon SNS topic to which notifications should be published.", - "title": "NotificationTopicArn", + "PercentileAggregation": { + "$ref": "#/definitions/AWS::QuickSight::Template.PercentileAggregation", + "markdownDescription": "An aggregation based on the percentile of values in a dimension or measure.", + "title": "PercentileAggregation" + }, + "SimpleNumericalAggregation": { + "markdownDescription": "Built-in aggregation functions for numerical values.\n\n- `SUM` : The sum of a dimension or measure.\n- `AVERAGE` : The average of a dimension or measure.\n- `MIN` : The minimum value of a dimension or measure.\n- `MAX` : The maximum value of a dimension or measure.\n- `COUNT` : The count of a dimension or measure.\n- `DISTINCT_COUNT` : The count of distinct values in a dimension or measure.\n- `VAR` : The variance of a dimension or measure.\n- `VARP` : The partitioned variance of a dimension or measure.\n- `STDEV` : The standard deviation of a dimension or measure.\n- `STDEVP` : The partitioned standard deviation of a dimension or measure.\n- `MEDIAN` : The median value of a dimension or measure.", + "title": "SimpleNumericalAggregation", "type": "string" } }, - "required": [ - "NotificationTopicArn" - ], - "type": "object" - }, - "AWS::SageMaker::Workteam.OidcMemberDefinition": { - "additionalProperties": false, - "properties": { - "OidcGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "", - "title": "OidcGroups", - "type": "array" - } - }, - "required": [ - "OidcGroups" - ], "type": "object" }, - "AWS::Scheduler::Schedule": { + "AWS::QuickSight::Template.NumericalDimensionField": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that is used in the `NumericalDimensionField` .", + "title": "Column" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The description you specify for the schedule.", - "title": "Description", - "type": "string" - }, - "EndDate": { - "markdownDescription": "The date, in UTC, before which the schedule can invoke its target. Depending on the schedule's recurrence expression, invocations might stop on, or before, the `EndDate` you specify.\nEventBridge Scheduler ignores `EndDate` for one-time schedules.", - "title": "EndDate", - "type": "string" - }, - "FlexibleTimeWindow": { - "$ref": "#/definitions/AWS::Scheduler::Schedule.FlexibleTimeWindow", - "markdownDescription": "Allows you to configure a time window during which EventBridge Scheduler invokes the schedule.", - "title": "FlexibleTimeWindow" - }, - "GroupName": { - "markdownDescription": "The name of the schedule group associated with this schedule.", - "title": "GroupName", - "type": "string" - }, - "KmsKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the customer managed KMS key that EventBridge Scheduler will use to encrypt and decrypt your data.", - "title": "KmsKeyArn", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the schedule.", - "title": "Name", - "type": "string" - }, - "ScheduleExpression": { - "markdownDescription": "The expression that defines when the schedule runs. The following formats are supported.\n\n- `at` expression - `at(yyyy-mm-ddThh:mm:ss)`\n- `rate` expression - `rate(value unit)`\n- `cron` expression - `cron(fields)`\n\nYou can use `at` expressions to create one-time schedules that invoke a target once, at the time and in the time zone, that you specify. You can use `rate` and `cron` expressions to create recurring schedules. Rate-based schedules are useful when you want to invoke a target at regular intervals, such as every 15 minutes or every five days. Cron-based schedules are useful when you want to invoke a target periodically at a specific time, such as at 8:00 am (UTC+0) every 1st day of the month.\n\nA `cron` expression consists of six fields separated by white spaces: `(minutes hours day_of_month month day_of_week year)` .\n\nA `rate` expression consists of a *value* as a positive integer, and a *unit* with the following options: `minute` | `minutes` | `hour` | `hours` | `day` | `days`\n\nFor more information and examples, see [Schedule types on EventBridge Scheduler](https://docs.aws.amazon.com/scheduler/latest/UserGuide/schedule-types.html) in the *EventBridge Scheduler User Guide* .", - "title": "ScheduleExpression", - "type": "string" - }, - "ScheduleExpressionTimezone": { - "markdownDescription": "The timezone in which the scheduling expression is evaluated.", - "title": "ScheduleExpressionTimezone", - "type": "string" - }, - "StartDate": { - "markdownDescription": "The date, in UTC, after which the schedule can begin invoking its target. Depending on the schedule's recurrence expression, invocations might occur on, or after, the `StartDate` you specify.\nEventBridge Scheduler ignores `StartDate` for one-time schedules.", - "title": "StartDate", - "type": "string" - }, - "State": { - "markdownDescription": "Specifies whether the schedule is enabled or disabled.\n\n*Allowed Values* : `ENABLED` | `DISABLED`", - "title": "State", - "type": "string" - }, - "Target": { - "$ref": "#/definitions/AWS::Scheduler::Schedule.Target", - "markdownDescription": "The schedule's target details.", - "title": "Target" - } - }, - "required": [ - "FlexibleTimeWindow", - "ScheduleExpression", - "Target" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Scheduler::Schedule" - ], - "type": "string" + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumberFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "HierarchyId": { + "markdownDescription": "The custom hierarchy ID.", + "title": "HierarchyId", "type": "string" } }, "required": [ - "Type", - "Properties" + "Column", + "FieldId" ], "type": "object" }, - "AWS::Scheduler::Schedule.AwsVpcConfiguration": { + "AWS::QuickSight::Template.NumericalMeasureField": { "additionalProperties": false, "properties": { - "AssignPublicIp": { - "markdownDescription": "Specifies whether the task's elastic network interface receives a public IP address. You can specify `ENABLED` only when `LaunchType` in `EcsParameters` is set to `FARGATE` .", - "title": "AssignPublicIp", - "type": "string" + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericalAggregationFunction", + "markdownDescription": "The aggregation function of the measure field.", + "title": "AggregationFunction" }, - "SecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the security groups associated with the task. These security groups must all be in the same VPC. You can specify as many as five security groups. If you do not specify a security group, the default security group for the VPC is used.", - "title": "SecurityGroups", - "type": "array" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that is used in the `NumericalMeasureField` .", + "title": "Column" }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the subnets associated with the task. These subnets must all be in the same VPC. You can specify as many as 16 subnets.", - "title": "Subnets", - "type": "array" + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumberFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" } }, "required": [ - "Subnets" + "Column", + "FieldId" ], "type": "object" }, - "AWS::Scheduler::Schedule.CapacityProviderStrategyItem": { + "AWS::QuickSight::Template.PaginationConfiguration": { "additionalProperties": false, "properties": { - "Base": { - "markdownDescription": "The base value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined. If no value is specified, the default value of `0` is used.", - "title": "Base", + "PageNumber": { + "markdownDescription": "Indicates the page number.", + "title": "PageNumber", "type": "number" }, - "CapacityProvider": { - "markdownDescription": "The short name of the capacity provider.", - "title": "CapacityProvider", - "type": "string" - }, - "Weight": { - "markdownDescription": "The weight value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The weight value is taken into consideration after the base value, if defined, is satisfied.", - "title": "Weight", + "PageSize": { + "markdownDescription": "Indicates how many items render in one page.", + "title": "PageSize", "type": "number" } }, "required": [ - "CapacityProvider" + "PageNumber", + "PageSize" ], "type": "object" }, - "AWS::Scheduler::Schedule.DeadLetterConfig": { + "AWS::QuickSight::Template.PanelConfiguration": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the SQS queue specified as the destination for the dead-letter queue.", - "title": "Arn", + "BackgroundColor": { + "markdownDescription": "Sets the background color for each panel.", + "title": "BackgroundColor", "type": "string" - } - }, - "type": "object" - }, - "AWS::Scheduler::Schedule.EcsParameters": { - "additionalProperties": false, - "properties": { - "CapacityProviderStrategy": { - "items": { - "$ref": "#/definitions/AWS::Scheduler::Schedule.CapacityProviderStrategyItem" - }, - "markdownDescription": "The capacity provider strategy to use for the task.", - "title": "CapacityProviderStrategy", - "type": "array" - }, - "EnableECSManagedTags": { - "markdownDescription": "Specifies whether to enable Amazon ECS managed tags for the task. For more information, see [Tagging Your Amazon ECS Resources](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-using-tags.html) in the *Amazon ECS Developer Guide* .", - "title": "EnableECSManagedTags", - "type": "boolean" }, - "EnableExecuteCommand": { - "markdownDescription": "Whether or not to enable the execute command functionality for the containers in this task. If true, this enables execute command functionality on all containers in the task.", - "title": "EnableExecuteCommand", - "type": "boolean" + "BackgroundVisibility": { + "markdownDescription": "Determines whether or not a background for each small multiples panel is rendered.", + "title": "BackgroundVisibility", + "type": "object" }, - "Group": { - "markdownDescription": "Specifies an Amazon ECS task group for the task. The maximum length is 255 characters.", - "title": "Group", + "BorderColor": { + "markdownDescription": "Sets the line color of panel borders.", + "title": "BorderColor", "type": "string" }, - "LaunchType": { - "markdownDescription": "Specifies the launch type on which your task is running. The launch type that you specify here must match one of the launch type (compatibilities) of the target task. The `FARGATE` value is supported only in the Regions where Fargate with Amazon ECS is supported. For more information, see [AWS Fargate on Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/AWS_Fargate.html) in the *Amazon ECS Developer Guide* .", - "title": "LaunchType", + "BorderStyle": { + "markdownDescription": "Sets the line style of panel borders.", + "title": "BorderStyle", "type": "string" }, - "NetworkConfiguration": { - "$ref": "#/definitions/AWS::Scheduler::Schedule.NetworkConfiguration", - "markdownDescription": "This structure specifies the network configuration for an ECS task.", - "title": "NetworkConfiguration" - }, - "PlacementConstraints": { - "items": { - "$ref": "#/definitions/AWS::Scheduler::Schedule.PlacementConstraint" - }, - "markdownDescription": "An array of placement constraint objects to use for the task. You can specify up to 10 constraints per task (including constraints in the task definition and those specified at runtime).", - "title": "PlacementConstraints", - "type": "array" - }, - "PlacementStrategy": { - "items": { - "$ref": "#/definitions/AWS::Scheduler::Schedule.PlacementStrategy" - }, - "markdownDescription": "The task placement strategy for a task or service.", - "title": "PlacementStrategy", - "type": "array" - }, - "PlatformVersion": { - "markdownDescription": "Specifies the platform version for the task. Specify only the numeric portion of the platform version, such as `1.1.0` .", - "title": "PlatformVersion", + "BorderThickness": { + "markdownDescription": "Sets the line thickness of panel borders.", + "title": "BorderThickness", "type": "string" }, - "PropagateTags": { - "markdownDescription": "Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags are not propagated. Tags can only be propagated to the task during task creation. To add tags to a task after task creation, use the Amazon ECS [`TagResource`](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_TagResource.html) API action.", - "title": "PropagateTags", - "type": "string" + "BorderVisibility": { + "markdownDescription": "Determines whether or not each panel displays a border.", + "title": "BorderVisibility", + "type": "object" }, - "ReferenceId": { - "markdownDescription": "The reference ID to use for the task.", - "title": "ReferenceId", + "GutterSpacing": { + "markdownDescription": "Sets the total amount of negative space to display between sibling panels.", + "title": "GutterSpacing", "type": "string" }, - "Tags": { - "markdownDescription": "The metadata that you apply to the task to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define. For more information, see [`RunTask`](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RunTask.html) in the *Amazon ECS API Reference* .", - "title": "Tags", + "GutterVisibility": { + "markdownDescription": "Determines whether or not negative space between sibling panels is rendered.", + "title": "GutterVisibility", "type": "object" }, - "TaskCount": { - "markdownDescription": "The number of tasks to create based on `TaskDefinition` . The default is `1` .", - "title": "TaskCount", - "type": "number" - }, - "TaskDefinitionArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the task definition to use if the event target is an Amazon ECS task.", - "title": "TaskDefinitionArn", - "type": "string" + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.PanelTitleOptions", + "markdownDescription": "Configures the title display within each small multiples panel.", + "title": "Title" } }, - "required": [ - "TaskDefinitionArn" - ], "type": "object" }, - "AWS::Scheduler::Schedule.EventBridgeParameters": { + "AWS::QuickSight::Template.PanelTitleOptions": { "additionalProperties": false, "properties": { - "DetailType": { - "markdownDescription": "A free-form string, with a maximum of 128 characters, used to decide what fields to expect in the event detail.", - "title": "DetailType", - "type": "string" + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "markdownDescription": "", + "title": "FontConfiguration" }, - "Source": { - "markdownDescription": "The source of the event.", - "title": "Source", + "HorizontalTextAlignment": { + "markdownDescription": "Sets the horizontal text alignment of the title within each panel.", + "title": "HorizontalTextAlignment", "type": "string" + }, + "Visibility": { + "markdownDescription": "Determines whether or not panel titles are displayed.", + "title": "Visibility", + "type": "object" } }, - "required": [ - "DetailType", - "Source" - ], "type": "object" }, - "AWS::Scheduler::Schedule.FlexibleTimeWindow": { + "AWS::QuickSight::Template.ParameterControl": { "additionalProperties": false, "properties": { - "MaximumWindowInMinutes": { - "markdownDescription": "The maximum time window during which a schedule can be invoked.\n\n*Minimum* : `1`\n\n*Maximum* : `1440`", - "title": "MaximumWindowInMinutes", - "type": "number" + "DateTimePicker": { + "$ref": "#/definitions/AWS::QuickSight::Template.ParameterDateTimePickerControl", + "markdownDescription": "A control from a date parameter that specifies date and time.", + "title": "DateTimePicker" }, - "Mode": { - "markdownDescription": "Determines whether the schedule is invoked within a flexible time window. You must use quotation marks when you specify this value in your JSON or YAML template.\n\n*Allowed Values* : `\"OFF\"` | `\"FLEXIBLE\"`", - "title": "Mode", - "type": "string" + "Dropdown": { + "$ref": "#/definitions/AWS::QuickSight::Template.ParameterDropDownControl", + "markdownDescription": "A control to display a dropdown list with buttons that are used to select a single value.", + "title": "Dropdown" + }, + "List": { + "$ref": "#/definitions/AWS::QuickSight::Template.ParameterListControl", + "markdownDescription": "A control to display a list with buttons or boxes that are used to select either a single value or multiple values.", + "title": "List" + }, + "Slider": { + "$ref": "#/definitions/AWS::QuickSight::Template.ParameterSliderControl", + "markdownDescription": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle.", + "title": "Slider" + }, + "TextArea": { + "$ref": "#/definitions/AWS::QuickSight::Template.ParameterTextAreaControl", + "markdownDescription": "A control to display a text box that is used to enter multiple entries.", + "title": "TextArea" + }, + "TextField": { + "$ref": "#/definitions/AWS::QuickSight::Template.ParameterTextFieldControl", + "markdownDescription": "A control to display a text box that is used to enter a single entry.", + "title": "TextField" } }, - "required": [ - "Mode" - ], "type": "object" }, - "AWS::Scheduler::Schedule.KinesisParameters": { + "AWS::QuickSight::Template.ParameterDateTimePickerControl": { "additionalProperties": false, "properties": { - "PartitionKey": { - "markdownDescription": "Specifies the shard to which EventBridge Scheduler sends the event. For more information, see [Amazon Kinesis Data Streams terminology and concepts](https://docs.aws.amazon.com/streams/latest/dev/key-concepts.html) in the *Amazon Kinesis Streams Developer Guide* .", - "title": "PartitionKey", + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DateTimePickerControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterDateTimePickerControl` .", + "title": "ParameterControlId", + "type": "string" + }, + "SourceParameterName": { + "markdownDescription": "The name of the `ParameterDateTimePickerControl` .", + "title": "SourceParameterName", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `ParameterDateTimePickerControl` .", + "title": "Title", "type": "string" } }, "required": [ - "PartitionKey" + "ParameterControlId", + "SourceParameterName", + "Title" ], "type": "object" }, - "AWS::Scheduler::Schedule.NetworkConfiguration": { + "AWS::QuickSight::Template.ParameterDeclaration": { "additionalProperties": false, "properties": { - "AwsvpcConfiguration": { - "$ref": "#/definitions/AWS::Scheduler::Schedule.AwsVpcConfiguration", - "markdownDescription": "Specifies the Amazon VPC subnets and security groups for the task, and whether a public IP address is to be used. This structure is relevant only for ECS tasks that use the awsvpc network mode.", - "title": "AwsvpcConfiguration" + "DateTimeParameterDeclaration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeParameterDeclaration", + "markdownDescription": "A parameter declaration for the `DateTime` data type.", + "title": "DateTimeParameterDeclaration" + }, + "DecimalParameterDeclaration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DecimalParameterDeclaration", + "markdownDescription": "A parameter declaration for the `Decimal` data type.", + "title": "DecimalParameterDeclaration" + }, + "IntegerParameterDeclaration": { + "$ref": "#/definitions/AWS::QuickSight::Template.IntegerParameterDeclaration", + "markdownDescription": "A parameter declaration for the `Integer` data type.", + "title": "IntegerParameterDeclaration" + }, + "StringParameterDeclaration": { + "$ref": "#/definitions/AWS::QuickSight::Template.StringParameterDeclaration", + "markdownDescription": "A parameter declaration for the `String` data type.", + "title": "StringParameterDeclaration" } }, "type": "object" }, - "AWS::Scheduler::Schedule.PlacementConstraint": { + "AWS::QuickSight::Template.ParameterDropDownControl": { "additionalProperties": false, "properties": { - "Expression": { - "markdownDescription": "A cluster query language expression to apply to the constraint. You cannot specify an expression if the constraint type is `distinctInstance` . For more information, see [Cluster query language](https://docs.aws.amazon.com/latest/developerguide/cluster-query-language.html) in the *Amazon ECS Developer Guide* .", - "title": "Expression", + "CascadingControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.CascadingControlConfiguration", + "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", + "title": "CascadingControlConfiguration" + }, + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `ParameterDropDownControl` .", + "title": "CommitMode", "type": "string" }, - "Type": { - "markdownDescription": "The type of constraint. Use `distinctInstance` to ensure that each task in a particular group is running on a different container instance. Use `memberOf` to restrict the selection to a group of valid candidates.", - "title": "Type", + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DropDownControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterDropDownControl` .", + "title": "ParameterControlId", "type": "string" - } - }, - "type": "object" - }, - "AWS::Scheduler::Schedule.PlacementStrategy": { - "additionalProperties": false, - "properties": { - "Field": { - "markdownDescription": "The field to apply the placement strategy against. For the spread placement strategy, valid values are `instanceId` (or `instanceId` , which has the same effect), or any platform or custom attribute that is applied to a container instance, such as `attribute:ecs.availability-zone` . For the binpack placement strategy, valid values are `cpu` and `memory` . For the random placement strategy, this field is not used.", - "title": "Field", + }, + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Template.ParameterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterDropDownControl` .", + "title": "SourceParameterName", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `ParameterDropDownControl` .", + "title": "Title", "type": "string" }, "Type": { - "markdownDescription": "The type of placement strategy. The random placement strategy randomly places tasks on available candidates. The spread placement strategy spreads placement across available candidates evenly based on the field parameter. The binpack strategy places tasks on available candidates that have the least available amount of the resource that is specified with the field parameter. For example, if you binpack on memory, a task is placed on the instance with the least amount of remaining memory (but still enough to run the task).", + "markdownDescription": "The type parameter name of the `ParameterDropDownControl` .", "title": "Type", "type": "string" } }, + "required": [ + "ParameterControlId", + "SourceParameterName", + "Title" + ], "type": "object" }, - "AWS::Scheduler::Schedule.RetryPolicy": { + "AWS::QuickSight::Template.ParameterListControl": { "additionalProperties": false, "properties": { - "MaximumEventAgeInSeconds": { - "markdownDescription": "The maximum amount of time, in seconds, to continue to make retry attempts.", - "title": "MaximumEventAgeInSeconds", - "type": "number" + "CascadingControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.CascadingControlConfiguration", + "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", + "title": "CascadingControlConfiguration" }, - "MaximumRetryAttempts": { - "markdownDescription": "The maximum number of retry attempts to make before the request fails. Retry attempts with exponential backoff continue until either the maximum number of attempts is made or until the duration of the `MaximumEventAgeInSeconds` is reached.", - "title": "MaximumRetryAttempts", - "type": "number" - } - }, - "type": "object" - }, - "AWS::Scheduler::Schedule.SageMakerPipelineParameter": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "Name of parameter to start execution of a SageMaker Model Building Pipeline.", - "title": "Name", + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ListControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterListControl` .", + "title": "ParameterControlId", "type": "string" }, - "Value": { - "markdownDescription": "Value of parameter to start execution of a SageMaker Model Building Pipeline.", - "title": "Value", + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Template.ParameterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterListControl` .", + "title": "SourceParameterName", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `ParameterListControl` .", + "title": "Title", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of `ParameterListControl` .", + "title": "Type", "type": "string" } }, "required": [ - "Name", - "Value" + "ParameterControlId", + "SourceParameterName", + "Title" ], "type": "object" }, - "AWS::Scheduler::Schedule.SageMakerPipelineParameters": { + "AWS::QuickSight::Template.ParameterSelectableValues": { "additionalProperties": false, "properties": { - "PipelineParameterList": { + "LinkToDataSetColumn": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column identifier that fetches values from the data set.", + "title": "LinkToDataSetColumn" + }, + "Values": { "items": { - "$ref": "#/definitions/AWS::Scheduler::Schedule.SageMakerPipelineParameter" + "type": "string" }, - "markdownDescription": "List of parameter names and values to use when executing the SageMaker Model Building Pipeline.", - "title": "PipelineParameterList", + "markdownDescription": "The values that are used in `ParameterSelectableValues` .", + "title": "Values", "type": "array" } }, "type": "object" }, - "AWS::Scheduler::Schedule.SqsParameters": { + "AWS::QuickSight::Template.ParameterSliderControl": { "additionalProperties": false, "properties": { - "MessageGroupId": { - "markdownDescription": "The FIFO message group ID to use as the target.", - "title": "MessageGroupId", + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SliderControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "MaximumValue": { + "markdownDescription": "The larger value that is displayed at the right of the slider.", + "title": "MaximumValue", + "type": "number" + }, + "MinimumValue": { + "markdownDescription": "The smaller value that is displayed at the left of the slider.", + "title": "MinimumValue", + "type": "number" + }, + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterSliderControl` .", + "title": "ParameterControlId", + "type": "string" + }, + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterSliderControl` .", + "title": "SourceParameterName", + "type": "string" + }, + "StepSize": { + "markdownDescription": "The number of increments that the slider bar is divided into.", + "title": "StepSize", + "type": "number" + }, + "Title": { + "markdownDescription": "The title of the `ParameterSliderControl` .", + "title": "Title", "type": "string" } }, + "required": [ + "MaximumValue", + "MinimumValue", + "ParameterControlId", + "SourceParameterName", + "StepSize", + "Title" + ], "type": "object" }, - "AWS::Scheduler::Schedule.Target": { + "AWS::QuickSight::Template.ParameterTextAreaControl": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the target.", - "title": "Arn", + "Delimiter": { + "markdownDescription": "The delimiter that is used to separate the lines in text.", + "title": "Delimiter", "type": "string" }, - "DeadLetterConfig": { - "$ref": "#/definitions/AWS::Scheduler::Schedule.DeadLetterConfig", - "markdownDescription": "An object that contains information about an Amazon SQS queue that EventBridge Scheduler uses as a dead-letter queue for your schedule. If specified, EventBridge Scheduler delivers failed events that could not be successfully delivered to a target to the queue.", - "title": "DeadLetterConfig" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TextAreaControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" }, - "EcsParameters": { - "$ref": "#/definitions/AWS::Scheduler::Schedule.EcsParameters", - "markdownDescription": "The templated target type for the Amazon ECS [`RunTask`](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RunTask.html) API operation.", - "title": "EcsParameters" - }, - "EventBridgeParameters": { - "$ref": "#/definitions/AWS::Scheduler::Schedule.EventBridgeParameters", - "markdownDescription": "The templated target type for the EventBridge [`PutEvents`](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_PutEvents.html) API operation.", - "title": "EventBridgeParameters" - }, - "Input": { - "markdownDescription": "The text, or well-formed JSON, passed to the target. If you are configuring a templated Lambda , AWS Step Functions , or Amazon EventBridge target, the input must be a well-formed JSON. For all other target types, a JSON is not required. If you do not specify anything for this field, Amazon EventBridge Scheduler delivers a default notification to the target.", - "title": "Input", + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterTextAreaControl` .", + "title": "ParameterControlId", "type": "string" }, - "KinesisParameters": { - "$ref": "#/definitions/AWS::Scheduler::Schedule.KinesisParameters", - "markdownDescription": "The templated target type for the Amazon Kinesis [`PutRecord`](https://docs.aws.amazon.com/kinesis/latest/APIReference/API_PutRecord.html) API operation.", - "title": "KinesisParameters" - }, - "RetryPolicy": { - "$ref": "#/definitions/AWS::Scheduler::Schedule.RetryPolicy", - "markdownDescription": "A `RetryPolicy` object that includes information about the retry policy settings, including the maximum age of an event, and the maximum number of times EventBridge Scheduler will try to deliver the event to a target.", - "title": "RetryPolicy" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that EventBridge Scheduler will use for this target when the schedule is invoked.", - "title": "RoleArn", + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterTextAreaControl` .", + "title": "SourceParameterName", "type": "string" }, - "SageMakerPipelineParameters": { - "$ref": "#/definitions/AWS::Scheduler::Schedule.SageMakerPipelineParameters", - "markdownDescription": "The templated target type for the Amazon SageMaker [`StartPipelineExecution`](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StartPipelineExecution.html) API operation.", - "title": "SageMakerPipelineParameters" - }, - "SqsParameters": { - "$ref": "#/definitions/AWS::Scheduler::Schedule.SqsParameters", - "markdownDescription": "The templated target type for the Amazon SQS [`SendMessage`](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_SendMessage.html) API operation. Contains the message group ID to use when the target is a FIFO queue. If you specify an Amazon SQS FIFO queue as a target, the queue must have content-based deduplication enabled. For more information, see [Using the Amazon SQS message deduplication ID](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/using-messagededuplicationid-property.html) in the *Amazon SQS Developer Guide* .", - "title": "SqsParameters" + "Title": { + "markdownDescription": "The title of the `ParameterTextAreaControl` .", + "title": "Title", + "type": "string" } }, "required": [ - "Arn", - "RoleArn" + "ParameterControlId", + "SourceParameterName", + "Title" ], "type": "object" }, - "AWS::Scheduler::ScheduleGroup": { + "AWS::QuickSight::Template.ParameterTextFieldControl": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TextFieldControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterTextFieldControl` .", + "title": "ParameterControlId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the schedule group.", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Scheduler::ScheduleGroup" - ], + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterTextFieldControl` .", + "title": "SourceParameterName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Title": { + "markdownDescription": "The title of the `ParameterTextFieldControl` .", + "title": "Title", "type": "string" } }, "required": [ - "Type" + "ParameterControlId", + "SourceParameterName", + "Title" ], "type": "object" }, - "AWS::SecretsManager::ResourcePolicy": { + "AWS::QuickSight::Template.PercentVisibleRange": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "From": { + "markdownDescription": "The lower bound of the range.", + "title": "From", + "type": "number" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "To": { + "markdownDescription": "The top bound of the range.", + "title": "To", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PercentageDisplayFormatConfiguration": { + "additionalProperties": false, + "properties": { + "DecimalPlacesConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DecimalPlacesConfiguration", + "markdownDescription": "The option that determines the decimal places configuration.", + "title": "DecimalPlacesConfiguration" }, - "Metadata": { - "type": "object" + "NegativeValueConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NegativeValueConfiguration", + "markdownDescription": "The options that determine the negative value configuration.", + "title": "NegativeValueConfiguration" }, - "Properties": { - "additionalProperties": false, - "properties": { - "BlockPublicPolicy": { - "markdownDescription": "Specifies whether to block resource-based policies that allow broad access to the secret. By default, Secrets Manager blocks policies that allow broad access, for example those that use a wildcard for the principal.", - "title": "BlockPublicPolicy", - "type": "boolean" - }, - "ResourcePolicy": { - "markdownDescription": "A JSON-formatted string for an AWS resource-based policy. For example policies, see [Permissions policy examples](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html) .", - "title": "ResourcePolicy", - "type": "object" - }, - "SecretId": { - "markdownDescription": "The ARN or name of the secret to attach the resource-based policy.\n\nFor an ARN, we recommend that you specify a complete ARN rather than a partial ARN.", - "title": "SecretId", - "type": "string" - } - }, - "required": [ - "ResourcePolicy", - "SecretId" - ], - "type": "object" + "NullValueFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NullValueFormatConfiguration", + "markdownDescription": "The options that determine the null value format configuration.", + "title": "NullValueFormatConfiguration" }, - "Type": { - "enum": [ - "AWS::SecretsManager::ResourcePolicy" - ], + "Prefix": { + "markdownDescription": "Determines the prefix value of the percentage format.", + "title": "Prefix", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SeparatorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericSeparatorConfiguration", + "markdownDescription": "The options that determine the numeric separator configuration.", + "title": "SeparatorConfiguration" + }, + "Suffix": { + "markdownDescription": "Determines the suffix value of the percentage format.", + "title": "Suffix", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::SecretsManager::RotationSchedule": { + "AWS::QuickSight::Template.PercentileAggregation": { "additionalProperties": false, "properties": { - "Condition": { + "PercentileValue": { + "markdownDescription": "The percentile value. This value can be any numeric constant 0\u2013100. A percentile value of 50 computes the median value of the measure.", + "title": "PercentileValue", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PeriodOverPeriodComputation": { + "additionalProperties": false, + "properties": { + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "HostedRotationLambda": { - "$ref": "#/definitions/AWS::SecretsManager::RotationSchedule.HostedRotationLambda", - "markdownDescription": "Creates a new Lambda rotation function based on one of the [Secrets Manager rotation function templates](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html) . To use a rotation function that already exists, specify `RotationLambdaARN` instead.\n\nYou must specify `Transform: AWS::SecretsManager-2024-09-16` at the beginning of the CloudFormation template. Transforms are macros hosted by AWS CloudFormation that help you create and manage complex infrastructure. The `Transform: AWS::SecretsManager-2024-09-16` transform automatically extends the CloudFormation stack to include a nested stack (of type `AWS::CloudFormation::Stack` ), which then creates and updates on your behalf during subsequent stack operations, the appropriate rotation Lambda function for your database or service. For general information on transforms, see the [AWS CloudFormation documentation.](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/transform-reference.html)\n\nFor Amazon RDS master user credentials, see [AWS::RDS::DBCluster MasterUserSecret](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-dbcluster-masterusersecret.html) .\n\nFor Amazon Redshift admin user credentials, see [AWS::Redshift::Cluster](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-redshift-cluster.html) .", - "title": "HostedRotationLambda" - }, - "RotateImmediatelyOnUpdate": { - "markdownDescription": "Determines whether to rotate the secret immediately or wait until the next scheduled rotation window when the rotation schedule is updated. The rotation schedule is defined in `RotationRules` .\n\nThe default for `RotateImmediatelyOnUpdate` is `true` . If you don't specify this value, Secrets Manager rotates the secret immediately.\n\nIf you set `RotateImmediatelyOnUpdate` to `false` , Secrets Manager tests the rotation configuration by running the [`testSecret` step](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_how.html) of the Lambda rotation function. This test creates an `AWSPENDING` version of the secret and then removes it.\n\n> When changing an existing rotation schedule and setting `RotateImmediatelyOnUpdate` to `false` :\n> \n> - If using `AutomaticallyAfterDays` or a `ScheduleExpression` with `rate()` , the previously scheduled rotation might still occur.\n> - To prevent unintended rotations, use a `ScheduleExpression` with `cron()` for granular control over rotation windows. \n\nRotation is an asynchronous process. For more information, see [How rotation works](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_how.html) .", - "title": "RotateImmediatelyOnUpdate", - "type": "boolean" - }, - "RotationLambdaARN": { - "markdownDescription": "The ARN of an existing Lambda rotation function. To specify a rotation function that is also defined in this template, use the [Ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html) function.\n\nFor Amazon RDS master user credentials, see [AWS::RDS::DBCluster MasterUserSecret](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-dbcluster-masterusersecret.html) .\n\nFor Amazon Redshift admin user credentials, see [AWS::Redshift::Cluster](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-redshift-cluster.html) .\n\nTo create a new rotation function based on one of the [Secrets Manager rotation function templates](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html) , specify `HostedRotationLambda` instead.", - "title": "RotationLambdaARN", - "type": "string" - }, - "RotationRules": { - "$ref": "#/definitions/AWS::SecretsManager::RotationSchedule.RotationRules", - "markdownDescription": "A structure that defines the rotation configuration for this secret.", - "title": "RotationRules" - }, - "SecretId": { - "markdownDescription": "The ARN or name of the secret to rotate. This is unique for each rotation schedule definition.\n\nTo reference a secret also created in this template, use the [Ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html) function with the secret's logical ID.", - "title": "SecretId", - "type": "string" - } - }, - "required": [ - "SecretId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::SecretsManager::RotationSchedule" - ], - "type": "string" + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" } }, "required": [ - "Type", - "Properties" + "ComputationId" ], "type": "object" }, - "AWS::SecretsManager::RotationSchedule.HostedRotationLambda": { + "AWS::QuickSight::Template.PeriodToDateComputation": { "additionalProperties": false, "properties": { - "ExcludeCharacters": { - "markdownDescription": "A string of the characters that you don't want in the password.", - "title": "ExcludeCharacters", - "type": "string" - }, - "KmsKeyArn": { - "markdownDescription": "The ARN of the KMS key that Secrets Manager uses to encrypt the secret. If you don't specify this value, then Secrets Manager uses the key `aws/secretsmanager` . If `aws/secretsmanager` doesn't yet exist, then Secrets Manager creates it for you automatically the first time it encrypts the secret value.", - "title": "KmsKeyArn", - "type": "string" - }, - "MasterSecretArn": { - "markdownDescription": "The ARN of the secret that contains superuser credentials, if you use the [Alternating users rotation strategy](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets_strategies.html#rotating-secrets-two-users) . CloudFormation grants the execution role for the Lambda rotation function `GetSecretValue` permission to the secret in this property. For more information, see [Lambda rotation function execution role permissions for Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets-required-permissions-function.html) .\n\nYou must create the superuser secret before you can set this property.\n\nYou must also include the superuser secret ARN as a key in the JSON of the rotating secret so that the Lambda rotation function can find it. CloudFormation does not hardcode secret ARNs in the Lambda rotation function, so you can use the function to rotate multiple secrets. For more information, see [JSON structure of Secrets Manager secrets](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_secret_json_structure.html) .\n\nYou can specify `MasterSecretArn` or `SuperuserSecretArn` but not both. They represent the same superuser secret.", - "title": "MasterSecretArn", - "type": "string" - }, - "MasterSecretKmsKeyArn": { - "markdownDescription": "The ARN of the KMS key that Secrets Manager used to encrypt the superuser secret, if you use the [alternating users strategy](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets_strategies.html#rotating-secrets-two-users) and the superuser secret is encrypted with a customer managed key. You don't need to specify this property if the superuser secret is encrypted using the key `aws/secretsmanager` . CloudFormation grants the execution role for the Lambda rotation function `Decrypt` , `DescribeKey` , and `GenerateDataKey` permission to the key in this property. For more information, see [Lambda rotation function execution role permissions for Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets-required-permissions-function.html) .\n\nYou can specify `MasterSecretKmsKeyArn` or `SuperuserSecretKmsKeyArn` but not both. They represent the same superuser secret KMS key .", - "title": "MasterSecretKmsKeyArn", - "type": "string" - }, - "RotationLambdaName": { - "markdownDescription": "The name of the Lambda rotation function.", - "title": "RotationLambdaName", - "type": "string" - }, - "RotationType": { - "markdownDescription": "The rotation template to base the rotation function on, one of the following:\n\n- `Db2SingleUser` to use the template [SecretsManagerRDSDb2RotationSingleUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-db2-singleuser) .\n- `Db2MultiUser` to use the template [SecretsManagerRDSDb2RotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-db2-multiuser) .\n- `MySQLSingleUser` to use the template [SecretsManagerRDSMySQLRotationSingleUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-mysql-singleuser) .\n- `MySQLMultiUser` to use the template [SecretsManagerRDSMySQLRotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-mysql-multiuser) .\n- `PostgreSQLSingleUser` to use the template [SecretsManagerRDSPostgreSQLRotationSingleUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-postgre-singleuser)\n- `PostgreSQLMultiUser` to use the template [SecretsManagerRDSPostgreSQLRotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-postgre-multiuser) .\n- `OracleSingleUser` to use the template [SecretsManagerRDSOracleRotationSingleUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-oracle-singleuser) .\n- `OracleMultiUser` to use the template [SecretsManagerRDSOracleRotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-oracle-multiuser) .\n- `MariaDBSingleUser` to use the template [SecretsManagerRDSMariaDBRotationSingleUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-mariadb-singleuser) .\n- `MariaDBMultiUser` to use the template [SecretsManagerRDSMariaDBRotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-mariadb-multiuser) .\n- `SQLServerSingleUser` to use the template [SecretsManagerRDSSQLServerRotationSingleUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-sqlserver-singleuser) .\n- `SQLServerMultiUser` to use the template [SecretsManagerRDSSQLServerRotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-sqlserver-multiuser) .\n- `RedshiftSingleUser` to use the template [SecretsManagerRedshiftRotationSingleUsr](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-redshift-singleuser) .\n- `RedshiftMultiUser` to use the template [SecretsManagerRedshiftRotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-redshift-multiuser) .\n- `MongoDBSingleUser` to use the template [SecretsManagerMongoDBRotationSingleUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-mongodb-singleuser) .\n- `MongoDBMultiUser` to use the template [SecretsManagerMongoDBRotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-mongodb-multiuser) .", - "title": "RotationType", - "type": "string" - }, - "Runtime": { - "markdownDescription": "> Do not set this value if you are using `Transform: AWS::SecretsManager-2024-09-16` . Over time, the updated rotation lambda artifacts vended by AWS may not be compatible with the code or shared object files defined in the rotation function deployment package.\n> \n> Only define the `Runtime` key if:\n> \n> - You are using `Transform: AWS::SecretsManager-2020-07-23` .\n> - The code or shared object files defined in the rotation function deployment package are incompatible with Python 3.9. \n\nThe Python Runtime version for with the rotation function. By default, CloudFormation deploys Python 3.9 binaries for the rotation function. To use a different version of Python, you must do the following two steps:\n\n- Deploy the matching version Python binaries with your rotation function.\n- Set the version number in this field. For example, for Python 3.7, enter *python3.7* .\n\nIf you only do one of the steps, your rotation function will be incompatible with the binaries. For more information, see [Why did my Lambda rotation function fail with a \"pg module not found\" error](https://docs.aws.amazon.com/https://repost.aws/knowledge-center/secrets-manager-lambda-rotation) .", - "title": "Runtime", + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", "type": "string" }, - "SuperuserSecretArn": { - "markdownDescription": "The ARN of the secret that contains superuser credentials, if you use the [Alternating users rotation strategy](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets_strategies.html#rotating-secrets-two-users) . CloudFormation grants the execution role for the Lambda rotation function `GetSecretValue` permission to the secret in this property. For more information, see [Lambda rotation function execution role permissions for Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets-required-permissions-function.html) .\n\nYou must create the superuser secret before you can set this property.\n\nYou must also include the superuser secret ARN as a key in the JSON of the rotating secret so that the Lambda rotation function can find it. CloudFormation does not hardcode secret ARNs in the Lambda rotation function, so you can use the function to rotate multiple secrets. For more information, see [JSON structure of Secrets Manager secrets](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_secret_json_structure.html) .\n\nYou can specify `MasterSecretArn` or `SuperuserSecretArn` but not both. They represent the same superuser secret.", - "title": "SuperuserSecretArn", + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", "type": "string" }, - "SuperuserSecretKmsKeyArn": { - "markdownDescription": "The ARN of the KMS key that Secrets Manager used to encrypt the superuser secret, if you use the [alternating users strategy](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets_strategies.html#rotating-secrets-two-users) and the superuser secret is encrypted with a customer managed key. You don't need to specify this property if the superuser secret is encrypted using the key `aws/secretsmanager` . CloudFormation grants the execution role for the Lambda rotation function `Decrypt` , `DescribeKey` , and `GenerateDataKey` permission to the key in this property. For more information, see [Lambda rotation function execution role permissions for Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets-required-permissions-function.html) .\n\nYou can specify `MasterSecretKmsKeyArn` or `SuperuserSecretKmsKeyArn` but not both. They represent the same superuser secret KMS key .", - "title": "SuperuserSecretKmsKeyArn", + "PeriodTimeGranularity": { + "markdownDescription": "The time granularity setup of period to date computation. Choose from the following options:\n\n- YEAR: Year to date.\n- MONTH: Month to date.", + "title": "PeriodTimeGranularity", "type": "string" }, - "VpcSecurityGroupIds": { - "markdownDescription": "A comma-separated list of security group IDs applied to the target database.\n\nThe template applies the same security groups as on the Lambda rotation function that is created as part of this stack.", - "title": "VpcSecurityGroupIds", - "type": "string" + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" }, - "VpcSubnetIds": { - "markdownDescription": "A comma separated list of VPC subnet IDs of the target database network. The Lambda rotation function is in the same subnet group.", - "title": "VpcSubnetIds", - "type": "string" + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" } }, "required": [ - "RotationType" + "ComputationId" ], "type": "object" }, - "AWS::SecretsManager::RotationSchedule.RotationRules": { + "AWS::QuickSight::Template.PieChartAggregatedFieldWells": { "additionalProperties": false, "properties": { - "AutomaticallyAfterDays": { - "markdownDescription": "The number of days between automatic scheduled rotations of the secret. You can use this value to check that your secret meets your compliance guidelines for how often secrets must be rotated.\n\nIn `DescribeSecret` and `ListSecrets` , this value is calculated from the rotation schedule after every successful rotation. In `RotateSecret` , you can set the rotation schedule in `RotationRules` with `AutomaticallyAfterDays` or `ScheduleExpression` , but not both.", - "title": "AutomaticallyAfterDays", - "type": "number" + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The category (group/color) field wells of a pie chart.", + "title": "Category", + "type": "array" }, - "Duration": { - "markdownDescription": "The length of the rotation window in hours, for example `3h` for a three hour window. Secrets Manager rotates your secret at any time during this window. The window must not extend into the next rotation window or the next UTC day. The window starts according to the `ScheduleExpression` . If you don't specify a `Duration` , for a `ScheduleExpression` in hours, the window automatically closes after one hour. For a `ScheduleExpression` in days, the window automatically closes at the end of the UTC day. For more information, including examples, see [Schedule expressions in Secrets Manager rotation](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_schedule.html) in the *Secrets Manager Users Guide* .", - "title": "Duration", - "type": "string" + "SmallMultiples": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The small multiples field well of a pie chart.", + "title": "SmallMultiples", + "type": "array" }, - "ScheduleExpression": { - "markdownDescription": "A `cron()` or `rate()` expression that defines the schedule for rotating your secret. Secrets Manager rotation schedules use UTC time zone. Secrets Manager rotates your secret any time during a rotation window.\n\nSecrets Manager `rate()` expressions represent the interval in hours or days that you want to rotate your secret, for example `rate(12 hours)` or `rate(10 days)` . You can rotate a secret as often as every four hours. If you use a `rate()` expression, the rotation window starts at midnight. For a rate in hours, the default rotation window closes after one hour. For a rate in days, the default rotation window closes at the end of the day. You can set the `Duration` to change the rotation window. The rotation window must not extend into the next UTC day or into the next rotation window.\n\nYou can use a `cron()` expression to create a rotation schedule that is more detailed than a rotation interval. For more information, including examples, see [Schedule expressions in Secrets Manager rotation](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_schedule.html) in the *Secrets Manager Users Guide* . For a cron expression that represents a schedule in hours, the default rotation window closes after one hour. For a cron expression that represents a schedule in days, the default rotation window closes at the end of the day. You can set the `Duration` to change the rotation window. The rotation window must not extend into the next UTC day or into the next rotation window.", - "title": "ScheduleExpression", - "type": "string" + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The value field wells of a pie chart. Values are aggregated based on categories.", + "title": "Values", + "type": "array" } }, "type": "object" }, - "AWS::SecretsManager::Secret": { + "AWS::QuickSight::Template.PieChartConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options of the group/color that is displayed in a pie chart.", + "title": "CategoryLabelOptions" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The description of the secret.", - "title": "Description", - "type": "string" - }, - "GenerateSecretString": { - "$ref": "#/definitions/AWS::SecretsManager::Secret.GenerateSecretString", - "markdownDescription": "A structure that specifies how to generate a password to encrypt and store in the secret. To include a specific string in the secret, use `SecretString` instead. If you omit both `GenerateSecretString` and `SecretString` , you create an empty secret. When you make a change to this property, a new secret version is created.\n\nWe recommend that you specify the maximum length and include every character type that the system you are generating a password for can support.", - "title": "GenerateSecretString" - }, - "KmsKeyId": { - "markdownDescription": "The ARN, key ID, or alias of the AWS KMS key that Secrets Manager uses to encrypt the secret value in the secret. An alias is always prefixed by `alias/` , for example `alias/aws/secretsmanager` . For more information, see [About aliases](https://docs.aws.amazon.com/kms/latest/developerguide/alias-about.html) .\n\nTo use a AWS KMS key in a different account, use the key ARN or the alias ARN.\n\nIf you don't specify this value, then Secrets Manager uses the key `aws/secretsmanager` . If that key doesn't yet exist, then Secrets Manager creates it for you automatically the first time it encrypts the secret value.\n\nIf the secret is in a different AWS account from the credentials calling the API, then you can't use `aws/secretsmanager` to encrypt the secret, and you must create and use a customer managed AWS KMS key.", - "title": "KmsKeyId", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the new secret.\n\nThe secret name can contain ASCII letters, numbers, and the following characters: /_+=.@-\n\nDo not end your secret name with a hyphen followed by six characters. If you do so, you risk confusion and unexpected results when searching for a secret by partial ARN. Secrets Manager automatically adds a hyphen and six random characters after the secret name at the end of the ARN.", - "title": "Name", - "type": "string" - }, - "ReplicaRegions": { - "items": { - "$ref": "#/definitions/AWS::SecretsManager::Secret.ReplicaRegion" - }, - "markdownDescription": "A custom type that specifies a `Region` and the `KmsKeyId` for a replica secret.", - "title": "ReplicaRegions", - "type": "array" - }, - "SecretString": { - "markdownDescription": "The text to encrypt and store in the secret. We recommend you use a JSON structure of key/value pairs for your secret value. To generate a random password, use `GenerateSecretString` instead. If you omit both `GenerateSecretString` and `SecretString` , you create an empty secret. When you make a change to this property, a new secret version is created.", - "title": "SecretString", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of tags to attach to the secret. Each tag is a key and value pair of strings in a JSON text string, for example:\n\n`[{\"Key\":\"CostCenter\",\"Value\":\"12345\"},{\"Key\":\"environment\",\"Value\":\"production\"}]`\n\nSecrets Manager tag key names are case sensitive. A tag with the key \"ABC\" is a different tag from one with key \"abc\".\n\nStack-level tags, tags you apply to the CloudFormation stack, are also attached to the secret.\n\nIf you check tags in permissions policies as part of your security strategy, then adding or removing a tag can change permissions. If the completion of this operation would result in you losing your permissions for this secret, then Secrets Manager blocks the operation and returns an `Access Denied` error. For more information, see [Control access to secrets using tags](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html#tag-secrets-abac) and [Limit access to identities with tags that match secrets' tags](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html#auth-and-access_tags2) .\n\nFor information about how to format a JSON parameter for the various command line tool environments, see [Using JSON for Parameters](https://docs.aws.amazon.com/cli/latest/userguide/cli-using-param.html#cli-using-param-json) . If your command-line tool or SDK requires quotation marks around the parameter, you should use single quotes to avoid confusion with the double quotes required in the JSON text.\n\nThe following restrictions apply to tags:\n\n- Maximum number of tags per secret: 50\n- Maximum key length: 127 Unicode characters in UTF-8\n- Maximum value length: 255 Unicode characters in UTF-8\n- Tag keys and values are case sensitive.\n- Do not use the `aws:` prefix in your tag names or values because AWS reserves it for AWS use. You can't edit or delete tag names or values with this prefix. Tags with this prefix do not count against your tags per secret limit.\n- If you use your tagging schema across multiple services and resources, other services might have restrictions on allowed characters. Generally allowed characters: letters, spaces, and numbers representable in UTF-8, plus the following special characters: + - = . _ : / @.", - "title": "Tags", - "type": "array" - } + "ContributionAnalysisDefaults": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ContributionAnalysisDefault" }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::SecretsManager::Secret" - ], - "type": "string" + "markdownDescription": "The contribution analysis (anomaly configuration) setup of the visual.", + "title": "ContributionAnalysisDefaults", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::SecretsManager::Secret.GenerateSecretString": { - "additionalProperties": false, - "properties": { - "ExcludeCharacters": { - "markdownDescription": "A string of the characters that you don't want in the password.", - "title": "ExcludeCharacters", - "type": "string" + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.", + "title": "DataLabels" }, - "ExcludeLowercase": { - "markdownDescription": "Specifies whether to exclude lowercase letters from the password. If you don't include this switch, the password can contain lowercase letters.", - "title": "ExcludeLowercase", - "type": "boolean" + "DonutOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DonutOptions", + "markdownDescription": "The options that determine the shape of the chart. This option determines whether the chart is a pie chart or a donut chart.", + "title": "DonutOptions" }, - "ExcludeNumbers": { - "markdownDescription": "Specifies whether to exclude numbers from the password. If you don't include this switch, the password can contain numbers.", - "title": "ExcludeNumbers", - "type": "boolean" + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.PieChartFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" }, - "ExcludePunctuation": { - "markdownDescription": "Specifies whether to exclude the following punctuation characters from the password: `! \" # $ % & ' ( ) * + , - . / : ; < = > ? @ [ \\ ] ^ _ ` { | } ~` . If you don't include this switch, the password can contain punctuation.", - "title": "ExcludePunctuation", - "type": "boolean" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" }, - "ExcludeUppercase": { - "markdownDescription": "Specifies whether to exclude uppercase letters from the password. If you don't include this switch, the password can contain uppercase letters.", - "title": "ExcludeUppercase", - "type": "boolean" + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" }, - "GenerateStringKey": { - "markdownDescription": "The JSON key name for the key/value pair, where the value is the generated password. This pair is added to the JSON structure specified by the `SecretStringTemplate` parameter. If you specify this parameter, then you must also specify `SecretStringTemplate` .", - "title": "GenerateStringKey", - "type": "string" + "SmallMultiplesOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SmallMultiplesOptions", + "markdownDescription": "The small multiples setup for the visual.", + "title": "SmallMultiplesOptions" }, - "IncludeSpace": { - "markdownDescription": "Specifies whether to include the space character. If you include this switch, the password can contain space characters.", - "title": "IncludeSpace", - "type": "boolean" + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.PieChartSortConfiguration", + "markdownDescription": "The sort configuration of a pie chart.", + "title": "SortConfiguration" }, - "PasswordLength": { - "markdownDescription": "The length of the password. If you don't include this parameter, the default length is 32 characters.", - "title": "PasswordLength", - "type": "number" + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" }, - "RequireEachIncludedType": { - "markdownDescription": "Specifies whether to include at least one upper and lowercase letter, one number, and one punctuation. If you don't include this switch, the password contains at least one of every character type.", - "title": "RequireEachIncludedType", - "type": "boolean" + "ValueLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options for the value that is displayed in a pie chart.", + "title": "ValueLabelOptions" }, - "SecretStringTemplate": { - "markdownDescription": "A template that the generated string must match. When you make a change to this property, a new secret version is created.", - "title": "SecretStringTemplate", - "type": "string" + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" } }, "type": "object" }, - "AWS::SecretsManager::Secret.ReplicaRegion": { + "AWS::QuickSight::Template.PieChartFieldWells": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "The ARN, key ID, or alias of the KMS key to encrypt the secret. If you don't include this field, Secrets Manager uses `aws/secretsmanager` .", - "title": "KmsKeyId", - "type": "string" - }, - "Region": { - "markdownDescription": "A string that represents a `Region` , for example \"us-east-1\".", - "title": "Region", - "type": "string" + "PieChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.PieChartAggregatedFieldWells", + "markdownDescription": "The field well configuration of a pie chart.", + "title": "PieChartAggregatedFieldWells" } }, - "required": [ - "Region" - ], "type": "object" }, - "AWS::SecretsManager::SecretTargetAttachment": { + "AWS::QuickSight::Template.PieChartSortConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of categories that are displayed in a pie chart.", + "title": "CategoryItemsLimit" }, - "Properties": { - "additionalProperties": false, - "properties": { - "SecretId": { - "markdownDescription": "The ARN or name of the secret. To reference a secret also created in this template, use the see [Ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html) function with the secret's logical ID. This field is unique for each target attachment definition.", - "title": "SecretId", - "type": "string" - }, - "TargetId": { - "markdownDescription": "The ID of the database or cluster.", - "title": "TargetId", - "type": "string" - }, - "TargetType": { - "markdownDescription": "A string that defines the type of service or database associated with the secret. This value instructs Secrets Manager how to update the secret with the details of the service or database. This value must be one of the following:\n\n- AWS::RDS::DBInstance\n- AWS::RDS::DBCluster\n- AWS::Redshift::Cluster\n- AWS::RedshiftServerless::Namespace\n- AWS::DocDB::DBInstance\n- AWS::DocDB::DBCluster\n- AWS::DocDBElastic::Cluster", - "title": "TargetType", - "type": "string" - } + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" }, - "required": [ - "SecretId", - "TargetId", - "TargetType" - ], - "type": "object" + "markdownDescription": "The sort configuration of the category fields.", + "title": "CategorySort", + "type": "array" }, - "Type": { - "enum": [ - "AWS::SecretsManager::SecretTargetAttachment" - ], - "type": "string" + "SmallMultiplesLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of small multiples panels that are displayed.", + "title": "SmallMultiplesLimitConfiguration" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "SmallMultiplesSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the small multiples field.", + "title": "SmallMultiplesSort", + "type": "array" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::SecurityHub::AutomationRule": { + "AWS::QuickSight::Template.PieChartVisual": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.PieChartConfiguration", + "markdownDescription": "The configuration of a pie chart.", + "title": "ChartConfiguration" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" }, - "Metadata": { - "type": "object" + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.AutomationRulesAction" - }, - "markdownDescription": "One or more actions to update finding fields if a finding matches the conditions specified in `Criteria` .", - "title": "Actions", - "type": "array" - }, - "Criteria": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.AutomationRulesFindingFilters", - "markdownDescription": "A set of [AWS Security Finding Format (ASFF)](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format.html) finding field attributes and corresponding expected values that Security Hub uses to filter findings. If a rule is enabled and a finding matches the criteria specified in this parameter, Security Hub applies the rule action to the finding.", - "title": "Criteria" - }, - "Description": { - "markdownDescription": "A description of the rule.", - "title": "Description", - "type": "string" - }, - "IsTerminal": { - "markdownDescription": "Specifies whether a rule is the last to be applied with respect to a finding that matches the rule criteria. This is useful when a finding matches the criteria for multiple rules, and each rule has different actions. If a rule is terminal, Security Hub applies the rule action to a finding that matches the rule criteria and doesn't evaluate other rules for the finding. By default, a rule isn't terminal.", - "title": "IsTerminal", - "type": "boolean" - }, - "RuleName": { - "markdownDescription": "The name of the rule.", - "title": "RuleName", - "type": "string" - }, - "RuleOrder": { - "markdownDescription": "An integer ranging from 1 to 1000 that represents the order in which the rule action is applied to findings. Security Hub applies rules with lower values for this parameter first.", - "title": "RuleOrder", - "type": "number" - }, - "RuleStatus": { - "markdownDescription": "Whether the rule is active after it is created. If this parameter is equal to `ENABLED` , Security Hub applies the rule to findings and finding updates after the rule is created.", - "title": "RuleStatus", - "type": "string" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "User-defined tags associated with an automation rule.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - } - }, - "type": "object" + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" }, - "Type": { - "enum": [ - "AWS::SecurityHub::AutomationRule" - ], + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", "type": "string" } }, "required": [ - "Type" + "VisualId" ], "type": "object" }, - "AWS::SecurityHub::AutomationRule.AutomationRulesAction": { + "AWS::QuickSight::Template.PivotFieldSortOptions": { "additionalProperties": false, "properties": { - "FindingFieldsUpdate": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.AutomationRulesFindingFieldsUpdate", - "markdownDescription": "Specifies that the automation rule action is an update to a finding field.", - "title": "FindingFieldsUpdate" - }, - "Type": { - "markdownDescription": "Specifies the type of action that Security Hub takes when a finding matches the defined criteria of a rule.", - "title": "Type", + "FieldId": { + "markdownDescription": "The field ID for the field sort options.", + "title": "FieldId", "type": "string" + }, + "SortBy": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableSortBy", + "markdownDescription": "The sort by field for the field sort options.", + "title": "SortBy" } }, "required": [ - "FindingFieldsUpdate", - "Type" + "FieldId", + "SortBy" ], "type": "object" }, - "AWS::SecurityHub::AutomationRule.AutomationRulesFindingFieldsUpdate": { + "AWS::QuickSight::Template.PivotTableAggregatedFieldWells": { "additionalProperties": false, "properties": { - "Confidence": { - "markdownDescription": "The rule action updates the `Confidence` field of a finding.", - "title": "Confidence", - "type": "number" - }, - "Criticality": { - "markdownDescription": "The rule action updates the `Criticality` field of a finding.", - "title": "Criticality", - "type": "number" - }, - "Note": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.NoteUpdate", - "markdownDescription": "The rule action will update the `Note` field of a finding.", - "title": "Note" - }, - "RelatedFindings": { + "Columns": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.RelatedFinding" + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, - "markdownDescription": "The rule action will update the `RelatedFindings` field of a finding.", - "title": "RelatedFindings", + "markdownDescription": "The columns field well for a pivot table. Values are grouped by columns fields.", + "title": "Columns", "type": "array" }, - "Severity": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.SeverityUpdate", - "markdownDescription": "The rule action will update the `Severity` field of a finding.", - "title": "Severity" - }, - "Types": { + "Rows": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, - "markdownDescription": "The rule action updates the `Types` field of a finding.", - "title": "Types", + "markdownDescription": "The rows field well for a pivot table. Values are grouped by rows fields.", + "title": "Rows", "type": "array" }, - "UserDefinedFields": { - "additionalProperties": true, - "markdownDescription": "The rule action updates the `UserDefinedFields` field of a finding.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" }, - "title": "UserDefinedFields", - "type": "object" - }, - "VerificationState": { - "markdownDescription": "The rule action updates the `VerificationState` field of a finding.", - "title": "VerificationState", - "type": "string" - }, - "Workflow": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.WorkflowUpdate", - "markdownDescription": "The rule action will update the `Workflow` field of a finding.", - "title": "Workflow" + "markdownDescription": "The values field well for a pivot table. Values are aggregated based on rows and columns fields.", + "title": "Values", + "type": "array" } }, "type": "object" }, - "AWS::SecurityHub::AutomationRule.AutomationRulesFindingFilters": { + "AWS::QuickSight::Template.PivotTableCellConditionalFormatting": { "additionalProperties": false, "properties": { - "AwsAccountId": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "The AWS account ID in which a finding was generated.\n\nArray Members: Minimum number of 1 item. Maximum number of 100 items.", - "title": "AwsAccountId", - "type": "array" + "FieldId": { + "markdownDescription": "The field ID of the cell for conditional formatting.", + "title": "FieldId", + "type": "string" }, - "CompanyName": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "The name of the company for the product that generated the finding. For control-based findings, the company is AWS .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "CompanyName", - "type": "array" + "Scope": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableConditionalFormattingScope", + "markdownDescription": "The scope of the cell for conditional formatting.", + "title": "Scope" }, - "ComplianceAssociatedStandardsId": { + "Scopes": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableConditionalFormattingScope" }, - "markdownDescription": "The unique identifier of a standard in which a control is enabled. This field consists of the resource portion of the Amazon Resource Name (ARN) returned for a standard in the [DescribeStandards](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeStandards.html) API response.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "ComplianceAssociatedStandardsId", + "markdownDescription": "A list of cell scopes for conditional formatting.", + "title": "Scopes", "type": "array" }, - "ComplianceSecurityControlId": { + "TextFormat": { + "$ref": "#/definitions/AWS::QuickSight::Template.TextConditionalFormat", + "markdownDescription": "The text format of the cell for conditional formatting.", + "title": "TextFormat" + } + }, + "required": [ + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.PivotTableConditionalFormatting": { + "additionalProperties": false, + "properties": { + "ConditionalFormattingOptions": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableConditionalFormattingOption" }, - "markdownDescription": "The security control ID for which a finding was generated. Security control IDs are the same across standards.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "ComplianceSecurityControlId", + "markdownDescription": "Conditional formatting options for a `PivotTableVisual` .", + "title": "ConditionalFormattingOptions", "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PivotTableConditionalFormattingOption": { + "additionalProperties": false, + "properties": { + "Cell": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableCellConditionalFormatting", + "markdownDescription": "The cell conditional formatting option for a pivot table.", + "title": "Cell" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PivotTableConditionalFormattingScope": { + "additionalProperties": false, + "properties": { + "Role": { + "markdownDescription": "The role (field, field total, grand total) of the cell for conditional formatting.", + "title": "Role", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PivotTableConfiguration": { + "additionalProperties": false, + "properties": { + "FieldOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableFieldOptions", + "markdownDescription": "The field options for a pivot table visual.", + "title": "FieldOptions" }, - "ComplianceStatus": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "The result of a security check. This field is only used for findings generated from controls.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "ComplianceStatus", - "type": "array" - }, - "Confidence": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.NumberFilter" - }, - "markdownDescription": "The likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. `Confidence` is scored on a 0\u2013100 basis using a ratio scale. A value of `0` means 0 percent confidence, and a value of `100` means 100 percent confidence. For example, a data exfiltration detection based on a statistical deviation of network traffic has low confidence because an actual exfiltration hasn't been verified. For more information, see [Confidence](https://docs.aws.amazon.com/securityhub/latest/userguide/asff-top-level-attributes.html#asff-confidence) in the *AWS Security Hub User Guide* .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "Confidence", - "type": "array" - }, - "CreatedAt": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.DateFilter" - }, - "markdownDescription": "A timestamp that indicates when this finding record was created.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "CreatedAt", - "type": "array" - }, - "Criticality": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.NumberFilter" - }, - "markdownDescription": "The level of importance that is assigned to the resources that are associated with a finding. `Criticality` is scored on a 0\u2013100 basis, using a ratio scale that supports only full integers. A score of `0` means that the underlying resources have no criticality, and a score of `100` is reserved for the most critical resources. For more information, see [Criticality](https://docs.aws.amazon.com/securityhub/latest/userguide/asff-top-level-attributes.html#asff-criticality) in the *AWS Security Hub User Guide* .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "Criticality", - "type": "array" - }, - "Description": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "A finding's description.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "Description", - "type": "array" - }, - "FirstObservedAt": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.DateFilter" - }, - "markdownDescription": "A timestamp that indicates when the potential security issue captured by a finding was first observed by the security findings product.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "FirstObservedAt", - "type": "array" - }, - "GeneratorId": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "The identifier for the solution-specific component that generated a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 100 items.", - "title": "GeneratorId", - "type": "array" - }, - "Id": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "The product-specific identifier for a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "Id", - "type": "array" - }, - "LastObservedAt": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.DateFilter" - }, - "markdownDescription": "A timestamp that indicates when the security findings provider most recently observed a change in the resource that is involved in the finding.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "LastObservedAt", - "type": "array" - }, - "NoteText": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "The text of a user-defined note that's added to a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "NoteText", - "type": "array" - }, - "NoteUpdatedAt": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.DateFilter" - }, - "markdownDescription": "The timestamp of when the note was updated.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "NoteUpdatedAt", - "type": "array" - }, - "NoteUpdatedBy": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "The principal that created a note.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "NoteUpdatedBy", - "type": "array" - }, - "ProductArn": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "The Amazon Resource Name (ARN) for a third-party product that generated a finding in Security Hub.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "ProductArn", - "type": "array" - }, - "ProductName": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "Provides the name of the product that generated the finding. For control-based findings, the product name is Security Hub.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "ProductName", - "type": "array" - }, - "RecordState": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "Provides the current state of a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "RecordState", - "type": "array" - }, - "RelatedFindingsId": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "The product-generated identifier for a related finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "RelatedFindingsId", - "type": "array" - }, - "RelatedFindingsProductArn": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "The ARN for the product that generated a related finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "RelatedFindingsProductArn", - "type": "array" - }, - "ResourceDetailsOther": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.MapFilter" - }, - "markdownDescription": "Custom fields and values about the resource that a finding pertains to.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "ResourceDetailsOther", - "type": "array" - }, - "ResourceId": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "The identifier for the given resource type. For AWS resources that are identified by Amazon Resource Names (ARNs), this is the ARN. For AWS resources that lack ARNs, this is the identifier as defined by the AWS service that created the resource. For non- AWS resources, this is a unique identifier that is associated with the resource.\n\nArray Members: Minimum number of 1 item. Maximum number of 100 items.", - "title": "ResourceId", - "type": "array" + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" }, - "ResourcePartition": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "The partition in which the resource that the finding pertains to is located. A partition is a group of AWS Regions . Each AWS account is scoped to one partition.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "ResourcePartition", - "type": "array" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" }, - "ResourceRegion": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "The AWS Region where the resource that a finding pertains to is located.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "ResourceRegion", - "type": "array" + "PaginatedReportOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTablePaginatedReportOptions", + "markdownDescription": "The paginated report options for a pivot table visual.", + "title": "PaginatedReportOptions" }, - "ResourceTags": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.MapFilter" - }, - "markdownDescription": "A list of AWS tags associated with a resource at the time the finding was processed.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "ResourceTags", - "type": "array" + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableSortConfiguration", + "markdownDescription": "The sort configuration for a `PivotTableVisual` .", + "title": "SortConfiguration" }, - "ResourceType": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "A finding's title.\n\nArray Members: Minimum number of 1 item. Maximum number of 100 items.", - "title": "ResourceType", - "type": "array" + "TableOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableOptions", + "markdownDescription": "The table options for a pivot table visual.", + "title": "TableOptions" }, - "SeverityLabel": { + "TotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableTotalOptions", + "markdownDescription": "The total options for a pivot table visual.", + "title": "TotalOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PivotTableDataPathOption": { + "additionalProperties": false, + "properties": { + "DataPathList": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + "$ref": "#/definitions/AWS::QuickSight::Template.DataPathValue" }, - "markdownDescription": "The severity value of the finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "SeverityLabel", + "markdownDescription": "The list of data path values for the data path options.", + "title": "DataPathList", "type": "array" }, - "SourceUrl": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "Provides a URL that links to a page about the current finding in the finding product.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "SourceUrl", - "type": "array" + "Width": { + "markdownDescription": "The width of the data path option.", + "title": "Width", + "type": "string" + } + }, + "required": [ + "DataPathList" + ], + "type": "object" + }, + "AWS::QuickSight::Template.PivotTableFieldCollapseStateOption": { + "additionalProperties": false, + "properties": { + "State": { + "markdownDescription": "The state of the field target of a pivot table. Choose one of the following options:\n\n- `COLLAPSED`\n- `EXPANDED`", + "title": "State", + "type": "string" }, - "Title": { + "Target": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableFieldCollapseStateTarget", + "markdownDescription": "A tagged-union object that sets the collapse state.", + "title": "Target" + } + }, + "required": [ + "Target" + ], + "type": "object" + }, + "AWS::QuickSight::Template.PivotTableFieldCollapseStateTarget": { + "additionalProperties": false, + "properties": { + "FieldDataPathValues": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + "$ref": "#/definitions/AWS::QuickSight::Template.DataPathValue" }, - "markdownDescription": "A finding's title.\n\nArray Members: Minimum number of 1 item. Maximum number of 100 items.", - "title": "Title", + "markdownDescription": "The data path of the pivot table's header. Used to set the collapse state.", + "title": "FieldDataPathValues", "type": "array" }, - "Type": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "One or more finding types in the format of namespace/category/classifier that classify a finding. For a list of namespaces, classifiers, and categories, see [Types taxonomy for ASFF](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format-type-taxonomy.html) in the *AWS Security Hub User Guide* .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "Type", - "type": "array" + "FieldId": { + "markdownDescription": "The field ID of the pivot table that the collapse state needs to be set to.", + "title": "FieldId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PivotTableFieldOption": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The custom label of the pivot table field.", + "title": "CustomLabel", + "type": "string" }, - "UpdatedAt": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.DateFilter" - }, - "markdownDescription": "A timestamp that indicates when the finding record was most recently updated.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "UpdatedAt", - "type": "array" + "FieldId": { + "markdownDescription": "The field ID of the pivot table field.", + "title": "FieldId", + "type": "string" }, - "UserDefinedFields": { + "Visibility": { + "markdownDescription": "The visibility of the pivot table field.", + "title": "Visibility", + "type": "object" + } + }, + "required": [ + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.PivotTableFieldOptions": { + "additionalProperties": false, + "properties": { + "CollapseStateOptions": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.MapFilter" + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableFieldCollapseStateOption" }, - "markdownDescription": "A list of user-defined name and value string pairs added to a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "UserDefinedFields", + "markdownDescription": "The collapse state options for the pivot table field options.", + "title": "CollapseStateOptions", "type": "array" }, - "VerificationState": { + "DataPathOptions": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableDataPathOption" }, - "markdownDescription": "Provides the veracity of a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "VerificationState", + "markdownDescription": "The data path options for the pivot table field options.", + "title": "DataPathOptions", "type": "array" }, - "WorkflowStatus": { + "SelectedFieldOptions": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableFieldOption" }, - "markdownDescription": "Provides information about the status of the investigation into a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "WorkflowStatus", + "markdownDescription": "The selected field options for the pivot table field options.", + "title": "SelectedFieldOptions", "type": "array" } }, "type": "object" }, - "AWS::SecurityHub::AutomationRule.DateFilter": { + "AWS::QuickSight::Template.PivotTableFieldSubtotalOptions": { "additionalProperties": false, "properties": { - "DateRange": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.DateRange", - "markdownDescription": "A date range for the date filter.", - "title": "DateRange" - }, - "End": { - "markdownDescription": "A timestamp that provides the end date for the date filter.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", - "title": "End", - "type": "string" - }, - "Start": { - "markdownDescription": "A timestamp that provides the start date for the date filter.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", - "title": "Start", + "FieldId": { + "markdownDescription": "The field ID of the subtotal options.", + "title": "FieldId", "type": "string" } }, "type": "object" }, - "AWS::SecurityHub::AutomationRule.DateRange": { + "AWS::QuickSight::Template.PivotTableFieldWells": { "additionalProperties": false, "properties": { - "Unit": { - "markdownDescription": "A date range unit for the date filter.", - "title": "Unit", - "type": "string" - }, - "Value": { - "markdownDescription": "A date range value for the date filter.", - "title": "Value", - "type": "number" + "PivotTableAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableAggregatedFieldWells", + "markdownDescription": "The aggregated field well for the pivot table.", + "title": "PivotTableAggregatedFieldWells" } }, - "required": [ - "Unit", - "Value" - ], "type": "object" }, - "AWS::SecurityHub::AutomationRule.MapFilter": { + "AWS::QuickSight::Template.PivotTableOptions": { "additionalProperties": false, "properties": { - "Comparison": { - "markdownDescription": "The condition to apply to the key value when filtering Security Hub findings with a map filter.\n\nTo search for values that have the filter value, use one of the following comparison operators:\n\n- To search for values that include the filter value, use `CONTAINS` . For example, for the `ResourceTags` field, the filter `Department CONTAINS Security` matches findings that include the value `Security` for the `Department` tag. In the same example, a finding with a value of `Security team` for the `Department` tag is a match.\n- To search for values that exactly match the filter value, use `EQUALS` . For example, for the `ResourceTags` field, the filter `Department EQUALS Security` matches findings that have the value `Security` for the `Department` tag.\n\n`CONTAINS` and `EQUALS` filters on the same field are joined by `OR` . A finding matches if it matches any one of those filters. For example, the filters `Department CONTAINS Security OR Department CONTAINS Finance` match a finding that includes either `Security` , `Finance` , or both values.\n\nTo search for values that don't have the filter value, use one of the following comparison operators:\n\n- To search for values that exclude the filter value, use `NOT_CONTAINS` . For example, for the `ResourceTags` field, the filter `Department NOT_CONTAINS Finance` matches findings that exclude the value `Finance` for the `Department` tag.\n- To search for values other than the filter value, use `NOT_EQUALS` . For example, for the `ResourceTags` field, the filter `Department NOT_EQUALS Finance` matches findings that don\u2019t have the value `Finance` for the `Department` tag.\n\n`NOT_CONTAINS` and `NOT_EQUALS` filters on the same field are joined by `AND` . A finding matches only if it matches all of those filters. For example, the filters `Department NOT_CONTAINS Security AND Department NOT_CONTAINS Finance` match a finding that excludes both the `Security` and `Finance` values.\n\n`CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters.\n\nYou can\u2019t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can\u2019t have both an `EQUALS` filter and a `NOT_EQUALS` filter on the same field. Combining filters in this way returns an error.\n\n`CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* .", - "title": "Comparison", - "type": "string" + "CellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "markdownDescription": "The table cell style of cells.", + "title": "CellStyle" }, - "Key": { - "markdownDescription": "The key of the map filter. For example, for `ResourceTags` , `Key` identifies the name of the tag. For `UserDefinedFields` , `Key` is the name of the field.", - "title": "Key", + "CollapsedRowDimensionsVisibility": { + "markdownDescription": "The visibility setting of a pivot table's collapsed row dimension fields. If the value of this structure is `HIDDEN` , all collapsed columns in a pivot table are automatically hidden. The default value is `VISIBLE` .", + "title": "CollapsedRowDimensionsVisibility", + "type": "object" + }, + "ColumnHeaderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "markdownDescription": "The table cell style of the column header.", + "title": "ColumnHeaderStyle" + }, + "ColumnNamesVisibility": { + "markdownDescription": "The visibility of the column names.", + "title": "ColumnNamesVisibility", + "type": "object" + }, + "DefaultCellWidth": { + "markdownDescription": "The default cell width of the pivot table.", + "title": "DefaultCellWidth", "type": "string" }, - "Value": { - "markdownDescription": "The value for the key in the map filter. Filter values are case sensitive. For example, one of the values for a tag called `Department` might be `Security` . If you provide `security` as the filter value, then there's no match.", - "title": "Value", + "MetricPlacement": { + "markdownDescription": "The metric placement (row, column) options.", + "title": "MetricPlacement", "type": "string" - } - }, - "required": [ - "Comparison", - "Key", - "Value" - ], - "type": "object" - }, - "AWS::SecurityHub::AutomationRule.NoteUpdate": { - "additionalProperties": false, - "properties": { - "Text": { - "markdownDescription": "The updated note text.", - "title": "Text", + }, + "RowAlternateColorOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.RowAlternateColorOptions", + "markdownDescription": "The row alternate color options (widget status, row alternate colors).", + "title": "RowAlternateColorOptions" + }, + "RowFieldNamesStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "markdownDescription": "The table cell style of row field names.", + "title": "RowFieldNamesStyle" + }, + "RowHeaderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "markdownDescription": "The table cell style of the row headers.", + "title": "RowHeaderStyle" + }, + "RowsLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableRowsLabelOptions", + "markdownDescription": "The options for the label that is located above the row headers. This option is only applicable when `RowsLayout` is set to `HIERARCHY` .", + "title": "RowsLabelOptions" + }, + "RowsLayout": { + "markdownDescription": "The layout for the row dimension headers of a pivot table. Choose one of the following options.\n\n- `TABULAR` : (Default) Each row field is displayed in a separate column.\n- `HIERARCHY` : All row fields are displayed in a single column. Indentation is used to differentiate row headers of different fields.", + "title": "RowsLayout", "type": "string" }, - "UpdatedBy": { - "markdownDescription": "The principal that updated the note.", - "title": "UpdatedBy", + "SingleMetricVisibility": { + "markdownDescription": "The visibility of the single metric options.", + "title": "SingleMetricVisibility", + "type": "object" + }, + "ToggleButtonsVisibility": { + "markdownDescription": "Determines the visibility of the pivot table.", + "title": "ToggleButtonsVisibility", "type": "object" } }, - "required": [ - "Text", - "UpdatedBy" - ], "type": "object" }, - "AWS::SecurityHub::AutomationRule.NumberFilter": { + "AWS::QuickSight::Template.PivotTablePaginatedReportOptions": { "additionalProperties": false, "properties": { - "Eq": { - "markdownDescription": "The equal-to condition to be applied to a single field when querying for findings.", - "title": "Eq", - "type": "number" - }, - "Gte": { - "markdownDescription": "The greater-than-equal condition to be applied to a single field when querying for findings.", - "title": "Gte", - "type": "number" + "OverflowColumnHeaderVisibility": { + "markdownDescription": "The visibility of the repeating header rows on each page.", + "title": "OverflowColumnHeaderVisibility", + "type": "object" }, - "Lte": { - "markdownDescription": "The less-than-equal condition to be applied to a single field when querying for findings.", - "title": "Lte", - "type": "number" + "VerticalOverflowVisibility": { + "markdownDescription": "The visibility of the printing table overflow across pages.", + "title": "VerticalOverflowVisibility", + "type": "object" } }, "type": "object" }, - "AWS::SecurityHub::AutomationRule.RelatedFinding": { + "AWS::QuickSight::Template.PivotTableRowsLabelOptions": { "additionalProperties": false, "properties": { - "Id": { - "markdownDescription": "The product-generated identifier for a related finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "Id", - "type": "object" - }, - "ProductArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the product that generated a related finding.", - "title": "ProductArn", + "CustomLabel": { + "markdownDescription": "The custom label string for the rows label.", + "title": "CustomLabel", "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the rows label.", + "title": "Visibility", + "type": "object" } }, - "required": [ - "Id", - "ProductArn" - ], "type": "object" }, - "AWS::SecurityHub::AutomationRule.SeverityUpdate": { + "AWS::QuickSight::Template.PivotTableSortBy": { "additionalProperties": false, "properties": { - "Label": { - "markdownDescription": "The severity value of the finding. The allowed values are the following.\n\n- `INFORMATIONAL` - No issue was found.\n- `LOW` - The issue does not require action on its own.\n- `MEDIUM` - The issue must be addressed but not urgently.\n- `HIGH` - The issue must be addressed as a priority.\n- `CRITICAL` - The issue must be remediated immediately to avoid it escalating.", - "title": "Label", - "type": "string" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnSort", + "markdownDescription": "The column sort (field id, direction) for the pivot table sort by options.", + "title": "Column" }, - "Normalized": { - "markdownDescription": "The normalized severity for the finding. This attribute is to be deprecated in favor of `Label` .\n\nIf you provide `Normalized` and don't provide `Label` , `Label` is set automatically as follows.\n\n- 0 - `INFORMATIONAL`\n- 1\u201339 - `LOW`\n- 40\u201369 - `MEDIUM`\n- 70\u201389 - `HIGH`\n- 90\u2013100 - `CRITICAL`", - "title": "Normalized", - "type": "number" + "DataPath": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataPathSort", + "markdownDescription": "The data path sort (data path value, direction) for the pivot table sort by options.", + "title": "DataPath" }, - "Product": { - "markdownDescription": "The native severity as defined by the AWS service or integrated partner product that generated the finding.", - "title": "Product", - "type": "number" + "Field": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSort", + "markdownDescription": "The field sort (field id, direction) for the pivot table sort by options.", + "title": "Field" } }, "type": "object" }, - "AWS::SecurityHub::AutomationRule.StringFilter": { + "AWS::QuickSight::Template.PivotTableSortConfiguration": { "additionalProperties": false, "properties": { - "Comparison": { - "markdownDescription": "The condition to apply to a string value when filtering Security Hub findings.\n\nTo search for values that have the filter value, use one of the following comparison operators:\n\n- To search for values that include the filter value, use `CONTAINS` . For example, the filter `Title CONTAINS CloudFront` matches findings that have a `Title` that includes the string CloudFront.\n- To search for values that exactly match the filter value, use `EQUALS` . For example, the filter `AwsAccountId EQUALS 123456789012` only matches findings that have an account ID of `123456789012` .\n- To search for values that start with the filter value, use `PREFIX` . For example, the filter `ResourceRegion PREFIX us` matches findings that have a `ResourceRegion` that starts with `us` . A `ResourceRegion` that starts with a different value, such as `af` , `ap` , or `ca` , doesn't match.\n\n`CONTAINS` , `EQUALS` , and `PREFIX` filters on the same field are joined by `OR` . A finding matches if it matches any one of those filters. For example, the filters `Title CONTAINS CloudFront OR Title CONTAINS CloudWatch` match a finding that includes either `CloudFront` , `CloudWatch` , or both strings in the title.\n\nTo search for values that don\u2019t have the filter value, use one of the following comparison operators:\n\n- To search for values that exclude the filter value, use `NOT_CONTAINS` . For example, the filter `Title NOT_CONTAINS CloudFront` matches findings that have a `Title` that excludes the string CloudFront.\n- To search for values other than the filter value, use `NOT_EQUALS` . For example, the filter `AwsAccountId NOT_EQUALS 123456789012` only matches findings that have an account ID other than `123456789012` .\n- To search for values that don't start with the filter value, use `PREFIX_NOT_EQUALS` . For example, the filter `ResourceRegion PREFIX_NOT_EQUALS us` matches findings with a `ResourceRegion` that starts with a value other than `us` .\n\n`NOT_CONTAINS` , `NOT_EQUALS` , and `PREFIX_NOT_EQUALS` filters on the same field are joined by `AND` . A finding matches only if it matches all of those filters. For example, the filters `Title NOT_CONTAINS CloudFront AND Title NOT_CONTAINS CloudWatch` match a finding that excludes both `CloudFront` and `CloudWatch` in the title.\n\nYou can\u2019t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can't provide both an `EQUALS` filter and a `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filter on the same field. Combining filters in this way returns an error. `CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters.\n\nYou can combine `PREFIX` filters with `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters for the same field. Security Hub first processes the `PREFIX` filters, and then the `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters.\n\nFor example, for the following filters, Security Hub first identifies findings that have resource types that start with either `AwsIam` or `AwsEc2` . It then excludes findings that have a resource type of `AwsIamPolicy` and findings that have a resource type of `AwsEc2NetworkInterface` .\n\n- `ResourceType PREFIX AwsIam`\n- `ResourceType PREFIX AwsEc2`\n- `ResourceType NOT_EQUALS AwsIamPolicy`\n- `ResourceType NOT_EQUALS AwsEc2NetworkInterface`\n\n`CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* .", - "title": "Comparison", - "type": "string" - }, - "Value": { - "markdownDescription": "The string filter value. Filter values are case sensitive. For example, the product name for control-based findings is `Security Hub` . If you provide `security hub` as the filter value, there's no match.", - "title": "Value", - "type": "string" + "FieldSortOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotFieldSortOptions" + }, + "markdownDescription": "The field sort options for a pivot table sort configuration.", + "title": "FieldSortOptions", + "type": "array" } }, - "required": [ - "Comparison", - "Value" - ], "type": "object" }, - "AWS::SecurityHub::AutomationRule.WorkflowUpdate": { + "AWS::QuickSight::Template.PivotTableTotalOptions": { "additionalProperties": false, "properties": { - "Status": { - "markdownDescription": "The status of the investigation into the finding. The workflow status is specific to an individual finding. It does not affect the generation of new findings. For example, setting the workflow status to `SUPPRESSED` or `RESOLVED` does not prevent a new finding for the same issue.\n\nThe allowed values are the following.\n\n- `NEW` - The initial state of a finding, before it is reviewed.\n\nSecurity Hub also resets `WorkFlowStatus` from `NOTIFIED` or `RESOLVED` to `NEW` in the following cases:\n\n- The record state changes from `ARCHIVED` to `ACTIVE` .\n- The compliance status changes from `PASSED` to either `WARNING` , `FAILED` , or `NOT_AVAILABLE` .\n- `NOTIFIED` - Indicates that you notified the resource owner about the security issue. Used when the initial reviewer is not the resource owner, and needs intervention from the resource owner.\n- `RESOLVED` - The finding was reviewed and remediated and is now considered resolved.\n- `SUPPRESSED` - Indicates that you reviewed the finding and don't believe that any action is needed. The finding is no longer updated.", - "title": "Status", - "type": "string" + "ColumnSubtotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SubtotalOptions", + "markdownDescription": "The column subtotal options.", + "title": "ColumnSubtotalOptions" + }, + "ColumnTotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTotalOptions", + "markdownDescription": "The column total options.", + "title": "ColumnTotalOptions" + }, + "RowSubtotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SubtotalOptions", + "markdownDescription": "The row subtotal options.", + "title": "RowSubtotalOptions" + }, + "RowTotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTotalOptions", + "markdownDescription": "The row total options.", + "title": "RowTotalOptions" } }, - "required": [ - "Status" - ], "type": "object" }, - "AWS::SecurityHub::DelegatedAdmin": { + "AWS::QuickSight::Template.PivotTableVisual": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ConditionalFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableConditionalFormatting", + "markdownDescription": "The conditional formatting for a `PivotTableVisual` .", + "title": "ConditionalFormatting" }, - "Metadata": { - "type": "object" + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AdminAccountId": { - "markdownDescription": "The AWS account identifier of the account to designate as the Security Hub administrator account.", - "title": "AdminAccountId", - "type": "string" - } - }, - "required": [ - "AdminAccountId" - ], - "type": "object" + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" }, - "Type": { - "enum": [ - "AWS::SecurityHub::DelegatedAdmin" - ], + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", "type": "string" } }, "required": [ - "Type", - "Properties" + "VisualId" ], "type": "object" }, - "AWS::SecurityHub::Hub": { + "AWS::QuickSight::Template.PivotTotalOptions": { "additionalProperties": false, "properties": { - "Condition": { + "CustomLabel": { + "markdownDescription": "The custom label string for the total cells.", + "title": "CustomLabel", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "MetricHeaderCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "markdownDescription": "The cell styling options for the total of header cells.", + "title": "MetricHeaderCellStyle" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Placement": { + "markdownDescription": "The placement (start, end) for the total cells.", + "title": "Placement", + "type": "string" }, - "Metadata": { - "type": "object" + "ScrollStatus": { + "markdownDescription": "The scroll status (pinned, scrolled) for the total cells.", + "title": "ScrollStatus", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AutoEnableControls": { - "markdownDescription": "Whether to automatically enable new controls when they are added to standards that are enabled.\n\nBy default, this is set to `true` , and new controls are enabled automatically. To not automatically enable new controls, set this to `false` .\n\nWhen you automatically enable new controls, you can interact with the controls in the console and programmatically immediately after release. However, automatically enabled controls have a temporary default status of `DISABLED` . It can take up to several days for Security Hub to process the control release and designate the control as `ENABLED` in your account. During the processing period, you can manually enable or disable a control, and Security Hub will maintain that designation regardless of whether you have `AutoEnableControls` set to `true` .", - "title": "AutoEnableControls", - "type": "boolean" - }, - "ControlFindingGenerator": { - "markdownDescription": "Specifies whether an account has consolidated control findings turned on or off. If the value for this field is set to `SECURITY_CONTROL` , Security Hub generates a single finding for a control check even when the check applies to multiple enabled standards.\n\nIf the value for this field is set to `STANDARD_CONTROL` , Security Hub generates separate findings for a control check when the check applies to multiple enabled standards.\n\nThe value for this field in a member account matches the value in the administrator account. For accounts that aren't part of an organization, the default value of this field is `SECURITY_CONTROL` if you enabled Security Hub on or after February 23, 2023.", - "title": "ControlFindingGenerator", - "type": "string" - }, - "EnableDefaultStandards": { - "markdownDescription": "Whether to enable the security standards that Security Hub has designated as automatically enabled. If you don't provide a value for `EnableDefaultStandards` , it is set to `true` , and the designated standards are automatically enabled in each AWS Region where you enable Security Hub . If you don't want to enable the designated standards, set `EnableDefaultStandards` to `false` .\n\nCurrently, the automatically enabled standards are the Center for Internet Security (CIS) AWS Foundations Benchmark v1.2.0 and AWS Foundational Security Best Practices (FSBP).", - "title": "EnableDefaultStandards", - "type": "boolean" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - } + "TotalAggregationOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.TotalAggregationOption" }, - "type": "object" + "markdownDescription": "The total aggregation options for each value field.", + "title": "TotalAggregationOptions", + "type": "array" }, - "Type": { - "enum": [ - "AWS::SecurityHub::Hub" - ], - "type": "string" + "TotalCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "markdownDescription": "The cell styling options for the total cells.", + "title": "TotalCellStyle" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "TotalsVisibility": { + "markdownDescription": "The visibility configuration for the total cells.", + "title": "TotalsVisibility", + "type": "object" + }, + "ValueCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "markdownDescription": "The cell styling options for the totals of value cells.", + "title": "ValueCellStyle" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::SecurityHub::Insight": { + "AWS::QuickSight::Template.PluginVisual": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.PluginVisualConfiguration", + "markdownDescription": "A description of the plugin field wells and their persisted properties.", + "title": "ChartConfiguration" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "PluginArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that reflects the plugin and version.", + "title": "PluginArn", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "", + "title": "Subtitle" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Filters": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.AwsSecurityFindingFilters", - "markdownDescription": "One or more attributes used to filter the findings included in the insight. The insight only includes findings that match the criteria defined in the filters. You can filter by up to ten finding attributes. For each attribute, you can provide up to 20 filter values.", - "title": "Filters" - }, - "GroupByAttribute": { - "markdownDescription": "The grouping attribute for the insight's findings. Indicates how to group the matching findings, and identifies the type of item that the insight applies to. For example, if an insight is grouped by resource identifier, then the insight produces a list of resource identifiers.", - "title": "GroupByAttribute", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of a Security Hub insight.", - "title": "Name", - "type": "string" - } - }, - "required": [ - "Filters", - "GroupByAttribute", - "Name" - ], - "type": "object" + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "", + "title": "Title" }, - "Type": { - "enum": [ - "AWS::SecurityHub::Insight" - ], + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VisualId": { + "markdownDescription": "The ID of the visual that you want to use.", + "title": "VisualId", "type": "string" } }, "required": [ - "Type", - "Properties" + "PluginArn", + "VisualId" ], "type": "object" }, - "AWS::SecurityHub::Insight.AwsSecurityFindingFilters": { + "AWS::QuickSight::Template.PluginVisualConfiguration": { "additionalProperties": false, "properties": { - "AwsAccountId": { + "FieldWells": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + "$ref": "#/definitions/AWS::QuickSight::Template.PluginVisualFieldWell" }, - "markdownDescription": "The AWS account ID in which a finding is generated.", - "title": "AwsAccountId", + "markdownDescription": "The field wells configuration of the plugin visual.", + "title": "FieldWells", "type": "array" }, - "AwsAccountName": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The name of the AWS account in which a finding is generated.", - "title": "AwsAccountName", - "type": "array" + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.PluginVisualSortConfiguration", + "markdownDescription": "The sort configuration of the plugin visual.", + "title": "SortConfiguration" }, - "CompanyName": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The name of the findings provider (company) that owns the solution (product) that generates findings.", - "title": "CompanyName", - "type": "array" + "VisualOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.PluginVisualOptions", + "markdownDescription": "The persisted properties of the plugin visual.", + "title": "VisualOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PluginVisualFieldWell": { + "additionalProperties": false, + "properties": { + "AxisName": { + "markdownDescription": "The semantic axis name for the field well.", + "title": "AxisName", + "type": "string" }, - "ComplianceAssociatedStandardsId": { + "Dimensions": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, - "markdownDescription": "The unique identifier of a standard in which a control is enabled. This field consists of the resource portion of the Amazon Resource Name (ARN) returned for a standard in the [DescribeStandards](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeStandards.html) API response.", - "title": "ComplianceAssociatedStandardsId", + "markdownDescription": "A list of dimensions for the field well.", + "title": "Dimensions", "type": "array" }, - "ComplianceSecurityControlId": { + "Measures": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" }, - "markdownDescription": "The unique identifier of a control across standards. Values for this field typically consist of an AWS service and a number, such as APIGateway.5.", - "title": "ComplianceSecurityControlId", + "markdownDescription": "A list of measures that exist in the field well.", + "title": "Measures", "type": "array" }, - "ComplianceSecurityControlParametersName": { + "Unaggregated": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + "$ref": "#/definitions/AWS::QuickSight::Template.UnaggregatedField" }, - "markdownDescription": "The name of a security control parameter.", - "title": "ComplianceSecurityControlParametersName", + "markdownDescription": "A list of unaggregated fields that exist in the field well.", + "title": "Unaggregated", "type": "array" - }, - "ComplianceSecurityControlParametersValue": { + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PluginVisualItemsLimitConfiguration": { + "additionalProperties": false, + "properties": { + "ItemsLimit": { + "markdownDescription": "Determines how many values are be fetched at once.", + "title": "ItemsLimit", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PluginVisualOptions": { + "additionalProperties": false, + "properties": { + "VisualProperties": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + "$ref": "#/definitions/AWS::QuickSight::Template.PluginVisualProperty" }, - "markdownDescription": "The current value of a security control parameter.", - "title": "ComplianceSecurityControlParametersValue", + "markdownDescription": "The persisted properties and their values.", + "title": "VisualProperties", "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PluginVisualProperty": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the plugin visual property.", + "title": "Name", + "type": "string" }, - "ComplianceStatus": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "Exclusive to findings that are generated as the result of a check run against a specific rule in a supported standard, such as CIS AWS Foundations. Contains security standard-related finding details.", - "title": "ComplianceStatus", - "type": "array" + "Value": { + "markdownDescription": "The value of the plugin visual property.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PluginVisualSortConfiguration": { + "additionalProperties": false, + "properties": { + "PluginVisualTableQuerySort": { + "$ref": "#/definitions/AWS::QuickSight::Template.PluginVisualTableQuerySort", + "markdownDescription": "The table query sorting options for the plugin visual.", + "title": "PluginVisualTableQuerySort" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PluginVisualTableQuerySort": { + "additionalProperties": false, + "properties": { + "ItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.PluginVisualItemsLimitConfiguration", + "markdownDescription": "The maximum amount of data to be returned by a query.", + "title": "ItemsLimitConfiguration" }, - "Confidence": { + "RowSort": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" }, - "markdownDescription": "A finding's confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify.\n\nConfidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence.", - "title": "Confidence", + "markdownDescription": "Determines how data is sorted in the response.", + "title": "RowSort", "type": "array" - }, - "CreatedAt": { + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PredefinedHierarchy": { + "additionalProperties": false, + "properties": { + "Columns": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier" }, - "markdownDescription": "A timestamp that indicates when the security findings provider created the potential security issue that a finding reflects.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", - "title": "CreatedAt", + "markdownDescription": "The list of columns that define the predefined hierarchy.", + "title": "Columns", "type": "array" }, - "Criticality": { + "DrillDownFilters": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" + "$ref": "#/definitions/AWS::QuickSight::Template.DrillDownFilter" }, - "markdownDescription": "The level of importance assigned to the resources associated with the finding.\n\nA score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources.", - "title": "Criticality", + "markdownDescription": "The option that determines the drill down filters for the predefined hierarchy.", + "title": "DrillDownFilters", "type": "array" }, - "Description": { + "HierarchyId": { + "markdownDescription": "The hierarchy ID of the predefined hierarchy.", + "title": "HierarchyId", + "type": "string" + } + }, + "required": [ + "Columns", + "HierarchyId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ProgressBarOptions": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility of the progress bar.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.QueryExecutionOptions": { + "additionalProperties": false, + "properties": { + "QueryExecutionMode": { + "markdownDescription": "A structure that describes the query execution mode.", + "title": "QueryExecutionMode", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.RadarChartAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Category": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, - "markdownDescription": "A finding's description.", - "title": "Description", + "markdownDescription": "The aggregated field well categories of a radar chart.", + "title": "Category", "type": "array" }, - "FindingProviderFieldsConfidence": { + "Color": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, - "markdownDescription": "The finding provider value for the finding confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify.\n\nConfidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence.", - "title": "FindingProviderFieldsConfidence", + "markdownDescription": "The color that are assigned to the aggregated field wells of a radar chart.", + "title": "Color", "type": "array" }, - "FindingProviderFieldsCriticality": { + "Values": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" }, - "markdownDescription": "The finding provider value for the level of importance assigned to the resources associated with the findings.\n\nA score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources.", - "title": "FindingProviderFieldsCriticality", - "type": "array" - }, - "FindingProviderFieldsRelatedFindingsId": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The finding identifier of a related finding that is identified by the finding provider.", - "title": "FindingProviderFieldsRelatedFindingsId", + "markdownDescription": "The values that are assigned to the aggregated field wells of a radar chart.", + "title": "Values", "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.RadarChartAreaStyleSettings": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility settings of a radar chart.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.RadarChartConfiguration": { + "additionalProperties": false, + "properties": { + "AlternateBandColorsVisibility": { + "markdownDescription": "Determines the visibility of the colors of alternatign bands in a radar chart.", + "title": "AlternateBandColorsVisibility", + "type": "object" }, - "FindingProviderFieldsRelatedFindingsProductArn": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The ARN of the solution that generated a related finding that is identified by the finding provider.", - "title": "FindingProviderFieldsRelatedFindingsProductArn", - "type": "array" + "AlternateBandEvenColor": { + "markdownDescription": "The color of the even-numbered alternate bands of a radar chart.", + "title": "AlternateBandEvenColor", + "type": "string" }, - "FindingProviderFieldsSeverityLabel": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The finding provider value for the severity label.", - "title": "FindingProviderFieldsSeverityLabel", - "type": "array" + "AlternateBandOddColor": { + "markdownDescription": "The color of the odd-numbered alternate bands of a radar chart.", + "title": "AlternateBandOddColor", + "type": "string" }, - "FindingProviderFieldsSeverityOriginal": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The finding provider's original value for the severity.", - "title": "FindingProviderFieldsSeverityOriginal", - "type": "array" + "AxesRangeScale": { + "markdownDescription": "The axis behavior options of a radar chart.", + "title": "AxesRangeScale", + "type": "string" }, - "FindingProviderFieldsTypes": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "One or more finding types that the finding provider assigned to the finding. Uses the format of `namespace/category/classifier` that classify a finding.\n\nValid namespace values are: Software and Configuration Checks | TTPs | Effects | Unusual Behaviors | Sensitive Data Identifications", - "title": "FindingProviderFieldsTypes", - "type": "array" + "BaseSeriesSettings": { + "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartSeriesSettings", + "markdownDescription": "The base sreies settings of a radar chart.", + "title": "BaseSeriesSettings" }, - "FirstObservedAt": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" - }, - "markdownDescription": "A timestamp that indicates when the security findings provider first observed the potential security issue that a finding captured.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", - "title": "FirstObservedAt", - "type": "array" + "CategoryAxis": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The category axis of a radar chart.", + "title": "CategoryAxis" }, - "GeneratorId": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The identifier for the solution-specific component (a discrete unit of logic) that generated a finding. In various security findings providers' solutions, this generator can be called a rule, a check, a detector, a plugin, etc.", - "title": "GeneratorId", - "type": "array" + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The category label options of a radar chart.", + "title": "CategoryLabelOptions" }, - "Id": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The security findings provider-specific identifier for a finding.", - "title": "Id", - "type": "array" + "ColorAxis": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The color axis of a radar chart.", + "title": "ColorAxis" }, - "LastObservedAt": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" - }, - "markdownDescription": "A timestamp that indicates when the security findings provider most recently observed a change in the resource that is involved in the finding.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", - "title": "LastObservedAt", - "type": "array" + "ColorLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The color label options of a radar chart.", + "title": "ColorLabelOptions" }, - "MalwareName": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The name of the malware that was observed.", - "title": "MalwareName", - "type": "array" + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartFieldWells", + "markdownDescription": "The field well configuration of a `RadarChartVisual` .", + "title": "FieldWells" }, - "MalwarePath": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The filesystem path of the malware that was observed.", - "title": "MalwarePath", - "type": "array" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" }, - "MalwareState": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The state of the malware that was observed.", - "title": "MalwareState", - "type": "array" + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" }, - "MalwareType": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The type of the malware that was observed.", - "title": "MalwareType", - "type": "array" + "Shape": { + "markdownDescription": "The shape of the radar chart.", + "title": "Shape", + "type": "string" }, - "NetworkDestinationDomain": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The destination domain of network-related information about a finding.", - "title": "NetworkDestinationDomain", - "type": "array" + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartSortConfiguration", + "markdownDescription": "The sort configuration of a `RadarChartVisual` .", + "title": "SortConfiguration" }, - "NetworkDestinationIpV4": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.IpFilter" - }, - "markdownDescription": "The destination IPv4 address of network-related information about a finding.", - "title": "NetworkDestinationIpV4", - "type": "array" + "StartAngle": { + "markdownDescription": "The start angle of a radar chart's axis.", + "title": "StartAngle", + "type": "number" }, - "NetworkDestinationIpV6": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.IpFilter" - }, - "markdownDescription": "The destination IPv6 address of network-related information about a finding.", - "title": "NetworkDestinationIpV6", - "type": "array" + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.RadarChartFieldWells": { + "additionalProperties": false, + "properties": { + "RadarChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a radar chart visual.", + "title": "RadarChartAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.RadarChartSeriesSettings": { + "additionalProperties": false, + "properties": { + "AreaStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartAreaStyleSettings", + "markdownDescription": "The area style settings of a radar chart.", + "title": "AreaStyleSettings" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.RadarChartSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The category items limit for a radar chart.", + "title": "CategoryItemsLimit" }, - "NetworkDestinationPort": { + "CategorySort": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" }, - "markdownDescription": "The destination port of network-related information about a finding.", - "title": "NetworkDestinationPort", + "markdownDescription": "The category sort options of a radar chart.", + "title": "CategorySort", "type": "array" }, - "NetworkDirection": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "Indicates the direction of network traffic associated with a finding.", - "title": "NetworkDirection", - "type": "array" + "ColorItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The color items limit of a radar chart.", + "title": "ColorItemsLimit" }, - "NetworkProtocol": { + "ColorSort": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" }, - "markdownDescription": "The protocol of network-related information about a finding.", - "title": "NetworkProtocol", + "markdownDescription": "The color sort configuration of a radar chart.", + "title": "ColorSort", "type": "array" - }, - "NetworkSourceDomain": { + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.RadarChartVisual": { + "additionalProperties": false, + "properties": { + "Actions": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" }, - "markdownDescription": "The source domain of network-related information about a finding.", - "title": "NetworkSourceDomain", + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", "type": "array" }, - "NetworkSourceIpV4": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.IpFilter" - }, - "markdownDescription": "The source IPv4 address of network-related information about a finding.", - "title": "NetworkSourceIpV4", - "type": "array" + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" }, - "NetworkSourceIpV6": { + "ColumnHierarchies": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.IpFilter" + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" }, - "markdownDescription": "The source IPv6 address of network-related information about a finding.", - "title": "NetworkSourceIpV6", + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", "type": "array" }, - "NetworkSourceMac": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The source media access control (MAC) address of network-related information about a finding.", - "title": "NetworkSourceMac", - "type": "array" + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" }, - "NetworkSourcePort": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" - }, - "markdownDescription": "The source port of network-related information about a finding.", - "title": "NetworkSourcePort", - "type": "array" + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" }, - "NoteText": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The text of a note.", - "title": "NoteText", - "type": "array" + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" }, - "NoteUpdatedAt": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" - }, - "markdownDescription": "The timestamp of when the note was updated.", - "title": "NoteUpdatedAt", - "type": "array" + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.RangeEndsLabelType": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility of the range ends label.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ReferenceLine": { + "additionalProperties": false, + "properties": { + "DataConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineDataConfiguration", + "markdownDescription": "The data configuration of the reference line.", + "title": "DataConfiguration" }, - "NoteUpdatedBy": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The principal that created a note.", - "title": "NoteUpdatedBy", - "type": "array" + "LabelConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineLabelConfiguration", + "markdownDescription": "The label configuration of the reference line.", + "title": "LabelConfiguration" }, - "ProcessLaunchedAt": { + "Status": { + "markdownDescription": "The status of the reference line. Choose one of the following options:\n\n- `ENABLE`\n- `DISABLE`", + "title": "Status", + "type": "string" + }, + "StyleConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineStyleConfiguration", + "markdownDescription": "The style configuration of the reference line.", + "title": "StyleConfiguration" + } + }, + "required": [ + "DataConfiguration" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ReferenceLineCustomLabelConfiguration": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The string text of the custom label.", + "title": "CustomLabel", + "type": "string" + } + }, + "required": [ + "CustomLabel" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ReferenceLineDataConfiguration": { + "additionalProperties": false, + "properties": { + "AxisBinding": { + "markdownDescription": "The axis binding type of the reference line. Choose one of the following options:\n\n- `PrimaryY`\n- `SecondaryY`", + "title": "AxisBinding", + "type": "string" + }, + "DynamicConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineDynamicDataConfiguration", + "markdownDescription": "The dynamic configuration of the reference line data configuration.", + "title": "DynamicConfiguration" + }, + "SeriesType": { + "markdownDescription": "The series type of the reference line data configuration. Choose one of the following options:\n\n- `BAR`\n- `LINE`", + "title": "SeriesType", + "type": "string" + }, + "StaticConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineStaticDataConfiguration", + "markdownDescription": "The static data configuration of the reference line data configuration.", + "title": "StaticConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ReferenceLineDynamicDataConfiguration": { + "additionalProperties": false, + "properties": { + "Calculation": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericalAggregationFunction", + "markdownDescription": "The calculation that is used in the dynamic data.", + "title": "Calculation" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that the dynamic data targets.", + "title": "Column" + }, + "MeasureAggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Template.AggregationFunction", + "markdownDescription": "The aggregation function that is used in the dynamic data.", + "title": "MeasureAggregationFunction" + } + }, + "required": [ + "Calculation", + "Column" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ReferenceLineLabelConfiguration": { + "additionalProperties": false, + "properties": { + "CustomLabelConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineCustomLabelConfiguration", + "markdownDescription": "The custom label configuration of the label in a reference line.", + "title": "CustomLabelConfiguration" + }, + "FontColor": { + "markdownDescription": "The font color configuration of the label in a reference line.", + "title": "FontColor", + "type": "string" + }, + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "markdownDescription": "The font configuration of the label in a reference line.", + "title": "FontConfiguration" + }, + "HorizontalPosition": { + "markdownDescription": "The horizontal position configuration of the label in a reference line. Choose one of the following options:\n\n- `LEFT`\n- `CENTER`\n- `RIGHT`", + "title": "HorizontalPosition", + "type": "string" + }, + "ValueLabelConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineValueLabelConfiguration", + "markdownDescription": "The value label configuration of the label in a reference line.", + "title": "ValueLabelConfiguration" + }, + "VerticalPosition": { + "markdownDescription": "The vertical position configuration of the label in a reference line. Choose one of the following options:\n\n- `ABOVE`\n- `BELOW`", + "title": "VerticalPosition", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ReferenceLineStaticDataConfiguration": { + "additionalProperties": false, + "properties": { + "Value": { + "markdownDescription": "The double input of the static data.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "Value" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ReferenceLineStyleConfiguration": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The hex color of the reference line.", + "title": "Color", + "type": "string" + }, + "Pattern": { + "markdownDescription": "The pattern type of the line style. Choose one of the following options:\n\n- `SOLID`\n- `DASHED`\n- `DOTTED`", + "title": "Pattern", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ReferenceLineValueLabelConfiguration": { + "additionalProperties": false, + "properties": { + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericFormatConfiguration", + "markdownDescription": "The format configuration of the value label.", + "title": "FormatConfiguration" + }, + "RelativePosition": { + "markdownDescription": "The relative position of the value label. Choose one of the following options:\n\n- `BEFORE_CUSTOM_LABEL`\n- `AFTER_CUSTOM_LABEL`", + "title": "RelativePosition", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.RelativeDateTimeControlDisplayOptions": { + "additionalProperties": false, + "properties": { + "DateTimeFormat": { + "markdownDescription": "Customize how dates are formatted in controls.", + "title": "DateTimeFormat", + "type": "string" + }, + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.RelativeDatesFilter": { + "additionalProperties": false, + "properties": { + "AnchorDateConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.AnchorDateConfiguration", + "markdownDescription": "The date configuration of the filter.", + "title": "AnchorDateConfiguration" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "ExcludePeriodConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ExcludePeriodConfiguration", + "markdownDescription": "The configuration for the exclude period of the filter.", + "title": "ExcludePeriodConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + }, + "MinimumGranularity": { + "markdownDescription": "The minimum granularity (period granularity) of the relative dates filter.", + "title": "MinimumGranularity", + "type": "string" + }, + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" + }, + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.", + "title": "ParameterName", + "type": "string" + }, + "RelativeDateType": { + "markdownDescription": "The range date type of the filter. Choose one of the options below:\n\n- `PREVIOUS`\n- `THIS`\n- `LAST`\n- `NOW`\n- `NEXT`", + "title": "RelativeDateType", + "type": "string" + }, + "RelativeDateValue": { + "markdownDescription": "The date value of the filter.", + "title": "RelativeDateValue", + "type": "number" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" + } + }, + "required": [ + "AnchorDateConfiguration", + "Column", + "FilterId", + "NullOption", + "RelativeDateType", + "TimeGranularity" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ResourcePermission": { + "additionalProperties": false, + "properties": { + "Actions": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" + "type": "string" }, - "markdownDescription": "A timestamp that identifies when the process was launched.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", - "title": "ProcessLaunchedAt", + "markdownDescription": "The IAM action to grant or revoke permissions on.", + "title": "Actions", "type": "array" }, - "ProcessName": { + "Principal": { + "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", + "title": "Principal", + "type": "string" + } + }, + "required": [ + "Actions", + "Principal" + ], + "type": "object" + }, + "AWS::QuickSight::Template.RollingDateConfiguration": { + "additionalProperties": false, + "properties": { + "DataSetIdentifier": { + "markdownDescription": "The data set that is used in the rolling date configuration.", + "title": "DataSetIdentifier", + "type": "string" + }, + "Expression": { + "markdownDescription": "The expression of the rolling date configuration.", + "title": "Expression", + "type": "string" + } + }, + "required": [ + "Expression" + ], + "type": "object" + }, + "AWS::QuickSight::Template.RowAlternateColorOptions": { + "additionalProperties": false, + "properties": { + "RowAlternateColors": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + "type": "string" }, - "markdownDescription": "The name of the process.", - "title": "ProcessName", + "markdownDescription": "Determines the list of row alternate colors.", + "title": "RowAlternateColors", "type": "array" }, - "ProcessParentPid": { + "Status": { + "markdownDescription": "Determines the widget status.", + "title": "Status", + "type": "string" + }, + "UsePrimaryBackgroundColor": { + "markdownDescription": "The primary background color options for alternate rows.", + "title": "UsePrimaryBackgroundColor", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SameSheetTargetVisualConfiguration": { + "additionalProperties": false, + "properties": { + "TargetVisualOptions": { + "markdownDescription": "The options that choose the target visual in the same sheet.\n\nValid values are defined as follows:\n\n- `ALL_VISUALS` : Applies the filter operation to all visuals in the same sheet.", + "title": "TargetVisualOptions", + "type": "string" + }, + "TargetVisuals": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" + "type": "string" }, - "markdownDescription": "The parent process ID. This field accepts positive integers between `O` and `2147483647` .", - "title": "ProcessParentPid", + "markdownDescription": "A list of the target visual IDs that are located in the same sheet of the analysis.", + "title": "TargetVisuals", "type": "array" - }, - "ProcessPath": { + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SankeyDiagramAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Destination": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, - "markdownDescription": "The path to the process executable.", - "title": "ProcessPath", + "markdownDescription": "The destination field wells of a sankey diagram.", + "title": "Destination", "type": "array" }, - "ProcessPid": { + "Source": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, - "markdownDescription": "The process ID.", - "title": "ProcessPid", + "markdownDescription": "The source field wells of a sankey diagram.", + "title": "Source", "type": "array" }, - "ProcessTerminatedAt": { + "Weight": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" }, - "markdownDescription": "A timestamp that identifies when the process was terminated.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", - "title": "ProcessTerminatedAt", + "markdownDescription": "The weight field wells of a sankey diagram.", + "title": "Weight", "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SankeyDiagramChartConfiguration": { + "additionalProperties": false, + "properties": { + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "markdownDescription": "The data label configuration of a sankey diagram.", + "title": "DataLabels" }, - "ProductArn": { + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.SankeyDiagramFieldWells", + "markdownDescription": "The field well configuration of a sankey diagram.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.SankeyDiagramSortConfiguration", + "markdownDescription": "The sort configuration of a sankey diagram.", + "title": "SortConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SankeyDiagramFieldWells": { + "additionalProperties": false, + "properties": { + "SankeyDiagramAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.SankeyDiagramAggregatedFieldWells", + "markdownDescription": "The field well configuration of a sankey diagram.", + "title": "SankeyDiagramAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SankeyDiagramSortConfiguration": { + "additionalProperties": false, + "properties": { + "DestinationItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of destination nodes that are displayed in a sankey diagram.", + "title": "DestinationItemsLimit" + }, + "SourceItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of source nodes that are displayed in a sankey diagram.", + "title": "SourceItemsLimit" + }, + "WeightSort": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" }, - "markdownDescription": "The ARN generated by Security Hub that uniquely identifies a third-party company (security findings provider) after this provider's product (solution that generates findings) is registered with Security Hub.", - "title": "ProductArn", + "markdownDescription": "The sort configuration of the weight fields.", + "title": "WeightSort", "type": "array" - }, - "ProductFields": { + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SankeyDiagramVisual": { + "additionalProperties": false, + "properties": { + "Actions": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.MapFilter" + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" }, - "markdownDescription": "A data type where security findings providers can include additional solution-specific details that aren't part of the defined `AwsSecurityFinding` format.", - "title": "ProductFields", + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", "type": "array" }, - "ProductName": { + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.SankeyDiagramChartConfiguration", + "markdownDescription": "The configuration of a sankey diagram.", + "title": "ChartConfiguration" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ScatterPlotCategoricallyAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Category": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, - "markdownDescription": "The name of the solution (product) that generates findings.", - "title": "ProductName", + "markdownDescription": "The category field well of a scatter plot.", + "title": "Category", "type": "array" }, - "RecommendationText": { + "Label": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, - "markdownDescription": "The recommendation of what to do about the issue described in a finding.", - "title": "RecommendationText", + "markdownDescription": "The label field well of a scatter plot.", + "title": "Label", "type": "array" }, - "RecordState": { + "Size": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" }, - "markdownDescription": "The updated record state for the finding.", - "title": "RecordState", + "markdownDescription": "The size field well of a scatter plot.", + "title": "Size", "type": "array" }, - "Region": { + "XAxis": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" }, - "markdownDescription": "The Region from which the finding was generated.", - "title": "Region", + "markdownDescription": "The x-axis field well of a scatter plot.\n\nThe x-axis is aggregated by category.", + "title": "XAxis", "type": "array" }, - "RelatedFindingsId": { + "YAxis": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" }, - "markdownDescription": "The solution-generated identifier for a related finding.", - "title": "RelatedFindingsId", + "markdownDescription": "The y-axis field well of a scatter plot.\n\nThe y-axis is aggregated by category.", + "title": "YAxis", "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ScatterPlotConfiguration": { + "additionalProperties": false, + "properties": { + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.", + "title": "DataLabels" }, - "RelatedFindingsProductArn": { + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.ScatterPlotFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ScatterPlotSortConfiguration", + "markdownDescription": "The sort configuration of a scatter plot.", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Tooltip" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" + }, + "XAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, and axis step) of the scatter plot's x-axis.", + "title": "XAxisDisplayOptions" + }, + "XAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's x-axis.", + "title": "XAxisLabelOptions" + }, + "YAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, and axis step) of the scatter plot's y-axis.", + "title": "YAxisDisplayOptions" + }, + "YAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's y-axis.", + "title": "YAxisLabelOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ScatterPlotFieldWells": { + "additionalProperties": false, + "properties": { + "ScatterPlotCategoricallyAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.ScatterPlotCategoricallyAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a scatter plot. The x and y-axes of scatter plots with aggregated field wells are aggregated by category, label, or both.", + "title": "ScatterPlotCategoricallyAggregatedFieldWells" + }, + "ScatterPlotUnaggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.ScatterPlotUnaggregatedFieldWells", + "markdownDescription": "The unaggregated field wells of a scatter plot. The x and y-axes of these scatter plots are unaggregated.", + "title": "ScatterPlotUnaggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ScatterPlotSortConfiguration": { + "additionalProperties": false, + "properties": { + "ScatterPlotLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "", + "title": "ScatterPlotLimitConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ScatterPlotUnaggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Category": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, - "markdownDescription": "The ARN of the solution that generated a related finding.", - "title": "RelatedFindingsProductArn", + "markdownDescription": "The category field well of a scatter plot.", + "title": "Category", "type": "array" }, - "ResourceApplicationArn": { + "Label": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, - "markdownDescription": "The ARN of the application that is related to a finding.", - "title": "ResourceApplicationArn", + "markdownDescription": "The label field well of a scatter plot.", + "title": "Label", "type": "array" }, - "ResourceApplicationName": { + "Size": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" }, - "markdownDescription": "The name of the application that is related to a finding.", - "title": "ResourceApplicationName", + "markdownDescription": "The size field well of a scatter plot.", + "title": "Size", "type": "array" }, - "ResourceAwsEc2InstanceIamInstanceProfileArn": { + "XAxis": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, - "markdownDescription": "The IAM profile ARN of the instance.", - "title": "ResourceAwsEc2InstanceIamInstanceProfileArn", + "markdownDescription": "The x-axis field well of a scatter plot.\n\nThe x-axis is a dimension field and cannot be aggregated.", + "title": "XAxis", "type": "array" }, - "ResourceAwsEc2InstanceImageId": { + "YAxis": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, - "markdownDescription": "The Amazon Machine Image (AMI) ID of the instance.", - "title": "ResourceAwsEc2InstanceImageId", + "markdownDescription": "The y-axis field well of a scatter plot.\n\nThe y-axis is a dimension field and cannot be aggregated.", + "title": "YAxis", "type": "array" - }, - "ResourceAwsEc2InstanceIpV4Addresses": { + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ScatterPlotVisual": { + "additionalProperties": false, + "properties": { + "Actions": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.IpFilter" + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" }, - "markdownDescription": "The IPv4 addresses associated with the instance.", - "title": "ResourceAwsEc2InstanceIpV4Addresses", + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", "type": "array" }, - "ResourceAwsEc2InstanceIpV6Addresses": { + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ScatterPlotConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.IpFilter" + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" }, - "markdownDescription": "The IPv6 addresses associated with the instance.", - "title": "ResourceAwsEc2InstanceIpV6Addresses", + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", "type": "array" }, - "ResourceAwsEc2InstanceKeyName": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The key name associated with the instance.", - "title": "ResourceAwsEc2InstanceKeyName", - "type": "array" - }, - "ResourceAwsEc2InstanceLaunchedAt": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" - }, - "markdownDescription": "The date and time the instance was launched.", - "title": "ResourceAwsEc2InstanceLaunchedAt", - "type": "array" + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" }, - "ResourceAwsEc2InstanceSubnetId": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The identifier of the subnet that the instance was launched in.", - "title": "ResourceAwsEc2InstanceSubnetId", - "type": "array" + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" }, - "ResourceAwsEc2InstanceType": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The instance type of the instance.", - "title": "ResourceAwsEc2InstanceType", - "type": "array" + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" }, - "ResourceAwsEc2InstanceVpcId": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The identifier of the VPC that the instance was launched in.", - "title": "ResourceAwsEc2InstanceVpcId", - "type": "array" + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ScrollBarOptions": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility of the data zoom scroll bar.", + "title": "Visibility", + "type": "object" }, - "ResourceAwsIamAccessKeyCreatedAt": { + "VisibleRange": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisibleRangeOptions", + "markdownDescription": "The visibility range for the data zoom scroll bar.", + "title": "VisibleRange" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SecondaryValueOptions": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "Determines the visibility of the secondary value.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SectionAfterPageBreak": { + "additionalProperties": false, + "properties": { + "Status": { + "markdownDescription": "The option that enables or disables a page break at the end of a section.", + "title": "Status", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SectionBasedLayoutCanvasSizeOptions": { + "additionalProperties": false, + "properties": { + "PaperCanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SectionBasedLayoutPaperCanvasSizeOptions", + "markdownDescription": "The options for a paper canvas of a section-based layout.", + "title": "PaperCanvasSizeOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SectionBasedLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "BodySections": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" + "$ref": "#/definitions/AWS::QuickSight::Template.BodySectionConfiguration" }, - "markdownDescription": "The creation date/time of the IAM access key related to a finding.", - "title": "ResourceAwsIamAccessKeyCreatedAt", + "markdownDescription": "A list of body section configurations.", + "title": "BodySections", "type": "array" }, - "ResourceAwsIamAccessKeyPrincipalName": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The name of the principal that is associated with an IAM access key.", - "title": "ResourceAwsIamAccessKeyPrincipalName", - "type": "array" + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SectionBasedLayoutCanvasSizeOptions", + "markdownDescription": "The options for the canvas of a section-based layout.", + "title": "CanvasSizeOptions" }, - "ResourceAwsIamAccessKeyStatus": { + "FooterSections": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + "$ref": "#/definitions/AWS::QuickSight::Template.HeaderFooterSectionConfiguration" }, - "markdownDescription": "The status of the IAM access key related to a finding.", - "title": "ResourceAwsIamAccessKeyStatus", + "markdownDescription": "A list of footer section configurations.", + "title": "FooterSections", "type": "array" }, - "ResourceAwsIamUserUserName": { + "HeaderSections": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + "$ref": "#/definitions/AWS::QuickSight::Template.HeaderFooterSectionConfiguration" }, - "markdownDescription": "The name of an IAM user.", - "title": "ResourceAwsIamUserUserName", + "markdownDescription": "A list of header section configurations.", + "title": "HeaderSections", "type": "array" + } + }, + "required": [ + "BodySections", + "CanvasSizeOptions", + "FooterSections", + "HeaderSections" + ], + "type": "object" + }, + "AWS::QuickSight::Template.SectionBasedLayoutPaperCanvasSizeOptions": { + "additionalProperties": false, + "properties": { + "PaperMargin": { + "$ref": "#/definitions/AWS::QuickSight::Template.Spacing", + "markdownDescription": "Defines the spacing between the canvas content and the top, bottom, left, and right edges.", + "title": "PaperMargin" }, - "ResourceAwsS3BucketOwnerId": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The canonical user ID of the owner of the S3 bucket.", - "title": "ResourceAwsS3BucketOwnerId", - "type": "array" + "PaperOrientation": { + "markdownDescription": "The paper orientation that is used to define canvas dimensions. Choose one of the following options:\n\n- PORTRAIT\n- LANDSCAPE", + "title": "PaperOrientation", + "type": "string" }, - "ResourceAwsS3BucketOwnerName": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The display name of the owner of the S3 bucket.", - "title": "ResourceAwsS3BucketOwnerName", - "type": "array" + "PaperSize": { + "markdownDescription": "The paper size that is used to define canvas dimensions.", + "title": "PaperSize", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SectionLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "FreeFormLayout": { + "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormSectionLayoutConfiguration", + "markdownDescription": "The free-form layout configuration of a section.", + "title": "FreeFormLayout" + } + }, + "required": [ + "FreeFormLayout" + ], + "type": "object" + }, + "AWS::QuickSight::Template.SectionPageBreakConfiguration": { + "additionalProperties": false, + "properties": { + "After": { + "$ref": "#/definitions/AWS::QuickSight::Template.SectionAfterPageBreak", + "markdownDescription": "The configuration of a page break after a section.", + "title": "After" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SectionStyle": { + "additionalProperties": false, + "properties": { + "Height": { + "markdownDescription": "The height of a section.\n\nHeights can only be defined for header and footer sections. The default height margin is 0.5 inches.", + "title": "Height", + "type": "string" }, - "ResourceContainerImageId": { + "Padding": { + "$ref": "#/definitions/AWS::QuickSight::Template.Spacing", + "markdownDescription": "The spacing between section content and its top, bottom, left, and right edges.\n\nThere is no padding by default.", + "title": "Padding" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SelectedSheetsFilterScopeConfiguration": { + "additionalProperties": false, + "properties": { + "SheetVisualScopingConfigurations": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + "$ref": "#/definitions/AWS::QuickSight::Template.SheetVisualScopingConfiguration" }, - "markdownDescription": "The identifier of the image related to a finding.", - "title": "ResourceContainerImageId", + "markdownDescription": "The sheet ID and visual IDs of the sheet and visuals that the filter is applied to.", + "title": "SheetVisualScopingConfigurations", "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SeriesItem": { + "additionalProperties": false, + "properties": { + "DataFieldSeriesItem": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataFieldSeriesItem", + "markdownDescription": "The data field series item configuration of a line chart.", + "title": "DataFieldSeriesItem" }, - "ResourceContainerImageName": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The name of the image related to a finding.", - "title": "ResourceContainerImageName", - "type": "array" + "FieldSeriesItem": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSeriesItem", + "markdownDescription": "The field series item configuration of a line chart.", + "title": "FieldSeriesItem" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SetParameterValueConfiguration": { + "additionalProperties": false, + "properties": { + "DestinationParameterName": { + "markdownDescription": "The destination parameter name of the `SetParameterValueConfiguration` .", + "title": "DestinationParameterName", + "type": "string" }, - "ResourceContainerLaunchedAt": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" - }, - "markdownDescription": "A timestamp that identifies when the container was started.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", - "title": "ResourceContainerLaunchedAt", - "type": "array" + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Template.DestinationParameterValueConfiguration", + "markdownDescription": "", + "title": "Value" + } + }, + "required": [ + "DestinationParameterName", + "Value" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ShapeConditionalFormat": { + "additionalProperties": false, + "properties": { + "BackgroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting for the shape background color of a filled map visual.", + "title": "BackgroundColor" + } + }, + "required": [ + "BackgroundColor" + ], + "type": "object" + }, + "AWS::QuickSight::Template.Sheet": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of a sheet. This name is displayed on the sheet's tab in the Amazon QuickSight console.", + "title": "Name", + "type": "string" }, - "ResourceContainerName": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The name of the container related to a finding.", - "title": "ResourceContainerName", - "type": "array" + "SheetId": { + "markdownDescription": "The unique identifier associated with a sheet.", + "title": "SheetId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SheetControlInfoIconLabelOptions": { + "additionalProperties": false, + "properties": { + "InfoIconText": { + "markdownDescription": "The text content of info icon.", + "title": "InfoIconText", + "type": "string" }, - "ResourceDetailsOther": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.MapFilter" - }, - "markdownDescription": "The details of a resource that doesn't have a specific subfield for the resource type defined.", - "title": "ResourceDetailsOther", - "type": "array" + "Visibility": { + "markdownDescription": "The visibility configuration of info icon label options.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SheetControlLayout": { + "additionalProperties": false, + "properties": { + "Configuration": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlLayoutConfiguration", + "markdownDescription": "The configuration that determines the elements and canvas size options of sheet control.", + "title": "Configuration" + } + }, + "required": [ + "Configuration" + ], + "type": "object" + }, + "AWS::QuickSight::Template.SheetControlLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "GridLayout": { + "$ref": "#/definitions/AWS::QuickSight::Template.GridLayoutConfiguration", + "markdownDescription": "The configuration that determines the elements and canvas size options of sheet control.", + "title": "GridLayout" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SheetDefinition": { + "additionalProperties": false, + "properties": { + "ContentType": { + "markdownDescription": "The layout content type of the sheet. Choose one of the following options:\n\n- `PAGINATED` : Creates a sheet for a paginated report.\n- `INTERACTIVE` : Creates a sheet for an interactive dashboard.", + "title": "ContentType", + "type": "string" }, - "ResourceId": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The canonical identifier for the given resource type.", - "title": "ResourceId", - "type": "array" + "Description": { + "markdownDescription": "A description of the sheet.", + "title": "Description", + "type": "string" }, - "ResourcePartition": { + "FilterControls": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + "$ref": "#/definitions/AWS::QuickSight::Template.FilterControl" }, - "markdownDescription": "The canonical AWS partition name that the Region is assigned to.", - "title": "ResourcePartition", + "markdownDescription": "The list of filter controls that are on a sheet.\n\nFor more information, see [Adding filter controls to analysis sheets](https://docs.aws.amazon.com/quicksight/latest/user/filter-controls.html) in the *Amazon QuickSight User Guide* .", + "title": "FilterControls", "type": "array" }, - "ResourceRegion": { + "Images": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + "$ref": "#/definitions/AWS::QuickSight::Template.SheetImage" }, - "markdownDescription": "The canonical AWS external Region name where this resource is located.", - "title": "ResourceRegion", + "markdownDescription": "A list of images on a sheet.", + "title": "Images", "type": "array" }, - "ResourceTags": { + "Layouts": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.MapFilter" + "$ref": "#/definitions/AWS::QuickSight::Template.Layout" }, - "markdownDescription": "A list of AWS tags associated with a resource at the time the finding was processed.", - "title": "ResourceTags", + "markdownDescription": "Layouts define how the components of a sheet are arranged.\n\nFor more information, see [Types of layout](https://docs.aws.amazon.com/quicksight/latest/user/types-of-layout.html) in the *Amazon QuickSight User Guide* .", + "title": "Layouts", "type": "array" }, - "ResourceType": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "Specifies the type of the resource that details are provided for.", - "title": "ResourceType", - "type": "array" + "Name": { + "markdownDescription": "The name of the sheet. This name is displayed on the sheet's tab in the Amazon QuickSight console.", + "title": "Name", + "type": "string" }, - "Sample": { + "ParameterControls": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.BooleanFilter" + "$ref": "#/definitions/AWS::QuickSight::Template.ParameterControl" }, - "markdownDescription": "Indicates whether or not sample findings are included in the filter results.", - "title": "Sample", + "markdownDescription": "The list of parameter controls that are on a sheet.\n\nFor more information, see [Using a Control with a Parameter in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-controls.html) in the *Amazon QuickSight User Guide* .", + "title": "ParameterControls", "type": "array" }, - "SeverityLabel": { + "SheetControlLayouts": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlLayout" }, - "markdownDescription": "The label of a finding's severity.", - "title": "SeverityLabel", + "markdownDescription": "The control layouts of the sheet.", + "title": "SheetControlLayouts", "type": "array" }, - "SourceUrl": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "A URL that links to a page about the current finding in the security findings provider's solution.", - "title": "SourceUrl", - "type": "array" + "SheetId": { + "markdownDescription": "The unique identifier of a sheet.", + "title": "SheetId", + "type": "string" }, - "ThreatIntelIndicatorCategory": { + "TextBoxes": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + "$ref": "#/definitions/AWS::QuickSight::Template.SheetTextBox" }, - "markdownDescription": "The category of a threat intelligence indicator.", - "title": "ThreatIntelIndicatorCategory", + "markdownDescription": "The text boxes that are on a sheet.", + "title": "TextBoxes", "type": "array" }, - "ThreatIntelIndicatorLastObservedAt": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" - }, - "markdownDescription": "A timestamp that identifies the last observation of a threat intelligence indicator.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", - "title": "ThreatIntelIndicatorLastObservedAt", - "type": "array" + "Title": { + "markdownDescription": "The title of the sheet.", + "title": "Title", + "type": "string" }, - "ThreatIntelIndicatorSource": { + "Visuals": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + "$ref": "#/definitions/AWS::QuickSight::Template.Visual" }, - "markdownDescription": "The source of the threat intelligence.", - "title": "ThreatIntelIndicatorSource", + "markdownDescription": "A list of the visuals that are on a sheet. Visual placement is determined by the layout of the sheet.", + "title": "Visuals", "type": "array" + } + }, + "required": [ + "SheetId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.SheetElementConfigurationOverrides": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "Determines whether or not the overrides are visible. Choose one of the following options:\n\n- `VISIBLE`\n- `HIDDEN`", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SheetElementRenderingRule": { + "additionalProperties": false, + "properties": { + "ConfigurationOverrides": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetElementConfigurationOverrides", + "markdownDescription": "The override configuration of the rendering rules of a sheet.", + "title": "ConfigurationOverrides" }, - "ThreatIntelIndicatorSourceUrl": { + "Expression": { + "markdownDescription": "The expression of the rendering rules of a sheet.", + "title": "Expression", + "type": "string" + } + }, + "required": [ + "ConfigurationOverrides", + "Expression" + ], + "type": "object" + }, + "AWS::QuickSight::Template.SheetImage": { + "additionalProperties": false, + "properties": { + "Actions": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + "$ref": "#/definitions/AWS::QuickSight::Template.ImageCustomAction" }, - "markdownDescription": "The URL for more details from the source of the threat intelligence.", - "title": "ThreatIntelIndicatorSourceUrl", + "markdownDescription": "A list of custom actions that are configured for an image.", + "title": "Actions", "type": "array" }, - "ThreatIntelIndicatorType": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The type of a threat intelligence indicator.", - "title": "ThreatIntelIndicatorType", - "type": "array" + "ImageContentAltText": { + "markdownDescription": "The alt text for the image.", + "title": "ImageContentAltText", + "type": "string" }, - "ThreatIntelIndicatorValue": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The value of a threat intelligence indicator.", - "title": "ThreatIntelIndicatorValue", - "type": "array" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ImageInteractionOptions", + "markdownDescription": "The general image interactions setup for an image.", + "title": "Interactions" }, - "Title": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "A finding's title.", - "title": "Title", - "type": "array" + "Scaling": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetImageScalingConfiguration", + "markdownDescription": "Determines how the image is scaled.", + "title": "Scaling" }, - "Type": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "A finding type in the format of `namespace/category/classifier` that classifies a finding.", - "title": "Type", - "type": "array" + "SheetImageId": { + "markdownDescription": "The ID of the sheet image.", + "title": "SheetImageId", + "type": "string" }, - "UpdatedAt": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" - }, - "markdownDescription": "A timestamp that indicates when the security findings provider last updated the finding record.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", - "title": "UpdatedAt", - "type": "array" + "Source": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetImageSource", + "markdownDescription": "The source of the image.", + "title": "Source" }, - "UserDefinedFields": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.MapFilter" - }, - "markdownDescription": "A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding.", - "title": "UserDefinedFields", - "type": "array" + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetImageTooltipConfiguration", + "markdownDescription": "The tooltip to be shown when hovering over the image.", + "title": "Tooltip" + } + }, + "required": [ + "SheetImageId", + "Source" + ], + "type": "object" + }, + "AWS::QuickSight::Template.SheetImageScalingConfiguration": { + "additionalProperties": false, + "properties": { + "ScalingType": { + "markdownDescription": "The scaling option to use when fitting the image inside the container.\n\nValid values are defined as follows:\n\n- `SCALE_TO_WIDTH` : The image takes up the entire width of the container. The image aspect ratio is preserved.\n- `SCALE_TO_HEIGHT` : The image takes up the entire height of the container. The image aspect ratio is preserved.\n- `SCALE_TO_CONTAINER` : The image takes up the entire width and height of the container. The image aspect ratio is not preserved.\n- `SCALE_NONE` : The image is displayed in its original size and is not scaled to the container.", + "title": "ScalingType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SheetImageSource": { + "additionalProperties": false, + "properties": { + "SheetImageStaticFileSource": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetImageStaticFileSource", + "markdownDescription": "The source of the static file that contains the image.", + "title": "SheetImageStaticFileSource" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SheetImageStaticFileSource": { + "additionalProperties": false, + "properties": { + "StaticFileId": { + "markdownDescription": "The ID of the static file that contains the image.", + "title": "StaticFileId", + "type": "string" + } + }, + "required": [ + "StaticFileId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.SheetImageTooltipConfiguration": { + "additionalProperties": false, + "properties": { + "TooltipText": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetImageTooltipText", + "markdownDescription": "The text that appears in the tooltip.", + "title": "TooltipText" }, - "VerificationState": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The veracity of a finding.", - "title": "VerificationState", - "type": "array" + "Visibility": { + "markdownDescription": "The visibility of the tooltip.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SheetImageTooltipText": { + "additionalProperties": false, + "properties": { + "PlainText": { + "markdownDescription": "The plain text format.", + "title": "PlainText", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SheetTextBox": { + "additionalProperties": false, + "properties": { + "Content": { + "markdownDescription": "The content that is displayed in the text box.", + "title": "Content", + "type": "string" }, - "VulnerabilitiesExploitAvailable": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "Indicates whether a software vulnerability in your environment has a known exploit. You can filter findings by this field only if you use Security Hub and Amazon Inspector.", - "title": "VulnerabilitiesExploitAvailable", - "type": "array" + "SheetTextBoxId": { + "markdownDescription": "The unique identifier for a text box. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have text boxes that share identifiers.", + "title": "SheetTextBoxId", + "type": "string" + } + }, + "required": [ + "SheetTextBoxId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.SheetVisualScopingConfiguration": { + "additionalProperties": false, + "properties": { + "Scope": { + "markdownDescription": "The scope of the applied entities. Choose one of the following options:\n\n- `ALL_VISUALS`\n- `SELECTED_VISUALS`", + "title": "Scope", + "type": "string" }, - "VulnerabilitiesFixAvailable": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "Indicates whether a vulnerability is fixed in a newer version of the affected software packages. You can filter findings by this field only if you use Security Hub and Amazon Inspector.", - "title": "VulnerabilitiesFixAvailable", - "type": "array" + "SheetId": { + "markdownDescription": "The selected sheet that the filter is applied to.", + "title": "SheetId", + "type": "string" }, - "WorkflowState": { + "VisualIds": { "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + "type": "string" }, - "markdownDescription": "The workflow state of a finding.\n\nNote that this field is deprecated. To search for a finding based on its workflow status, use `WorkflowStatus` .", - "title": "WorkflowState", + "markdownDescription": "The selected visuals that the filter is applied to.", + "title": "VisualIds", "type": "array" + } + }, + "required": [ + "Scope", + "SheetId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ShortFormatText": { + "additionalProperties": false, + "properties": { + "PlainText": { + "markdownDescription": "Plain text format.", + "title": "PlainText", + "type": "string" }, - "WorkflowStatus": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The status of the investigation into a finding. Allowed values are the following.\n\n- `NEW` - The initial state of a finding, before it is reviewed.\n\nSecurity Hub also resets the workflow status from `NOTIFIED` or `RESOLVED` to `NEW` in the following cases:\n\n- `RecordState` changes from `ARCHIVED` to `ACTIVE` .\n- `Compliance.Status` changes from `PASSED` to either `WARNING` , `FAILED` , or `NOT_AVAILABLE` .\n- `NOTIFIED` - Indicates that the resource owner has been notified about the security issue. Used when the initial reviewer is not the resource owner, and needs intervention from the resource owner.\n\nIf one of the following occurs, the workflow status is changed automatically from `NOTIFIED` to `NEW` :\n\n- `RecordState` changes from `ARCHIVED` to `ACTIVE` .\n- `Compliance.Status` changes from `PASSED` to `FAILED` , `WARNING` , or `NOT_AVAILABLE` .\n- `SUPPRESSED` - Indicates that you reviewed the finding and don't believe that any action is needed.\n\nThe workflow status of a `SUPPRESSED` finding does not change if `RecordState` changes from `ARCHIVED` to `ACTIVE` .\n- `RESOLVED` - The finding was reviewed and remediated and is now considered resolved.\n\nThe finding remains `RESOLVED` unless one of the following occurs:\n\n- `RecordState` changes from `ARCHIVED` to `ACTIVE` .\n- `Compliance.Status` changes from `PASSED` to `FAILED` , `WARNING` , or `NOT_AVAILABLE` .\n\nIn those cases, the workflow status is automatically reset to `NEW` .\n\nFor findings from controls, if `Compliance.Status` is `PASSED` , then Security Hub automatically sets the workflow status to `RESOLVED` .", - "title": "WorkflowStatus", - "type": "array" + "RichText": { + "markdownDescription": "Rich text. Examples of rich text include bold, underline, and italics.", + "title": "RichText", + "type": "string" } }, "type": "object" }, - "AWS::SecurityHub::Insight.BooleanFilter": { + "AWS::QuickSight::Template.SimpleClusterMarker": { "additionalProperties": false, "properties": { - "Value": { - "markdownDescription": "The value of the boolean.", - "title": "Value", - "type": "boolean" + "Color": { + "markdownDescription": "The color of the simple cluster marker.", + "title": "Color", + "type": "string" } }, - "required": [ - "Value" - ], "type": "object" }, - "AWS::SecurityHub::Insight.DateFilter": { + "AWS::QuickSight::Template.SingleAxisOptions": { "additionalProperties": false, "properties": { - "DateRange": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.DateRange", - "markdownDescription": "A date range for the date filter.", - "title": "DateRange" + "YAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.YAxisOptions", + "markdownDescription": "The Y axis options of a single axis configuration.", + "title": "YAxisOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SliderControlDisplayOptions": { + "additionalProperties": false, + "properties": { + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" }, - "End": { - "markdownDescription": "A timestamp that provides the end date for the date filter.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", - "title": "End", + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SmallMultiplesAxisProperties": { + "additionalProperties": false, + "properties": { + "Placement": { + "markdownDescription": "Defines the placement of the axis. By default, axes are rendered `OUTSIDE` of the panels. Axes with `INDEPENDENT` scale are rendered `INSIDE` the panels.", + "title": "Placement", "type": "string" }, - "Start": { - "markdownDescription": "A timestamp that provides the start date for the date filter.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", - "title": "Start", + "Scale": { + "markdownDescription": "Determines whether scale of the axes are shared or independent. The default value is `SHARED` .", + "title": "Scale", "type": "string" } }, "type": "object" }, - "AWS::SecurityHub::Insight.DateRange": { + "AWS::QuickSight::Template.SmallMultiplesOptions": { "additionalProperties": false, "properties": { - "Unit": { - "markdownDescription": "A date range unit for the date filter.", - "title": "Unit", - "type": "string" + "MaxVisibleColumns": { + "markdownDescription": "Sets the maximum number of visible columns to display in the grid of small multiples panels.\n\nThe default is `Auto` , which automatically adjusts the columns in the grid to fit the overall layout and size of the given chart.", + "title": "MaxVisibleColumns", + "type": "number" }, - "Value": { - "markdownDescription": "A date range value for the date filter.", - "title": "Value", + "MaxVisibleRows": { + "markdownDescription": "Sets the maximum number of visible rows to display in the grid of small multiples panels.\n\nThe default value is `Auto` , which automatically adjusts the rows in the grid to fit the overall layout and size of the given chart.", + "title": "MaxVisibleRows", "type": "number" + }, + "PanelConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.PanelConfiguration", + "markdownDescription": "Configures the display options for each small multiples panel.", + "title": "PanelConfiguration" + }, + "XAxis": { + "$ref": "#/definitions/AWS::QuickSight::Template.SmallMultiplesAxisProperties", + "markdownDescription": "The properties of a small multiples X axis.", + "title": "XAxis" + }, + "YAxis": { + "$ref": "#/definitions/AWS::QuickSight::Template.SmallMultiplesAxisProperties", + "markdownDescription": "The properties of a small multiples Y axis.", + "title": "YAxis" } }, - "required": [ - "Unit", - "Value" - ], "type": "object" }, - "AWS::SecurityHub::Insight.IpFilter": { + "AWS::QuickSight::Template.Spacing": { "additionalProperties": false, "properties": { - "Cidr": { - "markdownDescription": "A finding's CIDR value.", - "title": "Cidr", + "Bottom": { + "markdownDescription": "Define the bottom spacing.", + "title": "Bottom", + "type": "string" + }, + "Left": { + "markdownDescription": "Define the left spacing.", + "title": "Left", + "type": "string" + }, + "Right": { + "markdownDescription": "Define the right spacing.", + "title": "Right", + "type": "string" + }, + "Top": { + "markdownDescription": "Define the top spacing.", + "title": "Top", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.StringDefaultValues": { + "additionalProperties": false, + "properties": { + "DynamicValue": { + "$ref": "#/definitions/AWS::QuickSight::Template.DynamicDefaultValue", + "markdownDescription": "The dynamic value of the `StringDefaultValues` . Different defaults displayed according to users, groups, and values mapping.", + "title": "DynamicValue" + }, + "StaticValues": { + "items": { + "type": "string" + }, + "markdownDescription": "The static values of the `DecimalDefaultValues` .", + "title": "StaticValues", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.StringFormatConfiguration": { + "additionalProperties": false, + "properties": { + "NullValueFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NullValueFormatConfiguration", + "markdownDescription": "The options that determine the null value format configuration.", + "title": "NullValueFormatConfiguration" + }, + "NumericFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericFormatConfiguration", + "markdownDescription": "The formatting configuration for numeric strings.", + "title": "NumericFormatConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.StringParameterDeclaration": { + "additionalProperties": false, + "properties": { + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::Template.StringDefaultValues", + "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", + "title": "DefaultValues" + }, + "MappedDataSetParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MappedDataSetParameter" + }, + "markdownDescription": "", + "title": "MappedDataSetParameters", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the parameter that is being declared.", + "title": "Name", + "type": "string" + }, + "ParameterValueType": { + "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", + "title": "ParameterValueType", "type": "string" + }, + "ValueWhenUnset": { + "$ref": "#/definitions/AWS::QuickSight::Template.StringValueWhenUnsetConfiguration", + "markdownDescription": "The configuration that defines the default value of a `String` parameter when a value has not been set.", + "title": "ValueWhenUnset" } }, "required": [ - "Cidr" + "Name", + "ParameterValueType" ], "type": "object" }, - "AWS::SecurityHub::Insight.MapFilter": { + "AWS::QuickSight::Template.StringValueWhenUnsetConfiguration": { "additionalProperties": false, "properties": { - "Comparison": { - "markdownDescription": "The condition to apply to the key value when filtering Security Hub findings with a map filter.\n\nTo search for values that have the filter value, use one of the following comparison operators:\n\n- To search for values that include the filter value, use `CONTAINS` . For example, for the `ResourceTags` field, the filter `Department CONTAINS Security` matches findings that include the value `Security` for the `Department` tag. In the same example, a finding with a value of `Security team` for the `Department` tag is a match.\n- To search for values that exactly match the filter value, use `EQUALS` . For example, for the `ResourceTags` field, the filter `Department EQUALS Security` matches findings that have the value `Security` for the `Department` tag.\n\n`CONTAINS` and `EQUALS` filters on the same field are joined by `OR` . A finding matches if it matches any one of those filters. For example, the filters `Department CONTAINS Security OR Department CONTAINS Finance` match a finding that includes either `Security` , `Finance` , or both values.\n\nTo search for values that don't have the filter value, use one of the following comparison operators:\n\n- To search for values that exclude the filter value, use `NOT_CONTAINS` . For example, for the `ResourceTags` field, the filter `Department NOT_CONTAINS Finance` matches findings that exclude the value `Finance` for the `Department` tag.\n- To search for values other than the filter value, use `NOT_EQUALS` . For example, for the `ResourceTags` field, the filter `Department NOT_EQUALS Finance` matches findings that don\u2019t have the value `Finance` for the `Department` tag.\n\n`NOT_CONTAINS` and `NOT_EQUALS` filters on the same field are joined by `AND` . A finding matches only if it matches all of those filters. For example, the filters `Department NOT_CONTAINS Security AND Department NOT_CONTAINS Finance` match a finding that excludes both the `Security` and `Finance` values.\n\n`CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters.\n\nYou can\u2019t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can\u2019t have both an `EQUALS` filter and a `NOT_EQUALS` filter on the same field. Combining filters in this way returns an error.\n\n`CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* .", - "title": "Comparison", + "CustomValue": { + "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", + "title": "CustomValue", "type": "string" }, - "Key": { - "markdownDescription": "The key of the map filter. For example, for `ResourceTags` , `Key` identifies the name of the tag. For `UserDefinedFields` , `Key` is the name of the field.", - "title": "Key", + "ValueWhenUnsetOption": { + "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", + "title": "ValueWhenUnsetOption", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SubtotalOptions": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The custom label string for the subtotal cells.", + "title": "CustomLabel", "type": "string" }, - "Value": { - "markdownDescription": "The value for the key in the map filter. Filter values are case sensitive. For example, one of the values for a tag called `Department` might be `Security` . If you provide `security` as the filter value, then there's no match.", - "title": "Value", + "FieldLevel": { + "markdownDescription": "The field level (all, custom, last) for the subtotal cells.", + "title": "FieldLevel", "type": "string" + }, + "FieldLevelOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableFieldSubtotalOptions" + }, + "markdownDescription": "The optional configuration of subtotal cells.", + "title": "FieldLevelOptions", + "type": "array" + }, + "MetricHeaderCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "markdownDescription": "The cell styling options for the subtotals of header cells.", + "title": "MetricHeaderCellStyle" + }, + "StyleTargets": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableStyleTarget" + }, + "markdownDescription": "The style targets options for subtotals.", + "title": "StyleTargets", + "type": "array" + }, + "TotalCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "markdownDescription": "The cell styling options for the subtotal cells.", + "title": "TotalCellStyle" + }, + "TotalsVisibility": { + "markdownDescription": "The visibility configuration for the subtotal cells.", + "title": "TotalsVisibility", + "type": "object" + }, + "ValueCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "markdownDescription": "The cell styling options for the subtotals of value cells.", + "title": "ValueCellStyle" } }, - "required": [ - "Comparison", - "Key", - "Value" - ], "type": "object" }, - "AWS::SecurityHub::Insight.NumberFilter": { + "AWS::QuickSight::Template.TableAggregatedFieldWells": { "additionalProperties": false, "properties": { - "Eq": { - "markdownDescription": "The equal-to condition to be applied to a single field when querying for findings.", - "title": "Eq", - "type": "number" + "GroupBy": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The group by field well for a pivot table. Values are grouped by group by fields.", + "title": "GroupBy", + "type": "array" }, - "Gte": { - "markdownDescription": "The greater-than-equal condition to be applied to a single field when querying for findings.", - "title": "Gte", - "type": "number" + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The values field well for a pivot table. Values are aggregated based on group by fields.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableBorderOptions": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The color of a table border.", + "title": "Color", + "type": "string" }, - "Lte": { - "markdownDescription": "The less-than-equal condition to be applied to a single field when querying for findings.", - "title": "Lte", + "Style": { + "markdownDescription": "The style (none, solid) of a table border.", + "title": "Style", + "type": "string" + }, + "Thickness": { + "markdownDescription": "The thickness of a table border.", + "title": "Thickness", "type": "number" } }, "type": "object" }, - "AWS::SecurityHub::Insight.StringFilter": { + "AWS::QuickSight::Template.TableCellConditionalFormatting": { "additionalProperties": false, "properties": { - "Comparison": { - "markdownDescription": "The condition to apply to a string value when filtering Security Hub findings.\n\nTo search for values that have the filter value, use one of the following comparison operators:\n\n- To search for values that include the filter value, use `CONTAINS` . For example, the filter `Title CONTAINS CloudFront` matches findings that have a `Title` that includes the string CloudFront.\n- To search for values that exactly match the filter value, use `EQUALS` . For example, the filter `AwsAccountId EQUALS 123456789012` only matches findings that have an account ID of `123456789012` .\n- To search for values that start with the filter value, use `PREFIX` . For example, the filter `ResourceRegion PREFIX us` matches findings that have a `ResourceRegion` that starts with `us` . A `ResourceRegion` that starts with a different value, such as `af` , `ap` , or `ca` , doesn't match.\n\n`CONTAINS` , `EQUALS` , and `PREFIX` filters on the same field are joined by `OR` . A finding matches if it matches any one of those filters. For example, the filters `Title CONTAINS CloudFront OR Title CONTAINS CloudWatch` match a finding that includes either `CloudFront` , `CloudWatch` , or both strings in the title.\n\nTo search for values that don\u2019t have the filter value, use one of the following comparison operators:\n\n- To search for values that exclude the filter value, use `NOT_CONTAINS` . For example, the filter `Title NOT_CONTAINS CloudFront` matches findings that have a `Title` that excludes the string CloudFront.\n- To search for values other than the filter value, use `NOT_EQUALS` . For example, the filter `AwsAccountId NOT_EQUALS 123456789012` only matches findings that have an account ID other than `123456789012` .\n- To search for values that don't start with the filter value, use `PREFIX_NOT_EQUALS` . For example, the filter `ResourceRegion PREFIX_NOT_EQUALS us` matches findings with a `ResourceRegion` that starts with a value other than `us` .\n\n`NOT_CONTAINS` , `NOT_EQUALS` , and `PREFIX_NOT_EQUALS` filters on the same field are joined by `AND` . A finding matches only if it matches all of those filters. For example, the filters `Title NOT_CONTAINS CloudFront AND Title NOT_CONTAINS CloudWatch` match a finding that excludes both `CloudFront` and `CloudWatch` in the title.\n\nYou can\u2019t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can't provide both an `EQUALS` filter and a `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filter on the same field. Combining filters in this way returns an error. `CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters.\n\nYou can combine `PREFIX` filters with `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters for the same field. Security Hub first processes the `PREFIX` filters, and then the `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters.\n\nFor example, for the following filters, Security Hub first identifies findings that have resource types that start with either `AwsIam` or `AwsEc2` . It then excludes findings that have a resource type of `AwsIamPolicy` and findings that have a resource type of `AwsEc2NetworkInterface` .\n\n- `ResourceType PREFIX AwsIam`\n- `ResourceType PREFIX AwsEc2`\n- `ResourceType NOT_EQUALS AwsIamPolicy`\n- `ResourceType NOT_EQUALS AwsEc2NetworkInterface`\n\n`CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* .", - "title": "Comparison", + "FieldId": { + "markdownDescription": "The field ID of the cell for conditional formatting.", + "title": "FieldId", "type": "string" }, - "Value": { - "markdownDescription": "The string filter value. Filter values are case sensitive. For example, the product name for control-based findings is `Security Hub` . If you provide `security hub` as the filter value, there's no match.", - "title": "Value", - "type": "string" + "TextFormat": { + "$ref": "#/definitions/AWS::QuickSight::Template.TextConditionalFormat", + "markdownDescription": "The text format of the cell for conditional formatting.", + "title": "TextFormat" } }, "required": [ - "Comparison", - "Value" + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TableCellImageSizingConfiguration": { + "additionalProperties": false, + "properties": { + "TableCellImageScalingConfiguration": { + "markdownDescription": "The cell scaling configuration of the sizing options for the table image configuration.", + "title": "TableCellImageScalingConfiguration", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableCellStyle": { + "additionalProperties": false, + "properties": { + "BackgroundColor": { + "markdownDescription": "The background color for the table cells.", + "title": "BackgroundColor", + "type": "string" + }, + "Border": { + "$ref": "#/definitions/AWS::QuickSight::Template.GlobalTableBorderOptions", + "markdownDescription": "The borders for the table cells.", + "title": "Border" + }, + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "markdownDescription": "The font configuration of the table cells.", + "title": "FontConfiguration" + }, + "Height": { + "markdownDescription": "The height color for the table cells.", + "title": "Height", + "type": "number" + }, + "HorizontalTextAlignment": { + "markdownDescription": "The horizontal text alignment (left, center, right, auto) for the table cells.", + "title": "HorizontalTextAlignment", + "type": "string" + }, + "TextWrap": { + "markdownDescription": "The text wrap (none, wrap) for the table cells.", + "title": "TextWrap", + "type": "string" + }, + "VerticalTextAlignment": { + "markdownDescription": "The vertical text alignment (top, middle, bottom) for the table cells.", + "title": "VerticalTextAlignment", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the table cells.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableConditionalFormatting": { + "additionalProperties": false, + "properties": { + "ConditionalFormattingOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableConditionalFormattingOption" + }, + "markdownDescription": "Conditional formatting options for a `PivotTableVisual` .", + "title": "ConditionalFormattingOptions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableConditionalFormattingOption": { + "additionalProperties": false, + "properties": { + "Cell": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellConditionalFormatting", + "markdownDescription": "The cell conditional formatting option for a table.", + "title": "Cell" + }, + "Row": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableRowConditionalFormatting", + "markdownDescription": "The row conditional formatting option for a table.", + "title": "Row" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableConfiguration": { + "additionalProperties": false, + "properties": { + "FieldOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldOptions", + "markdownDescription": "The field options for a table visual.", + "title": "FieldOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "PaginatedReportOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TablePaginatedReportOptions", + "markdownDescription": "The paginated report options for a table visual.", + "title": "PaginatedReportOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableSortConfiguration", + "markdownDescription": "The sort configuration for a `TableVisual` .", + "title": "SortConfiguration" + }, + "TableInlineVisualizations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableInlineVisualization" + }, + "markdownDescription": "A collection of inline visualizations to display within a chart.", + "title": "TableInlineVisualizations", + "type": "array" + }, + "TableOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableOptions", + "markdownDescription": "The table options for a table visual.", + "title": "TableOptions" + }, + "TotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TotalOptions", + "markdownDescription": "The total options for a table visual.", + "title": "TotalOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableFieldCustomIconContent": { + "additionalProperties": false, + "properties": { + "Icon": { + "markdownDescription": "The icon set type (link) of the custom icon content for table URL link content.", + "title": "Icon", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableFieldCustomTextContent": { + "additionalProperties": false, + "properties": { + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "markdownDescription": "The font configuration of the custom text content for the table URL link content.", + "title": "FontConfiguration" + }, + "Value": { + "markdownDescription": "The string value of the custom text content for the table URL link content.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "FontConfiguration" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TableFieldImageConfiguration": { + "additionalProperties": false, + "properties": { + "SizingOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellImageSizingConfiguration", + "markdownDescription": "The sizing options for the table image configuration.", + "title": "SizingOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableFieldLinkConfiguration": { + "additionalProperties": false, + "properties": { + "Content": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldLinkContentConfiguration", + "markdownDescription": "The URL content (text, icon) for the table link configuration.", + "title": "Content" + }, + "Target": { + "markdownDescription": "The URL target (new tab, new window, same tab) for the table link configuration.", + "title": "Target", + "type": "string" + } + }, + "required": [ + "Content", + "Target" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TableFieldLinkContentConfiguration": { + "additionalProperties": false, + "properties": { + "CustomIconContent": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldCustomIconContent", + "markdownDescription": "The custom icon content for the table link content configuration.", + "title": "CustomIconContent" + }, + "CustomTextContent": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldCustomTextContent", + "markdownDescription": "The custom text content (value, font configuration) for the table link content configuration.", + "title": "CustomTextContent" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableFieldOption": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The custom label for a table field.", + "title": "CustomLabel", + "type": "string" + }, + "FieldId": { + "markdownDescription": "The field ID for a table field.", + "title": "FieldId", + "type": "string" + }, + "URLStyling": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldURLConfiguration", + "markdownDescription": "The URL configuration for a table field.", + "title": "URLStyling" + }, + "Visibility": { + "markdownDescription": "The visibility of a table field.", + "title": "Visibility", + "type": "object" + }, + "Width": { + "markdownDescription": "The width for a table field.", + "title": "Width", + "type": "string" + } + }, + "required": [ + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TableFieldOptions": { + "additionalProperties": false, + "properties": { + "Order": { + "items": { + "type": "string" + }, + "markdownDescription": "The order of the field IDs that are configured as field options for a table visual.", + "title": "Order", + "type": "array" + }, + "PinnedFieldOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TablePinnedFieldOptions", + "markdownDescription": "The settings for the pinned columns of a table visual.", + "title": "PinnedFieldOptions" + }, + "SelectedFieldOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldOption" + }, + "markdownDescription": "The field options to be configured to a table.", + "title": "SelectedFieldOptions", + "type": "array" + }, + "TransposedTableOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.TransposedTableOption" + }, + "markdownDescription": "The `TableOptions` of a transposed table.", + "title": "TransposedTableOptions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableFieldURLConfiguration": { + "additionalProperties": false, + "properties": { + "ImageConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldImageConfiguration", + "markdownDescription": "The image configuration of a table field URL.", + "title": "ImageConfiguration" + }, + "LinkConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldLinkConfiguration", + "markdownDescription": "The link configuration of a table field URL.", + "title": "LinkConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableFieldWells": { + "additionalProperties": false, + "properties": { + "TableAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableAggregatedFieldWells", + "markdownDescription": "The aggregated field well for the table.", + "title": "TableAggregatedFieldWells" + }, + "TableUnaggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableUnaggregatedFieldWells", + "markdownDescription": "The unaggregated field well for the table.", + "title": "TableUnaggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableInlineVisualization": { + "additionalProperties": false, + "properties": { + "DataBars": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataBarsOptions", + "markdownDescription": "The configuration of the inline visualization of the data bars within a chart.", + "title": "DataBars" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableOptions": { + "additionalProperties": false, + "properties": { + "CellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "markdownDescription": "The table cell style of table cells.", + "title": "CellStyle" + }, + "HeaderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "markdownDescription": "The table cell style of a table header.", + "title": "HeaderStyle" + }, + "Orientation": { + "markdownDescription": "The orientation (vertical, horizontal) for a table.", + "title": "Orientation", + "type": "string" + }, + "RowAlternateColorOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.RowAlternateColorOptions", + "markdownDescription": "The row alternate color options (widget status, row alternate colors) for a table.", + "title": "RowAlternateColorOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TablePaginatedReportOptions": { + "additionalProperties": false, + "properties": { + "OverflowColumnHeaderVisibility": { + "markdownDescription": "The visibility of repeating header rows on each page.", + "title": "OverflowColumnHeaderVisibility", + "type": "object" + }, + "VerticalOverflowVisibility": { + "markdownDescription": "The visibility of printing table overflow across pages.", + "title": "VerticalOverflowVisibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TablePinnedFieldOptions": { + "additionalProperties": false, + "properties": { + "PinnedLeftFields": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of columns to be pinned to the left of a table visual.", + "title": "PinnedLeftFields", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableRowConditionalFormatting": { + "additionalProperties": false, + "properties": { + "BackgroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting color (solid, gradient) of the background for a table row.", + "title": "BackgroundColor" + }, + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting color (solid, gradient) of the text for a table row.", + "title": "TextColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableSideBorderOptions": { + "additionalProperties": false, + "properties": { + "Bottom": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", + "markdownDescription": "The table border options of the bottom border.", + "title": "Bottom" + }, + "InnerHorizontal": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", + "markdownDescription": "The table border options of the inner horizontal border.", + "title": "InnerHorizontal" + }, + "InnerVertical": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", + "markdownDescription": "The table border options of the inner vertical border.", + "title": "InnerVertical" + }, + "Left": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", + "markdownDescription": "The table border options of the left border.", + "title": "Left" + }, + "Right": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", + "markdownDescription": "The table border options of the right border.", + "title": "Right" + }, + "Top": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", + "markdownDescription": "The table border options of the top border.", + "title": "Top" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableSortConfiguration": { + "additionalProperties": false, + "properties": { + "PaginationConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.PaginationConfiguration", + "markdownDescription": "The pagination configuration (page size, page number) for the table.", + "title": "PaginationConfiguration" + }, + "RowSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The field sort options for rows in the table.", + "title": "RowSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableStyleTarget": { + "additionalProperties": false, + "properties": { + "CellType": { + "markdownDescription": "The cell type of the table style target.", + "title": "CellType", + "type": "string" + } + }, + "required": [ + "CellType" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TableUnaggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.UnaggregatedField" + }, + "markdownDescription": "The values field well for a pivot table. Values are unaggregated for an unaggregated table.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ConditionalFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableConditionalFormatting", + "markdownDescription": "The conditional formatting for a `PivotTableVisual` .", + "title": "ConditionalFormatting" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TemplateError": { + "additionalProperties": false, + "properties": { + "Message": { + "markdownDescription": "Description of the error type.", + "title": "Message", + "type": "string" + }, + "Type": { + "markdownDescription": "Type of error.", + "title": "Type", + "type": "string" + }, + "ViolatedEntities": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.Entity" + }, + "markdownDescription": "An error path that shows which entities caused the template error.", + "title": "ViolatedEntities", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TemplateSourceAnalysis": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", + "title": "Arn", + "type": "string" + }, + "DataSetReferences": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataSetReference" + }, + "markdownDescription": "A structure containing information about the dataset references used as placeholders in the template.", + "title": "DataSetReferences", + "type": "array" + } + }, + "required": [ + "Arn", + "DataSetReferences" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TemplateSourceEntity": { + "additionalProperties": false, + "properties": { + "SourceAnalysis": { + "$ref": "#/definitions/AWS::QuickSight::Template.TemplateSourceAnalysis", + "markdownDescription": "The source analysis, if it is based on an analysis.", + "title": "SourceAnalysis" + }, + "SourceTemplate": { + "$ref": "#/definitions/AWS::QuickSight::Template.TemplateSourceTemplate", + "markdownDescription": "The source template, if it is based on an template.", + "title": "SourceTemplate" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TemplateSourceTemplate": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", + "title": "Arn", + "type": "string" + } + }, + "required": [ + "Arn" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TemplateVersion": { + "additionalProperties": false, + "properties": { + "CreatedTime": { + "markdownDescription": "The time that this template version was created.", + "title": "CreatedTime", + "type": "string" + }, + "DataSetConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataSetConfiguration" + }, + "markdownDescription": "Schema of the dataset identified by the placeholder. Any dashboard created from this template should be bound to new datasets matching the same schema described through this API operation.", + "title": "DataSetConfigurations", + "type": "array" + }, + "Description": { + "markdownDescription": "The description of the template.", + "title": "Description", + "type": "string" + }, + "Errors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.TemplateError" + }, + "markdownDescription": "Errors associated with this template version.", + "title": "Errors", + "type": "array" + }, + "Sheets": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.Sheet" + }, + "markdownDescription": "A list of the associated sheets with the unique identifier and name of each sheet.", + "title": "Sheets", + "type": "array" + }, + "SourceEntityArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an analysis or template that was used to create this template.", + "title": "SourceEntityArn", + "type": "string" + }, + "Status": { + "markdownDescription": "The status that is associated with the template.\n\n- `CREATION_IN_PROGRESS`\n- `CREATION_SUCCESSFUL`\n- `CREATION_FAILED`\n- `UPDATE_IN_PROGRESS`\n- `UPDATE_SUCCESSFUL`\n- `UPDATE_FAILED`\n- `DELETED`", + "title": "Status", + "type": "string" + }, + "ThemeArn": { + "markdownDescription": "The ARN of the theme associated with this version of the template.", + "title": "ThemeArn", + "type": "string" + }, + "VersionNumber": { + "markdownDescription": "The version number of the template version.", + "title": "VersionNumber", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TemplateVersionDefinition": { + "additionalProperties": false, + "properties": { + "AnalysisDefaults": { + "$ref": "#/definitions/AWS::QuickSight::Template.AnalysisDefaults", + "markdownDescription": "", + "title": "AnalysisDefaults" + }, + "CalculatedFields": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.CalculatedField" + }, + "markdownDescription": "An array of calculated field definitions for the template.", + "title": "CalculatedFields", + "type": "array" + }, + "ColumnConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnConfiguration" + }, + "markdownDescription": "An array of template-level column configurations. Column configurations are used to set default formatting for a column that's used throughout a template.", + "title": "ColumnConfigurations", + "type": "array" + }, + "DataSetConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataSetConfiguration" + }, + "markdownDescription": "An array of dataset configurations. These configurations define the required columns for each dataset used within a template.", + "title": "DataSetConfigurations", + "type": "array" + }, + "FilterGroups": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterGroup" + }, + "markdownDescription": "Filter definitions for a template.\n\nFor more information, see [Filtering Data](https://docs.aws.amazon.com/quicksight/latest/user/filtering-visual-data.html) in the *Amazon QuickSight User Guide* .", + "title": "FilterGroups", + "type": "array" + }, + "Options": { + "$ref": "#/definitions/AWS::QuickSight::Template.AssetOptions", + "markdownDescription": "An array of option definitions for a template.", + "title": "Options" + }, + "ParameterDeclarations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ParameterDeclaration" + }, + "markdownDescription": "An array of parameter declarations for a template.\n\n*Parameters* are named variables that can transfer a value for use by an action or an object.\n\nFor more information, see [Parameters in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-in-quicksight.html) in the *Amazon QuickSight User Guide* .", + "title": "ParameterDeclarations", + "type": "array" + }, + "QueryExecutionOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.QueryExecutionOptions", + "markdownDescription": "", + "title": "QueryExecutionOptions" + }, + "Sheets": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetDefinition" + }, + "markdownDescription": "An array of sheet definitions for a template.", + "title": "Sheets", + "type": "array" + } + }, + "required": [ + "DataSetConfigurations" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TextAreaControlDisplayOptions": { + "additionalProperties": false, + "properties": { + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "PlaceholderOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TextControlPlaceholderOptions", + "markdownDescription": "The configuration of the placeholder options in a text area control.", + "title": "PlaceholderOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TextConditionalFormat": { + "additionalProperties": false, + "properties": { + "BackgroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting for the text background color.", + "title": "BackgroundColor" + }, + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting for the icon.", + "title": "Icon" + }, + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting for the text color.", + "title": "TextColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TextControlPlaceholderOptions": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility configuration of the placeholder options in a text control.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TextFieldControlDisplayOptions": { + "additionalProperties": false, + "properties": { + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "PlaceholderOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TextControlPlaceholderOptions", + "markdownDescription": "The configuration of the placeholder options in a text field control.", + "title": "PlaceholderOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ThousandSeparatorOptions": { + "additionalProperties": false, + "properties": { + "GroupingStyle": { + "markdownDescription": "Determines the way numbers are styled to accommodate different readability standards. The `DEFAULT` value uses the standard international grouping system and groups numbers by the thousands. The `LAKHS` value uses the Indian numbering system and groups numbers by lakhs and crores.", + "title": "GroupingStyle", + "type": "string" + }, + "Symbol": { + "markdownDescription": "Determines the thousands separator symbol.", + "title": "Symbol", + "type": "string" + }, + "Visibility": { + "markdownDescription": "Determines the visibility of the thousands separator.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TimeBasedForecastProperties": { + "additionalProperties": false, + "properties": { + "LowerBoundary": { + "markdownDescription": "The lower boundary setup of a forecast computation.", + "title": "LowerBoundary", + "type": "number" + }, + "PeriodsBackward": { + "markdownDescription": "The periods backward setup of a forecast computation.", + "title": "PeriodsBackward", + "type": "number" + }, + "PeriodsForward": { + "markdownDescription": "The periods forward setup of a forecast computation.", + "title": "PeriodsForward", + "type": "number" + }, + "PredictionInterval": { + "markdownDescription": "The prediction interval setup of a forecast computation.", + "title": "PredictionInterval", + "type": "number" + }, + "Seasonality": { + "markdownDescription": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `NULL` : The input is set to `NULL` .\n- `NON_NULL` : The input is set to a custom value.", + "title": "Seasonality", + "type": "number" + }, + "UpperBoundary": { + "markdownDescription": "The upper boundary setup of a forecast computation.", + "title": "UpperBoundary", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TimeEqualityFilter": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + }, + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `Value` and `RollingDate` .", + "title": "ParameterName", + "type": "string" + }, + "RollingDate": { + "$ref": "#/definitions/AWS::QuickSight::Template.RollingDateConfiguration", + "markdownDescription": "The rolling date input for the `TimeEquality` filter.\n\nThis field is mutually exclusive to `Value` and `ParameterName` .", + "title": "RollingDate" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of a `TimeEquality` filter.\n\nThis field is mutually exclusive to `RollingDate` and `ParameterName` .", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Column", + "FilterId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TimeRangeDrillDownFilter": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "RangeMaximum": { + "markdownDescription": "The maximum value for the filter value range.", + "title": "RangeMaximum", + "type": "string" + }, + "RangeMinimum": { + "markdownDescription": "The minimum value for the filter value range.", + "title": "RangeMinimum", + "type": "string" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" + } + }, + "required": [ + "Column", + "RangeMaximum", + "RangeMinimum", + "TimeGranularity" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TimeRangeFilter": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "ExcludePeriodConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ExcludePeriodConfiguration", + "markdownDescription": "The exclude period of the time range filter.", + "title": "ExcludePeriodConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + }, + "IncludeMaximum": { + "markdownDescription": "Determines whether the maximum value in the filter value range should be included in the filtered results.", + "title": "IncludeMaximum", + "type": "boolean" + }, + "IncludeMinimum": { + "markdownDescription": "Determines whether the minimum value in the filter value range should be included in the filtered results.", + "title": "IncludeMinimum", + "type": "boolean" + }, + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" + }, + "RangeMaximumValue": { + "$ref": "#/definitions/AWS::QuickSight::Template.TimeRangeFilterValue", + "markdownDescription": "The maximum value for the filter value range.", + "title": "RangeMaximumValue" + }, + "RangeMinimumValue": { + "$ref": "#/definitions/AWS::QuickSight::Template.TimeRangeFilterValue", + "markdownDescription": "The minimum value for the filter value range.", + "title": "RangeMinimumValue" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" + } + }, + "required": [ + "Column", + "FilterId", + "NullOption" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TimeRangeFilterValue": { + "additionalProperties": false, + "properties": { + "Parameter": { + "markdownDescription": "The parameter type input value.", + "title": "Parameter", + "type": "string" + }, + "RollingDate": { + "$ref": "#/definitions/AWS::QuickSight::Template.RollingDateConfiguration", + "markdownDescription": "The rolling date input value.", + "title": "RollingDate" + }, + "StaticValue": { + "markdownDescription": "The static input value.", + "title": "StaticValue", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TooltipItem": { + "additionalProperties": false, + "properties": { + "ColumnTooltipItem": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnTooltipItem", + "markdownDescription": "The tooltip item for the columns that are not part of a field well.", + "title": "ColumnTooltipItem" + }, + "FieldTooltipItem": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldTooltipItem", + "markdownDescription": "The tooltip item for the fields.", + "title": "FieldTooltipItem" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TooltipOptions": { + "additionalProperties": false, + "properties": { + "FieldBasedTooltip": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldBasedTooltip", + "markdownDescription": "The setup for the detailed tooltip. The tooltip setup is always saved. The display type is decided based on the tooltip type.", + "title": "FieldBasedTooltip" + }, + "SelectedTooltipType": { + "markdownDescription": "The selected type for the tooltip. Choose one of the following options:\n\n- `BASIC` : A basic tooltip.\n- `DETAILED` : A detailed tooltip.", + "title": "SelectedTooltipType", + "type": "string" + }, + "TooltipVisibility": { + "markdownDescription": "Determines whether or not the tooltip is visible.", + "title": "TooltipVisibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TopBottomFilter": { + "additionalProperties": false, + "properties": { + "AggregationSortConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.AggregationSortConfiguration" + }, + "markdownDescription": "The aggregation and sort configuration of the top bottom filter.", + "title": "AggregationSortConfigurations", + "type": "array" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + }, + "Limit": { + "markdownDescription": "The number of items to include in the top bottom filter results.", + "title": "Limit", + "type": "number" + }, + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.", + "title": "ParameterName", + "type": "string" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" + } + }, + "required": [ + "AggregationSortConfigurations", + "Column", + "FilterId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TopBottomMoversComputation": { + "additionalProperties": false, + "properties": { + "Category": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", + "markdownDescription": "The category field that is used in a computation.", + "title": "Category" + }, + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "MoverSize": { + "markdownDescription": "The mover size setup of the top and bottom movers computation.", + "title": "MoverSize", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "SortOrder": { + "markdownDescription": "The sort order setup of the top and bottom movers computation.", + "title": "SortOrder", + "type": "string" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + }, + "Type": { + "markdownDescription": "The computation type. Choose from the following options:\n\n- TOP: Top movers computation.\n- BOTTOM: Bottom movers computation.", + "title": "Type", + "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" + } + }, + "required": [ + "ComputationId", + "Type" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TopBottomRankedComputation": { + "additionalProperties": false, + "properties": { + "Category": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", + "markdownDescription": "The category field that is used in a computation.", + "title": "Category" + }, + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "ResultSize": { + "markdownDescription": "The result size of a top and bottom ranked computation.", + "title": "ResultSize", + "type": "number" + }, + "Type": { + "markdownDescription": "The computation type. Choose one of the following options:\n\n- TOP: A top ranked computation.\n- BOTTOM: A bottom ranked computation.", + "title": "Type", + "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" + } + }, + "required": [ + "ComputationId", + "Type" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TotalAggregationComputation": { + "additionalProperties": false, + "properties": { + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" + } + }, + "required": [ + "ComputationId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TotalAggregationFunction": { + "additionalProperties": false, + "properties": { + "SimpleTotalAggregationFunction": { + "markdownDescription": "A built in aggregation function for total values.", + "title": "SimpleTotalAggregationFunction", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TotalAggregationOption": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The field id that's associated with the total aggregation option.", + "title": "FieldId", + "type": "string" + }, + "TotalAggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Template.TotalAggregationFunction", + "markdownDescription": "The total aggregation function that you want to set for a specified field id.", + "title": "TotalAggregationFunction" + } + }, + "required": [ + "FieldId", + "TotalAggregationFunction" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TotalOptions": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The custom label string for the total cells.", + "title": "CustomLabel", + "type": "string" + }, + "Placement": { + "markdownDescription": "The placement (start, end) for the total cells.", + "title": "Placement", + "type": "string" + }, + "ScrollStatus": { + "markdownDescription": "The scroll status (pinned, scrolled) for the total cells.", + "title": "ScrollStatus", + "type": "string" + }, + "TotalAggregationOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.TotalAggregationOption" + }, + "markdownDescription": "The total aggregation settings for each value field.", + "title": "TotalAggregationOptions", + "type": "array" + }, + "TotalCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "markdownDescription": "Cell styling options for the total cells.", + "title": "TotalCellStyle" + }, + "TotalsVisibility": { + "markdownDescription": "The visibility configuration for the total cells.", + "title": "TotalsVisibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TransposedTableOption": { + "additionalProperties": false, + "properties": { + "ColumnIndex": { + "markdownDescription": "The index of a columns in a transposed table. The index range is 0-9999.", + "title": "ColumnIndex", + "type": "number" + }, + "ColumnType": { + "markdownDescription": "The column type of the column in a transposed table. Choose one of the following options:\n\n- `ROW_HEADER_COLUMN` : Refers to the leftmost column of the row header in the transposed table.\n- `VALUE_COLUMN` : Refers to all value columns in the transposed table.", + "title": "ColumnType", + "type": "string" + }, + "ColumnWidth": { + "markdownDescription": "The width of a column in a transposed table.", + "title": "ColumnWidth", + "type": "string" + } + }, + "required": [ + "ColumnType" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TreeMapAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The color field well of a tree map. Values are grouped by aggregations based on group by fields.", + "title": "Colors", + "type": "array" + }, + "Groups": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The group by field well of a tree map. Values are grouped based on group by fields.", + "title": "Groups", + "type": "array" + }, + "Sizes": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The size field well of a tree map. Values are aggregated based on group by fields.", + "title": "Sizes", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TreeMapConfiguration": { + "additionalProperties": false, + "properties": { + "ColorLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility) for the colors displayed in a tree map.", + "title": "ColorLabelOptions" + }, + "ColorScale": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColorScale", + "markdownDescription": "The color options (gradient color, point of divergence) of a tree map.", + "title": "ColorScale" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.", + "title": "DataLabels" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.TreeMapFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "GroupLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility) of the groups that are displayed in a tree map.", + "title": "GroupLabelOptions" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "SizeLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility) of the sizes that are displayed in a tree map.", + "title": "SizeLabelOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.TreeMapSortConfiguration", + "markdownDescription": "The sort configuration of a tree map.", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TreeMapFieldWells": { + "additionalProperties": false, + "properties": { + "TreeMapAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.TreeMapAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a tree map.", + "title": "TreeMapAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TreeMapSortConfiguration": { + "additionalProperties": false, + "properties": { + "TreeMapGroupItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of groups that are displayed.", + "title": "TreeMapGroupItemsLimitConfiguration" + }, + "TreeMapSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of group by fields.", + "title": "TreeMapSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TreeMapVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.TreeMapConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TrendArrowOptions": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility of the trend arrows.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.UnaggregatedField": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that is used in the `UnaggregatedField` .", + "title": "Column" + }, + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" + } + }, + "required": [ + "Column", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.UniqueValuesComputation": { + "additionalProperties": false, + "properties": { + "Category": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", + "markdownDescription": "The category field that is used in a computation.", + "title": "Category" + }, + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "ComputationId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ValidationStrategy": { + "additionalProperties": false, + "properties": { + "Mode": { + "markdownDescription": "The mode of validation for the asset to be created or updated. When you set this value to `STRICT` , strict validation for every error is enforced. When you set this value to `LENIENT` , validation is skipped for specific UI errors.", + "title": "Mode", + "type": "string" + } + }, + "required": [ + "Mode" + ], + "type": "object" + }, + "AWS::QuickSight::Template.VisibleRangeOptions": { + "additionalProperties": false, + "properties": { + "PercentRange": { + "$ref": "#/definitions/AWS::QuickSight::Template.PercentVisibleRange", + "markdownDescription": "The percent range in the visible range.", + "title": "PercentRange" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.Visual": { + "additionalProperties": false, + "properties": { + "BarChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.BarChartVisual", + "markdownDescription": "A bar chart.\n\nFor more information, see [Using bar charts](https://docs.aws.amazon.com/quicksight/latest/user/bar-charts.html) in the *Amazon QuickSight User Guide* .", + "title": "BarChartVisual" + }, + "BoxPlotVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotVisual", + "markdownDescription": "A box plot.\n\nFor more information, see [Using box plots](https://docs.aws.amazon.com/quicksight/latest/user/box-plots.html) in the *Amazon QuickSight User Guide* .", + "title": "BoxPlotVisual" + }, + "ComboChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.ComboChartVisual", + "markdownDescription": "A combo chart.\n\nFor more information, see [Using combo charts](https://docs.aws.amazon.com/quicksight/latest/user/combo-charts.html) in the *Amazon QuickSight User Guide* .", + "title": "ComboChartVisual" + }, + "CustomContentVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomContentVisual", + "markdownDescription": "A visual that contains custom content.\n\nFor more information, see [Using custom visual content](https://docs.aws.amazon.com/quicksight/latest/user/custom-visual-content.html) in the *Amazon QuickSight User Guide* .", + "title": "CustomContentVisual" + }, + "EmptyVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.EmptyVisual", + "markdownDescription": "An empty visual.", + "title": "EmptyVisual" + }, + "FilledMapVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapVisual", + "markdownDescription": "A filled map.\n\nFor more information, see [Creating filled maps](https://docs.aws.amazon.com/quicksight/latest/user/filled-maps.html) in the *Amazon QuickSight User Guide* .", + "title": "FilledMapVisual" + }, + "FunnelChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.FunnelChartVisual", + "markdownDescription": "A funnel chart.\n\nFor more information, see [Using funnel charts](https://docs.aws.amazon.com/quicksight/latest/user/funnel-visual-content.html) in the *Amazon QuickSight User Guide* .", + "title": "FunnelChartVisual" + }, + "GaugeChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartVisual", + "markdownDescription": "A gauge chart.\n\nFor more information, see [Using gauge charts](https://docs.aws.amazon.com/quicksight/latest/user/gauge-chart.html) in the *Amazon QuickSight User Guide* .", + "title": "GaugeChartVisual" + }, + "GeospatialMapVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialMapVisual", + "markdownDescription": "A geospatial map or a points on map visual.\n\nFor more information, see [Creating point maps](https://docs.aws.amazon.com/quicksight/latest/user/point-maps.html) in the *Amazon QuickSight User Guide* .", + "title": "GeospatialMapVisual" + }, + "HeatMapVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.HeatMapVisual", + "markdownDescription": "A heat map.\n\nFor more information, see [Using heat maps](https://docs.aws.amazon.com/quicksight/latest/user/heat-map.html) in the *Amazon QuickSight User Guide* .", + "title": "HeatMapVisual" + }, + "HistogramVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.HistogramVisual", + "markdownDescription": "A histogram.\n\nFor more information, see [Using histograms](https://docs.aws.amazon.com/quicksight/latest/user/histogram-charts.html) in the *Amazon QuickSight User Guide* .", + "title": "HistogramVisual" + }, + "InsightVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.InsightVisual", + "markdownDescription": "An insight visual.\n\nFor more information, see [Working with insights](https://docs.aws.amazon.com/quicksight/latest/user/computational-insights.html) in the *Amazon QuickSight User Guide* .", + "title": "InsightVisual" + }, + "KPIVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPIVisual", + "markdownDescription": "A key performance indicator (KPI).\n\nFor more information, see [Using KPIs](https://docs.aws.amazon.com/quicksight/latest/user/kpi.html) in the *Amazon QuickSight User Guide* .", + "title": "KPIVisual" + }, + "LineChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineChartVisual", + "markdownDescription": "A line chart.\n\nFor more information, see [Using line charts](https://docs.aws.amazon.com/quicksight/latest/user/line-charts.html) in the *Amazon QuickSight User Guide* .", + "title": "LineChartVisual" + }, + "PieChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.PieChartVisual", + "markdownDescription": "A pie or donut chart.\n\nFor more information, see [Using pie charts](https://docs.aws.amazon.com/quicksight/latest/user/pie-chart.html) in the *Amazon QuickSight User Guide* .", + "title": "PieChartVisual" + }, + "PivotTableVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableVisual", + "markdownDescription": "A pivot table.\n\nFor more information, see [Using pivot tables](https://docs.aws.amazon.com/quicksight/latest/user/pivot-table.html) in the *Amazon QuickSight User Guide* .", + "title": "PivotTableVisual" + }, + "PluginVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.PluginVisual", + "markdownDescription": "The custom plugin visual type.", + "title": "PluginVisual" + }, + "RadarChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartVisual", + "markdownDescription": "A radar chart visual.\n\nFor more information, see [Using radar charts](https://docs.aws.amazon.com/quicksight/latest/user/radar-chart.html) in the *Amazon QuickSight User Guide* .", + "title": "RadarChartVisual" + }, + "SankeyDiagramVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.SankeyDiagramVisual", + "markdownDescription": "A sankey diagram.\n\nFor more information, see [Using Sankey diagrams](https://docs.aws.amazon.com/quicksight/latest/user/sankey-diagram.html) in the *Amazon QuickSight User Guide* .", + "title": "SankeyDiagramVisual" + }, + "ScatterPlotVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.ScatterPlotVisual", + "markdownDescription": "A scatter plot.\n\nFor more information, see [Using scatter plots](https://docs.aws.amazon.com/quicksight/latest/user/scatter-plot.html) in the *Amazon QuickSight User Guide* .", + "title": "ScatterPlotVisual" + }, + "TableVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableVisual", + "markdownDescription": "A table visual.\n\nFor more information, see [Using tables as visuals](https://docs.aws.amazon.com/quicksight/latest/user/tabular.html) in the *Amazon QuickSight User Guide* .", + "title": "TableVisual" + }, + "TreeMapVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.TreeMapVisual", + "markdownDescription": "A tree map.\n\nFor more information, see [Using tree maps](https://docs.aws.amazon.com/quicksight/latest/user/tree-map.html) in the *Amazon QuickSight User Guide* .", + "title": "TreeMapVisual" + }, + "WaterfallVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallVisual", + "markdownDescription": "A waterfall chart.\n\nFor more information, see [Using waterfall charts](https://docs.aws.amazon.com/quicksight/latest/user/waterfall-chart.html) in the *Amazon QuickSight User Guide* .", + "title": "WaterfallVisual" + }, + "WordCloudVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.WordCloudVisual", + "markdownDescription": "A word cloud.\n\nFor more information, see [Using word clouds](https://docs.aws.amazon.com/quicksight/latest/user/word-cloud.html) in the *Amazon QuickSight User Guide* .", + "title": "WordCloudVisual" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.VisualCustomAction": { + "additionalProperties": false, + "properties": { + "ActionOperations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomActionOperation" + }, + "markdownDescription": "A list of `VisualCustomActionOperations` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", + "title": "ActionOperations", + "type": "array" + }, + "CustomActionId": { + "markdownDescription": "The ID of the `VisualCustomAction` .", + "title": "CustomActionId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the `VisualCustomAction` .", + "title": "Name", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the `VisualCustomAction` .", + "title": "Status", + "type": "string" + }, + "Trigger": { + "markdownDescription": "The trigger of the `VisualCustomAction` .\n\nValid values are defined as follows:\n\n- `DATA_POINT_CLICK` : Initiates a custom action by a left pointer click on a data point.\n- `DATA_POINT_MENU` : Initiates a custom action by right pointer click from the menu.", + "title": "Trigger", + "type": "string" + } + }, + "required": [ + "ActionOperations", + "CustomActionId", + "Name", + "Trigger" + ], + "type": "object" + }, + "AWS::QuickSight::Template.VisualCustomActionOperation": { + "additionalProperties": false, + "properties": { + "FilterOperation": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomActionFilterOperation", + "markdownDescription": "The filter operation that filters data included in a visual or in an entire sheet.", + "title": "FilterOperation" + }, + "NavigationOperation": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomActionNavigationOperation", + "markdownDescription": "The navigation operation that navigates between different sheets in the same analysis.", + "title": "NavigationOperation" + }, + "SetParametersOperation": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomActionSetParametersOperation", + "markdownDescription": "The set parameter operation that sets parameters in custom action.", + "title": "SetParametersOperation" + }, + "URLOperation": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomActionURLOperation", + "markdownDescription": "The URL operation that opens a link to another webpage.", + "title": "URLOperation" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.VisualInteractionOptions": { + "additionalProperties": false, + "properties": { + "ContextMenuOption": { + "$ref": "#/definitions/AWS::QuickSight::Template.ContextMenuOption", + "markdownDescription": "The context menu options for a visual.", + "title": "ContextMenuOption" + }, + "VisualMenuOption": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualMenuOption", + "markdownDescription": "The on-visual menu options for a visual.", + "title": "VisualMenuOption" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.VisualMenuOption": { + "additionalProperties": false, + "properties": { + "AvailabilityStatus": { + "markdownDescription": "The availaiblity status of a visual's menu options.", + "title": "AvailabilityStatus", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.VisualPalette": { + "additionalProperties": false, + "properties": { + "ChartColor": { + "markdownDescription": "The chart color options for the visual palette.", + "title": "ChartColor", + "type": "string" + }, + "ColorMap": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataPathColor" + }, + "markdownDescription": "The color map options for the visual palette.", + "title": "ColorMap", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.VisualSubtitleLabelOptions": { + "additionalProperties": false, + "properties": { + "FormatText": { + "$ref": "#/definitions/AWS::QuickSight::Template.LongFormatText", + "markdownDescription": "The long text format of the subtitle label, such as plain text or rich text.", + "title": "FormatText" + }, + "Visibility": { + "markdownDescription": "The visibility of the subtitle label.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.VisualTitleLabelOptions": { + "additionalProperties": false, + "properties": { + "FormatText": { + "$ref": "#/definitions/AWS::QuickSight::Template.ShortFormatText", + "markdownDescription": "The short text format of the title label, such as plain text or rich text.", + "title": "FormatText" + }, + "Visibility": { + "markdownDescription": "The visibility of the title label.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.WaterfallChartAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Breakdowns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The breakdown field wells of a waterfall visual.", + "title": "Breakdowns", + "type": "array" + }, + "Categories": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The category field wells of a waterfall visual.", + "title": "Categories", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The value field wells of a waterfall visual.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.WaterfallChartColorConfiguration": { + "additionalProperties": false, + "properties": { + "GroupColorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallChartGroupColorConfiguration", + "markdownDescription": "The color configuration for individual groups within a waterfall visual.", + "title": "GroupColorConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.WaterfallChartConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the category axis.", + "title": "CategoryAxisDisplayOptions" + }, + "CategoryAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the category axis label.", + "title": "CategoryAxisLabelOptions" + }, + "ColorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallChartColorConfiguration", + "markdownDescription": "The color configuration of a waterfall visual.", + "title": "ColorConfiguration" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "markdownDescription": "The data label configuration of a waterfall visual.", + "title": "DataLabels" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallChartFieldWells", + "markdownDescription": "The field well configuration of a waterfall visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "markdownDescription": "The legend configuration of a waterfall visual.", + "title": "Legend" + }, + "PrimaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the y-axis.", + "title": "PrimaryYAxisDisplayOptions" + }, + "PrimaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the y-axis label.", + "title": "PrimaryYAxisLabelOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallChartSortConfiguration", + "markdownDescription": "The sort configuration of a waterfall visual.", + "title": "SortConfiguration" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "markdownDescription": "The visual palette configuration of a waterfall visual.", + "title": "VisualPalette" + }, + "WaterfallChartOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallChartOptions", + "markdownDescription": "The options that determine the presentation of a waterfall visual.", + "title": "WaterfallChartOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.WaterfallChartFieldWells": { + "additionalProperties": false, + "properties": { + "WaterfallChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallChartAggregatedFieldWells", + "markdownDescription": "The field well configuration of a waterfall visual.", + "title": "WaterfallChartAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.WaterfallChartGroupColorConfiguration": { + "additionalProperties": false, + "properties": { + "NegativeBarColor": { + "markdownDescription": "Defines the color for the negative bars of a waterfall chart.", + "title": "NegativeBarColor", + "type": "string" + }, + "PositiveBarColor": { + "markdownDescription": "Defines the color for the positive bars of a waterfall chart.", + "title": "PositiveBarColor", + "type": "string" + }, + "TotalBarColor": { + "markdownDescription": "Defines the color for the total bars of a waterfall chart.", + "title": "TotalBarColor", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.WaterfallChartOptions": { + "additionalProperties": false, + "properties": { + "TotalBarLabel": { + "markdownDescription": "This option determines the total bar label of a waterfall visual.", + "title": "TotalBarLabel", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.WaterfallChartSortConfiguration": { + "additionalProperties": false, + "properties": { + "BreakdownItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of bar groups that are displayed.", + "title": "BreakdownItemsLimit" + }, + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the category fields.", + "title": "CategorySort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.WaterfallVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallChartConfiguration", + "markdownDescription": "The configuration for a waterfall visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.WhatIfPointScenario": { + "additionalProperties": false, + "properties": { + "Date": { + "markdownDescription": "The date that you need the forecast results for.", + "title": "Date", + "type": "string" + }, + "Value": { + "markdownDescription": "The target value that you want to meet for the provided date.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "Date", + "Value" + ], + "type": "object" + }, + "AWS::QuickSight::Template.WhatIfRangeScenario": { + "additionalProperties": false, + "properties": { + "EndDate": { + "markdownDescription": "The end date in the date range that you need the forecast results for.", + "title": "EndDate", + "type": "string" + }, + "StartDate": { + "markdownDescription": "The start date in the date range that you need the forecast results for.", + "title": "StartDate", + "type": "string" + }, + "Value": { + "markdownDescription": "The target value that you want to meet for the provided date range.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "EndDate", + "StartDate", + "Value" + ], + "type": "object" + }, + "AWS::QuickSight::Template.WordCloudAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "GroupBy": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The group by field well of a word cloud. Values are grouped by group by fields.", + "title": "GroupBy", + "type": "array" + }, + "Size": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The size field well of a word cloud. Values are aggregated based on group by fields.", + "title": "Size", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.WordCloudChartConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) for the word cloud category.", + "title": "CategoryLabelOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.WordCloudFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.WordCloudSortConfiguration", + "markdownDescription": "The sort configuration of a word cloud visual.", + "title": "SortConfiguration" + }, + "WordCloudOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.WordCloudOptions", + "markdownDescription": "The options for a word cloud visual.", + "title": "WordCloudOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.WordCloudFieldWells": { + "additionalProperties": false, + "properties": { + "WordCloudAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.WordCloudAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a word cloud.", + "title": "WordCloudAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.WordCloudOptions": { + "additionalProperties": false, + "properties": { + "CloudLayout": { + "markdownDescription": "The cloud layout options (fluid, normal) of a word cloud.", + "title": "CloudLayout", + "type": "string" + }, + "MaximumStringLength": { + "markdownDescription": "The length limit of each word from 1-100.", + "title": "MaximumStringLength", + "type": "number" + }, + "WordCasing": { + "markdownDescription": "The word casing options (lower_case, existing_case) for the words in a word cloud.", + "title": "WordCasing", + "type": "string" + }, + "WordOrientation": { + "markdownDescription": "The word orientation options (horizontal, horizontal_and_vertical) for the words in a word cloud.", + "title": "WordOrientation", + "type": "string" + }, + "WordPadding": { + "markdownDescription": "The word padding options (none, small, medium, large) for the words in a word cloud.", + "title": "WordPadding", + "type": "string" + }, + "WordScaling": { + "markdownDescription": "The word scaling options (emphasize, normal) for the words in a word cloud.", + "title": "WordScaling", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.WordCloudSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of groups that are displayed in a word cloud.", + "title": "CategoryItemsLimit" + }, + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of group by fields.", + "title": "CategorySort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.WordCloudVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.WordCloudChartConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.YAxisOptions": { + "additionalProperties": false, + "properties": { + "YAxis": { + "markdownDescription": "The Y axis type to be used in the chart.\n\nIf you choose `PRIMARY_Y_AXIS` , the primary Y Axis is located on the leftmost vertical axis of the chart.", + "title": "YAxis", + "type": "string" + } + }, + "required": [ + "YAxis" + ], + "type": "object" + }, + "AWS::QuickSight::Theme": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AwsAccountId": { + "markdownDescription": "The ID of the AWS account where you want to store the new theme.", + "title": "AwsAccountId", + "type": "string" + }, + "BaseThemeId": { + "markdownDescription": "The ID of the theme that a custom theme will inherit from. All themes inherit from one of the starting themes defined by Amazon QuickSight. For a list of the starting themes, use `ListThemes` or choose *Themes* from within an analysis.", + "title": "BaseThemeId", + "type": "string" + }, + "Configuration": { + "$ref": "#/definitions/AWS::QuickSight::Theme.ThemeConfiguration", + "markdownDescription": "The theme configuration, which contains the theme display properties.", + "title": "Configuration" + }, + "Name": { + "markdownDescription": "A display name for the theme.", + "title": "Name", + "type": "string" + }, + "Permissions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Theme.ResourcePermission" + }, + "markdownDescription": "A valid grouping of resource permissions to apply to the new theme.", + "title": "Permissions", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A map of the key-value pairs for the resource tag or tags that you want to add to the resource.", + "title": "Tags", + "type": "array" + }, + "ThemeId": { + "markdownDescription": "An ID for the theme that you want to create. The theme ID is unique per AWS Region in each AWS account.", + "title": "ThemeId", + "type": "string" + }, + "VersionDescription": { + "markdownDescription": "A description of the first version of the theme that you're creating. Every time `UpdateTheme` is called, a new version is created. Each version of the theme has a description of the version in the `VersionDescription` field.", + "title": "VersionDescription", + "type": "string" + } + }, + "required": [ + "AwsAccountId", + "BaseThemeId", + "Configuration", + "Name", + "ThemeId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QuickSight::Theme" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::QuickSight::Theme.BorderStyle": { + "additionalProperties": false, + "properties": { + "Show": { + "markdownDescription": "The option to enable display of borders for visuals.", + "title": "Show", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::QuickSight::Theme.DataColorPalette": { + "additionalProperties": false, + "properties": { + "Colors": { + "items": { + "type": "string" + }, + "markdownDescription": "The hexadecimal codes for the colors.", + "title": "Colors", + "type": "array" + }, + "EmptyFillColor": { + "markdownDescription": "The hexadecimal code of a color that applies to charts where a lack of data is highlighted.", + "title": "EmptyFillColor", + "type": "string" + }, + "MinMaxGradient": { + "items": { + "type": "string" + }, + "markdownDescription": "The minimum and maximum hexadecimal codes that describe a color gradient.", + "title": "MinMaxGradient", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Theme.Font": { + "additionalProperties": false, + "properties": { + "FontFamily": { + "markdownDescription": "Determines the font family settings.", + "title": "FontFamily", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Theme.GutterStyle": { + "additionalProperties": false, + "properties": { + "Show": { + "markdownDescription": "This Boolean value controls whether to display a gutter space between sheet tiles.", + "title": "Show", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::QuickSight::Theme.MarginStyle": { + "additionalProperties": false, + "properties": { + "Show": { + "markdownDescription": "This Boolean value controls whether to display sheet margins.", + "title": "Show", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::QuickSight::Theme.ResourcePermission": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "type": "string" + }, + "markdownDescription": "The IAM action to grant or revoke permissions on.", + "title": "Actions", + "type": "array" + }, + "Principal": { + "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", + "title": "Principal", + "type": "string" + } + }, + "required": [ + "Actions", + "Principal" + ], + "type": "object" + }, + "AWS::QuickSight::Theme.SheetStyle": { + "additionalProperties": false, + "properties": { + "Tile": { + "$ref": "#/definitions/AWS::QuickSight::Theme.TileStyle", + "markdownDescription": "The display options for tiles.", + "title": "Tile" + }, + "TileLayout": { + "$ref": "#/definitions/AWS::QuickSight::Theme.TileLayoutStyle", + "markdownDescription": "The layout options for tiles.", + "title": "TileLayout" + } + }, + "type": "object" + }, + "AWS::QuickSight::Theme.ThemeConfiguration": { + "additionalProperties": false, + "properties": { + "DataColorPalette": { + "$ref": "#/definitions/AWS::QuickSight::Theme.DataColorPalette", + "markdownDescription": "Color properties that apply to chart data colors.", + "title": "DataColorPalette" + }, + "Sheet": { + "$ref": "#/definitions/AWS::QuickSight::Theme.SheetStyle", + "markdownDescription": "Display options related to sheets.", + "title": "Sheet" + }, + "Typography": { + "$ref": "#/definitions/AWS::QuickSight::Theme.Typography", + "markdownDescription": "Determines the typography options.", + "title": "Typography" + }, + "UIColorPalette": { + "$ref": "#/definitions/AWS::QuickSight::Theme.UIColorPalette", + "markdownDescription": "Color properties that apply to the UI and to charts, excluding the colors that apply to data.", + "title": "UIColorPalette" + } + }, + "type": "object" + }, + "AWS::QuickSight::Theme.ThemeError": { + "additionalProperties": false, + "properties": { + "Message": { + "markdownDescription": "The error message.", + "title": "Message", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of error.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Theme.ThemeVersion": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", + "title": "Arn", + "type": "string" + }, + "BaseThemeId": { + "markdownDescription": "The Amazon QuickSight-defined ID of the theme that a custom theme inherits from. All themes initially inherit from a default Amazon QuickSight theme.", + "title": "BaseThemeId", + "type": "string" + }, + "Configuration": { + "$ref": "#/definitions/AWS::QuickSight::Theme.ThemeConfiguration", + "markdownDescription": "The theme configuration, which contains all the theme display properties.", + "title": "Configuration" + }, + "CreatedTime": { + "markdownDescription": "The date and time that this theme version was created.", + "title": "CreatedTime", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the theme.", + "title": "Description", + "type": "string" + }, + "Errors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Theme.ThemeError" + }, + "markdownDescription": "Errors associated with the theme.", + "title": "Errors", + "type": "array" + }, + "Status": { + "markdownDescription": "The status of the theme version.", + "title": "Status", + "type": "string" + }, + "VersionNumber": { + "markdownDescription": "The version number of the theme.", + "title": "VersionNumber", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Theme.TileLayoutStyle": { + "additionalProperties": false, + "properties": { + "Gutter": { + "$ref": "#/definitions/AWS::QuickSight::Theme.GutterStyle", + "markdownDescription": "The gutter settings that apply between tiles.", + "title": "Gutter" + }, + "Margin": { + "$ref": "#/definitions/AWS::QuickSight::Theme.MarginStyle", + "markdownDescription": "The margin settings that apply around the outside edge of sheets.", + "title": "Margin" + } + }, + "type": "object" + }, + "AWS::QuickSight::Theme.TileStyle": { + "additionalProperties": false, + "properties": { + "Border": { + "$ref": "#/definitions/AWS::QuickSight::Theme.BorderStyle", + "markdownDescription": "The border around a tile.", + "title": "Border" + } + }, + "type": "object" + }, + "AWS::QuickSight::Theme.Typography": { + "additionalProperties": false, + "properties": { + "FontFamilies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Theme.Font" + }, + "markdownDescription": "Determines the list of font families.", + "title": "FontFamilies", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Theme.UIColorPalette": { + "additionalProperties": false, + "properties": { + "Accent": { + "markdownDescription": "This color is that applies to selected states and buttons.", + "title": "Accent", + "type": "string" + }, + "AccentForeground": { + "markdownDescription": "The foreground color that applies to any text or other elements that appear over the accent color.", + "title": "AccentForeground", + "type": "string" + }, + "Danger": { + "markdownDescription": "The color that applies to error messages.", + "title": "Danger", + "type": "string" + }, + "DangerForeground": { + "markdownDescription": "The foreground color that applies to any text or other elements that appear over the error color.", + "title": "DangerForeground", + "type": "string" + }, + "Dimension": { + "markdownDescription": "The color that applies to the names of fields that are identified as dimensions.", + "title": "Dimension", + "type": "string" + }, + "DimensionForeground": { + "markdownDescription": "The foreground color that applies to any text or other elements that appear over the dimension color.", + "title": "DimensionForeground", + "type": "string" + }, + "Measure": { + "markdownDescription": "The color that applies to the names of fields that are identified as measures.", + "title": "Measure", + "type": "string" + }, + "MeasureForeground": { + "markdownDescription": "The foreground color that applies to any text or other elements that appear over the measure color.", + "title": "MeasureForeground", + "type": "string" + }, + "PrimaryBackground": { + "markdownDescription": "The background color that applies to visuals and other high emphasis UI.", + "title": "PrimaryBackground", + "type": "string" + }, + "PrimaryForeground": { + "markdownDescription": "The color of text and other foreground elements that appear over the primary background regions, such as grid lines, borders, table banding, icons, and so on.", + "title": "PrimaryForeground", + "type": "string" + }, + "SecondaryBackground": { + "markdownDescription": "The background color that applies to the sheet background and sheet controls.", + "title": "SecondaryBackground", + "type": "string" + }, + "SecondaryForeground": { + "markdownDescription": "The foreground color that applies to any sheet title, sheet control text, or UI that appears over the secondary background.", + "title": "SecondaryForeground", + "type": "string" + }, + "Success": { + "markdownDescription": "The color that applies to success messages, for example the check mark for a successful download.", + "title": "Success", + "type": "string" + }, + "SuccessForeground": { + "markdownDescription": "The foreground color that applies to any text or other elements that appear over the success color.", + "title": "SuccessForeground", + "type": "string" + }, + "Warning": { + "markdownDescription": "This color that applies to warning and informational messages.", + "title": "Warning", + "type": "string" + }, + "WarningForeground": { + "markdownDescription": "The foreground color that applies to any text or other elements that appear over the warning color.", + "title": "WarningForeground", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AwsAccountId": { + "markdownDescription": "The ID of the AWS account that you want to create a topic in.", + "title": "AwsAccountId", + "type": "string" + }, + "ConfigOptions": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicConfigOptions", + "markdownDescription": "Configuration options for a `Topic` .", + "title": "ConfigOptions" + }, + "DataSets": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Topic.DatasetMetadata" + }, + "markdownDescription": "The data sets that the topic is associated with.", + "title": "DataSets", + "type": "array" + }, + "Description": { + "markdownDescription": "The description of the topic.", + "title": "Description", + "type": "string" + }, + "FolderArns": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "FolderArns", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the topic.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + }, + "TopicId": { + "markdownDescription": "The ID for the topic. This ID is unique per AWS Region for each AWS account.", + "title": "TopicId", + "type": "string" + }, + "UserExperienceVersion": { + "markdownDescription": "The user experience version of the topic.", + "title": "UserExperienceVersion", + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QuickSight::Topic" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::QuickSight::Topic.CellValueSynonym": { + "additionalProperties": false, + "properties": { + "CellValue": { + "markdownDescription": "The cell value.", + "title": "CellValue", + "type": "string" + }, + "Synonyms": { + "items": { + "type": "string" + }, + "markdownDescription": "Other names or aliases for the cell value.", + "title": "Synonyms", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.CollectiveConstant": { + "additionalProperties": false, + "properties": { + "ValueList": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of values for the collective constant.", + "title": "ValueList", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.ComparativeOrder": { + "additionalProperties": false, + "properties": { + "SpecifedOrder": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of columns to be used in the ordering.", + "title": "SpecifedOrder", + "type": "array" + }, + "TreatUndefinedSpecifiedValues": { + "markdownDescription": "The treat of undefined specified values. Valid values for this structure are `LEAST` and `MOST` .", + "title": "TreatUndefinedSpecifiedValues", + "type": "string" + }, + "UseOrdering": { + "markdownDescription": "The ordering type for a column. Valid values for this structure are `GREATER_IS_BETTER` , `LESSER_IS_BETTER` and `SPECIFIED` .", + "title": "UseOrdering", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.DataAggregation": { + "additionalProperties": false, + "properties": { + "DatasetRowDateGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "DatasetRowDateGranularity", + "type": "string" + }, + "DefaultDateColumnName": { + "markdownDescription": "The column name for the default date.", + "title": "DefaultDateColumnName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.DatasetMetadata": { + "additionalProperties": false, + "properties": { + "CalculatedFields": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicCalculatedField" + }, + "markdownDescription": "The list of calculated field definitions.", + "title": "CalculatedFields", + "type": "array" + }, + "Columns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicColumn" + }, + "markdownDescription": "The list of column definitions.", + "title": "Columns", + "type": "array" + }, + "DataAggregation": { + "$ref": "#/definitions/AWS::QuickSight::Topic.DataAggregation", + "markdownDescription": "The definition of a data aggregation.", + "title": "DataAggregation" + }, + "DatasetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the dataset.", + "title": "DatasetArn", + "type": "string" + }, + "DatasetDescription": { + "markdownDescription": "The description of the dataset.", + "title": "DatasetDescription", + "type": "string" + }, + "DatasetName": { + "markdownDescription": "The name of the dataset.", + "title": "DatasetName", + "type": "string" + }, + "Filters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicFilter" + }, + "markdownDescription": "The list of filter definitions.", + "title": "Filters", + "type": "array" + }, + "NamedEntities": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicNamedEntity" + }, + "markdownDescription": "The list of named entities definitions.", + "title": "NamedEntities", + "type": "array" + } + }, + "required": [ + "DatasetArn" + ], + "type": "object" + }, + "AWS::QuickSight::Topic.DefaultFormatting": { + "additionalProperties": false, + "properties": { + "DisplayFormat": { + "markdownDescription": "The display format. Valid values for this structure are `AUTO` , `PERCENT` , `CURRENCY` , `NUMBER` , `DATE` , and `STRING` .", + "title": "DisplayFormat", + "type": "string" + }, + "DisplayFormatOptions": { + "$ref": "#/definitions/AWS::QuickSight::Topic.DisplayFormatOptions", + "markdownDescription": "The additional options for display formatting.", + "title": "DisplayFormatOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.DisplayFormatOptions": { + "additionalProperties": false, + "properties": { + "BlankCellFormat": { + "markdownDescription": "Determines the blank cell format.", + "title": "BlankCellFormat", + "type": "string" + }, + "CurrencySymbol": { + "markdownDescription": "The currency symbol, such as `USD` .", + "title": "CurrencySymbol", + "type": "string" + }, + "DateFormat": { + "markdownDescription": "Determines the `DateTime` format.", + "title": "DateFormat", + "type": "string" + }, + "DecimalSeparator": { + "markdownDescription": "Determines the decimal separator.", + "title": "DecimalSeparator", + "type": "string" + }, + "FractionDigits": { + "markdownDescription": "Determines the number of fraction digits.", + "title": "FractionDigits", + "type": "number" + }, + "GroupingSeparator": { + "markdownDescription": "Determines the grouping separator.", + "title": "GroupingSeparator", + "type": "string" + }, + "NegativeFormat": { + "$ref": "#/definitions/AWS::QuickSight::Topic.NegativeFormat", + "markdownDescription": "The negative format.", + "title": "NegativeFormat" + }, + "Prefix": { + "markdownDescription": "The prefix value for a display format.", + "title": "Prefix", + "type": "string" + }, + "Suffix": { + "markdownDescription": "The suffix value for a display format.", + "title": "Suffix", + "type": "string" + }, + "UnitScaler": { + "markdownDescription": "The unit scaler. Valid values for this structure are: `NONE` , `AUTO` , `THOUSANDS` , `MILLIONS` , `BILLIONS` , and `TRILLIONS` .", + "title": "UnitScaler", + "type": "string" + }, + "UseBlankCellFormat": { + "markdownDescription": "A Boolean value that indicates whether to use blank cell format.", + "title": "UseBlankCellFormat", + "type": "boolean" + }, + "UseGrouping": { + "markdownDescription": "A Boolean value that indicates whether to use grouping.", + "title": "UseGrouping", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.NamedEntityDefinition": { + "additionalProperties": false, + "properties": { + "FieldName": { + "markdownDescription": "The name of the entity.", + "title": "FieldName", + "type": "string" + }, + "Metric": { + "$ref": "#/definitions/AWS::QuickSight::Topic.NamedEntityDefinitionMetric", + "markdownDescription": "The definition of a metric.", + "title": "Metric" + }, + "PropertyName": { + "markdownDescription": "The property name to be used for the named entity.", + "title": "PropertyName", + "type": "string" + }, + "PropertyRole": { + "markdownDescription": "The property role. Valid values for this structure are `PRIMARY` and `ID` .", + "title": "PropertyRole", + "type": "string" + }, + "PropertyUsage": { + "markdownDescription": "The property usage. Valid values for this structure are `INHERIT` , `DIMENSION` , and `MEASURE` .", + "title": "PropertyUsage", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.NamedEntityDefinitionMetric": { + "additionalProperties": false, + "properties": { + "Aggregation": { + "markdownDescription": "The aggregation of a named entity. Valid values for this structure are `SUM` , `MIN` , `MAX` , `COUNT` , `AVERAGE` , `DISTINCT_COUNT` , `STDEV` , `STDEVP` , `VAR` , `VARP` , `PERCENTILE` , `MEDIAN` , and `CUSTOM` .", + "title": "Aggregation", + "type": "string" + }, + "AggregationFunctionParameters": { + "additionalProperties": true, + "markdownDescription": "The additional parameters for an aggregation function.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AggregationFunctionParameters", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.NegativeFormat": { + "additionalProperties": false, + "properties": { + "Prefix": { + "markdownDescription": "The prefix for a negative format.", + "title": "Prefix", + "type": "string" + }, + "Suffix": { + "markdownDescription": "The suffix for a negative format.", + "title": "Suffix", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.RangeConstant": { + "additionalProperties": false, + "properties": { + "Maximum": { + "markdownDescription": "The maximum value for a range constant.", + "title": "Maximum", + "type": "string" + }, + "Minimum": { + "markdownDescription": "The minimum value for a range constant.", + "title": "Minimum", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.SemanticEntityType": { + "additionalProperties": false, + "properties": { + "SubTypeName": { + "markdownDescription": "The semantic entity sub type name.", + "title": "SubTypeName", + "type": "string" + }, + "TypeName": { + "markdownDescription": "The semantic entity type name.", + "title": "TypeName", + "type": "string" + }, + "TypeParameters": { + "additionalProperties": true, + "markdownDescription": "The semantic entity type parameters.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "TypeParameters", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.SemanticType": { + "additionalProperties": false, + "properties": { + "FalseyCellValue": { + "markdownDescription": "The semantic type falsey cell value.", + "title": "FalseyCellValue", + "type": "string" + }, + "FalseyCellValueSynonyms": { + "items": { + "type": "string" + }, + "markdownDescription": "The other names or aliases for the false cell value.", + "title": "FalseyCellValueSynonyms", + "type": "array" + }, + "SubTypeName": { + "markdownDescription": "The semantic type sub type name.", + "title": "SubTypeName", + "type": "string" + }, + "TruthyCellValue": { + "markdownDescription": "The semantic type truthy cell value.", + "title": "TruthyCellValue", + "type": "string" + }, + "TruthyCellValueSynonyms": { + "items": { + "type": "string" + }, + "markdownDescription": "The other names or aliases for the true cell value.", + "title": "TruthyCellValueSynonyms", + "type": "array" + }, + "TypeName": { + "markdownDescription": "The semantic type name.", + "title": "TypeName", + "type": "string" + }, + "TypeParameters": { + "additionalProperties": true, + "markdownDescription": "The semantic type parameters.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "TypeParameters", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.TopicCalculatedField": { + "additionalProperties": false, + "properties": { + "Aggregation": { + "markdownDescription": "The default aggregation. Valid values for this structure are `SUM` , `MAX` , `MIN` , `COUNT` , `DISTINCT_COUNT` , and `AVERAGE` .", + "title": "Aggregation", + "type": "string" + }, + "AllowedAggregations": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of aggregation types that are allowed for the calculated field. Valid values for this structure are `COUNT` , `DISTINCT_COUNT` , `MIN` , `MAX` , `MEDIAN` , `SUM` , `AVERAGE` , `STDEV` , `STDEVP` , `VAR` , `VARP` , and `PERCENTILE` .", + "title": "AllowedAggregations", + "type": "array" + }, + "CalculatedFieldDescription": { + "markdownDescription": "The calculated field description.", + "title": "CalculatedFieldDescription", + "type": "string" + }, + "CalculatedFieldName": { + "markdownDescription": "The calculated field name.", + "title": "CalculatedFieldName", + "type": "string" + }, + "CalculatedFieldSynonyms": { + "items": { + "type": "string" + }, + "markdownDescription": "The other names or aliases for the calculated field.", + "title": "CalculatedFieldSynonyms", + "type": "array" + }, + "CellValueSynonyms": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Topic.CellValueSynonym" + }, + "markdownDescription": "The other names or aliases for the calculated field cell value.", + "title": "CellValueSynonyms", + "type": "array" + }, + "ColumnDataRole": { + "markdownDescription": "The column data role for a calculated field. Valid values for this structure are `DIMENSION` and `MEASURE` .", + "title": "ColumnDataRole", + "type": "string" + }, + "ComparativeOrder": { + "$ref": "#/definitions/AWS::QuickSight::Topic.ComparativeOrder", + "markdownDescription": "The order in which data is displayed for the calculated field when it's used in a comparative context.", + "title": "ComparativeOrder" + }, + "DefaultFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Topic.DefaultFormatting", + "markdownDescription": "The default formatting definition.", + "title": "DefaultFormatting" + }, + "DisableIndexing": { + "markdownDescription": "A Boolean value that indicates if a calculated field is visible in the autocomplete.", + "title": "DisableIndexing", + "type": "boolean" + }, + "Expression": { + "markdownDescription": "The calculated field expression.", + "title": "Expression", + "type": "string" + }, + "IsIncludedInTopic": { + "markdownDescription": "A boolean value that indicates if a calculated field is included in the topic.", + "title": "IsIncludedInTopic", + "type": "boolean" + }, + "NeverAggregateInFilter": { + "markdownDescription": "A Boolean value that indicates whether to never aggregate calculated field in filters.", + "title": "NeverAggregateInFilter", + "type": "boolean" + }, + "NonAdditive": { + "markdownDescription": "The non additive for the table style target.", + "title": "NonAdditive", + "type": "boolean" + }, + "NotAllowedAggregations": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of aggregation types that are not allowed for the calculated field. Valid values for this structure are `COUNT` , `DISTINCT_COUNT` , `MIN` , `MAX` , `MEDIAN` , `SUM` , `AVERAGE` , `STDEV` , `STDEVP` , `VAR` , `VARP` , and `PERCENTILE` .", + "title": "NotAllowedAggregations", + "type": "array" + }, + "SemanticType": { + "$ref": "#/definitions/AWS::QuickSight::Topic.SemanticType", + "markdownDescription": "The semantic type.", + "title": "SemanticType" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" + } + }, + "required": [ + "CalculatedFieldName", + "Expression" + ], + "type": "object" + }, + "AWS::QuickSight::Topic.TopicCategoryFilter": { + "additionalProperties": false, + "properties": { + "CategoryFilterFunction": { + "markdownDescription": "The category filter function. Valid values for this structure are `EXACT` and `CONTAINS` .", + "title": "CategoryFilterFunction", + "type": "string" + }, + "CategoryFilterType": { + "markdownDescription": "The category filter type. This element is used to specify whether a filter is a simple category filter or an inverse category filter.", + "title": "CategoryFilterType", + "type": "string" + }, + "Constant": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicCategoryFilterConstant", + "markdownDescription": "The constant used in a category filter.", + "title": "Constant" + }, + "Inverse": { + "markdownDescription": "A Boolean value that indicates if the filter is inverse.", + "title": "Inverse", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.TopicCategoryFilterConstant": { + "additionalProperties": false, + "properties": { + "CollectiveConstant": { + "$ref": "#/definitions/AWS::QuickSight::Topic.CollectiveConstant", + "markdownDescription": "A collective constant used in a category filter. This element is used to specify a list of values for the constant.", + "title": "CollectiveConstant" + }, + "ConstantType": { + "markdownDescription": "The type of category filter constant. This element is used to specify whether a constant is a singular or collective. Valid values are `SINGULAR` and `COLLECTIVE` .", + "title": "ConstantType", + "type": "string" + }, + "SingularConstant": { + "markdownDescription": "A singular constant used in a category filter. This element is used to specify a single value for the constant.", + "title": "SingularConstant", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.TopicColumn": { + "additionalProperties": false, + "properties": { + "Aggregation": { + "markdownDescription": "The type of aggregation that is performed on the column data when it's queried.", + "title": "Aggregation", + "type": "string" + }, + "AllowedAggregations": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of aggregation types that are allowed for the column. Valid values for this structure are `COUNT` , `DISTINCT_COUNT` , `MIN` , `MAX` , `MEDIAN` , `SUM` , `AVERAGE` , `STDEV` , `STDEVP` , `VAR` , `VARP` , and `PERCENTILE` .", + "title": "AllowedAggregations", + "type": "array" + }, + "CellValueSynonyms": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Topic.CellValueSynonym" + }, + "markdownDescription": "The other names or aliases for the column cell value.", + "title": "CellValueSynonyms", + "type": "array" + }, + "ColumnDataRole": { + "markdownDescription": "The role of the column in the data. Valid values are `DIMENSION` and `MEASURE` .", + "title": "ColumnDataRole", + "type": "string" + }, + "ColumnDescription": { + "markdownDescription": "A description of the column and its contents.", + "title": "ColumnDescription", + "type": "string" + }, + "ColumnFriendlyName": { + "markdownDescription": "A user-friendly name for the column.", + "title": "ColumnFriendlyName", + "type": "string" + }, + "ColumnName": { + "markdownDescription": "The name of the column.", + "title": "ColumnName", + "type": "string" + }, + "ColumnSynonyms": { + "items": { + "type": "string" + }, + "markdownDescription": "The other names or aliases for the column.", + "title": "ColumnSynonyms", + "type": "array" + }, + "ComparativeOrder": { + "$ref": "#/definitions/AWS::QuickSight::Topic.ComparativeOrder", + "markdownDescription": "The order in which data is displayed for the column when it's used in a comparative context.", + "title": "ComparativeOrder" + }, + "DefaultFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Topic.DefaultFormatting", + "markdownDescription": "The default formatting used for values in the column.", + "title": "DefaultFormatting" + }, + "DisableIndexing": { + "markdownDescription": "A Boolean value that indicates whether the column shows in the autocomplete functionality.", + "title": "DisableIndexing", + "type": "boolean" + }, + "IsIncludedInTopic": { + "markdownDescription": "A Boolean value that indicates whether the column is included in the query results.", + "title": "IsIncludedInTopic", + "type": "boolean" + }, + "NeverAggregateInFilter": { + "markdownDescription": "A Boolean value that indicates whether to aggregate the column data when it's used in a filter context.", + "title": "NeverAggregateInFilter", + "type": "boolean" + }, + "NonAdditive": { + "markdownDescription": "The non additive value for the column.", + "title": "NonAdditive", + "type": "boolean" + }, + "NotAllowedAggregations": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of aggregation types that are not allowed for the column. Valid values for this structure are `COUNT` , `DISTINCT_COUNT` , `MIN` , `MAX` , `MEDIAN` , `SUM` , `AVERAGE` , `STDEV` , `STDEVP` , `VAR` , `VARP` , and `PERCENTILE` .", + "title": "NotAllowedAggregations", + "type": "array" + }, + "SemanticType": { + "$ref": "#/definitions/AWS::QuickSight::Topic.SemanticType", + "markdownDescription": "The semantic type of data contained in the column.", + "title": "SemanticType" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" + } + }, + "required": [ + "ColumnName" + ], + "type": "object" + }, + "AWS::QuickSight::Topic.TopicConfigOptions": { + "additionalProperties": false, + "properties": { + "QBusinessInsightsEnabled": { + "markdownDescription": "Enables Amazon Q Business Insights for a `Topic` .", + "title": "QBusinessInsightsEnabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.TopicDateRangeFilter": { + "additionalProperties": false, + "properties": { + "Constant": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicRangeFilterConstant", + "markdownDescription": "The constant used in a date range filter.", + "title": "Constant" + }, + "Inclusive": { + "markdownDescription": "A Boolean value that indicates whether the date range filter should include the boundary values. If set to true, the filter includes the start and end dates. If set to false, the filter excludes them.", + "title": "Inclusive", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.TopicFilter": { + "additionalProperties": false, + "properties": { + "CategoryFilter": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicCategoryFilter", + "markdownDescription": "The category filter that is associated with this filter.", + "title": "CategoryFilter" + }, + "DateRangeFilter": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicDateRangeFilter", + "markdownDescription": "The date range filter.", + "title": "DateRangeFilter" + }, + "FilterClass": { + "markdownDescription": "The class of the filter. Valid values for this structure are `ENFORCED_VALUE_FILTER` , `CONDITIONAL_VALUE_FILTER` , and `NAMED_VALUE_FILTER` .", + "title": "FilterClass", + "type": "string" + }, + "FilterDescription": { + "markdownDescription": "A description of the filter used to select items for a topic.", + "title": "FilterDescription", + "type": "string" + }, + "FilterName": { + "markdownDescription": "The name of the filter.", + "title": "FilterName", + "type": "string" + }, + "FilterSynonyms": { + "items": { + "type": "string" + }, + "markdownDescription": "The other names or aliases for the filter.", + "title": "FilterSynonyms", + "type": "array" + }, + "FilterType": { + "markdownDescription": "The type of the filter. Valid values for this structure are `CATEGORY_FILTER` , `NUMERIC_EQUALITY_FILTER` , `NUMERIC_RANGE_FILTER` , `DATE_RANGE_FILTER` , and `RELATIVE_DATE_FILTER` .", + "title": "FilterType", + "type": "string" + }, + "NumericEqualityFilter": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicNumericEqualityFilter", + "markdownDescription": "The numeric equality filter.", + "title": "NumericEqualityFilter" + }, + "NumericRangeFilter": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicNumericRangeFilter", + "markdownDescription": "The numeric range filter.", + "title": "NumericRangeFilter" + }, + "OperandFieldName": { + "markdownDescription": "The name of the field that the filter operates on.", + "title": "OperandFieldName", + "type": "string" + }, + "RelativeDateFilter": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicRelativeDateFilter", + "markdownDescription": "The relative date filter.", + "title": "RelativeDateFilter" + } + }, + "required": [ + "FilterName", + "OperandFieldName" + ], + "type": "object" + }, + "AWS::QuickSight::Topic.TopicNamedEntity": { + "additionalProperties": false, + "properties": { + "Definition": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Topic.NamedEntityDefinition" + }, + "markdownDescription": "The definition of a named entity.", + "title": "Definition", + "type": "array" + }, + "EntityDescription": { + "markdownDescription": "The description of the named entity.", + "title": "EntityDescription", + "type": "string" + }, + "EntityName": { + "markdownDescription": "The name of the named entity.", + "title": "EntityName", + "type": "string" + }, + "EntitySynonyms": { + "items": { + "type": "string" + }, + "markdownDescription": "The other names or aliases for the named entity.", + "title": "EntitySynonyms", + "type": "array" + }, + "SemanticEntityType": { + "$ref": "#/definitions/AWS::QuickSight::Topic.SemanticEntityType", + "markdownDescription": "The type of named entity that a topic represents.", + "title": "SemanticEntityType" + } + }, + "required": [ + "EntityName" + ], + "type": "object" + }, + "AWS::QuickSight::Topic.TopicNumericEqualityFilter": { + "additionalProperties": false, + "properties": { + "Aggregation": { + "markdownDescription": "An aggregation function that specifies how to calculate the value of a numeric field for a topic. Valid values for this structure are `NO_AGGREGATION` , `SUM` , `AVERAGE` , `COUNT` , `DISTINCT_COUNT` , `MAX` , `MEDIAN` , `MIN` , `STDEV` , `STDEVP` , `VAR` , and `VARP` .", + "title": "Aggregation", + "type": "string" + }, + "Constant": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicSingularFilterConstant", + "markdownDescription": "The constant used in a numeric equality filter.", + "title": "Constant" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.TopicNumericRangeFilter": { + "additionalProperties": false, + "properties": { + "Aggregation": { + "markdownDescription": "An aggregation function that specifies how to calculate the value of a numeric field for a topic, Valid values for this structure are `NO_AGGREGATION` , `SUM` , `AVERAGE` , `COUNT` , `DISTINCT_COUNT` , `MAX` , `MEDIAN` , `MIN` , `STDEV` , `STDEVP` , `VAR` , and `VARP` .", + "title": "Aggregation", + "type": "string" + }, + "Constant": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicRangeFilterConstant", + "markdownDescription": "The constant used in a numeric range filter.", + "title": "Constant" + }, + "Inclusive": { + "markdownDescription": "A Boolean value that indicates whether the endpoints of the numeric range are included in the filter. If set to true, topics whose numeric field value is equal to the endpoint values will be included in the filter. If set to false, topics whose numeric field value is equal to the endpoint values will be excluded from the filter.", + "title": "Inclusive", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.TopicRangeFilterConstant": { + "additionalProperties": false, + "properties": { + "ConstantType": { + "markdownDescription": "The data type of the constant value that is used in a range filter. Valid values for this structure are `RANGE` .", + "title": "ConstantType", + "type": "string" + }, + "RangeConstant": { + "$ref": "#/definitions/AWS::QuickSight::Topic.RangeConstant", + "markdownDescription": "The value of the constant that is used to specify the endpoints of a range filter.", + "title": "RangeConstant" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.TopicRelativeDateFilter": { + "additionalProperties": false, + "properties": { + "Constant": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicSingularFilterConstant", + "markdownDescription": "The constant used in a relative date filter.", + "title": "Constant" + }, + "RelativeDateFilterFunction": { + "markdownDescription": "The function to be used in a relative date filter to determine the range of dates to include in the results. Valid values for this structure are `BEFORE` , `AFTER` , and `BETWEEN` .", + "title": "RelativeDateFilterFunction", + "type": "string" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.TopicSingularFilterConstant": { + "additionalProperties": false, + "properties": { + "ConstantType": { + "markdownDescription": "The type of the singular filter constant. Valid values for this structure are `SINGULAR` .", + "title": "ConstantType", + "type": "string" + }, + "SingularConstant": { + "markdownDescription": "The value of the singular filter constant.", + "title": "SingularConstant", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::VPCConnection": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AvailabilityStatus": { + "markdownDescription": "The availability status of the VPC connection.", + "title": "AvailabilityStatus", + "type": "string" + }, + "AwsAccountId": { + "markdownDescription": "The AWS account ID of the account where you want to create a new VPC connection.", + "title": "AwsAccountId", + "type": "string" + }, + "DnsResolvers": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of IP addresses of DNS resolver endpoints for the VPC connection.", + "title": "DnsResolvers", + "type": "array" + }, + "Name": { + "markdownDescription": "The display name for the VPC connection.", + "title": "Name", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the IAM role associated with the VPC connection.", + "title": "RoleArn", + "type": "string" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon EC2 security group IDs associated with the VPC connection.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of subnet IDs for the VPC connection.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A map of the key-value pairs for the resource tag or tags assigned to the VPC connection.", + "title": "Tags", + "type": "array" + }, + "VPCConnectionId": { + "markdownDescription": "The ID of the VPC connection that you're creating. This ID is a unique identifier for each AWS Region in an AWS account.", + "title": "VPCConnectionId", + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QuickSight::VPCConnection" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::QuickSight::VPCConnection.NetworkInterface": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "markdownDescription": "The availability zone that the network interface resides in.", + "title": "AvailabilityZone", + "type": "string" + }, + "ErrorMessage": { + "markdownDescription": "An error message.", + "title": "ErrorMessage", + "type": "string" + }, + "NetworkInterfaceId": { + "markdownDescription": "The network interface ID.", + "title": "NetworkInterfaceId", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the network interface.", + "title": "Status", + "type": "string" + }, + "SubnetId": { + "markdownDescription": "The subnet ID associated with the network interface.", + "title": "SubnetId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::RAM::Permission": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "Specifies the name of the customer managed permission. The name must be unique within the AWS Region .", + "title": "Name", + "type": "string" + }, + "PolicyTemplate": { + "markdownDescription": "A string in JSON format string that contains the following elements of a resource-based policy:\n\n- *Effect* : must be set to `ALLOW` .\n- *Action* : specifies the actions that are allowed by this customer managed permission. The list must contain only actions that are supported by the specified resource type. For a list of all actions supported by each resource type, see [Actions, resources, and condition keys for AWS services](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html) in the *AWS Identity and Access Management User Guide* .\n- *Condition* : (optional) specifies conditional parameters that must evaluate to true when a user attempts an action for that action to be allowed. For more information about the Condition element, see [IAM policies: Condition element](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition.html) in the *AWS Identity and Access Management User Guide* .\n\nThis template can't include either the `Resource` or `Principal` elements. Those are both filled in by AWS RAM when it instantiates the resource-based policy on each resource shared using this managed permission. The `Resource` comes from the ARN of the specific resource that you are sharing. The `Principal` comes from the list of identities added to the resource share.", + "title": "PolicyTemplate", + "type": "object" + }, + "ResourceType": { + "markdownDescription": "Specifies the name of the resource type that this customer managed permission applies to.\n\nThe format is `** : **` and is not case sensitive. For example, to specify an Amazon EC2 Subnet, you can use the string `ec2:subnet` . To see the list of valid values for this parameter, query the [ListResourceTypes](https://docs.aws.amazon.com/ram/latest/APIReference/API_ListResourceTypes.html) operation.", + "title": "ResourceType", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies a list of one or more tag key and value pairs to attach to the permission.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Name", + "PolicyTemplate", + "ResourceType" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RAM::Permission" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::RAM::ResourceShare": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AllowExternalPrincipals": { + "markdownDescription": "Specifies whether principals outside your organization in AWS Organizations can be associated with a resource share. A value of `true` lets you share with individual AWS accounts that are *not* in your organization. A value of `false` only has meaning if your account is a member of an AWS Organization. The default value is `true` .", + "title": "AllowExternalPrincipals", + "type": "boolean" + }, + "Name": { + "markdownDescription": "Specifies the name of the resource share.", + "title": "Name", + "type": "string" + }, + "PermissionArns": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html) of the AWS RAM permission to associate with the resource share. If you do not specify an ARN for the permission, AWS RAM automatically attaches the default version of the permission for each resource type. You can associate only one permission with each resource type included in the resource share.", + "title": "PermissionArns", + "type": "array" + }, + "Principals": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the principals to associate with the resource share. The possible values are:\n\n- An AWS account ID\n- An Amazon Resource Name (ARN) of an organization in AWS Organizations\n- An ARN of an organizational unit (OU) in AWS Organizations\n- An ARN of an IAM role\n- An ARN of an IAM user\n\n> Not all resource types can be shared with IAM roles and users. For more information, see the column *Can share with IAM roles and users* in the tables on [Shareable AWS resources](https://docs.aws.amazon.com/ram/latest/userguide/shareable.html) in the *AWS Resource Access Manager User Guide* .", + "title": "Principals", + "type": "array" + }, + "ResourceArns": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies a list of one or more ARNs of the resources to associate with the resource share.", + "title": "ResourceArns", + "type": "array" + }, + "Sources": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies from which source accounts the service principal has access to the resources in this resource share.", + "title": "Sources", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies one or more tags to attach to the resource share itself. It doesn't attach the tags to the resources associated with the resource share.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RAM::ResourceShare" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::RDS::CustomDBEngineVersion": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DatabaseInstallationFilesS3BucketName": { + "markdownDescription": "The name of an Amazon S3 bucket that contains database installation files for your CEV. For example, a valid bucket name is `my-custom-installation-files` .", + "title": "DatabaseInstallationFilesS3BucketName", + "type": "string" + }, + "DatabaseInstallationFilesS3Prefix": { + "markdownDescription": "The Amazon S3 directory that contains the database installation files for your CEV. For example, a valid bucket name is `123456789012/cev1` . If this setting isn't specified, no prefix is assumed.", + "title": "DatabaseInstallationFilesS3Prefix", + "type": "string" + }, + "Description": { + "markdownDescription": "An optional description of your CEV.", + "title": "Description", + "type": "string" + }, + "Engine": { + "markdownDescription": "The database engine to use for your custom engine version (CEV).\n\nValid values:\n\n- `custom-oracle-ee`\n- `custom-oracle-ee-cdb`", + "title": "Engine", + "type": "string" + }, + "EngineVersion": { + "markdownDescription": "The name of your CEV. The name format is `major version.customized_string` . For example, a valid CEV name is `19.my_cev1` . This setting is required for RDS Custom for Oracle, but optional for Amazon RDS. The combination of `Engine` and `EngineVersion` is unique per customer per Region.\n\n*Constraints:* Minimum length is 1. Maximum length is 60.\n\n*Pattern:* `^[a-z0-9_.-]{1,60$` }", + "title": "EngineVersion", + "type": "string" + }, + "ImageId": { + "markdownDescription": "A value that indicates the ID of the AMI.", + "title": "ImageId", + "type": "string" + }, + "KMSKeyId": { + "markdownDescription": "The AWS KMS key identifier for an encrypted CEV. A symmetric encryption KMS key is required for RDS Custom, but optional for Amazon RDS.\n\nIf you have an existing symmetric encryption KMS key in your account, you can use it with RDS Custom. No further action is necessary. If you don't already have a symmetric encryption KMS key in your account, follow the instructions in [Creating a symmetric encryption KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/create-keys.html#create-symmetric-cmk) in the *AWS Key Management Service Developer Guide* .\n\nYou can choose the same symmetric encryption key when you create a CEV and a DB instance, or choose different keys.", + "title": "KMSKeyId", + "type": "string" + }, + "Manifest": { + "markdownDescription": "The CEV manifest, which is a JSON document that describes the installation .zip files stored in Amazon S3. Specify the name/value pairs in a file or a quoted string. RDS Custom applies the patches in the order in which they are listed.\n\nThe following JSON fields are valid:\n\n- **MediaImportTemplateVersion** - Version of the CEV manifest. The date is in the format `YYYY-MM-DD` .\n- **databaseInstallationFileNames** - Ordered list of installation files for the CEV.\n- **opatchFileNames** - Ordered list of OPatch installers used for the Oracle DB engine.\n- **psuRuPatchFileNames** - The PSU and RU patches for this CEV.\n- **OtherPatchFileNames** - The patches that are not in the list of PSU and RU patches. Amazon RDS applies these patches after applying the PSU and RU patches.\n\nFor more information, see [Creating the CEV manifest](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-cev.html#custom-cev.preparing.manifest) in the *Amazon RDS User Guide* .", + "title": "Manifest", + "type": "string" + }, + "SourceCustomDbEngineVersionIdentifier": { + "markdownDescription": "The ARN of a CEV to use as a source for creating a new CEV. You can specify a different Amazon Machine Imagine (AMI) by using either `Source` or `UseAwsProvidedLatestImage` . You can't specify a different JSON manifest when you specify `SourceCustomDbEngineVersionIdentifier` .", + "title": "SourceCustomDbEngineVersionIdentifier", + "type": "string" + }, + "Status": { + "markdownDescription": "A value that indicates the status of a custom engine version (CEV).", + "title": "Status", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags. For more information, see [Tagging Amazon RDS Resources](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) in the *Amazon RDS User Guide.*", + "title": "Tags", + "type": "array" + }, + "UseAwsProvidedLatestImage": { + "markdownDescription": "Specifies whether to use the latest service-provided Amazon Machine Image (AMI) for the CEV. If you specify `UseAwsProvidedLatestImage` , you can't also specify `ImageId` .", + "title": "UseAwsProvidedLatestImage", + "type": "boolean" + } + }, + "required": [ + "Engine", + "EngineVersion" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RDS::CustomDBEngineVersion" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::RDS::DBCluster": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AllocatedStorage": { + "markdownDescription": "The amount of storage in gibibytes (GiB) to allocate to each DB instance in the Multi-AZ DB cluster.\n\nValid for Cluster Type: Multi-AZ DB clusters only\n\nThis setting is required to create a Multi-AZ DB cluster.", + "title": "AllocatedStorage", + "type": "number" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/AWS::RDS::DBCluster.DBClusterRole" + }, + "markdownDescription": "Provides a list of the AWS Identity and Access Management (IAM) roles that are associated with the DB cluster. IAM roles that are associated with a DB cluster grant permission for the DB cluster to access other Amazon Web Services on your behalf.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "AssociatedRoles", + "type": "array" + }, + "AutoMinorVersionUpgrade": { + "markdownDescription": "Specifies whether minor engine upgrades are applied automatically to the DB cluster during the maintenance window. By default, minor engine upgrades are applied automatically.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB cluster.\n\nFor more information about automatic minor version upgrades, see [Automatically upgrading the minor engine version](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Upgrading.html#USER_UpgradeDBInstance.Upgrading.AutoMinorVersionUpgrades) .", + "title": "AutoMinorVersionUpgrade", + "type": "boolean" + }, + "AvailabilityZones": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of Availability Zones (AZs) where instances in the DB cluster can be created. For information on AWS Regions and Availability Zones, see [Choosing the Regions and Availability Zones](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.RegionsAndAvailabilityZones.html) in the *Amazon Aurora User Guide* .\n\nValid for: Aurora DB clusters only", + "title": "AvailabilityZones", + "type": "array" + }, + "BacktrackWindow": { + "markdownDescription": "The target backtrack window, in seconds. To disable backtracking, set this value to `0` .\n\nValid for Cluster Type: Aurora MySQL DB clusters only\n\nDefault: `0`\n\nConstraints:\n\n- If specified, this value must be set to a number from 0 to 259,200 (72 hours).", + "title": "BacktrackWindow", + "type": "number" + }, + "BackupRetentionPeriod": { + "markdownDescription": "The number of days for which automated backups are retained.\n\nDefault: 1\n\nConstraints:\n\n- Must be a value from 1 to 35\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "BackupRetentionPeriod", + "type": "number" + }, + "ClusterScalabilityType": { + "markdownDescription": "Specifies the scalability mode of the Aurora DB cluster. When set to `limitless` , the cluster operates as an Aurora Limitless Database, allowing you to create a DB shard group for horizontal scaling (sharding) capabilities. When set to `standard` (the default), the cluster uses normal DB instance creation.\n\n*Important:* Automated backup retention isn't supported with Aurora Limitless Database clusters. If you set this property to `limitless` , you cannot set `DeleteAutomatedBackups` to `false` . To create a backup, use manual snapshots instead.", + "title": "ClusterScalabilityType", + "type": "string" + }, + "CopyTagsToSnapshot": { + "markdownDescription": "A value that indicates whether to copy all tags from the DB cluster to snapshots of the DB cluster. The default is not to copy them.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "CopyTagsToSnapshot", + "type": "boolean" + }, + "DBClusterIdentifier": { + "markdownDescription": "The DB cluster identifier. This parameter is stored as a lowercase string.\n\nConstraints:\n\n- Must contain from 1 to 63 letters, numbers, or hyphens.\n- First character must be a letter.\n- Can't end with a hyphen or contain two consecutive hyphens.\n\nExample: `my-cluster1`\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "DBClusterIdentifier", + "type": "string" + }, + "DBClusterInstanceClass": { + "markdownDescription": "The compute and memory capacity of each DB instance in the Multi-AZ DB cluster, for example `db.m6gd.xlarge` . Not all DB instance classes are available in all AWS Regions , or for all database engines.\n\nFor the full list of DB instance classes and availability for your engine, see [DB instance class](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html) in the *Amazon RDS User Guide* .\n\nThis setting is required to create a Multi-AZ DB cluster.\n\nValid for Cluster Type: Multi-AZ DB clusters only", + "title": "DBClusterInstanceClass", + "type": "string" + }, + "DBClusterParameterGroupName": { + "markdownDescription": "The name of the DB cluster parameter group to associate with this DB cluster.\n\n> If you apply a parameter group to an existing DB cluster, then its DB instances might need to reboot. This can result in an outage while the DB instances are rebooting.\n> \n> If you apply a change to parameter group associated with a stopped DB cluster, then the update stack waits until the DB cluster is started. \n\nTo list all of the available DB cluster parameter group names, use the following command:\n\n`aws rds describe-db-cluster-parameter-groups --query \"DBClusterParameterGroups[].DBClusterParameterGroupName\" --output text`\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "DBClusterParameterGroupName", + "type": "string" + }, + "DBInstanceParameterGroupName": { + "markdownDescription": "The name of the DB parameter group to apply to all instances of the DB cluster.\n\n> When you apply a parameter group using the `DBInstanceParameterGroupName` parameter, the DB cluster isn't rebooted automatically. Also, parameter changes are applied immediately rather than during the next maintenance window. \n\nValid for Cluster Type: Aurora DB clusters only\n\nDefault: The existing name setting\n\nConstraints:\n\n- The DB parameter group must be in the same DB parameter group family as this DB cluster.\n- The `DBInstanceParameterGroupName` parameter is valid in combination with the `AllowMajorVersionUpgrade` parameter for a major version upgrade only.", + "title": "DBInstanceParameterGroupName", + "type": "string" + }, + "DBSubnetGroupName": { + "markdownDescription": "A DB subnet group that you want to associate with this DB cluster.\n\nIf you are restoring a DB cluster to a point in time with `RestoreType` set to `copy-on-write` , and don't specify a DB subnet group name, then the DB cluster is restored with a default DB subnet group.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "DBSubnetGroupName", + "type": "string" + }, + "DBSystemId": { + "markdownDescription": "Reserved for future use.", + "title": "DBSystemId", + "type": "string" + }, + "DatabaseInsightsMode": { + "markdownDescription": "The mode of Database Insights to enable for the DB cluster.\n\nIf you set this value to `advanced` , you must also set the `PerformanceInsightsEnabled` parameter to `true` and the `PerformanceInsightsRetentionPeriod` parameter to 465.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters", + "title": "DatabaseInsightsMode", + "type": "string" + }, + "DatabaseName": { + "markdownDescription": "The name of your database. If you don't provide a name, then Amazon RDS won't create a database in this DB cluster. For naming constraints, see [Naming Constraints](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/CHAP_Limits.html#RDS_Limits.Constraints) in the *Amazon Aurora User Guide* .\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "DatabaseName", + "type": "string" + }, + "DeleteAutomatedBackups": { + "markdownDescription": "Specifies whether to remove automated backups immediately after the DB cluster is deleted. This parameter isn't case-sensitive. The default is to remove automated backups immediately after the DB cluster is deleted, unless the AWS Backup policy specifies a point-in-time restore rule.", + "title": "DeleteAutomatedBackups", + "type": "boolean" + }, + "DeletionProtection": { + "markdownDescription": "A value that indicates whether the DB cluster has deletion protection enabled. The database can't be deleted when deletion protection is enabled. By default, deletion protection is disabled.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "DeletionProtection", + "type": "boolean" + }, + "Domain": { + "markdownDescription": "Indicates the directory ID of the Active Directory to create the DB cluster.\n\nFor Amazon Aurora DB clusters, Amazon RDS can use Kerberos authentication to authenticate users that connect to the DB cluster.\n\nFor more information, see [Kerberos authentication](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/kerberos-authentication.html) in the *Amazon Aurora User Guide* .\n\nValid for: Aurora DB clusters only", + "title": "Domain", + "type": "string" + }, + "DomainIAMRoleName": { + "markdownDescription": "Specifies the name of the IAM role to use when making API calls to the Directory Service.\n\nValid for: Aurora DB clusters only", + "title": "DomainIAMRoleName", + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of log types that need to be enabled for exporting to CloudWatch Logs. The values in the list depend on the DB engine being used. For more information, see [Publishing Database Logs to Amazon CloudWatch Logs](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_LogAccess.html#USER_LogAccess.Procedural.UploadtoCloudWatch) in the *Amazon Aurora User Guide* .\n\n*Aurora MySQL*\n\nValid values: `audit` , `error` , `general` , `slowquery`\n\n*Aurora PostgreSQL*\n\nValid values: `postgresql`\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "EnableCloudwatchLogsExports", + "type": "array" + }, + "EnableGlobalWriteForwarding": { + "markdownDescription": "Specifies whether to enable this DB cluster to forward write operations to the primary cluster of a global cluster (Aurora global database). By default, write operations are not allowed on Aurora DB clusters that are secondary clusters in an Aurora global database.\n\nYou can set this value only on Aurora DB clusters that are members of an Aurora global database. With this parameter enabled, a secondary cluster can forward writes to the current primary cluster, and the resulting changes are replicated back to this cluster. For the primary DB cluster of an Aurora global database, this value is used immediately if the primary is demoted by a global cluster API operation, but it does nothing until then.\n\nValid for Cluster Type: Aurora DB clusters only", + "title": "EnableGlobalWriteForwarding", + "type": "boolean" + }, + "EnableHttpEndpoint": { + "markdownDescription": "Specifies whether to enable the HTTP endpoint for the DB cluster. By default, the HTTP endpoint isn't enabled.\n\nWhen enabled, the HTTP endpoint provides a connectionless web service API (RDS Data API) for running SQL queries on the DB cluster. You can also query your database from inside the RDS console with the RDS query editor.\n\nFor more information, see [Using RDS Data API](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/data-api.html) in the *Amazon Aurora User Guide* .\n\nValid for Cluster Type: Aurora DB clusters only", + "title": "EnableHttpEndpoint", + "type": "boolean" + }, + "EnableIAMDatabaseAuthentication": { + "markdownDescription": "A value that indicates whether to enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts. By default, mapping is disabled.\n\nFor more information, see [IAM Database Authentication](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.IAMDBAuth.html) in the *Amazon Aurora User Guide.*\n\nValid for: Aurora DB clusters only", + "title": "EnableIAMDatabaseAuthentication", + "type": "boolean" + }, + "EnableLocalWriteForwarding": { + "markdownDescription": "Specifies whether read replicas can forward write operations to the writer DB instance in the DB cluster. By default, write operations aren't allowed on reader DB instances.\n\nValid for: Aurora DB clusters only", + "title": "EnableLocalWriteForwarding", + "type": "boolean" + }, + "Engine": { + "markdownDescription": "The name of the database engine to be used for this DB cluster.\n\nValid Values:\n\n- `aurora-mysql`\n- `aurora-postgresql`\n- `mysql`\n- `postgres`\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "Engine", + "type": "string" + }, + "EngineLifecycleSupport": { + "markdownDescription": "The life cycle type for this DB cluster.\n\n> By default, this value is set to `open-source-rds-extended-support` , which enrolls your DB cluster into Amazon RDS Extended Support. At the end of standard support, you can avoid charges for Extended Support by setting the value to `open-source-rds-extended-support-disabled` . In this case, creating the DB cluster will fail if the DB major version is past its end of standard support date. \n\nYou can use this setting to enroll your DB cluster into Amazon RDS Extended Support. With RDS Extended Support, you can run the selected major engine version on your DB cluster past the end of standard support for that engine version. For more information, see the following sections:\n\n- Amazon Aurora - [Amazon RDS Extended Support with Amazon Aurora](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/extended-support.html) in the *Amazon Aurora User Guide*\n- Amazon RDS - [Amazon RDS Extended Support with Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/extended-support.html) in the *Amazon RDS User Guide*\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n\nValid Values: `open-source-rds-extended-support | open-source-rds-extended-support-disabled`\n\nDefault: `open-source-rds-extended-support`", + "title": "EngineLifecycleSupport", + "type": "string" + }, + "EngineMode": { + "markdownDescription": "The DB engine mode of the DB cluster, either `provisioned` or `serverless` .\n\nThe `serverless` engine mode only applies for Aurora Serverless v1 DB clusters. Aurora Serverless v2 DB clusters use the `provisioned` engine mode.\n\nFor information about limitations and requirements for Serverless DB clusters, see the following sections in the *Amazon Aurora User Guide* :\n\n- [Limitations of Aurora Serverless v1](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.html#aurora-serverless.limitations)\n- [Requirements for Aurora Serverless v2](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless-v2.requirements.html)\n\nValid for Cluster Type: Aurora DB clusters only", + "title": "EngineMode", + "type": "string" + }, + "EngineVersion": { + "markdownDescription": "The version number of the database engine to use.\n\nTo list all of the available engine versions for Aurora MySQL version 2 (5.7-compatible) and version 3 (8.0-compatible), use the following command:\n\n`aws rds describe-db-engine-versions --engine aurora-mysql --query \"DBEngineVersions[].EngineVersion\"`\n\nYou can supply either `5.7` or `8.0` to use the default engine version for Aurora MySQL version 2 or version 3, respectively.\n\nTo list all of the available engine versions for Aurora PostgreSQL, use the following command:\n\n`aws rds describe-db-engine-versions --engine aurora-postgresql --query \"DBEngineVersions[].EngineVersion\"`\n\nTo list all of the available engine versions for RDS for MySQL, use the following command:\n\n`aws rds describe-db-engine-versions --engine mysql --query \"DBEngineVersions[].EngineVersion\"`\n\nTo list all of the available engine versions for RDS for PostgreSQL, use the following command:\n\n`aws rds describe-db-engine-versions --engine postgres --query \"DBEngineVersions[].EngineVersion\"`\n\n*Aurora MySQL*\n\nFor information, see [Database engine updates for Amazon Aurora MySQL](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraMySQL.Updates.html) in the *Amazon Aurora User Guide* .\n\n*Aurora PostgreSQL*\n\nFor information, see [Amazon Aurora PostgreSQL releases and engine versions](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraPostgreSQL.Updates.20180305.html) in the *Amazon Aurora User Guide* .\n\n*MySQL*\n\nFor information, see [Amazon RDS for MySQL](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MySQL.html#MySQL.Concepts.VersionMgmt) in the *Amazon RDS User Guide* .\n\n*PostgreSQL*\n\nFor information, see [Amazon RDS for PostgreSQL](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_PostgreSQL.html#PostgreSQL.Concepts) in the *Amazon RDS User Guide* .\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "EngineVersion", + "type": "string" + }, + "GlobalClusterIdentifier": { + "markdownDescription": "If you are configuring an Aurora global database cluster and want your Aurora DB cluster to be a secondary member in the global database cluster, specify the global cluster ID of the global database cluster. To define the primary database cluster of the global cluster, use the [AWS::RDS::GlobalCluster](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-globalcluster.html) resource.\n\nIf you aren't configuring a global database cluster, don't specify this property.\n\n> To remove the DB cluster from a global database cluster, specify an empty value for the `GlobalClusterIdentifier` property. \n\nFor information about Aurora global databases, see [Working with Amazon Aurora Global Databases](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database.html) in the *Amazon Aurora User Guide* .\n\nValid for: Aurora DB clusters only", + "title": "GlobalClusterIdentifier", + "type": "string" + }, + "Iops": { + "markdownDescription": "The amount of Provisioned IOPS (input/output operations per second) to be initially allocated for each DB instance in the Multi-AZ DB cluster.\n\nFor information about valid IOPS values, see [Provisioned IOPS storage](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#USER_PIOPS) in the *Amazon RDS User Guide* .\n\nThis setting is required to create a Multi-AZ DB cluster.\n\nValid for Cluster Type: Multi-AZ DB clusters only\n\nConstraints:\n\n- Must be a multiple between .5 and 50 of the storage amount for the DB cluster.", + "title": "Iops", + "type": "number" + }, + "KmsKeyId": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key that is used to encrypt the database instances in the DB cluster, such as `arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef` . If you enable the `StorageEncrypted` property but don't specify this property, the default KMS key is used. If you specify this property, you must set the `StorageEncrypted` property to `true` .\n\nIf you specify the `SnapshotIdentifier` property, the `StorageEncrypted` property value is inherited from the snapshot, and if the DB cluster is encrypted, the specified `KmsKeyId` property is used.\n\nIf you create a read replica of an encrypted DB cluster in another AWS Region, make sure to set `KmsKeyId` to a KMS key identifier that is valid in the destination AWS Region. This KMS key is used to encrypt the read replica in that AWS Region.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "KmsKeyId", + "type": "string" + }, + "ManageMasterUserPassword": { + "markdownDescription": "Specifies whether to manage the master user password with AWS Secrets Manager.\n\nFor more information, see [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide* and [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html) in the *Amazon Aurora User Guide.*\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n\nConstraints:\n\n- Can't manage the master user password with AWS Secrets Manager if `MasterUserPassword` is specified.", + "title": "ManageMasterUserPassword", + "type": "boolean" + }, + "MasterUserPassword": { + "markdownDescription": "The master password for the DB instance.\n\n> If you specify the `SourceDBClusterIdentifier` , `SnapshotIdentifier` , or `GlobalClusterIdentifier` property, don't specify this property. The value is inherited from the source DB cluster, the snapshot, or the primary DB cluster for the global database cluster, respectively. \n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "MasterUserPassword", + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/AWS::RDS::DBCluster.MasterUserSecret", + "markdownDescription": "The secret managed by RDS in AWS Secrets Manager for the master user password.\n\n> When you restore a DB cluster from a snapshot, Amazon RDS generates a new secret instead of reusing the secret specified in the `SecretArn` property. This ensures that the restored DB cluster is securely managed with a dedicated secret. To maintain consistent integration with your application, you might need to update resource configurations to reference the newly created secret. \n\nFor more information, see [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide* and [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html) in the *Amazon Aurora User Guide.*", + "title": "MasterUserSecret" + }, + "MasterUsername": { + "markdownDescription": "The name of the master user for the DB cluster.\n\n> If you specify the `SourceDBClusterIdentifier` , `SnapshotIdentifier` , or `GlobalClusterIdentifier` property, don't specify this property. The value is inherited from the source DB cluster, the snapshot, or the primary DB cluster for the global database cluster, respectively. \n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "MasterUsername", + "type": "string" + }, + "MonitoringInterval": { + "markdownDescription": "The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB cluster. To turn off collecting Enhanced Monitoring metrics, specify `0` .\n\nIf `MonitoringRoleArn` is specified, also set `MonitoringInterval` to a value other than `0` .\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n\nValid Values: `0 | 1 | 5 | 10 | 15 | 30 | 60`\n\nDefault: `0`", + "title": "MonitoringInterval", + "type": "number" + }, + "MonitoringRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the IAM role that permits RDS to send Enhanced Monitoring metrics to Amazon CloudWatch Logs. An example is `arn:aws:iam:123456789012:role/emaccess` . For information on creating a monitoring role, see [Setting up and enabling Enhanced Monitoring](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.OS.html#USER_Monitoring.OS.Enabling) in the *Amazon RDS User Guide* .\n\nIf `MonitoringInterval` is set to a value other than `0` , supply a `MonitoringRoleArn` value.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters", + "title": "MonitoringRoleArn", + "type": "string" + }, + "NetworkType": { + "markdownDescription": "The network type of the DB cluster.\n\nValid values:\n\n- `IPV4`\n- `DUAL`\n\nThe network type is determined by the `DBSubnetGroup` specified for the DB cluster. A `DBSubnetGroup` can support only the IPv4 protocol or the IPv4 and IPv6 protocols ( `DUAL` ).\n\nFor more information, see [Working with a DB instance in a VPC](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_VPC.WorkingWithRDSInstanceinaVPC.html) in the *Amazon Aurora User Guide.*\n\nValid for: Aurora DB clusters only", + "title": "NetworkType", + "type": "string" + }, + "PerformanceInsightsEnabled": { + "markdownDescription": "Specifies whether to turn on Performance Insights for the DB cluster.\n\nFor more information, see [Using Amazon Performance Insights](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.html) in the *Amazon RDS User Guide* .\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters", + "title": "PerformanceInsightsEnabled", + "type": "boolean" + }, + "PerformanceInsightsKmsKeyId": { + "markdownDescription": "The AWS KMS key identifier for encryption of Performance Insights data.\n\nThe AWS KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.\n\nIf you don't specify a value for `PerformanceInsightsKMSKeyId` , then Amazon RDS uses your default KMS key. There is a default KMS key for your AWS account . Your AWS account has a different default KMS key for each AWS Region .\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters", + "title": "PerformanceInsightsKmsKeyId", + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "markdownDescription": "The number of days to retain Performance Insights data. When creating a DB cluster without enabling Performance Insights, you can't specify the parameter `PerformanceInsightsRetentionPeriod` .\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n\nValid Values:\n\n- `7`\n- *month* * 31, where *month* is a number of months from 1-23. Examples: `93` (3 months * 31), `341` (11 months * 31), `589` (19 months * 31)\n- `731`\n\nDefault: `7` days\n\nIf you specify a retention period that isn't valid, such as `94` , Amazon RDS issues an error.", + "title": "PerformanceInsightsRetentionPeriod", + "type": "number" + }, + "Port": { + "markdownDescription": "The port number on which the DB instances in the DB cluster accept connections.\n\nDefault:\n\n- When `EngineMode` is `provisioned` , `3306` (for both Aurora MySQL and Aurora PostgreSQL)\n- When `EngineMode` is `serverless` :\n\n- `3306` when `Engine` is `aurora` or `aurora-mysql`\n- `5432` when `Engine` is `aurora-postgresql`\n\n> The `No interruption` on update behavior only applies to DB clusters. If you are updating a DB instance, see [Port](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-port) for the AWS::RDS::DBInstance resource. \n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "Port", + "type": "number" + }, + "PreferredBackupWindow": { + "markdownDescription": "The daily time range during which automated backups are created. For more information, see [Backup Window](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Managing.Backups.html#Aurora.Managing.Backups.BackupWindow) in the *Amazon Aurora User Guide.*\n\nConstraints:\n\n- Must be in the format `hh24:mi-hh24:mi` .\n- Must be in Universal Coordinated Time (UTC).\n- Must not conflict with the preferred maintenance window.\n- Must be at least 30 minutes.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "PreferredBackupWindow", + "type": "string" + }, + "PreferredMaintenanceWindow": { + "markdownDescription": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n\nFormat: `ddd:hh24:mi-ddd:hh24:mi`\n\nThe default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region, occurring on a random day of the week. To see the time blocks available, see [Maintaining an Amazon Aurora DB cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_UpgradeDBInstance.Maintenance.html#AdjustingTheMaintenanceWindow.Aurora) in the *Amazon Aurora User Guide.*\n\nValid Days: Mon, Tue, Wed, Thu, Fri, Sat, Sun.\n\nConstraints: Minimum 30-minute window.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "PreferredMaintenanceWindow", + "type": "string" + }, + "PubliclyAccessible": { + "markdownDescription": "Specifies whether the DB cluster is publicly accessible.\n\nWhen the DB cluster is publicly accessible and you connect from outside of the DB cluster's virtual private cloud (VPC), its Domain Name System (DNS) endpoint resolves to the public IP address. When you connect from within the same VPC as the DB cluster, the endpoint resolves to the private IP address. Access to the DB cluster is ultimately controlled by the security group it uses. That public access isn't permitted if the security group assigned to the DB cluster doesn't permit it.\n\nWhen the DB cluster isn't publicly accessible, it is an internal DB cluster with a DNS name that resolves to a private IP address.\n\nValid for Cluster Type: Multi-AZ DB clusters only\n\nDefault: The default behavior varies depending on whether `DBSubnetGroupName` is specified.\n\nIf `DBSubnetGroupName` isn't specified, and `PubliclyAccessible` isn't specified, the following applies:\n\n- If the default VPC in the target Region doesn\u2019t have an internet gateway attached to it, the DB cluster is private.\n- If the default VPC in the target Region has an internet gateway attached to it, the DB cluster is public.\n\nIf `DBSubnetGroupName` is specified, and `PubliclyAccessible` isn't specified, the following applies:\n\n- If the subnets are part of a VPC that doesn\u2019t have an internet gateway attached to it, the DB cluster is private.\n- If the subnets are part of a VPC that has an internet gateway attached to it, the DB cluster is public.", + "title": "PubliclyAccessible", + "type": "boolean" + }, + "ReplicationSourceIdentifier": { + "markdownDescription": "The Amazon Resource Name (ARN) of the source DB instance or DB cluster if this DB cluster is created as a read replica.\n\nValid for: Aurora DB clusters only", + "title": "ReplicationSourceIdentifier", + "type": "string" + }, + "RestoreToTime": { + "markdownDescription": "The date and time to restore the DB cluster to.\n\nValid Values: Value must be a time in Universal Coordinated Time (UTC) format\n\nConstraints:\n\n- Must be before the latest restorable time for the DB instance\n- Must be specified if `UseLatestRestorableTime` parameter isn't provided\n- Can't be specified if the `UseLatestRestorableTime` parameter is enabled\n- Can't be specified if the `RestoreType` parameter is `copy-on-write`\n\nThis property must be used with `SourceDBClusterIdentifier` property. The resulting cluster will have the identifier that matches the value of the `DBclusterIdentifier` property.\n\nExample: `2015-03-07T23:45:00Z`\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "RestoreToTime", + "type": "string" + }, + "RestoreType": { + "markdownDescription": "The type of restore to be performed. You can specify one of the following values:\n\n- `full-copy` - The new DB cluster is restored as a full copy of the source DB cluster.\n- `copy-on-write` - The new DB cluster is restored as a clone of the source DB cluster.\n\nIf you don't specify a `RestoreType` value, then the new DB cluster is restored as a full copy of the source DB cluster.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "RestoreType", + "type": "string" + }, + "ScalingConfiguration": { + "$ref": "#/definitions/AWS::RDS::DBCluster.ScalingConfiguration", + "markdownDescription": "The scaling configuration of an Aurora Serverless v1 DB cluster.\n\nThis property is only supported for Aurora Serverless v1. For Aurora Serverless v2, Use the `ServerlessV2ScalingConfiguration` property.\n\nValid for: Aurora Serverless v1 DB clusters only", + "title": "ScalingConfiguration" + }, + "ServerlessV2ScalingConfiguration": { + "$ref": "#/definitions/AWS::RDS::DBCluster.ServerlessV2ScalingConfiguration", + "markdownDescription": "The scaling configuration of an Aurora Serverless V2 DB cluster.\n\nThis property is only supported for Aurora Serverless v2. For Aurora Serverless v1, Use the `ScalingConfiguration` property.\n\nValid for: Aurora Serverless v2 DB clusters only", + "title": "ServerlessV2ScalingConfiguration" + }, + "SnapshotIdentifier": { + "markdownDescription": "The identifier for the DB snapshot or DB cluster snapshot to restore from.\n\nYou can use either the name or the Amazon Resource Name (ARN) to specify a DB cluster snapshot. However, you can use only the ARN to specify a DB snapshot.\n\nAfter you restore a DB cluster with a `SnapshotIdentifier` property, you must specify the same `SnapshotIdentifier` property for any future updates to the DB cluster. When you specify this property for an update, the DB cluster is not restored from the snapshot again, and the data in the database is not changed. However, if you don't specify the `SnapshotIdentifier` property, an empty DB cluster is created, and the original DB cluster is deleted. If you specify a property that is different from the previous snapshot restore property, a new DB cluster is restored from the specified `SnapshotIdentifier` property, and the original DB cluster is deleted.\n\nIf you specify the `SnapshotIdentifier` property to restore a DB cluster (as opposed to specifying it for DB cluster updates), then don't specify the following properties:\n\n- `GlobalClusterIdentifier`\n- `MasterUsername`\n- `MasterUserPassword`\n- `ReplicationSourceIdentifier`\n- `RestoreType`\n- `SourceDBClusterIdentifier`\n- `SourceRegion`\n- `StorageEncrypted` (for an encrypted snapshot)\n- `UseLatestRestorableTime`\n\nConstraints:\n\n- Must match the identifier of an existing Snapshot.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "SnapshotIdentifier", + "type": "string" + }, + "SourceDBClusterIdentifier": { + "markdownDescription": "When restoring a DB cluster to a point in time, the identifier of the source DB cluster from which to restore.\n\nConstraints:\n\n- Must match the identifier of an existing DBCluster.\n- Cannot be specified if `SourceDbClusterResourceId` is specified. You must specify either `SourceDBClusterIdentifier` or `SourceDbClusterResourceId` , but not both.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "SourceDBClusterIdentifier", + "type": "string" + }, + "SourceRegion": { + "markdownDescription": "The AWS Region which contains the source DB cluster when replicating a DB cluster. For example, `us-east-1` .\n\nValid for: Aurora DB clusters only", + "title": "SourceRegion", + "type": "string" + }, + "StorageEncrypted": { + "markdownDescription": "Indicates whether the DB cluster is encrypted.\n\nIf you specify the `KmsKeyId` property, then you must enable encryption.\n\nIf you specify the `SourceDBClusterIdentifier` property, don't specify this property. The value is inherited from the source DB cluster, and if the DB cluster is encrypted, the specified `KmsKeyId` property is used.\n\nIf you specify the `SnapshotIdentifier` and the specified snapshot is encrypted, don't specify this property. The value is inherited from the snapshot, and the specified `KmsKeyId` property is used.\n\nIf you specify the `SnapshotIdentifier` and the specified snapshot isn't encrypted, you can use this property to specify that the restored DB cluster is encrypted. Specify the `KmsKeyId` property for the KMS key to use for encryption. If you don't want the restored DB cluster to be encrypted, then don't set this property or set it to `false` .\n\n> If you specify both the `StorageEncrypted` and `SnapshotIdentifier` properties without specifying the `KmsKeyId` property, then the restored DB cluster inherits the encryption settings from the DB snapshot that provide. \n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "StorageEncrypted", + "type": "boolean" + }, + "StorageType": { + "markdownDescription": "The storage type to associate with the DB cluster.\n\nFor information on storage types for Aurora DB clusters, see [Storage configurations for Amazon Aurora DB clusters](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Overview.StorageReliability.html#aurora-storage-type) . For information on storage types for Multi-AZ DB clusters, see [Settings for creating Multi-AZ DB clusters](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/create-multi-az-db-cluster.html#create-multi-az-db-cluster-settings) .\n\nThis setting is required to create a Multi-AZ DB cluster.\n\nWhen specified for a Multi-AZ DB cluster, a value for the `Iops` parameter is required.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n\nValid Values:\n\n- Aurora DB clusters - `aurora | aurora-iopt1`\n- Multi-AZ DB clusters - `io1 | io2 | gp3`\n\nDefault:\n\n- Aurora DB clusters - `aurora`\n- Multi-AZ DB clusters - `io1`\n\n> When you create an Aurora DB cluster with the storage type set to `aurora-iopt1` , the storage type is returned in the response. The storage type isn't returned when you set it to `aurora` .", + "title": "StorageType", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags to assign to the DB cluster.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters", + "title": "Tags", + "type": "array" + }, + "UseLatestRestorableTime": { + "markdownDescription": "A value that indicates whether to restore the DB cluster to the latest restorable backup time. By default, the DB cluster is not restored to the latest restorable backup time.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "UseLatestRestorableTime", + "type": "boolean" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of EC2 VPC security groups to associate with this DB cluster.\n\nIf you plan to update the resource, don't specify VPC security groups in a shared VPC.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "VpcSecurityGroupIds", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RDS::DBCluster" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::RDS::DBCluster.DBClusterRole": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "markdownDescription": "The name of the feature associated with the AWS Identity and Access Management (IAM) role. IAM roles that are associated with a DB cluster grant permission for the DB cluster to access other AWS services on your behalf. For the list of supported feature names, see the `SupportedFeatureNames` description in [DBEngineVersion](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DBEngineVersion.html) in the *Amazon RDS API Reference* .", + "title": "FeatureName", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that is associated with the DB cluster.", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "RoleArn" + ], + "type": "object" + }, + "AWS::RDS::DBCluster.Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "markdownDescription": "Specifies the connection endpoint for the primary instance of the DB cluster.", + "title": "Address", + "type": "string" + }, + "Port": { + "markdownDescription": "Specifies the port that the database engine is listening on.", + "title": "Port", + "type": "string" + } + }, + "type": "object" + }, + "AWS::RDS::DBCluster.MasterUserSecret": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "markdownDescription": "The AWS KMS key identifier that is used to encrypt the secret.", + "title": "KmsKeyId", + "type": "string" + }, + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the secret. This parameter is a return value that you can retrieve using the `Fn::GetAtt` intrinsic function. For more information, see [Return values](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#aws-resource-rds-dbcluster-return-values) .", + "title": "SecretArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::RDS::DBCluster.ReadEndpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "markdownDescription": "The host address of the reader endpoint.", + "title": "Address", + "type": "string" + } + }, + "type": "object" + }, + "AWS::RDS::DBCluster.ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "AutoPause": { + "markdownDescription": "Indicates whether to allow or disallow automatic pause for an Aurora DB cluster in `serverless` DB engine mode. A DB cluster can be paused only when it's idle (it has no connections).\n\n> If a DB cluster is paused for more than seven days, the DB cluster might be backed up with a snapshot. In this case, the DB cluster is restored when there is a request to connect to it.", + "title": "AutoPause", + "type": "boolean" + }, + "MaxCapacity": { + "markdownDescription": "The maximum capacity for an Aurora DB cluster in `serverless` DB engine mode.\n\nFor Aurora MySQL, valid capacity values are `1` , `2` , `4` , `8` , `16` , `32` , `64` , `128` , and `256` .\n\nFor Aurora PostgreSQL, valid capacity values are `2` , `4` , `8` , `16` , `32` , `64` , `192` , and `384` .\n\nThe maximum capacity must be greater than or equal to the minimum capacity.", + "title": "MaxCapacity", + "type": "number" + }, + "MinCapacity": { + "markdownDescription": "The minimum capacity for an Aurora DB cluster in `serverless` DB engine mode.\n\nFor Aurora MySQL, valid capacity values are `1` , `2` , `4` , `8` , `16` , `32` , `64` , `128` , and `256` .\n\nFor Aurora PostgreSQL, valid capacity values are `2` , `4` , `8` , `16` , `32` , `64` , `192` , and `384` .\n\nThe minimum capacity must be less than or equal to the maximum capacity.", + "title": "MinCapacity", + "type": "number" + }, + "SecondsBeforeTimeout": { + "markdownDescription": "The amount of time, in seconds, that Aurora Serverless v1 tries to find a scaling point to perform seamless scaling before enforcing the timeout action. The default is 300.\n\nSpecify a value between 60 and 600 seconds.", + "title": "SecondsBeforeTimeout", + "type": "number" + }, + "SecondsUntilAutoPause": { + "markdownDescription": "The time, in seconds, before an Aurora DB cluster in `serverless` mode is paused.\n\nSpecify a value between 300 and 86,400 seconds.", + "title": "SecondsUntilAutoPause", + "type": "number" + }, + "TimeoutAction": { + "markdownDescription": "The action to take when the timeout is reached, either `ForceApplyCapacityChange` or `RollbackCapacityChange` .\n\n`ForceApplyCapacityChange` sets the capacity to the specified value as soon as possible.\n\n`RollbackCapacityChange` , the default, ignores the capacity change if a scaling point isn't found in the timeout period.\n\n> If you specify `ForceApplyCapacityChange` , connections that prevent Aurora Serverless v1 from finding a scaling point might be dropped. \n\nFor more information, see [Autoscaling for Aurora Serverless v1](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.how-it-works.html#aurora-serverless.how-it-works.auto-scaling) in the *Amazon Aurora User Guide* .", + "title": "TimeoutAction", + "type": "string" + } + }, + "type": "object" + }, + "AWS::RDS::DBCluster.ServerlessV2ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "MaxCapacity": { + "markdownDescription": "The maximum number of Aurora capacity units (ACUs) for a DB instance in an Aurora Serverless v2 cluster. You can specify ACU values in half-step increments, such as 40, 40.5, 41, and so on. The largest value that you can use is 128.\n\nThe maximum capacity must be higher than 0.5 ACUs. For more information, see [Choosing the maximum Aurora Serverless v2 capacity setting for a cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless-v2.setting-capacity.html#aurora-serverless-v2.max_capacity_considerations) in the *Amazon Aurora User Guide* .\n\nAurora automatically sets certain parameters for Aurora Serverless V2 DB instances to values that depend on the maximum ACU value in the capacity range. When you update the maximum capacity value, the `ParameterApplyStatus` value for the DB instance changes to `pending-reboot` . You can update the parameter values by rebooting the DB instance after changing the capacity range.", + "title": "MaxCapacity", + "type": "number" + }, + "MinCapacity": { + "markdownDescription": "The minimum number of Aurora capacity units (ACUs) for a DB instance in an Aurora Serverless v2 cluster. You can specify ACU values in half-step increments, such as 8, 8.5, 9, and so on. For Aurora versions that support the Aurora Serverless v2 auto-pause feature, the smallest value that you can use is 0. For versions that don't support Aurora Serverless v2 auto-pause, the smallest value that you can use is 0.5.", + "title": "MinCapacity", + "type": "number" + }, + "SecondsUntilAutoPause": { + "markdownDescription": "Specifies the number of seconds an Aurora Serverless v2 DB instance must be idle before Aurora attempts to automatically pause it.\n\nSpecify a value between 300 seconds (five minutes) and 86,400 seconds (one day). The default is 300 seconds.", + "title": "SecondsUntilAutoPause", + "type": "number" + } + }, + "type": "object" + }, + "AWS::RDS::DBClusterParameterGroup": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DBClusterParameterGroupName": { + "markdownDescription": "The name of the DB cluster parameter group.\n\nConstraints:\n\n- Must not match the name of an existing DB cluster parameter group.\n\n> This value is stored as a lowercase string.", + "title": "DBClusterParameterGroupName", + "type": "string" + }, + "Description": { + "markdownDescription": "The description for the DB cluster parameter group.", + "title": "Description", + "type": "string" + }, + "Family": { + "markdownDescription": "The DB cluster parameter group family name. A DB cluster parameter group can be associated with one and only one DB cluster parameter group family, and can be applied only to a DB cluster running a database engine and engine version compatible with that DB cluster parameter group family.\n\n*Aurora MySQL*\n\nExample: `aurora-mysql5.7` , `aurora-mysql8.0`\n\n*Aurora PostgreSQL*\n\nExample: `aurora-postgresql14`\n\n*RDS for MySQL*\n\nExample: `mysql8.0`\n\n*RDS for PostgreSQL*\n\nExample: `postgres13`\n\nTo list all of the available parameter group families for a DB engine, use the following command:\n\n`aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine `\n\nFor example, to list all of the available parameter group families for the Aurora PostgreSQL DB engine, use the following command:\n\n`aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine aurora-postgresql`\n\n> The output contains duplicates. \n\nThe following are the valid DB engine values:\n\n- `aurora-mysql`\n- `aurora-postgresql`\n- `mysql`\n- `postgres`", + "title": "Family", + "type": "string" + }, + "Parameters": { + "markdownDescription": "Provides a list of parameters for the DB cluster parameter group.", + "title": "Parameters", + "type": "object" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags to assign to the DB cluster parameter group.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Description", + "Family", + "Parameters" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RDS::DBClusterParameterGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::RDS::DBInstance": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AllocatedStorage": { + "markdownDescription": "The amount of storage in gibibytes (GiB) to be initially allocated for the database instance.\n\n> If any value is set in the `Iops` parameter, `AllocatedStorage` must be at least 100 GiB, which corresponds to the minimum Iops value of 1,000. If you increase the `Iops` value (in 1,000 IOPS increments), then you must also increase the `AllocatedStorage` value (in 100-GiB increments). \n\n*Amazon Aurora*\n\nNot applicable. Aurora cluster volumes automatically grow as the amount of data in your database increases, though you are only charged for the space that you use in an Aurora cluster volume.\n\n*Db2*\n\nConstraints to the amount of storage for each storage type are the following:\n\n- General Purpose (SSD) storage (gp3): Must be an integer from 20 to 64000.\n- Provisioned IOPS storage (io1): Must be an integer from 100 to 64000.\n\n*MySQL*\n\nConstraints to the amount of storage for each storage type are the following:\n\n- General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.\n- Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.\n- Magnetic storage (standard): Must be an integer from 5 to 3072.\n\n*MariaDB*\n\nConstraints to the amount of storage for each storage type are the following:\n\n- General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.\n- Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.\n- Magnetic storage (standard): Must be an integer from 5 to 3072.\n\n*PostgreSQL*\n\nConstraints to the amount of storage for each storage type are the following:\n\n- General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.\n- Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.\n- Magnetic storage (standard): Must be an integer from 5 to 3072.\n\n*Oracle*\n\nConstraints to the amount of storage for each storage type are the following:\n\n- General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.\n- Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.\n- Magnetic storage (standard): Must be an integer from 10 to 3072.\n\n*SQL Server*\n\nConstraints to the amount of storage for each storage type are the following:\n\n- General Purpose (SSD) storage (gp2):\n\n- Enterprise and Standard editions: Must be an integer from 20 to 16384.\n- Web and Express editions: Must be an integer from 20 to 16384.\n- Provisioned IOPS storage (io1):\n\n- Enterprise and Standard editions: Must be an integer from 20 to 16384.\n- Web and Express editions: Must be an integer from 20 to 16384.\n- Magnetic storage (standard):\n\n- Enterprise and Standard editions: Must be an integer from 20 to 1024.\n- Web and Express editions: Must be an integer from 20 to 1024.", + "title": "AllocatedStorage", + "type": "string" + }, + "AllowMajorVersionUpgrade": { + "markdownDescription": "A value that indicates whether major version upgrades are allowed. Changing this parameter doesn't result in an outage and the change is asynchronously applied as soon as possible.\n\nConstraints: Major version upgrades must be allowed when specifying a value for the `EngineVersion` parameter that is a different major version than the DB instance's current version.", + "title": "AllowMajorVersionUpgrade", + "type": "boolean" + }, + "ApplyImmediately": { + "markdownDescription": "Specifies whether changes to the DB instance and any pending modifications are applied immediately, regardless of the `PreferredMaintenanceWindow` setting. If set to `false` , changes are applied during the next maintenance window. Until RDS applies the changes, the DB instance remains in a drift state. As a result, the configuration doesn't fully reflect the requested modifications and temporarily diverges from the intended state.\n\nIn addition to the settings described in [Modifying a DB instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.DBInstance.Modifying.html) , this property also determines whether the DB instance reboots when a static parameter is modified in the associated DB parameter group.\n\nDefault: `true`", + "title": "ApplyImmediately", + "type": "boolean" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/AWS::RDS::DBInstance.DBInstanceRole" + }, + "markdownDescription": "The AWS Identity and Access Management (IAM) roles associated with the DB instance.\n\n*Amazon Aurora*\n\nNot applicable. The associated roles are managed by the DB cluster.", + "title": "AssociatedRoles", + "type": "array" + }, + "AutoMinorVersionUpgrade": { + "markdownDescription": "A value that indicates whether minor engine upgrades are applied automatically to the DB instance during the maintenance window. By default, minor engine upgrades are applied automatically.", + "title": "AutoMinorVersionUpgrade", + "type": "boolean" + }, + "AutomaticBackupReplicationKmsKeyId": { + "markdownDescription": "The AWS KMS key identifier for encryption of the replicated automated backups. The KMS key ID is the Amazon Resource Name (ARN) for the KMS encryption key in the destination AWS Region , for example, `arn:aws:kms:us-east-1:123456789012:key/AKIAIOSFODNN7EXAMPLE` .", + "title": "AutomaticBackupReplicationKmsKeyId", + "type": "string" + }, + "AutomaticBackupReplicationRegion": { + "markdownDescription": "The AWS Region associated with the automated backup.", + "title": "AutomaticBackupReplicationRegion", + "type": "string" + }, + "AutomaticBackupReplicationRetentionPeriod": { + "markdownDescription": "The retention period for automated backups in a different AWS Region. Use this parameter to set a unique retention period that only applies to cross-Region automated backups. To enable automated backups in a different Region, specify a positive value for the `AutomaticBackupReplicationRegion` parameter.\n\nIf not specified, this parameter defaults to the value of the `BackupRetentionPeriod` parameter. The maximum allowed value is 35.", + "title": "AutomaticBackupReplicationRetentionPeriod", + "type": "number" + }, + "AvailabilityZone": { + "markdownDescription": "The Availability Zone (AZ) where the database will be created. For information on AWS Regions and Availability Zones, see [Regions and Availability Zones](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html) .\n\nFor Amazon Aurora, each Aurora DB cluster hosts copies of its storage in three separate Availability Zones. Specify one of these Availability Zones. Aurora automatically chooses an appropriate Availability Zone if you don't specify one.\n\nDefault: A random, system-chosen Availability Zone in the endpoint's AWS Region .\n\nConstraints:\n\n- The `AvailabilityZone` parameter can't be specified if the DB instance is a Multi-AZ deployment.\n- The specified Availability Zone must be in the same AWS Region as the current endpoint.\n\nExample: `us-east-1d`", + "title": "AvailabilityZone", + "type": "string" + }, + "BackupRetentionPeriod": { + "markdownDescription": "The number of days for which automated backups are retained. Setting this parameter to a positive number enables backups. Setting this parameter to 0 disables automated backups.\n\n*Amazon Aurora*\n\nNot applicable. The retention period for automated backups is managed by the DB cluster.\n\nDefault: 1\n\nConstraints:\n\n- Must be a value from 0 to 35\n- Can't be set to 0 if the DB instance is a source to read replicas", + "title": "BackupRetentionPeriod", + "type": "number" + }, + "BackupTarget": { + "markdownDescription": "The location for storing automated backups and manual snapshots.\n\nValid Values:\n\n- `local` (Dedicated Local Zone)\n- `outposts` ( AWS Outposts)\n- `region` ( AWS Region )\n\nDefault: `region`\n\nFor more information, see [Working with Amazon RDS on AWS Outposts](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-on-outposts.html) in the *Amazon RDS User Guide* .", + "title": "BackupTarget", + "type": "string" + }, + "CACertificateIdentifier": { + "markdownDescription": "The identifier of the CA certificate for this DB instance.\n\nFor more information, see [Using SSL/TLS to encrypt a connection to a DB instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html) in the *Amazon RDS User Guide* and [Using SSL/TLS to encrypt a connection to a DB cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL.html) in the *Amazon Aurora User Guide* .", + "title": "CACertificateIdentifier", + "type": "string" + }, + "CertificateRotationRestart": { + "markdownDescription": "Specifies whether the DB instance is restarted when you rotate your SSL/TLS certificate.\n\nBy default, the DB instance is restarted when you rotate your SSL/TLS certificate. The certificate is not updated until the DB instance is restarted.\n\n> Set this parameter only if you are *not* using SSL/TLS to connect to the DB instance. \n\nIf you are using SSL/TLS to connect to the DB instance, follow the appropriate instructions for your DB engine to rotate your SSL/TLS certificate:\n\n- For more information about rotating your SSL/TLS certificate for RDS DB engines, see [Rotating Your SSL/TLS Certificate.](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL-certificate-rotation.html) in the *Amazon RDS User Guide.*\n- For more information about rotating your SSL/TLS certificate for Aurora DB engines, see [Rotating Your SSL/TLS Certificate](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL-certificate-rotation.html) in the *Amazon Aurora User Guide* .\n\nThis setting doesn't apply to RDS Custom DB instances.", + "title": "CertificateRotationRestart", + "type": "boolean" + }, + "CharacterSetName": { + "markdownDescription": "For supported engines, indicates that the DB instance should be associated with the specified character set.\n\n*Amazon Aurora*\n\nNot applicable. The character set is managed by the DB cluster. For more information, see [AWS::RDS::DBCluster](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html) .", + "title": "CharacterSetName", + "type": "string" + }, + "CopyTagsToSnapshot": { + "markdownDescription": "Specifies whether to copy tags from the DB instance to snapshots of the DB instance. By default, tags are not copied.\n\nThis setting doesn't apply to Amazon Aurora DB instances. Copying tags to snapshots is managed by the DB cluster. Setting this value for an Aurora DB instance has no effect on the DB cluster setting.", + "title": "CopyTagsToSnapshot", + "type": "boolean" + }, + "CustomIAMInstanceProfile": { + "markdownDescription": "The instance profile associated with the underlying Amazon EC2 instance of an RDS Custom DB instance.\n\nThis setting is required for RDS Custom.\n\nConstraints:\n\n- The profile must exist in your account.\n- The profile must have an IAM role that Amazon EC2 has permissions to assume.\n- The instance profile name and the associated IAM role name must start with the prefix `AWSRDSCustom` .\n\nFor the list of permissions required for the IAM role, see [Configure IAM and your VPC](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-setup-orcl.html#custom-setup-orcl.iam-vpc) in the *Amazon RDS User Guide* .", + "title": "CustomIAMInstanceProfile", + "type": "string" + }, + "DBClusterIdentifier": { + "markdownDescription": "The identifier of the DB cluster that this DB instance will belong to.\n\nThis setting doesn't apply to RDS Custom DB instances.", + "title": "DBClusterIdentifier", + "type": "string" + }, + "DBClusterSnapshotIdentifier": { + "markdownDescription": "The identifier for the Multi-AZ DB cluster snapshot to restore from.\n\nFor more information on Multi-AZ DB clusters, see [Multi-AZ DB cluster deployments](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) in the *Amazon RDS User Guide* .\n\nConstraints:\n\n- Must match the identifier of an existing Multi-AZ DB cluster snapshot.\n- Can't be specified when `DBSnapshotIdentifier` is specified.\n- Must be specified when `DBSnapshotIdentifier` isn't specified.\n- If you are restoring from a shared manual Multi-AZ DB cluster snapshot, the `DBClusterSnapshotIdentifier` must be the ARN of the shared snapshot.\n- Can't be the identifier of an Aurora DB cluster snapshot.", + "title": "DBClusterSnapshotIdentifier", + "type": "string" + }, + "DBInstanceClass": { + "markdownDescription": "The compute and memory capacity of the DB instance, for example `db.m5.large` . Not all DB instance classes are available in all AWS Regions , or for all database engines. For the full list of DB instance classes, and availability for your engine, see [DB instance classes](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html) in the *Amazon RDS User Guide* or [Aurora DB instance classes](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.DBInstanceClass.html) in the *Amazon Aurora User Guide* .", + "title": "DBInstanceClass", + "type": "string" + }, + "DBInstanceIdentifier": { + "markdownDescription": "A name for the DB instance. If you specify a name, AWS CloudFormation converts it to lowercase. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the DB instance. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nFor information about constraints that apply to DB instance identifiers, see [Naming constraints in Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints) in the *Amazon RDS User Guide* .\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "DBInstanceIdentifier", + "type": "string" + }, + "DBName": { + "markdownDescription": "The meaning of this parameter differs according to the database engine you use.\n\n> If you specify the `[DBSnapshotIdentifier](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-dbsnapshotidentifier)` property, this property only applies to RDS for Oracle. \n\n*Amazon Aurora*\n\nNot applicable. The database name is managed by the DB cluster.\n\n*Db2*\n\nThe name of the database to create when the DB instance is created. If this parameter isn't specified, no database is created in the DB instance.\n\nConstraints:\n\n- Must contain 1 to 64 letters or numbers.\n- Must begin with a letter. Subsequent characters can be letters, underscores, or digits (0-9).\n- Can't be a word reserved by the specified database engine.\n\n*MySQL*\n\nThe name of the database to create when the DB instance is created. If this parameter is not specified, no database is created in the DB instance.\n\nConstraints:\n\n- Must contain 1 to 64 letters or numbers.\n- Can't be a word reserved by the specified database engine\n\n*MariaDB*\n\nThe name of the database to create when the DB instance is created. If this parameter is not specified, no database is created in the DB instance.\n\nConstraints:\n\n- Must contain 1 to 64 letters or numbers.\n- Can't be a word reserved by the specified database engine\n\n*PostgreSQL*\n\nThe name of the database to create when the DB instance is created. If this parameter is not specified, the default `postgres` database is created in the DB instance.\n\nConstraints:\n\n- Must begin with a letter. Subsequent characters can be letters, underscores, or digits (0-9).\n- Must contain 1 to 63 characters.\n- Can't be a word reserved by the specified database engine\n\n*Oracle*\n\nThe Oracle System ID (SID) of the created DB instance. If you specify `null` , the default value `ORCL` is used. You can't specify the string NULL, or any other reserved word, for `DBName` .\n\nDefault: `ORCL`\n\nConstraints:\n\n- Can't be longer than 8 characters\n\n*SQL Server*\n\nNot applicable. Must be null.", + "title": "DBName", + "type": "string" + }, + "DBParameterGroupName": { + "markdownDescription": "The name of an existing DB parameter group or a reference to an [AWS::RDS::DBParameterGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-dbparametergroup.html) resource created in the template.\n\nTo list all of the available DB parameter group names, use the following command:\n\n`aws rds describe-db-parameter-groups --query \"DBParameterGroups[].DBParameterGroupName\" --output text`\n\n> If any of the data members of the referenced parameter group are changed during an update, the DB instance might need to be restarted, which causes some interruption. If the parameter group contains static parameters, whether they were changed or not, an update triggers a reboot. \n\nIf you don't specify a value for `DBParameterGroupName` property, the default DB parameter group for the specified engine and engine version is used.", + "title": "DBParameterGroupName", + "type": "string" + }, + "DBSecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the DB security groups to assign to the DB instance. The list can include both the name of existing DB security groups or references to AWS::RDS::DBSecurityGroup resources created in the template.\n\nIf you set DBSecurityGroups, you must not set VPCSecurityGroups, and vice versa. Also, note that the DBSecurityGroups property exists only for backwards compatibility with older regions and is no longer recommended for providing security information to an RDS DB instance. Instead, use VPCSecurityGroups.\n\n> If you specify this property, AWS CloudFormation sends only the following properties (if specified) to Amazon RDS during create operations:\n> \n> - `AllocatedStorage`\n> - `AutoMinorVersionUpgrade`\n> - `AvailabilityZone`\n> - `BackupRetentionPeriod`\n> - `CharacterSetName`\n> - `DBInstanceClass`\n> - `DBName`\n> - `DBParameterGroupName`\n> - `DBSecurityGroups`\n> - `DBSubnetGroupName`\n> - `Engine`\n> - `EngineVersion`\n> - `Iops`\n> - `LicenseModel`\n> - `MasterUsername`\n> - `MasterUserPassword`\n> - `MultiAZ`\n> - `OptionGroupName`\n> - `PreferredBackupWindow`\n> - `PreferredMaintenanceWindow`\n> \n> All other properties are ignored. Specify a virtual private cloud (VPC) security group if you want to submit other properties, such as `StorageType` , `StorageEncrypted` , or `KmsKeyId` . If you're already using the `DBSecurityGroups` property, you can't use these other properties by updating your DB instance to use a VPC security group. You must recreate the DB instance.", + "title": "DBSecurityGroups", + "type": "array" + }, + "DBSnapshotIdentifier": { + "markdownDescription": "The name or Amazon Resource Name (ARN) of the DB snapshot that's used to restore the DB instance. If you're restoring from a shared manual DB snapshot, you must specify the ARN of the snapshot.\n\nBy specifying this property, you can create a DB instance from the specified DB snapshot. If the `DBSnapshotIdentifier` property is an empty string or the `AWS::RDS::DBInstance` declaration has no `DBSnapshotIdentifier` property, AWS CloudFormation creates a new database. If the property contains a value (other than an empty string), AWS CloudFormation creates a database from the specified snapshot. If a snapshot with the specified name doesn't exist, AWS CloudFormation can't create the database and it rolls back the stack.\n\nSome DB instance properties aren't valid when you restore from a snapshot, such as the `MasterUsername` and `MasterUserPassword` properties, and the point-in-time recovery properties `RestoreTime` and `UseLatestRestorableTime` . For information about the properties that you can specify, see the [`RestoreDBInstanceFromDBSnapshot`](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_RestoreDBInstanceFromDBSnapshot.html) action in the *Amazon RDS API Reference* .\n\nAfter you restore a DB instance with a `DBSnapshotIdentifier` property, you must specify the same `DBSnapshotIdentifier` property for any future updates to the DB instance. When you specify this property for an update, the DB instance is not restored from the DB snapshot again, and the data in the database is not changed. However, if you don't specify the `DBSnapshotIdentifier` property, an empty DB instance is created, and the original DB instance is deleted. If you specify a property that is different from the previous snapshot restore property, a new DB instance is restored from the specified `DBSnapshotIdentifier` property, and the original DB instance is deleted.\n\nIf you specify the `DBSnapshotIdentifier` property to restore a DB instance (as opposed to specifying it for DB instance updates), then don't specify the following properties:\n\n- `CharacterSetName`\n- `DBClusterIdentifier`\n- `DBName`\n- `KmsKeyId`\n- `MasterUsername`\n- `MasterUserPassword`\n- `PromotionTier`\n- `SourceDBInstanceIdentifier`\n- `SourceRegion`\n- `StorageEncrypted` (for an unencrypted snapshot)\n- `Timezone`\n\n*Amazon Aurora*\n\nNot applicable. Snapshot restore is managed by the DB cluster.", + "title": "DBSnapshotIdentifier", + "type": "string" + }, + "DBSubnetGroupName": { + "markdownDescription": "A DB subnet group to associate with the DB instance. If you update this value, the new subnet group must be a subnet group in a new VPC.\n\nIf you don't specify a DB subnet group, RDS uses the default DB subnet group if one exists. If a default DB subnet group does not exist, and you don't specify a `DBSubnetGroupName` , the DB instance fails to launch.\n\nFor more information about using Amazon RDS in a VPC, see [Amazon VPC and Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.html) in the *Amazon RDS User Guide* .\n\nThis setting doesn't apply to Amazon Aurora DB instances. The DB subnet group is managed by the DB cluster. If specified, the setting must match the DB cluster setting.", + "title": "DBSubnetGroupName", + "type": "string" + }, + "DBSystemId": { + "markdownDescription": "The Oracle system identifier (SID), which is the name of the Oracle database instance that manages your database files. In this context, the term \"Oracle database instance\" refers exclusively to the system global area (SGA) and Oracle background processes. If you don't specify a SID, the value defaults to `RDSCDB` . The Oracle SID is also the name of your CDB.", + "title": "DBSystemId", + "type": "string" + }, + "DatabaseInsightsMode": { + "markdownDescription": "The mode of Database Insights to enable for the DB instance.\n\n> Aurora DB instances inherit this value from the DB cluster, so you can't change this value.", + "title": "DatabaseInsightsMode", + "type": "string" + }, + "DedicatedLogVolume": { + "markdownDescription": "Indicates whether the DB instance has a dedicated log volume (DLV) enabled.", + "title": "DedicatedLogVolume", + "type": "boolean" + }, + "DeleteAutomatedBackups": { + "markdownDescription": "A value that indicates whether to remove automated backups immediately after the DB instance is deleted. This parameter isn't case-sensitive. The default is to remove automated backups immediately after the DB instance is deleted.\n\n*Amazon Aurora*\n\nNot applicable. When you delete a DB cluster, all automated backups for that DB cluster are deleted and can't be recovered. Manual DB cluster snapshots of the DB cluster are not deleted.", + "title": "DeleteAutomatedBackups", + "type": "boolean" + }, + "DeletionProtection": { + "markdownDescription": "Specifies whether the DB instance has deletion protection enabled. The database can't be deleted when deletion protection is enabled. By default, deletion protection isn't enabled. For more information, see [Deleting a DB Instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_DeleteInstance.html) .\n\nThis setting doesn't apply to Amazon Aurora DB instances. You can enable or disable deletion protection for the DB cluster. For more information, see `CreateDBCluster` . DB instances in a DB cluster can be deleted even when deletion protection is enabled for the DB cluster.", + "title": "DeletionProtection", + "type": "boolean" + }, + "Domain": { + "markdownDescription": "The Active Directory directory ID to create the DB instance in. Currently, only Db2, MySQL, Microsoft SQL Server, Oracle, and PostgreSQL DB instances can be created in an Active Directory Domain.\n\nFor more information, see [Kerberos Authentication](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/kerberos-authentication.html) in the *Amazon RDS User Guide* .", + "title": "Domain", + "type": "string" + }, + "DomainAuthSecretArn": { + "markdownDescription": "The ARN for the Secrets Manager secret with the credentials for the user joining the domain.\n\nExample: `arn:aws:secretsmanager:region:account-number:secret:myselfmanagedADtestsecret-123456`", + "title": "DomainAuthSecretArn", + "type": "string" + }, + "DomainDnsIps": { + "items": { + "type": "string" + }, + "markdownDescription": "The IPv4 DNS IP addresses of your primary and secondary Active Directory domain controllers.\n\nConstraints:\n\n- Two IP addresses must be provided. If there isn't a secondary domain controller, use the IP address of the primary domain controller for both entries in the list.\n\nExample: `123.124.125.126,234.235.236.237`", + "title": "DomainDnsIps", + "type": "array" + }, + "DomainFqdn": { + "markdownDescription": "The fully qualified domain name (FQDN) of an Active Directory domain.\n\nConstraints:\n\n- Can't be longer than 64 characters.\n\nExample: `mymanagedADtest.mymanagedAD.mydomain`", + "title": "DomainFqdn", + "type": "string" + }, + "DomainIAMRoleName": { + "markdownDescription": "The name of the IAM role to use when making API calls to the Directory Service.\n\nThis setting doesn't apply to the following DB instances:\n\n- Amazon Aurora (The domain is managed by the DB cluster.)\n- RDS Custom", + "title": "DomainIAMRoleName", + "type": "string" + }, + "DomainOu": { + "markdownDescription": "The Active Directory organizational unit for your DB instance to join.\n\nConstraints:\n\n- Must be in the distinguished name format.\n- Can't be longer than 64 characters.\n\nExample: `OU=mymanagedADtestOU,DC=mymanagedADtest,DC=mymanagedAD,DC=mydomain`", + "title": "DomainOu", + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of log types that need to be enabled for exporting to CloudWatch Logs. The values in the list depend on the DB engine being used. For more information, see [Publishing Database Logs to Amazon CloudWatch Logs](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_LogAccess.html#USER_LogAccess.Procedural.UploadtoCloudWatch) in the *Amazon Relational Database Service User Guide* .\n\n*Amazon Aurora*\n\nNot applicable. CloudWatch Logs exports are managed by the DB cluster.\n\n*Db2*\n\nValid values: `diag.log` , `notify.log`\n\n*MariaDB*\n\nValid values: `audit` , `error` , `general` , `slowquery`\n\n*Microsoft SQL Server*\n\nValid values: `agent` , `error`\n\n*MySQL*\n\nValid values: `audit` , `error` , `general` , `slowquery`\n\n*Oracle*\n\nValid values: `alert` , `audit` , `listener` , `trace` , `oemagent`\n\n*PostgreSQL*\n\nValid values: `postgresql` , `upgrade`", + "title": "EnableCloudwatchLogsExports", + "type": "array" + }, + "EnableIAMDatabaseAuthentication": { + "markdownDescription": "A value that indicates whether to enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts. By default, mapping is disabled.\n\nThis property is supported for RDS for MariaDB, RDS for MySQL, and RDS for PostgreSQL. For more information, see [IAM Database Authentication for MariaDB, MySQL, and PostgreSQL](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAMDBAuth.html) in the *Amazon RDS User Guide.*\n\n*Amazon Aurora*\n\nNot applicable. Mapping AWS IAM accounts to database accounts is managed by the DB cluster.", + "title": "EnableIAMDatabaseAuthentication", + "type": "boolean" + }, + "EnablePerformanceInsights": { + "markdownDescription": "Specifies whether to enable Performance Insights for the DB instance. For more information, see [Using Amazon Performance Insights](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.html) in the *Amazon RDS User Guide* .\n\nThis setting doesn't apply to RDS Custom DB instances.", + "title": "EnablePerformanceInsights", + "type": "boolean" + }, + "Engine": { + "markdownDescription": "The name of the database engine to use for this DB instance. Not every database engine is available in every AWS Region.\n\nThis property is required when creating a DB instance.\n\n> You can convert an Oracle database from the non-CDB architecture to the container database (CDB) architecture by updating the `Engine` value in your templates from `oracle-ee` to `oracle-ee-cdb` or from `oracle-se2` to `oracle-se2-cdb` . Converting to the CDB architecture requires an interruption. \n\nValid Values:\n\n- `aurora-mysql` (for Aurora MySQL DB instances)\n- `aurora-postgresql` (for Aurora PostgreSQL DB instances)\n- `custom-oracle-ee` (for RDS Custom for Oracle DB instances)\n- `custom-oracle-ee-cdb` (for RDS Custom for Oracle DB instances)\n- `custom-sqlserver-ee` (for RDS Custom for SQL Server DB instances)\n- `custom-sqlserver-se` (for RDS Custom for SQL Server DB instances)\n- `custom-sqlserver-web` (for RDS Custom for SQL Server DB instances)\n- `db2-ae`\n- `db2-se`\n- `mariadb`\n- `mysql`\n- `oracle-ee`\n- `oracle-ee-cdb`\n- `oracle-se2`\n- `oracle-se2-cdb`\n- `postgres`\n- `sqlserver-ee`\n- `sqlserver-se`\n- `sqlserver-ex`\n- `sqlserver-web`", + "title": "Engine", + "type": "string" + }, + "EngineLifecycleSupport": { + "markdownDescription": "The life cycle type for this DB instance.\n\n> By default, this value is set to `open-source-rds-extended-support` , which enrolls your DB instance into Amazon RDS Extended Support. At the end of standard support, you can avoid charges for Extended Support by setting the value to `open-source-rds-extended-support-disabled` . In this case, creating the DB instance will fail if the DB major version is past its end of standard support date. \n\nThis setting applies only to RDS for MySQL and RDS for PostgreSQL. For Amazon Aurora DB instances, the life cycle type is managed by the DB cluster.\n\nYou can use this setting to enroll your DB instance into Amazon RDS Extended Support. With RDS Extended Support, you can run the selected major engine version on your DB instance past the end of standard support for that engine version. For more information, see [Amazon RDS Extended Support with Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/extended-support.html) in the *Amazon RDS User Guide* .\n\nValid Values: `open-source-rds-extended-support | open-source-rds-extended-support-disabled`\n\nDefault: `open-source-rds-extended-support`", + "title": "EngineLifecycleSupport", + "type": "string" + }, + "EngineVersion": { + "markdownDescription": "The version number of the database engine to use.\n\nFor a list of valid engine versions, use the `DescribeDBEngineVersions` action.\n\nThe following are the database engines and links to information about the major and minor versions that are available with Amazon RDS. Not every database engine is available for every AWS Region.\n\n*Amazon Aurora*\n\nNot applicable. The version number of the database engine to be used by the DB instance is managed by the DB cluster.\n\n*Db2*\n\nSee [Amazon RDS for Db2](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Db2.html#Db2.Concepts.VersionMgmt) in the *Amazon RDS User Guide.*\n\n*MariaDB*\n\nSee [MariaDB on Amazon RDS Versions](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MariaDB.html#MariaDB.Concepts.VersionMgmt) in the *Amazon RDS User Guide.*\n\n*Microsoft SQL Server*\n\nSee [Microsoft SQL Server Versions on Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.VersionSupport) in the *Amazon RDS User Guide.*\n\n*MySQL*\n\nSee [MySQL on Amazon RDS Versions](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MySQL.html#MySQL.Concepts.VersionMgmt) in the *Amazon RDS User Guide.*\n\n*Oracle*\n\nSee [Oracle Database Engine Release Notes](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.Oracle.PatchComposition.html) in the *Amazon RDS User Guide.*\n\n*PostgreSQL*\n\nSee [Supported PostgreSQL Database Versions](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_PostgreSQL.html#PostgreSQL.Concepts.General.DBVersions) in the *Amazon RDS User Guide.*", + "title": "EngineVersion", + "type": "string" + }, + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS) that the database provisions. The value must be equal to or greater than 1000.\n\nIf you specify this property, you must follow the range of allowed ratios of your requested IOPS rate to the amount of storage that you allocate (IOPS to allocated storage). For example, you can provision an Oracle database instance with 1000 IOPS and 200 GiB of storage (a ratio of 5:1), or specify 2000 IOPS with 200 GiB of storage (a ratio of 10:1). For more information, see [Amazon RDS Provisioned IOPS Storage to Improve Performance](https://docs.aws.amazon.com/AmazonRDS/latest/DeveloperGuide/CHAP_Storage.html#USER_PIOPS) in the *Amazon RDS User Guide* .\n\n> If you specify `io1` for the `StorageType` property, then you must also specify the `Iops` property. \n\nConstraints:\n\n- For RDS for Db2, MariaDB, MySQL, Oracle, and PostgreSQL - Must be a multiple between .5 and 50 of the storage amount for the DB instance.\n- For RDS for SQL Server - Must be a multiple between 1 and 50 of the storage amount for the DB instance.", + "title": "Iops", + "type": "number" + }, + "KmsKeyId": { + "markdownDescription": "The ARN of the AWS KMS key that's used to encrypt the DB instance, such as `arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef` . If you enable the StorageEncrypted property but don't specify this property, AWS CloudFormation uses the default KMS key. If you specify this property, you must set the StorageEncrypted property to true.\n\nIf you specify the `SourceDBInstanceIdentifier` or `SourceDbiResourceId` property, don't specify this property. The value is inherited from the source DB instance, and if the DB instance is encrypted, the specified `KmsKeyId` property is used. However, if the source DB instance is in a different AWS Region, you must specify a KMS key ID.\n\nIf you specify the `SourceDBInstanceAutomatedBackupsArn` property, don't specify this property. The value is inherited from the source DB instance automated backup, and if the automated backup is encrypted, the specified `KmsKeyId` property is used.\n\nIf you create an encrypted read replica in a different AWS Region, then you must specify a KMS key for the destination AWS Region. KMS encryption keys are specific to the region that they're created in, and you can't use encryption keys from one region in another region.\n\nIf you specify the `DBSnapshotIdentifier` property, don't specify this property. The `StorageEncrypted` property value is inherited from the snapshot. If the DB instance is encrypted, the specified `KmsKeyId` property is also inherited from the snapshot.\n\nIf you specify `DBSecurityGroups` , AWS CloudFormation ignores this property. To specify both a security group and this property, you must use a VPC security group. For more information about Amazon RDS and VPC, see [Using Amazon RDS with Amazon VPC](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.html) in the *Amazon RDS User Guide* .\n\n*Amazon Aurora*\n\nNot applicable. The KMS key identifier is managed by the DB cluster.", + "title": "KmsKeyId", + "type": "string" + }, + "LicenseModel": { + "markdownDescription": "License model information for this DB instance.\n\nValid Values:\n\n- Aurora MySQL - `general-public-license`\n- Aurora PostgreSQL - `postgresql-license`\n- RDS for Db2 - `bring-your-own-license` . For more information about RDS for Db2 licensing, see [](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/db2-licensing.html) in the *Amazon RDS User Guide.*\n- RDS for MariaDB - `general-public-license`\n- RDS for Microsoft SQL Server - `license-included`\n- RDS for MySQL - `general-public-license`\n- RDS for Oracle - `bring-your-own-license` or `license-included`\n- RDS for PostgreSQL - `postgresql-license`\n\n> If you've specified `DBSecurityGroups` and then you update the license model, AWS CloudFormation replaces the underlying DB instance. This will incur some interruptions to database availability.", + "title": "LicenseModel", + "type": "string" + }, + "ManageMasterUserPassword": { + "markdownDescription": "Specifies whether to manage the master user password with AWS Secrets Manager.\n\nFor more information, see [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide.*\n\nConstraints:\n\n- Can't manage the master user password with AWS Secrets Manager if `MasterUserPassword` is specified.", + "title": "ManageMasterUserPassword", + "type": "boolean" + }, + "MasterUserPassword": { + "markdownDescription": "The password for the master user. The password can include any printable ASCII character except \"/\", \"\"\", or \"@\".\n\n*Amazon Aurora*\n\nNot applicable. The password for the master user is managed by the DB cluster.\n\n*RDS for Db2*\n\nMust contain from 8 to 255 characters.\n\n*RDS for MariaDB*\n\nConstraints: Must contain from 8 to 41 characters.\n\n*RDS for Microsoft SQL Server*\n\nConstraints: Must contain from 8 to 128 characters.\n\n*RDS for MySQL*\n\nConstraints: Must contain from 8 to 41 characters.\n\n*RDS for Oracle*\n\nConstraints: Must contain from 8 to 30 characters.\n\n*RDS for PostgreSQL*\n\nConstraints: Must contain from 8 to 128 characters.", + "title": "MasterUserPassword", + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/AWS::RDS::DBInstance.MasterUserSecret", + "markdownDescription": "The secret managed by RDS in AWS Secrets Manager for the master user password.\n\nFor more information, see [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide.*", + "title": "MasterUserSecret" + }, + "MasterUsername": { + "markdownDescription": "The master user name for the DB instance.\n\n> If you specify the `SourceDBInstanceIdentifier` or `DBSnapshotIdentifier` property, don't specify this property. The value is inherited from the source DB instance or snapshot.\n> \n> When migrating a self-managed Db2 database, we recommend that you use the same master username as your self-managed Db2 instance name. \n\n*Amazon Aurora*\n\nNot applicable. The name for the master user is managed by the DB cluster.\n\n*RDS for Db2*\n\nConstraints:\n\n- Must be 1 to 16 letters or numbers.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.\n\n*RDS for MariaDB*\n\nConstraints:\n\n- Must be 1 to 16 letters or numbers.\n- Can't be a reserved word for the chosen database engine.\n\n*RDS for Microsoft SQL Server*\n\nConstraints:\n\n- Must be 1 to 128 letters or numbers.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.\n\n*RDS for MySQL*\n\nConstraints:\n\n- Must be 1 to 16 letters or numbers.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.\n\n*RDS for Oracle*\n\nConstraints:\n\n- Must be 1 to 30 letters or numbers.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.\n\n*RDS for PostgreSQL*\n\nConstraints:\n\n- Must be 1 to 63 letters or numbers.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.", + "title": "MasterUsername", + "type": "string" + }, + "MaxAllocatedStorage": { + "markdownDescription": "The upper limit in gibibytes (GiB) to which Amazon RDS can automatically scale the storage of the DB instance.\n\nFor more information about this setting, including limitations that apply to it, see [Managing capacity automatically with Amazon RDS storage autoscaling](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIOPS.StorageTypes.html#USER_PIOPS.Autoscaling) in the *Amazon RDS User Guide* .\n\nThis setting doesn't apply to the following DB instances:\n\n- Amazon Aurora (Storage is managed by the DB cluster.)\n- RDS Custom", + "title": "MaxAllocatedStorage", + "type": "number" + }, + "MonitoringInterval": { + "markdownDescription": "The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance. To disable collection of Enhanced Monitoring metrics, specify `0` .\n\nIf `MonitoringRoleArn` is specified, then you must set `MonitoringInterval` to a value other than `0` .\n\nThis setting doesn't apply to RDS Custom DB instances.\n\nValid Values: `0 | 1 | 5 | 10 | 15 | 30 | 60`\n\nDefault: `0`", + "title": "MonitoringInterval", + "type": "number" + }, + "MonitoringRoleArn": { + "markdownDescription": "The ARN for the IAM role that permits RDS to send enhanced monitoring metrics to Amazon CloudWatch Logs. For example, `arn:aws:iam:123456789012:role/emaccess` . For information on creating a monitoring role, see [Setting Up and Enabling Enhanced Monitoring](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.OS.html#USER_Monitoring.OS.Enabling) in the *Amazon RDS User Guide* .\n\nIf `MonitoringInterval` is set to a value other than `0` , then you must supply a `MonitoringRoleArn` value.\n\nThis setting doesn't apply to RDS Custom DB instances.", + "title": "MonitoringRoleArn", + "type": "string" + }, + "MultiAZ": { + "markdownDescription": "Specifies whether the DB instance is a Multi-AZ deployment. You can't set the `AvailabilityZone` parameter if the DB instance is a Multi-AZ deployment.\n\nThis setting doesn't apply to Amazon Aurora because the DB instance Availability Zones (AZs) are managed by the DB cluster.", + "title": "MultiAZ", + "type": "boolean" + }, + "NcharCharacterSetName": { + "markdownDescription": "The name of the NCHAR character set for the Oracle DB instance.\n\nThis setting doesn't apply to RDS Custom DB instances.", + "title": "NcharCharacterSetName", + "type": "string" + }, + "NetworkType": { + "markdownDescription": "The network type of the DB instance.\n\nValid values:\n\n- `IPV4`\n- `DUAL`\n\nThe network type is determined by the `DBSubnetGroup` specified for the DB instance. A `DBSubnetGroup` can support only the IPv4 protocol or the IPv4 and IPv6 protocols ( `DUAL` ).\n\nFor more information, see [Working with a DB instance in a VPC](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.WorkingWithRDSInstanceinaVPC.html) in the *Amazon RDS User Guide.*", + "title": "NetworkType", + "type": "string" + }, + "OptionGroupName": { + "markdownDescription": "Indicates that the DB instance should be associated with the specified option group.\n\nPermanent options, such as the TDE option for Oracle Advanced Security TDE, can't be removed from an option group. Also, that option group can't be removed from a DB instance once it is associated with a DB instance.", + "title": "OptionGroupName", + "type": "string" + }, + "PerformanceInsightsKMSKeyId": { + "markdownDescription": "The AWS KMS key identifier for encryption of Performance Insights data.\n\nThe KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.\n\nIf you do not specify a value for `PerformanceInsightsKMSKeyId` , then Amazon RDS uses your default KMS key. There is a default KMS key for your AWS account. Your AWS account has a different default KMS key for each AWS Region.\n\nFor information about enabling Performance Insights, see [EnablePerformanceInsights](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-enableperformanceinsights) .", + "title": "PerformanceInsightsKMSKeyId", + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "markdownDescription": "The number of days to retain Performance Insights data. When creating a DB instance without enabling Performance Insights, you can't specify the parameter `PerformanceInsightsRetentionPeriod` .\n\nThis setting doesn't apply to RDS Custom DB instances.\n\nValid Values:\n\n- `7`\n- *month* * 31, where *month* is a number of months from 1-23. Examples: `93` (3 months * 31), `341` (11 months * 31), `589` (19 months * 31)\n- `731`\n\nDefault: `7` days\n\nIf you specify a retention period that isn't valid, such as `94` , Amazon RDS returns an error.", + "title": "PerformanceInsightsRetentionPeriod", + "type": "number" + }, + "Port": { + "markdownDescription": "The port number on which the database accepts connections.\n\nThis setting doesn't apply to Aurora DB instances. The port number is managed by the cluster.\n\nValid Values: `1150-65535`\n\nDefault:\n\n- RDS for Db2 - `50000`\n- RDS for MariaDB - `3306`\n- RDS for Microsoft SQL Server - `1433`\n- RDS for MySQL - `3306`\n- RDS for Oracle - `1521`\n- RDS for PostgreSQL - `5432`\n\nConstraints:\n\n- For RDS for Microsoft SQL Server, the value can't be `1234` , `1434` , `3260` , `3343` , `3389` , `47001` , or `49152-49156` .", + "title": "Port", + "type": "string" + }, + "PreferredBackupWindow": { + "markdownDescription": "The daily time range during which automated backups are created if automated backups are enabled, using the `BackupRetentionPeriod` parameter. For more information, see [Backup Window](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithAutomatedBackups.html#USER_WorkingWithAutomatedBackups.BackupWindow) in the *Amazon RDS User Guide.*\n\nConstraints:\n\n- Must be in the format `hh24:mi-hh24:mi` .\n- Must be in Universal Coordinated Time (UTC).\n- Must not conflict with the preferred maintenance window.\n- Must be at least 30 minutes.\n\n*Amazon Aurora*\n\nNot applicable. The daily time range for creating automated backups is managed by the DB cluster.", + "title": "PreferredBackupWindow", + "type": "string" + }, + "PreferredMaintenanceWindow": { + "markdownDescription": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n\nFormat: `ddd:hh24:mi-ddd:hh24:mi`\n\nThe default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region, occurring on a random day of the week. To see the time blocks available, see [Maintaining a DB instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Maintenance.html#AdjustingTheMaintenanceWindow) in the *Amazon RDS User Guide.*\n\n> This property applies when AWS CloudFormation initially creates the DB instance. If you use AWS CloudFormation to update the DB instance, those updates are applied immediately. \n\nConstraints: Minimum 30-minute window.", + "title": "PreferredMaintenanceWindow", + "type": "string" + }, + "ProcessorFeatures": { + "items": { + "$ref": "#/definitions/AWS::RDS::DBInstance.ProcessorFeature" + }, + "markdownDescription": "The number of CPU cores and the number of threads per core for the DB instance class of the DB instance.\n\nThis setting doesn't apply to Amazon Aurora or RDS Custom DB instances.", + "title": "ProcessorFeatures", + "type": "array" + }, + "PromotionTier": { + "markdownDescription": "The order of priority in which an Aurora Replica is promoted to the primary instance after a failure of the existing primary instance. For more information, see [Fault Tolerance for an Aurora DB Cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.AuroraHighAvailability.html#Aurora.Managing.FaultTolerance) in the *Amazon Aurora User Guide* .\n\nThis setting doesn't apply to RDS Custom DB instances.\n\nDefault: `1`\n\nValid Values: `0 - 15`", + "title": "PromotionTier", + "type": "number" + }, + "PubliclyAccessible": { + "markdownDescription": "Indicates whether the DB instance is an internet-facing instance. If you specify true, AWS CloudFormation creates an instance with a publicly resolvable DNS name, which resolves to a public IP address. If you specify false, AWS CloudFormation creates an internal instance with a DNS name that resolves to a private IP address.\n\nThe default behavior value depends on your VPC setup and the database subnet group. For more information, see the `PubliclyAccessible` parameter in the [CreateDBInstance](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html) in the *Amazon RDS API Reference* .", + "title": "PubliclyAccessible", + "type": "boolean" + }, + "ReplicaMode": { + "markdownDescription": "The open mode of an Oracle read replica. For more information, see [Working with Oracle Read Replicas for Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/oracle-read-replicas.html) in the *Amazon RDS User Guide* .\n\nThis setting is only supported in RDS for Oracle.\n\nDefault: `open-read-only`\n\nValid Values: `open-read-only` or `mounted`", + "title": "ReplicaMode", + "type": "string" + }, + "RestoreTime": { + "markdownDescription": "The date and time to restore from. This parameter applies to point-in-time recovery. For more information, see [Restoring a DB instance to a specified time](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIT.html) in the in the *Amazon RDS User Guide* .\n\nConstraints:\n\n- Must be a time in Universal Coordinated Time (UTC) format.\n- Must be before the latest restorable time for the DB instance.\n- Can't be specified if the `UseLatestRestorableTime` parameter is enabled.\n\nExample: `2009-09-07T23:45:00Z`", + "title": "RestoreTime", + "type": "string" + }, + "SourceDBClusterIdentifier": { + "markdownDescription": "The identifier of the Multi-AZ DB cluster that will act as the source for the read replica. Each DB cluster can have up to 15 read replicas.\n\nConstraints:\n\n- Must be the identifier of an existing Multi-AZ DB cluster.\n- Can't be specified if the `SourceDBInstanceIdentifier` parameter is also specified.\n- The specified DB cluster must have automatic backups enabled, that is, its backup retention period must be greater than 0.\n- The source DB cluster must be in the same AWS Region as the read replica. Cross-Region replication isn't supported.", + "title": "SourceDBClusterIdentifier", + "type": "string" + }, + "SourceDBInstanceAutomatedBackupsArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the replicated automated backups from which to restore, for example, `arn:aws:rds:us-east-1:123456789012:auto-backup:ab-L2IJCEXJP7XQ7HOJ4SIEXAMPLE` .\n\nThis setting doesn't apply to RDS Custom.", + "title": "SourceDBInstanceAutomatedBackupsArn", + "type": "string" + }, + "SourceDBInstanceIdentifier": { + "markdownDescription": "If you want to create a read replica DB instance, specify the ID of the source DB instance. Each DB instance can have a limited number of read replicas. For more information, see [Working with Read Replicas](https://docs.aws.amazon.com/AmazonRDS/latest/DeveloperGuide/USER_ReadRepl.html) in the *Amazon RDS User Guide* .\n\nFor information about constraints that apply to DB instance identifiers, see [Naming constraints in Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints) in the *Amazon RDS User Guide* .\n\nThe `SourceDBInstanceIdentifier` property determines whether a DB instance is a read replica. If you remove the `SourceDBInstanceIdentifier` property from your template and then update your stack, AWS CloudFormation promotes the read replica to a standalone DB instance.\n\nIf you specify the `UseLatestRestorableTime` or `RestoreTime` properties in conjunction with the `SourceDBInstanceIdentifier` property, RDS restores the DB instance to the requested point in time, thereby creating a new DB instance.\n\n> - If you specify a source DB instance that uses VPC security groups, we recommend that you specify the `VPCSecurityGroups` property. If you don't specify the property, the read replica inherits the value of the `VPCSecurityGroups` property from the source DB when you create the replica. However, if you update the stack, AWS CloudFormation reverts the replica's `VPCSecurityGroups` property to the default value because it's not defined in the stack's template. This change might cause unexpected issues.\n> - Read replicas don't support deletion policies. AWS CloudFormation ignores any deletion policy that's associated with a read replica.\n> - If you specify `SourceDBInstanceIdentifier` , don't specify the `DBSnapshotIdentifier` property. You can't create a read replica from a snapshot.\n> - Don't set the `BackupRetentionPeriod` , `DBName` , `MasterUsername` , `MasterUserPassword` , and `PreferredBackupWindow` properties. The database attributes are inherited from the source DB instance, and backups are disabled for read replicas.\n> - If the source DB instance is in a different region than the read replica, specify the source region in `SourceRegion` , and specify an ARN for a valid DB instance in `SourceDBInstanceIdentifier` . For more information, see [Constructing a Amazon RDS Amazon Resource Name (ARN)](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html#USER_Tagging.ARN) in the *Amazon RDS User Guide* .\n> - For DB instances in Amazon Aurora clusters, don't specify this property. Amazon RDS automatically assigns writer and reader DB instances.", + "title": "SourceDBInstanceIdentifier", + "type": "string" + }, + "SourceDbiResourceId": { + "markdownDescription": "The resource ID of the source DB instance from which to restore.", + "title": "SourceDbiResourceId", + "type": "string" + }, + "SourceRegion": { + "markdownDescription": "The ID of the region that contains the source DB instance for the read replica.", + "title": "SourceRegion", + "type": "string" + }, + "StorageEncrypted": { + "markdownDescription": "A value that indicates whether the DB instance is encrypted. By default, it isn't encrypted.\n\nIf you specify the `KmsKeyId` property, then you must enable encryption.\n\nIf you specify the `SourceDBInstanceIdentifier` or `SourceDbiResourceId` property, don't specify this property. The value is inherited from the source DB instance, and if the DB instance is encrypted, the specified `KmsKeyId` property is used.\n\nIf you specify the `SourceDBInstanceAutomatedBackupsArn` property, don't specify this property. The value is inherited from the source DB instance automated backup.\n\nIf you specify `DBSnapshotIdentifier` property, don't specify this property. The value is inherited from the snapshot.\n\n*Amazon Aurora*\n\nNot applicable. The encryption for DB instances is managed by the DB cluster.", + "title": "StorageEncrypted", + "type": "boolean" + }, + "StorageThroughput": { + "markdownDescription": "Specifies the storage throughput value, in mebibyte per second (MiBps), for the DB instance. This setting applies only to the `gp3` storage type.\n\nThis setting doesn't apply to RDS Custom or Amazon Aurora.", + "title": "StorageThroughput", + "type": "number" + }, + "StorageType": { + "markdownDescription": "The storage type to associate with the DB instance.\n\nIf you specify `io1` , `io2` , or `gp3` , you must also include a value for the `Iops` parameter.\n\nThis setting doesn't apply to Amazon Aurora DB instances. Storage is managed by the DB cluster.\n\nValid Values: `gp2 | gp3 | io1 | io2 | standard`\n\nDefault: `io1` , if the `Iops` parameter is specified. Otherwise, `gp3` .", + "title": "StorageType", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags to assign to the DB instance.", + "title": "Tags", + "type": "array" + }, + "Timezone": { + "markdownDescription": "The time zone of the DB instance. The time zone parameter is currently supported only by [RDS for Db2](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/db2-time-zone) and [RDS for SQL Server](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.TimeZone) .", + "title": "Timezone", + "type": "string" + }, + "UseDefaultProcessorFeatures": { + "markdownDescription": "Specifies whether the DB instance class of the DB instance uses its default processor features.\n\nThis setting doesn't apply to RDS Custom DB instances.", + "title": "UseDefaultProcessorFeatures", + "type": "boolean" + }, + "UseLatestRestorableTime": { + "markdownDescription": "Specifies whether the DB instance is restored from the latest backup time. By default, the DB instance isn't restored from the latest backup time. This parameter applies to point-in-time recovery. For more information, see [Restoring a DB instance to a specified time](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIT.html) in the in the *Amazon RDS User Guide* .\n\nConstraints:\n\n- Can't be specified if the `RestoreTime` parameter is provided.", + "title": "UseLatestRestorableTime", + "type": "boolean" + }, + "VPCSecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the VPC security group IDs to assign to the DB instance. The list can include both the physical IDs of existing VPC security groups and references to [AWS::EC2::SecurityGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html) resources created in the template.\n\nIf you plan to update the resource, don't specify VPC security groups in a shared VPC.\n\nIf you set `VPCSecurityGroups` , you must not set [`DBSecurityGroups`](https://docs.aws.amazon.com//AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-dbsecuritygroups) , and vice versa.\n\n> You can migrate a DB instance in your stack from an RDS DB security group to a VPC security group, but keep the following in mind:\n> \n> - You can't revert to using an RDS security group after you establish a VPC security group membership.\n> - When you migrate your DB instance to VPC security groups, if your stack update rolls back because the DB instance update fails or because an update fails in another AWS CloudFormation resource, the rollback fails because it can't revert to an RDS security group.\n> - To use the properties that are available when you use a VPC security group, you must recreate the DB instance. If you don't, AWS CloudFormation submits only the property values that are listed in the [`DBSecurityGroups`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-dbsecuritygroups) property. \n\nTo avoid this situation, migrate your DB instance to using VPC security groups only when that is the only change in your stack template.\n\n*Amazon Aurora*\n\nNot applicable. The associated list of EC2 VPC security groups is managed by the DB cluster. If specified, the setting must match the DB cluster setting.", + "title": "VPCSecurityGroups", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RDS::DBInstance" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::RDS::DBInstance.CertificateDetails": { + "additionalProperties": false, + "properties": { + "CAIdentifier": { + "markdownDescription": "The CA identifier of the CA certificate used for the DB instance's server certificate.", + "title": "CAIdentifier", + "type": "string" + }, + "ValidTill": { + "markdownDescription": "The expiration date of the DB instance\u2019s server certificate.", + "title": "ValidTill", + "type": "string" + } + }, + "type": "object" + }, + "AWS::RDS::DBInstance.DBInstanceRole": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "markdownDescription": "The name of the feature associated with the AWS Identity and Access Management (IAM) role. IAM roles that are associated with a DB instance grant permission for the DB instance to access other AWS services on your behalf. For the list of supported feature names, see the `SupportedFeatureNames` description in [DBEngineVersion](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DBEngineVersion.html) in the *Amazon RDS API Reference* .", + "title": "FeatureName", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that is associated with the DB instance.", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "FeatureName", + "RoleArn" + ], + "type": "object" + }, + "AWS::RDS::DBInstance.Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "markdownDescription": "Specifies the DNS address of the DB instance.", + "title": "Address", + "type": "string" + }, + "HostedZoneId": { + "markdownDescription": "Specifies the ID that Amazon Route 53 assigns when you create a hosted zone.", + "title": "HostedZoneId", + "type": "string" + }, + "Port": { + "markdownDescription": "Specifies the port that the database engine is listening on.", + "title": "Port", + "type": "string" + } + }, + "type": "object" + }, + "AWS::RDS::DBInstance.MasterUserSecret": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "markdownDescription": "The AWS KMS key identifier that is used to encrypt the secret.", + "title": "KmsKeyId", + "type": "string" + }, + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the secret. This parameter is a return value that you can retrieve using the `Fn::GetAtt` intrinsic function. For more information, see [Return values](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbinstance.html#aws-resource-rds-dbinstance-return-values) .", + "title": "SecretArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::RDS::DBInstance.ProcessorFeature": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the processor feature. Valid names are `coreCount` and `threadsPerCore` .", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of a processor feature.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::RDS::DBParameterGroup": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DBParameterGroupName": { + "markdownDescription": "The name of the DB parameter group.\n\nConstraints:\n\n- Must be 1 to 255 letters, numbers, or hyphens.\n- First character must be a letter\n- Can't end with a hyphen or contain two consecutive hyphens\n\nIf you don't specify a value for `DBParameterGroupName` property, a name is automatically created for the DB parameter group.\n\n> This value is stored as a lowercase string.", + "title": "DBParameterGroupName", + "type": "string" + }, + "Description": { + "markdownDescription": "Provides the customer-specified description for this DB parameter group.", + "title": "Description", + "type": "string" + }, + "Family": { + "markdownDescription": "The DB parameter group family name. A DB parameter group can be associated with one and only one DB parameter group family, and can be applied only to a DB instance running a database engine and engine version compatible with that DB parameter group family.\n\nTo list all of the available parameter group families for a DB engine, use the following command:\n\n`aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine `\n\nFor example, to list all of the available parameter group families for the MySQL DB engine, use the following command:\n\n`aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine mysql`\n\n> The output contains duplicates. \n\nThe following are the valid DB engine values:\n\n- `aurora-mysql`\n- `aurora-postgresql`\n- `db2-ae`\n- `db2-se`\n- `mysql`\n- `oracle-ee`\n- `oracle-ee-cdb`\n- `oracle-se2`\n- `oracle-se2-cdb`\n- `postgres`\n- `sqlserver-ee`\n- `sqlserver-se`\n- `sqlserver-ex`\n- `sqlserver-web`", + "title": "Family", + "type": "string" + }, + "Parameters": { + "markdownDescription": "A mapping of parameter names and values for the parameter update. You must specify at least one parameter name and value.\n\nFor more information about parameter groups, see [Working with parameter groups](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithParamGroups.html) in the *Amazon RDS User Guide* , or [Working with parameter groups](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_WorkingWithParamGroups.html) in the *Amazon Aurora User Guide* .\n\n> AWS CloudFormation doesn't support specifying an apply method for each individual parameter. The default apply method for each parameter is used.", + "title": "Parameters", + "type": "object" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags to assign to the DB parameter group.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Description", + "Family" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RDS::DBParameterGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::RDS::DBProxy": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Auth": { + "items": { + "$ref": "#/definitions/AWS::RDS::DBProxy.AuthFormat" + }, + "markdownDescription": "The authorization mechanism that the proxy uses.", + "title": "Auth", + "type": "array" + }, + "DBProxyName": { + "markdownDescription": "The identifier for the proxy. This name must be unique for all proxies owned by your AWS account in the specified AWS Region . An identifier must begin with a letter and must contain only ASCII letters, digits, and hyphens; it can't end with a hyphen or contain two consecutive hyphens.", + "title": "DBProxyName", + "type": "string" + }, + "DebugLogging": { + "markdownDescription": "Specifies whether the proxy includes detailed information about SQL statements in its logs. This information helps you to debug issues involving SQL behavior or the performance and scalability of the proxy connections. The debug information includes the text of SQL statements that you submit through the proxy. Thus, only enable this setting when needed for debugging, and only when you have security measures in place to safeguard any sensitive information that appears in the logs.", + "title": "DebugLogging", + "type": "boolean" + }, + "EngineFamily": { + "markdownDescription": "The kinds of databases that the proxy can connect to. This value determines which database network protocol the proxy recognizes when it interprets network traffic to and from the database. For Aurora MySQL, RDS for MariaDB, and RDS for MySQL databases, specify `MYSQL` . For Aurora PostgreSQL and RDS for PostgreSQL databases, specify `POSTGRESQL` . For RDS for Microsoft SQL Server, specify `SQLSERVER` .", + "title": "EngineFamily", + "type": "string" + }, + "IdleClientTimeout": { + "markdownDescription": "The number of seconds that a connection to the proxy can be inactive before the proxy disconnects it. You can set this value higher or lower than the connection timeout limit for the associated database.", + "title": "IdleClientTimeout", + "type": "number" + }, + "RequireTLS": { + "markdownDescription": "Specifies whether Transport Layer Security (TLS) encryption is required for connections to the proxy. By enabling this setting, you can enforce encrypted TLS connections to the proxy.", + "title": "RequireTLS", + "type": "boolean" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that the proxy uses to access secrets in AWS Secrets Manager.", + "title": "RoleArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::RDS::DBProxy.TagFormat" + }, + "markdownDescription": "An optional set of key-value pairs to associate arbitrary data of your choosing with the proxy.", + "title": "Tags", + "type": "array" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more VPC security group IDs to associate with the new proxy.\n\nIf you plan to update the resource, don't specify VPC security groups in a shared VPC.", + "title": "VpcSecurityGroupIds", + "type": "array" + }, + "VpcSubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more VPC subnet IDs to associate with the new proxy.", + "title": "VpcSubnetIds", + "type": "array" + } + }, + "required": [ + "Auth", + "DBProxyName", + "EngineFamily", + "RoleArn", + "VpcSubnetIds" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RDS::DBProxy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::RDS::DBProxy.AuthFormat": { + "additionalProperties": false, + "properties": { + "AuthScheme": { + "markdownDescription": "The type of authentication that the proxy uses for connections from the proxy to the underlying database.", + "title": "AuthScheme", + "type": "string" + }, + "ClientPasswordAuthType": { + "markdownDescription": "Specifies the details of authentication used by a proxy to log in as a specific database user.", + "title": "ClientPasswordAuthType", + "type": "string" + }, + "Description": { + "markdownDescription": "A user-specified description about the authentication used by a proxy to log in as a specific database user.", + "title": "Description", + "type": "string" + }, + "IAMAuth": { + "markdownDescription": "A value that indicates whether to require or disallow AWS Identity and Access Management (IAM) authentication for connections to the proxy. The `ENABLED` value is valid only for proxies with RDS for Microsoft SQL Server.", + "title": "IAMAuth", + "type": "string" + }, + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) representing the secret that the proxy uses to authenticate to the RDS DB instance or Aurora DB cluster. These secrets are stored within Amazon Secrets Manager.", + "title": "SecretArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::RDS::DBProxy.TagFormat": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "A key is the required name of the tag. The string value can be from 1 to 128 Unicode characters in length and can't be prefixed with `aws:` or `rds:` . The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\").", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "A value is the optional value of the tag. The string value can be from 1 to 256 Unicode characters in length and can't be prefixed with `aws:` or `rds:` . The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\").", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::RDS::DBProxyEndpoint": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DBProxyEndpointName": { + "markdownDescription": "The name of the DB proxy endpoint to create.", + "title": "DBProxyEndpointName", + "type": "string" + }, + "DBProxyName": { + "markdownDescription": "The name of the DB proxy associated with the DB proxy endpoint that you create.", + "title": "DBProxyName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::RDS::DBProxyEndpoint.TagFormat" + }, + "markdownDescription": "An optional set of key-value pairs to associate arbitrary data of your choosing with the proxy.", + "title": "Tags", + "type": "array" + }, + "TargetRole": { + "markdownDescription": "A value that indicates whether the DB proxy endpoint can be used for read/write or read-only operations.", + "title": "TargetRole", + "type": "string" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The VPC security group IDs for the DB proxy endpoint that you create. You can specify a different set of security group IDs than for the original DB proxy. The default is the default security group for the VPC.", + "title": "VpcSecurityGroupIds", + "type": "array" + }, + "VpcSubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The VPC subnet IDs for the DB proxy endpoint that you create. You can specify a different set of subnet IDs than for the original DB proxy.", + "title": "VpcSubnetIds", + "type": "array" + } + }, + "required": [ + "DBProxyEndpointName", + "DBProxyName", + "VpcSubnetIds" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RDS::DBProxyEndpoint" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::RDS::DBProxyEndpoint.TagFormat": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "A key is the required name of the tag. The string value can be from 1 to 128 Unicode characters in length and can't be prefixed with `aws:` or `rds:` . The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\").", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "A value is the optional value of the tag. The string value can be from 1 to 256 Unicode characters in length and can't be prefixed with `aws:` or `rds:` . The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\").", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::RDS::DBProxyTargetGroup": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ConnectionPoolConfigurationInfo": { + "$ref": "#/definitions/AWS::RDS::DBProxyTargetGroup.ConnectionPoolConfigurationInfoFormat", + "markdownDescription": "Displays the settings that control the size and behavior of the connection pool associated with a `DBProxyTarget` .", + "title": "ConnectionPoolConfigurationInfo" + }, + "DBClusterIdentifiers": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more DB cluster identifiers.", + "title": "DBClusterIdentifiers", + "type": "array" + }, + "DBInstanceIdentifiers": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more DB instance identifiers.", + "title": "DBInstanceIdentifiers", + "type": "array" + }, + "DBProxyName": { + "markdownDescription": "The identifier of the `DBProxy` that is associated with the `DBProxyTargetGroup` .", + "title": "DBProxyName", + "type": "string" + }, + "TargetGroupName": { + "markdownDescription": "The identifier for the target group.\n\n> Currently, this property must be set to `default` .", + "title": "TargetGroupName", + "type": "string" + } + }, + "required": [ + "DBProxyName", + "TargetGroupName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RDS::DBProxyTargetGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::RDS::DBProxyTargetGroup.ConnectionPoolConfigurationInfoFormat": { + "additionalProperties": false, + "properties": { + "ConnectionBorrowTimeout": { + "markdownDescription": "The number of seconds for a proxy to wait for a connection to become available in the connection pool. This setting only applies when the proxy has opened its maximum number of connections and all connections are busy with client sessions.\n\nDefault: `120`\n\nConstraints:\n\n- Must be between 0 and 300.", + "title": "ConnectionBorrowTimeout", + "type": "number" + }, + "InitQuery": { + "markdownDescription": "Add an initialization query, or modify the current one. You can specify one or more SQL statements for the proxy to run when opening each new database connection. The setting is typically used with `SET` statements to make sure that each connection has identical settings. Make sure the query added here is valid. This is an optional field, so you can choose to leave it empty. For including multiple variables in a single SET statement, use a comma separator.\n\nFor example: `SET variable1=value1, variable2=value2`\n\nDefault: no initialization query\n\n> Since you can access initialization query as part of target group configuration, it is not protected by authentication or cryptographic methods. Anyone with access to view or manage your proxy target group configuration can view the initialization query. You should not add sensitive data, such as passwords or long-lived encryption keys, to this option.", + "title": "InitQuery", + "type": "string" + }, + "MaxConnectionsPercent": { + "markdownDescription": "The maximum size of the connection pool for each target in a target group. The value is expressed as a percentage of the `max_connections` setting for the RDS DB instance or Aurora DB cluster used by the target group.\n\nIf you specify `MaxIdleConnectionsPercent` , then you must also include a value for this parameter.\n\nDefault: `10` for RDS for Microsoft SQL Server, and `100` for all other engines\n\nConstraints:\n\n- Must be between 1 and 100.", + "title": "MaxConnectionsPercent", + "type": "number" + }, + "MaxIdleConnectionsPercent": { + "markdownDescription": "A value that controls how actively the proxy closes idle database connections in the connection pool. The value is expressed as a percentage of the `max_connections` setting for the RDS DB instance or Aurora DB cluster used by the target group. With a high value, the proxy leaves a high percentage of idle database connections open. A low value causes the proxy to close more idle connections and return them to the database.\n\nIf you specify this parameter, then you must also include a value for `MaxConnectionsPercent` .\n\nDefault: The default value is half of the value of `MaxConnectionsPercent` . For example, if `MaxConnectionsPercent` is 80, then the default value of `MaxIdleConnectionsPercent` is 40. If the value of `MaxConnectionsPercent` isn't specified, then for SQL Server, `MaxIdleConnectionsPercent` is `5` , and for all other engines, the default is `50` .\n\nConstraints:\n\n- Must be between 0 and the value of `MaxConnectionsPercent` .", + "title": "MaxIdleConnectionsPercent", + "type": "number" + }, + "SessionPinningFilters": { + "items": { + "type": "string" + }, + "markdownDescription": "Each item in the list represents a class of SQL operations that normally cause all later statements in a session using a proxy to be pinned to the same underlying database connection. Including an item in the list exempts that class of SQL operations from the pinning behavior.\n\nDefault: no session pinning filters", + "title": "SessionPinningFilters", + "type": "array" + } + }, + "type": "object" + }, + "AWS::RDS::DBSecurityGroup": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DBSecurityGroupIngress": { + "items": { + "$ref": "#/definitions/AWS::RDS::DBSecurityGroup.Ingress" + }, + "markdownDescription": "Ingress rules to be applied to the DB security group.", + "title": "DBSecurityGroupIngress", + "type": "array" + }, + "EC2VpcId": { + "markdownDescription": "The identifier of an Amazon virtual private cloud (VPC). This property indicates the VPC that this DB security group belongs to.\n\n> This property is included for backwards compatibility and is no longer recommended for providing security information to an RDS DB instance.", + "title": "EC2VpcId", + "type": "string" + }, + "GroupDescription": { + "markdownDescription": "Provides the description of the DB security group.", + "title": "GroupDescription", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata assigned to an Amazon RDS resource consisting of a key-value pair.\n\nFor more information, see [Tagging Amazon RDS resources](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) in the *Amazon RDS User Guide* or [Tagging Amazon Aurora and Amazon RDS resources](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Tagging.html) in the *Amazon Aurora User Guide* .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "DBSecurityGroupIngress", + "GroupDescription" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RDS::DBSecurityGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::RDS::DBSecurityGroup.Ingress": { + "additionalProperties": false, + "properties": { + "CIDRIP": { + "markdownDescription": "The IP range to authorize.", + "title": "CIDRIP", + "type": "string" + }, + "EC2SecurityGroupId": { + "markdownDescription": "Id of the EC2 security group to authorize. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.", + "title": "EC2SecurityGroupId", + "type": "string" + }, + "EC2SecurityGroupName": { + "markdownDescription": "Name of the EC2 security group to authorize. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.", + "title": "EC2SecurityGroupName", + "type": "string" + }, + "EC2SecurityGroupOwnerId": { + "markdownDescription": "AWS account number of the owner of the EC2 security group specified in the `EC2SecurityGroupName` parameter. The AWS access key ID isn't an acceptable value. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.", + "title": "EC2SecurityGroupOwnerId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::RDS::DBSecurityGroupIngress": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CIDRIP": { + "markdownDescription": "The IP range to authorize.", + "title": "CIDRIP", + "type": "string" + }, + "DBSecurityGroupName": { + "markdownDescription": "The name of the DB security group to add authorization to.", + "title": "DBSecurityGroupName", + "type": "string" + }, + "EC2SecurityGroupId": { + "markdownDescription": "Id of the EC2 security group to authorize. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.", + "title": "EC2SecurityGroupId", + "type": "string" + }, + "EC2SecurityGroupName": { + "markdownDescription": "Name of the EC2 security group to authorize. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.", + "title": "EC2SecurityGroupName", + "type": "string" + }, + "EC2SecurityGroupOwnerId": { + "markdownDescription": "AWS account number of the owner of the EC2 security group specified in the `EC2SecurityGroupName` parameter. The AWS access key ID isn't an acceptable value. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.", + "title": "EC2SecurityGroupOwnerId", + "type": "string" + } + }, + "required": [ + "DBSecurityGroupName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RDS::DBSecurityGroupIngress" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::RDS::DBShardGroup": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ComputeRedundancy": { + "markdownDescription": "Specifies whether to create standby standby DB data access shard for the DB shard group. Valid values are the following:\n\n- 0 - Creates a DB shard group without a standby DB data access shard. This is the default value.\n- 1 - Creates a DB shard group with a standby DB data access shard in a different Availability Zone (AZ).\n- 2 - Creates a DB shard group with two standby DB data access shard in two different AZs.", + "title": "ComputeRedundancy", + "type": "number" + }, + "DBClusterIdentifier": { + "markdownDescription": "The name of the primary DB cluster for the DB shard group.", + "title": "DBClusterIdentifier", + "type": "string" + }, + "DBShardGroupIdentifier": { + "markdownDescription": "The name of the DB shard group.", + "title": "DBShardGroupIdentifier", + "type": "string" + }, + "MaxACU": { + "markdownDescription": "The maximum capacity of the DB shard group in Aurora capacity units (ACUs).", + "title": "MaxACU", + "type": "number" + }, + "MinACU": { + "markdownDescription": "The minimum capacity of the DB shard group in Aurora capacity units (ACUs).", + "title": "MinACU", + "type": "number" + }, + "PubliclyAccessible": { + "markdownDescription": "Specifies whether the DB shard group is publicly accessible.\n\nWhen the DB shard group is publicly accessible, its Domain Name System (DNS) endpoint resolves to the private IP address from within the DB shard group's virtual private cloud (VPC). It resolves to the public IP address from outside of the DB shard group's VPC. Access to the DB shard group is ultimately controlled by the security group it uses. That public access is not permitted if the security group assigned to the DB shard group doesn't permit it.\n\nWhen the DB shard group isn't publicly accessible, it is an internal DB shard group with a DNS name that resolves to a private IP address.\n\nDefault: The default behavior varies depending on whether `DBSubnetGroupName` is specified.\n\nIf `DBSubnetGroupName` isn't specified, and `PubliclyAccessible` isn't specified, the following applies:\n\n- If the default VPC in the target Region doesn\u2019t have an internet gateway attached to it, the DB shard group is private.\n- If the default VPC in the target Region has an internet gateway attached to it, the DB shard group is public.\n\nIf `DBSubnetGroupName` is specified, and `PubliclyAccessible` isn't specified, the following applies:\n\n- If the subnets are part of a VPC that doesn\u2019t have an internet gateway attached to it, the DB shard group is private.\n- If the subnets are part of a VPC that has an internet gateway attached to it, the DB shard group is public.", + "title": "PubliclyAccessible", + "type": "boolean" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An optional set of key-value pairs to associate arbitrary data of your choosing with the DB shard group.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "DBClusterIdentifier", + "MaxACU" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RDS::DBShardGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::RDS::DBSubnetGroup": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DBSubnetGroupDescription": { + "markdownDescription": "The description for the DB subnet group.", + "title": "DBSubnetGroupDescription", + "type": "string" + }, + "DBSubnetGroupName": { + "markdownDescription": "The name for the DB subnet group. This value is stored as a lowercase string.\n\nConstraints:\n\n- Must contain no more than 255 letters, numbers, periods, underscores, spaces, or hyphens.\n- Must not be default.\n- First character must be a letter.\n\nExample: `mydbsubnetgroup`", + "title": "DBSubnetGroupName", + "type": "string" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The EC2 Subnet IDs for the DB subnet group.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags to assign to the DB subnet group.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "DBSubnetGroupDescription", + "SubnetIds" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RDS::DBSubnetGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::RDS::EventSubscription": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Specifies whether to activate the subscription. If the event notification subscription isn't activated, the subscription is created but not active.", + "title": "Enabled", + "type": "boolean" + }, + "EventCategories": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of event categories for a particular source type ( `SourceType` ) that you want to subscribe to. You can see a list of the categories for a given source type in the \"Amazon RDS event categories and event messages\" section of the [*Amazon RDS User Guide*](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Events.Messages.html) or the [*Amazon Aurora User Guide*](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Events.Messages.html) . You can also see this list by using the `DescribeEventCategories` operation.", + "title": "EventCategories", + "type": "array" + }, + "SnsTopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the SNS topic created for event notification. SNS automatically creates the ARN when you create a topic and subscribe to it.\n\n> RDS doesn't support FIFO (first in, first out) topics. For more information, see [Message ordering and deduplication (FIFO topics)](https://docs.aws.amazon.com/sns/latest/dg/sns-fifo-topics.html) in the *Amazon Simple Notification Service Developer Guide* .", + "title": "SnsTopicArn", + "type": "string" + }, + "SourceIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of identifiers of the event sources for which events are returned. If not specified, then all sources are included in the response. An identifier must begin with a letter and must contain only ASCII letters, digits, and hyphens. It can't end with a hyphen or contain two consecutive hyphens.\n\nConstraints:\n\n- If `SourceIds` are supplied, `SourceType` must also be provided.\n- If the source type is a DB instance, a `DBInstanceIdentifier` value must be supplied.\n- If the source type is a DB cluster, a `DBClusterIdentifier` value must be supplied.\n- If the source type is a DB parameter group, a `DBParameterGroupName` value must be supplied.\n- If the source type is a DB security group, a `DBSecurityGroupName` value must be supplied.\n- If the source type is a DB snapshot, a `DBSnapshotIdentifier` value must be supplied.\n- If the source type is a DB cluster snapshot, a `DBClusterSnapshotIdentifier` value must be supplied.\n- If the source type is an RDS Proxy, a `DBProxyName` value must be supplied.", + "title": "SourceIds", + "type": "array" + }, + "SourceType": { + "markdownDescription": "The type of source that is generating the events. For example, if you want to be notified of events generated by a DB instance, you set this parameter to `db-instance` . For RDS Proxy events, specify `db-proxy` . If this value isn't specified, all events are returned.\n\nValid Values: `db-instance | db-cluster | db-parameter-group | db-security-group | db-snapshot | db-cluster-snapshot | db-proxy | zero-etl | custom-engine-version | blue-green-deployment`", + "title": "SourceType", + "type": "string" + }, + "SubscriptionName": { + "markdownDescription": "The name of the subscription.\n\nConstraints: The name must be less than 255 characters.", + "title": "SubscriptionName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An optional array of key-value pairs to apply to this subscription.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "SnsTopicArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RDS::EventSubscription" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::RDS::GlobalCluster": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DeletionProtection": { + "markdownDescription": "Specifies whether to enable deletion protection for the new global database cluster. The global database can't be deleted when deletion protection is enabled.", + "title": "DeletionProtection", + "type": "boolean" + }, + "Engine": { + "markdownDescription": "The database engine to use for this global database cluster.\n\nValid Values: `aurora-mysql | aurora-postgresql`\n\nConstraints:\n\n- Can't be specified if `SourceDBClusterIdentifier` is specified. In this case, Amazon Aurora uses the engine of the source DB cluster.", + "title": "Engine", + "type": "string" + }, + "EngineLifecycleSupport": { + "markdownDescription": "The life cycle type for this global database cluster.\n\n> By default, this value is set to `open-source-rds-extended-support` , which enrolls your global cluster into Amazon RDS Extended Support. At the end of standard support, you can avoid charges for Extended Support by setting the value to `open-source-rds-extended-support-disabled` . In this case, creating the global cluster will fail if the DB major version is past its end of standard support date. \n\nThis setting only applies to Aurora PostgreSQL-based global databases.\n\nYou can use this setting to enroll your global cluster into Amazon RDS Extended Support. With RDS Extended Support, you can run the selected major engine version on your global cluster past the end of standard support for that engine version. For more information, see [Amazon RDS Extended Support with Amazon Aurora](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/extended-support.html) in the *Amazon Aurora User Guide* .\n\nValid Values: `open-source-rds-extended-support | open-source-rds-extended-support-disabled`\n\nDefault: `open-source-rds-extended-support`", + "title": "EngineLifecycleSupport", + "type": "string" + }, + "EngineVersion": { + "markdownDescription": "The engine version to use for this global database cluster.\n\nConstraints:\n\n- Can't be specified if `SourceDBClusterIdentifier` is specified. In this case, Amazon Aurora uses the engine version of the source DB cluster.", + "title": "EngineVersion", + "type": "string" + }, + "GlobalClusterIdentifier": { + "markdownDescription": "The cluster identifier for this global database cluster. This parameter is stored as a lowercase string.", + "title": "GlobalClusterIdentifier", + "type": "string" + }, + "SourceDBClusterIdentifier": { + "markdownDescription": "The Amazon Resource Name (ARN) to use as the primary cluster of the global database.\n\nIf you provide a value for this parameter, don't specify values for the following settings because Amazon Aurora uses the values from the specified source DB cluster:\n\n- `DatabaseName`\n- `Engine`\n- `EngineVersion`\n- `StorageEncrypted`", + "title": "SourceDBClusterIdentifier", + "type": "string" + }, + "StorageEncrypted": { + "markdownDescription": "Specifies whether to enable storage encryption for the new global database cluster.\n\nConstraints:\n\n- Can't be specified if `SourceDBClusterIdentifier` is specified. In this case, Amazon Aurora uses the setting from the source DB cluster.", + "title": "StorageEncrypted", + "type": "boolean" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata assigned to an Amazon RDS resource consisting of a key-value pair.\n\nFor more information, see [Tagging Amazon RDS resources](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) in the *Amazon RDS User Guide* or [Tagging Amazon Aurora and Amazon RDS resources](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Tagging.html) in the *Amazon Aurora User Guide* .", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RDS::GlobalCluster" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::RDS::GlobalCluster.GlobalEndpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "markdownDescription": "The writer endpoint for the new global database cluster. This endpoint always points to the writer DB instance in the current primary cluster.", + "title": "Address", + "type": "string" + } + }, + "type": "object" + }, + "AWS::RDS::Integration": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AdditionalEncryptionContext": { + "additionalProperties": true, + "markdownDescription": "An optional set of non-secret key\u2013value pairs that contains additional contextual information about the data. For more information, see [Encryption context](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context) in the *AWS Key Management Service Developer Guide* .\n\nYou can only include this parameter if you specify the `KMSKeyId` parameter.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AdditionalEncryptionContext", + "type": "object" + }, + "DataFilter": { + "markdownDescription": "Data filters for the integration. These filters determine which tables from the source database are sent to the target Amazon Redshift data warehouse.", + "title": "DataFilter", + "type": "string" + }, + "Description": { + "markdownDescription": "A description of the integration.", + "title": "Description", + "type": "string" + }, + "IntegrationName": { + "markdownDescription": "The name of the integration.", + "title": "IntegrationName", + "type": "string" + }, + "KMSKeyId": { + "markdownDescription": "The AWS Key Management System ( AWS KMS) key identifier for the key to use to encrypt the integration. If you don't specify an encryption key, RDS uses a default AWS owned key.", + "title": "KMSKeyId", + "type": "string" + }, + "SourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the database to use as the source for replication.", + "title": "SourceArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An optional array of key-value pairs to apply to this integration.", + "title": "Tags", + "type": "array" + }, + "TargetArn": { + "markdownDescription": "The ARN of the Redshift data warehouse to use as the target for replication.", + "title": "TargetArn", + "type": "string" + } + }, + "required": [ + "SourceArn", + "TargetArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RDS::Integration" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::RDS::OptionGroup": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "EngineName": { + "markdownDescription": "Specifies the name of the engine that this option group should be associated with.\n\nValid Values:\n\n- `mariadb`\n- `mysql`\n- `oracle-ee`\n- `oracle-ee-cdb`\n- `oracle-se2`\n- `oracle-se2-cdb`\n- `postgres`\n- `sqlserver-ee`\n- `sqlserver-se`\n- `sqlserver-ex`\n- `sqlserver-web`", + "title": "EngineName", + "type": "string" + }, + "MajorEngineVersion": { + "markdownDescription": "Specifies the major version of the engine that this option group should be associated with.", + "title": "MajorEngineVersion", + "type": "string" + }, + "OptionConfigurations": { + "items": { + "$ref": "#/definitions/AWS::RDS::OptionGroup.OptionConfiguration" + }, + "markdownDescription": "A list of all available options for an option group.", + "title": "OptionConfigurations", + "type": "array" + }, + "OptionGroupDescription": { + "markdownDescription": "The description of the option group.", + "title": "OptionGroupDescription", + "type": "string" + }, + "OptionGroupName": { + "markdownDescription": "The name of the option group to be created.\n\nConstraints:\n\n- Must be 1 to 255 letters, numbers, or hyphens\n- First character must be a letter\n- Can't end with a hyphen or contain two consecutive hyphens\n\nExample: `myoptiongroup`\n\nIf you don't specify a value for `OptionGroupName` property, a name is automatically created for the option group.\n\n> This value is stored as a lowercase string.", + "title": "OptionGroupName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags to assign to the option group.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "EngineName", + "MajorEngineVersion", + "OptionGroupDescription" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RDS::OptionGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::RDS::OptionGroup.OptionConfiguration": { + "additionalProperties": false, + "properties": { + "DBSecurityGroupMemberships": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of DB security groups used for this option.", + "title": "DBSecurityGroupMemberships", + "type": "array" + }, + "OptionName": { + "markdownDescription": "The configuration of options to include in a group.", + "title": "OptionName", + "type": "string" + }, + "OptionSettings": { + "items": { + "$ref": "#/definitions/AWS::RDS::OptionGroup.OptionSetting" + }, + "markdownDescription": "The option settings to include in an option group.", + "title": "OptionSettings", + "type": "array" + }, + "OptionVersion": { + "markdownDescription": "The version for the option.", + "title": "OptionVersion", + "type": "string" + }, + "Port": { + "markdownDescription": "The optional port for the option.", + "title": "Port", + "type": "number" + }, + "VpcSecurityGroupMemberships": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of VPC security group names used for this option.", + "title": "VpcSecurityGroupMemberships", + "type": "array" + } + }, + "required": [ + "OptionName" + ], + "type": "object" + }, + "AWS::RDS::OptionGroup.OptionSetting": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the option that has settings that you can set.", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The current value of the option setting.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::RUM::AppMonitor": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AppMonitorConfiguration": { + "$ref": "#/definitions/AWS::RUM::AppMonitor.AppMonitorConfiguration", + "markdownDescription": "A structure that contains much of the configuration data for the app monitor. If you are using Amazon Cognito for authorization, you must include this structure in your request, and it must include the ID of the Amazon Cognito identity pool to use for authorization. If you don't include `AppMonitorConfiguration` , you must set up your own authorization method. For more information, see [Authorize your application to send data to AWS](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-RUM-get-started-authorization.html) .\n\nIf you omit this argument, the sample rate used for CloudWatch RUM is set to 10% of the user sessions.", + "title": "AppMonitorConfiguration" + }, + "CustomEvents": { + "$ref": "#/definitions/AWS::RUM::AppMonitor.CustomEvents", + "markdownDescription": "Specifies whether this app monitor allows the web client to define and send custom events. If you omit this parameter, custom events are `DISABLED` .", + "title": "CustomEvents" + }, + "CwLogEnabled": { + "markdownDescription": "Data collected by CloudWatch RUM is kept by RUM for 30 days and then deleted. This parameter specifies whether CloudWatch RUM sends a copy of this telemetry data to Amazon CloudWatch Logs in your account. This enables you to keep the telemetry data for more than 30 days, but it does incur Amazon CloudWatch Logs charges.\n\nIf you omit this parameter, the default is `false` .", + "title": "CwLogEnabled", + "type": "boolean" + }, + "DeobfuscationConfiguration": { + "$ref": "#/definitions/AWS::RUM::AppMonitor.DeobfuscationConfiguration", + "markdownDescription": "A structure that contains the configuration for how an app monitor can deobfuscate stack traces.", + "title": "DeobfuscationConfiguration" + }, + "Domain": { + "markdownDescription": "The top-level internet domain name for which your application has administrative authority. This parameter or the `DomainList` parameter is required.", + "title": "Domain", + "type": "string" + }, + "DomainList": { + "items": { + "type": "string" + }, + "markdownDescription": "List the domain names for which your application has administrative authority. This parameter or the `Domain` parameter is required.\n\nYou can have a minimum of 1 and a maximum of 5 `Domain` under `DomainList` . Each `Domain` must be a minimum length of 1 and a maximum of 253 characters.", + "title": "DomainList", + "type": "array" + }, + "Name": { + "markdownDescription": "A name for the app monitor. This parameter is required.", + "title": "Name", + "type": "string" + }, + "ResourcePolicy": { + "$ref": "#/definitions/AWS::RUM::AppMonitor.ResourcePolicy", + "markdownDescription": "Use this structure to assign a resource-based policy to a CloudWatch RUM app monitor to control access to it. Each app monitor can have one resource-based policy. The maximum size of the policy is 4 KB. To learn more about using resource policies with RUM, see [Using resource-based policies with CloudWatch RUM](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-RUM-resource-policies.html) .", + "title": "ResourcePolicy" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Assigns one or more tags (key-value pairs) to the app monitor.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with an app monitor.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RUM::AppMonitor" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::RUM::AppMonitor.AppMonitorConfiguration": { + "additionalProperties": false, + "properties": { + "AllowCookies": { + "markdownDescription": "If you set this to `true` , the CloudWatch RUM web client sets two cookies, a session cookie and a user cookie. The cookies allow the CloudWatch RUM web client to collect data relating to the number of users an application has and the behavior of the application across a sequence of events. Cookies are stored in the top-level domain of the current page.", + "title": "AllowCookies", + "type": "boolean" + }, + "EnableXRay": { + "markdownDescription": "If you set this to `true` , CloudWatch RUM sends client-side traces to X-Ray for each sampled session. You can then see traces and segments from these user sessions in the RUM dashboard and the CloudWatch ServiceLens console. For more information, see [What is AWS X-Ray ?](https://docs.aws.amazon.com/xray/latest/devguide/aws-xray.html)", + "title": "EnableXRay", + "type": "boolean" + }, + "ExcludedPages": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of URLs in your website or application to exclude from RUM data collection.\n\nYou can't include both `ExcludedPages` and `IncludedPages` in the same app monitor.", + "title": "ExcludedPages", + "type": "array" + }, + "FavoritePages": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of pages in your application that are to be displayed with a \"favorite\" icon in the CloudWatch RUM console.", + "title": "FavoritePages", + "type": "array" + }, + "GuestRoleArn": { + "markdownDescription": "The ARN of the guest IAM role that is attached to the Amazon Cognito identity pool that is used to authorize the sending of data to CloudWatch RUM.", + "title": "GuestRoleArn", + "type": "string" + }, + "IdentityPoolId": { + "markdownDescription": "The ID of the Amazon Cognito identity pool that is used to authorize the sending of data to CloudWatch RUM.", + "title": "IdentityPoolId", + "type": "string" + }, + "IncludedPages": { + "items": { + "type": "string" + }, + "markdownDescription": "If this app monitor is to collect data from only certain pages in your application, this structure lists those pages.\n\nYou can't include both `ExcludedPages` and `IncludedPages` in the same app monitor.", + "title": "IncludedPages", + "type": "array" + }, + "MetricDestinations": { + "items": { + "$ref": "#/definitions/AWS::RUM::AppMonitor.MetricDestination" + }, + "markdownDescription": "An array of structures that each define a destination that this app monitor will send extended metrics to.", + "title": "MetricDestinations", + "type": "array" + }, + "SessionSampleRate": { + "markdownDescription": "Specifies the portion of user sessions to use for CloudWatch RUM data collection. Choosing a higher portion gives you more data but also incurs more costs.\n\nThe range for this value is 0 to 1 inclusive. Setting this to 1 means that 100% of user sessions are sampled, and setting it to 0.1 means that 10% of user sessions are sampled.\n\nIf you omit this parameter, the default of 0.1 is used, and 10% of sessions will be sampled.", + "title": "SessionSampleRate", + "type": "number" + }, + "Telemetries": { + "items": { + "type": "string" + }, + "markdownDescription": "An array that lists the types of telemetry data that this app monitor is to collect.\n\n- `errors` indicates that RUM collects data about unhandled JavaScript errors raised by your application.\n- `performance` indicates that RUM collects performance data about how your application and its resources are loaded and rendered. This includes Core Web Vitals.\n- `http` indicates that RUM collects data about HTTP errors thrown by your application.", + "title": "Telemetries", + "type": "array" + } + }, + "type": "object" + }, + "AWS::RUM::AppMonitor.CustomEvents": { + "additionalProperties": false, + "properties": { + "Status": { + "markdownDescription": "Set this to `ENABLED` to allow the web client to send custom events for this app monitor.\n\nValid values are `ENABLED` and `DISABLED` .", + "title": "Status", + "type": "string" + } + }, + "type": "object" + }, + "AWS::RUM::AppMonitor.DeobfuscationConfiguration": { + "additionalProperties": false, + "properties": { + "JavaScriptSourceMaps": { + "$ref": "#/definitions/AWS::RUM::AppMonitor.JavaScriptSourceMaps", + "markdownDescription": "A structure that contains the configuration for how an app monitor can unminify JavaScript error stack traces using source maps.", + "title": "JavaScriptSourceMaps" + } + }, + "type": "object" + }, + "AWS::RUM::AppMonitor.JavaScriptSourceMaps": { + "additionalProperties": false, + "properties": { + "S3Uri": { + "markdownDescription": "The S3Uri of the bucket or folder that stores the source map files. It is required if status is ENABLED.", + "title": "S3Uri", + "type": "string" + }, + "Status": { + "markdownDescription": "Specifies whether JavaScript error stack traces should be unminified for this app monitor. The default is for JavaScript error stack trace unminification to be `DISABLED` .", + "title": "Status", + "type": "string" + } + }, + "required": [ + "Status" + ], + "type": "object" + }, + "AWS::RUM::AppMonitor.MetricDefinition": { + "additionalProperties": false, + "properties": { + "DimensionKeys": { + "additionalProperties": true, + "markdownDescription": "This field is a map of field paths to dimension names. It defines the dimensions to associate with this metric in CloudWatch . The value of this field is used only if the metric destination is `CloudWatch` . If the metric destination is `Evidently` , the value of `DimensionKeys` is ignored.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "DimensionKeys", + "type": "object" + }, + "EventPattern": { + "markdownDescription": "The pattern that defines the metric. RUM checks events that happen in a user's session against the pattern, and events that match the pattern are sent to the metric destination.\n\nIf the metrics destination is `CloudWatch` and the event also matches a value in `DimensionKeys` , then the metric is published with the specified dimensions.", + "title": "EventPattern", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the metric that is defined in this structure.", + "title": "Name", + "type": "string" + }, + "Namespace": { + "markdownDescription": "If you are creating a custom metric instead of an extended metrics, use this parameter to define the metric namespace for that custom metric. Do not specify this parameter if you are creating an extended metric.\n\nYou can't use any string that starts with `AWS/` for your namespace.", + "title": "Namespace", + "type": "string" + }, + "UnitLabel": { + "markdownDescription": "Use this field only if you are sending this metric to CloudWatch . It defines the CloudWatch metric unit that this metric is measured in.", + "title": "UnitLabel", + "type": "string" + }, + "ValueKey": { + "markdownDescription": "The field within the event object that the metric value is sourced from.", + "title": "ValueKey", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::RUM::AppMonitor.MetricDestination": { + "additionalProperties": false, + "properties": { + "Destination": { + "markdownDescription": "Defines the destination to send the metrics to. Valid values are `CloudWatch` and `Evidently` . If you specify `Evidently` , you must also specify the ARN of the CloudWatch Evidently experiment that is to be the destination and an IAM role that has permission to write to the experiment.", + "title": "Destination", + "type": "string" + }, + "DestinationArn": { + "markdownDescription": "Use this parameter only if `Destination` is `Evidently` . This parameter specifies the ARN of the Evidently experiment that will receive the extended metrics.", + "title": "DestinationArn", + "type": "string" + }, + "IamRoleArn": { + "markdownDescription": "This parameter is required if `Destination` is `Evidently` . If `Destination` is `CloudWatch` , do not use this parameter.\n\nThis parameter specifies the ARN of an IAM role that RUM will assume to write to the Evidently experiment that you are sending metrics to. This role must have permission to write to that experiment.", + "title": "IamRoleArn", + "type": "string" + }, + "MetricDefinitions": { + "items": { + "$ref": "#/definitions/AWS::RUM::AppMonitor.MetricDefinition" + }, + "markdownDescription": "An array of structures which define the metrics that you want to send.", + "title": "MetricDefinitions", + "type": "array" + } + }, + "required": [ + "Destination" + ], + "type": "object" + }, + "AWS::RUM::AppMonitor.ResourcePolicy": { + "additionalProperties": false, + "properties": { + "PolicyDocument": { + "markdownDescription": "The JSON to use as the resource policy. The document can be up to 4 KB in size. For more information about the contents and syntax for this policy, see [Using resource-based policies with CloudWatch RUM](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-RUM-resource-policies.html) .", + "title": "PolicyDocument", + "type": "string" + }, + "PolicyRevisionId": { + "markdownDescription": "A string value that you can use to conditionally update your policy. You can provide the revision ID of your existing policy to make mutating requests against that policy.\n\nWhen you assign a policy revision ID, then later requests about that policy will be rejected with an `InvalidPolicyRevisionIdException` error if they don't provide the correct current revision ID.", + "title": "PolicyRevisionId", + "type": "string" + } + }, + "required": [ + "PolicyDocument" + ], + "type": "object" + }, + "AWS::Rbin::Rule": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The retention rule description.", + "title": "Description", + "type": "string" + }, + "ExcludeResourceTags": { + "items": { + "$ref": "#/definitions/AWS::Rbin::Rule.ResourceTag" + }, + "markdownDescription": "[Region-level retention rules only] Specifies the exclusion tags to use to identify resources that are to be excluded, or ignored, by a Region-level retention rule. Resources that have any of these tags are not retained by the retention rule upon deletion.\n\nYou can't specify exclusion tags for tag-level retention rules.", + "title": "ExcludeResourceTags", + "type": "array" + }, + "LockConfiguration": { + "$ref": "#/definitions/AWS::Rbin::Rule.UnlockDelay", + "markdownDescription": "Information about the retention rule lock configuration.", + "title": "LockConfiguration" + }, + "ResourceTags": { + "items": { + "$ref": "#/definitions/AWS::Rbin::Rule.ResourceTag" + }, + "markdownDescription": "[Tag-level retention rules only] Specifies the resource tags to use to identify resources that are to be retained by a tag-level retention rule. For tag-level retention rules, only deleted resources, of the specified resource type, that have one or more of the specified tag key and value pairs are retained. If a resource is deleted, but it does not have any of the specified tag key and value pairs, it is immediately deleted without being retained by the retention rule.\n\nYou can add the same tag key and value pair to a maximum or five retention rules.\n\nTo create a Region-level retention rule, omit this parameter. A Region-level retention rule does not have any resource tags specified. It retains all deleted resources of the specified resource type in the Region in which the rule is created, even if the resources are not tagged.", + "title": "ResourceTags", + "type": "array" + }, + "ResourceType": { + "markdownDescription": "The resource type to be retained by the retention rule. Currently, only Amazon EBS snapshots and EBS-backed AMIs are supported. To retain snapshots, specify `EBS_SNAPSHOT` . To retain EBS-backed AMIs, specify `EC2_IMAGE` .", + "title": "ResourceType", + "type": "string" + }, + "RetentionPeriod": { + "$ref": "#/definitions/AWS::Rbin::Rule.RetentionPeriod", + "markdownDescription": "Information about the retention period for which the retention rule is to retain resources.", + "title": "RetentionPeriod" + }, + "Status": { + "markdownDescription": "The state of the retention rule. Only retention rules that are in the `available` state retain resources.", + "title": "Status", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Information about the tags to assign to the retention rule.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "ResourceType", + "RetentionPeriod" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Rbin::Rule" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Rbin::Rule.ResourceTag": { + "additionalProperties": false, + "properties": { + "ResourceTagKey": { + "markdownDescription": "The tag key.", + "title": "ResourceTagKey", + "type": "string" + }, + "ResourceTagValue": { + "markdownDescription": "The tag value.", + "title": "ResourceTagValue", + "type": "string" + } + }, + "required": [ + "ResourceTagKey", + "ResourceTagValue" + ], + "type": "object" + }, + "AWS::Rbin::Rule.RetentionPeriod": { + "additionalProperties": false, + "properties": { + "RetentionPeriodUnit": { + "markdownDescription": "The unit of time in which the retention period is measured. Currently, only `DAYS` is supported.", + "title": "RetentionPeriodUnit", + "type": "string" + }, + "RetentionPeriodValue": { + "markdownDescription": "The period value for which the retention rule is to retain resources. The period is measured using the unit specified for *RetentionPeriodUnit* .", + "title": "RetentionPeriodValue", + "type": "number" + } + }, + "required": [ + "RetentionPeriodUnit", + "RetentionPeriodValue" + ], + "type": "object" + }, + "AWS::Rbin::Rule.UnlockDelay": { + "additionalProperties": false, + "properties": { + "UnlockDelayUnit": { + "markdownDescription": "The unit of time in which to measure the unlock delay. Currently, the unlock delay can be measure only in days.", + "title": "UnlockDelayUnit", + "type": "string" + }, + "UnlockDelayValue": { + "markdownDescription": "The unlock delay period, measured in the unit specified for *UnlockDelayUnit* .", + "title": "UnlockDelayValue", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Redshift::Cluster": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AllowVersionUpgrade": { + "markdownDescription": "If `true` , major version upgrades can be applied during the maintenance window to the Amazon Redshift engine that is running on the cluster.\n\nWhen a new major version of the Amazon Redshift engine is released, you can request that the service automatically apply upgrades during the maintenance window to the Amazon Redshift engine that is running on your cluster.\n\nDefault: `true`", + "title": "AllowVersionUpgrade", + "type": "boolean" + }, + "AquaConfigurationStatus": { + "markdownDescription": "This parameter is retired. It does not set the AQUA configuration status. Amazon Redshift automatically determines whether to use AQUA (Advanced Query Accelerator).", + "title": "AquaConfigurationStatus", + "type": "string" + }, + "AutomatedSnapshotRetentionPeriod": { + "markdownDescription": "The number of days that automated snapshots are retained. If the value is 0, automated snapshots are disabled. Even if automated snapshots are disabled, you can still create manual snapshots when you want with [CreateClusterSnapshot](https://docs.aws.amazon.com/redshift/latest/APIReference/API_CreateClusterSnapshot.html) in the *Amazon Redshift API Reference* .\n\nDefault: `1`\n\nConstraints: Must be a value from 0 to 35.", + "title": "AutomatedSnapshotRetentionPeriod", + "type": "number" + }, + "AvailabilityZone": { + "markdownDescription": "The EC2 Availability Zone (AZ) in which you want Amazon Redshift to provision the cluster. For example, if you have several EC2 instances running in a specific Availability Zone, then you might want the cluster to be provisioned in the same zone in order to decrease network latency.\n\nDefault: A random, system-chosen Availability Zone in the region that is specified by the endpoint.\n\nExample: `us-east-2d`\n\nConstraint: The specified Availability Zone must be in the same region as the current endpoint.", + "title": "AvailabilityZone", + "type": "string" + }, + "AvailabilityZoneRelocation": { + "markdownDescription": "The option to enable relocation for an Amazon Redshift cluster between Availability Zones after the cluster is created.", + "title": "AvailabilityZoneRelocation", + "type": "boolean" + }, + "AvailabilityZoneRelocationStatus": { + "markdownDescription": "Describes the status of the Availability Zone relocation operation.", + "title": "AvailabilityZoneRelocationStatus", + "type": "string" + }, + "Classic": { + "markdownDescription": "A boolean value indicating whether the resize operation is using the classic resize process. If you don't provide this parameter or set the value to `false` , the resize type is elastic.", + "title": "Classic", + "type": "boolean" + }, + "ClusterIdentifier": { + "markdownDescription": "A unique identifier for the cluster. You use this identifier to refer to the cluster for any subsequent cluster operations such as deleting or modifying. The identifier also appears in the Amazon Redshift console.\n\nConstraints:\n\n- Must contain from 1 to 63 alphanumeric characters or hyphens.\n- Alphabetic characters must be lowercase.\n- First character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.\n- Must be unique for all clusters within an AWS account .\n\nExample: `myexamplecluster`", + "title": "ClusterIdentifier", + "type": "string" + }, + "ClusterParameterGroupName": { + "markdownDescription": "The name of the parameter group to be associated with this cluster.\n\nDefault: The default Amazon Redshift cluster parameter group. For information about the default parameter group, go to [Working with Amazon Redshift Parameter Groups](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-parameter-groups.html)\n\nConstraints:\n\n- Must be 1 to 255 alphanumeric characters or hyphens.\n- First character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.", + "title": "ClusterParameterGroupName", + "type": "string" + }, + "ClusterSecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of security groups to be associated with this cluster.\n\nDefault: The default cluster security group for Amazon Redshift.", + "title": "ClusterSecurityGroups", + "type": "array" + }, + "ClusterSubnetGroupName": { + "markdownDescription": "The name of a cluster subnet group to be associated with this cluster.\n\nIf this parameter is not provided the resulting cluster will be deployed outside virtual private cloud (VPC).", + "title": "ClusterSubnetGroupName", + "type": "string" + }, + "ClusterType": { + "markdownDescription": "The type of the cluster. When cluster type is specified as\n\n- `single-node` , the *NumberOfNodes* parameter is not required.\n- `multi-node` , the *NumberOfNodes* parameter is required.\n\nValid Values: `multi-node` | `single-node`\n\nDefault: `multi-node`", + "title": "ClusterType", + "type": "string" + }, + "ClusterVersion": { + "markdownDescription": "The version of the Amazon Redshift engine software that you want to deploy on the cluster.\n\nThe version selected runs on all the nodes in the cluster.\n\nConstraints: Only version 1.0 is currently available.\n\nExample: `1.0`", + "title": "ClusterVersion", + "type": "string" + }, + "DBName": { + "markdownDescription": "The name of the first database to be created when the cluster is created.\n\nTo create additional databases after the cluster is created, connect to the cluster with a SQL client and use SQL commands to create a database. For more information, go to [Create a Database](https://docs.aws.amazon.com/redshift/latest/dg/t_creating_database.html) in the Amazon Redshift Database Developer Guide.\n\nDefault: `dev`\n\nConstraints:\n\n- Must contain 1 to 64 alphanumeric characters.\n- Must contain only lowercase letters.\n- Cannot be a word that is reserved by the service. A list of reserved words can be found in [Reserved Words](https://docs.aws.amazon.com/redshift/latest/dg/r_pg_keywords.html) in the Amazon Redshift Database Developer Guide.", + "title": "DBName", + "type": "string" + }, + "DeferMaintenance": { + "markdownDescription": "A Boolean indicating whether to enable the deferred maintenance window.", + "title": "DeferMaintenance", + "type": "boolean" + }, + "DeferMaintenanceDuration": { + "markdownDescription": "An integer indicating the duration of the maintenance window in days. If you specify a duration, you can't specify an end time. The duration must be 45 days or less.", + "title": "DeferMaintenanceDuration", + "type": "number" + }, + "DeferMaintenanceEndTime": { + "markdownDescription": "A timestamp for the end of the time period when we defer maintenance.", + "title": "DeferMaintenanceEndTime", + "type": "string" + }, + "DeferMaintenanceStartTime": { + "markdownDescription": "A timestamp indicating the start time for the deferred maintenance window.", + "title": "DeferMaintenanceStartTime", + "type": "string" + }, + "DestinationRegion": { + "markdownDescription": "The destination region that snapshots are automatically copied to when cross-region snapshot copy is enabled.", + "title": "DestinationRegion", + "type": "string" + }, + "ElasticIp": { + "markdownDescription": "The Elastic IP (EIP) address for the cluster.\n\nConstraints: The cluster must be provisioned in EC2-VPC and publicly-accessible through an Internet gateway. Don't specify the Elastic IP address for a publicly accessible cluster with availability zone relocation turned on. For more information about provisioning clusters in EC2-VPC, go to [Supported Platforms to Launch Your Cluster](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-clusters.html#cluster-platforms) in the Amazon Redshift Cluster Management Guide.", + "title": "ElasticIp", + "type": "string" + }, + "Encrypted": { + "markdownDescription": "If `true` , the data in the cluster is encrypted at rest. If you set the value on this parameter to `false` , the request will fail.\n\nDefault: true", + "title": "Encrypted", + "type": "boolean" + }, + "Endpoint": { + "$ref": "#/definitions/AWS::Redshift::Cluster.Endpoint", + "markdownDescription": "The connection endpoint.", + "title": "Endpoint" + }, + "EnhancedVpcRouting": { + "markdownDescription": "An option that specifies whether to create the cluster with enhanced VPC routing enabled. To create a cluster that uses enhanced VPC routing, the cluster must be in a VPC. For more information, see [Enhanced VPC Routing](https://docs.aws.amazon.com/redshift/latest/mgmt/enhanced-vpc-routing.html) in the Amazon Redshift Cluster Management Guide.\n\nIf this option is `true` , enhanced VPC routing is enabled.\n\nDefault: false", + "title": "EnhancedVpcRouting", + "type": "boolean" + }, + "HsmClientCertificateIdentifier": { + "markdownDescription": "Specifies the name of the HSM client certificate the Amazon Redshift cluster uses to retrieve the data encryption keys stored in an HSM.", + "title": "HsmClientCertificateIdentifier", + "type": "string" + }, + "HsmConfigurationIdentifier": { + "markdownDescription": "Specifies the name of the HSM configuration that contains the information the Amazon Redshift cluster can use to retrieve and store keys in an HSM.", + "title": "HsmConfigurationIdentifier", + "type": "string" + }, + "IamRoles": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of AWS Identity and Access Management (IAM) roles that can be used by the cluster to access other AWS services. You must supply the IAM roles in their Amazon Resource Name (ARN) format.\n\nThe maximum number of IAM roles that you can associate is subject to a quota. For more information, go to [Quotas and limits](https://docs.aws.amazon.com/redshift/latest/mgmt/amazon-redshift-limits.html) in the *Amazon Redshift Cluster Management Guide* .", + "title": "IamRoles", + "type": "array" + }, + "KmsKeyId": { + "markdownDescription": "The AWS Key Management Service (KMS) key ID of the encryption key that you want to use to encrypt data in the cluster.", + "title": "KmsKeyId", + "type": "string" + }, + "LoggingProperties": { + "$ref": "#/definitions/AWS::Redshift::Cluster.LoggingProperties", + "markdownDescription": "Specifies logging information, such as queries and connection attempts, for the specified Amazon Redshift cluster.", + "title": "LoggingProperties" + }, + "MaintenanceTrackName": { + "markdownDescription": "An optional parameter for the name of the maintenance track for the cluster. If you don't provide a maintenance track name, the cluster is assigned to the `current` track.", + "title": "MaintenanceTrackName", + "type": "string" + }, + "ManageMasterPassword": { + "markdownDescription": "If `true` , Amazon Redshift uses AWS Secrets Manager to manage this cluster's admin credentials. You can't use `MasterUserPassword` if `ManageMasterPassword` is true. If `ManageMasterPassword` is false or not set, Amazon Redshift uses `MasterUserPassword` for the admin user account's password.", + "title": "ManageMasterPassword", + "type": "boolean" + }, + "ManualSnapshotRetentionPeriod": { + "markdownDescription": "The default number of days to retain a manual snapshot. If the value is -1, the snapshot is retained indefinitely. This setting doesn't change the retention period of existing snapshots.\n\nThe value must be either -1 or an integer between 1 and 3,653.", + "title": "ManualSnapshotRetentionPeriod", + "type": "number" + }, + "MasterPasswordSecretKmsKeyId": { + "markdownDescription": "The ID of the AWS Key Management Service (KMS) key used to encrypt and store the cluster's admin credentials secret. You can only use this parameter if `ManageMasterPassword` is true.", + "title": "MasterPasswordSecretKmsKeyId", + "type": "string" + }, + "MasterUserPassword": { + "markdownDescription": "The password associated with the admin user account for the cluster that is being created.\n\nYou can't use `MasterUserPassword` if `ManageMasterPassword` is `true` .\n\nConstraints:\n\n- Must be between 8 and 64 characters in length.\n- Must contain at least one uppercase letter.\n- Must contain at least one lowercase letter.\n- Must contain one number.\n- Can be any printable ASCII character (ASCII code 33-126) except `'` (single quote), `\"` (double quote), `\\` , `/` , or `@` .", + "title": "MasterUserPassword", + "type": "string" + }, + "MasterUsername": { + "markdownDescription": "The user name associated with the admin user account for the cluster that is being created.\n\nConstraints:\n\n- Must be 1 - 128 alphanumeric characters or hyphens. The user name can't be `PUBLIC` .\n- Must contain only lowercase letters, numbers, underscore, plus sign, period (dot), at symbol (@), or hyphen.\n- The first character must be a letter.\n- Must not contain a colon (:) or a slash (/).\n- Cannot be a reserved word. A list of reserved words can be found in [Reserved Words](https://docs.aws.amazon.com/redshift/latest/dg/r_pg_keywords.html) in the Amazon Redshift Database Developer Guide.", + "title": "MasterUsername", + "type": "string" + }, + "MultiAZ": { + "markdownDescription": "A boolean indicating whether Amazon Redshift should deploy the cluster in two Availability Zones. The default is false.", + "title": "MultiAZ", + "type": "boolean" + }, + "NamespaceResourcePolicy": { + "markdownDescription": "The policy that is attached to a resource.", + "title": "NamespaceResourcePolicy", + "type": "object" + }, + "NodeType": { + "markdownDescription": "The node type to be provisioned for the cluster. For information about node types, go to [Working with Clusters](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-clusters.html#how-many-nodes) in the *Amazon Redshift Cluster Management Guide* .\n\nValid Values: `dc2.large` | `dc2.8xlarge` | `ra3.large` | `ra3.xlplus` | `ra3.4xlarge` | `ra3.16xlarge`", + "title": "NodeType", + "type": "string" + }, + "NumberOfNodes": { + "markdownDescription": "The number of compute nodes in the cluster. This parameter is required when the *ClusterType* parameter is specified as `multi-node` .\n\nFor information about determining how many nodes you need, go to [Working with Clusters](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-clusters.html#how-many-nodes) in the *Amazon Redshift Cluster Management Guide* .\n\nIf you don't specify this parameter, you get a single-node cluster. When requesting a multi-node cluster, you must specify the number of nodes that you want in the cluster.\n\nDefault: `1`\n\nConstraints: Value must be at least 1 and no more than 100.", + "title": "NumberOfNodes", + "type": "number" + }, + "OwnerAccount": { + "markdownDescription": "The AWS account used to create or copy the snapshot. Required if you are restoring a snapshot you do not own, optional if you own the snapshot.", + "title": "OwnerAccount", + "type": "string" + }, + "Port": { + "markdownDescription": "The port number on which the cluster accepts incoming connections.\n\nThe cluster is accessible only via the JDBC and ODBC connection strings. Part of the connection string requires the port on which the cluster will listen for incoming connections.\n\nDefault: `5439`\n\nValid Values:\n\n- For clusters with ra3 nodes - Select a port within the ranges `5431-5455` or `8191-8215` . (If you have an existing cluster with ra3 nodes, it isn't required that you change the port to these ranges.)\n- For clusters with dc2 nodes - Select a port within the range `1150-65535` .", + "title": "Port", + "type": "number" + }, + "PreferredMaintenanceWindow": { + "markdownDescription": "The weekly time range (in UTC) during which automated cluster maintenance can occur.\n\nFormat: `ddd:hh24:mi-ddd:hh24:mi`\n\nDefault: A 30-minute window selected at random from an 8-hour block of time per region, occurring on a random day of the week. For more information about the time blocks for each region, see [Maintenance Windows](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-clusters.html#rs-maintenance-windows) in Amazon Redshift Cluster Management Guide.\n\nValid Days: Mon | Tue | Wed | Thu | Fri | Sat | Sun\n\nConstraints: Minimum 30-minute window.", + "title": "PreferredMaintenanceWindow", + "type": "string" + }, + "PubliclyAccessible": { + "markdownDescription": "If `true` , the cluster can be accessed from a public network.\n\nDefault: false", + "title": "PubliclyAccessible", + "type": "boolean" + }, + "ResourceAction": { + "markdownDescription": "The Amazon Redshift operation to be performed. Supported operations are `pause-cluster` , `resume-cluster` , and `failover-primary-compute` .", + "title": "ResourceAction", + "type": "string" + }, + "RevisionTarget": { + "markdownDescription": "Describes a `RevisionTarget` object.", + "title": "RevisionTarget", + "type": "string" + }, + "RotateEncryptionKey": { + "markdownDescription": "Rotates the encryption keys for a cluster.", + "title": "RotateEncryptionKey", + "type": "boolean" + }, + "SnapshotClusterIdentifier": { + "markdownDescription": "The name of the cluster the source snapshot was created from. This parameter is required if your user or role has a policy containing a snapshot resource element that specifies anything other than * for the cluster name.", + "title": "SnapshotClusterIdentifier", + "type": "string" + }, + "SnapshotCopyGrantName": { + "markdownDescription": "The name of the snapshot copy grant.", + "title": "SnapshotCopyGrantName", + "type": "string" + }, + "SnapshotCopyManual": { + "markdownDescription": "Indicates whether to apply the snapshot retention period to newly copied manual snapshots instead of automated snapshots.", + "title": "SnapshotCopyManual", + "type": "boolean" + }, + "SnapshotCopyRetentionPeriod": { + "markdownDescription": "The number of days to retain automated snapshots in the destination AWS Region after they are copied from the source AWS Region .\n\nBy default, this only changes the retention period of copied automated snapshots.\n\nIf you decrease the retention period for automated snapshots that are copied to a destination AWS Region , Amazon Redshift deletes any existing automated snapshots that were copied to the destination AWS Region and that fall outside of the new retention period.\n\nConstraints: Must be at least 1 and no more than 35 for automated snapshots.\n\nIf you specify the `manual` option, only newly copied manual snapshots will have the new retention period.\n\nIf you specify the value of -1 newly copied manual snapshots are retained indefinitely.\n\nConstraints: The number of days must be either -1 or an integer between 1 and 3,653 for manual snapshots.", + "title": "SnapshotCopyRetentionPeriod", + "type": "number" + }, + "SnapshotIdentifier": { + "markdownDescription": "The name of the snapshot from which to create the new cluster. This parameter isn't case sensitive. You must specify this parameter or `snapshotArn` , but not both.\n\nExample: `my-snapshot-id`", + "title": "SnapshotIdentifier", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tag instances.", + "title": "Tags", + "type": "array" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of Virtual Private Cloud (VPC) security groups to be associated with the cluster.\n\nDefault: The default VPC security group is associated with the cluster.", + "title": "VpcSecurityGroupIds", + "type": "array" + } + }, + "required": [ + "ClusterType", + "DBName", + "MasterUsername", + "NodeType" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Redshift::Cluster" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Redshift::Cluster.Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "markdownDescription": "The DNS address of the cluster. This property is read only.", + "title": "Address", + "type": "string" + }, + "Port": { + "markdownDescription": "The port that the database engine is listening on. This property is read only.", + "title": "Port", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Redshift::Cluster.LoggingProperties": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "The name of an existing S3 bucket where the log files are to be stored.\n\nConstraints:\n\n- Must be in the same region as the cluster\n- The cluster must have read bucket and put object permissions", + "title": "BucketName", + "type": "string" + }, + "LogDestinationType": { + "markdownDescription": "The log destination type. An enum with possible values of `s3` and `cloudwatch` .", + "title": "LogDestinationType", + "type": "string" + }, + "LogExports": { + "items": { + "type": "string" + }, + "markdownDescription": "The collection of exported log types. Possible values are `connectionlog` , `useractivitylog` , and `userlog` .", + "title": "LogExports", + "type": "array" + }, + "S3KeyPrefix": { + "markdownDescription": "The prefix applied to the log file names.\n\nValid characters are any letter from any language, any whitespace character, any numeric character, and the following characters: underscore ( `_` ), period ( `.` ), colon ( `:` ), slash ( `/` ), equal ( `=` ), plus ( `+` ), backslash ( `\\` ), hyphen ( `-` ), at symbol ( `@` ).", + "title": "S3KeyPrefix", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Redshift::ClusterParameterGroup": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the parameter group.", + "title": "Description", + "type": "string" + }, + "ParameterGroupFamily": { + "markdownDescription": "The name of the cluster parameter group family that this cluster parameter group is compatible with. You can create a custom parameter group and then associate your cluster with it. For more information, see [Amazon Redshift parameter groups](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-parameter-groups.html) .", + "title": "ParameterGroupFamily", + "type": "string" + }, + "ParameterGroupName": { + "markdownDescription": "The name of the cluster parameter group.", + "title": "ParameterGroupName", + "type": "string" + }, + "Parameters": { + "items": { + "$ref": "#/definitions/AWS::Redshift::ClusterParameterGroup.Parameter" + }, + "markdownDescription": "An array of parameters to be modified. A maximum of 20 parameters can be modified in a single request.\n\nFor each parameter to be modified, you must supply at least the parameter name and parameter value; other name-value pairs of the parameter are optional.\n\nFor the workload management (WLM) configuration, you must supply all the name-value pairs in the wlm_json_configuration parameter.", + "title": "Parameters", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of tags for the cluster parameter group.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Description", + "ParameterGroupFamily" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Redshift::ClusterParameterGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Redshift::ClusterParameterGroup.Parameter": { + "additionalProperties": false, + "properties": { + "ParameterName": { + "markdownDescription": "The name of the parameter.", + "title": "ParameterName", + "type": "string" + }, + "ParameterValue": { + "markdownDescription": "The value of the parameter. If `ParameterName` is `wlm_json_configuration` , then the maximum size of `ParameterValue` is 8000 characters.", + "title": "ParameterValue", + "type": "string" + } + }, + "required": [ + "ParameterName", + "ParameterValue" + ], + "type": "object" + }, + "AWS::Redshift::ClusterSecurityGroup": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description for the security group.", + "title": "Description", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies an arbitrary set of tags (key\u2013value pairs) to associate with this security group. Use tags to manage your resources.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Description" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Redshift::ClusterSecurityGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Redshift::ClusterSecurityGroupIngress": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CIDRIP": { + "markdownDescription": "The IP range to be added the Amazon Redshift security group.", + "title": "CIDRIP", + "type": "string" + }, + "ClusterSecurityGroupName": { + "markdownDescription": "The name of the security group to which the ingress rule is added.", + "title": "ClusterSecurityGroupName", + "type": "string" + }, + "EC2SecurityGroupName": { + "markdownDescription": "The EC2 security group to be added the Amazon Redshift security group.", + "title": "EC2SecurityGroupName", + "type": "string" + }, + "EC2SecurityGroupOwnerId": { + "markdownDescription": "The AWS account number of the owner of the security group specified by the *EC2SecurityGroupName* parameter. The AWS Access Key ID is not an acceptable value.\n\nExample: `111122223333`\n\nConditional. If you specify the `EC2SecurityGroupName` property, you must specify this property.", + "title": "EC2SecurityGroupOwnerId", + "type": "string" + } + }, + "required": [ + "ClusterSecurityGroupName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Redshift::ClusterSecurityGroupIngress" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Redshift::ClusterSubnetGroup": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description for the subnet group.", + "title": "Description", + "type": "string" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of VPC subnet IDs. A maximum of 20 subnets can be modified in a single request.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies an arbitrary set of tags (key\u2013value pairs) to associate with this subnet group. Use tags to manage your resources.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Description", + "SubnetIds" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Redshift::ClusterSubnetGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Redshift::EndpointAccess": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ClusterIdentifier": { + "markdownDescription": "The cluster identifier of the cluster associated with the endpoint.", + "title": "ClusterIdentifier", + "type": "string" + }, + "EndpointName": { + "markdownDescription": "The name of the endpoint.", + "title": "EndpointName", + "type": "string" + }, + "ResourceOwner": { + "markdownDescription": "The AWS account ID of the owner of the cluster.", + "title": "ResourceOwner", + "type": "string" + }, + "SubnetGroupName": { + "markdownDescription": "The subnet group name where Amazon Redshift chooses to deploy the endpoint.", + "title": "SubnetGroupName", + "type": "string" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The security group that defines the ports, protocols, and sources for inbound traffic that you are authorizing into your endpoint.", + "title": "VpcSecurityGroupIds", + "type": "array" + } + }, + "required": [ + "ClusterIdentifier", + "EndpointName", + "SubnetGroupName", + "VpcSecurityGroupIds" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Redshift::EndpointAccess" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Redshift::EndpointAccess.NetworkInterface": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "markdownDescription": "The Availability Zone.", + "title": "AvailabilityZone", + "type": "string" + }, + "NetworkInterfaceId": { + "markdownDescription": "The network interface identifier.", + "title": "NetworkInterfaceId", + "type": "string" + }, + "PrivateIpAddress": { + "markdownDescription": "The IPv4 address of the network interface within the subnet.", + "title": "PrivateIpAddress", + "type": "string" + }, + "SubnetId": { + "markdownDescription": "The subnet identifier.", + "title": "SubnetId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Redshift::EndpointAccess.VpcEndpoint": { + "additionalProperties": false, + "properties": { + "NetworkInterfaces": { + "items": { + "$ref": "#/definitions/AWS::Redshift::EndpointAccess.NetworkInterface" + }, + "markdownDescription": "One or more network interfaces of the endpoint. Also known as an interface endpoint.", + "title": "NetworkInterfaces", + "type": "array" + }, + "VpcEndpointId": { + "markdownDescription": "The connection endpoint ID for connecting an Amazon Redshift cluster through the proxy.", + "title": "VpcEndpointId", + "type": "string" + }, + "VpcId": { + "markdownDescription": "The VPC identifier that the endpoint is associated.", + "title": "VpcId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Redshift::EndpointAccess.VpcSecurityGroup": { + "additionalProperties": false, + "properties": { + "Status": { + "markdownDescription": "The status of the endpoint.", + "title": "Status", + "type": "string" + }, + "VpcSecurityGroupId": { + "markdownDescription": "The identifier of the VPC security group.", + "title": "VpcSecurityGroupId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Redshift::EndpointAuthorization": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Account": { + "markdownDescription": "The AWS account ID of either the cluster owner (grantor) or grantee. If `Grantee` parameter is true, then the `Account` value is of the grantor.", + "title": "Account", + "type": "string" + }, + "ClusterIdentifier": { + "markdownDescription": "The cluster identifier.", + "title": "ClusterIdentifier", + "type": "string" + }, + "Force": { + "markdownDescription": "Indicates whether to force the revoke action. If true, the Redshift-managed VPC endpoints associated with the endpoint authorization are also deleted.", + "title": "Force", + "type": "boolean" + }, + "VpcIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The virtual private cloud (VPC) identifiers to grant access to.", + "title": "VpcIds", + "type": "array" + } + }, + "required": [ + "Account", + "ClusterIdentifier" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Redshift::EndpointAuthorization" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Redshift::EventSubscription": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "A boolean value; set to `true` to activate the subscription, and set to `false` to create the subscription but not activate it.", + "title": "Enabled", + "type": "boolean" + }, + "EventCategories": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the Amazon Redshift event categories to be published by the event notification subscription.\n\nValues: configuration, management, monitoring, security, pending", + "title": "EventCategories", + "type": "array" + }, + "Severity": { + "markdownDescription": "Specifies the Amazon Redshift event severity to be published by the event notification subscription.\n\nValues: ERROR, INFO", + "title": "Severity", + "type": "string" + }, + "SnsTopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic used to transmit the event notifications. The ARN is created by Amazon SNS when you create a topic and subscribe to it.", + "title": "SnsTopicArn", + "type": "string" + }, + "SourceIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of one or more identifiers of Amazon Redshift source objects. All of the objects must be of the same type as was specified in the source type parameter. The event subscription will return only events generated by the specified objects. If not specified, then events are returned for all objects within the source type specified.\n\nExample: my-cluster-1, my-cluster-2\n\nExample: my-snapshot-20131010", + "title": "SourceIds", + "type": "array" + }, + "SourceType": { + "markdownDescription": "The type of source that will be generating the events. For example, if you want to be notified of events generated by a cluster, you would set this parameter to cluster. If this value is not specified, events are returned for all Amazon Redshift objects in your AWS account . You must specify a source type in order to specify source IDs.\n\nValid values: cluster, cluster-parameter-group, cluster-security-group, cluster-snapshot, and scheduled-action.", + "title": "SourceType", + "type": "string" + }, + "SubscriptionName": { + "markdownDescription": "The name of the event subscription to be created.\n\nConstraints:\n\n- Cannot be null, empty, or blank.\n- Must contain from 1 to 255 alphanumeric characters or hyphens.\n- First character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.", + "title": "SubscriptionName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tag instances.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "SubscriptionName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Redshift::EventSubscription" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Redshift::Integration": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AdditionalEncryptionContext": { + "additionalProperties": true, + "markdownDescription": "The encryption context for the integration. For more information, see [Encryption context](https://docs.aws.amazon.com/) in the *AWS Key Management Service Developer Guide* .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AdditionalEncryptionContext", + "type": "object" + }, + "IntegrationName": { + "markdownDescription": "The name of the integration.", + "title": "IntegrationName", + "type": "string" + }, + "KMSKeyId": { + "markdownDescription": "The AWS Key Management Service ( AWS KMS) key identifier for the key used to encrypt the integration.", + "title": "KMSKeyId", + "type": "string" + }, + "SourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the database used as the source for replication.", + "title": "SourceArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of tags associated with the integration.", + "title": "Tags", + "type": "array" + }, + "TargetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Redshift data warehouse to use as the target for replication.", + "title": "TargetArn", + "type": "string" + } + }, + "required": [ + "SourceArn", + "TargetArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Redshift::Integration" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Redshift::ScheduledAction": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Enable": { + "markdownDescription": "If true, the schedule is enabled. If false, the scheduled action does not trigger. For more information about `state` of the scheduled action, see `ScheduledAction` .", + "title": "Enable", + "type": "boolean" + }, + "EndTime": { + "markdownDescription": "The end time in UTC when the schedule is no longer active. After this time, the scheduled action does not trigger.", + "title": "EndTime", + "type": "string" + }, + "IamRole": { + "markdownDescription": "The IAM role to assume to run the scheduled action. This IAM role must have permission to run the Amazon Redshift API operation in the scheduled action. This IAM role must allow the Amazon Redshift scheduler (Principal scheduler.redshift.amazonaws.com) to assume permissions on your behalf. For more information about the IAM role to use with the Amazon Redshift scheduler, see [Using Identity-Based Policies for Amazon Redshift](https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-iam-access-control-identity-based.html) in the *Amazon Redshift Cluster Management Guide* .", + "title": "IamRole", + "type": "string" + }, + "Schedule": { + "markdownDescription": "The schedule for a one-time (at format) or recurring (cron format) scheduled action. Schedule invocations must be separated by at least one hour.\n\nFormat of at expressions is \" `at(yyyy-mm-ddThh:mm:ss)` \". For example, \" `at(2016-03-04T17:27:00)` \".\n\nFormat of cron expressions is \" `cron(Minutes Hours Day-of-month Month Day-of-week Year)` \". For example, \" `cron(0 10 ? * MON *)` \". For more information, see [Cron Expressions](https://docs.aws.amazon.com//AmazonCloudWatch/latest/events/ScheduledEvents.html#CronExpressions) in the *Amazon CloudWatch Events User Guide* .", + "title": "Schedule", + "type": "string" + }, + "ScheduledActionDescription": { + "markdownDescription": "The description of the scheduled action.", + "title": "ScheduledActionDescription", + "type": "string" + }, + "ScheduledActionName": { + "markdownDescription": "The name of the scheduled action.", + "title": "ScheduledActionName", + "type": "string" + }, + "StartTime": { + "markdownDescription": "The start time in UTC when the schedule is active. Before this time, the scheduled action does not trigger.", + "title": "StartTime", + "type": "string" + }, + "TargetAction": { + "$ref": "#/definitions/AWS::Redshift::ScheduledAction.ScheduledActionType", + "markdownDescription": "A JSON format string of the Amazon Redshift API operation with input parameters.\n\n\" `{\\\"ResizeCluster\\\":{\\\"NodeType\\\":\\\"ra3.4xlarge\\\",\\\"ClusterIdentifier\\\":\\\"my-test-cluster\\\",\\\"NumberOfNodes\\\":3}}` \".", + "title": "TargetAction" + } + }, + "required": [ + "ScheduledActionName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Redshift::ScheduledAction" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Redshift::ScheduledAction.PauseClusterMessage": { + "additionalProperties": false, + "properties": { + "ClusterIdentifier": { + "markdownDescription": "The identifier of the cluster to be paused.", + "title": "ClusterIdentifier", + "type": "string" + } + }, + "required": [ + "ClusterIdentifier" + ], + "type": "object" + }, + "AWS::Redshift::ScheduledAction.ResizeClusterMessage": { + "additionalProperties": false, + "properties": { + "Classic": { + "markdownDescription": "A boolean value indicating whether the resize operation is using the classic resize process. If you don't provide this parameter or set the value to `false` , the resize type is elastic.", + "title": "Classic", + "type": "boolean" + }, + "ClusterIdentifier": { + "markdownDescription": "The unique identifier for the cluster to resize.", + "title": "ClusterIdentifier", + "type": "string" + }, + "ClusterType": { + "markdownDescription": "The new cluster type for the specified cluster.", + "title": "ClusterType", + "type": "string" + }, + "NodeType": { + "markdownDescription": "The new node type for the nodes you are adding. If not specified, the cluster's current node type is used.", + "title": "NodeType", + "type": "string" + }, + "NumberOfNodes": { + "markdownDescription": "The new number of nodes for the cluster. If not specified, the cluster's current number of nodes is used.", + "title": "NumberOfNodes", + "type": "number" + } + }, + "required": [ + "ClusterIdentifier" + ], + "type": "object" + }, + "AWS::Redshift::ScheduledAction.ResumeClusterMessage": { + "additionalProperties": false, + "properties": { + "ClusterIdentifier": { + "markdownDescription": "The identifier of the cluster to be resumed.", + "title": "ClusterIdentifier", + "type": "string" + } + }, + "required": [ + "ClusterIdentifier" + ], + "type": "object" + }, + "AWS::Redshift::ScheduledAction.ScheduledActionType": { + "additionalProperties": false, + "properties": { + "PauseCluster": { + "$ref": "#/definitions/AWS::Redshift::ScheduledAction.PauseClusterMessage", + "markdownDescription": "An action that runs a `PauseCluster` API operation.", + "title": "PauseCluster" + }, + "ResizeCluster": { + "$ref": "#/definitions/AWS::Redshift::ScheduledAction.ResizeClusterMessage", + "markdownDescription": "An action that runs a `ResizeCluster` API operation.", + "title": "ResizeCluster" + }, + "ResumeCluster": { + "$ref": "#/definitions/AWS::Redshift::ScheduledAction.ResumeClusterMessage", + "markdownDescription": "An action that runs a `ResumeCluster` API operation.", + "title": "ResumeCluster" + } + }, + "type": "object" + }, + "AWS::RedshiftServerless::Namespace": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AdminPasswordSecretKmsKeyId": { + "markdownDescription": "The ID of the AWS Key Management Service (KMS) key used to encrypt and store the namespace's admin credentials secret. You can only use this parameter if `ManageAdminPassword` is `true` .", + "title": "AdminPasswordSecretKmsKeyId", + "type": "string" + }, + "AdminUserPassword": { + "markdownDescription": "The password of the administrator for the primary database created in the namespace.", + "title": "AdminUserPassword", + "type": "string" + }, + "AdminUsername": { + "markdownDescription": "The username of the administrator for the primary database created in the namespace.", + "title": "AdminUsername", + "type": "string" + }, + "DbName": { + "markdownDescription": "The name of the primary database created in the namespace.", + "title": "DbName", + "type": "string" + }, + "DefaultIamRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to set as a default in the namespace.", + "title": "DefaultIamRoleArn", + "type": "string" + }, + "FinalSnapshotName": { + "markdownDescription": "The name of the snapshot to be created before the namespace is deleted.", + "title": "FinalSnapshotName", + "type": "string" + }, + "FinalSnapshotRetentionPeriod": { + "markdownDescription": "How long to retain the final snapshot.", + "title": "FinalSnapshotRetentionPeriod", + "type": "number" + }, + "IamRoles": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of IAM roles to associate with the namespace.", + "title": "IamRoles", + "type": "array" + }, + "KmsKeyId": { + "markdownDescription": "The ID of the AWS Key Management Service key used to encrypt your data.", + "title": "KmsKeyId", + "type": "string" + }, + "LogExports": { + "items": { + "type": "string" + }, + "markdownDescription": "The types of logs the namespace can export. Available export types are `userlog` , `connectionlog` , and `useractivitylog` .", + "title": "LogExports", + "type": "array" + }, + "ManageAdminPassword": { + "markdownDescription": "If true, Amazon Redshift uses AWS Secrets Manager to manage the namespace's admin credentials. You can't use `AdminUserPassword` if `ManageAdminPassword` is true. If `ManageAdminPassword` is `false` or not set, Amazon Redshift uses `AdminUserPassword` for the admin user account's password.", + "title": "ManageAdminPassword", + "type": "boolean" + }, + "NamespaceName": { + "markdownDescription": "The name of the namespace. Must be between 3-64 alphanumeric characters in lowercase, and it cannot be a reserved word. A list of reserved words can be found in [Reserved Words](https://docs.aws.amazon.com//redshift/latest/dg/r_pg_keywords.html) in the Amazon Redshift Database Developer Guide.", + "title": "NamespaceName", + "type": "string" + }, + "NamespaceResourcePolicy": { + "markdownDescription": "The resource policy that will be attached to the namespace.", + "title": "NamespaceResourcePolicy", + "type": "object" + }, + "RedshiftIdcApplicationArn": { + "markdownDescription": "The ARN for the Redshift application that integrates with IAM Identity Center.", + "title": "RedshiftIdcApplicationArn", + "type": "string" + }, + "SnapshotCopyConfigurations": { + "items": { + "$ref": "#/definitions/AWS::RedshiftServerless::Namespace.SnapshotCopyConfiguration" + }, + "markdownDescription": "", + "title": "SnapshotCopyConfigurations", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The map of the key-value pairs used to tag the namespace.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "NamespaceName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RedshiftServerless::Namespace" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::RedshiftServerless::Namespace.Namespace": { + "additionalProperties": false, + "properties": { + "AdminPasswordSecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the namespace's admin user credentials secret.", + "title": "AdminPasswordSecretArn", + "type": "string" + }, + "AdminPasswordSecretKmsKeyId": { + "markdownDescription": "The ID of the AWS Key Management Service (KMS) key used to encrypt and store the namespace's admin credentials secret.", + "title": "AdminPasswordSecretKmsKeyId", + "type": "string" + }, + "AdminUsername": { + "markdownDescription": "The username of the administrator for the first database created in the namespace.", + "title": "AdminUsername", + "type": "string" + }, + "CreationDate": { + "markdownDescription": "The date of when the namespace was created.", + "title": "CreationDate", + "type": "string" + }, + "DbName": { + "markdownDescription": "The name of the first database created in the namespace.", + "title": "DbName", + "type": "string" + }, + "DefaultIamRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to set as a default in the namespace.", + "title": "DefaultIamRoleArn", + "type": "string" + }, + "IamRoles": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of IAM roles to associate with the namespace.", + "title": "IamRoles", + "type": "array" + }, + "KmsKeyId": { + "markdownDescription": "The ID of the AWS Key Management Service key used to encrypt your data.", + "title": "KmsKeyId", + "type": "string" + }, + "LogExports": { + "items": { + "type": "string" + }, + "markdownDescription": "The types of logs the namespace can export. Available export types are User log, Connection log, and User activity log.", + "title": "LogExports", + "type": "array" + }, + "NamespaceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) associated with a namespace.", + "title": "NamespaceArn", + "type": "string" + }, + "NamespaceId": { + "markdownDescription": "The unique identifier of a namespace.", + "title": "NamespaceId", + "type": "string" + }, + "NamespaceName": { + "markdownDescription": "The name of the namespace. Must be between 3-64 alphanumeric characters in lowercase, and it cannot be a reserved word. A list of reserved words can be found in [Reserved Words](https://docs.aws.amazon.com//redshift/latest/dg/r_pg_keywords.html) in the Amazon Redshift Database Developer Guide.", + "title": "NamespaceName", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the namespace.", + "title": "Status", + "type": "string" + } + }, + "type": "object" + }, + "AWS::RedshiftServerless::Namespace.SnapshotCopyConfiguration": { + "additionalProperties": false, + "properties": { + "DestinationKmsKeyId": { + "markdownDescription": "The ID of the KMS key to use to encrypt your snapshots in the destination AWS Region .", + "title": "DestinationKmsKeyId", + "type": "string" + }, + "DestinationRegion": { + "markdownDescription": "The destination AWS Region to copy snapshots to.", + "title": "DestinationRegion", + "type": "string" + }, + "SnapshotRetentionPeriod": { + "markdownDescription": "The retention period of snapshots that are copied to the destination AWS Region .", + "title": "SnapshotRetentionPeriod", + "type": "number" + } + }, + "required": [ + "DestinationRegion" + ], + "type": "object" + }, + "AWS::RedshiftServerless::Snapshot": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "NamespaceName": { + "markdownDescription": "The name of the namepsace.", + "title": "NamespaceName", + "type": "string" + }, + "RetentionPeriod": { + "markdownDescription": "The retention period of the snapshot created by the scheduled action.", + "title": "RetentionPeriod", + "type": "number" + }, + "SnapshotName": { + "markdownDescription": "The name of the snapshot.", + "title": "SnapshotName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of [Tag objects](https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_Tag.html) to associate with the snapshot.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "SnapshotName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RedshiftServerless::Snapshot" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::RedshiftServerless::Snapshot.Snapshot": { + "additionalProperties": false, + "properties": { + "AdminUsername": { + "markdownDescription": "The username of the database within a snapshot.", + "title": "AdminUsername", + "type": "string" + }, + "KmsKeyId": { + "markdownDescription": "The unique identifier of the KMS key used to encrypt the snapshot.", + "title": "KmsKeyId", + "type": "string" + }, + "NamespaceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the namespace the snapshot was created from.", + "title": "NamespaceArn", + "type": "string" + }, + "NamespaceName": { + "markdownDescription": "The name of the namepsace.", + "title": "NamespaceName", + "type": "string" + }, + "OwnerAccount": { + "markdownDescription": "The owner AWS ; account of the snapshot.", + "title": "OwnerAccount", + "type": "string" + }, + "RetentionPeriod": { + "markdownDescription": "", + "title": "RetentionPeriod", + "type": "number" + }, + "SnapshotArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the snapshot.", + "title": "SnapshotArn", + "type": "string" + }, + "SnapshotCreateTime": { + "markdownDescription": "The timestamp of when the snapshot was created.", + "title": "SnapshotCreateTime", + "type": "string" + }, + "SnapshotName": { + "markdownDescription": "The name of the snapshot.", + "title": "SnapshotName", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the snapshot.", + "title": "Status", + "type": "string" + } + }, + "type": "object" + }, + "AWS::RedshiftServerless::Workgroup": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "BaseCapacity": { + "markdownDescription": "The base compute capacity of the workgroup in Redshift Processing Units (RPUs).", + "title": "BaseCapacity", + "type": "number" + }, + "ConfigParameters": { + "items": { + "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.ConfigParameter" + }, + "markdownDescription": "The key of the parameter. The options are `auto_mv` , `datestyle` , `enable_case_sensitive_identifier` , `enable_user_activity_logging` , `query_group` , `search_path` , `require_ssl` , `use_fips_ssl` , and query monitoring metrics that let you define performance boundaries. For more information about query monitoring rules and available metrics, see [Query monitoring metrics for Amazon Redshift Serverless](https://docs.aws.amazon.com/redshift/latest/dg/cm-c-wlm-query-monitoring-rules.html#cm-c-wlm-query-monitoring-metrics-serverless) .", + "title": "ConfigParameters", + "type": "array" + }, + "EnhancedVpcRouting": { + "markdownDescription": "The value that specifies whether to enable enhanced virtual private cloud (VPC) routing, which forces Amazon Redshift Serverless to route traffic through your VPC.", + "title": "EnhancedVpcRouting", + "type": "boolean" + }, + "MaxCapacity": { + "markdownDescription": "The maximum data-warehouse capacity Amazon Redshift Serverless uses to serve queries. The max capacity is specified in RPUs.", + "title": "MaxCapacity", + "type": "number" + }, + "NamespaceName": { + "markdownDescription": "The namespace the workgroup is associated with.", + "title": "NamespaceName", + "type": "string" + }, + "Port": { + "markdownDescription": "The custom port to use when connecting to a workgroup. Valid port ranges are 5431-5455 and 8191-8215. The default is 5439.", + "title": "Port", + "type": "number" + }, + "PricePerformanceTarget": { + "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.PerformanceTarget", + "markdownDescription": "An object that represents the price performance target settings for the workgroup.", + "title": "PricePerformanceTarget" + }, + "PubliclyAccessible": { + "markdownDescription": "A value that specifies whether the workgroup can be accessible from a public network.", + "title": "PubliclyAccessible", + "type": "boolean" + }, + "RecoveryPointId": { + "markdownDescription": "The recovery point id to restore from.", + "title": "RecoveryPointId", + "type": "string" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of security group IDs to associate with the workgroup.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SnapshotArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the snapshot to restore from.", + "title": "SnapshotArn", + "type": "string" + }, + "SnapshotName": { + "markdownDescription": "The snapshot name to restore from.", + "title": "SnapshotName", + "type": "string" + }, + "SnapshotOwnerAccount": { + "markdownDescription": "The Amazon Web Services account that owns the snapshot.", + "title": "SnapshotOwnerAccount", + "type": "string" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of subnet IDs the workgroup is associated with.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The map of the key-value pairs used to tag the workgroup.", + "title": "Tags", + "type": "array" + }, + "TrackName": { + "markdownDescription": "An optional parameter for the name of the track for the workgroup. If you don't provide a track name, the workgroup is assigned to the current track.", + "title": "TrackName", + "type": "string" + }, + "Workgroup": { + "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.Workgroup", + "markdownDescription": "The collection of computing resources from which an endpoint is created.", + "title": "Workgroup" + }, + "WorkgroupName": { + "markdownDescription": "The name of the workgroup.", + "title": "WorkgroupName", + "type": "string" + } + }, + "required": [ + "WorkgroupName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RedshiftServerless::Workgroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::RedshiftServerless::Workgroup.ConfigParameter": { + "additionalProperties": false, + "properties": { + "ParameterKey": { + "markdownDescription": "The key of the parameter. The options are `auto_mv` , `datestyle` , `enable_case_sensitive_identifier` , `enable_user_activity_logging` , `query_group` , `search_path` , `require_ssl` , `use_fips_ssl` , and query monitoring metrics that let you define performance boundaries. For more information about query monitoring rules and available metrics, see [Query monitoring metrics for Amazon Redshift Serverless](https://docs.aws.amazon.com/redshift/latest/dg/cm-c-wlm-query-monitoring-rules.html#cm-c-wlm-query-monitoring-metrics-serverless) .", + "title": "ParameterKey", + "type": "string" + }, + "ParameterValue": { + "markdownDescription": "The value of the parameter to set.", + "title": "ParameterValue", + "type": "string" + } + }, + "type": "object" + }, + "AWS::RedshiftServerless::Workgroup.Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "markdownDescription": "The DNS address of the VPC endpoint.", + "title": "Address", + "type": "string" + }, + "Port": { + "markdownDescription": "The port that Amazon Redshift Serverless listens on.", + "title": "Port", + "type": "number" + }, + "VpcEndpoints": { + "items": { + "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.VpcEndpoint" + }, + "markdownDescription": "An array of `VpcEndpoint` objects.", + "title": "VpcEndpoints", + "type": "array" + } + }, + "type": "object" + }, + "AWS::RedshiftServerless::Workgroup.NetworkInterface": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "markdownDescription": "The availability Zone.", + "title": "AvailabilityZone", + "type": "string" + }, + "NetworkInterfaceId": { + "markdownDescription": "The unique identifier of the network interface.", + "title": "NetworkInterfaceId", + "type": "string" + }, + "PrivateIpAddress": { + "markdownDescription": "The IPv4 address of the network interface within the subnet.", + "title": "PrivateIpAddress", + "type": "string" + }, + "SubnetId": { + "markdownDescription": "The unique identifier of the subnet.", + "title": "SubnetId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::RedshiftServerless::Workgroup.PerformanceTarget": { + "additionalProperties": false, + "properties": { + "Level": { + "markdownDescription": "The target price performance level for the workgroup. Valid values include 1, 25, 50, 75, and 100. These correspond to the price performance levels LOW_COST, ECONOMICAL, BALANCED, RESOURCEFUL, and HIGH_PERFORMANCE.", + "title": "Level", + "type": "number" + }, + "Status": { + "markdownDescription": "Whether the price performance target is enabled for the workgroup.", + "title": "Status", + "type": "string" + } + }, + "type": "object" + }, + "AWS::RedshiftServerless::Workgroup.VpcEndpoint": { + "additionalProperties": false, + "properties": { + "NetworkInterfaces": { + "items": { + "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.NetworkInterface" + }, + "markdownDescription": "One or more network interfaces of the endpoint. Also known as an interface endpoint.", + "title": "NetworkInterfaces", + "type": "array" + }, + "VpcEndpointId": { + "markdownDescription": "The connection endpoint ID for connecting to Amazon Redshift Serverless.", + "title": "VpcEndpointId", + "type": "string" + }, + "VpcId": { + "markdownDescription": "The VPC identifier that the endpoint is associated with.", + "title": "VpcId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::RedshiftServerless::Workgroup.Workgroup": { + "additionalProperties": false, + "properties": { + "BaseCapacity": { + "markdownDescription": "The base data warehouse capacity of the workgroup in Redshift Processing Units (RPUs).", + "title": "BaseCapacity", + "type": "number" + }, + "ConfigParameters": { + "items": { + "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.ConfigParameter" + }, + "markdownDescription": "An array of parameters to set for advanced control over a database. The options are `auto_mv` , `datestyle` , `enable_case_sensitive_identifier` , `enable_user_activity_logging` , `query_group` , `search_path` , `require_ssl` , `use_fips_ssl` , and query monitoring metrics that let you define performance boundaries. For more information about query monitoring rules and available metrics, see [Query monitoring metrics for Amazon Redshift Serverless](https://docs.aws.amazon.com/redshift/latest/dg/cm-c-wlm-query-monitoring-rules.html#cm-c-wlm-query-monitoring-metrics-serverless) .", + "title": "ConfigParameters", + "type": "array" + }, + "CreationDate": { + "markdownDescription": "The creation date of the workgroup.", + "title": "CreationDate", + "type": "string" + }, + "Endpoint": { + "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.Endpoint", + "markdownDescription": "The endpoint that is created from the workgroup.", + "title": "Endpoint" + }, + "EnhancedVpcRouting": { + "markdownDescription": "The value that specifies whether to enable enhanced virtual private cloud (VPC) routing, which forces Amazon Redshift Serverless to route traffic through your VPC.", + "title": "EnhancedVpcRouting", + "type": "boolean" + }, + "MaxCapacity": { + "markdownDescription": "The maximum data-warehouse capacity Amazon Redshift Serverless uses to serve queries. The max capacity is specified in RPUs.", + "title": "MaxCapacity", + "type": "number" + }, + "NamespaceName": { + "markdownDescription": "The namespace the workgroup is associated with.", + "title": "NamespaceName", + "type": "string" + }, + "PricePerformanceTarget": { + "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.PerformanceTarget", + "markdownDescription": "An object that represents the price performance target settings for the workgroup.", + "title": "PricePerformanceTarget" + }, + "PubliclyAccessible": { + "markdownDescription": "A value that specifies whether the workgroup can be accessible from a public network.", + "title": "PubliclyAccessible", + "type": "boolean" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of security group IDs to associate with the workgroup.", + "title": "SecurityGroupIds", + "type": "array" + }, + "Status": { + "markdownDescription": "The status of the workgroup.", + "title": "Status", + "type": "string" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of subnet IDs the workgroup is associated with.", + "title": "SubnetIds", + "type": "array" + }, + "TrackName": { + "markdownDescription": "The name of the track for the workgroup.", + "title": "TrackName", + "type": "string" + }, + "WorkgroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that links to the workgroup.", + "title": "WorkgroupArn", + "type": "string" + }, + "WorkgroupId": { + "markdownDescription": "The unique identifier of the workgroup.", + "title": "WorkgroupId", + "type": "string" + }, + "WorkgroupName": { + "markdownDescription": "The name of the workgroup.", + "title": "WorkgroupName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::RefactorSpaces::Application": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApiGatewayProxy": { + "$ref": "#/definitions/AWS::RefactorSpaces::Application.ApiGatewayProxyInput", + "markdownDescription": "The endpoint URL of the Amazon API Gateway proxy.", + "title": "ApiGatewayProxy" + }, + "EnvironmentIdentifier": { + "markdownDescription": "The unique identifier of the environment.", + "title": "EnvironmentIdentifier", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the application.", + "title": "Name", + "type": "string" + }, + "ProxyType": { + "markdownDescription": "The proxy type of the proxy created within the application.", + "title": "ProxyType", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags assigned to the application.", + "title": "Tags", + "type": "array" + }, + "VpcId": { + "markdownDescription": "The ID of the virtual private cloud (VPC).", + "title": "VpcId", + "type": "string" + } + }, + "required": [ + "EnvironmentIdentifier", + "Name", + "ProxyType", + "VpcId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RefactorSpaces::Application" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::RefactorSpaces::Application.ApiGatewayProxyInput": { + "additionalProperties": false, + "properties": { + "EndpointType": { + "markdownDescription": "The type of endpoint to use for the API Gateway proxy. If no value is specified in the request, the value is set to `REGIONAL` by default.\n\nIf the value is set to `PRIVATE` in the request, this creates a private API endpoint that is isolated from the public internet. The private endpoint can only be accessed by using Amazon Virtual Private Cloud (Amazon VPC) interface endpoints for the Amazon API Gateway that has been granted access. For more information about creating a private connection with Refactor Spaces and interface endpoint ( AWS PrivateLink ) availability, see [Access Refactor Spaces using an interface endpoint ( AWS PrivateLink )](https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/userguide/vpc-interface-endpoints.html) .", + "title": "EndpointType", + "type": "string" + }, + "StageName": { + "markdownDescription": "The name of the API Gateway stage. The name defaults to `prod` .", + "title": "StageName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::RefactorSpaces::Environment": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the environment.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the environment.", + "title": "Name", + "type": "string" + }, + "NetworkFabricType": { + "markdownDescription": "The network fabric type of the environment.", + "title": "NetworkFabricType", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags assigned to the environment.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RefactorSpaces::Environment" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::RefactorSpaces::Route": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationIdentifier": { + "markdownDescription": "The unique identifier of the application.", + "title": "ApplicationIdentifier", + "type": "string" + }, + "DefaultRoute": { + "$ref": "#/definitions/AWS::RefactorSpaces::Route.DefaultRouteInput", + "markdownDescription": "Configuration for the default route type.", + "title": "DefaultRoute" + }, + "EnvironmentIdentifier": { + "markdownDescription": "The unique identifier of the environment.", + "title": "EnvironmentIdentifier", + "type": "string" + }, + "RouteType": { + "markdownDescription": "The route type of the route.", + "title": "RouteType", + "type": "string" + }, + "ServiceIdentifier": { + "markdownDescription": "The unique identifier of the service.", + "title": "ServiceIdentifier", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags assigned to the route.", + "title": "Tags", + "type": "array" + }, + "UriPathRoute": { + "$ref": "#/definitions/AWS::RefactorSpaces::Route.UriPathRouteInput", + "markdownDescription": "The configuration for the URI path route type.", + "title": "UriPathRoute" + } + }, + "required": [ + "ApplicationIdentifier", + "EnvironmentIdentifier", + "RouteType", + "ServiceIdentifier" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RefactorSpaces::Route" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::RefactorSpaces::Route.DefaultRouteInput": { + "additionalProperties": false, + "properties": { + "ActivationState": { + "markdownDescription": "If set to `ACTIVE` , traffic is forwarded to this route\u2019s service after the route is created.", + "title": "ActivationState", + "type": "string" + } + }, + "required": [ + "ActivationState" + ], + "type": "object" + }, + "AWS::RefactorSpaces::Route.UriPathRouteInput": { + "additionalProperties": false, + "properties": { + "ActivationState": { + "markdownDescription": "If set to `ACTIVE` , traffic is forwarded to this route\u2019s service after the route is created.", + "title": "ActivationState", + "type": "string" + }, + "AppendSourcePath": { + "markdownDescription": "If set to `true` , this option appends the source path to the service URL endpoint.", + "title": "AppendSourcePath", + "type": "boolean" + }, + "IncludeChildPaths": { + "markdownDescription": "Indicates whether to match all subpaths of the given source path. If this value is `false` , requests must match the source path exactly before they are forwarded to this route's service.", + "title": "IncludeChildPaths", + "type": "boolean" + }, + "Methods": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of HTTP methods to match. An empty list matches all values. If a method is present, only HTTP requests using that method are forwarded to this route\u2019s service.", + "title": "Methods", + "type": "array" + }, + "SourcePath": { + "markdownDescription": "This is the path that Refactor Spaces uses to match traffic. Paths must start with `/` and are relative to the base of the application. To use path parameters in the source path, add a variable in curly braces. For example, the resource path {user} represents a path parameter called 'user'.", + "title": "SourcePath", + "type": "string" + } + }, + "required": [ + "ActivationState" + ], + "type": "object" + }, + "AWS::RefactorSpaces::Service": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationIdentifier": { + "markdownDescription": "The unique identifier of the application.", + "title": "ApplicationIdentifier", + "type": "string" + }, + "Description": { + "markdownDescription": "A description of the service.", + "title": "Description", + "type": "string" + }, + "EndpointType": { + "markdownDescription": "The endpoint type of the service.", + "title": "EndpointType", + "type": "string" + }, + "EnvironmentIdentifier": { + "markdownDescription": "The unique identifier of the environment.", + "title": "EnvironmentIdentifier", + "type": "string" + }, + "LambdaEndpoint": { + "$ref": "#/definitions/AWS::RefactorSpaces::Service.LambdaEndpointInput", + "markdownDescription": "A summary of the configuration for the AWS Lambda endpoint type.", + "title": "LambdaEndpoint" + }, + "Name": { + "markdownDescription": "The name of the service.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags assigned to the service.", + "title": "Tags", + "type": "array" + }, + "UrlEndpoint": { + "$ref": "#/definitions/AWS::RefactorSpaces::Service.UrlEndpointInput", + "markdownDescription": "The summary of the configuration for the URL endpoint type.", + "title": "UrlEndpoint" + }, + "VpcId": { + "markdownDescription": "The ID of the virtual private cloud (VPC).", + "title": "VpcId", + "type": "string" + } + }, + "required": [ + "ApplicationIdentifier", + "EndpointType", + "EnvironmentIdentifier", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RefactorSpaces::Service" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::RefactorSpaces::Service.LambdaEndpointInput": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function or alias.", + "title": "Arn", + "type": "string" + } + }, + "required": [ + "Arn" + ], + "type": "object" + }, + "AWS::RefactorSpaces::Service.UrlEndpointInput": { + "additionalProperties": false, + "properties": { + "HealthUrl": { + "markdownDescription": "The health check URL of the URL endpoint type. If the URL is a public endpoint, the `HealthUrl` must also be a public endpoint. If the URL is a private endpoint inside a virtual private cloud (VPC), the health URL must also be a private endpoint, and the host must be the same as the URL.", + "title": "HealthUrl", + "type": "string" + }, + "Url": { + "markdownDescription": "The URL to route traffic to. The URL must be an [rfc3986-formatted URL](https://docs.aws.amazon.com/https://datatracker.ietf.org/doc/html/rfc3986) . If the host is a domain name, the name must be resolvable over the public internet. If the scheme is `https` , the top level domain of the host must be listed in the [IANA root zone database](https://docs.aws.amazon.com/https://www.iana.org/domains/root/db) .", + "title": "Url", + "type": "string" + } + }, + "required": [ + "Url" + ], + "type": "object" + }, + "AWS::Rekognition::Collection": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CollectionId": { + "markdownDescription": "ID for the collection that you are creating.", + "title": "CollectionId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A set of tags (key-value pairs) that you want to attach to the collection.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "CollectionId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Rekognition::Collection" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Rekognition::Project": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ProjectName": { + "markdownDescription": "The name of the project to create.", + "title": "ProjectName", + "type": "string" + } + }, + "required": [ + "ProjectName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Rekognition::Project" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Rekognition::StreamProcessor": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "BoundingBoxRegionsOfInterest": { + "items": { + "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.BoundingBox" + }, + "markdownDescription": "List of BoundingBox objects, each of which denotes a region of interest on screen. For more information, see the BoundingBox field of [RegionOfInterest](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_RegionOfInterest) .", + "title": "BoundingBoxRegionsOfInterest", + "type": "array" + }, + "ConnectedHomeSettings": { + "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.ConnectedHomeSettings", + "markdownDescription": "Connected home settings to use on a streaming video. You can use a stream processor for connected home features and select what you want the stream processor to detect, such as people or pets. When the stream processor has started, one notification is sent for each object class specified. For more information, see the ConnectedHome section of [StreamProcessorSettings](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StreamProcessorSettings) .", + "title": "ConnectedHomeSettings" + }, + "DataSharingPreference": { + "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.DataSharingPreference", + "markdownDescription": "Allows you to opt in or opt out to share data with Rekognition to improve model performance. You can choose this option at the account level or on a per-stream basis. Note that if you opt out at the account level this setting is ignored on individual streams. For more information, see [StreamProcessorDataSharingPreference](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StreamProcessorDataSharingPreference) .", + "title": "DataSharingPreference" + }, + "FaceSearchSettings": { + "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.FaceSearchSettings", + "markdownDescription": "The input parameters used to recognize faces in a streaming video analyzed by an Amazon Rekognition stream processor. For more information regarding the contents of the parameters, see [FaceSearchSettings](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_FaceSearchSettings) .", + "title": "FaceSearchSettings" + }, + "KinesisDataStream": { + "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.KinesisDataStream", + "markdownDescription": "Amazon Rekognition's Video Stream Processor takes a Kinesis video stream as input. This is the Amazon Kinesis Data Streams instance to which the Amazon Rekognition stream processor streams the analysis results. This must be created within the constraints specified at [KinesisDataStream](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_KinesisDataStream) .", + "title": "KinesisDataStream" + }, + "KinesisVideoStream": { + "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.KinesisVideoStream", + "markdownDescription": "The Kinesis video stream that provides the source of the streaming video for an Amazon Rekognition Video stream processor. For more information, see [KinesisVideoStream](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_KinesisVideoStream) .", + "title": "KinesisVideoStream" + }, + "KmsKeyId": { + "markdownDescription": "The identifier for your Amazon Key Management Service key (Amazon KMS key). Optional parameter for connected home stream processors used to encrypt results and data published to your Amazon S3 bucket. For more information, see the KMSKeyId section of [CreateStreamProcessor](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_CreateStreamProcessor) .", + "title": "KmsKeyId", + "type": "string" + }, + "Name": { + "markdownDescription": "The Name attribute specifies the name of the stream processor and it must be within the constraints described in the Name section of [StreamProcessor](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StreamProcessor) . If you don't specify a name, Amazon CloudFormation generates a unique ID and uses that ID for the stream processor name.", + "title": "Name", + "type": "string" + }, + "NotificationChannel": { + "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.NotificationChannel", + "markdownDescription": "The Amazon Simple Notification Service topic to which Amazon Rekognition publishes the object detection results and completion status of a video analysis operation. Amazon Rekognition publishes a notification the first time an object of interest or a person is detected in the video stream. Amazon Rekognition also publishes an end-of-session notification with a summary when the stream processing session is complete. For more information, see [StreamProcessorNotificationChannel](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StreamProcessorNotificationChannel) .", + "title": "NotificationChannel" + }, + "PolygonRegionsOfInterest": { + "markdownDescription": "A set of ordered lists of [Point](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_Point) objects. Each entry of the set contains a polygon denoting a region of interest on the screen. Each polygon is an ordered list of [Point](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_Point) objects. For more information, see the Polygon field of [RegionOfInterest](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_RegionOfInterest) .", + "title": "PolygonRegionsOfInterest", + "type": "object" + }, + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that allows access to the stream processor. The IAM role provides Rekognition read permissions to the Kinesis stream. It also provides write permissions to an Amazon S3 bucket and Amazon Simple Notification Service topic for a connected home stream processor. This is required for both face search and connected home stream processors. For information about constraints, see the RoleArn section of [CreateStreamProcessor](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_CreateStreamProcessor) .", + "title": "RoleArn", + "type": "string" + }, + "S3Destination": { + "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.S3Destination", + "markdownDescription": "The Amazon S3 bucket location to which Amazon Rekognition publishes the detailed inference results of a video analysis operation. For more information, see the S3Destination section of [StreamProcessorOutput](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StreamProcessorOutput) .", + "title": "S3Destination" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A set of tags (key-value pairs) that you want to attach to the stream processor. For more information, see the Tags section of [CreateStreamProcessor](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_CreateStreamProcessor) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "KinesisVideoStream", + "RoleArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Rekognition::StreamProcessor" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Rekognition::StreamProcessor.BoundingBox": { + "additionalProperties": false, + "properties": { + "Height": { + "markdownDescription": "Height of the bounding box as a ratio of the overall image height.", + "title": "Height", + "type": "number" + }, + "Left": { + "markdownDescription": "Left coordinate of the bounding box as a ratio of overall image width.", + "title": "Left", + "type": "number" + }, + "Top": { + "markdownDescription": "Top coordinate of the bounding box as a ratio of overall image height.", + "title": "Top", + "type": "number" + }, + "Width": { + "markdownDescription": "Width of the bounding box as a ratio of the overall image width.", + "title": "Width", + "type": "number" + } + }, + "required": [ + "Height", + "Left", + "Top", + "Width" + ], + "type": "object" + }, + "AWS::Rekognition::StreamProcessor.ConnectedHomeSettings": { + "additionalProperties": false, + "properties": { + "Labels": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies what you want to detect in the video, such as people, packages, or pets. The current valid labels you can include in this list are: \"PERSON\", \"PET\", \"PACKAGE\", and \"ALL\".", + "title": "Labels", + "type": "array" + }, + "MinConfidence": { + "markdownDescription": "The minimum confidence required to label an object in the video.", + "title": "MinConfidence", + "type": "number" + } + }, + "required": [ + "Labels" + ], + "type": "object" + }, + "AWS::Rekognition::StreamProcessor.DataSharingPreference": { + "additionalProperties": false, + "properties": { + "OptIn": { + "markdownDescription": "Describes the opt-in status applied to a stream processor's data sharing policy.", + "title": "OptIn", + "type": "boolean" + } + }, + "required": [ + "OptIn" + ], + "type": "object" + }, + "AWS::Rekognition::StreamProcessor.FaceSearchSettings": { + "additionalProperties": false, + "properties": { + "CollectionId": { + "markdownDescription": "The ID of a collection that contains faces that you want to search for.", + "title": "CollectionId", + "type": "string" + }, + "FaceMatchThreshold": { + "markdownDescription": "Minimum face match confidence score that must be met to return a result for a recognized face. The default is 80. 0 is the lowest confidence. 100 is the highest confidence. Values between 0 and 100 are accepted, and values lower than 80 are set to 80.", + "title": "FaceMatchThreshold", + "type": "number" + } + }, + "required": [ + "CollectionId" + ], + "type": "object" + }, + "AWS::Rekognition::StreamProcessor.KinesisDataStream": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "ARN of the output Amazon Kinesis Data Streams stream.", + "title": "Arn", + "type": "string" + } + }, + "required": [ + "Arn" + ], + "type": "object" + }, + "AWS::Rekognition::StreamProcessor.KinesisVideoStream": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "ARN of the Kinesis video stream stream that streams the source video.", + "title": "Arn", + "type": "string" + } + }, + "required": [ + "Arn" + ], + "type": "object" + }, + "AWS::Rekognition::StreamProcessor.NotificationChannel": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The ARN of the SNS topic that receives notifications.", + "title": "Arn", + "type": "string" + } + }, + "required": [ + "Arn" + ], + "type": "object" + }, + "AWS::Rekognition::StreamProcessor.S3Destination": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "Describes the destination Amazon Simple Storage Service (Amazon S3) bucket name of a stream processor's exports.", + "title": "BucketName", + "type": "string" + }, + "ObjectKeyPrefix": { + "markdownDescription": "Describes the destination Amazon Simple Storage Service (Amazon S3) object keys of a stream processor's exports.", + "title": "ObjectKeyPrefix", + "type": "string" + } + }, + "required": [ + "BucketName" + ], + "type": "object" + }, + "AWS::ResilienceHub::App": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AppAssessmentSchedule": { + "markdownDescription": "Assessment execution schedule with 'Daily' or 'Disabled' values.", + "title": "AppAssessmentSchedule", + "type": "string" + }, + "AppTemplateBody": { + "markdownDescription": "A JSON string that provides information about your application structure. To learn more about the `appTemplateBody` template, see the sample template in [Sample appTemplateBody template](https://docs.aws.amazon.com//resilience-hub/latest/APIReference/API_PutDraftAppVersionTemplate.html#API_PutDraftAppVersionTemplate_Examples) .\n\nThe `appTemplateBody` JSON string has the following structure:\n\n- *`resources`*\n\nThe list of logical resources that needs to be included in the AWS Resilience Hub application.\n\nType: Array\n\n> Don't add the resources that you want to exclude. \n\nEach `resources` array item includes the following fields:\n\n- *`logicalResourceId`*\n\nThe logical identifier of the resource.\n\nType: Object\n\nEach `logicalResourceId` object includes the following fields:\n\n- `identifier`\n\nIdentifier of the resource.\n\nType: String\n- `logicalStackName`\n\nName of the AWS CloudFormation stack this resource belongs to.\n\nType: String\n- `resourceGroupName`\n\nName of the resource group this resource belongs to.\n\nType: String\n- `terraformSourceName`\n\nName of the Terraform S3 state file this resource belongs to.\n\nType: String\n- `eksSourceName`\n\nName of the Amazon Elastic Kubernetes Service cluster and namespace this resource belongs to.\n\n> This parameter accepts values in \"eks-cluster/namespace\" format. \n\nType: String\n- *`type`*\n\nThe type of resource.\n\nType: string\n- *`name`*\n\nName of the resource.\n\nType: String\n- `additionalInfo`\n\nAdditional configuration parameters for an AWS Resilience Hub application. If you want to implement `additionalInfo` through the AWS Resilience Hub console rather than using an API call, see [Configure the application configuration parameters](https://docs.aws.amazon.com//resilience-hub/latest/userguide/app-config-param.html) .\n\n> Currently, this parameter accepts a key-value mapping (in a string format) of only one failover region and one associated account.\n> \n> Key: `\"failover-regions\"`\n> \n> Value: `\"[{\"region\":\"\", \"accounts\":[{\"id\":\"\"}]}]\"`\n- *`appComponents`*\n\nThe list of Application Components (AppComponent) that this resource belongs to. If an AppComponent is not part of the AWS Resilience Hub application, it will be added.\n\nType: Array\n\nEach `appComponents` array item includes the following fields:\n\n- `name`\n\nName of the AppComponent.\n\nType: String\n- `type`\n\nThe type of AppComponent. For more information about the types of AppComponent, see [Grouping resources in an AppComponent](https://docs.aws.amazon.com/resilience-hub/latest/userguide/AppComponent.grouping.html) .\n\nType: String\n- `resourceNames`\n\nThe list of included resources that are assigned to the AppComponent.\n\nType: Array of strings\n- `additionalInfo`\n\nAdditional configuration parameters for an AWS Resilience Hub application. If you want to implement `additionalInfo` through the AWS Resilience Hub console rather than using an API call, see [Configure the application configuration parameters](https://docs.aws.amazon.com//resilience-hub/latest/userguide/app-config-param.html) .\n\n> Currently, this parameter accepts a key-value mapping (in a string format) of only one failover region and one associated account.\n> \n> Key: `\"failover-regions\"`\n> \n> Value: `\"[{\"region\":\"\", \"accounts\":[{\"id\":\"\"}]}]\"`\n- *`excludedResources`*\n\nThe list of logical resource identifiers to be excluded from the application.\n\nType: Array\n\n> Don't add the resources that you want to include. \n\nEach `excludedResources` array item includes the following fields:\n\n- *`logicalResourceIds`*\n\nThe logical identifier of the resource.\n\nType: Object\n\n> You can configure only one of the following fields:\n> \n> - `logicalStackName`\n> - `resourceGroupName`\n> - `terraformSourceName`\n> - `eksSourceName` \n\nEach `logicalResourceIds` object includes the following fields:\n\n- `identifier`\n\nThe identifier of the resource.\n\nType: String\n- `logicalStackName`\n\nName of the AWS CloudFormation stack this resource belongs to.\n\nType: String\n- `resourceGroupName`\n\nName of the resource group this resource belongs to.\n\nType: String\n- `terraformSourceName`\n\nName of the Terraform S3 state file this resource belongs to.\n\nType: String\n- `eksSourceName`\n\nName of the Amazon Elastic Kubernetes Service cluster and namespace this resource belongs to.\n\n> This parameter accepts values in \"eks-cluster/namespace\" format. \n\nType: String\n- *`version`*\n\nThe AWS Resilience Hub application version.\n- `additionalInfo`\n\nAdditional configuration parameters for an AWS Resilience Hub application. If you want to implement `additionalInfo` through the AWS Resilience Hub console rather than using an API call, see [Configure the application configuration parameters](https://docs.aws.amazon.com//resilience-hub/latest/userguide/app-config-param.html) .\n\n> Currently, this parameter accepts a key-value mapping (in a string format) of only one failover region and one associated account.\n> \n> Key: `\"failover-regions\"`\n> \n> Value: `\"[{\"region\":\"\", \"accounts\":[{\"id\":\"\"}]}]\"`", + "title": "AppTemplateBody", + "type": "string" + }, + "Description": { + "markdownDescription": "Optional description for an application.", + "title": "Description", + "type": "string" + }, + "EventSubscriptions": { + "items": { + "$ref": "#/definitions/AWS::ResilienceHub::App.EventSubscription" + }, + "markdownDescription": "The list of events you would like to subscribe and get notification for. Currently, AWS Resilience Hub supports notifications only for *Drift detected* and *Scheduled assessment failure* events.", + "title": "EventSubscriptions", + "type": "array" + }, + "Name": { + "markdownDescription": "Name for the application.", + "title": "Name", + "type": "string" + }, + "PermissionModel": { + "$ref": "#/definitions/AWS::ResilienceHub::App.PermissionModel", + "markdownDescription": "Defines the roles and credentials that AWS Resilience Hub would use while creating the application, importing its resources, and running an assessment.", + "title": "PermissionModel" + }, + "ResiliencyPolicyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resiliency policy.", + "title": "ResiliencyPolicyArn", + "type": "string" + }, + "ResourceMappings": { + "items": { + "$ref": "#/definitions/AWS::ResilienceHub::App.ResourceMapping" + }, + "markdownDescription": "An array of `ResourceMapping` objects.", + "title": "ResourceMappings", + "type": "array" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Tags assigned to the resource. A tag is a label that you assign to an AWS resource. Each tag consists of a key/value pair.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "AppTemplateBody", + "Name", + "ResourceMappings" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ResilienceHub::App" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::ResilienceHub::App.EventSubscription": { + "additionalProperties": false, + "properties": { + "EventType": { + "markdownDescription": "The type of event you would like to subscribe and get notification for. Currently, AWS Resilience Hub supports notifications only for *Drift detected* ( `DriftDetected` ) and *Scheduled assessment failure* ( `ScheduledAssessmentFailure` ) events.", + "title": "EventType", + "type": "string" + }, + "Name": { + "markdownDescription": "Unique name to identify an event subscription.", + "title": "Name", + "type": "string" + }, + "SnsTopicArn": { + "markdownDescription": "Amazon Resource Name (ARN) of the Amazon Simple Notification Service topic. The format for this ARN is: `arn:partition:sns:region:account:topic-name` . For more information about ARNs, see [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* guide.", + "title": "SnsTopicArn", + "type": "string" + } + }, + "required": [ + "EventType", + "Name" + ], + "type": "object" + }, + "AWS::ResilienceHub::App.PermissionModel": { + "additionalProperties": false, + "properties": { + "CrossAccountRoleArns": { + "items": { + "type": "string" + }, + "markdownDescription": "Defines a list of role Amazon Resource Names (ARNs) to be used in other accounts. These ARNs are used for querying purposes while importing resources and assessing your application.\n\n> - These ARNs are required only when your resources are in other accounts and you have different role name in these accounts. Else, the invoker role name will be used in the other accounts.\n> - These roles must have a trust policy with `iam:AssumeRole` permission to the invoker role in the primary account.", + "title": "CrossAccountRoleArns", + "type": "array" + }, + "InvokerRoleName": { + "markdownDescription": "Existing AWS IAM role name in the primary AWS account that will be assumed by AWS Resilience Hub Service Principle to obtain a read-only access to your application resources while running an assessment.\n\nIf your IAM role includes a path, you must include the path in the `invokerRoleName` parameter. For example, if your IAM role's ARN is `arn:aws:iam:123456789012:role/my-path/role-name` , you should pass `my-path/role-name` .\n\n> - You must have `iam:passRole` permission for this role while creating or updating the application.\n> - Currently, `invokerRoleName` accepts only `[A-Za-z0-9_+=,.@-]` characters.", + "title": "InvokerRoleName", + "type": "string" + }, + "Type": { + "markdownDescription": "Defines how AWS Resilience Hub scans your resources. It can scan for the resources by using a pre-existing role in your AWS account, or by using the credentials of the current IAM user.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::ResilienceHub::App.PhysicalResourceId": { + "additionalProperties": false, + "properties": { + "AwsAccountId": { + "markdownDescription": "The AWS account that owns the physical resource.", + "title": "AwsAccountId", + "type": "string" + }, + "AwsRegion": { + "markdownDescription": "The AWS Region that the physical resource is located in.", + "title": "AwsRegion", + "type": "string" + }, + "Identifier": { + "markdownDescription": "Identifier of the physical resource.", + "title": "Identifier", + "type": "string" + }, + "Type": { + "markdownDescription": "Specifies the type of physical resource identifier.\n\n- **Arn** - The resource identifier is an Amazon Resource Name (ARN) and it can identify the following list of resources:\n\n- `AWS::ECS::Service`\n- `AWS::EFS::FileSystem`\n- `AWS::ElasticLoadBalancingV2::LoadBalancer`\n- `AWS::Lambda::Function`\n- `AWS::SNS::Topic`\n- **Native** - The resource identifier is an AWS Resilience Hub -native identifier and it can identify the following list of resources:\n\n- `AWS::ApiGateway::RestApi`\n- `AWS::ApiGatewayV2::Api`\n- `AWS::AutoScaling::AutoScalingGroup`\n- `AWS::DocDB::DBCluster`\n- `AWS::DocDB::DBGlobalCluster`\n- `AWS::DocDB::DBInstance`\n- `AWS::DynamoDB::GlobalTable`\n- `AWS::DynamoDB::Table`\n- `AWS::EC2::EC2Fleet`\n- `AWS::EC2::Instance`\n- `AWS::EC2::NatGateway`\n- `AWS::EC2::Volume`\n- `AWS::ElasticLoadBalancing::LoadBalancer`\n- `AWS::RDS::DBCluster`\n- `AWS::RDS::DBInstance`\n- `AWS::RDS::GlobalCluster`\n- `AWS::Route53::RecordSet`\n- `AWS::S3::Bucket`\n- `AWS::SQS::Queue`", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Identifier", + "Type" + ], + "type": "object" + }, + "AWS::ResilienceHub::App.ResourceMapping": { + "additionalProperties": false, + "properties": { + "EksSourceName": { + "markdownDescription": "Name of the Amazon Elastic Kubernetes Service cluster and namespace that this resource is mapped to when the `mappingType` is `EKS` .\n\n> This parameter accepts values in \"eks-cluster/namespace\" format.", + "title": "EksSourceName", + "type": "string" + }, + "LogicalStackName": { + "markdownDescription": "Name of the AWS CloudFormation stack this resource is mapped to when the `mappingType` is `CfnStack` .", + "title": "LogicalStackName", + "type": "string" + }, + "MappingType": { + "markdownDescription": "Specifies the type of resource mapping.", + "title": "MappingType", + "type": "string" + }, + "PhysicalResourceId": { + "$ref": "#/definitions/AWS::ResilienceHub::App.PhysicalResourceId", + "markdownDescription": "Identifier of the physical resource.", + "title": "PhysicalResourceId" + }, + "ResourceName": { + "markdownDescription": "Name of the resource that this resource is mapped to when the `mappingType` is `Resource` .", + "title": "ResourceName", + "type": "string" + }, + "TerraformSourceName": { + "markdownDescription": "Name of the Terraform source that this resource is mapped to when the `mappingType` is `Terraform` .", + "title": "TerraformSourceName", + "type": "string" + } + }, + "required": [ + "MappingType", + "PhysicalResourceId" + ], + "type": "object" + }, + "AWS::ResilienceHub::ResiliencyPolicy": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DataLocationConstraint": { + "markdownDescription": "Specifies a high-level geographical location constraint for where your resilience policy data can be stored.", + "title": "DataLocationConstraint", + "type": "string" + }, + "Policy": { + "$ref": "#/definitions/AWS::ResilienceHub::ResiliencyPolicy.PolicyMap", + "markdownDescription": "The resiliency policy.", + "title": "Policy" + }, + "PolicyDescription": { + "markdownDescription": "Description of the resiliency policy.", + "title": "PolicyDescription", + "type": "string" + }, + "PolicyName": { + "markdownDescription": "The name of the policy", + "title": "PolicyName", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Tags assigned to the resource. A tag is a label that you assign to an AWS resource. Each tag consists of a key/value pair.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "Tier": { + "markdownDescription": "The tier for this resiliency policy, ranging from the highest severity ( `MissionCritical` ) to lowest ( `NonCritical` ).", + "title": "Tier", + "type": "string" + } + }, + "required": [ + "Policy", + "PolicyName", + "Tier" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ResilienceHub::ResiliencyPolicy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::ResilienceHub::ResiliencyPolicy.FailurePolicy": { + "additionalProperties": false, + "properties": { + "RpoInSecs": { + "markdownDescription": "Recovery Point Objective (RPO) in seconds.", + "title": "RpoInSecs", + "type": "number" + }, + "RtoInSecs": { + "markdownDescription": "Recovery Time Objective (RTO) in seconds.", + "title": "RtoInSecs", + "type": "number" + } + }, + "required": [ + "RpoInSecs", + "RtoInSecs" + ], + "type": "object" + }, + "AWS::ResilienceHub::ResiliencyPolicy.PolicyMap": { + "additionalProperties": false, + "properties": { + "AZ": { + "$ref": "#/definitions/AWS::ResilienceHub::ResiliencyPolicy.FailurePolicy", + "markdownDescription": "Defines the RTO and RPO targets for Availability Zone disruption.", + "title": "AZ" + }, + "Hardware": { + "$ref": "#/definitions/AWS::ResilienceHub::ResiliencyPolicy.FailurePolicy", + "markdownDescription": "Defines the RTO and RPO targets for hardware disruption.", + "title": "Hardware" + }, + "Region": { + "$ref": "#/definitions/AWS::ResilienceHub::ResiliencyPolicy.FailurePolicy", + "markdownDescription": "Defines the RTO and RPO targets for Regional disruption.", + "title": "Region" + }, + "Software": { + "$ref": "#/definitions/AWS::ResilienceHub::ResiliencyPolicy.FailurePolicy", + "markdownDescription": "Defines the RTO and RPO targets for software disruption.", + "title": "Software" + } + }, + "required": [ + "AZ", + "Hardware", + "Software" + ], + "type": "object" + }, + "AWS::ResourceExplorer2::DefaultViewAssociation": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ViewArn": { + "markdownDescription": "The ARN of the view to set as the default for the AWS Region and AWS account in which you call this operation. The specified view must already exist in the specified Region.", + "title": "ViewArn", + "type": "string" + } + }, + "required": [ + "ViewArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ResourceExplorer2::DefaultViewAssociation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::ResourceExplorer2::Index": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Tags": { + "additionalProperties": true, + "markdownDescription": "The specified tags are attached to only the index created in this AWS Region . The tags don't attach to any of the resources listed in the index.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "Type": { + "markdownDescription": "Specifies the type of the index in this Region. For information about the aggregator index and how it differs from a local index, see [Turning on cross-Region search by creating an aggregator index](https://docs.aws.amazon.com/resource-explorer/latest/userguide/manage-aggregator-region.html) in the *AWS Resource Explorer User Guide.* .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ResourceExplorer2::Index" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::ResourceExplorer2::View": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Filters": { + "$ref": "#/definitions/AWS::ResourceExplorer2::View.SearchFilter", + "markdownDescription": "An array of strings that include search keywords, prefixes, and operators that filter the results that are returned for queries made using this view. When you use this view in a [Search](https://docs.aws.amazon.com/resource-explorer/latest/apireference/API_Search.html) operation, the filter string is combined with the search's `QueryString` parameter using a logical `AND` operator.\n\nFor information about the supported syntax, see [Search query reference for Resource Explorer](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html) in the *AWS Resource Explorer User Guide* .\n\n> This query string in the context of this operation supports only [filter prefixes](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html#query-syntax-filters) with optional [operators](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html#query-syntax-operators) . It doesn't support free-form text. For example, the string `region:us* service:ec2 -tag:stage=prod` includes all Amazon EC2 resources in any AWS Region that begin with the letters `us` and are *not* tagged with a key `Stage` that has the value `prod` .", + "title": "Filters" + }, + "IncludedProperties": { + "items": { + "$ref": "#/definitions/AWS::ResourceExplorer2::View.IncludedProperty" + }, + "markdownDescription": "A list of fields that provide additional information about the view.", + "title": "IncludedProperties", + "type": "array" + }, + "Scope": { + "markdownDescription": "The root ARN of the account, an organizational unit (OU), or an organization ARN. If left empty, the default is account.", + "title": "Scope", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Tag key and value pairs that are attached to the view.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "ViewName": { + "markdownDescription": "The name of the new view.", + "title": "ViewName", + "type": "string" + } + }, + "required": [ + "ViewName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ResourceExplorer2::View" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::ResourceExplorer2::View.IncludedProperty": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the property that is included in this view.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::ResourceExplorer2::View.SearchFilter": { + "additionalProperties": false, + "properties": { + "FilterString": { + "markdownDescription": "The string that contains the search keywords, prefixes, and operators to control the results that can be returned by a Search operation.\n\nFor information about the supported syntax, see [Search query reference](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html) in the *AWS Resource Explorer User Guide* .\n\n> This query string in the context of this operation supports only [filter prefixes](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html#query-syntax-filters) with optional [operators](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html#query-syntax-operators) . It doesn't support free-form text. For example, the string `region:us* service:ec2 -tag:stage=prod` includes all Amazon EC2 resources in any AWS Region that begin with the letters `us` and are *not* tagged with a key `Stage` that has the value `prod` .", + "title": "FilterString", + "type": "string" + } + }, + "required": [ + "FilterString" + ], + "type": "object" + }, + "AWS::ResourceGroups::Group": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Configuration": { + "items": { + "$ref": "#/definitions/AWS::ResourceGroups::Group.ConfigurationItem" + }, + "markdownDescription": "The service configuration currently associated with the resource group and in effect for the members of the resource group. A `Configuration` consists of one or more `ConfigurationItem` entries. For information about service configurations for resource groups and how to construct them, see [Service configurations for resource groups](https://docs.aws.amazon.com//ARG/latest/APIReference/about-slg.html) in the *AWS Resource Groups User Guide* .\n\n> You can include either a `Configuration` or a `ResourceQuery` , but not both.", + "title": "Configuration", + "type": "array" + }, + "Description": { + "markdownDescription": "The description of the resource group.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a resource group. The name must be unique within the AWS Region in which you create the resource. To create multiple resource groups based on the same CloudFormation stack, you must generate unique names for each.", + "title": "Name", + "type": "string" + }, + "ResourceQuery": { + "$ref": "#/definitions/AWS::ResourceGroups::Group.ResourceQuery", + "markdownDescription": "The resource query structure that is used to dynamically determine which AWS resources are members of the associated resource group. For more information about queries and how to construct them, see [Build queries and groups in AWS Resource Groups](https://docs.aws.amazon.com//ARG/latest/userguide/gettingstarted-query.html) in the *AWS Resource Groups User Guide*\n\n> - You can include either a `ResourceQuery` or a `Configuration` , but not both.\n> - You can specify the group's membership either by using a `ResourceQuery` or by using a list of `Resources` , but not both.", + "title": "ResourceQuery" + }, + "Resources": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the Amazon Resource Names (ARNs) of AWS resources that you want to add to the specified group.\n\n> - You can specify the group membership either by using a list of `Resources` or by using a `ResourceQuery` , but not both.\n> - You can include a `Resources` property only if you also specify a `Configuration` property.", + "title": "Resources", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tag key and value pairs that are attached to the resource group.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ResourceGroups::Group" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::ResourceGroups::Group.ConfigurationItem": { + "additionalProperties": false, + "properties": { + "Parameters": { + "items": { + "$ref": "#/definitions/AWS::ResourceGroups::Group.ConfigurationParameter" + }, + "markdownDescription": "A collection of parameters for this configuration item. For the list of parameters that you can use with each configuration item `Type` , see [Supported resource types and parameters](https://docs.aws.amazon.com//ARG/latest/APIReference/about-slg.html#about-slg-types) in the *AWS Resource Groups User Guide* .", + "title": "Parameters", + "type": "array" + }, + "Type": { + "markdownDescription": "Specifies the type of configuration item. Each item must have a unique value for type. For the list of the types that you can specify for a configuration item, see [Supported resource types and parameters](https://docs.aws.amazon.com//ARG/latest/APIReference/about-slg.html#about-slg-types) in the *AWS Resource Groups User Guide* .", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ResourceGroups::Group.ConfigurationParameter": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the group configuration parameter. For the list of parameters that you can use with each configuration item type, see [Supported resource types and parameters](https://docs.aws.amazon.com//ARG/latest/APIReference/about-slg.html#about-slg-types) in the *AWS Resource Groups User Guide* .", + "title": "Name", + "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The value or values to be used for the specified parameter. For the list of values you can use with each parameter, see [Supported resource types and parameters](https://docs.aws.amazon.com//ARG/latest/APIReference/about-slg.html#about-slg-types) .", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ResourceGroups::Group.Query": { + "additionalProperties": false, + "properties": { + "ResourceTypeFilters": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies limits to the types of resources that can be included in the resource group. For example, if `ResourceTypeFilters` is `[\"AWS::EC2::Instance\", \"AWS::DynamoDB::Table\"]` , only EC2 instances or DynamoDB tables can be members of this resource group. The default value is `[\"AWS::AllSupported\"]` .", + "title": "ResourceTypeFilters", + "type": "array" + }, + "StackIdentifier": { + "markdownDescription": "Specifies the ARN of a CloudFormation stack. All supported resources of the CloudFormation stack are members of the resource group. If you don't specify an ARN, this parameter defaults to the current stack that you are defining, which means that all the resources of the current stack are grouped.\n\nYou can specify a value for `StackIdentifier` only when the `ResourceQuery.Type` property is `CLOUDFORMATION_STACK_1_0.`", + "title": "StackIdentifier", + "type": "string" + }, + "TagFilters": { + "items": { + "$ref": "#/definitions/AWS::ResourceGroups::Group.TagFilter" + }, + "markdownDescription": "A list of key-value pair objects that limit which resources can be members of the resource group. This property is required when the `ResourceQuery.Type` property is `TAG_FILTERS_1_0` .\n\nA resource must have a tag that matches every filter that is provided in the `TagFilters` list.", + "title": "TagFilters", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ResourceGroups::Group.ResourceQuery": { + "additionalProperties": false, + "properties": { + "Query": { + "$ref": "#/definitions/AWS::ResourceGroups::Group.Query", + "markdownDescription": "The query that defines the membership of the group. This is a structure with properties that depend on the `Type` .\n\nThe `Query` structure must be included in the following scenarios:\n\n- When the `Type` is `TAG_FILTERS_1_0` , you must specify a `Query` structure that contains a `TagFilters` list of tags. Resources with tags that match those in the `TagFilter` list become members of the resource group.\n- When the `Type` is `CLOUDFORMATION_STACK_1_0` then this field is required only when you must specify a CloudFormation stack other than the one you are defining. To do this, the `Query` structure must contain the `StackIdentifier` property. If you don't specify either a `Query` structure or a `StackIdentifier` within that `Query` , then it defaults to the CloudFormation stack that you're currently constructing.", + "title": "Query" + }, + "Type": { + "markdownDescription": "Specifies the type of resource query that determines this group's membership. There are two valid query types:\n\n- `TAG_FILTERS_1_0` indicates that the group is a tag-based group. To complete the group membership, you must include the `TagFilters` property to specify the tag filters to use in the query.\n- `CLOUDFORMATION_STACK_1_0` , the default, indicates that the group is a CloudFormation stack-based group. Group membership is based on the CloudFormation stack. You must specify the `StackIdentifier` property in the query to define which stack to associate the group with, or leave it empty to default to the stack where the group is defined.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ResourceGroups::Group.TagFilter": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "A string that defines a tag key. Only resources in the account that are tagged with a specified tag key are members of the tag-based resource group.\n\nThis field is required when the `ResourceQuery` structure's `Type` property is `TAG_FILTERS_1_0` . You must specify at least one tag key.", + "title": "Key", + "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of tag values that can be included in the tag-based resource group. This is optional. If you don't specify a value or values for a key, then an AWS resource with any value for that key is a member.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ResourceGroups::TagSyncTask": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Group": { + "markdownDescription": "The Amazon resource name (ARN) or name of the application group for which you want to create a tag-sync task.", + "title": "Group", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The Amazon resource name (ARN) of the role assumed by the service to tag and untag resources on your behalf.", + "title": "RoleArn", + "type": "string" + }, + "TagKey": { + "markdownDescription": "The tag key.", + "title": "TagKey", + "type": "string" + }, + "TagValue": { + "markdownDescription": "The tag value.", + "title": "TagValue", + "type": "string" + } + }, + "required": [ + "Group", + "RoleArn", + "TagKey", + "TagValue" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ResourceGroups::TagSyncTask" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::RoboMaker::Fleet": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the fleet.", + "title": "Name", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The list of all tags added to the fleet.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RoboMaker::Fleet" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::RoboMaker::Robot": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Architecture": { + "markdownDescription": "The architecture of the robot.", + "title": "Architecture", + "type": "string" + }, + "Fleet": { + "markdownDescription": "The Amazon Resource Name (ARN) of the fleet to which the robot will be registered.", + "title": "Fleet", + "type": "string" + }, + "GreengrassGroupId": { + "markdownDescription": "The Greengrass group associated with the robot.", + "title": "GreengrassGroupId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the robot.", + "title": "Name", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "A map that contains tag keys and tag values that are attached to the robot.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "Architecture", + "GreengrassGroupId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RoboMaker::Robot" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::RoboMaker::RobotApplication": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CurrentRevisionId": { + "markdownDescription": "The current revision id.", + "title": "CurrentRevisionId", + "type": "string" + }, + "Environment": { + "markdownDescription": "The environment of the robot application.", + "title": "Environment", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the robot application.", + "title": "Name", + "type": "string" + }, + "RobotSoftwareSuite": { + "$ref": "#/definitions/AWS::RoboMaker::RobotApplication.RobotSoftwareSuite", + "markdownDescription": "The robot software suite used by the robot application.", + "title": "RobotSoftwareSuite" + }, + "Sources": { + "items": { + "$ref": "#/definitions/AWS::RoboMaker::RobotApplication.SourceConfig" + }, + "markdownDescription": "The sources of the robot application.", + "title": "Sources", + "type": "array" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "A map that contains tag keys and tag values that are attached to the robot application.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "RobotSoftwareSuite" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RoboMaker::RobotApplication" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::RoboMaker::RobotApplication.RobotSoftwareSuite": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the robot software suite. `General` is the only supported value.", + "title": "Name", + "type": "string" + }, + "Version": { + "markdownDescription": "The version of the robot software suite. Not applicable for General software suite.", + "title": "Version", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::RoboMaker::RobotApplication.SourceConfig": { + "additionalProperties": false, + "properties": { + "Architecture": { + "markdownDescription": "The target processor architecture for the application.", + "title": "Architecture", + "type": "string" + }, + "S3Bucket": { + "markdownDescription": "The Amazon S3 bucket name.", + "title": "S3Bucket", + "type": "string" + }, + "S3Key": { + "markdownDescription": "The s3 object key.", + "title": "S3Key", + "type": "string" + } + }, + "required": [ + "Architecture", + "S3Bucket", + "S3Key" + ], + "type": "object" + }, + "AWS::RoboMaker::RobotApplicationVersion": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Application": { + "markdownDescription": "The application information for the robot application.", + "title": "Application", + "type": "string" + }, + "CurrentRevisionId": { + "markdownDescription": "The current revision id for the robot application. If you provide a value and it matches the latest revision ID, a new version will be created.", + "title": "CurrentRevisionId", + "type": "string" + } + }, + "required": [ + "Application" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RoboMaker::RobotApplicationVersion" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::RoboMaker::SimulationApplication": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CurrentRevisionId": { + "markdownDescription": "The current revision id.", + "title": "CurrentRevisionId", + "type": "string" + }, + "Environment": { + "markdownDescription": "The environment of the simulation application.", + "title": "Environment", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the simulation application.", + "title": "Name", + "type": "string" + }, + "RenderingEngine": { + "$ref": "#/definitions/AWS::RoboMaker::SimulationApplication.RenderingEngine", + "markdownDescription": "The rendering engine for the simulation application.", + "title": "RenderingEngine" + }, + "RobotSoftwareSuite": { + "$ref": "#/definitions/AWS::RoboMaker::SimulationApplication.RobotSoftwareSuite", + "markdownDescription": "The robot software suite used by the simulation application.", + "title": "RobotSoftwareSuite" + }, + "SimulationSoftwareSuite": { + "$ref": "#/definitions/AWS::RoboMaker::SimulationApplication.SimulationSoftwareSuite", + "markdownDescription": "The simulation software suite used by the simulation application.", + "title": "SimulationSoftwareSuite" + }, + "Sources": { + "items": { + "$ref": "#/definitions/AWS::RoboMaker::SimulationApplication.SourceConfig" + }, + "markdownDescription": "The sources of the simulation application.", + "title": "Sources", + "type": "array" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "A map that contains tag keys and tag values that are attached to the simulation application.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "RobotSoftwareSuite", + "SimulationSoftwareSuite" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RoboMaker::SimulationApplication" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::RoboMaker::SimulationApplication.RenderingEngine": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the rendering engine.", + "title": "Name", + "type": "string" + }, + "Version": { + "markdownDescription": "The version of the rendering engine.", + "title": "Version", + "type": "string" + } + }, + "required": [ + "Name", + "Version" + ], + "type": "object" + }, + "AWS::RoboMaker::SimulationApplication.RobotSoftwareSuite": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the robot software suite. `General` is the only supported value.", + "title": "Name", + "type": "string" + }, + "Version": { + "markdownDescription": "The version of the robot software suite. Not applicable for General software suite.", + "title": "Version", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::RoboMaker::SimulationApplication.SimulationSoftwareSuite": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the simulation software suite. `SimulationRuntime` is the only supported value.", + "title": "Name", + "type": "string" + }, + "Version": { + "markdownDescription": "The version of the simulation software suite. Not applicable for `SimulationRuntime` .", + "title": "Version", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::RoboMaker::SimulationApplication.SourceConfig": { + "additionalProperties": false, + "properties": { + "Architecture": { + "markdownDescription": "The target processor architecture for the application.", + "title": "Architecture", + "type": "string" + }, + "S3Bucket": { + "markdownDescription": "The Amazon S3 bucket name.", + "title": "S3Bucket", + "type": "string" + }, + "S3Key": { + "markdownDescription": "The s3 object key.", + "title": "S3Key", + "type": "string" + } + }, + "required": [ + "Architecture", + "S3Bucket", + "S3Key" + ], + "type": "object" + }, + "AWS::RoboMaker::SimulationApplicationVersion": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Application": { + "markdownDescription": "The application information for the simulation application.", + "title": "Application", + "type": "string" + }, + "CurrentRevisionId": { + "markdownDescription": "The current revision id for the simulation application. If you provide a value and it matches the latest revision ID, a new version will be created.", + "title": "CurrentRevisionId", + "type": "string" + } + }, + "required": [ + "Application" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RoboMaker::SimulationApplicationVersion" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::RolesAnywhere::CRL": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CrlData": { + "markdownDescription": "The x509 v3 specified certificate revocation list (CRL).", + "title": "CrlData", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Specifies whether the certificate revocation list (CRL) is enabled.", + "title": "Enabled", + "type": "boolean" + }, + "Name": { + "markdownDescription": "The name of the certificate revocation list (CRL).", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags to attach to the certificate revocation list (CRL).", + "title": "Tags", + "type": "array" + }, + "TrustAnchorArn": { + "markdownDescription": "The ARN of the TrustAnchor the certificate revocation list (CRL) will provide revocation for.", + "title": "TrustAnchorArn", + "type": "string" + } + }, + "required": [ + "CrlData", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RolesAnywhere::CRL" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::RolesAnywhere::Profile": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AcceptRoleSessionName": { + "markdownDescription": "Used to determine if a custom role session name will be accepted in a temporary credential request.", + "title": "AcceptRoleSessionName", + "type": "boolean" + }, + "AttributeMappings": { + "items": { + "$ref": "#/definitions/AWS::RolesAnywhere::Profile.AttributeMapping" + }, + "markdownDescription": "A mapping applied to the authenticating end-entity certificate.", + "title": "AttributeMappings", + "type": "array" + }, + "DurationSeconds": { + "markdownDescription": "The number of seconds vended session credentials will be valid for", + "title": "DurationSeconds", + "type": "number" + }, + "Enabled": { + "markdownDescription": "The enabled status of the resource.", + "title": "Enabled", + "type": "boolean" + }, + "ManagedPolicyArns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of managed policy ARNs. Managed policies identified by this list will be applied to the vended session credentials.", + "title": "ManagedPolicyArns", + "type": "array" + }, + "Name": { + "markdownDescription": "The customer specified name of the resource.", + "title": "Name", + "type": "string" + }, + "RequireInstanceProperties": { + "markdownDescription": "Specifies whether instance properties are required in CreateSession requests with this profile.", + "title": "RequireInstanceProperties", + "type": "boolean" + }, + "RoleArns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of IAM role ARNs that can be assumed when this profile is specified in a CreateSession request.", + "title": "RoleArns", + "type": "array" + }, + "SessionPolicy": { + "markdownDescription": "A session policy that will applied to the trust boundary of the vended session credentials.", + "title": "SessionPolicy", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of Tags.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Name", + "RoleArns" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RolesAnywhere::Profile" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::RolesAnywhere::Profile.AttributeMapping": { + "additionalProperties": false, + "properties": { + "CertificateField": { + "markdownDescription": "Fields (x509Subject, x509Issuer and x509SAN) within X.509 certificates.", + "title": "CertificateField", + "type": "string" + }, + "MappingRules": { + "items": { + "$ref": "#/definitions/AWS::RolesAnywhere::Profile.MappingRule" + }, + "markdownDescription": "A list of mapping entries for every supported specifier or sub-field.", + "title": "MappingRules", + "type": "array" + } + }, + "required": [ + "CertificateField", + "MappingRules" + ], + "type": "object" + }, + "AWS::RolesAnywhere::Profile.MappingRule": { + "additionalProperties": false, + "properties": { + "Specifier": { + "markdownDescription": "Specifier within a certificate field, such as CN, OU, or UID from the Subject field.", + "title": "Specifier", + "type": "string" + } + }, + "required": [ + "Specifier" + ], + "type": "object" + }, + "AWS::RolesAnywhere::TrustAnchor": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Indicates whether the trust anchor is enabled.", + "title": "Enabled", + "type": "boolean" + }, + "Name": { + "markdownDescription": "The name of the trust anchor.", + "title": "Name", + "type": "string" + }, + "NotificationSettings": { + "items": { + "$ref": "#/definitions/AWS::RolesAnywhere::TrustAnchor.NotificationSetting" + }, + "markdownDescription": "A list of notification settings to be associated to the trust anchor.", + "title": "NotificationSettings", + "type": "array" + }, + "Source": { + "$ref": "#/definitions/AWS::RolesAnywhere::TrustAnchor.Source", + "markdownDescription": "The trust anchor type and its related certificate data.", + "title": "Source" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to attach to the trust anchor.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Name", + "Source" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RolesAnywhere::TrustAnchor" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::RolesAnywhere::TrustAnchor.NotificationSetting": { + "additionalProperties": false, + "properties": { + "Channel": { + "markdownDescription": "The specified channel of notification. IAM Roles Anywhere uses CloudWatch metrics, EventBridge, and AWS Health Dashboard to notify for an event.\n\n> In the absence of a specific channel, IAM Roles Anywhere applies this setting to 'ALL' channels.", + "title": "Channel", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Indicates whether the notification setting is enabled.", + "title": "Enabled", + "type": "boolean" + }, + "Event": { + "markdownDescription": "The event to which this notification setting is applied.", + "title": "Event", + "type": "string" + }, + "Threshold": { + "markdownDescription": "The number of days before a notification event. This value is required for a notification setting that is enabled.", + "title": "Threshold", + "type": "number" + } + }, + "required": [ + "Enabled", + "Event" + ], + "type": "object" + }, + "AWS::RolesAnywhere::TrustAnchor.Source": { + "additionalProperties": false, + "properties": { + "SourceData": { + "$ref": "#/definitions/AWS::RolesAnywhere::TrustAnchor.SourceData", + "markdownDescription": "A union object representing the data field of the TrustAnchor depending on its type", + "title": "SourceData" + }, + "SourceType": { + "markdownDescription": "The type of the TrustAnchor.", + "title": "SourceType", + "type": "string" + } + }, + "required": [ + "SourceData", + "SourceType" + ], + "type": "object" + }, + "AWS::RolesAnywhere::TrustAnchor.SourceData": { + "additionalProperties": false, + "properties": { + "AcmPcaArn": { + "markdownDescription": "The root certificate of the AWS Private Certificate Authority specified by this ARN is used in trust validation for temporary credential requests. Included for trust anchors of type `AWS_ACM_PCA` .\n\n> This field is not supported in your region.", + "title": "AcmPcaArn", + "type": "string" + }, + "X509CertificateData": { + "markdownDescription": "The PEM-encoded data for the certificate anchor. Included for trust anchors of type `CERTIFICATE_BUNDLE` .", + "title": "X509CertificateData", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Route53::CidrCollection": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Locations": { + "items": { + "$ref": "#/definitions/AWS::Route53::CidrCollection.Location" + }, + "markdownDescription": "A complex type that contains information about the list of CIDR locations.", + "title": "Locations", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of a CIDR collection.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53::CidrCollection" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Route53::CidrCollection.Location": { + "additionalProperties": false, + "properties": { + "CidrList": { + "items": { + "type": "string" + }, + "markdownDescription": "List of CIDR blocks.", + "title": "CidrList", + "type": "array" + }, + "LocationName": { + "markdownDescription": "The CIDR collection location name.", + "title": "LocationName", + "type": "string" + } + }, + "required": [ + "CidrList", + "LocationName" + ], + "type": "object" + }, + "AWS::Route53::DNSSEC": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "HostedZoneId": { + "markdownDescription": "A unique string (ID) that is used to identify a hosted zone. For example: `Z00001111A1ABCaaABC11` .", + "title": "HostedZoneId", + "type": "string" + } + }, + "required": [ + "HostedZoneId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53::DNSSEC" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Route53::HealthCheck": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "HealthCheckConfig": { + "$ref": "#/definitions/AWS::Route53::HealthCheck.HealthCheckConfig", + "markdownDescription": "A complex type that contains detailed information about one health check.\n\nFor the values to enter for `HealthCheckConfig` , see [HealthCheckConfig](https://docs.aws.amazon.com/Route53/latest/APIReference/API_HealthCheckConfig.html)", + "title": "HealthCheckConfig" + }, + "HealthCheckTags": { + "items": { + "$ref": "#/definitions/AWS::Route53::HealthCheck.HealthCheckTag" + }, + "markdownDescription": "The `HealthCheckTags` property describes key-value pairs that are associated with an `AWS::Route53::HealthCheck` resource.", + "title": "HealthCheckTags", + "type": "array" + } + }, + "required": [ + "HealthCheckConfig" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53::HealthCheck" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Route53::HealthCheck.AlarmIdentifier": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the CloudWatch alarm that you want Amazon Route 53 health checkers to use to determine whether this health check is healthy.\n\n> Route 53 supports CloudWatch alarms with the following features:\n> \n> - Standard-resolution metrics. High-resolution metrics aren't supported. For more information, see [High-Resolution Metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/publishingMetrics.html#high-resolution-metrics) in the *Amazon CloudWatch User Guide* .\n> - Statistics: Average, Minimum, Maximum, Sum, and SampleCount. Extended statistics aren't supported.", + "title": "Name", + "type": "string" + }, + "Region": { + "markdownDescription": "For the CloudWatch alarm that you want Route 53 health checkers to use to determine whether this health check is healthy, the region that the alarm was created in.\n\nFor the current list of CloudWatch regions, see [Amazon CloudWatch endpoints and quotas](https://docs.aws.amazon.com/general/latest/gr/cw_region.html) in the *Amazon Web Services General Reference* .", + "title": "Region", + "type": "string" + } + }, + "required": [ + "Name", + "Region" + ], + "type": "object" + }, + "AWS::Route53::HealthCheck.HealthCheckConfig": { + "additionalProperties": false, + "properties": { + "AlarmIdentifier": { + "$ref": "#/definitions/AWS::Route53::HealthCheck.AlarmIdentifier", + "markdownDescription": "A complex type that identifies the CloudWatch alarm that you want Amazon Route 53 health checkers to use to determine whether the specified health check is healthy.", + "title": "AlarmIdentifier" + }, + "ChildHealthChecks": { + "items": { + "type": "string" + }, + "markdownDescription": "(CALCULATED Health Checks Only) A complex type that contains one `ChildHealthCheck` element for each health check that you want to associate with a `CALCULATED` health check.", + "title": "ChildHealthChecks", + "type": "array" + }, + "EnableSNI": { + "markdownDescription": "Specify whether you want Amazon Route 53 to send the value of `FullyQualifiedDomainName` to the endpoint in the `client_hello` message during TLS negotiation. This allows the endpoint to respond to `HTTPS` health check requests with the applicable SSL/TLS certificate.\n\nSome endpoints require that `HTTPS` requests include the host name in the `client_hello` message. If you don't enable SNI, the status of the health check will be `SSL alert handshake_failure` . A health check can also have that status for other reasons. If SNI is enabled and you're still getting the error, check the SSL/TLS configuration on your endpoint and confirm that your certificate is valid.\n\nThe SSL/TLS certificate on your endpoint includes a domain name in the `Common Name` field and possibly several more in the `Subject Alternative Names` field. One of the domain names in the certificate should match the value that you specify for `FullyQualifiedDomainName` . If the endpoint responds to the `client_hello` message with a certificate that does not include the domain name that you specified in `FullyQualifiedDomainName` , a health checker will retry the handshake. In the second attempt, the health checker will omit `FullyQualifiedDomainName` from the `client_hello` message.", + "title": "EnableSNI", + "type": "boolean" + }, + "FailureThreshold": { + "markdownDescription": "The number of consecutive health checks that an endpoint must pass or fail for Amazon Route 53 to change the current status of the endpoint from unhealthy to healthy or vice versa. For more information, see [How Amazon Route 53 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html) in the *Amazon Route 53 Developer Guide* .\n\nIf you don't specify a value for `FailureThreshold` , the default value is three health checks.", + "title": "FailureThreshold", + "type": "number" + }, + "FullyQualifiedDomainName": { + "markdownDescription": "Amazon Route 53 behavior depends on whether you specify a value for `IPAddress` .\n\n*If you specify a value for* `IPAddress` :\n\nAmazon Route 53 sends health check requests to the specified IPv4 or IPv6 address and passes the value of `FullyQualifiedDomainName` in the `Host` header for all health checks except TCP health checks. This is typically the fully qualified DNS name of the endpoint on which you want Route 53 to perform health checks.\n\nWhen Route 53 checks the health of an endpoint, here is how it constructs the `Host` header:\n\n- If you specify a value of `80` for `Port` and `HTTP` or `HTTP_STR_MATCH` for `Type` , Route 53 passes the value of `FullyQualifiedDomainName` to the endpoint in the Host header.\n- If you specify a value of `443` for `Port` and `HTTPS` or `HTTPS_STR_MATCH` for `Type` , Route 53 passes the value of `FullyQualifiedDomainName` to the endpoint in the `Host` header.\n- If you specify another value for `Port` and any value except `TCP` for `Type` , Route 53 passes `FullyQualifiedDomainName:Port` to the endpoint in the `Host` header.\n\nIf you don't specify a value for `FullyQualifiedDomainName` , Route 53 substitutes the value of `IPAddress` in the `Host` header in each of the preceding cases.\n\n*If you don't specify a value for `IPAddress`* :\n\nRoute 53 sends a DNS request to the domain that you specify for `FullyQualifiedDomainName` at the interval that you specify for `RequestInterval` . Using an IPv4 address that DNS returns, Route 53 then checks the health of the endpoint.\n\n> If you don't specify a value for `IPAddress` , Route 53 uses only IPv4 to send health checks to the endpoint. If there's no record with a type of A for the name that you specify for `FullyQualifiedDomainName` , the health check fails with a \"DNS resolution failed\" error. \n\nIf you want to check the health of multiple records that have the same name and type, such as multiple weighted records, and if you choose to specify the endpoint only by `FullyQualifiedDomainName` , we recommend that you create a separate health check for each endpoint. For example, create a health check for each HTTP server that is serving content for www.example.com. For the value of `FullyQualifiedDomainName` , specify the domain name of the server (such as us-east-2-www.example.com), not the name of the records (www.example.com).\n\n> In this configuration, if you create a health check for which the value of `FullyQualifiedDomainName` matches the name of the records and you then associate the health check with those records, health check results will be unpredictable. \n\nIn addition, if the value that you specify for `Type` is `HTTP` , `HTTPS` , `HTTP_STR_MATCH` , or `HTTPS_STR_MATCH` , Route 53 passes the value of `FullyQualifiedDomainName` in the `Host` header, as it does when you specify a value for `IPAddress` . If the value of `Type` is `TCP` , Route 53 doesn't pass a `Host` header.", + "title": "FullyQualifiedDomainName", + "type": "string" + }, + "HealthThreshold": { + "markdownDescription": "The number of child health checks that are associated with a `CALCULATED` health check that Amazon Route 53 must consider healthy for the `CALCULATED` health check to be considered healthy. To specify the child health checks that you want to associate with a `CALCULATED` health check, use the [ChildHealthChecks](https://docs.aws.amazon.com/Route53/latest/APIReference/API_UpdateHealthCheck.html#Route53-UpdateHealthCheck-request-ChildHealthChecks) element.\n\nNote the following:\n\n- If you specify a number greater than the number of child health checks, Route 53 always considers this health check to be unhealthy.\n- If you specify `0` , Route 53 always considers this health check to be healthy.", + "title": "HealthThreshold", + "type": "number" + }, + "IPAddress": { + "markdownDescription": "The IPv4 or IPv6 IP address of the endpoint that you want Amazon Route 53 to perform health checks on. If you don't specify a value for `IPAddress` , Route 53 sends a DNS request to resolve the domain name that you specify in `FullyQualifiedDomainName` at the interval that you specify in `RequestInterval` . Using an IP address returned by DNS, Route 53 then checks the health of the endpoint.\n\nUse one of the following formats for the value of `IPAddress` :\n\n- *IPv4 address* : four values between 0 and 255, separated by periods (.), for example, `192.0.2.44` .\n- *IPv6 address* : eight groups of four hexadecimal values, separated by colons (:), for example, `2001:0db8:85a3:0000:0000:abcd:0001:2345` . You can also shorten IPv6 addresses as described in RFC 5952, for example, `2001:db8:85a3::abcd:1:2345` .\n\nIf the endpoint is an EC2 instance, we recommend that you create an Elastic IP address, associate it with your EC2 instance, and specify the Elastic IP address for `IPAddress` . This ensures that the IP address of your instance will never change.\n\nFor more information, see [FullyQualifiedDomainName](https://docs.aws.amazon.com/Route53/latest/APIReference/API_UpdateHealthCheck.html#Route53-UpdateHealthCheck-request-FullyQualifiedDomainName) .\n\nConstraints: Route 53 can't check the health of endpoints for which the IP address is in local, private, non-routable, or multicast ranges. For more information about IP addresses for which you can't create health checks, see the following documents:\n\n- [RFC 5735, Special Use IPv4 Addresses](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc5735)\n- [RFC 6598, IANA-Reserved IPv4 Prefix for Shared Address Space](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6598)\n- [RFC 5156, Special-Use IPv6 Addresses](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc5156)\n\nWhen the value of `Type` is `CALCULATED` or `CLOUDWATCH_METRIC` , omit `IPAddress` .", + "title": "IPAddress", + "type": "string" + }, + "InsufficientDataHealthStatus": { + "markdownDescription": "When CloudWatch has insufficient data about the metric to determine the alarm state, the status that you want Amazon Route 53 to assign to the health check:\n\n- `Healthy` : Route 53 considers the health check to be healthy.\n- `Unhealthy` : Route 53 considers the health check to be unhealthy.\n- `LastKnownStatus` : Route 53 uses the status of the health check from the last time that CloudWatch had sufficient data to determine the alarm state. For new health checks that have no last known status, the default status for the health check is healthy.", + "title": "InsufficientDataHealthStatus", + "type": "string" + }, + "Inverted": { + "markdownDescription": "Specify whether you want Amazon Route 53 to invert the status of a health check, for example, to consider a health check unhealthy when it otherwise would be considered healthy.", + "title": "Inverted", + "type": "boolean" + }, + "MeasureLatency": { + "markdownDescription": "Specify whether you want Amazon Route 53 to measure the latency between health checkers in multiple AWS regions and your endpoint, and to display CloudWatch latency graphs on the *Health Checks* page in the Route 53 console.\n\n> You can't change the value of `MeasureLatency` after you create a health check.", + "title": "MeasureLatency", + "type": "boolean" + }, + "Port": { + "markdownDescription": "The port on the endpoint that you want Amazon Route 53 to perform health checks on.\n\n> Don't specify a value for `Port` when you specify a value for [Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-healthcheck-healthcheckconfig.html#cfn-route53-healthcheck-healthcheckconfig-type) of `CLOUDWATCH_METRIC` or `CALCULATED` .", + "title": "Port", + "type": "number" + }, + "Regions": { + "items": { + "type": "string" + }, + "markdownDescription": "A complex type that contains one `Region` element for each region from which you want Amazon Route 53 health checkers to check the specified endpoint.\n\nIf you don't specify any regions, Route 53 health checkers automatically performs checks from all of the regions that are listed under *Valid Values* .\n\nIf you update a health check to remove a region that has been performing health checks, Route 53 will briefly continue to perform checks from that region to ensure that some health checkers are always checking the endpoint (for example, if you replace three regions with four different regions).", + "title": "Regions", + "type": "array" + }, + "RequestInterval": { + "markdownDescription": "The number of seconds between the time that Amazon Route 53 gets a response from your endpoint and the time that it sends the next health check request. Each Route 53 health checker makes requests at this interval.\n\n> You can't change the value of `RequestInterval` after you create a health check. \n\nIf you don't specify a value for `RequestInterval` , the default value is `30` seconds.", + "title": "RequestInterval", + "type": "number" + }, + "ResourcePath": { + "markdownDescription": "The path, if any, that you want Amazon Route 53 to request when performing health checks. The path can be any value for which your endpoint will return an HTTP status code of 2xx or 3xx when the endpoint is healthy, for example, the file /docs/route53-health-check.html. You can also include query string parameters, for example, `/welcome.html?language=jp&login=y` .", + "title": "ResourcePath", + "type": "string" + }, + "RoutingControlArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the Route 53 Application Recovery Controller routing control.\n\nFor more information about Route 53 Application Recovery Controller, see [Route 53 Application Recovery Controller Developer Guide.](https://docs.aws.amazon.com/r53recovery/latest/dg/what-is-route-53-recovery.html) .", + "title": "RoutingControlArn", + "type": "string" + }, + "SearchString": { + "markdownDescription": "If the value of Type is `HTTP_STR_MATCH` or `HTTPS_STR_MATCH` , the string that you want Amazon Route 53 to search for in the response body from the specified resource. If the string appears in the response body, Route 53 considers the resource healthy.\n\nRoute 53 considers case when searching for `SearchString` in the response body.", + "title": "SearchString", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of health check that you want to create, which indicates how Amazon Route 53 determines whether an endpoint is healthy.\n\n> You can't change the value of `Type` after you create a health check. \n\nYou can create the following types of health checks:\n\n- *HTTP* : Route 53 tries to establish a TCP connection. If successful, Route 53 submits an HTTP request and waits for an HTTP status code of 200 or greater and less than 400.\n- *HTTPS* : Route 53 tries to establish a TCP connection. If successful, Route 53 submits an HTTPS request and waits for an HTTP status code of 200 or greater and less than 400.\n\n> If you specify `HTTPS` for the value of `Type` , the endpoint must support TLS v1.0 or later.\n- *HTTP_STR_MATCH* : Route 53 tries to establish a TCP connection. If successful, Route 53 submits an HTTP request and searches the first 5,120 bytes of the response body for the string that you specify in `SearchString` .\n- *HTTPS_STR_MATCH* : Route 53 tries to establish a TCP connection. If successful, Route 53 submits an `HTTPS` request and searches the first 5,120 bytes of the response body for the string that you specify in `SearchString` .\n- *TCP* : Route 53 tries to establish a TCP connection.\n- *CLOUDWATCH_METRIC* : The health check is associated with a CloudWatch alarm. If the state of the alarm is `OK` , the health check is considered healthy. If the state is `ALARM` , the health check is considered unhealthy. If CloudWatch doesn't have sufficient data to determine whether the state is `OK` or `ALARM` , the health check status depends on the setting for `InsufficientDataHealthStatus` : `Healthy` , `Unhealthy` , or `LastKnownStatus` .\n\n> Route 53 supports CloudWatch alarms with the following features:\n> \n> - Standard-resolution metrics. High-resolution metrics aren't supported. For more information, see [High-Resolution Metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/publishingMetrics.html#high-resolution-metrics) in the *Amazon CloudWatch User Guide* .\n> - Statistics: Average, Minimum, Maximum, Sum, and SampleCount. Extended statistics aren't supported.\n- *CALCULATED* : For health checks that monitor the status of other health checks, Route 53 adds up the number of health checks that Route 53 health checkers consider to be healthy and compares that number with the value of `HealthThreshold` .\n- *RECOVERY_CONTROL* : The health check is assocated with a Route53 Application Recovery Controller routing control. If the routing control state is `ON` , the health check is considered healthy. If the state is `OFF` , the health check is considered unhealthy.\n\nFor more information, see [How Route 53 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html) in the *Amazon Route 53 Developer Guide* .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Route53::HealthCheck.HealthCheckTag": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The value of `Key` depends on the operation that you want to perform:\n\n- *Add a tag to a health check or hosted zone* : `Key` is the name that you want to give the new tag.\n- *Edit a tag* : `Key` is the name of the tag that you want to change the `Value` for.\n- *Delete a key* : `Key` is the name of the tag you want to remove.\n- *Give a name to a health check* : Edit the default `Name` tag. In the Amazon Route 53 console, the list of your health checks includes a *Name* column that lets you see the name that you've given to each health check.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of `Value` depends on the operation that you want to perform:\n\n- *Add a tag to a health check or hosted zone* : `Value` is the value that you want to give the new tag.\n- *Edit a tag* : `Value` is the new value that you want to assign the tag.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::Route53::HostedZone": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "HostedZoneConfig": { + "$ref": "#/definitions/AWS::Route53::HostedZone.HostedZoneConfig", + "markdownDescription": "A complex type that contains an optional comment.\n\nIf you don't want to specify a comment, omit the `HostedZoneConfig` and `Comment` elements.", + "title": "HostedZoneConfig" + }, + "HostedZoneTags": { + "items": { + "$ref": "#/definitions/AWS::Route53::HostedZone.HostedZoneTag" + }, + "markdownDescription": "Adds, edits, or deletes tags for a health check or a hosted zone.\n\nFor information about using tags for cost allocation, see [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html) in the *Billing and Cost Management User Guide* .", + "title": "HostedZoneTags", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the domain. Specify a fully qualified domain name, for example, *www.example.com* . The trailing dot is optional; Amazon Route 53 assumes that the domain name is fully qualified. This means that Route 53 treats *www.example.com* (without a trailing dot) and *www.example.com.* (with a trailing dot) as identical.\n\nIf you're creating a public hosted zone, this is the name you have registered with your DNS registrar. If your domain name is registered with a registrar other than Route 53, change the name servers for your domain to the set of `NameServers` that are returned by the `Fn::GetAtt` intrinsic function.", + "title": "Name", + "type": "string" + }, + "QueryLoggingConfig": { + "$ref": "#/definitions/AWS::Route53::HostedZone.QueryLoggingConfig", + "markdownDescription": "Creates a configuration for DNS query logging. After you create a query logging configuration, Amazon Route 53 begins to publish log data to an Amazon CloudWatch Logs log group.\n\nDNS query logs contain information about the queries that Route 53 receives for a specified public hosted zone, such as the following:\n\n- Route 53 edge location that responded to the DNS query\n- Domain or subdomain that was requested\n- DNS record type, such as A or AAAA\n- DNS response code, such as `NoError` or `ServFail`\n\n- **Log Group and Resource Policy** - Before you create a query logging configuration, perform the following operations.\n\n> If you create a query logging configuration using the Route 53 console, Route 53 performs these operations automatically. \n\n- Create a CloudWatch Logs log group, and make note of the ARN, which you specify when you create a query logging configuration. Note the following:\n\n- You must create the log group in the us-east-1 region.\n- You must use the same AWS account to create the log group and the hosted zone that you want to configure query logging for.\n- When you create log groups for query logging, we recommend that you use a consistent prefix, for example:\n\n`/aws/route53/ *hosted zone name*`\n\nIn the next step, you'll create a resource policy, which controls access to one or more log groups and the associated AWS resources, such as Route 53 hosted zones. There's a limit on the number of resource policies that you can create, so we recommend that you use a consistent prefix so you can use the same resource policy for all the log groups that you create for query logging.\n- Create a CloudWatch Logs resource policy, and give it the permissions that Route 53 needs to create log streams and to send query logs to log streams. You must create the CloudWatch Logs resource policy in the us-east-1 region. For the value of `Resource` , specify the ARN for the log group that you created in the previous step. To use the same resource policy for all the CloudWatch Logs log groups that you created for query logging configurations, replace the hosted zone name with `*` , for example:\n\n`arn:aws:logs:us-east-1:123412341234:log-group:/aws/route53/*`\n\nTo avoid the confused deputy problem, a security issue where an entity without a permission for an action can coerce a more-privileged entity to perform it, you can optionally limit the permissions that a service has to a resource in a resource-based policy by supplying the following values:\n\n- For `aws:SourceArn` , supply the hosted zone ARN used in creating the query logging configuration. For example, `aws:SourceArn: arn:aws:route53:::hostedzone/hosted zone ID` .\n- For `aws:SourceAccount` , supply the account ID for the account that creates the query logging configuration. For example, `aws:SourceAccount:111111111111` .\n\nFor more information, see [The confused deputy problem](https://docs.aws.amazon.com/IAM/latest/UserGuide/confused-deputy.html) in the *AWS IAM User Guide* .\n\n> You can't use the CloudWatch console to create or edit a resource policy. You must use the CloudWatch API, one of the AWS SDKs, or the AWS CLI .\n- **Log Streams and Edge Locations** - When Route 53 finishes creating the configuration for DNS query logging, it does the following:\n\n- Creates a log stream for an edge location the first time that the edge location responds to DNS queries for the specified hosted zone. That log stream is used to log all queries that Route 53 responds to for that edge location.\n- Begins to send query logs to the applicable log stream.\n\nThe name of each log stream is in the following format:\n\n`*hosted zone ID* / *edge location code*`\n\nThe edge location code is a three-letter code and an arbitrarily assigned number, for example, DFW3. The three-letter code typically corresponds with the International Air Transport Association airport code for an airport near the edge location. (These abbreviations might change in the future.) For a list of edge locations, see \"The Route 53 Global Network\" on the [Route 53 Product Details](https://docs.aws.amazon.com/route53/details/) page.\n- **Queries That Are Logged** - Query logs contain only the queries that DNS resolvers forward to Route 53. If a DNS resolver has already cached the response to a query (such as the IP address for a load balancer for example.com), the resolver will continue to return the cached response. It doesn't forward another query to Route 53 until the TTL for the corresponding resource record set expires. Depending on how many DNS queries are submitted for a resource record set, and depending on the TTL for that resource record set, query logs might contain information about only one query out of every several thousand queries that are submitted to DNS. For more information about how DNS works, see [Routing Internet Traffic to Your Website or Web Application](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/welcome-dns-service.html) in the *Amazon Route 53 Developer Guide* .\n- **Log File Format** - For a list of the values in each query log and the format of each value, see [Logging DNS Queries](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/query-logs.html) in the *Amazon Route 53 Developer Guide* .\n- **Pricing** - For information about charges for query logs, see [Amazon CloudWatch Pricing](https://docs.aws.amazon.com/cloudwatch/pricing/) .\n- **How to Stop Logging** - If you want Route 53 to stop sending query logs to CloudWatch Logs, delete the query logging configuration. For more information, see [DeleteQueryLoggingConfig](https://docs.aws.amazon.com/Route53/latest/APIReference/API_DeleteQueryLoggingConfig.html) .", + "title": "QueryLoggingConfig" + }, + "VPCs": { + "items": { + "$ref": "#/definitions/AWS::Route53::HostedZone.VPC" + }, + "markdownDescription": "*Private hosted zones:* A complex type that contains information about the VPCs that are associated with the specified hosted zone.\n\n> For public hosted zones, omit `VPCs` , `VPCId` , and `VPCRegion` .", + "title": "VPCs", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53::HostedZone" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Route53::HostedZone.HostedZoneConfig": { + "additionalProperties": false, + "properties": { + "Comment": { + "markdownDescription": "Any comments that you want to include about the hosted zone.", + "title": "Comment", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Route53::HostedZone.HostedZoneTag": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The value of `Key` depends on the operation that you want to perform:\n\n- *Add a tag to a health check or hosted zone* : `Key` is the name that you want to give the new tag.\n- *Edit a tag* : `Key` is the name of the tag that you want to change the `Value` for.\n- *Delete a key* : `Key` is the name of the tag you want to remove.\n- *Give a name to a health check* : Edit the default `Name` tag. In the Amazon Route 53 console, the list of your health checks includes a *Name* column that lets you see the name that you've given to each health check.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of `Value` depends on the operation that you want to perform:\n\n- *Add a tag to a health check or hosted zone* : `Value` is the value that you want to give the new tag.\n- *Edit a tag* : `Value` is the new value that you want to assign the tag.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::Route53::HostedZone.QueryLoggingConfig": { + "additionalProperties": false, + "properties": { + "CloudWatchLogsLogGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the CloudWatch Logs log group that Amazon Route 53 is publishing logs to.", + "title": "CloudWatchLogsLogGroupArn", + "type": "string" + } + }, + "required": [ + "CloudWatchLogsLogGroupArn" + ], + "type": "object" + }, + "AWS::Route53::HostedZone.VPC": { + "additionalProperties": false, + "properties": { + "VPCId": { + "markdownDescription": "*Private hosted zones only:* The ID of an Amazon VPC.\n\n> For public hosted zones, omit `VPCs` , `VPCId` , and `VPCRegion` .", + "title": "VPCId", + "type": "string" + }, + "VPCRegion": { + "markdownDescription": "*Private hosted zones only:* The region that an Amazon VPC was created in.\n\n> For public hosted zones, omit `VPCs` , `VPCId` , and `VPCRegion` .", + "title": "VPCRegion", + "type": "string" + } + }, + "required": [ + "VPCId", + "VPCRegion" + ], + "type": "object" + }, + "AWS::Route53::KeySigningKey": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "HostedZoneId": { + "markdownDescription": "The unique string (ID) that is used to identify a hosted zone. For example: `Z00001111A1ABCaaABC11` .", + "title": "HostedZoneId", + "type": "string" + }, + "KeyManagementServiceArn": { + "markdownDescription": "The Amazon resource name (ARN) for a customer managed customer master key (CMK) in AWS Key Management Service ( AWS KMS ). The `KeyManagementServiceArn` must be unique for each key-signing key (KSK) in a single hosted zone. For example: `arn:aws:kms:us-east-1:111122223333:key/111a2222-a11b-1ab1-2ab2-1ab21a2b3a111` .", + "title": "KeyManagementServiceArn", + "type": "string" + }, + "Name": { + "markdownDescription": "A string used to identify a key-signing key (KSK). `Name` can include numbers, letters, and underscores (_). `Name` must be unique for each key-signing key in the same hosted zone.", + "title": "Name", + "type": "string" + }, + "Status": { + "markdownDescription": "A string that represents the current key-signing key (KSK) status.\n\nStatus can have one of the following values:\n\n- **ACTIVE** - The KSK is being used for signing.\n- **INACTIVE** - The KSK is not being used for signing.\n- **DELETING** - The KSK is in the process of being deleted.\n- **ACTION_NEEDED** - There is a problem with the KSK that requires you to take action to resolve. For example, the customer managed key might have been deleted, or the permissions for the customer managed key might have been changed.\n- **INTERNAL_FAILURE** - There was an error during a request. Before you can continue to work with DNSSEC signing, including actions that involve this KSK, you must correct the problem. For example, you may need to activate or deactivate the KSK.", + "title": "Status", + "type": "string" + } + }, + "required": [ + "HostedZoneId", + "KeyManagementServiceArn", + "Name", + "Status" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53::KeySigningKey" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Route53::RecordSet": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AliasTarget": { + "$ref": "#/definitions/AWS::Route53::RecordSet.AliasTarget", + "markdownDescription": "*Alias resource record sets only:* Information about the AWS resource, such as a CloudFront distribution or an Amazon S3 bucket, that you want to route traffic to.\n\nIf you're creating resource records sets for a private hosted zone, note the following:\n\n- You can't create an alias resource record set in a private hosted zone to route traffic to a CloudFront distribution.\n- For information about creating failover resource record sets in a private hosted zone, see [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html) in the *Amazon Route 53 Developer Guide* .", + "title": "AliasTarget" + }, + "CidrRoutingConfig": { + "$ref": "#/definitions/AWS::Route53::RecordSet.CidrRoutingConfig", + "markdownDescription": "The object that is specified in resource record set object when you are linking a resource record set to a CIDR location.\n\nA `LocationName` with an asterisk \u201c*\u201d can be used to create a default CIDR record. `CollectionId` is still required for default record.", + "title": "CidrRoutingConfig" + }, + "Comment": { + "markdownDescription": "*Optional:* Any comments you want to include about a change batch request.", + "title": "Comment", + "type": "string" + }, + "Failover": { + "markdownDescription": "*Failover resource record sets only:* To configure failover, you add the `Failover` element to two resource record sets. For one resource record set, you specify `PRIMARY` as the value for `Failover` ; for the other resource record set, you specify `SECONDARY` . In addition, you include the `HealthCheckId` element and specify the health check that you want Amazon Route 53 to perform for each resource record set.\n\nExcept where noted, the following failover behaviors assume that you have included the `HealthCheckId` element in both resource record sets:\n\n- When the primary resource record set is healthy, Route 53 responds to DNS queries with the applicable value from the primary resource record set regardless of the health of the secondary resource record set.\n- When the primary resource record set is unhealthy and the secondary resource record set is healthy, Route 53 responds to DNS queries with the applicable value from the secondary resource record set.\n- When the secondary resource record set is unhealthy, Route 53 responds to DNS queries with the applicable value from the primary resource record set regardless of the health of the primary resource record set.\n- If you omit the `HealthCheckId` element for the secondary resource record set, and if the primary resource record set is unhealthy, Route 53 always responds to DNS queries with the applicable value from the secondary resource record set. This is true regardless of the health of the associated endpoint.\n\nYou can't create non-failover resource record sets that have the same values for the `Name` and `Type` elements as failover resource record sets.\n\nFor failover alias resource record sets, you must also include the `EvaluateTargetHealth` element and set the value to true.\n\nFor more information about configuring failover for Route 53, see the following topics in the *Amazon Route 53 Developer Guide* :\n\n- [Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html)\n- [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html)", + "title": "Failover", + "type": "string" + }, + "GeoLocation": { + "$ref": "#/definitions/AWS::Route53::RecordSet.GeoLocation", + "markdownDescription": "*Geolocation resource record sets only:* A complex type that lets you control how Amazon Route 53 responds to DNS queries based on the geographic origin of the query. For example, if you want all queries from Africa to be routed to a web server with an IP address of `192.0.2.111` , create a resource record set with a `Type` of `A` and a `ContinentCode` of `AF` .\n\nIf you create separate resource record sets for overlapping geographic regions (for example, one resource record set for a continent and one for a country on the same continent), priority goes to the smallest geographic region. This allows you to route most queries for a continent to one resource and to route queries for a country on that continent to a different resource.\n\nYou can't create two geolocation resource record sets that specify the same geographic location.\n\nThe value `*` in the `CountryCode` element matches all geographic locations that aren't specified in other geolocation resource record sets that have the same values for the `Name` and `Type` elements.\n\n> Geolocation works by mapping IP addresses to locations. However, some IP addresses aren't mapped to geographic locations, so even if you create geolocation resource record sets that cover all seven continents, Route 53 will receive some DNS queries from locations that it can't identify. We recommend that you create a resource record set for which the value of `CountryCode` is `*` . Two groups of queries are routed to the resource that you specify in this record: queries that come from locations for which you haven't created geolocation resource record sets and queries from IP addresses that aren't mapped to a location. If you don't create a `*` resource record set, Route 53 returns a \"no answer\" response for queries from those locations. \n\nYou can't create non-geolocation resource record sets that have the same values for the `Name` and `Type` elements as geolocation resource record sets.", + "title": "GeoLocation" + }, + "GeoProximityLocation": { + "$ref": "#/definitions/AWS::Route53::RecordSet.GeoProximityLocation", + "markdownDescription": "*GeoproximityLocation resource record sets only:* A complex type that lets you control how Route\u00a053 responds to DNS queries based on the geographic origin of the query and your resources.", + "title": "GeoProximityLocation" + }, + "HealthCheckId": { + "markdownDescription": "If you want Amazon Route 53 to return this resource record set in response to a DNS query only when the status of a health check is healthy, include the `HealthCheckId` element and specify the ID of the applicable health check.\n\nRoute 53 determines whether a resource record set is healthy based on one of the following:\n\n- By periodically sending a request to the endpoint that is specified in the health check\n- By aggregating the status of a specified group of health checks (calculated health checks)\n- By determining the current state of a CloudWatch alarm (CloudWatch metric health checks)\n\n> Route 53 doesn't check the health of the endpoint that is specified in the resource record set, for example, the endpoint specified by the IP address in the `Value` element. When you add a `HealthCheckId` element to a resource record set, Route 53 checks the health of the endpoint that you specified in the health check. \n\nFor more information, see the following topics in the *Amazon Route 53 Developer Guide* :\n\n- [How Amazon Route 53 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html)\n- [Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html)\n- [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html)\n\n*When to Specify HealthCheckId*\n\nSpecifying a value for `HealthCheckId` is useful only when Route 53 is choosing between two or more resource record sets to respond to a DNS query, and you want Route 53 to base the choice in part on the status of a health check. Configuring health checks makes sense only in the following configurations:\n\n- *Non-alias resource record sets* : You're checking the health of a group of non-alias resource record sets that have the same routing policy, name, and type (such as multiple weighted records named www.example.com with a type of A) and you specify health check IDs for all the resource record sets.\n\nIf the health check status for a resource record set is healthy, Route 53 includes the record among the records that it responds to DNS queries with.\n\nIf the health check status for a resource record set is unhealthy, Route 53 stops responding to DNS queries using the value for that resource record set.\n\nIf the health check status for all resource record sets in the group is unhealthy, Route 53 considers all resource record sets in the group healthy and responds to DNS queries accordingly.\n- *Alias resource record sets* : You specify the following settings:\n\n- You set `EvaluateTargetHealth` to true for an alias resource record set in a group of resource record sets that have the same routing policy, name, and type (such as multiple weighted records named www.example.com with a type of A).\n- You configure the alias resource record set to route traffic to a non-alias resource record set in the same hosted zone.\n- You specify a health check ID for the non-alias resource record set.\n\nIf the health check status is healthy, Route 53 considers the alias resource record set to be healthy and includes the alias record among the records that it responds to DNS queries with.\n\nIf the health check status is unhealthy, Route 53 stops responding to DNS queries using the alias resource record set.\n\n> The alias resource record set can also route traffic to a *group* of non-alias resource record sets that have the same routing policy, name, and type. In that configuration, associate health checks with all of the resource record sets in the group of non-alias resource record sets.\n\n*Geolocation Routing*\n\nFor geolocation resource record sets, if an endpoint is unhealthy, Route 53 looks for a resource record set for the larger, associated geographic region. For example, suppose you have resource record sets for a state in the United States, for the entire United States, for North America, and a resource record set that has `*` for `CountryCode` is `*` , which applies to all locations. If the endpoint for the state resource record set is unhealthy, Route 53 checks for healthy resource record sets in the following order until it finds a resource record set for which the endpoint is healthy:\n\n- The United States\n- North America\n- The default resource record set\n\n*Specifying the Health Check Endpoint by Domain Name*\n\nIf your health checks specify the endpoint only by domain name, we recommend that you create a separate health check for each endpoint. For example, create a health check for each `HTTP` server that is serving content for `www.example.com` . For the value of `FullyQualifiedDomainName` , specify the domain name of the server (such as `us-east-2-www.example.com` ), not the name of the resource record sets ( `www.example.com` ).\n\n> Health check results will be unpredictable if you do the following:\n> \n> - Create a health check that has the same value for `FullyQualifiedDomainName` as the name of a resource record set.\n> - Associate that health check with the resource record set.", + "title": "HealthCheckId", + "type": "string" + }, + "HostedZoneId": { + "markdownDescription": "The ID of the hosted zone that you want to create records in.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", + "title": "HostedZoneId", + "type": "string" + }, + "HostedZoneName": { + "markdownDescription": "The name of the hosted zone that you want to create records in. You must include a trailing dot (for example, `www.example.com.` ) as part of the `HostedZoneName` .\n\nWhen you create a stack using an AWS::Route53::RecordSet that specifies `HostedZoneName` , AWS CloudFormation attempts to find a hosted zone whose name matches the HostedZoneName. If AWS CloudFormation cannot find a hosted zone with a matching domain name, or if there is more than one hosted zone with the specified domain name, AWS CloudFormation will not create the stack.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", + "title": "HostedZoneName", + "type": "string" + }, + "MultiValueAnswer": { + "markdownDescription": "*Multivalue answer resource record sets only* : To route traffic approximately randomly to multiple resources, such as web servers, create one multivalue answer record for each resource and specify `true` for `MultiValueAnswer` . Note the following:\n\n- If you associate a health check with a multivalue answer resource record set, Amazon Route 53 responds to DNS queries with the corresponding IP address only when the health check is healthy.\n- If you don't associate a health check with a multivalue answer record, Route 53 always considers the record to be healthy.\n- Route 53 responds to DNS queries with up to eight healthy records; if you have eight or fewer healthy records, Route 53 responds to all DNS queries with all the healthy records.\n- If you have more than eight healthy records, Route 53 responds to different DNS resolvers with different combinations of healthy records.\n- When all records are unhealthy, Route 53 responds to DNS queries with up to eight unhealthy records.\n- If a resource becomes unavailable after a resolver caches a response, client software typically tries another of the IP addresses in the response.\n\nYou can't create multivalue answer alias records.", + "title": "MultiValueAnswer", + "type": "boolean" + }, + "Name": { + "markdownDescription": "For `ChangeResourceRecordSets` requests, the name of the record that you want to create, update, or delete. For `ListResourceRecordSets` responses, the name of a record in the specified hosted zone.\n\n*ChangeResourceRecordSets Only*\n\nEnter a fully qualified domain name, for example, `www.example.com` . You can optionally include a trailing dot. If you omit the trailing dot, Amazon Route 53 assumes that the domain name that you specify is fully qualified. This means that Route 53 treats `www.example.com` (without a trailing dot) and `www.example.com.` (with a trailing dot) as identical.\n\nFor information about how to specify characters other than `a-z` , `0-9` , and `-` (hyphen) and how to specify internationalized domain names, see [DNS Domain Name Format](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/DomainNameFormat.html) in the *Amazon Route 53 Developer Guide* .\n\nYou can use the asterisk (*) wildcard to replace the leftmost label in a domain name, for example, `*.example.com` . Note the following:\n\n- The * must replace the entire label. For example, you can't specify `*prod.example.com` or `prod*.example.com` .\n- The * can't replace any of the middle labels, for example, marketing.*.example.com.\n- If you include * in any position other than the leftmost label in a domain name, DNS treats it as an * character (ASCII 42), not as a wildcard.\n\n> You can't use the * wildcard for resource records sets that have a type of NS.", + "title": "Name", + "type": "string" + }, + "Region": { + "markdownDescription": "*Latency-based resource record sets only:* The Amazon EC2 Region where you created the resource that this resource record set refers to. The resource typically is an AWS resource, such as an EC2 instance or an ELB load balancer, and is referred to by an IP address or a DNS domain name, depending on the record type.\n\nWhen Amazon Route 53 receives a DNS query for a domain name and type for which you have created latency resource record sets, Route 53 selects the latency resource record set that has the lowest latency between the end user and the associated Amazon EC2 Region. Route 53 then returns the value that is associated with the selected resource record set.\n\nNote the following:\n\n- You can only specify one `ResourceRecord` per latency resource record set.\n- You can only create one latency resource record set for each Amazon EC2 Region.\n- You aren't required to create latency resource record sets for all Amazon EC2 Regions. Route 53 will choose the region with the best latency from among the regions that you create latency resource record sets for.\n- You can't create non-latency resource record sets that have the same values for the `Name` and `Type` elements as latency resource record sets.", + "title": "Region", + "type": "string" + }, + "ResourceRecords": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more values that correspond with the value that you specified for the `Type` property. For example, if you specified `A` for `Type` , you specify one or more IP addresses in IPv4 format for `ResourceRecords` . For information about the format of values for each record type, see [Supported DNS Resource Record Types](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ResourceRecordTypes.html) in the *Amazon Route 53 Developer Guide* .\n\nNote the following:\n\n- You can specify more than one value for all record types except CNAME and SOA.\n- The maximum length of a value is 4000 characters.\n- If you're creating an alias record, omit `ResourceRecords` .", + "title": "ResourceRecords", + "type": "array" + }, + "SetIdentifier": { + "markdownDescription": "*Resource record sets that have a routing policy other than simple:* An identifier that differentiates among multiple resource record sets that have the same combination of name and type, such as multiple weighted resource record sets named acme.example.com that have a type of A. In a group of resource record sets that have the same name and type, the value of `SetIdentifier` must be unique for each resource record set.\n\nFor information about routing policies, see [Choosing a Routing Policy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html) in the *Amazon Route 53 Developer Guide* .", + "title": "SetIdentifier", + "type": "string" + }, + "TTL": { + "markdownDescription": "The resource record cache time to live (TTL), in seconds. Note the following:\n\n- If you're creating or updating an alias resource record set, omit `TTL` . Amazon Route 53 uses the value of `TTL` for the alias target.\n- If you're associating this resource record set with a health check (if you're adding a `HealthCheckId` element), we recommend that you specify a `TTL` of 60 seconds or less so clients respond quickly to changes in health status.\n- All of the resource record sets in a group of weighted resource record sets must have the same value for `TTL` .\n- If a group of weighted resource record sets includes one or more weighted alias resource record sets for which the alias target is an ELB load balancer, we recommend that you specify a `TTL` of 60 seconds for all of the non-alias weighted resource record sets that have the same name and type. Values other than 60 seconds (the TTL for load balancers) will change the effect of the values that you specify for `Weight` .", + "title": "TTL", + "type": "string" + }, + "Type": { + "markdownDescription": "The DNS record type. For information about different record types and how data is encoded for them, see [Supported DNS Resource Record Types](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ResourceRecordTypes.html) in the *Amazon Route 53 Developer Guide* .\n\nValid values for basic resource record sets: `A` | `AAAA` | `CAA` | `CNAME` | `DS` | `MX` | `NAPTR` | `NS` | `PTR` | `SOA` | `SPF` | `SRV` | `TXT` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS`\n\nValues for weighted, latency, geolocation, and failover resource record sets: `A` | `AAAA` | `CAA` | `CNAME` | `MX` | `NAPTR` | `PTR` | `SPF` | `SRV` | `TXT` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS` . When creating a group of weighted, latency, geolocation, or failover resource record sets, specify the same value for all of the resource record sets in the group.\n\nValid values for multivalue answer resource record sets: `A` | `AAAA` | `MX` | `NAPTR` | `PTR` | `SPF` | `SRV` | `TXT` | `CAA` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS`\n\n> SPF records were formerly used to verify the identity of the sender of email messages. However, we no longer recommend that you create resource record sets for which the value of `Type` is `SPF` . RFC 7208, *Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1* , has been updated to say, \"...[I]ts existence and mechanism defined in [RFC4408] have led to some interoperability issues. Accordingly, its use is no longer appropriate for SPF version 1; implementations are not to use it.\" In RFC 7208, see section 14.1, [The SPF DNS Record Type](https://docs.aws.amazon.com/http://tools.ietf.org/html/rfc7208#section-14.1) . \n\nValues for alias resource record sets:\n\n- *Amazon API Gateway custom regional APIs and edge-optimized APIs:* `A`\n- *CloudFront distributions:* `A`\n\nIf IPv6 is enabled for the distribution, create two resource record sets to route traffic to your distribution, one with a value of `A` and one with a value of `AAAA` .\n- *Amazon API Gateway environment that has a regionalized subdomain* : `A`\n- *ELB load balancers:* `A` | `AAAA`\n- *Amazon S3 buckets:* `A`\n- *Amazon Virtual Private Cloud interface VPC endpoints* `A`\n- *Another resource record set in this hosted zone:* Specify the type of the resource record set that you're creating the alias for. All values are supported except `NS` and `SOA` .\n\n> If you're creating an alias record that has the same name as the hosted zone (known as the zone apex), you can't route traffic to a record for which the value of `Type` is `CNAME` . This is because the alias record must have the same type as the record you're routing traffic to, and creating a CNAME record for the zone apex isn't supported even for an alias record.", + "title": "Type", + "type": "string" + }, + "Weight": { + "markdownDescription": "*Weighted resource record sets only:* Among resource record sets that have the same combination of DNS name and type, a value that determines the proportion of DNS queries that Amazon Route 53 responds to using the current resource record set. Route 53 calculates the sum of the weights for the resource record sets that have the same combination of DNS name and type. Route 53 then responds to queries based on the ratio of a resource's weight to the total. Note the following:\n\n- You must specify a value for the `Weight` element for every weighted resource record set.\n- You can only specify one `ResourceRecord` per weighted resource record set.\n- You can't create latency, failover, or geolocation resource record sets that have the same values for the `Name` and `Type` elements as weighted resource record sets.\n- You can create a maximum of 100 weighted resource record sets that have the same values for the `Name` and `Type` elements.\n- For weighted (but not weighted alias) resource record sets, if you set `Weight` to `0` for a resource record set, Route 53 never responds to queries with the applicable value for that resource record set. However, if you set `Weight` to `0` for all resource record sets that have the same combination of DNS name and type, traffic is routed to all resources with equal probability.\n\nThe effect of setting `Weight` to `0` is different when you associate health checks with weighted resource record sets. For more information, see [Options for Configuring Route 53 Active-Active and Active-Passive Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-configuring-options.html) in the *Amazon Route 53 Developer Guide* .", + "title": "Weight", + "type": "number" + } + }, + "required": [ + "Name", + "Type" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53::RecordSet" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Route53::RecordSet.AliasTarget": { + "additionalProperties": false, + "properties": { + "DNSName": { + "markdownDescription": "*Alias records only:* The value that you specify depends on where you want to route queries:\n\n- **Amazon API Gateway custom regional APIs and edge-optimized APIs** - Specify the applicable domain name for your API. You can get the applicable value using the AWS CLI command [get-domain-names](https://docs.aws.amazon.com/cli/latest/reference/apigateway/get-domain-names.html) :\n\n- For regional APIs, specify the value of `regionalDomainName` .\n- For edge-optimized APIs, specify the value of `distributionDomainName` . This is the name of the associated CloudFront distribution, such as `da1b2c3d4e5.cloudfront.net` .\n\n> The name of the record that you're creating must match a custom domain name for your API, such as `api.example.com` .\n- **Amazon Virtual Private Cloud interface VPC endpoint** - Enter the API endpoint for the interface endpoint, such as `vpce-123456789abcdef01-example-us-east-1a.elasticloadbalancing.us-east-1.vpce.amazonaws.com` . For edge-optimized APIs, this is the domain name for the corresponding CloudFront distribution. You can get the value of `DnsName` using the AWS CLI command [describe-vpc-endpoints](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-vpc-endpoints.html) .\n- **CloudFront distribution** - Specify the domain name that CloudFront assigned when you created your distribution.\n\nYour CloudFront distribution must include an alternate domain name that matches the name of the record. For example, if the name of the record is *acme.example.com* , your CloudFront distribution must include *acme.example.com* as one of the alternate domain names. For more information, see [Using Alternate Domain Names (CNAMEs)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/CNAMEs.html) in the *Amazon CloudFront Developer Guide* .\n\nYou can't create a record in a private hosted zone to route traffic to a CloudFront distribution.\n\n> For failover alias records, you can't specify a CloudFront distribution for both the primary and secondary records. A distribution must include an alternate domain name that matches the name of the record. However, the primary and secondary records have the same name, and you can't include the same alternate domain name in more than one distribution.\n- **Elastic Beanstalk environment** - If the domain name for your Elastic Beanstalk environment includes the region that you deployed the environment in, you can create an alias record that routes traffic to the environment. For example, the domain name `my-environment. *us-west-2* .elasticbeanstalk.com` is a regionalized domain name.\n\n> For environments that were created before early 2016, the domain name doesn't include the region. To route traffic to these environments, you must create a CNAME record instead of an alias record. Note that you can't create a CNAME record for the root domain name. For example, if your domain name is example.com, you can create a record that routes traffic for acme.example.com to your Elastic Beanstalk environment, but you can't create a record that routes traffic for example.com to your Elastic Beanstalk environment. \n\nFor Elastic Beanstalk environments that have regionalized subdomains, specify the `CNAME` attribute for the environment. You can use the following methods to get the value of the CNAME attribute:\n\n- *AWS Management Console* : For information about how to get the value by using the console, see [Using Custom Domains with AWS Elastic Beanstalk](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/customdomains.html) in the *AWS Elastic Beanstalk Developer Guide* .\n- *Elastic Beanstalk API* : Use the `DescribeEnvironments` action to get the value of the `CNAME` attribute. For more information, see [DescribeEnvironments](https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DescribeEnvironments.html) in the *AWS Elastic Beanstalk API Reference* .\n- *AWS CLI* : Use the `describe-environments` command to get the value of the `CNAME` attribute. For more information, see [describe-environments](https://docs.aws.amazon.com/cli/latest/reference/elasticbeanstalk/describe-environments.html) in the *AWS CLI* .\n- **ELB load balancer** - Specify the DNS name that is associated with the load balancer. Get the DNS name by using the AWS Management Console , the ELB API, or the AWS CLI .\n\n- *AWS Management Console* : Go to the EC2 page, choose *Load Balancers* in the navigation pane, choose the load balancer, choose the *Description* tab, and get the value of the *DNS name* field.\n\nIf you're routing traffic to a Classic Load Balancer, get the value that begins with *dualstack* . If you're routing traffic to another type of load balancer, get the value that applies to the record type, A or AAAA.\n- *Elastic Load Balancing API* : Use `DescribeLoadBalancers` to get the value of `DNSName` . For more information, see the applicable guide:\n\n- Classic Load Balancers: [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DescribeLoadBalancers.html)\n- Application and Network Load Balancers: [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html)\n- *CloudFormation Fn::GetAtt intrinsic function* : Use the [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-getatt.html) intrinsic function to get the value of `DNSName` :\n\n- [Classic Load Balancers](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html#aws-properties-ec2-elb-return-values) .\n- [Application and Network Load Balancers](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#aws-resource-elasticloadbalancingv2-loadbalancer-return-values) .\n- *AWS CLI* : Use `describe-load-balancers` to get the value of `DNSName` . For more information, see the applicable guide:\n\n- Classic Load Balancers: [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elb/describe-load-balancers.html)\n- Application and Network Load Balancers: [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elbv2/describe-load-balancers.html)\n- **Global Accelerator accelerator** - Specify the DNS name for your accelerator:\n\n- *Global Accelerator API* : To get the DNS name, use [DescribeAccelerator](https://docs.aws.amazon.com/global-accelerator/latest/api/API_DescribeAccelerator.html) .\n- *AWS CLI* : To get the DNS name, use [describe-accelerator](https://docs.aws.amazon.com/cli/latest/reference/globalaccelerator/describe-accelerator.html) .\n- **Amazon S3 bucket that is configured as a static website** - Specify the domain name of the Amazon S3 website endpoint that you created the bucket in, for example, `s3-website.us-east-2.amazonaws.com` . For more information about valid values, see the table [Amazon S3 Website Endpoints](https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_website_region_endpoints) in the *Amazon Web Services General Reference* . For more information about using S3 buckets for websites, see [Getting Started with Amazon Route 53](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/getting-started.html) in the *Amazon Route 53 Developer Guide.*\n- **Another Route 53 record** - Specify the value of the `Name` element for a record in the current hosted zone.\n\n> If you're creating an alias record that has the same name as the hosted zone (known as the zone apex), you can't specify the domain name for a record for which the value of `Type` is `CNAME` . This is because the alias record must have the same type as the record that you're routing traffic to, and creating a CNAME record for the zone apex isn't supported even for an alias record.", + "title": "DNSName", + "type": "string" + }, + "EvaluateTargetHealth": { + "markdownDescription": "*Applies only to alias, failover alias, geolocation alias, latency alias, and weighted alias resource record sets:* When `EvaluateTargetHealth` is `true` , an alias resource record set inherits the health of the referenced AWS resource, such as an ELB load balancer or another resource record set in the hosted zone.\n\nNote the following:\n\n- **CloudFront distributions** - You can't set `EvaluateTargetHealth` to `true` when the alias target is a CloudFront distribution.\n- **Elastic Beanstalk environments that have regionalized subdomains** - If you specify an Elastic Beanstalk environment in `DNSName` and the environment contains an ELB load balancer, Elastic Load Balancing routes queries only to the healthy Amazon EC2 instances that are registered with the load balancer. (An environment automatically contains an ELB load balancer if it includes more than one Amazon EC2 instance.) If you set `EvaluateTargetHealth` to `true` and either no Amazon EC2 instances are healthy or the load balancer itself is unhealthy, Route 53 routes queries to other available resources that are healthy, if any.\n\nIf the environment contains a single Amazon EC2 instance, there are no special requirements.\n- **ELB load balancers** - Health checking behavior depends on the type of load balancer:\n\n- *Classic Load Balancers* : If you specify an ELB Classic Load Balancer in `DNSName` , Elastic Load Balancing routes queries only to the healthy Amazon EC2 instances that are registered with the load balancer. If you set `EvaluateTargetHealth` to `true` and either no EC2 instances are healthy or the load balancer itself is unhealthy, Route 53 routes queries to other resources.\n- *Application and Network Load Balancers* : If you specify an ELB Application or Network Load Balancer and you set `EvaluateTargetHealth` to `true` , Route 53 routes queries to the load balancer based on the health of the target groups that are associated with the load balancer:\n\n- For an Application or Network Load Balancer to be considered healthy, every target group that contains targets must contain at least one healthy target. If any target group contains only unhealthy targets, the load balancer is considered unhealthy, and Route 53 routes queries to other resources.\n- A target group that has no registered targets is considered unhealthy.\n\n> When you create a load balancer, you configure settings for Elastic Load Balancing health checks; they're not Route 53 health checks, but they perform a similar function. Do not create Route 53 health checks for the EC2 instances that you register with an ELB load balancer.\n- **S3 buckets** - There are no special requirements for setting `EvaluateTargetHealth` to `true` when the alias target is an S3 bucket.\n- **Other records in the same hosted zone** - If the AWS resource that you specify in `DNSName` is a record or a group of records (for example, a group of weighted records) but is not another alias record, we recommend that you associate a health check with all of the records in the alias target. For more information, see [What Happens When You Omit Health Checks?](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-complex-configs.html#dns-failover-complex-configs-hc-omitting) in the *Amazon Route 53 Developer Guide* .\n\nFor more information and examples, see [Amazon Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html) in the *Amazon Route 53 Developer Guide* .", + "title": "EvaluateTargetHealth", + "type": "boolean" + }, + "HostedZoneId": { + "markdownDescription": "*Alias resource records sets only* : The value used depends on where you want to route traffic:\n\n- **Amazon API Gateway custom regional APIs and edge-optimized APIs** - Specify the hosted zone ID for your API. You can get the applicable value using the AWS CLI command [get-domain-names](https://docs.aws.amazon.com/cli/latest/reference/apigateway/get-domain-names.html) :\n\n- For regional APIs, specify the value of `regionalHostedZoneId` .\n- For edge-optimized APIs, specify the value of `distributionHostedZoneId` .\n- **Amazon Virtual Private Cloud interface VPC endpoint** - Specify the hosted zone ID for your interface endpoint. You can get the value of `HostedZoneId` using the AWS CLI command [describe-vpc-endpoints](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-vpc-endpoints.html) .\n- **CloudFront distribution** - Specify `Z2FDTNDATAQYW2` . This is always the hosted zone ID when you create an alias record that routes traffic to a CloudFront distribution.\n\n> Alias records for CloudFront can't be created in a private zone.\n- **Elastic Beanstalk environment** - Specify the hosted zone ID for the region that you created the environment in. The environment must have a regionalized subdomain. For a list of regions and the corresponding hosted zone IDs, see [AWS Elastic Beanstalk endpoints and quotas](https://docs.aws.amazon.com/general/latest/gr/elasticbeanstalk.html) in the *Amazon Web Services General Reference* .\n- **ELB load balancer** - Specify the value of the hosted zone ID for the load balancer. Use the following methods to get the hosted zone ID:\n\n- [Service Endpoints](https://docs.aws.amazon.com/general/latest/gr/elb.html) table in the \"Elastic Load Balancing Endpoints and Quotas\" topic in the *Amazon Web Services General Reference* : Use the value that corresponds with the region that you created your load balancer in. Note that there are separate columns for Application and Classic Load Balancers and for Network Load Balancers.\n- *AWS Management Console* : Go to the Amazon EC2 page, choose *Load Balancers* in the navigation pane, select the load balancer, and get the value of the *Hosted zone* field on the *Description* tab.\n- *Elastic Load Balancing API* : Use `DescribeLoadBalancers` to get the applicable value. For more information, see the applicable guide:\n\n- Classic Load Balancers: Use [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DescribeLoadBalancers.html) to get the value of `CanonicalHostedZoneNameID` .\n- Application and Network Load Balancers: Use [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html) to get the value of `CanonicalHostedZoneID` .\n- *CloudFormation Fn::GetAtt intrinsic function* : Use the [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-getatt.html) intrinsic function to get the applicable value:\n\n- Classic Load Balancers: Get [CanonicalHostedZoneNameID](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html#aws-properties-ec2-elb-return-values) .\n- Application and Network Load Balancers: Get [CanonicalHostedZoneID](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#aws-resource-elasticloadbalancingv2-loadbalancer-return-values) .\n- *AWS CLI* : Use `describe-load-balancers` to get the applicable value. For more information, see the applicable guide:\n\n- Classic Load Balancers: Use [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elb/describe-load-balancers.html) to get the value of `CanonicalHostedZoneNameID` .\n- Application and Network Load Balancers: Use [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elbv2/describe-load-balancers.html) to get the value of `CanonicalHostedZoneID` .\n- **Global Accelerator accelerator** - Specify `Z2BJ6XQ5FK7U4H` .\n- **An Amazon S3 bucket configured as a static website** - Specify the hosted zone ID for the region that you created the bucket in. For more information about valid values, see the table [Amazon S3 Website Endpoints](https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_website_region_endpoints) in the *Amazon Web Services General Reference* .\n- **Another Route 53 record in your hosted zone** - Specify the hosted zone ID of your hosted zone. (An alias record can't reference a record in a different hosted zone.)", + "title": "HostedZoneId", + "type": "string" + } + }, + "required": [ + "DNSName", + "HostedZoneId" + ], + "type": "object" + }, + "AWS::Route53::RecordSet.CidrRoutingConfig": { + "additionalProperties": false, + "properties": { + "CollectionId": { + "markdownDescription": "The CIDR collection ID.", + "title": "CollectionId", + "type": "string" + }, + "LocationName": { + "markdownDescription": "The CIDR collection location name.", + "title": "LocationName", + "type": "string" + } + }, + "required": [ + "CollectionId", + "LocationName" + ], + "type": "object" + }, + "AWS::Route53::RecordSet.Coordinates": { + "additionalProperties": false, + "properties": { + "Latitude": { + "markdownDescription": "Specifies a coordinate of the north\u2013south position of a geographic point on the surface of the Earth (-90 - 90).", + "title": "Latitude", + "type": "string" + }, + "Longitude": { + "markdownDescription": "Specifies a coordinate of the east\u2013west position of a geographic point on the surface of the Earth (-180 - 180).", + "title": "Longitude", + "type": "string" + } + }, + "required": [ + "Latitude", + "Longitude" + ], + "type": "object" + }, + "AWS::Route53::RecordSet.GeoLocation": { + "additionalProperties": false, + "properties": { + "ContinentCode": { + "markdownDescription": "For geolocation resource record sets, a two-letter abbreviation that identifies a continent. Route 53 supports the following continent codes:\n\n- *AF* : Africa\n- *AN* : Antarctica\n- *AS* : Asia\n- *EU* : Europe\n- *OC* : Oceania\n- *NA* : North America\n- *SA* : South America\n\nConstraint: Specifying `ContinentCode` with either `CountryCode` or `SubdivisionCode` returns an `InvalidInput` error.", + "title": "ContinentCode", + "type": "string" + }, + "CountryCode": { + "markdownDescription": "For geolocation resource record sets, the two-letter code for a country.\n\nRoute 53 uses the two-letter country codes that are specified in [ISO standard 3166-1 alpha-2](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2) .", + "title": "CountryCode", + "type": "string" + }, + "SubdivisionCode": { + "markdownDescription": "For geolocation resource record sets, the two-letter code for a state of the United States. Route 53 doesn't support any other values for `SubdivisionCode` . For a list of state abbreviations, see [Appendix B: Two\u2013Letter State and Possession Abbreviations](https://docs.aws.amazon.com/https://pe.usps.com/text/pub28/28apb.htm) on the United States Postal Service website.\n\nIf you specify `subdivisioncode` , you must also specify `US` for `CountryCode` .", + "title": "SubdivisionCode", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Route53::RecordSet.GeoProximityLocation": { + "additionalProperties": false, + "properties": { + "AWSRegion": { + "markdownDescription": "The AWS Region the resource you are directing DNS traffic to, is in.", + "title": "AWSRegion", + "type": "string" + }, + "Bias": { + "markdownDescription": "The bias increases or decreases the size of the geographic region from which Route\u00a053 routes traffic to a resource.\n\nTo use `Bias` to change the size of the geographic region, specify the applicable value for the bias:\n\n- To expand the size of the geographic region from which Route\u00a053 routes traffic to a resource, specify a positive integer from 1 to 99 for the bias. Route\u00a053 shrinks the size of adjacent regions.\n- To shrink the size of the geographic region from which Route\u00a053 routes traffic to a resource, specify a negative bias of -1 to -99. Route\u00a053 expands the size of adjacent regions.", + "title": "Bias", + "type": "number" + }, + "Coordinates": { + "$ref": "#/definitions/AWS::Route53::RecordSet.Coordinates", + "markdownDescription": "Contains the longitude and latitude for a geographic region.", + "title": "Coordinates" + }, + "LocalZoneGroup": { + "markdownDescription": "Specifies an AWS Local Zone Group.\n\nA local Zone Group is usually the Local Zone code without the ending character. For example, if the Local Zone is `us-east-1-bue-1a` the Local Zone Group is `us-east-1-bue-1` .\n\nYou can identify the Local Zones Group for a specific Local Zone by using the [describe-availability-zones](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-availability-zones.html) CLI command:\n\nThis command returns: `\"GroupName\": \"us-west-2-den-1\"` , specifying that the Local Zone `us-west-2-den-1a` belongs to the Local Zone Group `us-west-2-den-1` .", + "title": "LocalZoneGroup", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Route53::RecordSetGroup": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Comment": { + "markdownDescription": "*Optional:* Any comments you want to include about a change batch request.", + "title": "Comment", + "type": "string" + }, + "HostedZoneId": { + "markdownDescription": "The ID of the hosted zone that you want to create records in.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", + "title": "HostedZoneId", + "type": "string" + }, + "HostedZoneName": { + "markdownDescription": "The name of the hosted zone that you want to create records in. You must include a trailing dot (for example, `www.example.com.` ) as part of the `HostedZoneName` .\n\nWhen you create a stack using an `AWS::Route53::RecordSet` that specifies `HostedZoneName` , AWS CloudFormation attempts to find a hosted zone whose name matches the `HostedZoneName` . If AWS CloudFormation can't find a hosted zone with a matching domain name, or if there is more than one hosted zone with the specified domain name, AWS CloudFormation will not create the stack.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", + "title": "HostedZoneName", + "type": "string" + }, + "RecordSets": { + "items": { + "$ref": "#/definitions/AWS::Route53::RecordSetGroup.RecordSet" + }, + "markdownDescription": "A complex type that contains one `RecordSet` element for each record that you want to create.", + "title": "RecordSets", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53::RecordSetGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Route53::RecordSetGroup.AliasTarget": { + "additionalProperties": false, + "properties": { + "DNSName": { + "markdownDescription": "*Alias records only:* The value that you specify depends on where you want to route queries:\n\n- **Amazon API Gateway custom regional APIs and edge-optimized APIs** - Specify the applicable domain name for your API. You can get the applicable value using the AWS CLI command [get-domain-names](https://docs.aws.amazon.com/cli/latest/reference/apigateway/get-domain-names.html) :\n\n- For regional APIs, specify the value of `regionalDomainName` .\n- For edge-optimized APIs, specify the value of `distributionDomainName` . This is the name of the associated CloudFront distribution, such as `da1b2c3d4e5.cloudfront.net` .\n\n> The name of the record that you're creating must match a custom domain name for your API, such as `api.example.com` .\n- **Amazon Virtual Private Cloud interface VPC endpoint** - Enter the API endpoint for the interface endpoint, such as `vpce-123456789abcdef01-example-us-east-1a.elasticloadbalancing.us-east-1.vpce.amazonaws.com` . For edge-optimized APIs, this is the domain name for the corresponding CloudFront distribution. You can get the value of `DnsName` using the AWS CLI command [describe-vpc-endpoints](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-vpc-endpoints.html) .\n- **CloudFront distribution** - Specify the domain name that CloudFront assigned when you created your distribution.\n\nYour CloudFront distribution must include an alternate domain name that matches the name of the record. For example, if the name of the record is *acme.example.com* , your CloudFront distribution must include *acme.example.com* as one of the alternate domain names. For more information, see [Using Alternate Domain Names (CNAMEs)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/CNAMEs.html) in the *Amazon CloudFront Developer Guide* .\n\nYou can't create a record in a private hosted zone to route traffic to a CloudFront distribution.\n\n> For failover alias records, you can't specify a CloudFront distribution for both the primary and secondary records. A distribution must include an alternate domain name that matches the name of the record. However, the primary and secondary records have the same name, and you can't include the same alternate domain name in more than one distribution.\n- **Elastic Beanstalk environment** - If the domain name for your Elastic Beanstalk environment includes the region that you deployed the environment in, you can create an alias record that routes traffic to the environment. For example, the domain name `my-environment. *us-west-2* .elasticbeanstalk.com` is a regionalized domain name.\n\n> For environments that were created before early 2016, the domain name doesn't include the region. To route traffic to these environments, you must create a CNAME record instead of an alias record. Note that you can't create a CNAME record for the root domain name. For example, if your domain name is example.com, you can create a record that routes traffic for acme.example.com to your Elastic Beanstalk environment, but you can't create a record that routes traffic for example.com to your Elastic Beanstalk environment. \n\nFor Elastic Beanstalk environments that have regionalized subdomains, specify the `CNAME` attribute for the environment. You can use the following methods to get the value of the CNAME attribute:\n\n- *AWS Management Console* : For information about how to get the value by using the console, see [Using Custom Domains with AWS Elastic Beanstalk](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/customdomains.html) in the *AWS Elastic Beanstalk Developer Guide* .\n- *Elastic Beanstalk API* : Use the `DescribeEnvironments` action to get the value of the `CNAME` attribute. For more information, see [DescribeEnvironments](https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DescribeEnvironments.html) in the *AWS Elastic Beanstalk API Reference* .\n- *AWS CLI* : Use the `describe-environments` command to get the value of the `CNAME` attribute. For more information, see [describe-environments](https://docs.aws.amazon.com/cli/latest/reference/elasticbeanstalk/describe-environments.html) in the *AWS CLI* .\n- **ELB load balancer** - Specify the DNS name that is associated with the load balancer. Get the DNS name by using the AWS Management Console , the ELB API, or the AWS CLI .\n\n- *AWS Management Console* : Go to the EC2 page, choose *Load Balancers* in the navigation pane, choose the load balancer, choose the *Description* tab, and get the value of the *DNS name* field.\n\nIf you're routing traffic to a Classic Load Balancer, get the value that begins with *dualstack* . If you're routing traffic to another type of load balancer, get the value that applies to the record type, A or AAAA.\n- *Elastic Load Balancing API* : Use `DescribeLoadBalancers` to get the value of `DNSName` . For more information, see the applicable guide:\n\n- Classic Load Balancers: [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DescribeLoadBalancers.html)\n- Application and Network Load Balancers: [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html)\n- *CloudFormation Fn::GetAtt intrinsic function* : Use the [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-getatt.html) intrinsic function to get the value of `DNSName` :\n\n- [Classic Load Balancers](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html#aws-properties-ec2-elb-return-values) .\n- [Application and Network Load Balancers](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#aws-resource-elasticloadbalancingv2-loadbalancer-return-values) .\n- *AWS CLI* : Use `describe-load-balancers` to get the value of `DNSName` . For more information, see the applicable guide:\n\n- Classic Load Balancers: [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elb/describe-load-balancers.html)\n- Application and Network Load Balancers: [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elbv2/describe-load-balancers.html)\n- **Global Accelerator accelerator** - Specify the DNS name for your accelerator:\n\n- *Global Accelerator API* : To get the DNS name, use [DescribeAccelerator](https://docs.aws.amazon.com/global-accelerator/latest/api/API_DescribeAccelerator.html) .\n- *AWS CLI* : To get the DNS name, use [describe-accelerator](https://docs.aws.amazon.com/cli/latest/reference/globalaccelerator/describe-accelerator.html) .\n- **Amazon S3 bucket that is configured as a static website** - Specify the domain name of the Amazon S3 website endpoint that you created the bucket in, for example, `s3-website.us-east-2.amazonaws.com` . For more information about valid values, see the table [Amazon S3 Website Endpoints](https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_website_region_endpoints) in the *Amazon Web Services General Reference* . For more information about using S3 buckets for websites, see [Getting Started with Amazon Route 53](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/getting-started.html) in the *Amazon Route 53 Developer Guide.*\n- **Another Route 53 record** - Specify the value of the `Name` element for a record in the current hosted zone.\n\n> If you're creating an alias record that has the same name as the hosted zone (known as the zone apex), you can't specify the domain name for a record for which the value of `Type` is `CNAME` . This is because the alias record must have the same type as the record that you're routing traffic to, and creating a CNAME record for the zone apex isn't supported even for an alias record.", + "title": "DNSName", + "type": "string" + }, + "EvaluateTargetHealth": { + "markdownDescription": "*Applies only to alias records with any routing policy:* When `EvaluateTargetHealth` is `true` , an alias record inherits the health of the referenced AWS resource, such as an ELB load balancer or another record in the hosted zone.\n\nNote the following:\n\n- **CloudFront distributions** - You can't set `EvaluateTargetHealth` to `true` when the alias target is a CloudFront distribution.\n- **Elastic Beanstalk environments that have regionalized subdomains** - If you specify an Elastic Beanstalk environment in `DNSName` and the environment contains an ELB load balancer, Elastic Load Balancing routes queries only to the healthy Amazon EC2 instances that are registered with the load balancer. (An environment automatically contains an ELB load balancer if it includes more than one Amazon EC2 instance.) If you set `EvaluateTargetHealth` to `true` and either no Amazon EC2 instances are healthy or the load balancer itself is unhealthy, Route 53 routes queries to other available resources that are healthy, if any.\n\nIf the environment contains a single Amazon EC2 instance, there are no special requirements.\n- **ELB load balancers** - Health checking behavior depends on the type of load balancer:\n\n- *Classic Load Balancers* : If you specify an ELB Classic Load Balancer in `DNSName` , Elastic Load Balancing routes queries only to the healthy Amazon EC2 instances that are registered with the load balancer. If you set `EvaluateTargetHealth` to `true` and either no EC2 instances are healthy or the load balancer itself is unhealthy, Route 53 routes queries to other resources.\n- *Application and Network Load Balancers* : If you specify an ELB Application or Network Load Balancer and you set `EvaluateTargetHealth` to `true` , Route 53 routes queries to the load balancer based on the health of the target groups that are associated with the load balancer:\n\n- For an Application or Network Load Balancer to be considered healthy, every target group that contains targets must contain at least one healthy target. If any target group contains only unhealthy targets, the load balancer is considered unhealthy, and Route 53 routes queries to other resources.\n- A target group that has no registered targets is considered unhealthy.\n\n> When you create a load balancer, you configure settings for Elastic Load Balancing health checks; they're not Route 53 health checks, but they perform a similar function. Do not create Route 53 health checks for the EC2 instances that you register with an ELB load balancer.\n- **S3 buckets** - There are no special requirements for setting `EvaluateTargetHealth` to `true` when the alias target is an S3 bucket.\n- **Other records in the same hosted zone** - If the AWS resource that you specify in `DNSName` is a record or a group of records (for example, a group of weighted records) but is not another alias record, we recommend that you associate a health check with all of the records in the alias target. For more information, see [What Happens When You Omit Health Checks?](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-complex-configs.html#dns-failover-complex-configs-hc-omitting) in the *Amazon Route 53 Developer Guide* .\n\nFor more information and examples, see [Amazon Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html) in the *Amazon Route 53 Developer Guide* .", + "title": "EvaluateTargetHealth", + "type": "boolean" + }, + "HostedZoneId": { + "markdownDescription": "*Alias resource records sets only* : The value used depends on where you want to route traffic:\n\n- **Amazon API Gateway custom regional APIs and edge-optimized APIs** - Specify the hosted zone ID for your API. You can get the applicable value using the AWS CLI command [get-domain-names](https://docs.aws.amazon.com/cli/latest/reference/apigateway/get-domain-names.html) :\n\n- For regional APIs, specify the value of `regionalHostedZoneId` .\n- For edge-optimized APIs, specify the value of `distributionHostedZoneId` .\n- **Amazon Virtual Private Cloud interface VPC endpoint** - Specify the hosted zone ID for your interface endpoint. You can get the value of `HostedZoneId` using the AWS CLI command [describe-vpc-endpoints](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-vpc-endpoints.html) .\n- **CloudFront distribution** - Specify `Z2FDTNDATAQYW2` . This is always the hosted zone ID when you create an alias record that routes traffic to a CloudFront distribution.\n\n> Alias records for CloudFront can't be created in a private zone.\n- **Elastic Beanstalk environment** - Specify the hosted zone ID for the region that you created the environment in. The environment must have a regionalized subdomain. For a list of regions and the corresponding hosted zone IDs, see [AWS Elastic Beanstalk endpoints and quotas](https://docs.aws.amazon.com/general/latest/gr/elasticbeanstalk.html) in the *Amazon Web Services General Reference* .\n- **ELB load balancer** - Specify the value of the hosted zone ID for the load balancer. Use the following methods to get the hosted zone ID:\n\n- [Service Endpoints](https://docs.aws.amazon.com/general/latest/gr/elb.html) table in the \"Elastic Load Balancing endpoints and quotas\" topic in the *Amazon Web Services General Reference* : Use the value that corresponds with the region that you created your load balancer in. Note that there are separate columns for Application and Classic Load Balancers and for Network Load Balancers.\n- *AWS Management Console* : Go to the Amazon EC2 page, choose *Load Balancers* in the navigation pane, select the load balancer, and get the value of the *Hosted zone* field on the *Description* tab.\n- *Elastic Load Balancing API* : Use `DescribeLoadBalancers` to get the applicable value. For more information, see the applicable guide:\n\n- Classic Load Balancers: Use [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DescribeLoadBalancers.html) to get the value of `CanonicalHostedZoneNameID` .\n- Application and Network Load Balancers: Use [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html) to get the value of `CanonicalHostedZoneID` .\n- *CloudFormation Fn::GetAtt intrinsic function* : Use the [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-getatt.html) intrinsic function to get the applicable value:\n\n- Classic Load Balancers: Get [CanonicalHostedZoneNameID](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html#aws-properties-ec2-elb-return-values) .\n- Application and Network Load Balancers: Get [CanonicalHostedZoneID](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#aws-resource-elasticloadbalancingv2-loadbalancer-return-values) .\n- *AWS CLI* : Use `describe-load-balancers` to get the applicable value. For more information, see the applicable guide:\n\n- Classic Load Balancers: Use [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elb/describe-load-balancers.html) to get the value of `CanonicalHostedZoneNameID` .\n- Application and Network Load Balancers: Use [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elbv2/describe-load-balancers.html) to get the value of `CanonicalHostedZoneID` .\n- **Global Accelerator accelerator** - Specify `Z2BJ6XQ5FK7U4H` .\n- **An Amazon S3 bucket configured as a static website** - Specify the hosted zone ID for the region that you created the bucket in. For more information about valid values, see the table [Amazon S3 Website Endpoints](https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_website_region_endpoints) in the *Amazon Web Services General Reference* .\n- **Another Route 53 record in your hosted zone** - Specify the hosted zone ID of your hosted zone. (An alias record can't reference a record in a different hosted zone.)", + "title": "HostedZoneId", + "type": "string" + } + }, + "required": [ + "DNSName", + "HostedZoneId" + ], + "type": "object" + }, + "AWS::Route53::RecordSetGroup.CidrRoutingConfig": { + "additionalProperties": false, + "properties": { + "CollectionId": { + "markdownDescription": "The CIDR collection ID.", + "title": "CollectionId", + "type": "string" + }, + "LocationName": { + "markdownDescription": "The CIDR collection location name.", + "title": "LocationName", + "type": "string" + } + }, + "required": [ + "CollectionId", + "LocationName" + ], + "type": "object" + }, + "AWS::Route53::RecordSetGroup.Coordinates": { + "additionalProperties": false, + "properties": { + "Latitude": { + "markdownDescription": "Specifies a coordinate of the north\u2013south position of a geographic point on the surface of the Earth (-90 - 90).", + "title": "Latitude", + "type": "string" + }, + "Longitude": { + "markdownDescription": "Specifies a coordinate of the east\u2013west position of a geographic point on the surface of the Earth (-180 - 180).", + "title": "Longitude", + "type": "string" + } + }, + "required": [ + "Latitude", + "Longitude" + ], + "type": "object" + }, + "AWS::Route53::RecordSetGroup.GeoLocation": { + "additionalProperties": false, + "properties": { + "ContinentCode": { + "markdownDescription": "For geolocation resource record sets, a two-letter abbreviation that identifies a continent. Route 53 supports the following continent codes:\n\n- *AF* : Africa\n- *AN* : Antarctica\n- *AS* : Asia\n- *EU* : Europe\n- *OC* : Oceania\n- *NA* : North America\n- *SA* : South America\n\nConstraint: Specifying `ContinentCode` with either `CountryCode` or `SubdivisionCode` returns an `InvalidInput` error.", + "title": "ContinentCode", + "type": "string" + }, + "CountryCode": { + "markdownDescription": "For geolocation resource record sets, the two-letter code for a country.\n\nRoute 53 uses the two-letter country codes that are specified in [ISO standard 3166-1 alpha-2](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2) .", + "title": "CountryCode", + "type": "string" + }, + "SubdivisionCode": { + "markdownDescription": "For geolocation resource record sets, the two-letter code for a state of the United States. Route 53 doesn't support any other values for `SubdivisionCode` . For a list of state abbreviations, see [Appendix B: Two\u2013Letter State and Possession Abbreviations](https://docs.aws.amazon.com/https://pe.usps.com/text/pub28/28apb.htm) on the United States Postal Service website.\n\nIf you specify `subdivisioncode` , you must also specify `US` for `CountryCode` .", + "title": "SubdivisionCode", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Route53::RecordSetGroup.GeoProximityLocation": { + "additionalProperties": false, + "properties": { + "AWSRegion": { + "markdownDescription": "The AWS Region the resource you are directing DNS traffic to, is in.", + "title": "AWSRegion", + "type": "string" + }, + "Bias": { + "markdownDescription": "The bias increases or decreases the size of the geographic region from which Route\u00a053 routes traffic to a resource.\n\nTo use `Bias` to change the size of the geographic region, specify the applicable value for the bias:\n\n- To expand the size of the geographic region from which Route\u00a053 routes traffic to a resource, specify a positive integer from 1 to 99 for the bias. Route\u00a053 shrinks the size of adjacent regions.\n- To shrink the size of the geographic region from which Route\u00a053 routes traffic to a resource, specify a negative bias of -1 to -99. Route\u00a053 expands the size of adjacent regions.", + "title": "Bias", + "type": "number" + }, + "Coordinates": { + "$ref": "#/definitions/AWS::Route53::RecordSetGroup.Coordinates", + "markdownDescription": "Contains the longitude and latitude for a geographic region.", + "title": "Coordinates" + }, + "LocalZoneGroup": { + "markdownDescription": "Specifies an AWS Local Zone Group.\n\nA local Zone Group is usually the Local Zone code without the ending character. For example, if the Local Zone is `us-east-1-bue-1a` the Local Zone Group is `us-east-1-bue-1` .\n\nYou can identify the Local Zones Group for a specific Local Zone by using the [describe-availability-zones](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-availability-zones.html) CLI command:\n\nThis command returns: `\"GroupName\": \"us-west-2-den-1\"` , specifying that the Local Zone `us-west-2-den-1a` belongs to the Local Zone Group `us-west-2-den-1` .", + "title": "LocalZoneGroup", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Route53::RecordSetGroup.RecordSet": { + "additionalProperties": false, + "properties": { + "AliasTarget": { + "$ref": "#/definitions/AWS::Route53::RecordSetGroup.AliasTarget", + "markdownDescription": "*Alias resource record sets only:* Information about the AWS resource, such as a CloudFront distribution or an Amazon S3 bucket, that you want to route traffic to.\n\nIf you're creating resource records sets for a private hosted zone, note the following:\n\n- You can't create an alias resource record set in a private hosted zone to route traffic to a CloudFront distribution.\n- For information about creating failover resource record sets in a private hosted zone, see [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html) in the *Amazon Route 53 Developer Guide* .", + "title": "AliasTarget" + }, + "CidrRoutingConfig": { + "$ref": "#/definitions/AWS::Route53::RecordSetGroup.CidrRoutingConfig", + "markdownDescription": "", + "title": "CidrRoutingConfig" + }, + "Failover": { + "markdownDescription": "*Failover resource record sets only:* To configure failover, you add the `Failover` element to two resource record sets. For one resource record set, you specify `PRIMARY` as the value for `Failover` ; for the other resource record set, you specify `SECONDARY` . In addition, you include the `HealthCheckId` element and specify the health check that you want Amazon Route 53 to perform for each resource record set.\n\nExcept where noted, the following failover behaviors assume that you have included the `HealthCheckId` element in both resource record sets:\n\n- When the primary resource record set is healthy, Route 53 responds to DNS queries with the applicable value from the primary resource record set regardless of the health of the secondary resource record set.\n- When the primary resource record set is unhealthy and the secondary resource record set is healthy, Route 53 responds to DNS queries with the applicable value from the secondary resource record set.\n- When the secondary resource record set is unhealthy, Route 53 responds to DNS queries with the applicable value from the primary resource record set regardless of the health of the primary resource record set.\n- If you omit the `HealthCheckId` element for the secondary resource record set, and if the primary resource record set is unhealthy, Route 53 always responds to DNS queries with the applicable value from the secondary resource record set. This is true regardless of the health of the associated endpoint.\n\nYou can't create non-failover resource record sets that have the same values for the `Name` and `Type` elements as failover resource record sets.\n\nFor failover alias resource record sets, you must also include the `EvaluateTargetHealth` element and set the value to true.\n\nFor more information about configuring failover for Route 53, see the following topics in the *Amazon Route 53 Developer Guide* :\n\n- [Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html)\n- [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html)", + "title": "Failover", + "type": "string" + }, + "GeoLocation": { + "$ref": "#/definitions/AWS::Route53::RecordSetGroup.GeoLocation", + "markdownDescription": "*Geolocation resource record sets only:* A complex type that lets you control how Amazon Route 53 responds to DNS queries based on the geographic origin of the query. For example, if you want all queries from Africa to be routed to a web server with an IP address of `192.0.2.111` , create a resource record set with a `Type` of `A` and a `ContinentCode` of `AF` .\n\nIf you create separate resource record sets for overlapping geographic regions (for example, one resource record set for a continent and one for a country on the same continent), priority goes to the smallest geographic region. This allows you to route most queries for a continent to one resource and to route queries for a country on that continent to a different resource.\n\nYou can't create two geolocation resource record sets that specify the same geographic location.\n\nThe value `*` in the `CountryCode` element matches all geographic locations that aren't specified in other geolocation resource record sets that have the same values for the `Name` and `Type` elements.\n\n> Geolocation works by mapping IP addresses to locations. However, some IP addresses aren't mapped to geographic locations, so even if you create geolocation resource record sets that cover all seven continents, Route 53 will receive some DNS queries from locations that it can't identify. We recommend that you create a resource record set for which the value of `CountryCode` is `*` . Two groups of queries are routed to the resource that you specify in this record: queries that come from locations for which you haven't created geolocation resource record sets and queries from IP addresses that aren't mapped to a location. If you don't create a `*` resource record set, Route 53 returns a \"no answer\" response for queries from those locations. \n\nYou can't create non-geolocation resource record sets that have the same values for the `Name` and `Type` elements as geolocation resource record sets.", + "title": "GeoLocation" + }, + "GeoProximityLocation": { + "$ref": "#/definitions/AWS::Route53::RecordSetGroup.GeoProximityLocation", + "markdownDescription": "A complex type that contains information about a geographic location.", + "title": "GeoProximityLocation" + }, + "HealthCheckId": { + "markdownDescription": "If you want Amazon Route 53 to return this resource record set in response to a DNS query only when the status of a health check is healthy, include the `HealthCheckId` element and specify the ID of the applicable health check.\n\nRoute 53 determines whether a resource record set is healthy based on one of the following:\n\n- By periodically sending a request to the endpoint that is specified in the health check\n- By aggregating the status of a specified group of health checks (calculated health checks)\n- By determining the current state of a CloudWatch alarm (CloudWatch metric health checks)\n\n> Route 53 doesn't check the health of the endpoint that is specified in the resource record set, for example, the endpoint specified by the IP address in the `Value` element. When you add a `HealthCheckId` element to a resource record set, Route 53 checks the health of the endpoint that you specified in the health check. \n\nFor more information, see the following topics in the *Amazon Route 53 Developer Guide* :\n\n- [How Amazon Route 53 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html)\n- [Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html)\n- [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html)\n\n*When to Specify HealthCheckId*\n\nSpecifying a value for `HealthCheckId` is useful only when Route 53 is choosing between two or more resource record sets to respond to a DNS query, and you want Route 53 to base the choice in part on the status of a health check. Configuring health checks makes sense only in the following configurations:\n\n- *Non-alias resource record sets* : You're checking the health of a group of non-alias resource record sets that have the same routing policy, name, and type (such as multiple weighted records named www.example.com with a type of A) and you specify health check IDs for all the resource record sets.\n\nIf the health check status for a resource record set is healthy, Route 53 includes the record among the records that it responds to DNS queries with.\n\nIf the health check status for a resource record set is unhealthy, Route 53 stops responding to DNS queries using the value for that resource record set.\n\nIf the health check status for all resource record sets in the group is unhealthy, Route 53 considers all resource record sets in the group healthy and responds to DNS queries accordingly.\n- *Alias resource record sets* : You specify the following settings:\n\n- You set `EvaluateTargetHealth` to true for an alias resource record set in a group of resource record sets that have the same routing policy, name, and type (such as multiple weighted records named www.example.com with a type of A).\n- You configure the alias resource record set to route traffic to a non-alias resource record set in the same hosted zone.\n- You specify a health check ID for the non-alias resource record set.\n\nIf the health check status is healthy, Route 53 considers the alias resource record set to be healthy and includes the alias record among the records that it responds to DNS queries with.\n\nIf the health check status is unhealthy, Route 53 stops responding to DNS queries using the alias resource record set.\n\n> The alias resource record set can also route traffic to a *group* of non-alias resource record sets that have the same routing policy, name, and type. In that configuration, associate health checks with all of the resource record sets in the group of non-alias resource record sets.\n\n*Geolocation Routing*\n\nFor geolocation resource record sets, if an endpoint is unhealthy, Route 53 looks for a resource record set for the larger, associated geographic region. For example, suppose you have resource record sets for a state in the United States, for the entire United States, for North America, and a resource record set that has `*` for `CountryCode` is `*` , which applies to all locations. If the endpoint for the state resource record set is unhealthy, Route 53 checks for healthy resource record sets in the following order until it finds a resource record set for which the endpoint is healthy:\n\n- The United States\n- North America\n- The default resource record set\n\n*Specifying the Health Check Endpoint by Domain Name*\n\nIf your health checks specify the endpoint only by domain name, we recommend that you create a separate health check for each endpoint. For example, create a health check for each `HTTP` server that is serving content for `www.example.com` . For the value of `FullyQualifiedDomainName` , specify the domain name of the server (such as `us-east-2-www.example.com` ), not the name of the resource record sets ( `www.example.com` ).\n\n> Health check results will be unpredictable if you do the following:\n> \n> - Create a health check that has the same value for `FullyQualifiedDomainName` as the name of a resource record set.\n> - Associate that health check with the resource record set.", + "title": "HealthCheckId", + "type": "string" + }, + "HostedZoneId": { + "markdownDescription": "The ID of the hosted zone that you want to create records in.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .\n\nDo not provide the `HostedZoneId` if it is already defined in `AWS::Route53::RecordSetGroup` . The creation fails if `HostedZoneId` is defined in both.", + "title": "HostedZoneId", + "type": "string" + }, + "HostedZoneName": { + "markdownDescription": "The name of the hosted zone that you want to create records in. You must include a trailing dot (for example, `www.example.com.` ) as part of the `HostedZoneName` .\n\nWhen you create a stack using an `AWS::Route53::RecordSet` that specifies `HostedZoneName` , AWS CloudFormation attempts to find a hosted zone whose name matches the `HostedZoneName` . If AWS CloudFormation can't find a hosted zone with a matching domain name, or if there is more than one hosted zone with the specified domain name, AWS CloudFormation will not create the stack.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", + "title": "HostedZoneName", + "type": "string" + }, + "MultiValueAnswer": { + "markdownDescription": "*Multivalue answer resource record sets only* : To route traffic approximately randomly to multiple resources, such as web servers, create one multivalue answer record for each resource and specify `true` for `MultiValueAnswer` . Note the following:\n\n- If you associate a health check with a multivalue answer resource record set, Amazon Route 53 responds to DNS queries with the corresponding IP address only when the health check is healthy.\n- If you don't associate a health check with a multivalue answer record, Route 53 always considers the record to be healthy.\n- Route 53 responds to DNS queries with up to eight healthy records; if you have eight or fewer healthy records, Route 53 responds to all DNS queries with all the healthy records.\n- If you have more than eight healthy records, Route 53 responds to different DNS resolvers with different combinations of healthy records.\n- When all records are unhealthy, Route 53 responds to DNS queries with up to eight unhealthy records.\n- If a resource becomes unavailable after a resolver caches a response, client software typically tries another of the IP addresses in the response.\n\nYou can't create multivalue answer alias records.", + "title": "MultiValueAnswer", + "type": "boolean" + }, + "Name": { + "markdownDescription": "For `ChangeResourceRecordSets` requests, the name of the record that you want to create, update, or delete. For `ListResourceRecordSets` responses, the name of a record in the specified hosted zone.\n\n*ChangeResourceRecordSets Only*\n\nEnter a fully qualified domain name, for example, `www.example.com` . You can optionally include a trailing dot. If you omit the trailing dot, Amazon Route 53 assumes that the domain name that you specify is fully qualified. This means that Route 53 treats `www.example.com` (without a trailing dot) and `www.example.com.` (with a trailing dot) as identical.\n\nFor information about how to specify characters other than `a-z` , `0-9` , and `-` (hyphen) and how to specify internationalized domain names, see [DNS Domain Name Format](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/DomainNameFormat.html) in the *Amazon Route 53 Developer Guide* .\n\nYou can use the asterisk (*) wildcard to replace the leftmost label in a domain name, for example, `*.example.com` . Note the following:\n\n- The * must replace the entire label. For example, you can't specify `*prod.example.com` or `prod*.example.com` .\n- The * can't replace any of the middle labels, for example, marketing.*.example.com.\n- If you include * in any position other than the leftmost label in a domain name, DNS treats it as an * character (ASCII 42), not as a wildcard.\n\n> You can't use the * wildcard for resource records sets that have a type of NS.", + "title": "Name", + "type": "string" + }, + "Region": { + "markdownDescription": "*Latency-based resource record sets only:* The Amazon EC2 Region where you created the resource that this resource record set refers to. The resource typically is an AWS resource, such as an EC2 instance or an ELB load balancer, and is referred to by an IP address or a DNS domain name, depending on the record type.\n\nWhen Amazon Route 53 receives a DNS query for a domain name and type for which you have created latency resource record sets, Route 53 selects the latency resource record set that has the lowest latency between the end user and the associated Amazon EC2 Region. Route 53 then returns the value that is associated with the selected resource record set.\n\nNote the following:\n\n- You can only specify one `ResourceRecord` per latency resource record set.\n- You can only create one latency resource record set for each Amazon EC2 Region.\n- You aren't required to create latency resource record sets for all Amazon EC2 Regions. Route 53 will choose the region with the best latency from among the regions that you create latency resource record sets for.\n- You can't create non-latency resource record sets that have the same values for the `Name` and `Type` elements as latency resource record sets.", + "title": "Region", + "type": "string" + }, + "ResourceRecords": { + "items": { + "type": "string" + }, + "markdownDescription": "Information about the records that you want to create. Each record should be in the format appropriate for the record type specified by the `Type` property. For information about different record types and their record formats, see [Values That You Specify When You Create or Edit Amazon Route 53 Records](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/resource-record-sets-values.html) in the *Amazon Route 53 Developer Guide* .", + "title": "ResourceRecords", + "type": "array" + }, + "SetIdentifier": { + "markdownDescription": "*Resource record sets that have a routing policy other than simple:* An identifier that differentiates among multiple resource record sets that have the same combination of name and type, such as multiple weighted resource record sets named acme.example.com that have a type of A. In a group of resource record sets that have the same name and type, the value of `SetIdentifier` must be unique for each resource record set.\n\nFor information about routing policies, see [Choosing a Routing Policy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html) in the *Amazon Route 53 Developer Guide* .", + "title": "SetIdentifier", + "type": "string" + }, + "TTL": { + "markdownDescription": "The resource record cache time to live (TTL), in seconds. Note the following:\n\n- If you're creating or updating an alias resource record set, omit `TTL` . Amazon Route 53 uses the value of `TTL` for the alias target.\n- If you're associating this resource record set with a health check (if you're adding a `HealthCheckId` element), we recommend that you specify a `TTL` of 60 seconds or less so clients respond quickly to changes in health status.\n- All of the resource record sets in a group of weighted resource record sets must have the same value for `TTL` .\n- If a group of weighted resource record sets includes one or more weighted alias resource record sets for which the alias target is an ELB load balancer, we recommend that you specify a `TTL` of 60 seconds for all of the non-alias weighted resource record sets that have the same name and type. Values other than 60 seconds (the TTL for load balancers) will change the effect of the values that you specify for `Weight` .", + "title": "TTL", + "type": "string" + }, + "Type": { + "markdownDescription": "The DNS record type. For information about different record types and how data is encoded for them, see [Supported DNS Resource Record Types](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ResourceRecordTypes.html) in the *Amazon Route 53 Developer Guide* .\n\nValid values for basic resource record sets: `A` | `AAAA` | `CAA` | `CNAME` | `DS` | `MX` | `NAPTR` | `NS` | `PTR` | `SOA` | `SPF` | `SRV` | `TXT` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS`\n\nValues for weighted, latency, geolocation, and failover resource record sets: `A` | `AAAA` | `CAA` | `CNAME` | `MX` | `NAPTR` | `PTR` | `SPF` | `SRV` | `TXT` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS` . When creating a group of weighted, latency, geolocation, or failover resource record sets, specify the same value for all of the resource record sets in the group.\n\nValid values for multivalue answer resource record sets: `A` | `AAAA` | `MX` | `NAPTR` | `PTR` | `SPF` | `SRV` | `TXT` | `CAA` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS`\n\n> SPF records were formerly used to verify the identity of the sender of email messages. However, we no longer recommend that you create resource record sets for which the value of `Type` is `SPF` . RFC 7208, *Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1* , has been updated to say, \"...[I]ts existence and mechanism defined in [RFC4408] have led to some interoperability issues. Accordingly, its use is no longer appropriate for SPF version 1; implementations are not to use it.\" In RFC 7208, see section 14.1, [The SPF DNS Record Type](https://docs.aws.amazon.com/http://tools.ietf.org/html/rfc7208#section-14.1) . \n\nValues for alias resource record sets:\n\n- *Amazon API Gateway custom regional APIs and edge-optimized APIs:* `A`\n- *CloudFront distributions:* `A`\n\nIf IPv6 is enabled for the distribution, create two resource record sets to route traffic to your distribution, one with a value of `A` and one with a value of `AAAA` .\n- *Amazon API Gateway environment that has a regionalized subdomain* : `A`\n- *ELB load balancers:* `A` | `AAAA`\n- *Amazon S3 buckets:* `A`\n- *Amazon Virtual Private Cloud interface VPC endpoints* `A`\n- *Another resource record set in this hosted zone:* Specify the type of the resource record set that you're creating the alias for. All values are supported except `NS` and `SOA` .\n\n> If you're creating an alias record that has the same name as the hosted zone (known as the zone apex), you can't route traffic to a record for which the value of `Type` is `CNAME` . This is because the alias record must have the same type as the record you're routing traffic to, and creating a CNAME record for the zone apex isn't supported even for an alias record.", + "title": "Type", + "type": "string" + }, + "Weight": { + "markdownDescription": "*Weighted resource record sets only:* Among resource record sets that have the same combination of DNS name and type, a value that determines the proportion of DNS queries that Amazon Route 53 responds to using the current resource record set. Route 53 calculates the sum of the weights for the resource record sets that have the same combination of DNS name and type. Route 53 then responds to queries based on the ratio of a resource's weight to the total. Note the following:\n\n- You must specify a value for the `Weight` element for every weighted resource record set.\n- You can only specify one `ResourceRecord` per weighted resource record set.\n- You can't create latency, failover, or geolocation resource record sets that have the same values for the `Name` and `Type` elements as weighted resource record sets.\n- You can create a maximum of 100 weighted resource record sets that have the same values for the `Name` and `Type` elements.\n- For weighted (but not weighted alias) resource record sets, if you set `Weight` to `0` for a resource record set, Route 53 never responds to queries with the applicable value for that resource record set. However, if you set `Weight` to `0` for all resource record sets that have the same combination of DNS name and type, traffic is routed to all resources with equal probability.\n\nThe effect of setting `Weight` to `0` is different when you associate health checks with weighted resource record sets. For more information, see [Options for Configuring Route 53 Active-Active and Active-Passive Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-configuring-options.html) in the *Amazon Route 53 Developer Guide* .", + "title": "Weight", + "type": "number" + } + }, + "required": [ + "Name", + "Type" + ], + "type": "object" + }, + "AWS::Route53Profiles::Profile": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "Name of the Profile.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of the tag keys and values that you want to associate with the profile.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53Profiles::Profile" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Route53Profiles::ProfileAssociation": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the profile association to a VPC.", + "title": "Arn", + "type": "string" + }, + "Name": { + "markdownDescription": "Name of the Profile association.", + "title": "Name", + "type": "string" + }, + "ProfileId": { + "markdownDescription": "ID of the Profile.\n\nUpdate to this property requires update to the `ResourceId` property as well, because you can only associate one Profile per VPC. For more information, see [Route 53 Profiles](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/profiles.html) .", + "title": "ProfileId", + "type": "string" + }, + "ResourceId": { + "markdownDescription": "The ID of the VPC.", + "title": "ResourceId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Name", + "ProfileId", + "ResourceId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53Profiles::ProfileAssociation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Route53Profiles::ProfileResourceAssociation": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "Name of the Profile resource association.", + "title": "Name", + "type": "string" + }, + "ProfileId": { + "markdownDescription": "Profile ID of the Profile that the resources are associated with.", + "title": "ProfileId", + "type": "string" + }, + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource association.", + "title": "ResourceArn", + "type": "string" + }, + "ResourceProperties": { + "markdownDescription": "If the DNS resource is a DNS Firewall rule group, this indicates the priority.", + "title": "ResourceProperties", + "type": "string" + } + }, + "required": [ + "Name", + "ProfileId", + "ResourceArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53Profiles::ProfileResourceAssociation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Route53RecoveryControl::Cluster": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "Name of the cluster. You can use any non-white space character in the name except the following: & > < ' (single quote) \" (double quote) ; (semicolon).", + "title": "Name", + "type": "string" + }, + "NetworkType": { + "markdownDescription": "The network-type can either be IPV4 or DUALSTACK.", + "title": "NetworkType", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags associated with the cluster.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53RecoveryControl::Cluster" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Route53RecoveryControl::Cluster.ClusterEndpoint": { + "additionalProperties": false, + "properties": { + "Endpoint": { + "markdownDescription": "A cluster endpoint URL for one of the five redundant clusters that you specify to set or retrieve a routing control state.", + "title": "Endpoint", + "type": "string" + }, + "Region": { + "markdownDescription": "The AWS Region for a cluster endpoint.", + "title": "Region", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Route53RecoveryControl::ControlPanel": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ClusterArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the cluster for the control panel.", + "title": "ClusterArn", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the control panel. You can use any non-white space character in the name.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags associated with the control panel.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53RecoveryControl::ControlPanel" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Route53RecoveryControl::RoutingControl": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ClusterArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the cluster that hosts the routing control.", + "title": "ClusterArn", + "type": "string" + }, + "ControlPanelArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the control panel that includes the routing control.", + "title": "ControlPanelArn", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the routing control. You can use any non-white space character in the name.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53RecoveryControl::RoutingControl" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Route53RecoveryControl::SafetyRule": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AssertionRule": { + "$ref": "#/definitions/AWS::Route53RecoveryControl::SafetyRule.AssertionRule", + "markdownDescription": "An assertion rule enforces that, when you change a routing control state, that the criteria that you set in the rule configuration is met. Otherwise, the change to the routing control is not accepted. For example, the criteria might be that at least one routing control state is `On` after the transaction so that traffic continues to flow to at least one cell for the application. This ensures that you avoid a fail-open scenario.", + "title": "AssertionRule" + }, + "ControlPanelArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the control panel.", + "title": "ControlPanelArn", + "type": "string" + }, + "GatingRule": { + "$ref": "#/definitions/AWS::Route53RecoveryControl::SafetyRule.GatingRule", + "markdownDescription": "A gating rule verifies that a gating routing control or set of gating routing controls, evaluates as true, based on a rule configuration that you specify, which allows a set of routing control state changes to complete.\n\nFor example, if you specify one gating routing control and you set the `Type` in the rule configuration to `OR` , that indicates that you must set the gating routing control to `On` for the rule to evaluate as true; that is, for the gating control switch to be On. When you do that, then you can update the routing control states for the target routing controls that you specify in the gating rule.", + "title": "GatingRule" + }, + "Name": { + "markdownDescription": "The name of the assertion rule. The name must be unique within a control panel. You can use any non-white space character in the name except the following: & > < ' (single quote) \" (double quote) ; (semicolon)", + "title": "Name", + "type": "string" + }, + "RuleConfig": { + "$ref": "#/definitions/AWS::Route53RecoveryControl::SafetyRule.RuleConfig", + "markdownDescription": "The criteria that you set for specific assertion controls (routing controls) that designate how many control states must be `ON` as the result of a transaction. For example, if you have three assertion controls, you might specify `ATLEAST 2` for your rule configuration. This means that at least two assertion controls must be `ON` , so that at least two AWS Regions have traffic flowing to them.", + "title": "RuleConfig" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags associated with the safety rule.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "ControlPanelArn", + "Name", + "RuleConfig" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53RecoveryControl::SafetyRule" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Route53RecoveryControl::SafetyRule.AssertionRule": { + "additionalProperties": false, + "properties": { + "AssertedControls": { + "items": { + "type": "string" + }, + "markdownDescription": "The routing controls that are part of transactions that are evaluated to determine if a request to change a routing control state is allowed. For example, you might include three routing controls, one for each of three AWS Regions.", + "title": "AssertedControls", + "type": "array" + }, + "WaitPeriodMs": { + "markdownDescription": "An evaluation period, in milliseconds (ms), during which any request against the target routing controls will fail. This helps prevent flapping of state. The wait period is 5000 ms by default, but you can choose a custom value.", + "title": "WaitPeriodMs", + "type": "number" + } + }, + "required": [ + "AssertedControls", + "WaitPeriodMs" + ], + "type": "object" + }, + "AWS::Route53RecoveryControl::SafetyRule.GatingRule": { + "additionalProperties": false, + "properties": { + "GatingControls": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of gating routing control Amazon Resource Names (ARNs). For a simple on-off switch, specify the ARN for one routing control. The gating routing controls are evaluated by the rule configuration that you specify to determine if the target routing control states can be changed.", + "title": "GatingControls", + "type": "array" + }, + "TargetControls": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of target routing control Amazon Resource Names (ARNs) for which the states can only be updated if the rule configuration that you specify evaluates to true for the gating routing control. As a simple example, if you have a single gating control, it acts as an overall on-off switch for a set of target routing controls. You can use this to manually override automated failover, for example.", + "title": "TargetControls", + "type": "array" + }, + "WaitPeriodMs": { + "markdownDescription": "An evaluation period, in milliseconds (ms), during which any request against the target routing controls will fail. This helps prevent flapping of state. The wait period is 5000 ms by default, but you can choose a custom value.", + "title": "WaitPeriodMs", + "type": "number" + } + }, + "required": [ + "GatingControls", + "TargetControls", + "WaitPeriodMs" + ], + "type": "object" + }, + "AWS::Route53RecoveryControl::SafetyRule.RuleConfig": { + "additionalProperties": false, + "properties": { + "Inverted": { + "markdownDescription": "Logical negation of the rule. If the rule would usually evaluate true, it's evaluated as false, and vice versa.", + "title": "Inverted", + "type": "boolean" + }, + "Threshold": { + "markdownDescription": "The value of N, when you specify an `ATLEAST` rule type. That is, `Threshold` is the number of controls that must be set when you specify an `ATLEAST` type.", + "title": "Threshold", + "type": "number" + }, + "Type": { + "markdownDescription": "A rule can be one of the following: `ATLEAST` , `AND` , or `OR` .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Inverted", + "Threshold", + "Type" + ], + "type": "object" + }, + "AWS::Route53RecoveryReadiness::Cell": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CellName": { + "markdownDescription": "The name of the cell to create.", + "title": "CellName", + "type": "string" + }, + "Cells": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of cell Amazon Resource Names (ARNs) contained within this cell, for use in nested cells. For example, Availability Zones within specific AWS Regions .", + "title": "Cells", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A collection of tags associated with a resource.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53RecoveryReadiness::Cell" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Route53RecoveryReadiness::ReadinessCheck": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ReadinessCheckName": { + "markdownDescription": "The name of the readiness check to create.", + "title": "ReadinessCheckName", + "type": "string" + }, + "ResourceSetName": { + "markdownDescription": "The name of the resource set to check.", + "title": "ResourceSetName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A collection of tags associated with a resource.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53RecoveryReadiness::ReadinessCheck" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Route53RecoveryReadiness::RecoveryGroup": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Cells": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the cell Amazon Resource Names (ARNs) in the recovery group.", + "title": "Cells", + "type": "array" + }, + "RecoveryGroupName": { + "markdownDescription": "The name of the recovery group to create.", + "title": "RecoveryGroupName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A collection of tags associated with a resource.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53RecoveryReadiness::RecoveryGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Route53RecoveryReadiness::ResourceSet": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ResourceSetName": { + "markdownDescription": "The name of the resource set to create.", + "title": "ResourceSetName", + "type": "string" + }, + "ResourceSetType": { + "markdownDescription": "The resource type of the resources in the resource set. Enter one of the following values for resource type:\n\nAWS::ApiGateway::Stage, AWS::ApiGatewayV2::Stage, AWS::AutoScaling::AutoScalingGroup, AWS::CloudWatch::Alarm, AWS::EC2::CustomerGateway, AWS::DynamoDB::Table, AWS::EC2::Volume, AWS::ElasticLoadBalancing::LoadBalancer, AWS::ElasticLoadBalancingV2::LoadBalancer, AWS::Lambda::Function, AWS::MSK::Cluster, AWS::RDS::DBCluster, AWS::Route53::HealthCheck, AWS::SQS::Queue, AWS::SNS::Topic, AWS::SNS::Subscription, AWS::EC2::VPC, AWS::EC2::VPNConnection, AWS::EC2::VPNGateway, AWS::Route53RecoveryReadiness::DNSTargetResource.\n\nNote that AWS::Route53RecoveryReadiness::DNSTargetResource is only used for this setting. It isn't an actual AWS CloudFormation resource type.", + "title": "ResourceSetType", + "type": "string" + }, + "Resources": { + "items": { + "$ref": "#/definitions/AWS::Route53RecoveryReadiness::ResourceSet.Resource" + }, + "markdownDescription": "A list of resource objects in the resource set.", + "title": "Resources", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A tag to associate with the parameters for a resource set.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "ResourceSetType", + "Resources" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53RecoveryReadiness::ResourceSet" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Route53RecoveryReadiness::ResourceSet.DNSTargetResource": { + "additionalProperties": false, + "properties": { + "DomainName": { + "markdownDescription": "The domain name that acts as an ingress point to a portion of the customer application.", + "title": "DomainName", + "type": "string" + }, + "HostedZoneArn": { + "markdownDescription": "The hosted zone Amazon Resource Name (ARN) that contains the DNS record with the provided name of the target resource.", + "title": "HostedZoneArn", + "type": "string" + }, + "RecordSetId": { + "markdownDescription": "The Amazon Route 53 record set ID that uniquely identifies a DNS record, given a name and a type.", + "title": "RecordSetId", + "type": "string" + }, + "RecordType": { + "markdownDescription": "The type of DNS record of the target resource.", + "title": "RecordType", + "type": "string" + }, + "TargetResource": { + "$ref": "#/definitions/AWS::Route53RecoveryReadiness::ResourceSet.TargetResource", + "markdownDescription": "The target resource that the Route 53 record points to.", + "title": "TargetResource" + } + }, + "type": "object" + }, + "AWS::Route53RecoveryReadiness::ResourceSet.NLBResource": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Network Load Balancer resource Amazon Resource Name (ARN).", + "title": "Arn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Route53RecoveryReadiness::ResourceSet.R53ResourceRecord": { + "additionalProperties": false, + "properties": { + "DomainName": { + "markdownDescription": "The DNS target domain name.", + "title": "DomainName", + "type": "string" + }, + "RecordSetId": { + "markdownDescription": "The Amazon Route 53 Resource Record Set ID.", + "title": "RecordSetId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Route53RecoveryReadiness::ResourceSet.Resource": { + "additionalProperties": false, + "properties": { + "ComponentId": { + "markdownDescription": "The component identifier of the resource, generated when DNS target resource is used.", + "title": "ComponentId", + "type": "string" + }, + "DnsTargetResource": { + "$ref": "#/definitions/AWS::Route53RecoveryReadiness::ResourceSet.DNSTargetResource", + "markdownDescription": "A component for DNS/routing control readiness checks. This is a required setting when `ResourceSet` `ResourceSetType` is set to `AWS::Route53RecoveryReadiness::DNSTargetResource` . Do not set it for any other `ResourceSetType` setting.", + "title": "DnsTargetResource" + }, + "ReadinessScopes": { + "items": { + "type": "string" + }, + "markdownDescription": "The recovery group Amazon Resource Name (ARN) or the cell ARN that the readiness checks for this resource set are scoped to.", + "title": "ReadinessScopes", + "type": "array" + }, + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS resource. This is a required setting for all `ResourceSet` `ResourceSetType` settings except `AWS::Route53RecoveryReadiness::DNSTargetResource` . Do not set this when `ResourceSetType` is set to `AWS::Route53RecoveryReadiness::DNSTargetResource` .", + "title": "ResourceArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Route53RecoveryReadiness::ResourceSet.TargetResource": { + "additionalProperties": false, + "properties": { + "NLBResource": { + "$ref": "#/definitions/AWS::Route53RecoveryReadiness::ResourceSet.NLBResource", + "markdownDescription": "The Network Load Balancer resource that a DNS target resource points to.", + "title": "NLBResource" + }, + "R53Resource": { + "$ref": "#/definitions/AWS::Route53RecoveryReadiness::ResourceSet.R53ResourceRecord", + "markdownDescription": "The Route 53 resource that a DNS target resource record points to.", + "title": "R53Resource" + } + }, + "type": "object" + }, + "AWS::Route53Resolver::FirewallDomainList": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DomainFileUrl": { + "markdownDescription": "The fully qualified URL or URI of the file stored in Amazon Simple Storage Service (Amazon S3) that contains the list of domains to import.\n\nThe file must be in an S3 bucket that's in the same Region as your DNS Firewall. The file must be a text file and must contain a single domain per line.", + "title": "DomainFileUrl", + "type": "string" + }, + "Domains": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the domain lists that you have defined.", + "title": "Domains", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the domain list.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of the tag keys and values that you want to associate with the domain list.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53Resolver::FirewallDomainList" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Route53Resolver::FirewallRuleGroup": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "FirewallRules": { + "items": { + "$ref": "#/definitions/AWS::Route53Resolver::FirewallRuleGroup.FirewallRule" + }, + "markdownDescription": "A list of the rules that you have defined.", + "title": "FirewallRules", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the rule group.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of the tag keys and values that you want to associate with the rule group.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53Resolver::FirewallRuleGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Route53Resolver::FirewallRuleGroup.FirewallRule": { + "additionalProperties": false, + "properties": { + "Action": { + "markdownDescription": "The action that DNS Firewall should take on a DNS query when it matches one of the domains in the rule's domain list, or a threat in a DNS Firewall Advvanced rule:\n\n- `ALLOW` - Permit the request to go through. Not available for DNS Firewall Advanced rules.\n- `ALERT` - Permit the request to go through but send an alert to the logs.\n- `BLOCK` - Disallow the request. If this is specified,then `BlockResponse` must also be specified.\n\nif `BlockResponse` is `OVERRIDE` , then all of the following `OVERRIDE` attributes must be specified:\n\n- `BlockOverrideDnsType`\n- `BlockOverrideDomain`\n- `BlockOverrideTtl`", + "title": "Action", + "type": "string" + }, + "BlockOverrideDnsType": { + "markdownDescription": "The DNS record's type. This determines the format of the record value that you provided in `BlockOverrideDomain` . Used for the rule action `BLOCK` with a `BlockResponse` setting of `OVERRIDE` .", + "title": "BlockOverrideDnsType", + "type": "string" + }, + "BlockOverrideDomain": { + "markdownDescription": "The custom DNS record to send back in response to the query. Used for the rule action `BLOCK` with a `BlockResponse` setting of `OVERRIDE` .", + "title": "BlockOverrideDomain", + "type": "string" + }, + "BlockOverrideTtl": { + "markdownDescription": "The recommended amount of time, in seconds, for the DNS resolver or web browser to cache the provided override record. Used for the rule action `BLOCK` with a `BlockResponse` setting of `OVERRIDE` .", + "title": "BlockOverrideTtl", + "type": "number" + }, + "BlockResponse": { + "markdownDescription": "The way that you want DNS Firewall to block the request. Used for the rule action setting `BLOCK` .\n\n- `NODATA` - Respond indicating that the query was successful, but no response is available for it.\n- `NXDOMAIN` - Respond indicating that the domain name that's in the query doesn't exist.\n- `OVERRIDE` - Provide a custom override in the response. This option requires custom handling details in the rule's `BlockOverride*` settings.", + "title": "BlockResponse", + "type": "string" + }, + "ConfidenceThreshold": { + "markdownDescription": "The confidence threshold for DNS Firewall Advanced. You must provide this value when you create a DNS Firewall Advanced rule. The confidence level values mean:\n\n- `LOW` : Provides the highest detection rate for threats, but also increases false positives.\n- `MEDIUM` : Provides a balance between detecting threats and false positives.\n- `HIGH` : Detects only the most well corroborated threats with a low rate of false positives.", + "title": "ConfidenceThreshold", + "type": "string" + }, + "DnsThreatProtection": { + "markdownDescription": "The type of the DNS Firewall Advanced rule. Valid values are:\n\n- `DGA` : Domain generation algorithms detection. DGAs are used by attackers to generate a large number of domains to to launch malware attacks.\n- `DNS_TUNNELING` : DNS tunneling detection. DNS tunneling is used by attackers to exfiltrate data from the client by using the DNS tunnel without making a network connection to the client.", + "title": "DnsThreatProtection", + "type": "string" + }, + "FirewallDomainListId": { + "markdownDescription": "The ID of the domain list that's used in the rule.", + "title": "FirewallDomainListId", + "type": "string" + }, + "FirewallDomainRedirectionAction": { + "markdownDescription": "How you want the the rule to evaluate DNS redirection in the DNS redirection chain, such as CNAME, or DNAME.\n\n`Inspect_Redirection_Domain` (Default) inspects all domains in the redirection chain. The individual domains in the redirection chain must be added to the domain list.\n\n`Trust_Redirection_Domain` inspects only the first domain in the redirection chain. You don't need to add the subsequent domains in the domain in the redirection list to the domain list.", + "title": "FirewallDomainRedirectionAction", + "type": "string" + }, + "FirewallThreatProtectionId": { + "markdownDescription": "ID of the DNS Firewall Advanced rule.", + "title": "FirewallThreatProtectionId", + "type": "string" + }, + "Priority": { + "markdownDescription": "The priority of the rule in the rule group. This value must be unique within the rule group. DNS Firewall processes the rules in a rule group by order of priority, starting from the lowest setting.", + "title": "Priority", + "type": "number" + }, + "Qtype": { + "markdownDescription": "The DNS query type you want the rule to evaluate. Allowed values are;\n\n- A: Returns an IPv4 address.\n- AAAA: Returns an Ipv6 address.\n- CAA: Restricts CAs that can create SSL/TLS certifications for the domain.\n- CNAME: Returns another domain name.\n- DS: Record that identifies the DNSSEC signing key of a delegated zone.\n- MX: Specifies mail servers.\n- NAPTR: Regular-expression-based rewriting of domain names.\n- NS: Authoritative name servers.\n- PTR: Maps an IP address to a domain name.\n- SOA: Start of authority record for the zone.\n- SPF: Lists the servers authorized to send emails from a domain.\n- SRV: Application specific values that identify servers.\n- TXT: Verifies email senders and application-specific values.\n- A query type you define by using the DNS type ID, for example 28 for AAAA. The values must be defined as TYPE NUMBER , where the NUMBER can be 1-65334, for example, TYPE28. For more information, see [List of DNS record types](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/List_of_DNS_record_types) .", + "title": "Qtype", + "type": "string" + } + }, + "required": [ + "Action", + "Priority" + ], + "type": "object" + }, + "AWS::Route53Resolver::FirewallRuleGroupAssociation": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "FirewallRuleGroupId": { + "markdownDescription": "The unique identifier of the firewall rule group.", + "title": "FirewallRuleGroupId", + "type": "string" + }, + "MutationProtection": { + "markdownDescription": "If enabled, this setting disallows modification or removal of the association, to help prevent against accidentally altering DNS firewall protections.", + "title": "MutationProtection", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the association.", + "title": "Name", + "type": "string" + }, + "Priority": { + "markdownDescription": "The setting that determines the processing order of the rule group among the rule groups that are associated with a single VPC. DNS Firewall filters VPC traffic starting from rule group with the lowest numeric priority setting.\n\nYou must specify a unique priority for each rule group that you associate with a single VPC. To make it easier to insert rule groups later, leave space between the numbers, for example, use 101, 200, and so on. You can change the priority setting for a rule group association after you create it.\n\nThe allowed values for `Priority` are between 100 and 9900 (excluding 100 and 9900).", + "title": "Priority", + "type": "number" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of the tag keys and values that you want to associate with the rule group.", + "title": "Tags", + "type": "array" + }, + "VpcId": { + "markdownDescription": "The unique identifier of the VPC that is associated with the rule group.", + "title": "VpcId", + "type": "string" + } + }, + "required": [ + "FirewallRuleGroupId", + "Priority", + "VpcId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53Resolver::FirewallRuleGroupAssociation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Route53Resolver::OutpostResolver": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "InstanceCount": { + "markdownDescription": "Amazon EC2 instance count for the Resolver on the Outpost.", + "title": "InstanceCount", + "type": "number" + }, + "Name": { + "markdownDescription": "Name of the Resolver.", + "title": "Name", + "type": "string" + }, + "OutpostArn": { + "markdownDescription": "The ARN (Amazon Resource Name) for the Outpost.", + "title": "OutpostArn", + "type": "string" + }, + "PreferredInstanceType": { + "markdownDescription": "The Amazon EC2 instance type. If you specify this, you must also specify a value for the `OutpostArn` .", + "title": "PreferredInstanceType", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A key value pair that helps you identify a Route\u00a053 Resolver .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Name", + "OutpostArn", + "PreferredInstanceType" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53Resolver::OutpostResolver" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Route53Resolver::ResolverConfig": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AutodefinedReverseFlag": { + "markdownDescription": "Represents the desired status of `AutodefinedReverse` . The only supported value on creation is `DISABLE` . Deletion of this resource will return `AutodefinedReverse` to its default value of `ENABLED` .", + "title": "AutodefinedReverseFlag", + "type": "string" + }, + "ResourceId": { + "markdownDescription": "The ID of the Amazon Virtual Private Cloud VPC or a Route 53 Profile that you're configuring Resolver for.", + "title": "ResourceId", + "type": "string" + } + }, + "required": [ + "AutodefinedReverseFlag", + "ResourceId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53Resolver::ResolverConfig" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Route53Resolver::ResolverDNSSECConfig": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ResourceId": { + "markdownDescription": "The ID of the virtual private cloud (VPC) that you're configuring the DNSSEC validation status for.", + "title": "ResourceId", + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53Resolver::ResolverDNSSECConfig" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Route53Resolver::ResolverEndpoint": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Direction": { + "markdownDescription": "Indicates whether the Resolver endpoint allows inbound or outbound DNS queries:\n\n- `INBOUND` : allows DNS queries to your VPC from your network\n- `OUTBOUND` : allows DNS queries from your VPC to your network\n- `INBOUND_DELEGATION` : Resolver delegates queries to Route 53 private hosted zones from your network.", + "title": "Direction", + "type": "string" + }, + "IpAddresses": { + "items": { + "$ref": "#/definitions/AWS::Route53Resolver::ResolverEndpoint.IpAddressRequest" + }, + "markdownDescription": "The subnets and IP addresses in your VPC that DNS queries originate from (for outbound endpoints) or that you forward DNS queries to (for inbound endpoints). The subnet ID uniquely identifies a VPC.\n\n> Even though the minimum is 1, Route\u00a053 requires that you create at least two.", + "title": "IpAddresses", + "type": "array" + }, + "Name": { + "markdownDescription": "A friendly name that lets you easily find a configuration in the Resolver dashboard in the Route 53 console.", + "title": "Name", + "type": "string" + }, + "OutpostArn": { + "markdownDescription": "The ARN (Amazon Resource Name) for the Outpost.", + "title": "OutpostArn", + "type": "string" + }, + "PreferredInstanceType": { + "markdownDescription": "The Amazon EC2 instance type.", + "title": "PreferredInstanceType", + "type": "string" + }, + "Protocols": { + "items": { + "type": "string" + }, + "markdownDescription": "Protocols used for the endpoint. DoH-FIPS is applicable for a default inbound endpoints only.\n\nFor an inbound endpoint you can apply the protocols as follows:\n\n- Do53 and DoH in combination.\n- Do53 and DoH-FIPS in combination.\n- Do53 alone.\n- DoH alone.\n- DoH-FIPS alone.\n- None, which is treated as Do53.\n\nFor a delegation inbound endpoint you can use Do53 only.\n\nFor an outbound endpoint you can apply the protocols as follows:\n\n- Do53 and DoH in combination.\n- Do53 alone.\n- DoH alone.\n- None, which is treated as Do53.", + "title": "Protocols", + "type": "array" + }, + "ResolverEndpointType": { + "markdownDescription": "The Resolver endpoint IP address type.", + "title": "ResolverEndpointType", + "type": "string" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The ID of one or more security groups that control access to this VPC. The security group must include one or more inbound rules (for inbound endpoints) or outbound rules (for outbound endpoints). Inbound and outbound rules must allow TCP and UDP access. For inbound access, open port 53. For outbound access, open the port that you're using for DNS queries on your network.", + "title": "SecurityGroupIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Route 53 Resolver doesn't support updating tags through CloudFormation.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Direction", + "IpAddresses", + "SecurityGroupIds" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53Resolver::ResolverEndpoint" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Route53Resolver::ResolverEndpoint.IpAddressRequest": { + "additionalProperties": false, + "properties": { + "Ip": { + "markdownDescription": "The IPv4 address that you want to use for DNS queries.", + "title": "Ip", + "type": "string" + }, + "Ipv6": { + "markdownDescription": "The IPv6 address that you want to use for DNS queries.", + "title": "Ipv6", + "type": "string" + }, + "SubnetId": { + "markdownDescription": "The ID of the subnet that contains the IP address.", + "title": "SubnetId", + "type": "string" + } + }, + "required": [ + "SubnetId" + ], + "type": "object" + }, + "AWS::Route53Resolver::ResolverQueryLoggingConfig": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DestinationArn": { + "markdownDescription": "The ARN of the resource that you want Resolver to send query logs: an Amazon S3 bucket, a CloudWatch Logs log group, or a Kinesis Data Firehose delivery stream.", + "title": "DestinationArn", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the query logging configuration.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53Resolver::ResolverQueryLoggingConfig" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ResolverQueryLogConfigId": { + "markdownDescription": "The ID of the query logging configuration that a VPC is associated with.", + "title": "ResolverQueryLogConfigId", + "type": "string" + }, + "ResourceId": { + "markdownDescription": "The ID of the Amazon VPC that is associated with the query logging configuration.", + "title": "ResourceId", + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Route53Resolver::ResolverRule": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DelegationRecord": { + "markdownDescription": "DNS queries with delegation records that point to this domain name are forwarded to resolvers on your network.", + "title": "DelegationRecord", + "type": "string" + }, + "DomainName": { + "markdownDescription": "DNS queries for this domain name are forwarded to the IP addresses that are specified in `TargetIps` . If a query matches multiple Resolver rules (example.com and www.example.com), the query is routed using the Resolver rule that contains the most specific domain name (www.example.com).", + "title": "DomainName", + "type": "string" + }, + "Name": { + "markdownDescription": "The name for the Resolver rule, which you specified when you created the Resolver rule.", + "title": "Name", + "type": "string" + }, + "ResolverEndpointId": { + "markdownDescription": "The ID of the endpoint that the rule is associated with.", + "title": "ResolverEndpointId", + "type": "string" + }, + "RuleType": { + "markdownDescription": "When you want to forward DNS queries for specified domain name to resolvers on your network, specify `FORWARD` or `DELEGATE` . If a query matches multiple Resolver rules (example.com and www.example.com), outbound DNS queries are routed using the Resolver rule that contains the most specific domain name (www.example.com).\n\nWhen you have a forwarding rule to forward DNS queries for a domain to your network and you want Resolver to process queries for a subdomain of that domain, specify `SYSTEM` .\n\nFor example, to forward DNS queries for example.com to resolvers on your network, you create a rule and specify `FORWARD` for `RuleType` . To then have Resolver process queries for apex.example.com, you create a rule and specify `SYSTEM` for `RuleType` .\n\nCurrently, only Resolver can create rules that have a value of `RECURSIVE` for `RuleType` .", + "title": "RuleType", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags help organize and categorize your Resolver rules. Each tag consists of a key and an optional value, both of which you define.", + "title": "Tags", + "type": "array" + }, + "TargetIps": { + "items": { + "$ref": "#/definitions/AWS::Route53Resolver::ResolverRule.TargetAddress" + }, + "markdownDescription": "An array that contains the IP addresses and ports that an outbound endpoint forwards DNS queries to. Typically, these are the IP addresses of DNS resolvers on your network.", + "title": "TargetIps", + "type": "array" + } + }, + "required": [ + "RuleType" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53Resolver::ResolverRule" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Route53Resolver::ResolverRule.TargetAddress": { + "additionalProperties": false, + "properties": { + "Ip": { + "markdownDescription": "One IPv4 address that you want to forward DNS queries to.", + "title": "Ip", + "type": "string" + }, + "Ipv6": { + "markdownDescription": "One IPv6 address that you want to forward DNS queries to.", + "title": "Ipv6", + "type": "string" + }, + "Port": { + "markdownDescription": "The port at `Ip` that you want to forward DNS queries to.", + "title": "Port", + "type": "string" + }, + "Protocol": { + "markdownDescription": "The protocols for the target address. The protocol you choose needs to be supported by the outbound endpoint of the Resolver rule.", + "title": "Protocol", + "type": "string" + }, + "ServerNameIndication": { + "markdownDescription": "The Server Name Indication of the DoH server that you want to forward queries to. This is only used if the Protocol of the `TargetAddress` is `DoH` .", + "title": "ServerNameIndication", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Route53Resolver::ResolverRuleAssociation": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of an association between a Resolver rule and a VPC.", + "title": "Name", + "type": "string" + }, + "ResolverRuleId": { + "markdownDescription": "The ID of the Resolver rule that you associated with the VPC that is specified by `VPCId` .", + "title": "ResolverRuleId", + "type": "string" + }, + "VPCId": { + "markdownDescription": "The ID of the VPC that you associated the Resolver rule with.", + "title": "VPCId", + "type": "string" + } + }, + "required": [ + "ResolverRuleId", + "VPCId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53Resolver::ResolverRuleAssociation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::S3::AccessGrant": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AccessGrantsLocationConfiguration": { + "$ref": "#/definitions/AWS::S3::AccessGrant.AccessGrantsLocationConfiguration", + "markdownDescription": "The configuration options of the grant location. The grant location is the S3 path to the data to which you are granting access. It contains the `S3SubPrefix` field. The grant scope is the result of appending the subprefix to the location scope of the registered location.", + "title": "AccessGrantsLocationConfiguration" + }, + "AccessGrantsLocationId": { + "markdownDescription": "The ID of the registered location to which you are granting access. S3 Access Grants assigns this ID when you register the location. S3 Access Grants assigns the ID `default` to the default location `s3://` and assigns an auto-generated ID to other locations that you register.", + "title": "AccessGrantsLocationId", + "type": "string" + }, + "ApplicationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS IAM Identity Center application associated with your Identity Center instance. If the grant includes an application ARN, the grantee can only access the S3 data through this application.", + "title": "ApplicationArn", + "type": "string" + }, + "Grantee": { + "$ref": "#/definitions/AWS::S3::AccessGrant.Grantee", + "markdownDescription": "The user, group, or role to which you are granting access. You can grant access to an IAM user or role. If you have added your corporate directory to AWS IAM Identity Center and associated your Identity Center instance with your S3 Access Grants instance, the grantee can also be a corporate directory user or group.", + "title": "Grantee" + }, + "Permission": { + "markdownDescription": "The type of access that you are granting to your S3 data, which can be set to one of the following values:\n\n- `READ` \u2013 Grant read-only access to the S3 data.\n- `WRITE` \u2013 Grant write-only access to the S3 data.\n- `READWRITE` \u2013 Grant both read and write access to the S3 data.", + "title": "Permission", + "type": "string" + }, + "S3PrefixType": { + "markdownDescription": "The type of `S3SubPrefix` . The only possible value is `Object` . Pass this value if the access grant scope is an object. Do not pass this value if the access grant scope is a bucket or a bucket and a prefix.", + "title": "S3PrefixType", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The AWS resource tags that you are adding to the access grant. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "AccessGrantsLocationId", + "Grantee", + "Permission" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::S3::AccessGrant" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::S3::AccessGrant.AccessGrantsLocationConfiguration": { + "additionalProperties": false, + "properties": { + "S3SubPrefix": { + "markdownDescription": "The `S3SubPrefix` is appended to the location scope creating the grant scope. Use this field to narrow the scope of the grant to a subset of the location scope. This field is required if the location scope is the default location `s3://` because you cannot create a grant for all of your S3 data in the Region and must narrow the scope. For example, if the location scope is the default location `s3://` , the `S3SubPrefx` can be a `/*` , so the full grant scope path would be `s3:///*` . Or the `S3SubPrefx` can be `/*` , so the full grant scope path would be `s3:///*` .\n\nIf the `S3SubPrefix` includes a prefix, append the wildcard character `*` after the prefix to indicate that you want to include all object key names in the bucket that start with that prefix.", + "title": "S3SubPrefix", + "type": "string" + } + }, + "required": [ + "S3SubPrefix" + ], + "type": "object" + }, + "AWS::S3::AccessGrant.Grantee": { + "additionalProperties": false, + "properties": { + "GranteeIdentifier": { + "markdownDescription": "The unique identifier of the `Grantee` . If the grantee type is `IAM` , the identifier is the IAM Amazon Resource Name (ARN) of the user or role. If the grantee type is a directory user or group, the identifier is 128-bit universally unique identifier (UUID) in the format `a1b2c3d4-5678-90ab-cdef-EXAMPLE11111` . You can obtain this UUID from your AWS IAM Identity Center instance.", + "title": "GranteeIdentifier", + "type": "string" + }, + "GranteeType": { + "markdownDescription": "The type of the grantee to which access has been granted. It can be one of the following values:\n\n- `IAM` - An IAM user or role.\n- `DIRECTORY_USER` - Your corporate directory user. You can use this option if you have added your corporate identity directory to IAM Identity Center and associated the IAM Identity Center instance with your S3 Access Grants instance.\n- `DIRECTORY_GROUP` - Your corporate directory group. You can use this option if you have added your corporate identity directory to IAM Identity Center and associated the IAM Identity Center instance with your S3 Access Grants instance.", + "title": "GranteeType", + "type": "string" + } + }, + "required": [ + "GranteeIdentifier", + "GranteeType" + ], + "type": "object" + }, + "AWS::S3::AccessGrantsInstance": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "IdentityCenterArn": { + "markdownDescription": "If you would like to associate your S3 Access Grants instance with an AWS IAM Identity Center instance, use this field to pass the Amazon Resource Name (ARN) of the AWS IAM Identity Center instance that you are associating with your S3 Access Grants instance. An IAM Identity Center instance is your corporate identity directory that you added to the IAM Identity Center.", + "title": "IdentityCenterArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The AWS resource tags that you are adding to the S3 Access Grants instance. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::S3::AccessGrantsInstance" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::S3::AccessGrantsLocation": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "IamRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role for the registered location. S3 Access Grants assumes this role to manage access to the registered location.", + "title": "IamRoleArn", + "type": "string" + }, + "LocationScope": { + "markdownDescription": "The S3 URI path to the location that you are registering. The location scope can be the default S3 location `s3://` , the S3 path to a bucket, or the S3 path to a bucket and prefix. A prefix in S3 is a string of characters at the beginning of an object key name used to organize the objects that you store in your S3 buckets. For example, object key names that start with the `engineering/` prefix or object key names that start with the `marketing/campaigns/` prefix.", + "title": "LocationScope", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The AWS resource tags that you are adding to the S3 Access Grants location. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::S3::AccessGrantsLocation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::S3::AccessPoint": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The name of the bucket associated with this access point.", + "title": "Bucket", + "type": "string" + }, + "BucketAccountId": { + "markdownDescription": "The AWS account ID associated with the S3 bucket associated with this access point.", + "title": "BucketAccountId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of this access point. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the access point name.", + "title": "Name", + "type": "string" + }, + "Policy": { + "markdownDescription": "The access point policy associated with this access point.", + "title": "Policy", + "type": "object" + }, + "PublicAccessBlockConfiguration": { + "$ref": "#/definitions/AWS::S3::AccessPoint.PublicAccessBlockConfiguration", + "markdownDescription": "The PublicAccessBlock configuration that you want to apply to this Amazon S3 bucket. You can enable the configuration options in any combination. For more information about when Amazon S3 considers a bucket or object public, see [The Meaning of \"Public\"](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status) in the *Amazon S3 User Guide* .", + "title": "PublicAccessBlockConfiguration" + }, + "VpcConfiguration": { + "$ref": "#/definitions/AWS::S3::AccessPoint.VpcConfiguration", + "markdownDescription": "The Virtual Private Cloud (VPC) configuration for this access point, if one exists.", + "title": "VpcConfiguration" + } + }, + "required": [ + "Bucket" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::S3::AccessPoint" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::S3::AccessPoint.PublicAccessBlockConfiguration": { + "additionalProperties": false, + "properties": { + "BlockPublicAcls": { + "markdownDescription": "Specifies whether Amazon S3 should block public access control lists (ACLs) for this bucket and objects in this bucket. Setting this element to `TRUE` causes the following behavior:\n\n- PUT Bucket ACL and PUT Object ACL calls fail if the specified ACL is public.\n- PUT Object calls fail if the request includes a public ACL.\n- PUT Bucket calls fail if the request includes a public ACL.\n\nEnabling this setting doesn't affect existing policies or ACLs.", + "title": "BlockPublicAcls", + "type": "boolean" + }, + "BlockPublicPolicy": { + "markdownDescription": "Specifies whether Amazon S3 should block public bucket policies for this bucket. Setting this element to `TRUE` causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.\n\nEnabling this setting doesn't affect existing bucket policies.", + "title": "BlockPublicPolicy", + "type": "boolean" + }, + "IgnorePublicAcls": { + "markdownDescription": "Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects in this bucket. Setting this element to `TRUE` causes Amazon S3 to ignore all public ACLs on this bucket and objects in this bucket.\n\nEnabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.", + "title": "IgnorePublicAcls", + "type": "boolean" + }, + "RestrictPublicBuckets": { + "markdownDescription": "Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to `TRUE` restricts access to this bucket to only AWS service principals and authorized users within this account if the bucket has a public policy.\n\nEnabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.", + "title": "RestrictPublicBuckets", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::S3::AccessPoint.VpcConfiguration": { + "additionalProperties": false, + "properties": { + "VpcId": { + "markdownDescription": "If this field is specified, the access point will only allow connections from the specified VPC ID.", + "title": "VpcId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::S3::Bucket": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AccelerateConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.AccelerateConfiguration", + "markdownDescription": "Configures the transfer acceleration state for an Amazon S3 bucket. For more information, see [Amazon S3 Transfer Acceleration](https://docs.aws.amazon.com/AmazonS3/latest/dev/transfer-acceleration.html) in the *Amazon S3 User Guide* .", + "title": "AccelerateConfiguration" + }, + "AccessControl": { + "markdownDescription": "> This is a legacy property, and it is not recommended for most use cases. A majority of modern use cases in Amazon S3 no longer require the use of ACLs, and we recommend that you keep ACLs disabled. For more information, see [Controlling object ownership](https://docs.aws.amazon.com//AmazonS3/latest/userguide/about-object-ownership.html) in the *Amazon S3 User Guide* . \n\nA canned access control list (ACL) that grants predefined permissions to the bucket. For more information about canned ACLs, see [Canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) in the *Amazon S3 User Guide* .\n\nS3 buckets are created with ACLs disabled by default. Therefore, unless you explicitly set the [AWS::S3::OwnershipControls](https://docs.aws.amazon.com//AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-ownershipcontrols.html) property to enable ACLs, your resource will fail to deploy with any value other than Private. Use cases requiring ACLs are uncommon.\n\nThe majority of access control configurations can be successfully and more easily achieved with bucket policies. For more information, see [AWS::S3::BucketPolicy](https://docs.aws.amazon.com//AWSCloudFormation/latest/UserGuide/aws-properties-s3-policy.html) . For examples of common policy configurations, including S3 Server Access Logs buckets and more, see [Bucket policy examples](https://docs.aws.amazon.com/AmazonS3/latest/userguide/example-bucket-policies.html) in the *Amazon S3 User Guide* .", + "title": "AccessControl", + "type": "string" + }, + "AnalyticsConfigurations": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.AnalyticsConfiguration" + }, + "markdownDescription": "Specifies the configuration and any analyses for the analytics filter of an Amazon S3 bucket.", + "title": "AnalyticsConfigurations", + "type": "array" + }, + "BucketEncryption": { + "$ref": "#/definitions/AWS::S3::Bucket.BucketEncryption", + "markdownDescription": "Specifies default encryption for a bucket using server-side encryption with Amazon S3-managed keys (SSE-S3), AWS KMS-managed keys (SSE-KMS), or dual-layer server-side encryption with KMS-managed keys (DSSE-KMS). For information about the Amazon S3 default encryption feature, see [Amazon S3 Default Encryption for S3 Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html) in the *Amazon S3 User Guide* .", + "title": "BucketEncryption" + }, + "BucketName": { + "markdownDescription": "A name for the bucket. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the bucket name. The bucket name must contain only lowercase letters, numbers, periods (.), and dashes (-) and must follow [Amazon S3 bucket restrictions and limitations](https://docs.aws.amazon.com/AmazonS3/latest/dev/BucketRestrictions.html) . For more information, see [Rules for naming Amazon S3 buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html) in the *Amazon S3 User Guide* .\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you need to replace the resource, specify a new name.", + "title": "BucketName", + "type": "string" + }, + "CorsConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.CorsConfiguration", + "markdownDescription": "Describes the cross-origin access configuration for objects in an Amazon S3 bucket. For more information, see [Enabling Cross-Origin Resource Sharing](https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html) in the *Amazon S3 User Guide* .", + "title": "CorsConfiguration" + }, + "IntelligentTieringConfigurations": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.IntelligentTieringConfiguration" + }, + "markdownDescription": "Defines how Amazon S3 handles Intelligent-Tiering storage.", + "title": "IntelligentTieringConfigurations", + "type": "array" + }, + "InventoryConfigurations": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.InventoryConfiguration" + }, + "markdownDescription": "Specifies the S3 Inventory configuration for an Amazon S3 bucket. For more information, see [GET Bucket inventory](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketGETInventoryConfig.html) in the *Amazon S3 API Reference* .", + "title": "InventoryConfigurations", + "type": "array" + }, + "LifecycleConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.LifecycleConfiguration", + "markdownDescription": "Specifies the lifecycle configuration for objects in an Amazon S3 bucket. For more information, see [Object Lifecycle Management](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html) in the *Amazon S3 User Guide* .", + "title": "LifecycleConfiguration" + }, + "LoggingConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.LoggingConfiguration", + "markdownDescription": "Settings that define where logs are stored.", + "title": "LoggingConfiguration" + }, + "MetadataConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.MetadataConfiguration", + "markdownDescription": "The S3 Metadata configuration for a general purpose bucket.", + "title": "MetadataConfiguration" + }, + "MetadataTableConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.MetadataTableConfiguration", + "markdownDescription": "The metadata table configuration of an Amazon S3 general purpose bucket.", + "title": "MetadataTableConfiguration" + }, + "MetricsConfigurations": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.MetricsConfiguration" + }, + "markdownDescription": "Specifies a metrics configuration for the CloudWatch request metrics (specified by the metrics configuration ID) from an Amazon S3 bucket. If you're updating an existing metrics configuration, note that this is a full replacement of the existing metrics configuration. If you don't include the elements you want to keep, they are erased. For more information, see [PutBucketMetricsConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTMetricConfiguration.html) .", + "title": "MetricsConfigurations", + "type": "array" + }, + "NotificationConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.NotificationConfiguration", + "markdownDescription": "Configuration that defines how Amazon S3 handles bucket notifications.", + "title": "NotificationConfiguration" + }, + "ObjectLockConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.ObjectLockConfiguration", + "markdownDescription": "> This operation is not supported for directory buckets. \n\nPlaces an Object Lock configuration on the specified bucket. The rule specified in the Object Lock configuration will be applied by default to every new object placed in the specified bucket. For more information, see [Locking Objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html) .\n\n> - The `DefaultRetention` settings require both a mode and a period.\n> - The `DefaultRetention` period can be either `Days` or `Years` but you must select one. You cannot specify `Days` and `Years` at the same time.\n> - You can enable Object Lock for new or existing buckets. For more information, see [Configuring Object Lock](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock-configure.html) .", + "title": "ObjectLockConfiguration" + }, + "ObjectLockEnabled": { + "markdownDescription": "Indicates whether this bucket has an Object Lock configuration enabled. Enable `ObjectLockEnabled` when you apply `ObjectLockConfiguration` to a bucket.", + "title": "ObjectLockEnabled", + "type": "boolean" + }, + "OwnershipControls": { + "$ref": "#/definitions/AWS::S3::Bucket.OwnershipControls", + "markdownDescription": "Configuration that defines how Amazon S3 handles Object Ownership rules.", + "title": "OwnershipControls" + }, + "PublicAccessBlockConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.PublicAccessBlockConfiguration", + "markdownDescription": "Configuration that defines how Amazon S3 handles public access.", + "title": "PublicAccessBlockConfiguration" + }, + "ReplicationConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.ReplicationConfiguration", + "markdownDescription": "Configuration for replicating objects in an S3 bucket. To enable replication, you must also enable versioning by using the `VersioningConfiguration` property.\n\nAmazon S3 can store replicated objects in a single destination bucket or multiple destination buckets. The destination bucket or buckets must already exist.", + "title": "ReplicationConfiguration" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An arbitrary set of tags (key-value pairs) for this S3 bucket.", + "title": "Tags", + "type": "array" + }, + "VersioningConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.VersioningConfiguration", + "markdownDescription": "Enables multiple versions of all objects in this bucket. You might enable versioning to prevent objects from being deleted or overwritten by mistake or to archive objects so that you can retrieve previous versions of them.\n\n> When you enable versioning on a bucket for the first time, it might take a short amount of time for the change to be fully propagated. We recommend that you wait for 15 minutes after enabling versioning before issuing write operations ( `PUT` or `DELETE` ) on objects in the bucket.", + "title": "VersioningConfiguration" + }, + "WebsiteConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.WebsiteConfiguration", + "markdownDescription": "Information used to configure the bucket as a static website. For more information, see [Hosting Websites on Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html) .", + "title": "WebsiteConfiguration" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::S3::Bucket" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::S3::Bucket.AbortIncompleteMultipartUpload": { + "additionalProperties": false, + "properties": { + "DaysAfterInitiation": { + "markdownDescription": "Specifies the number of days after which Amazon S3 stops an incomplete multipart upload.", + "title": "DaysAfterInitiation", + "type": "number" + } + }, + "required": [ + "DaysAfterInitiation" + ], + "type": "object" + }, + "AWS::S3::Bucket.AccelerateConfiguration": { + "additionalProperties": false, + "properties": { + "AccelerationStatus": { + "markdownDescription": "Specifies the transfer acceleration status of the bucket.", + "title": "AccelerationStatus", + "type": "string" + } + }, + "required": [ + "AccelerationStatus" + ], + "type": "object" + }, + "AWS::S3::Bucket.AccessControlTranslation": { + "additionalProperties": false, + "properties": { + "Owner": { + "markdownDescription": "Specifies the replica ownership. For default and valid values, see [PUT bucket replication](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTreplication.html) in the *Amazon S3 API Reference* .", + "title": "Owner", + "type": "string" + } + }, + "required": [ + "Owner" + ], + "type": "object" + }, + "AWS::S3::Bucket.AnalyticsConfiguration": { + "additionalProperties": false, + "properties": { + "Id": { + "markdownDescription": "The ID that identifies the analytics configuration.", + "title": "Id", + "type": "string" + }, + "Prefix": { + "markdownDescription": "The prefix that an object must have to be included in the analytics results.", + "title": "Prefix", + "type": "string" + }, + "StorageClassAnalysis": { + "$ref": "#/definitions/AWS::S3::Bucket.StorageClassAnalysis", + "markdownDescription": "Contains data related to access patterns to be collected and made available to analyze the tradeoffs between different storage classes.", + "title": "StorageClassAnalysis" + }, + "TagFilters": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.TagFilter" + }, + "markdownDescription": "The tags to use when evaluating an analytics filter.\n\nThe analytics only includes objects that meet the filter's criteria. If no filter is specified, all of the contents of the bucket are included in the analysis.", + "title": "TagFilters", + "type": "array" + } + }, + "required": [ + "Id", + "StorageClassAnalysis" + ], + "type": "object" + }, + "AWS::S3::Bucket.BucketEncryption": { + "additionalProperties": false, + "properties": { + "ServerSideEncryptionConfiguration": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.ServerSideEncryptionRule" + }, + "markdownDescription": "Specifies the default server-side-encryption configuration.", + "title": "ServerSideEncryptionConfiguration", + "type": "array" + } + }, + "required": [ + "ServerSideEncryptionConfiguration" + ], + "type": "object" + }, + "AWS::S3::Bucket.CorsConfiguration": { + "additionalProperties": false, + "properties": { + "CorsRules": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.CorsRule" + }, + "markdownDescription": "A set of origins and methods (cross-origin access that you want to allow). You can add up to 100 rules to the configuration.", + "title": "CorsRules", + "type": "array" + } + }, + "required": [ + "CorsRules" + ], + "type": "object" + }, + "AWS::S3::Bucket.CorsRule": { + "additionalProperties": false, + "properties": { + "AllowedHeaders": { + "items": { + "type": "string" + }, + "markdownDescription": "Headers that are specified in the `Access-Control-Request-Headers` header. These headers are allowed in a preflight OPTIONS request. In response to any preflight OPTIONS request, Amazon S3 returns any requested headers that are allowed.", + "title": "AllowedHeaders", + "type": "array" + }, + "AllowedMethods": { + "items": { + "type": "string" + }, + "markdownDescription": "An HTTP method that you allow the origin to run.\n\n*Allowed values* : `GET` | `PUT` | `HEAD` | `POST` | `DELETE`", + "title": "AllowedMethods", + "type": "array" + }, + "AllowedOrigins": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more origins you want customers to be able to access the bucket from.", + "title": "AllowedOrigins", + "type": "array" + }, + "ExposedHeaders": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript `XMLHttpRequest` object).", + "title": "ExposedHeaders", + "type": "array" + }, + "Id": { + "markdownDescription": "A unique identifier for this rule. The value must be no more than 255 characters.", + "title": "Id", + "type": "string" + }, + "MaxAge": { + "markdownDescription": "The time in seconds that your browser is to cache the preflight response for the specified resource.", + "title": "MaxAge", + "type": "number" + } + }, + "required": [ + "AllowedMethods", + "AllowedOrigins" + ], + "type": "object" + }, + "AWS::S3::Bucket.DataExport": { + "additionalProperties": false, + "properties": { + "Destination": { + "$ref": "#/definitions/AWS::S3::Bucket.Destination", + "markdownDescription": "The place to store the data for an analysis.", + "title": "Destination" + }, + "OutputSchemaVersion": { + "markdownDescription": "The version of the output schema to use when exporting data. Must be `V_1` .", + "title": "OutputSchemaVersion", + "type": "string" + } + }, + "required": [ + "Destination", + "OutputSchemaVersion" + ], + "type": "object" + }, + "AWS::S3::Bucket.DefaultRetention": { + "additionalProperties": false, + "properties": { + "Days": { + "markdownDescription": "The number of days that you want to specify for the default retention period. If Object Lock is turned on, you must specify `Mode` and specify either `Days` or `Years` .", + "title": "Days", + "type": "number" + }, + "Mode": { + "markdownDescription": "The default Object Lock retention mode you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, you must specify `Mode` and specify either `Days` or `Years` .", + "title": "Mode", + "type": "string" + }, + "Years": { + "markdownDescription": "The number of years that you want to specify for the default retention period. If Object Lock is turned on, you must specify `Mode` and specify either `Days` or `Years` .", + "title": "Years", + "type": "number" + } + }, + "type": "object" + }, + "AWS::S3::Bucket.DeleteMarkerReplication": { + "additionalProperties": false, + "properties": { + "Status": { + "markdownDescription": "Indicates whether to replicate delete markers. Disabled by default.", + "title": "Status", + "type": "string" + } + }, + "type": "object" + }, + "AWS::S3::Bucket.Destination": { + "additionalProperties": false, + "properties": { + "BucketAccountId": { + "markdownDescription": "The account ID that owns the destination S3 bucket. If no account ID is provided, the owner is not validated before exporting data.\n\n> Although this value is optional, we strongly recommend that you set it to help prevent problems if the destination bucket ownership changes.", + "title": "BucketAccountId", + "type": "string" + }, + "BucketArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the bucket to which data is exported.", + "title": "BucketArn", + "type": "string" + }, + "Format": { + "markdownDescription": "Specifies the file format used when exporting data to Amazon S3.\n\n*Allowed values* : `CSV` | `ORC` | `Parquet`", + "title": "Format", + "type": "string" + }, + "Prefix": { + "markdownDescription": "The prefix to use when exporting data. The prefix is prepended to all results.", + "title": "Prefix", + "type": "string" + } + }, + "required": [ + "BucketArn", + "Format" + ], + "type": "object" + }, + "AWS::S3::Bucket.EncryptionConfiguration": { + "additionalProperties": false, + "properties": { + "ReplicaKmsKeyID": { + "markdownDescription": "Specifies the ID (Key ARN or Alias ARN) of the customer managed AWS KMS key stored in AWS Key Management Service (KMS) for the destination bucket. Amazon S3 uses this key to encrypt replica objects. Amazon S3 only supports symmetric encryption KMS keys. For more information, see [Asymmetric keys in AWS KMS](https://docs.aws.amazon.com//kms/latest/developerguide/symmetric-asymmetric.html) in the *AWS Key Management Service Developer Guide* .", + "title": "ReplicaKmsKeyID", + "type": "string" + } + }, + "required": [ + "ReplicaKmsKeyID" + ], + "type": "object" + }, + "AWS::S3::Bucket.EventBridgeConfiguration": { + "additionalProperties": false, + "properties": { + "EventBridgeEnabled": { + "markdownDescription": "Enables delivery of events to Amazon EventBridge.", + "title": "EventBridgeEnabled", + "type": "boolean" + } + }, + "required": [ + "EventBridgeEnabled" + ], + "type": "object" + }, + "AWS::S3::Bucket.FilterRule": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The object key name prefix or suffix identifying one or more objects to which the filtering rule applies. The maximum length is 1,024 characters. Overlapping prefixes and suffixes are not supported. For more information, see [Configuring Event Notifications](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide* .", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The value that the filter searches for in object key names.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Name", + "Value" + ], + "type": "object" + }, + "AWS::S3::Bucket.IntelligentTieringConfiguration": { + "additionalProperties": false, + "properties": { + "Id": { + "markdownDescription": "The ID used to identify the S3 Intelligent-Tiering configuration.", + "title": "Id", + "type": "string" + }, + "Prefix": { + "markdownDescription": "An object key name prefix that identifies the subset of objects to which the rule applies.", + "title": "Prefix", + "type": "string" + }, + "Status": { + "markdownDescription": "Specifies the status of the configuration.", + "title": "Status", + "type": "string" + }, + "TagFilters": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.TagFilter" + }, + "markdownDescription": "A container for a key-value pair.", + "title": "TagFilters", + "type": "array" + }, + "Tierings": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.Tiering" + }, + "markdownDescription": "Specifies a list of S3 Intelligent-Tiering storage class tiers in the configuration. At least one tier must be defined in the list. At most, you can specify two tiers in the list, one for each available AccessTier: `ARCHIVE_ACCESS` and `DEEP_ARCHIVE_ACCESS` .\n\n> You only need Intelligent Tiering Configuration enabled on a bucket if you want to automatically move objects stored in the Intelligent-Tiering storage class to Archive Access or Deep Archive Access tiers.", + "title": "Tierings", + "type": "array" + } + }, + "required": [ + "Id", + "Status", + "Tierings" + ], + "type": "object" + }, + "AWS::S3::Bucket.InventoryConfiguration": { + "additionalProperties": false, + "properties": { + "Destination": { + "$ref": "#/definitions/AWS::S3::Bucket.Destination", + "markdownDescription": "Contains information about where to publish the inventory results.", + "title": "Destination" + }, + "Enabled": { + "markdownDescription": "Specifies whether the inventory is enabled or disabled. If set to `True` , an inventory list is generated. If set to `False` , no inventory list is generated.", + "title": "Enabled", + "type": "boolean" + }, + "Id": { + "markdownDescription": "The ID used to identify the inventory configuration.", + "title": "Id", + "type": "string" + }, + "IncludedObjectVersions": { + "markdownDescription": "Object versions to include in the inventory list. If set to `All` , the list includes all the object versions, which adds the version-related fields `VersionId` , `IsLatest` , and `DeleteMarker` to the list. If set to `Current` , the list does not contain these version-related fields.", + "title": "IncludedObjectVersions", + "type": "string" + }, + "OptionalFields": { + "items": { + "type": "string" + }, + "markdownDescription": "Contains the optional fields that are included in the inventory results.", + "title": "OptionalFields", + "type": "array" + }, + "Prefix": { + "markdownDescription": "Specifies the inventory filter prefix.", + "title": "Prefix", + "type": "string" + }, + "ScheduleFrequency": { + "markdownDescription": "Specifies the schedule for generating inventory results.", + "title": "ScheduleFrequency", + "type": "string" + } + }, + "required": [ + "Destination", + "Enabled", + "Id", + "IncludedObjectVersions", + "ScheduleFrequency" + ], + "type": "object" + }, + "AWS::S3::Bucket.InventoryTableConfiguration": { + "additionalProperties": false, + "properties": { + "ConfigurationState": { + "markdownDescription": "The configuration state of the inventory table, indicating whether the inventory table is enabled or disabled.", + "title": "ConfigurationState", + "type": "string" + }, + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.MetadataTableEncryptionConfiguration", + "markdownDescription": "The encryption configuration for the inventory table.", + "title": "EncryptionConfiguration" + }, + "TableArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the inventory table.", + "title": "TableArn", + "type": "string" + }, + "TableName": { + "markdownDescription": "The name of the inventory table.", + "title": "TableName", + "type": "string" + } + }, + "required": [ + "ConfigurationState" + ], + "type": "object" + }, + "AWS::S3::Bucket.JournalTableConfiguration": { + "additionalProperties": false, + "properties": { + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.MetadataTableEncryptionConfiguration", + "markdownDescription": "The encryption configuration for the journal table.", + "title": "EncryptionConfiguration" + }, + "RecordExpiration": { + "$ref": "#/definitions/AWS::S3::Bucket.RecordExpiration", + "markdownDescription": "The journal table record expiration settings for the journal table.", + "title": "RecordExpiration" + }, + "TableArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the journal table.", + "title": "TableArn", + "type": "string" + }, + "TableName": { + "markdownDescription": "The name of the journal table.", + "title": "TableName", + "type": "string" + } + }, + "required": [ + "RecordExpiration" + ], + "type": "object" + }, + "AWS::S3::Bucket.LambdaConfiguration": { + "additionalProperties": false, + "properties": { + "Event": { + "markdownDescription": "The Amazon S3 bucket event for which to invoke the AWS Lambda function. For more information, see [Supported Event Types](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide* .", + "title": "Event", + "type": "string" + }, + "Filter": { + "$ref": "#/definitions/AWS::S3::Bucket.NotificationFilter", + "markdownDescription": "The filtering rules that determine which objects invoke the AWS Lambda function. For example, you can create a filter so that only image files with a `.jpg` extension invoke the function when they are added to the Amazon S3 bucket.", + "title": "Filter" + }, + "Function": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Lambda function that Amazon S3 invokes when the specified event type occurs.", + "title": "Function", + "type": "string" + } + }, + "required": [ + "Event", + "Function" + ], + "type": "object" + }, + "AWS::S3::Bucket.LifecycleConfiguration": { + "additionalProperties": false, + "properties": { + "Rules": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.Rule" + }, + "markdownDescription": "A lifecycle rule for individual objects in an Amazon S3 bucket.", + "title": "Rules", + "type": "array" + }, + "TransitionDefaultMinimumObjectSize": { + "markdownDescription": "Indicates which default minimum object size behavior is applied to the lifecycle configuration.\n\n> This parameter applies to general purpose buckets only. It isn't supported for directory bucket lifecycle configurations. \n\n- `all_storage_classes_128K` - Objects smaller than 128 KB will not transition to any storage class by default.\n- `varies_by_storage_class` - Objects smaller than 128 KB will transition to Glacier Flexible Retrieval or Glacier Deep Archive storage classes. By default, all other storage classes will prevent transitions smaller than 128 KB.\n\nTo customize the minimum object size for any transition you can add a filter that specifies a custom `ObjectSizeGreaterThan` or `ObjectSizeLessThan` in the body of your transition rule. Custom filters always take precedence over the default transition behavior.", + "title": "TransitionDefaultMinimumObjectSize", + "type": "string" + } + }, + "required": [ + "Rules" + ], + "type": "object" + }, + "AWS::S3::Bucket.LoggingConfiguration": { + "additionalProperties": false, + "properties": { + "DestinationBucketName": { + "markdownDescription": "The name of the bucket where Amazon S3 should store server access log files. You can store log files in any bucket that you own. By default, logs are stored in the bucket where the `LoggingConfiguration` property is defined.", + "title": "DestinationBucketName", + "type": "string" + }, + "LogFilePrefix": { + "markdownDescription": "A prefix for all log object keys. If you store log files from multiple Amazon S3 buckets in a single bucket, you can use a prefix to distinguish which log files came from which bucket.", + "title": "LogFilePrefix", + "type": "string" + }, + "TargetObjectKeyFormat": { + "$ref": "#/definitions/AWS::S3::Bucket.TargetObjectKeyFormat", + "markdownDescription": "Amazon S3 key format for log objects. Only one format, either PartitionedPrefix or SimplePrefix, is allowed.", + "title": "TargetObjectKeyFormat" + } + }, + "type": "object" + }, + "AWS::S3::Bucket.MetadataConfiguration": { + "additionalProperties": false, + "properties": { + "Destination": { + "$ref": "#/definitions/AWS::S3::Bucket.MetadataDestination", + "markdownDescription": "The destination information for the S3 Metadata configuration.", + "title": "Destination" + }, + "InventoryTableConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.InventoryTableConfiguration", + "markdownDescription": "The inventory table configuration for a metadata configuration.", + "title": "InventoryTableConfiguration" + }, + "JournalTableConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.JournalTableConfiguration", + "markdownDescription": "The journal table configuration for a metadata configuration.", + "title": "JournalTableConfiguration" + } + }, + "required": [ + "JournalTableConfiguration" + ], + "type": "object" + }, + "AWS::S3::Bucket.MetadataDestination": { + "additionalProperties": false, + "properties": { + "TableBucketArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the table bucket where the metadata configuration is stored.", + "title": "TableBucketArn", + "type": "string" + }, + "TableBucketType": { + "markdownDescription": "The type of the table bucket where the metadata configuration is stored. The `aws` value indicates an AWS managed table bucket, and the `customer` value indicates a customer-managed table bucket. V2 metadata configurations are stored in AWS managed table buckets, and V1 metadata configurations are stored in customer-managed table buckets.", + "title": "TableBucketType", + "type": "string" + }, + "TableNamespace": { + "markdownDescription": "The namespace in the table bucket where the metadata tables for a metadata configuration are stored.", + "title": "TableNamespace", + "type": "string" + } + }, + "required": [ + "TableBucketType" + ], + "type": "object" + }, + "AWS::S3::Bucket.MetadataTableConfiguration": { + "additionalProperties": false, + "properties": { + "S3TablesDestination": { + "$ref": "#/definitions/AWS::S3::Bucket.S3TablesDestination", + "markdownDescription": "The destination information for the metadata table configuration. The destination table bucket must be in the same Region and AWS account as the general purpose bucket. The specified metadata table name must be unique within the `aws_s3_metadata` namespace in the destination table bucket.", + "title": "S3TablesDestination" + } + }, + "required": [ + "S3TablesDestination" + ], + "type": "object" + }, + "AWS::S3::Bucket.MetadataTableEncryptionConfiguration": { + "additionalProperties": false, + "properties": { + "KmsKeyArn": { + "markdownDescription": "If server-side encryption with AWS Key Management Service ( AWS KMS ) keys (SSE-KMS) is specified, you must also specify the KMS key Amazon Resource Name (ARN). You must specify a customer-managed KMS key that's located in the same Region as the general purpose bucket that corresponds to the metadata table configuration.", + "title": "KmsKeyArn", + "type": "string" + }, + "SseAlgorithm": { + "markdownDescription": "The encryption type specified for a metadata table. To specify server-side encryption with AWS Key Management Service ( AWS KMS ) keys (SSE-KMS), use the `aws:kms` value. To specify server-side encryption with Amazon S3 managed keys (SSE-S3), use the `AES256` value.", + "title": "SseAlgorithm", + "type": "string" + } + }, + "required": [ + "SseAlgorithm" + ], + "type": "object" + }, + "AWS::S3::Bucket.Metrics": { + "additionalProperties": false, + "properties": { + "EventThreshold": { + "$ref": "#/definitions/AWS::S3::Bucket.ReplicationTimeValue", + "markdownDescription": "A container specifying the time threshold for emitting the `s3:Replication:OperationMissedThreshold` event.", + "title": "EventThreshold" + }, + "Status": { + "markdownDescription": "Specifies whether the replication metrics are enabled.", + "title": "Status", + "type": "string" + } + }, + "required": [ + "Status" + ], + "type": "object" + }, + "AWS::S3::Bucket.MetricsConfiguration": { + "additionalProperties": false, + "properties": { + "AccessPointArn": { + "markdownDescription": "The access point that was used while performing operations on the object. The metrics configuration only includes objects that meet the filter's criteria.", + "title": "AccessPointArn", + "type": "string" + }, + "Id": { + "markdownDescription": "The ID used to identify the metrics configuration. This can be any value you choose that helps you identify your metrics configuration.", + "title": "Id", + "type": "string" + }, + "Prefix": { + "markdownDescription": "The prefix that an object must have to be included in the metrics results.", + "title": "Prefix", + "type": "string" + }, + "TagFilters": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.TagFilter" + }, + "markdownDescription": "Specifies a list of tag filters to use as a metrics configuration filter. The metrics configuration includes only objects that meet the filter's criteria.", + "title": "TagFilters", + "type": "array" + } + }, + "required": [ + "Id" + ], + "type": "object" + }, + "AWS::S3::Bucket.NoncurrentVersionExpiration": { + "additionalProperties": false, + "properties": { + "NewerNoncurrentVersions": { + "markdownDescription": "Specifies how many noncurrent versions Amazon S3 will retain. If there are this many more recent noncurrent versions, Amazon S3 will take the associated action. For more information about noncurrent versions, see [Lifecycle configuration elements](https://docs.aws.amazon.com/AmazonS3/latest/userguide/intro-lifecycle-rules.html) in the *Amazon S3 User Guide* .", + "title": "NewerNoncurrentVersions", + "type": "number" + }, + "NoncurrentDays": { + "markdownDescription": "Specifies the number of days an object is noncurrent before Amazon S3 can perform the associated action. For information about the noncurrent days calculations, see [How Amazon S3 Calculates When an Object Became Noncurrent](https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecycle-rules.html#non-current-days-calculations) in the *Amazon S3 User Guide* .", + "title": "NoncurrentDays", + "type": "number" + } + }, + "required": [ + "NoncurrentDays" + ], + "type": "object" + }, + "AWS::S3::Bucket.NoncurrentVersionTransition": { + "additionalProperties": false, + "properties": { + "NewerNoncurrentVersions": { + "markdownDescription": "Specifies how many noncurrent versions Amazon S3 will retain. If there are this many more recent noncurrent versions, Amazon S3 will take the associated action. For more information about noncurrent versions, see [Lifecycle configuration elements](https://docs.aws.amazon.com/AmazonS3/latest/userguide/intro-lifecycle-rules.html) in the *Amazon S3 User Guide* .", + "title": "NewerNoncurrentVersions", + "type": "number" + }, + "StorageClass": { + "markdownDescription": "The class of storage used to store the object.", + "title": "StorageClass", + "type": "string" + }, + "TransitionInDays": { + "markdownDescription": "Specifies the number of days an object is noncurrent before Amazon S3 can perform the associated action. For information about the noncurrent days calculations, see [How Amazon S3 Calculates How Long an Object Has Been Noncurrent](https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecycle-rules.html#non-current-days-calculations) in the *Amazon S3 User Guide* .", + "title": "TransitionInDays", + "type": "number" + } + }, + "required": [ + "StorageClass", + "TransitionInDays" + ], + "type": "object" + }, + "AWS::S3::Bucket.NotificationConfiguration": { + "additionalProperties": false, + "properties": { + "EventBridgeConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.EventBridgeConfiguration", + "markdownDescription": "Enables delivery of events to Amazon EventBridge.", + "title": "EventBridgeConfiguration" + }, + "LambdaConfigurations": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.LambdaConfiguration" + }, + "markdownDescription": "Describes the AWS Lambda functions to invoke and the events for which to invoke them.", + "title": "LambdaConfigurations", + "type": "array" + }, + "QueueConfigurations": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.QueueConfiguration" + }, + "markdownDescription": "The Amazon Simple Queue Service queues to publish messages to and the events for which to publish messages.", + "title": "QueueConfigurations", + "type": "array" + }, + "TopicConfigurations": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.TopicConfiguration" + }, + "markdownDescription": "The topic to which notifications are sent and the events for which notifications are generated.", + "title": "TopicConfigurations", + "type": "array" + } + }, + "type": "object" + }, + "AWS::S3::Bucket.NotificationFilter": { + "additionalProperties": false, + "properties": { + "S3Key": { + "$ref": "#/definitions/AWS::S3::Bucket.S3KeyFilter", + "markdownDescription": "A container for object key name prefix and suffix filtering rules.", + "title": "S3Key" + } + }, + "required": [ + "S3Key" + ], + "type": "object" + }, + "AWS::S3::Bucket.ObjectLockConfiguration": { + "additionalProperties": false, + "properties": { + "ObjectLockEnabled": { + "markdownDescription": "Indicates whether this bucket has an Object Lock configuration enabled. Enable `ObjectLockEnabled` when you apply `ObjectLockConfiguration` to a bucket.", + "title": "ObjectLockEnabled", + "type": "string" + }, + "Rule": { + "$ref": "#/definitions/AWS::S3::Bucket.ObjectLockRule", + "markdownDescription": "Specifies the Object Lock rule for the specified object. Enable this rule when you apply `ObjectLockConfiguration` to a bucket. If Object Lock is turned on, bucket settings require both `Mode` and a period of either `Days` or `Years` . You cannot specify `Days` and `Years` at the same time. For more information, see [ObjectLockRule](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-objectlockrule.html) and [DefaultRetention](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-defaultretention.html) .", + "title": "Rule" + } + }, + "type": "object" + }, + "AWS::S3::Bucket.ObjectLockRule": { + "additionalProperties": false, + "properties": { + "DefaultRetention": { + "$ref": "#/definitions/AWS::S3::Bucket.DefaultRetention", + "markdownDescription": "The default Object Lock retention mode and period that you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, bucket settings require both `Mode` and a period of either `Days` or `Years` . You cannot specify `Days` and `Years` at the same time. For more information about allowable values for mode and period, see [DefaultRetention](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-defaultretention.html) .", + "title": "DefaultRetention" + } + }, + "type": "object" + }, + "AWS::S3::Bucket.OwnershipControls": { + "additionalProperties": false, + "properties": { + "Rules": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.OwnershipControlsRule" + }, + "markdownDescription": "Specifies the container element for Object Ownership rules.", + "title": "Rules", + "type": "array" + } + }, + "required": [ + "Rules" + ], + "type": "object" + }, + "AWS::S3::Bucket.OwnershipControlsRule": { + "additionalProperties": false, + "properties": { + "ObjectOwnership": { + "markdownDescription": "Specifies an object ownership rule.", + "title": "ObjectOwnership", + "type": "string" + } + }, + "type": "object" + }, + "AWS::S3::Bucket.PartitionedPrefix": { + "additionalProperties": false, + "properties": { + "PartitionDateSource": { + "markdownDescription": "Specifies the partition date source for the partitioned prefix. `PartitionDateSource` can be `EventTime` or `DeliveryTime` .\n\nFor `DeliveryTime` , the time in the log file names corresponds to the delivery time for the log files.\n\nFor `EventTime` , The logs delivered are for a specific day only. The year, month, and day correspond to the day on which the event occurred, and the hour, minutes and seconds are set to 00 in the key.", + "title": "PartitionDateSource", + "type": "string" + } + }, + "type": "object" + }, + "AWS::S3::Bucket.PublicAccessBlockConfiguration": { + "additionalProperties": false, + "properties": { + "BlockPublicAcls": { + "markdownDescription": "Specifies whether Amazon S3 should block public access control lists (ACLs) for this bucket and objects in this bucket. Setting this element to `TRUE` causes the following behavior:\n\n- PUT Bucket ACL and PUT Object ACL calls fail if the specified ACL is public.\n- PUT Object calls fail if the request includes a public ACL.\n- PUT Bucket calls fail if the request includes a public ACL.\n\nEnabling this setting doesn't affect existing policies or ACLs.", + "title": "BlockPublicAcls", + "type": "boolean" + }, + "BlockPublicPolicy": { + "markdownDescription": "Specifies whether Amazon S3 should block public bucket policies for this bucket. Setting this element to `TRUE` causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.\n\nEnabling this setting doesn't affect existing bucket policies.", + "title": "BlockPublicPolicy", + "type": "boolean" + }, + "IgnorePublicAcls": { + "markdownDescription": "Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects in this bucket. Setting this element to `TRUE` causes Amazon S3 to ignore all public ACLs on this bucket and objects in this bucket.\n\nEnabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.", + "title": "IgnorePublicAcls", + "type": "boolean" + }, + "RestrictPublicBuckets": { + "markdownDescription": "Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to `TRUE` restricts access to this bucket to only AWS service principals and authorized users within this account if the bucket has a public policy.\n\nEnabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.", + "title": "RestrictPublicBuckets", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::S3::Bucket.QueueConfiguration": { + "additionalProperties": false, + "properties": { + "Event": { + "markdownDescription": "The Amazon S3 bucket event about which you want to publish messages to Amazon SQS. For more information, see [Supported Event Types](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide* .", + "title": "Event", + "type": "string" + }, + "Filter": { + "$ref": "#/definitions/AWS::S3::Bucket.NotificationFilter", + "markdownDescription": "The filtering rules that determine which objects trigger notifications. For example, you can create a filter so that Amazon S3 sends notifications only when image files with a `.jpg` extension are added to the bucket. For more information, see [Configuring event notifications using object key name filtering](https://docs.aws.amazon.com/AmazonS3/latest/user-guide/notification-how-to-filtering.html) in the *Amazon S3 User Guide* .", + "title": "Filter" + }, + "Queue": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SQS queue to which Amazon S3 publishes a message when it detects events of the specified type. FIFO queues are not allowed when enabling an SQS queue as the event notification destination.", + "title": "Queue", + "type": "string" + } + }, + "required": [ + "Event", + "Queue" + ], + "type": "object" + }, + "AWS::S3::Bucket.RecordExpiration": { + "additionalProperties": false, + "properties": { + "Days": { + "markdownDescription": "If you enable journal table record expiration, you can set the number of days to retain your journal table records. Journal table records must be retained for a minimum of 7 days. To set this value, specify any whole number from `7` to `2147483647` . For example, to retain your journal table records for one year, set this value to `365` .", + "title": "Days", + "type": "number" + }, + "Expiration": { + "markdownDescription": "Specifies whether journal table record expiration is enabled or disabled.", + "title": "Expiration", + "type": "string" + } + }, + "required": [ + "Expiration" + ], + "type": "object" + }, + "AWS::S3::Bucket.RedirectAllRequestsTo": { + "additionalProperties": false, + "properties": { + "HostName": { + "markdownDescription": "Name of the host where requests are redirected.", + "title": "HostName", + "type": "string" + }, + "Protocol": { + "markdownDescription": "Protocol to use when redirecting requests. The default is the protocol that is used in the original request.", + "title": "Protocol", + "type": "string" + } + }, + "required": [ + "HostName" + ], + "type": "object" + }, + "AWS::S3::Bucket.RedirectRule": { + "additionalProperties": false, + "properties": { + "HostName": { + "markdownDescription": "The host name to use in the redirect request.", + "title": "HostName", + "type": "string" + }, + "HttpRedirectCode": { + "markdownDescription": "The HTTP redirect code to use on the response. Not required if one of the siblings is present.", + "title": "HttpRedirectCode", + "type": "string" + }, + "Protocol": { + "markdownDescription": "Protocol to use when redirecting requests. The default is the protocol that is used in the original request.", + "title": "Protocol", + "type": "string" + }, + "ReplaceKeyPrefixWith": { + "markdownDescription": "The object key prefix to use in the redirect request. For example, to redirect requests for all pages with prefix `docs/` (objects in the `docs/` folder) to `documents/` , you can set a condition block with `KeyPrefixEquals` set to `docs/` and in the Redirect set `ReplaceKeyPrefixWith` to `/documents` . Not required if one of the siblings is present. Can be present only if `ReplaceKeyWith` is not provided.\n\n> Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints) .", + "title": "ReplaceKeyPrefixWith", + "type": "string" + }, + "ReplaceKeyWith": { + "markdownDescription": "The specific object key to use in the redirect request. For example, redirect request to `error.html` . Not required if one of the siblings is present. Can be present only if `ReplaceKeyPrefixWith` is not provided.\n\n> Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints) .", + "title": "ReplaceKeyWith", + "type": "string" + } + }, + "type": "object" + }, + "AWS::S3::Bucket.ReplicaModifications": { + "additionalProperties": false, + "properties": { + "Status": { + "markdownDescription": "Specifies whether Amazon S3 replicates modifications on replicas.\n\n*Allowed values* : `Enabled` | `Disabled`", + "title": "Status", + "type": "string" + } + }, + "required": [ + "Status" + ], + "type": "object" + }, + "AWS::S3::Bucket.ReplicationConfiguration": { + "additionalProperties": false, + "properties": { + "Role": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that Amazon S3 assumes when replicating objects. For more information, see [How to Set Up Replication](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-how-setup.html) in the *Amazon S3 User Guide* .", + "title": "Role", + "type": "string" + }, + "Rules": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.ReplicationRule" + }, + "markdownDescription": "A container for one or more replication rules. A replication configuration must have at least one rule and can contain a maximum of 1,000 rules.", + "title": "Rules", + "type": "array" + } + }, + "required": [ + "Role", + "Rules" + ], + "type": "object" + }, + "AWS::S3::Bucket.ReplicationDestination": { + "additionalProperties": false, + "properties": { + "AccessControlTranslation": { + "$ref": "#/definitions/AWS::S3::Bucket.AccessControlTranslation", + "markdownDescription": "Specify this only in a cross-account scenario (where source and destination bucket owners are not the same), and you want to change replica ownership to the AWS account that owns the destination bucket. If this is not specified in the replication configuration, the replicas are owned by same AWS account that owns the source object.", + "title": "AccessControlTranslation" + }, + "Account": { + "markdownDescription": "Destination bucket owner account ID. In a cross-account scenario, if you direct Amazon S3 to change replica ownership to the AWS account that owns the destination bucket by specifying the `AccessControlTranslation` property, this is the account ID of the destination bucket owner. For more information, see [Cross-Region Replication Additional Configuration: Change Replica Owner](https://docs.aws.amazon.com/AmazonS3/latest/dev/crr-change-owner.html) in the *Amazon S3 User Guide* .\n\nIf you specify the `AccessControlTranslation` property, the `Account` property is required.", + "title": "Account", + "type": "string" + }, + "Bucket": { + "markdownDescription": "The Amazon Resource Name (ARN) of the bucket where you want Amazon S3 to store the results.", + "title": "Bucket", + "type": "string" + }, + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.EncryptionConfiguration", + "markdownDescription": "Specifies encryption-related information.", + "title": "EncryptionConfiguration" + }, + "Metrics": { + "$ref": "#/definitions/AWS::S3::Bucket.Metrics", + "markdownDescription": "A container specifying replication metrics-related settings enabling replication metrics and events.", + "title": "Metrics" + }, + "ReplicationTime": { + "$ref": "#/definitions/AWS::S3::Bucket.ReplicationTime", + "markdownDescription": "A container specifying S3 Replication Time Control (S3 RTC), including whether S3 RTC is enabled and the time when all objects and operations on objects must be replicated. Must be specified together with a `Metrics` block.", + "title": "ReplicationTime" + }, + "StorageClass": { + "markdownDescription": "The storage class to use when replicating objects, such as S3 Standard or reduced redundancy. By default, Amazon S3 uses the storage class of the source object to create the object replica.\n\nFor valid values, see the `StorageClass` element of the [PUT Bucket replication](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTreplication.html) action in the *Amazon S3 API Reference* .\n\n`FSX_OPENZFS` is not an accepted value when replicating objects.", + "title": "StorageClass", + "type": "string" + } + }, + "required": [ + "Bucket" + ], + "type": "object" + }, + "AWS::S3::Bucket.ReplicationRule": { + "additionalProperties": false, + "properties": { + "DeleteMarkerReplication": { + "$ref": "#/definitions/AWS::S3::Bucket.DeleteMarkerReplication", + "markdownDescription": "Specifies whether Amazon S3 replicates delete markers. If you specify a `Filter` in your replication configuration, you must also include a `DeleteMarkerReplication` element. If your `Filter` includes a `Tag` element, the `DeleteMarkerReplication` `Status` must be set to Disabled, because Amazon S3 does not support replicating delete markers for tag-based rules. For an example configuration, see [Basic Rule Configuration](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-config-min-rule-config) .\n\nFor more information about delete marker replication, see [Basic Rule Configuration](https://docs.aws.amazon.com/AmazonS3/latest/dev/delete-marker-replication.html) .\n\n> If you are using an earlier version of the replication configuration, Amazon S3 handles replication of delete markers differently. For more information, see [Backward Compatibility](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-backward-compat-considerations) .", + "title": "DeleteMarkerReplication" + }, + "Destination": { + "$ref": "#/definitions/AWS::S3::Bucket.ReplicationDestination", + "markdownDescription": "A container for information about the replication destination and its configurations including enabling the S3 Replication Time Control (S3 RTC).", + "title": "Destination" + }, + "Filter": { + "$ref": "#/definitions/AWS::S3::Bucket.ReplicationRuleFilter", + "markdownDescription": "A filter that identifies the subset of objects to which the replication rule applies. A `Filter` must specify exactly one `Prefix` , `TagFilter` , or an `And` child element. The use of the filter field indicates that this is a V2 replication configuration. This field isn't supported in a V1 replication configuration.\n\n> V1 replication configuration only supports filtering by key prefix. To filter using a V1 replication configuration, add the `Prefix` directly as a child element of the `Rule` element.", + "title": "Filter" + }, + "Id": { + "markdownDescription": "A unique identifier for the rule. The maximum value is 255 characters. If you don't specify a value, AWS CloudFormation generates a random ID. When using a V2 replication configuration this property is capitalized as \"ID\".", + "title": "Id", + "type": "string" + }, + "Prefix": { + "markdownDescription": "An object key name prefix that identifies the object or objects to which the rule applies. The maximum prefix length is 1,024 characters. To include all objects in a bucket, specify an empty string. To filter using a V1 replication configuration, add the `Prefix` directly as a child element of the `Rule` element.\n\n> Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints) .", + "title": "Prefix", + "type": "string" + }, + "Priority": { + "markdownDescription": "The priority indicates which rule has precedence whenever two or more replication rules conflict. Amazon S3 will attempt to replicate objects according to all replication rules. However, if there are two or more rules with the same destination bucket, then objects will be replicated according to the rule with the highest priority. The higher the number, the higher the priority.\n\nFor more information, see [Replication](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication.html) in the *Amazon S3 User Guide* .", + "title": "Priority", + "type": "number" + }, + "SourceSelectionCriteria": { + "$ref": "#/definitions/AWS::S3::Bucket.SourceSelectionCriteria", + "markdownDescription": "A container that describes additional filters for identifying the source objects that you want to replicate. You can choose to enable or disable the replication of these objects.", + "title": "SourceSelectionCriteria" + }, + "Status": { + "markdownDescription": "Specifies whether the rule is enabled.", + "title": "Status", + "type": "string" + } + }, + "required": [ + "Destination", + "Status" + ], + "type": "object" + }, + "AWS::S3::Bucket.ReplicationRuleAndOperator": { + "additionalProperties": false, + "properties": { + "Prefix": { + "markdownDescription": "An object key name prefix that identifies the subset of objects to which the rule applies.", + "title": "Prefix", + "type": "string" + }, + "TagFilters": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.TagFilter" + }, + "markdownDescription": "An array of tags containing key and value pairs.", + "title": "TagFilters", + "type": "array" + } + }, + "type": "object" + }, + "AWS::S3::Bucket.ReplicationRuleFilter": { + "additionalProperties": false, + "properties": { + "And": { + "$ref": "#/definitions/AWS::S3::Bucket.ReplicationRuleAndOperator", + "markdownDescription": "A container for specifying rule filters. The filters determine the subset of objects to which the rule applies. This element is required only if you specify more than one filter. For example:\n\n- If you specify both a `Prefix` and a `TagFilter` , wrap these filters in an `And` tag.\n- If you specify a filter based on multiple tags, wrap the `TagFilter` elements in an `And` tag.", + "title": "And" + }, + "Prefix": { + "markdownDescription": "An object key name prefix that identifies the subset of objects to which the rule applies.\n\n> Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints) .", + "title": "Prefix", + "type": "string" + }, + "TagFilter": { + "$ref": "#/definitions/AWS::S3::Bucket.TagFilter", + "markdownDescription": "A container for specifying a tag key and value.\n\nThe rule applies only to objects that have the tag in their tag set.", + "title": "TagFilter" + } + }, + "type": "object" + }, + "AWS::S3::Bucket.ReplicationTime": { + "additionalProperties": false, + "properties": { + "Status": { + "markdownDescription": "Specifies whether the replication time is enabled.", + "title": "Status", + "type": "string" + }, + "Time": { + "$ref": "#/definitions/AWS::S3::Bucket.ReplicationTimeValue", + "markdownDescription": "A container specifying the time by which replication should be complete for all objects and operations on objects.", + "title": "Time" + } + }, + "required": [ + "Status", + "Time" + ], + "type": "object" + }, + "AWS::S3::Bucket.ReplicationTimeValue": { + "additionalProperties": false, + "properties": { + "Minutes": { + "markdownDescription": "Contains an integer specifying time in minutes.\n\nValid value: 15", + "title": "Minutes", + "type": "number" + } + }, + "required": [ + "Minutes" + ], + "type": "object" + }, + "AWS::S3::Bucket.RoutingRule": { + "additionalProperties": false, + "properties": { + "RedirectRule": { + "$ref": "#/definitions/AWS::S3::Bucket.RedirectRule", + "markdownDescription": "Container for redirect information. You can redirect requests to another host, to another page, or with another protocol. In the event of an error, you can specify a different error code to return.", + "title": "RedirectRule" + }, + "RoutingRuleCondition": { + "$ref": "#/definitions/AWS::S3::Bucket.RoutingRuleCondition", + "markdownDescription": "A container for describing a condition that must be met for the specified redirect to apply. For example, 1. If request is for pages in the `/docs` folder, redirect to the `/documents` folder. 2. If request results in HTTP error 4xx, redirect request to another host where you might process the error.", + "title": "RoutingRuleCondition" + } + }, + "required": [ + "RedirectRule" + ], + "type": "object" + }, + "AWS::S3::Bucket.RoutingRuleCondition": { + "additionalProperties": false, + "properties": { + "HttpErrorCodeReturnedEquals": { + "markdownDescription": "The HTTP error code when the redirect is applied. In the event of an error, if the error code equals this value, then the specified redirect is applied.\n\nRequired when parent element `Condition` is specified and sibling `KeyPrefixEquals` is not specified. If both are specified, then both must be true for the redirect to be applied.", + "title": "HttpErrorCodeReturnedEquals", + "type": "string" + }, + "KeyPrefixEquals": { + "markdownDescription": "The object key name prefix when the redirect is applied. For example, to redirect requests for `ExamplePage.html` , the key prefix will be `ExamplePage.html` . To redirect request for all pages with the prefix `docs/` , the key prefix will be `docs/` , which identifies all objects in the docs/ folder.\n\nRequired when the parent element `Condition` is specified and sibling `HttpErrorCodeReturnedEquals` is not specified. If both conditions are specified, both must be true for the redirect to be applied.", + "title": "KeyPrefixEquals", + "type": "string" + } + }, + "type": "object" + }, + "AWS::S3::Bucket.Rule": { + "additionalProperties": false, + "properties": { + "AbortIncompleteMultipartUpload": { + "$ref": "#/definitions/AWS::S3::Bucket.AbortIncompleteMultipartUpload", + "markdownDescription": "Specifies a lifecycle rule that stops incomplete multipart uploads to an Amazon S3 bucket.", + "title": "AbortIncompleteMultipartUpload" + }, + "ExpirationDate": { + "markdownDescription": "Indicates when objects are deleted from Amazon S3 and Amazon S3 Glacier. The date value must be in ISO 8601 format. The time is always midnight UTC. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time.", + "title": "ExpirationDate", + "type": "string" + }, + "ExpirationInDays": { + "markdownDescription": "Indicates the number of days after creation when objects are deleted from Amazon S3 and Amazon S3 Glacier. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time.", + "title": "ExpirationInDays", + "type": "number" + }, + "ExpiredObjectDeleteMarker": { + "markdownDescription": "Indicates whether Amazon S3 will remove a delete marker without any noncurrent versions. If set to true, the delete marker will be removed if there are no noncurrent versions. This cannot be specified with `ExpirationInDays` , `ExpirationDate` , or `TagFilters` .", + "title": "ExpiredObjectDeleteMarker", + "type": "boolean" + }, + "Id": { + "markdownDescription": "Unique identifier for the rule. The value can't be longer than 255 characters.", + "title": "Id", + "type": "string" + }, + "NoncurrentVersionExpiration": { + "$ref": "#/definitions/AWS::S3::Bucket.NoncurrentVersionExpiration", + "markdownDescription": "Specifies when noncurrent object versions expire. Upon expiration, Amazon S3 permanently deletes the noncurrent object versions. You set this lifecycle configuration action on a bucket that has versioning enabled (or suspended) to request that Amazon S3 delete noncurrent object versions at a specific period in the object's lifetime.", + "title": "NoncurrentVersionExpiration" + }, + "NoncurrentVersionExpirationInDays": { + "markdownDescription": "(Deprecated.) For buckets with versioning enabled (or suspended), specifies the time, in days, between when a new version of the object is uploaded to the bucket and when old versions of the object expire. When object versions expire, Amazon S3 permanently deletes them. If you specify a transition and expiration time, the expiration time must be later than the transition time.", + "title": "NoncurrentVersionExpirationInDays", + "type": "number" + }, + "NoncurrentVersionTransition": { + "$ref": "#/definitions/AWS::S3::Bucket.NoncurrentVersionTransition", + "markdownDescription": "(Deprecated.) For buckets with versioning enabled (or suspended), specifies when non-current objects transition to a specified storage class. If you specify a transition and expiration time, the expiration time must be later than the transition time. If you specify this property, don't specify the `NoncurrentVersionTransitions` property.", + "title": "NoncurrentVersionTransition" + }, + "NoncurrentVersionTransitions": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.NoncurrentVersionTransition" + }, + "markdownDescription": "For buckets with versioning enabled (or suspended), one or more transition rules that specify when non-current objects transition to a specified storage class. If you specify a transition and expiration time, the expiration time must be later than the transition time. If you specify this property, don't specify the `NoncurrentVersionTransition` property.", + "title": "NoncurrentVersionTransitions", + "type": "array" + }, + "ObjectSizeGreaterThan": { + "markdownDescription": "Specifies the minimum object size in bytes for this rule to apply to. Objects must be larger than this value in bytes. For more information about size based rules, see [Lifecycle configuration using size-based rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-configuration-examples.html#lc-size-rules) in the *Amazon S3 User Guide* .", + "title": "ObjectSizeGreaterThan", + "type": "string" + }, + "ObjectSizeLessThan": { + "markdownDescription": "Specifies the maximum object size in bytes for this rule to apply to. Objects must be smaller than this value in bytes. For more information about sized based rules, see [Lifecycle configuration using size-based rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-configuration-examples.html#lc-size-rules) in the *Amazon S3 User Guide* .", + "title": "ObjectSizeLessThan", + "type": "string" + }, + "Prefix": { + "markdownDescription": "Object key prefix that identifies one or more objects to which this rule applies.\n\n> Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints) .", + "title": "Prefix", + "type": "string" + }, + "Status": { + "markdownDescription": "If `Enabled` , the rule is currently being applied. If `Disabled` , the rule is not currently being applied.", + "title": "Status", + "type": "string" + }, + "TagFilters": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.TagFilter" + }, + "markdownDescription": "Tags to use to identify a subset of objects to which the lifecycle rule applies.", + "title": "TagFilters", + "type": "array" + }, + "Transition": { + "$ref": "#/definitions/AWS::S3::Bucket.Transition", + "markdownDescription": "(Deprecated.) Specifies when an object transitions to a specified storage class. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time. If you specify this property, don't specify the `Transitions` property.", + "title": "Transition" + }, + "Transitions": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.Transition" + }, + "markdownDescription": "One or more transition rules that specify when an object transitions to a specified storage class. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time. If you specify this property, don't specify the `Transition` property.", + "title": "Transitions", + "type": "array" + } + }, + "required": [ + "Status" + ], + "type": "object" + }, + "AWS::S3::Bucket.S3KeyFilter": { + "additionalProperties": false, + "properties": { + "Rules": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.FilterRule" + }, + "markdownDescription": "A list of containers for the key-value pair that defines the criteria for the filter rule.", + "title": "Rules", + "type": "array" + } + }, + "required": [ + "Rules" + ], + "type": "object" + }, + "AWS::S3::Bucket.S3TablesDestination": { + "additionalProperties": false, + "properties": { + "TableArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the metadata table in the metadata table configuration. The specified metadata table name must be unique within the `aws_s3_metadata` namespace in the destination table bucket.", + "title": "TableArn", + "type": "string" + }, + "TableBucketArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the table bucket that's specified as the destination in the metadata table configuration. The destination table bucket must be in the same Region and AWS account as the general purpose bucket.", + "title": "TableBucketArn", + "type": "string" + }, + "TableName": { + "markdownDescription": "The name for the metadata table in your metadata table configuration. The specified metadata table name must be unique within the `aws_s3_metadata` namespace in the destination table bucket.", + "title": "TableName", + "type": "string" + }, + "TableNamespace": { + "markdownDescription": "The table bucket namespace for the metadata table in your metadata table configuration. This value is always `aws_s3_metadata` .", + "title": "TableNamespace", + "type": "string" + } + }, + "required": [ + "TableBucketArn", + "TableName" + ], + "type": "object" + }, + "AWS::S3::Bucket.ServerSideEncryptionByDefault": { + "additionalProperties": false, + "properties": { + "KMSMasterKeyID": { + "markdownDescription": "AWS Key Management Service (KMS) customer managed key ID to use for the default encryption.\n\n> - *General purpose buckets* - This parameter is allowed if and only if `SSEAlgorithm` is set to `aws:kms` or `aws:kms:dsse` .\n> - *Directory buckets* - This parameter is allowed if and only if `SSEAlgorithm` is set to `aws:kms` . \n\nYou can specify the key ID, key alias, or the Amazon Resource Name (ARN) of the KMS key.\n\n- Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key ARN: `arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key Alias: `alias/alias-name`\n\nIf you are using encryption with cross-account or AWS service operations, you must use a fully qualified KMS key ARN. For more information, see [Using encryption for cross-account operations](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html#bucket-encryption-update-bucket-policy) .\n\n> - *General purpose buckets* - If you're specifying a customer managed KMS key, we recommend using a fully qualified KMS key ARN. If you use a KMS key alias instead, then AWS KMS resolves the key within the requester\u2019s account. This behavior can result in data that's encrypted with a KMS key that belongs to the requester, and not the bucket owner. Also, if you use a key ID, you can run into a LogDestination undeliverable error when creating a VPC flow log.\n> - *Directory buckets* - When you specify an [AWS KMS customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk) for encryption in your directory bucket, only use the key ID or key ARN. The key alias format of the KMS key isn't supported. > Amazon S3 only supports symmetric encryption KMS keys. For more information, see [Asymmetric keys in AWS KMS](https://docs.aws.amazon.com//kms/latest/developerguide/symmetric-asymmetric.html) in the *AWS Key Management Service Developer Guide* .", + "title": "KMSMasterKeyID", + "type": "string" + }, + "SSEAlgorithm": { + "markdownDescription": "Server-side encryption algorithm to use for the default encryption.\n\n> For directory buckets, there are only two supported values for server-side encryption: `AES256` and `aws:kms` .", + "title": "SSEAlgorithm", + "type": "string" + } + }, + "required": [ + "SSEAlgorithm" + ], + "type": "object" + }, + "AWS::S3::Bucket.ServerSideEncryptionRule": { + "additionalProperties": false, + "properties": { + "BucketKeyEnabled": { + "markdownDescription": "Specifies whether Amazon S3 should use an S3 Bucket Key with server-side encryption using KMS (SSE-KMS) for new objects in the bucket. Existing objects are not affected. Setting the `BucketKeyEnabled` element to `true` causes Amazon S3 to use an S3 Bucket Key. By default, S3 Bucket Key is not enabled.\n\nFor more information, see [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) in the *Amazon S3 User Guide* .", + "title": "BucketKeyEnabled", + "type": "boolean" + }, + "ServerSideEncryptionByDefault": { + "$ref": "#/definitions/AWS::S3::Bucket.ServerSideEncryptionByDefault", + "markdownDescription": "Specifies the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied.", + "title": "ServerSideEncryptionByDefault" + } + }, + "type": "object" + }, + "AWS::S3::Bucket.SourceSelectionCriteria": { + "additionalProperties": false, + "properties": { + "ReplicaModifications": { + "$ref": "#/definitions/AWS::S3::Bucket.ReplicaModifications", + "markdownDescription": "A filter that you can specify for selection for modifications on replicas.", + "title": "ReplicaModifications" + }, + "SseKmsEncryptedObjects": { + "$ref": "#/definitions/AWS::S3::Bucket.SseKmsEncryptedObjects", + "markdownDescription": "A container for filter information for the selection of Amazon S3 objects encrypted with AWS KMS.", + "title": "SseKmsEncryptedObjects" + } + }, + "type": "object" + }, + "AWS::S3::Bucket.SseKmsEncryptedObjects": { + "additionalProperties": false, + "properties": { + "Status": { + "markdownDescription": "Specifies whether Amazon S3 replicates objects created with server-side encryption using an AWS KMS key stored in AWS Key Management Service.", + "title": "Status", + "type": "string" + } + }, + "required": [ + "Status" + ], + "type": "object" + }, + "AWS::S3::Bucket.StorageClassAnalysis": { + "additionalProperties": false, + "properties": { + "DataExport": { + "$ref": "#/definitions/AWS::S3::Bucket.DataExport", + "markdownDescription": "Specifies how data related to the storage class analysis for an Amazon S3 bucket should be exported.", + "title": "DataExport" + } + }, + "type": "object" + }, + "AWS::S3::Bucket.TagFilter": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The tag key.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The tag value.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::S3::Bucket.TargetObjectKeyFormat": { + "additionalProperties": false, + "properties": { + "PartitionedPrefix": { + "$ref": "#/definitions/AWS::S3::Bucket.PartitionedPrefix", + "markdownDescription": "Partitioned S3 key for log objects.", + "title": "PartitionedPrefix" + }, + "SimplePrefix": { + "markdownDescription": "To use the simple format for S3 keys for log objects. To specify SimplePrefix format, set SimplePrefix to {}.", + "title": "SimplePrefix", + "type": "object" + } + }, + "type": "object" + }, + "AWS::S3::Bucket.Tiering": { + "additionalProperties": false, + "properties": { + "AccessTier": { + "markdownDescription": "S3 Intelligent-Tiering access tier. See [Storage class for automatically optimizing frequently and infrequently accessed objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html#sc-dynamic-data-access) for a list of access tiers in the S3 Intelligent-Tiering storage class.", + "title": "AccessTier", + "type": "string" + }, + "Days": { + "markdownDescription": "The number of consecutive days of no access after which an object will be eligible to be transitioned to the corresponding tier. The minimum number of days specified for Archive Access tier must be at least 90 days and Deep Archive Access tier must be at least 180 days. The maximum can be up to 2 years (730 days).", + "title": "Days", + "type": "number" + } + }, + "required": [ + "AccessTier", + "Days" + ], + "type": "object" + }, + "AWS::S3::Bucket.TopicConfiguration": { + "additionalProperties": false, + "properties": { + "Event": { + "markdownDescription": "The Amazon S3 bucket event about which to send notifications. For more information, see [Supported Event Types](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide* .", + "title": "Event", + "type": "string" + }, + "Filter": { + "$ref": "#/definitions/AWS::S3::Bucket.NotificationFilter", + "markdownDescription": "The filtering rules that determine for which objects to send notifications. For example, you can create a filter so that Amazon S3 sends notifications only when image files with a `.jpg` extension are added to the bucket.", + "title": "Filter" + }, + "Topic": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to which Amazon S3 publishes a message when it detects events of the specified type.", + "title": "Topic", + "type": "string" + } + }, + "required": [ + "Event", + "Topic" + ], + "type": "object" + }, + "AWS::S3::Bucket.Transition": { + "additionalProperties": false, + "properties": { + "StorageClass": { + "markdownDescription": "The storage class to which you want the object to transition.", + "title": "StorageClass", + "type": "string" + }, + "TransitionDate": { + "markdownDescription": "Indicates when objects are transitioned to the specified storage class. The date value must be in ISO 8601 format. The time is always midnight UTC.", + "title": "TransitionDate", + "type": "string" + }, + "TransitionInDays": { + "markdownDescription": "Indicates the number of days after creation when objects are transitioned to the specified storage class. If the specified storage class is `INTELLIGENT_TIERING` , `GLACIER_IR` , `GLACIER` , or `DEEP_ARCHIVE` , valid values are `0` or positive integers. If the specified storage class is `STANDARD_IA` or `ONEZONE_IA` , valid values are positive integers greater than `30` . Be aware that some storage classes have a minimum storage duration and that you're charged for transitioning objects before their minimum storage duration. For more information, see [Constraints and considerations for transitions](https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-transition-general-considerations.html#lifecycle-configuration-constraints) in the *Amazon S3 User Guide* .", + "title": "TransitionInDays", + "type": "number" + } + }, + "required": [ + "StorageClass" + ], + "type": "object" + }, + "AWS::S3::Bucket.VersioningConfiguration": { + "additionalProperties": false, + "properties": { + "Status": { + "markdownDescription": "The versioning state of the bucket.", + "title": "Status", + "type": "string" + } + }, + "required": [ + "Status" + ], + "type": "object" + }, + "AWS::S3::Bucket.WebsiteConfiguration": { + "additionalProperties": false, + "properties": { + "ErrorDocument": { + "markdownDescription": "The name of the error document for the website.", + "title": "ErrorDocument", + "type": "string" + }, + "IndexDocument": { + "markdownDescription": "The name of the index document for the website.", + "title": "IndexDocument", + "type": "string" + }, + "RedirectAllRequestsTo": { + "$ref": "#/definitions/AWS::S3::Bucket.RedirectAllRequestsTo", + "markdownDescription": "The redirect behavior for every request to this bucket's website endpoint.\n\n> If you specify this property, you can't specify any other property.", + "title": "RedirectAllRequestsTo" + }, + "RoutingRules": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.RoutingRule" + }, + "markdownDescription": "Rules that define when a redirect is applied and the redirect behavior.", + "title": "RoutingRules", + "type": "array" + } + }, + "type": "object" + }, + "AWS::S3::BucketPolicy": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The name of the Amazon S3 bucket to which the policy applies.", + "title": "Bucket", + "type": "string" + }, + "PolicyDocument": { + "markdownDescription": "A policy document containing permissions to add to the specified bucket. In IAM, you must provide policy documents in JSON format. However, in CloudFormation you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to IAM. For more information, see the AWS::IAM::Policy [PolicyDocument](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html#cfn-iam-policy-policydocument) resource description in this guide and [Access Policy Language Overview](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-policy-language-overview.html) in the *Amazon S3 User Guide* .", + "title": "PolicyDocument", + "type": "object" + } + }, + "required": [ + "Bucket", + "PolicyDocument" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::S3::BucketPolicy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::S3::MultiRegionAccessPoint": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the Multi-Region Access Point.", + "title": "Name", + "type": "string" + }, + "PublicAccessBlockConfiguration": { + "$ref": "#/definitions/AWS::S3::MultiRegionAccessPoint.PublicAccessBlockConfiguration", + "markdownDescription": "The PublicAccessBlock configuration that you want to apply to this Multi-Region Access Point. You can enable the configuration options in any combination. For more information about when Amazon S3 considers an object public, see [The Meaning of \"Public\"](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status) in the *Amazon S3 User Guide* .", + "title": "PublicAccessBlockConfiguration" + }, + "Regions": { + "items": { + "$ref": "#/definitions/AWS::S3::MultiRegionAccessPoint.Region" + }, + "markdownDescription": "A collection of the Regions and buckets associated with the Multi-Region Access Point.", + "title": "Regions", + "type": "array" + } + }, + "required": [ + "Regions" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::S3::MultiRegionAccessPoint" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::S3::MultiRegionAccessPoint.PublicAccessBlockConfiguration": { + "additionalProperties": false, + "properties": { + "BlockPublicAcls": { + "markdownDescription": "Specifies whether Amazon S3 should block public access control lists (ACLs) for this bucket and objects in this bucket. Setting this element to `TRUE` causes the following behavior:\n\n- PUT Bucket ACL and PUT Object ACL calls fail if the specified ACL is public.\n- PUT Object calls fail if the request includes a public ACL.\n- PUT Bucket calls fail if the request includes a public ACL.\n\nEnabling this setting doesn't affect existing policies or ACLs.", + "title": "BlockPublicAcls", + "type": "boolean" + }, + "BlockPublicPolicy": { + "markdownDescription": "Specifies whether Amazon S3 should block public bucket policies for this bucket. Setting this element to `TRUE` causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.\n\nEnabling this setting doesn't affect existing bucket policies.", + "title": "BlockPublicPolicy", + "type": "boolean" + }, + "IgnorePublicAcls": { + "markdownDescription": "Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects in this bucket. Setting this element to `TRUE` causes Amazon S3 to ignore all public ACLs on this bucket and objects in this bucket.\n\nEnabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.", + "title": "IgnorePublicAcls", + "type": "boolean" + }, + "RestrictPublicBuckets": { + "markdownDescription": "Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to `TRUE` restricts access to this bucket to only AWS service principals and authorized users within this account if the bucket has a public policy.\n\nEnabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.", + "title": "RestrictPublicBuckets", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::S3::MultiRegionAccessPoint.Region": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The name of the associated bucket for the Region.", + "title": "Bucket", + "type": "string" + }, + "BucketAccountId": { + "markdownDescription": "The AWS account ID that owns the Amazon S3 bucket that's associated with this Multi-Region Access Point.", + "title": "BucketAccountId", + "type": "string" + } + }, + "required": [ + "Bucket" + ], + "type": "object" + }, + "AWS::S3::MultiRegionAccessPointPolicy": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "MrapName": { + "markdownDescription": "The name of the Multi-Region Access Point.", + "title": "MrapName", + "type": "string" + }, + "Policy": { + "markdownDescription": "The access policy associated with the Multi-Region Access Point.", + "title": "Policy", + "type": "object" + } + }, + "required": [ + "MrapName", + "Policy" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::S3::MultiRegionAccessPointPolicy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::S3::MultiRegionAccessPointPolicy.PolicyStatus": { + "additionalProperties": false, + "properties": { + "IsPublic": { + "markdownDescription": "The policy status for this bucket. `TRUE` indicates that this bucket is public. `FALSE` indicates that the bucket is not public.", + "title": "IsPublic", + "type": "string" + } + }, + "required": [ + "IsPublic" + ], + "type": "object" + }, + "AWS::S3::StorageLens": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "StorageLensConfiguration": { + "$ref": "#/definitions/AWS::S3::StorageLens.StorageLensConfiguration", + "markdownDescription": "This resource contains the details Amazon S3 Storage Lens configuration.", + "title": "StorageLensConfiguration" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A set of tags (key\u2013value pairs) to associate with the Storage Lens configuration.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "StorageLensConfiguration" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::S3::StorageLens" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::S3::StorageLens.AccountLevel": { + "additionalProperties": false, + "properties": { + "ActivityMetrics": { + "$ref": "#/definitions/AWS::S3::StorageLens.ActivityMetrics", + "markdownDescription": "This property contains the details of account-level activity metrics for S3 Storage Lens.", + "title": "ActivityMetrics" + }, + "AdvancedCostOptimizationMetrics": { + "$ref": "#/definitions/AWS::S3::StorageLens.AdvancedCostOptimizationMetrics", + "markdownDescription": "This property contains the details of account-level advanced cost optimization metrics for S3 Storage Lens.", + "title": "AdvancedCostOptimizationMetrics" + }, + "AdvancedDataProtectionMetrics": { + "$ref": "#/definitions/AWS::S3::StorageLens.AdvancedDataProtectionMetrics", + "markdownDescription": "This property contains the details of account-level advanced data protection metrics for S3 Storage Lens.", + "title": "AdvancedDataProtectionMetrics" + }, + "BucketLevel": { + "$ref": "#/definitions/AWS::S3::StorageLens.BucketLevel", + "markdownDescription": "This property contains the details of the account-level bucket-level configurations for Amazon S3 Storage Lens. To enable bucket-level configurations, make sure to also set the same metrics at the account level.", + "title": "BucketLevel" + }, + "DetailedStatusCodesMetrics": { + "$ref": "#/definitions/AWS::S3::StorageLens.DetailedStatusCodesMetrics", + "markdownDescription": "This property contains the details of account-level detailed status code metrics for S3 Storage Lens.", + "title": "DetailedStatusCodesMetrics" + }, + "StorageLensGroupLevel": { + "$ref": "#/definitions/AWS::S3::StorageLens.StorageLensGroupLevel", + "markdownDescription": "This property determines the scope of Storage Lens group data that is displayed in the Storage Lens dashboard.", + "title": "StorageLensGroupLevel" + } + }, + "required": [ + "BucketLevel" + ], + "type": "object" + }, + "AWS::S3::StorageLens.ActivityMetrics": { + "additionalProperties": false, + "properties": { + "IsEnabled": { + "markdownDescription": "A property that indicates whether the activity metrics is enabled.", + "title": "IsEnabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::S3::StorageLens.AdvancedCostOptimizationMetrics": { + "additionalProperties": false, + "properties": { + "IsEnabled": { + "markdownDescription": "Indicates whether advanced cost optimization metrics are enabled.", + "title": "IsEnabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::S3::StorageLens.AdvancedDataProtectionMetrics": { + "additionalProperties": false, + "properties": { + "IsEnabled": { + "markdownDescription": "Indicates whether advanced data protection metrics are enabled.", + "title": "IsEnabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::S3::StorageLens.AwsOrg": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "This resource contains the ARN of the AWS Organization.", + "title": "Arn", + "type": "string" + } + }, + "required": [ + "Arn" + ], + "type": "object" + }, + "AWS::S3::StorageLens.BucketLevel": { + "additionalProperties": false, + "properties": { + "ActivityMetrics": { + "$ref": "#/definitions/AWS::S3::StorageLens.ActivityMetrics", + "markdownDescription": "A property for bucket-level activity metrics for S3 Storage Lens.", + "title": "ActivityMetrics" + }, + "AdvancedCostOptimizationMetrics": { + "$ref": "#/definitions/AWS::S3::StorageLens.AdvancedCostOptimizationMetrics", + "markdownDescription": "A property for bucket-level advanced cost optimization metrics for S3 Storage Lens.", + "title": "AdvancedCostOptimizationMetrics" + }, + "AdvancedDataProtectionMetrics": { + "$ref": "#/definitions/AWS::S3::StorageLens.AdvancedDataProtectionMetrics", + "markdownDescription": "A property for bucket-level advanced data protection metrics for S3 Storage Lens.", + "title": "AdvancedDataProtectionMetrics" + }, + "DetailedStatusCodesMetrics": { + "$ref": "#/definitions/AWS::S3::StorageLens.DetailedStatusCodesMetrics", + "markdownDescription": "A property for bucket-level detailed status code metrics for S3 Storage Lens.", + "title": "DetailedStatusCodesMetrics" + }, + "PrefixLevel": { + "$ref": "#/definitions/AWS::S3::StorageLens.PrefixLevel", + "markdownDescription": "A property for bucket-level prefix-level storage metrics for S3 Storage Lens.", + "title": "PrefixLevel" + } + }, + "type": "object" + }, + "AWS::S3::StorageLens.BucketsAndRegions": { + "additionalProperties": false, + "properties": { + "Buckets": { + "items": { + "type": "string" + }, + "markdownDescription": "This property contains the details of the buckets for the Amazon S3 Storage Lens configuration. This should be the bucket Amazon Resource Name(ARN). For valid values, see [Buckets ARN format here](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_Include.html#API_control_Include_Contents) in the *Amazon S3 API Reference* .", + "title": "Buckets", + "type": "array" + }, + "Regions": { + "items": { + "type": "string" + }, + "markdownDescription": "This property contains the details of the Regions for the S3 Storage Lens configuration.", + "title": "Regions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::S3::StorageLens.CloudWatchMetrics": { + "additionalProperties": false, + "properties": { + "IsEnabled": { + "markdownDescription": "This property identifies whether the CloudWatch publishing option for S3 Storage Lens is enabled.", + "title": "IsEnabled", + "type": "boolean" + } + }, + "required": [ + "IsEnabled" + ], + "type": "object" + }, + "AWS::S3::StorageLens.DataExport": { + "additionalProperties": false, + "properties": { + "CloudWatchMetrics": { + "$ref": "#/definitions/AWS::S3::StorageLens.CloudWatchMetrics", + "markdownDescription": "This property enables the Amazon CloudWatch publishing option for S3 Storage Lens metrics.", + "title": "CloudWatchMetrics" + }, + "S3BucketDestination": { + "$ref": "#/definitions/AWS::S3::StorageLens.S3BucketDestination", + "markdownDescription": "This property contains the details of the bucket where the S3 Storage Lens metrics export will be placed.", + "title": "S3BucketDestination" + } + }, + "type": "object" + }, + "AWS::S3::StorageLens.DetailedStatusCodesMetrics": { + "additionalProperties": false, + "properties": { + "IsEnabled": { + "markdownDescription": "Indicates whether detailed status code metrics are enabled.", + "title": "IsEnabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::S3::StorageLens.Encryption": { + "additionalProperties": false, + "properties": { + "SSEKMS": { + "$ref": "#/definitions/AWS::S3::StorageLens.SSEKMS", + "markdownDescription": "Specifies the use of AWS Key Management Service keys (SSE-KMS) to encrypt the S3 Storage Lens metrics export file.", + "title": "SSEKMS" + }, + "SSES3": { + "markdownDescription": "Specifies the use of an Amazon S3-managed key (SSE-S3) to encrypt the S3 Storage Lens metrics export file.", + "title": "SSES3", + "type": "object" + } + }, + "type": "object" + }, + "AWS::S3::StorageLens.PrefixLevel": { + "additionalProperties": false, + "properties": { + "StorageMetrics": { + "$ref": "#/definitions/AWS::S3::StorageLens.PrefixLevelStorageMetrics", + "markdownDescription": "A property for the prefix-level storage metrics for Amazon S3 Storage Lens.", + "title": "StorageMetrics" + } + }, + "required": [ + "StorageMetrics" + ], + "type": "object" + }, + "AWS::S3::StorageLens.PrefixLevelStorageMetrics": { + "additionalProperties": false, + "properties": { + "IsEnabled": { + "markdownDescription": "This property identifies whether the details of the prefix-level storage metrics for S3 Storage Lens are enabled.", + "title": "IsEnabled", + "type": "boolean" + }, + "SelectionCriteria": { + "$ref": "#/definitions/AWS::S3::StorageLens.SelectionCriteria", + "markdownDescription": "This property identifies whether the details of the prefix-level storage metrics for S3 Storage Lens are enabled.", + "title": "SelectionCriteria" + } + }, + "type": "object" + }, + "AWS::S3::StorageLens.S3BucketDestination": { + "additionalProperties": false, + "properties": { + "AccountId": { + "markdownDescription": "This property contains the details of the AWS account ID of the S3 Storage Lens export bucket destination.", + "title": "AccountId", + "type": "string" + }, + "Arn": { + "markdownDescription": "This property contains the details of the ARN of the bucket destination of the S3 Storage Lens export.", + "title": "Arn", + "type": "string" + }, + "Encryption": { + "$ref": "#/definitions/AWS::S3::StorageLens.Encryption", + "markdownDescription": "This property contains the details of the encryption of the bucket destination of the Amazon S3 Storage Lens metrics export.", + "title": "Encryption" + }, + "Format": { + "markdownDescription": "This property contains the details of the format of the S3 Storage Lens export bucket destination.", + "title": "Format", + "type": "string" + }, + "OutputSchemaVersion": { + "markdownDescription": "This property contains the details of the output schema version of the S3 Storage Lens export bucket destination.", + "title": "OutputSchemaVersion", + "type": "string" + }, + "Prefix": { + "markdownDescription": "This property contains the details of the prefix of the bucket destination of the S3 Storage Lens export .", + "title": "Prefix", + "type": "string" + } + }, + "required": [ + "AccountId", + "Arn", + "Format", + "OutputSchemaVersion" + ], + "type": "object" + }, + "AWS::S3::StorageLens.SSEKMS": { + "additionalProperties": false, + "properties": { + "KeyId": { + "markdownDescription": "Specifies the Amazon Resource Name (ARN) of the customer managed AWS KMS key to use for encrypting the S3 Storage Lens metrics export file. Amazon S3 only supports symmetric encryption keys. For more information, see [Special-purpose keys](https://docs.aws.amazon.com/kms/latest/developerguide/key-types.html) in the *AWS Key Management Service Developer Guide* .", + "title": "KeyId", + "type": "string" + } + }, + "required": [ + "KeyId" + ], + "type": "object" + }, + "AWS::S3::StorageLens.SelectionCriteria": { + "additionalProperties": false, + "properties": { + "Delimiter": { + "markdownDescription": "This property contains the details of the S3 Storage Lens delimiter being used.", + "title": "Delimiter", + "type": "string" + }, + "MaxDepth": { + "markdownDescription": "This property contains the details of the max depth that S3 Storage Lens will collect metrics up to.", + "title": "MaxDepth", + "type": "number" + }, + "MinStorageBytesPercentage": { + "markdownDescription": "This property contains the details of the minimum storage bytes percentage threshold that S3 Storage Lens will collect metrics up to.", + "title": "MinStorageBytesPercentage", + "type": "number" + } + }, + "type": "object" + }, + "AWS::S3::StorageLens.StorageLensConfiguration": { + "additionalProperties": false, + "properties": { + "AccountLevel": { + "$ref": "#/definitions/AWS::S3::StorageLens.AccountLevel", + "markdownDescription": "This property contains the details of the account-level metrics for Amazon S3 Storage Lens configuration.", + "title": "AccountLevel" + }, + "AwsOrg": { + "$ref": "#/definitions/AWS::S3::StorageLens.AwsOrg", + "markdownDescription": "This property contains the details of the AWS Organization for the S3 Storage Lens configuration.", + "title": "AwsOrg" + }, + "DataExport": { + "$ref": "#/definitions/AWS::S3::StorageLens.DataExport", + "markdownDescription": "This property contains the details of this S3 Storage Lens configuration's metrics export.", + "title": "DataExport" + }, + "Exclude": { + "$ref": "#/definitions/AWS::S3::StorageLens.BucketsAndRegions", + "markdownDescription": "This property contains the details of the bucket and or Regions excluded for Amazon S3 Storage Lens configuration.", + "title": "Exclude" + }, + "Id": { + "markdownDescription": "This property contains the details of the ID of the S3 Storage Lens configuration.", + "title": "Id", + "type": "string" + }, + "Include": { + "$ref": "#/definitions/AWS::S3::StorageLens.BucketsAndRegions", + "markdownDescription": "This property contains the details of the bucket and or Regions included for Amazon S3 Storage Lens configuration.", + "title": "Include" + }, + "IsEnabled": { + "markdownDescription": "This property contains the details of whether the Amazon S3 Storage Lens configuration is enabled.", + "title": "IsEnabled", + "type": "boolean" + }, + "StorageLensArn": { + "markdownDescription": "This property contains the details of the ARN of the S3 Storage Lens configuration. This property is read-only.", + "title": "StorageLensArn", + "type": "string" + } + }, + "required": [ + "AccountLevel", + "Id", + "IsEnabled" + ], + "type": "object" + }, + "AWS::S3::StorageLens.StorageLensGroupLevel": { + "additionalProperties": false, + "properties": { + "StorageLensGroupSelectionCriteria": { + "$ref": "#/definitions/AWS::S3::StorageLens.StorageLensGroupSelectionCriteria", + "markdownDescription": "This property indicates which Storage Lens group ARNs to include or exclude in the Storage Lens group aggregation. If this value is left null, then all Storage Lens groups are selected.", + "title": "StorageLensGroupSelectionCriteria" + } + }, + "type": "object" + }, + "AWS::S3::StorageLens.StorageLensGroupSelectionCriteria": { + "additionalProperties": false, + "properties": { + "Exclude": { + "items": { + "type": "string" + }, + "markdownDescription": "This property indicates which Storage Lens group ARNs to exclude from the Storage Lens group aggregation.", + "title": "Exclude", + "type": "array" + }, + "Include": { + "items": { + "type": "string" + }, + "markdownDescription": "This property indicates which Storage Lens group ARNs to include in the Storage Lens group aggregation.", + "title": "Include", + "type": "array" + } + }, + "type": "object" + }, + "AWS::S3::StorageLensGroup": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Filter": { + "$ref": "#/definitions/AWS::S3::StorageLensGroup.Filter", + "markdownDescription": "This property contains the criteria for the Storage Lens group data that is displayed", + "title": "Filter" + }, + "Name": { + "markdownDescription": "This property contains the Storage Lens group name.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "This property contains the AWS resource tags that you're adding to your Storage Lens group. This parameter is optional.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Filter", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::S3::StorageLensGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::S3::StorageLensGroup.And": { + "additionalProperties": false, + "properties": { + "MatchAnyPrefix": { + "items": { + "type": "string" + }, + "markdownDescription": "This property contains a list of prefixes. At least one prefix must be specified. Up to 10 prefixes are allowed.", + "title": "MatchAnyPrefix", + "type": "array" + }, + "MatchAnySuffix": { + "items": { + "type": "string" + }, + "markdownDescription": "This property contains a list of suffixes. At least one suffix must be specified. Up to 10 suffixes are allowed.", + "title": "MatchAnySuffix", + "type": "array" + }, + "MatchAnyTag": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "This property contains the list of object tags. At least one object tag must be specified. Up to 10 object tags are allowed.", + "title": "MatchAnyTag", + "type": "array" + }, + "MatchObjectAge": { + "$ref": "#/definitions/AWS::S3::StorageLensGroup.MatchObjectAge", + "markdownDescription": "This property contains `DaysGreaterThan` and `DaysLessThan` properties to define the object age range (minimum and maximum number of days).", + "title": "MatchObjectAge" + }, + "MatchObjectSize": { + "$ref": "#/definitions/AWS::S3::StorageLensGroup.MatchObjectSize", + "markdownDescription": "This property contains `BytesGreaterThan` and `BytesLessThan` to define the object size range (minimum and maximum number of Bytes).", + "title": "MatchObjectSize" + } + }, + "type": "object" + }, + "AWS::S3::StorageLensGroup.Filter": { + "additionalProperties": false, + "properties": { + "And": { + "$ref": "#/definitions/AWS::S3::StorageLensGroup.And", + "markdownDescription": "This property contains the `And` logical operator, which allows multiple filter conditions to be joined for more complex comparisons of Storage Lens group data. Objects must match all of the listed filter conditions that are joined by the `And` logical operator. Only one of each filter condition is allowed.", + "title": "And" + }, + "MatchAnyPrefix": { + "items": { + "type": "string" + }, + "markdownDescription": "This property contains a list of prefixes. At least one prefix must be specified. Up to 10 prefixes are allowed.", + "title": "MatchAnyPrefix", + "type": "array" + }, + "MatchAnySuffix": { + "items": { + "type": "string" + }, + "markdownDescription": "This property contains a list of suffixes. At least one suffix must be specified. Up to 10 suffixes are allowed.", + "title": "MatchAnySuffix", + "type": "array" + }, + "MatchAnyTag": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "This property contains the list of S3 object tags. At least one object tag must be specified. Up to 10 object tags are allowed.", + "title": "MatchAnyTag", + "type": "array" + }, + "MatchObjectAge": { + "$ref": "#/definitions/AWS::S3::StorageLensGroup.MatchObjectAge", + "markdownDescription": "This property contains `DaysGreaterThan` and `DaysLessThan` to define the object age range (minimum and maximum number of days).", + "title": "MatchObjectAge" + }, + "MatchObjectSize": { + "$ref": "#/definitions/AWS::S3::StorageLensGroup.MatchObjectSize", + "markdownDescription": "This property contains `BytesGreaterThan` and `BytesLessThan` to define the object size range (minimum and maximum number of Bytes).", + "title": "MatchObjectSize" + }, + "Or": { + "$ref": "#/definitions/AWS::S3::StorageLensGroup.Or", + "markdownDescription": "This property contains the `Or` logical operator, which allows multiple filter conditions to be joined. Objects can match any of the listed filter conditions, which are joined by the `Or` logical operator. Only one of each filter condition is allowed.", + "title": "Or" + } + }, + "type": "object" + }, + "AWS::S3::StorageLensGroup.MatchObjectAge": { + "additionalProperties": false, + "properties": { + "DaysGreaterThan": { + "markdownDescription": "This property indicates the minimum object age in days.", + "title": "DaysGreaterThan", + "type": "number" + }, + "DaysLessThan": { + "markdownDescription": "This property indicates the maximum object age in days.", + "title": "DaysLessThan", + "type": "number" + } + }, + "type": "object" + }, + "AWS::S3::StorageLensGroup.MatchObjectSize": { + "additionalProperties": false, + "properties": { + "BytesGreaterThan": { + "markdownDescription": "This property specifies the minimum object size in bytes. The value must be a positive number, greater than 0 and less than 5 TB.", + "title": "BytesGreaterThan", + "type": "number" + }, + "BytesLessThan": { + "markdownDescription": "This property specifies the maximum object size in bytes. The value must be a positive number, greater than the minimum object size and less than 5 TB.", + "title": "BytesLessThan", + "type": "number" + } + }, + "type": "object" + }, + "AWS::S3::StorageLensGroup.Or": { + "additionalProperties": false, + "properties": { + "MatchAnyPrefix": { + "items": { + "type": "string" + }, + "markdownDescription": "This property contains a list of prefixes. At least one prefix must be specified. Up to 10 prefixes are allowed.", + "title": "MatchAnyPrefix", + "type": "array" + }, + "MatchAnySuffix": { + "items": { + "type": "string" + }, + "markdownDescription": "This property contains the list of suffixes. At least one suffix must be specified. Up to 10 suffixes are allowed.", + "title": "MatchAnySuffix", + "type": "array" + }, + "MatchAnyTag": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "This property contains the list of S3 object tags. At least one object tag must be specified. Up to 10 object tags are allowed.", + "title": "MatchAnyTag", + "type": "array" + }, + "MatchObjectAge": { + "$ref": "#/definitions/AWS::S3::StorageLensGroup.MatchObjectAge", + "markdownDescription": "This property filters objects that match the specified object age range.", + "title": "MatchObjectAge" + }, + "MatchObjectSize": { + "$ref": "#/definitions/AWS::S3::StorageLensGroup.MatchObjectSize", + "markdownDescription": "This property contains the `BytesGreaterThan` and `BytesLessThan` values to define the object size range (minimum and maximum number of Bytes).", + "title": "MatchObjectSize" + } + }, + "type": "object" + }, + "AWS::S3Express::AccessPoint": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The name of the bucket that you want to associate the access point with.", + "title": "Bucket", + "type": "string" + }, + "BucketAccountId": { + "markdownDescription": "The AWS account ID that owns the bucket associated with this access point.", + "title": "BucketAccountId", + "type": "string" + }, + "Name": { + "markdownDescription": "An access point name consists of a base name you provide, followed by the zoneID ( AWS Local Zone) followed by the prefix `--xa-s3` . For example, accesspointname--zoneID--xa-s3.", + "title": "Name", + "type": "string" + }, + "Policy": { + "markdownDescription": "The access point policy associated with the specified access point.", + "title": "Policy", + "type": "object" + }, + "PublicAccessBlockConfiguration": { + "$ref": "#/definitions/AWS::S3Express::AccessPoint.PublicAccessBlockConfiguration", + "markdownDescription": "Public access is blocked by default to access points for directory buckets.", + "title": "PublicAccessBlockConfiguration" + }, + "Scope": { + "$ref": "#/definitions/AWS::S3Express::AccessPoint.Scope", + "markdownDescription": "You can use the access point scope to restrict access to specific prefixes, API operations, or a combination of both.\n\nFor more information, see [Manage the scope of your access points for directory buckets.](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-points-directory-buckets-manage-scope.html)", + "title": "Scope" + }, + "VpcConfiguration": { + "$ref": "#/definitions/AWS::S3Express::AccessPoint.VpcConfiguration", + "markdownDescription": "If you include this field, Amazon S3 restricts access to this access point to requests from the specified virtual private cloud (VPC).", + "title": "VpcConfiguration" + } + }, + "required": [ + "Bucket" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::S3Express::AccessPoint" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::S3Express::AccessPoint.PublicAccessBlockConfiguration": { + "additionalProperties": false, + "properties": { + "BlockPublicAcls": { + "markdownDescription": "Specifies whether Amazon S3 should block public access control lists (ACLs) for this bucket and objects in this bucket. Setting this element to `TRUE` causes the following behavior:\n\n- PUT Bucket ACL and PUT Object ACL calls fail if the specified ACL is public.\n- PUT Object calls fail if the request includes a public ACL.\n- PUT Bucket calls fail if the request includes a public ACL.\n\nEnabling this setting doesn't affect existing policies or ACLs.", + "title": "BlockPublicAcls", + "type": "boolean" + }, + "BlockPublicPolicy": { + "markdownDescription": "Specifies whether Amazon S3 should block public bucket policies for this bucket. Setting this element to `TRUE` causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.\n\nEnabling this setting doesn't affect existing bucket policies.", + "title": "BlockPublicPolicy", + "type": "boolean" + }, + "IgnorePublicAcls": { + "markdownDescription": "Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects in this bucket. Setting this element to `TRUE` causes Amazon S3 to ignore all public ACLs on this bucket and objects in this bucket.\n\nEnabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.", + "title": "IgnorePublicAcls", + "type": "boolean" + }, + "RestrictPublicBuckets": { + "markdownDescription": "Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to `TRUE` restricts access to this bucket to only AWS service principals and authorized users within this account if the bucket has a public policy.\n\nEnabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.", + "title": "RestrictPublicBuckets", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::S3Express::AccessPoint.Scope": { + "additionalProperties": false, + "properties": { + "Permissions": { + "items": { + "type": "string" + }, + "markdownDescription": "You can include one or more API operations as permissions.", + "title": "Permissions", + "type": "array" + }, + "Prefixes": { + "items": { + "type": "string" + }, + "markdownDescription": "You can specify any amount of prefixes, but the total length of characters of all prefixes must be less than 256 bytes in size.", + "title": "Prefixes", + "type": "array" + } + }, + "type": "object" + }, + "AWS::S3Express::AccessPoint.VpcConfiguration": { + "additionalProperties": false, + "properties": { + "VpcId": { + "markdownDescription": "If this field is specified, this access point will only allow connections from the specified VPC ID.", + "title": "VpcId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::S3Express::BucketPolicy": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The name of the S3 directory bucket to which the policy applies.", + "title": "Bucket", + "type": "string" + }, + "PolicyDocument": { + "markdownDescription": "A policy document containing permissions to add to the specified bucket. In IAM, you must provide policy documents in JSON format. However, in CloudFormation you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to IAM. For more information, see the AWS::IAM::Policy [PolicyDocument](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html#cfn-iam-policy-policydocument) resource description in this guide and [Policies and Permissions in Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-policy-language-overview.html) in the *Amazon S3 User Guide* .", + "title": "PolicyDocument", + "type": "object" + } + }, + "required": [ + "Bucket", + "PolicyDocument" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::S3Express::BucketPolicy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::S3Express::DirectoryBucket": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "BucketEncryption": { + "$ref": "#/definitions/AWS::S3Express::DirectoryBucket.BucketEncryption", + "markdownDescription": "Specifies default encryption for a bucket using server-side encryption with Amazon S3 managed keys (SSE-S3) or AWS KMS keys (SSE-KMS). For information about default encryption for directory buckets, see [Setting and monitoring default encryption for directory buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-bucket-encryption.html) in the *Amazon S3 User Guide* .", + "title": "BucketEncryption" + }, + "BucketName": { + "markdownDescription": "A name for the bucket. The bucket name must contain only lowercase letters, numbers, and hyphens (-). A directory bucket name must be unique in the chosen Zone (Availability Zone or Local Zone). The bucket name must also follow the format `*bucket_base_name* -- *zone_id* --x-s3` (for example, `*bucket_base_name* -- *usw2-az1* --x-s3` ). If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the bucket name. For information about bucket naming restrictions, see [Directory bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) in the *Amazon S3 User Guide* .\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you need to replace the resource, specify a new name.", + "title": "BucketName", + "type": "string" + }, + "DataRedundancy": { + "markdownDescription": "The number of Zone (Availability Zone or Local Zone) that's used for redundancy for the bucket.", + "title": "DataRedundancy", + "type": "string" + }, + "LifecycleConfiguration": { + "$ref": "#/definitions/AWS::S3Express::DirectoryBucket.LifecycleConfiguration", + "markdownDescription": "Container for lifecycle rules. You can add as many as 1000 rules.\n\nFor more information see, [Creating and managing a lifecycle configuration for directory buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-objects-lifecycle.html ) in the *Amazon S3 User Guide* .", + "title": "LifecycleConfiguration" + }, + "LocationName": { + "markdownDescription": "The name of the location where the bucket will be created.\n\nFor directory buckets, the name of the location is the Zone ID of the Availability Zone (AZ) or Local Zone (LZ) where the bucket will be created. An example AZ ID value is `usw2-az1` .", + "title": "LocationName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of tags that you can apply to the S3 directory bucket. Tags are key-value pairs of metadata used to categorize and organize your buckets, track costs, and control access. For more information, see [Using tags with directory buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-tagging.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "DataRedundancy", + "LocationName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::S3Express::DirectoryBucket" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::S3Express::DirectoryBucket.AbortIncompleteMultipartUpload": { + "additionalProperties": false, + "properties": { + "DaysAfterInitiation": { + "markdownDescription": "Specifies the number of days after which Amazon S3 aborts an incomplete multipart upload.", + "title": "DaysAfterInitiation", + "type": "number" + } + }, + "required": [ + "DaysAfterInitiation" + ], + "type": "object" + }, + "AWS::S3Express::DirectoryBucket.BucketEncryption": { + "additionalProperties": false, + "properties": { + "ServerSideEncryptionConfiguration": { + "items": { + "$ref": "#/definitions/AWS::S3Express::DirectoryBucket.ServerSideEncryptionRule" + }, + "markdownDescription": "Specifies the default server-side-encryption configuration.", + "title": "ServerSideEncryptionConfiguration", + "type": "array" + } + }, + "required": [ + "ServerSideEncryptionConfiguration" + ], + "type": "object" + }, + "AWS::S3Express::DirectoryBucket.LifecycleConfiguration": { + "additionalProperties": false, + "properties": { + "Rules": { + "items": { + "$ref": "#/definitions/AWS::S3Express::DirectoryBucket.Rule" + }, + "markdownDescription": "A lifecycle rule for individual objects in an Amazon S3 Express bucket.", + "title": "Rules", + "type": "array" + } + }, + "required": [ + "Rules" + ], + "type": "object" + }, + "AWS::S3Express::DirectoryBucket.Rule": { + "additionalProperties": false, + "properties": { + "AbortIncompleteMultipartUpload": { + "$ref": "#/definitions/AWS::S3Express::DirectoryBucket.AbortIncompleteMultipartUpload", + "markdownDescription": "Specifies the days since the initiation of an incomplete multipart upload that Amazon S3 will wait before permanently removing all parts of the upload.", + "title": "AbortIncompleteMultipartUpload" + }, + "ExpirationInDays": { + "markdownDescription": "Indicates the number of days after creation when objects are deleted from Amazon S3 and Amazon S3 Glacier. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time.", + "title": "ExpirationInDays", + "type": "number" + }, + "Id": { + "markdownDescription": "Unique identifier for the rule. The value can't be longer than 255 characters.", + "title": "Id", + "type": "string" + }, + "ObjectSizeGreaterThan": { + "markdownDescription": "Specifies the minimum object size in bytes for this rule to apply to. Objects must be larger than this value in bytes. For more information about size based rules, see [Lifecycle configuration using size-based rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-configuration-examples.html#lc-size-rules) in the *Amazon S3 User Guide* .", + "title": "ObjectSizeGreaterThan", + "type": "string" + }, + "ObjectSizeLessThan": { + "markdownDescription": "Specifies the maximum object size in bytes for this rule to apply to. Objects must be smaller than this value in bytes. For more information about sized based rules, see [Lifecycle configuration using size-based rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-configuration-examples.html#lc-size-rules) in the *Amazon S3 User Guide* .", + "title": "ObjectSizeLessThan", + "type": "string" + }, + "Prefix": { + "markdownDescription": "Object key prefix that identifies one or more objects to which this rule applies.\n\n> Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints) .", + "title": "Prefix", + "type": "string" + }, + "Status": { + "markdownDescription": "If `Enabled` , the rule is currently being applied. If `Disabled` , the rule is not currently being applied.", + "title": "Status", + "type": "string" + } + }, + "required": [ + "Status" + ], + "type": "object" + }, + "AWS::S3Express::DirectoryBucket.ServerSideEncryptionByDefault": { + "additionalProperties": false, + "properties": { + "KMSMasterKeyID": { + "markdownDescription": "AWS Key Management Service (KMS) customer managed key ID to use for the default encryption. This parameter is allowed only if `SSEAlgorithm` is set to `aws:kms` .\n\nYou can specify this parameter with the key ID or the Amazon Resource Name (ARN) of the KMS key. You can\u2019t use the key alias of the KMS key.\n\n- Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key ARN: `arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n\nIf you are using encryption with cross-account or AWS service operations, you must use a fully qualified KMS key ARN. For more information, see [Using encryption for cross-account operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-bucket-encryption.html#s3-express-bucket-encryption-update-bucket-policy) .\n\n> Your SSE-KMS configuration can only support 1 [customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk) per directory bucket for the lifetime of the bucket. [AWS managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk) ( `aws/s3` ) isn't supported. Also, after you specify a customer managed key for SSE-KMS and upload objects with this configuration, you can't override the customer managed key for your SSE-KMS configuration. To use a new customer manager key for your data, we recommend copying your existing objects to a new directory bucket with a new customer managed key. > Amazon S3 only supports symmetric encryption KMS keys. For more information, see [Asymmetric keys in AWS KMS](https://docs.aws.amazon.com//kms/latest/developerguide/symmetric-asymmetric.html) in the *AWS Key Management Service Developer Guide* .", + "title": "KMSMasterKeyID", + "type": "string" + }, + "SSEAlgorithm": { + "markdownDescription": "Server-side encryption algorithm to use for the default encryption.\n\n> For directory buckets, there are only two supported values for server-side encryption: `AES256` and `aws:kms` .", + "title": "SSEAlgorithm", + "type": "string" + } + }, + "required": [ + "SSEAlgorithm" + ], + "type": "object" + }, + "AWS::S3Express::DirectoryBucket.ServerSideEncryptionRule": { + "additionalProperties": false, + "properties": { + "BucketKeyEnabled": { + "markdownDescription": "Specifies whether Amazon S3 should use an S3 Bucket Key with server-side encryption using KMS (SSE-KMS) for new objects in the bucket. S3 Bucket Keys are always enabled for `GET` and `PUT` operations on a directory bucket and can\u2019t be disabled. It's only allowed to set the `BucketKeyEnabled` element to `true` .\n\nS3 Bucket Keys aren't supported, when you copy SSE-KMS encrypted objects from general purpose buckets to directory buckets, from directory buckets to general purpose buckets, or between directory buckets, through [CopyObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html) , [UploadPartCopy](https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html) , [the Copy operation in Batch Operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-objects-Batch-Ops) , or [the import jobs](https://docs.aws.amazon.com/AmazonS3/latest/userguide/create-import-job) . In this case, Amazon S3 makes a call to AWS KMS every time a copy request is made for a KMS-encrypted object.\n\nFor more information, see [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-UsingKMSEncryption.html#s3-express-sse-kms-bucket-keys) in the *Amazon S3 User Guide* .", + "title": "BucketKeyEnabled", + "type": "boolean" + }, + "ServerSideEncryptionByDefault": { + "$ref": "#/definitions/AWS::S3Express::DirectoryBucket.ServerSideEncryptionByDefault", + "markdownDescription": "Specifies the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied.", + "title": "ServerSideEncryptionByDefault" + } + }, + "type": "object" + }, + "AWS::S3ObjectLambda::AccessPoint": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of this access point.", + "title": "Name", + "type": "string" + }, + "ObjectLambdaConfiguration": { + "$ref": "#/definitions/AWS::S3ObjectLambda::AccessPoint.ObjectLambdaConfiguration", + "markdownDescription": "A configuration used when creating an Object Lambda Access Point.", + "title": "ObjectLambdaConfiguration" + } + }, + "required": [ + "ObjectLambdaConfiguration" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::S3ObjectLambda::AccessPoint" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::S3ObjectLambda::AccessPoint.Alias": { + "additionalProperties": false, + "properties": { + "Status": { + "markdownDescription": "The status of the Object Lambda Access Point alias. If the status is `PROVISIONING` , the Object Lambda Access Point is provisioning the alias and the alias is not ready for use yet. If the status is `READY` , the Object Lambda Access Point alias is successfully provisioned and ready for use.", + "title": "Status", + "type": "string" + }, + "Value": { + "markdownDescription": "The alias value of the Object Lambda Access Point.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Value" + ], + "type": "object" + }, + "AWS::S3ObjectLambda::AccessPoint.AwsLambda": { + "additionalProperties": false, + "properties": { + "FunctionArn": { + "markdownDescription": "", + "title": "FunctionArn", + "type": "string" + }, + "FunctionPayload": { + "markdownDescription": "", + "title": "FunctionPayload", + "type": "string" + } + }, + "required": [ + "FunctionArn" + ], + "type": "object" + }, + "AWS::S3ObjectLambda::AccessPoint.ContentTransformation": { + "additionalProperties": false, + "properties": { + "AwsLambda": { + "$ref": "#/definitions/AWS::S3ObjectLambda::AccessPoint.AwsLambda", + "markdownDescription": "", + "title": "AwsLambda" + } + }, + "required": [ + "AwsLambda" + ], + "type": "object" + }, + "AWS::S3ObjectLambda::AccessPoint.ObjectLambdaConfiguration": { + "additionalProperties": false, + "properties": { + "AllowedFeatures": { + "items": { + "type": "string" + }, + "markdownDescription": "A container for allowed features. Valid inputs are `GetObject-Range` , `GetObject-PartNumber` , `HeadObject-Range` , and `HeadObject-PartNumber` .", + "title": "AllowedFeatures", + "type": "array" + }, + "CloudWatchMetricsEnabled": { + "markdownDescription": "A container for whether the CloudWatch metrics configuration is enabled.", + "title": "CloudWatchMetricsEnabled", + "type": "boolean" + }, + "SupportingAccessPoint": { + "markdownDescription": "Standard access point associated with the Object Lambda Access Point.", + "title": "SupportingAccessPoint", + "type": "string" + }, + "TransformationConfigurations": { + "items": { + "$ref": "#/definitions/AWS::S3ObjectLambda::AccessPoint.TransformationConfiguration" + }, + "markdownDescription": "A container for transformation configurations for an Object Lambda Access Point.", + "title": "TransformationConfigurations", + "type": "array" + } + }, + "required": [ + "SupportingAccessPoint", + "TransformationConfigurations" + ], + "type": "object" + }, + "AWS::S3ObjectLambda::AccessPoint.PublicAccessBlockConfiguration": { + "additionalProperties": false, + "properties": { + "BlockPublicAcls": { + "markdownDescription": "Specifies whether Amazon S3 should block public access control lists (ACLs) for buckets in this account. Setting this element to `TRUE` causes the following behavior:\n\n- `PutBucketAcl` and `PutObjectAcl` calls fail if the specified ACL is public.\n- PUT Object calls fail if the request includes a public ACL.\n- PUT Bucket calls fail if the request includes a public ACL.\n\nEnabling this setting doesn't affect existing policies or ACLs.\n\nThis property is not supported for Amazon S3 on Outposts.", + "title": "BlockPublicAcls", + "type": "boolean" + }, + "BlockPublicPolicy": { + "markdownDescription": "Specifies whether Amazon S3 should block public bucket policies for buckets in this account. Setting this element to `TRUE` causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.\n\nEnabling this setting doesn't affect existing bucket policies.\n\nThis property is not supported for Amazon S3 on Outposts.", + "title": "BlockPublicPolicy", + "type": "boolean" + }, + "IgnorePublicAcls": { + "markdownDescription": "Specifies whether Amazon S3 should ignore public ACLs for buckets in this account. Setting this element to `TRUE` causes Amazon S3 to ignore all public ACLs on buckets in this account and any objects that they contain.\n\nEnabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.\n\nThis property is not supported for Amazon S3 on Outposts.", + "title": "IgnorePublicAcls", + "type": "boolean" + }, + "RestrictPublicBuckets": { + "markdownDescription": "Specifies whether Amazon S3 should restrict public bucket policies for buckets in this account. Setting this element to `TRUE` restricts access to buckets with public policies to only AWS service principals and authorized users within this account.\n\nEnabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.\n\nThis property is not supported for Amazon S3 on Outposts.", + "title": "RestrictPublicBuckets", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::S3ObjectLambda::AccessPoint.TransformationConfiguration": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "type": "string" + }, + "markdownDescription": "A container for the action of an Object Lambda Access Point configuration. Valid inputs are `GetObject` , `HeadObject` , `ListObject` , and `ListObjectV2` .", + "title": "Actions", + "type": "array" + }, + "ContentTransformation": { + "$ref": "#/definitions/AWS::S3ObjectLambda::AccessPoint.ContentTransformation", + "markdownDescription": "A container for the content transformation of an Object Lambda Access Point configuration. Can include the FunctionArn and FunctionPayload. For more information, see [AwsLambdaTransformation](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_AwsLambdaTransformation.html) in the *Amazon S3 API Reference* .", + "title": "ContentTransformation" + } + }, + "required": [ + "Actions", + "ContentTransformation" + ], + "type": "object" + }, + "AWS::S3ObjectLambda::AccessPointPolicy": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ObjectLambdaAccessPoint": { + "markdownDescription": "An access point with an attached AWS Lambda function used to access transformed data from an Amazon S3 bucket.", + "title": "ObjectLambdaAccessPoint", + "type": "string" + }, + "PolicyDocument": { + "markdownDescription": "Object Lambda Access Point resource policy document.", + "title": "PolicyDocument", + "type": "object" + } + }, + "required": [ + "ObjectLambdaAccessPoint", + "PolicyDocument" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::S3ObjectLambda::AccessPointPolicy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::S3Outposts::AccessPoint": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The Amazon Resource Name (ARN) of the S3 on Outposts bucket that is associated with this access point.", + "title": "Bucket", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of this access point.", + "title": "Name", + "type": "string" + }, + "Policy": { + "markdownDescription": "The access point policy associated with this access point.", + "title": "Policy", + "type": "object" + }, + "VpcConfiguration": { + "$ref": "#/definitions/AWS::S3Outposts::AccessPoint.VpcConfiguration", + "markdownDescription": "The virtual private cloud (VPC) configuration for this access point, if one exists.", + "title": "VpcConfiguration" + } + }, + "required": [ + "Bucket", + "Name", + "VpcConfiguration" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::S3Outposts::AccessPoint" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::S3Outposts::AccessPoint.VpcConfiguration": { + "additionalProperties": false, + "properties": { + "VpcId": { + "markdownDescription": "", + "title": "VpcId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::S3Outposts::Bucket": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "A name for the S3 on Outposts bucket. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the bucket name. The bucket name must contain only lowercase letters, numbers, periods (.), and dashes (-) and must follow [Amazon S3 bucket restrictions and limitations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/BucketRestrictions.html) . For more information, see [Bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/BucketRestrictions.html#bucketnamingrules) .\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you need to replace the resource, specify a new name.", + "title": "BucketName", + "type": "string" + }, + "LifecycleConfiguration": { + "$ref": "#/definitions/AWS::S3Outposts::Bucket.LifecycleConfiguration", + "markdownDescription": "Creates a new lifecycle configuration for the S3 on Outposts bucket or replaces an existing lifecycle configuration. Outposts buckets only support lifecycle configurations that delete/expire objects after a certain period of time and abort incomplete multipart uploads.", + "title": "LifecycleConfiguration" + }, + "OutpostId": { + "markdownDescription": "The ID of the Outpost of the specified bucket.", + "title": "OutpostId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Sets the tags for an S3 on Outposts bucket. For more information, see [Using Amazon S3 on Outposts](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) .\n\nUse tags to organize your AWS bill to reflect your own cost structure. To do this, sign up to get your AWS account bill with tag key values included. Then, to see the cost of combined resources, organize your billing information according to resources with the same tag key values. For example, you can tag several resources with a specific application name, and then organize your billing information to see the total cost of that application across several services. For more information, see [Cost allocation and tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html) .\n\n> Within a bucket, if you add a tag that has the same key as an existing tag, the new value overwrites the old value. For more information, see [Using cost allocation and bucket tags](https://docs.aws.amazon.com/AmazonS3/latest/userguide/CostAllocTagging.html) . \n\nTo use this resource, you must have permissions to perform the `s3-outposts:PutBucketTagging` . The S3 on Outposts bucket owner has this permission by default and can grant this permission to others. For more information about permissions, see [Permissions Related to Bucket Subresource Operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) and [Managing access permissions to your Amazon S3 resources](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "BucketName", + "OutpostId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::S3Outposts::Bucket" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::S3Outposts::Bucket.AbortIncompleteMultipartUpload": { + "additionalProperties": false, + "properties": { + "DaysAfterInitiation": { + "markdownDescription": "Specifies the number of days after initiation that Amazon S3 on Outposts aborts an incomplete multipart upload.", + "title": "DaysAfterInitiation", + "type": "number" + } + }, + "required": [ + "DaysAfterInitiation" + ], + "type": "object" + }, + "AWS::S3Outposts::Bucket.Filter": { + "additionalProperties": false, + "properties": { + "AndOperator": { + "$ref": "#/definitions/AWS::S3Outposts::Bucket.FilterAndOperator", + "markdownDescription": "", + "title": "AndOperator" + }, + "Prefix": { + "markdownDescription": "", + "title": "Prefix", + "type": "string" + }, + "Tag": { + "$ref": "#/definitions/AWS::S3Outposts::Bucket.FilterTag", + "markdownDescription": "", + "title": "Tag" + } + }, + "type": "object" + }, + "AWS::S3Outposts::Bucket.FilterAndOperator": { + "additionalProperties": false, + "properties": { + "Prefix": { + "markdownDescription": "", + "title": "Prefix", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::S3Outposts::Bucket.FilterTag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Tags" + ], + "type": "object" + }, + "AWS::S3Outposts::Bucket.FilterTag": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::S3Outposts::Bucket.LifecycleConfiguration": { + "additionalProperties": false, + "properties": { + "Rules": { + "items": { + "$ref": "#/definitions/AWS::S3Outposts::Bucket.Rule" + }, + "markdownDescription": "The container for the lifecycle configuration rules for the objects stored in the S3 on Outposts bucket.", + "title": "Rules", + "type": "array" + } + }, + "required": [ + "Rules" + ], + "type": "object" + }, + "AWS::S3Outposts::Bucket.Rule": { + "additionalProperties": false, + "properties": { + "AbortIncompleteMultipartUpload": { + "$ref": "#/definitions/AWS::S3Outposts::Bucket.AbortIncompleteMultipartUpload", + "markdownDescription": "The container for the abort incomplete multipart upload rule.", + "title": "AbortIncompleteMultipartUpload" + }, + "ExpirationDate": { + "markdownDescription": "Specifies the expiration for the lifecycle of the object by specifying an expiry date.", + "title": "ExpirationDate", + "type": "string" + }, + "ExpirationInDays": { + "markdownDescription": "Specifies the expiration for the lifecycle of the object in the form of days that the object has been in the S3 on Outposts bucket.", + "title": "ExpirationInDays", + "type": "number" + }, + "Filter": { + "$ref": "#/definitions/AWS::S3Outposts::Bucket.Filter", + "markdownDescription": "The container for the filter of the lifecycle rule.", + "title": "Filter" + }, + "Id": { + "markdownDescription": "", + "title": "Id", + "type": "string" + }, + "Status": { + "markdownDescription": "If `Enabled` , the rule is currently being applied. If `Disabled` , the rule is not currently being applied.", + "title": "Status", + "type": "string" + } + }, + "required": [ + "Status" + ], + "type": "object" + }, + "AWS::S3Outposts::BucketPolicy": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The name of the Amazon S3 Outposts bucket to which the policy applies.", + "title": "Bucket", + "type": "string" + }, + "PolicyDocument": { + "markdownDescription": "A policy document containing permissions to add to the specified bucket. In IAM, you must provide policy documents in JSON format. However, in CloudFormation, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to IAM. For more information, see the AWS::IAM::Policy [PolicyDocument](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html#cfn-iam-policy-policydocument) resource description in this guide and [Access Policy Language Overview](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-policy-language-overview.html) .", + "title": "PolicyDocument", + "type": "object" + } + }, + "required": [ + "Bucket", + "PolicyDocument" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::S3Outposts::BucketPolicy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::S3Outposts::Endpoint": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AccessType": { + "markdownDescription": "The container for the type of connectivity used to access the Amazon S3 on Outposts endpoint. To use the Amazon VPC , choose `Private` . To use the endpoint with an on-premises network, choose `CustomerOwnedIp` . If you choose `CustomerOwnedIp` , you must also provide the customer-owned IP address pool (CoIP pool).\n\n> `Private` is the default access type value.", + "title": "AccessType", + "type": "string" + }, + "CustomerOwnedIpv4Pool": { + "markdownDescription": "The ID of the customer-owned IPv4 address pool (CoIP pool) for the endpoint. IP addresses are allocated from this pool for the endpoint.", + "title": "CustomerOwnedIpv4Pool", + "type": "string" + }, + "FailedReason": { + "$ref": "#/definitions/AWS::S3Outposts::Endpoint.FailedReason", + "markdownDescription": "The failure reason, if any, for a create or delete endpoint operation.", + "title": "FailedReason" + }, + "OutpostId": { + "markdownDescription": "The ID of the Outpost.", + "title": "OutpostId", + "type": "string" + }, + "SecurityGroupId": { + "markdownDescription": "The ID of the security group used for the endpoint.", + "title": "SecurityGroupId", + "type": "string" + }, + "SubnetId": { + "markdownDescription": "The ID of the subnet used for the endpoint.", + "title": "SubnetId", + "type": "string" + } + }, + "required": [ + "OutpostId", + "SecurityGroupId", + "SubnetId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::S3Outposts::Endpoint" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::S3Outposts::Endpoint.FailedReason": { + "additionalProperties": false, + "properties": { + "ErrorCode": { + "markdownDescription": "The failure code, if any, for a create or delete endpoint operation.", + "title": "ErrorCode", + "type": "string" + }, + "Message": { + "markdownDescription": "Additional error details describing the endpoint failure and recommended action.", + "title": "Message", + "type": "string" + } + }, + "type": "object" + }, + "AWS::S3Outposts::Endpoint.NetworkInterface": { + "additionalProperties": false, + "properties": { + "NetworkInterfaceId": { + "markdownDescription": "The ID for the network interface.", + "title": "NetworkInterfaceId", + "type": "string" + } + }, + "required": [ + "NetworkInterfaceId" + ], + "type": "object" + }, + "AWS::S3Tables::Namespace": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Namespace": { + "markdownDescription": "The name of the namespace.", + "title": "Namespace", + "type": "string" + }, + "TableBucketARN": { + "markdownDescription": "", + "title": "TableBucketARN", + "type": "string" + } + }, + "required": [ + "Namespace", + "TableBucketARN" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::S3Tables::Namespace" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::S3Tables::Table": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Compaction": { + "$ref": "#/definitions/AWS::S3Tables::Table.Compaction", + "markdownDescription": "", + "title": "Compaction" + }, + "IcebergMetadata": { + "$ref": "#/definitions/AWS::S3Tables::Table.IcebergMetadata", + "markdownDescription": "Contains details about the metadata for an Iceberg table.", + "title": "IcebergMetadata" + }, + "Namespace": { + "markdownDescription": "The name of the namespace.", + "title": "Namespace", + "type": "string" + }, + "OpenTableFormat": { + "markdownDescription": "", + "title": "OpenTableFormat", + "type": "string" + }, + "SnapshotManagement": { + "$ref": "#/definitions/AWS::S3Tables::Table.SnapshotManagement", + "markdownDescription": "", + "title": "SnapshotManagement" + }, + "TableBucketARN": { + "markdownDescription": "", + "title": "TableBucketARN", + "type": "string" + }, + "TableName": { + "markdownDescription": "", + "title": "TableName", + "type": "string" + }, + "WithoutMetadata": { + "markdownDescription": "", + "title": "WithoutMetadata", + "type": "string" + } + }, + "required": [ + "Namespace", + "OpenTableFormat", + "TableBucketARN", + "TableName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::S3Tables::Table" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::S3Tables::Table.Compaction": { + "additionalProperties": false, + "properties": { + "Status": { + "markdownDescription": "", + "title": "Status", + "type": "string" + }, + "TargetFileSizeMB": { + "markdownDescription": "", + "title": "TargetFileSizeMB", + "type": "number" + } + }, + "type": "object" + }, + "AWS::S3Tables::Table.IcebergMetadata": { + "additionalProperties": false, + "properties": { + "IcebergSchema": { + "$ref": "#/definitions/AWS::S3Tables::Table.IcebergSchema", + "markdownDescription": "", + "title": "IcebergSchema" + } + }, + "required": [ + "IcebergSchema" + ], + "type": "object" + }, + "AWS::S3Tables::Table.IcebergSchema": { + "additionalProperties": false, + "properties": { + "SchemaFieldList": { + "items": { + "$ref": "#/definitions/AWS::S3Tables::Table.SchemaField" + }, + "markdownDescription": "", + "title": "SchemaFieldList", + "type": "array" + } + }, + "required": [ + "SchemaFieldList" + ], + "type": "object" + }, + "AWS::S3Tables::Table.SchemaField": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the field.", + "title": "Name", + "type": "string" + }, + "Required": { + "markdownDescription": "A Boolean value that specifies whether values are required for each row in this field. By default, this is `false` and null values are allowed in the field. If this is `true` the field does not allow null values.", + "title": "Required", + "type": "boolean" + }, + "Type": { + "markdownDescription": "The field type. S3 Tables supports all Apache Iceberg primitive types. For more information, see the [Apache Iceberg documentation](https://docs.aws.amazon.com/https://iceberg.apache.org/spec/#primitive-types) .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Name", + "Type" + ], + "type": "object" + }, + "AWS::S3Tables::Table.SnapshotManagement": { + "additionalProperties": false, + "properties": { + "MaxSnapshotAgeHours": { + "markdownDescription": "", + "title": "MaxSnapshotAgeHours", + "type": "number" + }, + "MinSnapshotsToKeep": { + "markdownDescription": "", + "title": "MinSnapshotsToKeep", + "type": "number" + }, + "Status": { + "markdownDescription": "", + "title": "Status", + "type": "string" + } + }, + "type": "object" + }, + "AWS::S3Tables::TableBucket": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::S3Tables::TableBucket.EncryptionConfiguration", + "markdownDescription": "Configuration specifying how data should be encrypted. This structure defines the encryption algorithm and optional KMS key to be used for server-side encryption.", + "title": "EncryptionConfiguration" + }, + "TableBucketName": { + "markdownDescription": "The name for the table bucket.", + "title": "TableBucketName", + "type": "string" + }, + "UnreferencedFileRemoval": { + "$ref": "#/definitions/AWS::S3Tables::TableBucket.UnreferencedFileRemoval", + "markdownDescription": "The unreferenced file removal settings for your table bucket. Unreferenced file removal identifies and deletes all objects that are not referenced by any table snapshots. For more information, see the [*Amazon S3 User Guide*](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-table-buckets-maintenance.html) .", + "title": "UnreferencedFileRemoval" + } + }, + "required": [ + "TableBucketName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::S3Tables::TableBucket" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::S3Tables::TableBucket.EncryptionConfiguration": { + "additionalProperties": false, + "properties": { + "KMSKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key to use for encryption. This field is required only when `sseAlgorithm` is set to `aws:kms` .", + "title": "KMSKeyArn", + "type": "string" + }, + "SSEAlgorithm": { + "markdownDescription": "The server-side encryption algorithm to use. Valid values are `AES256` for S3-managed encryption keys, or `aws:kms` for AWS KMS-managed encryption keys. If you choose SSE-KMS encryption you must grant the S3 Tables maintenance principal access to your KMS key. For more information, see [Permissions requirements for S3 Tables SSE-KMS encryption](https://docs.aws.amazon.com//AmazonS3/latest/userguide/s3-tables-kms-permissions.html) .", + "title": "SSEAlgorithm", + "type": "string" + } + }, + "type": "object" + }, + "AWS::S3Tables::TableBucket.UnreferencedFileRemoval": { + "additionalProperties": false, + "properties": { + "NoncurrentDays": { + "markdownDescription": "The number of days an object can be noncurrent before Amazon S3 deletes it.", + "title": "NoncurrentDays", + "type": "number" + }, + "Status": { + "markdownDescription": "The status of the unreferenced file removal configuration for your table bucket.", + "title": "Status", + "type": "string" + }, + "UnreferencedDays": { + "markdownDescription": "The number of days an object must be unreferenced by your table before Amazon S3 marks the object as noncurrent.", + "title": "UnreferencedDays", + "type": "number" + } + }, + "type": "object" + }, + "AWS::S3Tables::TableBucketPolicy": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ResourcePolicy": { + "markdownDescription": "The bucket policy JSON for the table bucket.", + "title": "ResourcePolicy", + "type": "object" + }, + "TableBucketARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the table bucket.", + "title": "TableBucketARN", + "type": "string" + } + }, + "required": [ + "ResourcePolicy", + "TableBucketARN" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::S3Tables::TableBucketPolicy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::S3Tables::TablePolicy": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ResourcePolicy": { + "markdownDescription": "", + "title": "ResourcePolicy", + "type": "object" + }, + "TableARN": { + "markdownDescription": "", + "title": "TableARN", + "type": "string" + } + }, + "required": [ + "ResourcePolicy", + "TableARN" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::S3Tables::TablePolicy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SDB::Domain": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "Information about the SimpleDB domain.", + "title": "Description", + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SDB::Domain" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::SES::ConfigurationSet": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DeliveryOptions": { + "$ref": "#/definitions/AWS::SES::ConfigurationSet.DeliveryOptions", + "markdownDescription": "Specifies the name of the dedicated IP pool to associate with the configuration set and whether messages that use the configuration set are required to use Transport Layer Security (TLS).", + "title": "DeliveryOptions" + }, + "Name": { + "markdownDescription": "The name of the configuration set. The name must meet the following requirements:\n\n- Contain only letters (a-z, A-Z), numbers (0-9), underscores (_), or dashes (-).\n- Contain 64 characters or fewer.", + "title": "Name", + "type": "string" + }, + "ReputationOptions": { + "$ref": "#/definitions/AWS::SES::ConfigurationSet.ReputationOptions", + "markdownDescription": "An object that defines whether or not Amazon SES collects reputation metrics for the emails that you send that use the configuration set.", + "title": "ReputationOptions" + }, + "SendingOptions": { + "$ref": "#/definitions/AWS::SES::ConfigurationSet.SendingOptions", + "markdownDescription": "An object that defines whether or not Amazon SES can send email that you send using the configuration set.", + "title": "SendingOptions" + }, + "SuppressionOptions": { + "$ref": "#/definitions/AWS::SES::ConfigurationSet.SuppressionOptions", + "markdownDescription": "An object that contains information about the suppression list preferences for your account.", + "title": "SuppressionOptions" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of objects that define the tags (keys and values) that are associated with the configuration set.", + "title": "Tags", + "type": "array" + }, + "TrackingOptions": { + "$ref": "#/definitions/AWS::SES::ConfigurationSet.TrackingOptions", + "markdownDescription": "An object that defines the open and click tracking options for emails that you send using the configuration set.", + "title": "TrackingOptions" + }, + "VdmOptions": { + "$ref": "#/definitions/AWS::SES::ConfigurationSet.VdmOptions", + "markdownDescription": "The Virtual Deliverability Manager (VDM) options that apply to the configuration set.", + "title": "VdmOptions" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SES::ConfigurationSet" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::SES::ConfigurationSet.DashboardOptions": { + "additionalProperties": false, + "properties": { + "EngagementMetrics": { + "markdownDescription": "Specifies the status of your VDM engagement metrics collection. Can be one of the following:\n\n- `ENABLED` \u2013 Amazon SES enables engagement metrics for the configuration set.\n- `DISABLED` \u2013 Amazon SES disables engagement metrics for the configuration set.", + "title": "EngagementMetrics", + "type": "string" + } + }, + "required": [ + "EngagementMetrics" + ], + "type": "object" + }, + "AWS::SES::ConfigurationSet.DeliveryOptions": { + "additionalProperties": false, + "properties": { + "MaxDeliverySeconds": { + "markdownDescription": "The maximum amount of time, in seconds, that Amazon SES API v2 will attempt delivery of email. If specified, the value must greater than or equal to 300 seconds (5 minutes) and less than or equal to 50400 seconds (840 minutes).", + "title": "MaxDeliverySeconds", + "type": "number" + }, + "SendingPoolName": { + "markdownDescription": "The name of the dedicated IP pool to associate with the configuration set.", + "title": "SendingPoolName", + "type": "string" + }, + "TlsPolicy": { + "markdownDescription": "Specifies whether messages that use the configuration set are required to use Transport Layer Security (TLS). If the value is `REQUIRE` , messages are only delivered if a TLS connection can be established. If the value is `OPTIONAL` , messages can be delivered in plain text if a TLS connection can't be established.\n\nValid Values: `REQUIRE | OPTIONAL`", + "title": "TlsPolicy", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SES::ConfigurationSet.GuardianOptions": { + "additionalProperties": false, + "properties": { + "OptimizedSharedDelivery": { + "markdownDescription": "Specifies the status of your VDM optimized shared delivery. Can be one of the following:\n\n- `ENABLED` \u2013 Amazon SES enables optimized shared delivery for the configuration set.\n- `DISABLED` \u2013 Amazon SES disables optimized shared delivery for the configuration set.", + "title": "OptimizedSharedDelivery", + "type": "string" + } + }, + "required": [ + "OptimizedSharedDelivery" + ], + "type": "object" + }, + "AWS::SES::ConfigurationSet.ReputationOptions": { + "additionalProperties": false, + "properties": { + "ReputationMetricsEnabled": { + "markdownDescription": "If `true` , tracking of reputation metrics is enabled for the configuration set. If `false` , tracking of reputation metrics is disabled for the configuration set.", + "title": "ReputationMetricsEnabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::SES::ConfigurationSet.SendingOptions": { + "additionalProperties": false, + "properties": { + "SendingEnabled": { + "markdownDescription": "If `true` , email sending is enabled for the configuration set. If `false` , email sending is disabled for the configuration set.", + "title": "SendingEnabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::SES::ConfigurationSet.SuppressionOptions": { + "additionalProperties": false, + "properties": { + "SuppressedReasons": { + "items": { + "type": "string" + }, + "markdownDescription": "A list that contains the reasons that email addresses are automatically added to the suppression list for your account. This list can contain any or all of the following:\n\n- `COMPLAINT` \u2013 Amazon SES adds an email address to the suppression list for your account when a message sent to that address results in a complaint.\n- `BOUNCE` \u2013 Amazon SES adds an email address to the suppression list for your account when a message sent to that address results in a hard bounce.", + "title": "SuppressedReasons", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SES::ConfigurationSet.TrackingOptions": { + "additionalProperties": false, + "properties": { + "CustomRedirectDomain": { + "markdownDescription": "The custom subdomain that is used to redirect email recipients to the Amazon SES event tracking domain.", + "title": "CustomRedirectDomain", + "type": "string" + }, + "HttpsPolicy": { + "markdownDescription": "The https policy to use for tracking open and click events.", + "title": "HttpsPolicy", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SES::ConfigurationSet.VdmOptions": { + "additionalProperties": false, + "properties": { + "DashboardOptions": { + "$ref": "#/definitions/AWS::SES::ConfigurationSet.DashboardOptions", + "markdownDescription": "Specifies additional settings for your VDM configuration as applicable to the Dashboard.", + "title": "DashboardOptions" + }, + "GuardianOptions": { + "$ref": "#/definitions/AWS::SES::ConfigurationSet.GuardianOptions", + "markdownDescription": "Specifies additional settings for your VDM configuration as applicable to the Guardian.", + "title": "GuardianOptions" + } + }, + "type": "object" + }, + "AWS::SES::ConfigurationSetEventDestination": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ConfigurationSetName": { + "markdownDescription": "The name of the configuration set that contains the event destination.", + "title": "ConfigurationSetName", + "type": "string" + }, + "EventDestination": { + "$ref": "#/definitions/AWS::SES::ConfigurationSetEventDestination.EventDestination", + "markdownDescription": "An object that defines the event destination.", + "title": "EventDestination" + } + }, + "required": [ + "ConfigurationSetName", + "EventDestination" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SES::ConfigurationSetEventDestination" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SES::ConfigurationSetEventDestination.CloudWatchDestination": { + "additionalProperties": false, + "properties": { + "DimensionConfigurations": { + "items": { + "$ref": "#/definitions/AWS::SES::ConfigurationSetEventDestination.DimensionConfiguration" + }, + "markdownDescription": "An array of objects that define the dimensions to use when you send email events to Amazon CloudWatch.", + "title": "DimensionConfigurations", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SES::ConfigurationSetEventDestination.DimensionConfiguration": { + "additionalProperties": false, + "properties": { + "DefaultDimensionValue": { + "markdownDescription": "The default value of the dimension that is published to Amazon CloudWatch if you don't provide the value of the dimension when you send an email. This value has to meet the following criteria:\n\n- Can only contain ASCII letters (a\u2013z, A\u2013Z), numbers (0\u20139), underscores (_), or dashes (-), at signs (@), and periods (.).\n- It can contain no more than 256 characters.", + "title": "DefaultDimensionValue", + "type": "string" + }, + "DimensionName": { + "markdownDescription": "The name of an Amazon CloudWatch dimension associated with an email sending metric. The name has to meet the following criteria:\n\n- It can only contain ASCII letters (a\u2013z, A\u2013Z), numbers (0\u20139), underscores (_), or dashes (-).\n- It can contain no more than 256 characters.", + "title": "DimensionName", + "type": "string" + }, + "DimensionValueSource": { + "markdownDescription": "The location where the Amazon SES API v2 finds the value of a dimension to publish to Amazon CloudWatch. To use the message tags that you specify using an `X-SES-MESSAGE-TAGS` header or a parameter to the `SendEmail` or `SendRawEmail` API, choose `messageTag` . To use your own email headers, choose `emailHeader` . To use link tags, choose `linkTag` .", + "title": "DimensionValueSource", + "type": "string" + } + }, + "required": [ + "DefaultDimensionValue", + "DimensionName", + "DimensionValueSource" + ], + "type": "object" + }, + "AWS::SES::ConfigurationSetEventDestination.EventBridgeDestination": { + "additionalProperties": false, + "properties": { + "EventBusArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon EventBridge bus to publish email events to. Only the default bus is supported.", + "title": "EventBusArn", + "type": "string" + } + }, + "required": [ + "EventBusArn" + ], + "type": "object" + }, + "AWS::SES::ConfigurationSetEventDestination.EventDestination": { + "additionalProperties": false, + "properties": { + "CloudWatchDestination": { + "$ref": "#/definitions/AWS::SES::ConfigurationSetEventDestination.CloudWatchDestination", + "markdownDescription": "An object that defines an Amazon CloudWatch destination for email events. You can use Amazon CloudWatch to monitor and gain insights on your email sending metrics.", + "title": "CloudWatchDestination" + }, + "Enabled": { + "markdownDescription": "If `true` , the event destination is enabled. When the event destination is enabled, the specified event types are sent to the destinations in this `EventDestinationDefinition` .\n\nIf `false` , the event destination is disabled. When the event destination is disabled, events aren't sent to the specified destinations.", + "title": "Enabled", + "type": "boolean" + }, + "EventBridgeDestination": { + "$ref": "#/definitions/AWS::SES::ConfigurationSetEventDestination.EventBridgeDestination", + "markdownDescription": "An object that defines an Amazon EventBridge destination for email events. You can use Amazon EventBridge to send notifications when certain email events occur.", + "title": "EventBridgeDestination" + }, + "KinesisFirehoseDestination": { + "$ref": "#/definitions/AWS::SES::ConfigurationSetEventDestination.KinesisFirehoseDestination", + "markdownDescription": "An object that contains the delivery stream ARN and the IAM role ARN associated with an Amazon Kinesis Firehose event destination.", + "title": "KinesisFirehoseDestination" + }, + "MatchingEventTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The types of events that Amazon SES sends to the specified event destinations.\n\n- `SEND` - The send request was successful and SES will attempt to deliver the message to the recipient\u2019s mail server. (If account-level or global suppression is being used, SES will still count it as a send, but delivery is suppressed.)\n- `REJECT` - SES accepted the email, but determined that it contained a virus and didn\u2019t attempt to deliver it to the recipient\u2019s mail server.\n- `BOUNCE` - ( *Hard bounce* ) The recipient's mail server permanently rejected the email. ( *Soft bounces* are only included when SES fails to deliver the email after retrying for a period of time.)\n- `COMPLAINT` - The email was successfully delivered to the recipient\u2019s mail server, but the recipient marked it as spam.\n- `DELIVERY` - SES successfully delivered the email to the recipient's mail server.\n- `OPEN` - The recipient received the message and opened it in their email client.\n- `CLICK` - The recipient clicked one or more links in the email.\n- `RENDERING_FAILURE` - The email wasn't sent because of a template rendering issue. This event type can occur when template data is missing, or when there is a mismatch between template parameters and data. (This event type only occurs when you send email using the [`SendEmail`](https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_SendEmail.html) or [`SendBulkEmail`](https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_SendBulkEmail.html) API operations.)\n- `DELIVERY_DELAY` - The email couldn't be delivered to the recipient\u2019s mail server because a temporary issue occurred. Delivery delays can occur, for example, when the recipient's inbox is full, or when the receiving email server experiences a transient issue.\n- `SUBSCRIPTION` - The email was successfully delivered, but the recipient updated their subscription preferences by clicking on an *unsubscribe* link as part of your [subscription management](https://docs.aws.amazon.com/ses/latest/dg/sending-email-subscription-management.html) .", + "title": "MatchingEventTypes", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the event destination. The name must meet the following requirements:\n\n- Contain only ASCII letters (a-z, A-Z), numbers (0-9), underscores (_), or dashes (-).\n- Contain 64 characters or fewer.", + "title": "Name", + "type": "string" + }, + "SnsDestination": { + "$ref": "#/definitions/AWS::SES::ConfigurationSetEventDestination.SnsDestination", + "markdownDescription": "An object that contains the topic ARN associated with an Amazon Simple Notification Service (Amazon SNS) event destination.", + "title": "SnsDestination" + } + }, + "required": [ + "MatchingEventTypes" + ], + "type": "object" + }, + "AWS::SES::ConfigurationSetEventDestination.KinesisFirehoseDestination": { + "additionalProperties": false, + "properties": { + "DeliveryStreamARN": { + "markdownDescription": "The ARN of the Amazon Kinesis Firehose stream that email sending events should be published to.", + "title": "DeliveryStreamARN", + "type": "string" + }, + "IAMRoleARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that the Amazon SES API v2 uses to send email events to the Amazon Kinesis Data Firehose stream.", + "title": "IAMRoleARN", + "type": "string" + } + }, + "required": [ + "DeliveryStreamARN", + "IAMRoleARN" + ], + "type": "object" + }, + "AWS::SES::ConfigurationSetEventDestination.SnsDestination": { + "additionalProperties": false, + "properties": { + "TopicARN": { + "markdownDescription": "The ARN of the Amazon SNS topic for email sending events. You can find the ARN of a topic by using the [ListTopics](https://docs.aws.amazon.com/sns/latest/api/API_ListTopics.html) Amazon SNS operation.\n\nFor more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) .", + "title": "TopicARN", + "type": "string" + } + }, + "required": [ + "TopicARN" + ], + "type": "object" + }, + "AWS::SES::ContactList": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ContactListName": { + "markdownDescription": "The name of the contact list.", + "title": "ContactListName", + "type": "string" + }, + "Description": { + "markdownDescription": "A description of what the contact list is about.", + "title": "Description", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags associated with a contact list.", + "title": "Tags", + "type": "array" + }, + "Topics": { + "items": { + "$ref": "#/definitions/AWS::SES::ContactList.Topic" + }, + "markdownDescription": "An interest group, theme, or label within a list. A contact list can have multiple topics.", + "title": "Topics", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SES::ContactList" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::SES::ContactList.Topic": { + "additionalProperties": false, + "properties": { + "DefaultSubscriptionStatus": { + "markdownDescription": "The default subscription status to be applied to a contact if the contact has not noted their preference for subscribing to a topic.", + "title": "DefaultSubscriptionStatus", + "type": "string" + }, + "Description": { + "markdownDescription": "A description of what the topic is about, which the contact will see.", + "title": "Description", + "type": "string" + }, + "DisplayName": { + "markdownDescription": "The name of the topic the contact will see.", + "title": "DisplayName", + "type": "string" + }, + "TopicName": { + "markdownDescription": "The name of the topic.", + "title": "TopicName", + "type": "string" + } + }, + "required": [ + "DefaultSubscriptionStatus", + "DisplayName", + "TopicName" + ], + "type": "object" + }, + "AWS::SES::DedicatedIpPool": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "PoolName": { + "markdownDescription": "The name of the dedicated IP pool that the IP address is associated with.", + "title": "PoolName", + "type": "string" + }, + "ScalingMode": { + "markdownDescription": "The type of scaling mode.\n\nThe following options are available:\n\n- `STANDARD` - The customer controls which IPs are part of the dedicated IP pool.\n- `MANAGED` - The reputation and number of IPs are automatically managed by Amazon SES .\n\nThe `STANDARD` option is selected by default if no value is specified.\n\n> Updating *ScalingMode* doesn't require a replacement if you're updating its value from `STANDARD` to `MANAGED` . However, updating *ScalingMode* from `MANAGED` to `STANDARD` is not supported.", + "title": "ScalingMode", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An object that defines the tags (keys and values) that you want to associate with the pool.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SES::DedicatedIpPool" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::SES::EmailIdentity": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ConfigurationSetAttributes": { + "$ref": "#/definitions/AWS::SES::EmailIdentity.ConfigurationSetAttributes", + "markdownDescription": "Used to associate a configuration set with an email identity.", + "title": "ConfigurationSetAttributes" + }, + "DkimAttributes": { + "$ref": "#/definitions/AWS::SES::EmailIdentity.DkimAttributes", + "markdownDescription": "An object that contains information about the DKIM attributes for the identity.", + "title": "DkimAttributes" + }, + "DkimSigningAttributes": { + "$ref": "#/definitions/AWS::SES::EmailIdentity.DkimSigningAttributes", + "markdownDescription": "If your request includes this object, Amazon SES configures the identity to use Bring Your Own DKIM (BYODKIM) for DKIM authentication purposes, or, configures the key length to be used for [Easy DKIM](https://docs.aws.amazon.com/ses/latest/DeveloperGuide/easy-dkim.html) .\n\nYou can only specify this object if the email identity is a domain, as opposed to an address.", + "title": "DkimSigningAttributes" + }, + "EmailIdentity": { + "markdownDescription": "The email address or domain to verify.", + "title": "EmailIdentity", + "type": "string" + }, + "FeedbackAttributes": { + "$ref": "#/definitions/AWS::SES::EmailIdentity.FeedbackAttributes", + "markdownDescription": "Used to enable or disable feedback forwarding for an identity.", + "title": "FeedbackAttributes" + }, + "MailFromAttributes": { + "$ref": "#/definitions/AWS::SES::EmailIdentity.MailFromAttributes", + "markdownDescription": "Used to enable or disable the custom Mail-From domain configuration for an email identity.", + "title": "MailFromAttributes" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of objects that define the tags (keys and values) to associate with the email identity.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "EmailIdentity" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SES::EmailIdentity" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SES::EmailIdentity.ConfigurationSetAttributes": { + "additionalProperties": false, + "properties": { + "ConfigurationSetName": { + "markdownDescription": "The configuration set to associate with an email identity.", + "title": "ConfigurationSetName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SES::EmailIdentity.DkimAttributes": { + "additionalProperties": false, + "properties": { + "SigningEnabled": { + "markdownDescription": "Sets the DKIM signing configuration for the identity.\n\nWhen you set this value `true` , then the messages that are sent from the identity are signed using DKIM. If you set this value to `false` , your messages are sent without DKIM signing.", + "title": "SigningEnabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::SES::EmailIdentity.DkimSigningAttributes": { + "additionalProperties": false, + "properties": { + "DomainSigningPrivateKey": { + "markdownDescription": "[Bring Your Own DKIM] A private key that's used to generate a DKIM signature.\n\nThe private key must use 1024 or 2048-bit RSA encryption, and must be encoded using base64 encoding.\n\n> Rather than embedding sensitive information directly in your CFN templates, we recommend you use dynamic parameters in the stack template to reference sensitive information that is stored and managed outside of CFN, such as in the AWS Systems Manager Parameter Store or AWS Secrets Manager.\n> \n> For more information, see the [Do not embed credentials in your templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/best-practices.html#creds) best practice.", + "title": "DomainSigningPrivateKey", + "type": "string" + }, + "DomainSigningSelector": { + "markdownDescription": "[Bring Your Own DKIM] A string that's used to identify a public key in the DNS configuration for a domain.", + "title": "DomainSigningSelector", + "type": "string" + }, + "NextSigningKeyLength": { + "markdownDescription": "[Easy DKIM] The key length of the future DKIM key pair to be generated. This can be changed at most once per day.\n\nValid Values: `RSA_1024_BIT | RSA_2048_BIT`", + "title": "NextSigningKeyLength", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SES::EmailIdentity.FeedbackAttributes": { + "additionalProperties": false, + "properties": { + "EmailForwardingEnabled": { + "markdownDescription": "Sets the feedback forwarding configuration for the identity.\n\nIf the value is `true` , you receive email notifications when bounce or complaint events occur. These notifications are sent to the address that you specified in the `Return-Path` header of the original email.\n\nYou're required to have a method of tracking bounces and complaints. If you haven't set up another mechanism for receiving bounce or complaint notifications (for example, by setting up an event destination), you receive an email notification when these events occur (even if this setting is disabled).", + "title": "EmailForwardingEnabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::SES::EmailIdentity.MailFromAttributes": { + "additionalProperties": false, + "properties": { + "BehaviorOnMxFailure": { + "markdownDescription": "The action to take if the required MX record isn't found when you send an email. When you set this value to `USE_DEFAULT_VALUE` , the mail is sent using *amazonses.com* as the MAIL FROM domain. When you set this value to `REJECT_MESSAGE` , the Amazon SES API v2 returns a `MailFromDomainNotVerified` error, and doesn't attempt to deliver the email.\n\nThese behaviors are taken when the custom MAIL FROM domain configuration is in the `Pending` , `Failed` , and `TemporaryFailure` states.\n\nValid Values: `USE_DEFAULT_VALUE | REJECT_MESSAGE`", + "title": "BehaviorOnMxFailure", + "type": "string" + }, + "MailFromDomain": { + "markdownDescription": "The custom MAIL FROM domain that you want the verified identity to use. The MAIL FROM domain must meet the following criteria:\n\n- It has to be a subdomain of the verified identity.\n- It can't be used to receive email.\n- It can't be used in a \"From\" address if the MAIL FROM domain is a destination for feedback forwarding emails.", + "title": "MailFromDomain", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SES::MailManagerAddonInstance": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AddonSubscriptionId": { + "markdownDescription": "The subscription ID for the instance.", + "title": "AddonSubscriptionId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for the resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "AddonSubscriptionId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SES::MailManagerAddonInstance" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SES::MailManagerAddonSubscription": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AddonName": { + "markdownDescription": "The name of the Add On to subscribe to. You can only have one subscription for each Add On name.\n\nValid Values: `TRENDMICRO_VSAPI | SPAMHAUS_DBL | ABUSIX_MAIL_INTELLIGENCE`", + "title": "AddonName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for the resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "AddonName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SES::MailManagerAddonSubscription" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SES::MailManagerAddressList": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AddressListName": { + "markdownDescription": "", + "title": "AddressListName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SES::MailManagerAddressList" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::SES::MailManagerArchive": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ArchiveName": { + "markdownDescription": "A unique name for the new archive.", + "title": "ArchiveName", + "type": "string" + }, + "KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key for encrypting emails in the archive.", + "title": "KmsKeyArn", + "type": "string" + }, + "Retention": { + "$ref": "#/definitions/AWS::SES::MailManagerArchive.ArchiveRetention", + "markdownDescription": "The period for retaining emails in the archive before automatic deletion.", + "title": "Retention" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for the resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SES::MailManagerArchive" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::SES::MailManagerArchive.ArchiveRetention": { + "additionalProperties": false, + "properties": { + "RetentionPeriod": { + "markdownDescription": "The enum value sets the period for retaining emails in an archive.", + "title": "RetentionPeriod", + "type": "string" + } + }, + "required": [ + "RetentionPeriod" + ], + "type": "object" + }, + "AWS::SES::MailManagerIngressPoint": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "IngressPointConfiguration": { + "$ref": "#/definitions/AWS::SES::MailManagerIngressPoint.IngressPointConfiguration", + "markdownDescription": "The configuration of the ingress endpoint resource.", + "title": "IngressPointConfiguration" + }, + "IngressPointName": { + "markdownDescription": "A user friendly name for an ingress endpoint resource.", + "title": "IngressPointName", + "type": "string" + }, + "NetworkConfiguration": { + "$ref": "#/definitions/AWS::SES::MailManagerIngressPoint.NetworkConfiguration", + "markdownDescription": "The network type (IPv4-only, Dual-Stack, PrivateLink) of the ingress endpoint resource.", + "title": "NetworkConfiguration" + }, + "RuleSetId": { + "markdownDescription": "The identifier of an existing rule set that you attach to an ingress endpoint resource.", + "title": "RuleSetId", + "type": "string" + }, + "StatusToUpdate": { + "markdownDescription": "The update status of an ingress endpoint.", + "title": "StatusToUpdate", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for the resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "title": "Tags", + "type": "array" + }, + "TrafficPolicyId": { + "markdownDescription": "The identifier of an existing traffic policy that you attach to an ingress endpoint resource.", + "title": "TrafficPolicyId", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the ingress endpoint to create.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "RuleSetId", + "TrafficPolicyId", + "Type" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SES::MailManagerIngressPoint" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SES::MailManagerIngressPoint.IngressPointConfiguration": { + "additionalProperties": false, + "properties": { + "SecretArn": { + "markdownDescription": "The SecretsManager::Secret ARN of the ingress endpoint resource.", + "title": "SecretArn", + "type": "string" + }, + "SmtpPassword": { + "markdownDescription": "The password of the ingress endpoint resource.", + "title": "SmtpPassword", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SES::MailManagerIngressPoint.NetworkConfiguration": { + "additionalProperties": false, + "properties": { + "PrivateNetworkConfiguration": { + "$ref": "#/definitions/AWS::SES::MailManagerIngressPoint.PrivateNetworkConfiguration", + "markdownDescription": "Specifies the network configuration for the private ingress point.", + "title": "PrivateNetworkConfiguration" + }, + "PublicNetworkConfiguration": { + "$ref": "#/definitions/AWS::SES::MailManagerIngressPoint.PublicNetworkConfiguration", + "markdownDescription": "Specifies the network configuration for the public ingress point.", + "title": "PublicNetworkConfiguration" + } + }, + "type": "object" + }, + "AWS::SES::MailManagerIngressPoint.PrivateNetworkConfiguration": { + "additionalProperties": false, + "properties": { + "VpcEndpointId": { + "markdownDescription": "The identifier of the VPC endpoint to associate with this private ingress point.", + "title": "VpcEndpointId", + "type": "string" + } + }, + "required": [ + "VpcEndpointId" + ], + "type": "object" + }, + "AWS::SES::MailManagerIngressPoint.PublicNetworkConfiguration": { + "additionalProperties": false, + "properties": { + "IpType": { + "markdownDescription": "The IP address type for the public ingress point. Valid values are IPV4 and DUAL_STACK.", + "title": "IpType", + "type": "object" + } + }, + "required": [ + "IpType" + ], + "type": "object" + }, + "AWS::SES::MailManagerRelay": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Authentication": { + "$ref": "#/definitions/AWS::SES::MailManagerRelay.RelayAuthentication", + "markdownDescription": "Authentication for the relay destination server\u2014specify the secretARN where the SMTP credentials are stored.", + "title": "Authentication" + }, + "RelayName": { + "markdownDescription": "The unique relay name.", + "title": "RelayName", + "type": "string" + }, + "ServerName": { + "markdownDescription": "The destination relay server address.", + "title": "ServerName", + "type": "string" + }, + "ServerPort": { + "markdownDescription": "The destination relay server port.", + "title": "ServerPort", + "type": "number" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for the resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Authentication", + "ServerName", + "ServerPort" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SES::MailManagerRelay" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SES::MailManagerRelay.RelayAuthentication": { + "additionalProperties": false, + "properties": { + "NoAuthentication": { + "markdownDescription": "Keep an empty structure if the relay destination server does not require SMTP credential authentication.", + "title": "NoAuthentication", + "type": "object" + }, + "SecretArn": { + "markdownDescription": "The ARN of the secret created in secrets manager where the relay server's SMTP credentials are stored.", + "title": "SecretArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SES::MailManagerRuleSet": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "RuleSetName": { + "markdownDescription": "A user-friendly name for the rule set.", + "title": "RuleSetName", + "type": "string" + }, + "Rules": { + "items": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.Rule" + }, + "markdownDescription": "Conditional rules that are evaluated for determining actions on email.", + "title": "Rules", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for the resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Rules" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SES::MailManagerRuleSet" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.AddHeaderAction": { + "additionalProperties": false, + "properties": { + "HeaderName": { + "markdownDescription": "The name of the header to add to an email. The header must be prefixed with \"X-\". Headers are added regardless of whether the header name pre-existed in the email.", + "title": "HeaderName", + "type": "string" + }, + "HeaderValue": { + "markdownDescription": "The value of the header to add to the email.", + "title": "HeaderValue", + "type": "string" + } + }, + "required": [ + "HeaderName", + "HeaderValue" + ], + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.Analysis": { + "additionalProperties": false, + "properties": { + "Analyzer": { + "markdownDescription": "The Amazon Resource Name (ARN) of an Add On.", + "title": "Analyzer", + "type": "string" + }, + "ResultField": { + "markdownDescription": "The returned value from an Add On.", + "title": "ResultField", + "type": "string" + } + }, + "required": [ + "Analyzer", + "ResultField" + ], + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.ArchiveAction": { + "additionalProperties": false, + "properties": { + "ActionFailurePolicy": { + "markdownDescription": "A policy that states what to do in the case of failure. The action will fail if there are configuration errors. For example, the specified archive has been deleted.", + "title": "ActionFailurePolicy", + "type": "string" + }, + "TargetArchive": { + "markdownDescription": "The identifier of the archive to send the email to.", + "title": "TargetArchive", + "type": "string" + } + }, + "required": [ + "TargetArchive" + ], + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.DeliverToMailboxAction": { + "additionalProperties": false, + "properties": { + "ActionFailurePolicy": { + "markdownDescription": "A policy that states what to do in the case of failure. The action will fail if there are configuration errors. For example, the mailbox ARN is no longer valid.", + "title": "ActionFailurePolicy", + "type": "string" + }, + "MailboxArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of a WorkMail organization to deliver the email to.", + "title": "MailboxArn", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role to use to execute this action. The role must have access to the workmail:DeliverToMailbox API.", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "MailboxArn", + "RoleArn" + ], + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.DeliverToQBusinessAction": { + "additionalProperties": false, + "properties": { + "ActionFailurePolicy": { + "markdownDescription": "A policy that states what to do in the case of failure. The action will fail if there are configuration errors. For example, the specified application has been deleted or the role lacks necessary permissions to call the `qbusiness:BatchPutDocument` API.", + "title": "ActionFailurePolicy", + "type": "string" + }, + "ApplicationId": { + "markdownDescription": "The unique identifier of the Amazon Q Business application instance where the email content will be delivered.", + "title": "ApplicationId", + "type": "string" + }, + "IndexId": { + "markdownDescription": "The identifier of the knowledge base index within the Amazon Q Business application where the email content will be stored and indexed.", + "title": "IndexId", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM Role to use while delivering to Amazon Q Business. This role must have access to the `qbusiness:BatchPutDocument` API for the given application and index.", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "ApplicationId", + "IndexId", + "RoleArn" + ], + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.RelayAction": { + "additionalProperties": false, + "properties": { + "ActionFailurePolicy": { + "markdownDescription": "A policy that states what to do in the case of failure. The action will fail if there are configuration errors. For example, the specified relay has been deleted.", + "title": "ActionFailurePolicy", + "type": "string" + }, + "MailFrom": { + "markdownDescription": "This action specifies whether to preserve or replace original mail from address while relaying received emails to a destination server.", + "title": "MailFrom", + "type": "string" + }, + "Relay": { + "markdownDescription": "The identifier of the relay resource to be used when relaying an email.", + "title": "Relay", + "type": "string" + } + }, + "required": [ + "Relay" + ], + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.ReplaceRecipientAction": { + "additionalProperties": false, + "properties": { + "ReplaceWith": { + "items": { + "type": "string" + }, + "markdownDescription": "This action specifies the replacement recipient email addresses to insert.", + "title": "ReplaceWith", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.Rule": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleAction" + }, + "markdownDescription": "The list of actions to execute when the conditions match the incoming email, and none of the \"unless conditions\" match.", + "title": "Actions", + "type": "array" + }, + "Conditions": { + "items": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleCondition" + }, + "markdownDescription": "The conditions of this rule. All conditions must match the email for the actions to be executed. An empty list of conditions means that all emails match, but are still subject to any \"unless conditions\"", + "title": "Conditions", + "type": "array" + }, + "Name": { + "markdownDescription": "The user-friendly name of the rule.", + "title": "Name", + "type": "string" + }, + "Unless": { + "items": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleCondition" + }, + "markdownDescription": "The \"unless conditions\" of this rule. None of the conditions can match the email for the actions to be executed. If any of these conditions do match the email, then the actions are not executed.", + "title": "Unless", + "type": "array" + } + }, + "required": [ + "Actions" + ], + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.RuleAction": { + "additionalProperties": false, + "properties": { + "AddHeader": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.AddHeaderAction", + "markdownDescription": "This action adds a header. This can be used to add arbitrary email headers.", + "title": "AddHeader" + }, + "Archive": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.ArchiveAction", + "markdownDescription": "This action archives the email. This can be used to deliver an email to an archive.", + "title": "Archive" + }, + "DeliverToMailbox": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.DeliverToMailboxAction", + "markdownDescription": "This action delivers an email to a WorkMail mailbox.", + "title": "DeliverToMailbox" + }, + "DeliverToQBusiness": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.DeliverToQBusinessAction", + "markdownDescription": "This action delivers an email to an Amazon Q Business application for ingestion into its knowledge base.", + "title": "DeliverToQBusiness" + }, + "Drop": { + "markdownDescription": "This action terminates the evaluation of rules in the rule set.", + "title": "Drop", + "type": "object" + }, + "PublishToSns": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.SnsAction", + "markdownDescription": "This action publishes the email content to an Amazon SNS topic.", + "title": "PublishToSns" + }, + "Relay": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RelayAction", + "markdownDescription": "This action relays the email to another SMTP server.", + "title": "Relay" + }, + "ReplaceRecipient": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.ReplaceRecipientAction", + "markdownDescription": "The action replaces certain or all recipients with a different set of recipients.", + "title": "ReplaceRecipient" + }, + "Send": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.SendAction", + "markdownDescription": "This action sends the email to the internet.", + "title": "Send" + }, + "WriteToS3": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.S3Action", + "markdownDescription": "This action writes the MIME content of the email to an S3 bucket.", + "title": "WriteToS3" + } + }, + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.RuleBooleanExpression": { + "additionalProperties": false, + "properties": { + "Evaluate": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleBooleanToEvaluate", + "markdownDescription": "The operand on which to perform a boolean condition operation.", + "title": "Evaluate" + }, + "Operator": { + "markdownDescription": "The matching operator for a boolean condition expression.", + "title": "Operator", + "type": "string" + } + }, + "required": [ + "Evaluate", + "Operator" + ], + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.RuleBooleanToEvaluate": { + "additionalProperties": false, + "properties": { + "Analysis": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.Analysis", + "markdownDescription": "The Add On ARN and its returned value to evaluate in a boolean condition expression.", + "title": "Analysis" + }, + "Attribute": { + "markdownDescription": "The boolean type representing the allowed attribute types for an email.", + "title": "Attribute", + "type": "string" + }, + "IsInAddressList": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleIsInAddressList", + "markdownDescription": "The structure representing the address lists and address list attribute that will be used in evaluation of boolean expression.", + "title": "IsInAddressList" + } + }, + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.RuleCondition": { + "additionalProperties": false, + "properties": { + "BooleanExpression": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleBooleanExpression", + "markdownDescription": "The condition applies to a boolean expression passed in this field.", + "title": "BooleanExpression" + }, + "DmarcExpression": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleDmarcExpression", + "markdownDescription": "The condition applies to a DMARC policy expression passed in this field.", + "title": "DmarcExpression" + }, + "IpExpression": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleIpExpression", + "markdownDescription": "The condition applies to an IP address expression passed in this field.", + "title": "IpExpression" + }, + "NumberExpression": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleNumberExpression", + "markdownDescription": "The condition applies to a number expression passed in this field.", + "title": "NumberExpression" + }, + "StringExpression": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleStringExpression", + "markdownDescription": "The condition applies to a string expression passed in this field.", + "title": "StringExpression" + }, + "VerdictExpression": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleVerdictExpression", + "markdownDescription": "The condition applies to a verdict expression passed in this field.", + "title": "VerdictExpression" + } + }, + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.RuleDmarcExpression": { + "additionalProperties": false, + "properties": { + "Operator": { + "markdownDescription": "The operator to apply to the DMARC policy of the incoming email.", + "title": "Operator", + "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The values to use for the given DMARC policy operator. For the operator EQUALS, if multiple values are given, they are evaluated as an OR. That is, if any of the given values match, the condition is deemed to match. For the operator NOT_EQUALS, if multiple values are given, they are evaluated as an AND. That is, only if the email's DMARC policy is not equal to any of the given values, then the condition is deemed to match.", + "title": "Values", + "type": "array" + } + }, + "required": [ + "Operator", + "Values" + ], + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.RuleIpExpression": { + "additionalProperties": false, + "properties": { + "Evaluate": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleIpToEvaluate", + "markdownDescription": "The IP address to evaluate in this condition.", + "title": "Evaluate" + }, + "Operator": { + "markdownDescription": "The operator to evaluate the IP address.", + "title": "Operator", + "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The IP CIDR blocks in format \"x.y.z.w/n\" (eg 10.0.0.0/8) to match with the email's IP address. For the operator CIDR_MATCHES, if multiple values are given, they are evaluated as an OR. That is, if the IP address is contained within any of the given CIDR ranges, the condition is deemed to match. For NOT_CIDR_MATCHES, if multiple CIDR ranges are given, the condition is deemed to match if the IP address is not contained in any of the given CIDR ranges.", + "title": "Values", + "type": "array" + } + }, + "required": [ + "Evaluate", + "Operator", + "Values" + ], + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.RuleIpToEvaluate": { + "additionalProperties": false, + "properties": { + "Attribute": { + "markdownDescription": "The attribute of the email to evaluate.", + "title": "Attribute", + "type": "string" + } + }, + "required": [ + "Attribute" + ], + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.RuleIsInAddressList": { + "additionalProperties": false, + "properties": { + "AddressLists": { + "items": { + "type": "string" + }, + "markdownDescription": "The address lists that will be used for evaluation.", + "title": "AddressLists", + "type": "array" + }, + "Attribute": { + "markdownDescription": "The email attribute that needs to be evaluated against the address list.", + "title": "Attribute", + "type": "string" + } + }, + "required": [ + "AddressLists", + "Attribute" + ], + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.RuleNumberExpression": { + "additionalProperties": false, + "properties": { + "Evaluate": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleNumberToEvaluate", + "markdownDescription": "The number to evaluate in a numeric condition expression.", + "title": "Evaluate" + }, + "Operator": { + "markdownDescription": "The operator for a numeric condition expression.", + "title": "Operator", + "type": "string" + }, + "Value": { + "markdownDescription": "The value to evaluate in a numeric condition expression.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "Evaluate", + "Operator", + "Value" + ], + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.RuleNumberToEvaluate": { + "additionalProperties": false, + "properties": { + "Attribute": { + "markdownDescription": "An email attribute that is used as the number to evaluate.", + "title": "Attribute", + "type": "string" + } + }, + "required": [ + "Attribute" + ], + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.RuleStringExpression": { + "additionalProperties": false, + "properties": { + "Evaluate": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleStringToEvaluate", + "markdownDescription": "The string to evaluate in a string condition expression.", + "title": "Evaluate" + }, + "Operator": { + "markdownDescription": "The matching operator for a string condition expression.", + "title": "Operator", + "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The string(s) to be evaluated in a string condition expression. For all operators, except for NOT_EQUALS, if multiple values are given, the values are processed as an OR. That is, if any of the values match the email's string using the given operator, the condition is deemed to match. However, for NOT_EQUALS, the condition is only deemed to match if none of the given strings match the email's string.", + "title": "Values", + "type": "array" + } + }, + "required": [ + "Evaluate", + "Operator", + "Values" + ], + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.RuleStringToEvaluate": { + "additionalProperties": false, + "properties": { + "Analysis": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.Analysis", + "markdownDescription": "The Add On ARN and its returned value to evaluate in a string condition expression.", + "title": "Analysis" + }, + "Attribute": { + "markdownDescription": "The email attribute to evaluate in a string condition expression.", + "title": "Attribute", + "type": "string" + }, + "MimeHeaderAttribute": { + "markdownDescription": "The email MIME X-Header attribute to evaluate in a string condition expression.", + "title": "MimeHeaderAttribute", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.RuleVerdictExpression": { + "additionalProperties": false, + "properties": { + "Evaluate": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleVerdictToEvaluate", + "markdownDescription": "The verdict to evaluate in a verdict condition expression.", + "title": "Evaluate" + }, + "Operator": { + "markdownDescription": "The matching operator for a verdict condition expression.", + "title": "Operator", + "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The values to match with the email's verdict using the given operator. For the EQUALS operator, if multiple values are given, the condition is deemed to match if any of the given verdicts match that of the email. For the NOT_EQUALS operator, if multiple values are given, the condition is deemed to match of none of the given verdicts match the verdict of the email.", + "title": "Values", + "type": "array" + } + }, + "required": [ + "Evaluate", + "Operator", + "Values" + ], + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.RuleVerdictToEvaluate": { + "additionalProperties": false, + "properties": { + "Analysis": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.Analysis", + "markdownDescription": "The Add On ARN and its returned value to evaluate in a verdict condition expression.", + "title": "Analysis" + }, + "Attribute": { + "markdownDescription": "The email verdict attribute to evaluate in a string verdict expression.", + "title": "Attribute", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.S3Action": { + "additionalProperties": false, + "properties": { + "ActionFailurePolicy": { + "markdownDescription": "A policy that states what to do in the case of failure. The action will fail if there are configuration errors. For example, the specified the bucket has been deleted.", + "title": "ActionFailurePolicy", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM Role to use while writing to S3. This role must have access to the s3:PutObject, kms:Encrypt, and kms:GenerateDataKey APIs for the given bucket.", + "title": "RoleArn", + "type": "string" + }, + "S3Bucket": { + "markdownDescription": "The bucket name of the S3 bucket to write to.", + "title": "S3Bucket", + "type": "string" + }, + "S3Prefix": { + "markdownDescription": "The S3 prefix to use for the write to the s3 bucket.", + "title": "S3Prefix", + "type": "string" + }, + "S3SseKmsKeyId": { + "markdownDescription": "The KMS Key ID to use to encrypt the message in S3.", + "title": "S3SseKmsKeyId", + "type": "string" + } + }, + "required": [ + "RoleArn", + "S3Bucket" + ], + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.SendAction": { + "additionalProperties": false, + "properties": { + "ActionFailurePolicy": { + "markdownDescription": "A policy that states what to do in the case of failure. The action will fail if there are configuration errors. For example, the caller does not have the permissions to call the sendRawEmail API.", + "title": "ActionFailurePolicy", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role to use for this action. This role must have access to the ses:SendRawEmail API.", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "RoleArn" + ], + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.SnsAction": { + "additionalProperties": false, + "properties": { + "ActionFailurePolicy": { + "markdownDescription": "A policy that states what to do in the case of failure. The action will fail if there are configuration errors. For example, specified SNS topic has been deleted or the role lacks necessary permissions to call the `sns:Publish` API.", + "title": "ActionFailurePolicy", + "type": "string" + }, + "Encoding": { + "markdownDescription": "The encoding to use for the email within the Amazon SNS notification. The default value is `UTF-8` . Use `BASE64` if you need to preserve all special characters, especially when the original message uses a different encoding format.", + "title": "Encoding", + "type": "string" + }, + "PayloadType": { + "markdownDescription": "The expected payload type within the Amazon SNS notification. `CONTENT` attempts to publish the full email content with 20KB of headers content. `HEADERS` extracts up to 100KB of header content to include in the notification, email content will not be included to the notification. The default value is `CONTENT` .", + "title": "PayloadType", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM Role to use while writing to Amazon SNS. This role must have access to the `sns:Publish` API for the given topic.", + "title": "RoleArn", + "type": "string" + }, + "TopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS Topic to which notification for the email received will be published.", + "title": "TopicArn", + "type": "string" + } + }, + "required": [ + "RoleArn", + "TopicArn" + ], + "type": "object" + }, + "AWS::SES::MailManagerTrafficPolicy": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DefaultAction": { + "markdownDescription": "Default action instructs the tra\ufb03c policy to either Allow or Deny (block) messages that fall outside of (or not addressed by) the conditions of your policy statements", + "title": "DefaultAction", + "type": "string" + }, + "MaxMessageSizeBytes": { + "markdownDescription": "The maximum message size in bytes of email which is allowed in by this traffic policy\u2014anything larger will be blocked.", + "title": "MaxMessageSizeBytes", + "type": "number" + }, + "PolicyStatements": { + "items": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.PolicyStatement" + }, + "markdownDescription": "Conditional statements for filtering email traffic.", + "title": "PolicyStatements", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for the resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "title": "Tags", + "type": "array" + }, + "TrafficPolicyName": { + "markdownDescription": "The name of the policy.\n\nThe policy name cannot exceed 64 characters and can only include alphanumeric characters, dashes, and underscores.", + "title": "TrafficPolicyName", + "type": "string" + } + }, + "required": [ + "DefaultAction", + "PolicyStatements" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SES::MailManagerTrafficPolicy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SES::MailManagerTrafficPolicy.IngressAnalysis": { + "additionalProperties": false, + "properties": { + "Analyzer": { + "markdownDescription": "The Amazon Resource Name (ARN) of an Add On.", + "title": "Analyzer", + "type": "string" + }, + "ResultField": { + "markdownDescription": "The returned value from an Add On.", + "title": "ResultField", + "type": "string" + } + }, + "required": [ + "Analyzer", + "ResultField" + ], + "type": "object" + }, + "AWS::SES::MailManagerTrafficPolicy.IngressBooleanExpression": { + "additionalProperties": false, + "properties": { + "Evaluate": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.IngressBooleanToEvaluate", + "markdownDescription": "The operand on which to perform a boolean condition operation.", + "title": "Evaluate" + }, + "Operator": { + "markdownDescription": "The matching operator for a boolean condition expression.", + "title": "Operator", + "type": "string" + } + }, + "required": [ + "Evaluate", + "Operator" + ], + "type": "object" + }, + "AWS::SES::MailManagerTrafficPolicy.IngressBooleanToEvaluate": { + "additionalProperties": false, + "properties": { + "Analysis": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.IngressAnalysis", + "markdownDescription": "The structure type for a boolean condition stating the Add On ARN and its returned value.", + "title": "Analysis" + }, + "IsInAddressList": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.IngressIsInAddressList", + "markdownDescription": "", + "title": "IsInAddressList" + } + }, + "type": "object" + }, + "AWS::SES::MailManagerTrafficPolicy.IngressIpToEvaluate": { + "additionalProperties": false, + "properties": { + "Attribute": { + "markdownDescription": "An enum type representing the allowed attribute types for an IP condition.", + "title": "Attribute", + "type": "string" + } + }, + "required": [ + "Attribute" + ], + "type": "object" + }, + "AWS::SES::MailManagerTrafficPolicy.IngressIpv4Expression": { + "additionalProperties": false, + "properties": { + "Evaluate": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.IngressIpToEvaluate", + "markdownDescription": "The left hand side argument of an IP condition expression.", + "title": "Evaluate" + }, + "Operator": { + "markdownDescription": "The matching operator for an IP condition expression.", + "title": "Operator", + "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The right hand side argument of an IP condition expression.", + "title": "Values", + "type": "array" + } + }, + "required": [ + "Evaluate", + "Operator", + "Values" + ], + "type": "object" + }, + "AWS::SES::MailManagerTrafficPolicy.IngressIpv6Expression": { + "additionalProperties": false, + "properties": { + "Evaluate": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.IngressIpv6ToEvaluate", + "markdownDescription": "", + "title": "Evaluate" + }, + "Operator": { + "markdownDescription": "", + "title": "Operator", + "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "Values", + "type": "array" + } + }, + "required": [ + "Evaluate", + "Operator", + "Values" + ], + "type": "object" + }, + "AWS::SES::MailManagerTrafficPolicy.IngressIpv6ToEvaluate": { + "additionalProperties": false, + "properties": { + "Attribute": { + "markdownDescription": "", + "title": "Attribute", + "type": "string" + } + }, + "required": [ + "Attribute" + ], + "type": "object" + }, + "AWS::SES::MailManagerTrafficPolicy.IngressIsInAddressList": { + "additionalProperties": false, + "properties": { + "AddressLists": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "AddressLists", + "type": "array" + }, + "Attribute": { + "markdownDescription": "", + "title": "Attribute", + "type": "string" + } + }, + "required": [ + "AddressLists", + "Attribute" + ], + "type": "object" + }, + "AWS::SES::MailManagerTrafficPolicy.IngressStringExpression": { + "additionalProperties": false, + "properties": { + "Evaluate": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.IngressStringToEvaluate", + "markdownDescription": "The left hand side argument of a string condition expression.", + "title": "Evaluate" + }, + "Operator": { + "markdownDescription": "", + "title": "Operator", + "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The right hand side argument of a string condition expression.", + "title": "Values", + "type": "array" + } + }, + "required": [ + "Evaluate", + "Operator", + "Values" + ], + "type": "object" + }, + "AWS::SES::MailManagerTrafficPolicy.IngressStringToEvaluate": { + "additionalProperties": false, + "properties": { + "Analysis": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.IngressAnalysis", + "markdownDescription": "", + "title": "Analysis" + }, + "Attribute": { + "markdownDescription": "The enum type representing the allowed attribute types for a string condition.", + "title": "Attribute", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SES::MailManagerTrafficPolicy.IngressTlsProtocolExpression": { + "additionalProperties": false, + "properties": { + "Evaluate": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.IngressTlsProtocolToEvaluate", + "markdownDescription": "The left hand side argument of a TLS condition expression.", + "title": "Evaluate" + }, + "Operator": { + "markdownDescription": "The matching operator for a TLS condition expression.", + "title": "Operator", + "type": "string" + }, + "Value": { + "markdownDescription": "The right hand side argument of a TLS condition expression.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Evaluate", + "Operator", + "Value" + ], + "type": "object" + }, + "AWS::SES::MailManagerTrafficPolicy.IngressTlsProtocolToEvaluate": { + "additionalProperties": false, + "properties": { + "Attribute": { + "markdownDescription": "The enum type representing the allowed attribute types for the TLS condition.", + "title": "Attribute", + "type": "string" + } + }, + "required": [ + "Attribute" + ], + "type": "object" + }, + "AWS::SES::MailManagerTrafficPolicy.PolicyCondition": { + "additionalProperties": false, + "properties": { + "BooleanExpression": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.IngressBooleanExpression", + "markdownDescription": "This represents a boolean type condition matching on the incoming mail. It performs the boolean operation configured in 'Operator' and evaluates the 'Protocol' object against the 'Value'.", + "title": "BooleanExpression" + }, + "IpExpression": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.IngressIpv4Expression", + "markdownDescription": "This represents an IP based condition matching on the incoming mail. It performs the operation configured in 'Operator' and evaluates the 'Protocol' object against the 'Value'.", + "title": "IpExpression" + }, + "Ipv6Expression": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.IngressIpv6Expression", + "markdownDescription": "", + "title": "Ipv6Expression" + }, + "StringExpression": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.IngressStringExpression", + "markdownDescription": "This represents a string based condition matching on the incoming mail. It performs the string operation configured in 'Operator' and evaluates the 'Protocol' object against the 'Value'.", + "title": "StringExpression" + }, + "TlsExpression": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.IngressTlsProtocolExpression", + "markdownDescription": "This represents a TLS based condition matching on the incoming mail. It performs the operation configured in 'Operator' and evaluates the 'Protocol' object against the 'Value'.", + "title": "TlsExpression" + } + }, + "type": "object" + }, + "AWS::SES::MailManagerTrafficPolicy.PolicyStatement": { + "additionalProperties": false, + "properties": { + "Action": { + "markdownDescription": "The action that informs a traffic policy resource to either allow or block the email if it matches a condition in the policy statement.", + "title": "Action", + "type": "string" + }, + "Conditions": { + "items": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.PolicyCondition" + }, + "markdownDescription": "The list of conditions to apply to incoming messages for filtering email traffic.", + "title": "Conditions", + "type": "array" + } + }, + "required": [ + "Action", + "Conditions" + ], + "type": "object" + }, + "AWS::SES::ReceiptFilter": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Filter": { + "$ref": "#/definitions/AWS::SES::ReceiptFilter.Filter", + "markdownDescription": "A data structure that describes the IP address filter to create, which consists of a name, an IP address range, and whether to allow or block mail from it.", + "title": "Filter" + } + }, + "required": [ + "Filter" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SES::ReceiptFilter" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SES::ReceiptFilter.Filter": { + "additionalProperties": false, + "properties": { + "IpFilter": { + "$ref": "#/definitions/AWS::SES::ReceiptFilter.IpFilter", + "markdownDescription": "A structure that provides the IP addresses to block or allow, and whether to block or allow incoming mail from them.", + "title": "IpFilter" + }, + "Name": { + "markdownDescription": "The name of the IP address filter. The name must meet the following requirements:\n\n- Contain only ASCII letters (a-z, A-Z), numbers (0-9), underscores (_), or dashes (-).\n- Start and end with a letter or number.\n- Contain 64 characters or fewer.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "IpFilter" + ], + "type": "object" + }, + "AWS::SES::ReceiptFilter.IpFilter": { + "additionalProperties": false, + "properties": { + "Cidr": { + "markdownDescription": "A single IP address or a range of IP addresses to block or allow, specified in Classless Inter-Domain Routing (CIDR) notation. An example of a single email address is 10.0.0.1. An example of a range of IP addresses is 10.0.0.1/24. For more information about CIDR notation, see [RFC 2317](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc2317) .", + "title": "Cidr", + "type": "string" + }, + "Policy": { + "markdownDescription": "Indicates whether to block or allow incoming mail from the specified IP addresses.", + "title": "Policy", + "type": "string" + } + }, + "required": [ + "Cidr", + "Policy" + ], + "type": "object" + }, + "AWS::SES::ReceiptRule": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "After": { + "markdownDescription": "The name of an existing rule after which the new rule is placed. If this parameter is null, the new rule is inserted at the beginning of the rule list.", + "title": "After", + "type": "string" + }, + "Rule": { + "$ref": "#/definitions/AWS::SES::ReceiptRule.Rule", + "markdownDescription": "A data structure that contains the specified rule's name, actions, recipients, domains, enabled status, scan status, and TLS policy.", + "title": "Rule" + }, + "RuleSetName": { + "markdownDescription": "The name of the rule set where the receipt rule is added.", + "title": "RuleSetName", + "type": "string" + } + }, + "required": [ + "Rule", + "RuleSetName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SES::ReceiptRule" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SES::ReceiptRule.Action": { + "additionalProperties": false, + "properties": { + "AddHeaderAction": { + "$ref": "#/definitions/AWS::SES::ReceiptRule.AddHeaderAction", + "markdownDescription": "Adds a header to the received email.", + "title": "AddHeaderAction" + }, + "BounceAction": { + "$ref": "#/definitions/AWS::SES::ReceiptRule.BounceAction", + "markdownDescription": "Rejects the received email by returning a bounce response to the sender and, optionally, publishes a notification to Amazon Simple Notification Service (Amazon SNS).", + "title": "BounceAction" + }, + "ConnectAction": { + "$ref": "#/definitions/AWS::SES::ReceiptRule.ConnectAction", + "markdownDescription": "", + "title": "ConnectAction" + }, + "LambdaAction": { + "$ref": "#/definitions/AWS::SES::ReceiptRule.LambdaAction", + "markdownDescription": "Calls an AWS Lambda function, and optionally, publishes a notification to Amazon SNS.", + "title": "LambdaAction" + }, + "S3Action": { + "$ref": "#/definitions/AWS::SES::ReceiptRule.S3Action", + "markdownDescription": "Saves the received message to an Amazon Simple Storage Service (Amazon S3) bucket and, optionally, publishes a notification to Amazon SNS.", + "title": "S3Action" + }, + "SNSAction": { + "$ref": "#/definitions/AWS::SES::ReceiptRule.SNSAction", + "markdownDescription": "Publishes the email content within a notification to Amazon SNS.", + "title": "SNSAction" + }, + "StopAction": { + "$ref": "#/definitions/AWS::SES::ReceiptRule.StopAction", + "markdownDescription": "Terminates the evaluation of the receipt rule set and optionally publishes a notification to Amazon SNS.", + "title": "StopAction" + }, + "WorkmailAction": { + "$ref": "#/definitions/AWS::SES::ReceiptRule.WorkmailAction", + "markdownDescription": "Calls Amazon WorkMail and, optionally, publishes a notification to Amazon SNS.", + "title": "WorkmailAction" + } + }, + "type": "object" + }, + "AWS::SES::ReceiptRule.AddHeaderAction": { + "additionalProperties": false, + "properties": { + "HeaderName": { + "markdownDescription": "The name of the header to add to the incoming message. The name must contain at least one character, and can contain up to 50 characters. It consists of alphanumeric ( `a\u2013z, A\u2013Z, 0\u20139` ) characters and dashes.", + "title": "HeaderName", + "type": "string" + }, + "HeaderValue": { + "markdownDescription": "The content to include in the header. This value can contain up to 2048 characters. It can't contain newline ( `\\n` ) or carriage return ( `\\r` ) characters.", + "title": "HeaderValue", + "type": "string" + } + }, + "required": [ + "HeaderName", + "HeaderValue" + ], + "type": "object" + }, + "AWS::SES::ReceiptRule.BounceAction": { + "additionalProperties": false, + "properties": { + "Message": { + "markdownDescription": "Human-readable text to include in the bounce message.", + "title": "Message", + "type": "string" + }, + "Sender": { + "markdownDescription": "The email address of the sender of the bounced email. This is the address from which the bounce message is sent.", + "title": "Sender", + "type": "string" + }, + "SmtpReplyCode": { + "markdownDescription": "The SMTP reply code, as defined by [RFC 5321](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc5321) .", + "title": "SmtpReplyCode", + "type": "string" + }, + "StatusCode": { + "markdownDescription": "The SMTP enhanced status code, as defined by [RFC 3463](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc3463) .", + "title": "StatusCode", + "type": "string" + }, + "TopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to notify when the bounce action is taken. You can find the ARN of a topic by using the [ListTopics](https://docs.aws.amazon.com/sns/latest/api/API_ListTopics.html) operation in Amazon SNS.\n\nFor more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) .", + "title": "TopicArn", + "type": "string" + } + }, + "required": [ + "Message", + "Sender", + "SmtpReplyCode" + ], + "type": "object" + }, + "AWS::SES::ReceiptRule.ConnectAction": { + "additionalProperties": false, + "properties": { + "IAMRoleARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to be used by Amazon Simple Email Service while starting email contacts to the Amazon Connect instance. This role should have permission to invoke `connect:StartEmailContact` for the given Amazon Connect instance.", + "title": "IAMRoleARN", + "type": "string" + }, + "InstanceARN": { + "markdownDescription": "The Amazon Resource Name (ARN) for the Amazon Connect instance that Amazon SES integrates with for starting email contacts.\n\nFor more information about Amazon Connect instances, see the [Amazon Connect Administrator Guide](https://docs.aws.amazon.com/connect/latest/adminguide/amazon-connect-instances.html)", + "title": "InstanceARN", + "type": "string" + } + }, + "required": [ + "IAMRoleARN", + "InstanceARN" + ], + "type": "object" + }, + "AWS::SES::ReceiptRule.LambdaAction": { + "additionalProperties": false, + "properties": { + "FunctionArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Lambda function. An example of an AWS Lambda function ARN is `arn:aws:lambda:us-west-2:account-id:function:MyFunction` . For more information about AWS Lambda, see the [AWS Lambda Developer Guide](https://docs.aws.amazon.com/lambda/latest/dg/welcome.html) .", + "title": "FunctionArn", + "type": "string" + }, + "InvocationType": { + "markdownDescription": "The invocation type of the AWS Lambda function. An invocation type of `RequestResponse` means that the execution of the function immediately results in a response, and a value of `Event` means that the function is invoked asynchronously. The default value is `Event` . For information about AWS Lambda invocation types, see the [AWS Lambda Developer Guide](https://docs.aws.amazon.com/lambda/latest/dg/API_Invoke.html) .\n\n> There is a 30-second timeout on `RequestResponse` invocations. You should use `Event` invocation in most cases. Use `RequestResponse` only to make a mail flow decision, such as whether to stop the receipt rule or the receipt rule set.", + "title": "InvocationType", + "type": "string" + }, + "TopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to notify when the Lambda action is executed. You can find the ARN of a topic by using the [ListTopics](https://docs.aws.amazon.com/sns/latest/api/API_ListTopics.html) operation in Amazon SNS.\n\nFor more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) .", + "title": "TopicArn", + "type": "string" + } + }, + "required": [ + "FunctionArn" + ], + "type": "object" + }, + "AWS::SES::ReceiptRule.Rule": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::SES::ReceiptRule.Action" + }, + "markdownDescription": "An ordered list of actions to perform on messages that match at least one of the recipient email addresses or domains specified in the receipt rule.", + "title": "Actions", + "type": "array" + }, + "Enabled": { + "markdownDescription": "If `true` , the receipt rule is active. The default value is `false` .", + "title": "Enabled", + "type": "boolean" + }, + "Name": { + "markdownDescription": "The name of the receipt rule. The name must meet the following requirements:\n\n- Contain only ASCII letters (a-z, A-Z), numbers (0-9), underscores (_), dashes (-), or periods (.).\n- Start and end with a letter or number.\n- Contain 64 characters or fewer.", + "title": "Name", + "type": "string" + }, + "Recipients": { + "items": { + "type": "string" + }, + "markdownDescription": "The recipient domains and email addresses that the receipt rule applies to. If this field is not specified, this rule matches all recipients on all verified domains.", + "title": "Recipients", + "type": "array" + }, + "ScanEnabled": { + "markdownDescription": "If `true` , then messages that this receipt rule applies to are scanned for spam and viruses. The default value is `false` .", + "title": "ScanEnabled", + "type": "boolean" + }, + "TlsPolicy": { + "markdownDescription": "Specifies whether Amazon SES should require that incoming email is delivered over a connection encrypted with Transport Layer Security (TLS). If this parameter is set to `Require` , Amazon SES bounces emails that are not received over TLS. The default is `Optional` .\n\nValid Values: `Require | Optional`", + "title": "TlsPolicy", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SES::ReceiptRule.S3Action": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "The name of the Amazon S3 bucket for incoming email.", + "title": "BucketName", + "type": "string" + }, + "IamRoleArn": { + "markdownDescription": "The ARN of the IAM role to be used by Amazon Simple Email Service while writing to the Amazon S3 bucket, optionally encrypting your mail via the provided customer managed key, and publishing to the Amazon SNS topic. This role should have access to the following APIs:\n\n- `s3:PutObject` , `kms:Encrypt` and `kms:GenerateDataKey` for the given Amazon S3 bucket.\n- `kms:GenerateDataKey` for the given AWS KMS customer managed key.\n- `sns:Publish` for the given Amazon SNS topic.\n\n> If an IAM role ARN is provided, the role (and only the role) is used to access all the given resources (Amazon S3 bucket, AWS KMS customer managed key and Amazon SNS topic). Therefore, setting up individual resource access permissions is not required.", + "title": "IamRoleArn", + "type": "string" + }, + "KmsKeyArn": { + "markdownDescription": "The customer managed key that Amazon SES should use to encrypt your emails before saving them to the Amazon S3 bucket. You can use the AWS managed key or a customer managed key that you created in AWS KMS as follows:\n\n- To use the AWS managed key, provide an ARN in the form of `arn:aws:kms:REGION:ACCOUNT-ID-WITHOUT-HYPHENS:alias/aws/ses` . For example, if your AWS account ID is 123456789012 and you want to use the AWS managed key in the US West (Oregon) Region, the ARN of the AWS managed key would be `arn:aws:kms:us-west-2:123456789012:alias/aws/ses` . If you use the AWS managed key, you don't need to perform any extra steps to give Amazon SES permission to use the key.\n- To use a customer managed key that you created in AWS KMS, provide the ARN of the customer managed key and ensure that you add a statement to your key's policy to give Amazon SES permission to use it. For more information about giving permissions, see the [Amazon SES Developer Guide](https://docs.aws.amazon.com/ses/latest/dg/receiving-email-permissions.html) .\n\nFor more information about key policies, see the [AWS KMS Developer Guide](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html) . If you do not specify an AWS KMS key, Amazon SES does not encrypt your emails.\n\n> Your mail is encrypted by Amazon SES using the Amazon S3 encryption client before the mail is submitted to Amazon S3 for storage. It is not encrypted using Amazon S3 server-side encryption. This means that you must use the Amazon S3 encryption client to decrypt the email after retrieving it from Amazon S3, as the service has no access to use your AWS KMS keys for decryption. This encryption client is currently available with the [AWS SDK for Java](https://docs.aws.amazon.com/sdk-for-java/) and [AWS SDK for Ruby](https://docs.aws.amazon.com/sdk-for-ruby/) only. For more information about client-side encryption using AWS KMS managed keys, see the [Amazon S3 Developer Guide](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingClientSideEncryption.html) .", + "title": "KmsKeyArn", + "type": "string" + }, + "ObjectKeyPrefix": { + "markdownDescription": "The key prefix of the Amazon S3 bucket. The key prefix is similar to a directory name that enables you to store similar data under the same directory in a bucket.", + "title": "ObjectKeyPrefix", + "type": "string" + }, + "TopicArn": { + "markdownDescription": "The ARN of the Amazon SNS topic to notify when the message is saved to the Amazon S3 bucket. You can find the ARN of a topic by using the [ListTopics](https://docs.aws.amazon.com/sns/latest/api/API_ListTopics.html) operation in Amazon SNS.\n\nFor more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) .", + "title": "TopicArn", + "type": "string" + } + }, + "required": [ + "BucketName" + ], + "type": "object" + }, + "AWS::SES::ReceiptRule.SNSAction": { + "additionalProperties": false, + "properties": { + "Encoding": { + "markdownDescription": "The encoding to use for the email within the Amazon SNS notification. The default value is `UTF-8` . Use `BASE64` if you need to preserve all special characters, especially when the original message uses a different encoding format.", + "title": "Encoding", + "type": "string" + }, + "TopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS Topic to which notification for the email received will be published.", + "title": "TopicArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SES::ReceiptRule.StopAction": { + "additionalProperties": false, + "properties": { + "Scope": { + "markdownDescription": "The scope of the StopAction. The only acceptable value is `RuleSet` .", + "title": "Scope", + "type": "string" + }, + "TopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to notify when the stop action is taken. You can find the ARN of a topic by using the [ListTopics](https://docs.aws.amazon.com/sns/latest/api/API_ListTopics.html) Amazon SNS operation.\n\nFor more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) .", + "title": "TopicArn", + "type": "string" + } + }, + "required": [ + "Scope" + ], + "type": "object" + }, + "AWS::SES::ReceiptRule.WorkmailAction": { + "additionalProperties": false, + "properties": { + "OrganizationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon WorkMail organization. Amazon WorkMail ARNs use the following format:\n\n`arn:aws:workmail:::organization/`\n\nYou can find the ID of your organization by using the [ListOrganizations](https://docs.aws.amazon.com/workmail/latest/APIReference/API_ListOrganizations.html) operation in Amazon WorkMail. Amazon WorkMail organization IDs begin with \" `m-` \", followed by a string of alphanumeric characters.\n\nFor information about Amazon WorkMail organizations, see the [Amazon WorkMail Administrator Guide](https://docs.aws.amazon.com/workmail/latest/adminguide/organizations_overview.html) .", + "title": "OrganizationArn", + "type": "string" + }, + "TopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to notify when the WorkMail action is called. You can find the ARN of a topic by using the [ListTopics](https://docs.aws.amazon.com/sns/latest/api/API_ListTopics.html) operation in Amazon SNS.\n\nFor more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) .", + "title": "TopicArn", + "type": "string" + } + }, + "required": [ + "OrganizationArn" + ], + "type": "object" + }, + "AWS::SES::ReceiptRuleSet": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "RuleSetName": { + "markdownDescription": "The name of the receipt rule set to make active. Setting this value to null disables all email receiving.", + "title": "RuleSetName", + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SES::ReceiptRuleSet" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::SES::Template": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Template": { + "$ref": "#/definitions/AWS::SES::Template.Template", + "markdownDescription": "The content of the email, composed of a subject line and either an HTML part or a text-only part.", + "title": "Template" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SES::Template" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::SES::Template.Template": { + "additionalProperties": false, + "properties": { + "HtmlPart": { + "markdownDescription": "The HTML body of the email.", + "title": "HtmlPart", + "type": "string" + }, + "SubjectPart": { + "markdownDescription": "The subject line of the email.", + "title": "SubjectPart", + "type": "string" + }, + "TemplateName": { + "markdownDescription": "The name of the template. You will refer to this name when you send email using the `SendEmail` or `SendBulkEmail` operations.", + "title": "TemplateName", + "type": "string" + }, + "TextPart": { + "markdownDescription": "The email body that is visible to recipients whose email clients do not display HTML content.", + "title": "TextPart", + "type": "string" + } + }, + "required": [ + "SubjectPart" + ], + "type": "object" + }, + "AWS::SES::VdmAttributes": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DashboardAttributes": { + "$ref": "#/definitions/AWS::SES::VdmAttributes.DashboardAttributes", + "markdownDescription": "Specifies additional settings for your VDM configuration as applicable to the Dashboard.", + "title": "DashboardAttributes" + }, + "GuardianAttributes": { + "$ref": "#/definitions/AWS::SES::VdmAttributes.GuardianAttributes", + "markdownDescription": "Specifies additional settings for your VDM configuration as applicable to the Guardian.", + "title": "GuardianAttributes" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SES::VdmAttributes" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::SES::VdmAttributes.DashboardAttributes": { + "additionalProperties": false, + "properties": { + "EngagementMetrics": { + "markdownDescription": "Specifies the status of your VDM engagement metrics collection. Can be one of the following:\n\n- `ENABLED` \u2013 Amazon SES enables engagement metrics for your account.\n- `DISABLED` \u2013 Amazon SES disables engagement metrics for your account.", + "title": "EngagementMetrics", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SES::VdmAttributes.GuardianAttributes": { + "additionalProperties": false, + "properties": { + "OptimizedSharedDelivery": { + "markdownDescription": "Specifies the status of your VDM optimized shared delivery. Can be one of the following:\n\n- `ENABLED` \u2013 Amazon SES enables optimized shared delivery for your account.\n- `DISABLED` \u2013 Amazon SES disables optimized shared delivery for your account.", + "title": "OptimizedSharedDelivery", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SNS::Subscription": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DeliveryPolicy": { + "markdownDescription": "The delivery policy JSON assigned to the subscription. Enables the subscriber to define the message delivery retry strategy in the case of an HTTP/S endpoint subscribed to the topic. For more information, see `[GetSubscriptionAttributes](https://docs.aws.amazon.com/sns/latest/api/API_GetSubscriptionAttributes.html)` in the *Amazon SNS API Reference* and [Message delivery retries](https://docs.aws.amazon.com/sns/latest/dg/sns-message-delivery-retries.html) in the *Amazon SNS Developer Guide* .", + "title": "DeliveryPolicy", + "type": "object" + }, + "Endpoint": { + "markdownDescription": "The subscription's endpoint. The endpoint value depends on the protocol that you specify. For more information, see the `Endpoint` parameter of the `[Subscribe](https://docs.aws.amazon.com/sns/latest/api/API_Subscribe.html)` action in the *Amazon SNS API Reference* .", + "title": "Endpoint", + "type": "string" + }, + "FilterPolicy": { + "markdownDescription": "The filter policy JSON assigned to the subscription. Enables the subscriber to filter out unwanted messages. For more information, see `[GetSubscriptionAttributes](https://docs.aws.amazon.com/sns/latest/api/API_GetSubscriptionAttributes.html)` in the *Amazon SNS API Reference* and [Message filtering](https://docs.aws.amazon.com/sns/latest/dg/sns-message-filtering.html) in the *Amazon SNS Developer Guide* .", + "title": "FilterPolicy", + "type": "object" + }, + "FilterPolicyScope": { + "markdownDescription": "This attribute lets you choose the filtering scope by using one of the following string value types:\n\n- `MessageAttributes` (default) - The filter is applied on the message attributes.\n- `MessageBody` - The filter is applied on the message body.\n\n> `Null` is not a valid value for `FilterPolicyScope` . To delete a filter policy, delete the `FilterPolicy` property but keep `FilterPolicyScope` property as is.", + "title": "FilterPolicyScope", + "type": "string" + }, + "Protocol": { + "markdownDescription": "The subscription's protocol. For more information, see the `Protocol` parameter of the `[Subscribe](https://docs.aws.amazon.com/sns/latest/api/API_Subscribe.html)` action in the *Amazon SNS API Reference* .", + "title": "Protocol", + "type": "string" + }, + "RawMessageDelivery": { + "markdownDescription": "When set to `true` , enables raw message delivery. Raw messages don't contain any JSON formatting and can be sent to Amazon SQS and HTTP/S endpoints. For more information, see `[GetSubscriptionAttributes](https://docs.aws.amazon.com/sns/latest/api/API_GetSubscriptionAttributes.html)` in the *Amazon SNS API Reference* .", + "title": "RawMessageDelivery", + "type": "boolean" + }, + "RedrivePolicy": { + "markdownDescription": "When specified, sends undeliverable messages to the specified Amazon SQS dead-letter queue. Messages that can't be delivered due to client errors (for example, when the subscribed endpoint is unreachable) or server errors (for example, when the service that powers the subscribed endpoint becomes unavailable) are held in the dead-letter queue for further analysis or reprocessing.\n\nFor more information about the redrive policy and dead-letter queues, see [Amazon SQS dead-letter queues](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-dead-letter-queues.html) in the *Amazon SQS Developer Guide* .", + "title": "RedrivePolicy", + "type": "object" + }, + "Region": { + "markdownDescription": "For cross-region subscriptions, the region in which the topic resides.\n\nIf no region is specified, AWS CloudFormation uses the region of the caller as the default.\n\nIf you perform an update operation that only updates the `Region` property of a `AWS::SNS::Subscription` resource, that operation will fail unless you are either:\n\n- Updating the `Region` from `NULL` to the caller region.\n- Updating the `Region` from the caller region to `NULL` .", + "title": "Region", + "type": "string" + }, + "ReplayPolicy": { + "markdownDescription": "Specifies whether Amazon SNS resends the notification to the subscription when a message's attribute changes.", + "title": "ReplayPolicy", + "type": "object" + }, + "SubscriptionRoleArn": { + "markdownDescription": "This property applies only to Amazon Data Firehose delivery stream subscriptions. Specify the ARN of the IAM role that has the following:\n\n- Permission to write to the Amazon Data Firehose delivery stream\n- Amazon SNS listed as a trusted entity\n\nSpecifying a valid ARN for this attribute is required for Firehose delivery stream subscriptions. For more information, see [Fanout to Amazon Data Firehose delivery streams](https://docs.aws.amazon.com/sns/latest/dg/sns-firehose-as-subscriber.html) in the *Amazon SNS Developer Guide.*", + "title": "SubscriptionRoleArn", + "type": "string" + }, + "TopicArn": { + "markdownDescription": "The ARN of the topic to subscribe to.", + "title": "TopicArn", + "type": "string" + } + }, + "required": [ + "Protocol", + "TopicArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SNS::Subscription" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SNS::Topic": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ArchivePolicy": { + "markdownDescription": "The `ArchivePolicy` determines the number of days Amazon SNS retains messages in FIFO topics. You can set a retention period ranging from 1 to 365 days. This property is only applicable to FIFO topics; attempting to use it with standard topics will result in a creation failure.", + "title": "ArchivePolicy", + "type": "object" + }, + "ContentBasedDeduplication": { + "markdownDescription": "`ContentBasedDeduplication` enables deduplication of messages based on their content for FIFO topics. By default, this property is set to false. If you create a FIFO topic with `ContentBasedDeduplication` set to false, you must provide a `MessageDeduplicationId` for each `Publish` action. When set to true, Amazon SNS automatically generates a `MessageDeduplicationId` using a SHA-256 hash of the message body (excluding message attributes). You can optionally override this generated value by specifying a `MessageDeduplicationId` in the `Publish` action. Note that this property only applies to FIFO topics; using it with standard topics will cause the creation to fail.", + "title": "ContentBasedDeduplication", + "type": "boolean" + }, + "DataProtectionPolicy": { + "markdownDescription": "The body of the policy document you want to use for this topic.\n\nYou can only add one policy per topic.\n\nThe policy must be in JSON string format.\n\nLength Constraints: Maximum length of 30,720.", + "title": "DataProtectionPolicy", + "type": "object" + }, + "DeliveryStatusLogging": { + "items": { + "$ref": "#/definitions/AWS::SNS::Topic.LoggingConfig" + }, + "markdownDescription": "The `DeliveryStatusLogging` configuration enables you to log the delivery status of messages sent from your Amazon SNS topic to subscribed endpoints with the following supported delivery protocols:\n\n- HTTP\n- Amazon Kinesis Data Firehose\n- AWS Lambda\n- Platform application endpoint\n- Amazon Simple Queue Service\n\nOnce configured, log entries are sent to Amazon CloudWatch Logs.", + "title": "DeliveryStatusLogging", + "type": "array" + }, + "DisplayName": { + "markdownDescription": "The display name to use for an Amazon SNS topic with SMS subscriptions. The display name must be maximum 100 characters long, including hyphens (-), underscores (_), spaces, and tabs.", + "title": "DisplayName", + "type": "string" + }, + "FifoThroughputScope": { + "markdownDescription": "Specifies the throughput quota and deduplication behavior to apply for the FIFO topic. Valid values are `Topic` or `MessageGroup` .", + "title": "FifoThroughputScope", + "type": "string" + }, + "FifoTopic": { + "markdownDescription": "Set to true to create a FIFO topic.", + "title": "FifoTopic", + "type": "boolean" + }, + "KmsMasterKeyId": { + "markdownDescription": "The ID of an AWS managed customer master key (CMK) for Amazon SNS or a custom CMK. For more information, see [Key terms](https://docs.aws.amazon.com/sns/latest/dg/sns-server-side-encryption.html#sse-key-terms) . For more examples, see `[KeyId](https://docs.aws.amazon.com/kms/latest/APIReference/API_DescribeKey.html#API_DescribeKey_RequestParameters)` in the *AWS Key Management Service API Reference* .\n\nThis property applies only to [server-side-encryption](https://docs.aws.amazon.com/sns/latest/dg/sns-server-side-encryption.html) .", + "title": "KmsMasterKeyId", + "type": "string" + }, + "SignatureVersion": { + "markdownDescription": "The signature version corresponds to the hashing algorithm used while creating the signature of the notifications, subscription confirmations, or unsubscribe confirmation messages sent by Amazon SNS. By default, `SignatureVersion` is set to `1` .", + "title": "SignatureVersion", + "type": "string" + }, + "Subscription": { + "items": { + "$ref": "#/definitions/AWS::SNS::Topic.Subscription" + }, + "markdownDescription": "The Amazon SNS subscriptions (endpoints) for this topic.\n\n> If you specify the `Subscription` property in the `AWS::SNS::Topic` resource and it creates an associated subscription resource, the associated subscription is not deleted when the `AWS::SNS::Topic` resource is deleted.", + "title": "Subscription", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of tags to add to a new topic.\n\n> To be able to tag a topic on creation, you must have the `sns:CreateTopic` and `sns:TagResource` permissions.", + "title": "Tags", + "type": "array" + }, + "TopicName": { + "markdownDescription": "The name of the topic you want to create. Topic names must include only uppercase and lowercase ASCII letters, numbers, underscores, and hyphens, and must be between 1 and 256 characters long. FIFO topic names must end with `.fifo` .\n\nIf you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the topic name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "TopicName", + "type": "string" + }, + "TracingConfig": { + "markdownDescription": "Tracing mode of an Amazon SNS topic. By default `TracingConfig` is set to `PassThrough` , and the topic passes through the tracing header it receives from an Amazon SNS publisher to its subscriptions. If set to `Active` , Amazon SNS will vend X-Ray segment data to topic owner account if the sampled flag in the tracing header is true.", + "title": "TracingConfig", + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SNS::Topic" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::SNS::Topic.LoggingConfig": { + "additionalProperties": false, + "properties": { + "FailureFeedbackRoleArn": { + "markdownDescription": "The IAM role ARN to be used when logging failed message deliveries in Amazon CloudWatch.", + "title": "FailureFeedbackRoleArn", + "type": "string" + }, + "Protocol": { + "markdownDescription": "Indicates one of the supported protocols for the Amazon SNS topic.\n\n> At least one of the other three `LoggingConfig` properties is recommend along with `Protocol` .", + "title": "Protocol", + "type": "string" + }, + "SuccessFeedbackRoleArn": { + "markdownDescription": "The IAM role ARN to be used when logging successful message deliveries in Amazon CloudWatch.", + "title": "SuccessFeedbackRoleArn", + "type": "string" + }, + "SuccessFeedbackSampleRate": { + "markdownDescription": "The percentage of successful message deliveries to be logged in Amazon CloudWatch. Valid percentage values range from 0 to 100.", + "title": "SuccessFeedbackSampleRate", + "type": "string" + } + }, + "required": [ + "Protocol" + ], + "type": "object" + }, + "AWS::SNS::Topic.Subscription": { + "additionalProperties": false, + "properties": { + "Endpoint": { + "markdownDescription": "The endpoint that receives notifications from the Amazon SNS topic. The endpoint value depends on the protocol that you specify. For more information, see the `Endpoint` parameter of the `[Subscribe](https://docs.aws.amazon.com/sns/latest/api/API_Subscribe.html)` action in the *Amazon SNS API Reference* .", + "title": "Endpoint", + "type": "string" + }, + "Protocol": { + "markdownDescription": "The subscription's protocol. For more information, see the `Protocol` parameter of the `[Subscribe](https://docs.aws.amazon.com/sns/latest/api/API_Subscribe.html)` action in the *Amazon SNS API Reference* .", + "title": "Protocol", + "type": "string" + } + }, + "required": [ + "Endpoint", + "Protocol" + ], + "type": "object" + }, + "AWS::SNS::TopicInlinePolicy": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "PolicyDocument": { + "markdownDescription": "A policy document that contains permissions to add to the specified Amazon SNS topic.", + "title": "PolicyDocument", + "type": "object" + }, + "TopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the topic to which you want to add the policy.", + "title": "TopicArn", + "type": "string" + } + }, + "required": [ + "PolicyDocument", + "TopicArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SNS::TopicInlinePolicy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SNS::TopicPolicy": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "PolicyDocument": { + "markdownDescription": "A policy document that contains permissions to add to the specified SNS topics.", + "title": "PolicyDocument", + "type": "object" + }, + "Topics": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Names (ARN) of the topics to which you want to add the policy. You can use the `[Ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html)` function to specify an `[AWS::SNS::Topic](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sns-topic.html)` resource.", + "title": "Topics", + "type": "array" + } + }, + "required": [ + "PolicyDocument", + "Topics" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SNS::TopicPolicy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SQS::Queue": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ContentBasedDeduplication": { + "markdownDescription": "For first-in-first-out (FIFO) queues, specifies whether to enable content-based deduplication. During the deduplication interval, Amazon SQS treats messages that are sent with identical content as duplicates and delivers only one copy of the message. For more information, see the `ContentBasedDeduplication` attribute for the `[CreateQueue](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_CreateQueue.html)` action in the *Amazon SQS API Reference* .", + "title": "ContentBasedDeduplication", + "type": "boolean" + }, + "DeduplicationScope": { + "markdownDescription": "For high throughput for FIFO queues, specifies whether message deduplication occurs at the message group or queue level. Valid values are `messageGroup` and `queue` .\n\nTo enable high throughput for a FIFO queue, set this attribute to `messageGroup` *and* set the `FifoThroughputLimit` attribute to `perMessageGroupId` . If you set these attributes to anything other than these values, normal throughput is in effect and deduplication occurs as specified. For more information, see [High throughput for FIFO queues](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/high-throughput-fifo.html) and [Quotas related to messages](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/quotas-messages.html) in the *Amazon SQS Developer Guide* .", + "title": "DeduplicationScope", + "type": "string" + }, + "DelaySeconds": { + "markdownDescription": "The time in seconds for which the delivery of all messages in the queue is delayed. You can specify an integer value of `0` to `900` (15 minutes). The default value is `0` .", + "title": "DelaySeconds", + "type": "number" + }, + "FifoQueue": { + "markdownDescription": "If set to true, creates a FIFO queue. If you don't specify this property, Amazon SQS creates a standard queue. For more information, see [Amazon SQS FIFO queues](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-fifo-queues.html) in the *Amazon SQS Developer Guide* .", + "title": "FifoQueue", + "type": "boolean" + }, + "FifoThroughputLimit": { + "markdownDescription": "For high throughput for FIFO queues, specifies whether the FIFO queue throughput quota applies to the entire queue or per message group. Valid values are `perQueue` and `perMessageGroupId` .\n\nTo enable high throughput for a FIFO queue, set this attribute to `perMessageGroupId` *and* set the `DeduplicationScope` attribute to `messageGroup` . If you set these attributes to anything other than these values, normal throughput is in effect and deduplication occurs as specified. For more information, see [High throughput for FIFO queues](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/high-throughput-fifo.html) and [Quotas related to messages](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/quotas-messages.html) in the *Amazon SQS Developer Guide* .", + "title": "FifoThroughputLimit", + "type": "string" + }, + "KmsDataKeyReusePeriodSeconds": { + "markdownDescription": "The length of time in seconds for which Amazon SQS can reuse a data key to encrypt or decrypt messages before calling AWS KMS again. The value must be an integer between 60 (1 minute) and 86,400 (24 hours). The default is 300 (5 minutes).\n\n> A shorter time period provides better security, but results in more calls to AWS KMS , which might incur charges after Free Tier. For more information, see [Encryption at rest](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-server-side-encryption.html#sqs-how-does-the-data-key-reuse-period-work) in the *Amazon SQS Developer Guide* .", + "title": "KmsDataKeyReusePeriodSeconds", + "type": "number" + }, + "KmsMasterKeyId": { + "markdownDescription": "The ID of an AWS Key Management Service (KMS) for Amazon SQS , or a custom KMS. To use the AWS managed KMS for Amazon SQS , specify a (default) alias ARN, alias name (for example `alias/aws/sqs` ), key ARN, or key ID. For more information, see the following:\n\n- [Encryption at rest](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-server-side-encryption.html) in the *Amazon SQS Developer Guide*\n- [CreateQueue](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_CreateQueue.html) in the *Amazon SQS API Reference*\n- [Request Parameters](https://docs.aws.amazon.com/kms/latest/APIReference/API_DescribeKey.html#API_DescribeKey_RequestParameters) in the *AWS Key Management Service API Reference*\n- The Key Management Service (KMS) section of the [Security best practices for AWS Key Management Service](https://docs.aws.amazon.com/kms/latest/developerguide/best-practices.html) in the *AWS Key Management Service Developer Guide*", + "title": "KmsMasterKeyId", + "type": "string" + }, + "MaximumMessageSize": { + "markdownDescription": "The limit of how many bytes that a message can contain before Amazon SQS rejects it. You can specify an integer value from `1,024` bytes (1 KiB) to `262,144` bytes (256 KiB). The default value is `262,144` (256 KiB).", + "title": "MaximumMessageSize", + "type": "number" + }, + "MessageRetentionPeriod": { + "markdownDescription": "The number of seconds that Amazon SQS retains a message. You can specify an integer value from `60` seconds (1 minute) to `1,209,600` seconds (14 days). The default value is `345,600` seconds (4 days).", + "title": "MessageRetentionPeriod", + "type": "number" + }, + "QueueName": { + "markdownDescription": "A name for the queue. To create a FIFO queue, the name of your FIFO queue must end with the `.fifo` suffix. For more information, see [Amazon SQS FIFO queues](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-fifo-queues.html) in the *Amazon SQS Developer Guide* .\n\nIf you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the queue name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) in the *AWS CloudFormation User Guide* .\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "QueueName", + "type": "string" + }, + "ReceiveMessageWaitTimeSeconds": { + "markdownDescription": "Specifies the duration, in seconds, that the ReceiveMessage action call waits until a message is in the queue in order to include it in the response, rather than returning an empty response if a message isn't yet available. You can specify an integer from 1 to 20. Short polling is used as the default or when you specify 0 for this property. For more information, see [Consuming messages using long polling](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-short-and-long-polling.html#sqs-long-polling) in the *Amazon SQS Developer Guide* .", + "title": "ReceiveMessageWaitTimeSeconds", + "type": "number" + }, + "RedriveAllowPolicy": { + "markdownDescription": "The string that includes the parameters for the permissions for the dead-letter queue redrive permission and which source queues can specify dead-letter queues as a JSON object. The parameters are as follows:\n\n- `redrivePermission` : The permission type that defines which source queues can specify the current queue as the dead-letter queue. Valid values are:\n\n- `allowAll` : (Default) Any source queues in this AWS account in the same Region can specify this queue as the dead-letter queue.\n- `denyAll` : No source queues can specify this queue as the dead-letter queue.\n- `byQueue` : Only queues specified by the `sourceQueueArns` parameter can specify this queue as the dead-letter queue.\n- `sourceQueueArns` : The Amazon Resource Names (ARN)s of the source queues that can specify this queue as the dead-letter queue and redrive messages. You can specify this parameter only when the `redrivePermission` parameter is set to `byQueue` . You can specify up to 10 source queue ARNs. To allow more than 10 source queues to specify dead-letter queues, set the `redrivePermission` parameter to `allowAll` .", + "title": "RedriveAllowPolicy", + "type": "object" + }, + "RedrivePolicy": { + "markdownDescription": "The string that includes the parameters for the dead-letter queue functionality of the source queue as a JSON object. The parameters are as follows:\n\n- `deadLetterTargetArn` : The Amazon Resource Name (ARN) of the dead-letter queue to which Amazon SQS moves messages after the value of `maxReceiveCount` is exceeded.\n- `maxReceiveCount` : The number of times a message is received by a consumer of the source queue before being moved to the dead-letter queue. When the `ReceiveCount` for a message exceeds the `maxReceiveCount` for a queue, Amazon SQS moves the message to the dead-letter-queue.\n\n> The dead-letter queue of a FIFO queue must also be a FIFO queue. Similarly, the dead-letter queue of a standard queue must also be a standard queue. \n\n*JSON*\n\n`{ \"deadLetterTargetArn\" : *String* , \"maxReceiveCount\" : *Integer* }`\n\n*YAML*\n\n`deadLetterTargetArn : *String*`\n\n`maxReceiveCount : *Integer*`", + "title": "RedrivePolicy", + "type": "object" + }, + "SqsManagedSseEnabled": { + "markdownDescription": "Enables server-side queue encryption using SQS owned encryption keys. Only one server-side encryption option is supported per queue (for example, [SSE-KMS](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-configure-sse-existing-queue.html) or [SSE-SQS](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-configure-sqs-sse-queue.html) ). When `SqsManagedSseEnabled` is not defined, `SSE-SQS` encryption is enabled by default.", + "title": "SqsManagedSseEnabled", + "type": "boolean" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags that you attach to this queue. For more information, see [Resource tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .", + "title": "Tags", + "type": "array" + }, + "VisibilityTimeout": { + "markdownDescription": "The length of time during which a message will be unavailable after a message is delivered from the queue. This blocks other components from receiving the same message and gives the initial component time to process and delete the message from the queue.\n\nValues must be from 0 to 43,200 seconds (12 hours). If you don't specify a value, AWS CloudFormation uses the default value of 30 seconds.\n\nFor more information about Amazon SQS queue visibility timeouts, see [Visibility timeout](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-visibility-timeout.html) in the *Amazon SQS Developer Guide* .", + "title": "VisibilityTimeout", + "type": "number" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SQS::Queue" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::SQS::QueueInlinePolicy": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "PolicyDocument": { + "markdownDescription": "A policy document that contains the permissions for the specified Amazon SQS queues. For more information about Amazon SQS policies, see [Using custom policies with the Amazon SQS access policy language](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-creating-custom-policies.html) in the *Amazon SQS Developer Guide* .", + "title": "PolicyDocument", + "type": "object" + }, + "Queue": { + "markdownDescription": "The URLs of the queues to which you want to add the policy. You can use the `[Ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html)` function to specify an `[AWS::SQS::Queue](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sqs-queues.html)` resource.", + "title": "Queue", + "type": "string" + } + }, + "required": [ + "PolicyDocument", + "Queue" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SQS::QueueInlinePolicy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SQS::QueuePolicy": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "PolicyDocument": { + "markdownDescription": "A policy document that contains the permissions for the specified Amazon SQS queues. For more information about Amazon SQS policies, see [Using custom policies with the Amazon SQS access policy language](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-creating-custom-policies.html) in the *Amazon SQS Developer Guide* .", + "title": "PolicyDocument", + "type": "object" + }, + "Queues": { + "items": { + "type": "string" + }, + "markdownDescription": "The URLs of the queues to which you want to add the policy. You can use the `[Ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html)` function to specify an `[AWS::SQS::Queue](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sqs-queue.html)` resource.", + "title": "Queues", + "type": "array" + } + }, + "required": [ + "PolicyDocument", + "Queues" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SQS::QueuePolicy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SSM::Association": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplyOnlyAtCronInterval": { + "markdownDescription": "By default, when you create a new association, the system runs it immediately after it is created and then according to the schedule you specified. Specify this option if you don't want an association to run immediately after you create it. This parameter is not supported for rate expressions.", + "title": "ApplyOnlyAtCronInterval", + "type": "boolean" + }, + "AssociationName": { + "markdownDescription": "Specify a descriptive name for the association.", + "title": "AssociationName", + "type": "string" + }, + "AutomationTargetParameterName": { + "markdownDescription": "Choose the parameter that will define how your automation will branch out. This target is required for associations that use an Automation runbook and target resources by using rate controls. Automation is a tool in AWS Systems Manager .", + "title": "AutomationTargetParameterName", + "type": "string" + }, + "CalendarNames": { + "items": { + "type": "string" + }, + "markdownDescription": "The names or Amazon Resource Names (ARNs) of the Change Calendar type documents your associations are gated under. The associations only run when that Change Calendar is open. For more information, see [AWS Systems Manager Change Calendar](https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-change-calendar) in the *AWS Systems Manager User Guide* .", + "title": "CalendarNames", + "type": "array" + }, + "ComplianceSeverity": { + "markdownDescription": "The severity level that is assigned to the association.", + "title": "ComplianceSeverity", + "type": "string" + }, + "DocumentVersion": { + "markdownDescription": "The version of the SSM document to associate with the target.\n\n> Note the following important information.\n> \n> - State Manager doesn't support running associations that use a new version of a document if that document is shared from another account. State Manager always runs the `default` version of a document if shared from another account, even though the Systems Manager console shows that a new version was processed. If you want to run an association using a new version of a document shared form another account, you must set the document version to `default` .\n> - `DocumentVersion` is not valid for documents owned by AWS , such as `AWS-RunPatchBaseline` or `AWS-UpdateSSMAgent` . If you specify `DocumentVersion` for an AWS document, the system returns the following error: \"Error occurred during operation 'CreateAssociation'.\" (RequestToken: , HandlerErrorCode: GeneralServiceException).", + "title": "DocumentVersion", + "type": "string" + }, + "InstanceId": { + "markdownDescription": "> `InstanceId` has been deprecated. To specify an instance ID for an association, use the `Targets` parameter. If you use the parameter `InstanceId` , you cannot use the parameters `AssociationName` , `DocumentVersion` , `MaxErrors` , `MaxConcurrency` , `OutputLocation` , or `ScheduleExpression` . To use these parameters, you must use the `Targets` parameter.\n> \n> Note that in some examples later in this page, `InstanceIds` is used as the tag-key name in a `Targets` filter. `InstanceId` is not used as a parameter. \n\nThe ID of the instance that the SSM document is associated with. You must specify the `InstanceId` or `Targets` property.", + "title": "InstanceId", + "type": "string" + }, + "MaxConcurrency": { + "markdownDescription": "The maximum number of targets allowed to run the association at the same time. You can specify a number, for example 10, or a percentage of the target set, for example 10%. The default value is 100%, which means all targets run the association at the same time.\n\nIf a new managed node starts and attempts to run an association while Systems Manager is running `MaxConcurrency` associations, the association is allowed to run. During the next association interval, the new managed node will process its association within the limit specified for `MaxConcurrency` .", + "title": "MaxConcurrency", + "type": "string" + }, + "MaxErrors": { + "markdownDescription": "The number of errors that are allowed before the system stops sending requests to run the association on additional targets. You can specify either an absolute number of errors, for example 10, or a percentage of the target set, for example 10%. If you specify 3, for example, the system stops sending requests when the fourth error is received. If you specify 0, then the system stops sending requests after the first error is returned. If you run an association on 50 managed nodes and set `MaxError` to 10%, then the system stops sending the request when the sixth error is received.\n\nExecutions that are already running an association when `MaxErrors` is reached are allowed to complete, but some of these executions may fail as well. If you need to ensure that there won't be more than max-errors failed executions, set `MaxConcurrency` to 1 so that executions proceed one at a time.", + "title": "MaxErrors", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the SSM document that contains the configuration information for the instance. You can specify `Command` or `Automation` documents. The documents can be AWS -predefined documents, documents you created, or a document that is shared with you from another account. For SSM documents that are shared with you from other AWS accounts , you must specify the complete SSM document ARN, in the following format:\n\n`arn:partition:ssm:region:account-id:document/document-name`\n\nFor example: `arn:aws:ssm:us-east-2:12345678912:document/My-Shared-Document`\n\nFor AWS -predefined documents and SSM documents you created in your account, you only need to specify the document name. For example, `AWS -ApplyPatchBaseline` or `My-Document` .", + "title": "Name", + "type": "string" + }, + "OutputLocation": { + "$ref": "#/definitions/AWS::SSM::Association.InstanceAssociationOutputLocation", + "markdownDescription": "An Amazon Simple Storage Service (Amazon S3) bucket where you want to store the output details of the request.", + "title": "OutputLocation" + }, + "Parameters": { + "markdownDescription": "The parameters for the runtime configuration of the document.", + "title": "Parameters", + "type": "object" + }, + "ScheduleExpression": { + "markdownDescription": "A cron expression that specifies a schedule when the association runs. The schedule runs in Coordinated Universal Time (UTC).", + "title": "ScheduleExpression", + "type": "string" + }, + "ScheduleOffset": { + "markdownDescription": "Number of days to wait after the scheduled day to run an association.", + "title": "ScheduleOffset", + "type": "number" + }, + "SyncCompliance": { + "markdownDescription": "The mode for generating association compliance. You can specify `AUTO` or `MANUAL` . In `AUTO` mode, the system uses the status of the association execution to determine the compliance status. If the association execution runs successfully, then the association is `COMPLIANT` . If the association execution doesn't run successfully, the association is `NON-COMPLIANT` .\n\nIn `MANUAL` mode, you must specify the `AssociationId` as a parameter for the `PutComplianceItems` API action. In this case, compliance data is not managed by State Manager. It is managed by your direct call to the `PutComplianceItems` API action.\n\nBy default, all associations use `AUTO` mode.", + "title": "SyncCompliance", + "type": "string" + }, + "Targets": { + "items": { + "$ref": "#/definitions/AWS::SSM::Association.Target" + }, + "markdownDescription": "The targets for the association. You must specify the `InstanceId` or `Targets` property. You can target all instances in an AWS account by specifying t he `InstanceIds` key with a value of `*` .\n\nSupported formats include the following.\n\n- `Key=InstanceIds,Values=,,`\n- `Key=tag-key,Values=,`\n\nTo view a JSON and a YAML example that targets all instances, see \"Create an association for all managed instances in an AWS account \" on the Examples page.", + "title": "Targets", + "type": "array" + }, + "WaitForSuccessTimeoutSeconds": { + "markdownDescription": "The number of seconds the service should wait for the association status to show \"Success\" before proceeding with the stack execution. If the association status doesn't show \"Success\" after the specified number of seconds, then stack creation fails.\n\n> When you specify a value for the `WaitForSuccessTimeoutSeconds` , [drift detection](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-stack-drift.html) for your AWS CloudFormation stack\u2019s configuration might yield inaccurate results. If drift detection is important in your scenario, we recommend that you don\u2019t include `WaitForSuccessTimeoutSeconds` in your template.", + "title": "WaitForSuccessTimeoutSeconds", + "type": "number" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SSM::Association" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SSM::Association.InstanceAssociationOutputLocation": { + "additionalProperties": false, + "properties": { + "S3Location": { + "$ref": "#/definitions/AWS::SSM::Association.S3OutputLocation", + "markdownDescription": "`S3OutputLocation` is a property of the [InstanceAssociationOutputLocation](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-association-instanceassociationoutputlocation.html) property that specifies an Amazon S3 bucket where you want to store the results of this request.", + "title": "S3Location" + } + }, + "type": "object" + }, + "AWS::SSM::Association.S3OutputLocation": { + "additionalProperties": false, + "properties": { + "OutputS3BucketName": { + "markdownDescription": "The name of the S3 bucket.", + "title": "OutputS3BucketName", + "type": "string" + }, + "OutputS3KeyPrefix": { + "markdownDescription": "The S3 bucket subfolder.", + "title": "OutputS3KeyPrefix", + "type": "string" + }, + "OutputS3Region": { + "markdownDescription": "The AWS Region of the S3 bucket.", + "title": "OutputS3Region", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SSM::Association.Target": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "User-defined criteria for sending commands that target managed nodes that meet the criteria.", + "title": "Key", + "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "User-defined criteria that maps to `Key` . For example, if you specified `tag:ServerRole` , you could specify `value:WebServer` to run a command on instances that include EC2 tags of `ServerRole,WebServer` .\n\nDepending on the type of target, the maximum number of values for a key might be lower than the global maximum of 50.", + "title": "Values", + "type": "array" + } + }, + "required": [ + "Key", + "Values" + ], + "type": "object" + }, + "AWS::SSM::Document": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Attachments": { + "items": { + "$ref": "#/definitions/AWS::SSM::Document.AttachmentsSource" + }, + "markdownDescription": "A list of key-value pairs that describe attachments to a version of a document.", + "title": "Attachments", + "type": "array" + }, + "Content": { + "markdownDescription": "The content for the new SSM document in JSON or YAML. For more information about the schemas for SSM document content, see [SSM document schema features and examples](https://docs.aws.amazon.com/systems-manager/latest/userguide/document-schemas-features.html) in the *AWS Systems Manager User Guide* .\n\n> This parameter also supports `String` data types.", + "title": "Content", + "type": "object" + }, + "DocumentFormat": { + "markdownDescription": "Specify the document format for the request. `JSON` is the default format.", + "title": "DocumentFormat", + "type": "string" + }, + "DocumentType": { + "markdownDescription": "The type of document to create.", + "title": "DocumentType", + "type": "string" + }, + "Name": { + "markdownDescription": "A name for the SSM document.\n\n> You can't use the following strings as document name prefixes. These are reserved by AWS for use as document name prefixes:\n> \n> - `aws`\n> - `amazon`\n> - `amzn`\n> - `AWSEC2`\n> - `AWSConfigRemediation`\n> - `AWSSupport`", + "title": "Name", + "type": "string" + }, + "Requires": { + "items": { + "$ref": "#/definitions/AWS::SSM::Document.DocumentRequires" + }, + "markdownDescription": "A list of SSM documents required by a document. This parameter is used exclusively by AWS AppConfig . When a user creates an AWS AppConfig configuration in an SSM document, the user must also specify a required document for validation purposes. In this case, an `ApplicationConfiguration` document requires an `ApplicationConfigurationSchema` document for validation purposes. For more information, see [What is AWS AppConfig ?](https://docs.aws.amazon.com/appconfig/latest/userguide/what-is-appconfig.html) in the *AWS AppConfig User Guide* .", + "title": "Requires", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "AWS CloudFormation resource tags to apply to the document. Use tags to help you identify and categorize resources.", + "title": "Tags", + "type": "array" + }, + "TargetType": { + "markdownDescription": "Specify a target type to define the kinds of resources the document can run on. For example, to run a document on EC2 instances, specify the following value: `/AWS::EC2::Instance` . If you specify a value of '/' the document can run on all types of resources. If you don't specify a value, the document can't run on any resources. For a list of valid resource types, see [AWS resource and property types reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html) in the *AWS CloudFormation User Guide* .", + "title": "TargetType", + "type": "string" + }, + "UpdateMethod": { + "markdownDescription": "If the document resource you specify in your template already exists, this parameter determines whether a new version of the existing document is created, or the existing document is replaced. `Replace` is the default method. If you specify `NewVersion` for the `UpdateMethod` parameter, and the `Name` of the document does not match an existing resource, a new document is created. When you specify `NewVersion` , the default version of the document is changed to the newly created version.", + "title": "UpdateMethod", + "type": "string" + }, + "VersionName": { + "markdownDescription": "An optional field specifying the version of the artifact you are creating with the document. For example, `Release12.1` . This value is unique across all versions of a document, and can't be changed.", + "title": "VersionName", + "type": "string" + } + }, + "required": [ + "Content" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SSM::Document" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SSM::Document.AttachmentsSource": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The key of a key-value pair that identifies the location of an attachment to a document.", + "title": "Key", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the document attachment file.", + "title": "Name", + "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The value of a key-value pair that identifies the location of an attachment to a document. The format for *Value* depends on the type of key you specify.\n\n- For the key *SourceUrl* , the value is an S3 bucket location. For example:\n\n`\"Values\": [ \"s3://amzn-s3-demo-bucket/my-prefix\" ]`\n- For the key *S3FileUrl* , the value is a file in an S3 bucket. For example:\n\n`\"Values\": [ \"s3://amzn-s3-demo-bucket/my-prefix/my-file.py\" ]`\n- For the key *AttachmentReference* , the value is constructed from the name of another SSM document in your account, a version number of that document, and a file attached to that document version that you want to reuse. For example:\n\n`\"Values\": [ \"MyOtherDocument/3/my-other-file.py\" ]`\n\nHowever, if the SSM document is shared with you from another account, the full SSM document ARN must be specified instead of the document name only. For example:\n\n`\"Values\": [ \"arn:aws:ssm:us-east-2:111122223333:document/OtherAccountDocument/3/their-file.py\" ]`", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SSM::Document.DocumentRequires": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the required SSM document. The name can be an Amazon Resource Name (ARN).", + "title": "Name", + "type": "string" + }, + "Version": { + "markdownDescription": "The document version required by the current document.", + "title": "Version", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SSM::MaintenanceWindow": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AllowUnassociatedTargets": { + "markdownDescription": "Enables a maintenance window task to run on managed instances, even if you have not registered those instances as targets. If enabled, then you must specify the unregistered instances (by instance ID) when you register a task with the maintenance window.", + "title": "AllowUnassociatedTargets", + "type": "boolean" + }, + "Cutoff": { + "markdownDescription": "The number of hours before the end of the maintenance window that AWS Systems Manager stops scheduling new tasks for execution.", + "title": "Cutoff", + "type": "number" + }, + "Description": { + "markdownDescription": "A description of the maintenance window.", + "title": "Description", + "type": "string" + }, + "Duration": { + "markdownDescription": "The duration of the maintenance window in hours.", + "title": "Duration", + "type": "number" + }, + "EndDate": { + "markdownDescription": "The date and time, in ISO-8601 Extended format, for when the maintenance window is scheduled to become inactive.", + "title": "EndDate", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the maintenance window.", + "title": "Name", + "type": "string" + }, + "Schedule": { + "markdownDescription": "The schedule of the maintenance window in the form of a cron or rate expression.", + "title": "Schedule", + "type": "string" + }, + "ScheduleOffset": { + "markdownDescription": "The number of days to wait to run a maintenance window after the scheduled cron expression date and time.", + "title": "ScheduleOffset", + "type": "number" + }, + "ScheduleTimezone": { + "markdownDescription": "The time zone that the scheduled maintenance window executions are based on, in Internet Assigned Numbers Authority (IANA) format.", + "title": "ScheduleTimezone", + "type": "string" + }, + "StartDate": { + "markdownDescription": "The date and time, in ISO-8601 Extended format, for when the maintenance window is scheduled to become active. `StartDate` allows you to delay activation of the maintenance window until the specified future date.", + "title": "StartDate", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Optional metadata that you assign to a resource in the form of an arbitrary set of tags (key-value pairs). Tags enable you to categorize a resource in different ways, such as by purpose, owner, or environment. For example, you might want to tag a maintenance window to identify the type of tasks it will run, the types of targets, and the environment it will run in.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "AllowUnassociatedTargets", + "Cutoff", + "Duration", + "Name", + "Schedule" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SSM::MaintenanceWindow" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SSM::MaintenanceWindowTarget": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description for the target.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name for the maintenance window target.", + "title": "Name", + "type": "string" + }, + "OwnerInformation": { + "markdownDescription": "A user-provided value that will be included in any Amazon CloudWatch Events events that are raised while running tasks for these targets in this maintenance window.", + "title": "OwnerInformation", + "type": "string" + }, + "ResourceType": { + "markdownDescription": "The type of target that is being registered with the maintenance window.", + "title": "ResourceType", + "type": "string" + }, + "Targets": { + "items": { + "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTarget.Targets" + }, + "markdownDescription": "The targets to register with the maintenance window. In other words, the instances to run commands on when the maintenance window runs.\n\nYou must specify targets by using the `WindowTargetIds` parameter.", + "title": "Targets", + "type": "array" + }, + "WindowId": { + "markdownDescription": "The ID of the maintenance window to register the target with.", + "title": "WindowId", + "type": "string" + } + }, + "required": [ + "ResourceType", + "Targets", + "WindowId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SSM::MaintenanceWindowTarget" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SSM::MaintenanceWindowTarget.Targets": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "User-defined criteria for sending commands that target managed nodes that meet the criteria.", + "title": "Key", + "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "User-defined criteria that maps to `Key` . For example, if you specified `tag:ServerRole` , you could specify `value:WebServer` to run a command on instances that include EC2 tags of `ServerRole,WebServer` .\n\nDepending on the type of target, the maximum number of values for a key might be lower than the global maximum of 50.", + "title": "Values", + "type": "array" + } + }, + "required": [ + "Key", + "Values" + ], + "type": "object" + }, + "AWS::SSM::MaintenanceWindowTask": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CutoffBehavior": { + "markdownDescription": "The specification for whether tasks should continue to run after the cutoff time specified in the maintenance windows is reached.", + "title": "CutoffBehavior", + "type": "string" + }, + "Description": { + "markdownDescription": "A description of the task.", + "title": "Description", + "type": "string" + }, + "LoggingInfo": { + "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.LoggingInfo", + "markdownDescription": "> `LoggingInfo` has been deprecated. To specify an Amazon S3 bucket to contain logs for Run Command tasks, instead use the `OutputS3BucketName` and `OutputS3KeyPrefix` options in the `TaskInvocationParameters` structure. For information about how Systems Manager handles these options for the supported maintenance window task types, see [AWS ::SSM::MaintenanceWindowTask MaintenanceWindowRunCommandParameters](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-maintenancewindowtask-maintenancewindowruncommandparameters.html) . \n\nInformation about an Amazon S3 bucket to write Run Command task-level logs to.", + "title": "LoggingInfo" + }, + "MaxConcurrency": { + "markdownDescription": "The maximum number of targets this task can be run for, in parallel.\n\n> Although this element is listed as \"Required: No\", a value can be omitted only when you are registering or updating a [targetless task](https://docs.aws.amazon.com/systems-manager/latest/userguide/maintenance-windows-targetless-tasks.html) You must provide a value in all other cases.\n> \n> For maintenance window tasks without a target specified, you can't supply a value for this option. Instead, the system inserts a placeholder value of `1` . This value doesn't affect the running of your task.", + "title": "MaxConcurrency", + "type": "string" + }, + "MaxErrors": { + "markdownDescription": "The maximum number of errors allowed before this task stops being scheduled.\n\n> Although this element is listed as \"Required: No\", a value can be omitted only when you are registering or updating a [targetless task](https://docs.aws.amazon.com/systems-manager/latest/userguide/maintenance-windows-targetless-tasks.html) You must provide a value in all other cases.\n> \n> For maintenance window tasks without a target specified, you can't supply a value for this option. Instead, the system inserts a placeholder value of `1` . This value doesn't affect the running of your task.", + "title": "MaxErrors", + "type": "string" + }, + "Name": { + "markdownDescription": "The task name.", + "title": "Name", + "type": "string" + }, + "Priority": { + "markdownDescription": "The priority of the task in the maintenance window. The lower the number, the higher the priority. Tasks that have the same priority are scheduled in parallel.", + "title": "Priority", + "type": "number" + }, + "ServiceRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM service role for AWS Systems Manager to assume when running a maintenance window task. If you do not specify a service role ARN, Systems Manager uses a service-linked role in your account. If no appropriate service-linked role for Systems Manager exists in your account, it is created when you run `RegisterTaskWithMaintenanceWindow` .\n\nHowever, for an improved security posture, we strongly recommend creating a custom policy and custom service role for running your maintenance window tasks. The policy can be crafted to provide only the permissions needed for your particular maintenance window tasks. For more information, see [Setting up Maintenance Windows](https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-maintenance-permissions.html) in the in the *AWS Systems Manager User Guide* .", + "title": "ServiceRoleArn", + "type": "string" + }, + "Targets": { + "items": { + "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.Target" + }, + "markdownDescription": "The targets, either instances or window target IDs.\n\n- Specify instances using `Key=InstanceIds,Values= *instanceid1* , *instanceid2*` .\n- Specify window target IDs using `Key=WindowTargetIds,Values= *window-target-id-1* , *window-target-id-2*` .", + "title": "Targets", + "type": "array" + }, + "TaskArn": { + "markdownDescription": "The resource that the task uses during execution.\n\nFor `RUN_COMMAND` and `AUTOMATION` task types, `TaskArn` is the SSM document name or Amazon Resource Name (ARN).\n\nFor `LAMBDA` tasks, `TaskArn` is the function name or ARN.\n\nFor `STEP_FUNCTIONS` tasks, `TaskArn` is the state machine ARN.", + "title": "TaskArn", + "type": "string" + }, + "TaskInvocationParameters": { + "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.TaskInvocationParameters", + "markdownDescription": "The parameters to pass to the task when it runs. Populate only the fields that match the task type. All other fields should be empty.\n\n> When you update a maintenance window task that has options specified in `TaskInvocationParameters` , you must provide again all the `TaskInvocationParameters` values that you want to retain. The values you do not specify again are removed. For example, suppose that when you registered a Run Command task, you specified `TaskInvocationParameters` values for `Comment` , `NotificationConfig` , and `OutputS3BucketName` . If you update the maintenance window task and specify only a different `OutputS3BucketName` value, the values for `Comment` and `NotificationConfig` are removed.", + "title": "TaskInvocationParameters" + }, + "TaskParameters": { + "markdownDescription": "> `TaskParameters` has been deprecated. To specify parameters to pass to a task when it runs, instead use the `Parameters` option in the `TaskInvocationParameters` structure. For information about how Systems Manager handles these options for the supported maintenance window task types, see [MaintenanceWindowTaskInvocationParameters](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_MaintenanceWindowTaskInvocationParameters.html) . \n\nThe parameters to pass to the task when it runs.", + "title": "TaskParameters", + "type": "object" + }, + "TaskType": { + "markdownDescription": "The type of task. Valid values: `RUN_COMMAND` , `AUTOMATION` , `LAMBDA` , `STEP_FUNCTIONS` .", + "title": "TaskType", + "type": "string" + }, + "WindowId": { + "markdownDescription": "The ID of the maintenance window where the task is registered.", + "title": "WindowId", + "type": "string" + } + }, + "required": [ + "Priority", + "TaskArn", + "TaskType", + "WindowId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SSM::MaintenanceWindowTask" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SSM::MaintenanceWindowTask.CloudWatchOutputConfig": { + "additionalProperties": false, + "properties": { + "CloudWatchLogGroupName": { + "markdownDescription": "The name of the CloudWatch Logs log group where you want to send command output. If you don't specify a group name, AWS Systems Manager automatically creates a log group for you. The log group uses the following naming format:\n\n`aws/ssm/ *SystemsManagerDocumentName*`", + "title": "CloudWatchLogGroupName", + "type": "string" + }, + "CloudWatchOutputEnabled": { + "markdownDescription": "Enables Systems Manager to send command output to CloudWatch Logs.", + "title": "CloudWatchOutputEnabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::SSM::MaintenanceWindowTask.LoggingInfo": { + "additionalProperties": false, + "properties": { + "Region": { + "markdownDescription": "The AWS Region where the S3 bucket is located.", + "title": "Region", + "type": "string" + }, + "S3Bucket": { + "markdownDescription": "The name of an S3 bucket where execution logs are stored.", + "title": "S3Bucket", + "type": "string" + }, + "S3Prefix": { + "markdownDescription": "The Amazon S3 bucket subfolder.", + "title": "S3Prefix", + "type": "string" + } + }, + "required": [ + "Region", + "S3Bucket" + ], + "type": "object" + }, + "AWS::SSM::MaintenanceWindowTask.MaintenanceWindowAutomationParameters": { + "additionalProperties": false, + "properties": { + "DocumentVersion": { + "markdownDescription": "The version of an Automation runbook to use during task execution.", + "title": "DocumentVersion", + "type": "string" + }, + "Parameters": { + "markdownDescription": "The parameters for the `AUTOMATION` type task.", + "title": "Parameters", + "type": "object" + } + }, + "type": "object" + }, + "AWS::SSM::MaintenanceWindowTask.MaintenanceWindowLambdaParameters": { + "additionalProperties": false, + "properties": { + "ClientContext": { + "markdownDescription": "Client-specific information to pass to the AWS Lambda function that you're invoking. You can then use the `context` variable to process the client information in your AWS Lambda function.", + "title": "ClientContext", + "type": "string" + }, + "Payload": { + "markdownDescription": "JSON to provide to your AWS Lambda function as input.\n\n> Although `Type` is listed as \"String\" for this property, the payload content must be formatted as a Base64-encoded binary data object. \n\n*Length Constraint:* 4096", + "title": "Payload", + "type": "string" + }, + "Qualifier": { + "markdownDescription": "An AWS Lambda function version or alias name. If you specify a function version, the action uses the qualified function Amazon Resource Name (ARN) to invoke a specific Lambda function. If you specify an alias name, the action uses the alias ARN to invoke the Lambda function version that the alias points to.", + "title": "Qualifier", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SSM::MaintenanceWindowTask.MaintenanceWindowRunCommandParameters": { + "additionalProperties": false, + "properties": { + "CloudWatchOutputConfig": { + "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.CloudWatchOutputConfig", + "markdownDescription": "Configuration options for sending command output to Amazon CloudWatch Logs.", + "title": "CloudWatchOutputConfig" + }, + "Comment": { + "markdownDescription": "Information about the command or commands to run.", + "title": "Comment", + "type": "string" + }, + "DocumentHash": { + "markdownDescription": "The SHA-256 or SHA-1 hash created by the system when the document was created. SHA-1 hashes have been deprecated.", + "title": "DocumentHash", + "type": "string" + }, + "DocumentHashType": { + "markdownDescription": "The SHA-256 or SHA-1 hash type. SHA-1 hashes are deprecated.", + "title": "DocumentHashType", + "type": "string" + }, + "DocumentVersion": { + "markdownDescription": "The AWS Systems Manager document (SSM document) version to use in the request. You can specify `$DEFAULT` , `$LATEST` , or a specific version number. If you run commands by using the AWS CLI, then you must escape the first two options by using a backslash. If you specify a version number, then you don't need to use the backslash. For example:\n\n`--document-version \"\\$DEFAULT\"`\n\n`--document-version \"\\$LATEST\"`\n\n`--document-version \"3\"`", + "title": "DocumentVersion", + "type": "string" + }, + "NotificationConfig": { + "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.NotificationConfig", + "markdownDescription": "Configurations for sending notifications about command status changes on a per-managed node basis.", + "title": "NotificationConfig" + }, + "OutputS3BucketName": { + "markdownDescription": "The name of the Amazon Simple Storage Service (Amazon S3) bucket.", + "title": "OutputS3BucketName", + "type": "string" + }, + "OutputS3KeyPrefix": { + "markdownDescription": "The S3 bucket subfolder.", + "title": "OutputS3KeyPrefix", + "type": "string" + }, + "Parameters": { + "markdownDescription": "The parameters for the `RUN_COMMAND` task execution.\n\nThe supported parameters are the same as those for the `SendCommand` API call. For more information, see [SendCommand](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_SendCommand.html) in the *AWS Systems Manager API Reference* .", + "title": "Parameters", + "type": "object" + }, + "ServiceRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM service role for AWS Systems Manager to assume when running a maintenance window task. If you do not specify a service role ARN, Systems Manager uses a service-linked role in your account. If no appropriate service-linked role for Systems Manager exists in your account, it is created when you run `RegisterTaskWithMaintenanceWindow` .\n\nHowever, for an improved security posture, we strongly recommend creating a custom policy and custom service role for running your maintenance window tasks. The policy can be crafted to provide only the permissions needed for your particular maintenance window tasks. For more information, see [Setting up Maintenance Windows](https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-maintenance-permissions.html) in the in the *AWS Systems Manager User Guide* .", + "title": "ServiceRoleArn", + "type": "string" + }, + "TimeoutSeconds": { + "markdownDescription": "If this time is reached and the command hasn't already started running, it doesn't run.", + "title": "TimeoutSeconds", + "type": "number" + } + }, + "type": "object" + }, + "AWS::SSM::MaintenanceWindowTask.MaintenanceWindowStepFunctionsParameters": { + "additionalProperties": false, + "properties": { + "Input": { + "markdownDescription": "The inputs for the `STEP_FUNCTIONS` task.", + "title": "Input", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the `STEP_FUNCTIONS` task.", + "title": "Name", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SSM::MaintenanceWindowTask.NotificationConfig": { + "additionalProperties": false, + "properties": { + "NotificationArn": { + "markdownDescription": "An Amazon Resource Name (ARN) for an Amazon Simple Notification Service (Amazon SNS) topic. Run Command pushes notifications about command status changes to this topic.", + "title": "NotificationArn", + "type": "string" + }, + "NotificationEvents": { + "items": { + "type": "string" + }, + "markdownDescription": "The different events that you can receive notifications for. These events include the following: `All` (events), `InProgress` , `Success` , `TimedOut` , `Cancelled` , `Failed` . To learn more about these events, see [Configuring Amazon SNS Notifications for AWS Systems Manager](https://docs.aws.amazon.com/systems-manager/latest/userguide/monitoring-sns-notifications.html) in the *AWS Systems Manager User Guide* .", + "title": "NotificationEvents", + "type": "array" + }, + "NotificationType": { + "markdownDescription": "The notification type.\n\n- `Command` : Receive notification when the status of a command changes.\n- `Invocation` : For commands sent to multiple instances, receive notification on a per-instance basis when the status of a command changes.", + "title": "NotificationType", + "type": "string" + } + }, + "required": [ + "NotificationArn" + ], + "type": "object" + }, + "AWS::SSM::MaintenanceWindowTask.Target": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "User-defined criteria for sending commands that target instances that meet the criteria. `Key` can be `InstanceIds` or `WindowTargetIds` . For more information about how to target instances within a maintenance window task, see [About 'register-task-with-maintenance-window' Options and Values](https://docs.aws.amazon.com/systems-manager/latest/userguide/register-tasks-options.html) in the *AWS Systems Manager User Guide* .", + "title": "Key", + "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "User-defined criteria that maps to `Key` . For example, if you specify `InstanceIds` , you can specify `i-1234567890abcdef0,i-9876543210abcdef0` to run a command on two EC2 instances. For more information about how to target instances within a maintenance window task, see [About 'register-task-with-maintenance-window' Options and Values](https://docs.aws.amazon.com/systems-manager/latest/userguide/register-tasks-options.html) in the *AWS Systems Manager User Guide* .", + "title": "Values", + "type": "array" + } + }, + "required": [ + "Key", + "Values" + ], + "type": "object" + }, + "AWS::SSM::MaintenanceWindowTask.TaskInvocationParameters": { + "additionalProperties": false, + "properties": { + "MaintenanceWindowAutomationParameters": { + "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.MaintenanceWindowAutomationParameters", + "markdownDescription": "The parameters for an `AUTOMATION` task type.", + "title": "MaintenanceWindowAutomationParameters" + }, + "MaintenanceWindowLambdaParameters": { + "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.MaintenanceWindowLambdaParameters", + "markdownDescription": "The parameters for a `LAMBDA` task type.", + "title": "MaintenanceWindowLambdaParameters" + }, + "MaintenanceWindowRunCommandParameters": { + "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.MaintenanceWindowRunCommandParameters", + "markdownDescription": "The parameters for a `RUN_COMMAND` task type.", + "title": "MaintenanceWindowRunCommandParameters" + }, + "MaintenanceWindowStepFunctionsParameters": { + "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.MaintenanceWindowStepFunctionsParameters", + "markdownDescription": "The parameters for a `STEP_FUNCTIONS` task type.", + "title": "MaintenanceWindowStepFunctionsParameters" + } + }, + "type": "object" + }, + "AWS::SSM::Parameter": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AllowedPattern": { + "markdownDescription": "A regular expression used to validate the parameter value. For example, for `String` types with values restricted to numbers, you can specify the following: `AllowedPattern=^\\d+$`", + "title": "AllowedPattern", + "type": "string" + }, + "DataType": { + "markdownDescription": "The data type of the parameter, such as `text` or `aws:ec2:image` . The default is `text` .", + "title": "DataType", + "type": "string" + }, + "Description": { + "markdownDescription": "Information about the parameter.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the parameter.\n\n> The reported maximum length of 2048 characters for a parameter name includes 1037 characters that are reserved for internal use by Systems Manager . The maximum length for a parameter name that you specify is 1011 characters.\n> \n> This count of 1011 characters includes the characters in the ARN that precede the name you specify. This ARN length will vary depending on your partition and Region. For example, the following 45 characters count toward the 1011 character maximum for a parameter created in the US East (Ohio) Region: `arn:aws:ssm:us-east-2:111122223333:parameter/` .", + "title": "Name", + "type": "string" + }, + "Policies": { + "markdownDescription": "Information about the policies assigned to a parameter.\n\n[Assigning parameter policies](https://docs.aws.amazon.com/systems-manager/latest/userguide/parameter-store-policies.html) in the *AWS Systems Manager User Guide* .", + "title": "Policies", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Optional metadata that you assign to a resource in the form of an arbitrary set of tags (key-value pairs). Tags enable you to categorize a resource in different ways, such as by purpose, owner, or environment. For example, you might want to tag a Systems Manager parameter to identify the type of resource to which it applies, the environment, or the type of configuration data referenced by the parameter.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "Tier": { + "markdownDescription": "The parameter tier.", + "title": "Tier", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of parameter.\n\n> Parameters of type `SecureString` are not supported by AWS CloudFormation .", + "title": "Type", + "type": "string" + }, + "Value": { + "markdownDescription": "The parameter value.\n\n> If type is `StringList` , the system returns a comma-separated string with no spaces between commas in the `Value` field.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Type", + "Value" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SSM::Parameter" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SSM::PatchBaseline": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApprovalRules": { + "$ref": "#/definitions/AWS::SSM::PatchBaseline.RuleGroup", + "markdownDescription": "A set of rules used to include patches in the baseline.", + "title": "ApprovalRules" + }, + "ApprovedPatches": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of explicitly approved patches for the baseline.\n\nFor information about accepted formats for lists of approved patches and rejected patches, see [Package name formats for approved and rejected patch lists](https://docs.aws.amazon.com/systems-manager/latest/userguide/patch-manager-approved-rejected-package-name-formats.html) in the *AWS Systems Manager User Guide* .", + "title": "ApprovedPatches", + "type": "array" + }, + "ApprovedPatchesComplianceLevel": { + "markdownDescription": "Defines the compliance level for approved patches. When an approved patch is reported as missing, this value describes the severity of the compliance violation. The default value is `UNSPECIFIED` .", + "title": "ApprovedPatchesComplianceLevel", + "type": "string" + }, + "ApprovedPatchesEnableNonSecurity": { + "markdownDescription": "Indicates whether the list of approved patches includes non-security updates that should be applied to the managed nodes. The default value is `false` . Applies to Linux managed nodes only.", + "title": "ApprovedPatchesEnableNonSecurity", + "type": "boolean" + }, + "AvailableSecurityUpdatesComplianceStatus": { + "markdownDescription": "", + "title": "AvailableSecurityUpdatesComplianceStatus", + "type": "string" + }, + "DefaultBaseline": { + "markdownDescription": "Indicates whether this is the default baseline. AWS Systems Manager supports creating multiple default patch baselines. For example, you can create a default patch baseline for each operating system.", + "title": "DefaultBaseline", + "type": "boolean" + }, + "Description": { + "markdownDescription": "A description of the patch baseline.", + "title": "Description", + "type": "string" + }, + "GlobalFilters": { + "$ref": "#/definitions/AWS::SSM::PatchBaseline.PatchFilterGroup", + "markdownDescription": "A set of global filters used to include patches in the baseline.\n\n> The `GlobalFilters` parameter can be configured only by using the AWS CLI or an AWS SDK. It can't be configured from the Patch Manager console, and its value isn't displayed in the console.", + "title": "GlobalFilters" + }, + "Name": { + "markdownDescription": "The name of the patch baseline.", + "title": "Name", + "type": "string" + }, + "OperatingSystem": { + "markdownDescription": "Defines the operating system the patch baseline applies to. The default value is `WINDOWS` .", + "title": "OperatingSystem", + "type": "string" + }, + "PatchGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The name of the patch group to be registered with the patch baseline.", + "title": "PatchGroups", + "type": "array" + }, + "RejectedPatches": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of explicitly rejected patches for the baseline.\n\nFor information about accepted formats for lists of approved patches and rejected patches, see [Package name formats for approved and rejected patch lists](https://docs.aws.amazon.com/systems-manager/latest/userguide/patch-manager-approved-rejected-package-name-formats.html) in the *AWS Systems Manager User Guide* .", + "title": "RejectedPatches", + "type": "array" + }, + "RejectedPatchesAction": { + "markdownDescription": "The action for Patch Manager to take on patches included in the `RejectedPackages` list.\n\n- **ALLOW_AS_DEPENDENCY** - *Linux and macOS* : A package in the rejected patches list is installed only if it is a dependency of another package. It is considered compliant with the patch baseline, and its status is reported as `INSTALLED_OTHER` . This is the default action if no option is specified.\n\n*Windows Server* : Windows Server doesn't support the concept of package dependencies. If a package in the rejected patches list and already installed on the node, its status is reported as `INSTALLED_OTHER` . Any package not already installed on the node is skipped. This is the default action if no option is specified.\n- **BLOCK** - *All OSs* : Packages in the rejected patches list, and packages that include them as dependencies, aren't installed by Patch Manager under any circumstances. If a package was installed before it was added to the rejected patches list, or is installed outside of Patch Manager afterward, it's considered noncompliant with the patch baseline and its status is reported as `INSTALLED_REJECTED` .", + "title": "RejectedPatchesAction", + "type": "string" + }, + "Sources": { + "items": { + "$ref": "#/definitions/AWS::SSM::PatchBaseline.PatchSource" + }, + "markdownDescription": "Information about the patches to use to update the managed nodes, including target operating systems and source repositories. Applies to Linux managed nodes only.", + "title": "Sources", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Optional metadata that you assign to a resource. Tags enable you to categorize a resource in different ways, such as by purpose, owner, or environment. For example, you might want to tag a patch baseline to identify the severity level of patches it specifies and the operating system family it applies to.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SSM::PatchBaseline" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SSM::PatchBaseline.PatchFilter": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The key for the filter.\n\nFor information about valid keys, see [PatchFilter](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_PatchFilter.html) in the *AWS Systems Manager API Reference* .", + "title": "Key", + "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The value for the filter key.\n\nFor information about valid values for each key based on operating system type, see [PatchFilter](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_PatchFilter.html) in the *AWS Systems Manager API Reference* .", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SSM::PatchBaseline.PatchFilterGroup": { + "additionalProperties": false, + "properties": { + "PatchFilters": { + "items": { + "$ref": "#/definitions/AWS::SSM::PatchBaseline.PatchFilter" + }, + "markdownDescription": "The set of patch filters that make up the group.", + "title": "PatchFilters", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SSM::PatchBaseline.PatchSource": { + "additionalProperties": false, + "properties": { + "Configuration": { + "markdownDescription": "The value of the repo configuration.\n\n*Example for yum repositories*\n\n`[main]`\n\n`name=MyCustomRepository`\n\n`baseurl=https://my-custom-repository`\n\n`enabled=1`\n\nFor information about other options available for your yum repository configuration, see [dnf.conf(5)](https://docs.aws.amazon.com/https://man7.org/linux/man-pages/man5/dnf.conf.5.html) on the *man7.org* website.\n\n*Examples for Ubuntu Server and Debian Server*\n\n`deb http://security.ubuntu.com/ubuntu jammy main`\n\n`deb https://site.example.com/debian distribution component1 component2 component3`\n\nRepo information for Ubuntu Server repositories must be specifed in a single line. For more examples and information, see [jammy (5) sources.list.5.gz](https://docs.aws.amazon.com/https://manpages.ubuntu.com/manpages/jammy/man5/sources.list.5.html) on the *Ubuntu Server Manuals* website and [sources.list format](https://docs.aws.amazon.com/https://wiki.debian.org/SourcesList#sources.list_format) on the *Debian Wiki* .", + "title": "Configuration", + "type": "string" + }, + "Name": { + "markdownDescription": "The name specified to identify the patch source.", + "title": "Name", + "type": "string" + }, + "Products": { + "items": { + "type": "string" + }, + "markdownDescription": "The specific operating system versions a patch repository applies to, such as \"Ubuntu16.04\", \"RedhatEnterpriseLinux7.2\" or \"Suse12.7\". For lists of supported product values, see [PatchFilter](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_PatchFilter.html) in the *AWS Systems Manager API Reference* .", + "title": "Products", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SSM::PatchBaseline.Rule": { + "additionalProperties": false, + "properties": { + "ApproveAfterDays": { + "markdownDescription": "The number of days after the release date of each patch matched by the rule that the patch is marked as approved in the patch baseline. For example, a value of `7` means that patches are approved seven days after they are released.\n\nThis parameter is marked as `Required: No` , but your request must include a value for either `ApproveAfterDays` or `ApproveUntilDate` .\n\nNot supported for Debian Server or Ubuntu Server.\n\n> Use caution when setting this value for Windows Server patch baselines. Because patch updates that are replaced by later updates are removed, setting too broad a value for this parameter can result in crucial patches not being installed. For more information, see the *Windows Server* tab in the topic [How security patches are selected](https://docs.aws.amazon.com/systems-manager/latest/userguide/patch-manager-selecting-patches.html) in the *AWS Systems Manager User Guide* .", + "title": "ApproveAfterDays", + "type": "number" + }, + "ApproveUntilDate": { + "markdownDescription": "The cutoff date for auto approval of released patches. Any patches released on or before this date are installed automatically.\n\nEnter dates in the format `YYYY-MM-DD` . For example, `2024-12-31` .\n\nThis parameter is marked as `Required: No` , but your request must include a value for either `ApproveUntilDate` or `ApproveAfterDays` .\n\nNot supported for Debian Server or Ubuntu Server.\n\n> Use caution when setting this value for Windows Server patch baselines. Because patch updates that are replaced by later updates are removed, setting too broad a value for this parameter can result in crucial patches not being installed. For more information, see the *Windows Server* tab in the topic [How security patches are selected](https://docs.aws.amazon.com/systems-manager/latest/userguide/patch-manager-selecting-patches.html) in the *AWS Systems Manager User Guide* .", + "title": "ApproveUntilDate", + "type": "string" + }, + "ComplianceLevel": { + "markdownDescription": "A compliance severity level for all approved patches in a patch baseline. Valid compliance severity levels include the following: `UNSPECIFIED` , `CRITICAL` , `HIGH` , `MEDIUM` , `LOW` , and `INFORMATIONAL` .", + "title": "ComplianceLevel", + "type": "string" + }, + "EnableNonSecurity": { + "markdownDescription": "For managed nodes identified by the approval rule filters, enables a patch baseline to apply non-security updates available in the specified repository. The default value is `false` . Applies to Linux managed nodes only.", + "title": "EnableNonSecurity", + "type": "boolean" + }, + "PatchFilterGroup": { + "$ref": "#/definitions/AWS::SSM::PatchBaseline.PatchFilterGroup", + "markdownDescription": "The patch filter group that defines the criteria for the rule.", + "title": "PatchFilterGroup" + } + }, + "type": "object" + }, + "AWS::SSM::PatchBaseline.RuleGroup": { + "additionalProperties": false, + "properties": { + "PatchRules": { + "items": { + "$ref": "#/definitions/AWS::SSM::PatchBaseline.Rule" + }, + "markdownDescription": "The rules that make up the rule group.", + "title": "PatchRules", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SSM::ResourceDataSync": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "The name of the S3 bucket where the aggregated data is stored.", + "title": "BucketName", + "type": "string" + }, + "BucketPrefix": { + "markdownDescription": "An Amazon S3 prefix for the bucket.", + "title": "BucketPrefix", + "type": "string" + }, + "BucketRegion": { + "markdownDescription": "The AWS Region with the S3 bucket targeted by the resource data sync.", + "title": "BucketRegion", + "type": "string" + }, + "KMSKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an encryption key for a destination in Amazon S3 . You can use a KMS key to encrypt inventory data in Amazon S3 . You must specify a key that exist in the same AWS Region as the destination Amazon S3 bucket.", + "title": "KMSKeyArn", + "type": "string" + }, + "S3Destination": { + "$ref": "#/definitions/AWS::SSM::ResourceDataSync.S3Destination", + "markdownDescription": "Configuration information for the target S3 bucket.", + "title": "S3Destination" + }, + "SyncFormat": { + "markdownDescription": "A supported sync format. The following format is currently supported: JsonSerDe", + "title": "SyncFormat", + "type": "string" + }, + "SyncName": { + "markdownDescription": "A name for the resource data sync.", + "title": "SyncName", + "type": "string" + }, + "SyncSource": { + "$ref": "#/definitions/AWS::SSM::ResourceDataSync.SyncSource", + "markdownDescription": "Information about the source where the data was synchronized.", + "title": "SyncSource" + }, + "SyncType": { + "markdownDescription": "The type of resource data sync. If `SyncType` is `SyncToDestination` , then the resource data sync synchronizes data to an S3 bucket. If the `SyncType` is `SyncFromSource` then the resource data sync synchronizes data from AWS Organizations or from multiple AWS Regions .", + "title": "SyncType", + "type": "string" + } + }, + "required": [ + "SyncName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SSM::ResourceDataSync" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SSM::ResourceDataSync.AwsOrganizationsSource": { + "additionalProperties": false, + "properties": { + "OrganizationSourceType": { + "markdownDescription": "If an AWS organization is present, this is either `OrganizationalUnits` or `EntireOrganization` . For `OrganizationalUnits` , the data is aggregated from a set of organization units. For `EntireOrganization` , the data is aggregated from the entire AWS organization.", + "title": "OrganizationSourceType", + "type": "string" + }, + "OrganizationalUnits": { + "items": { + "type": "string" + }, + "markdownDescription": "The AWS Organizations organization units included in the sync.", + "title": "OrganizationalUnits", + "type": "array" + } + }, + "required": [ + "OrganizationSourceType" + ], + "type": "object" + }, + "AWS::SSM::ResourceDataSync.S3Destination": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "The name of the S3 bucket where the aggregated data is stored.", + "title": "BucketName", + "type": "string" + }, + "BucketPrefix": { + "markdownDescription": "An Amazon S3 prefix for the bucket.", + "title": "BucketPrefix", + "type": "string" + }, + "BucketRegion": { + "markdownDescription": "The AWS Region with the S3 bucket targeted by the resource data sync.", + "title": "BucketRegion", + "type": "string" + }, + "KMSKeyArn": { + "markdownDescription": "The ARN of an encryption key for a destination in Amazon S3. Must belong to the same Region as the destination S3 bucket.", + "title": "KMSKeyArn", + "type": "string" + }, + "SyncFormat": { + "markdownDescription": "A supported sync format. The following format is currently supported: JsonSerDe", + "title": "SyncFormat", + "type": "string" + } + }, + "required": [ + "BucketName", + "BucketRegion", + "SyncFormat" + ], + "type": "object" + }, + "AWS::SSM::ResourceDataSync.SyncSource": { + "additionalProperties": false, + "properties": { + "AwsOrganizationsSource": { + "$ref": "#/definitions/AWS::SSM::ResourceDataSync.AwsOrganizationsSource", + "markdownDescription": "Information about the AwsOrganizationsSource resource data sync source. A sync source of this type can synchronize data from AWS Organizations .", + "title": "AwsOrganizationsSource" + }, + "IncludeFutureRegions": { + "markdownDescription": "Whether to automatically synchronize and aggregate data from new AWS Regions when those Regions come online.", + "title": "IncludeFutureRegions", + "type": "boolean" + }, + "SourceRegions": { + "items": { + "type": "string" + }, + "markdownDescription": "The `SyncSource` AWS Regions included in the resource data sync.", + "title": "SourceRegions", + "type": "array" + }, + "SourceType": { + "markdownDescription": "The type of data source for the resource data sync. `SourceType` is either `AwsOrganizations` (if an organization is present in AWS Organizations ) or `SingleAccountMultiRegions` .", + "title": "SourceType", + "type": "string" + } + }, + "required": [ + "SourceRegions", + "SourceType" + ], + "type": "object" + }, + "AWS::SSM::ResourcePolicy": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Policy": { + "markdownDescription": "A policy you want to associate with a resource.", + "title": "Policy", + "type": "object" + }, + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource to which you want to attach a policy.", + "title": "ResourceArn", + "type": "string" + } + }, + "required": [ + "Policy", + "ResourceArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SSM::ResourcePolicy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SSMContacts::Contact": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Alias": { + "markdownDescription": "The unique and identifiable alias of the contact or escalation plan.", + "title": "Alias", + "type": "string" + }, + "DisplayName": { + "markdownDescription": "The full name of the contact or escalation plan.", + "title": "DisplayName", + "type": "string" + }, + "Plan": { + "items": { + "$ref": "#/definitions/AWS::SSMContacts::Contact.Stage" + }, + "markdownDescription": "A list of stages. A contact has an engagement plan with stages that contact specified contact channels. An escalation plan uses stages that contact specified contacts.", + "title": "Plan", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of contact.\n\n- `PERSONAL` : A single, individual contact.\n- `ESCALATION` : An escalation plan.\n- `ONCALL_SCHEDULE` : An on-call schedule.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Alias", + "DisplayName", + "Type" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SSMContacts::Contact" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SSMContacts::Contact.ChannelTargetInfo": { + "additionalProperties": false, + "properties": { + "ChannelId": { + "markdownDescription": "The Amazon Resource Name (ARN) of the contact channel.", + "title": "ChannelId", + "type": "string" + }, + "RetryIntervalInMinutes": { + "markdownDescription": "The number of minutes to wait before retrying to send engagement if the engagement initially failed.", + "title": "RetryIntervalInMinutes", + "type": "number" + } + }, + "required": [ + "ChannelId", + "RetryIntervalInMinutes" + ], + "type": "object" + }, + "AWS::SSMContacts::Contact.ContactTargetInfo": { + "additionalProperties": false, + "properties": { + "ContactId": { + "markdownDescription": "The Amazon Resource Name (ARN) of the contact.", + "title": "ContactId", + "type": "string" + }, + "IsEssential": { + "markdownDescription": "A Boolean value determining if the contact's acknowledgement stops the progress of stages in the plan.", + "title": "IsEssential", + "type": "boolean" + } + }, + "required": [ + "ContactId", + "IsEssential" + ], + "type": "object" + }, + "AWS::SSMContacts::Contact.Stage": { + "additionalProperties": false, + "properties": { + "DurationInMinutes": { + "markdownDescription": "The time to wait until beginning the next stage. The duration can only be set to 0 if a target is specified.", + "title": "DurationInMinutes", + "type": "number" + }, + "RotationIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Names (ARNs) of the on-call rotations associated with the plan.", + "title": "RotationIds", + "type": "array" + }, + "Targets": { + "items": { + "$ref": "#/definitions/AWS::SSMContacts::Contact.Targets" + }, + "markdownDescription": "The contacts or contact methods that the escalation plan or engagement plan is engaging.", + "title": "Targets", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SSMContacts::Contact.Targets": { + "additionalProperties": false, + "properties": { + "ChannelTargetInfo": { + "$ref": "#/definitions/AWS::SSMContacts::Contact.ChannelTargetInfo", + "markdownDescription": "Information about the contact channel that Incident Manager engages.", + "title": "ChannelTargetInfo" + }, + "ContactTargetInfo": { + "$ref": "#/definitions/AWS::SSMContacts::Contact.ContactTargetInfo", + "markdownDescription": "The contact that Incident Manager is engaging during an incident.", + "title": "ContactTargetInfo" + } + }, + "type": "object" + }, + "AWS::SSMContacts::ContactChannel": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ChannelAddress": { + "markdownDescription": "The details that Incident Manager uses when trying to engage the contact channel.", + "title": "ChannelAddress", + "type": "string" + }, + "ChannelName": { + "markdownDescription": "The name of the contact channel.", + "title": "ChannelName", + "type": "string" + }, + "ChannelType": { + "markdownDescription": "The type of the contact channel. Incident Manager supports three contact methods:\n\n- SMS\n- VOICE\n- EMAIL", + "title": "ChannelType", + "type": "string" + }, + "ContactId": { + "markdownDescription": "The Amazon Resource Name (ARN) of the contact you are adding the contact channel to.", + "title": "ContactId", + "type": "string" + }, + "DeferActivation": { + "markdownDescription": "If you want to activate the channel at a later time, you can choose to defer activation. Incident Manager can't engage your contact channel until it has been activated.", + "title": "DeferActivation", + "type": "boolean" + } + }, + "required": [ + "ChannelAddress", + "ChannelName", + "ChannelType", + "ContactId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SSMContacts::ContactChannel" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SSMContacts::Plan": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ContactId": { + "markdownDescription": "The Amazon Resource Name (ARN) of the contact.", + "title": "ContactId", + "type": "string" + }, + "RotationIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Names (ARNs) of the on-call rotations associated with the plan.", + "title": "RotationIds", + "type": "array" + }, + "Stages": { + "items": { + "$ref": "#/definitions/AWS::SSMContacts::Plan.Stage" + }, + "markdownDescription": "A list of stages that the escalation plan or engagement plan uses to engage contacts and contact methods.", + "title": "Stages", + "type": "array" + } + }, + "required": [ + "ContactId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SSMContacts::Plan" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SSMContacts::Plan.ChannelTargetInfo": { + "additionalProperties": false, + "properties": { + "ChannelId": { + "markdownDescription": "The Amazon Resource Name (ARN) of the contact channel.", + "title": "ChannelId", + "type": "string" + }, + "RetryIntervalInMinutes": { + "markdownDescription": "The number of minutes to wait before retrying to send engagement if the engagement initially failed.", + "title": "RetryIntervalInMinutes", + "type": "number" + } + }, + "required": [ + "ChannelId", + "RetryIntervalInMinutes" + ], + "type": "object" + }, + "AWS::SSMContacts::Plan.ContactTargetInfo": { + "additionalProperties": false, + "properties": { + "ContactId": { + "markdownDescription": "The Amazon Resource Name (ARN) of the contact.", + "title": "ContactId", + "type": "string" + }, + "IsEssential": { + "markdownDescription": "A Boolean value determining if the contact's acknowledgement stops the progress of stages in the plan.", + "title": "IsEssential", + "type": "boolean" + } + }, + "required": [ + "ContactId", + "IsEssential" + ], + "type": "object" + }, + "AWS::SSMContacts::Plan.Stage": { + "additionalProperties": false, + "properties": { + "DurationInMinutes": { + "markdownDescription": "The time to wait until beginning the next stage. The duration can only be set to 0 if a target is specified.", + "title": "DurationInMinutes", + "type": "number" + }, + "Targets": { + "items": { + "$ref": "#/definitions/AWS::SSMContacts::Plan.Targets" + }, + "markdownDescription": "The contacts or contact methods that the escalation plan or engagement plan is engaging.", + "title": "Targets", + "type": "array" + } + }, + "required": [ + "DurationInMinutes" + ], + "type": "object" + }, + "AWS::SSMContacts::Plan.Targets": { + "additionalProperties": false, + "properties": { + "ChannelTargetInfo": { + "$ref": "#/definitions/AWS::SSMContacts::Plan.ChannelTargetInfo", + "markdownDescription": "Information about the contact channel that Incident Manager engages.", + "title": "ChannelTargetInfo" + }, + "ContactTargetInfo": { + "$ref": "#/definitions/AWS::SSMContacts::Plan.ContactTargetInfo", + "markdownDescription": "Information about the contact that Incident Manager engages.", + "title": "ContactTargetInfo" + } + }, + "type": "object" + }, + "AWS::SSMContacts::Rotation": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ContactIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Names (ARNs) of the contacts to add to the rotation.\n\n> Only the `PERSONAL` contact type is supported. The contact types `ESCALATION` and `ONCALL_SCHEDULE` are not supported for this operation. \n\nThe order in which you list the contacts is their shift order in the rotation schedule.", + "title": "ContactIds", + "type": "array" + }, + "Name": { + "markdownDescription": "The name for the rotation.", + "title": "Name", + "type": "string" + }, + "Recurrence": { + "$ref": "#/definitions/AWS::SSMContacts::Rotation.RecurrenceSettings", + "markdownDescription": "Information about the rule that specifies when shift team members rotate.", + "title": "Recurrence" + }, + "StartTime": { + "markdownDescription": "The date and time the rotation goes into effect.", + "title": "StartTime", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Optional metadata to assign to the rotation. Tags enable you to categorize a resource in different ways, such as by purpose, owner, or environment. For more information, see [Tagging Incident Manager resources](https://docs.aws.amazon.com/incident-manager/latest/userguide/tagging.html) in the *Incident Manager User Guide* .", + "title": "Tags", + "type": "array" + }, + "TimeZoneId": { + "markdownDescription": "The time zone to base the rotation\u2019s activity on, in Internet Assigned Numbers Authority (IANA) format. For example: \"America/Los_Angeles\", \"UTC\", or \"Asia/Seoul\". For more information, see the [Time Zone Database](https://docs.aws.amazon.com/https://www.iana.org/time-zones) on the IANA website.\n\n> Designators for time zones that don\u2019t support Daylight Savings Time rules, such as Pacific Standard Time (PST), are not supported.", + "title": "TimeZoneId", + "type": "string" + } + }, + "required": [ + "ContactIds", + "Name", + "Recurrence", + "StartTime", + "TimeZoneId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SSMContacts::Rotation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SSMContacts::Rotation.CoverageTime": { + "additionalProperties": false, + "properties": { + "EndTime": { + "markdownDescription": "Information about when an on-call rotation shift ends.", + "title": "EndTime", + "type": "string" + }, + "StartTime": { + "markdownDescription": "Information about when an on-call rotation shift begins.", + "title": "StartTime", + "type": "string" + } + }, + "required": [ + "EndTime", + "StartTime" + ], + "type": "object" + }, + "AWS::SSMContacts::Rotation.MonthlySetting": { + "additionalProperties": false, + "properties": { + "DayOfMonth": { + "markdownDescription": "The day of the month when monthly recurring on-call rotations begin.", + "title": "DayOfMonth", + "type": "number" + }, + "HandOffTime": { + "markdownDescription": "The time of day when a monthly recurring on-call shift rotation begins.", + "title": "HandOffTime", + "type": "string" + } + }, + "required": [ + "DayOfMonth", + "HandOffTime" + ], + "type": "object" + }, + "AWS::SSMContacts::Rotation.RecurrenceSettings": { + "additionalProperties": false, + "properties": { + "DailySettings": { + "items": { + "type": "string" + }, + "markdownDescription": "Information about on-call rotations that recur daily.", + "title": "DailySettings", + "type": "array" + }, + "MonthlySettings": { + "items": { + "$ref": "#/definitions/AWS::SSMContacts::Rotation.MonthlySetting" + }, + "markdownDescription": "Information about on-call rotations that recur monthly.", + "title": "MonthlySettings", + "type": "array" + }, + "NumberOfOnCalls": { + "markdownDescription": "The number of contacts, or shift team members designated to be on call concurrently during a shift. For example, in an on-call schedule that contains ten contacts, a value of `2` designates that two of them are on call at any given time.", + "title": "NumberOfOnCalls", + "type": "number" + }, + "RecurrenceMultiplier": { + "markdownDescription": "The number of days, weeks, or months a single rotation lasts.", + "title": "RecurrenceMultiplier", + "type": "number" + }, + "ShiftCoverages": { + "items": { + "$ref": "#/definitions/AWS::SSMContacts::Rotation.ShiftCoverage" + }, + "markdownDescription": "Information about the days of the week included in on-call rotation coverage.", + "title": "ShiftCoverages", + "type": "array" + }, + "WeeklySettings": { + "items": { + "$ref": "#/definitions/AWS::SSMContacts::Rotation.WeeklySetting" + }, + "markdownDescription": "Information about on-call rotations that recur weekly.", + "title": "WeeklySettings", + "type": "array" + } + }, + "required": [ + "NumberOfOnCalls", + "RecurrenceMultiplier" + ], + "type": "object" + }, + "AWS::SSMContacts::Rotation.ShiftCoverage": { + "additionalProperties": false, + "properties": { + "CoverageTimes": { + "items": { + "$ref": "#/definitions/AWS::SSMContacts::Rotation.CoverageTime" + }, + "markdownDescription": "The start and end times of the shift.", + "title": "CoverageTimes", + "type": "array" + }, + "DayOfWeek": { + "markdownDescription": "A list of days on which the schedule is active.", + "title": "DayOfWeek", + "type": "string" + } + }, + "required": [ + "CoverageTimes", + "DayOfWeek" + ], + "type": "object" + }, + "AWS::SSMContacts::Rotation.WeeklySetting": { + "additionalProperties": false, + "properties": { + "DayOfWeek": { + "markdownDescription": "The day of the week when weekly recurring on-call shift rotations begins.", + "title": "DayOfWeek", + "type": "string" + }, + "HandOffTime": { + "markdownDescription": "The time of day when a weekly recurring on-call shift rotation begins.", + "title": "HandOffTime", + "type": "string" + } + }, + "required": [ + "DayOfWeek", + "HandOffTime" + ], + "type": "object" + }, + "AWS::SSMGuiConnect::Preferences": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ConnectionRecordingPreferences": { + "$ref": "#/definitions/AWS::SSMGuiConnect::Preferences.ConnectionRecordingPreferences", + "markdownDescription": "The set of preferences used for recording RDP connections in the requesting AWS account and AWS Region . This includes details such as which S3 bucket recordings are stored in.", + "title": "ConnectionRecordingPreferences" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SSMGuiConnect::Preferences" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::SSMGuiConnect::Preferences.ConnectionRecordingPreferences": { + "additionalProperties": false, + "properties": { + "KMSKeyArn": { + "markdownDescription": "The ARN of a AWS KMS key that is used to encrypt data while it is being processed by the service. This key must exist in the same AWS Region as the node you start an RDP connection to.", + "title": "KMSKeyArn", + "type": "string" + }, + "RecordingDestinations": { + "$ref": "#/definitions/AWS::SSMGuiConnect::Preferences.RecordingDestinations", + "markdownDescription": "Determines where recordings of RDP connections are stored.", + "title": "RecordingDestinations" + } + }, + "required": [ + "KMSKeyArn", + "RecordingDestinations" + ], + "type": "object" + }, + "AWS::SSMGuiConnect::Preferences.RecordingDestinations": { + "additionalProperties": false, + "properties": { + "S3Buckets": { + "items": { + "$ref": "#/definitions/AWS::SSMGuiConnect::Preferences.S3Bucket" + }, + "markdownDescription": "The S3 bucket where RDP connection recordings are stored.", + "title": "S3Buckets", + "type": "array" + } + }, + "required": [ + "S3Buckets" + ], + "type": "object" + }, + "AWS::SSMGuiConnect::Preferences.S3Bucket": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "The name of the S3 bucket where RDP connection recordings are stored.", + "title": "BucketName", + "type": "string" + }, + "BucketOwner": { + "markdownDescription": "The AWS account number that owns the S3 bucket.", + "title": "BucketOwner", + "type": "string" + } + }, + "required": [ + "BucketName", + "BucketOwner" + ], + "type": "object" + }, + "AWS::SSMIncidents::ReplicationSet": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DeletionProtected": { + "markdownDescription": "Determines if the replication set deletion protection is enabled or not. If deletion protection is enabled, you can't delete the last Region in the replication set.", + "title": "DeletionProtected", + "type": "boolean" + }, + "Regions": { + "items": { + "$ref": "#/definitions/AWS::SSMIncidents::ReplicationSet.ReplicationRegion" + }, + "markdownDescription": "Specifies the Regions of the replication set.", + "title": "Regions", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags to add to the replication set.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Regions" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SSMIncidents::ReplicationSet" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SSMIncidents::ReplicationSet.RegionConfiguration": { + "additionalProperties": false, + "properties": { + "SseKmsKeyId": { + "markdownDescription": "The AWS Key Management Service key ID to use to encrypt your replication set.", + "title": "SseKmsKeyId", + "type": "string" + } + }, + "required": [ + "SseKmsKeyId" + ], + "type": "object" + }, + "AWS::SSMIncidents::ReplicationSet.ReplicationRegion": { + "additionalProperties": false, + "properties": { + "RegionConfiguration": { + "$ref": "#/definitions/AWS::SSMIncidents::ReplicationSet.RegionConfiguration", + "markdownDescription": "Specifies the Region configuration.", + "title": "RegionConfiguration" + }, + "RegionName": { + "markdownDescription": "Specifies the region name to add to the replication set.", + "title": "RegionName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SSMIncidents::ResponsePlan": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.Action" + }, + "markdownDescription": "The actions that the response plan starts at the beginning of an incident.", + "title": "Actions", + "type": "array" + }, + "ChatChannel": { + "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.ChatChannel", + "markdownDescription": "The chat channel used for collaboration during an incident.", + "title": "ChatChannel" + }, + "DisplayName": { + "markdownDescription": "The human readable name of the response plan.", + "title": "DisplayName", + "type": "string" + }, + "Engagements": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Name (ARN) for the contacts and escalation plans that the response plan engages during an incident.", + "title": "Engagements", + "type": "array" + }, + "IncidentTemplate": { + "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.IncidentTemplate", + "markdownDescription": "Details used to create an incident when using this response plan.", + "title": "IncidentTemplate" + }, + "Integrations": { + "items": { + "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.Integration" + }, + "markdownDescription": "Information about third-party services integrated into the response plan.", + "title": "Integrations", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the response plan.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "IncidentTemplate", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SSMIncidents::ResponsePlan" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SSMIncidents::ResponsePlan.Action": { + "additionalProperties": false, + "properties": { + "SsmAutomation": { + "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.SsmAutomation", + "markdownDescription": "Details about the Systems Manager automation document that will be used as a runbook during an incident.", + "title": "SsmAutomation" + } + }, + "type": "object" + }, + "AWS::SSMIncidents::ResponsePlan.ChatChannel": { + "additionalProperties": false, + "properties": { + "ChatbotSns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon SNS targets that uses to notify the chat channel of updates to an incident. You can also make updates to the incident through the chat channel by using the Amazon SNS topics", + "title": "ChatbotSns", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SSMIncidents::ResponsePlan.DynamicSsmParameter": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The key parameter to use when running the Systems Manager Automation runbook.", + "title": "Key", + "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.DynamicSsmParameterValue", + "markdownDescription": "The dynamic parameter value.", + "title": "Value" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::SSMIncidents::ResponsePlan.DynamicSsmParameterValue": { + "additionalProperties": false, + "properties": { + "Variable": { + "markdownDescription": "Variable dynamic parameters. A parameter value is determined when an incident is created.", + "title": "Variable", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SSMIncidents::ResponsePlan.IncidentTemplate": { + "additionalProperties": false, + "properties": { + "DedupeString": { + "markdownDescription": "Used to create only one incident record for an incident.", + "title": "DedupeString", + "type": "string" + }, + "Impact": { + "markdownDescription": "Defines the impact to the customers. Providing an impact overwrites the impact provided by a response plan.\n\n**Possible impacts:** - `1` - Critical impact, this typically relates to full application failure that impacts many to all customers.\n- `2` - High impact, partial application failure with impact to many customers.\n- `3` - Medium impact, the application is providing reduced service to customers.\n- `4` - Low impact, customer might aren't impacted by the problem yet.\n- `5` - No impact, customers aren't currently impacted but urgent action is needed to avoid impact.", + "title": "Impact", + "type": "number" + }, + "IncidentTags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags to assign to the template. When the `StartIncident` API action is called, Incident Manager assigns the tags specified in the template to the incident.", + "title": "IncidentTags", + "type": "array" + }, + "NotificationTargets": { + "items": { + "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.NotificationTargetItem" + }, + "markdownDescription": "The Amazon Simple Notification Service ( Amazon SNS ) targets that uses to notify the chat channel of updates to an incident. You can also make updates to the incident through the chat channel using the Amazon SNS topics.", + "title": "NotificationTargets", + "type": "array" + }, + "Summary": { + "markdownDescription": "The summary describes what has happened during the incident.", + "title": "Summary", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the incident is a brief and easily recognizable.", + "title": "Title", + "type": "string" + } + }, + "required": [ + "Impact", + "Title" + ], + "type": "object" + }, + "AWS::SSMIncidents::ResponsePlan.Integration": { + "additionalProperties": false, + "properties": { + "PagerDutyConfiguration": { + "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.PagerDutyConfiguration", + "markdownDescription": "Information about the PagerDuty service where the response plan creates an incident.", + "title": "PagerDutyConfiguration" + } + }, + "required": [ + "PagerDutyConfiguration" + ], + "type": "object" + }, + "AWS::SSMIncidents::ResponsePlan.NotificationTargetItem": { + "additionalProperties": false, + "properties": { + "SnsTopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic.", + "title": "SnsTopicArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SSMIncidents::ResponsePlan.PagerDutyConfiguration": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the PagerDuty configuration.", + "title": "Name", + "type": "string" + }, + "PagerDutyIncidentConfiguration": { + "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.PagerDutyIncidentConfiguration", + "markdownDescription": "Details about the PagerDuty service associated with the configuration.", + "title": "PagerDutyIncidentConfiguration" + }, + "SecretId": { + "markdownDescription": "The ID of the AWS Secrets Manager secret that stores your PagerDuty key, either a General Access REST API Key or User Token REST API Key, and other user credentials.", + "title": "SecretId", + "type": "string" + } + }, + "required": [ + "Name", + "PagerDutyIncidentConfiguration", + "SecretId" + ], + "type": "object" + }, + "AWS::SSMIncidents::ResponsePlan.PagerDutyIncidentConfiguration": { + "additionalProperties": false, + "properties": { + "ServiceId": { + "markdownDescription": "The ID of the PagerDuty service that the response plan associates with an incident when it launches.", + "title": "ServiceId", + "type": "string" + } + }, + "required": [ + "ServiceId" + ], + "type": "object" + }, + "AWS::SSMIncidents::ResponsePlan.SsmAutomation": { + "additionalProperties": false, + "properties": { + "DocumentName": { + "markdownDescription": "The automation document's name.", + "title": "DocumentName", + "type": "string" + }, + "DocumentVersion": { + "markdownDescription": "The version of the runbook to use when running.", + "title": "DocumentVersion", + "type": "string" + }, + "DynamicParameters": { + "items": { + "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.DynamicSsmParameter" + }, + "markdownDescription": "The key-value pairs to resolve dynamic parameter values when processing a Systems Manager Automation runbook.", + "title": "DynamicParameters", + "type": "array" + }, + "Parameters": { + "items": { + "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.SsmParameter" + }, + "markdownDescription": "The key-value pair parameters to use when running the runbook.", + "title": "Parameters", + "type": "array" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role that the automation document will assume when running commands.", + "title": "RoleArn", + "type": "string" + }, + "TargetAccount": { + "markdownDescription": "The account that the automation document will be run in. This can be in either the management account or an application account.", + "title": "TargetAccount", + "type": "string" + } + }, + "required": [ + "DocumentName", + "RoleArn" + ], + "type": "object" + }, + "AWS::SSMIncidents::ResponsePlan.SsmParameter": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The key parameter to use when running the Automation runbook.", + "title": "Key", + "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The value parameter to use when running the Automation runbook.", + "title": "Values", + "type": "array" + } + }, + "required": [ + "Key", + "Values" + ], + "type": "object" + }, + "AWS::SSMQuickSetup::ConfigurationManager": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ConfigurationDefinitions": { + "items": { + "$ref": "#/definitions/AWS::SSMQuickSetup::ConfigurationManager.ConfigurationDefinition" + }, + "markdownDescription": "The definition of the Quick Setup configuration that the configuration manager deploys.", + "title": "ConfigurationDefinitions", + "type": "array" + }, + "Description": { + "markdownDescription": "The description of the configuration.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the configuration", + "title": "Name", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Key-value pairs of metadata to assign to the configuration manager.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "ConfigurationDefinitions" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SSMQuickSetup::ConfigurationManager" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SSMQuickSetup::ConfigurationManager.ConfigurationDefinition": { + "additionalProperties": false, + "properties": { + "LocalDeploymentAdministrationRoleArn": { + "markdownDescription": "The ARN of the IAM role used to administrate local configuration deployments.\n\n> Although this element is listed as \"Required: No\", a value can be omitted only for organizational deployments of types other than `AWSQuickSetupType-PatchPolicy` . A value must be provided when you are running an organizational deployment for a patch policy or running any type of deployment for a single account.", + "title": "LocalDeploymentAdministrationRoleArn", + "type": "string" + }, + "LocalDeploymentExecutionRoleName": { + "markdownDescription": "The name of the IAM role used to deploy local configurations.\n\n> Although this element is listed as \"Required: No\", a value can be omitted only for organizational deployments of types other than `AWSQuickSetupType-PatchPolicy` . A value must be provided when you are running an organizational deployment for a patch policy or running any type of deployment for a single account.", + "title": "LocalDeploymentExecutionRoleName", + "type": "string" + }, + "Parameters": { + "additionalProperties": true, + "markdownDescription": "The parameters for the configuration definition type. Parameters for configuration definitions vary based the configuration type. The following lists outline the parameters for each configuration type.\n\n- **AWS Config Recording (Type: AWS QuickSetupType-CFGRecording)** - - `RecordAllResources`\n\n- Description: (Optional) A boolean value that determines whether all supported resources are recorded. The default value is \" `true` \".\n- `ResourceTypesToRecord`\n\n- Description: (Optional) A comma separated list of resource types you want to record.\n- `RecordGlobalResourceTypes`\n\n- Description: (Optional) A boolean value that determines whether global resources are recorded with all resource configurations. The default value is \" `false` \".\n- `GlobalResourceTypesRegion`\n\n- Description: (Optional) Determines the AWS Region where global resources are recorded.\n- `UseCustomBucket`\n\n- Description: (Optional) A boolean value that determines whether a custom Amazon S3 bucket is used for delivery. The default value is \" `false` \".\n- `DeliveryBucketName`\n\n- Description: (Optional) The name of the Amazon S3 bucket you want AWS Config to deliver configuration snapshots and configuration history files to.\n- `DeliveryBucketPrefix`\n\n- Description: (Optional) The key prefix you want to use in the custom Amazon S3 bucket.\n- `NotificationOptions`\n\n- Description: (Optional) Determines the notification configuration for the recorder. The valid values are `NoStreaming` , `UseExistingTopic` , and `CreateTopic` . The default value is `NoStreaming` .\n- `CustomDeliveryTopicAccountId`\n\n- Description: (Optional) The ID of the AWS account where the Amazon SNS topic you want to use for notifications resides. You must specify a value for this parameter if you use the `UseExistingTopic` notification option.\n- `CustomDeliveryTopicName`\n\n- Description: (Optional) The name of the Amazon SNS topic you want to use for notifications. You must specify a value for this parameter if you use the `UseExistingTopic` notification option.\n- `RemediationSchedule`\n\n- Description: (Optional) A rate expression that defines the schedule for drift remediation. The valid values are `rate(30 days)` , `rate(7 days)` , `rate(1 days)` , and `none` . The default value is \" `none` \".\n- `TargetAccounts`\n\n- Description: (Optional) The ID of the AWS account initiating the configuration deployment. You only need to provide a value for this parameter if you want to deploy the configuration locally. A value must be provided for either `TargetAccounts` or `TargetOrganizationalUnits` .\n- `TargetOrganizationalUnits`\n\n- Description: (Optional) The ID of the root of your Organization. This configuration type doesn't currently support choosing specific OUs. The configuration will be deployed to all the OUs in the Organization.\n- `TargetRegions`\n\n- Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to.\n- **Change Manager (Type: AWS QuickSetupType-SSMChangeMgr)** - - `DelegatedAccountId`\n\n- Description: (Required) The ID of the delegated administrator account.\n- `JobFunction`\n\n- Description: (Required) The name for the Change Manager job function.\n- `PermissionType`\n\n- Description: (Optional) Specifies whether you want to use default administrator permissions for the job function role, or provide a custom IAM policy. The valid values are `CustomPermissions` and `AdminPermissions` . The default value for the parameter is `CustomerPermissions` .\n- `CustomPermissions`\n\n- Description: (Optional) A JSON string containing the IAM policy you want your job function to use. You must provide a value for this parameter if you specify `CustomPermissions` for the `PermissionType` parameter.\n- `TargetOrganizationalUnits`\n\n- Description: (Required) A comma separated list of organizational units (OUs) you want to deploy the configuration to.\n- `TargetRegions`\n\n- Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to.\n- **Conformance Packs (Type: AWS QuickSetupType-CFGCPacks)** - - `DelegatedAccountId`\n\n- Description: (Optional) The ID of the delegated administrator account. This parameter is required for Organization deployments.\n- `RemediationSchedule`\n\n- Description: (Optional) A rate expression that defines the schedule for drift remediation. The valid values are `rate(30 days)` , `rate(14 days)` , `rate(2 days)` , and `none` . The default value is \" `none` \".\n- `CPackNames`\n\n- Description: (Required) A comma separated list of AWS Config conformance packs.\n- `TargetAccounts`\n\n- Description: (Optional) The ID of the AWS account initiating the configuration deployment. You only need to provide a value for this parameter if you want to deploy the configuration locally. A value must be provided for either `TargetAccounts` or `TargetOrganizationalUnits` .\n- `TargetOrganizationalUnits`\n\n- Description: (Optional) The ID of the root of your Organization. This configuration type doesn't currently support choosing specific OUs. The configuration will be deployed to all the OUs in the Organization.\n- `TargetRegions`\n\n- Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to.\n- **Default Host Management Configuration (Type: AWS QuickSetupType-DHMC)** - - `UpdateSSMAgent`\n\n- Description: (Optional) A boolean value that determines whether the SSM Agent is updated on the target instances every 2 weeks. The default value is \" `true` \".\n- `TargetOrganizationalUnits`\n\n- Description: (Required) A comma separated list of organizational units (OUs) you want to deploy the configuration to.\n- `TargetRegions`\n\n- Description: (Required) The AWS Regions to deploy the configuration to. For this type, the parameter only accepts a value of `AllRegions` .\n- **DevOps\u00a0Guru (Type: AWS QuickSetupType-DevOpsGuru)** - - `AnalyseAllResources`\n\n- Description: (Optional) A boolean value that determines whether DevOps\u00a0Guru analyzes all AWS CloudFormation stacks in the account. The default value is \" `false` \".\n- `EnableSnsNotifications`\n\n- Description: (Optional) A boolean value that determines whether DevOps\u00a0Guru sends notifications when an insight is created. The default value is \" `true` \".\n- `EnableSsmOpsItems`\n\n- Description: (Optional) A boolean value that determines whether DevOps\u00a0Guru creates an OpsCenter OpsItem when an insight is created. The default value is \" `true` \".\n- `EnableDriftRemediation`\n\n- Description: (Optional) A boolean value that determines whether a drift remediation schedule is used. The default value is \" `false` \".\n- `RemediationSchedule`\n\n- Description: (Optional) A rate expression that defines the schedule for drift remediation. The valid values are `rate(30 days)` , `rate(14 days)` , `rate(1 days)` , and `none` . The default value is \" `none` \".\n- `TargetAccounts`\n\n- Description: (Optional) The ID of the AWS account initiating the configuration deployment. You only need to provide a value for this parameter if you want to deploy the configuration locally. A value must be provided for either `TargetAccounts` or `TargetOrganizationalUnits` .\n- `TargetOrganizationalUnits`\n\n- Description: (Optional) A comma separated list of organizational units (OUs) you want to deploy the configuration to.\n- `TargetRegions`\n\n- Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to.\n- **Distributor (Type: AWS QuickSetupType-Distributor)** - - `PackagesToInstall`\n\n- Description: (Required) A comma separated list of packages you want to install on the target instances. The valid values are `AWSEFSTools` , `AWSCWAgent` , and `AWSEC2LaunchAgent` .\n- `RemediationSchedule`\n\n- Description: (Optional) A rate expression that defines the schedule for drift remediation. The valid values are `rate(30 days)` , `rate(14 days)` , `rate(2 days)` , and `none` . The default value is \" `rate(30 days)` \".\n- `IsPolicyAttachAllowed`\n\n- Description: (Optional) A boolean value that determines whether Quick Setup attaches policies to instances profiles already associated with the target instances. The default value is \" `false` \".\n- `TargetType`\n\n- Description: (Optional) Determines how instances are targeted for local account deployments. Don't specify a value for this parameter if you're deploying to OUs. The valid values are `*` , `InstanceIds` , `ResourceGroups` , and `Tags` . Use `*` to target all instances in the account.\n- `TargetInstances`\n\n- Description: (Optional) A comma separated list of instance IDs. You must provide a value for this parameter if you specify `InstanceIds` for the `TargetType` parameter.\n- `TargetTagKey`\n\n- Description: (Required) The tag key assigned to the instances you want to target. You must provide a value for this parameter if you specify `Tags` for the `TargetType` parameter.\n- `TargetTagValue`\n\n- Description: (Required) The value of the tag key assigned to the instances you want to target. You must provide a value for this parameter if you specify `Tags` for the `TargetType` parameter.\n- `ResourceGroupName`\n\n- Description: (Required) The name of the resource group associated with the instances you want to target. You must provide a value for this parameter if you specify `ResourceGroups` for the `TargetType` parameter.\n- `TargetAccounts`\n\n- Description: (Optional) The ID of the AWS account initiating the configuration deployment. You only need to provide a value for this parameter if you want to deploy the configuration locally. A value must be provided for either `TargetAccounts` or `TargetOrganizationalUnits` .\n- `TargetOrganizationalUnits`\n\n- Description: (Optional) A comma separated list of organizational units (OUs) you want to deploy the configuration to.\n- `TargetRegions`\n\n- Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to.\n- **Host Management (Type: AWS QuickSetupType-SSMHostMgmt)** - - `UpdateSSMAgent`\n\n- Description: (Optional) A boolean value that determines whether the SSM Agent is updated on the target instances every 2 weeks. The default value is \" `true` \".\n- `UpdateEc2LaunchAgent`\n\n- Description: (Optional) A boolean value that determines whether the EC2 Launch agent is updated on the target instances every month. The default value is \" `false` \".\n- `CollectInventory`\n\n- Description: (Optional) A boolean value that determines whether instance metadata is collected on the target instances every 30 minutes. The default value is \" `true` \".\n- `ScanInstances`\n\n- Description: (Optional) A boolean value that determines whether the target instances are scanned daily for available patches. The default value is \" `true` \".\n- `InstallCloudWatchAgent`\n\n- Description: (Optional) A boolean value that determines whether the Amazon CloudWatch agent is installed on the target instances. The default value is \" `false` \".\n- `UpdateCloudWatchAgent`\n\n- Description: (Optional) A boolean value that determines whether the Amazon CloudWatch agent is updated on the target instances every month. The default value is \" `false` \".\n- `IsPolicyAttachAllowed`\n\n- Description: (Optional) A boolean value that determines whether Quick Setup attaches policies to instances profiles already associated with the target instances. The default value is \" `false` \".\n- `TargetType`\n\n- Description: (Optional) Determines how instances are targeted for local account deployments. Don't specify a value for this parameter if you're deploying to OUs. The valid values are `*` , `InstanceIds` , `ResourceGroups` , and `Tags` . Use `*` to target all instances in the account.\n- `TargetInstances`\n\n- Description: (Optional) A comma separated list of instance IDs. You must provide a value for this parameter if you specify `InstanceIds` for the `TargetType` parameter.\n- `TargetTagKey`\n\n- Description: (Optional) The tag key assigned to the instances you want to target. You must provide a value for this parameter if you specify `Tags` for the `TargetType` parameter.\n- `TargetTagValue`\n\n- Description: (Optional) The value of the tag key assigned to the instances you want to target. You must provide a value for this parameter if you specify `Tags` for the `TargetType` parameter.\n- `ResourceGroupName`\n\n- Description: (Optional) The name of the resource group associated with the instances you want to target. You must provide a value for this parameter if you specify `ResourceGroups` for the `TargetType` parameter.\n- `TargetAccounts`\n\n- Description: (Optional) The ID of the AWS account initiating the configuration deployment. You only need to provide a value for this parameter if you want to deploy the configuration locally. A value must be provided for either `TargetAccounts` or `TargetOrganizationalUnits` .\n- `TargetOrganizationalUnits`\n\n- Description: (Optional) A comma separated list of organizational units (OUs) you want to deploy the configuration to.\n- `TargetRegions`\n\n- Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to.\n- **OpsCenter (Type: AWS QuickSetupType-SSMOpsCenter)** - - `DelegatedAccountId`\n\n- Description: (Required) The ID of the delegated administrator account.\n- `TargetOrganizationalUnits`\n\n- Description: (Required) A comma separated list of organizational units (OUs) you want to deploy the configuration to.\n- `TargetRegions`\n\n- Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to.\n- **Patch Policy (Type: AWS QuickSetupType-PatchPolicy)** - - `PatchPolicyName`\n\n- Description: (Required) A name for the patch policy. The value you provide is applied to target Amazon EC2 instances as a tag.\n- `SelectedPatchBaselines`\n\n- Description: (Required) An array of JSON objects containing the information for the patch baselines to include in your patch policy.\n- `PatchBaselineUseDefault`\n\n- Description: (Optional) A value that determines whether the selected patch baselines are all AWS provided. Supported values are `default` and `custom` .\n- `PatchBaselineRegion`\n\n- Description: (Required) The AWS Region where the patch baseline exist.\n- `ConfigurationOptionsPatchOperation`\n\n- Description: (Optional) Determines whether target instances scan for available patches, or scan and install available patches. The valid values are `Scan` and `ScanAndInstall` . The default value for the parameter is `Scan` .\n- `ConfigurationOptionsScanValue`\n\n- Description: (Optional) A cron expression that is used as the schedule for when instances scan for available patches.\n- `ConfigurationOptionsInstallValue`\n\n- Description: (Optional) A cron expression that is used as the schedule for when instances install available patches.\n- `ConfigurationOptionsScanNextInterval`\n\n- Description: (Optional) A boolean value that determines whether instances should scan for available patches at the next cron interval. The default value is \" `false` \".\n- `ConfigurationOptionsInstallNextInterval`\n\n- Description: (Optional) A boolean value that determines whether instances should scan for available patches at the next cron interval. The default value is \" `false` \".\n- `RebootOption`\n\n- Description: (Optional) Determines whether instances are rebooted after patches are installed. Valid values are `RebootIfNeeded` and `NoReboot` .\n- `IsPolicyAttachAllowed`\n\n- Description: (Optional) A boolean value that determines whether Quick Setup attaches policies to instances profiles already associated with the target instances. The default value is \" `false` \".\n- `OutputLogEnableS3`\n\n- Description: (Optional) A boolean value that determines whether command output logs are sent to Amazon S3.\n- `OutputS3Location`\n\n- Description: (Optional) Information about the Amazon S3 bucket where you want to store the output details of the request.\n\n- `OutputBucketRegion`\n\n- Description: (Optional) The AWS Region where the Amazon S3 bucket you want to deliver command output to is located.\n- `OutputS3BucketName`\n\n- Description: (Optional) The name of the Amazon S3 bucket you want to deliver command output to.\n- `OutputS3KeyPrefix`\n\n- Description: (Optional) The key prefix you want to use in the custom Amazon S3 bucket.\n- `TargetType`\n\n- Description: (Optional) Determines how instances are targeted for local account deployments. Don't specify a value for this parameter if you're deploying to OUs. The valid values are `*` , `InstanceIds` , `ResourceGroups` , and `Tags` . Use `*` to target all instances in the account.\n- `TargetInstances`\n\n- Description: (Optional) A comma separated list of instance IDs. You must provide a value for this parameter if you specify `InstanceIds` for the `TargetType` parameter.\n- `TargetTagKey`\n\n- Description: (Required) The tag key assigned to the instances you want to target. You must provide a value for this parameter if you specify `Tags` for the `TargetType` parameter.\n- `TargetTagValue`\n\n- Description: (Required) The value of the tag key assigned to the instances you want to target. You must provide a value for this parameter if you specify `Tags` for the `TargetType` parameter.\n- `ResourceGroupName`\n\n- Description: (Required) The name of the resource group associated with the instances you want to target. You must provide a value for this parameter if you specify `ResourceGroups` for the `TargetType` parameter.\n- `TargetAccounts`\n\n- Description: (Optional) The ID of the AWS account initiating the configuration deployment. You only need to provide a value for this parameter if you want to deploy the configuration locally. A value must be provided for either `TargetAccounts` or `TargetOrganizationalUnits` .\n- `TargetOrganizationalUnits`\n\n- Description: (Optional) A comma separated list of organizational units (OUs) you want to deploy the configuration to.\n- `TargetRegions`\n\n- Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to.\n- **Resource Explorer (Type: AWS QuickSetupType-ResourceExplorer)** - - `SelectedAggregatorRegion`\n\n- Description: (Required) The AWS Region where you want to create the aggregator index.\n- `ReplaceExistingAggregator`\n\n- Description: (Required) A boolean value that determines whether to demote an existing aggregator if it is in a Region that differs from the value you specify for the `SelectedAggregatorRegion` .\n- `TargetOrganizationalUnits`\n\n- Description: (Required) A comma separated list of organizational units (OUs) you want to deploy the configuration to.\n- `TargetRegions`\n\n- Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to.\n- **Resource Scheduler (Type: AWS QuickSetupType-Scheduler)** - - `TargetTagKey`\n\n- Description: (Required) The tag key assigned to the instances you want to target.\n- `TargetTagValue`\n\n- Description: (Required) The value of the tag key assigned to the instances you want to target.\n- `ICalendarString`\n\n- Description: (Required) An iCalendar formatted string containing the schedule you want Change Manager to use.\n- `TargetAccounts`\n\n- Description: (Optional) The ID of the AWS account initiating the configuration deployment. You only need to provide a value for this parameter if you want to deploy the configuration locally. A value must be provided for either `TargetAccounts` or `TargetOrganizationalUnits` .\n- `TargetOrganizationalUnits`\n\n- Description: (Optional) A comma separated list of organizational units (OUs) you want to deploy the configuration to.\n- `TargetRegions`\n\n- Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Parameters", + "type": "object" + }, + "Type": { + "markdownDescription": "The type of the Quick Setup configuration.", + "title": "Type", + "type": "string" + }, + "TypeVersion": { + "markdownDescription": "The version of the Quick Setup type used.", + "title": "TypeVersion", + "type": "string" + }, + "id": { + "markdownDescription": "The ID of the configuration definition.", + "title": "id", + "type": "string" + } + }, + "required": [ + "Parameters", + "Type" + ], + "type": "object" + }, + "AWS::SSMQuickSetup::ConfigurationManager.StatusSummary": { + "additionalProperties": false, + "properties": { + "LastUpdatedAt": { + "markdownDescription": "The datetime stamp when the status was last updated.", + "title": "LastUpdatedAt", + "type": "string" + }, + "Status": { + "markdownDescription": "The current status.", + "title": "Status", + "type": "string" + }, + "StatusDetails": { + "additionalProperties": true, + "markdownDescription": "Details about the status.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "StatusDetails", + "type": "object" + }, + "StatusMessage": { + "markdownDescription": "When applicable, returns an informational message relevant to the current status and status type of the status summary object. We don't recommend implementing parsing logic around this value since the messages returned can vary in format.", + "title": "StatusMessage", + "type": "string" + }, + "StatusType": { + "markdownDescription": "The type of a status summary.", + "title": "StatusType", + "type": "string" + } + }, + "required": [ + "LastUpdatedAt", + "StatusType" + ], + "type": "object" + }, + "AWS::SSO::Application": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationProviderArn": { + "markdownDescription": "The ARN of the application provider for this application.", + "title": "ApplicationProviderArn", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the application.", + "title": "Description", + "type": "string" + }, + "InstanceArn": { + "markdownDescription": "The ARN of the instance of IAM Identity Center that is configured with this application.", + "title": "InstanceArn", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the application.", + "title": "Name", + "type": "string" + }, + "PortalOptions": { + "$ref": "#/definitions/AWS::SSO::Application.PortalOptionsConfiguration", + "markdownDescription": "A structure that describes the options for the access portal associated with this application.", + "title": "PortalOptions" + }, + "Status": { + "markdownDescription": "The current status of the application in this instance of IAM Identity Center.", + "title": "Status", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies tags to be attached to the application.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "ApplicationProviderArn", + "InstanceArn", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SSO::Application" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SSO::Application.PortalOptionsConfiguration": { + "additionalProperties": false, + "properties": { + "SignInOptions": { + "$ref": "#/definitions/AWS::SSO::Application.SignInOptions", + "markdownDescription": "A structure that describes the sign-in options for the access portal.", + "title": "SignInOptions" + }, + "Visibility": { + "markdownDescription": "Indicates whether this application is visible in the access portal.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SSO::Application.SignInOptions": { + "additionalProperties": false, + "properties": { + "ApplicationUrl": { + "markdownDescription": "The URL that accepts authentication requests for an application. This is a required parameter if the `Origin` parameter is `APPLICATION` .", + "title": "ApplicationUrl", + "type": "string" + }, + "Origin": { + "markdownDescription": "This determines how IAM Identity Center navigates the user to the target application. It can be one of the following values:\n\n- `APPLICATION` : IAM Identity Center redirects the customer to the configured `ApplicationUrl` .\n- `IDENTITY_CENTER` : IAM Identity Center uses SAML identity-provider initiated authentication to sign the customer directly into a SAML-based application.", + "title": "Origin", + "type": "string" + } + }, + "required": [ + "Origin" + ], + "type": "object" + }, + "AWS::SSO::ApplicationAssignment": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationArn": { + "markdownDescription": "The ARN of the application that has principals assigned.", + "title": "ApplicationArn", + "type": "string" + }, + "PrincipalId": { + "markdownDescription": "The unique identifier of the principal assigned to the application.", + "title": "PrincipalId", + "type": "string" + }, + "PrincipalType": { + "markdownDescription": "The type of the principal assigned to the application.", + "title": "PrincipalType", + "type": "string" + } + }, + "required": [ + "ApplicationArn", + "PrincipalId", + "PrincipalType" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SSO::ApplicationAssignment" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SSO::Assignment": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "InstanceArn": { + "markdownDescription": "The ARN of the IAM Identity Center instance under which the operation will be executed. For more information about ARNs, see [Amazon Resource Names (ARNs) and AWS Service Namespaces](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* .", + "title": "InstanceArn", + "type": "string" + }, + "PermissionSetArn": { + "markdownDescription": "The ARN of the permission set.", + "title": "PermissionSetArn", + "type": "string" + }, + "PrincipalId": { + "markdownDescription": "An identifier for an object in IAM Identity Center, such as a user or group. PrincipalIds are GUIDs (For example, f81d4fae-7dec-11d0-a765-00a0c91e6bf6). For more information about PrincipalIds in IAM Identity Center, see the [IAM Identity Center Identity Store API Reference](https://docs.aws.amazon.com//singlesignon/latest/IdentityStoreAPIReference/welcome.html) .", + "title": "PrincipalId", + "type": "string" + }, + "PrincipalType": { + "markdownDescription": "The entity type for which the assignment will be created.", + "title": "PrincipalType", + "type": "string" + }, + "TargetId": { + "markdownDescription": "TargetID is an AWS account identifier, (For example, 123456789012).", + "title": "TargetId", + "type": "string" + }, + "TargetType": { + "markdownDescription": "The entity type for which the assignment will be created.", + "title": "TargetType", + "type": "string" + } + }, + "required": [ + "InstanceArn", + "PermissionSetArn", + "PrincipalId", + "PrincipalType", + "TargetId", + "TargetType" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SSO::Assignment" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SSO::Instance": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the Identity Center instance.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies tags to be attached to the instance of IAM Identity Center.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SSO::Instance" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::SSO::InstanceAccessControlAttributeConfiguration": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AccessControlAttributes": { + "items": { + "$ref": "#/definitions/AWS::SSO::InstanceAccessControlAttributeConfiguration.AccessControlAttribute" + }, + "markdownDescription": "Lists the attributes that are configured for ABAC in the specified IAM Identity Center instance.", + "title": "AccessControlAttributes", + "type": "array" + }, + "InstanceArn": { + "markdownDescription": "The ARN of the IAM Identity Center instance under which the operation will be executed.", + "title": "InstanceArn", + "type": "string" + } + }, + "required": [ + "InstanceArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SSO::InstanceAccessControlAttributeConfiguration" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SSO::InstanceAccessControlAttributeConfiguration.AccessControlAttribute": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The name of the attribute associated with your identities in your identity source. This is used to map a specified attribute in your identity source with an attribute in IAM Identity Center .", + "title": "Key", + "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::SSO::InstanceAccessControlAttributeConfiguration.AccessControlAttributeValue", + "markdownDescription": "The value used for mapping a specified attribute to an identity source.", + "title": "Value" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::SSO::InstanceAccessControlAttributeConfiguration.AccessControlAttributeValue": { + "additionalProperties": false, + "properties": { + "Source": { + "items": { + "type": "string" + }, + "markdownDescription": "The identity source to use when mapping a specified attribute to IAM Identity Center .", + "title": "Source", + "type": "array" + } + }, + "required": [ + "Source" + ], + "type": "object" + }, + "AWS::SSO::PermissionSet": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CustomerManagedPolicyReferences": { + "items": { + "$ref": "#/definitions/AWS::SSO::PermissionSet.CustomerManagedPolicyReference" + }, + "markdownDescription": "Specifies the names and paths of the customer managed policies that you have attached to your permission set.", + "title": "CustomerManagedPolicyReferences", + "type": "array" + }, + "Description": { + "markdownDescription": "The description of the `PermissionSet` .", + "title": "Description", + "type": "string" + }, + "InlinePolicy": { + "markdownDescription": "The inline policy that is attached to the permission set.\n\n> For `Length Constraints` , if a valid ARN is provided for a permission set, it is possible for an empty inline policy to be returned.", + "title": "InlinePolicy", + "type": "object" + }, + "InstanceArn": { + "markdownDescription": "The ARN of the IAM Identity Center instance under which the operation will be executed. For more information about ARNs, see [Amazon Resource Names (ARNs) and AWS Service Namespaces](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* .", + "title": "InstanceArn", + "type": "string" + }, + "ManagedPolicies": { + "items": { + "type": "string" + }, + "markdownDescription": "A structure that stores a list of managed policy ARNs that describe the associated AWS managed policy.", + "title": "ManagedPolicies", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the permission set.", + "title": "Name", + "type": "string" + }, + "PermissionsBoundary": { + "$ref": "#/definitions/AWS::SSO::PermissionSet.PermissionsBoundary", + "markdownDescription": "Specifies the configuration of the AWS managed or customer managed policy that you want to set as a permissions boundary. Specify either `CustomerManagedPolicyReference` to use the name and path of a customer managed policy, or `ManagedPolicyArn` to use the ARN of an AWS managed policy. A permissions boundary represents the maximum permissions that any policy can grant your role. For more information, see [Permissions boundaries for IAM entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) in the *IAM User Guide* .\n\n> Policies used as permissions boundaries don't provide permissions. You must also attach an IAM policy to the role. To learn how the effective permissions for a role are evaluated, see [IAM JSON policy evaluation logic](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html) in the *IAM User Guide* .", + "title": "PermissionsBoundary" + }, + "RelayStateType": { + "markdownDescription": "Used to redirect users within the application during the federation authentication process.", + "title": "RelayStateType", + "type": "string" + }, + "SessionDuration": { + "markdownDescription": "The length of time that the application user sessions are valid for in the ISO-8601 standard.", + "title": "SessionDuration", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to attach to the new `PermissionSet` .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "InstanceArn", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SSO::PermissionSet" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SSO::PermissionSet.CustomerManagedPolicyReference": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the IAM policy that you have configured in each account where you want to deploy your permission set.", + "title": "Name", + "type": "string" + }, + "Path": { + "markdownDescription": "The path to the IAM policy that you have configured in each account where you want to deploy your permission set. The default is `/` . For more information, see [Friendly names and paths](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-friendly-names) in the *IAM User Guide* .", + "title": "Path", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::SSO::PermissionSet.PermissionsBoundary": { + "additionalProperties": false, + "properties": { + "CustomerManagedPolicyReference": { + "$ref": "#/definitions/AWS::SSO::PermissionSet.CustomerManagedPolicyReference", + "markdownDescription": "Specifies the name and path of a customer managed policy. You must have an IAM policy that matches the name and path in each AWS account where you want to deploy your permission set.", + "title": "CustomerManagedPolicyReference" + }, + "ManagedPolicyArn": { + "markdownDescription": "The AWS managed policy ARN that you want to attach to a permission set as a permissions boundary.", + "title": "ManagedPolicyArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::App": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AppName": { + "markdownDescription": "The name of the app.", + "title": "AppName", + "type": "string" + }, + "AppType": { + "markdownDescription": "The type of app.", + "title": "AppType", + "type": "string" + }, + "DomainId": { + "markdownDescription": "The domain ID.", + "title": "DomainId", + "type": "string" + }, + "RecoveryMode": { + "markdownDescription": "", + "title": "RecoveryMode", + "type": "boolean" + }, + "ResourceSpec": { + "$ref": "#/definitions/AWS::SageMaker::App.ResourceSpec", + "markdownDescription": "Specifies the ARNs of a SageMaker image and SageMaker image version, and the instance type that the version runs on.", + "title": "ResourceSpec" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + }, + "UserProfileName": { + "markdownDescription": "The user profile name.", + "title": "UserProfileName", + "type": "string" + } + }, + "required": [ + "AppName", + "AppType", + "DomainId", + "UserProfileName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SageMaker::App" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SageMaker::App.ResourceSpec": { + "additionalProperties": false, + "properties": { + "InstanceType": { + "markdownDescription": "The instance type that the image version runs on.\n\n> *JupyterServer apps* only support the `system` value.\n> \n> For *KernelGateway apps* , the `system` value is translated to `ml.t3.medium` . KernelGateway apps also support all other values for available instance types.", + "title": "InstanceType", + "type": "string" + }, + "LifecycleConfigArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Lifecycle Configuration attached to the Resource.", + "title": "LifecycleConfigArn", + "type": "string" + }, + "SageMakerImageArn": { + "markdownDescription": "The ARN of the SageMaker AI image that the image version belongs to.", + "title": "SageMakerImageArn", + "type": "string" + }, + "SageMakerImageVersionArn": { + "markdownDescription": "The ARN of the image version created on the instance. To clear the value set for `SageMakerImageVersionArn` , pass `None` as the value.", + "title": "SageMakerImageVersionArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::AppImageConfig": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AppImageConfigName": { + "markdownDescription": "The name of the AppImageConfig. Must be unique to your account.", + "title": "AppImageConfigName", + "type": "string" + }, + "CodeEditorAppImageConfig": { + "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.CodeEditorAppImageConfig", + "markdownDescription": "The configuration for the file system and the runtime, such as the environment variables and entry point.", + "title": "CodeEditorAppImageConfig" + }, + "JupyterLabAppImageConfig": { + "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.JupyterLabAppImageConfig", + "markdownDescription": "The configuration for the file system and the runtime, such as the environment variables and entry point.", + "title": "JupyterLabAppImageConfig" + }, + "KernelGatewayImageConfig": { + "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.KernelGatewayImageConfig", + "markdownDescription": "The configuration for the file system and kernels in the SageMaker AI image.", + "title": "KernelGatewayImageConfig" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "AppImageConfigName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SageMaker::AppImageConfig" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SageMaker::AppImageConfig.CodeEditorAppImageConfig": { + "additionalProperties": false, + "properties": { + "ContainerConfig": { + "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.ContainerConfig", + "markdownDescription": "", + "title": "ContainerConfig" + } + }, + "type": "object" + }, + "AWS::SageMaker::AppImageConfig.ContainerConfig": { + "additionalProperties": false, + "properties": { + "ContainerArguments": { + "items": { + "type": "string" + }, + "markdownDescription": "The arguments for the container when you're running the application.", + "title": "ContainerArguments", + "type": "array" + }, + "ContainerEntrypoint": { + "items": { + "type": "string" + }, + "markdownDescription": "The entrypoint used to run the application in the container.", + "title": "ContainerEntrypoint", + "type": "array" + }, + "ContainerEnvironmentVariables": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.CustomImageContainerEnvironmentVariable" + }, + "markdownDescription": "The environment variables to set in the container", + "title": "ContainerEnvironmentVariables", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SageMaker::AppImageConfig.CustomImageContainerEnvironmentVariable": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The key that identifies a container environment variable.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the container environment variable.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::SageMaker::AppImageConfig.FileSystemConfig": { + "additionalProperties": false, + "properties": { + "DefaultGid": { + "markdownDescription": "The default POSIX group ID (GID). If not specified, defaults to `100` .", + "title": "DefaultGid", + "type": "number" + }, + "DefaultUid": { + "markdownDescription": "The default POSIX user ID (UID). If not specified, defaults to `1000` .", + "title": "DefaultUid", + "type": "number" + }, + "MountPath": { + "markdownDescription": "The path within the image to mount the user's EFS home directory. The directory should be empty. If not specified, defaults to */home/sagemaker-user* .", + "title": "MountPath", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::AppImageConfig.JupyterLabAppImageConfig": { + "additionalProperties": false, + "properties": { + "ContainerConfig": { + "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.ContainerConfig", + "markdownDescription": "The configuration used to run the application image container.", + "title": "ContainerConfig" + } + }, + "type": "object" + }, + "AWS::SageMaker::AppImageConfig.KernelGatewayImageConfig": { + "additionalProperties": false, + "properties": { + "FileSystemConfig": { + "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.FileSystemConfig", + "markdownDescription": "The Amazon Elastic File System storage configuration for a SageMaker AI image.", + "title": "FileSystemConfig" + }, + "KernelSpecs": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.KernelSpec" + }, + "markdownDescription": "The specification of the Jupyter kernels in the image.", + "title": "KernelSpecs", + "type": "array" + } + }, + "required": [ + "KernelSpecs" + ], + "type": "object" + }, + "AWS::SageMaker::AppImageConfig.KernelSpec": { + "additionalProperties": false, + "properties": { + "DisplayName": { + "markdownDescription": "The display name of the kernel.", + "title": "DisplayName", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the Jupyter kernel in the image. This value is case sensitive.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::SageMaker::Cluster": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ClusterName": { + "markdownDescription": "The name of the SageMaker HyperPod cluster.", + "title": "ClusterName", + "type": "string" + }, + "InstanceGroups": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Cluster.ClusterInstanceGroup" + }, + "markdownDescription": "The instance groups of the SageMaker HyperPod cluster. To delete an instance group, remove it from the array.", + "title": "InstanceGroups", + "type": "array" + }, + "NodeRecovery": { + "markdownDescription": "Specifies whether to enable or disable the automatic node recovery feature of SageMaker HyperPod. Available values are `Automatic` for enabling and `None` for disabling.", + "title": "NodeRecovery", + "type": "string" + }, + "Orchestrator": { + "$ref": "#/definitions/AWS::SageMaker::Cluster.Orchestrator", + "markdownDescription": "The orchestrator type for the SageMaker HyperPod cluster. Currently, `'eks'` is the only available option.", + "title": "Orchestrator" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A tag object that consists of a key and an optional value, used to manage metadata for SageMaker AWS resources.\n\nYou can add tags to notebook instances, training jobs, hyperparameter tuning jobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations, and endpoints. For more information on adding tags to SageMaker resources, see [AddTags](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html) .\n\nFor more information on adding metadata to your AWS resources with tagging, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) . For advice on best practices for managing AWS resources with tagging, see [Tagging Best Practices: Implement an Effective AWS Resource Tagging Strategy](https://docs.aws.amazon.com/https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf) .", + "title": "Tags", + "type": "array" + }, + "VpcConfig": { + "$ref": "#/definitions/AWS::SageMaker::Cluster.VpcConfig", + "markdownDescription": "Specifies an Amazon Virtual Private Cloud (VPC) that your SageMaker jobs, hosted models, and compute resources have access to. You can control access to and from your resources by configuring a VPC. For more information, see [Give SageMaker Access to Resources in your Amazon VPC](https://docs.aws.amazon.com/sagemaker/latest/dg/infrastructure-give-access.html) .", + "title": "VpcConfig" + } + }, + "required": [ + "InstanceGroups" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SageMaker::Cluster" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SageMaker::Cluster.ClusterEbsVolumeConfig": { + "additionalProperties": false, + "properties": { + "VolumeSizeInGB": { + "markdownDescription": "The size in gigabytes (GB) of the additional EBS volume to be attached to the instances in the SageMaker HyperPod cluster instance group. The additional EBS volume is attached to each instance within the SageMaker HyperPod cluster instance group and mounted to `/opt/sagemaker` .", + "title": "VolumeSizeInGB", + "type": "number" + } + }, + "type": "object" + }, + "AWS::SageMaker::Cluster.ClusterInstanceGroup": { + "additionalProperties": false, + "properties": { + "CurrentCount": { + "markdownDescription": "The number of instances that are currently in the instance group of a SageMaker HyperPod cluster.", + "title": "CurrentCount", + "type": "number" + }, + "ExecutionRole": { + "markdownDescription": "The execution role for the instance group to assume.", + "title": "ExecutionRole", + "type": "string" + }, + "InstanceCount": { + "markdownDescription": "The number of instances in an instance group of the SageMaker HyperPod cluster.", + "title": "InstanceCount", + "type": "number" + }, + "InstanceGroupName": { + "markdownDescription": "The name of the instance group of a SageMaker HyperPod cluster.", + "title": "InstanceGroupName", + "type": "string" + }, + "InstanceStorageConfigs": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Cluster.ClusterInstanceStorageConfig" + }, + "markdownDescription": "The configurations of additional storage specified to the instance group where the instance (node) is launched.", + "title": "InstanceStorageConfigs", + "type": "array" + }, + "InstanceType": { + "markdownDescription": "The instance type of the instance group of a SageMaker HyperPod cluster.", + "title": "InstanceType", + "type": "string" + }, + "LifeCycleConfig": { + "$ref": "#/definitions/AWS::SageMaker::Cluster.ClusterLifeCycleConfig", + "markdownDescription": "The lifecycle configuration for a SageMaker HyperPod cluster.", + "title": "LifeCycleConfig" + }, + "OnStartDeepHealthChecks": { + "items": { + "type": "string" + }, + "markdownDescription": "A flag indicating whether deep health checks should be performed when the HyperPod cluster instance group is created or updated. Deep health checks are comprehensive, invasive tests that validate the health of the underlying hardware and infrastructure components.", + "title": "OnStartDeepHealthChecks", + "type": "array" + }, + "OverrideVpcConfig": { + "$ref": "#/definitions/AWS::SageMaker::Cluster.VpcConfig", + "markdownDescription": "The customized Amazon VPC configuration at the instance group level that overrides the default Amazon VPC configuration of the SageMaker HyperPod cluster.", + "title": "OverrideVpcConfig" + }, + "ThreadsPerCore": { + "markdownDescription": "The number of threads per CPU core you specified under `CreateCluster` .", + "title": "ThreadsPerCore", + "type": "number" + } + }, + "required": [ + "ExecutionRole", + "InstanceCount", + "InstanceGroupName", + "InstanceType", + "LifeCycleConfig" + ], + "type": "object" + }, + "AWS::SageMaker::Cluster.ClusterInstanceStorageConfig": { + "additionalProperties": false, + "properties": { + "EbsVolumeConfig": { + "$ref": "#/definitions/AWS::SageMaker::Cluster.ClusterEbsVolumeConfig", + "markdownDescription": "Defines the configuration for attaching additional Amazon Elastic Block Store (EBS) volumes to the instances in the SageMaker HyperPod cluster instance group. The additional EBS volume is attached to each instance within the SageMaker HyperPod cluster instance group and mounted to `/opt/sagemaker` .", + "title": "EbsVolumeConfig" + } + }, + "type": "object" + }, + "AWS::SageMaker::Cluster.ClusterLifeCycleConfig": { + "additionalProperties": false, + "properties": { + "OnCreate": { + "markdownDescription": "The file name of the entrypoint script of lifecycle scripts under `SourceS3Uri` . This entrypoint script runs during cluster creation.", + "title": "OnCreate", + "type": "string" + }, + "SourceS3Uri": { + "markdownDescription": "An Amazon S3 bucket path where your lifecycle scripts are stored.\n\n> Make sure that the S3 bucket path starts with `s3://sagemaker-` . The [IAM role for SageMaker HyperPod](https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-hyperpod-prerequisites.html#sagemaker-hyperpod-prerequisites-iam-role-for-hyperpod) has the managed [`AmazonSageMakerClusterInstanceRolePolicy`](https://docs.aws.amazon.com/sagemaker/latest/dg/security-iam-awsmanpol-cluster.html) attached, which allows access to S3 buckets with the specific prefix `sagemaker-` .", + "title": "SourceS3Uri", + "type": "string" + } + }, + "required": [ + "OnCreate", + "SourceS3Uri" + ], + "type": "object" + }, + "AWS::SageMaker::Cluster.ClusterOrchestratorEksConfig": { + "additionalProperties": false, + "properties": { + "ClusterArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the SageMaker HyperPod cluster.", + "title": "ClusterArn", + "type": "string" + } + }, + "required": [ + "ClusterArn" + ], + "type": "object" + }, + "AWS::SageMaker::Cluster.Orchestrator": { + "additionalProperties": false, + "properties": { + "Eks": { + "$ref": "#/definitions/AWS::SageMaker::Cluster.ClusterOrchestratorEksConfig", + "markdownDescription": "The configuration of the Amazon EKS orchestrator cluster for the SageMaker HyperPod cluster.", + "title": "Eks" + } + }, + "required": [ + "Eks" + ], + "type": "object" + }, + "AWS::SageMaker::Cluster.VpcConfig": { + "additionalProperties": false, + "properties": { + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The VPC security group IDs, in the form `sg-xxxxxxxx` . Specify the security groups for the VPC that is specified in the `Subnets` field.", + "title": "SecurityGroupIds", + "type": "array" + }, + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The ID of the subnets in the VPC to which you want to connect your training job or model. For information about the availability of specific instance types, see [Supported Instance Types and Availability Zones](https://docs.aws.amazon.com/sagemaker/latest/dg/instance-types-az.html) .", + "title": "Subnets", + "type": "array" + } + }, + "required": [ + "SecurityGroupIds", + "Subnets" + ], + "type": "object" + }, + "AWS::SageMaker::CodeRepository": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CodeRepositoryName": { + "markdownDescription": "The name of the Git repository.", + "title": "CodeRepositoryName", + "type": "string" + }, + "GitConfig": { + "$ref": "#/definitions/AWS::SageMaker::CodeRepository.GitConfig", + "markdownDescription": "Configuration details for the Git repository, including the URL where it is located and the ARN of the AWS Secrets Manager secret that contains the credentials used to access the repository.", + "title": "GitConfig" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "List of tags for Code Repository.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "GitConfig" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SageMaker::CodeRepository" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SageMaker::CodeRepository.GitConfig": { + "additionalProperties": false, + "properties": { + "Branch": { + "markdownDescription": "The default branch for the Git repository.", + "title": "Branch", + "type": "string" + }, + "RepositoryUrl": { + "markdownDescription": "The URL where the Git repository is located.", + "title": "RepositoryUrl", + "type": "string" + }, + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Secrets Manager secret that contains the credentials used to access the git repository. The secret must have a staging label of `AWSCURRENT` and must be in the following format:\n\n`{\"username\": *UserName* , \"password\": *Password* }`", + "title": "SecretArn", + "type": "string" + } + }, + "required": [ + "RepositoryUrl" + ], + "type": "object" + }, + "AWS::SageMaker::DataQualityJobDefinition": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DataQualityAppSpecification": { + "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.DataQualityAppSpecification", + "markdownDescription": "Specifies the container that runs the monitoring job.", + "title": "DataQualityAppSpecification" + }, + "DataQualityBaselineConfig": { + "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.DataQualityBaselineConfig", + "markdownDescription": "Configures the constraints and baselines for the monitoring job.", + "title": "DataQualityBaselineConfig" + }, + "DataQualityJobInput": { + "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.DataQualityJobInput", + "markdownDescription": "A list of inputs for the monitoring job. Currently endpoints are supported as monitoring inputs.", + "title": "DataQualityJobInput" + }, + "DataQualityJobOutputConfig": { + "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.MonitoringOutputConfig", + "markdownDescription": "The output configuration for monitoring jobs.", + "title": "DataQualityJobOutputConfig" + }, + "EndpointName": { + "markdownDescription": "", + "title": "EndpointName", + "type": "string" + }, + "JobDefinitionName": { + "markdownDescription": "The name for the monitoring job definition.", + "title": "JobDefinitionName", + "type": "string" + }, + "JobResources": { + "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.MonitoringResources", + "markdownDescription": "Identifies the resources to deploy for a monitoring job.", + "title": "JobResources" + }, + "NetworkConfig": { + "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.NetworkConfig", + "markdownDescription": "Specifies networking configuration for the monitoring job.", + "title": "NetworkConfig" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to perform tasks on your behalf.", + "title": "RoleArn", + "type": "string" + }, + "StoppingCondition": { + "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.StoppingCondition", + "markdownDescription": "A time limit for how long the monitoring job is allowed to run before stopping.", + "title": "StoppingCondition" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "DataQualityAppSpecification", + "DataQualityJobInput", + "DataQualityJobOutputConfig", + "JobResources", + "RoleArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SageMaker::DataQualityJobDefinition" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SageMaker::DataQualityJobDefinition.BatchTransformInput": { + "additionalProperties": false, + "properties": { + "DataCapturedDestinationS3Uri": { + "markdownDescription": "The Amazon S3 location being used to capture the data.", + "title": "DataCapturedDestinationS3Uri", + "type": "string" + }, + "DatasetFormat": { + "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.DatasetFormat", + "markdownDescription": "The dataset format for your batch transform job.", + "title": "DatasetFormat" + }, + "ExcludeFeaturesAttribute": { + "markdownDescription": "The attributes of the input data to exclude from the analysis.", + "title": "ExcludeFeaturesAttribute", + "type": "string" + }, + "LocalPath": { + "markdownDescription": "Path to the filesystem where the batch transform data is available to the container.", + "title": "LocalPath", + "type": "string" + }, + "S3DataDistributionType": { + "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defaults to `FullyReplicated`", + "title": "S3DataDistributionType", + "type": "string" + }, + "S3InputMode": { + "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", + "title": "S3InputMode", + "type": "string" + } + }, + "required": [ + "DataCapturedDestinationS3Uri", + "DatasetFormat", + "LocalPath" + ], + "type": "object" + }, + "AWS::SageMaker::DataQualityJobDefinition.ClusterConfig": { + "additionalProperties": false, + "properties": { + "InstanceCount": { + "markdownDescription": "The number of ML compute instances to use in the model monitoring job. For distributed processing jobs, specify a value greater than 1. The default value is 1.", + "title": "InstanceCount", + "type": "number" + }, + "InstanceType": { + "markdownDescription": "The ML compute instance type for the processing job.", + "title": "InstanceType", + "type": "string" + }, + "VolumeKmsKeyId": { + "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance(s) that run the model monitoring job.", + "title": "VolumeKmsKeyId", + "type": "string" + }, + "VolumeSizeInGB": { + "markdownDescription": "The size of the ML storage volume, in gigabytes, that you want to provision. You must specify sufficient ML storage for your scenario.", + "title": "VolumeSizeInGB", + "type": "number" + } + }, + "required": [ + "InstanceCount", + "InstanceType", + "VolumeSizeInGB" + ], + "type": "object" + }, + "AWS::SageMaker::DataQualityJobDefinition.ConstraintsResource": { + "additionalProperties": false, + "properties": { + "S3Uri": { + "markdownDescription": "The Amazon S3 URI for the constraints resource.", + "title": "S3Uri", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::DataQualityJobDefinition.Csv": { + "additionalProperties": false, + "properties": { + "Header": { + "markdownDescription": "", + "title": "Header", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::SageMaker::DataQualityJobDefinition.DataQualityAppSpecification": { + "additionalProperties": false, + "properties": { + "ContainerArguments": { + "items": { + "type": "string" + }, + "markdownDescription": "The arguments to send to the container that the monitoring job runs.", + "title": "ContainerArguments", + "type": "array" + }, + "ContainerEntrypoint": { + "items": { + "type": "string" + }, + "markdownDescription": "The entrypoint for a container used to run a monitoring job.", + "title": "ContainerEntrypoint", + "type": "array" + }, + "Environment": { + "additionalProperties": true, + "markdownDescription": "Sets the environment variables in the container that the monitoring job runs.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Environment", + "type": "object" + }, + "ImageUri": { + "markdownDescription": "The container image that the data quality monitoring job runs.", + "title": "ImageUri", + "type": "string" + }, + "PostAnalyticsProcessorSourceUri": { + "markdownDescription": "An Amazon S3 URI to a script that is called after analysis has been performed. Applicable only for the built-in (first party) containers.", + "title": "PostAnalyticsProcessorSourceUri", + "type": "string" + }, + "RecordPreprocessorSourceUri": { + "markdownDescription": "An Amazon S3 URI to a script that is called per row prior to running analysis. It can base64 decode the payload and convert it into a flattened JSON so that the built-in container can use the converted data. Applicable only for the built-in (first party) containers.", + "title": "RecordPreprocessorSourceUri", + "type": "string" + } + }, + "required": [ + "ImageUri" + ], + "type": "object" + }, + "AWS::SageMaker::DataQualityJobDefinition.DataQualityBaselineConfig": { + "additionalProperties": false, + "properties": { + "BaseliningJobName": { + "markdownDescription": "The name of the job that performs baselining for the data quality monitoring job.", + "title": "BaseliningJobName", + "type": "string" + }, + "ConstraintsResource": { + "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.ConstraintsResource", + "markdownDescription": "The constraints resource for a monitoring job.", + "title": "ConstraintsResource" + }, + "StatisticsResource": { + "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.StatisticsResource", + "markdownDescription": "Configuration for monitoring constraints and monitoring statistics. These baseline resources are compared against the results of the current job from the series of jobs scheduled to collect data periodically.", + "title": "StatisticsResource" + } + }, + "type": "object" + }, + "AWS::SageMaker::DataQualityJobDefinition.DataQualityJobInput": { + "additionalProperties": false, + "properties": { + "BatchTransformInput": { + "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.BatchTransformInput", + "markdownDescription": "Input object for the batch transform job.", + "title": "BatchTransformInput" + }, + "EndpointInput": { + "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.EndpointInput", + "markdownDescription": "Input object for the endpoint", + "title": "EndpointInput" + } + }, + "type": "object" + }, + "AWS::SageMaker::DataQualityJobDefinition.DatasetFormat": { + "additionalProperties": false, + "properties": { + "Csv": { + "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.Csv", + "markdownDescription": "", + "title": "Csv" + }, + "Json": { + "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.Json", + "markdownDescription": "", + "title": "Json" + }, + "Parquet": { + "markdownDescription": "", + "title": "Parquet", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::SageMaker::DataQualityJobDefinition.EndpointInput": { + "additionalProperties": false, + "properties": { + "EndpointName": { + "markdownDescription": "An endpoint in customer's account which has enabled `DataCaptureConfig` enabled.", + "title": "EndpointName", + "type": "string" + }, + "ExcludeFeaturesAttribute": { + "markdownDescription": "The attributes of the input data to exclude from the analysis.", + "title": "ExcludeFeaturesAttribute", + "type": "string" + }, + "LocalPath": { + "markdownDescription": "Path to the filesystem where the endpoint data is available to the container.", + "title": "LocalPath", + "type": "string" + }, + "S3DataDistributionType": { + "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an Amazon S3 key. Defaults to `FullyReplicated`", + "title": "S3DataDistributionType", + "type": "string" + }, + "S3InputMode": { + "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", + "title": "S3InputMode", + "type": "string" + } + }, + "required": [ + "EndpointName", + "LocalPath" + ], + "type": "object" + }, + "AWS::SageMaker::DataQualityJobDefinition.Json": { + "additionalProperties": false, + "properties": { + "Line": { + "markdownDescription": "", + "title": "Line", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::SageMaker::DataQualityJobDefinition.MonitoringOutput": { + "additionalProperties": false, + "properties": { + "S3Output": { + "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.S3Output", + "markdownDescription": "The Amazon S3 storage location where the results of a monitoring job are saved.", + "title": "S3Output" + } + }, + "required": [ + "S3Output" + ], + "type": "object" + }, + "AWS::SageMaker::DataQualityJobDefinition.MonitoringOutputConfig": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "markdownDescription": "The AWS Key Management Service ( AWS KMS ) key that Amazon SageMaker AI uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption.", + "title": "KmsKeyId", + "type": "string" + }, + "MonitoringOutputs": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.MonitoringOutput" + }, + "markdownDescription": "Monitoring outputs for monitoring jobs. This is where the output of the periodic monitoring jobs is uploaded.", + "title": "MonitoringOutputs", + "type": "array" + } + }, + "required": [ + "MonitoringOutputs" + ], + "type": "object" + }, + "AWS::SageMaker::DataQualityJobDefinition.MonitoringResources": { + "additionalProperties": false, + "properties": { + "ClusterConfig": { + "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.ClusterConfig", + "markdownDescription": "The configuration for the cluster resources used to run the processing job.", + "title": "ClusterConfig" + } + }, + "required": [ + "ClusterConfig" + ], + "type": "object" + }, + "AWS::SageMaker::DataQualityJobDefinition.NetworkConfig": { + "additionalProperties": false, + "properties": { + "EnableInterContainerTrafficEncryption": { + "markdownDescription": "Whether to encrypt all communications between distributed processing jobs. Choose `True` to encrypt communications. Encryption provides greater security for distributed processing jobs, but the processing might take longer.", + "title": "EnableInterContainerTrafficEncryption", + "type": "boolean" + }, + "EnableNetworkIsolation": { + "markdownDescription": "Whether to allow inbound and outbound network calls to and from the containers used for the processing job.", + "title": "EnableNetworkIsolation", + "type": "boolean" + }, + "VpcConfig": { + "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.VpcConfig", + "markdownDescription": "Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC.", + "title": "VpcConfig" + } + }, + "type": "object" + }, + "AWS::SageMaker::DataQualityJobDefinition.S3Output": { + "additionalProperties": false, + "properties": { + "LocalPath": { + "markdownDescription": "The local path to the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job. LocalPath is an absolute path for the output data.", + "title": "LocalPath", + "type": "string" + }, + "S3UploadMode": { + "markdownDescription": "Whether to upload the results of the monitoring job continuously or after the job completes.", + "title": "S3UploadMode", + "type": "string" + }, + "S3Uri": { + "markdownDescription": "A URI that identifies the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job.", + "title": "S3Uri", + "type": "string" + } + }, + "required": [ + "LocalPath", + "S3Uri" + ], + "type": "object" + }, + "AWS::SageMaker::DataQualityJobDefinition.StatisticsResource": { + "additionalProperties": false, + "properties": { + "S3Uri": { + "markdownDescription": "The Amazon S3 URI for the statistics resource.", + "title": "S3Uri", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::DataQualityJobDefinition.StoppingCondition": { + "additionalProperties": false, + "properties": { + "MaxRuntimeInSeconds": { + "markdownDescription": "The maximum length of time, in seconds, that a training or compilation job can run before it is stopped.\n\nFor compilation jobs, if the job does not complete during this time, a `TimeOut` error is generated. We recommend starting with 900 seconds and increasing as necessary based on your model.\n\nFor all other jobs, if the job does not complete during this time, SageMaker ends the job. When `RetryStrategy` is specified in the job request, `MaxRuntimeInSeconds` specifies the maximum time for all of the attempts in total, not each individual attempt. The default value is 1 day. The maximum value is 28 days.\n\nThe maximum time that a `TrainingJob` can run in total, including any time spent publishing metrics or archiving and uploading models after it has been stopped, is 30 days.", + "title": "MaxRuntimeInSeconds", + "type": "number" + } + }, + "required": [ + "MaxRuntimeInSeconds" + ], + "type": "object" + }, + "AWS::SageMaker::DataQualityJobDefinition.VpcConfig": { + "additionalProperties": false, + "properties": { + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The VPC security group IDs, in the form `sg-xxxxxxxx` . Specify the security groups for the VPC that is specified in the `Subnets` field.", + "title": "SecurityGroupIds", + "type": "array" + }, + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The ID of the subnets in the VPC to which you want to connect your training job or model. For information about the availability of specific instance types, see [Supported Instance Types and Availability Zones](https://docs.aws.amazon.com/sagemaker/latest/dg/instance-types-az.html) .", + "title": "Subnets", + "type": "array" + } + }, + "required": [ + "SecurityGroupIds", + "Subnets" + ], + "type": "object" + }, + "AWS::SageMaker::Device": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Device": { + "$ref": "#/definitions/AWS::SageMaker::Device.Device", + "markdownDescription": "Edge device you want to create.", + "title": "Device" + }, + "DeviceFleetName": { + "markdownDescription": "The name of the fleet the device belongs to.", + "title": "DeviceFleetName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs that contain metadata to help you categorize and organize your devices. Each tag consists of a key and a value, both of which you define.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "DeviceFleetName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SageMaker::Device" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SageMaker::Device.Device": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "Description of the device.", + "title": "Description", + "type": "string" + }, + "DeviceName": { + "markdownDescription": "The name of the device.", + "title": "DeviceName", + "type": "string" + }, + "IotThingName": { + "markdownDescription": "AWS Internet of Things (IoT) object name.", + "title": "IotThingName", + "type": "string" + } + }, + "required": [ + "DeviceName" + ], + "type": "object" + }, + "AWS::SageMaker::DeviceFleet": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the fleet.", + "title": "Description", + "type": "string" + }, + "DeviceFleetName": { + "markdownDescription": "Name of the device fleet.", + "title": "DeviceFleetName", + "type": "string" + }, + "OutputConfig": { + "$ref": "#/definitions/AWS::SageMaker::DeviceFleet.EdgeOutputConfig", + "markdownDescription": "The output configuration for storing sample data collected by the fleet.", + "title": "OutputConfig" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that has access to AWS Internet of Things (IoT).", + "title": "RoleArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs that contain metadata to help you categorize and organize your device fleets. Each tag consists of a key and a value, both of which you define.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "DeviceFleetName", + "OutputConfig", + "RoleArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SageMaker::DeviceFleet" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SageMaker::DeviceFleet.EdgeOutputConfig": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume after compilation job. If you don't provide a KMS key ID, Amazon SageMaker uses the default KMS key for Amazon S3 for your role's account.", + "title": "KmsKeyId", + "type": "string" + }, + "S3OutputLocation": { + "markdownDescription": "The Amazon Simple Storage (S3) bucket URI.", + "title": "S3OutputLocation", + "type": "string" + } + }, + "required": [ + "S3OutputLocation" + ], + "type": "object" + }, + "AWS::SageMaker::Domain": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AppNetworkAccessType": { + "markdownDescription": "Specifies the VPC used for non-EFS traffic. The default value is `PublicInternetOnly` .\n\n- `PublicInternetOnly` - Non-EFS traffic is through a VPC managed by Amazon SageMaker AI , which allows direct internet access\n- `VpcOnly` - All Studio traffic is through the specified VPC and subnets\n\n*Valid Values* : `PublicInternetOnly | VpcOnly`", + "title": "AppNetworkAccessType", + "type": "string" + }, + "AppSecurityGroupManagement": { + "markdownDescription": "The entity that creates and manages the required security groups for inter-app communication in `VpcOnly` mode. Required when `CreateDomain.AppNetworkAccessType` is `VpcOnly` and `DomainSettings.RStudioServerProDomainSettings.DomainExecutionRoleArn` is provided. If setting up the domain for use with RStudio, this value must be set to `Service` .\n\n*Allowed Values* : `Service` | `Customer`", + "title": "AppSecurityGroupManagement", + "type": "string" + }, + "AuthMode": { + "markdownDescription": "The mode of authentication that members use to access the Domain.\n\n*Valid Values* : `SSO | IAM`", + "title": "AuthMode", + "type": "string" + }, + "DefaultSpaceSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.DefaultSpaceSettings", + "markdownDescription": "The default settings for shared spaces that users create in the domain.\n\nSageMaker applies these settings only to shared spaces. It doesn't apply them to private spaces.", + "title": "DefaultSpaceSettings" + }, + "DefaultUserSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.UserSettings", + "markdownDescription": "The default user settings.", + "title": "DefaultUserSettings" + }, + "DomainName": { + "markdownDescription": "The domain name.", + "title": "DomainName", + "type": "string" + }, + "DomainSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.DomainSettings", + "markdownDescription": "A collection of settings that apply to the `SageMaker Domain` . These settings are specified through the `CreateDomain` API call.", + "title": "DomainSettings" + }, + "KmsKeyId": { + "markdownDescription": "SageMaker uses AWS KMS to encrypt the EFS volume attached to the Domain with an AWS managed customer master key (CMK) by default. For more control, specify a customer managed CMK.\n\n*Length Constraints* : Maximum length of 2048.\n\n*Pattern* : `.*`", + "title": "KmsKeyId", + "type": "string" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The VPC subnets that Studio uses for communication.\n\n*Length Constraints* : Maximum length of 32.\n\n*Array members* : Minimum number of 1 item. Maximum number of 16 items.\n\n*Pattern* : `[-0-9a-zA-Z]+`", + "title": "SubnetIds", + "type": "array" + }, + "TagPropagation": { + "markdownDescription": "", + "title": "TagPropagation", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags to associated with the Domain. Each tag consists of a key and an optional value. Tag keys must be unique per resource. Tags are searchable using the Search API.\n\nTags that you specify for the Domain are also added to all apps that are launched in the Domain.\n\n*Array members* : Minimum number of 0 items. Maximum number of 50 items.", + "title": "Tags", + "type": "array" + }, + "VpcId": { + "markdownDescription": "The ID of the Amazon Virtual Private Cloud (Amazon VPC) that Studio uses for communication.\n\n*Length Constraints* : Maximum length of 32.\n\n*Pattern* : `[-0-9a-zA-Z]+`", + "title": "VpcId", + "type": "string" + } + }, + "required": [ + "AuthMode", + "DefaultUserSettings", + "DomainName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SageMaker::Domain" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SageMaker::Domain.AppLifecycleManagement": { + "additionalProperties": false, + "properties": { + "IdleSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.IdleSettings", + "markdownDescription": "Settings related to idle shutdown of Studio applications.", + "title": "IdleSettings" + } + }, + "type": "object" + }, + "AWS::SageMaker::Domain.CodeEditorAppSettings": { + "additionalProperties": false, + "properties": { + "AppLifecycleManagement": { + "$ref": "#/definitions/AWS::SageMaker::Domain.AppLifecycleManagement", + "markdownDescription": "Settings that are used to configure and manage the lifecycle of CodeEditor applications.", + "title": "AppLifecycleManagement" + }, + "BuiltInLifecycleConfigArn": { + "markdownDescription": "The lifecycle configuration that runs before the default lifecycle configuration. It can override changes made in the default lifecycle configuration.", + "title": "BuiltInLifecycleConfigArn", + "type": "string" + }, + "CustomImages": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Domain.CustomImage" + }, + "markdownDescription": "A list of custom SageMaker images that are configured to run as a Code Editor app.", + "title": "CustomImages", + "type": "array" + }, + "DefaultResourceSpec": { + "$ref": "#/definitions/AWS::SageMaker::Domain.ResourceSpec", + "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the Code Editor app.", + "title": "DefaultResourceSpec" + }, + "LifecycleConfigArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Name (ARN) of the Code Editor application lifecycle configuration.", + "title": "LifecycleConfigArns", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SageMaker::Domain.CodeRepository": { + "additionalProperties": false, + "properties": { + "RepositoryUrl": { + "markdownDescription": "The URL of the Git repository.", + "title": "RepositoryUrl", + "type": "string" + } + }, + "required": [ + "RepositoryUrl" + ], + "type": "object" + }, + "AWS::SageMaker::Domain.CustomFileSystemConfig": { + "additionalProperties": false, + "properties": { + "EFSFileSystemConfig": { + "$ref": "#/definitions/AWS::SageMaker::Domain.EFSFileSystemConfig", + "markdownDescription": "The settings for a custom Amazon EFS file system.", + "title": "EFSFileSystemConfig" + }, + "FSxLustreFileSystemConfig": { + "$ref": "#/definitions/AWS::SageMaker::Domain.FSxLustreFileSystemConfig", + "markdownDescription": "The settings for a custom Amazon FSx for Lustre file system.", + "title": "FSxLustreFileSystemConfig" + }, + "S3FileSystemConfig": { + "$ref": "#/definitions/AWS::SageMaker::Domain.S3FileSystemConfig", + "markdownDescription": "Configuration settings for a custom Amazon S3 file system.", + "title": "S3FileSystemConfig" + } + }, + "type": "object" + }, + "AWS::SageMaker::Domain.CustomImage": { + "additionalProperties": false, + "properties": { + "AppImageConfigName": { + "markdownDescription": "The name of the AppImageConfig.", + "title": "AppImageConfigName", + "type": "string" + }, + "ImageName": { + "markdownDescription": "The name of the CustomImage. Must be unique to your account.", + "title": "ImageName", + "type": "string" + }, + "ImageVersionNumber": { + "markdownDescription": "The version number of the CustomImage.", + "title": "ImageVersionNumber", + "type": "number" + } + }, + "required": [ + "AppImageConfigName", + "ImageName" + ], + "type": "object" + }, + "AWS::SageMaker::Domain.CustomPosixUserConfig": { + "additionalProperties": false, + "properties": { + "Gid": { + "markdownDescription": "The POSIX group ID.", + "title": "Gid", + "type": "number" + }, + "Uid": { + "markdownDescription": "The POSIX user ID.", + "title": "Uid", + "type": "number" + } + }, + "required": [ + "Gid", + "Uid" + ], + "type": "object" + }, + "AWS::SageMaker::Domain.DefaultEbsStorageSettings": { + "additionalProperties": false, + "properties": { + "DefaultEbsVolumeSizeInGb": { + "markdownDescription": "The default size of the EBS storage volume for a space.", + "title": "DefaultEbsVolumeSizeInGb", + "type": "number" + }, + "MaximumEbsVolumeSizeInGb": { + "markdownDescription": "The maximum size of the EBS storage volume for a space.", + "title": "MaximumEbsVolumeSizeInGb", + "type": "number" + } + }, + "required": [ + "DefaultEbsVolumeSizeInGb", + "MaximumEbsVolumeSizeInGb" + ], + "type": "object" + }, + "AWS::SageMaker::Domain.DefaultSpaceSettings": { + "additionalProperties": false, + "properties": { + "CustomFileSystemConfigs": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Domain.CustomFileSystemConfig" + }, + "markdownDescription": "The settings for assigning a custom file system to a domain. Permitted users can access this file system in Amazon SageMaker AI Studio.", + "title": "CustomFileSystemConfigs", + "type": "array" + }, + "CustomPosixUserConfig": { + "$ref": "#/definitions/AWS::SageMaker::Domain.CustomPosixUserConfig", + "markdownDescription": "", + "title": "CustomPosixUserConfig" + }, + "ExecutionRole": { + "markdownDescription": "The ARN of the execution role for the space.", + "title": "ExecutionRole", + "type": "string" + }, + "JupyterLabAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.JupyterLabAppSettings", + "markdownDescription": "", + "title": "JupyterLabAppSettings" + }, + "JupyterServerAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.JupyterServerAppSettings", + "markdownDescription": "The JupyterServer app settings.", + "title": "JupyterServerAppSettings" + }, + "KernelGatewayAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.KernelGatewayAppSettings", + "markdownDescription": "The KernelGateway app settings.", + "title": "KernelGatewayAppSettings" + }, + "SecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The security group IDs for the Amazon VPC that the space uses for communication.", + "title": "SecurityGroups", + "type": "array" + }, + "SpaceStorageSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.DefaultSpaceStorageSettings", + "markdownDescription": "", + "title": "SpaceStorageSettings" + } + }, + "required": [ + "ExecutionRole" + ], + "type": "object" + }, + "AWS::SageMaker::Domain.DefaultSpaceStorageSettings": { + "additionalProperties": false, + "properties": { + "DefaultEbsStorageSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.DefaultEbsStorageSettings", + "markdownDescription": "The default EBS storage settings for a space.", + "title": "DefaultEbsStorageSettings" + } + }, + "type": "object" + }, + "AWS::SageMaker::Domain.DockerSettings": { + "additionalProperties": false, + "properties": { + "EnableDockerAccess": { + "markdownDescription": "Indicates whether the domain can access Docker.", + "title": "EnableDockerAccess", + "type": "string" + }, + "VpcOnlyTrustedAccounts": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of AWS accounts that are trusted when the domain is created in VPC-only mode.", + "title": "VpcOnlyTrustedAccounts", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SageMaker::Domain.DomainSettings": { + "additionalProperties": false, + "properties": { + "DockerSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.DockerSettings", + "markdownDescription": "A collection of settings that configure the domain's Docker interaction.", + "title": "DockerSettings" + }, + "ExecutionRoleIdentityConfig": { + "markdownDescription": "The configuration for attaching a SageMaker AI user profile name to the execution role as a [sts:SourceIdentity key](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_monitor.html) .", + "title": "ExecutionRoleIdentityConfig", + "type": "string" + }, + "RStudioServerProDomainSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.RStudioServerProDomainSettings", + "markdownDescription": "A collection of settings that configure the `RStudioServerPro` Domain-level app.", + "title": "RStudioServerProDomainSettings" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The security groups for the Amazon Virtual Private Cloud that the `Domain` uses for communication between Domain-level apps and user apps.", + "title": "SecurityGroupIds", + "type": "array" + }, + "UnifiedStudioSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.UnifiedStudioSettings", + "markdownDescription": "The settings that apply to an SageMaker AI domain when you use it in Amazon SageMaker Unified Studio.", + "title": "UnifiedStudioSettings" + } + }, + "type": "object" + }, + "AWS::SageMaker::Domain.EFSFileSystemConfig": { + "additionalProperties": false, + "properties": { + "FileSystemId": { + "markdownDescription": "The ID of your Amazon EFS file system.", + "title": "FileSystemId", + "type": "string" + }, + "FileSystemPath": { + "markdownDescription": "The path to the file system directory that is accessible in Amazon SageMaker AI Studio. Permitted users can access only this directory and below.", + "title": "FileSystemPath", + "type": "string" + } + }, + "required": [ + "FileSystemId" + ], + "type": "object" + }, + "AWS::SageMaker::Domain.FSxLustreFileSystemConfig": { + "additionalProperties": false, + "properties": { + "FileSystemId": { + "markdownDescription": "The globally unique, 17-digit, ID of the file system, assigned by Amazon FSx for Lustre.", + "title": "FileSystemId", + "type": "string" + }, + "FileSystemPath": { + "markdownDescription": "The path to the file system directory that is accessible in Amazon SageMaker Studio. Permitted users can access only this directory and below.", + "title": "FileSystemPath", + "type": "string" + } + }, + "required": [ + "FileSystemId" + ], + "type": "object" + }, + "AWS::SageMaker::Domain.HiddenSageMakerImage": { + "additionalProperties": false, + "properties": { + "SageMakerImageName": { + "markdownDescription": "The SageMaker image name that you are hiding from the Studio user interface.", + "title": "SageMakerImageName", + "type": "string" + }, + "VersionAliases": { + "items": { + "type": "string" + }, + "markdownDescription": "The version aliases you are hiding from the Studio user interface.", + "title": "VersionAliases", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SageMaker::Domain.IdleSettings": { + "additionalProperties": false, + "properties": { + "IdleTimeoutInMinutes": { + "markdownDescription": "The time that SageMaker waits after the application becomes idle before shutting it down.", + "title": "IdleTimeoutInMinutes", + "type": "number" + }, + "LifecycleManagement": { + "markdownDescription": "Indicates whether idle shutdown is activated for the application type.", + "title": "LifecycleManagement", + "type": "string" + }, + "MaxIdleTimeoutInMinutes": { + "markdownDescription": "The maximum value in minutes that custom idle shutdown can be set to by the user.", + "title": "MaxIdleTimeoutInMinutes", + "type": "number" + }, + "MinIdleTimeoutInMinutes": { + "markdownDescription": "The minimum value in minutes that custom idle shutdown can be set to by the user.", + "title": "MinIdleTimeoutInMinutes", + "type": "number" + } + }, + "type": "object" + }, + "AWS::SageMaker::Domain.JupyterLabAppSettings": { + "additionalProperties": false, + "properties": { + "AppLifecycleManagement": { + "$ref": "#/definitions/AWS::SageMaker::Domain.AppLifecycleManagement", + "markdownDescription": "Indicates whether idle shutdown is activated for JupyterLab applications.", + "title": "AppLifecycleManagement" + }, + "BuiltInLifecycleConfigArn": { + "markdownDescription": "The lifecycle configuration that runs before the default lifecycle configuration. It can override changes made in the default lifecycle configuration.", + "title": "BuiltInLifecycleConfigArn", + "type": "string" + }, + "CodeRepositories": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Domain.CodeRepository" + }, + "markdownDescription": "A list of Git repositories that SageMaker automatically displays to users for cloning in the JupyterLab application.", + "title": "CodeRepositories", + "type": "array" + }, + "CustomImages": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Domain.CustomImage" + }, + "markdownDescription": "A list of custom SageMaker images that are configured to run as a JupyterLab app.", + "title": "CustomImages", + "type": "array" + }, + "DefaultResourceSpec": { + "$ref": "#/definitions/AWS::SageMaker::Domain.ResourceSpec", + "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the JupyterLab app.", + "title": "DefaultResourceSpec" + }, + "LifecycleConfigArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Name (ARN) of the lifecycle configurations attached to the user profile or domain. To remove a lifecycle config, you must set `LifecycleConfigArns` to an empty list.", + "title": "LifecycleConfigArns", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SageMaker::Domain.JupyterServerAppSettings": { + "additionalProperties": false, + "properties": { + "DefaultResourceSpec": { + "$ref": "#/definitions/AWS::SageMaker::Domain.ResourceSpec", + "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the JupyterServer app.", + "title": "DefaultResourceSpec" + }, + "LifecycleConfigArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Name (ARN) of the Lifecycle Configurations attached to the JupyterServerApp. If you use this parameter, the `DefaultResourceSpec` parameter is also required.\n\n> To remove a Lifecycle Config, you must set `LifecycleConfigArns` to an empty list.", + "title": "LifecycleConfigArns", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SageMaker::Domain.KernelGatewayAppSettings": { + "additionalProperties": false, + "properties": { + "CustomImages": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Domain.CustomImage" + }, + "markdownDescription": "A list of custom SageMaker AI images that are configured to run as a KernelGateway app.\n\nThe maximum number of custom images are as follows.\n\n- On a domain level: 200\n- On a space level: 5\n- On a user profile level: 5", + "title": "CustomImages", + "type": "array" + }, + "DefaultResourceSpec": { + "$ref": "#/definitions/AWS::SageMaker::Domain.ResourceSpec", + "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker AI image used by the KernelGateway app.\n\n> The Amazon SageMaker AI Studio UI does not use the default instance type value set here. The default instance type set here is used when Apps are created using the AWS CLI or AWS CloudFormation and the instance type parameter value is not passed.", + "title": "DefaultResourceSpec" + }, + "LifecycleConfigArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Name (ARN) of the Lifecycle Configurations attached to the the user profile or domain.\n\n> To remove a Lifecycle Config, you must set `LifecycleConfigArns` to an empty list.", + "title": "LifecycleConfigArns", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SageMaker::Domain.RSessionAppSettings": { + "additionalProperties": false, + "properties": { + "CustomImages": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Domain.CustomImage" + }, + "markdownDescription": "A list of custom SageMaker AI images that are configured to run as a RSession app.", + "title": "CustomImages", + "type": "array" + }, + "DefaultResourceSpec": { + "$ref": "#/definitions/AWS::SageMaker::Domain.ResourceSpec", + "markdownDescription": "Specifies the ARNs of a SageMaker image and SageMaker image version, and the instance type that the version runs on.", + "title": "DefaultResourceSpec" + } + }, + "type": "object" + }, + "AWS::SageMaker::Domain.RStudioServerProAppSettings": { + "additionalProperties": false, + "properties": { + "AccessStatus": { + "markdownDescription": "Indicates whether the current user has access to the `RStudioServerPro` app.", + "title": "AccessStatus", + "type": "string" + }, + "UserGroup": { + "markdownDescription": "The level of permissions that the user has within the `RStudioServerPro` app. This value defaults to `User`. The `Admin` value allows the user access to the RStudio Administrative Dashboard.", + "title": "UserGroup", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::Domain.RStudioServerProDomainSettings": { + "additionalProperties": false, + "properties": { + "DefaultResourceSpec": { + "$ref": "#/definitions/AWS::SageMaker::Domain.ResourceSpec", + "markdownDescription": "A collection that defines the default `InstanceType` , `SageMakerImageArn` , and `SageMakerImageVersionArn` for the Domain.", + "title": "DefaultResourceSpec" + }, + "DomainExecutionRoleArn": { + "markdownDescription": "The ARN of the execution role for the `RStudioServerPro` Domain-level app.", + "title": "DomainExecutionRoleArn", + "type": "string" + }, + "RStudioConnectUrl": { + "markdownDescription": "A URL pointing to an RStudio Connect server.", + "title": "RStudioConnectUrl", + "type": "string" + }, + "RStudioPackageManagerUrl": { + "markdownDescription": "A URL pointing to an RStudio Package Manager server.", + "title": "RStudioPackageManagerUrl", + "type": "string" + } + }, + "required": [ + "DomainExecutionRoleArn" + ], + "type": "object" + }, + "AWS::SageMaker::Domain.ResourceSpec": { + "additionalProperties": false, + "properties": { + "InstanceType": { + "markdownDescription": "The instance type that the image version runs on.\n\n> *JupyterServer apps* only support the `system` value.\n> \n> For *KernelGateway apps* , the `system` value is translated to `ml.t3.medium` . KernelGateway apps also support all other values for available instance types.", + "title": "InstanceType", + "type": "string" + }, + "LifecycleConfigArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Lifecycle Configuration attached to the Resource.", + "title": "LifecycleConfigArn", + "type": "string" + }, + "SageMakerImageArn": { + "markdownDescription": "The ARN of the SageMaker AI image that the image version belongs to.", + "title": "SageMakerImageArn", + "type": "string" + }, + "SageMakerImageVersionArn": { + "markdownDescription": "The ARN of the image version created on the instance. To clear the value set for `SageMakerImageVersionArn` , pass `None` as the value.", + "title": "SageMakerImageVersionArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::Domain.S3FileSystemConfig": { + "additionalProperties": false, + "properties": { + "MountPath": { + "markdownDescription": "The file system path where the Amazon S3 storage location will be mounted within the Amazon SageMaker Studio environment.", + "title": "MountPath", + "type": "string" + }, + "S3Uri": { + "markdownDescription": "The Amazon S3 URI of the S3 file system configuration.", + "title": "S3Uri", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::Domain.SharingSettings": { + "additionalProperties": false, + "properties": { + "NotebookOutputOption": { + "markdownDescription": "Whether to include the notebook cell output when sharing the notebook. The default is `Disabled` .", + "title": "NotebookOutputOption", + "type": "string" + }, + "S3KmsKeyId": { + "markdownDescription": "When `NotebookOutputOption` is `Allowed` , the AWS Key Management Service (KMS) encryption key ID used to encrypt the notebook cell output in the Amazon S3 bucket.", + "title": "S3KmsKeyId", + "type": "string" + }, + "S3OutputPath": { + "markdownDescription": "When `NotebookOutputOption` is `Allowed` , the Amazon S3 bucket used to store the shared notebook snapshots.", + "title": "S3OutputPath", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::Domain.StudioWebPortalSettings": { + "additionalProperties": false, + "properties": { + "HiddenAppTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The [Applications supported in Studio](https://docs.aws.amazon.com/sagemaker/latest/dg/studio-updated-apps.html) that are hidden from the Studio left navigation pane.", + "title": "HiddenAppTypes", + "type": "array" + }, + "HiddenInstanceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The instance types you are hiding from the Studio user interface.", + "title": "HiddenInstanceTypes", + "type": "array" + }, + "HiddenMlTools": { + "items": { + "type": "string" + }, + "markdownDescription": "The machine learning tools that are hidden from the Studio left navigation pane.", + "title": "HiddenMlTools", + "type": "array" + }, + "HiddenSageMakerImageVersionAliases": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Domain.HiddenSageMakerImage" + }, + "markdownDescription": "The version aliases you are hiding from the Studio user interface.", + "title": "HiddenSageMakerImageVersionAliases", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SageMaker::Domain.UnifiedStudioSettings": { + "additionalProperties": false, + "properties": { + "DomainAccountId": { + "markdownDescription": "The ID of the AWS account that has the Amazon SageMaker Unified Studio domain. The default value, if you don't specify an ID, is the ID of the account that has the Amazon SageMaker AI domain.", + "title": "DomainAccountId", + "type": "string" + }, + "DomainId": { + "markdownDescription": "The ID of the Amazon SageMaker Unified Studio domain associated with this domain.", + "title": "DomainId", + "type": "string" + }, + "DomainRegion": { + "markdownDescription": "The AWS Region where the domain is located in Amazon SageMaker Unified Studio. The default value, if you don't specify a Region, is the Region where the Amazon SageMaker AI domain is located.", + "title": "DomainRegion", + "type": "string" + }, + "EnvironmentId": { + "markdownDescription": "The ID of the environment that Amazon SageMaker Unified Studio associates with the domain.", + "title": "EnvironmentId", + "type": "string" + }, + "ProjectId": { + "markdownDescription": "The ID of the Amazon SageMaker Unified Studio project that corresponds to the domain.", + "title": "ProjectId", + "type": "string" + }, + "ProjectS3Path": { + "markdownDescription": "The location where Amazon S3 stores temporary execution data and other artifacts for the project that corresponds to the domain.", + "title": "ProjectS3Path", + "type": "string" + }, + "SingleSignOnApplicationArn": { + "markdownDescription": "The ARN of the application managed by SageMaker AI and SageMaker Unified Studio in the AWS IAM Identity Center.", + "title": "SingleSignOnApplicationArn", + "type": "string" + }, + "StudioWebPortalAccess": { + "markdownDescription": "Sets whether you can access the domain in Amazon SageMaker Studio:\n\n- **ENABLED** - You can access the domain in Amazon SageMaker Studio. If you migrate the domain to Amazon SageMaker Unified Studio, you can access it in both studio interfaces.\n- **DISABLED** - You can't access the domain in Amazon SageMaker Studio. If you migrate the domain to Amazon SageMaker Unified Studio, you can access it only in that studio interface.\n\nTo migrate a domain to Amazon SageMaker Unified Studio, you specify the UnifiedStudioSettings data type when you use the UpdateDomain action.", + "title": "StudioWebPortalAccess", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::Domain.UserSettings": { + "additionalProperties": false, + "properties": { + "AutoMountHomeEFS": { + "markdownDescription": "Indicates whether auto-mounting of an EFS volume is supported for the user profile. The `DefaultAsDomain` value is only supported for user profiles. Do not use the `DefaultAsDomain` value when setting this parameter for a domain.\n\nSageMaker applies this setting only to private spaces that the user creates in the domain. SageMaker doesn't apply this setting to shared spaces.", + "title": "AutoMountHomeEFS", + "type": "string" + }, + "CodeEditorAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.CodeEditorAppSettings", + "markdownDescription": "The Code Editor application settings.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", + "title": "CodeEditorAppSettings" + }, + "CustomFileSystemConfigs": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Domain.CustomFileSystemConfig" + }, + "markdownDescription": "The settings for assigning a custom file system to a user profile. Permitted users can access this file system in Amazon SageMaker AI Studio.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", + "title": "CustomFileSystemConfigs", + "type": "array" + }, + "CustomPosixUserConfig": { + "$ref": "#/definitions/AWS::SageMaker::Domain.CustomPosixUserConfig", + "markdownDescription": "Details about the POSIX identity that is used for file system operations.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", + "title": "CustomPosixUserConfig" + }, + "DefaultLandingUri": { + "markdownDescription": "The default experience that the user is directed to when accessing the domain. The supported values are:\n\n- `studio::` : Indicates that Studio is the default experience. This value can only be passed if `StudioWebPortal` is set to `ENABLED` .\n- `app:JupyterServer:` : Indicates that Studio Classic is the default experience.", + "title": "DefaultLandingUri", + "type": "string" + }, + "ExecutionRole": { + "markdownDescription": "The execution role for the user.\n\nSageMaker applies this setting only to private spaces that the user creates in the domain. SageMaker doesn't apply this setting to shared spaces.", + "title": "ExecutionRole", + "type": "string" + }, + "JupyterLabAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.JupyterLabAppSettings", + "markdownDescription": "The settings for the JupyterLab application.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", + "title": "JupyterLabAppSettings" + }, + "JupyterServerAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.JupyterServerAppSettings", + "markdownDescription": "The Jupyter server's app settings.", + "title": "JupyterServerAppSettings" + }, + "KernelGatewayAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.KernelGatewayAppSettings", + "markdownDescription": "The kernel gateway app settings.", + "title": "KernelGatewayAppSettings" + }, + "RSessionAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.RSessionAppSettings", + "markdownDescription": "A collection of settings that configure the `RSessionGateway` app.", + "title": "RSessionAppSettings" + }, + "RStudioServerProAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.RStudioServerProAppSettings", + "markdownDescription": "A collection of settings that configure user interaction with the `RStudioServerPro` app.", + "title": "RStudioServerProAppSettings" + }, + "SecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The security groups for the Amazon Virtual Private Cloud (VPC) that the domain uses for communication.\n\nOptional when the `CreateDomain.AppNetworkAccessType` parameter is set to `PublicInternetOnly` .\n\nRequired when the `CreateDomain.AppNetworkAccessType` parameter is set to `VpcOnly` , unless specified as part of the `DefaultUserSettings` for the domain.\n\nAmazon SageMaker AI adds a security group to allow NFS traffic from Amazon SageMaker AI Studio. Therefore, the number of security groups that you can specify is one less than the maximum number shown.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", + "title": "SecurityGroups", + "type": "array" + }, + "SharingSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.SharingSettings", + "markdownDescription": "Specifies options for sharing Amazon SageMaker AI Studio notebooks.", + "title": "SharingSettings" + }, + "SpaceStorageSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.DefaultSpaceStorageSettings", + "markdownDescription": "The storage settings for a space.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", + "title": "SpaceStorageSettings" + }, + "StudioWebPortal": { + "markdownDescription": "Whether the user can access Studio. If this value is set to `DISABLED` , the user cannot access Studio, even if that is the default experience for the domain.", + "title": "StudioWebPortal", + "type": "string" + }, + "StudioWebPortalSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.StudioWebPortalSettings", + "markdownDescription": "Studio settings. If these settings are applied on a user level, they take priority over the settings applied on a domain level.", + "title": "StudioWebPortalSettings" + } + }, + "required": [ + "ExecutionRole" + ], + "type": "object" + }, + "AWS::SageMaker::Endpoint": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DeploymentConfig": { + "$ref": "#/definitions/AWS::SageMaker::Endpoint.DeploymentConfig", + "markdownDescription": "The deployment configuration for an endpoint, which contains the desired deployment strategy and rollback configurations.", + "title": "DeploymentConfig" + }, + "EndpointConfigName": { + "markdownDescription": "The name of the [AWS::SageMaker::EndpointConfig](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sagemaker-endpointconfig.html) resource that specifies the configuration for the endpoint. For more information, see [CreateEndpointConfig](https://docs.aws.amazon.com/sagemaker/latest/dg/API_CreateEndpointConfig.html) .", + "title": "EndpointConfigName", + "type": "string" + }, + "EndpointName": { + "markdownDescription": "The name of the endpoint. The name must be unique within an AWS Region in your AWS account. The name is case-insensitive in `CreateEndpoint` , but the case is preserved and must be matched in [](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_runtime_InvokeEndpoint.html) .", + "title": "EndpointName", + "type": "string" + }, + "ExcludeRetainedVariantProperties": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Endpoint.VariantProperty" + }, + "markdownDescription": "When you are updating endpoint resources with [RetainAllVariantProperties](https://docs.aws.amazon.com/sagemaker/latest/dg/API_UpdateEndpoint.html#SageMaker-UpdateEndpoint-request-RetainAllVariantProperties) whose value is set to `true` , `ExcludeRetainedVariantProperties` specifies the list of type [VariantProperty](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sagemaker-endpoint-variantproperty.html) to override with the values provided by `EndpointConfig` . If you don't specify a value for `ExcludeAllVariantProperties` , no variant properties are overridden. Don't use this property when creating new endpoint resources or when `RetainAllVariantProperties` is set to `false` .", + "title": "ExcludeRetainedVariantProperties", + "type": "array" + }, + "RetainAllVariantProperties": { + "markdownDescription": "When updating endpoint resources, enables or disables the retention of variant properties, such as the instance count or the variant weight. To retain the variant properties of an endpoint when updating it, set `RetainAllVariantProperties` to `true` . To use the variant properties specified in a new `EndpointConfig` call when updating an endpoint, set `RetainAllVariantProperties` to `false` . Use this property only when updating endpoint resources, not when creating new endpoint resources.", + "title": "RetainAllVariantProperties", + "type": "boolean" + }, + "RetainDeploymentConfig": { + "markdownDescription": "Specifies whether to reuse the last deployment configuration. The default value is false (the configuration is not reused).", + "title": "RetainDeploymentConfig", + "type": "boolean" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs to apply to this resource.\n\nFor more information, see [Resource Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) and [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html#allocation-what) in the *AWS Billing and Cost Management User Guide* .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "EndpointConfigName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SageMaker::Endpoint" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SageMaker::Endpoint.Alarm": { + "additionalProperties": false, + "properties": { + "AlarmName": { + "markdownDescription": "The name of a CloudWatch alarm in your account.", + "title": "AlarmName", + "type": "string" + } + }, + "required": [ + "AlarmName" + ], + "type": "object" + }, + "AWS::SageMaker::Endpoint.AutoRollbackConfig": { + "additionalProperties": false, + "properties": { + "Alarms": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Endpoint.Alarm" + }, + "markdownDescription": "List of CloudWatch alarms in your account that are configured to monitor metrics on an endpoint. If any alarms are tripped during a deployment, SageMaker rolls back the deployment.", + "title": "Alarms", + "type": "array" + } + }, + "required": [ + "Alarms" + ], + "type": "object" + }, + "AWS::SageMaker::Endpoint.BlueGreenUpdatePolicy": { + "additionalProperties": false, + "properties": { + "MaximumExecutionTimeoutInSeconds": { + "markdownDescription": "Maximum execution timeout for the deployment. Note that the timeout value should be larger than the total waiting time specified in `TerminationWaitInSeconds` and `WaitIntervalInSeconds` .", + "title": "MaximumExecutionTimeoutInSeconds", + "type": "number" + }, + "TerminationWaitInSeconds": { + "markdownDescription": "Additional waiting time in seconds after the completion of an endpoint deployment before terminating the old endpoint fleet. Default is 0.", + "title": "TerminationWaitInSeconds", + "type": "number" + }, + "TrafficRoutingConfiguration": { + "$ref": "#/definitions/AWS::SageMaker::Endpoint.TrafficRoutingConfig", + "markdownDescription": "Defines the traffic routing strategy to shift traffic from the old fleet to the new fleet during an endpoint deployment.", + "title": "TrafficRoutingConfiguration" + } + }, + "required": [ + "TrafficRoutingConfiguration" + ], + "type": "object" + }, + "AWS::SageMaker::Endpoint.CapacitySize": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "Specifies the endpoint capacity type.\n\n- `INSTANCE_COUNT` : The endpoint activates based on the number of instances.\n- `CAPACITY_PERCENT` : The endpoint activates based on the specified percentage of capacity.", + "title": "Type", + "type": "string" + }, + "Value": { + "markdownDescription": "Defines the capacity size, either as a number of instances or a capacity percentage.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "Type", + "Value" + ], + "type": "object" + }, + "AWS::SageMaker::Endpoint.DeploymentConfig": { + "additionalProperties": false, + "properties": { + "AutoRollbackConfiguration": { + "$ref": "#/definitions/AWS::SageMaker::Endpoint.AutoRollbackConfig", + "markdownDescription": "Automatic rollback configuration for handling endpoint deployment failures and recovery.", + "title": "AutoRollbackConfiguration" + }, + "BlueGreenUpdatePolicy": { + "$ref": "#/definitions/AWS::SageMaker::Endpoint.BlueGreenUpdatePolicy", + "markdownDescription": "Update policy for a blue/green deployment. If this update policy is specified, SageMaker creates a new fleet during the deployment while maintaining the old fleet. SageMaker flips traffic to the new fleet according to the specified traffic routing configuration. Only one update policy should be used in the deployment configuration. If no update policy is specified, SageMaker uses a blue/green deployment strategy with all at once traffic shifting by default.", + "title": "BlueGreenUpdatePolicy" + }, + "RollingUpdatePolicy": { + "$ref": "#/definitions/AWS::SageMaker::Endpoint.RollingUpdatePolicy", + "markdownDescription": "Specifies a rolling deployment strategy for updating a SageMaker endpoint.", + "title": "RollingUpdatePolicy" + } + }, + "type": "object" + }, + "AWS::SageMaker::Endpoint.RollingUpdatePolicy": { + "additionalProperties": false, + "properties": { + "MaximumBatchSize": { + "$ref": "#/definitions/AWS::SageMaker::Endpoint.CapacitySize", + "markdownDescription": "Batch size for each rolling step to provision capacity and turn on traffic on the new endpoint fleet, and terminate capacity on the old endpoint fleet. Value must be between 5% to 50% of the variant's total instance count.", + "title": "MaximumBatchSize" + }, + "MaximumExecutionTimeoutInSeconds": { + "markdownDescription": "The time limit for the total deployment. Exceeding this limit causes a timeout.", + "title": "MaximumExecutionTimeoutInSeconds", + "type": "number" + }, + "RollbackMaximumBatchSize": { + "$ref": "#/definitions/AWS::SageMaker::Endpoint.CapacitySize", + "markdownDescription": "Batch size for rollback to the old endpoint fleet. Each rolling step to provision capacity and turn on traffic on the old endpoint fleet, and terminate capacity on the new endpoint fleet. If this field is absent, the default value will be set to 100% of total capacity which means to bring up the whole capacity of the old fleet at once during rollback.", + "title": "RollbackMaximumBatchSize" + }, + "WaitIntervalInSeconds": { + "markdownDescription": "The length of the baking period, during which SageMaker monitors alarms for each batch on the new fleet.", + "title": "WaitIntervalInSeconds", + "type": "number" + } + }, + "required": [ + "MaximumBatchSize", + "WaitIntervalInSeconds" + ], + "type": "object" + }, + "AWS::SageMaker::Endpoint.TrafficRoutingConfig": { + "additionalProperties": false, + "properties": { + "CanarySize": { + "$ref": "#/definitions/AWS::SageMaker::Endpoint.CapacitySize", + "markdownDescription": "Batch size for the first step to turn on traffic on the new endpoint fleet. `Value` must be less than or equal to 50% of the variant's total instance count.", + "title": "CanarySize" + }, + "LinearStepSize": { + "$ref": "#/definitions/AWS::SageMaker::Endpoint.CapacitySize", + "markdownDescription": "Batch size for each step to turn on traffic on the new endpoint fleet. `Value` must be 10-50% of the variant's total instance count.", + "title": "LinearStepSize" + }, + "Type": { + "markdownDescription": "Traffic routing strategy type.\n\n- `ALL_AT_ONCE` : Endpoint traffic shifts to the new fleet in a single step.\n- `CANARY` : Endpoint traffic shifts to the new fleet in two steps. The first step is the canary, which is a small portion of the traffic. The second step is the remainder of the traffic.\n- `LINEAR` : Endpoint traffic shifts to the new fleet in n steps of a configurable size.", + "title": "Type", + "type": "string" + }, + "WaitIntervalInSeconds": { + "markdownDescription": "The waiting time (in seconds) between incremental steps to turn on traffic on the new endpoint fleet.", + "title": "WaitIntervalInSeconds", + "type": "number" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::SageMaker::Endpoint.VariantProperty": { + "additionalProperties": false, + "properties": { + "VariantPropertyType": { + "markdownDescription": "The type of variant property. The supported values are:\n\n- `DesiredInstanceCount` : Overrides the existing variant instance counts using the [InitialInstanceCount](https://docs.aws.amazon.com/sagemaker/latest/dg/API_ProductionVariant.html#SageMaker-Type-ProductionVariant-InitialInstanceCount) values in the [ProductionVariants](https://docs.aws.amazon.com/sagemaker/latest/dg/API_CreateEndpointConfig.html#SageMaker-CreateEndpointConfig-request-ProductionVariants) .\n- `DesiredWeight` : Overrides the existing variant weights using the [InitialVariantWeight](https://docs.aws.amazon.com/sagemaker/latest/dg/API_ProductionVariant.html#SageMaker-Type-ProductionVariant-InitialVariantWeight) values in the [ProductionVariants](https://docs.aws.amazon.com/sagemaker/latest/dg/API_CreateEndpointConfig.html#SageMaker-CreateEndpointConfig-request-ProductionVariants) .\n- `DataCaptureConfig` : (Not currently supported.)", + "title": "VariantPropertyType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::EndpointConfig": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AsyncInferenceConfig": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.AsyncInferenceConfig", + "markdownDescription": "Specifies configuration for how an endpoint performs asynchronous inference.", + "title": "AsyncInferenceConfig" + }, + "DataCaptureConfig": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.DataCaptureConfig", + "markdownDescription": "Specifies how to capture endpoint data for model monitor. The data capture configuration applies to all production variants hosted at the endpoint.", + "title": "DataCaptureConfig" + }, + "EnableNetworkIsolation": { + "type": "boolean" + }, + "EndpointConfigName": { + "markdownDescription": "The name of the endpoint configuration.", + "title": "EndpointConfigName", + "type": "string" + }, + "ExecutionRoleArn": { + "type": "string" + }, + "ExplainerConfig": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ExplainerConfig", + "markdownDescription": "A parameter to activate explainers.", + "title": "ExplainerConfig" + }, + "KmsKeyId": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Key Management Service key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance that hosts the endpoint.\n\n- Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key ARN: `arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n- Alias name: `alias/ExampleAlias`\n- Alias name ARN: `arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias`\n\nThe KMS key policy must grant permission to the IAM role that you specify in your `CreateEndpoint` , `UpdateEndpoint` requests. For more information, refer to the AWS Key Management Service section [Using Key Policies in AWS KMS](https://docs.aws.amazon.com//kms/latest/developerguide/key-policies.html)\n\n> Certain Nitro-based instances include local storage, dependent on the instance type. Local storage volumes are encrypted using a hardware module on the instance. You can't request a `KmsKeyId` when using an instance type with local storage. If any of the models that you specify in the `ProductionVariants` parameter use nitro-based instances with local storage, do not specify a value for the `KmsKeyId` parameter. If you specify a value for `KmsKeyId` when using any nitro-based instances with local storage, the call to `CreateEndpointConfig` fails.\n> \n> For a list of instance types that support local instance storage, see [Instance Store Volumes](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html#instance-store-volumes) .\n> \n> For more information about local instance storage encryption, see [SSD Instance Store Volumes](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ssd-instance-store.html) .", + "title": "KmsKeyId", + "type": "string" + }, + "ProductionVariants": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ProductionVariant" + }, + "markdownDescription": "A list of `ProductionVariant` objects, one for each model that you want to host at this endpoint.", + "title": "ProductionVariants", + "type": "array" + }, + "ShadowProductionVariants": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ProductionVariant" + }, + "markdownDescription": "Array of `ProductionVariant` objects. There is one for each model that you want to host at this endpoint in shadow mode with production traffic replicated from the model specified on `ProductionVariants` . If you use this field, you can only specify one variant for `ProductionVariants` and one variant for `ShadowProductionVariants` .", + "title": "ShadowProductionVariants", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs to apply to this resource.\n\nFor more information, see [Resource Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) and [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html#allocation-what) .", + "title": "Tags", + "type": "array" + }, + "VpcConfig": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.VpcConfig" + } + }, + "required": [ + "ProductionVariants" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SageMaker::EndpointConfig" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SageMaker::EndpointConfig.AsyncInferenceClientConfig": { + "additionalProperties": false, + "properties": { + "MaxConcurrentInvocationsPerInstance": { + "markdownDescription": "The maximum number of concurrent requests sent by the SageMaker client to the model container. If no value is provided, SageMaker will choose an optimal value for you.", + "title": "MaxConcurrentInvocationsPerInstance", + "type": "number" + } + }, + "type": "object" + }, + "AWS::SageMaker::EndpointConfig.AsyncInferenceConfig": { + "additionalProperties": false, + "properties": { + "ClientConfig": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.AsyncInferenceClientConfig", + "markdownDescription": "Configures the behavior of the client used by SageMaker to interact with the model container during asynchronous inference.", + "title": "ClientConfig" + }, + "OutputConfig": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.AsyncInferenceOutputConfig", + "markdownDescription": "Specifies the configuration for asynchronous inference invocation outputs.", + "title": "OutputConfig" + } + }, + "required": [ + "OutputConfig" + ], + "type": "object" + }, + "AWS::SageMaker::EndpointConfig.AsyncInferenceNotificationConfig": { + "additionalProperties": false, + "properties": { + "ErrorTopic": { + "markdownDescription": "Amazon SNS topic to post a notification to when an inference fails. If no topic is provided, no notification is sent on failure.", + "title": "ErrorTopic", + "type": "string" + }, + "IncludeInferenceResponseIn": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon SNS topics where you want the inference response to be included.\n\n> The inference response is included only if the response size is less than or equal to 128 KB.", + "title": "IncludeInferenceResponseIn", + "type": "array" + }, + "SuccessTopic": { + "markdownDescription": "Amazon SNS topic to post a notification to when an inference completes successfully. If no topic is provided, no notification is sent on success.", + "title": "SuccessTopic", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::EndpointConfig.AsyncInferenceOutputConfig": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt the asynchronous inference output in Amazon S3.", + "title": "KmsKeyId", + "type": "string" + }, + "NotificationConfig": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.AsyncInferenceNotificationConfig", + "markdownDescription": "Specifies the configuration for notifications of inference results for asynchronous inference.", + "title": "NotificationConfig" + }, + "S3FailurePath": { + "markdownDescription": "The Amazon S3 location to upload failure inference responses to.", + "title": "S3FailurePath", + "type": "string" + }, + "S3OutputPath": { + "markdownDescription": "The Amazon S3 location to upload inference responses to.", + "title": "S3OutputPath", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::EndpointConfig.CaptureContentTypeHeader": { + "additionalProperties": false, + "properties": { + "CsvContentTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the CSV content types of the data that the endpoint captures. For the endpoint to capture the data, you must also specify the content type when you invoke the endpoint.", + "title": "CsvContentTypes", + "type": "array" + }, + "JsonContentTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the JSON content types of the data that the endpoint captures. For the endpoint to capture the data, you must also specify the content type when you invoke the endpoint.", + "title": "JsonContentTypes", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SageMaker::EndpointConfig.CaptureOption": { + "additionalProperties": false, + "properties": { + "CaptureMode": { + "markdownDescription": "Specifies whether the endpoint captures input data or output data.", + "title": "CaptureMode", + "type": "string" + } + }, + "required": [ + "CaptureMode" + ], + "type": "object" + }, + "AWS::SageMaker::EndpointConfig.ClarifyExplainerConfig": { + "additionalProperties": false, + "properties": { + "EnableExplanations": { + "markdownDescription": "A JMESPath boolean expression used to filter which records to explain. Explanations are activated by default. See [`EnableExplanations`](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-online-explainability-create-endpoint.html#clarify-online-explainability-create-endpoint-enable) for additional information.", + "title": "EnableExplanations", + "type": "string" + }, + "InferenceConfig": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyInferenceConfig", + "markdownDescription": "The inference configuration parameter for the model container.", + "title": "InferenceConfig" + }, + "ShapConfig": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyShapConfig", + "markdownDescription": "The configuration for SHAP analysis.", + "title": "ShapConfig" + } + }, + "required": [ + "ShapConfig" + ], + "type": "object" + }, + "AWS::SageMaker::EndpointConfig.ClarifyFeatureType": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::SageMaker::EndpointConfig.ClarifyHeader": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::SageMaker::EndpointConfig.ClarifyInferenceConfig": { + "additionalProperties": false, + "properties": { + "ContentTemplate": { + "markdownDescription": "A template string used to format a JSON record into an acceptable model container input. For example, a `ContentTemplate` string `'{\"myfeatures\":$features}'` will format a list of features `[1,2,3]` into the record string `'{\"myfeatures\":[1,2,3]}'` . Required only when the model container input is in JSON Lines format.", + "title": "ContentTemplate", + "type": "string" + }, + "FeatureHeaders": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyHeader" + }, + "markdownDescription": "The names of the features. If provided, these are included in the endpoint response payload to help readability of the `InvokeEndpoint` output. See the [Response](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-online-explainability-invoke-endpoint.html#clarify-online-explainability-response) section under *Invoke the endpoint* in the Developer Guide for more information.", + "title": "FeatureHeaders", + "type": "array" + }, + "FeatureTypes": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyFeatureType" + }, + "markdownDescription": "A list of data types of the features (optional). Applicable only to NLP explainability. If provided, `FeatureTypes` must have at least one `'text'` string (for example, `['text']` ). If `FeatureTypes` is not provided, the explainer infers the feature types based on the baseline data. The feature types are included in the endpoint response payload. For additional information see the [response](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-online-explainability-invoke-endpoint.html#clarify-online-explainability-response) section under *Invoke the endpoint* in the Developer Guide for more information.", + "title": "FeatureTypes", + "type": "array" + }, + "FeaturesAttribute": { + "markdownDescription": "Provides the JMESPath expression to extract the features from a model container input in JSON Lines format. For example, if `FeaturesAttribute` is the JMESPath expression `'myfeatures'` , it extracts a list of features `[1,2,3]` from request data `'{\"myfeatures\":[1,2,3]}'` .", + "title": "FeaturesAttribute", + "type": "string" + }, + "LabelAttribute": { + "markdownDescription": "A JMESPath expression used to locate the list of label headers in the model container output.\n\n*Example* : If the model container output of a batch request is `'{\"labels\":[\"cat\",\"dog\",\"fish\"],\"probability\":[0.6,0.3,0.1]}'` , then set `LabelAttribute` to `'labels'` to extract the list of label headers `[\"cat\",\"dog\",\"fish\"]`", + "title": "LabelAttribute", + "type": "string" + }, + "LabelHeaders": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyHeader" + }, + "markdownDescription": "For multiclass classification problems, the label headers are the names of the classes. Otherwise, the label header is the name of the predicted label. These are used to help readability for the output of the `InvokeEndpoint` API. See the [response](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-online-explainability-invoke-endpoint.html#clarify-online-explainability-response) section under *Invoke the endpoint* in the Developer Guide for more information. If there are no label headers in the model container output, provide them manually using this parameter.", + "title": "LabelHeaders", + "type": "array" + }, + "LabelIndex": { + "markdownDescription": "A zero-based index used to extract a label header or list of label headers from model container output in CSV format.\n\n*Example for a multiclass model:* If the model container output consists of label headers followed by probabilities: `'\"[\\'cat\\',\\'dog\\',\\'fish\\']\",\"[0.1,0.6,0.3]\"'` , set `LabelIndex` to `0` to select the label headers `['cat','dog','fish']` .", + "title": "LabelIndex", + "type": "number" + }, + "MaxPayloadInMB": { + "markdownDescription": "The maximum payload size (MB) allowed of a request from the explainer to the model container. Defaults to `6` MB.", + "title": "MaxPayloadInMB", + "type": "number" + }, + "MaxRecordCount": { + "markdownDescription": "The maximum number of records in a request that the model container can process when querying the model container for the predictions of a [synthetic dataset](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-online-explainability-create-endpoint.html#clarify-online-explainability-create-endpoint-synthetic) . A record is a unit of input data that inference can be made on, for example, a single line in CSV data. If `MaxRecordCount` is `1` , the model container expects one record per request. A value of 2 or greater means that the model expects batch requests, which can reduce overhead and speed up the inferencing process. If this parameter is not provided, the explainer will tune the record count per request according to the model container's capacity at runtime.", + "title": "MaxRecordCount", + "type": "number" + }, + "ProbabilityAttribute": { + "markdownDescription": "A JMESPath expression used to extract the probability (or score) from the model container output if the model container is in JSON Lines format.\n\n*Example* : If the model container output of a single request is `'{\"predicted_label\":1,\"probability\":0.6}'` , then set `ProbabilityAttribute` to `'probability'` .", + "title": "ProbabilityAttribute", + "type": "string" + }, + "ProbabilityIndex": { + "markdownDescription": "A zero-based index used to extract a probability value (score) or list from model container output in CSV format. If this value is not provided, the entire model container output will be treated as a probability value (score) or list.\n\n*Example for a single class model:* If the model container output consists of a string-formatted prediction label followed by its probability: `'1,0.6'` , set `ProbabilityIndex` to `1` to select the probability value `0.6` .\n\n*Example for a multiclass model:* If the model container output consists of a string-formatted prediction label followed by its probability: `'\"[\\'cat\\',\\'dog\\',\\'fish\\']\",\"[0.1,0.6,0.3]\"'` , set `ProbabilityIndex` to `1` to select the probability values `[0.1,0.6,0.3]` .", + "title": "ProbabilityIndex", + "type": "number" + } + }, + "type": "object" + }, + "AWS::SageMaker::EndpointConfig.ClarifyShapBaselineConfig": { + "additionalProperties": false, + "properties": { + "MimeType": { + "markdownDescription": "The MIME type of the baseline data. Choose from `'text/csv'` or `'application/jsonlines'` . Defaults to `'text/csv'` .", + "title": "MimeType", + "type": "string" + }, + "ShapBaseline": { + "markdownDescription": "The inline SHAP baseline data in string format. `ShapBaseline` can have one or multiple records to be used as the baseline dataset. The format of the SHAP baseline file should be the same format as the training dataset. For example, if the training dataset is in CSV format and each record contains four features, and all features are numerical, then the format of the baseline data should also share these characteristics. For natural language processing (NLP) of text columns, the baseline value should be the value used to replace the unit of text specified by the `Granularity` of the `TextConfig` parameter. The size limit for `ShapBasline` is 4 KB. Use the `ShapBaselineUri` parameter if you want to provide more than 4 KB of baseline data.", + "title": "ShapBaseline", + "type": "string" + }, + "ShapBaselineUri": { + "markdownDescription": "The uniform resource identifier (URI) of the S3 bucket where the SHAP baseline file is stored. The format of the SHAP baseline file should be the same format as the format of the training dataset. For example, if the training dataset is in CSV format, and each record in the training dataset has four features, and all features are numerical, then the baseline file should also have this same format. Each record should contain only the features. If you are using a virtual private cloud (VPC), the `ShapBaselineUri` should be accessible to the VPC. For more information about setting up endpoints with Amazon Virtual Private Cloud, see [Give SageMaker access to Resources in your Amazon Virtual Private Cloud](https://docs.aws.amazon.com/sagemaker/latest/dg/infrastructure-give-access.html) .", + "title": "ShapBaselineUri", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::EndpointConfig.ClarifyShapConfig": { + "additionalProperties": false, + "properties": { + "NumberOfSamples": { + "markdownDescription": "The number of samples to be used for analysis by the Kernal SHAP algorithm.\n\n> The number of samples determines the size of the synthetic dataset, which has an impact on latency of explainability requests. For more information, see the *Synthetic data* of [Configure and create an endpoint](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-online-explainability-create-endpoint.html) .", + "title": "NumberOfSamples", + "type": "number" + }, + "Seed": { + "markdownDescription": "The starting value used to initialize the random number generator in the explainer. Provide a value for this parameter to obtain a deterministic SHAP result.", + "title": "Seed", + "type": "number" + }, + "ShapBaselineConfig": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyShapBaselineConfig", + "markdownDescription": "The configuration for the SHAP baseline of the Kernal SHAP algorithm.", + "title": "ShapBaselineConfig" + }, + "TextConfig": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyTextConfig", + "markdownDescription": "A parameter that indicates if text features are treated as text and explanations are provided for individual units of text. Required for natural language processing (NLP) explainability only.", + "title": "TextConfig" + }, + "UseLogit": { + "markdownDescription": "A Boolean toggle to indicate if you want to use the logit function (true) or log-odds units (false) for model predictions. Defaults to false.", + "title": "UseLogit", + "type": "boolean" + } + }, + "required": [ + "ShapBaselineConfig" + ], + "type": "object" + }, + "AWS::SageMaker::EndpointConfig.ClarifyTextConfig": { + "additionalProperties": false, + "properties": { + "Granularity": { + "markdownDescription": "The unit of granularity for the analysis of text features. For example, if the unit is `'token'` , then each token (like a word in English) of the text is treated as a feature. SHAP values are computed for each unit/feature.", + "title": "Granularity", + "type": "string" + }, + "Language": { + "markdownDescription": "Specifies the language of the text features in [ISO 639-1](https://docs.aws.amazon.com/ https://en.wikipedia.org/wiki/List_of_ISO_639-1_codes) or [ISO 639-3](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/ISO_639-3) code of a supported language.\n\n> For a mix of multiple languages, use code `'xx'` .", + "title": "Language", + "type": "string" + } + }, + "required": [ + "Granularity", + "Language" + ], + "type": "object" + }, + "AWS::SageMaker::EndpointConfig.DataCaptureConfig": { + "additionalProperties": false, + "properties": { + "CaptureContentTypeHeader": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.CaptureContentTypeHeader", + "markdownDescription": "A list of the JSON and CSV content type that the endpoint captures.", + "title": "CaptureContentTypeHeader" + }, + "CaptureOptions": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.CaptureOption" + }, + "markdownDescription": "Specifies whether the endpoint captures input data to your model, output data from your model, or both.", + "title": "CaptureOptions", + "type": "array" + }, + "DestinationS3Uri": { + "markdownDescription": "The S3 bucket where model monitor stores captured data.", + "title": "DestinationS3Uri", + "type": "string" + }, + "EnableCapture": { + "markdownDescription": "Set to `True` to enable data capture.", + "title": "EnableCapture", + "type": "boolean" + }, + "InitialSamplingPercentage": { + "markdownDescription": "The percentage of data to capture.", + "title": "InitialSamplingPercentage", + "type": "number" + }, + "KmsKeyId": { + "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt the captured data at rest using Amazon S3 server-side encryption. The KmsKeyId can be any of the following formats: Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab Key ARN: arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab Alias name: alias/ExampleAlias Alias name ARN: arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias If you don't provide a KMS key ID, Amazon SageMaker uses the default KMS key for Amazon S3 for your role's account. For more information, see KMS-Managed Encryption Keys (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingKMSEncryption.html) in the Amazon Simple Storage Service Developer Guide. The KMS key policy must grant permission to the IAM role that you specify in your CreateModel (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateModel.html) request. For more information, see Using Key Policies in AWS KMS (http://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html) in the AWS Key Management Service Developer Guide.", + "title": "KmsKeyId", + "type": "string" + } + }, + "required": [ + "CaptureOptions", + "DestinationS3Uri", + "InitialSamplingPercentage" + ], + "type": "object" + }, + "AWS::SageMaker::EndpointConfig.ExplainerConfig": { + "additionalProperties": false, + "properties": { + "ClarifyExplainerConfig": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyExplainerConfig", + "markdownDescription": "A member of `ExplainerConfig` that contains configuration parameters for the SageMaker Clarify explainer.", + "title": "ClarifyExplainerConfig" + } + }, + "type": "object" + }, + "AWS::SageMaker::EndpointConfig.ManagedInstanceScaling": { + "additionalProperties": false, + "properties": { + "MaxInstanceCount": { + "type": "number" + }, + "MinInstanceCount": { + "type": "number" + }, + "Status": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::EndpointConfig.ProductionVariant": { + "additionalProperties": false, + "properties": { + "ContainerStartupHealthCheckTimeoutInSeconds": { + "markdownDescription": "The timeout value, in seconds, for your inference container to pass health check by SageMaker Hosting. For more information about health check, see [How Your Container Should Respond to Health Check (Ping) Requests](https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms-inference-code.html#your-algorithms-inference-algo-ping-requests) .", + "title": "ContainerStartupHealthCheckTimeoutInSeconds", + "type": "number" + }, + "EnableSSMAccess": { + "markdownDescription": "You can use this parameter to turn on native AWS Systems Manager (SSM) access for a production variant behind an endpoint. By default, SSM access is disabled for all production variants behind an endpoint. You can turn on or turn off SSM access for a production variant behind an existing endpoint by creating a new endpoint configuration and calling `UpdateEndpoint` .", + "title": "EnableSSMAccess", + "type": "boolean" + }, + "InferenceAmiVersion": { + "type": "string" + }, + "InitialInstanceCount": { + "markdownDescription": "Number of instances to launch initially.", + "title": "InitialInstanceCount", + "type": "number" + }, + "InitialVariantWeight": { + "markdownDescription": "Determines initial traffic distribution among all of the models that you specify in the endpoint configuration. The traffic to a production variant is determined by the ratio of the `VariantWeight` to the sum of all `VariantWeight` values across all ProductionVariants. If unspecified, it defaults to 1.0.", + "title": "InitialVariantWeight", + "type": "number" + }, + "InstanceType": { + "markdownDescription": "The ML compute instance type.", + "title": "InstanceType", + "type": "string" + }, + "ManagedInstanceScaling": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ManagedInstanceScaling" + }, + "ModelDataDownloadTimeoutInSeconds": { + "markdownDescription": "The timeout value, in seconds, to download and extract the model that you want to host from Amazon S3 to the individual inference instance associated with this production variant.", + "title": "ModelDataDownloadTimeoutInSeconds", + "type": "number" + }, + "ModelName": { + "markdownDescription": "The name of the model that you want to host. This is the name that you specified when creating the model.", + "title": "ModelName", + "type": "string" + }, + "RoutingConfig": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.RoutingConfig" + }, + "ServerlessConfig": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ServerlessConfig", + "markdownDescription": "The serverless configuration for an endpoint. Specifies a serverless endpoint configuration instead of an instance-based endpoint configuration.", + "title": "ServerlessConfig" + }, + "VariantName": { + "markdownDescription": "The name of the production variant.", + "title": "VariantName", + "type": "string" + }, + "VolumeSizeInGB": { + "markdownDescription": "The size, in GB, of the ML storage volume attached to individual inference instance associated with the production variant. Currently only Amazon EBS gp2 storage volumes are supported.", + "title": "VolumeSizeInGB", + "type": "number" + } + }, + "required": [ + "VariantName" + ], + "type": "object" + }, + "AWS::SageMaker::EndpointConfig.RoutingConfig": { + "additionalProperties": false, + "properties": { + "RoutingStrategy": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::EndpointConfig.ServerlessConfig": { + "additionalProperties": false, + "properties": { + "MaxConcurrency": { + "markdownDescription": "The maximum number of concurrent invocations your serverless endpoint can process.", + "title": "MaxConcurrency", + "type": "number" + }, + "MemorySizeInMB": { + "markdownDescription": "The memory size of your serverless endpoint. Valid values are in 1 GB increments: 1024 MB, 2048 MB, 3072 MB, 4096 MB, 5120 MB, or 6144 MB.", + "title": "MemorySizeInMB", + "type": "number" + }, + "ProvisionedConcurrency": { + "markdownDescription": "The amount of provisioned concurrency to allocate for the serverless endpoint. Should be less than or equal to `MaxConcurrency` .\n\n> This field is not supported for serverless endpoint recommendations for Inference Recommender jobs. For more information about creating an Inference Recommender job, see [CreateInferenceRecommendationsJobs](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateInferenceRecommendationsJob.html) .", + "title": "ProvisionedConcurrency", + "type": "number" + } + }, + "required": [ + "MaxConcurrency", + "MemorySizeInMB" + ], + "type": "object" + }, + "AWS::SageMaker::EndpointConfig.VpcConfig": { + "additionalProperties": false, + "properties": { + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "type": "array" + }, + "Subnets": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "SecurityGroupIds", + "Subnets" + ], + "type": "object" + }, + "AWS::SageMaker::FeatureGroup": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A free form description of a `FeatureGroup` .", + "title": "Description", + "type": "string" + }, + "EventTimeFeatureName": { + "markdownDescription": "The name of the feature that stores the `EventTime` of a Record in a `FeatureGroup` .\n\nA `EventTime` is point in time when a new event occurs that corresponds to the creation or update of a `Record` in `FeatureGroup` . All `Records` in the `FeatureGroup` must have a corresponding `EventTime` .", + "title": "EventTimeFeatureName", + "type": "string" + }, + "FeatureDefinitions": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.FeatureDefinition" + }, + "markdownDescription": "A list of `Feature` s. Each `Feature` must include a `FeatureName` and a `FeatureType` .\n\nValid `FeatureType` s are `Integral` , `Fractional` and `String` .\n\n`FeatureName` s cannot be any of the following: `is_deleted` , `write_time` , `api_invocation_time` .\n\nYou can create up to 2,500 `FeatureDefinition` s per `FeatureGroup` .", + "title": "FeatureDefinitions", + "type": "array" + }, + "FeatureGroupName": { + "markdownDescription": "The name of the `FeatureGroup` .", + "title": "FeatureGroupName", + "type": "string" + }, + "OfflineStoreConfig": { + "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.OfflineStoreConfig", + "markdownDescription": "The configuration of an `OfflineStore` .", + "title": "OfflineStoreConfig" + }, + "OnlineStoreConfig": { + "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.OnlineStoreConfig", + "markdownDescription": "The configuration of an `OnlineStore` .", + "title": "OnlineStoreConfig" + }, + "RecordIdentifierFeatureName": { + "markdownDescription": "The name of the `Feature` whose value uniquely identifies a `Record` defined in the `FeatureGroup` `FeatureDefinitions` .", + "title": "RecordIdentifierFeatureName", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM execution role used to create the feature group.", + "title": "RoleArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags used to define a `FeatureGroup` .", + "title": "Tags", + "type": "array" + }, + "ThroughputConfig": { + "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.ThroughputConfig", + "markdownDescription": "Used to set feature group throughput configuration. There are two modes: `ON_DEMAND` and `PROVISIONED` . With on-demand mode, you are charged for data reads and writes that your application performs on your feature group. You do not need to specify read and write throughput because Feature Store accommodates your workloads as they ramp up and down. You can switch a feature group to on-demand only once in a 24 hour period. With provisioned throughput mode, you specify the read and write capacity per second that you expect your application to require, and you are billed based on those limits. Exceeding provisioned throughput will result in your requests being throttled.\n\nNote: `PROVISIONED` throughput mode is supported only for feature groups that are offline-only, or use the [`Standard`](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_OnlineStoreConfig.html#sagemaker-Type-OnlineStoreConfig-StorageType) tier online store.", + "title": "ThroughputConfig" + } + }, + "required": [ + "EventTimeFeatureName", + "FeatureDefinitions", + "FeatureGroupName", + "RecordIdentifierFeatureName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SageMaker::FeatureGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SageMaker::FeatureGroup.DataCatalogConfig": { + "additionalProperties": false, + "properties": { + "Catalog": { + "markdownDescription": "The name of the Glue table catalog.", + "title": "Catalog", + "type": "string" + }, + "Database": { + "markdownDescription": "The name of the Glue table database.", + "title": "Database", + "type": "string" + }, + "TableName": { + "markdownDescription": "The name of the Glue table.", + "title": "TableName", + "type": "string" + } + }, + "required": [ + "Catalog", + "Database", + "TableName" + ], + "type": "object" + }, + "AWS::SageMaker::FeatureGroup.FeatureDefinition": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "markdownDescription": "The name of a feature. The type must be a string. `FeatureName` cannot be any of the following: `is_deleted` , `write_time` , `api_invocation_time` .\n\nThe name:\n\n- Must start with an alphanumeric character.\n- Can only include alphanumeric characters, underscores, and hyphens. Spaces are not allowed.", + "title": "FeatureName", + "type": "string" + }, + "FeatureType": { + "markdownDescription": "The value type of a feature. Valid values are Integral, Fractional, or String.", + "title": "FeatureType", + "type": "string" + } + }, + "required": [ + "FeatureName", + "FeatureType" + ], + "type": "object" + }, + "AWS::SageMaker::FeatureGroup.OfflineStoreConfig": { + "additionalProperties": false, + "properties": { + "DataCatalogConfig": { + "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.DataCatalogConfig", + "markdownDescription": "The meta data of the Glue table that is autogenerated when an `OfflineStore` is created.", + "title": "DataCatalogConfig" + }, + "DisableGlueTableCreation": { + "markdownDescription": "Set to `True` to disable the automatic creation of an AWS Glue table when configuring an `OfflineStore` . If set to `False` , Feature Store will name the `OfflineStore` Glue table following [Athena's naming recommendations](https://docs.aws.amazon.com/athena/latest/ug/tables-databases-columns-names.html) .\n\nThe default value is `False` .", + "title": "DisableGlueTableCreation", + "type": "boolean" + }, + "S3StorageConfig": { + "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.S3StorageConfig", + "markdownDescription": "The Amazon Simple Storage (Amazon S3) location of `OfflineStore` .", + "title": "S3StorageConfig" + }, + "TableFormat": { + "markdownDescription": "Format for the offline store table. Supported formats are Glue (Default) and [Apache Iceberg](https://docs.aws.amazon.com/https://iceberg.apache.org/) .", + "title": "TableFormat", + "type": "string" + } + }, + "required": [ + "S3StorageConfig" + ], + "type": "object" + }, + "AWS::SageMaker::FeatureGroup.OnlineStoreConfig": { + "additionalProperties": false, + "properties": { + "EnableOnlineStore": { + "markdownDescription": "Turn `OnlineStore` off by specifying `False` for the `EnableOnlineStore` flag. Turn `OnlineStore` on by specifying `True` for the `EnableOnlineStore` flag.\n\nThe default value is `False` .", + "title": "EnableOnlineStore", + "type": "boolean" + }, + "SecurityConfig": { + "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.OnlineStoreSecurityConfig", + "markdownDescription": "Use to specify KMS Key ID ( `KMSKeyId` ) for at-rest encryption of your `OnlineStore` .", + "title": "SecurityConfig" + }, + "StorageType": { + "markdownDescription": "Option for different tiers of low latency storage for real-time data retrieval.\n\n- `Standard` : A managed low latency data store for feature groups.\n- `InMemory` : A managed data store for feature groups that supports very low latency retrieval.", + "title": "StorageType", + "type": "string" + }, + "TtlDuration": { + "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.TtlDuration", + "markdownDescription": "Time to live duration, where the record is hard deleted after the expiration time is reached; `ExpiresAt` = `EventTime` + `TtlDuration` . For information on HardDelete, see the [DeleteRecord](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_feature_store_DeleteRecord.html) API in the Amazon SageMaker API Reference guide.", + "title": "TtlDuration" + } + }, + "type": "object" + }, + "AWS::SageMaker::FeatureGroup.OnlineStoreSecurityConfig": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "markdownDescription": "The AWS Key Management Service (KMS) key ARN that SageMaker Feature Store uses to encrypt the Amazon S3 objects at rest using Amazon S3 server-side encryption.\n\nThe caller (either user or IAM role) of `CreateFeatureGroup` must have below permissions to the `OnlineStore` `KmsKeyId` :\n\n- `\"kms:Encrypt\"`\n- `\"kms:Decrypt\"`\n- `\"kms:DescribeKey\"`\n- `\"kms:CreateGrant\"`\n- `\"kms:RetireGrant\"`\n- `\"kms:ReEncryptFrom\"`\n- `\"kms:ReEncryptTo\"`\n- `\"kms:GenerateDataKey\"`\n- `\"kms:ListAliases\"`\n- `\"kms:ListGrants\"`\n- `\"kms:RevokeGrant\"`\n\nThe caller (either user or IAM role) to all DataPlane operations ( `PutRecord` , `GetRecord` , `DeleteRecord` ) must have the following permissions to the `KmsKeyId` :\n\n- `\"kms:Decrypt\"`", + "title": "KmsKeyId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::FeatureGroup.S3StorageConfig": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "markdownDescription": "The AWS Key Management Service (KMS) key ARN of the key used to encrypt any objects written into the `OfflineStore` S3 location.\n\nThe IAM `roleARN` that is passed as a parameter to `CreateFeatureGroup` must have below permissions to the `KmsKeyId` :\n\n- `\"kms:GenerateDataKey\"`", + "title": "KmsKeyId", + "type": "string" + }, + "S3Uri": { + "markdownDescription": "The S3 URI, or location in Amazon S3, of `OfflineStore` .\n\nS3 URIs have a format similar to the following: `s3://example-bucket/prefix/` .", + "title": "S3Uri", + "type": "string" + } + }, + "required": [ + "S3Uri" + ], + "type": "object" + }, + "AWS::SageMaker::FeatureGroup.ThroughputConfig": { + "additionalProperties": false, + "properties": { + "ProvisionedReadCapacityUnits": { + "markdownDescription": "For provisioned feature groups with online store enabled, this indicates the read throughput you are billed for and can consume without throttling.\n\nThis field is not applicable for on-demand feature groups.", + "title": "ProvisionedReadCapacityUnits", + "type": "number" + }, + "ProvisionedWriteCapacityUnits": { + "markdownDescription": "For provisioned feature groups, this indicates the write throughput you are billed for and can consume without throttling.\n\nThis field is not applicable for on-demand feature groups.", + "title": "ProvisionedWriteCapacityUnits", + "type": "number" + }, + "ThroughputMode": { + "markdownDescription": "The mode used for your feature group throughput: `ON_DEMAND` or `PROVISIONED` .", + "title": "ThroughputMode", + "type": "string" + } + }, + "required": [ + "ThroughputMode" + ], + "type": "object" + }, + "AWS::SageMaker::FeatureGroup.TtlDuration": { + "additionalProperties": false, + "properties": { + "Unit": { + "markdownDescription": "`TtlDuration` time unit.", + "title": "Unit", + "type": "string" + }, + "Value": { + "markdownDescription": "`TtlDuration` time value.", + "title": "Value", + "type": "number" + } + }, + "type": "object" + }, + "AWS::SageMaker::Image": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ImageDescription": { + "markdownDescription": "The description of the image.", + "title": "ImageDescription", + "type": "string" + }, + "ImageDisplayName": { + "markdownDescription": "The display name of the image.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 128.\n\n*Pattern* : `^\\S(.*\\S)?$`", + "title": "ImageDisplayName", + "type": "string" + }, + "ImageName": { + "markdownDescription": "The name of the Image. Must be unique by region in your account.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 63.\n\n*Pattern* : `^[a-zA-Z0-9]([-.]?[a-zA-Z0-9]){0,62}$`", + "title": "ImageName", + "type": "string" + }, + "ImageRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role that enables Amazon SageMaker to perform tasks on your behalf.\n\n*Length Constraints* : Minimum length of 20. Maximum length of 2048.\n\n*Pattern* : `^arn:aws[a-z\\-]*:iam::\\d{12}:role/?[a-zA-Z_0-9+=,.@\\-_/]+$`", + "title": "ImageRoleArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs to apply to this resource.\n\n*Array Members* : Minimum number of 0 items. Maximum number of 50 items.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "ImageName", + "ImageRoleArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SageMaker::Image" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SageMaker::ImageVersion": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Alias": { + "markdownDescription": "", + "title": "Alias", + "type": "string" + }, + "Aliases": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "Aliases", + "type": "array" + }, + "BaseImage": { + "markdownDescription": "The container image that the SageMaker image version is based on.", + "title": "BaseImage", + "type": "string" + }, + "Horovod": { + "markdownDescription": "", + "title": "Horovod", + "type": "boolean" + }, + "ImageName": { + "markdownDescription": "The name of the parent image.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 63.\n\n*Pattern* : `^[a-zA-Z0-9]([-.]?[a-zA-Z0-9]){0,62}$`", + "title": "ImageName", + "type": "string" + }, + "JobType": { + "markdownDescription": "", + "title": "JobType", + "type": "string" + }, + "MLFramework": { + "markdownDescription": "", + "title": "MLFramework", + "type": "string" + }, + "Processor": { + "markdownDescription": "", + "title": "Processor", + "type": "string" + }, + "ProgrammingLang": { + "markdownDescription": "", + "title": "ProgrammingLang", + "type": "string" + }, + "ReleaseNotes": { + "markdownDescription": "", + "title": "ReleaseNotes", + "type": "string" + }, + "VendorGuidance": { + "markdownDescription": "", + "title": "VendorGuidance", + "type": "string" + } + }, + "required": [ + "BaseImage", + "ImageName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SageMaker::ImageVersion" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SageMaker::InferenceComponent": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DeploymentConfig": { + "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.InferenceComponentDeploymentConfig", + "markdownDescription": "The deployment configuration for an endpoint, which contains the desired deployment strategy and rollback configurations.", + "title": "DeploymentConfig" + }, + "EndpointArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the endpoint that hosts the inference component.", + "title": "EndpointArn", + "type": "string" + }, + "EndpointName": { + "markdownDescription": "The name of the endpoint that hosts the inference component.", + "title": "EndpointName", + "type": "string" + }, + "InferenceComponentName": { + "markdownDescription": "The name of the inference component.", + "title": "InferenceComponentName", + "type": "string" + }, + "RuntimeConfig": { + "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.InferenceComponentRuntimeConfig", + "markdownDescription": "", + "title": "RuntimeConfig" + }, + "Specification": { + "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.InferenceComponentSpecification", + "markdownDescription": "", + "title": "Specification" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + }, + "VariantName": { + "markdownDescription": "The name of the production variant that hosts the inference component.", + "title": "VariantName", + "type": "string" + } + }, + "required": [ + "EndpointName", + "Specification" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SageMaker::InferenceComponent" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SageMaker::InferenceComponent.Alarm": { + "additionalProperties": false, + "properties": { + "AlarmName": { + "markdownDescription": "The name of a CloudWatch alarm in your account.", + "title": "AlarmName", + "type": "string" + } + }, + "required": [ + "AlarmName" + ], + "type": "object" + }, + "AWS::SageMaker::InferenceComponent.AutoRollbackConfiguration": { + "additionalProperties": false, + "properties": { + "Alarms": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.Alarm" + }, + "markdownDescription": "", + "title": "Alarms", + "type": "array" + } + }, + "required": [ + "Alarms" + ], + "type": "object" + }, + "AWS::SageMaker::InferenceComponent.DeployedImage": { + "additionalProperties": false, + "properties": { + "ResolutionTime": { + "markdownDescription": "The date and time when the image path for the model resolved to the `ResolvedImage`", + "title": "ResolutionTime", + "type": "string" + }, + "ResolvedImage": { + "markdownDescription": "The specific digest path of the image hosted in this `ProductionVariant` .", + "title": "ResolvedImage", + "type": "string" + }, + "SpecifiedImage": { + "markdownDescription": "The image path you specified when you created the model.", + "title": "SpecifiedImage", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::InferenceComponent.InferenceComponentCapacitySize": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "Specifies the endpoint capacity type.\n\n- **COPY_COUNT** - The endpoint activates based on the number of inference component copies.\n- **CAPACITY_PERCENT** - The endpoint activates based on the specified percentage of capacity.", + "title": "Type", + "type": "string" + }, + "Value": { + "markdownDescription": "Defines the capacity size, either as a number of inference component copies or a capacity percentage.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "Type", + "Value" + ], + "type": "object" + }, + "AWS::SageMaker::InferenceComponent.InferenceComponentComputeResourceRequirements": { + "additionalProperties": false, + "properties": { + "MaxMemoryRequiredInMb": { + "markdownDescription": "The maximum MB of memory to allocate to run a model that you assign to an inference component.", + "title": "MaxMemoryRequiredInMb", + "type": "number" + }, + "MinMemoryRequiredInMb": { + "markdownDescription": "The minimum MB of memory to allocate to run a model that you assign to an inference component.", + "title": "MinMemoryRequiredInMb", + "type": "number" + }, + "NumberOfAcceleratorDevicesRequired": { + "markdownDescription": "The number of accelerators to allocate to run a model that you assign to an inference component. Accelerators include GPUs and AWS Inferentia.", + "title": "NumberOfAcceleratorDevicesRequired", + "type": "number" + }, + "NumberOfCpuCoresRequired": { + "markdownDescription": "The number of CPU cores to allocate to run a model that you assign to an inference component.", + "title": "NumberOfCpuCoresRequired", + "type": "number" + } + }, + "type": "object" + }, + "AWS::SageMaker::InferenceComponent.InferenceComponentContainerSpecification": { + "additionalProperties": false, + "properties": { + "ArtifactUrl": { + "markdownDescription": "The Amazon S3 path where the model artifacts, which result from model training, are stored. This path must point to a single gzip compressed tar archive (.tar.gz suffix).", + "title": "ArtifactUrl", + "type": "string" + }, + "DeployedImage": { + "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.DeployedImage", + "markdownDescription": "", + "title": "DeployedImage" + }, + "Environment": { + "additionalProperties": true, + "markdownDescription": "The environment variables to set in the Docker container. Each key and value in the Environment string-to-string map can have length of up to 1024. We support up to 16 entries in the map.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Environment", + "type": "object" + }, + "Image": { + "markdownDescription": "The Amazon Elastic Container Registry (Amazon ECR) path where the Docker image for the model is stored.", + "title": "Image", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::InferenceComponent.InferenceComponentDeploymentConfig": { + "additionalProperties": false, + "properties": { + "AutoRollbackConfiguration": { + "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.AutoRollbackConfiguration", + "markdownDescription": "", + "title": "AutoRollbackConfiguration" + }, + "RollingUpdatePolicy": { + "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.InferenceComponentRollingUpdatePolicy", + "markdownDescription": "Specifies a rolling deployment strategy for updating a SageMaker AI endpoint.", + "title": "RollingUpdatePolicy" + } + }, + "type": "object" + }, + "AWS::SageMaker::InferenceComponent.InferenceComponentRollingUpdatePolicy": { + "additionalProperties": false, + "properties": { + "MaximumBatchSize": { + "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.InferenceComponentCapacitySize", + "markdownDescription": "The batch size for each rolling step in the deployment process. For each step, SageMaker AI provisions capacity on the new endpoint fleet, routes traffic to that fleet, and terminates capacity on the old endpoint fleet. The value must be between 5% to 50% of the copy count of the inference component.", + "title": "MaximumBatchSize" + }, + "MaximumExecutionTimeoutInSeconds": { + "markdownDescription": "The time limit for the total deployment. Exceeding this limit causes a timeout.", + "title": "MaximumExecutionTimeoutInSeconds", + "type": "number" + }, + "RollbackMaximumBatchSize": { + "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.InferenceComponentCapacitySize", + "markdownDescription": "The batch size for a rollback to the old endpoint fleet. If this field is absent, the value is set to the default, which is 100% of the total capacity. When the default is used, SageMaker AI provisions the entire capacity of the old fleet at once during rollback.", + "title": "RollbackMaximumBatchSize" + }, + "WaitIntervalInSeconds": { + "markdownDescription": "The length of the baking period, during which SageMaker AI monitors alarms for each batch on the new fleet.", + "title": "WaitIntervalInSeconds", + "type": "number" + } + }, + "type": "object" + }, + "AWS::SageMaker::InferenceComponent.InferenceComponentRuntimeConfig": { + "additionalProperties": false, + "properties": { + "CopyCount": { + "markdownDescription": "The number of runtime copies of the model container to deploy with the inference component. Each copy can serve inference requests.", + "title": "CopyCount", + "type": "number" + }, + "CurrentCopyCount": { + "markdownDescription": "", + "title": "CurrentCopyCount", + "type": "number" + }, + "DesiredCopyCount": { + "markdownDescription": "", + "title": "DesiredCopyCount", + "type": "number" + } + }, + "type": "object" + }, + "AWS::SageMaker::InferenceComponent.InferenceComponentSpecification": { + "additionalProperties": false, + "properties": { + "BaseInferenceComponentName": { + "markdownDescription": "The name of an existing inference component that is to contain the inference component that you're creating with your request.\n\nSpecify this parameter only if your request is meant to create an adapter inference component. An adapter inference component contains the path to an adapter model. The purpose of the adapter model is to tailor the inference output of a base foundation model, which is hosted by the base inference component. The adapter inference component uses the compute resources that you assigned to the base inference component.\n\nWhen you create an adapter inference component, use the `Container` parameter to specify the location of the adapter artifacts. In the parameter value, use the `ArtifactUrl` parameter of the `InferenceComponentContainerSpecification` data type.\n\nBefore you can create an adapter inference component, you must have an existing inference component that contains the foundation model that you want to adapt.", + "title": "BaseInferenceComponentName", + "type": "string" + }, + "ComputeResourceRequirements": { + "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.InferenceComponentComputeResourceRequirements", + "markdownDescription": "The compute resources allocated to run the model, plus any adapter models, that you assign to the inference component.\n\nOmit this parameter if your request is meant to create an adapter inference component. An adapter inference component is loaded by a base inference component, and it uses the compute resources of the base inference component.", + "title": "ComputeResourceRequirements" + }, + "Container": { + "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.InferenceComponentContainerSpecification", + "markdownDescription": "Defines a container that provides the runtime environment for a model that you deploy with an inference component.", + "title": "Container" + }, + "ModelName": { + "markdownDescription": "The name of an existing SageMaker AI model object in your account that you want to deploy with the inference component.", + "title": "ModelName", + "type": "string" + }, + "StartupParameters": { + "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.InferenceComponentStartupParameters", + "markdownDescription": "Settings that take effect while the model container starts up.", + "title": "StartupParameters" + } + }, + "type": "object" + }, + "AWS::SageMaker::InferenceComponent.InferenceComponentStartupParameters": { + "additionalProperties": false, + "properties": { + "ContainerStartupHealthCheckTimeoutInSeconds": { + "markdownDescription": "The timeout value, in seconds, for your inference container to pass health check by Amazon S3 Hosting. For more information about health check, see [How Your Container Should Respond to Health Check (Ping) Requests](https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms-inference-code.html#your-algorithms-inference-algo-ping-requests) .", + "title": "ContainerStartupHealthCheckTimeoutInSeconds", + "type": "number" + }, + "ModelDataDownloadTimeoutInSeconds": { + "markdownDescription": "The timeout value, in seconds, to download and extract the model that you want to host from Amazon S3 to the individual inference instance associated with this inference component.", + "title": "ModelDataDownloadTimeoutInSeconds", + "type": "number" + } + }, + "type": "object" + }, + "AWS::SageMaker::InferenceExperiment": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DataStorageConfig": { + "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.DataStorageConfig", + "markdownDescription": "The Amazon S3 location and configuration for storing inference request and response data.", + "title": "DataStorageConfig" + }, + "Description": { + "markdownDescription": "The description of the inference experiment.", + "title": "Description", + "type": "string" + }, + "DesiredState": { + "markdownDescription": "The desired state of the experiment after stopping. The possible states are the following:\n\n- `Completed` : The experiment completed successfully\n- `Cancelled` : The experiment was canceled", + "title": "DesiredState", + "type": "string" + }, + "EndpointName": { + "markdownDescription": "The name of the endpoint.", + "title": "EndpointName", + "type": "string" + }, + "KmsKey": { + "markdownDescription": "The AWS Key Management Service key that Amazon SageMaker uses to encrypt captured data at rest using Amazon S3 server-side encryption.", + "title": "KmsKey", + "type": "string" + }, + "ModelVariants": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.ModelVariantConfig" + }, + "markdownDescription": "An array of `ModelVariantConfigSummary` objects. There is one for each variant in the inference experiment. Each `ModelVariantConfigSummary` object in the array describes the infrastructure configuration for deploying the corresponding variant.", + "title": "ModelVariants", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the inference experiment.", + "title": "Name", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that Amazon SageMaker can assume to access model artifacts and container images, and manage Amazon SageMaker Inference endpoints for model deployment.", + "title": "RoleArn", + "type": "string" + }, + "Schedule": { + "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.InferenceExperimentSchedule", + "markdownDescription": "The duration for which the inference experiment ran or will run.\n\nThe maximum duration that you can set for an inference experiment is 30 days.", + "title": "Schedule" + }, + "ShadowModeConfig": { + "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.ShadowModeConfig", + "markdownDescription": "The configuration of `ShadowMode` inference experiment type, which shows the production variant that takes all the inference requests, and the shadow variant to which Amazon SageMaker replicates a percentage of the inference requests. For the shadow variant it also shows the percentage of requests that Amazon SageMaker replicates.", + "title": "ShadowModeConfig" + }, + "StatusReason": { + "markdownDescription": "The error message for the inference experiment status result.", + "title": "StatusReason", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of the inference experiment.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "EndpointName", + "ModelVariants", + "Name", + "RoleArn", + "Type" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SageMaker::InferenceExperiment" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SageMaker::InferenceExperiment.CaptureContentTypeHeader": { + "additionalProperties": false, + "properties": { + "CsvContentTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of all content type headers that Amazon SageMaker AI will treat as CSV and capture accordingly.", + "title": "CsvContentTypes", + "type": "array" + }, + "JsonContentTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of all content type headers that SageMaker AI will treat as JSON and capture accordingly.", + "title": "JsonContentTypes", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SageMaker::InferenceExperiment.DataStorageConfig": { + "additionalProperties": false, + "properties": { + "ContentType": { + "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.CaptureContentTypeHeader", + "markdownDescription": "Configuration specifying how to treat different headers. If no headers are specified SageMaker will by default base64 encode when capturing the data.", + "title": "ContentType" + }, + "Destination": { + "markdownDescription": "The Amazon S3 bucket where the inference request and response data is stored.", + "title": "Destination", + "type": "string" + }, + "KmsKey": { + "markdownDescription": "The AWS Key Management Service key that Amazon SageMaker uses to encrypt captured data at rest using Amazon S3 server-side encryption.", + "title": "KmsKey", + "type": "string" + } + }, + "required": [ + "Destination" + ], + "type": "object" + }, + "AWS::SageMaker::InferenceExperiment.EndpointMetadata": { + "additionalProperties": false, + "properties": { + "EndpointConfigName": { + "markdownDescription": "The name of the endpoint configuration.", + "title": "EndpointConfigName", + "type": "string" + }, + "EndpointName": { + "markdownDescription": "The name of the endpoint.", + "title": "EndpointName", + "type": "string" + }, + "EndpointStatus": { + "markdownDescription": "The status of the endpoint. For possible values of the status of an endpoint, see [](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sagemaker-inferenceexperiment-endpointmetadata.html#cfn-sagemaker-inferenceexperiment-endpointmetadata-endpointstatus) .", + "title": "EndpointStatus", + "type": "string" + } + }, + "required": [ + "EndpointName" + ], + "type": "object" + }, + "AWS::SageMaker::InferenceExperiment.InferenceExperimentSchedule": { + "additionalProperties": false, + "properties": { + "EndTime": { + "markdownDescription": "The timestamp at which the inference experiment ended or will end.", + "title": "EndTime", + "type": "string" + }, + "StartTime": { + "markdownDescription": "The timestamp at which the inference experiment started or will start.", + "title": "StartTime", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::InferenceExperiment.ModelInfrastructureConfig": { + "additionalProperties": false, + "properties": { + "InfrastructureType": { + "markdownDescription": "The inference option to which to deploy your model. Possible values are the following:\n\n- `RealTime` : Deploy to real-time inference.", + "title": "InfrastructureType", + "type": "string" + }, + "RealTimeInferenceConfig": { + "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.RealTimeInferenceConfig", + "markdownDescription": "The infrastructure configuration for deploying the model to real-time inference.", + "title": "RealTimeInferenceConfig" + } + }, + "required": [ + "InfrastructureType", + "RealTimeInferenceConfig" + ], + "type": "object" + }, + "AWS::SageMaker::InferenceExperiment.ModelVariantConfig": { + "additionalProperties": false, + "properties": { + "InfrastructureConfig": { + "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.ModelInfrastructureConfig", + "markdownDescription": "The configuration for the infrastructure that the model will be deployed to.", + "title": "InfrastructureConfig" + }, + "ModelName": { + "markdownDescription": "The name of the Amazon SageMaker Model entity.", + "title": "ModelName", + "type": "string" + }, + "VariantName": { + "markdownDescription": "The name of the variant.", + "title": "VariantName", + "type": "string" + } + }, + "required": [ + "InfrastructureConfig", + "ModelName", + "VariantName" + ], + "type": "object" + }, + "AWS::SageMaker::InferenceExperiment.RealTimeInferenceConfig": { + "additionalProperties": false, + "properties": { + "InstanceCount": { + "markdownDescription": "The number of instances of the type specified by `InstanceType` .", + "title": "InstanceCount", + "type": "number" + }, + "InstanceType": { + "markdownDescription": "The instance type the model is deployed to.", + "title": "InstanceType", + "type": "string" + } + }, + "required": [ + "InstanceCount", + "InstanceType" + ], + "type": "object" + }, + "AWS::SageMaker::InferenceExperiment.ShadowModeConfig": { + "additionalProperties": false, + "properties": { + "ShadowModelVariants": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.ShadowModelVariantConfig" + }, + "markdownDescription": "List of shadow variant configurations.", + "title": "ShadowModelVariants", + "type": "array" + }, + "SourceModelVariantName": { + "markdownDescription": "The name of the production variant, which takes all the inference requests.", + "title": "SourceModelVariantName", + "type": "string" + } + }, + "required": [ + "ShadowModelVariants", + "SourceModelVariantName" + ], + "type": "object" + }, + "AWS::SageMaker::InferenceExperiment.ShadowModelVariantConfig": { + "additionalProperties": false, + "properties": { + "SamplingPercentage": { + "markdownDescription": "The percentage of inference requests that Amazon SageMaker replicates from the production variant to the shadow variant.", + "title": "SamplingPercentage", + "type": "number" + }, + "ShadowModelVariantName": { + "markdownDescription": "The name of the shadow variant.", + "title": "ShadowModelVariantName", + "type": "string" + } + }, + "required": [ + "SamplingPercentage", + "ShadowModelVariantName" + ], + "type": "object" + }, + "AWS::SageMaker::MlflowTrackingServer": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ArtifactStoreUri": { + "markdownDescription": "", + "title": "ArtifactStoreUri", + "type": "string" + }, + "AutomaticModelRegistration": { + "markdownDescription": "", + "title": "AutomaticModelRegistration", + "type": "boolean" + }, + "MlflowVersion": { + "markdownDescription": "", + "title": "MlflowVersion", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "", + "title": "RoleArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + }, + "TrackingServerName": { + "markdownDescription": "", + "title": "TrackingServerName", + "type": "string" + }, + "TrackingServerSize": { + "markdownDescription": "", + "title": "TrackingServerSize", + "type": "string" + }, + "WeeklyMaintenanceWindowStart": { + "markdownDescription": "", + "title": "WeeklyMaintenanceWindowStart", + "type": "string" + } + }, + "required": [ + "ArtifactStoreUri", + "RoleArn", + "TrackingServerName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SageMaker::MlflowTrackingServer" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SageMaker::Model": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Containers": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Model.ContainerDefinition" + }, + "markdownDescription": "Specifies the containers in the inference pipeline.", + "title": "Containers", + "type": "array" + }, + "EnableNetworkIsolation": { + "markdownDescription": "Isolates the model container. No inbound or outbound network calls can be made to or from the model container.", + "title": "EnableNetworkIsolation", + "type": "boolean" + }, + "ExecutionRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that SageMaker can assume to access model artifacts and docker image for deployment on ML compute instances or for batch transform jobs. Deploying on ML compute instances is part of model hosting. For more information, see [SageMaker Roles](https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-roles.html) .\n\n> To be able to pass this role to SageMaker, the caller of this API must have the `iam:PassRole` permission.", + "title": "ExecutionRoleArn", + "type": "string" + }, + "InferenceExecutionConfig": { + "$ref": "#/definitions/AWS::SageMaker::Model.InferenceExecutionConfig", + "markdownDescription": "Specifies details of how containers in a multi-container endpoint are called.", + "title": "InferenceExecutionConfig" + }, + "ModelName": { + "markdownDescription": "The name of the new model.", + "title": "ModelName", + "type": "string" + }, + "PrimaryContainer": { + "$ref": "#/definitions/AWS::SageMaker::Model.ContainerDefinition", + "markdownDescription": "The location of the primary docker image containing inference code, associated artifacts, and custom environment map that the inference code uses when the model is deployed for predictions.", + "title": "PrimaryContainer" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs to apply to this resource.\n\nFor more information, see [Resource Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) and [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html#allocation-what) in the *AWS Billing and Cost Management User Guide* .", + "title": "Tags", + "type": "array" + }, + "VpcConfig": { + "$ref": "#/definitions/AWS::SageMaker::Model.VpcConfig", + "markdownDescription": "A [VpcConfig](https://docs.aws.amazon.com/sagemaker/latest/dg/API_VpcConfig.html) object that specifies the VPC that you want your model to connect to. Control access to and from your model container by configuring the VPC. `VpcConfig` is used in hosting services and in batch transform. For more information, see [Protect Endpoints by Using an Amazon Virtual Private Cloud](https://docs.aws.amazon.com/sagemaker/latest/dg/host-vpc.html) and [Protect Data in Batch Transform Jobs by Using an Amazon Virtual Private Cloud](https://docs.aws.amazon.com/sagemaker/latest/dg/batch-vpc.html) .", + "title": "VpcConfig" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SageMaker::Model" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::SageMaker::Model.AdditionalModelDataSource": { + "additionalProperties": false, + "properties": { + "ChannelName": { + "type": "string" + }, + "S3DataSource": { + "$ref": "#/definitions/AWS::SageMaker::Model.S3DataSource" + } + }, + "required": [ + "ChannelName", + "S3DataSource" + ], + "type": "object" + }, + "AWS::SageMaker::Model.ContainerDefinition": { + "additionalProperties": false, + "properties": { + "ContainerHostname": { + "markdownDescription": "This parameter is ignored for models that contain only a `PrimaryContainer` .\n\nWhen a `ContainerDefinition` is part of an inference pipeline, the value of the parameter uniquely identifies the container for the purposes of logging and metrics. For information, see [Use Logs and Metrics to Monitor an Inference Pipeline](https://docs.aws.amazon.com/sagemaker/latest/dg/inference-pipeline-logs-metrics.html) . If you don't specify a value for this parameter for a `ContainerDefinition` that is part of an inference pipeline, a unique name is automatically assigned based on the position of the `ContainerDefinition` in the pipeline. If you specify a value for the `ContainerHostName` for any `ContainerDefinition` that is part of an inference pipeline, you must specify a value for the `ContainerHostName` parameter of every `ContainerDefinition` in that pipeline.", + "title": "ContainerHostname", + "type": "string" + }, + "Environment": { + "markdownDescription": "The environment variables to set in the Docker container. Don't include any sensitive data in your environment variables.\n\nThe maximum length of each key and value in the `Environment` map is 1024 bytes. The maximum length of all keys and values in the map, combined, is 32 KB. If you pass multiple containers to a `CreateModel` request, then the maximum length of all of their maps, combined, is also 32 KB.", + "title": "Environment", + "type": "object" + }, + "Image": { + "markdownDescription": "The path where inference code is stored. This can be either in Amazon EC2 Container Registry or in a Docker registry that is accessible from the same VPC that you configure for your endpoint. If you are using your own custom algorithm instead of an algorithm provided by SageMaker, the inference code must meet SageMaker requirements. SageMaker supports both `registry/repository[:tag]` and `registry/repository[@digest]` image path formats. For more information, see [Using Your Own Algorithms with Amazon SageMaker](https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms.html) .\n\n> The model artifacts in an Amazon S3 bucket and the Docker image for inference container in Amazon EC2 Container Registry must be in the same region as the model or endpoint you are creating.", + "title": "Image", + "type": "string" + }, + "ImageConfig": { + "$ref": "#/definitions/AWS::SageMaker::Model.ImageConfig", + "markdownDescription": "Specifies whether the model container is in Amazon ECR or a private Docker registry accessible from your Amazon Virtual Private Cloud (VPC). For information about storing containers in a private Docker registry, see [Use a Private Docker Registry for Real-Time Inference Containers](https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms-containers-inference-private.html) .\n\n> The model artifacts in an Amazon S3 bucket and the Docker image for inference container in Amazon EC2 Container Registry must be in the same region as the model or endpoint you are creating.", + "title": "ImageConfig" + }, + "InferenceSpecificationName": { + "markdownDescription": "The inference specification name in the model package version.", + "title": "InferenceSpecificationName", + "type": "string" + }, + "Mode": { + "markdownDescription": "Whether the container hosts a single model or multiple models.", + "title": "Mode", + "type": "string" + }, + "ModelDataSource": { + "$ref": "#/definitions/AWS::SageMaker::Model.ModelDataSource", + "markdownDescription": "Specifies the location of ML model data to deploy.\n\n> Currently you cannot use `ModelDataSource` in conjunction with SageMaker batch transform, SageMaker serverless endpoints, SageMaker multi-model endpoints, and SageMaker Marketplace.", + "title": "ModelDataSource" + }, + "ModelDataUrl": { + "markdownDescription": "The S3 path where the model artifacts, which result from model training, are stored. This path must point to a single gzip compressed tar archive (.tar.gz suffix). The S3 path is required for SageMaker built-in algorithms, but not if you use your own algorithms. For more information on built-in algorithms, see [Common Parameters](https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-algo-docker-registry-paths.html) .\n\n> The model artifacts must be in an S3 bucket that is in the same region as the model or endpoint you are creating. \n\nIf you provide a value for this parameter, SageMaker uses AWS Security Token Service to download model artifacts from the S3 path you provide. AWS STS is activated in your AWS account by default. If you previously deactivated AWS STS for a region, you need to reactivate AWS STS for that region. For more information, see [Activating and Deactivating AWS STS in an AWS Region](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) in the *AWS Identity and Access Management User Guide* .\n\n> If you use a built-in algorithm to create a model, SageMaker requires that you provide a S3 path to the model artifacts in `ModelDataUrl` .", + "title": "ModelDataUrl", + "type": "string" + }, + "ModelPackageName": { + "markdownDescription": "The name or Amazon Resource Name (ARN) of the model package to use to create the model.", + "title": "ModelPackageName", + "type": "string" + }, + "MultiModelConfig": { + "$ref": "#/definitions/AWS::SageMaker::Model.MultiModelConfig", + "markdownDescription": "Specifies additional configuration for multi-model endpoints.", + "title": "MultiModelConfig" + } + }, + "type": "object" + }, + "AWS::SageMaker::Model.HubAccessConfig": { + "additionalProperties": false, + "properties": { + "HubContentArn": { + "markdownDescription": "The ARN of your private model hub content. This should be a `ModelReference` resource type that points to a SageMaker JumpStart public hub model.", + "title": "HubContentArn", + "type": "string" + } + }, + "required": [ + "HubContentArn" + ], + "type": "object" + }, + "AWS::SageMaker::Model.ImageConfig": { + "additionalProperties": false, + "properties": { + "RepositoryAccessMode": { + "markdownDescription": "Set this to one of the following values:\n\n- `Platform` - The model image is hosted in Amazon ECR.\n- `Vpc` - The model image is hosted in a private Docker registry in your VPC.", + "title": "RepositoryAccessMode", + "type": "string" + }, + "RepositoryAuthConfig": { + "$ref": "#/definitions/AWS::SageMaker::Model.RepositoryAuthConfig", + "markdownDescription": "(Optional) Specifies an authentication configuration for the private docker registry where your model image is hosted. Specify a value for this property only if you specified `Vpc` as the value for the `RepositoryAccessMode` field, and the private Docker registry where the model image is hosted requires authentication.", + "title": "RepositoryAuthConfig" + } + }, + "required": [ + "RepositoryAccessMode" + ], + "type": "object" + }, + "AWS::SageMaker::Model.InferenceExecutionConfig": { + "additionalProperties": false, + "properties": { + "Mode": { + "markdownDescription": "How containers in a multi-container are run. The following values are valid.\n\n- `Serial` - Containers run as a serial pipeline.\n- `Direct` - Only the individual container that you specify is run.", + "title": "Mode", + "type": "string" + } + }, + "required": [ + "Mode" + ], + "type": "object" + }, + "AWS::SageMaker::Model.ModelAccessConfig": { + "additionalProperties": false, + "properties": { + "AcceptEula": { + "markdownDescription": "Specifies agreement to the model end-user license agreement (EULA). The `AcceptEula` value must be explicitly defined as `True` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.", + "title": "AcceptEula", + "type": "boolean" + } + }, + "required": [ + "AcceptEula" + ], + "type": "object" + }, + "AWS::SageMaker::Model.ModelDataSource": { + "additionalProperties": false, + "properties": { + "S3DataSource": { + "$ref": "#/definitions/AWS::SageMaker::Model.S3DataSource", + "markdownDescription": "Specifies the S3 location of ML model data to deploy.", + "title": "S3DataSource" + } + }, + "required": [ + "S3DataSource" + ], + "type": "object" + }, + "AWS::SageMaker::Model.MultiModelConfig": { + "additionalProperties": false, + "properties": { + "ModelCacheSetting": { + "markdownDescription": "Whether to cache models for a multi-model endpoint. By default, multi-model endpoints cache models so that a model does not have to be loaded into memory each time it is invoked. Some use cases do not benefit from model caching. For example, if an endpoint hosts a large number of models that are each invoked infrequently, the endpoint might perform better if you disable model caching. To disable model caching, set the value of this parameter to Disabled.", + "title": "ModelCacheSetting", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::Model.RepositoryAuthConfig": { + "additionalProperties": false, + "properties": { + "RepositoryCredentialsProviderArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the *AWS Lambda Developer Guide* .", + "title": "RepositoryCredentialsProviderArn", + "type": "string" + } + }, + "required": [ + "RepositoryCredentialsProviderArn" + ], + "type": "object" + }, + "AWS::SageMaker::Model.S3DataSource": { + "additionalProperties": false, + "properties": { + "CompressionType": { + "markdownDescription": "", + "title": "CompressionType", + "type": "string" + }, + "HubAccessConfig": { + "$ref": "#/definitions/AWS::SageMaker::Model.HubAccessConfig", + "markdownDescription": "The configuration for a private hub model reference that points to a SageMaker JumpStart public hub model.", + "title": "HubAccessConfig" + }, + "ModelAccessConfig": { + "$ref": "#/definitions/AWS::SageMaker::Model.ModelAccessConfig", + "markdownDescription": "", + "title": "ModelAccessConfig" + }, + "S3DataType": { + "markdownDescription": "If you choose `S3Prefix` , `S3Uri` identifies a key name prefix. SageMaker uses all objects that match the specified key name prefix for model training.\n\nIf you choose `ManifestFile` , `S3Uri` identifies an object that is a manifest file containing a list of object keys that you want SageMaker to use for model training.\n\nIf you choose `AugmentedManifestFile` , `S3Uri` identifies an object that is an augmented manifest file in JSON lines format. This file contains the data you want to use for model training. `AugmentedManifestFile` can only be used if the Channel's input mode is `Pipe` .\n\nIf you choose `Converse` , `S3Uri` identifies an Amazon S3 location that contains data formatted according to Converse format. This format structures conversational messages with specific roles and content types used for training and fine-tuning foundational models.", + "title": "S3DataType", + "type": "string" + }, + "S3Uri": { + "markdownDescription": "Depending on the value specified for the `S3DataType` , identifies either a key name prefix or a manifest. For example:\n\n- A key name prefix might look like this: `s3://bucketname/exampleprefix/`\n- A manifest might look like this: `s3://bucketname/example.manifest`\n\nA manifest is an S3 object which is a JSON file consisting of an array of elements. The first element is a prefix which is followed by one or more suffixes. SageMaker appends the suffix elements to the prefix to get a full set of `S3Uri` . Note that the prefix must be a valid non-empty `S3Uri` that precludes users from specifying a manifest whose individual `S3Uri` is sourced from different S3 buckets.\n\nThe following code example shows a valid manifest format:\n\n`[ {\"prefix\": \"s3://customer_bucket/some/prefix/\"},`\n\n`\"relative/path/to/custdata-1\",`\n\n`\"relative/path/custdata-2\",`\n\n`...`\n\n`\"relative/path/custdata-N\"`\n\n`]`\n\nThis JSON is equivalent to the following `S3Uri` list:\n\n`s3://customer_bucket/some/prefix/relative/path/to/custdata-1`\n\n`s3://customer_bucket/some/prefix/relative/path/custdata-2`\n\n`...`\n\n`s3://customer_bucket/some/prefix/relative/path/custdata-N`\n\nThe complete set of `S3Uri` in this manifest is the input data for the channel for this data source. The object that each `S3Uri` points to must be readable by the IAM role that SageMaker uses to perform tasks on your behalf.\n\nYour input bucket must be located in same AWS region as your training job.", + "title": "S3Uri", + "type": "string" + } + }, + "required": [ + "CompressionType", + "S3DataType", + "S3Uri" + ], + "type": "object" + }, + "AWS::SageMaker::Model.VpcConfig": { + "additionalProperties": false, + "properties": { + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The VPC security group IDs, in the form `sg-xxxxxxxx` . Specify the security groups for the VPC that is specified in the `Subnets` field.", + "title": "SecurityGroupIds", + "type": "array" + }, + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The ID of the subnets in the VPC to which you want to connect your training job or model. For information about the availability of specific instance types, see [Supported Instance Types and Availability Zones](https://docs.aws.amazon.com/sagemaker/latest/dg/instance-types-az.html) .", + "title": "Subnets", + "type": "array" + } + }, + "required": [ + "SecurityGroupIds", + "Subnets" + ], + "type": "object" + }, + "AWS::SageMaker::ModelBiasJobDefinition": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "EndpointName": { + "markdownDescription": "", + "title": "EndpointName", + "type": "string" + }, + "JobDefinitionName": { + "markdownDescription": "The name of the bias job definition. The name must be unique within an AWS Region in the AWS account.", + "title": "JobDefinitionName", + "type": "string" + }, + "JobResources": { + "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.MonitoringResources", + "markdownDescription": "Identifies the resources to deploy for a monitoring job.", + "title": "JobResources" + }, + "ModelBiasAppSpecification": { + "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.ModelBiasAppSpecification", + "markdownDescription": "Configures the model bias job to run a specified Docker container image.", + "title": "ModelBiasAppSpecification" + }, + "ModelBiasBaselineConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.ModelBiasBaselineConfig", + "markdownDescription": "The baseline configuration for a model bias job.", + "title": "ModelBiasBaselineConfig" + }, + "ModelBiasJobInput": { + "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.ModelBiasJobInput", + "markdownDescription": "Inputs for the model bias job.", + "title": "ModelBiasJobInput" + }, + "ModelBiasJobOutputConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.MonitoringOutputConfig", + "markdownDescription": "The output configuration for monitoring jobs.", + "title": "ModelBiasJobOutputConfig" + }, + "NetworkConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.NetworkConfig", + "markdownDescription": "Networking options for a model bias job.", + "title": "NetworkConfig" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to perform tasks on your behalf.", + "title": "RoleArn", + "type": "string" + }, + "StoppingCondition": { + "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.StoppingCondition", + "markdownDescription": "A time limit for how long the monitoring job is allowed to run before stopping.", + "title": "StoppingCondition" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "JobResources", + "ModelBiasAppSpecification", + "ModelBiasJobInput", + "ModelBiasJobOutputConfig", + "RoleArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SageMaker::ModelBiasJobDefinition" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SageMaker::ModelBiasJobDefinition.BatchTransformInput": { + "additionalProperties": false, + "properties": { + "DataCapturedDestinationS3Uri": { + "markdownDescription": "The Amazon S3 location being used to capture the data.", + "title": "DataCapturedDestinationS3Uri", + "type": "string" + }, + "DatasetFormat": { + "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.DatasetFormat", + "markdownDescription": "The dataset format for your batch transform job.", + "title": "DatasetFormat" + }, + "EndTimeOffset": { + "markdownDescription": "If specified, monitoring jobs subtract this time from the end time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", + "title": "EndTimeOffset", + "type": "string" + }, + "FeaturesAttribute": { + "markdownDescription": "The attributes of the input data that are the input features.", + "title": "FeaturesAttribute", + "type": "string" + }, + "InferenceAttribute": { + "markdownDescription": "The attribute of the input data that represents the ground truth label.", + "title": "InferenceAttribute", + "type": "string" + }, + "LocalPath": { + "markdownDescription": "Path to the filesystem where the batch transform data is available to the container.", + "title": "LocalPath", + "type": "string" + }, + "ProbabilityAttribute": { + "markdownDescription": "In a classification problem, the attribute that represents the class probability.", + "title": "ProbabilityAttribute", + "type": "string" + }, + "ProbabilityThresholdAttribute": { + "markdownDescription": "The threshold for the class probability to be evaluated as a positive result.", + "title": "ProbabilityThresholdAttribute", + "type": "number" + }, + "S3DataDistributionType": { + "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defaults to `FullyReplicated`", + "title": "S3DataDistributionType", + "type": "string" + }, + "S3InputMode": { + "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", + "title": "S3InputMode", + "type": "string" + }, + "StartTimeOffset": { + "markdownDescription": "If specified, monitoring jobs substract this time from the start time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", + "title": "StartTimeOffset", + "type": "string" + } + }, + "required": [ + "DataCapturedDestinationS3Uri", + "DatasetFormat", + "LocalPath" + ], + "type": "object" + }, + "AWS::SageMaker::ModelBiasJobDefinition.ClusterConfig": { + "additionalProperties": false, + "properties": { + "InstanceCount": { + "markdownDescription": "The number of ML compute instances to use in the model monitoring job. For distributed processing jobs, specify a value greater than 1. The default value is 1.", + "title": "InstanceCount", + "type": "number" + }, + "InstanceType": { + "markdownDescription": "The ML compute instance type for the processing job.", + "title": "InstanceType", + "type": "string" + }, + "VolumeKmsKeyId": { + "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance(s) that run the model monitoring job.", + "title": "VolumeKmsKeyId", + "type": "string" + }, + "VolumeSizeInGB": { + "markdownDescription": "The size of the ML storage volume, in gigabytes, that you want to provision. You must specify sufficient ML storage for your scenario.", + "title": "VolumeSizeInGB", + "type": "number" + } + }, + "required": [ + "InstanceCount", + "InstanceType", + "VolumeSizeInGB" + ], + "type": "object" + }, + "AWS::SageMaker::ModelBiasJobDefinition.ConstraintsResource": { + "additionalProperties": false, + "properties": { + "S3Uri": { + "markdownDescription": "The Amazon S3 URI for the constraints resource.", + "title": "S3Uri", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelBiasJobDefinition.Csv": { + "additionalProperties": false, + "properties": { + "Header": { + "markdownDescription": "", + "title": "Header", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelBiasJobDefinition.DatasetFormat": { + "additionalProperties": false, + "properties": { + "Csv": { + "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.Csv", + "markdownDescription": "", + "title": "Csv" + }, + "Json": { + "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.Json", + "markdownDescription": "", + "title": "Json" + }, + "Parquet": { + "markdownDescription": "", + "title": "Parquet", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelBiasJobDefinition.EndpointInput": { + "additionalProperties": false, + "properties": { + "EndTimeOffset": { + "markdownDescription": "If specified, monitoring jobs substract this time from the end time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", + "title": "EndTimeOffset", + "type": "string" + }, + "EndpointName": { + "markdownDescription": "An endpoint in customer's account which has enabled `DataCaptureConfig` enabled.", + "title": "EndpointName", + "type": "string" + }, + "FeaturesAttribute": { + "markdownDescription": "The attributes of the input data that are the input features.", + "title": "FeaturesAttribute", + "type": "string" + }, + "InferenceAttribute": { + "markdownDescription": "The attribute of the input data that represents the ground truth label.", + "title": "InferenceAttribute", + "type": "string" + }, + "LocalPath": { + "markdownDescription": "Path to the filesystem where the endpoint data is available to the container.", + "title": "LocalPath", + "type": "string" + }, + "ProbabilityAttribute": { + "markdownDescription": "In a classification problem, the attribute that represents the class probability.", + "title": "ProbabilityAttribute", + "type": "string" + }, + "ProbabilityThresholdAttribute": { + "markdownDescription": "The threshold for the class probability to be evaluated as a positive result.", + "title": "ProbabilityThresholdAttribute", + "type": "number" + }, + "S3DataDistributionType": { + "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an Amazon S3 key. Defaults to `FullyReplicated`", + "title": "S3DataDistributionType", + "type": "string" + }, + "S3InputMode": { + "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", + "title": "S3InputMode", + "type": "string" + }, + "StartTimeOffset": { + "markdownDescription": "If specified, monitoring jobs substract this time from the start time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", + "title": "StartTimeOffset", + "type": "string" + } + }, + "required": [ + "EndpointName", + "LocalPath" + ], + "type": "object" + }, + "AWS::SageMaker::ModelBiasJobDefinition.Json": { + "additionalProperties": false, + "properties": { + "Line": { + "markdownDescription": "", + "title": "Line", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelBiasJobDefinition.ModelBiasAppSpecification": { + "additionalProperties": false, + "properties": { + "ConfigUri": { + "markdownDescription": "JSON formatted S3 file that defines bias parameters. For more information on this JSON configuration file, see [Configure bias parameters](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-config-json-monitor-bias-parameters.html) .", + "title": "ConfigUri", + "type": "string" + }, + "Environment": { + "additionalProperties": true, + "markdownDescription": "Sets the environment variables in the Docker container.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Environment", + "type": "object" + }, + "ImageUri": { + "markdownDescription": "The container image to be run by the model bias job.", + "title": "ImageUri", + "type": "string" + } + }, + "required": [ + "ConfigUri", + "ImageUri" + ], + "type": "object" + }, + "AWS::SageMaker::ModelBiasJobDefinition.ModelBiasBaselineConfig": { + "additionalProperties": false, + "properties": { + "BaseliningJobName": { + "markdownDescription": "The name of the baseline model bias job.", + "title": "BaseliningJobName", + "type": "string" + }, + "ConstraintsResource": { + "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.ConstraintsResource", + "markdownDescription": "The constraints resource for a monitoring job.", + "title": "ConstraintsResource" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelBiasJobDefinition.ModelBiasJobInput": { + "additionalProperties": false, + "properties": { + "BatchTransformInput": { + "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.BatchTransformInput", + "markdownDescription": "Input object for the batch transform job.", + "title": "BatchTransformInput" + }, + "EndpointInput": { + "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.EndpointInput", + "markdownDescription": "Input object for the endpoint", + "title": "EndpointInput" + }, + "GroundTruthS3Input": { + "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.MonitoringGroundTruthS3Input", + "markdownDescription": "Location of ground truth labels to use in model bias job.", + "title": "GroundTruthS3Input" + } + }, + "required": [ + "GroundTruthS3Input" + ], + "type": "object" + }, + "AWS::SageMaker::ModelBiasJobDefinition.MonitoringGroundTruthS3Input": { + "additionalProperties": false, + "properties": { + "S3Uri": { + "markdownDescription": "The address of the Amazon S3 location of the ground truth labels.", + "title": "S3Uri", + "type": "string" + } + }, + "required": [ + "S3Uri" + ], + "type": "object" + }, + "AWS::SageMaker::ModelBiasJobDefinition.MonitoringOutput": { + "additionalProperties": false, + "properties": { + "S3Output": { + "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.S3Output", + "markdownDescription": "The Amazon S3 storage location where the results of a monitoring job are saved.", + "title": "S3Output" + } + }, + "required": [ + "S3Output" + ], + "type": "object" + }, + "AWS::SageMaker::ModelBiasJobDefinition.MonitoringOutputConfig": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "markdownDescription": "The AWS Key Management Service ( AWS KMS ) key that Amazon SageMaker AI uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption.", + "title": "KmsKeyId", + "type": "string" + }, + "MonitoringOutputs": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.MonitoringOutput" + }, + "markdownDescription": "Monitoring outputs for monitoring jobs. This is where the output of the periodic monitoring jobs is uploaded.", + "title": "MonitoringOutputs", + "type": "array" + } + }, + "required": [ + "MonitoringOutputs" + ], + "type": "object" + }, + "AWS::SageMaker::ModelBiasJobDefinition.MonitoringResources": { + "additionalProperties": false, + "properties": { + "ClusterConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.ClusterConfig", + "markdownDescription": "The configuration for the cluster resources used to run the processing job.", + "title": "ClusterConfig" + } + }, + "required": [ + "ClusterConfig" + ], + "type": "object" + }, + "AWS::SageMaker::ModelBiasJobDefinition.NetworkConfig": { + "additionalProperties": false, + "properties": { + "EnableInterContainerTrafficEncryption": { + "markdownDescription": "Whether to encrypt all communications between distributed processing jobs. Choose `True` to encrypt communications. Encryption provides greater security for distributed processing jobs, but the processing might take longer.", + "title": "EnableInterContainerTrafficEncryption", + "type": "boolean" + }, + "EnableNetworkIsolation": { + "markdownDescription": "Whether to allow inbound and outbound network calls to and from the containers used for the processing job.", + "title": "EnableNetworkIsolation", + "type": "boolean" + }, + "VpcConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.VpcConfig", + "markdownDescription": "Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC.", + "title": "VpcConfig" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelBiasJobDefinition.S3Output": { + "additionalProperties": false, + "properties": { + "LocalPath": { + "markdownDescription": "The local path to the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job. `LocalPath` is an absolute path for the output data.", + "title": "LocalPath", + "type": "string" + }, + "S3UploadMode": { + "markdownDescription": "Whether to upload the results of the monitoring job continuously or after the job completes.", + "title": "S3UploadMode", + "type": "string" + }, + "S3Uri": { + "markdownDescription": "A URI that identifies the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job.", + "title": "S3Uri", + "type": "string" + } + }, + "required": [ + "LocalPath", + "S3Uri" + ], + "type": "object" + }, + "AWS::SageMaker::ModelBiasJobDefinition.StoppingCondition": { + "additionalProperties": false, + "properties": { + "MaxRuntimeInSeconds": { + "markdownDescription": "The maximum length of time, in seconds, that a training or compilation job can run before it is stopped.\n\nFor compilation jobs, if the job does not complete during this time, a `TimeOut` error is generated. We recommend starting with 900 seconds and increasing as necessary based on your model.\n\nFor all other jobs, if the job does not complete during this time, SageMaker ends the job. When `RetryStrategy` is specified in the job request, `MaxRuntimeInSeconds` specifies the maximum time for all of the attempts in total, not each individual attempt. The default value is 1 day. The maximum value is 28 days.\n\nThe maximum time that a `TrainingJob` can run in total, including any time spent publishing metrics or archiving and uploading models after it has been stopped, is 30 days.", + "title": "MaxRuntimeInSeconds", + "type": "number" + } + }, + "required": [ + "MaxRuntimeInSeconds" + ], + "type": "object" + }, + "AWS::SageMaker::ModelBiasJobDefinition.VpcConfig": { + "additionalProperties": false, + "properties": { + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The VPC security group IDs, in the form `sg-xxxxxxxx` . Specify the security groups for the VPC that is specified in the `Subnets` field.", + "title": "SecurityGroupIds", + "type": "array" + }, + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The ID of the subnets in the VPC to which you want to connect your training job or model. For information about the availability of specific instance types, see [Supported Instance Types and Availability Zones](https://docs.aws.amazon.com/sagemaker/latest/dg/instance-types-az.html) .", + "title": "Subnets", + "type": "array" + } + }, + "required": [ + "SecurityGroupIds", + "Subnets" + ], + "type": "object" + }, + "AWS::SageMaker::ModelCard": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Content": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.Content", + "markdownDescription": "The content of the model card. Content uses the [model card JSON schema](https://docs.aws.amazon.com/sagemaker/latest/dg/model-cards.html#model-cards-json-schema) .", + "title": "Content" + }, + "CreatedBy": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.UserContext", + "markdownDescription": "Information about the user who created or modified one or more of the following:\n\n- Experiment\n- Trial\n- Trial component\n- Lineage group\n- Project\n- Model Card", + "title": "CreatedBy" + }, + "LastModifiedBy": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.UserContext", + "markdownDescription": "", + "title": "LastModifiedBy" + }, + "ModelCardName": { + "markdownDescription": "The unique name of the model card.", + "title": "ModelCardName", + "type": "string" + }, + "ModelCardStatus": { + "markdownDescription": "The approval status of the model card within your organization. Different organizations might have different criteria for model card review and approval.\n\n- `Draft` : The model card is a work in progress.\n- `PendingReview` : The model card is pending review.\n- `Approved` : The model card is approved.\n- `Archived` : The model card is archived. No more updates should be made to the model card, but it can still be exported.", + "title": "ModelCardStatus", + "type": "string" + }, + "SecurityConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.SecurityConfig", + "markdownDescription": "The security configuration used to protect model card data.", + "title": "SecurityConfig" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Key-value pairs used to manage metadata for the model card.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Content", + "ModelCardName", + "ModelCardStatus" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SageMaker::ModelCard" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SageMaker::ModelCard.AdditionalInformation": { + "additionalProperties": false, + "properties": { + "CaveatsAndRecommendations": { + "markdownDescription": "Caveats and recommendations for those who might use this model in their applications.", + "title": "CaveatsAndRecommendations", + "type": "string" + }, + "CustomDetails": { + "additionalProperties": true, + "markdownDescription": "Any additional information to document about the model.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "CustomDetails", + "type": "object" + }, + "EthicalConsiderations": { + "markdownDescription": "Any ethical considerations documented by the model card author.", + "title": "EthicalConsiderations", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelCard.BusinessDetails": { + "additionalProperties": false, + "properties": { + "BusinessProblem": { + "markdownDescription": "The specific business problem that the model is trying to solve.", + "title": "BusinessProblem", + "type": "string" + }, + "BusinessStakeholders": { + "markdownDescription": "The relevant stakeholders for the model.", + "title": "BusinessStakeholders", + "type": "string" + }, + "LineOfBusiness": { + "markdownDescription": "The broader business need that the model is serving.", + "title": "LineOfBusiness", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelCard.Container": { + "additionalProperties": false, + "properties": { + "Image": { + "markdownDescription": "", + "title": "Image", + "type": "string" + }, + "ModelDataUrl": { + "markdownDescription": "", + "title": "ModelDataUrl", + "type": "string" + }, + "NearestModelName": { + "markdownDescription": "", + "title": "NearestModelName", + "type": "string" + } + }, + "required": [ + "Image" + ], + "type": "object" + }, + "AWS::SageMaker::ModelCard.Content": { + "additionalProperties": false, + "properties": { + "AdditionalInformation": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.AdditionalInformation", + "markdownDescription": "Additional information about the model.", + "title": "AdditionalInformation" + }, + "BusinessDetails": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.BusinessDetails", + "markdownDescription": "Information about how the model supports business goals.", + "title": "BusinessDetails" + }, + "EvaluationDetails": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.EvaluationDetail" + }, + "markdownDescription": "An overview about the model's evaluation.", + "title": "EvaluationDetails", + "type": "array" + }, + "IntendedUses": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.IntendedUses", + "markdownDescription": "The intended usage of the model.", + "title": "IntendedUses" + }, + "ModelOverview": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.ModelOverview", + "markdownDescription": "An overview about the model", + "title": "ModelOverview" + }, + "ModelPackageDetails": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.ModelPackageDetails", + "markdownDescription": "", + "title": "ModelPackageDetails" + }, + "TrainingDetails": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.TrainingDetails", + "markdownDescription": "An overview about model training.", + "title": "TrainingDetails" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelCard.EvaluationDetail": { + "additionalProperties": false, + "properties": { + "Datasets": { + "items": { + "type": "string" + }, + "markdownDescription": "The location of the datasets used to evaluate the model.", + "title": "Datasets", + "type": "array" + }, + "EvaluationJobArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the evaluation job.", + "title": "EvaluationJobArn", + "type": "string" + }, + "EvaluationObservation": { + "markdownDescription": "Any observations made during the model evaluation.", + "title": "EvaluationObservation", + "type": "string" + }, + "Metadata": { + "additionalProperties": true, + "markdownDescription": "Additional attributes associated with the evaluation results.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Metadata", + "type": "object" + }, + "MetricGroups": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.MetricGroup" + }, + "markdownDescription": "An evaluation Metric Group object.", + "title": "MetricGroups", + "type": "array" + }, + "Name": { + "markdownDescription": "The evaluation job name.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::SageMaker::ModelCard.Function": { + "additionalProperties": false, + "properties": { + "Condition": { + "markdownDescription": "An optional description of any conditions of your objective function metric.", + "title": "Condition", + "type": "string" + }, + "Facet": { + "markdownDescription": "The metric of the model's objective function. For example, *loss* or *rmse* . The following list shows examples of the values that you can specify for the metric:\n\n- `ACCURACY`\n- `AUC`\n- `LOSS`\n- `MAE`\n- `RMSE`", + "title": "Facet", + "type": "string" + }, + "Function": { + "markdownDescription": "The optimization direction of the model's objective function. You must specify one of the following values:\n\n- `Maximize`\n- `Minimize`", + "title": "Function", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelCard.InferenceEnvironment": { + "additionalProperties": false, + "properties": { + "ContainerImage": { + "items": { + "type": "string" + }, + "markdownDescription": "The container used to run the inference environment.", + "title": "ContainerImage", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelCard.InferenceSpecification": { + "additionalProperties": false, + "properties": { + "Containers": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.Container" + }, + "markdownDescription": "The Amazon ECR registry path of the Docker image that contains the inference code.", + "title": "Containers", + "type": "array" + } + }, + "required": [ + "Containers" + ], + "type": "object" + }, + "AWS::SageMaker::ModelCard.IntendedUses": { + "additionalProperties": false, + "properties": { + "ExplanationsForRiskRating": { + "markdownDescription": "An explanation of why your organization categorizes the model with its risk rating.", + "title": "ExplanationsForRiskRating", + "type": "string" + }, + "FactorsAffectingModelEfficiency": { + "markdownDescription": "Factors affecting model efficacy.", + "title": "FactorsAffectingModelEfficiency", + "type": "string" + }, + "IntendedUses": { + "markdownDescription": "The intended use cases for the model.", + "title": "IntendedUses", + "type": "string" + }, + "PurposeOfModel": { + "markdownDescription": "The general purpose of the model.", + "title": "PurposeOfModel", + "type": "string" + }, + "RiskRating": { + "markdownDescription": "Your organization's risk rating. You can specify one the following values as the risk rating:\n\n- High\n- Medium\n- Low\n- Unknown", + "title": "RiskRating", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelCard.MetricDataItems": { + "additionalProperties": false, + "properties": { + "Name": { + "type": "string" + }, + "Notes": { + "type": "string" + }, + "Type": { + "type": "string" + }, + "Value": { + "type": "object" + }, + "XAxisName": { + "items": { + "type": "string" + }, + "type": "array" + }, + "YAxisName": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "Name", + "Type", + "Value" + ], + "type": "object" + }, + "AWS::SageMaker::ModelCard.MetricGroup": { + "additionalProperties": false, + "properties": { + "MetricData": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.MetricDataItems" + }, + "markdownDescription": "A list of metric objects. The `MetricDataItems` list can have one of the following values:\n\n- `bar_chart_metric`\n- `matrix_metric`\n- `simple_metric`\n- `linear_graph_metric`\n\nFor more information about the metric schema, see the definition section of the [model card JSON schema](https://docs.aws.amazon.com/sagemaker/latest/dg/model-cards.html#model-cards-json-schema) .", + "title": "MetricData", + "type": "array" + }, + "Name": { + "markdownDescription": "The metric group name.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "MetricData", + "Name" + ], + "type": "object" + }, + "AWS::SageMaker::ModelCard.ModelOverview": { + "additionalProperties": false, + "properties": { + "AlgorithmType": { + "markdownDescription": "The algorithm used to solve the problem.", + "title": "AlgorithmType", + "type": "string" + }, + "InferenceEnvironment": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.InferenceEnvironment", + "markdownDescription": "An overview about model inference.", + "title": "InferenceEnvironment" + }, + "ModelArtifact": { + "items": { + "type": "string" + }, + "markdownDescription": "The location of the model artifact.", + "title": "ModelArtifact", + "type": "array" + }, + "ModelCreator": { + "markdownDescription": "The creator of the model.", + "title": "ModelCreator", + "type": "string" + }, + "ModelDescription": { + "markdownDescription": "A description of the model.", + "title": "ModelDescription", + "type": "string" + }, + "ModelId": { + "markdownDescription": "The SageMaker AI Model ARN or non- SageMaker AI Model ID.", + "title": "ModelId", + "type": "string" + }, + "ModelName": { + "markdownDescription": "The name of the model.", + "title": "ModelName", + "type": "string" + }, + "ModelOwner": { + "markdownDescription": "The owner of the model.", + "title": "ModelOwner", + "type": "string" + }, + "ModelVersion": { + "markdownDescription": "The version of the model.", + "title": "ModelVersion", + "type": "number" + }, + "ProblemType": { + "markdownDescription": "The problem being solved with the model.", + "title": "ProblemType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelCard.ModelPackageCreator": { + "additionalProperties": false, + "properties": { + "UserProfileName": { + "markdownDescription": "", + "title": "UserProfileName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelCard.ModelPackageDetails": { + "additionalProperties": false, + "properties": { + "ApprovalDescription": { + "markdownDescription": "", + "title": "ApprovalDescription", + "type": "string" + }, + "CreatedBy": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.ModelPackageCreator", + "markdownDescription": "", + "title": "CreatedBy" + }, + "Domain": { + "markdownDescription": "", + "title": "Domain", + "type": "string" + }, + "InferenceSpecification": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.InferenceSpecification", + "markdownDescription": "", + "title": "InferenceSpecification" + }, + "ModelApprovalStatus": { + "markdownDescription": "", + "title": "ModelApprovalStatus", + "type": "string" + }, + "ModelPackageArn": { + "markdownDescription": "", + "title": "ModelPackageArn", + "type": "string" + }, + "ModelPackageDescription": { + "markdownDescription": "", + "title": "ModelPackageDescription", + "type": "string" + }, + "ModelPackageGroupName": { + "markdownDescription": "", + "title": "ModelPackageGroupName", + "type": "string" + }, + "ModelPackageName": { + "markdownDescription": "", + "title": "ModelPackageName", + "type": "string" + }, + "ModelPackageStatus": { + "markdownDescription": "", + "title": "ModelPackageStatus", + "type": "string" + }, + "ModelPackageVersion": { + "markdownDescription": "", + "title": "ModelPackageVersion", + "type": "number" + }, + "SourceAlgorithms": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.SourceAlgorithm" + }, + "markdownDescription": "", + "title": "SourceAlgorithms", + "type": "array" + }, + "Task": { + "markdownDescription": "", + "title": "Task", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelCard.ObjectiveFunction": { + "additionalProperties": false, + "properties": { + "Function": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.Function", + "markdownDescription": "A function object that details optimization direction, metric, and additional descriptions.", + "title": "Function" + }, + "Notes": { + "markdownDescription": "Notes about the object function, including other considerations for possible objective functions.", + "title": "Notes", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelCard.SecurityConfig": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "markdownDescription": "A AWS Key Management Service [key ID](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id-key-id) used to encrypt a model card.", + "title": "KmsKeyId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelCard.SourceAlgorithm": { + "additionalProperties": false, + "properties": { + "AlgorithmName": { + "markdownDescription": "The name of an algorithm that was used to create the model package. The algorithm must be either an algorithm resource in your SageMaker account or an algorithm in AWS Marketplace that you are subscribed to.", + "title": "AlgorithmName", + "type": "string" + }, + "ModelDataUrl": { + "markdownDescription": "The Amazon S3 path where the model artifacts, which result from model training, are stored. This path must point to a single `gzip` compressed tar archive ( `.tar.gz` suffix).\n\n> The model artifacts must be in an S3 bucket that is in the same AWS region as the algorithm.", + "title": "ModelDataUrl", + "type": "string" + } + }, + "required": [ + "AlgorithmName" + ], + "type": "object" + }, + "AWS::SageMaker::ModelCard.TrainingDetails": { + "additionalProperties": false, + "properties": { + "ObjectiveFunction": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.ObjectiveFunction", + "markdownDescription": "The function that is optimized during model training.", + "title": "ObjectiveFunction" + }, + "TrainingJobDetails": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.TrainingJobDetails", + "markdownDescription": "Details about any associated training jobs.", + "title": "TrainingJobDetails" + }, + "TrainingObservations": { + "markdownDescription": "Any observations about training.", + "title": "TrainingObservations", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelCard.TrainingEnvironment": { + "additionalProperties": false, + "properties": { + "ContainerImage": { + "items": { + "type": "string" + }, + "markdownDescription": "SageMaker AI inference image URI.", + "title": "ContainerImage", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelCard.TrainingHyperParameter": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the hyper parameter.", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The value specified for the hyper parameter.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Name", + "Value" + ], + "type": "object" + }, + "AWS::SageMaker::ModelCard.TrainingJobDetails": { + "additionalProperties": false, + "properties": { + "HyperParameters": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.TrainingHyperParameter" + }, + "markdownDescription": "The hyper parameters used in the training job.", + "title": "HyperParameters", + "type": "array" + }, + "TrainingArn": { + "markdownDescription": "The SageMaker AI training job Amazon Resource Name (ARN)", + "title": "TrainingArn", + "type": "string" + }, + "TrainingDatasets": { + "items": { + "type": "string" + }, + "markdownDescription": "The location of the datasets used to train the model.", + "title": "TrainingDatasets", + "type": "array" + }, + "TrainingEnvironment": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.TrainingEnvironment", + "markdownDescription": "The SageMaker AI training job image URI.", + "title": "TrainingEnvironment" + }, + "TrainingMetrics": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.TrainingMetric" + }, + "markdownDescription": "The SageMaker AI training job results.", + "title": "TrainingMetrics", + "type": "array" + }, + "UserProvidedHyperParameters": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.TrainingHyperParameter" + }, + "markdownDescription": "Additional hyper parameters that you've specified when training the model.", + "title": "UserProvidedHyperParameters", + "type": "array" + }, + "UserProvidedTrainingMetrics": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.TrainingMetric" + }, + "markdownDescription": "Custom training job results.", + "title": "UserProvidedTrainingMetrics", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelCard.TrainingMetric": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the result from the SageMaker AI training job.", + "title": "Name", + "type": "string" + }, + "Notes": { + "markdownDescription": "Any additional notes describing the result of the training job.", + "title": "Notes", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of a result from the SageMaker AI training job.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "Name", + "Value" + ], + "type": "object" + }, + "AWS::SageMaker::ModelCard.UserContext": { + "additionalProperties": false, + "properties": { + "DomainId": { + "markdownDescription": "The domain associated with the user.", + "title": "DomainId", + "type": "string" + }, + "UserProfileArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the user's profile.", + "title": "UserProfileArn", + "type": "string" + }, + "UserProfileName": { + "markdownDescription": "The name of the user's profile.", + "title": "UserProfileName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelExplainabilityJobDefinition": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "EndpointName": { + "markdownDescription": "", + "title": "EndpointName", + "type": "string" + }, + "JobDefinitionName": { + "markdownDescription": "The name of the model explainability job definition. The name must be unique within an AWS Region in the AWS account.", + "title": "JobDefinitionName", + "type": "string" + }, + "JobResources": { + "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.MonitoringResources", + "markdownDescription": "Identifies the resources to deploy for a monitoring job.", + "title": "JobResources" + }, + "ModelExplainabilityAppSpecification": { + "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.ModelExplainabilityAppSpecification", + "markdownDescription": "Configures the model explainability job to run a specified Docker container image.", + "title": "ModelExplainabilityAppSpecification" + }, + "ModelExplainabilityBaselineConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.ModelExplainabilityBaselineConfig", + "markdownDescription": "The baseline configuration for a model explainability job.", + "title": "ModelExplainabilityBaselineConfig" + }, + "ModelExplainabilityJobInput": { + "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.ModelExplainabilityJobInput", + "markdownDescription": "Inputs for the model explainability job.", + "title": "ModelExplainabilityJobInput" + }, + "ModelExplainabilityJobOutputConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.MonitoringOutputConfig", + "markdownDescription": "The output configuration for monitoring jobs.", + "title": "ModelExplainabilityJobOutputConfig" + }, + "NetworkConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.NetworkConfig", + "markdownDescription": "Networking options for a model explainability job.", + "title": "NetworkConfig" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to perform tasks on your behalf.", + "title": "RoleArn", + "type": "string" + }, + "StoppingCondition": { + "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.StoppingCondition", + "markdownDescription": "A time limit for how long the monitoring job is allowed to run before stopping.", + "title": "StoppingCondition" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "JobResources", + "ModelExplainabilityAppSpecification", + "ModelExplainabilityJobInput", + "ModelExplainabilityJobOutputConfig", + "RoleArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SageMaker::ModelExplainabilityJobDefinition" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SageMaker::ModelExplainabilityJobDefinition.BatchTransformInput": { + "additionalProperties": false, + "properties": { + "DataCapturedDestinationS3Uri": { + "markdownDescription": "The Amazon S3 location being used to capture the data.", + "title": "DataCapturedDestinationS3Uri", + "type": "string" + }, + "DatasetFormat": { + "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.DatasetFormat", + "markdownDescription": "The dataset format for your batch transform job.", + "title": "DatasetFormat" + }, + "FeaturesAttribute": { + "markdownDescription": "The attributes of the input data that are the input features.", + "title": "FeaturesAttribute", + "type": "string" + }, + "InferenceAttribute": { + "markdownDescription": "The attribute of the input data that represents the ground truth label.", + "title": "InferenceAttribute", + "type": "string" + }, + "LocalPath": { + "markdownDescription": "Path to the filesystem where the batch transform data is available to the container.", + "title": "LocalPath", + "type": "string" + }, + "ProbabilityAttribute": { + "markdownDescription": "In a classification problem, the attribute that represents the class probability.", + "title": "ProbabilityAttribute", + "type": "string" + }, + "S3DataDistributionType": { + "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defaults to `FullyReplicated`", + "title": "S3DataDistributionType", + "type": "string" + }, + "S3InputMode": { + "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", + "title": "S3InputMode", + "type": "string" + } + }, + "required": [ + "DataCapturedDestinationS3Uri", + "DatasetFormat", + "LocalPath" + ], + "type": "object" + }, + "AWS::SageMaker::ModelExplainabilityJobDefinition.ClusterConfig": { + "additionalProperties": false, + "properties": { + "InstanceCount": { + "markdownDescription": "The number of ML compute instances to use in the model monitoring job. For distributed processing jobs, specify a value greater than 1. The default value is 1.", + "title": "InstanceCount", + "type": "number" + }, + "InstanceType": { + "markdownDescription": "The ML compute instance type for the processing job.", + "title": "InstanceType", + "type": "string" + }, + "VolumeKmsKeyId": { + "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance(s) that run the model monitoring job.", + "title": "VolumeKmsKeyId", + "type": "string" + }, + "VolumeSizeInGB": { + "markdownDescription": "The size of the ML storage volume, in gigabytes, that you want to provision. You must specify sufficient ML storage for your scenario.", + "title": "VolumeSizeInGB", + "type": "number" + } + }, + "required": [ + "InstanceCount", + "InstanceType", + "VolumeSizeInGB" + ], + "type": "object" + }, + "AWS::SageMaker::ModelExplainabilityJobDefinition.ConstraintsResource": { + "additionalProperties": false, + "properties": { + "S3Uri": { + "markdownDescription": "The Amazon S3 URI for the constraints resource.", + "title": "S3Uri", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelExplainabilityJobDefinition.Csv": { + "additionalProperties": false, + "properties": { + "Header": { + "markdownDescription": "", + "title": "Header", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelExplainabilityJobDefinition.DatasetFormat": { + "additionalProperties": false, + "properties": { + "Csv": { + "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.Csv", + "markdownDescription": "", + "title": "Csv" + }, + "Json": { + "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.Json", + "markdownDescription": "", + "title": "Json" + }, + "Parquet": { + "markdownDescription": "", + "title": "Parquet", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelExplainabilityJobDefinition.EndpointInput": { + "additionalProperties": false, + "properties": { + "EndpointName": { + "markdownDescription": "An endpoint in customer's account which has enabled `DataCaptureConfig` enabled.", + "title": "EndpointName", + "type": "string" + }, + "FeaturesAttribute": { + "markdownDescription": "The attributes of the input data that are the input features.", + "title": "FeaturesAttribute", + "type": "string" + }, + "InferenceAttribute": { + "markdownDescription": "The attribute of the input data that represents the ground truth label.", + "title": "InferenceAttribute", + "type": "string" + }, + "LocalPath": { + "markdownDescription": "Path to the filesystem where the endpoint data is available to the container.", + "title": "LocalPath", + "type": "string" + }, + "ProbabilityAttribute": { + "markdownDescription": "In a classification problem, the attribute that represents the class probability.", + "title": "ProbabilityAttribute", + "type": "string" + }, + "S3DataDistributionType": { + "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an Amazon S3 key. Defaults to `FullyReplicated`", + "title": "S3DataDistributionType", + "type": "string" + }, + "S3InputMode": { + "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", + "title": "S3InputMode", + "type": "string" + } + }, + "required": [ + "EndpointName", + "LocalPath" + ], + "type": "object" + }, + "AWS::SageMaker::ModelExplainabilityJobDefinition.Json": { + "additionalProperties": false, + "properties": { + "Line": { + "markdownDescription": "", + "title": "Line", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelExplainabilityJobDefinition.ModelExplainabilityAppSpecification": { + "additionalProperties": false, + "properties": { + "ConfigUri": { + "markdownDescription": "JSON formatted Amazon S3 file that defines explainability parameters. For more information on this JSON configuration file, see [Configure model explainability parameters](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-config-json-monitor-model-explainability-parameters.html) .", + "title": "ConfigUri", + "type": "string" + }, + "Environment": { + "additionalProperties": true, + "markdownDescription": "Sets the environment variables in the Docker container.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Environment", + "type": "object" + }, + "ImageUri": { + "markdownDescription": "The container image to be run by the model explainability job.", + "title": "ImageUri", + "type": "string" + } + }, + "required": [ + "ConfigUri", + "ImageUri" + ], + "type": "object" + }, + "AWS::SageMaker::ModelExplainabilityJobDefinition.ModelExplainabilityBaselineConfig": { + "additionalProperties": false, + "properties": { + "BaseliningJobName": { + "markdownDescription": "The name of the baseline model explainability job.", + "title": "BaseliningJobName", + "type": "string" + }, + "ConstraintsResource": { + "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.ConstraintsResource", + "markdownDescription": "The constraints resource for a model explainability job.", + "title": "ConstraintsResource" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelExplainabilityJobDefinition.ModelExplainabilityJobInput": { + "additionalProperties": false, + "properties": { + "BatchTransformInput": { + "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.BatchTransformInput", + "markdownDescription": "Input object for the batch transform job.", + "title": "BatchTransformInput" + }, + "EndpointInput": { + "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.EndpointInput", + "markdownDescription": "Input object for the endpoint", + "title": "EndpointInput" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelExplainabilityJobDefinition.MonitoringOutput": { + "additionalProperties": false, + "properties": { + "S3Output": { + "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.S3Output", + "markdownDescription": "The Amazon S3 storage location where the results of a monitoring job are saved.", + "title": "S3Output" + } + }, + "required": [ + "S3Output" + ], + "type": "object" + }, + "AWS::SageMaker::ModelExplainabilityJobDefinition.MonitoringOutputConfig": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "markdownDescription": "The AWS Key Management Service ( AWS KMS ) key that Amazon SageMaker AI uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption.", + "title": "KmsKeyId", + "type": "string" + }, + "MonitoringOutputs": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.MonitoringOutput" + }, + "markdownDescription": "Monitoring outputs for monitoring jobs. This is where the output of the periodic monitoring jobs is uploaded.", + "title": "MonitoringOutputs", + "type": "array" + } + }, + "required": [ + "MonitoringOutputs" + ], + "type": "object" + }, + "AWS::SageMaker::ModelExplainabilityJobDefinition.MonitoringResources": { + "additionalProperties": false, + "properties": { + "ClusterConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.ClusterConfig", + "markdownDescription": "The configuration for the cluster resources used to run the processing job.", + "title": "ClusterConfig" + } + }, + "required": [ + "ClusterConfig" + ], + "type": "object" + }, + "AWS::SageMaker::ModelExplainabilityJobDefinition.NetworkConfig": { + "additionalProperties": false, + "properties": { + "EnableInterContainerTrafficEncryption": { + "markdownDescription": "Whether to encrypt all communications between distributed processing jobs. Choose `True` to encrypt communications. Encryption provides greater security for distributed processing jobs, but the processing might take longer.", + "title": "EnableInterContainerTrafficEncryption", + "type": "boolean" + }, + "EnableNetworkIsolation": { + "markdownDescription": "Whether to allow inbound and outbound network calls to and from the containers used for the processing job.", + "title": "EnableNetworkIsolation", + "type": "boolean" + }, + "VpcConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.VpcConfig", + "markdownDescription": "Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC.", + "title": "VpcConfig" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelExplainabilityJobDefinition.S3Output": { + "additionalProperties": false, + "properties": { + "LocalPath": { + "markdownDescription": "The local path to the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job. LocalPath is an absolute path for the output data.", + "title": "LocalPath", + "type": "string" + }, + "S3UploadMode": { + "markdownDescription": "Whether to upload the results of the monitoring job continuously or after the job completes.", + "title": "S3UploadMode", + "type": "string" + }, + "S3Uri": { + "markdownDescription": "A URI that identifies the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job.", + "title": "S3Uri", + "type": "string" + } + }, + "required": [ + "LocalPath", + "S3Uri" + ], + "type": "object" + }, + "AWS::SageMaker::ModelExplainabilityJobDefinition.StoppingCondition": { + "additionalProperties": false, + "properties": { + "MaxRuntimeInSeconds": { + "markdownDescription": "The maximum length of time, in seconds, that a training or compilation job can run before it is stopped.\n\nFor compilation jobs, if the job does not complete during this time, a `TimeOut` error is generated. We recommend starting with 900 seconds and increasing as necessary based on your model.\n\nFor all other jobs, if the job does not complete during this time, SageMaker ends the job. When `RetryStrategy` is specified in the job request, `MaxRuntimeInSeconds` specifies the maximum time for all of the attempts in total, not each individual attempt. The default value is 1 day. The maximum value is 28 days.\n\nThe maximum time that a `TrainingJob` can run in total, including any time spent publishing metrics or archiving and uploading models after it has been stopped, is 30 days.", + "title": "MaxRuntimeInSeconds", + "type": "number" + } + }, + "required": [ + "MaxRuntimeInSeconds" + ], + "type": "object" + }, + "AWS::SageMaker::ModelExplainabilityJobDefinition.VpcConfig": { + "additionalProperties": false, + "properties": { + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The VPC security group IDs, in the form `sg-xxxxxxxx` . Specify the security groups for the VPC that is specified in the `Subnets` field.", + "title": "SecurityGroupIds", + "type": "array" + }, + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The ID of the subnets in the VPC to which you want to connect your training job or model. For information about the availability of specific instance types, see [Supported Instance Types and Availability Zones](https://docs.aws.amazon.com/sagemaker/latest/dg/instance-types-az.html) .", + "title": "Subnets", + "type": "array" + } + }, + "required": [ + "SecurityGroupIds", + "Subnets" + ], + "type": "object" + }, + "AWS::SageMaker::ModelPackage": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AdditionalInferenceSpecifications": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.AdditionalInferenceSpecificationDefinition" + }, + "markdownDescription": "An array of additional Inference Specification objects.", + "title": "AdditionalInferenceSpecifications", + "type": "array" + }, + "AdditionalInferenceSpecificationsToAdd": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.AdditionalInferenceSpecificationDefinition" + }, + "markdownDescription": "An array of additional Inference Specification objects to be added to the existing array. The total number of additional Inference Specification objects cannot exceed 15. Each additional Inference Specification object specifies artifacts based on this model package that can be used on inference endpoints. Generally used with SageMaker Neo to store the compiled artifacts.", + "title": "AdditionalInferenceSpecificationsToAdd", + "type": "array" + }, + "ApprovalDescription": { + "markdownDescription": "A description provided when the model approval is set.", + "title": "ApprovalDescription", + "type": "string" + }, + "CertifyForMarketplace": { + "markdownDescription": "Whether the model package is to be certified to be listed on AWS Marketplace. For information about listing model packages on AWS Marketplace, see [List Your Algorithm or Model Package on AWS Marketplace](https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-mkt-list.html) .", + "title": "CertifyForMarketplace", + "type": "boolean" + }, + "ClientToken": { + "markdownDescription": "A unique token that guarantees that the call to this API is idempotent.", + "title": "ClientToken", + "type": "string" + }, + "CustomerMetadataProperties": { + "additionalProperties": true, + "markdownDescription": "The metadata properties for the model package.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "CustomerMetadataProperties", + "type": "object" + }, + "Domain": { + "markdownDescription": "The machine learning domain of your model package and its components. Common machine learning domains include computer vision and natural language processing.", + "title": "Domain", + "type": "string" + }, + "DriftCheckBaselines": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.DriftCheckBaselines", + "markdownDescription": "Represents the drift check baselines that can be used when the model monitor is set using the model package.", + "title": "DriftCheckBaselines" + }, + "InferenceSpecification": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.InferenceSpecification", + "markdownDescription": "Defines how to perform inference generation after a training job is run.", + "title": "InferenceSpecification" + }, + "LastModifiedTime": { + "markdownDescription": "The last time the model package was modified.", + "title": "LastModifiedTime", + "type": "string" + }, + "MetadataProperties": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetadataProperties", + "markdownDescription": "Metadata properties of the tracking entity, trial, or trial component.", + "title": "MetadataProperties" + }, + "ModelApprovalStatus": { + "markdownDescription": "The approval status of the model. This can be one of the following values.\n\n- `APPROVED` - The model is approved\n- `REJECTED` - The model is rejected.\n- `PENDING_MANUAL_APPROVAL` - The model is waiting for manual approval.", + "title": "ModelApprovalStatus", + "type": "string" + }, + "ModelCard": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelCard", + "markdownDescription": "An Amazon SageMaker Model Card.", + "title": "ModelCard" + }, + "ModelMetrics": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelMetrics", + "markdownDescription": "Metrics for the model.", + "title": "ModelMetrics" + }, + "ModelPackageDescription": { + "markdownDescription": "The description of the model package.", + "title": "ModelPackageDescription", + "type": "string" + }, + "ModelPackageGroupName": { + "markdownDescription": "The model group to which the model belongs.", + "title": "ModelPackageGroupName", + "type": "string" + }, + "ModelPackageName": { + "markdownDescription": "The name of the model package. The name can be as follows:\n\n- For a versioned model, the name is automatically generated by SageMaker Model Registry and follows the format ' `ModelPackageGroupName/ModelPackageVersion` '.\n- For an unversioned model, you must provide the name.", + "title": "ModelPackageName", + "type": "string" + }, + "ModelPackageStatusDetails": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelPackageStatusDetails", + "markdownDescription": "Specifies the validation and image scan statuses of the model package.", + "title": "ModelPackageStatusDetails" + }, + "ModelPackageVersion": { + "markdownDescription": "The version number of a versioned model.", + "title": "ModelPackageVersion", + "type": "number" + }, + "SamplePayloadUrl": { + "markdownDescription": "The Amazon Simple Storage Service path where the sample payload are stored. This path must point to a single gzip compressed tar archive (.tar.gz suffix).", + "title": "SamplePayloadUrl", + "type": "string" + }, + "SecurityConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.SecurityConfig", + "markdownDescription": "", + "title": "SecurityConfig" + }, + "SkipModelValidation": { + "markdownDescription": "Indicates if you want to skip model validation.", + "title": "SkipModelValidation", + "type": "string" + }, + "SourceAlgorithmSpecification": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.SourceAlgorithmSpecification", + "markdownDescription": "A list of algorithms that were used to create a model package.", + "title": "SourceAlgorithmSpecification" + }, + "SourceUri": { + "markdownDescription": "The URI of the source for the model package.", + "title": "SourceUri", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of the tags associated with the model package. For more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference Guide* .", + "title": "Tags", + "type": "array" + }, + "Task": { + "markdownDescription": "The machine learning task your model package accomplishes. Common machine learning tasks include object detection and image classification.", + "title": "Task", + "type": "string" + }, + "ValidationSpecification": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ValidationSpecification", + "markdownDescription": "Specifies batch transform jobs that SageMaker runs to validate your model package.", + "title": "ValidationSpecification" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SageMaker::ModelPackage" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::SageMaker::ModelPackage.AdditionalInferenceSpecificationDefinition": { + "additionalProperties": false, + "properties": { + "Containers": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelPackageContainerDefinition" + }, + "markdownDescription": "The Amazon ECR registry path of the Docker image that contains the inference code.", + "title": "Containers", + "type": "array" + }, + "Description": { + "markdownDescription": "A description of the additional Inference specification", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "A unique name to identify the additional inference specification. The name must be unique within the list of your additional inference specifications for a particular model package.", + "title": "Name", + "type": "string" + }, + "SupportedContentTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The supported MIME types for the input data.", + "title": "SupportedContentTypes", + "type": "array" + }, + "SupportedRealtimeInferenceInstanceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the instance types that are used to generate inferences in real-time.", + "title": "SupportedRealtimeInferenceInstanceTypes", + "type": "array" + }, + "SupportedResponseMIMETypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The supported MIME types for the output data.", + "title": "SupportedResponseMIMETypes", + "type": "array" + }, + "SupportedTransformInstanceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the instance types on which a transformation job can be run or on which an endpoint can be deployed.", + "title": "SupportedTransformInstanceTypes", + "type": "array" + } + }, + "required": [ + "Containers", + "Name" + ], + "type": "object" + }, + "AWS::SageMaker::ModelPackage.Bias": { + "additionalProperties": false, + "properties": { + "PostTrainingReport": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", + "markdownDescription": "The post-training bias report for a model.", + "title": "PostTrainingReport" + }, + "PreTrainingReport": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", + "markdownDescription": "The pre-training bias report for a model.", + "title": "PreTrainingReport" + }, + "Report": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", + "markdownDescription": "The bias report for a model", + "title": "Report" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelPackage.DataSource": { + "additionalProperties": false, + "properties": { + "S3DataSource": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.S3DataSource", + "markdownDescription": "The S3 location of the data source that is associated with a channel.", + "title": "S3DataSource" + } + }, + "required": [ + "S3DataSource" + ], + "type": "object" + }, + "AWS::SageMaker::ModelPackage.DriftCheckBaselines": { + "additionalProperties": false, + "properties": { + "Bias": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.DriftCheckBias", + "markdownDescription": "Represents the drift check bias baselines that can be used when the model monitor is set using the model package.", + "title": "Bias" + }, + "Explainability": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.DriftCheckExplainability", + "markdownDescription": "Represents the drift check explainability baselines that can be used when the model monitor is set using the model package.", + "title": "Explainability" + }, + "ModelDataQuality": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.DriftCheckModelDataQuality", + "markdownDescription": "Represents the drift check model data quality baselines that can be used when the model monitor is set using the model package.", + "title": "ModelDataQuality" + }, + "ModelQuality": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.DriftCheckModelQuality", + "markdownDescription": "Represents the drift check model quality baselines that can be used when the model monitor is set using the model package.", + "title": "ModelQuality" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelPackage.DriftCheckBias": { + "additionalProperties": false, + "properties": { + "ConfigFile": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.FileSource", + "markdownDescription": "The bias config file for a model.", + "title": "ConfigFile" + }, + "PostTrainingConstraints": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", + "markdownDescription": "The post-training constraints.", + "title": "PostTrainingConstraints" + }, + "PreTrainingConstraints": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", + "markdownDescription": "The pre-training constraints.", + "title": "PreTrainingConstraints" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelPackage.DriftCheckExplainability": { + "additionalProperties": false, + "properties": { + "ConfigFile": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.FileSource", + "markdownDescription": "The explainability config file for the model.", + "title": "ConfigFile" + }, + "Constraints": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", + "markdownDescription": "The drift check explainability constraints.", + "title": "Constraints" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelPackage.DriftCheckModelDataQuality": { + "additionalProperties": false, + "properties": { + "Constraints": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", + "markdownDescription": "The drift check model data quality constraints.", + "title": "Constraints" + }, + "Statistics": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", + "markdownDescription": "The drift check model data quality statistics.", + "title": "Statistics" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelPackage.DriftCheckModelQuality": { + "additionalProperties": false, + "properties": { + "Constraints": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", + "markdownDescription": "The drift check model quality constraints.", + "title": "Constraints" + }, + "Statistics": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", + "markdownDescription": "The drift check model quality statistics.", + "title": "Statistics" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelPackage.Explainability": { + "additionalProperties": false, + "properties": { + "Report": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", + "markdownDescription": "The explainability report for a model.", + "title": "Report" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelPackage.FileSource": { + "additionalProperties": false, + "properties": { + "ContentDigest": { + "markdownDescription": "The digest of the file source.", + "title": "ContentDigest", + "type": "string" + }, + "ContentType": { + "markdownDescription": "The type of content stored in the file source.", + "title": "ContentType", + "type": "string" + }, + "S3Uri": { + "markdownDescription": "The Amazon S3 URI for the file source.", + "title": "S3Uri", + "type": "string" + } + }, + "required": [ + "S3Uri" + ], + "type": "object" + }, + "AWS::SageMaker::ModelPackage.InferenceSpecification": { + "additionalProperties": false, + "properties": { + "Containers": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelPackageContainerDefinition" + }, + "markdownDescription": "The Amazon ECR registry path of the Docker image that contains the inference code.", + "title": "Containers", + "type": "array" + }, + "SupportedContentTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The supported MIME types for the input data.", + "title": "SupportedContentTypes", + "type": "array" + }, + "SupportedRealtimeInferenceInstanceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the instance types that are used to generate inferences in real-time.\n\nThis parameter is required for unversioned models, and optional for versioned models.", + "title": "SupportedRealtimeInferenceInstanceTypes", + "type": "array" + }, + "SupportedResponseMIMETypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The supported MIME types for the output data.", + "title": "SupportedResponseMIMETypes", + "type": "array" + }, + "SupportedTransformInstanceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the instance types on which a transformation job can be run or on which an endpoint can be deployed.\n\nThis parameter is required for unversioned models, and optional for versioned models.", + "title": "SupportedTransformInstanceTypes", + "type": "array" + } + }, + "required": [ + "Containers", + "SupportedContentTypes", + "SupportedResponseMIMETypes" + ], + "type": "object" + }, + "AWS::SageMaker::ModelPackage.MetadataProperties": { + "additionalProperties": false, + "properties": { + "CommitId": { + "markdownDescription": "The commit ID.", + "title": "CommitId", + "type": "string" + }, + "GeneratedBy": { + "markdownDescription": "The entity this entity was generated by.", + "title": "GeneratedBy", + "type": "string" + }, + "ProjectId": { + "markdownDescription": "The project ID.", + "title": "ProjectId", + "type": "string" + }, + "Repository": { + "markdownDescription": "The repository.", + "title": "Repository", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelPackage.MetricsSource": { + "additionalProperties": false, + "properties": { + "ContentDigest": { + "markdownDescription": "The hash key used for the metrics source.", + "title": "ContentDigest", + "type": "string" + }, + "ContentType": { + "markdownDescription": "The metric source content type.", + "title": "ContentType", + "type": "string" + }, + "S3Uri": { + "markdownDescription": "The S3 URI for the metrics source.", + "title": "S3Uri", + "type": "string" + } + }, + "required": [ + "ContentType", + "S3Uri" + ], + "type": "object" + }, + "AWS::SageMaker::ModelPackage.ModelAccessConfig": { + "additionalProperties": false, + "properties": { + "AcceptEula": { + "markdownDescription": "Specifies agreement to the model end-user license agreement (EULA). The `AcceptEula` value must be explicitly defined as `True` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.", + "title": "AcceptEula", + "type": "boolean" + } + }, + "required": [ + "AcceptEula" + ], + "type": "object" + }, + "AWS::SageMaker::ModelPackage.ModelCard": { + "additionalProperties": false, + "properties": { + "ModelCardContent": { + "markdownDescription": "", + "title": "ModelCardContent", + "type": "string" + }, + "ModelCardStatus": { + "markdownDescription": "The approval status of the model card within your organization. Different organizations might have different criteria for model card review and approval.\n\n- `Draft` : The model card is a work in progress.\n- `PendingReview` : The model card is pending review.\n- `Approved` : The model card is approved.\n- `Archived` : The model card is archived. No more updates should be made to the model card, but it can still be exported.", + "title": "ModelCardStatus", + "type": "string" + } + }, + "required": [ + "ModelCardContent", + "ModelCardStatus" + ], + "type": "object" + }, + "AWS::SageMaker::ModelPackage.ModelDataQuality": { + "additionalProperties": false, + "properties": { + "Constraints": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", + "markdownDescription": "Data quality constraints for a model.", + "title": "Constraints" + }, + "Statistics": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", + "markdownDescription": "Data quality statistics for a model.", + "title": "Statistics" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelPackage.ModelDataSource": { + "additionalProperties": false, + "properties": { + "S3DataSource": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.S3ModelDataSource", + "markdownDescription": "Specifies the S3 location of ML model data to deploy.", + "title": "S3DataSource" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelPackage.ModelInput": { + "additionalProperties": false, + "properties": { + "DataInputConfig": { + "markdownDescription": "The input configuration object for the model.", + "title": "DataInputConfig", + "type": "string" + } + }, + "required": [ + "DataInputConfig" + ], + "type": "object" + }, + "AWS::SageMaker::ModelPackage.ModelMetrics": { + "additionalProperties": false, + "properties": { + "Bias": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.Bias", + "markdownDescription": "Metrics that measure bias in a model.", + "title": "Bias" + }, + "Explainability": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.Explainability", + "markdownDescription": "Metrics that help explain a model.", + "title": "Explainability" + }, + "ModelDataQuality": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelDataQuality", + "markdownDescription": "Metrics that measure the quality of the input data for a model.", + "title": "ModelDataQuality" + }, + "ModelQuality": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelQuality", + "markdownDescription": "Metrics that measure the quality of a model.", + "title": "ModelQuality" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelPackage.ModelPackageContainerDefinition": { + "additionalProperties": false, + "properties": { + "ContainerHostname": { + "markdownDescription": "The DNS host name for the Docker container.", + "title": "ContainerHostname", + "type": "string" + }, + "Environment": { + "additionalProperties": true, + "markdownDescription": "The environment variables to set in the Docker container. Each key and value in the `Environment` string to string map can have length of up to 1024. We support up to 16 entries in the map.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Environment", + "type": "object" + }, + "Framework": { + "markdownDescription": "The machine learning framework of the model package container image.", + "title": "Framework", + "type": "string" + }, + "FrameworkVersion": { + "markdownDescription": "The framework version of the Model Package Container Image.", + "title": "FrameworkVersion", + "type": "string" + }, + "Image": { + "markdownDescription": "The Amazon Elastic Container Registry (Amazon ECR) path where inference code is stored.\n\nIf you are using your own custom algorithm instead of an algorithm provided by SageMaker, the inference code must meet SageMaker requirements. SageMaker supports both `registry/repository[:tag]` and `registry/repository[@digest]` image path formats. For more information, see [Using Your Own Algorithms with Amazon SageMaker](https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms.html) .", + "title": "Image", + "type": "string" + }, + "ImageDigest": { + "markdownDescription": "An MD5 hash of the training algorithm that identifies the Docker image used for training.", + "title": "ImageDigest", + "type": "string" + }, + "ModelDataSource": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelDataSource", + "markdownDescription": "Specifies the location of ML model data to deploy during endpoint creation.", + "title": "ModelDataSource" + }, + "ModelDataUrl": { + "markdownDescription": "The Amazon S3 path where the model artifacts, which result from model training, are stored. This path must point to a single `gzip` compressed tar archive ( `.tar.gz` suffix).\n\n> The model artifacts must be in an S3 bucket that is in the same region as the model package.", + "title": "ModelDataUrl", + "type": "string" + }, + "ModelInput": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelInput", + "markdownDescription": "A structure with Model Input details.", + "title": "ModelInput" + }, + "NearestModelName": { + "markdownDescription": "The name of a pre-trained machine learning benchmarked by Amazon SageMaker Inference Recommender model that matches your model. You can find a list of benchmarked models by calling `ListModelMetadata` .", + "title": "NearestModelName", + "type": "string" + } + }, + "required": [ + "Image" + ], + "type": "object" + }, + "AWS::SageMaker::ModelPackage.ModelPackageStatusDetails": { + "additionalProperties": false, + "properties": { + "ValidationStatuses": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelPackageStatusItem" + }, + "markdownDescription": "The validation status of the model package.", + "title": "ValidationStatuses", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelPackage.ModelPackageStatusItem": { + "additionalProperties": false, + "properties": { + "FailureReason": { + "markdownDescription": "if the overall status is `Failed` , the reason for the failure.", + "title": "FailureReason", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the model package for which the overall status is being reported.", + "title": "Name", + "type": "string" + }, + "Status": { + "markdownDescription": "The current status.", + "title": "Status", + "type": "string" + } + }, + "required": [ + "Name", + "Status" + ], + "type": "object" + }, + "AWS::SageMaker::ModelPackage.ModelQuality": { + "additionalProperties": false, + "properties": { + "Constraints": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", + "markdownDescription": "Model quality constraints.", + "title": "Constraints" + }, + "Statistics": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", + "markdownDescription": "Model quality statistics.", + "title": "Statistics" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelPackage.S3DataSource": { + "additionalProperties": false, + "properties": { + "S3DataType": { + "markdownDescription": "If you choose `S3Prefix` , `S3Uri` identifies a key name prefix. SageMaker uses all objects that match the specified key name prefix for model training.\n\nIf you choose `ManifestFile` , `S3Uri` identifies an object that is a manifest file containing a list of object keys that you want SageMaker to use for model training.\n\nIf you choose `AugmentedManifestFile` , `S3Uri` identifies an object that is an augmented manifest file in JSON lines format. This file contains the data you want to use for model training. `AugmentedManifestFile` can only be used if the Channel's input mode is `Pipe` .\n\nIf you choose `Converse` , `S3Uri` identifies an Amazon S3 location that contains data formatted according to Converse format. This format structures conversational messages with specific roles and content types used for training and fine-tuning foundational models.", + "title": "S3DataType", + "type": "string" + }, + "S3Uri": { + "markdownDescription": "Depending on the value specified for the `S3DataType` , identifies either a key name prefix or a manifest. For example:\n\n- A key name prefix might look like this: `s3://bucketname/exampleprefix/`\n- A manifest might look like this: `s3://bucketname/example.manifest`\n\nA manifest is an S3 object which is a JSON file consisting of an array of elements. The first element is a prefix which is followed by one or more suffixes. SageMaker appends the suffix elements to the prefix to get a full set of `S3Uri` . Note that the prefix must be a valid non-empty `S3Uri` that precludes users from specifying a manifest whose individual `S3Uri` is sourced from different S3 buckets.\n\nThe following code example shows a valid manifest format:\n\n`[ {\"prefix\": \"s3://customer_bucket/some/prefix/\"},`\n\n`\"relative/path/to/custdata-1\",`\n\n`\"relative/path/custdata-2\",`\n\n`...`\n\n`\"relative/path/custdata-N\"`\n\n`]`\n\nThis JSON is equivalent to the following `S3Uri` list:\n\n`s3://customer_bucket/some/prefix/relative/path/to/custdata-1`\n\n`s3://customer_bucket/some/prefix/relative/path/custdata-2`\n\n`...`\n\n`s3://customer_bucket/some/prefix/relative/path/custdata-N`\n\nThe complete set of `S3Uri` in this manifest is the input data for the channel for this data source. The object that each `S3Uri` points to must be readable by the IAM role that SageMaker uses to perform tasks on your behalf.\n\nYour input bucket must be located in same AWS region as your training job.", + "title": "S3Uri", + "type": "string" + } + }, + "required": [ + "S3DataType", + "S3Uri" + ], + "type": "object" + }, + "AWS::SageMaker::ModelPackage.S3ModelDataSource": { + "additionalProperties": false, + "properties": { + "CompressionType": { + "markdownDescription": "Specifies how the ML model data is prepared.\n\nIf you choose `Gzip` and choose `S3Object` as the value of `S3DataType` , `S3Uri` identifies an object that is a gzip-compressed TAR archive. SageMaker will attempt to decompress and untar the object during model deployment.\n\nIf you choose `None` and chooose `S3Object` as the value of `S3DataType` , `S3Uri` identifies an object that represents an uncompressed ML model to deploy.\n\nIf you choose None and choose `S3Prefix` as the value of `S3DataType` , `S3Uri` identifies a key name prefix, under which all objects represents the uncompressed ML model to deploy.\n\nIf you choose None, then SageMaker will follow rules below when creating model data files under /opt/ml/model directory for use by your inference code:\n\n- If you choose `S3Object` as the value of `S3DataType` , then SageMaker will split the key of the S3 object referenced by `S3Uri` by slash (/), and use the last part as the filename of the file holding the content of the S3 object.\n- If you choose `S3Prefix` as the value of `S3DataType` , then for each S3 object under the key name pefix referenced by `S3Uri` , SageMaker will trim its key by the prefix, and use the remainder as the path (relative to `/opt/ml/model` ) of the file holding the content of the S3 object. SageMaker will split the remainder by slash (/), using intermediate parts as directory names and the last part as filename of the file holding the content of the S3 object.\n- Do not use any of the following as file names or directory names:\n\n- An empty or blank string\n- A string which contains null bytes\n- A string longer than 255 bytes\n- A single dot ( `.` )\n- A double dot ( `..` )\n- Ambiguous file names will result in model deployment failure. For example, if your uncompressed ML model consists of two S3 objects `s3://mybucket/model/weights` and `s3://mybucket/model/weights/part1` and you specify `s3://mybucket/model/` as the value of `S3Uri` and `S3Prefix` as the value of `S3DataType` , then it will result in name clash between `/opt/ml/model/weights` (a regular file) and `/opt/ml/model/weights/` (a directory).\n- Do not organize the model artifacts in [S3 console using folders](https://docs.aws.amazon.com//AmazonS3/latest/userguide/using-folders.html) . When you create a folder in S3 console, S3 creates a 0-byte object with a key set to the folder name you provide. They key of the 0-byte object ends with a slash (/) which violates SageMaker restrictions on model artifact file names, leading to model deployment failure.", + "title": "CompressionType", + "type": "string" + }, + "ModelAccessConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelAccessConfig", + "markdownDescription": "Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the `ModelAccessConfig` . You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.", + "title": "ModelAccessConfig" + }, + "S3DataType": { + "markdownDescription": "Specifies the type of ML model data to deploy.\n\nIf you choose `S3Prefix` , `S3Uri` identifies a key name prefix. SageMaker uses all objects that match the specified key name prefix as part of the ML model data to deploy. A valid key name prefix identified by `S3Uri` always ends with a forward slash (/).\n\nIf you choose `S3Object` , `S3Uri` identifies an object that is the ML model data to deploy.", + "title": "S3DataType", + "type": "string" + }, + "S3Uri": { + "markdownDescription": "Specifies the S3 path of ML model data to deploy.", + "title": "S3Uri", + "type": "string" + } + }, + "required": [ + "CompressionType", + "S3DataType", + "S3Uri" + ], + "type": "object" + }, + "AWS::SageMaker::ModelPackage.SecurityConfig": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "markdownDescription": "", + "title": "KmsKeyId", + "type": "string" + } + }, + "required": [ + "KmsKeyId" + ], + "type": "object" + }, + "AWS::SageMaker::ModelPackage.SourceAlgorithm": { + "additionalProperties": false, + "properties": { + "AlgorithmName": { + "markdownDescription": "The name of an algorithm that was used to create the model package. The algorithm must be either an algorithm resource in your SageMaker account or an algorithm in AWS Marketplace that you are subscribed to.", + "title": "AlgorithmName", + "type": "string" + }, + "ModelDataUrl": { + "markdownDescription": "The Amazon S3 path where the model artifacts, which result from model training, are stored. This path must point to a single `gzip` compressed tar archive ( `.tar.gz` suffix).\n\n> The model artifacts must be in an S3 bucket that is in the same AWS region as the algorithm.", + "title": "ModelDataUrl", + "type": "string" + } + }, + "required": [ + "AlgorithmName" + ], + "type": "object" + }, + "AWS::SageMaker::ModelPackage.SourceAlgorithmSpecification": { + "additionalProperties": false, + "properties": { + "SourceAlgorithms": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.SourceAlgorithm" + }, + "markdownDescription": "A list of the algorithms that were used to create a model package.", + "title": "SourceAlgorithms", + "type": "array" + } + }, + "required": [ + "SourceAlgorithms" + ], + "type": "object" + }, + "AWS::SageMaker::ModelPackage.TransformInput": { + "additionalProperties": false, + "properties": { + "CompressionType": { + "markdownDescription": "If your transform data is compressed, specify the compression type. Amazon SageMaker automatically decompresses the data for the transform job accordingly. The default value is `None` .", + "title": "CompressionType", + "type": "string" + }, + "ContentType": { + "markdownDescription": "The multipurpose internet mail extension (MIME) type of the data. Amazon SageMaker uses the MIME type with each http call to transfer data to the transform job.", + "title": "ContentType", + "type": "string" + }, + "DataSource": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.DataSource", + "markdownDescription": "Describes the location of the channel data, which is, the S3 location of the input data that the model can consume.", + "title": "DataSource" + }, + "SplitType": { + "markdownDescription": "The method to use to split the transform job's data files into smaller batches. Splitting is necessary when the total size of each object is too large to fit in a single request. You can also use data splitting to improve performance by processing multiple concurrent mini-batches. The default value for `SplitType` is `None` , which indicates that input data files are not split, and request payloads contain the entire contents of an input object. Set the value of this parameter to `Line` to split records on a newline character boundary. `SplitType` also supports a number of record-oriented binary data formats. Currently, the supported record formats are:\n\n- RecordIO\n- TFRecord\n\nWhen splitting is enabled, the size of a mini-batch depends on the values of the `BatchStrategy` and `MaxPayloadInMB` parameters. When the value of `BatchStrategy` is `MultiRecord` , Amazon SageMaker sends the maximum number of records in each request, up to the `MaxPayloadInMB` limit. If the value of `BatchStrategy` is `SingleRecord` , Amazon SageMaker sends individual records in each request.\n\n> Some data formats represent a record as a binary payload wrapped with extra padding bytes. When splitting is applied to a binary data format, padding is removed if the value of `BatchStrategy` is set to `SingleRecord` . Padding is not removed if the value of `BatchStrategy` is set to `MultiRecord` .\n> \n> For more information about `RecordIO` , see [Create a Dataset Using RecordIO](https://docs.aws.amazon.com/https://mxnet.apache.org/api/faq/recordio) in the MXNet documentation. For more information about `TFRecord` , see [Consuming TFRecord data](https://docs.aws.amazon.com/https://www.tensorflow.org/guide/data#consuming_tfrecord_data) in the TensorFlow documentation.", + "title": "SplitType", + "type": "string" + } + }, + "required": [ + "DataSource" + ], + "type": "object" + }, + "AWS::SageMaker::ModelPackage.TransformJobDefinition": { + "additionalProperties": false, + "properties": { + "BatchStrategy": { + "markdownDescription": "A string that determines the number of records included in a single mini-batch.\n\n`SingleRecord` means only one record is used per mini-batch. `MultiRecord` means a mini-batch is set to contain as many records that can fit within the `MaxPayloadInMB` limit.", + "title": "BatchStrategy", + "type": "string" + }, + "Environment": { + "additionalProperties": true, + "markdownDescription": "The environment variables to set in the Docker container. We support up to 16 key and values entries in the map.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Environment", + "type": "object" + }, + "MaxConcurrentTransforms": { + "markdownDescription": "The maximum number of parallel requests that can be sent to each instance in a transform job. The default value is 1.", + "title": "MaxConcurrentTransforms", + "type": "number" + }, + "MaxPayloadInMB": { + "markdownDescription": "The maximum payload size allowed, in MB. A payload is the data portion of a record (without metadata).", + "title": "MaxPayloadInMB", + "type": "number" + }, + "TransformInput": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.TransformInput", + "markdownDescription": "A description of the input source and the way the transform job consumes it.", + "title": "TransformInput" + }, + "TransformOutput": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.TransformOutput", + "markdownDescription": "Identifies the Amazon S3 location where you want Amazon SageMaker to save the results from the transform job.", + "title": "TransformOutput" + }, + "TransformResources": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.TransformResources", + "markdownDescription": "Identifies the ML compute instances for the transform job.", + "title": "TransformResources" + } + }, + "required": [ + "TransformInput", + "TransformOutput", + "TransformResources" + ], + "type": "object" + }, + "AWS::SageMaker::ModelPackage.TransformOutput": { + "additionalProperties": false, + "properties": { + "Accept": { + "markdownDescription": "The MIME type used to specify the output data. Amazon SageMaker uses the MIME type with each http call to transfer data from the transform job.", + "title": "Accept", + "type": "string" + }, + "AssembleWith": { + "markdownDescription": "Defines how to assemble the results of the transform job as a single S3 object. Choose a format that is most convenient to you. To concatenate the results in binary format, specify `None` . To add a newline character at the end of every transformed record, specify `Line` .", + "title": "AssembleWith", + "type": "string" + }, + "KmsKeyId": { + "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption. The `KmsKeyId` can be any of the following formats:\n\n- Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key ARN: `arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n- Alias name: `alias/ExampleAlias`\n- Alias name ARN: `arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias`\n\nIf you don't provide a KMS key ID, Amazon SageMaker uses the default KMS key for Amazon S3 for your role's account. For more information, see [KMS-Managed Encryption Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingKMSEncryption.html) in the *Amazon Simple Storage Service Developer Guide.*\n\nThe KMS key policy must grant permission to the IAM role that you specify in your [CreateModel](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateModel.html) request. For more information, see [Using Key Policies in AWS KMS](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html) in the *AWS Key Management Service Developer Guide* .", + "title": "KmsKeyId", + "type": "string" + }, + "S3OutputPath": { + "markdownDescription": "The Amazon S3 path where you want Amazon SageMaker to store the results of the transform job. For example, `s3://bucket-name/key-name-prefix` .\n\nFor every S3 object used as input for the transform job, batch transform stores the transformed data with an . `out` suffix in a corresponding subfolder in the location in the output prefix. For example, for the input data stored at `s3://bucket-name/input-name-prefix/dataset01/data.csv` , batch transform stores the transformed data at `s3://bucket-name/output-name-prefix/input-name-prefix/data.csv.out` . Batch transform doesn't upload partially processed objects. For an input S3 object that contains multiple records, it creates an . `out` file only if the transform job succeeds on the entire file. When the input contains multiple S3 objects, the batch transform job processes the listed S3 objects and uploads only the output for successfully processed objects. If any object fails in the transform job batch transform marks the job as failed to prompt investigation.", + "title": "S3OutputPath", + "type": "string" + } + }, + "required": [ + "S3OutputPath" + ], + "type": "object" + }, + "AWS::SageMaker::ModelPackage.TransformResources": { + "additionalProperties": false, + "properties": { + "InstanceCount": { + "markdownDescription": "The number of ML compute instances to use in the transform job. The default value is `1` , and the maximum is `100` . For distributed transform jobs, specify a value greater than `1` .", + "title": "InstanceCount", + "type": "number" + }, + "InstanceType": { + "markdownDescription": "The ML compute instance type for the transform job. If you are using built-in algorithms to transform moderately sized datasets, we recommend using ml.m4.xlarge or `ml.m5.large` instance types.", + "title": "InstanceType", + "type": "string" + }, + "VolumeKmsKeyId": { + "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt model data on the storage volume attached to the ML compute instance(s) that run the batch transform job.\n\n> Certain Nitro-based instances include local storage, dependent on the instance type. Local storage volumes are encrypted using a hardware module on the instance. You can't request a `VolumeKmsKeyId` when using an instance type with local storage.\n> \n> For a list of instance types that support local instance storage, see [Instance Store Volumes](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html#instance-store-volumes) .\n> \n> For more information about local instance storage encryption, see [SSD Instance Store Volumes](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ssd-instance-store.html) . \n\nThe `VolumeKmsKeyId` can be any of the following formats:\n\n- Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key ARN: `arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n- Alias name: `alias/ExampleAlias`\n- Alias name ARN: `arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias`", + "title": "VolumeKmsKeyId", + "type": "string" + } + }, + "required": [ + "InstanceCount", + "InstanceType" + ], + "type": "object" + }, + "AWS::SageMaker::ModelPackage.ValidationProfile": { + "additionalProperties": false, + "properties": { + "ProfileName": { + "markdownDescription": "The name of the profile for the model package.", + "title": "ProfileName", + "type": "string" + }, + "TransformJobDefinition": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.TransformJobDefinition", + "markdownDescription": "The `TransformJobDefinition` object that describes the transform job used for the validation of the model package.", + "title": "TransformJobDefinition" + } + }, + "required": [ + "ProfileName", + "TransformJobDefinition" + ], + "type": "object" + }, + "AWS::SageMaker::ModelPackage.ValidationSpecification": { + "additionalProperties": false, + "properties": { + "ValidationProfiles": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ValidationProfile" + }, + "markdownDescription": "An array of `ModelPackageValidationProfile` objects, each of which specifies a batch transform job that SageMaker runs to validate your model package.", + "title": "ValidationProfiles", + "type": "array" + }, + "ValidationRole": { + "markdownDescription": "The IAM roles to be used for the validation of the model package.", + "title": "ValidationRole", + "type": "string" + } + }, + "required": [ + "ValidationProfiles", + "ValidationRole" + ], + "type": "object" + }, + "AWS::SageMaker::ModelPackageGroup": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ModelPackageGroupDescription": { + "markdownDescription": "The description for the model group.", + "title": "ModelPackageGroupDescription", + "type": "string" + }, + "ModelPackageGroupName": { + "markdownDescription": "The name of the model group.", + "title": "ModelPackageGroupName", + "type": "string" + }, + "ModelPackageGroupPolicy": { + "markdownDescription": "A resouce policy to control access to a model group. For information about resoure policies, see [Identity-based policies and resource-based policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_identity-vs-resource.html) in the *AWS Identity and Access Management User Guide.* .", + "title": "ModelPackageGroupPolicy", + "type": "object" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "ModelPackageGroupName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SageMaker::ModelPackageGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SageMaker::ModelQualityJobDefinition": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "EndpointName": { + "markdownDescription": "", + "title": "EndpointName", + "type": "string" + }, + "JobDefinitionName": { + "markdownDescription": "The name of the monitoring job definition.", + "title": "JobDefinitionName", + "type": "string" + }, + "JobResources": { + "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.MonitoringResources", + "markdownDescription": "Identifies the resources to deploy for a monitoring job.", + "title": "JobResources" + }, + "ModelQualityAppSpecification": { + "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.ModelQualityAppSpecification", + "markdownDescription": "Container image configuration object for the monitoring job.", + "title": "ModelQualityAppSpecification" + }, + "ModelQualityBaselineConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.ModelQualityBaselineConfig", + "markdownDescription": "Specifies the constraints and baselines for the monitoring job.", + "title": "ModelQualityBaselineConfig" + }, + "ModelQualityJobInput": { + "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.ModelQualityJobInput", + "markdownDescription": "A list of the inputs that are monitored. Currently endpoints are supported.", + "title": "ModelQualityJobInput" + }, + "ModelQualityJobOutputConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.MonitoringOutputConfig", + "markdownDescription": "The output configuration for monitoring jobs.", + "title": "ModelQualityJobOutputConfig" + }, + "NetworkConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.NetworkConfig", + "markdownDescription": "Specifies the network configuration for the monitoring job.", + "title": "NetworkConfig" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to perform tasks on your behalf.", + "title": "RoleArn", + "type": "string" + }, + "StoppingCondition": { + "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.StoppingCondition", + "markdownDescription": "A time limit for how long the monitoring job is allowed to run before stopping.", + "title": "StoppingCondition" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "JobResources", + "ModelQualityAppSpecification", + "ModelQualityJobInput", + "ModelQualityJobOutputConfig", + "RoleArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SageMaker::ModelQualityJobDefinition" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SageMaker::ModelQualityJobDefinition.BatchTransformInput": { + "additionalProperties": false, + "properties": { + "DataCapturedDestinationS3Uri": { + "markdownDescription": "The Amazon S3 location being used to capture the data.", + "title": "DataCapturedDestinationS3Uri", + "type": "string" + }, + "DatasetFormat": { + "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.DatasetFormat", + "markdownDescription": "The dataset format for your batch transform job.", + "title": "DatasetFormat" + }, + "EndTimeOffset": { + "markdownDescription": "If specified, monitoring jobs subtract this time from the end time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", + "title": "EndTimeOffset", + "type": "string" + }, + "InferenceAttribute": { + "markdownDescription": "The attribute of the input data that represents the ground truth label.", + "title": "InferenceAttribute", + "type": "string" + }, + "LocalPath": { + "markdownDescription": "Path to the filesystem where the batch transform data is available to the container.", + "title": "LocalPath", + "type": "string" + }, + "ProbabilityAttribute": { + "markdownDescription": "In a classification problem, the attribute that represents the class probability.", + "title": "ProbabilityAttribute", + "type": "string" + }, + "ProbabilityThresholdAttribute": { + "markdownDescription": "The threshold for the class probability to be evaluated as a positive result.", + "title": "ProbabilityThresholdAttribute", + "type": "number" + }, + "S3DataDistributionType": { + "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defaults to `FullyReplicated`", + "title": "S3DataDistributionType", + "type": "string" + }, + "S3InputMode": { + "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", + "title": "S3InputMode", + "type": "string" + }, + "StartTimeOffset": { + "markdownDescription": "If specified, monitoring jobs substract this time from the start time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", + "title": "StartTimeOffset", + "type": "string" + } + }, + "required": [ + "DataCapturedDestinationS3Uri", + "DatasetFormat", + "LocalPath" + ], + "type": "object" + }, + "AWS::SageMaker::ModelQualityJobDefinition.ClusterConfig": { + "additionalProperties": false, + "properties": { + "InstanceCount": { + "markdownDescription": "The number of ML compute instances to use in the model monitoring job. For distributed processing jobs, specify a value greater than 1. The default value is 1.", + "title": "InstanceCount", + "type": "number" + }, + "InstanceType": { + "markdownDescription": "The ML compute instance type for the processing job.", + "title": "InstanceType", + "type": "string" + }, + "VolumeKmsKeyId": { + "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance(s) that run the model monitoring job.", + "title": "VolumeKmsKeyId", + "type": "string" + }, + "VolumeSizeInGB": { + "markdownDescription": "The size of the ML storage volume, in gigabytes, that you want to provision. You must specify sufficient ML storage for your scenario.", + "title": "VolumeSizeInGB", + "type": "number" + } + }, + "required": [ + "InstanceCount", + "InstanceType", + "VolumeSizeInGB" + ], + "type": "object" + }, + "AWS::SageMaker::ModelQualityJobDefinition.ConstraintsResource": { + "additionalProperties": false, + "properties": { + "S3Uri": { + "markdownDescription": "The Amazon S3 URI for the constraints resource.", + "title": "S3Uri", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelQualityJobDefinition.Csv": { + "additionalProperties": false, + "properties": { + "Header": { + "markdownDescription": "", + "title": "Header", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelQualityJobDefinition.DatasetFormat": { + "additionalProperties": false, + "properties": { + "Csv": { + "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.Csv", + "markdownDescription": "", + "title": "Csv" + }, + "Json": { + "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.Json", + "markdownDescription": "", + "title": "Json" + }, + "Parquet": { + "markdownDescription": "", + "title": "Parquet", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelQualityJobDefinition.EndpointInput": { + "additionalProperties": false, + "properties": { + "EndTimeOffset": { + "markdownDescription": "If specified, monitoring jobs substract this time from the end time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", + "title": "EndTimeOffset", + "type": "string" + }, + "EndpointName": { + "markdownDescription": "An endpoint in customer's account which has enabled `DataCaptureConfig` enabled.", + "title": "EndpointName", + "type": "string" + }, + "InferenceAttribute": { + "markdownDescription": "The attribute of the input data that represents the ground truth label.", + "title": "InferenceAttribute", + "type": "string" + }, + "LocalPath": { + "markdownDescription": "Path to the filesystem where the endpoint data is available to the container.", + "title": "LocalPath", + "type": "string" + }, + "ProbabilityAttribute": { + "markdownDescription": "In a classification problem, the attribute that represents the class probability.", + "title": "ProbabilityAttribute", + "type": "string" + }, + "ProbabilityThresholdAttribute": { + "markdownDescription": "The threshold for the class probability to be evaluated as a positive result.", + "title": "ProbabilityThresholdAttribute", + "type": "number" + }, + "S3DataDistributionType": { + "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an Amazon S3 key. Defaults to `FullyReplicated`", + "title": "S3DataDistributionType", + "type": "string" + }, + "S3InputMode": { + "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", + "title": "S3InputMode", + "type": "string" + }, + "StartTimeOffset": { + "markdownDescription": "If specified, monitoring jobs substract this time from the start time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", + "title": "StartTimeOffset", + "type": "string" + } + }, + "required": [ + "EndpointName", + "LocalPath" + ], + "type": "object" + }, + "AWS::SageMaker::ModelQualityJobDefinition.Json": { + "additionalProperties": false, + "properties": { + "Line": { + "markdownDescription": "", + "title": "Line", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelQualityJobDefinition.ModelQualityAppSpecification": { + "additionalProperties": false, + "properties": { + "ContainerArguments": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of arguments for the container used to run the monitoring job.", + "title": "ContainerArguments", + "type": "array" + }, + "ContainerEntrypoint": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the entrypoint for a container that the monitoring job runs.", + "title": "ContainerEntrypoint", + "type": "array" + }, + "Environment": { + "additionalProperties": true, + "markdownDescription": "Sets the environment variables in the container that the monitoring job runs.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Environment", + "type": "object" + }, + "ImageUri": { + "markdownDescription": "The address of the container image that the monitoring job runs.", + "title": "ImageUri", + "type": "string" + }, + "PostAnalyticsProcessorSourceUri": { + "markdownDescription": "An Amazon S3 URI to a script that is called after analysis has been performed. Applicable only for the built-in (first party) containers.", + "title": "PostAnalyticsProcessorSourceUri", + "type": "string" + }, + "ProblemType": { + "markdownDescription": "The machine learning problem type of the model that the monitoring job monitors.", + "title": "ProblemType", + "type": "string" + }, + "RecordPreprocessorSourceUri": { + "markdownDescription": "An Amazon S3 URI to a script that is called per row prior to running analysis. It can base64 decode the payload and convert it into a flattened JSON so that the built-in container can use the converted data. Applicable only for the built-in (first party) containers.", + "title": "RecordPreprocessorSourceUri", + "type": "string" + } + }, + "required": [ + "ImageUri", + "ProblemType" + ], + "type": "object" + }, + "AWS::SageMaker::ModelQualityJobDefinition.ModelQualityBaselineConfig": { + "additionalProperties": false, + "properties": { + "BaseliningJobName": { + "markdownDescription": "The name of the job that performs baselining for the monitoring job.", + "title": "BaseliningJobName", + "type": "string" + }, + "ConstraintsResource": { + "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.ConstraintsResource", + "markdownDescription": "The constraints resource for a monitoring job.", + "title": "ConstraintsResource" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelQualityJobDefinition.ModelQualityJobInput": { + "additionalProperties": false, + "properties": { + "BatchTransformInput": { + "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.BatchTransformInput", + "markdownDescription": "Input object for the batch transform job.", + "title": "BatchTransformInput" + }, + "EndpointInput": { + "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.EndpointInput", + "markdownDescription": "Input object for the endpoint", + "title": "EndpointInput" + }, + "GroundTruthS3Input": { + "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.MonitoringGroundTruthS3Input", + "markdownDescription": "The ground truth label provided for the model.", + "title": "GroundTruthS3Input" + } + }, + "required": [ + "GroundTruthS3Input" + ], + "type": "object" + }, + "AWS::SageMaker::ModelQualityJobDefinition.MonitoringGroundTruthS3Input": { + "additionalProperties": false, + "properties": { + "S3Uri": { + "markdownDescription": "The address of the Amazon S3 location of the ground truth labels.", + "title": "S3Uri", + "type": "string" + } + }, + "required": [ + "S3Uri" + ], + "type": "object" + }, + "AWS::SageMaker::ModelQualityJobDefinition.MonitoringOutput": { + "additionalProperties": false, + "properties": { + "S3Output": { + "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.S3Output", + "markdownDescription": "The Amazon S3 storage location where the results of a monitoring job are saved.", + "title": "S3Output" + } + }, + "required": [ + "S3Output" + ], + "type": "object" + }, + "AWS::SageMaker::ModelQualityJobDefinition.MonitoringOutputConfig": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "markdownDescription": "The AWS Key Management Service ( AWS KMS ) key that Amazon SageMaker AI uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption.", + "title": "KmsKeyId", + "type": "string" + }, + "MonitoringOutputs": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.MonitoringOutput" + }, + "markdownDescription": "Monitoring outputs for monitoring jobs. This is where the output of the periodic monitoring jobs is uploaded.", + "title": "MonitoringOutputs", + "type": "array" + } + }, + "required": [ + "MonitoringOutputs" + ], + "type": "object" + }, + "AWS::SageMaker::ModelQualityJobDefinition.MonitoringResources": { + "additionalProperties": false, + "properties": { + "ClusterConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.ClusterConfig", + "markdownDescription": "The configuration for the cluster resources used to run the processing job.", + "title": "ClusterConfig" + } + }, + "required": [ + "ClusterConfig" + ], + "type": "object" + }, + "AWS::SageMaker::ModelQualityJobDefinition.NetworkConfig": { + "additionalProperties": false, + "properties": { + "EnableInterContainerTrafficEncryption": { + "markdownDescription": "Whether to encrypt all communications between distributed processing jobs. Choose `True` to encrypt communications. Encryption provides greater security for distributed processing jobs, but the processing might take longer.", + "title": "EnableInterContainerTrafficEncryption", + "type": "boolean" + }, + "EnableNetworkIsolation": { + "markdownDescription": "Whether to allow inbound and outbound network calls to and from the containers used for the processing job.", + "title": "EnableNetworkIsolation", + "type": "boolean" + }, + "VpcConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.VpcConfig", + "markdownDescription": "Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC.", + "title": "VpcConfig" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelQualityJobDefinition.S3Output": { + "additionalProperties": false, + "properties": { + "LocalPath": { + "markdownDescription": "The local path to the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job. LocalPath is an absolute path for the output data.", + "title": "LocalPath", + "type": "string" + }, + "S3UploadMode": { + "markdownDescription": "Whether to upload the results of the monitoring job continuously or after the job completes.", + "title": "S3UploadMode", + "type": "string" + }, + "S3Uri": { + "markdownDescription": "A URI that identifies the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job.", + "title": "S3Uri", + "type": "string" + } + }, + "required": [ + "LocalPath", + "S3Uri" + ], + "type": "object" + }, + "AWS::SageMaker::ModelQualityJobDefinition.StoppingCondition": { + "additionalProperties": false, + "properties": { + "MaxRuntimeInSeconds": { + "markdownDescription": "The maximum length of time, in seconds, that a training or compilation job can run before it is stopped.\n\nFor compilation jobs, if the job does not complete during this time, a `TimeOut` error is generated. We recommend starting with 900 seconds and increasing as necessary based on your model.\n\nFor all other jobs, if the job does not complete during this time, SageMaker ends the job. When `RetryStrategy` is specified in the job request, `MaxRuntimeInSeconds` specifies the maximum time for all of the attempts in total, not each individual attempt. The default value is 1 day. The maximum value is 28 days.\n\nThe maximum time that a `TrainingJob` can run in total, including any time spent publishing metrics or archiving and uploading models after it has been stopped, is 30 days.", + "title": "MaxRuntimeInSeconds", + "type": "number" + } + }, + "required": [ + "MaxRuntimeInSeconds" + ], + "type": "object" + }, + "AWS::SageMaker::ModelQualityJobDefinition.VpcConfig": { + "additionalProperties": false, + "properties": { + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The VPC security group IDs, in the form `sg-xxxxxxxx` . Specify the security groups for the VPC that is specified in the `Subnets` field.", + "title": "SecurityGroupIds", + "type": "array" + }, + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The ID of the subnets in the VPC to which you want to connect your training job or model. For information about the availability of specific instance types, see [Supported Instance Types and Availability Zones](https://docs.aws.amazon.com/sagemaker/latest/dg/instance-types-az.html) .", + "title": "Subnets", + "type": "array" + } + }, + "required": [ + "SecurityGroupIds", + "Subnets" + ], + "type": "object" + }, + "AWS::SageMaker::MonitoringSchedule": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "EndpointName": { + "markdownDescription": "The name of the endpoint using the monitoring schedule.", + "title": "EndpointName", + "type": "string" + }, + "FailureReason": { + "markdownDescription": "Contains the reason a monitoring job failed, if it failed.", + "title": "FailureReason", + "type": "string" + }, + "LastMonitoringExecutionSummary": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringExecutionSummary", + "markdownDescription": "Describes metadata on the last execution to run, if there was one.", + "title": "LastMonitoringExecutionSummary" + }, + "MonitoringScheduleConfig": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringScheduleConfig", + "markdownDescription": "The configuration object that specifies the monitoring schedule and defines the monitoring job.", + "title": "MonitoringScheduleConfig" + }, + "MonitoringScheduleName": { + "markdownDescription": "The name of the monitoring schedule.", + "title": "MonitoringScheduleName", + "type": "string" + }, + "MonitoringScheduleStatus": { + "markdownDescription": "The status of the monitoring schedule.", + "title": "MonitoringScheduleStatus", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "MonitoringScheduleConfig", + "MonitoringScheduleName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SageMaker::MonitoringSchedule" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SageMaker::MonitoringSchedule.BaselineConfig": { + "additionalProperties": false, + "properties": { + "ConstraintsResource": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.ConstraintsResource", + "markdownDescription": "The Amazon S3 URI for the constraints resource.", + "title": "ConstraintsResource" + }, + "StatisticsResource": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.StatisticsResource", + "markdownDescription": "The baseline statistics file in Amazon S3 that the current monitoring job should be validated against.", + "title": "StatisticsResource" + } + }, + "type": "object" + }, + "AWS::SageMaker::MonitoringSchedule.BatchTransformInput": { + "additionalProperties": false, + "properties": { + "DataCapturedDestinationS3Uri": { + "markdownDescription": "The Amazon S3 location being used to capture the data.", + "title": "DataCapturedDestinationS3Uri", + "type": "string" + }, + "DatasetFormat": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.DatasetFormat", + "markdownDescription": "The dataset format for your batch transform job.", + "title": "DatasetFormat" + }, + "ExcludeFeaturesAttribute": { + "markdownDescription": "The attributes of the input data to exclude from the analysis.", + "title": "ExcludeFeaturesAttribute", + "type": "string" + }, + "LocalPath": { + "markdownDescription": "Path to the filesystem where the batch transform data is available to the container.", + "title": "LocalPath", + "type": "string" + }, + "S3DataDistributionType": { + "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defaults to `FullyReplicated`", + "title": "S3DataDistributionType", + "type": "string" + }, + "S3InputMode": { + "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", + "title": "S3InputMode", + "type": "string" + } + }, + "required": [ + "DataCapturedDestinationS3Uri", + "DatasetFormat", + "LocalPath" + ], + "type": "object" + }, + "AWS::SageMaker::MonitoringSchedule.ClusterConfig": { + "additionalProperties": false, + "properties": { + "InstanceCount": { + "markdownDescription": "The number of ML compute instances to use in the model monitoring job. For distributed processing jobs, specify a value greater than 1. The default value is 1.", + "title": "InstanceCount", + "type": "number" + }, + "InstanceType": { + "markdownDescription": "The ML compute instance type for the processing job.", + "title": "InstanceType", + "type": "string" + }, + "VolumeKmsKeyId": { + "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance(s) that run the model monitoring job.", + "title": "VolumeKmsKeyId", + "type": "string" + }, + "VolumeSizeInGB": { + "markdownDescription": "The size of the ML storage volume, in gigabytes, that you want to provision. You must specify sufficient ML storage for your scenario.", + "title": "VolumeSizeInGB", + "type": "number" + } + }, + "required": [ + "InstanceCount", + "InstanceType", + "VolumeSizeInGB" + ], + "type": "object" + }, + "AWS::SageMaker::MonitoringSchedule.ConstraintsResource": { + "additionalProperties": false, + "properties": { + "S3Uri": { + "markdownDescription": "The Amazon S3 URI for the constraints resource.", + "title": "S3Uri", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::MonitoringSchedule.Csv": { + "additionalProperties": false, + "properties": { + "Header": { + "markdownDescription": "", + "title": "Header", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::SageMaker::MonitoringSchedule.DatasetFormat": { + "additionalProperties": false, + "properties": { + "Csv": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.Csv", + "markdownDescription": "", + "title": "Csv" + }, + "Json": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.Json", + "markdownDescription": "", + "title": "Json" + }, + "Parquet": { + "markdownDescription": "", + "title": "Parquet", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::SageMaker::MonitoringSchedule.EndpointInput": { + "additionalProperties": false, + "properties": { + "EndpointName": { + "markdownDescription": "An endpoint in customer's account which has enabled `DataCaptureConfig` enabled.", + "title": "EndpointName", + "type": "string" + }, + "ExcludeFeaturesAttribute": { + "markdownDescription": "The attributes of the input data to exclude from the analysis.", + "title": "ExcludeFeaturesAttribute", + "type": "string" + }, + "LocalPath": { + "markdownDescription": "Path to the filesystem where the endpoint data is available to the container.", + "title": "LocalPath", + "type": "string" + }, + "S3DataDistributionType": { + "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an Amazon S3 key. Defaults to `FullyReplicated`", + "title": "S3DataDistributionType", + "type": "string" + }, + "S3InputMode": { + "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", + "title": "S3InputMode", + "type": "string" + } + }, + "required": [ + "EndpointName", + "LocalPath" + ], + "type": "object" + }, + "AWS::SageMaker::MonitoringSchedule.Json": { + "additionalProperties": false, + "properties": { + "Line": { + "markdownDescription": "", + "title": "Line", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::SageMaker::MonitoringSchedule.MonitoringAppSpecification": { + "additionalProperties": false, + "properties": { + "ContainerArguments": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of arguments for the container used to run the monitoring job.", + "title": "ContainerArguments", + "type": "array" + }, + "ContainerEntrypoint": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the entrypoint for a container used to run the monitoring job.", + "title": "ContainerEntrypoint", + "type": "array" + }, + "ImageUri": { + "markdownDescription": "The container image to be run by the monitoring job.", + "title": "ImageUri", + "type": "string" + }, + "PostAnalyticsProcessorSourceUri": { + "markdownDescription": "An Amazon S3 URI to a script that is called after analysis has been performed. Applicable only for the built-in (first party) containers.", + "title": "PostAnalyticsProcessorSourceUri", + "type": "string" + }, + "RecordPreprocessorSourceUri": { + "markdownDescription": "An Amazon S3 URI to a script that is called per row prior to running analysis. It can base64 decode the payload and convert it into a flattened JSON so that the built-in container can use the converted data. Applicable only for the built-in (first party) containers.", + "title": "RecordPreprocessorSourceUri", + "type": "string" + } + }, + "required": [ + "ImageUri" + ], + "type": "object" + }, + "AWS::SageMaker::MonitoringSchedule.MonitoringExecutionSummary": { + "additionalProperties": false, + "properties": { + "CreationTime": { + "markdownDescription": "The time at which the monitoring job was created.", + "title": "CreationTime", + "type": "string" + }, + "EndpointName": { + "markdownDescription": "The name of the endpoint used to run the monitoring job.", + "title": "EndpointName", + "type": "string" + }, + "FailureReason": { + "markdownDescription": "Contains the reason a monitoring job failed, if it failed.", + "title": "FailureReason", + "type": "string" + }, + "LastModifiedTime": { + "markdownDescription": "A timestamp that indicates the last time the monitoring job was modified.", + "title": "LastModifiedTime", + "type": "string" + }, + "MonitoringExecutionStatus": { + "markdownDescription": "The status of the monitoring job.", + "title": "MonitoringExecutionStatus", + "type": "string" + }, + "MonitoringScheduleName": { + "markdownDescription": "The name of the monitoring schedule.", + "title": "MonitoringScheduleName", + "type": "string" + }, + "ProcessingJobArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the monitoring job.", + "title": "ProcessingJobArn", + "type": "string" + }, + "ScheduledTime": { + "markdownDescription": "The time the monitoring job was scheduled.", + "title": "ScheduledTime", + "type": "string" + } + }, + "required": [ + "CreationTime", + "LastModifiedTime", + "MonitoringExecutionStatus", + "MonitoringScheduleName", + "ScheduledTime" + ], + "type": "object" + }, + "AWS::SageMaker::MonitoringSchedule.MonitoringInput": { + "additionalProperties": false, + "properties": { + "BatchTransformInput": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.BatchTransformInput", + "markdownDescription": "Input object for the batch transform job.", + "title": "BatchTransformInput" + }, + "EndpointInput": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.EndpointInput", + "markdownDescription": "The endpoint for a monitoring job.", + "title": "EndpointInput" + } + }, + "type": "object" + }, + "AWS::SageMaker::MonitoringSchedule.MonitoringJobDefinition": { + "additionalProperties": false, + "properties": { + "BaselineConfig": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.BaselineConfig", + "markdownDescription": "Baseline configuration used to validate that the data conforms to the specified constraints and statistics", + "title": "BaselineConfig" + }, + "Environment": { + "additionalProperties": true, + "markdownDescription": "Sets the environment variables in the Docker container.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Environment", + "type": "object" + }, + "MonitoringAppSpecification": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringAppSpecification", + "markdownDescription": "Configures the monitoring job to run a specified Docker container image.", + "title": "MonitoringAppSpecification" + }, + "MonitoringInputs": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringInput" + }, + "markdownDescription": "The array of inputs for the monitoring job. Currently we support monitoring an Amazon SageMaker AI Endpoint.", + "title": "MonitoringInputs", + "type": "array" + }, + "MonitoringOutputConfig": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringOutputConfig", + "markdownDescription": "The array of outputs from the monitoring job to be uploaded to Amazon S3.", + "title": "MonitoringOutputConfig" + }, + "MonitoringResources": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringResources", + "markdownDescription": "Identifies the resources, ML compute instances, and ML storage volumes to deploy for a monitoring job. In distributed processing, you specify more than one instance.", + "title": "MonitoringResources" + }, + "NetworkConfig": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.NetworkConfig", + "markdownDescription": "Specifies networking options for an monitoring job.", + "title": "NetworkConfig" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker AI can assume to perform tasks on your behalf.", + "title": "RoleArn", + "type": "string" + }, + "StoppingCondition": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.StoppingCondition", + "markdownDescription": "Specifies a time limit for how long the monitoring job is allowed to run.", + "title": "StoppingCondition" + } + }, + "required": [ + "MonitoringAppSpecification", + "MonitoringInputs", + "MonitoringOutputConfig", + "MonitoringResources", + "RoleArn" + ], + "type": "object" + }, + "AWS::SageMaker::MonitoringSchedule.MonitoringOutput": { + "additionalProperties": false, + "properties": { + "S3Output": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.S3Output", + "markdownDescription": "The Amazon S3 storage location where the results of a monitoring job are saved.", + "title": "S3Output" + } + }, + "required": [ + "S3Output" + ], + "type": "object" + }, + "AWS::SageMaker::MonitoringSchedule.MonitoringOutputConfig": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "markdownDescription": "The AWS Key Management Service ( AWS KMS ) key that Amazon SageMaker AI uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption.", + "title": "KmsKeyId", + "type": "string" + }, + "MonitoringOutputs": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringOutput" + }, + "markdownDescription": "Monitoring outputs for monitoring jobs. This is where the output of the periodic monitoring jobs is uploaded.", + "title": "MonitoringOutputs", + "type": "array" + } + }, + "required": [ + "MonitoringOutputs" + ], + "type": "object" + }, + "AWS::SageMaker::MonitoringSchedule.MonitoringResources": { + "additionalProperties": false, + "properties": { + "ClusterConfig": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.ClusterConfig", + "markdownDescription": "The configuration for the cluster resources used to run the processing job.", + "title": "ClusterConfig" + } + }, + "required": [ + "ClusterConfig" + ], + "type": "object" + }, + "AWS::SageMaker::MonitoringSchedule.MonitoringScheduleConfig": { + "additionalProperties": false, + "properties": { + "MonitoringJobDefinition": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringJobDefinition", + "markdownDescription": "Defines the monitoring job.", + "title": "MonitoringJobDefinition" + }, + "MonitoringJobDefinitionName": { + "markdownDescription": "The name of the monitoring job definition to schedule.", + "title": "MonitoringJobDefinitionName", + "type": "string" + }, + "MonitoringType": { + "markdownDescription": "The type of the monitoring job definition to schedule.", + "title": "MonitoringType", + "type": "string" + }, + "ScheduleConfig": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.ScheduleConfig", + "markdownDescription": "Configures the monitoring schedule.", + "title": "ScheduleConfig" + } + }, + "type": "object" + }, + "AWS::SageMaker::MonitoringSchedule.NetworkConfig": { + "additionalProperties": false, + "properties": { + "EnableInterContainerTrafficEncryption": { + "markdownDescription": "Whether to encrypt all communications between distributed processing jobs. Choose `True` to encrypt communications. Encryption provides greater security for distributed processing jobs, but the processing might take longer.", + "title": "EnableInterContainerTrafficEncryption", + "type": "boolean" + }, + "EnableNetworkIsolation": { + "markdownDescription": "Whether to allow inbound and outbound network calls to and from the containers used for the processing job.", + "title": "EnableNetworkIsolation", + "type": "boolean" + }, + "VpcConfig": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.VpcConfig", + "markdownDescription": "Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC. For more information, see [Protect Endpoints by Using an Amazon Virtual Private Cloud](https://docs.aws.amazon.com/sagemaker/latest/dg/host-vpc.html) and [Protect Training Jobs by Using an Amazon Virtual Private Cloud](https://docs.aws.amazon.com/sagemaker/latest/dg/train-vpc.html) .", + "title": "VpcConfig" + } + }, + "type": "object" + }, + "AWS::SageMaker::MonitoringSchedule.S3Output": { + "additionalProperties": false, + "properties": { + "LocalPath": { + "markdownDescription": "The local path to the S3 storage location where SageMaker saves the results of a monitoring job. LocalPath is an absolute path for the output data.", + "title": "LocalPath", + "type": "string" + }, + "S3UploadMode": { + "markdownDescription": "Whether to upload the results of the monitoring job continuously or after the job completes.", + "title": "S3UploadMode", + "type": "string" + }, + "S3Uri": { + "markdownDescription": "A URI that identifies the S3 storage location where SageMaker saves the results of a monitoring job.", + "title": "S3Uri", + "type": "string" + } + }, + "required": [ + "LocalPath", + "S3Uri" + ], + "type": "object" + }, + "AWS::SageMaker::MonitoringSchedule.ScheduleConfig": { + "additionalProperties": false, + "properties": { + "DataAnalysisEndTime": { + "markdownDescription": "Sets the end time for a monitoring job window. Express this time as an offset to the times that you schedule your monitoring jobs to run. You schedule monitoring jobs with the `ScheduleExpression` parameter. Specify this offset in ISO 8601 duration format. For example, if you want to end the window one hour before the start of each monitoring job, you would specify: `\"-PT1H\"` .\n\nThe end time that you specify must not follow the start time that you specify by more than 24 hours. You specify the start time with the `DataAnalysisStartTime` parameter.\n\nIf you set `ScheduleExpression` to `NOW` , this parameter is required.", + "title": "DataAnalysisEndTime", + "type": "string" + }, + "DataAnalysisStartTime": { + "markdownDescription": "Sets the start time for a monitoring job window. Express this time as an offset to the times that you schedule your monitoring jobs to run. You schedule monitoring jobs with the `ScheduleExpression` parameter. Specify this offset in ISO 8601 duration format. For example, if you want to monitor the five hours of data in your dataset that precede the start of each monitoring job, you would specify: `\"-PT5H\"` .\n\nThe start time that you specify must not precede the end time that you specify by more than 24 hours. You specify the end time with the `DataAnalysisEndTime` parameter.\n\nIf you set `ScheduleExpression` to `NOW` , this parameter is required.", + "title": "DataAnalysisStartTime", + "type": "string" + }, + "ScheduleExpression": { + "markdownDescription": "A cron expression that describes details about the monitoring schedule.\n\nThe supported cron expressions are:\n\n- If you want to set the job to start every hour, use the following:\n\n`Hourly: cron(0 * ? * * *)`\n- If you want to start the job daily:\n\n`cron(0 [00-23] ? * * *)`\n- If you want to run the job one time, immediately, use the following keyword:\n\n`NOW`\n\nFor example, the following are valid cron expressions:\n\n- Daily at noon UTC: `cron(0 12 ? * * *)`\n- Daily at midnight UTC: `cron(0 0 ? * * *)`\n\nTo support running every 6, 12 hours, the following are also supported:\n\n`cron(0 [00-23]/[01-24] ? * * *)`\n\nFor example, the following are valid cron expressions:\n\n- Every 12 hours, starting at 5pm UTC: `cron(0 17/12 ? * * *)`\n- Every two hours starting at midnight: `cron(0 0/2 ? * * *)`\n\n> - Even though the cron expression is set to start at 5PM UTC, note that there could be a delay of 0-20 minutes from the actual requested time to run the execution.\n> - We recommend that if you would like a daily schedule, you do not provide this parameter. Amazon SageMaker AI will pick a time for running every day. \n\nYou can also specify the keyword `NOW` to run the monitoring job immediately, one time, without recurring.", + "title": "ScheduleExpression", + "type": "string" + } + }, + "required": [ + "ScheduleExpression" + ], + "type": "object" + }, + "AWS::SageMaker::MonitoringSchedule.StatisticsResource": { + "additionalProperties": false, + "properties": { + "S3Uri": { + "markdownDescription": "The S3 URI for the statistics resource.", + "title": "S3Uri", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::MonitoringSchedule.StoppingCondition": { + "additionalProperties": false, + "properties": { + "MaxRuntimeInSeconds": { + "markdownDescription": "The maximum length of time, in seconds, that a training or compilation job can run before it is stopped.\n\nFor compilation jobs, if the job does not complete during this time, a `TimeOut` error is generated. We recommend starting with 900 seconds and increasing as necessary based on your model.\n\nFor all other jobs, if the job does not complete during this time, SageMaker ends the job. When `RetryStrategy` is specified in the job request, `MaxRuntimeInSeconds` specifies the maximum time for all of the attempts in total, not each individual attempt. The default value is 1 day. The maximum value is 28 days.\n\nThe maximum time that a `TrainingJob` can run in total, including any time spent publishing metrics or archiving and uploading models after it has been stopped, is 30 days.", + "title": "MaxRuntimeInSeconds", + "type": "number" + } + }, + "required": [ + "MaxRuntimeInSeconds" + ], + "type": "object" + }, + "AWS::SageMaker::MonitoringSchedule.VpcConfig": { + "additionalProperties": false, + "properties": { + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The VPC security group IDs, in the form `sg-xxxxxxxx` . Specify the security groups for the VPC that is specified in the `Subnets` field.", + "title": "SecurityGroupIds", + "type": "array" + }, + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The ID of the subnets in the VPC to which you want to connect your training job or model. For information about the availability of specific instance types, see [Supported Instance Types and Availability Zones](https://docs.aws.amazon.com/sagemaker/latest/dg/instance-types-az.html) .", + "title": "Subnets", + "type": "array" + } + }, + "required": [ + "SecurityGroupIds", + "Subnets" + ], + "type": "object" + }, + "AWS::SageMaker::NotebookInstance": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AcceleratorTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of Amazon Elastic Inference (EI) instance types to associate with the notebook instance. Currently, only one instance type can be associated with a notebook instance. For more information, see [Using Elastic Inference in Amazon SageMaker](https://docs.aws.amazon.com/sagemaker/latest/dg/ei.html) .\n\n*Valid Values:* `ml.eia1.medium | ml.eia1.large | ml.eia1.xlarge | ml.eia2.medium | ml.eia2.large | ml.eia2.xlarge` .", + "title": "AcceleratorTypes", + "type": "array" + }, + "AdditionalCodeRepositories": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of up to three Git repositories associated with the notebook instance. These can be either the names of Git repositories stored as resources in your account, or the URL of Git repositories in [AWS CodeCommit](https://docs.aws.amazon.com/codecommit/latest/userguide/welcome.html) or in any other Git repository. These repositories are cloned at the same level as the default repository of your notebook instance. For more information, see [Associating Git Repositories with SageMaker AI Notebook Instances](https://docs.aws.amazon.com/sagemaker/latest/dg/nbi-git-repo.html) .", + "title": "AdditionalCodeRepositories", + "type": "array" + }, + "DefaultCodeRepository": { + "markdownDescription": "The Git repository associated with the notebook instance as its default code repository. This can be either the name of a Git repository stored as a resource in your account, or the URL of a Git repository in [AWS CodeCommit](https://docs.aws.amazon.com/codecommit/latest/userguide/welcome.html) or in any other Git repository. When you open a notebook instance, it opens in the directory that contains this repository. For more information, see [Associating Git Repositories with SageMaker AI Notebook Instances](https://docs.aws.amazon.com/sagemaker/latest/dg/nbi-git-repo.html) .", + "title": "DefaultCodeRepository", + "type": "string" + }, + "DirectInternetAccess": { + "markdownDescription": "Sets whether SageMaker AI provides internet access to the notebook instance. If you set this to `Disabled` this notebook instance is able to access resources only in your VPC, and is not be able to connect to SageMaker AI training and endpoint services unless you configure a NAT Gateway in your VPC.\n\nFor more information, see [Notebook Instances Are Internet-Enabled by Default](https://docs.aws.amazon.com/sagemaker/latest/dg/appendix-additional-considerations.html#appendix-notebook-and-internet-access) . You can set the value of this parameter to `Disabled` only if you set a value for the `SubnetId` parameter.", + "title": "DirectInternetAccess", + "type": "string" + }, + "InstanceMetadataServiceConfiguration": { + "$ref": "#/definitions/AWS::SageMaker::NotebookInstance.InstanceMetadataServiceConfiguration", + "markdownDescription": "Information on the IMDS configuration of the notebook instance", + "title": "InstanceMetadataServiceConfiguration" + }, + "InstanceType": { + "markdownDescription": "The type of ML compute instance to launch for the notebook instance.\n\n> Expect some interruption of service if this parameter is changed as CloudFormation stops a notebook instance and starts it up again to update it.", + "title": "InstanceType", + "type": "string" + }, + "KmsKeyId": { + "markdownDescription": "The Amazon Resource Name (ARN) of a AWS Key Management Service key that SageMaker AI uses to encrypt data on the storage volume attached to your notebook instance. The KMS key you provide must be enabled. For information, see [Enabling and Disabling Keys](https://docs.aws.amazon.com/kms/latest/developerguide/enabling-keys.html) in the *AWS Key Management Service Developer Guide* .", + "title": "KmsKeyId", + "type": "string" + }, + "LifecycleConfigName": { + "markdownDescription": "The name of a lifecycle configuration to associate with the notebook instance. For information about lifecycle configurations, see [Customize a Notebook Instance](https://docs.aws.amazon.com/sagemaker/latest/dg/notebook-lifecycle-config.html) in the *Amazon SageMaker Developer Guide* .", + "title": "LifecycleConfigName", + "type": "string" + }, + "NotebookInstanceName": { + "markdownDescription": "The name of the new notebook instance.", + "title": "NotebookInstanceName", + "type": "string" + }, + "PlatformIdentifier": { + "markdownDescription": "The platform identifier of the notebook instance runtime environment.", + "title": "PlatformIdentifier", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "When you send any requests to AWS resources from the notebook instance, SageMaker AI assumes this role to perform tasks on your behalf. You must grant this role necessary permissions so SageMaker AI can perform these tasks. The policy must allow the SageMaker AI service principal (sagemaker.amazonaws.com) permissions to assume this role. For more information, see [SageMaker AI Roles](https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-roles.html) .\n\n> To be able to pass this role to SageMaker AI, the caller of this API must have the `iam:PassRole` permission.", + "title": "RoleArn", + "type": "string" + }, + "RootAccess": { + "markdownDescription": "Whether root access is enabled or disabled for users of the notebook instance. The default value is `Enabled` .\n\n> Lifecycle configurations need root access to be able to set up a notebook instance. Because of this, lifecycle configurations associated with a notebook instance always run with root access even if you disable root access for users.", + "title": "RootAccess", + "type": "string" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The VPC security group IDs, in the form sg-xxxxxxxx. The security groups must be for the same VPC as specified in the subnet.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetId": { + "markdownDescription": "The ID of the subnet in a VPC to which you would like to have a connectivity from your ML compute instance.", + "title": "SubnetId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs to apply to this resource.\n\nFor more information, see [Resource Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) and [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html#allocation-what) .\n\nYou can add tags later by using the `CreateTags` API.", + "title": "Tags", + "type": "array" + }, + "VolumeSizeInGB": { + "markdownDescription": "The size, in GB, of the ML storage volume to attach to the notebook instance. The default value is 5 GB.\n\n> Expect some interruption of service if this parameter is changed as CloudFormation stops a notebook instance and starts it up again to update it.", + "title": "VolumeSizeInGB", + "type": "number" + } + }, + "required": [ + "InstanceType", + "RoleArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SageMaker::NotebookInstance" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SageMaker::NotebookInstance.InstanceMetadataServiceConfiguration": { + "additionalProperties": false, + "properties": { + "MinimumInstanceMetadataServiceVersion": { + "markdownDescription": "Indicates the minimum IMDS version that the notebook instance supports. When passed as part of `CreateNotebookInstance` , if no value is selected, then it defaults to IMDSv1. This means that both IMDSv1 and IMDSv2 are supported. If passed as part of `UpdateNotebookInstance` , there is no default.", + "title": "MinimumInstanceMetadataServiceVersion", + "type": "string" + } + }, + "required": [ + "MinimumInstanceMetadataServiceVersion" + ], + "type": "object" + }, + "AWS::SageMaker::NotebookInstanceLifecycleConfig": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "NotebookInstanceLifecycleConfigName": { + "markdownDescription": "The name of the lifecycle configuration.", + "title": "NotebookInstanceLifecycleConfigName", + "type": "string" + }, + "OnCreate": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::NotebookInstanceLifecycleConfig.NotebookInstanceLifecycleHook" + }, + "markdownDescription": "A shell script that runs only once, when you create a notebook instance. The shell script must be a base64-encoded string.", + "title": "OnCreate", + "type": "array" + }, + "OnStart": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::NotebookInstanceLifecycleConfig.NotebookInstanceLifecycleHook" + }, + "markdownDescription": "A shell script that runs every time you start a notebook instance, including when you create the notebook instance. The shell script must be a base64-encoded string.", + "title": "OnStart", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SageMaker::NotebookInstanceLifecycleConfig" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::SageMaker::NotebookInstanceLifecycleConfig.NotebookInstanceLifecycleHook": { + "additionalProperties": false, + "properties": { + "Content": { + "markdownDescription": "A base64-encoded string that contains a shell script for a notebook instance lifecycle configuration.", + "title": "Content", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::PartnerApp": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationConfig": { + "$ref": "#/definitions/AWS::SageMaker::PartnerApp.PartnerAppConfig", + "markdownDescription": "Configuration settings for the Partner AI App.", + "title": "ApplicationConfig" + }, + "AuthType": { + "markdownDescription": "Defines the authentication type used for the Partner AI App.", + "title": "AuthType", + "type": "string" + }, + "EnableIamSessionBasedIdentity": { + "markdownDescription": "Enables IAM Session based Identity for PartnerApp.", + "title": "EnableIamSessionBasedIdentity", + "type": "boolean" + }, + "ExecutionRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role of the user.", + "title": "ExecutionRoleArn", + "type": "string" + }, + "KmsKeyId": { + "markdownDescription": "The AWS KMS customer managed key used to encrypt the data associated with the PartnerApp.", + "title": "KmsKeyId", + "type": "string" + }, + "MaintenanceConfig": { + "$ref": "#/definitions/AWS::SageMaker::PartnerApp.PartnerAppMaintenanceConfig", + "markdownDescription": "A collection of settings that specify the maintenance schedule for the PartnerApp.", + "title": "MaintenanceConfig" + }, + "Name": { + "markdownDescription": "The name of the Partner AI App. This name must be unique within your account and region.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags to apply to the PartnerApp.", + "title": "Tags", + "type": "array" + }, + "Tier": { + "markdownDescription": "Specifies the tier or level of the Partner AI App. The tier size impacts the speed and capabilities of the application. For more information, see [Set up Partner AI Apps](https://docs.aws.amazon.com/sagemaker/latest/dg/partner-app-onboard.html) .", + "title": "Tier", + "type": "string" + }, + "Type": { + "markdownDescription": "Specifies the type of Partner AI App being created.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "AuthType", + "ExecutionRoleArn", + "Name", + "Tier", + "Type" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SageMaker::PartnerApp" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SageMaker::PartnerApp.PartnerAppConfig": { + "additionalProperties": false, + "properties": { + "AdminUsers": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of users that will have administrative access to the Partner AI App.", + "title": "AdminUsers", + "type": "array" + }, + "Arguments": { + "additionalProperties": true, + "markdownDescription": "Additional arguments passed to the Partner AI App during initialization or runtime.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Arguments", + "type": "object" + } + }, + "type": "object" + }, + "AWS::SageMaker::PartnerApp.PartnerAppMaintenanceConfig": { + "additionalProperties": false, + "properties": { + "MaintenanceWindowStart": { + "markdownDescription": "The maintenance window start day and time for the PartnerApp.", + "title": "MaintenanceWindowStart", + "type": "string" + } + }, + "required": [ + "MaintenanceWindowStart" + ], + "type": "object" + }, + "AWS::SageMaker::Pipeline": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ParallelismConfiguration": { + "$ref": "#/definitions/AWS::SageMaker::Pipeline.ParallelismConfiguration", + "markdownDescription": "The parallelism configuration applied to the pipeline.", + "title": "ParallelismConfiguration" + }, + "PipelineDefinition": { + "$ref": "#/definitions/AWS::SageMaker::Pipeline.PipelineDefinition", + "markdownDescription": "The definition of the pipeline. This can be either a JSON string or an Amazon S3 location.", + "title": "PipelineDefinition" + }, + "PipelineDescription": { + "markdownDescription": "The description of the pipeline.", + "title": "PipelineDescription", + "type": "string" + }, + "PipelineDisplayName": { + "markdownDescription": "The display name of the pipeline.", + "title": "PipelineDisplayName", + "type": "string" + }, + "PipelineName": { + "markdownDescription": "The name of the pipeline.", + "title": "PipelineName", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role used to execute the pipeline.", + "title": "RoleArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags of the pipeline.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "PipelineDefinition", + "PipelineName", + "RoleArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SageMaker::Pipeline" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SageMaker::Pipeline.ParallelismConfiguration": { + "additionalProperties": false, + "properties": { + "MaxParallelExecutionSteps": { + "markdownDescription": "The max number of steps that can be executed in parallel.", + "title": "MaxParallelExecutionSteps", + "type": "number" + } + }, + "required": [ + "MaxParallelExecutionSteps" + ], + "type": "object" + }, + "AWS::SageMaker::Pipeline.PipelineDefinition": { + "additionalProperties": false, + "properties": { + "PipelineDefinitionBody": { + "markdownDescription": "The [JSON pipeline definition](https://docs.aws.amazon.com/https://aws-sagemaker-mlops.github.io/sagemaker-model-building-pipeline-definition-JSON-schema/) of the pipeline.", + "title": "PipelineDefinitionBody", + "type": "string" + }, + "PipelineDefinitionS3Location": { + "$ref": "#/definitions/AWS::SageMaker::Pipeline.S3Location", + "markdownDescription": "The location of the pipeline definition stored in Amazon S3. If specified, SageMaker retrieves the pipeline definition from this location.", + "title": "PipelineDefinitionS3Location" + } + }, + "type": "object" + }, + "AWS::SageMaker::Pipeline.S3Location": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The name of the S3 bucket.", + "title": "Bucket", + "type": "string" + }, + "ETag": { + "markdownDescription": "A file checksum of the pipeline definition file.", + "title": "ETag", + "type": "string" + }, + "Key": { + "markdownDescription": "The object key (or key name) which uniquely identifies the object in an S3 bucket.", + "title": "Key", + "type": "string" + }, + "Version": { + "markdownDescription": "The version ID of the pipeline definition file. If not specified, Amazon SageMaker will retrieve the latest version.", + "title": "Version", + "type": "string" + } + }, + "required": [ + "Bucket", + "Key" + ], + "type": "object" + }, + "AWS::SageMaker::Project": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ProjectDescription": { + "markdownDescription": "The description of the project.", + "title": "ProjectDescription", + "type": "string" + }, + "ProjectName": { + "markdownDescription": "The name of the project.", + "title": "ProjectName", + "type": "string" + }, + "ServiceCatalogProvisionedProductDetails": { + "$ref": "#/definitions/AWS::SageMaker::Project.ServiceCatalogProvisionedProductDetails", + "markdownDescription": "Details of a provisioned service catalog product. For information about service catalog, see [What is AWS Service Catalog](https://docs.aws.amazon.com/servicecatalog/latest/adminguide/introduction.html) .", + "title": "ServiceCatalogProvisionedProductDetails" + }, + "ServiceCatalogProvisioningDetails": { + "$ref": "#/definitions/AWS::SageMaker::Project.ServiceCatalogProvisioningDetails", + "markdownDescription": "The product ID and provisioning artifact ID to provision a service catalog. For information, see [What is AWS Service Catalog](https://docs.aws.amazon.com/servicecatalog/latest/adminguide/introduction.html) .", + "title": "ServiceCatalogProvisioningDetails" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs to apply to this resource.\n\nFor more information, see [Resource Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) and [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html#allocation-what) in the *AWS Billing and Cost Management User Guide* .", + "title": "Tags", + "type": "array" + }, + "TemplateProviderDetails": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Project.TemplateProviderDetail" + }, + "markdownDescription": "An array of template providers associated with the project.", + "title": "TemplateProviderDetails", + "type": "array" + } + }, + "required": [ + "ProjectName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SageMaker::Project" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SageMaker::Project.CfnStackParameter": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The name of the CloudFormation parameter.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the CloudFormation parameter.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::SageMaker::Project.CfnTemplateProviderDetail": { + "additionalProperties": false, + "properties": { + "Parameters": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Project.CfnStackParameter" + }, + "markdownDescription": "An array of CloudFormation stack parameters.", + "title": "Parameters", + "type": "array" + }, + "RoleARN": { + "markdownDescription": "The IAM role used by CloudFormation to create the stack.", + "title": "RoleARN", + "type": "string" + }, + "TemplateName": { + "markdownDescription": "The unique identifier of the template within the project.", + "title": "TemplateName", + "type": "string" + }, + "TemplateURL": { + "markdownDescription": "The Amazon S3 URL of the CloudFormation template.", + "title": "TemplateURL", + "type": "string" + } + }, + "required": [ + "TemplateName", + "TemplateURL" + ], + "type": "object" + }, + "AWS::SageMaker::Project.ProvisioningParameter": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The key that identifies a provisioning parameter.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the provisioning parameter.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::SageMaker::Project.ServiceCatalogProvisionedProductDetails": { + "additionalProperties": false, + "properties": { + "ProvisionedProductId": { + "markdownDescription": "The ID of the provisioned product.", + "title": "ProvisionedProductId", + "type": "string" + }, + "ProvisionedProductStatusMessage": { + "markdownDescription": "The current status of the product.\n\n- `AVAILABLE` - Stable state, ready to perform any operation. The most recent operation succeeded and completed.\n- `UNDER_CHANGE` - Transitive state. Operations performed might not have valid results. Wait for an AVAILABLE status before performing operations.\n- `TAINTED` - Stable state, ready to perform any operation. The stack has completed the requested operation but is not exactly what was requested. For example, a request to update to a new version failed and the stack rolled back to the current version.\n- `ERROR` - An unexpected error occurred. The provisioned product exists but the stack is not running. For example, CloudFormation received a parameter value that was not valid and could not launch the stack.\n- `PLAN_IN_PROGRESS` - Transitive state. The plan operations were performed to provision a new product, but resources have not yet been created. After reviewing the list of resources to be created, execute the plan. Wait for an AVAILABLE status before performing operations.", + "title": "ProvisionedProductStatusMessage", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::Project.ServiceCatalogProvisioningDetails": { + "additionalProperties": false, + "properties": { + "PathId": { + "markdownDescription": "The path identifier of the product. This value is optional if the product has a default path, and required if the product has more than one path.", + "title": "PathId", + "type": "string" + }, + "ProductId": { + "markdownDescription": "The ID of the product to provision.", + "title": "ProductId", + "type": "string" + }, + "ProvisioningArtifactId": { + "markdownDescription": "The ID of the provisioning artifact.", + "title": "ProvisioningArtifactId", + "type": "string" + }, + "ProvisioningParameters": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Project.ProvisioningParameter" + }, + "markdownDescription": "A list of key value pairs that you specify when you provision a product.", + "title": "ProvisioningParameters", + "type": "array" + } + }, + "required": [ + "ProductId" + ], + "type": "object" + }, + "AWS::SageMaker::Project.TemplateProviderDetail": { + "additionalProperties": false, + "properties": { + "CfnTemplateProviderDetail": { + "$ref": "#/definitions/AWS::SageMaker::Project.CfnTemplateProviderDetail", + "markdownDescription": "Details about a CloudFormation template provider configuration and associated provisioning information.", + "title": "CfnTemplateProviderDetail" + } + }, + "required": [ + "CfnTemplateProviderDetail" + ], + "type": "object" + }, + "AWS::SageMaker::Space": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DomainId": { + "markdownDescription": "The ID of the associated domain.", + "title": "DomainId", + "type": "string" + }, + "OwnershipSettings": { + "$ref": "#/definitions/AWS::SageMaker::Space.OwnershipSettings", + "markdownDescription": "The collection of ownership settings for a space.", + "title": "OwnershipSettings" + }, + "SpaceDisplayName": { + "markdownDescription": "The name of the space that appears in the Studio UI.", + "title": "SpaceDisplayName", + "type": "string" + }, + "SpaceName": { + "markdownDescription": "The name of the space.", + "title": "SpaceName", + "type": "string" + }, + "SpaceSettings": { + "$ref": "#/definitions/AWS::SageMaker::Space.SpaceSettings", + "markdownDescription": "A collection of space settings.", + "title": "SpaceSettings" + }, + "SpaceSharingSettings": { + "$ref": "#/definitions/AWS::SageMaker::Space.SpaceSharingSettings", + "markdownDescription": "A collection of space sharing settings.", + "title": "SpaceSharingSettings" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "DomainId", + "SpaceName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SageMaker::Space" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SageMaker::Space.CodeRepository": { + "additionalProperties": false, + "properties": { + "RepositoryUrl": { + "markdownDescription": "The URL of the Git repository.", + "title": "RepositoryUrl", + "type": "string" + } + }, + "required": [ + "RepositoryUrl" + ], + "type": "object" + }, + "AWS::SageMaker::Space.CustomFileSystem": { + "additionalProperties": false, + "properties": { + "EFSFileSystem": { + "$ref": "#/definitions/AWS::SageMaker::Space.EFSFileSystem", + "markdownDescription": "A custom file system in Amazon EFS.", + "title": "EFSFileSystem" + }, + "FSxLustreFileSystem": { + "$ref": "#/definitions/AWS::SageMaker::Space.FSxLustreFileSystem", + "markdownDescription": "A custom file system in Amazon FSx for Lustre.", + "title": "FSxLustreFileSystem" + }, + "S3FileSystem": { + "$ref": "#/definitions/AWS::SageMaker::Space.S3FileSystem", + "markdownDescription": "A custom file system in Amazon S3. This is only supported in Amazon SageMaker Unified Studio.", + "title": "S3FileSystem" + } + }, + "type": "object" + }, + "AWS::SageMaker::Space.CustomImage": { + "additionalProperties": false, + "properties": { + "AppImageConfigName": { + "markdownDescription": "The name of the AppImageConfig.", + "title": "AppImageConfigName", + "type": "string" + }, + "ImageName": { + "markdownDescription": "The name of the CustomImage. Must be unique to your account.", + "title": "ImageName", + "type": "string" + }, + "ImageVersionNumber": { + "markdownDescription": "The version number of the CustomImage.", + "title": "ImageVersionNumber", + "type": "number" + } + }, + "required": [ + "AppImageConfigName", + "ImageName" + ], + "type": "object" + }, + "AWS::SageMaker::Space.EFSFileSystem": { + "additionalProperties": false, + "properties": { + "FileSystemId": { + "markdownDescription": "The ID of your Amazon EFS file system.", + "title": "FileSystemId", + "type": "string" + } + }, + "required": [ + "FileSystemId" + ], + "type": "object" + }, + "AWS::SageMaker::Space.EbsStorageSettings": { + "additionalProperties": false, + "properties": { + "EbsVolumeSizeInGb": { + "markdownDescription": "The size of an EBS storage volume for a space.", + "title": "EbsVolumeSizeInGb", + "type": "number" + } + }, + "required": [ + "EbsVolumeSizeInGb" + ], + "type": "object" + }, + "AWS::SageMaker::Space.FSxLustreFileSystem": { + "additionalProperties": false, + "properties": { + "FileSystemId": { + "markdownDescription": "Amazon FSx for Lustre file system ID.", + "title": "FileSystemId", + "type": "string" + } + }, + "required": [ + "FileSystemId" + ], + "type": "object" + }, + "AWS::SageMaker::Space.JupyterServerAppSettings": { + "additionalProperties": false, + "properties": { + "DefaultResourceSpec": { + "$ref": "#/definitions/AWS::SageMaker::Space.ResourceSpec", + "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker AI image used by the JupyterServer app. If you use the `LifecycleConfigArns` parameter, then this parameter is also required.", + "title": "DefaultResourceSpec" + }, + "LifecycleConfigArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Name (ARN) of the Lifecycle Configurations attached to the JupyterServerApp. If you use this parameter, the `DefaultResourceSpec` parameter is also required.\n\n> To remove a Lifecycle Config, you must set `LifecycleConfigArns` to an empty list.", + "title": "LifecycleConfigArns", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SageMaker::Space.KernelGatewayAppSettings": { + "additionalProperties": false, + "properties": { + "CustomImages": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Space.CustomImage" + }, + "markdownDescription": "A list of custom SageMaker AI images that are configured to run as a KernelGateway app.\n\nThe maximum number of custom images are as follows.\n\n- On a domain level: 200\n- On a space level: 5\n- On a user profile level: 5", + "title": "CustomImages", + "type": "array" + }, + "DefaultResourceSpec": { + "$ref": "#/definitions/AWS::SageMaker::Space.ResourceSpec", + "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker AI image used by the KernelGateway app.\n\n> The Amazon SageMaker AI Studio UI does not use the default instance type value set here. The default instance type set here is used when Apps are created using the AWS CLI or AWS CloudFormation and the instance type parameter value is not passed.", + "title": "DefaultResourceSpec" + }, + "LifecycleConfigArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Name (ARN) of the Lifecycle Configurations attached to the the user profile or domain.\n\n> To remove a Lifecycle Config, you must set `LifecycleConfigArns` to an empty list.", + "title": "LifecycleConfigArns", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SageMaker::Space.OwnershipSettings": { + "additionalProperties": false, + "properties": { + "OwnerUserProfileName": { + "markdownDescription": "The user profile who is the owner of the space.", + "title": "OwnerUserProfileName", + "type": "string" + } + }, + "required": [ + "OwnerUserProfileName" + ], + "type": "object" + }, + "AWS::SageMaker::Space.ResourceSpec": { + "additionalProperties": false, + "properties": { + "InstanceType": { + "markdownDescription": "The instance type that the image version runs on.\n\n> *JupyterServer apps* only support the `system` value.\n> \n> For *KernelGateway apps* , the `system` value is translated to `ml.t3.medium` . KernelGateway apps also support all other values for available instance types.", + "title": "InstanceType", + "type": "string" + }, + "LifecycleConfigArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Lifecycle Configuration attached to the Resource.", + "title": "LifecycleConfigArn", + "type": "string" + }, + "SageMakerImageArn": { + "markdownDescription": "The ARN of the SageMaker AI image that the image version belongs to.", + "title": "SageMakerImageArn", + "type": "string" + }, + "SageMakerImageVersionArn": { + "markdownDescription": "The ARN of the image version created on the instance. To clear the value set for `SageMakerImageVersionArn` , pass `None` as the value.", + "title": "SageMakerImageVersionArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::Space.S3FileSystem": { + "additionalProperties": false, + "properties": { + "S3Uri": { + "markdownDescription": "The Amazon S3 URI that specifies the location in S3 where files are stored, which is mounted within the Studio environment. For example: `s3:////` .", + "title": "S3Uri", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::Space.SpaceAppLifecycleManagement": { + "additionalProperties": false, + "properties": { + "IdleSettings": { + "$ref": "#/definitions/AWS::SageMaker::Space.SpaceIdleSettings", + "markdownDescription": "Settings related to idle shutdown of Studio applications.", + "title": "IdleSettings" + } + }, + "type": "object" + }, + "AWS::SageMaker::Space.SpaceCodeEditorAppSettings": { + "additionalProperties": false, + "properties": { + "AppLifecycleManagement": { + "$ref": "#/definitions/AWS::SageMaker::Space.SpaceAppLifecycleManagement", + "markdownDescription": "Settings that are used to configure and manage the lifecycle of CodeEditor applications in a space.", + "title": "AppLifecycleManagement" + }, + "DefaultResourceSpec": { + "$ref": "#/definitions/AWS::SageMaker::Space.ResourceSpec", + "markdownDescription": "Specifies the ARNs of a SageMaker image and SageMaker image version, and the instance type that the version runs on.", + "title": "DefaultResourceSpec" + } + }, + "type": "object" + }, + "AWS::SageMaker::Space.SpaceIdleSettings": { + "additionalProperties": false, + "properties": { + "IdleTimeoutInMinutes": { + "markdownDescription": "The time that SageMaker waits after the application becomes idle before shutting it down.", + "title": "IdleTimeoutInMinutes", + "type": "number" + } + }, + "type": "object" + }, + "AWS::SageMaker::Space.SpaceJupyterLabAppSettings": { + "additionalProperties": false, + "properties": { + "AppLifecycleManagement": { + "$ref": "#/definitions/AWS::SageMaker::Space.SpaceAppLifecycleManagement", + "markdownDescription": "Settings that are used to configure and manage the lifecycle of JupyterLab applications in a space.", + "title": "AppLifecycleManagement" + }, + "CodeRepositories": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Space.CodeRepository" + }, + "markdownDescription": "A list of Git repositories that SageMaker automatically displays to users for cloning in the JupyterLab application.", + "title": "CodeRepositories", + "type": "array" + }, + "DefaultResourceSpec": { + "$ref": "#/definitions/AWS::SageMaker::Space.ResourceSpec", + "markdownDescription": "Specifies the ARNs of a SageMaker image and SageMaker image version, and the instance type that the version runs on.", + "title": "DefaultResourceSpec" + } + }, + "type": "object" + }, + "AWS::SageMaker::Space.SpaceSettings": { + "additionalProperties": false, + "properties": { + "AppType": { + "markdownDescription": "The type of app created within the space.\n\nIf using the [UpdateSpace](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateSpace.html) API, you can't change the app type of your space by specifying a different value for this field.", + "title": "AppType", + "type": "string" + }, + "CodeEditorAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::Space.SpaceCodeEditorAppSettings", + "markdownDescription": "The Code Editor application settings.", + "title": "CodeEditorAppSettings" + }, + "CustomFileSystems": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Space.CustomFileSystem" + }, + "markdownDescription": "A file system, created by you, that you assign to a space for an Amazon SageMaker AI Domain. Permitted users can access this file system in Amazon SageMaker AI Studio.", + "title": "CustomFileSystems", + "type": "array" + }, + "JupyterLabAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::Space.SpaceJupyterLabAppSettings", + "markdownDescription": "The settings for the JupyterLab application.", + "title": "JupyterLabAppSettings" + }, + "JupyterServerAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::Space.JupyterServerAppSettings", + "markdownDescription": "The JupyterServer app settings.", + "title": "JupyterServerAppSettings" + }, + "KernelGatewayAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::Space.KernelGatewayAppSettings", + "markdownDescription": "The KernelGateway app settings.", + "title": "KernelGatewayAppSettings" + }, + "RemoteAccess": { + "markdownDescription": "A setting that enables or disables remote access for a SageMaker space. When enabled, this allows you to connect to the remote space from your local IDE.", + "title": "RemoteAccess", + "type": "string" + }, + "SpaceManagedResources": { + "markdownDescription": "If you enable this option, SageMaker AI creates the following resources on your behalf when you create the space:\n\n- The user profile that possesses the space.\n- The app that the space contains.", + "title": "SpaceManagedResources", + "type": "string" + }, + "SpaceStorageSettings": { + "$ref": "#/definitions/AWS::SageMaker::Space.SpaceStorageSettings", + "markdownDescription": "The storage settings for a space.", + "title": "SpaceStorageSettings" + } + }, + "type": "object" + }, + "AWS::SageMaker::Space.SpaceSharingSettings": { + "additionalProperties": false, + "properties": { + "SharingType": { + "markdownDescription": "Specifies the sharing type of the space.", + "title": "SharingType", + "type": "string" + } + }, + "required": [ + "SharingType" + ], + "type": "object" + }, + "AWS::SageMaker::Space.SpaceStorageSettings": { + "additionalProperties": false, + "properties": { + "EbsStorageSettings": { + "$ref": "#/definitions/AWS::SageMaker::Space.EbsStorageSettings", + "markdownDescription": "A collection of EBS storage settings for a space.", + "title": "EbsStorageSettings" + } + }, + "type": "object" + }, + "AWS::SageMaker::StudioLifecycleConfig": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "StudioLifecycleConfigAppType": { + "markdownDescription": "The App type to which the Lifecycle Configuration is attached.", + "title": "StudioLifecycleConfigAppType", + "type": "string" + }, + "StudioLifecycleConfigContent": { + "markdownDescription": "", + "title": "StudioLifecycleConfigContent", + "type": "string" + }, + "StudioLifecycleConfigName": { + "markdownDescription": "The name of the Amazon SageMaker AI Studio Lifecycle Configuration.", + "title": "StudioLifecycleConfigName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "StudioLifecycleConfigAppType", + "StudioLifecycleConfigContent", + "StudioLifecycleConfigName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SageMaker::StudioLifecycleConfig" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SageMaker::UserProfile": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DomainId": { + "markdownDescription": "The domain ID.", + "title": "DomainId", + "type": "string" + }, + "SingleSignOnUserIdentifier": { + "markdownDescription": "A specifier for the type of value specified in SingleSignOnUserValue. Currently, the only supported value is \"UserName\". If the Domain's AuthMode is IAM Identity Center , this field is required. If the Domain's AuthMode is not IAM Identity Center , this field cannot be specified.", + "title": "SingleSignOnUserIdentifier", + "type": "string" + }, + "SingleSignOnUserValue": { + "markdownDescription": "The username of the associated AWS Single Sign-On User for this UserProfile. If the Domain's AuthMode is IAM Identity Center , this field is required, and must match a valid username of a user in your directory. If the Domain's AuthMode is not IAM Identity Center , this field cannot be specified.", + "title": "SingleSignOnUserValue", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nTags that you specify for the User Profile are also added to all apps that the User Profile launches.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + }, + "UserProfileName": { + "markdownDescription": "The user profile name.", + "title": "UserProfileName", + "type": "string" + }, + "UserSettings": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.UserSettings", + "markdownDescription": "A collection of settings that apply to users of Amazon SageMaker Studio.", + "title": "UserSettings" + } + }, + "required": [ + "DomainId", + "UserProfileName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SageMaker::UserProfile" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SageMaker::UserProfile.AppLifecycleManagement": { + "additionalProperties": false, + "properties": { + "IdleSettings": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.IdleSettings", + "markdownDescription": "Settings related to idle shutdown of Studio applications.", + "title": "IdleSettings" + } + }, + "type": "object" + }, + "AWS::SageMaker::UserProfile.CodeEditorAppSettings": { + "additionalProperties": false, + "properties": { + "AppLifecycleManagement": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.AppLifecycleManagement", + "markdownDescription": "Settings that are used to configure and manage the lifecycle of CodeEditor applications.", + "title": "AppLifecycleManagement" + }, + "BuiltInLifecycleConfigArn": { + "markdownDescription": "The lifecycle configuration that runs before the default lifecycle configuration. It can override changes made in the default lifecycle configuration.", + "title": "BuiltInLifecycleConfigArn", + "type": "string" + }, + "CustomImages": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.CustomImage" + }, + "markdownDescription": "A list of custom SageMaker images that are configured to run as a Code Editor app.", + "title": "CustomImages", + "type": "array" + }, + "DefaultResourceSpec": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.ResourceSpec", + "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the Code Editor app.", + "title": "DefaultResourceSpec" + }, + "LifecycleConfigArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Name (ARN) of the Code Editor application lifecycle configuration.", + "title": "LifecycleConfigArns", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SageMaker::UserProfile.CodeRepository": { + "additionalProperties": false, + "properties": { + "RepositoryUrl": { + "markdownDescription": "The URL of the Git repository.", + "title": "RepositoryUrl", + "type": "string" + } + }, + "required": [ + "RepositoryUrl" + ], + "type": "object" + }, + "AWS::SageMaker::UserProfile.CustomFileSystemConfig": { + "additionalProperties": false, + "properties": { + "EFSFileSystemConfig": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.EFSFileSystemConfig", + "markdownDescription": "The settings for a custom Amazon EFS file system.", + "title": "EFSFileSystemConfig" + }, + "FSxLustreFileSystemConfig": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.FSxLustreFileSystemConfig", + "markdownDescription": "The settings for a custom Amazon FSx for Lustre file system.", + "title": "FSxLustreFileSystemConfig" + }, + "S3FileSystemConfig": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.S3FileSystemConfig", + "markdownDescription": "Configuration settings for a custom Amazon S3 file system.", + "title": "S3FileSystemConfig" + } + }, + "type": "object" + }, + "AWS::SageMaker::UserProfile.CustomImage": { + "additionalProperties": false, + "properties": { + "AppImageConfigName": { + "markdownDescription": "The name of the AppImageConfig.", + "title": "AppImageConfigName", + "type": "string" + }, + "ImageName": { + "markdownDescription": "The name of the CustomImage. Must be unique to your account.", + "title": "ImageName", + "type": "string" + }, + "ImageVersionNumber": { + "markdownDescription": "The version number of the CustomImage.", + "title": "ImageVersionNumber", + "type": "number" + } + }, + "required": [ + "AppImageConfigName", + "ImageName" + ], + "type": "object" + }, + "AWS::SageMaker::UserProfile.CustomPosixUserConfig": { + "additionalProperties": false, + "properties": { + "Gid": { + "markdownDescription": "The POSIX group ID.", + "title": "Gid", + "type": "number" + }, + "Uid": { + "markdownDescription": "The POSIX user ID.", + "title": "Uid", + "type": "number" + } + }, + "required": [ + "Gid", + "Uid" + ], + "type": "object" + }, + "AWS::SageMaker::UserProfile.DefaultEbsStorageSettings": { + "additionalProperties": false, + "properties": { + "DefaultEbsVolumeSizeInGb": { + "markdownDescription": "The default size of the EBS storage volume for a space.", + "title": "DefaultEbsVolumeSizeInGb", + "type": "number" + }, + "MaximumEbsVolumeSizeInGb": { + "markdownDescription": "The maximum size of the EBS storage volume for a space.", + "title": "MaximumEbsVolumeSizeInGb", + "type": "number" + } + }, + "required": [ + "DefaultEbsVolumeSizeInGb", + "MaximumEbsVolumeSizeInGb" + ], + "type": "object" + }, + "AWS::SageMaker::UserProfile.DefaultSpaceStorageSettings": { + "additionalProperties": false, + "properties": { + "DefaultEbsStorageSettings": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.DefaultEbsStorageSettings", + "markdownDescription": "The default EBS storage settings for a space.", + "title": "DefaultEbsStorageSettings" + } + }, + "type": "object" + }, + "AWS::SageMaker::UserProfile.EFSFileSystemConfig": { + "additionalProperties": false, + "properties": { + "FileSystemId": { + "markdownDescription": "The ID of your Amazon EFS file system.", + "title": "FileSystemId", + "type": "string" + }, + "FileSystemPath": { + "markdownDescription": "The path to the file system directory that is accessible in Amazon SageMaker AI Studio. Permitted users can access only this directory and below.", + "title": "FileSystemPath", + "type": "string" + } + }, + "required": [ + "FileSystemId" + ], + "type": "object" + }, + "AWS::SageMaker::UserProfile.FSxLustreFileSystemConfig": { + "additionalProperties": false, + "properties": { + "FileSystemId": { + "markdownDescription": "The globally unique, 17-digit, ID of the file system, assigned by Amazon FSx for Lustre.", + "title": "FileSystemId", + "type": "string" + }, + "FileSystemPath": { + "markdownDescription": "The path to the file system directory that is accessible in Amazon SageMaker Studio. Permitted users can access only this directory and below.", + "title": "FileSystemPath", + "type": "string" + } + }, + "required": [ + "FileSystemId" + ], + "type": "object" + }, + "AWS::SageMaker::UserProfile.HiddenSageMakerImage": { + "additionalProperties": false, + "properties": { + "SageMakerImageName": { + "markdownDescription": "The SageMaker image name that you are hiding from the Studio user interface.", + "title": "SageMakerImageName", + "type": "string" + }, + "VersionAliases": { + "items": { + "type": "string" + }, + "markdownDescription": "The version aliases you are hiding from the Studio user interface.", + "title": "VersionAliases", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SageMaker::UserProfile.IdleSettings": { + "additionalProperties": false, + "properties": { + "IdleTimeoutInMinutes": { + "markdownDescription": "The time that SageMaker waits after the application becomes idle before shutting it down.", + "title": "IdleTimeoutInMinutes", + "type": "number" + }, + "LifecycleManagement": { + "markdownDescription": "Indicates whether idle shutdown is activated for the application type.", + "title": "LifecycleManagement", + "type": "string" + }, + "MaxIdleTimeoutInMinutes": { + "markdownDescription": "The maximum value in minutes that custom idle shutdown can be set to by the user.", + "title": "MaxIdleTimeoutInMinutes", + "type": "number" + }, + "MinIdleTimeoutInMinutes": { + "markdownDescription": "The minimum value in minutes that custom idle shutdown can be set to by the user.", + "title": "MinIdleTimeoutInMinutes", + "type": "number" + } + }, + "type": "object" + }, + "AWS::SageMaker::UserProfile.JupyterLabAppSettings": { + "additionalProperties": false, + "properties": { + "AppLifecycleManagement": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.AppLifecycleManagement", + "markdownDescription": "Indicates whether idle shutdown is activated for JupyterLab applications.", + "title": "AppLifecycleManagement" + }, + "BuiltInLifecycleConfigArn": { + "markdownDescription": "The lifecycle configuration that runs before the default lifecycle configuration. It can override changes made in the default lifecycle configuration.", + "title": "BuiltInLifecycleConfigArn", + "type": "string" + }, + "CodeRepositories": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.CodeRepository" + }, + "markdownDescription": "A list of Git repositories that SageMaker automatically displays to users for cloning in the JupyterLab application.", + "title": "CodeRepositories", + "type": "array" + }, + "CustomImages": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.CustomImage" + }, + "markdownDescription": "A list of custom SageMaker images that are configured to run as a JupyterLab app.", + "title": "CustomImages", + "type": "array" + }, + "DefaultResourceSpec": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.ResourceSpec", + "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the JupyterLab app.", + "title": "DefaultResourceSpec" + }, + "LifecycleConfigArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Name (ARN) of the lifecycle configurations attached to the user profile or domain. To remove a lifecycle config, you must set `LifecycleConfigArns` to an empty list.", + "title": "LifecycleConfigArns", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SageMaker::UserProfile.JupyterServerAppSettings": { + "additionalProperties": false, + "properties": { + "DefaultResourceSpec": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.ResourceSpec", + "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the JupyterServer app.", + "title": "DefaultResourceSpec" + }, + "LifecycleConfigArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Name (ARN) of the Lifecycle Configurations attached to the JupyterServerApp. If you use this parameter, the `DefaultResourceSpec` parameter is also required.\n\n> To remove a Lifecycle Config, you must set `LifecycleConfigArns` to an empty list.", + "title": "LifecycleConfigArns", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SageMaker::UserProfile.KernelGatewayAppSettings": { + "additionalProperties": false, + "properties": { + "CustomImages": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.CustomImage" + }, + "markdownDescription": "A list of custom SageMaker AI images that are configured to run as a KernelGateway app.\n\nThe maximum number of custom images are as follows.\n\n- On a domain level: 200\n- On a space level: 5\n- On a user profile level: 5", + "title": "CustomImages", + "type": "array" + }, + "DefaultResourceSpec": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.ResourceSpec", + "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker AI image used by the KernelGateway app.\n\n> The Amazon SageMaker AI Studio UI does not use the default instance type value set here. The default instance type set here is used when Apps are created using the AWS CLI or AWS CloudFormation and the instance type parameter value is not passed.", + "title": "DefaultResourceSpec" + }, + "LifecycleConfigArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Name (ARN) of the Lifecycle Configurations attached to the the user profile or domain.\n\n> To remove a Lifecycle Config, you must set `LifecycleConfigArns` to an empty list.", + "title": "LifecycleConfigArns", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SageMaker::UserProfile.RStudioServerProAppSettings": { + "additionalProperties": false, + "properties": { + "AccessStatus": { + "markdownDescription": "Indicates whether the current user has access to the `RStudioServerPro` app.", + "title": "AccessStatus", + "type": "string" + }, + "UserGroup": { + "markdownDescription": "The level of permissions that the user has within the `RStudioServerPro` app. This value defaults to `User`. The `Admin` value allows the user access to the RStudio Administrative Dashboard.", + "title": "UserGroup", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::UserProfile.ResourceSpec": { + "additionalProperties": false, + "properties": { + "InstanceType": { + "markdownDescription": "The instance type that the image version runs on.\n\n> *JupyterServer apps* only support the `system` value.\n> \n> For *KernelGateway apps* , the `system` value is translated to `ml.t3.medium` . KernelGateway apps also support all other values for available instance types.", + "title": "InstanceType", + "type": "string" + }, + "LifecycleConfigArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Lifecycle Configuration attached to the Resource.", + "title": "LifecycleConfigArn", + "type": "string" + }, + "SageMakerImageArn": { + "markdownDescription": "The ARN of the SageMaker AI image that the image version belongs to.", + "title": "SageMakerImageArn", + "type": "string" + }, + "SageMakerImageVersionArn": { + "markdownDescription": "The ARN of the image version created on the instance. To clear the value set for `SageMakerImageVersionArn` , pass `None` as the value.", + "title": "SageMakerImageVersionArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::UserProfile.S3FileSystemConfig": { + "additionalProperties": false, + "properties": { + "MountPath": { + "markdownDescription": "The file system path where the Amazon S3 storage location will be mounted within the Amazon SageMaker Studio environment.", + "title": "MountPath", + "type": "string" + }, + "S3Uri": { + "markdownDescription": "The Amazon S3 URI of the S3 file system configuration.", + "title": "S3Uri", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::UserProfile.SharingSettings": { + "additionalProperties": false, + "properties": { + "NotebookOutputOption": { + "markdownDescription": "Whether to include the notebook cell output when sharing the notebook. The default is `Disabled` .", + "title": "NotebookOutputOption", + "type": "string" + }, + "S3KmsKeyId": { + "markdownDescription": "When `NotebookOutputOption` is `Allowed` , the AWS Key Management Service (KMS) encryption key ID used to encrypt the notebook cell output in the Amazon S3 bucket.", + "title": "S3KmsKeyId", + "type": "string" + }, + "S3OutputPath": { + "markdownDescription": "When `NotebookOutputOption` is `Allowed` , the Amazon S3 bucket used to store the shared notebook snapshots.", + "title": "S3OutputPath", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::UserProfile.StudioWebPortalSettings": { + "additionalProperties": false, + "properties": { + "HiddenAppTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The [Applications supported in Studio](https://docs.aws.amazon.com/sagemaker/latest/dg/studio-updated-apps.html) that are hidden from the Studio left navigation pane.", + "title": "HiddenAppTypes", + "type": "array" + }, + "HiddenInstanceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The instance types you are hiding from the Studio user interface.", + "title": "HiddenInstanceTypes", + "type": "array" + }, + "HiddenMlTools": { + "items": { + "type": "string" + }, + "markdownDescription": "The machine learning tools that are hidden from the Studio left navigation pane.", + "title": "HiddenMlTools", + "type": "array" + }, + "HiddenSageMakerImageVersionAliases": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.HiddenSageMakerImage" + }, + "markdownDescription": "The version aliases you are hiding from the Studio user interface.", + "title": "HiddenSageMakerImageVersionAliases", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SageMaker::UserProfile.UserSettings": { + "additionalProperties": false, + "properties": { + "AutoMountHomeEFS": { + "markdownDescription": "Indicates whether auto-mounting of an EFS volume is supported for the user profile. The `DefaultAsDomain` value is only supported for user profiles. Do not use the `DefaultAsDomain` value when setting this parameter for a domain.\n\nSageMaker applies this setting only to private spaces that the user creates in the domain. SageMaker doesn't apply this setting to shared spaces.", + "title": "AutoMountHomeEFS", + "type": "string" + }, + "CodeEditorAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.CodeEditorAppSettings", + "markdownDescription": "The Code Editor application settings.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", + "title": "CodeEditorAppSettings" + }, + "CustomFileSystemConfigs": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.CustomFileSystemConfig" + }, + "markdownDescription": "The settings for assigning a custom file system to a user profile. Permitted users can access this file system in Amazon SageMaker AI Studio.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", + "title": "CustomFileSystemConfigs", + "type": "array" + }, + "CustomPosixUserConfig": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.CustomPosixUserConfig", + "markdownDescription": "Details about the POSIX identity that is used for file system operations.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", + "title": "CustomPosixUserConfig" + }, + "DefaultLandingUri": { + "markdownDescription": "The default experience that the user is directed to when accessing the domain. The supported values are:\n\n- `studio::` : Indicates that Studio is the default experience. This value can only be passed if `StudioWebPortal` is set to `ENABLED` .\n- `app:JupyterServer:` : Indicates that Studio Classic is the default experience.", + "title": "DefaultLandingUri", + "type": "string" + }, + "ExecutionRole": { + "markdownDescription": "The execution role for the user.\n\nSageMaker applies this setting only to private spaces that the user creates in the domain. SageMaker doesn't apply this setting to shared spaces.", + "title": "ExecutionRole", + "type": "string" + }, + "JupyterLabAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.JupyterLabAppSettings", + "markdownDescription": "The settings for the JupyterLab application.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", + "title": "JupyterLabAppSettings" + }, + "JupyterServerAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.JupyterServerAppSettings", + "markdownDescription": "The Jupyter server's app settings.", + "title": "JupyterServerAppSettings" + }, + "KernelGatewayAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.KernelGatewayAppSettings", + "markdownDescription": "The kernel gateway app settings.", + "title": "KernelGatewayAppSettings" + }, + "RStudioServerProAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.RStudioServerProAppSettings", + "markdownDescription": "A collection of settings that configure user interaction with the `RStudioServerPro` app.", + "title": "RStudioServerProAppSettings" + }, + "SecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The security groups for the Amazon Virtual Private Cloud (VPC) that the domain uses for communication.\n\nOptional when the `CreateDomain.AppNetworkAccessType` parameter is set to `PublicInternetOnly` .\n\nRequired when the `CreateDomain.AppNetworkAccessType` parameter is set to `VpcOnly` , unless specified as part of the `DefaultUserSettings` for the domain.\n\nAmazon SageMaker AI adds a security group to allow NFS traffic from Amazon SageMaker AI Studio. Therefore, the number of security groups that you can specify is one less than the maximum number shown.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", + "title": "SecurityGroups", + "type": "array" + }, + "SharingSettings": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.SharingSettings", + "markdownDescription": "Specifies options for sharing Amazon SageMaker AI Studio notebooks.", + "title": "SharingSettings" + }, + "SpaceStorageSettings": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.DefaultSpaceStorageSettings", + "markdownDescription": "The storage settings for a space.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", + "title": "SpaceStorageSettings" + }, + "StudioWebPortal": { + "markdownDescription": "Whether the user can access Studio. If this value is set to `DISABLED` , the user cannot access Studio, even if that is the default experience for the domain.", + "title": "StudioWebPortal", + "type": "string" + }, + "StudioWebPortalSettings": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.StudioWebPortalSettings", + "markdownDescription": "Studio settings. If these settings are applied on a user level, they take priority over the settings applied on a domain level.", + "title": "StudioWebPortalSettings" + } + }, + "type": "object" + }, + "AWS::SageMaker::Workteam": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the work team.", + "title": "Description", + "type": "string" + }, + "MemberDefinitions": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Workteam.MemberDefinition" + }, + "markdownDescription": "A list of `MemberDefinition` objects that contains objects that identify the workers that make up the work team.\n\nWorkforces can be created using Amazon Cognito or your own OIDC Identity Provider (IdP). For private workforces created using Amazon Cognito use `CognitoMemberDefinition` . For workforces created using your own OIDC identity provider (IdP) use `OidcMemberDefinition` .", + "title": "MemberDefinitions", + "type": "array" + }, + "NotificationConfiguration": { + "$ref": "#/definitions/AWS::SageMaker::Workteam.NotificationConfiguration", + "markdownDescription": "Configures SNS notifications of available or expiring work items for work teams.", + "title": "NotificationConfiguration" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs.", + "title": "Tags", + "type": "array" + }, + "WorkforceName": { + "markdownDescription": "The name of the workforce.", + "title": "WorkforceName", + "type": "string" + }, + "WorkteamName": { + "markdownDescription": "The name of the work team.", + "title": "WorkteamName", + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SageMaker::Workteam" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::SageMaker::Workteam.CognitoMemberDefinition": { + "additionalProperties": false, + "properties": { + "CognitoClientId": { + "markdownDescription": "An identifier for an application client. You must create the app client ID using Amazon Cognito .", + "title": "CognitoClientId", + "type": "string" + }, + "CognitoUserGroup": { + "markdownDescription": "An identifier for a user group.", + "title": "CognitoUserGroup", + "type": "string" + }, + "CognitoUserPool": { + "markdownDescription": "An identifier for a user pool. The user pool must be in the same region as the service that you are calling.", + "title": "CognitoUserPool", + "type": "string" + } + }, + "required": [ + "CognitoClientId", + "CognitoUserGroup", + "CognitoUserPool" + ], + "type": "object" + }, + "AWS::SageMaker::Workteam.MemberDefinition": { + "additionalProperties": false, + "properties": { + "CognitoMemberDefinition": { + "$ref": "#/definitions/AWS::SageMaker::Workteam.CognitoMemberDefinition", + "markdownDescription": "The Amazon Cognito user group that is part of the work team.", + "title": "CognitoMemberDefinition" + }, + "OidcMemberDefinition": { + "$ref": "#/definitions/AWS::SageMaker::Workteam.OidcMemberDefinition", + "markdownDescription": "A list user groups that exist in your OIDC Identity Provider (IdP). One to ten groups can be used to create a single private work team. When you add a user group to the list of `Groups` , you can add that user group to one or more private work teams. If you add a user group to a private work team, all workers in that user group are added to the work team.", + "title": "OidcMemberDefinition" + } + }, + "type": "object" + }, + "AWS::SageMaker::Workteam.NotificationConfiguration": { + "additionalProperties": false, + "properties": { + "NotificationTopicArn": { + "markdownDescription": "The ARN for the Amazon SNS topic to which notifications should be published.", + "title": "NotificationTopicArn", + "type": "string" + } + }, + "required": [ + "NotificationTopicArn" + ], + "type": "object" + }, + "AWS::SageMaker::Workteam.OidcMemberDefinition": { + "additionalProperties": false, + "properties": { + "OidcGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "OidcGroups", + "type": "array" + } + }, + "required": [ + "OidcGroups" + ], + "type": "object" + }, + "AWS::Scheduler::Schedule": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description you specify for the schedule.", + "title": "Description", + "type": "string" + }, + "EndDate": { + "markdownDescription": "The date, in UTC, before which the schedule can invoke its target. Depending on the schedule's recurrence expression, invocations might stop on, or before, the `EndDate` you specify.\nEventBridge Scheduler ignores `EndDate` for one-time schedules.", + "title": "EndDate", + "type": "string" + }, + "FlexibleTimeWindow": { + "$ref": "#/definitions/AWS::Scheduler::Schedule.FlexibleTimeWindow", + "markdownDescription": "Allows you to configure a time window during which EventBridge Scheduler invokes the schedule.", + "title": "FlexibleTimeWindow" + }, + "GroupName": { + "markdownDescription": "The name of the schedule group associated with this schedule.", + "title": "GroupName", + "type": "string" + }, + "KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the customer managed KMS key that EventBridge Scheduler will use to encrypt and decrypt your data.", + "title": "KmsKeyArn", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the schedule.", + "title": "Name", + "type": "string" + }, + "ScheduleExpression": { + "markdownDescription": "The expression that defines when the schedule runs. The following formats are supported.\n\n- `at` expression - `at(yyyy-mm-ddThh:mm:ss)`\n- `rate` expression - `rate(value unit)`\n- `cron` expression - `cron(fields)`\n\nYou can use `at` expressions to create one-time schedules that invoke a target once, at the time and in the time zone, that you specify. You can use `rate` and `cron` expressions to create recurring schedules. Rate-based schedules are useful when you want to invoke a target at regular intervals, such as every 15 minutes or every five days. Cron-based schedules are useful when you want to invoke a target periodically at a specific time, such as at 8:00 am (UTC+0) every 1st day of the month.\n\nA `cron` expression consists of six fields separated by white spaces: `(minutes hours day_of_month month day_of_week year)` .\n\nA `rate` expression consists of a *value* as a positive integer, and a *unit* with the following options: `minute` | `minutes` | `hour` | `hours` | `day` | `days`\n\nFor more information and examples, see [Schedule types on EventBridge Scheduler](https://docs.aws.amazon.com/scheduler/latest/UserGuide/schedule-types.html) in the *EventBridge Scheduler User Guide* .", + "title": "ScheduleExpression", + "type": "string" + }, + "ScheduleExpressionTimezone": { + "markdownDescription": "The timezone in which the scheduling expression is evaluated.", + "title": "ScheduleExpressionTimezone", + "type": "string" + }, + "StartDate": { + "markdownDescription": "The date, in UTC, after which the schedule can begin invoking its target. Depending on the schedule's recurrence expression, invocations might occur on, or after, the `StartDate` you specify.\nEventBridge Scheduler ignores `StartDate` for one-time schedules.", + "title": "StartDate", + "type": "string" + }, + "State": { + "markdownDescription": "Specifies whether the schedule is enabled or disabled.\n\n*Allowed Values* : `ENABLED` | `DISABLED`", + "title": "State", + "type": "string" + }, + "Target": { + "$ref": "#/definitions/AWS::Scheduler::Schedule.Target", + "markdownDescription": "The schedule's target details.", + "title": "Target" + } + }, + "required": [ + "FlexibleTimeWindow", + "ScheduleExpression", + "Target" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Scheduler::Schedule" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Scheduler::Schedule.AwsVpcConfiguration": { + "additionalProperties": false, + "properties": { + "AssignPublicIp": { + "markdownDescription": "Specifies whether the task's elastic network interface receives a public IP address. You can specify `ENABLED` only when `LaunchType` in `EcsParameters` is set to `FARGATE` .", + "title": "AssignPublicIp", + "type": "string" + }, + "SecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the security groups associated with the task. These security groups must all be in the same VPC. You can specify as many as five security groups. If you do not specify a security group, the default security group for the VPC is used.", + "title": "SecurityGroups", + "type": "array" + }, + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the subnets associated with the task. These subnets must all be in the same VPC. You can specify as many as 16 subnets.", + "title": "Subnets", + "type": "array" + } + }, + "required": [ + "Subnets" + ], + "type": "object" + }, + "AWS::Scheduler::Schedule.CapacityProviderStrategyItem": { + "additionalProperties": false, + "properties": { + "Base": { + "markdownDescription": "The base value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined. If no value is specified, the default value of `0` is used.", + "title": "Base", + "type": "number" + }, + "CapacityProvider": { + "markdownDescription": "The short name of the capacity provider.", + "title": "CapacityProvider", + "type": "string" + }, + "Weight": { + "markdownDescription": "The weight value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The weight value is taken into consideration after the base value, if defined, is satisfied.", + "title": "Weight", + "type": "number" + } + }, + "required": [ + "CapacityProvider" + ], + "type": "object" + }, + "AWS::Scheduler::Schedule.DeadLetterConfig": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the SQS queue specified as the destination for the dead-letter queue.", + "title": "Arn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Scheduler::Schedule.EcsParameters": { + "additionalProperties": false, + "properties": { + "CapacityProviderStrategy": { + "items": { + "$ref": "#/definitions/AWS::Scheduler::Schedule.CapacityProviderStrategyItem" + }, + "markdownDescription": "The capacity provider strategy to use for the task.", + "title": "CapacityProviderStrategy", + "type": "array" + }, + "EnableECSManagedTags": { + "markdownDescription": "Specifies whether to enable Amazon ECS managed tags for the task. For more information, see [Tagging Your Amazon ECS Resources](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-using-tags.html) in the *Amazon ECS Developer Guide* .", + "title": "EnableECSManagedTags", + "type": "boolean" + }, + "EnableExecuteCommand": { + "markdownDescription": "Whether or not to enable the execute command functionality for the containers in this task. If true, this enables execute command functionality on all containers in the task.", + "title": "EnableExecuteCommand", + "type": "boolean" + }, + "Group": { + "markdownDescription": "Specifies an Amazon ECS task group for the task. The maximum length is 255 characters.", + "title": "Group", + "type": "string" + }, + "LaunchType": { + "markdownDescription": "Specifies the launch type on which your task is running. The launch type that you specify here must match one of the launch type (compatibilities) of the target task. The `FARGATE` value is supported only in the Regions where Fargate with Amazon ECS is supported. For more information, see [AWS Fargate on Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/AWS_Fargate.html) in the *Amazon ECS Developer Guide* .", + "title": "LaunchType", + "type": "string" + }, + "NetworkConfiguration": { + "$ref": "#/definitions/AWS::Scheduler::Schedule.NetworkConfiguration", + "markdownDescription": "This structure specifies the network configuration for an ECS task.", + "title": "NetworkConfiguration" + }, + "PlacementConstraints": { + "items": { + "$ref": "#/definitions/AWS::Scheduler::Schedule.PlacementConstraint" + }, + "markdownDescription": "An array of placement constraint objects to use for the task. You can specify up to 10 constraints per task (including constraints in the task definition and those specified at runtime).", + "title": "PlacementConstraints", + "type": "array" + }, + "PlacementStrategy": { + "items": { + "$ref": "#/definitions/AWS::Scheduler::Schedule.PlacementStrategy" + }, + "markdownDescription": "The task placement strategy for a task or service.", + "title": "PlacementStrategy", + "type": "array" + }, + "PlatformVersion": { + "markdownDescription": "Specifies the platform version for the task. Specify only the numeric portion of the platform version, such as `1.1.0` .", + "title": "PlatformVersion", + "type": "string" + }, + "PropagateTags": { + "markdownDescription": "Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags are not propagated. Tags can only be propagated to the task during task creation. To add tags to a task after task creation, use the Amazon ECS [`TagResource`](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_TagResource.html) API action.", + "title": "PropagateTags", + "type": "string" + }, + "ReferenceId": { + "markdownDescription": "The reference ID to use for the task.", + "title": "ReferenceId", + "type": "string" + }, + "Tags": { + "markdownDescription": "The metadata that you apply to the task to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define. For more information, see [`RunTask`](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RunTask.html) in the *Amazon ECS API Reference* .", + "title": "Tags", + "type": "object" + }, + "TaskCount": { + "markdownDescription": "The number of tasks to create based on `TaskDefinition` . The default is `1` .", + "title": "TaskCount", + "type": "number" + }, + "TaskDefinitionArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the task definition to use if the event target is an Amazon ECS task.", + "title": "TaskDefinitionArn", + "type": "string" + } + }, + "required": [ + "TaskDefinitionArn" + ], + "type": "object" + }, + "AWS::Scheduler::Schedule.EventBridgeParameters": { + "additionalProperties": false, + "properties": { + "DetailType": { + "markdownDescription": "A free-form string, with a maximum of 128 characters, used to decide what fields to expect in the event detail.", + "title": "DetailType", + "type": "string" + }, + "Source": { + "markdownDescription": "The source of the event.", + "title": "Source", + "type": "string" + } + }, + "required": [ + "DetailType", + "Source" + ], + "type": "object" + }, + "AWS::Scheduler::Schedule.FlexibleTimeWindow": { + "additionalProperties": false, + "properties": { + "MaximumWindowInMinutes": { + "markdownDescription": "The maximum time window during which a schedule can be invoked.\n\n*Minimum* : `1`\n\n*Maximum* : `1440`", + "title": "MaximumWindowInMinutes", + "type": "number" + }, + "Mode": { + "markdownDescription": "Determines whether the schedule is invoked within a flexible time window. You must use quotation marks when you specify this value in your JSON or YAML template.\n\n*Allowed Values* : `\"OFF\"` | `\"FLEXIBLE\"`", + "title": "Mode", + "type": "string" + } + }, + "required": [ + "Mode" + ], + "type": "object" + }, + "AWS::Scheduler::Schedule.KinesisParameters": { + "additionalProperties": false, + "properties": { + "PartitionKey": { + "markdownDescription": "Specifies the shard to which EventBridge Scheduler sends the event. For more information, see [Amazon Kinesis Data Streams terminology and concepts](https://docs.aws.amazon.com/streams/latest/dev/key-concepts.html) in the *Amazon Kinesis Streams Developer Guide* .", + "title": "PartitionKey", + "type": "string" + } + }, + "required": [ + "PartitionKey" + ], + "type": "object" + }, + "AWS::Scheduler::Schedule.NetworkConfiguration": { + "additionalProperties": false, + "properties": { + "AwsvpcConfiguration": { + "$ref": "#/definitions/AWS::Scheduler::Schedule.AwsVpcConfiguration", + "markdownDescription": "Specifies the Amazon VPC subnets and security groups for the task, and whether a public IP address is to be used. This structure is relevant only for ECS tasks that use the awsvpc network mode.", + "title": "AwsvpcConfiguration" + } + }, + "type": "object" + }, + "AWS::Scheduler::Schedule.PlacementConstraint": { + "additionalProperties": false, + "properties": { + "Expression": { + "markdownDescription": "A cluster query language expression to apply to the constraint. You cannot specify an expression if the constraint type is `distinctInstance` . For more information, see [Cluster query language](https://docs.aws.amazon.com/latest/developerguide/cluster-query-language.html) in the *Amazon ECS Developer Guide* .", + "title": "Expression", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of constraint. Use `distinctInstance` to ensure that each task in a particular group is running on a different container instance. Use `memberOf` to restrict the selection to a group of valid candidates.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Scheduler::Schedule.PlacementStrategy": { + "additionalProperties": false, + "properties": { + "Field": { + "markdownDescription": "The field to apply the placement strategy against. For the spread placement strategy, valid values are `instanceId` (or `instanceId` , which has the same effect), or any platform or custom attribute that is applied to a container instance, such as `attribute:ecs.availability-zone` . For the binpack placement strategy, valid values are `cpu` and `memory` . For the random placement strategy, this field is not used.", + "title": "Field", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of placement strategy. The random placement strategy randomly places tasks on available candidates. The spread placement strategy spreads placement across available candidates evenly based on the field parameter. The binpack strategy places tasks on available candidates that have the least available amount of the resource that is specified with the field parameter. For example, if you binpack on memory, a task is placed on the instance with the least amount of remaining memory (but still enough to run the task).", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Scheduler::Schedule.RetryPolicy": { + "additionalProperties": false, + "properties": { + "MaximumEventAgeInSeconds": { + "markdownDescription": "The maximum amount of time, in seconds, to continue to make retry attempts.", + "title": "MaximumEventAgeInSeconds", + "type": "number" + }, + "MaximumRetryAttempts": { + "markdownDescription": "The maximum number of retry attempts to make before the request fails. Retry attempts with exponential backoff continue until either the maximum number of attempts is made or until the duration of the `MaximumEventAgeInSeconds` is reached.", + "title": "MaximumRetryAttempts", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Scheduler::Schedule.SageMakerPipelineParameter": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "Name of parameter to start execution of a SageMaker Model Building Pipeline.", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "Value of parameter to start execution of a SageMaker Model Building Pipeline.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Name", + "Value" + ], + "type": "object" + }, + "AWS::Scheduler::Schedule.SageMakerPipelineParameters": { + "additionalProperties": false, + "properties": { + "PipelineParameterList": { + "items": { + "$ref": "#/definitions/AWS::Scheduler::Schedule.SageMakerPipelineParameter" + }, + "markdownDescription": "List of parameter names and values to use when executing the SageMaker Model Building Pipeline.", + "title": "PipelineParameterList", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Scheduler::Schedule.SqsParameters": { + "additionalProperties": false, + "properties": { + "MessageGroupId": { + "markdownDescription": "The FIFO message group ID to use as the target.", + "title": "MessageGroupId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Scheduler::Schedule.Target": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the target.", + "title": "Arn", + "type": "string" + }, + "DeadLetterConfig": { + "$ref": "#/definitions/AWS::Scheduler::Schedule.DeadLetterConfig", + "markdownDescription": "An object that contains information about an Amazon SQS queue that EventBridge Scheduler uses as a dead-letter queue for your schedule. If specified, EventBridge Scheduler delivers failed events that could not be successfully delivered to a target to the queue.", + "title": "DeadLetterConfig" + }, + "EcsParameters": { + "$ref": "#/definitions/AWS::Scheduler::Schedule.EcsParameters", + "markdownDescription": "The templated target type for the Amazon ECS [`RunTask`](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RunTask.html) API operation.", + "title": "EcsParameters" + }, + "EventBridgeParameters": { + "$ref": "#/definitions/AWS::Scheduler::Schedule.EventBridgeParameters", + "markdownDescription": "The templated target type for the EventBridge [`PutEvents`](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_PutEvents.html) API operation.", + "title": "EventBridgeParameters" + }, + "Input": { + "markdownDescription": "The text, or well-formed JSON, passed to the target. If you are configuring a templated Lambda , AWS Step Functions , or Amazon EventBridge target, the input must be a well-formed JSON. For all other target types, a JSON is not required. If you do not specify anything for this field, Amazon EventBridge Scheduler delivers a default notification to the target.", + "title": "Input", + "type": "string" + }, + "KinesisParameters": { + "$ref": "#/definitions/AWS::Scheduler::Schedule.KinesisParameters", + "markdownDescription": "The templated target type for the Amazon Kinesis [`PutRecord`](https://docs.aws.amazon.com/kinesis/latest/APIReference/API_PutRecord.html) API operation.", + "title": "KinesisParameters" + }, + "RetryPolicy": { + "$ref": "#/definitions/AWS::Scheduler::Schedule.RetryPolicy", + "markdownDescription": "A `RetryPolicy` object that includes information about the retry policy settings, including the maximum age of an event, and the maximum number of times EventBridge Scheduler will try to deliver the event to a target.", + "title": "RetryPolicy" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that EventBridge Scheduler will use for this target when the schedule is invoked.", + "title": "RoleArn", + "type": "string" + }, + "SageMakerPipelineParameters": { + "$ref": "#/definitions/AWS::Scheduler::Schedule.SageMakerPipelineParameters", + "markdownDescription": "The templated target type for the Amazon SageMaker [`StartPipelineExecution`](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StartPipelineExecution.html) API operation.", + "title": "SageMakerPipelineParameters" + }, + "SqsParameters": { + "$ref": "#/definitions/AWS::Scheduler::Schedule.SqsParameters", + "markdownDescription": "The templated target type for the Amazon SQS [`SendMessage`](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_SendMessage.html) API operation. Contains the message group ID to use when the target is a FIFO queue. If you specify an Amazon SQS FIFO queue as a target, the queue must have content-based deduplication enabled. For more information, see [Using the Amazon SQS message deduplication ID](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/using-messagededuplicationid-property.html) in the *Amazon SQS Developer Guide* .", + "title": "SqsParameters" + } + }, + "required": [ + "Arn", + "RoleArn" + ], + "type": "object" + }, + "AWS::Scheduler::ScheduleGroup": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the schedule group.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Scheduler::ScheduleGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::SecretsManager::ResourcePolicy": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "BlockPublicPolicy": { + "markdownDescription": "Specifies whether to block resource-based policies that allow broad access to the secret. By default, Secrets Manager blocks policies that allow broad access, for example those that use a wildcard for the principal.", + "title": "BlockPublicPolicy", + "type": "boolean" + }, + "ResourcePolicy": { + "markdownDescription": "A JSON-formatted string for an AWS resource-based policy. For example policies, see [Permissions policy examples](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html) .", + "title": "ResourcePolicy", + "type": "object" + }, + "SecretId": { + "markdownDescription": "The ARN or name of the secret to attach the resource-based policy.\n\nFor an ARN, we recommend that you specify a complete ARN rather than a partial ARN.", + "title": "SecretId", + "type": "string" + } + }, + "required": [ + "ResourcePolicy", + "SecretId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SecretsManager::ResourcePolicy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SecretsManager::RotationSchedule": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "HostedRotationLambda": { + "$ref": "#/definitions/AWS::SecretsManager::RotationSchedule.HostedRotationLambda", + "markdownDescription": "Creates a new Lambda rotation function based on one of the [Secrets Manager rotation function templates](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html) . To use a rotation function that already exists, specify `RotationLambdaARN` instead.\n\nYou must specify `Transform: AWS::SecretsManager-2024-09-16` at the beginning of the CloudFormation template. Transforms are macros hosted by AWS CloudFormation that help you create and manage complex infrastructure. The `Transform: AWS::SecretsManager-2024-09-16` transform automatically extends the CloudFormation stack to include a nested stack (of type `AWS::CloudFormation::Stack` ), which then creates and updates on your behalf during subsequent stack operations, the appropriate rotation Lambda function for your database or service. For general information on transforms, see the [AWS CloudFormation documentation.](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/transform-reference.html)\n\nFor Amazon RDS master user credentials, see [AWS::RDS::DBCluster MasterUserSecret](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-dbcluster-masterusersecret.html) .\n\nFor Amazon Redshift admin user credentials, see [AWS::Redshift::Cluster](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-redshift-cluster.html) .", + "title": "HostedRotationLambda" + }, + "RotateImmediatelyOnUpdate": { + "markdownDescription": "Determines whether to rotate the secret immediately or wait until the next scheduled rotation window when the rotation schedule is updated. The rotation schedule is defined in `RotationRules` .\n\nThe default for `RotateImmediatelyOnUpdate` is `true` . If you don't specify this value, Secrets Manager rotates the secret immediately.\n\nIf you set `RotateImmediatelyOnUpdate` to `false` , Secrets Manager tests the rotation configuration by running the [`testSecret` step](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_how.html) of the Lambda rotation function. This test creates an `AWSPENDING` version of the secret and then removes it.\n\n> When changing an existing rotation schedule and setting `RotateImmediatelyOnUpdate` to `false` :\n> \n> - If using `AutomaticallyAfterDays` or a `ScheduleExpression` with `rate()` , the previously scheduled rotation might still occur.\n> - To prevent unintended rotations, use a `ScheduleExpression` with `cron()` for granular control over rotation windows. \n\nRotation is an asynchronous process. For more information, see [How rotation works](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_how.html) .", + "title": "RotateImmediatelyOnUpdate", + "type": "boolean" + }, + "RotationLambdaARN": { + "markdownDescription": "The ARN of an existing Lambda rotation function. To specify a rotation function that is also defined in this template, use the [Ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html) function.\n\nFor Amazon RDS master user credentials, see [AWS::RDS::DBCluster MasterUserSecret](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-dbcluster-masterusersecret.html) .\n\nFor Amazon Redshift admin user credentials, see [AWS::Redshift::Cluster](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-redshift-cluster.html) .\n\nTo create a new rotation function based on one of the [Secrets Manager rotation function templates](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html) , specify `HostedRotationLambda` instead.", + "title": "RotationLambdaARN", + "type": "string" + }, + "RotationRules": { + "$ref": "#/definitions/AWS::SecretsManager::RotationSchedule.RotationRules", + "markdownDescription": "A structure that defines the rotation configuration for this secret.", + "title": "RotationRules" + }, + "SecretId": { + "markdownDescription": "The ARN or name of the secret to rotate. This is unique for each rotation schedule definition.\n\nTo reference a secret also created in this template, use the [Ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html) function with the secret's logical ID.", + "title": "SecretId", + "type": "string" + } + }, + "required": [ + "SecretId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SecretsManager::RotationSchedule" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SecretsManager::RotationSchedule.HostedRotationLambda": { + "additionalProperties": false, + "properties": { + "ExcludeCharacters": { + "markdownDescription": "A string of the characters that you don't want in the password.", + "title": "ExcludeCharacters", + "type": "string" + }, + "KmsKeyArn": { + "markdownDescription": "The ARN of the KMS key that Secrets Manager uses to encrypt the secret. If you don't specify this value, then Secrets Manager uses the key `aws/secretsmanager` . If `aws/secretsmanager` doesn't yet exist, then Secrets Manager creates it for you automatically the first time it encrypts the secret value.", + "title": "KmsKeyArn", + "type": "string" + }, + "MasterSecretArn": { + "markdownDescription": "The ARN of the secret that contains superuser credentials, if you use the [Alternating users rotation strategy](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets_strategies.html#rotating-secrets-two-users) . CloudFormation grants the execution role for the Lambda rotation function `GetSecretValue` permission to the secret in this property. For more information, see [Lambda rotation function execution role permissions for Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets-required-permissions-function.html) .\n\nYou must create the superuser secret before you can set this property.\n\nYou must also include the superuser secret ARN as a key in the JSON of the rotating secret so that the Lambda rotation function can find it. CloudFormation does not hardcode secret ARNs in the Lambda rotation function, so you can use the function to rotate multiple secrets. For more information, see [JSON structure of Secrets Manager secrets](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_secret_json_structure.html) .\n\nYou can specify `MasterSecretArn` or `SuperuserSecretArn` but not both. They represent the same superuser secret.", + "title": "MasterSecretArn", + "type": "string" + }, + "MasterSecretKmsKeyArn": { + "markdownDescription": "The ARN of the KMS key that Secrets Manager used to encrypt the superuser secret, if you use the [alternating users strategy](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets_strategies.html#rotating-secrets-two-users) and the superuser secret is encrypted with a customer managed key. You don't need to specify this property if the superuser secret is encrypted using the key `aws/secretsmanager` . CloudFormation grants the execution role for the Lambda rotation function `Decrypt` , `DescribeKey` , and `GenerateDataKey` permission to the key in this property. For more information, see [Lambda rotation function execution role permissions for Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets-required-permissions-function.html) .\n\nYou can specify `MasterSecretKmsKeyArn` or `SuperuserSecretKmsKeyArn` but not both. They represent the same superuser secret KMS key .", + "title": "MasterSecretKmsKeyArn", + "type": "string" + }, + "RotationLambdaName": { + "markdownDescription": "The name of the Lambda rotation function.", + "title": "RotationLambdaName", + "type": "string" + }, + "RotationType": { + "markdownDescription": "The rotation template to base the rotation function on, one of the following:\n\n- `Db2SingleUser` to use the template [SecretsManagerRDSDb2RotationSingleUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-db2-singleuser) .\n- `Db2MultiUser` to use the template [SecretsManagerRDSDb2RotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-db2-multiuser) .\n- `MySQLSingleUser` to use the template [SecretsManagerRDSMySQLRotationSingleUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-mysql-singleuser) .\n- `MySQLMultiUser` to use the template [SecretsManagerRDSMySQLRotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-mysql-multiuser) .\n- `PostgreSQLSingleUser` to use the template [SecretsManagerRDSPostgreSQLRotationSingleUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-postgre-singleuser)\n- `PostgreSQLMultiUser` to use the template [SecretsManagerRDSPostgreSQLRotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-postgre-multiuser) .\n- `OracleSingleUser` to use the template [SecretsManagerRDSOracleRotationSingleUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-oracle-singleuser) .\n- `OracleMultiUser` to use the template [SecretsManagerRDSOracleRotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-oracle-multiuser) .\n- `MariaDBSingleUser` to use the template [SecretsManagerRDSMariaDBRotationSingleUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-mariadb-singleuser) .\n- `MariaDBMultiUser` to use the template [SecretsManagerRDSMariaDBRotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-mariadb-multiuser) .\n- `SQLServerSingleUser` to use the template [SecretsManagerRDSSQLServerRotationSingleUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-sqlserver-singleuser) .\n- `SQLServerMultiUser` to use the template [SecretsManagerRDSSQLServerRotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-sqlserver-multiuser) .\n- `RedshiftSingleUser` to use the template [SecretsManagerRedshiftRotationSingleUsr](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-redshift-singleuser) .\n- `RedshiftMultiUser` to use the template [SecretsManagerRedshiftRotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-redshift-multiuser) .\n- `MongoDBSingleUser` to use the template [SecretsManagerMongoDBRotationSingleUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-mongodb-singleuser) .\n- `MongoDBMultiUser` to use the template [SecretsManagerMongoDBRotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-mongodb-multiuser) .", + "title": "RotationType", + "type": "string" + }, + "Runtime": { + "markdownDescription": "> Do not set this value if you are using `Transform: AWS::SecretsManager-2024-09-16` . Over time, the updated rotation lambda artifacts vended by AWS may not be compatible with the code or shared object files defined in the rotation function deployment package.\n> \n> Only define the `Runtime` key if:\n> \n> - You are using `Transform: AWS::SecretsManager-2020-07-23` .\n> - The code or shared object files defined in the rotation function deployment package are incompatible with Python 3.9. \n\nThe Python Runtime version for with the rotation function. By default, CloudFormation deploys Python 3.9 binaries for the rotation function. To use a different version of Python, you must do the following two steps:\n\n- Deploy the matching version Python binaries with your rotation function.\n- Set the version number in this field. For example, for Python 3.7, enter *python3.7* .\n\nIf you only do one of the steps, your rotation function will be incompatible with the binaries. For more information, see [Why did my Lambda rotation function fail with a \"pg module not found\" error](https://docs.aws.amazon.com/https://repost.aws/knowledge-center/secrets-manager-lambda-rotation) .", + "title": "Runtime", + "type": "string" + }, + "SuperuserSecretArn": { + "markdownDescription": "The ARN of the secret that contains superuser credentials, if you use the [Alternating users rotation strategy](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets_strategies.html#rotating-secrets-two-users) . CloudFormation grants the execution role for the Lambda rotation function `GetSecretValue` permission to the secret in this property. For more information, see [Lambda rotation function execution role permissions for Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets-required-permissions-function.html) .\n\nYou must create the superuser secret before you can set this property.\n\nYou must also include the superuser secret ARN as a key in the JSON of the rotating secret so that the Lambda rotation function can find it. CloudFormation does not hardcode secret ARNs in the Lambda rotation function, so you can use the function to rotate multiple secrets. For more information, see [JSON structure of Secrets Manager secrets](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_secret_json_structure.html) .\n\nYou can specify `MasterSecretArn` or `SuperuserSecretArn` but not both. They represent the same superuser secret.", + "title": "SuperuserSecretArn", + "type": "string" + }, + "SuperuserSecretKmsKeyArn": { + "markdownDescription": "The ARN of the KMS key that Secrets Manager used to encrypt the superuser secret, if you use the [alternating users strategy](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets_strategies.html#rotating-secrets-two-users) and the superuser secret is encrypted with a customer managed key. You don't need to specify this property if the superuser secret is encrypted using the key `aws/secretsmanager` . CloudFormation grants the execution role for the Lambda rotation function `Decrypt` , `DescribeKey` , and `GenerateDataKey` permission to the key in this property. For more information, see [Lambda rotation function execution role permissions for Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets-required-permissions-function.html) .\n\nYou can specify `MasterSecretKmsKeyArn` or `SuperuserSecretKmsKeyArn` but not both. They represent the same superuser secret KMS key .", + "title": "SuperuserSecretKmsKeyArn", + "type": "string" + }, + "VpcSecurityGroupIds": { + "markdownDescription": "A comma-separated list of security group IDs applied to the target database.\n\nThe template applies the same security groups as on the Lambda rotation function that is created as part of this stack.", + "title": "VpcSecurityGroupIds", + "type": "string" + }, + "VpcSubnetIds": { + "markdownDescription": "A comma separated list of VPC subnet IDs of the target database network. The Lambda rotation function is in the same subnet group.", + "title": "VpcSubnetIds", + "type": "string" + } + }, + "required": [ + "RotationType" + ], + "type": "object" + }, + "AWS::SecretsManager::RotationSchedule.RotationRules": { + "additionalProperties": false, + "properties": { + "AutomaticallyAfterDays": { + "markdownDescription": "The number of days between automatic scheduled rotations of the secret. You can use this value to check that your secret meets your compliance guidelines for how often secrets must be rotated.\n\nIn `DescribeSecret` and `ListSecrets` , this value is calculated from the rotation schedule after every successful rotation. In `RotateSecret` , you can set the rotation schedule in `RotationRules` with `AutomaticallyAfterDays` or `ScheduleExpression` , but not both.", + "title": "AutomaticallyAfterDays", + "type": "number" + }, + "Duration": { + "markdownDescription": "The length of the rotation window in hours, for example `3h` for a three hour window. Secrets Manager rotates your secret at any time during this window. The window must not extend into the next rotation window or the next UTC day. The window starts according to the `ScheduleExpression` . If you don't specify a `Duration` , for a `ScheduleExpression` in hours, the window automatically closes after one hour. For a `ScheduleExpression` in days, the window automatically closes at the end of the UTC day. For more information, including examples, see [Schedule expressions in Secrets Manager rotation](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_schedule.html) in the *Secrets Manager Users Guide* .", + "title": "Duration", + "type": "string" + }, + "ScheduleExpression": { + "markdownDescription": "A `cron()` or `rate()` expression that defines the schedule for rotating your secret. Secrets Manager rotation schedules use UTC time zone. Secrets Manager rotates your secret any time during a rotation window.\n\nSecrets Manager `rate()` expressions represent the interval in hours or days that you want to rotate your secret, for example `rate(12 hours)` or `rate(10 days)` . You can rotate a secret as often as every four hours. If you use a `rate()` expression, the rotation window starts at midnight. For a rate in hours, the default rotation window closes after one hour. For a rate in days, the default rotation window closes at the end of the day. You can set the `Duration` to change the rotation window. The rotation window must not extend into the next UTC day or into the next rotation window.\n\nYou can use a `cron()` expression to create a rotation schedule that is more detailed than a rotation interval. For more information, including examples, see [Schedule expressions in Secrets Manager rotation](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_schedule.html) in the *Secrets Manager Users Guide* . For a cron expression that represents a schedule in hours, the default rotation window closes after one hour. For a cron expression that represents a schedule in days, the default rotation window closes at the end of the day. You can set the `Duration` to change the rotation window. The rotation window must not extend into the next UTC day or into the next rotation window.", + "title": "ScheduleExpression", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SecretsManager::Secret": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the secret.", + "title": "Description", + "type": "string" + }, + "GenerateSecretString": { + "$ref": "#/definitions/AWS::SecretsManager::Secret.GenerateSecretString", + "markdownDescription": "A structure that specifies how to generate a password to encrypt and store in the secret. To include a specific string in the secret, use `SecretString` instead. If you omit both `GenerateSecretString` and `SecretString` , you create an empty secret. When you make a change to this property, a new secret version is created.\n\nWe recommend that you specify the maximum length and include every character type that the system you are generating a password for can support.", + "title": "GenerateSecretString" + }, + "KmsKeyId": { + "markdownDescription": "The ARN, key ID, or alias of the AWS KMS key that Secrets Manager uses to encrypt the secret value in the secret. An alias is always prefixed by `alias/` , for example `alias/aws/secretsmanager` . For more information, see [About aliases](https://docs.aws.amazon.com/kms/latest/developerguide/alias-about.html) .\n\nTo use a AWS KMS key in a different account, use the key ARN or the alias ARN.\n\nIf you don't specify this value, then Secrets Manager uses the key `aws/secretsmanager` . If that key doesn't yet exist, then Secrets Manager creates it for you automatically the first time it encrypts the secret value.\n\nIf the secret is in a different AWS account from the credentials calling the API, then you can't use `aws/secretsmanager` to encrypt the secret, and you must create and use a customer managed AWS KMS key.", + "title": "KmsKeyId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the new secret.\n\nThe secret name can contain ASCII letters, numbers, and the following characters: /_+=.@-\n\nDo not end your secret name with a hyphen followed by six characters. If you do so, you risk confusion and unexpected results when searching for a secret by partial ARN. Secrets Manager automatically adds a hyphen and six random characters after the secret name at the end of the ARN.", + "title": "Name", + "type": "string" + }, + "ReplicaRegions": { + "items": { + "$ref": "#/definitions/AWS::SecretsManager::Secret.ReplicaRegion" + }, + "markdownDescription": "A custom type that specifies a `Region` and the `KmsKeyId` for a replica secret.", + "title": "ReplicaRegions", + "type": "array" + }, + "SecretString": { + "markdownDescription": "The text to encrypt and store in the secret. We recommend you use a JSON structure of key/value pairs for your secret value. To generate a random password, use `GenerateSecretString` instead. If you omit both `GenerateSecretString` and `SecretString` , you create an empty secret. When you make a change to this property, a new secret version is created.", + "title": "SecretString", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags to attach to the secret. Each tag is a key and value pair of strings in a JSON text string, for example:\n\n`[{\"Key\":\"CostCenter\",\"Value\":\"12345\"},{\"Key\":\"environment\",\"Value\":\"production\"}]`\n\nSecrets Manager tag key names are case sensitive. A tag with the key \"ABC\" is a different tag from one with key \"abc\".\n\nStack-level tags, tags you apply to the CloudFormation stack, are also attached to the secret.\n\nIf you check tags in permissions policies as part of your security strategy, then adding or removing a tag can change permissions. If the completion of this operation would result in you losing your permissions for this secret, then Secrets Manager blocks the operation and returns an `Access Denied` error. For more information, see [Control access to secrets using tags](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html#tag-secrets-abac) and [Limit access to identities with tags that match secrets' tags](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html#auth-and-access_tags2) .\n\nFor information about how to format a JSON parameter for the various command line tool environments, see [Using JSON for Parameters](https://docs.aws.amazon.com/cli/latest/userguide/cli-using-param.html#cli-using-param-json) . If your command-line tool or SDK requires quotation marks around the parameter, you should use single quotes to avoid confusion with the double quotes required in the JSON text.\n\nThe following restrictions apply to tags:\n\n- Maximum number of tags per secret: 50\n- Maximum key length: 127 Unicode characters in UTF-8\n- Maximum value length: 255 Unicode characters in UTF-8\n- Tag keys and values are case sensitive.\n- Do not use the `aws:` prefix in your tag names or values because AWS reserves it for AWS use. You can't edit or delete tag names or values with this prefix. Tags with this prefix do not count against your tags per secret limit.\n- If you use your tagging schema across multiple services and resources, other services might have restrictions on allowed characters. Generally allowed characters: letters, spaces, and numbers representable in UTF-8, plus the following special characters: + - = . _ : / @.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SecretsManager::Secret" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::SecretsManager::Secret.GenerateSecretString": { + "additionalProperties": false, + "properties": { + "ExcludeCharacters": { + "markdownDescription": "A string of the characters that you don't want in the password.", + "title": "ExcludeCharacters", + "type": "string" + }, + "ExcludeLowercase": { + "markdownDescription": "Specifies whether to exclude lowercase letters from the password. If you don't include this switch, the password can contain lowercase letters.", + "title": "ExcludeLowercase", + "type": "boolean" + }, + "ExcludeNumbers": { + "markdownDescription": "Specifies whether to exclude numbers from the password. If you don't include this switch, the password can contain numbers.", + "title": "ExcludeNumbers", + "type": "boolean" + }, + "ExcludePunctuation": { + "markdownDescription": "Specifies whether to exclude the following punctuation characters from the password: `! \" # $ % & ' ( ) * + , - . / : ; < = > ? @ [ \\ ] ^ _ ` { | } ~` . If you don't include this switch, the password can contain punctuation.", + "title": "ExcludePunctuation", + "type": "boolean" + }, + "ExcludeUppercase": { + "markdownDescription": "Specifies whether to exclude uppercase letters from the password. If you don't include this switch, the password can contain uppercase letters.", + "title": "ExcludeUppercase", + "type": "boolean" + }, + "GenerateStringKey": { + "markdownDescription": "The JSON key name for the key/value pair, where the value is the generated password. This pair is added to the JSON structure specified by the `SecretStringTemplate` parameter. If you specify this parameter, then you must also specify `SecretStringTemplate` .", + "title": "GenerateStringKey", + "type": "string" + }, + "IncludeSpace": { + "markdownDescription": "Specifies whether to include the space character. If you include this switch, the password can contain space characters.", + "title": "IncludeSpace", + "type": "boolean" + }, + "PasswordLength": { + "markdownDescription": "The length of the password. If you don't include this parameter, the default length is 32 characters.", + "title": "PasswordLength", + "type": "number" + }, + "RequireEachIncludedType": { + "markdownDescription": "Specifies whether to include at least one upper and lowercase letter, one number, and one punctuation. If you don't include this switch, the password contains at least one of every character type.", + "title": "RequireEachIncludedType", + "type": "boolean" + }, + "SecretStringTemplate": { + "markdownDescription": "A template that the generated string must match. When you make a change to this property, a new secret version is created.", + "title": "SecretStringTemplate", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SecretsManager::Secret.ReplicaRegion": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "markdownDescription": "The ARN, key ID, or alias of the KMS key to encrypt the secret. If you don't include this field, Secrets Manager uses `aws/secretsmanager` .", + "title": "KmsKeyId", + "type": "string" + }, + "Region": { + "markdownDescription": "A string that represents a `Region` , for example \"us-east-1\".", + "title": "Region", + "type": "string" + } + }, + "required": [ + "Region" + ], + "type": "object" + }, + "AWS::SecretsManager::SecretTargetAttachment": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "SecretId": { + "markdownDescription": "The ARN or name of the secret. To reference a secret also created in this template, use the see [Ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html) function with the secret's logical ID. This field is unique for each target attachment definition.", + "title": "SecretId", + "type": "string" + }, + "TargetId": { + "markdownDescription": "The ID of the database or cluster.", + "title": "TargetId", + "type": "string" + }, + "TargetType": { + "markdownDescription": "A string that defines the type of service or database associated with the secret. This value instructs Secrets Manager how to update the secret with the details of the service or database. This value must be one of the following:\n\n- AWS::RDS::DBInstance\n- AWS::RDS::DBCluster\n- AWS::Redshift::Cluster\n- AWS::RedshiftServerless::Namespace\n- AWS::DocDB::DBInstance\n- AWS::DocDB::DBCluster\n- AWS::DocDBElastic::Cluster", + "title": "TargetType", + "type": "string" + } + }, + "required": [ + "SecretId", + "TargetId", + "TargetType" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SecretsManager::SecretTargetAttachment" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SecurityHub::AggregatorV2": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "LinkedRegions": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of Regions that are linked to the aggregation Region.", + "title": "LinkedRegions", + "type": "array" + }, + "RegionLinkingMode": { + "markdownDescription": "Determines how Regions are linked to an Aggregator V2.", + "title": "RegionLinkingMode", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "A list of key-value pairs to be applied to the AggregatorV2.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "LinkedRegions", + "RegionLinkingMode" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SecurityHub::AggregatorV2" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SecurityHub::AutomationRule": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.AutomationRulesAction" + }, + "markdownDescription": "One or more actions to update finding fields if a finding matches the conditions specified in `Criteria` .", + "title": "Actions", + "type": "array" + }, + "Criteria": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.AutomationRulesFindingFilters", + "markdownDescription": "A set of [AWS Security Finding Format (ASFF)](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format.html) finding field attributes and corresponding expected values that Security Hub uses to filter findings. If a rule is enabled and a finding matches the criteria specified in this parameter, Security Hub applies the rule action to the finding.", + "title": "Criteria" + }, + "Description": { + "markdownDescription": "A description of the rule.", + "title": "Description", + "type": "string" + }, + "IsTerminal": { + "markdownDescription": "Specifies whether a rule is the last to be applied with respect to a finding that matches the rule criteria. This is useful when a finding matches the criteria for multiple rules, and each rule has different actions. If a rule is terminal, Security Hub applies the rule action to a finding that matches the rule criteria and doesn't evaluate other rules for the finding. By default, a rule isn't terminal.", + "title": "IsTerminal", + "type": "boolean" + }, + "RuleName": { + "markdownDescription": "The name of the rule.", + "title": "RuleName", + "type": "string" + }, + "RuleOrder": { + "markdownDescription": "An integer ranging from 1 to 1000 that represents the order in which the rule action is applied to findings. Security Hub applies rules with lower values for this parameter first.", + "title": "RuleOrder", + "type": "number" + }, + "RuleStatus": { + "markdownDescription": "Whether the rule is active after it is created. If this parameter is equal to `ENABLED` , Security Hub applies the rule to findings and finding updates after the rule is created.", + "title": "RuleStatus", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "User-defined tags associated with an automation rule.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "Actions", + "Criteria", + "Description", + "RuleName", + "RuleOrder" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SecurityHub::AutomationRule" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SecurityHub::AutomationRule.AutomationRulesAction": { + "additionalProperties": false, + "properties": { + "FindingFieldsUpdate": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.AutomationRulesFindingFieldsUpdate", + "markdownDescription": "Specifies that the automation rule action is an update to a finding field.", + "title": "FindingFieldsUpdate" + }, + "Type": { + "markdownDescription": "Specifies the type of action that Security Hub takes when a finding matches the defined criteria of a rule.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "FindingFieldsUpdate", + "Type" + ], + "type": "object" + }, + "AWS::SecurityHub::AutomationRule.AutomationRulesFindingFieldsUpdate": { + "additionalProperties": false, + "properties": { + "Confidence": { + "markdownDescription": "The rule action updates the `Confidence` field of a finding.", + "title": "Confidence", + "type": "number" + }, + "Criticality": { + "markdownDescription": "The rule action updates the `Criticality` field of a finding.", + "title": "Criticality", + "type": "number" + }, + "Note": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.NoteUpdate", + "markdownDescription": "The rule action will update the `Note` field of a finding.", + "title": "Note" + }, + "RelatedFindings": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.RelatedFinding" + }, + "markdownDescription": "The rule action will update the `RelatedFindings` field of a finding.", + "title": "RelatedFindings", + "type": "array" + }, + "Severity": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.SeverityUpdate", + "markdownDescription": "The rule action will update the `Severity` field of a finding.", + "title": "Severity" + }, + "Types": { + "items": { + "type": "string" + }, + "markdownDescription": "The rule action updates the `Types` field of a finding.", + "title": "Types", + "type": "array" + }, + "UserDefinedFields": { + "additionalProperties": true, + "markdownDescription": "The rule action updates the `UserDefinedFields` field of a finding.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "UserDefinedFields", + "type": "object" + }, + "VerificationState": { + "markdownDescription": "The rule action updates the `VerificationState` field of a finding.", + "title": "VerificationState", + "type": "string" + }, + "Workflow": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.WorkflowUpdate", + "markdownDescription": "The rule action will update the `Workflow` field of a finding.", + "title": "Workflow" + } + }, + "type": "object" + }, + "AWS::SecurityHub::AutomationRule.AutomationRulesFindingFilters": { + "additionalProperties": false, + "properties": { + "AwsAccountId": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "The AWS account ID in which a finding was generated.\n\nArray Members: Minimum number of 1 item. Maximum number of 100 items.", + "title": "AwsAccountId", + "type": "array" + }, + "CompanyName": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "The name of the company for the product that generated the finding. For control-based findings, the company is AWS .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "CompanyName", + "type": "array" + }, + "ComplianceAssociatedStandardsId": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "The unique identifier of a standard in which a control is enabled. This field consists of the resource portion of the Amazon Resource Name (ARN) returned for a standard in the [DescribeStandards](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeStandards.html) API response.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "ComplianceAssociatedStandardsId", + "type": "array" + }, + "ComplianceSecurityControlId": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "The security control ID for which a finding was generated. Security control IDs are the same across standards.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "ComplianceSecurityControlId", + "type": "array" + }, + "ComplianceStatus": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "The result of a security check. This field is only used for findings generated from controls.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "ComplianceStatus", + "type": "array" + }, + "Confidence": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.NumberFilter" + }, + "markdownDescription": "The likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. `Confidence` is scored on a 0\u2013100 basis using a ratio scale. A value of `0` means 0 percent confidence, and a value of `100` means 100 percent confidence. For example, a data exfiltration detection based on a statistical deviation of network traffic has low confidence because an actual exfiltration hasn't been verified. For more information, see [Confidence](https://docs.aws.amazon.com/securityhub/latest/userguide/asff-top-level-attributes.html#asff-confidence) in the *AWS Security Hub User Guide* .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "Confidence", + "type": "array" + }, + "CreatedAt": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.DateFilter" + }, + "markdownDescription": "A timestamp that indicates when this finding record was created.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "CreatedAt", + "type": "array" + }, + "Criticality": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.NumberFilter" + }, + "markdownDescription": "The level of importance that is assigned to the resources that are associated with a finding. `Criticality` is scored on a 0\u2013100 basis, using a ratio scale that supports only full integers. A score of `0` means that the underlying resources have no criticality, and a score of `100` is reserved for the most critical resources. For more information, see [Criticality](https://docs.aws.amazon.com/securityhub/latest/userguide/asff-top-level-attributes.html#asff-criticality) in the *AWS Security Hub User Guide* .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "Criticality", + "type": "array" + }, + "Description": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "A finding's description.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "Description", + "type": "array" + }, + "FirstObservedAt": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.DateFilter" + }, + "markdownDescription": "A timestamp that indicates when the potential security issue captured by a finding was first observed by the security findings product.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "FirstObservedAt", + "type": "array" + }, + "GeneratorId": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "The identifier for the solution-specific component that generated a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 100 items.", + "title": "GeneratorId", + "type": "array" + }, + "Id": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "The product-specific identifier for a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "Id", + "type": "array" + }, + "LastObservedAt": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.DateFilter" + }, + "markdownDescription": "A timestamp that indicates when the security findings provider most recently observed a change in the resource that is involved in the finding.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "LastObservedAt", + "type": "array" + }, + "NoteText": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "The text of a user-defined note that's added to a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "NoteText", + "type": "array" + }, + "NoteUpdatedAt": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.DateFilter" + }, + "markdownDescription": "The timestamp of when the note was updated.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "NoteUpdatedAt", + "type": "array" + }, + "NoteUpdatedBy": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "The principal that created a note.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "NoteUpdatedBy", + "type": "array" + }, + "ProductArn": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "The Amazon Resource Name (ARN) for a third-party product that generated a finding in Security Hub.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "ProductArn", + "type": "array" + }, + "ProductName": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "Provides the name of the product that generated the finding. For control-based findings, the product name is Security Hub.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "ProductName", + "type": "array" + }, + "RecordState": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "Provides the current state of a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "RecordState", + "type": "array" + }, + "RelatedFindingsId": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "The product-generated identifier for a related finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "RelatedFindingsId", + "type": "array" + }, + "RelatedFindingsProductArn": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "The ARN for the product that generated a related finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "RelatedFindingsProductArn", + "type": "array" + }, + "ResourceDetailsOther": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.MapFilter" + }, + "markdownDescription": "Custom fields and values about the resource that a finding pertains to.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "ResourceDetailsOther", + "type": "array" + }, + "ResourceId": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "The identifier for the given resource type. For AWS resources that are identified by Amazon Resource Names (ARNs), this is the ARN. For AWS resources that lack ARNs, this is the identifier as defined by the AWS service that created the resource. For non- AWS resources, this is a unique identifier that is associated with the resource.\n\nArray Members: Minimum number of 1 item. Maximum number of 100 items.", + "title": "ResourceId", + "type": "array" + }, + "ResourcePartition": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "The partition in which the resource that the finding pertains to is located. A partition is a group of AWS Regions . Each AWS account is scoped to one partition.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "ResourcePartition", + "type": "array" + }, + "ResourceRegion": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "The AWS Region where the resource that a finding pertains to is located.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "ResourceRegion", + "type": "array" + }, + "ResourceTags": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.MapFilter" + }, + "markdownDescription": "A list of AWS tags associated with a resource at the time the finding was processed.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "ResourceTags", + "type": "array" + }, + "ResourceType": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "A finding's title.\n\nArray Members: Minimum number of 1 item. Maximum number of 100 items.", + "title": "ResourceType", + "type": "array" + }, + "SeverityLabel": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "The severity value of the finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "SeverityLabel", + "type": "array" + }, + "SourceUrl": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "Provides a URL that links to a page about the current finding in the finding product.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "SourceUrl", + "type": "array" + }, + "Title": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "A finding's title.\n\nArray Members: Minimum number of 1 item. Maximum number of 100 items.", + "title": "Title", + "type": "array" + }, + "Type": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "One or more finding types in the format of namespace/category/classifier that classify a finding. For a list of namespaces, classifiers, and categories, see [Types taxonomy for ASFF](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format-type-taxonomy.html) in the *AWS Security Hub User Guide* .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "Type", + "type": "array" + }, + "UpdatedAt": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.DateFilter" + }, + "markdownDescription": "A timestamp that indicates when the finding record was most recently updated.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "UpdatedAt", + "type": "array" + }, + "UserDefinedFields": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.MapFilter" + }, + "markdownDescription": "A list of user-defined name and value string pairs added to a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "UserDefinedFields", + "type": "array" + }, + "VerificationState": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "Provides the veracity of a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "VerificationState", + "type": "array" + }, + "WorkflowStatus": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "Provides information about the status of the investigation into a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "WorkflowStatus", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SecurityHub::AutomationRule.DateFilter": { + "additionalProperties": false, + "properties": { + "DateRange": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.DateRange", + "markdownDescription": "A date range for the date filter.", + "title": "DateRange" + }, + "End": { + "markdownDescription": "A timestamp that provides the end date for the date filter.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", + "title": "End", + "type": "string" + }, + "Start": { + "markdownDescription": "A timestamp that provides the start date for the date filter.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", + "title": "Start", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SecurityHub::AutomationRule.DateRange": { + "additionalProperties": false, + "properties": { + "Unit": { + "markdownDescription": "A date range unit for the date filter.", + "title": "Unit", + "type": "string" + }, + "Value": { + "markdownDescription": "A date range value for the date filter.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "Unit", + "Value" + ], + "type": "object" + }, + "AWS::SecurityHub::AutomationRule.MapFilter": { + "additionalProperties": false, + "properties": { + "Comparison": { + "markdownDescription": "The condition to apply to the key value when filtering Security Hub findings with a map filter.\n\nTo search for values that have the filter value, use one of the following comparison operators:\n\n- To search for values that include the filter value, use `CONTAINS` . For example, for the `ResourceTags` field, the filter `Department CONTAINS Security` matches findings that include the value `Security` for the `Department` tag. In the same example, a finding with a value of `Security team` for the `Department` tag is a match.\n- To search for values that exactly match the filter value, use `EQUALS` . For example, for the `ResourceTags` field, the filter `Department EQUALS Security` matches findings that have the value `Security` for the `Department` tag.\n\n`CONTAINS` and `EQUALS` filters on the same field are joined by `OR` . A finding matches if it matches any one of those filters. For example, the filters `Department CONTAINS Security OR Department CONTAINS Finance` match a finding that includes either `Security` , `Finance` , or both values.\n\nTo search for values that don't have the filter value, use one of the following comparison operators:\n\n- To search for values that exclude the filter value, use `NOT_CONTAINS` . For example, for the `ResourceTags` field, the filter `Department NOT_CONTAINS Finance` matches findings that exclude the value `Finance` for the `Department` tag.\n- To search for values other than the filter value, use `NOT_EQUALS` . For example, for the `ResourceTags` field, the filter `Department NOT_EQUALS Finance` matches findings that don\u2019t have the value `Finance` for the `Department` tag.\n\n`NOT_CONTAINS` and `NOT_EQUALS` filters on the same field are joined by `AND` . A finding matches only if it matches all of those filters. For example, the filters `Department NOT_CONTAINS Security AND Department NOT_CONTAINS Finance` match a finding that excludes both the `Security` and `Finance` values.\n\n`CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters.\n\nYou can\u2019t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can\u2019t have both an `EQUALS` filter and a `NOT_EQUALS` filter on the same field. Combining filters in this way returns an error.\n\n`CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* .", + "title": "Comparison", + "type": "string" + }, + "Key": { + "markdownDescription": "The key of the map filter. For example, for `ResourceTags` , `Key` identifies the name of the tag. For `UserDefinedFields` , `Key` is the name of the field.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The value for the key in the map filter. Filter values are case sensitive. For example, one of the values for a tag called `Department` might be `Security` . If you provide `security` as the filter value, then there's no match.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Comparison", + "Key", + "Value" + ], + "type": "object" + }, + "AWS::SecurityHub::AutomationRule.NoteUpdate": { + "additionalProperties": false, + "properties": { + "Text": { + "markdownDescription": "The updated note text.", + "title": "Text", + "type": "string" + }, + "UpdatedBy": { + "markdownDescription": "The principal that updated the note.", + "title": "UpdatedBy", + "type": "object" + } + }, + "required": [ + "Text", + "UpdatedBy" + ], + "type": "object" + }, + "AWS::SecurityHub::AutomationRule.NumberFilter": { + "additionalProperties": false, + "properties": { + "Eq": { + "markdownDescription": "The equal-to condition to be applied to a single field when querying for findings.", + "title": "Eq", + "type": "number" + }, + "Gte": { + "markdownDescription": "The greater-than-equal condition to be applied to a single field when querying for findings.", + "title": "Gte", + "type": "number" + }, + "Lte": { + "markdownDescription": "The less-than-equal condition to be applied to a single field when querying for findings.", + "title": "Lte", + "type": "number" + } + }, + "type": "object" + }, + "AWS::SecurityHub::AutomationRule.RelatedFinding": { + "additionalProperties": false, + "properties": { + "Id": { + "markdownDescription": "The product-generated identifier for a related finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "Id", + "type": "object" + }, + "ProductArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the product that generated a related finding.", + "title": "ProductArn", + "type": "string" + } + }, + "required": [ + "Id", + "ProductArn" + ], + "type": "object" + }, + "AWS::SecurityHub::AutomationRule.SeverityUpdate": { + "additionalProperties": false, + "properties": { + "Label": { + "markdownDescription": "The severity value of the finding. The allowed values are the following.\n\n- `INFORMATIONAL` - No issue was found.\n- `LOW` - The issue does not require action on its own.\n- `MEDIUM` - The issue must be addressed but not urgently.\n- `HIGH` - The issue must be addressed as a priority.\n- `CRITICAL` - The issue must be remediated immediately to avoid it escalating.", + "title": "Label", + "type": "string" + }, + "Normalized": { + "markdownDescription": "The normalized severity for the finding. This attribute is to be deprecated in favor of `Label` .\n\nIf you provide `Normalized` and don't provide `Label` , `Label` is set automatically as follows.\n\n- 0 - `INFORMATIONAL`\n- 1\u201339 - `LOW`\n- 40\u201369 - `MEDIUM`\n- 70\u201389 - `HIGH`\n- 90\u2013100 - `CRITICAL`", + "title": "Normalized", + "type": "number" + }, + "Product": { + "markdownDescription": "The native severity as defined by the AWS service or integrated partner product that generated the finding.", + "title": "Product", + "type": "number" + } + }, + "type": "object" + }, + "AWS::SecurityHub::AutomationRule.StringFilter": { + "additionalProperties": false, + "properties": { + "Comparison": { + "markdownDescription": "The condition to apply to a string value when filtering Security Hub findings.\n\nTo search for values that have the filter value, use one of the following comparison operators:\n\n- To search for values that include the filter value, use `CONTAINS` . For example, the filter `Title CONTAINS CloudFront` matches findings that have a `Title` that includes the string CloudFront.\n- To search for values that exactly match the filter value, use `EQUALS` . For example, the filter `AwsAccountId EQUALS 123456789012` only matches findings that have an account ID of `123456789012` .\n- To search for values that start with the filter value, use `PREFIX` . For example, the filter `ResourceRegion PREFIX us` matches findings that have a `ResourceRegion` that starts with `us` . A `ResourceRegion` that starts with a different value, such as `af` , `ap` , or `ca` , doesn't match.\n\n`CONTAINS` , `EQUALS` , and `PREFIX` filters on the same field are joined by `OR` . A finding matches if it matches any one of those filters. For example, the filters `Title CONTAINS CloudFront OR Title CONTAINS CloudWatch` match a finding that includes either `CloudFront` , `CloudWatch` , or both strings in the title.\n\nTo search for values that don\u2019t have the filter value, use one of the following comparison operators:\n\n- To search for values that exclude the filter value, use `NOT_CONTAINS` . For example, the filter `Title NOT_CONTAINS CloudFront` matches findings that have a `Title` that excludes the string CloudFront.\n- To search for values other than the filter value, use `NOT_EQUALS` . For example, the filter `AwsAccountId NOT_EQUALS 123456789012` only matches findings that have an account ID other than `123456789012` .\n- To search for values that don't start with the filter value, use `PREFIX_NOT_EQUALS` . For example, the filter `ResourceRegion PREFIX_NOT_EQUALS us` matches findings with a `ResourceRegion` that starts with a value other than `us` .\n\n`NOT_CONTAINS` , `NOT_EQUALS` , and `PREFIX_NOT_EQUALS` filters on the same field are joined by `AND` . A finding matches only if it matches all of those filters. For example, the filters `Title NOT_CONTAINS CloudFront AND Title NOT_CONTAINS CloudWatch` match a finding that excludes both `CloudFront` and `CloudWatch` in the title.\n\nYou can\u2019t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can't provide both an `EQUALS` filter and a `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filter on the same field. Combining filters in this way returns an error. `CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters.\n\nYou can combine `PREFIX` filters with `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters for the same field. Security Hub first processes the `PREFIX` filters, and then the `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters.\n\nFor example, for the following filters, Security Hub first identifies findings that have resource types that start with either `AwsIam` or `AwsEc2` . It then excludes findings that have a resource type of `AwsIamPolicy` and findings that have a resource type of `AwsEc2NetworkInterface` .\n\n- `ResourceType PREFIX AwsIam`\n- `ResourceType PREFIX AwsEc2`\n- `ResourceType NOT_EQUALS AwsIamPolicy`\n- `ResourceType NOT_EQUALS AwsEc2NetworkInterface`\n\n`CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules V1. `CONTAINS_WORD` operator is only supported in `GetFindingsV2` , `GetFindingStatisticsV2` , `GetResourcesV2` , and `GetResourceStatisticsV2` APIs. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* .", + "title": "Comparison", + "type": "string" + }, + "Value": { + "markdownDescription": "The string filter value. Filter values are case sensitive. For example, the product name for control-based findings is `Security Hub` . If you provide `security hub` as the filter value, there's no match.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Comparison", + "Value" + ], + "type": "object" + }, + "AWS::SecurityHub::AutomationRule.WorkflowUpdate": { + "additionalProperties": false, + "properties": { + "Status": { + "markdownDescription": "The status of the investigation into the finding. The workflow status is specific to an individual finding. It does not affect the generation of new findings. For example, setting the workflow status to `SUPPRESSED` or `RESOLVED` does not prevent a new finding for the same issue.\n\nThe allowed values are the following.\n\n- `NEW` - The initial state of a finding, before it is reviewed.\n\nSecurity Hub also resets `WorkFlowStatus` from `NOTIFIED` or `RESOLVED` to `NEW` in the following cases:\n\n- The record state changes from `ARCHIVED` to `ACTIVE` .\n- The compliance status changes from `PASSED` to either `WARNING` , `FAILED` , or `NOT_AVAILABLE` .\n- `NOTIFIED` - Indicates that you notified the resource owner about the security issue. Used when the initial reviewer is not the resource owner, and needs intervention from the resource owner.\n- `RESOLVED` - The finding was reviewed and remediated and is now considered resolved.\n- `SUPPRESSED` - Indicates that you reviewed the finding and don't believe that any action is needed. The finding is no longer updated.", + "title": "Status", + "type": "string" + } + }, + "required": [ + "Status" + ], + "type": "object" + }, + "AWS::SecurityHub::AutomationRuleV2": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.AutomationRulesActionV2" + }, + "markdownDescription": "A list of actions to be performed when the rule criteria is met.", + "title": "Actions", + "type": "array" + }, + "Criteria": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.Criteria", + "markdownDescription": "The filtering type and configuration of the automation rule.", + "title": "Criteria" + }, + "Description": { + "markdownDescription": "A description of the V2 automation rule.", + "title": "Description", + "type": "string" + }, + "RuleName": { + "markdownDescription": "The name of the V2 automation rule.", + "title": "RuleName", + "type": "string" + }, + "RuleOrder": { + "markdownDescription": "The value for the rule priority.", + "title": "RuleOrder", + "type": "number" + }, + "RuleStatus": { + "markdownDescription": "The status of the V2 automation rule.", + "title": "RuleStatus", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "A list of key-value pairs associated with the V2 automation rule.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "Actions", + "Criteria", + "Description", + "RuleName", + "RuleOrder" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SecurityHub::AutomationRuleV2" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SecurityHub::AutomationRuleV2.AutomationRulesActionV2": { + "additionalProperties": false, + "properties": { + "ExternalIntegrationConfiguration": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.ExternalIntegrationConfiguration", + "markdownDescription": "The settings for integrating automation rule actions with external systems or service.", + "title": "ExternalIntegrationConfiguration" + }, + "FindingFieldsUpdate": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.AutomationRulesFindingFieldsUpdateV2", + "markdownDescription": "Specifies that the automation rule action is an update to a finding field.", + "title": "FindingFieldsUpdate" + }, + "Type": { + "markdownDescription": "Specifies the type of action that Security Hub takes when a finding matches the defined criteria of a rule.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::SecurityHub::AutomationRuleV2.AutomationRulesFindingFieldsUpdateV2": { + "additionalProperties": false, + "properties": { + "Comment": { + "markdownDescription": "Notes or contextual information for findings that are modified by the automation rule.", + "title": "Comment", + "type": "string" + }, + "SeverityId": { + "markdownDescription": "The severity level to be assigned to findings that match the automation rule criteria.", + "title": "SeverityId", + "type": "number" + }, + "StatusId": { + "markdownDescription": "The status to be applied to findings that match automation rule criteria.", + "title": "StatusId", + "type": "number" + } + }, + "type": "object" + }, + "AWS::SecurityHub::AutomationRuleV2.BooleanFilter": { + "additionalProperties": false, + "properties": { + "Value": { + "markdownDescription": "The value of the boolean.", + "title": "Value", + "type": "boolean" + } + }, + "required": [ + "Value" + ], + "type": "object" + }, + "AWS::SecurityHub::AutomationRuleV2.CompositeFilter": { + "additionalProperties": false, + "properties": { + "BooleanFilters": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.OcsfBooleanFilter" + }, + "markdownDescription": "Enables filtering based on boolean field values.", + "title": "BooleanFilters", + "type": "array" + }, + "DateFilters": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.OcsfDateFilter" + }, + "markdownDescription": "Enables filtering based on date and timestamp fields.", + "title": "DateFilters", + "type": "array" + }, + "MapFilters": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.OcsfMapFilter" + }, + "markdownDescription": "Enables the creation of filtering criteria for security findings.", + "title": "MapFilters", + "type": "array" + }, + "NumberFilters": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.OcsfNumberFilter" + }, + "markdownDescription": "Enables filtering based on numerical field values.", + "title": "NumberFilters", + "type": "array" + }, + "Operator": { + "markdownDescription": "The logical operator used to combine multiple filter conditions.", + "title": "Operator", + "type": "string" + }, + "StringFilters": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.OcsfStringFilter" + }, + "markdownDescription": "Enables filtering based on string field values.", + "title": "StringFilters", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SecurityHub::AutomationRuleV2.Criteria": { + "additionalProperties": false, + "properties": { + "OcsfFindingCriteria": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.OcsfFindingFilters", + "markdownDescription": "The filtering conditions that align with OCSF standards.", + "title": "OcsfFindingCriteria" + } + }, + "type": "object" + }, + "AWS::SecurityHub::AutomationRuleV2.DateFilter": { + "additionalProperties": false, + "properties": { + "DateRange": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.DateRange", + "markdownDescription": "A date range for the date filter.", + "title": "DateRange" + }, + "End": { + "markdownDescription": "A timestamp that provides the end date for the date filter.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", + "title": "End", + "type": "string" + }, + "Start": { + "markdownDescription": "A timestamp that provides the start date for the date filter.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", + "title": "Start", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SecurityHub::AutomationRuleV2.DateRange": { + "additionalProperties": false, + "properties": { + "Unit": { + "markdownDescription": "A date range unit for the date filter.", + "title": "Unit", + "type": "string" + }, + "Value": { + "markdownDescription": "A date range value for the date filter.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "Unit", + "Value" + ], + "type": "object" + }, + "AWS::SecurityHub::AutomationRuleV2.ExternalIntegrationConfiguration": { + "additionalProperties": false, + "properties": { + "ConnectorArn": { + "markdownDescription": "The ARN of the connector that establishes the integration.", + "title": "ConnectorArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SecurityHub::AutomationRuleV2.MapFilter": { + "additionalProperties": false, + "properties": { + "Comparison": { + "markdownDescription": "The condition to apply to the key value when filtering Security Hub findings with a map filter.\n\nTo search for values that have the filter value, use one of the following comparison operators:\n\n- To search for values that include the filter value, use `CONTAINS` . For example, for the `ResourceTags` field, the filter `Department CONTAINS Security` matches findings that include the value `Security` for the `Department` tag. In the same example, a finding with a value of `Security team` for the `Department` tag is a match.\n- To search for values that exactly match the filter value, use `EQUALS` . For example, for the `ResourceTags` field, the filter `Department EQUALS Security` matches findings that have the value `Security` for the `Department` tag.\n\n`CONTAINS` and `EQUALS` filters on the same field are joined by `OR` . A finding matches if it matches any one of those filters. For example, the filters `Department CONTAINS Security OR Department CONTAINS Finance` match a finding that includes either `Security` , `Finance` , or both values.\n\nTo search for values that don't have the filter value, use one of the following comparison operators:\n\n- To search for values that exclude the filter value, use `NOT_CONTAINS` . For example, for the `ResourceTags` field, the filter `Department NOT_CONTAINS Finance` matches findings that exclude the value `Finance` for the `Department` tag.\n- To search for values other than the filter value, use `NOT_EQUALS` . For example, for the `ResourceTags` field, the filter `Department NOT_EQUALS Finance` matches findings that don\u2019t have the value `Finance` for the `Department` tag.\n\n`NOT_CONTAINS` and `NOT_EQUALS` filters on the same field are joined by `AND` . A finding matches only if it matches all of those filters. For example, the filters `Department NOT_CONTAINS Security AND Department NOT_CONTAINS Finance` match a finding that excludes both the `Security` and `Finance` values.\n\n`CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters.\n\nYou can\u2019t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can\u2019t have both an `EQUALS` filter and a `NOT_EQUALS` filter on the same field. Combining filters in this way returns an error.\n\n`CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* .", + "title": "Comparison", + "type": "string" + }, + "Key": { + "markdownDescription": "The key of the map filter. For example, for `ResourceTags` , `Key` identifies the name of the tag. For `UserDefinedFields` , `Key` is the name of the field.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The value for the key in the map filter. Filter values are case sensitive. For example, one of the values for a tag called `Department` might be `Security` . If you provide `security` as the filter value, then there's no match.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Comparison", + "Key", + "Value" + ], + "type": "object" + }, + "AWS::SecurityHub::AutomationRuleV2.NumberFilter": { + "additionalProperties": false, + "properties": { + "Eq": { + "markdownDescription": "The equal-to condition to be applied to a single field when querying for findings.", + "title": "Eq", + "type": "number" + }, + "Gte": { + "markdownDescription": "The greater-than-equal condition to be applied to a single field when querying for findings.", + "title": "Gte", + "type": "number" + }, + "Lte": { + "markdownDescription": "The less-than-equal condition to be applied to a single field when querying for findings.", + "title": "Lte", + "type": "number" + } + }, + "type": "object" + }, + "AWS::SecurityHub::AutomationRuleV2.OcsfBooleanFilter": { + "additionalProperties": false, + "properties": { + "FieldName": { + "markdownDescription": "The name of the field.", + "title": "FieldName", + "type": "string" + }, + "Filter": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.BooleanFilter", + "markdownDescription": "Enables filtering of security findings based on boolean field values in OCSF.", + "title": "Filter" + } + }, + "required": [ + "FieldName", + "Filter" + ], + "type": "object" + }, + "AWS::SecurityHub::AutomationRuleV2.OcsfDateFilter": { + "additionalProperties": false, + "properties": { + "FieldName": { + "markdownDescription": "The name of the field.", + "title": "FieldName", + "type": "string" + }, + "Filter": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.DateFilter", + "markdownDescription": "Enables filtering of security findings based on date and timestamp fields in OCSF.", + "title": "Filter" + } + }, + "required": [ + "FieldName", + "Filter" + ], + "type": "object" + }, + "AWS::SecurityHub::AutomationRuleV2.OcsfFindingFilters": { + "additionalProperties": false, + "properties": { + "CompositeFilters": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.CompositeFilter" + }, + "markdownDescription": "Enables the creation of complex filtering conditions by combining filter criteria.", + "title": "CompositeFilters", + "type": "array" + }, + "CompositeOperator": { + "markdownDescription": "The logical operators used to combine the filtering on multiple `CompositeFilters` .", + "title": "CompositeOperator", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SecurityHub::AutomationRuleV2.OcsfMapFilter": { + "additionalProperties": false, + "properties": { + "FieldName": { + "markdownDescription": "The name of the field.", + "title": "FieldName", + "type": "string" + }, + "Filter": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.MapFilter", + "markdownDescription": "Enables filtering of security findings based on map field values in OCSF.", + "title": "Filter" + } + }, + "required": [ + "FieldName", + "Filter" + ], + "type": "object" + }, + "AWS::SecurityHub::AutomationRuleV2.OcsfNumberFilter": { + "additionalProperties": false, + "properties": { + "FieldName": { + "markdownDescription": "The name of the field.", + "title": "FieldName", + "type": "string" + }, + "Filter": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.NumberFilter", + "markdownDescription": "Enables filtering of security findings based on numerical field values in OCSF.", + "title": "Filter" + } + }, + "required": [ + "FieldName", + "Filter" + ], + "type": "object" + }, + "AWS::SecurityHub::AutomationRuleV2.OcsfStringFilter": { + "additionalProperties": false, + "properties": { + "FieldName": { + "markdownDescription": "The name of the field.", + "title": "FieldName", + "type": "string" + }, + "Filter": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.StringFilter", + "markdownDescription": "Enables filtering of security findings based on string field values in OCSF.", + "title": "Filter" + } + }, + "required": [ + "FieldName", + "Filter" + ], + "type": "object" + }, + "AWS::SecurityHub::AutomationRuleV2.StringFilter": { + "additionalProperties": false, + "properties": { + "Comparison": { + "markdownDescription": "The condition to apply to a string value when filtering Security Hub findings.\n\nTo search for values that have the filter value, use one of the following comparison operators:\n\n- To search for values that include the filter value, use `CONTAINS` . For example, the filter `Title CONTAINS CloudFront` matches findings that have a `Title` that includes the string CloudFront.\n- To search for values that exactly match the filter value, use `EQUALS` . For example, the filter `AwsAccountId EQUALS 123456789012` only matches findings that have an account ID of `123456789012` .\n- To search for values that start with the filter value, use `PREFIX` . For example, the filter `ResourceRegion PREFIX us` matches findings that have a `ResourceRegion` that starts with `us` . A `ResourceRegion` that starts with a different value, such as `af` , `ap` , or `ca` , doesn't match.\n\n`CONTAINS` , `EQUALS` , and `PREFIX` filters on the same field are joined by `OR` . A finding matches if it matches any one of those filters. For example, the filters `Title CONTAINS CloudFront OR Title CONTAINS CloudWatch` match a finding that includes either `CloudFront` , `CloudWatch` , or both strings in the title.\n\nTo search for values that don\u2019t have the filter value, use one of the following comparison operators:\n\n- To search for values that exclude the filter value, use `NOT_CONTAINS` . For example, the filter `Title NOT_CONTAINS CloudFront` matches findings that have a `Title` that excludes the string CloudFront.\n- To search for values other than the filter value, use `NOT_EQUALS` . For example, the filter `AwsAccountId NOT_EQUALS 123456789012` only matches findings that have an account ID other than `123456789012` .\n- To search for values that don't start with the filter value, use `PREFIX_NOT_EQUALS` . For example, the filter `ResourceRegion PREFIX_NOT_EQUALS us` matches findings with a `ResourceRegion` that starts with a value other than `us` .\n\n`NOT_CONTAINS` , `NOT_EQUALS` , and `PREFIX_NOT_EQUALS` filters on the same field are joined by `AND` . A finding matches only if it matches all of those filters. For example, the filters `Title NOT_CONTAINS CloudFront AND Title NOT_CONTAINS CloudWatch` match a finding that excludes both `CloudFront` and `CloudWatch` in the title.\n\nYou can\u2019t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can't provide both an `EQUALS` filter and a `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filter on the same field. Combining filters in this way returns an error. `CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters.\n\nYou can combine `PREFIX` filters with `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters for the same field. Security Hub first processes the `PREFIX` filters, and then the `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters.\n\nFor example, for the following filters, Security Hub first identifies findings that have resource types that start with either `AwsIam` or `AwsEc2` . It then excludes findings that have a resource type of `AwsIamPolicy` and findings that have a resource type of `AwsEc2NetworkInterface` .\n\n- `ResourceType PREFIX AwsIam`\n- `ResourceType PREFIX AwsEc2`\n- `ResourceType NOT_EQUALS AwsIamPolicy`\n- `ResourceType NOT_EQUALS AwsEc2NetworkInterface`\n\n`CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules V1. `CONTAINS_WORD` operator is only supported in `GetFindingsV2` , `GetFindingStatisticsV2` , `GetResourcesV2` , and `GetResourceStatisticsV2` APIs. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* .", + "title": "Comparison", + "type": "string" + }, + "Value": { + "markdownDescription": "The string filter value. Filter values are case sensitive. For example, the product name for control-based findings is `Security Hub` . If you provide `security hub` as the filter value, there's no match.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Comparison", + "Value" + ], + "type": "object" + }, + "AWS::SecurityHub::ConfigurationPolicy": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ConfigurationPolicy": { + "$ref": "#/definitions/AWS::SecurityHub::ConfigurationPolicy.Policy", + "markdownDescription": "An object that defines how AWS Security Hub is configured. It includes whether Security Hub is enabled or disabled, a list of enabled security standards, a list of enabled or disabled security controls, and a list of custom parameter values for specified controls. If you provide a list of security controls that are enabled in the configuration policy, Security Hub disables all other controls (including newly released controls). If you provide a list of security controls that are disabled in the configuration policy, Security Hub enables all other controls (including newly released controls).", + "title": "ConfigurationPolicy" + }, + "Description": { + "markdownDescription": "The description of the configuration policy.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the configuration policy. Alphanumeric characters and the following ASCII characters are permitted: `-, ., !, *, /` .", + "title": "Name", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "User-defined tags associated with a configuration policy. For more information, see [Tagging AWS Security Hub resources](https://docs.aws.amazon.com/securityhub/latest/userguide/tagging-resources.html) in the *Security Hub user guide* .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "ConfigurationPolicy", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SecurityHub::ConfigurationPolicy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SecurityHub::ConfigurationPolicy.ParameterConfiguration": { + "additionalProperties": false, + "properties": { + "Value": { + "$ref": "#/definitions/AWS::SecurityHub::ConfigurationPolicy.ParameterValue", + "markdownDescription": "The current value of a control parameter.", + "title": "Value" + }, + "ValueType": { + "markdownDescription": "Identifies whether a control parameter uses a custom user-defined value or subscribes to the default AWS Security Hub behavior.\n\nWhen `ValueType` is set equal to `DEFAULT` , the default behavior can be a specific Security Hub default value, or the default behavior can be to ignore a specific parameter. When `ValueType` is set equal to `DEFAULT` , Security Hub ignores user-provided input for the `Value` field.\n\nWhen `ValueType` is set equal to `CUSTOM` , the `Value` field can't be empty.", + "title": "ValueType", + "type": "string" + } + }, + "required": [ + "ValueType" + ], + "type": "object" + }, + "AWS::SecurityHub::ConfigurationPolicy.ParameterValue": { + "additionalProperties": false, + "properties": { + "Boolean": { + "markdownDescription": "A control parameter that is a boolean.", + "title": "Boolean", + "type": "boolean" + }, + "Double": { + "markdownDescription": "A control parameter that is a double.", + "title": "Double", + "type": "number" + }, + "Enum": { + "markdownDescription": "A control parameter that is an enum.", + "title": "Enum", + "type": "string" + }, + "EnumList": { + "items": { + "type": "string" + }, + "markdownDescription": "A control parameter that is a list of enums.", + "title": "EnumList", + "type": "array" + }, + "Integer": { + "markdownDescription": "A control parameter that is an integer.", + "title": "Integer", + "type": "number" + }, + "IntegerList": { + "items": { + "type": "number" + }, + "markdownDescription": "A control parameter that is a list of integers.", + "title": "IntegerList", + "type": "array" + }, + "String": { + "markdownDescription": "A control parameter that is a string.", + "title": "String", + "type": "string" + }, + "StringList": { + "items": { + "type": "string" + }, + "markdownDescription": "A control parameter that is a list of strings.", + "title": "StringList", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SecurityHub::ConfigurationPolicy.Policy": { + "additionalProperties": false, + "properties": { + "SecurityHub": { + "$ref": "#/definitions/AWS::SecurityHub::ConfigurationPolicy.SecurityHubPolicy", + "markdownDescription": "The AWS service that the configuration policy applies to.", + "title": "SecurityHub" + } + }, + "type": "object" + }, + "AWS::SecurityHub::ConfigurationPolicy.SecurityControlCustomParameter": { + "additionalProperties": false, + "properties": { + "Parameters": { + "additionalProperties": false, + "markdownDescription": "An object that specifies parameter values for a control in a configuration policy.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::SecurityHub::ConfigurationPolicy.ParameterConfiguration" + } + }, + "title": "Parameters", + "type": "object" + }, + "SecurityControlId": { + "markdownDescription": "The ID of the security control.", + "title": "SecurityControlId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SecurityHub::ConfigurationPolicy.SecurityControlsConfiguration": { + "additionalProperties": false, + "properties": { + "DisabledSecurityControlIdentifiers": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of security controls that are disabled in the configuration policy.\n\nProvide only one of `EnabledSecurityControlIdentifiers` or `DisabledSecurityControlIdentifiers` .\n\nIf you provide `DisabledSecurityControlIdentifiers` , Security Hub enables all other controls not in the list, and enables [AutoEnableControls](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_UpdateSecurityHubConfiguration.html#securityhub-UpdateSecurityHubConfiguration-request-AutoEnableControls) .", + "title": "DisabledSecurityControlIdentifiers", + "type": "array" + }, + "EnabledSecurityControlIdentifiers": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of security controls that are enabled in the configuration policy.\n\nProvide only one of `EnabledSecurityControlIdentifiers` or `DisabledSecurityControlIdentifiers` .\n\nIf you provide `EnabledSecurityControlIdentifiers` , Security Hub disables all other controls not in the list, and disables [AutoEnableControls](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_UpdateSecurityHubConfiguration.html#securityhub-UpdateSecurityHubConfiguration-request-AutoEnableControls) .", + "title": "EnabledSecurityControlIdentifiers", + "type": "array" + }, + "SecurityControlCustomParameters": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::ConfigurationPolicy.SecurityControlCustomParameter" + }, + "markdownDescription": "A list of security controls and control parameter values that are included in a configuration policy.", + "title": "SecurityControlCustomParameters", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SecurityHub::ConfigurationPolicy.SecurityHubPolicy": { + "additionalProperties": false, + "properties": { + "EnabledStandardIdentifiers": { + "items": { + "type": "string" + }, + "markdownDescription": "A list that defines which security standards are enabled in the configuration policy.\n\nThis property is required only if `ServiceEnabled` is set to `true` in your configuration policy.", + "title": "EnabledStandardIdentifiers", + "type": "array" + }, + "SecurityControlsConfiguration": { + "$ref": "#/definitions/AWS::SecurityHub::ConfigurationPolicy.SecurityControlsConfiguration", + "markdownDescription": "An object that defines which security controls are enabled in the configuration policy. The enablement status of a control is aligned across all of the enabled standards in an account.\n\nThis property is required only if `ServiceEnabled` is set to true in your configuration policy.", + "title": "SecurityControlsConfiguration" + }, + "ServiceEnabled": { + "markdownDescription": "Indicates whether Security Hub is enabled in the policy.", + "title": "ServiceEnabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::SecurityHub::DelegatedAdmin": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AdminAccountId": { + "markdownDescription": "The AWS account identifier of the account to designate as the Security Hub administrator account.", + "title": "AdminAccountId", + "type": "string" + } + }, + "required": [ + "AdminAccountId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SecurityHub::DelegatedAdmin" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SecurityHub::FindingAggregator": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "RegionLinkingMode": { + "markdownDescription": "Indicates whether to aggregate findings from all of the available Regions in the current partition. Also determines whether to automatically aggregate findings from new Regions as Security Hub supports them and you opt into them.\n\nThe selected option also determines how to use the Regions provided in the Regions list.\n\nIn AWS CloudFormation , the options for this property are as follows:\n\n- `ALL_REGIONS` - Indicates to aggregate findings from all of the Regions where Security Hub is enabled. When you choose this option, Security Hub also automatically aggregates findings from new Regions as Security Hub supports them and you opt into them.\n- `ALL_REGIONS_EXCEPT_SPECIFIED` - Indicates to aggregate findings from all of the Regions where Security Hub is enabled, except for the Regions listed in the `Regions` parameter. When you choose this option, Security Hub also automatically aggregates findings from new Regions as Security Hub supports them and you opt into them.\n- `SPECIFIED_REGIONS` - Indicates to aggregate findings only from the Regions listed in the `Regions` parameter. Security Hub does not automatically aggregate findings from new Regions.", + "title": "RegionLinkingMode", + "type": "string" + }, + "Regions": { + "items": { + "type": "string" + }, + "markdownDescription": "If `RegionLinkingMode` is `ALL_REGIONS_EXCEPT_SPECIFIED` , then this is a space-separated list of Regions that do not aggregate findings to the aggregation Region.\n\nIf `RegionLinkingMode` is `SPECIFIED_REGIONS` , then this is a space-separated list of Regions that do aggregate findings to the aggregation Region.", + "title": "Regions", + "type": "array" + } + }, + "required": [ + "RegionLinkingMode" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SecurityHub::FindingAggregator" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SecurityHub::Hub": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AutoEnableControls": { + "markdownDescription": "Whether to automatically enable new controls when they are added to standards that are enabled.\n\nBy default, this is set to `true` , and new controls are enabled automatically. To not automatically enable new controls, set this to `false` .\n\nWhen you automatically enable new controls, you can interact with the controls in the console and programmatically immediately after release. However, automatically enabled controls have a temporary default status of `DISABLED` . It can take up to several days for Security Hub to process the control release and designate the control as `ENABLED` in your account. During the processing period, you can manually enable or disable a control, and Security Hub will maintain that designation regardless of whether you have `AutoEnableControls` set to `true` .", + "title": "AutoEnableControls", + "type": "boolean" + }, + "ControlFindingGenerator": { + "markdownDescription": "Specifies whether an account has consolidated control findings turned on or off. If the value for this field is set to `SECURITY_CONTROL` , Security Hub generates a single finding for a control check even when the check applies to multiple enabled standards.\n\nIf the value for this field is set to `STANDARD_CONTROL` , Security Hub generates separate findings for a control check when the check applies to multiple enabled standards.\n\nThe value for this field in a member account matches the value in the administrator account. For accounts that aren't part of an organization, the default value of this field is `SECURITY_CONTROL` if you enabled Security Hub on or after February 23, 2023.", + "title": "ControlFindingGenerator", + "type": "string" + }, + "EnableDefaultStandards": { + "markdownDescription": "Whether to enable the security standards that Security Hub has designated as automatically enabled. If you don't provide a value for `EnableDefaultStandards` , it is set to `true` , and the designated standards are automatically enabled in each AWS Region where you enable Security Hub . If you don't want to enable the designated standards, set `EnableDefaultStandards` to `false` .\n\nCurrently, the automatically enabled standards are the Center for Internet Security (CIS) AWS Foundations Benchmark v1.2.0 and AWS Foundational Security Best Practices (FSBP).", + "title": "EnableDefaultStandards", + "type": "boolean" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SecurityHub::Hub" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::SecurityHub::HubV2": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Tags": { + "additionalProperties": true, + "markdownDescription": "The tags to add to the hub V2 resource when you enable Security Hub.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SecurityHub::HubV2" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::SecurityHub::Insight": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Filters": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.AwsSecurityFindingFilters", + "markdownDescription": "One or more attributes used to filter the findings included in the insight. The insight only includes findings that match the criteria defined in the filters. You can filter by up to ten finding attributes. For each attribute, you can provide up to 20 filter values.", + "title": "Filters" + }, + "GroupByAttribute": { + "markdownDescription": "The grouping attribute for the insight's findings. Indicates how to group the matching findings, and identifies the type of item that the insight applies to. For example, if an insight is grouped by resource identifier, then the insight produces a list of resource identifiers.", + "title": "GroupByAttribute", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a Security Hub insight.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Filters", + "GroupByAttribute", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SecurityHub::Insight" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SecurityHub::Insight.AwsSecurityFindingFilters": { + "additionalProperties": false, + "properties": { + "AwsAccountId": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The AWS account ID in which a finding is generated.", + "title": "AwsAccountId", + "type": "array" + }, + "AwsAccountName": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The name of the AWS account in which a finding is generated.", + "title": "AwsAccountName", + "type": "array" + }, + "CompanyName": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The name of the findings provider (company) that owns the solution (product) that generates findings.", + "title": "CompanyName", + "type": "array" + }, + "ComplianceAssociatedStandardsId": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The unique identifier of a standard in which a control is enabled. This field consists of the resource portion of the Amazon Resource Name (ARN) returned for a standard in the [DescribeStandards](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeStandards.html) API response.", + "title": "ComplianceAssociatedStandardsId", + "type": "array" + }, + "ComplianceSecurityControlId": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The unique identifier of a control across standards. Values for this field typically consist of an AWS service and a number, such as APIGateway.5.", + "title": "ComplianceSecurityControlId", + "type": "array" + }, + "ComplianceSecurityControlParametersName": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The name of a security control parameter.", + "title": "ComplianceSecurityControlParametersName", + "type": "array" + }, + "ComplianceSecurityControlParametersValue": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The current value of a security control parameter.", + "title": "ComplianceSecurityControlParametersValue", + "type": "array" + }, + "ComplianceStatus": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "Exclusive to findings that are generated as the result of a check run against a specific rule in a supported standard, such as CIS AWS Foundations. Contains security standard-related finding details.", + "title": "ComplianceStatus", + "type": "array" + }, + "Confidence": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" + }, + "markdownDescription": "A finding's confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify.\n\nConfidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence.", + "title": "Confidence", + "type": "array" + }, + "CreatedAt": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" + }, + "markdownDescription": "A timestamp that indicates when the security findings provider created the potential security issue that a finding reflects.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", + "title": "CreatedAt", + "type": "array" + }, + "Criticality": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" + }, + "markdownDescription": "The level of importance assigned to the resources associated with the finding.\n\nA score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources.", + "title": "Criticality", + "type": "array" + }, + "Description": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "A finding's description.", + "title": "Description", + "type": "array" + }, + "FindingProviderFieldsConfidence": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" + }, + "markdownDescription": "The finding provider value for the finding confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify.\n\nConfidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence.", + "title": "FindingProviderFieldsConfidence", + "type": "array" + }, + "FindingProviderFieldsCriticality": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" + }, + "markdownDescription": "The finding provider value for the level of importance assigned to the resources associated with the findings.\n\nA score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources.", + "title": "FindingProviderFieldsCriticality", + "type": "array" + }, + "FindingProviderFieldsRelatedFindingsId": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The finding identifier of a related finding that is identified by the finding provider.", + "title": "FindingProviderFieldsRelatedFindingsId", + "type": "array" + }, + "FindingProviderFieldsRelatedFindingsProductArn": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The ARN of the solution that generated a related finding that is identified by the finding provider.", + "title": "FindingProviderFieldsRelatedFindingsProductArn", + "type": "array" + }, + "FindingProviderFieldsSeverityLabel": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The finding provider value for the severity label.", + "title": "FindingProviderFieldsSeverityLabel", + "type": "array" + }, + "FindingProviderFieldsSeverityOriginal": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The finding provider's original value for the severity.", + "title": "FindingProviderFieldsSeverityOriginal", + "type": "array" + }, + "FindingProviderFieldsTypes": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "One or more finding types that the finding provider assigned to the finding. Uses the format of `namespace/category/classifier` that classify a finding.\n\nValid namespace values are: Software and Configuration Checks | TTPs | Effects | Unusual Behaviors | Sensitive Data Identifications", + "title": "FindingProviderFieldsTypes", + "type": "array" + }, + "FirstObservedAt": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" + }, + "markdownDescription": "A timestamp that indicates when the security findings provider first observed the potential security issue that a finding captured.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", + "title": "FirstObservedAt", + "type": "array" + }, + "GeneratorId": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The identifier for the solution-specific component (a discrete unit of logic) that generated a finding. In various security findings providers' solutions, this generator can be called a rule, a check, a detector, a plugin, etc.", + "title": "GeneratorId", + "type": "array" + }, + "Id": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The security findings provider-specific identifier for a finding.", + "title": "Id", + "type": "array" + }, + "LastObservedAt": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" + }, + "markdownDescription": "A timestamp that indicates when the security findings provider most recently observed a change in the resource that is involved in the finding.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", + "title": "LastObservedAt", + "type": "array" + }, + "MalwareName": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The name of the malware that was observed.", + "title": "MalwareName", + "type": "array" + }, + "MalwarePath": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The filesystem path of the malware that was observed.", + "title": "MalwarePath", + "type": "array" + }, + "MalwareState": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The state of the malware that was observed.", + "title": "MalwareState", + "type": "array" + }, + "MalwareType": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The type of the malware that was observed.", + "title": "MalwareType", + "type": "array" + }, + "NetworkDestinationDomain": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The destination domain of network-related information about a finding.", + "title": "NetworkDestinationDomain", + "type": "array" + }, + "NetworkDestinationIpV4": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.IpFilter" + }, + "markdownDescription": "The destination IPv4 address of network-related information about a finding.", + "title": "NetworkDestinationIpV4", + "type": "array" + }, + "NetworkDestinationIpV6": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.IpFilter" + }, + "markdownDescription": "The destination IPv6 address of network-related information about a finding.", + "title": "NetworkDestinationIpV6", + "type": "array" + }, + "NetworkDestinationPort": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" + }, + "markdownDescription": "The destination port of network-related information about a finding.", + "title": "NetworkDestinationPort", + "type": "array" + }, + "NetworkDirection": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "Indicates the direction of network traffic associated with a finding.", + "title": "NetworkDirection", + "type": "array" + }, + "NetworkProtocol": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The protocol of network-related information about a finding.", + "title": "NetworkProtocol", + "type": "array" + }, + "NetworkSourceDomain": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The source domain of network-related information about a finding.", + "title": "NetworkSourceDomain", + "type": "array" + }, + "NetworkSourceIpV4": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.IpFilter" + }, + "markdownDescription": "The source IPv4 address of network-related information about a finding.", + "title": "NetworkSourceIpV4", + "type": "array" + }, + "NetworkSourceIpV6": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.IpFilter" + }, + "markdownDescription": "The source IPv6 address of network-related information about a finding.", + "title": "NetworkSourceIpV6", + "type": "array" + }, + "NetworkSourceMac": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The source media access control (MAC) address of network-related information about a finding.", + "title": "NetworkSourceMac", + "type": "array" + }, + "NetworkSourcePort": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" + }, + "markdownDescription": "The source port of network-related information about a finding.", + "title": "NetworkSourcePort", + "type": "array" + }, + "NoteText": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The text of a note.", + "title": "NoteText", + "type": "array" + }, + "NoteUpdatedAt": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" + }, + "markdownDescription": "The timestamp of when the note was updated.", + "title": "NoteUpdatedAt", + "type": "array" + }, + "NoteUpdatedBy": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The principal that created a note.", + "title": "NoteUpdatedBy", + "type": "array" + }, + "ProcessLaunchedAt": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" + }, + "markdownDescription": "A timestamp that identifies when the process was launched.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", + "title": "ProcessLaunchedAt", + "type": "array" + }, + "ProcessName": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The name of the process.", + "title": "ProcessName", + "type": "array" + }, + "ProcessParentPid": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" + }, + "markdownDescription": "The parent process ID. This field accepts positive integers between `O` and `2147483647` .", + "title": "ProcessParentPid", + "type": "array" + }, + "ProcessPath": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The path to the process executable.", + "title": "ProcessPath", + "type": "array" + }, + "ProcessPid": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" + }, + "markdownDescription": "The process ID.", + "title": "ProcessPid", + "type": "array" + }, + "ProcessTerminatedAt": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" + }, + "markdownDescription": "A timestamp that identifies when the process was terminated.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", + "title": "ProcessTerminatedAt", + "type": "array" + }, + "ProductArn": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The ARN generated by Security Hub that uniquely identifies a third-party company (security findings provider) after this provider's product (solution that generates findings) is registered with Security Hub.", + "title": "ProductArn", + "type": "array" + }, + "ProductFields": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.MapFilter" + }, + "markdownDescription": "A data type where security findings providers can include additional solution-specific details that aren't part of the defined `AwsSecurityFinding` format.", + "title": "ProductFields", + "type": "array" + }, + "ProductName": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The name of the solution (product) that generates findings.", + "title": "ProductName", + "type": "array" + }, + "RecommendationText": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The recommendation of what to do about the issue described in a finding.", + "title": "RecommendationText", + "type": "array" + }, + "RecordState": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The updated record state for the finding.", + "title": "RecordState", + "type": "array" + }, + "Region": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The Region from which the finding was generated.", + "title": "Region", + "type": "array" + }, + "RelatedFindingsId": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The solution-generated identifier for a related finding.", + "title": "RelatedFindingsId", + "type": "array" + }, + "RelatedFindingsProductArn": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The ARN of the solution that generated a related finding.", + "title": "RelatedFindingsProductArn", + "type": "array" + }, + "ResourceApplicationArn": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The ARN of the application that is related to a finding.", + "title": "ResourceApplicationArn", + "type": "array" + }, + "ResourceApplicationName": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The name of the application that is related to a finding.", + "title": "ResourceApplicationName", + "type": "array" + }, + "ResourceAwsEc2InstanceIamInstanceProfileArn": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The IAM profile ARN of the instance.", + "title": "ResourceAwsEc2InstanceIamInstanceProfileArn", + "type": "array" + }, + "ResourceAwsEc2InstanceImageId": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The Amazon Machine Image (AMI) ID of the instance.", + "title": "ResourceAwsEc2InstanceImageId", + "type": "array" + }, + "ResourceAwsEc2InstanceIpV4Addresses": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.IpFilter" + }, + "markdownDescription": "The IPv4 addresses associated with the instance.", + "title": "ResourceAwsEc2InstanceIpV4Addresses", + "type": "array" + }, + "ResourceAwsEc2InstanceIpV6Addresses": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.IpFilter" + }, + "markdownDescription": "The IPv6 addresses associated with the instance.", + "title": "ResourceAwsEc2InstanceIpV6Addresses", + "type": "array" + }, + "ResourceAwsEc2InstanceKeyName": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The key name associated with the instance.", + "title": "ResourceAwsEc2InstanceKeyName", + "type": "array" + }, + "ResourceAwsEc2InstanceLaunchedAt": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" + }, + "markdownDescription": "The date and time the instance was launched.", + "title": "ResourceAwsEc2InstanceLaunchedAt", + "type": "array" + }, + "ResourceAwsEc2InstanceSubnetId": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The identifier of the subnet that the instance was launched in.", + "title": "ResourceAwsEc2InstanceSubnetId", + "type": "array" + }, + "ResourceAwsEc2InstanceType": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The instance type of the instance.", + "title": "ResourceAwsEc2InstanceType", + "type": "array" + }, + "ResourceAwsEc2InstanceVpcId": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The identifier of the VPC that the instance was launched in.", + "title": "ResourceAwsEc2InstanceVpcId", + "type": "array" + }, + "ResourceAwsIamAccessKeyCreatedAt": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" + }, + "markdownDescription": "The creation date/time of the IAM access key related to a finding.", + "title": "ResourceAwsIamAccessKeyCreatedAt", + "type": "array" + }, + "ResourceAwsIamAccessKeyPrincipalName": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The name of the principal that is associated with an IAM access key.", + "title": "ResourceAwsIamAccessKeyPrincipalName", + "type": "array" + }, + "ResourceAwsIamAccessKeyStatus": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The status of the IAM access key related to a finding.", + "title": "ResourceAwsIamAccessKeyStatus", + "type": "array" + }, + "ResourceAwsIamUserUserName": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The name of an IAM user.", + "title": "ResourceAwsIamUserUserName", + "type": "array" + }, + "ResourceAwsS3BucketOwnerId": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The canonical user ID of the owner of the S3 bucket.", + "title": "ResourceAwsS3BucketOwnerId", + "type": "array" + }, + "ResourceAwsS3BucketOwnerName": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The display name of the owner of the S3 bucket.", + "title": "ResourceAwsS3BucketOwnerName", + "type": "array" + }, + "ResourceContainerImageId": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The identifier of the image related to a finding.", + "title": "ResourceContainerImageId", + "type": "array" + }, + "ResourceContainerImageName": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The name of the image related to a finding.", + "title": "ResourceContainerImageName", + "type": "array" + }, + "ResourceContainerLaunchedAt": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" + }, + "markdownDescription": "A timestamp that identifies when the container was started.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", + "title": "ResourceContainerLaunchedAt", + "type": "array" + }, + "ResourceContainerName": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The name of the container related to a finding.", + "title": "ResourceContainerName", + "type": "array" + }, + "ResourceDetailsOther": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.MapFilter" + }, + "markdownDescription": "The details of a resource that doesn't have a specific subfield for the resource type defined.", + "title": "ResourceDetailsOther", + "type": "array" + }, + "ResourceId": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The canonical identifier for the given resource type.", + "title": "ResourceId", + "type": "array" + }, + "ResourcePartition": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The canonical AWS partition name that the Region is assigned to.", + "title": "ResourcePartition", + "type": "array" + }, + "ResourceRegion": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The canonical AWS external Region name where this resource is located.", + "title": "ResourceRegion", + "type": "array" + }, + "ResourceTags": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.MapFilter" + }, + "markdownDescription": "A list of AWS tags associated with a resource at the time the finding was processed.", + "title": "ResourceTags", + "type": "array" + }, + "ResourceType": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "Specifies the type of the resource that details are provided for.", + "title": "ResourceType", + "type": "array" + }, + "Sample": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.BooleanFilter" + }, + "markdownDescription": "Indicates whether or not sample findings are included in the filter results.", + "title": "Sample", + "type": "array" + }, + "SeverityLabel": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The label of a finding's severity.", + "title": "SeverityLabel", + "type": "array" + }, + "SourceUrl": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "A URL that links to a page about the current finding in the security findings provider's solution.", + "title": "SourceUrl", + "type": "array" + }, + "ThreatIntelIndicatorCategory": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The category of a threat intelligence indicator.", + "title": "ThreatIntelIndicatorCategory", + "type": "array" + }, + "ThreatIntelIndicatorLastObservedAt": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" + }, + "markdownDescription": "A timestamp that identifies the last observation of a threat intelligence indicator.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", + "title": "ThreatIntelIndicatorLastObservedAt", + "type": "array" + }, + "ThreatIntelIndicatorSource": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The source of the threat intelligence.", + "title": "ThreatIntelIndicatorSource", + "type": "array" + }, + "ThreatIntelIndicatorSourceUrl": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The URL for more details from the source of the threat intelligence.", + "title": "ThreatIntelIndicatorSourceUrl", + "type": "array" + }, + "ThreatIntelIndicatorType": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The type of a threat intelligence indicator.", + "title": "ThreatIntelIndicatorType", + "type": "array" + }, + "ThreatIntelIndicatorValue": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The value of a threat intelligence indicator.", + "title": "ThreatIntelIndicatorValue", + "type": "array" + }, + "Title": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "A finding's title.", + "title": "Title", + "type": "array" + }, + "Type": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "A finding type in the format of `namespace/category/classifier` that classifies a finding.", + "title": "Type", + "type": "array" + }, + "UpdatedAt": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" + }, + "markdownDescription": "A timestamp that indicates when the security findings provider last updated the finding record.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", + "title": "UpdatedAt", + "type": "array" + }, + "UserDefinedFields": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.MapFilter" + }, + "markdownDescription": "A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding.", + "title": "UserDefinedFields", + "type": "array" + }, + "VerificationState": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The veracity of a finding.", + "title": "VerificationState", + "type": "array" + }, + "VulnerabilitiesExploitAvailable": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "Indicates whether a software vulnerability in your environment has a known exploit. You can filter findings by this field only if you use Security Hub and Amazon Inspector.", + "title": "VulnerabilitiesExploitAvailable", + "type": "array" + }, + "VulnerabilitiesFixAvailable": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "Indicates whether a vulnerability is fixed in a newer version of the affected software packages. You can filter findings by this field only if you use Security Hub and Amazon Inspector.", + "title": "VulnerabilitiesFixAvailable", + "type": "array" + }, + "WorkflowState": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The workflow state of a finding.\n\nNote that this field is deprecated. To search for a finding based on its workflow status, use `WorkflowStatus` .", + "title": "WorkflowState", + "type": "array" + }, + "WorkflowStatus": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The status of the investigation into a finding. Allowed values are the following.\n\n- `NEW` - The initial state of a finding, before it is reviewed.\n\nSecurity Hub also resets the workflow status from `NOTIFIED` or `RESOLVED` to `NEW` in the following cases:\n\n- `RecordState` changes from `ARCHIVED` to `ACTIVE` .\n- `Compliance.Status` changes from `PASSED` to either `WARNING` , `FAILED` , or `NOT_AVAILABLE` .\n- `NOTIFIED` - Indicates that the resource owner has been notified about the security issue. Used when the initial reviewer is not the resource owner, and needs intervention from the resource owner.\n\nIf one of the following occurs, the workflow status is changed automatically from `NOTIFIED` to `NEW` :\n\n- `RecordState` changes from `ARCHIVED` to `ACTIVE` .\n- `Compliance.Status` changes from `PASSED` to `FAILED` , `WARNING` , or `NOT_AVAILABLE` .\n- `SUPPRESSED` - Indicates that you reviewed the finding and don't believe that any action is needed.\n\nThe workflow status of a `SUPPRESSED` finding does not change if `RecordState` changes from `ARCHIVED` to `ACTIVE` .\n- `RESOLVED` - The finding was reviewed and remediated and is now considered resolved.\n\nThe finding remains `RESOLVED` unless one of the following occurs:\n\n- `RecordState` changes from `ARCHIVED` to `ACTIVE` .\n- `Compliance.Status` changes from `PASSED` to `FAILED` , `WARNING` , or `NOT_AVAILABLE` .\n\nIn those cases, the workflow status is automatically reset to `NEW` .\n\nFor findings from controls, if `Compliance.Status` is `PASSED` , then Security Hub automatically sets the workflow status to `RESOLVED` .", + "title": "WorkflowStatus", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SecurityHub::Insight.BooleanFilter": { + "additionalProperties": false, + "properties": { + "Value": { + "markdownDescription": "The value of the boolean.", + "title": "Value", + "type": "boolean" + } + }, + "required": [ + "Value" + ], + "type": "object" + }, + "AWS::SecurityHub::Insight.DateFilter": { + "additionalProperties": false, + "properties": { + "DateRange": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.DateRange", + "markdownDescription": "A date range for the date filter.", + "title": "DateRange" + }, + "End": { + "markdownDescription": "A timestamp that provides the end date for the date filter.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", + "title": "End", + "type": "string" + }, + "Start": { + "markdownDescription": "A timestamp that provides the start date for the date filter.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", + "title": "Start", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SecurityHub::Insight.DateRange": { + "additionalProperties": false, + "properties": { + "Unit": { + "markdownDescription": "A date range unit for the date filter.", + "title": "Unit", + "type": "string" + }, + "Value": { + "markdownDescription": "A date range value for the date filter.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "Unit", + "Value" + ], + "type": "object" + }, + "AWS::SecurityHub::Insight.IpFilter": { + "additionalProperties": false, + "properties": { + "Cidr": { + "markdownDescription": "A finding's CIDR value.", + "title": "Cidr", + "type": "string" + } + }, + "required": [ + "Cidr" + ], + "type": "object" + }, + "AWS::SecurityHub::Insight.MapFilter": { + "additionalProperties": false, + "properties": { + "Comparison": { + "markdownDescription": "The condition to apply to the key value when filtering Security Hub findings with a map filter.\n\nTo search for values that have the filter value, use one of the following comparison operators:\n\n- To search for values that include the filter value, use `CONTAINS` . For example, for the `ResourceTags` field, the filter `Department CONTAINS Security` matches findings that include the value `Security` for the `Department` tag. In the same example, a finding with a value of `Security team` for the `Department` tag is a match.\n- To search for values that exactly match the filter value, use `EQUALS` . For example, for the `ResourceTags` field, the filter `Department EQUALS Security` matches findings that have the value `Security` for the `Department` tag.\n\n`CONTAINS` and `EQUALS` filters on the same field are joined by `OR` . A finding matches if it matches any one of those filters. For example, the filters `Department CONTAINS Security OR Department CONTAINS Finance` match a finding that includes either `Security` , `Finance` , or both values.\n\nTo search for values that don't have the filter value, use one of the following comparison operators:\n\n- To search for values that exclude the filter value, use `NOT_CONTAINS` . For example, for the `ResourceTags` field, the filter `Department NOT_CONTAINS Finance` matches findings that exclude the value `Finance` for the `Department` tag.\n- To search for values other than the filter value, use `NOT_EQUALS` . For example, for the `ResourceTags` field, the filter `Department NOT_EQUALS Finance` matches findings that don\u2019t have the value `Finance` for the `Department` tag.\n\n`NOT_CONTAINS` and `NOT_EQUALS` filters on the same field are joined by `AND` . A finding matches only if it matches all of those filters. For example, the filters `Department NOT_CONTAINS Security AND Department NOT_CONTAINS Finance` match a finding that excludes both the `Security` and `Finance` values.\n\n`CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters.\n\nYou can\u2019t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can\u2019t have both an `EQUALS` filter and a `NOT_EQUALS` filter on the same field. Combining filters in this way returns an error.\n\n`CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* .", + "title": "Comparison", + "type": "string" + }, + "Key": { + "markdownDescription": "The key of the map filter. For example, for `ResourceTags` , `Key` identifies the name of the tag. For `UserDefinedFields` , `Key` is the name of the field.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The value for the key in the map filter. Filter values are case sensitive. For example, one of the values for a tag called `Department` might be `Security` . If you provide `security` as the filter value, then there's no match.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Comparison", + "Key", + "Value" + ], + "type": "object" + }, + "AWS::SecurityHub::Insight.NumberFilter": { + "additionalProperties": false, + "properties": { + "Eq": { + "markdownDescription": "The equal-to condition to be applied to a single field when querying for findings.", + "title": "Eq", + "type": "number" + }, + "Gte": { + "markdownDescription": "The greater-than-equal condition to be applied to a single field when querying for findings.", + "title": "Gte", + "type": "number" + }, + "Lte": { + "markdownDescription": "The less-than-equal condition to be applied to a single field when querying for findings.", + "title": "Lte", + "type": "number" + } + }, + "type": "object" + }, + "AWS::SecurityHub::Insight.StringFilter": { + "additionalProperties": false, + "properties": { + "Comparison": { + "markdownDescription": "The condition to apply to a string value when filtering Security Hub findings.\n\nTo search for values that have the filter value, use one of the following comparison operators:\n\n- To search for values that include the filter value, use `CONTAINS` . For example, the filter `Title CONTAINS CloudFront` matches findings that have a `Title` that includes the string CloudFront.\n- To search for values that exactly match the filter value, use `EQUALS` . For example, the filter `AwsAccountId EQUALS 123456789012` only matches findings that have an account ID of `123456789012` .\n- To search for values that start with the filter value, use `PREFIX` . For example, the filter `ResourceRegion PREFIX us` matches findings that have a `ResourceRegion` that starts with `us` . A `ResourceRegion` that starts with a different value, such as `af` , `ap` , or `ca` , doesn't match.\n\n`CONTAINS` , `EQUALS` , and `PREFIX` filters on the same field are joined by `OR` . A finding matches if it matches any one of those filters. For example, the filters `Title CONTAINS CloudFront OR Title CONTAINS CloudWatch` match a finding that includes either `CloudFront` , `CloudWatch` , or both strings in the title.\n\nTo search for values that don\u2019t have the filter value, use one of the following comparison operators:\n\n- To search for values that exclude the filter value, use `NOT_CONTAINS` . For example, the filter `Title NOT_CONTAINS CloudFront` matches findings that have a `Title` that excludes the string CloudFront.\n- To search for values other than the filter value, use `NOT_EQUALS` . For example, the filter `AwsAccountId NOT_EQUALS 123456789012` only matches findings that have an account ID other than `123456789012` .\n- To search for values that don't start with the filter value, use `PREFIX_NOT_EQUALS` . For example, the filter `ResourceRegion PREFIX_NOT_EQUALS us` matches findings with a `ResourceRegion` that starts with a value other than `us` .\n\n`NOT_CONTAINS` , `NOT_EQUALS` , and `PREFIX_NOT_EQUALS` filters on the same field are joined by `AND` . A finding matches only if it matches all of those filters. For example, the filters `Title NOT_CONTAINS CloudFront AND Title NOT_CONTAINS CloudWatch` match a finding that excludes both `CloudFront` and `CloudWatch` in the title.\n\nYou can\u2019t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can't provide both an `EQUALS` filter and a `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filter on the same field. Combining filters in this way returns an error. `CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters.\n\nYou can combine `PREFIX` filters with `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters for the same field. Security Hub first processes the `PREFIX` filters, and then the `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters.\n\nFor example, for the following filters, Security Hub first identifies findings that have resource types that start with either `AwsIam` or `AwsEc2` . It then excludes findings that have a resource type of `AwsIamPolicy` and findings that have a resource type of `AwsEc2NetworkInterface` .\n\n- `ResourceType PREFIX AwsIam`\n- `ResourceType PREFIX AwsEc2`\n- `ResourceType NOT_EQUALS AwsIamPolicy`\n- `ResourceType NOT_EQUALS AwsEc2NetworkInterface`\n\n`CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules V1. `CONTAINS_WORD` operator is only supported in `GetFindingsV2` , `GetFindingStatisticsV2` , `GetResourcesV2` , and `GetResourceStatisticsV2` APIs. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* .", + "title": "Comparison", + "type": "string" + }, + "Value": { + "markdownDescription": "The string filter value. Filter values are case sensitive. For example, the product name for control-based findings is `Security Hub` . If you provide `security hub` as the filter value, there's no match.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Comparison", + "Value" + ], + "type": "object" + }, + "AWS::SecurityHub::OrganizationConfiguration": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AutoEnable": { + "markdownDescription": "Whether to automatically enable Security Hub in new member accounts when they join the organization.\n\nIf set to `true` , then Security Hub is automatically enabled in new accounts. If set to `false` , then Security Hub isn't enabled in new accounts automatically. The default value is `false` .\n\nIf the `ConfigurationType` of your organization is set to `CENTRAL` , then this field is set to `false` and can't be changed in the home Region and linked Regions. However, in that case, the delegated administrator can create a configuration policy in which Security Hub is enabled and associate the policy with new organization accounts.", + "title": "AutoEnable", + "type": "boolean" + }, + "AutoEnableStandards": { + "markdownDescription": "Whether to automatically enable Security Hub [default standards](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-standards-enable-disable.html) in new member accounts when they join the organization.\n\nThe default value of this parameter is equal to `DEFAULT` .\n\nIf equal to `DEFAULT` , then Security Hub default standards are automatically enabled for new member accounts. If equal to `NONE` , then default standards are not automatically enabled for new member accounts.\n\nIf the `ConfigurationType` of your organization is set to `CENTRAL` , then this field is set to `NONE` and can't be changed in the home Region and linked Regions. However, in that case, the delegated administrator can create a configuration policy in which specific security standards are enabled and associate the policy with new organization accounts.", + "title": "AutoEnableStandards", + "type": "string" + }, + "ConfigurationType": { + "markdownDescription": "Indicates whether the organization uses local or central configuration.\n\nIf you use local configuration, the Security Hub delegated administrator can set `AutoEnable` to `true` and `AutoEnableStandards` to `DEFAULT` . This automatically enables Security Hub and default security standards in new organization accounts. These new account settings must be set separately in each AWS Region , and settings may be different in each Region.\n\nIf you use central configuration, the delegated administrator can create configuration policies. Configuration policies can be used to configure Security Hub, security standards, and security controls in multiple accounts and Regions. If you want new organization accounts to use a specific configuration, you can create a configuration policy and associate it with the root or specific organizational units (OUs). New accounts will inherit the policy from the root or their assigned OU.", + "title": "ConfigurationType", + "type": "string" + } + }, + "required": [ + "AutoEnable" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SecurityHub::OrganizationConfiguration" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SecurityHub::PolicyAssociation": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ConfigurationPolicyId": { + "markdownDescription": "The universally unique identifier (UUID) of the configuration policy. A self-managed configuration has no UUID. The identifier of a self-managed configuration is `SELF_MANAGED_SECURITY_HUB` .", + "title": "ConfigurationPolicyId", + "type": "string" + }, + "TargetId": { + "markdownDescription": "The identifier of the target account, organizational unit, or the root.", + "title": "TargetId", + "type": "string" + }, + "TargetType": { + "markdownDescription": "Specifies whether the target is an AWS account , organizational unit, or the root.", + "title": "TargetType", + "type": "string" + } + }, + "required": [ + "ConfigurationPolicyId", + "TargetId", + "TargetType" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SecurityHub::PolicyAssociation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SecurityHub::ProductSubscription": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ProductArn": { + "markdownDescription": "The ARN of the product to enable the integration for.", + "title": "ProductArn", + "type": "string" + } + }, + "required": [ + "ProductArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SecurityHub::ProductSubscription" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SecurityHub::SecurityControl": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "LastUpdateReason": { + "markdownDescription": "The most recent reason for updating the customizable properties of a security control. This differs from the `UpdateReason` field of the [`BatchUpdateStandardsControlAssociations`](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchUpdateStandardsControlAssociations.html) API, which tracks the reason for updating the enablement status of a control. This field accepts alphanumeric characters in addition to white spaces, dashes, and underscores.", + "title": "LastUpdateReason", + "type": "string" + }, + "Parameters": { + "additionalProperties": false, + "markdownDescription": "An object that identifies the name of a control parameter, its current value, and whether it has been customized.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::SecurityHub::SecurityControl.ParameterConfiguration" + } + }, + "title": "Parameters", + "type": "object" + }, + "SecurityControlArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for a security control across standards, such as `arn:aws:securityhub:eu-central-1:123456789012:security-control/S3.1` . This parameter doesn't mention a specific standard.", + "title": "SecurityControlArn", + "type": "string" + }, + "SecurityControlId": { + "markdownDescription": "The unique identifier of a security control across standards. Values for this field typically consist of an AWS service name and a number, such as APIGateway.3.", + "title": "SecurityControlId", + "type": "string" + } + }, + "required": [ + "Parameters" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SecurityHub::SecurityControl" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SecurityHub::SecurityControl.ParameterConfiguration": { + "additionalProperties": false, + "properties": { + "Value": { + "$ref": "#/definitions/AWS::SecurityHub::SecurityControl.ParameterValue", + "markdownDescription": "The current value of a control parameter.", + "title": "Value" + }, + "ValueType": { + "markdownDescription": "Identifies whether a control parameter uses a custom user-defined value or subscribes to the default AWS Security Hub behavior.\n\nWhen `ValueType` is set equal to `DEFAULT` , the default behavior can be a specific Security Hub default value, or the default behavior can be to ignore a specific parameter. When `ValueType` is set equal to `DEFAULT` , Security Hub ignores user-provided input for the `Value` field.\n\nWhen `ValueType` is set equal to `CUSTOM` , the `Value` field can't be empty.", + "title": "ValueType", + "type": "string" + } + }, + "required": [ + "ValueType" + ], + "type": "object" + }, + "AWS::SecurityHub::SecurityControl.ParameterValue": { + "additionalProperties": false, + "properties": { + "Boolean": { + "markdownDescription": "A control parameter that is a boolean.", + "title": "Boolean", + "type": "boolean" + }, + "Double": { + "markdownDescription": "A control parameter that is a double.", + "title": "Double", + "type": "number" + }, + "Enum": { + "markdownDescription": "A control parameter that is an enum.", + "title": "Enum", + "type": "string" + }, + "EnumList": { + "items": { + "type": "string" + }, + "markdownDescription": "A control parameter that is a list of enums.", + "title": "EnumList", + "type": "array" + }, + "Integer": { + "markdownDescription": "A control parameter that is an integer.", + "title": "Integer", + "type": "number" + }, + "IntegerList": { + "items": { + "type": "number" + }, + "markdownDescription": "A control parameter that is a list of integers.", + "title": "IntegerList", + "type": "array" + }, + "String": { + "markdownDescription": "A control parameter that is a string.", + "title": "String", + "type": "string" + }, + "StringList": { + "items": { + "type": "string" + }, + "markdownDescription": "A control parameter that is a list of strings.", + "title": "StringList", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SecurityHub::Standard": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DisabledStandardsControls": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Standard.StandardsControl" + }, + "markdownDescription": "Specifies which controls are to be disabled in a standard.\n\n*Maximum* : `100`", + "title": "DisabledStandardsControls", + "type": "array" + }, + "StandardsArn": { + "markdownDescription": "The ARN of the standard that you want to enable. To view a list of available Security Hub standards and their ARNs, use the [`DescribeStandards`](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeStandards.html) API operation.", + "title": "StandardsArn", + "type": "string" + } + }, + "required": [ + "StandardsArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SecurityHub::Standard" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SecurityHub::Standard.StandardsControl": { + "additionalProperties": false, + "properties": { + "Reason": { + "markdownDescription": "A user-defined reason for changing a control's enablement status in a specified standard. If you are disabling a control, then this property is required.", + "title": "Reason", + "type": "string" + }, + "StandardsControlArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the control.", + "title": "StandardsControlArn", + "type": "string" + } + }, + "required": [ + "StandardsControlArn" + ], + "type": "object" + }, + "AWS::SecurityLake::AwsLogSource": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Accounts": { + "items": { + "type": "string" + }, + "markdownDescription": "Specify the AWS account information where you want to enable Security Lake.", + "title": "Accounts", + "type": "array" + }, + "DataLakeArn": { + "markdownDescription": "The Amazon Resource Name (ARN) used to create the data lake.", + "title": "DataLakeArn", + "type": "string" + }, + "SourceName": { + "markdownDescription": "The name for a AWS source. This must be a Regionally unique value. For the list of sources supported by Amazon Security Lake see [Collecting data from AWS services](https://docs.aws.amazon.com//security-lake/latest/userguide/internal-sources.html) in the Amazon Security Lake User Guide.", + "title": "SourceName", + "type": "string" + }, + "SourceVersion": { + "markdownDescription": "The version for a AWS source. For more details about source versions supported by Amazon Security Lake see [OCSF source identification](https://docs.aws.amazon.com//security-lake/latest/userguide/open-cybersecurity-schema-framework.html#ocsf-source-identification) in the Amazon Security Lake User Guide. This must be a Regionally unique value.", + "title": "SourceVersion", + "type": "string" + } + }, + "required": [ + "DataLakeArn", + "SourceName", + "SourceVersion" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SecurityLake::AwsLogSource" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SecurityLake::DataLake": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::SecurityLake::DataLake.EncryptionConfiguration", + "markdownDescription": "Provides encryption details of the Amazon Security Lake object.", + "title": "EncryptionConfiguration" + }, + "LifecycleConfiguration": { + "$ref": "#/definitions/AWS::SecurityLake::DataLake.LifecycleConfiguration", + "markdownDescription": "You can customize Security Lake to store data in your preferred AWS Regions for your preferred amount of time. Lifecycle management can help you comply with different compliance requirements. For more details, see [Lifecycle management](https://docs.aws.amazon.com//security-lake/latest/userguide/lifecycle-management.html) in the Amazon Security Lake User Guide.", + "title": "LifecycleConfiguration" + }, + "MetaStoreManagerRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) used to create and update the AWS Glue table. This table contains partitions generated by the ingestion and normalization of AWS log sources and custom sources.", + "title": "MetaStoreManagerRoleArn", + "type": "string" + }, + "ReplicationConfiguration": { + "$ref": "#/definitions/AWS::SecurityLake::DataLake.ReplicationConfiguration", + "markdownDescription": "Provides replication details of Amazon Security Lake object.", + "title": "ReplicationConfiguration" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of objects, one for each tag to associate with the data lake configuration. For each tag, you must specify both a tag key and a tag value. A tag value cannot be null, but it can be an empty string.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SecurityLake::DataLake" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::SecurityLake::DataLake.EncryptionConfiguration": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "markdownDescription": "The ID of KMS encryption key used by Amazon Security Lake to encrypt the Security Lake object.", + "title": "KmsKeyId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SecurityLake::DataLake.Expiration": { + "additionalProperties": false, + "properties": { + "Days": { + "markdownDescription": "The number of days before data expires in the Amazon Security Lake object.", + "title": "Days", + "type": "number" + } + }, + "type": "object" + }, + "AWS::SecurityLake::DataLake.LifecycleConfiguration": { + "additionalProperties": false, + "properties": { + "Expiration": { + "$ref": "#/definitions/AWS::SecurityLake::DataLake.Expiration", + "markdownDescription": "Provides data expiration details of the Amazon Security Lake object.", + "title": "Expiration" + }, + "Transitions": { + "items": { + "$ref": "#/definitions/AWS::SecurityLake::DataLake.Transitions" + }, + "markdownDescription": "Provides data storage transition details of Amazon Security Lake object. By configuring these settings, you can specify your preferred Amazon S3 storage class and the time period for S3 objects to stay in that storage class before they transition to a different storage class.", + "title": "Transitions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SecurityLake::DataLake.ReplicationConfiguration": { + "additionalProperties": false, + "properties": { + "Regions": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies one or more centralized rollup Regions. The AWS Region specified in the region parameter of the `CreateDataLake` or `UpdateDataLake` operations contributes data to the rollup Region or Regions specified in this parameter.\n\nReplication enables automatic, asynchronous copying of objects across Amazon S3 buckets. S3 buckets that are configured for object replication can be owned by the same AWS account or by different accounts. You can replicate objects to a single destination bucket or to multiple destination buckets. The destination buckets can be in different Regions or within the same Region as the source bucket.", + "title": "Regions", + "type": "array" + }, + "RoleArn": { + "markdownDescription": "Replication settings for the Amazon S3 buckets. This parameter uses the AWS Identity and Access Management (IAM) role you created that is managed by Security Lake , to ensure the replication setting is correct.", + "title": "RoleArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SecurityLake::DataLake.Transitions": { + "additionalProperties": false, + "properties": { + "Days": { + "markdownDescription": "The number of days before data transitions to a different S3 Storage Class in the Amazon Security Lake object.", + "title": "Days", + "type": "number" + }, + "StorageClass": { + "markdownDescription": "The list of storage classes that you can choose from based on the data access, resiliency, and cost requirements of your workloads. The default storage class is *S3 Standard* . For information about other storage classes, see [Setting the storage class of an object](https://docs.aws.amazon.com/AmazonS3/latest/userguide/sc-howtoset.html) in the *Amazon S3 User Guide* .", + "title": "StorageClass", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SecurityLake::Subscriber": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AccessTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "You can choose to notify subscribers of new objects with an Amazon Simple Queue Service (Amazon SQS) queue or through messaging to an HTTPS endpoint provided by the subscriber.\n\nSubscribers can consume data by directly querying AWS Lake Formation tables in your Amazon S3 bucket through services like Amazon Athena. This subscription type is defined as `LAKEFORMATION` .", + "title": "AccessTypes", + "type": "array" + }, + "DataLakeArn": { + "markdownDescription": "The Amazon Resource Name (ARN) used to create the data lake.", + "title": "DataLakeArn", + "type": "string" + }, + "Sources": { + "items": { + "$ref": "#/definitions/AWS::SecurityLake::Subscriber.Source" + }, + "markdownDescription": "Amazon Security Lake supports log and event collection for natively supported AWS services . For more information, see the [Amazon Security Lake User Guide](https://docs.aws.amazon.com//security-lake/latest/userguide/source-management.html) .", + "title": "Sources", + "type": "array" + }, + "SubscriberDescription": { + "markdownDescription": "The subscriber descriptions for a subscriber account. The description for a subscriber includes `subscriberName` , `accountID` , `externalID` , and `subscriberId` .", + "title": "SubscriberDescription", + "type": "string" + }, + "SubscriberIdentity": { + "$ref": "#/definitions/AWS::SecurityLake::Subscriber.SubscriberIdentity", + "markdownDescription": "The AWS identity used to access your data.", + "title": "SubscriberIdentity" + }, + "SubscriberName": { + "markdownDescription": "The name of your Amazon Security Lake subscriber account.", + "title": "SubscriberName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of objects, one for each tag to associate with the subscriber. For each tag, you must specify both a tag key and a tag value. A tag value cannot be null, but it can be an empty string.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "AccessTypes", + "DataLakeArn", + "Sources", + "SubscriberIdentity", + "SubscriberName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SecurityLake::Subscriber" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SecurityLake::Subscriber.AwsLogSource": { + "additionalProperties": false, + "properties": { + "SourceName": { + "markdownDescription": "Source name of the natively supported AWS service that is supported as an Amazon Security Lake source. For the list of sources supported by Amazon Security Lake see [Collecting data from AWS services](https://docs.aws.amazon.com//security-lake/latest/userguide/internal-sources.html) in the Amazon Security Lake User Guide.", + "title": "SourceName", + "type": "string" + }, + "SourceVersion": { + "markdownDescription": "Source version of the natively supported AWS service that is supported as an Amazon Security Lake source. For more details about source versions supported by Amazon Security Lake see [OCSF source identification](https://docs.aws.amazon.com//security-lake/latest/userguide/open-cybersecurity-schema-framework.html#ocsf-source-identification) in the Amazon Security Lake User Guide.", + "title": "SourceVersion", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SecurityLake::Subscriber.CustomLogSource": { + "additionalProperties": false, + "properties": { + "SourceName": { + "markdownDescription": "The name of the custom log source.", + "title": "SourceName", + "type": "string" + }, + "SourceVersion": { + "markdownDescription": "The source version of the custom log source.", + "title": "SourceVersion", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SecurityLake::Subscriber.Source": { + "additionalProperties": false, + "properties": { + "AwsLogSource": { + "$ref": "#/definitions/AWS::SecurityLake::Subscriber.AwsLogSource", + "markdownDescription": "The natively supported AWS service which is used a Amazon Security Lake source to collect logs and events from.", + "title": "AwsLogSource" + }, + "CustomLogSource": { + "$ref": "#/definitions/AWS::SecurityLake::Subscriber.CustomLogSource", + "markdownDescription": "The custom log source AWS which is used a Amazon Security Lake source to collect logs and events from.", + "title": "CustomLogSource" + } + }, + "type": "object" + }, + "AWS::SecurityLake::Subscriber.SubscriberIdentity": { + "additionalProperties": false, + "properties": { + "ExternalId": { + "markdownDescription": "The external ID is a unique identifier that the subscriber provides to you.", + "title": "ExternalId", + "type": "string" + }, + "Principal": { + "markdownDescription": "Principals can include accounts, users, roles, federated users, or AWS services.", + "title": "Principal", + "type": "string" + } + }, + "required": [ + "ExternalId", + "Principal" + ], + "type": "object" + }, + "AWS::SecurityLake::SubscriberNotification": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "NotificationConfiguration": { + "$ref": "#/definitions/AWS::SecurityLake::SubscriberNotification.NotificationConfiguration", + "markdownDescription": "Specify the configurations you want to use for subscriber notification. The subscriber is notified when new data is written to the data lake for sources that the subscriber consumes in Security Lake .", + "title": "NotificationConfiguration" + }, + "SubscriberArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Security Lake subscriber.", + "title": "SubscriberArn", + "type": "string" + } + }, + "required": [ + "NotificationConfiguration", + "SubscriberArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SecurityLake::SubscriberNotification" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SecurityLake::SubscriberNotification.HttpsNotificationConfiguration": { + "additionalProperties": false, + "properties": { + "AuthorizationApiKeyName": { + "markdownDescription": "The key name for the notification subscription.", + "title": "AuthorizationApiKeyName", + "type": "string" + }, + "AuthorizationApiKeyValue": { + "markdownDescription": "The key value for the notification subscription.", + "title": "AuthorizationApiKeyValue", + "type": "string" + }, + "Endpoint": { + "markdownDescription": "The subscription endpoint in Security Lake . If you prefer notification with an HTTPS endpoint, populate this field.", + "title": "Endpoint", + "type": "string" + }, + "HttpMethod": { + "markdownDescription": "The HTTPS method used for the notification subscription.", + "title": "HttpMethod", + "type": "string" + }, + "TargetRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the EventBridge API destinations IAM role that you created. For more information about ARNs and how to use them in policies, see [Managing data access](https://docs.aws.amazon.com///security-lake/latest/userguide/subscriber-data-access.html) and [AWS Managed Policies](https://docs.aws.amazon.com//security-lake/latest/userguide/security-iam-awsmanpol.html) in the *Amazon Security Lake User Guide* .", + "title": "TargetRoleArn", + "type": "string" + } + }, + "required": [ + "Endpoint", + "TargetRoleArn" + ], + "type": "object" + }, + "AWS::SecurityLake::SubscriberNotification.NotificationConfiguration": { + "additionalProperties": false, + "properties": { + "HttpsNotificationConfiguration": { + "$ref": "#/definitions/AWS::SecurityLake::SubscriberNotification.HttpsNotificationConfiguration", + "markdownDescription": "The configurations used for HTTPS subscriber notification.", + "title": "HttpsNotificationConfiguration" + }, + "SqsNotificationConfiguration": { + "markdownDescription": "The configurations for SQS subscriber notification. The members of this structure are context-dependent.", + "title": "SqsNotificationConfiguration", + "type": "object" + } + }, + "type": "object" + }, + "AWS::ServiceCatalog::AcceptedPortfolioShare": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AcceptLanguage": { + "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", + "title": "AcceptLanguage", + "type": "string" + }, + "PortfolioId": { + "markdownDescription": "The portfolio identifier.", + "title": "PortfolioId", + "type": "string" + } + }, + "required": [ + "PortfolioId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ServiceCatalog::AcceptedPortfolioShare" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::ServiceCatalog::CloudFormationProduct": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AcceptLanguage": { + "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", + "title": "AcceptLanguage", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the product.", + "title": "Description", + "type": "string" + }, + "Distributor": { + "markdownDescription": "The distributor of the product.", + "title": "Distributor", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the product.", + "title": "Name", + "type": "string" + }, + "Owner": { + "markdownDescription": "The owner of the product.", + "title": "Owner", + "type": "string" + }, + "ProductType": { + "markdownDescription": "The type of product.", + "title": "ProductType", + "type": "string" + }, + "ProvisioningArtifactParameters": { + "items": { + "$ref": "#/definitions/AWS::ServiceCatalog::CloudFormationProduct.ProvisioningArtifactProperties" + }, + "markdownDescription": "The configuration of the provisioning artifact (also known as a version).", + "title": "ProvisioningArtifactParameters", + "type": "array" + }, + "ReplaceProvisioningArtifacts": { + "markdownDescription": "This property is turned off by default. If turned off, you can update provisioning artifacts or product attributes (such as description, distributor, name, owner, and more) and the associated provisioning artifacts will retain the same unique identifier. Provisioning artifacts are matched within the CloudFormationProduct resource, and only those that have been updated will be changed. Provisioning artifacts are matched by a combinaton of provisioning artifact template URL and name.\n\nIf turned on, provisioning artifacts will be given a new unique identifier when you update the product or provisioning artifacts.", + "title": "ReplaceProvisioningArtifacts", + "type": "boolean" + }, + "SourceConnection": { + "$ref": "#/definitions/AWS::ServiceCatalog::CloudFormationProduct.SourceConnection", + "markdownDescription": "A top level `ProductViewDetail` response containing details about the product\u2019s connection. AWS Service Catalog returns this field for the `CreateProduct` , `UpdateProduct` , `DescribeProductAsAdmin` , and `SearchProductAsAdmin` APIs. This response contains the same fields as the `ConnectionParameters` request, with the addition of the `LastSync` response.", + "title": "SourceConnection" + }, + "SupportDescription": { + "markdownDescription": "The support information about the product.", + "title": "SupportDescription", + "type": "string" + }, + "SupportEmail": { + "markdownDescription": "The contact email for product support.", + "title": "SupportEmail", + "type": "string" + }, + "SupportUrl": { + "markdownDescription": "The contact URL for product support.\n\n`^https?:\\/\\//` / is the pattern used to validate SupportUrl.", + "title": "SupportUrl", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "One or more tags.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Name", + "Owner" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ServiceCatalog::CloudFormationProduct" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::ServiceCatalog::CloudFormationProduct.CodeStarParameters": { + "additionalProperties": false, + "properties": { + "ArtifactPath": { + "markdownDescription": "The absolute path wehre the artifact resides within the repo and branch, formatted as \"folder/file.json.\"", + "title": "ArtifactPath", + "type": "string" + }, + "Branch": { + "markdownDescription": "The specific branch where the artifact resides.", + "title": "Branch", + "type": "string" + }, + "ConnectionArn": { + "markdownDescription": "The CodeStar ARN, which is the connection between AWS Service Catalog and the external repository.", + "title": "ConnectionArn", + "type": "string" + }, + "Repository": { + "markdownDescription": "The specific repository where the product\u2019s artifact-to-be-synced resides, formatted as \"Account/Repo.\"", + "title": "Repository", + "type": "string" + } + }, + "required": [ + "ArtifactPath", + "Branch", + "ConnectionArn", + "Repository" + ], + "type": "object" + }, + "AWS::ServiceCatalog::CloudFormationProduct.ConnectionParameters": { + "additionalProperties": false, + "properties": { + "CodeStar": { + "$ref": "#/definitions/AWS::ServiceCatalog::CloudFormationProduct.CodeStarParameters", + "markdownDescription": "Provides `ConnectionType` details.", + "title": "CodeStar" + } + }, + "type": "object" + }, + "AWS::ServiceCatalog::CloudFormationProduct.ProvisioningArtifactProperties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the provisioning artifact, including how it differs from the previous provisioning artifact.", + "title": "Description", + "type": "string" + }, + "DisableTemplateValidation": { + "markdownDescription": "If set to true, AWS Service Catalog stops validating the specified provisioning artifact even if it is invalid.", + "title": "DisableTemplateValidation", + "type": "boolean" + }, + "Info": { + "markdownDescription": "Specify the template source with one of the following options, but not both. Keys accepted: [ `LoadTemplateFromURL` , `ImportFromPhysicalId` ]\n\nThe URL of the AWS CloudFormation template in Amazon S3 in JSON format. Specify the URL in JSON format as follows:\n\n`\"LoadTemplateFromURL\": \"https://s3.amazonaws.com/cf-templates-ozkq9d3hgiq2-us-east-1/...\"`\n\n`ImportFromPhysicalId` : The physical id of the resource that contains the template. Currently only supports AWS CloudFormation stack arn. Specify the physical id in JSON format as follows: `ImportFromPhysicalId: \u201carn:aws:cloudformation:[us-east-1]:[accountId]:stack/[StackName]/[resourceId]`", + "title": "Info", + "type": "object" + }, + "Name": { + "markdownDescription": "The name of the provisioning artifact (for example, v1 v2beta). No spaces are allowed.", + "title": "Name", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of provisioning artifact.\n\n- `CLOUD_FORMATION_TEMPLATE` - AWS CloudFormation template\n- `TERRAFORM_OPEN_SOURCE` - Terraform Open Source configuration file\n- `TERRAFORM_CLOUD` - Terraform Cloud configuration file\n- `EXTERNAL` - External configuration file", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Info" + ], + "type": "object" + }, + "AWS::ServiceCatalog::CloudFormationProduct.SourceConnection": { + "additionalProperties": false, + "properties": { + "ConnectionParameters": { + "$ref": "#/definitions/AWS::ServiceCatalog::CloudFormationProduct.ConnectionParameters", + "markdownDescription": "The connection details based on the connection `Type` .", + "title": "ConnectionParameters" + }, + "Type": { + "markdownDescription": "The only supported `SourceConnection` type is Codestar.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "ConnectionParameters", + "Type" + ], + "type": "object" + }, + "AWS::ServiceCatalog::CloudFormationProvisionedProduct": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AcceptLanguage": { + "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", + "title": "AcceptLanguage", + "type": "string" + }, + "NotificationArns": { + "items": { + "type": "string" + }, + "markdownDescription": "Passed to AWS CloudFormation . The SNS topic ARNs to which to publish stack-related events.", + "title": "NotificationArns", + "type": "array" + }, + "PathId": { + "markdownDescription": "The path identifier of the product. This value is optional if the product has a default path, and required if the product has more than one path. To list the paths for a product, use [ListLaunchPaths](https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ListLaunchPaths.html) .\n\n> You must provide the name or ID, but not both.", + "title": "PathId", + "type": "string" + }, + "PathName": { + "markdownDescription": "The name of the path. This value is optional if the product has a default path, and required if the product has more than one path. To list the paths for a product, use [ListLaunchPaths](https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ListLaunchPaths.html) .\n\n> You must provide the name or ID, but not both.", + "title": "PathName", + "type": "string" + }, + "ProductId": { + "markdownDescription": "The product identifier.\n\n> You must specify either the ID or the name of the product, but not both.", + "title": "ProductId", + "type": "string" + }, + "ProductName": { + "markdownDescription": "The name of the Service Catalog product.\n\nEach time a stack is created or updated, if `ProductName` is provided it will successfully resolve to `ProductId` as long as only one product exists in the account or Region with that `ProductName` .\n\n> You must specify either the name or the ID of the product, but not both.", + "title": "ProductName", + "type": "string" + }, + "ProvisionedProductName": { + "markdownDescription": "A user-friendly name for the provisioned product. This value must be unique for the AWS account and cannot be updated after the product is provisioned.", + "title": "ProvisionedProductName", + "type": "string" + }, + "ProvisioningArtifactId": { + "markdownDescription": "The identifier of the provisioning artifact (also known as a version).\n\n> You must specify either the ID or the name of the provisioning artifact, but not both.", + "title": "ProvisioningArtifactId", + "type": "string" + }, + "ProvisioningArtifactName": { + "markdownDescription": "The name of the provisioning artifact (also known as a version) for the product. This name must be unique for the product.\n\n> You must specify either the name or the ID of the provisioning artifact, but not both. You must also specify either the name or the ID of the product, but not both.", + "title": "ProvisioningArtifactName", + "type": "string" + }, + "ProvisioningParameters": { + "items": { + "$ref": "#/definitions/AWS::ServiceCatalog::CloudFormationProvisionedProduct.ProvisioningParameter" + }, + "markdownDescription": "Parameters specified by the administrator that are required for provisioning the product.", + "title": "ProvisioningParameters", + "type": "array" + }, + "ProvisioningPreferences": { + "$ref": "#/definitions/AWS::ServiceCatalog::CloudFormationProvisionedProduct.ProvisioningPreferences", + "markdownDescription": "StackSet preferences that are required for provisioning the product or updating a provisioned product.", + "title": "ProvisioningPreferences" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "One or more tags.\n\n> Requires the provisioned product to have an [ResourceUpdateConstraint](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicecatalog-resourceupdateconstraint.html) resource with `TagUpdatesOnProvisionedProduct` set to `ALLOWED` to allow tag updates. If `RESOURCE_UPDATE` constraint is not present, tags updates are ignored.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ServiceCatalog::CloudFormationProvisionedProduct" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::ServiceCatalog::CloudFormationProvisionedProduct.ProvisioningParameter": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The parameter key.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The parameter value.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::ServiceCatalog::CloudFormationProvisionedProduct.ProvisioningPreferences": { + "additionalProperties": false, + "properties": { + "StackSetAccounts": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more AWS accounts where the provisioned product will be available.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nThe specified accounts should be within the list of accounts from the `STACKSET` constraint. To get the list of accounts in the `STACKSET` constraint, use the `DescribeProvisioningParameters` operation.\n\nIf no values are specified, the default value is all acounts from the `STACKSET` constraint.", + "title": "StackSetAccounts", + "type": "array" + }, + "StackSetFailureToleranceCount": { + "markdownDescription": "The number of accounts, per Region, for which this operation can fail before AWS Service Catalog stops the operation in that Region. If the operation is stopped in a Region, AWS Service Catalog doesn't attempt the operation in any subsequent Regions.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nConditional: You must specify either `StackSetFailureToleranceCount` or `StackSetFailureTolerancePercentage` , but not both.\n\nThe default value is `0` if no value is specified.", + "title": "StackSetFailureToleranceCount", + "type": "number" + }, + "StackSetFailureTolerancePercentage": { + "markdownDescription": "The percentage of accounts, per Region, for which this stack operation can fail before AWS Service Catalog stops the operation in that Region. If the operation is stopped in a Region, AWS Service Catalog doesn't attempt the operation in any subsequent Regions.\n\nWhen calculating the number of accounts based on the specified percentage, AWS Service Catalog rounds down to the next whole number.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nConditional: You must specify either `StackSetFailureToleranceCount` or `StackSetFailureTolerancePercentage` , but not both.", + "title": "StackSetFailureTolerancePercentage", + "type": "number" + }, + "StackSetMaxConcurrencyCount": { + "markdownDescription": "The maximum number of accounts in which to perform this operation at one time. This is dependent on the value of `StackSetFailureToleranceCount` . `StackSetMaxConcurrentCount` is at most one more than the `StackSetFailureToleranceCount` .\n\nNote that this setting lets you specify the maximum for operations. For large deployments, under certain circumstances the actual number of accounts acted upon concurrently may be lower due to service throttling.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nConditional: You must specify either `StackSetMaxConcurrentCount` or `StackSetMaxConcurrentPercentage` , but not both.", + "title": "StackSetMaxConcurrencyCount", + "type": "number" + }, + "StackSetMaxConcurrencyPercentage": { + "markdownDescription": "The maximum percentage of accounts in which to perform this operation at one time.\n\nWhen calculating the number of accounts based on the specified percentage, AWS Service Catalog rounds down to the next whole number. This is true except in cases where rounding down would result is zero. In this case, AWS Service Catalog sets the number as `1` instead.\n\nNote that this setting lets you specify the maximum for operations. For large deployments, under certain circumstances the actual number of accounts acted upon concurrently may be lower due to service throttling.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nConditional: You must specify either `StackSetMaxConcurrentCount` or `StackSetMaxConcurrentPercentage` , but not both.", + "title": "StackSetMaxConcurrencyPercentage", + "type": "number" + }, + "StackSetOperationType": { + "markdownDescription": "Determines what action AWS Service Catalog performs to a stack set or a stack instance represented by the provisioned product. The default value is `UPDATE` if nothing is specified.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\n- **CREATE** - Creates a new stack instance in the stack set represented by the provisioned product. In this case, only new stack instances are created based on accounts and Regions; if new ProductId or ProvisioningArtifactID are passed, they will be ignored.\n- **UPDATE** - Updates the stack set represented by the provisioned product and also its stack instances.\n- **DELETE** - Deletes a stack instance in the stack set represented by the provisioned product.", + "title": "StackSetOperationType", + "type": "string" + }, + "StackSetRegions": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more AWS Regions where the provisioned product will be available.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nThe specified Regions should be within the list of Regions from the `STACKSET` constraint. To get the list of Regions in the `STACKSET` constraint, use the `DescribeProvisioningParameters` operation.\n\nIf no values are specified, the default value is all Regions from the `STACKSET` constraint.", + "title": "StackSetRegions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ServiceCatalog::LaunchNotificationConstraint": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AcceptLanguage": { + "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", + "title": "AcceptLanguage", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the constraint.", + "title": "Description", + "type": "string" + }, + "NotificationArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The notification ARNs.", + "title": "NotificationArns", + "type": "array" + }, + "PortfolioId": { + "markdownDescription": "The portfolio identifier.", + "title": "PortfolioId", + "type": "string" + }, + "ProductId": { + "markdownDescription": "The product identifier.", + "title": "ProductId", + "type": "string" + } + }, + "required": [ + "NotificationArns", + "PortfolioId", + "ProductId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ServiceCatalog::LaunchNotificationConstraint" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::ServiceCatalog::LaunchRoleConstraint": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AcceptLanguage": { + "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", + "title": "AcceptLanguage", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the constraint.", + "title": "Description", + "type": "string" + }, + "LocalRoleName": { + "markdownDescription": "You are required to specify either the `RoleArn` or the `LocalRoleName` but can't use both.\n\nIf you specify the `LocalRoleName` property, when an account uses the launch constraint, the IAM role with that name in the account will be used. This allows launch-role constraints to be account-agnostic so the administrator can create fewer resources per shared account.\n\nThe given role name must exist in the account used to create the launch constraint and the account of the user who launches a product with this launch constraint.", + "title": "LocalRoleName", + "type": "string" + }, + "PortfolioId": { + "markdownDescription": "The portfolio identifier.", + "title": "PortfolioId", + "type": "string" + }, + "ProductId": { + "markdownDescription": "The product identifier.", + "title": "ProductId", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the launch role.\n\nYou are required to specify `RoleArn` or `LocalRoleName` but can't use both.", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "PortfolioId", + "ProductId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ServiceCatalog::LaunchRoleConstraint" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::ServiceCatalog::LaunchTemplateConstraint": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AcceptLanguage": { + "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", + "title": "AcceptLanguage", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the constraint.", + "title": "Description", + "type": "string" + }, + "PortfolioId": { + "markdownDescription": "The portfolio identifier.", + "title": "PortfolioId", + "type": "string" + }, + "ProductId": { + "markdownDescription": "The product identifier.", + "title": "ProductId", + "type": "string" + }, + "Rules": { + "markdownDescription": "The constraint rules.", + "title": "Rules", + "type": "string" + } + }, + "required": [ + "PortfolioId", + "ProductId", + "Rules" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ServiceCatalog::LaunchTemplateConstraint" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" ], "type": "object" }, - "AWS::SecurityHub::ProductSubscription": { + "AWS::ServiceCatalog::Portfolio": { "additionalProperties": false, "properties": { "Condition": { @@ -256521,20 +307090,44 @@ "Properties": { "additionalProperties": false, "properties": { - "ProductArn": { - "markdownDescription": "The ARN of the product to enable the integration for.", - "title": "ProductArn", + "AcceptLanguage": { + "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", + "title": "AcceptLanguage", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the portfolio.", + "title": "Description", + "type": "string" + }, + "DisplayName": { + "markdownDescription": "The name to use for display purposes.", + "title": "DisplayName", + "type": "string" + }, + "ProviderName": { + "markdownDescription": "The name of the portfolio provider.", + "title": "ProviderName", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "One or more tags.", + "title": "Tags", + "type": "array" } }, "required": [ - "ProductArn" + "DisplayName", + "ProviderName" ], "type": "object" }, "Type": { "enum": [ - "AWS::SecurityHub::ProductSubscription" + "AWS::ServiceCatalog::Portfolio" ], "type": "string" }, @@ -256553,7 +307146,7 @@ ], "type": "object" }, - "AWS::SecurityHub::Standard": { + "AWS::ServiceCatalog::PortfolioPrincipalAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -256588,28 +307181,37 @@ "Properties": { "additionalProperties": false, "properties": { - "DisabledStandardsControls": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Standard.StandardsControl" - }, - "markdownDescription": "Specifies which controls are to be disabled in a standard.\n\n*Maximum* : `100`", - "title": "DisabledStandardsControls", - "type": "array" + "AcceptLanguage": { + "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", + "title": "AcceptLanguage", + "type": "string" }, - "StandardsArn": { - "markdownDescription": "The ARN of the standard that you want to enable. To view a list of available Security Hub standards and their ARNs, use the [`DescribeStandards`](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeStandards.html) API operation.", - "title": "StandardsArn", + "PortfolioId": { + "markdownDescription": "The portfolio identifier.", + "title": "PortfolioId", + "type": "string" + }, + "PrincipalARN": { + "markdownDescription": "The ARN of the principal ( IAM user, role, or group).", + "title": "PrincipalARN", + "type": "string" + }, + "PrincipalType": { + "markdownDescription": "The principal type. The supported values are `IAM` and `IAM_PATTERN` .", + "title": "PrincipalType", "type": "string" } }, "required": [ - "StandardsArn" + "PortfolioId", + "PrincipalARN", + "PrincipalType" ], "type": "object" }, "Type": { "enum": [ - "AWS::SecurityHub::Standard" + "AWS::ServiceCatalog::PortfolioPrincipalAssociation" ], "type": "string" }, @@ -256628,26 +307230,7 @@ ], "type": "object" }, - "AWS::SecurityHub::Standard.StandardsControl": { - "additionalProperties": false, - "properties": { - "Reason": { - "markdownDescription": "A user-defined reason for changing a control's enablement status in a specified standard. If you are disabling a control, then this property is required.", - "title": "Reason", - "type": "string" - }, - "StandardsControlArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the control.", - "title": "StandardsControlArn", - "type": "string" - } - }, - "required": [ - "StandardsControlArn" - ], - "type": "object" - }, - "AWS::SecurityLake::AwsLogSource": { + "AWS::ServiceCatalog::PortfolioProductAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -256682,40 +307265,36 @@ "Properties": { "additionalProperties": false, "properties": { - "Accounts": { - "items": { - "type": "string" - }, - "markdownDescription": "Specify the AWS account information where you want to enable Security Lake.", - "title": "Accounts", - "type": "array" + "AcceptLanguage": { + "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", + "title": "AcceptLanguage", + "type": "string" }, - "DataLakeArn": { - "markdownDescription": "The Amazon Resource Name (ARN) used to create the data lake.", - "title": "DataLakeArn", + "PortfolioId": { + "markdownDescription": "The portfolio identifier.", + "title": "PortfolioId", "type": "string" }, - "SourceName": { - "markdownDescription": "The name for a AWS source. This must be a Regionally unique value. For the list of sources supported by Amazon Security Lake see [Collecting data from AWS services](https://docs.aws.amazon.com//security-lake/latest/userguide/internal-sources.html) in the Amazon Security Lake User Guide.", - "title": "SourceName", + "ProductId": { + "markdownDescription": "The product identifier.", + "title": "ProductId", "type": "string" }, - "SourceVersion": { - "markdownDescription": "The version for a AWS source. For more details about source versions supported by Amazon Security Lake see [OCSF source identification](https://docs.aws.amazon.com//security-lake/latest/userguide/open-cybersecurity-schema-framework.html#ocsf-source-identification) in the Amazon Security Lake User Guide. This must be a Regionally unique value.", - "title": "SourceVersion", + "SourcePortfolioId": { + "markdownDescription": "The identifier of the source portfolio.", + "title": "SourcePortfolioId", "type": "string" } }, "required": [ - "DataLakeArn", - "SourceName", - "SourceVersion" + "PortfolioId", + "ProductId" ], "type": "object" }, "Type": { "enum": [ - "AWS::SecurityLake::AwsLogSource" + "AWS::ServiceCatalog::PortfolioProductAssociation" ], "type": "string" }, @@ -256734,7 +307313,7 @@ ], "type": "object" }, - "AWS::SecurityLake::DataLake": { + "AWS::ServiceCatalog::PortfolioShare": { "additionalProperties": false, "properties": { "Condition": { @@ -256769,40 +307348,36 @@ "Properties": { "additionalProperties": false, "properties": { - "EncryptionConfiguration": { - "$ref": "#/definitions/AWS::SecurityLake::DataLake.EncryptionConfiguration", - "markdownDescription": "Provides encryption details of the Amazon Security Lake object.", - "title": "EncryptionConfiguration" - }, - "LifecycleConfiguration": { - "$ref": "#/definitions/AWS::SecurityLake::DataLake.LifecycleConfiguration", - "markdownDescription": "You can customize Security Lake to store data in your preferred AWS Regions for your preferred amount of time. Lifecycle management can help you comply with different compliance requirements. For more details, see [Lifecycle management](https://docs.aws.amazon.com//security-lake/latest/userguide/lifecycle-management.html) in the Amazon Security Lake User Guide.", - "title": "LifecycleConfiguration" + "AcceptLanguage": { + "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", + "title": "AcceptLanguage", + "type": "string" }, - "MetaStoreManagerRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) used to create and update the AWS Glue table. This table contains partitions generated by the ingestion and normalization of AWS log sources and custom sources.", - "title": "MetaStoreManagerRoleArn", + "AccountId": { + "markdownDescription": "The AWS account ID. For example, `123456789012` .", + "title": "AccountId", "type": "string" }, - "ReplicationConfiguration": { - "$ref": "#/definitions/AWS::SecurityLake::DataLake.ReplicationConfiguration", - "markdownDescription": "Provides replication details of Amazon Security Lake object.", - "title": "ReplicationConfiguration" + "PortfolioId": { + "markdownDescription": "The portfolio identifier.", + "title": "PortfolioId", + "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of objects, one for each tag to associate with the data lake configuration. For each tag, you must specify both a tag key and a tag value. A tag value cannot be null, but it can be an empty string.", - "title": "Tags", - "type": "array" + "ShareTagOptions": { + "markdownDescription": "Indicates whether TagOptions sharing is enabled or disabled for the portfolio share.", + "title": "ShareTagOptions", + "type": "boolean" } }, + "required": [ + "AccountId", + "PortfolioId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::SecurityLake::DataLake" + "AWS::ServiceCatalog::PortfolioShare" ], "type": "string" }, @@ -256816,87 +307391,101 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::SecurityLake::DataLake.EncryptionConfiguration": { + "AWS::ServiceCatalog::ResourceUpdateConstraint": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "The ID of KMS encryption key used by Amazon Security Lake to encrypt the Security Lake object.", - "title": "KmsKeyId", + "Condition": { "type": "string" - } - }, - "type": "object" - }, - "AWS::SecurityLake::DataLake.Expiration": { - "additionalProperties": false, - "properties": { - "Days": { - "markdownDescription": "The number of days before data expires in the Amazon Security Lake object.", - "title": "Days", - "type": "number" - } - }, - "type": "object" - }, - "AWS::SecurityLake::DataLake.LifecycleConfiguration": { - "additionalProperties": false, - "properties": { - "Expiration": { - "$ref": "#/definitions/AWS::SecurityLake::DataLake.Expiration", - "markdownDescription": "Provides data expiration details of the Amazon Security Lake object.", - "title": "Expiration" }, - "Transitions": { - "items": { - "$ref": "#/definitions/AWS::SecurityLake::DataLake.Transitions" - }, - "markdownDescription": "Provides data storage transition details of Amazon Security Lake object. By configuring these settings, you can specify your preferred Amazon S3 storage class and the time period for S3 objects to stay in that storage class before they transition to a different storage class.", - "title": "Transitions", - "type": "array" - } - }, - "type": "object" - }, - "AWS::SecurityLake::DataLake.ReplicationConfiguration": { - "additionalProperties": false, - "properties": { - "Regions": { - "items": { - "type": "string" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AcceptLanguage": { + "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", + "title": "AcceptLanguage", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the constraint.", + "title": "Description", + "type": "string" + }, + "PortfolioId": { + "markdownDescription": "The portfolio identifier.", + "title": "PortfolioId", + "type": "string" + }, + "ProductId": { + "markdownDescription": "The product identifier.", + "title": "ProductId", + "type": "string" + }, + "TagUpdateOnProvisionedProduct": { + "markdownDescription": "If set to `ALLOWED` , lets users change tags in a [CloudFormationProvisionedProduct](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicecatalog-cloudformationprovisionedproduct.html) resource.\n\nIf set to `NOT_ALLOWED` , prevents users from changing tags in a [CloudFormationProvisionedProduct](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicecatalog-cloudformationprovisionedproduct.html) resource.", + "title": "TagUpdateOnProvisionedProduct", + "type": "string" + } }, - "markdownDescription": "Specifies one or more centralized rollup Regions. The AWS Region specified in the region parameter of the `CreateDataLake` or `UpdateDataLake` operations contributes data to the rollup Region or Regions specified in this parameter.\n\nReplication enables automatic, asynchronous copying of objects across Amazon S3 buckets. S3 buckets that are configured for object replication can be owned by the same AWS account or by different accounts. You can replicate objects to a single destination bucket or to multiple destination buckets. The destination buckets can be in different Regions or within the same Region as the source bucket.", - "title": "Regions", - "type": "array" + "required": [ + "PortfolioId", + "ProductId", + "TagUpdateOnProvisionedProduct" + ], + "type": "object" }, - "RoleArn": { - "markdownDescription": "Replication settings for the Amazon S3 buckets. This parameter uses the AWS Identity and Access Management (IAM) role you created that is managed by Security Lake , to ensure the replication setting is correct.", - "title": "RoleArn", + "Type": { + "enum": [ + "AWS::ServiceCatalog::ResourceUpdateConstraint" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::SecurityLake::DataLake.Transitions": { - "additionalProperties": false, - "properties": { - "Days": { - "markdownDescription": "The number of days before data transitions to a different S3 Storage Class in the Amazon Security Lake object.", - "title": "Days", - "type": "number" }, - "StorageClass": { - "markdownDescription": "The list of storage classes that you can choose from based on the data access, resiliency, and cost requirements of your workloads. The default storage class is *S3 Standard* . For information about other storage classes, see [Setting the storage class of an object](https://docs.aws.amazon.com/AmazonS3/latest/userguide/sc-howtoset.html) in the *Amazon S3 User Guide* .", - "title": "StorageClass", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::SecurityLake::Subscriber": { + "AWS::ServiceCatalog::ServiceAction": { "additionalProperties": false, "properties": { "Condition": { @@ -256931,63 +307520,45 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "You can choose to notify subscribers of new objects with an Amazon Simple Queue Service (Amazon SQS) queue or through messaging to an HTTPS endpoint provided by the subscriber.\n\nSubscribers can consume data by directly querying AWS Lake Formation tables in your Amazon S3 bucket through services like Amazon Athena. This subscription type is defined as `LAKEFORMATION` .", - "title": "AccessTypes", - "type": "array" - }, - "DataLakeArn": { - "markdownDescription": "The Amazon Resource Name (ARN) used to create the data lake.", - "title": "DataLakeArn", + "AcceptLanguage": { + "markdownDescription": "The language code.\n\n- `en` - English (default)\n- `jp` - Japanese\n- `zh` - Chinese", + "title": "AcceptLanguage", "type": "string" }, - "Sources": { + "Definition": { "items": { - "$ref": "#/definitions/AWS::SecurityLake::Subscriber.Source" + "$ref": "#/definitions/AWS::ServiceCatalog::ServiceAction.DefinitionParameter" }, - "markdownDescription": "Amazon Security Lake supports log and event collection for natively supported AWS services . For more information, see the [Amazon Security Lake User Guide](https://docs.aws.amazon.com//security-lake/latest/userguide/source-management.html) .", - "title": "Sources", + "markdownDescription": "A map that defines the self-service action.", + "title": "Definition", "type": "array" }, - "SubscriberDescription": { - "markdownDescription": "The subscriber descriptions for a subscriber account. The description for a subscriber includes `subscriberName` , `accountID` , `externalID` , and `subscriberId` .", - "title": "SubscriberDescription", + "DefinitionType": { + "markdownDescription": "The self-service action definition type. For example, `SSM_AUTOMATION` .", + "title": "DefinitionType", "type": "string" }, - "SubscriberIdentity": { - "$ref": "#/definitions/AWS::SecurityLake::Subscriber.SubscriberIdentity", - "markdownDescription": "The AWS identity used to access your data.", - "title": "SubscriberIdentity" - }, - "SubscriberName": { - "markdownDescription": "The name of your Amazon Security Lake subscriber account.", - "title": "SubscriberName", + "Description": { + "markdownDescription": "The self-service action description.", + "title": "Description", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of objects, one for each tag to associate with the subscriber. For each tag, you must specify both a tag key and a tag value. A tag value cannot be null, but it can be an empty string.", - "title": "Tags", - "type": "array" + "Name": { + "markdownDescription": "The self-service action name.", + "title": "Name", + "type": "string" } }, "required": [ - "AccessTypes", - "DataLakeArn", - "Sources", - "SubscriberIdentity", - "SubscriberName" + "Definition", + "DefinitionType", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::SecurityLake::Subscriber" + "AWS::ServiceCatalog::ServiceAction" ], "type": "string" }, @@ -257006,75 +307577,27 @@ ], "type": "object" }, - "AWS::SecurityLake::Subscriber.AwsLogSource": { - "additionalProperties": false, - "properties": { - "SourceName": { - "markdownDescription": "Source name of the natively supported AWS service that is supported as an Amazon Security Lake source. For the list of sources supported by Amazon Security Lake see [Collecting data from AWS services](https://docs.aws.amazon.com//security-lake/latest/userguide/internal-sources.html) in the Amazon Security Lake User Guide.", - "title": "SourceName", - "type": "string" - }, - "SourceVersion": { - "markdownDescription": "Source version of the natively supported AWS service that is supported as an Amazon Security Lake source. For more details about source versions supported by Amazon Security Lake see [OCSF source identification](https://docs.aws.amazon.com//security-lake/latest/userguide/open-cybersecurity-schema-framework.html#ocsf-source-identification) in the Amazon Security Lake User Guide.", - "title": "SourceVersion", - "type": "string" - } - }, - "type": "object" - }, - "AWS::SecurityLake::Subscriber.CustomLogSource": { - "additionalProperties": false, - "properties": { - "SourceName": { - "markdownDescription": "The name of the custom log source.", - "title": "SourceName", - "type": "string" - }, - "SourceVersion": { - "markdownDescription": "The source version of the custom log source.", - "title": "SourceVersion", - "type": "string" - } - }, - "type": "object" - }, - "AWS::SecurityLake::Subscriber.Source": { - "additionalProperties": false, - "properties": { - "AwsLogSource": { - "$ref": "#/definitions/AWS::SecurityLake::Subscriber.AwsLogSource", - "markdownDescription": "The natively supported AWS service which is used a Amazon Security Lake source to collect logs and events from.", - "title": "AwsLogSource" - }, - "CustomLogSource": { - "$ref": "#/definitions/AWS::SecurityLake::Subscriber.CustomLogSource", - "markdownDescription": "The custom log source AWS which is used a Amazon Security Lake source to collect logs and events from.", - "title": "CustomLogSource" - } - }, - "type": "object" - }, - "AWS::SecurityLake::Subscriber.SubscriberIdentity": { + "AWS::ServiceCatalog::ServiceAction.DefinitionParameter": { "additionalProperties": false, "properties": { - "ExternalId": { - "markdownDescription": "The external ID is a unique identifier that the subscriber provides to you.", - "title": "ExternalId", + "Key": { + "markdownDescription": "The parameter key.", + "title": "Key", "type": "string" }, - "Principal": { - "markdownDescription": "Principals can include accounts, users, roles, federated users, or AWS services.", - "title": "Principal", + "Value": { + "markdownDescription": "The value of the parameter.", + "title": "Value", "type": "string" } }, "required": [ - "ExternalId", - "Principal" + "Key", + "Value" ], "type": "object" }, - "AWS::ServiceCatalog::AcceptedPortfolioShare": { + "AWS::ServiceCatalog::ServiceActionAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -257109,25 +307632,32 @@ "Properties": { "additionalProperties": false, "properties": { - "AcceptLanguage": { - "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", - "title": "AcceptLanguage", + "ProductId": { + "markdownDescription": "The product identifier. For example, `prod-abcdzk7xy33qa` .", + "title": "ProductId", "type": "string" }, - "PortfolioId": { - "markdownDescription": "The portfolio identifier.", - "title": "PortfolioId", + "ProvisioningArtifactId": { + "markdownDescription": "The identifier of the provisioning artifact. For example, `pa-4abcdjnxjj6ne` .", + "title": "ProvisioningArtifactId", + "type": "string" + }, + "ServiceActionId": { + "markdownDescription": "The self-service action identifier. For example, `act-fs7abcd89wxyz` .", + "title": "ServiceActionId", "type": "string" } }, "required": [ - "PortfolioId" + "ProductId", + "ProvisioningArtifactId", + "ServiceActionId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::AcceptedPortfolioShare" + "AWS::ServiceCatalog::ServiceActionAssociation" ], "type": "string" }, @@ -257146,7 +307676,7 @@ ], "type": "object" }, - "AWS::ServiceCatalog::CloudFormationProduct": { + "AWS::ServiceCatalog::StackSetConstraint": { "additionalProperties": false, "properties": { "Condition": { @@ -257186,82 +307716,68 @@ "title": "AcceptLanguage", "type": "string" }, - "Description": { - "markdownDescription": "The description of the product.", - "title": "Description", - "type": "string" - }, - "Distributor": { - "markdownDescription": "The distributor of the product.", - "title": "Distributor", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the product.", - "title": "Name", - "type": "string" - }, - "Owner": { - "markdownDescription": "The owner of the product.", - "title": "Owner", - "type": "string" - }, - "ProductType": { - "markdownDescription": "The type of product.", - "title": "ProductType", - "type": "string" - }, - "ProvisioningArtifactParameters": { + "AccountList": { "items": { - "$ref": "#/definitions/AWS::ServiceCatalog::CloudFormationProduct.ProvisioningArtifactProperties" + "type": "string" }, - "markdownDescription": "The configuration of the provisioning artifact (also known as a version).", - "title": "ProvisioningArtifactParameters", + "markdownDescription": "One or more AWS accounts that will have access to the provisioned product.", + "title": "AccountList", "type": "array" }, - "ReplaceProvisioningArtifacts": { - "markdownDescription": "This property is turned off by default. If turned off, you can update provisioning artifacts or product attributes (such as description, distributor, name, owner, and more) and the associated provisioning artifacts will retain the same unique identifier. Provisioning artifacts are matched within the CloudFormationProduct resource, and only those that have been updated will be changed. Provisioning artifacts are matched by a combinaton of provisioning artifact template URL and name.\n\nIf turned on, provisioning artifacts will be given a new unique identifier when you update the product or provisioning artifacts.", - "title": "ReplaceProvisioningArtifacts", - "type": "boolean" + "AdminRole": { + "markdownDescription": "AdminRole ARN", + "title": "AdminRole", + "type": "string" }, - "SourceConnection": { - "$ref": "#/definitions/AWS::ServiceCatalog::CloudFormationProduct.SourceConnection", - "markdownDescription": "A top level `ProductViewDetail` response containing details about the product\u2019s connection. AWS Service Catalog returns this field for the `CreateProduct` , `UpdateProduct` , `DescribeProductAsAdmin` , and `SearchProductAsAdmin` APIs. This response contains the same fields as the `ConnectionParameters` request, with the addition of the `LastSync` response.", - "title": "SourceConnection" + "Description": { + "markdownDescription": "The description of the constraint.", + "title": "Description", + "type": "string" }, - "SupportDescription": { - "markdownDescription": "The support information about the product.", - "title": "SupportDescription", + "ExecutionRole": { + "markdownDescription": "ExecutionRole name", + "title": "ExecutionRole", "type": "string" }, - "SupportEmail": { - "markdownDescription": "The contact email for product support.", - "title": "SupportEmail", + "PortfolioId": { + "markdownDescription": "The portfolio identifier.", + "title": "PortfolioId", "type": "string" }, - "SupportUrl": { - "markdownDescription": "The contact URL for product support.\n\n`^https?:\\/\\//` / is the pattern used to validate SupportUrl.", - "title": "SupportUrl", + "ProductId": { + "markdownDescription": "The product identifier.", + "title": "ProductId", "type": "string" }, - "Tags": { + "RegionList": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "One or more tags.", - "title": "Tags", + "markdownDescription": "One or more AWS Regions where the provisioned product will be available.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nThe specified Regions should be within the list of Regions from the `STACKSET` constraint. To get the list of Regions in the `STACKSET` constraint, use the `DescribeProvisioningParameters` operation.\n\nIf no values are specified, the default value is all Regions from the `STACKSET` constraint.", + "title": "RegionList", "type": "array" + }, + "StackInstanceControl": { + "markdownDescription": "Permission to create, update, and delete stack instances. Choose from ALLOWED and NOT_ALLOWED.", + "title": "StackInstanceControl", + "type": "string" } }, "required": [ - "Name", - "Owner" + "AccountList", + "AdminRole", + "Description", + "ExecutionRole", + "PortfolioId", + "ProductId", + "RegionList", + "StackInstanceControl" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::CloudFormationProduct" + "AWS::ServiceCatalog::StackSetConstraint" ], "type": "string" }, @@ -257280,104 +307796,158 @@ ], "type": "object" }, - "AWS::ServiceCatalog::CloudFormationProduct.CodeStarParameters": { + "AWS::ServiceCatalog::TagOption": { "additionalProperties": false, "properties": { - "ArtifactPath": { - "markdownDescription": "The absolute path wehre the artifact resides within the repo and branch, formatted as \"folder/file.json.\"", - "title": "ArtifactPath", + "Condition": { "type": "string" }, - "Branch": { - "markdownDescription": "The specific branch where the artifact resides.", - "title": "Branch", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ConnectionArn": { - "markdownDescription": "The CodeStar ARN, which is the connection between AWS Service Catalog and the external repository.", - "title": "ConnectionArn", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Active": { + "markdownDescription": "The TagOption active state.", + "title": "Active", + "type": "boolean" + }, + "Key": { + "markdownDescription": "The TagOption key.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The TagOption value.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ServiceCatalog::TagOption" + ], "type": "string" }, - "Repository": { - "markdownDescription": "The specific repository where the product\u2019s artifact-to-be-synced resides, formatted as \"Account/Repo.\"", - "title": "Repository", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ArtifactPath", - "Branch", - "ConnectionArn", - "Repository" + "Type", + "Properties" ], "type": "object" }, - "AWS::ServiceCatalog::CloudFormationProduct.ConnectionParameters": { - "additionalProperties": false, - "properties": { - "CodeStar": { - "$ref": "#/definitions/AWS::ServiceCatalog::CloudFormationProduct.CodeStarParameters", - "markdownDescription": "Provides `ConnectionType` details.", - "title": "CodeStar" - } - }, - "type": "object" - }, - "AWS::ServiceCatalog::CloudFormationProduct.ProvisioningArtifactProperties": { + "AWS::ServiceCatalog::TagOptionAssociation": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the provisioning artifact, including how it differs from the previous provisioning artifact.", - "title": "Description", + "Condition": { "type": "string" }, - "DisableTemplateValidation": { - "markdownDescription": "If set to true, AWS Service Catalog stops validating the specified provisioning artifact even if it is invalid.", - "title": "DisableTemplateValidation", - "type": "boolean" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Info": { - "markdownDescription": "Specify the template source with one of the following options, but not both. Keys accepted: [ `LoadTemplateFromURL` , `ImportFromPhysicalId` ]\n\nThe URL of the AWS CloudFormation template in Amazon S3 in JSON format. Specify the URL in JSON format as follows:\n\n`\"LoadTemplateFromURL\": \"https://s3.amazonaws.com/cf-templates-ozkq9d3hgiq2-us-east-1/...\"`\n\n`ImportFromPhysicalId` : The physical id of the resource that contains the template. Currently only supports AWS CloudFormation stack arn. Specify the physical id in JSON format as follows: `ImportFromPhysicalId: \u201carn:aws:cloudformation:[us-east-1]:[accountId]:stack/[StackName]/[resourceId]`", - "title": "Info", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { "type": "object" }, - "Name": { - "markdownDescription": "The name of the provisioning artifact (for example, v1 v2beta). No spaces are allowed.", - "title": "Name", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "ResourceId": { + "markdownDescription": "The resource identifier.", + "title": "ResourceId", + "type": "string" + }, + "TagOptionId": { + "markdownDescription": "The TagOption identifier.", + "title": "TagOptionId", + "type": "string" + } + }, + "required": [ + "ResourceId", + "TagOptionId" + ], + "type": "object" }, "Type": { - "markdownDescription": "The type of provisioning artifact.\n\n- `CLOUD_FORMATION_TEMPLATE` - AWS CloudFormation template\n- `TERRAFORM_OPEN_SOURCE` - Terraform Open Source configuration file\n- `TERRAFORM_CLOUD` - Terraform Cloud configuration file\n- `EXTERNAL` - External configuration file", - "title": "Type", + "enum": [ + "AWS::ServiceCatalog::TagOptionAssociation" + ], "type": "string" - } - }, - "required": [ - "Info" - ], - "type": "object" - }, - "AWS::ServiceCatalog::CloudFormationProduct.SourceConnection": { - "additionalProperties": false, - "properties": { - "ConnectionParameters": { - "$ref": "#/definitions/AWS::ServiceCatalog::CloudFormationProduct.ConnectionParameters", - "markdownDescription": "The connection details based on the connection `Type` .", - "title": "ConnectionParameters" }, - "Type": { - "markdownDescription": "The only supported `SourceConnection` type is Codestar.", - "title": "Type", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ConnectionParameters", - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::ServiceCatalog::CloudFormationProvisionedProduct": { + "AWS::ServiceCatalogAppRegistry::Application": { "additionalProperties": false, "properties": { "Condition": { @@ -257412,81 +307982,36 @@ "Properties": { "additionalProperties": false, "properties": { - "AcceptLanguage": { - "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", - "title": "AcceptLanguage", - "type": "string" - }, - "NotificationArns": { - "items": { - "type": "string" - }, - "markdownDescription": "Passed to AWS CloudFormation . The SNS topic ARNs to which to publish stack-related events.", - "title": "NotificationArns", - "type": "array" - }, - "PathId": { - "markdownDescription": "The path identifier of the product. This value is optional if the product has a default path, and required if the product has more than one path. To list the paths for a product, use [ListLaunchPaths](https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ListLaunchPaths.html) .\n\n> You must provide the name or ID, but not both.", - "title": "PathId", - "type": "string" - }, - "PathName": { - "markdownDescription": "The name of the path. This value is optional if the product has a default path, and required if the product has more than one path. To list the paths for a product, use [ListLaunchPaths](https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ListLaunchPaths.html) .\n\n> You must provide the name or ID, but not both.", - "title": "PathName", - "type": "string" - }, - "ProductId": { - "markdownDescription": "The product identifier.\n\n> You must specify either the ID or the name of the product, but not both.", - "title": "ProductId", - "type": "string" - }, - "ProductName": { - "markdownDescription": "The name of the Service Catalog product.\n\nEach time a stack is created or updated, if `ProductName` is provided it will successfully resolve to `ProductId` as long as only one product exists in the account or Region with that `ProductName` .\n\n> You must specify either the name or the ID of the product, but not both.", - "title": "ProductName", - "type": "string" - }, - "ProvisionedProductName": { - "markdownDescription": "A user-friendly name for the provisioned product. This value must be unique for the AWS account and cannot be updated after the product is provisioned.", - "title": "ProvisionedProductName", - "type": "string" - }, - "ProvisioningArtifactId": { - "markdownDescription": "The identifier of the provisioning artifact (also known as a version).\n\n> You must specify either the ID or the name of the provisioning artifact, but not both.", - "title": "ProvisioningArtifactId", + "Description": { + "markdownDescription": "The description of the application.", + "title": "Description", "type": "string" }, - "ProvisioningArtifactName": { - "markdownDescription": "The name of the provisioning artifact (also known as a version) for the product. This name must be unique for the product.\n\n> You must specify either the name or the ID of the provisioning artifact, but not both. You must also specify either the name or the ID of the product, but not both.", - "title": "ProvisioningArtifactName", + "Name": { + "markdownDescription": "The name of the application. The name must be unique in the region in which you are creating the application.", + "title": "Name", "type": "string" }, - "ProvisioningParameters": { - "items": { - "$ref": "#/definitions/AWS::ServiceCatalog::CloudFormationProvisionedProduct.ProvisioningParameter" - }, - "markdownDescription": "Parameters specified by the administrator that are required for provisioning the product.", - "title": "ProvisioningParameters", - "type": "array" - }, - "ProvisioningPreferences": { - "$ref": "#/definitions/AWS::ServiceCatalog::CloudFormationProvisionedProduct.ProvisioningPreferences", - "markdownDescription": "StackSet preferences that are required for provisioning the product or updating a provisioned product.", - "title": "ProvisioningPreferences" - }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "Key-value pairs you can use to associate with the application.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "One or more tags.\n\n> Requires the provisioned product to have an [ResourceUpdateConstraint](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicecatalog-resourceupdateconstraint.html) resource with `TagUpdatesOnProvisionedProduct` set to `ALLOWED` to allow tag updates. If `RESOURCE_UPDATE` constraint is not present, tags updates are ignored.", "title": "Tags", - "type": "array" + "type": "object" } }, + "required": [ + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::CloudFormationProvisionedProduct" + "AWS::ServiceCatalogAppRegistry::Application" ], "type": "string" }, @@ -257500,78 +308025,12 @@ } }, "required": [ - "Type" - ], - "type": "object" - }, - "AWS::ServiceCatalog::CloudFormationProvisionedProduct.ProvisioningParameter": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "The parameter key.", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "The parameter value.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Key", - "Value" + "Type", + "Properties" ], "type": "object" }, - "AWS::ServiceCatalog::CloudFormationProvisionedProduct.ProvisioningPreferences": { - "additionalProperties": false, - "properties": { - "StackSetAccounts": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more AWS accounts where the provisioned product will be available.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nThe specified accounts should be within the list of accounts from the `STACKSET` constraint. To get the list of accounts in the `STACKSET` constraint, use the `DescribeProvisioningParameters` operation.\n\nIf no values are specified, the default value is all acounts from the `STACKSET` constraint.", - "title": "StackSetAccounts", - "type": "array" - }, - "StackSetFailureToleranceCount": { - "markdownDescription": "The number of accounts, per Region, for which this operation can fail before AWS Service Catalog stops the operation in that Region. If the operation is stopped in a Region, AWS Service Catalog doesn't attempt the operation in any subsequent Regions.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nConditional: You must specify either `StackSetFailureToleranceCount` or `StackSetFailureTolerancePercentage` , but not both.\n\nThe default value is `0` if no value is specified.", - "title": "StackSetFailureToleranceCount", - "type": "number" - }, - "StackSetFailureTolerancePercentage": { - "markdownDescription": "The percentage of accounts, per Region, for which this stack operation can fail before AWS Service Catalog stops the operation in that Region. If the operation is stopped in a Region, AWS Service Catalog doesn't attempt the operation in any subsequent Regions.\n\nWhen calculating the number of accounts based on the specified percentage, AWS Service Catalog rounds down to the next whole number.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nConditional: You must specify either `StackSetFailureToleranceCount` or `StackSetFailureTolerancePercentage` , but not both.", - "title": "StackSetFailureTolerancePercentage", - "type": "number" - }, - "StackSetMaxConcurrencyCount": { - "markdownDescription": "The maximum number of accounts in which to perform this operation at one time. This is dependent on the value of `StackSetFailureToleranceCount` . `StackSetMaxConcurrentCount` is at most one more than the `StackSetFailureToleranceCount` .\n\nNote that this setting lets you specify the maximum for operations. For large deployments, under certain circumstances the actual number of accounts acted upon concurrently may be lower due to service throttling.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nConditional: You must specify either `StackSetMaxConcurrentCount` or `StackSetMaxConcurrentPercentage` , but not both.", - "title": "StackSetMaxConcurrencyCount", - "type": "number" - }, - "StackSetMaxConcurrencyPercentage": { - "markdownDescription": "The maximum percentage of accounts in which to perform this operation at one time.\n\nWhen calculating the number of accounts based on the specified percentage, AWS Service Catalog rounds down to the next whole number. This is true except in cases where rounding down would result is zero. In this case, AWS Service Catalog sets the number as `1` instead.\n\nNote that this setting lets you specify the maximum for operations. For large deployments, under certain circumstances the actual number of accounts acted upon concurrently may be lower due to service throttling.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nConditional: You must specify either `StackSetMaxConcurrentCount` or `StackSetMaxConcurrentPercentage` , but not both.", - "title": "StackSetMaxConcurrencyPercentage", - "type": "number" - }, - "StackSetOperationType": { - "markdownDescription": "Determines what action AWS Service Catalog performs to a stack set or a stack instance represented by the provisioned product. The default value is `UPDATE` if nothing is specified.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\n- **CREATE** - Creates a new stack instance in the stack set represented by the provisioned product. In this case, only new stack instances are created based on accounts and Regions; if new ProductId or ProvisioningArtifactID are passed, they will be ignored.\n- **UPDATE** - Updates the stack set represented by the provisioned product and also its stack instances.\n- **DELETE** - Deletes a stack instance in the stack set represented by the provisioned product.", - "title": "StackSetOperationType", - "type": "string" - }, - "StackSetRegions": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more AWS Regions where the provisioned product will be available.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nThe specified Regions should be within the list of Regions from the `STACKSET` constraint. To get the list of Regions in the `STACKSET` constraint, use the `DescribeProvisioningParameters` operation.\n\nIf no values are specified, the default value is all Regions from the `STACKSET` constraint.", - "title": "StackSetRegions", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ServiceCatalog::LaunchNotificationConstraint": { + "AWS::ServiceCatalogAppRegistry::AttributeGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -257606,45 +308065,42 @@ "Properties": { "additionalProperties": false, "properties": { - "AcceptLanguage": { - "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", - "title": "AcceptLanguage", - "type": "string" + "Attributes": { + "markdownDescription": "A nested object in a JSON or YAML template that supports arbitrary definitions. Represents the attributes in an attribute group that describes an application and its components.", + "title": "Attributes", + "type": "object" }, "Description": { - "markdownDescription": "The description of the constraint.", + "markdownDescription": "The description of the attribute group that the user provides.", "title": "Description", "type": "string" }, - "NotificationArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The notification ARNs.", - "title": "NotificationArns", - "type": "array" - }, - "PortfolioId": { - "markdownDescription": "The portfolio identifier.", - "title": "PortfolioId", + "Name": { + "markdownDescription": "The name of the attribute group.", + "title": "Name", "type": "string" }, - "ProductId": { - "markdownDescription": "The product identifier.", - "title": "ProductId", - "type": "string" + "Tags": { + "additionalProperties": true, + "markdownDescription": "Key-value pairs you can use to associate with the attribute group.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" } }, "required": [ - "NotificationArns", - "PortfolioId", - "ProductId" + "Attributes", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::LaunchNotificationConstraint" + "AWS::ServiceCatalogAppRegistry::AttributeGroup" ], "type": "string" }, @@ -257663,7 +308119,7 @@ ], "type": "object" }, - "AWS::ServiceCatalog::LaunchRoleConstraint": { + "AWS::ServiceCatalogAppRegistry::AttributeGroupAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -257698,46 +308154,26 @@ "Properties": { "additionalProperties": false, "properties": { - "AcceptLanguage": { - "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", - "title": "AcceptLanguage", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the constraint.", - "title": "Description", - "type": "string" - }, - "LocalRoleName": { - "markdownDescription": "You are required to specify either the `RoleArn` or the `LocalRoleName` but can't use both.\n\nIf you specify the `LocalRoleName` property, when an account uses the launch constraint, the IAM role with that name in the account will be used. This allows launch-role constraints to be account-agnostic so the administrator can create fewer resources per shared account.\n\nThe given role name must exist in the account used to create the launch constraint and the account of the user who launches a product with this launch constraint.", - "title": "LocalRoleName", - "type": "string" - }, - "PortfolioId": { - "markdownDescription": "The portfolio identifier.", - "title": "PortfolioId", - "type": "string" - }, - "ProductId": { - "markdownDescription": "The product identifier.", - "title": "ProductId", + "Application": { + "markdownDescription": "The name or ID of the application.", + "title": "Application", "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the launch role.\n\nYou are required to specify `RoleArn` or `LocalRoleName` but can't use both.", - "title": "RoleArn", + "AttributeGroup": { + "markdownDescription": "The name or ID of the attribute group which holds the attributes that describe the application.", + "title": "AttributeGroup", "type": "string" } }, "required": [ - "PortfolioId", - "ProductId" + "Application", + "AttributeGroup" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::LaunchRoleConstraint" + "AWS::ServiceCatalogAppRegistry::AttributeGroupAssociation" ], "type": "string" }, @@ -257756,7 +308192,7 @@ ], "type": "object" }, - "AWS::ServiceCatalog::LaunchTemplateConstraint": { + "AWS::ServiceCatalogAppRegistry::ResourceAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -257791,42 +308227,32 @@ "Properties": { "additionalProperties": false, "properties": { - "AcceptLanguage": { - "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", - "title": "AcceptLanguage", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the constraint.", - "title": "Description", - "type": "string" - }, - "PortfolioId": { - "markdownDescription": "The portfolio identifier.", - "title": "PortfolioId", + "Application": { + "markdownDescription": "The name or ID of the application.", + "title": "Application", "type": "string" }, - "ProductId": { - "markdownDescription": "The product identifier.", - "title": "ProductId", + "Resource": { + "markdownDescription": "The name or ID of the resource of which the application will be associated.", + "title": "Resource", "type": "string" }, - "Rules": { - "markdownDescription": "The constraint rules.", - "title": "Rules", + "ResourceType": { + "markdownDescription": "The type of resource of which the application will be associated.", + "title": "ResourceType", "type": "string" } }, "required": [ - "PortfolioId", - "ProductId", - "Rules" + "Application", + "Resource", + "ResourceType" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::LaunchTemplateConstraint" + "AWS::ServiceCatalogAppRegistry::ResourceAssociation" ], "type": "string" }, @@ -257845,7 +308271,7 @@ ], "type": "object" }, - "AWS::ServiceCatalog::Portfolio": { + "AWS::ServiceDiscovery::HttpNamespace": { "additionalProperties": false, "properties": { "Condition": { @@ -257880,44 +308306,33 @@ "Properties": { "additionalProperties": false, "properties": { - "AcceptLanguage": { - "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", - "title": "AcceptLanguage", - "type": "string" - }, "Description": { - "markdownDescription": "The description of the portfolio.", + "markdownDescription": "A description for the namespace.", "title": "Description", "type": "string" }, - "DisplayName": { - "markdownDescription": "The name to use for display purposes.", - "title": "DisplayName", - "type": "string" - }, - "ProviderName": { - "markdownDescription": "The name of the portfolio provider.", - "title": "ProviderName", + "Name": { + "markdownDescription": "The name that you want to assign to this namespace.", + "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "One or more tags.", + "markdownDescription": "The tags for the namespace. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.", "title": "Tags", "type": "array" } }, "required": [ - "DisplayName", - "ProviderName" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::Portfolio" + "AWS::ServiceDiscovery::HttpNamespace" ], "type": "string" }, @@ -257936,7 +308351,7 @@ ], "type": "object" }, - "AWS::ServiceCatalog::PortfolioPrincipalAssociation": { + "AWS::ServiceDiscovery::Instance": { "additionalProperties": false, "properties": { "Condition": { @@ -257971,37 +308386,31 @@ "Properties": { "additionalProperties": false, "properties": { - "AcceptLanguage": { - "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", - "title": "AcceptLanguage", - "type": "string" - }, - "PortfolioId": { - "markdownDescription": "The portfolio identifier.", - "title": "PortfolioId", - "type": "string" + "InstanceAttributes": { + "markdownDescription": "A string map that contains the following information for the service that you specify in `ServiceId` :\n\n- The attributes that apply to the records that are defined in the service.\n- For each attribute, the applicable value.\n\nSupported attribute keys include the following:\n\n- **AWS_ALIAS_DNS_NAME** - If you want AWS Cloud Map to create a Route\u00a053 alias record that routes traffic to an Elastic Load Balancing load balancer, specify the DNS name that is associated with the load balancer. For information about how to get the DNS name, see [AliasTarget->DNSName](https://docs.aws.amazon.com/Route53/latest/APIReference/API_AliasTarget.html#Route53-Type-AliasTarget-DNSName) in the *Route\u00a053 API Reference* .\n\nNote the following:\n\n- The configuration for the service that is specified by `ServiceId` must include settings for an `A` record, an `AAAA` record, or both.\n- In the service that is specified by `ServiceId` , the value of `RoutingPolicy` must be `WEIGHTED` .\n- If the service that is specified by `ServiceId` includes `HealthCheckConfig` settings, AWS Cloud Map will create the health check, but it won't associate the health check with the alias record.\n- Auto naming currently doesn't support creating alias records that route traffic to AWS resources other than ELB load balancers.\n- If you specify a value for `AWS_ALIAS_DNS_NAME` , don't specify values for any of the `AWS_INSTANCE` attributes.\n- **AWS_EC2_INSTANCE_ID** - *HTTP namespaces only.* The Amazon EC2 instance ID for the instance. The `AWS_INSTANCE_IPV4` attribute contains the primary private IPv4 address. When creating resources with a type of [AWS::ServiceDiscovery::Instance](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicediscovery-instance.html) , if the `AWS_EC2_INSTANCE_ID` attribute is specified, the only other attribute that can be specified is `AWS_INIT_HEALTH_STATUS` . After the resource has been created, the `AWS_INSTANCE_IPV4` attribute contains the primary private IPv4 address.\n- **AWS_INIT_HEALTH_STATUS** - If the service configuration includes `HealthCheckCustomConfig` , when creating resources with a type of [AWS::ServiceDiscovery::Instance](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicediscovery-instance.html) you can optionally use `AWS_INIT_HEALTH_STATUS` to specify the initial status of the custom health check, `HEALTHY` or `UNHEALTHY` . If you don't specify a value for `AWS_INIT_HEALTH_STATUS` , the initial status is `HEALTHY` . This attribute can only be used when creating resources and will not be seen on existing resources.\n- **AWS_INSTANCE_CNAME** - If the service configuration includes a `CNAME` record, the domain name that you want Route\u00a053 to return in response to DNS queries, for example, `example.com` .\n\nThis value is required if the service specified by `ServiceId` includes settings for an `CNAME` record.\n- **AWS_INSTANCE_IPV4** - If the service configuration includes an `A` record, the IPv4 address that you want Route\u00a053 to return in response to DNS queries, for example, `192.0.2.44` .\n\nThis value is required if the service specified by `ServiceId` includes settings for an `A` record. If the service includes settings for an `SRV` record, you must specify a value for `AWS_INSTANCE_IPV4` , `AWS_INSTANCE_IPV6` , or both.\n- **AWS_INSTANCE_IPV6** - If the service configuration includes an `AAAA` record, the IPv6 address that you want Route\u00a053 to return in response to DNS queries, for example, `2001:0db8:85a3:0000:0000:abcd:0001:2345` .\n\nThis value is required if the service specified by `ServiceId` includes settings for an `AAAA` record. If the service includes settings for an `SRV` record, you must specify a value for `AWS_INSTANCE_IPV4` , `AWS_INSTANCE_IPV6` , or both.\n- **AWS_INSTANCE_PORT** - If the service includes an `SRV` record, the value that you want Route\u00a053 to return for the port.\n\nIf the service includes `HealthCheckConfig` , the port on the endpoint that you want Route\u00a053 to send requests to.\n\nThis value is required if you specified settings for an `SRV` record or a Route\u00a053 health check when you created the service.", + "title": "InstanceAttributes", + "type": "object" }, - "PrincipalARN": { - "markdownDescription": "The ARN of the principal ( IAM user, role, or group).", - "title": "PrincipalARN", + "InstanceId": { + "markdownDescription": "An identifier that you want to associate with the instance. Note the following:\n\n- If the service that's specified by `ServiceId` includes settings for an `SRV` record, the value of `InstanceId` is automatically included as part of the value for the `SRV` record. For more information, see [DnsRecord > Type](https://docs.aws.amazon.com/cloud-map/latest/api/API_DnsRecord.html#cloudmap-Type-DnsRecord-Type) .\n- You can use this value to update an existing instance.\n- To register a new instance, you must specify a value that's unique among instances that you register by using the same service.\n- If you specify an existing `InstanceId` and `ServiceId` , AWS Cloud Map updates the existing DNS records, if any. If there's also an existing health check, AWS Cloud Map deletes the old health check and creates a new one.\n\n> The health check isn't deleted immediately, so it will still appear for a while if you submit a `ListHealthChecks` request, for example.\n\n> Do not include sensitive information in `InstanceId` if the namespace is discoverable by public DNS queries and any `Type` member of `DnsRecord` for the service contains `SRV` because the `InstanceId` is discoverable by public DNS queries.", + "title": "InstanceId", "type": "string" }, - "PrincipalType": { - "markdownDescription": "The principal type. The supported values are `IAM` and `IAM_PATTERN` .", - "title": "PrincipalType", + "ServiceId": { + "markdownDescription": "The ID of the service that you want to use for settings for the instance.", + "title": "ServiceId", "type": "string" } }, "required": [ - "PortfolioId", - "PrincipalARN", - "PrincipalType" + "InstanceAttributes", + "ServiceId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::PortfolioPrincipalAssociation" + "AWS::ServiceDiscovery::Instance" ], "type": "string" }, @@ -258020,7 +308429,7 @@ ], "type": "object" }, - "AWS::ServiceCatalog::PortfolioProductAssociation": { + "AWS::ServiceDiscovery::PrivateDnsNamespace": { "additionalProperties": false, "properties": { "Condition": { @@ -258055,36 +308464,44 @@ "Properties": { "additionalProperties": false, "properties": { - "AcceptLanguage": { - "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", - "title": "AcceptLanguage", + "Description": { + "markdownDescription": "A description for the namespace.", + "title": "Description", "type": "string" }, - "PortfolioId": { - "markdownDescription": "The portfolio identifier.", - "title": "PortfolioId", + "Name": { + "markdownDescription": "The name that you want to assign to this namespace. When you create a private DNS namespace, AWS Cloud Map automatically creates an Amazon Route\u00a053 private hosted zone that has the same name as the namespace.", + "title": "Name", "type": "string" }, - "ProductId": { - "markdownDescription": "The product identifier.", - "title": "ProductId", - "type": "string" + "Properties": { + "$ref": "#/definitions/AWS::ServiceDiscovery::PrivateDnsNamespace.Properties", + "markdownDescription": "Properties for the private DNS namespace.", + "title": "Properties" }, - "SourcePortfolioId": { - "markdownDescription": "The identifier of the source portfolio.", - "title": "SourcePortfolioId", + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the namespace. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.", + "title": "Tags", + "type": "array" + }, + "Vpc": { + "markdownDescription": "The ID of the Amazon VPC that you want to associate the namespace with.", + "title": "Vpc", "type": "string" } }, "required": [ - "PortfolioId", - "ProductId" + "Name", + "Vpc" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::PortfolioProductAssociation" + "AWS::ServiceDiscovery::PrivateDnsNamespace" ], "type": "string" }, @@ -258103,7 +308520,40 @@ ], "type": "object" }, - "AWS::ServiceCatalog::PortfolioShare": { + "AWS::ServiceDiscovery::PrivateDnsNamespace.PrivateDnsPropertiesMutable": { + "additionalProperties": false, + "properties": { + "SOA": { + "$ref": "#/definitions/AWS::ServiceDiscovery::PrivateDnsNamespace.SOA", + "markdownDescription": "Fields for the Start of Authority (SOA) record for the hosted zone for the private DNS namespace.", + "title": "SOA" + } + }, + "type": "object" + }, + "AWS::ServiceDiscovery::PrivateDnsNamespace.Properties": { + "additionalProperties": false, + "properties": { + "DnsProperties": { + "$ref": "#/definitions/AWS::ServiceDiscovery::PrivateDnsNamespace.PrivateDnsPropertiesMutable", + "markdownDescription": "DNS properties for the private DNS namespace.", + "title": "DnsProperties" + } + }, + "type": "object" + }, + "AWS::ServiceDiscovery::PrivateDnsNamespace.SOA": { + "additionalProperties": false, + "properties": { + "TTL": { + "markdownDescription": "The time to live (TTL) for purposes of negative caching.", + "title": "TTL", + "type": "number" + } + }, + "type": "object" + }, + "AWS::ServiceDiscovery::PublicDnsNamespace": { "additionalProperties": false, "properties": { "Condition": { @@ -258138,36 +308588,38 @@ "Properties": { "additionalProperties": false, "properties": { - "AcceptLanguage": { - "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", - "title": "AcceptLanguage", + "Description": { + "markdownDescription": "A description for the namespace.", + "title": "Description", "type": "string" }, - "AccountId": { - "markdownDescription": "The AWS account ID. For example, `123456789012` .", - "title": "AccountId", + "Name": { + "markdownDescription": "The name that you want to assign to this namespace.\n\n> Do not include sensitive information in the name. The name is publicly available using DNS queries.", + "title": "Name", "type": "string" }, - "PortfolioId": { - "markdownDescription": "The portfolio identifier.", - "title": "PortfolioId", - "type": "string" + "Properties": { + "$ref": "#/definitions/AWS::ServiceDiscovery::PublicDnsNamespace.Properties", + "markdownDescription": "Properties for the public DNS namespace.", + "title": "Properties" }, - "ShareTagOptions": { - "markdownDescription": "Indicates whether TagOptions sharing is enabled or disabled for the portfolio share.", - "title": "ShareTagOptions", - "type": "boolean" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the namespace. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.", + "title": "Tags", + "type": "array" } }, "required": [ - "AccountId", - "PortfolioId" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::PortfolioShare" + "AWS::ServiceDiscovery::PublicDnsNamespace" ], "type": "string" }, @@ -258186,7 +308638,40 @@ ], "type": "object" }, - "AWS::ServiceCatalog::ResourceUpdateConstraint": { + "AWS::ServiceDiscovery::PublicDnsNamespace.Properties": { + "additionalProperties": false, + "properties": { + "DnsProperties": { + "$ref": "#/definitions/AWS::ServiceDiscovery::PublicDnsNamespace.PublicDnsPropertiesMutable", + "markdownDescription": "DNS properties for the public DNS namespace.", + "title": "DnsProperties" + } + }, + "type": "object" + }, + "AWS::ServiceDiscovery::PublicDnsNamespace.PublicDnsPropertiesMutable": { + "additionalProperties": false, + "properties": { + "SOA": { + "$ref": "#/definitions/AWS::ServiceDiscovery::PublicDnsNamespace.SOA", + "markdownDescription": "Start of Authority (SOA) record for the hosted zone for the public DNS namespace.", + "title": "SOA" + } + }, + "type": "object" + }, + "AWS::ServiceDiscovery::PublicDnsNamespace.SOA": { + "additionalProperties": false, + "properties": { + "TTL": { + "markdownDescription": "The time to live (TTL) for purposes of negative caching.", + "title": "TTL", + "type": "number" + } + }, + "type": "object" + }, + "AWS::ServiceDiscovery::Service": { "additionalProperties": false, "properties": { "Condition": { @@ -258221,42 +308706,60 @@ "Properties": { "additionalProperties": false, "properties": { - "AcceptLanguage": { - "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", - "title": "AcceptLanguage", - "type": "string" - }, "Description": { - "markdownDescription": "The description of the constraint.", + "markdownDescription": "The description of the service.", "title": "Description", "type": "string" }, - "PortfolioId": { - "markdownDescription": "The portfolio identifier.", - "title": "PortfolioId", + "DnsConfig": { + "$ref": "#/definitions/AWS::ServiceDiscovery::Service.DnsConfig", + "markdownDescription": "A complex type that contains information about the Route\u00a053 DNS records that you want AWS Cloud Map to create when you register an instance.\n\n> The record types of a service can only be changed by deleting the service and recreating it with a new `Dnsconfig` .", + "title": "DnsConfig" + }, + "HealthCheckConfig": { + "$ref": "#/definitions/AWS::ServiceDiscovery::Service.HealthCheckConfig", + "markdownDescription": "*Public DNS and HTTP namespaces only.* A complex type that contains settings for an optional health check. If you specify settings for a health check, AWS Cloud Map associates the health check with the records that you specify in `DnsConfig` .\n\nFor information about the charges for health checks, see [Amazon Route\u00a053 Pricing](https://docs.aws.amazon.com/route53/pricing/) .", + "title": "HealthCheckConfig" + }, + "HealthCheckCustomConfig": { + "$ref": "#/definitions/AWS::ServiceDiscovery::Service.HealthCheckCustomConfig", + "markdownDescription": "A complex type that contains information about an optional custom health check.\n\n> If you specify a health check configuration, you can specify either `HealthCheckCustomConfig` or `HealthCheckConfig` but not both.", + "title": "HealthCheckCustomConfig" + }, + "Name": { + "markdownDescription": "The name of the service.", + "title": "Name", "type": "string" }, - "ProductId": { - "markdownDescription": "The product identifier.", - "title": "ProductId", + "NamespaceId": { + "markdownDescription": "The ID of the namespace that was used to create the service.\n\n> You must specify a value for `NamespaceId` either for the service properties or for [DnsConfig](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-servicediscovery-service-dnsconfig.html) . Don't specify a value in both places.", + "title": "NamespaceId", "type": "string" }, - "TagUpdateOnProvisionedProduct": { - "markdownDescription": "If set to `ALLOWED` , lets users change tags in a [CloudFormationProvisionedProduct](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicecatalog-cloudformationprovisionedproduct.html) resource.\n\nIf set to `NOT_ALLOWED` , prevents users from changing tags in a [CloudFormationProvisionedProduct](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicecatalog-cloudformationprovisionedproduct.html) resource.", - "title": "TagUpdateOnProvisionedProduct", + "ServiceAttributes": { + "markdownDescription": "A string map that contains the following information for the service:\n\n- The attributes that apply to the service\n- For each attribute, the applicable value.\n\nYou can specify a total of 30 attributes.", + "title": "ServiceAttributes", + "type": "object" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the service. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "If present, specifies that the service instances are only discoverable using the `DiscoverInstances` API operation. No DNS records is registered for the service instances. The only valid value is `HTTP` .", + "title": "Type", "type": "string" } }, - "required": [ - "PortfolioId", - "ProductId", - "TagUpdateOnProvisionedProduct" - ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::ResourceUpdateConstraint" + "AWS::ServiceDiscovery::Service" ], "type": "string" }, @@ -258270,12 +308773,93 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::ServiceCatalog::ServiceAction": { + "AWS::ServiceDiscovery::Service.DnsConfig": { + "additionalProperties": false, + "properties": { + "DnsRecords": { + "items": { + "$ref": "#/definitions/AWS::ServiceDiscovery::Service.DnsRecord" + }, + "markdownDescription": "An array that contains one `DnsRecord` object for each Route\u00a053 DNS record that you want AWS Cloud Map to create when you register an instance.\n\n> The record type of a service can't be updated directly and can only be changed by deleting the service and recreating it with a new `DnsConfig` .", + "title": "DnsRecords", + "type": "array" + }, + "NamespaceId": { + "markdownDescription": "The ID of the namespace to use for DNS configuration.\n\n> You must specify a value for `NamespaceId` either for `DnsConfig` or for the [service properties](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicediscovery-service.html) . Don't specify a value in both places.", + "title": "NamespaceId", + "type": "string" + }, + "RoutingPolicy": { + "markdownDescription": "The routing policy that you want to apply to all Route\u00a053 DNS records that AWS Cloud Map creates when you register an instance and specify this service.\n\n> If you want to use this service to register instances that create alias records, specify `WEIGHTED` for the routing policy. \n\nYou can specify the following values:\n\n- **MULTIVALUE** - If you define a health check for the service and the health check is healthy, Route\u00a053 returns the applicable value for up to eight instances.\n\nFor example, suppose that the service includes configurations for one `A` record and a health check. You use the service to register 10 instances. Route\u00a053 responds to DNS queries with IP addresses for up to eight healthy instances. If fewer than eight instances are healthy, Route\u00a053 responds to every DNS query with the IP addresses for all of the healthy instances.\n\nIf you don't define a health check for the service, Route\u00a053 assumes that all instances are healthy and returns the values for up to eight instances.\n\nFor more information about the multivalue routing policy, see [Multivalue Answer Routing](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html#routing-policy-multivalue) in the *Route\u00a053 Developer Guide* .\n- **WEIGHTED** - Route\u00a053 returns the applicable value from one randomly selected instance from among the instances that you registered using the same service. Currently, all records have the same weight, so you can't route more or less traffic to any instances.\n\nFor example, suppose that the service includes configurations for one `A` record and a health check. You use the service to register 10 instances. Route\u00a053 responds to DNS queries with the IP address for one randomly selected instance from among the healthy instances. If no instances are healthy, Route\u00a053 responds to DNS queries as if all of the instances were healthy.\n\nIf you don't define a health check for the service, Route\u00a053 assumes that all instances are healthy and returns the applicable value for one randomly selected instance.\n\nFor more information about the weighted routing policy, see [Weighted Routing](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html#routing-policy-weighted) in the *Route\u00a053 Developer Guide* .", + "title": "RoutingPolicy", + "type": "string" + } + }, + "required": [ + "DnsRecords" + ], + "type": "object" + }, + "AWS::ServiceDiscovery::Service.DnsRecord": { + "additionalProperties": false, + "properties": { + "TTL": { + "markdownDescription": "The amount of time, in seconds, that you want DNS resolvers to cache the settings for this record.\n\n> Alias records don't include a TTL because Route\u00a053 uses the TTL for the AWS resource that an alias record routes traffic to. If you include the `AWS_ALIAS_DNS_NAME` attribute when you submit a [RegisterInstance](https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html) request, the `TTL` value is ignored. Always specify a TTL for the service; you can use a service to register instances that create either alias or non-alias records.", + "title": "TTL", + "type": "number" + }, + "Type": { + "markdownDescription": "The type of the resource, which indicates the type of value that Route 53 returns in response to DNS queries. You can specify values for `Type` in the following combinations:\n\n- `A`\n- `AAAA`\n- `A` and `AAAA`\n- `SRV`\n- `CNAME`\n\nIf you want AWS Cloud Map to create a Route 53 alias record when you register an instance, specify `A` or `AAAA` for `Type` .\n\nYou specify other settings, such as the IP address for `A` and `AAAA` records, when you register an instance. For more information, see [RegisterInstance](https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html) .\n\nThe following values are supported:\n\n- **A** - Route 53 returns the IP address of the resource in IPv4 format, such as 192.0.2.44.\n- **AAAA** - Route 53 returns the IP address of the resource in IPv6 format, such as 2001:0db8:85a3:0000:0000:abcd:0001:2345.\n- **CNAME** - Route 53 returns the domain name of the resource, such as www.example.com. Note the following:\n\n- You specify the domain name that you want to route traffic to when you register an instance. For more information, see [Attributes](https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html#cloudmap-RegisterInstance-request-Attributes) in the topic [RegisterInstance](https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html) .\n- You must specify `WEIGHTED` for the value of `RoutingPolicy` .\n- You can't specify both `CNAME` for `Type` and settings for `HealthCheckConfig` . If you do, the request will fail with an `InvalidInput` error.\n- **SRV** - Route 53 returns the value for an `SRV` record. The value for an `SRV` record uses the following values:\n\n`priority weight port service-hostname`\n\nNote the following about the values:\n\n- The values of `priority` and `weight` are both set to `1` and can't be changed.\n- The value of `port` comes from the value that you specify for the `AWS_INSTANCE_PORT` attribute when you submit a [RegisterInstance](https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html) request.\n- The value of `service-hostname` is a concatenation of the following values:\n\n- The value that you specify for `InstanceId` when you register an instance.\n- The name of the service.\n- The name of the namespace.\n\nFor example, if the value of `InstanceId` is `test` , the name of the service is `backend` , and the name of the namespace is `example.com` , the value of `service-hostname` is:\n\n`test.backend.example.com`\n\nIf you specify settings for an `SRV` record and if you specify values for `AWS_INSTANCE_IPV4` , `AWS_INSTANCE_IPV6` , or both in the `RegisterInstance` request, AWS Cloud Map automatically creates `A` and/or `AAAA` records that have the same name as the value of `service-hostname` in the `SRV` record. You can ignore these records.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "TTL", + "Type" + ], + "type": "object" + }, + "AWS::ServiceDiscovery::Service.HealthCheckConfig": { + "additionalProperties": false, + "properties": { + "FailureThreshold": { + "markdownDescription": "The number of consecutive health checks that an endpoint must pass or fail for Route\u00a053 to change the current status of the endpoint from unhealthy to healthy or the other way around. For more information, see [How Route\u00a053 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html) in the *Route\u00a053 Developer Guide* .", + "title": "FailureThreshold", + "type": "number" + }, + "ResourcePath": { + "markdownDescription": "The path that you want Route\u00a053 to request when performing health checks. The path can be any value that your endpoint returns an HTTP status code of a 2xx or 3xx format for when the endpoint is healthy. An example file is `/docs/route53-health-check.html` . Route\u00a053 automatically adds the DNS name for the service. If you don't specify a value for `ResourcePath` , the default value is `/` .\n\nIf you specify `TCP` for `Type` , you must *not* specify a value for `ResourcePath` .", + "title": "ResourcePath", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of health check that you want to create, which indicates how Route\u00a053 determines whether an endpoint is healthy.\n\n> You can't change the value of `Type` after you create a health check. \n\nYou can create the following types of health checks:\n\n- *HTTP* : Route\u00a053 tries to establish a TCP connection. If successful, Route\u00a053 submits an HTTP request and waits for an HTTP status code of 200 or greater and less than 400.\n- *HTTPS* : Route\u00a053 tries to establish a TCP connection. If successful, Route\u00a053 submits an HTTPS request and waits for an HTTP status code of 200 or greater and less than 400.\n\n> If you specify HTTPS for the value of `Type` , the endpoint must support TLS v1.0 or later.\n- *TCP* : Route\u00a053 tries to establish a TCP connection.\n\nIf you specify `TCP` for `Type` , don't specify a value for `ResourcePath` .\n\nFor more information, see [How Route\u00a053 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html) in the *Route\u00a053 Developer Guide* .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::ServiceDiscovery::Service.HealthCheckCustomConfig": { + "additionalProperties": false, + "properties": { + "FailureThreshold": { + "markdownDescription": "> This parameter is no longer supported and is always set to 1. AWS Cloud Map waits for approximately 30 seconds after receiving an `UpdateInstanceCustomHealthStatus` request before changing the status of the service instance. \n\nThe number of 30-second intervals that you want AWS Cloud Map to wait after receiving an `UpdateInstanceCustomHealthStatus` request before it changes the health status of a service instance.\n\nSending a second or subsequent `UpdateInstanceCustomHealthStatus` request with the same value before 30 seconds has passed doesn't accelerate the change. AWS Cloud Map still waits `30` seconds after the first request to make the change.", + "title": "FailureThreshold", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Shield::DRTAccess": { "additionalProperties": false, "properties": { "Condition": { @@ -258310,45 +308894,28 @@ "Properties": { "additionalProperties": false, "properties": { - "AcceptLanguage": { - "markdownDescription": "The language code.\n\n- `en` - English (default)\n- `jp` - Japanese\n- `zh` - Chinese", - "title": "AcceptLanguage", - "type": "string" - }, - "Definition": { + "LogBucketList": { "items": { - "$ref": "#/definitions/AWS::ServiceCatalog::ServiceAction.DefinitionParameter" + "type": "string" }, - "markdownDescription": "A map that defines the self-service action.", - "title": "Definition", + "markdownDescription": "Authorizes the Shield Response Team (SRT) to access the specified Amazon S3 bucket containing log data such as Application Load Balancer access logs, CloudFront logs, or logs from third party sources. You can associate up to 10 Amazon S3 buckets with your subscription.\n\nUse this to share information with the SRT that's not available in AWS WAF logs.\n\nTo use the services of the SRT, you must be subscribed to the [Business Support plan](https://docs.aws.amazon.com/premiumsupport/business-support/) or the [Enterprise Support plan](https://docs.aws.amazon.com/premiumsupport/enterprise-support/) .", + "title": "LogBucketList", "type": "array" }, - "DefinitionType": { - "markdownDescription": "The self-service action definition type. For example, `SSM_AUTOMATION` .", - "title": "DefinitionType", - "type": "string" - }, - "Description": { - "markdownDescription": "The self-service action description.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The self-service action name.", - "title": "Name", + "RoleArn": { + "markdownDescription": "Authorizes the Shield Response Team (SRT) using the specified role, to access your AWS account to assist with DDoS attack mitigation during potential attacks. This enables the SRT to inspect your AWS WAF configuration and logs and to create or update AWS WAF rules and web ACLs.\n\nYou can associate only one `RoleArn` with your subscription. If you submit this update for an account that already has an associated role, the new `RoleArn` will replace the existing `RoleArn` .\n\nThis change requires the following:\n\n- You must be subscribed to the [Business Support plan](https://docs.aws.amazon.com/premiumsupport/business-support/) or the [Enterprise Support plan](https://docs.aws.amazon.com/premiumsupport/enterprise-support/) .\n- The `AWSShieldDRTAccessPolicy` managed policy must be attached to the role that you specify in the request. You can access this policy in the IAM console at [AWSShieldDRTAccessPolicy](https://docs.aws.amazon.com/iam/home?#/policies/arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy) . For information, see [Adding and removing IAM identity permissions](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_manage-attach-detach.html) .\n- The role must trust the service principal `drt.shield.amazonaws.com` . For information, see [IAM JSON policy elements: Principal](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_principal.html) .\n\nThe SRT will have access only to your AWS WAF and Shield resources. By submitting this request, you provide permissions to the SRT to inspect your AWS WAF and Shield configuration and logs, and to create and update AWS WAF rules and web ACLs on your behalf. The SRT takes these actions only if explicitly authorized by you.", + "title": "RoleArn", "type": "string" } }, "required": [ - "Definition", - "DefinitionType", - "Name" + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::ServiceAction" + "AWS::Shield::DRTAccess" ], "type": "string" }, @@ -258367,27 +308934,7 @@ ], "type": "object" }, - "AWS::ServiceCatalog::ServiceAction.DefinitionParameter": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "The parameter key.", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "The value of the parameter.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - }, - "AWS::ServiceCatalog::ServiceActionAssociation": { + "AWS::Shield::ProactiveEngagement": { "additionalProperties": false, "properties": { "Condition": { @@ -258422,32 +308969,29 @@ "Properties": { "additionalProperties": false, "properties": { - "ProductId": { - "markdownDescription": "The product identifier. For example, `prod-abcdzk7xy33qa` .", - "title": "ProductId", - "type": "string" - }, - "ProvisioningArtifactId": { - "markdownDescription": "The identifier of the provisioning artifact. For example, `pa-4abcdjnxjj6ne` .", - "title": "ProvisioningArtifactId", - "type": "string" + "EmergencyContactList": { + "items": { + "$ref": "#/definitions/AWS::Shield::ProactiveEngagement.EmergencyContact" + }, + "markdownDescription": "The list of email addresses and phone numbers that the Shield Response Team (SRT) can use to contact you for escalations to the SRT and to initiate proactive customer support, plus any relevant notes.\n\nTo enable proactive engagement, the contact list must include at least one phone number.\n\nIf you provide more than one contact, in the notes, indicate the circumstances under which each contact should be used. Include primary and secondary contact designations, and provide the hours of availability and time zones for each contact.\n\nExample contact notes:\n\n- This is a hotline that's staffed 24x7x365. Please work with the responding analyst and they will get the appropriate person on the call.\n- Please contact the secondary phone number if the hotline doesn't respond within 5 minutes.", + "title": "EmergencyContactList", + "type": "array" }, - "ServiceActionId": { - "markdownDescription": "The self-service action identifier. For example, `act-fs7abcd89wxyz` .", - "title": "ServiceActionId", + "ProactiveEngagementStatus": { + "markdownDescription": "Specifies whether proactive engagement is enabled or disabled.\n\nValid values:\n\n`ENABLED` - The Shield Response Team (SRT) will use email and phone to notify contacts about escalations to the SRT and to initiate proactive customer support.\n\n`DISABLED` - The SRT will not proactively notify contacts about escalations or to initiate proactive customer support.", + "title": "ProactiveEngagementStatus", "type": "string" } }, "required": [ - "ProductId", - "ProvisioningArtifactId", - "ServiceActionId" + "EmergencyContactList", + "ProactiveEngagementStatus" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::ServiceActionAssociation" + "AWS::Shield::ProactiveEngagement" ], "type": "string" }, @@ -258466,7 +309010,31 @@ ], "type": "object" }, - "AWS::ServiceCatalog::StackSetConstraint": { + "AWS::Shield::ProactiveEngagement.EmergencyContact": { + "additionalProperties": false, + "properties": { + "ContactNotes": { + "markdownDescription": "Additional notes regarding the contact.", + "title": "ContactNotes", + "type": "string" + }, + "EmailAddress": { + "markdownDescription": "The email address for the contact.", + "title": "EmailAddress", + "type": "string" + }, + "PhoneNumber": { + "markdownDescription": "The phone number for the contact.", + "title": "PhoneNumber", + "type": "string" + } + }, + "required": [ + "EmailAddress" + ], + "type": "object" + }, + "AWS::Shield::Protection": { "additionalProperties": false, "properties": { "Condition": { @@ -258501,73 +309069,47 @@ "Properties": { "additionalProperties": false, "properties": { - "AcceptLanguage": { - "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", - "title": "AcceptLanguage", - "type": "string" + "ApplicationLayerAutomaticResponseConfiguration": { + "$ref": "#/definitions/AWS::Shield::Protection.ApplicationLayerAutomaticResponseConfiguration", + "markdownDescription": "The automatic application layer DDoS mitigation settings for the protection. This configuration determines whether Shield Advanced automatically manages rules in the web ACL in order to respond to application layer events that Shield Advanced determines to be DDoS attacks.\n\nIf you use AWS CloudFormation to manage the web ACLs that you use with Shield Advanced automatic mitigation, see the additional guidance about web ACL management in the `AWS::WAFv2::WebACL` resource description.", + "title": "ApplicationLayerAutomaticResponseConfiguration" }, - "AccountList": { + "HealthCheckArns": { "items": { "type": "string" }, - "markdownDescription": "One or more AWS accounts that will have access to the provisioned product.", - "title": "AccountList", + "markdownDescription": "The ARN (Amazon Resource Name) of the health check to associate with the protection. Health-based detection provides improved responsiveness and accuracy in attack detection and mitigation.\n\nYou can use this option with any resource type except for Route\u00a053 hosted zones.\n\nFor more information, see [Configuring health-based detection using health checks](https://docs.aws.amazon.com/waf/latest/developerguide/ddos-advanced-health-checks.html) in the *AWS Shield Advanced Developer Guide* .", + "title": "HealthCheckArns", "type": "array" }, - "AdminRole": { - "markdownDescription": "AdminRole ARN", - "title": "AdminRole", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the constraint.", - "title": "Description", - "type": "string" - }, - "ExecutionRole": { - "markdownDescription": "ExecutionRole name", - "title": "ExecutionRole", - "type": "string" - }, - "PortfolioId": { - "markdownDescription": "The portfolio identifier.", - "title": "PortfolioId", + "Name": { + "markdownDescription": "The name of the protection. For example, `My CloudFront distributions` .\n\n> If you change the name of an existing protection, Shield Advanced deletes the protection and replaces it with a new one. While this is happening, the protection isn't available on the AWS resource.", + "title": "Name", "type": "string" }, - "ProductId": { - "markdownDescription": "The product identifier.", - "title": "ProductId", + "ResourceArn": { + "markdownDescription": "The ARN (Amazon Resource Name) of the AWS resource that is protected.", + "title": "ResourceArn", "type": "string" }, - "RegionList": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "One or more AWS Regions where the provisioned product will be available.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nThe specified Regions should be within the list of Regions from the `STACKSET` constraint. To get the list of Regions in the `STACKSET` constraint, use the `DescribeProvisioningParameters` operation.\n\nIf no values are specified, the default value is all Regions from the `STACKSET` constraint.", - "title": "RegionList", + "markdownDescription": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.", + "title": "Tags", "type": "array" - }, - "StackInstanceControl": { - "markdownDescription": "Permission to create, update, and delete stack instances. Choose from ALLOWED and NOT_ALLOWED.", - "title": "StackInstanceControl", - "type": "string" } }, "required": [ - "AccountList", - "AdminRole", - "Description", - "ExecutionRole", - "PortfolioId", - "ProductId", - "RegionList", - "StackInstanceControl" + "Name", + "ResourceArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::StackSetConstraint" + "AWS::Shield::Protection" ], "type": "string" }, @@ -258586,7 +309128,43 @@ ], "type": "object" }, - "AWS::ServiceCatalog::TagOption": { + "AWS::Shield::Protection.Action": { + "additionalProperties": false, + "properties": { + "Block": { + "markdownDescription": "Specifies that Shield Advanced should configure its AWS WAF rules with the AWS WAF `Block` action.\n\nYou must specify exactly one action, either `Block` or `Count` .\n\nExample JSON: `{ \"Block\": {} }`\n\nExample YAML: `Block: {}`", + "title": "Block", + "type": "object" + }, + "Count": { + "markdownDescription": "Specifies that Shield Advanced should configure its AWS WAF rules with the AWS WAF `Count` action.\n\nYou must specify exactly one action, either `Block` or `Count` .\n\nExample JSON: `{ \"Count\": {} }`\n\nExample YAML: `Count: {}`", + "title": "Count", + "type": "object" + } + }, + "type": "object" + }, + "AWS::Shield::Protection.ApplicationLayerAutomaticResponseConfiguration": { + "additionalProperties": false, + "properties": { + "Action": { + "$ref": "#/definitions/AWS::Shield::Protection.Action", + "markdownDescription": "Specifies the action setting that Shield Advanced should use in the AWS WAF rules that it creates on behalf of the protected resource in response to DDoS attacks. You specify this as part of the configuration for the automatic application layer DDoS mitigation feature, when you enable or update automatic mitigation. Shield Advanced creates the AWS WAF rules in a Shield Advanced-managed rule group, inside the web ACL that you have associated with the resource.", + "title": "Action" + }, + "Status": { + "markdownDescription": "Indicates whether automatic application layer DDoS mitigation is enabled for the protection.", + "title": "Status", + "type": "string" + } + }, + "required": [ + "Action", + "Status" + ], + "type": "object" + }, + "AWS::Shield::ProtectionGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -258621,31 +309199,53 @@ "Properties": { "additionalProperties": false, "properties": { - "Active": { - "markdownDescription": "The TagOption active state.", - "title": "Active", - "type": "boolean" + "Aggregation": { + "markdownDescription": "Defines how AWS Shield combines resource data for the group in order to detect, mitigate, and report events.\n\n- `Sum` - Use the total traffic across the group. This is a good choice for most cases. Examples include Elastic IP addresses for EC2 instances that scale manually or automatically.\n- `Mean` - Use the average of the traffic across the group. This is a good choice for resources that share traffic uniformly. Examples include accelerators and load balancers.\n- `Max` - Use the highest traffic from each resource. This is useful for resources that don't share traffic and for resources that share that traffic in a non-uniform way. Examples include Amazon CloudFront distributions and origin resources for CloudFront distributions.", + "title": "Aggregation", + "type": "string" }, - "Key": { - "markdownDescription": "The TagOption key.", - "title": "Key", + "Members": { + "items": { + "type": "string" + }, + "markdownDescription": "The ARNs (Amazon Resource Names) of the resources to include in the protection group. You must set this when you set `Pattern` to `ARBITRARY` and you must not set it for any other `Pattern` setting.", + "title": "Members", + "type": "array" + }, + "Pattern": { + "markdownDescription": "The criteria to use to choose the protected resources for inclusion in the group. You can include all resources that have protections, provide a list of resource ARNs (Amazon Resource Names), or include all resources of a specified resource type.", + "title": "Pattern", "type": "string" }, - "Value": { - "markdownDescription": "The TagOption value.", - "title": "Value", + "ProtectionGroupId": { + "markdownDescription": "The name of the protection group. You use this to identify the protection group in lists and to manage the protection group, for example to update, delete, or describe it.", + "title": "ProtectionGroupId", + "type": "string" + }, + "ResourceType": { + "markdownDescription": "The resource type to include in the protection group. All protected resources of this type are included in the protection group. You must set this when you set `Pattern` to `BY_RESOURCE_TYPE` and you must not set it for any other `Pattern` setting.", + "title": "ResourceType", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.", + "title": "Tags", + "type": "array" } }, "required": [ - "Key", - "Value" + "Aggregation", + "Pattern", + "ProtectionGroupId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::TagOption" + "AWS::Shield::ProtectionGroup" ], "type": "string" }, @@ -258664,7 +309264,7 @@ ], "type": "object" }, - "AWS::ServiceCatalog::TagOptionAssociation": { + "AWS::Signer::ProfilePermission": { "additionalProperties": false, "properties": { "Condition": { @@ -258699,26 +309299,43 @@ "Properties": { "additionalProperties": false, "properties": { - "ResourceId": { - "markdownDescription": "The resource identifier.", - "title": "ResourceId", + "Action": { + "markdownDescription": "The AWS Signer action permitted as part of cross-account permissions.", + "title": "Action", "type": "string" }, - "TagOptionId": { - "markdownDescription": "The TagOption identifier.", - "title": "TagOptionId", + "Principal": { + "markdownDescription": "The AWS principal receiving cross-account permissions. This may be an IAM role or another AWS account ID.", + "title": "Principal", + "type": "string" + }, + "ProfileName": { + "markdownDescription": "The human-readable name of the signing profile.", + "title": "ProfileName", + "type": "string" + }, + "ProfileVersion": { + "markdownDescription": "The version of the signing profile.", + "title": "ProfileVersion", + "type": "string" + }, + "StatementId": { + "markdownDescription": "A unique identifier for the cross-account permission statement.", + "title": "StatementId", "type": "string" } }, "required": [ - "ResourceId", - "TagOptionId" + "Action", + "Principal", + "ProfileName", + "StatementId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::TagOptionAssociation" + "AWS::Signer::ProfilePermission" ], "type": "string" }, @@ -258737,7 +309354,7 @@ ], "type": "object" }, - "AWS::ServiceCatalogAppRegistry::Application": { + "AWS::Signer::SigningProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -258772,36 +309389,33 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the application.", - "title": "Description", + "PlatformId": { + "markdownDescription": "The ID of a platform that is available for use by a signing profile.", + "title": "PlatformId", "type": "string" }, - "Name": { - "markdownDescription": "The name of the application. The name must be unique in the region in which you are creating the application.", - "title": "Name", - "type": "string" + "SignatureValidityPeriod": { + "$ref": "#/definitions/AWS::Signer::SigningProfile.SignatureValidityPeriod", + "markdownDescription": "The validity period override for any signature generated using this signing profile. If unspecified, the default is 135 months.", + "title": "SignatureValidityPeriod" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "Key-value pairs you can use to associate with the application.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "A list of tags associated with the signing profile.", "title": "Tags", - "type": "object" + "type": "array" } }, "required": [ - "Name" + "PlatformId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalogAppRegistry::Application" + "AWS::Signer::SigningProfile" ], "type": "string" }, @@ -258820,7 +309434,23 @@ ], "type": "object" }, - "AWS::ServiceCatalogAppRegistry::AttributeGroup": { + "AWS::Signer::SigningProfile.SignatureValidityPeriod": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "The time unit for signature validity: DAYS | MONTHS | YEARS.", + "title": "Type", + "type": "string" + }, + "Value": { + "markdownDescription": "The numerical value of the time unit for signature validity.", + "title": "Value", + "type": "number" + } + }, + "type": "object" + }, + "AWS::SimSpaceWeaver::Simulation": { "additionalProperties": false, "properties": { "Condition": { @@ -258855,42 +309485,41 @@ "Properties": { "additionalProperties": false, "properties": { - "Attributes": { - "markdownDescription": "A nested object in a JSON or YAML template that supports arbitrary definitions. Represents the attributes in an attribute group that describes an application and its components.", - "title": "Attributes", - "type": "object" - }, - "Description": { - "markdownDescription": "The description of the attribute group that the user provides.", - "title": "Description", + "MaximumDuration": { + "markdownDescription": "The maximum running time of the simulation, specified as a number of minutes (m or M), hours (h or H), or days (d or D). The simulation stops when it reaches this limit. The maximum value is `14D` , or its equivalent in the other units. The default value is `14D` . A value equivalent to `0` makes the simulation immediately transition to `STOPPING` as soon as it reaches `STARTED` .", + "title": "MaximumDuration", "type": "string" }, "Name": { - "markdownDescription": "The name of the attribute group.", + "markdownDescription": "The name of the simulation.", "title": "Name", "type": "string" }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Key-value pairs you can use to associate with the attribute group.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management ( IAM ) role that the simulation assumes to perform actions. For more information about ARNs, see [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* . For more information about IAM roles, see [IAM roles](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html) in the *AWS Identity and Access Management User Guide* .", + "title": "RoleArn", + "type": "string" + }, + "SchemaS3Location": { + "$ref": "#/definitions/AWS::SimSpaceWeaver::Simulation.S3Location", + "markdownDescription": "The location of the simulation schema in Amazon Simple Storage Service ( Amazon S3 ). For more information about Amazon S3 , see the [*Amazon Simple Storage Service User Guide*](https://docs.aws.amazon.com/AmazonS3/latest/userguide/Welcome.html) .\n\nProvide a `SchemaS3Location` to start your simulation from a schema.\n\nIf you provide a `SchemaS3Location` then you can't provide a `SnapshotS3Location` .", + "title": "SchemaS3Location" + }, + "SnapshotS3Location": { + "$ref": "#/definitions/AWS::SimSpaceWeaver::Simulation.S3Location", + "markdownDescription": "The location of the snapshot in Amazon Simple Storage Service ( Amazon S3 ). For more information about Amazon S3 , see the [*Amazon Simple Storage Service User Guide*](https://docs.aws.amazon.com/AmazonS3/latest/userguide/Welcome.html) .\n\nProvide a `SnapshotS3Location` to start your simulation from a snapshot.\n\nIf you provide a `SnapshotS3Location` then you can't provide a `SchemaS3Location` .", + "title": "SnapshotS3Location" } }, "required": [ - "Attributes", - "Name" + "Name", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalogAppRegistry::AttributeGroup" + "AWS::SimSpaceWeaver::Simulation" ], "type": "string" }, @@ -258909,7 +309538,27 @@ ], "type": "object" }, - "AWS::ServiceCatalogAppRegistry::AttributeGroupAssociation": { + "AWS::SimSpaceWeaver::Simulation.S3Location": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "The name of an Amazon S3 bucket. For more information about buckets, see [Creating, configuring, and working with Amazon S3 buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/creating-buckets-s3.html) in the *Amazon Simple Storage Service User Guide* .", + "title": "BucketName", + "type": "string" + }, + "ObjectKey": { + "markdownDescription": "The key name of an object in Amazon S3. For more information about Amazon S3 objects and object keys, see [Uploading, downloading, and working with objects in Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/userguide/uploading-downloading-objects.html) in the *Amazon Simple Storage Service User Guide* .", + "title": "ObjectKey", + "type": "string" + } + }, + "required": [ + "BucketName", + "ObjectKey" + ], + "type": "object" + }, + "AWS::StepFunctions::Activity": { "additionalProperties": false, "properties": { "Condition": { @@ -258944,26 +309593,33 @@ "Properties": { "additionalProperties": false, "properties": { - "Application": { - "markdownDescription": "The name or ID of the application.", - "title": "Application", - "type": "string" + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::StepFunctions::Activity.EncryptionConfiguration", + "markdownDescription": "Encryption configuration for the activity.\n\nActivity configuration is immutable, and resource names must be unique. To set customer managed keys for encryption, you must create a *new Activity* . If you attempt to change the configuration in your CFN template for an existing activity, you will receive an `ActivityAlreadyExists` exception.\n\nTo update your activity to include customer managed keys, set a new activity name within your AWS CloudFormation template.", + "title": "EncryptionConfiguration" }, - "AttributeGroup": { - "markdownDescription": "The name or ID of the attribute group which holds the attributes that describe the application.", - "title": "AttributeGroup", + "Name": { + "markdownDescription": "The name of the activity.\n\nA name must *not* contain:\n\n- white space\n- brackets `< > { } [ ]`\n- wildcard characters `? *`\n- special characters `\" # % \\ ^ | ~ ` $ & , ; : /`\n- control characters ( `U+0000-001F` , `U+007F-009F` , `U+FFFE-FFFF` )\n- surrogates ( `U+D800-DFFF` )\n- invalid characters ( `U+10FFFF` )\n\nTo enable logging with CloudWatch Logs, the name should only contain 0-9, A-Z, a-z, - and _.", + "title": "Name", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::StepFunctions::Activity.TagsEntry" + }, + "markdownDescription": "The list of tags to add to a resource.\n\nTags may only contain Unicode letters, digits, white space, or these symbols: `_ . : / = + - @` .", + "title": "Tags", + "type": "array" } }, "required": [ - "Application", - "AttributeGroup" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalogAppRegistry::AttributeGroupAssociation" + "AWS::StepFunctions::Activity" ], "type": "string" }, @@ -258982,7 +309638,51 @@ ], "type": "object" }, - "AWS::ServiceCatalogAppRegistry::ResourceAssociation": { + "AWS::StepFunctions::Activity.EncryptionConfiguration": { + "additionalProperties": false, + "properties": { + "KmsDataKeyReusePeriodSeconds": { + "markdownDescription": "Maximum duration that Step Functions will reuse data keys. When the period expires, Step Functions will call `GenerateDataKey` . Only applies to customer managed keys.", + "title": "KmsDataKeyReusePeriodSeconds", + "type": "number" + }, + "KmsKeyId": { + "markdownDescription": "An alias, alias ARN, key ID, or key ARN of a symmetric encryption AWS KMS key to encrypt data. To specify a AWS KMS key in a different AWS account, you must use the key ARN or alias ARN.", + "title": "KmsKeyId", + "type": "string" + }, + "Type": { + "markdownDescription": "Encryption option for an activity.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::StepFunctions::Activity.TagsEntry": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The `key` for a key-value pair in a tag entry.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The `value` for a key-value pair in a tag entry.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::StepFunctions::StateMachine": { "additionalProperties": false, "properties": { "Condition": { @@ -259017,32 +309717,79 @@ "Properties": { "additionalProperties": false, "properties": { - "Application": { - "markdownDescription": "The name or ID of the application.", - "title": "Application", + "Definition": { + "markdownDescription": "The Amazon States Language definition of the state machine. The state machine definition must be in JSON or YAML, and the format of the object must match the format of your CloudFormation template file. See [Amazon States Language](https://docs.aws.amazon.com/step-functions/latest/dg/concepts-amazon-states-language.html) .", + "title": "Definition", + "type": "object" + }, + "DefinitionS3Location": { + "$ref": "#/definitions/AWS::StepFunctions::StateMachine.S3Location", + "markdownDescription": "The name of the S3 bucket where the state machine definition is stored. The state machine definition must be a JSON or YAML file.", + "title": "DefinitionS3Location" + }, + "DefinitionString": { + "markdownDescription": "The Amazon States Language definition of the state machine. The state machine definition must be in JSON. See [Amazon States Language](https://docs.aws.amazon.com/step-functions/latest/dg/concepts-amazon-states-language.html) .", + "title": "DefinitionString", "type": "string" }, - "Resource": { - "markdownDescription": "The name or ID of the resource of which the application will be associated.", - "title": "Resource", + "DefinitionSubstitutions": { + "additionalProperties": true, + "markdownDescription": "A map (string to string) that specifies the mappings for placeholder variables in the state machine definition. This enables the customer to inject values obtained at runtime, for example from intrinsic functions, in the state machine definition. Variables can be template parameter names, resource logical IDs, resource attributes, or a variable in a key-value map.\n\nSubstitutions must follow the syntax: `${key_name}` or `${variable_1,variable_2,...}` .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "object" + } + }, + "title": "DefinitionSubstitutions", + "type": "object" + }, + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::StepFunctions::StateMachine.EncryptionConfiguration", + "markdownDescription": "Encryption configuration for the state machine.", + "title": "EncryptionConfiguration" + }, + "LoggingConfiguration": { + "$ref": "#/definitions/AWS::StepFunctions::StateMachine.LoggingConfiguration", + "markdownDescription": "Defines what execution history events are logged and where they are logged.\n\n> By default, the `level` is set to `OFF` . For more information see [Log Levels](https://docs.aws.amazon.com/step-functions/latest/dg/cloudwatch-log-level.html) in the AWS Step Functions User Guide.", + "title": "LoggingConfiguration" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to use for this state machine.", + "title": "RoleArn", "type": "string" }, - "ResourceType": { - "markdownDescription": "The type of resource of which the application will be associated.", - "title": "ResourceType", + "StateMachineName": { + "markdownDescription": "The name of the state machine.\n\nA name must *not* contain:\n\n- white space\n- brackets `< > { } [ ]`\n- wildcard characters `? *`\n- special characters `\" # % \\ ^ | ~ ` $ & , ; : /`\n- control characters ( `U+0000-001F` , `U+007F-009F` )\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "StateMachineName", + "type": "string" + }, + "StateMachineType": { + "markdownDescription": "Determines whether a `STANDARD` or `EXPRESS` state machine is created. The default is `STANDARD` . You cannot update the `type` of a state machine once it has been created. For more information on `STANDARD` and `EXPRESS` workflows, see [Standard Versus Express Workflows](https://docs.aws.amazon.com/step-functions/latest/dg/concepts-standard-vs-express.html) in the AWS Step Functions Developer Guide.", + "title": "StateMachineType", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::StepFunctions::StateMachine.TagsEntry" + }, + "markdownDescription": "The list of tags to add to a resource.\n\nTags may only contain Unicode letters, digits, white space, or these symbols: `_ . : / = + - @` .", + "title": "Tags", + "type": "array" + }, + "TracingConfiguration": { + "$ref": "#/definitions/AWS::StepFunctions::StateMachine.TracingConfiguration", + "markdownDescription": "Selects whether or not the state machine's AWS X-Ray tracing is enabled.", + "title": "TracingConfiguration" } }, "required": [ - "Application", - "Resource", - "ResourceType" + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalogAppRegistry::ResourceAssociation" + "AWS::StepFunctions::StateMachine" ], "type": "string" }, @@ -259061,7 +309808,133 @@ ], "type": "object" }, - "AWS::ServiceDiscovery::HttpNamespace": { + "AWS::StepFunctions::StateMachine.CloudWatchLogsLogGroup": { + "additionalProperties": false, + "properties": { + "LogGroupArn": { + "markdownDescription": "The ARN of the the CloudWatch log group to which you want your logs emitted to. The ARN must end with `:*`", + "title": "LogGroupArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::StepFunctions::StateMachine.EncryptionConfiguration": { + "additionalProperties": false, + "properties": { + "KmsDataKeyReusePeriodSeconds": { + "markdownDescription": "Maximum duration that Step Functions will reuse data keys. When the period expires, Step Functions will call `GenerateDataKey` . Only applies to customer managed keys.", + "title": "KmsDataKeyReusePeriodSeconds", + "type": "number" + }, + "KmsKeyId": { + "markdownDescription": "An alias, alias ARN, key ID, or key ARN of a symmetric encryption AWS KMS key to encrypt data. To specify a AWS KMS key in a different AWS account, you must use the key ARN or alias ARN.", + "title": "KmsKeyId", + "type": "string" + }, + "Type": { + "markdownDescription": "Encryption option for a state machine.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::StepFunctions::StateMachine.LogDestination": { + "additionalProperties": false, + "properties": { + "CloudWatchLogsLogGroup": { + "$ref": "#/definitions/AWS::StepFunctions::StateMachine.CloudWatchLogsLogGroup", + "markdownDescription": "An object describing a CloudWatch log group. For more information, see [AWS::Logs::LogGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-logs-loggroup.html) in the AWS CloudFormation User Guide.", + "title": "CloudWatchLogsLogGroup" + } + }, + "type": "object" + }, + "AWS::StepFunctions::StateMachine.LoggingConfiguration": { + "additionalProperties": false, + "properties": { + "Destinations": { + "items": { + "$ref": "#/definitions/AWS::StepFunctions::StateMachine.LogDestination" + }, + "markdownDescription": "An array of objects that describes where your execution history events will be logged. Limited to size 1. Required, if your log level is not set to `OFF` .", + "title": "Destinations", + "type": "array" + }, + "IncludeExecutionData": { + "markdownDescription": "Determines whether execution data is included in your log. When set to `false` , data is excluded.", + "title": "IncludeExecutionData", + "type": "boolean" + }, + "Level": { + "markdownDescription": "Defines which category of execution history events are logged.", + "title": "Level", + "type": "string" + } + }, + "type": "object" + }, + "AWS::StepFunctions::StateMachine.S3Location": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The name of the S3 bucket where the state machine definition JSON or YAML file is stored.", + "title": "Bucket", + "type": "string" + }, + "Key": { + "markdownDescription": "The name of the state machine definition file (Amazon S3 object name).", + "title": "Key", + "type": "string" + }, + "Version": { + "markdownDescription": "For versioning-enabled buckets, a specific version of the state machine definition.", + "title": "Version", + "type": "string" + } + }, + "required": [ + "Bucket", + "Key" + ], + "type": "object" + }, + "AWS::StepFunctions::StateMachine.TagsEntry": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The `key` for a key-value pair in a tag entry.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The `value` for a key-value pair in a tag entry.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::StepFunctions::StateMachine.TracingConfiguration": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "When set to `true` , X-Ray tracing is enabled.", + "title": "Enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::StepFunctions::StateMachineAlias": { "additionalProperties": false, "properties": { "Condition": { @@ -259096,33 +309969,35 @@ "Properties": { "additionalProperties": false, "properties": { + "DeploymentPreference": { + "$ref": "#/definitions/AWS::StepFunctions::StateMachineAlias.DeploymentPreference", + "markdownDescription": "The settings that enable gradual state machine deployments. These settings include [Alarms](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-alarms) , [Interval](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-interval) , [Percentage](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-percentage) , [StateMachineVersionArn](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-statemachineversionarn) , and [Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-type) .\n\nCloudFormation automatically shifts traffic from the version an alias currently points to, to a new state machine version that you specify.\n\n> `RoutingConfiguration` and `DeploymentPreference` are mutually exclusive properties. You must define only one of these properties. \n\nBased on the type of deployment you want to perform, you can specify one of the following settings:\n\n- `LINEAR` - Shifts traffic to the new version in equal increments with an equal number of minutes between each increment.\n\nFor example, if you specify the increment percent as `20` with an interval of `600` minutes, this deployment increases traffic by 20 percent every 600 minutes until the new version receives 100 percent of the traffic. This deployment immediately rolls back the new version if any Amazon CloudWatch alarms are triggered.\n- `ALL_AT_ONCE` - Shifts 100 percent of traffic to the new version immediately. CloudFormation monitors the new version and rolls it back automatically to the previous version if any CloudWatch alarms are triggered.\n- `CANARY` - Shifts traffic in two increments.\n\nIn the first increment, a small percentage of traffic, for example, 10 percent is shifted to the new version. In the second increment, before a specified time interval in seconds gets over, the remaining traffic is shifted to the new version. The shift to the new version for the remaining traffic takes place only if no CloudWatch alarms are triggered during the specified time interval.", + "title": "DeploymentPreference" + }, "Description": { - "markdownDescription": "A description for the namespace.", + "markdownDescription": "An optional description of the state machine alias.", "title": "Description", "type": "string" }, "Name": { - "markdownDescription": "The name that you want to assign to this namespace.", + "markdownDescription": "The name of the state machine alias. If you don't provide a name, it uses an automatically generated name based on the logical ID.", "title": "Name", "type": "string" }, - "Tags": { + "RoutingConfiguration": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::StepFunctions::StateMachineAlias.RoutingConfigurationVersion" }, - "markdownDescription": "The tags for the namespace. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.", - "title": "Tags", + "markdownDescription": "The routing configuration of an alias. Routing configuration splits [StartExecution](https://docs.aws.amazon.com/step-functions/latest/apireference/API_StartExecution.html) requests between one or two versions of the same state machine.\n\nUse `RoutingConfiguration` if you want to explicitly set the alias [weights](https://docs.aws.amazon.com/step-functions/latest/apireference/API_RoutingConfigurationListItem.html#StepFunctions-Type-RoutingConfigurationListItem-weight) . Weight is the percentage of traffic you want to route to a state machine version.\n\n> `RoutingConfiguration` and `DeploymentPreference` are mutually exclusive properties. You must define only one of these properties.", + "title": "RoutingConfiguration", "type": "array" } }, - "required": [ - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceDiscovery::HttpNamespace" + "AWS::StepFunctions::StateMachineAlias" ], "type": "string" }, @@ -259136,90 +310011,69 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::ServiceDiscovery::Instance": { + "AWS::StepFunctions::StateMachineAlias.DeploymentPreference": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Alarms": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of Amazon CloudWatch alarm names to be monitored during the deployment. The deployment fails and rolls back if any of these alarms go into the `ALARM` state.\n\n> Amazon CloudWatch considers nonexistent alarms to have an `OK` state. If you provide an invalid alarm name or provide the ARN of an alarm instead of its name, your deployment may not roll back correctly.", + "title": "Alarms", + "type": "array" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Interval": { + "markdownDescription": "The time in minutes between each traffic shifting increment.", + "title": "Interval", + "type": "number" }, - "Metadata": { - "type": "object" + "Percentage": { + "markdownDescription": "The percentage of traffic to shift to the new version in each increment.", + "title": "Percentage", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "InstanceAttributes": { - "markdownDescription": "A string map that contains the following information for the service that you specify in `ServiceId` :\n\n- The attributes that apply to the records that are defined in the service.\n- For each attribute, the applicable value.\n\nSupported attribute keys include the following:\n\n- **AWS_ALIAS_DNS_NAME** - If you want AWS Cloud Map to create a Route\u00a053 alias record that routes traffic to an Elastic Load Balancing load balancer, specify the DNS name that is associated with the load balancer. For information about how to get the DNS name, see [AliasTarget->DNSName](https://docs.aws.amazon.com/Route53/latest/APIReference/API_AliasTarget.html#Route53-Type-AliasTarget-DNSName) in the *Route\u00a053 API Reference* .\n\nNote the following:\n\n- The configuration for the service that is specified by `ServiceId` must include settings for an `A` record, an `AAAA` record, or both.\n- In the service that is specified by `ServiceId` , the value of `RoutingPolicy` must be `WEIGHTED` .\n- If the service that is specified by `ServiceId` includes `HealthCheckConfig` settings, AWS Cloud Map will create the health check, but it won't associate the health check with the alias record.\n- Auto naming currently doesn't support creating alias records that route traffic to AWS resources other than ELB load balancers.\n- If you specify a value for `AWS_ALIAS_DNS_NAME` , don't specify values for any of the `AWS_INSTANCE` attributes.\n- **AWS_EC2_INSTANCE_ID** - *HTTP namespaces only.* The Amazon EC2 instance ID for the instance. The `AWS_INSTANCE_IPV4` attribute contains the primary private IPv4 address. When creating resources with a type of [AWS::ServiceDiscovery::Instance](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicediscovery-instance.html) , if the `AWS_EC2_INSTANCE_ID` attribute is specified, the only other attribute that can be specified is `AWS_INIT_HEALTH_STATUS` . After the resource has been created, the `AWS_INSTANCE_IPV4` attribute contains the primary private IPv4 address.\n- **AWS_INIT_HEALTH_STATUS** - If the service configuration includes `HealthCheckCustomConfig` , when creating resources with a type of [AWS::ServiceDiscovery::Instance](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicediscovery-instance.html) you can optionally use `AWS_INIT_HEALTH_STATUS` to specify the initial status of the custom health check, `HEALTHY` or `UNHEALTHY` . If you don't specify a value for `AWS_INIT_HEALTH_STATUS` , the initial status is `HEALTHY` . This attribute can only be used when creating resources and will not be seen on existing resources.\n- **AWS_INSTANCE_CNAME** - If the service configuration includes a `CNAME` record, the domain name that you want Route\u00a053 to return in response to DNS queries, for example, `example.com` .\n\nThis value is required if the service specified by `ServiceId` includes settings for an `CNAME` record.\n- **AWS_INSTANCE_IPV4** - If the service configuration includes an `A` record, the IPv4 address that you want Route\u00a053 to return in response to DNS queries, for example, `192.0.2.44` .\n\nThis value is required if the service specified by `ServiceId` includes settings for an `A` record. If the service includes settings for an `SRV` record, you must specify a value for `AWS_INSTANCE_IPV4` , `AWS_INSTANCE_IPV6` , or both.\n- **AWS_INSTANCE_IPV6** - If the service configuration includes an `AAAA` record, the IPv6 address that you want Route\u00a053 to return in response to DNS queries, for example, `2001:0db8:85a3:0000:0000:abcd:0001:2345` .\n\nThis value is required if the service specified by `ServiceId` includes settings for an `AAAA` record. If the service includes settings for an `SRV` record, you must specify a value for `AWS_INSTANCE_IPV4` , `AWS_INSTANCE_IPV6` , or both.\n- **AWS_INSTANCE_PORT** - If the service includes an `SRV` record, the value that you want Route\u00a053 to return for the port.\n\nIf the service includes `HealthCheckConfig` , the port on the endpoint that you want Route\u00a053 to send requests to.\n\nThis value is required if you specified settings for an `SRV` record or a Route\u00a053 health check when you created the service.", - "title": "InstanceAttributes", - "type": "object" - }, - "InstanceId": { - "markdownDescription": "An identifier that you want to associate with the instance. Note the following:\n\n- If the service that's specified by `ServiceId` includes settings for an `SRV` record, the value of `InstanceId` is automatically included as part of the value for the `SRV` record. For more information, see [DnsRecord > Type](https://docs.aws.amazon.com/cloud-map/latest/api/API_DnsRecord.html#cloudmap-Type-DnsRecord-Type) .\n- You can use this value to update an existing instance.\n- To register a new instance, you must specify a value that's unique among instances that you register by using the same service.\n- If you specify an existing `InstanceId` and `ServiceId` , AWS Cloud Map updates the existing DNS records, if any. If there's also an existing health check, AWS Cloud Map deletes the old health check and creates a new one.\n\n> The health check isn't deleted immediately, so it will still appear for a while if you submit a `ListHealthChecks` request, for example.\n\n> Do not include sensitive information in `InstanceId` if the namespace is discoverable by public DNS queries and any `Type` member of `DnsRecord` for the service contains `SRV` because the `InstanceId` is discoverable by public DNS queries.", - "title": "InstanceId", - "type": "string" - }, - "ServiceId": { - "markdownDescription": "The ID of the service that you want to use for settings for the instance.", - "title": "ServiceId", - "type": "string" - } - }, - "required": [ - "InstanceAttributes", - "ServiceId" - ], - "type": "object" + "StateMachineVersionArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the [`AWS::StepFunctions::StateMachineVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-stepfunctions-statemachineversion.html) resource that will be the final version to which the alias points to when the traffic shifting is complete.\n\nWhile performing gradual deployments, you can only provide a single state machine version ARN. To explicitly set version weights in a CloudFormation template, use `RoutingConfiguration` instead.", + "title": "StateMachineVersionArn", + "type": "string" }, "Type": { - "enum": [ - "AWS::ServiceDiscovery::Instance" - ], + "markdownDescription": "The type of deployment you want to perform. You can specify one of the following types:\n\n- `LINEAR` - Shifts traffic to the new version in equal increments with an equal number of minutes between each increment.\n\nFor example, if you specify the increment percent as `20` with an interval of `600` minutes, this deployment increases traffic by 20 percent every 600 minutes until the new version receives 100 percent of the traffic. This deployment immediately rolls back the new version if any CloudWatch alarms are triggered.\n- `ALL_AT_ONCE` - Shifts 100 percent of traffic to the new version immediately. CloudFormation monitors the new version and rolls it back automatically to the previous version if any CloudWatch alarms are triggered.\n- `CANARY` - Shifts traffic in two increments.\n\nIn the first increment, a small percentage of traffic, for example, 10 percent is shifted to the new version. In the second increment, before a specified time interval in seconds gets over, the remaining traffic is shifted to the new version. The shift to the new version for the remaining traffic takes place only if no CloudWatch alarms are triggered during the specified time interval.", + "title": "Type", "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + } + }, + "required": [ + "StateMachineVersionArn", + "Type" + ], + "type": "object" + }, + "AWS::StepFunctions::StateMachineAlias.RoutingConfigurationVersion": { + "additionalProperties": false, + "properties": { + "StateMachineVersionArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that identifies one or two state machine versions defined in the routing configuration.\n\nIf you specify the ARN of a second version, it must belong to the same state machine as the first version.", + "title": "StateMachineVersionArn", "type": "string" + }, + "Weight": { + "markdownDescription": "The percentage of traffic you want to route to the state machine version. The sum of the weights in the routing configuration must be equal to 100.", + "title": "Weight", + "type": "number" } }, "required": [ - "Type", - "Properties" + "StateMachineVersionArn", + "Weight" ], "type": "object" }, - "AWS::ServiceDiscovery::PrivateDnsNamespace": { + "AWS::StepFunctions::StateMachineVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -259255,43 +310109,29 @@ "additionalProperties": false, "properties": { "Description": { - "markdownDescription": "A description for the namespace.", + "markdownDescription": "An optional description of the state machine version.", "title": "Description", "type": "string" }, - "Name": { - "markdownDescription": "The name that you want to assign to this namespace. When you create a private DNS namespace, AWS Cloud Map automatically creates an Amazon Route\u00a053 private hosted zone that has the same name as the namespace.", - "title": "Name", + "StateMachineArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the state machine.", + "title": "StateMachineArn", "type": "string" }, - "Properties": { - "$ref": "#/definitions/AWS::ServiceDiscovery::PrivateDnsNamespace.Properties", - "markdownDescription": "Properties for the private DNS namespace.", - "title": "Properties" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags for the namespace. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.", - "title": "Tags", - "type": "array" - }, - "Vpc": { - "markdownDescription": "The ID of the Amazon VPC that you want to associate the namespace with.", - "title": "Vpc", + "StateMachineRevisionId": { + "markdownDescription": "Identifier for a state machine revision, which is an immutable, read-only snapshot of a state machine\u2019s definition and configuration.\n\nOnly publish the state machine version if the current state machine's revision ID matches the specified ID. Use this option to avoid publishing a version if the state machine has changed since you last updated it.\n\nTo specify the initial state machine revision, set the value as `INITIAL` .", + "title": "StateMachineRevisionId", "type": "string" } }, "required": [ - "Name", - "Vpc" + "StateMachineArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceDiscovery::PrivateDnsNamespace" + "AWS::StepFunctions::StateMachineVersion" ], "type": "string" }, @@ -259310,40 +310150,7 @@ ], "type": "object" }, - "AWS::ServiceDiscovery::PrivateDnsNamespace.PrivateDnsPropertiesMutable": { - "additionalProperties": false, - "properties": { - "SOA": { - "$ref": "#/definitions/AWS::ServiceDiscovery::PrivateDnsNamespace.SOA", - "markdownDescription": "Fields for the Start of Authority (SOA) record for the hosted zone for the private DNS namespace.", - "title": "SOA" - } - }, - "type": "object" - }, - "AWS::ServiceDiscovery::PrivateDnsNamespace.Properties": { - "additionalProperties": false, - "properties": { - "DnsProperties": { - "$ref": "#/definitions/AWS::ServiceDiscovery::PrivateDnsNamespace.PrivateDnsPropertiesMutable", - "markdownDescription": "DNS properties for the private DNS namespace.", - "title": "DnsProperties" - } - }, - "type": "object" - }, - "AWS::ServiceDiscovery::PrivateDnsNamespace.SOA": { - "additionalProperties": false, - "properties": { - "TTL": { - "markdownDescription": "The time to live (TTL) for purposes of negative caching.", - "title": "TTL", - "type": "number" - } - }, - "type": "object" - }, - "AWS::ServiceDiscovery::PublicDnsNamespace": { + "AWS::SupportApp::AccountAlias": { "additionalProperties": false, "properties": { "Condition": { @@ -259378,38 +310185,20 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description for the namespace.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The name that you want to assign to this namespace.\n\n> Do not include sensitive information in the name. The name is publicly available using DNS queries.", - "title": "Name", + "AccountAlias": { + "markdownDescription": "An alias or short name for an AWS account .", + "title": "AccountAlias", "type": "string" - }, - "Properties": { - "$ref": "#/definitions/AWS::ServiceDiscovery::PublicDnsNamespace.Properties", - "markdownDescription": "Properties for the public DNS namespace.", - "title": "Properties" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags for the namespace. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.", - "title": "Tags", - "type": "array" } }, "required": [ - "Name" + "AccountAlias" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceDiscovery::PublicDnsNamespace" + "AWS::SupportApp::AccountAlias" ], "type": "string" }, @@ -259428,40 +310217,7 @@ ], "type": "object" }, - "AWS::ServiceDiscovery::PublicDnsNamespace.Properties": { - "additionalProperties": false, - "properties": { - "DnsProperties": { - "$ref": "#/definitions/AWS::ServiceDiscovery::PublicDnsNamespace.PublicDnsPropertiesMutable", - "markdownDescription": "DNS properties for the public DNS namespace.", - "title": "DnsProperties" - } - }, - "type": "object" - }, - "AWS::ServiceDiscovery::PublicDnsNamespace.PublicDnsPropertiesMutable": { - "additionalProperties": false, - "properties": { - "SOA": { - "$ref": "#/definitions/AWS::ServiceDiscovery::PublicDnsNamespace.SOA", - "markdownDescription": "Start of Authority (SOA) record for the hosted zone for the public DNS namespace.", - "title": "SOA" - } - }, - "type": "object" - }, - "AWS::ServiceDiscovery::PublicDnsNamespace.SOA": { - "additionalProperties": false, - "properties": { - "TTL": { - "markdownDescription": "The time to live (TTL) for purposes of negative caching.", - "title": "TTL", - "type": "number" - } - }, - "type": "object" - }, - "AWS::ServiceDiscovery::Service": { + "AWS::SupportApp::SlackChannelConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -259496,55 +310252,58 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the service.", - "title": "Description", + "ChannelId": { + "markdownDescription": "The channel ID in Slack. This ID identifies a channel within a Slack workspace.", + "title": "ChannelId", "type": "string" }, - "DnsConfig": { - "$ref": "#/definitions/AWS::ServiceDiscovery::Service.DnsConfig", - "markdownDescription": "A complex type that contains information about the Route\u00a053 DNS records that you want AWS Cloud Map to create when you register an instance.\n\n> The record types of a service can only be changed by deleting the service and recreating it with a new `Dnsconfig` .", - "title": "DnsConfig" + "ChannelName": { + "markdownDescription": "The channel name in Slack. This is the channel where you invite the AWS Support App .", + "title": "ChannelName", + "type": "string" }, - "HealthCheckConfig": { - "$ref": "#/definitions/AWS::ServiceDiscovery::Service.HealthCheckConfig", - "markdownDescription": "*Public DNS and HTTP namespaces only.* A complex type that contains settings for an optional health check. If you specify settings for a health check, AWS Cloud Map associates the health check with the records that you specify in `DnsConfig` .\n\nFor information about the charges for health checks, see [Amazon Route\u00a053 Pricing](https://docs.aws.amazon.com/route53/pricing/) .", - "title": "HealthCheckConfig" + "ChannelRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role for this Slack channel configuration. The App uses this role to perform and Service Quotas actions on your behalf.", + "title": "ChannelRoleArn", + "type": "string" }, - "HealthCheckCustomConfig": { - "$ref": "#/definitions/AWS::ServiceDiscovery::Service.HealthCheckCustomConfig", - "markdownDescription": "A complex type that contains information about an optional custom health check.\n\n> If you specify a health check configuration, you can specify either `HealthCheckCustomConfig` or `HealthCheckConfig` but not both.", - "title": "HealthCheckCustomConfig" + "NotifyOnAddCorrespondenceToCase": { + "markdownDescription": "Whether to get notified when a correspondence is added to your support cases.", + "title": "NotifyOnAddCorrespondenceToCase", + "type": "boolean" }, - "Name": { - "markdownDescription": "The name of the service.", - "title": "Name", + "NotifyOnCaseSeverity": { + "markdownDescription": "The case severity for your support cases that you want to receive notifications. You can specify `none` , `all` , or `high` .", + "title": "NotifyOnCaseSeverity", "type": "string" }, - "NamespaceId": { - "markdownDescription": "The ID of the namespace that was used to create the service.\n\n> You must specify a value for `NamespaceId` either for the service properties or for [DnsConfig](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-servicediscovery-service-dnsconfig.html) . Don't specify a value in both places.", - "title": "NamespaceId", - "type": "string" + "NotifyOnCreateOrReopenCase": { + "markdownDescription": "Whether to get notified when your support cases are created or reopened", + "title": "NotifyOnCreateOrReopenCase", + "type": "boolean" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags for the service. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.", - "title": "Tags", - "type": "array" + "NotifyOnResolveCase": { + "markdownDescription": "Whether to get notified when your support cases are resolved.", + "title": "NotifyOnResolveCase", + "type": "boolean" }, - "Type": { - "markdownDescription": "If present, specifies that the service instances are only discoverable using the `DiscoverInstances` API operation. No DNS records is registered for the service instances. The only valid value is `HTTP` .", - "title": "Type", + "TeamId": { + "markdownDescription": "The team ID in Slack. This ID uniquely identifies a Slack workspace.", + "title": "TeamId", "type": "string" } }, + "required": [ + "ChannelId", + "ChannelRoleArn", + "NotifyOnCaseSeverity", + "TeamId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceDiscovery::Service" + "AWS::SupportApp::SlackChannelConfiguration" ], "type": "string" }, @@ -259558,93 +310317,12 @@ } }, "required": [ - "Type" - ], - "type": "object" - }, - "AWS::ServiceDiscovery::Service.DnsConfig": { - "additionalProperties": false, - "properties": { - "DnsRecords": { - "items": { - "$ref": "#/definitions/AWS::ServiceDiscovery::Service.DnsRecord" - }, - "markdownDescription": "An array that contains one `DnsRecord` object for each Route\u00a053 DNS record that you want AWS Cloud Map to create when you register an instance.\n\n> The record type of a service can't be updated directly and can only be changed by deleting the service and recreating it with a new `DnsConfig` .", - "title": "DnsRecords", - "type": "array" - }, - "NamespaceId": { - "markdownDescription": "The ID of the namespace to use for DNS configuration.\n\n> You must specify a value for `NamespaceId` either for `DnsConfig` or for the [service properties](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicediscovery-service.html) . Don't specify a value in both places.", - "title": "NamespaceId", - "type": "string" - }, - "RoutingPolicy": { - "markdownDescription": "The routing policy that you want to apply to all Route\u00a053 DNS records that AWS Cloud Map creates when you register an instance and specify this service.\n\n> If you want to use this service to register instances that create alias records, specify `WEIGHTED` for the routing policy. \n\nYou can specify the following values:\n\n- **MULTIVALUE** - If you define a health check for the service and the health check is healthy, Route\u00a053 returns the applicable value for up to eight instances.\n\nFor example, suppose that the service includes configurations for one `A` record and a health check. You use the service to register 10 instances. Route\u00a053 responds to DNS queries with IP addresses for up to eight healthy instances. If fewer than eight instances are healthy, Route\u00a053 responds to every DNS query with the IP addresses for all of the healthy instances.\n\nIf you don't define a health check for the service, Route\u00a053 assumes that all instances are healthy and returns the values for up to eight instances.\n\nFor more information about the multivalue routing policy, see [Multivalue Answer Routing](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html#routing-policy-multivalue) in the *Route\u00a053 Developer Guide* .\n- **WEIGHTED** - Route\u00a053 returns the applicable value from one randomly selected instance from among the instances that you registered using the same service. Currently, all records have the same weight, so you can't route more or less traffic to any instances.\n\nFor example, suppose that the service includes configurations for one `A` record and a health check. You use the service to register 10 instances. Route\u00a053 responds to DNS queries with the IP address for one randomly selected instance from among the healthy instances. If no instances are healthy, Route\u00a053 responds to DNS queries as if all of the instances were healthy.\n\nIf you don't define a health check for the service, Route\u00a053 assumes that all instances are healthy and returns the applicable value for one randomly selected instance.\n\nFor more information about the weighted routing policy, see [Weighted Routing](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html#routing-policy-weighted) in the *Route\u00a053 Developer Guide* .", - "title": "RoutingPolicy", - "type": "string" - } - }, - "required": [ - "DnsRecords" - ], - "type": "object" - }, - "AWS::ServiceDiscovery::Service.DnsRecord": { - "additionalProperties": false, - "properties": { - "TTL": { - "markdownDescription": "The amount of time, in seconds, that you want DNS resolvers to cache the settings for this record.\n\n> Alias records don't include a TTL because Route\u00a053 uses the TTL for the AWS resource that an alias record routes traffic to. If you include the `AWS_ALIAS_DNS_NAME` attribute when you submit a [RegisterInstance](https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html) request, the `TTL` value is ignored. Always specify a TTL for the service; you can use a service to register instances that create either alias or non-alias records.", - "title": "TTL", - "type": "number" - }, - "Type": { - "markdownDescription": "The type of the resource, which indicates the type of value that Route 53 returns in response to DNS queries. You can specify values for `Type` in the following combinations:\n\n- `A`\n- `AAAA`\n- `A` and `AAAA`\n- `SRV`\n- `CNAME`\n\nIf you want AWS Cloud Map to create a Route 53 alias record when you register an instance, specify `A` or `AAAA` for `Type` .\n\nYou specify other settings, such as the IP address for `A` and `AAAA` records, when you register an instance. For more information, see [RegisterInstance](https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html) .\n\nThe following values are supported:\n\n- **A** - Route 53 returns the IP address of the resource in IPv4 format, such as 192.0.2.44.\n- **AAAA** - Route 53 returns the IP address of the resource in IPv6 format, such as 2001:0db8:85a3:0000:0000:abcd:0001:2345.\n- **CNAME** - Route 53 returns the domain name of the resource, such as www.example.com. Note the following:\n\n- You specify the domain name that you want to route traffic to when you register an instance. For more information, see [Attributes](https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html#cloudmap-RegisterInstance-request-Attributes) in the topic [RegisterInstance](https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html) .\n- You must specify `WEIGHTED` for the value of `RoutingPolicy` .\n- You can't specify both `CNAME` for `Type` and settings for `HealthCheckConfig` . If you do, the request will fail with an `InvalidInput` error.\n- **SRV** - Route 53 returns the value for an `SRV` record. The value for an `SRV` record uses the following values:\n\n`priority weight port service-hostname`\n\nNote the following about the values:\n\n- The values of `priority` and `weight` are both set to `1` and can't be changed.\n- The value of `port` comes from the value that you specify for the `AWS_INSTANCE_PORT` attribute when you submit a [RegisterInstance](https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html) request.\n- The value of `service-hostname` is a concatenation of the following values:\n\n- The value that you specify for `InstanceId` when you register an instance.\n- The name of the service.\n- The name of the namespace.\n\nFor example, if the value of `InstanceId` is `test` , the name of the service is `backend` , and the name of the namespace is `example.com` , the value of `service-hostname` is:\n\n`test.backend.example.com`\n\nIf you specify settings for an `SRV` record and if you specify values for `AWS_INSTANCE_IPV4` , `AWS_INSTANCE_IPV6` , or both in the `RegisterInstance` request, AWS Cloud Map automatically creates `A` and/or `AAAA` records that have the same name as the value of `service-hostname` in the `SRV` record. You can ignore these records.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "TTL", - "Type" - ], - "type": "object" - }, - "AWS::ServiceDiscovery::Service.HealthCheckConfig": { - "additionalProperties": false, - "properties": { - "FailureThreshold": { - "markdownDescription": "The number of consecutive health checks that an endpoint must pass or fail for Route\u00a053 to change the current status of the endpoint from unhealthy to healthy or the other way around. For more information, see [How Route\u00a053 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html) in the *Route\u00a053 Developer Guide* .", - "title": "FailureThreshold", - "type": "number" - }, - "ResourcePath": { - "markdownDescription": "The path that you want Route\u00a053 to request when performing health checks. The path can be any value that your endpoint returns an HTTP status code of a 2xx or 3xx format for when the endpoint is healthy. An example file is `/docs/route53-health-check.html` . Route\u00a053 automatically adds the DNS name for the service. If you don't specify a value for `ResourcePath` , the default value is `/` .\n\nIf you specify `TCP` for `Type` , you must *not* specify a value for `ResourcePath` .", - "title": "ResourcePath", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of health check that you want to create, which indicates how Route\u00a053 determines whether an endpoint is healthy.\n\n> You can't change the value of `Type` after you create a health check. \n\nYou can create the following types of health checks:\n\n- *HTTP* : Route\u00a053 tries to establish a TCP connection. If successful, Route\u00a053 submits an HTTP request and waits for an HTTP status code of 200 or greater and less than 400.\n- *HTTPS* : Route\u00a053 tries to establish a TCP connection. If successful, Route\u00a053 submits an HTTPS request and waits for an HTTP status code of 200 or greater and less than 400.\n\n> If you specify HTTPS for the value of `Type` , the endpoint must support TLS v1.0 or later.\n- *TCP* : Route\u00a053 tries to establish a TCP connection.\n\nIf you specify `TCP` for `Type` , don't specify a value for `ResourcePath` .\n\nFor more information, see [How Route\u00a053 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html) in the *Route\u00a053 Developer Guide* .", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::ServiceDiscovery::Service.HealthCheckCustomConfig": { - "additionalProperties": false, - "properties": { - "FailureThreshold": { - "markdownDescription": "> This parameter is no longer supported and is always set to 1. AWS Cloud Map waits for approximately 30 seconds after receiving an `UpdateInstanceCustomHealthStatus` request before changing the status of the service instance. \n\nThe number of 30-second intervals that you want AWS Cloud Map to wait after receiving an `UpdateInstanceCustomHealthStatus` request before it changes the health status of a service instance.\n\nSending a second or subsequent `UpdateInstanceCustomHealthStatus` request with the same value before 30 seconds has passed doesn't accelerate the change. AWS Cloud Map still waits `30` seconds after the first request to make the change.", - "title": "FailureThreshold", - "type": "number" - } - }, - "type": "object" - }, - "AWS::Shield::DRTAccess": { + "AWS::SupportApp::SlackWorkspaceConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -259679,28 +310357,25 @@ "Properties": { "additionalProperties": false, "properties": { - "LogBucketList": { - "items": { - "type": "string" - }, - "markdownDescription": "Authorizes the Shield Response Team (SRT) to access the specified Amazon S3 bucket containing log data such as Application Load Balancer access logs, CloudFront logs, or logs from third party sources. You can associate up to 10 Amazon S3 buckets with your subscription.\n\nUse this to share information with the SRT that's not available in AWS WAF logs.\n\nTo use the services of the SRT, you must be subscribed to the [Business Support plan](https://docs.aws.amazon.com/premiumsupport/business-support/) or the [Enterprise Support plan](https://docs.aws.amazon.com/premiumsupport/enterprise-support/) .", - "title": "LogBucketList", - "type": "array" + "TeamId": { + "markdownDescription": "The team ID in Slack. This ID uniquely identifies a Slack workspace, such as `T012ABCDEFG` .", + "title": "TeamId", + "type": "string" }, - "RoleArn": { - "markdownDescription": "Authorizes the Shield Response Team (SRT) using the specified role, to access your AWS account to assist with DDoS attack mitigation during potential attacks. This enables the SRT to inspect your AWS WAF configuration and logs and to create or update AWS WAF rules and web ACLs.\n\nYou can associate only one `RoleArn` with your subscription. If you submit this update for an account that already has an associated role, the new `RoleArn` will replace the existing `RoleArn` .\n\nThis change requires the following:\n\n- You must be subscribed to the [Business Support plan](https://docs.aws.amazon.com/premiumsupport/business-support/) or the [Enterprise Support plan](https://docs.aws.amazon.com/premiumsupport/enterprise-support/) .\n- The `AWSShieldDRTAccessPolicy` managed policy must be attached to the role that you specify in the request. You can access this policy in the IAM console at [AWSShieldDRTAccessPolicy](https://docs.aws.amazon.com/iam/home?#/policies/arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy) . For information, see [Adding and removing IAM identity permissions](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_manage-attach-detach.html) .\n- The role must trust the service principal `drt.shield.amazonaws.com` . For information, see [IAM JSON policy elements: Principal](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_principal.html) .\n\nThe SRT will have access only to your AWS WAF and Shield resources. By submitting this request, you provide permissions to the SRT to inspect your AWS WAF and Shield configuration and logs, and to create and update AWS WAF rules and web ACLs on your behalf. The SRT takes these actions only if explicitly authorized by you.", - "title": "RoleArn", + "VersionId": { + "markdownDescription": "An identifier used to update an existing Slack workspace configuration in AWS CloudFormation , such as `100` .", + "title": "VersionId", "type": "string" } }, "required": [ - "RoleArn" + "TeamId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Shield::DRTAccess" + "AWS::SupportApp::SlackWorkspaceConfiguration" ], "type": "string" }, @@ -259719,7 +310394,7 @@ ], "type": "object" }, - "AWS::Shield::ProactiveEngagement": { + "AWS::Synthetics::Canary": { "additionalProperties": false, "properties": { "Condition": { @@ -259754,29 +310429,111 @@ "Properties": { "additionalProperties": false, "properties": { - "EmergencyContactList": { + "ArtifactConfig": { + "$ref": "#/definitions/AWS::Synthetics::Canary.ArtifactConfig", + "markdownDescription": "A structure that contains the configuration for canary artifacts, including the encryption-at-rest settings for artifacts that the canary uploads to Amazon S3.", + "title": "ArtifactConfig" + }, + "ArtifactS3Location": { + "markdownDescription": "The location in Amazon S3 where Synthetics stores artifacts from the runs of this canary. Artifacts include the log file, screenshots, and HAR files. Specify the full location path, including `s3://` at the beginning of the path.", + "title": "ArtifactS3Location", + "type": "string" + }, + "Code": { + "$ref": "#/definitions/AWS::Synthetics::Canary.Code", + "markdownDescription": "Use this structure to input your script code for the canary. This structure contains the Lambda handler with the location where the canary should start running the script. If the script is stored in an S3 bucket, the bucket name, key, and version are also included. If the script is passed into the canary directly, the script code is contained in the value of `Script` .", + "title": "Code" + }, + "DryRunAndUpdate": { + "markdownDescription": "Specifies whether to perform a dry run before updating the canary. If set to `true` , CloudFormation will execute a dry run to validate the changes before applying them to the canary. If the dry run succeeds, the canary will be updated with the changes. If the dry run fails, the CloudFormation deployment will fail with the dry run\u2019s failure reason.\n\nIf set to `false` or omitted, the canary will be updated directly without first performing a dry run. The default value is `false` .\n\nFor more information, see [Performing safe canary updates](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/performing-safe-canary-upgrades.html) .", + "title": "DryRunAndUpdate", + "type": "boolean" + }, + "ExecutionRoleArn": { + "markdownDescription": "The ARN of the IAM role to be used to run the canary. This role must already exist, and must include `lambda.amazonaws.com` as a principal in the trust policy. The role must also have the following permissions:\n\n- `s3:PutObject`\n- `s3:GetBucketLocation`\n- `s3:ListAllMyBuckets`\n- `cloudwatch:PutMetricData`\n- `logs:CreateLogGroup`\n- `logs:CreateLogStream`\n- `logs:PutLogEvents`", + "title": "ExecutionRoleArn", + "type": "string" + }, + "FailureRetentionPeriod": { + "markdownDescription": "The number of days to retain data about failed runs of this canary. If you omit this field, the default of 31 days is used. The valid range is 1 to 455 days.\n\nThis setting affects the range of information returned by [GetCanaryRuns](https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_GetCanaryRuns.html) , as well as the range of information displayed in the Synthetics console.", + "title": "FailureRetentionPeriod", + "type": "number" + }, + "Name": { + "markdownDescription": "The name for this canary. Be sure to give it a descriptive name that distinguishes it from other canaries in your account.\n\nDo not include secrets or proprietary information in your canary names. The canary name makes up part of the canary ARN, and the ARN is included in outbound calls over the internet. For more information, see [Security Considerations for Synthetics Canaries](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/servicelens_canaries_security.html) .", + "title": "Name", + "type": "string" + }, + "ProvisionedResourceCleanup": { + "markdownDescription": "Specifies whether to also delete the Lambda functions and layers used by this canary when the canary is deleted. If it is `AUTOMATIC` , the Lambda functions and layers will be deleted when the canary is deleted.\n\nIf the value of this parameter is `OFF` , then the value of the `DeleteLambda` parameter of the [DeleteCanary](https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_DeleteCanary.html) operation determines whether the Lambda functions and layers will be deleted.", + "title": "ProvisionedResourceCleanup", + "type": "string" + }, + "ResourcesToReplicateTags": { "items": { - "$ref": "#/definitions/AWS::Shield::ProactiveEngagement.EmergencyContact" + "type": "string" }, - "markdownDescription": "The list of email addresses and phone numbers that the Shield Response Team (SRT) can use to contact you for escalations to the SRT and to initiate proactive customer support, plus any relevant notes.\n\nTo enable proactive engagement, the contact list must include at least one phone number.\n\nIf you provide more than one contact, in the notes, indicate the circumstances under which each contact should be used. Include primary and secondary contact designations, and provide the hours of availability and time zones for each contact.\n\nExample contact notes:\n\n- This is a hotline that's staffed 24x7x365. Please work with the responding analyst and they will get the appropriate person on the call.\n- Please contact the secondary phone number if the hotline doesn't respond within 5 minutes.", - "title": "EmergencyContactList", + "markdownDescription": "To have the tags that you apply to this canary also be applied to the Lambda function that the canary uses, specify this property with the value `lambda-function` . If you do this, CloudWatch Synthetics will keep the tags of the canary and the Lambda function synchronized. Any future changes you make to the canary's tags will also be applied to the function.", + "title": "ResourcesToReplicateTags", "type": "array" }, - "ProactiveEngagementStatus": { - "markdownDescription": "Specifies whether proactive engagement is enabled or disabled.\n\nValid values:\n\n`ENABLED` - The Shield Response Team (SRT) will use email and phone to notify contacts about escalations to the SRT and to initiate proactive customer support.\n\n`DISABLED` - The SRT will not proactively notify contacts about escalations or to initiate proactive customer support.", - "title": "ProactiveEngagementStatus", + "RunConfig": { + "$ref": "#/definitions/AWS::Synthetics::Canary.RunConfig", + "markdownDescription": "A structure that contains input information for a canary run. If you omit this structure, the frequency of the canary is used as canary's timeout value, up to a maximum of 900 seconds.", + "title": "RunConfig" + }, + "RuntimeVersion": { + "markdownDescription": "Specifies the runtime version to use for the canary. For more information about runtime versions, see [Canary Runtime Versions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_Library.html) .", + "title": "RuntimeVersion", "type": "string" + }, + "Schedule": { + "$ref": "#/definitions/AWS::Synthetics::Canary.Schedule", + "markdownDescription": "A structure that contains information about how often the canary is to run, and when these runs are to stop.", + "title": "Schedule" + }, + "StartCanaryAfterCreation": { + "markdownDescription": "Specify TRUE to have the canary start making runs immediately after it is created.\n\nA canary that you create using CloudFormation can't be used to monitor the CloudFormation stack that creates the canary or to roll back that stack if there is a failure.", + "title": "StartCanaryAfterCreation", + "type": "boolean" + }, + "SuccessRetentionPeriod": { + "markdownDescription": "The number of days to retain data about successful runs of this canary. If you omit this field, the default of 31 days is used. The valid range is 1 to 455 days.\n\nThis setting affects the range of information returned by [GetCanaryRuns](https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_GetCanaryRuns.html) , as well as the range of information displayed in the Synthetics console.", + "title": "SuccessRetentionPeriod", + "type": "number" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of key-value pairs that are associated with the canary.", + "title": "Tags", + "type": "array" + }, + "VPCConfig": { + "$ref": "#/definitions/AWS::Synthetics::Canary.VPCConfig", + "markdownDescription": "If this canary is to test an endpoint in a VPC, this structure contains information about the subnet and security groups of the VPC endpoint. For more information, see [Running a Canary in a VPC](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_VPC.html) .", + "title": "VPCConfig" + }, + "VisualReference": { + "$ref": "#/definitions/AWS::Synthetics::Canary.VisualReference", + "markdownDescription": "If this canary performs visual monitoring by comparing screenshots, this structure contains the ID of the canary run to use as the baseline for screenshots, and the coordinates of any parts of the screen to ignore during the visual monitoring comparison.", + "title": "VisualReference" } }, "required": [ - "EmergencyContactList", - "ProactiveEngagementStatus" + "ArtifactS3Location", + "Code", + "ExecutionRoleArn", + "Name", + "RuntimeVersion", + "Schedule" ], "type": "object" }, "Type": { "enum": [ - "AWS::Shield::ProactiveEngagement" + "AWS::Synthetics::Canary" ], "type": "string" }, @@ -259795,161 +310552,228 @@ ], "type": "object" }, - "AWS::Shield::ProactiveEngagement.EmergencyContact": { + "AWS::Synthetics::Canary.ArtifactConfig": { "additionalProperties": false, "properties": { - "ContactNotes": { - "markdownDescription": "Additional notes regarding the contact.", - "title": "ContactNotes", - "type": "string" - }, - "EmailAddress": { - "markdownDescription": "The email address for the contact.", - "title": "EmailAddress", - "type": "string" + "S3Encryption": { + "$ref": "#/definitions/AWS::Synthetics::Canary.S3Encryption", + "markdownDescription": "A structure that contains the configuration of the encryption-at-rest settings for artifacts that the canary uploads to Amazon S3 . Artifact encryption functionality is available only for canaries that use Synthetics runtime version syn-nodejs-puppeteer-3.3 or later. For more information, see [Encrypting canary artifacts](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_artifact_encryption.html) .", + "title": "S3Encryption" + } + }, + "type": "object" + }, + "AWS::Synthetics::Canary.BaseScreenshot": { + "additionalProperties": false, + "properties": { + "IgnoreCoordinates": { + "items": { + "type": "string" + }, + "markdownDescription": "Coordinates that define the part of a screen to ignore during screenshot comparisons. To obtain the coordinates to use here, use the CloudWatch console to draw the boundaries on the screen. For more information, see [Edit or delete a canary](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/synthetics_canaries_deletion.html) .", + "title": "IgnoreCoordinates", + "type": "array" }, - "PhoneNumber": { - "markdownDescription": "The phone number for the contact.", - "title": "PhoneNumber", + "ScreenshotName": { + "markdownDescription": "The name of the screenshot. This is generated the first time the canary is run after the `UpdateCanary` operation that specified for this canary to perform visual monitoring.", + "title": "ScreenshotName", "type": "string" } }, "required": [ - "EmailAddress" + "ScreenshotName" ], "type": "object" }, - "AWS::Shield::Protection": { + "AWS::Synthetics::Canary.Code": { "additionalProperties": false, "properties": { - "Condition": { + "Handler": { + "markdownDescription": "The entry point to use for the source code when running the canary. For canaries that use the `syn-python-selenium-1.0` runtime or a `syn-nodejs.puppeteer` runtime earlier than `syn-nodejs.puppeteer-3.4` , the handler must be specified as `*fileName* .handler` . For `syn-python-selenium-1.1` , `syn-nodejs.puppeteer-3.4` , and later runtimes, the handler can be specified as `*fileName* . *functionName*` , or you can specify a folder where canary scripts reside as `*folder* / *fileName* . *functionName*` .", + "title": "Handler", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "S3Bucket": { + "markdownDescription": "If your canary script is located in S3, specify the bucket name here. The bucket must already exist.", + "title": "S3Bucket", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "S3Key": { + "markdownDescription": "The Amazon S3 key of your script. For more information, see [Working with Amazon S3 Objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingObjects.html) .", + "title": "S3Key", + "type": "string" }, - "Metadata": { - "type": "object" + "S3ObjectVersion": { + "markdownDescription": "The Amazon S3 version ID of your script.", + "title": "S3ObjectVersion", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ApplicationLayerAutomaticResponseConfiguration": { - "$ref": "#/definitions/AWS::Shield::Protection.ApplicationLayerAutomaticResponseConfiguration", - "markdownDescription": "The automatic application layer DDoS mitigation settings for the protection. This configuration determines whether Shield Advanced automatically manages rules in the web ACL in order to respond to application layer events that Shield Advanced determines to be DDoS attacks.\n\nIf you use AWS CloudFormation to manage the web ACLs that you use with Shield Advanced automatic mitigation, see the additional guidance about web ACL management in the `AWS::WAFv2::WebACL` resource description.", - "title": "ApplicationLayerAutomaticResponseConfiguration" - }, - "HealthCheckArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The ARN (Amazon Resource Name) of the health check to associate with the protection. Health-based detection provides improved responsiveness and accuracy in attack detection and mitigation.\n\nYou can use this option with any resource type except for Route\u00a053 hosted zones.\n\nFor more information, see [Configuring health-based detection using health checks](https://docs.aws.amazon.com/waf/latest/developerguide/ddos-advanced-health-checks.html) in the *AWS Shield Advanced Developer Guide* .", - "title": "HealthCheckArns", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the protection. For example, `My CloudFront distributions` .\n\n> If you change the name of an existing protection, Shield Advanced deletes the protection and replaces it with a new one. While this is happening, the protection isn't available on the AWS resource.", - "title": "Name", - "type": "string" - }, - "ResourceArn": { - "markdownDescription": "The ARN (Amazon Resource Name) of the AWS resource that is protected.", - "title": "ResourceArn", + "Script": { + "markdownDescription": "If you input your canary script directly into the canary instead of referring to an S3 location, the value of this parameter is the script in plain text. It can be up to 5 MB.", + "title": "Script", + "type": "string" + }, + "SourceLocationArn": { + "markdownDescription": "The ARN of the Lambda layer where Synthetics stores the canary script code.", + "title": "SourceLocationArn", + "type": "string" + } + }, + "required": [ + "Handler" + ], + "type": "object" + }, + "AWS::Synthetics::Canary.RetryConfig": { + "additionalProperties": false, + "properties": { + "MaxRetries": { + "markdownDescription": "The maximum number of retries. The value must be less than or equal to two.", + "title": "MaxRetries", + "type": "number" + } + }, + "required": [ + "MaxRetries" + ], + "type": "object" + }, + "AWS::Synthetics::Canary.RunConfig": { + "additionalProperties": false, + "properties": { + "ActiveTracing": { + "markdownDescription": "Specifies whether this canary is to use active AWS X-Ray tracing when it runs. Active tracing enables this canary run to be displayed in the ServiceLens and X-Ray service maps even if the canary does not hit an endpoint that has X-Ray tracing enabled. Using X-Ray tracing incurs charges. For more information, see [Canaries and X-Ray tracing](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_tracing.html) .\n\nYou can enable active tracing only for canaries that use version `syn-nodejs-2.0` or later for their canary runtime.", + "title": "ActiveTracing", + "type": "boolean" + }, + "EnvironmentVariables": { + "additionalProperties": true, + "markdownDescription": "Specifies the keys and values to use for any environment variables used in the canary script. Use the following format:\n\n{ \"key1\" : \"value1\", \"key2\" : \"value2\", ...}\n\nKeys must start with a letter and be at least two characters. The total size of your environment variables cannot exceed 4 KB. You can't specify any Lambda reserved environment variables as the keys for your environment variables. For more information about reserved keys, see [Runtime environment variables](https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html#configuration-envvars-runtime) .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.", - "title": "Tags", - "type": "array" } }, - "required": [ - "Name", - "ResourceArn" - ], + "title": "EnvironmentVariables", "type": "object" }, - "Type": { - "enum": [ - "AWS::Shield::Protection" - ], + "EphemeralStorage": { + "markdownDescription": "Specifies the amount of ephemeral storage (in MB) to allocate for the canary run during execution. This temporary storage is used for storing canary run artifacts (which are uploaded to an Amazon S3 bucket at the end of the run), and any canary browser operations. This temporary storage is cleared after the run is completed. Default storage value is 1024 MB.", + "title": "EphemeralStorage", + "type": "number" + }, + "MemoryInMB": { + "markdownDescription": "The maximum amount of memory that the canary can use while running. This value must be a multiple of 64. The range is 960 to 3008.", + "title": "MemoryInMB", + "type": "number" + }, + "TimeoutInSeconds": { + "markdownDescription": "How long the canary is allowed to run before it must stop. You can't set this time to be longer than the frequency of the runs of this canary.\n\nIf you omit this field, the frequency of the canary is used as this value, up to a maximum of 900 seconds.", + "title": "TimeoutInSeconds", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Synthetics::Canary.S3Encryption": { + "additionalProperties": false, + "properties": { + "EncryptionMode": { + "markdownDescription": "The encryption method to use for artifacts created by this canary. Specify `SSE_S3` to use server-side encryption (SSE) with an Amazon S3-managed key. Specify `SSE-KMS` to use server-side encryption with a customer-managed AWS KMS key.\n\nIf you omit this parameter, an AWS -managed AWS KMS key is used.", + "title": "EncryptionMode", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "KmsKeyArn": { + "markdownDescription": "The ARN of the customer-managed AWS KMS key to use, if you specify `SSE-KMS` for `EncryptionMode`", + "title": "KmsKeyArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Synthetics::Canary.Schedule": { + "additionalProperties": false, + "properties": { + "DurationInSeconds": { + "markdownDescription": "How long, in seconds, for the canary to continue making regular runs according to the schedule in the `Expression` value. If you specify 0, the canary continues making runs until you stop it. If you omit this field, the default of 0 is used.", + "title": "DurationInSeconds", + "type": "string" + }, + "Expression": { + "markdownDescription": "A `rate` expression or a `cron` expression that defines how often the canary is to run.\n\nFor a rate expression, The syntax is `rate( *number unit* )` . *unit* can be `minute` , `minutes` , or `hour` .\n\nFor example, `rate(1 minute)` runs the canary once a minute, `rate(10 minutes)` runs it once every 10 minutes, and `rate(1 hour)` runs it once every hour. You can specify a frequency between `rate(1 minute)` and `rate(1 hour)` .\n\nSpecifying `rate(0 minute)` or `rate(0 hour)` is a special value that causes the canary to run only once when it is started.\n\nUse `cron( *expression* )` to specify a cron expression. You can't schedule a canary to wait for more than a year before running. For information about the syntax for cron expressions, see [Scheduling canary runs using cron](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_cron.html) .", + "title": "Expression", "type": "string" + }, + "RetryConfig": { + "$ref": "#/definitions/AWS::Synthetics::Canary.RetryConfig", + "markdownDescription": "The canary's retry configuration information.", + "title": "RetryConfig" } }, "required": [ - "Type", - "Properties" + "Expression" ], "type": "object" }, - "AWS::Shield::Protection.Action": { + "AWS::Synthetics::Canary.VPCConfig": { "additionalProperties": false, "properties": { - "Block": { - "markdownDescription": "Specifies that Shield Advanced should configure its AWS WAF rules with the AWS WAF `Block` action.\n\nYou must specify exactly one action, either `Block` or `Count` .\n\nExample JSON: `{ \"Block\": {} }`\n\nExample YAML: `Block: {}`", - "title": "Block", - "type": "object" + "Ipv6AllowedForDualStack": { + "markdownDescription": "Set this to `true` to allow outbound IPv6 traffic on VPC canaries that are connected to dual-stack subnets. The default is `false` .", + "title": "Ipv6AllowedForDualStack", + "type": "boolean" }, - "Count": { - "markdownDescription": "Specifies that Shield Advanced should configure its AWS WAF rules with the AWS WAF `Count` action.\n\nYou must specify exactly one action, either `Block` or `Count` .\n\nExample JSON: `{ \"Count\": {} }`\n\nExample YAML: `Count: {}`", - "title": "Count", - "type": "object" + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the security groups for this canary.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the subnets where this canary is to run.", + "title": "SubnetIds", + "type": "array" + }, + "VpcId": { + "markdownDescription": "The ID of the VPC where this canary is to run.", + "title": "VpcId", + "type": "string" } }, + "required": [ + "SecurityGroupIds", + "SubnetIds" + ], "type": "object" }, - "AWS::Shield::Protection.ApplicationLayerAutomaticResponseConfiguration": { + "AWS::Synthetics::Canary.VisualReference": { "additionalProperties": false, "properties": { - "Action": { - "$ref": "#/definitions/AWS::Shield::Protection.Action", - "markdownDescription": "Specifies the action setting that Shield Advanced should use in the AWS WAF rules that it creates on behalf of the protected resource in response to DDoS attacks. You specify this as part of the configuration for the automatic application layer DDoS mitigation feature, when you enable or update automatic mitigation. Shield Advanced creates the AWS WAF rules in a Shield Advanced-managed rule group, inside the web ACL that you have associated with the resource.", - "title": "Action" - }, - "Status": { - "markdownDescription": "Indicates whether automatic application layer DDoS mitigation is enabled for the protection.", - "title": "Status", + "BaseCanaryRunId": { + "markdownDescription": "Specifies which canary run to use the screenshots from as the baseline for future visual monitoring with this canary. Valid values are `nextrun` to use the screenshots from the next run after this update is made, `lastrun` to use the screenshots from the most recent run before this update was made, or the value of `Id` in the [CanaryRun](https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_CanaryRun.html) from any past run of this canary.", + "title": "BaseCanaryRunId", "type": "string" + }, + "BaseScreenshots": { + "items": { + "$ref": "#/definitions/AWS::Synthetics::Canary.BaseScreenshot" + }, + "markdownDescription": "An array of screenshots that are used as the baseline for comparisons during visual monitoring.", + "title": "BaseScreenshots", + "type": "array" } }, "required": [ - "Action", - "Status" + "BaseCanaryRunId" ], "type": "object" }, - "AWS::Shield::ProtectionGroup": { + "AWS::Synthetics::Group": { "additionalProperties": false, "properties": { "Condition": { @@ -259984,53 +310808,36 @@ "Properties": { "additionalProperties": false, "properties": { - "Aggregation": { - "markdownDescription": "Defines how AWS Shield combines resource data for the group in order to detect, mitigate, and report events.\n\n- `Sum` - Use the total traffic across the group. This is a good choice for most cases. Examples include Elastic IP addresses for EC2 instances that scale manually or automatically.\n- `Mean` - Use the average of the traffic across the group. This is a good choice for resources that share traffic uniformly. Examples include accelerators and load balancers.\n- `Max` - Use the highest traffic from each resource. This is useful for resources that don't share traffic and for resources that share that traffic in a non-uniform way. Examples include Amazon CloudFront distributions and origin resources for CloudFront distributions.", - "title": "Aggregation", + "Name": { + "markdownDescription": "A name for the group. It can include any Unicode characters.\n\nThe names for all groups in your account, across all Regions, must be unique.", + "title": "Name", "type": "string" }, - "Members": { + "ResourceArns": { "items": { "type": "string" }, - "markdownDescription": "The ARNs (Amazon Resource Names) of the resources to include in the protection group. You must set this when you set `Pattern` to `ARBITRARY` and you must not set it for any other `Pattern` setting.", - "title": "Members", + "markdownDescription": "The ARNs of the canaries that you want to associate with this group.", + "title": "ResourceArns", "type": "array" }, - "Pattern": { - "markdownDescription": "The criteria to use to choose the protected resources for inclusion in the group. You can include all resources that have protections, provide a list of resource ARNs (Amazon Resource Names), or include all resources of a specified resource type.", - "title": "Pattern", - "type": "string" - }, - "ProtectionGroupId": { - "markdownDescription": "The name of the protection group. You use this to identify the protection group in lists and to manage the protection group, for example to update, delete, or describe it.", - "title": "ProtectionGroupId", - "type": "string" - }, - "ResourceType": { - "markdownDescription": "The resource type to include in the protection group. All protected resources of this type are included in the protection group. You must set this when you set `Pattern` to `BY_RESOURCE_TYPE` and you must not set it for any other `Pattern` setting.", - "title": "ResourceType", - "type": "string" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.", + "markdownDescription": "The list of key-value pairs that are associated with the group.", "title": "Tags", "type": "array" } }, "required": [ - "Aggregation", - "Pattern", - "ProtectionGroupId" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Shield::ProtectionGroup" + "AWS::Synthetics::Group" ], "type": "string" }, @@ -260049,7 +310856,7 @@ ], "type": "object" }, - "AWS::Signer::ProfilePermission": { + "AWS::SystemsManagerSAP::Application": { "additionalProperties": false, "properties": { "Condition": { @@ -260084,123 +310891,73 @@ "Properties": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The AWS Signer action permitted as part of cross-account permissions.", - "title": "Action", + "ApplicationId": { + "markdownDescription": "The ID of the application.", + "title": "ApplicationId", "type": "string" }, - "Principal": { - "markdownDescription": "The AWS principal receiving cross-account permissions. This may be an IAM role or another AWS account ID.", - "title": "Principal", + "ApplicationType": { + "markdownDescription": "The type of the application.", + "title": "ApplicationType", "type": "string" }, - "ProfileName": { - "markdownDescription": "The human-readable name of the signing profile.", - "title": "ProfileName", - "type": "string" + "ComponentsInfo": { + "items": { + "$ref": "#/definitions/AWS::SystemsManagerSAP::Application.ComponentInfo" + }, + "markdownDescription": "", + "title": "ComponentsInfo", + "type": "array" }, - "ProfileVersion": { - "markdownDescription": "The version of the signing profile.", - "title": "ProfileVersion", - "type": "string" + "Credentials": { + "items": { + "$ref": "#/definitions/AWS::SystemsManagerSAP::Application.Credential" + }, + "markdownDescription": "The credentials of the SAP application.", + "title": "Credentials", + "type": "array" }, - "StatementId": { - "markdownDescription": "A unique identifier for the cross-account permission statement.", - "title": "StatementId", - "type": "string" - } - }, - "required": [ - "Action", - "Principal", - "ProfileName", - "StatementId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Signer::ProfilePermission" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::Signer::SigningProfile": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + "DatabaseArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the database.", + "title": "DatabaseArn", "type": "string" }, - { + "Instances": { "items": { - "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, + "markdownDescription": "The Amazon EC2 instances on which your SAP application is running.", + "title": "Instances", "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "PlatformId": { - "markdownDescription": "The ID of a platform that is available for use by a signing profile.", - "title": "PlatformId", + }, + "SapInstanceNumber": { + "markdownDescription": "The SAP instance number of the application.", + "title": "SapInstanceNumber", "type": "string" }, - "SignatureValidityPeriod": { - "$ref": "#/definitions/AWS::Signer::SigningProfile.SignatureValidityPeriod", - "markdownDescription": "The validity period override for any signature generated using this signing profile. If unspecified, the default is 135 months.", - "title": "SignatureValidityPeriod" + "Sid": { + "markdownDescription": "The System ID of the application.", + "title": "Sid", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tags associated with the signing profile.", + "markdownDescription": "The tags on the application.", "title": "Tags", "type": "array" } }, "required": [ - "PlatformId" + "ApplicationId", + "ApplicationType" ], "type": "object" }, "Type": { "enum": [ - "AWS::Signer::SigningProfile" + "AWS::SystemsManagerSAP::Application" ], "type": "string" }, @@ -260219,23 +310976,49 @@ ], "type": "object" }, - "AWS::Signer::SigningProfile.SignatureValidityPeriod": { + "AWS::SystemsManagerSAP::Application.ComponentInfo": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The time unit for signature validity: DAYS | MONTHS | YEARS.", - "title": "Type", + "ComponentType": { + "markdownDescription": "This string is the type of the component.\n\nAccepted value is `WD` .", + "title": "ComponentType", "type": "string" }, - "Value": { - "markdownDescription": "The numerical value of the time unit for signature validity.", - "title": "Value", - "type": "number" + "Ec2InstanceId": { + "markdownDescription": "This is the Amazon EC2 instance on which your SAP component is running.\n\nAccepted values are alphanumeric.", + "title": "Ec2InstanceId", + "type": "string" + }, + "Sid": { + "markdownDescription": "This string is the SAP System ID of the component.\n\nAccepted values are alphanumeric.", + "title": "Sid", + "type": "string" } }, "type": "object" }, - "AWS::SimSpaceWeaver::Simulation": { + "AWS::SystemsManagerSAP::Application.Credential": { + "additionalProperties": false, + "properties": { + "CredentialType": { + "markdownDescription": "The type of the application credentials.", + "title": "CredentialType", + "type": "string" + }, + "DatabaseName": { + "markdownDescription": "The name of the SAP HANA database.", + "title": "DatabaseName", + "type": "string" + }, + "SecretId": { + "markdownDescription": "The secret ID created in AWS Secrets Manager to store the credentials of the SAP application.", + "title": "SecretId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Timestream::Database": { "additionalProperties": false, "properties": { "Condition": { @@ -260270,41 +311053,30 @@ "Properties": { "additionalProperties": false, "properties": { - "MaximumDuration": { - "markdownDescription": "The maximum running time of the simulation, specified as a number of minutes (m or M), hours (h or H), or days (d or D). The simulation stops when it reaches this limit. The maximum value is `14D` , or its equivalent in the other units. The default value is `14D` . A value equivalent to `0` makes the simulation immediately transition to `STOPPING` as soon as it reaches `STARTED` .", - "title": "MaximumDuration", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the simulation.", - "title": "Name", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management ( IAM ) role that the simulation assumes to perform actions. For more information about ARNs, see [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* . For more information about IAM roles, see [IAM roles](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html) in the *AWS Identity and Access Management User Guide* .", - "title": "RoleArn", + "DatabaseName": { + "markdownDescription": "The name of the Timestream database.\n\n*Length Constraints* : Minimum length of 3 bytes. Maximum length of 256 bytes.", + "title": "DatabaseName", "type": "string" }, - "SchemaS3Location": { - "$ref": "#/definitions/AWS::SimSpaceWeaver::Simulation.S3Location", - "markdownDescription": "The location of the simulation schema in Amazon Simple Storage Service ( Amazon S3 ). For more information about Amazon S3 , see the [*Amazon Simple Storage Service User Guide*](https://docs.aws.amazon.com/AmazonS3/latest/userguide/Welcome.html) .\n\nProvide a `SchemaS3Location` to start your simulation from a schema.\n\nIf you provide a `SchemaS3Location` then you can't provide a `SnapshotS3Location` .", - "title": "SchemaS3Location" + "KmsKeyId": { + "markdownDescription": "The identifier of the AWS KMS key used to encrypt the data stored in the database.", + "title": "KmsKeyId", + "type": "string" }, - "SnapshotS3Location": { - "$ref": "#/definitions/AWS::SimSpaceWeaver::Simulation.S3Location", - "markdownDescription": "The location of the snapshot in Amazon Simple Storage Service ( Amazon S3 ). For more information about Amazon S3 , see the [*Amazon Simple Storage Service User Guide*](https://docs.aws.amazon.com/AmazonS3/latest/userguide/Welcome.html) .\n\nProvide a `SnapshotS3Location` to start your simulation from a snapshot.\n\nIf you provide a `SnapshotS3Location` then you can't provide a `SchemaS3Location` .", - "title": "SnapshotS3Location" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to add to the database.", + "title": "Tags", + "type": "array" } }, - "required": [ - "Name", - "RoleArn" - ], "type": "object" }, "Type": { "enum": [ - "AWS::SimSpaceWeaver::Simulation" + "AWS::Timestream::Database" ], "type": "string" }, @@ -260318,32 +311090,11 @@ } }, "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::SimSpaceWeaver::Simulation.S3Location": { - "additionalProperties": false, - "properties": { - "BucketName": { - "markdownDescription": "The name of an Amazon S3 bucket. For more information about buckets, see [Creating, configuring, and working with Amazon S3 buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/creating-buckets-s3.html) in the *Amazon Simple Storage Service User Guide* .", - "title": "BucketName", - "type": "string" - }, - "ObjectKey": { - "markdownDescription": "The key name of an object in Amazon S3. For more information about Amazon S3 objects and object keys, see [Uploading, downloading, and working with objects in Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/userguide/uploading-downloading-objects.html) in the *Amazon Simple Storage Service User Guide* .", - "title": "ObjectKey", - "type": "string" - } - }, - "required": [ - "BucketName", - "ObjectKey" + "Type" ], "type": "object" }, - "AWS::StepFunctions::Activity": { + "AWS::Timestream::InfluxDBInstance": { "additionalProperties": false, "properties": { "Condition": { @@ -260378,28 +311129,106 @@ "Properties": { "additionalProperties": false, "properties": { + "AllocatedStorage": { + "markdownDescription": "The amount of storage to allocate for your DB storage type in GiB (gibibytes).", + "title": "AllocatedStorage", + "type": "number" + }, + "Bucket": { + "markdownDescription": "The name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization.", + "title": "Bucket", + "type": "string" + }, + "DbInstanceType": { + "markdownDescription": "The Timestream for InfluxDB DB instance type to run on.", + "title": "DbInstanceType", + "type": "string" + }, + "DbParameterGroupIdentifier": { + "markdownDescription": "The name or id of the DB parameter group to assign to your DB instance. DB parameter groups specify how the database is configured. For example, DB parameter groups can specify the limit for query concurrency.", + "title": "DbParameterGroupIdentifier", + "type": "string" + }, + "DbStorageType": { + "markdownDescription": "The Timestream for InfluxDB DB storage type to read and write InfluxDB data.\n\nYou can choose between 3 different types of provisioned Influx IOPS included storage according to your workloads requirements:\n\n- Influx IO Included 3000 IOPS\n- Influx IO Included 12000 IOPS\n- Influx IO Included 16000 IOPS", + "title": "DbStorageType", + "type": "string" + }, + "DeploymentType": { + "markdownDescription": "Specifies whether the Timestream for InfluxDB is deployed as Single-AZ or with a MultiAZ Standby for High availability.", + "title": "DeploymentType", + "type": "string" + }, + "LogDeliveryConfiguration": { + "$ref": "#/definitions/AWS::Timestream::InfluxDBInstance.LogDeliveryConfiguration", + "markdownDescription": "Configuration for sending InfluxDB engine logs to a specified S3 bucket.", + "title": "LogDeliveryConfiguration" + }, "Name": { - "markdownDescription": "The name of the activity.\n\nA name must *not* contain:\n\n- white space\n- brackets `< > { } [ ]`\n- wildcard characters `? *`\n- special characters `\" # % \\ ^ | ~ ` $ & , ; : /`\n- control characters ( `U+0000-001F` , `U+007F-009F` , `U+FFFE-FFFF` )\n- surrogates ( `U+D800-DFFF` )\n- invalid characters ( `U+10FFFF` )\n\nTo enable logging with CloudWatch Logs, the name should only contain 0-9, A-Z, a-z, - and _.", + "markdownDescription": "The name that uniquely identifies the DB instance when interacting with the Amazon Timestream for InfluxDB API and CLI commands. This name will also be a prefix included in the endpoint. DB instance names must be unique per customer and per region.", "title": "Name", "type": "string" }, + "NetworkType": { + "markdownDescription": "", + "title": "NetworkType", + "type": "string" + }, + "Organization": { + "markdownDescription": "The name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users.", + "title": "Organization", + "type": "string" + }, + "Password": { + "markdownDescription": "The password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. These attributes will be stored in a Secret created in Amazon SecretManager in your account.", + "title": "Password", + "type": "string" + }, + "Port": { + "markdownDescription": "", + "title": "Port", + "type": "number" + }, + "PubliclyAccessible": { + "markdownDescription": "Configures the DB instance with a public IP to facilitate access.", + "title": "PubliclyAccessible", + "type": "boolean" + }, "Tags": { "items": { - "$ref": "#/definitions/AWS::StepFunctions::Activity.TagsEntry" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The list of tags to add to a resource.\n\nTags may only contain Unicode letters, digits, white space, or these symbols: `_ . : / = + - @` .", + "markdownDescription": "A list of key-value pairs to associate with the DB instance.", "title": "Tags", "type": "array" + }, + "Username": { + "markdownDescription": "The username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. For example, my-user1. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. These attributes will be stored in a Secret created in Amazon Secrets Manager in your account.", + "title": "Username", + "type": "string" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of VPC security group IDs to associate with the DB instance.", + "title": "VpcSecurityGroupIds", + "type": "array" + }, + "VpcSubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of VPC subnet IDs to associate with the DB instance. Provide at least two VPC subnet IDs in different availability zones when deploying with a Multi-AZ standby.", + "title": "VpcSubnetIds", + "type": "array" } }, - "required": [ - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::StepFunctions::Activity" + "AWS::Timestream::InfluxDBInstance" ], "type": "string" }, @@ -260413,32 +311242,45 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::StepFunctions::Activity.TagsEntry": { + "AWS::Timestream::InfluxDBInstance.LogDeliveryConfiguration": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The `key` for a key-value pair in a tag entry.", - "title": "Key", + "S3Configuration": { + "$ref": "#/definitions/AWS::Timestream::InfluxDBInstance.S3Configuration", + "markdownDescription": "Configuration for S3 bucket log delivery", + "title": "S3Configuration" + } + }, + "required": [ + "S3Configuration" + ], + "type": "object" + }, + "AWS::Timestream::InfluxDBInstance.S3Configuration": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "The bucket name of the customer S3 bucket.", + "title": "BucketName", "type": "string" }, - "Value": { - "markdownDescription": "The `value` for a key-value pair in a tag entry.", - "title": "Value", - "type": "string" + "Enabled": { + "markdownDescription": "Indicates whether log delivery to the S3 bucket is enabled.", + "title": "Enabled", + "type": "boolean" } }, "required": [ - "Key", - "Value" + "BucketName", + "Enabled" ], "type": "object" }, - "AWS::StepFunctions::StateMachine": { + "AWS::Timestream::ScheduledQuery": { "additionalProperties": false, "properties": { "Condition": { @@ -260473,74 +311315,72 @@ "Properties": { "additionalProperties": false, "properties": { - "Definition": { - "markdownDescription": "The Amazon States Language definition of the state machine. The state machine definition must be in JSON or YAML, and the format of the object must match the format of your CloudFormation template file. See [Amazon States Language](https://docs.aws.amazon.com/step-functions/latest/dg/concepts-amazon-states-language.html) .", - "title": "Definition", - "type": "object" + "ClientToken": { + "markdownDescription": "Using a ClientToken makes the call to CreateScheduledQuery idempotent, in other words, making the same request repeatedly will produce the same result. Making multiple identical CreateScheduledQuery requests has the same effect as making a single request.\n\n- If CreateScheduledQuery is called without a `ClientToken` , the Query SDK generates a `ClientToken` on your behalf.\n- After 8 hours, any request with the same `ClientToken` is treated as a new request.", + "title": "ClientToken", + "type": "string" }, - "DefinitionS3Location": { - "$ref": "#/definitions/AWS::StepFunctions::StateMachine.S3Location", - "markdownDescription": "The name of the S3 bucket where the state machine definition is stored. The state machine definition must be a JSON or YAML file.", - "title": "DefinitionS3Location" + "ErrorReportConfiguration": { + "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.ErrorReportConfiguration", + "markdownDescription": "Configuration for error reporting. Error reports will be generated when a problem is encountered when writing the query results.", + "title": "ErrorReportConfiguration" }, - "DefinitionString": { - "markdownDescription": "The Amazon States Language definition of the state machine. The state machine definition must be in JSON. See [Amazon States Language](https://docs.aws.amazon.com/step-functions/latest/dg/concepts-amazon-states-language.html) .", - "title": "DefinitionString", + "KmsKeyId": { + "markdownDescription": "The Amazon KMS key used to encrypt the scheduled query resource, at-rest. If the Amazon KMS key is not specified, the scheduled query resource will be encrypted with a Timestream owned Amazon KMS key. To specify a KMS key, use the key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix the name with *alias/*\n\nIf ErrorReportConfiguration uses `SSE_KMS` as encryption type, the same KmsKeyId is used to encrypt the error report at rest.", + "title": "KmsKeyId", "type": "string" }, - "DefinitionSubstitutions": { - "additionalProperties": true, - "markdownDescription": "A map (string to string) that specifies the mappings for placeholder variables in the state machine definition. This enables the customer to inject values obtained at runtime, for example from intrinsic functions, in the state machine definition. Variables can be template parameter names, resource logical IDs, resource attributes, or a variable in a key-value map.\n\nSubstitutions must follow the syntax: `${key_name}` or `${variable_1,variable_2,...}` .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "object" - } - }, - "title": "DefinitionSubstitutions", - "type": "object" - }, - "LoggingConfiguration": { - "$ref": "#/definitions/AWS::StepFunctions::StateMachine.LoggingConfiguration", - "markdownDescription": "Defines what execution history events are logged and where they are logged.\n\n> By default, the `level` is set to `OFF` . For more information see [Log Levels](https://docs.aws.amazon.com/step-functions/latest/dg/cloudwatch-log-level.html) in the AWS Step Functions User Guide.", - "title": "LoggingConfiguration" + "NotificationConfiguration": { + "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.NotificationConfiguration", + "markdownDescription": "Notification configuration for the scheduled query. A notification is sent by Timestream when a query run finishes, when the state is updated or when you delete it.", + "title": "NotificationConfiguration" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to use for this state machine.", - "title": "RoleArn", + "QueryString": { + "markdownDescription": "The query string to run. Parameter names can be specified in the query string `@` character followed by an identifier. The named Parameter `@scheduled_runtime` is reserved and can be used in the query to get the time at which the query is scheduled to run.\n\nThe timestamp calculated according to the ScheduleConfiguration parameter, will be the value of `@scheduled_runtime` paramater for each query run. For example, consider an instance of a scheduled query executing on 2021-12-01 00:00:00. For this instance, the `@scheduled_runtime` parameter is initialized to the timestamp 2021-12-01 00:00:00 when invoking the query.", + "title": "QueryString", "type": "string" }, - "StateMachineName": { - "markdownDescription": "The name of the state machine.\n\nA name must *not* contain:\n\n- white space\n- brackets `< > { } [ ]`\n- wildcard characters `? *`\n- special characters `\" # % \\ ^ | ~ ` $ & , ; : /`\n- control characters ( `U+0000-001F` , `U+007F-009F` )\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "StateMachineName", + "ScheduleConfiguration": { + "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.ScheduleConfiguration", + "markdownDescription": "Schedule configuration.", + "title": "ScheduleConfiguration" + }, + "ScheduledQueryExecutionRoleArn": { + "markdownDescription": "The ARN for the IAM role that Timestream will assume when running the scheduled query.", + "title": "ScheduledQueryExecutionRoleArn", "type": "string" }, - "StateMachineType": { - "markdownDescription": "Determines whether a `STANDARD` or `EXPRESS` state machine is created. The default is `STANDARD` . You cannot update the `type` of a state machine once it has been created. For more information on `STANDARD` and `EXPRESS` workflows, see [Standard Versus Express Workflows](https://docs.aws.amazon.com/step-functions/latest/dg/concepts-standard-vs-express.html) in the AWS Step Functions Developer Guide.", - "title": "StateMachineType", + "ScheduledQueryName": { + "markdownDescription": "A name for the query. Scheduled query names must be unique within each Region.", + "title": "ScheduledQueryName", "type": "string" }, "Tags": { "items": { - "$ref": "#/definitions/AWS::StepFunctions::StateMachine.TagsEntry" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The list of tags to add to a resource.\n\nTags may only contain Unicode letters, digits, white space, or these symbols: `_ . : / = + - @` .", + "markdownDescription": "A list of key-value pairs to label the scheduled query.", "title": "Tags", "type": "array" }, - "TracingConfiguration": { - "$ref": "#/definitions/AWS::StepFunctions::StateMachine.TracingConfiguration", - "markdownDescription": "Selects whether or not the state machine's AWS X-Ray tracing is enabled.", - "title": "TracingConfiguration" + "TargetConfiguration": { + "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.TargetConfiguration", + "markdownDescription": "Scheduled query target store configuration.", + "title": "TargetConfiguration" } }, "required": [ - "RoleArn" + "ErrorReportConfiguration", + "NotificationConfiguration", + "QueryString", + "ScheduleConfiguration", + "ScheduledQueryExecutionRoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::StepFunctions::StateMachine" + "AWS::Timestream::ScheduledQuery" ], "type": "string" }, @@ -260559,109 +311399,258 @@ ], "type": "object" }, - "AWS::StepFunctions::StateMachine.CloudWatchLogsLogGroup": { + "AWS::Timestream::ScheduledQuery.DimensionMapping": { "additionalProperties": false, "properties": { - "LogGroupArn": { - "markdownDescription": "The ARN of the the CloudWatch log group to which you want your logs emitted to. The ARN must end with `:*`", - "title": "LogGroupArn", + "DimensionValueType": { + "markdownDescription": "Type for the dimension: VARCHAR", + "title": "DimensionValueType", + "type": "string" + }, + "Name": { + "markdownDescription": "Column name from query result.", + "title": "Name", "type": "string" } }, + "required": [ + "DimensionValueType", + "Name" + ], "type": "object" }, - "AWS::StepFunctions::StateMachine.LogDestination": { + "AWS::Timestream::ScheduledQuery.ErrorReportConfiguration": { "additionalProperties": false, "properties": { - "CloudWatchLogsLogGroup": { - "$ref": "#/definitions/AWS::StepFunctions::StateMachine.CloudWatchLogsLogGroup", - "markdownDescription": "An object describing a CloudWatch log group. For more information, see [AWS::Logs::LogGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-logs-loggroup.html) in the AWS CloudFormation User Guide.", - "title": "CloudWatchLogsLogGroup" + "S3Configuration": { + "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.S3Configuration", + "markdownDescription": "The S3 configuration for the error reports.", + "title": "S3Configuration" } }, + "required": [ + "S3Configuration" + ], "type": "object" }, - "AWS::StepFunctions::StateMachine.LoggingConfiguration": { + "AWS::Timestream::ScheduledQuery.MixedMeasureMapping": { "additionalProperties": false, "properties": { - "Destinations": { + "MeasureName": { + "markdownDescription": "Refers to the value of measure_name in a result row. This field is required if MeasureNameColumn is provided.", + "title": "MeasureName", + "type": "string" + }, + "MeasureValueType": { + "markdownDescription": "Type of the value that is to be read from sourceColumn. If the mapping is for MULTI, use MeasureValueType.MULTI.", + "title": "MeasureValueType", + "type": "string" + }, + "MultiMeasureAttributeMappings": { "items": { - "$ref": "#/definitions/AWS::StepFunctions::StateMachine.LogDestination" + "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.MultiMeasureAttributeMapping" }, - "markdownDescription": "An array of objects that describes where your execution history events will be logged. Limited to size 1. Required, if your log level is not set to `OFF` .", - "title": "Destinations", + "markdownDescription": "Required when measureValueType is MULTI. Attribute mappings for MULTI value measures.", + "title": "MultiMeasureAttributeMappings", "type": "array" }, - "IncludeExecutionData": { - "markdownDescription": "Determines whether execution data is included in your log. When set to `false` , data is excluded.", - "title": "IncludeExecutionData", - "type": "boolean" + "SourceColumn": { + "markdownDescription": "This field refers to the source column from which measure-value is to be read for result materialization.", + "title": "SourceColumn", + "type": "string" }, - "Level": { - "markdownDescription": "Defines which category of execution history events are logged.", - "title": "Level", + "TargetMeasureName": { + "markdownDescription": "Target measure name to be used. If not provided, the target measure name by default would be measure-name if provided, or sourceColumn otherwise.", + "title": "TargetMeasureName", "type": "string" } }, + "required": [ + "MeasureValueType" + ], "type": "object" }, - "AWS::StepFunctions::StateMachine.S3Location": { + "AWS::Timestream::ScheduledQuery.MultiMeasureAttributeMapping": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The name of the S3 bucket where the state machine definition JSON or YAML file is stored.", - "title": "Bucket", + "MeasureValueType": { + "markdownDescription": "Type of the attribute to be read from the source column.", + "title": "MeasureValueType", "type": "string" }, - "Key": { - "markdownDescription": "The name of the state machine definition file (Amazon S3 object name).", - "title": "Key", + "SourceColumn": { + "markdownDescription": "Source column from where the attribute value is to be read.", + "title": "SourceColumn", "type": "string" }, - "Version": { - "markdownDescription": "For versioning-enabled buckets, a specific version of the state machine definition.", - "title": "Version", + "TargetMultiMeasureAttributeName": { + "markdownDescription": "Custom name to be used for attribute name in derived table. If not provided, source column name would be used.", + "title": "TargetMultiMeasureAttributeName", "type": "string" } }, "required": [ - "Bucket", - "Key" + "MeasureValueType", + "SourceColumn" ], "type": "object" }, - "AWS::StepFunctions::StateMachine.TagsEntry": { + "AWS::Timestream::ScheduledQuery.MultiMeasureMappings": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The `key` for a key-value pair in a tag entry.", - "title": "Key", + "MultiMeasureAttributeMappings": { + "items": { + "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.MultiMeasureAttributeMapping" + }, + "markdownDescription": "Required. Attribute mappings to be used for mapping query results to ingest data for multi-measure attributes.", + "title": "MultiMeasureAttributeMappings", + "type": "array" + }, + "TargetMultiMeasureName": { + "markdownDescription": "The name of the target multi-measure name in the derived table. This input is required when measureNameColumn is not provided. If MeasureNameColumn is provided, then value from that column will be used as multi-measure name.", + "title": "TargetMultiMeasureName", + "type": "string" + } + }, + "required": [ + "MultiMeasureAttributeMappings" + ], + "type": "object" + }, + "AWS::Timestream::ScheduledQuery.NotificationConfiguration": { + "additionalProperties": false, + "properties": { + "SnsConfiguration": { + "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.SnsConfiguration", + "markdownDescription": "Details on SNS configuration.", + "title": "SnsConfiguration" + } + }, + "required": [ + "SnsConfiguration" + ], + "type": "object" + }, + "AWS::Timestream::ScheduledQuery.S3Configuration": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "Name of the S3 bucket under which error reports will be created.", + "title": "BucketName", "type": "string" }, - "Value": { - "markdownDescription": "The `value` for a key-value pair in a tag entry.", - "title": "Value", + "EncryptionOption": { + "markdownDescription": "Encryption at rest options for the error reports. If no encryption option is specified, Timestream will choose SSE_S3 as default.", + "title": "EncryptionOption", + "type": "string" + }, + "ObjectKeyPrefix": { + "markdownDescription": "Prefix for the error report key. Timestream by default adds the following prefix to the error report path.", + "title": "ObjectKeyPrefix", "type": "string" } }, "required": [ - "Key", - "Value" + "BucketName" ], "type": "object" }, - "AWS::StepFunctions::StateMachine.TracingConfiguration": { + "AWS::Timestream::ScheduledQuery.ScheduleConfiguration": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "When set to `true` , X-Ray tracing is enabled.", - "title": "Enabled", - "type": "boolean" + "ScheduleExpression": { + "markdownDescription": "An expression that denotes when to trigger the scheduled query run. This can be a cron expression or a rate expression.", + "title": "ScheduleExpression", + "type": "string" } }, + "required": [ + "ScheduleExpression" + ], "type": "object" }, - "AWS::StepFunctions::StateMachineAlias": { + "AWS::Timestream::ScheduledQuery.SnsConfiguration": { + "additionalProperties": false, + "properties": { + "TopicArn": { + "markdownDescription": "SNS topic ARN that the scheduled query status notifications will be sent to.", + "title": "TopicArn", + "type": "string" + } + }, + "required": [ + "TopicArn" + ], + "type": "object" + }, + "AWS::Timestream::ScheduledQuery.TargetConfiguration": { + "additionalProperties": false, + "properties": { + "TimestreamConfiguration": { + "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.TimestreamConfiguration", + "markdownDescription": "Configuration needed to write data into the Timestream database and table.", + "title": "TimestreamConfiguration" + } + }, + "required": [ + "TimestreamConfiguration" + ], + "type": "object" + }, + "AWS::Timestream::ScheduledQuery.TimestreamConfiguration": { + "additionalProperties": false, + "properties": { + "DatabaseName": { + "markdownDescription": "Name of Timestream database to which the query result will be written.", + "title": "DatabaseName", + "type": "string" + }, + "DimensionMappings": { + "items": { + "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.DimensionMapping" + }, + "markdownDescription": "This is to allow mapping column(s) from the query result to the dimension in the destination table.", + "title": "DimensionMappings", + "type": "array" + }, + "MeasureNameColumn": { + "markdownDescription": "Name of the measure column. Also see `MultiMeasureMappings` and `MixedMeasureMappings` for how measure name properties on those relate to `MeasureNameColumn` .", + "title": "MeasureNameColumn", + "type": "string" + }, + "MixedMeasureMappings": { + "items": { + "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.MixedMeasureMapping" + }, + "markdownDescription": "Specifies how to map measures to multi-measure records.", + "title": "MixedMeasureMappings", + "type": "array" + }, + "MultiMeasureMappings": { + "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.MultiMeasureMappings", + "markdownDescription": "Multi-measure mappings.", + "title": "MultiMeasureMappings" + }, + "TableName": { + "markdownDescription": "Name of Timestream table that the query result will be written to. The table should be within the same database that is provided in Timestream configuration.", + "title": "TableName", + "type": "string" + }, + "TimeColumn": { + "markdownDescription": "Column from query result that should be used as the time column in destination table. Column type for this should be TIMESTAMP.", + "title": "TimeColumn", + "type": "string" + } + }, + "required": [ + "DatabaseName", + "DimensionMappings", + "TableName", + "TimeColumn" + ], + "type": "object" + }, + "AWS::Timestream::Table": { "additionalProperties": false, "properties": { "Condition": { @@ -260696,35 +311685,48 @@ "Properties": { "additionalProperties": false, "properties": { - "DeploymentPreference": { - "$ref": "#/definitions/AWS::StepFunctions::StateMachineAlias.DeploymentPreference", - "markdownDescription": "The settings that enable gradual state machine deployments. These settings include [Alarms](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-alarms) , [Interval](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-interval) , [Percentage](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-percentage) , [StateMachineVersionArn](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-statemachineversionarn) , and [Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-type) .\n\nCloudFormation automatically shifts traffic from the version an alias currently points to, to a new state machine version that you specify.\n\n> `RoutingConfiguration` and `DeploymentPreference` are mutually exclusive properties. You must define only one of these properties. \n\nBased on the type of deployment you want to perform, you can specify one of the following settings:\n\n- `LINEAR` - Shifts traffic to the new version in equal increments with an equal number of minutes between each increment.\n\nFor example, if you specify the increment percent as `20` with an interval of `600` minutes, this deployment increases traffic by 20 percent every 600 minutes until the new version receives 100 percent of the traffic. This deployment immediately rolls back the new version if any Amazon CloudWatch alarms are triggered.\n- `ALL_AT_ONCE` - Shifts 100 percent of traffic to the new version immediately. CloudFormation monitors the new version and rolls it back automatically to the previous version if any CloudWatch alarms are triggered.\n- `CANARY` - Shifts traffic in two increments.\n\nIn the first increment, a small percentage of traffic, for example, 10 percent is shifted to the new version. In the second increment, before a specified time interval in seconds gets over, the remaining traffic is shifted to the new version. The shift to the new version for the remaining traffic takes place only if no CloudWatch alarms are triggered during the specified time interval.", - "title": "DeploymentPreference" - }, - "Description": { - "markdownDescription": "An optional description of the state machine alias.", - "title": "Description", + "DatabaseName": { + "markdownDescription": "The name of the Timestream database that contains this table.\n\n*Length Constraints* : Minimum length of 3 bytes. Maximum length of 256 bytes.", + "title": "DatabaseName", "type": "string" }, - "Name": { - "markdownDescription": "The name of the state machine alias. If you don't provide a name, it uses an automatically generated name based on the logical ID.", - "title": "Name", + "MagneticStoreWriteProperties": { + "$ref": "#/definitions/AWS::Timestream::Table.MagneticStoreWriteProperties", + "markdownDescription": "Contains properties to set on the table when enabling magnetic store writes.\n\nThis object has the following attributes:\n\n- *EnableMagneticStoreWrites* : A `boolean` flag to enable magnetic store writes.\n- *MagneticStoreRejectedDataLocation* : The location to write error reports for records rejected, asynchronously, during magnetic store writes. Only `S3Configuration` objects are allowed. The `S3Configuration` object has the following attributes:\n\n- *BucketName* : The name of the S3 bucket.\n- *EncryptionOption* : The encryption option for the S3 location. Valid values are S3 server-side encryption with an S3 managed key ( `SSE_S3` ) or AWS managed key ( `SSE_KMS` ).\n- *KmsKeyId* : The AWS KMS key ID to use when encrypting with an AWS managed key.\n- *ObjectKeyPrefix* : The prefix to use option for the objects stored in S3.\n\nBoth `BucketName` and `EncryptionOption` are *required* when `S3Configuration` is specified. If you specify `SSE_KMS` as your `EncryptionOption` then `KmsKeyId` is *required* .\n\n`EnableMagneticStoreWrites` attribute is *required* when `MagneticStoreWriteProperties` is specified. `MagneticStoreRejectedDataLocation` attribute is *required* when `EnableMagneticStoreWrites` is set to `true` .\n\nSee the following examples:\n\n*JSON*\n\n```json\n{ \"Type\" : AWS::Timestream::Table\", \"Properties\":{ \"DatabaseName\":\"TestDatabase\", \"TableName\":\"TestTable\", \"MagneticStoreWriteProperties\":{ \"EnableMagneticStoreWrites\":true, \"MagneticStoreRejectedDataLocation\":{ \"S3Configuration\":{ \"BucketName\":\" amzn-s3-demo-bucket \", \"EncryptionOption\":\"SSE_KMS\", \"KmsKeyId\":\"1234abcd-12ab-34cd-56ef-1234567890ab\", \"ObjectKeyPrefix\":\"prefix\" } } } }\n}\n```\n\n*YAML*\n\n```\nType: AWS::Timestream::Table\nDependsOn: TestDatabase\nProperties: TableName: \"TestTable\" DatabaseName: \"TestDatabase\" MagneticStoreWriteProperties: EnableMagneticStoreWrites: true MagneticStoreRejectedDataLocation: S3Configuration: BucketName: \" amzn-s3-demo-bucket \" EncryptionOption: \"SSE_KMS\" KmsKeyId: \"1234abcd-12ab-34cd-56ef-1234567890ab\" ObjectKeyPrefix: \"prefix\"\n```", + "title": "MagneticStoreWriteProperties" + }, + "RetentionProperties": { + "$ref": "#/definitions/AWS::Timestream::Table.RetentionProperties", + "markdownDescription": "The retention duration for the memory store and magnetic store. This object has the following attributes:\n\n- *MemoryStoreRetentionPeriodInHours* : Retention duration for memory store, in hours.\n- *MagneticStoreRetentionPeriodInDays* : Retention duration for magnetic store, in days.\n\nBoth attributes are of type `string` . Both attributes are *required* when `RetentionProperties` is specified.\n\nSee the following examples:\n\n*JSON*\n\n`{ \"Type\" : AWS::Timestream::Table\", \"Properties\" : { \"DatabaseName\" : \"TestDatabase\", \"TableName\" : \"TestTable\", \"RetentionProperties\" : { \"MemoryStoreRetentionPeriodInHours\": \"24\", \"MagneticStoreRetentionPeriodInDays\": \"7\" } } }` \n\n*YAML*\n\n```\nType: AWS::Timestream::Table\nDependsOn: TestDatabase\nProperties: TableName: \"TestTable\" DatabaseName: \"TestDatabase\" RetentionProperties: MemoryStoreRetentionPeriodInHours: \"24\" MagneticStoreRetentionPeriodInDays: \"7\"\n```", + "title": "RetentionProperties" + }, + "Schema": { + "$ref": "#/definitions/AWS::Timestream::Table.Schema", + "markdownDescription": "The schema of the table.", + "title": "Schema" + }, + "TableName": { + "markdownDescription": "The name of the Timestream table.\n\n*Length Constraints* : Minimum length of 3 bytes. Maximum length of 256 bytes.", + "title": "TableName", "type": "string" }, - "RoutingConfiguration": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::StepFunctions::StateMachineAlias.RoutingConfigurationVersion" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The routing configuration of an alias. Routing configuration splits [StartExecution](https://docs.aws.amazon.com/step-functions/latest/apireference/API_StartExecution.html) requests between one or two versions of the same state machine.\n\nUse `RoutingConfiguration` if you want to explicitly set the alias [weights](https://docs.aws.amazon.com/step-functions/latest/apireference/API_RoutingConfigurationListItem.html#StepFunctions-Type-RoutingConfigurationListItem-weight) . Weight is the percentage of traffic you want to route to a state machine version.\n\n> `RoutingConfiguration` and `DeploymentPreference` are mutually exclusive properties. You must define only one of these properties.", - "title": "RoutingConfiguration", + "markdownDescription": "The tags to add to the table", + "title": "Tags", "type": "array" } }, + "required": [ + "DatabaseName" + ], "type": "object" }, "Type": { "enum": [ - "AWS::StepFunctions::StateMachineAlias" + "AWS::Timestream::Table" ], "type": "string" }, @@ -260738,69 +311740,126 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::StepFunctions::StateMachineAlias.DeploymentPreference": { + "AWS::Timestream::Table.MagneticStoreRejectedDataLocation": { "additionalProperties": false, "properties": { - "Alarms": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of Amazon CloudWatch alarm names to be monitored during the deployment. The deployment fails and rolls back if any of these alarms go into the `ALARM` state.\n\n> Amazon CloudWatch considers nonexistent alarms to have an `OK` state. If you provide an invalid alarm name or provide the ARN of an alarm instead of its name, your deployment may not roll back correctly.", - "title": "Alarms", - "type": "array" - }, - "Interval": { - "markdownDescription": "The time in minutes between each traffic shifting increment.", - "title": "Interval", - "type": "number" + "S3Configuration": { + "$ref": "#/definitions/AWS::Timestream::Table.S3Configuration", + "markdownDescription": "Configuration of an S3 location to write error reports for records rejected, asynchronously, during magnetic store writes.", + "title": "S3Configuration" + } + }, + "type": "object" + }, + "AWS::Timestream::Table.MagneticStoreWriteProperties": { + "additionalProperties": false, + "properties": { + "EnableMagneticStoreWrites": { + "markdownDescription": "A flag to enable magnetic store writes.", + "title": "EnableMagneticStoreWrites", + "type": "boolean" }, - "Percentage": { - "markdownDescription": "The percentage of traffic to shift to the new version in each increment.", - "title": "Percentage", - "type": "number" + "MagneticStoreRejectedDataLocation": { + "$ref": "#/definitions/AWS::Timestream::Table.MagneticStoreRejectedDataLocation", + "markdownDescription": "The location to write error reports for records rejected asynchronously during magnetic store writes.", + "title": "MagneticStoreRejectedDataLocation" + } + }, + "required": [ + "EnableMagneticStoreWrites" + ], + "type": "object" + }, + "AWS::Timestream::Table.PartitionKey": { + "additionalProperties": false, + "properties": { + "EnforcementInRecord": { + "markdownDescription": "The level of enforcement for the specification of a dimension key in ingested records. Options are REQUIRED (dimension key must be specified) and OPTIONAL (dimension key does not have to be specified).", + "title": "EnforcementInRecord", + "type": "string" }, - "StateMachineVersionArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the [`AWS::StepFunctions::StateMachineVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-stepfunctions-statemachineversion.html) resource that will be the final version to which the alias points to when the traffic shifting is complete.\n\nWhile performing gradual deployments, you can only provide a single state machine version ARN. To explicitly set version weights in a CloudFormation template, use `RoutingConfiguration` instead.", - "title": "StateMachineVersionArn", + "Name": { + "markdownDescription": "The name of the attribute used for a dimension key.", + "title": "Name", "type": "string" }, "Type": { - "markdownDescription": "The type of deployment you want to perform. You can specify one of the following types:\n\n- `LINEAR` - Shifts traffic to the new version in equal increments with an equal number of minutes between each increment.\n\nFor example, if you specify the increment percent as `20` with an interval of `600` minutes, this deployment increases traffic by 20 percent every 600 minutes until the new version receives 100 percent of the traffic. This deployment immediately rolls back the new version if any CloudWatch alarms are triggered.\n- `ALL_AT_ONCE` - Shifts 100 percent of traffic to the new version immediately. CloudFormation monitors the new version and rolls it back automatically to the previous version if any CloudWatch alarms are triggered.\n- `CANARY` - Shifts traffic in two increments.\n\nIn the first increment, a small percentage of traffic, for example, 10 percent is shifted to the new version. In the second increment, before a specified time interval in seconds gets over, the remaining traffic is shifted to the new version. The shift to the new version for the remaining traffic takes place only if no CloudWatch alarms are triggered during the specified time interval.", + "markdownDescription": "The type of the partition key. Options are DIMENSION (dimension key) and MEASURE (measure key).", "title": "Type", "type": "string" } }, "required": [ - "StateMachineVersionArn", "Type" ], "type": "object" }, - "AWS::StepFunctions::StateMachineAlias.RoutingConfigurationVersion": { + "AWS::Timestream::Table.RetentionProperties": { "additionalProperties": false, "properties": { - "StateMachineVersionArn": { - "markdownDescription": "The Amazon Resource Name (ARN) that identifies one or two state machine versions defined in the routing configuration.\n\nIf you specify the ARN of a second version, it must belong to the same state machine as the first version.", - "title": "StateMachineVersionArn", + "MagneticStoreRetentionPeriodInDays": { + "markdownDescription": "The duration for which data must be stored in the magnetic store.", + "title": "MagneticStoreRetentionPeriodInDays", "type": "string" }, - "Weight": { - "markdownDescription": "The percentage of traffic you want to route to the state machine version. The sum of the weights in the routing configuration must be equal to 100.", - "title": "Weight", - "type": "number" + "MemoryStoreRetentionPeriodInHours": { + "markdownDescription": "The duration for which data must be stored in the memory store.", + "title": "MemoryStoreRetentionPeriodInHours", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Timestream::Table.S3Configuration": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "The bucket name of the customer S3 bucket.", + "title": "BucketName", + "type": "string" + }, + "EncryptionOption": { + "markdownDescription": "The encryption option for the customer S3 location. Options are S3 server-side encryption with an S3 managed key or AWS managed key.", + "title": "EncryptionOption", + "type": "string" + }, + "KmsKeyId": { + "markdownDescription": "The AWS KMS key ID for the customer S3 location when encrypting with an AWS managed key.", + "title": "KmsKeyId", + "type": "string" + }, + "ObjectKeyPrefix": { + "markdownDescription": "The object key preview for the customer S3 location.", + "title": "ObjectKeyPrefix", + "type": "string" } }, "required": [ - "StateMachineVersionArn", - "Weight" + "BucketName", + "EncryptionOption" ], "type": "object" }, - "AWS::StepFunctions::StateMachineVersion": { + "AWS::Timestream::Table.Schema": { + "additionalProperties": false, + "properties": { + "CompositePartitionKey": { + "items": { + "$ref": "#/definitions/AWS::Timestream::Table.PartitionKey" + }, + "markdownDescription": "A non-empty list of partition keys defining the attributes used to partition the table data. The order of the list determines the partition hierarchy. The name and type of each partition key as well as the partition key order cannot be changed after the table is created. However, the enforcement level of each partition key can be changed.", + "title": "CompositePartitionKey", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Transfer::Agreement": { "additionalProperties": false, "properties": { "Condition": { @@ -260835,30 +311894,76 @@ "Properties": { "additionalProperties": false, "properties": { + "AccessRole": { + "markdownDescription": "Connectors are used to send files using either the AS2 or SFTP protocol. For the access role, provide the Amazon Resource Name (ARN) of the AWS Identity and Access Management role to use.\n\n*For AS2 connectors*\n\nWith AS2, you can send files by calling `StartFileTransfer` and specifying the file paths in the request parameter, `SendFilePaths` . We use the file\u2019s parent directory (for example, for `--send-file-paths /bucket/dir/file.txt` , parent directory is `/bucket/dir/` ) to temporarily store a processed AS2 message file, store the MDN when we receive them from the partner, and write a final JSON file containing relevant metadata of the transmission. So, the `AccessRole` needs to provide read and write access to the parent directory of the file location used in the `StartFileTransfer` request. Additionally, you need to provide read and write access to the parent directory of the files that you intend to send with `StartFileTransfer` .\n\nIf you are using Basic authentication for your AS2 connector, the access role requires the `secretsmanager:GetSecretValue` permission for the secret. If the secret is encrypted using a customer-managed key instead of the AWS managed key in Secrets Manager, then the role also needs the `kms:Decrypt` permission for that key.\n\n*For SFTP connectors*\n\nMake sure that the access role provides read and write access to the parent directory of the file location that's used in the `StartFileTransfer` request. Additionally, make sure that the role provides `secretsmanager:GetSecretValue` permission to AWS Secrets Manager .", + "title": "AccessRole", + "type": "string" + }, + "BaseDirectory": { + "markdownDescription": "The landing directory (folder) for files that are transferred by using the AS2 protocol.", + "title": "BaseDirectory", + "type": "string" + }, + "CustomDirectories": { + "$ref": "#/definitions/AWS::Transfer::Agreement.CustomDirectories", + "markdownDescription": "A `CustomDirectoriesType` structure. This structure specifies custom directories for storing various AS2 message files. You can specify directories for the following types of files.\n\n- Failed files\n- MDN files\n- Payload files\n- Status files\n- Temporary files", + "title": "CustomDirectories" + }, "Description": { - "markdownDescription": "An optional description of the state machine version.", + "markdownDescription": "The name or short description that's used to identify the agreement.", "title": "Description", "type": "string" }, - "StateMachineArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the state machine.", - "title": "StateMachineArn", + "EnforceMessageSigning": { + "markdownDescription": "Determines whether or not unsigned messages from your trading partners will be accepted.\n\n- `ENABLED` : Transfer Family rejects unsigned messages from your trading partner.\n- `DISABLED` (default value): Transfer Family accepts unsigned messages from your trading partner.", + "title": "EnforceMessageSigning", "type": "string" }, - "StateMachineRevisionId": { - "markdownDescription": "Identifier for a state machine revision, which is an immutable, read-only snapshot of a state machine\u2019s definition and configuration.\n\nOnly publish the state machine version if the current state machine's revision ID matches the specified ID. Use this option to avoid publishing a version if the state machine has changed since you last updated it.\n\nTo specify the initial state machine revision, set the value as `INITIAL` .", - "title": "StateMachineRevisionId", + "LocalProfileId": { + "markdownDescription": "A unique identifier for the AS2 local profile.", + "title": "LocalProfileId", + "type": "string" + }, + "PartnerProfileId": { + "markdownDescription": "A unique identifier for the partner profile used in the agreement.", + "title": "PartnerProfileId", + "type": "string" + }, + "PreserveFilename": { + "markdownDescription": "Determines whether or not Transfer Family appends a unique string of characters to the end of the AS2 message payload filename when saving it.\n\n- `ENABLED` : the filename provided by your trading parter is preserved when the file is saved.\n- `DISABLED` (default value): when Transfer Family saves the file, the filename is adjusted, as described in [File names and locations](https://docs.aws.amazon.com/transfer/latest/userguide/send-as2-messages.html#file-names-as2) .", + "title": "PreserveFilename", + "type": "string" + }, + "ServerId": { + "markdownDescription": "A system-assigned unique identifier for a server instance. This identifier indicates the specific server that the agreement uses.", + "title": "ServerId", + "type": "string" + }, + "Status": { + "markdownDescription": "The current status of the agreement, either `ACTIVE` or `INACTIVE` .", + "title": "Status", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Key-value pairs that can be used to group and search for agreements.", + "title": "Tags", + "type": "array" } }, "required": [ - "StateMachineArn" + "AccessRole", + "LocalProfileId", + "PartnerProfileId", + "ServerId" ], "type": "object" }, "Type": { "enum": [ - "AWS::StepFunctions::StateMachineVersion" + "AWS::Transfer::Agreement" ], "type": "string" }, @@ -260877,7 +311982,45 @@ ], "type": "object" }, - "AWS::SupportApp::AccountAlias": { + "AWS::Transfer::Agreement.CustomDirectories": { + "additionalProperties": false, + "properties": { + "FailedFilesDirectory": { + "markdownDescription": "", + "title": "FailedFilesDirectory", + "type": "string" + }, + "MdnFilesDirectory": { + "markdownDescription": "", + "title": "MdnFilesDirectory", + "type": "string" + }, + "PayloadFilesDirectory": { + "markdownDescription": "", + "title": "PayloadFilesDirectory", + "type": "string" + }, + "StatusFilesDirectory": { + "markdownDescription": "", + "title": "StatusFilesDirectory", + "type": "string" + }, + "TemporaryFilesDirectory": { + "markdownDescription": "", + "title": "TemporaryFilesDirectory", + "type": "string" + } + }, + "required": [ + "FailedFilesDirectory", + "MdnFilesDirectory", + "PayloadFilesDirectory", + "StatusFilesDirectory", + "TemporaryFilesDirectory" + ], + "type": "object" + }, + "AWS::Transfer::Certificate": { "additionalProperties": false, "properties": { "Condition": { @@ -260912,20 +312055,59 @@ "Properties": { "additionalProperties": false, "properties": { - "AccountAlias": { - "markdownDescription": "An alias or short name for an AWS account .", - "title": "AccountAlias", + "ActiveDate": { + "markdownDescription": "An optional date that specifies when the certificate becomes active. If you do not specify a value, `ActiveDate` takes the same value as `NotBeforeDate` , which is specified by the CA.", + "title": "ActiveDate", + "type": "string" + }, + "Certificate": { + "markdownDescription": "The file name for the certificate.", + "title": "Certificate", + "type": "string" + }, + "CertificateChain": { + "markdownDescription": "The list of certificates that make up the chain for the certificate.", + "title": "CertificateChain", + "type": "string" + }, + "Description": { + "markdownDescription": "The name or description that's used to identity the certificate.", + "title": "Description", + "type": "string" + }, + "InactiveDate": { + "markdownDescription": "An optional date that specifies when the certificate becomes inactive. If you do not specify a value, `InactiveDate` takes the same value as `NotAfterDate` , which is specified by the CA.", + "title": "InactiveDate", + "type": "string" + }, + "PrivateKey": { + "markdownDescription": "The file that contains the private key for the certificate that's being imported.", + "title": "PrivateKey", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Key-value pairs that can be used to group and search for certificates.", + "title": "Tags", + "type": "array" + }, + "Usage": { + "markdownDescription": "Specifies how this certificate is used. It can be used in the following ways:\n\n- `SIGNING` : For signing AS2 messages\n- `ENCRYPTION` : For encrypting AS2 messages\n- `TLS` : For securing AS2 communications sent over HTTPS", + "title": "Usage", "type": "string" } }, "required": [ - "AccountAlias" + "Certificate", + "Usage" ], "type": "object" }, "Type": { "enum": [ - "AWS::SupportApp::AccountAlias" + "AWS::Transfer::Certificate" ], "type": "string" }, @@ -260944,7 +312126,7 @@ ], "type": "object" }, - "AWS::SupportApp::SlackChannelConfiguration": { + "AWS::Transfer::Connector": { "additionalProperties": false, "properties": { "Condition": { @@ -260979,58 +312161,54 @@ "Properties": { "additionalProperties": false, "properties": { - "ChannelId": { - "markdownDescription": "The channel ID in Slack. This ID identifies a channel within a Slack workspace.", - "title": "ChannelId", + "AccessRole": { + "markdownDescription": "Connectors are used to send files using either the AS2 or SFTP protocol. For the access role, provide the Amazon Resource Name (ARN) of the AWS Identity and Access Management role to use.\n\n*For AS2 connectors*\n\nWith AS2, you can send files by calling `StartFileTransfer` and specifying the file paths in the request parameter, `SendFilePaths` . We use the file\u2019s parent directory (for example, for `--send-file-paths /bucket/dir/file.txt` , parent directory is `/bucket/dir/` ) to temporarily store a processed AS2 message file, store the MDN when we receive them from the partner, and write a final JSON file containing relevant metadata of the transmission. So, the `AccessRole` needs to provide read and write access to the parent directory of the file location used in the `StartFileTransfer` request. Additionally, you need to provide read and write access to the parent directory of the files that you intend to send with `StartFileTransfer` .\n\nIf you are using Basic authentication for your AS2 connector, the access role requires the `secretsmanager:GetSecretValue` permission for the secret. If the secret is encrypted using a customer-managed key instead of the AWS managed key in Secrets Manager, then the role also needs the `kms:Decrypt` permission for that key.\n\n*For SFTP connectors*\n\nMake sure that the access role provides read and write access to the parent directory of the file location that's used in the `StartFileTransfer` request. Additionally, make sure that the role provides `secretsmanager:GetSecretValue` permission to AWS Secrets Manager .", + "title": "AccessRole", "type": "string" }, - "ChannelName": { - "markdownDescription": "The channel name in Slack. This is the channel where you invite the AWS Support App .", - "title": "ChannelName", - "type": "string" + "As2Config": { + "$ref": "#/definitions/AWS::Transfer::Connector.As2Config", + "markdownDescription": "A structure that contains the parameters for an AS2 connector object.", + "title": "As2Config" }, - "ChannelRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role for this Slack channel configuration. The App uses this role to perform and Service Quotas actions on your behalf.", - "title": "ChannelRoleArn", + "LoggingRole": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that allows a connector to turn on CloudWatch logging for Amazon S3 events. When set, you can view connector activity in your CloudWatch logs.", + "title": "LoggingRole", "type": "string" }, - "NotifyOnAddCorrespondenceToCase": { - "markdownDescription": "Whether to get notified when a correspondence is added to your support cases.", - "title": "NotifyOnAddCorrespondenceToCase", - "type": "boolean" - }, - "NotifyOnCaseSeverity": { - "markdownDescription": "The case severity for your support cases that you want to receive notifications. You can specify `none` , `all` , or `high` .", - "title": "NotifyOnCaseSeverity", + "SecurityPolicyName": { + "markdownDescription": "The text name of the security policy for the specified connector.", + "title": "SecurityPolicyName", "type": "string" }, - "NotifyOnCreateOrReopenCase": { - "markdownDescription": "Whether to get notified when your support cases are created or reopened", - "title": "NotifyOnCreateOrReopenCase", - "type": "boolean" + "SftpConfig": { + "$ref": "#/definitions/AWS::Transfer::Connector.SftpConfig", + "markdownDescription": "A structure that contains the parameters for an SFTP connector object.", + "title": "SftpConfig" }, - "NotifyOnResolveCase": { - "markdownDescription": "Whether to get notified when your support cases are resolved.", - "title": "NotifyOnResolveCase", - "type": "boolean" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Key-value pairs that can be used to group and search for connectors.", + "title": "Tags", + "type": "array" }, - "TeamId": { - "markdownDescription": "The team ID in Slack. This ID uniquely identifies a Slack workspace.", - "title": "TeamId", + "Url": { + "markdownDescription": "The URL of the partner's AS2 or SFTP endpoint.", + "title": "Url", "type": "string" } }, "required": [ - "ChannelId", - "ChannelRoleArn", - "NotifyOnCaseSeverity", - "TeamId" + "AccessRole", + "Url" ], "type": "object" }, "Type": { "enum": [ - "AWS::SupportApp::SlackChannelConfiguration" + "AWS::Transfer::Connector" ], "type": "string" }, @@ -261049,7 +312227,87 @@ ], "type": "object" }, - "AWS::SupportApp::SlackWorkspaceConfiguration": { + "AWS::Transfer::Connector.As2Config": { + "additionalProperties": false, + "properties": { + "BasicAuthSecretId": { + "markdownDescription": "Provides Basic authentication support to the AS2 Connectors API. To use Basic authentication, you must provide the name or Amazon Resource Name (ARN) of a secret in AWS Secrets Manager .\n\nThe default value for this parameter is `null` , which indicates that Basic authentication is not enabled for the connector.\n\nIf the connector should use Basic authentication, the secret needs to be in the following format:\n\n`{ \"Username\": \"user-name\", \"Password\": \"user-password\" }`\n\nReplace `user-name` and `user-password` with the credentials for the actual user that is being authenticated.\n\nNote the following:\n\n- You are storing these credentials in Secrets Manager, *not passing them directly* into this API.\n- If you are using the API, SDKs, or CloudFormation to configure your connector, then you must create the secret before you can enable Basic authentication. However, if you are using the AWS management console, you can have the system create the secret for you.\n\nIf you have previously enabled Basic authentication for a connector, you can disable it by using the `UpdateConnector` API call. For example, if you are using the CLI, you can run the following command to remove Basic authentication:\n\n`update-connector --connector-id my-connector-id --as2-config 'BasicAuthSecretId=\"\"'`", + "title": "BasicAuthSecretId", + "type": "string" + }, + "Compression": { + "markdownDescription": "Specifies whether the AS2 file is compressed.", + "title": "Compression", + "type": "string" + }, + "EncryptionAlgorithm": { + "markdownDescription": "The algorithm that is used to encrypt the file.\n\nNote the following:\n\n- Do not use the `DES_EDE3_CBC` algorithm unless you must support a legacy client that requires it, as it is a weak encryption algorithm.\n- You can only specify `NONE` if the URL for your connector uses HTTPS. Using HTTPS ensures that no traffic is sent in clear text.", + "title": "EncryptionAlgorithm", + "type": "string" + }, + "LocalProfileId": { + "markdownDescription": "A unique identifier for the AS2 local profile.", + "title": "LocalProfileId", + "type": "string" + }, + "MdnResponse": { + "markdownDescription": "Used for outbound requests (from an AWS Transfer Family connector to a partner AS2 server) to determine whether the partner response for transfers is synchronous or asynchronous. Specify either of the following values:\n\n- `SYNC` : The system expects a synchronous MDN response, confirming that the file was transferred successfully (or not).\n- `NONE` : Specifies that no MDN response is required.", + "title": "MdnResponse", + "type": "string" + }, + "MdnSigningAlgorithm": { + "markdownDescription": "The signing algorithm for the MDN response.\n\n> If set to DEFAULT (or not set at all), the value for `SigningAlgorithm` is used.", + "title": "MdnSigningAlgorithm", + "type": "string" + }, + "MessageSubject": { + "markdownDescription": "Used as the `Subject` HTTP header attribute in AS2 messages that are being sent with the connector.", + "title": "MessageSubject", + "type": "string" + }, + "PartnerProfileId": { + "markdownDescription": "A unique identifier for the partner profile for the connector.", + "title": "PartnerProfileId", + "type": "string" + }, + "PreserveContentType": { + "markdownDescription": "", + "title": "PreserveContentType", + "type": "string" + }, + "SigningAlgorithm": { + "markdownDescription": "The algorithm that is used to sign the AS2 messages sent with the connector.", + "title": "SigningAlgorithm", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Transfer::Connector.SftpConfig": { + "additionalProperties": false, + "properties": { + "MaxConcurrentConnections": { + "markdownDescription": "Specify the number of concurrent connections that your connector creates to the remote server. The default value is `1` . The maximum values is `5` .\n\n> If you are using the AWS Management Console , the default value is `5` . \n\nThis parameter specifies the number of active connections that your connector can establish with the remote server at the same time. Increasing this value can enhance connector performance when transferring large file batches by enabling parallel operations.", + "title": "MaxConcurrentConnections", + "type": "number" + }, + "TrustedHostKeys": { + "items": { + "type": "string" + }, + "markdownDescription": "The public portion of the host key, or keys, that are used to identify the external server to which you are connecting. You can use the `ssh-keyscan` command against the SFTP server to retrieve the necessary key.\n\n> `TrustedHostKeys` is optional for `CreateConnector` . If not provided, you can use `TestConnection` to retrieve the server host key during the initial connection attempt, and subsequently update the connector with the observed host key. \n\nThe three standard SSH public key format elements are `` , `` , and an optional `` , with spaces between each element. Specify only the `` and `` : do not enter the `` portion of the key.\n\nFor the trusted host key, AWS Transfer Family accepts RSA and ECDSA keys.\n\n- For RSA keys, the `` string is `ssh-rsa` .\n- For ECDSA keys, the `` string is either `ecdsa-sha2-nistp256` , `ecdsa-sha2-nistp384` , or `ecdsa-sha2-nistp521` , depending on the size of the key you generated.\n\nRun this command to retrieve the SFTP server host key, where your SFTP server name is `ftp.host.com` .\n\n`ssh-keyscan ftp.host.com`\n\nThis prints the public host key to standard output.\n\n`ftp.host.com ssh-rsa AAAAB3Nza... - Required when creating an SFTP connector\n> - Optional when updating an existing SFTP connector", + "title": "UserSecretId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Transfer::Profile": { "additionalProperties": false, "properties": { "Condition": { @@ -261084,25 +312342,42 @@ "Properties": { "additionalProperties": false, "properties": { - "TeamId": { - "markdownDescription": "The team ID in Slack. This ID uniquely identifies a Slack workspace, such as `T012ABCDEFG` .", - "title": "TeamId", + "As2Id": { + "markdownDescription": "The `As2Id` is the *AS2-name* , as defined in the [RFC 4130](https://docs.aws.amazon.com/https://datatracker.ietf.org/doc/html/rfc4130) . For inbound transfers, this is the `AS2-From` header for the AS2 messages sent from the partner. For outbound connectors, this is the `AS2-To` header for the AS2 messages sent to the partner using the `StartFileTransfer` API operation. This ID cannot include spaces.", + "title": "As2Id", "type": "string" }, - "VersionId": { - "markdownDescription": "An identifier used to update an existing Slack workspace configuration in AWS CloudFormation , such as `100` .", - "title": "VersionId", + "CertificateIds": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of identifiers for the imported certificates. You use this identifier for working with profiles and partner profiles.", + "title": "CertificateIds", + "type": "array" + }, + "ProfileType": { + "markdownDescription": "Indicates whether to list only `LOCAL` type profiles or only `PARTNER` type profiles. If not supplied in the request, the command lists all types of profiles.", + "title": "ProfileType", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Key-value pairs that can be used to group and search for profiles.", + "title": "Tags", + "type": "array" } }, "required": [ - "TeamId" + "As2Id", + "ProfileType" ], "type": "object" }, "Type": { "enum": [ - "AWS::SupportApp::SlackWorkspaceConfiguration" + "AWS::Transfer::Profile" ], "type": "string" }, @@ -261121,7 +312396,7 @@ ], "type": "object" }, - "AWS::Synthetics::Canary": { + "AWS::Transfer::Server": { "additionalProperties": false, "properties": { "Condition": { @@ -261156,93 +312431,106 @@ "Properties": { "additionalProperties": false, "properties": { - "ArtifactConfig": { - "$ref": "#/definitions/AWS::Synthetics::Canary.ArtifactConfig", - "markdownDescription": "A structure that contains the configuration for canary artifacts, including the encryption-at-rest settings for artifacts that the canary uploads to Amazon S3.", - "title": "ArtifactConfig" + "Certificate": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Certificate Manager (ACM) certificate. Required when `Protocols` is set to `FTPS` .\n\nTo request a new public certificate, see [Request a public certificate](https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-public.html) in the *AWS Certificate Manager User Guide* .\n\nTo import an existing certificate into ACM, see [Importing certificates into ACM](https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html) in the *AWS Certificate Manager User Guide* .\n\nTo request a private certificate to use FTPS through private IP addresses, see [Request a private certificate](https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-private.html) in the *AWS Certificate Manager User Guide* .\n\nCertificates with the following cryptographic algorithms and key sizes are supported:\n\n- 2048-bit RSA (RSA_2048)\n- 4096-bit RSA (RSA_4096)\n- Elliptic Prime Curve 256 bit (EC_prime256v1)\n- Elliptic Prime Curve 384 bit (EC_secp384r1)\n- Elliptic Prime Curve 521 bit (EC_secp521r1)\n\n> The certificate must be a valid SSL/TLS X.509 version 3 certificate with FQDN or IP address specified and information about the issuer.", + "title": "Certificate", + "type": "string" }, - "ArtifactS3Location": { - "markdownDescription": "The location in Amazon S3 where Synthetics stores artifacts from the runs of this canary. Artifacts include the log file, screenshots, and HAR files. Specify the full location path, including `s3://` at the beginning of the path.", - "title": "ArtifactS3Location", + "Domain": { + "markdownDescription": "Specifies the domain of the storage system that is used for file transfers. There are two domains available: Amazon Simple Storage Service (Amazon S3) and Amazon Elastic File System (Amazon EFS). The default value is S3.", + "title": "Domain", "type": "string" }, - "Code": { - "$ref": "#/definitions/AWS::Synthetics::Canary.Code", - "markdownDescription": "Use this structure to input your script code for the canary. This structure contains the Lambda handler with the location where the canary should start running the script. If the script is stored in an S3 bucket, the bucket name, key, and version are also included. If the script is passed into the canary directly, the script code is contained in the value of `Script` .", - "title": "Code" + "EndpointDetails": { + "$ref": "#/definitions/AWS::Transfer::Server.EndpointDetails", + "markdownDescription": "The virtual private cloud (VPC) endpoint settings that are configured for your server. When you host your endpoint within your VPC, you can make your endpoint accessible only to resources within your VPC, or you can attach Elastic IP addresses and make your endpoint accessible to clients over the internet. Your VPC's default security groups are automatically assigned to your endpoint.", + "title": "EndpointDetails" }, - "ExecutionRoleArn": { - "markdownDescription": "The ARN of the IAM role to be used to run the canary. This role must already exist, and must include `lambda.amazonaws.com` as a principal in the trust policy. The role must also have the following permissions:\n\n- `s3:PutObject`\n- `s3:GetBucketLocation`\n- `s3:ListAllMyBuckets`\n- `cloudwatch:PutMetricData`\n- `logs:CreateLogGroup`\n- `logs:CreateLogStream`\n- `logs:PutLogEvents`", - "title": "ExecutionRoleArn", + "EndpointType": { + "markdownDescription": "The type of endpoint that you want your server to use. You can choose to make your server's endpoint publicly accessible (PUBLIC) or host it inside your VPC. With an endpoint that is hosted in a VPC, you can restrict access to your server and resources only within your VPC or choose to make it internet facing by attaching Elastic IP addresses directly to it.\n\n> After May 19, 2021, you won't be able to create a server using `EndpointType=VPC_ENDPOINT` in your AWS account if your account hasn't already done so before May 19, 2021. If you have already created servers with `EndpointType=VPC_ENDPOINT` in your AWS account on or before May 19, 2021, you will not be affected. After this date, use `EndpointType` = `VPC` .\n> \n> For more information, see [Discontinuing the use of VPC_ENDPOINT](https://docs.aws.amazon.com//transfer/latest/userguide/create-server-in-vpc.html#deprecate-vpc-endpoint) .\n> \n> It is recommended that you use `VPC` as the `EndpointType` . With this endpoint type, you have the option to directly associate up to three Elastic IPv4 addresses (BYO IP included) with your server's endpoint and use VPC security groups to restrict traffic by the client's public IP address. This is not possible with `EndpointType` set to `VPC_ENDPOINT` .", + "title": "EndpointType", + "type": "string" + }, + "IdentityProviderDetails": { + "$ref": "#/definitions/AWS::Transfer::Server.IdentityProviderDetails", + "markdownDescription": "Required when `IdentityProviderType` is set to `AWS_DIRECTORY_SERVICE` , `AWS _LAMBDA` or `API_GATEWAY` . Accepts an array containing all of the information required to use a directory in `AWS_DIRECTORY_SERVICE` or invoke a customer-supplied authentication API, including the API Gateway URL. Cannot be specified when `IdentityProviderType` is set to `SERVICE_MANAGED` .", + "title": "IdentityProviderDetails" + }, + "IdentityProviderType": { + "markdownDescription": "The mode of authentication for a server. The default value is `SERVICE_MANAGED` , which allows you to store and access user credentials within the AWS Transfer Family service.\n\nUse `AWS_DIRECTORY_SERVICE` to provide access to Active Directory groups in AWS Directory Service for Microsoft Active Directory or Microsoft Active Directory in your on-premises environment or in AWS using AD Connector. This option also requires you to provide a Directory ID by using the `IdentityProviderDetails` parameter.\n\nUse the `API_GATEWAY` value to integrate with an identity provider of your choosing. The `API_GATEWAY` setting requires you to provide an Amazon API Gateway endpoint URL to call for authentication by using the `IdentityProviderDetails` parameter.\n\nUse the `AWS_LAMBDA` value to directly use an AWS Lambda function as your identity provider. If you choose this value, you must specify the ARN for the Lambda function in the `Function` parameter for the `IdentityProviderDetails` data type.", + "title": "IdentityProviderType", + "type": "string" + }, + "IpAddressType": { + "markdownDescription": "Specifies whether to use IPv4 only, or to use dual-stack (IPv4 and IPv6) for your AWS Transfer Family endpoint. The default value is `IPV4` .\n\n> The `IpAddressType` parameter has the following limitations:\n> \n> - It cannot be changed while the server is online. You must stop the server before modifying this parameter.\n> - It cannot be updated to `DUALSTACK` if the server has `AddressAllocationIds` specified. > When using `DUALSTACK` as the `IpAddressType` , you cannot set the `AddressAllocationIds` parameter for the [EndpointDetails](https://docs.aws.amazon.com/transfer/latest/APIReference/API_EndpointDetails.html) for the server.", + "title": "IpAddressType", + "type": "string" + }, + "LoggingRole": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that allows a server to turn on Amazon CloudWatch logging for Amazon S3 or Amazon EFS events. When set, you can view user activity in your CloudWatch logs.", + "title": "LoggingRole", "type": "string" }, - "FailureRetentionPeriod": { - "markdownDescription": "The number of days to retain data about failed runs of this canary. If you omit this field, the default of 31 days is used. The valid range is 1 to 455 days.\n\nThis setting affects the range of information returned by [GetCanaryRuns](https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_GetCanaryRuns.html) , as well as the range of information displayed in the Synthetics console.", - "title": "FailureRetentionPeriod", - "type": "number" + "PostAuthenticationLoginBanner": { + "markdownDescription": "Specifies a string to display when users connect to a server. This string is displayed after the user authenticates.\n\n> The SFTP protocol does not support post-authentication display banners.", + "title": "PostAuthenticationLoginBanner", + "type": "string" }, - "Name": { - "markdownDescription": "The name for this canary. Be sure to give it a descriptive name that distinguishes it from other canaries in your account.\n\nDo not include secrets or proprietary information in your canary names. The canary name makes up part of the canary ARN, and the ARN is included in outbound calls over the internet. For more information, see [Security Considerations for Synthetics Canaries](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/servicelens_canaries_security.html) .", - "title": "Name", + "PreAuthenticationLoginBanner": { + "markdownDescription": "Specifies a string to display when users connect to a server. This string is displayed before the user authenticates. For example, the following banner displays details about using the system:\n\n`This system is for the use of authorized users only. Individuals using this computer system without authority, or in excess of their authority, are subject to having all of their activities on this system monitored and recorded by system personnel.`", + "title": "PreAuthenticationLoginBanner", "type": "string" }, - "RunConfig": { - "$ref": "#/definitions/AWS::Synthetics::Canary.RunConfig", - "markdownDescription": "A structure that contains input information for a canary run. If you omit this structure, the frequency of the canary is used as canary's timeout value, up to a maximum of 900 seconds.", - "title": "RunConfig" + "ProtocolDetails": { + "$ref": "#/definitions/AWS::Transfer::Server.ProtocolDetails", + "markdownDescription": "The protocol settings that are configured for your server.\n\n- To indicate passive mode (for FTP and FTPS protocols), use the `PassiveIp` parameter. Enter a single dotted-quad IPv4 address, such as the external IP address of a firewall, router, or load balancer.\n- To ignore the error that is generated when the client attempts to use the `SETSTAT` command on a file that you are uploading to an Amazon S3 bucket, use the `SetStatOption` parameter. To have the AWS Transfer Family server ignore the `SETSTAT` command and upload files without needing to make any changes to your SFTP client, set the value to `ENABLE_NO_OP` . If you set the `SetStatOption` parameter to `ENABLE_NO_OP` , Transfer Family generates a log entry to Amazon CloudWatch Logs, so that you can determine when the client is making a `SETSTAT` call.\n- To determine whether your AWS Transfer Family server resumes recent, negotiated sessions through a unique session ID, use the `TlsSessionResumptionMode` parameter.\n- `As2Transports` indicates the transport method for the AS2 messages. Currently, only HTTP is supported.\n\nThe `Protocols` parameter is an array of strings.\n\n*Allowed values* : One or more of `SFTP` , `FTPS` , `FTP` , `AS2`", + "title": "ProtocolDetails" }, - "RuntimeVersion": { - "markdownDescription": "Specifies the runtime version to use for the canary. For more information about runtime versions, see [Canary Runtime Versions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_Library.html) .", - "title": "RuntimeVersion", - "type": "string" + "Protocols": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the file transfer protocol or protocols over which your file transfer protocol client can connect to your server's endpoint. The available protocols are:\n\n- `SFTP` (Secure Shell (SSH) File Transfer Protocol): File transfer over SSH\n- `FTPS` (File Transfer Protocol Secure): File transfer with TLS encryption\n- `FTP` (File Transfer Protocol): Unencrypted file transfer\n- `AS2` (Applicability Statement 2): used for transporting structured business-to-business data\n\n> - If you select `FTPS` , you must choose a certificate stored in AWS Certificate Manager (ACM) which is used to identify your server when clients connect to it over FTPS.\n> - If `Protocol` includes either `FTP` or `FTPS` , then the `EndpointType` must be `VPC` and the `IdentityProviderType` must be either `AWS_DIRECTORY_SERVICE` , `AWS_LAMBDA` , or `API_GATEWAY` .\n> - If `Protocol` includes `FTP` , then `AddressAllocationIds` cannot be associated.\n> - If `Protocol` is set only to `SFTP` , the `EndpointType` can be set to `PUBLIC` and the `IdentityProviderType` can be set any of the supported identity types: `SERVICE_MANAGED` , `AWS_DIRECTORY_SERVICE` , `AWS_LAMBDA` , or `API_GATEWAY` .\n> - If `Protocol` includes `AS2` , then the `EndpointType` must be `VPC` , and domain must be Amazon S3. \n\nThe `Protocols` parameter is an array of strings.\n\n*Allowed values* : One or more of `SFTP` , `FTPS` , `FTP` , `AS2`", + "title": "Protocols", + "type": "array" }, - "Schedule": { - "$ref": "#/definitions/AWS::Synthetics::Canary.Schedule", - "markdownDescription": "A structure that contains information about how often the canary is to run, and when these runs are to stop.", - "title": "Schedule" + "S3StorageOptions": { + "$ref": "#/definitions/AWS::Transfer::Server.S3StorageOptions", + "markdownDescription": "Specifies whether or not performance for your Amazon S3 directories is optimized.\n\n- If using the console, this is enabled by default.\n- If using the API or CLI, this is disabled by default.\n\nBy default, home directory mappings have a `TYPE` of `DIRECTORY` . If you enable this option, you would then need to explicitly set the `HomeDirectoryMapEntry` `Type` to `FILE` if you want a mapping to have a file target.", + "title": "S3StorageOptions" }, - "StartCanaryAfterCreation": { - "markdownDescription": "Specify TRUE to have the canary start making runs immediately after it is created.\n\nA canary that you create using CloudFormation can't be used to monitor the CloudFormation stack that creates the canary or to roll back that stack if there is a failure.", - "title": "StartCanaryAfterCreation", - "type": "boolean" + "SecurityPolicyName": { + "markdownDescription": "Specifies the name of the security policy for the server.", + "title": "SecurityPolicyName", + "type": "string" }, - "SuccessRetentionPeriod": { - "markdownDescription": "The number of days to retain data about successful runs of this canary. If you omit this field, the default of 31 days is used. The valid range is 1 to 455 days.\n\nThis setting affects the range of information returned by [GetCanaryRuns](https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_GetCanaryRuns.html) , as well as the range of information displayed in the Synthetics console.", - "title": "SuccessRetentionPeriod", - "type": "number" + "StructuredLogDestinations": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the log groups to which your server logs are sent.\n\nTo specify a log group, you must provide the ARN for an existing log group. In this case, the format of the log group is as follows:\n\n`arn:aws:logs:region-name:amazon-account-id:log-group:log-group-name:*`\n\nFor example, `arn:aws:logs:us-east-1:111122223333:log-group:mytestgroup:*`\n\nIf you have previously specified a log group for a server, you can clear it, and in effect turn off structured logging, by providing an empty value for this parameter in an `update-server` call. For example:\n\n`update-server --server-id s-1234567890abcdef0 --structured-log-destinations`", + "title": "StructuredLogDestinations", + "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The list of key-value pairs that are associated with the canary.", + "markdownDescription": "Key-value pairs that can be used to group and search for servers.", "title": "Tags", "type": "array" }, - "VPCConfig": { - "$ref": "#/definitions/AWS::Synthetics::Canary.VPCConfig", - "markdownDescription": "If this canary is to test an endpoint in a VPC, this structure contains information about the subnet and security groups of the VPC endpoint. For more information, see [Running a Canary in a VPC](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_VPC.html) .", - "title": "VPCConfig" - }, - "VisualReference": { - "$ref": "#/definitions/AWS::Synthetics::Canary.VisualReference", - "markdownDescription": "If this canary performs visual monitoring by comparing screenshots, this structure contains the ID of the canary run to use as the baseline for screenshots, and the coordinates of any parts of the screen to ignore during the visual monitoring comparison.", - "title": "VisualReference" + "WorkflowDetails": { + "$ref": "#/definitions/AWS::Transfer::Server.WorkflowDetails", + "markdownDescription": "Specifies the workflow ID for the workflow to assign and the execution role that's used for executing the workflow.\n\nIn addition to a workflow to execute when a file is uploaded completely, `WorkflowDetails` can also contain a workflow ID (and execution role) for a workflow to execute on partial upload. A partial upload occurs when a file is open when the session disconnects.", + "title": "WorkflowDetails" } }, - "required": [ - "ArtifactS3Location", - "Code", - "ExecutionRoleArn", - "Name", - "RuntimeVersion", - "Schedule" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Synthetics::Canary" + "AWS::Transfer::Server" ], "type": "string" }, @@ -261256,204 +312544,164 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Synthetics::Canary.ArtifactConfig": { - "additionalProperties": false, - "properties": { - "S3Encryption": { - "$ref": "#/definitions/AWS::Synthetics::Canary.S3Encryption", - "markdownDescription": "A structure that contains the configuration of the encryption-at-rest settings for artifacts that the canary uploads to Amazon S3 . Artifact encryption functionality is available only for canaries that use Synthetics runtime version syn-nodejs-puppeteer-3.3 or later. For more information, see [Encrypting canary artifacts](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_artifact_encryption.html) .", - "title": "S3Encryption" - } - }, - "type": "object" - }, - "AWS::Synthetics::Canary.BaseScreenshot": { + "AWS::Transfer::Server.EndpointDetails": { "additionalProperties": false, "properties": { - "IgnoreCoordinates": { + "AddressAllocationIds": { "items": { "type": "string" }, - "markdownDescription": "Coordinates that define the part of a screen to ignore during screenshot comparisons. To obtain the coordinates to use here, use the CloudWatch console to draw the boundaries on the screen. For more information, see [Edit or delete a canary](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/synthetics_canaries_deletion.html) .", - "title": "IgnoreCoordinates", + "markdownDescription": "A list of address allocation IDs that are required to attach an Elastic IP address to your server's endpoint.\n\nAn address allocation ID corresponds to the allocation ID of an Elastic IP address. This value can be retrieved from the `allocationId` field from the Amazon EC2 [Address](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_Address.html) data type. One way to retrieve this value is by calling the EC2 [DescribeAddresses](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAddresses.html) API.\n\nThis parameter is optional. Set this parameter if you want to make your VPC endpoint public-facing. For details, see [Create an internet-facing endpoint for your server](https://docs.aws.amazon.com/transfer/latest/userguide/create-server-in-vpc.html#create-internet-facing-endpoint) .\n\n> This property can only be set as follows:\n> \n> - `EndpointType` must be set to `VPC`\n> - The Transfer Family server must be offline.\n> - You cannot set this parameter for Transfer Family servers that use the FTP protocol.\n> - The server must already have `SubnetIds` populated ( `SubnetIds` and `AddressAllocationIds` cannot be updated simultaneously).\n> - `AddressAllocationIds` can't contain duplicates, and must be equal in length to `SubnetIds` . For example, if you have three subnet IDs, you must also specify three address allocation IDs.\n> - Call the `UpdateServer` API to set or change this parameter.\n> - You can't set address allocation IDs for servers that have an `IpAddressType` set to `DUALSTACK` You can only set this property if `IpAddressType` is set to `IPV4` .", + "title": "AddressAllocationIds", "type": "array" }, - "ScreenshotName": { - "markdownDescription": "The name of the screenshot. This is generated the first time the canary is run after the `UpdateCanary` operation that specified for this canary to perform visual monitoring.", - "title": "ScreenshotName", + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of security groups IDs that are available to attach to your server's endpoint.\n\n> This property can only be set when `EndpointType` is set to `VPC` .\n> \n> You can edit the `SecurityGroupIds` property in the [UpdateServer](https://docs.aws.amazon.com/transfer/latest/userguide/API_UpdateServer.html) API only if you are changing the `EndpointType` from `PUBLIC` or `VPC_ENDPOINT` to `VPC` . To change security groups associated with your server's VPC endpoint after creation, use the Amazon EC2 [ModifyVpcEndpoint](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVpcEndpoint.html) API.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of subnet IDs that are required to host your server endpoint in your VPC.\n\n> This property can only be set when `EndpointType` is set to `VPC` .", + "title": "SubnetIds", + "type": "array" + }, + "VpcEndpointId": { + "markdownDescription": "The ID of the VPC endpoint.\n\n> This property can only be set when `EndpointType` is set to `VPC_ENDPOINT` .", + "title": "VpcEndpointId", + "type": "string" + }, + "VpcId": { + "markdownDescription": "The VPC ID of the virtual private cloud in which the server's endpoint will be hosted.\n\n> This property can only be set when `EndpointType` is set to `VPC` .", + "title": "VpcId", "type": "string" } }, - "required": [ - "ScreenshotName" - ], "type": "object" }, - "AWS::Synthetics::Canary.Code": { + "AWS::Transfer::Server.IdentityProviderDetails": { "additionalProperties": false, "properties": { - "Handler": { - "markdownDescription": "The entry point to use for the source code when running the canary. For canaries that use the `syn-python-selenium-1.0` runtime or a `syn-nodejs.puppeteer` runtime earlier than `syn-nodejs.puppeteer-3.4` , the handler must be specified as `*fileName* .handler` . For `syn-python-selenium-1.1` , `syn-nodejs.puppeteer-3.4` , and later runtimes, the handler can be specified as `*fileName* . *functionName*` , or you can specify a folder where canary scripts reside as `*folder* / *fileName* . *functionName*` .", - "title": "Handler", - "type": "string" - }, - "S3Bucket": { - "markdownDescription": "If your canary script is located in S3, specify the bucket name here. The bucket must already exist.", - "title": "S3Bucket", + "DirectoryId": { + "markdownDescription": "The identifier of the AWS Directory Service directory that you want to use as your identity provider.", + "title": "DirectoryId", "type": "string" }, - "S3Key": { - "markdownDescription": "The Amazon S3 key of your script. For more information, see [Working with Amazon S3 Objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingObjects.html) .", - "title": "S3Key", + "Function": { + "markdownDescription": "The ARN for a Lambda function to use for the Identity provider.", + "title": "Function", "type": "string" }, - "S3ObjectVersion": { - "markdownDescription": "The Amazon S3 version ID of your script.", - "title": "S3ObjectVersion", + "InvocationRole": { + "markdownDescription": "This parameter is only applicable if your `IdentityProviderType` is `API_GATEWAY` . Provides the type of `InvocationRole` used to authenticate the user account.", + "title": "InvocationRole", "type": "string" }, - "Script": { - "markdownDescription": "If you input your canary script directly into the canary instead of referring to an S3 location, the value of this parameter is the script in plain text. It can be up to 5 MB.", - "title": "Script", + "SftpAuthenticationMethods": { + "markdownDescription": "For SFTP-enabled servers, and for custom identity providers *only* , you can specify whether to authenticate using a password, SSH key pair, or both.\n\n- `PASSWORD` - users must provide their password to connect.\n- `PUBLIC_KEY` - users must provide their private key to connect.\n- `PUBLIC_KEY_OR_PASSWORD` - users can authenticate with either their password or their key. This is the default value.\n- `PUBLIC_KEY_AND_PASSWORD` - users must provide both their private key and their password to connect. The server checks the key first, and then if the key is valid, the system prompts for a password. If the private key provided does not match the public key that is stored, authentication fails.", + "title": "SftpAuthenticationMethods", "type": "string" }, - "SourceLocationArn": { - "markdownDescription": "The ARN of the Lambda layer where Synthetics stores the canary script code.", - "title": "SourceLocationArn", + "Url": { + "markdownDescription": "Provides the location of the service endpoint used to authenticate users.", + "title": "Url", "type": "string" } }, - "required": [ - "Handler" - ], "type": "object" }, - "AWS::Synthetics::Canary.RunConfig": { + "AWS::Transfer::Server.ProtocolDetails": { "additionalProperties": false, "properties": { - "ActiveTracing": { - "markdownDescription": "Specifies whether this canary is to use active AWS X-Ray tracing when it runs. Active tracing enables this canary run to be displayed in the ServiceLens and X-Ray service maps even if the canary does not hit an endpoint that has X-Ray tracing enabled. Using X-Ray tracing incurs charges. For more information, see [Canaries and X-Ray tracing](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_tracing.html) .\n\nYou can enable active tracing only for canaries that use version `syn-nodejs-2.0` or later for their canary runtime.", - "title": "ActiveTracing", - "type": "boolean" - }, - "EnvironmentVariables": { - "additionalProperties": true, - "markdownDescription": "Specifies the keys and values to use for any environment variables used in the canary script. Use the following format:\n\n{ \"key1\" : \"value1\", \"key2\" : \"value2\", ...}\n\nKeys must start with a letter and be at least two characters. The total size of your environment variables cannot exceed 4 KB. You can't specify any Lambda reserved environment variables as the keys for your environment variables. For more information about reserved keys, see [Runtime environment variables](https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html#configuration-envvars-runtime) .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "As2Transports": { + "items": { + "type": "string" }, - "title": "EnvironmentVariables", - "type": "object" + "markdownDescription": "List of `As2Transport` objects.", + "title": "As2Transports", + "type": "array" }, - "MemoryInMB": { - "markdownDescription": "The maximum amount of memory that the canary can use while running. This value must be a multiple of 64. The range is 960 to 3008.", - "title": "MemoryInMB", - "type": "number" + "PassiveIp": { + "markdownDescription": "Indicates passive mode, for FTP and FTPS protocols. Enter a single IPv4 address, such as the public IP address of a firewall, router, or load balancer. For example:\n\n`aws transfer update-server --protocol-details PassiveIp=0.0.0.0`\n\nReplace `0.0.0.0` in the example above with the actual IP address you want to use.\n\n> If you change the `PassiveIp` value, you must stop and then restart your Transfer Family server for the change to take effect. For details on using passive mode (PASV) in a NAT environment, see [Configuring your FTPS server behind a firewall or NAT with AWS Transfer Family](https://docs.aws.amazon.com/storage/configuring-your-ftps-server-behind-a-firewall-or-nat-with-aws-transfer-family/) . \n\n*Special values*\n\nThe `AUTO` and `0.0.0.0` are special values for the `PassiveIp` parameter. The value `PassiveIp=AUTO` is assigned by default to FTP and FTPS type servers. In this case, the server automatically responds with one of the endpoint IPs within the PASV response. `PassiveIp=0.0.0.0` has a more unique application for its usage. For example, if you have a High Availability (HA) Network Load Balancer (NLB) environment, where you have 3 subnets, you can only specify a single IP address using the `PassiveIp` parameter. This reduces the effectiveness of having High Availability. In this case, you can specify `PassiveIp=0.0.0.0` . This tells the client to use the same IP address as the Control connection and utilize all AZs for their connections. Note, however, that not all FTP clients support the `PassiveIp=0.0.0.0` response. FileZilla and WinSCP do support it. If you are using other clients, check to see if your client supports the `PassiveIp=0.0.0.0` response.", + "title": "PassiveIp", + "type": "string" }, - "TimeoutInSeconds": { - "markdownDescription": "How long the canary is allowed to run before it must stop. You can't set this time to be longer than the frequency of the runs of this canary.\n\nIf you omit this field, the frequency of the canary is used as this value, up to a maximum of 900 seconds.", - "title": "TimeoutInSeconds", - "type": "number" + "SetStatOption": { + "markdownDescription": "Use the `SetStatOption` to ignore the error that is generated when the client attempts to use `SETSTAT` on a file you are uploading to an S3 bucket.\n\nSome SFTP file transfer clients can attempt to change the attributes of remote files, including timestamp and permissions, using commands, such as `SETSTAT` when uploading the file. However, these commands are not compatible with object storage systems, such as Amazon S3. Due to this incompatibility, file uploads from these clients can result in errors even when the file is otherwise successfully uploaded.\n\nSet the value to `ENABLE_NO_OP` to have the Transfer Family server ignore the `SETSTAT` command, and upload files without needing to make any changes to your SFTP client. While the `SetStatOption` `ENABLE_NO_OP` setting ignores the error, it does generate a log entry in Amazon CloudWatch Logs, so you can determine when the client is making a `SETSTAT` call.\n\n> If you want to preserve the original timestamp for your file, and modify other file attributes using `SETSTAT` , you can use Amazon EFS as backend storage with Transfer Family.", + "title": "SetStatOption", + "type": "string" + }, + "TlsSessionResumptionMode": { + "markdownDescription": "A property used with Transfer Family servers that use the FTPS protocol. TLS Session Resumption provides a mechanism to resume or share a negotiated secret key between the control and data connection for an FTPS session. `TlsSessionResumptionMode` determines whether or not the server resumes recent, negotiated sessions through a unique session ID. This property is available during `CreateServer` and `UpdateServer` calls. If a `TlsSessionResumptionMode` value is not specified during `CreateServer` , it is set to `ENFORCED` by default.\n\n- `DISABLED` : the server does not process TLS session resumption client requests and creates a new TLS session for each request.\n- `ENABLED` : the server processes and accepts clients that are performing TLS session resumption. The server doesn't reject client data connections that do not perform the TLS session resumption client processing.\n- `ENFORCED` : the server processes and accepts clients that are performing TLS session resumption. The server rejects client data connections that do not perform the TLS session resumption client processing. Before you set the value to `ENFORCED` , test your clients.\n\n> Not all FTPS clients perform TLS session resumption. So, if you choose to enforce TLS session resumption, you prevent any connections from FTPS clients that don't perform the protocol negotiation. To determine whether or not you can use the `ENFORCED` value, you need to test your clients.", + "title": "TlsSessionResumptionMode", + "type": "string" } }, "type": "object" }, - "AWS::Synthetics::Canary.S3Encryption": { + "AWS::Transfer::Server.S3StorageOptions": { "additionalProperties": false, "properties": { - "EncryptionMode": { - "markdownDescription": "The encryption method to use for artifacts created by this canary. Specify `SSE_S3` to use server-side encryption (SSE) with an Amazon S3-managed key. Specify `SSE-KMS` to use server-side encryption with a customer-managed AWS KMS key.\n\nIf you omit this parameter, an AWS -managed AWS KMS key is used.", - "title": "EncryptionMode", - "type": "string" - }, - "KmsKeyArn": { - "markdownDescription": "The ARN of the customer-managed AWS KMS key to use, if you specify `SSE-KMS` for `EncryptionMode`", - "title": "KmsKeyArn", + "DirectoryListingOptimization": { + "markdownDescription": "Specifies whether or not performance for your Amazon S3 directories is optimized.\n\n- If using the console, this is enabled by default.\n- If using the API or CLI, this is disabled by default.\n\nBy default, home directory mappings have a `TYPE` of `DIRECTORY` . If you enable this option, you would then need to explicitly set the `HomeDirectoryMapEntry` `Type` to `FILE` if you want a mapping to have a file target.", + "title": "DirectoryListingOptimization", "type": "string" } }, "type": "object" }, - "AWS::Synthetics::Canary.Schedule": { + "AWS::Transfer::Server.WorkflowDetail": { "additionalProperties": false, "properties": { - "DurationInSeconds": { - "markdownDescription": "How long, in seconds, for the canary to continue making regular runs according to the schedule in the `Expression` value. If you specify 0, the canary continues making runs until you stop it. If you omit this field, the default of 0 is used.", - "title": "DurationInSeconds", + "ExecutionRole": { + "markdownDescription": "Includes the necessary permissions for S3, EFS, and Lambda operations that Transfer can assume, so that all workflow steps can operate on the required resources", + "title": "ExecutionRole", "type": "string" }, - "Expression": { - "markdownDescription": "A `rate` expression or a `cron` expression that defines how often the canary is to run.\n\nFor a rate expression, The syntax is `rate( *number unit* )` . *unit* can be `minute` , `minutes` , or `hour` .\n\nFor example, `rate(1 minute)` runs the canary once a minute, `rate(10 minutes)` runs it once every 10 minutes, and `rate(1 hour)` runs it once every hour. You can specify a frequency between `rate(1 minute)` and `rate(1 hour)` .\n\nSpecifying `rate(0 minute)` or `rate(0 hour)` is a special value that causes the canary to run only once when it is started.\n\nUse `cron( *expression* )` to specify a cron expression. You can't schedule a canary to wait for more than a year before running. For information about the syntax for cron expressions, see [Scheduling canary runs using cron](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_cron.html) .", - "title": "Expression", + "WorkflowId": { + "markdownDescription": "A unique identifier for the workflow.", + "title": "WorkflowId", "type": "string" } }, "required": [ - "Expression" + "ExecutionRole", + "WorkflowId" ], "type": "object" }, - "AWS::Synthetics::Canary.VPCConfig": { + "AWS::Transfer::Server.WorkflowDetails": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the security groups for this canary.", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetIds": { + "OnPartialUpload": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Transfer::Server.WorkflowDetail" }, - "markdownDescription": "The IDs of the subnets where this canary is to run.", - "title": "SubnetIds", + "markdownDescription": "A trigger that starts a workflow if a file is only partially uploaded. You can attach a workflow to a server that executes whenever there is a partial upload.\n\nA *partial upload* occurs when a file is open when the session disconnects.\n\n> `OnPartialUpload` can contain a maximum of one `WorkflowDetail` object.", + "title": "OnPartialUpload", "type": "array" }, - "VpcId": { - "markdownDescription": "The ID of the VPC where this canary is to run.", - "title": "VpcId", - "type": "string" - } - }, - "required": [ - "SecurityGroupIds", - "SubnetIds" - ], - "type": "object" - }, - "AWS::Synthetics::Canary.VisualReference": { - "additionalProperties": false, - "properties": { - "BaseCanaryRunId": { - "markdownDescription": "Specifies which canary run to use the screenshots from as the baseline for future visual monitoring with this canary. Valid values are `nextrun` to use the screenshots from the next run after this update is made, `lastrun` to use the screenshots from the most recent run before this update was made, or the value of `Id` in the [CanaryRun](https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_CanaryRun.html) from any past run of this canary.", - "title": "BaseCanaryRunId", - "type": "string" - }, - "BaseScreenshots": { + "OnUpload": { "items": { - "$ref": "#/definitions/AWS::Synthetics::Canary.BaseScreenshot" + "$ref": "#/definitions/AWS::Transfer::Server.WorkflowDetail" }, - "markdownDescription": "An array of screenshots that are used as the baseline for comparisons during visual monitoring.", - "title": "BaseScreenshots", + "markdownDescription": "A trigger that starts a workflow: the workflow begins to execute after a file is uploaded.\n\nTo remove an associated workflow from a server, you can provide an empty `OnUpload` object, as in the following example.\n\n`aws transfer update-server --server-id s-01234567890abcdef --workflow-details '{\"OnUpload\":[]}'`\n\n> `OnUpload` can contain a maximum of one `WorkflowDetail` object.", + "title": "OnUpload", "type": "array" } }, - "required": [ - "BaseCanaryRunId" - ], "type": "object" }, - "AWS::Synthetics::Group": { + "AWS::Transfer::User": { "additionalProperties": false, "properties": { "Condition": { @@ -261488,36 +312736,76 @@ "Properties": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "A name for the group. It can include any Unicode characters.\n\nThe names for all groups in your account, across all Regions, must be unique.", - "title": "Name", + "HomeDirectory": { + "markdownDescription": "The landing directory (folder) for a user when they log in to the server using the client.\n\nA `HomeDirectory` example is `/bucket_name/home/mydirectory` .\n\n> You can use the `HomeDirectory` parameter for `HomeDirectoryType` when it is set to either `PATH` or `LOGICAL` .", + "title": "HomeDirectory", "type": "string" }, - "ResourceArns": { + "HomeDirectoryMappings": { + "items": { + "$ref": "#/definitions/AWS::Transfer::User.HomeDirectoryMapEntry" + }, + "markdownDescription": "Logical directory mappings that specify what Amazon S3 or Amazon EFS paths and keys should be visible to your user and how you want to make them visible. You must specify the `Entry` and `Target` pair, where `Entry` shows how the path is made visible and `Target` is the actual Amazon S3 or Amazon EFS path. If you only specify a target, it is displayed as is. You also must ensure that your AWS Identity and Access Management (IAM) role provides access to paths in `Target` . This value can be set only when `HomeDirectoryType` is set to *LOGICAL* .\n\nThe following is an `Entry` and `Target` pair example.\n\n`[ { \"Entry\": \"/directory1\", \"Target\": \"/bucket_name/home/mydirectory\" } ]`\n\nIn most cases, you can use this value instead of the session policy to lock your user down to the designated home directory (\" `chroot` \"). To do this, you can set `Entry` to `/` and set `Target` to the value the user should see for their home directory when they log in.\n\nThe following is an `Entry` and `Target` pair example for `chroot` .\n\n`[ { \"Entry\": \"/\", \"Target\": \"/bucket_name/home/mydirectory\" } ]`", + "title": "HomeDirectoryMappings", + "type": "array" + }, + "HomeDirectoryType": { + "markdownDescription": "The type of landing directory (folder) that you want your users' home directory to be when they log in to the server. If you set it to `PATH` , the user will see the absolute Amazon S3 bucket or Amazon EFS path as is in their file transfer protocol clients. If you set it to `LOGICAL` , you need to provide mappings in the `HomeDirectoryMappings` for how you want to make Amazon S3 or Amazon EFS paths visible to your users.\n\n> If `HomeDirectoryType` is `LOGICAL` , you must provide mappings, using the `HomeDirectoryMappings` parameter. If, on the other hand, `HomeDirectoryType` is `PATH` , you provide an absolute path using the `HomeDirectory` parameter. You cannot have both `HomeDirectory` and `HomeDirectoryMappings` in your template.", + "title": "HomeDirectoryType", + "type": "string" + }, + "Policy": { + "markdownDescription": "A session policy for your user so you can use the same IAM role across multiple users. This policy restricts user access to portions of their Amazon S3 bucket. Variables that you can use inside this policy include `${Transfer:UserName}` , `${Transfer:HomeDirectory}` , and `${Transfer:HomeBucket}` .\n\n> For session policies, AWS Transfer Family stores the policy as a JSON blob, instead of the Amazon Resource Name (ARN) of the policy. You save the policy as a JSON blob and pass it in the `Policy` argument.\n> \n> For an example of a session policy, see [Example session policy](https://docs.aws.amazon.com/transfer/latest/userguide/session-policy.html) .\n> \n> For more information, see [AssumeRole](https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html) in the *AWS Security Token Service API Reference* .", + "title": "Policy", + "type": "string" + }, + "PosixProfile": { + "$ref": "#/definitions/AWS::Transfer::User.PosixProfile", + "markdownDescription": "Specifies the full POSIX identity, including user ID ( `Uid` ), group ID ( `Gid` ), and any secondary groups IDs ( `SecondaryGids` ), that controls your users' access to your Amazon Elastic File System (Amazon EFS) file systems. The POSIX permissions that are set on files and directories in your file system determine the level of access your users get when transferring files into and out of your Amazon EFS file systems.", + "title": "PosixProfile" + }, + "Role": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that controls your users' access to your Amazon S3 bucket or Amazon EFS file system. The policies attached to this role determine the level of access that you want to provide your users when transferring files into and out of your Amazon S3 bucket or Amazon EFS file system. The IAM role should also contain a trust relationship that allows the server to access your resources when servicing your users' transfer requests.", + "title": "Role", + "type": "string" + }, + "ServerId": { + "markdownDescription": "A system-assigned unique identifier for a server instance. This is the specific server that you added your user to.", + "title": "ServerId", + "type": "string" + }, + "SshPublicKeys": { "items": { "type": "string" }, - "markdownDescription": "The ARNs of the canaries that you want to associate with this group.", - "title": "ResourceArns", + "markdownDescription": "Specifies the public key portion of the Secure Shell (SSH) keys stored for the described user.\n\n> To delete the public key body, set its value to zero keys, as shown here:\n> \n> `SshPublicKeys: []`", + "title": "SshPublicKeys", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The list of key-value pairs that are associated with the group.", + "markdownDescription": "Key-value pairs that can be used to group and search for users. Tags are metadata attached to users for any purpose.", "title": "Tags", "type": "array" + }, + "UserName": { + "markdownDescription": "A unique string that identifies a user and is associated with a `ServerId` . This user name must be a minimum of 3 and a maximum of 100 characters long. The following are valid characters: a-z, A-Z, 0-9, underscore '_', hyphen '-', period '.', and at sign '@'. The user name can't start with a hyphen, period, or at sign.", + "title": "UserName", + "type": "string" } }, "required": [ - "Name" + "Role", + "ServerId", + "UserName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Synthetics::Group" + "AWS::Transfer::User" ], "type": "string" }, @@ -261536,7 +312824,60 @@ ], "type": "object" }, - "AWS::SystemsManagerSAP::Application": { + "AWS::Transfer::User.HomeDirectoryMapEntry": { + "additionalProperties": false, + "properties": { + "Entry": { + "markdownDescription": "Represents an entry for `HomeDirectoryMappings` .", + "title": "Entry", + "type": "string" + }, + "Target": { + "markdownDescription": "Represents the map target that is used in a `HomeDirectoryMapEntry` .", + "title": "Target", + "type": "string" + }, + "Type": { + "markdownDescription": "Specifies the type of mapping. Set the type to `FILE` if you want the mapping to point to a file, or `DIRECTORY` for the directory to point to a directory.\n\n> By default, home directory mappings have a `Type` of `DIRECTORY` when you create a Transfer Family server. You would need to explicitly set `Type` to `FILE` if you want a mapping to have a file target.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Entry", + "Target" + ], + "type": "object" + }, + "AWS::Transfer::User.PosixProfile": { + "additionalProperties": false, + "properties": { + "Gid": { + "markdownDescription": "The POSIX group ID used for all EFS operations by this user.", + "title": "Gid", + "type": "number" + }, + "SecondaryGids": { + "items": { + "type": "number" + }, + "markdownDescription": "The secondary POSIX group IDs used for all EFS operations by this user.", + "title": "SecondaryGids", + "type": "array" + }, + "Uid": { + "markdownDescription": "The POSIX user ID used for all EFS operations by this user.", + "title": "Uid", + "type": "number" + } + }, + "required": [ + "Gid", + "Uid" + ], + "type": "object" + }, + "AWS::Transfer::WebApp": { "additionalProperties": false, "properties": { "Condition": { @@ -261571,60 +312912,48 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationId": { - "markdownDescription": "The ID of the application.", - "title": "ApplicationId", - "type": "string" - }, - "ApplicationType": { - "markdownDescription": "The type of the application.", - "title": "ApplicationType", + "AccessEndpoint": { + "markdownDescription": "The `AccessEndpoint` is the URL that you provide to your users for them to interact with the Transfer Family web app. You can specify a custom URL or use the default value.\n\nBefore you enter a custom URL for this parameter, follow the steps described in [Update your access endpoint with a custom URL](https://docs.aws.amazon.com//transfer/latest/userguide/webapp-customize.html) .", + "title": "AccessEndpoint", "type": "string" }, - "Credentials": { - "items": { - "$ref": "#/definitions/AWS::SystemsManagerSAP::Application.Credential" - }, - "markdownDescription": "The credentials of the SAP application.", - "title": "Credentials", - "type": "array" + "IdentityProviderDetails": { + "$ref": "#/definitions/AWS::Transfer::WebApp.IdentityProviderDetails", + "markdownDescription": "You can provide a structure that contains the details for the identity provider to use with your web app.\n\nFor more details about this parameter, see [Configure your identity provider for Transfer Family web apps](https://docs.aws.amazon.com//transfer/latest/userguide/webapp-identity-center.html) .", + "title": "IdentityProviderDetails" }, - "Instances": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The Amazon EC2 instances on which your SAP application is running.", - "title": "Instances", + "markdownDescription": "Key-value pairs that can be used to group and search for web apps. Tags are metadata attached to web apps for any purpose.", + "title": "Tags", "type": "array" }, - "SapInstanceNumber": { - "markdownDescription": "The SAP instance number of the application.", - "title": "SapInstanceNumber", - "type": "string" + "WebAppCustomization": { + "$ref": "#/definitions/AWS::Transfer::WebApp.WebAppCustomization", + "markdownDescription": "A structure that contains the customization fields for the web app. You can provide a title, logo, and icon to customize the appearance of your web app.", + "title": "WebAppCustomization" }, - "Sid": { - "markdownDescription": "The System ID of the application.", - "title": "Sid", + "WebAppEndpointPolicy": { + "markdownDescription": "Setting for the type of endpoint policy for the web app. The default value is `STANDARD` .\n\nIf your web app was created in an AWS GovCloud (US) Region , the value of this parameter can be `FIPS` , which indicates the web app endpoint is FIPS-compliant.", + "title": "WebAppEndpointPolicy", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags on the application.", - "title": "Tags", - "type": "array" + "WebAppUnits": { + "$ref": "#/definitions/AWS::Transfer::WebApp.WebAppUnits", + "markdownDescription": "A union that contains the value for number of concurrent connections or the user sessions on your web app.", + "title": "WebAppUnits" } }, "required": [ - "ApplicationId", - "ApplicationType" + "IdentityProviderDetails" ], "type": "object" }, "Type": { "enum": [ - "AWS::SystemsManagerSAP::Application" + "AWS::Transfer::WebApp" ], "type": "string" }, @@ -261643,104 +312972,63 @@ ], "type": "object" }, - "AWS::SystemsManagerSAP::Application.Credential": { + "AWS::Transfer::WebApp.IdentityProviderDetails": { "additionalProperties": false, "properties": { - "CredentialType": { - "markdownDescription": "The type of the application credentials.", - "title": "CredentialType", + "ApplicationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the IAM Identity Center application: this value is set automatically when you create your web app.", + "title": "ApplicationArn", "type": "string" }, - "DatabaseName": { - "markdownDescription": "The name of the SAP HANA database.", - "title": "DatabaseName", + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the IAM Identity Center used for the web app.", + "title": "InstanceArn", "type": "string" }, - "SecretId": { - "markdownDescription": "The secret ID created in AWS Secrets Manager to store the credentials of the SAP application.", - "title": "SecretId", + "Role": { + "markdownDescription": "The IAM role in IAM Identity Center used for the web app.", + "title": "Role", "type": "string" } }, "type": "object" }, - "AWS::Timestream::Database": { + "AWS::Transfer::WebApp.WebAppCustomization": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FaviconFile": { + "markdownDescription": "Returns an icon file data string (in base64 encoding).", + "title": "FaviconFile", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DatabaseName": { - "markdownDescription": "The name of the Timestream database.\n\n*Length Constraints* : Minimum length of 3 bytes. Maximum length of 256 bytes.", - "title": "DatabaseName", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "The identifier of the AWS KMS key used to encrypt the data stored in the database.", - "title": "KmsKeyId", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to add to the database.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Timestream::Database" - ], + "LogoFile": { + "markdownDescription": "Returns a logo file data string (in base64 encoding).", + "title": "LogoFile", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Title": { + "markdownDescription": "Returns the page title that you defined for your web app.", + "title": "Title", "type": "string" } }, + "type": "object" + }, + "AWS::Transfer::WebApp.WebAppUnits": { + "additionalProperties": false, + "properties": { + "Provisioned": { + "markdownDescription": "An integer that represents the number of units for your desired number of concurrent connections, or the number of user sessions on your web app at the same time.\n\nEach increment allows an additional 250 concurrent sessions: a value of `1` sets the number of concurrent sessions to 250; `2` sets a value of 500, and so on.", + "title": "Provisioned", + "type": "number" + } + }, "required": [ - "Type" + "Provisioned" ], "type": "object" }, - "AWS::Timestream::InfluxDBInstance": { + "AWS::Transfer::Workflow": { "additionalProperties": false, "properties": { "Condition": { @@ -261775,96 +313063,44 @@ "Properties": { "additionalProperties": false, "properties": { - "AllocatedStorage": { - "markdownDescription": "The amount of storage to allocate for your DB storage type in GiB (gibibytes).", - "title": "AllocatedStorage", - "type": "number" - }, - "Bucket": { - "markdownDescription": "The name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization.", - "title": "Bucket", - "type": "string" - }, - "DbInstanceType": { - "markdownDescription": "The Timestream for InfluxDB DB instance type to run on.", - "title": "DbInstanceType", - "type": "string" - }, - "DbParameterGroupIdentifier": { - "markdownDescription": "The name or id of the DB parameter group to assign to your DB instance. DB parameter groups specify how the database is configured. For example, DB parameter groups can specify the limit for query concurrency.", - "title": "DbParameterGroupIdentifier", - "type": "string" - }, - "DbStorageType": { - "markdownDescription": "The Timestream for InfluxDB DB storage type to read and write InfluxDB data.\n\nYou can choose between 3 different types of provisioned Influx IOPS included storage according to your workloads requirements:\n\n- Influx IO Included 3000 IOPS\n- Influx IO Included 12000 IOPS\n- Influx IO Included 16000 IOPS", - "title": "DbStorageType", - "type": "string" - }, - "DeploymentType": { - "markdownDescription": "Specifies whether the Timestream for InfluxDB is deployed as Single-AZ or with a MultiAZ Standby for High availability.", - "title": "DeploymentType", - "type": "string" - }, - "LogDeliveryConfiguration": { - "$ref": "#/definitions/AWS::Timestream::InfluxDBInstance.LogDeliveryConfiguration", - "markdownDescription": "Configuration for sending InfluxDB engine logs to a specified S3 bucket.", - "title": "LogDeliveryConfiguration" - }, - "Name": { - "markdownDescription": "The name that uniquely identifies the DB instance when interacting with the Amazon Timestream for InfluxDB API and CLI commands. This name will also be a prefix included in the endpoint. DB instance names must be unique per customer and per region.", - "title": "Name", - "type": "string" - }, - "Organization": { - "markdownDescription": "The name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users.", - "title": "Organization", - "type": "string" - }, - "Password": { - "markdownDescription": "The password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. These attributes will be stored in a Secret created in Amazon SecretManager in your account.", - "title": "Password", + "Description": { + "markdownDescription": "Specifies the text description for the workflow.", + "title": "Description", "type": "string" }, - "PubliclyAccessible": { - "markdownDescription": "Configures the DB instance with a public IP to facilitate access.", - "title": "PubliclyAccessible", - "type": "boolean" - }, - "Tags": { + "OnExceptionSteps": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Transfer::Workflow.WorkflowStep" }, - "markdownDescription": "A list of key-value pairs to associate with the DB instance.", - "title": "Tags", + "markdownDescription": "Specifies the steps (actions) to take if errors are encountered during execution of the workflow.", + "title": "OnExceptionSteps", "type": "array" }, - "Username": { - "markdownDescription": "The username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. For example, my-user1. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. These attributes will be stored in a Secret created in Amazon Secrets Manager in your account.", - "title": "Username", - "type": "string" - }, - "VpcSecurityGroupIds": { + "Steps": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Transfer::Workflow.WorkflowStep" }, - "markdownDescription": "A list of VPC security group IDs to associate with the DB instance.", - "title": "VpcSecurityGroupIds", + "markdownDescription": "Specifies the details for the steps that are in the specified workflow.", + "title": "Steps", "type": "array" }, - "VpcSubnetIds": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of VPC subnet IDs to associate with the DB instance. Provide at least two VPC subnet IDs in different availability zones when deploying with a Multi-AZ standby.", - "title": "VpcSubnetIds", + "markdownDescription": "Key-value pairs that can be used to group and search for workflows. Tags are metadata attached to workflows for any purpose.", + "title": "Tags", "type": "array" } }, + "required": [ + "Steps" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Timestream::InfluxDBInstance" + "AWS::Transfer::Workflow" ], "type": "string" }, @@ -261878,45 +313114,254 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Timestream::InfluxDBInstance.LogDeliveryConfiguration": { + "AWS::Transfer::Workflow.CopyStepDetails": { "additionalProperties": false, "properties": { - "S3Configuration": { - "$ref": "#/definitions/AWS::Timestream::InfluxDBInstance.S3Configuration", - "markdownDescription": "Configuration for S3 bucket log delivery", - "title": "S3Configuration" + "DestinationFileLocation": { + "$ref": "#/definitions/AWS::Transfer::Workflow.S3FileLocation", + "markdownDescription": "Specifies the location for the file being copied. Use `${Transfer:UserName}` or `${Transfer:UploadDate}` in this field to parametrize the destination prefix by username or uploaded date.\n\n- Set the value of `DestinationFileLocation` to `${Transfer:UserName}` to copy uploaded files to an Amazon S3 bucket that is prefixed with the name of the Transfer Family user that uploaded the file.\n- Set the value of `DestinationFileLocation` to `${Transfer:UploadDate}` to copy uploaded files to an Amazon S3 bucket that is prefixed with the date of the upload.\n\n> The system resolves `UploadDate` to a date format of *YYYY-MM-DD* , based on the date the file is uploaded in UTC.", + "title": "DestinationFileLocation" + }, + "Name": { + "markdownDescription": "The name of the step, used as an identifier.", + "title": "Name", + "type": "string" + }, + "OverwriteExisting": { + "markdownDescription": "A flag that indicates whether to overwrite an existing file of the same name. The default is `FALSE` .\n\nIf the workflow is processing a file that has the same name as an existing file, the behavior is as follows:\n\n- If `OverwriteExisting` is `TRUE` , the existing file is replaced with the file being processed.\n- If `OverwriteExisting` is `FALSE` , nothing happens, and the workflow processing stops.", + "title": "OverwriteExisting", + "type": "string" + }, + "SourceFileLocation": { + "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", + "title": "SourceFileLocation", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Transfer::Workflow.CustomStepDetails": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the step, used as an identifier.", + "title": "Name", + "type": "string" + }, + "SourceFileLocation": { + "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", + "title": "SourceFileLocation", + "type": "string" + }, + "Target": { + "markdownDescription": "The ARN for the Lambda function that is being called.", + "title": "Target", + "type": "string" + }, + "TimeoutSeconds": { + "markdownDescription": "Timeout, in seconds, for the step.", + "title": "TimeoutSeconds", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Transfer::Workflow.DecryptStepDetails": { + "additionalProperties": false, + "properties": { + "DestinationFileLocation": { + "$ref": "#/definitions/AWS::Transfer::Workflow.InputFileLocation", + "markdownDescription": "Specifies the location for the file being decrypted. Use `${Transfer:UserName}` or `${Transfer:UploadDate}` in this field to parametrize the destination prefix by username or uploaded date.\n\n- Set the value of `DestinationFileLocation` to `${Transfer:UserName}` to decrypt uploaded files to an Amazon S3 bucket that is prefixed with the name of the Transfer Family user that uploaded the file.\n- Set the value of `DestinationFileLocation` to `${Transfer:UploadDate}` to decrypt uploaded files to an Amazon S3 bucket that is prefixed with the date of the upload.\n\n> The system resolves `UploadDate` to a date format of *YYYY-MM-DD* , based on the date the file is uploaded in UTC.", + "title": "DestinationFileLocation" + }, + "Name": { + "markdownDescription": "The name of the step, used as an identifier.", + "title": "Name", + "type": "string" + }, + "OverwriteExisting": { + "markdownDescription": "A flag that indicates whether to overwrite an existing file of the same name. The default is `FALSE` .\n\nIf the workflow is processing a file that has the same name as an existing file, the behavior is as follows:\n\n- If `OverwriteExisting` is `TRUE` , the existing file is replaced with the file being processed.\n- If `OverwriteExisting` is `FALSE` , nothing happens, and the workflow processing stops.", + "title": "OverwriteExisting", + "type": "string" + }, + "SourceFileLocation": { + "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", + "title": "SourceFileLocation", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of encryption used. Currently, this value must be `PGP` .", + "title": "Type", + "type": "string" } }, "required": [ - "S3Configuration" + "DestinationFileLocation", + "Type" ], "type": "object" }, - "AWS::Timestream::InfluxDBInstance.S3Configuration": { + "AWS::Transfer::Workflow.DeleteStepDetails": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "The bucket name of the customer S3 bucket.", - "title": "BucketName", + "Name": { + "markdownDescription": "The name of the step, used as an identifier.", + "title": "Name", "type": "string" }, - "Enabled": { - "markdownDescription": "Indicates whether log delivery to the S3 bucket is enabled.", - "title": "Enabled", - "type": "boolean" + "SourceFileLocation": { + "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", + "title": "SourceFileLocation", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Transfer::Workflow.EfsInputFileLocation": { + "additionalProperties": false, + "properties": { + "FileSystemId": { + "markdownDescription": "The identifier of the file system, assigned by Amazon EFS.", + "title": "FileSystemId", + "type": "string" + }, + "Path": { + "markdownDescription": "The pathname for the folder being used by a workflow.", + "title": "Path", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Transfer::Workflow.InputFileLocation": { + "additionalProperties": false, + "properties": { + "EfsFileLocation": { + "$ref": "#/definitions/AWS::Transfer::Workflow.EfsInputFileLocation", + "markdownDescription": "Specifies the details for the Amazon Elastic File System (Amazon EFS) file that's being decrypted.", + "title": "EfsFileLocation" + }, + "S3FileLocation": { + "$ref": "#/definitions/AWS::Transfer::Workflow.S3InputFileLocation", + "markdownDescription": "Specifies the details for the Amazon S3 file that's being copied or decrypted.", + "title": "S3FileLocation" + } + }, + "type": "object" + }, + "AWS::Transfer::Workflow.S3FileLocation": { + "additionalProperties": false, + "properties": { + "S3FileLocation": { + "$ref": "#/definitions/AWS::Transfer::Workflow.S3InputFileLocation", + "markdownDescription": "Specifies the details for the file location for the file that's being used in the workflow. Only applicable if you are using Amazon S3 storage.", + "title": "S3FileLocation" + } + }, + "type": "object" + }, + "AWS::Transfer::Workflow.S3InputFileLocation": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "Specifies the S3 bucket for the customer input file.", + "title": "Bucket", + "type": "string" + }, + "Key": { + "markdownDescription": "The name assigned to the file when it was created in Amazon S3. You use the object key to retrieve the object.", + "title": "Key", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Transfer::Workflow.S3Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The name assigned to the tag that you create.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The value that corresponds to the key.", + "title": "Value", + "type": "string" } }, "required": [ - "BucketName", - "Enabled" + "Key", + "Value" ], "type": "object" }, - "AWS::Timestream::ScheduledQuery": { + "AWS::Transfer::Workflow.TagStepDetails": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the step, used as an identifier.", + "title": "Name", + "type": "string" + }, + "SourceFileLocation": { + "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", + "title": "SourceFileLocation", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::Transfer::Workflow.S3Tag" + }, + "markdownDescription": "Array that contains from 1 to 10 key/value pairs.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Transfer::Workflow.WorkflowStep": { + "additionalProperties": false, + "properties": { + "CopyStepDetails": { + "$ref": "#/definitions/AWS::Transfer::Workflow.CopyStepDetails", + "markdownDescription": "Details for a step that performs a file copy.\n\nConsists of the following values:\n\n- A description\n- An Amazon S3 location for the destination of the file copy.\n- A flag that indicates whether to overwrite an existing file of the same name. The default is `FALSE` .", + "title": "CopyStepDetails" + }, + "CustomStepDetails": { + "$ref": "#/definitions/AWS::Transfer::Workflow.CustomStepDetails", + "markdownDescription": "Details for a step that invokes an AWS Lambda function.\n\nConsists of the Lambda function's name, target, and timeout (in seconds).", + "title": "CustomStepDetails" + }, + "DecryptStepDetails": { + "$ref": "#/definitions/AWS::Transfer::Workflow.DecryptStepDetails", + "markdownDescription": "Details for a step that decrypts an encrypted file.\n\nConsists of the following values:\n\n- A descriptive name\n- An Amazon S3 or Amazon Elastic File System (Amazon EFS) location for the source file to decrypt.\n- An S3 or Amazon EFS location for the destination of the file decryption.\n- A flag that indicates whether to overwrite an existing file of the same name. The default is `FALSE` .\n- The type of encryption that's used. Currently, only PGP encryption is supported.", + "title": "DecryptStepDetails" + }, + "DeleteStepDetails": { + "$ref": "#/definitions/AWS::Transfer::Workflow.DeleteStepDetails", + "markdownDescription": "Details for a step that deletes the file.", + "title": "DeleteStepDetails" + }, + "TagStepDetails": { + "$ref": "#/definitions/AWS::Transfer::Workflow.TagStepDetails", + "markdownDescription": "Details for a step that creates one or more tags.\n\nYou specify one or more tags. Each tag contains a key-value pair.", + "title": "TagStepDetails" + }, + "Type": { + "markdownDescription": "Currently, the following step types are supported.\n\n- *`COPY`* - Copy the file to another location.\n- *`CUSTOM`* - Perform a custom step with an AWS Lambda function target.\n- *`DECRYPT`* - Decrypt a file that was encrypted before it was uploaded.\n- *`DELETE`* - Delete the file.\n- *`TAG`* - Add a tag to the file.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::VerifiedPermissions::IdentitySource": { "additionalProperties": false, "properties": { "Condition": { @@ -261951,72 +313396,31 @@ "Properties": { "additionalProperties": false, "properties": { - "ClientToken": { - "markdownDescription": "Using a ClientToken makes the call to CreateScheduledQuery idempotent, in other words, making the same request repeatedly will produce the same result. Making multiple identical CreateScheduledQuery requests has the same effect as making a single request.\n\n- If CreateScheduledQuery is called without a `ClientToken` , the Query SDK generates a `ClientToken` on your behalf.\n- After 8 hours, any request with the same `ClientToken` is treated as a new request.", - "title": "ClientToken", - "type": "string" - }, - "ErrorReportConfiguration": { - "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.ErrorReportConfiguration", - "markdownDescription": "Configuration for error reporting. Error reports will be generated when a problem is encountered when writing the query results.", - "title": "ErrorReportConfiguration" - }, - "KmsKeyId": { - "markdownDescription": "The Amazon KMS key used to encrypt the scheduled query resource, at-rest. If the Amazon KMS key is not specified, the scheduled query resource will be encrypted with a Timestream owned Amazon KMS key. To specify a KMS key, use the key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix the name with *alias/*\n\nIf ErrorReportConfiguration uses `SSE_KMS` as encryption type, the same KmsKeyId is used to encrypt the error report at rest.", - "title": "KmsKeyId", - "type": "string" - }, - "NotificationConfiguration": { - "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.NotificationConfiguration", - "markdownDescription": "Notification configuration for the scheduled query. A notification is sent by Timestream when a query run finishes, when the state is updated or when you delete it.", - "title": "NotificationConfiguration" - }, - "QueryString": { - "markdownDescription": "The query string to run. Parameter names can be specified in the query string `@` character followed by an identifier. The named Parameter `@scheduled_runtime` is reserved and can be used in the query to get the time at which the query is scheduled to run.\n\nThe timestamp calculated according to the ScheduleConfiguration parameter, will be the value of `@scheduled_runtime` paramater for each query run. For example, consider an instance of a scheduled query executing on 2021-12-01 00:00:00. For this instance, the `@scheduled_runtime` parameter is initialized to the timestamp 2021-12-01 00:00:00 when invoking the query.", - "title": "QueryString", - "type": "string" - }, - "ScheduleConfiguration": { - "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.ScheduleConfiguration", - "markdownDescription": "Schedule configuration.", - "title": "ScheduleConfiguration" + "Configuration": { + "$ref": "#/definitions/AWS::VerifiedPermissions::IdentitySource.IdentitySourceConfiguration", + "markdownDescription": "Contains configuration information used when creating a new identity source.", + "title": "Configuration" }, - "ScheduledQueryExecutionRoleArn": { - "markdownDescription": "The ARN for the IAM role that Timestream will assume when running the scheduled query.", - "title": "ScheduledQueryExecutionRoleArn", + "PolicyStoreId": { + "markdownDescription": "Specifies the ID of the policy store in which you want to store this identity source. Only policies and requests made using this policy store can reference identities from the identity provider configured in the new identity source.", + "title": "PolicyStoreId", "type": "string" }, - "ScheduledQueryName": { - "markdownDescription": "A name for the query. Scheduled query names must be unique within each Region.", - "title": "ScheduledQueryName", + "PrincipalEntityType": { + "markdownDescription": "Specifies the namespace and data type of the principals generated for identities authenticated by the new identity source.", + "title": "PrincipalEntityType", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of key-value pairs to label the scheduled query.", - "title": "Tags", - "type": "array" - }, - "TargetConfiguration": { - "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.TargetConfiguration", - "markdownDescription": "Scheduled query target store configuration.", - "title": "TargetConfiguration" } }, "required": [ - "ErrorReportConfiguration", - "NotificationConfiguration", - "QueryString", - "ScheduleConfiguration", - "ScheduledQueryExecutionRoleArn" + "Configuration", + "PolicyStoreId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Timestream::ScheduledQuery" + "AWS::VerifiedPermissions::IdentitySource" ], "type": "string" }, @@ -262035,258 +313439,320 @@ ], "type": "object" }, - "AWS::Timestream::ScheduledQuery.DimensionMapping": { + "AWS::VerifiedPermissions::IdentitySource.CognitoGroupConfiguration": { "additionalProperties": false, "properties": { - "DimensionValueType": { - "markdownDescription": "Type for the dimension: VARCHAR", - "title": "DimensionValueType", - "type": "string" - }, - "Name": { - "markdownDescription": "Column name from query result.", - "title": "Name", + "GroupEntityType": { + "markdownDescription": "The name of the schema entity type that's mapped to the user pool group. Defaults to `AWS::CognitoGroup` .", + "title": "GroupEntityType", "type": "string" } }, "required": [ - "DimensionValueType", - "Name" + "GroupEntityType" ], "type": "object" }, - "AWS::Timestream::ScheduledQuery.ErrorReportConfiguration": { + "AWS::VerifiedPermissions::IdentitySource.CognitoUserPoolConfiguration": { "additionalProperties": false, "properties": { - "S3Configuration": { - "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.S3Configuration", - "markdownDescription": "The S3 configuration for the error reports.", - "title": "S3Configuration" + "ClientIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The unique application client IDs that are associated with the specified Amazon Cognito user pool.\n\nExample: `\"ClientIds\": [\"&ExampleCogClientId;\"]`", + "title": "ClientIds", + "type": "array" + }, + "GroupConfiguration": { + "$ref": "#/definitions/AWS::VerifiedPermissions::IdentitySource.CognitoGroupConfiguration", + "markdownDescription": "The type of entity that a policy store maps to groups from an Amazon Cognito user pool identity source.", + "title": "GroupConfiguration" + }, + "UserPoolArn": { + "markdownDescription": "The [Amazon Resource Name (ARN)](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html) of the Amazon Cognito user pool that contains the identities to be authorized.", + "title": "UserPoolArn", + "type": "string" } }, "required": [ - "S3Configuration" + "UserPoolArn" ], "type": "object" }, - "AWS::Timestream::ScheduledQuery.MixedMeasureMapping": { + "AWS::VerifiedPermissions::IdentitySource.IdentitySourceConfiguration": { "additionalProperties": false, "properties": { - "MeasureName": { - "markdownDescription": "Refers to the value of measure_name in a result row. This field is required if MeasureNameColumn is provided.", - "title": "MeasureName", - "type": "string" - }, - "MeasureValueType": { - "markdownDescription": "Type of the value that is to be read from sourceColumn. If the mapping is for MULTI, use MeasureValueType.MULTI.", - "title": "MeasureValueType", - "type": "string" + "CognitoUserPoolConfiguration": { + "$ref": "#/definitions/AWS::VerifiedPermissions::IdentitySource.CognitoUserPoolConfiguration", + "markdownDescription": "A structure that contains configuration information used when creating or updating an identity source that represents a connection to an Amazon Cognito user pool used as an identity provider for Verified Permissions .", + "title": "CognitoUserPoolConfiguration" }, - "MultiMeasureAttributeMappings": { + "OpenIdConnectConfiguration": { + "$ref": "#/definitions/AWS::VerifiedPermissions::IdentitySource.OpenIdConnectConfiguration", + "markdownDescription": "", + "title": "OpenIdConnectConfiguration" + } + }, + "type": "object" + }, + "AWS::VerifiedPermissions::IdentitySource.OpenIdConnectAccessTokenConfiguration": { + "additionalProperties": false, + "properties": { + "Audiences": { "items": { - "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.MultiMeasureAttributeMapping" + "type": "string" }, - "markdownDescription": "Required when measureValueType is MULTI. Attribute mappings for MULTI value measures.", - "title": "MultiMeasureAttributeMappings", + "markdownDescription": "The access token `aud` claim values that you want to accept in your policy store. For example, `https://myapp.example.com, https://myapp2.example.com` .", + "title": "Audiences", "type": "array" }, - "SourceColumn": { - "markdownDescription": "This field refers to the source column from which measure-value is to be read for result materialization.", - "title": "SourceColumn", + "PrincipalIdClaim": { + "markdownDescription": "The claim that determines the principal in OIDC access tokens. For example, `sub` .", + "title": "PrincipalIdClaim", + "type": "string" + } + }, + "type": "object" + }, + "AWS::VerifiedPermissions::IdentitySource.OpenIdConnectConfiguration": { + "additionalProperties": false, + "properties": { + "EntityIdPrefix": { + "markdownDescription": "A descriptive string that you want to prefix to user entities from your OIDC identity provider. For example, if you set an `entityIdPrefix` of `MyOIDCProvider` , you can reference principals in your policies in the format `MyCorp::User::MyOIDCProvider|Carlos` .", + "title": "EntityIdPrefix", + "type": "string" + }, + "GroupConfiguration": { + "$ref": "#/definitions/AWS::VerifiedPermissions::IdentitySource.OpenIdConnectGroupConfiguration", + "markdownDescription": "The claim in OIDC identity provider tokens that indicates a user's group membership, and the entity type that you want to map it to. For example, this object can map the contents of a `groups` claim to `MyCorp::UserGroup` .", + "title": "GroupConfiguration" + }, + "Issuer": { + "markdownDescription": "The issuer URL of an OIDC identity provider. This URL must have an OIDC discovery endpoint at the path `.well-known/openid-configuration` .", + "title": "Issuer", "type": "string" }, - "TargetMeasureName": { - "markdownDescription": "Target measure name to be used. If not provided, the target measure name by default would be measure-name if provided, or sourceColumn otherwise.", - "title": "TargetMeasureName", - "type": "string" + "TokenSelection": { + "$ref": "#/definitions/AWS::VerifiedPermissions::IdentitySource.OpenIdConnectTokenSelection", + "markdownDescription": "The token type that you want to process from your OIDC identity provider. Your policy store can process either identity (ID) or access tokens from a given OIDC identity source.", + "title": "TokenSelection" } }, "required": [ - "MeasureValueType" + "Issuer", + "TokenSelection" ], "type": "object" }, - "AWS::Timestream::ScheduledQuery.MultiMeasureAttributeMapping": { + "AWS::VerifiedPermissions::IdentitySource.OpenIdConnectGroupConfiguration": { "additionalProperties": false, "properties": { - "MeasureValueType": { - "markdownDescription": "Type of the attribute to be read from the source column.", - "title": "MeasureValueType", - "type": "string" - }, - "SourceColumn": { - "markdownDescription": "Source column from where the attribute value is to be read.", - "title": "SourceColumn", + "GroupClaim": { + "markdownDescription": "The token claim that you want Verified Permissions to interpret as group membership. For example, `groups` .", + "title": "GroupClaim", "type": "string" }, - "TargetMultiMeasureAttributeName": { - "markdownDescription": "Custom name to be used for attribute name in derived table. If not provided, source column name would be used.", - "title": "TargetMultiMeasureAttributeName", + "GroupEntityType": { + "markdownDescription": "The policy store entity type that you want to map your users' group claim to. For example, `MyCorp::UserGroup` . A group entity type is an entity that can have a user entity type as a member.", + "title": "GroupEntityType", "type": "string" } }, "required": [ - "MeasureValueType", - "SourceColumn" + "GroupClaim", + "GroupEntityType" ], "type": "object" }, - "AWS::Timestream::ScheduledQuery.MultiMeasureMappings": { + "AWS::VerifiedPermissions::IdentitySource.OpenIdConnectIdentityTokenConfiguration": { "additionalProperties": false, "properties": { - "MultiMeasureAttributeMappings": { + "ClientIds": { "items": { - "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.MultiMeasureAttributeMapping" + "type": "string" }, - "markdownDescription": "Required. Attribute mappings to be used for mapping query results to ingest data for multi-measure attributes.", - "title": "MultiMeasureAttributeMappings", + "markdownDescription": "The ID token audience, or client ID, claim values that you want to accept in your policy store from an OIDC identity provider. For example, `1example23456789, 2example10111213` .", + "title": "ClientIds", "type": "array" }, - "TargetMultiMeasureName": { - "markdownDescription": "The name of the target multi-measure name in the derived table. This input is required when measureNameColumn is not provided. If MeasureNameColumn is provided, then value from that column will be used as multi-measure name.", - "title": "TargetMultiMeasureName", + "PrincipalIdClaim": { + "markdownDescription": "The claim that determines the principal in OIDC access tokens. For example, `sub` .", + "title": "PrincipalIdClaim", "type": "string" } }, - "required": [ - "MultiMeasureAttributeMappings" - ], "type": "object" }, - "AWS::Timestream::ScheduledQuery.NotificationConfiguration": { + "AWS::VerifiedPermissions::IdentitySource.OpenIdConnectTokenSelection": { "additionalProperties": false, "properties": { - "SnsConfiguration": { - "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.SnsConfiguration", - "markdownDescription": "Details on SNS configuration.", - "title": "SnsConfiguration" + "AccessTokenOnly": { + "$ref": "#/definitions/AWS::VerifiedPermissions::IdentitySource.OpenIdConnectAccessTokenConfiguration", + "markdownDescription": "The OIDC configuration for processing access tokens. Contains allowed audience claims, for example `https://auth.example.com` , and the claim that you want to map to the principal, for example `sub` .", + "title": "AccessTokenOnly" + }, + "IdentityTokenOnly": { + "$ref": "#/definitions/AWS::VerifiedPermissions::IdentitySource.OpenIdConnectIdentityTokenConfiguration", + "markdownDescription": "The OIDC configuration for processing identity (ID) tokens. Contains allowed client ID claims, for example `1example23456789` , and the claim that you want to map to the principal, for example `sub` .", + "title": "IdentityTokenOnly" } }, - "required": [ - "SnsConfiguration" - ], "type": "object" }, - "AWS::Timestream::ScheduledQuery.S3Configuration": { + "AWS::VerifiedPermissions::Policy": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "Name of the S3 bucket under which error reports will be created.", - "title": "BucketName", + "Condition": { "type": "string" }, - "EncryptionOption": { - "markdownDescription": "Encryption at rest options for the error reports. If no encryption option is specified, Timestream will choose SSE_S3 as default.", - "title": "EncryptionOption", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ObjectKeyPrefix": { - "markdownDescription": "Prefix for the error report key. Timestream by default adds the following prefix to the error report path.", - "title": "ObjectKeyPrefix", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Definition": { + "$ref": "#/definitions/AWS::VerifiedPermissions::Policy.PolicyDefinition", + "markdownDescription": "Specifies the policy type and content to use for the new or updated policy. The definition structure must include either a `Static` or a `TemplateLinked` element.", + "title": "Definition" + }, + "PolicyStoreId": { + "markdownDescription": "Specifies the `PolicyStoreId` of the policy store you want to store the policy in.", + "title": "PolicyStoreId", + "type": "string" + } + }, + "required": [ + "Definition", + "PolicyStoreId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::VerifiedPermissions::Policy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "BucketName" + "Type", + "Properties" ], "type": "object" }, - "AWS::Timestream::ScheduledQuery.ScheduleConfiguration": { + "AWS::VerifiedPermissions::Policy.EntityIdentifier": { "additionalProperties": false, "properties": { - "ScheduleExpression": { - "markdownDescription": "An expression that denotes when to trigger the scheduled query run. This can be a cron expression or a rate expression.", - "title": "ScheduleExpression", + "EntityId": { + "markdownDescription": "The identifier of an entity.\n\n`\"entityId\":\" *identifier* \"`", + "title": "EntityId", + "type": "string" + }, + "EntityType": { + "markdownDescription": "The type of an entity.\n\nExample: `\"entityType\":\" *typeName* \"`", + "title": "EntityType", "type": "string" } }, "required": [ - "ScheduleExpression" + "EntityId", + "EntityType" ], "type": "object" }, - "AWS::Timestream::ScheduledQuery.SnsConfiguration": { + "AWS::VerifiedPermissions::Policy.PolicyDefinition": { "additionalProperties": false, "properties": { - "TopicArn": { - "markdownDescription": "SNS topic ARN that the scheduled query status notifications will be sent to.", - "title": "TopicArn", - "type": "string" + "Static": { + "$ref": "#/definitions/AWS::VerifiedPermissions::Policy.StaticPolicyDefinition", + "markdownDescription": "A structure that describes a static policy. An static policy doesn't use a template or allow placeholders for entities.", + "title": "Static" + }, + "TemplateLinked": { + "$ref": "#/definitions/AWS::VerifiedPermissions::Policy.TemplateLinkedPolicyDefinition", + "markdownDescription": "A structure that describes a policy that was instantiated from a template. The template can specify placeholders for `principal` and `resource` . When you use [CreatePolicy](https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicy.html) to create a policy from a template, you specify the exact principal and resource to use for the instantiated policy.", + "title": "TemplateLinked" } }, - "required": [ - "TopicArn" - ], "type": "object" }, - "AWS::Timestream::ScheduledQuery.TargetConfiguration": { + "AWS::VerifiedPermissions::Policy.StaticPolicyDefinition": { "additionalProperties": false, "properties": { - "TimestreamConfiguration": { - "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.TimestreamConfiguration", - "markdownDescription": "Configuration needed to write data into the Timestream database and table.", - "title": "TimestreamConfiguration" + "Description": { + "markdownDescription": "The description of the static policy.", + "title": "Description", + "type": "string" + }, + "Statement": { + "markdownDescription": "The policy content of the static policy, written in the Cedar policy language.", + "title": "Statement", + "type": "string" } }, "required": [ - "TimestreamConfiguration" + "Statement" ], "type": "object" }, - "AWS::Timestream::ScheduledQuery.TimestreamConfiguration": { + "AWS::VerifiedPermissions::Policy.TemplateLinkedPolicyDefinition": { "additionalProperties": false, "properties": { - "DatabaseName": { - "markdownDescription": "Name of Timestream database to which the query result will be written.", - "title": "DatabaseName", - "type": "string" - }, - "DimensionMappings": { - "items": { - "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.DimensionMapping" - }, - "markdownDescription": "This is to allow mapping column(s) from the query result to the dimension in the destination table.", - "title": "DimensionMappings", - "type": "array" - }, - "MeasureNameColumn": { - "markdownDescription": "Name of the measure column. Also see `MultiMeasureMappings` and `MixedMeasureMappings` for how measure name properties on those relate to `MeasureNameColumn` .", - "title": "MeasureNameColumn", + "PolicyTemplateId": { + "markdownDescription": "The unique identifier of the policy template used to create this policy.", + "title": "PolicyTemplateId", "type": "string" }, - "MixedMeasureMappings": { - "items": { - "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.MixedMeasureMapping" - }, - "markdownDescription": "Specifies how to map measures to multi-measure records.", - "title": "MixedMeasureMappings", - "type": "array" - }, - "MultiMeasureMappings": { - "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.MultiMeasureMappings", - "markdownDescription": "Multi-measure mappings.", - "title": "MultiMeasureMappings" - }, - "TableName": { - "markdownDescription": "Name of Timestream table that the query result will be written to. The table should be within the same database that is provided in Timestream configuration.", - "title": "TableName", - "type": "string" + "Principal": { + "$ref": "#/definitions/AWS::VerifiedPermissions::Policy.EntityIdentifier", + "markdownDescription": "The principal associated with this template-linked policy. Verified Permissions substitutes this principal for the `?principal` placeholder in the policy template when it evaluates an authorization request.", + "title": "Principal" }, - "TimeColumn": { - "markdownDescription": "Column from query result that should be used as the time column in destination table. Column type for this should be TIMESTAMP.", - "title": "TimeColumn", - "type": "string" + "Resource": { + "$ref": "#/definitions/AWS::VerifiedPermissions::Policy.EntityIdentifier", + "markdownDescription": "The resource associated with this template-linked policy. Verified Permissions substitutes this resource for the `?resource` placeholder in the policy template when it evaluates an authorization request.", + "title": "Resource" } }, "required": [ - "DatabaseName", - "DimensionMappings", - "TableName", - "TimeColumn" + "PolicyTemplateId" ], "type": "object" }, - "AWS::Timestream::Table": { + "AWS::VerifiedPermissions::PolicyStore": { "additionalProperties": false, "properties": { "Condition": { @@ -262321,48 +313787,43 @@ "Properties": { "additionalProperties": false, "properties": { - "DatabaseName": { - "markdownDescription": "The name of the Timestream database that contains this table.\n\n*Length Constraints* : Minimum length of 3 bytes. Maximum length of 256 bytes.", - "title": "DatabaseName", - "type": "string" - }, - "MagneticStoreWriteProperties": { - "$ref": "#/definitions/AWS::Timestream::Table.MagneticStoreWriteProperties", - "markdownDescription": "Contains properties to set on the table when enabling magnetic store writes.\n\nThis object has the following attributes:\n\n- *EnableMagneticStoreWrites* : A `boolean` flag to enable magnetic store writes.\n- *MagneticStoreRejectedDataLocation* : The location to write error reports for records rejected, asynchronously, during magnetic store writes. Only `S3Configuration` objects are allowed. The `S3Configuration` object has the following attributes:\n\n- *BucketName* : The name of the S3 bucket.\n- *EncryptionOption* : The encryption option for the S3 location. Valid values are S3 server-side encryption with an S3 managed key ( `SSE_S3` ) or AWS managed key ( `SSE_KMS` ).\n- *KmsKeyId* : The AWS KMS key ID to use when encrypting with an AWS managed key.\n- *ObjectKeyPrefix* : The prefix to use option for the objects stored in S3.\n\nBoth `BucketName` and `EncryptionOption` are *required* when `S3Configuration` is specified. If you specify `SSE_KMS` as your `EncryptionOption` then `KmsKeyId` is *required* .\n\n`EnableMagneticStoreWrites` attribute is *required* when `MagneticStoreWriteProperties` is specified. `MagneticStoreRejectedDataLocation` attribute is *required* when `EnableMagneticStoreWrites` is set to `true` .\n\nSee the following examples:\n\n*JSON*\n\n```json\n{ \"Type\" : AWS::Timestream::Table\", \"Properties\":{ \"DatabaseName\":\"TestDatabase\", \"TableName\":\"TestTable\", \"MagneticStoreWriteProperties\":{ \"EnableMagneticStoreWrites\":true, \"MagneticStoreRejectedDataLocation\":{ \"S3Configuration\":{ \"BucketName\":\" amzn-s3-demo-bucket \", \"EncryptionOption\":\"SSE_KMS\", \"KmsKeyId\":\"1234abcd-12ab-34cd-56ef-1234567890ab\", \"ObjectKeyPrefix\":\"prefix\" } } } }\n}\n```\n\n*YAML*\n\n```\nType: AWS::Timestream::Table\nDependsOn: TestDatabase\nProperties: TableName: \"TestTable\" DatabaseName: \"TestDatabase\" MagneticStoreWriteProperties: EnableMagneticStoreWrites: true MagneticStoreRejectedDataLocation: S3Configuration: BucketName: \" amzn-s3-demo-bucket \" EncryptionOption: \"SSE_KMS\" KmsKeyId: \"1234abcd-12ab-34cd-56ef-1234567890ab\" ObjectKeyPrefix: \"prefix\"\n```", - "title": "MagneticStoreWriteProperties" + "DeletionProtection": { + "$ref": "#/definitions/AWS::VerifiedPermissions::PolicyStore.DeletionProtection", + "markdownDescription": "Specifies whether the policy store can be deleted. If enabled, the policy store can't be deleted.\n\nThe default state is `DISABLED` .", + "title": "DeletionProtection" }, - "RetentionProperties": { - "$ref": "#/definitions/AWS::Timestream::Table.RetentionProperties", - "markdownDescription": "The retention duration for the memory store and magnetic store. This object has the following attributes:\n\n- *MemoryStoreRetentionPeriodInHours* : Retention duration for memory store, in hours.\n- *MagneticStoreRetentionPeriodInDays* : Retention duration for magnetic store, in days.\n\nBoth attributes are of type `string` . Both attributes are *required* when `RetentionProperties` is specified.\n\nSee the following examples:\n\n*JSON*\n\n`{ \"Type\" : AWS::Timestream::Table\", \"Properties\" : { \"DatabaseName\" : \"TestDatabase\", \"TableName\" : \"TestTable\", \"RetentionProperties\" : { \"MemoryStoreRetentionPeriodInHours\": \"24\", \"MagneticStoreRetentionPeriodInDays\": \"7\" } } }` \n\n*YAML*\n\n```\nType: AWS::Timestream::Table\nDependsOn: TestDatabase\nProperties: TableName: \"TestTable\" DatabaseName: \"TestDatabase\" RetentionProperties: MemoryStoreRetentionPeriodInHours: \"24\" MagneticStoreRetentionPeriodInDays: \"7\"\n```", - "title": "RetentionProperties" + "Description": { + "markdownDescription": "Descriptive text that you can provide to help with identification of the current policy store.", + "title": "Description", + "type": "string" }, "Schema": { - "$ref": "#/definitions/AWS::Timestream::Table.Schema", - "markdownDescription": "The schema of the table.", + "$ref": "#/definitions/AWS::VerifiedPermissions::PolicyStore.SchemaDefinition", + "markdownDescription": "Creates or updates the policy schema in a policy store. Cedar can use the schema to validate any Cedar policies and policy templates submitted to the policy store. Any changes to the schema validate only policies and templates submitted after the schema change. Existing policies and templates are not re-evaluated against the changed schema. If you later update a policy, then it is evaluated against the new schema at that time.", "title": "Schema" }, - "TableName": { - "markdownDescription": "The name of the Timestream table.\n\n*Length Constraints* : Minimum length of 3 bytes. Maximum length of 256 bytes.", - "title": "TableName", - "type": "string" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to add to the table", + "markdownDescription": "The list of key-value pairs to associate with the policy store.", "title": "Tags", "type": "array" + }, + "ValidationSettings": { + "$ref": "#/definitions/AWS::VerifiedPermissions::PolicyStore.ValidationSettings", + "markdownDescription": "Specifies the validation setting for this policy store.\n\nCurrently, the only valid and required value is `Mode` .\n\n> We recommend that you turn on `STRICT` mode only after you define a schema. If a schema doesn't exist, then `STRICT` mode causes any policy to fail validation, and Verified Permissions rejects the policy. You can turn off validation by using the [UpdatePolicyStore](https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyStore) . Then, when you have a schema defined, use [UpdatePolicyStore](https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyStore) again to turn validation back on.", + "title": "ValidationSettings" } }, "required": [ - "DatabaseName" + "ValidationSettings" ], "type": "object" }, "Type": { "enum": [ - "AWS::Timestream::Table" + "AWS::VerifiedPermissions::PolicyStore" ], "type": "string" }, @@ -262381,121 +313842,46 @@ ], "type": "object" }, - "AWS::Timestream::Table.MagneticStoreRejectedDataLocation": { - "additionalProperties": false, - "properties": { - "S3Configuration": { - "$ref": "#/definitions/AWS::Timestream::Table.S3Configuration", - "markdownDescription": "Configuration of an S3 location to write error reports for records rejected, asynchronously, during magnetic store writes.", - "title": "S3Configuration" - } - }, - "type": "object" - }, - "AWS::Timestream::Table.MagneticStoreWriteProperties": { - "additionalProperties": false, - "properties": { - "EnableMagneticStoreWrites": { - "markdownDescription": "A flag to enable magnetic store writes.", - "title": "EnableMagneticStoreWrites", - "type": "boolean" - }, - "MagneticStoreRejectedDataLocation": { - "$ref": "#/definitions/AWS::Timestream::Table.MagneticStoreRejectedDataLocation", - "markdownDescription": "The location to write error reports for records rejected asynchronously during magnetic store writes.", - "title": "MagneticStoreRejectedDataLocation" - } - }, - "required": [ - "EnableMagneticStoreWrites" - ], - "type": "object" - }, - "AWS::Timestream::Table.PartitionKey": { + "AWS::VerifiedPermissions::PolicyStore.DeletionProtection": { "additionalProperties": false, "properties": { - "EnforcementInRecord": { - "markdownDescription": "The level of enforcement for the specification of a dimension key in ingested records. Options are REQUIRED (dimension key must be specified) and OPTIONAL (dimension key does not have to be specified).", - "title": "EnforcementInRecord", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the attribute used for a dimension key.", - "title": "Name", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of the partition key. Options are DIMENSION (dimension key) and MEASURE (measure key).", - "title": "Type", + "Mode": { + "markdownDescription": "Specifies whether the policy store can be deleted. If enabled, the policy store can't be deleted.\n\nThe default state is `DISABLED` .", + "title": "Mode", "type": "string" } }, "required": [ - "Type" + "Mode" ], "type": "object" }, - "AWS::Timestream::Table.RetentionProperties": { + "AWS::VerifiedPermissions::PolicyStore.SchemaDefinition": { "additionalProperties": false, "properties": { - "MagneticStoreRetentionPeriodInDays": { - "markdownDescription": "The duration for which data must be stored in the magnetic store.", - "title": "MagneticStoreRetentionPeriodInDays", - "type": "string" - }, - "MemoryStoreRetentionPeriodInHours": { - "markdownDescription": "The duration for which data must be stored in the memory store.", - "title": "MemoryStoreRetentionPeriodInHours", + "CedarJson": { + "markdownDescription": "A JSON string representation of the schema supported by applications that use this policy store. For more information, see [Policy store schema](https://docs.aws.amazon.com/verifiedpermissions/latest/userguide/schema.html) in the AVP User Guide.", + "title": "CedarJson", "type": "string" } }, "type": "object" }, - "AWS::Timestream::Table.S3Configuration": { + "AWS::VerifiedPermissions::PolicyStore.ValidationSettings": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "The bucket name of the customer S3 bucket.", - "title": "BucketName", - "type": "string" - }, - "EncryptionOption": { - "markdownDescription": "The encryption option for the customer S3 location. Options are S3 server-side encryption with an S3 managed key or AWS managed key.", - "title": "EncryptionOption", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "The AWS KMS key ID for the customer S3 location when encrypting with an AWS managed key.", - "title": "KmsKeyId", - "type": "string" - }, - "ObjectKeyPrefix": { - "markdownDescription": "The object key preview for the customer S3 location.", - "title": "ObjectKeyPrefix", + "Mode": { + "markdownDescription": "The validation mode currently configured for this policy store. The valid values are:\n\n- *OFF* \u2013 Neither Verified Permissions nor Cedar perform any validation on policies. No validation errors are reported by either service.\n- *STRICT* \u2013 Requires a schema to be present in the policy store. Cedar performs validation on all submitted new or updated static policies and policy templates. Any that fail validation are rejected and Cedar doesn't store them in the policy store.\n\n> If `Mode=STRICT` and the policy store doesn't contain a schema, Verified Permissions rejects all static policies and policy templates because there is no schema to validate against.\n> \n> To submit a static policy or policy template without a schema, you must turn off validation.", + "title": "Mode", "type": "string" } }, "required": [ - "BucketName", - "EncryptionOption" + "Mode" ], "type": "object" }, - "AWS::Timestream::Table.Schema": { - "additionalProperties": false, - "properties": { - "CompositePartitionKey": { - "items": { - "$ref": "#/definitions/AWS::Timestream::Table.PartitionKey" - }, - "markdownDescription": "A non-empty list of partition keys defining the attributes used to partition the table data. The order of the list determines the partition hierarchy. The name and type of each partition key as well as the partition key order cannot be changed after the table is created. However, the enforcement level of each partition key can be changed.", - "title": "CompositePartitionKey", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Transfer::Agreement": { + "AWS::VerifiedPermissions::PolicyTemplate": { "additionalProperties": false, "properties": { "Condition": { @@ -262530,62 +313916,31 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessRole": { - "markdownDescription": "Connectors are used to send files using either the AS2 or SFTP protocol. For the access role, provide the Amazon Resource Name (ARN) of the AWS Identity and Access Management role to use.\n\n*For AS2 connectors*\n\nWith AS2, you can send files by calling `StartFileTransfer` and specifying the file paths in the request parameter, `SendFilePaths` . We use the file\u2019s parent directory (for example, for `--send-file-paths /bucket/dir/file.txt` , parent directory is `/bucket/dir/` ) to temporarily store a processed AS2 message file, store the MDN when we receive them from the partner, and write a final JSON file containing relevant metadata of the transmission. So, the `AccessRole` needs to provide read and write access to the parent directory of the file location used in the `StartFileTransfer` request. Additionally, you need to provide read and write access to the parent directory of the files that you intend to send with `StartFileTransfer` .\n\nIf you are using Basic authentication for your AS2 connector, the access role requires the `secretsmanager:GetSecretValue` permission for the secret. If the secret is encrypted using a customer-managed key instead of the AWS managed key in Secrets Manager, then the role also needs the `kms:Decrypt` permission for that key.\n\n*For SFTP connectors*\n\nMake sure that the access role provides read and write access to the parent directory of the file location that's used in the `StartFileTransfer` request. Additionally, make sure that the role provides `secretsmanager:GetSecretValue` permission to AWS Secrets Manager .", - "title": "AccessRole", - "type": "string" - }, - "BaseDirectory": { - "markdownDescription": "The landing directory (folder) for files that are transferred by using the AS2 protocol.", - "title": "BaseDirectory", - "type": "string" - }, "Description": { - "markdownDescription": "The name or short description that's used to identify the agreement.", + "markdownDescription": "The description to attach to the new or updated policy template.", "title": "Description", "type": "string" }, - "LocalProfileId": { - "markdownDescription": "A unique identifier for the AS2 local profile.", - "title": "LocalProfileId", - "type": "string" - }, - "PartnerProfileId": { - "markdownDescription": "A unique identifier for the partner profile used in the agreement.", - "title": "PartnerProfileId", - "type": "string" - }, - "ServerId": { - "markdownDescription": "A system-assigned unique identifier for a server instance. This identifier indicates the specific server that the agreement uses.", - "title": "ServerId", + "PolicyStoreId": { + "markdownDescription": "The unique identifier of the policy store that contains the template.", + "title": "PolicyStoreId", "type": "string" }, - "Status": { - "markdownDescription": "The current status of the agreement, either `ACTIVE` or `INACTIVE` .", - "title": "Status", + "Statement": { + "markdownDescription": "Specifies the content that you want to use for the new policy template, written in the Cedar policy language.", + "title": "Statement", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Key-value pairs that can be used to group and search for agreements.", - "title": "Tags", - "type": "array" } }, "required": [ - "AccessRole", - "BaseDirectory", - "LocalProfileId", - "PartnerProfileId", - "ServerId" + "PolicyStoreId", + "Statement" ], "type": "object" }, "Type": { "enum": [ - "AWS::Transfer::Agreement" + "AWS::VerifiedPermissions::PolicyTemplate" ], "type": "string" }, @@ -262604,7 +313959,7 @@ ], "type": "object" }, - "AWS::Transfer::Certificate": { + "AWS::VoiceID::Domain": { "additionalProperties": false, "properties": { "Condition": { @@ -262639,59 +313994,39 @@ "Properties": { "additionalProperties": false, "properties": { - "ActiveDate": { - "markdownDescription": "An optional date that specifies when the certificate becomes active. If you do not specify a value, `ActiveDate` takes the same value as `NotBeforeDate` , which is specified by the CA.", - "title": "ActiveDate", - "type": "string" - }, - "Certificate": { - "markdownDescription": "The file name for the certificate.", - "title": "Certificate", - "type": "string" - }, - "CertificateChain": { - "markdownDescription": "The list of certificates that make up the chain for the certificate.", - "title": "CertificateChain", - "type": "string" - }, "Description": { - "markdownDescription": "The name or description that's used to identity the certificate.", + "markdownDescription": "The description of the domain.", "title": "Description", "type": "string" }, - "InactiveDate": { - "markdownDescription": "An optional date that specifies when the certificate becomes inactive. If you do not specify a value, `InactiveDate` takes the same value as `NotAfterDate` , which is specified by the CA.", - "title": "InactiveDate", + "Name": { + "markdownDescription": "The name for the domain.", + "title": "Name", "type": "string" }, - "PrivateKey": { - "markdownDescription": "The file that contains the private key for the certificate that's being imported.", - "title": "PrivateKey", - "type": "string" + "ServerSideEncryptionConfiguration": { + "$ref": "#/definitions/AWS::VoiceID::Domain.ServerSideEncryptionConfiguration", + "markdownDescription": "The server-side encryption configuration containing the KMS key identifier you want Voice ID to use to encrypt your data.", + "title": "ServerSideEncryptionConfiguration" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Key-value pairs that can be used to group and search for certificates.", + "markdownDescription": "The tags used to organize, track, or control access for this resource.", "title": "Tags", "type": "array" - }, - "Usage": { - "markdownDescription": "Specifies how this certificate is used. It can be used in the following ways:\n\n- `SIGNING` : For signing AS2 messages\n- `ENCRYPTION` : For encrypting AS2 messages\n- `TLS` : For securing AS2 communications sent over HTTPS", - "title": "Usage", - "type": "string" } }, "required": [ - "Certificate", - "Usage" + "Name", + "ServerSideEncryptionConfiguration" ], "type": "object" }, "Type": { "enum": [ - "AWS::Transfer::Certificate" + "AWS::VoiceID::Domain" ], "type": "string" }, @@ -262710,7 +314045,21 @@ ], "type": "object" }, - "AWS::Transfer::Connector": { + "AWS::VoiceID::Domain.ServerSideEncryptionConfiguration": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "markdownDescription": "The identifier of the KMS key to use to encrypt data stored by Voice ID. Voice ID doesn't support asymmetric customer managed keys.", + "title": "KmsKeyId", + "type": "string" + } + }, + "required": [ + "KmsKeyId" + ], + "type": "object" + }, + "AWS::VpcLattice::AccessLogSubscription": { "additionalProperties": false, "properties": { "Condition": { @@ -262745,49 +314094,38 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessRole": { - "markdownDescription": "Connectors are used to send files using either the AS2 or SFTP protocol. For the access role, provide the Amazon Resource Name (ARN) of the AWS Identity and Access Management role to use.\n\n*For AS2 connectors*\n\nWith AS2, you can send files by calling `StartFileTransfer` and specifying the file paths in the request parameter, `SendFilePaths` . We use the file\u2019s parent directory (for example, for `--send-file-paths /bucket/dir/file.txt` , parent directory is `/bucket/dir/` ) to temporarily store a processed AS2 message file, store the MDN when we receive them from the partner, and write a final JSON file containing relevant metadata of the transmission. So, the `AccessRole` needs to provide read and write access to the parent directory of the file location used in the `StartFileTransfer` request. Additionally, you need to provide read and write access to the parent directory of the files that you intend to send with `StartFileTransfer` .\n\nIf you are using Basic authentication for your AS2 connector, the access role requires the `secretsmanager:GetSecretValue` permission for the secret. If the secret is encrypted using a customer-managed key instead of the AWS managed key in Secrets Manager, then the role also needs the `kms:Decrypt` permission for that key.\n\n*For SFTP connectors*\n\nMake sure that the access role provides read and write access to the parent directory of the file location that's used in the `StartFileTransfer` request. Additionally, make sure that the role provides `secretsmanager:GetSecretValue` permission to AWS Secrets Manager .", - "title": "AccessRole", + "DestinationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the destination. The supported destination types are CloudWatch Log groups, Kinesis Data Firehose delivery streams, and Amazon S3 buckets.", + "title": "DestinationArn", "type": "string" }, - "As2Config": { - "$ref": "#/definitions/AWS::Transfer::Connector.As2Config", - "markdownDescription": "A structure that contains the parameters for an AS2 connector object.", - "title": "As2Config" - }, - "LoggingRole": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that allows a connector to turn on CloudWatch logging for Amazon S3 events. When set, you can view connector activity in your CloudWatch logs.", - "title": "LoggingRole", + "ResourceIdentifier": { + "markdownDescription": "The ID or ARN of the service network or service.", + "title": "ResourceIdentifier", "type": "string" }, - "SftpConfig": { - "$ref": "#/definitions/AWS::Transfer::Connector.SftpConfig", - "markdownDescription": "A structure that contains the parameters for an SFTP connector object.", - "title": "SftpConfig" + "ServiceNetworkLogType": { + "markdownDescription": "Log type of the service network.", + "title": "ServiceNetworkLogType", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Key-value pairs that can be used to group and search for connectors.", + "markdownDescription": "The tags for the access log subscription.", "title": "Tags", "type": "array" - }, - "Url": { - "markdownDescription": "The URL of the partner's AS2 or SFTP endpoint.", - "title": "Url", - "type": "string" } }, "required": [ - "AccessRole", - "Url" + "DestinationArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Transfer::Connector" + "AWS::VpcLattice::AccessLogSubscription" ], "type": "string" }, @@ -262806,77 +314144,80 @@ ], "type": "object" }, - "AWS::Transfer::Connector.As2Config": { + "AWS::VpcLattice::AuthPolicy": { "additionalProperties": false, "properties": { - "BasicAuthSecretId": { - "markdownDescription": "Provides Basic authentication support to the AS2 Connectors API. To use Basic authentication, you must provide the name or Amazon Resource Name (ARN) of a secret in AWS Secrets Manager .\n\nThe default value for this parameter is `null` , which indicates that Basic authentication is not enabled for the connector.\n\nIf the connector should use Basic authentication, the secret needs to be in the following format:\n\n`{ \"Username\": \"user-name\", \"Password\": \"user-password\" }`\n\nReplace `user-name` and `user-password` with the credentials for the actual user that is being authenticated.\n\nNote the following:\n\n- You are storing these credentials in Secrets Manager, *not passing them directly* into this API.\n- If you are using the API, SDKs, or CloudFormation to configure your connector, then you must create the secret before you can enable Basic authentication. However, if you are using the AWS management console, you can have the system create the secret for you.\n\nIf you have previously enabled Basic authentication for a connector, you can disable it by using the `UpdateConnector` API call. For example, if you are using the CLI, you can run the following command to remove Basic authentication:\n\n`update-connector --connector-id my-connector-id --as2-config 'BasicAuthSecretId=\"\"'`", - "title": "BasicAuthSecretId", - "type": "string" - }, - "Compression": { - "markdownDescription": "Specifies whether the AS2 file is compressed.", - "title": "Compression", - "type": "string" - }, - "EncryptionAlgorithm": { - "markdownDescription": "The algorithm that is used to encrypt the file.\n\nNote the following:\n\n- Do not use the `DES_EDE3_CBC` algorithm unless you must support a legacy client that requires it, as it is a weak encryption algorithm.\n- You can only specify `NONE` if the URL for your connector uses HTTPS. Using HTTPS ensures that no traffic is sent in clear text.", - "title": "EncryptionAlgorithm", - "type": "string" - }, - "LocalProfileId": { - "markdownDescription": "A unique identifier for the AS2 local profile.", - "title": "LocalProfileId", + "Condition": { "type": "string" }, - "MdnResponse": { - "markdownDescription": "Used for outbound requests (from an AWS Transfer Family connector to a partner AS2 server) to determine whether the partner response for transfers is synchronous or asynchronous. Specify either of the following values:\n\n- `SYNC` : The system expects a synchronous MDN response, confirming that the file was transferred successfully (or not).\n- `NONE` : Specifies that no MDN response is required.", - "title": "MdnResponse", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "MdnSigningAlgorithm": { - "markdownDescription": "The signing algorithm for the MDN response.\n\n> If set to DEFAULT (or not set at all), the value for `SigningAlgorithm` is used.", - "title": "MdnSigningAlgorithm", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "MessageSubject": { - "markdownDescription": "Used as the `Subject` HTTP header attribute in AS2 messages that are being sent with the connector.", - "title": "MessageSubject", - "type": "string" + "Metadata": { + "type": "object" }, - "PartnerProfileId": { - "markdownDescription": "A unique identifier for the partner profile for the connector.", - "title": "PartnerProfileId", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Policy": { + "markdownDescription": "The auth policy.", + "title": "Policy", + "type": "object" + }, + "ResourceIdentifier": { + "markdownDescription": "The ID or ARN of the service network or service for which the policy is created.", + "title": "ResourceIdentifier", + "type": "string" + } + }, + "required": [ + "Policy", + "ResourceIdentifier" + ], + "type": "object" }, - "SigningAlgorithm": { - "markdownDescription": "The algorithm that is used to sign the AS2 messages sent with the connector.", - "title": "SigningAlgorithm", + "Type": { + "enum": [ + "AWS::VpcLattice::AuthPolicy" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::Transfer::Connector.SftpConfig": { - "additionalProperties": false, - "properties": { - "TrustedHostKeys": { - "items": { - "type": "string" - }, - "markdownDescription": "The public portion of the host key, or keys, that are used to identify the external server to which you are connecting. You can use the `ssh-keyscan` command against the SFTP server to retrieve the necessary key.\n\n> `TrustedHostKeys` is optional for `CreateConnector` . If not provided, you can use `TestConnection` to retrieve the server host key during the initial connection attempt, and subsequently update the connector with the observed host key. \n\nThe three standard SSH public key format elements are `` , `` , and an optional `` , with spaces between each element. Specify only the `` and `` : do not enter the `` portion of the key.\n\nFor the trusted host key, AWS Transfer Family accepts RSA and ECDSA keys.\n\n- For RSA keys, the `` string is `ssh-rsa` .\n- For ECDSA keys, the `` string is either `ecdsa-sha2-nistp256` , `ecdsa-sha2-nistp384` , or `ecdsa-sha2-nistp521` , depending on the size of the key you generated.\n\nRun this command to retrieve the SFTP server host key, where your SFTP server name is `ftp.host.com` .\n\n`ssh-keyscan ftp.host.com`\n\nThis prints the public host key to standard output.\n\n`ftp.host.com ssh-rsa AAAAB3Nza... - Required when creating an SFTP connector\n> - Optional when updating an existing SFTP connector", - "title": "UserSecretId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::Transfer::Profile": { + "AWS::VpcLattice::Listener": { "additionalProperties": false, "properties": { "Condition": { @@ -262911,42 +314252,49 @@ "Properties": { "additionalProperties": false, "properties": { - "As2Id": { - "markdownDescription": "The `As2Id` is the *AS2-name* , as defined in the [RFC 4130](https://docs.aws.amazon.com/https://datatracker.ietf.org/doc/html/rfc4130) . For inbound transfers, this is the `AS2-From` header for the AS2 messages sent from the partner. For outbound connectors, this is the `AS2-To` header for the AS2 messages sent to the partner using the `StartFileTransfer` API operation. This ID cannot include spaces.", - "title": "As2Id", + "DefaultAction": { + "$ref": "#/definitions/AWS::VpcLattice::Listener.DefaultAction", + "markdownDescription": "The action for the default rule. Each listener has a default rule. The default rule is used if no other rules match.", + "title": "DefaultAction" + }, + "Name": { + "markdownDescription": "The name of the listener. A listener name must be unique within a service. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name.", + "title": "Name", "type": "string" }, - "CertificateIds": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of identifiers for the imported certificates. You use this identifier for working with profiles and partner profiles.", - "title": "CertificateIds", - "type": "array" + "Port": { + "markdownDescription": "The listener port. You can specify a value from 1 to 65535. For HTTP, the default is 80. For HTTPS, the default is 443.", + "title": "Port", + "type": "number" }, - "ProfileType": { - "markdownDescription": "Indicates whether to list only `LOCAL` type profiles or only `PARTNER` type profiles. If not supplied in the request, the command lists all types of profiles.", - "title": "ProfileType", + "Protocol": { + "markdownDescription": "The listener protocol.", + "title": "Protocol", + "type": "string" + }, + "ServiceIdentifier": { + "markdownDescription": "The ID or ARN of the service.", + "title": "ServiceIdentifier", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Key-value pairs that can be used to group and search for profiles.", + "markdownDescription": "The tags for the listener.", "title": "Tags", "type": "array" } }, "required": [ - "As2Id", - "ProfileType" + "DefaultAction", + "Protocol" ], "type": "object" }, "Type": { "enum": [ - "AWS::Transfer::Profile" + "AWS::VpcLattice::Listener" ], "type": "string" }, @@ -262965,7 +314313,73 @@ ], "type": "object" }, - "AWS::Transfer::Server": { + "AWS::VpcLattice::Listener.DefaultAction": { + "additionalProperties": false, + "properties": { + "FixedResponse": { + "$ref": "#/definitions/AWS::VpcLattice::Listener.FixedResponse", + "markdownDescription": "Describes an action that returns a custom HTTP response.", + "title": "FixedResponse" + }, + "Forward": { + "$ref": "#/definitions/AWS::VpcLattice::Listener.Forward", + "markdownDescription": "Describes a forward action. You can use forward actions to route requests to one or more target groups.", + "title": "Forward" + } + }, + "type": "object" + }, + "AWS::VpcLattice::Listener.FixedResponse": { + "additionalProperties": false, + "properties": { + "StatusCode": { + "markdownDescription": "The HTTP response code. Only `404` and `500` status codes are supported.", + "title": "StatusCode", + "type": "number" + } + }, + "required": [ + "StatusCode" + ], + "type": "object" + }, + "AWS::VpcLattice::Listener.Forward": { + "additionalProperties": false, + "properties": { + "TargetGroups": { + "items": { + "$ref": "#/definitions/AWS::VpcLattice::Listener.WeightedTargetGroup" + }, + "markdownDescription": "The target groups. Traffic matching the rule is forwarded to the specified target groups. With forward actions, you can assign a weight that controls the prioritization and selection of each target group. This means that requests are distributed to individual target groups based on their weights. For example, if two target groups have the same weight, each target group receives half of the traffic.\n\nThe default value is 1. This means that if only one target group is provided, there is no need to set the weight; 100% of the traffic goes to that target group.", + "title": "TargetGroups", + "type": "array" + } + }, + "required": [ + "TargetGroups" + ], + "type": "object" + }, + "AWS::VpcLattice::Listener.WeightedTargetGroup": { + "additionalProperties": false, + "properties": { + "TargetGroupIdentifier": { + "markdownDescription": "The ID of the target group.", + "title": "TargetGroupIdentifier", + "type": "string" + }, + "Weight": { + "markdownDescription": "Only required if you specify multiple target groups for a forward action. The weight determines how requests are distributed to the target group. For example, if you specify two target groups, each with a weight of 10, each target group receives half the requests. If you specify two target groups, one with a weight of 10 and the other with a weight of 20, the target group with a weight of 20 receives twice as many requests as the other target group. If there's only one target group specified, then the default value is 100.", + "title": "Weight", + "type": "number" + } + }, + "required": [ + "TargetGroupIdentifier" + ], + "type": "object" + }, + "AWS::VpcLattice::ResourceConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -263000,101 +314414,72 @@ "Properties": { "additionalProperties": false, "properties": { - "Certificate": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Certificate Manager (ACM) certificate. Required when `Protocols` is set to `FTPS` .\n\nTo request a new public certificate, see [Request a public certificate](https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-public.html) in the *AWS Certificate Manager User Guide* .\n\nTo import an existing certificate into ACM, see [Importing certificates into ACM](https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html) in the *AWS Certificate Manager User Guide* .\n\nTo request a private certificate to use FTPS through private IP addresses, see [Request a private certificate](https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-private.html) in the *AWS Certificate Manager User Guide* .\n\nCertificates with the following cryptographic algorithms and key sizes are supported:\n\n- 2048-bit RSA (RSA_2048)\n- 4096-bit RSA (RSA_4096)\n- Elliptic Prime Curve 256 bit (EC_prime256v1)\n- Elliptic Prime Curve 384 bit (EC_secp384r1)\n- Elliptic Prime Curve 521 bit (EC_secp521r1)\n\n> The certificate must be a valid SSL/TLS X.509 version 3 certificate with FQDN or IP address specified and information about the issuer.", - "title": "Certificate", - "type": "string" + "AllowAssociationToSharableServiceNetwork": { + "markdownDescription": "Specifies whether the resource configuration can be associated with a sharable service network.", + "title": "AllowAssociationToSharableServiceNetwork", + "type": "boolean" }, - "Domain": { - "markdownDescription": "Specifies the domain of the storage system that is used for file transfers. There are two domains available: Amazon Simple Storage Service (Amazon S3) and Amazon Elastic File System (Amazon EFS). The default value is S3.", - "title": "Domain", + "Name": { + "markdownDescription": "The name of the resource configuration.", + "title": "Name", "type": "string" }, - "EndpointDetails": { - "$ref": "#/definitions/AWS::Transfer::Server.EndpointDetails", - "markdownDescription": "The virtual private cloud (VPC) endpoint settings that are configured for your server. When you host your endpoint within your VPC, you can make your endpoint accessible only to resources within your VPC, or you can attach Elastic IP addresses and make your endpoint accessible to clients over the internet. Your VPC's default security groups are automatically assigned to your endpoint.", - "title": "EndpointDetails" + "PortRanges": { + "items": { + "type": "string" + }, + "markdownDescription": "(SINGLE, GROUP, CHILD) The TCP port ranges that a consumer can use to access a resource configuration (for example: 1-65535). You can separate port ranges using commas (for example: 1,2,22-30).", + "title": "PortRanges", + "type": "array" }, - "EndpointType": { - "markdownDescription": "The type of endpoint that you want your server to use. You can choose to make your server's endpoint publicly accessible (PUBLIC) or host it inside your VPC. With an endpoint that is hosted in a VPC, you can restrict access to your server and resources only within your VPC or choose to make it internet facing by attaching Elastic IP addresses directly to it.\n\n> After May 19, 2021, you won't be able to create a server using `EndpointType=VPC_ENDPOINT` in your AWS account if your account hasn't already done so before May 19, 2021. If you have already created servers with `EndpointType=VPC_ENDPOINT` in your AWS account on or before May 19, 2021, you will not be affected. After this date, use `EndpointType` = `VPC` .\n> \n> For more information, see [Discontinuing the use of VPC_ENDPOINT](https://docs.aws.amazon.com//transfer/latest/userguide/create-server-in-vpc.html#deprecate-vpc-endpoint) .\n> \n> It is recommended that you use `VPC` as the `EndpointType` . With this endpoint type, you have the option to directly associate up to three Elastic IPv4 addresses (BYO IP included) with your server's endpoint and use VPC security groups to restrict traffic by the client's public IP address. This is not possible with `EndpointType` set to `VPC_ENDPOINT` .", - "title": "EndpointType", + "ProtocolType": { + "markdownDescription": "(SINGLE, GROUP) The protocol accepted by the resource configuration.", + "title": "ProtocolType", "type": "string" }, - "IdentityProviderDetails": { - "$ref": "#/definitions/AWS::Transfer::Server.IdentityProviderDetails", - "markdownDescription": "Required when `IdentityProviderType` is set to `AWS_DIRECTORY_SERVICE` , `AWS _LAMBDA` or `API_GATEWAY` . Accepts an array containing all of the information required to use a directory in `AWS_DIRECTORY_SERVICE` or invoke a customer-supplied authentication API, including the API Gateway URL. Cannot be specified when `IdentityProviderType` is set to `SERVICE_MANAGED` .", - "title": "IdentityProviderDetails" - }, - "IdentityProviderType": { - "markdownDescription": "The mode of authentication for a server. The default value is `SERVICE_MANAGED` , which allows you to store and access user credentials within the AWS Transfer Family service.\n\nUse `AWS_DIRECTORY_SERVICE` to provide access to Active Directory groups in AWS Directory Service for Microsoft Active Directory or Microsoft Active Directory in your on-premises environment or in AWS using AD Connector. This option also requires you to provide a Directory ID by using the `IdentityProviderDetails` parameter.\n\nUse the `API_GATEWAY` value to integrate with an identity provider of your choosing. The `API_GATEWAY` setting requires you to provide an Amazon API Gateway endpoint URL to call for authentication by using the `IdentityProviderDetails` parameter.\n\nUse the `AWS_LAMBDA` value to directly use an AWS Lambda function as your identity provider. If you choose this value, you must specify the ARN for the Lambda function in the `Function` parameter for the `IdentityProviderDetails` data type.", - "title": "IdentityProviderType", + "ResourceConfigurationAuthType": { + "markdownDescription": "The auth type for the resource configuration.", + "title": "ResourceConfigurationAuthType", "type": "string" }, - "LoggingRole": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that allows a server to turn on Amazon CloudWatch logging for Amazon S3 or Amazon EFS events. When set, you can view user activity in your CloudWatch logs.", - "title": "LoggingRole", - "type": "string" + "ResourceConfigurationDefinition": { + "$ref": "#/definitions/AWS::VpcLattice::ResourceConfiguration.ResourceConfigurationDefinition", + "markdownDescription": "Identifies the resource configuration in one of the following ways:\n\n- *Amazon Resource Name (ARN)* - Supported resource-types that are provisioned by AWS services, such as RDS databases, can be identified by their ARN.\n- *Domain name* - Any domain name that is publicly resolvable.\n- *IP address* - For IPv4 and IPv6, only IP addresses in the VPC are supported.", + "title": "ResourceConfigurationDefinition" }, - "PostAuthenticationLoginBanner": { - "markdownDescription": "Specifies a string to display when users connect to a server. This string is displayed after the user authenticates.\n\n> The SFTP protocol does not support post-authentication display banners.", - "title": "PostAuthenticationLoginBanner", + "ResourceConfigurationGroupId": { + "markdownDescription": "The ID of the group resource configuration.", + "title": "ResourceConfigurationGroupId", "type": "string" }, - "PreAuthenticationLoginBanner": { - "markdownDescription": "Specifies a string to display when users connect to a server. This string is displayed before the user authenticates. For example, the following banner displays details about using the system:\n\n`This system is for the use of authorized users only. Individuals using this computer system without authority, or in excess of their authority, are subject to having all of their activities on this system monitored and recorded by system personnel.`", - "title": "PreAuthenticationLoginBanner", + "ResourceConfigurationType": { + "markdownDescription": "The type of resource configuration. A resource configuration can be one of the following types:\n\n- *SINGLE* - A single resource.\n- *GROUP* - A group of resources. You must create a group resource configuration before you create a child resource configuration.\n- *CHILD* - A single resource that is part of a group resource configuration.\n- *ARN* - An AWS resource.", + "title": "ResourceConfigurationType", "type": "string" }, - "ProtocolDetails": { - "$ref": "#/definitions/AWS::Transfer::Server.ProtocolDetails", - "markdownDescription": "The protocol settings that are configured for your server.\n\n- To indicate passive mode (for FTP and FTPS protocols), use the `PassiveIp` parameter. Enter a single dotted-quad IPv4 address, such as the external IP address of a firewall, router, or load balancer.\n- To ignore the error that is generated when the client attempts to use the `SETSTAT` command on a file that you are uploading to an Amazon S3 bucket, use the `SetStatOption` parameter. To have the AWS Transfer Family server ignore the `SETSTAT` command and upload files without needing to make any changes to your SFTP client, set the value to `ENABLE_NO_OP` . If you set the `SetStatOption` parameter to `ENABLE_NO_OP` , Transfer Family generates a log entry to Amazon CloudWatch Logs, so that you can determine when the client is making a `SETSTAT` call.\n- To determine whether your AWS Transfer Family server resumes recent, negotiated sessions through a unique session ID, use the `TlsSessionResumptionMode` parameter.\n- `As2Transports` indicates the transport method for the AS2 messages. Currently, only HTTP is supported.\n\nThe `Protocols` parameter is an array of strings.\n\n*Allowed values* : One or more of `SFTP` , `FTPS` , `FTP` , `AS2`", - "title": "ProtocolDetails" - }, - "Protocols": { - "items": { - "$ref": "#/definitions/AWS::Transfer::Server.Protocol" - }, - "markdownDescription": "Specifies the file transfer protocol or protocols over which your file transfer protocol client can connect to your server's endpoint. The available protocols are:\n\n- `SFTP` (Secure Shell (SSH) File Transfer Protocol): File transfer over SSH\n- `FTPS` (File Transfer Protocol Secure): File transfer with TLS encryption\n- `FTP` (File Transfer Protocol): Unencrypted file transfer\n- `AS2` (Applicability Statement 2): used for transporting structured business-to-business data\n\n> - If you select `FTPS` , you must choose a certificate stored in AWS Certificate Manager (ACM) which is used to identify your server when clients connect to it over FTPS.\n> - If `Protocol` includes either `FTP` or `FTPS` , then the `EndpointType` must be `VPC` and the `IdentityProviderType` must be either `AWS_DIRECTORY_SERVICE` , `AWS_LAMBDA` , or `API_GATEWAY` .\n> - If `Protocol` includes `FTP` , then `AddressAllocationIds` cannot be associated.\n> - If `Protocol` is set only to `SFTP` , the `EndpointType` can be set to `PUBLIC` and the `IdentityProviderType` can be set any of the supported identity types: `SERVICE_MANAGED` , `AWS_DIRECTORY_SERVICE` , `AWS_LAMBDA` , or `API_GATEWAY` .\n> - If `Protocol` includes `AS2` , then the `EndpointType` must be `VPC` , and domain must be Amazon S3. \n\nThe `Protocols` parameter is an array of strings.\n\n*Allowed values* : One or more of `SFTP` , `FTPS` , `FTP` , `AS2`", - "title": "Protocols", - "type": "array" - }, - "S3StorageOptions": { - "$ref": "#/definitions/AWS::Transfer::Server.S3StorageOptions", - "markdownDescription": "Specifies whether or not performance for your Amazon S3 directories is optimized. This is disabled by default.\n\nBy default, home directory mappings have a `TYPE` of `DIRECTORY` . If you enable this option, you would then need to explicitly set the `HomeDirectoryMapEntry` `Type` to `FILE` if you want a mapping to have a file target.", - "title": "S3StorageOptions" - }, - "SecurityPolicyName": { - "markdownDescription": "Specifies the name of the security policy for the server.", - "title": "SecurityPolicyName", + "ResourceGatewayId": { + "markdownDescription": "The ID of the resource gateway.", + "title": "ResourceGatewayId", "type": "string" }, - "StructuredLogDestinations": { - "items": { - "$ref": "#/definitions/AWS::Transfer::Server.StructuredLogDestination" - }, - "markdownDescription": "Specifies the log groups to which your server logs are sent.\n\nTo specify a log group, you must provide the ARN for an existing log group. In this case, the format of the log group is as follows:\n\n`arn:aws:logs:region-name:amazon-account-id:log-group:log-group-name:*`\n\nFor example, `arn:aws:logs:us-east-1:111122223333:log-group:mytestgroup:*`\n\nIf you have previously specified a log group for a server, you can clear it, and in effect turn off structured logging, by providing an empty value for this parameter in an `update-server` call. For example:\n\n`update-server --server-id s-1234567890abcdef0 --structured-log-destinations`", - "title": "StructuredLogDestinations", - "type": "array" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Key-value pairs that can be used to group and search for servers.", + "markdownDescription": "The tags for the resource configuration.", "title": "Tags", "type": "array" - }, - "WorkflowDetails": { - "$ref": "#/definitions/AWS::Transfer::Server.WorkflowDetails", - "markdownDescription": "Specifies the workflow ID for the workflow to assign and the execution role that's used for executing the workflow.\n\nIn addition to a workflow to execute when a file is uploaded completely, `WorkflowDetails` can also contain a workflow ID (and execution role) for a workflow to execute on partial upload. A partial upload occurs when a file is open when the session disconnects.", - "title": "WorkflowDetails" } }, + "required": [ + "Name", + "ResourceConfigurationType" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Transfer::Server" + "AWS::VpcLattice::ResourceConfiguration" ], "type": "string" }, @@ -263108,179 +314493,53 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Transfer::Server.As2Transport": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::Transfer::Server.EndpointDetails": { - "additionalProperties": false, - "properties": { - "AddressAllocationIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of address allocation IDs that are required to attach an Elastic IP address to your server's endpoint.\n\nAn address allocation ID corresponds to the allocation ID of an Elastic IP address. This value can be retrieved from the `allocationId` field from the Amazon EC2 [Address](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_Address.html) data type. One way to retrieve this value is by calling the EC2 [DescribeAddresses](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAddresses.html) API.\n\nThis parameter is optional. Set this parameter if you want to make your VPC endpoint public-facing. For details, see [Create an internet-facing endpoint for your server](https://docs.aws.amazon.com/transfer/latest/userguide/create-server-in-vpc.html#create-internet-facing-endpoint) .\n\n> This property can only be set as follows:\n> \n> - `EndpointType` must be set to `VPC`\n> - The Transfer Family server must be offline.\n> - You cannot set this parameter for Transfer Family servers that use the FTP protocol.\n> - The server must already have `SubnetIds` populated ( `SubnetIds` and `AddressAllocationIds` cannot be updated simultaneously).\n> - `AddressAllocationIds` can't contain duplicates, and must be equal in length to `SubnetIds` . For example, if you have three subnet IDs, you must also specify three address allocation IDs.\n> - Call the `UpdateServer` API to set or change this parameter.", - "title": "AddressAllocationIds", - "type": "array" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of security groups IDs that are available to attach to your server's endpoint.\n\n> This property can only be set when `EndpointType` is set to `VPC` .\n> \n> You can edit the `SecurityGroupIds` property in the [UpdateServer](https://docs.aws.amazon.com/transfer/latest/userguide/API_UpdateServer.html) API only if you are changing the `EndpointType` from `PUBLIC` or `VPC_ENDPOINT` to `VPC` . To change security groups associated with your server's VPC endpoint after creation, use the Amazon EC2 [ModifyVpcEndpoint](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVpcEndpoint.html) API.", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of subnet IDs that are required to host your server endpoint in your VPC.\n\n> This property can only be set when `EndpointType` is set to `VPC` .", - "title": "SubnetIds", - "type": "array" - }, - "VpcEndpointId": { - "markdownDescription": "The ID of the VPC endpoint.\n\n> This property can only be set when `EndpointType` is set to `VPC_ENDPOINT` .", - "title": "VpcEndpointId", - "type": "string" - }, - "VpcId": { - "markdownDescription": "The VPC ID of the virtual private cloud in which the server's endpoint will be hosted.\n\n> This property can only be set when `EndpointType` is set to `VPC` .", - "title": "VpcId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Transfer::Server.IdentityProviderDetails": { + "AWS::VpcLattice::ResourceConfiguration.DnsResource": { "additionalProperties": false, "properties": { - "DirectoryId": { - "markdownDescription": "The identifier of the AWS Directory Service directory that you want to use as your identity provider.", - "title": "DirectoryId", - "type": "string" - }, - "Function": { - "markdownDescription": "The ARN for a Lambda function to use for the Identity provider.", - "title": "Function", - "type": "string" - }, - "InvocationRole": { - "markdownDescription": "This parameter is only applicable if your `IdentityProviderType` is `API_GATEWAY` . Provides the type of `InvocationRole` used to authenticate the user account.", - "title": "InvocationRole", - "type": "string" - }, - "SftpAuthenticationMethods": { - "markdownDescription": "For SFTP-enabled servers, and for custom identity providers *only* , you can specify whether to authenticate using a password, SSH key pair, or both.\n\n- `PASSWORD` - users must provide their password to connect.\n- `PUBLIC_KEY` - users must provide their private key to connect.\n- `PUBLIC_KEY_OR_PASSWORD` - users can authenticate with either their password or their key. This is the default value.\n- `PUBLIC_KEY_AND_PASSWORD` - users must provide both their private key and their password to connect. The server checks the key first, and then if the key is valid, the system prompts for a password. If the private key provided does not match the public key that is stored, authentication fails.", - "title": "SftpAuthenticationMethods", + "DomainName": { + "markdownDescription": "The domain name of the resource configuration.", + "title": "DomainName", "type": "string" }, - "Url": { - "markdownDescription": "Provides the location of the service endpoint used to authenticate users.", - "title": "Url", + "IpAddressType": { + "markdownDescription": "The IP address type for the resource configuration. Dualstack is not currently supported.", + "title": "IpAddressType", "type": "string" } }, + "required": [ + "DomainName", + "IpAddressType" + ], "type": "object" }, - "AWS::Transfer::Server.Protocol": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::Transfer::Server.ProtocolDetails": { + "AWS::VpcLattice::ResourceConfiguration.ResourceConfigurationDefinition": { "additionalProperties": false, "properties": { - "As2Transports": { - "items": { - "$ref": "#/definitions/AWS::Transfer::Server.As2Transport" - }, - "markdownDescription": "List of `As2Transport` objects.", - "title": "As2Transports", - "type": "array" - }, - "PassiveIp": { - "markdownDescription": "Indicates passive mode, for FTP and FTPS protocols. Enter a single IPv4 address, such as the public IP address of a firewall, router, or load balancer. For example:\n\n`aws transfer update-server --protocol-details PassiveIp=0.0.0.0`\n\nReplace `0.0.0.0` in the example above with the actual IP address you want to use.\n\n> If you change the `PassiveIp` value, you must stop and then restart your Transfer Family server for the change to take effect. For details on using passive mode (PASV) in a NAT environment, see [Configuring your FTPS server behind a firewall or NAT with AWS Transfer Family](https://docs.aws.amazon.com/storage/configuring-your-ftps-server-behind-a-firewall-or-nat-with-aws-transfer-family/) . \n\n*Special values*\n\nThe `AUTO` and `0.0.0.0` are special values for the `PassiveIp` parameter. The value `PassiveIp=AUTO` is assigned by default to FTP and FTPS type servers. In this case, the server automatically responds with one of the endpoint IPs within the PASV response. `PassiveIp=0.0.0.0` has a more unique application for its usage. For example, if you have a High Availability (HA) Network Load Balancer (NLB) environment, where you have 3 subnets, you can only specify a single IP address using the `PassiveIp` parameter. This reduces the effectiveness of having High Availability. In this case, you can specify `PassiveIp=0.0.0.0` . This tells the client to use the same IP address as the Control connection and utilize all AZs for their connections. Note, however, that not all FTP clients support the `PassiveIp=0.0.0.0` response. FileZilla and WinSCP do support it. If you are using other clients, check to see if your client supports the `PassiveIp=0.0.0.0` response.", - "title": "PassiveIp", - "type": "string" - }, - "SetStatOption": { - "markdownDescription": "Use the `SetStatOption` to ignore the error that is generated when the client attempts to use `SETSTAT` on a file you are uploading to an S3 bucket.\n\nSome SFTP file transfer clients can attempt to change the attributes of remote files, including timestamp and permissions, using commands, such as `SETSTAT` when uploading the file. However, these commands are not compatible with object storage systems, such as Amazon S3. Due to this incompatibility, file uploads from these clients can result in errors even when the file is otherwise successfully uploaded.\n\nSet the value to `ENABLE_NO_OP` to have the Transfer Family server ignore the `SETSTAT` command, and upload files without needing to make any changes to your SFTP client. While the `SetStatOption` `ENABLE_NO_OP` setting ignores the error, it does generate a log entry in Amazon CloudWatch Logs, so you can determine when the client is making a `SETSTAT` call.\n\n> If you want to preserve the original timestamp for your file, and modify other file attributes using `SETSTAT` , you can use Amazon EFS as backend storage with Transfer Family.", - "title": "SetStatOption", + "ArnResource": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource configuration. For the ARN syntax and format, see [ARN format](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference-arns.html#arns-syntax) in the *AWS Identity and Access Management user guide* .", + "title": "ArnResource", "type": "string" }, - "TlsSessionResumptionMode": { - "markdownDescription": "A property used with Transfer Family servers that use the FTPS protocol. TLS Session Resumption provides a mechanism to resume or share a negotiated secret key between the control and data connection for an FTPS session. `TlsSessionResumptionMode` determines whether or not the server resumes recent, negotiated sessions through a unique session ID. This property is available during `CreateServer` and `UpdateServer` calls. If a `TlsSessionResumptionMode` value is not specified during `CreateServer` , it is set to `ENFORCED` by default.\n\n- `DISABLED` : the server does not process TLS session resumption client requests and creates a new TLS session for each request.\n- `ENABLED` : the server processes and accepts clients that are performing TLS session resumption. The server doesn't reject client data connections that do not perform the TLS session resumption client processing.\n- `ENFORCED` : the server processes and accepts clients that are performing TLS session resumption. The server rejects client data connections that do not perform the TLS session resumption client processing. Before you set the value to `ENFORCED` , test your clients.\n\n> Not all FTPS clients perform TLS session resumption. So, if you choose to enforce TLS session resumption, you prevent any connections from FTPS clients that don't perform the protocol negotiation. To determine whether or not you can use the `ENFORCED` value, you need to test your clients.", - "title": "TlsSessionResumptionMode", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Transfer::Server.S3StorageOptions": { - "additionalProperties": false, - "properties": { - "DirectoryListingOptimization": { - "markdownDescription": "Specifies whether or not performance for your Amazon S3 directories is optimized. This is disabled by default.\n\nBy default, home directory mappings have a `TYPE` of `DIRECTORY` . If you enable this option, you would then need to explicitly set the `HomeDirectoryMapEntry` `Type` to `FILE` if you want a mapping to have a file target.", - "title": "DirectoryListingOptimization", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Transfer::Server.StructuredLogDestination": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::Transfer::Server.WorkflowDetail": { - "additionalProperties": false, - "properties": { - "ExecutionRole": { - "markdownDescription": "Includes the necessary permissions for S3, EFS, and Lambda operations that Transfer can assume, so that all workflow steps can operate on the required resources", - "title": "ExecutionRole", - "type": "string" + "DnsResource": { + "$ref": "#/definitions/AWS::VpcLattice::ResourceConfiguration.DnsResource", + "markdownDescription": "The DNS name of the resource configuration.", + "title": "DnsResource" }, - "WorkflowId": { - "markdownDescription": "A unique identifier for the workflow.", - "title": "WorkflowId", + "IpResource": { + "markdownDescription": "The IP address of the resource configuration.", + "title": "IpResource", "type": "string" } }, - "required": [ - "ExecutionRole", - "WorkflowId" - ], - "type": "object" - }, - "AWS::Transfer::Server.WorkflowDetails": { - "additionalProperties": false, - "properties": { - "OnPartialUpload": { - "items": { - "$ref": "#/definitions/AWS::Transfer::Server.WorkflowDetail" - }, - "markdownDescription": "A trigger that starts a workflow if a file is only partially uploaded. You can attach a workflow to a server that executes whenever there is a partial upload.\n\nA *partial upload* occurs when a file is open when the session disconnects.\n\n> `OnPartialUpload` can contain a maximum of one `WorkflowDetail` object.", - "title": "OnPartialUpload", - "type": "array" - }, - "OnUpload": { - "items": { - "$ref": "#/definitions/AWS::Transfer::Server.WorkflowDetail" - }, - "markdownDescription": "A trigger that starts a workflow: the workflow begins to execute after a file is uploaded.\n\nTo remove an associated workflow from a server, you can provide an empty `OnUpload` object, as in the following example.\n\n`aws transfer update-server --server-id s-01234567890abcdef --workflow-details '{\"OnUpload\":[]}'`\n\n> `OnUpload` can contain a maximum of one `WorkflowDetail` object.", - "title": "OnUpload", - "type": "array" - } - }, "type": "object" }, - "AWS::Transfer::User": { + "AWS::VpcLattice::ResourceGateway": { "additionalProperties": false, "properties": { "Condition": { @@ -263315,76 +314574,56 @@ "Properties": { "additionalProperties": false, "properties": { - "HomeDirectory": { - "markdownDescription": "The landing directory (folder) for a user when they log in to the server using the client.\n\nA `HomeDirectory` example is `/bucket_name/home/mydirectory` .\n\n> You can use the `HomeDirectory` parameter for `HomeDirectoryType` when it is set to either `PATH` or `LOGICAL` .", - "title": "HomeDirectory", + "IpAddressType": { + "markdownDescription": "The type of IP address used by the resource gateway.", + "title": "IpAddressType", "type": "string" }, - "HomeDirectoryMappings": { + "Name": { + "markdownDescription": "The name of the resource gateway.", + "title": "Name", + "type": "string" + }, + "SecurityGroupIds": { "items": { - "$ref": "#/definitions/AWS::Transfer::User.HomeDirectoryMapEntry" + "type": "string" }, - "markdownDescription": "Logical directory mappings that specify what Amazon S3 or Amazon EFS paths and keys should be visible to your user and how you want to make them visible. You must specify the `Entry` and `Target` pair, where `Entry` shows how the path is made visible and `Target` is the actual Amazon S3 or Amazon EFS path. If you only specify a target, it is displayed as is. You also must ensure that your AWS Identity and Access Management (IAM) role provides access to paths in `Target` . This value can be set only when `HomeDirectoryType` is set to *LOGICAL* .\n\nThe following is an `Entry` and `Target` pair example.\n\n`[ { \"Entry\": \"/directory1\", \"Target\": \"/bucket_name/home/mydirectory\" } ]`\n\nIn most cases, you can use this value instead of the session policy to lock your user down to the designated home directory (\" `chroot` \"). To do this, you can set `Entry` to `/` and set `Target` to the value the user should see for their home directory when they log in.\n\nThe following is an `Entry` and `Target` pair example for `chroot` .\n\n`[ { \"Entry\": \"/\", \"Target\": \"/bucket_name/home/mydirectory\" } ]`", - "title": "HomeDirectoryMappings", + "markdownDescription": "The IDs of the security groups applied to the resource gateway.", + "title": "SecurityGroupIds", "type": "array" }, - "HomeDirectoryType": { - "markdownDescription": "The type of landing directory (folder) that you want your users' home directory to be when they log in to the server. If you set it to `PATH` , the user will see the absolute Amazon S3 bucket or Amazon EFS path as is in their file transfer protocol clients. If you set it to `LOGICAL` , you need to provide mappings in the `HomeDirectoryMappings` for how you want to make Amazon S3 or Amazon EFS paths visible to your users.\n\n> If `HomeDirectoryType` is `LOGICAL` , you must provide mappings, using the `HomeDirectoryMappings` parameter. If, on the other hand, `HomeDirectoryType` is `PATH` , you provide an absolute path using the `HomeDirectory` parameter. You cannot have both `HomeDirectory` and `HomeDirectoryMappings` in your template.", - "title": "HomeDirectoryType", - "type": "string" - }, - "Policy": { - "markdownDescription": "A session policy for your user so you can use the same IAM role across multiple users. This policy restricts user access to portions of their Amazon S3 bucket. Variables that you can use inside this policy include `${Transfer:UserName}` , `${Transfer:HomeDirectory}` , and `${Transfer:HomeBucket}` .\n\n> For session policies, AWS Transfer Family stores the policy as a JSON blob, instead of the Amazon Resource Name (ARN) of the policy. You save the policy as a JSON blob and pass it in the `Policy` argument.\n> \n> For an example of a session policy, see [Example session policy](https://docs.aws.amazon.com/transfer/latest/userguide/session-policy.html) .\n> \n> For more information, see [AssumeRole](https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html) in the *AWS Security Token Service API Reference* .", - "title": "Policy", - "type": "string" - }, - "PosixProfile": { - "$ref": "#/definitions/AWS::Transfer::User.PosixProfile", - "markdownDescription": "Specifies the full POSIX identity, including user ID ( `Uid` ), group ID ( `Gid` ), and any secondary groups IDs ( `SecondaryGids` ), that controls your users' access to your Amazon Elastic File System (Amazon EFS) file systems. The POSIX permissions that are set on files and directories in your file system determine the level of access your users get when transferring files into and out of your Amazon EFS file systems.", - "title": "PosixProfile" - }, - "Role": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that controls your users' access to your Amazon S3 bucket or Amazon EFS file system. The policies attached to this role determine the level of access that you want to provide your users when transferring files into and out of your Amazon S3 bucket or Amazon EFS file system. The IAM role should also contain a trust relationship that allows the server to access your resources when servicing your users' transfer requests.", - "title": "Role", - "type": "string" - }, - "ServerId": { - "markdownDescription": "A system-assigned unique identifier for a server instance. This is the specific server that you added your user to.", - "title": "ServerId", - "type": "string" - }, - "SshPublicKeys": { + "SubnetIds": { "items": { - "$ref": "#/definitions/AWS::Transfer::User.SshPublicKey" + "type": "string" }, - "markdownDescription": "Specifies the public key portion of the Secure Shell (SSH) keys stored for the described user.\n\n> To delete the public key body, set its value to zero keys, as shown here:\n> \n> `SshPublicKeys: []`", - "title": "SshPublicKeys", + "markdownDescription": "The IDs of the VPC subnets for the resource gateway.", + "title": "SubnetIds", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Key-value pairs that can be used to group and search for users. Tags are metadata attached to users for any purpose.", + "markdownDescription": "The tags for the resource gateway.", "title": "Tags", "type": "array" }, - "UserName": { - "markdownDescription": "A unique string that identifies a user and is associated with a `ServerId` . This user name must be a minimum of 3 and a maximum of 100 characters long. The following are valid characters: a-z, A-Z, 0-9, underscore '_', hyphen '-', period '.', and at sign '@'. The user name can't start with a hyphen, period, or at sign.", - "title": "UserName", + "VpcIdentifier": { + "markdownDescription": "The ID of the VPC for the resource gateway.", + "title": "VpcIdentifier", "type": "string" } - }, - "required": [ - "Role", - "ServerId", - "UserName" + }, + "required": [ + "Name", + "SubnetIds", + "VpcIdentifier" ], "type": "object" }, "Type": { "enum": [ - "AWS::Transfer::User" + "AWS::VpcLattice::ResourceGateway" ], "type": "string" }, @@ -263403,65 +314642,80 @@ ], "type": "object" }, - "AWS::Transfer::User.HomeDirectoryMapEntry": { + "AWS::VpcLattice::ResourcePolicy": { "additionalProperties": false, "properties": { - "Entry": { - "markdownDescription": "Represents an entry for `HomeDirectoryMappings` .", - "title": "Entry", + "Condition": { "type": "string" }, - "Target": { - "markdownDescription": "Represents the map target that is used in a `HomeDirectoryMapEntry` .", - "title": "Target", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Type": { - "markdownDescription": "Specifies the type of mapping. Set the type to `FILE` if you want the mapping to point to a file, or `DIRECTORY` for the directory to point to a directory.\n\n> By default, home directory mappings have a `Type` of `DIRECTORY` when you create a Transfer Family server. You would need to explicitly set `Type` to `FILE` if you want a mapping to have a file target.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Entry", - "Target" - ], - "type": "object" - }, - "AWS::Transfer::User.PosixProfile": { - "additionalProperties": false, - "properties": { - "Gid": { - "markdownDescription": "The POSIX group ID used for all EFS operations by this user.", - "title": "Gid", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SecondaryGids": { - "items": { - "type": "number" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Policy": { + "markdownDescription": "The Amazon Resource Name (ARN) of the service network or service.", + "title": "Policy", + "type": "object" + }, + "ResourceArn": { + "markdownDescription": "An IAM policy.", + "title": "ResourceArn", + "type": "string" + } }, - "markdownDescription": "The secondary POSIX group IDs used for all EFS operations by this user.", - "title": "SecondaryGids", - "type": "array" + "required": [ + "Policy", + "ResourceArn" + ], + "type": "object" }, - "Uid": { - "markdownDescription": "The POSIX user ID used for all EFS operations by this user.", - "title": "Uid", - "type": "number" + "Type": { + "enum": [ + "AWS::VpcLattice::ResourcePolicy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Gid", - "Uid" + "Type", + "Properties" ], "type": "object" }, - "AWS::Transfer::User.SshPublicKey": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::Transfer::Workflow": { + "AWS::VpcLattice::Rule": { "additionalProperties": false, "properties": { "Condition": { @@ -263496,44 +314750,55 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "Specifies the text description for the workflow.", - "title": "Description", + "Action": { + "$ref": "#/definitions/AWS::VpcLattice::Rule.Action", + "markdownDescription": "Describes the action for a rule.", + "title": "Action" + }, + "ListenerIdentifier": { + "markdownDescription": "The ID or ARN of the listener.", + "title": "ListenerIdentifier", "type": "string" }, - "OnExceptionSteps": { - "items": { - "$ref": "#/definitions/AWS::Transfer::Workflow.WorkflowStep" - }, - "markdownDescription": "Specifies the steps (actions) to take if errors are encountered during execution of the workflow.", - "title": "OnExceptionSteps", - "type": "array" + "Match": { + "$ref": "#/definitions/AWS::VpcLattice::Rule.Match", + "markdownDescription": "The rule match.", + "title": "Match" }, - "Steps": { - "items": { - "$ref": "#/definitions/AWS::Transfer::Workflow.WorkflowStep" - }, - "markdownDescription": "Specifies the details for the steps that are in the specified workflow.", - "title": "Steps", - "type": "array" + "Name": { + "markdownDescription": "The name of the rule. The name must be unique within the listener. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name.", + "title": "Name", + "type": "string" + }, + "Priority": { + "markdownDescription": "The priority assigned to the rule. Each rule for a specific listener must have a unique priority. The lower the priority number the higher the priority.", + "title": "Priority", + "type": "number" + }, + "ServiceIdentifier": { + "markdownDescription": "The ID or ARN of the service.", + "title": "ServiceIdentifier", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Key-value pairs that can be used to group and search for workflows. Tags are metadata attached to workflows for any purpose.", + "markdownDescription": "The tags for the rule.", "title": "Tags", "type": "array" } }, "required": [ - "Steps" + "Action", + "Match", + "Priority" ], "type": "object" }, "Type": { "enum": [ - "AWS::Transfer::Workflow" + "AWS::VpcLattice::Rule" ], "type": "string" }, @@ -263552,245 +314817,192 @@ ], "type": "object" }, - "AWS::Transfer::Workflow.CopyStepDetails": { + "AWS::VpcLattice::Rule.Action": { "additionalProperties": false, "properties": { - "DestinationFileLocation": { - "$ref": "#/definitions/AWS::Transfer::Workflow.S3FileLocation", - "markdownDescription": "Specifies the location for the file being copied. Use `${Transfer:UserName}` or `${Transfer:UploadDate}` in this field to parametrize the destination prefix by username or uploaded date.\n\n- Set the value of `DestinationFileLocation` to `${Transfer:UserName}` to copy uploaded files to an Amazon S3 bucket that is prefixed with the name of the Transfer Family user that uploaded the file.\n- Set the value of `DestinationFileLocation` to `${Transfer:UploadDate}` to copy uploaded files to an Amazon S3 bucket that is prefixed with the date of the upload.\n\n> The system resolves `UploadDate` to a date format of *YYYY-MM-DD* , based on the date the file is uploaded in UTC.", - "title": "DestinationFileLocation" - }, - "Name": { - "markdownDescription": "The name of the step, used as an identifier.", - "title": "Name", - "type": "string" - }, - "OverwriteExisting": { - "markdownDescription": "A flag that indicates whether to overwrite an existing file of the same name. The default is `FALSE` .\n\nIf the workflow is processing a file that has the same name as an existing file, the behavior is as follows:\n\n- If `OverwriteExisting` is `TRUE` , the existing file is replaced with the file being processed.\n- If `OverwriteExisting` is `FALSE` , nothing happens, and the workflow processing stops.", - "title": "OverwriteExisting", - "type": "string" + "FixedResponse": { + "$ref": "#/definitions/AWS::VpcLattice::Rule.FixedResponse", + "markdownDescription": "The fixed response action. The rule returns a custom HTTP response.", + "title": "FixedResponse" }, - "SourceFileLocation": { - "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", - "title": "SourceFileLocation", - "type": "string" + "Forward": { + "$ref": "#/definitions/AWS::VpcLattice::Rule.Forward", + "markdownDescription": "The forward action. Traffic that matches the rule is forwarded to the specified target groups.", + "title": "Forward" } }, "type": "object" }, - "AWS::Transfer::Workflow.CustomStepDetails": { + "AWS::VpcLattice::Rule.FixedResponse": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the step, used as an identifier.", - "title": "Name", - "type": "string" - }, - "SourceFileLocation": { - "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", - "title": "SourceFileLocation", - "type": "string" - }, - "Target": { - "markdownDescription": "The ARN for the Lambda function that is being called.", - "title": "Target", - "type": "string" - }, - "TimeoutSeconds": { - "markdownDescription": "Timeout, in seconds, for the step.", - "title": "TimeoutSeconds", + "StatusCode": { + "markdownDescription": "The HTTP response code. Only `404` and `500` status codes are supported.", + "title": "StatusCode", "type": "number" } }, + "required": [ + "StatusCode" + ], "type": "object" }, - "AWS::Transfer::Workflow.DecryptStepDetails": { + "AWS::VpcLattice::Rule.Forward": { "additionalProperties": false, "properties": { - "DestinationFileLocation": { - "$ref": "#/definitions/AWS::Transfer::Workflow.InputFileLocation", - "markdownDescription": "Specifies the location for the file being decrypted. Use `${Transfer:UserName}` or `${Transfer:UploadDate}` in this field to parametrize the destination prefix by username or uploaded date.\n\n- Set the value of `DestinationFileLocation` to `${Transfer:UserName}` to decrypt uploaded files to an Amazon S3 bucket that is prefixed with the name of the Transfer Family user that uploaded the file.\n- Set the value of `DestinationFileLocation` to `${Transfer:UploadDate}` to decrypt uploaded files to an Amazon S3 bucket that is prefixed with the date of the upload.\n\n> The system resolves `UploadDate` to a date format of *YYYY-MM-DD* , based on the date the file is uploaded in UTC.", - "title": "DestinationFileLocation" - }, - "Name": { - "markdownDescription": "The name of the step, used as an identifier.", - "title": "Name", - "type": "string" - }, - "OverwriteExisting": { - "markdownDescription": "A flag that indicates whether to overwrite an existing file of the same name. The default is `FALSE` .\n\nIf the workflow is processing a file that has the same name as an existing file, the behavior is as follows:\n\n- If `OverwriteExisting` is `TRUE` , the existing file is replaced with the file being processed.\n- If `OverwriteExisting` is `FALSE` , nothing happens, and the workflow processing stops.", - "title": "OverwriteExisting", - "type": "string" - }, - "SourceFileLocation": { - "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", - "title": "SourceFileLocation", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of encryption used. Currently, this value must be `PGP` .", - "title": "Type", - "type": "string" + "TargetGroups": { + "items": { + "$ref": "#/definitions/AWS::VpcLattice::Rule.WeightedTargetGroup" + }, + "markdownDescription": "The target groups. Traffic matching the rule is forwarded to the specified target groups. With forward actions, you can assign a weight that controls the prioritization and selection of each target group. This means that requests are distributed to individual target groups based on their weights. For example, if two target groups have the same weight, each target group receives half of the traffic.\n\nThe default value is 1. This means that if only one target group is provided, there is no need to set the weight; 100% of the traffic goes to that target group.", + "title": "TargetGroups", + "type": "array" } }, + "required": [ + "TargetGroups" + ], "type": "object" }, - "AWS::Transfer::Workflow.DeleteStepDetails": { + "AWS::VpcLattice::Rule.HeaderMatch": { "additionalProperties": false, "properties": { + "CaseSensitive": { + "markdownDescription": "Indicates whether the match is case sensitive.", + "title": "CaseSensitive", + "type": "boolean" + }, + "Match": { + "$ref": "#/definitions/AWS::VpcLattice::Rule.HeaderMatchType", + "markdownDescription": "The header match type.", + "title": "Match" + }, "Name": { - "markdownDescription": "The name of the step, used as an identifier.", + "markdownDescription": "The name of the header.", "title": "Name", "type": "string" - }, - "SourceFileLocation": { - "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", - "title": "SourceFileLocation", - "type": "string" } }, + "required": [ + "Match", + "Name" + ], "type": "object" }, - "AWS::Transfer::Workflow.EfsInputFileLocation": { + "AWS::VpcLattice::Rule.HeaderMatchType": { "additionalProperties": false, "properties": { - "FileSystemId": { - "markdownDescription": "The identifier of the file system, assigned by Amazon EFS.", - "title": "FileSystemId", + "Contains": { + "markdownDescription": "A contains type match.", + "title": "Contains", "type": "string" }, - "Path": { - "markdownDescription": "The pathname for the folder being used by a workflow.", - "title": "Path", + "Exact": { + "markdownDescription": "An exact type match.", + "title": "Exact", "type": "string" - } - }, - "type": "object" - }, - "AWS::Transfer::Workflow.InputFileLocation": { - "additionalProperties": false, - "properties": { - "EfsFileLocation": { - "$ref": "#/definitions/AWS::Transfer::Workflow.EfsInputFileLocation", - "markdownDescription": "Specifies the details for the Amazon Elastic File System (Amazon EFS) file that's being decrypted.", - "title": "EfsFileLocation" }, - "S3FileLocation": { - "$ref": "#/definitions/AWS::Transfer::Workflow.S3InputFileLocation", - "markdownDescription": "Specifies the details for the Amazon S3 file that's being copied or decrypted.", - "title": "S3FileLocation" + "Prefix": { + "markdownDescription": "A prefix type match. Matches the value with the prefix.", + "title": "Prefix", + "type": "string" } }, "type": "object" }, - "AWS::Transfer::Workflow.S3FileLocation": { + "AWS::VpcLattice::Rule.HttpMatch": { "additionalProperties": false, "properties": { - "S3FileLocation": { - "$ref": "#/definitions/AWS::Transfer::Workflow.S3InputFileLocation", - "markdownDescription": "Specifies the details for the file location for the file that's being used in the workflow. Only applicable if you are using Amazon S3 storage.", - "title": "S3FileLocation" + "HeaderMatches": { + "items": { + "$ref": "#/definitions/AWS::VpcLattice::Rule.HeaderMatch" + }, + "markdownDescription": "The header matches. Matches incoming requests with rule based on request header value before applying rule action.", + "title": "HeaderMatches", + "type": "array" + }, + "Method": { + "markdownDescription": "The HTTP method type.", + "title": "Method", + "type": "string" + }, + "PathMatch": { + "$ref": "#/definitions/AWS::VpcLattice::Rule.PathMatch", + "markdownDescription": "The path match.", + "title": "PathMatch" } }, "type": "object" }, - "AWS::Transfer::Workflow.S3InputFileLocation": { + "AWS::VpcLattice::Rule.Match": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "Specifies the S3 bucket for the customer input file.", - "title": "Bucket", - "type": "string" - }, - "Key": { - "markdownDescription": "The name assigned to the file when it was created in Amazon S3. You use the object key to retrieve the object.", - "title": "Key", - "type": "string" + "HttpMatch": { + "$ref": "#/definitions/AWS::VpcLattice::Rule.HttpMatch", + "markdownDescription": "The HTTP criteria that a rule must match.", + "title": "HttpMatch" } }, + "required": [ + "HttpMatch" + ], "type": "object" }, - "AWS::Transfer::Workflow.S3Tag": { + "AWS::VpcLattice::Rule.PathMatch": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The name assigned to the tag that you create.", - "title": "Key", - "type": "string" + "CaseSensitive": { + "markdownDescription": "Indicates whether the match is case sensitive.", + "title": "CaseSensitive", + "type": "boolean" }, - "Value": { - "markdownDescription": "The value that corresponds to the key.", - "title": "Value", - "type": "string" + "Match": { + "$ref": "#/definitions/AWS::VpcLattice::Rule.PathMatchType", + "markdownDescription": "The type of path match.", + "title": "Match" } }, "required": [ - "Key", - "Value" + "Match" ], "type": "object" }, - "AWS::Transfer::Workflow.TagStepDetails": { + "AWS::VpcLattice::Rule.PathMatchType": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the step, used as an identifier.", - "title": "Name", + "Exact": { + "markdownDescription": "An exact match of the path.", + "title": "Exact", "type": "string" }, - "SourceFileLocation": { - "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", - "title": "SourceFileLocation", + "Prefix": { + "markdownDescription": "A prefix match of the path.", + "title": "Prefix", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/AWS::Transfer::Workflow.S3Tag" - }, - "markdownDescription": "Array that contains from 1 to 10 key/value pairs.", - "title": "Tags", - "type": "array" } }, "type": "object" }, - "AWS::Transfer::Workflow.WorkflowStep": { + "AWS::VpcLattice::Rule.WeightedTargetGroup": { "additionalProperties": false, "properties": { - "CopyStepDetails": { - "$ref": "#/definitions/AWS::Transfer::Workflow.CopyStepDetails", - "markdownDescription": "Details for a step that performs a file copy.\n\nConsists of the following values:\n\n- A description\n- An Amazon S3 location for the destination of the file copy.\n- A flag that indicates whether to overwrite an existing file of the same name. The default is `FALSE` .", - "title": "CopyStepDetails" - }, - "CustomStepDetails": { - "$ref": "#/definitions/AWS::Transfer::Workflow.CustomStepDetails", - "markdownDescription": "Details for a step that invokes an AWS Lambda function.\n\nConsists of the Lambda function's name, target, and timeout (in seconds).", - "title": "CustomStepDetails" - }, - "DecryptStepDetails": { - "$ref": "#/definitions/AWS::Transfer::Workflow.DecryptStepDetails", - "markdownDescription": "Details for a step that decrypts an encrypted file.\n\nConsists of the following values:\n\n- A descriptive name\n- An Amazon S3 or Amazon Elastic File System (Amazon EFS) location for the source file to decrypt.\n- An S3 or Amazon EFS location for the destination of the file decryption.\n- A flag that indicates whether to overwrite an existing file of the same name. The default is `FALSE` .\n- The type of encryption that's used. Currently, only PGP encryption is supported.", - "title": "DecryptStepDetails" - }, - "DeleteStepDetails": { - "$ref": "#/definitions/AWS::Transfer::Workflow.DeleteStepDetails", - "markdownDescription": "Details for a step that deletes the file.", - "title": "DeleteStepDetails" - }, - "TagStepDetails": { - "$ref": "#/definitions/AWS::Transfer::Workflow.TagStepDetails", - "markdownDescription": "Details for a step that creates one or more tags.\n\nYou specify one or more tags. Each tag contains a key-value pair.", - "title": "TagStepDetails" - }, - "Type": { - "markdownDescription": "Currently, the following step types are supported.\n\n- *`COPY`* - Copy the file to another location.\n- *`CUSTOM`* - Perform a custom step with an AWS Lambda function target.\n- *`DECRYPT`* - Decrypt a file that was encrypted before it was uploaded.\n- *`DELETE`* - Delete the file.\n- *`TAG`* - Add a tag to the file.", - "title": "Type", + "TargetGroupIdentifier": { + "markdownDescription": "The ID of the target group.", + "title": "TargetGroupIdentifier", "type": "string" + }, + "Weight": { + "markdownDescription": "Only required if you specify multiple target groups for a forward action. The weight determines how requests are distributed to the target group. For example, if you specify two target groups, each with a weight of 10, each target group receives half the requests. If you specify two target groups, one with a weight of 10 and the other with a weight of 20, the target group with a weight of 20 receives twice as many requests as the other target group. If there's only one target group specified, then the default value is 100.", + "title": "Weight", + "type": "number" } }, + "required": [ + "TargetGroupIdentifier" + ], "type": "object" }, - "AWS::VerifiedPermissions::IdentitySource": { + "AWS::VpcLattice::Service": { "additionalProperties": false, "properties": { "Condition": { @@ -263825,31 +315037,45 @@ "Properties": { "additionalProperties": false, "properties": { - "Configuration": { - "$ref": "#/definitions/AWS::VerifiedPermissions::IdentitySource.IdentitySourceConfiguration", - "markdownDescription": "Contains configuration information used when creating a new identity source.", - "title": "Configuration" + "AuthType": { + "markdownDescription": "The type of IAM policy.\n\n- `NONE` : The resource does not use an IAM policy. This is the default.\n- `AWS_IAM` : The resource uses an IAM policy. When this type is used, auth is enabled and an auth policy is required.", + "title": "AuthType", + "type": "string" }, - "PolicyStoreId": { - "markdownDescription": "Specifies the ID of the policy store in which you want to store this identity source. Only policies and requests made using this policy store can reference identities from the identity provider configured in the new identity source.", - "title": "PolicyStoreId", + "CertificateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the certificate.", + "title": "CertificateArn", "type": "string" }, - "PrincipalEntityType": { - "markdownDescription": "Specifies the namespace and data type of the principals generated for identities authenticated by the new identity source.", - "title": "PrincipalEntityType", + "CustomDomainName": { + "markdownDescription": "The custom domain name of the service.", + "title": "CustomDomainName", + "type": "string" + }, + "DnsEntry": { + "$ref": "#/definitions/AWS::VpcLattice::Service.DnsEntry", + "markdownDescription": "Describes the DNS information of the service. This field is read-only.", + "title": "DnsEntry" + }, + "Name": { + "markdownDescription": "The name of the service. The name must be unique within the account. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name.", + "title": "Name", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the service.", + "title": "Tags", + "type": "array" } }, - "required": [ - "Configuration", - "PolicyStoreId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::VerifiedPermissions::IdentitySource" + "AWS::VpcLattice::Service" ], "type": "string" }, @@ -263863,67 +315089,27 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::VerifiedPermissions::IdentitySource.CognitoGroupConfiguration": { + "AWS::VpcLattice::Service.DnsEntry": { "additionalProperties": false, "properties": { - "GroupEntityType": { - "markdownDescription": "The name of the schema entity type that's mapped to the user pool group. Defaults to `AWS::CognitoGroup` .", - "title": "GroupEntityType", + "DomainName": { + "markdownDescription": "The domain name of the service.", + "title": "DomainName", "type": "string" - } - }, - "required": [ - "GroupEntityType" - ], - "type": "object" - }, - "AWS::VerifiedPermissions::IdentitySource.CognitoUserPoolConfiguration": { - "additionalProperties": false, - "properties": { - "ClientIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The unique application client IDs that are associated with the specified Amazon Cognito user pool.\n\nExample: `\"ClientIds\": [\"&ExampleCogClientId;\"]`", - "title": "ClientIds", - "type": "array" - }, - "GroupConfiguration": { - "$ref": "#/definitions/AWS::VerifiedPermissions::IdentitySource.CognitoGroupConfiguration", - "markdownDescription": "The type of entity that a policy store maps to groups from an Amazon Cognito user pool identity source.", - "title": "GroupConfiguration" }, - "UserPoolArn": { - "markdownDescription": "The [Amazon Resource Name (ARN)](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html) of the Amazon Cognito user pool that contains the identities to be authorized.", - "title": "UserPoolArn", + "HostedZoneId": { + "markdownDescription": "The ID of the hosted zone.", + "title": "HostedZoneId", "type": "string" } }, - "required": [ - "UserPoolArn" - ], - "type": "object" - }, - "AWS::VerifiedPermissions::IdentitySource.IdentitySourceConfiguration": { - "additionalProperties": false, - "properties": { - "CognitoUserPoolConfiguration": { - "$ref": "#/definitions/AWS::VerifiedPermissions::IdentitySource.CognitoUserPoolConfiguration", - "markdownDescription": "A structure that contains configuration information used when creating or updating an identity source that represents a connection to an Amazon Cognito user pool used as an identity provider for Verified Permissions .", - "title": "CognitoUserPoolConfiguration" - } - }, - "required": [ - "CognitoUserPoolConfiguration" - ], "type": "object" }, - "AWS::VerifiedPermissions::Policy": { + "AWS::VpcLattice::ServiceNetwork": { "additionalProperties": false, "properties": { "Condition": { @@ -263958,26 +315144,35 @@ "Properties": { "additionalProperties": false, "properties": { - "Definition": { - "$ref": "#/definitions/AWS::VerifiedPermissions::Policy.PolicyDefinition", - "markdownDescription": "Specifies the policy type and content to use for the new or updated policy. The definition structure must include either a `Static` or a `TemplateLinked` element.", - "title": "Definition" + "AuthType": { + "markdownDescription": "The type of IAM policy.\n\n- `NONE` : The resource does not use an IAM policy. This is the default.\n- `AWS_IAM` : The resource uses an IAM policy. When this type is used, auth is enabled and an auth policy is required.", + "title": "AuthType", + "type": "string" }, - "PolicyStoreId": { - "markdownDescription": "Specifies the `PolicyStoreId` of the policy store you want to store the policy in.", - "title": "PolicyStoreId", + "Name": { + "markdownDescription": "The name of the service network. The name must be unique to the account. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name.", + "title": "Name", "type": "string" + }, + "SharingConfig": { + "$ref": "#/definitions/AWS::VpcLattice::ServiceNetwork.SharingConfig", + "markdownDescription": "Specify if the service network should be enabled for sharing.", + "title": "SharingConfig" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the service network.", + "title": "Tags", + "type": "array" } }, - "required": [ - "Definition", - "PolicyStoreId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::VerifiedPermissions::Policy" + "AWS::VpcLattice::ServiceNetwork" ], "type": "string" }, @@ -263991,91 +315186,101 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::VerifiedPermissions::Policy.EntityIdentifier": { + "AWS::VpcLattice::ServiceNetwork.SharingConfig": { "additionalProperties": false, "properties": { - "EntityId": { - "markdownDescription": "The identifier of an entity.\n\n`\"entityId\":\" *identifier* \"`", - "title": "EntityId", - "type": "string" - }, - "EntityType": { - "markdownDescription": "The type of an entity.\n\nExample: `\"entityType\":\" *typeName* \"`", - "title": "EntityType", - "type": "string" + "enabled": { + "markdownDescription": "Specify if the service network should be enabled for sharing.", + "title": "enabled", + "type": "boolean" } }, "required": [ - "EntityId", - "EntityType" + "enabled" ], "type": "object" }, - "AWS::VerifiedPermissions::Policy.PolicyDefinition": { - "additionalProperties": false, - "properties": { - "Static": { - "$ref": "#/definitions/AWS::VerifiedPermissions::Policy.StaticPolicyDefinition", - "markdownDescription": "A structure that describes a static policy. An static policy doesn't use a template or allow placeholders for entities.", - "title": "Static" - }, - "TemplateLinked": { - "$ref": "#/definitions/AWS::VerifiedPermissions::Policy.TemplateLinkedPolicyDefinition", - "markdownDescription": "A structure that describes a policy that was instantiated from a template. The template can specify placeholders for `principal` and `resource` . When you use [CreatePolicy](https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicy.html) to create a policy from a template, you specify the exact principal and resource to use for the instantiated policy.", - "title": "TemplateLinked" - } - }, - "type": "object" - }, - "AWS::VerifiedPermissions::Policy.StaticPolicyDefinition": { + "AWS::VpcLattice::ServiceNetworkResourceAssociation": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the static policy.", - "title": "Description", + "Condition": { "type": "string" }, - "Statement": { - "markdownDescription": "The policy content of the static policy, written in the Cedar policy language.", - "title": "Statement", - "type": "string" - } - }, - "required": [ - "Statement" - ], - "type": "object" - }, - "AWS::VerifiedPermissions::Policy.TemplateLinkedPolicyDefinition": { - "additionalProperties": false, - "properties": { - "PolicyTemplateId": { - "markdownDescription": "The unique identifier of the policy template used to create this policy.", - "title": "PolicyTemplateId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Principal": { - "$ref": "#/definitions/AWS::VerifiedPermissions::Policy.EntityIdentifier", - "markdownDescription": "The principal associated with this template-linked policy. Verified Permissions substitutes this principal for the `?principal` placeholder in the policy template when it evaluates an authorization request.", - "title": "Principal" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Resource": { - "$ref": "#/definitions/AWS::VerifiedPermissions::Policy.EntityIdentifier", - "markdownDescription": "The resource associated with this template-linked policy. Verified Permissions substitutes this resource for the `?resource` placeholder in the policy template when it evaluates an authorization request.", - "title": "Resource" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ResourceConfigurationId": { + "markdownDescription": "The ID of the resource configuration associated with the service network.", + "title": "ResourceConfigurationId", + "type": "string" + }, + "ServiceNetworkId": { + "markdownDescription": "The ID of the service network associated with the resource configuration.", + "title": "ServiceNetworkId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A key-value pair to associate with a resource.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::VpcLattice::ServiceNetworkResourceAssociation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "PolicyTemplateId" + "Type" ], "type": "object" }, - "AWS::VerifiedPermissions::PolicyStore": { + "AWS::VpcLattice::ServiceNetworkServiceAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -264110,30 +315315,35 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "Descriptive text that you can provide to help with identification of the current policy store.", - "title": "Description", + "DnsEntry": { + "$ref": "#/definitions/AWS::VpcLattice::ServiceNetworkServiceAssociation.DnsEntry", + "markdownDescription": "The DNS information of the service.", + "title": "DnsEntry" + }, + "ServiceIdentifier": { + "markdownDescription": "The ID or ARN of the service.", + "title": "ServiceIdentifier", "type": "string" }, - "Schema": { - "$ref": "#/definitions/AWS::VerifiedPermissions::PolicyStore.SchemaDefinition", - "markdownDescription": "Creates or updates the policy schema in a policy store. Cedar can use the schema to validate any Cedar policies and policy templates submitted to the policy store. Any changes to the schema validate only policies and templates submitted after the schema change. Existing policies and templates are not re-evaluated against the changed schema. If you later update a policy, then it is evaluated against the new schema at that time.", - "title": "Schema" + "ServiceNetworkIdentifier": { + "markdownDescription": "The ID or ARN of the service network. You must use an ARN if the resources are in different accounts.", + "title": "ServiceNetworkIdentifier", + "type": "string" }, - "ValidationSettings": { - "$ref": "#/definitions/AWS::VerifiedPermissions::PolicyStore.ValidationSettings", - "markdownDescription": "Specifies the validation setting for this policy store.\n\nCurrently, the only valid and required value is `Mode` .\n\n> We recommend that you turn on `STRICT` mode only after you define a schema. If a schema doesn't exist, then `STRICT` mode causes any policy to fail validation, and Verified Permissions rejects the policy. You can turn off validation by using the [UpdatePolicyStore](https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyStore) . Then, when you have a schema defined, use [UpdatePolicyStore](https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyStore) again to turn validation back on.", - "title": "ValidationSettings" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the association.", + "title": "Tags", + "type": "array" } }, - "required": [ - "ValidationSettings" - ], "type": "object" }, "Type": { "enum": [ - "AWS::VerifiedPermissions::PolicyStore" + "AWS::VpcLattice::ServiceNetworkServiceAssociation" ], "type": "string" }, @@ -264147,37 +315357,27 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::VerifiedPermissions::PolicyStore.SchemaDefinition": { + "AWS::VpcLattice::ServiceNetworkServiceAssociation.DnsEntry": { "additionalProperties": false, "properties": { - "CedarJson": { - "markdownDescription": "A JSON string representation of the schema supported by applications that use this policy store. For more information, see [Policy store schema](https://docs.aws.amazon.com/verifiedpermissions/latest/userguide/schema.html) in the AVP User Guide.", - "title": "CedarJson", + "DomainName": { + "markdownDescription": "The domain name of the service.", + "title": "DomainName", "type": "string" - } - }, - "type": "object" - }, - "AWS::VerifiedPermissions::PolicyStore.ValidationSettings": { - "additionalProperties": false, - "properties": { - "Mode": { - "markdownDescription": "The validation mode currently configured for this policy store. The valid values are:\n\n- *OFF* \u2013 Neither Verified Permissions nor Cedar perform any validation on policies. No validation errors are reported by either service.\n- *STRICT* \u2013 Requires a schema to be present in the policy store. Cedar performs validation on all submitted new or updated static policies and policy templates. Any that fail validation are rejected and Cedar doesn't store them in the policy store.\n\n> If `Mode=STRICT` and the policy store doesn't contain a schema, Verified Permissions rejects all static policies and policy templates because there is no schema to validate against.\n> \n> To submit a static policy or policy template without a schema, you must turn off validation.", - "title": "Mode", + }, + "HostedZoneId": { + "markdownDescription": "The ID of the hosted zone.", + "title": "HostedZoneId", "type": "string" } }, - "required": [ - "Mode" - ], "type": "object" }, - "AWS::VerifiedPermissions::PolicyTemplate": { + "AWS::VpcLattice::ServiceNetworkVpcAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -264212,31 +315412,38 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description to attach to the new or updated policy template.", - "title": "Description", - "type": "string" + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the security groups. Security groups aren't added by default. You can add a security group to apply network level controls to control which resources in a VPC are allowed to access the service network and its services. For more information, see [Control traffic to resources using security groups](https://docs.aws.amazon.com//vpc/latest/userguide/VPC_SecurityGroups.html) in the *Amazon VPC User Guide* .", + "title": "SecurityGroupIds", + "type": "array" }, - "PolicyStoreId": { - "markdownDescription": "The unique identifier of the policy store that contains the template.", - "title": "PolicyStoreId", + "ServiceNetworkIdentifier": { + "markdownDescription": "The ID or ARN of the service network. You must use an ARN if the resources are in different accounts.", + "title": "ServiceNetworkIdentifier", "type": "string" }, - "Statement": { - "markdownDescription": "Specifies the content that you want to use for the new policy template, written in the Cedar policy language.", - "title": "Statement", + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the association.", + "title": "Tags", + "type": "array" + }, + "VpcIdentifier": { + "markdownDescription": "The ID of the VPC.", + "title": "VpcIdentifier", "type": "string" } }, - "required": [ - "PolicyStoreId", - "Statement" - ], "type": "object" }, "Type": { "enum": [ - "AWS::VerifiedPermissions::PolicyTemplate" + "AWS::VpcLattice::ServiceNetworkVpcAssociation" ], "type": "string" }, @@ -264250,12 +315457,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::VoiceID::Domain": { + "AWS::VpcLattice::TargetGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -264290,39 +315496,46 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the domain.", - "title": "Description", - "type": "string" + "Config": { + "$ref": "#/definitions/AWS::VpcLattice::TargetGroup.TargetGroupConfig", + "markdownDescription": "The target group configuration.", + "title": "Config" }, "Name": { - "markdownDescription": "The name for the domain.", + "markdownDescription": "The name of the target group. The name must be unique within the account. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name.", "title": "Name", "type": "string" }, - "ServerSideEncryptionConfiguration": { - "$ref": "#/definitions/AWS::VoiceID::Domain.ServerSideEncryptionConfiguration", - "markdownDescription": "The server-side encryption configuration containing the KMS key identifier you want Voice ID to use to encrypt your data.", - "title": "ServerSideEncryptionConfiguration" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "markdownDescription": "The tags for the target group.", "title": "Tags", "type": "array" + }, + "Targets": { + "items": { + "$ref": "#/definitions/AWS::VpcLattice::TargetGroup.Target" + }, + "markdownDescription": "Describes a target.", + "title": "Targets", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of target group.", + "title": "Type", + "type": "string" } }, "required": [ - "Name", - "ServerSideEncryptionConfiguration" + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::VoiceID::Domain" + "AWS::VpcLattice::TargetGroup" ], "type": "string" }, @@ -264341,21 +315554,137 @@ ], "type": "object" }, - "AWS::VoiceID::Domain.ServerSideEncryptionConfiguration": { + "AWS::VpcLattice::TargetGroup.HealthCheckConfig": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "The identifier of the KMS key to use to encrypt data stored by Voice ID. Voice ID doesn't support asymmetric customer managed keys.", - "title": "KmsKeyId", + "Enabled": { + "markdownDescription": "Indicates whether health checking is enabled.", + "title": "Enabled", + "type": "boolean" + }, + "HealthCheckIntervalSeconds": { + "markdownDescription": "The approximate amount of time, in seconds, between health checks of an individual target. The range is 5\u2013300 seconds. The default is 30 seconds.", + "title": "HealthCheckIntervalSeconds", + "type": "number" + }, + "HealthCheckTimeoutSeconds": { + "markdownDescription": "The amount of time, in seconds, to wait before reporting a target as unhealthy. The range is 1\u2013120 seconds. The default is 5 seconds.", + "title": "HealthCheckTimeoutSeconds", + "type": "number" + }, + "HealthyThresholdCount": { + "markdownDescription": "The number of consecutive successful health checks required before considering an unhealthy target healthy. The range is 2\u201310. The default is 5.", + "title": "HealthyThresholdCount", + "type": "number" + }, + "Matcher": { + "$ref": "#/definitions/AWS::VpcLattice::TargetGroup.Matcher", + "markdownDescription": "The codes to use when checking for a successful response from a target.", + "title": "Matcher" + }, + "Path": { + "markdownDescription": "The destination for health checks on the targets. If the protocol version is `HTTP/1.1` or `HTTP/2` , specify a valid URI (for example, `/path?query` ). The default path is `/` . Health checks are not supported if the protocol version is `gRPC` , however, you can choose `HTTP/1.1` or `HTTP/2` and specify a valid URI.", + "title": "Path", + "type": "string" + }, + "Port": { + "markdownDescription": "The port used when performing health checks on targets. The default setting is the port that a target receives traffic on.", + "title": "Port", + "type": "number" + }, + "Protocol": { + "markdownDescription": "The protocol used when performing health checks on targets. The possible protocols are `HTTP` and `HTTPS` . The default is `HTTP` .", + "title": "Protocol", + "type": "string" + }, + "ProtocolVersion": { + "markdownDescription": "The protocol version used when performing health checks on targets. The possible protocol versions are `HTTP1` and `HTTP2` .", + "title": "ProtocolVersion", + "type": "string" + }, + "UnhealthyThresholdCount": { + "markdownDescription": "The number of consecutive failed health checks required before considering a target unhealthy. The range is 2\u201310. The default is 2.", + "title": "UnhealthyThresholdCount", + "type": "number" + } + }, + "type": "object" + }, + "AWS::VpcLattice::TargetGroup.Matcher": { + "additionalProperties": false, + "properties": { + "HttpCode": { + "markdownDescription": "The HTTP code to use when checking for a successful response from a target.", + "title": "HttpCode", "type": "string" } }, "required": [ - "KmsKeyId" + "HttpCode" ], "type": "object" }, - "AWS::VpcLattice::AccessLogSubscription": { + "AWS::VpcLattice::TargetGroup.Target": { + "additionalProperties": false, + "properties": { + "Id": { + "markdownDescription": "The ID of the target. If the target group type is `INSTANCE` , this is an instance ID. If the target group type is `IP` , this is an IP address. If the target group type is `LAMBDA` , this is the ARN of a Lambda function. If the target group type is `ALB` , this is the ARN of an Application Load Balancer.", + "title": "Id", + "type": "string" + }, + "Port": { + "markdownDescription": "The port on which the target is listening. For HTTP, the default is 80. For HTTPS, the default is 443.", + "title": "Port", + "type": "number" + } + }, + "required": [ + "Id" + ], + "type": "object" + }, + "AWS::VpcLattice::TargetGroup.TargetGroupConfig": { + "additionalProperties": false, + "properties": { + "HealthCheck": { + "$ref": "#/definitions/AWS::VpcLattice::TargetGroup.HealthCheckConfig", + "markdownDescription": "The health check configuration. Not supported if the target group type is `LAMBDA` or `ALB` .", + "title": "HealthCheck" + }, + "IpAddressType": { + "markdownDescription": "The type of IP address used for the target group. Supported only if the target group type is `IP` . The default is `IPV4` .", + "title": "IpAddressType", + "type": "string" + }, + "LambdaEventStructureVersion": { + "markdownDescription": "The version of the event structure that your Lambda function receives. Supported only if the target group type is `LAMBDA` . The default is `V1` .", + "title": "LambdaEventStructureVersion", + "type": "string" + }, + "Port": { + "markdownDescription": "The port on which the targets are listening. For HTTP, the default is 80. For HTTPS, the default is 443. Not supported if the target group type is `LAMBDA` .", + "title": "Port", + "type": "number" + }, + "Protocol": { + "markdownDescription": "The protocol to use for routing traffic to the targets. The default is the protocol of the target group. Not supported if the target group type is `LAMBDA` .", + "title": "Protocol", + "type": "string" + }, + "ProtocolVersion": { + "markdownDescription": "The protocol version. The default is `HTTP1` . Not supported if the target group type is `LAMBDA` .", + "title": "ProtocolVersion", + "type": "string" + }, + "VpcIdentifier": { + "markdownDescription": "The ID of the VPC. Not supported if the target group type is `LAMBDA` .", + "title": "VpcIdentifier", + "type": "string" + } + }, + "type": "object" + }, + "AWS::WAF::ByteMatchSet": { "additionalProperties": false, "properties": { "Condition": { @@ -264390,52 +315719,102 @@ "Properties": { "additionalProperties": false, "properties": { - "DestinationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the destination. The supported destination types are CloudWatch Log groups, Kinesis Data Firehose delivery streams, and Amazon S3 buckets.", - "title": "DestinationArn", - "type": "string" - }, - "ResourceIdentifier": { - "markdownDescription": "The ID or ARN of the service network or service.", - "title": "ResourceIdentifier", - "type": "string" - }, - "Tags": { + "ByteMatchTuples": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::WAF::ByteMatchSet.ByteMatchTuple" }, - "markdownDescription": "The tags for the access log subscription.", - "title": "Tags", + "markdownDescription": "Specifies the bytes (typically a string that corresponds with ASCII characters) that you want AWS WAF to search for in web requests, the location in requests that you want AWS WAF to search, and other settings.", + "title": "ByteMatchTuples", "type": "array" + }, + "Name": { + "markdownDescription": "The name of the `ByteMatchSet` . You can't change `Name` after you create a `ByteMatchSet` .", + "title": "Name", + "type": "string" } }, "required": [ - "DestinationArn" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::VpcLattice::AccessLogSubscription" + "AWS::WAF::ByteMatchSet" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" ], "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::WAF::ByteMatchSet.ByteMatchTuple": { + "additionalProperties": false, + "properties": { + "FieldToMatch": { + "$ref": "#/definitions/AWS::WAF::ByteMatchSet.FieldToMatch", + "markdownDescription": "The part of a web request that you want to inspect, such as a specified header or a query string.", + "title": "FieldToMatch" + }, + "PositionalConstraint": { + "markdownDescription": "Within the portion of a web request that you want to search (for example, in the query string, if any), specify where you want AWS WAF to search. Valid values include the following:\n\n*CONTAINS*\n\nThe specified part of the web request must include the value of `TargetString` , but the location doesn't matter.\n\n*CONTAINS_WORD*\n\nThe specified part of the web request must include the value of `TargetString` , and `TargetString` must contain only alphanumeric characters or underscore (A-Z, a-z, 0-9, or _). In addition, `TargetString` must be a word, which means one of the following:\n\n- `TargetString` exactly matches the value of the specified part of the web request, such as the value of a header.\n- `TargetString` is at the beginning of the specified part of the web request and is followed by a character other than an alphanumeric character or underscore (_), for example, `BadBot;` .\n- `TargetString` is at the end of the specified part of the web request and is preceded by a character other than an alphanumeric character or underscore (_), for example, `;BadBot` .\n- `TargetString` is in the middle of the specified part of the web request and is preceded and followed by characters other than alphanumeric characters or underscore (_), for example, `-BadBot;` .\n\n*EXACTLY*\n\nThe value of the specified part of the web request must exactly match the value of `TargetString` .\n\n*STARTS_WITH*\n\nThe value of `TargetString` must appear at the beginning of the specified part of the web request.\n\n*ENDS_WITH*\n\nThe value of `TargetString` must appear at the end of the specified part of the web request.", + "title": "PositionalConstraint", + "type": "string" + }, + "TargetString": { + "markdownDescription": "The value that you want AWS WAF to search for. AWS WAF searches for the specified string in the part of web requests that you specified in `FieldToMatch` . The maximum length of the value is 50 bytes.\n\nYou must specify this property or the `TargetStringBase64` property.\n\nValid values depend on the values that you specified for `FieldToMatch` :\n\n- `HEADER` : The value that you want AWS WAF to search for in the request header that you specified in `FieldToMatch` , for example, the value of the `User-Agent` or `Referer` header.\n- `METHOD` : The HTTP method, which indicates the type of operation specified in the request. Amazon CloudFront supports the following methods: `DELETE` , `GET` , `HEAD` , `OPTIONS` , `PATCH` , `POST` , and `PUT` .\n- `QUERY_STRING` : The value that you want AWS WAF to search for in the query string, which is the part of a URL that appears after a `?` character.\n- `URI` : The value that you want AWS WAF to search for in the part of a URL that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but instead of inspecting a single parameter, AWS WAF inspects all parameters within the query string for the value or regex pattern that you specify in `TargetString` .\n\nIf `TargetString` includes alphabetic characters A-Z and a-z, note that the value is case sensitive.", + "title": "TargetString", + "type": "string" + }, + "TargetStringBase64": { + "markdownDescription": "The base64-encoded value that AWS WAF searches for. AWS CloudFormation sends this value to AWS WAF without encoding it.\n\nYou must specify this property or the `TargetString` property.\n\nAWS WAF searches for this value in a specific part of web requests, which you define in the `FieldToMatch` property.\n\nValid values depend on the Type value in the `FieldToMatch` property. For example, for a `METHOD` type, you must specify HTTP methods such as `DELETE, GET, HEAD, OPTIONS, PATCH, POST` , and `PUT` .", + "title": "TargetStringBase64", + "type": "string" + }, + "TextTransformation": { + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting it for a match.\n\nYou can only specify a single type of TextTransformation.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.", + "title": "TextTransformation", + "type": "string" + } + }, + "required": [ + "FieldToMatch", + "PositionalConstraint", + "TextTransformation" + ], + "type": "object" + }, + "AWS::WAF::ByteMatchSet.FieldToMatch": { + "additionalProperties": false, + "properties": { + "Data": { + "markdownDescription": "When the value of `Type` is `HEADER` , enter the name of the header that you want AWS WAF to search, for example, `User-Agent` or `Referer` . The name of the header is not case sensitive.\n\nWhen the value of `Type` is `SINGLE_QUERY_ARG` , enter the name of the parameter that you want AWS WAF to search, for example, `UserName` or `SalesRegion` . The parameter name is not case sensitive.\n\nIf the value of `Type` is any other value, omit `Data` .", + "title": "Data", + "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Type": { + "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicated the type of operation that the request is asking the origin to perform. Amazon CloudFront supports the following methods: `DELETE` , `GET` , `HEAD` , `OPTIONS` , `PATCH` , `POST` , and `PUT` .\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", + "title": "Type", "type": "string" } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::VpcLattice::AuthPolicy": { + "AWS::WAF::IPSet": { "additionalProperties": false, "properties": { "Condition": { @@ -264470,26 +315849,28 @@ "Properties": { "additionalProperties": false, "properties": { - "Policy": { - "markdownDescription": "The auth policy.", - "title": "Policy", - "type": "object" + "IPSetDescriptors": { + "items": { + "$ref": "#/definitions/AWS::WAF::IPSet.IPSetDescriptor" + }, + "markdownDescription": "The IP address type ( `IPV4` or `IPV6` ) and the IP address range (in CIDR notation) that web requests originate from. If the `WebACL` is associated with an Amazon CloudFront distribution and the viewer did not use an HTTP proxy or a load balancer to send the request, this is the value of the c-ip field in the CloudFront access logs.", + "title": "IPSetDescriptors", + "type": "array" }, - "ResourceIdentifier": { - "markdownDescription": "The ID or ARN of the service network or service for which the policy is created.", - "title": "ResourceIdentifier", + "Name": { + "markdownDescription": "The name of the `IPSet` . You can't change the name of an `IPSet` after you create it.", + "title": "Name", "type": "string" } }, "required": [ - "Policy", - "ResourceIdentifier" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::VpcLattice::AuthPolicy" + "AWS::WAF::IPSet" ], "type": "string" }, @@ -264508,7 +315889,27 @@ ], "type": "object" }, - "AWS::VpcLattice::Listener": { + "AWS::WAF::IPSet.IPSetDescriptor": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "Specify `IPV4` or `IPV6` .", + "title": "Type", + "type": "string" + }, + "Value": { + "markdownDescription": "Specify an IPv4 address by using CIDR notation. For example:\n\n- To configure AWS WAF to allow, block, or count requests that originated from the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure AWS WAF to allow, block, or count requests that originated from IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .\n\nSpecify an IPv6 address by using CIDR notation. For example:\n\n- To configure AWS WAF to allow, block, or count requests that originated from the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure AWS WAF to allow, block, or count requests that originated from IP addresses 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Type", + "Value" + ], + "type": "object" + }, + "AWS::WAF::Rule": { "additionalProperties": false, "properties": { "Condition": { @@ -264543,49 +315944,34 @@ "Properties": { "additionalProperties": false, "properties": { - "DefaultAction": { - "$ref": "#/definitions/AWS::VpcLattice::Listener.DefaultAction", - "markdownDescription": "The action for the default rule. Each listener has a default rule. The default rule is used if no other rules match.", - "title": "DefaultAction" + "MetricName": { + "markdownDescription": "The name of the metrics for this `Rule` . The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128 and minimum length one. It can't contain whitespace or metric names reserved for AWS WAF , including \"All\" and \"Default_Action.\" You can't change `MetricName` after you create the `Rule` .", + "title": "MetricName", + "type": "string" }, "Name": { - "markdownDescription": "The name of the listener. A listener name must be unique within a service. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name.", + "markdownDescription": "The friendly name or description for the `Rule` . You can't change the name of a `Rule` after you create it.", "title": "Name", "type": "string" }, - "Port": { - "markdownDescription": "The listener port. You can specify a value from 1 to 65535. For HTTP, the default is 80. For HTTPS, the default is 443.", - "title": "Port", - "type": "number" - }, - "Protocol": { - "markdownDescription": "The listener protocol.", - "title": "Protocol", - "type": "string" - }, - "ServiceIdentifier": { - "markdownDescription": "The ID or ARN of the service.", - "title": "ServiceIdentifier", - "type": "string" - }, - "Tags": { + "Predicates": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::WAF::Rule.Predicate" }, - "markdownDescription": "The tags for the listener.", - "title": "Tags", + "markdownDescription": "The `Predicates` object contains one `Predicate` element for each `ByteMatchSet` , `IPSet` , or `SqlInjectionMatchSet` object that you want to include in a `Rule` .", + "title": "Predicates", "type": "array" } }, "required": [ - "DefaultAction", - "Protocol" + "MetricName", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::VpcLattice::Listener" + "AWS::WAF::Rule" ], "type": "string" }, @@ -264604,73 +315990,33 @@ ], "type": "object" }, - "AWS::VpcLattice::Listener.DefaultAction": { - "additionalProperties": false, - "properties": { - "FixedResponse": { - "$ref": "#/definitions/AWS::VpcLattice::Listener.FixedResponse", - "markdownDescription": "Describes an action that returns a custom HTTP response.", - "title": "FixedResponse" - }, - "Forward": { - "$ref": "#/definitions/AWS::VpcLattice::Listener.Forward", - "markdownDescription": "Describes a forward action. You can use forward actions to route requests to one or more target groups.", - "title": "Forward" - } - }, - "type": "object" - }, - "AWS::VpcLattice::Listener.FixedResponse": { - "additionalProperties": false, - "properties": { - "StatusCode": { - "markdownDescription": "The HTTP response code. Only `404` and `500` status codes are supported.", - "title": "StatusCode", - "type": "number" - } - }, - "required": [ - "StatusCode" - ], - "type": "object" - }, - "AWS::VpcLattice::Listener.Forward": { - "additionalProperties": false, - "properties": { - "TargetGroups": { - "items": { - "$ref": "#/definitions/AWS::VpcLattice::Listener.WeightedTargetGroup" - }, - "markdownDescription": "The target groups. Traffic matching the rule is forwarded to the specified target groups. With forward actions, you can assign a weight that controls the prioritization and selection of each target group. This means that requests are distributed to individual target groups based on their weights. For example, if two target groups have the same weight, each target group receives half of the traffic.\n\nThe default value is 1. This means that if only one target group is provided, there is no need to set the weight; 100% of the traffic goes to that target group.", - "title": "TargetGroups", - "type": "array" - } - }, - "required": [ - "TargetGroups" - ], - "type": "object" - }, - "AWS::VpcLattice::Listener.WeightedTargetGroup": { + "AWS::WAF::Rule.Predicate": { "additionalProperties": false, "properties": { - "TargetGroupIdentifier": { - "markdownDescription": "The ID of the target group.", - "title": "TargetGroupIdentifier", + "DataId": { + "markdownDescription": "A unique identifier for a predicate in a `Rule` , such as `ByteMatchSetId` or `IPSetId` . The ID is returned by the corresponding `Create` or `List` command.", + "title": "DataId", "type": "string" }, - "Weight": { - "markdownDescription": "Only required if you specify multiple target groups for a forward action. The weight determines how requests are distributed to the target group. For example, if you specify two target groups, each with a weight of 10, each target group receives half the requests. If you specify two target groups, one with a weight of 10 and the other with a weight of 20, the target group with a weight of 20 receives twice as many requests as the other target group. If there's only one target group specified, then the default value is 100.", - "title": "Weight", - "type": "number" + "Negated": { + "markdownDescription": "Set `Negated` to `False` if you want AWS WAF to allow, block, or count requests based on the settings in the specified `ByteMatchSet` , `IPSet` , `SqlInjectionMatchSet` , `XssMatchSet` , `RegexMatchSet` , `GeoMatchSet` , or `SizeConstraintSet` . For example, if an `IPSet` includes the IP address `192.0.2.44` , AWS WAF will allow or block requests based on that IP address.\n\nSet `Negated` to `True` if you want AWS WAF to allow or block a request based on the negation of the settings in the `ByteMatchSet` , `IPSet` , `SqlInjectionMatchSet` , `XssMatchSet` , `RegexMatchSet` , `GeoMatchSet` , or `SizeConstraintSet` . For example, if an `IPSet` includes the IP address `192.0.2.44` , AWS WAF will allow, block, or count requests based on all IP addresses *except* `192.0.2.44` .", + "title": "Negated", + "type": "boolean" + }, + "Type": { + "markdownDescription": "The type of predicate in a `Rule` , such as `ByteMatch` or `IPSet` .", + "title": "Type", + "type": "string" } }, "required": [ - "TargetGroupIdentifier" + "DataId", + "Negated", + "Type" ], "type": "object" }, - "AWS::VpcLattice::ResourcePolicy": { + "AWS::WAF::SizeConstraintSet": { "additionalProperties": false, "properties": { "Condition": { @@ -264705,26 +316051,29 @@ "Properties": { "additionalProperties": false, "properties": { - "Policy": { - "markdownDescription": "The Amazon Resource Name (ARN) of the service network or service.", - "title": "Policy", - "type": "object" - }, - "ResourceArn": { - "markdownDescription": "An IAM policy.", - "title": "ResourceArn", + "Name": { + "markdownDescription": "The name, if any, of the `SizeConstraintSet` .", + "title": "Name", "type": "string" + }, + "SizeConstraints": { + "items": { + "$ref": "#/definitions/AWS::WAF::SizeConstraintSet.SizeConstraint" + }, + "markdownDescription": "The size constraint and the part of the web request to check.", + "title": "SizeConstraints", + "type": "array" } }, "required": [ - "Policy", - "ResourceArn" + "Name", + "SizeConstraints" ], "type": "object" }, "Type": { "enum": [ - "AWS::VpcLattice::ResourcePolicy" + "AWS::WAF::SizeConstraintSet" ], "type": "string" }, @@ -264743,7 +316092,58 @@ ], "type": "object" }, - "AWS::VpcLattice::Rule": { + "AWS::WAF::SizeConstraintSet.FieldToMatch": { + "additionalProperties": false, + "properties": { + "Data": { + "markdownDescription": "When the value of `Type` is `HEADER` , enter the name of the header that you want AWS WAF to search, for example, `User-Agent` or `Referer` . The name of the header is not case sensitive.\n\nWhen the value of `Type` is `SINGLE_QUERY_ARG` , enter the name of the parameter that you want AWS WAF to search, for example, `UserName` or `SalesRegion` . The parameter name is not case sensitive.\n\nIf the value of `Type` is any other value, omit `Data` .", + "title": "Data", + "type": "string" + }, + "Type": { + "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicated the type of operation that the request is asking the origin to perform. Amazon CloudFront supports the following methods: `DELETE` , `GET` , `HEAD` , `OPTIONS` , `PATCH` , `POST` , and `PUT` .\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::WAF::SizeConstraintSet.SizeConstraint": { + "additionalProperties": false, + "properties": { + "ComparisonOperator": { + "markdownDescription": "The type of comparison you want AWS WAF to perform. AWS WAF uses this in combination with the provided `Size` and `FieldToMatch` to build an expression in the form of \" `Size` `ComparisonOperator` size in bytes of `FieldToMatch` \". If that expression is true, the `SizeConstraint` is considered to match.\n\n*EQ* : Used to test if the `Size` is equal to the size of the `FieldToMatch`\n\n*NE* : Used to test if the `Size` is not equal to the size of the `FieldToMatch`\n\n*LE* : Used to test if the `Size` is less than or equal to the size of the `FieldToMatch`\n\n*LT* : Used to test if the `Size` is strictly less than the size of the `FieldToMatch`\n\n*GE* : Used to test if the `Size` is greater than or equal to the size of the `FieldToMatch`\n\n*GT* : Used to test if the `Size` is strictly greater than the size of the `FieldToMatch`", + "title": "ComparisonOperator", + "type": "string" + }, + "FieldToMatch": { + "$ref": "#/definitions/AWS::WAF::SizeConstraintSet.FieldToMatch", + "markdownDescription": "The part of a web request that you want to inspect, such as a specified header or a query string.", + "title": "FieldToMatch" + }, + "Size": { + "markdownDescription": "The size in bytes that you want AWS WAF to compare against the size of the specified `FieldToMatch` . AWS WAF uses this in combination with `ComparisonOperator` and `FieldToMatch` to build an expression in the form of \" `Size` `ComparisonOperator` size in bytes of `FieldToMatch` \". If that expression is true, the `SizeConstraint` is considered to match.\n\nValid values for size are 0 - 21474836480 bytes (0 - 20 GB).\n\nIf you specify `URI` for the value of `Type` , the / in the URI path that you specify counts as one character. For example, the URI `/logo.jpg` is nine characters long.", + "title": "Size", + "type": "number" + }, + "TextTransformation": { + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting it for a match.\n\nYou can only specify a single type of TextTransformation.\n\nNote that if you choose `BODY` for the value of `Type` , you must choose `NONE` for `TextTransformation` because Amazon CloudFront forwards only the first 8192 bytes for inspection.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.", + "title": "TextTransformation", + "type": "string" + } + }, + "required": [ + "ComparisonOperator", + "FieldToMatch", + "Size", + "TextTransformation" + ], + "type": "object" + }, + "AWS::WAF::SqlInjectionMatchSet": { "additionalProperties": false, "properties": { "Condition": { @@ -264778,55 +316178,28 @@ "Properties": { "additionalProperties": false, "properties": { - "Action": { - "$ref": "#/definitions/AWS::VpcLattice::Rule.Action", - "markdownDescription": "Describes the action for a rule.", - "title": "Action" - }, - "ListenerIdentifier": { - "markdownDescription": "The ID or ARN of the listener.", - "title": "ListenerIdentifier", - "type": "string" - }, - "Match": { - "$ref": "#/definitions/AWS::VpcLattice::Rule.Match", - "markdownDescription": "The rule match.", - "title": "Match" - }, "Name": { - "markdownDescription": "The name of the rule. The name must be unique within the listener. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name.", + "markdownDescription": "The name, if any, of the `SqlInjectionMatchSet` .", "title": "Name", "type": "string" }, - "Priority": { - "markdownDescription": "The priority assigned to the rule. Each rule for a specific listener must have a unique priority. The lower the priority number the higher the priority.", - "title": "Priority", - "type": "number" - }, - "ServiceIdentifier": { - "markdownDescription": "The ID or ARN of the service.", - "title": "ServiceIdentifier", - "type": "string" - }, - "Tags": { + "SqlInjectionMatchTuples": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::WAF::SqlInjectionMatchSet.SqlInjectionMatchTuple" }, - "markdownDescription": "The tags for the rule.", - "title": "Tags", + "markdownDescription": "Specifies the parts of web requests that you want to inspect for snippets of malicious SQL code.", + "title": "SqlInjectionMatchTuples", "type": "array" } }, "required": [ - "Action", - "Match", - "Priority" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::VpcLattice::Rule" + "AWS::WAF::SqlInjectionMatchSet" ], "type": "string" }, @@ -264845,192 +316218,46 @@ ], "type": "object" }, - "AWS::VpcLattice::Rule.Action": { - "additionalProperties": false, - "properties": { - "FixedResponse": { - "$ref": "#/definitions/AWS::VpcLattice::Rule.FixedResponse", - "markdownDescription": "The fixed response action. The rule returns a custom HTTP response.", - "title": "FixedResponse" - }, - "Forward": { - "$ref": "#/definitions/AWS::VpcLattice::Rule.Forward", - "markdownDescription": "The forward action. Traffic that matches the rule is forwarded to the specified target groups.", - "title": "Forward" - } - }, - "type": "object" - }, - "AWS::VpcLattice::Rule.FixedResponse": { - "additionalProperties": false, - "properties": { - "StatusCode": { - "markdownDescription": "The HTTP response code. Only `404` and `500` status codes are supported.", - "title": "StatusCode", - "type": "number" - } - }, - "required": [ - "StatusCode" - ], - "type": "object" - }, - "AWS::VpcLattice::Rule.Forward": { - "additionalProperties": false, - "properties": { - "TargetGroups": { - "items": { - "$ref": "#/definitions/AWS::VpcLattice::Rule.WeightedTargetGroup" - }, - "markdownDescription": "The target groups. Traffic matching the rule is forwarded to the specified target groups. With forward actions, you can assign a weight that controls the prioritization and selection of each target group. This means that requests are distributed to individual target groups based on their weights. For example, if two target groups have the same weight, each target group receives half of the traffic.\n\nThe default value is 1. This means that if only one target group is provided, there is no need to set the weight; 100% of the traffic goes to that target group.", - "title": "TargetGroups", - "type": "array" - } - }, - "required": [ - "TargetGroups" - ], - "type": "object" - }, - "AWS::VpcLattice::Rule.HeaderMatch": { - "additionalProperties": false, - "properties": { - "CaseSensitive": { - "markdownDescription": "Indicates whether the match is case sensitive.", - "title": "CaseSensitive", - "type": "boolean" - }, - "Match": { - "$ref": "#/definitions/AWS::VpcLattice::Rule.HeaderMatchType", - "markdownDescription": "The header match type.", - "title": "Match" - }, - "Name": { - "markdownDescription": "The name of the header.", - "title": "Name", - "type": "string" - } - }, - "required": [ - "Match", - "Name" - ], - "type": "object" - }, - "AWS::VpcLattice::Rule.HeaderMatchType": { + "AWS::WAF::SqlInjectionMatchSet.FieldToMatch": { "additionalProperties": false, "properties": { - "Contains": { - "markdownDescription": "A contains type match.", - "title": "Contains", - "type": "string" - }, - "Exact": { - "markdownDescription": "An exact type match.", - "title": "Exact", - "type": "string" - }, - "Prefix": { - "markdownDescription": "A prefix type match. Matches the value with the prefix.", - "title": "Prefix", + "Data": { + "markdownDescription": "When the value of `Type` is `HEADER` , enter the name of the header that you want AWS WAF to search, for example, `User-Agent` or `Referer` . The name of the header is not case sensitive.\n\nWhen the value of `Type` is `SINGLE_QUERY_ARG` , enter the name of the parameter that you want AWS WAF to search, for example, `UserName` or `SalesRegion` . The parameter name is not case sensitive.\n\nIf the value of `Type` is any other value, omit `Data` .", + "title": "Data", "type": "string" - } - }, - "type": "object" - }, - "AWS::VpcLattice::Rule.HttpMatch": { - "additionalProperties": false, - "properties": { - "HeaderMatches": { - "items": { - "$ref": "#/definitions/AWS::VpcLattice::Rule.HeaderMatch" - }, - "markdownDescription": "The header matches. Matches incoming requests with rule based on request header value before applying rule action.", - "title": "HeaderMatches", - "type": "array" }, - "Method": { - "markdownDescription": "The HTTP method type.", - "title": "Method", + "Type": { + "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicated the type of operation that the request is asking the origin to perform. Amazon CloudFront supports the following methods: `DELETE` , `GET` , `HEAD` , `OPTIONS` , `PATCH` , `POST` , and `PUT` .\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", + "title": "Type", "type": "string" - }, - "PathMatch": { - "$ref": "#/definitions/AWS::VpcLattice::Rule.PathMatch", - "markdownDescription": "The path match.", - "title": "PathMatch" - } - }, - "type": "object" - }, - "AWS::VpcLattice::Rule.Match": { - "additionalProperties": false, - "properties": { - "HttpMatch": { - "$ref": "#/definitions/AWS::VpcLattice::Rule.HttpMatch", - "markdownDescription": "The HTTP criteria that a rule must match.", - "title": "HttpMatch" - } - }, - "required": [ - "HttpMatch" - ], - "type": "object" - }, - "AWS::VpcLattice::Rule.PathMatch": { - "additionalProperties": false, - "properties": { - "CaseSensitive": { - "markdownDescription": "Indicates whether the match is case sensitive.", - "title": "CaseSensitive", - "type": "boolean" - }, - "Match": { - "$ref": "#/definitions/AWS::VpcLattice::Rule.PathMatchType", - "markdownDescription": "The type of path match.", - "title": "Match" } }, "required": [ - "Match" + "Type" ], "type": "object" }, - "AWS::VpcLattice::Rule.PathMatchType": { + "AWS::WAF::SqlInjectionMatchSet.SqlInjectionMatchTuple": { "additionalProperties": false, "properties": { - "Exact": { - "markdownDescription": "An exact match of the path.", - "title": "Exact", - "type": "string" + "FieldToMatch": { + "$ref": "#/definitions/AWS::WAF::SqlInjectionMatchSet.FieldToMatch", + "markdownDescription": "The part of a web request that you want to inspect, such as a specified header or a query string.", + "title": "FieldToMatch" }, - "Prefix": { - "markdownDescription": "A prefix match of the path.", - "title": "Prefix", - "type": "string" - } - }, - "type": "object" - }, - "AWS::VpcLattice::Rule.WeightedTargetGroup": { - "additionalProperties": false, - "properties": { - "TargetGroupIdentifier": { - "markdownDescription": "The ID of the target group.", - "title": "TargetGroupIdentifier", + "TextTransformation": { + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting it for a match.\n\nYou can only specify a single type of TextTransformation.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.", + "title": "TextTransformation", "type": "string" - }, - "Weight": { - "markdownDescription": "Only required if you specify multiple target groups for a forward action. The weight determines how requests are distributed to the target group. For example, if you specify two target groups, each with a weight of 10, each target group receives half the requests. If you specify two target groups, one with a weight of 10 and the other with a weight of 20, the target group with a weight of 20 receives twice as many requests as the other target group. If there's only one target group specified, then the default value is 100.", - "title": "Weight", - "type": "number" } }, "required": [ - "TargetGroupIdentifier" + "FieldToMatch", + "TextTransformation" ], "type": "object" }, - "AWS::VpcLattice::Service": { + "AWS::WAF::WebACL": { "additionalProperties": false, "properties": { "Condition": { @@ -265065,45 +316292,40 @@ "Properties": { "additionalProperties": false, "properties": { - "AuthType": { - "markdownDescription": "The type of IAM policy.\n\n- `NONE` : The resource does not use an IAM policy. This is the default.\n- `AWS_IAM` : The resource uses an IAM policy. When this type is used, auth is enabled and an auth policy is required.", - "title": "AuthType", - "type": "string" - }, - "CertificateArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the certificate.", - "title": "CertificateArn", - "type": "string" + "DefaultAction": { + "$ref": "#/definitions/AWS::WAF::WebACL.WafAction", + "markdownDescription": "The action to perform if none of the `Rules` contained in the `WebACL` match. The action is specified by the `WafAction` object.", + "title": "DefaultAction" }, - "CustomDomainName": { - "markdownDescription": "The custom domain name of the service.", - "title": "CustomDomainName", + "MetricName": { + "markdownDescription": "The name of the metrics for this `WebACL` . The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128 and minimum length one. It can't contain whitespace or metric names reserved for AWS WAF , including \"All\" and \"Default_Action.\" You can't change `MetricName` after you create the `WebACL` .", + "title": "MetricName", "type": "string" }, - "DnsEntry": { - "$ref": "#/definitions/AWS::VpcLattice::Service.DnsEntry", - "markdownDescription": "The DNS information of the service.", - "title": "DnsEntry" - }, "Name": { - "markdownDescription": "The name of the service. The name must be unique within the account. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name.", + "markdownDescription": "A friendly name or description of the `WebACL` . You can't change the name of a `WebACL` after you create it.", "title": "Name", "type": "string" }, - "Tags": { + "Rules": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::WAF::WebACL.ActivatedRule" }, - "markdownDescription": "The tags for the service.", - "title": "Tags", + "markdownDescription": "An array that contains the action for each `Rule` in a `WebACL` , the priority of the `Rule` , and the ID of the `Rule` .", + "title": "Rules", "type": "array" } }, + "required": [ + "DefaultAction", + "MetricName", + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::VpcLattice::Service" + "AWS::WAF::WebACL" ], "type": "string" }, @@ -265117,27 +316339,51 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::VpcLattice::Service.DnsEntry": { + "AWS::WAF::WebACL.ActivatedRule": { "additionalProperties": false, "properties": { - "DomainName": { - "markdownDescription": "The domain name of the service.", - "title": "DomainName", - "type": "string" + "Action": { + "$ref": "#/definitions/AWS::WAF::WebACL.WafAction", + "markdownDescription": "Specifies the action that Amazon CloudFront or AWS WAF takes when a web request matches the conditions in the `Rule` . Valid values for `Action` include the following:\n\n- `ALLOW` : CloudFront responds with the requested object.\n- `BLOCK` : CloudFront responds with an HTTP 403 (Forbidden) status code.\n- `COUNT` : AWS WAF increments a counter of requests that match the conditions in the rule and then continues to inspect the web request based on the remaining rules in the web ACL.\n\n`ActivatedRule|OverrideAction` applies only when updating or adding a `RuleGroup` to a `WebACL` . In this case, you do not use `ActivatedRule|Action` . For all other update requests, `ActivatedRule|Action` is used instead of `ActivatedRule|OverrideAction` .", + "title": "Action" }, - "HostedZoneId": { - "markdownDescription": "The ID of the hosted zone.", - "title": "HostedZoneId", + "Priority": { + "markdownDescription": "Specifies the order in which the `Rules` in a `WebACL` are evaluated. Rules with a lower value for `Priority` are evaluated before `Rules` with a higher value. The value must be a unique integer. If you add multiple `Rules` to a `WebACL` , the values don't need to be consecutive.", + "title": "Priority", + "type": "number" + }, + "RuleId": { + "markdownDescription": "The `RuleId` for a `Rule` . You use `RuleId` to get more information about a `Rule` , update a `Rule` , insert a `Rule` into a `WebACL` or delete a one from a `WebACL` , or delete a `Rule` from AWS WAF .\n\n`RuleId` is returned by `CreateRule` and by `ListRules` .", + "title": "RuleId", "type": "string" } }, + "required": [ + "Priority", + "RuleId" + ], "type": "object" }, - "AWS::VpcLattice::ServiceNetwork": { + "AWS::WAF::WebACL.WafAction": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "Specifies how you want AWS WAF to respond to requests that match the settings in a `Rule` . Valid settings include the following:\n\n- `ALLOW` : AWS WAF allows requests\n- `BLOCK` : AWS WAF blocks requests\n- `COUNT` : AWS WAF increments a counter of the requests that match all of the conditions in the rule. AWS WAF then continues to inspect the web request based on the remaining rules in the web ACL. You can't specify `COUNT` for the default action for a `WebACL` .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::WAF::XssMatchSet": { "additionalProperties": false, "properties": { "Condition": { @@ -265172,30 +316418,29 @@ "Properties": { "additionalProperties": false, "properties": { - "AuthType": { - "markdownDescription": "The type of IAM policy.\n\n- `NONE` : The resource does not use an IAM policy. This is the default.\n- `AWS_IAM` : The resource uses an IAM policy. When this type is used, auth is enabled and an auth policy is required.", - "title": "AuthType", - "type": "string" - }, "Name": { - "markdownDescription": "The name of the service network. The name must be unique to the account. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name.", + "markdownDescription": "The name, if any, of the `XssMatchSet` .", "title": "Name", "type": "string" }, - "Tags": { + "XssMatchTuples": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::WAF::XssMatchSet.XssMatchTuple" }, - "markdownDescription": "The tags for the service network.", - "title": "Tags", + "markdownDescription": "Specifies the parts of web requests that you want to inspect for cross-site scripting attacks.", + "title": "XssMatchTuples", "type": "array" } }, + "required": [ + "Name", + "XssMatchTuples" + ], "type": "object" }, "Type": { "enum": [ - "AWS::VpcLattice::ServiceNetwork" + "AWS::WAF::XssMatchSet" ], "type": "string" }, @@ -265208,12 +316453,52 @@ "type": "string" } }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::WAF::XssMatchSet.FieldToMatch": { + "additionalProperties": false, + "properties": { + "Data": { + "markdownDescription": "When the value of `Type` is `HEADER` , enter the name of the header that you want AWS WAF to search, for example, `User-Agent` or `Referer` . The name of the header is not case sensitive.\n\nWhen the value of `Type` is `SINGLE_QUERY_ARG` , enter the name of the parameter that you want AWS WAF to search, for example, `UserName` or `SalesRegion` . The parameter name is not case sensitive.\n\nIf the value of `Type` is any other value, omit `Data` .", + "title": "Data", + "type": "string" + }, + "Type": { + "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicated the type of operation that the request is asking the origin to perform. Amazon CloudFront supports the following methods: `DELETE` , `GET` , `HEAD` , `OPTIONS` , `PATCH` , `POST` , and `PUT` .\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", + "title": "Type", + "type": "string" + } + }, "required": [ "Type" ], "type": "object" }, - "AWS::VpcLattice::ServiceNetworkServiceAssociation": { + "AWS::WAF::XssMatchSet.XssMatchTuple": { + "additionalProperties": false, + "properties": { + "FieldToMatch": { + "$ref": "#/definitions/AWS::WAF::XssMatchSet.FieldToMatch", + "markdownDescription": "The part of a web request that you want to inspect, such as a specified header or a query string.", + "title": "FieldToMatch" + }, + "TextTransformation": { + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting it for a match.\n\nYou can only specify a single type of TextTransformation.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.", + "title": "TextTransformation", + "type": "string" + } + }, + "required": [ + "FieldToMatch", + "TextTransformation" + ], + "type": "object" + }, + "AWS::WAFRegional::ByteMatchSet": { "additionalProperties": false, "properties": { "Condition": { @@ -265248,35 +316533,28 @@ "Properties": { "additionalProperties": false, "properties": { - "DnsEntry": { - "$ref": "#/definitions/AWS::VpcLattice::ServiceNetworkServiceAssociation.DnsEntry", - "markdownDescription": "The DNS information of the service.", - "title": "DnsEntry" - }, - "ServiceIdentifier": { - "markdownDescription": "The ID or ARN of the service.", - "title": "ServiceIdentifier", - "type": "string" - }, - "ServiceNetworkIdentifier": { - "markdownDescription": "The ID or ARN of the service network. You must use an ARN if the resources are in different accounts.", - "title": "ServiceNetworkIdentifier", - "type": "string" - }, - "Tags": { + "ByteMatchTuples": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::WAFRegional::ByteMatchSet.ByteMatchTuple" }, - "markdownDescription": "The tags for the association.", - "title": "Tags", + "markdownDescription": "Specifies the bytes (typically a string that corresponds with ASCII characters) that you want AWS WAF to search for in web requests, the location in requests that you want AWS WAF to search, and other settings.", + "title": "ByteMatchTuples", "type": "array" + }, + "Name": { + "markdownDescription": "A friendly name or description of the `ByteMatchSet` . You can't change `Name` after you create a `ByteMatchSet` .", + "title": "Name", + "type": "string" } }, + "required": [ + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::VpcLattice::ServiceNetworkServiceAssociation" + "AWS::WAFRegional::ByteMatchSet" ], "type": "string" }, @@ -265290,27 +316568,67 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::VpcLattice::ServiceNetworkServiceAssociation.DnsEntry": { + "AWS::WAFRegional::ByteMatchSet.ByteMatchTuple": { "additionalProperties": false, "properties": { - "DomainName": { - "markdownDescription": "The domain name of the service.", - "title": "DomainName", + "FieldToMatch": { + "$ref": "#/definitions/AWS::WAFRegional::ByteMatchSet.FieldToMatch", + "markdownDescription": "The part of a web request that you want AWS WAF to inspect, such as a specific header or a query string.", + "title": "FieldToMatch" + }, + "PositionalConstraint": { + "markdownDescription": "Within the portion of a web request that you want to search (for example, in the query string, if any), specify where you want AWS WAF to search. Valid values include the following:\n\n*CONTAINS*\n\nThe specified part of the web request must include the value of `TargetString` , but the location doesn't matter.\n\n*CONTAINS_WORD*\n\nThe specified part of the web request must include the value of `TargetString` , and `TargetString` must contain only alphanumeric characters or underscore (A-Z, a-z, 0-9, or _). In addition, `TargetString` must be a word, which means one of the following:\n\n- `TargetString` exactly matches the value of the specified part of the web request, such as the value of a header.\n- `TargetString` is at the beginning of the specified part of the web request and is followed by a character other than an alphanumeric character or underscore (_), for example, `BadBot;` .\n- `TargetString` is at the end of the specified part of the web request and is preceded by a character other than an alphanumeric character or underscore (_), for example, `;BadBot` .\n- `TargetString` is in the middle of the specified part of the web request and is preceded and followed by characters other than alphanumeric characters or underscore (_), for example, `-BadBot;` .\n\n*EXACTLY*\n\nThe value of the specified part of the web request must exactly match the value of `TargetString` .\n\n*STARTS_WITH*\n\nThe value of `TargetString` must appear at the beginning of the specified part of the web request.\n\n*ENDS_WITH*\n\nThe value of `TargetString` must appear at the end of the specified part of the web request.", + "title": "PositionalConstraint", "type": "string" }, - "HostedZoneId": { - "markdownDescription": "The ID of the hosted zone.", - "title": "HostedZoneId", + "TargetString": { + "markdownDescription": "The value that you want AWS WAF to search for. AWS WAF searches for the specified string in the part of web requests that you specified in `FieldToMatch` . The maximum length of the value is 50 bytes.\n\nYou must specify this property or the `TargetStringBase64` property.\n\nValid values depend on the values that you specified for `FieldToMatch` :\n\n- `HEADER` : The value that you want AWS WAF to search for in the request header that you specified in `FieldToMatch` , for example, the value of the `User-Agent` or `Referer` header.\n- `METHOD` : The HTTP method, which indicates the type of operation specified in the request.\n- `QUERY_STRING` : The value that you want AWS WAF to search for in the query string, which is the part of a URL that appears after a `?` character.\n- `URI` : The value that you want AWS WAF to search for in the part of a URL that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but instead of inspecting a single parameter, AWS WAF inspects all parameters within the query string for the value or regex pattern that you specify in `TargetString` .\n\nIf `TargetString` includes alphabetic characters A-Z and a-z, note that the value is case sensitive.", + "title": "TargetString", + "type": "string" + }, + "TargetStringBase64": { + "markdownDescription": "The base64-encoded value that AWS WAF searches for. AWS CloudFormation sends this value to AWS WAF without encoding it.\n\nYou must specify this property or the `TargetString` property.\n\nAWS WAF searches for this value in a specific part of web requests, which you define in the `FieldToMatch` property.\n\nValid values depend on the Type value in the `FieldToMatch` property. For example, for a `METHOD` type, you must specify HTTP methods such as `DELETE, GET, HEAD, OPTIONS, PATCH, POST` , and `PUT` .", + "title": "TargetStringBase64", + "type": "string" + }, + "TextTransformation": { + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting it for a match.\n\nYou can only specify a single type of TextTransformation.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.", + "title": "TextTransformation", "type": "string" } }, + "required": [ + "FieldToMatch", + "PositionalConstraint", + "TextTransformation" + ], "type": "object" }, - "AWS::VpcLattice::ServiceNetworkVpcAssociation": { + "AWS::WAFRegional::ByteMatchSet.FieldToMatch": { + "additionalProperties": false, + "properties": { + "Data": { + "markdownDescription": "When the value of `Type` is `HEADER` , enter the name of the header that you want AWS WAF to search, for example, `User-Agent` or `Referer` . The name of the header is not case sensitive.\n\nWhen the value of `Type` is `SINGLE_QUERY_ARG` , enter the name of the parameter that you want AWS WAF to search, for example, `UserName` or `SalesRegion` . The parameter name is not case sensitive.\n\nIf the value of `Type` is any other value, omit `Data` .", + "title": "Data", + "type": "string" + }, + "Type": { + "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicated the type of operation that the request is asking the origin to perform.\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::WAFRegional::GeoMatchSet": { "additionalProperties": false, "properties": { "Condition": { @@ -265345,38 +316663,28 @@ "Properties": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the security groups. Security groups aren't added by default. You can add a security group to apply network level controls to control which resources in a VPC are allowed to access the service network and its services. For more information, see [Control traffic to resources using security groups](https://docs.aws.amazon.com//vpc/latest/userguide/VPC_SecurityGroups.html) in the *Amazon VPC User Guide* .", - "title": "SecurityGroupIds", - "type": "array" - }, - "ServiceNetworkIdentifier": { - "markdownDescription": "The ID or ARN of the service network. You must use an ARN if the resources are in different accounts.", - "title": "ServiceNetworkIdentifier", - "type": "string" - }, - "Tags": { + "GeoMatchConstraints": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::WAFRegional::GeoMatchSet.GeoMatchConstraint" }, - "markdownDescription": "The tags for the association.", - "title": "Tags", + "markdownDescription": "An array of `GeoMatchConstraint` objects, which contain the country that you want AWS WAF to search for.", + "title": "GeoMatchConstraints", "type": "array" }, - "VpcIdentifier": { - "markdownDescription": "The ID of the VPC.", - "title": "VpcIdentifier", + "Name": { + "markdownDescription": "A friendly name or description of the `GeoMatchSet` . You can't change the name of an `GeoMatchSet` after you create it.", + "title": "Name", "type": "string" } }, + "required": [ + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::VpcLattice::ServiceNetworkVpcAssociation" + "AWS::WAFRegional::GeoMatchSet" ], "type": "string" }, @@ -265390,11 +316698,32 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::VpcLattice::TargetGroup": { + "AWS::WAFRegional::GeoMatchSet.GeoMatchConstraint": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "The type of geographical area you want AWS WAF to search for. Currently `Country` is the only valid value.", + "title": "Type", + "type": "string" + }, + "Value": { + "markdownDescription": "The country that you want AWS WAF to search for.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Type", + "Value" + ], + "type": "object" + }, + "AWS::WAFRegional::IPSet": { "additionalProperties": false, "properties": { "Condition": { @@ -265429,46 +316758,28 @@ "Properties": { "additionalProperties": false, "properties": { - "Config": { - "$ref": "#/definitions/AWS::VpcLattice::TargetGroup.TargetGroupConfig", - "markdownDescription": "The target group configuration.", - "title": "Config" - }, - "Name": { - "markdownDescription": "The name of the target group. The name must be unique within the account. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name.", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags for the target group.", - "title": "Tags", - "type": "array" - }, - "Targets": { + "IPSetDescriptors": { "items": { - "$ref": "#/definitions/AWS::VpcLattice::TargetGroup.Target" + "$ref": "#/definitions/AWS::WAFRegional::IPSet.IPSetDescriptor" }, - "markdownDescription": "Describes a target.", - "title": "Targets", + "markdownDescription": "The IP address type ( `IPV4` or `IPV6` ) and the IP address range (in CIDR notation) that web requests originate from.", + "title": "IPSetDescriptors", "type": "array" }, - "Type": { - "markdownDescription": "The type of target group.", - "title": "Type", + "Name": { + "markdownDescription": "A friendly name or description of the `IPSet` . You can't change the name of an `IPSet` after you create it.", + "title": "Name", "type": "string" } }, "required": [ - "Type" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::VpcLattice::TargetGroup" + "AWS::WAFRegional::IPSet" ], "type": "string" }, @@ -265487,137 +316798,27 @@ ], "type": "object" }, - "AWS::VpcLattice::TargetGroup.HealthCheckConfig": { + "AWS::WAFRegional::IPSet.IPSetDescriptor": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Indicates whether health checking is enabled.", - "title": "Enabled", - "type": "boolean" - }, - "HealthCheckIntervalSeconds": { - "markdownDescription": "The approximate amount of time, in seconds, between health checks of an individual target. The range is 5\u2013300 seconds. The default is 30 seconds.", - "title": "HealthCheckIntervalSeconds", - "type": "number" - }, - "HealthCheckTimeoutSeconds": { - "markdownDescription": "The amount of time, in seconds, to wait before reporting a target as unhealthy. The range is 1\u2013120 seconds. The default is 5 seconds.", - "title": "HealthCheckTimeoutSeconds", - "type": "number" - }, - "HealthyThresholdCount": { - "markdownDescription": "The number of consecutive successful health checks required before considering an unhealthy target healthy. The range is 2\u201310. The default is 5.", - "title": "HealthyThresholdCount", - "type": "number" - }, - "Matcher": { - "$ref": "#/definitions/AWS::VpcLattice::TargetGroup.Matcher", - "markdownDescription": "The codes to use when checking for a successful response from a target.", - "title": "Matcher" - }, - "Path": { - "markdownDescription": "The destination for health checks on the targets. If the protocol version is `HTTP/1.1` or `HTTP/2` , specify a valid URI (for example, `/path?query` ). The default path is `/` . Health checks are not supported if the protocol version is `gRPC` , however, you can choose `HTTP/1.1` or `HTTP/2` and specify a valid URI.", - "title": "Path", - "type": "string" - }, - "Port": { - "markdownDescription": "The port used when performing health checks on targets. The default setting is the port that a target receives traffic on.", - "title": "Port", - "type": "number" - }, - "Protocol": { - "markdownDescription": "The protocol used when performing health checks on targets. The possible protocols are `HTTP` and `HTTPS` . The default is `HTTP` .", - "title": "Protocol", - "type": "string" - }, - "ProtocolVersion": { - "markdownDescription": "The protocol version used when performing health checks on targets. The possible protocol versions are `HTTP1` and `HTTP2` .", - "title": "ProtocolVersion", + "Type": { + "markdownDescription": "Specify `IPV4` or `IPV6` .", + "title": "Type", "type": "string" }, - "UnhealthyThresholdCount": { - "markdownDescription": "The number of consecutive failed health checks required before considering a target unhealthy. The range is 2\u201310. The default is 2.", - "title": "UnhealthyThresholdCount", - "type": "number" - } - }, - "type": "object" - }, - "AWS::VpcLattice::TargetGroup.Matcher": { - "additionalProperties": false, - "properties": { - "HttpCode": { - "markdownDescription": "The HTTP code to use when checking for a successful response from a target.", - "title": "HttpCode", - "type": "string" - } - }, - "required": [ - "HttpCode" - ], - "type": "object" - }, - "AWS::VpcLattice::TargetGroup.Target": { - "additionalProperties": false, - "properties": { - "Id": { - "markdownDescription": "The ID of the target. If the target group type is `INSTANCE` , this is an instance ID. If the target group type is `IP` , this is an IP address. If the target group type is `LAMBDA` , this is the ARN of a Lambda function. If the target group type is `ALB` , this is the ARN of an Application Load Balancer.", - "title": "Id", + "Value": { + "markdownDescription": "Specify an IPv4 address by using CIDR notation. For example:\n\n- To configure AWS WAF to allow, block, or count requests that originated from the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure AWS WAF to allow, block, or count requests that originated from IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .\n\nSpecify an IPv6 address by using CIDR notation. For example:\n\n- To configure AWS WAF to allow, block, or count requests that originated from the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure AWS WAF to allow, block, or count requests that originated from IP addresses 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .", + "title": "Value", "type": "string" - }, - "Port": { - "markdownDescription": "The port on which the target is listening. For HTTP, the default is 80. For HTTPS, the default is 443.", - "title": "Port", - "type": "number" } }, "required": [ - "Id" + "Type", + "Value" ], "type": "object" }, - "AWS::VpcLattice::TargetGroup.TargetGroupConfig": { - "additionalProperties": false, - "properties": { - "HealthCheck": { - "$ref": "#/definitions/AWS::VpcLattice::TargetGroup.HealthCheckConfig", - "markdownDescription": "The health check configuration. Not supported if the target group type is `LAMBDA` or `ALB` .", - "title": "HealthCheck" - }, - "IpAddressType": { - "markdownDescription": "The type of IP address used for the target group. Supported only if the target group type is `IP` . The default is `IPV4` .", - "title": "IpAddressType", - "type": "string" - }, - "LambdaEventStructureVersion": { - "markdownDescription": "The version of the event structure that your Lambda function receives. Supported only if the target group type is `LAMBDA` . The default is `V1` .", - "title": "LambdaEventStructureVersion", - "type": "string" - }, - "Port": { - "markdownDescription": "The port on which the targets are listening. For HTTP, the default is 80. For HTTPS, the default is 443. Not supported if the target group type is `LAMBDA` .", - "title": "Port", - "type": "number" - }, - "Protocol": { - "markdownDescription": "The protocol to use for routing traffic to the targets. The default is the protocol of the target group. Not supported if the target group type is `LAMBDA` .", - "title": "Protocol", - "type": "string" - }, - "ProtocolVersion": { - "markdownDescription": "The protocol version. The default is `HTTP1` . Not supported if the target group type is `LAMBDA` .", - "title": "ProtocolVersion", - "type": "string" - }, - "VpcIdentifier": { - "markdownDescription": "The ID of the VPC. Not supported if the target group type is `LAMBDA` .", - "title": "VpcIdentifier", - "type": "string" - } - }, - "type": "object" - }, - "AWS::WAF::ByteMatchSet": { + "AWS::WAFRegional::RateBasedRule": { "additionalProperties": false, "properties": { "Condition": { @@ -265652,28 +316853,46 @@ "Properties": { "additionalProperties": false, "properties": { - "ByteMatchTuples": { + "MatchPredicates": { "items": { - "$ref": "#/definitions/AWS::WAF::ByteMatchSet.ByteMatchTuple" + "$ref": "#/definitions/AWS::WAFRegional::RateBasedRule.Predicate" }, - "markdownDescription": "Specifies the bytes (typically a string that corresponds with ASCII characters) that you want AWS WAF to search for in web requests, the location in requests that you want AWS WAF to search, and other settings.", - "title": "ByteMatchTuples", + "markdownDescription": "The `Predicates` object contains one `Predicate` element for each `ByteMatchSet` , `IPSet` , or `SqlInjectionMatchSet>` object that you want to include in a `RateBasedRule` .", + "title": "MatchPredicates", "type": "array" }, + "MetricName": { + "markdownDescription": "A name for the metrics for a `RateBasedRule` . The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128 and minimum length one. It can't contain whitespace or metric names reserved for AWS WAF , including \"All\" and \"Default_Action.\" You can't change the name of the metric after you create the `RateBasedRule` .", + "title": "MetricName", + "type": "string" + }, "Name": { - "markdownDescription": "The name of the `ByteMatchSet` . You can't change `Name` after you create a `ByteMatchSet` .", + "markdownDescription": "A friendly name or description for a `RateBasedRule` . You can't change the name of a `RateBasedRule` after you create it.", "title": "Name", "type": "string" + }, + "RateKey": { + "markdownDescription": "The field that AWS WAF uses to determine if requests are likely arriving from single source and thus subject to rate monitoring. The only valid value for `RateKey` is `IP` . `IP` indicates that requests arriving from the same IP address are subject to the `RateLimit` that is specified in the `RateBasedRule` .", + "title": "RateKey", + "type": "string" + }, + "RateLimit": { + "markdownDescription": "The maximum number of requests, which have an identical value in the field specified by the `RateKey` , allowed in a five-minute period. If the number of requests exceeds the `RateLimit` and the other predicates specified in the rule are also met, AWS WAF triggers the action that is specified for this rule.", + "title": "RateLimit", + "type": "number" } }, "required": [ - "Name" + "MetricName", + "Name", + "RateKey", + "RateLimit" ], "type": "object" }, "Type": { "enum": [ - "AWS::WAF::ByteMatchSet" + "AWS::WAFRegional::RateBasedRule" ], "type": "string" }, @@ -265692,62 +316911,33 @@ ], "type": "object" }, - "AWS::WAF::ByteMatchSet.ByteMatchTuple": { + "AWS::WAFRegional::RateBasedRule.Predicate": { "additionalProperties": false, "properties": { - "FieldToMatch": { - "$ref": "#/definitions/AWS::WAF::ByteMatchSet.FieldToMatch", - "markdownDescription": "The part of a web request that you want to inspect, such as a specified header or a query string.", - "title": "FieldToMatch" - }, - "PositionalConstraint": { - "markdownDescription": "Within the portion of a web request that you want to search (for example, in the query string, if any), specify where you want AWS WAF to search. Valid values include the following:\n\n*CONTAINS*\n\nThe specified part of the web request must include the value of `TargetString` , but the location doesn't matter.\n\n*CONTAINS_WORD*\n\nThe specified part of the web request must include the value of `TargetString` , and `TargetString` must contain only alphanumeric characters or underscore (A-Z, a-z, 0-9, or _). In addition, `TargetString` must be a word, which means one of the following:\n\n- `TargetString` exactly matches the value of the specified part of the web request, such as the value of a header.\n- `TargetString` is at the beginning of the specified part of the web request and is followed by a character other than an alphanumeric character or underscore (_), for example, `BadBot;` .\n- `TargetString` is at the end of the specified part of the web request and is preceded by a character other than an alphanumeric character or underscore (_), for example, `;BadBot` .\n- `TargetString` is in the middle of the specified part of the web request and is preceded and followed by characters other than alphanumeric characters or underscore (_), for example, `-BadBot;` .\n\n*EXACTLY*\n\nThe value of the specified part of the web request must exactly match the value of `TargetString` .\n\n*STARTS_WITH*\n\nThe value of `TargetString` must appear at the beginning of the specified part of the web request.\n\n*ENDS_WITH*\n\nThe value of `TargetString` must appear at the end of the specified part of the web request.", - "title": "PositionalConstraint", - "type": "string" - }, - "TargetString": { - "markdownDescription": "The value that you want AWS WAF to search for. AWS WAF searches for the specified string in the part of web requests that you specified in `FieldToMatch` . The maximum length of the value is 50 bytes.\n\nYou must specify this property or the `TargetStringBase64` property.\n\nValid values depend on the values that you specified for `FieldToMatch` :\n\n- `HEADER` : The value that you want AWS WAF to search for in the request header that you specified in `FieldToMatch` , for example, the value of the `User-Agent` or `Referer` header.\n- `METHOD` : The HTTP method, which indicates the type of operation specified in the request. Amazon CloudFront supports the following methods: `DELETE` , `GET` , `HEAD` , `OPTIONS` , `PATCH` , `POST` , and `PUT` .\n- `QUERY_STRING` : The value that you want AWS WAF to search for in the query string, which is the part of a URL that appears after a `?` character.\n- `URI` : The value that you want AWS WAF to search for in the part of a URL that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but instead of inspecting a single parameter, AWS WAF inspects all parameters within the query string for the value or regex pattern that you specify in `TargetString` .\n\nIf `TargetString` includes alphabetic characters A-Z and a-z, note that the value is case sensitive.", - "title": "TargetString", - "type": "string" - }, - "TargetStringBase64": { - "markdownDescription": "The base64-encoded value that AWS WAF searches for. AWS CloudFormation sends this value to AWS WAF without encoding it.\n\nYou must specify this property or the `TargetString` property.\n\nAWS WAF searches for this value in a specific part of web requests, which you define in the `FieldToMatch` property.\n\nValid values depend on the Type value in the `FieldToMatch` property. For example, for a `METHOD` type, you must specify HTTP methods such as `DELETE, GET, HEAD, OPTIONS, PATCH, POST` , and `PUT` .", - "title": "TargetStringBase64", + "DataId": { + "markdownDescription": "A unique identifier for a predicate in a `Rule` , such as `ByteMatchSetId` or `IPSetId` . The ID is returned by the corresponding `Create` or `List` command.", + "title": "DataId", "type": "string" }, - "TextTransformation": { - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting it for a match.\n\nYou can only specify a single type of TextTransformation.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.", - "title": "TextTransformation", - "type": "string" - } - }, - "required": [ - "FieldToMatch", - "PositionalConstraint", - "TextTransformation" - ], - "type": "object" - }, - "AWS::WAF::ByteMatchSet.FieldToMatch": { - "additionalProperties": false, - "properties": { - "Data": { - "markdownDescription": "When the value of `Type` is `HEADER` , enter the name of the header that you want AWS WAF to search, for example, `User-Agent` or `Referer` . The name of the header is not case sensitive.\n\nWhen the value of `Type` is `SINGLE_QUERY_ARG` , enter the name of the parameter that you want AWS WAF to search, for example, `UserName` or `SalesRegion` . The parameter name is not case sensitive.\n\nIf the value of `Type` is any other value, omit `Data` .", - "title": "Data", - "type": "string" + "Negated": { + "markdownDescription": "Set `Negated` to `False` if you want AWS WAF to allow, block, or count requests based on the settings in the specified `ByteMatchSet` , `IPSet` , `SqlInjectionMatchSet` , `XssMatchSet` , `RegexMatchSet` , `GeoMatchSet` , or `SizeConstraintSet` . For example, if an `IPSet` includes the IP address `192.0.2.44` , AWS WAF will allow or block requests based on that IP address.\n\nSet `Negated` to `True` if you want AWS WAF to allow or block a request based on the negation of the settings in the `ByteMatchSet` , `IPSet` , `SqlInjectionMatchSet` , `XssMatchSet` , `RegexMatchSet` , `GeoMatchSet` , or `SizeConstraintSet` >. For example, if an `IPSet` includes the IP address `192.0.2.44` , AWS WAF will allow, block, or count requests based on all IP addresses *except* `192.0.2.44` .", + "title": "Negated", + "type": "boolean" }, "Type": { - "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicated the type of operation that the request is asking the origin to perform. Amazon CloudFront supports the following methods: `DELETE` , `GET` , `HEAD` , `OPTIONS` , `PATCH` , `POST` , and `PUT` .\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", + "markdownDescription": "The type of predicate in a `Rule` , such as `ByteMatch` or `IPSet` .", "title": "Type", "type": "string" } }, "required": [ + "DataId", + "Negated", "Type" ], "type": "object" }, - "AWS::WAF::IPSet": { + "AWS::WAFRegional::RegexPatternSet": { "additionalProperties": false, "properties": { "Condition": { @@ -265782,28 +316972,29 @@ "Properties": { "additionalProperties": false, "properties": { - "IPSetDescriptors": { - "items": { - "$ref": "#/definitions/AWS::WAF::IPSet.IPSetDescriptor" - }, - "markdownDescription": "The IP address type ( `IPV4` or `IPV6` ) and the IP address range (in CIDR notation) that web requests originate from. If the `WebACL` is associated with an Amazon CloudFront distribution and the viewer did not use an HTTP proxy or a load balancer to send the request, this is the value of the c-ip field in the CloudFront access logs.", - "title": "IPSetDescriptors", - "type": "array" - }, "Name": { - "markdownDescription": "The name of the `IPSet` . You can't change the name of an `IPSet` after you create it.", + "markdownDescription": "A friendly name or description of the `RegexPatternSet` . You can't change `Name` after you create a `RegexPatternSet` .", "title": "Name", "type": "string" + }, + "RegexPatternStrings": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the regular expression (regex) patterns that you want AWS WAF to search for, such as `B[a@]dB[o0]t` .", + "title": "RegexPatternStrings", + "type": "array" } }, "required": [ - "Name" + "Name", + "RegexPatternStrings" ], "type": "object" }, "Type": { "enum": [ - "AWS::WAF::IPSet" + "AWS::WAFRegional::RegexPatternSet" ], "type": "string" }, @@ -265822,27 +317013,7 @@ ], "type": "object" }, - "AWS::WAF::IPSet.IPSetDescriptor": { - "additionalProperties": false, - "properties": { - "Type": { - "markdownDescription": "Specify `IPV4` or `IPV6` .", - "title": "Type", - "type": "string" - }, - "Value": { - "markdownDescription": "Specify an IPv4 address by using CIDR notation. For example:\n\n- To configure AWS WAF to allow, block, or count requests that originated from the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure AWS WAF to allow, block, or count requests that originated from IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .\n\nSpecify an IPv6 address by using CIDR notation. For example:\n\n- To configure AWS WAF to allow, block, or count requests that originated from the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure AWS WAF to allow, block, or count requests that originated from IP addresses 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Type", - "Value" - ], - "type": "object" - }, - "AWS::WAF::Rule": { + "AWS::WAFRegional::Rule": { "additionalProperties": false, "properties": { "Condition": { @@ -265878,7 +317049,7 @@ "additionalProperties": false, "properties": { "MetricName": { - "markdownDescription": "The name of the metrics for this `Rule` . The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128 and minimum length one. It can't contain whitespace or metric names reserved for AWS WAF , including \"All\" and \"Default_Action.\" You can't change `MetricName` after you create the `Rule` .", + "markdownDescription": "A name for the metrics for this `Rule` . The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128 and minimum length one. It can't contain whitespace or metric names reserved for AWS WAF, including \"All\" and \"Default_Action.\" You can't change `MetricName` after you create the `Rule` .", "title": "MetricName", "type": "string" }, @@ -265889,7 +317060,7 @@ }, "Predicates": { "items": { - "$ref": "#/definitions/AWS::WAF::Rule.Predicate" + "$ref": "#/definitions/AWS::WAFRegional::Rule.Predicate" }, "markdownDescription": "The `Predicates` object contains one `Predicate` element for each `ByteMatchSet` , `IPSet` , or `SqlInjectionMatchSet` object that you want to include in a `Rule` .", "title": "Predicates", @@ -265904,7 +317075,7 @@ }, "Type": { "enum": [ - "AWS::WAF::Rule" + "AWS::WAFRegional::Rule" ], "type": "string" }, @@ -265923,7 +317094,7 @@ ], "type": "object" }, - "AWS::WAF::Rule.Predicate": { + "AWS::WAFRegional::Rule.Predicate": { "additionalProperties": false, "properties": { "DataId": { @@ -265949,7 +317120,7 @@ ], "type": "object" }, - "AWS::WAF::SizeConstraintSet": { + "AWS::WAFRegional::SizeConstraintSet": { "additionalProperties": false, "properties": { "Condition": { @@ -265991,7 +317162,7 @@ }, "SizeConstraints": { "items": { - "$ref": "#/definitions/AWS::WAF::SizeConstraintSet.SizeConstraint" + "$ref": "#/definitions/AWS::WAFRegional::SizeConstraintSet.SizeConstraint" }, "markdownDescription": "The size constraint and the part of the web request to check.", "title": "SizeConstraints", @@ -265999,14 +317170,13 @@ } }, "required": [ - "Name", - "SizeConstraints" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::WAF::SizeConstraintSet" + "AWS::WAFRegional::SizeConstraintSet" ], "type": "string" }, @@ -266025,7 +317195,7 @@ ], "type": "object" }, - "AWS::WAF::SizeConstraintSet.FieldToMatch": { + "AWS::WAFRegional::SizeConstraintSet.FieldToMatch": { "additionalProperties": false, "properties": { "Data": { @@ -266034,7 +317204,7 @@ "type": "string" }, "Type": { - "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicated the type of operation that the request is asking the origin to perform. Amazon CloudFront supports the following methods: `DELETE` , `GET` , `HEAD` , `OPTIONS` , `PATCH` , `POST` , and `PUT` .\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", + "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicates the type of operation that the request is asking the origin to perform.\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", "title": "Type", "type": "string" } @@ -266044,7 +317214,7 @@ ], "type": "object" }, - "AWS::WAF::SizeConstraintSet.SizeConstraint": { + "AWS::WAFRegional::SizeConstraintSet.SizeConstraint": { "additionalProperties": false, "properties": { "ComparisonOperator": { @@ -266053,8 +317223,8 @@ "type": "string" }, "FieldToMatch": { - "$ref": "#/definitions/AWS::WAF::SizeConstraintSet.FieldToMatch", - "markdownDescription": "The part of a web request that you want to inspect, such as a specified header or a query string.", + "$ref": "#/definitions/AWS::WAFRegional::SizeConstraintSet.FieldToMatch", + "markdownDescription": "The part of a web request that you want AWS WAF to inspect, such as a specific header or a query string.", "title": "FieldToMatch" }, "Size": { @@ -266063,7 +317233,7 @@ "type": "number" }, "TextTransformation": { - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting it for a match.\n\nYou can only specify a single type of TextTransformation.\n\nNote that if you choose `BODY` for the value of `Type` , you must choose `NONE` for `TextTransformation` because Amazon CloudFront forwards only the first 8192 bytes for inspection.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.", + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting a request for a match.\n\nYou can only specify a single type of TextTransformation.\n\nNote that if you choose `BODY` for the value of `Type` , you must choose `NONE` for `TextTransformation` because the API Gateway API or Application Load Balancer forward only the first 8192 bytes for inspection.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.", "title": "TextTransformation", "type": "string" } @@ -266076,7 +317246,7 @@ ], "type": "object" }, - "AWS::WAF::SqlInjectionMatchSet": { + "AWS::WAFRegional::SqlInjectionMatchSet": { "additionalProperties": false, "properties": { "Condition": { @@ -266118,7 +317288,7 @@ }, "SqlInjectionMatchTuples": { "items": { - "$ref": "#/definitions/AWS::WAF::SqlInjectionMatchSet.SqlInjectionMatchTuple" + "$ref": "#/definitions/AWS::WAFRegional::SqlInjectionMatchSet.SqlInjectionMatchTuple" }, "markdownDescription": "Specifies the parts of web requests that you want to inspect for snippets of malicious SQL code.", "title": "SqlInjectionMatchTuples", @@ -266132,7 +317302,7 @@ }, "Type": { "enum": [ - "AWS::WAF::SqlInjectionMatchSet" + "AWS::WAFRegional::SqlInjectionMatchSet" ], "type": "string" }, @@ -266151,7 +317321,7 @@ ], "type": "object" }, - "AWS::WAF::SqlInjectionMatchSet.FieldToMatch": { + "AWS::WAFRegional::SqlInjectionMatchSet.FieldToMatch": { "additionalProperties": false, "properties": { "Data": { @@ -266160,7 +317330,7 @@ "type": "string" }, "Type": { - "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicated the type of operation that the request is asking the origin to perform. Amazon CloudFront supports the following methods: `DELETE` , `GET` , `HEAD` , `OPTIONS` , `PATCH` , `POST` , and `PUT` .\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", + "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicates the type of operation that the request is asking the origin to perform.\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", "title": "Type", "type": "string" } @@ -266170,12 +317340,12 @@ ], "type": "object" }, - "AWS::WAF::SqlInjectionMatchSet.SqlInjectionMatchTuple": { + "AWS::WAFRegional::SqlInjectionMatchSet.SqlInjectionMatchTuple": { "additionalProperties": false, "properties": { "FieldToMatch": { - "$ref": "#/definitions/AWS::WAF::SqlInjectionMatchSet.FieldToMatch", - "markdownDescription": "The part of a web request that you want to inspect, such as a specified header or a query string.", + "$ref": "#/definitions/AWS::WAFRegional::SqlInjectionMatchSet.FieldToMatch", + "markdownDescription": "The part of a web request that you want AWS WAF to inspect, such as a specific header or a query string.", "title": "FieldToMatch" }, "TextTransformation": { @@ -266190,7 +317360,7 @@ ], "type": "object" }, - "AWS::WAF::WebACL": { + "AWS::WAFRegional::WebACL": { "additionalProperties": false, "properties": { "Condition": { @@ -266226,12 +317396,12 @@ "additionalProperties": false, "properties": { "DefaultAction": { - "$ref": "#/definitions/AWS::WAF::WebACL.WafAction", + "$ref": "#/definitions/AWS::WAFRegional::WebACL.Action", "markdownDescription": "The action to perform if none of the `Rules` contained in the `WebACL` match. The action is specified by the `WafAction` object.", "title": "DefaultAction" }, "MetricName": { - "markdownDescription": "The name of the metrics for this `WebACL` . The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128 and minimum length one. It can't contain whitespace or metric names reserved for AWS WAF , including \"All\" and \"Default_Action.\" You can't change `MetricName` after you create the `WebACL` .", + "markdownDescription": "A name for the metrics for this `WebACL` . The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128 and minimum length one. It can't contain whitespace or metric names reserved for AWS WAF, including \"All\" and \"Default_Action.\" You can't change `MetricName` after you create the `WebACL` .", "title": "MetricName", "type": "string" }, @@ -266242,7 +317412,7 @@ }, "Rules": { "items": { - "$ref": "#/definitions/AWS::WAF::WebACL.ActivatedRule" + "$ref": "#/definitions/AWS::WAFRegional::WebACL.Rule" }, "markdownDescription": "An array that contains the action for each `Rule` in a `WebACL` , the priority of the `Rule` , and the ID of the `Rule` .", "title": "Rules", @@ -266258,7 +317428,7 @@ }, "Type": { "enum": [ - "AWS::WAF::WebACL" + "AWS::WAFRegional::WebACL" ], "type": "string" }, @@ -266277,46 +317447,120 @@ ], "type": "object" }, - "AWS::WAF::WebACL.ActivatedRule": { + "AWS::WAFRegional::WebACL.Action": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "For actions that are associated with a rule, the action that AWS WAF takes when a web request matches all conditions in a rule.\n\nFor the default action of a web access control list (ACL), the action that AWS WAF takes when a web request doesn't match all conditions in any rule.\n\nValid settings include the following:\n\n- `ALLOW` : AWS WAF allows requests\n- `BLOCK` : AWS WAF blocks requests\n- `COUNT` : AWS WAF increments a counter of the requests that match all of the conditions in the rule. AWS WAF then continues to inspect the web request based on the remaining rules in the web ACL. You can't specify `COUNT` for the default action for a WebACL.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::WAFRegional::WebACL.Rule": { "additionalProperties": false, "properties": { "Action": { - "$ref": "#/definitions/AWS::WAF::WebACL.WafAction", - "markdownDescription": "Specifies the action that Amazon CloudFront or AWS WAF takes when a web request matches the conditions in the `Rule` . Valid values for `Action` include the following:\n\n- `ALLOW` : CloudFront responds with the requested object.\n- `BLOCK` : CloudFront responds with an HTTP 403 (Forbidden) status code.\n- `COUNT` : AWS WAF increments a counter of requests that match the conditions in the rule and then continues to inspect the web request based on the remaining rules in the web ACL.\n\n`ActivatedRule|OverrideAction` applies only when updating or adding a `RuleGroup` to a `WebACL` . In this case, you do not use `ActivatedRule|Action` . For all other update requests, `ActivatedRule|Action` is used instead of `ActivatedRule|OverrideAction` .", + "$ref": "#/definitions/AWS::WAFRegional::WebACL.Action", + "markdownDescription": "The action that AWS WAF takes when a web request matches all conditions in the rule, such as allow, block, or count the request.", "title": "Action" }, "Priority": { - "markdownDescription": "Specifies the order in which the `Rules` in a `WebACL` are evaluated. Rules with a lower value for `Priority` are evaluated before `Rules` with a higher value. The value must be a unique integer. If you add multiple `Rules` to a `WebACL` , the values don't need to be consecutive.", + "markdownDescription": "The order in which AWS WAF evaluates the rules in a web ACL. AWS WAF evaluates rules with a lower value before rules with a higher value. The value must be a unique integer. If you have multiple rules in a web ACL, the priority numbers do not need to be consecutive.", "title": "Priority", "type": "number" }, "RuleId": { - "markdownDescription": "The `RuleId` for a `Rule` . You use `RuleId` to get more information about a `Rule` , update a `Rule` , insert a `Rule` into a `WebACL` or delete a one from a `WebACL` , or delete a `Rule` from AWS WAF .\n\n`RuleId` is returned by `CreateRule` and by `ListRules` .", + "markdownDescription": "The ID of an AWS WAF Regional rule to associate with a web ACL.", "title": "RuleId", "type": "string" } }, "required": [ + "Action", "Priority", "RuleId" ], "type": "object" }, - "AWS::WAF::WebACL.WafAction": { + "AWS::WAFRegional::WebACLAssociation": { "additionalProperties": false, "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource to protect with the web ACL.", + "title": "ResourceArn", + "type": "string" + }, + "WebACLId": { + "markdownDescription": "A unique identifier (ID) for the web ACL.", + "title": "WebACLId", + "type": "string" + } + }, + "required": [ + "ResourceArn", + "WebACLId" + ], + "type": "object" + }, "Type": { - "markdownDescription": "Specifies how you want AWS WAF to respond to requests that match the settings in a `Rule` . Valid settings include the following:\n\n- `ALLOW` : AWS WAF allows requests\n- `BLOCK` : AWS WAF blocks requests\n- `COUNT` : AWS WAF increments a counter of the requests that match all of the conditions in the rule. AWS WAF then continues to inspect the web request based on the remaining rules in the web ACL. You can't specify `COUNT` for the default action for a `WebACL` .", - "title": "Type", + "enum": [ + "AWS::WAFRegional::WebACLAssociation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::WAF::XssMatchSet": { + "AWS::WAFRegional::XssMatchSet": { "additionalProperties": false, "properties": { "Condition": { @@ -266358,7 +317602,7 @@ }, "XssMatchTuples": { "items": { - "$ref": "#/definitions/AWS::WAF::XssMatchSet.XssMatchTuple" + "$ref": "#/definitions/AWS::WAFRegional::XssMatchSet.XssMatchTuple" }, "markdownDescription": "Specifies the parts of web requests that you want to inspect for cross-site scripting attacks.", "title": "XssMatchTuples", @@ -266366,14 +317610,13 @@ } }, "required": [ - "Name", - "XssMatchTuples" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::WAF::XssMatchSet" + "AWS::WAFRegional::XssMatchSet" ], "type": "string" }, @@ -266392,7 +317635,7 @@ ], "type": "object" }, - "AWS::WAF::XssMatchSet.FieldToMatch": { + "AWS::WAFRegional::XssMatchSet.FieldToMatch": { "additionalProperties": false, "properties": { "Data": { @@ -266401,7 +317644,7 @@ "type": "string" }, "Type": { - "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicated the type of operation that the request is asking the origin to perform. Amazon CloudFront supports the following methods: `DELETE` , `GET` , `HEAD` , `OPTIONS` , `PATCH` , `POST` , and `PUT` .\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", + "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicates the type of operation that the request is asking the origin to perform.\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", "title": "Type", "type": "string" } @@ -266411,12 +317654,12 @@ ], "type": "object" }, - "AWS::WAF::XssMatchSet.XssMatchTuple": { + "AWS::WAFRegional::XssMatchSet.XssMatchTuple": { "additionalProperties": false, "properties": { "FieldToMatch": { - "$ref": "#/definitions/AWS::WAF::XssMatchSet.FieldToMatch", - "markdownDescription": "The part of a web request that you want to inspect, such as a specified header or a query string.", + "$ref": "#/definitions/AWS::WAFRegional::XssMatchSet.FieldToMatch", + "markdownDescription": "The part of a web request that you want AWS WAF to inspect, such as a specified header or a query string.", "title": "FieldToMatch" }, "TextTransformation": { @@ -266431,7 +317674,7 @@ ], "type": "object" }, - "AWS::WAFRegional::ByteMatchSet": { + "AWS::WAFv2::IPSet": { "additionalProperties": false, "properties": { "Condition": { @@ -266466,28 +317709,53 @@ "Properties": { "additionalProperties": false, "properties": { - "ByteMatchTuples": { + "Addresses": { "items": { - "$ref": "#/definitions/AWS::WAFRegional::ByteMatchSet.ByteMatchTuple" + "type": "string" }, - "markdownDescription": "Specifies the bytes (typically a string that corresponds with ASCII characters) that you want AWS WAF to search for in web requests, the location in requests that you want AWS WAF to search, and other settings.", - "title": "ByteMatchTuples", + "markdownDescription": "Contains an array of strings that specifies zero or more IP addresses or blocks of IP addresses that you want AWS WAF to inspect for in incoming requests. All addresses must be specified using Classless Inter-Domain Routing (CIDR) notation. AWS WAF supports all IPv4 and IPv6 CIDR ranges except for `/0` .\n\nExample address strings:\n\n- For requests that originated from the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- For requests that originated from IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n- For requests that originated from the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- For requests that originated from IP addresses 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .\n\nExample JSON `Addresses` specifications:\n\n- Empty array: `\"Addresses\": []`\n- Array with one address: `\"Addresses\": [\"192.0.2.44/32\"]`\n- Array with three addresses: `\"Addresses\": [\"192.0.2.44/32\", \"192.0.2.0/24\", \"192.0.0.0/16\"]`\n- INVALID specification: `\"Addresses\": [\"\"]` INVALID", + "title": "Addresses", "type": "array" }, + "Description": { + "markdownDescription": "A description of the IP set that helps with identification.", + "title": "Description", + "type": "string" + }, + "IPAddressVersion": { + "markdownDescription": "The version of the IP addresses, either `IPV4` or `IPV6` .", + "title": "IPAddressVersion", + "type": "string" + }, "Name": { - "markdownDescription": "A friendly name or description of the `ByteMatchSet` . You can't change `Name` after you create a `ByteMatchSet` .", + "markdownDescription": "The name of the IP set. You cannot change the name of an `IPSet` after you create it.", "title": "Name", "type": "string" + }, + "Scope": { + "markdownDescription": "Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AWS AppSync GraphQL API, an Amazon Cognito user pool, an AWS App Runner service, or an AWS Verified Access instance. Valid Values are `CLOUDFRONT` and `REGIONAL` .\n\n> For `CLOUDFRONT` , you must create your WAFv2 resources in the US East (N. Virginia) Region, `us-east-1` .", + "title": "Scope", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.\n\n> To modify tags on existing resources, use the AWS WAF APIs or command line interface. With AWS CloudFormation , you can only add tags to AWS WAF resources during resource creation.", + "title": "Tags", + "type": "array" } }, "required": [ - "Name" + "Addresses", + "IPAddressVersion", + "Scope" ], "type": "object" }, "Type": { "enum": [ - "AWS::WAFRegional::ByteMatchSet" + "AWS::WAFv2::IPSet" ], "type": "string" }, @@ -266506,62 +317774,326 @@ ], "type": "object" }, - "AWS::WAFRegional::ByteMatchSet.ByteMatchTuple": { + "AWS::WAFv2::LoggingConfiguration": { "additionalProperties": false, "properties": { - "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFRegional::ByteMatchSet.FieldToMatch", - "markdownDescription": "The part of a web request that you want AWS WAF to inspect, such as a specific header or a query string.", - "title": "FieldToMatch" + "Condition": { + "type": "string" }, - "PositionalConstraint": { - "markdownDescription": "Within the portion of a web request that you want to search (for example, in the query string, if any), specify where you want AWS WAF to search. Valid values include the following:\n\n*CONTAINS*\n\nThe specified part of the web request must include the value of `TargetString` , but the location doesn't matter.\n\n*CONTAINS_WORD*\n\nThe specified part of the web request must include the value of `TargetString` , and `TargetString` must contain only alphanumeric characters or underscore (A-Z, a-z, 0-9, or _). In addition, `TargetString` must be a word, which means one of the following:\n\n- `TargetString` exactly matches the value of the specified part of the web request, such as the value of a header.\n- `TargetString` is at the beginning of the specified part of the web request and is followed by a character other than an alphanumeric character or underscore (_), for example, `BadBot;` .\n- `TargetString` is at the end of the specified part of the web request and is preceded by a character other than an alphanumeric character or underscore (_), for example, `;BadBot` .\n- `TargetString` is in the middle of the specified part of the web request and is preceded and followed by characters other than alphanumeric characters or underscore (_), for example, `-BadBot;` .\n\n*EXACTLY*\n\nThe value of the specified part of the web request must exactly match the value of `TargetString` .\n\n*STARTS_WITH*\n\nThe value of `TargetString` must appear at the beginning of the specified part of the web request.\n\n*ENDS_WITH*\n\nThe value of `TargetString` must appear at the end of the specified part of the web request.", - "title": "PositionalConstraint", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "TargetString": { - "markdownDescription": "The value that you want AWS WAF to search for. AWS WAF searches for the specified string in the part of web requests that you specified in `FieldToMatch` . The maximum length of the value is 50 bytes.\n\nYou must specify this property or the `TargetStringBase64` property.\n\nValid values depend on the values that you specified for `FieldToMatch` :\n\n- `HEADER` : The value that you want AWS WAF to search for in the request header that you specified in `FieldToMatch` , for example, the value of the `User-Agent` or `Referer` header.\n- `METHOD` : The HTTP method, which indicates the type of operation specified in the request.\n- `QUERY_STRING` : The value that you want AWS WAF to search for in the query string, which is the part of a URL that appears after a `?` character.\n- `URI` : The value that you want AWS WAF to search for in the part of a URL that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but instead of inspecting a single parameter, AWS WAF inspects all parameters within the query string for the value or regex pattern that you specify in `TargetString` .\n\nIf `TargetString` includes alphabetic characters A-Z and a-z, note that the value is case sensitive.", - "title": "TargetString", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "LogDestinationConfigs": { + "items": { + "type": "string" + }, + "markdownDescription": "The logging destination configuration that you want to associate with the web ACL.\n\n> You can associate one logging destination to a web ACL.", + "title": "LogDestinationConfigs", + "type": "array" + }, + "LoggingFilter": { + "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.LoggingFilter", + "markdownDescription": "Filtering that specifies which web requests are kept in the logs and which are dropped. You can filter on the rule action and on the web request labels that were applied by matching rules during web ACL evaluation.", + "title": "LoggingFilter" + }, + "RedactedFields": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.FieldToMatch" + }, + "markdownDescription": "The parts of the request that you want to keep out of the logs.\n\nFor example, if you redact the `SingleHeader` field, the `HEADER` field in the logs will be `REDACTED` for all rules that use the `SingleHeader` `FieldToMatch` setting.\n\nIf you configure data protection for the web ACL, the protection applies to the data that AWS WAF sends to the logs.\n\nRedaction applies only to the component that's specified in the rule's `FieldToMatch` setting, so the `SingleHeader` redaction doesn't apply to rules that use the `Headers` `FieldToMatch` .\n\n> You can specify only the following fields for redaction: `UriPath` , `QueryString` , `SingleHeader` , and `Method` . > This setting has no impact on request sampling. You can only exclude fields from request sampling by disabling sampling in the web ACL visibility configuration or by configuring data protection for the web ACL.", + "title": "RedactedFields", + "type": "array" + }, + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the web ACL that you want to associate with `LogDestinationConfigs` .", + "title": "ResourceArn", + "type": "string" + } + }, + "required": [ + "LogDestinationConfigs", + "ResourceArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::WAFv2::LoggingConfiguration" + ], "type": "string" }, - "TargetStringBase64": { - "markdownDescription": "The base64-encoded value that AWS WAF searches for. AWS CloudFormation sends this value to AWS WAF without encoding it.\n\nYou must specify this property or the `TargetString` property.\n\nAWS WAF searches for this value in a specific part of web requests, which you define in the `FieldToMatch` property.\n\nValid values depend on the Type value in the `FieldToMatch` property. For example, for a `METHOD` type, you must specify HTTP methods such as `DELETE, GET, HEAD, OPTIONS, PATCH, POST` , and `PUT` .", - "title": "TargetStringBase64", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::WAFv2::LoggingConfiguration.ActionCondition": { + "additionalProperties": false, + "properties": { + "Action": { + "markdownDescription": "The action setting that a log record must contain in order to meet the condition. This is the action that AWS WAF applied to the web request.\n\nFor rule groups, this is either the configured rule action setting, or if you've applied a rule action override to the rule, it's the override action. The value `EXCLUDED_AS_COUNT` matches on excluded rules and also on rules that have a rule action override of Count.", + "title": "Action", "type": "string" + } + }, + "required": [ + "Action" + ], + "type": "object" + }, + "AWS::WAFv2::LoggingConfiguration.Condition": { + "additionalProperties": false, + "properties": { + "ActionCondition": { + "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.ActionCondition", + "markdownDescription": "A single action condition. This is the action setting that a log record must contain in order to meet the condition.", + "title": "ActionCondition" }, - "TextTransformation": { - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting it for a match.\n\nYou can only specify a single type of TextTransformation.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.", - "title": "TextTransformation", + "LabelNameCondition": { + "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.LabelNameCondition", + "markdownDescription": "A single label name condition. This is the fully qualified label name that a log record must contain in order to meet the condition. Fully qualified labels have a prefix, optional namespaces, and label name. The prefix identifies the rule group or web ACL context of the rule that added the label.", + "title": "LabelNameCondition" + } + }, + "type": "object" + }, + "AWS::WAFv2::LoggingConfiguration.FieldToMatch": { + "additionalProperties": false, + "properties": { + "Method": { + "markdownDescription": "Redact the indicated HTTP method. The method indicates the type of operation that the request is asking the origin to perform.", + "title": "Method", + "type": "object" + }, + "QueryString": { + "markdownDescription": "Redact the query string. This is the part of a URL that appears after a `?` character, if any.", + "title": "QueryString", + "type": "object" + }, + "SingleHeader": { + "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.SingleHeader", + "markdownDescription": "Redact a single header. Provide the name of the header to inspect, for example, `User-Agent` or `Referer` . This setting isn't case sensitive.\n\nExample JSON: `\"SingleHeader\": { \"Name\": \"haystack\" }`", + "title": "SingleHeader" + }, + "UriPath": { + "markdownDescription": "Redact the request URI path. This is the part of the web request that identifies a resource, for example, `/images/daily-ad.jpg` .", + "title": "UriPath", + "type": "object" + } + }, + "type": "object" + }, + "AWS::WAFv2::LoggingConfiguration.Filter": { + "additionalProperties": false, + "properties": { + "Behavior": { + "markdownDescription": "How to handle logs that satisfy the filter's conditions and requirement.", + "title": "Behavior", + "type": "string" + }, + "Conditions": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.Condition" + }, + "markdownDescription": "Match conditions for the filter.", + "title": "Conditions", + "type": "array" + }, + "Requirement": { + "markdownDescription": "Logic to apply to the filtering conditions. You can specify that, in order to satisfy the filter, a log must match all conditions or must match at least one condition.", + "title": "Requirement", "type": "string" } }, "required": [ - "FieldToMatch", - "PositionalConstraint", - "TextTransformation" + "Behavior", + "Conditions", + "Requirement" ], "type": "object" }, - "AWS::WAFRegional::ByteMatchSet.FieldToMatch": { + "AWS::WAFv2::LoggingConfiguration.LabelNameCondition": { "additionalProperties": false, "properties": { - "Data": { - "markdownDescription": "When the value of `Type` is `HEADER` , enter the name of the header that you want AWS WAF to search, for example, `User-Agent` or `Referer` . The name of the header is not case sensitive.\n\nWhen the value of `Type` is `SINGLE_QUERY_ARG` , enter the name of the parameter that you want AWS WAF to search, for example, `UserName` or `SalesRegion` . The parameter name is not case sensitive.\n\nIf the value of `Type` is any other value, omit `Data` .", - "title": "Data", + "LabelName": { + "markdownDescription": "The label name that a log record must contain in order to meet the condition. This must be a fully qualified label name. Fully qualified labels have a prefix, optional namespaces, and label name. The prefix identifies the rule group or web ACL context of the rule that added the label.", + "title": "LabelName", + "type": "string" + } + }, + "required": [ + "LabelName" + ], + "type": "object" + }, + "AWS::WAFv2::LoggingConfiguration.LoggingFilter": { + "additionalProperties": false, + "properties": { + "DefaultBehavior": { + "markdownDescription": "Default handling for logs that don't match any of the specified filtering conditions.", + "title": "DefaultBehavior", + "type": "string" + }, + "Filters": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.Filter" + }, + "markdownDescription": "The filters that you want to apply to the logs.", + "title": "Filters", + "type": "array" + } + }, + "required": [ + "DefaultBehavior", + "Filters" + ], + "type": "object" + }, + "AWS::WAFv2::LoggingConfiguration.SingleHeader": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the query header to inspect.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::WAFv2::RegexPatternSet": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the set that helps with identification.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the set. You cannot change the name after you create the set.", + "title": "Name", + "type": "string" + }, + "RegularExpressionList": { + "items": { + "type": "string" + }, + "markdownDescription": "The regular expression patterns in the set.", + "title": "RegularExpressionList", + "type": "array" + }, + "Scope": { + "markdownDescription": "Specifies whether this is for an Amazon CloudFront distribution or for a regional application. For an AWS Amplify application, use `CLOUDFRONT` . A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AWS AppSync GraphQL API, an Amazon Cognito user pool, an AWS App Runner service, or an AWS Verified Access instance. Valid Values are `CLOUDFRONT` and `REGIONAL` .\n\n> For `CLOUDFRONT` , you must create your WAFv2 resources in the US East (N. Virginia) Region, `us-east-1` .", + "title": "Scope", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.\n\n> To modify tags on existing resources, use the AWS WAF APIs or command line interface. With AWS CloudFormation , you can only add tags to AWS WAF resources during resource creation.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "RegularExpressionList", + "Scope" + ], + "type": "object" + }, "Type": { - "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicated the type of operation that the request is asking the origin to perform.\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", - "title": "Type", + "enum": [ + "AWS::WAFv2::RegexPatternSet" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::WAFRegional::GeoMatchSet": { + "AWS::WAFv2::RuleGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -266596,28 +318128,85 @@ "Properties": { "additionalProperties": false, "properties": { - "GeoMatchConstraints": { + "AvailableLabels": { "items": { - "$ref": "#/definitions/AWS::WAFRegional::GeoMatchSet.GeoMatchConstraint" + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.LabelSummary" }, - "markdownDescription": "An array of `GeoMatchConstraint` objects, which contain the country that you want AWS WAF to search for.", - "title": "GeoMatchConstraints", + "markdownDescription": "The labels that one or more rules in this rule group add to matching web requests. These labels are defined in the `RuleLabels` for a `Rule` .", + "title": "AvailableLabels", + "type": "array" + }, + "Capacity": { + "markdownDescription": "The web ACL capacity units (WCUs) required for this rule group.\n\nWhen you create your own rule group, you define this, and you cannot change it after creation. When you add or modify the rules in a rule group, AWS WAF enforces this limit.\n\nAWS WAF uses WCUs to calculate and control the operating resources that are used to run your rules, rule groups, and web ACLs. AWS WAF calculates capacity differently for each rule type, to reflect the relative cost of each rule. Simple rules that cost little to run use fewer WCUs than more complex rules that use more processing power. Rule group capacity is fixed at creation, which helps users plan their web ACL WCU usage when they use a rule group. The WCU limit for web ACLs is 1,500.", + "title": "Capacity", + "type": "number" + }, + "ConsumedLabels": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.LabelSummary" + }, + "markdownDescription": "The labels that one or more rules in this rule group match against in label match statements. These labels are defined in a `LabelMatchStatement` specification, in the `Statement` definition of a rule.", + "title": "ConsumedLabels", "type": "array" }, + "CustomResponseBodies": { + "additionalProperties": false, + "markdownDescription": "A map of custom response keys and content bodies. When you create a rule with a block action, you can send a custom response to the web request. You define these for the rule group, and then use them in the rules that you define in the rule group.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomResponseBody" + } + }, + "title": "CustomResponseBodies", + "type": "object" + }, + "Description": { + "markdownDescription": "A description of the rule group that helps with identification.", + "title": "Description", + "type": "string" + }, "Name": { - "markdownDescription": "A friendly name or description of the `GeoMatchSet` . You can't change the name of an `GeoMatchSet` after you create it.", + "markdownDescription": "The name of the rule group. You cannot change the name of a rule group after you create it.", "title": "Name", "type": "string" + }, + "Rules": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Rule" + }, + "markdownDescription": "The rule statements used to identify the web requests that you want to allow, block, or count. Each rule includes one top-level statement that AWS WAF uses to identify matching web requests, and parameters that govern how AWS WAF handles them.", + "title": "Rules", + "type": "array" + }, + "Scope": { + "markdownDescription": "Specifies whether this is for an Amazon CloudFront distribution or for a regional application. For an AWS Amplify application, use `CLOUDFRONT` . A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AWS AppSync GraphQL API, an Amazon Cognito user pool, an AWS App Runner service, or an AWS Verified Access instance. Valid Values are `CLOUDFRONT` and `REGIONAL` .\n\n> For `CLOUDFRONT` , you must create your WAFv2 resources in the US East (N. Virginia) Region, `us-east-1` .", + "title": "Scope", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.\n\n> To modify tags on existing resources, use the AWS WAF APIs or command line interface. With AWS CloudFormation , you can only add tags to AWS WAF resources during resource creation.", + "title": "Tags", + "type": "array" + }, + "VisibilityConfig": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.VisibilityConfig", + "markdownDescription": "Defines and enables Amazon CloudWatch metrics and web request sample collection.", + "title": "VisibilityConfig" } }, "required": [ - "Name" + "Capacity", + "Scope", + "VisibilityConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::WAFRegional::GeoMatchSet" + "AWS::WAFv2::RuleGroup" ], "type": "string" }, @@ -266631,1402 +318220,1332 @@ } }, "required": [ - "Type", - "Properties" + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.AllowAction": { + "additionalProperties": false, + "properties": { + "CustomRequestHandling": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomRequestHandling", + "markdownDescription": "Defines custom handling for the web request.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", + "title": "CustomRequestHandling" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.AndStatement": { + "additionalProperties": false, + "properties": { + "Statements": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Statement" + }, + "markdownDescription": "The statements to combine with AND logic. You can use any statements that can be nested.", + "title": "Statements", + "type": "array" + } + }, + "required": [ + "Statements" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.AsnMatchStatement": { + "additionalProperties": false, + "properties": { + "AsnList": { + "items": { + "type": "number" + }, + "markdownDescription": "Contains one or more Autonomous System Numbers (ASNs). ASNs are unique identifiers assigned to large internet networks managed by organizations such as internet service providers, enterprises, universities, or government agencies.", + "title": "AsnList", + "type": "array" + }, + "ForwardedIPConfig": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ForwardedIPConfiguration", + "markdownDescription": "The configuration for inspecting IP addresses to match against an ASN in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.", + "title": "ForwardedIPConfig" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.BlockAction": { + "additionalProperties": false, + "properties": { + "CustomResponse": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomResponse", + "markdownDescription": "Defines a custom response for the web request.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", + "title": "CustomResponse" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.Body": { + "additionalProperties": false, + "properties": { + "OversizeHandling": { + "markdownDescription": "What AWS WAF should do if the body is larger than AWS WAF can inspect.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n- For AWS Amplify , use the CloudFront limit.\n\nThe options for oversize handling are the following:\n\n- `CONTINUE` - Inspect the available body contents normally, according to the rule inspection criteria.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.\n\nYou can combine the `MATCH` or `NO_MATCH` settings for oversize handling with your rule and web ACL action settings, so that you block any request whose body is over the limit.\n\nDefault: `CONTINUE`", + "title": "OversizeHandling", + "type": "string" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.ByteMatchStatement": { + "additionalProperties": false, + "properties": { + "FieldToMatch": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.FieldToMatch", + "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", + "title": "FieldToMatch" + }, + "PositionalConstraint": { + "markdownDescription": "The area within the portion of the web request that you want AWS WAF to search for `SearchString` . Valid values include the following:\n\n*CONTAINS*\n\nThe specified part of the web request must include the value of `SearchString` , but the location doesn't matter.\n\n*CONTAINS_WORD*\n\nThe specified part of the web request must include the value of `SearchString` , and `SearchString` must contain only alphanumeric characters or underscore (A-Z, a-z, 0-9, or _). In addition, `SearchString` must be a word, which means that both of the following are true:\n\n- `SearchString` is at the beginning of the specified part of the web request or is preceded by a character other than an alphanumeric character or underscore (_). Examples include the value of a header and `;BadBot` .\n- `SearchString` is at the end of the specified part of the web request or is followed by a character other than an alphanumeric character or underscore (_), for example, `BadBot;` and `-BadBot;` .\n\n*EXACTLY*\n\nThe value of the specified part of the web request must exactly match the value of `SearchString` .\n\n*STARTS_WITH*\n\nThe value of `SearchString` must appear at the beginning of the specified part of the web request.\n\n*ENDS_WITH*\n\nThe value of `SearchString` must appear at the end of the specified part of the web request.", + "title": "PositionalConstraint", + "type": "string" + }, + "SearchString": { + "markdownDescription": "A string value that you want AWS WAF to search for. AWS WAF searches only in the part of web requests that you designate for inspection in `FieldToMatch` . The maximum length of the value is 200 bytes. For alphabetic characters A-Z and a-z, the value is case sensitive.\n\nDon't encode this string. Provide the value that you want AWS WAF to search for. AWS CloudFormation automatically base64 encodes the value for you.\n\nFor example, suppose the value of `Type` is `HEADER` and the value of `Data` is `User-Agent` . If you want to search the `User-Agent` header for the value `BadBot` , you provide the string `BadBot` in the value of `SearchString` .\n\nYou must specify either `SearchString` or `SearchStringBase64` in a `ByteMatchStatement` .", + "title": "SearchString", + "type": "string" + }, + "SearchStringBase64": { + "markdownDescription": "String to search for in a web request component, base64-encoded. If you don't want to encode the string, specify the unencoded value in `SearchString` instead.\n\nYou must specify either `SearchString` or `SearchStringBase64` in a `ByteMatchStatement` .", + "title": "SearchStringBase64", + "type": "string" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + }, + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", + "title": "TextTransformations", + "type": "array" + } + }, + "required": [ + "FieldToMatch", + "PositionalConstraint", + "TextTransformations" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.CaptchaAction": { + "additionalProperties": false, + "properties": { + "CustomRequestHandling": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomRequestHandling", + "markdownDescription": "Defines custom handling for the web request, used when the `CAPTCHA` inspection determines that the request's token is valid and unexpired.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", + "title": "CustomRequestHandling" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.CaptchaConfig": { + "additionalProperties": false, + "properties": { + "ImmunityTimeProperty": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ImmunityTimeProperty", + "markdownDescription": "Determines how long a `CAPTCHA` timestamp in the token remains valid after the client successfully solves a `CAPTCHA` puzzle.", + "title": "ImmunityTimeProperty" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.ChallengeAction": { + "additionalProperties": false, + "properties": { + "CustomRequestHandling": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomRequestHandling", + "markdownDescription": "Defines custom handling for the web request, used when the challenge inspection determines that the request's token is valid and unexpired.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", + "title": "CustomRequestHandling" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.ChallengeConfig": { + "additionalProperties": false, + "properties": { + "ImmunityTimeProperty": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ImmunityTimeProperty", + "markdownDescription": "Determines how long a challenge timestamp in the token remains valid after the client successfully responds to a challenge.", + "title": "ImmunityTimeProperty" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.CookieMatchPattern": { + "additionalProperties": false, + "properties": { + "All": { + "markdownDescription": "Inspect all cookies.", + "title": "All", + "type": "object" + }, + "ExcludedCookies": { + "items": { + "type": "string" + }, + "markdownDescription": "Inspect only the cookies whose keys don't match any of the strings specified here.", + "title": "ExcludedCookies", + "type": "array" + }, + "IncludedCookies": { + "items": { + "type": "string" + }, + "markdownDescription": "Inspect only the cookies that have a key that matches one of the strings specified here.", + "title": "IncludedCookies", + "type": "array" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.Cookies": { + "additionalProperties": false, + "properties": { + "MatchPattern": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CookieMatchPattern", + "markdownDescription": "The filter to use to identify the subset of cookies to inspect in a web request.\n\nYou must specify exactly one setting: either `All` , `IncludedCookies` , or `ExcludedCookies` .\n\nExample JSON: `\"MatchPattern\": { \"IncludedCookies\": [ \"session-id-time\", \"session-id\" ] }`", + "title": "MatchPattern" + }, + "MatchScope": { + "markdownDescription": "The parts of the cookies to inspect with the rule inspection criteria. If you specify `ALL` , AWS WAF inspects both keys and values.\n\n`All` does not require a match to be found in the keys and a match to be found in the values. It requires a match to be found in the keys or the values or both. To require a match in the keys and in the values, use a logical `AND` statement to combine two match rules, one that inspects the keys and another that inspects the values.", + "title": "MatchScope", + "type": "string" + }, + "OversizeHandling": { + "markdownDescription": "What AWS WAF should do if the cookies of the request are more numerous or larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF .\n\nThe options for oversize handling are the following:\n\n- `CONTINUE` - Inspect the available cookies normally, according to the rule inspection criteria.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", + "title": "OversizeHandling", + "type": "string" + } + }, + "required": [ + "MatchPattern", + "MatchScope", + "OversizeHandling" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.CountAction": { + "additionalProperties": false, + "properties": { + "CustomRequestHandling": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomRequestHandling", + "markdownDescription": "Defines custom handling for the web request.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", + "title": "CustomRequestHandling" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.CustomHTTPHeader": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the custom header.\n\nFor custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name `x-amzn-waf-` , to avoid confusion with the headers that are already in the request. For example, for the header name `sample` , AWS WAF inserts the header `x-amzn-waf-sample` .", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the custom header.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Name", + "Value" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.CustomRequestHandling": { + "additionalProperties": false, + "properties": { + "InsertHeaders": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomHTTPHeader" + }, + "markdownDescription": "The HTTP headers to insert into the request. Duplicate header names are not allowed.\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", + "title": "InsertHeaders", + "type": "array" + } + }, + "required": [ + "InsertHeaders" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.CustomResponse": { + "additionalProperties": false, + "properties": { + "CustomResponseBodyKey": { + "markdownDescription": "References the response body that you want AWS WAF to return to the web request client. You can define a custom response for a rule action or a default web ACL action that is set to block. To do this, you first define the response body key and value in the `CustomResponseBodies` setting for the `WebACL` or `RuleGroup` where you want to use it. Then, in the rule action or web ACL default action `BlockAction` setting, you reference the response body using this key.", + "title": "CustomResponseBodyKey", + "type": "string" + }, + "ResponseCode": { + "markdownDescription": "The HTTP status code to return to the client.\n\nFor a list of status codes that you can use in your custom responses, see [Supported status codes for custom response](https://docs.aws.amazon.com/waf/latest/developerguide/customizing-the-response-status-codes.html) in the *AWS WAF Developer Guide* .", + "title": "ResponseCode", + "type": "number" + }, + "ResponseHeaders": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomHTTPHeader" + }, + "markdownDescription": "The HTTP headers to use in the response. You can specify any header name except for `content-type` . Duplicate header names are not allowed.\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", + "title": "ResponseHeaders", + "type": "array" + } + }, + "required": [ + "ResponseCode" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.CustomResponseBody": { + "additionalProperties": false, + "properties": { + "Content": { + "markdownDescription": "The payload of the custom response.\n\nYou can use JSON escape strings in JSON content. To do this, you must specify JSON content in the `ContentType` setting.\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", + "title": "Content", + "type": "string" + }, + "ContentType": { + "markdownDescription": "The type of content in the payload that you are defining in the `Content` string.", + "title": "ContentType", + "type": "string" + } + }, + "required": [ + "Content", + "ContentType" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.FieldToMatch": { + "additionalProperties": false, + "properties": { + "AllQueryArguments": { + "markdownDescription": "Inspect all query arguments.", + "title": "AllQueryArguments", + "type": "object" + }, + "Body": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Body", + "markdownDescription": "Inspect the request body as plain text. The request body immediately follows the request headers. This is the part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n- For AWS Amplify , use the CloudFront limit.\n\nFor information about how to handle oversized request bodies, see the `Body` object configuration.", + "title": "Body" + }, + "Cookies": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Cookies", + "markdownDescription": "Inspect the request cookies. You must configure scope and pattern matching filters in the `Cookies` object, to define the set of cookies and the parts of the cookies that AWS WAF inspects.\n\nOnly the first 8 KB (8192 bytes) of a request's cookies and only the first 200 cookies are forwarded to AWS WAF for inspection by the underlying host service. You must configure how to handle any oversize cookie content in the `Cookies` object. AWS WAF applies the pattern matching filters to the cookies that it receives from the underlying host service.", + "title": "Cookies" + }, + "Headers": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Headers", + "markdownDescription": "Inspect the request headers. You must configure scope and pattern matching filters in the `Headers` object, to define the set of headers to and the parts of the headers that AWS WAF inspects.\n\nOnly the first 8 KB (8192 bytes) of a request's headers and only the first 200 headers are forwarded to AWS WAF for inspection by the underlying host service. You must configure how to handle any oversize header content in the `Headers` object. AWS WAF applies the pattern matching filters to the headers that it receives from the underlying host service.", + "title": "Headers" + }, + "JA3Fingerprint": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.JA3Fingerprint", + "markdownDescription": "Available for use with Amazon CloudFront distributions and Application Load Balancers. Match against the request's JA3 fingerprint. The JA3 fingerprint is a 32-character hash derived from the TLS Client Hello of an incoming request. This fingerprint serves as a unique identifier for the client's TLS configuration. AWS WAF calculates and logs this fingerprint for each request that has enough TLS Client Hello information for the calculation. Almost all web requests include this information.\n\n> You can use this choice only with a string match `ByteMatchStatement` with the `PositionalConstraint` set to `EXACTLY` . \n\nYou can obtain the JA3 fingerprint for client requests from the web ACL logs. If AWS WAF is able to calculate the fingerprint, it includes it in the logs. For information about the logging fields, see [Log fields](https://docs.aws.amazon.com/waf/latest/developerguide/logging-fields.html) in the *AWS WAF Developer Guide* .\n\nProvide the JA3 fingerprint string from the logs in your string match statement specification, to match with any future requests that have the same TLS configuration.", + "title": "JA3Fingerprint" + }, + "JA4Fingerprint": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.JA4Fingerprint", + "markdownDescription": "Available for use with Amazon CloudFront distributions and Application Load Balancers. Match against the request's JA4 fingerprint. The JA4 fingerprint is a 36-character hash derived from the TLS Client Hello of an incoming request. This fingerprint serves as a unique identifier for the client's TLS configuration. AWS WAF calculates and logs this fingerprint for each request that has enough TLS Client Hello information for the calculation. Almost all web requests include this information.\n\n> You can use this choice only with a string match `ByteMatchStatement` with the `PositionalConstraint` set to `EXACTLY` . \n\nYou can obtain the JA4 fingerprint for client requests from the web ACL logs. If AWS WAF is able to calculate the fingerprint, it includes it in the logs. For information about the logging fields, see [Log fields](https://docs.aws.amazon.com/waf/latest/developerguide/logging-fields.html) in the *AWS WAF Developer Guide* .\n\nProvide the JA4 fingerprint string from the logs in your string match statement specification, to match with any future requests that have the same TLS configuration.", + "title": "JA4Fingerprint" + }, + "JsonBody": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.JsonBody", + "markdownDescription": "Inspect the request body as JSON. The request body immediately follows the request headers. This is the part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n- For AWS Amplify , use the CloudFront limit.\n\nFor information about how to handle oversized request bodies, see the `JsonBody` object configuration.", + "title": "JsonBody" + }, + "Method": { + "markdownDescription": "Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.", + "title": "Method", + "type": "object" + }, + "QueryString": { + "markdownDescription": "Inspect the query string. This is the part of a URL that appears after a `?` character, if any.", + "title": "QueryString", + "type": "object" + }, + "SingleHeader": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.SingleHeader", + "markdownDescription": "Inspect a single header. Provide the name of the header to inspect, for example, `User-Agent` or `Referer` . This setting isn't case sensitive.\n\nExample JSON: `\"SingleHeader\": { \"Name\": \"haystack\" }`\n\nAlternately, you can filter and inspect all headers with the `Headers` `FieldToMatch` setting.", + "title": "SingleHeader" + }, + "SingleQueryArgument": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.SingleQueryArgument", + "markdownDescription": "Inspect a single query argument. Provide the name of the query argument to inspect, such as *UserName* or *SalesRegion* . The name can be up to 30 characters long and isn't case sensitive.\n\nExample JSON: `\"SingleQueryArgument\": { \"Name\": \"myArgument\" }`", + "title": "SingleQueryArgument" + }, + "UriFragment": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.UriFragment", + "markdownDescription": "Inspect fragments of the request URI. You must configure scope and pattern matching filters in the `UriFragment` object, to define the fragment of a URI that AWS WAF inspects.\n\nOnly the first 8 KB (8192 bytes) of a request's URI fragments and only the first 200 URI fragments are forwarded to AWS WAF for inspection by the underlying host service. You must configure how to handle any oversize URI fragment content in the `UriFragment` object. AWS WAF applies the pattern matching filters to the cookies that it receives from the underlying host service.", + "title": "UriFragment" + }, + "UriPath": { + "markdownDescription": "Inspect the request URI path. This is the part of the web request that identifies a resource, for example, `/images/daily-ad.jpg` .", + "title": "UriPath", + "type": "object" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.ForwardedIPConfiguration": { + "additionalProperties": false, + "properties": { + "FallbackBehavior": { + "markdownDescription": "The match status to assign to the web request if the request doesn't have a valid IP address in the specified position.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. \n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", + "title": "FallbackBehavior", + "type": "string" + }, + "HeaderName": { + "markdownDescription": "The name of the HTTP header to use for the IP address. For example, to use the X-Forwarded-For (XFF) header, set this to `X-Forwarded-For` .\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all.", + "title": "HeaderName", + "type": "string" + } + }, + "required": [ + "FallbackBehavior", + "HeaderName" ], "type": "object" }, - "AWS::WAFRegional::GeoMatchSet.GeoMatchConstraint": { + "AWS::WAFv2::RuleGroup.GeoMatchStatement": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The type of geographical area you want AWS WAF to search for. Currently `Country` is the only valid value.", - "title": "Type", - "type": "string" + "CountryCodes": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of two-character country codes that you want to match against, for example, `[ \"US\", \"CN\" ]` , from the alpha-2 country ISO codes of the ISO 3166 international standard.\n\nWhen you use a geo match statement just for the region and country labels that it adds to requests, you still have to supply a country code for the rule to evaluate. In this case, you configure the rule to only count matching requests, but it will still generate logging and count metrics for any matches. You can reduce the logging and metrics that the rule produces by specifying a country that's unlikely to be a source of traffic to your site.", + "title": "CountryCodes", + "type": "array" }, - "Value": { - "markdownDescription": "The country that you want AWS WAF to search for.", - "title": "Value", - "type": "string" + "ForwardedIPConfig": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ForwardedIPConfiguration", + "markdownDescription": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all.", + "title": "ForwardedIPConfig" } }, - "required": [ - "Type", - "Value" - ], "type": "object" }, - "AWS::WAFRegional::IPSet": { + "AWS::WAFv2::RuleGroup.HeaderMatchPattern": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { + "All": { + "markdownDescription": "Inspect all headers.", + "title": "All", "type": "object" }, - "Properties": { - "additionalProperties": false, - "properties": { - "IPSetDescriptors": { - "items": { - "$ref": "#/definitions/AWS::WAFRegional::IPSet.IPSetDescriptor" - }, - "markdownDescription": "The IP address type ( `IPV4` or `IPV6` ) and the IP address range (in CIDR notation) that web requests originate from.", - "title": "IPSetDescriptors", - "type": "array" - }, - "Name": { - "markdownDescription": "A friendly name or description of the `IPSet` . You can't change the name of an `IPSet` after you create it.", - "title": "Name", - "type": "string" - } + "ExcludedHeaders": { + "items": { + "type": "string" }, - "required": [ - "Name" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::WAFRegional::IPSet" - ], - "type": "string" + "markdownDescription": "Inspect only the headers whose keys don't match any of the strings specified here.", + "title": "ExcludedHeaders", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "IncludedHeaders": { + "items": { + "type": "string" + }, + "markdownDescription": "Inspect only the headers that have a key that matches one of the strings specified here.", + "title": "IncludedHeaders", + "type": "array" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::WAFRegional::IPSet.IPSetDescriptor": { + "AWS::WAFv2::RuleGroup.Headers": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "Specify `IPV4` or `IPV6` .", - "title": "Type", + "MatchPattern": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.HeaderMatchPattern", + "markdownDescription": "The filter to use to identify the subset of headers to inspect in a web request.\n\nYou must specify exactly one setting: either `All` , `IncludedHeaders` , or `ExcludedHeaders` .\n\nExample JSON: `\"MatchPattern\": { \"ExcludedHeaders\": [ \"KeyToExclude1\", \"KeyToExclude2\" ] }`", + "title": "MatchPattern" + }, + "MatchScope": { + "markdownDescription": "The parts of the headers to match with the rule inspection criteria. If you specify `ALL` , AWS WAF inspects both keys and values.\n\n`All` does not require a match to be found in the keys and a match to be found in the values. It requires a match to be found in the keys or the values or both. To require a match in the keys and in the values, use a logical `AND` statement to combine two match rules, one that inspects the keys and another that inspects the values.", + "title": "MatchScope", "type": "string" }, - "Value": { - "markdownDescription": "Specify an IPv4 address by using CIDR notation. For example:\n\n- To configure AWS WAF to allow, block, or count requests that originated from the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure AWS WAF to allow, block, or count requests that originated from IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .\n\nSpecify an IPv6 address by using CIDR notation. For example:\n\n- To configure AWS WAF to allow, block, or count requests that originated from the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure AWS WAF to allow, block, or count requests that originated from IP addresses 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .", - "title": "Value", + "OversizeHandling": { + "markdownDescription": "What AWS WAF should do if the headers determined by your match scope are more numerous or larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request headers when they exceed 8 KB (8192 bytes) or 200 total headers. The underlying host service forwards a maximum of 200 headers and at most 8 KB of header contents to AWS WAF .\n\nThe options for oversize handling are the following:\n\n- `CONTINUE` - Inspect the available headers normally, according to the rule inspection criteria.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", + "title": "OversizeHandling", "type": "string" } }, "required": [ - "Type", - "Value" + "MatchPattern", + "MatchScope", + "OversizeHandling" ], "type": "object" }, - "AWS::WAFRegional::RateBasedRule": { + "AWS::WAFv2::RuleGroup.IPSetForwardedIPConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FallbackBehavior": { + "markdownDescription": "The match status to assign to the web request if the request doesn't have a valid IP address in the specified position.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. \n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", + "title": "FallbackBehavior", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "MatchPredicates": { - "items": { - "$ref": "#/definitions/AWS::WAFRegional::RateBasedRule.Predicate" - }, - "markdownDescription": "The `Predicates` object contains one `Predicate` element for each `ByteMatchSet` , `IPSet` , or `SqlInjectionMatchSet>` object that you want to include in a `RateBasedRule` .", - "title": "MatchPredicates", - "type": "array" - }, - "MetricName": { - "markdownDescription": "A name for the metrics for a `RateBasedRule` . The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128 and minimum length one. It can't contain whitespace or metric names reserved for AWS WAF , including \"All\" and \"Default_Action.\" You can't change the name of the metric after you create the `RateBasedRule` .", - "title": "MetricName", - "type": "string" - }, - "Name": { - "markdownDescription": "A friendly name or description for a `RateBasedRule` . You can't change the name of a `RateBasedRule` after you create it.", - "title": "Name", - "type": "string" - }, - "RateKey": { - "markdownDescription": "The field that AWS WAF uses to determine if requests are likely arriving from single source and thus subject to rate monitoring. The only valid value for `RateKey` is `IP` . `IP` indicates that requests arriving from the same IP address are subject to the `RateLimit` that is specified in the `RateBasedRule` .", - "title": "RateKey", - "type": "string" - }, - "RateLimit": { - "markdownDescription": "The maximum number of requests, which have an identical value in the field specified by the `RateKey` , allowed in a five-minute period. If the number of requests exceeds the `RateLimit` and the other predicates specified in the rule are also met, AWS WAF triggers the action that is specified for this rule.", - "title": "RateLimit", - "type": "number" - } - }, - "required": [ - "MetricName", - "Name", - "RateKey", - "RateLimit" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::WAFRegional::RateBasedRule" - ], + "HeaderName": { + "markdownDescription": "The name of the HTTP header to use for the IP address. For example, to use the X-Forwarded-For (XFF) header, set this to `X-Forwarded-For` .\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all.", + "title": "HeaderName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Position": { + "markdownDescription": "The position in the header to search for the IP address. The header can contain IP addresses of the original client and also of proxies. For example, the header value could be `10.1.1.1, 127.0.0.0, 10.10.10.10` where the first IP address identifies the original client and the rest identify proxies that the request went through.\n\nThe options for this setting are the following:\n\n- FIRST - Inspect the first IP address in the list of IP addresses in the header. This is usually the client's original IP.\n- LAST - Inspect the last IP address in the list of IP addresses in the header.\n- ANY - Inspect all IP addresses in the header for a match. If the header contains more than 10 IP addresses, AWS WAF inspects the last 10.", + "title": "Position", "type": "string" } }, "required": [ - "Type", - "Properties" + "FallbackBehavior", + "HeaderName", + "Position" ], "type": "object" }, - "AWS::WAFRegional::RateBasedRule.Predicate": { + "AWS::WAFv2::RuleGroup.IPSetReferenceStatement": { "additionalProperties": false, "properties": { - "DataId": { - "markdownDescription": "A unique identifier for a predicate in a `Rule` , such as `ByteMatchSetId` or `IPSetId` . The ID is returned by the corresponding `Create` or `List` command.", - "title": "DataId", + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the `IPSet` that this statement references.", + "title": "Arn", "type": "string" }, - "Negated": { - "markdownDescription": "Set `Negated` to `False` if you want AWS WAF to allow, block, or count requests based on the settings in the specified `ByteMatchSet` , `IPSet` , `SqlInjectionMatchSet` , `XssMatchSet` , `RegexMatchSet` , `GeoMatchSet` , or `SizeConstraintSet` . For example, if an `IPSet` includes the IP address `192.0.2.44` , AWS WAF will allow or block requests based on that IP address.\n\nSet `Negated` to `True` if you want AWS WAF to allow or block a request based on the negation of the settings in the `ByteMatchSet` , `IPSet` , `SqlInjectionMatchSet` , `XssMatchSet` , `RegexMatchSet` , `GeoMatchSet` , or `SizeConstraintSet` >. For example, if an `IPSet` includes the IP address `192.0.2.44` , AWS WAF will allow, block, or count requests based on all IP addresses *except* `192.0.2.44` .", - "title": "Negated", - "type": "boolean" - }, - "Type": { - "markdownDescription": "The type of predicate in a `Rule` , such as `ByteMatch` or `IPSet` .", - "title": "Type", - "type": "string" + "IPSetForwardedIPConfig": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.IPSetForwardedIPConfiguration", + "markdownDescription": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all.", + "title": "IPSetForwardedIPConfig" } }, "required": [ - "DataId", - "Negated", - "Type" + "Arn" ], "type": "object" }, - "AWS::WAFRegional::RegexPatternSet": { + "AWS::WAFv2::RuleGroup.ImmunityTimeProperty": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "A friendly name or description of the `RegexPatternSet` . You can't change `Name` after you create a `RegexPatternSet` .", - "title": "Name", - "type": "string" - }, - "RegexPatternStrings": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the regular expression (regex) patterns that you want AWS WAF to search for, such as `B[a@]dB[o0]t` .", - "title": "RegexPatternStrings", - "type": "array" - } - }, - "required": [ - "Name", - "RegexPatternStrings" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::WAFRegional::RegexPatternSet" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "ImmunityTime": { + "markdownDescription": "The amount of time, in seconds, that a `CAPTCHA` or challenge timestamp is considered valid by AWS WAF . The default setting is 300.\n\nFor the Challenge action, the minimum setting is 300.", + "title": "ImmunityTime", + "type": "number" } }, "required": [ - "Type", - "Properties" + "ImmunityTime" ], "type": "object" }, - "AWS::WAFRegional::Rule": { + "AWS::WAFv2::RuleGroup.JA3Fingerprint": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "MetricName": { - "markdownDescription": "A name for the metrics for this `Rule` . The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128 and minimum length one. It can't contain whitespace or metric names reserved for AWS WAF, including \"All\" and \"Default_Action.\" You can't change `MetricName` after you create the `Rule` .", - "title": "MetricName", - "type": "string" - }, - "Name": { - "markdownDescription": "The friendly name or description for the `Rule` . You can't change the name of a `Rule` after you create it.", - "title": "Name", - "type": "string" - }, - "Predicates": { - "items": { - "$ref": "#/definitions/AWS::WAFRegional::Rule.Predicate" - }, - "markdownDescription": "The `Predicates` object contains one `Predicate` element for each `ByteMatchSet` , `IPSet` , or `SqlInjectionMatchSet` object that you want to include in a `Rule` .", - "title": "Predicates", - "type": "array" - } - }, - "required": [ - "MetricName", - "Name" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::WAFRegional::Rule" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FallbackBehavior": { + "markdownDescription": "The match status to assign to the web request if the request doesn't have a JA3 fingerprint.\n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", + "title": "FallbackBehavior", "type": "string" } }, "required": [ - "Type", - "Properties" + "FallbackBehavior" ], "type": "object" }, - "AWS::WAFRegional::Rule.Predicate": { + "AWS::WAFv2::RuleGroup.JA4Fingerprint": { "additionalProperties": false, "properties": { - "DataId": { - "markdownDescription": "A unique identifier for a predicate in a `Rule` , such as `ByteMatchSetId` or `IPSetId` . The ID is returned by the corresponding `Create` or `List` command.", - "title": "DataId", - "type": "string" - }, - "Negated": { - "markdownDescription": "Set `Negated` to `False` if you want AWS WAF to allow, block, or count requests based on the settings in the specified `ByteMatchSet` , `IPSet` , `SqlInjectionMatchSet` , `XssMatchSet` , `RegexMatchSet` , `GeoMatchSet` , or `SizeConstraintSet` . For example, if an `IPSet` includes the IP address `192.0.2.44` , AWS WAF will allow or block requests based on that IP address.\n\nSet `Negated` to `True` if you want AWS WAF to allow or block a request based on the negation of the settings in the `ByteMatchSet` , `IPSet` , `SqlInjectionMatchSet` , `XssMatchSet` , `RegexMatchSet` , `GeoMatchSet` , or `SizeConstraintSet` . For example, if an `IPSet` includes the IP address `192.0.2.44` , AWS WAF will allow, block, or count requests based on all IP addresses *except* `192.0.2.44` .", - "title": "Negated", - "type": "boolean" - }, - "Type": { - "markdownDescription": "The type of predicate in a `Rule` , such as `ByteMatch` or `IPSet` .", - "title": "Type", + "FallbackBehavior": { + "markdownDescription": "The match status to assign to the web request if the request doesn't have a JA4 fingerprint.\n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", + "title": "FallbackBehavior", "type": "string" } }, "required": [ - "DataId", - "Negated", - "Type" + "FallbackBehavior" ], "type": "object" }, - "AWS::WAFRegional::SizeConstraintSet": { + "AWS::WAFv2::RuleGroup.JsonBody": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "InvalidFallbackBehavior": { + "markdownDescription": "What AWS WAF should do if it fails to completely parse the JSON body. The options are the following:\n\n- `EVALUATE_AS_STRING` - Inspect the body as plain text. AWS WAF applies the text transformations and inspection criteria that you defined for the JSON inspection to the body text string.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.\n\nIf you don't provide this setting, AWS WAF parses and evaluates the content only up to the first parsing failure that it encounters.\n\n> AWS WAF parsing doesn't fully validate the input JSON string, so parsing can succeed even for invalid JSON. When parsing succeeds, AWS WAF doesn't apply the fallback behavior. For more information, see [JSON body](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-fields-list.html#waf-rule-statement-request-component-json-body) in the *AWS WAF Developer Guide* .", + "title": "InvalidFallbackBehavior", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name, if any, of the `SizeConstraintSet` .", - "title": "Name", - "type": "string" - }, - "SizeConstraints": { - "items": { - "$ref": "#/definitions/AWS::WAFRegional::SizeConstraintSet.SizeConstraint" - }, - "markdownDescription": "The size constraint and the part of the web request to check.", - "title": "SizeConstraints", - "type": "array" - } - }, - "required": [ - "Name" - ], - "type": "object" + "MatchPattern": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.JsonMatchPattern", + "markdownDescription": "The patterns to look for in the JSON body. AWS WAF inspects the results of these pattern matches against the rule inspection criteria.", + "title": "MatchPattern" }, - "Type": { - "enum": [ - "AWS::WAFRegional::SizeConstraintSet" - ], + "MatchScope": { + "markdownDescription": "The parts of the JSON to match against using the `MatchPattern` . If you specify `ALL` , AWS WAF matches against keys and values.\n\n`All` does not require a match to be found in the keys and a match to be found in the values. It requires a match to be found in the keys or the values or both. To require a match in the keys and in the values, use a logical `AND` statement to combine two match rules, one that inspects the keys and another that inspects the values.", + "title": "MatchScope", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "OversizeHandling": { + "markdownDescription": "What AWS WAF should do if the body is larger than AWS WAF can inspect.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n- For AWS Amplify , use the CloudFront limit.\n\nThe options for oversize handling are the following:\n\n- `CONTINUE` - Inspect the available body contents normally, according to the rule inspection criteria.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.\n\nYou can combine the `MATCH` or `NO_MATCH` settings for oversize handling with your rule and web ACL action settings, so that you block any request whose body is over the limit.\n\nDefault: `CONTINUE`", + "title": "OversizeHandling", "type": "string" } }, "required": [ - "Type", - "Properties" + "MatchPattern", + "MatchScope" ], "type": "object" }, - "AWS::WAFRegional::SizeConstraintSet.FieldToMatch": { + "AWS::WAFv2::RuleGroup.JsonMatchPattern": { "additionalProperties": false, "properties": { - "Data": { - "markdownDescription": "When the value of `Type` is `HEADER` , enter the name of the header that you want AWS WAF to search, for example, `User-Agent` or `Referer` . The name of the header is not case sensitive.\n\nWhen the value of `Type` is `SINGLE_QUERY_ARG` , enter the name of the parameter that you want AWS WAF to search, for example, `UserName` or `SalesRegion` . The parameter name is not case sensitive.\n\nIf the value of `Type` is any other value, omit `Data` .", - "title": "Data", - "type": "string" + "All": { + "markdownDescription": "Match all of the elements. See also `MatchScope` in the `JsonBody` `FieldToMatch` specification.\n\nYou must specify either this setting or the `IncludedPaths` setting, but not both.", + "title": "All", + "type": "object" }, - "Type": { - "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicates the type of operation that the request is asking the origin to perform.\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", - "title": "Type", + "IncludedPaths": { + "items": { + "type": "string" + }, + "markdownDescription": "Match only the specified include paths. See also `MatchScope` in the `JsonBody` `FieldToMatch` specification.\n\nProvide the include paths using JSON Pointer syntax. For example, `\"IncludedPaths\": [\"/dogs/0/name\", \"/dogs/1/name\"]` . For information about this syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nYou must specify either this setting or the `All` setting, but not both.\n\n> Don't use this option to include all paths. Instead, use the `All` setting.", + "title": "IncludedPaths", + "type": "array" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.Label": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The label string.", + "title": "Name", "type": "string" } }, "required": [ - "Type" + "Name" ], "type": "object" }, - "AWS::WAFRegional::SizeConstraintSet.SizeConstraint": { + "AWS::WAFv2::RuleGroup.LabelMatchStatement": { "additionalProperties": false, "properties": { - "ComparisonOperator": { - "markdownDescription": "The type of comparison you want AWS WAF to perform. AWS WAF uses this in combination with the provided `Size` and `FieldToMatch` to build an expression in the form of \" `Size` `ComparisonOperator` size in bytes of `FieldToMatch` \". If that expression is true, the `SizeConstraint` is considered to match.\n\n*EQ* : Used to test if the `Size` is equal to the size of the `FieldToMatch`\n\n*NE* : Used to test if the `Size` is not equal to the size of the `FieldToMatch`\n\n*LE* : Used to test if the `Size` is less than or equal to the size of the `FieldToMatch`\n\n*LT* : Used to test if the `Size` is strictly less than the size of the `FieldToMatch`\n\n*GE* : Used to test if the `Size` is greater than or equal to the size of the `FieldToMatch`\n\n*GT* : Used to test if the `Size` is strictly greater than the size of the `FieldToMatch`", - "title": "ComparisonOperator", + "Key": { + "markdownDescription": "The string to match against. The setting you provide for this depends on the match statement's `Scope` setting:\n\n- If the `Scope` indicates `LABEL` , then this specification must include the name and can include any number of preceding namespace specifications and prefix up to providing the fully qualified label name.\n- If the `Scope` indicates `NAMESPACE` , then this specification can include any number of contiguous namespace strings, and can include the entire label namespace prefix from the rule group or web ACL where the label originates.\n\nLabels are case sensitive and components of a label must be separated by colon, for example `NS1:NS2:name` .", + "title": "Key", "type": "string" }, - "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFRegional::SizeConstraintSet.FieldToMatch", - "markdownDescription": "The part of a web request that you want AWS WAF to inspect, such as a specific header or a query string.", - "title": "FieldToMatch" - }, - "Size": { - "markdownDescription": "The size in bytes that you want AWS WAF to compare against the size of the specified `FieldToMatch` . AWS WAF uses this in combination with `ComparisonOperator` and `FieldToMatch` to build an expression in the form of \" `Size` `ComparisonOperator` size in bytes of `FieldToMatch` \". If that expression is true, the `SizeConstraint` is considered to match.\n\nValid values for size are 0 - 21474836480 bytes (0 - 20 GB).\n\nIf you specify `URI` for the value of `Type` , the / in the URI path that you specify counts as one character. For example, the URI `/logo.jpg` is nine characters long.", - "title": "Size", - "type": "number" - }, - "TextTransformation": { - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting a request for a match.\n\nYou can only specify a single type of TextTransformation.\n\nNote that if you choose `BODY` for the value of `Type` , you must choose `NONE` for `TextTransformation` because the API Gateway API or Application Load Balancer forward only the first 8192 bytes for inspection.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.", - "title": "TextTransformation", + "Scope": { + "markdownDescription": "Specify whether you want to match using the label name or just the namespace.", + "title": "Scope", "type": "string" } }, "required": [ - "ComparisonOperator", - "FieldToMatch", - "Size", - "TextTransformation" + "Key", + "Scope" ], "type": "object" }, - "AWS::WAFRegional::SqlInjectionMatchSet": { + "AWS::WAFv2::RuleGroup.LabelSummary": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name, if any, of the `SqlInjectionMatchSet` .", - "title": "Name", - "type": "string" - }, - "SqlInjectionMatchTuples": { - "items": { - "$ref": "#/definitions/AWS::WAFRegional::SqlInjectionMatchSet.SqlInjectionMatchTuple" - }, - "markdownDescription": "Specifies the parts of web requests that you want to inspect for snippets of malicious SQL code.", - "title": "SqlInjectionMatchTuples", - "type": "array" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::WAFRegional::SqlInjectionMatchSet" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "An individual label specification.", + "title": "Name", "type": "string" } }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.NotStatement": { + "additionalProperties": false, + "properties": { + "Statement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Statement", + "markdownDescription": "The statement to negate. You can use any statement that can be nested.", + "title": "Statement" + } + }, "required": [ - "Type", - "Properties" + "Statement" ], "type": "object" }, - "AWS::WAFRegional::SqlInjectionMatchSet.FieldToMatch": { + "AWS::WAFv2::RuleGroup.OrStatement": { "additionalProperties": false, "properties": { - "Data": { - "markdownDescription": "When the value of `Type` is `HEADER` , enter the name of the header that you want AWS WAF to search, for example, `User-Agent` or `Referer` . The name of the header is not case sensitive.\n\nWhen the value of `Type` is `SINGLE_QUERY_ARG` , enter the name of the parameter that you want AWS WAF to search, for example, `UserName` or `SalesRegion` . The parameter name is not case sensitive.\n\nIf the value of `Type` is any other value, omit `Data` .", - "title": "Data", - "type": "string" - }, - "Type": { - "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicates the type of operation that the request is asking the origin to perform.\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", - "title": "Type", - "type": "string" + "Statements": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Statement" + }, + "markdownDescription": "The statements to combine with OR logic. You can use any statements that can be nested.", + "title": "Statements", + "type": "array" } }, "required": [ - "Type" + "Statements" ], "type": "object" }, - "AWS::WAFRegional::SqlInjectionMatchSet.SqlInjectionMatchTuple": { + "AWS::WAFv2::RuleGroup.RateBasedStatement": { "additionalProperties": false, "properties": { - "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFRegional::SqlInjectionMatchSet.FieldToMatch", - "markdownDescription": "The part of a web request that you want AWS WAF to inspect, such as a specific header or a query string.", - "title": "FieldToMatch" - }, - "TextTransformation": { - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting it for a match.\n\nYou can only specify a single type of TextTransformation.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.", - "title": "TextTransformation", + "AggregateKeyType": { + "markdownDescription": "Setting that indicates how to aggregate the request counts.\n\n> Web requests that are missing any of the components specified in the aggregation keys are omitted from the rate-based rule evaluation and handling. \n\n- `CONSTANT` - Count and limit the requests that match the rate-based rule's scope-down statement. With this option, the counted requests aren't further aggregated. The scope-down statement is the only specification used. When the count of all requests that satisfy the scope-down statement goes over the limit, AWS WAF applies the rule action to all requests that satisfy the scope-down statement.\n\nWith this option, you must configure the `ScopeDownStatement` property.\n- `CUSTOM_KEYS` - Aggregate the request counts using one or more web request components as the aggregate keys.\n\nWith this option, you must specify the aggregate keys in the `CustomKeys` property.\n\nTo aggregate on only the IP address or only the forwarded IP address, don't use custom keys. Instead, set the aggregate key type to `IP` or `FORWARDED_IP` .\n- `FORWARDED_IP` - Aggregate the request counts on the first IP address in an HTTP header.\n\nWith this option, you must specify the header to use in the `ForwardedIPConfig` property.\n\nTo aggregate on a combination of the forwarded IP address with other aggregate keys, use `CUSTOM_KEYS` .\n- `IP` - Aggregate the request counts on the IP address from the web request origin.\n\nTo aggregate on a combination of the IP address with other aggregate keys, use `CUSTOM_KEYS` .", + "title": "AggregateKeyType", "type": "string" + }, + "CustomKeys": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateBasedStatementCustomKey" + }, + "markdownDescription": "Specifies the aggregate keys to use in a rate-base rule.", + "title": "CustomKeys", + "type": "array" + }, + "EvaluationWindowSec": { + "markdownDescription": "The amount of time, in seconds, that AWS WAF should include in its request counts, looking back from the current time. For example, for a setting of 120, when AWS WAF checks the rate, it counts the requests for the 2 minutes immediately preceding the current time. Valid settings are 60, 120, 300, and 600.\n\nThis setting doesn't determine how often AWS WAF checks the rate, but how far back it looks each time it checks. AWS WAF checks the rate about every 10 seconds.\n\nDefault: `300` (5 minutes)", + "title": "EvaluationWindowSec", + "type": "number" + }, + "ForwardedIPConfig": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ForwardedIPConfiguration", + "markdownDescription": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. \n\nThis is required if you specify a forwarded IP in the rule's aggregate key settings.", + "title": "ForwardedIPConfig" + }, + "Limit": { + "markdownDescription": "The limit on requests during the specified evaluation window for a single aggregation instance for the rate-based rule. If the rate-based statement includes a `ScopeDownStatement` , this limit is applied only to the requests that match the statement.\n\nExamples:\n\n- If you aggregate on just the IP address, this is the limit on requests from any single IP address.\n- If you aggregate on the HTTP method and the query argument name \"city\", then this is the limit on requests for any single method, city pair.", + "title": "Limit", + "type": "number" + }, + "ScopeDownStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Statement", + "markdownDescription": "An optional nested statement that narrows the scope of the web requests that are evaluated and managed by the rate-based statement. When you use a scope-down statement, the rate-based rule only tracks and rate limits requests that match the scope-down statement. You can use any nestable `Statement` in the scope-down statement, and you can nest statements at any level, the same as you can for a rule statement.", + "title": "ScopeDownStatement" } }, "required": [ - "FieldToMatch", - "TextTransformation" + "AggregateKeyType", + "Limit" ], "type": "object" }, - "AWS::WAFRegional::WebACL": { + "AWS::WAFv2::RuleGroup.RateBasedStatementCustomKey": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "ASN": { + "markdownDescription": "Use an Autonomous System Number (ASN) derived from the request's originating or forwarded IP address as an aggregate key. Each distinct ASN contributes to the aggregation instance.", + "title": "ASN", + "type": "object" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Cookie": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitCookie", + "markdownDescription": "Use the value of a cookie in the request as an aggregate key. Each distinct value in the cookie contributes to the aggregation instance. If you use a single cookie as your custom key, then each value fully defines an aggregation instance.", + "title": "Cookie" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ForwardedIP": { + "markdownDescription": "Use the first IP address in an HTTP header as an aggregate key. Each distinct forwarded IP address contributes to the aggregation instance.\n\nWhen you specify an IP or forwarded IP in the custom key settings, you must also specify at least one other key to use. You can aggregate on only the forwarded IP address by specifying `FORWARDED_IP` in your rate-based statement's `AggregateKeyType` .\n\nWith this option, you must specify the header to use in the rate-based rule's `ForwardedIPConfig` property.", + "title": "ForwardedIP", + "type": "object" }, - "Metadata": { + "HTTPMethod": { + "markdownDescription": "Use the request's HTTP method as an aggregate key. Each distinct HTTP method contributes to the aggregation instance. If you use just the HTTP method as your custom key, then each method fully defines an aggregation instance.", + "title": "HTTPMethod", "type": "object" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DefaultAction": { - "$ref": "#/definitions/AWS::WAFRegional::WebACL.Action", - "markdownDescription": "The action to perform if none of the `Rules` contained in the `WebACL` match. The action is specified by the `WafAction` object.", - "title": "DefaultAction" - }, - "MetricName": { - "markdownDescription": "A name for the metrics for this `WebACL` . The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128 and minimum length one. It can't contain whitespace or metric names reserved for AWS WAF, including \"All\" and \"Default_Action.\" You can't change `MetricName` after you create the `WebACL` .", - "title": "MetricName", - "type": "string" - }, - "Name": { - "markdownDescription": "A friendly name or description of the `WebACL` . You can't change the name of a `WebACL` after you create it.", - "title": "Name", - "type": "string" - }, - "Rules": { - "items": { - "$ref": "#/definitions/AWS::WAFRegional::WebACL.Rule" - }, - "markdownDescription": "An array that contains the action for each `Rule` in a `WebACL` , the priority of the `Rule` , and the ID of the `Rule` .", - "title": "Rules", - "type": "array" - } - }, - "required": [ - "DefaultAction", - "MetricName", - "Name" - ], + "Header": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitHeader", + "markdownDescription": "Use the value of a header in the request as an aggregate key. Each distinct value in the header contributes to the aggregation instance. If you use a single header as your custom key, then each value fully defines an aggregation instance.", + "title": "Header" + }, + "IP": { + "markdownDescription": "Use the request's originating IP address as an aggregate key. Each distinct IP address contributes to the aggregation instance.\n\nWhen you specify an IP or forwarded IP in the custom key settings, you must also specify at least one other key to use. You can aggregate on only the IP address by specifying `IP` in your rate-based statement's `AggregateKeyType` .", + "title": "IP", "type": "object" }, - "Type": { - "enum": [ - "AWS::WAFRegional::WebACL" - ], - "type": "string" + "JA3Fingerprint": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitJA3Fingerprint", + "markdownDescription": "Use the request's JA3 fingerprint as an aggregate key. If you use a single JA3 fingerprint as your custom key, then each value fully defines an aggregation instance.", + "title": "JA3Fingerprint" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "JA4Fingerprint": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitJA4Fingerprint", + "markdownDescription": "Use the request's JA4 fingerprint as an aggregate key. If you use a single JA4 fingerprint as your custom key, then each value fully defines an aggregation instance.", + "title": "JA4Fingerprint" + }, + "LabelNamespace": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitLabelNamespace", + "markdownDescription": "Use the specified label namespace as an aggregate key. Each distinct fully qualified label name that has the specified label namespace contributes to the aggregation instance. If you use just one label namespace as your custom key, then each label name fully defines an aggregation instance.\n\nThis uses only labels that have been added to the request by rules that are evaluated before this rate-based rule in the web ACL.\n\nFor information about label namespaces and names, see [Label syntax and naming requirements](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-label-requirements.html) in the *AWS WAF Developer Guide* .", + "title": "LabelNamespace" + }, + "QueryArgument": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitQueryArgument", + "markdownDescription": "Use the specified query argument as an aggregate key. Each distinct value for the named query argument contributes to the aggregation instance. If you use a single query argument as your custom key, then each value fully defines an aggregation instance.", + "title": "QueryArgument" + }, + "QueryString": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitQueryString", + "markdownDescription": "Use the request's query string as an aggregate key. Each distinct string contributes to the aggregation instance. If you use just the query string as your custom key, then each string fully defines an aggregation instance.", + "title": "QueryString" + }, + "UriPath": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitUriPath", + "markdownDescription": "Use the request's URI path as an aggregate key. Each distinct URI path contributes to the aggregation instance. If you use just the URI path as your custom key, then each URI path fully defines an aggregation instance.", + "title": "UriPath" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.RateLimitCookie": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the cookie to use.", + "title": "Name", "type": "string" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + }, + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", + "title": "TextTransformations", + "type": "array" } }, "required": [ - "Type", - "Properties" + "Name", + "TextTransformations" ], "type": "object" }, - "AWS::WAFRegional::WebACL.Action": { + "AWS::WAFv2::RuleGroup.RateLimitHeader": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "For actions that are associated with a rule, the action that AWS WAF takes when a web request matches all conditions in a rule.\n\nFor the default action of a web access control list (ACL), the action that AWS WAF takes when a web request doesn't match all conditions in any rule.\n\nValid settings include the following:\n\n- `ALLOW` : AWS WAF allows requests\n- `BLOCK` : AWS WAF blocks requests\n- `COUNT` : AWS WAF increments a counter of the requests that match all of the conditions in the rule. AWS WAF then continues to inspect the web request based on the remaining rules in the web ACL. You can't specify `COUNT` for the default action for a WebACL.", - "title": "Type", + "Name": { + "markdownDescription": "The name of the header to use.", + "title": "Name", "type": "string" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + }, + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", + "title": "TextTransformations", + "type": "array" } }, "required": [ - "Type" + "Name", + "TextTransformations" ], "type": "object" }, - "AWS::WAFRegional::WebACL.Rule": { + "AWS::WAFv2::RuleGroup.RateLimitJA3Fingerprint": { "additionalProperties": false, "properties": { - "Action": { - "$ref": "#/definitions/AWS::WAFRegional::WebACL.Action", - "markdownDescription": "The action that AWS WAF takes when a web request matches all conditions in the rule, such as allow, block, or count the request.", - "title": "Action" - }, - "Priority": { - "markdownDescription": "The order in which AWS WAF evaluates the rules in a web ACL. AWS WAF evaluates rules with a lower value before rules with a higher value. The value must be a unique integer. If you have multiple rules in a web ACL, the priority numbers do not need to be consecutive.", - "title": "Priority", - "type": "number" - }, - "RuleId": { - "markdownDescription": "The ID of an AWS WAF Regional rule to associate with a web ACL.", - "title": "RuleId", + "FallbackBehavior": { + "markdownDescription": "The match status to assign to the web request if there is insufficient TSL Client Hello information to compute the JA3 fingerprint.\n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", + "title": "FallbackBehavior", "type": "string" } }, "required": [ - "Action", - "Priority", - "RuleId" + "FallbackBehavior" ], "type": "object" }, - "AWS::WAFRegional::WebACLAssociation": { + "AWS::WAFv2::RuleGroup.RateLimitJA4Fingerprint": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource to protect with the web ACL.", - "title": "ResourceArn", - "type": "string" - }, - "WebACLId": { - "markdownDescription": "A unique identifier (ID) for the web ACL.", - "title": "WebACLId", - "type": "string" - } - }, - "required": [ - "ResourceArn", - "WebACLId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::WAFRegional::WebACLAssociation" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FallbackBehavior": { + "markdownDescription": "The match status to assign to the web request if there is insufficient TSL Client Hello information to compute the JA4 fingerprint.\n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", + "title": "FallbackBehavior", "type": "string" } }, "required": [ - "Type", - "Properties" + "FallbackBehavior" ], "type": "object" }, - "AWS::WAFRegional::XssMatchSet": { + "AWS::WAFv2::RuleGroup.RateLimitLabelNamespace": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Namespace": { + "markdownDescription": "The namespace to use for aggregation.", + "title": "Namespace", "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name, if any, of the `XssMatchSet` .", - "title": "Name", - "type": "string" - }, - "XssMatchTuples": { - "items": { - "$ref": "#/definitions/AWS::WAFRegional::XssMatchSet.XssMatchTuple" - }, - "markdownDescription": "Specifies the parts of web requests that you want to inspect for cross-site scripting attacks.", - "title": "XssMatchTuples", - "type": "array" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::WAFRegional::XssMatchSet" - ], + } + }, + "required": [ + "Namespace" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.RateLimitQueryArgument": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the query argument to use.", + "title": "Name", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + }, + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", + "title": "TextTransformations", + "type": "array" } }, "required": [ - "Type", - "Properties" + "Name", + "TextTransformations" ], "type": "object" }, - "AWS::WAFRegional::XssMatchSet.FieldToMatch": { + "AWS::WAFv2::RuleGroup.RateLimitQueryString": { "additionalProperties": false, "properties": { - "Data": { - "markdownDescription": "When the value of `Type` is `HEADER` , enter the name of the header that you want AWS WAF to search, for example, `User-Agent` or `Referer` . The name of the header is not case sensitive.\n\nWhen the value of `Type` is `SINGLE_QUERY_ARG` , enter the name of the parameter that you want AWS WAF to search, for example, `UserName` or `SalesRegion` . The parameter name is not case sensitive.\n\nIf the value of `Type` is any other value, omit `Data` .", - "title": "Data", - "type": "string" - }, - "Type": { - "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicates the type of operation that the request is asking the origin to perform.\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", - "title": "Type", - "type": "string" + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + }, + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", + "title": "TextTransformations", + "type": "array" } }, "required": [ - "Type" + "TextTransformations" ], "type": "object" }, - "AWS::WAFRegional::XssMatchSet.XssMatchTuple": { + "AWS::WAFv2::RuleGroup.RateLimitUriPath": { + "additionalProperties": false, + "properties": { + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + }, + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", + "title": "TextTransformations", + "type": "array" + } + }, + "required": [ + "TextTransformations" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.RegexMatchStatement": { "additionalProperties": false, "properties": { "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFRegional::XssMatchSet.FieldToMatch", - "markdownDescription": "The part of a web request that you want AWS WAF to inspect, such as a specified header or a query string.", + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.FieldToMatch", + "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", "title": "FieldToMatch" }, - "TextTransformation": { - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting it for a match.\n\nYou can only specify a single type of TextTransformation.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.", - "title": "TextTransformation", + "RegexString": { + "markdownDescription": "The string representing the regular expression.", + "title": "RegexString", "type": "string" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + }, + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", + "title": "TextTransformations", + "type": "array" } }, "required": [ "FieldToMatch", - "TextTransformation" + "RegexString", + "TextTransformations" ], "type": "object" }, - "AWS::WAFv2::IPSet": { + "AWS::WAFv2::RuleGroup.RegexPatternSetReferenceStatement": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the `RegexPatternSet` that this statement references.", + "title": "Arn", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "FieldToMatch": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.FieldToMatch", + "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", + "title": "FieldToMatch" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Addresses": { - "items": { - "type": "string" - }, - "markdownDescription": "Contains an array of strings that specifies zero or more IP addresses or blocks of IP addresses that you want AWS WAF to inspect for in incoming requests. All addresses must be specified using Classless Inter-Domain Routing (CIDR) notation. AWS WAF supports all IPv4 and IPv6 CIDR ranges except for `/0` .\n\nExample address strings:\n\n- For requests that originated from the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- For requests that originated from IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n- For requests that originated from the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- For requests that originated from IP addresses 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .\n\nExample JSON `Addresses` specifications:\n\n- Empty array: `\"Addresses\": []`\n- Array with one address: `\"Addresses\": [\"192.0.2.44/32\"]`\n- Array with three addresses: `\"Addresses\": [\"192.0.2.44/32\", \"192.0.2.0/24\", \"192.0.0.0/16\"]`\n- INVALID specification: `\"Addresses\": [\"\"]` INVALID", - "title": "Addresses", - "type": "array" - }, - "Description": { - "markdownDescription": "A description of the IP set that helps with identification.", - "title": "Description", - "type": "string" - }, - "IPAddressVersion": { - "markdownDescription": "The version of the IP addresses, either `IPV4` or `IPV6` .", - "title": "IPAddressVersion", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the IP set. You cannot change the name of an `IPSet` after you create it.", - "title": "Name", - "type": "string" - }, - "Scope": { - "markdownDescription": "Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AWS AppSync GraphQL API, an Amazon Cognito user pool, an AWS App Runner service, or an AWS Verified Access instance. Valid Values are `CLOUDFRONT` and `REGIONAL` .\n\n> For `CLOUDFRONT` , you must create your WAFv2 resources in the US East (N. Virginia) Region, `us-east-1` .", - "title": "Scope", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.\n\n> To modify tags on existing resources, use the AWS WAF APIs or command line interface. With AWS CloudFormation , you can only add tags to AWS WAF resources during resource creation.", - "title": "Tags", - "type": "array" - } + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" }, - "required": [ - "Addresses", - "IPAddressVersion", - "Scope" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::WAFv2::IPSet" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", + "title": "TextTransformations", + "type": "array" } }, "required": [ - "Type", - "Properties" + "Arn", + "FieldToMatch", + "TextTransformations" ], "type": "object" }, - "AWS::WAFv2::LoggingConfiguration": { + "AWS::WAFv2::RuleGroup.Rule": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Action": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RuleAction", + "markdownDescription": "The action that AWS WAF should take on a web request when it matches the rule statement. Settings at the web ACL level can override the rule action setting.", + "title": "Action" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "CaptchaConfig": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CaptchaConfig", + "markdownDescription": "Specifies how AWS WAF should handle `CAPTCHA` evaluations. If you don't specify this, AWS WAF uses the `CAPTCHA` configuration that's defined for the web ACL.", + "title": "CaptchaConfig" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ChallengeConfig": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ChallengeConfig", + "markdownDescription": "Specifies how AWS WAF should handle `Challenge` evaluations. If you don't specify this, AWS WAF uses the challenge configuration that's defined for the web ACL.", + "title": "ChallengeConfig" }, - "Metadata": { - "type": "object" + "Name": { + "markdownDescription": "The name of the rule.\n\nIf you change the name of a `Rule` after you create it and you want the rule's metric name to reflect the change, update the metric name in the rule's `VisibilityConfig` settings. AWS WAF doesn't automatically update the metric name when you update the rule name.", + "title": "Name", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "LogDestinationConfigs": { - "items": { - "type": "string" - }, - "markdownDescription": "The logging destination configuration that you want to associate with the web ACL.\n\n> You can associate one logging destination to a web ACL.", - "title": "LogDestinationConfigs", - "type": "array" - }, - "LoggingFilter": { - "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.LoggingFilter", - "markdownDescription": "Filtering that specifies which web requests are kept in the logs and which are dropped. You can filter on the rule action and on the web request labels that were applied by matching rules during web ACL evaluation.", - "title": "LoggingFilter" - }, - "RedactedFields": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.FieldToMatch" - }, - "markdownDescription": "The parts of the request that you want to keep out of the logs.\n\nFor example, if you redact the `SingleHeader` field, the `HEADER` field in the logs will be `REDACTED` for all rules that use the `SingleHeader` `FieldToMatch` setting.\n\nIf you configure data protection for the web ACL, the protection applies to the data that AWS WAF sends to the logs.\n\nRedaction applies only to the component that's specified in the rule's `FieldToMatch` setting, so the `SingleHeader` redaction doesn't apply to rules that use the `Headers` `FieldToMatch` .\n\n> You can specify only the following fields for redaction: `UriPath` , `QueryString` , `SingleHeader` , and `Method` . > This setting has no impact on request sampling. You can only exclude fields from request sampling by disabling sampling in the web ACL visibility configuration or by configuring data protection for the web ACL.", - "title": "RedactedFields", - "type": "array" - }, - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the web ACL that you want to associate with `LogDestinationConfigs` .", - "title": "ResourceArn", - "type": "string" - } + "Priority": { + "markdownDescription": "If you define more than one `Rule` in a `WebACL` , AWS WAF evaluates each request against the `Rules` in order based on the value of `Priority` . AWS WAF processes rules with lower priority first. The priorities don't need to be consecutive, but they must all be different.", + "title": "Priority", + "type": "number" + }, + "RuleLabels": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Label" }, - "required": [ - "LogDestinationConfigs", - "ResourceArn" - ], - "type": "object" + "markdownDescription": "Labels to apply to web requests that match the rule match statement. AWS WAF applies fully qualified labels to matching web requests. A fully qualified label is the concatenation of a label namespace and a rule label. The rule's rule group or web ACL defines the label namespace.\n\n> Any rule that isn't a rule group reference statement or managed rule group statement can add labels to matching web requests. \n\nRules that run after this rule in the web ACL can match against these labels using a `LabelMatchStatement` .\n\nFor each label, provide a case-sensitive string containing optional namespaces and a label name, according to the following guidelines:\n\n- Separate each component of the label with a colon.\n- Each namespace or name can have up to 128 characters.\n- You can specify up to 5 namespaces in a label.\n- Don't use the following reserved words in your label specification: `aws` , `waf` , `managed` , `rulegroup` , `webacl` , `regexpatternset` , or `ipset` .\n\nFor example, `myLabelName` or `nameSpace1:nameSpace2:myLabelName` .", + "title": "RuleLabels", + "type": "array" }, - "Type": { - "enum": [ - "AWS::WAFv2::LoggingConfiguration" - ], - "type": "string" + "Statement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Statement", + "markdownDescription": "The AWS WAF processing statement for the rule, for example `ByteMatchStatement` or `SizeConstraintStatement` .", + "title": "Statement" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "VisibilityConfig": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.VisibilityConfig", + "markdownDescription": "Defines and enables Amazon CloudWatch metrics and web request sample collection.\n\nIf you change the name of a `Rule` after you create it and you want the rule's metric name to reflect the change, update the metric name as well. AWS WAF doesn't automatically update the metric name.", + "title": "VisibilityConfig" } }, "required": [ - "Type", - "Properties" + "Name", + "Priority", + "Statement", + "VisibilityConfig" ], "type": "object" }, - "AWS::WAFv2::LoggingConfiguration.ActionCondition": { + "AWS::WAFv2::RuleGroup.RuleAction": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The action setting that a log record must contain in order to meet the condition. This is the action that AWS WAF applied to the web request.\n\nFor rule groups, this is either the configured rule action setting, or if you've applied a rule action override to the rule, it's the override action. The value `EXCLUDED_AS_COUNT` matches on excluded rules and also on rules that have a rule action override of Count.", - "title": "Action", + "Allow": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.AllowAction", + "markdownDescription": "Instructs AWS WAF to allow the web request.", + "title": "Allow" + }, + "Block": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.BlockAction", + "markdownDescription": "Instructs AWS WAF to block the web request.", + "title": "Block" + }, + "Captcha": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CaptchaAction", + "markdownDescription": "Specifies that AWS WAF should run a `CAPTCHA` check against the request:\n\n- If the request includes a valid, unexpired `CAPTCHA` token, AWS WAF allows the web request inspection to proceed to the next rule, similar to a `CountAction` .\n- If the request doesn't include a valid, unexpired `CAPTCHA` token, AWS WAF discontinues the web ACL evaluation of the request and blocks it from going to its intended destination.\n\nAWS WAF generates a response that it sends back to the client, which includes the following:\n\n- The header `x-amzn-waf-action` with a value of `captcha` .\n- The HTTP status code `405 Method Not Allowed` .\n- If the request contains an `Accept` header with a value of `text/html` , the response includes a `CAPTCHA` challenge.\n\nYou can configure the expiration time in the `CaptchaConfig` `ImmunityTimeProperty` setting at the rule and web ACL level. The rule setting overrides the web ACL setting.\n\nThis action option is available for rules. It isn't available for web ACL default actions.", + "title": "Captcha" + }, + "Challenge": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ChallengeAction", + "markdownDescription": "Instructs AWS WAF to run a `Challenge` check against the web request.", + "title": "Challenge" + }, + "Count": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CountAction", + "markdownDescription": "Instructs AWS WAF to count the web request and then continue evaluating the request using the remaining rules in the web ACL.", + "title": "Count" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.SingleHeader": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the query header to inspect.", + "title": "Name", "type": "string" } }, "required": [ - "Action" + "Name" ], "type": "object" }, - "AWS::WAFv2::LoggingConfiguration.Condition": { + "AWS::WAFv2::RuleGroup.SingleQueryArgument": { "additionalProperties": false, "properties": { - "ActionCondition": { - "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.ActionCondition", - "markdownDescription": "A single action condition. This is the action setting that a log record must contain in order to meet the condition.", - "title": "ActionCondition" - }, - "LabelNameCondition": { - "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.LabelNameCondition", - "markdownDescription": "A single label name condition. This is the fully qualified label name that a log record must contain in order to meet the condition. Fully qualified labels have a prefix, optional namespaces, and label name. The prefix identifies the rule group or web ACL context of the rule that added the label.", - "title": "LabelNameCondition" + "Name": { + "markdownDescription": "The name of the query argument to inspect.", + "title": "Name", + "type": "string" } }, + "required": [ + "Name" + ], "type": "object" }, - "AWS::WAFv2::LoggingConfiguration.FieldToMatch": { + "AWS::WAFv2::RuleGroup.SizeConstraintStatement": { "additionalProperties": false, "properties": { - "Method": { - "markdownDescription": "Redact the indicated HTTP method. The method indicates the type of operation that the request is asking the origin to perform.", - "title": "Method", - "type": "object" + "ComparisonOperator": { + "markdownDescription": "The operator to use to compare the request part to the size setting.", + "title": "ComparisonOperator", + "type": "string" }, - "QueryString": { - "markdownDescription": "Redact the query string. This is the part of a URL that appears after a `?` character, if any.", - "title": "QueryString", - "type": "object" + "FieldToMatch": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.FieldToMatch", + "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", + "title": "FieldToMatch" }, - "SingleHeader": { - "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.SingleHeader", - "markdownDescription": "Redact a single header. Provide the name of the header to inspect, for example, `User-Agent` or `Referer` . This setting isn't case sensitive.\n\nExample JSON: `\"SingleHeader\": { \"Name\": \"haystack\" }`", - "title": "SingleHeader" + "Size": { + "markdownDescription": "The size, in byte, to compare to the request part, after any transformations.", + "title": "Size", + "type": "number" }, - "UriPath": { - "markdownDescription": "Redact the request URI path. This is the part of the web request that identifies a resource, for example, `/images/daily-ad.jpg` .", - "title": "UriPath", - "type": "object" + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + }, + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", + "title": "TextTransformations", + "type": "array" } }, + "required": [ + "ComparisonOperator", + "FieldToMatch", + "Size", + "TextTransformations" + ], "type": "object" }, - "AWS::WAFv2::LoggingConfiguration.Filter": { + "AWS::WAFv2::RuleGroup.SqliMatchStatement": { "additionalProperties": false, "properties": { - "Behavior": { - "markdownDescription": "How to handle logs that satisfy the filter's conditions and requirement.", - "title": "Behavior", + "FieldToMatch": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.FieldToMatch", + "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", + "title": "FieldToMatch" + }, + "SensitivityLevel": { + "markdownDescription": "The sensitivity that you want AWS WAF to use to inspect for SQL injection attacks.\n\n`HIGH` detects more attacks, but might generate more false positives, especially if your web requests frequently contain unusual strings. For information about identifying and mitigating false positives, see [Testing and tuning](https://docs.aws.amazon.com/waf/latest/developerguide/web-acl-testing.html) in the *AWS WAF Developer Guide* .\n\n`LOW` is generally a better choice for resources that already have other protections against SQL injection attacks or that have a low tolerance for false positives.\n\nDefault: `LOW`", + "title": "SensitivityLevel", "type": "string" }, - "Conditions": { + "TextTransformations": { "items": { - "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.Condition" + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" }, - "markdownDescription": "Match conditions for the filter.", - "title": "Conditions", + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", + "title": "TextTransformations", "type": "array" - }, - "Requirement": { - "markdownDescription": "Logic to apply to the filtering conditions. You can specify that, in order to satisfy the filter, a log must match all conditions or must match at least one condition.", - "title": "Requirement", - "type": "string" } }, "required": [ - "Behavior", - "Conditions", - "Requirement" + "FieldToMatch", + "TextTransformations" ], "type": "object" }, - "AWS::WAFv2::LoggingConfiguration.LabelNameCondition": { + "AWS::WAFv2::RuleGroup.Statement": { "additionalProperties": false, "properties": { - "LabelName": { - "markdownDescription": "The label name that a log record must contain in order to meet the condition. This must be a fully qualified label name. Fully qualified labels have a prefix, optional namespaces, and label name. The prefix identifies the rule group or web ACL context of the rule that added the label.", - "title": "LabelName", - "type": "string" + "AndStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.AndStatement", + "markdownDescription": "A logical rule statement used to combine other rule statements with AND logic. You provide more than one `Statement` within the `AndStatement` .", + "title": "AndStatement" + }, + "AsnMatchStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.AsnMatchStatement", + "markdownDescription": "A rule statement that inspects web traffic based on the Autonomous System Number (ASN) associated with the request's IP address.\n\nFor additional details, see [ASN match rule statement](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-type-asn-match.html) in the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html) .", + "title": "AsnMatchStatement" + }, + "ByteMatchStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ByteMatchStatement", + "markdownDescription": "A rule statement that defines a string match search for AWS WAF to apply to web requests. The byte match statement provides the bytes to search for, the location in requests that you want AWS WAF to search, and other settings. The bytes to search for are typically a string that corresponds with ASCII characters. In the AWS WAF console and the developer guide, this is called a string match statement.", + "title": "ByteMatchStatement" + }, + "GeoMatchStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.GeoMatchStatement", + "markdownDescription": "A rule statement that labels web requests by country and region and that matches against web requests based on country code. A geo match rule labels every request that it inspects regardless of whether it finds a match.\n\n- To manage requests only by country, you can use this statement by itself and specify the countries that you want to match against in the `CountryCodes` array.\n- Otherwise, configure your geo match rule with Count action so that it only labels requests. Then, add one or more label match rules to run after the geo match rule and configure them to match against the geographic labels and handle the requests as needed.\n\nAWS WAF labels requests using the alpha-2 country and region codes from the International Organization for Standardization (ISO) 3166 standard. AWS WAF determines the codes using either the IP address in the web request origin or, if you specify it, the address in the geo match `ForwardedIPConfig` .\n\nIf you use the web request origin, the label formats are `awswaf:clientip:geo:region:-` and `awswaf:clientip:geo:country:` .\n\nIf you use a forwarded IP address, the label formats are `awswaf:forwardedip:geo:region:-` and `awswaf:forwardedip:geo:country:` .\n\nFor additional details, see [Geographic match rule statement](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-type-geo-match.html) in the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html) .", + "title": "GeoMatchStatement" + }, + "IPSetReferenceStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.IPSetReferenceStatement", + "markdownDescription": "A rule statement used to detect web requests coming from particular IP addresses or address ranges. To use this, create an `IPSet` that specifies the addresses you want to detect, then use the ARN of that set in this statement.\n\nEach IP set rule statement references an IP set. You create and maintain the set independent of your rules. This allows you to use the single set in multiple rules. When you update the referenced set, AWS WAF automatically updates all rules that reference it.", + "title": "IPSetReferenceStatement" + }, + "LabelMatchStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.LabelMatchStatement", + "markdownDescription": "A rule statement to match against labels that have been added to the web request by rules that have already run in the web ACL.\n\nThe label match statement provides the label or namespace string to search for. The label string can represent a part or all of the fully qualified label name that had been added to the web request. Fully qualified labels have a prefix, optional namespaces, and label name. The prefix identifies the rule group or web ACL context of the rule that added the label. If you do not provide the fully qualified name in your label match string, AWS WAF performs the search for labels that were added in the same context as the label match statement.", + "title": "LabelMatchStatement" + }, + "NotStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.NotStatement", + "markdownDescription": "A logical rule statement used to negate the results of another rule statement. You provide one `Statement` within the `NotStatement` .", + "title": "NotStatement" + }, + "OrStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.OrStatement", + "markdownDescription": "A logical rule statement used to combine other rule statements with OR logic. You provide more than one `Statement` within the `OrStatement` .", + "title": "OrStatement" + }, + "RateBasedStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateBasedStatement", + "markdownDescription": "A rate-based rule counts incoming requests and rate limits requests when they are coming at too fast a rate. The rule categorizes requests according to your aggregation criteria, collects them into aggregation instances, and counts and rate limits the requests for each instance.\n\n> If you change any of these settings in a rule that's currently in use, the change resets the rule's rate limiting counts. This can pause the rule's rate limiting activities for up to a minute. \n\nYou can specify individual aggregation keys, like IP address or HTTP method. You can also specify aggregation key combinations, like IP address and HTTP method, or HTTP method, query argument, and cookie.\n\nEach unique set of values for the aggregation keys that you specify is a separate aggregation instance, with the value from each key contributing to the aggregation instance definition.\n\nFor example, assume the rule evaluates web requests with the following IP address and HTTP method values:\n\n- IP address 10.1.1.1, HTTP method POST\n- IP address 10.1.1.1, HTTP method GET\n- IP address 127.0.0.0, HTTP method POST\n- IP address 10.1.1.1, HTTP method GET\n\nThe rule would create different aggregation instances according to your aggregation criteria, for example:\n\n- If the aggregation criteria is just the IP address, then each individual address is an aggregation instance, and AWS WAF counts requests separately for each. The aggregation instances and request counts for our example would be the following:\n\n- IP address 10.1.1.1: count 3\n- IP address 127.0.0.0: count 1\n- If the aggregation criteria is HTTP method, then each individual HTTP method is an aggregation instance. The aggregation instances and request counts for our example would be the following:\n\n- HTTP method POST: count 2\n- HTTP method GET: count 2\n- If the aggregation criteria is IP address and HTTP method, then each IP address and each HTTP method would contribute to the combined aggregation instance. The aggregation instances and request counts for our example would be the following:\n\n- IP address 10.1.1.1, HTTP method POST: count 1\n- IP address 10.1.1.1, HTTP method GET: count 2\n- IP address 127.0.0.0, HTTP method POST: count 1\n\nFor any n-tuple of aggregation keys, each unique combination of values for the keys defines a separate aggregation instance, which AWS WAF counts and rate-limits individually.\n\nYou can optionally nest another statement inside the rate-based statement, to narrow the scope of the rule so that it only counts and rate limits requests that match the nested statement. You can use this nested scope-down statement in conjunction with your aggregation key specifications or you can just count and rate limit all requests that match the scope-down statement, without additional aggregation. When you choose to just manage all requests that match a scope-down statement, the aggregation instance is singular for the rule.\n\nYou cannot nest a `RateBasedStatement` inside another statement, for example inside a `NotStatement` or `OrStatement` . You can define a `RateBasedStatement` inside a web ACL and inside a rule group.\n\nFor additional information about the options, see [Rate limiting web requests using rate-based rules](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rate-based-rules.html) in the *AWS WAF Developer Guide* .\n\nIf you only aggregate on the individual IP address or forwarded IP address, you can retrieve the list of IP addresses that AWS WAF is currently rate limiting for a rule through the API call `GetRateBasedStatementManagedKeys` . This option is not available for other aggregation configurations.\n\nAWS WAF tracks and manages web requests separately for each instance of a rate-based rule that you use. For example, if you provide the same rate-based rule settings in two web ACLs, each of the two rule statements represents a separate instance of the rate-based rule and gets its own tracking and management by AWS WAF . If you define a rate-based rule inside a rule group, and then use that rule group in multiple places, each use creates a separate instance of the rate-based rule that gets its own tracking and management by AWS WAF .", + "title": "RateBasedStatement" + }, + "RegexMatchStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RegexMatchStatement", + "markdownDescription": "A rule statement used to search web request components for a match against a single regular expression.", + "title": "RegexMatchStatement" + }, + "RegexPatternSetReferenceStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RegexPatternSetReferenceStatement", + "markdownDescription": "A rule statement used to search web request components for matches with regular expressions. To use this, create a `RegexPatternSet` that specifies the expressions that you want to detect, then use the ARN of that set in this statement. A web request matches the pattern set rule statement if the request component matches any of the patterns in the set.\n\nEach regex pattern set rule statement references a regex pattern set. You create and maintain the set independent of your rules. This allows you to use the single set in multiple rules. When you update the referenced set, AWS WAF automatically updates all rules that reference it.", + "title": "RegexPatternSetReferenceStatement" + }, + "SizeConstraintStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.SizeConstraintStatement", + "markdownDescription": "A rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (>) or less than (<). For example, you can use a size constraint statement to look for query strings that are longer than 100 bytes.\n\nIf you configure AWS WAF to inspect the request body, AWS WAF inspects only the number of bytes in the body up to the limit for the web ACL and protected resource type. If you know that the request body for your web requests should never exceed the inspection limit, you can use a size constraint statement to block requests that have a larger request body size. For more information about the inspection limits, see `Body` and `JsonBody` settings for the `FieldToMatch` data type.\n\nIf you choose URI for the value of Part of the request to filter on, the slash (/) in the URI counts as one character. For example, the URI `/logo.jpg` is nine characters long.", + "title": "SizeConstraintStatement" + }, + "SqliMatchStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.SqliMatchStatement", + "markdownDescription": "A rule statement that inspects for malicious SQL code. Attackers insert malicious SQL code into web requests to do things like modify your database or extract data from it.", + "title": "SqliMatchStatement" + }, + "XssMatchStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.XssMatchStatement", + "markdownDescription": "A rule statement that inspects for cross-site scripting (XSS) attacks. In XSS attacks, the attacker uses vulnerabilities in a benign website as a vehicle to inject malicious client-site scripts into other legitimate web browsers.", + "title": "XssMatchStatement" } }, - "required": [ - "LabelName" - ], "type": "object" }, - "AWS::WAFv2::LoggingConfiguration.LoggingFilter": { + "AWS::WAFv2::RuleGroup.TextTransformation": { "additionalProperties": false, "properties": { - "DefaultBehavior": { - "markdownDescription": "Default handling for logs that don't match any of the specified filtering conditions.", - "title": "DefaultBehavior", - "type": "string" + "Priority": { + "markdownDescription": "Sets the relative processing order for multiple transformations. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content. The priorities don't need to be consecutive, but they must all be different.", + "title": "Priority", + "type": "number" }, - "Filters": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.Filter" - }, - "markdownDescription": "The filters that you want to apply to the logs.", - "title": "Filters", - "type": "array" + "Type": { + "markdownDescription": "For detailed descriptions of each of the transformation types, see [Text transformations](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-transformation.html) in the *AWS WAF Developer Guide* .", + "title": "Type", + "type": "string" } }, "required": [ - "DefaultBehavior", - "Filters" + "Priority", + "Type" ], "type": "object" }, - "AWS::WAFv2::LoggingConfiguration.SingleHeader": { + "AWS::WAFv2::RuleGroup.UriFragment": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the query header to inspect.", - "title": "Name", + "FallbackBehavior": { + "markdownDescription": "What AWS WAF should do if it fails to completely parse the JSON body. The options are the following:\n\n- `EVALUATE_AS_STRING` - Inspect the body as plain text. AWS WAF applies the text transformations and inspection criteria that you defined for the JSON inspection to the body text string.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.\n\nIf you don't provide this setting, AWS WAF parses and evaluates the content only up to the first parsing failure that it encounters.\n\nExample JSON: `{ \"UriFragment\": { \"FallbackBehavior\": \"MATCH\"} }`\n\n> AWS WAF parsing doesn't fully validate the input JSON string, so parsing can succeed even for invalid JSON. When parsing succeeds, AWS WAF doesn't apply the fallback behavior. For more information, see [JSON body](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-fields-list.html#waf-rule-statement-request-component-json-body) in the *AWS WAF Developer Guide* .", + "title": "FallbackBehavior", "type": "string" } }, - "required": [ - "Name" - ], "type": "object" }, - "AWS::WAFv2::RegexPatternSet": { + "AWS::WAFv2::RuleGroup.VisibilityConfig": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "CloudWatchMetricsEnabled": { + "markdownDescription": "Indicates whether the associated resource sends metrics to Amazon CloudWatch. For the list of available metrics, see [AWS WAF Metrics](https://docs.aws.amazon.com/waf/latest/developerguide/monitoring-cloudwatch.html#waf-metrics) in the *AWS WAF Developer Guide* .\n\nFor web ACLs, the metrics are for web requests that have the web ACL default action applied. AWS WAF applies the default action to web requests that pass the inspection of all rules in the web ACL without being either allowed or blocked. For more information,\nsee [The web ACL default action](https://docs.aws.amazon.com/waf/latest/developerguide/web-acl-default-action.html) in the *AWS WAF Developer Guide* .", + "title": "CloudWatchMetricsEnabled", + "type": "boolean" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "MetricName": { + "markdownDescription": "A name of the Amazon CloudWatch metric dimension. The name can contain only the characters: A-Z, a-z, 0-9, - (hyphen), and _ (underscore). The name can be from one to 128 characters long. It can't contain whitespace or metric names that are reserved for AWS WAF , for example `All` and `Default_Action` .", + "title": "MetricName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "SampledRequestsEnabled": { + "markdownDescription": "Indicates whether AWS WAF should store a sampling of the web requests that match the rules. You can view the sampled requests through the AWS WAF console.\n\nIf you configure data protection for the web ACL, the protection applies to the web ACL's sampled web request data.\n\n> Request sampling doesn't provide a field redaction option, and any field redaction that you specify in your logging configuration doesn't affect sampling. You can only exclude fields from request sampling by disabling sampling in the web ACL visibility configuration or by configuring data protection for the web ACL.", + "title": "SampledRequestsEnabled", + "type": "boolean" + } + }, + "required": [ + "CloudWatchMetricsEnabled", + "MetricName", + "SampledRequestsEnabled" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.XssMatchStatement": { + "additionalProperties": false, + "properties": { + "FieldToMatch": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.FieldToMatch", + "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", + "title": "FieldToMatch" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description of the set that helps with identification.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the set. You cannot change the name after you create the set.", - "title": "Name", - "type": "string" - }, - "RegularExpressionList": { - "items": { - "type": "string" - }, - "markdownDescription": "The regular expression patterns in the set.", - "title": "RegularExpressionList", - "type": "array" - }, - "Scope": { - "markdownDescription": "Specifies whether this is for an Amazon CloudFront distribution or for a regional application. For an AWS Amplify application, use `CLOUDFRONT` . A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AWS AppSync GraphQL API, an Amazon Cognito user pool, an AWS App Runner service, or an AWS Verified Access instance. Valid Values are `CLOUDFRONT` and `REGIONAL` .\n\n> For `CLOUDFRONT` , you must create your WAFv2 resources in the US East (N. Virginia) Region, `us-east-1` .", - "title": "Scope", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.\n\n> To modify tags on existing resources, use the AWS WAF APIs or command line interface. With AWS CloudFormation , you can only add tags to AWS WAF resources during resource creation.", - "title": "Tags", - "type": "array" - } + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" }, - "required": [ - "RegularExpressionList", - "Scope" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::WAFv2::RegexPatternSet" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", + "title": "TextTransformations", + "type": "array" } }, "required": [ - "Type", - "Properties" + "FieldToMatch", + "TextTransformations" ], "type": "object" }, - "AWS::WAFv2::RuleGroup": { + "AWS::WAFv2::WebACL": { "additionalProperties": false, "properties": { "Condition": { @@ -268061,58 +319580,67 @@ "Properties": { "additionalProperties": false, "properties": { - "AvailableLabels": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.LabelSummary" - }, - "markdownDescription": "The labels that one or more rules in this rule group add to matching web requests. These labels are defined in the `RuleLabels` for a `Rule` .", - "title": "AvailableLabels", - "type": "array" + "AssociationConfig": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.AssociationConfig", + "markdownDescription": "Specifies custom configurations for the associations between the web ACL and protected resources.\n\nUse this to customize the maximum size of the request body that your protected resources forward to AWS WAF for inspection. You can customize this setting for CloudFront, API Gateway, Amazon Cognito, App Runner, or Verified Access resources. The default setting is 16 KB (16,384 bytes).\n\n> You are charged additional fees when your protected resources forward body sizes that are larger than the default. For more information, see [AWS WAF Pricing](https://docs.aws.amazon.com/waf/pricing/) . \n\nFor Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).", + "title": "AssociationConfig" }, - "Capacity": { - "markdownDescription": "The web ACL capacity units (WCUs) required for this rule group.\n\nWhen you create your own rule group, you define this, and you cannot change it after creation. When you add or modify the rules in a rule group, AWS WAF enforces this limit.\n\nAWS WAF uses WCUs to calculate and control the operating resources that are used to run your rules, rule groups, and web ACLs. AWS WAF calculates capacity differently for each rule type, to reflect the relative cost of each rule. Simple rules that cost little to run use fewer WCUs than more complex rules that use more processing power. Rule group capacity is fixed at creation, which helps users plan their web ACL WCU usage when they use a rule group. The WCU limit for web ACLs is 1,500.", - "title": "Capacity", - "type": "number" + "CaptchaConfig": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.CaptchaConfig", + "markdownDescription": "Specifies how AWS WAF should handle `CAPTCHA` evaluations for rules that don't have their own `CaptchaConfig` settings. If you don't specify this, AWS WAF uses its default settings for `CaptchaConfig` .", + "title": "CaptchaConfig" }, - "ConsumedLabels": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.LabelSummary" - }, - "markdownDescription": "The labels that one or more rules in this rule group match against in label match statements. These labels are defined in a `LabelMatchStatement` specification, in the `Statement` definition of a rule.", - "title": "ConsumedLabels", - "type": "array" + "ChallengeConfig": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ChallengeConfig", + "markdownDescription": "Specifies how AWS WAF should handle challenge evaluations for rules that don't have their own `ChallengeConfig` settings. If you don't specify this, AWS WAF uses its default settings for `ChallengeConfig` .", + "title": "ChallengeConfig" }, "CustomResponseBodies": { "additionalProperties": false, - "markdownDescription": "A map of custom response keys and content bodies. When you create a rule with a block action, you can send a custom response to the web request. You define these for the rule group, and then use them in the rules that you define in the rule group.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", + "markdownDescription": "A map of custom response keys and content bodies. When you create a rule with a block action, you can send a custom response to the web request. You define these for the web ACL, and then use them in the rules and default actions that you define in the web ACL.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", "patternProperties": { "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomResponseBody" + "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomResponseBody" } }, "title": "CustomResponseBodies", "type": "object" }, + "DataProtectionConfig": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.DataProtectionConfig", + "markdownDescription": "Specifies data protection to apply to the web request data for the web ACL. This is a web ACL level data protection option.\n\nThe data protection that you configure for the web ACL alters the data that's available for any other data collection activity, including your AWS WAF logging destinations, web ACL request sampling, and Amazon Security Lake data collection and management. Your other option for data protection is in the logging configuration, which only affects logging.", + "title": "DataProtectionConfig" + }, + "DefaultAction": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.DefaultAction", + "markdownDescription": "The action to perform if none of the `Rules` contained in the `WebACL` match.", + "title": "DefaultAction" + }, "Description": { - "markdownDescription": "A description of the rule group that helps with identification.", + "markdownDescription": "A description of the web ACL that helps with identification.", "title": "Description", "type": "string" }, "Name": { - "markdownDescription": "The name of the rule group. You cannot change the name of a rule group after you create it.", + "markdownDescription": "The name of the web ACL. You cannot change the name of a web ACL after you create it.", "title": "Name", "type": "string" }, + "OnSourceDDoSProtectionConfig": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.OnSourceDDoSProtectionConfig", + "markdownDescription": "Configures the level of DDoS protection that applies to web ACLs associated with Application Load Balancers.", + "title": "OnSourceDDoSProtectionConfig" + }, "Rules": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Rule" + "$ref": "#/definitions/AWS::WAFv2::WebACL.Rule" }, - "markdownDescription": "The rule statements used to identify the web requests that you want to allow, block, or count. Each rule includes one top-level statement that AWS WAF uses to identify matching web requests, and parameters that govern how AWS WAF handles them.", + "markdownDescription": "The rule statements used to identify the web requests that you want to manage. Each rule includes one top-level statement that AWS WAF uses to identify matching web requests, and parameters that govern how AWS WAF handles them.", "title": "Rules", "type": "array" }, "Scope": { - "markdownDescription": "Specifies whether this is for an Amazon CloudFront distribution or for a regional application. For an AWS Amplify application, use `CLOUDFRONT` . A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AWS AppSync GraphQL API, an Amazon Cognito user pool, an AWS App Runner service, or an AWS Verified Access instance. Valid Values are `CLOUDFRONT` and `REGIONAL` .\n\n> For `CLOUDFRONT` , you must create your WAFv2 resources in the US East (N. Virginia) Region, `us-east-1` .", + "markdownDescription": "Specifies whether this is for an Amazon CloudFront distribution or for a regional application. For an AWS Amplify application, use `CLOUDFRONT` . A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AWS AppSync GraphQL API, an Amazon Cognito user pool, an AWS App Runner service, or an AWS Verified Access instance. Valid Values are `CLOUDFRONT` and `REGIONAL` .\n\n> For `CLOUDFRONT` , you must create your WAFv2 resources in the US East (N. Virginia) Region, `us-east-1` . \n\nFor information about how to define the association of the web ACL with your resource, see `WebACLAssociation` .", "title": "Scope", "type": "string" }, @@ -268124,14 +319652,22 @@ "title": "Tags", "type": "array" }, + "TokenDomains": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the domains that AWS WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When AWS WAF provides a token, it uses the domain of the AWS resource that the web ACL is protecting. If you don't specify a list of token domains, AWS WAF accepts tokens only for the domain of the protected resource. With a token domain list, AWS WAF accepts the resource's host domain plus all domains in the token domain list, including their prefixed subdomains.", + "title": "TokenDomains", + "type": "array" + }, "VisibilityConfig": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.VisibilityConfig", + "$ref": "#/definitions/AWS::WAFv2::WebACL.VisibilityConfig", "markdownDescription": "Defines and enables Amazon CloudWatch metrics and web request sample collection.", "title": "VisibilityConfig" } }, "required": [ - "Capacity", + "DefaultAction", "Scope", "VisibilityConfig" ], @@ -268139,7 +319675,7 @@ }, "Type": { "enum": [ - "AWS::WAFv2::RuleGroup" + "AWS::WAFv2::WebACL" ], "type": "string" }, @@ -268158,23 +319694,126 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.AllowAction": { + "AWS::WAFv2::WebACL.AWSManagedRulesACFPRuleSet": { + "additionalProperties": false, + "properties": { + "CreationPath": { + "markdownDescription": "The path of the account creation endpoint for your application. This is the page on your website that accepts the completed registration form for a new user. This page must accept `POST` requests.\n\nFor example, for the URL `https://example.com/web/newaccount` , you would provide the path `/web/newaccount` . Account creation page paths that start with the path that you provide are considered a match. For example `/web/newaccount` matches the account creation paths `/web/newaccount` , `/web/newaccount/` , `/web/newaccountPage` , and `/web/newaccount/thisPage` , but doesn't match the path `/home/web/newaccount` or `/website/newaccount` .", + "title": "CreationPath", + "type": "string" + }, + "EnableRegexInPath": { + "markdownDescription": "Allow the use of regular expressions in the registration page path and the account creation path.", + "title": "EnableRegexInPath", + "type": "boolean" + }, + "RegistrationPagePath": { + "markdownDescription": "The path of the account registration endpoint for your application. This is the page on your website that presents the registration form to new users.\n\n> This page must accept `GET` text/html requests. \n\nFor example, for the URL `https://example.com/web/registration` , you would provide the path `/web/registration` . Registration page paths that start with the path that you provide are considered a match. For example `/web/registration` matches the registration paths `/web/registration` , `/web/registration/` , `/web/registrationPage` , and `/web/registration/thisPage` , but doesn't match the path `/home/web/registration` or `/website/registration` .", + "title": "RegistrationPagePath", + "type": "string" + }, + "RequestInspection": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.RequestInspectionACFP", + "markdownDescription": "The criteria for inspecting account creation requests, used by the ACFP rule group to validate and track account creation attempts.", + "title": "RequestInspection" + }, + "ResponseInspection": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspection", + "markdownDescription": "The criteria for inspecting responses to account creation requests, used by the ACFP rule group to track account creation success rates.\n\n> Response inspection is available only in web ACLs that protect Amazon CloudFront distributions. \n\nThe ACFP rule group evaluates the responses that your protected resources send back to client account creation attempts, keeping count of successful and failed attempts from each IP address and client session. Using this information, the rule group labels and mitigates requests from client sessions and IP addresses that have had too many successful account creation attempts in a short amount of time.", + "title": "ResponseInspection" + } + }, + "required": [ + "CreationPath", + "RegistrationPagePath", + "RequestInspection" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.AWSManagedRulesATPRuleSet": { + "additionalProperties": false, + "properties": { + "EnableRegexInPath": { + "markdownDescription": "Allow the use of regular expressions in the login page path.", + "title": "EnableRegexInPath", + "type": "boolean" + }, + "LoginPath": { + "markdownDescription": "The path of the login endpoint for your application. For example, for the URL `https://example.com/web/login` , you would provide the path `/web/login` . Login paths that start with the path that you provide are considered a match. For example `/web/login` matches the login paths `/web/login` , `/web/login/` , `/web/loginPage` , and `/web/login/thisPage` , but doesn't match the login path `/home/web/login` or `/website/login` .\n\nThe rule group inspects only HTTP `POST` requests to your specified login endpoint.", + "title": "LoginPath", + "type": "string" + }, + "RequestInspection": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.RequestInspection", + "markdownDescription": "The criteria for inspecting login requests, used by the ATP rule group to validate credentials usage.", + "title": "RequestInspection" + }, + "ResponseInspection": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspection", + "markdownDescription": "The criteria for inspecting responses to login requests, used by the ATP rule group to track login failure rates.\n\n> Response inspection is available only in web ACLs that protect Amazon CloudFront distributions. \n\nThe ATP rule group evaluates the responses that your protected resources send back to client login attempts, keeping count of successful and failed attempts for each IP address and client session. Using this information, the rule group labels and mitigates requests from client sessions and IP addresses that have had too many failed login attempts in a short amount of time.", + "title": "ResponseInspection" + } + }, + "required": [ + "LoginPath" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.AWSManagedRulesAntiDDoSRuleSet": { + "additionalProperties": false, + "properties": { + "ClientSideActionConfig": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ClientSideActionConfig", + "markdownDescription": "Configures the request handling that's applied by the managed rule group rules `ChallengeAllDuringEvent` and `ChallengeDDoSRequests` during a distributed denial of service (DDoS) attack.", + "title": "ClientSideActionConfig" + }, + "SensitivityToBlock": { + "markdownDescription": "The sensitivity that the rule group rule `DDoSRequests` uses when matching against the DDoS suspicion labeling on a request. The managed rule group adds the labeling during DDoS events, before the `DDoSRequests` rule runs.\n\nThe higher the sensitivity, the more levels of labeling that the rule matches:\n\n- Low sensitivity is less sensitive, causing the rule to match only on the most likely participants in an attack, which are the requests with the high suspicion label `awswaf:managed:aws:anti-ddos:high-suspicion-ddos-request` .\n- Medium sensitivity causes the rule to match on the medium and high suspicion labels.\n- High sensitivity causes the rule to match on all of the suspicion labels: low, medium, and high.\n\nDefault: `LOW`", + "title": "SensitivityToBlock", + "type": "string" + } + }, + "required": [ + "ClientSideActionConfig" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.AWSManagedRulesBotControlRuleSet": { + "additionalProperties": false, + "properties": { + "EnableMachineLearning": { + "markdownDescription": "Applies only to the targeted inspection level.\n\nDetermines whether to use machine learning (ML) to analyze your web traffic for bot-related activity. Machine learning is required for the Bot Control rules `TGT_ML_CoordinatedActivityLow` and `TGT_ML_CoordinatedActivityMedium` , which\ninspect for anomalous behavior that might indicate distributed, coordinated bot activity.\n\nFor more information about this choice, see the listing for these rules in the table at [Bot Control rules listing](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html#aws-managed-rule-groups-bot-rules) in the *AWS WAF Developer Guide* .\n\nDefault: `TRUE`", + "title": "EnableMachineLearning", + "type": "boolean" + }, + "InspectionLevel": { + "markdownDescription": "The inspection level to use for the Bot Control rule group. The common level is the least expensive. The targeted level includes all common level rules and adds rules with more advanced inspection criteria. For details, see [AWS WAF Bot Control rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html) in the *AWS WAF Developer Guide* .", + "title": "InspectionLevel", + "type": "string" + } + }, + "required": [ + "InspectionLevel" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.AllowAction": { "additionalProperties": false, "properties": { "CustomRequestHandling": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomRequestHandling", + "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomRequestHandling", "markdownDescription": "Defines custom handling for the web request.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", "title": "CustomRequestHandling" } }, "type": "object" }, - "AWS::WAFv2::RuleGroup.AndStatement": { + "AWS::WAFv2::WebACL.AndStatement": { "additionalProperties": false, "properties": { "Statements": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Statement" + "$ref": "#/definitions/AWS::WAFv2::WebACL.Statement" }, "markdownDescription": "The statements to combine with AND logic. You can use any statements that can be nested.", "title": "Statements", @@ -268186,18 +319825,54 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.BlockAction": { + "AWS::WAFv2::WebACL.AsnMatchStatement": { + "additionalProperties": false, + "properties": { + "AsnList": { + "items": { + "type": "number" + }, + "markdownDescription": "Contains one or more Autonomous System Numbers (ASNs). ASNs are unique identifiers assigned to large internet networks managed by organizations such as internet service providers, enterprises, universities, or government agencies.", + "title": "AsnList", + "type": "array" + }, + "ForwardedIPConfig": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ForwardedIPConfiguration", + "markdownDescription": "The configuration for inspecting IP addresses to match against an ASN in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.", + "title": "ForwardedIPConfig" + } + }, + "type": "object" + }, + "AWS::WAFv2::WebACL.AssociationConfig": { + "additionalProperties": false, + "properties": { + "RequestBody": { + "additionalProperties": false, + "markdownDescription": "Customizes the maximum size of the request body that your protected CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access resources forward to AWS WAF for inspection. The default size is 16 KB (16,384 bytes). You can change the setting for any of the available resource types.\n\n> You are charged additional fees when your protected resources forward body sizes that are larger than the default. For more information, see [AWS WAF Pricing](https://docs.aws.amazon.com/waf/pricing/) . \n\nExample JSON: `{ \"API_GATEWAY\": \"KB_48\", \"APP_RUNNER_SERVICE\": \"KB_32\" }`\n\nFor Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.RequestBodyAssociatedResourceTypeConfig" + } + }, + "title": "RequestBody", + "type": "object" + } + }, + "type": "object" + }, + "AWS::WAFv2::WebACL.BlockAction": { "additionalProperties": false, "properties": { "CustomResponse": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomResponse", + "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomResponse", "markdownDescription": "Defines a custom response for the web request.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", "title": "CustomResponse" } }, "type": "object" }, - "AWS::WAFv2::RuleGroup.Body": { + "AWS::WAFv2::WebACL.Body": { "additionalProperties": false, "properties": { "OversizeHandling": { @@ -268208,11 +319883,11 @@ }, "type": "object" }, - "AWS::WAFv2::RuleGroup.ByteMatchStatement": { + "AWS::WAFv2::WebACL.ByteMatchStatement": { "additionalProperties": false, "properties": { "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.FieldToMatch", + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToMatch", "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", "title": "FieldToMatch" }, @@ -268233,7 +319908,7 @@ }, "TextTransformations": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", "title": "TextTransformations", @@ -268247,51 +319922,92 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.CaptchaAction": { + "AWS::WAFv2::WebACL.CaptchaAction": { "additionalProperties": false, "properties": { "CustomRequestHandling": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomRequestHandling", + "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomRequestHandling", "markdownDescription": "Defines custom handling for the web request, used when the `CAPTCHA` inspection determines that the request's token is valid and unexpired.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", "title": "CustomRequestHandling" } }, "type": "object" }, - "AWS::WAFv2::RuleGroup.CaptchaConfig": { + "AWS::WAFv2::WebACL.CaptchaConfig": { "additionalProperties": false, "properties": { "ImmunityTimeProperty": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ImmunityTimeProperty", + "$ref": "#/definitions/AWS::WAFv2::WebACL.ImmunityTimeProperty", "markdownDescription": "Determines how long a `CAPTCHA` timestamp in the token remains valid after the client successfully solves a `CAPTCHA` puzzle.", "title": "ImmunityTimeProperty" } }, "type": "object" }, - "AWS::WAFv2::RuleGroup.ChallengeAction": { + "AWS::WAFv2::WebACL.ChallengeAction": { "additionalProperties": false, "properties": { "CustomRequestHandling": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomRequestHandling", - "markdownDescription": "Defines custom handling for the web request, used when the challenge inspection determines that the request's token is valid and unexpired.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", + "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomRequestHandling", + "markdownDescription": "Defines custom handling for the web request, used when the challenge inspection determines that the request's token is valid and unexpired.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the [AWS WAF developer guide](https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html) .", "title": "CustomRequestHandling" } }, "type": "object" }, - "AWS::WAFv2::RuleGroup.ChallengeConfig": { + "AWS::WAFv2::WebACL.ChallengeConfig": { "additionalProperties": false, "properties": { "ImmunityTimeProperty": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ImmunityTimeProperty", + "$ref": "#/definitions/AWS::WAFv2::WebACL.ImmunityTimeProperty", "markdownDescription": "Determines how long a challenge timestamp in the token remains valid after the client successfully responds to a challenge.", "title": "ImmunityTimeProperty" } }, "type": "object" }, - "AWS::WAFv2::RuleGroup.CookieMatchPattern": { + "AWS::WAFv2::WebACL.ClientSideAction": { + "additionalProperties": false, + "properties": { + "ExemptUriRegularExpressions": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.Regex" + }, + "markdownDescription": "The regular expression to match against the web request URI, used to identify requests that can't handle a silent browser challenge. When the `ClientSideAction` setting `UsageOfAction` is enabled, the managed rule group uses this setting to determine which requests to label with `awswaf:managed:aws:anti-ddos:challengeable-request` . If `UsageOfAction` is disabled, this setting has no effect and the managed rule group doesn't add the label to any requests.\n\nThe anti-DDoS managed rule group doesn't evaluate the rules `ChallengeDDoSRequests` or `ChallengeAllDuringEvent` for web requests whose URIs match this regex. This is true regardless of whether you override the rule action for either of the rules in your web ACL configuration.\n\nAWS recommends using a regular expression.\n\nThis setting is required if `UsageOfAction` is set to `ENABLED` . If required, you can provide between 1 and 5 regex objects in the array of settings.\n\nAWS recommends starting with the following setting. Review and update it for your application's needs:\n\n`\\/api\\/|\\.(acc|avi|css|gif|jpe?g|js|mp[34]|ogg|otf|pdf|png|tiff?|ttf|webm|webp|woff2?)$`", + "title": "ExemptUriRegularExpressions", + "type": "array" + }, + "Sensitivity": { + "markdownDescription": "The sensitivity that the rule group rule `ChallengeDDoSRequests` uses when matching against the DDoS suspicion labeling on a request. The managed rule group adds the labeling during DDoS events, before the `ChallengeDDoSRequests` rule runs.\n\nThe higher the sensitivity, the more levels of labeling that the rule matches:\n\n- Low sensitivity is less sensitive, causing the rule to match only on the most likely participants in an attack, which are the requests with the high suspicion label `awswaf:managed:aws:anti-ddos:high-suspicion-ddos-request` .\n- Medium sensitivity causes the rule to match on the medium and high suspicion labels.\n- High sensitivity causes the rule to match on all of the suspicion labels: low, medium, and high.\n\nDefault: `HIGH`", + "title": "Sensitivity", + "type": "string" + }, + "UsageOfAction": { + "markdownDescription": "Determines whether to use the `AWSManagedRulesAntiDDoSRuleSet` rules `ChallengeAllDuringEvent` and `ChallengeDDoSRequests` in the rule group evaluation and the related label `awswaf:managed:aws:anti-ddos:challengeable-request` .\n\n- If usage is enabled:\n\n- The managed rule group adds the label `awswaf:managed:aws:anti-ddos:challengeable-request` to any web request whose URL does *NOT* match the regular expressions provided in the `ClientSideAction` setting `ExemptUriRegularExpressions` .\n- The two rules are evaluated against web requests for protected resources that are experiencing a DDoS attack. The two rules only apply their action to matching requests that have the label `awswaf:managed:aws:anti-ddos:challengeable-request` .\n- If usage is disabled:\n\n- The managed rule group doesn't add the label `awswaf:managed:aws:anti-ddos:challengeable-request` to any web requests.\n- The two rules are not evaluated.\n- None of the other `ClientSideAction` settings have any effect.\n\n> This setting only enables or disables the use of the two anti-DDOS rules `ChallengeAllDuringEvent` and `ChallengeDDoSRequests` in the anti-DDoS managed rule group.\n> \n> This setting doesn't alter the action setting in the two rules. To override the actions used by the rules `ChallengeAllDuringEvent` and `ChallengeDDoSRequests` , enable this setting, and then override the rule actions in the usual way, in your managed rule group configuration.", + "title": "UsageOfAction", + "type": "string" + } + }, + "required": [ + "UsageOfAction" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.ClientSideActionConfig": { + "additionalProperties": false, + "properties": { + "Challenge": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ClientSideAction", + "markdownDescription": "Configuration for the use of the `AWSManagedRulesAntiDDoSRuleSet` rules `ChallengeAllDuringEvent` and `ChallengeDDoSRequests` .\n\n> This setting isn't related to the configuration of the `Challenge` action itself. It only configures the use of the two anti-DDoS rules named here. \n\nYou can enable or disable the use of these rules, and you can configure how to use them when they are enabled.", + "title": "Challenge" + } + }, + "required": [ + "Challenge" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.CookieMatchPattern": { "additionalProperties": false, "properties": { "All": { @@ -268318,11 +320034,11 @@ }, "type": "object" }, - "AWS::WAFv2::RuleGroup.Cookies": { + "AWS::WAFv2::WebACL.Cookies": { "additionalProperties": false, "properties": { "MatchPattern": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CookieMatchPattern", + "$ref": "#/definitions/AWS::WAFv2::WebACL.CookieMatchPattern", "markdownDescription": "The filter to use to identify the subset of cookies to inspect in a web request.\n\nYou must specify exactly one setting: either `All` , `IncludedCookies` , or `ExcludedCookies` .\n\nExample JSON: `\"MatchPattern\": { \"IncludedCookies\": [ \"session-id-time\", \"session-id\" ] }`", "title": "MatchPattern" }, @@ -268344,18 +320060,18 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.CountAction": { + "AWS::WAFv2::WebACL.CountAction": { "additionalProperties": false, "properties": { "CustomRequestHandling": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomRequestHandling", + "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomRequestHandling", "markdownDescription": "Defines custom handling for the web request.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", "title": "CustomRequestHandling" } }, "type": "object" }, - "AWS::WAFv2::RuleGroup.CustomHTTPHeader": { + "AWS::WAFv2::WebACL.CustomHTTPHeader": { "additionalProperties": false, "properties": { "Name": { @@ -268375,12 +320091,12 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.CustomRequestHandling": { + "AWS::WAFv2::WebACL.CustomRequestHandling": { "additionalProperties": false, "properties": { "InsertHeaders": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomHTTPHeader" + "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomHTTPHeader" }, "markdownDescription": "The HTTP headers to insert into the request. Duplicate header names are not allowed.\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", "title": "InsertHeaders", @@ -268392,54 +320108,145 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.CustomResponse": { + "AWS::WAFv2::WebACL.CustomResponse": { + "additionalProperties": false, + "properties": { + "CustomResponseBodyKey": { + "markdownDescription": "References the response body that you want AWS WAF to return to the web request client. You can define a custom response for a rule action or a default web ACL action that is set to block. To do this, you first define the response body key and value in the `CustomResponseBodies` setting for the `WebACL` or `RuleGroup` where you want to use it. Then, in the rule action or web ACL default action `BlockAction` setting, you reference the response body using this key.", + "title": "CustomResponseBodyKey", + "type": "string" + }, + "ResponseCode": { + "markdownDescription": "The HTTP status code to return to the client.\n\nFor a list of status codes that you can use in your custom responses, see [Supported status codes for custom response](https://docs.aws.amazon.com/waf/latest/developerguide/customizing-the-response-status-codes.html) in the *AWS WAF Developer Guide* .", + "title": "ResponseCode", + "type": "number" + }, + "ResponseHeaders": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomHTTPHeader" + }, + "markdownDescription": "The HTTP headers to use in the response. You can specify any header name except for `content-type` . Duplicate header names are not allowed.\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", + "title": "ResponseHeaders", + "type": "array" + } + }, + "required": [ + "ResponseCode" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.CustomResponseBody": { + "additionalProperties": false, + "properties": { + "Content": { + "markdownDescription": "The payload of the custom response.\n\nYou can use JSON escape strings in JSON content. To do this, you must specify JSON content in the `ContentType` setting.\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", + "title": "Content", + "type": "string" + }, + "ContentType": { + "markdownDescription": "The type of content in the payload that you are defining in the `Content` string.", + "title": "ContentType", + "type": "string" + } + }, + "required": [ + "Content", + "ContentType" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.DataProtect": { + "additionalProperties": false, + "properties": { + "Action": { + "markdownDescription": "", + "title": "Action", + "type": "string" + }, + "ExcludeRateBasedDetails": { + "markdownDescription": "", + "title": "ExcludeRateBasedDetails", + "type": "boolean" + }, + "ExcludeRuleMatchDetails": { + "markdownDescription": "", + "title": "ExcludeRuleMatchDetails", + "type": "boolean" + }, + "Field": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToProtect", + "markdownDescription": "", + "title": "Field" + } + }, + "required": [ + "Action", + "Field" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.DataProtectionConfig": { + "additionalProperties": false, + "properties": { + "DataProtections": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.DataProtect" + }, + "markdownDescription": "An array of data protection configurations for specific web request field types. This is defined for each web ACL. AWS WAF applies the specified protection to all web requests that the web ACL inspects.", + "title": "DataProtections", + "type": "array" + } + }, + "required": [ + "DataProtections" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.DefaultAction": { + "additionalProperties": false, + "properties": { + "Allow": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.AllowAction", + "markdownDescription": "Specifies that AWS WAF should allow requests by default.", + "title": "Allow" + }, + "Block": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.BlockAction", + "markdownDescription": "Specifies that AWS WAF should block requests by default.", + "title": "Block" + } + }, + "type": "object" + }, + "AWS::WAFv2::WebACL.ExcludedRule": { "additionalProperties": false, "properties": { - "CustomResponseBodyKey": { - "markdownDescription": "References the response body that you want AWS WAF to return to the web request client. You can define a custom response for a rule action or a default web ACL action that is set to block. To do this, you first define the response body key and value in the `CustomResponseBodies` setting for the `WebACL` or `RuleGroup` where you want to use it. Then, in the rule action or web ACL default action `BlockAction` setting, you reference the response body using this key.", - "title": "CustomResponseBodyKey", + "Name": { + "markdownDescription": "The name of the rule whose action you want to override to `Count` .", + "title": "Name", "type": "string" - }, - "ResponseCode": { - "markdownDescription": "The HTTP status code to return to the client.\n\nFor a list of status codes that you can use in your custom responses, see [Supported status codes for custom response](https://docs.aws.amazon.com/waf/latest/developerguide/customizing-the-response-status-codes.html) in the *AWS WAF Developer Guide* .", - "title": "ResponseCode", - "type": "number" - }, - "ResponseHeaders": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomHTTPHeader" - }, - "markdownDescription": "The HTTP headers to use in the response. You can specify any header name except for `content-type` . Duplicate header names are not allowed.\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", - "title": "ResponseHeaders", - "type": "array" } }, "required": [ - "ResponseCode" + "Name" ], "type": "object" }, - "AWS::WAFv2::RuleGroup.CustomResponseBody": { + "AWS::WAFv2::WebACL.FieldIdentifier": { "additionalProperties": false, "properties": { - "Content": { - "markdownDescription": "The payload of the custom response.\n\nYou can use JSON escape strings in JSON content. To do this, you must specify JSON content in the `ContentType` setting.\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", - "title": "Content", - "type": "string" - }, - "ContentType": { - "markdownDescription": "The type of content in the payload that you are defining in the `Content` string.", - "title": "ContentType", + "Identifier": { + "markdownDescription": "The name of the field.\n\nWhen the `PayloadType` in the request inspection is `JSON` , this identifier must be in JSON pointer syntax. For example `/form/username` . For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nWhen the `PayloadType` is `FORM_ENCODED` , use the HTML form names. For example, `username` .\n\nFor more information, see the descriptions for each field type in the request inspection properties.", + "title": "Identifier", "type": "string" } }, "required": [ - "Content", - "ContentType" + "Identifier" ], "type": "object" }, - "AWS::WAFv2::RuleGroup.FieldToMatch": { + "AWS::WAFv2::WebACL.FieldToMatch": { "additionalProperties": false, "properties": { "AllQueryArguments": { @@ -268448,27 +320255,32 @@ "type": "object" }, "Body": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Body", + "$ref": "#/definitions/AWS::WAFv2::WebACL.Body", "markdownDescription": "Inspect the request body as plain text. The request body immediately follows the request headers. This is the part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n- For AWS Amplify , use the CloudFront limit.\n\nFor information about how to handle oversized request bodies, see the `Body` object configuration.", "title": "Body" }, "Cookies": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Cookies", + "$ref": "#/definitions/AWS::WAFv2::WebACL.Cookies", "markdownDescription": "Inspect the request cookies. You must configure scope and pattern matching filters in the `Cookies` object, to define the set of cookies and the parts of the cookies that AWS WAF inspects.\n\nOnly the first 8 KB (8192 bytes) of a request's cookies and only the first 200 cookies are forwarded to AWS WAF for inspection by the underlying host service. You must configure how to handle any oversize cookie content in the `Cookies` object. AWS WAF applies the pattern matching filters to the cookies that it receives from the underlying host service.", "title": "Cookies" }, "Headers": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Headers", + "$ref": "#/definitions/AWS::WAFv2::WebACL.Headers", "markdownDescription": "Inspect the request headers. You must configure scope and pattern matching filters in the `Headers` object, to define the set of headers to and the parts of the headers that AWS WAF inspects.\n\nOnly the first 8 KB (8192 bytes) of a request's headers and only the first 200 headers are forwarded to AWS WAF for inspection by the underlying host service. You must configure how to handle any oversize header content in the `Headers` object. AWS WAF applies the pattern matching filters to the headers that it receives from the underlying host service.", "title": "Headers" }, "JA3Fingerprint": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.JA3Fingerprint", + "$ref": "#/definitions/AWS::WAFv2::WebACL.JA3Fingerprint", "markdownDescription": "Available for use with Amazon CloudFront distributions and Application Load Balancers. Match against the request's JA3 fingerprint. The JA3 fingerprint is a 32-character hash derived from the TLS Client Hello of an incoming request. This fingerprint serves as a unique identifier for the client's TLS configuration. AWS WAF calculates and logs this fingerprint for each request that has enough TLS Client Hello information for the calculation. Almost all web requests include this information.\n\n> You can use this choice only with a string match `ByteMatchStatement` with the `PositionalConstraint` set to `EXACTLY` . \n\nYou can obtain the JA3 fingerprint for client requests from the web ACL logs. If AWS WAF is able to calculate the fingerprint, it includes it in the logs. For information about the logging fields, see [Log fields](https://docs.aws.amazon.com/waf/latest/developerguide/logging-fields.html) in the *AWS WAF Developer Guide* .\n\nProvide the JA3 fingerprint string from the logs in your string match statement specification, to match with any future requests that have the same TLS configuration.", "title": "JA3Fingerprint" }, + "JA4Fingerprint": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.JA4Fingerprint", + "markdownDescription": "Available for use with Amazon CloudFront distributions and Application Load Balancers. Match against the request's JA4 fingerprint. The JA4 fingerprint is a 36-character hash derived from the TLS Client Hello of an incoming request. This fingerprint serves as a unique identifier for the client's TLS configuration. AWS WAF calculates and logs this fingerprint for each request that has enough TLS Client Hello information for the calculation. Almost all web requests include this information.\n\n> You can use this choice only with a string match `ByteMatchStatement` with the `PositionalConstraint` set to `EXACTLY` . \n\nYou can obtain the JA4 fingerprint for client requests from the web ACL logs. If AWS WAF is able to calculate the fingerprint, it includes it in the logs. For information about the logging fields, see [Log fields](https://docs.aws.amazon.com/waf/latest/developerguide/logging-fields.html) in the *AWS WAF Developer Guide* .\n\nProvide the JA4 fingerprint string from the logs in your string match statement specification, to match with any future requests that have the same TLS configuration.", + "title": "JA4Fingerprint" + }, "JsonBody": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.JsonBody", + "$ref": "#/definitions/AWS::WAFv2::WebACL.JsonBody", "markdownDescription": "Inspect the request body as JSON. The request body immediately follows the request headers. This is the part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n- For AWS Amplify , use the CloudFront limit.\n\nFor information about how to handle oversized request bodies, see the `JsonBody` object configuration.", "title": "JsonBody" }, @@ -268483,15 +320295,20 @@ "type": "object" }, "SingleHeader": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.SingleHeader", + "$ref": "#/definitions/AWS::WAFv2::WebACL.SingleHeader", "markdownDescription": "Inspect a single header. Provide the name of the header to inspect, for example, `User-Agent` or `Referer` . This setting isn't case sensitive.\n\nExample JSON: `\"SingleHeader\": { \"Name\": \"haystack\" }`\n\nAlternately, you can filter and inspect all headers with the `Headers` `FieldToMatch` setting.", "title": "SingleHeader" }, "SingleQueryArgument": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.SingleQueryArgument", + "$ref": "#/definitions/AWS::WAFv2::WebACL.SingleQueryArgument", "markdownDescription": "Inspect a single query argument. Provide the name of the query argument to inspect, such as *UserName* or *SalesRegion* . The name can be up to 30 characters long and isn't case sensitive.\n\nExample JSON: `\"SingleQueryArgument\": { \"Name\": \"myArgument\" }`", "title": "SingleQueryArgument" }, + "UriFragment": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.UriFragment", + "markdownDescription": "Inspect fragments of the request URI. You must configure scope and pattern matching filters in the `UriFragment` object, to define the fragment of a URI that AWS WAF inspects.\n\nOnly the first 8 KB (8192 bytes) of a request's URI fragments and only the first 200 URI fragments are forwarded to AWS WAF for inspection by the underlying host service. You must configure how to handle any oversize URI fragment content in the `UriFragment` object. AWS WAF applies the pattern matching filters to the cookies that it receives from the underlying host service.", + "title": "UriFragment" + }, "UriPath": { "markdownDescription": "Inspect the request URI path. This is the part of the web request that identifies a resource, for example, `/images/daily-ad.jpg` .", "title": "UriPath", @@ -268500,7 +320317,29 @@ }, "type": "object" }, - "AWS::WAFv2::RuleGroup.ForwardedIPConfiguration": { + "AWS::WAFv2::WebACL.FieldToProtect": { + "additionalProperties": false, + "properties": { + "FieldKeys": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the keys to protect for the specified field type. If you don't specify any key, then all keys for the field type are protected.", + "title": "FieldKeys", + "type": "array" + }, + "FieldType": { + "markdownDescription": "Specifies the web request component type to protect.", + "title": "FieldType", + "type": "string" + } + }, + "required": [ + "FieldType" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.ForwardedIPConfiguration": { "additionalProperties": false, "properties": { "FallbackBehavior": { @@ -268520,7 +320359,7 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.GeoMatchStatement": { + "AWS::WAFv2::WebACL.GeoMatchStatement": { "additionalProperties": false, "properties": { "CountryCodes": { @@ -268532,14 +320371,14 @@ "type": "array" }, "ForwardedIPConfig": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ForwardedIPConfiguration", + "$ref": "#/definitions/AWS::WAFv2::WebACL.ForwardedIPConfiguration", "markdownDescription": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all.", "title": "ForwardedIPConfig" } }, "type": "object" }, - "AWS::WAFv2::RuleGroup.HeaderMatchPattern": { + "AWS::WAFv2::WebACL.HeaderMatchPattern": { "additionalProperties": false, "properties": { "All": { @@ -268566,11 +320405,11 @@ }, "type": "object" }, - "AWS::WAFv2::RuleGroup.Headers": { + "AWS::WAFv2::WebACL.Headers": { "additionalProperties": false, "properties": { "MatchPattern": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.HeaderMatchPattern", + "$ref": "#/definitions/AWS::WAFv2::WebACL.HeaderMatchPattern", "markdownDescription": "The filter to use to identify the subset of headers to inspect in a web request.\n\nYou must specify exactly one setting: either `All` , `IncludedHeaders` , or `ExcludedHeaders` .\n\nExample JSON: `\"MatchPattern\": { \"ExcludedHeaders\": [ \"KeyToExclude1\", \"KeyToExclude2\" ] }`", "title": "MatchPattern" }, @@ -268592,7 +320431,7 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.IPSetForwardedIPConfiguration": { + "AWS::WAFv2::WebACL.IPSetForwardedIPConfiguration": { "additionalProperties": false, "properties": { "FallbackBehavior": { @@ -268618,7 +320457,7 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.IPSetReferenceStatement": { + "AWS::WAFv2::WebACL.IPSetReferenceStatement": { "additionalProperties": false, "properties": { "Arn": { @@ -268627,7 +320466,7 @@ "type": "string" }, "IPSetForwardedIPConfig": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.IPSetForwardedIPConfiguration", + "$ref": "#/definitions/AWS::WAFv2::WebACL.IPSetForwardedIPConfiguration", "markdownDescription": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all.", "title": "IPSetForwardedIPConfig" } @@ -268637,7 +320476,7 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.ImmunityTimeProperty": { + "AWS::WAFv2::WebACL.ImmunityTimeProperty": { "additionalProperties": false, "properties": { "ImmunityTime": { @@ -268651,7 +320490,7 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.JA3Fingerprint": { + "AWS::WAFv2::WebACL.JA3Fingerprint": { "additionalProperties": false, "properties": { "FallbackBehavior": { @@ -268665,7 +320504,21 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.JsonBody": { + "AWS::WAFv2::WebACL.JA4Fingerprint": { + "additionalProperties": false, + "properties": { + "FallbackBehavior": { + "markdownDescription": "The match status to assign to the web request if the request doesn't have a JA4 fingerprint.\n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", + "title": "FallbackBehavior", + "type": "string" + } + }, + "required": [ + "FallbackBehavior" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.JsonBody": { "additionalProperties": false, "properties": { "InvalidFallbackBehavior": { @@ -268674,7 +320527,7 @@ "type": "string" }, "MatchPattern": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.JsonMatchPattern", + "$ref": "#/definitions/AWS::WAFv2::WebACL.JsonMatchPattern", "markdownDescription": "The patterns to look for in the JSON body. AWS WAF inspects the results of these pattern matches against the rule inspection criteria.", "title": "MatchPattern" }, @@ -268695,7 +320548,7 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.JsonMatchPattern": { + "AWS::WAFv2::WebACL.JsonMatchPattern": { "additionalProperties": false, "properties": { "All": { @@ -268714,7 +320567,7 @@ }, "type": "object" }, - "AWS::WAFv2::RuleGroup.Label": { + "AWS::WAFv2::WebACL.Label": { "additionalProperties": false, "properties": { "Name": { @@ -268728,7 +320581,7 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.LabelMatchStatement": { + "AWS::WAFv2::WebACL.LabelMatchStatement": { "additionalProperties": false, "properties": { "Key": { @@ -268748,22 +320601,111 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.LabelSummary": { + "AWS::WAFv2::WebACL.ManagedRuleGroupConfig": { + "additionalProperties": false, + "properties": { + "AWSManagedRulesACFPRuleSet": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.AWSManagedRulesACFPRuleSet", + "markdownDescription": "Additional configuration for using the account creation fraud prevention (ACFP) managed rule group, `AWSManagedRulesACFPRuleSet` . Use this to provide account creation request information to the rule group. For web ACLs that protect CloudFront distributions, use this to also provide the information about how your distribution responds to account creation requests.\n\nFor information about using the ACFP managed rule group, see [AWS WAF Fraud Control account creation fraud prevention (ACFP) rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-acfp.html) and [AWS WAF Fraud Control account creation fraud prevention (ACFP)](https://docs.aws.amazon.com/waf/latest/developerguide/waf-acfp.html) in the *AWS WAF Developer Guide* .", + "title": "AWSManagedRulesACFPRuleSet" + }, + "AWSManagedRulesATPRuleSet": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.AWSManagedRulesATPRuleSet", + "markdownDescription": "Additional configuration for using the account takeover prevention (ATP) managed rule group, `AWSManagedRulesATPRuleSet` . Use this to provide login request information to the rule group. For web ACLs that protect CloudFront distributions, use this to also provide the information about how your distribution responds to login requests.\n\nThis configuration replaces the individual configuration fields in `ManagedRuleGroupConfig` and provides additional feature configuration.\n\nFor information about using the ATP managed rule group, see [AWS WAF Fraud Control account takeover prevention (ATP) rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-atp.html) and [AWS WAF Fraud Control account takeover prevention (ATP)](https://docs.aws.amazon.com/waf/latest/developerguide/waf-atp.html) in the *AWS WAF Developer Guide* .", + "title": "AWSManagedRulesATPRuleSet" + }, + "AWSManagedRulesAntiDDoSRuleSet": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.AWSManagedRulesAntiDDoSRuleSet", + "markdownDescription": "Additional configuration for using the anti-DDoS managed rule group, `AWSManagedRulesAntiDDoSRuleSet` . Use this to configure anti-DDoS behavior for the rule group.\n\nFor information about using the anti-DDoS managed rule group, see [AWS WAF Anti-DDoS rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-anti-ddos.html) and [Distributed Denial of Service (DDoS) prevention](https://docs.aws.amazon.com/waf/latest/developerguide/waf-anti-ddos.html) in the *AWS WAF Developer Guide* .", + "title": "AWSManagedRulesAntiDDoSRuleSet" + }, + "AWSManagedRulesBotControlRuleSet": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.AWSManagedRulesBotControlRuleSet", + "markdownDescription": "Additional configuration for using the Bot Control managed rule group. Use this to specify the inspection level that you want to use. For information about using the Bot Control managed rule group, see [AWS WAF Bot Control rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html) and [AWS WAF Bot Control](https://docs.aws.amazon.com/waf/latest/developerguide/waf-bot-control.html) in the *AWS WAF Developer Guide* .", + "title": "AWSManagedRulesBotControlRuleSet" + }, + "LoginPath": { + "markdownDescription": "> Instead of this setting, provide your configuration under `AWSManagedRulesATPRuleSet` .", + "title": "LoginPath", + "type": "string" + }, + "PasswordField": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", + "markdownDescription": "> Instead of this setting, provide your configuration under the request inspection configuration for `AWSManagedRulesATPRuleSet` or `AWSManagedRulesACFPRuleSet` .", + "title": "PasswordField" + }, + "PayloadType": { + "markdownDescription": "> Instead of this setting, provide your configuration under the request inspection configuration for `AWSManagedRulesATPRuleSet` or `AWSManagedRulesACFPRuleSet` .", + "title": "PayloadType", + "type": "string" + }, + "UsernameField": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", + "markdownDescription": "> Instead of this setting, provide your configuration under the request inspection configuration for `AWSManagedRulesATPRuleSet` or `AWSManagedRulesACFPRuleSet` .", + "title": "UsernameField" + } + }, + "type": "object" + }, + "AWS::WAFv2::WebACL.ManagedRuleGroupStatement": { "additionalProperties": false, "properties": { + "ExcludedRules": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ExcludedRule" + }, + "markdownDescription": "Rules in the referenced rule group whose actions are set to `Count` .\n\n> Instead of this option, use `RuleActionOverrides` . It accepts any valid action setting, including `Count` .", + "title": "ExcludedRules", + "type": "array" + }, + "ManagedRuleGroupConfigs": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ManagedRuleGroupConfig" + }, + "markdownDescription": "Additional information that's used by a managed rule group. Many managed rule groups don't require this.\n\nThe rule groups used for intelligent threat mitigation require additional configuration:\n\n- Use the `AWSManagedRulesACFPRuleSet` configuration object to configure the account creation fraud prevention managed rule group. The configuration includes the registration and sign-up pages of your application and the locations in the account creation request payload of data, such as the user email and phone number fields.\n- Use the `AWSManagedRulesAntiDDoSRuleSet` configuration object to configure the anti-DDoS managed rule group. The configuration includes the sensitivity levels to use in the rules that typically block and challenge requests that might be participating in DDoS attacks and the specification to use to indicate whether a request can handle a silent browser challenge.\n- Use the `AWSManagedRulesATPRuleSet` configuration object to configure the account takeover prevention managed rule group. The configuration includes the sign-in page of your application and the locations in the login request payload of data such as the username and password.\n- Use the `AWSManagedRulesBotControlRuleSet` configuration object to configure the protection level that you want the Bot Control rule group to use.", + "title": "ManagedRuleGroupConfigs", + "type": "array" + }, "Name": { - "markdownDescription": "An individual label specification.", + "markdownDescription": "The name of the managed rule group. You use this, along with the vendor name, to identify the rule group.", "title": "Name", "type": "string" + }, + "RuleActionOverrides": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.RuleActionOverride" + }, + "markdownDescription": "Action settings to use in the place of the rule actions that are configured inside the rule group. You specify one override for each rule whose action you want to change.\n\n> Verify the rule names in your overrides carefully. With managed rule groups, AWS WAF silently ignores any override that uses an invalid rule name. With customer-owned rule groups, invalid rule names in your overrides will cause web ACL updates to fail. An invalid rule name is any name that doesn't exactly match the case-sensitive name of an existing rule in the rule group. \n\nYou can use overrides for testing, for example you can override all of rule actions to `Count` and then monitor the resulting count metrics to understand how the rule group would handle your web traffic. You can also permanently override some or all actions, to modify how the rule group manages your web traffic.", + "title": "RuleActionOverrides", + "type": "array" + }, + "ScopeDownStatement": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.Statement", + "markdownDescription": "An optional nested statement that narrows the scope of the web requests that are evaluated by the managed rule group. Requests are only evaluated by the rule group if they match the scope-down statement. You can use any nestable `Statement` in the scope-down statement, and you can nest statements at any level, the same as you can for a rule statement.", + "title": "ScopeDownStatement" + }, + "VendorName": { + "markdownDescription": "The name of the managed rule group vendor. You use this, along with the rule group name, to identify a rule group.", + "title": "VendorName", + "type": "string" + }, + "Version": { + "markdownDescription": "The version of the managed rule group to use. If you specify this, the version setting is fixed until you change it. If you don't specify this, AWS WAF uses the vendor's default version, and then keeps the version at the vendor's default when the vendor updates the managed rule group settings.", + "title": "Version", + "type": "string" } }, + "required": [ + "Name", + "VendorName" + ], "type": "object" }, - "AWS::WAFv2::RuleGroup.NotStatement": { + "AWS::WAFv2::WebACL.NotStatement": { "additionalProperties": false, "properties": { "Statement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Statement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.Statement", "markdownDescription": "The statement to negate. You can use any statement that can be nested.", "title": "Statement" } @@ -268773,12 +320715,26 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.OrStatement": { + "AWS::WAFv2::WebACL.OnSourceDDoSProtectionConfig": { + "additionalProperties": false, + "properties": { + "ALBLowReputationMode": { + "markdownDescription": "The level of DDoS protection that applies to web ACLs associated with Application Load Balancers. `ACTIVE_UNDER_DDOS` protection is enabled by default whenever a web ACL is associated with an Application Load Balancer. In the event that an Application Load Balancer experiences high-load conditions or suspected DDoS attacks, the `ACTIVE_UNDER_DDOS` protection automatically rate limits traffic from known low reputation sources without disrupting Application Load Balancer availability. `ALWAYS_ON` protection provides constant, always-on monitoring of known low reputation sources for suspected DDoS attacks. While this provides a higher level of protection, there may be potential impacts on legitimate traffic.", + "title": "ALBLowReputationMode", + "type": "string" + } + }, + "required": [ + "ALBLowReputationMode" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.OrStatement": { "additionalProperties": false, "properties": { "Statements": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Statement" + "$ref": "#/definitions/AWS::WAFv2::WebACL.Statement" }, "markdownDescription": "The statements to combine with OR logic. You can use any statements that can be nested.", "title": "Statements", @@ -268790,7 +320746,23 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.RateBasedStatement": { + "AWS::WAFv2::WebACL.OverrideAction": { + "additionalProperties": false, + "properties": { + "Count": { + "markdownDescription": "Override the rule group evaluation result to count only.\n\n> This option is usually set to none. It does not affect how the rules in the rule group are evaluated. If you want the rules in the rule group to only count matches, do not use this and instead use the rule action override option, with `Count` action, in your rule group reference statement settings.", + "title": "Count", + "type": "object" + }, + "None": { + "markdownDescription": "Don't override the rule group evaluation result. This is the most common setting.", + "title": "None", + "type": "object" + } + }, + "type": "object" + }, + "AWS::WAFv2::WebACL.RateBasedStatement": { "additionalProperties": false, "properties": { "AggregateKeyType": { @@ -268800,7 +320772,7 @@ }, "CustomKeys": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateBasedStatementCustomKey" + "$ref": "#/definitions/AWS::WAFv2::WebACL.RateBasedStatementCustomKey" }, "markdownDescription": "Specifies the aggregate keys to use in a rate-base rule.", "title": "CustomKeys", @@ -268812,7 +320784,7 @@ "type": "number" }, "ForwardedIPConfig": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ForwardedIPConfiguration", + "$ref": "#/definitions/AWS::WAFv2::WebACL.ForwardedIPConfiguration", "markdownDescription": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. \n\nThis is required if you specify a forwarded IP in the rule's aggregate key settings.", "title": "ForwardedIPConfig" }, @@ -268822,7 +320794,7 @@ "type": "number" }, "ScopeDownStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Statement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.Statement", "markdownDescription": "An optional nested statement that narrows the scope of the web requests that are evaluated and managed by the rate-based statement. When you use a scope-down statement, the rate-based rule only tracks and rate limits requests that match the scope-down statement. You can use any nestable `Statement` in the scope-down statement, and you can nest statements at any level, the same as you can for a rule statement.", "title": "ScopeDownStatement" } @@ -268833,11 +320805,16 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.RateBasedStatementCustomKey": { + "AWS::WAFv2::WebACL.RateBasedStatementCustomKey": { "additionalProperties": false, "properties": { + "ASN": { + "markdownDescription": "Use an Autonomous System Number (ASN) derived from the request's originating or forwarded IP address as an aggregate key. Each distinct ASN contributes to the aggregation instance.", + "title": "ASN", + "type": "object" + }, "Cookie": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitCookie", + "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitCookie", "markdownDescription": "Use the value of a cookie in the request as an aggregate key. Each distinct value in the cookie contributes to the aggregation instance. If you use a single cookie as your custom key, then each value fully defines an aggregation instance.", "title": "Cookie" }, @@ -268852,7 +320829,7 @@ "type": "object" }, "Header": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitHeader", + "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitHeader", "markdownDescription": "Use the value of a header in the request as an aggregate key. Each distinct value in the header contributes to the aggregation instance. If you use a single header as your custom key, then each value fully defines an aggregation instance.", "title": "Header" }, @@ -268861,30 +320838,40 @@ "title": "IP", "type": "object" }, + "JA3Fingerprint": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitJA3Fingerprint", + "markdownDescription": "Use the request's JA3 fingerprint as an aggregate key. If you use a single JA3 fingerprint as your custom key, then each value fully defines an aggregation instance.", + "title": "JA3Fingerprint" + }, + "JA4Fingerprint": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitJA4Fingerprint", + "markdownDescription": "Use the request's JA4 fingerprint as an aggregate key. If you use a single JA4 fingerprint as your custom key, then each value fully defines an aggregation instance.", + "title": "JA4Fingerprint" + }, "LabelNamespace": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitLabelNamespace", + "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitLabelNamespace", "markdownDescription": "Use the specified label namespace as an aggregate key. Each distinct fully qualified label name that has the specified label namespace contributes to the aggregation instance. If you use just one label namespace as your custom key, then each label name fully defines an aggregation instance.\n\nThis uses only labels that have been added to the request by rules that are evaluated before this rate-based rule in the web ACL.\n\nFor information about label namespaces and names, see [Label syntax and naming requirements](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-label-requirements.html) in the *AWS WAF Developer Guide* .", "title": "LabelNamespace" }, "QueryArgument": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitQueryArgument", + "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitQueryArgument", "markdownDescription": "Use the specified query argument as an aggregate key. Each distinct value for the named query argument contributes to the aggregation instance. If you use a single query argument as your custom key, then each value fully defines an aggregation instance.", "title": "QueryArgument" }, "QueryString": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitQueryString", + "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitQueryString", "markdownDescription": "Use the request's query string as an aggregate key. Each distinct string contributes to the aggregation instance. If you use just the query string as your custom key, then each string fully defines an aggregation instance.", "title": "QueryString" }, "UriPath": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitUriPath", + "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitUriPath", "markdownDescription": "Use the request's URI path as an aggregate key. Each distinct URI path contributes to the aggregation instance. If you use just the URI path as your custom key, then each URI path fully defines an aggregation instance.", "title": "UriPath" } }, "type": "object" }, - "AWS::WAFv2::RuleGroup.RateLimitCookie": { + "AWS::WAFv2::WebACL.RateLimitCookie": { "additionalProperties": false, "properties": { "Name": { @@ -268894,7 +320881,7 @@ }, "TextTransformations": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", "title": "TextTransformations", @@ -268907,7 +320894,7 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.RateLimitHeader": { + "AWS::WAFv2::WebACL.RateLimitHeader": { "additionalProperties": false, "properties": { "Name": { @@ -268917,7 +320904,7 @@ }, "TextTransformations": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", "title": "TextTransformations", @@ -268930,7 +320917,35 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.RateLimitLabelNamespace": { + "AWS::WAFv2::WebACL.RateLimitJA3Fingerprint": { + "additionalProperties": false, + "properties": { + "FallbackBehavior": { + "markdownDescription": "The match status to assign to the web request if there is insufficient TSL Client Hello information to compute the JA3 fingerprint.\n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", + "title": "FallbackBehavior", + "type": "string" + } + }, + "required": [ + "FallbackBehavior" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.RateLimitJA4Fingerprint": { + "additionalProperties": false, + "properties": { + "FallbackBehavior": { + "markdownDescription": "The match status to assign to the web request if there is insufficient TSL Client Hello information to compute the JA4 fingerprint.\n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", + "title": "FallbackBehavior", + "type": "string" + } + }, + "required": [ + "FallbackBehavior" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.RateLimitLabelNamespace": { "additionalProperties": false, "properties": { "Namespace": { @@ -268944,7 +320959,7 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.RateLimitQueryArgument": { + "AWS::WAFv2::WebACL.RateLimitQueryArgument": { "additionalProperties": false, "properties": { "Name": { @@ -268954,7 +320969,7 @@ }, "TextTransformations": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", "title": "TextTransformations", @@ -268967,12 +320982,12 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.RateLimitQueryString": { + "AWS::WAFv2::WebACL.RateLimitQueryString": { "additionalProperties": false, "properties": { "TextTransformations": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", "title": "TextTransformations", @@ -268984,12 +320999,12 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.RateLimitUriPath": { + "AWS::WAFv2::WebACL.RateLimitUriPath": { "additionalProperties": false, "properties": { "TextTransformations": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", "title": "TextTransformations", @@ -269001,11 +321016,22 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.RegexMatchStatement": { + "AWS::WAFv2::WebACL.Regex": { + "additionalProperties": false, + "properties": { + "RegexString": { + "markdownDescription": "The string representing the regular expression.", + "title": "RegexString", + "type": "string" + } + }, + "type": "object" + }, + "AWS::WAFv2::WebACL.RegexMatchStatement": { "additionalProperties": false, "properties": { "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.FieldToMatch", + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToMatch", "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", "title": "FieldToMatch" }, @@ -269016,7 +321042,7 @@ }, "TextTransformations": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", "title": "TextTransformations", @@ -269030,7 +321056,7 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.RegexPatternSetReferenceStatement": { + "AWS::WAFv2::WebACL.RegexPatternSetReferenceStatement": { "additionalProperties": false, "properties": { "Arn": { @@ -269039,13 +321065,13 @@ "type": "string" }, "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.FieldToMatch", + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToMatch", "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", "title": "FieldToMatch" }, "TextTransformations": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", "title": "TextTransformations", @@ -269059,21 +321085,248 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.Rule": { + "AWS::WAFv2::WebACL.RequestBodyAssociatedResourceTypeConfig": { + "additionalProperties": false, + "properties": { + "DefaultSizeInspectionLimit": { + "markdownDescription": "Specifies the maximum size of the web request body component that an associated CloudFront, API Gateway, Amazon Cognito, App Runner, or Verified Access resource should send to AWS WAF for inspection. This applies to statements in the web ACL that inspect the body or JSON body.\n\nDefault: `16 KB (16,384 bytes)`", + "title": "DefaultSizeInspectionLimit", + "type": "string" + } + }, + "required": [ + "DefaultSizeInspectionLimit" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.RequestInspection": { + "additionalProperties": false, + "properties": { + "PasswordField": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", + "markdownDescription": "The name of the field in the request payload that contains your customer's password.\n\nHow you specify this depends on the request inspection payload type.\n\n- For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"password\": \"THE_PASSWORD\" } }` , the password field specification is `/form/password` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with the input element named `password1` , the password field specification is `password1` .", + "title": "PasswordField" + }, + "PayloadType": { + "markdownDescription": "The payload type for your login endpoint, either JSON or form encoded.", + "title": "PayloadType", + "type": "string" + }, + "UsernameField": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", + "markdownDescription": "The name of the field in the request payload that contains your customer's username.\n\nHow you specify this depends on the request inspection payload type.\n\n- For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"username\": \"THE_USERNAME\" } }` , the username field specification is `/form/username` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with the input element named `username1` , the username field specification is `username1`", + "title": "UsernameField" + } + }, + "required": [ + "PasswordField", + "PayloadType", + "UsernameField" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.RequestInspectionACFP": { + "additionalProperties": false, + "properties": { + "AddressFields": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier" + }, + "markdownDescription": "The names of the fields in the request payload that contain your customer's primary physical address.\n\nOrder the address fields in the array exactly as they are ordered in the request payload.\n\nHow you specify the address fields depends on the request inspection payload type.\n\n- For JSON payloads, specify the field identifiers in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"primaryaddressline1\": \"THE_ADDRESS1\", \"primaryaddressline2\": \"THE_ADDRESS2\", \"primaryaddressline3\": \"THE_ADDRESS3\" } }` , the address field idenfiers are `/form/primaryaddressline1` , `/form/primaryaddressline2` , and `/form/primaryaddressline3` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with input elements named `primaryaddressline1` , `primaryaddressline2` , and `primaryaddressline3` , the address fields identifiers are `primaryaddressline1` , `primaryaddressline2` , and `primaryaddressline3` .", + "title": "AddressFields", + "type": "array" + }, + "EmailField": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", + "markdownDescription": "The name of the field in the request payload that contains your customer's email.\n\nHow you specify this depends on the request inspection payload type.\n\n- For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"email\": \"THE_EMAIL\" } }` , the email field specification is `/form/email` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with the input element named `email1` , the email field specification is `email1` .", + "title": "EmailField" + }, + "PasswordField": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", + "markdownDescription": "The name of the field in the request payload that contains your customer's password.\n\nHow you specify this depends on the request inspection payload type.\n\n- For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"password\": \"THE_PASSWORD\" } }` , the password field specification is `/form/password` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with the input element named `password1` , the password field specification is `password1` .", + "title": "PasswordField" + }, + "PayloadType": { + "markdownDescription": "The payload type for your account creation endpoint, either JSON or form encoded.", + "title": "PayloadType", + "type": "string" + }, + "PhoneNumberFields": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier" + }, + "markdownDescription": "The names of the fields in the request payload that contain your customer's primary phone number.\n\nOrder the phone number fields in the array exactly as they are ordered in the request payload.\n\nHow you specify the phone number fields depends on the request inspection payload type.\n\n- For JSON payloads, specify the field identifiers in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"primaryphoneline1\": \"THE_PHONE1\", \"primaryphoneline2\": \"THE_PHONE2\", \"primaryphoneline3\": \"THE_PHONE3\" } }` , the phone number field identifiers are `/form/primaryphoneline1` , `/form/primaryphoneline2` , and `/form/primaryphoneline3` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with input elements named `primaryphoneline1` , `primaryphoneline2` , and `primaryphoneline3` , the phone number field identifiers are `primaryphoneline1` , `primaryphoneline2` , and `primaryphoneline3` .", + "title": "PhoneNumberFields", + "type": "array" + }, + "UsernameField": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", + "markdownDescription": "The name of the field in the request payload that contains your customer's username.\n\nHow you specify this depends on the request inspection payload type.\n\n- For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"username\": \"THE_USERNAME\" } }` , the username field specification is `/form/username` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with the input element named `username1` , the username field specification is `username1`", + "title": "UsernameField" + } + }, + "required": [ + "PayloadType" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.ResponseInspection": { + "additionalProperties": false, + "properties": { + "BodyContains": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspectionBodyContains", + "markdownDescription": "Configures inspection of the response body for success and failure indicators. AWS WAF can inspect the first 65,536 bytes (64 KB) of the response body.", + "title": "BodyContains" + }, + "Header": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspectionHeader", + "markdownDescription": "Configures inspection of the response header for success and failure indicators.", + "title": "Header" + }, + "Json": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspectionJson", + "markdownDescription": "Configures inspection of the response JSON for success and failure indicators. AWS WAF can inspect the first 65,536 bytes (64 KB) of the response JSON.", + "title": "Json" + }, + "StatusCode": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspectionStatusCode", + "markdownDescription": "Configures inspection of the response status code for success and failure indicators.", + "title": "StatusCode" + } + }, + "type": "object" + }, + "AWS::WAFv2::WebACL.ResponseInspectionBodyContains": { + "additionalProperties": false, + "properties": { + "FailureStrings": { + "items": { + "type": "string" + }, + "markdownDescription": "Strings in the body of the response that indicate a failed login or account creation attempt. To be counted as a failure, the string can be anywhere in the body and must be an exact match, including case. Each string must be unique among the success and failure strings.\n\nJSON example: `\"FailureStrings\": [ \"Request failed\" ]`", + "title": "FailureStrings", + "type": "array" + }, + "SuccessStrings": { + "items": { + "type": "string" + }, + "markdownDescription": "Strings in the body of the response that indicate a successful login or account creation attempt. To be counted as a success, the string can be anywhere in the body and must be an exact match, including case. Each string must be unique among the success and failure strings.\n\nJSON examples: `\"SuccessStrings\": [ \"Login successful\" ]` and `\"SuccessStrings\": [ \"Account creation successful\", \"Welcome to our site!\" ]`", + "title": "SuccessStrings", + "type": "array" + } + }, + "required": [ + "FailureStrings", + "SuccessStrings" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.ResponseInspectionHeader": { + "additionalProperties": false, + "properties": { + "FailureValues": { + "items": { + "type": "string" + }, + "markdownDescription": "Values in the response header with the specified name that indicate a failed login or account creation attempt. To be counted as a failure, the value must be an exact match, including case. Each value must be unique among the success and failure values.\n\nJSON examples: `\"FailureValues\": [ \"LoginFailed\", \"Failed login\" ]` and `\"FailureValues\": [ \"AccountCreationFailed\" ]`", + "title": "FailureValues", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the header to match against. The name must be an exact match, including case.\n\nJSON example: `\"Name\": [ \"RequestResult\" ]`", + "title": "Name", + "type": "string" + }, + "SuccessValues": { + "items": { + "type": "string" + }, + "markdownDescription": "Values in the response header with the specified name that indicate a successful login or account creation attempt. To be counted as a success, the value must be an exact match, including case. Each value must be unique among the success and failure values.\n\nJSON examples: `\"SuccessValues\": [ \"LoginPassed\", \"Successful login\" ]` and `\"SuccessValues\": [ \"AccountCreated\", \"Successful account creation\" ]`", + "title": "SuccessValues", + "type": "array" + } + }, + "required": [ + "FailureValues", + "Name", + "SuccessValues" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.ResponseInspectionJson": { + "additionalProperties": false, + "properties": { + "FailureValues": { + "items": { + "type": "string" + }, + "markdownDescription": "Values for the specified identifier in the response JSON that indicate a failed login or account creation attempt. To be counted as a failure, the value must be an exact match, including case. Each value must be unique among the success and failure values.\n\nJSON example: `\"FailureValues\": [ \"False\", \"Failed\" ]`", + "title": "FailureValues", + "type": "array" + }, + "Identifier": { + "markdownDescription": "The identifier for the value to match against in the JSON. The identifier must be an exact match, including case.\n\nJSON examples: `\"Identifier\": [ \"/login/success\" ]` and `\"Identifier\": [ \"/sign-up/success\" ]`", + "title": "Identifier", + "type": "string" + }, + "SuccessValues": { + "items": { + "type": "string" + }, + "markdownDescription": "Values for the specified identifier in the response JSON that indicate a successful login or account creation attempt. To be counted as a success, the value must be an exact match, including case. Each value must be unique among the success and failure values.\n\nJSON example: `\"SuccessValues\": [ \"True\", \"Succeeded\" ]`", + "title": "SuccessValues", + "type": "array" + } + }, + "required": [ + "FailureValues", + "Identifier", + "SuccessValues" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.ResponseInspectionStatusCode": { + "additionalProperties": false, + "properties": { + "FailureCodes": { + "items": { + "type": "number" + }, + "markdownDescription": "Status codes in the response that indicate a failed login or account creation attempt. To be counted as a failure, the response status code must match one of these. Each code must be unique among the success and failure status codes.\n\nJSON example: `\"FailureCodes\": [ 400, 404 ]`", + "title": "FailureCodes", + "type": "array" + }, + "SuccessCodes": { + "items": { + "type": "number" + }, + "markdownDescription": "Status codes in the response that indicate a successful login or account creation attempt. To be counted as a success, the response status code must match one of these. Each code must be unique among the success and failure status codes.\n\nJSON example: `\"SuccessCodes\": [ 200, 201 ]`", + "title": "SuccessCodes", + "type": "array" + } + }, + "required": [ + "FailureCodes", + "SuccessCodes" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.Rule": { "additionalProperties": false, "properties": { "Action": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RuleAction", - "markdownDescription": "The action that AWS WAF should take on a web request when it matches the rule statement. Settings at the web ACL level can override the rule action setting.", + "$ref": "#/definitions/AWS::WAFv2::WebACL.RuleAction", + "markdownDescription": "The action that AWS WAF should take on a web request when it matches the rule's statement. Settings at the web ACL level can override the rule action setting.\n\nThis is used only for rules whose statements don't reference a rule group. Rule statements that reference a rule group are `RuleGroupReferenceStatement` and `ManagedRuleGroupStatement` .\n\nYou must set either this `Action` setting or the rule's `OverrideAction` , but not both:\n\n- If the rule statement doesn't reference a rule group, you must set this rule action setting and you must not set the rule's override action setting.\n- If the rule statement references a rule group, you must not set this action setting, because the actions are already set on the rules inside the rule group. You must set the rule's override action setting to indicate specifically whether to override the actions that are set on the rules in the rule group.", "title": "Action" }, "CaptchaConfig": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CaptchaConfig", + "$ref": "#/definitions/AWS::WAFv2::WebACL.CaptchaConfig", "markdownDescription": "Specifies how AWS WAF should handle `CAPTCHA` evaluations. If you don't specify this, AWS WAF uses the `CAPTCHA` configuration that's defined for the web ACL.", "title": "CaptchaConfig" }, "ChallengeConfig": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ChallengeConfig", + "$ref": "#/definitions/AWS::WAFv2::WebACL.ChallengeConfig", "markdownDescription": "Specifies how AWS WAF should handle `Challenge` evaluations. If you don't specify this, AWS WAF uses the challenge configuration that's defined for the web ACL.", "title": "ChallengeConfig" }, @@ -269082,6 +321335,11 @@ "title": "Name", "type": "string" }, + "OverrideAction": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.OverrideAction", + "markdownDescription": "The override action to apply to the rules in a rule group, instead of the individual rule action settings. This is used only for rules whose statements reference a rule group. Rule statements that reference a rule group are `RuleGroupReferenceStatement` and `ManagedRuleGroupStatement` .\n\nSet the override action to none to leave the rule group rule actions in effect. Set it to count to only count matches, regardless of the rule action settings.\n\nYou must set either this `OverrideAction` setting or the `Action` setting, but not both:\n\n- If the rule statement references a rule group, you must set this override action setting and you must not set the rule's action setting.\n- If the rule statement doesn't reference a rule group, you must set the rule action setting and you must not set the rule's override action setting.", + "title": "OverrideAction" + }, "Priority": { "markdownDescription": "If you define more than one `Rule` in a `WebACL` , AWS WAF evaluates each request against the `Rules` in order based on the value of `Priority` . AWS WAF processes rules with lower priority first. The priorities don't need to be consecutive, but they must all be different.", "title": "Priority", @@ -269089,19 +321347,19 @@ }, "RuleLabels": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Label" + "$ref": "#/definitions/AWS::WAFv2::WebACL.Label" }, "markdownDescription": "Labels to apply to web requests that match the rule match statement. AWS WAF applies fully qualified labels to matching web requests. A fully qualified label is the concatenation of a label namespace and a rule label. The rule's rule group or web ACL defines the label namespace.\n\n> Any rule that isn't a rule group reference statement or managed rule group statement can add labels to matching web requests. \n\nRules that run after this rule in the web ACL can match against these labels using a `LabelMatchStatement` .\n\nFor each label, provide a case-sensitive string containing optional namespaces and a label name, according to the following guidelines:\n\n- Separate each component of the label with a colon.\n- Each namespace or name can have up to 128 characters.\n- You can specify up to 5 namespaces in a label.\n- Don't use the following reserved words in your label specification: `aws` , `waf` , `managed` , `rulegroup` , `webacl` , `regexpatternset` , or `ipset` .\n\nFor example, `myLabelName` or `nameSpace1:nameSpace2:myLabelName` .", "title": "RuleLabels", "type": "array" }, "Statement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Statement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.Statement", "markdownDescription": "The AWS WAF processing statement for the rule, for example `ByteMatchStatement` or `SizeConstraintStatement` .", "title": "Statement" }, "VisibilityConfig": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.VisibilityConfig", + "$ref": "#/definitions/AWS::WAFv2::WebACL.VisibilityConfig", "markdownDescription": "Defines and enables Amazon CloudWatch metrics and web request sample collection.\n\nIf you change the name of a `Rule` after you create it and you want the rule's metric name to reflect the change, update the metric name as well. AWS WAF doesn't automatically update the metric name.", "title": "VisibilityConfig" } @@ -269114,38 +321372,88 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.RuleAction": { + "AWS::WAFv2::WebACL.RuleAction": { "additionalProperties": false, "properties": { "Allow": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.AllowAction", + "$ref": "#/definitions/AWS::WAFv2::WebACL.AllowAction", "markdownDescription": "Instructs AWS WAF to allow the web request.", "title": "Allow" }, "Block": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.BlockAction", + "$ref": "#/definitions/AWS::WAFv2::WebACL.BlockAction", "markdownDescription": "Instructs AWS WAF to block the web request.", "title": "Block" }, "Captcha": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CaptchaAction", + "$ref": "#/definitions/AWS::WAFv2::WebACL.CaptchaAction", "markdownDescription": "Specifies that AWS WAF should run a `CAPTCHA` check against the request:\n\n- If the request includes a valid, unexpired `CAPTCHA` token, AWS WAF allows the web request inspection to proceed to the next rule, similar to a `CountAction` .\n- If the request doesn't include a valid, unexpired `CAPTCHA` token, AWS WAF discontinues the web ACL evaluation of the request and blocks it from going to its intended destination.\n\nAWS WAF generates a response that it sends back to the client, which includes the following:\n\n- The header `x-amzn-waf-action` with a value of `captcha` .\n- The HTTP status code `405 Method Not Allowed` .\n- If the request contains an `Accept` header with a value of `text/html` , the response includes a `CAPTCHA` challenge.\n\nYou can configure the expiration time in the `CaptchaConfig` `ImmunityTimeProperty` setting at the rule and web ACL level. The rule setting overrides the web ACL setting.\n\nThis action option is available for rules. It isn't available for web ACL default actions.", "title": "Captcha" }, "Challenge": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ChallengeAction", + "$ref": "#/definitions/AWS::WAFv2::WebACL.ChallengeAction", "markdownDescription": "Instructs AWS WAF to run a `Challenge` check against the web request.", "title": "Challenge" }, "Count": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CountAction", + "$ref": "#/definitions/AWS::WAFv2::WebACL.CountAction", "markdownDescription": "Instructs AWS WAF to count the web request and then continue evaluating the request using the remaining rules in the web ACL.", "title": "Count" } }, "type": "object" }, - "AWS::WAFv2::RuleGroup.SingleHeader": { + "AWS::WAFv2::WebACL.RuleActionOverride": { + "additionalProperties": false, + "properties": { + "ActionToUse": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.RuleAction", + "markdownDescription": "The override action to use, in place of the configured action of the rule in the rule group.", + "title": "ActionToUse" + }, + "Name": { + "markdownDescription": "The name of the rule to override.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "ActionToUse", + "Name" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.RuleGroupReferenceStatement": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the entity.", + "title": "Arn", + "type": "string" + }, + "ExcludedRules": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ExcludedRule" + }, + "markdownDescription": "Rules in the referenced rule group whose actions are set to `Count` .\n\n> Instead of this option, use `RuleActionOverrides` . It accepts any valid action setting, including `Count` .", + "title": "ExcludedRules", + "type": "array" + }, + "RuleActionOverrides": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.RuleActionOverride" + }, + "markdownDescription": "Action settings to use in the place of the rule actions that are configured inside the rule group. You specify one override for each rule whose action you want to change.\n\n> Verify the rule names in your overrides carefully. With managed rule groups, AWS WAF silently ignores any override that uses an invalid rule name. With customer-owned rule groups, invalid rule names in your overrides will cause web ACL updates to fail. An invalid rule name is any name that doesn't exactly match the case-sensitive name of an existing rule in the rule group. \n\nYou can use overrides for testing, for example you can override all of rule actions to `Count` and then monitor the resulting count metrics to understand how the rule group would handle your web traffic. You can also permanently override some or all actions, to modify how the rule group manages your web traffic.", + "title": "RuleActionOverrides", + "type": "array" + } + }, + "required": [ + "Arn" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.SingleHeader": { "additionalProperties": false, "properties": { "Name": { @@ -269159,7 +321467,7 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.SingleQueryArgument": { + "AWS::WAFv2::WebACL.SingleQueryArgument": { "additionalProperties": false, "properties": { "Name": { @@ -269173,7 +321481,7 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.SizeConstraintStatement": { + "AWS::WAFv2::WebACL.SizeConstraintStatement": { "additionalProperties": false, "properties": { "ComparisonOperator": { @@ -269182,7 +321490,7 @@ "type": "string" }, "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.FieldToMatch", + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToMatch", "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", "title": "FieldToMatch" }, @@ -269193,7 +321501,7 @@ }, "TextTransformations": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", "title": "TextTransformations", @@ -269208,11 +321516,11 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.SqliMatchStatement": { + "AWS::WAFv2::WebACL.SqliMatchStatement": { "additionalProperties": false, "properties": { "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.FieldToMatch", + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToMatch", "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", "title": "FieldToMatch" }, @@ -269223,7 +321531,7 @@ }, "TextTransformations": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", "title": "TextTransformations", @@ -269236,78 +321544,93 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.Statement": { + "AWS::WAFv2::WebACL.Statement": { "additionalProperties": false, "properties": { "AndStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.AndStatement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.AndStatement", "markdownDescription": "A logical rule statement used to combine other rule statements with AND logic. You provide more than one `Statement` within the `AndStatement` .", "title": "AndStatement" }, + "AsnMatchStatement": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.AsnMatchStatement", + "markdownDescription": "A rule statement that inspects web traffic based on the Autonomous System Number (ASN) associated with the request's IP address.\n\nFor additional details, see [ASN match rule statement](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-type-asn-match.html) in the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html) .", + "title": "AsnMatchStatement" + }, "ByteMatchStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ByteMatchStatement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.ByteMatchStatement", "markdownDescription": "A rule statement that defines a string match search for AWS WAF to apply to web requests. The byte match statement provides the bytes to search for, the location in requests that you want AWS WAF to search, and other settings. The bytes to search for are typically a string that corresponds with ASCII characters. In the AWS WAF console and the developer guide, this is called a string match statement.", "title": "ByteMatchStatement" }, "GeoMatchStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.GeoMatchStatement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.GeoMatchStatement", "markdownDescription": "A rule statement that labels web requests by country and region and that matches against web requests based on country code. A geo match rule labels every request that it inspects regardless of whether it finds a match.\n\n- To manage requests only by country, you can use this statement by itself and specify the countries that you want to match against in the `CountryCodes` array.\n- Otherwise, configure your geo match rule with Count action so that it only labels requests. Then, add one or more label match rules to run after the geo match rule and configure them to match against the geographic labels and handle the requests as needed.\n\nAWS WAF labels requests using the alpha-2 country and region codes from the International Organization for Standardization (ISO) 3166 standard. AWS WAF determines the codes using either the IP address in the web request origin or, if you specify it, the address in the geo match `ForwardedIPConfig` .\n\nIf you use the web request origin, the label formats are `awswaf:clientip:geo:region:-` and `awswaf:clientip:geo:country:` .\n\nIf you use a forwarded IP address, the label formats are `awswaf:forwardedip:geo:region:-` and `awswaf:forwardedip:geo:country:` .\n\nFor additional details, see [Geographic match rule statement](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-type-geo-match.html) in the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html) .", "title": "GeoMatchStatement" }, "IPSetReferenceStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.IPSetReferenceStatement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.IPSetReferenceStatement", "markdownDescription": "A rule statement used to detect web requests coming from particular IP addresses or address ranges. To use this, create an `IPSet` that specifies the addresses you want to detect, then use the ARN of that set in this statement.\n\nEach IP set rule statement references an IP set. You create and maintain the set independent of your rules. This allows you to use the single set in multiple rules. When you update the referenced set, AWS WAF automatically updates all rules that reference it.", "title": "IPSetReferenceStatement" }, "LabelMatchStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.LabelMatchStatement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.LabelMatchStatement", "markdownDescription": "A rule statement to match against labels that have been added to the web request by rules that have already run in the web ACL.\n\nThe label match statement provides the label or namespace string to search for. The label string can represent a part or all of the fully qualified label name that had been added to the web request. Fully qualified labels have a prefix, optional namespaces, and label name. The prefix identifies the rule group or web ACL context of the rule that added the label. If you do not provide the fully qualified name in your label match string, AWS WAF performs the search for labels that were added in the same context as the label match statement.", "title": "LabelMatchStatement" }, + "ManagedRuleGroupStatement": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ManagedRuleGroupStatement", + "markdownDescription": "A rule statement used to run the rules that are defined in a managed rule group. To use this, provide the vendor name and the name of the rule group in this statement. You can retrieve the required names through the API call `ListAvailableManagedRuleGroups` .\n\nYou cannot nest a `ManagedRuleGroupStatement` , for example for use inside a `NotStatement` or `OrStatement` . It can only be referenced as a top-level statement within a rule.\n\n> You are charged additional fees when you use the AWS WAF Bot Control managed rule group `AWSManagedRulesBotControlRuleSet` , the AWS WAF Fraud Control account takeover prevention (ATP) managed rule group `AWSManagedRulesATPRuleSet` , or the AWS WAF Fraud Control account creation fraud prevention (ACFP) managed rule group `AWSManagedRulesACFPRuleSet` . For more information, see [AWS WAF Pricing](https://docs.aws.amazon.com/waf/pricing/) .", + "title": "ManagedRuleGroupStatement" + }, "NotStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.NotStatement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.NotStatement", "markdownDescription": "A logical rule statement used to negate the results of another rule statement. You provide one `Statement` within the `NotStatement` .", "title": "NotStatement" }, "OrStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.OrStatement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.OrStatement", "markdownDescription": "A logical rule statement used to combine other rule statements with OR logic. You provide more than one `Statement` within the `OrStatement` .", "title": "OrStatement" }, "RateBasedStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateBasedStatement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.RateBasedStatement", "markdownDescription": "A rate-based rule counts incoming requests and rate limits requests when they are coming at too fast a rate. The rule categorizes requests according to your aggregation criteria, collects them into aggregation instances, and counts and rate limits the requests for each instance.\n\n> If you change any of these settings in a rule that's currently in use, the change resets the rule's rate limiting counts. This can pause the rule's rate limiting activities for up to a minute. \n\nYou can specify individual aggregation keys, like IP address or HTTP method. You can also specify aggregation key combinations, like IP address and HTTP method, or HTTP method, query argument, and cookie.\n\nEach unique set of values for the aggregation keys that you specify is a separate aggregation instance, with the value from each key contributing to the aggregation instance definition.\n\nFor example, assume the rule evaluates web requests with the following IP address and HTTP method values:\n\n- IP address 10.1.1.1, HTTP method POST\n- IP address 10.1.1.1, HTTP method GET\n- IP address 127.0.0.0, HTTP method POST\n- IP address 10.1.1.1, HTTP method GET\n\nThe rule would create different aggregation instances according to your aggregation criteria, for example:\n\n- If the aggregation criteria is just the IP address, then each individual address is an aggregation instance, and AWS WAF counts requests separately for each. The aggregation instances and request counts for our example would be the following:\n\n- IP address 10.1.1.1: count 3\n- IP address 127.0.0.0: count 1\n- If the aggregation criteria is HTTP method, then each individual HTTP method is an aggregation instance. The aggregation instances and request counts for our example would be the following:\n\n- HTTP method POST: count 2\n- HTTP method GET: count 2\n- If the aggregation criteria is IP address and HTTP method, then each IP address and each HTTP method would contribute to the combined aggregation instance. The aggregation instances and request counts for our example would be the following:\n\n- IP address 10.1.1.1, HTTP method POST: count 1\n- IP address 10.1.1.1, HTTP method GET: count 2\n- IP address 127.0.0.0, HTTP method POST: count 1\n\nFor any n-tuple of aggregation keys, each unique combination of values for the keys defines a separate aggregation instance, which AWS WAF counts and rate-limits individually.\n\nYou can optionally nest another statement inside the rate-based statement, to narrow the scope of the rule so that it only counts and rate limits requests that match the nested statement. You can use this nested scope-down statement in conjunction with your aggregation key specifications or you can just count and rate limit all requests that match the scope-down statement, without additional aggregation. When you choose to just manage all requests that match a scope-down statement, the aggregation instance is singular for the rule.\n\nYou cannot nest a `RateBasedStatement` inside another statement, for example inside a `NotStatement` or `OrStatement` . You can define a `RateBasedStatement` inside a web ACL and inside a rule group.\n\nFor additional information about the options, see [Rate limiting web requests using rate-based rules](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rate-based-rules.html) in the *AWS WAF Developer Guide* .\n\nIf you only aggregate on the individual IP address or forwarded IP address, you can retrieve the list of IP addresses that AWS WAF is currently rate limiting for a rule through the API call `GetRateBasedStatementManagedKeys` . This option is not available for other aggregation configurations.\n\nAWS WAF tracks and manages web requests separately for each instance of a rate-based rule that you use. For example, if you provide the same rate-based rule settings in two web ACLs, each of the two rule statements represents a separate instance of the rate-based rule and gets its own tracking and management by AWS WAF . If you define a rate-based rule inside a rule group, and then use that rule group in multiple places, each use creates a separate instance of the rate-based rule that gets its own tracking and management by AWS WAF .", "title": "RateBasedStatement" }, "RegexMatchStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RegexMatchStatement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.RegexMatchStatement", "markdownDescription": "A rule statement used to search web request components for a match against a single regular expression.", "title": "RegexMatchStatement" }, "RegexPatternSetReferenceStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RegexPatternSetReferenceStatement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.RegexPatternSetReferenceStatement", "markdownDescription": "A rule statement used to search web request components for matches with regular expressions. To use this, create a `RegexPatternSet` that specifies the expressions that you want to detect, then use the ARN of that set in this statement. A web request matches the pattern set rule statement if the request component matches any of the patterns in the set.\n\nEach regex pattern set rule statement references a regex pattern set. You create and maintain the set independent of your rules. This allows you to use the single set in multiple rules. When you update the referenced set, AWS WAF automatically updates all rules that reference it.", "title": "RegexPatternSetReferenceStatement" }, + "RuleGroupReferenceStatement": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.RuleGroupReferenceStatement", + "markdownDescription": "A rule statement used to run the rules that are defined in a `RuleGroup` . To use this, create a rule group with your rules, then provide the ARN of the rule group in this statement.\n\nYou cannot nest a `RuleGroupReferenceStatement` , for example for use inside a `NotStatement` or `OrStatement` . You cannot use a rule group reference statement inside another rule group. You can only reference a rule group as a top-level statement within a rule that you define in a web ACL.", + "title": "RuleGroupReferenceStatement" + }, "SizeConstraintStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.SizeConstraintStatement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.SizeConstraintStatement", "markdownDescription": "A rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (>) or less than (<). For example, you can use a size constraint statement to look for query strings that are longer than 100 bytes.\n\nIf you configure AWS WAF to inspect the request body, AWS WAF inspects only the number of bytes in the body up to the limit for the web ACL and protected resource type. If you know that the request body for your web requests should never exceed the inspection limit, you can use a size constraint statement to block requests that have a larger request body size. For more information about the inspection limits, see `Body` and `JsonBody` settings for the `FieldToMatch` data type.\n\nIf you choose URI for the value of Part of the request to filter on, the slash (/) in the URI counts as one character. For example, the URI `/logo.jpg` is nine characters long.", "title": "SizeConstraintStatement" }, "SqliMatchStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.SqliMatchStatement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.SqliMatchStatement", "markdownDescription": "A rule statement that inspects for malicious SQL code. Attackers insert malicious SQL code into web requests to do things like modify your database or extract data from it.", "title": "SqliMatchStatement" }, "XssMatchStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.XssMatchStatement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.XssMatchStatement", "markdownDescription": "A rule statement that inspects for cross-site scripting (XSS) attacks. In XSS attacks, the attacker uses vulnerabilities in a benign website as a vehicle to inject malicious client-site scripts into other legitimate web browsers.", "title": "XssMatchStatement" } }, "type": "object" }, - "AWS::WAFv2::RuleGroup.TextTransformation": { + "AWS::WAFv2::WebACL.TextTransformation": { "additionalProperties": false, "properties": { "Priority": { @@ -269327,7 +321650,18 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.VisibilityConfig": { + "AWS::WAFv2::WebACL.UriFragment": { + "additionalProperties": false, + "properties": { + "FallbackBehavior": { + "markdownDescription": "What AWS WAF should do if it fails to completely parse the JSON body. The options are the following:\n\n- `EVALUATE_AS_STRING` - Inspect the body as plain text. AWS WAF applies the text transformations and inspection criteria that you defined for the JSON inspection to the body text string.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.\n\nIf you don't provide this setting, AWS WAF parses and evaluates the content only up to the first parsing failure that it encounters.\n\nExample JSON: `{ \"UriFragment\": { \"FallbackBehavior\": \"MATCH\"} }`\n\n> AWS WAF parsing doesn't fully validate the input JSON string, so parsing can succeed even for invalid JSON. When parsing succeeds, AWS WAF doesn't apply the fallback behavior. For more information, see [JSON body](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-fields-list.html#waf-rule-statement-request-component-json-body) in the *AWS WAF Developer Guide* .", + "title": "FallbackBehavior", + "type": "string" + } + }, + "type": "object" + }, + "AWS::WAFv2::WebACL.VisibilityConfig": { "additionalProperties": false, "properties": { "CloudWatchMetricsEnabled": { @@ -269353,17 +321687,17 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.XssMatchStatement": { + "AWS::WAFv2::WebACL.XssMatchStatement": { "additionalProperties": false, "properties": { "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.FieldToMatch", + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToMatch", "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", "title": "FieldToMatch" }, "TextTransformations": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", "title": "TextTransformations", @@ -269376,7 +321710,7 @@ ], "type": "object" }, - "AWS::WAFv2::WebACL": { + "AWS::WAFv2::WebACLAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -269411,92 +321745,26 @@ "Properties": { "additionalProperties": false, "properties": { - "AssociationConfig": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.AssociationConfig", - "markdownDescription": "Specifies custom configurations for the associations between the web ACL and protected resources.\n\nUse this to customize the maximum size of the request body that your protected resources forward to AWS WAF for inspection. You can customize this setting for CloudFront, API Gateway, Amazon Cognito, App Runner, or Verified Access resources. The default setting is 16 KB (16,384 bytes).\n\n> You are charged additional fees when your protected resources forward body sizes that are larger than the default. For more information, see [AWS WAF Pricing](https://docs.aws.amazon.com/waf/pricing/) . \n\nFor Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).", - "title": "AssociationConfig" - }, - "CaptchaConfig": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.CaptchaConfig", - "markdownDescription": "Specifies how AWS WAF should handle `CAPTCHA` evaluations for rules that don't have their own `CaptchaConfig` settings. If you don't specify this, AWS WAF uses its default settings for `CaptchaConfig` .", - "title": "CaptchaConfig" - }, - "ChallengeConfig": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ChallengeConfig", - "markdownDescription": "Specifies how AWS WAF should handle challenge evaluations for rules that don't have their own `ChallengeConfig` settings. If you don't specify this, AWS WAF uses its default settings for `ChallengeConfig` .", - "title": "ChallengeConfig" - }, - "CustomResponseBodies": { - "additionalProperties": false, - "markdownDescription": "A map of custom response keys and content bodies. When you create a rule with a block action, you can send a custom response to the web request. You define these for the web ACL, and then use them in the rules and default actions that you define in the web ACL.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomResponseBody" - } - }, - "title": "CustomResponseBodies", - "type": "object" - }, - "DefaultAction": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.DefaultAction", - "markdownDescription": "The action to perform if none of the `Rules` contained in the `WebACL` match.", - "title": "DefaultAction" - }, - "Description": { - "markdownDescription": "A description of the web ACL that helps with identification.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the web ACL. You cannot change the name of a web ACL after you create it.", - "title": "Name", + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource to associate with the web ACL.\n\nThe ARN must be in one of the following formats:\n\n- For an Application Load Balancer: `arn: *partition* :elasticloadbalancing: *region* : *account-id* :loadbalancer/app/ *load-balancer-name* / *load-balancer-id*`\n- For an Amazon API Gateway REST API: `arn: *partition* :apigateway: *region* ::/restapis/ *api-id* /stages/ *stage-name*`\n- For an AWS AppSync GraphQL API: `arn: *partition* :appsync: *region* : *account-id* :apis/ *GraphQLApiId*`\n- For an Amazon Cognito user pool: `arn: *partition* :cognito-idp: *region* : *account-id* :userpool/ *user-pool-id*`\n- For an AWS App Runner service: `arn: *partition* :apprunner: *region* : *account-id* :service/ *apprunner-service-name* / *apprunner-service-id*`\n- For an AWS Verified Access instance: `arn: *partition* :ec2: *region* : *account-id* :verified-access-instance/ *instance-id*`\n- For an AWS Amplify instance: `arn: *partition* :amplify: *region* : *account-id* :apps/ *app-id*`", + "title": "ResourceArn", "type": "string" }, - "Rules": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.Rule" - }, - "markdownDescription": "The rule statements used to identify the web requests that you want to manage. Each rule includes one top-level statement that AWS WAF uses to identify matching web requests, and parameters that govern how AWS WAF handles them.", - "title": "Rules", - "type": "array" - }, - "Scope": { - "markdownDescription": "Specifies whether this is for an Amazon CloudFront distribution or for a regional application. For an AWS Amplify application, use `CLOUDFRONT` . A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AWS AppSync GraphQL API, an Amazon Cognito user pool, an AWS App Runner service, or an AWS Verified Access instance. Valid Values are `CLOUDFRONT` and `REGIONAL` .\n\n> For `CLOUDFRONT` , you must create your WAFv2 resources in the US East (N. Virginia) Region, `us-east-1` . \n\nFor information about how to define the association of the web ACL with your resource, see `WebACLAssociation` .", - "title": "Scope", + "WebACLArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the web ACL that you want to associate with the resource.", + "title": "WebACLArn", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.\n\n> To modify tags on existing resources, use the AWS WAF APIs or command line interface. With AWS CloudFormation , you can only add tags to AWS WAF resources during resource creation.", - "title": "Tags", - "type": "array" - }, - "TokenDomains": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the domains that AWS WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When AWS WAF provides a token, it uses the domain of the AWS resource that the web ACL is protecting. If you don't specify a list of token domains, AWS WAF accepts tokens only for the domain of the protected resource. With a token domain list, AWS WAF accepts the resource's host domain plus all domains in the token domain list, including their prefixed subdomains.", - "title": "TokenDomains", - "type": "array" - }, - "VisibilityConfig": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.VisibilityConfig", - "markdownDescription": "Defines and enables Amazon CloudWatch metrics and web request sample collection.", - "title": "VisibilityConfig" } }, "required": [ - "DefaultAction", - "Scope", - "VisibilityConfig" + "ResourceArn", + "WebACLArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::WAFv2::WebACL" + "AWS::WAFv2::WebACLAssociation" ], "type": "string" }, @@ -269515,1937 +321783,2407 @@ ], "type": "object" }, - "AWS::WAFv2::WebACL.AWSManagedRulesACFPRuleSet": { + "AWS::Wisdom::AIAgent": { "additionalProperties": false, "properties": { - "CreationPath": { - "markdownDescription": "The path of the account creation endpoint for your application. This is the page on your website that accepts the completed registration form for a new user. This page must accept `POST` requests.\n\nFor example, for the URL `https://example.com/web/newaccount` , you would provide the path `/web/newaccount` . Account creation page paths that start with the path that you provide are considered a match. For example `/web/newaccount` matches the account creation paths `/web/newaccount` , `/web/newaccount/` , `/web/newaccountPage` , and `/web/newaccount/thisPage` , but doesn't match the path `/home/web/newaccount` or `/website/newaccount` .", - "title": "CreationPath", + "Condition": { "type": "string" }, - "EnableRegexInPath": { - "markdownDescription": "Allow the use of regular expressions in the registration page path and the account creation path.", - "title": "EnableRegexInPath", - "type": "boolean" - }, - "RegistrationPagePath": { - "markdownDescription": "The path of the account registration endpoint for your application. This is the page on your website that presents the registration form to new users.\n\n> This page must accept `GET` text/html requests. \n\nFor example, for the URL `https://example.com/web/registration` , you would provide the path `/web/registration` . Registration page paths that start with the path that you provide are considered a match. For example `/web/registration` matches the registration paths `/web/registration` , `/web/registration/` , `/web/registrationPage` , and `/web/registration/thisPage` , but doesn't match the path `/home/web/registration` or `/website/registration` .", - "title": "RegistrationPagePath", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "RequestInspection": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RequestInspectionACFP", - "markdownDescription": "The criteria for inspecting account creation requests, used by the ACFP rule group to validate and track account creation attempts.", - "title": "RequestInspection" - }, - "ResponseInspection": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspection", - "markdownDescription": "The criteria for inspecting responses to account creation requests, used by the ACFP rule group to track account creation success rates.\n\n> Response inspection is available only in web ACLs that protect Amazon CloudFront distributions. \n\nThe ACFP rule group evaluates the responses that your protected resources send back to client account creation attempts, keeping count of successful and failed attempts from each IP address and client session. Using this information, the rule group labels and mitigates requests from client sessions and IP addresses that have had too many successful account creation attempts in a short amount of time.", - "title": "ResponseInspection" - } - }, - "required": [ - "CreationPath", - "RegistrationPagePath", - "RequestInspection" - ], - "type": "object" - }, - "AWS::WAFv2::WebACL.AWSManagedRulesATPRuleSet": { - "additionalProperties": false, - "properties": { - "EnableRegexInPath": { - "markdownDescription": "Allow the use of regular expressions in the login page path.", - "title": "EnableRegexInPath", - "type": "boolean" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "LoginPath": { - "markdownDescription": "The path of the login endpoint for your application. For example, for the URL `https://example.com/web/login` , you would provide the path `/web/login` . Login paths that start with the path that you provide are considered a match. For example `/web/login` matches the login paths `/web/login` , `/web/login/` , `/web/loginPage` , and `/web/login/thisPage` , but doesn't match the login path `/home/web/login` or `/website/login` .\n\nThe rule group inspects only HTTP `POST` requests to your specified login endpoint.", - "title": "LoginPath", - "type": "string" + "Metadata": { + "type": "object" }, - "RequestInspection": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RequestInspection", - "markdownDescription": "The criteria for inspecting login requests, used by the ATP rule group to validate credentials usage.", - "title": "RequestInspection" + "Properties": { + "additionalProperties": false, + "properties": { + "AssistantId": { + "markdownDescription": "The identifier of the Amazon Q in Connect assistant. Can be either the ID or the ARN. URLs cannot contain the ARN.", + "title": "AssistantId", + "type": "string" + }, + "Configuration": { + "$ref": "#/definitions/AWS::Wisdom::AIAgent.AIAgentConfiguration", + "markdownDescription": "Configuration for the AI Agent.", + "title": "Configuration" + }, + "Description": { + "markdownDescription": "The description of the AI Agent.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the AI Agent.", + "title": "Name", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "Type": { + "markdownDescription": "The type of the AI Agent.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "AssistantId", + "Configuration", + "Type" + ], + "type": "object" }, - "ResponseInspection": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspection", - "markdownDescription": "The criteria for inspecting responses to login requests, used by the ATP rule group to track login failure rates.\n\n> Response inspection is available only in web ACLs that protect Amazon CloudFront distributions. \n\nThe ATP rule group evaluates the responses that your protected resources send back to client login attempts, keeping count of successful and failed attempts for each IP address and client session. Using this information, the rule group labels and mitigates requests from client sessions and IP addresses that have had too many failed login attempts in a short amount of time.", - "title": "ResponseInspection" - } - }, - "required": [ - "LoginPath" - ], - "type": "object" - }, - "AWS::WAFv2::WebACL.AWSManagedRulesBotControlRuleSet": { - "additionalProperties": false, - "properties": { - "EnableMachineLearning": { - "markdownDescription": "Applies only to the targeted inspection level.\n\nDetermines whether to use machine learning (ML) to analyze your web traffic for bot-related activity. Machine learning is required for the Bot Control rules `TGT_ML_CoordinatedActivityLow` and `TGT_ML_CoordinatedActivityMedium` , which\ninspect for anomalous behavior that might indicate distributed, coordinated bot activity.\n\nFor more information about this choice, see the listing for these rules in the table at [Bot Control rules listing](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html#aws-managed-rule-groups-bot-rules) in the *AWS WAF Developer Guide* .\n\nDefault: `TRUE`", - "title": "EnableMachineLearning", - "type": "boolean" + "Type": { + "enum": [ + "AWS::Wisdom::AIAgent" + ], + "type": "string" }, - "InspectionLevel": { - "markdownDescription": "The inspection level to use for the Bot Control rule group. The common level is the least expensive. The targeted level includes all common level rules and adds rules with more advanced inspection criteria. For details, see [AWS WAF Bot Control rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html) in the *AWS WAF Developer Guide* .", - "title": "InspectionLevel", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "InspectionLevel" - ], - "type": "object" - }, - "AWS::WAFv2::WebACL.AllowAction": { - "additionalProperties": false, - "properties": { - "CustomRequestHandling": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomRequestHandling", - "markdownDescription": "Defines custom handling for the web request.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", - "title": "CustomRequestHandling" - } - }, - "type": "object" - }, - "AWS::WAFv2::WebACL.AndStatement": { - "additionalProperties": false, - "properties": { - "Statements": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.Statement" - }, - "markdownDescription": "The statements to combine with AND logic. You can use any statements that can be nested.", - "title": "Statements", - "type": "array" - } - }, - "required": [ - "Statements" + "Type", + "Properties" ], "type": "object" }, - "AWS::WAFv2::WebACL.AssociationConfig": { - "additionalProperties": false, - "properties": { - "RequestBody": { - "additionalProperties": false, - "markdownDescription": "Customizes the maximum size of the request body that your protected CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access resources forward to AWS WAF for inspection. The default size is 16 KB (16,384 bytes). You can change the setting for any of the available resource types.\n\n> You are charged additional fees when your protected resources forward body sizes that are larger than the default. For more information, see [AWS WAF Pricing](https://docs.aws.amazon.com/waf/pricing/) . \n\nExample JSON: `{ \"API_GATEWAY\": \"KB_48\", \"APP_RUNNER_SERVICE\": \"KB_32\" }`\n\nFor Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RequestBodyAssociatedResourceTypeConfig" - } - }, - "title": "RequestBody", - "type": "object" - } - }, - "type": "object" - }, - "AWS::WAFv2::WebACL.BlockAction": { - "additionalProperties": false, - "properties": { - "CustomResponse": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomResponse", - "markdownDescription": "Defines a custom response for the web request.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", - "title": "CustomResponse" - } - }, - "type": "object" - }, - "AWS::WAFv2::WebACL.Body": { + "AWS::Wisdom::AIAgent.AIAgentConfiguration": { "additionalProperties": false, "properties": { - "OversizeHandling": { - "markdownDescription": "What AWS WAF should do if the body is larger than AWS WAF can inspect.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n- For AWS Amplify , use the CloudFront limit.\n\nThe options for oversize handling are the following:\n\n- `CONTINUE` - Inspect the available body contents normally, according to the rule inspection criteria.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.\n\nYou can combine the `MATCH` or `NO_MATCH` settings for oversize handling with your rule and web ACL action settings, so that you block any request whose body is over the limit.\n\nDefault: `CONTINUE`", - "title": "OversizeHandling", - "type": "string" + "AnswerRecommendationAIAgentConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::AIAgent.AnswerRecommendationAIAgentConfiguration", + "markdownDescription": "The configuration for AI Agents of type `ANSWER_RECOMMENDATION` .", + "title": "AnswerRecommendationAIAgentConfiguration" + }, + "ManualSearchAIAgentConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::AIAgent.ManualSearchAIAgentConfiguration", + "markdownDescription": "The configuration for AI Agents of type `MANUAL_SEARCH` .", + "title": "ManualSearchAIAgentConfiguration" + }, + "SelfServiceAIAgentConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::AIAgent.SelfServiceAIAgentConfiguration", + "markdownDescription": "The self-service AI agent configuration.", + "title": "SelfServiceAIAgentConfiguration" } }, "type": "object" }, - "AWS::WAFv2::WebACL.ByteMatchStatement": { + "AWS::Wisdom::AIAgent.AnswerRecommendationAIAgentConfiguration": { "additionalProperties": false, "properties": { - "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToMatch", - "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", - "title": "FieldToMatch" - }, - "PositionalConstraint": { - "markdownDescription": "The area within the portion of the web request that you want AWS WAF to search for `SearchString` . Valid values include the following:\n\n*CONTAINS*\n\nThe specified part of the web request must include the value of `SearchString` , but the location doesn't matter.\n\n*CONTAINS_WORD*\n\nThe specified part of the web request must include the value of `SearchString` , and `SearchString` must contain only alphanumeric characters or underscore (A-Z, a-z, 0-9, or _). In addition, `SearchString` must be a word, which means that both of the following are true:\n\n- `SearchString` is at the beginning of the specified part of the web request or is preceded by a character other than an alphanumeric character or underscore (_). Examples include the value of a header and `;BadBot` .\n- `SearchString` is at the end of the specified part of the web request or is followed by a character other than an alphanumeric character or underscore (_), for example, `BadBot;` and `-BadBot;` .\n\n*EXACTLY*\n\nThe value of the specified part of the web request must exactly match the value of `SearchString` .\n\n*STARTS_WITH*\n\nThe value of `SearchString` must appear at the beginning of the specified part of the web request.\n\n*ENDS_WITH*\n\nThe value of `SearchString` must appear at the end of the specified part of the web request.", - "title": "PositionalConstraint", - "type": "string" - }, - "SearchString": { - "markdownDescription": "A string value that you want AWS WAF to search for. AWS WAF searches only in the part of web requests that you designate for inspection in `FieldToMatch` . The maximum length of the value is 200 bytes. For alphabetic characters A-Z and a-z, the value is case sensitive.\n\nDon't encode this string. Provide the value that you want AWS WAF to search for. AWS CloudFormation automatically base64 encodes the value for you.\n\nFor example, suppose the value of `Type` is `HEADER` and the value of `Data` is `User-Agent` . If you want to search the `User-Agent` header for the value `BadBot` , you provide the string `BadBot` in the value of `SearchString` .\n\nYou must specify either `SearchString` or `SearchStringBase64` in a `ByteMatchStatement` .", - "title": "SearchString", + "AnswerGenerationAIGuardrailId": { + "markdownDescription": "The ID of the answer generation AI guardrail.", + "title": "AnswerGenerationAIGuardrailId", "type": "string" }, - "SearchStringBase64": { - "markdownDescription": "String to search for in a web request component, base64-encoded. If you don't want to encode the string, specify the unencoded value in `SearchString` instead.\n\nYou must specify either `SearchString` or `SearchStringBase64` in a `ByteMatchStatement` .", - "title": "SearchStringBase64", + "AnswerGenerationAIPromptId": { + "markdownDescription": "The AI Prompt identifier for the Answer Generation prompt used by the `ANSWER_RECOMMENDATION` AI Agent.", + "title": "AnswerGenerationAIPromptId", "type": "string" }, - "TextTransformations": { + "AssociationConfigurations": { "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" + "$ref": "#/definitions/AWS::Wisdom::AIAgent.AssociationConfiguration" }, - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", - "title": "TextTransformations", + "markdownDescription": "The association configurations for overriding behavior on this AI Agent.", + "title": "AssociationConfigurations", "type": "array" + }, + "IntentLabelingGenerationAIPromptId": { + "markdownDescription": "The AI Prompt identifier for the Intent Labeling prompt used by the `ANSWER_RECOMMENDATION` AI Agent.", + "title": "IntentLabelingGenerationAIPromptId", + "type": "string" + }, + "Locale": { + "markdownDescription": "The locale to which specifies the language and region settings that determine the response language for [QueryAssistant](https://docs.aws.amazon.com/connect/latest/APIReference/API_amazon-q-connect_QueryAssistant.html) .", + "title": "Locale", + "type": "string" + }, + "QueryReformulationAIPromptId": { + "markdownDescription": "The AI Prompt identifier for the Query Reformulation prompt used by the `ANSWER_RECOMMENDATION` AI Agent.", + "title": "QueryReformulationAIPromptId", + "type": "string" } }, - "required": [ - "FieldToMatch", - "PositionalConstraint", - "TextTransformations" - ], "type": "object" }, - "AWS::WAFv2::WebACL.CaptchaAction": { + "AWS::Wisdom::AIAgent.AssociationConfiguration": { "additionalProperties": false, "properties": { - "CustomRequestHandling": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomRequestHandling", - "markdownDescription": "Defines custom handling for the web request, used when the `CAPTCHA` inspection determines that the request's token is valid and unexpired.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", - "title": "CustomRequestHandling" + "AssociationConfigurationData": { + "$ref": "#/definitions/AWS::Wisdom::AIAgent.AssociationConfigurationData", + "markdownDescription": "A typed union of the data of the configuration for an Amazon Q in Connect Assistant Association.", + "title": "AssociationConfigurationData" + }, + "AssociationId": { + "markdownDescription": "The identifier of the association for this Association Configuration.", + "title": "AssociationId", + "type": "string" + }, + "AssociationType": { + "markdownDescription": "The type of the association for this Association Configuration.", + "title": "AssociationType", + "type": "string" } }, "type": "object" }, - "AWS::WAFv2::WebACL.CaptchaConfig": { + "AWS::Wisdom::AIAgent.AssociationConfigurationData": { "additionalProperties": false, "properties": { - "ImmunityTimeProperty": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ImmunityTimeProperty", - "markdownDescription": "Determines how long a `CAPTCHA` timestamp in the token remains valid after the client successfully solves a `CAPTCHA` puzzle.", - "title": "ImmunityTimeProperty" + "KnowledgeBaseAssociationConfigurationData": { + "$ref": "#/definitions/AWS::Wisdom::AIAgent.KnowledgeBaseAssociationConfigurationData", + "markdownDescription": "The data of the configuration for a `KNOWLEDGE_BASE` type Amazon Q in Connect Assistant Association.", + "title": "KnowledgeBaseAssociationConfigurationData" } }, + "required": [ + "KnowledgeBaseAssociationConfigurationData" + ], "type": "object" }, - "AWS::WAFv2::WebACL.ChallengeAction": { + "AWS::Wisdom::AIAgent.KnowledgeBaseAssociationConfigurationData": { "additionalProperties": false, "properties": { - "CustomRequestHandling": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomRequestHandling", - "markdownDescription": "Defines custom handling for the web request, used when the challenge inspection determines that the request's token is valid and unexpired.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the [AWS WAF developer guide](https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html) .", - "title": "CustomRequestHandling" + "ContentTagFilter": { + "$ref": "#/definitions/AWS::Wisdom::AIAgent.TagFilter", + "markdownDescription": "An object that can be used to specify Tag conditions.", + "title": "ContentTagFilter" + }, + "MaxResults": { + "markdownDescription": "The maximum number of results to return per page.", + "title": "MaxResults", + "type": "number" + }, + "OverrideKnowledgeBaseSearchType": { + "markdownDescription": "", + "title": "OverrideKnowledgeBaseSearchType", + "type": "string" } }, "type": "object" }, - "AWS::WAFv2::WebACL.ChallengeConfig": { + "AWS::Wisdom::AIAgent.ManualSearchAIAgentConfiguration": { "additionalProperties": false, "properties": { - "ImmunityTimeProperty": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ImmunityTimeProperty", - "markdownDescription": "Determines how long a challenge timestamp in the token remains valid after the client successfully responds to a challenge.", - "title": "ImmunityTimeProperty" + "AnswerGenerationAIGuardrailId": { + "markdownDescription": "The ID of the answer generation AI guardrail.", + "title": "AnswerGenerationAIGuardrailId", + "type": "string" + }, + "AnswerGenerationAIPromptId": { + "markdownDescription": "The AI Prompt identifier for the Answer Generation prompt used by the `ANSWER_RECOMMENDATION` AI Agent.", + "title": "AnswerGenerationAIPromptId", + "type": "string" + }, + "AssociationConfigurations": { + "items": { + "$ref": "#/definitions/AWS::Wisdom::AIAgent.AssociationConfiguration" + }, + "markdownDescription": "The association configurations for overriding behavior on this AI Agent.", + "title": "AssociationConfigurations", + "type": "array" + }, + "Locale": { + "markdownDescription": "The locale to which specifies the language and region settings that determine the response language for [QueryAssistant](https://docs.aws.amazon.com/connect/latest/APIReference/API_amazon-q-connect_QueryAssistant.html) .", + "title": "Locale", + "type": "string" } }, "type": "object" }, - "AWS::WAFv2::WebACL.CookieMatchPattern": { + "AWS::Wisdom::AIAgent.OrCondition": { "additionalProperties": false, "properties": { - "All": { - "markdownDescription": "Inspect all cookies.", - "title": "All", - "type": "object" - }, - "ExcludedCookies": { + "AndConditions": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Wisdom::AIAgent.TagCondition" }, - "markdownDescription": "Inspect only the cookies whose keys don't match any of the strings specified here.", - "title": "ExcludedCookies", + "markdownDescription": "", + "title": "AndConditions", "type": "array" }, - "IncludedCookies": { - "items": { - "type": "string" - }, - "markdownDescription": "Inspect only the cookies that have a key that matches one of the strings specified here.", - "title": "IncludedCookies", - "type": "array" + "TagCondition": { + "$ref": "#/definitions/AWS::Wisdom::AIAgent.TagCondition", + "markdownDescription": "A leaf node condition which can be used to specify a tag condition.", + "title": "TagCondition" } }, "type": "object" }, - "AWS::WAFv2::WebACL.Cookies": { + "AWS::Wisdom::AIAgent.SelfServiceAIAgentConfiguration": { "additionalProperties": false, "properties": { - "MatchPattern": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.CookieMatchPattern", - "markdownDescription": "The filter to use to identify the subset of cookies to inspect in a web request.\n\nYou must specify exactly one setting: either `All` , `IncludedCookies` , or `ExcludedCookies` .\n\nExample JSON: `\"MatchPattern\": { \"IncludedCookies\": [ \"session-id-time\", \"session-id\" ] }`", - "title": "MatchPattern" + "AssociationConfigurations": { + "items": { + "$ref": "#/definitions/AWS::Wisdom::AIAgent.AssociationConfiguration" + }, + "markdownDescription": "The association configuration of the self-service AI agent.", + "title": "AssociationConfigurations", + "type": "array" }, - "MatchScope": { - "markdownDescription": "The parts of the cookies to inspect with the rule inspection criteria. If you specify `ALL` , AWS WAF inspects both keys and values.\n\n`All` does not require a match to be found in the keys and a match to be found in the values. It requires a match to be found in the keys or the values or both. To require a match in the keys and in the values, use a logical `AND` statement to combine two match rules, one that inspects the keys and another that inspects the values.", - "title": "MatchScope", + "SelfServiceAIGuardrailId": { + "markdownDescription": "The ID of the self-service AI guardrail.", + "title": "SelfServiceAIGuardrailId", "type": "string" }, - "OversizeHandling": { - "markdownDescription": "What AWS WAF should do if the cookies of the request are more numerous or larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF .\n\nThe options for oversize handling are the following:\n\n- `CONTINUE` - Inspect the available cookies normally, according to the rule inspection criteria.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", - "title": "OversizeHandling", + "SelfServiceAnswerGenerationAIPromptId": { + "markdownDescription": "The ID of the self-service answer generation AI prompt.", + "title": "SelfServiceAnswerGenerationAIPromptId", + "type": "string" + }, + "SelfServicePreProcessingAIPromptId": { + "markdownDescription": "The ID of the self-service preprocessing AI prompt.", + "title": "SelfServicePreProcessingAIPromptId", "type": "string" - } - }, - "required": [ - "MatchPattern", - "MatchScope", - "OversizeHandling" - ], - "type": "object" - }, - "AWS::WAFv2::WebACL.CountAction": { - "additionalProperties": false, - "properties": { - "CustomRequestHandling": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomRequestHandling", - "markdownDescription": "Defines custom handling for the web request.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", - "title": "CustomRequestHandling" } }, "type": "object" }, - "AWS::WAFv2::WebACL.CustomHTTPHeader": { + "AWS::Wisdom::AIAgent.TagCondition": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the custom header.\n\nFor custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name `x-amzn-waf-` , to avoid confusion with the headers that are already in the request. For example, for the header name `sample` , AWS WAF inserts the header `x-amzn-waf-sample` .", - "title": "Name", + "Key": { + "markdownDescription": "The tag key in the tag condition.", + "title": "Key", "type": "string" }, "Value": { - "markdownDescription": "The value of the custom header.", + "markdownDescription": "The tag value in the tag condition.", "title": "Value", "type": "string" } }, "required": [ - "Name", - "Value" + "Key" ], "type": "object" }, - "AWS::WAFv2::WebACL.CustomRequestHandling": { + "AWS::Wisdom::AIAgent.TagFilter": { "additionalProperties": false, "properties": { - "InsertHeaders": { + "AndConditions": { "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomHTTPHeader" + "$ref": "#/definitions/AWS::Wisdom::AIAgent.TagCondition" }, - "markdownDescription": "The HTTP headers to insert into the request. Duplicate header names are not allowed.\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", - "title": "InsertHeaders", + "markdownDescription": "A list of conditions which would be applied together with an `AND` condition.", + "title": "AndConditions", + "type": "array" + }, + "OrConditions": { + "items": { + "$ref": "#/definitions/AWS::Wisdom::AIAgent.OrCondition" + }, + "markdownDescription": "A list of conditions which would be applied together with an `OR` condition.", + "title": "OrConditions", "type": "array" + }, + "TagCondition": { + "$ref": "#/definitions/AWS::Wisdom::AIAgent.TagCondition", + "markdownDescription": "A leaf node condition which can be used to specify a tag condition.", + "title": "TagCondition" } }, - "required": [ - "InsertHeaders" - ], "type": "object" }, - "AWS::WAFv2::WebACL.CustomResponse": { + "AWS::Wisdom::AIAgentVersion": { "additionalProperties": false, "properties": { - "CustomResponseBodyKey": { - "markdownDescription": "References the response body that you want AWS WAF to return to the web request client. You can define a custom response for a rule action or a default web ACL action that is set to block. To do this, you first define the response body key and value in the `CustomResponseBodies` setting for the `WebACL` or `RuleGroup` where you want to use it. Then, in the rule action or web ACL default action `BlockAction` setting, you reference the response body using this key.", - "title": "CustomResponseBodyKey", + "Condition": { "type": "string" }, - "ResponseCode": { - "markdownDescription": "The HTTP status code to return to the client.\n\nFor a list of status codes that you can use in your custom responses, see [Supported status codes for custom response](https://docs.aws.amazon.com/waf/latest/developerguide/customizing-the-response-status-codes.html) in the *AWS WAF Developer Guide* .", - "title": "ResponseCode", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ResponseHeaders": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomHTTPHeader" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AIAgentId": { + "markdownDescription": "The identifier of the AI Agent.", + "title": "AIAgentId", + "type": "string" + }, + "AssistantId": { + "markdownDescription": "", + "title": "AssistantId", + "type": "string" + }, + "ModifiedTimeSeconds": { + "markdownDescription": "The time the AI Agent version was last modified in seconds.", + "title": "ModifiedTimeSeconds", + "type": "number" + } }, - "markdownDescription": "The HTTP headers to use in the response. You can specify any header name except for `content-type` . Duplicate header names are not allowed.\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", - "title": "ResponseHeaders", - "type": "array" + "required": [ + "AIAgentId", + "AssistantId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Wisdom::AIAgentVersion" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "ResponseCode" + "Type", + "Properties" ], "type": "object" }, - "AWS::WAFv2::WebACL.CustomResponseBody": { + "AWS::Wisdom::AIGuardrail": { "additionalProperties": false, "properties": { - "Content": { - "markdownDescription": "The payload of the custom response.\n\nYou can use JSON escape strings in JSON content. To do this, you must specify JSON content in the `ContentType` setting.\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", - "title": "Content", + "Condition": { "type": "string" }, - "ContentType": { - "markdownDescription": "The type of content in the payload that you are defining in the `Content` string.", - "title": "ContentType", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AssistantId": { + "markdownDescription": "The identifier of the Amazon Q in Connect assistant. Can be either the ID or the ARN. URLs cannot contain the ARN.", + "title": "AssistantId", + "type": "string" + }, + "BlockedInputMessaging": { + "markdownDescription": "The message to return when the AI Guardrail blocks a prompt.", + "title": "BlockedInputMessaging", + "type": "string" + }, + "BlockedOutputsMessaging": { + "markdownDescription": "The message to return when the AI Guardrail blocks a model response.", + "title": "BlockedOutputsMessaging", + "type": "string" + }, + "ContentPolicyConfig": { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrail.AIGuardrailContentPolicyConfig", + "markdownDescription": "Contains details about how to handle harmful content.", + "title": "ContentPolicyConfig" + }, + "ContextualGroundingPolicyConfig": { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrail.AIGuardrailContextualGroundingPolicyConfig", + "markdownDescription": "The policy configuration details for the AI Guardrail's contextual grounding policy.", + "title": "ContextualGroundingPolicyConfig" + }, + "Description": { + "markdownDescription": "A description of the AI Guardrail.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the AI Guardrail.", + "title": "Name", + "type": "string" + }, + "SensitiveInformationPolicyConfig": { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrail.AIGuardrailSensitiveInformationPolicyConfig", + "markdownDescription": "Contains details about PII entities and regular expressions to configure for the AI Guardrail.", + "title": "SensitiveInformationPolicyConfig" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "TopicPolicyConfig": { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrail.AIGuardrailTopicPolicyConfig", + "markdownDescription": "Contains details about topics that the AI Guardrail should identify and deny.", + "title": "TopicPolicyConfig" + }, + "WordPolicyConfig": { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrail.AIGuardrailWordPolicyConfig", + "markdownDescription": "Contains details about the word policy to configured for the AI Guardrail.", + "title": "WordPolicyConfig" + } + }, + "required": [ + "AssistantId", + "BlockedInputMessaging", + "BlockedOutputsMessaging" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Wisdom::AIGuardrail" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Content", - "ContentType" + "Type", + "Properties" ], "type": "object" }, - "AWS::WAFv2::WebACL.DefaultAction": { + "AWS::Wisdom::AIGuardrail.AIGuardrailContentPolicyConfig": { "additionalProperties": false, "properties": { - "Allow": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.AllowAction", - "markdownDescription": "Specifies that AWS WAF should allow requests by default.", - "title": "Allow" - }, - "Block": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.BlockAction", - "markdownDescription": "Specifies that AWS WAF should block requests by default.", - "title": "Block" + "FiltersConfig": { + "items": { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrail.GuardrailContentFilterConfig" + }, + "markdownDescription": "List of content filter configurations in a content policy.", + "title": "FiltersConfig", + "type": "array" } }, + "required": [ + "FiltersConfig" + ], "type": "object" }, - "AWS::WAFv2::WebACL.ExcludedRule": { + "AWS::Wisdom::AIGuardrail.AIGuardrailContextualGroundingPolicyConfig": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the rule whose action you want to override to `Count` .", - "title": "Name", - "type": "string" + "FiltersConfig": { + "items": { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrail.GuardrailContextualGroundingFilterConfig" + }, + "markdownDescription": "List of contextual grounding filter configs.", + "title": "FiltersConfig", + "type": "array" } }, "required": [ - "Name" + "FiltersConfig" ], "type": "object" }, - "AWS::WAFv2::WebACL.FieldIdentifier": { + "AWS::Wisdom::AIGuardrail.AIGuardrailSensitiveInformationPolicyConfig": { "additionalProperties": false, "properties": { - "Identifier": { - "markdownDescription": "The name of the field.\n\nWhen the `PayloadType` in the request inspection is `JSON` , this identifier must be in JSON pointer syntax. For example `/form/username` . For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nWhen the `PayloadType` is `FORM_ENCODED` , use the HTML form names. For example, `username` .\n\nFor more information, see the descriptions for each field type in the request inspection properties.", - "title": "Identifier", - "type": "string" + "PiiEntitiesConfig": { + "items": { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrail.GuardrailPiiEntityConfig" + }, + "markdownDescription": "List of entities.", + "title": "PiiEntitiesConfig", + "type": "array" + }, + "RegexesConfig": { + "items": { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrail.GuardrailRegexConfig" + }, + "markdownDescription": "List of regex.", + "title": "RegexesConfig", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Wisdom::AIGuardrail.AIGuardrailTopicPolicyConfig": { + "additionalProperties": false, + "properties": { + "TopicsConfig": { + "items": { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrail.GuardrailTopicConfig" + }, + "markdownDescription": "List of topic configs in topic policy.", + "title": "TopicsConfig", + "type": "array" } }, "required": [ - "Identifier" + "TopicsConfig" ], "type": "object" }, - "AWS::WAFv2::WebACL.FieldToMatch": { + "AWS::Wisdom::AIGuardrail.AIGuardrailWordPolicyConfig": { "additionalProperties": false, "properties": { - "AllQueryArguments": { - "markdownDescription": "Inspect all query arguments.", - "title": "AllQueryArguments", - "type": "object" - }, - "Body": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.Body", - "markdownDescription": "Inspect the request body as plain text. The request body immediately follows the request headers. This is the part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n- For AWS Amplify , use the CloudFront limit.\n\nFor information about how to handle oversized request bodies, see the `Body` object configuration.", - "title": "Body" - }, - "Cookies": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.Cookies", - "markdownDescription": "Inspect the request cookies. You must configure scope and pattern matching filters in the `Cookies` object, to define the set of cookies and the parts of the cookies that AWS WAF inspects.\n\nOnly the first 8 KB (8192 bytes) of a request's cookies and only the first 200 cookies are forwarded to AWS WAF for inspection by the underlying host service. You must configure how to handle any oversize cookie content in the `Cookies` object. AWS WAF applies the pattern matching filters to the cookies that it receives from the underlying host service.", - "title": "Cookies" - }, - "Headers": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.Headers", - "markdownDescription": "Inspect the request headers. You must configure scope and pattern matching filters in the `Headers` object, to define the set of headers to and the parts of the headers that AWS WAF inspects.\n\nOnly the first 8 KB (8192 bytes) of a request's headers and only the first 200 headers are forwarded to AWS WAF for inspection by the underlying host service. You must configure how to handle any oversize header content in the `Headers` object. AWS WAF applies the pattern matching filters to the headers that it receives from the underlying host service.", - "title": "Headers" - }, - "JA3Fingerprint": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.JA3Fingerprint", - "markdownDescription": "Available for use with Amazon CloudFront distributions and Application Load Balancers. Match against the request's JA3 fingerprint. The JA3 fingerprint is a 32-character hash derived from the TLS Client Hello of an incoming request. This fingerprint serves as a unique identifier for the client's TLS configuration. AWS WAF calculates and logs this fingerprint for each request that has enough TLS Client Hello information for the calculation. Almost all web requests include this information.\n\n> You can use this choice only with a string match `ByteMatchStatement` with the `PositionalConstraint` set to `EXACTLY` . \n\nYou can obtain the JA3 fingerprint for client requests from the web ACL logs. If AWS WAF is able to calculate the fingerprint, it includes it in the logs. For information about the logging fields, see [Log fields](https://docs.aws.amazon.com/waf/latest/developerguide/logging-fields.html) in the *AWS WAF Developer Guide* .\n\nProvide the JA3 fingerprint string from the logs in your string match statement specification, to match with any future requests that have the same TLS configuration.", - "title": "JA3Fingerprint" - }, - "JsonBody": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.JsonBody", - "markdownDescription": "Inspect the request body as JSON. The request body immediately follows the request headers. This is the part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n- For AWS Amplify , use the CloudFront limit.\n\nFor information about how to handle oversized request bodies, see the `JsonBody` object configuration.", - "title": "JsonBody" - }, - "Method": { - "markdownDescription": "Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.", - "title": "Method", - "type": "object" - }, - "QueryString": { - "markdownDescription": "Inspect the query string. This is the part of a URL that appears after a `?` character, if any.", - "title": "QueryString", - "type": "object" - }, - "SingleHeader": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.SingleHeader", - "markdownDescription": "Inspect a single header. Provide the name of the header to inspect, for example, `User-Agent` or `Referer` . This setting isn't case sensitive.\n\nExample JSON: `\"SingleHeader\": { \"Name\": \"haystack\" }`\n\nAlternately, you can filter and inspect all headers with the `Headers` `FieldToMatch` setting.", - "title": "SingleHeader" - }, - "SingleQueryArgument": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.SingleQueryArgument", - "markdownDescription": "Inspect a single query argument. Provide the name of the query argument to inspect, such as *UserName* or *SalesRegion* . The name can be up to 30 characters long and isn't case sensitive.\n\nExample JSON: `\"SingleQueryArgument\": { \"Name\": \"myArgument\" }`", - "title": "SingleQueryArgument" + "ManagedWordListsConfig": { + "items": { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrail.GuardrailManagedWordsConfig" + }, + "markdownDescription": "A config for the list of managed words.", + "title": "ManagedWordListsConfig", + "type": "array" }, - "UriPath": { - "markdownDescription": "Inspect the request URI path. This is the part of the web request that identifies a resource, for example, `/images/daily-ad.jpg` .", - "title": "UriPath", - "type": "object" + "WordsConfig": { + "items": { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrail.GuardrailWordConfig" + }, + "markdownDescription": "List of custom word configurations.", + "title": "WordsConfig", + "type": "array" } }, "type": "object" }, - "AWS::WAFv2::WebACL.ForwardedIPConfiguration": { + "AWS::Wisdom::AIGuardrail.GuardrailContentFilterConfig": { "additionalProperties": false, "properties": { - "FallbackBehavior": { - "markdownDescription": "The match status to assign to the web request if the request doesn't have a valid IP address in the specified position.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. \n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", - "title": "FallbackBehavior", + "InputStrength": { + "markdownDescription": "The strength of the input for the guardrail content filter.", + "title": "InputStrength", "type": "string" }, - "HeaderName": { - "markdownDescription": "The name of the HTTP header to use for the IP address. For example, to use the X-Forwarded-For (XFF) header, set this to `X-Forwarded-For` .\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all.", - "title": "HeaderName", + "OutputStrength": { + "markdownDescription": "The output strength of the guardrail content filter.", + "title": "OutputStrength", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the guardrail content filter.", + "title": "Type", "type": "string" } }, "required": [ - "FallbackBehavior", - "HeaderName" + "InputStrength", + "OutputStrength", + "Type" ], "type": "object" }, - "AWS::WAFv2::WebACL.GeoMatchStatement": { + "AWS::Wisdom::AIGuardrail.GuardrailContextualGroundingFilterConfig": { "additionalProperties": false, "properties": { - "CountryCodes": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of two-character country codes that you want to match against, for example, `[ \"US\", \"CN\" ]` , from the alpha-2 country ISO codes of the ISO 3166 international standard.\n\nWhen you use a geo match statement just for the region and country labels that it adds to requests, you still have to supply a country code for the rule to evaluate. In this case, you configure the rule to only count matching requests, but it will still generate logging and count metrics for any matches. You can reduce the logging and metrics that the rule produces by specifying a country that's unlikely to be a source of traffic to your site.", - "title": "CountryCodes", - "type": "array" + "Threshold": { + "markdownDescription": "The threshold for this filter.", + "title": "Threshold", + "type": "number" }, - "ForwardedIPConfig": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ForwardedIPConfiguration", - "markdownDescription": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all.", - "title": "ForwardedIPConfig" + "Type": { + "markdownDescription": "The type of this filter.", + "title": "Type", + "type": "string" } }, + "required": [ + "Threshold", + "Type" + ], "type": "object" }, - "AWS::WAFv2::WebACL.HeaderMatchPattern": { + "AWS::Wisdom::AIGuardrail.GuardrailManagedWordsConfig": { "additionalProperties": false, "properties": { - "All": { - "markdownDescription": "Inspect all headers.", - "title": "All", - "type": "object" - }, - "ExcludedHeaders": { - "items": { - "type": "string" - }, - "markdownDescription": "Inspect only the headers whose keys don't match any of the strings specified here.", - "title": "ExcludedHeaders", - "type": "array" - }, - "IncludedHeaders": { - "items": { - "type": "string" - }, - "markdownDescription": "Inspect only the headers that have a key that matches one of the strings specified here.", - "title": "IncludedHeaders", - "type": "array" + "Type": { + "markdownDescription": "The type of guardrail managed words.", + "title": "Type", + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::WAFv2::WebACL.Headers": { + "AWS::Wisdom::AIGuardrail.GuardrailPiiEntityConfig": { "additionalProperties": false, "properties": { - "MatchPattern": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.HeaderMatchPattern", - "markdownDescription": "The filter to use to identify the subset of headers to inspect in a web request.\n\nYou must specify exactly one setting: either `All` , `IncludedHeaders` , or `ExcludedHeaders` .\n\nExample JSON: `\"MatchPattern\": { \"ExcludedHeaders\": [ \"KeyToExclude1\", \"KeyToExclude2\" ] }`", - "title": "MatchPattern" - }, - "MatchScope": { - "markdownDescription": "The parts of the headers to match with the rule inspection criteria. If you specify `ALL` , AWS WAF inspects both keys and values.\n\n`All` does not require a match to be found in the keys and a match to be found in the values. It requires a match to be found in the keys or the values or both. To require a match in the keys and in the values, use a logical `AND` statement to combine two match rules, one that inspects the keys and another that inspects the values.", - "title": "MatchScope", + "Action": { + "markdownDescription": "The action of guardrail PII entity configuration.", + "title": "Action", "type": "string" }, - "OversizeHandling": { - "markdownDescription": "What AWS WAF should do if the headers determined by your match scope are more numerous or larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request headers when they exceed 8 KB (8192 bytes) or 200 total headers. The underlying host service forwards a maximum of 200 headers and at most 8 KB of header contents to AWS WAF .\n\nThe options for oversize handling are the following:\n\n- `CONTINUE` - Inspect the available headers normally, according to the rule inspection criteria.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", - "title": "OversizeHandling", + "Type": { + "markdownDescription": "", + "title": "Type", "type": "string" } }, "required": [ - "MatchPattern", - "MatchScope", - "OversizeHandling" + "Action", + "Type" ], "type": "object" }, - "AWS::WAFv2::WebACL.IPSetForwardedIPConfiguration": { + "AWS::Wisdom::AIGuardrail.GuardrailRegexConfig": { "additionalProperties": false, "properties": { - "FallbackBehavior": { - "markdownDescription": "The match status to assign to the web request if the request doesn't have a valid IP address in the specified position.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. \n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", - "title": "FallbackBehavior", + "Action": { + "markdownDescription": "The action of the guardrail regex configuration.", + "title": "Action", "type": "string" }, - "HeaderName": { - "markdownDescription": "The name of the HTTP header to use for the IP address. For example, to use the X-Forwarded-For (XFF) header, set this to `X-Forwarded-For` .\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all.", - "title": "HeaderName", + "Description": { + "markdownDescription": "The regex description.", + "title": "Description", "type": "string" }, - "Position": { - "markdownDescription": "The position in the header to search for the IP address. The header can contain IP addresses of the original client and also of proxies. For example, the header value could be `10.1.1.1, 127.0.0.0, 10.10.10.10` where the first IP address identifies the original client and the rest identify proxies that the request went through.\n\nThe options for this setting are the following:\n\n- FIRST - Inspect the first IP address in the list of IP addresses in the header. This is usually the client's original IP.\n- LAST - Inspect the last IP address in the list of IP addresses in the header.\n- ANY - Inspect all IP addresses in the header for a match. If the header contains more than 10 IP addresses, AWS WAF inspects the last 10.", - "title": "Position", + "Name": { + "markdownDescription": "A regex configuration.", + "title": "Name", + "type": "string" + }, + "Pattern": { + "markdownDescription": "The regex pattern.", + "title": "Pattern", "type": "string" } }, "required": [ - "FallbackBehavior", - "HeaderName", - "Position" + "Action", + "Name", + "Pattern" ], "type": "object" }, - "AWS::WAFv2::WebACL.IPSetReferenceStatement": { + "AWS::Wisdom::AIGuardrail.GuardrailTopicConfig": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the `IPSet` that this statement references.", - "title": "Arn", + "Definition": { + "markdownDescription": "Definition of topic in topic policy.", + "title": "Definition", "type": "string" }, - "IPSetForwardedIPConfig": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.IPSetForwardedIPConfiguration", - "markdownDescription": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all.", - "title": "IPSetForwardedIPConfig" + "Examples": { + "items": { + "type": "string" + }, + "markdownDescription": "Text example in topic policy.", + "title": "Examples", + "type": "array" + }, + "Name": { + "markdownDescription": "Name of topic in topic policy.", + "title": "Name", + "type": "string" + }, + "Type": { + "markdownDescription": "Type of topic in a policy.", + "title": "Type", + "type": "string" } }, "required": [ - "Arn" + "Definition", + "Name", + "Type" ], "type": "object" }, - "AWS::WAFv2::WebACL.ImmunityTimeProperty": { + "AWS::Wisdom::AIGuardrail.GuardrailWordConfig": { "additionalProperties": false, "properties": { - "ImmunityTime": { - "markdownDescription": "The amount of time, in seconds, that a `CAPTCHA` or challenge timestamp is considered valid by AWS WAF . The default setting is 300.\n\nFor the Challenge action, the minimum setting is 300.", - "title": "ImmunityTime", - "type": "number" + "Text": { + "markdownDescription": "The custom word text.", + "title": "Text", + "type": "string" } }, "required": [ - "ImmunityTime" + "Text" ], "type": "object" }, - "AWS::WAFv2::WebACL.JA3Fingerprint": { + "AWS::Wisdom::AIGuardrailVersion": { "additionalProperties": false, "properties": { - "FallbackBehavior": { - "markdownDescription": "The match status to assign to the web request if the request doesn't have a JA3 fingerprint.\n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", - "title": "FallbackBehavior", + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AIGuardrailId": { + "markdownDescription": "The ID of the AI guardrail version.", + "title": "AIGuardrailId", + "type": "string" + }, + "AssistantId": { + "markdownDescription": "The ID of the AI guardrail version assistant.", + "title": "AssistantId", + "type": "string" + }, + "ModifiedTimeSeconds": { + "markdownDescription": "The modified time of the AI guardrail version in seconds.", + "title": "ModifiedTimeSeconds", + "type": "number" + } + }, + "required": [ + "AIGuardrailId", + "AssistantId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Wisdom::AIGuardrailVersion" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "FallbackBehavior" + "Type", + "Properties" ], "type": "object" }, - "AWS::WAFv2::WebACL.JsonBody": { + "AWS::Wisdom::AIPrompt": { "additionalProperties": false, "properties": { - "InvalidFallbackBehavior": { - "markdownDescription": "What AWS WAF should do if it fails to completely parse the JSON body. The options are the following:\n\n- `EVALUATE_AS_STRING` - Inspect the body as plain text. AWS WAF applies the text transformations and inspection criteria that you defined for the JSON inspection to the body text string.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.\n\nIf you don't provide this setting, AWS WAF parses and evaluates the content only up to the first parsing failure that it encounters.\n\n> AWS WAF parsing doesn't fully validate the input JSON string, so parsing can succeed even for invalid JSON. When parsing succeeds, AWS WAF doesn't apply the fallback behavior. For more information, see [JSON body](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-fields-list.html#waf-rule-statement-request-component-json-body) in the *AWS WAF Developer Guide* .", - "title": "InvalidFallbackBehavior", + "Condition": { "type": "string" }, - "MatchPattern": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.JsonMatchPattern", - "markdownDescription": "The patterns to look for in the JSON body. AWS WAF inspects the results of these pattern matches against the rule inspection criteria.", - "title": "MatchPattern" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "MatchScope": { - "markdownDescription": "The parts of the JSON to match against using the `MatchPattern` . If you specify `ALL` , AWS WAF matches against keys and values.\n\n`All` does not require a match to be found in the keys and a match to be found in the values. It requires a match to be found in the keys or the values or both. To require a match in the keys and in the values, use a logical `AND` statement to combine two match rules, one that inspects the keys and another that inspects the values.", - "title": "MatchScope", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApiFormat": { + "markdownDescription": "The API format used for this AI Prompt.", + "title": "ApiFormat", + "type": "string" + }, + "AssistantId": { + "markdownDescription": "The identifier of the Amazon Q in Connect assistant. Can be either the ID or the ARN. URLs cannot contain the ARN.", + "title": "AssistantId", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the AI Prompt.", + "title": "Description", + "type": "string" + }, + "ModelId": { + "markdownDescription": "The identifier of the model used for this AI Prompt. The following model Ids are supported:\n\n- `anthropic.claude-3-haiku--v1:0`\n- `apac.amazon.nova-lite-v1:0`\n- `apac.amazon.nova-micro-v1:0`\n- `apac.amazon.nova-pro-v1:0`\n- `apac.anthropic.claude-3-5-sonnet--v2:0`\n- `apac.anthropic.claude-3-haiku-20240307-v1:0`\n- `eu.amazon.nova-lite-v1:0`\n- `eu.amazon.nova-micro-v1:0`\n- `eu.amazon.nova-pro-v1:0`\n- `eu.anthropic.claude-3-7-sonnet-20250219-v1:0`\n- `eu.anthropic.claude-3-haiku-20240307-v1:0`\n- `us.amazon.nova-lite-v1:0`\n- `us.amazon.nova-micro-v1:0`\n- `us.amazon.nova-pro-v1:0`\n- `us.anthropic.claude-3-5-haiku-20241022-v1:0`\n- `us.anthropic.claude-3-7-sonnet-20250219-v1:0`\n- `us.anthropic.claude-3-haiku-20240307-v1:0`", + "title": "ModelId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the AI Prompt", + "title": "Name", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "TemplateConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::AIPrompt.AIPromptTemplateConfiguration", + "markdownDescription": "The configuration of the prompt template for this AI Prompt.", + "title": "TemplateConfiguration" + }, + "TemplateType": { + "markdownDescription": "The type of the prompt template for this AI Prompt.", + "title": "TemplateType", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of this AI Prompt.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "ApiFormat", + "ModelId", + "TemplateConfiguration", + "TemplateType", + "Type" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Wisdom::AIPrompt" + ], "type": "string" }, - "OversizeHandling": { - "markdownDescription": "What AWS WAF should do if the body is larger than AWS WAF can inspect.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n- For AWS Amplify , use the CloudFront limit.\n\nThe options for oversize handling are the following:\n\n- `CONTINUE` - Inspect the available body contents normally, according to the rule inspection criteria.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.\n\nYou can combine the `MATCH` or `NO_MATCH` settings for oversize handling with your rule and web ACL action settings, so that you block any request whose body is over the limit.\n\nDefault: `CONTINUE`", - "title": "OversizeHandling", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "MatchPattern", - "MatchScope" + "Type", + "Properties" ], "type": "object" }, - "AWS::WAFv2::WebACL.JsonMatchPattern": { + "AWS::Wisdom::AIPrompt.AIPromptTemplateConfiguration": { "additionalProperties": false, "properties": { - "All": { - "markdownDescription": "Match all of the elements. See also `MatchScope` in the `JsonBody` `FieldToMatch` specification.\n\nYou must specify either this setting or the `IncludedPaths` setting, but not both.", - "title": "All", - "type": "object" - }, - "IncludedPaths": { - "items": { - "type": "string" - }, - "markdownDescription": "Match only the specified include paths. See also `MatchScope` in the `JsonBody` `FieldToMatch` specification.\n\nProvide the include paths using JSON Pointer syntax. For example, `\"IncludedPaths\": [\"/dogs/0/name\", \"/dogs/1/name\"]` . For information about this syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nYou must specify either this setting or the `All` setting, but not both.\n\n> Don't use this option to include all paths. Instead, use the `All` setting.", - "title": "IncludedPaths", - "type": "array" + "TextFullAIPromptEditTemplateConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::AIPrompt.TextFullAIPromptEditTemplateConfiguration", + "markdownDescription": "The configuration for a prompt template that supports full textual prompt configuration using a YAML prompt.", + "title": "TextFullAIPromptEditTemplateConfiguration" } }, + "required": [ + "TextFullAIPromptEditTemplateConfiguration" + ], "type": "object" }, - "AWS::WAFv2::WebACL.Label": { + "AWS::Wisdom::AIPrompt.TextFullAIPromptEditTemplateConfiguration": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The label string.", - "title": "Name", + "Text": { + "markdownDescription": "The YAML text for the AI Prompt template.", + "title": "Text", "type": "string" } }, "required": [ - "Name" + "Text" ], "type": "object" }, - "AWS::WAFv2::WebACL.LabelMatchStatement": { + "AWS::Wisdom::AIPromptVersion": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The string to match against. The setting you provide for this depends on the match statement's `Scope` setting:\n\n- If the `Scope` indicates `LABEL` , then this specification must include the name and can include any number of preceding namespace specifications and prefix up to providing the fully qualified label name.\n- If the `Scope` indicates `NAMESPACE` , then this specification can include any number of contiguous namespace strings, and can include the entire label namespace prefix from the rule group or web ACL where the label originates.\n\nLabels are case sensitive and components of a label must be separated by colon, for example `NS1:NS2:name` .", - "title": "Key", + "Condition": { "type": "string" }, - "Scope": { - "markdownDescription": "Specify whether you want to match using the label name or just the namespace.", - "title": "Scope", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AIPromptId": { + "markdownDescription": "The identifier of the Amazon Q in Connect AI prompt.", + "title": "AIPromptId", + "type": "string" + }, + "AssistantId": { + "markdownDescription": "The identifier of the Amazon Q in Connect assistant. Can be either the ID or the ARN. URLs cannot contain the ARN.", + "title": "AssistantId", + "type": "string" + }, + "ModifiedTimeSeconds": { + "markdownDescription": "The time the AI Prompt version was last modified in seconds.", + "title": "ModifiedTimeSeconds", + "type": "number" + } + }, + "required": [ + "AIPromptId", + "AssistantId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Wisdom::AIPromptVersion" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Key", - "Scope" + "Type", + "Properties" ], "type": "object" }, - "AWS::WAFv2::WebACL.ManagedRuleGroupConfig": { + "AWS::Wisdom::Assistant": { "additionalProperties": false, "properties": { - "AWSManagedRulesACFPRuleSet": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.AWSManagedRulesACFPRuleSet", - "markdownDescription": "Additional configuration for using the account creation fraud prevention (ACFP) managed rule group, `AWSManagedRulesACFPRuleSet` . Use this to provide account creation request information to the rule group. For web ACLs that protect CloudFront distributions, use this to also provide the information about how your distribution responds to account creation requests.\n\nFor information about using the ACFP managed rule group, see [AWS WAF Fraud Control account creation fraud prevention (ACFP) rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-acfp.html) and [AWS WAF Fraud Control account creation fraud prevention (ACFP)](https://docs.aws.amazon.com/waf/latest/developerguide/waf-acfp.html) in the *AWS WAF Developer Guide* .", - "title": "AWSManagedRulesACFPRuleSet" + "Condition": { + "type": "string" }, - "AWSManagedRulesATPRuleSet": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.AWSManagedRulesATPRuleSet", - "markdownDescription": "Additional configuration for using the account takeover prevention (ATP) managed rule group, `AWSManagedRulesATPRuleSet` . Use this to provide login request information to the rule group. For web ACLs that protect CloudFront distributions, use this to also provide the information about how your distribution responds to login requests.\n\nThis configuration replaces the individual configuration fields in `ManagedRuleGroupConfig` and provides additional feature configuration.\n\nFor information about using the ATP managed rule group, see [AWS WAF Fraud Control account takeover prevention (ATP) rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-atp.html) and [AWS WAF Fraud Control account takeover prevention (ATP)](https://docs.aws.amazon.com/waf/latest/developerguide/waf-atp.html) in the *AWS WAF Developer Guide* .", - "title": "AWSManagedRulesATPRuleSet" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "AWSManagedRulesBotControlRuleSet": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.AWSManagedRulesBotControlRuleSet", - "markdownDescription": "Additional configuration for using the Bot Control managed rule group. Use this to specify the inspection level that you want to use. For information about using the Bot Control managed rule group, see [AWS WAF Bot Control rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html) and [AWS WAF Bot Control](https://docs.aws.amazon.com/waf/latest/developerguide/waf-bot-control.html) in the *AWS WAF Developer Guide* .", - "title": "AWSManagedRulesBotControlRuleSet" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "LoginPath": { - "markdownDescription": "> Instead of this setting, provide your configuration under `AWSManagedRulesATPRuleSet` .", - "title": "LoginPath", - "type": "string" + "Metadata": { + "type": "object" }, - "PasswordField": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", - "markdownDescription": "> Instead of this setting, provide your configuration under the request inspection configuration for `AWSManagedRulesATPRuleSet` or `AWSManagedRulesACFPRuleSet` .", - "title": "PasswordField" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the assistant.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the assistant.", + "title": "Name", + "type": "string" + }, + "ServerSideEncryptionConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::Assistant.ServerSideEncryptionConfiguration", + "markdownDescription": "The configuration information for the customer managed key used for encryption. The customer managed key must have a policy that allows `kms:CreateGrant` and `kms:DescribeKey` permissions to the IAM identity using the key to invoke Wisdom. To use Wisdom with chat, the key policy must also allow `kms:Decrypt` , `kms:GenerateDataKey*` , and `kms:DescribeKey` permissions to the `connect.amazonaws.com` service principal. For more information about setting up a customer managed key for Wisdom, see [Enable Amazon Connect Wisdom for your instance](https://docs.aws.amazon.com/connect/latest/adminguide/enable-wisdom.html) .", + "title": "ServerSideEncryptionConfiguration" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of assistant.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Name", + "Type" + ], + "type": "object" }, - "PayloadType": { - "markdownDescription": "> Instead of this setting, provide your configuration under the request inspection configuration for `AWSManagedRulesATPRuleSet` or `AWSManagedRulesACFPRuleSet` .", - "title": "PayloadType", + "Type": { + "enum": [ + "AWS::Wisdom::Assistant" + ], "type": "string" }, - "UsernameField": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", - "markdownDescription": "> Instead of this setting, provide your configuration under the request inspection configuration for `AWSManagedRulesATPRuleSet` or `AWSManagedRulesACFPRuleSet` .", - "title": "UsernameField" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::WAFv2::WebACL.ManagedRuleGroupStatement": { + "AWS::Wisdom::Assistant.ServerSideEncryptionConfiguration": { "additionalProperties": false, "properties": { - "ExcludedRules": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ExcludedRule" - }, - "markdownDescription": "Rules in the referenced rule group whose actions are set to `Count` .\n\n> Instead of this option, use `RuleActionOverrides` . It accepts any valid action setting, including `Count` .", - "title": "ExcludedRules", - "type": "array" - }, - "ManagedRuleGroupConfigs": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ManagedRuleGroupConfig" - }, - "markdownDescription": "Additional information that's used by a managed rule group. Many managed rule groups don't require this.\n\nThe rule groups used for intelligent threat mitigation require additional configuration:\n\n- Use the `AWSManagedRulesACFPRuleSet` configuration object to configure the account creation fraud prevention managed rule group. The configuration includes the registration and sign-up pages of your application and the locations in the account creation request payload of data, such as the user email and phone number fields.\n- Use the `AWSManagedRulesATPRuleSet` configuration object to configure the account takeover prevention managed rule group. The configuration includes the sign-in page of your application and the locations in the login request payload of data such as the username and password.\n- Use the `AWSManagedRulesBotControlRuleSet` configuration object to configure the protection level that you want the Bot Control rule group to use.", - "title": "ManagedRuleGroupConfigs", - "type": "array" + "KmsKeyId": { + "markdownDescription": "The customer managed key used for encryption. The customer managed key must have a policy that allows `kms:CreateGrant` and `kms:DescribeKey` permissions to the IAM identity using the key to invoke Wisdom. To use Wisdom with chat, the key policy must also allow `kms:Decrypt` , `kms:GenerateDataKey*` , and `kms:DescribeKey` permissions to the `connect.amazonaws.com` service principal. For more information about setting up a customer managed key for Wisdom, see [Enable Amazon Connect Wisdom for your instance](https://docs.aws.amazon.com/connect/latest/adminguide/enable-wisdom.html) . For information about valid ID values, see [Key identifiers (KeyId)](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id) in the *AWS Key Management Service Developer Guide* .", + "title": "KmsKeyId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Wisdom::AssistantAssociation": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" }, - "Name": { - "markdownDescription": "The name of the managed rule group. You use this, along with the vendor name, to identify the rule group.", - "title": "Name", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "RuleActionOverrides": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RuleActionOverride" - }, - "markdownDescription": "Action settings to use in the place of the rule actions that are configured inside the rule group. You specify one override for each rule whose action you want to change.\n\n> Take care to verify the rule names in your overrides. If you provide a rule name that doesn't match the name of any rule in the rule group, AWS WAF doesn't return an error and doesn't apply the override setting. \n\nYou can use overrides for testing, for example you can override all of rule actions to `Count` and then monitor the resulting count metrics to understand how the rule group would handle your web traffic. You can also permanently override some or all actions, to modify how the rule group manages your web traffic.", - "title": "RuleActionOverrides", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ScopeDownStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.Statement", - "markdownDescription": "An optional nested statement that narrows the scope of the web requests that are evaluated by the managed rule group. Requests are only evaluated by the rule group if they match the scope-down statement. You can use any nestable `Statement` in the scope-down statement, and you can nest statements at any level, the same as you can for a rule statement.", - "title": "ScopeDownStatement" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AssistantId": { + "markdownDescription": "The identifier of the Wisdom assistant.", + "title": "AssistantId", + "type": "string" + }, + "Association": { + "$ref": "#/definitions/AWS::Wisdom::AssistantAssociation.AssociationData", + "markdownDescription": "The identifier of the associated resource.", + "title": "Association" + }, + "AssociationType": { + "markdownDescription": "The type of association.", + "title": "AssociationType", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "AssistantId", + "Association", + "AssociationType" + ], + "type": "object" }, - "VendorName": { - "markdownDescription": "The name of the managed rule group vendor. You use this, along with the rule group name, to identify a rule group.", - "title": "VendorName", + "Type": { + "enum": [ + "AWS::Wisdom::AssistantAssociation" + ], "type": "string" }, - "Version": { - "markdownDescription": "The version of the managed rule group to use. If you specify this, the version setting is fixed until you change it. If you don't specify this, AWS WAF uses the vendor's default version, and then keeps the version at the vendor's default when the vendor updates the managed rule group settings.", - "title": "Version", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Name", - "VendorName" - ], - "type": "object" - }, - "AWS::WAFv2::WebACL.NotStatement": { - "additionalProperties": false, - "properties": { - "Statement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.Statement", - "markdownDescription": "The statement to negate. You can use any statement that can be nested.", - "title": "Statement" - } - }, - "required": [ - "Statement" + "Type", + "Properties" ], "type": "object" }, - "AWS::WAFv2::WebACL.OrStatement": { + "AWS::Wisdom::AssistantAssociation.AssociationData": { "additionalProperties": false, "properties": { - "Statements": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.Statement" - }, - "markdownDescription": "The statements to combine with OR logic. You can use any statements that can be nested.", - "title": "Statements", - "type": "array" + "KnowledgeBaseId": { + "markdownDescription": "The identifier of the knowledge base.", + "title": "KnowledgeBaseId", + "type": "string" } }, "required": [ - "Statements" + "KnowledgeBaseId" ], "type": "object" }, - "AWS::WAFv2::WebACL.OverrideAction": { + "AWS::Wisdom::KnowledgeBase": { "additionalProperties": false, "properties": { - "Count": { - "markdownDescription": "Override the rule group evaluation result to count only.\n\n> This option is usually set to none. It does not affect how the rules in the rule group are evaluated. If you want the rules in the rule group to only count matches, do not use this and instead use the rule action override option, with `Count` action, in your rule group reference statement settings.", - "title": "Count", + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { "type": "object" }, - "None": { - "markdownDescription": "Don't override the rule group evaluation result. This is the most common setting.", - "title": "None", + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description.", + "title": "Description", + "type": "string" + }, + "KnowledgeBaseType": { + "markdownDescription": "The type of knowledge base. Only CUSTOM knowledge bases allow you to upload your own content. EXTERNAL knowledge bases support integrations with third-party systems whose content is synchronized automatically.", + "title": "KnowledgeBaseType", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the knowledge base.", + "title": "Name", + "type": "string" + }, + "RenderingConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.RenderingConfiguration", + "markdownDescription": "Information about how to render the content.", + "title": "RenderingConfiguration" + }, + "ServerSideEncryptionConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.ServerSideEncryptionConfiguration", + "markdownDescription": "This customer managed key must have a policy that allows `kms:CreateGrant` and `kms:DescribeKey` permissions to the IAM identity using the key to invoke Wisdom. For more information about setting up a customer managed key for Wisdom, see [Enable Amazon Connect Wisdom for your instance](https://docs.aws.amazon.com/connect/latest/adminguide/enable-wisdom.html) . For information about valid ID values, see [Key identifiers (KeyId)](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id) in the *AWS Key Management Service Developer Guide* .", + "title": "ServerSideEncryptionConfiguration" + }, + "SourceConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.SourceConfiguration", + "markdownDescription": "The source of the knowledge base content. Only set this argument for EXTERNAL or Managed knowledge bases.", + "title": "SourceConfiguration" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "title": "Tags", + "type": "array" + }, + "VectorIngestionConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.VectorIngestionConfiguration", + "markdownDescription": "Contains details about how to ingest the documents in a data source.", + "title": "VectorIngestionConfiguration" + } + }, + "required": [ + "KnowledgeBaseType", + "Name" + ], "type": "object" + }, + "Type": { + "enum": [ + "AWS::Wisdom::KnowledgeBase" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::WAFv2::WebACL.RateBasedStatement": { + "AWS::Wisdom::KnowledgeBase.AppIntegrationsConfiguration": { "additionalProperties": false, "properties": { - "AggregateKeyType": { - "markdownDescription": "Setting that indicates how to aggregate the request counts.\n\n> Web requests that are missing any of the components specified in the aggregation keys are omitted from the rate-based rule evaluation and handling. \n\n- `CONSTANT` - Count and limit the requests that match the rate-based rule's scope-down statement. With this option, the counted requests aren't further aggregated. The scope-down statement is the only specification used. When the count of all requests that satisfy the scope-down statement goes over the limit, AWS WAF applies the rule action to all requests that satisfy the scope-down statement.\n\nWith this option, you must configure the `ScopeDownStatement` property.\n- `CUSTOM_KEYS` - Aggregate the request counts using one or more web request components as the aggregate keys.\n\nWith this option, you must specify the aggregate keys in the `CustomKeys` property.\n\nTo aggregate on only the IP address or only the forwarded IP address, don't use custom keys. Instead, set the aggregate key type to `IP` or `FORWARDED_IP` .\n- `FORWARDED_IP` - Aggregate the request counts on the first IP address in an HTTP header.\n\nWith this option, you must specify the header to use in the `ForwardedIPConfig` property.\n\nTo aggregate on a combination of the forwarded IP address with other aggregate keys, use `CUSTOM_KEYS` .\n- `IP` - Aggregate the request counts on the IP address from the web request origin.\n\nTo aggregate on a combination of the IP address with other aggregate keys, use `CUSTOM_KEYS` .", - "title": "AggregateKeyType", + "AppIntegrationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AppIntegrations DataIntegration to use for ingesting content.\n\n- For [Salesforce](https://docs.aws.amazon.com/https://developer.salesforce.com/docs/atlas.en-us.knowledge_dev.meta/knowledge_dev/sforce_api_objects_knowledge__kav.htm) , your AppIntegrations DataIntegration must have an ObjectConfiguration if objectFields is not provided, including at least `Id` , `ArticleNumber` , `VersionNumber` , `Title` , `PublishStatus` , and `IsDeleted` as source fields.\n- For [ServiceNow](https://docs.aws.amazon.com/https://developer.servicenow.com/dev.do#!/reference/api/rome/rest/knowledge-management-api) , your AppIntegrations DataIntegration must have an ObjectConfiguration if objectFields is not provided, including at least `number` , `short_description` , `sys_mod_count` , `workflow_state` , and `active` as source fields.\n- For [Zendesk](https://docs.aws.amazon.com/https://developer.zendesk.com/api-reference/help_center/help-center-api/articles/) , your AppIntegrations DataIntegration must have an ObjectConfiguration if `objectFields` is not provided, including at least `id` , `title` , `updated_at` , and `draft` as source fields.\n- For [SharePoint](https://docs.aws.amazon.com/https://learn.microsoft.com/en-us/sharepoint/dev/sp-add-ins/sharepoint-net-server-csom-jsom-and-rest-api-index) , your AppIntegrations DataIntegration must have a FileConfiguration, including only file extensions that are among `docx` , `pdf` , `html` , `htm` , and `txt` .\n- For [Amazon S3](https://docs.aws.amazon.com/s3/) , the ObjectConfiguration and FileConfiguration of your AppIntegrations DataIntegration must be null. The `SourceURI` of your DataIntegration must use the following format: `s3://your_s3_bucket_name` .\n\n> The bucket policy of the corresponding S3 bucket must allow the AWS principal `app-integrations.amazonaws.com` to perform `s3:ListBucket` , `s3:GetObject` , and `s3:GetBucketLocation` against the bucket.", + "title": "AppIntegrationArn", "type": "string" }, - "CustomKeys": { + "ObjectFields": { "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RateBasedStatementCustomKey" + "type": "string" }, - "markdownDescription": "Specifies the aggregate keys to use in a rate-base rule.", - "title": "CustomKeys", + "markdownDescription": "The fields from the source that are made available to your agents in Amazon Q in Connect. Optional if ObjectConfiguration is included in the provided DataIntegration.\n\n- For [Salesforce](https://docs.aws.amazon.com/https://developer.salesforce.com/docs/atlas.en-us.knowledge_dev.meta/knowledge_dev/sforce_api_objects_knowledge__kav.htm) , you must include at least `Id` , `ArticleNumber` , `VersionNumber` , `Title` , `PublishStatus` , and `IsDeleted` .\n- For [ServiceNow](https://docs.aws.amazon.com/https://developer.servicenow.com/dev.do#!/reference/api/rome/rest/knowledge-management-api) , you must include at least `number` , `short_description` , `sys_mod_count` , `workflow_state` , and `active` .\n- For [Zendesk](https://docs.aws.amazon.com/https://developer.zendesk.com/api-reference/help_center/help-center-api/articles/) , you must include at least `id` , `title` , `updated_at` , and `draft` .\n\nMake sure to include additional fields. These fields are indexed and used to source recommendations.", + "title": "ObjectFields", "type": "array" - }, - "EvaluationWindowSec": { - "markdownDescription": "The amount of time, in seconds, that AWS WAF should include in its request counts, looking back from the current time. For example, for a setting of 120, when AWS WAF checks the rate, it counts the requests for the 2 minutes immediately preceding the current time. Valid settings are 60, 120, 300, and 600.\n\nThis setting doesn't determine how often AWS WAF checks the rate, but how far back it looks each time it checks. AWS WAF checks the rate about every 10 seconds.\n\nDefault: `300` (5 minutes)", - "title": "EvaluationWindowSec", - "type": "number" - }, - "ForwardedIPConfig": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ForwardedIPConfiguration", - "markdownDescription": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. \n\nThis is required if you specify a forwarded IP in the rule's aggregate key settings.", - "title": "ForwardedIPConfig" - }, - "Limit": { - "markdownDescription": "The limit on requests during the specified evaluation window for a single aggregation instance for the rate-based rule. If the rate-based statement includes a `ScopeDownStatement` , this limit is applied only to the requests that match the statement.\n\nExamples:\n\n- If you aggregate on just the IP address, this is the limit on requests from any single IP address.\n- If you aggregate on the HTTP method and the query argument name \"city\", then this is the limit on requests for any single method, city pair.", - "title": "Limit", - "type": "number" - }, - "ScopeDownStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.Statement", - "markdownDescription": "An optional nested statement that narrows the scope of the web requests that are evaluated and managed by the rate-based statement. When you use a scope-down statement, the rate-based rule only tracks and rate limits requests that match the scope-down statement. You can use any nestable `Statement` in the scope-down statement, and you can nest statements at any level, the same as you can for a rule statement.", - "title": "ScopeDownStatement" } }, "required": [ - "AggregateKeyType", - "Limit" + "AppIntegrationArn" ], "type": "object" }, - "AWS::WAFv2::WebACL.RateBasedStatementCustomKey": { + "AWS::Wisdom::KnowledgeBase.BedrockFoundationModelConfiguration": { "additionalProperties": false, "properties": { - "Cookie": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitCookie", - "markdownDescription": "Use the value of a cookie in the request as an aggregate key. Each distinct value in the cookie contributes to the aggregation instance. If you use a single cookie as your custom key, then each value fully defines an aggregation instance.", - "title": "Cookie" - }, - "ForwardedIP": { - "markdownDescription": "Use the first IP address in an HTTP header as an aggregate key. Each distinct forwarded IP address contributes to the aggregation instance.\n\nWhen you specify an IP or forwarded IP in the custom key settings, you must also specify at least one other key to use. You can aggregate on only the forwarded IP address by specifying `FORWARDED_IP` in your rate-based statement's `AggregateKeyType` .\n\nWith this option, you must specify the header to use in the rate-based rule's `ForwardedIPConfig` property.", - "title": "ForwardedIP", - "type": "object" - }, - "HTTPMethod": { - "markdownDescription": "Use the request's HTTP method as an aggregate key. Each distinct HTTP method contributes to the aggregation instance. If you use just the HTTP method as your custom key, then each method fully defines an aggregation instance.", - "title": "HTTPMethod", - "type": "object" - }, - "Header": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitHeader", - "markdownDescription": "Use the value of a header in the request as an aggregate key. Each distinct value in the header contributes to the aggregation instance. If you use a single header as your custom key, then each value fully defines an aggregation instance.", - "title": "Header" - }, - "IP": { - "markdownDescription": "Use the request's originating IP address as an aggregate key. Each distinct IP address contributes to the aggregation instance.\n\nWhen you specify an IP or forwarded IP in the custom key settings, you must also specify at least one other key to use. You can aggregate on only the IP address by specifying `IP` in your rate-based statement's `AggregateKeyType` .", - "title": "IP", - "type": "object" - }, - "LabelNamespace": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitLabelNamespace", - "markdownDescription": "Use the specified label namespace as an aggregate key. Each distinct fully qualified label name that has the specified label namespace contributes to the aggregation instance. If you use just one label namespace as your custom key, then each label name fully defines an aggregation instance.\n\nThis uses only labels that have been added to the request by rules that are evaluated before this rate-based rule in the web ACL.\n\nFor information about label namespaces and names, see [Label syntax and naming requirements](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-label-requirements.html) in the *AWS WAF Developer Guide* .", - "title": "LabelNamespace" - }, - "QueryArgument": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitQueryArgument", - "markdownDescription": "Use the specified query argument as an aggregate key. Each distinct value for the named query argument contributes to the aggregation instance. If you use a single query argument as your custom key, then each value fully defines an aggregation instance.", - "title": "QueryArgument" - }, - "QueryString": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitQueryString", - "markdownDescription": "Use the request's query string as an aggregate key. Each distinct string contributes to the aggregation instance. If you use just the query string as your custom key, then each string fully defines an aggregation instance.", - "title": "QueryString" + "ModelArn": { + "markdownDescription": "The model ARN of the Bedrock foundation model.", + "title": "ModelArn", + "type": "string" }, - "UriPath": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitUriPath", - "markdownDescription": "Use the request's URI path as an aggregate key. Each distinct URI path contributes to the aggregation instance. If you use just the URI path as your custom key, then each URI path fully defines an aggregation instance.", - "title": "UriPath" + "ParsingPrompt": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.ParsingPrompt", + "markdownDescription": "The parsing prompt of the Bedrock foundation model configuration.", + "title": "ParsingPrompt" } }, + "required": [ + "ModelArn" + ], "type": "object" }, - "AWS::WAFv2::WebACL.RateLimitCookie": { + "AWS::Wisdom::KnowledgeBase.ChunkingConfiguration": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the cookie to use.", - "title": "Name", + "ChunkingStrategy": { + "markdownDescription": "Knowledge base can split your source data into chunks. A chunk refers to an excerpt from a data source that is returned when the knowledge base that it belongs to is queried. You have the following options for chunking your data. If you opt for `NONE` , then you may want to pre-process your files by splitting them up such that each file corresponds to a chunk.", + "title": "ChunkingStrategy", "type": "string" }, - "TextTransformations": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" - }, - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", - "title": "TextTransformations", - "type": "array" + "FixedSizeChunkingConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.FixedSizeChunkingConfiguration", + "markdownDescription": "Configurations for when you choose fixed-size chunking. If you set the `chunkingStrategy` as `NONE` , exclude this field.", + "title": "FixedSizeChunkingConfiguration" + }, + "HierarchicalChunkingConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.HierarchicalChunkingConfiguration", + "markdownDescription": "Settings for hierarchical document chunking for a data source. Hierarchical chunking splits documents into layers of chunks where the first layer contains large chunks, and the second layer contains smaller chunks derived from the first layer.", + "title": "HierarchicalChunkingConfiguration" + }, + "SemanticChunkingConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.SemanticChunkingConfiguration", + "markdownDescription": "Settings for semantic document chunking for a data source. Semantic chunking splits a document into smaller documents based on groups of similar content derived from the text with natural language processing.", + "title": "SemanticChunkingConfiguration" } }, "required": [ - "Name", - "TextTransformations" + "ChunkingStrategy" ], "type": "object" }, - "AWS::WAFv2::WebACL.RateLimitHeader": { + "AWS::Wisdom::KnowledgeBase.CrawlerLimits": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the header to use.", - "title": "Name", - "type": "string" - }, - "TextTransformations": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" - }, - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", - "title": "TextTransformations", - "type": "array" + "RateLimit": { + "markdownDescription": "The limit rate at which the crawler is configured.", + "title": "RateLimit", + "type": "number" } }, - "required": [ - "Name", - "TextTransformations" - ], "type": "object" }, - "AWS::WAFv2::WebACL.RateLimitLabelNamespace": { + "AWS::Wisdom::KnowledgeBase.FixedSizeChunkingConfiguration": { "additionalProperties": false, "properties": { - "Namespace": { - "markdownDescription": "The namespace to use for aggregation.", - "title": "Namespace", - "type": "string" + "MaxTokens": { + "markdownDescription": "The maximum number of tokens to include in a chunk.", + "title": "MaxTokens", + "type": "number" + }, + "OverlapPercentage": { + "markdownDescription": "The percentage of overlap between adjacent chunks of a data source.", + "title": "OverlapPercentage", + "type": "number" } }, "required": [ - "Namespace" + "MaxTokens", + "OverlapPercentage" ], "type": "object" }, - "AWS::WAFv2::WebACL.RateLimitQueryArgument": { + "AWS::Wisdom::KnowledgeBase.HierarchicalChunkingConfiguration": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the query argument to use.", - "title": "Name", - "type": "string" - }, - "TextTransformations": { + "LevelConfigurations": { "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.HierarchicalChunkingLevelConfiguration" }, - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", - "title": "TextTransformations", + "markdownDescription": "Token settings for each layer.", + "title": "LevelConfigurations", "type": "array" + }, + "OverlapTokens": { + "markdownDescription": "The number of tokens to repeat across chunks in the same layer.", + "title": "OverlapTokens", + "type": "number" } }, "required": [ - "Name", - "TextTransformations" + "LevelConfigurations", + "OverlapTokens" ], "type": "object" }, - "AWS::WAFv2::WebACL.RateLimitQueryString": { + "AWS::Wisdom::KnowledgeBase.HierarchicalChunkingLevelConfiguration": { "additionalProperties": false, "properties": { - "TextTransformations": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" - }, - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", - "title": "TextTransformations", - "type": "array" + "MaxTokens": { + "markdownDescription": "The maximum number of tokens that a chunk can contain in this layer.", + "title": "MaxTokens", + "type": "number" } }, "required": [ - "TextTransformations" + "MaxTokens" ], "type": "object" }, - "AWS::WAFv2::WebACL.RateLimitUriPath": { + "AWS::Wisdom::KnowledgeBase.ManagedSourceConfiguration": { "additionalProperties": false, "properties": { - "TextTransformations": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" - }, - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", - "title": "TextTransformations", - "type": "array" + "WebCrawlerConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.WebCrawlerConfiguration", + "markdownDescription": "Configuration data for web crawler data source.", + "title": "WebCrawlerConfiguration" } }, "required": [ - "TextTransformations" + "WebCrawlerConfiguration" ], "type": "object" }, - "AWS::WAFv2::WebACL.RegexMatchStatement": { + "AWS::Wisdom::KnowledgeBase.ParsingConfiguration": { "additionalProperties": false, "properties": { - "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToMatch", - "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", - "title": "FieldToMatch" + "BedrockFoundationModelConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.BedrockFoundationModelConfiguration", + "markdownDescription": "Settings for a foundation model used to parse documents for a data source.", + "title": "BedrockFoundationModelConfiguration" }, - "RegexString": { - "markdownDescription": "The string representing the regular expression.", - "title": "RegexString", + "ParsingStrategy": { + "markdownDescription": "The parsing strategy for the data source.", + "title": "ParsingStrategy", "type": "string" - }, - "TextTransformations": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" - }, - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", - "title": "TextTransformations", - "type": "array" } }, "required": [ - "FieldToMatch", - "RegexString", - "TextTransformations" + "ParsingStrategy" ], "type": "object" }, - "AWS::WAFv2::WebACL.RegexPatternSetReferenceStatement": { + "AWS::Wisdom::KnowledgeBase.ParsingPrompt": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the `RegexPatternSet` that this statement references.", - "title": "Arn", + "ParsingPromptText": { + "markdownDescription": "Instructions for interpreting the contents of a document.", + "title": "ParsingPromptText", "type": "string" - }, - "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToMatch", - "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", - "title": "FieldToMatch" - }, - "TextTransformations": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" - }, - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", - "title": "TextTransformations", - "type": "array" } }, "required": [ - "Arn", - "FieldToMatch", - "TextTransformations" + "ParsingPromptText" ], "type": "object" }, - "AWS::WAFv2::WebACL.RequestBodyAssociatedResourceTypeConfig": { + "AWS::Wisdom::KnowledgeBase.RenderingConfiguration": { "additionalProperties": false, "properties": { - "DefaultSizeInspectionLimit": { - "markdownDescription": "Specifies the maximum size of the web request body component that an associated CloudFront, API Gateway, Amazon Cognito, App Runner, or Verified Access resource should send to AWS WAF for inspection. This applies to statements in the web ACL that inspect the body or JSON body.\n\nDefault: `16 KB (16,384 bytes)`", - "title": "DefaultSizeInspectionLimit", + "TemplateUri": { + "markdownDescription": "A URI template containing exactly one variable in `${variableName}` format. This can only be set for `EXTERNAL` knowledge bases. For Salesforce, ServiceNow, and Zendesk, the variable must be one of the following:\n\n- Salesforce: `Id` , `ArticleNumber` , `VersionNumber` , `Title` , `PublishStatus` , or `IsDeleted`\n- ServiceNow: `number` , `short_description` , `sys_mod_count` , `workflow_state` , or `active`\n- Zendesk: `id` , `title` , `updated_at` , or `draft`\n\nThe variable is replaced with the actual value for a piece of content when calling [GetContent](https://docs.aws.amazon.com/amazon-q-connect/latest/APIReference/API_GetContent.html) .", + "title": "TemplateUri", "type": "string" } }, - "required": [ - "DefaultSizeInspectionLimit" - ], "type": "object" }, - "AWS::WAFv2::WebACL.RequestInspection": { + "AWS::Wisdom::KnowledgeBase.SeedUrl": { "additionalProperties": false, "properties": { - "PasswordField": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", - "markdownDescription": "The name of the field in the request payload that contains your customer's password.\n\nHow you specify this depends on the request inspection payload type.\n\n- For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"password\": \"THE_PASSWORD\" } }` , the password field specification is `/form/password` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with the input element named `password1` , the password field specification is `password1` .", - "title": "PasswordField" - }, - "PayloadType": { - "markdownDescription": "The payload type for your login endpoint, either JSON or form encoded.", - "title": "PayloadType", + "Url": { + "markdownDescription": "URL for crawling", + "title": "Url", "type": "string" - }, - "UsernameField": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", - "markdownDescription": "The name of the field in the request payload that contains your customer's username.\n\nHow you specify this depends on the request inspection payload type.\n\n- For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"username\": \"THE_USERNAME\" } }` , the username field specification is `/form/username` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with the input element named `username1` , the username field specification is `username1`", - "title": "UsernameField" } }, - "required": [ - "PasswordField", - "PayloadType", - "UsernameField" - ], "type": "object" }, - "AWS::WAFv2::WebACL.RequestInspectionACFP": { + "AWS::Wisdom::KnowledgeBase.SemanticChunkingConfiguration": { "additionalProperties": false, "properties": { - "AddressFields": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier" - }, - "markdownDescription": "The names of the fields in the request payload that contain your customer's primary physical address.\n\nOrder the address fields in the array exactly as they are ordered in the request payload.\n\nHow you specify the address fields depends on the request inspection payload type.\n\n- For JSON payloads, specify the field identifiers in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"primaryaddressline1\": \"THE_ADDRESS1\", \"primaryaddressline2\": \"THE_ADDRESS2\", \"primaryaddressline3\": \"THE_ADDRESS3\" } }` , the address field idenfiers are `/form/primaryaddressline1` , `/form/primaryaddressline2` , and `/form/primaryaddressline3` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with input elements named `primaryaddressline1` , `primaryaddressline2` , and `primaryaddressline3` , the address fields identifiers are `primaryaddressline1` , `primaryaddressline2` , and `primaryaddressline3` .", - "title": "AddressFields", - "type": "array" - }, - "EmailField": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", - "markdownDescription": "The name of the field in the request payload that contains your customer's email.\n\nHow you specify this depends on the request inspection payload type.\n\n- For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"email\": \"THE_EMAIL\" } }` , the email field specification is `/form/email` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with the input element named `email1` , the email field specification is `email1` .", - "title": "EmailField" - }, - "PasswordField": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", - "markdownDescription": "The name of the field in the request payload that contains your customer's password.\n\nHow you specify this depends on the request inspection payload type.\n\n- For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"password\": \"THE_PASSWORD\" } }` , the password field specification is `/form/password` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with the input element named `password1` , the password field specification is `password1` .", - "title": "PasswordField" - }, - "PayloadType": { - "markdownDescription": "The payload type for your account creation endpoint, either JSON or form encoded.", - "title": "PayloadType", - "type": "string" + "BreakpointPercentileThreshold": { + "markdownDescription": "The dissimilarity threshold for splitting chunks.", + "title": "BreakpointPercentileThreshold", + "type": "number" }, - "PhoneNumberFields": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier" - }, - "markdownDescription": "The names of the fields in the request payload that contain your customer's primary phone number.\n\nOrder the phone number fields in the array exactly as they are ordered in the request payload.\n\nHow you specify the phone number fields depends on the request inspection payload type.\n\n- For JSON payloads, specify the field identifiers in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"primaryphoneline1\": \"THE_PHONE1\", \"primaryphoneline2\": \"THE_PHONE2\", \"primaryphoneline3\": \"THE_PHONE3\" } }` , the phone number field identifiers are `/form/primaryphoneline1` , `/form/primaryphoneline2` , and `/form/primaryphoneline3` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with input elements named `primaryphoneline1` , `primaryphoneline2` , and `primaryphoneline3` , the phone number field identifiers are `primaryphoneline1` , `primaryphoneline2` , and `primaryphoneline3` .", - "title": "PhoneNumberFields", - "type": "array" + "BufferSize": { + "markdownDescription": "The buffer size.", + "title": "BufferSize", + "type": "number" }, - "UsernameField": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", - "markdownDescription": "The name of the field in the request payload that contains your customer's username.\n\nHow you specify this depends on the request inspection payload type.\n\n- For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"username\": \"THE_USERNAME\" } }` , the username field specification is `/form/username` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with the input element named `username1` , the username field specification is `username1`", - "title": "UsernameField" + "MaxTokens": { + "markdownDescription": "The maximum number of tokens that a chunk can contain.", + "title": "MaxTokens", + "type": "number" } }, "required": [ - "PayloadType" + "BreakpointPercentileThreshold", + "BufferSize", + "MaxTokens" ], "type": "object" }, - "AWS::WAFv2::WebACL.ResponseInspection": { + "AWS::Wisdom::KnowledgeBase.ServerSideEncryptionConfiguration": { "additionalProperties": false, "properties": { - "BodyContains": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspectionBodyContains", - "markdownDescription": "Configures inspection of the response body for success and failure indicators. AWS WAF can inspect the first 65,536 bytes (64 KB) of the response body.", - "title": "BodyContains" - }, - "Header": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspectionHeader", - "markdownDescription": "Configures inspection of the response header for success and failure indicators.", - "title": "Header" - }, - "Json": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspectionJson", - "markdownDescription": "Configures inspection of the response JSON for success and failure indicators. AWS WAF can inspect the first 65,536 bytes (64 KB) of the response JSON.", - "title": "Json" - }, - "StatusCode": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspectionStatusCode", - "markdownDescription": "Configures inspection of the response status code for success and failure indicators.", - "title": "StatusCode" + "KmsKeyId": { + "markdownDescription": "The customer managed key used for encryption.\n\nThis customer managed key must have a policy that allows `kms:CreateGrant` and `kms:DescribeKey` permissions to the IAM identity using the key to invoke Wisdom.\n\nFor more information about setting up a customer managed key for Wisdom, see [Enable Amazon Connect Wisdom for your instance](https://docs.aws.amazon.com/connect/latest/adminguide/enable-wisdom.html) . For information about valid ID values, see [Key identifiers (KeyId)](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id) .", + "title": "KmsKeyId", + "type": "string" } }, "type": "object" }, - "AWS::WAFv2::WebACL.ResponseInspectionBodyContains": { + "AWS::Wisdom::KnowledgeBase.SourceConfiguration": { "additionalProperties": false, "properties": { - "FailureStrings": { - "items": { - "type": "string" - }, - "markdownDescription": "Strings in the body of the response that indicate a failed login or account creation attempt. To be counted as a failure, the string can be anywhere in the body and must be an exact match, including case. Each string must be unique among the success and failure strings.\n\nJSON example: `\"FailureStrings\": [ \"Request failed\" ]`", - "title": "FailureStrings", - "type": "array" + "AppIntegrations": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.AppIntegrationsConfiguration", + "markdownDescription": "Configuration information for Amazon AppIntegrations to automatically ingest content.", + "title": "AppIntegrations" }, - "SuccessStrings": { - "items": { - "type": "string" - }, - "markdownDescription": "Strings in the body of the response that indicate a successful login or account creation attempt. To be counted as a success, the string can be anywhere in the body and must be an exact match, including case. Each string must be unique among the success and failure strings.\n\nJSON examples: `\"SuccessStrings\": [ \"Login successful\" ]` and `\"SuccessStrings\": [ \"Account creation successful\", \"Welcome to our site!\" ]`", - "title": "SuccessStrings", - "type": "array" + "ManagedSourceConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.ManagedSourceConfiguration", + "markdownDescription": "Source configuration for managed resources.", + "title": "ManagedSourceConfiguration" } }, - "required": [ - "FailureStrings", - "SuccessStrings" - ], "type": "object" }, - "AWS::WAFv2::WebACL.ResponseInspectionHeader": { + "AWS::Wisdom::KnowledgeBase.UrlConfiguration": { "additionalProperties": false, "properties": { - "FailureValues": { - "items": { - "type": "string" - }, - "markdownDescription": "Values in the response header with the specified name that indicate a failed login or account creation attempt. To be counted as a failure, the value must be an exact match, including case. Each value must be unique among the success and failure values.\n\nJSON examples: `\"FailureValues\": [ \"LoginFailed\", \"Failed login\" ]` and `\"FailureValues\": [ \"AccountCreationFailed\" ]`", - "title": "FailureValues", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the header to match against. The name must be an exact match, including case.\n\nJSON example: `\"Name\": [ \"RequestResult\" ]`", - "title": "Name", - "type": "string" - }, - "SuccessValues": { + "SeedUrls": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.SeedUrl" }, - "markdownDescription": "Values in the response header with the specified name that indicate a successful login or account creation attempt. To be counted as a success, the value must be an exact match, including case. Each value must be unique among the success and failure values.\n\nJSON examples: `\"SuccessValues\": [ \"LoginPassed\", \"Successful login\" ]` and `\"SuccessValues\": [ \"AccountCreated\", \"Successful account creation\" ]`", - "title": "SuccessValues", + "markdownDescription": "List of URLs for crawling.", + "title": "SeedUrls", "type": "array" } }, - "required": [ - "FailureValues", - "Name", - "SuccessValues" - ], "type": "object" }, - "AWS::WAFv2::WebACL.ResponseInspectionJson": { + "AWS::Wisdom::KnowledgeBase.VectorIngestionConfiguration": { "additionalProperties": false, "properties": { - "FailureValues": { - "items": { - "type": "string" - }, - "markdownDescription": "Values for the specified identifier in the response JSON that indicate a failed login or account creation attempt. To be counted as a failure, the value must be an exact match, including case. Each value must be unique among the success and failure values.\n\nJSON example: `\"FailureValues\": [ \"False\", \"Failed\" ]`", - "title": "FailureValues", - "type": "array" - }, - "Identifier": { - "markdownDescription": "The identifier for the value to match against in the JSON. The identifier must be an exact match, including case.\n\nJSON examples: `\"Identifier\": [ \"/login/success\" ]` and `\"Identifier\": [ \"/sign-up/success\" ]`", - "title": "Identifier", - "type": "string" + "ChunkingConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.ChunkingConfiguration", + "markdownDescription": "Details about how to chunk the documents in the data source. A chunk refers to an excerpt from a data source that is returned when the knowledge base that it belongs to is queried.", + "title": "ChunkingConfiguration" }, - "SuccessValues": { - "items": { - "type": "string" - }, - "markdownDescription": "Values for the specified identifier in the response JSON that indicate a successful login or account creation attempt. To be counted as a success, the value must be an exact match, including case. Each value must be unique among the success and failure values.\n\nJSON example: `\"SuccessValues\": [ \"True\", \"Succeeded\" ]`", - "title": "SuccessValues", - "type": "array" + "ParsingConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.ParsingConfiguration", + "markdownDescription": "A custom parser for data source documents.", + "title": "ParsingConfiguration" } }, - "required": [ - "FailureValues", - "Identifier", - "SuccessValues" - ], "type": "object" }, - "AWS::WAFv2::WebACL.ResponseInspectionStatusCode": { + "AWS::Wisdom::KnowledgeBase.WebCrawlerConfiguration": { "additionalProperties": false, "properties": { - "FailureCodes": { + "CrawlerLimits": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.CrawlerLimits", + "markdownDescription": "The configuration of crawl limits for the web URLs.", + "title": "CrawlerLimits" + }, + "ExclusionFilters": { "items": { - "type": "number" + "type": "string" }, - "markdownDescription": "Status codes in the response that indicate a failed login or account creation attempt. To be counted as a failure, the response status code must match one of these. Each code must be unique among the success and failure status codes.\n\nJSON example: `\"FailureCodes\": [ 400, 404 ]`", - "title": "FailureCodes", + "markdownDescription": "A list of one or more exclusion regular expression patterns to exclude certain URLs. If you specify an inclusion and exclusion filter/pattern and both match a URL, the exclusion filter takes precedence and the web content of the URL isn\u2019t crawled.", + "title": "ExclusionFilters", "type": "array" }, - "SuccessCodes": { + "InclusionFilters": { "items": { - "type": "number" + "type": "string" }, - "markdownDescription": "Status codes in the response that indicate a successful login or account creation attempt. To be counted as a success, the response status code must match one of these. Each code must be unique among the success and failure status codes.\n\nJSON example: `\"SuccessCodes\": [ 200, 201 ]`", - "title": "SuccessCodes", + "markdownDescription": "A list of one or more inclusion regular expression patterns to include certain URLs. If you specify an inclusion and exclusion filter/pattern and both match a URL, the exclusion filter takes precedence and the web content of the URL isn\u2019t crawled.", + "title": "InclusionFilters", "type": "array" + }, + "Scope": { + "markdownDescription": "The scope of what is crawled for your URLs. You can choose to crawl only web pages that belong to the same host or primary domain. For example, only web pages that contain the seed URL `https://docs.aws.amazon.com/bedrock/latest/userguide/` and no other domains. You can choose to include sub domains in addition to the host or primary domain. For example, web pages that contain `aws.amazon.com` can also include sub domain `docs.aws.amazon.com` .", + "title": "Scope", + "type": "string" + }, + "UrlConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.UrlConfiguration", + "markdownDescription": "The configuration of the URL/URLs for the web content that you want to crawl. You should be authorized to crawl the URLs.", + "title": "UrlConfiguration" } }, "required": [ - "FailureCodes", - "SuccessCodes" + "UrlConfiguration" ], "type": "object" }, - "AWS::WAFv2::WebACL.Rule": { + "AWS::Wisdom::MessageTemplate": { "additionalProperties": false, "properties": { - "Action": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RuleAction", - "markdownDescription": "The action that AWS WAF should take on a web request when it matches the rule's statement. Settings at the web ACL level can override the rule action setting.\n\nThis is used only for rules whose statements don't reference a rule group. Rule statements that reference a rule group are `RuleGroupReferenceStatement` and `ManagedRuleGroupStatement` .\n\nYou must set either this `Action` setting or the rule's `OverrideAction` , but not both:\n\n- If the rule statement doesn't reference a rule group, you must set this rule action setting and you must not set the rule's override action setting.\n- If the rule statement references a rule group, you must not set this action setting, because the actions are already set on the rules inside the rule group. You must set the rule's override action setting to indicate specifically whether to override the actions that are set on the rules in the rule group.", - "title": "Action" - }, - "CaptchaConfig": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.CaptchaConfig", - "markdownDescription": "Specifies how AWS WAF should handle `CAPTCHA` evaluations. If you don't specify this, AWS WAF uses the `CAPTCHA` configuration that's defined for the web ACL.", - "title": "CaptchaConfig" - }, - "ChallengeConfig": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ChallengeConfig", - "markdownDescription": "Specifies how AWS WAF should handle `Challenge` evaluations. If you don't specify this, AWS WAF uses the challenge configuration that's defined for the web ACL.", - "title": "ChallengeConfig" + "Condition": { + "type": "string" }, - "Name": { - "markdownDescription": "The name of the rule.\n\nIf you change the name of a `Rule` after you create it and you want the rule's metric name to reflect the change, update the metric name in the rule's `VisibilityConfig` settings. AWS WAF doesn't automatically update the metric name when you update the rule name.", - "title": "Name", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "OverrideAction": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.OverrideAction", - "markdownDescription": "The override action to apply to the rules in a rule group, instead of the individual rule action settings. This is used only for rules whose statements reference a rule group. Rule statements that reference a rule group are `RuleGroupReferenceStatement` and `ManagedRuleGroupStatement` .\n\nSet the override action to none to leave the rule group rule actions in effect. Set it to count to only count matches, regardless of the rule action settings.\n\nYou must set either this `OverrideAction` setting or the `Action` setting, but not both:\n\n- If the rule statement references a rule group, you must set this override action setting and you must not set the rule's action setting.\n- If the rule statement doesn't reference a rule group, you must set the rule action setting and you must not set the rule's override action setting.", - "title": "OverrideAction" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Priority": { - "markdownDescription": "If you define more than one `Rule` in a `WebACL` , AWS WAF evaluates each request against the `Rules` in order based on the value of `Priority` . AWS WAF processes rules with lower priority first. The priorities don't need to be consecutive, but they must all be different.", - "title": "Priority", - "type": "number" + "Metadata": { + "type": "object" }, - "RuleLabels": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.Label" + "Properties": { + "additionalProperties": false, + "properties": { + "ChannelSubtype": { + "markdownDescription": "The channel subtype this message template applies to.", + "title": "ChannelSubtype", + "type": "string" + }, + "Content": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.Content", + "markdownDescription": "The content of the message template.", + "title": "Content" + }, + "DefaultAttributes": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.MessageTemplateAttributes", + "markdownDescription": "An object that specifies the default values to use for variables in the message template. This object contains different categories of key-value pairs. Each key defines a variable or placeholder in the message template. The corresponding value defines the default value for that variable.", + "title": "DefaultAttributes" + }, + "Description": { + "markdownDescription": "The description of the message template.", + "title": "Description", + "type": "string" + }, + "GroupingConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.GroupingConfiguration", + "markdownDescription": "The configuration information of the external data source.", + "title": "GroupingConfiguration" + }, + "KnowledgeBaseArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the knowledge base.", + "title": "KnowledgeBaseArn", + "type": "string" + }, + "Language": { + "markdownDescription": "The language code value for the language in which the quick response is written. The supported language codes include `de_DE` , `en_US` , `es_ES` , `fr_FR` , `id_ID` , `it_IT` , `ja_JP` , `ko_KR` , `pt_BR` , `zh_CN` , `zh_TW`", + "title": "Language", + "type": "string" + }, + "MessageTemplateAttachments": { + "items": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.MessageTemplateAttachment" + }, + "markdownDescription": "List of message template attachments.", + "title": "MessageTemplateAttachments", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the message template.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "Labels to apply to web requests that match the rule match statement. AWS WAF applies fully qualified labels to matching web requests. A fully qualified label is the concatenation of a label namespace and a rule label. The rule's rule group or web ACL defines the label namespace.\n\n> Any rule that isn't a rule group reference statement or managed rule group statement can add labels to matching web requests. \n\nRules that run after this rule in the web ACL can match against these labels using a `LabelMatchStatement` .\n\nFor each label, provide a case-sensitive string containing optional namespaces and a label name, according to the following guidelines:\n\n- Separate each component of the label with a colon.\n- Each namespace or name can have up to 128 characters.\n- You can specify up to 5 namespaces in a label.\n- Don't use the following reserved words in your label specification: `aws` , `waf` , `managed` , `rulegroup` , `webacl` , `regexpatternset` , or `ipset` .\n\nFor example, `myLabelName` or `nameSpace1:nameSpace2:myLabelName` .", - "title": "RuleLabels", - "type": "array" + "required": [ + "ChannelSubtype", + "Content", + "KnowledgeBaseArn", + "Name" + ], + "type": "object" }, - "Statement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.Statement", - "markdownDescription": "The AWS WAF processing statement for the rule, for example `ByteMatchStatement` or `SizeConstraintStatement` .", - "title": "Statement" + "Type": { + "enum": [ + "AWS::Wisdom::MessageTemplate" + ], + "type": "string" }, - "VisibilityConfig": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.VisibilityConfig", - "markdownDescription": "Defines and enables Amazon CloudWatch metrics and web request sample collection.\n\nIf you change the name of a `Rule` after you create it and you want the rule's metric name to reflect the change, update the metric name as well. AWS WAF doesn't automatically update the metric name.", - "title": "VisibilityConfig" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Name", - "Priority", - "Statement", - "VisibilityConfig" + "Type", + "Properties" ], "type": "object" }, - "AWS::WAFv2::WebACL.RuleAction": { + "AWS::Wisdom::MessageTemplate.AgentAttributes": { "additionalProperties": false, "properties": { - "Allow": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.AllowAction", - "markdownDescription": "Instructs AWS WAF to allow the web request.", - "title": "Allow" - }, - "Block": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.BlockAction", - "markdownDescription": "Instructs AWS WAF to block the web request.", - "title": "Block" - }, - "Captcha": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.CaptchaAction", - "markdownDescription": "Specifies that AWS WAF should run a `CAPTCHA` check against the request:\n\n- If the request includes a valid, unexpired `CAPTCHA` token, AWS WAF allows the web request inspection to proceed to the next rule, similar to a `CountAction` .\n- If the request doesn't include a valid, unexpired `CAPTCHA` token, AWS WAF discontinues the web ACL evaluation of the request and blocks it from going to its intended destination.\n\nAWS WAF generates a response that it sends back to the client, which includes the following:\n\n- The header `x-amzn-waf-action` with a value of `captcha` .\n- The HTTP status code `405 Method Not Allowed` .\n- If the request contains an `Accept` header with a value of `text/html` , the response includes a `CAPTCHA` challenge.\n\nYou can configure the expiration time in the `CaptchaConfig` `ImmunityTimeProperty` setting at the rule and web ACL level. The rule setting overrides the web ACL setting.\n\nThis action option is available for rules. It isn't available for web ACL default actions.", - "title": "Captcha" - }, - "Challenge": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ChallengeAction", - "markdownDescription": "Instructs AWS WAF to run a `Challenge` check against the web request.", - "title": "Challenge" + "FirstName": { + "markdownDescription": "The agent\u2019s first name as entered in their Amazon Connect user account.", + "title": "FirstName", + "type": "string" }, - "Count": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.CountAction", - "markdownDescription": "Instructs AWS WAF to count the web request and then continue evaluating the request using the remaining rules in the web ACL.", - "title": "Count" + "LastName": { + "markdownDescription": "The agent\u2019s last name as entered in their Amazon Connect user account.", + "title": "LastName", + "type": "string" } }, "type": "object" }, - "AWS::WAFv2::WebACL.RuleActionOverride": { + "AWS::Wisdom::MessageTemplate.Content": { "additionalProperties": false, "properties": { - "ActionToUse": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RuleAction", - "markdownDescription": "The override action to use, in place of the configured action of the rule in the rule group.", - "title": "ActionToUse" + "EmailMessageTemplateContent": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.EmailMessageTemplateContent", + "markdownDescription": "The content of the message template that applies to the email channel subtype.", + "title": "EmailMessageTemplateContent" }, - "Name": { - "markdownDescription": "The name of the rule to override.", - "title": "Name", - "type": "string" + "SmsMessageTemplateContent": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.SmsMessageTemplateContent", + "markdownDescription": "The content of message template that applies to SMS channel subtype.", + "title": "SmsMessageTemplateContent" } }, - "required": [ - "ActionToUse", - "Name" - ], "type": "object" }, - "AWS::WAFv2::WebACL.RuleGroupReferenceStatement": { + "AWS::Wisdom::MessageTemplate.CustomerProfileAttributes": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the entity.", - "title": "Arn", + "AccountNumber": { + "markdownDescription": "A unique account number that you have given to the customer.", + "title": "AccountNumber", "type": "string" }, - "ExcludedRules": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ExcludedRule" - }, - "markdownDescription": "Rules in the referenced rule group whose actions are set to `Count` .\n\n> Instead of this option, use `RuleActionOverrides` . It accepts any valid action setting, including `Count` .", - "title": "ExcludedRules", - "type": "array" + "AdditionalInformation": { + "markdownDescription": "Any additional information relevant to the customer's profile.", + "title": "AdditionalInformation", + "type": "string" }, - "RuleActionOverrides": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RuleActionOverride" - }, - "markdownDescription": "Action settings to use in the place of the rule actions that are configured inside the rule group. You specify one override for each rule whose action you want to change.\n\n> Take care to verify the rule names in your overrides. If you provide a rule name that doesn't match the name of any rule in the rule group, AWS WAF doesn't return an error and doesn't apply the override setting. \n\nYou can use overrides for testing, for example you can override all of rule actions to `Count` and then monitor the resulting count metrics to understand how the rule group would handle your web traffic. You can also permanently override some or all actions, to modify how the rule group manages your web traffic.", - "title": "RuleActionOverrides", - "type": "array" - } - }, - "required": [ - "Arn" - ], - "type": "object" - }, - "AWS::WAFv2::WebACL.SingleHeader": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the query header to inspect.", - "title": "Name", + "Address1": { + "markdownDescription": "The first line of a customer address.", + "title": "Address1", "type": "string" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "AWS::WAFv2::WebACL.SingleQueryArgument": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the query argument to inspect.", - "title": "Name", + }, + "Address2": { + "markdownDescription": "The second line of a customer address.", + "title": "Address2", "type": "string" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "AWS::WAFv2::WebACL.SizeConstraintStatement": { - "additionalProperties": false, - "properties": { - "ComparisonOperator": { - "markdownDescription": "The operator to use to compare the request part to the size setting.", - "title": "ComparisonOperator", + }, + "Address3": { + "markdownDescription": "The third line of a customer address.", + "title": "Address3", "type": "string" }, - "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToMatch", - "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", - "title": "FieldToMatch" + "Address4": { + "markdownDescription": "The fourth line of a customer address.", + "title": "Address4", + "type": "string" }, - "Size": { - "markdownDescription": "The size, in byte, to compare to the request part, after any transformations.", - "title": "Size", - "type": "number" + "BillingAddress1": { + "markdownDescription": "The first line of a customer\u2019s billing address.", + "title": "BillingAddress1", + "type": "string" }, - "TextTransformations": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" - }, - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", - "title": "TextTransformations", - "type": "array" - } - }, - "required": [ - "ComparisonOperator", - "FieldToMatch", - "Size", - "TextTransformations" - ], - "type": "object" - }, - "AWS::WAFv2::WebACL.SqliMatchStatement": { - "additionalProperties": false, - "properties": { - "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToMatch", - "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", - "title": "FieldToMatch" + "BillingAddress2": { + "markdownDescription": "The second line of a customer\u2019s billing address.", + "title": "BillingAddress2", + "type": "string" }, - "SensitivityLevel": { - "markdownDescription": "The sensitivity that you want AWS WAF to use to inspect for SQL injection attacks.\n\n`HIGH` detects more attacks, but might generate more false positives, especially if your web requests frequently contain unusual strings. For information about identifying and mitigating false positives, see [Testing and tuning](https://docs.aws.amazon.com/waf/latest/developerguide/web-acl-testing.html) in the *AWS WAF Developer Guide* .\n\n`LOW` is generally a better choice for resources that already have other protections against SQL injection attacks or that have a low tolerance for false positives.\n\nDefault: `LOW`", - "title": "SensitivityLevel", + "BillingAddress3": { + "markdownDescription": "The third line of a customer\u2019s billing address.", + "title": "BillingAddress3", "type": "string" }, - "TextTransformations": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" + "BillingAddress4": { + "markdownDescription": "The fourth line of a customer\u2019s billing address.", + "title": "BillingAddress4", + "type": "string" + }, + "BillingCity": { + "markdownDescription": "The city of a customer\u2019s billing address.", + "title": "BillingCity", + "type": "string" + }, + "BillingCountry": { + "markdownDescription": "The country of a customer\u2019s billing address.", + "title": "BillingCountry", + "type": "string" + }, + "BillingCounty": { + "markdownDescription": "The county of a customer\u2019s billing address.", + "title": "BillingCounty", + "type": "string" + }, + "BillingPostalCode": { + "markdownDescription": "The postal code of a customer\u2019s billing address.", + "title": "BillingPostalCode", + "type": "string" + }, + "BillingProvince": { + "markdownDescription": "The province of a customer\u2019s billing address.", + "title": "BillingProvince", + "type": "string" + }, + "BillingState": { + "markdownDescription": "The state of a customer\u2019s billing address.", + "title": "BillingState", + "type": "string" + }, + "BirthDate": { + "markdownDescription": "The customer's birth date.", + "title": "BirthDate", + "type": "string" + }, + "BusinessEmailAddress": { + "markdownDescription": "The customer's business email address.", + "title": "BusinessEmailAddress", + "type": "string" + }, + "BusinessName": { + "markdownDescription": "The name of the customer's business.", + "title": "BusinessName", + "type": "string" + }, + "BusinessPhoneNumber": { + "markdownDescription": "The customer's business phone number.", + "title": "BusinessPhoneNumber", + "type": "string" + }, + "City": { + "markdownDescription": "The city in which a customer lives.", + "title": "City", + "type": "string" + }, + "Country": { + "markdownDescription": "The country in which a customer lives.", + "title": "Country", + "type": "string" + }, + "County": { + "markdownDescription": "The county in which a customer lives.", + "title": "County", + "type": "string" + }, + "Custom": { + "additionalProperties": true, + "markdownDescription": "The custom attributes in customer profile attributes.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", - "title": "TextTransformations", - "type": "array" - } - }, - "required": [ - "FieldToMatch", - "TextTransformations" - ], - "type": "object" - }, - "AWS::WAFv2::WebACL.Statement": { - "additionalProperties": false, - "properties": { - "AndStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.AndStatement", - "markdownDescription": "A logical rule statement used to combine other rule statements with AND logic. You provide more than one `Statement` within the `AndStatement` .", - "title": "AndStatement" + "title": "Custom", + "type": "object" }, - "ByteMatchStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ByteMatchStatement", - "markdownDescription": "A rule statement that defines a string match search for AWS WAF to apply to web requests. The byte match statement provides the bytes to search for, the location in requests that you want AWS WAF to search, and other settings. The bytes to search for are typically a string that corresponds with ASCII characters. In the AWS WAF console and the developer guide, this is called a string match statement.", - "title": "ByteMatchStatement" + "EmailAddress": { + "markdownDescription": "The customer's email address, which has not been specified as a personal or business address.", + "title": "EmailAddress", + "type": "string" }, - "GeoMatchStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.GeoMatchStatement", - "markdownDescription": "A rule statement that labels web requests by country and region and that matches against web requests based on country code. A geo match rule labels every request that it inspects regardless of whether it finds a match.\n\n- To manage requests only by country, you can use this statement by itself and specify the countries that you want to match against in the `CountryCodes` array.\n- Otherwise, configure your geo match rule with Count action so that it only labels requests. Then, add one or more label match rules to run after the geo match rule and configure them to match against the geographic labels and handle the requests as needed.\n\nAWS WAF labels requests using the alpha-2 country and region codes from the International Organization for Standardization (ISO) 3166 standard. AWS WAF determines the codes using either the IP address in the web request origin or, if you specify it, the address in the geo match `ForwardedIPConfig` .\n\nIf you use the web request origin, the label formats are `awswaf:clientip:geo:region:-` and `awswaf:clientip:geo:country:` .\n\nIf you use a forwarded IP address, the label formats are `awswaf:forwardedip:geo:region:-` and `awswaf:forwardedip:geo:country:` .\n\nFor additional details, see [Geographic match rule statement](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-type-geo-match.html) in the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html) .", - "title": "GeoMatchStatement" + "FirstName": { + "markdownDescription": "The customer's first name.", + "title": "FirstName", + "type": "string" }, - "IPSetReferenceStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.IPSetReferenceStatement", - "markdownDescription": "A rule statement used to detect web requests coming from particular IP addresses or address ranges. To use this, create an `IPSet` that specifies the addresses you want to detect, then use the ARN of that set in this statement.\n\nEach IP set rule statement references an IP set. You create and maintain the set independent of your rules. This allows you to use the single set in multiple rules. When you update the referenced set, AWS WAF automatically updates all rules that reference it.", - "title": "IPSetReferenceStatement" + "Gender": { + "markdownDescription": "The customer's gender.", + "title": "Gender", + "type": "string" }, - "LabelMatchStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.LabelMatchStatement", - "markdownDescription": "A rule statement to match against labels that have been added to the web request by rules that have already run in the web ACL.\n\nThe label match statement provides the label or namespace string to search for. The label string can represent a part or all of the fully qualified label name that had been added to the web request. Fully qualified labels have a prefix, optional namespaces, and label name. The prefix identifies the rule group or web ACL context of the rule that added the label. If you do not provide the fully qualified name in your label match string, AWS WAF performs the search for labels that were added in the same context as the label match statement.", - "title": "LabelMatchStatement" + "HomePhoneNumber": { + "markdownDescription": "The customer's mobile phone number.", + "title": "HomePhoneNumber", + "type": "string" }, - "ManagedRuleGroupStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ManagedRuleGroupStatement", - "markdownDescription": "A rule statement used to run the rules that are defined in a managed rule group. To use this, provide the vendor name and the name of the rule group in this statement. You can retrieve the required names through the API call `ListAvailableManagedRuleGroups` .\n\nYou cannot nest a `ManagedRuleGroupStatement` , for example for use inside a `NotStatement` or `OrStatement` . It can only be referenced as a top-level statement within a rule.\n\n> You are charged additional fees when you use the AWS WAF Bot Control managed rule group `AWSManagedRulesBotControlRuleSet` , the AWS WAF Fraud Control account takeover prevention (ATP) managed rule group `AWSManagedRulesATPRuleSet` , or the AWS WAF Fraud Control account creation fraud prevention (ACFP) managed rule group `AWSManagedRulesACFPRuleSet` . For more information, see [AWS WAF Pricing](https://docs.aws.amazon.com/waf/pricing/) .", - "title": "ManagedRuleGroupStatement" + "LastName": { + "markdownDescription": "The customer's last name.", + "title": "LastName", + "type": "string" }, - "NotStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.NotStatement", - "markdownDescription": "A logical rule statement used to negate the results of another rule statement. You provide one `Statement` within the `NotStatement` .", - "title": "NotStatement" + "MailingAddress1": { + "markdownDescription": "The first line of a customer\u2019s mailing address.", + "title": "MailingAddress1", + "type": "string" }, - "OrStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.OrStatement", - "markdownDescription": "A logical rule statement used to combine other rule statements with OR logic. You provide more than one `Statement` within the `OrStatement` .", - "title": "OrStatement" + "MailingAddress2": { + "markdownDescription": "The second line of a customer\u2019s mailing address.", + "title": "MailingAddress2", + "type": "string" }, - "RateBasedStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RateBasedStatement", - "markdownDescription": "A rate-based rule counts incoming requests and rate limits requests when they are coming at too fast a rate. The rule categorizes requests according to your aggregation criteria, collects them into aggregation instances, and counts and rate limits the requests for each instance.\n\n> If you change any of these settings in a rule that's currently in use, the change resets the rule's rate limiting counts. This can pause the rule's rate limiting activities for up to a minute. \n\nYou can specify individual aggregation keys, like IP address or HTTP method. You can also specify aggregation key combinations, like IP address and HTTP method, or HTTP method, query argument, and cookie.\n\nEach unique set of values for the aggregation keys that you specify is a separate aggregation instance, with the value from each key contributing to the aggregation instance definition.\n\nFor example, assume the rule evaluates web requests with the following IP address and HTTP method values:\n\n- IP address 10.1.1.1, HTTP method POST\n- IP address 10.1.1.1, HTTP method GET\n- IP address 127.0.0.0, HTTP method POST\n- IP address 10.1.1.1, HTTP method GET\n\nThe rule would create different aggregation instances according to your aggregation criteria, for example:\n\n- If the aggregation criteria is just the IP address, then each individual address is an aggregation instance, and AWS WAF counts requests separately for each. The aggregation instances and request counts for our example would be the following:\n\n- IP address 10.1.1.1: count 3\n- IP address 127.0.0.0: count 1\n- If the aggregation criteria is HTTP method, then each individual HTTP method is an aggregation instance. The aggregation instances and request counts for our example would be the following:\n\n- HTTP method POST: count 2\n- HTTP method GET: count 2\n- If the aggregation criteria is IP address and HTTP method, then each IP address and each HTTP method would contribute to the combined aggregation instance. The aggregation instances and request counts for our example would be the following:\n\n- IP address 10.1.1.1, HTTP method POST: count 1\n- IP address 10.1.1.1, HTTP method GET: count 2\n- IP address 127.0.0.0, HTTP method POST: count 1\n\nFor any n-tuple of aggregation keys, each unique combination of values for the keys defines a separate aggregation instance, which AWS WAF counts and rate-limits individually.\n\nYou can optionally nest another statement inside the rate-based statement, to narrow the scope of the rule so that it only counts and rate limits requests that match the nested statement. You can use this nested scope-down statement in conjunction with your aggregation key specifications or you can just count and rate limit all requests that match the scope-down statement, without additional aggregation. When you choose to just manage all requests that match a scope-down statement, the aggregation instance is singular for the rule.\n\nYou cannot nest a `RateBasedStatement` inside another statement, for example inside a `NotStatement` or `OrStatement` . You can define a `RateBasedStatement` inside a web ACL and inside a rule group.\n\nFor additional information about the options, see [Rate limiting web requests using rate-based rules](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rate-based-rules.html) in the *AWS WAF Developer Guide* .\n\nIf you only aggregate on the individual IP address or forwarded IP address, you can retrieve the list of IP addresses that AWS WAF is currently rate limiting for a rule through the API call `GetRateBasedStatementManagedKeys` . This option is not available for other aggregation configurations.\n\nAWS WAF tracks and manages web requests separately for each instance of a rate-based rule that you use. For example, if you provide the same rate-based rule settings in two web ACLs, each of the two rule statements represents a separate instance of the rate-based rule and gets its own tracking and management by AWS WAF . If you define a rate-based rule inside a rule group, and then use that rule group in multiple places, each use creates a separate instance of the rate-based rule that gets its own tracking and management by AWS WAF .", - "title": "RateBasedStatement" + "MailingAddress3": { + "markdownDescription": "The third line of a customer\u2019s mailing address.", + "title": "MailingAddress3", + "type": "string" }, - "RegexMatchStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RegexMatchStatement", - "markdownDescription": "A rule statement used to search web request components for a match against a single regular expression.", - "title": "RegexMatchStatement" + "MailingAddress4": { + "markdownDescription": "The fourth line of a customer\u2019s mailing address.", + "title": "MailingAddress4", + "type": "string" }, - "RegexPatternSetReferenceStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RegexPatternSetReferenceStatement", - "markdownDescription": "A rule statement used to search web request components for matches with regular expressions. To use this, create a `RegexPatternSet` that specifies the expressions that you want to detect, then use the ARN of that set in this statement. A web request matches the pattern set rule statement if the request component matches any of the patterns in the set.\n\nEach regex pattern set rule statement references a regex pattern set. You create and maintain the set independent of your rules. This allows you to use the single set in multiple rules. When you update the referenced set, AWS WAF automatically updates all rules that reference it.", - "title": "RegexPatternSetReferenceStatement" + "MailingCity": { + "markdownDescription": "The city of a customer\u2019s mailing address.", + "title": "MailingCity", + "type": "string" }, - "RuleGroupReferenceStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RuleGroupReferenceStatement", - "markdownDescription": "A rule statement used to run the rules that are defined in a `RuleGroup` . To use this, create a rule group with your rules, then provide the ARN of the rule group in this statement.\n\nYou cannot nest a `RuleGroupReferenceStatement` , for example for use inside a `NotStatement` or `OrStatement` . You cannot use a rule group reference statement inside another rule group. You can only reference a rule group as a top-level statement within a rule that you define in a web ACL.", - "title": "RuleGroupReferenceStatement" + "MailingCountry": { + "markdownDescription": "The country of a customer\u2019s mailing address.", + "title": "MailingCountry", + "type": "string" }, - "SizeConstraintStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.SizeConstraintStatement", - "markdownDescription": "A rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (>) or less than (<). For example, you can use a size constraint statement to look for query strings that are longer than 100 bytes.\n\nIf you configure AWS WAF to inspect the request body, AWS WAF inspects only the number of bytes in the body up to the limit for the web ACL and protected resource type. If you know that the request body for your web requests should never exceed the inspection limit, you can use a size constraint statement to block requests that have a larger request body size. For more information about the inspection limits, see `Body` and `JsonBody` settings for the `FieldToMatch` data type.\n\nIf you choose URI for the value of Part of the request to filter on, the slash (/) in the URI counts as one character. For example, the URI `/logo.jpg` is nine characters long.", - "title": "SizeConstraintStatement" + "MailingCounty": { + "markdownDescription": "The county of a customer\u2019s mailing address.", + "title": "MailingCounty", + "type": "string" }, - "SqliMatchStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.SqliMatchStatement", - "markdownDescription": "A rule statement that inspects for malicious SQL code. Attackers insert malicious SQL code into web requests to do things like modify your database or extract data from it.", - "title": "SqliMatchStatement" + "MailingPostalCode": { + "markdownDescription": "The postal code of a customer\u2019s mailing address.", + "title": "MailingPostalCode", + "type": "string" }, - "XssMatchStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.XssMatchStatement", - "markdownDescription": "A rule statement that inspects for cross-site scripting (XSS) attacks. In XSS attacks, the attacker uses vulnerabilities in a benign website as a vehicle to inject malicious client-site scripts into other legitimate web browsers.", - "title": "XssMatchStatement" + "MailingProvince": { + "markdownDescription": "The province of a customer\u2019s mailing address.", + "title": "MailingProvince", + "type": "string" + }, + "MailingState": { + "markdownDescription": "The state of a customer\u2019s mailing address.", + "title": "MailingState", + "type": "string" + }, + "MiddleName": { + "markdownDescription": "The customer's middle name.", + "title": "MiddleName", + "type": "string" + }, + "MobilePhoneNumber": { + "markdownDescription": "The customer's mobile phone number.", + "title": "MobilePhoneNumber", + "type": "string" + }, + "PartyType": { + "markdownDescription": "The customer's party type.", + "title": "PartyType", + "type": "string" + }, + "PhoneNumber": { + "markdownDescription": "The customer's phone number, which has not been specified as a mobile, home, or business number.", + "title": "PhoneNumber", + "type": "string" + }, + "PostalCode": { + "markdownDescription": "The postal code of a customer address.", + "title": "PostalCode", + "type": "string" + }, + "ProfileARN": { + "markdownDescription": "The ARN of a customer profile.", + "title": "ProfileARN", + "type": "string" + }, + "ProfileId": { + "markdownDescription": "The unique identifier of a customer profile.", + "title": "ProfileId", + "type": "string" + }, + "Province": { + "markdownDescription": "The province in which a customer lives.", + "title": "Province", + "type": "string" + }, + "ShippingAddress1": { + "markdownDescription": "The first line of a customer\u2019s shipping address.", + "title": "ShippingAddress1", + "type": "string" + }, + "ShippingAddress2": { + "markdownDescription": "The second line of a customer\u2019s shipping address.", + "title": "ShippingAddress2", + "type": "string" + }, + "ShippingAddress3": { + "markdownDescription": "The third line of a customer\u2019s shipping address.", + "title": "ShippingAddress3", + "type": "string" + }, + "ShippingAddress4": { + "markdownDescription": "The fourth line of a customer\u2019s shipping address.", + "title": "ShippingAddress4", + "type": "string" + }, + "ShippingCity": { + "markdownDescription": "The city of a customer\u2019s shipping address.", + "title": "ShippingCity", + "type": "string" + }, + "ShippingCountry": { + "markdownDescription": "The country of a customer\u2019s shipping address.", + "title": "ShippingCountry", + "type": "string" + }, + "ShippingCounty": { + "markdownDescription": "The county of a customer\u2019s shipping address.", + "title": "ShippingCounty", + "type": "string" + }, + "ShippingPostalCode": { + "markdownDescription": "The postal code of a customer\u2019s shipping address.", + "title": "ShippingPostalCode", + "type": "string" + }, + "ShippingProvince": { + "markdownDescription": "The province of a customer\u2019s shipping address.", + "title": "ShippingProvince", + "type": "string" + }, + "ShippingState": { + "markdownDescription": "The state of a customer\u2019s shipping address.", + "title": "ShippingState", + "type": "string" + }, + "State": { + "markdownDescription": "The state in which a customer lives.", + "title": "State", + "type": "string" } }, "type": "object" }, - "AWS::WAFv2::WebACL.TextTransformation": { + "AWS::Wisdom::MessageTemplate.EmailMessageTemplateContent": { "additionalProperties": false, "properties": { - "Priority": { - "markdownDescription": "Sets the relative processing order for multiple transformations. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content. The priorities don't need to be consecutive, but they must all be different.", - "title": "Priority", - "type": "number" + "Body": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.EmailMessageTemplateContentBody", + "markdownDescription": "The body to use in email messages.", + "title": "Body" + }, + "Headers": { + "items": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.EmailMessageTemplateHeader" + }, + "markdownDescription": "The email headers to include in email messages.", + "title": "Headers", + "type": "array" }, - "Type": { - "markdownDescription": "For detailed descriptions of each of the transformation types, see [Text transformations](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-transformation.html) in the *AWS WAF Developer Guide* .", - "title": "Type", + "Subject": { + "markdownDescription": "The subject line, or title, to use in email messages.", + "title": "Subject", "type": "string" } }, "required": [ - "Priority", - "Type" + "Body", + "Headers", + "Subject" ], "type": "object" }, - "AWS::WAFv2::WebACL.VisibilityConfig": { + "AWS::Wisdom::MessageTemplate.EmailMessageTemplateContentBody": { "additionalProperties": false, "properties": { - "CloudWatchMetricsEnabled": { - "markdownDescription": "Indicates whether the associated resource sends metrics to Amazon CloudWatch. For the list of available metrics, see [AWS WAF Metrics](https://docs.aws.amazon.com/waf/latest/developerguide/monitoring-cloudwatch.html#waf-metrics) in the *AWS WAF Developer Guide* .\n\nFor web ACLs, the metrics are for web requests that have the web ACL default action applied. AWS WAF applies the default action to web requests that pass the inspection of all rules in the web ACL without being either allowed or blocked. For more information,\nsee [The web ACL default action](https://docs.aws.amazon.com/waf/latest/developerguide/web-acl-default-action.html) in the *AWS WAF Developer Guide* .", - "title": "CloudWatchMetricsEnabled", - "type": "boolean" + "Html": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.MessageTemplateBodyContentProvider", + "markdownDescription": "The message body, in HTML format, to use in email messages that are based on the message template. We recommend using HTML format for email clients that render HTML content. You can include links, formatted text, and more in an HTML message.", + "title": "Html" }, - "MetricName": { - "markdownDescription": "A name of the Amazon CloudWatch metric dimension. The name can contain only the characters: A-Z, a-z, 0-9, - (hyphen), and _ (underscore). The name can be from one to 128 characters long. It can't contain whitespace or metric names that are reserved for AWS WAF , for example `All` and `Default_Action` .", - "title": "MetricName", + "PlainText": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.MessageTemplateBodyContentProvider", + "markdownDescription": "The message body, in plain text format, to use in email messages that are based on the message template. We recommend using plain text format for email clients that don't render HTML content and clients that are connected to high-latency networks, such as mobile devices.", + "title": "PlainText" + } + }, + "type": "object" + }, + "AWS::Wisdom::MessageTemplate.EmailMessageTemplateHeader": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the email header.", + "title": "Name", "type": "string" }, - "SampledRequestsEnabled": { - "markdownDescription": "Indicates whether AWS WAF should store a sampling of the web requests that match the rules. You can view the sampled requests through the AWS WAF console.\n\nIf you configure data protection for the web ACL, the protection applies to the web ACL's sampled web request data.\n\n> Request sampling doesn't provide a field redaction option, and any field redaction that you specify in your logging configuration doesn't affect sampling. You can only exclude fields from request sampling by disabling sampling in the web ACL visibility configuration or by configuring data protection for the web ACL.", - "title": "SampledRequestsEnabled", - "type": "boolean" + "Value": { + "markdownDescription": "The value of the email header.", + "title": "Value", + "type": "string" } }, - "required": [ - "CloudWatchMetricsEnabled", - "MetricName", - "SampledRequestsEnabled" - ], "type": "object" }, - "AWS::WAFv2::WebACL.XssMatchStatement": { + "AWS::Wisdom::MessageTemplate.GroupingConfiguration": { "additionalProperties": false, "properties": { - "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToMatch", - "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", - "title": "FieldToMatch" + "Criteria": { + "markdownDescription": "The criteria used for grouping Amazon Q in Connect users.\n\nThe following is the list of supported criteria values.\n\n- `RoutingProfileArn` : Grouping the users by their [Amazon Connect routing profile ARN](https://docs.aws.amazon.com/connect/latest/APIReference/API_RoutingProfile.html) . User should have [SearchRoutingProfile](https://docs.aws.amazon.com/connect/latest/APIReference/API_SearchRoutingProfiles.html) and [DescribeRoutingProfile](https://docs.aws.amazon.com/connect/latest/APIReference/API_DescribeRoutingProfile.html) permissions when setting criteria to this value.", + "title": "Criteria", + "type": "string" }, - "TextTransformations": { + "Values": { "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" + "type": "string" }, - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", - "title": "TextTransformations", + "markdownDescription": "The list of values that define different groups of Amazon Q in Connect users.\n\n- When setting `criteria` to `RoutingProfileArn` , you need to provide a list of ARNs of [Amazon Connect routing profiles](https://docs.aws.amazon.com/connect/latest/APIReference/API_RoutingProfile.html) as values of this parameter.", + "title": "Values", "type": "array" } }, "required": [ - "FieldToMatch", - "TextTransformations" + "Criteria", + "Values" ], "type": "object" }, - "AWS::WAFv2::WebACLAssociation": { + "AWS::Wisdom::MessageTemplate.MessageTemplateAttachment": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "AttachmentId": { + "markdownDescription": "The identifier of the attachment file.", + "title": "AttachmentId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource to associate with the web ACL.\n\nThe ARN must be in one of the following formats:\n\n- For an Application Load Balancer: `arn: *partition* :elasticloadbalancing: *region* : *account-id* :loadbalancer/app/ *load-balancer-name* / *load-balancer-id*`\n- For an Amazon API Gateway REST API: `arn: *partition* :apigateway: *region* ::/restapis/ *api-id* /stages/ *stage-name*`\n- For an AWS AppSync GraphQL API: `arn: *partition* :appsync: *region* : *account-id* :apis/ *GraphQLApiId*`\n- For an Amazon Cognito user pool: `arn: *partition* :cognito-idp: *region* : *account-id* :userpool/ *user-pool-id*`\n- For an AWS App Runner service: `arn: *partition* :apprunner: *region* : *account-id* :service/ *apprunner-service-name* / *apprunner-service-id*`\n- For an AWS Verified Access instance: `arn: *partition* :ec2: *region* : *account-id* :verified-access-instance/ *instance-id*`\n- For an AWS Amplify instance: `arn: *partition* :amplify: *region* : *account-id* :apps/ *app-id*`", - "title": "ResourceArn", - "type": "string" - }, - "WebACLArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the web ACL that you want to associate with the resource.", - "title": "WebACLArn", - "type": "string" - } - }, - "required": [ - "ResourceArn", - "WebACLArn" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::WAFv2::WebACLAssociation" - ], + "AttachmentName": { + "markdownDescription": "The name of the attachment file being uploaded. The name should include the file extension.", + "title": "AttachmentName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "S3PresignedUrl": { + "markdownDescription": "The S3 Presigned URL for the attachment file. When generating the PreSignedUrl, please ensure that the expires-in time is set to 30 minutes. The URL can be generated through the AWS Console or through the AWS CLI. For more information, see [Sharing objects with presigned URLs](https://docs.aws.amazon.com/AmazonS3/latest/userguide/ShareObjectPreSignedURL.html) .", + "title": "S3PresignedUrl", "type": "string" } }, "required": [ - "Type", - "Properties" + "AttachmentName", + "S3PresignedUrl" ], "type": "object" }, - "AWS::Wisdom::Assistant": { + "AWS::Wisdom::MessageTemplate.MessageTemplateAttributes": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "AgentAttributes": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.AgentAttributes", + "markdownDescription": "The agent attributes that are used with the message template.", + "title": "AgentAttributes" }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The description of the assistant.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the assistant.", - "title": "Name", - "type": "string" - }, - "ServerSideEncryptionConfiguration": { - "$ref": "#/definitions/AWS::Wisdom::Assistant.ServerSideEncryptionConfiguration", - "markdownDescription": "The configuration information for the customer managed key used for encryption. The customer managed key must have a policy that allows `kms:CreateGrant` and `kms:DescribeKey` permissions to the IAM identity using the key to invoke Wisdom. To use Wisdom with chat, the key policy must also allow `kms:Decrypt` , `kms:GenerateDataKey*` , and `kms:DescribeKey` permissions to the `connect.amazonaws.com` service principal. For more information about setting up a customer managed key for Wisdom, see [Enable Amazon Connect Wisdom for your instance](https://docs.aws.amazon.com/connect/latest/adminguide/enable-wisdom.html) .", - "title": "ServerSideEncryptionConfiguration" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags used to organize, track, or control access for this resource.", - "title": "Tags", - "type": "array" - }, - "Type": { - "markdownDescription": "The type of assistant.", - "title": "Type", + "CustomAttributes": { + "additionalProperties": true, + "markdownDescription": "The custom attributes that are used with the message template.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { "type": "string" } }, - "required": [ - "Name", - "Type" - ], + "title": "CustomAttributes", "type": "object" }, - "Type": { - "enum": [ - "AWS::Wisdom::Assistant" - ], - "type": "string" + "CustomerProfileAttributes": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.CustomerProfileAttributes", + "markdownDescription": "The customer profile attributes that are used with the message template.", + "title": "CustomerProfileAttributes" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SystemAttributes": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.SystemAttributes", + "markdownDescription": "The system attributes that are used with the message template.", + "title": "SystemAttributes" + } + }, + "type": "object" + }, + "AWS::Wisdom::MessageTemplate.MessageTemplateBodyContentProvider": { + "additionalProperties": false, + "properties": { + "Content": { + "markdownDescription": "The content of the message template.", + "title": "Content", "type": "string" } }, + "type": "object" + }, + "AWS::Wisdom::MessageTemplate.SmsMessageTemplateContent": { + "additionalProperties": false, + "properties": { + "Body": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.SmsMessageTemplateContentBody", + "markdownDescription": "The body to use in SMS messages.", + "title": "Body" + } + }, "required": [ - "Type", - "Properties" + "Body" ], "type": "object" }, - "AWS::Wisdom::Assistant.ServerSideEncryptionConfiguration": { + "AWS::Wisdom::MessageTemplate.SmsMessageTemplateContentBody": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "The customer managed key used for encryption. The customer managed key must have a policy that allows `kms:CreateGrant` and `kms:DescribeKey` permissions to the IAM identity using the key to invoke Wisdom. To use Wisdom with chat, the key policy must also allow `kms:Decrypt` , `kms:GenerateDataKey*` , and `kms:DescribeKey` permissions to the `connect.amazonaws.com` service principal. For more information about setting up a customer managed key for Wisdom, see [Enable Amazon Connect Wisdom for your instance](https://docs.aws.amazon.com/connect/latest/adminguide/enable-wisdom.html) . For information about valid ID values, see [Key identifiers (KeyId)](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id) in the *AWS Key Management Service Developer Guide* .", - "title": "KmsKeyId", + "PlainText": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.MessageTemplateBodyContentProvider", + "markdownDescription": "The message body to use in SMS messages.", + "title": "PlainText" + } + }, + "type": "object" + }, + "AWS::Wisdom::MessageTemplate.SystemAttributes": { + "additionalProperties": false, + "properties": { + "CustomerEndpoint": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.SystemEndpointAttributes", + "markdownDescription": "The CustomerEndpoint attribute.", + "title": "CustomerEndpoint" + }, + "Name": { + "markdownDescription": "The name of the task.", + "title": "Name", "type": "string" + }, + "SystemEndpoint": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.SystemEndpointAttributes", + "markdownDescription": "The SystemEndpoint attribute.", + "title": "SystemEndpoint" } }, "type": "object" }, - "AWS::Wisdom::AssistantAssociation": { + "AWS::Wisdom::MessageTemplate.SystemEndpointAttributes": { + "additionalProperties": false, + "properties": { + "Address": { + "markdownDescription": "The customer's phone number if used with `customerEndpoint` , or the number the customer dialed to call your contact center if used with `systemEndpoint` .", + "title": "Address", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Wisdom::MessageTemplateVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -271480,40 +324218,25 @@ "Properties": { "additionalProperties": false, "properties": { - "AssistantId": { - "markdownDescription": "The identifier of the Wisdom assistant.", - "title": "AssistantId", + "MessageTemplateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the message template.", + "title": "MessageTemplateArn", "type": "string" }, - "Association": { - "$ref": "#/definitions/AWS::Wisdom::AssistantAssociation.AssociationData", - "markdownDescription": "The identifier of the associated resource.", - "title": "Association" - }, - "AssociationType": { - "markdownDescription": "The type of association.", - "title": "AssociationType", + "MessageTemplateContentSha256": { + "markdownDescription": "The content SHA256 of the message template.", + "title": "MessageTemplateContentSha256", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags used to organize, track, or control access for this resource.", - "title": "Tags", - "type": "array" } }, "required": [ - "AssistantId", - "Association", - "AssociationType" + "MessageTemplateArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Wisdom::AssistantAssociation" + "AWS::Wisdom::MessageTemplateVersion" ], "type": "string" }, @@ -271532,21 +324255,7 @@ ], "type": "object" }, - "AWS::Wisdom::AssistantAssociation.AssociationData": { - "additionalProperties": false, - "properties": { - "KnowledgeBaseId": { - "markdownDescription": "The identifier of the knowledge base.", - "title": "KnowledgeBaseId", - "type": "string" - } - }, - "required": [ - "KnowledgeBaseId" - ], - "type": "object" - }, - "AWS::Wisdom::KnowledgeBase": { + "AWS::Wisdom::QuickResponse": { "additionalProperties": false, "properties": { "Condition": { @@ -271581,35 +324290,58 @@ "Properties": { "additionalProperties": false, "properties": { + "Channels": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Connect contact channels this quick response applies to. The supported contact channel types include `Chat` .", + "title": "Channels", + "type": "array" + }, + "Content": { + "$ref": "#/definitions/AWS::Wisdom::QuickResponse.QuickResponseContentProvider", + "markdownDescription": "The content of the quick response.", + "title": "Content" + }, + "ContentType": { + "markdownDescription": "The media type of the quick response content.\n\n- Use `application/x.quickresponse;format=plain` for quick response written in plain text.\n- Use `application/x.quickresponse;format=markdown` for quick response written in richtext.", + "title": "ContentType", + "type": "string" + }, "Description": { - "markdownDescription": "The description.", + "markdownDescription": "The description of the quick response.", "title": "Description", "type": "string" }, - "KnowledgeBaseType": { - "markdownDescription": "The type of knowledge base. Only CUSTOM knowledge bases allow you to upload your own content. EXTERNAL knowledge bases support integrations with third-party systems whose content is synchronized automatically.", - "title": "KnowledgeBaseType", + "GroupingConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::QuickResponse.GroupingConfiguration", + "markdownDescription": "The configuration information of the user groups that the quick response is accessible to.", + "title": "GroupingConfiguration" + }, + "IsActive": { + "markdownDescription": "Whether the quick response is active.", + "title": "IsActive", + "type": "boolean" + }, + "KnowledgeBaseArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the knowledge base.", + "title": "KnowledgeBaseArn", + "type": "string" + }, + "Language": { + "markdownDescription": "The language code value for the language in which the quick response is written. The supported language codes include `de_DE` , `en_US` , `es_ES` , `fr_FR` , `id_ID` , `it_IT` , `ja_JP` , `ko_KR` , `pt_BR` , `zh_CN` , `zh_TW`", + "title": "Language", "type": "string" }, "Name": { - "markdownDescription": "The name of the knowledge base.", + "markdownDescription": "The name of the quick response.", "title": "Name", "type": "string" }, - "RenderingConfiguration": { - "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.RenderingConfiguration", - "markdownDescription": "Information about how to render the content.", - "title": "RenderingConfiguration" - }, - "ServerSideEncryptionConfiguration": { - "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.ServerSideEncryptionConfiguration", - "markdownDescription": "This customer managed key must have a policy that allows `kms:CreateGrant` and `kms:DescribeKey` permissions to the IAM identity using the key to invoke Wisdom. For more information about setting up a customer managed key for Wisdom, see [Enable Amazon Connect Wisdom for your instance](https://docs.aws.amazon.com/connect/latest/adminguide/enable-wisdom.html) . For information about valid ID values, see [Key identifiers (KeyId)](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id) in the *AWS Key Management Service Developer Guide* .", - "title": "ServerSideEncryptionConfiguration" - }, - "SourceConfiguration": { - "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.SourceConfiguration", - "markdownDescription": "The source of the knowledge base content. Only set this argument for EXTERNAL or Managed knowledge bases.", - "title": "SourceConfiguration" + "ShortcutKey": { + "markdownDescription": "The shortcut key of the quick response. The value should be unique across the knowledge base.", + "title": "ShortcutKey", + "type": "string" }, "Tags": { "items": { @@ -271621,14 +324353,15 @@ } }, "required": [ - "KnowledgeBaseType", + "Content", + "KnowledgeBaseArn", "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Wisdom::KnowledgeBase" + "AWS::Wisdom::QuickResponse" ], "type": "string" }, @@ -271647,62 +324380,54 @@ ], "type": "object" }, - "AWS::Wisdom::KnowledgeBase.AppIntegrationsConfiguration": { + "AWS::Wisdom::QuickResponse.GroupingConfiguration": { "additionalProperties": false, "properties": { - "AppIntegrationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AppIntegrations DataIntegration to use for ingesting content.\n\n- For [Salesforce](https://docs.aws.amazon.com/https://developer.salesforce.com/docs/atlas.en-us.knowledge_dev.meta/knowledge_dev/sforce_api_objects_knowledge__kav.htm) , your AppIntegrations DataIntegration must have an ObjectConfiguration if objectFields is not provided, including at least `Id` , `ArticleNumber` , `VersionNumber` , `Title` , `PublishStatus` , and `IsDeleted` as source fields.\n- For [ServiceNow](https://docs.aws.amazon.com/https://developer.servicenow.com/dev.do#!/reference/api/rome/rest/knowledge-management-api) , your AppIntegrations DataIntegration must have an ObjectConfiguration if objectFields is not provided, including at least `number` , `short_description` , `sys_mod_count` , `workflow_state` , and `active` as source fields.\n- For [Zendesk](https://docs.aws.amazon.com/https://developer.zendesk.com/api-reference/help_center/help-center-api/articles/) , your AppIntegrations DataIntegration must have an ObjectConfiguration if `objectFields` is not provided, including at least `id` , `title` , `updated_at` , and `draft` as source fields.\n- For [SharePoint](https://docs.aws.amazon.com/https://learn.microsoft.com/en-us/sharepoint/dev/sp-add-ins/sharepoint-net-server-csom-jsom-and-rest-api-index) , your AppIntegrations DataIntegration must have a FileConfiguration, including only file extensions that are among `docx` , `pdf` , `html` , `htm` , and `txt` .\n- For [Amazon S3](https://docs.aws.amazon.com/s3/) , the ObjectConfiguration and FileConfiguration of your AppIntegrations DataIntegration must be null. The `SourceURI` of your DataIntegration must use the following format: `s3://your_s3_bucket_name` .\n\n> The bucket policy of the corresponding S3 bucket must allow the AWS principal `app-integrations.amazonaws.com` to perform `s3:ListBucket` , `s3:GetObject` , and `s3:GetBucketLocation` against the bucket.", - "title": "AppIntegrationArn", + "Criteria": { + "markdownDescription": "The criteria used for grouping Amazon Q in Connect users.\n\nThe following is the list of supported criteria values.\n\n- `RoutingProfileArn` : Grouping the users by their [Amazon Connect routing profile ARN](https://docs.aws.amazon.com/connect/latest/APIReference/API_RoutingProfile.html) . User should have [SearchRoutingProfile](https://docs.aws.amazon.com/connect/latest/APIReference/API_SearchRoutingProfiles.html) and [DescribeRoutingProfile](https://docs.aws.amazon.com/connect/latest/APIReference/API_DescribeRoutingProfile.html) permissions when setting criteria to this value.", + "title": "Criteria", "type": "string" }, - "ObjectFields": { + "Values": { "items": { "type": "string" }, - "markdownDescription": "The fields from the source that are made available to your agents in Amazon Q in Connect. Optional if ObjectConfiguration is included in the provided DataIntegration.\n\n- For [Salesforce](https://docs.aws.amazon.com/https://developer.salesforce.com/docs/atlas.en-us.knowledge_dev.meta/knowledge_dev/sforce_api_objects_knowledge__kav.htm) , you must include at least `Id` , `ArticleNumber` , `VersionNumber` , `Title` , `PublishStatus` , and `IsDeleted` .\n- For [ServiceNow](https://docs.aws.amazon.com/https://developer.servicenow.com/dev.do#!/reference/api/rome/rest/knowledge-management-api) , you must include at least `number` , `short_description` , `sys_mod_count` , `workflow_state` , and `active` .\n- For [Zendesk](https://docs.aws.amazon.com/https://developer.zendesk.com/api-reference/help_center/help-center-api/articles/) , you must include at least `id` , `title` , `updated_at` , and `draft` .\n\nMake sure to include additional fields. These fields are indexed and used to source recommendations.", - "title": "ObjectFields", + "markdownDescription": "The list of values that define different groups of Amazon Q in Connect users.\n\n- When setting `criteria` to `RoutingProfileArn` , you need to provide a list of ARNs of [Amazon Connect routing profiles](https://docs.aws.amazon.com/connect/latest/APIReference/API_RoutingProfile.html) as values of this parameter.", + "title": "Values", "type": "array" } }, "required": [ - "AppIntegrationArn" + "Criteria", + "Values" ], "type": "object" }, - "AWS::Wisdom::KnowledgeBase.RenderingConfiguration": { - "additionalProperties": false, - "properties": { - "TemplateUri": { - "markdownDescription": "A URI template containing exactly one variable in `${variableName}` format. This can only be set for `EXTERNAL` knowledge bases. For Salesforce, ServiceNow, and Zendesk, the variable must be one of the following:\n\n- Salesforce: `Id` , `ArticleNumber` , `VersionNumber` , `Title` , `PublishStatus` , or `IsDeleted`\n- ServiceNow: `number` , `short_description` , `sys_mod_count` , `workflow_state` , or `active`\n- Zendesk: `id` , `title` , `updated_at` , or `draft`\n\nThe variable is replaced with the actual value for a piece of content when calling [GetContent](https://docs.aws.amazon.com/amazon-q-connect/latest/APIReference/API_GetContent.html) .", - "title": "TemplateUri", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Wisdom::KnowledgeBase.ServerSideEncryptionConfiguration": { + "AWS::Wisdom::QuickResponse.QuickResponseContentProvider": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "The customer managed key used for encryption.\n\nThis customer managed key must have a policy that allows `kms:CreateGrant` and `kms:DescribeKey` permissions to the IAM identity using the key to invoke Wisdom.\n\nFor more information about setting up a customer managed key for Wisdom, see [Enable Amazon Connect Wisdom for your instance](https://docs.aws.amazon.com/connect/latest/adminguide/enable-wisdom.html) . For information about valid ID values, see [Key identifiers (KeyId)](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id) .", - "title": "KmsKeyId", + "Content": { + "markdownDescription": "The content of the quick response.", + "title": "Content", "type": "string" } }, "type": "object" }, - "AWS::Wisdom::KnowledgeBase.SourceConfiguration": { + "AWS::Wisdom::QuickResponse.QuickResponseContents": { "additionalProperties": false, "properties": { - "AppIntegrations": { - "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.AppIntegrationsConfiguration", - "markdownDescription": "Configuration information for Amazon AppIntegrations to automatically ingest content.", - "title": "AppIntegrations" + "Markdown": { + "$ref": "#/definitions/AWS::Wisdom::QuickResponse.QuickResponseContentProvider", + "markdownDescription": "The quick response content in markdown format.", + "title": "Markdown" + }, + "PlainText": { + "$ref": "#/definitions/AWS::Wisdom::QuickResponse.QuickResponseContentProvider", + "markdownDescription": "The quick response content in plaintext format.", + "title": "PlainText" } }, - "required": [ - "AppIntegrations" - ], "type": "object" }, "AWS::WorkSpaces::ConnectionAlias": { @@ -271944,6 +324669,165 @@ }, "type": "object" }, + "AWS::WorkSpaces::WorkspacesPool": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationSettings": { + "$ref": "#/definitions/AWS::WorkSpaces::WorkspacesPool.ApplicationSettings", + "markdownDescription": "The persistent application settings for users of the pool.", + "title": "ApplicationSettings" + }, + "BundleId": { + "markdownDescription": "The identifier of the bundle used by the pool.", + "title": "BundleId", + "type": "string" + }, + "Capacity": { + "$ref": "#/definitions/AWS::WorkSpaces::WorkspacesPool.Capacity", + "markdownDescription": "Describes the user capacity for the pool.", + "title": "Capacity" + }, + "Description": { + "markdownDescription": "The description of the pool.", + "title": "Description", + "type": "string" + }, + "DirectoryId": { + "markdownDescription": "The identifier of the directory used by the pool.", + "title": "DirectoryId", + "type": "string" + }, + "PoolName": { + "markdownDescription": "The name of the pool.", + "title": "PoolName", + "type": "string" + }, + "RunningMode": { + "markdownDescription": "The running mode of the pool.", + "title": "RunningMode", + "type": "string" + }, + "TimeoutSettings": { + "$ref": "#/definitions/AWS::WorkSpaces::WorkspacesPool.TimeoutSettings", + "markdownDescription": "The amount of time that a pool session remains active after users disconnect. If they try to reconnect to the pool session after a disconnection or network interruption within this time interval, they are connected to their previous session. Otherwise, they are connected to a new session with a new pool instance.", + "title": "TimeoutSettings" + } + }, + "required": [ + "BundleId", + "Capacity", + "DirectoryId", + "PoolName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::WorkSpaces::WorkspacesPool" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::WorkSpaces::WorkspacesPool.ApplicationSettings": { + "additionalProperties": false, + "properties": { + "SettingsGroup": { + "markdownDescription": "The path prefix for the S3 bucket where users\u2019 persistent application settings are stored.", + "title": "SettingsGroup", + "type": "string" + }, + "Status": { + "markdownDescription": "Enables or disables persistent application settings for users during their pool sessions.", + "title": "Status", + "type": "string" + } + }, + "required": [ + "Status" + ], + "type": "object" + }, + "AWS::WorkSpaces::WorkspacesPool.Capacity": { + "additionalProperties": false, + "properties": { + "DesiredUserSessions": { + "markdownDescription": "The desired number of user sessions for the WorkSpaces in the pool.", + "title": "DesiredUserSessions", + "type": "number" + } + }, + "required": [ + "DesiredUserSessions" + ], + "type": "object" + }, + "AWS::WorkSpaces::WorkspacesPool.TimeoutSettings": { + "additionalProperties": false, + "properties": { + "DisconnectTimeoutInSeconds": { + "markdownDescription": "Specifies the amount of time, in seconds, that a streaming session remains active after users disconnect. If users try to reconnect to the streaming session after a disconnection or network interruption within the time set, they are connected to their previous session. Otherwise, they are connected to a new session with a new streaming instance.", + "title": "DisconnectTimeoutInSeconds", + "type": "number" + }, + "IdleDisconnectTimeoutInSeconds": { + "markdownDescription": "The amount of time in seconds a connection will stay active while idle.", + "title": "IdleDisconnectTimeoutInSeconds", + "type": "number" + }, + "MaxUserDurationInSeconds": { + "markdownDescription": "Specifies the maximum amount of time, in seconds, that a streaming session can remain active. If users are still connected to a streaming instance five minutes before this limit is reached, they are prompted to save any open documents before being disconnected. After this time elapses, the instance is terminated and replaced by a new instance.", + "title": "MaxUserDurationInSeconds", + "type": "number" + } + }, + "type": "object" + }, "AWS::WorkSpacesThinClient::Environment": { "additionalProperties": false, "properties": { @@ -271994,6 +324878,14 @@ "title": "DesktopEndpoint", "type": "string" }, + "DeviceCreationTags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to the newly created devices for this environment.", + "title": "DeviceCreationTags", + "type": "array" + }, "KmsKeyArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Key Management Service key used to encrypt the environment.", "title": "KmsKeyArn", @@ -272188,6 +325080,235 @@ ], "type": "object" }, + "AWS::WorkSpacesWeb::DataProtectionSettings": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AdditionalEncryptionContext": { + "additionalProperties": true, + "markdownDescription": "The additional encryption context of the data protection settings.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AdditionalEncryptionContext", + "type": "object" + }, + "CustomerManagedKey": { + "markdownDescription": "The customer managed key used to encrypt sensitive information in the data protection settings.", + "title": "CustomerManagedKey", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the data protection settings.", + "title": "Description", + "type": "string" + }, + "DisplayName": { + "markdownDescription": "The display name of the data protection settings.", + "title": "DisplayName", + "type": "string" + }, + "InlineRedactionConfiguration": { + "$ref": "#/definitions/AWS::WorkSpacesWeb::DataProtectionSettings.InlineRedactionConfiguration", + "markdownDescription": "The inline redaction configuration for the data protection settings.", + "title": "InlineRedactionConfiguration" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags of the data protection settings.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::WorkSpacesWeb::DataProtectionSettings" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::WorkSpacesWeb::DataProtectionSettings.CustomPattern": { + "additionalProperties": false, + "properties": { + "KeywordRegex": { + "markdownDescription": "The keyword regex for the customer pattern. After there is a match to the pattern regex, the keyword regex is used to search within the proximity of the match. If there is a keyword match, then the match is confirmed. If no keyword regex is provided, the pattern regex match will automatically be confirmed. The format must follow JavaScript regex format. The pattern must be enclosed between slashes, and can have flags behind the second slash. For example, \u201c/ab+c/gi\u201d", + "title": "KeywordRegex", + "type": "string" + }, + "PatternDescription": { + "markdownDescription": "The pattern description for the customer pattern.", + "title": "PatternDescription", + "type": "string" + }, + "PatternName": { + "markdownDescription": "The pattern name for the custom pattern.", + "title": "PatternName", + "type": "string" + }, + "PatternRegex": { + "markdownDescription": "The pattern regex for the customer pattern. The format must follow JavaScript regex format. The pattern must be enclosed between slashes, and can have flags behind the second slash. For example: \u201c/ab+c/gi\u201d.", + "title": "PatternRegex", + "type": "string" + } + }, + "required": [ + "PatternName", + "PatternRegex" + ], + "type": "object" + }, + "AWS::WorkSpacesWeb::DataProtectionSettings.InlineRedactionConfiguration": { + "additionalProperties": false, + "properties": { + "GlobalConfidenceLevel": { + "markdownDescription": "The global confidence level for the inline redaction configuration. This indicates the certainty of data type matches in the redaction process. Confidence level 3 means high confidence, and requires a formatted text pattern match in order for content to be redacted. Confidence level 2 means medium confidence, and redaction considers both formatted and unformatted text, and adds keyword associate to the logic. Confidence level 1 means low confidence, and redaction is enforced for both formatted pattern + unformatted pattern without keyword. This is applied to patterns that do not have a pattern-level confidence level. Defaults to confidence level 2.", + "title": "GlobalConfidenceLevel", + "type": "number" + }, + "GlobalEnforcedUrls": { + "items": { + "type": "string" + }, + "markdownDescription": "The global enforced URL configuration for the inline redaction configuration. This is applied to patterns that do not have a pattern-level enforced URL list.", + "title": "GlobalEnforcedUrls", + "type": "array" + }, + "GlobalExemptUrls": { + "items": { + "type": "string" + }, + "markdownDescription": "The global exempt URL configuration for the inline redaction configuration. This is applied to patterns that do not have a pattern-level exempt URL list.", + "title": "GlobalExemptUrls", + "type": "array" + }, + "InlineRedactionPatterns": { + "items": { + "$ref": "#/definitions/AWS::WorkSpacesWeb::DataProtectionSettings.InlineRedactionPattern" + }, + "markdownDescription": "The inline redaction patterns to be enabled for the inline redaction configuration.", + "title": "InlineRedactionPatterns", + "type": "array" + } + }, + "required": [ + "InlineRedactionPatterns" + ], + "type": "object" + }, + "AWS::WorkSpacesWeb::DataProtectionSettings.InlineRedactionPattern": { + "additionalProperties": false, + "properties": { + "BuiltInPatternId": { + "markdownDescription": "The built-in pattern from the list of preconfigured patterns. Either a customPattern or builtInPatternId is required. To view the entire list of data types and their corresponding built-in pattern IDs, see [Base inline redaction](https://docs.aws.amazon.com/workspaces-web/latest/adminguide/base-inline-redaction.html) .", + "title": "BuiltInPatternId", + "type": "string" + }, + "ConfidenceLevel": { + "markdownDescription": "The confidence level for inline redaction pattern. This indicates the certainty of data type matches in the redaction process. Confidence level 3 means high confidence, and requires a formatted text pattern match in order for content to be redacted. Confidence level 2 means medium confidence, and redaction considers both formatted and unformatted text, and adds keyword associate to the logic. Confidence level 1 means low confidence, and redaction is enforced for both formatted pattern + unformatted pattern without keyword. This overrides the global confidence level.", + "title": "ConfidenceLevel", + "type": "number" + }, + "CustomPattern": { + "$ref": "#/definitions/AWS::WorkSpacesWeb::DataProtectionSettings.CustomPattern", + "markdownDescription": "The configuration for a custom pattern. Either a customPattern or builtInPatternId is required.", + "title": "CustomPattern" + }, + "EnforcedUrls": { + "items": { + "type": "string" + }, + "markdownDescription": "The enforced URL configuration for the inline redaction pattern. This will override the global enforced URL configuration.", + "title": "EnforcedUrls", + "type": "array" + }, + "ExemptUrls": { + "items": { + "type": "string" + }, + "markdownDescription": "The exempt URL configuration for the inline redaction pattern. This will override the global exempt URL configuration for the inline redaction pattern.", + "title": "ExemptUrls", + "type": "array" + }, + "RedactionPlaceHolder": { + "$ref": "#/definitions/AWS::WorkSpacesWeb::DataProtectionSettings.RedactionPlaceHolder", + "markdownDescription": "The redaction placeholder that will replace the redacted text in session for the inline redaction pattern.", + "title": "RedactionPlaceHolder" + } + }, + "required": [ + "RedactionPlaceHolder" + ], + "type": "object" + }, + "AWS::WorkSpacesWeb::DataProtectionSettings.RedactionPlaceHolder": { + "additionalProperties": false, + "properties": { + "RedactionPlaceHolderText": { + "markdownDescription": "The redaction placeholder text that will replace the redacted text in session for the custom text redaction placeholder type.", + "title": "RedactionPlaceHolderText", + "type": "string" + }, + "RedactionPlaceHolderType": { + "markdownDescription": "The redaction placeholder type that will replace the redacted text in session.", + "title": "RedactionPlaceHolderType", + "type": "string" + } + }, + "required": [ + "RedactionPlaceHolderType" + ], + "type": "object" + }, "AWS::WorkSpacesWeb::IdentityProvider": { "additionalProperties": false, "properties": { @@ -272248,6 +325369,14 @@ "markdownDescription": "The ARN of the identity provider.", "title": "PortalArn", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" } }, "required": [ @@ -272555,6 +325684,11 @@ "title": "CustomerManagedKey", "type": "string" }, + "DataProtectionSettingsArn": { + "markdownDescription": "The ARN of the data protection settings.", + "title": "DataProtectionSettingsArn", + "type": "string" + }, "DisplayName": { "markdownDescription": "The name of the web portal.", "title": "DisplayName", @@ -272814,83 +325948,422 @@ "Properties": { "additionalProperties": false, "properties": { - "AdditionalEncryptionContext": { - "additionalProperties": true, - "markdownDescription": "The additional encryption context of the user settings.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "AdditionalEncryptionContext", - "type": "object" - }, - "CookieSynchronizationConfiguration": { - "$ref": "#/definitions/AWS::WorkSpacesWeb::UserSettings.CookieSynchronizationConfiguration", - "markdownDescription": "The configuration that specifies which cookies should be synchronized from the end user's local browser to the remote browser.", - "title": "CookieSynchronizationConfiguration" - }, - "CopyAllowed": { - "markdownDescription": "Specifies whether the user can copy text from the streaming session to the local device.", - "title": "CopyAllowed", - "type": "string" - }, - "CustomerManagedKey": { - "markdownDescription": "The customer managed key used to encrypt sensitive information in the user settings.", - "title": "CustomerManagedKey", - "type": "string" - }, - "DisconnectTimeoutInMinutes": { - "markdownDescription": "The amount of time that a streaming session remains active after users disconnect.", - "title": "DisconnectTimeoutInMinutes", - "type": "number" - }, - "DownloadAllowed": { - "markdownDescription": "Specifies whether the user can download files from the streaming session to the local device.", - "title": "DownloadAllowed", - "type": "string" - }, - "IdleDisconnectTimeoutInMinutes": { - "markdownDescription": "The amount of time that users can be idle (inactive) before they are disconnected from their streaming session and the disconnect timeout interval begins.", - "title": "IdleDisconnectTimeoutInMinutes", - "type": "number" - }, - "PasteAllowed": { - "markdownDescription": "Specifies whether the user can paste text from the local device to the streaming session.", - "title": "PasteAllowed", - "type": "string" - }, - "PrintAllowed": { - "markdownDescription": "Specifies whether the user can print to the local device.", - "title": "PrintAllowed", - "type": "string" + "AdditionalEncryptionContext": { + "additionalProperties": true, + "markdownDescription": "The additional encryption context of the user settings.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AdditionalEncryptionContext", + "type": "object" + }, + "CookieSynchronizationConfiguration": { + "$ref": "#/definitions/AWS::WorkSpacesWeb::UserSettings.CookieSynchronizationConfiguration", + "markdownDescription": "The configuration that specifies which cookies should be synchronized from the end user's local browser to the remote browser.", + "title": "CookieSynchronizationConfiguration" + }, + "CopyAllowed": { + "markdownDescription": "Specifies whether the user can copy text from the streaming session to the local device.", + "title": "CopyAllowed", + "type": "string" + }, + "CustomerManagedKey": { + "markdownDescription": "The customer managed key used to encrypt sensitive information in the user settings.", + "title": "CustomerManagedKey", + "type": "string" + }, + "DeepLinkAllowed": { + "markdownDescription": "Specifies whether the user can use deep links that open automatically when connecting to a session.", + "title": "DeepLinkAllowed", + "type": "string" + }, + "DisconnectTimeoutInMinutes": { + "markdownDescription": "The amount of time that a streaming session remains active after users disconnect.", + "title": "DisconnectTimeoutInMinutes", + "type": "number" + }, + "DownloadAllowed": { + "markdownDescription": "Specifies whether the user can download files from the streaming session to the local device.", + "title": "DownloadAllowed", + "type": "string" + }, + "IdleDisconnectTimeoutInMinutes": { + "markdownDescription": "The amount of time that users can be idle (inactive) before they are disconnected from their streaming session and the disconnect timeout interval begins.", + "title": "IdleDisconnectTimeoutInMinutes", + "type": "number" + }, + "PasteAllowed": { + "markdownDescription": "Specifies whether the user can paste text from the local device to the streaming session.", + "title": "PasteAllowed", + "type": "string" + }, + "PrintAllowed": { + "markdownDescription": "Specifies whether the user can print to the local device.", + "title": "PrintAllowed", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to add to the user settings resource. A tag is a key-value pair.", + "title": "Tags", + "type": "array" + }, + "ToolbarConfiguration": { + "$ref": "#/definitions/AWS::WorkSpacesWeb::UserSettings.ToolbarConfiguration", + "markdownDescription": "The configuration of the toolbar. This allows administrators to select the toolbar type and visual mode, set maximum display resolution for sessions, and choose which items are visible to end users during their sessions. If administrators do not modify these settings, end users retain control over their toolbar preferences.", + "title": "ToolbarConfiguration" + }, + "UploadAllowed": { + "markdownDescription": "Specifies whether the user can upload files from the local device to the streaming session.", + "title": "UploadAllowed", + "type": "string" + } + }, + "required": [ + "CopyAllowed", + "DownloadAllowed", + "PasteAllowed", + "PrintAllowed", + "UploadAllowed" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::WorkSpacesWeb::UserSettings" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::WorkSpacesWeb::UserSettings.CookieSpecification": { + "additionalProperties": false, + "properties": { + "Domain": { + "markdownDescription": "The domain of the cookie.", + "title": "Domain", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the cookie.", + "title": "Name", + "type": "string" + }, + "Path": { + "markdownDescription": "The path of the cookie.", + "title": "Path", + "type": "string" + } + }, + "required": [ + "Domain" + ], + "type": "object" + }, + "AWS::WorkSpacesWeb::UserSettings.CookieSynchronizationConfiguration": { + "additionalProperties": false, + "properties": { + "Allowlist": { + "items": { + "$ref": "#/definitions/AWS::WorkSpacesWeb::UserSettings.CookieSpecification" + }, + "markdownDescription": "The list of cookie specifications that are allowed to be synchronized to the remote browser.", + "title": "Allowlist", + "type": "array" + }, + "Blocklist": { + "items": { + "$ref": "#/definitions/AWS::WorkSpacesWeb::UserSettings.CookieSpecification" + }, + "markdownDescription": "The list of cookie specifications that are blocked from being synchronized to the remote browser.", + "title": "Blocklist", + "type": "array" + } + }, + "required": [ + "Allowlist" + ], + "type": "object" + }, + "AWS::WorkSpacesWeb::UserSettings.ToolbarConfiguration": { + "additionalProperties": false, + "properties": { + "HiddenToolbarItems": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of toolbar items to be hidden.", + "title": "HiddenToolbarItems", + "type": "array" + }, + "MaxDisplayResolution": { + "markdownDescription": "The maximum display resolution that is allowed for the session.", + "title": "MaxDisplayResolution", + "type": "string" + }, + "ToolbarType": { + "markdownDescription": "The type of toolbar displayed during the session.", + "title": "ToolbarType", + "type": "string" + }, + "VisualMode": { + "markdownDescription": "The visual mode of the toolbar.", + "title": "VisualMode", + "type": "string" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::Volume": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "type": "string" + }, + "Encrypted": { + "type": "boolean" + }, + "Iops": { + "type": "number" + }, + "KmsKeyId": { + "type": "string" + }, + "SizeInGB": { + "type": "number" + }, + "SnapshotId": { + "type": "string" + }, + "TagSpecifications": { + "items": { + "$ref": "#/definitions/AWS::WorkspacesInstances::Volume.TagSpecification" + }, + "type": "array" + }, + "Throughput": { + "type": "number" + }, + "VolumeType": { + "type": "string" + } + }, + "required": [ + "AvailabilityZone" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::WorkspacesInstances::Volume" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::WorkspacesInstances::Volume.TagSpecification": { + "additionalProperties": false, + "properties": { + "ResourceType": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::VolumeAssociation": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Device": { + "type": "string" + }, + "DisassociateMode": { + "type": "string" + }, + "VolumeId": { + "type": "string" + }, + "WorkspaceInstanceId": { + "type": "string" + } + }, + "required": [ + "Device", + "VolumeId", + "WorkspaceInstanceId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::WorkspacesInstances::VolumeAssociation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ManagedInstance": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.ManagedInstance" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to add to the user settings resource. A tag is a key-value pair.", - "title": "Tags", "type": "array" - }, - "UploadAllowed": { - "markdownDescription": "Specifies whether the user can upload files from the local device to the streaming session.", - "title": "UploadAllowed", - "type": "string" } }, - "required": [ - "CopyAllowed", - "DownloadAllowed", - "PasteAllowed", - "PrintAllowed", - "UploadAllowed" - ], "type": "object" }, "Type": { "enum": [ - "AWS::WorkSpacesWeb::UserSettings" + "AWS::WorkspacesInstances::WorkspaceInstance" ], "type": "string" }, @@ -272904,60 +326377,302 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::WorkSpacesWeb::UserSettings.CookieSpecification": { + "AWS::WorkspacesInstances::WorkspaceInstance.BlockDeviceMapping": { "additionalProperties": false, "properties": { - "Domain": { - "markdownDescription": "The domain of the cookie.", - "title": "Domain", + "DeviceName": { + "type": "string" + }, + "Ebs": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.EbsBlockDevice" + }, + "NoDevice": { "type": "string" }, + "VirtualName": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.CpuOptionsRequest": { + "additionalProperties": false, + "properties": { + "CoreCount": { + "type": "number" + }, + "ThreadsPerCore": { + "type": "number" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.CreditSpecificationRequest": { + "additionalProperties": false, + "properties": { + "CpuCredits": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.EC2ManagedInstance": { + "additionalProperties": false, + "properties": { + "InstanceId": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.EbsBlockDevice": { + "additionalProperties": false, + "properties": { + "Encrypted": { + "type": "boolean" + }, + "Iops": { + "type": "number" + }, + "KmsKeyId": { + "type": "string" + }, + "Throughput": { + "type": "number" + }, + "VolumeSize": { + "type": "number" + }, + "VolumeType": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.EnclaveOptionsRequest": { + "additionalProperties": false, + "properties": { + "Enabled": { + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.HibernationOptionsRequest": { + "additionalProperties": false, + "properties": { + "Configured": { + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.IamInstanceProfileSpecification": { + "additionalProperties": false, + "properties": { "Name": { - "markdownDescription": "The name of the cookie.", - "title": "Name", + "type": "string" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.InstanceMaintenanceOptionsRequest": { + "additionalProperties": false, + "properties": { + "AutoRecovery": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.InstanceMetadataOptionsRequest": { + "additionalProperties": false, + "properties": { + "HttpEndpoint": { "type": "string" }, - "Path": { - "markdownDescription": "The path of the cookie.", - "title": "Path", + "HttpProtocolIpv6": { + "type": "string" + }, + "HttpPutResponseHopLimit": { + "type": "number" + }, + "HttpTokens": { + "type": "string" + }, + "InstanceMetadataTags": { "type": "string" } }, - "required": [ - "Domain" - ], "type": "object" }, - "AWS::WorkSpacesWeb::UserSettings.CookieSynchronizationConfiguration": { + "AWS::WorkspacesInstances::WorkspaceInstance.InstanceNetworkInterfaceSpecification": { "additionalProperties": false, "properties": { - "Allowlist": { + "Description": { + "type": "string" + }, + "DeviceIndex": { + "type": "number" + }, + "Groups": { "items": { - "$ref": "#/definitions/AWS::WorkSpacesWeb::UserSettings.CookieSpecification" + "type": "string" }, - "markdownDescription": "The list of cookie specifications that are allowed to be synchronized to the remote browser.", - "title": "Allowlist", "type": "array" }, - "Blocklist": { + "SubnetId": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.InstanceNetworkPerformanceOptionsRequest": { + "additionalProperties": false, + "properties": { + "BandwidthWeighting": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.ManagedInstance": { + "additionalProperties": false, + "properties": { + "BlockDeviceMappings": { "items": { - "$ref": "#/definitions/AWS::WorkSpacesWeb::UserSettings.CookieSpecification" + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.BlockDeviceMapping" }, - "markdownDescription": "The list of cookie specifications that are blocked from being synchronized to the remote browser.", - "title": "Blocklist", "type": "array" + }, + "CpuOptions": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.CpuOptionsRequest" + }, + "CreditSpecification": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.CreditSpecificationRequest" + }, + "DisableApiStop": { + "type": "boolean" + }, + "EbsOptimized": { + "type": "boolean" + }, + "EnclaveOptions": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.EnclaveOptionsRequest" + }, + "HibernationOptions": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.HibernationOptionsRequest" + }, + "IamInstanceProfile": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.IamInstanceProfileSpecification" + }, + "ImageId": { + "type": "string" + }, + "InstanceType": { + "type": "string" + }, + "KeyName": { + "type": "string" + }, + "MaintenanceOptions": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.InstanceMaintenanceOptionsRequest" + }, + "MetadataOptions": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.InstanceMetadataOptionsRequest" + }, + "Monitoring": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.RunInstancesMonitoringEnabled" + }, + "NetworkInterfaces": { + "items": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.InstanceNetworkInterfaceSpecification" + }, + "type": "array" + }, + "NetworkPerformanceOptions": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.InstanceNetworkPerformanceOptionsRequest" + }, + "Placement": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.Placement" + }, + "PrivateDnsNameOptions": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.PrivateDnsNameOptionsRequest" + }, + "TagSpecifications": { + "items": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.TagSpecification" + }, + "type": "array" + }, + "UserData": { + "type": "string" } }, "required": [ - "Allowlist" + "ImageId", + "InstanceType" ], "type": "object" }, + "AWS::WorkspacesInstances::WorkspaceInstance.Placement": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "type": "string" + }, + "GroupName": { + "type": "string" + }, + "Tenancy": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.PrivateDnsNameOptionsRequest": { + "additionalProperties": false, + "properties": { + "EnableResourceNameDnsAAAARecord": { + "type": "boolean" + }, + "EnableResourceNameDnsARecord": { + "type": "boolean" + }, + "HostnameType": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.RunInstancesMonitoringEnabled": { + "additionalProperties": false, + "properties": { + "Enabled": { + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.TagSpecification": { + "additionalProperties": false, + "properties": { + "ResourceType": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + } + }, + "type": "object" + }, "AWS::XRay::Group": { "additionalProperties": false, "properties": { @@ -273296,6 +327011,69 @@ ], "type": "object" }, + "AWS::XRay::TransactionSearchConfig": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "IndexingPercentage": { + "markdownDescription": "", + "title": "IndexingPercentage", + "type": "number" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::XRay::TransactionSearchConfig" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, "Alexa::ASK::Skill": { "additionalProperties": false, "properties": { @@ -273654,6 +327432,9 @@ { "$ref": "#/definitions/AWS::ACMPCA::Permission" }, + { + "$ref": "#/definitions/AWS::AIOps::InvestigationGroup" + }, { "$ref": "#/definitions/AWS::APS::RuleGroupsNamespace" }, @@ -273663,6 +327444,9 @@ { "$ref": "#/definitions/AWS::APS::Workspace" }, + { + "$ref": "#/definitions/AWS::ARCZonalShift::AutoshiftObserverNotificationStatus" + }, { "$ref": "#/definitions/AWS::ARCZonalShift::ZonalAutoshiftConfiguration" }, @@ -273708,6 +327492,9 @@ { "$ref": "#/definitions/AWS::ApiGateway::BasePathMapping" }, + { + "$ref": "#/definitions/AWS::ApiGateway::BasePathMappingV2" + }, { "$ref": "#/definitions/AWS::ApiGateway::ClientCertificate" }, @@ -273723,6 +327510,12 @@ { "$ref": "#/definitions/AWS::ApiGateway::DomainName" }, + { + "$ref": "#/definitions/AWS::ApiGateway::DomainNameAccessAssociation" + }, + { + "$ref": "#/definitions/AWS::ApiGateway::DomainNameV2" + }, { "$ref": "#/definitions/AWS::ApiGateway::GatewayResponse" }, @@ -273786,6 +327579,9 @@ { "$ref": "#/definitions/AWS::ApiGatewayV2::RouteResponse" }, + { + "$ref": "#/definitions/AWS::ApiGatewayV2::RoutingRule" + }, { "$ref": "#/definitions/AWS::ApiGatewayV2::Stage" }, @@ -273909,12 +327705,18 @@ { "$ref": "#/definitions/AWS::AppStream::User" }, + { + "$ref": "#/definitions/AWS::AppSync::Api" + }, { "$ref": "#/definitions/AWS::AppSync::ApiCache" }, { "$ref": "#/definitions/AWS::AppSync::ApiKey" }, + { + "$ref": "#/definitions/AWS::AppSync::ChannelNamespace" + }, { "$ref": "#/definitions/AWS::AppSync::DataSource" }, @@ -273939,6 +327741,9 @@ { "$ref": "#/definitions/AWS::AppSync::SourceApiAssociation" }, + { + "$ref": "#/definitions/AWS::AppTest::TestCase" + }, { "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalableTarget" }, @@ -273948,6 +327753,12 @@ { "$ref": "#/definitions/AWS::ApplicationInsights::Application" }, + { + "$ref": "#/definitions/AWS::ApplicationSignals::Discovery" + }, + { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective" + }, { "$ref": "#/definitions/AWS::Athena::CapacityReservation" }, @@ -274014,6 +327825,9 @@ { "$ref": "#/definitions/AWS::Backup::Framework" }, + { + "$ref": "#/definitions/AWS::Backup::LogicallyAirGappedBackupVault" + }, { "$ref": "#/definitions/AWS::Backup::ReportPlan" }, @@ -274029,6 +327843,9 @@ { "$ref": "#/definitions/AWS::Batch::ComputeEnvironment" }, + { + "$ref": "#/definitions/AWS::Batch::ConsumableResource" + }, { "$ref": "#/definitions/AWS::Batch::JobDefinition" }, @@ -274044,15 +327861,48 @@ { "$ref": "#/definitions/AWS::Bedrock::AgentAlias" }, + { + "$ref": "#/definitions/AWS::Bedrock::ApplicationInferenceProfile" + }, + { + "$ref": "#/definitions/AWS::Bedrock::Blueprint" + }, + { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject" + }, { "$ref": "#/definitions/AWS::Bedrock::DataSource" }, + { + "$ref": "#/definitions/AWS::Bedrock::Flow" + }, + { + "$ref": "#/definitions/AWS::Bedrock::FlowAlias" + }, + { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion" + }, { "$ref": "#/definitions/AWS::Bedrock::Guardrail" }, + { + "$ref": "#/definitions/AWS::Bedrock::GuardrailVersion" + }, + { + "$ref": "#/definitions/AWS::Bedrock::IntelligentPromptRouter" + }, { "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase" }, + { + "$ref": "#/definitions/AWS::Bedrock::Prompt" + }, + { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion" + }, + { + "$ref": "#/definitions/AWS::Billing::BillingView" + }, { "$ref": "#/definitions/AWS::BillingConductor::BillingGroup" }, @@ -274089,12 +327939,18 @@ { "$ref": "#/definitions/AWS::Cassandra::Table" }, + { + "$ref": "#/definitions/AWS::Cassandra::Type" + }, { "$ref": "#/definitions/AWS::CertificateManager::Account" }, { "$ref": "#/definitions/AWS::CertificateManager::Certificate" }, + { + "$ref": "#/definitions/AWS::Chatbot::CustomAction" + }, { "$ref": "#/definitions/AWS::Chatbot::MicrosoftTeamsChannelConfiguration" }, @@ -274113,6 +327969,12 @@ { "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTableAssociation" }, + { + "$ref": "#/definitions/AWS::CleanRooms::IdMappingTable" + }, + { + "$ref": "#/definitions/AWS::CleanRooms::IdNamespaceAssociation" + }, { "$ref": "#/definitions/AWS::CleanRooms::Membership" }, @@ -274128,6 +327990,9 @@ { "$ref": "#/definitions/AWS::CloudFormation::CustomResource" }, + { + "$ref": "#/definitions/AWS::CloudFormation::GuardHook" + }, { "$ref": "#/definitions/AWS::CloudFormation::HookDefaultVersion" }, @@ -274137,6 +328002,9 @@ { "$ref": "#/definitions/AWS::CloudFormation::HookVersion" }, + { + "$ref": "#/definitions/AWS::CloudFormation::LambdaHook" + }, { "$ref": "#/definitions/AWS::CloudFormation::Macro" }, @@ -274173,18 +328041,27 @@ { "$ref": "#/definitions/AWS::CloudFormation::WaitConditionHandle" }, + { + "$ref": "#/definitions/AWS::CloudFront::AnycastIpList" + }, { "$ref": "#/definitions/AWS::CloudFront::CachePolicy" }, { "$ref": "#/definitions/AWS::CloudFront::CloudFrontOriginAccessIdentity" }, + { + "$ref": "#/definitions/AWS::CloudFront::ConnectionGroup" + }, { "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy" }, { "$ref": "#/definitions/AWS::CloudFront::Distribution" }, + { + "$ref": "#/definitions/AWS::CloudFront::DistributionTenant" + }, { "$ref": "#/definitions/AWS::CloudFront::Function" }, @@ -274215,9 +328092,15 @@ { "$ref": "#/definitions/AWS::CloudFront::StreamingDistribution" }, + { + "$ref": "#/definitions/AWS::CloudFront::VpcOrigin" + }, { "$ref": "#/definitions/AWS::CloudTrail::Channel" }, + { + "$ref": "#/definitions/AWS::CloudTrail::Dashboard" + }, { "$ref": "#/definitions/AWS::CloudTrail::EventDataStore" }, @@ -274323,6 +328206,9 @@ { "$ref": "#/definitions/AWS::Cognito::LogDeliveryConfiguration" }, + { + "$ref": "#/definitions/AWS::Cognito::ManagedLoginBranding" + }, { "$ref": "#/definitions/AWS::Cognito::UserPool" }, @@ -274389,6 +328275,9 @@ { "$ref": "#/definitions/AWS::Config::StoredQuery" }, + { + "$ref": "#/definitions/AWS::Connect::AgentStatus" + }, { "$ref": "#/definitions/AWS::Connect::ApprovedOrigin" }, @@ -274398,6 +328287,12 @@ { "$ref": "#/definitions/AWS::Connect::ContactFlowModule" }, + { + "$ref": "#/definitions/AWS::Connect::ContactFlowVersion" + }, + { + "$ref": "#/definitions/AWS::Connect::EmailAddress" + }, { "$ref": "#/definitions/AWS::Connect::EvaluationForm" }, @@ -274452,6 +328347,9 @@ { "$ref": "#/definitions/AWS::Connect::UserHierarchyGroup" }, + { + "$ref": "#/definitions/AWS::Connect::UserHierarchyStructure" + }, { "$ref": "#/definitions/AWS::Connect::View" }, @@ -274461,6 +328359,9 @@ { "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign" }, + { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign" + }, { "$ref": "#/definitions/AWS::ControlTower::EnabledBaseline" }, @@ -274479,12 +328380,18 @@ { "$ref": "#/definitions/AWS::CustomerProfiles::EventStream" }, + { + "$ref": "#/definitions/AWS::CustomerProfiles::EventTrigger" + }, { "$ref": "#/definitions/AWS::CustomerProfiles::Integration" }, { "$ref": "#/definitions/AWS::CustomerProfiles::ObjectType" }, + { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition" + }, { "$ref": "#/definitions/AWS::DAX::Cluster" }, @@ -274500,6 +328407,9 @@ { "$ref": "#/definitions/AWS::DMS::Certificate" }, + { + "$ref": "#/definitions/AWS::DMS::DataMigration" + }, { "$ref": "#/definitions/AWS::DMS::DataProvider" }, @@ -274527,6 +328437,9 @@ { "$ref": "#/definitions/AWS::DMS::ReplicationTask" }, + { + "$ref": "#/definitions/AWS::DSQL::Cluster" + }, { "$ref": "#/definitions/AWS::DataBrew::Dataset" }, @@ -274585,10 +328498,10 @@ "$ref": "#/definitions/AWS::DataSync::LocationSMB" }, { - "$ref": "#/definitions/AWS::DataSync::StorageSystem" + "$ref": "#/definitions/AWS::DataSync::Task" }, { - "$ref": "#/definitions/AWS::DataSync::Task" + "$ref": "#/definitions/AWS::DataZone::Connection" }, { "$ref": "#/definitions/AWS::DataZone::DataSource" @@ -274596,21 +328509,42 @@ { "$ref": "#/definitions/AWS::DataZone::Domain" }, + { + "$ref": "#/definitions/AWS::DataZone::DomainUnit" + }, { "$ref": "#/definitions/AWS::DataZone::Environment" }, + { + "$ref": "#/definitions/AWS::DataZone::EnvironmentActions" + }, { "$ref": "#/definitions/AWS::DataZone::EnvironmentBlueprintConfiguration" }, { "$ref": "#/definitions/AWS::DataZone::EnvironmentProfile" }, + { + "$ref": "#/definitions/AWS::DataZone::GroupProfile" + }, + { + "$ref": "#/definitions/AWS::DataZone::Owner" + }, { "$ref": "#/definitions/AWS::DataZone::Project" }, + { + "$ref": "#/definitions/AWS::DataZone::ProjectMembership" + }, + { + "$ref": "#/definitions/AWS::DataZone::ProjectProfile" + }, { "$ref": "#/definitions/AWS::DataZone::SubscriptionTarget" }, + { + "$ref": "#/definitions/AWS::DataZone::UserProfile" + }, { "$ref": "#/definitions/AWS::Deadline::Farm" }, @@ -274620,9 +328554,15 @@ { "$ref": "#/definitions/AWS::Deadline::LicenseEndpoint" }, + { + "$ref": "#/definitions/AWS::Deadline::Limit" + }, { "$ref": "#/definitions/AWS::Deadline::MeteredProduct" }, + { + "$ref": "#/definitions/AWS::Deadline::Monitor" + }, { "$ref": "#/definitions/AWS::Deadline::Queue" }, @@ -274632,6 +328572,9 @@ { "$ref": "#/definitions/AWS::Deadline::QueueFleetAssociation" }, + { + "$ref": "#/definitions/AWS::Deadline::QueueLimitAssociation" + }, { "$ref": "#/definitions/AWS::Deadline::StorageProfile" }, @@ -274824,6 +328767,21 @@ { "$ref": "#/definitions/AWS::EC2::Route" }, + { + "$ref": "#/definitions/AWS::EC2::RouteServer" + }, + { + "$ref": "#/definitions/AWS::EC2::RouteServerAssociation" + }, + { + "$ref": "#/definitions/AWS::EC2::RouteServerEndpoint" + }, + { + "$ref": "#/definitions/AWS::EC2::RouteServerPeer" + }, + { + "$ref": "#/definitions/AWS::EC2::RouteServerPropagation" + }, { "$ref": "#/definitions/AWS::EC2::RouteTable" }, @@ -274836,6 +328794,9 @@ { "$ref": "#/definitions/AWS::EC2::SecurityGroupIngress" }, + { + "$ref": "#/definitions/AWS::EC2::SecurityGroupVpcAssociation" + }, { "$ref": "#/definitions/AWS::EC2::SnapshotBlockPublicAccess" }, @@ -274908,6 +328869,12 @@ { "$ref": "#/definitions/AWS::EC2::VPC" }, + { + "$ref": "#/definitions/AWS::EC2::VPCBlockPublicAccessExclusion" + }, + { + "$ref": "#/definitions/AWS::EC2::VPCBlockPublicAccessOptions" + }, { "$ref": "#/definitions/AWS::EC2::VPCCidrBlock" }, @@ -274971,6 +328938,9 @@ { "$ref": "#/definitions/AWS::ECR::RegistryPolicy" }, + { + "$ref": "#/definitions/AWS::ECR::RegistryScanningConfiguration" + }, { "$ref": "#/definitions/AWS::ECR::ReplicationConfiguration" }, @@ -275061,6 +329031,9 @@ { "$ref": "#/definitions/AWS::EMRServerless::Application" }, + { + "$ref": "#/definitions/AWS::EVS::Environment" + }, { "$ref": "#/definitions/AWS::ElastiCache::CacheCluster" }, @@ -275214,6 +329187,9 @@ { "$ref": "#/definitions/AWS::FSx::FileSystem" }, + { + "$ref": "#/definitions/AWS::FSx::S3AccessPointAttachment" + }, { "$ref": "#/definitions/AWS::FSx::Snapshot" }, @@ -275259,6 +329235,9 @@ { "$ref": "#/definitions/AWS::GameLift::Build" }, + { + "$ref": "#/definitions/AWS::GameLift::ContainerFleet" + }, { "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition" }, @@ -275352,6 +329331,9 @@ { "$ref": "#/definitions/AWS::Glue::Trigger" }, + { + "$ref": "#/definitions/AWS::Glue::UsageProfile" + }, { "$ref": "#/definitions/AWS::Glue::Workflow" }, @@ -275430,12 +329412,18 @@ { "$ref": "#/definitions/AWS::GuardDuty::IPSet" }, + { + "$ref": "#/definitions/AWS::GuardDuty::MalwareProtectionPlan" + }, { "$ref": "#/definitions/AWS::GuardDuty::Master" }, { "$ref": "#/definitions/AWS::GuardDuty::Member" }, + { + "$ref": "#/definitions/AWS::GuardDuty::PublishingDestination" + }, { "$ref": "#/definitions/AWS::GuardDuty::ThreatIntelSet" }, @@ -275499,12 +329487,18 @@ { "$ref": "#/definitions/AWS::IVS::EncoderConfiguration" }, + { + "$ref": "#/definitions/AWS::IVS::IngestConfiguration" + }, { "$ref": "#/definitions/AWS::IVS::PlaybackKeyPair" }, { "$ref": "#/definitions/AWS::IVS::PlaybackRestrictionPolicy" }, + { + "$ref": "#/definitions/AWS::IVS::PublicKey" + }, { "$ref": "#/definitions/AWS::IVS::RecordingConfiguration" }, @@ -275575,13 +329569,7 @@ "$ref": "#/definitions/AWS::InternetMonitor::Monitor" }, { - "$ref": "#/definitions/AWS::IoT1Click::Device" - }, - { - "$ref": "#/definitions/AWS::IoT1Click::Placement" - }, - { - "$ref": "#/definitions/AWS::IoT1Click::Project" + "$ref": "#/definitions/AWS::Invoicing::InvoiceUnit" }, { "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration" @@ -275601,6 +329589,9 @@ { "$ref": "#/definitions/AWS::IoT::CertificateProvider" }, + { + "$ref": "#/definitions/AWS::IoT::Command" + }, { "$ref": "#/definitions/AWS::IoT::CustomMetric" }, @@ -275709,6 +329700,9 @@ { "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog" }, + { + "$ref": "#/definitions/AWS::IoTFleetWise::StateTemplate" + }, { "$ref": "#/definitions/AWS::IoTFleetWise::Vehicle" }, @@ -275724,6 +329718,9 @@ { "$ref": "#/definitions/AWS::IoTSiteWise::Dashboard" }, + { + "$ref": "#/definitions/AWS::IoTSiteWise::Dataset" + }, { "$ref": "#/definitions/AWS::IoTSiteWise::Gateway" }, @@ -275814,6 +329811,9 @@ { "$ref": "#/definitions/AWS::KendraRanking::ExecutionPlan" }, + { + "$ref": "#/definitions/AWS::Kinesis::ResourcePolicy" + }, { "$ref": "#/definitions/AWS::Kinesis::Stream" }, @@ -275901,6 +329901,9 @@ { "$ref": "#/definitions/AWS::Lambda::Version" }, + { + "$ref": "#/definitions/AWS::LaunchWizard::Deployment" + }, { "$ref": "#/definitions/AWS::Lex::Bot" }, @@ -275943,6 +329946,9 @@ { "$ref": "#/definitions/AWS::Lightsail::Instance" }, + { + "$ref": "#/definitions/AWS::Lightsail::InstanceSnapshot" + }, { "$ref": "#/definitions/AWS::Lightsail::LoadBalancer" }, @@ -275988,6 +329994,9 @@ { "$ref": "#/definitions/AWS::Logs::Destination" }, + { + "$ref": "#/definitions/AWS::Logs::Integration" + }, { "$ref": "#/definitions/AWS::Logs::LogAnomalyDetector" }, @@ -276009,6 +330018,9 @@ { "$ref": "#/definitions/AWS::Logs::SubscriptionFilter" }, + { + "$ref": "#/definitions/AWS::Logs::Transformer" + }, { "$ref": "#/definitions/AWS::LookoutEquipment::InferenceScheduler" }, @@ -276024,9 +330036,18 @@ { "$ref": "#/definitions/AWS::M2::Application" }, + { + "$ref": "#/definitions/AWS::M2::Deployment" + }, { "$ref": "#/definitions/AWS::M2::Environment" }, + { + "$ref": "#/definitions/AWS::MPA::ApprovalTeam" + }, + { + "$ref": "#/definitions/AWS::MPA::IdentitySource" + }, { "$ref": "#/definitions/AWS::MSK::BatchScramSecret" }, @@ -276111,6 +330132,24 @@ { "$ref": "#/definitions/AWS::MediaLive::Channel" }, + { + "$ref": "#/definitions/AWS::MediaLive::ChannelPlacementGroup" + }, + { + "$ref": "#/definitions/AWS::MediaLive::CloudWatchAlarmTemplate" + }, + { + "$ref": "#/definitions/AWS::MediaLive::CloudWatchAlarmTemplateGroup" + }, + { + "$ref": "#/definitions/AWS::MediaLive::Cluster" + }, + { + "$ref": "#/definitions/AWS::MediaLive::EventBridgeRuleTemplate" + }, + { + "$ref": "#/definitions/AWS::MediaLive::EventBridgeRuleTemplateGroup" + }, { "$ref": "#/definitions/AWS::MediaLive::Input" }, @@ -276123,6 +330162,15 @@ { "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram" }, + { + "$ref": "#/definitions/AWS::MediaLive::Network" + }, + { + "$ref": "#/definitions/AWS::MediaLive::SdiSource" + }, + { + "$ref": "#/definitions/AWS::MediaLive::SignalMap" + }, { "$ref": "#/definitions/AWS::MediaPackage::Asset" }, @@ -276180,6 +330228,9 @@ { "$ref": "#/definitions/AWS::MemoryDB::Cluster" }, + { + "$ref": "#/definitions/AWS::MemoryDB::MultiRegionCluster" + }, { "$ref": "#/definitions/AWS::MemoryDB::ParameterGroup" }, @@ -276204,6 +330255,9 @@ { "$ref": "#/definitions/AWS::Neptune::DBSubnetGroup" }, + { + "$ref": "#/definitions/AWS::Neptune::EventSubscription" + }, { "$ref": "#/definitions/AWS::NeptuneGraph::Graph" }, @@ -276225,6 +330279,9 @@ { "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration" }, + { + "$ref": "#/definitions/AWS::NetworkFirewall::VpcEndpointAssociation" + }, { "$ref": "#/definitions/AWS::NetworkManager::ConnectAttachment" }, @@ -276240,6 +330297,9 @@ { "$ref": "#/definitions/AWS::NetworkManager::Device" }, + { + "$ref": "#/definitions/AWS::NetworkManager::DirectConnectGatewayAttachment" + }, { "$ref": "#/definitions/AWS::NetworkManager::GlobalNetwork" }, @@ -276268,16 +330328,37 @@ "$ref": "#/definitions/AWS::NetworkManager::VpcAttachment" }, { - "$ref": "#/definitions/AWS::NimbleStudio::LaunchProfile" + "$ref": "#/definitions/AWS::Notifications::ChannelAssociation" + }, + { + "$ref": "#/definitions/AWS::Notifications::EventRule" }, { - "$ref": "#/definitions/AWS::NimbleStudio::StreamingImage" + "$ref": "#/definitions/AWS::Notifications::ManagedNotificationAccountContactAssociation" }, { - "$ref": "#/definitions/AWS::NimbleStudio::Studio" + "$ref": "#/definitions/AWS::Notifications::ManagedNotificationAdditionalChannelAssociation" }, { - "$ref": "#/definitions/AWS::NimbleStudio::StudioComponent" + "$ref": "#/definitions/AWS::Notifications::NotificationConfiguration" + }, + { + "$ref": "#/definitions/AWS::Notifications::NotificationHub" + }, + { + "$ref": "#/definitions/AWS::NotificationsContacts::EmailContact" + }, + { + "$ref": "#/definitions/AWS::ODB::CloudAutonomousVmCluster" + }, + { + "$ref": "#/definitions/AWS::ODB::CloudExadataInfrastructure" + }, + { + "$ref": "#/definitions/AWS::ODB::CloudVmCluster" + }, + { + "$ref": "#/definitions/AWS::ODB::OdbNetwork" }, { "$ref": "#/definitions/AWS::OSIS::Pipeline" @@ -276306,12 +330387,18 @@ { "$ref": "#/definitions/AWS::Omics::Workflow" }, + { + "$ref": "#/definitions/AWS::Omics::WorkflowVersion" + }, { "$ref": "#/definitions/AWS::OpenSearchServerless::AccessPolicy" }, { "$ref": "#/definitions/AWS::OpenSearchServerless::Collection" }, + { + "$ref": "#/definitions/AWS::OpenSearchServerless::Index" + }, { "$ref": "#/definitions/AWS::OpenSearchServerless::LifecyclePolicy" }, @@ -276324,6 +330411,9 @@ { "$ref": "#/definitions/AWS::OpenSearchServerless::VpcEndpoint" }, + { + "$ref": "#/definitions/AWS::OpenSearchService::Application" + }, { "$ref": "#/definitions/AWS::OpenSearchService::Domain" }, @@ -276381,6 +330471,21 @@ { "$ref": "#/definitions/AWS::PCAConnectorAD::TemplateGroupAccessControlEntry" }, + { + "$ref": "#/definitions/AWS::PCAConnectorSCEP::Challenge" + }, + { + "$ref": "#/definitions/AWS::PCAConnectorSCEP::Connector" + }, + { + "$ref": "#/definitions/AWS::PCS::Cluster" + }, + { + "$ref": "#/definitions/AWS::PCS::ComputeNodeGroup" + }, + { + "$ref": "#/definitions/AWS::PCS::Queue" + }, { "$ref": "#/definitions/AWS::Panorama::ApplicationInstance" }, @@ -276489,6 +330594,30 @@ { "$ref": "#/definitions/AWS::Proton::ServiceTemplate" }, + { + "$ref": "#/definitions/AWS::QBusiness::Application" + }, + { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor" + }, + { + "$ref": "#/definitions/AWS::QBusiness::DataSource" + }, + { + "$ref": "#/definitions/AWS::QBusiness::Index" + }, + { + "$ref": "#/definitions/AWS::QBusiness::Permission" + }, + { + "$ref": "#/definitions/AWS::QBusiness::Plugin" + }, + { + "$ref": "#/definitions/AWS::QBusiness::Retriever" + }, + { + "$ref": "#/definitions/AWS::QBusiness::WebExperience" + }, { "$ref": "#/definitions/AWS::QLDB::Ledger" }, @@ -276498,6 +330627,9 @@ { "$ref": "#/definitions/AWS::QuickSight::Analysis" }, + { + "$ref": "#/definitions/AWS::QuickSight::CustomPermissions" + }, { "$ref": "#/definitions/AWS::QuickSight::Dashboard" }, @@ -276507,6 +330639,9 @@ { "$ref": "#/definitions/AWS::QuickSight::DataSource" }, + { + "$ref": "#/definitions/AWS::QuickSight::Folder" + }, { "$ref": "#/definitions/AWS::QuickSight::RefreshSchedule" }, @@ -276558,6 +330693,9 @@ { "$ref": "#/definitions/AWS::RDS::DBSecurityGroupIngress" }, + { + "$ref": "#/definitions/AWS::RDS::DBShardGroup" + }, { "$ref": "#/definitions/AWS::RDS::DBSubnetGroup" }, @@ -276576,6 +330714,9 @@ { "$ref": "#/definitions/AWS::RUM::AppMonitor" }, + { + "$ref": "#/definitions/AWS::Rbin::Rule" + }, { "$ref": "#/definitions/AWS::Redshift::Cluster" }, @@ -276600,12 +330741,18 @@ { "$ref": "#/definitions/AWS::Redshift::EventSubscription" }, + { + "$ref": "#/definitions/AWS::Redshift::Integration" + }, { "$ref": "#/definitions/AWS::Redshift::ScheduledAction" }, { "$ref": "#/definitions/AWS::RedshiftServerless::Namespace" }, + { + "$ref": "#/definitions/AWS::RedshiftServerless::Snapshot" + }, { "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup" }, @@ -276648,6 +330795,9 @@ { "$ref": "#/definitions/AWS::ResourceGroups::Group" }, + { + "$ref": "#/definitions/AWS::ResourceGroups::TagSyncTask" + }, { "$ref": "#/definitions/AWS::RoboMaker::Fleet" }, @@ -276792,6 +330942,9 @@ { "$ref": "#/definitions/AWS::S3::StorageLensGroup" }, + { + "$ref": "#/definitions/AWS::S3Express::AccessPoint" + }, { "$ref": "#/definitions/AWS::S3Express::BucketPolicy" }, @@ -276816,6 +330969,21 @@ { "$ref": "#/definitions/AWS::S3Outposts::Endpoint" }, + { + "$ref": "#/definitions/AWS::S3Tables::Namespace" + }, + { + "$ref": "#/definitions/AWS::S3Tables::Table" + }, + { + "$ref": "#/definitions/AWS::S3Tables::TableBucket" + }, + { + "$ref": "#/definitions/AWS::S3Tables::TableBucketPolicy" + }, + { + "$ref": "#/definitions/AWS::S3Tables::TablePolicy" + }, { "$ref": "#/definitions/AWS::SDB::Domain" }, @@ -276834,6 +331002,30 @@ { "$ref": "#/definitions/AWS::SES::EmailIdentity" }, + { + "$ref": "#/definitions/AWS::SES::MailManagerAddonInstance" + }, + { + "$ref": "#/definitions/AWS::SES::MailManagerAddonSubscription" + }, + { + "$ref": "#/definitions/AWS::SES::MailManagerAddressList" + }, + { + "$ref": "#/definitions/AWS::SES::MailManagerArchive" + }, + { + "$ref": "#/definitions/AWS::SES::MailManagerIngressPoint" + }, + { + "$ref": "#/definitions/AWS::SES::MailManagerRelay" + }, + { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet" + }, + { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy" + }, { "$ref": "#/definitions/AWS::SES::ReceiptFilter" }, @@ -276909,15 +331101,30 @@ { "$ref": "#/definitions/AWS::SSMContacts::Rotation" }, + { + "$ref": "#/definitions/AWS::SSMGuiConnect::Preferences" + }, { "$ref": "#/definitions/AWS::SSMIncidents::ReplicationSet" }, { "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan" }, + { + "$ref": "#/definitions/AWS::SSMQuickSetup::ConfigurationManager" + }, + { + "$ref": "#/definitions/AWS::SSO::Application" + }, + { + "$ref": "#/definitions/AWS::SSO::ApplicationAssignment" + }, { "$ref": "#/definitions/AWS::SSO::Assignment" }, + { + "$ref": "#/definitions/AWS::SSO::Instance" + }, { "$ref": "#/definitions/AWS::SSO::InstanceAccessControlAttributeConfiguration" }, @@ -276930,6 +331137,9 @@ { "$ref": "#/definitions/AWS::SageMaker::AppImageConfig" }, + { + "$ref": "#/definitions/AWS::SageMaker::Cluster" + }, { "$ref": "#/definitions/AWS::SageMaker::CodeRepository" }, @@ -276966,6 +331176,9 @@ { "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment" }, + { + "$ref": "#/definitions/AWS::SageMaker::MlflowTrackingServer" + }, { "$ref": "#/definitions/AWS::SageMaker::Model" }, @@ -276996,6 +331209,9 @@ { "$ref": "#/definitions/AWS::SageMaker::NotebookInstanceLifecycleConfig" }, + { + "$ref": "#/definitions/AWS::SageMaker::PartnerApp" + }, { "$ref": "#/definitions/AWS::SageMaker::Pipeline" }, @@ -277005,6 +331221,9 @@ { "$ref": "#/definitions/AWS::SageMaker::Space" }, + { + "$ref": "#/definitions/AWS::SageMaker::StudioLifecycleConfig" + }, { "$ref": "#/definitions/AWS::SageMaker::UserProfile" }, @@ -277029,21 +331248,45 @@ { "$ref": "#/definitions/AWS::SecretsManager::SecretTargetAttachment" }, + { + "$ref": "#/definitions/AWS::SecurityHub::AggregatorV2" + }, { "$ref": "#/definitions/AWS::SecurityHub::AutomationRule" }, + { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2" + }, + { + "$ref": "#/definitions/AWS::SecurityHub::ConfigurationPolicy" + }, { "$ref": "#/definitions/AWS::SecurityHub::DelegatedAdmin" }, + { + "$ref": "#/definitions/AWS::SecurityHub::FindingAggregator" + }, { "$ref": "#/definitions/AWS::SecurityHub::Hub" }, + { + "$ref": "#/definitions/AWS::SecurityHub::HubV2" + }, { "$ref": "#/definitions/AWS::SecurityHub::Insight" }, + { + "$ref": "#/definitions/AWS::SecurityHub::OrganizationConfiguration" + }, + { + "$ref": "#/definitions/AWS::SecurityHub::PolicyAssociation" + }, { "$ref": "#/definitions/AWS::SecurityHub::ProductSubscription" }, + { + "$ref": "#/definitions/AWS::SecurityHub::SecurityControl" + }, { "$ref": "#/definitions/AWS::SecurityHub::Standard" }, @@ -277056,6 +331299,9 @@ { "$ref": "#/definitions/AWS::SecurityLake::Subscriber" }, + { + "$ref": "#/definitions/AWS::SecurityLake::SubscriberNotification" + }, { "$ref": "#/definitions/AWS::ServiceCatalog::AcceptedPortfolioShare" }, @@ -277212,6 +331458,9 @@ { "$ref": "#/definitions/AWS::Transfer::User" }, + { + "$ref": "#/definitions/AWS::Transfer::WebApp" + }, { "$ref": "#/definitions/AWS::Transfer::Workflow" }, @@ -277239,6 +331488,12 @@ { "$ref": "#/definitions/AWS::VpcLattice::Listener" }, + { + "$ref": "#/definitions/AWS::VpcLattice::ResourceConfiguration" + }, + { + "$ref": "#/definitions/AWS::VpcLattice::ResourceGateway" + }, { "$ref": "#/definitions/AWS::VpcLattice::ResourcePolicy" }, @@ -277251,6 +331506,9 @@ { "$ref": "#/definitions/AWS::VpcLattice::ServiceNetwork" }, + { + "$ref": "#/definitions/AWS::VpcLattice::ServiceNetworkResourceAssociation" + }, { "$ref": "#/definitions/AWS::VpcLattice::ServiceNetworkServiceAssociation" }, @@ -277332,6 +331590,24 @@ { "$ref": "#/definitions/AWS::WAFv2::WebACLAssociation" }, + { + "$ref": "#/definitions/AWS::Wisdom::AIAgent" + }, + { + "$ref": "#/definitions/AWS::Wisdom::AIAgentVersion" + }, + { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrail" + }, + { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrailVersion" + }, + { + "$ref": "#/definitions/AWS::Wisdom::AIPrompt" + }, + { + "$ref": "#/definitions/AWS::Wisdom::AIPromptVersion" + }, { "$ref": "#/definitions/AWS::Wisdom::Assistant" }, @@ -277341,18 +331617,33 @@ { "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase" }, + { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate" + }, + { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplateVersion" + }, + { + "$ref": "#/definitions/AWS::Wisdom::QuickResponse" + }, { "$ref": "#/definitions/AWS::WorkSpaces::ConnectionAlias" }, { "$ref": "#/definitions/AWS::WorkSpaces::Workspace" }, + { + "$ref": "#/definitions/AWS::WorkSpaces::WorkspacesPool" + }, { "$ref": "#/definitions/AWS::WorkSpacesThinClient::Environment" }, { "$ref": "#/definitions/AWS::WorkSpacesWeb::BrowserSettings" }, + { + "$ref": "#/definitions/AWS::WorkSpacesWeb::DataProtectionSettings" + }, { "$ref": "#/definitions/AWS::WorkSpacesWeb::IdentityProvider" }, @@ -277374,6 +331665,15 @@ { "$ref": "#/definitions/AWS::WorkSpacesWeb::UserSettings" }, + { + "$ref": "#/definitions/AWS::WorkspacesInstances::Volume" + }, + { + "$ref": "#/definitions/AWS::WorkspacesInstances::VolumeAssociation" + }, + { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance" + }, { "$ref": "#/definitions/AWS::XRay::Group" }, @@ -277383,6 +331683,9 @@ { "$ref": "#/definitions/AWS::XRay::SamplingRule" }, + { + "$ref": "#/definitions/AWS::XRay::TransactionSearchConfig" + }, { "$ref": "#/definitions/Alexa::ASK::Skill" },